From e59236fc17d2b404946a17d4af213c491294a81c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 27 Jan 2018 23:32:46 +0100
Subject: [PATCH 001/889] Add PSA crypto module

New module psa_crypto.c (MBEDTLS_PSA_CRYPTO_C):
Platform Security Architecture compatibility layer on top of
libmedcrypto.

Implement psa_crypto_init function which sets up a RNG.

Add a mbedtls_psa_crypto_free function which deinitializes the
library.

Define a first batch of error codes.
---
 include/mbedtls/check_config.h              |  6 ++
 include/mbedtls/config.h                    | 14 ++-
 include/psa/crypto.h                        | 90 +++++++++++++++++++
 include/psa/crypto_extra.h                  | 46 ++++++++++
 include/psa/crypto_platform.h               | 39 +++++++++
 library/CMakeLists.txt                      |  1 +
 library/Makefile                            |  1 +
 library/psa_crypto.c                        | 97 +++++++++++++++++++++
 library/version_features.c                  |  3 +
 tests/suites/test_suite_psa_crypto.data     |  2 +
 tests/suites/test_suite_psa_crypto.function | 24 +++++
 visualc/VS2010/mbedTLS.vcxproj              |  4 +
 12 files changed, 326 insertions(+), 1 deletion(-)
 create mode 100644 include/psa/crypto.h
 create mode 100644 include/psa/crypto_extra.h
 create mode 100644 include/psa/crypto_platform.h
 create mode 100644 library/psa_crypto.c
 create mode 100644 tests/suites/test_suite_psa_crypto.data
 create mode 100644 tests/suites/test_suite_psa_crypto.function

diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 9e6bb8a46..41c3f2458 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -486,6 +486,12 @@
 #error "MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO and MBEDTLS_PLATFORM_STD_NV_SEED_WRITE cannot be defined simultaneously"
 #endif
 
+#if defined(MBEDTLS_PSA_CRYPTO_C) &&            \
+    !( defined(MBEDTLS_CTR_DRBG_C) &&           \
+       defined(MBEDTLS_ENTROPY_C) )
+#error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites"
+#endif
+
 #if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) ||         \
     !defined(MBEDTLS_OID_C) )
 #error "MBEDTLS_RSA_C defined, but not all prerequisites"
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 052aed0d3..dc112a91d 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -2013,7 +2013,7 @@
  * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
  *
  */
-//#define MBEDTLS_CMAC_C
+#define MBEDTLS_CMAC_C
 
 /**
  * \def MBEDTLS_CTR_DRBG_C
@@ -2555,6 +2555,18 @@
  */
 #define MBEDTLS_POLY1305_C
 
+/**
+* \def MBEDTLS_PSA_CRYPTO_C
+ *
+ * Enable the Platform Security Architecture cryptography API.
+ *
+ * Module:  library/psa_crypto.c
+ *
+ * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C
+ *
+ */
+#define MBEDTLS_PSA_CRYPTO_C
+
 /**
  * \def MBEDTLS_RIPEMD160_C
  *
diff --git a/include/psa/crypto.h b/include/psa/crypto.h
new file mode 100644
index 000000000..fc299af39
--- /dev/null
+++ b/include/psa/crypto.h
@@ -0,0 +1,90 @@
+/**
+ * \file psa/crypto.h
+ * \brief Platform Security Architecture cryptography module
+ */
+
+#ifndef PSA_CRYPTO_H
+#define PSA_CRYPTO_H
+
+#include "crypto_platform.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/** \defgroup basic Basic definitions
+ * @{
+ */
+
+/**
+ * \brief Function return status.
+ *
+ * Zero indicates success, anything else indicates an error.
+ */
+typedef enum {
+    /** The action was completed successfully. */
+    PSA_SUCCESS = 0,
+    /** The requested operation or a parameter is not supported
+        by this implementation. */
+    PSA_ERROR_NOT_SUPPORTED,
+    /** The requested action is denied by a policy. */
+    PSA_ERROR_NOT_PERMITTED,
+    /** An output buffer is too small. */
+    PSA_ERROR_BUFFER_TOO_SMALL,
+    /** A slot is occupied, but must be empty to carry out the
+        requested action. */
+    PSA_ERROR_OCCUPIED_SLOT,
+    /** A slot is empty, but must be occupied to carry out the
+        requested action. */
+    PSA_ERROR_EMPTY_SLOT,
+    /** The requested action cannot be performed in the current state. */
+    PSA_ERROR_BAD_STATE,
+    /** The parameters passed to the function are invalid. */
+    PSA_ERROR_INVALID_ARGUMENT,
+    /** There is not enough runtime memory. */
+    PSA_ERROR_INSUFFICIENT_MEMORY,
+    /** There is not enough persistent storage. */
+    PSA_ERROR_INSUFFICIENT_STORAGE,
+    /** There was a communication failure inside the implementation. */
+    PSA_ERROR_COMMUNICATION_FAILURE,
+    /** A hardware failure was detected. */
+    PSA_ERROR_HARDWARE_FAILURE,
+    /** A tampering attempt was detected. */
+    PSA_ERROR_TAMPERING_DETECTED,
+    /** There is not enough entropy to generate random data needed
+        for the requested action. */
+    PSA_ERROR_INSUFFICIENT_ENTROPY,
+    /** The signature or MAC is incorrect. */
+    PSA_ERROR_INVALID_SIGNATURE,
+    /** An error occurred that does not correspond to any defined
+        failure cause. */
+    PSA_ERROR_UNKNOWN_ERROR,
+} psa_status_t;
+
+/**
+ * \brief Library initialization.
+ *
+ * Applications must call this function before calling any other
+ * function in this module.
+ *
+ * Applications may call this function more than once. Once a call
+ * succeeds, subsequent calls are guaranteed to succeed.
+ *
+ * \return * \c PSA_SUCCESS: success.
+ *         * \c PSA_ERROR_INSUFFICIENT_MEMORY
+ *         * \c PSA_ERROR_COMMUNICATION_FAILURE
+ *         * \c PSA_ERROR_HARDWARE_FAILURE
+ *         * \c PSA_ERROR_TAMPERING_DETECTED
+ *         * \c PSA_ERROR_INSUFFICIENT_ENTROPY
+ */
+psa_status_t psa_crypto_init(void);
+
+/**@}*/
+
+#ifdef __cplusplus
+}
+#endif
+
+#include "crypto_extra.h"
+
+#endif /* PSA_CRYPTO_H */
diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
new file mode 100644
index 000000000..b9e12bb6f
--- /dev/null
+++ b/include/psa/crypto_extra.h
@@ -0,0 +1,46 @@
+/**
+ * \file psa/crypto_extra.h
+ *
+ * \brief PSA cryptography module: Mbed TLS vendor extensions
+ */
+/*
+ *  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_EXTRA_H
+#define PSA_CRYPTO_EXTRA_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * \brief Library deinitialization.
+ *
+ * This function clears all data associated with the PSA layer,
+ * including the whole key store.
+ *
+ * This is an Mbed TLS extension.
+ */
+void mbedtls_psa_crypto_free( void );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* PSA_CRYPTO_EXTRA_H */
diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h
new file mode 100644
index 000000000..eafc0b3ea
--- /dev/null
+++ b/include/psa/crypto_platform.h
@@ -0,0 +1,39 @@
+/**
+ * \file psa/crypto_platform.h
+ *
+ * \brief PSA cryptography module: Mbed TLS platfom definitions
+ */
+/*
+ *  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_PLATFORM_H
+#define PSA_CRYPTO_PLATFORM_H
+
+/* Include the Mbed TLS configuration file, the way Mbed TLS does it
+ * in each of its header files. */
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "../mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+/* PSA requires several types which C99 provides in stdint.h. */
+#include <stdint.h>
+
+#endif /* PSA_CRYPTO_PLATFORM_H */
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index 6a280fe70..07811f9d0 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -53,6 +53,7 @@ set(src_crypto
     platform.c
     platform_util.c
     poly1305.c
+    psa_crypto.c
     ripemd160.c
     rsa.c
     rsa_internal.c
diff --git a/library/Makefile b/library/Makefile
index 430c59881..f4b39bdeb 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -81,6 +81,7 @@ OBJS_CRYPTO=	aes.o		aesni.o		arc4.o		\
 		pk.o		pk_wrap.o	pkcs12.o	\
 		pkcs5.o		pkparse.o	pkwrite.o	\
 		platform.o	platform_util.o	poly1305.o	\
+		psa_crypto.o					\
 		ripemd160.o	rsa_internal.o	rsa.o  		\
 		sha1.o		sha256.o	sha512.o	\
 		threading.o	timing.o	version.o	\
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
new file mode 100644
index 000000000..ca25bb487
--- /dev/null
+++ b/library/psa_crypto.c
@@ -0,0 +1,97 @@
+/*
+ *  PSA crypto layer on top of Mbed TLS crypto
+ */
+/*  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include "psa/crypto.h"
+
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/entropy.h"
+
+
+/* Implementation that should never be optimized out by the compiler */
+static void mbedtls_zeroize( void *v, size_t n )
+{
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+typedef struct {
+    int initialized;
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+} psa_global_data_t;
+
+static psa_global_data_t global_data;
+
+static psa_status_t mbedtls_to_psa_error( int ret )
+{
+    switch( ret )
+    {
+        case 0:
+            return( PSA_SUCCESS );
+        case MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED:
+        case MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE:
+        case MBEDTLS_ERR_ENTROPY_SOURCE_FAILED:
+            return( PSA_ERROR_INSUFFICIENT_ENTROPY );
+        default:
+            return( PSA_ERROR_UNKNOWN_ERROR );
+    }
+}
+
+void mbedtls_psa_crypto_free( void )
+{
+    mbedtls_ctr_drbg_free( &global_data.ctr_drbg );
+    mbedtls_entropy_free( &global_data.entropy );
+    mbedtls_zeroize( &global_data, sizeof( global_data ) );
+}
+
+psa_status_t psa_crypto_init( void )
+{
+    int ret;
+    const unsigned char drbg_seed[] = "PSA";
+
+    if( global_data.initialized != 0 )
+        return( PSA_SUCCESS );
+
+    mbedtls_zeroize( &global_data, sizeof( global_data ) );
+    mbedtls_entropy_init( &global_data.entropy );
+    mbedtls_ctr_drbg_init( &global_data.ctr_drbg );
+
+    ret = mbedtls_ctr_drbg_seed( &global_data.ctr_drbg,
+                                 mbedtls_entropy_func,
+                                 &global_data.entropy,
+                                 drbg_seed, sizeof( drbg_seed ) - 1 );
+    if( ret != 0 )
+        goto exit;
+
+exit:
+    if( ret != 0 )
+        mbedtls_psa_crypto_free( );
+    return( mbedtls_to_psa_error( ret ) );
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/library/version_features.c b/library/version_features.c
index 777b6034c..b77bf2658 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -678,6 +678,9 @@ static const char *features[] = {
 #if defined(MBEDTLS_POLY1305_C)
     "MBEDTLS_POLY1305_C",
 #endif /* MBEDTLS_POLY1305_C */
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+    "MBEDTLS_PSA_CRYPTO_C",
+#endif /* MBEDTLS_PSA_CRYPTO_C */
 #if defined(MBEDTLS_RIPEMD160_C)
     "MBEDTLS_RIPEMD160_C",
 #endif /* MBEDTLS_RIPEMD160_C */
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
new file mode 100644
index 000000000..3d7689bd2
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -0,0 +1,2 @@
+PSA init/deinit
+init_deinit:
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
new file mode 100644
index 000000000..9d9eee47b
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -0,0 +1,24 @@
+/* BEGIN_HEADER */
+#include "psa/crypto.h"
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void init_deinit()
+{
+    psa_status_t ret;
+    int i;
+    for( i = 0; i <= 1; i++ )
+    {
+        ret = psa_crypto_init( );
+        TEST_ASSERT( ret == PSA_SUCCESS );
+        ret = psa_crypto_init( );
+        TEST_ASSERT( ret == PSA_SUCCESS );
+        mbedtls_psa_crypto_free( );
+    }
+}
+/* END_CASE */
diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 73c92bda5..2c569e52d 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -224,6 +224,9 @@
     <ClInclude Include="..\..\include\mbedtls\x509_crt.h" />
     <ClInclude Include="..\..\include\mbedtls\x509_csr.h" />
     <ClInclude Include="..\..\include\mbedtls\xtea.h" />
+    <ClInclude Include="..\..\include\psa\crypto.h" />
+    <ClInclude Include="..\..\include\psa\crypto_platform.h" />
+    <ClInclude Include="..\..\include\psa\crypto_extra.h" />
   </ItemGroup>
   <ItemGroup>
     <ClCompile Include="..\..\library\aes.c" />
@@ -281,6 +284,7 @@
     <ClCompile Include="..\..\library\platform_util.c" />
     <ClCompile Include="..\..\library\poly1305.c" />
     <ClCompile Include="..\..\library\ripemd160.c" />
+    <ClCompile Include="..\..\library\psa_crypto.c" />
     <ClCompile Include="..\..\library\rsa.c" />
     <ClCompile Include="..\..\library\rsa_internal.c" />
     <ClCompile Include="..\..\library\sha1.c" />

From 62a7e7e65fb1c6bb0f6f0334677fa636839a5b8e Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 7 Feb 2018 21:54:47 +0100
Subject: [PATCH 002/889] Add a Doxygen-only section

This is intended to document platform-specific definitions in PSA.
---
 include/psa/crypto.h | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index fc299af39..0bd9c03eb 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -8,6 +8,14 @@
 
 #include "crypto_platform.h"
 
+#ifdef __DOXYGEN_ONLY__
+/** \defgroup platform Implementation-specific definitions
+ * @{
+ */
+
+/**@}*/
+#endif
+
 #ifdef __cplusplus
 extern "C" {
 #endif

From d8374ba92b124f4795c629c31981c3c6e4862f3b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 16 Feb 2018 20:36:55 +0100
Subject: [PATCH 003/889] New configuration file for PSA crypto

New configuration file with all cryptographic modules and
MBEDTLS_PSA_CRYPTO_C, but no X.509 or TLS.
---
 configs/config-psa-crypto.h | 1711 +++++++++++++++++++++++++++++++++++
 1 file changed, 1711 insertions(+)
 create mode 100644 configs/config-psa-crypto.h

diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h
new file mode 100644
index 000000000..9c4f62aa0
--- /dev/null
+++ b/configs/config-psa-crypto.h
@@ -0,0 +1,1711 @@
+/**
+ * \file config-psa-crypto.h
+ *
+ * \brief Configuration with all cryptography features and no X.509 or TLS.
+ *
+ * This configuration is intended to prototype the PSA reference implementation.
+ */
+/*
+ *  Copyright (C) 2006-2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_CONFIG_H
+#define MBEDTLS_CONFIG_H
+
+#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
+#define _CRT_SECURE_NO_DEPRECATE 1
+#endif
+
+/**
+ * \name SECTION: System support
+ *
+ * This section sets system specific settings.
+ * \{
+ */
+
+/**
+ * \def MBEDTLS_HAVE_ASM
+ *
+ * The compiler has support for asm().
+ *
+ * Requires support for asm() in compiler.
+ *
+ * Used in:
+ *      library/timing.c
+ *      library/padlock.c
+ *      include/mbedtls/bn_mul.h
+ *
+ * Comment to disable the use of assembly code.
+ */
+#define MBEDTLS_HAVE_ASM
+
+/**
+ * \def MBEDTLS_NO_UDBL_DIVISION
+ *
+ * The platform lacks support for double-width integer division (64-bit
+ * division on a 32-bit platform, 128-bit division on a 64-bit platform).
+ *
+ * Used in:
+ *      include/mbedtls/bignum.h
+ *      library/bignum.c
+ *
+ * The bignum code uses double-width division to speed up some operations.
+ * Double-width division is often implemented in software that needs to
+ * be linked with the program. The presence of a double-width integer
+ * type is usually detected automatically through preprocessor macros,
+ * but the automatic detection cannot know whether the code needs to
+ * and can be linked with an implementation of division for that type.
+ * By default division is assumed to be usable if the type is present.
+ * Uncomment this option to prevent the use of double-width division.
+ *
+ * Note that division for the native integer type is always required.
+ * Furthermore, a 64-bit type is always required even on a 32-bit
+ * platform, but it need not support multiplication or division. In some
+ * cases it is also desirable to disable some double-width operations. For
+ * example, if double-width division is implemented in software, disabling
+ * it can reduce code size in some embedded targets.
+ */
+//#define MBEDTLS_NO_UDBL_DIVISION
+
+/**
+ * \def MBEDTLS_HAVE_SSE2
+ *
+ * CPU supports SSE2 instruction set.
+ *
+ * Uncomment if the CPU supports SSE2 (IA-32 specific).
+ */
+//#define MBEDTLS_HAVE_SSE2
+
+/**
+ * \def MBEDTLS_PLATFORM_MEMORY
+ *
+ * Enable the memory allocation layer.
+ *
+ * By default mbed TLS uses the system-provided calloc() and free().
+ * This allows different allocators (self-implemented or provided) to be
+ * provided to the platform abstraction layer.
+ *
+ * Enabling MBEDTLS_PLATFORM_MEMORY without the
+ * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide
+ * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and
+ * free() function pointer at runtime.
+ *
+ * Enabling MBEDTLS_PLATFORM_MEMORY and specifying
+ * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the
+ * alternate function at compile time.
+ *
+ * Requires: MBEDTLS_PLATFORM_C
+ *
+ * Enable this layer to allow use of alternative memory allocators.
+ */
+//#define MBEDTLS_PLATFORM_MEMORY
+
+/**
+ * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+ *
+ * Do not assign standard functions in the platform layer (e.g. calloc() to
+ * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF)
+ *
+ * This makes sure there are no linking errors on platforms that do not support
+ * these functions. You will HAVE to provide alternatives, either at runtime
+ * via the platform_set_xxx() functions or at compile time by setting
+ * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a
+ * MBEDTLS_PLATFORM_XXX_MACRO.
+ *
+ * Requires: MBEDTLS_PLATFORM_C
+ *
+ * Uncomment to prevent default assignment of standard functions in the
+ * platform layer.
+ */
+//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+
+/**
+ * \def MBEDTLS_PLATFORM_EXIT_ALT
+ *
+ * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the
+ * function in the platform abstraction layer.
+ *
+ * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will
+ * provide a function "mbedtls_platform_set_printf()" that allows you to set an
+ * alternative printf function pointer.
+ *
+ * All these define require MBEDTLS_PLATFORM_C to be defined!
+ *
+ * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows;
+ * it will be enabled automatically by check_config.h
+ *
+ * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
+ * MBEDTLS_PLATFORM_XXX_MACRO!
+ *
+ * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
+ *
+ * Uncomment a macro to enable alternate implementation of specific base
+ * platform function
+ */
+//#define MBEDTLS_PLATFORM_EXIT_ALT
+//#define MBEDTLS_PLATFORM_TIME_ALT
+//#define MBEDTLS_PLATFORM_FPRINTF_ALT
+//#define MBEDTLS_PLATFORM_PRINTF_ALT
+//#define MBEDTLS_PLATFORM_SNPRINTF_ALT
+//#define MBEDTLS_PLATFORM_NV_SEED_ALT
+//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
+
+/**
+ * \def MBEDTLS_DEPRECATED_WARNING
+ *
+ * Mark deprecated functions so that they generate a warning if used.
+ * Functions deprecated in one version will usually be removed in the next
+ * version. You can enable this to help you prepare the transition to a new
+ * major version by making sure your code is not using these functions.
+ *
+ * This only works with GCC and Clang. With other compilers, you may want to
+ * use MBEDTLS_DEPRECATED_REMOVED
+ *
+ * Uncomment to get warnings on using deprecated functions.
+ */
+//#define MBEDTLS_DEPRECATED_WARNING
+
+/**
+ * \def MBEDTLS_DEPRECATED_REMOVED
+ *
+ * Remove deprecated functions so that they generate an error if used.
+ * Functions deprecated in one version will usually be removed in the next
+ * version. You can enable this to help you prepare the transition to a new
+ * major version by making sure your code is not using these functions.
+ *
+ * Uncomment to get errors on using deprecated functions.
+ */
+//#define MBEDTLS_DEPRECATED_REMOVED
+
+/* \} name SECTION: System support */
+
+/**
+ * \name SECTION: mbed TLS feature support
+ *
+ * This section sets support for features that are or are not needed
+ * within the modules that are enabled.
+ * \{
+ */
+
+/**
+ * \def MBEDTLS_AES_ALT
+ *
+ * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your
+ * alternate core implementation of a symmetric crypto, an arithmetic or hash
+ * module (e.g. platform specific assembly optimized implementations). Keep
+ * in mind that the function prototypes should remain the same.
+ *
+ * This replaces the whole module. If you only want to replace one of the
+ * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
+ *
+ * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer
+ * provide the "struct mbedtls_aes_context" definition and omit the base
+ * function declarations and implementations. "aes_alt.h" will be included from
+ * "aes.h" to include the new function definitions.
+ *
+ * Uncomment a macro to enable alternate implementation of the corresponding
+ * module.
+ *
+ * \warning   MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their
+ *            use constitutes a security risk. If possible, we recommend
+ *            avoiding dependencies on them, and considering stronger message
+ *            digests and ciphers instead.
+ *
+ */
+//#define MBEDTLS_AES_ALT
+//#define MBEDTLS_ARC4_ALT
+//#define MBEDTLS_BLOWFISH_ALT
+//#define MBEDTLS_CAMELLIA_ALT
+//#define MBEDTLS_CCM_ALT
+//#define MBEDTLS_CMAC_ALT
+//#define MBEDTLS_DES_ALT
+//#define MBEDTLS_DHM_ALT
+//#define MBEDTLS_ECJPAKE_ALT
+//#define MBEDTLS_GCM_ALT
+//#define MBEDTLS_MD2_ALT
+//#define MBEDTLS_MD4_ALT
+//#define MBEDTLS_MD5_ALT
+//#define MBEDTLS_RIPEMD160_ALT
+//#define MBEDTLS_RSA_ALT
+//#define MBEDTLS_SHA1_ALT
+//#define MBEDTLS_SHA256_ALT
+//#define MBEDTLS_SHA512_ALT
+//#define MBEDTLS_XTEA_ALT
+/*
+ * When replacing the elliptic curve module, pleace consider, that it is
+ * implemented with two .c files:
+ *      - ecp.c
+ *      - ecp_curves.c
+ * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
+ * macros as described above. The only difference is that you have to make sure
+ * that you provide functionality for both .c files.
+ */
+//#define MBEDTLS_ECP_ALT
+
+/**
+ * \def MBEDTLS_MD2_PROCESS_ALT
+ *
+ * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
+ * alternate core implementation of symmetric crypto or hash function. Keep in
+ * mind that function prototypes should remain the same.
+ *
+ * This replaces only one function. The header file from mbed TLS is still
+ * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags.
+ *
+ * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will
+ * no longer provide the mbedtls_sha1_process() function, but it will still provide
+ * the other function (using your mbedtls_sha1_process() function) and the definition
+ * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
+ * with this definition.
+ *
+ * \note Because of a signature change, the core AES encryption and decryption routines are
+ *       currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt,
+ *       respectively. When setting up alternative implementations, these functions should
+ *       be overriden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
+ *       must stay untouched.
+ *
+ * \note If you use the AES_xxx_ALT macros, then is is recommended to also set
+ *       MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
+ *       tables.
+ *
+ * Uncomment a macro to enable alternate implementation of the corresponding
+ * function.
+ *
+ * \warning   MD2, MD4, MD5, DES and SHA-1 are considered weak and their use
+ *            constitutes a security risk. If possible, we recommend avoiding
+ *            dependencies on them, and considering stronger message digests
+ *            and ciphers instead.
+ *
+ */
+//#define MBEDTLS_MD2_PROCESS_ALT
+//#define MBEDTLS_MD4_PROCESS_ALT
+//#define MBEDTLS_MD5_PROCESS_ALT
+//#define MBEDTLS_RIPEMD160_PROCESS_ALT
+//#define MBEDTLS_SHA1_PROCESS_ALT
+//#define MBEDTLS_SHA256_PROCESS_ALT
+//#define MBEDTLS_SHA512_PROCESS_ALT
+//#define MBEDTLS_DES_SETKEY_ALT
+//#define MBEDTLS_DES_CRYPT_ECB_ALT
+//#define MBEDTLS_DES3_CRYPT_ECB_ALT
+//#define MBEDTLS_AES_SETKEY_ENC_ALT
+//#define MBEDTLS_AES_SETKEY_DEC_ALT
+//#define MBEDTLS_AES_ENCRYPT_ALT
+//#define MBEDTLS_AES_DECRYPT_ALT
+//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
+//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
+//#define MBEDTLS_ECDSA_VERIFY_ALT
+//#define MBEDTLS_ECDSA_SIGN_ALT
+//#define MBEDTLS_ECDSA_GENKEY_ALT
+
+/**
+ * \def MBEDTLS_ECP_INTERNAL_ALT
+ *
+ * Expose a part of the internal interface of the Elliptic Curve Point module.
+ *
+ * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your
+ * alternative core implementation of elliptic curve arithmetic. Keep in mind
+ * that function prototypes should remain the same.
+ *
+ * This partially replaces one function. The header file from mbed TLS is still
+ * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation
+ * is still present and it is used for group structures not supported by the
+ * alternative.
+ *
+ * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT
+ * and implementing the following functions:
+ *      unsigned char mbedtls_internal_ecp_grp_capable(
+ *          const mbedtls_ecp_group *grp )
+ *      int  mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp )
+ *      void mbedtls_internal_ecp_deinit( const mbedtls_ecp_group *grp )
+ * The mbedtls_internal_ecp_grp_capable function should return 1 if the
+ * replacement functions implement arithmetic for the given group and 0
+ * otherwise.
+ * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_deinit are
+ * called before and after each point operation and provide an opportunity to
+ * implement optimized set up and tear down instructions.
+ *
+ * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and
+ * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac
+ * function, but will use your mbedtls_internal_ecp_double_jac if the group is
+ * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when
+ * receives it as an argument). If the group is not supported then the original
+ * implementation is used. The other functions and the definition of
+ * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your
+ * implementation of mbedtls_internal_ecp_double_jac and
+ * mbedtls_internal_ecp_grp_capable must be compatible with this definition.
+ *
+ * Uncomment a macro to enable alternate implementation of the corresponding
+ * function.
+ */
+/* Required for all the functions in this section */
+//#define MBEDTLS_ECP_INTERNAL_ALT
+/* Support for Weierstrass curves with Jacobi representation */
+//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
+//#define MBEDTLS_ECP_ADD_MIXED_ALT
+//#define MBEDTLS_ECP_DOUBLE_JAC_ALT
+//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
+//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
+/* Support for curves with Montgomery arithmetic */
+//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
+//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
+//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
+
+/**
+ * \def MBEDTLS_TEST_NULL_ENTROPY
+ *
+ * Enables testing and use of mbed TLS without any configured entropy sources.
+ * This permits use of the library on platforms before an entropy source has
+ * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the
+ * MBEDTLS_ENTROPY_NV_SEED switches).
+ *
+ * WARNING! This switch MUST be disabled in production builds, and is suitable
+ * only for development.
+ * Enabling the switch negates any security provided by the library.
+ *
+ * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+ *
+ */
+//#define MBEDTLS_TEST_NULL_ENTROPY
+
+/**
+ * \def MBEDTLS_ENTROPY_HARDWARE_ALT
+ *
+ * Uncomment this macro to let mbed TLS use your own implementation of a
+ * hardware entropy collector.
+ *
+ * Your function must be called \c mbedtls_hardware_poll(), have the same
+ * prototype as declared in entropy_poll.h, and accept NULL as first argument.
+ *
+ * Uncomment to use your own hardware entropy collector.
+ */
+//#define MBEDTLS_ENTROPY_HARDWARE_ALT
+
+/**
+ * \def MBEDTLS_AES_ROM_TABLES
+ *
+ * Store the AES tables in ROM.
+ *
+ * Uncomment this macro to store the AES tables in ROM.
+ */
+//#define MBEDTLS_AES_ROM_TABLES
+
+/**
+ * \def MBEDTLS_CAMELLIA_SMALL_MEMORY
+ *
+ * Use less ROM for the Camellia implementation (saves about 768 bytes).
+ *
+ * Uncomment this macro to use less memory for Camellia.
+ */
+//#define MBEDTLS_CAMELLIA_SMALL_MEMORY
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_CBC
+ *
+ * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
+ */
+#define MBEDTLS_CIPHER_MODE_CBC
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_CFB
+ *
+ * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
+ */
+#define MBEDTLS_CIPHER_MODE_CFB
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_CTR
+ *
+ * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
+ */
+#define MBEDTLS_CIPHER_MODE_CTR
+
+/**
+ * \def MBEDTLS_CIPHER_PADDING_PKCS7
+ *
+ * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for
+ * specific padding modes in the cipher layer with cipher modes that support
+ * padding (e.g. CBC)
+ *
+ * If you disable all padding modes, only full blocks can be used with CBC.
+ *
+ * Enable padding modes in the cipher layer.
+ */
+#define MBEDTLS_CIPHER_PADDING_PKCS7
+#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
+#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
+#define MBEDTLS_CIPHER_PADDING_ZEROS
+
+/**
+ * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ *
+ * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve
+ * module.  By default all supported curves are enabled.
+ *
+ * Comment macros to disable the curve and functions for it
+ */
+#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
+#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
+#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
+#define MBEDTLS_ECP_DP_BP256R1_ENABLED
+#define MBEDTLS_ECP_DP_BP384R1_ENABLED
+#define MBEDTLS_ECP_DP_BP512R1_ENABLED
+#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
+
+/**
+ * \def MBEDTLS_ECP_NIST_OPTIM
+ *
+ * Enable specific 'modulo p' routines for each NIST prime.
+ * Depending on the prime and architecture, makes operations 4 to 8 times
+ * faster on the corresponding curve.
+ *
+ * Comment this macro to disable NIST curves optimisation.
+ */
+#define MBEDTLS_ECP_NIST_OPTIM
+
+/**
+ * \def MBEDTLS_ECDSA_DETERMINISTIC
+ *
+ * Enable deterministic ECDSA (RFC 6979).
+ * Standard ECDSA is "fragile" in the sense that lack of entropy when signing
+ * may result in a compromise of the long-term signing key. This is avoided by
+ * the deterministic variant.
+ *
+ * Requires: MBEDTLS_HMAC_DRBG_C
+ *
+ * Comment this macro to disable deterministic ECDSA.
+ */
+#define MBEDTLS_ECDSA_DETERMINISTIC
+
+/**
+ * \def MBEDTLS_PK_PARSE_EC_EXTENDED
+ *
+ * Enhance support for reading EC keys using variants of SEC1 not allowed by
+ * RFC 5915 and RFC 5480.
+ *
+ * Currently this means parsing the SpecifiedECDomain choice of EC
+ * parameters (only known groups are supported, not arbitrary domains, to
+ * avoid validation issues).
+ *
+ * Disable if you only need to support RFC 5915 + 5480 key formats.
+ */
+#define MBEDTLS_PK_PARSE_EC_EXTENDED
+
+/**
+ * \def MBEDTLS_ERROR_STRERROR_DUMMY
+ *
+ * Enable a dummy error function to make use of mbedtls_strerror() in
+ * third party libraries easier when MBEDTLS_ERROR_C is disabled
+ * (no effect when MBEDTLS_ERROR_C is enabled).
+ *
+ * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're
+ * not using mbedtls_strerror() or error_strerror() in your application.
+ *
+ * Disable if you run into name conflicts and want to really remove the
+ * mbedtls_strerror()
+ */
+#define MBEDTLS_ERROR_STRERROR_DUMMY
+
+/**
+ * \def MBEDTLS_GENPRIME
+ *
+ * Enable the prime-number generation code.
+ *
+ * Requires: MBEDTLS_BIGNUM_C
+ */
+#define MBEDTLS_GENPRIME
+
+/**
+ * \def MBEDTLS_FS_IO
+ *
+ * Enable functions that use the filesystem.
+ */
+#define MBEDTLS_FS_IO
+
+/**
+ * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+ *
+ * Do not add default entropy sources. These are the platform specific,
+ * mbedtls_timing_hardclock and HAVEGE based poll functions.
+ *
+ * This is useful to have more control over the added entropy sources in an
+ * application.
+ *
+ * Uncomment this macro to prevent loading of default entropy functions.
+ */
+//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+
+/**
+ * \def MBEDTLS_NO_PLATFORM_ENTROPY
+ *
+ * Do not use built-in platform entropy functions.
+ * This is useful if your platform does not support
+ * standards like the /dev/urandom or Windows CryptoAPI.
+ *
+ * Uncomment this macro to disable the built-in platform entropy functions.
+ */
+//#define MBEDTLS_NO_PLATFORM_ENTROPY
+
+/**
+ * \def MBEDTLS_ENTROPY_FORCE_SHA256
+ *
+ * Force the entropy accumulator to use a SHA-256 accumulator instead of the
+ * default SHA-512 based one (if both are available).
+ *
+ * Requires: MBEDTLS_SHA256_C
+ *
+ * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option
+ * if you have performance concerns.
+ *
+ * This option is only useful if both MBEDTLS_SHA256_C and
+ * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
+ */
+//#define MBEDTLS_ENTROPY_FORCE_SHA256
+
+/**
+ * \def MBEDTLS_ENTROPY_NV_SEED
+ *
+ * Enable the non-volatile (NV) seed file-based entropy source.
+ * (Also enables the NV seed read/write functions in the platform layer)
+ *
+ * This is crucial (if not required) on systems that do not have a
+ * cryptographic entropy source (in hardware or kernel) available.
+ *
+ * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C
+ *
+ * \note The read/write functions that are used by the entropy source are
+ *       determined in the platform layer, and can be modified at runtime and/or
+ *       compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used.
+ *
+ * \note If you use the default implementation functions that read a seedfile
+ *       with regular fopen(), please make sure you make a seedfile with the
+ *       proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at
+ *       least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from
+ *       and written to or you will get an entropy source error! The default
+ *       implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE
+ *       bytes from the file.
+ *
+ * \note The entropy collector will write to the seed file before entropy is
+ *       given to an external source, to update it.
+ */
+//#define MBEDTLS_ENTROPY_NV_SEED
+
+/**
+ * \def MBEDTLS_MEMORY_DEBUG
+ *
+ * Enable debugging of buffer allocator memory issues. Automatically prints
+ * (to stderr) all (fatal) messages on memory allocation issues. Enables
+ * function for 'debug output' of allocated memory.
+ *
+ * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
+ *
+ * Uncomment this macro to let the buffer allocator print out error messages.
+ */
+//#define MBEDTLS_MEMORY_DEBUG
+
+/**
+ * \def MBEDTLS_MEMORY_BACKTRACE
+ *
+ * Include backtrace information with each allocated block.
+ *
+ * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
+ *           GLIBC-compatible backtrace() an backtrace_symbols() support
+ *
+ * Uncomment this macro to include backtrace information
+ */
+//#define MBEDTLS_MEMORY_BACKTRACE
+
+/**
+ * \def MBEDTLS_PK_RSA_ALT_SUPPORT
+ *
+ * Support external private RSA keys (eg from a HSM) in the PK layer.
+ *
+ * Comment this macro to disable support for external private RSA keys.
+ */
+#define MBEDTLS_PK_RSA_ALT_SUPPORT
+
+/**
+ * \def MBEDTLS_PKCS1_V15
+ *
+ * Enable support for PKCS#1 v1.5 encoding.
+ *
+ * Requires: MBEDTLS_RSA_C
+ *
+ * This enables support for PKCS#1 v1.5 operations.
+ */
+#define MBEDTLS_PKCS1_V15
+
+/**
+ * \def MBEDTLS_PKCS1_V21
+ *
+ * Enable support for PKCS#1 v2.1 encoding.
+ *
+ * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C
+ *
+ * This enables support for RSAES-OAEP and RSASSA-PSS operations.
+ */
+#define MBEDTLS_PKCS1_V21
+
+/**
+ * \def MBEDTLS_RSA_NO_CRT
+ *
+ * Do not use the Chinese Remainder Theorem for the RSA private operation.
+ *
+ * Uncomment this macro to disable the use of CRT in RSA.
+ *
+ */
+//#define MBEDTLS_RSA_NO_CRT
+
+/**
+ * \def MBEDTLS_SELF_TEST
+ *
+ * Enable the checkup functions (*_self_test).
+ */
+#define MBEDTLS_SELF_TEST
+
+/**
+ * \def MBEDTLS_SHA256_SMALLER
+ *
+ * Enable an implementation of SHA-256 that has lower ROM footprint but also
+ * lower performance.
+ *
+ * The default implementation is meant to be a reasonnable compromise between
+ * performance and size. This version optimizes more aggressively for size at
+ * the expense of performance. Eg on Cortex-M4 it reduces the size of
+ * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about
+ * 30%.
+ *
+ * Uncomment to enable the smaller implementation of SHA256.
+ */
+//#define MBEDTLS_SHA256_SMALLER
+
+/**
+ * \def MBEDTLS_THREADING_ALT
+ *
+ * Provide your own alternate threading implementation.
+ *
+ * Requires: MBEDTLS_THREADING_C
+ *
+ * Uncomment this to allow your own alternate threading implementation.
+ */
+//#define MBEDTLS_THREADING_ALT
+
+/**
+ * \def MBEDTLS_THREADING_PTHREAD
+ *
+ * Enable the pthread wrapper layer for the threading layer.
+ *
+ * Requires: MBEDTLS_THREADING_C
+ *
+ * Uncomment this to enable pthread mutexes.
+ */
+//#define MBEDTLS_THREADING_PTHREAD
+
+/**
+ * \def MBEDTLS_VERSION_FEATURES
+ *
+ * Allow run-time checking of compile-time enabled features. Thus allowing users
+ * to check at run-time if the library is for instance compiled with threading
+ * support via mbedtls_version_check_feature().
+ *
+ * Requires: MBEDTLS_VERSION_C
+ *
+ * Comment this to disable run-time checking and save ROM space
+ */
+#define MBEDTLS_VERSION_FEATURES
+
+/* \} name SECTION: mbed TLS feature support */
+
+/**
+ * \name SECTION: mbed TLS modules
+ *
+ * This section enables or disables entire modules in mbed TLS
+ * \{
+ */
+
+/**
+ * \def MBEDTLS_AESNI_C
+ *
+ * Enable AES-NI support on x86-64.
+ *
+ * Module:  library/aesni.c
+ * Caller:  library/aes.c
+ *
+ * Requires: MBEDTLS_HAVE_ASM
+ *
+ * This modules adds support for the AES-NI instructions on x86-64
+ */
+#define MBEDTLS_AESNI_C
+
+/**
+ * \def MBEDTLS_AES_C
+ *
+ * Enable the AES block cipher.
+ *
+ * Module:  library/aes.c
+ * Caller:  library/ssl_tls.c
+ *          library/pem.c
+ *          library/ctr_drbg.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
+ *
+ * PEM_PARSE uses AES for decrypting encrypted keys.
+ */
+#define MBEDTLS_AES_C
+
+/**
+ * \def MBEDTLS_ARC4_C
+ *
+ * Enable the ARCFOUR stream cipher.
+ *
+ * Module:  library/arc4.c
+ * Caller:  library/ssl_tls.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
+ *      MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
+ *
+ * \warning   ARC4 is considered a weak cipher and its use constitutes a
+ *            security risk. If possible, we recommend avoidng dependencies on
+ *            it, and considering stronger ciphers instead.
+ *
+ */
+#define MBEDTLS_ARC4_C
+
+/**
+ * \def MBEDTLS_ASN1_PARSE_C
+ *
+ * Enable the generic ASN1 parser.
+ *
+ * Module:  library/asn1.c
+ * Caller:  library/x509.c
+ *          library/dhm.c
+ *          library/pkcs12.c
+ *          library/pkcs5.c
+ *          library/pkparse.c
+ */
+#define MBEDTLS_ASN1_PARSE_C
+
+/**
+ * \def MBEDTLS_ASN1_WRITE_C
+ *
+ * Enable the generic ASN1 writer.
+ *
+ * Module:  library/asn1write.c
+ * Caller:  library/ecdsa.c
+ *          library/pkwrite.c
+ *          library/x509_create.c
+ *          library/x509write_crt.c
+ *          library/x509write_csr.c
+ */
+#define MBEDTLS_ASN1_WRITE_C
+
+/**
+ * \def MBEDTLS_BASE64_C
+ *
+ * Enable the Base64 module.
+ *
+ * Module:  library/base64.c
+ * Caller:  library/pem.c
+ *
+ * This module is required for PEM support (required by X.509).
+ */
+#define MBEDTLS_BASE64_C
+
+/**
+ * \def MBEDTLS_BIGNUM_C
+ *
+ * Enable the multi-precision integer library.
+ *
+ * Module:  library/bignum.c
+ * Caller:  library/dhm.c
+ *          library/ecp.c
+ *          library/ecdsa.c
+ *          library/rsa.c
+ *          library/rsa_internal.c
+ *          library/ssl_tls.c
+ *
+ * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support.
+ */
+#define MBEDTLS_BIGNUM_C
+
+/**
+ * \def MBEDTLS_BLOWFISH_C
+ *
+ * Enable the Blowfish block cipher.
+ *
+ * Module:  library/blowfish.c
+ */
+#define MBEDTLS_BLOWFISH_C
+
+/**
+ * \def MBEDTLS_CAMELLIA_C
+ *
+ * Enable the Camellia block cipher.
+ *
+ * Module:  library/camellia.c
+ * Caller:  library/ssl_tls.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ */
+#define MBEDTLS_CAMELLIA_C
+
+/**
+ * \def MBEDTLS_CCM_C
+ *
+ * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
+ *
+ * Module:  library/ccm.c
+ *
+ * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
+ *
+ * This module enables the AES-CCM ciphersuites, if other requisites are
+ * enabled as well.
+ */
+#define MBEDTLS_CCM_C
+
+/**
+ * \def MBEDTLS_CIPHER_C
+ *
+ * Enable the generic cipher layer.
+ *
+ * Module:  library/cipher.c
+ * Caller:  library/ssl_tls.c
+ *
+ * Uncomment to enable generic cipher wrappers.
+ */
+#define MBEDTLS_CIPHER_C
+
+/**
+ * \def MBEDTLS_CMAC_C
+ *
+ * Enable the CMAC (Cipher-based Message Authentication Code) mode for block
+ * ciphers.
+ *
+ * Module:  library/cmac.c
+ *
+ * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
+ *
+ */
+#define MBEDTLS_CMAC_C
+
+/**
+ * \def MBEDTLS_CTR_DRBG_C
+ *
+ * Enable the CTR_DRBG AES-256-based random generator.
+ *
+ * Module:  library/ctr_drbg.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_AES_C
+ *
+ * This module provides the CTR_DRBG AES-256 random number generator.
+ */
+#define MBEDTLS_CTR_DRBG_C
+
+/**
+ * \def MBEDTLS_DES_C
+ *
+ * Enable the DES block cipher.
+ *
+ * Module:  library/des.c
+ * Caller:  library/pem.c
+ *          library/ssl_tls.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
+ *
+ * PEM_PARSE uses DES/3DES for decrypting encrypted keys.
+ *
+ * \warning   DES is considered a weak cipher and its use constitutes a
+ *            security risk. We recommend considering stronger ciphers instead.
+ */
+#define MBEDTLS_DES_C
+
+/**
+ * \def MBEDTLS_DHM_C
+ *
+ * Enable the Diffie-Hellman-Merkle module.
+ *
+ * Module:  library/dhm.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *
+ * This module is used by the following key exchanges:
+ *      DHE-RSA, DHE-PSK
+ *
+ * \warning    Using DHE constitutes a security risk as it
+ *             is not possible to validate custom DH parameters.
+ *             If possible, it is recommended users should consider
+ *             preferring other methods of key exchange.
+ *             See dhm.h for more details.
+ *
+ */
+#define MBEDTLS_DHM_C
+
+/**
+ * \def MBEDTLS_ECDH_C
+ *
+ * Enable the elliptic curve Diffie-Hellman library.
+ *
+ * Module:  library/ecdh.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *
+ * This module is used by the following key exchanges:
+ *      ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
+ *
+ * Requires: MBEDTLS_ECP_C
+ */
+#define MBEDTLS_ECDH_C
+
+/**
+ * \def MBEDTLS_ECDSA_C
+ *
+ * Enable the elliptic curve DSA library.
+ *
+ * Module:  library/ecdsa.c
+ * Caller:
+ *
+ * This module is used by the following key exchanges:
+ *      ECDHE-ECDSA
+ *
+ * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C
+ */
+#define MBEDTLS_ECDSA_C
+
+/**
+ * \def MBEDTLS_ECJPAKE_C
+ *
+ * Enable the elliptic curve J-PAKE library.
+ *
+ * \warning This is currently experimental. EC J-PAKE support is based on the
+ * Thread v1.0.0 specification; incompatible changes to the specification
+ * might still happen. For this reason, this is disabled by default.
+ *
+ * Module:  library/ecjpake.c
+ * Caller:
+ *
+ * This module is used by the following key exchanges:
+ *      ECJPAKE
+ *
+ * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C
+ */
+#define MBEDTLS_ECJPAKE_C
+
+/**
+ * \def MBEDTLS_ECP_C
+ *
+ * Enable the elliptic curve over GF(p) library.
+ *
+ * Module:  library/ecp.c
+ * Caller:  library/ecdh.c
+ *          library/ecdsa.c
+ *          library/ecjpake.c
+ *
+ * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED
+ */
+#define MBEDTLS_ECP_C
+
+/**
+ * \def MBEDTLS_ENTROPY_C
+ *
+ * Enable the platform-specific entropy code.
+ *
+ * Module:  library/entropy.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C
+ *
+ * This module provides a generic entropy pool
+ */
+#define MBEDTLS_ENTROPY_C
+
+/**
+ * \def MBEDTLS_ERROR_C
+ *
+ * Enable error code to error string conversion.
+ *
+ * Module:  library/error.c
+ * Caller:
+ *
+ * This module enables mbedtls_strerror().
+ */
+#define MBEDTLS_ERROR_C
+
+/**
+ * \def MBEDTLS_GCM_C
+ *
+ * Enable the Galois/Counter Mode (GCM) for AES.
+ *
+ * Module:  library/gcm.c
+ *
+ * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
+ *
+ * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
+ * requisites are enabled as well.
+ */
+#define MBEDTLS_GCM_C
+
+/**
+ * \def MBEDTLS_HAVEGE_C
+ *
+ * Enable the HAVEGE random generator.
+ *
+ * Warning: the HAVEGE random generator is not suitable for virtualized
+ *          environments
+ *
+ * Warning: the HAVEGE random generator is dependent on timing and specific
+ *          processor traits. It is therefore not advised to use HAVEGE as
+ *          your applications primary random generator or primary entropy pool
+ *          input. As a secondary input to your entropy pool, it IS able add
+ *          the (limited) extra entropy it provides.
+ *
+ * Module:  library/havege.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_TIMING_C
+ *
+ * Uncomment to enable the HAVEGE random generator.
+ */
+//#define MBEDTLS_HAVEGE_C
+
+/**
+ * \def MBEDTLS_HMAC_DRBG_C
+ *
+ * Enable the HMAC_DRBG random generator.
+ *
+ * Module:  library/hmac_drbg.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_MD_C
+ *
+ * Uncomment to enable the HMAC_DRBG random number geerator.
+ */
+#define MBEDTLS_HMAC_DRBG_C
+
+/**
+ * \def MBEDTLS_MD_C
+ *
+ * Enable the generic message digest layer.
+ *
+ * Module:  library/md.c
+ * Caller:
+ *
+ * Uncomment to enable generic message digest wrappers.
+ */
+#define MBEDTLS_MD_C
+
+/**
+ * \def MBEDTLS_MD2_C
+ *
+ * Enable the MD2 hash algorithm.
+ *
+ * Module:  library/md2.c
+ * Caller:
+ *
+ * Uncomment to enable support for (rare) MD2-signed X.509 certs.
+ *
+ * \warning   MD2 is considered a weak message digest and its use constitutes a
+ *            security risk. If possible, we recommend avoiding dependencies on
+ *            it, and considering stronger message digests instead.
+ *
+ */
+#define MBEDTLS_MD2_C
+
+/**
+ * \def MBEDTLS_MD4_C
+ *
+ * Enable the MD4 hash algorithm.
+ *
+ * Module:  library/md4.c
+ * Caller:
+ *
+ * Uncomment to enable support for (rare) MD4-signed X.509 certs.
+ *
+ * \warning   MD4 is considered a weak message digest and its use constitutes a
+ *            security risk. If possible, we recommend avoiding dependencies on
+ *            it, and considering stronger message digests instead.
+ *
+ */
+#define MBEDTLS_MD4_C
+
+/**
+ * \def MBEDTLS_MD5_C
+ *
+ * Enable the MD5 hash algorithm.
+ *
+ * Module:  library/md5.c
+ * Caller:  library/md.c
+ *          library/pem.c
+ *          library/ssl_tls.c
+ *
+ * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2
+ * depending on the handshake parameters. Further, it is used for checking
+ * MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded
+ * encrypted keys.
+ *
+ * \warning   MD5 is considered a weak message digest and its use constitutes a
+ *            security risk. If possible, we recommend avoiding dependencies on
+ *            it, and considering stronger message digests instead.
+ *
+ */
+#define MBEDTLS_MD5_C
+
+/**
+ * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C
+ *
+ * Enable the buffer allocator implementation that makes use of a (stack)
+ * based buffer to 'allocate' dynamic memory. (replaces calloc() and free()
+ * calls)
+ *
+ * Module:  library/memory_buffer_alloc.c
+ *
+ * Requires: MBEDTLS_PLATFORM_C
+ *           MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS)
+ *
+ * Enable this module to enable the buffer memory allocator.
+ */
+//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
+
+/**
+ * \def MBEDTLS_OID_C
+ *
+ * Enable the OID database.
+ *
+ * Module:  library/oid.c
+ * Caller:  library/asn1write.c
+ *          library/pkcs5.c
+ *          library/pkparse.c
+ *          library/pkwrite.c
+ *          library/rsa.c
+ *          library/x509.c
+ *          library/x509_create.c
+ *          library/x509_crl.c
+ *          library/x509_crt.c
+ *          library/x509_csr.c
+ *          library/x509write_crt.c
+ *          library/x509write_csr.c
+ *
+ * This modules translates between OIDs and internal values.
+ */
+#define MBEDTLS_OID_C
+
+/**
+ * \def MBEDTLS_PADLOCK_C
+ *
+ * Enable VIA Padlock support on x86.
+ *
+ * Module:  library/padlock.c
+ * Caller:  library/aes.c
+ *
+ * Requires: MBEDTLS_HAVE_ASM
+ *
+ * This modules adds support for the VIA PadLock on x86.
+ */
+//#define MBEDTLS_PADLOCK_C
+
+/**
+ * \def MBEDTLS_PEM_PARSE_C
+ *
+ * Enable PEM decoding / parsing.
+ *
+ * Module:  library/pem.c
+ * Caller:  library/dhm.c
+ *          library/pkparse.c
+ *          library/x509_crl.c
+ *          library/x509_crt.c
+ *          library/x509_csr.c
+ *
+ * Requires: MBEDTLS_BASE64_C
+ *
+ * This modules adds support for decoding / parsing PEM files.
+ */
+#define MBEDTLS_PEM_PARSE_C
+
+/**
+ * \def MBEDTLS_PEM_WRITE_C
+ *
+ * Enable PEM encoding / writing.
+ *
+ * Module:  library/pem.c
+ * Caller:  library/pkwrite.c
+ *          library/x509write_crt.c
+ *          library/x509write_csr.c
+ *
+ * Requires: MBEDTLS_BASE64_C
+ *
+ * This modules adds support for encoding / writing PEM files.
+ */
+#define MBEDTLS_PEM_WRITE_C
+
+/**
+ * \def MBEDTLS_PK_C
+ *
+ * Enable the generic public (asymetric) key layer.
+ *
+ * Module:  library/pk.c
+ * Caller:  library/ssl_tls.c
+ *          library/ssl_cli.c
+ *          library/ssl_srv.c
+ *
+ * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C
+ *
+ * Uncomment to enable generic public key wrappers.
+ */
+#define MBEDTLS_PK_C
+
+/**
+ * \def MBEDTLS_PK_PARSE_C
+ *
+ * Enable the generic public (asymetric) key parser.
+ *
+ * Module:  library/pkparse.c
+ * Caller:  library/x509_crt.c
+ *          library/x509_csr.c
+ *
+ * Requires: MBEDTLS_PK_C
+ *
+ * Uncomment to enable generic public key parse functions.
+ */
+#define MBEDTLS_PK_PARSE_C
+
+/**
+ * \def MBEDTLS_PK_WRITE_C
+ *
+ * Enable the generic public (asymetric) key writer.
+ *
+ * Module:  library/pkwrite.c
+ * Caller:  library/x509write.c
+ *
+ * Requires: MBEDTLS_PK_C
+ *
+ * Uncomment to enable generic public key write functions.
+ */
+#define MBEDTLS_PK_WRITE_C
+
+/**
+ * \def MBEDTLS_PKCS5_C
+ *
+ * Enable PKCS#5 functions.
+ *
+ * Module:  library/pkcs5.c
+ *
+ * Requires: MBEDTLS_MD_C
+ *
+ * This module adds support for the PKCS#5 functions.
+ */
+#define MBEDTLS_PKCS5_C
+
+/**
+ * \def MBEDTLS_PKCS11_C
+ *
+ * Enable wrapper for PKCS#11 smartcard support.
+ *
+ * Module:  library/pkcs11.c
+ * Caller:  library/pk.c
+ *
+ * Requires: MBEDTLS_PK_C
+ *
+ * This module enables SSL/TLS PKCS #11 smartcard support.
+ * Requires the presence of the PKCS#11 helper library (libpkcs11-helper)
+ */
+//#define MBEDTLS_PKCS11_C
+
+/**
+ * \def MBEDTLS_PKCS12_C
+ *
+ * Enable PKCS#12 PBE functions.
+ * Adds algorithms for parsing PKCS#8 encrypted private keys
+ *
+ * Module:  library/pkcs12.c
+ * Caller:  library/pkparse.c
+ *
+ * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C
+ * Can use:  MBEDTLS_ARC4_C
+ *
+ * This module enables PKCS#12 functions.
+ */
+#define MBEDTLS_PKCS12_C
+
+/**
+ * \def MBEDTLS_PLATFORM_C
+ *
+ * Enable the platform abstraction layer that allows you to re-assign
+ * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit().
+ *
+ * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT
+ * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned
+ * above to be specified at runtime or compile time respectively.
+ *
+ * \note This abstraction layer must be enabled on Windows (including MSYS2)
+ * as other module rely on it for a fixed snprintf implementation.
+ *
+ * Module:  library/platform.c
+ * Caller:  Most other .c files
+ *
+ * This module enables abstraction of common (libc) functions.
+ */
+#define MBEDTLS_PLATFORM_C
+
+/**
+ * \def MBEDTLS_PSA_CRYPTO_C
+ *
+ * Enable the Platform Security Architecture cryptography API.
+ *
+ * Module:  library/psa_crypto.c
+ *
+ * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C
+ *
+ */
+#define MBEDTLS_PSA_CRYPTO_C
+
+/**
+ * \def MBEDTLS_RIPEMD160_C
+ *
+ * Enable the RIPEMD-160 hash algorithm.
+ *
+ * Module:  library/ripemd160.c
+ * Caller:  library/md.c
+ *
+ */
+#define MBEDTLS_RIPEMD160_C
+
+/**
+ * \def MBEDTLS_RSA_C
+ *
+ * Enable the RSA public-key cryptosystem.
+ *
+ * Module:  library/rsa.c
+ *          library/rsa_internal.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *          library/ssl_tls.c
+ *          library/x509.c
+ *
+ * This module is used by the following key exchanges:
+ *      RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
+ *
+ * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C
+ */
+#define MBEDTLS_RSA_C
+
+/**
+ * \def MBEDTLS_SHA1_C
+ *
+ * Enable the SHA1 cryptographic hash algorithm.
+ *
+ * Module:  library/sha1.c
+ * Caller:  library/md.c
+ *          library/ssl_cli.c
+ *          library/ssl_srv.c
+ *          library/ssl_tls.c
+ *          library/x509write_crt.c
+ *
+ * This module is required for SSL/TLS up to version 1.1, for TLS 1.2
+ * depending on the handshake parameters, and for SHA1-signed certificates.
+ *
+ * \warning   SHA-1 is considered a weak message digest and its use constitutes
+ *            a security risk. If possible, we recommend avoiding dependencies
+ *            on it, and considering stronger message digests instead.
+ *
+ */
+#define MBEDTLS_SHA1_C
+
+/**
+ * \def MBEDTLS_SHA256_C
+ *
+ * Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
+ *
+ * Module:  library/sha256.c
+ * Caller:  library/entropy.c
+ *          library/md.c
+ *          library/ssl_cli.c
+ *          library/ssl_srv.c
+ *          library/ssl_tls.c
+ *
+ * This module adds support for SHA-224 and SHA-256.
+ * This module is required for the SSL/TLS 1.2 PRF function.
+ */
+#define MBEDTLS_SHA256_C
+
+/**
+ * \def MBEDTLS_SHA512_C
+ *
+ * Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
+ *
+ * Module:  library/sha512.c
+ * Caller:  library/entropy.c
+ *          library/md.c
+ *          library/ssl_cli.c
+ *          library/ssl_srv.c
+ *
+ * This module adds support for SHA-384 and SHA-512.
+ */
+#define MBEDTLS_SHA512_C
+
+/**
+ * \def MBEDTLS_THREADING_C
+ *
+ * Enable the threading abstraction layer.
+ * By default mbed TLS assumes it is used in a non-threaded environment or that
+ * contexts are not shared between threads. If you do intend to use contexts
+ * between threads, you will need to enable this layer to prevent race
+ * conditions. See also our Knowledge Base article about threading:
+ * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading
+ *
+ * Module:  library/threading.c
+ *
+ * This allows different threading implementations (self-implemented or
+ * provided).
+ *
+ * You will have to enable either MBEDTLS_THREADING_ALT or
+ * MBEDTLS_THREADING_PTHREAD.
+ *
+ * Enable this layer to allow use of mutexes within mbed TLS
+ */
+//#define MBEDTLS_THREADING_C
+
+/**
+ * \def MBEDTLS_VERSION_C
+ *
+ * Enable run-time version information.
+ *
+ * Module:  library/version.c
+ *
+ * This module provides run-time version information.
+ */
+#define MBEDTLS_VERSION_C
+
+/**
+ * \def MBEDTLS_XTEA_C
+ *
+ * Enable the XTEA block cipher.
+ *
+ * Module:  library/xtea.c
+ * Caller:
+ */
+#define MBEDTLS_XTEA_C
+
+/* \} name SECTION: mbed TLS modules */
+
+/**
+ * \name SECTION: Module configuration options
+ *
+ * This section allows for the setting of module specific sizes and
+ * configuration options. The default values are already present in the
+ * relevant header files and should suffice for the regular use cases.
+ *
+ * Our advice is to enable options and change their values here
+ * only if you have a good reason and know the consequences.
+ *
+ * Please check the respective header file for documentation on these
+ * parameters (to prevent duplicate documentation).
+ * \{
+ */
+
+/* MPI / BIGNUM options */
+//#define MBEDTLS_MPI_WINDOW_SIZE            6 /**< Maximum windows size used. */
+//#define MBEDTLS_MPI_MAX_SIZE            1024 /**< Maximum number of bytes for usable MPIs. */
+
+/* CTR_DRBG options */
+//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN               48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
+//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL        10000 /**< Interval before reseed is performed by default */
+//#define MBEDTLS_CTR_DRBG_MAX_INPUT                256 /**< Maximum number of additional input bytes */
+//#define MBEDTLS_CTR_DRBG_MAX_REQUEST             1024 /**< Maximum number of requested bytes per call */
+//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT           384 /**< Maximum size of (re)seed buffer */
+
+/* HMAC_DRBG options */
+//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL   10000 /**< Interval before reseed is performed by default */
+//#define MBEDTLS_HMAC_DRBG_MAX_INPUT           256 /**< Maximum number of additional input bytes */
+//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST        1024 /**< Maximum number of requested bytes per call */
+//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT      384 /**< Maximum size of (re)seed buffer */
+
+/* ECP options */
+//#define MBEDTLS_ECP_MAX_BITS             521 /**< Maximum bit size of groups */
+//#define MBEDTLS_ECP_WINDOW_SIZE            6 /**< Maximum window size used */
+//#define MBEDTLS_ECP_FIXED_POINT_OPTIM      1 /**< Enable fixed-point speed-up */
+
+/* Entropy options */
+//#define MBEDTLS_ENTROPY_MAX_SOURCES                20 /**< Maximum number of sources supported */
+//#define MBEDTLS_ENTROPY_MAX_GATHER                128 /**< Maximum amount requested from entropy sources */
+//#define MBEDTLS_ENTROPY_MIN_HARDWARE               32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
+
+/* Memory buffer allocator options */
+//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE      4 /**< Align on multiples of this value */
+
+/* Platform options */
+//#define MBEDTLS_PLATFORM_STD_MEM_HDR   <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
+//#define MBEDTLS_PLATFORM_STD_CALLOC        calloc /**< Default allocator to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_FREE            free /**< Default free to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_EXIT            exit /**< Default exit to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_TIME            time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
+//#define MBEDTLS_PLATFORM_STD_FPRINTF      fprintf /**< Default fprintf to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_PRINTF        printf /**< Default printf to use, can be undefined */
+/* Note: your snprintf must correclty zero-terminate the buffer! */
+//#define MBEDTLS_PLATFORM_STD_SNPRINTF    snprintf /**< Default snprintf to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS       0 /**< Default exit value to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE       1 /**< Default exit value to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ   mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE  mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE  "seedfile" /**< Seed file to read/write with default implementation */
+
+/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
+/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
+//#define MBEDTLS_PLATFORM_CALLOC_MACRO        calloc /**< Default allocator macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_FREE_MACRO            free /**< Default free macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_EXIT_MACRO            exit /**< Default exit macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_TIME_MACRO            time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
+//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO       time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
+//#define MBEDTLS_PLATFORM_FPRINTF_MACRO      fprintf /**< Default fprintf macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_PRINTF_MACRO        printf /**< Default printf macro to use, can be undefined */
+/* Note: your snprintf must correclty zero-terminate the buffer! */
+//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO    snprintf /**< Default snprintf macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO   mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
+//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO  mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
+
+/* \} name SECTION: Customisation configuration options */
+
+#include "mbedtls/check_config.h"
+
+#endif /* MBEDTLS_CONFIG_H */

From 66920ceb19c688eb19c4bbd5623711a5cdba49fc Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 3 Mar 2018 21:49:49 +0100
Subject: [PATCH 004/889] Set the default configuration to PSA

This will simplify development in the PSA branch.
---
 configs/config-default.h | 2911 ++++++++++++++++++++++++++++++++++++++
 include/mbedtls/config.h | 1040 +-------------
 2 files changed, 2920 insertions(+), 1031 deletions(-)
 create mode 100644 configs/config-default.h

diff --git a/configs/config-default.h b/configs/config-default.h
new file mode 100644
index 000000000..4100c8e32
--- /dev/null
+++ b/configs/config-default.h
@@ -0,0 +1,2911 @@
+/**
+ * \file config.h
+ *
+ * \brief Configuration options (set of defines)
+ *
+ *  This set of compile-time options may be used to enable
+ *  or disable features selectively, and reduce the global
+ *  memory footprint.
+ */
+/*
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_CONFIG_H
+#define MBEDTLS_CONFIG_H
+
+#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
+#define _CRT_SECURE_NO_DEPRECATE 1
+#endif
+
+/**
+ * \name SECTION: System support
+ *
+ * This section sets system specific settings.
+ * \{
+ */
+
+/**
+ * \def MBEDTLS_HAVE_ASM
+ *
+ * The compiler has support for asm().
+ *
+ * Requires support for asm() in compiler.
+ *
+ * Used in:
+ *      library/timing.c
+ *      library/padlock.c
+ *      include/mbedtls/bn_mul.h
+ *
+ * Comment to disable the use of assembly code.
+ */
+#define MBEDTLS_HAVE_ASM
+
+/**
+ * \def MBEDTLS_NO_UDBL_DIVISION
+ *
+ * The platform lacks support for double-width integer division (64-bit
+ * division on a 32-bit platform, 128-bit division on a 64-bit platform).
+ *
+ * Used in:
+ *      include/mbedtls/bignum.h
+ *      library/bignum.c
+ *
+ * The bignum code uses double-width division to speed up some operations.
+ * Double-width division is often implemented in software that needs to
+ * be linked with the program. The presence of a double-width integer
+ * type is usually detected automatically through preprocessor macros,
+ * but the automatic detection cannot know whether the code needs to
+ * and can be linked with an implementation of division for that type.
+ * By default division is assumed to be usable if the type is present.
+ * Uncomment this option to prevent the use of double-width division.
+ *
+ * Note that division for the native integer type is always required.
+ * Furthermore, a 64-bit type is always required even on a 32-bit
+ * platform, but it need not support multiplication or division. In some
+ * cases it is also desirable to disable some double-width operations. For
+ * example, if double-width division is implemented in software, disabling
+ * it can reduce code size in some embedded targets.
+ */
+//#define MBEDTLS_NO_UDBL_DIVISION
+
+/**
+ * \def MBEDTLS_HAVE_SSE2
+ *
+ * CPU supports SSE2 instruction set.
+ *
+ * Uncomment if the CPU supports SSE2 (IA-32 specific).
+ */
+//#define MBEDTLS_HAVE_SSE2
+
+/**
+ * \def MBEDTLS_HAVE_TIME
+ *
+ * System has time.h and time().
+ * The time does not need to be correct, only time differences are used,
+ * by contrast with MBEDTLS_HAVE_TIME_DATE
+ *
+ * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT,
+ * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and
+ * MBEDTLS_PLATFORM_STD_TIME.
+ *
+ * Comment if your system does not support time functions
+ */
+#define MBEDTLS_HAVE_TIME
+
+/**
+ * \def MBEDTLS_HAVE_TIME_DATE
+ *
+ * System has time.h and time(), gmtime() and the clock is correct.
+ * The time needs to be correct (not necesarily very accurate, but at least
+ * the date should be correct). This is used to verify the validity period of
+ * X.509 certificates.
+ *
+ * Comment if your system does not have a correct clock.
+ */
+#define MBEDTLS_HAVE_TIME_DATE
+
+/**
+ * \def MBEDTLS_PLATFORM_MEMORY
+ *
+ * Enable the memory allocation layer.
+ *
+ * By default mbed TLS uses the system-provided calloc() and free().
+ * This allows different allocators (self-implemented or provided) to be
+ * provided to the platform abstraction layer.
+ *
+ * Enabling MBEDTLS_PLATFORM_MEMORY without the
+ * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide
+ * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and
+ * free() function pointer at runtime.
+ *
+ * Enabling MBEDTLS_PLATFORM_MEMORY and specifying
+ * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the
+ * alternate function at compile time.
+ *
+ * Requires: MBEDTLS_PLATFORM_C
+ *
+ * Enable this layer to allow use of alternative memory allocators.
+ */
+//#define MBEDTLS_PLATFORM_MEMORY
+
+/**
+ * \def MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+ *
+ * Do not assign standard functions in the platform layer (e.g. calloc() to
+ * MBEDTLS_PLATFORM_STD_CALLOC and printf() to MBEDTLS_PLATFORM_STD_PRINTF)
+ *
+ * This makes sure there are no linking errors on platforms that do not support
+ * these functions. You will HAVE to provide alternatives, either at runtime
+ * via the platform_set_xxx() functions or at compile time by setting
+ * the MBEDTLS_PLATFORM_STD_XXX defines, or enabling a
+ * MBEDTLS_PLATFORM_XXX_MACRO.
+ *
+ * Requires: MBEDTLS_PLATFORM_C
+ *
+ * Uncomment to prevent default assignment of standard functions in the
+ * platform layer.
+ */
+//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+
+/**
+ * \def MBEDTLS_PLATFORM_EXIT_ALT
+ *
+ * MBEDTLS_PLATFORM_XXX_ALT: Uncomment a macro to let mbed TLS support the
+ * function in the platform abstraction layer.
+ *
+ * Example: In case you uncomment MBEDTLS_PLATFORM_PRINTF_ALT, mbed TLS will
+ * provide a function "mbedtls_platform_set_printf()" that allows you to set an
+ * alternative printf function pointer.
+ *
+ * All these define require MBEDTLS_PLATFORM_C to be defined!
+ *
+ * \note MBEDTLS_PLATFORM_SNPRINTF_ALT is required on Windows;
+ * it will be enabled automatically by check_config.h
+ *
+ * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
+ * MBEDTLS_PLATFORM_XXX_MACRO!
+ *
+ * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
+ *
+ * Uncomment a macro to enable alternate implementation of specific base
+ * platform function
+ */
+//#define MBEDTLS_PLATFORM_EXIT_ALT
+//#define MBEDTLS_PLATFORM_TIME_ALT
+//#define MBEDTLS_PLATFORM_FPRINTF_ALT
+//#define MBEDTLS_PLATFORM_PRINTF_ALT
+//#define MBEDTLS_PLATFORM_SNPRINTF_ALT
+//#define MBEDTLS_PLATFORM_NV_SEED_ALT
+//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
+
+/**
+ * \def MBEDTLS_DEPRECATED_WARNING
+ *
+ * Mark deprecated functions so that they generate a warning if used.
+ * Functions deprecated in one version will usually be removed in the next
+ * version. You can enable this to help you prepare the transition to a new
+ * major version by making sure your code is not using these functions.
+ *
+ * This only works with GCC and Clang. With other compilers, you may want to
+ * use MBEDTLS_DEPRECATED_REMOVED
+ *
+ * Uncomment to get warnings on using deprecated functions.
+ */
+//#define MBEDTLS_DEPRECATED_WARNING
+
+/**
+ * \def MBEDTLS_DEPRECATED_REMOVED
+ *
+ * Remove deprecated functions so that they generate an error if used.
+ * Functions deprecated in one version will usually be removed in the next
+ * version. You can enable this to help you prepare the transition to a new
+ * major version by making sure your code is not using these functions.
+ *
+ * Uncomment to get errors on using deprecated functions.
+ */
+//#define MBEDTLS_DEPRECATED_REMOVED
+
+/* \} name SECTION: System support */
+
+/**
+ * \name SECTION: mbed TLS feature support
+ *
+ * This section sets support for features that are or are not needed
+ * within the modules that are enabled.
+ * \{
+ */
+
+/**
+ * \def MBEDTLS_TIMING_ALT
+ *
+ * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(),
+ * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
+ *
+ * Only works if you have MBEDTLS_TIMING_C enabled.
+ *
+ * You will need to provide a header "timing_alt.h" and an implementation at
+ * compile time.
+ */
+//#define MBEDTLS_TIMING_ALT
+
+/**
+ * \def MBEDTLS_AES_ALT
+ *
+ * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let mbed TLS use your
+ * alternate core implementation of a symmetric crypto, an arithmetic or hash
+ * module (e.g. platform specific assembly optimized implementations). Keep
+ * in mind that the function prototypes should remain the same.
+ *
+ * This replaces the whole module. If you only want to replace one of the
+ * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
+ *
+ * Example: In case you uncomment MBEDTLS_AES_ALT, mbed TLS will no longer
+ * provide the "struct mbedtls_aes_context" definition and omit the base
+ * function declarations and implementations. "aes_alt.h" will be included from
+ * "aes.h" to include the new function definitions.
+ *
+ * Uncomment a macro to enable alternate implementation of the corresponding
+ * module.
+ *
+ * \warning   MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their
+ *            use constitutes a security risk. If possible, we recommend
+ *            avoiding dependencies on them, and considering stronger message
+ *            digests and ciphers instead.
+ *
+ */
+//#define MBEDTLS_AES_ALT
+//#define MBEDTLS_ARC4_ALT
+//#define MBEDTLS_BLOWFISH_ALT
+//#define MBEDTLS_CAMELLIA_ALT
+//#define MBEDTLS_CCM_ALT
+//#define MBEDTLS_CMAC_ALT
+//#define MBEDTLS_DES_ALT
+//#define MBEDTLS_DHM_ALT
+//#define MBEDTLS_ECJPAKE_ALT
+//#define MBEDTLS_GCM_ALT
+//#define MBEDTLS_MD2_ALT
+//#define MBEDTLS_MD4_ALT
+//#define MBEDTLS_MD5_ALT
+//#define MBEDTLS_RIPEMD160_ALT
+//#define MBEDTLS_RSA_ALT
+//#define MBEDTLS_SHA1_ALT
+//#define MBEDTLS_SHA256_ALT
+//#define MBEDTLS_SHA512_ALT
+//#define MBEDTLS_XTEA_ALT
+/*
+ * When replacing the elliptic curve module, pleace consider, that it is
+ * implemented with two .c files:
+ *      - ecp.c
+ *      - ecp_curves.c
+ * You can replace them very much like all the other MBEDTLS__MODULE_NAME__ALT
+ * macros as described above. The only difference is that you have to make sure
+ * that you provide functionality for both .c files.
+ */
+//#define MBEDTLS_ECP_ALT
+
+/**
+ * \def MBEDTLS_MD2_PROCESS_ALT
+ *
+ * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
+ * alternate core implementation of symmetric crypto or hash function. Keep in
+ * mind that function prototypes should remain the same.
+ *
+ * This replaces only one function. The header file from mbed TLS is still
+ * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags.
+ *
+ * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, mbed TLS will
+ * no longer provide the mbedtls_sha1_process() function, but it will still provide
+ * the other function (using your mbedtls_sha1_process() function) and the definition
+ * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
+ * with this definition.
+ *
+ * \note Because of a signature change, the core AES encryption and decryption routines are
+ *       currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt,
+ *       respectively. When setting up alternative implementations, these functions should
+ *       be overriden, but the wrapper functions mbedtls_aes_decrypt and mbedtls_aes_encrypt
+ *       must stay untouched.
+ *
+ * \note If you use the AES_xxx_ALT macros, then is is recommended to also set
+ *       MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
+ *       tables.
+ *
+ * Uncomment a macro to enable alternate implementation of the corresponding
+ * function.
+ *
+ * \warning   MD2, MD4, MD5, DES and SHA-1 are considered weak and their use
+ *            constitutes a security risk. If possible, we recommend avoiding
+ *            dependencies on them, and considering stronger message digests
+ *            and ciphers instead.
+ *
+ */
+//#define MBEDTLS_MD2_PROCESS_ALT
+//#define MBEDTLS_MD4_PROCESS_ALT
+//#define MBEDTLS_MD5_PROCESS_ALT
+//#define MBEDTLS_RIPEMD160_PROCESS_ALT
+//#define MBEDTLS_SHA1_PROCESS_ALT
+//#define MBEDTLS_SHA256_PROCESS_ALT
+//#define MBEDTLS_SHA512_PROCESS_ALT
+//#define MBEDTLS_DES_SETKEY_ALT
+//#define MBEDTLS_DES_CRYPT_ECB_ALT
+//#define MBEDTLS_DES3_CRYPT_ECB_ALT
+//#define MBEDTLS_AES_SETKEY_ENC_ALT
+//#define MBEDTLS_AES_SETKEY_DEC_ALT
+//#define MBEDTLS_AES_ENCRYPT_ALT
+//#define MBEDTLS_AES_DECRYPT_ALT
+//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT
+//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT
+//#define MBEDTLS_ECDSA_VERIFY_ALT
+//#define MBEDTLS_ECDSA_SIGN_ALT
+//#define MBEDTLS_ECDSA_GENKEY_ALT
+
+/**
+ * \def MBEDTLS_ECP_INTERNAL_ALT
+ *
+ * Expose a part of the internal interface of the Elliptic Curve Point module.
+ *
+ * MBEDTLS_ECP__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use your
+ * alternative core implementation of elliptic curve arithmetic. Keep in mind
+ * that function prototypes should remain the same.
+ *
+ * This partially replaces one function. The header file from mbed TLS is still
+ * used, in contrast to the MBEDTLS_ECP_ALT flag. The original implementation
+ * is still present and it is used for group structures not supported by the
+ * alternative.
+ *
+ * Any of these options become available by defining MBEDTLS_ECP_INTERNAL_ALT
+ * and implementing the following functions:
+ *      unsigned char mbedtls_internal_ecp_grp_capable(
+ *          const mbedtls_ecp_group *grp )
+ *      int  mbedtls_internal_ecp_init( const mbedtls_ecp_group *grp )
+ *      void mbedtls_internal_ecp_deinit( const mbedtls_ecp_group *grp )
+ * The mbedtls_internal_ecp_grp_capable function should return 1 if the
+ * replacement functions implement arithmetic for the given group and 0
+ * otherwise.
+ * The functions mbedtls_internal_ecp_init and mbedtls_internal_ecp_deinit are
+ * called before and after each point operation and provide an opportunity to
+ * implement optimized set up and tear down instructions.
+ *
+ * Example: In case you uncomment MBEDTLS_ECP_INTERNAL_ALT and
+ * MBEDTLS_ECP_DOUBLE_JAC_ALT, mbed TLS will still provide the ecp_double_jac
+ * function, but will use your mbedtls_internal_ecp_double_jac if the group is
+ * supported (your mbedtls_internal_ecp_grp_capable function returns 1 when
+ * receives it as an argument). If the group is not supported then the original
+ * implementation is used. The other functions and the definition of
+ * mbedtls_ecp_group and mbedtls_ecp_point will not change, so your
+ * implementation of mbedtls_internal_ecp_double_jac and
+ * mbedtls_internal_ecp_grp_capable must be compatible with this definition.
+ *
+ * Uncomment a macro to enable alternate implementation of the corresponding
+ * function.
+ */
+/* Required for all the functions in this section */
+//#define MBEDTLS_ECP_INTERNAL_ALT
+/* Support for Weierstrass curves with Jacobi representation */
+//#define MBEDTLS_ECP_RANDOMIZE_JAC_ALT
+//#define MBEDTLS_ECP_ADD_MIXED_ALT
+//#define MBEDTLS_ECP_DOUBLE_JAC_ALT
+//#define MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT
+//#define MBEDTLS_ECP_NORMALIZE_JAC_ALT
+/* Support for curves with Montgomery arithmetic */
+//#define MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT
+//#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT
+//#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT
+
+/**
+ * \def MBEDTLS_TEST_NULL_ENTROPY
+ *
+ * Enables testing and use of mbed TLS without any configured entropy sources.
+ * This permits use of the library on platforms before an entropy source has
+ * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the
+ * MBEDTLS_ENTROPY_NV_SEED switches).
+ *
+ * WARNING! This switch MUST be disabled in production builds, and is suitable
+ * only for development.
+ * Enabling the switch negates any security provided by the library.
+ *
+ * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+ *
+ */
+//#define MBEDTLS_TEST_NULL_ENTROPY
+
+/**
+ * \def MBEDTLS_ENTROPY_HARDWARE_ALT
+ *
+ * Uncomment this macro to let mbed TLS use your own implementation of a
+ * hardware entropy collector.
+ *
+ * Your function must be called \c mbedtls_hardware_poll(), have the same
+ * prototype as declared in entropy_poll.h, and accept NULL as first argument.
+ *
+ * Uncomment to use your own hardware entropy collector.
+ */
+//#define MBEDTLS_ENTROPY_HARDWARE_ALT
+
+/**
+ * \def MBEDTLS_AES_ROM_TABLES
+ *
+ * Use precomputed AES tables stored in ROM.
+ *
+ * Uncomment this macro to use precomputed AES tables stored in ROM.
+ * Comment this macro to generate AES tables in RAM at runtime.
+ *
+ * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb
+ * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the
+ * initialization time before the first AES operation can be performed.
+ * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c
+ * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded
+ * performance if ROM access is slower than RAM access.
+ *
+ * This option is independent of \c MBEDTLS_AES_FEWER_TABLES.
+ *
+ */
+//#define MBEDTLS_AES_ROM_TABLES
+
+/**
+ * \def MBEDTLS_AES_FEWER_TABLES
+ *
+ * Use less ROM/RAM for AES tables.
+ *
+ * Uncommenting this macro omits 75% of the AES tables from
+ * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES)
+ * by computing their values on the fly during operations
+ * (the tables are entry-wise rotations of one another).
+ *
+ * Tradeoff: Uncommenting this reduces the RAM / ROM footprint
+ * by ~6kb but at the cost of more arithmetic operations during
+ * runtime. Specifically, one has to compare 4 accesses within
+ * different tables to 4 accesses with additional arithmetic
+ * operations within the same table. The performance gain/loss
+ * depends on the system and memory details.
+ *
+ * This option is independent of \c MBEDTLS_AES_ROM_TABLES.
+ *
+ */
+//#define MBEDTLS_AES_FEWER_TABLES
+
+/**
+ * \def MBEDTLS_CAMELLIA_SMALL_MEMORY
+ *
+ * Use less ROM for the Camellia implementation (saves about 768 bytes).
+ *
+ * Uncomment this macro to use less memory for Camellia.
+ */
+//#define MBEDTLS_CAMELLIA_SMALL_MEMORY
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_CBC
+ *
+ * Enable Cipher Block Chaining mode (CBC) for symmetric ciphers.
+ */
+#define MBEDTLS_CIPHER_MODE_CBC
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_CFB
+ *
+ * Enable Cipher Feedback mode (CFB) for symmetric ciphers.
+ */
+#define MBEDTLS_CIPHER_MODE_CFB
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_CTR
+ *
+ * Enable Counter Block Cipher mode (CTR) for symmetric ciphers.
+ */
+#define MBEDTLS_CIPHER_MODE_CTR
+
+/**
+ * \def MBEDTLS_CIPHER_NULL_CIPHER
+ *
+ * Enable NULL cipher.
+ * Warning: Only do so when you know what you are doing. This allows for
+ * encryption or channels without any security!
+ *
+ * Requires MBEDTLS_ENABLE_WEAK_CIPHERSUITES as well to enable
+ * the following ciphersuites:
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA
+ *      MBEDTLS_TLS_RSA_WITH_NULL_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_NULL_SHA
+ *      MBEDTLS_TLS_RSA_WITH_NULL_MD5
+ *      MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA
+ *      MBEDTLS_TLS_PSK_WITH_NULL_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_NULL_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_NULL_SHA
+ *
+ * Uncomment this macro to enable the NULL cipher and ciphersuites
+ */
+//#define MBEDTLS_CIPHER_NULL_CIPHER
+
+/**
+ * \def MBEDTLS_CIPHER_PADDING_PKCS7
+ *
+ * MBEDTLS_CIPHER_PADDING_XXX: Uncomment or comment macros to add support for
+ * specific padding modes in the cipher layer with cipher modes that support
+ * padding (e.g. CBC)
+ *
+ * If you disable all padding modes, only full blocks can be used with CBC.
+ *
+ * Enable padding modes in the cipher layer.
+ */
+#define MBEDTLS_CIPHER_PADDING_PKCS7
+#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
+#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
+#define MBEDTLS_CIPHER_PADDING_ZEROS
+
+/**
+ * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES
+ *
+ * Enable weak ciphersuites in SSL / TLS.
+ * Warning: Only do so when you know what you are doing. This allows for
+ * channels with virtually no security at all!
+ *
+ * This enables the following ciphersuites:
+ *      MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA
+ *
+ * Uncomment this macro to enable weak ciphersuites
+ *
+ * \warning   DES is considered a weak cipher and its use constitutes a
+ *            security risk. We recommend considering stronger ciphers instead.
+ */
+//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
+
+/**
+ * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES
+ *
+ * Remove RC4 ciphersuites by default in SSL / TLS.
+ * This flag removes the ciphersuites based on RC4 from the default list as
+ * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to
+ * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them
+ * explicitly.
+ *
+ * Uncomment this macro to remove RC4 ciphersuites by default.
+ */
+#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
+
+/**
+ * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
+ *
+ * MBEDTLS_ECP_XXXX_ENABLED: Enables specific curves within the Elliptic Curve
+ * module.  By default all supported curves are enabled.
+ *
+ * Comment macros to disable the curve and functions for it
+ */
+#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
+#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
+#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
+#define MBEDTLS_ECP_DP_BP256R1_ENABLED
+#define MBEDTLS_ECP_DP_BP384R1_ENABLED
+#define MBEDTLS_ECP_DP_BP512R1_ENABLED
+#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
+#define MBEDTLS_ECP_DP_CURVE448_ENABLED
+
+/**
+ * \def MBEDTLS_ECP_NIST_OPTIM
+ *
+ * Enable specific 'modulo p' routines for each NIST prime.
+ * Depending on the prime and architecture, makes operations 4 to 8 times
+ * faster on the corresponding curve.
+ *
+ * Comment this macro to disable NIST curves optimisation.
+ */
+#define MBEDTLS_ECP_NIST_OPTIM
+
+/**
+ * \def MBEDTLS_ECDSA_DETERMINISTIC
+ *
+ * Enable deterministic ECDSA (RFC 6979).
+ * Standard ECDSA is "fragile" in the sense that lack of entropy when signing
+ * may result in a compromise of the long-term signing key. This is avoided by
+ * the deterministic variant.
+ *
+ * Requires: MBEDTLS_HMAC_DRBG_C
+ *
+ * Comment this macro to disable deterministic ECDSA.
+ */
+#define MBEDTLS_ECDSA_DETERMINISTIC
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+ *
+ * Enable the PSK based ciphersuite modes in SSL / TLS.
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
+ *
+ * Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_DHM_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
+ *
+ * \warning    Using DHE constitutes a security risk as it
+ *             is not possible to validate custom DH parameters.
+ *             If possible, it is recommended users should consider
+ *             preferring other methods of key exchange.
+ *             See dhm.h for more details.
+ *
+ */
+#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+ *
+ * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
+ *
+ * Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ *           MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+ *
+ * Enable the RSA-only based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ *           MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
+ */
+#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
+ *
+ * Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ *           MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
+ *
+ * \warning    Using DHE constitutes a security risk as it
+ *             is not possible to validate custom DH parameters.
+ *             If possible, it is recommended users should consider
+ *             preferring other methods of key exchange.
+ *             See dhm.h for more details.
+ *
+ */
+#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+ *
+ * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ *           MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+ *
+ * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C,
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+ *
+ * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+ *
+ * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
+ *
+ * Enable the ECJPAKE based ciphersuite modes in SSL / TLS.
+ *
+ * \warning This is currently experimental. EC J-PAKE support is based on the
+ * Thread v1.0.0 specification; incompatible changes to the specification
+ * might still happen. For this reason, this is disabled by default.
+ *
+ * Requires: MBEDTLS_ECJPAKE_C
+ *           MBEDTLS_SHA256_C
+ *           MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
+ */
+//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
+
+/**
+ * \def MBEDTLS_PK_PARSE_EC_EXTENDED
+ *
+ * Enhance support for reading EC keys using variants of SEC1 not allowed by
+ * RFC 5915 and RFC 5480.
+ *
+ * Currently this means parsing the SpecifiedECDomain choice of EC
+ * parameters (only known groups are supported, not arbitrary domains, to
+ * avoid validation issues).
+ *
+ * Disable if you only need to support RFC 5915 + 5480 key formats.
+ */
+#define MBEDTLS_PK_PARSE_EC_EXTENDED
+
+/**
+ * \def MBEDTLS_ERROR_STRERROR_DUMMY
+ *
+ * Enable a dummy error function to make use of mbedtls_strerror() in
+ * third party libraries easier when MBEDTLS_ERROR_C is disabled
+ * (no effect when MBEDTLS_ERROR_C is enabled).
+ *
+ * You can safely disable this if MBEDTLS_ERROR_C is enabled, or if you're
+ * not using mbedtls_strerror() or error_strerror() in your application.
+ *
+ * Disable if you run into name conflicts and want to really remove the
+ * mbedtls_strerror()
+ */
+#define MBEDTLS_ERROR_STRERROR_DUMMY
+
+/**
+ * \def MBEDTLS_GENPRIME
+ *
+ * Enable the prime-number generation code.
+ *
+ * Requires: MBEDTLS_BIGNUM_C
+ */
+#define MBEDTLS_GENPRIME
+
+/**
+ * \def MBEDTLS_FS_IO
+ *
+ * Enable functions that use the filesystem.
+ */
+#define MBEDTLS_FS_IO
+
+/**
+ * \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+ *
+ * Do not add default entropy sources. These are the platform specific,
+ * mbedtls_timing_hardclock and HAVEGE based poll functions.
+ *
+ * This is useful to have more control over the added entropy sources in an
+ * application.
+ *
+ * Uncomment this macro to prevent loading of default entropy functions.
+ */
+//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
+
+/**
+ * \def MBEDTLS_NO_PLATFORM_ENTROPY
+ *
+ * Do not use built-in platform entropy functions.
+ * This is useful if your platform does not support
+ * standards like the /dev/urandom or Windows CryptoAPI.
+ *
+ * Uncomment this macro to disable the built-in platform entropy functions.
+ */
+//#define MBEDTLS_NO_PLATFORM_ENTROPY
+
+/**
+ * \def MBEDTLS_ENTROPY_FORCE_SHA256
+ *
+ * Force the entropy accumulator to use a SHA-256 accumulator instead of the
+ * default SHA-512 based one (if both are available).
+ *
+ * Requires: MBEDTLS_SHA256_C
+ *
+ * On 32-bit systems SHA-256 can be much faster than SHA-512. Use this option
+ * if you have performance concerns.
+ *
+ * This option is only useful if both MBEDTLS_SHA256_C and
+ * MBEDTLS_SHA512_C are defined. Otherwise the available hash module is used.
+ */
+//#define MBEDTLS_ENTROPY_FORCE_SHA256
+
+/**
+ * \def MBEDTLS_ENTROPY_NV_SEED
+ *
+ * Enable the non-volatile (NV) seed file-based entropy source.
+ * (Also enables the NV seed read/write functions in the platform layer)
+ *
+ * This is crucial (if not required) on systems that do not have a
+ * cryptographic entropy source (in hardware or kernel) available.
+ *
+ * Requires: MBEDTLS_ENTROPY_C, MBEDTLS_PLATFORM_C
+ *
+ * \note The read/write functions that are used by the entropy source are
+ *       determined in the platform layer, and can be modified at runtime and/or
+ *       compile-time depending on the flags (MBEDTLS_PLATFORM_NV_SEED_*) used.
+ *
+ * \note If you use the default implementation functions that read a seedfile
+ *       with regular fopen(), please make sure you make a seedfile with the
+ *       proper name (defined in MBEDTLS_PLATFORM_STD_NV_SEED_FILE) and at
+ *       least MBEDTLS_ENTROPY_BLOCK_SIZE bytes in size that can be read from
+ *       and written to or you will get an entropy source error! The default
+ *       implementation will only use the first MBEDTLS_ENTROPY_BLOCK_SIZE
+ *       bytes from the file.
+ *
+ * \note The entropy collector will write to the seed file before entropy is
+ *       given to an external source, to update it.
+ */
+//#define MBEDTLS_ENTROPY_NV_SEED
+
+/**
+ * \def MBEDTLS_MEMORY_DEBUG
+ *
+ * Enable debugging of buffer allocator memory issues. Automatically prints
+ * (to stderr) all (fatal) messages on memory allocation issues. Enables
+ * function for 'debug output' of allocated memory.
+ *
+ * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
+ *
+ * Uncomment this macro to let the buffer allocator print out error messages.
+ */
+//#define MBEDTLS_MEMORY_DEBUG
+
+/**
+ * \def MBEDTLS_MEMORY_BACKTRACE
+ *
+ * Include backtrace information with each allocated block.
+ *
+ * Requires: MBEDTLS_MEMORY_BUFFER_ALLOC_C
+ *           GLIBC-compatible backtrace() an backtrace_symbols() support
+ *
+ * Uncomment this macro to include backtrace information
+ */
+//#define MBEDTLS_MEMORY_BACKTRACE
+
+/**
+ * \def MBEDTLS_PK_RSA_ALT_SUPPORT
+ *
+ * Support external private RSA keys (eg from a HSM) in the PK layer.
+ *
+ * Comment this macro to disable support for external private RSA keys.
+ */
+#define MBEDTLS_PK_RSA_ALT_SUPPORT
+
+/**
+ * \def MBEDTLS_PKCS1_V15
+ *
+ * Enable support for PKCS#1 v1.5 encoding.
+ *
+ * Requires: MBEDTLS_RSA_C
+ *
+ * This enables support for PKCS#1 v1.5 operations.
+ */
+#define MBEDTLS_PKCS1_V15
+
+/**
+ * \def MBEDTLS_PKCS1_V21
+ *
+ * Enable support for PKCS#1 v2.1 encoding.
+ *
+ * Requires: MBEDTLS_MD_C, MBEDTLS_RSA_C
+ *
+ * This enables support for RSAES-OAEP and RSASSA-PSS operations.
+ */
+#define MBEDTLS_PKCS1_V21
+
+/**
+ * \def MBEDTLS_RSA_NO_CRT
+ *
+ * Do not use the Chinese Remainder Theorem
+ * for the RSA private operation.
+ *
+ * Uncomment this macro to disable the use of CRT in RSA.
+ *
+ */
+//#define MBEDTLS_RSA_NO_CRT
+
+/**
+ * \def MBEDTLS_SELF_TEST
+ *
+ * Enable the checkup functions (*_self_test).
+ */
+#define MBEDTLS_SELF_TEST
+
+/**
+ * \def MBEDTLS_SHA256_SMALLER
+ *
+ * Enable an implementation of SHA-256 that has lower ROM footprint but also
+ * lower performance.
+ *
+ * The default implementation is meant to be a reasonnable compromise between
+ * performance and size. This version optimizes more aggressively for size at
+ * the expense of performance. Eg on Cortex-M4 it reduces the size of
+ * mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about
+ * 30%.
+ *
+ * Uncomment to enable the smaller implementation of SHA256.
+ */
+//#define MBEDTLS_SHA256_SMALLER
+
+/**
+ * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
+ *
+ * Enable sending of alert messages in case of encountered errors as per RFC.
+ * If you choose not to send the alert messages, mbed TLS can still communicate
+ * with other servers, only debugging of failures is harder.
+ *
+ * The advantage of not sending alert messages, is that no information is given
+ * about reasons for failures thus preventing adversaries of gaining intel.
+ *
+ * Enable sending of all alert messages
+ */
+#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
+
+/**
+ * \def MBEDTLS_SSL_DEBUG_ALL
+ *
+ * Enable the debug messages in SSL module for all issues.
+ * Debug messages have been disabled in some places to prevent timing
+ * attacks due to (unbalanced) debugging function calls.
+ *
+ * If you need all error reporting you should enable this during debugging,
+ * but remove this for production servers that should log as well.
+ *
+ * Uncomment this macro to report all debug messages on errors introducing
+ * a timing side-channel.
+ *
+ */
+//#define MBEDTLS_SSL_DEBUG_ALL
+
+/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
+ *
+ * Enable support for Encrypt-then-MAC, RFC 7366.
+ *
+ * This allows peers that both support it to use a more robust protection for
+ * ciphersuites using CBC, providing deep resistance against timing attacks
+ * on the padding or underlying cipher.
+ *
+ * This only affects CBC ciphersuites, and is useless if none is defined.
+ *
+ * Requires: MBEDTLS_SSL_PROTO_TLS1    or
+ *           MBEDTLS_SSL_PROTO_TLS1_1  or
+ *           MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for Encrypt-then-MAC
+ */
+#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
+
+/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET
+ *
+ * Enable support for Extended Master Secret, aka Session Hash
+ * (draft-ietf-tls-session-hash-02).
+ *
+ * This was introduced as "the proper fix" to the Triple Handshake familiy of
+ * attacks, but it is recommended to always use it (even if you disable
+ * renegotiation), since it actually fixes a more fundamental issue in the
+ * original SSL/TLS design, and has implications beyond Triple Handshake.
+ *
+ * Requires: MBEDTLS_SSL_PROTO_TLS1    or
+ *           MBEDTLS_SSL_PROTO_TLS1_1  or
+ *           MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for Extended Master Secret.
+ */
+#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
+
+/**
+ * \def MBEDTLS_SSL_FALLBACK_SCSV
+ *
+ * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00).
+ *
+ * For servers, it is recommended to always enable this, unless you support
+ * only one version of TLS, or know for sure that none of your clients
+ * implements a fallback strategy.
+ *
+ * For clients, you only need this if you're using a fallback strategy, which
+ * is not recommended in the first place, unless you absolutely need it to
+ * interoperate with buggy (version-intolerant) servers.
+ *
+ * Comment this macro to disable support for FALLBACK_SCSV
+ */
+#define MBEDTLS_SSL_FALLBACK_SCSV
+
+/**
+ * \def MBEDTLS_SSL_HW_RECORD_ACCEL
+ *
+ * Enable hooking functions in SSL module for hardware acceleration of
+ * individual records.
+ *
+ * Uncomment this macro to enable hooking functions.
+ */
+//#define MBEDTLS_SSL_HW_RECORD_ACCEL
+
+/**
+ * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING
+ *
+ * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0.
+ *
+ * This is a countermeasure to the BEAST attack, which also minimizes the risk
+ * of interoperability issues compared to sending 0-length records.
+ *
+ * Comment this macro to disable 1/n-1 record splitting.
+ */
+#define MBEDTLS_SSL_CBC_RECORD_SPLITTING
+
+/**
+ * \def MBEDTLS_SSL_RENEGOTIATION
+ *
+ * Disable support for TLS renegotiation.
+ *
+ * The two main uses of renegotiation are (1) refresh keys on long-lived
+ * connections and (2) client authentication after the initial handshake.
+ * If you don't need renegotiation, it's probably better to disable it, since
+ * it has been associated with security issues in the past and is easy to
+ * misuse/misunderstand.
+ *
+ * Comment this to disable support for renegotiation.
+ *
+ * \note   Even if this option is disabled, both client and server are aware
+ *         of the Renegotiation Indication Extension (RFC 5746) used to
+ *         prevent the SSL renegotiation attack (see RFC 5746 Sect. 1).
+ *         (See \c mbedtls_ssl_conf_legacy_renegotiation for the
+ *          configuration of this extension).
+ *
+ */
+#define MBEDTLS_SSL_RENEGOTIATION
+
+/**
+ * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
+ *
+ * Enable support for receiving and parsing SSLv2 Client Hello messages for the
+ * SSL Server module (MBEDTLS_SSL_SRV_C).
+ *
+ * Uncomment this macro to enable support for SSLv2 Client Hello messages.
+ */
+//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
+
+/**
+ * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
+ *
+ * Pick the ciphersuite according to the client's preferences rather than ours
+ * in the SSL Server module (MBEDTLS_SSL_SRV_C).
+ *
+ * Uncomment this macro to respect client's ciphersuite order
+ */
+//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
+
+/**
+ * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+ *
+ * Enable support for RFC 6066 max_fragment_length extension in SSL.
+ *
+ * Comment this macro to disable support for the max_fragment_length extension
+ */
+#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+
+/**
+ * \def MBEDTLS_SSL_PROTO_SSL3
+ *
+ * Enable support for SSL 3.0.
+ *
+ * Requires: MBEDTLS_MD5_C
+ *           MBEDTLS_SHA1_C
+ *
+ * Comment this macro to disable support for SSL 3.0
+ */
+//#define MBEDTLS_SSL_PROTO_SSL3
+
+/**
+ * \def MBEDTLS_SSL_PROTO_TLS1
+ *
+ * Enable support for TLS 1.0.
+ *
+ * Requires: MBEDTLS_MD5_C
+ *           MBEDTLS_SHA1_C
+ *
+ * Comment this macro to disable support for TLS 1.0
+ */
+#define MBEDTLS_SSL_PROTO_TLS1
+
+/**
+ * \def MBEDTLS_SSL_PROTO_TLS1_1
+ *
+ * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled).
+ *
+ * Requires: MBEDTLS_MD5_C
+ *           MBEDTLS_SHA1_C
+ *
+ * Comment this macro to disable support for TLS 1.1 / DTLS 1.0
+ */
+#define MBEDTLS_SSL_PROTO_TLS1_1
+
+/**
+ * \def MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
+ *
+ * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C
+ *           (Depends on ciphersuites)
+ *
+ * Comment this macro to disable support for TLS 1.2 / DTLS 1.2
+ */
+#define MBEDTLS_SSL_PROTO_TLS1_2
+
+/**
+ * \def MBEDTLS_SSL_PROTO_DTLS
+ *
+ * Enable support for DTLS (all available versions).
+ *
+ * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0,
+ * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
+ *
+ * Requires: MBEDTLS_SSL_PROTO_TLS1_1
+ *        or MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for DTLS
+ */
+#define MBEDTLS_SSL_PROTO_DTLS
+
+/**
+ * \def MBEDTLS_SSL_ALPN
+ *
+ * Enable support for RFC 7301 Application Layer Protocol Negotiation.
+ *
+ * Comment this macro to disable support for ALPN.
+ */
+#define MBEDTLS_SSL_ALPN
+
+/**
+ * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY
+ *
+ * Enable support for the anti-replay mechanism in DTLS.
+ *
+ * Requires: MBEDTLS_SSL_TLS_C
+ *           MBEDTLS_SSL_PROTO_DTLS
+ *
+ * \warning Disabling this is often a security risk!
+ * See mbedtls_ssl_conf_dtls_anti_replay() for details.
+ *
+ * Comment this to disable anti-replay in DTLS.
+ */
+#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
+
+/**
+ * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY
+ *
+ * Enable support for HelloVerifyRequest on DTLS servers.
+ *
+ * This feature is highly recommended to prevent DTLS servers being used as
+ * amplifiers in DoS attacks against other hosts. It should always be enabled
+ * unless you know for sure amplification cannot be a problem in the
+ * environment in which your server operates.
+ *
+ * \warning Disabling this can ba a security risk! (see above)
+ *
+ * Requires: MBEDTLS_SSL_PROTO_DTLS
+ *
+ * Comment this to disable support for HelloVerifyRequest.
+ */
+#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
+
+/**
+ * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
+ *
+ * Enable server-side support for clients that reconnect from the same port.
+ *
+ * Some clients unexpectedly close the connection and try to reconnect using the
+ * same source port. This needs special support from the server to handle the
+ * new connection securely, as described in section 4.2.8 of RFC 6347. This
+ * flag enables that support.
+ *
+ * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
+ *
+ * Comment this to disable support for clients reusing the source port.
+ */
+#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
+
+/**
+ * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT
+ *
+ * Enable support for a limit of records with bad MAC.
+ *
+ * See mbedtls_ssl_conf_dtls_badmac_limit().
+ *
+ * Requires: MBEDTLS_SSL_PROTO_DTLS
+ */
+#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
+
+/**
+ * \def MBEDTLS_SSL_SESSION_TICKETS
+ *
+ * Enable support for RFC 5077 session tickets in SSL.
+ * Client-side, provides full support for session tickets (maintainance of a
+ * session store remains the responsibility of the application, though).
+ * Server-side, you also need to provide callbacks for writing and parsing
+ * tickets, including authenticated encryption and key management. Example
+ * callbacks are provided by MBEDTLS_SSL_TICKET_C.
+ *
+ * Comment this macro to disable support for SSL session tickets
+ */
+#define MBEDTLS_SSL_SESSION_TICKETS
+
+/**
+ * \def MBEDTLS_SSL_EXPORT_KEYS
+ *
+ * Enable support for exporting key block and master secret.
+ * This is required for certain users of TLS, e.g. EAP-TLS.
+ *
+ * Comment this macro to disable support for key export
+ */
+#define MBEDTLS_SSL_EXPORT_KEYS
+
+/**
+ * \def MBEDTLS_SSL_SERVER_NAME_INDICATION
+ *
+ * Enable support for RFC 6066 server name indication (SNI) in SSL.
+ *
+ * Requires: MBEDTLS_X509_CRT_PARSE_C
+ *
+ * Comment this macro to disable support for server name indication in SSL
+ */
+#define MBEDTLS_SSL_SERVER_NAME_INDICATION
+
+/**
+ * \def MBEDTLS_SSL_TRUNCATED_HMAC
+ *
+ * Enable support for RFC 6066 truncated HMAC in SSL.
+ *
+ * Comment this macro to disable support for truncated HMAC in SSL
+ */
+#define MBEDTLS_SSL_TRUNCATED_HMAC
+
+/**
+ * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
+ *
+ * Fallback to old (pre-2.7), non-conforming implementation of the truncated
+ * HMAC extension which also truncates the HMAC key. Note that this option is
+ * only meant for a transitory upgrade period and is likely to be removed in
+ * a future version of the library.
+ *
+ * \warning The old implementation is non-compliant and has a security weakness
+ *          (2^80 brute force attack on the HMAC key used for a single,
+ *          uninterrupted connection). This should only be enabled temporarily
+ *          when (1) the use of truncated HMAC is essential in order to save
+ *          bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use
+ *          the fixed implementation yet (pre-2.7).
+ *
+ * \deprecated This option is deprecated and will likely be removed in a
+ *             future version of Mbed TLS.
+ *
+ * Uncomment to fallback to old, non-compliant truncated HMAC implementation.
+ *
+ * Requires: MBEDTLS_SSL_TRUNCATED_HMAC
+ */
+//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
+
+/**
+ * \def MBEDTLS_THREADING_ALT
+ *
+ * Provide your own alternate threading implementation.
+ *
+ * Requires: MBEDTLS_THREADING_C
+ *
+ * Uncomment this to allow your own alternate threading implementation.
+ */
+//#define MBEDTLS_THREADING_ALT
+
+/**
+ * \def MBEDTLS_THREADING_PTHREAD
+ *
+ * Enable the pthread wrapper layer for the threading layer.
+ *
+ * Requires: MBEDTLS_THREADING_C
+ *
+ * Uncomment this to enable pthread mutexes.
+ */
+//#define MBEDTLS_THREADING_PTHREAD
+
+/**
+ * \def MBEDTLS_VERSION_FEATURES
+ *
+ * Allow run-time checking of compile-time enabled features. Thus allowing users
+ * to check at run-time if the library is for instance compiled with threading
+ * support via mbedtls_version_check_feature().
+ *
+ * Requires: MBEDTLS_VERSION_C
+ *
+ * Comment this to disable run-time checking and save ROM space
+ */
+#define MBEDTLS_VERSION_FEATURES
+
+/**
+ * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
+ *
+ * If set, the X509 parser will not break-off when parsing an X509 certificate
+ * and encountering an extension in a v1 or v2 certificate.
+ *
+ * Uncomment to prevent an error.
+ */
+//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
+
+/**
+ * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
+ *
+ * If set, the X509 parser will not break-off when parsing an X509 certificate
+ * and encountering an unknown critical extension.
+ *
+ * \warning Depending on your PKI use, enabling this can be a security risk!
+ *
+ * Uncomment to prevent an error.
+ */
+//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
+
+/**
+ * \def MBEDTLS_X509_CHECK_KEY_USAGE
+ *
+ * Enable verification of the keyUsage extension (CA and leaf certificates).
+ *
+ * Disabling this avoids problems with mis-issued and/or misused
+ * (intermediate) CA and leaf certificates.
+ *
+ * \warning Depending on your PKI use, disabling this can be a security risk!
+ *
+ * Comment to skip keyUsage checking for both CA and leaf certificates.
+ */
+#define MBEDTLS_X509_CHECK_KEY_USAGE
+
+/**
+ * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
+ *
+ * Enable verification of the extendedKeyUsage extension (leaf certificates).
+ *
+ * Disabling this avoids problems with mis-issued and/or misused certificates.
+ *
+ * \warning Depending on your PKI use, disabling this can be a security risk!
+ *
+ * Comment to skip extendedKeyUsage checking for certificates.
+ */
+#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
+
+/**
+ * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
+ *
+ * Enable parsing and verification of X.509 certificates, CRLs and CSRS
+ * signed with RSASSA-PSS (aka PKCS#1 v2.1).
+ *
+ * Comment this macro to disallow using RSASSA-PSS in certificates.
+ */
+#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
+
+/**
+ * \def MBEDTLS_ZLIB_SUPPORT
+ *
+ * If set, the SSL/TLS module uses ZLIB to support compression and
+ * decompression of packet data.
+ *
+ * \warning TLS-level compression MAY REDUCE SECURITY! See for example the
+ * CRIME attack. Before enabling this option, you should examine with care if
+ * CRIME or similar exploits may be a applicable to your use case.
+ *
+ * \note Currently compression can't be used with DTLS.
+ *
+ * \deprecated This feature is deprecated and will be removed
+ *             in the next major revision of the library.
+ *
+ * Used in: library/ssl_tls.c
+ *          library/ssl_cli.c
+ *          library/ssl_srv.c
+ *
+ * This feature requires zlib library and headers to be present.
+ *
+ * Uncomment to enable use of ZLIB
+ */
+//#define MBEDTLS_ZLIB_SUPPORT
+/* \} name SECTION: mbed TLS feature support */
+
+/**
+ * \name SECTION: mbed TLS modules
+ *
+ * This section enables or disables entire modules in mbed TLS
+ * \{
+ */
+
+/**
+ * \def MBEDTLS_AESNI_C
+ *
+ * Enable AES-NI support on x86-64.
+ *
+ * Module:  library/aesni.c
+ * Caller:  library/aes.c
+ *
+ * Requires: MBEDTLS_HAVE_ASM
+ *
+ * This modules adds support for the AES-NI instructions on x86-64
+ */
+#define MBEDTLS_AESNI_C
+
+/**
+ * \def MBEDTLS_AES_C
+ *
+ * Enable the AES block cipher.
+ *
+ * Module:  library/aes.c
+ * Caller:  library/ssl_tls.c
+ *          library/pem.c
+ *          library/ctr_drbg.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
+ *
+ * PEM_PARSE uses AES for decrypting encrypted keys.
+ */
+#define MBEDTLS_AES_C
+
+/**
+ * \def MBEDTLS_ARC4_C
+ *
+ * Enable the ARCFOUR stream cipher.
+ *
+ * Module:  library/arc4.c
+ * Caller:  library/ssl_tls.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
+ *      MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
+ *
+ * \warning   ARC4 is considered a weak cipher and its use constitutes a
+ *            security risk. If possible, we recommend avoidng dependencies on
+ *            it, and considering stronger ciphers instead.
+ *
+ */
+#define MBEDTLS_ARC4_C
+
+/**
+ * \def MBEDTLS_ASN1_PARSE_C
+ *
+ * Enable the generic ASN1 parser.
+ *
+ * Module:  library/asn1.c
+ * Caller:  library/x509.c
+ *          library/dhm.c
+ *          library/pkcs12.c
+ *          library/pkcs5.c
+ *          library/pkparse.c
+ */
+#define MBEDTLS_ASN1_PARSE_C
+
+/**
+ * \def MBEDTLS_ASN1_WRITE_C
+ *
+ * Enable the generic ASN1 writer.
+ *
+ * Module:  library/asn1write.c
+ * Caller:  library/ecdsa.c
+ *          library/pkwrite.c
+ *          library/x509_create.c
+ *          library/x509write_crt.c
+ *          library/x509write_csr.c
+ */
+#define MBEDTLS_ASN1_WRITE_C
+
+/**
+ * \def MBEDTLS_BASE64_C
+ *
+ * Enable the Base64 module.
+ *
+ * Module:  library/base64.c
+ * Caller:  library/pem.c
+ *
+ * This module is required for PEM support (required by X.509).
+ */
+#define MBEDTLS_BASE64_C
+
+/**
+ * \def MBEDTLS_BIGNUM_C
+ *
+ * Enable the multi-precision integer library.
+ *
+ * Module:  library/bignum.c
+ * Caller:  library/dhm.c
+ *          library/ecp.c
+ *          library/ecdsa.c
+ *          library/rsa.c
+ *          library/rsa_internal.c
+ *          library/ssl_tls.c
+ *
+ * This module is required for RSA, DHM and ECC (ECDH, ECDSA) support.
+ */
+#define MBEDTLS_BIGNUM_C
+
+/**
+ * \def MBEDTLS_BLOWFISH_C
+ *
+ * Enable the Blowfish block cipher.
+ *
+ * Module:  library/blowfish.c
+ */
+#define MBEDTLS_BLOWFISH_C
+
+/**
+ * \def MBEDTLS_CAMELLIA_C
+ *
+ * Enable the Camellia block cipher.
+ *
+ * Module:  library/camellia.c
+ * Caller:  library/ssl_tls.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ */
+#define MBEDTLS_CAMELLIA_C
+
+/**
+ * \def MBEDTLS_CCM_C
+ *
+ * Enable the Counter with CBC-MAC (CCM) mode for 128-bit block cipher.
+ *
+ * Module:  library/ccm.c
+ *
+ * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
+ *
+ * This module enables the AES-CCM ciphersuites, if other requisites are
+ * enabled as well.
+ */
+#define MBEDTLS_CCM_C
+
+/**
+ * \def MBEDTLS_CERTS_C
+ *
+ * Enable the test certificates.
+ *
+ * Module:  library/certs.c
+ * Caller:
+ *
+ * This module is used for testing (ssl_client/server).
+ */
+#define MBEDTLS_CERTS_C
+
+/**
+ * \def MBEDTLS_CIPHER_C
+ *
+ * Enable the generic cipher layer.
+ *
+ * Module:  library/cipher.c
+ * Caller:  library/ssl_tls.c
+ *
+ * Uncomment to enable generic cipher wrappers.
+ */
+#define MBEDTLS_CIPHER_C
+
+/**
+ * \def MBEDTLS_CMAC_C
+ *
+ * Enable the CMAC (Cipher-based Message Authentication Code) mode for block
+ * ciphers.
+ *
+ * Module:  library/cmac.c
+ *
+ * Requires: MBEDTLS_AES_C or MBEDTLS_DES_C
+ *
+ */
+//#define MBEDTLS_CMAC_C
+
+/**
+ * \def MBEDTLS_CTR_DRBG_C
+ *
+ * Enable the CTR_DRBG AES-256-based random generator.
+ *
+ * Module:  library/ctr_drbg.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_AES_C
+ *
+ * This module provides the CTR_DRBG AES-256 random number generator.
+ */
+#define MBEDTLS_CTR_DRBG_C
+
+/**
+ * \def MBEDTLS_DEBUG_C
+ *
+ * Enable the debug functions.
+ *
+ * Module:  library/debug.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *          library/ssl_tls.c
+ *
+ * This module provides debugging functions.
+ */
+#define MBEDTLS_DEBUG_C
+
+/**
+ * \def MBEDTLS_DES_C
+ *
+ * Enable the DES block cipher.
+ *
+ * Module:  library/des.c
+ * Caller:  library/pem.c
+ *          library/ssl_tls.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
+ *
+ * PEM_PARSE uses DES/3DES for decrypting encrypted keys.
+ *
+ * \warning   DES is considered a weak cipher and its use constitutes a
+ *            security risk. We recommend considering stronger ciphers instead.
+ */
+#define MBEDTLS_DES_C
+
+/**
+ * \def MBEDTLS_DHM_C
+ *
+ * Enable the Diffie-Hellman-Merkle module.
+ *
+ * Module:  library/dhm.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *
+ * This module is used by the following key exchanges:
+ *      DHE-RSA, DHE-PSK
+ *
+ * \warning    Using DHE constitutes a security risk as it
+ *             is not possible to validate custom DH parameters.
+ *             If possible, it is recommended users should consider
+ *             preferring other methods of key exchange.
+ *             See dhm.h for more details.
+ *
+ */
+#define MBEDTLS_DHM_C
+
+/**
+ * \def MBEDTLS_ECDH_C
+ *
+ * Enable the elliptic curve Diffie-Hellman library.
+ *
+ * Module:  library/ecdh.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *
+ * This module is used by the following key exchanges:
+ *      ECDHE-ECDSA, ECDHE-RSA, DHE-PSK
+ *
+ * Requires: MBEDTLS_ECP_C
+ */
+#define MBEDTLS_ECDH_C
+
+/**
+ * \def MBEDTLS_ECDSA_C
+ *
+ * Enable the elliptic curve DSA library.
+ *
+ * Module:  library/ecdsa.c
+ * Caller:
+ *
+ * This module is used by the following key exchanges:
+ *      ECDHE-ECDSA
+ *
+ * Requires: MBEDTLS_ECP_C, MBEDTLS_ASN1_WRITE_C, MBEDTLS_ASN1_PARSE_C
+ */
+#define MBEDTLS_ECDSA_C
+
+/**
+ * \def MBEDTLS_ECJPAKE_C
+ *
+ * Enable the elliptic curve J-PAKE library.
+ *
+ * \warning This is currently experimental. EC J-PAKE support is based on the
+ * Thread v1.0.0 specification; incompatible changes to the specification
+ * might still happen. For this reason, this is disabled by default.
+ *
+ * Module:  library/ecjpake.c
+ * Caller:
+ *
+ * This module is used by the following key exchanges:
+ *      ECJPAKE
+ *
+ * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C
+ */
+//#define MBEDTLS_ECJPAKE_C
+
+/**
+ * \def MBEDTLS_ECP_C
+ *
+ * Enable the elliptic curve over GF(p) library.
+ *
+ * Module:  library/ecp.c
+ * Caller:  library/ecdh.c
+ *          library/ecdsa.c
+ *          library/ecjpake.c
+ *
+ * Requires: MBEDTLS_BIGNUM_C and at least one MBEDTLS_ECP_DP_XXX_ENABLED
+ */
+#define MBEDTLS_ECP_C
+
+/**
+ * \def MBEDTLS_ENTROPY_C
+ *
+ * Enable the platform-specific entropy code.
+ *
+ * Module:  library/entropy.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SHA512_C or MBEDTLS_SHA256_C
+ *
+ * This module provides a generic entropy pool
+ */
+#define MBEDTLS_ENTROPY_C
+
+/**
+ * \def MBEDTLS_ERROR_C
+ *
+ * Enable error code to error string conversion.
+ *
+ * Module:  library/error.c
+ * Caller:
+ *
+ * This module enables mbedtls_strerror().
+ */
+#define MBEDTLS_ERROR_C
+
+/**
+ * \def MBEDTLS_GCM_C
+ *
+ * Enable the Galois/Counter Mode (GCM) for AES.
+ *
+ * Module:  library/gcm.c
+ *
+ * Requires: MBEDTLS_AES_C or MBEDTLS_CAMELLIA_C
+ *
+ * This module enables the AES-GCM and CAMELLIA-GCM ciphersuites, if other
+ * requisites are enabled as well.
+ */
+#define MBEDTLS_GCM_C
+
+/**
+ * \def MBEDTLS_HAVEGE_C
+ *
+ * Enable the HAVEGE random generator.
+ *
+ * Warning: the HAVEGE random generator is not suitable for virtualized
+ *          environments
+ *
+ * Warning: the HAVEGE random generator is dependent on timing and specific
+ *          processor traits. It is therefore not advised to use HAVEGE as
+ *          your applications primary random generator or primary entropy pool
+ *          input. As a secondary input to your entropy pool, it IS able add
+ *          the (limited) extra entropy it provides.
+ *
+ * Module:  library/havege.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_TIMING_C
+ *
+ * Uncomment to enable the HAVEGE random generator.
+ */
+//#define MBEDTLS_HAVEGE_C
+
+/**
+ * \def MBEDTLS_HMAC_DRBG_C
+ *
+ * Enable the HMAC_DRBG random generator.
+ *
+ * Module:  library/hmac_drbg.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_MD_C
+ *
+ * Uncomment to enable the HMAC_DRBG random number geerator.
+ */
+#define MBEDTLS_HMAC_DRBG_C
+
+/**
+ * \def MBEDTLS_MD_C
+ *
+ * Enable the generic message digest layer.
+ *
+ * Module:  library/md.c
+ * Caller:
+ *
+ * Uncomment to enable generic message digest wrappers.
+ */
+#define MBEDTLS_MD_C
+
+/**
+ * \def MBEDTLS_MD2_C
+ *
+ * Enable the MD2 hash algorithm.
+ *
+ * Module:  library/md2.c
+ * Caller:
+ *
+ * Uncomment to enable support for (rare) MD2-signed X.509 certs.
+ *
+ * \warning   MD2 is considered a weak message digest and its use constitutes a
+ *            security risk. If possible, we recommend avoiding dependencies on
+ *            it, and considering stronger message digests instead.
+ *
+ */
+//#define MBEDTLS_MD2_C
+
+/**
+ * \def MBEDTLS_MD4_C
+ *
+ * Enable the MD4 hash algorithm.
+ *
+ * Module:  library/md4.c
+ * Caller:
+ *
+ * Uncomment to enable support for (rare) MD4-signed X.509 certs.
+ *
+ * \warning   MD4 is considered a weak message digest and its use constitutes a
+ *            security risk. If possible, we recommend avoiding dependencies on
+ *            it, and considering stronger message digests instead.
+ *
+ */
+//#define MBEDTLS_MD4_C
+
+/**
+ * \def MBEDTLS_MD5_C
+ *
+ * Enable the MD5 hash algorithm.
+ *
+ * Module:  library/md5.c
+ * Caller:  library/md.c
+ *          library/pem.c
+ *          library/ssl_tls.c
+ *
+ * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2
+ * depending on the handshake parameters. Further, it is used for checking
+ * MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded
+ * encrypted keys.
+ *
+ * \warning   MD5 is considered a weak message digest and its use constitutes a
+ *            security risk. If possible, we recommend avoiding dependencies on
+ *            it, and considering stronger message digests instead.
+ *
+ */
+#define MBEDTLS_MD5_C
+
+/**
+ * \def MBEDTLS_MEMORY_BUFFER_ALLOC_C
+ *
+ * Enable the buffer allocator implementation that makes use of a (stack)
+ * based buffer to 'allocate' dynamic memory. (replaces calloc() and free()
+ * calls)
+ *
+ * Module:  library/memory_buffer_alloc.c
+ *
+ * Requires: MBEDTLS_PLATFORM_C
+ *           MBEDTLS_PLATFORM_MEMORY (to use it within mbed TLS)
+ *
+ * Enable this module to enable the buffer memory allocator.
+ */
+//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
+
+/**
+ * \def MBEDTLS_NET_C
+ *
+ * Enable the TCP and UDP over IPv6/IPv4 networking routines.
+ *
+ * \note This module only works on POSIX/Unix (including Linux, BSD and OS X)
+ * and Windows. For other platforms, you'll want to disable it, and write your
+ * own networking callbacks to be passed to \c mbedtls_ssl_set_bio().
+ *
+ * \note See also our Knowledge Base article about porting to a new
+ * environment:
+ * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
+ *
+ * Module:  library/net_sockets.c
+ *
+ * This module provides networking routines.
+ */
+#define MBEDTLS_NET_C
+
+/**
+ * \def MBEDTLS_OID_C
+ *
+ * Enable the OID database.
+ *
+ * Module:  library/oid.c
+ * Caller:  library/asn1write.c
+ *          library/pkcs5.c
+ *          library/pkparse.c
+ *          library/pkwrite.c
+ *          library/rsa.c
+ *          library/x509.c
+ *          library/x509_create.c
+ *          library/x509_crl.c
+ *          library/x509_crt.c
+ *          library/x509_csr.c
+ *          library/x509write_crt.c
+ *          library/x509write_csr.c
+ *
+ * This modules translates between OIDs and internal values.
+ */
+#define MBEDTLS_OID_C
+
+/**
+ * \def MBEDTLS_PADLOCK_C
+ *
+ * Enable VIA Padlock support on x86.
+ *
+ * Module:  library/padlock.c
+ * Caller:  library/aes.c
+ *
+ * Requires: MBEDTLS_HAVE_ASM
+ *
+ * This modules adds support for the VIA PadLock on x86.
+ */
+#define MBEDTLS_PADLOCK_C
+
+/**
+ * \def MBEDTLS_PEM_PARSE_C
+ *
+ * Enable PEM decoding / parsing.
+ *
+ * Module:  library/pem.c
+ * Caller:  library/dhm.c
+ *          library/pkparse.c
+ *          library/x509_crl.c
+ *          library/x509_crt.c
+ *          library/x509_csr.c
+ *
+ * Requires: MBEDTLS_BASE64_C
+ *
+ * This modules adds support for decoding / parsing PEM files.
+ */
+#define MBEDTLS_PEM_PARSE_C
+
+/**
+ * \def MBEDTLS_PEM_WRITE_C
+ *
+ * Enable PEM encoding / writing.
+ *
+ * Module:  library/pem.c
+ * Caller:  library/pkwrite.c
+ *          library/x509write_crt.c
+ *          library/x509write_csr.c
+ *
+ * Requires: MBEDTLS_BASE64_C
+ *
+ * This modules adds support for encoding / writing PEM files.
+ */
+#define MBEDTLS_PEM_WRITE_C
+
+/**
+ * \def MBEDTLS_PK_C
+ *
+ * Enable the generic public (asymetric) key layer.
+ *
+ * Module:  library/pk.c
+ * Caller:  library/ssl_tls.c
+ *          library/ssl_cli.c
+ *          library/ssl_srv.c
+ *
+ * Requires: MBEDTLS_RSA_C or MBEDTLS_ECP_C
+ *
+ * Uncomment to enable generic public key wrappers.
+ */
+#define MBEDTLS_PK_C
+
+/**
+ * \def MBEDTLS_PK_PARSE_C
+ *
+ * Enable the generic public (asymetric) key parser.
+ *
+ * Module:  library/pkparse.c
+ * Caller:  library/x509_crt.c
+ *          library/x509_csr.c
+ *
+ * Requires: MBEDTLS_PK_C
+ *
+ * Uncomment to enable generic public key parse functions.
+ */
+#define MBEDTLS_PK_PARSE_C
+
+/**
+ * \def MBEDTLS_PK_WRITE_C
+ *
+ * Enable the generic public (asymetric) key writer.
+ *
+ * Module:  library/pkwrite.c
+ * Caller:  library/x509write.c
+ *
+ * Requires: MBEDTLS_PK_C
+ *
+ * Uncomment to enable generic public key write functions.
+ */
+#define MBEDTLS_PK_WRITE_C
+
+/**
+ * \def MBEDTLS_PKCS5_C
+ *
+ * Enable PKCS#5 functions.
+ *
+ * Module:  library/pkcs5.c
+ *
+ * Requires: MBEDTLS_MD_C
+ *
+ * This module adds support for the PKCS#5 functions.
+ */
+#define MBEDTLS_PKCS5_C
+
+/**
+ * \def MBEDTLS_PKCS11_C
+ *
+ * Enable wrapper for PKCS#11 smartcard support.
+ *
+ * Module:  library/pkcs11.c
+ * Caller:  library/pk.c
+ *
+ * Requires: MBEDTLS_PK_C
+ *
+ * This module enables SSL/TLS PKCS #11 smartcard support.
+ * Requires the presence of the PKCS#11 helper library (libpkcs11-helper)
+ */
+//#define MBEDTLS_PKCS11_C
+
+/**
+ * \def MBEDTLS_PKCS12_C
+ *
+ * Enable PKCS#12 PBE functions.
+ * Adds algorithms for parsing PKCS#8 encrypted private keys
+ *
+ * Module:  library/pkcs12.c
+ * Caller:  library/pkparse.c
+ *
+ * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C
+ * Can use:  MBEDTLS_ARC4_C
+ *
+ * This module enables PKCS#12 functions.
+ */
+#define MBEDTLS_PKCS12_C
+
+/**
+ * \def MBEDTLS_PLATFORM_C
+ *
+ * Enable the platform abstraction layer that allows you to re-assign
+ * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit().
+ *
+ * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT
+ * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned
+ * above to be specified at runtime or compile time respectively.
+ *
+ * \note This abstraction layer must be enabled on Windows (including MSYS2)
+ * as other module rely on it for a fixed snprintf implementation.
+ *
+ * Module:  library/platform.c
+ * Caller:  Most other .c files
+ *
+ * This module enables abstraction of common (libc) functions.
+ */
+#define MBEDTLS_PLATFORM_C
+
+/**
+ * \def MBEDTLS_PSA_CRYPTO_C
+ *
+ * Enable the Platform Security Architecture cryptography API.
+ *
+ * Module:  library/psa_crypto.c
+ *
+ * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C
+ *
+ */
+#define MBEDTLS_PSA_CRYPTO_C
+
+/**
+ * \def MBEDTLS_RIPEMD160_C
+ *
+ * Enable the RIPEMD-160 hash algorithm.
+ *
+ * Module:  library/ripemd160.c
+ * Caller:  library/md.c
+ *
+ */
+#define MBEDTLS_RIPEMD160_C
+
+/**
+ * \def MBEDTLS_RSA_C
+ *
+ * Enable the RSA public-key cryptosystem.
+ *
+ * Module:  library/rsa.c
+ *          library/rsa_internal.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *          library/ssl_tls.c
+ *          library/x509.c
+ *
+ * This module is used by the following key exchanges:
+ *      RSA, DHE-RSA, ECDHE-RSA, RSA-PSK
+ *
+ * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C
+ */
+#define MBEDTLS_RSA_C
+
+/**
+ * \def MBEDTLS_SHA1_C
+ *
+ * Enable the SHA1 cryptographic hash algorithm.
+ *
+ * Module:  library/sha1.c
+ * Caller:  library/md.c
+ *          library/ssl_cli.c
+ *          library/ssl_srv.c
+ *          library/ssl_tls.c
+ *          library/x509write_crt.c
+ *
+ * This module is required for SSL/TLS up to version 1.1, for TLS 1.2
+ * depending on the handshake parameters, and for SHA1-signed certificates.
+ *
+ * \warning   SHA-1 is considered a weak message digest and its use constitutes
+ *            a security risk. If possible, we recommend avoiding dependencies
+ *            on it, and considering stronger message digests instead.
+ *
+ */
+#define MBEDTLS_SHA1_C
+
+/**
+ * \def MBEDTLS_SHA256_C
+ *
+ * Enable the SHA-224 and SHA-256 cryptographic hash algorithms.
+ *
+ * Module:  library/sha256.c
+ * Caller:  library/entropy.c
+ *          library/md.c
+ *          library/ssl_cli.c
+ *          library/ssl_srv.c
+ *          library/ssl_tls.c
+ *
+ * This module adds support for SHA-224 and SHA-256.
+ * This module is required for the SSL/TLS 1.2 PRF function.
+ */
+#define MBEDTLS_SHA256_C
+
+/**
+ * \def MBEDTLS_SHA512_C
+ *
+ * Enable the SHA-384 and SHA-512 cryptographic hash algorithms.
+ *
+ * Module:  library/sha512.c
+ * Caller:  library/entropy.c
+ *          library/md.c
+ *          library/ssl_cli.c
+ *          library/ssl_srv.c
+ *
+ * This module adds support for SHA-384 and SHA-512.
+ */
+#define MBEDTLS_SHA512_C
+
+/**
+ * \def MBEDTLS_SSL_CACHE_C
+ *
+ * Enable simple SSL cache implementation.
+ *
+ * Module:  library/ssl_cache.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SSL_CACHE_C
+ */
+#define MBEDTLS_SSL_CACHE_C
+
+/**
+ * \def MBEDTLS_SSL_COOKIE_C
+ *
+ * Enable basic implementation of DTLS cookies for hello verification.
+ *
+ * Module:  library/ssl_cookie.c
+ * Caller:
+ */
+#define MBEDTLS_SSL_COOKIE_C
+
+/**
+ * \def MBEDTLS_SSL_TICKET_C
+ *
+ * Enable an implementation of TLS server-side callbacks for session tickets.
+ *
+ * Module:  library/ssl_ticket.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_CIPHER_C
+ */
+#define MBEDTLS_SSL_TICKET_C
+
+/**
+ * \def MBEDTLS_SSL_CLI_C
+ *
+ * Enable the SSL/TLS client code.
+ *
+ * Module:  library/ssl_cli.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SSL_TLS_C
+ *
+ * This module is required for SSL/TLS client support.
+ */
+#define MBEDTLS_SSL_CLI_C
+
+/**
+ * \def MBEDTLS_SSL_SRV_C
+ *
+ * Enable the SSL/TLS server code.
+ *
+ * Module:  library/ssl_srv.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SSL_TLS_C
+ *
+ * This module is required for SSL/TLS server support.
+ */
+#define MBEDTLS_SSL_SRV_C
+
+/**
+ * \def MBEDTLS_SSL_TLS_C
+ *
+ * Enable the generic SSL/TLS code.
+ *
+ * Module:  library/ssl_tls.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *
+ * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C
+ *           and at least one of the MBEDTLS_SSL_PROTO_XXX defines
+ *
+ * This module is required for SSL/TLS.
+ */
+#define MBEDTLS_SSL_TLS_C
+
+/**
+ * \def MBEDTLS_THREADING_C
+ *
+ * Enable the threading abstraction layer.
+ * By default mbed TLS assumes it is used in a non-threaded environment or that
+ * contexts are not shared between threads. If you do intend to use contexts
+ * between threads, you will need to enable this layer to prevent race
+ * conditions. See also our Knowledge Base article about threading:
+ * https://tls.mbed.org/kb/development/thread-safety-and-multi-threading
+ *
+ * Module:  library/threading.c
+ *
+ * This allows different threading implementations (self-implemented or
+ * provided).
+ *
+ * You will have to enable either MBEDTLS_THREADING_ALT or
+ * MBEDTLS_THREADING_PTHREAD.
+ *
+ * Enable this layer to allow use of mutexes within mbed TLS
+ */
+//#define MBEDTLS_THREADING_C
+
+/**
+ * \def MBEDTLS_TIMING_C
+ *
+ * Enable the semi-portable timing interface.
+ *
+ * \note The provided implementation only works on POSIX/Unix (including Linux,
+ * BSD and OS X) and Windows. On other platforms, you can either disable that
+ * module and provide your own implementations of the callbacks needed by
+ * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide
+ * your own implementation of the whole module by setting
+ * \c MBEDTLS_TIMING_ALT in the current file.
+ *
+ * \note See also our Knowledge Base article about porting to a new
+ * environment:
+ * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
+ *
+ * Module:  library/timing.c
+ * Caller:  library/havege.c
+ *
+ * This module is used by the HAVEGE random number generator.
+ */
+#define MBEDTLS_TIMING_C
+
+/**
+ * \def MBEDTLS_VERSION_C
+ *
+ * Enable run-time version information.
+ *
+ * Module:  library/version.c
+ *
+ * This module provides run-time version information.
+ */
+#define MBEDTLS_VERSION_C
+
+/**
+ * \def MBEDTLS_X509_USE_C
+ *
+ * Enable X.509 core for using certificates.
+ *
+ * Module:  library/x509.c
+ * Caller:  library/x509_crl.c
+ *          library/x509_crt.c
+ *          library/x509_csr.c
+ *
+ * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C,
+ *           MBEDTLS_PK_PARSE_C
+ *
+ * This module is required for the X.509 parsing modules.
+ */
+#define MBEDTLS_X509_USE_C
+
+/**
+ * \def MBEDTLS_X509_CRT_PARSE_C
+ *
+ * Enable X.509 certificate parsing.
+ *
+ * Module:  library/x509_crt.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *          library/ssl_tls.c
+ *
+ * Requires: MBEDTLS_X509_USE_C
+ *
+ * This module is required for X.509 certificate parsing.
+ */
+#define MBEDTLS_X509_CRT_PARSE_C
+
+/**
+ * \def MBEDTLS_X509_CRL_PARSE_C
+ *
+ * Enable X.509 CRL parsing.
+ *
+ * Module:  library/x509_crl.c
+ * Caller:  library/x509_crt.c
+ *
+ * Requires: MBEDTLS_X509_USE_C
+ *
+ * This module is required for X.509 CRL parsing.
+ */
+#define MBEDTLS_X509_CRL_PARSE_C
+
+/**
+ * \def MBEDTLS_X509_CSR_PARSE_C
+ *
+ * Enable X.509 Certificate Signing Request (CSR) parsing.
+ *
+ * Module:  library/x509_csr.c
+ * Caller:  library/x509_crt_write.c
+ *
+ * Requires: MBEDTLS_X509_USE_C
+ *
+ * This module is used for reading X.509 certificate request.
+ */
+#define MBEDTLS_X509_CSR_PARSE_C
+
+/**
+ * \def MBEDTLS_X509_CREATE_C
+ *
+ * Enable X.509 core for creating certificates.
+ *
+ * Module:  library/x509_create.c
+ *
+ * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C
+ *
+ * This module is the basis for creating X.509 certificates and CSRs.
+ */
+#define MBEDTLS_X509_CREATE_C
+
+/**
+ * \def MBEDTLS_X509_CRT_WRITE_C
+ *
+ * Enable creating X.509 certificates.
+ *
+ * Module:  library/x509_crt_write.c
+ *
+ * Requires: MBEDTLS_X509_CREATE_C
+ *
+ * This module is required for X.509 certificate creation.
+ */
+#define MBEDTLS_X509_CRT_WRITE_C
+
+/**
+ * \def MBEDTLS_X509_CSR_WRITE_C
+ *
+ * Enable creating X.509 Certificate Signing Requests (CSR).
+ *
+ * Module:  library/x509_csr_write.c
+ *
+ * Requires: MBEDTLS_X509_CREATE_C
+ *
+ * This module is required for X.509 certificate request writing.
+ */
+#define MBEDTLS_X509_CSR_WRITE_C
+
+/**
+ * \def MBEDTLS_XTEA_C
+ *
+ * Enable the XTEA block cipher.
+ *
+ * Module:  library/xtea.c
+ * Caller:
+ */
+#define MBEDTLS_XTEA_C
+
+/* \} name SECTION: mbed TLS modules */
+
+/**
+ * \name SECTION: Module configuration options
+ *
+ * This section allows for the setting of module specific sizes and
+ * configuration options. The default values are already present in the
+ * relevant header files and should suffice for the regular use cases.
+ *
+ * Our advice is to enable options and change their values here
+ * only if you have a good reason and know the consequences.
+ *
+ * Please check the respective header file for documentation on these
+ * parameters (to prevent duplicate documentation).
+ * \{
+ */
+
+/* MPI / BIGNUM options */
+//#define MBEDTLS_MPI_WINDOW_SIZE            6 /**< Maximum windows size used. */
+//#define MBEDTLS_MPI_MAX_SIZE            1024 /**< Maximum number of bytes for usable MPIs. */
+
+/* CTR_DRBG options */
+//#define MBEDTLS_CTR_DRBG_ENTROPY_LEN               48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
+//#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL        10000 /**< Interval before reseed is performed by default */
+//#define MBEDTLS_CTR_DRBG_MAX_INPUT                256 /**< Maximum number of additional input bytes */
+//#define MBEDTLS_CTR_DRBG_MAX_REQUEST             1024 /**< Maximum number of requested bytes per call */
+//#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT           384 /**< Maximum size of (re)seed buffer */
+
+/* HMAC_DRBG options */
+//#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL   10000 /**< Interval before reseed is performed by default */
+//#define MBEDTLS_HMAC_DRBG_MAX_INPUT           256 /**< Maximum number of additional input bytes */
+//#define MBEDTLS_HMAC_DRBG_MAX_REQUEST        1024 /**< Maximum number of requested bytes per call */
+//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT      384 /**< Maximum size of (re)seed buffer */
+
+/* ECP options */
+//#define MBEDTLS_ECP_MAX_BITS             521 /**< Maximum bit size of groups */
+//#define MBEDTLS_ECP_WINDOW_SIZE            6 /**< Maximum window size used */
+//#define MBEDTLS_ECP_FIXED_POINT_OPTIM      1 /**< Enable fixed-point speed-up */
+
+/* Entropy options */
+//#define MBEDTLS_ENTROPY_MAX_SOURCES                20 /**< Maximum number of sources supported */
+//#define MBEDTLS_ENTROPY_MAX_GATHER                128 /**< Maximum amount requested from entropy sources */
+//#define MBEDTLS_ENTROPY_MIN_HARDWARE               32 /**< Default minimum number of bytes required for the hardware entropy source mbedtls_hardware_poll() before entropy is released */
+
+/* Memory buffer allocator options */
+//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE      4 /**< Align on multiples of this value */
+
+/* Platform options */
+//#define MBEDTLS_PLATFORM_STD_MEM_HDR   <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
+//#define MBEDTLS_PLATFORM_STD_CALLOC        calloc /**< Default allocator to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_FREE            free /**< Default free to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_EXIT            exit /**< Default exit to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_TIME            time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
+//#define MBEDTLS_PLATFORM_STD_FPRINTF      fprintf /**< Default fprintf to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_PRINTF        printf /**< Default printf to use, can be undefined */
+/* Note: your snprintf must correclty zero-terminate the buffer! */
+//#define MBEDTLS_PLATFORM_STD_SNPRINTF    snprintf /**< Default snprintf to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_EXIT_SUCCESS       0 /**< Default exit value to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_EXIT_FAILURE       1 /**< Default exit value to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_NV_SEED_READ   mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE  mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE  "seedfile" /**< Seed file to read/write with default implementation */
+
+/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
+/* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
+//#define MBEDTLS_PLATFORM_CALLOC_MACRO        calloc /**< Default allocator macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_FREE_MACRO            free /**< Default free macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_EXIT_MACRO            exit /**< Default exit macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_TIME_MACRO            time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
+//#define MBEDTLS_PLATFORM_TIME_TYPE_MACRO       time_t /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
+//#define MBEDTLS_PLATFORM_FPRINTF_MACRO      fprintf /**< Default fprintf macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_PRINTF_MACRO        printf /**< Default printf macro to use, can be undefined */
+/* Note: your snprintf must correclty zero-terminate the buffer! */
+//#define MBEDTLS_PLATFORM_SNPRINTF_MACRO    snprintf /**< Default snprintf macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO   mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
+//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO  mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
+
+/* SSL Cache options */
+//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT       86400 /**< 1 day  */
+//#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES      50 /**< Maximum entries in cache */
+
+/* SSL options */
+//#define MBEDTLS_SSL_MAX_CONTENT_LEN             16384 /**< Maxium fragment length in bytes, determines the size of each of the two internal I/O buffers */
+//#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME     86400 /**< Lifetime of session tickets (if enabled) */
+//#define MBEDTLS_PSK_MAX_LEN               32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
+//#define MBEDTLS_SSL_COOKIE_TIMEOUT        60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
+
+/**
+ * Complete list of ciphersuites to use, in order of preference.
+ *
+ * \warning No dependency checking is done on that field! This option can only
+ * be used to restrict the set of available ciphersuites. It is your
+ * responsibility to make sure the needed modules are active.
+ *
+ * Use this to save a few hundred bytes of ROM (default ordering of all
+ * available ciphersuites) and a few to a few hundred bytes of RAM.
+ *
+ * The value below is only an example, not the default.
+ */
+//#define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+
+/* X509 options */
+//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA   8   /**< Maximum number of intermediate CAs in a verification chain. */
+//#define MBEDTLS_X509_MAX_FILE_PATH_LEN     512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
+
+/**
+ * Allow SHA-1 in the default TLS configuration for certificate signing.
+ * Without this build-time option, SHA-1 support must be activated explicitly
+ * through mbedtls_ssl_conf_cert_profile. Turning on this option is not
+ * recommended because of it is possible to generate SHA-1 collisions, however
+ * this may be safe for legacy infrastructure where additional controls apply.
+ *
+ * \warning   SHA-1 is considered a weak message digest and its use constitutes
+ *            a security risk. If possible, we recommend avoiding dependencies
+ *            on it, and considering stronger message digests instead.
+ *
+ */
+// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
+
+/**
+ * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake
+ * signature and ciphersuite selection. Without this build-time option, SHA-1
+ * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes.
+ * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by
+ * default. At the time of writing, there is no practical attack on the use
+ * of SHA-1 in handshake signatures, hence this option is turned on by default
+ * to preserve compatibility with existing peers, but the general
+ * warning applies nonetheless:
+ *
+ * \warning   SHA-1 is considered a weak message digest and its use constitutes
+ *            a security risk. If possible, we recommend avoiding dependencies
+ *            on it, and considering stronger message digests instead.
+ *
+ */
+#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
+
+/**
+ * Uncomment the macro to let mbed TLS use your alternate implementation of
+ * mbedtls_platform_zeroize(). This replaces the default implementation in
+ * platform_util.c.
+ *
+ * mbedtls_platform_zeroize() is a widely used function across the library to
+ * zero a block of memory. The implementation is expected to be secure in the
+ * sense that it has been written to prevent the compiler from removing calls
+ * to mbedtls_platform_zeroize() as part of redundant code elimination
+ * optimizations. However, it is difficult to guarantee that calls to
+ * mbedtls_platform_zeroize() will not be optimized by the compiler as older
+ * versions of the C language standards do not provide a secure implementation
+ * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to
+ * configure their own implementation of mbedtls_platform_zeroize(), for
+ * example by using directives specific to their compiler, features from newer
+ * C standards (e.g using memset_s() in C11) or calling a secure memset() from
+ * their system (e.g explicit_bzero() in BSD).
+ */
+//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
+
+/* \} name SECTION: Customisation configuration options */
+
+/* Target and application specific configurations */
+//#define YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE "mbedtls/target_config.h"
+
+#if defined(TARGET_LIKE_MBED) && defined(YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE)
+#include YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE
+#endif
+
+/*
+ * Allow user to override any previous default.
+ *
+ * Use two macro names for that, as:
+ * - with yotta the prefix YOTTA_CFG_ is forced
+ * - without yotta is looks weird to have a YOTTA prefix.
+ */
+#if defined(YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE)
+#include YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE
+#elif defined(MBEDTLS_USER_CONFIG_FILE)
+#include MBEDTLS_USER_CONFIG_FILE
+#endif
+
+#include "check_config.h"
+
+#endif /* MBEDTLS_CONFIG_H */
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index dc112a91d..9f063be72 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1,11 +1,9 @@
 /**
- * \file config.h
+ * \file config-psa-crypto.h
  *
- * \brief Configuration options (set of defines)
+ * \brief Configuration with all cryptography features and no X.509 or TLS.
  *
- *  This set of compile-time options may be used to enable
- *  or disable features selectively, and reduce the global
- *  memory footprint.
+ * This configuration is intended to prototype the PSA reference implementation.
  */
 /*
  *  Copyright (C) 2006-2018, ARM Limited, All Rights Reserved
@@ -119,33 +117,6 @@
  */
 //#define MBEDTLS_HAVE_SSE2
 
-/**
- * \def MBEDTLS_HAVE_TIME
- *
- * System has time.h and time().
- * The time does not need to be correct, only time differences are used,
- * by contrast with MBEDTLS_HAVE_TIME_DATE
- *
- * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT,
- * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and
- * MBEDTLS_PLATFORM_STD_TIME.
- *
- * Comment if your system does not support time functions
- */
-#define MBEDTLS_HAVE_TIME
-
-/**
- * \def MBEDTLS_HAVE_TIME_DATE
- *
- * System has time.h and time(), gmtime() and the clock is correct.
- * The time needs to be correct (not necesarily very accurate, but at least
- * the date should be correct). This is used to verify the validity period of
- * X.509 certificates.
- *
- * Comment if your system does not have a correct clock.
- */
-#define MBEDTLS_HAVE_TIME_DATE
-
 /**
  * \def MBEDTLS_PLATFORM_MEMORY
  *
@@ -257,19 +228,6 @@
  * \{
  */
 
-/**
- * \def MBEDTLS_TIMING_ALT
- *
- * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(),
- * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
- *
- * Only works if you have MBEDTLS_TIMING_C enabled.
- *
- * You will need to provide a header "timing_alt.h" and an implementation at
- * compile time.
- */
-//#define MBEDTLS_TIMING_ALT
-
 /**
  * \def MBEDTLS_AES_ALT
  *
@@ -604,37 +562,6 @@
 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 #define MBEDTLS_CIPHER_PADDING_ZEROS
 
-/**
- * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES
- *
- * Enable weak ciphersuites in SSL / TLS.
- * Warning: Only do so when you know what you are doing. This allows for
- * channels with virtually no security at all!
- *
- * This enables the following ciphersuites:
- *      MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA
- *      MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA
- *
- * Uncomment this macro to enable weak ciphersuites
- *
- * \warning   DES is considered a weak cipher and its use constitutes a
- *            security risk. We recommend considering stronger ciphers instead.
- */
-//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
-
-/**
- * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES
- *
- * Remove RC4 ciphersuites by default in SSL / TLS.
- * This flag removes the ciphersuites based on RC4 from the default list as
- * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to
- * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them
- * explicitly.
- *
- * Uncomment this macro to remove RC4 ciphersuites by default.
- */
-#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
-
 /**
  * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
  *
@@ -682,281 +609,6 @@
  */
 #define MBEDTLS_ECDSA_DETERMINISTIC
 
-/**
- * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
- *
- * Enable the PSK based ciphersuite modes in SSL / TLS.
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
- */
-#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
- *
- * Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_DHM_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
- *
- * \warning    Using DHE constitutes a security risk as it
- *             is not possible to validate custom DH parameters.
- *             If possible, it is recommended users should consider
- *             preferring other methods of key exchange.
- *             See dhm.h for more details.
- *
- */
-#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
- *
- * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_ECDH_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
- */
-#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
- *
- * Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
- *           MBEDTLS_X509_CRT_PARSE_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
- */
-#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
- *
- * Enable the RSA-only based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
- *           MBEDTLS_X509_CRT_PARSE_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
- *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
- *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
- *      MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
- *      MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
- *      MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
- */
-#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
- *
- * Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
- *           MBEDTLS_X509_CRT_PARSE_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
- *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
- *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
- *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
- *      MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
- *
- * \warning    Using DHE constitutes a security risk as it
- *             is not possible to validate custom DH parameters.
- *             If possible, it is recommended users should consider
- *             preferring other methods of key exchange.
- *             See dhm.h for more details.
- *
- */
-#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
- *
- * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
- *           MBEDTLS_X509_CRT_PARSE_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
- */
-#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
- *
- * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C,
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
- */
-#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
- *
- * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
- */
-#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
- *
- * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
- *
- * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
- *      MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
- *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
- *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
- *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
- *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
- *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
- *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
- *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
- */
-#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
-
-/**
- * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
- *
- * Enable the ECJPAKE based ciphersuite modes in SSL / TLS.
- *
- * \warning This is currently experimental. EC J-PAKE support is based on the
- * Thread v1.0.0 specification; incompatible changes to the specification
- * might still happen. For this reason, this is disabled by default.
- *
- * Requires: MBEDTLS_ECJPAKE_C
- *           MBEDTLS_SHA256_C
- *           MBEDTLS_ECP_DP_SECP256R1_ENABLED
- *
- * This enables the following ciphersuites (if other requisites are
- * enabled as well):
- *      MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
- */
-//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
-
 /**
  * \def MBEDTLS_PK_PARSE_EC_EXTENDED
  *
@@ -1129,8 +781,7 @@
 /**
  * \def MBEDTLS_RSA_NO_CRT
  *
- * Do not use the Chinese Remainder Theorem
- * for the RSA private operation.
+ * Do not use the Chinese Remainder Theorem for the RSA private operation.
  *
  * Uncomment this macro to disable the use of CRT in RSA.
  *
@@ -1160,20 +811,6 @@
  */
 //#define MBEDTLS_SHA256_SMALLER
 
-/**
- * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
- *
- * Enable sending of alert messages in case of encountered errors as per RFC.
- * If you choose not to send the alert messages, mbed TLS can still communicate
- * with other servers, only debugging of failures is harder.
- *
- * The advantage of not sending alert messages, is that no information is given
- * about reasons for failures thus preventing adversaries of gaining intel.
- *
- * Enable sending of all alert messages
- */
-#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
-
 /**
  * \def MBEDTLS_SSL_ASYNC_PRIVATE
  *
@@ -1185,348 +822,6 @@
  */
 //#define MBEDTLS_SSL_ASYNC_PRIVATE
 
-/**
- * \def MBEDTLS_SSL_DEBUG_ALL
- *
- * Enable the debug messages in SSL module for all issues.
- * Debug messages have been disabled in some places to prevent timing
- * attacks due to (unbalanced) debugging function calls.
- *
- * If you need all error reporting you should enable this during debugging,
- * but remove this for production servers that should log as well.
- *
- * Uncomment this macro to report all debug messages on errors introducing
- * a timing side-channel.
- *
- */
-//#define MBEDTLS_SSL_DEBUG_ALL
-
-/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
- *
- * Enable support for Encrypt-then-MAC, RFC 7366.
- *
- * This allows peers that both support it to use a more robust protection for
- * ciphersuites using CBC, providing deep resistance against timing attacks
- * on the padding or underlying cipher.
- *
- * This only affects CBC ciphersuites, and is useless if none is defined.
- *
- * Requires: MBEDTLS_SSL_PROTO_TLS1    or
- *           MBEDTLS_SSL_PROTO_TLS1_1  or
- *           MBEDTLS_SSL_PROTO_TLS1_2
- *
- * Comment this macro to disable support for Encrypt-then-MAC
- */
-#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
-
-/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET
- *
- * Enable support for Extended Master Secret, aka Session Hash
- * (draft-ietf-tls-session-hash-02).
- *
- * This was introduced as "the proper fix" to the Triple Handshake familiy of
- * attacks, but it is recommended to always use it (even if you disable
- * renegotiation), since it actually fixes a more fundamental issue in the
- * original SSL/TLS design, and has implications beyond Triple Handshake.
- *
- * Requires: MBEDTLS_SSL_PROTO_TLS1    or
- *           MBEDTLS_SSL_PROTO_TLS1_1  or
- *           MBEDTLS_SSL_PROTO_TLS1_2
- *
- * Comment this macro to disable support for Extended Master Secret.
- */
-#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
-
-/**
- * \def MBEDTLS_SSL_FALLBACK_SCSV
- *
- * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00).
- *
- * For servers, it is recommended to always enable this, unless you support
- * only one version of TLS, or know for sure that none of your clients
- * implements a fallback strategy.
- *
- * For clients, you only need this if you're using a fallback strategy, which
- * is not recommended in the first place, unless you absolutely need it to
- * interoperate with buggy (version-intolerant) servers.
- *
- * Comment this macro to disable support for FALLBACK_SCSV
- */
-#define MBEDTLS_SSL_FALLBACK_SCSV
-
-/**
- * \def MBEDTLS_SSL_HW_RECORD_ACCEL
- *
- * Enable hooking functions in SSL module for hardware acceleration of
- * individual records.
- *
- * Uncomment this macro to enable hooking functions.
- */
-//#define MBEDTLS_SSL_HW_RECORD_ACCEL
-
-/**
- * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING
- *
- * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0.
- *
- * This is a countermeasure to the BEAST attack, which also minimizes the risk
- * of interoperability issues compared to sending 0-length records.
- *
- * Comment this macro to disable 1/n-1 record splitting.
- */
-#define MBEDTLS_SSL_CBC_RECORD_SPLITTING
-
-/**
- * \def MBEDTLS_SSL_RENEGOTIATION
- *
- * Disable support for TLS renegotiation.
- *
- * The two main uses of renegotiation are (1) refresh keys on long-lived
- * connections and (2) client authentication after the initial handshake.
- * If you don't need renegotiation, it's probably better to disable it, since
- * it has been associated with security issues in the past and is easy to
- * misuse/misunderstand.
- *
- * Comment this to disable support for renegotiation.
- *
- * \note   Even if this option is disabled, both client and server are aware
- *         of the Renegotiation Indication Extension (RFC 5746) used to
- *         prevent the SSL renegotiation attack (see RFC 5746 Sect. 1).
- *         (See \c mbedtls_ssl_conf_legacy_renegotiation for the
- *          configuration of this extension).
- *
- */
-#define MBEDTLS_SSL_RENEGOTIATION
-
-/**
- * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
- *
- * Enable support for receiving and parsing SSLv2 Client Hello messages for the
- * SSL Server module (MBEDTLS_SSL_SRV_C).
- *
- * Uncomment this macro to enable support for SSLv2 Client Hello messages.
- */
-//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
-
-/**
- * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
- *
- * Pick the ciphersuite according to the client's preferences rather than ours
- * in the SSL Server module (MBEDTLS_SSL_SRV_C).
- *
- * Uncomment this macro to respect client's ciphersuite order
- */
-//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
-
-/**
- * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
- *
- * Enable support for RFC 6066 max_fragment_length extension in SSL.
- *
- * Comment this macro to disable support for the max_fragment_length extension
- */
-#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
-
-/**
- * \def MBEDTLS_SSL_PROTO_SSL3
- *
- * Enable support for SSL 3.0.
- *
- * Requires: MBEDTLS_MD5_C
- *           MBEDTLS_SHA1_C
- *
- * Comment this macro to disable support for SSL 3.0
- */
-//#define MBEDTLS_SSL_PROTO_SSL3
-
-/**
- * \def MBEDTLS_SSL_PROTO_TLS1
- *
- * Enable support for TLS 1.0.
- *
- * Requires: MBEDTLS_MD5_C
- *           MBEDTLS_SHA1_C
- *
- * Comment this macro to disable support for TLS 1.0
- */
-#define MBEDTLS_SSL_PROTO_TLS1
-
-/**
- * \def MBEDTLS_SSL_PROTO_TLS1_1
- *
- * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled).
- *
- * Requires: MBEDTLS_MD5_C
- *           MBEDTLS_SHA1_C
- *
- * Comment this macro to disable support for TLS 1.1 / DTLS 1.0
- */
-#define MBEDTLS_SSL_PROTO_TLS1_1
-
-/**
- * \def MBEDTLS_SSL_PROTO_TLS1_2
- *
- * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
- *
- * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C
- *           (Depends on ciphersuites)
- *
- * Comment this macro to disable support for TLS 1.2 / DTLS 1.2
- */
-#define MBEDTLS_SSL_PROTO_TLS1_2
-
-/**
- * \def MBEDTLS_SSL_PROTO_DTLS
- *
- * Enable support for DTLS (all available versions).
- *
- * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0,
- * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
- *
- * Requires: MBEDTLS_SSL_PROTO_TLS1_1
- *        or MBEDTLS_SSL_PROTO_TLS1_2
- *
- * Comment this macro to disable support for DTLS
- */
-#define MBEDTLS_SSL_PROTO_DTLS
-
-/**
- * \def MBEDTLS_SSL_ALPN
- *
- * Enable support for RFC 7301 Application Layer Protocol Negotiation.
- *
- * Comment this macro to disable support for ALPN.
- */
-#define MBEDTLS_SSL_ALPN
-
-/**
- * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY
- *
- * Enable support for the anti-replay mechanism in DTLS.
- *
- * Requires: MBEDTLS_SSL_TLS_C
- *           MBEDTLS_SSL_PROTO_DTLS
- *
- * \warning Disabling this is often a security risk!
- * See mbedtls_ssl_conf_dtls_anti_replay() for details.
- *
- * Comment this to disable anti-replay in DTLS.
- */
-#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
-
-/**
- * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY
- *
- * Enable support for HelloVerifyRequest on DTLS servers.
- *
- * This feature is highly recommended to prevent DTLS servers being used as
- * amplifiers in DoS attacks against other hosts. It should always be enabled
- * unless you know for sure amplification cannot be a problem in the
- * environment in which your server operates.
- *
- * \warning Disabling this can ba a security risk! (see above)
- *
- * Requires: MBEDTLS_SSL_PROTO_DTLS
- *
- * Comment this to disable support for HelloVerifyRequest.
- */
-#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
-
-/**
- * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
- *
- * Enable server-side support for clients that reconnect from the same port.
- *
- * Some clients unexpectedly close the connection and try to reconnect using the
- * same source port. This needs special support from the server to handle the
- * new connection securely, as described in section 4.2.8 of RFC 6347. This
- * flag enables that support.
- *
- * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
- *
- * Comment this to disable support for clients reusing the source port.
- */
-#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
-
-/**
- * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT
- *
- * Enable support for a limit of records with bad MAC.
- *
- * See mbedtls_ssl_conf_dtls_badmac_limit().
- *
- * Requires: MBEDTLS_SSL_PROTO_DTLS
- */
-#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
-
-/**
- * \def MBEDTLS_SSL_SESSION_TICKETS
- *
- * Enable support for RFC 5077 session tickets in SSL.
- * Client-side, provides full support for session tickets (maintainance of a
- * session store remains the responsibility of the application, though).
- * Server-side, you also need to provide callbacks for writing and parsing
- * tickets, including authenticated encryption and key management. Example
- * callbacks are provided by MBEDTLS_SSL_TICKET_C.
- *
- * Comment this macro to disable support for SSL session tickets
- */
-#define MBEDTLS_SSL_SESSION_TICKETS
-
-/**
- * \def MBEDTLS_SSL_EXPORT_KEYS
- *
- * Enable support for exporting key block and master secret.
- * This is required for certain users of TLS, e.g. EAP-TLS.
- *
- * Comment this macro to disable support for key export
- */
-#define MBEDTLS_SSL_EXPORT_KEYS
-
-/**
- * \def MBEDTLS_SSL_SERVER_NAME_INDICATION
- *
- * Enable support for RFC 6066 server name indication (SNI) in SSL.
- *
- * Requires: MBEDTLS_X509_CRT_PARSE_C
- *
- * Comment this macro to disable support for server name indication in SSL
- */
-#define MBEDTLS_SSL_SERVER_NAME_INDICATION
-
-/**
- * \def MBEDTLS_SSL_TRUNCATED_HMAC
- *
- * Enable support for RFC 6066 truncated HMAC in SSL.
- *
- * Comment this macro to disable support for truncated HMAC in SSL
- */
-#define MBEDTLS_SSL_TRUNCATED_HMAC
-
-/**
- * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
- *
- * Fallback to old (pre-2.7), non-conforming implementation of the truncated
- * HMAC extension which also truncates the HMAC key. Note that this option is
- * only meant for a transitory upgrade period and is likely to be removed in
- * a future version of the library.
- *
- * \warning The old implementation is non-compliant and has a security weakness
- *          (2^80 brute force attack on the HMAC key used for a single,
- *          uninterrupted connection). This should only be enabled temporarily
- *          when (1) the use of truncated HMAC is essential in order to save
- *          bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use
- *          the fixed implementation yet (pre-2.7).
- *
- * \deprecated This option is deprecated and will likely be removed in a
- *             future version of Mbed TLS.
- *
- * Uncomment to fallback to old, non-compliant truncated HMAC implementation.
- *
- * Requires: MBEDTLS_SSL_TRUNCATED_HMAC
- */
-//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
-
 /**
  * \def MBEDTLS_THREADING_ALT
  *
@@ -1562,89 +857,6 @@
  */
 #define MBEDTLS_VERSION_FEATURES
 
-/**
- * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
- *
- * If set, the X509 parser will not break-off when parsing an X509 certificate
- * and encountering an extension in a v1 or v2 certificate.
- *
- * Uncomment to prevent an error.
- */
-//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
-
-/**
- * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
- *
- * If set, the X509 parser will not break-off when parsing an X509 certificate
- * and encountering an unknown critical extension.
- *
- * \warning Depending on your PKI use, enabling this can be a security risk!
- *
- * Uncomment to prevent an error.
- */
-//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
-
-/**
- * \def MBEDTLS_X509_CHECK_KEY_USAGE
- *
- * Enable verification of the keyUsage extension (CA and leaf certificates).
- *
- * Disabling this avoids problems with mis-issued and/or misused
- * (intermediate) CA and leaf certificates.
- *
- * \warning Depending on your PKI use, disabling this can be a security risk!
- *
- * Comment to skip keyUsage checking for both CA and leaf certificates.
- */
-#define MBEDTLS_X509_CHECK_KEY_USAGE
-
-/**
- * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
- *
- * Enable verification of the extendedKeyUsage extension (leaf certificates).
- *
- * Disabling this avoids problems with mis-issued and/or misused certificates.
- *
- * \warning Depending on your PKI use, disabling this can be a security risk!
- *
- * Comment to skip extendedKeyUsage checking for certificates.
- */
-#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
-
-/**
- * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
- *
- * Enable parsing and verification of X.509 certificates, CRLs and CSRS
- * signed with RSASSA-PSS (aka PKCS#1 v2.1).
- *
- * Comment this macro to disallow using RSASSA-PSS in certificates.
- */
-#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
-
-/**
- * \def MBEDTLS_ZLIB_SUPPORT
- *
- * If set, the SSL/TLS module uses ZLIB to support compression and
- * decompression of packet data.
- *
- * \warning TLS-level compression MAY REDUCE SECURITY! See for example the
- * CRIME attack. Before enabling this option, you should examine with care if
- * CRIME or similar exploits may be a applicable to your use case.
- *
- * \note Currently compression can't be used with DTLS.
- *
- * \deprecated This feature is deprecated and will be removed
- *             in the next major revision of the library.
- *
- * Used in: library/ssl_tls.c
- *          library/ssl_cli.c
- *          library/ssl_srv.c
- *
- * This feature requires zlib library and headers to be present.
- *
- * Uncomment to enable use of ZLIB
- */
-//#define MBEDTLS_ZLIB_SUPPORT
 /* \} name SECTION: mbed TLS feature support */
 
 /**
@@ -2029,20 +1241,6 @@
  */
 #define MBEDTLS_CTR_DRBG_C
 
-/**
- * \def MBEDTLS_DEBUG_C
- *
- * Enable the debug functions.
- *
- * Module:  library/debug.c
- * Caller:  library/ssl_cli.c
- *          library/ssl_srv.c
- *          library/ssl_tls.c
- *
- * This module provides debugging functions.
- */
-#define MBEDTLS_DEBUG_C
-
 /**
  * \def MBEDTLS_DES_C
  *
@@ -2141,7 +1339,7 @@
  *
  * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C
  */
-//#define MBEDTLS_ECJPAKE_C
+#define MBEDTLS_ECJPAKE_C
 
 /**
  * \def MBEDTLS_ECP_C
@@ -2289,7 +1487,7 @@
  *            it, and considering stronger message digests instead.
  *
  */
-//#define MBEDTLS_MD2_C
+#define MBEDTLS_MD2_C
 
 /**
  * \def MBEDTLS_MD4_C
@@ -2306,7 +1504,7 @@
  *            it, and considering stronger message digests instead.
  *
  */
-//#define MBEDTLS_MD4_C
+#define MBEDTLS_MD4_C
 
 /**
  * \def MBEDTLS_MD5_C
@@ -2346,25 +1544,6 @@
  */
 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
 
-/**
- * \def MBEDTLS_NET_C
- *
- * Enable the TCP and UDP over IPv6/IPv4 networking routines.
- *
- * \note This module only works on POSIX/Unix (including Linux, BSD and OS X)
- * and Windows. For other platforms, you'll want to disable it, and write your
- * own networking callbacks to be passed to \c mbedtls_ssl_set_bio().
- *
- * \note See also our Knowledge Base article about porting to a new
- * environment:
- * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
- *
- * Module:  library/net_sockets.c
- *
- * This module provides networking routines.
- */
-#define MBEDTLS_NET_C
-
 /**
  * \def MBEDTLS_OID_C
  *
@@ -2400,7 +1579,7 @@
  *
  * This modules adds support for the VIA PadLock on x86.
  */
-#define MBEDTLS_PADLOCK_C
+//#define MBEDTLS_PADLOCK_C
 
 /**
  * \def MBEDTLS_PEM_PARSE_C
@@ -2651,84 +1830,6 @@
  */
 #define MBEDTLS_SHA512_C
 
-/**
- * \def MBEDTLS_SSL_CACHE_C
- *
- * Enable simple SSL cache implementation.
- *
- * Module:  library/ssl_cache.c
- * Caller:
- *
- * Requires: MBEDTLS_SSL_CACHE_C
- */
-#define MBEDTLS_SSL_CACHE_C
-
-/**
- * \def MBEDTLS_SSL_COOKIE_C
- *
- * Enable basic implementation of DTLS cookies for hello verification.
- *
- * Module:  library/ssl_cookie.c
- * Caller:
- */
-#define MBEDTLS_SSL_COOKIE_C
-
-/**
- * \def MBEDTLS_SSL_TICKET_C
- *
- * Enable an implementation of TLS server-side callbacks for session tickets.
- *
- * Module:  library/ssl_ticket.c
- * Caller:
- *
- * Requires: MBEDTLS_CIPHER_C
- */
-#define MBEDTLS_SSL_TICKET_C
-
-/**
- * \def MBEDTLS_SSL_CLI_C
- *
- * Enable the SSL/TLS client code.
- *
- * Module:  library/ssl_cli.c
- * Caller:
- *
- * Requires: MBEDTLS_SSL_TLS_C
- *
- * This module is required for SSL/TLS client support.
- */
-#define MBEDTLS_SSL_CLI_C
-
-/**
- * \def MBEDTLS_SSL_SRV_C
- *
- * Enable the SSL/TLS server code.
- *
- * Module:  library/ssl_srv.c
- * Caller:
- *
- * Requires: MBEDTLS_SSL_TLS_C
- *
- * This module is required for SSL/TLS server support.
- */
-#define MBEDTLS_SSL_SRV_C
-
-/**
- * \def MBEDTLS_SSL_TLS_C
- *
- * Enable the generic SSL/TLS code.
- *
- * Module:  library/ssl_tls.c
- * Caller:  library/ssl_cli.c
- *          library/ssl_srv.c
- *
- * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C
- *           and at least one of the MBEDTLS_SSL_PROTO_XXX defines
- *
- * This module is required for SSL/TLS.
- */
-#define MBEDTLS_SSL_TLS_C
-
 /**
  * \def MBEDTLS_THREADING_C
  *
@@ -2751,29 +1852,6 @@
  */
 //#define MBEDTLS_THREADING_C
 
-/**
- * \def MBEDTLS_TIMING_C
- *
- * Enable the semi-portable timing interface.
- *
- * \note The provided implementation only works on POSIX/Unix (including Linux,
- * BSD and OS X) and Windows. On other platforms, you can either disable that
- * module and provide your own implementations of the callbacks needed by
- * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide
- * your own implementation of the whole module by setting
- * \c MBEDTLS_TIMING_ALT in the current file.
- *
- * \note See also our Knowledge Base article about porting to a new
- * environment:
- * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
- *
- * Module:  library/timing.c
- * Caller:  library/havege.c
- *
- * This module is used by the HAVEGE random number generator.
- */
-#define MBEDTLS_TIMING_C
-
 /**
  * \def MBEDTLS_VERSION_C
  *
@@ -2785,106 +1863,6 @@
  */
 #define MBEDTLS_VERSION_C
 
-/**
- * \def MBEDTLS_X509_USE_C
- *
- * Enable X.509 core for using certificates.
- *
- * Module:  library/x509.c
- * Caller:  library/x509_crl.c
- *          library/x509_crt.c
- *          library/x509_csr.c
- *
- * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C,
- *           MBEDTLS_PK_PARSE_C
- *
- * This module is required for the X.509 parsing modules.
- */
-#define MBEDTLS_X509_USE_C
-
-/**
- * \def MBEDTLS_X509_CRT_PARSE_C
- *
- * Enable X.509 certificate parsing.
- *
- * Module:  library/x509_crt.c
- * Caller:  library/ssl_cli.c
- *          library/ssl_srv.c
- *          library/ssl_tls.c
- *
- * Requires: MBEDTLS_X509_USE_C
- *
- * This module is required for X.509 certificate parsing.
- */
-#define MBEDTLS_X509_CRT_PARSE_C
-
-/**
- * \def MBEDTLS_X509_CRL_PARSE_C
- *
- * Enable X.509 CRL parsing.
- *
- * Module:  library/x509_crl.c
- * Caller:  library/x509_crt.c
- *
- * Requires: MBEDTLS_X509_USE_C
- *
- * This module is required for X.509 CRL parsing.
- */
-#define MBEDTLS_X509_CRL_PARSE_C
-
-/**
- * \def MBEDTLS_X509_CSR_PARSE_C
- *
- * Enable X.509 Certificate Signing Request (CSR) parsing.
- *
- * Module:  library/x509_csr.c
- * Caller:  library/x509_crt_write.c
- *
- * Requires: MBEDTLS_X509_USE_C
- *
- * This module is used for reading X.509 certificate request.
- */
-#define MBEDTLS_X509_CSR_PARSE_C
-
-/**
- * \def MBEDTLS_X509_CREATE_C
- *
- * Enable X.509 core for creating certificates.
- *
- * Module:  library/x509_create.c
- *
- * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C
- *
- * This module is the basis for creating X.509 certificates and CSRs.
- */
-#define MBEDTLS_X509_CREATE_C
-
-/**
- * \def MBEDTLS_X509_CRT_WRITE_C
- *
- * Enable creating X.509 certificates.
- *
- * Module:  library/x509_crt_write.c
- *
- * Requires: MBEDTLS_X509_CREATE_C
- *
- * This module is required for X.509 certificate creation.
- */
-#define MBEDTLS_X509_CRT_WRITE_C
-
-/**
- * \def MBEDTLS_X509_CSR_WRITE_C
- *
- * Enable creating X.509 Certificate Signing Requests (CSR).
- *
- * Module:  library/x509_csr_write.c
- *
- * Requires: MBEDTLS_X509_CREATE_C
- *
- * This module is required for X.509 certificate request writing.
- */
-#define MBEDTLS_X509_CSR_WRITE_C
-
 /**
  * \def MBEDTLS_XTEA_C
  *
@@ -3134,6 +2112,6 @@
 #include MBEDTLS_USER_CONFIG_FILE
 #endif
 
-#include "check_config.h"
+#include "mbedtls/check_config.h"
 
 #endif /* MBEDTLS_CONFIG_H */

From 4a6aaa4c513ce3484d2acf4ad86b6bc383ccd374 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 3 Mar 2018 21:51:53 +0100
Subject: [PATCH 005/889] Remove Github templates

These templates are not applicable to PSA development.
---
 .github/issue_template.md        | 41 --------------------------------
 .github/pull_request_template.md | 39 ------------------------------
 2 files changed, 80 deletions(-)
 delete mode 100644 .github/issue_template.md
 delete mode 100644 .github/pull_request_template.md

diff --git a/.github/issue_template.md b/.github/issue_template.md
deleted file mode 100644
index 7c3135351..000000000
--- a/.github/issue_template.md
+++ /dev/null
@@ -1,41 +0,0 @@
-Note: This is just a template, so feel free to use/remove the unnecessary things
-
-### Description
-- Type: Bug | Enhancement\Feature Request | Question
-- Priority: Blocker | Major | Minor
-
----------------------------------------------------------------
-## Bug
-
-**OS**  
-Mbed OS|linux|windows|
-
-**mbed TLS build:**  
-Version: x.x.x or git commit id  
-OS version: x.x.x  
-Configuration: please attach config.h file where possible  
-Compiler and options (if you used a pre-built binary, please indicate how you obtained it):  
-Additional environment information:  
-
-**Peer device TLS stack and version**  
-OpenSSL|GnuTls|Chrome|NSS(Firefox)|SecureChannel (IIS/Internet Explorer/Edge)|Other  
-Version:  
-
-**Expected behavior**   
-
-**Actual behavior**  
-
-**Steps to reproduce**  
-
-----------------------------------------------------------------
-## Enhancement\Feature Request
-
-**Justification - why does the library need this feature?**  
-
-**Suggested enhancement**  
-
------------------------------------------------------------------
-
-## Question
-
-**Please first check for answers in the [Mbed TLS knowledge Base](https://tls.mbed.org/kb), and preferably file an issue in the [Mbed TLS support forum](https://forums.mbed.com/c/mbed-tls)**  
diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
deleted file mode 100644
index 485b54195..000000000
--- a/.github/pull_request_template.md
+++ /dev/null
@@ -1,39 +0,0 @@
-Notes:
-* Pull requests cannot be accepted until:
--  The submitter has [accepted the online agreement here with a click through](https://developer.mbed.org/contributor_agreement/) 
-   or for companies or those that do not wish to create an mbed account, a slightly different agreement can be found [here](https://www.mbed.com/en/about-mbed/contributor-license-agreements/)
-- The PR follows the [mbed TLS coding standards](https://tls.mbed.org/kb/development/mbedtls-coding-standards)
-* This is just a template, so feel free to use/remove the unnecessary things
-## Description
-A few sentences describing the overall goals of the pull request's commits.
-
-
-## Status
-**READY/IN DEVELOPMENT/HOLD**
-
-## Requires Backporting
-When there is a bug fix, it should be backported to all maintained and supported branches.
-Changes do not have to be backported if:
-- This PR is a new feature\enhancement
-- This PR contains changes in the API. If this is true, and there is a need for the fix to be backported, the fix should be handled differently in the legacy branch
-
-Yes | NO  
-Which branch?
-
-## Migrations
-If there is any API change, what's the incentive and logic for it.
-
-YES | NO
-
-## Additional comments
-Any additional information that could be of interest
-
-## Todos
-- [ ] Tests
-- [ ] Documentation
-- [ ] Changelog updated
-- [ ] Backported
-
-
-## Steps to test or reproduce
-Outline the steps to test or reproduce the PR here.

From 1d26709dbd4a4f8ef9ea0ff58f2644a4bc3fc49c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sun, 28 Jan 2018 18:13:03 +0100
Subject: [PATCH 006/889] New function mbedtls_rsa_get_bitlen

Add a new function mbedtls_rsa_get_bitlen which returns the RSA key
size, i.e. the bit size of the modulus. In the pk module, call
mbedtls_rsa_get_bitlen instead of mbedtls_rsa_get_len, which gave the
wrong result for key sizes that are not a multiple of 8.

This commit adds one non-regression test in the pk suite. More tests
are needed for RSA key sizes that are a multiple of 8.

This commit does not address RSA alternative implementations, which
only provide an interface that return the modulus size in bytes.
---
 include/mbedtls/rsa.h                | 10 +++++++
 library/pk_wrap.c                    |  2 +-
 library/rsa.c                        |  9 ++++++-
 tests/suites/test_suite_pk.data      | 11 +++++++-
 tests/suites/test_suite_pk.function  | 39 +++++++++++++++++++++++-----
 tests/suites/test_suite_rsa.function | 27 ++++++++++++-------
 6 files changed, 80 insertions(+), 18 deletions(-)

diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h
index 6eea5af2f..31a8db757 100644
--- a/include/mbedtls/rsa.h
+++ b/include/mbedtls/rsa.h
@@ -403,6 +403,16 @@ void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding,
  */
 size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx );
 
+/**
+ * \brief          This function retrieves the length of the RSA modulus in bits.
+ *
+ * \param ctx      The initialized RSA context.
+ *
+ * \return         The length of the RSA modulus in bits.
+ *
+ */
+size_t mbedtls_rsa_get_bitlen( const mbedtls_rsa_context *ctx );
+
 /**
  * \brief          This function generates an RSA keypair.
  *
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 2c7d2d79b..f9b4c659c 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -66,7 +66,7 @@ static int rsa_can_do( mbedtls_pk_type_t type )
 static size_t rsa_get_bitlen( const void *ctx )
 {
     const mbedtls_rsa_context * rsa = (const mbedtls_rsa_context *) ctx;
-    return( 8 * mbedtls_rsa_get_len( rsa ) );
+    return( mbedtls_rsa_get_bitlen( rsa ) );
 }
 
 static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
diff --git a/library/rsa.c b/library/rsa.c
index 88c1cf100..ad196391f 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -480,12 +480,19 @@ void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, int hash_id
 /*
  * Get length in bytes of RSA modulus
  */
-
 size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx )
 {
     return( ctx->len );
 }
 
+/*
+ * Get length in bits of RSA modulus
+ */
+size_t mbedtls_rsa_get_bitlen( const mbedtls_rsa_context *ctx )
+{
+    return( mbedtls_mpi_bitlen( &ctx->N ) );
+}
+
 
 #if defined(MBEDTLS_GENPRIME)
 
diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data
index a066bd93e..77e3bd887 100644
--- a/tests/suites/test_suite_pk.data
+++ b/tests/suites/test_suite_pk.data
@@ -1,7 +1,16 @@
-PK utils: RSA
+PK utils: RSA, 512 bits
 depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
 pk_utils:MBEDTLS_PK_RSA:512:64:"RSA"
 
+## RSA key generation only supports even bit sizes
+#PK utils: RSA, 511 bits
+#depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
+#pk_utils:MBEDTLS_PK_RSA:511:64:"RSA"
+#
+PK utils: RSA, 510 bits
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
+pk_utils:MBEDTLS_PK_RSA:510:64:"RSA"
+
 PK utils: ECKEY
 depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
 pk_utils:MBEDTLS_PK_ECKEY:192:24:"EC"
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 9005ddb31..a1d9b0b7a 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -13,13 +13,18 @@ static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len );
 #define RSA_KEY_SIZE 512
 #define RSA_KEY_LEN   64
 
-static int pk_genkey( mbedtls_pk_context *pk )
+static int pk_genkey( mbedtls_pk_context *pk, int size )
 {
     ((void) pk);
 
 #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
     if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_RSA )
-        return mbedtls_rsa_gen_key( mbedtls_pk_rsa( *pk ), rnd_std_rand, NULL, RSA_KEY_SIZE, 3 );
+    {
+        if( size == 0 )
+            size = RSA_KEY_SIZE;
+        return( mbedtls_rsa_gen_key( mbedtls_pk_rsa( *pk ),
+                                     rnd_std_rand, NULL, size, 3 ) );
+    }
 #endif
 #if defined(MBEDTLS_ECP_C)
     if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY ||
@@ -27,8 +32,30 @@ static int pk_genkey( mbedtls_pk_context *pk )
         mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECDSA )
     {
         int ret;
+        mbedtls_ecp_group_id curve;
+        switch( size )
+        {
+            case 0:
+            case 192:
+                curve = MBEDTLS_ECP_DP_SECP192R1;
+                break;
+            case 224:
+                curve = MBEDTLS_ECP_DP_SECP224R1;
+                break;
+            case 256:
+                curve = MBEDTLS_ECP_DP_SECP256R1;
+                break;
+            case 384:
+                curve = MBEDTLS_ECP_DP_SECP384R1;
+                break;
+            case 521:
+                curve = MBEDTLS_ECP_DP_SECP521R1;
+                break;
+            default:
+                return( -1 );
+        }
         if( ( ret = mbedtls_ecp_group_load( &mbedtls_pk_ec( *pk )->grp,
-                                      MBEDTLS_ECP_DP_SECP192R1 ) ) != 0 )
+                                            curve ) ) != 0 )
             return( ret );
 
         return mbedtls_ecp_gen_keypair( &mbedtls_pk_ec( *pk )->grp, &mbedtls_pk_ec( *pk )->d,
@@ -77,7 +104,7 @@ void pk_utils( int type, int size, int len, char * name )
     mbedtls_pk_init( &pk );
 
     TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
-    TEST_ASSERT( pk_genkey( &pk ) == 0 );
+    TEST_ASSERT( pk_genkey( &pk, size ) == 0 );
 
     TEST_ASSERT( (int) mbedtls_pk_get_type( &pk ) == type );
     TEST_ASSERT( mbedtls_pk_can_do( &pk, type ) );
@@ -252,7 +279,7 @@ void pk_sign_verify( int type, int sign_ret, int verify_ret )
     memset( sig, 0, sizeof sig );
 
     TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
-    TEST_ASSERT( pk_genkey( &pk ) == 0 );
+    TEST_ASSERT( pk_genkey( &pk, 0 ) == 0 );
 
     TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash,
                           sig, &sig_len, rnd_std_rand, NULL ) == sign_ret );
@@ -447,7 +474,7 @@ void pk_rsa_alt(  )
     /* Initiliaze PK RSA context with random key */
     TEST_ASSERT( mbedtls_pk_setup( &rsa,
                               mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
-    TEST_ASSERT( pk_genkey( &rsa ) == 0 );
+    TEST_ASSERT( pk_genkey( &rsa, RSA_KEY_SIZE ) == 0 );
 
     /* Extract key to the raw rsa context */
     TEST_ASSERT( mbedtls_rsa_copy( &raw, mbedtls_pk_rsa( rsa ) ) == 0 );
diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index c43ef2050..46c8bf96e 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function
@@ -44,7 +44,8 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
+    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
     TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
     TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
 
@@ -86,7 +87,8 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
     TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
+    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
     TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
 
 
@@ -127,7 +129,8 @@ void rsa_pkcs1_sign_raw( data_t * hash_result,
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
+    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
     TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
     TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
 
@@ -192,7 +195,8 @@ void rsa_pkcs1_verify_raw( data_t * hash_result,
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
+    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
     TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
 
 
@@ -256,7 +260,8 @@ void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
+    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
     TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
 
 
@@ -294,7 +299,8 @@ void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
+    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
     TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
 
 
@@ -342,7 +348,8 @@ void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
+    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
     TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
     TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
 
@@ -381,7 +388,8 @@ void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
+    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
     TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
 
 
@@ -440,7 +448,8 @@ void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
+    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
     TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
     TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
 

From 2f9c4dc5ad0fc982c0924b6efc7416a44444e173 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sun, 28 Jan 2018 13:16:24 +0100
Subject: [PATCH 007/889] Add key management functions

Define psa_key_type_t and a first stab at a few values.

New functions psa_import_key, psa_export_key, psa_destroy_key,
psa_get_key_information. Implement them for raw data and RSA.

Under the hood, create an in-memory, fixed-size keystore with room
for MBEDTLS_PSA_KEY_SLOT_COUNT - 1 keys.
---
 include/psa/crypto.h                        | 113 ++++++++++
 include/psa/crypto_platform.h               |   3 +
 library/psa_crypto.c                        | 229 ++++++++++++++++++++
 tests/suites/test_suite_psa_crypto.data     |  28 +++
 tests/suites/test_suite_psa_crypto.function | 120 +++++++++-
 5 files changed, 488 insertions(+), 5 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 0bd9c03eb..63f119dc0 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -8,11 +8,27 @@
 
 #include "crypto_platform.h"
 
+#include <stddef.h>
+
 #ifdef __DOXYGEN_ONLY__
 /** \defgroup platform Implementation-specific definitions
  * @{
  */
 
+/** \brief Key slot number.
+ *
+ * This type represents key slots. It must be an unsigned integral
+ * type.* The choice of type is implementation-dependent.
+ * 0 is not a valid key slot number. The meaning of other values is
+ * implementation dependent.
+ *
+ * At any given point in time, each key slot either contains a
+ * cryptographic object, or is empty. Key slots are persistent:
+ * once set, the cryptographic object remains in the key slot until
+ * explicitly destroyed.
+ */
+typedef _unsigned_integral_type_ psa_key_slot_t;
+
 /**@}*/
 #endif
 
@@ -89,6 +105,103 @@ psa_status_t psa_crypto_init(void);
 
 /**@}*/
 
+/** \defgroup crypto_types Key and algorithm types
+ * @{
+ */
+
+typedef uint32_t psa_key_type_t;
+
+#define PSA_KEY_TYPE_NONE                       0x00000000
+#define PSA_KEY_TYPE_RAW_DATA                   0x00000001
+#define PSA_KEY_TYPE_RSA                        0x40000001
+#define PSA_KEY_TYPE_ECC_BASE                   0x40010000
+
+#define PSA_KEY_TYPE_VENDOR_FLAG                0x80000000
+#define PSA_KEY_TYPE_ASYMMETRIC_FLAG            0x40000000
+#define PSA_KEY_TYPE_ECC_TEST_MASK              0x7fff0000
+#define PSA_KEY_TYPE_ECC_TEST_VALUE             0x40010000
+
+#define PSA_KEY_TYPE_IS_VENDOR(type) \
+    (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
+#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \
+    (((type) & PSA_KEY_TYPE_ASYMMETRIC_FLAG) != 0)
+#define PSA_KEY_TYPE_IS_ECC(type) \
+    (((type) & PSA_KEY_TYPE_ECC_TEST_MASK) == PSA_KEY_TYPE_ECC_TEST_VALUE)
+
+typedef uint32_t psa_algorithm_type_t;
+
+/**@}*/
+
+/** \defgroup key_management Key management
+ * @{
+ */
+
+/**
+ * \brief Import a key in binary format.
+ *
+ * This function supports any output from psa_export_key().
+ *
+ * \return * \c PSA_SUCCESS: success.
+ *         * \c PSA_ERROR_NOT_SUPPORTED
+ *         * \c PSA_ERROR_INVALID_ARGUMENT
+ *         * \c PSA_ERROR_INSUFFICIENT_MEMORY
+ *         * \c PSA_ERROR_COMMUNICATION_FAILURE
+ *         * \c PSA_ERROR_HARDWARE_FAILURE
+ *         * \c PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_import_key(psa_key_slot_t key,
+                            psa_key_type_t type,
+                            const uint8_t *data,
+                            size_t data_length);
+
+/**
+ * \brief Destroy a key.
+ *
+ * \return * \c PSA_SUCCESS: success.
+ *         * \c PSA_ERROR_EMPTY_SLOT
+ *         * \c PSA_ERROR_COMMUNICATION_FAILURE
+ *         * \c PSA_ERROR_HARDWARE_FAILURE
+ *         * \c PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_destroy_key(psa_key_slot_t key);
+
+/**
+ * \brief Get basic metadata about a key.
+ *
+ * \return * \c PSA_SUCCESS: success.
+ *         * \c PSA_ERROR_EMPTY_SLOT
+ *         * \c PSA_ERROR_COMMUNICATION_FAILURE
+ *         * \c PSA_ERROR_HARDWARE_FAILURE
+ *         * \c PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_get_key_information(psa_key_slot_t key,
+                                     psa_key_type_t *type,
+                                     size_t *bits);
+
+/**
+ * \brief Export a key in binary format.
+ *
+ * The output of this function can be passed to psa_import_key() to
+ * create an equivalent object.
+ *
+ * If a key is created with psa_import_key() and then exported with
+ * this function, it is not guaranteed that the resulting data is
+ * identical: the implementation may choose a different representation
+ * of the same key.
+ *
+ * \return * \c PSA_SUCCESS: success.
+ *         * \c PSA_ERROR_EMPTY_SLOT
+ *         * \c PSA_ERROR_COMMUNICATION_FAILURE
+ *         * \c PSA_ERROR_HARDWARE_FAILURE
+ *         * \c PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_export_key(psa_key_slot_t key,
+                            uint8_t *data,
+                            size_t data_size,
+                            size_t *data_length);
+
+/**@}*/
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h
index eafc0b3ea..7aabd1bc0 100644
--- a/include/psa/crypto_platform.h
+++ b/include/psa/crypto_platform.h
@@ -36,4 +36,7 @@
 /* PSA requires several types which C99 provides in stdint.h. */
 #include <stdint.h>
 
+/* Integral type representing a key slot number. */
+typedef uint16_t psa_key_slot_t;
+
 #endif /* PSA_CRYPTO_PLATFORM_H */
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ca25bb487..31dd0d640 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -29,8 +29,18 @@
 
 #include "psa/crypto.h"
 
+#include <stdlib.h>
+#include <string.h>
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#define mbedtls_calloc calloc
+#define mbedtls_free   free
+#endif
+
 #include "mbedtls/ctr_drbg.h"
 #include "mbedtls/entropy.h"
+#include "mbedtls/pk.h"
 
 
 /* Implementation that should never be optimized out by the compiler */
@@ -39,10 +49,32 @@ static void mbedtls_zeroize( void *v, size_t n )
     volatile unsigned char *p = v; while( n-- ) *p++ = 0;
 }
 
+/****************************************************************/
+/* Global data, support functions and library management */
+/****************************************************************/
+
+/* Number of key slots (plus one because 0 is not used).
+ * The value is a compile-time constant for now, for simplicity. */
+#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
+
+typedef struct {
+    psa_key_type_t type;
+    union {
+        struct raw_data {
+            uint8_t *data;
+            size_t bytes;
+        } raw;
+#if defined(MBEDTLS_PK_C)
+        mbedtls_pk_context pk;
+#endif /* MBEDTLS_PK_C */
+    } data;
+} key_slot_t;
+
 typedef struct {
     int initialized;
     mbedtls_entropy_context entropy;
     mbedtls_ctr_drbg_context ctr_drbg;
+    key_slot_t key_slots[MBEDTLS_PSA_KEY_SLOT_COUNT];
 } psa_global_data_t;
 
 static psa_global_data_t global_data;
@@ -57,13 +89,210 @@ static psa_status_t mbedtls_to_psa_error( int ret )
         case MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE:
         case MBEDTLS_ERR_ENTROPY_SOURCE_FAILED:
             return( PSA_ERROR_INSUFFICIENT_ENTROPY );
+        case MBEDTLS_ERR_PK_ALLOC_FAILED:
+            return( PSA_ERROR_INSUFFICIENT_MEMORY );
+        case MBEDTLS_ERR_PK_TYPE_MISMATCH:
+        case MBEDTLS_ERR_PK_BAD_INPUT_DATA:
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        case MBEDTLS_ERR_PK_FILE_IO_ERROR:
+            return( PSA_ERROR_TAMPERING_DETECTED );
+        case MBEDTLS_ERR_PK_KEY_INVALID_VERSION:
+        case MBEDTLS_ERR_PK_KEY_INVALID_FORMAT:
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        case MBEDTLS_ERR_PK_UNKNOWN_PK_ALG:
+            return( PSA_ERROR_NOT_SUPPORTED );
+        case MBEDTLS_ERR_PK_PASSWORD_REQUIRED:
+        case MBEDTLS_ERR_PK_PASSWORD_MISMATCH:
+            return( PSA_ERROR_NOT_PERMITTED );
+        case MBEDTLS_ERR_PK_INVALID_PUBKEY:
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        case MBEDTLS_ERR_PK_INVALID_ALG:
+        case MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE:
+        case MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE:
+            return( PSA_ERROR_NOT_SUPPORTED );
+        case MBEDTLS_ERR_PK_SIG_LEN_MISMATCH:
+            return( PSA_ERROR_INVALID_SIGNATURE );
         default:
             return( PSA_ERROR_UNKNOWN_ERROR );
     }
 }
 
+
+
+/****************************************************************/
+/* Key management */
+/****************************************************************/
+
+psa_status_t psa_import_key(psa_key_slot_t key,
+                            psa_key_type_t type,
+                            const uint8_t *data,
+                            size_t data_length)
+{
+    key_slot_t *slot;
+
+    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    slot = &global_data.key_slots[key];
+    if( slot->type != PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_OCCUPIED_SLOT );
+
+    if( type == PSA_KEY_TYPE_RAW_DATA )
+    {
+        if( data_length > SIZE_MAX / 8 )
+            return( PSA_ERROR_NOT_SUPPORTED );
+        slot->data.raw.data = mbedtls_calloc( 1, data_length );
+        if( slot->data.raw.data == NULL )
+            return( PSA_ERROR_INSUFFICIENT_MEMORY );
+        memcpy( slot->data.raw.data, data, data_length );
+        slot->data.raw.bytes = data_length;
+    }
+    else
+#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C)
+    if( type == PSA_KEY_TYPE_RSA || PSA_KEY_TYPE_IS_ECC( type ) )
+    {
+        int ret;
+        mbedtls_pk_init( &slot->data.pk );
+        ret = mbedtls_pk_parse_key( &slot->data.pk,
+                                    data, data_length,
+                                    NULL, 0 );
+        if( ret != 0 )
+            return( mbedtls_to_psa_error( ret ) );
+    }
+    else
+#endif /* defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) */
+    {
+        return( PSA_ERROR_NOT_SUPPORTED );
+    }
+
+    slot->type = type;
+    return( PSA_SUCCESS );
+}
+
+psa_status_t psa_destroy_key(psa_key_slot_t key)
+{
+    key_slot_t *slot;
+
+    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    slot = &global_data.key_slots[key];
+    if( slot->type == PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_EMPTY_SLOT );
+
+    if( slot->type == PSA_KEY_TYPE_RAW_DATA )
+    {
+        mbedtls_free( slot->data.raw.data );
+    }
+    else
+#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C)
+    if( slot->type == PSA_KEY_TYPE_RSA ||
+        PSA_KEY_TYPE_IS_ECC( slot->type ) )
+    {
+        mbedtls_pk_free( &slot->data.pk );
+    }
+    else
+#endif /* defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) */
+    {
+        /* Shouldn't happen: the key type is not any type that we
+         * put it. */
+        return( PSA_ERROR_TAMPERING_DETECTED );
+    }
+
+    mbedtls_zeroize( slot, sizeof( *slot ) );
+    return( PSA_SUCCESS );
+}
+
+psa_status_t psa_get_key_information(psa_key_slot_t key,
+                                     psa_key_type_t *type,
+                                     size_t *bits)
+{
+    key_slot_t *slot;
+
+    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    slot = &global_data.key_slots[key];
+    if( type != NULL )
+        *type = slot->type;
+    if( bits != NULL )
+        *bits = 0;
+    if( slot->type == PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_EMPTY_SLOT );
+
+    if( slot->type == PSA_KEY_TYPE_RAW_DATA )
+    {
+        if( bits != NULL )
+            *bits = slot->data.raw.bytes * 8;
+    }
+    else
+#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C)
+    if( slot->type == PSA_KEY_TYPE_RSA ||
+        PSA_KEY_TYPE_IS_ECC( slot->type ) )
+    {
+        if( bits != NULL )
+            *bits = mbedtls_pk_get_bitlen( &slot->data.pk );
+    }
+    else
+#endif /* defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) */
+    {
+        /* Shouldn't happen: the key type is not any type that we
+         * put it. */
+        return( PSA_ERROR_TAMPERING_DETECTED );
+    }
+
+    return( PSA_SUCCESS );
+}
+
+psa_status_t psa_export_key(psa_key_slot_t key,
+                            uint8_t *data,
+                            size_t data_size,
+                            size_t *data_length)
+{
+    key_slot_t *slot;
+
+    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    slot = &global_data.key_slots[key];
+    if( slot->type == PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_EMPTY_SLOT );
+
+    if( slot->type == PSA_KEY_TYPE_RAW_DATA )
+    {
+        if( slot->data.raw.bytes > data_size )
+            return( PSA_ERROR_BUFFER_TOO_SMALL );
+        memcpy( data, slot->data.raw.data, slot->data.raw.bytes );
+        *data_length = slot->data.raw.bytes;
+        return( PSA_SUCCESS );
+    }
+    else
+#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C)
+    if( slot->type == PSA_KEY_TYPE_RSA ||
+        PSA_KEY_TYPE_IS_ECC( slot->type ) )
+    {
+        int ret;
+        ret = mbedtls_pk_write_key_der( &slot->data.pk,
+                                        data, data_size );
+        if( ret < 0 )
+            return( mbedtls_to_psa_error( ret ) );
+        *data_length = ret;
+        return( PSA_SUCCESS );
+    }
+    else
+#endif /* defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) */
+    {
+        return( PSA_ERROR_NOT_SUPPORTED );
+    }
+}
+
+
+
+/****************************************************************/
+/* Module setup */
+/****************************************************************/
+
 void mbedtls_psa_crypto_free( void )
 {
+    size_t key;
+    for( key = 1; key < MBEDTLS_PSA_KEY_SLOT_COUNT; key++ )
+        psa_destroy_key( key );
     mbedtls_ctr_drbg_free( &global_data.ctr_drbg );
     mbedtls_entropy_free( &global_data.entropy );
     mbedtls_zeroize( &global_data, sizeof( global_data ) );
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 3d7689bd2..d9149cacf 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1,2 +1,30 @@
 PSA init/deinit
 init_deinit:
+
+PSA import/export raw: 0 bytes
+import_export:"":PSA_KEY_TYPE_RAW_DATA:0:0:PSA_SUCCESS:1
+
+PSA import/export raw: 1 bytes
+import_export:"2a":PSA_KEY_TYPE_RAW_DATA:8:0:PSA_SUCCESS:1
+
+PSA import/export raw: 1 bytes, larger buffer
+import_export:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:PSA_SUCCESS:1
+
+PSA import/export raw: 2 bytes, buffer too small
+import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
+
+PSA import/export RSA: good
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA:1024:0:PSA_SUCCESS:1
+
+PSA import/export RSA: trailing garbage ignored
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA:1024:-1:PSA_SUCCESS:0
+
+PSA import RSA: truncated
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA:PSA_ERROR_INVALID_ARGUMENT
+
+#PSA import/export EC secp256r1: good
+#depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_NISTP256R1:256:0:PSA_SUCCESS:1
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 9d9eee47b..6fa10dd96 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -10,15 +10,125 @@
 /* BEGIN_CASE */
 void init_deinit()
 {
-    psa_status_t ret;
+    psa_status_t status;
     int i;
     for( i = 0; i <= 1; i++ )
     {
-        ret = psa_crypto_init( );
-        TEST_ASSERT( ret == PSA_SUCCESS );
-        ret = psa_crypto_init( );
-        TEST_ASSERT( ret == PSA_SUCCESS );
+        status = psa_crypto_init( );
+        TEST_ASSERT( status == PSA_SUCCESS );
+        status = psa_crypto_init( );
+        TEST_ASSERT( status == PSA_SUCCESS );
         mbedtls_psa_crypto_free( );
     }
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void import( char *hex, int type, int expected_status )
+{
+    int slot = 1;
+    psa_status_t status;
+    unsigned char *data = NULL;
+    size_t data_size;
+
+    data_size = strlen( hex ) / 2;
+    data = mbedtls_calloc( 1, data_size );
+    TEST_ASSERT( data != NULL );
+    data_size = unhexify( data, hex );
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    status = psa_import_key( slot, type, data, data_size );
+    TEST_ASSERT( status == (psa_status_t) expected_status );
+    if( status == PSA_SUCCESS )
+        TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
+
+exit:
+    mbedtls_free( data );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void import_export( char *hex, int type_arg,
+                    int expected_bits,
+                    int export_size_delta,
+                    int expected_export_status,
+                    int canonical_input )
+{
+    int slot = 1;
+    int slot2 = slot + 1;
+    psa_key_type_t type = type_arg;
+    psa_status_t status;
+    unsigned char *data = NULL;
+    unsigned char *exported = NULL;
+    unsigned char *reexported = NULL;
+    size_t data_size;
+    size_t export_size;
+    size_t exported_length;
+    size_t reexported_length;
+    psa_key_type_t got_type;
+    size_t got_bits;
+
+    data_size = strlen( hex ) / 2;
+    data = mbedtls_calloc( 1, data_size );
+    TEST_ASSERT( data != NULL );
+    data_size = unhexify( data, hex );
+    export_size = (ssize_t) data_size + export_size_delta;
+    exported = mbedtls_calloc( 1, export_size );
+    TEST_ASSERT( exported != NULL );
+    if( ! canonical_input )
+    {
+        reexported = mbedtls_calloc( 1, export_size );
+        TEST_ASSERT( reexported != NULL );
+    }
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    /* Import the key */
+    TEST_ASSERT( psa_import_key( slot, type,
+                                 data, data_size ) == PSA_SUCCESS );
+
+    /* Test the key information */
+    TEST_ASSERT( psa_get_key_information( slot,
+                                          &got_type, &got_bits ) ==
+                 PSA_SUCCESS );
+    TEST_ASSERT( got_type == type );
+    TEST_ASSERT( got_bits == (size_t) expected_bits );
+
+    /* Export the key */
+    status = psa_export_key( slot,
+                             exported, export_size,
+                             &exported_length );
+    TEST_ASSERT( status == (psa_status_t) expected_export_status );
+    if( status != PSA_SUCCESS )
+        goto destroy;
+
+    if( canonical_input )
+    {
+        TEST_ASSERT( exported_length == data_size );
+        TEST_ASSERT( memcmp( exported, data, data_size ) == 0 );
+    }
+    else
+    {
+        TEST_ASSERT( psa_import_key( slot2, type,
+                                     exported, export_size ) ==
+                     PSA_SUCCESS );
+        TEST_ASSERT( psa_export_key( slot2,
+                                     reexported, export_size,
+                                     &reexported_length ) ==
+                     PSA_SUCCESS );
+        TEST_ASSERT( reexported_length == exported_length );
+        TEST_ASSERT( memcmp( reexported, exported,
+                             exported_length ) == 0 );
+    }
+
+destroy:
+    /* Destroy the key */
+    TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_get_key_information(
+                     slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
+
+exit:
+    mbedtls_free( data );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */

From 969ac726d9208c5a21c88a84b1ad955b67b0e63d Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sun, 28 Jan 2018 18:16:59 +0100
Subject: [PATCH 008/889] PSA RSA key import: don't rely on pk so much

Don't use the pk module except as required for pkparse/pkwrite. The
PSA crypto layer is meant to work alongside pk, not on top of it.

Fix the compile-time dependencies on RSA/ECP handling in
psa_export_key, psa_destroy_key and psa_get_key_information.
---
 library/psa_crypto.c                    | 98 +++++++++++++++++++------
 tests/suites/test_suite_psa_crypto.data |  6 +-
 2 files changed, 81 insertions(+), 23 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 31dd0d640..f6da44e9d 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -39,8 +39,11 @@
 #endif
 
 #include "mbedtls/ctr_drbg.h"
+#include "mbedtls/ecp.h"
 #include "mbedtls/entropy.h"
 #include "mbedtls/pk.h"
+#include "mbedtls/pk_internal.h"
+#include "mbedtls/rsa.h"
 
 
 /* Implementation that should never be optimized out by the compiler */
@@ -64,9 +67,12 @@ typedef struct {
             uint8_t *data;
             size_t bytes;
         } raw;
-#if defined(MBEDTLS_PK_C)
-        mbedtls_pk_context pk;
-#endif /* MBEDTLS_PK_C */
+#if defined(MBEDTLS_RSA_C)
+        mbedtls_rsa_context *rsa;
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECP_C)
+        mbedtls_ecp_keypair *ecp;
+#endif /* MBEDTLS_ECP_C */
     } data;
 } key_slot_t;
 
@@ -147,19 +153,43 @@ psa_status_t psa_import_key(psa_key_slot_t key,
         slot->data.raw.bytes = data_length;
     }
     else
-#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C)
+#if defined(MBEDTLS_PK_PARSE_C)
     if( type == PSA_KEY_TYPE_RSA || PSA_KEY_TYPE_IS_ECC( type ) )
     {
         int ret;
-        mbedtls_pk_init( &slot->data.pk );
-        ret = mbedtls_pk_parse_key( &slot->data.pk,
-                                    data, data_length,
+        mbedtls_pk_context pk;
+        mbedtls_pk_init( &pk );
+        ret = mbedtls_pk_parse_key( &pk, data, data_length,
                                     NULL, 0 );
         if( ret != 0 )
             return( mbedtls_to_psa_error( ret ) );
+        switch( mbedtls_pk_get_type( &pk ) )
+        {
+#if defined(MBEDTLS_RSA_C)
+            case MBEDTLS_PK_RSA:
+                if( type == PSA_KEY_TYPE_RSA )
+                    slot->data.rsa = pk.pk_ctx;
+                else
+                    return( PSA_ERROR_INVALID_ARGUMENT );
+                break;
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECP_C)
+            case MBEDTLS_PK_ECKEY:
+                if( PSA_KEY_TYPE_IS_ECC( type ) )
+                {
+                    // TODO: check curve
+                    slot->data.ecp = pk.pk_ctx;
+                }
+                else
+                    return( PSA_ERROR_INVALID_ARGUMENT );
+                break;
+#endif /* MBEDTLS_ECP_C */
+            default:
+                return( PSA_ERROR_INVALID_ARGUMENT );
+        }
     }
     else
-#endif /* defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) */
+#endif /* defined(MBEDTLS_PK_PARSE_C) */
     {
         return( PSA_ERROR_NOT_SUPPORTED );
     }
@@ -183,14 +213,20 @@ psa_status_t psa_destroy_key(psa_key_slot_t key)
         mbedtls_free( slot->data.raw.data );
     }
     else
-#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C)
-    if( slot->type == PSA_KEY_TYPE_RSA ||
-        PSA_KEY_TYPE_IS_ECC( slot->type ) )
+#if defined(MBEDTLS_RSA_C)
+    if( slot->type == PSA_KEY_TYPE_RSA )
     {
-        mbedtls_pk_free( &slot->data.pk );
+        mbedtls_rsa_free( slot->data.rsa );
     }
     else
-#endif /* defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) */
+#endif /* defined(MBEDTLS_RSA_C) */
+#if defined(MBEDTLS_ECP_C)
+    if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
+    {
+        mbedtls_ecp_keypair_free( slot->data.ecp );
+    }
+    else
+#endif /* defined(MBEDTLS_ECP_C) */
     {
         /* Shouldn't happen: the key type is not any type that we
          * put it. */
@@ -223,15 +259,22 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
             *bits = slot->data.raw.bytes * 8;
     }
     else
-#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C)
-    if( slot->type == PSA_KEY_TYPE_RSA ||
-        PSA_KEY_TYPE_IS_ECC( slot->type ) )
+#if defined(MBEDTLS_RSA_C)
+    if( slot->type == PSA_KEY_TYPE_RSA )
     {
         if( bits != NULL )
-            *bits = mbedtls_pk_get_bitlen( &slot->data.pk );
+            *bits = mbedtls_rsa_get_bitlen( slot->data.rsa );
     }
     else
-#endif /* defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) */
+#endif /* defined(MBEDTLS_RSA_C) */
+#if defined(MBEDTLS_ECP_C)
+    if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
+    {
+        if( bits != NULL )
+            *bits = slot->data.ecp->grp.pbits;
+    }
+    else
+#endif /* defined(MBEDTLS_ECP_C) */
     {
         /* Shouldn't happen: the key type is not any type that we
          * put it. */
@@ -263,20 +306,31 @@ psa_status_t psa_export_key(psa_key_slot_t key,
         return( PSA_SUCCESS );
     }
     else
-#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C)
+#if defined(MBEDTLS_PK_WRITE_C)
     if( slot->type == PSA_KEY_TYPE_RSA ||
         PSA_KEY_TYPE_IS_ECC( slot->type ) )
     {
+        mbedtls_pk_context pk;
         int ret;
-        ret = mbedtls_pk_write_key_der( &slot->data.pk,
-                                        data, data_size );
+        mbedtls_pk_init( &pk );
+        if( slot->type == PSA_KEY_TYPE_RSA )
+        {
+            pk.pk_info = &mbedtls_rsa_info;
+            pk.pk_ctx = slot->data.rsa;
+        }
+        else
+        {
+            pk.pk_info = &mbedtls_eckey_info;
+            pk.pk_ctx = slot->data.ecp;
+        }
+        ret = mbedtls_pk_write_key_der( &pk, data, data_size );
         if( ret < 0 )
             return( mbedtls_to_psa_error( ret ) );
         *data_length = ret;
         return( PSA_SUCCESS );
     }
     else
-#endif /* defined(MBEDTLS_PK_C) && defined(MBEDTLS_PK_PARSE_C) */
+#endif /* definedMBEDTLS_PK_WRITE_C) */
     {
         return( PSA_ERROR_NOT_SUPPORTED );
     }
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index d9149cacf..b450a2d38 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -13,7 +13,7 @@ import_export:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:PSA_SUCCESS:1
 PSA import/export raw: 2 bytes, buffer too small
 import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
 
-PSA import/export RSA: good
+PSA import/export RSA: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA:1024:0:PSA_SUCCESS:1
 
@@ -25,6 +25,10 @@ PSA import RSA: truncated
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA:PSA_ERROR_INVALID_ARGUMENT
 
+PSA import/export RSA: good, 1023-bit
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA:1023:0:PSA_SUCCESS:1
+
 #PSA import/export EC secp256r1: good
 #depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 #import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_NISTP256R1:256:0:PSA_SUCCESS:1

From c66ea6a921a2cd63f446e06b80ebd7c3a6ff0c91 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 3 Feb 2018 22:43:28 +0100
Subject: [PATCH 009/889] PSA key import: support RSA public keys

Use different key types for private keys and public keys.
---
 include/psa/crypto.h                    | 12 +++++++--
 library/psa_crypto.c                    | 34 +++++++++++++++++--------
 tests/suites/test_suite_psa_crypto.data | 20 +++++++++------
 3 files changed, 45 insertions(+), 21 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 63f119dc0..7e6156557 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -113,11 +113,15 @@ typedef uint32_t psa_key_type_t;
 
 #define PSA_KEY_TYPE_NONE                       0x00000000
 #define PSA_KEY_TYPE_RAW_DATA                   0x00000001
-#define PSA_KEY_TYPE_RSA                        0x40000001
+#define PSA_KEY_TYPE_RSA_PUBLIC_KEY             0x40000001
+#define PSA_KEY_TYPE_RSA_KEYPAIR                0x60000001
 #define PSA_KEY_TYPE_ECC_BASE                   0x40010000
 
 #define PSA_KEY_TYPE_VENDOR_FLAG                0x80000000
 #define PSA_KEY_TYPE_ASYMMETRIC_FLAG            0x40000000
+#define PSA_KEY_TYPE_ASYMMETRIC_MASK            0x60000000
+#define PSA_KEY_TYPE_ASYMMETRIC_MASK_PUBLIC     0x40000000
+#define PSA_KEY_TYPE_ASYMMETRIC_MASK_KEYPAIR    0x60000000
 #define PSA_KEY_TYPE_ECC_TEST_MASK              0x7fff0000
 #define PSA_KEY_TYPE_ECC_TEST_VALUE             0x40010000
 
@@ -125,7 +129,11 @@ typedef uint32_t psa_key_type_t;
     (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
 #define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \
     (((type) & PSA_KEY_TYPE_ASYMMETRIC_FLAG) != 0)
-#define PSA_KEY_TYPE_IS_ECC(type) \
+#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \
+    (((type) & PSA_KEY_TYPE_ASYMMETRIC_MASK) == PSA_KEY_TYPE_ASYMMETRIC_MASK_PUBLIC)
+#define PSA_KEY_TYPE_IS_KEYPAIR(type) \
+    (((type) & PSA_KEY_TYPE_ASYMMETRIC_MASK) == PSA_KEY_TYPE_ASYMMETRIC_MASK_KEYPAIR)
+#define PSA_KEY_TYPE_IS_ECC(type)                                       \
     (((type) & PSA_KEY_TYPE_ECC_TEST_MASK) == PSA_KEY_TYPE_ECC_TEST_VALUE)
 
 typedef uint32_t psa_algorithm_type_t;
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index f6da44e9d..741f5d11a 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -154,20 +154,25 @@ psa_status_t psa_import_key(psa_key_slot_t key,
     }
     else
 #if defined(MBEDTLS_PK_PARSE_C)
-    if( type == PSA_KEY_TYPE_RSA || PSA_KEY_TYPE_IS_ECC( type ) )
+    if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
+        type == PSA_KEY_TYPE_RSA_KEYPAIR ||
+        PSA_KEY_TYPE_IS_ECC( type ) )
     {
         int ret;
         mbedtls_pk_context pk;
         mbedtls_pk_init( &pk );
-        ret = mbedtls_pk_parse_key( &pk, data, data_length,
-                                    NULL, 0 );
+        if( PSA_KEY_TYPE_IS_KEYPAIR( type ) )
+            ret = mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 );
+        else
+            ret = mbedtls_pk_parse_public_key( &pk, data, data_length );
         if( ret != 0 )
             return( mbedtls_to_psa_error( ret ) );
         switch( mbedtls_pk_get_type( &pk ) )
         {
 #if defined(MBEDTLS_RSA_C)
             case MBEDTLS_PK_RSA:
-                if( type == PSA_KEY_TYPE_RSA )
+                if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
+                    type == PSA_KEY_TYPE_RSA_KEYPAIR )
                     slot->data.rsa = pk.pk_ctx;
                 else
                     return( PSA_ERROR_INVALID_ARGUMENT );
@@ -214,7 +219,8 @@ psa_status_t psa_destroy_key(psa_key_slot_t key)
     }
     else
 #if defined(MBEDTLS_RSA_C)
-    if( slot->type == PSA_KEY_TYPE_RSA )
+    if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
+        slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
     {
         mbedtls_rsa_free( slot->data.rsa );
     }
@@ -244,7 +250,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
     key_slot_t *slot;
 
     if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
-        return( PSA_ERROR_INVALID_ARGUMENT );
+        return( PSA_ERROR_EMPTY_SLOT );
     slot = &global_data.key_slots[key];
     if( type != NULL )
         *type = slot->type;
@@ -260,7 +266,8 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
     }
     else
 #if defined(MBEDTLS_RSA_C)
-    if( slot->type == PSA_KEY_TYPE_RSA )
+    if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
+        slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
     {
         if( bits != NULL )
             *bits = mbedtls_rsa_get_bitlen( slot->data.rsa );
@@ -292,7 +299,7 @@ psa_status_t psa_export_key(psa_key_slot_t key,
     key_slot_t *slot;
 
     if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
-        return( PSA_ERROR_INVALID_ARGUMENT );
+        return( PSA_ERROR_EMPTY_SLOT );
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
@@ -307,13 +314,15 @@ psa_status_t psa_export_key(psa_key_slot_t key,
     }
     else
 #if defined(MBEDTLS_PK_WRITE_C)
-    if( slot->type == PSA_KEY_TYPE_RSA ||
+    if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
+        slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ||
         PSA_KEY_TYPE_IS_ECC( slot->type ) )
     {
         mbedtls_pk_context pk;
         int ret;
         mbedtls_pk_init( &pk );
-        if( slot->type == PSA_KEY_TYPE_RSA )
+        if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
+            slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
         {
             pk.pk_info = &mbedtls_rsa_info;
             pk.pk_ctx = slot->data.rsa;
@@ -323,7 +332,10 @@ psa_status_t psa_export_key(psa_key_slot_t key,
             pk.pk_info = &mbedtls_eckey_info;
             pk.pk_ctx = slot->data.ecp;
         }
-        ret = mbedtls_pk_write_key_der( &pk, data, data_size );
+        if( PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
+            ret = mbedtls_pk_write_key_der( &pk, data, data_size );
+        else
+            ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size );
         if( ret < 0 )
             return( mbedtls_to_psa_error( ret ) );
         *data_length = ret;
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index b450a2d38..e8407a30c 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -13,21 +13,25 @@ import_export:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:PSA_SUCCESS:1
 PSA import/export raw: 2 bytes, buffer too small
 import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
 
-PSA import/export RSA: good, 1024-bit
+PSA import/export RSA public key: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA:1024:0:PSA_SUCCESS:1
+import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:PSA_SUCCESS:1
 
-PSA import/export RSA: trailing garbage ignored
+PSA import/export RSA keypair: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA:1024:-1:PSA_SUCCESS:0
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:0:PSA_SUCCESS:1
 
-PSA import RSA: truncated
+PSA import/export RSA keypair: trailing garbage ignored
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA:PSA_ERROR_INVALID_ARGUMENT
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:1024:-1:PSA_SUCCESS:0
 
-PSA import/export RSA: good, 1023-bit
+PSA import RSA keypair: truncated
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA:1023:0:PSA_SUCCESS:1
+import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import/export RSA keypair: good, 1023-bit
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:1023:0:PSA_SUCCESS:1
 
 #PSA import/export EC secp256r1: good
 #depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED

From 20035e357978a2cbd1f6915bec82534c386b25d0 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 3 Feb 2018 22:44:14 +0100
Subject: [PATCH 010/889] PSA crypto: asymmetric signature (RSA PKCS#1v1.5
 only)

Define hash algorithms and RSA signature algorithms.

New function psa_asymmetric_sign.

Implement psa_asymmetric_sign for RSA PKCS#1 v1.5.
---
 include/psa/crypto.h                        |  68 +++++++-
 library/psa_crypto.c                        | 182 ++++++++++++++++++++
 tests/suites/test_suite_psa_crypto.data     |  13 ++
 tests/suites/test_suite_psa_crypto.function |  95 ++++++++++
 4 files changed, 357 insertions(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 7e6156557..3eee3822b 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -136,7 +136,39 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_IS_ECC(type)                                       \
     (((type) & PSA_KEY_TYPE_ECC_TEST_MASK) == PSA_KEY_TYPE_ECC_TEST_VALUE)
 
-typedef uint32_t psa_algorithm_type_t;
+typedef uint32_t psa_algorithm_t;
+
+#define PSA_ALG_HASH_BITS                       0x01000000
+#define PSA_ALG_RSA_HASH_MASK                   0x000000ff
+#define PSA_ALG_MD2                             0x01000001
+#define PSA_ALG_MD4                             0x01000002
+#define PSA_ALG_MD5                             0x01000003
+#define PSA_ALG_SHA_256_128                     0x01000004
+#define PSA_ALG_RIPEMD160                       0x01000005
+#define PSA_ALG_SHA_1                           0x01000006
+#define PSA_ALG_SHA_256_160                     0x01000007
+#define PSA_ALG_SHA_224                         0x01000008
+#define PSA_ALG_SHA_256                         0x01000009
+#define PSA_ALG_SHA_384                         0x0100000a
+#define PSA_ALG_SHA_512                         0x0100000b
+#define PSA_ALG_SHA_512_224                     0x0100000c
+#define PSA_ALG_SHA_512_256                     0x0100000d
+#define PSA_ALG_SHA3_224                        0x01000010
+#define PSA_ALG_SHA3_256                        0x01000011
+#define PSA_ALG_SHA3_384                        0x01000012
+#define PSA_ALG_SHA3_512                        0x01000013
+
+#define PSA_ALG_RSA_PKCS1V15_RAW                0x40000100
+#define PSA_ALG_RSA_PSS_MGF1                    0x40000200
+#define PSA_ALG_RSA_OAEP                        0x40000300
+#define PSA_ALG_RSA_PKCS1V15(hash_alg)          \
+    (PSA_ALG_RSA_PKCS1V15_RAW | ((hash_alg) & PSA_ALG_RSA_HASH_MASK))
+#define PSA_ALG_IS_RSA_PKCS1V15(alg)            \
+    (((alg) & 0x7fffff00) == PSA_ALG_RSA_PKCS1V15_RAW)
+#define PSA_ALG_RSA_GET_HASH(alg)               \
+    (((alg) & PSA_ALG_RSA_HASH_MASK) | PSA_ALG_HASH_BITS)
+
+#define PSA_ALG_VENDOR_FLAG                     0x80000000
 
 /**@}*/
 
@@ -208,6 +240,40 @@ psa_status_t psa_export_key(psa_key_slot_t key,
                             size_t data_size,
                             size_t *data_length);
 
+
+/**@}*/
+
+/** \defgroup asymmetric Asymmetric cryptography
+ * @{
+ */
+
+/**
+ * \brief Sign a hash or short message with a private key.
+ *
+ */
+psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
+                                 psa_algorithm_t alg,
+                                 const uint8_t *hash,
+                                 size_t hash_length,
+                                 const uint8_t *salt,
+                                 size_t salt_length,
+                                 uint8_t *signature,
+                                 size_t signature_size,
+                                 size_t *signature_length);
+
+/**
+ * \brief Verify the signature a hash or short message using a public key.
+ *
+ */
+psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
+                                   psa_algorithm_t alg,
+                                   const uint8_t *hash,
+                                   size_t hash_length,
+                                   const uint8_t *salt,
+                                   size_t salt_length,
+                                   uint8_t *signature,
+                                   size_t signature_size);
+
 /**@}*/
 
 #ifdef __cplusplus
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 741f5d11a..256523271 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -41,6 +41,8 @@
 #include "mbedtls/ctr_drbg.h"
 #include "mbedtls/ecp.h"
 #include "mbedtls/entropy.h"
+#include "mbedtls/md.h"
+#include "mbedtls/md_internal.h"
 #include "mbedtls/pk.h"
 #include "mbedtls/pk_internal.h"
 #include "mbedtls/rsa.h"
@@ -350,6 +352,186 @@ psa_status_t psa_export_key(psa_key_slot_t key,
 
 
 
+/****************************************************************/
+/* Message digests */
+/****************************************************************/
+
+static const mbedtls_md_info_t *mbedtls_md_info_of_psa( psa_algorithm_t alg )
+{
+    switch( alg )
+    {
+#if defined(MBEDTLS_MD2_C)
+        case PSA_ALG_MD2:
+            return( &mbedtls_md2_info );
+#endif
+#if defined(MBEDTLS_MD4_C)
+        case PSA_ALG_MD4:
+            return( &mbedtls_md4_info );
+#endif
+#if defined(MBEDTLS_MD5_C)
+        case PSA_ALG_MD5:
+            return( &mbedtls_md5_info );
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+        case PSA_ALG_RIPEMD160:
+            return( &mbedtls_ripemd160_info );
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case PSA_ALG_SHA_1:
+            return( &mbedtls_sha1_info );
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case PSA_ALG_SHA_224:
+            return( &mbedtls_sha224_info );
+        case PSA_ALG_SHA_256:
+            return( &mbedtls_sha256_info );
+#endif
+#if defined(MBEDTLS_SHA512_C)
+        case PSA_ALG_SHA_384:
+            return( &mbedtls_sha384_info );
+        case PSA_ALG_SHA_512:
+            return( &mbedtls_sha512_info );
+#endif
+        default:
+            return( NULL );
+    }
+}
+
+#if 0
+static psa_algorithm_t mbedtls_md_alg_to_psa( mbedtls_md_type_t md_alg )
+{
+    switch( md_alg )
+    {
+        case MBEDTLS_MD_NONE:
+            return( 0 );
+        case MBEDTLS_MD_MD2:
+            return( PSA_ALG_MD2 );
+        case MBEDTLS_MD_MD4:
+            return( PSA_ALG_MD4 );
+        case MBEDTLS_MD_MD5:
+            return( PSA_ALG_MD5 );
+        case MBEDTLS_MD_SHA1:
+            return( PSA_ALG_SHA_1 );
+        case MBEDTLS_MD_SHA224:
+            return( PSA_ALG_SHA_224 );
+        case MBEDTLS_MD_SHA256:
+            return( PSA_ALG_SHA_256 );
+        case MBEDTLS_MD_SHA384:
+            return( PSA_ALG_SHA_384 );
+        case MBEDTLS_MD_SHA512:
+            return( PSA_ALG_SHA_512 );
+        case MBEDTLS_MD_RIPEMD160:
+            return( PSA_ALG_RIPEMD160 );
+        default:
+            return( MBEDTLS_MD_NOT_SUPPORTED );
+    }
+}
+#endif
+
+
+
+/****************************************************************/
+/* Asymmetric cryptography */
+/****************************************************************/
+
+psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
+                                 psa_algorithm_t alg,
+                                 const uint8_t *hash,
+                                 size_t hash_length,
+                                 const uint8_t *salt,
+                                 size_t salt_length,
+                                 uint8_t *signature,
+                                 size_t signature_size,
+                                 size_t *signature_length)
+{
+    key_slot_t *slot;
+
+    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+        return( PSA_ERROR_EMPTY_SLOT );
+    slot = &global_data.key_slots[key];
+    if( slot->type == PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_EMPTY_SLOT );
+    if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    (void) salt;
+    (void) salt_length;
+
+#if defined(MBEDTLS_RSA_C)
+    if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
+    {
+        mbedtls_rsa_context *rsa = slot->data.rsa;
+        int ret;
+        psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH( alg );
+        const mbedtls_md_info_t *md_info = mbedtls_md_info_of_psa( hash_alg );
+        mbedtls_md_type_t md_alg =
+            hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type( md_info );
+        if( md_alg == MBEDTLS_MD_NONE )
+        {
+#if SIZE_MAX > UINT_MAX
+            if( hash_length > UINT_MAX )
+                return( PSA_ERROR_INVALID_ARGUMENT );
+#endif
+        }
+        else
+        {
+            if( mbedtls_md_get_size( md_info ) != hash_length )
+                return( PSA_ERROR_INVALID_ARGUMENT );
+            if( md_info == NULL )
+                return( PSA_ERROR_NOT_SUPPORTED );
+        }
+        if( signature_size < rsa->len )
+            return( PSA_ERROR_BUFFER_TOO_SMALL );
+#if defined(MBEDTLS_PKCS1_V15)
+        if( PSA_ALG_IS_RSA_PKCS1V15( alg ) )
+        {
+            mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
+                                     MBEDTLS_MD_NONE );
+            ret = mbedtls_rsa_pkcs1_sign( rsa,
+                                          mbedtls_ctr_drbg_random,
+                                          &global_data.ctr_drbg,
+                                          MBEDTLS_RSA_PRIVATE,
+                                          md_alg, hash_length, hash,
+                                          signature );
+        }
+        else
+#endif /* MBEDTLS_PKCS1_V15 */
+#if defined(MBEDTLS_PKCS1_V21)
+        if( alg == PSA_ALG_RSA_PSS_MGF1 )
+        {
+            mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
+            ret = mbedtls_rsa_rsassa_pss_sign( rsa,
+                                               mbedtls_ctr_drbg_random,
+                                               &global_data.ctr_drbg,
+                                               MBEDTLS_RSA_PRIVATE,
+                                               md_alg, hash_length, hash,
+                                               signature );
+        }
+        else
+#endif /* MBEDTLS_PKCS1_V21 */
+        {
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        }
+        *signature_length = ( ret == 0 ? rsa->len : 0 );
+        return( mbedtls_to_psa_error( ret ) );
+    }
+    else
+#endif /* defined(MBEDTLS_RSA_C) */
+#if defined(MBEDTLS_ECP_C)
+    if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
+    {
+        // TODO
+        return( PSA_ERROR_NOT_SUPPORTED );
+    }
+    else
+#endif /* defined(MBEDTLS_ECP_C) */
+    {
+        return( PSA_ERROR_NOT_SUPPORTED );
+    }
+}
+
+
+
 /****************************************************************/
 /* Module setup */
 /****************************************************************/
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index e8407a30c..51fbf3ade 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -36,3 +36,16 @@ import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1
 #PSA import/export EC secp256r1: good
 #depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 #import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_NISTP256R1:256:0:PSA_SUCCESS:1
+#
+PSA sign RSA PKCS#1 v1.5, raw
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a"
+
+PSA sign RSA PKCS#1 v1.5 SHA-256
+sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
+
+PSA sign RSA PKCS#1 v1.5 SHA-256, wrong hash size
+sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign RSA PKCS#1 v1.5 SHA-256, output buffer too small
+sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 6fa10dd96..35515706d 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -132,3 +132,98 @@ exit:
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void sign_deterministic( int key_type_arg, char *key_hex,
+                         int alg_arg, char *input_hex, char *output_hex )
+{
+    int slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key_data = NULL;
+    size_t key_size;
+    unsigned char *input_data = NULL;
+    size_t input_size;
+    unsigned char *output_data = NULL;
+    size_t output_size;
+    unsigned char signature[512];
+    size_t signature_length;
+
+    key_data = mbedtls_calloc( 1, strlen( key_hex ) / 2 );
+    TEST_ASSERT( key_data != NULL );
+    key_size = unhexify( key_data, key_hex );
+    input_data = mbedtls_calloc( 1, strlen( input_hex ) / 2 );
+    TEST_ASSERT( input_data != NULL );
+    input_size = unhexify( input_data, input_hex );
+    output_data = mbedtls_calloc( 1, strlen( output_hex ) / 2 );
+    TEST_ASSERT( output_data != NULL );
+    output_size = unhexify( output_data, output_hex );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, key_type,
+                                 key_data, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_asymmetric_sign( slot, alg,
+                                      input_data, input_size,
+                                      NULL, 0,
+                                      signature, sizeof( signature ),
+                                      &signature_length ) == PSA_SUCCESS );
+    TEST_ASSERT( signature_length == output_size );
+    TEST_ASSERT( memcmp( signature, output_data, output_size ) == 0 );
+
+exit:
+    psa_destroy_key( slot );
+    mbedtls_free( key_data );
+    mbedtls_free( input_data );
+    mbedtls_free( output_data );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void sign_fail( int key_type_arg, char *key_hex,
+                int alg_arg, char *input_hex,
+                int signature_size, int expected_status_arg )
+{
+    int slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key_data = NULL;
+    size_t key_size;
+    unsigned char *input_data = NULL;
+    size_t input_size;
+    psa_status_t actual_status;
+    psa_status_t expected_status = expected_status_arg;
+    unsigned char *signature;
+    size_t signature_length;
+
+    key_data = mbedtls_calloc( 1, strlen( key_hex ) / 2 );
+    TEST_ASSERT( key_data != NULL );
+    key_size = unhexify( key_data, key_hex );
+    input_data = mbedtls_calloc( 1, strlen( input_hex ) / 2 );
+    TEST_ASSERT( input_data != NULL );
+    input_size = unhexify( input_data, input_hex );
+    signature = mbedtls_calloc( 1, signature_size );
+    TEST_ASSERT( signature != NULL );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, key_type,
+                                 key_data, key_size ) == PSA_SUCCESS );
+
+    actual_status = psa_asymmetric_sign( slot, alg,
+                                         input_data, input_size,
+                                         NULL, 0,
+                                         signature, signature_size,
+                                         &signature_length );
+    TEST_ASSERT( actual_status == expected_status );
+
+exit:
+    psa_destroy_key( slot );
+    mbedtls_free( key_data );
+    mbedtls_free( input_data );
+    mbedtls_free( signature );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */

From 0189e7512d9d3df9e7db84672a8b01f94da38f01 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 3 Feb 2018 23:57:22 +0100
Subject: [PATCH 011/889] PSA crypto: PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE macro

Test it for RSA.
---
 include/psa/crypto.h                        | 45 ++++++++++++++++++++-
 tests/suites/test_suite_psa_crypto.data     | 18 +++++++++
 tests/suites/test_suite_psa_crypto.function | 27 ++++++++++++-
 3 files changed, 86 insertions(+), 4 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 3eee3822b..4a60e67f9 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -103,6 +103,9 @@ typedef enum {
  */
 psa_status_t psa_crypto_init(void);
 
+#define BITS_TO_BYTES(bits) (((bits) + 7) / 8)
+#define BYTES_TO_BITS(bytes) ((bytes) * 8)
+
 /**@}*/
 
 /** \defgroup crypto_types Key and algorithm types
@@ -122,7 +125,8 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_ASYMMETRIC_MASK            0x60000000
 #define PSA_KEY_TYPE_ASYMMETRIC_MASK_PUBLIC     0x40000000
 #define PSA_KEY_TYPE_ASYMMETRIC_MASK_KEYPAIR    0x60000000
-#define PSA_KEY_TYPE_ECC_TEST_MASK              0x7fff0000
+#define PSA_KEY_TYPE_ASYMMETRIC_TEST_MASK       0x5fff0000
+#define PSA_KEY_TYPE_RSA_TEST_VALUE             0x40000000
 #define PSA_KEY_TYPE_ECC_TEST_VALUE             0x40010000
 
 #define PSA_KEY_TYPE_IS_VENDOR(type) \
@@ -133,8 +137,10 @@ typedef uint32_t psa_key_type_t;
     (((type) & PSA_KEY_TYPE_ASYMMETRIC_MASK) == PSA_KEY_TYPE_ASYMMETRIC_MASK_PUBLIC)
 #define PSA_KEY_TYPE_IS_KEYPAIR(type) \
     (((type) & PSA_KEY_TYPE_ASYMMETRIC_MASK) == PSA_KEY_TYPE_ASYMMETRIC_MASK_KEYPAIR)
+#define PSA_KEY_TYPE_IS_RSA(type)                                       \
+    (((type) & PSA_KEY_TYPE_ASYMMETRIC_TEST_MASK) == PSA_KEY_TYPE_RSA_TEST_VALUE)
 #define PSA_KEY_TYPE_IS_ECC(type)                                       \
-    (((type) & PSA_KEY_TYPE_ECC_TEST_MASK) == PSA_KEY_TYPE_ECC_TEST_VALUE)
+    (((type) & PSA_KEY_TYPE_ASYMMETRIC_TEST_MASK) == PSA_KEY_TYPE_ECC_TEST_VALUE)
 
 typedef uint32_t psa_algorithm_t;
 
@@ -247,6 +253,41 @@ psa_status_t psa_export_key(psa_key_slot_t key,
  * @{
  */
 
+/**
+ * \brief Maximum ECDSA signature size for a given curve bit size
+ *
+ * \param curve_bits    Curve size in bits
+ * \return              Maximum signature size in bytes
+ *
+ * \note This macro returns a compile-time constant if its argument is one.
+ *
+ * \warning This macro may evaluate its argument multiple times.
+ */
+/*
+ * RFC 4492 page 20:
+ *
+ *     Ecdsa-Sig-Value ::= SEQUENCE {
+ *         r       INTEGER,
+ *         s       INTEGER
+ *     }
+ *
+ * Size is at most
+ *    1 (tag) + 1 (len) + 1 (initial 0) + curve_bytes for each of r and s,
+ *    twice that + 1 (tag) + 2 (len) for the sequence
+ * (assuming curve_bytes is less than 126 for r and s,
+ * and less than 124 (total len <= 255) for the sequence)
+ */
+#define PSA_ECDSA_SIGNATURE_SIZE(curve_bits)                          \
+    ( /*T,L of SEQUENCE*/ ((curve_bits) >= 61 * 8 ? 3 : 2) +          \
+      /*T,L of r,s*/       2 * (((curve_bits) >= 127 * 8 ? 3 : 2) +   \
+      /*V of r,s*/               ((curve_bits) + 8) / 8))
+
+
+#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg)        \
+    (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, BITS_TO_BYTES(key_bits)) : \
+     PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \
+     0)
+
 /**
  * \brief Sign a hash or short message with a private key.
  *
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 51fbf3ade..a2d6b89fd 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -37,6 +37,24 @@ import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1
 #depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 #import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_NISTP256R1:256:0:PSA_SUCCESS:1
 #
+PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw
+signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_RAW:128
+
+PSA signature size: RSA public key, 1024 bits, PKCS#1 v1.5 raw
+signature_size:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_RAW:128
+
+PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 SHA-256
+signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):128
+
+PSA signature size: RSA keypair, 1024 bits, PSS
+signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PSS_MGF1:128
+
+PSA signature size: RSA keypair, 1023 bits, PKCS#1 v1.5 raw
+signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1023:PSA_ALG_RSA_PKCS1V15_RAW:128
+
+PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw
+signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1025:PSA_ALG_RSA_PKCS1V15_RAW:129
+
 PSA sign RSA PKCS#1 v1.5, raw
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a"
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 35515706d..80a778881 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -133,6 +133,18 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg )
+{
+    psa_key_type_t type = type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(type, bits, alg);
+    TEST_ASSERT( actual_size == (size_t) expected_size_arg );
+exit:
+    ;
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void sign_deterministic( int key_type_arg, char *key_hex,
                          int alg_arg, char *input_hex, char *output_hex )
@@ -142,12 +154,14 @@ void sign_deterministic( int key_type_arg, char *key_hex,
     psa_algorithm_t alg = alg_arg;
     unsigned char *key_data = NULL;
     size_t key_size;
+    size_t key_bits;
     unsigned char *input_data = NULL;
     size_t input_size;
     unsigned char *output_data = NULL;
     size_t output_size;
-    unsigned char signature[512];
     size_t signature_length;
+    unsigned char *signature = NULL;
+    size_t signature_size;
 
     key_data = mbedtls_calloc( 1, strlen( key_hex ) / 2 );
     TEST_ASSERT( key_data != NULL );
@@ -163,11 +177,19 @@ void sign_deterministic( int key_type_arg, char *key_hex,
 
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data, key_size ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_get_key_information( slot,
+                                          NULL,
+                                          &key_bits ) == PSA_SUCCESS );
+
+    signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, alg, key_bits );
+    TEST_ASSERT( signature_size != 0 );
+    signature = mbedtls_calloc( 1, signature_size );
+    TEST_ASSERT( signature != NULL );
 
     TEST_ASSERT( psa_asymmetric_sign( slot, alg,
                                       input_data, input_size,
                                       NULL, 0,
-                                      signature, sizeof( signature ),
+                                      signature, signature_size,
                                       &signature_length ) == PSA_SUCCESS );
     TEST_ASSERT( signature_length == output_size );
     TEST_ASSERT( memcmp( signature, output_data, output_size ) == 0 );
@@ -177,6 +199,7 @@ exit:
     mbedtls_free( key_data );
     mbedtls_free( input_data );
     mbedtls_free( output_data );
+    mbedtls_free( signature );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */

From 93aa0334d98e59ba22bce684787f71e94e081487 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 3 Feb 2018 23:58:03 +0100
Subject: [PATCH 012/889] PSA asymmetric signature: set *signature_length = 0
 on failure

---
 library/psa_crypto.c                        | 10 ++++++----
 tests/suites/test_suite_psa_crypto.function |  5 +++--
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 256523271..66d81a365 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -446,6 +446,10 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
 {
     key_slot_t *slot;
 
+    *signature_length = 0;
+    (void) salt;
+    (void) salt_length;
+
     if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_EMPTY_SLOT );
     slot = &global_data.key_slots[key];
@@ -454,9 +458,6 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
     if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    (void) salt;
-    (void) salt_length;
-
 #if defined(MBEDTLS_RSA_C)
     if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
     {
@@ -512,7 +513,8 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
         {
             return( PSA_ERROR_INVALID_ARGUMENT );
         }
-        *signature_length = ( ret == 0 ? rsa->len : 0 );
+        if( ret == 0 )
+            *signature_length = rsa->len;
         return( mbedtls_to_psa_error( ret ) );
     }
     else
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 80a778881..c5d536e46 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -159,9 +159,9 @@ void sign_deterministic( int key_type_arg, char *key_hex,
     size_t input_size;
     unsigned char *output_data = NULL;
     size_t output_size;
-    size_t signature_length;
     unsigned char *signature = NULL;
     size_t signature_size;
+    size_t signature_length = 0xdeadbeef;
 
     key_data = mbedtls_calloc( 1, strlen( key_hex ) / 2 );
     TEST_ASSERT( key_data != NULL );
@@ -219,7 +219,7 @@ void sign_fail( int key_type_arg, char *key_hex,
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
     unsigned char *signature;
-    size_t signature_length;
+    size_t signature_length = 0xdeadbeef;
 
     key_data = mbedtls_calloc( 1, strlen( key_hex ) / 2 );
     TEST_ASSERT( key_data != NULL );
@@ -241,6 +241,7 @@ void sign_fail( int key_type_arg, char *key_hex,
                                          signature, signature_size,
                                          &signature_length );
     TEST_ASSERT( actual_status == expected_status );
+    TEST_ASSERT( signature_length == 0 );
 
 exit:
     psa_destroy_key( slot );

From 98f0a24255312cd892627994b62a1e3c2e5ff12b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 6 Feb 2018 18:57:29 +0100
Subject: [PATCH 013/889] Improve key type and algorithm encodings

Refine the encoding of key types and algorithms so that ranges of bits
make more sense.

Define a few symmetric cipher algorithms.
---
 include/psa/crypto.h | 156 +++++++++++++++++++++++++++++--------------
 1 file changed, 105 insertions(+), 51 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 4a60e67f9..6276bac6e 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -114,67 +114,121 @@ psa_status_t psa_crypto_init(void);
 
 typedef uint32_t psa_key_type_t;
 
-#define PSA_KEY_TYPE_NONE                       0x00000000
-#define PSA_KEY_TYPE_RAW_DATA                   0x00000001
-#define PSA_KEY_TYPE_RSA_PUBLIC_KEY             0x40000001
-#define PSA_KEY_TYPE_RSA_KEYPAIR                0x60000001
-#define PSA_KEY_TYPE_ECC_BASE                   0x40010000
+#define PSA_KEY_TYPE_NONE                       ((psa_key_type_t)0x00000000)
+#define PSA_KEY_TYPE_VENDOR_FLAG                ((psa_key_type_t)0x80000000)
 
-#define PSA_KEY_TYPE_VENDOR_FLAG                0x80000000
-#define PSA_KEY_TYPE_ASYMMETRIC_FLAG            0x40000000
-#define PSA_KEY_TYPE_ASYMMETRIC_MASK            0x60000000
-#define PSA_KEY_TYPE_ASYMMETRIC_MASK_PUBLIC     0x40000000
-#define PSA_KEY_TYPE_ASYMMETRIC_MASK_KEYPAIR    0x60000000
-#define PSA_KEY_TYPE_ASYMMETRIC_TEST_MASK       0x5fff0000
-#define PSA_KEY_TYPE_RSA_TEST_VALUE             0x40000000
-#define PSA_KEY_TYPE_ECC_TEST_VALUE             0x40010000
+#define PSA_KEY_TYPE_CATEGORY_MASK              ((psa_key_type_t)0x7e000000)
+#define PSA_KEY_TYPE_RAW_DATA                   ((psa_key_type_t)0x02000000)
+#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC         ((psa_key_type_t)0x04000000)
+#define PSA_KEY_TYPE_CATEGORY_ASYMMETRIC        ((psa_key_type_t)0x06000000)
+#define PSA_KEY_TYPE_PAIR_FLAG                  ((psa_key_type_t)0x01000000)
 
-#define PSA_KEY_TYPE_IS_VENDOR(type) \
+#define PSA_KEY_TYPE_HMAC                       ((psa_key_type_t)0x02000001)
+#define PSA_KEY_TYPE_AES                        ((psa_key_type_t)0x04000001)
+#define PSA_KEY_TYPE_DES                        ((psa_key_type_t)0x04000002)
+#define PSA_KEY_TYPE_CAMELLIA                   ((psa_key_type_t)0x04000003)
+#define PSA_KEY_TYPE_ARC4                       ((psa_key_type_t)0x04000004)
+
+#define PSA_KEY_TYPE_RSA_PUBLIC_KEY             ((psa_key_type_t)0x06010000)
+#define PSA_KEY_TYPE_RSA_KEYPAIR                ((psa_key_type_t)0x07010000)
+#define PSA_KEY_TYPE_ECC_BASE                   ((psa_key_type_t)0x06030000)
+#define PSA_KEY_TYPE_ECC_CURVE_MASK             ((psa_key_type_t)0x0000ffff)
+
+#define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
     (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
-#define PSA_KEY_TYPE_IS_ASYMMETRIC(type) \
-    (((type) & PSA_KEY_TYPE_ASYMMETRIC_FLAG) != 0)
-#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type) \
-    (((type) & PSA_KEY_TYPE_ASYMMETRIC_MASK) == PSA_KEY_TYPE_ASYMMETRIC_MASK_PUBLIC)
-#define PSA_KEY_TYPE_IS_KEYPAIR(type) \
-    (((type) & PSA_KEY_TYPE_ASYMMETRIC_MASK) == PSA_KEY_TYPE_ASYMMETRIC_MASK_KEYPAIR)
+#define PSA_KEY_TYPE_IS_ASYMMETRIC(type)                                \
+    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_ASYMMETRIC)
+#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type)                                \
+    (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG) == \
+      PSA_KEY_TYPE_CATEGORY_ASYMMETRIC))
+#define PSA_KEY_TYPE_IS_KEYPAIR(type)                                   \
+    (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG)) == \
+     (PSA_KEY_TYPE_CATEGORY_ASYMMETRIC | PSA_KEY_TYPE_PAIR_FLAG))
 #define PSA_KEY_TYPE_IS_RSA(type)                                       \
-    (((type) & PSA_KEY_TYPE_ASYMMETRIC_TEST_MASK) == PSA_KEY_TYPE_RSA_TEST_VALUE)
+    (((type) & ~PSA_KEY_TYPE_PAIR_FLAG) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
 #define PSA_KEY_TYPE_IS_ECC(type)                                       \
-    (((type) & PSA_KEY_TYPE_ASYMMETRIC_TEST_MASK) == PSA_KEY_TYPE_ECC_TEST_VALUE)
+    (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_BASE)
 
 typedef uint32_t psa_algorithm_t;
 
-#define PSA_ALG_HASH_BITS                       0x01000000
-#define PSA_ALG_RSA_HASH_MASK                   0x000000ff
-#define PSA_ALG_MD2                             0x01000001
-#define PSA_ALG_MD4                             0x01000002
-#define PSA_ALG_MD5                             0x01000003
-#define PSA_ALG_SHA_256_128                     0x01000004
-#define PSA_ALG_RIPEMD160                       0x01000005
-#define PSA_ALG_SHA_1                           0x01000006
-#define PSA_ALG_SHA_256_160                     0x01000007
-#define PSA_ALG_SHA_224                         0x01000008
-#define PSA_ALG_SHA_256                         0x01000009
-#define PSA_ALG_SHA_384                         0x0100000a
-#define PSA_ALG_SHA_512                         0x0100000b
-#define PSA_ALG_SHA_512_224                     0x0100000c
-#define PSA_ALG_SHA_512_256                     0x0100000d
-#define PSA_ALG_SHA3_224                        0x01000010
-#define PSA_ALG_SHA3_256                        0x01000011
-#define PSA_ALG_SHA3_384                        0x01000012
-#define PSA_ALG_SHA3_512                        0x01000013
+#define PSA_ALG_VENDOR_FLAG                     ((psa_algorithm_t)0x80000000)
+#define PSA_ALG_CATEGORY_MASK                   ((psa_algorithm_t)0x7f000000)
+#define PSA_ALG_CATEGORY_HASH                   ((psa_algorithm_t)0x01000000)
+#define PSA_ALG_CATEGORY_MAC                    ((psa_algorithm_t)0x02000000)
+#define PSA_ALG_CATEGORY_CIPHER                 ((psa_algorithm_t)0x04000000)
+#define PSA_ALG_CATEGORY_AEAD                   ((psa_algorithm_t)0x06000000)
+#define PSA_ALG_CATEGORY_SIGN                   ((psa_algorithm_t)0x10000000)
+#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION  ((psa_algorithm_t)0x12000000)
+#define PSA_ALG_CATEGORY_KEY_AGREEMENT          ((psa_algorithm_t)0x22000000)
+#define PSA_ALG_CATEGORY_KEY_DERIVATION         ((psa_algorithm_t)0x30000000)
 
-#define PSA_ALG_RSA_PKCS1V15_RAW                0x40000100
-#define PSA_ALG_RSA_PSS_MGF1                    0x40000200
-#define PSA_ALG_RSA_OAEP                        0x40000300
-#define PSA_ALG_RSA_PKCS1V15(hash_alg)          \
-    (PSA_ALG_RSA_PKCS1V15_RAW | ((hash_alg) & PSA_ALG_RSA_HASH_MASK))
-#define PSA_ALG_IS_RSA_PKCS1V15(alg)            \
+#define PSA_ALG_IS_VENDOR_DEFINED(alg)                                  \
+    (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
+#define PSA_ALG_IS_HASH(alg)                                            \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
+#define PSA_ALG_IS_MAC(alg)                                             \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC)
+#define PSA_ALG_IS_CIPHER(alg)                                          \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER)
+#define PSA_ALG_IS_AEAD(alg)                                            \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD)
+#define PSA_ALG_IS_SIGN(alg)                                            \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN)
+#define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)                           \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION)
+#define PSA_ALG_IS_KEY_AGREEMENT(alg)                                   \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT)
+#define PSA_ALG_IS_KEY_DERIVATION(alg)                                  \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION)
+
+#define PSA_ALG_HASH_MASK                       ((psa_algorithm_t)0x000000ff)
+#define PSA_ALG_MD2                             ((psa_algorithm_t)0x01000001)
+#define PSA_ALG_MD4                             ((psa_algorithm_t)0x01000002)
+#define PSA_ALG_MD5                             ((psa_algorithm_t)0x01000003)
+#define PSA_ALG_SHA_256_128                     ((psa_algorithm_t)0x01000004)
+#define PSA_ALG_RIPEMD160                       ((psa_algorithm_t)0x01000005)
+#define PSA_ALG_SHA_1                           ((psa_algorithm_t)0x01000006)
+#define PSA_ALG_SHA_256_160                     ((psa_algorithm_t)0x01000007)
+#define PSA_ALG_SHA_224                         ((psa_algorithm_t)0x01000008)
+#define PSA_ALG_SHA_256                         ((psa_algorithm_t)0x01000009)
+#define PSA_ALG_SHA_384                         ((psa_algorithm_t)0x0100000a)
+#define PSA_ALG_SHA_512                         ((psa_algorithm_t)0x0100000b)
+#define PSA_ALG_SHA_512_224                     ((psa_algorithm_t)0x0100000c)
+#define PSA_ALG_SHA_512_256                     ((psa_algorithm_t)0x0100000d)
+#define PSA_ALG_SHA3_224                        ((psa_algorithm_t)0x01000010)
+#define PSA_ALG_SHA3_256                        ((psa_algorithm_t)0x01000011)
+#define PSA_ALG_SHA3_384                        ((psa_algorithm_t)0x01000012)
+#define PSA_ALG_SHA3_512                        ((psa_algorithm_t)0x01000013)
+
+#define PSA_ALG_HMAC_BASE                       ((psa_algorithm_t)0x02800000)
+#define PSA_ALG_HMAC(hash_alg)                  \
+    (PSA_ALG_HMAC_BASE | (hash_alg))
+#define PSA_ALG_CBC_MAC                         ((psa_algorithm_t)0x02000001)
+#define PSA_ALG_CMAC                            ((psa_algorithm_t)0x02000002)
+#define PSA_ALG_GMAC                            ((psa_algorithm_t)0x02000003)
+
+#define PSA_ALG_BLOCK_CIPHER_BASE_MASK          ((psa_algorithm_t)0x000000ff)
+#define PSA_ALG_BLOCK_CIPHER_PADDING_MASK       ((psa_algorithm_t)0x007f0000)
+#define PSA_ALG_BLOCK_CIPHER_PAD_PKCS7          ((psa_algorithm_t)0x00010000)
+#define PSA_ALG_CBC_BASE                        ((psa_algorithm_t)0x04000001)
+#define PSA_ALG_CFB_BASE                        ((psa_algorithm_t)0x04000003)
+#define PSA_ALG_OFB_BASE                        ((psa_algorithm_t)0x04000004)
+#define PSA_ALG_XTS_BASE                        ((psa_algorithm_t)0x04000005)
+#define PSA_ALG_STREAM_CIPHER                   ((psa_algorithm_t)0x04800000)
+#define PSA_ALG_CTR                             ((psa_algorithm_t)0x04800001)
+
+#define PSA_ALG_CCM                             ((psa_algorithm_t)0x06000002)
+#define PSA_ALG_GCM                             ((psa_algorithm_t)0x06000003)
+
+#define PSA_ALG_RSA_PKCS1V15_RAW                ((psa_algorithm_t)0x10010000)
+#define PSA_ALG_RSA_PSS_MGF1                    ((psa_algorithm_t)0x10020000)
+#define PSA_ALG_RSA_OAEP                        ((psa_algorithm_t)0x12020000)
+#define PSA_ALG_RSA_PKCS1V15(hash_alg)                                  \
+    (PSA_ALG_RSA_PKCS1V15_RAW | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_IS_RSA_PKCS1V15(alg)                                    \
     (((alg) & 0x7fffff00) == PSA_ALG_RSA_PKCS1V15_RAW)
-#define PSA_ALG_RSA_GET_HASH(alg)               \
-    (((alg) & PSA_ALG_RSA_HASH_MASK) | PSA_ALG_HASH_BITS)
-
-#define PSA_ALG_VENDOR_FLAG                     0x80000000
+#define PSA_ALG_RSA_GET_HASH(alg)                                       \
+    (((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH)
 
 /**@}*/
 

From a59052993862d7e91ea21dfcfdb655454c134149 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 7 Feb 2018 20:59:33 +0100
Subject: [PATCH 014/889] Greatly expanded mbedtls_to_psa_error

It now covers most cryptography algorithm modules (missing: bignum,
DHM, everything ECC, HMAC_DRBG).
---
 include/psa/crypto.h |   6 +-
 library/psa_crypto.c | 149 ++++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 152 insertions(+), 3 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 6276bac6e..c1eb60ff8 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -71,6 +71,8 @@ typedef enum {
     PSA_ERROR_INSUFFICIENT_STORAGE,
     /** There was a communication failure inside the implementation. */
     PSA_ERROR_COMMUNICATION_FAILURE,
+    /** There was a storage failure that may have led to data loss. */
+    PSA_ERROR_STORAGE_FAILURE,
     /** A hardware failure was detected. */
     PSA_ERROR_HARDWARE_FAILURE,
     /** A tampering attempt was detected. */
@@ -78,8 +80,10 @@ typedef enum {
     /** There is not enough entropy to generate random data needed
         for the requested action. */
     PSA_ERROR_INSUFFICIENT_ENTROPY,
-    /** The signature or MAC is incorrect. */
+    /** The signature, MAC or hash is incorrect. */
     PSA_ERROR_INVALID_SIGNATURE,
+    /** The decrypted padding is incorrect. */
+    PSA_ERROR_INVALID_PADDING,
     /** An error occurred that does not correspond to any defined
         failure cause. */
     PSA_ERROR_UNKNOWN_ERROR,
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 66d81a365..84995176c 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -38,14 +38,32 @@
 #define mbedtls_free   free
 #endif
 
+#include "mbedtls/arc4.h"
+#include "mbedtls/blowfish.h"
+#include "mbedtls/camellia.h"
+#include "mbedtls/cipher.h"
+#include "mbedtls/ccm.h"
+#include "mbedtls/cmac.h"
 #include "mbedtls/ctr_drbg.h"
+#include "mbedtls/des.h"
 #include "mbedtls/ecp.h"
 #include "mbedtls/entropy.h"
+#include "mbedtls/error.h"
+#include "mbedtls/gcm.h"
+#include "mbedtls/md2.h"
+#include "mbedtls/md4.h"
+#include "mbedtls/md5.h"
 #include "mbedtls/md.h"
 #include "mbedtls/md_internal.h"
 #include "mbedtls/pk.h"
 #include "mbedtls/pk_internal.h"
+#include "mbedtls/ripemd160.h"
 #include "mbedtls/rsa.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+#include "mbedtls/xtea.h"
+
 
 
 /* Implementation that should never be optimized out by the compiler */
@@ -89,21 +107,110 @@ static psa_global_data_t global_data;
 
 static psa_status_t mbedtls_to_psa_error( int ret )
 {
-    switch( ret )
+    /* If there's both a high-level code and low-level code, dispatch on
+     * the high-level code. */
+    switch( ret < -0x7f ? - ( -ret & 0x7f80 ) : ret )
     {
         case 0:
             return( PSA_SUCCESS );
+
+        case MBEDTLS_ERR_AES_INVALID_KEY_LENGTH:
+        case MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH:
+        case MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE:
+            return( PSA_ERROR_NOT_SUPPORTED );
+        case MBEDTLS_ERR_AES_HW_ACCEL_FAILED:
+            return( PSA_ERROR_HARDWARE_FAILURE );
+
+        case MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED:
+            return( PSA_ERROR_HARDWARE_FAILURE );
+
+        case MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH:
+        case MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH:
+            return( PSA_ERROR_NOT_SUPPORTED );
+        case MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED:
+            return( PSA_ERROR_HARDWARE_FAILURE );
+
+        case MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH:
+        case MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH:
+            return( PSA_ERROR_NOT_SUPPORTED );
+        case MBEDTLS_ERR_CAMELLIA_HW_ACCEL_FAILED:
+            return( PSA_ERROR_HARDWARE_FAILURE );
+
+        case MBEDTLS_ERR_CCM_BAD_INPUT:
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        case MBEDTLS_ERR_CCM_AUTH_FAILED:
+            return( PSA_ERROR_INVALID_SIGNATURE );
+        case MBEDTLS_ERR_CCM_HW_ACCEL_FAILED:
+            return( PSA_ERROR_HARDWARE_FAILURE );
+
+        case MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE:
+            return( PSA_ERROR_NOT_SUPPORTED );
+        case MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA:
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        case MBEDTLS_ERR_CIPHER_ALLOC_FAILED:
+            return( PSA_ERROR_INSUFFICIENT_MEMORY );
+        case MBEDTLS_ERR_CIPHER_INVALID_PADDING:
+            return( PSA_ERROR_INVALID_PADDING );
+        case MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED:
+            return( PSA_ERROR_BAD_STATE );
+        case MBEDTLS_ERR_CIPHER_AUTH_FAILED:
+            return( PSA_ERROR_INVALID_SIGNATURE );
+        case MBEDTLS_ERR_CIPHER_INVALID_CONTEXT:
+            return( PSA_ERROR_TAMPERING_DETECTED );
+        case MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED:
+            return( PSA_ERROR_HARDWARE_FAILURE );
+
+        case MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED:
+            return( PSA_ERROR_HARDWARE_FAILURE );
+
+        case MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED:
+            return( PSA_ERROR_INSUFFICIENT_ENTROPY );
+        case MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG:
+        case MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG:
+            return( PSA_ERROR_NOT_SUPPORTED );
+        case MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR:
+            return( PSA_ERROR_INSUFFICIENT_ENTROPY );
+
+        case MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH:
+            return( PSA_ERROR_NOT_SUPPORTED );
+        case MBEDTLS_ERR_DES_HW_ACCEL_FAILED:
+            return( PSA_ERROR_HARDWARE_FAILURE );
+
         case MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED:
         case MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE:
         case MBEDTLS_ERR_ENTROPY_SOURCE_FAILED:
             return( PSA_ERROR_INSUFFICIENT_ENTROPY );
+
+        case MBEDTLS_ERR_GCM_AUTH_FAILED:
+            return( PSA_ERROR_INVALID_SIGNATURE );
+        case MBEDTLS_ERR_GCM_BAD_INPUT:
+            return( PSA_ERROR_NOT_SUPPORTED );
+        case MBEDTLS_ERR_GCM_HW_ACCEL_FAILED:
+            return( PSA_ERROR_HARDWARE_FAILURE );
+
+        case MBEDTLS_ERR_MD2_HW_ACCEL_FAILED:
+        case MBEDTLS_ERR_MD4_HW_ACCEL_FAILED:
+        case MBEDTLS_ERR_MD5_HW_ACCEL_FAILED:
+            return( PSA_ERROR_HARDWARE_FAILURE );
+
+        case MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE:
+            return( PSA_ERROR_NOT_SUPPORTED );
+        case MBEDTLS_ERR_MD_BAD_INPUT_DATA:
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        case MBEDTLS_ERR_MD_ALLOC_FAILED:
+            return( PSA_ERROR_INSUFFICIENT_MEMORY );
+        case MBEDTLS_ERR_MD_FILE_IO_ERROR:
+            return( PSA_ERROR_STORAGE_FAILURE );
+        case MBEDTLS_ERR_MD_HW_ACCEL_FAILED:
+            return( PSA_ERROR_HARDWARE_FAILURE );
+
         case MBEDTLS_ERR_PK_ALLOC_FAILED:
             return( PSA_ERROR_INSUFFICIENT_MEMORY );
         case MBEDTLS_ERR_PK_TYPE_MISMATCH:
         case MBEDTLS_ERR_PK_BAD_INPUT_DATA:
             return( PSA_ERROR_INVALID_ARGUMENT );
         case MBEDTLS_ERR_PK_FILE_IO_ERROR:
-            return( PSA_ERROR_TAMPERING_DETECTED );
+            return( PSA_ERROR_STORAGE_FAILURE );
         case MBEDTLS_ERR_PK_KEY_INVALID_VERSION:
         case MBEDTLS_ERR_PK_KEY_INVALID_FORMAT:
             return( PSA_ERROR_INVALID_ARGUMENT );
@@ -120,6 +227,44 @@ static psa_status_t mbedtls_to_psa_error( int ret )
             return( PSA_ERROR_NOT_SUPPORTED );
         case MBEDTLS_ERR_PK_SIG_LEN_MISMATCH:
             return( PSA_ERROR_INVALID_SIGNATURE );
+        case MBEDTLS_ERR_PK_HW_ACCEL_FAILED:
+            return( PSA_ERROR_HARDWARE_FAILURE );
+
+        case MBEDTLS_ERR_RIPEMD160_HW_ACCEL_FAILED:
+            return( PSA_ERROR_HARDWARE_FAILURE );
+
+        case MBEDTLS_ERR_RSA_BAD_INPUT_DATA:
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        case MBEDTLS_ERR_RSA_INVALID_PADDING:
+            return( PSA_ERROR_INVALID_PADDING );
+        case MBEDTLS_ERR_RSA_KEY_GEN_FAILED:
+            return( PSA_ERROR_HARDWARE_FAILURE );
+        case MBEDTLS_ERR_RSA_KEY_CHECK_FAILED:
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        case MBEDTLS_ERR_RSA_PUBLIC_FAILED:
+        case MBEDTLS_ERR_RSA_PRIVATE_FAILED:
+            return( PSA_ERROR_TAMPERING_DETECTED );
+        case MBEDTLS_ERR_RSA_VERIFY_FAILED:
+            return( PSA_ERROR_INVALID_SIGNATURE );
+        case MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE:
+            return( PSA_ERROR_BUFFER_TOO_SMALL );
+        case MBEDTLS_ERR_RSA_RNG_FAILED:
+            return( PSA_ERROR_INSUFFICIENT_MEMORY );
+        case MBEDTLS_ERR_RSA_UNSUPPORTED_OPERATION:
+            return( PSA_ERROR_NOT_SUPPORTED );
+        case MBEDTLS_ERR_RSA_HW_ACCEL_FAILED:
+            return( PSA_ERROR_HARDWARE_FAILURE );
+
+        case MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED:
+        case MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED:
+        case MBEDTLS_ERR_SHA512_HW_ACCEL_FAILED:
+            return( PSA_ERROR_HARDWARE_FAILURE );
+
+        case MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH:
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        case MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED:
+            return( PSA_ERROR_HARDWARE_FAILURE );
+
         default:
             return( PSA_ERROR_UNKNOWN_ERROR );
     }

From 9ef733faa0b11bce4dee9be4e0a453d0622bd519 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 7 Feb 2018 21:05:37 +0100
Subject: [PATCH 015/889] Implement hash functions

New header file crypto_struct.h. The main file crypto.sh declares
structures which are implementation-defined. These structures must be
defined in crypto_struct.h, which is included at the end so that the
structures can use types defined in crypto.h.

Implement psa_hash_start, psa_hash_update and psa_hash_final. This
should work for all hash algorithms supported by Mbed TLS, but has
only been smoke-tested for SHA-256, and only in the nominal case.
---
 include/psa/crypto.h                        |  54 ++++
 include/psa/crypto_struct.h                 |  96 +++++++
 library/psa_crypto.c                        | 283 ++++++++++++++++++++
 tests/suites/test_suite_psa_crypto.data     |   8 +
 tests/suites/test_suite_psa_crypto.function |  67 +++++
 5 files changed, 508 insertions(+)
 create mode 100644 include/psa/crypto_struct.h

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index c1eb60ff8..90140d7a9 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -307,6 +307,54 @@ psa_status_t psa_export_key(psa_key_slot_t key,
 
 /**@}*/
 
+/** \defgroup hash Message digests
+ * @{
+ */
+
+typedef struct psa_hash_operation_s psa_hash_operation_t;
+
+#define PSA_HASH_FINAL_SIZE(alg)                \
+    (                                           \
+        (alg) == PSA_ALG_MD2 ? 16 :             \
+        (alg) == PSA_ALG_MD4 ? 16 :             \
+        (alg) == PSA_ALG_MD5 ? 16 :             \
+        (alg) == PSA_ALG_SHA_256_128 ? 16 :     \
+        (alg) == PSA_ALG_RIPEMD160 ? 20 :       \
+        (alg) == PSA_ALG_SHA_1 ? 20 :           \
+        (alg) == PSA_ALG_SHA_256_160 ? 20 :     \
+        (alg) == PSA_ALG_SHA_224 ? 28 :         \
+        (alg) == PSA_ALG_SHA_256 ? 32 :         \
+        (alg) == PSA_ALG_SHA_384 ? 48 :         \
+        (alg) == PSA_ALG_SHA_512 ? 64 :         \
+        (alg) == PSA_ALG_SHA_512_224 ? 28 :     \
+        (alg) == PSA_ALG_SHA_512_256 ? 32 :     \
+        (alg) == PSA_ALG_SHA3_224 ? 28 :        \
+        (alg) == PSA_ALG_SHA3_256 ? 32 :        \
+        (alg) == PSA_ALG_SHA3_384 ? 48 :        \
+        (alg) == PSA_ALG_SHA3_512 ? 64 :        \
+        0)
+
+psa_status_t psa_hash_start(psa_hash_operation_t *operation,
+                            psa_algorithm_t alg);
+
+psa_status_t psa_hash_update(psa_hash_operation_t *operation,
+                             const uint8_t *input,
+                             size_t input_length);
+
+psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
+                             uint8_t *hash,
+                             size_t hash_size,
+                             size_t *hash_length);
+
+psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
+                             const uint8_t *hash,
+                             size_t hash_length);
+
+psa_status_t ps_hash_abort(psa_hash_operation_t *operation);
+
+/**@}*/
+
+/** \defgroup MAC Message authentication codes
 /** \defgroup asymmetric Asymmetric cryptography
  * @{
  */
@@ -379,6 +427,12 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
 }
 #endif
 
+/* The file "crypto_struct.h" contains definitions for
+ * implementation-specific structs that are declared above. */
+#include "crypto_struct.h"
+
+/* The file "crypto_extra.h" contains vendor-specific definitions. This
+ * can include vendor-defined algorithms, extra functions, etc. */
 #include "crypto_extra.h"
 
 #endif /* PSA_CRYPTO_H */
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
new file mode 100644
index 000000000..6bd4ed23d
--- /dev/null
+++ b/include/psa/crypto_struct.h
@@ -0,0 +1,96 @@
+/**
+ * \file psa/crypto_struct.h
+ *
+ * \brief PSA cryptography module: Mbed TLS structured type implementations
+ */
+/*
+ *  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_STRUCT_H
+#define PSA_CRYPTO_STRUCT_H
+
+/* Include the Mbed TLS configuration file, the way Mbed TLS does it
+ * in each of its header files. */
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "../mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/cipher.h"
+#include "mbedtls/cmac.h"
+#include "mbedtls/gcm.h"
+#include "mbedtls/md.h"
+#include "mbedtls/md2.h"
+#include "mbedtls/md4.h"
+#include "mbedtls/md5.h"
+#include "mbedtls/ripemd160.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+
+struct psa_hash_operation_s
+{
+    psa_algorithm_t alg;
+    union
+    {
+#if defined(MBEDTLS_MD2_C)
+        mbedtls_md2_context md2;
+#endif
+#if defined(MBEDTLS_MD4_C)
+        mbedtls_md4_context md4;
+#endif
+#if defined(MBEDTLS_MD5_C)
+        mbedtls_md5_context md5;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+        mbedtls_ripemd160_context ripemd160;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        mbedtls_sha1_context sha1;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        mbedtls_sha256_context sha256;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+        mbedtls_sha512_context sha512;
+#endif
+    } ctx;
+};
+
+struct psa_mac_operation_s
+{
+    psa_algorithm_t alg;
+    int key_set : 1;
+    int iv_required : 1;
+    int iv_set : 1;
+    int has_input : 1;
+    uint8_t mac_size;
+    union
+    {
+#if defined(MBEDTLS_MD_C)
+        mbedtls_md_context_t hmac;
+#endif
+#if defined(MBEDTLS_CMAC_C)
+        mbedtls_cipher_context_t cmac;
+#endif
+    } ctx;
+};
+
+#endif /* PSA_CRYPTO_STRUCT_H */
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 84995176c..ca275495f 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -72,6 +72,20 @@ static void mbedtls_zeroize( void *v, size_t n )
     volatile unsigned char *p = v; while( n-- ) *p++ = 0;
 }
 
+/* constant-time buffer comparison */
+static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n )
+{
+    size_t i;
+    unsigned char diff = 0;
+
+    for( i = 0; i < n; i++ )
+        diff |= a[i] ^ b[i];
+
+    return( diff );
+}
+
+
+
 /****************************************************************/
 /* Global data, support functions and library management */
 /****************************************************************/
@@ -573,6 +587,275 @@ static psa_algorithm_t mbedtls_md_alg_to_psa( mbedtls_md_type_t md_alg )
 }
 #endif
 
+psa_status_t psa_hash_abort( psa_hash_operation_t *operation )
+{
+    switch( operation->alg )
+    {
+#if defined(MBEDTLS_MD2_C)
+        case PSA_ALG_MD2:
+            mbedtls_md2_free( &operation->ctx.md2 );
+            break;
+#endif
+#if defined(MBEDTLS_MD4_C)
+        case PSA_ALG_MD4:
+            mbedtls_md4_free( &operation->ctx.md4 );
+            break;
+#endif
+#if defined(MBEDTLS_MD5_C)
+        case PSA_ALG_MD5:
+            mbedtls_md5_free( &operation->ctx.md5 );
+            break;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+        case PSA_ALG_RIPEMD160:
+            mbedtls_ripemd160_free( &operation->ctx.ripemd160 );
+            break;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case PSA_ALG_SHA_1:
+            mbedtls_sha1_free( &operation->ctx.sha1 );
+            break;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case PSA_ALG_SHA_224:
+        case PSA_ALG_SHA_256:
+            mbedtls_sha256_free( &operation->ctx.sha256 );
+            break;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+        case PSA_ALG_SHA_384:
+        case PSA_ALG_SHA_512:
+            mbedtls_sha512_free( &operation->ctx.sha512 );
+            break;
+#endif
+        default:
+            return( PSA_ERROR_NOT_SUPPORTED );
+    }
+    operation->alg = 0;
+    return( PSA_SUCCESS );
+}
+
+psa_status_t psa_hash_start( psa_hash_operation_t *operation,
+                             psa_algorithm_t alg )
+{
+    int ret;
+    operation->alg = 0;
+    switch( alg )
+    {
+#if defined(MBEDTLS_MD2_C)
+        case PSA_ALG_MD2:
+            mbedtls_md2_init( &operation->ctx.md2 );
+            ret = mbedtls_md2_starts_ret( &operation->ctx.md2 );
+            break;
+#endif
+#if defined(MBEDTLS_MD4_C)
+        case PSA_ALG_MD4:
+            mbedtls_md4_init( &operation->ctx.md4 );
+            ret = mbedtls_md4_starts_ret( &operation->ctx.md4 );
+            break;
+#endif
+#if defined(MBEDTLS_MD5_C)
+        case PSA_ALG_MD5:
+            mbedtls_md5_init( &operation->ctx.md5 );
+            ret = mbedtls_md5_starts_ret( &operation->ctx.md5 );
+            break;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+        case PSA_ALG_RIPEMD160:
+            mbedtls_ripemd160_init( &operation->ctx.ripemd160 );
+            ret = mbedtls_ripemd160_starts_ret( &operation->ctx.ripemd160 );
+            break;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case PSA_ALG_SHA_1:
+            mbedtls_sha1_init( &operation->ctx.sha1 );
+            ret = mbedtls_sha1_starts_ret( &operation->ctx.sha1 );
+            break;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case PSA_ALG_SHA_224:
+            mbedtls_sha256_init( &operation->ctx.sha256 );
+            ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 1 );
+            break;
+        case PSA_ALG_SHA_256:
+            mbedtls_sha256_init( &operation->ctx.sha256 );
+            ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 0 );
+            break;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+        case PSA_ALG_SHA_384:
+            mbedtls_sha512_init( &operation->ctx.sha512 );
+            ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 1 );
+            break;
+        case PSA_ALG_SHA_512:
+            mbedtls_sha512_init( &operation->ctx.sha512 );
+            ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 0 );
+            break;
+#endif
+        default:
+            return( PSA_ERROR_NOT_SUPPORTED );
+    }
+    if( ret == 0 )
+        operation->alg = alg;
+    else
+        psa_hash_abort( operation );
+    return( mbedtls_to_psa_error( ret ) );
+}
+
+psa_status_t psa_hash_update( psa_hash_operation_t *operation,
+                              const uint8_t *input,
+                              size_t input_length )
+{
+    int ret;
+    switch( operation->alg )
+    {
+#if defined(MBEDTLS_MD2_C)
+        case PSA_ALG_MD2:
+            ret = mbedtls_md2_update_ret( &operation->ctx.md2,
+                                          input, input_length );
+            break;
+#endif
+#if defined(MBEDTLS_MD4_C)
+        case PSA_ALG_MD4:
+            ret = mbedtls_md4_update_ret( &operation->ctx.md4,
+                                          input, input_length );
+            break;
+#endif
+#if defined(MBEDTLS_MD5_C)
+        case PSA_ALG_MD5:
+            ret = mbedtls_md5_update_ret( &operation->ctx.md5,
+                                          input, input_length );
+            break;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+        case PSA_ALG_RIPEMD160:
+            ret = mbedtls_ripemd160_update_ret( &operation->ctx.ripemd160,
+                                                input, input_length );
+            break;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case PSA_ALG_SHA_1:
+            ret = mbedtls_sha1_update_ret( &operation->ctx.sha1,
+                                           input, input_length );
+            break;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case PSA_ALG_SHA_224:
+        case PSA_ALG_SHA_256:
+            ret = mbedtls_sha256_update_ret( &operation->ctx.sha256,
+                                             input, input_length );
+            break;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+        case PSA_ALG_SHA_384:
+        case PSA_ALG_SHA_512:
+            ret = mbedtls_sha512_update_ret( &operation->ctx.sha512,
+                                             input, input_length );
+            break;
+#endif
+        default:
+            ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+            break;
+    }
+    if( ret != 0 )
+        psa_hash_abort( operation );
+    return( mbedtls_to_psa_error( ret ) );
+}
+
+psa_status_t psa_hash_finish( psa_hash_operation_t *operation,
+                              uint8_t *hash,
+                              size_t hash_size,
+                              size_t *hash_length )
+{
+    int ret;
+    size_t actual_hash_length = PSA_HASH_FINAL_SIZE( operation->alg );
+
+    /* Fill the output buffer with something that isn't a valid hash
+     * (barring an attack on the hash and deliberately-crafted input),
+     * in case the caller doesn't check the return status properly. */
+    *hash_length = actual_hash_length;
+    memset( hash, '!', hash_size );
+
+    if( hash_size < actual_hash_length )
+        return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+    switch( operation->alg )
+    {
+#if defined(MBEDTLS_MD2_C)
+        case PSA_ALG_MD2:
+            ret = mbedtls_md2_finish_ret( &operation->ctx.md2, hash );
+            break;
+#endif
+#if defined(MBEDTLS_MD4_C)
+        case PSA_ALG_MD4:
+            ret = mbedtls_md4_finish_ret( &operation->ctx.md4, hash );
+            break;
+#endif
+#if defined(MBEDTLS_MD5_C)
+        case PSA_ALG_MD5:
+            ret = mbedtls_md5_finish_ret( &operation->ctx.md5, hash );
+            break;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+        case PSA_ALG_RIPEMD160:
+            ret = mbedtls_ripemd160_finish_ret( &operation->ctx.ripemd160, hash );
+            break;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case PSA_ALG_SHA_1:
+            ret = mbedtls_sha1_finish_ret( &operation->ctx.sha1, hash );
+            break;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case PSA_ALG_SHA_224:
+        case PSA_ALG_SHA_256:
+            ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash );
+            break;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+        case PSA_ALG_SHA_384:
+        case PSA_ALG_SHA_512:
+            ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash );
+            break;
+#endif
+        default:
+            ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+            break;
+    }
+
+    if( ret == 0 )
+    {
+        return( psa_hash_abort( operation ) );
+    }
+    else
+    {
+        psa_hash_abort( operation );
+        return( mbedtls_to_psa_error( ret ) );
+    }
+}
+
+psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
+                             const uint8_t *hash,
+                             size_t hash_length)
+{
+    uint8_t actual_hash[MBEDTLS_MD_MAX_SIZE];
+    size_t actual_hash_length;
+    psa_status_t status = psa_hash_finish( operation,
+                                           actual_hash, sizeof( actual_hash ),
+                                           &actual_hash_length );
+    if( status != PSA_SUCCESS )
+        return( status );
+    if( actual_hash_length != hash_length )
+        return( PSA_ERROR_INVALID_SIGNATURE );
+    if( safer_memcmp( hash, actual_hash, actual_hash_length ) != 0 )
+        return( PSA_ERROR_INVALID_SIGNATURE );
+    return( PSA_SUCCESS );
+}
+
+
+
+
+/****************************************************************/
 
 
 /****************************************************************/
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index a2d6b89fd..f53b1a436 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -37,6 +37,14 @@ import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1
 #depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 #import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_NISTP256R1:256:0:PSA_SUCCESS:1
 #
+PSA hash finish: SHA-256
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
+
+PSA hash verify: SHA-256
+depends_on:MBEDTLS_SHA256_C
+hash_verify:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
+
 PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw
 signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_RAW:128
 
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index c5d536e46..21802d147 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -133,6 +133,73 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void hash_finish( int alg_arg, char *input_hex, char *hash_hex )
+{
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *input = NULL;
+    size_t input_size;
+    unsigned char expected_hash[MBEDTLS_MD_MAX_SIZE];
+    size_t expected_hash_length;
+    unsigned char actual_hash[MBEDTLS_MD_MAX_SIZE];
+    size_t actual_hash_length;
+    psa_hash_operation_t operation;
+
+    input_size = strlen( input_hex ) / 2;
+    input = mbedtls_calloc( 1, input_size );
+    TEST_ASSERT( input != NULL );
+    input_size = unhexify( input, input_hex );
+    expected_hash_length = unhexify( expected_hash, hash_hex );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_hash_update( &operation,
+                                  input, input_size ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_hash_finish( &operation,
+                                  actual_hash, sizeof( actual_hash ),
+                                  &actual_hash_length ) == PSA_SUCCESS );
+    TEST_ASSERT( actual_hash_length == expected_hash_length );
+    TEST_ASSERT( memcmp( expected_hash, actual_hash,
+                         expected_hash_length ) == 0 );
+
+exit:
+    mbedtls_free( input );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_verify( int alg_arg, char *input_hex, char *hash_hex )
+{
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *input = NULL;
+    size_t input_size;
+    unsigned char expected_hash[MBEDTLS_MD_MAX_SIZE];
+    size_t expected_hash_length;
+    psa_hash_operation_t operation;
+
+    input_size = strlen( input_hex ) / 2;
+    input = mbedtls_calloc( 1, input_size );
+    TEST_ASSERT( input != NULL );
+    input_size = unhexify( input, input_hex );
+    expected_hash_length = unhexify( expected_hash, hash_hex );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_hash_update( &operation,
+                                  input, input_size ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_hash_verify( &operation,
+                                  expected_hash,
+                                  expected_hash_length ) == PSA_SUCCESS );
+
+exit:
+    mbedtls_free( input );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg )
 {

From 308b91d7dbb2d58038bece8ed2aaa92d9a290ef0 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 8 Feb 2018 09:47:44 +0100
Subject: [PATCH 016/889] Wrote documentation for several functions, macros and
 types

Document key import/export functions, hash functions, and asymmetric
sign/verify, as well as some related macros and types.

Nicer formatting for return values: use \retval.
---
 include/psa/crypto.h | 373 +++++++++++++++++++++++++++++++++++++++----
 1 file changed, 342 insertions(+), 31 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 90140d7a9..060c007ec 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -18,7 +18,7 @@
 /** \brief Key slot number.
  *
  * This type represents key slots. It must be an unsigned integral
- * type.* The choice of type is implementation-dependent.
+ * type. The choice of type is implementation-dependent.
  * 0 is not a valid key slot number. The meaning of other values is
  * implementation dependent.
  *
@@ -98,12 +98,12 @@ typedef enum {
  * Applications may call this function more than once. Once a call
  * succeeds, subsequent calls are guaranteed to succeed.
  *
- * \return * \c PSA_SUCCESS: success.
- *         * \c PSA_ERROR_INSUFFICIENT_MEMORY
- *         * \c PSA_ERROR_COMMUNICATION_FAILURE
- *         * \c PSA_ERROR_HARDWARE_FAILURE
- *         * \c PSA_ERROR_TAMPERING_DETECTED
- *         * \c PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval PSA_ERROR_INSUFFICIENT_ENTROPY
  */
 psa_status_t psa_crypto_init(void);
 
@@ -116,6 +116,8 @@ psa_status_t psa_crypto_init(void);
  * @{
  */
 
+/** \brief Encoding of a key type.
+ */
 typedef uint32_t psa_key_type_t;
 
 #define PSA_KEY_TYPE_NONE                       ((psa_key_type_t)0x00000000)
@@ -133,7 +135,9 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_CAMELLIA                   ((psa_key_type_t)0x04000003)
 #define PSA_KEY_TYPE_ARC4                       ((psa_key_type_t)0x04000004)
 
+/** RSA public key. */
 #define PSA_KEY_TYPE_RSA_PUBLIC_KEY             ((psa_key_type_t)0x06010000)
+/** RSA key pair (private and public key). */
 #define PSA_KEY_TYPE_RSA_KEYPAIR                ((psa_key_type_t)0x07010000)
 #define PSA_KEY_TYPE_ECC_BASE                   ((psa_key_type_t)0x06030000)
 #define PSA_KEY_TYPE_ECC_CURVE_MASK             ((psa_key_type_t)0x0000ffff)
@@ -153,6 +157,14 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_IS_ECC(type)                                       \
     (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_BASE)
 
+/** \brief Encoding of a cryptographic algorithm.
+ *
+ * For algorithms that can be applied to multiple key types, this type
+ * does not encode the key type. For example, for symmetric ciphers
+ * based on a block cipher, #psa_algorithm_t encodes the block cipher
+ * mode and the padding mode while the block cipher itself is encoded
+ * via #psa_key_type_t.
+ */
 typedef uint32_t psa_algorithm_t;
 
 #define PSA_ALG_VENDOR_FLAG                     ((psa_algorithm_t)0x80000000)
@@ -168,6 +180,13 @@ typedef uint32_t psa_algorithm_t;
 
 #define PSA_ALG_IS_VENDOR_DEFINED(alg)                                  \
     (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
+/** Whether the specified algorithm is a hash algorithm.
+ *
+ * \param alg An algorithm identifier (\c PSA_ALG_XXX value)
+ *
+ * \return 1 if \c alg is a hash algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a valid
+ *         algorithm identifier. */
 #define PSA_ALG_IS_HASH(alg)                                            \
     (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
 #define PSA_ALG_IS_MAC(alg)                                             \
@@ -245,13 +264,26 @@ typedef uint32_t psa_algorithm_t;
  *
  * This function supports any output from psa_export_key().
  *
- * \return * \c PSA_SUCCESS: success.
- *         * \c PSA_ERROR_NOT_SUPPORTED
- *         * \c PSA_ERROR_INVALID_ARGUMENT
- *         * \c PSA_ERROR_INSUFFICIENT_MEMORY
- *         * \c PSA_ERROR_COMMUNICATION_FAILURE
- *         * \c PSA_ERROR_HARDWARE_FAILURE
- *         * \c PSA_ERROR_TAMPERING_DETECTED
+ * \param key         Slot where the key will be stored. This must be a
+ *                    valid slot for a key of the chosen type. It must
+ *                    be unoccupied.
+ * \param type        Key type (a \c PSA_KEY_TYPE_XXX value).
+ * \param data        Buffer containing the key data.
+ * \param data_length Size of the \c data buffer in bytes.
+ *
+ * \retval PSA_SUCCESS
+ *         Success.
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ *         The key type or key size is not supported.
+ * \retval PSA_ERROR_INVALID_ARGUMENT
+ *         The key slot is invalid,
+ *         or the key data is not correctly formatted.
+ * \retval PSA_ERROR_OCCUPIED_SLOT
+           There is already a key in the specified slot.
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_import_key(psa_key_slot_t key,
                             psa_key_type_t type,
@@ -261,22 +293,31 @@ psa_status_t psa_import_key(psa_key_slot_t key,
 /**
  * \brief Destroy a key.
  *
- * \return * \c PSA_SUCCESS: success.
- *         * \c PSA_ERROR_EMPTY_SLOT
- *         * \c PSA_ERROR_COMMUNICATION_FAILURE
- *         * \c PSA_ERROR_HARDWARE_FAILURE
- *         * \c PSA_ERROR_TAMPERING_DETECTED
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_EMPTY_SLOT
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_destroy_key(psa_key_slot_t key);
 
 /**
  * \brief Get basic metadata about a key.
  *
- * \return * \c PSA_SUCCESS: success.
- *         * \c PSA_ERROR_EMPTY_SLOT
- *         * \c PSA_ERROR_COMMUNICATION_FAILURE
- *         * \c PSA_ERROR_HARDWARE_FAILURE
- *         * \c PSA_ERROR_TAMPERING_DETECTED
+ * \param key           Slot whose content is queried. This must
+ *                      be an occupied key slot.
+ * \param type          On success, the key type (a \c PSA_KEY_TYPE_XXX value).
+ *                      This may be a null pointer, in which case the key type
+ *                      is not written.
+ * \param bits          On success, the key size in bits.
+ *                      This may be a null pointer, in which case the key type
+ *                      is not written.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_EMPTY_SLOT
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_get_key_information(psa_key_slot_t key,
                                      psa_key_type_t *type,
@@ -293,11 +334,32 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  * identical: the implementation may choose a different representation
  * of the same key.
  *
- * \return * \c PSA_SUCCESS: success.
- *         * \c PSA_ERROR_EMPTY_SLOT
- *         * \c PSA_ERROR_COMMUNICATION_FAILURE
- *         * \c PSA_ERROR_HARDWARE_FAILURE
- *         * \c PSA_ERROR_TAMPERING_DETECTED
+ * For standard key types, the output format is as follows:
+ *
+ * - For symmetric keys (including MAC keys), the format is the
+ *   raw bytes of the key.
+ * - For DES, the key data consists of 8 bytes. The parity bits must be
+ *   correct.
+ * - For Triple-DES, the format is the concatenation of the
+ *   two or three DES keys.
+ * - For RSA key pairs keys (#PSA_KEY_TYPE_RSA_KEYPAIR), the format
+ *   is the non-encrypted DER representation defined by PKCS\#8 (RFC 5208)
+ *   as PrivateKeyInfo.
+ * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the format
+ *   is the DER representation defined by X.509.
+ *
+ * \param key           Slot whose content is to be exported. This must
+ *                      be an occupied key slot.
+ * \param data          Buffer where the key data is to be written.
+ * \param data_size     Size of the \c data buffer in bytes.
+ * \param data_length   On success, the number of bytes
+ *                      that make up the key data.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_EMPTY_SLOT
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_export_key(psa_key_slot_t key,
                             uint8_t *data,
@@ -311,8 +373,25 @@ psa_status_t psa_export_key(psa_key_slot_t key,
  * @{
  */
 
+/** The type of the state data structure for multipart hash operations.
+ *
+ * This is an implementation-define \c struct. Applications should not
+ * make any assumptions about the content of this structure except
+ * as directed by the documentation of a specific implementation. */
 typedef struct psa_hash_operation_s psa_hash_operation_t;
 
+/** The size of the output of psa_hash_finish(), in bytes.
+ *
+ * This is also the hash size that psa_hash_verify() expects.
+ *
+ * \param alg   A hash algorithm (\c PSA_ALG_XXX value such that
+ *              #PSA_ALG_IS_HASH(alg) is true).
+ *
+ * \return The hash size for the specified hash algorithm.
+ *         If the hash algorithm is not recognized, return 0.
+ *         An implementation may return either 0 or the correct size
+ *         for a hash algorithm that it recognizes, but does not support.
+ */
 #define PSA_HASH_FINAL_SIZE(alg)                \
     (                                           \
         (alg) == PSA_ALG_MD2 ? 16 :             \
@@ -334,27 +413,168 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
         (alg) == PSA_ALG_SHA3_512 ? 64 :        \
         0)
 
+/** Start a multipart hash operation.
+ *
+ * The sequence of operations to calculate a hash (message digest)
+ * is as follows:
+ * -# Allocate an operation object which will be passed to all the functions
+ *    listed here.
+ * -# Call psa_hash_start() to specify the algorithm.
+ * -# Call psa_hash_update() zero, one or more time, passing a fragment
+ *    of the message each time. The hash that is calculated is the hash
+ *    of the concatenation of these messages in order.
+ * -# To calculate the hash, call psa_hash_finish().
+ *    To compare the hash with an expected value, call psa_hash_verify().
+ *
+ * The application may call psa_hash_abort() at any time after the operation
+ * has been initialized with psa_hash_start().
+ *
+ * After a successful call to psa_hash_start(), the application must
+ * eventually destroy the operation through one of the following means:
+ * - A failed call to psa_hash_update().
+ * - A call to psa_hash_final(), psa_hash_verify() or psa_hash_abort().
+ *
+ * \param operation
+ * \param alg       The hash algorithm to compute (\c PSA_ALG_XXX value
+ *                  such that #PSA_ALG_IS_HASH(alg) is true).
+ *
+ * \retval PSA_SUCCESS
+ *         Success.
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ *         \c alg is not supported or is not a hash algorithm.
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ */
 psa_status_t psa_hash_start(psa_hash_operation_t *operation,
                             psa_algorithm_t alg);
 
+/** Add a message fragment to a multipart hash operation.
+ *
+ * The application must call psa_hash_start() before calling this function.
+ *
+ * If this function returns an error status, the operation becomes inactive.
+ *
+ * \param operation     Active hash operation.
+ * \param input         Buffer containing the message fragment to hash.
+ * \param input_length  Size of the \c input buffer in bytes.
+ *
+ * \retval PSA_SUCCESS
+ *         Success.
+ * \retval PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (not started, or already completed).
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ */
 psa_status_t psa_hash_update(psa_hash_operation_t *operation,
                              const uint8_t *input,
                              size_t input_length);
 
+/** Finish the calculation of the hash of a message.
+ *
+ * The application must call psa_hash_start() before calling this function.
+ * This function calculates the hash of the message formed by concatenating
+ * the inputs passed to preceding calls to psa_hash_update().
+ *
+ * When this function returns, the operation becomes inactive.
+ *
+ * \warning Applications should not call this function if they expect
+ *          a specific value for the hash. Call psa_hash_verify() instead.
+ *          Beware that comparing integrity or authenticity data such as
+ *          hash values with a function such as \c memcmp is risky
+ *          because the time taken by the comparison may leak information
+ *          about the hashed data which could allow an attacker to guess
+ *          a valid hash and thereby bypass security controls.
+ *
+ * \param operation     Active hash operation.
+ * \param hash          Buffer where the hash is to be written.
+ * \param hash_size     Size of the \c hash buffer in bytes.
+ * \param hash_length   On success, the number of bytes
+ *                      that make up the hash value. This is always
+ *                      #PSA_HASH_FINAL_SIZE(alg) where \c alg is the
+ *                      hash algorithm that is calculated.
+ *
+ * \retval PSA_SUCCESS
+ *         Success.
+ * \retval PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (not started, or already completed).
+ * \retval PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \c hash buffer is too small. You can determine a
+ *         sufficient buffer size by calling #PSA_HASH_FINAL_SIZE(alg)
+ *         where \c alg is the hash algorithm that is calculated.
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ */
 psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
                              uint8_t *hash,
                              size_t hash_size,
                              size_t *hash_length);
 
+/** Finish the calculation of the hash of a message and compare it with
+ * an expected value.
+ *
+ * The application must call psa_hash_start() before calling this function.
+ * This function calculates the hash of the message formed by concatenating
+ * the inputs passed to preceding calls to psa_hash_update(). It then
+ * compares the calculated hash with the expected hash passed as a
+ * parameter to this function.
+ *
+ * When this function returns, the operation becomes inactive.
+ *
+ * \note Applications shall make the best effort to ensure that the
+ * comparison between the actual hash and the expected hash is performed
+ * in constant time.
+ *
+ * \param operation     Active hash operation.
+ * \param hash          Buffer containing the expected hash value.
+ * \param hash_length   Size of the \c hash buffer in bytes.
+ *
+ * \retval PSA_SUCCESS
+ *         The expected hash is identical to the actual hash of the message.
+ * \retval PSA_ERROR_INVALID_SIGNATURE
+ *         The hash of the message was calculated successfully, but it
+ *         differs from the expected hash.
+ * \retval PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (not started, or already completed).
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ */
 psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
                              const uint8_t *hash,
                              size_t hash_length);
 
-psa_status_t ps_hash_abort(psa_hash_operation_t *operation);
+/** Abort a hash operation.
+ *
+ * This function may be called at any time after psa_hash_start().
+ * Aborting an operation frees all associated resources except for the
+ * \c operation structure itself.
+ *
+ * Implementation should strive to be robust and handle inactive hash
+ * operations safely (do nothing and return #PSA_ERROR_BAD_STATE). However,
+ * application writers should beware that uninitialized memory may happen
+ * to be indistinguishable from an active hash operation, and the behavior
+ * of psa_hash_abort() is undefined in this case.
+ *
+ * \param operation     Active hash operation.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_BAD_STATE
+ *         \c operation is not an active hash operation.
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_hash_abort(psa_hash_operation_t *operation);
 
 /**@}*/
 
-/** \defgroup MAC Message authentication codes
 /** \defgroup asymmetric Asymmetric cryptography
  * @{
  */
@@ -389,6 +609,33 @@ psa_status_t ps_hash_abort(psa_hash_operation_t *operation);
       /*V of r,s*/               ((curve_bits) + 8) / 8))
 
 
+/** Safe signature buffer size for psa_asymmetric_sign().
+ *
+ * This macro returns a safe buffer size for a signature using a key
+ * of the specified type and size, with the specified algorithm.
+ * Note that the actual size of the signature may be smaller
+ * (some algorithms produce a variable-size signature).
+ *
+ * \warning This function may call its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * \param key_type  An asymmetric key type (this may indifferently be a
+ *                  key pair type or a public key type).
+ * \param key_bits  The size of the key in bits.
+ * \param alg       The signature algorithm.
+ *
+ * \return If the parameters are valid and supported, return
+ *         a buffer size in bytes that guarantees that
+ *         psa_asymmetric_sign() will not fail with
+ *         #PSA_ERROR_BUFFER_TOO_SMALL.
+ *         If the parameters are a valid combination that is not supported
+ *         by the implementation, this macro either shall return either a
+ *         sensible size or 0.
+ *         If the parameters are not valid, the
+ *         return value is unspecified.
+ *
+ */
 #define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg)        \
     (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, BITS_TO_BYTES(key_bits)) : \
      PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \
@@ -397,6 +644,41 @@ psa_status_t ps_hash_abort(psa_hash_operation_t *operation);
 /**
  * \brief Sign a hash or short message with a private key.
  *
+ * \param key               Key slot containing an asymmetric key pair.
+ * \param alg               A signature algorithm that is compatible with
+ *                          the type of \c key.
+ * \param hash              The message to sign.
+ * \param hash_length       Size of the \c hash buffer in bytes.
+ * \param salt              A salt or label, if supported by the signature
+ *                          algorithm.
+ *                          If the signature algorithm does not support a
+ *                          salt, pass \c NULL.
+ *                          If the signature algorithm supports an optional
+ *                          salt and you do not want to pass a salt,
+ *                          pass \c NULL.
+ * \param salt_length       Size of the \c salt buffer in bytes.
+ *                          If \c salt is \c NULL, pass 0.
+ * \param signature         Buffer where the signature is to be written.
+ * \param signature_size    Size of the \c signature buffer in bytes.
+ * \param signature_length  On success, the number of bytes
+ *                          that make up the returned signature value.
+ *                          This is at most #PSA_HASH_FINAL_SIZE(alg)
+ *                          (note that it may be less).
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \c signature buffer is too small. You can
+ *         determine a sufficient buffer size by calling
+ *         #PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg)
+ *         where \c key_type and \c key_bits are the type and bit-size
+ *         respectively of \c key.
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ * \retval PSA_ERROR_INVALID_ARGUMENT
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval PSA_ERROR_INSUFFICIENT_ENTROPY
  */
 psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
                                  psa_algorithm_t alg,
@@ -411,6 +693,35 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
 /**
  * \brief Verify the signature a hash or short message using a public key.
  *
+ * \param key               Key slot containing a public key or an
+ *                          asymmetric key pair.
+ * \param alg               A signature algorithm that is compatible with
+ *                          the type of \c key.
+ * \param hash              The message whose signature is to be verified.
+ * \param hash_length       Size of the \c hash buffer in bytes.
+ * \param salt              A salt or label, if supported by the signature
+ *                          algorithm.
+ *                          If the signature algorithm does not support a
+ *                          salt, pass \c NULL.
+ *                          If the signature algorithm supports an optional
+ *                          salt and you do not want to pass a salt,
+ *                          pass \c NULL.
+ * \param salt_length       Size of the \c salt buffer in bytes.
+ *                          If \c salt is \c NULL, pass 0.
+ * \param signature         Buffer containing the signature to verify.
+ * \param signature_size    Size of the \c signature buffer in bytes.
+ *
+ * \retval PSA_SUCCESS
+ *         The signature is valid.
+ * \retval PSA_ERROR_INVALID_SIGNATURE
+ *         The calculation was perfomed successfully, but the passed
+ *         signature is not a valid signature.
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ * \retval PSA_ERROR_INVALID_ARGUMENT
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
                                    psa_algorithm_t alg,

From 8c9def3e7fa05bda96fefd49076d1d6a1a6417cd Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 8 Feb 2018 10:02:12 +0100
Subject: [PATCH 017/889] PSA: Implement MAC functions

Implement psa_mac_start, psa_mac_update and psa_mac_final.

Implement HMAC anc CMAC.

Smoke tests.
---
 include/psa/crypto.h                        |  79 ++++-
 library/psa_crypto.c                        | 301 +++++++++++++++++++-
 tests/suites/test_suite_psa_crypto.data     |   8 +
 tests/suites/test_suite_psa_crypto.function |  63 ++++
 4 files changed, 437 insertions(+), 14 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 060c007ec..5fb35685d 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -144,6 +144,9 @@ typedef uint32_t psa_key_type_t;
 
 #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
     (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
+#define PSA_KEY_TYPE_IS_RAW_BYTES(type)                                 \
+    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_RAW_DATA ||  \
+     ((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
 #define PSA_KEY_TYPE_IS_ASYMMETRIC(type)                                \
     (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_ASYMMETRIC)
 #define PSA_KEY_TYPE_IS_PUBLIC_KEY(type)                                \
@@ -157,6 +160,13 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_IS_ECC(type)                                       \
     (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_BASE)
 
+#define PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type)        \
+    (                                                \
+        (type) == PSA_KEY_TYPE_AES ? 16 :            \
+        (type) == PSA_KEY_TYPE_DES ? 8 :             \
+        (type) == PSA_KEY_TYPE_CAMELLIA ? 16 :       \
+        0)
+
 /** \brief Encoding of a cryptographic algorithm.
  *
  * For algorithms that can be applied to multiple key types, this type
@@ -223,25 +233,42 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_SHA3_384                        ((psa_algorithm_t)0x01000012)
 #define PSA_ALG_SHA3_512                        ((psa_algorithm_t)0x01000013)
 
+#define PSA_ALG_MAC_SUBCATEGORY_MASK            ((psa_algorithm_t)0x00c00000)
 #define PSA_ALG_HMAC_BASE                       ((psa_algorithm_t)0x02800000)
 #define PSA_ALG_HMAC(hash_alg)                  \
-    (PSA_ALG_HMAC_BASE | (hash_alg))
-#define PSA_ALG_CBC_MAC                         ((psa_algorithm_t)0x02000001)
-#define PSA_ALG_CMAC                            ((psa_algorithm_t)0x02000002)
-#define PSA_ALG_GMAC                            ((psa_algorithm_t)0x02000003)
+    (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_HMAC_HASH(hmac_alg)                             \
+    (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_IS_HMAC(alg)                                            \
+    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
+     PSA_ALG_HMAC_BASE)
+#define PSA_ALG_CIPHER_MAC_BASE                 ((psa_algorithm_t)0x02c00000)
+#define PSA_ALG_CBC_MAC                         ((psa_algorithm_t)0x02c00001)
+#define PSA_ALG_CMAC                            ((psa_algorithm_t)0x02c00002)
+#define PSA_ALG_GMAC                            ((psa_algorithm_t)0x02c00003)
+#define PSA_ALG_IS_CIPHER_MAC(alg)                                      \
+    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
+     PSA_ALG_CIPHER_MAC_BASE)
 
-#define PSA_ALG_BLOCK_CIPHER_BASE_MASK          ((psa_algorithm_t)0x000000ff)
+#define PSA_ALG_CIPHER_SUBCATEGORY_MASK         ((psa_algorithm_t)0x00c00000)
+#define PSA_ALG_BLOCK_CIPHER_BASE               ((psa_algorithm_t)0x04000001)
+#define PSA_ALG_BLOCK_CIPHER_MODE_MASK          ((psa_algorithm_t)0x000000ff)
 #define PSA_ALG_BLOCK_CIPHER_PADDING_MASK       ((psa_algorithm_t)0x007f0000)
 #define PSA_ALG_BLOCK_CIPHER_PAD_PKCS7          ((psa_algorithm_t)0x00010000)
+#define PSA_ALG_IS_BLOCK_CIPHER(alg)            \
+    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_SUBCATEGORY_MASK)) == \
+        PSA_ALG_BLOCK_CIPHER_BASE)
+
 #define PSA_ALG_CBC_BASE                        ((psa_algorithm_t)0x04000001)
-#define PSA_ALG_CFB_BASE                        ((psa_algorithm_t)0x04000003)
-#define PSA_ALG_OFB_BASE                        ((psa_algorithm_t)0x04000004)
-#define PSA_ALG_XTS_BASE                        ((psa_algorithm_t)0x04000005)
+#define PSA_ALG_CFB_BASE                        ((psa_algorithm_t)0x04000002)
+#define PSA_ALG_OFB_BASE                        ((psa_algorithm_t)0x04000003)
+#define PSA_ALG_XTS_BASE                        ((psa_algorithm_t)0x04000004)
 #define PSA_ALG_STREAM_CIPHER                   ((psa_algorithm_t)0x04800000)
 #define PSA_ALG_CTR                             ((psa_algorithm_t)0x04800001)
+#define PSA_ALG_ARC4                            ((psa_algorithm_t)0x04800002)
 
-#define PSA_ALG_CCM                             ((psa_algorithm_t)0x06000002)
-#define PSA_ALG_GCM                             ((psa_algorithm_t)0x06000003)
+#define PSA_ALG_CCM                             ((psa_algorithm_t)0x06000001)
+#define PSA_ALG_GCM                             ((psa_algorithm_t)0x06000002)
 
 #define PSA_ALG_RSA_PKCS1V15_RAW                ((psa_algorithm_t)0x10010000)
 #define PSA_ALG_RSA_PSS_MGF1                    ((psa_algorithm_t)0x10020000)
@@ -575,6 +602,38 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation);
 
 /**@}*/
 
+/** \defgroup MAC Message authentication codes
+ * @{
+ */
+
+typedef struct psa_mac_operation_s psa_mac_operation_t;
+
+#define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg)                     \
+    (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_FINAL_SIZE(PSA_ALG_HMAC_HASH(alg)) : \
+     PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \
+     0)
+
+psa_status_t psa_mac_start(psa_mac_operation_t *operation,
+                           psa_key_slot_t key,
+                           psa_algorithm_t alg);
+
+psa_status_t psa_mac_update(psa_mac_operation_t *operation,
+                            const uint8_t *input,
+                            size_t input_length);
+
+psa_status_t psa_mac_finish(psa_mac_operation_t *operation,
+                            uint8_t *mac,
+                            size_t mac_size,
+                            size_t *mac_length);
+
+psa_status_t psa_mac_verify(psa_mac_operation_t *operation,
+                            const uint8_t *mac,
+                            size_t mac_length);
+
+psa_status_t psa_mac_abort(psa_mac_operation_t *operation);
+
+/**@}*/
+
 /** \defgroup asymmetric Asymmetric cryptography
  * @{
  */
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ca275495f..e264990ff 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -303,7 +303,7 @@ psa_status_t psa_import_key(psa_key_slot_t key,
     if( slot->type != PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_OCCUPIED_SLOT );
 
-    if( type == PSA_KEY_TYPE_RAW_DATA )
+    if( PSA_KEY_TYPE_IS_RAW_BYTES( type ) )
     {
         if( data_length > SIZE_MAX / 8 )
             return( PSA_ERROR_NOT_SUPPORTED );
@@ -374,7 +374,7 @@ psa_status_t psa_destroy_key(psa_key_slot_t key)
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
 
-    if( slot->type == PSA_KEY_TYPE_RAW_DATA )
+    if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
     {
         mbedtls_free( slot->data.raw.data );
     }
@@ -420,7 +420,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
 
-    if( slot->type == PSA_KEY_TYPE_RAW_DATA )
+    if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
     {
         if( bits != NULL )
             *bits = slot->data.raw.bytes * 8;
@@ -465,7 +465,7 @@ psa_status_t psa_export_key(psa_key_slot_t key,
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
 
-    if( slot->type == PSA_KEY_TYPE_RAW_DATA )
+    if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
     {
         if( slot->data.raw.bytes > data_size )
             return( PSA_ERROR_BUFFER_TOO_SMALL );
@@ -856,6 +856,299 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
 
 
 /****************************************************************/
+/* MAC */
+/****************************************************************/
+
+static const mbedtls_cipher_info_t *mbedtls_cipher_info_of_psa(
+    psa_algorithm_t alg,
+    psa_key_type_t key_type,
+    size_t key_bits )
+{
+    mbedtls_cipher_id_t cipher_id;
+    mbedtls_cipher_mode_t mode;
+
+    if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) )
+    {
+        if( PSA_ALG_IS_BLOCK_CIPHER( alg ) )
+            alg &= ~PSA_ALG_BLOCK_CIPHER_MODE_MASK;
+        switch( alg )
+        {
+            case PSA_ALG_STREAM_CIPHER:
+                mode = MBEDTLS_MODE_STREAM;
+                break;
+            case PSA_ALG_CBC_BASE:
+                mode = MBEDTLS_MODE_CBC;
+                break;
+            case PSA_ALG_CFB_BASE:
+                mode = MBEDTLS_MODE_CFB;
+                break;
+            case PSA_ALG_OFB_BASE:
+                mode = MBEDTLS_MODE_OFB;
+                break;
+            case PSA_ALG_CTR:
+                mode = MBEDTLS_MODE_CTR;
+                break;
+            case PSA_ALG_CCM:
+                mode = MBEDTLS_MODE_CCM;
+                break;
+            case PSA_ALG_GCM:
+                mode = MBEDTLS_MODE_GCM;
+                break;
+            default:
+                return( NULL );
+        }
+    }
+    else if( alg == PSA_ALG_CMAC )
+        mode = MBEDTLS_MODE_ECB;
+    else if( alg == PSA_ALG_GMAC )
+        mode = MBEDTLS_MODE_GCM;
+    else
+        return( NULL );
+
+    switch( key_type )
+    {
+        case PSA_KEY_TYPE_AES:
+            cipher_id = MBEDTLS_CIPHER_ID_AES;
+            break;
+        case PSA_KEY_TYPE_DES:
+            if( key_bits == 64 )
+                cipher_id = MBEDTLS_CIPHER_ID_DES;
+            else
+                cipher_id = MBEDTLS_CIPHER_ID_3DES;
+            break;
+        case PSA_KEY_TYPE_CAMELLIA:
+            cipher_id = MBEDTLS_CIPHER_ID_CAMELLIA;
+            break;
+        case PSA_KEY_TYPE_ARC4:
+            cipher_id = MBEDTLS_CIPHER_ID_ARC4;
+            break;
+        default:
+            return( NULL );
+    }
+
+    return( mbedtls_cipher_info_from_values( cipher_id, key_bits, mode ) );
+}
+
+psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
+{
+    switch( operation->alg )
+    {
+#if defined(MBEDTLS_CMAC_C)
+        case PSA_ALG_CMAC:
+            mbedtls_cipher_free( &operation->ctx.cmac );
+            break;
+#endif /* MBEDTLS_CMAC_C */
+        default:
+#if defined(MBEDTLS_MD_C)
+            if( PSA_ALG_IS_HMAC( operation->alg ) )
+                mbedtls_md_free( &operation->ctx.hmac );
+            else
+#endif /* MBEDTLS_MD_C */
+                return( PSA_ERROR_NOT_SUPPORTED );
+    }
+    operation->alg = 0;
+    operation->key_set = 0;
+    operation->iv_set = 0;
+    operation->iv_required = 0;
+    operation->has_input = 0;
+    return( PSA_SUCCESS );
+}
+
+psa_status_t psa_mac_start( psa_mac_operation_t *operation,
+                            psa_key_slot_t key,
+                            psa_algorithm_t alg )
+{
+    int ret = MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE;
+    psa_status_t status;
+    key_slot_t *slot;
+    psa_key_type_t key_type;
+    size_t key_bits;
+    const mbedtls_cipher_info_t *cipher_info = NULL;
+
+    operation->alg = 0;
+    operation->key_set = 0;
+    operation->iv_set = 0;
+    operation->iv_required = 1;
+    operation->has_input = 0;
+
+    status = psa_get_key_information( key, &key_type, &key_bits );
+    if( status != PSA_SUCCESS )
+        return( status );
+    slot = &global_data.key_slots[key];
+
+    if( ! PSA_ALG_IS_HMAC( alg ) )
+    {
+        cipher_info = mbedtls_cipher_info_of_psa( alg, key_type, key_bits );
+        if( cipher_info == NULL )
+            return( PSA_ERROR_NOT_SUPPORTED );
+        operation->mac_size = cipher_info->block_size;
+    }
+    switch( alg )
+    {
+#if defined(MBEDTLS_CMAC_C)
+        case PSA_ALG_CMAC:
+            operation->iv_required = 0;
+            mbedtls_cipher_init( &operation->ctx.cmac );
+            ret = mbedtls_cipher_setup( &operation->ctx.cmac, cipher_info );
+            if( ret != 0 )
+                break;
+            ret = mbedtls_cipher_cmac_starts( &operation->ctx.cmac,
+                                              slot->data.raw.data,
+                                              key_bits );
+            break;
+#endif /* MBEDTLS_CMAC_C */
+        default:
+#if defined(MBEDTLS_MD_C)
+            if( PSA_ALG_IS_HMAC( alg ) )
+            {
+                const mbedtls_md_info_t *md_info =
+                    mbedtls_md_info_of_psa( PSA_ALG_HMAC_HASH( alg ) );
+                if( md_info == NULL )
+                    return( PSA_ERROR_NOT_SUPPORTED );
+                if( key_type != PSA_KEY_TYPE_HMAC )
+                    return( PSA_ERROR_INVALID_ARGUMENT );
+                operation->iv_required = 0;
+                operation->mac_size = mbedtls_md_get_size( md_info );
+                mbedtls_md_init( &operation->ctx.hmac );
+                ret = mbedtls_md_setup( &operation->ctx.hmac, md_info, 1 );
+                if( ret != 0 )
+                    break;
+                ret = mbedtls_md_hmac_starts( &operation->ctx.hmac,
+                                              slot->data.raw.data,
+                                              slot->data.raw.bytes );
+                break;
+            }
+            else
+#endif /* MBEDTLS_MD_C */
+                return( PSA_ERROR_NOT_SUPPORTED );
+    }
+
+    /* If we reach this point, then the algorithm-specific part of the
+     * context has at least been initialized, and may contain data that
+     * needs to be wiped on error. */
+    operation->alg = alg;
+    if( ret != 0 )
+    {
+        psa_mac_abort( operation );
+        return( mbedtls_to_psa_error( ret ) );
+    }
+    operation->key_set = 1;
+    return( 0 );
+}
+
+psa_status_t psa_mac_update( psa_mac_operation_t *operation,
+                             const uint8_t *input,
+                             size_t input_length )
+{
+    int ret;
+    if( ! operation->key_set )
+        return( PSA_ERROR_BAD_STATE );
+    if( operation->iv_required && ! operation->iv_set )
+        return( PSA_ERROR_BAD_STATE );
+    operation->has_input = 1;
+
+    switch( operation->alg )
+    {
+#if defined(MBEDTLS_CMAC_C)
+        case PSA_ALG_CMAC:
+            ret = mbedtls_cipher_cmac_update( &operation->ctx.cmac,
+                                              input, input_length );
+            break;
+#endif /* MBEDTLS_CMAC_C */
+        default:
+#if defined(MBEDTLS_MD_C)
+            if( PSA_ALG_IS_HMAC( operation->alg ) )
+            {
+                ret = mbedtls_md_hmac_update( &operation->ctx.hmac,
+                                              input, input_length );
+            }
+            else
+#endif /* MBEDTLS_MD_C */
+            {
+                ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+            }
+            break;
+    }
+    if( ret != 0 )
+        psa_mac_abort( operation );
+    return( mbedtls_to_psa_error( ret ) );
+}
+
+psa_status_t psa_mac_finish( psa_mac_operation_t *operation,
+                             uint8_t *mac,
+                             size_t mac_size,
+                             size_t *mac_length )
+{
+    int ret;
+    if( ! operation->key_set )
+        return( PSA_ERROR_BAD_STATE );
+    if( operation->iv_required && ! operation->iv_set )
+        return( PSA_ERROR_BAD_STATE );
+
+    /* Fill the output buffer with something that isn't a valid mac
+     * (barring an attack on the mac and deliberately-crafted input),
+     * in case the caller doesn't check the return status properly. */
+    *mac_length = operation->mac_size;
+    memset( mac, '!', mac_size );
+
+    if( mac_size < operation->mac_size )
+        return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+    switch( operation->alg )
+    {
+#if defined(MBEDTLS_CMAC_C)
+        case PSA_ALG_CMAC:
+            ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, mac );
+            break;
+#endif /* MBEDTLS_CMAC_C */
+        default:
+#if defined(MBEDTLS_MD_C)
+            if( PSA_ALG_IS_HMAC( operation->alg ) )
+            {
+                ret = mbedtls_md_hmac_finish( &operation->ctx.hmac, mac );
+            }
+            else
+#endif /* MBEDTLS_MD_C */
+            {
+                ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+            }
+            break;
+    }
+
+    if( ret == 0 )
+    {
+        return( psa_mac_abort( operation ) );
+    }
+    else
+    {
+        psa_mac_abort( operation );
+        return( mbedtls_to_psa_error( ret ) );
+    }
+}
+
+#define MBEDTLS_PSA_MAC_MAX_SIZE                       \
+    ( MBEDTLS_MD_MAX_SIZE > MBEDTLS_MAX_BLOCK_LENGTH ? \
+      MBEDTLS_MD_MAX_SIZE :                            \
+      MBEDTLS_MAX_BLOCK_LENGTH )
+psa_status_t psa_mac_verify( psa_mac_operation_t *operation,
+                             const uint8_t *mac,
+                             size_t mac_length )
+{
+    uint8_t actual_mac[MBEDTLS_PSA_MAC_MAX_SIZE];
+    size_t actual_mac_length;
+    psa_status_t status = psa_mac_finish( operation,
+                                          actual_mac, sizeof( actual_mac ),
+                                          &actual_mac_length );
+    if( status != PSA_SUCCESS )
+        return( status );
+    if( actual_mac_length != mac_length )
+        return( PSA_ERROR_INVALID_SIGNATURE );
+    if( safer_memcmp( mac, actual_mac, actual_mac_length ) != 0 )
+        return( PSA_ERROR_INVALID_SIGNATURE );
+    return( PSA_SUCCESS );
+}
+
+
 
 
 /****************************************************************/
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index f53b1a436..4f4bef14c 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -45,6 +45,14 @@ PSA hash verify: SHA-256
 depends_on:MBEDTLS_SHA256_C
 hash_verify:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
 
+PSA MAC verify: HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"53616d706c65206d65737361676520666f72206b65796c656e3d626c6f636b6c656e":"8bb9a1db9806f20df7f77b82138c7914d174d59e13dc4d0169c9057b133e1d62"
+
+PSA MAC verify: CMAC-AES-128
+depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
+
 PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw
 signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_RAW:128
 
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 21802d147..d5305740f 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1,5 +1,7 @@
 /* BEGIN_HEADER */
 #include "psa/crypto.h"
+
+#include "mbedtls/md.h"
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
@@ -200,6 +202,67 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void mac_verify( int key_type_arg, char *key_hex,
+                 int alg_arg, char *iv_hex,
+                 char *input_hex, char *mac_hex )
+{
+    int key_slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key = NULL;
+    size_t key_size;
+    unsigned char *iv = NULL;
+    size_t iv_size;
+    unsigned char *input = NULL;
+    size_t input_size;
+    unsigned char *expected_mac = NULL;
+    size_t expected_mac_size;
+    psa_mac_operation_t operation;
+
+    key_size = strlen( key_hex ) / 2;
+    key = mbedtls_calloc( 1, key_size );
+    TEST_ASSERT( key != NULL );
+    key_size = unhexify( key, key_hex );
+    iv_size = strlen( iv_hex ) / 2;
+    if( iv_size != 0 )
+    {
+        iv = mbedtls_calloc( 1, iv_size );
+        TEST_ASSERT( iv != NULL );
+        iv_size = unhexify( iv, iv_hex );
+    }
+    input_size = strlen( input_hex ) / 2;
+    input = mbedtls_calloc( 1, input_size );
+    TEST_ASSERT( input != NULL );
+    input_size = unhexify( input, input_hex );
+    expected_mac_size = strlen( mac_hex ) / 2;
+    expected_mac = mbedtls_calloc( 1, expected_mac_size );
+    TEST_ASSERT( expected_mac != NULL );
+    expected_mac_size = unhexify( expected_mac, mac_hex );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, key_size ) == PSA_SUCCESS );
+    // TODO: support IV
+    TEST_ASSERT( psa_mac_start( &operation, key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_mac_update( &operation,
+                                 input, input_size ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_mac_verify( &operation,
+                                 expected_mac,
+                                 expected_mac_size ) == PSA_SUCCESS );
+
+exit:
+    mbedtls_free( key );
+    mbedtls_free( iv );
+    mbedtls_free( input );
+    mbedtls_free( expected_mac );
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg )
 {

From 7e4acc5ef859f7b677d989d3d75d21fa3890b0d9 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 16 Feb 2018 21:24:11 +0100
Subject: [PATCH 018/889] Document some MAC functions: psa_mac_start

Adapt the documentation of hash functions.

State that the key object does not need to remain valid throughout the
operation.
---
 include/psa/crypto.h | 58 +++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 57 insertions(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 5fb35685d..8cf7e3a3f 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -447,7 +447,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
  * -# Allocate an operation object which will be passed to all the functions
  *    listed here.
  * -# Call psa_hash_start() to specify the algorithm.
- * -# Call psa_hash_update() zero, one or more time, passing a fragment
+ * -# Call psa_hash_update() zero, one or more times, passing a fragment
  *    of the message each time. The hash that is calculated is the hash
  *    of the concatenation of these messages in order.
  * -# To calculate the hash, call psa_hash_finish().
@@ -606,13 +606,69 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation);
  * @{
  */
 
+/** The type of the state data structure for multipart MAC operations.
+ *
+ * This is an implementation-define \c struct. Applications should not
+ * make any assumptions about the content of this structure except
+ * as directed by the documentation of a specific implementation. */
 typedef struct psa_mac_operation_s psa_mac_operation_t;
 
+/** The size of the output of psa_mac_finish(), in bytes.
+ *
+ * This is also the MAC size that psa_mac_verify() expects.
+ *
+ * \param alg   A MAC algorithm (\c PSA_ALG_XXX value such that
+ *              #PSA_ALG_IS_MAC(alg) is true).
+ *
+ * \return The MAC size for the specified algorithm.
+ *         If the MAC algorithm is not recognized, return 0.
+ *         An implementation may return either 0 or the correct size
+ *         for a MAC algorithm that it recognizes, but does not support.
+ */
 #define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg)                     \
     (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_FINAL_SIZE(PSA_ALG_HMAC_HASH(alg)) : \
      PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \
      0)
 
+/** Start a multipart MAC operation.
+ *
+ * The sequence of operations to calculate a MAC (message authentication code)
+ * is as follows:
+ * -# Allocate an operation object which will be passed to all the functions
+ *    listed here.
+ * -# Call psa_mac_start() to specify the algorithm and key.
+ *    The key remains associated with the operation even if the content
+ *    of the key slot changes.
+ * -# Call psa_mac_update() zero, one or more times, passing a fragment
+ *    of the message each time. The MAC that is calculated is the MAC
+ *    of the concatenation of these messages in order.
+ * -# To calculate the MAC, call psa_mac_finish().
+ *    To compare the MAC with an expected value, call psa_mac_verify().
+ *
+ * The application may call psa_mac_abort() at any time after the operation
+ * has been initialized with psa_mac_start().
+ *
+ * After a successful call to psa_mac_start(), the application must
+ * eventually destroy the operation through one of the following means:
+ * - A failed call to psa_mac_update().
+ * - A call to psa_mac_final(), psa_mac_verify() or psa_mac_abort().
+ *
+ * \param operation
+ * \param alg       The MAC algorithm to compute (\c PSA_ALG_XXX value
+ *                  such that #PSA_ALG_IS_MAC(alg) is true).
+ *
+ * \retval PSA_SUCCESS
+ *         Success.
+ * \retval PSA_ERROR_EMPTY_SLOT
+ * \retval PSA_ERROR_INVALID_ARGUMENT
+ *         \c key is not compatible with \c alg.
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ *         \c alg is not supported or is not a MAC algorithm.
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ */
 psa_status_t psa_mac_start(psa_mac_operation_t *operation,
                            psa_key_slot_t key,
                            psa_algorithm_t alg);

From 428dc5aef19fb191e528eece58089273b3da7897 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 3 Mar 2018 21:27:18 +0100
Subject: [PATCH 019/889] Prototypes for symmetric cipher functions

---
 include/psa/crypto.h        | 131 +++++++++++++++++++++++++++++++++++-
 include/psa/crypto_struct.h |  12 ++++
 2 files changed, 141 insertions(+), 2 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 8cf7e3a3f..0998a498d 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -251,9 +251,10 @@ typedef uint32_t psa_algorithm_t;
      PSA_ALG_CIPHER_MAC_BASE)
 
 #define PSA_ALG_CIPHER_SUBCATEGORY_MASK         ((psa_algorithm_t)0x00c00000)
-#define PSA_ALG_BLOCK_CIPHER_BASE               ((psa_algorithm_t)0x04000001)
+#define PSA_ALG_BLOCK_CIPHER_BASE               ((psa_algorithm_t)0x04000000)
 #define PSA_ALG_BLOCK_CIPHER_MODE_MASK          ((psa_algorithm_t)0x000000ff)
-#define PSA_ALG_BLOCK_CIPHER_PADDING_MASK       ((psa_algorithm_t)0x007f0000)
+#define PSA_ALG_BLOCK_CIPHER_PADDING_MASK       ((psa_algorithm_t)0x003f0000)
+#define PSA_ALG_BLOCK_CIPHER_PAD_NONE           ((psa_algorithm_t)0x00000000)
 #define PSA_ALG_BLOCK_CIPHER_PAD_PKCS7          ((psa_algorithm_t)0x00010000)
 #define PSA_ALG_IS_BLOCK_CIPHER(alg)            \
     (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_SUBCATEGORY_MASK)) == \
@@ -690,6 +691,132 @@ psa_status_t psa_mac_abort(psa_mac_operation_t *operation);
 
 /**@}*/
 
+/** \defgroup cipher Symmetric ciphers
+ * @{
+ */
+
+/** The type of the state data structure for multipart cipher operations.
+ *
+ * This is an implementation-defined \c struct. Applications should not
+ * make any assumptions about the content of this structure except
+ * as directed by the documentation of a specific implementation. */
+typedef struct psa_cipher_operation_s psa_cipher_operation_t;
+
+/** Set the key for a multipart symmetric encryption operation.
+ *
+ * The sequence of operations to encrypt a message with a symmetric cipher
+ * is as follows:
+ * -# Allocate an operation object which will be passed to all the functions
+ *    listed here.
+ * -# Call psa_encrypt_setup() to specify the algorithm and key.
+ *    The key remains associated with the operation even if the content
+ *    of the key slot changes.
+ * -# Call either psa_encrypt_generate_iv() or psa_encrypt_set_iv() to
+ *    generate or set the IV (initialization vector). You should use
+ *    psa_encrypt_generate_iv() unless the protocol you are implementing
+ *    requires a specific IV value.
+ * -# Call psa_cipher_update() zero, one or more times, passing a fragment
+ *    of the message each time.
+ * -# Call psa_cipher_finish().
+ *
+ * The application may call psa_cipher_abort() at any time after the operation
+ * has been initialized with psa_encrypt_setup().
+ *
+ * After a successful call to psa_encrypt_setup(), the application must
+ * eventually destroy the operation through one of the following means:
+ * - A failed call to psa_encrypt_generate_iv(), psa_encrypt_set_iv()
+ *   or psa_cipher_update().
+ * - A call to psa_cipher_final() or psa_cipher_abort().
+ *
+ * \param operation
+ * \param alg       The cipher algorithm to compute (\c PSA_ALG_XXX value
+ *                  such that #PSA_ALG_IS_CIPHER(alg) is true).
+ *
+ * \retval PSA_SUCCESS
+ *         Success.
+ * \retval PSA_ERROR_EMPTY_SLOT
+ * \retval PSA_ERROR_NOT_PERMITTED
+ * \retval PSA_ERROR_INVALID_ARGUMENT
+ *         \c key is not compatible with \c alg.
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ *         \c alg is not supported or is not a cipher algorithm.
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation,
+                               psa_key_slot_t key,
+                               psa_algorithm_t alg);
+
+/** Set the key for a multipart symmetric decryption operation.
+ *
+ * The sequence of operations to decrypt a message with a symmetric cipher
+ * is as follows:
+ * -# Allocate an operation object which will be passed to all the functions
+ *    listed here.
+ * -# Call psa_decrypt_setup() to specify the algorithm and key.
+ *    The key remains associated with the operation even if the content
+ *    of the key slot changes.
+ * -# Call psa_cipher_update() with the IV (initialization vector) for the
+ *    decryption. If the IV is prepended to the ciphertext, you can call
+ *    psa_cipher_update() on a buffer containing the IV followed by the
+ *    beginning of the message.
+ * -# Call psa_cipher_update() zero, one or more times, passing a fragment
+ *    of the message each time.
+ * -# Call psa_cipher_finish().
+ *
+ * The application may call psa_cipher_abort() at any time after the operation
+ * has been initialized with psa_encrypt_setup().
+ *
+ * After a successful call to psa_decrypt_setup(), the application must
+ * eventually destroy the operation through one of the following means:
+ * - A failed call to psa_cipher_update().
+ * - A call to psa_cipher_final() or psa_cipher_abort().
+ *
+ * \param operation
+ * \param alg       The cipher algorithm to compute (\c PSA_ALG_XXX value
+ *                  such that #PSA_ALG_IS_CIPHER(alg) is true).
+ *
+ * \retval PSA_SUCCESS
+ *         Success.
+ * \retval PSA_ERROR_EMPTY_SLOT
+ * \retval PSA_ERROR_NOT_PERMITTED
+ * \retval PSA_ERROR_INVALID_ARGUMENT
+ *         \c key is not compatible with \c alg.
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ *         \c alg is not supported or is not a cipher algorithm.
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation,
+                               psa_key_slot_t key,
+                               psa_algorithm_t alg);
+
+psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation,
+                                     unsigned char *iv,
+                                     size_t iv_size,
+                                     size_t *iv_length);
+
+psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation,
+                                const unsigned char *iv,
+                                size_t iv_length);
+
+psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
+                               const uint8_t *input,
+                               size_t input_length);
+
+psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
+                               uint8_t *mac,
+                               size_t mac_size,
+                               size_t *mac_length);
+
+psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
+
+/**@}*/
+
 /** \defgroup asymmetric Asymmetric cryptography
  * @{
  */
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 6bd4ed23d..ffa835e15 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -93,4 +93,16 @@ struct psa_mac_operation_s
     } ctx;
 };
 
+struct psa_cipher_operation_s
+{
+    psa_algorithm_t alg;
+    int key_set : 1;
+    int iv_set : 1;
+    uint8_t iv_size;
+    uint8_t block_size;
+    union
+    {
+    } ctx;
+};
+
 #endif /* PSA_CRYPTO_STRUCT_H */

From 3b555710e2d14876a0ef708b6ed1b24c51f00582 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 3 Mar 2018 21:27:57 +0100
Subject: [PATCH 020/889] Prototypes for AEAD functions

This is still tentative.
---
 include/psa/crypto.h        | 138 ++++++++++++++++++++++++++++++++++++
 include/psa/crypto_struct.h |  13 ++++
 2 files changed, 151 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 0998a498d..c833d7220 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -817,6 +817,144 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
 
 /**@}*/
 
+/** \defgroup aead Authenticated encryption with associated data (AEAD)
+ * @{
+ */
+
+/** The type of the state data structure for multipart AEAD operations.
+ *
+ * This is an implementation-defined \c struct. Applications should not
+ * make any assumptions about the content of this structure except
+ * as directed by the documentation of a specific implementation. */
+typedef struct psa_aead_operation_s psa_aead_operation_t;
+
+/** Set the key for a multipart authenticated encryption operation.
+ *
+ * The sequence of operations to authenticate-and-encrypt a message
+ * is as follows:
+ * -# Allocate an operation object which will be passed to all the functions
+ *    listed here.
+ * -# Call psa_aead_encrypt_setup() to specify the algorithm and key.
+ *    The key remains associated with the operation even if the content
+ *    of the key slot changes.
+ * -# Call either psa_aead_generate_iv() or psa_aead_set_iv() to
+ *    generate or set the IV (initialization vector). You should use
+ *    psa_encrypt_generate_iv() unless the protocol you are implementing
+ *    requires a specific IV value.
+ * -# Call psa_aead_update_ad() to pass the associated data that is
+ *    to be authenticated but not encrypted. You may omit this step if
+ *    there is no associated data.
+ * -# Call psa_aead_update() zero, one or more times, passing a fragment
+ *    of the data to encrypt each time.
+ * -# Call psa_aead_finish().
+ *
+ * The application may call psa_aead_abort() at any time after the operation
+ * has been initialized with psa_aead_encrypt_setup().
+ *
+ * After a successful call to psa_aead_setup(), the application must
+ * eventually destroy the operation through one of the following means:
+ * - A failed call to psa_aead_generate_iv(), psa_aead_set_iv(),
+ *   psa_aead_update_ad() or psa_aead_update().
+ * - A call to psa_aead_final() or psa_aead_abort().
+ *
+ * \param operation
+ * \param alg       The AEAD algorithm to compute (\c PSA_ALG_XXX value
+ *                  such that #PSA_ALG_IS_AEAD(alg) is true).
+ *
+ * \retval PSA_SUCCESS
+ *         Success.
+ * \retval PSA_ERROR_EMPTY_SLOT
+ * \retval PSA_ERROR_NOT_PERMITTED
+ * \retval PSA_ERROR_INVALID_ARGUMENT
+ *         \c key is not compatible with \c alg.
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ *         \c alg is not supported or is not an AEAD algorithm.
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation,
+                                    psa_key_slot_t key,
+                                    psa_algorithm_t alg);
+
+/** Set the key for a multipart authenticated decryption operation.
+ *
+ * The sequence of operations to authenticated and decrypt a message
+ * is as follows:
+ * -# Allocate an operation object which will be passed to all the functions
+ *    listed here.
+ * -# Call psa_aead_decrypt_setup() to specify the algorithm and key.
+ *    The key remains associated with the operation even if the content
+ *    of the key slot changes.
+ * -# Call psa_aead_set_iv() to pass the initialization vector (IV)
+ *    for the authenticated decryption.
+ * -# Call psa_aead_update_ad() to pass the associated data that is
+ *    to be authenticated but not encrypted. You may omit this step if
+ *    there is no associated data.
+ * -# Call psa_aead_update() zero, one or more times, passing a fragment
+ *    of the data to decrypt each time.
+ * -# Call psa_aead_finish().
+ *
+ * The application may call psa_aead_abort() at any time after the operation
+ * has been initialized with psa_aead_decrypt_setup().
+ *
+ * After a successful call to psa_decrypt_setup(), the application must
+ * eventually destroy the operation through one of the following means:
+ * - A failed call to psa_aead_update().
+ * - A call to psa_cipher_final() or psa_cipher_abort().
+ *
+ * \param operation
+ * \param alg       The cipher algorithm to compute (\c PSA_ALG_XXX value
+ *                  such that #PSA_ALG_IS_CIPHER(alg) is true).
+ *
+ * \retval PSA_SUCCESS
+ *         Success.
+ * \retval PSA_ERROR_EMPTY_SLOT
+ * \retval PSA_ERROR_NOT_PERMITTED
+ * \retval PSA_ERROR_INVALID_ARGUMENT
+ *         \c key is not compatible with \c alg.
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ *         \c alg is not supported or is not a cipher algorithm.
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation,
+                                    psa_key_slot_t key,
+                                    psa_algorithm_t alg);
+
+psa_status_t psa_aead_generate_iv(psa_aead_operation_t *operation,
+                                  unsigned char *iv,
+                                  size_t iv_size,
+                                  size_t *iv_length);
+
+psa_status_t psa_aead_set_iv(psa_aead_operation_t *operation,
+                             const unsigned char *iv,
+                             size_t iv_length);
+
+psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation,
+                                const uint8_t *input,
+                                size_t input_length);
+
+psa_status_t psa_aead_update(psa_aead_operation_t *operation,
+                             const uint8_t *input,
+                             size_t input_length);
+
+psa_status_t psa_aead_finish(psa_aead_operation_t *operation,
+                             uint8_t *tag,
+                             size_t tag_size,
+                             size_t *tag_length);
+
+psa_status_t psa_aead_verify(psa_aead_operation_t *operation,
+                             uint8_t *tag,
+                             size_t tag_length);
+
+psa_status_t psa_aead_abort(psa_aead_operation_t *operation);
+
+/**@}*/
+
 /** \defgroup asymmetric Asymmetric cryptography
  * @{
  */
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index ffa835e15..9e70512d7 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -105,4 +105,17 @@ struct psa_cipher_operation_s
     } ctx;
 };
 
+struct psa_aead_operation_s
+{
+    psa_algorithm_t alg;
+    int key_set : 1;
+    int iv_set : 1;
+    int ad_set : 1;
+    uint8_t iv_size;
+    uint8_t block_size;
+    union
+    {
+    } ctx;
+};
+
 #endif /* PSA_CRYPTO_STRUCT_H */

From 92b3073e36247d34edbf56674b6b4a28516bbb6a Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 3 Mar 2018 21:29:30 +0100
Subject: [PATCH 021/889] Minor documentation fixes

---
 include/psa/crypto.h | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index c833d7220..94a5e0a9b 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -360,7 +360,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  * If a key is created with psa_import_key() and then exported with
  * this function, it is not guaranteed that the resulting data is
  * identical: the implementation may choose a different representation
- * of the same key.
+ * of the same key if the format permits it.
  *
  * For standard key types, the output format is as follows:
  *
@@ -370,7 +370,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  *   correct.
  * - For Triple-DES, the format is the concatenation of the
  *   two or three DES keys.
- * - For RSA key pairs keys (#PSA_KEY_TYPE_RSA_KEYPAIR), the format
+ * - For RSA key pairs (#PSA_KEY_TYPE_RSA_KEYPAIR), the format
  *   is the non-encrypted DER representation defined by PKCS\#8 (RFC 5208)
  *   as PrivateKeyInfo.
  * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the format
@@ -385,6 +385,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  *
  * \retval PSA_SUCCESS
  * \retval PSA_ERROR_EMPTY_SLOT
+ * \retval PSA_ERROR_NOT_PERMITTED
  * \retval PSA_ERROR_COMMUNICATION_FAILURE
  * \retval PSA_ERROR_HARDWARE_FAILURE
  * \retval PSA_ERROR_TAMPERING_DETECTED
@@ -403,7 +404,7 @@ psa_status_t psa_export_key(psa_key_slot_t key,
 
 /** The type of the state data structure for multipart hash operations.
  *
- * This is an implementation-define \c struct. Applications should not
+ * This is an implementation-defined \c struct. Applications should not
  * make any assumptions about the content of this structure except
  * as directed by the documentation of a specific implementation. */
 typedef struct psa_hash_operation_s psa_hash_operation_t;
@@ -609,7 +610,7 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation);
 
 /** The type of the state data structure for multipart MAC operations.
  *
- * This is an implementation-define \c struct. Applications should not
+ * This is an implementation-defined \c struct. Applications should not
  * make any assumptions about the content of this structure except
  * as directed by the documentation of a specific implementation. */
 typedef struct psa_mac_operation_s psa_mac_operation_t;
@@ -661,6 +662,7 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
  * \retval PSA_SUCCESS
  *         Success.
  * \retval PSA_ERROR_EMPTY_SLOT
+ * \retval PSA_ERROR_NOT_PERMITTED
  * \retval PSA_ERROR_INVALID_ARGUMENT
  *         \c key is not compatible with \c alg.
  * \retval PSA_ERROR_NOT_SUPPORTED

From 7698bcf338e5d3f6ac1ef20264ebae3be837da77 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 3 Mar 2018 21:30:44 +0100
Subject: [PATCH 022/889] Basic interface for key policies

Get/set the policy of a key slot.

Opaque structure for key policies and field access functions.
---
 include/psa/crypto.h        | 76 +++++++++++++++++++++++++++++++++++++
 include/psa/crypto_struct.h |  6 +++
 2 files changed, 82 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 94a5e0a9b..493f5efba 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -395,6 +395,82 @@ psa_status_t psa_export_key(psa_key_slot_t key,
                             size_t data_size,
                             size_t *data_length);
 
+/**
+ * \brief Export a public key or the public part of a key pair in binary format.
+ *
+ * The output of this function can be passed to psa_import_key() to
+ * create an object that is equivalent to the public key.
+ *
+ * For standard key types, the output format is as follows:
+ *
+ * - For RSA keys (#PSA_KEY_TYPE_RSA_KEYPAIR or #PSA_KEY_TYPE_RSA_PUBLIC_KEY),
+ *   the format is the DER representation defined by X.509.
+ *
+ * \param key           Slot whose content is to be exported. This must
+ *                      be an occupied key slot.
+ * \param data          Buffer where the key data is to be written.
+ * \param data_size     Size of the \c data buffer in bytes.
+ * \param data_length   On success, the number of bytes
+ *                      that make up the key data.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_EMPTY_SLOT
+ * \retval PSA_ERROR_INVALID_ARGUMENT
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_export_public_key(psa_key_slot_t key,
+                                   uint8_t *data,
+                                   size_t data_size,
+                                   size_t *data_length);
+
+/**@}*/
+
+/** \defgroup policy Key policies
+ * @{
+ */
+
+/** \brief Encoding of permitted usage on a key. */
+typedef uint32_t psa_key_usage_t;
+
+#define PSA_KEY_USAGE_EXPORT                    ((psa_key_usage_t)0x00000001)
+
+#define PSA_KEY_USAGE_ENCRYPT                   ((psa_key_usage_t)0x00000100)
+#define PSA_KEY_USAGE_DECRYPT                   ((psa_key_usage_t)0x00000200)
+#define PSA_KEY_USAGE_SIGN                      ((psa_key_usage_t)0x00000400)
+#define PSA_KEY_USAGE_VERIFY                    ((psa_key_usage_t)0x00000800)
+
+/** The type of the key policy data structure.
+ *
+ * This is an implementation-defined \c struct. Applications should not
+ * make any assumptions about the content of this structure except
+ * as directed by the documentation of a specific implementation. */
+typedef struct psa_key_policy_s psa_key_policy_t;
+
+/** \brief Initialize a key policy structure to a default that forbids all
+ * usage of the key. */
+void psa_key_policy_init(psa_key_policy_t *policy);
+
+void psa_key_policy_set_usage(psa_key_policy_t *policy,
+                              psa_key_usage_t usage,
+                              psa_algorithm_t alg);
+
+psa_key_usage_t psa_key_policy_get_usage(psa_key_policy_t *policy);
+
+psa_algorithm_t psa_key_policy_get_algorithm(psa_key_policy_t *policy);
+
+/** \brief Set the usage policy on a key slot.
+ *
+ * This function must be called on an empty key slot, before importing,
+ * generating or creating a key in the slot. Changing the policy of an
+ * existing key is not permitted.
+ */
+psa_status_t psa_set_key_policy(psa_key_slot_t key,
+                                const psa_key_policy_t *policy);
+
+psa_status_t psa_get_key_policy(psa_key_slot_t key,
+                                psa_key_policy_t *policy);
 
 /**@}*/
 
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 9e70512d7..c0a673860 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -118,4 +118,10 @@ struct psa_aead_operation_s
     } ctx;
 };
 
+struct psa_key_policy_s
+{
+    psa_key_usage_t usage;
+    psa_algorithm_t alg;
+};
+
 #endif /* PSA_CRYPTO_STRUCT_H */

From 609b6a5b67b23ada65442b4a70b114d29105ff49 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 3 Mar 2018 21:31:50 +0100
Subject: [PATCH 023/889] Get the lifetime of a key slot

---
 include/psa/crypto.h | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 493f5efba..97fe4c3c2 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -474,6 +474,34 @@ psa_status_t psa_get_key_policy(psa_key_slot_t key,
 
 /**@}*/
 
+/** \defgroup persistence Key lifetime
+ * @{
+ */
+
+/** Encoding of key lifetimes.
+ */
+typedef uint32_t psa_key_lifetime_t;
+
+/** A volatile key slot retains its content as long as the application is
+ * running. It is guaranteed to be erased on a power reset.
+ */
+#define PSA_KEY_LIFETIME_VOLATILE               ((psa_key_lifetime_t)0x00000000)
+
+/** A persistent key slot retains its content as long as it is not explicitly
+ * destroyed.
+ */
+#define PSA_KEY_LIFETIME_PERSISTENT             ((psa_key_lifetime_t)0x00000001)
+
+/** A write-once key slot may not be modified once a key has been set.
+ * It will retain its content as long as the device remains operational.
+ */
+#define PSA_KEY_LIFETIME_WRITE_ONCE             ((psa_key_lifetime_t)0x7fffffff)
+
+psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
+                                  psa_key_lifetime_t *lifetime);
+
+/**@}*/
+
 /** \defgroup hash Message digests
  * @{
  */

From e4ebc12fcd1033e78cb2d9e8e0988018e130a886 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 7 Mar 2018 14:16:44 +0100
Subject: [PATCH 024/889] psa_crypto_init: set the global initialized flag

---
 library/psa_crypto.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index e264990ff..ea25c49a4 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1288,6 +1288,8 @@ psa_status_t psa_crypto_init( void )
     if( ret != 0 )
         goto exit;
 
+    global_data.initialized = 1;
+
 exit:
     if( ret != 0 )
         mbedtls_psa_crypto_free( );

From 2905a7adccfaa18a562ad150d81763c209b0084d Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 7 Mar 2018 16:39:31 +0100
Subject: [PATCH 025/889] Fix namespace violation

---
 include/psa/crypto.h | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 97fe4c3c2..7eb45fbe8 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -107,8 +107,8 @@ typedef enum {
  */
 psa_status_t psa_crypto_init(void);
 
-#define BITS_TO_BYTES(bits) (((bits) + 7) / 8)
-#define BYTES_TO_BITS(bytes) ((bytes) * 8)
+#define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8)
+#define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8)
 
 /**@}*/
 
@@ -1123,7 +1123,7 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation);
  *
  */
 #define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg)        \
-    (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, BITS_TO_BYTES(key_bits)) : \
+    (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \
      PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \
      0)
 

From f5b9fa13e0f8d6de66c08d6fcfaaf1250059902f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 7 Mar 2018 16:40:18 +0100
Subject: [PATCH 026/889] Documentation clarifications

Clarify or add the documentation of some functions and constants.

Add a note about what the __DOXYGEN_ONLY__ section is for.
---
 include/psa/crypto.h | 23 +++++++++++++++++++++--
 1 file changed, 21 insertions(+), 2 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 7eb45fbe8..48586a2f1 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -11,6 +11,11 @@
 #include <stddef.h>
 
 #ifdef __DOXYGEN_ONLY__
+/* This __DOXYGEN_ONLY__ block contains mock definitions for things that
+ * must be defined in the crypto_platform.h header. These mock definitions
+ * are present in this file as a convenience to generate pretty-printed
+ * documentation that includes those definitions. */
+
 /** \defgroup platform Implementation-specific definitions
  * @{
  */
@@ -30,7 +35,7 @@
 typedef _unsigned_integral_type_ psa_key_slot_t;
 
 /**@}*/
-#endif
+#endif /* __DOXYGEN_ONLY__ */
 
 #ifdef __cplusplus
 extern "C" {
@@ -120,7 +125,19 @@ psa_status_t psa_crypto_init(void);
  */
 typedef uint32_t psa_key_type_t;
 
+/** An invalid key type value.
+ *
+ * Zero is not the encoding of any key type.
+ */
 #define PSA_KEY_TYPE_NONE                       ((psa_key_type_t)0x00000000)
+
+/** Vendor-defined flag
+ *
+ * Key types defined by this standard will never have the
+ * #PSA_KEY_TYPE_VENDOR_FLAG bit set. Vendors who define additional key types
+ * must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should
+ * respect the bitwise structure used by standard encodings whenever practical.
+ */
 #define PSA_KEY_TYPE_VENDOR_FLAG                ((psa_key_type_t)0x80000000)
 
 #define PSA_KEY_TYPE_CATEGORY_MASK              ((psa_key_type_t)0x7e000000)
@@ -142,6 +159,7 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_ECC_BASE                   ((psa_key_type_t)0x06030000)
 #define PSA_KEY_TYPE_ECC_CURVE_MASK             ((psa_key_type_t)0x0000ffff)
 
+/** Whether a key type is vendor-defined. */
 #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
     (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
 #define PSA_KEY_TYPE_IS_RAW_BYTES(type)                                 \
@@ -290,7 +308,8 @@ typedef uint32_t psa_algorithm_t;
 /**
  * \brief Import a key in binary format.
  *
- * This function supports any output from psa_export_key().
+ * This function supports any output from psa_export_key(). Refer to the
+ * documentation of psa_export_key() for the format for each key type.
  *
  * \param key         Slot where the key will be stored. This must be a
  *                    valid slot for a key of the chosen type. It must

From 03182e99b63baee25ca221715787409ad557b8b7 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 7 Mar 2018 16:40:52 +0100
Subject: [PATCH 027/889] Fix parameter name in PSA_BLOCK_CIPHER_BLOCK_SIZE

---
 include/psa/crypto.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 48586a2f1..cc9881bad 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -178,7 +178,7 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_IS_ECC(type)                                       \
     (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_BASE)
 
-#define PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type)        \
+#define PSA_BLOCK_CIPHER_BLOCK_SIZE(type)            \
     (                                                \
         (type) == PSA_KEY_TYPE_AES ? 16 :            \
         (type) == PSA_KEY_TYPE_DES ? 8 :             \

From 6d9121381a8e170afab9a80aeafb11ff28e2a6a1 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 7 Mar 2018 16:41:37 +0100
Subject: [PATCH 028/889] Add some comments to document some non-obvious coding
 choices

---
 library/psa_crypto.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ea25c49a4..cc631d950 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -305,6 +305,7 @@ psa_status_t psa_import_key(psa_key_slot_t key,
 
     if( PSA_KEY_TYPE_IS_RAW_BYTES( type ) )
     {
+        /* Ensure that a bytes-to-bit conversion won't overflow. */
         if( data_length > SIZE_MAX / 8 )
             return( PSA_ERROR_NOT_SUPPORTED );
         slot->data.raw.data = mbedtls_calloc( 1, data_length );
@@ -396,7 +397,7 @@ psa_status_t psa_destroy_key(psa_key_slot_t key)
 #endif /* defined(MBEDTLS_ECP_C) */
     {
         /* Shouldn't happen: the key type is not any type that we
-         * put it. */
+         * put in. */
         return( PSA_ERROR_TAMPERING_DETECTED );
     }
 
@@ -445,7 +446,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
 #endif /* defined(MBEDTLS_ECP_C) */
     {
         /* Shouldn't happen: the key type is not any type that we
-         * put it. */
+         * put in. */
         return( PSA_ERROR_TAMPERING_DETECTED );
     }
 
@@ -503,8 +504,11 @@ psa_status_t psa_export_key(psa_key_slot_t key,
         return( PSA_SUCCESS );
     }
     else
-#endif /* definedMBEDTLS_PK_WRITE_C) */
+#endif /* defined(MBEDTLS_PK_WRITE_C) */
     {
+        /* This shouldn't happen in the reference implementation, but
+           it is valid for a special-purpose implementation to omit
+           support for exporting certain key types. */
         return( PSA_ERROR_NOT_SUPPORTED );
     }
 }

From 3c6e970752c41ec0843c8187b7b03fd02be887cf Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 7 Mar 2018 16:42:44 +0100
Subject: [PATCH 029/889] Fix memory leak in psa_destroy_key

---
 library/psa_crypto.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index cc631d950..c4e6be168 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -385,6 +385,7 @@ psa_status_t psa_destroy_key(psa_key_slot_t key)
         slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
     {
         mbedtls_rsa_free( slot->data.rsa );
+        mbedtls_free( slot->data.rsa );
     }
     else
 #endif /* defined(MBEDTLS_RSA_C) */
@@ -392,6 +393,7 @@ psa_status_t psa_destroy_key(psa_key_slot_t key)
     if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
     {
         mbedtls_ecp_keypair_free( slot->data.ecp );
+        mbedtls_free( slot->data.ecp );
     }
     else
 #endif /* defined(MBEDTLS_ECP_C) */

From dc2fc8443fe4aa18797ffdea00d6649aa1e158ae Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 7 Mar 2018 16:42:59 +0100
Subject: [PATCH 030/889] Rename xxx_of_psa functions to xxx_from_psa

Be consistent with how similar functions are named in Mbed TLS.
---
 library/psa_crypto.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c4e6be168..81da8cef0 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -521,7 +521,7 @@ psa_status_t psa_export_key(psa_key_slot_t key,
 /* Message digests */
 /****************************************************************/
 
-static const mbedtls_md_info_t *mbedtls_md_info_of_psa( psa_algorithm_t alg )
+static const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg )
 {
     switch( alg )
     {
@@ -865,7 +865,7 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
 /* MAC */
 /****************************************************************/
 
-static const mbedtls_cipher_info_t *mbedtls_cipher_info_of_psa(
+static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
     psa_algorithm_t alg,
     psa_key_type_t key_type,
     size_t key_bits )
@@ -984,7 +984,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
 
     if( ! PSA_ALG_IS_HMAC( alg ) )
     {
-        cipher_info = mbedtls_cipher_info_of_psa( alg, key_type, key_bits );
+        cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits );
         if( cipher_info == NULL )
             return( PSA_ERROR_NOT_SUPPORTED );
         operation->mac_size = cipher_info->block_size;
@@ -1008,7 +1008,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
             if( PSA_ALG_IS_HMAC( alg ) )
             {
                 const mbedtls_md_info_t *md_info =
-                    mbedtls_md_info_of_psa( PSA_ALG_HMAC_HASH( alg ) );
+                    mbedtls_md_info_from_psa( PSA_ALG_HMAC_HASH( alg ) );
                 if( md_info == NULL )
                     return( PSA_ERROR_NOT_SUPPORTED );
                 if( key_type != PSA_KEY_TYPE_HMAC )
@@ -1191,7 +1191,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
         mbedtls_rsa_context *rsa = slot->data.rsa;
         int ret;
         psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH( alg );
-        const mbedtls_md_info_t *md_info = mbedtls_md_info_of_psa( hash_alg );
+        const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
         mbedtls_md_type_t md_alg =
             hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type( md_info );
         if( md_alg == MBEDTLS_MD_NONE )

From 40f68b98630af5cc46cd7e2bf954e806fdbfab6c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 7 Mar 2018 16:43:36 +0100
Subject: [PATCH 031/889] Use unhexify_alloc where applicable

---
 tests/suites/test_suite_psa_crypto.function | 51 ++++++---------------
 1 file changed, 15 insertions(+), 36 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index d5305740f..93817948c 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -33,10 +33,8 @@ void import( char *hex, int type, int expected_status )
     unsigned char *data = NULL;
     size_t data_size;
 
-    data_size = strlen( hex ) / 2;
-    data = mbedtls_calloc( 1, data_size );
+    data = unhexify_alloc( hex, &data_size );
     TEST_ASSERT( data != NULL );
-    data_size = unhexify( data, hex );
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     status = psa_import_key( slot, type, data, data_size );
@@ -71,10 +69,8 @@ void import_export( char *hex, int type_arg,
     psa_key_type_t got_type;
     size_t got_bits;
 
-    data_size = strlen( hex ) / 2;
-    data = mbedtls_calloc( 1, data_size );
+    data = unhexify_alloc( hex, &data_size );
     TEST_ASSERT( data != NULL );
-    data_size = unhexify( data, hex );
     export_size = (ssize_t) data_size + export_size_delta;
     exported = mbedtls_calloc( 1, export_size );
     TEST_ASSERT( exported != NULL );
@@ -147,10 +143,8 @@ void hash_finish( int alg_arg, char *input_hex, char *hash_hex )
     size_t actual_hash_length;
     psa_hash_operation_t operation;
 
-    input_size = strlen( input_hex ) / 2;
-    input = mbedtls_calloc( 1, input_size );
+    input = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input != NULL );
-    input_size = unhexify( input, input_hex );
     expected_hash_length = unhexify( expected_hash, hash_hex );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
@@ -181,10 +175,8 @@ void hash_verify( int alg_arg, char *input_hex, char *hash_hex )
     size_t expected_hash_length;
     psa_hash_operation_t operation;
 
-    input_size = strlen( input_hex ) / 2;
-    input = mbedtls_calloc( 1, input_size );
+    input = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input != NULL );
-    input_size = unhexify( input, input_hex );
     expected_hash_length = unhexify( expected_hash, hash_hex );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
@@ -220,25 +212,17 @@ void mac_verify( int key_type_arg, char *key_hex,
     size_t expected_mac_size;
     psa_mac_operation_t operation;
 
-    key_size = strlen( key_hex ) / 2;
-    key = mbedtls_calloc( 1, key_size );
+    key = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key != NULL );
-    key_size = unhexify( key, key_hex );
-    iv_size = strlen( iv_hex ) / 2;
-    if( iv_size != 0 )
+    if( iv_hex[0] != 0 )
     {
-        iv = mbedtls_calloc( 1, iv_size );
+        iv = unhexify_alloc( iv_hex, &iv_size );
         TEST_ASSERT( iv != NULL );
-        iv_size = unhexify( iv, iv_hex );
     }
-    input_size = strlen( input_hex ) / 2;
-    input = mbedtls_calloc( 1, input_size );
+    input = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input != NULL );
-    input_size = unhexify( input, input_hex );
-    expected_mac_size = strlen( mac_hex ) / 2;
-    expected_mac = mbedtls_calloc( 1, expected_mac_size );
+    expected_mac = unhexify_alloc( mac_hex, &expected_mac_size );
     TEST_ASSERT( expected_mac != NULL );
-    expected_mac_size = unhexify( expected_mac, mac_hex );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -293,15 +277,12 @@ void sign_deterministic( int key_type_arg, char *key_hex,
     size_t signature_size;
     size_t signature_length = 0xdeadbeef;
 
-    key_data = mbedtls_calloc( 1, strlen( key_hex ) / 2 );
+    key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
-    key_size = unhexify( key_data, key_hex );
-    input_data = mbedtls_calloc( 1, strlen( input_hex ) / 2 );
+    input_data = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input_data != NULL );
-    input_size = unhexify( input_data, input_hex );
-    output_data = mbedtls_calloc( 1, strlen( output_hex ) / 2 );
+    output_data = unhexify_alloc( output_hex, &output_size );
     TEST_ASSERT( output_data != NULL );
-    output_size = unhexify( output_data, output_hex );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -348,15 +329,13 @@ void sign_fail( int key_type_arg, char *key_hex,
     size_t input_size;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
-    unsigned char *signature;
+    unsigned char *signature = NULL;
     size_t signature_length = 0xdeadbeef;
 
-    key_data = mbedtls_calloc( 1, strlen( key_hex ) / 2 );
+    key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
-    key_size = unhexify( key_data, key_hex );
-    input_data = mbedtls_calloc( 1, strlen( input_hex ) / 2 );
+    input_data = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input_data != NULL );
-    input_size = unhexify( input_data, input_hex );
     signature = mbedtls_calloc( 1, signature_size );
     TEST_ASSERT( signature != NULL );
 

From 06dc26350e7aa73543ce8446373d4ed8c30e079f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 8 Mar 2018 07:47:25 +0100
Subject: [PATCH 032/889] Fix macro definitions for ECC keys

Public keys and key pairs have different types.
---
 include/psa/crypto.h | 29 ++++++++++++++++++++++++++---
 1 file changed, 26 insertions(+), 3 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index cc9881bad..16d7c08c8 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -156,8 +156,17 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_RSA_PUBLIC_KEY             ((psa_key_type_t)0x06010000)
 /** RSA key pair (private and public key). */
 #define PSA_KEY_TYPE_RSA_KEYPAIR                ((psa_key_type_t)0x07010000)
-#define PSA_KEY_TYPE_ECC_BASE                   ((psa_key_type_t)0x06030000)
+/** DSA public key. */
+#define PSA_KEY_TYPE_DSA_PUBLIC_KEY             ((psa_key_type_t)0x06020000)
+/** DSA key pair (private and public key). */
+#define PSA_KEY_TYPE_DSA_KEYPAIR                ((psa_key_type_t)0x07020000)
+#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE        ((psa_key_type_t)0x06030000)
+#define PSA_KEY_TYPE_ECC_KEYPAIR_BASE           ((psa_key_type_t)0x07030000)
 #define PSA_KEY_TYPE_ECC_CURVE_MASK             ((psa_key_type_t)0x0000ffff)
+#define PSA_KEY_TYPE_ECC_KEYPAIR(curve)         \
+    (PSA_KEY_TYPE_ECC_KEYPAIR_BASE | (curve))
+#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve)              \
+    (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
 
 /** Whether a key type is vendor-defined. */
 #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
@@ -165,18 +174,32 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_IS_RAW_BYTES(type)                                 \
     (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_RAW_DATA ||  \
      ((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
+
+/** Whether a key type is asymmetric: either a key pair or a public key. */
 #define PSA_KEY_TYPE_IS_ASYMMETRIC(type)                                \
     (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_ASYMMETRIC)
+/** Whether a key type is the public part of a key pair. */
 #define PSA_KEY_TYPE_IS_PUBLIC_KEY(type)                                \
     (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG) == \
       PSA_KEY_TYPE_CATEGORY_ASYMMETRIC))
+/** Whether a key type is a key pair containing a private part and a public
+ * part. */
 #define PSA_KEY_TYPE_IS_KEYPAIR(type)                                   \
     (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG)) == \
      (PSA_KEY_TYPE_CATEGORY_ASYMMETRIC | PSA_KEY_TYPE_PAIR_FLAG))
+/** Whether a key type is an RSA key pair or public key. */
+/** The key pair type corresponding to a public key type. */
+#define PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY(type)        \
+    ((type) | PSA_KEY_TYPE_PAIR_FLAG)
+/** The public key type corresponding to a key pair type. */
+#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type)        \
+    ((type) & ~PSA_KEY_TYPE_PAIR_FLAG)
 #define PSA_KEY_TYPE_IS_RSA(type)                                       \
-    (((type) & ~PSA_KEY_TYPE_PAIR_FLAG) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
+    (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
+/** Whether a key type is an elliptic curve key pair or public key. */
 #define PSA_KEY_TYPE_IS_ECC(type)                                       \
-    (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_BASE)
+    ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) &                        \
+      ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
 
 #define PSA_BLOCK_CIPHER_BLOCK_SIZE(type)            \
     (                                                \

From e3f694f49a1c561689a1279f3ad5c4b9dbf9381d Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 8 Mar 2018 07:48:40 +0100
Subject: [PATCH 033/889] Remove non-standard hash algorithms

---
 include/psa/crypto.h | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 16d7c08c8..ffa70d5c3 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -259,10 +259,8 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_MD2                             ((psa_algorithm_t)0x01000001)
 #define PSA_ALG_MD4                             ((psa_algorithm_t)0x01000002)
 #define PSA_ALG_MD5                             ((psa_algorithm_t)0x01000003)
-#define PSA_ALG_SHA_256_128                     ((psa_algorithm_t)0x01000004)
-#define PSA_ALG_RIPEMD160                       ((psa_algorithm_t)0x01000005)
-#define PSA_ALG_SHA_1                           ((psa_algorithm_t)0x01000006)
-#define PSA_ALG_SHA_256_160                     ((psa_algorithm_t)0x01000007)
+#define PSA_ALG_RIPEMD160                       ((psa_algorithm_t)0x01000004)
+#define PSA_ALG_SHA_1                           ((psa_algorithm_t)0x01000005)
 #define PSA_ALG_SHA_224                         ((psa_algorithm_t)0x01000008)
 #define PSA_ALG_SHA_256                         ((psa_algorithm_t)0x01000009)
 #define PSA_ALG_SHA_384                         ((psa_algorithm_t)0x0100000a)
@@ -572,10 +570,8 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
         (alg) == PSA_ALG_MD2 ? 16 :             \
         (alg) == PSA_ALG_MD4 ? 16 :             \
         (alg) == PSA_ALG_MD5 ? 16 :             \
-        (alg) == PSA_ALG_SHA_256_128 ? 16 :     \
         (alg) == PSA_ALG_RIPEMD160 ? 20 :       \
         (alg) == PSA_ALG_SHA_1 ? 20 :           \
-        (alg) == PSA_ALG_SHA_256_160 ? 20 :     \
         (alg) == PSA_ALG_SHA_224 ? 28 :         \
         (alg) == PSA_ALG_SHA_256 ? 32 :         \
         (alg) == PSA_ALG_SHA_384 ? 48 :         \

From d393e18f90bab4c70d00cd5e65a5a64be5c98150 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 8 Mar 2018 07:49:16 +0100
Subject: [PATCH 034/889] Add psa_set_key_lifetime

It is likely that most implementations won't support this function.
But in case an implementation wants to provide it, standardize its
interface.
---
 include/psa/crypto.h | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index ffa70d5c3..5edc04fcd 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -537,9 +537,22 @@ typedef uint32_t psa_key_lifetime_t;
  */
 #define PSA_KEY_LIFETIME_WRITE_ONCE             ((psa_key_lifetime_t)0x7fffffff)
 
+/** \brief Retrieve the lifetime of a key slot.
+ *
+ * The assignment of lifetimes to slots is implementation-dependent.
+ */
 psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
                                   psa_key_lifetime_t *lifetime);
 
+/** \brief Change the lifetime of a key slot.
+ *
+ * Whether the lifetime of a key slot can be changed at all, and if so
+ *  whether the lifetime of an occupied key slot can be chaned, is
+ * implementation-dependent.
+ */
+psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
+                                  const psa_key_lifetime_t *lifetime);
+
 /**@}*/
 
 /** \defgroup hash Message digests

From 7e1985372206de30c0da8e65e0498f5b1118b47c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 8 Mar 2018 07:50:30 +0100
Subject: [PATCH 035/889] More documentation

---
 include/psa/crypto.h | 59 ++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 57 insertions(+), 2 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 5edc04fcd..69c93dd6a 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -201,11 +201,24 @@ typedef uint32_t psa_key_type_t;
     ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) &                        \
       ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
 
+/** The block size of a block cipher.
+ *
+ * \param type  A cipher key type (value of type #psa_key_type_t).
+ *
+ * \return      The block size for a block cipher, or 1 for a stream cipher.
+ *              The return value is undefined if \c type does not identify
+ *              a cipher algorithm.
+ *
+ * \note This macro returns a compile-time constant if its argument is one.
+ *
+ * \warning This macro may evaluate its argument multiple times.
+ */
 #define PSA_BLOCK_CIPHER_BLOCK_SIZE(type)            \
     (                                                \
         (type) == PSA_KEY_TYPE_AES ? 16 :            \
         (type) == PSA_KEY_TYPE_DES ? 8 :             \
         (type) == PSA_KEY_TYPE_CAMELLIA ? 16 :       \
+        (type) == PSA_KEY_TYPE_ARC4 ? 1 :            \
         0)
 
 /** \brief Encoding of a cryptographic algorithm.
@@ -233,11 +246,12 @@ typedef uint32_t psa_algorithm_t;
     (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
 /** Whether the specified algorithm is a hash algorithm.
  *
- * \param alg An algorithm identifier (\c PSA_ALG_XXX value)
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
  *
  * \return 1 if \c alg is a hash algorithm, 0 otherwise.
  *         This macro may return either 0 or 1 if \c alg is not a valid
- *         algorithm identifier. */
+ *         algorithm identifier.
+ */
 #define PSA_ALG_IS_HASH(alg)                                            \
     (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
 #define PSA_ALG_IS_MAC(alg)                                             \
@@ -474,11 +488,41 @@ psa_status_t psa_export_public_key(psa_key_slot_t key,
 /** \brief Encoding of permitted usage on a key. */
 typedef uint32_t psa_key_usage_t;
 
+/** Whether the key may be exported.
+ *
+ * A public key or the public part of a key pair may always be exported
+ * regardless of the value of this permission flag.
+ *
+ * If a key does not have export permission, implementations shall not
+ * allow the key to be exported in plain form from the cryptoprocessor,
+ * whether through psa_export_key() or through a proprietary interface.
+ * The key may however be exportable in a wrapped form, i.e. in a form
+ * where it is encrypted by another key.
+ */
 #define PSA_KEY_USAGE_EXPORT                    ((psa_key_usage_t)0x00000001)
 
+/** Whether the key may be used to encrypt a message.
+ *
+ * For a key pair, this concerns the public key.
+ */
 #define PSA_KEY_USAGE_ENCRYPT                   ((psa_key_usage_t)0x00000100)
+
+/** Whether the key may be used to decrypt a message.
+ *
+ * For a key pair, this concerns the private key.
+ */
 #define PSA_KEY_USAGE_DECRYPT                   ((psa_key_usage_t)0x00000200)
+
+/** Whether the key may be used to sign a message.
+ *
+ * For a key pair, this concerns the private key.
+ */
 #define PSA_KEY_USAGE_SIGN                      ((psa_key_usage_t)0x00000400)
+
+/** Whether the key may be used to verify a message signature.
+ *
+ * For a key pair, this concerns the public key.
+ */
 #define PSA_KEY_USAGE_VERIFY                    ((psa_key_usage_t)0x00000800)
 
 /** The type of the key policy data structure.
@@ -492,6 +536,12 @@ typedef struct psa_key_policy_s psa_key_policy_t;
  * usage of the key. */
 void psa_key_policy_init(psa_key_policy_t *policy);
 
+/** \brief Set the standard fields of a policy structure.
+ *
+ * Note that this function does not make any consistency check of the
+ * parameters. The values are only checked when applying the policy to
+ * a key slot with psa_set_key_policy().
+ */
 void psa_key_policy_set_usage(psa_key_policy_t *policy,
                               psa_key_usage_t usage,
                               psa_algorithm_t alg);
@@ -505,10 +555,15 @@ psa_algorithm_t psa_key_policy_get_algorithm(psa_key_policy_t *policy);
  * This function must be called on an empty key slot, before importing,
  * generating or creating a key in the slot. Changing the policy of an
  * existing key is not permitted.
+ *
+ * Implementations may set restrictions on supported key policies
+ * depending on the key type and the key slot.
  */
 psa_status_t psa_set_key_policy(psa_key_slot_t key,
                                 const psa_key_policy_t *policy);
 
+/** \brief Get the usage policy for a key slot.
+ */
 psa_status_t psa_get_key_policy(psa_key_slot_t key,
                                 psa_key_policy_t *policy);
 

From 971f7064e932d19e6b51d095421823fe40f37cc9 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 20 Mar 2018 17:52:58 +0100
Subject: [PATCH 036/889] More precise reference for the RSA public key format

---
 include/psa/crypto.h | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 69c93dd6a..95c894852 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -428,7 +428,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  *   is the non-encrypted DER representation defined by PKCS\#8 (RFC 5208)
  *   as PrivateKeyInfo.
  * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the format
- *   is the DER representation defined by X.509.
+ *   is the DER representation defined by RFC 5280 as SubjectPublicKeyInfo.
  *
  * \param key           Slot whose content is to be exported. This must
  *                      be an occupied key slot.
@@ -458,7 +458,8 @@ psa_status_t psa_export_key(psa_key_slot_t key,
  * For standard key types, the output format is as follows:
  *
  * - For RSA keys (#PSA_KEY_TYPE_RSA_KEYPAIR or #PSA_KEY_TYPE_RSA_PUBLIC_KEY),
- *   the format is the DER representation defined by X.509.
+ *   is the DER representation of the public key defined by RFC 5280
+ *   as SubjectPublicKeyInfo.
  *
  * \param key           Slot whose content is to be exported. This must
  *                      be an occupied key slot.

From ed522974bdf5528bc668532bfd2a02bc4f4b3bcf Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 20 Mar 2018 17:54:15 +0100
Subject: [PATCH 037/889] Clarify how multipart operations get terminated

---
 include/psa/crypto.h | 22 ++++++++++++++--------
 1 file changed, 14 insertions(+), 8 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 95c894852..a9cddc027 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -670,7 +670,8 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
  * has been initialized with psa_hash_start().
  *
  * After a successful call to psa_hash_start(), the application must
- * eventually destroy the operation through one of the following means:
+ * eventually terminate the operation. The following events terminate an
+ * operation:
  * - A failed call to psa_hash_update().
  * - A call to psa_hash_final(), psa_hash_verify() or psa_hash_abort().
  *
@@ -862,7 +863,8 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
  * has been initialized with psa_mac_start().
  *
  * After a successful call to psa_mac_start(), the application must
- * eventually destroy the operation through one of the following means:
+ * eventually terminate the operation. The following events terminate an
+ * operation:
  * - A failed call to psa_mac_update().
  * - A call to psa_mac_final(), psa_mac_verify() or psa_mac_abort().
  *
@@ -936,7 +938,8 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
  * has been initialized with psa_encrypt_setup().
  *
  * After a successful call to psa_encrypt_setup(), the application must
- * eventually destroy the operation through one of the following means:
+ * eventually terminate the operation. The following events terminate an
+ * operation:
  * - A failed call to psa_encrypt_generate_iv(), psa_encrypt_set_iv()
  *   or psa_cipher_update().
  * - A call to psa_cipher_final() or psa_cipher_abort().
@@ -983,7 +986,8 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation,
  * has been initialized with psa_encrypt_setup().
  *
  * After a successful call to psa_decrypt_setup(), the application must
- * eventually destroy the operation through one of the following means:
+ * eventually terminate the operation. The following events terminate an
+ * operation:
  * - A failed call to psa_cipher_update().
  * - A call to psa_cipher_final() or psa_cipher_abort().
  *
@@ -1064,8 +1068,9 @@ typedef struct psa_aead_operation_s psa_aead_operation_t;
  * The application may call psa_aead_abort() at any time after the operation
  * has been initialized with psa_aead_encrypt_setup().
  *
- * After a successful call to psa_aead_setup(), the application must
- * eventually destroy the operation through one of the following means:
+ * After a successful call to psa_aead_encrypt_setup(), the application must
+ * eventually terminate the operation. The following events terminate an
+ * operation:
  * - A failed call to psa_aead_generate_iv(), psa_aead_set_iv(),
  *   psa_aead_update_ad() or psa_aead_update().
  * - A call to psa_aead_final() or psa_aead_abort().
@@ -1112,8 +1117,9 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation,
  * The application may call psa_aead_abort() at any time after the operation
  * has been initialized with psa_aead_decrypt_setup().
  *
- * After a successful call to psa_decrypt_setup(), the application must
- * eventually destroy the operation through one of the following means:
+ * After a successful call to psa_aead_decrypt_setup(), the application must
+ * eventually terminate the operation. The following events terminate an
+ * operation:
  * - A failed call to psa_aead_update().
  * - A call to psa_cipher_final() or psa_cipher_abort().
  *

From 1906798d4ce0cc5e7d3c5dd1afe9c8e7d6933b73 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 20 Mar 2018 17:54:53 +0100
Subject: [PATCH 038/889] Fix some typos and copypasta

---
 include/psa/crypto.h | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index a9cddc027..04e6b4796 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -603,7 +603,7 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
 /** \brief Change the lifetime of a key slot.
  *
  * Whether the lifetime of a key slot can be changed at all, and if so
- *  whether the lifetime of an occupied key slot can be chaned, is
+ * whether the lifetime of an occupied key slot can be changed, is
  * implementation-dependent.
  */
 psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
@@ -673,7 +673,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
  * eventually terminate the operation. The following events terminate an
  * operation:
  * - A failed call to psa_hash_update().
- * - A call to psa_hash_final(), psa_hash_verify() or psa_hash_abort().
+ * - A call to psa_hash_finish(), psa_hash_verify() or psa_hash_abort().
  *
  * \param operation
  * \param alg       The hash algorithm to compute (\c PSA_ALG_XXX value
@@ -767,7 +767,7 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
  *
  * When this function returns, the operation becomes inactive.
  *
- * \note Applications shall make the best effort to ensure that the
+ * \note Implementations shall make the best effort to ensure that the
  * comparison between the actual hash and the expected hash is performed
  * in constant time.
  *
@@ -866,7 +866,7 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
  * eventually terminate the operation. The following events terminate an
  * operation:
  * - A failed call to psa_mac_update().
- * - A call to psa_mac_final(), psa_mac_verify() or psa_mac_abort().
+ * - A call to psa_mac_finish(), psa_mac_verify() or psa_mac_abort().
  *
  * \param operation
  * \param alg       The MAC algorithm to compute (\c PSA_ALG_XXX value
@@ -942,7 +942,7 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
  * operation:
  * - A failed call to psa_encrypt_generate_iv(), psa_encrypt_set_iv()
  *   or psa_cipher_update().
- * - A call to psa_cipher_final() or psa_cipher_abort().
+ * - A call to psa_cipher_finish() or psa_cipher_abort().
  *
  * \param operation
  * \param alg       The cipher algorithm to compute (\c PSA_ALG_XXX value
@@ -989,7 +989,7 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation,
  * eventually terminate the operation. The following events terminate an
  * operation:
  * - A failed call to psa_cipher_update().
- * - A call to psa_cipher_final() or psa_cipher_abort().
+ * - A call to psa_cipher_finish() or psa_cipher_abort().
  *
  * \param operation
  * \param alg       The cipher algorithm to compute (\c PSA_ALG_XXX value
@@ -1073,7 +1073,7 @@ typedef struct psa_aead_operation_s psa_aead_operation_t;
  * operation:
  * - A failed call to psa_aead_generate_iv(), psa_aead_set_iv(),
  *   psa_aead_update_ad() or psa_aead_update().
- * - A call to psa_aead_final() or psa_aead_abort().
+ * - A call to psa_aead_finish() or psa_aead_abort().
  *
  * \param operation
  * \param alg       The AEAD algorithm to compute (\c PSA_ALG_XXX value
@@ -1121,11 +1121,11 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation,
  * eventually terminate the operation. The following events terminate an
  * operation:
  * - A failed call to psa_aead_update().
- * - A call to psa_cipher_final() or psa_cipher_abort().
+ * - A call to psa_aead_finish() or psa_aead_abort().
  *
  * \param operation
- * \param alg       The cipher algorithm to compute (\c PSA_ALG_XXX value
- *                  such that #PSA_ALG_IS_CIPHER(alg) is true).
+ * \param alg       The AEAD algorithm to compute (\c PSA_ALG_XXX value
+ *                  such that #PSA_ALG_IS_AEAD(alg) is true).
  *
  * \retval PSA_SUCCESS
  *         Success.
@@ -1134,7 +1134,7 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation,
  * \retval PSA_ERROR_INVALID_ARGUMENT
  *         \c key is not compatible with \c alg.
  * \retval PSA_ERROR_NOT_SUPPORTED
- *         \c alg is not supported or is not a cipher algorithm.
+ *         \c alg is not supported or is not an AEAD algorithm.
  * \retval PSA_ERROR_INSUFFICIENT_MEMORY
  * \retval PSA_ERROR_COMMUNICATION_FAILURE
  * \retval PSA_ERROR_HARDWARE_FAILURE

From 8cc1ceec3e00486e98712f61757c51b563025578 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 28 Mar 2018 01:21:33 +0300
Subject: [PATCH 039/889] Key Policy APIs implementation

---
 include/psa/crypto.h                        |  6 ++
 library/psa_crypto.c                        | 79 +++++++++++++++++++++
 tests/suites/test_suite_psa_crypto.data     |  3 +
 tests/suites/test_suite_psa_crypto.function | 39 ++++++++++
 4 files changed, 127 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index e8b22e0f5..687a3499f 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -89,6 +89,8 @@ typedef enum {
     PSA_ERROR_INVALID_SIGNATURE,
     /** The decrypted padding is incorrect. */
     PSA_ERROR_INVALID_PADDING,
+    /** The key policy is incorrect. */
+    PSA_ERROR_INVALID_KEY_POLICY,
     /** An error occurred that does not correspond to any defined
         failure cause. */
     PSA_ERROR_UNKNOWN_ERROR,
@@ -489,6 +491,10 @@ psa_status_t psa_export_public_key(psa_key_slot_t key,
 /** \brief Encoding of permitted usage on a key. */
 typedef uint32_t psa_key_usage_t;
 
+/** An invalid key usage value.
+ * */
+#define PSA_KEY_USAGE_NONE                      ((psa_key_usage_t)0x00000000)
+
 /** Whether the key may be exported.
  *
  * A public key or the public part of a key pair may always be exported
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c93da95b9..d53d6ee40 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -96,6 +96,7 @@ static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n )
 
 typedef struct {
     psa_key_type_t type;
+    psa_key_policy_t policy;
     union {
         struct raw_data {
             uint8_t *data;
@@ -1260,6 +1261,84 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
 }
 
 
+/****************************************************************/
+/* Key Policy */
+/****************************************************************/
+
+void psa_key_policy_init(psa_key_policy_t *policy)
+{
+    mbedtls_zeroize( policy, sizeof( policy ) );
+}
+
+void psa_key_policy_set_usage(psa_key_policy_t *policy,
+                              psa_key_usage_t usage,
+                              psa_algorithm_t alg)
+{
+    if( policy != NULL )
+    {
+        policy->usage = usage;
+        policy->alg = alg;
+    }
+}
+
+psa_key_usage_t psa_key_policy_get_usage(psa_key_policy_t *policy)
+{
+    return policy->usage;
+}
+
+psa_algorithm_t psa_key_policy_get_algorithm(psa_key_policy_t *policy)
+{
+    return policy->alg;
+}
+
+psa_status_t psa_set_key_policy(psa_key_slot_t key,
+                                const psa_key_policy_t *policy)
+{
+    key_slot_t *slot;
+    psa_key_usage_t usage = PSA_KEY_USAGE_NONE;
+
+    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT || policy == NULL )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    
+    slot = &global_data.key_slots[key];
+    if( slot->type != PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_OCCUPIED_SLOT );
+
+    usage |= policy->usage & PSA_KEY_USAGE_EXPORT;
+    usage |= policy->usage & PSA_KEY_USAGE_ENCRYPT;
+    usage |= policy->usage & PSA_KEY_USAGE_DECRYPT;
+    usage |= policy->usage & PSA_KEY_USAGE_SIGN;
+    usage |= policy->usage & PSA_KEY_USAGE_VERIFY;
+
+    if( usage == PSA_KEY_USAGE_NONE )
+    {
+        return( PSA_ERROR_INVALID_KEY_POLICY );
+    }
+
+    //TODO: is there any check over the algorithm before setting the policy?
+    slot->policy.usage = policy->usage;
+    slot->policy.alg = policy->alg;
+
+    return( PSA_SUCCESS );
+}
+
+psa_status_t psa_get_key_policy(psa_key_slot_t key,
+                                psa_key_policy_t *policy)
+{
+    key_slot_t *slot;
+
+    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT || policy == NULL )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    slot = &global_data.key_slots[key];
+    if( slot->type == PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_EMPTY_SLOT );
+    
+    policy->usage = slot->policy.usage;
+    policy->alg = slot->policy.alg;
+
+    return( PSA_SUCCESS );
+}
 
 /****************************************************************/
 /* Module setup */
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 4f4bef14c..c1261bc12 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -83,3 +83,6 @@ sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5
 
 PSA sign RSA PKCS#1 v1.5 SHA-256, output buffer too small
 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA Key Policy set and get
+key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 93817948c..fc5684f14 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -360,3 +360,42 @@ exit:
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void key_policy( int usage_arg, int alg_arg )
+{
+    int key_slot = 1;
+    psa_key_type_t key_type = PSA_ALG_CBC_BASE;
+    unsigned char key[32] = {0};
+    psa_key_policy_t policy_set = {0};
+    psa_key_policy_t policy_get = {0};
+        
+    memset( key, 0x2a, sizeof( key ) );
+ 
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init(& policy_set );
+    psa_key_policy_init(& policy_get );
+
+    psa_key_policy_set_usage( &policy_set, usage_arg, alg_arg );
+
+    TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == ( psa_key_usage_t )usage_arg );
+
+    TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set) == ( psa_algorithm_t )alg_arg );
+
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, sizeof( key ) ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_get_key_policy( key_slot, &policy_get ) == PSA_SUCCESS );
+
+    TEST_ASSERT( policy_get.usage == policy_set.usage );
+    TEST_ASSERT( policy_get.alg == policy_set.alg );
+
+exit:
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+

From 06e7920be5fd6a2680fea9f9a8a30c1a4e5c6a9a Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 28 Mar 2018 13:17:44 +0300
Subject: [PATCH 040/889] integrate policy key usage in export and asymmetric
 sign functions

---
 library/psa_crypto.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index d53d6ee40..a12b45400 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -469,6 +469,9 @@ psa_status_t psa_export_key(psa_key_slot_t key,
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
 
+    if( !( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) )
+        return( PSA_ERROR_NOT_PERMITTED );
+
     if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
     {
         if( slot->data.raw.bytes > data_size )
@@ -1185,6 +1188,8 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
         return( PSA_ERROR_EMPTY_SLOT );
     if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
+    if( !( slot->policy.usage & PSA_KEY_USAGE_SIGN ) )
+        return( PSA_ERROR_NOT_PERMITTED );
 
 #if defined(MBEDTLS_RSA_C)
     if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )

From a97cb8c303a5d1e12f4169d4bdbdf137c6874b25 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 28 Mar 2018 03:46:26 -0700
Subject: [PATCH 041/889] Add calls for set policy in export/sign tests

Add calls for set policy in export/sign tests
---
 tests/suites/test_suite_psa_crypto.function | 24 +++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index fc5684f14..653467b34 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -68,6 +68,7 @@ void import_export( char *hex, int type_arg,
     size_t reexported_length;
     psa_key_type_t got_type;
     size_t got_bits;
+    psa_key_policy_t policy = {0};
 
     data = unhexify_alloc( hex, &data_size );
     TEST_ASSERT( data != NULL );
@@ -81,6 +82,13 @@ void import_export( char *hex, int type_arg,
     }
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 
+                              PSA_ALG_VENDOR_FLAG );
+
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
     /* Import the key */
     TEST_ASSERT( psa_import_key( slot, type,
                                  data, data_size ) == PSA_SUCCESS );
@@ -107,6 +115,8 @@ void import_export( char *hex, int type_arg,
     }
     else
     {
+        TEST_ASSERT( psa_set_key_policy( slot2, &policy ) == PSA_SUCCESS );
+
         TEST_ASSERT( psa_import_key( slot2, type,
                                      exported, export_size ) ==
                      PSA_SUCCESS );
@@ -276,6 +286,7 @@ void sign_deterministic( int key_type_arg, char *key_hex,
     unsigned char *signature = NULL;
     size_t signature_size;
     size_t signature_length = 0xdeadbeef;
+    psa_key_policy_t policy = {0};
 
     key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
@@ -286,6 +297,12 @@ void sign_deterministic( int key_type_arg, char *key_hex,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg );
+
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data, key_size ) == PSA_SUCCESS );
     TEST_ASSERT( psa_get_key_information( slot,
@@ -331,6 +348,7 @@ void sign_fail( int key_type_arg, char *key_hex,
     psa_status_t expected_status = expected_status_arg;
     unsigned char *signature = NULL;
     size_t signature_length = 0xdeadbeef;
+    psa_key_policy_t policy = {0};
 
     key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
@@ -341,6 +359,12 @@ void sign_fail( int key_type_arg, char *key_hex,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg );
+
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data, key_size ) == PSA_SUCCESS );
 

From 4eed75790105950feb79779c6214719323711edf Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 28 Mar 2018 05:14:59 -0700
Subject: [PATCH 042/889] add new test scenarios

---
 library/psa_crypto.c                        |  7 +--
 tests/suites/test_suite_psa_crypto.data     |  6 +++
 tests/suites/test_suite_psa_crypto.function | 54 ++++++++++++++++++++-
 3 files changed, 61 insertions(+), 6 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index a12b45400..9fd0a61e2 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1279,11 +1279,8 @@ void psa_key_policy_set_usage(psa_key_policy_t *policy,
                               psa_key_usage_t usage,
                               psa_algorithm_t alg)
 {
-    if( policy != NULL )
-    {
-        policy->usage = usage;
-        policy->alg = alg;
-    }
+    policy->usage = usage;
+    policy->alg = alg;
 }
 
 psa_key_usage_t psa_key_policy_get_usage(psa_key_policy_t *policy)
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index c1261bc12..2c2be2116 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -86,3 +86,9 @@ sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5
 
 PSA Key Policy set and get
 key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE
+
+PSA Key Policy enforcment - export
+key_policy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+PSA Key Policy enforcment - sign
+key_policy_fail:PSA_KEY_USAGE_SIGN:PSA_ALG_CBC_BASE:PSA_ERROR_NOT_PERMITTED:""
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 653467b34..b0cfe20bb 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -389,7 +389,7 @@ exit:
 void key_policy( int usage_arg, int alg_arg )
 {
     int key_slot = 1;
-    psa_key_type_t key_type = PSA_ALG_CBC_BASE;
+    psa_key_type_t key_type = PSA_KEY_TYPE_AES;
     unsigned char key[32] = {0};
     psa_key_policy_t policy_set = {0};
     psa_key_policy_t policy_get = {0};
@@ -423,3 +423,55 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key_hex )
+{
+    int key_slot = 1;
+    psa_key_type_t key_type = PSA_KEY_TYPE_AES;
+    unsigned char key[32] = {0};
+    unsigned char* keypair = NULL;
+    size_t key_size = 0;
+    size_t signature_length = 0;
+    psa_key_policy_t policy = {0};
+    int actual_status = PSA_SUCCESS;
+        
+    memset( key, 0x2a, sizeof( key ) );
+ 
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, usage_arg, alg_arg );
+
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
+    switch( usage_arg )
+    {
+        case PSA_KEY_USAGE_EXPORT:
+            keypair = unhexify_alloc( key_hex, &key_size );
+            TEST_ASSERT( keypair != NULL );
+            key_type = PSA_KEY_TYPE_RSA_KEYPAIR;
+            TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 keypair, key_size ) == PSA_SUCCESS );
+            actual_status = psa_asymmetric_sign( key_slot, 
+                            ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0, 
+                            NULL, 0, &signature_length );
+            break;
+        
+        case PSA_KEY_USAGE_SIGN:
+            key_type = PSA_KEY_TYPE_AES;
+            TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, sizeof( key ) ) == PSA_SUCCESS );
+            actual_status = psa_export_key( key_slot, NULL, 0, NULL );
+            break;
+        default:
+            break;
+    }
+
+    TEST_ASSERT( actual_status == expected_status );
+
+exit:
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */

From a59262338a3bd0ff909a9c9df14fa857a2be5945 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 28 Mar 2018 14:16:50 +0200
Subject: [PATCH 043/889] Rename PKCS1V15 to PKCS1V15_SIGN

There's PKCS1V15_CRYPT as well (to be added soon).
---
 include/psa/crypto.h                    | 10 +++++-----
 library/psa_crypto.c                    |  2 +-
 tests/suites/test_suite_psa_crypto.data | 18 +++++++++---------
 3 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index e8b22e0f5..44cc7cc05 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -324,13 +324,13 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_CCM                             ((psa_algorithm_t)0x06000001)
 #define PSA_ALG_GCM                             ((psa_algorithm_t)0x06000002)
 
-#define PSA_ALG_RSA_PKCS1V15_RAW                ((psa_algorithm_t)0x10010000)
+#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW           ((psa_algorithm_t)0x10010000)
 #define PSA_ALG_RSA_PSS_MGF1                    ((psa_algorithm_t)0x10020000)
 #define PSA_ALG_RSA_OAEP                        ((psa_algorithm_t)0x12020000)
-#define PSA_ALG_RSA_PKCS1V15(hash_alg)                                  \
-    (PSA_ALG_RSA_PKCS1V15_RAW | ((hash_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_IS_RSA_PKCS1V15(alg)                                    \
-    (((alg) & 0x7fffff00) == PSA_ALG_RSA_PKCS1V15_RAW)
+#define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg)                             \
+    (PSA_ALG_RSA_PKCS1V15_SIGN_RAW | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)                               \
+    (((alg) & 0x7fffff00) == PSA_ALG_RSA_PKCS1V15_SIGN_RAW)
 #define PSA_ALG_RSA_GET_HASH(alg)                                       \
     (((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH)
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c93da95b9..3ea87f642 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1211,7 +1211,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
         if( signature_size < rsa->len )
             return( PSA_ERROR_BUFFER_TOO_SMALL );
 #if defined(MBEDTLS_PKCS1_V15)
-        if( PSA_ALG_IS_RSA_PKCS1V15( alg ) )
+        if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
         {
             mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
                                      MBEDTLS_MD_NONE );
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 4f4bef14c..2de3df1eb 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -54,32 +54,32 @@ depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
 mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
 
 PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw
-signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_RAW:128
+signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
 
 PSA signature size: RSA public key, 1024 bits, PKCS#1 v1.5 raw
-signature_size:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_RAW:128
+signature_size:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
 
 PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 SHA-256
-signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):128
+signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):128
 
 PSA signature size: RSA keypair, 1024 bits, PSS
 signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PSS_MGF1:128
 
 PSA signature size: RSA keypair, 1023 bits, PKCS#1 v1.5 raw
-signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1023:PSA_ALG_RSA_PKCS1V15_RAW:128
+signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1023:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
 
 PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw
-signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1025:PSA_ALG_RSA_PKCS1V15_RAW:129
+signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1025:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:129
 
 PSA sign RSA PKCS#1 v1.5, raw
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a"
+sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a"
 
 PSA sign RSA PKCS#1 v1.5 SHA-256
-sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
+sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
 
 PSA sign RSA PKCS#1 v1.5 SHA-256, wrong hash size
-sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT
+sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT
 
 PSA sign RSA PKCS#1 v1.5 SHA-256, output buffer too small
-sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL
+sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL

From 6df908f23456dcf1f5c5ecb1cdc3df45035cbc15 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 2 Apr 2018 08:34:15 -0700
Subject: [PATCH 044/889] Add static internal MAC finish function

add new psa_mac_finish_internal() to be called by psa_mac_finish() and
psa_mac_verify() in order to be able to check key usage separatly.
---
 include/psa/crypto.h                        |  4 --
 include/psa/crypto_struct.h                 |  2 +
 library/psa_crypto.c                        | 56 +++++++++++++--------
 tests/suites/test_suite_psa_crypto.data     |  6 +--
 tests/suites/test_suite_psa_crypto.function | 43 ++++++++--------
 5 files changed, 61 insertions(+), 50 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 687a3499f..e8bea076d 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -491,10 +491,6 @@ psa_status_t psa_export_public_key(psa_key_slot_t key,
 /** \brief Encoding of permitted usage on a key. */
 typedef uint32_t psa_key_usage_t;
 
-/** An invalid key usage value.
- * */
-#define PSA_KEY_USAGE_NONE                      ((psa_key_usage_t)0x00000000)
-
 /** Whether the key may be exported.
  *
  * A public key or the public part of a key pair may always be exported
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 898784013..eba4862c6 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -82,6 +82,8 @@ struct psa_mac_operation_s
     int iv_required : 1;
     int iv_set : 1;
     int has_input : 1;
+    int key_usage_sign : 1;
+    int key_usage_verify : 1;
     uint8_t mac_size;
     union
     {
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 9fd0a61e2..2391006f0 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -986,6 +986,12 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
         return( status );
     slot = &global_data.key_slots[key];
 
+    if ( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 )
+        operation->key_usage_sign = 1;
+
+    if ( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 )
+        operation->key_usage_verify = 1;
+
     if( ! PSA_ALG_IS_HMAC( alg ) )
     {
         cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits );
@@ -1084,7 +1090,7 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
     return( mbedtls_to_psa_error( ret ) );
 }
 
-psa_status_t psa_mac_finish( psa_mac_operation_t *operation,
+static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                              uint8_t *mac,
                              size_t mac_size,
                              size_t *mac_length )
@@ -1136,6 +1142,17 @@ psa_status_t psa_mac_finish( psa_mac_operation_t *operation,
     }
 }
 
+psa_status_t psa_mac_finish( psa_mac_operation_t *operation,
+                             uint8_t *mac,
+                             size_t mac_size,
+                             size_t *mac_length )
+{
+    if( !( operation->key_usage_sign ) )
+        return( PSA_ERROR_NOT_PERMITTED );
+
+    return( psa_mac_finish_internal(operation, mac, mac_size, mac_length ) );
+}
+
 #define MBEDTLS_PSA_MAC_MAX_SIZE                       \
     ( MBEDTLS_MD_MAX_SIZE > MBEDTLS_MAX_BLOCK_LENGTH ? \
       MBEDTLS_MD_MAX_SIZE :                            \
@@ -1146,9 +1163,14 @@ psa_status_t psa_mac_verify( psa_mac_operation_t *operation,
 {
     uint8_t actual_mac[MBEDTLS_PSA_MAC_MAX_SIZE];
     size_t actual_mac_length;
-    psa_status_t status = psa_mac_finish( operation,
-                                          actual_mac, sizeof( actual_mac ),
-                                          &actual_mac_length );
+    psa_status_t status;
+
+    if( !( operation->key_usage_verify ) )
+        return( PSA_ERROR_NOT_PERMITTED );
+
+    status = psa_mac_finish_internal( operation,
+                                      actual_mac, sizeof( actual_mac ),
+                                      &actual_mac_length );
     if( status != PSA_SUCCESS )
         return( status );
     if( actual_mac_length != mac_length )
@@ -1272,7 +1294,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
 
 void psa_key_policy_init(psa_key_policy_t *policy)
 {
-    mbedtls_zeroize( policy, sizeof( policy ) );
+    memset( policy, 0, sizeof( psa_key_policy_t ) );
 }
 
 void psa_key_policy_set_usage(psa_key_policy_t *policy,
@@ -1285,19 +1307,18 @@ void psa_key_policy_set_usage(psa_key_policy_t *policy,
 
 psa_key_usage_t psa_key_policy_get_usage(psa_key_policy_t *policy)
 {
-    return policy->usage;
+    return( policy->usage );
 }
 
 psa_algorithm_t psa_key_policy_get_algorithm(psa_key_policy_t *policy)
 {
-    return policy->alg;
+    return( policy->alg );
 }
 
 psa_status_t psa_set_key_policy(psa_key_slot_t key,
                                 const psa_key_policy_t *policy)
 {
     key_slot_t *slot;
-    psa_key_usage_t usage = PSA_KEY_USAGE_NONE;
 
     if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT || policy == NULL )
         return( PSA_ERROR_INVALID_ARGUMENT );
@@ -1306,20 +1327,12 @@ psa_status_t psa_set_key_policy(psa_key_slot_t key,
     if( slot->type != PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_OCCUPIED_SLOT );
 
-    usage |= policy->usage & PSA_KEY_USAGE_EXPORT;
-    usage |= policy->usage & PSA_KEY_USAGE_ENCRYPT;
-    usage |= policy->usage & PSA_KEY_USAGE_DECRYPT;
-    usage |= policy->usage & PSA_KEY_USAGE_SIGN;
-    usage |= policy->usage & PSA_KEY_USAGE_VERIFY;
-
-    if( usage == PSA_KEY_USAGE_NONE )
-    {
+    if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT 
+                        | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN 
+                        | PSA_KEY_USAGE_VERIFY ) ) != 0 )
         return( PSA_ERROR_INVALID_KEY_POLICY );
-    }
 
-    //TODO: is there any check over the algorithm before setting the policy?
-    slot->policy.usage = policy->usage;
-    slot->policy.alg = policy->alg;
+    slot->policy = *policy;
 
     return( PSA_SUCCESS );
 }
@@ -1336,8 +1349,7 @@ psa_status_t psa_get_key_policy(psa_key_slot_t key,
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
     
-    policy->usage = slot->policy.usage;
-    policy->alg = slot->policy.alg;
+    *policy = slot->policy;
 
     return( PSA_SUCCESS );
 }
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 2c2be2116..da01e2381 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -87,8 +87,8 @@ sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5
 PSA Key Policy set and get
 key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE
 
-PSA Key Policy enforcment - export
+PSA Key Policy enforcement - export
 key_policy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
 
-PSA Key Policy enforcment - sign
-key_policy_fail:PSA_KEY_USAGE_SIGN:PSA_ALG_CBC_BASE:PSA_ERROR_NOT_PERMITTED:""
+PSA Key Policy enforcement - sign
+key_policy_fail:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index b0cfe20bb..bda2e7cea 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -221,6 +221,7 @@ void mac_verify( int key_type_arg, char *key_hex,
     unsigned char *expected_mac = NULL;
     size_t expected_mac_size;
     psa_mac_operation_t operation;
+    psa_key_policy_t policy;
 
     key = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key != NULL );
@@ -236,6 +237,12 @@ void mac_verify( int key_type_arg, char *key_hex,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg_arg );
+
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key, key_size ) == PSA_SUCCESS );
     // TODO: support IV
@@ -427,7 +434,6 @@ exit:
 void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key_hex )
 {
     int key_slot = 1;
-    psa_key_type_t key_type = PSA_KEY_TYPE_AES;
     unsigned char key[32] = {0};
     unsigned char* keypair = NULL;
     size_t key_size = 0;
@@ -445,27 +451,22 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key
 
     TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
 
-    switch( usage_arg )
+    if( usage_arg & PSA_KEY_USAGE_EXPORT )
     {
-        case PSA_KEY_USAGE_EXPORT:
-            keypair = unhexify_alloc( key_hex, &key_size );
-            TEST_ASSERT( keypair != NULL );
-            key_type = PSA_KEY_TYPE_RSA_KEYPAIR;
-            TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 keypair, key_size ) == PSA_SUCCESS );
-            actual_status = psa_asymmetric_sign( key_slot, 
-                            ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0, 
-                            NULL, 0, &signature_length );
-            break;
-        
-        case PSA_KEY_USAGE_SIGN:
-            key_type = PSA_KEY_TYPE_AES;
-            TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, sizeof( key ) ) == PSA_SUCCESS );
-            actual_status = psa_export_key( key_slot, NULL, 0, NULL );
-            break;
-        default:
-            break;
+        keypair = unhexify_alloc( key_hex, &key_size );
+        TEST_ASSERT( keypair != NULL );
+        TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
+                                keypair, key_size ) == PSA_SUCCESS );
+        actual_status = psa_asymmetric_sign( key_slot, 
+                        ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0, 
+                        NULL, 0, &signature_length );
+    }
+    
+    if( usage_arg & PSA_KEY_USAGE_SIGN )
+    {
+        TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
+                                key, sizeof( key ) ) == PSA_SUCCESS );
+        actual_status = psa_export_key( key_slot, NULL, 0, NULL );
     }
 
     TEST_ASSERT( actual_status == expected_status );

From 9a1ba0dd3f8b95cf17f46331257dd2bc0ac7d0d5 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 21 Mar 2018 20:49:16 +0100
Subject: [PATCH 045/889] Typo in the documentation of psa_get_key_information

---
 include/psa/crypto.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 04e6b4796..e8b22e0f5 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -392,7 +392,7 @@ psa_status_t psa_destroy_key(psa_key_slot_t key);
  *                      This may be a null pointer, in which case the key type
  *                      is not written.
  * \param bits          On success, the key size in bits.
- *                      This may be a null pointer, in which case the key type
+ *                      This may be a null pointer, in which case the key size
  *                      is not written.
  *
  * \retval PSA_SUCCESS

From 8484565f856c2722bfaae27bb546eda5928bbefc Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 28 Mar 2018 14:17:40 +0200
Subject: [PATCH 046/889] Minor errors in documentation around asymmetric
 signature

---
 include/psa/crypto.h | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 44cc7cc05..d4ebcba23 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1238,7 +1238,7 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation);
 #define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg)        \
     (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \
      PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \
-     0)
+     ((void)alg, 0))
 
 /**
  * \brief Sign a hash or short message with a private key.
@@ -1261,8 +1261,6 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation);
  * \param signature_size    Size of the \c signature buffer in bytes.
  * \param signature_length  On success, the number of bytes
  *                          that make up the returned signature value.
- *                          This is at most #PSA_HASH_FINAL_SIZE(alg)
- *                          (note that it may be less).
  *
  * \retval PSA_SUCCESS
  * \retval PSA_ERROR_BUFFER_TOO_SMALL

From d926b880852490f791f75e6e161f6ad9c4fbc2bd Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 16 Apr 2018 01:53:20 -0700
Subject: [PATCH 047/889] Fix Policy enforcement sign test

Fix Policy sign scenario for enforcement test
---
 tests/suites/test_suite_psa_crypto.function | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index bda2e7cea..ae5401a1c 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -434,14 +434,11 @@ exit:
 void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key_hex )
 {
     int key_slot = 1;
-    unsigned char key[32] = {0};
     unsigned char* keypair = NULL;
     size_t key_size = 0;
     size_t signature_length = 0;
     psa_key_policy_t policy = {0};
     int actual_status = PSA_SUCCESS;
-        
-    memset( key, 0x2a, sizeof( key ) );
  
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -464,8 +461,10 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key
     
     if( usage_arg & PSA_KEY_USAGE_SIGN )
     {
+        keypair = unhexify_alloc( key_hex, &key_size );
+        TEST_ASSERT( keypair != NULL );
         TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
-                                key, sizeof( key ) ) == PSA_SUCCESS );
+                                keypair, key_size ) == PSA_SUCCESS );
         actual_status = psa_export_key( key_slot, NULL, 0, NULL );
     }
 
@@ -473,6 +472,7 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key
 
 exit:
     psa_destroy_key( key_slot );
+    mbedtls_free( keypair );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */

From 9673cc8255fe01dc0bab2685ca4f120efc317279 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 11 Apr 2018 16:57:49 +0200
Subject: [PATCH 048/889] Define PSA_ALG_RSA_OAEP_MGF1(hash)

---
 include/psa/crypto.h | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index f5db4d26b..f25837bfd 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -331,7 +331,11 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg)                             \
     (PSA_ALG_RSA_PKCS1V15_SIGN_RAW | ((hash_alg) & PSA_ALG_HASH_MASK))
 #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)                               \
-    (((alg) & 0x7fffff00) == PSA_ALG_RSA_PKCS1V15_SIGN_RAW)
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_RAW)
+#define PSA_ALG_RSA_OAEP_MGF1(hash_alg)                             \
+    (PSA_ALG_RSA_OAEP_MGF1_RAW | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_IS_RSA_OAEP_MGF1(alg)                               \
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_MGF1_RAW)
 #define PSA_ALG_RSA_GET_HASH(alg)                                       \
     (((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH)
 

From 058e0b99631b4279a9f939c2773ee10beb197c73 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 22 Mar 2018 16:20:19 +0100
Subject: [PATCH 049/889] Avoid empty unions

When no algorithms are present in a category (e.g. no AEAD algorithm),
the union in the corresponding operation structure was empty, which is
not valid C. Add a dummy field to avoid this.
---
 include/psa/crypto_struct.h | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index c0a673860..898784013 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -50,6 +50,7 @@ struct psa_hash_operation_s
     psa_algorithm_t alg;
     union
     {
+        unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
 #if defined(MBEDTLS_MD2_C)
         mbedtls_md2_context md2;
 #endif
@@ -84,6 +85,7 @@ struct psa_mac_operation_s
     uint8_t mac_size;
     union
     {
+        unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
 #if defined(MBEDTLS_MD_C)
         mbedtls_md_context_t hmac;
 #endif
@@ -102,6 +104,7 @@ struct psa_cipher_operation_s
     uint8_t block_size;
     union
     {
+        unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
     } ctx;
 };
 
@@ -115,6 +118,7 @@ struct psa_aead_operation_s
     uint8_t block_size;
     union
     {
+        unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
     } ctx;
 };
 

From 6944f9a831d0c2a3c7acd4757311f8ad1beac427 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 28 Mar 2018 14:18:39 +0200
Subject: [PATCH 050/889] New functions: asymmetric encrypt/decrypt

---
 include/psa/crypto.h | 111 ++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 110 insertions(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index d4ebcba23..d9c8fed6e 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -326,7 +326,8 @@ typedef uint32_t psa_algorithm_t;
 
 #define PSA_ALG_RSA_PKCS1V15_SIGN_RAW           ((psa_algorithm_t)0x10010000)
 #define PSA_ALG_RSA_PSS_MGF1                    ((psa_algorithm_t)0x10020000)
-#define PSA_ALG_RSA_OAEP                        ((psa_algorithm_t)0x12020000)
+#define PSA_ALG_RSA_PKCS1V15_CRYPT              ((psa_algorithm_t)0x12010000)
+#define PSA_ALG_RSA_OAEP_MGF1_BASE              ((psa_algorithm_t)0x12020000)
 #define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg)                             \
     (PSA_ALG_RSA_PKCS1V15_SIGN_RAW | ((hash_alg) & PSA_ALG_HASH_MASK))
 #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)                               \
@@ -1329,6 +1330,114 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
                                    uint8_t *signature,
                                    size_t signature_size);
 
+#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg)     \
+    (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \
+     ((void)alg, 0))
+#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \
+    PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg)
+
+/**
+ * \brief Encrypt a short message with a public key.
+ *
+ * \param key               Key slot containing a public key or an asymmetric
+ *                          key pair.
+ * \param alg               An asymmetric encryption algorithm that is
+ *                          compatible with the type of \c key.
+ * \param input             The message to encrypt.
+ * \param input_length      Size of the \c input buffer in bytes.
+ * \param salt              A salt or label, if supported by the encryption
+ *                          algorithm.
+ *                          If the algorithm does not support a
+ *                          salt, pass \c NULL.
+ *                          If the algorithm supports an optional
+ *                          salt and you do not want to pass a salt,
+ *                          pass \c NULL.
+ *
+ *                          - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
+ *                            supported.
+ * \param salt_length       Size of the \c salt buffer in bytes.
+ *                          If \c salt is \c NULL, pass 0.
+ * \param output            Buffer where the encrypted message is to be written.
+ * \param output_size       Size of the \c output buffer in bytes.
+ * \param output_length     On success, the number of bytes
+ *                          that make up the returned output.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \c output buffer is too small. You can
+ *         determine a sufficient buffer size by calling
+ *         #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg)
+ *         where \c key_type and \c key_bits are the type and bit-size
+ *         respectively of \c key.
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ * \retval PSA_ERROR_INVALID_ARGUMENT
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval PSA_ERROR_INSUFFICIENT_ENTROPY
+ */
+psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
+                                    psa_algorithm_t alg,
+                                    const uint8_t *input,
+                                    size_t input_length,
+                                    const uint8_t *salt,
+                                    size_t salt_length,
+                                    uint8_t *output,
+                                    size_t output_size,
+                                    size_t *output_length);
+
+/**
+ * \brief Decrypt a short message with a private key.
+ *
+ * \param key               Key slot containing an asymmetric key pair.
+ * \param alg               An asymmetric encryption algorithm that is
+ *                          compatible with the type of \c key.
+ * \param input             The message to decrypt.
+ * \param input_length      Size of the \c input buffer in bytes.
+ * \param salt              A salt or label, if supported by the encryption
+ *                          algorithm.
+ *                          If the algorithm does not support a
+ *                          salt, pass \c NULL.
+ *                          If the algorithm supports an optional
+ *                          salt and you do not want to pass a salt,
+ *                          pass \c NULL.
+ *
+ *                          - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
+ *                            supported.
+ * \param salt_length       Size of the \c salt buffer in bytes.
+ *                          If \c salt is \c NULL, pass 0.
+ * \param output            Buffer where the encrypted message is to be written.
+ * \param output_size       Size of the \c output buffer in bytes.
+ * \param output_length     On success, the number of bytes
+ *                          that make up the returned output.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \c output buffer is too small. You can
+ *         determine a sufficient buffer size by calling
+ *         #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg)
+ *         where \c key_type and \c key_bits are the type and bit-size
+ *         respectively of \c key.
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ * \retval PSA_ERROR_INVALID_ARGUMENT
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval PSA_ERROR_INVALID_PADDING
+ */
+psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
+                                    psa_algorithm_t alg,
+                                    const uint8_t *input,
+                                    size_t input_length,
+                                    const uint8_t *salt,
+                                    size_t salt_length,
+                                    uint8_t *output,
+                                    size_t output_size,
+                                    size_t *output_length);
+
 /**@}*/
 
 #ifdef __cplusplus

From 5feda72d7a4c3773833d46c1ea6268a5e00ff8be Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 16 Apr 2018 04:38:57 -0700
Subject: [PATCH 051/889] Remove usage of PSA_ERROR_INVALID_KEY_POLICY

use PSA_ERROR_INVALID_ARGUMENT instead of INVALID_KEY_POLICY error
---
 include/psa/crypto.h | 2 --
 library/psa_crypto.c | 2 +-
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index e8bea076d..e8b22e0f5 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -89,8 +89,6 @@ typedef enum {
     PSA_ERROR_INVALID_SIGNATURE,
     /** The decrypted padding is incorrect. */
     PSA_ERROR_INVALID_PADDING,
-    /** The key policy is incorrect. */
-    PSA_ERROR_INVALID_KEY_POLICY,
     /** An error occurred that does not correspond to any defined
         failure cause. */
     PSA_ERROR_UNKNOWN_ERROR,
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 2391006f0..c516e38af 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1330,7 +1330,7 @@ psa_status_t psa_set_key_policy(psa_key_slot_t key,
     if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT 
                         | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN 
                         | PSA_KEY_USAGE_VERIFY ) ) != 0 )
-        return( PSA_ERROR_INVALID_KEY_POLICY );
+        return( PSA_ERROR_INVALID_ARGUMENT );
 
     slot->policy = *policy;
 

From 06297936f23c2d025cfd39ed66e91802330d00e1 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 11 Apr 2018 16:58:22 +0200
Subject: [PATCH 052/889] More precise bounds for
 PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE

---
 include/psa/crypto.h | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index f25837bfd..1a2a7411d 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1335,10 +1335,15 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
                                    size_t signature_size);
 
 #define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg)     \
-    (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \
-     ((void)alg, 0))
+    (PSA_KEY_TYPE_IS_RSA(key_type) ?                                    \
+     ((void)alg, PSA_BITS_TO_BYTES(key_bits)) :                         \
+     0)
 #define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \
-    PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg)
+    (PSA_KEY_TYPE_IS_RSA(key_type) ?                                    \
+     PSA_BITS_TO_BYTES(key_bits) - ((alg) == PSA_ALG_IS_RSA_OAEP_MGF1 ? \
+                                    2 * (PSA_ALG_RSA_GET_HASH(alg) + 1) : \
+                                    11 /*PKCS#1v1.5*/) :                \
+     0)
 
 /**
  * \brief Encrypt a short message with a public key.

From 9e7dc717b05296f4459c173d85b32f316167355e Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 28 Mar 2018 14:18:50 +0200
Subject: [PATCH 053/889] New function: generate key/random

---
 include/psa/crypto.h | 65 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 65 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index d9c8fed6e..3835ce46d 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1440,6 +1440,71 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
 
 /**@}*/
 
+/** \defgroup generation Key generation
+ * @{
+ */
+
+/**
+ * \brief Generate random bytes.
+ *
+ * \warning This function **can** fail! Callers MUST check the return status
+ *          and MUST NOT use the content of the output buffer if the return
+ *          status is not #PSA_SUCCESS.
+ *
+ * \note    To generate a key, use psa_generate_key() instead.
+ *
+ * \param output            Output buffer for the generated data.
+ * \param output_size       Number of bytes to generate and output.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ * \retval PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_generate_random(uint8_t *output,
+                                 size_t output_size);
+
+/**
+ * \brief Generate a key or key pair.
+ *
+ * \param key         Slot where the key will be stored. This must be a
+ *                    valid slot for a key of the chosen type. It must
+ *                    be unoccupied.
+ * \param type        Key type (a \c PSA_KEY_TYPE_XXX value).
+ * \param bits        Key size in bits.
+ * \param parameters  Extra parameters for key generation. The interpretation
+ *                    of this parameter depends on \c type. All types support
+ *                    \c NULL to use default parameters specified below.
+ *
+ * For any symmetric key type (type such that
+ * `PSA_KEY_TYPE_IS_ASYMMETRIC(type)` is false), \c parameters must be
+ * \c NULL. For asymmetric key types defined by this specification,
+ * the parameter type and the default parameters are defined by the
+ * table below. For vendor-defined key types, the vendor documentation
+ * shall define the parameter type and the default parameters.
+ *
+ * Type | Parameter type | Default parameters
+ * ---- | -------------- | ------------------
+ * `PSA_KEY_TYPE_RSA_KEYPAIR` | `unsigned int` | 65537
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ * \retval PSA_ERROR_INVALID_ARGUMENT
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_generate_key(psa_key_slot_t key,
+                              psa_key_type_t type,
+                              size_t bits,
+                              const void *parameters);
+
+/**@}*/
+
 #ifdef __cplusplus
 }
 #endif

From 38a622b68ba4734b5b7c5c4da3b6c193c5d7dee4 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Tue, 17 Apr 2018 03:27:53 -0700
Subject: [PATCH 054/889] Function psa_get_key_policy() now return policy value
 for empty slots

Function psa_get_key_policy() now return policy value for empty slots
---
 library/psa_crypto.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c516e38af..a25362224 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1346,8 +1346,6 @@ psa_status_t psa_get_key_policy(psa_key_slot_t key,
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     slot = &global_data.key_slots[key];
-    if( slot->type == PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_EMPTY_SLOT );
     
     *policy = slot->policy;
 

From 47c1bc0458dd91644a59f05d249d111d842d5802 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 20 Mar 2018 17:55:04 +0100
Subject: [PATCH 055/889] Correct some return codes

---
 library/psa_crypto.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 81da8cef0..c93da95b9 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -588,7 +588,7 @@ static psa_algorithm_t mbedtls_md_alg_to_psa( mbedtls_md_type_t md_alg )
         case MBEDTLS_MD_RIPEMD160:
             return( PSA_ALG_RIPEMD160 );
         default:
-            return( MBEDTLS_MD_NOT_SUPPORTED );
+            return( 0 );
     }
 }
 #endif
@@ -1039,7 +1039,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
         return( mbedtls_to_psa_error( ret ) );
     }
     operation->key_set = 1;
-    return( 0 );
+    return( PSA_SUCCESS );
 }
 
 psa_status_t psa_mac_update( psa_mac_operation_t *operation,

From f48af7fe7677bf6e30baa7ef73cc64e8b4c4f2f4 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 28 Mar 2018 18:44:14 +0200
Subject: [PATCH 056/889] psa_generate_key: specify what the extra parameters
 mean

---
 include/psa/crypto.h | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 3835ce46d..f5db4d26b 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1407,7 +1407,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
  *                            supported.
  * \param salt_length       Size of the \c salt buffer in bytes.
  *                          If \c salt is \c NULL, pass 0.
- * \param output            Buffer where the encrypted message is to be written.
+ * \param output            Buffer where the decrypted message is to be written.
  * \param output_size       Size of the \c output buffer in bytes.
  * \param output_length     On success, the number of bytes
  *                          that make up the returned output.
@@ -1485,9 +1485,9 @@ psa_status_t psa_generate_random(uint8_t *output,
  * table below. For vendor-defined key types, the vendor documentation
  * shall define the parameter type and the default parameters.
  *
- * Type | Parameter type | Default parameters
- * ---- | -------------- | ------------------
- * `PSA_KEY_TYPE_RSA_KEYPAIR` | `unsigned int` | 65537
+ * Type | Parameter type | Meaning | Parameters used if `parameters == NULL`
+ * ---- | -------------- | ------- | ---------------------------------------
+ * `PSA_KEY_TYPE_RSA_KEYPAIR` | `unsigned int` | Public exponent | 65537
  *
  * \retval PSA_SUCCESS
  * \retval PSA_ERROR_NOT_SUPPORTED

From 804cd71bf8b5d01c1caaea1a482a7b50cf035104 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Tue, 20 Mar 2018 22:44:08 +0200
Subject: [PATCH 057/889] initial key lifetime implementation and tests

---
 include/psa/crypto.h                        | 41 +++++++++++--
 library/psa_crypto.c                        | 49 ++++++++++++++++
 tests/suites/test_suite_psa_crypto.data     | 21 +++++++
 tests/suites/test_suite_psa_crypto.function | 65 +++++++++++++++++++++
 4 files changed, 172 insertions(+), 4 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 04e6b4796..6caa62abf 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -89,6 +89,10 @@ typedef enum {
     PSA_ERROR_INVALID_SIGNATURE,
     /** The decrypted padding is incorrect. */
     PSA_ERROR_INVALID_PADDING,
+    /** The key lifetime value is incorrect. */
+    PSA_ERROR_INVALID_LIFETIME,
+    /** The key lifetime can not be changed. */
+    PSA_ERROR_KEY_LIFETIME_CHANGE,
     /** An error occurred that does not correspond to any defined
         failure cause. */
     PSA_ERROR_UNKNOWN_ERROR,
@@ -596,18 +600,47 @@ typedef uint32_t psa_key_lifetime_t;
 /** \brief Retrieve the lifetime of a key slot.
  *
  * The assignment of lifetimes to slots is implementation-dependent.
+ * 
+ * \param key           Slot whose content is to be exported. This must
+ *                      be an occupied key slot.
+ * \param lifetime      On success, the lifetime value.
+ * 
+ * \retval PSA_SUCCESS
+ *         Success.
+ * \retval PSA_ERROR_INVALID_ARGUMENT
+ *         The key slot is invalid,
+ *         or the key data is not correctly formatted.
+ * \retval PSA_ERROR_EMPTY_SLOT
+ *         The key slot is not occupied.         
  */
 psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
                                   psa_key_lifetime_t *lifetime);
 
 /** \brief Change the lifetime of a key slot.
+ * 
+ * \note   In case a key slot has PSA_KEY_LIFETIME_WRITE_ONCE lifetime, 
+ *         it can not be changed and trying to set new value will return
+ *         an error
  *
- * Whether the lifetime of a key slot can be changed at all, and if so
- * whether the lifetime of an occupied key slot can be changed, is
- * implementation-dependent.
+ * \param key           Slot whose content is to be exported. This must
+ *                      be an occupied key slot.
+ * \param lifetime      The lifetime value to be set for the given key.
+ * 
+ * \retval PSA_SUCCESS
+ *         Success.
+ * \retval PSA_ERROR_INVALID_ARGUMENT
+ *         The key slot is invalid,
+ *         or the key data is not correctly formatted.
+ * \retval PSA_ERROR_EMPTY_SLOT
+ *         The key slot is not occupied.
+ * \retval PSA_ERROR_INVALID_LIFETIME
+ *         The lifetime value is not valid.
+ * \retval PSA_ERROR_KEY_LIFETIME_CHANGE
+ *         The key slot already has PSA_KEY_LIFETIME_WRITE_ONCE value,
+ *         and can not be changed.
  */
 psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
-                                  const psa_key_lifetime_t *lifetime);
+                                  const psa_key_lifetime_t lifetime);
 
 /**@}*/
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c93da95b9..5ba60e1ae 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -96,6 +96,7 @@ static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n )
 
 typedef struct {
     psa_key_type_t type;
+    psa_key_lifetime_t lifetime;
     union {
         struct raw_data {
             uint8_t *data;
@@ -362,6 +363,7 @@ psa_status_t psa_import_key(psa_key_slot_t key,
     }
 
     slot->type = type;
+    slot->lifetime = 0;
     return( PSA_SUCCESS );
 }
 
@@ -1260,6 +1262,53 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
 }
 
 
+/****************************************************************/
+/* Key Lifetime */
+/****************************************************************/
+
+psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
+                                  psa_key_lifetime_t *lifetime)
+{
+    key_slot_t *slot;
+
+    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    slot = &global_data.key_slots[key];
+
+    if( slot->type == PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_EMPTY_SLOT );
+    
+    *lifetime = slot->lifetime;
+
+    return( PSA_SUCCESS );
+}
+
+psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
+                                  const psa_key_lifetime_t lifetime)
+{
+    key_slot_t *slot;
+
+    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    slot = &global_data.key_slots[key];
+    if( slot->type == PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_EMPTY_SLOT );
+
+    if( lifetime != PSA_KEY_LIFETIME_VOLATILE && 
+        lifetime != PSA_KEY_LIFETIME_PERSISTENT && 
+        lifetime != PSA_KEY_LIFETIME_WRITE_ONCE)
+        return( PSA_ERROR_INVALID_LIFETIME );
+
+    if ( slot->lifetime == PSA_KEY_LIFETIME_WRITE_ONCE )
+        return( PSA_ERROR_KEY_LIFETIME_CHANGE );
+        
+    slot->lifetime = liftime;
+
+    return( PSA_SUCCESS );
+}
+
 
 /****************************************************************/
 /* Module setup */
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 4f4bef14c..9611c3248 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -83,3 +83,24 @@ sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5
 
 PSA sign RSA PKCS#1 v1.5 SHA-256, output buffer too small
 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA Key Lifetime set and get volatile
+key_lifetime:PSA_KEY_LIFETIME_VOLATILE
+
+PSA Key Lifetime set and get persistent
+key_lifetime:PSA_KEY_LIFETIME_PERSISTENT
+
+PSA Key Lifetime set and get write_once
+key_lifetime:PSA_KEY_LIFETIME_WRITE_ONCE
+
+PSA Key Lifetime set fail, invalid key slot
+key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+PSA Key Lifetime set fail, unoccupied key slot
+key_lifetime_set_fail:2:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_EMPTY_SLOT
+
+PSA Key Lifetime set fail, can not change write_once lifetime
+key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_KEY_LIFETIME_CHANGE
+
+PSA Key Lifetime set fail, invalid key lifetime value
+key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_LIFETIME
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 93817948c..d8dddff2c 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -360,3 +360,68 @@ exit:
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void key_lifetime( int lifetime_arg )
+{
+    int key_slot = 1;
+    psa_key_type_t key_type = PSA_ALG_CBC_BASE;
+    unsigned char key[32] = {0};
+    psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
+    psa_key_lifetime_t lifetime_get;
+
+    TEST_ASSERT( key != NULL );
+
+    memset( key, 0x2a, sizeof( key ) );
+ 
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, sizeof( key ) ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_set_key_lifetime( key_slot, lifetime_set ));
+    
+    TEST_ASSERT( psa_get_key_lifetime( key_slot, &lifetime_get ));
+
+    TEST_ASSERT( lifetime_get == lifetime_set ); 
+
+exit:
+    mbedtls_free( key );
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+
+/* BEGIN_CASE */
+void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_status_arg )
+{
+    int key_slot = 1;
+    psa_key_type_t key_type = PSA_ALG_CBC_BASE;
+    unsigned char key[32] = {0};
+    psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
+    psa_status_t actual_status;
+    psa_status_t expected_status = expected_status_arg;
+
+    TEST_ASSERT( key != NULL );
+
+    memset( key, 0x2a, sizeof( key ) );
+ 
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, sizeof( key ) ) == PSA_SUCCESS );
+
+    actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set );
+
+    if( actual_status == PSA_SUCCESS )
+        actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set );
+    
+    TEST_ASSERT( expected_status == actual_status );
+
+exit:
+    mbedtls_free( key );
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */

From 060ad8ac345b62c2b733345a575df22ccac3eb0e Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Tue, 20 Mar 2018 14:28:38 -0700
Subject: [PATCH 058/889] Compilation and tests fixes

---
 library/psa_crypto.c                        |  2 +-
 tests/suites/test_suite_psa_crypto.function | 12 ++++--------
 2 files changed, 5 insertions(+), 9 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 5ba60e1ae..329ee3dc5 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1304,7 +1304,7 @@ psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
     if ( slot->lifetime == PSA_KEY_LIFETIME_WRITE_ONCE )
         return( PSA_ERROR_KEY_LIFETIME_CHANGE );
         
-    slot->lifetime = liftime;
+    slot->lifetime = lifetime;
 
     return( PSA_SUCCESS );
 }
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index d8dddff2c..b4bf66060 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -370,8 +370,6 @@ void key_lifetime( int lifetime_arg )
     psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
     psa_key_lifetime_t lifetime_get;
 
-    TEST_ASSERT( key != NULL );
-
     memset( key, 0x2a, sizeof( key ) );
  
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
@@ -379,14 +377,15 @@ void key_lifetime( int lifetime_arg )
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key, sizeof( key ) ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_set_key_lifetime( key_slot, lifetime_set ));
+    TEST_ASSERT( psa_set_key_lifetime( key_slot, 
+								 lifetime_set ) == PSA_SUCCESS );
     
-    TEST_ASSERT( psa_get_key_lifetime( key_slot, &lifetime_get ));
+    TEST_ASSERT( psa_get_key_lifetime( key_slot, 
+								 &lifetime_get ) == PSA_SUCCESS );
 
     TEST_ASSERT( lifetime_get == lifetime_set ); 
 
 exit:
-    mbedtls_free( key );
     psa_destroy_key( key_slot );
     mbedtls_psa_crypto_free( );
 }
@@ -403,8 +402,6 @@ void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_sta
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
 
-    TEST_ASSERT( key != NULL );
-
     memset( key, 0x2a, sizeof( key ) );
  
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
@@ -420,7 +417,6 @@ void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_sta
     TEST_ASSERT( expected_status == actual_status );
 
 exit:
-    mbedtls_free( key );
     psa_destroy_key( key_slot );
     mbedtls_psa_crypto_free( );
 }

From ba178511f4e82ee066b66f7a4a63d862f308dc27 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 21 Mar 2018 04:35:20 -0700
Subject: [PATCH 059/889] Remove unused and duplicated erros, fix documentation
 and tests

Remove unused and duplicated erros, fix documentation and tests
---
 include/psa/crypto.h                        | 24 ++++++++-------------
 library/psa_crypto.c                        | 15 ++++++-------
 tests/suites/test_suite_psa_crypto.data     | 10 ++-------
 tests/suites/test_suite_psa_crypto.function |  4 ++--
 4 files changed, 20 insertions(+), 33 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 6caa62abf..6675ba45f 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -89,10 +89,6 @@ typedef enum {
     PSA_ERROR_INVALID_SIGNATURE,
     /** The decrypted padding is incorrect. */
     PSA_ERROR_INVALID_PADDING,
-    /** The key lifetime value is incorrect. */
-    PSA_ERROR_INVALID_LIFETIME,
-    /** The key lifetime can not be changed. */
-    PSA_ERROR_KEY_LIFETIME_CHANGE,
     /** An error occurred that does not correspond to any defined
         failure cause. */
     PSA_ERROR_UNKNOWN_ERROR,
@@ -582,15 +578,19 @@ psa_status_t psa_get_key_policy(psa_key_slot_t key,
  */
 typedef uint32_t psa_key_lifetime_t;
 
+/** An invalid key lifetime value.
+ */
+#define PSA_KEY_LIFETIME_NONE               ((psa_key_lifetime_t)0x00000000)
+
 /** A volatile key slot retains its content as long as the application is
  * running. It is guaranteed to be erased on a power reset.
  */
-#define PSA_KEY_LIFETIME_VOLATILE               ((psa_key_lifetime_t)0x00000000)
+#define PSA_KEY_LIFETIME_VOLATILE               ((psa_key_lifetime_t)0x00000001)
 
 /** A persistent key slot retains its content as long as it is not explicitly
  * destroyed.
  */
-#define PSA_KEY_LIFETIME_PERSISTENT             ((psa_key_lifetime_t)0x00000001)
+#define PSA_KEY_LIFETIME_PERSISTENT             ((psa_key_lifetime_t)0x00000002)
 
 /** A write-once key slot may not be modified once a key has been set.
  * It will retain its content as long as the device remains operational.
@@ -617,11 +617,10 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
                                   psa_key_lifetime_t *lifetime);
 
 /** \brief Change the lifetime of a key slot.
+ * Whether the lifetime of a key slot can be changed at all, and if so
+ * whether the lifetime of an occupied key slot can be changed, is
+ * implementation-dependent.
  * 
- * \note   In case a key slot has PSA_KEY_LIFETIME_WRITE_ONCE lifetime, 
- *         it can not be changed and trying to set new value will return
- *         an error
- *
  * \param key           Slot whose content is to be exported. This must
  *                      be an occupied key slot.
  * \param lifetime      The lifetime value to be set for the given key.
@@ -633,11 +632,6 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
  *         or the key data is not correctly formatted.
  * \retval PSA_ERROR_EMPTY_SLOT
  *         The key slot is not occupied.
- * \retval PSA_ERROR_INVALID_LIFETIME
- *         The lifetime value is not valid.
- * \retval PSA_ERROR_KEY_LIFETIME_CHANGE
- *         The key slot already has PSA_KEY_LIFETIME_WRITE_ONCE value,
- *         and can not be changed.
  */
 psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
                                   const psa_key_lifetime_t lifetime);
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 329ee3dc5..bdb47d249 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -363,7 +363,6 @@ psa_status_t psa_import_key(psa_key_slot_t key,
     }
 
     slot->type = type;
-    slot->lifetime = 0;
     return( PSA_SUCCESS );
 }
 
@@ -1292,17 +1291,17 @@ psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
     if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
+    if( lifetime != PSA_KEY_LIFETIME_VOLATILE && 
+        lifetime != PSA_KEY_LIFETIME_PERSISTENT && 
+        lifetime != PSA_KEY_LIFETIME_WRITE_ONCE)
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
 
-    if( lifetime != PSA_KEY_LIFETIME_VOLATILE && 
-        lifetime != PSA_KEY_LIFETIME_PERSISTENT && 
-        lifetime != PSA_KEY_LIFETIME_WRITE_ONCE)
-        return( PSA_ERROR_INVALID_LIFETIME );
-
-    if ( slot->lifetime == PSA_KEY_LIFETIME_WRITE_ONCE )
-        return( PSA_ERROR_KEY_LIFETIME_CHANGE );
+    if ( lifetime != PSA_KEY_LIFETIME_VOLATILE )
+        return( PSA_ERROR_NOT_SUPPORTED );
         
     slot->lifetime = lifetime;
 
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 9611c3248..be31c39bd 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -87,12 +87,6 @@ sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5
 PSA Key Lifetime set and get volatile
 key_lifetime:PSA_KEY_LIFETIME_VOLATILE
 
-PSA Key Lifetime set and get persistent
-key_lifetime:PSA_KEY_LIFETIME_PERSISTENT
-
-PSA Key Lifetime set and get write_once
-key_lifetime:PSA_KEY_LIFETIME_WRITE_ONCE
-
 PSA Key Lifetime set fail, invalid key slot
 key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
 
@@ -100,7 +94,7 @@ PSA Key Lifetime set fail, unoccupied key slot
 key_lifetime_set_fail:2:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_EMPTY_SLOT
 
 PSA Key Lifetime set fail, can not change write_once lifetime
-key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_KEY_LIFETIME_CHANGE
+key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED
 
 PSA Key Lifetime set fail, invalid key lifetime value
-key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_LIFETIME
+key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index b4bf66060..7cb38d986 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -378,10 +378,10 @@ void key_lifetime( int lifetime_arg )
                                  key, sizeof( key ) ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_set_key_lifetime( key_slot, 
-								 lifetime_set ) == PSA_SUCCESS );
+                                 lifetime_set ) == PSA_SUCCESS );
     
     TEST_ASSERT( psa_get_key_lifetime( key_slot, 
-								 &lifetime_get ) == PSA_SUCCESS );
+                                 &lifetime_get ) == PSA_SUCCESS );
 
     TEST_ASSERT( lifetime_get == lifetime_set ); 
 

From 5d7ec2033dc7c35e669bda2a54520788e2c034ad Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 28 Mar 2018 01:29:41 +0300
Subject: [PATCH 060/889] fix key lifetime set implementation , tests
 accordingly

---
 library/psa_crypto.c                        |  4 ++--
 tests/suites/test_suite_psa_crypto.data     |  3 ---
 tests/suites/test_suite_psa_crypto.function | 13 +++----------
 3 files changed, 5 insertions(+), 15 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index bdb47d249..152fb17bf 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1297,8 +1297,8 @@ psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     slot = &global_data.key_slots[key];
-    if( slot->type == PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_EMPTY_SLOT );
+    if( slot->type != PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_OCCUPIED_SLOT );
 
     if ( lifetime != PSA_KEY_LIFETIME_VOLATILE )
         return( PSA_ERROR_NOT_SUPPORTED );
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index be31c39bd..6fd66ee2a 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -90,9 +90,6 @@ key_lifetime:PSA_KEY_LIFETIME_VOLATILE
 PSA Key Lifetime set fail, invalid key slot
 key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
 
-PSA Key Lifetime set fail, unoccupied key slot
-key_lifetime_set_fail:2:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_EMPTY_SLOT
-
 PSA Key Lifetime set fail, can not change write_once lifetime
 key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED
 
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 7cb38d986..c1bbe17ee 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -374,11 +374,11 @@ void key_lifetime( int lifetime_arg )
  
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, sizeof( key ) ) == PSA_SUCCESS );
-
     TEST_ASSERT( psa_set_key_lifetime( key_slot, 
                                  lifetime_set ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, sizeof( key ) ) == PSA_SUCCESS );
     
     TEST_ASSERT( psa_get_key_lifetime( key_slot, 
                                  &lifetime_get ) == PSA_SUCCESS );
@@ -396,19 +396,12 @@ exit:
 void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_status_arg )
 {
     int key_slot = 1;
-    psa_key_type_t key_type = PSA_ALG_CBC_BASE;
-    unsigned char key[32] = {0};
     psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
 
-    memset( key, 0x2a, sizeof( key ) );
- 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, sizeof( key ) ) == PSA_SUCCESS );
-
     actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set );
 
     if( actual_status == PSA_SUCCESS )

From 1c34545cfe66610a062b377e68290fb406131fbb Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 16 Apr 2018 06:49:13 -0700
Subject: [PATCH 061/889] Remove usage of PSA_KEY_LIFETIME_NONE

Remove usage of PSA_KEY_LIFETIME_NONE, initiate all key slot to
PSA_KEY_LIFETIME_VOLATILE ini psa_crypto_init()
---
 include/psa/crypto.h | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 6675ba45f..ac763f973 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -102,6 +102,10 @@ typedef enum {
  *
  * Applications may call this function more than once. Once a call
  * succeeds, subsequent calls are guaranteed to succeed.
+ * 
+ * \note Initial lifetime value for each key slot is initiated 
+ *       to PSA_KEY_LIFETIME_VOLATILE, user should change this value
+ *       before calling psa_import_key() if needed.
  *
  * \retval PSA_SUCCESS
  * \retval PSA_ERROR_INSUFFICIENT_MEMORY
@@ -578,19 +582,15 @@ psa_status_t psa_get_key_policy(psa_key_slot_t key,
  */
 typedef uint32_t psa_key_lifetime_t;
 
-/** An invalid key lifetime value.
- */
-#define PSA_KEY_LIFETIME_NONE               ((psa_key_lifetime_t)0x00000000)
-
 /** A volatile key slot retains its content as long as the application is
  * running. It is guaranteed to be erased on a power reset.
  */
-#define PSA_KEY_LIFETIME_VOLATILE               ((psa_key_lifetime_t)0x00000001)
+#define PSA_KEY_LIFETIME_VOLATILE               ((psa_key_lifetime_t)0x00000000)
 
 /** A persistent key slot retains its content as long as it is not explicitly
  * destroyed.
  */
-#define PSA_KEY_LIFETIME_PERSISTENT             ((psa_key_lifetime_t)0x00000002)
+#define PSA_KEY_LIFETIME_PERSISTENT             ((psa_key_lifetime_t)0x00000001)
 
 /** A write-once key slot may not be modified once a key has been set.
  * It will retain its content as long as the device remains operational.

From ea0500936eafd2db80c990c6fa770218a3f2c4fc Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Tue, 17 Apr 2018 00:31:34 -0700
Subject: [PATCH 062/889] Change behavior of psa_get_key_lifetime()

psa_get_key_lifetime() behavior changed regarding empty slots, now
it return the lifetime of and empty slots. Documentation in header
file updated accordingly.
---
 include/psa/crypto.h | 12 ++----------
 library/psa_crypto.c |  3 ---
 2 files changed, 2 insertions(+), 13 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index ac763f973..07c1da1f9 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -103,10 +103,6 @@ typedef enum {
  * Applications may call this function more than once. Once a call
  * succeeds, subsequent calls are guaranteed to succeed.
  * 
- * \note Initial lifetime value for each key slot is initiated 
- *       to PSA_KEY_LIFETIME_VOLATILE, user should change this value
- *       before calling psa_import_key() if needed.
- *
  * \retval PSA_SUCCESS
  * \retval PSA_ERROR_INSUFFICIENT_MEMORY
  * \retval PSA_ERROR_COMMUNICATION_FAILURE
@@ -609,9 +605,7 @@ typedef uint32_t psa_key_lifetime_t;
  *         Success.
  * \retval PSA_ERROR_INVALID_ARGUMENT
  *         The key slot is invalid,
- *         or the key data is not correctly formatted.
- * \retval PSA_ERROR_EMPTY_SLOT
- *         The key slot is not occupied.         
+ *         or the key data is not correctly formatted.   
  */
 psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
                                   psa_key_lifetime_t *lifetime);
@@ -630,11 +624,9 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
  * \retval PSA_ERROR_INVALID_ARGUMENT
  *         The key slot is invalid,
  *         or the key data is not correctly formatted.
- * \retval PSA_ERROR_EMPTY_SLOT
- *         The key slot is not occupied.
  */
 psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
-                                  const psa_key_lifetime_t lifetime);
+                                  psa_key_lifetime_t lifetime);
 
 /**@}*/
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 152fb17bf..fef053919 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1274,9 +1274,6 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     slot = &global_data.key_slots[key];
-
-    if( slot->type == PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_EMPTY_SLOT );
     
     *lifetime = slot->lifetime;
 

From a7d245a4a220f7581ce9bf4497ab130a502d0730 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Tue, 17 Apr 2018 00:40:08 -0700
Subject: [PATCH 063/889] Fix return error values description

Fix return PSA_ERROR_INVALID_ARGUMENT description for psa_set_key_lifetime()
and psa_get_key_lifetime()
---
 include/psa/crypto.h | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 07c1da1f9..658403232 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -604,8 +604,7 @@ typedef uint32_t psa_key_lifetime_t;
  * \retval PSA_SUCCESS
  *         Success.
  * \retval PSA_ERROR_INVALID_ARGUMENT
- *         The key slot is invalid,
- *         or the key data is not correctly formatted.   
+ *         The key slot is invalid.
  */
 psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
                                   psa_key_lifetime_t *lifetime);
@@ -623,7 +622,7 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
  *         Success.
  * \retval PSA_ERROR_INVALID_ARGUMENT
  *         The key slot is invalid,
- *         or the key data is not correctly formatted.
+ *         or the lifetime value is invalid.
  */
 psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
                                   psa_key_lifetime_t lifetime);

From 8ca560293bae188211be21c96000c57b2bbcd409 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 17 Apr 2018 14:07:59 +0200
Subject: [PATCH 064/889] Whitespace fixes

---
 include/psa/crypto.h | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 658403232..b18e22053 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -102,7 +102,7 @@ typedef enum {
  *
  * Applications may call this function more than once. Once a call
  * succeeds, subsequent calls are guaranteed to succeed.
- * 
+ *
  * \retval PSA_SUCCESS
  * \retval PSA_ERROR_INSUFFICIENT_MEMORY
  * \retval PSA_ERROR_COMMUNICATION_FAILURE
@@ -596,11 +596,11 @@ typedef uint32_t psa_key_lifetime_t;
 /** \brief Retrieve the lifetime of a key slot.
  *
  * The assignment of lifetimes to slots is implementation-dependent.
- * 
  * \param key           Slot whose content is to be exported. This must
  *                      be an occupied key slot.
+ *
  * \param lifetime      On success, the lifetime value.
- * 
+ *
  * \retval PSA_SUCCESS
  *         Success.
  * \retval PSA_ERROR_INVALID_ARGUMENT
@@ -610,14 +610,15 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
                                   psa_key_lifetime_t *lifetime);
 
 /** \brief Change the lifetime of a key slot.
+ *
  * Whether the lifetime of a key slot can be changed at all, and if so
  * whether the lifetime of an occupied key slot can be changed, is
  * implementation-dependent.
- * 
+ *
  * \param key           Slot whose content is to be exported. This must
  *                      be an occupied key slot.
  * \param lifetime      The lifetime value to be set for the given key.
- * 
+ *
  * \retval PSA_SUCCESS
  *         Success.
  * \retval PSA_ERROR_INVALID_ARGUMENT

From 9bb53d7affd6aabd83ecb2bf45e058ebfdd0b0d8 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 17 Apr 2018 14:09:24 +0200
Subject: [PATCH 065/889] Fix copypasta in lifetime function descriptions

---
 include/psa/crypto.h | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index b18e22053..83e941f7e 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -596,9 +596,8 @@ typedef uint32_t psa_key_lifetime_t;
 /** \brief Retrieve the lifetime of a key slot.
  *
  * The assignment of lifetimes to slots is implementation-dependent.
- * \param key           Slot whose content is to be exported. This must
- *                      be an occupied key slot.
  *
+ * \param key           Slot to query.
  * \param lifetime      On success, the lifetime value.
  *
  * \retval PSA_SUCCESS
@@ -615,9 +614,8 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
  * whether the lifetime of an occupied key slot can be changed, is
  * implementation-dependent.
  *
- * \param key           Slot whose content is to be exported. This must
- *                      be an occupied key slot.
- * \param lifetime      The lifetime value to be set for the given key.
+ * \param key           Slot whose lifetime is to be changed.
+ * \param lifetime      The lifetime value to set for the given key slot.
  *
  * \retval PSA_SUCCESS
  *         Success.

From f0c9dd37d2b16a3d6e1e612d8a7ccf9ff208ae1a Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 17 Apr 2018 14:11:07 +0200
Subject: [PATCH 066/889] Added possible error codes for lifetime functions

---
 include/psa/crypto.h | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 83e941f7e..07a120c42 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -604,6 +604,9 @@ typedef uint32_t psa_key_lifetime_t;
  *         Success.
  * \retval PSA_ERROR_INVALID_ARGUMENT
  *         The key slot is invalid.
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
                                   psa_key_lifetime_t *lifetime);
@@ -622,6 +625,15 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
  * \retval PSA_ERROR_INVALID_ARGUMENT
  *         The key slot is invalid,
  *         or the lifetime value is invalid.
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ *         The implementation does not support the specified lifetime value,
+ *         at least for the specified key slot.
+ * \retval PSA_ERROR_OCCUPIED_SLOT
+ *         The slot contains a key, and the implementation does not support
+ *         changing the lifetime of an occupied slot.
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
                                   psa_key_lifetime_t lifetime);

From 5c7533923ad8cb45fe307bedb94204e564b6a76b Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Tue, 8 May 2018 11:18:38 +0300
Subject: [PATCH 067/889] ECDSA sign and verify implementation and tests

ECDSA sign and verify implementation and tests
---
 include/psa/crypto.h                        |  1 +
 library/psa_crypto.c                        | 55 ++++++++++++++++++++-
 tests/suites/test_suite_psa_crypto.data     | 24 +++++++--
 tests/suites/test_suite_psa_crypto.function | 47 ++++++++++++++++++
 4 files changed, 122 insertions(+), 5 deletions(-)
 mode change 100644 => 100755 include/psa/crypto.h
 mode change 100644 => 100755 library/psa_crypto.c
 mode change 100644 => 100755 tests/suites/test_suite_psa_crypto.data
 mode change 100644 => 100755 tests/suites/test_suite_psa_crypto.function

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
old mode 100644
new mode 100755
index f8b8ceadc..c0b318776
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -162,6 +162,7 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_DSA_KEYPAIR                ((psa_key_type_t)0x07020000)
 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE        ((psa_key_type_t)0x06030000)
 #define PSA_KEY_TYPE_ECC_KEYPAIR_BASE           ((psa_key_type_t)0x07030000)
+#define PSA_KEY_TYPE_ECC_CURVE_NISTP256R1       ((psa_key_type_t)0x00000001)
 #define PSA_KEY_TYPE_ECC_CURVE_MASK             ((psa_key_type_t)0x0000ffff)
 #define PSA_KEY_TYPE_ECC_KEYPAIR(curve)         \
     (PSA_KEY_TYPE_ECC_KEYPAIR_BASE | (curve))
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
old mode 100644
new mode 100755
index 7e633a3ce..781e06f3a
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -281,6 +281,9 @@ static psa_status_t mbedtls_to_psa_error( int ret )
         case MBEDTLS_ERR_XTEA_HW_ACCEL_FAILED:
             return( PSA_ERROR_HARDWARE_FAILURE );
 
+        case MBEDTLS_ERR_ECP_BAD_INPUT_DATA:
+            return( PSA_ERROR_INVALID_ARGUMENT );
+
         default:
             return( PSA_ERROR_UNKNOWN_ERROR );
     }
@@ -1278,9 +1281,59 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
 #if defined(MBEDTLS_ECP_C)
     if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
     {
-        // TODO
+        mbedtls_ecp_keypair *ecdsa = slot->data.ecp;
+        int ret;
+        const mbedtls_md_info_t *md_info;
+        mbedtls_md_type_t md_alg;
+        if( signature_size < PSA_ECDSA_SIGNATURE_SIZE( ecdsa->grp.pbits ) )
+            return( PSA_ERROR_BUFFER_TOO_SMALL );
+        md_info = mbedtls_md_info_from_psa( alg );
+        md_alg = mbedtls_md_get_type( md_info );
+        ret = mbedtls_ecdsa_write_signature( ecdsa, md_alg, hash, hash_length,
+            signature, signature_length, mbedtls_ctr_drbg_random,
+            &global_data.ctr_drbg );
+        return( mbedtls_to_psa_error( ret ) );
+    }
+    else
+#endif /* defined(MBEDTLS_ECP_C) */
+    {
         return( PSA_ERROR_NOT_SUPPORTED );
     }
+}
+
+psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
+                                    psa_algorithm_t alg,
+                                    const uint8_t *hash,
+                                    size_t hash_length,
+                                    const uint8_t *salt,
+                                    size_t salt_length,
+                                    uint8_t *signature,
+                                    size_t signature_size )
+{
+    key_slot_t *slot;
+    (void) salt;
+    (void) salt_length;
+
+    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    slot = &global_data.key_slots[key];
+    if( slot->type == PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_EMPTY_SLOT );
+    if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    if( !( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) )
+        return( PSA_ERROR_NOT_PERMITTED );
+
+#if defined(MBEDTLS_ECP_C)
+    if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
+    {
+        mbedtls_ecp_keypair *ecdsa = slot->data.ecp;
+        int ret;
+        (void) alg;
+        ret = mbedtls_ecdsa_read_signature( ecdsa, hash, hash_length, signature,
+            signature_size );
+        return( mbedtls_to_psa_error( ret ) );
+    }
     else
 #endif /* defined(MBEDTLS_ECP_C) */
     {
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
old mode 100644
new mode 100755
index 38f4b8090..c3f5f9001
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -33,10 +33,10 @@ PSA import/export RSA keypair: good, 1023-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:1023:0:PSA_SUCCESS:1
 
-#PSA import/export EC secp256r1: good
-#depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-#import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_NISTP256R1:256:0:PSA_SUCCESS:1
-#
+PSA import/export EC secp256r1: good
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):256:0:PSA_SUCCESS:1
+
 PSA hash finish: SHA-256
 depends_on:MBEDTLS_SHA256_C
 hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
@@ -78,6 +78,10 @@ sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84
 PSA sign RSA PKCS#1 v1.5 SHA-256
 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
 
+PSA sign ECDSA SECP256R1 SHA-256
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
+sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+
 PSA sign RSA PKCS#1 v1.5 SHA-256, wrong hash size
 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT
 
@@ -104,3 +108,15 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED
 
 PSA Key Lifetime set fail, invalid key lifetime value
 key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign ECDSA SECP256R1 SHA-256, output buffer too small
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA sign ECDSA SECP256R1, invalid md alg
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":0:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+
+PSA verify ECDSA SECP256R1 SHA-256
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
old mode 100644
new mode 100755
index de388dbc3..04a95d4f8
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -526,3 +526,50 @@ exit:
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_verify( int key_type_arg, char *key_hex,
+                         int alg_arg, char *hash_hex, char *signature_hex )
+{
+    int slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key_data = NULL;
+    size_t key_size;
+    unsigned char *hash_data = NULL;
+    size_t hash_size;
+    unsigned char *signature_data = NULL;
+    size_t signature_size;
+    psa_key_policy_t policy = {0};
+
+    key_data = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key_data != NULL );
+    hash_data = unhexify_alloc( hash_hex, &hash_size );
+    TEST_ASSERT( hash_data != NULL );
+    signature_data = unhexify_alloc( signature_hex, &signature_size );
+    TEST_ASSERT( signature_data != NULL );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg_arg );
+
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, key_type,
+                                 key_data, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_asymmetric_verify( slot, alg,
+                                        hash_data, hash_size,
+                                        NULL, 0,
+                                        signature_data, signature_size ) ==
+                                        PSA_SUCCESS );
+exit:
+    psa_destroy_key( slot );
+    mbedtls_free( key_data );
+    mbedtls_free( hash_data );
+    mbedtls_free( signature_data );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */

From 7b30f8b0c92c879bff5f563dfd7097e07126623f Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Wed, 9 May 2018 16:07:36 +0300
Subject: [PATCH 068/889] Added handling for MBEDTLS_ERR_ECP_XXX error codes

Added handling for MBEDTLS_ERR_ECP_XXX error codes
---
 library/psa_crypto.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 781e06f3a..edb81c435 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -282,7 +282,19 @@ static psa_status_t mbedtls_to_psa_error( int ret )
             return( PSA_ERROR_HARDWARE_FAILURE );
 
         case MBEDTLS_ERR_ECP_BAD_INPUT_DATA:
+        case MBEDTLS_ERR_ECP_INVALID_KEY:
             return( PSA_ERROR_INVALID_ARGUMENT );
+        case MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL:
+            return( PSA_ERROR_BUFFER_TOO_SMALL );
+        case MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE:
+            return( PSA_ERROR_NOT_SUPPORTED );
+        case MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH:
+        case MBEDTLS_ERR_ECP_VERIFY_FAILED:
+            return( PSA_ERROR_INVALID_SIGNATURE );
+        case MBEDTLS_ERR_ECP_ALLOC_FAILED:
+            return( PSA_ERROR_INSUFFICIENT_MEMORY );
+        case MBEDTLS_ERR_ECP_HW_ACCEL_FAILED:
+            return( PSA_ERROR_HARDWARE_FAILURE );
 
         default:
             return( PSA_ERROR_UNKNOWN_ERROR );

From dd4ea38d583fa9b35eb2866f0058ff71e7faabee Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Tue, 3 Apr 2018 15:30:03 +0300
Subject: [PATCH 069/889] export public key

---
 include/psa/crypto.h                    |  2 +-
 library/psa_crypto.c                    | 51 +++++++++++++++++++++++++
 tests/suites/test_suite_psa_crypto.data |  9 +++++
 3 files changed, 61 insertions(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index f8b8ceadc..ca804f063 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -463,7 +463,7 @@ psa_status_t psa_export_key(psa_key_slot_t key,
  * For standard key types, the output format is as follows:
  *
  * - For RSA keys (#PSA_KEY_TYPE_RSA_KEYPAIR or #PSA_KEY_TYPE_RSA_PUBLIC_KEY),
- *   is the DER representation of the public key defined by RFC 5280
+ *   the format is the DER representation of the public key defined by RFC 5280
  *   as SubjectPublicKeyInfo.
  *
  * \param key           Slot whose content is to be exported. This must
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 7e633a3ce..8f4cc202d 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -521,6 +521,57 @@ psa_status_t psa_export_key(psa_key_slot_t key,
 }
 
 
+psa_status_t psa_export_public_key(psa_key_slot_t key,
+    uint8_t *data,
+    size_t data_size,
+    size_t *data_length)
+{
+    key_slot_t *slot;
+    psa_status_t status;
+
+    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+        return( PSA_ERROR_EMPTY_SLOT );
+    status = psa_get_key_slot( key, &slot );
+    if( status != PSA_SUCCESS)
+        return( status );
+    if( slot->type == PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_EMPTY_SLOT );   
+
+    if( !(PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || PSA_KEY_TYPE_IS_KEYPAIR(slot->type))  )
+        return( PSA_ERROR_INVALID_ARGUMENT );   
+    
+#if defined(MBEDTLS_PK_WRITE_C)
+    if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
+        slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ||
+        PSA_KEY_TYPE_IS_ECC( slot->type ) )
+    {
+        mbedtls_pk_context pk;
+        int ret;
+        mbedtls_pk_init( &pk );
+        if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
+            slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
+        {
+            pk.pk_info = &mbedtls_rsa_info;
+            pk.pk_ctx = slot->data.rsa;
+        }
+        else
+        {
+            pk.pk_info = &mbedtls_eckey_info;
+            pk.pk_ctx = slot->data.ecp;
+        }
+        ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size );
+        if( ret < 0 )
+            return( mbedtls_to_psa_error( ret ) );
+        *data_length = ret;
+        return( PSA_SUCCESS );
+    }
+#endif /* defined(MBEDTLS_PK_WRITE_C) */
+    /* This shouldn't happen in the reference implementation, but
+        it is valid for a special-purpose implementation to omit
+        support for exporting certain key types. */
+    return( PSA_ERROR_NOT_SUPPORTED );
+}
+
 
 /****************************************************************/
 /* Message digests */
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 38f4b8090..15c424ee6 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -104,3 +104,12 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED
 
 PSA Key Lifetime set fail, invalid key lifetime value
 key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import/export RSA public key: good, 1024-bit
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:PSA_SUCCESS:1
+
+PSA import/export RSA keypair: good, 1024-bit
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:0:PSA_SUCCESS:1
+

From b4d0ddd2d3d32c08e204715eba089904e76b9d24 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Wed, 4 Apr 2018 12:47:52 +0300
Subject: [PATCH 070/889] psa_export_public_key

---
 include/psa/crypto.h                        |  4 +-
 library/psa_crypto.c                        | 11 ++--
 tests/CMakeLists.txt                        |  1 +
 tests/suites/test_suite_psa_crypto.data     |  5 +-
 tests/suites/test_suite_psa_crypto.function | 59 +++++++++++++++++++++
 5 files changed, 68 insertions(+), 12 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index ca804f063..f3a57014d 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -180,8 +180,8 @@ typedef uint32_t psa_key_type_t;
     (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_ASYMMETRIC)
 /** Whether a key type is the public part of a key pair. */
 #define PSA_KEY_TYPE_IS_PUBLIC_KEY(type)                                \
-    (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG) == \
-      PSA_KEY_TYPE_CATEGORY_ASYMMETRIC))
+    (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG)) == \
+      PSA_KEY_TYPE_CATEGORY_ASYMMETRIC)
 /** Whether a key type is a key pair containing a private part and a public
  * part. */
 #define PSA_KEY_TYPE_IS_KEYPAIR(type)                                   \
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 8f4cc202d..57a392478 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -522,18 +522,15 @@ psa_status_t psa_export_key(psa_key_slot_t key,
 
 
 psa_status_t psa_export_public_key(psa_key_slot_t key,
-    uint8_t *data,
-    size_t data_size,
-    size_t *data_length)
+                                   uint8_t *data,
+                                   size_t data_size,
+                                   size_t *data_length)
 {
     key_slot_t *slot;
-    psa_status_t status;
 
     if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_EMPTY_SLOT );
-    status = psa_get_key_slot( key, &slot );
-    if( status != PSA_SUCCESS)
-        return( status );
+    slot = &global_data.key_slots[key];        
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );   
 
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 58126bedc..d8b74f227 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -110,6 +110,7 @@ add_test_suite(pk)
 add_test_suite(pkparse)
 add_test_suite(pkwrite)
 add_test_suite(poly1305)
+add_test_suite(psa_crypto)
 add_test_suite(shax)
 add_test_suite(ssl)
 add_test_suite(timing)
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 15c424ee6..b04c281b8 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -107,9 +107,8 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
 
 PSA import/export RSA public key: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:PSA_SUCCESS:1
+import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_SUCCESS
 
 PSA import/export RSA keypair: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:0:PSA_SUCCESS:1
-
+import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_SUCCESS
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index de388dbc3..f4dbf1e1f 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -526,3 +526,62 @@ exit:
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
+
+
+/* BEGIN_CASE */
+void import_export_public_key( char *hex,
+                                int type_arg,
+                                int expected_bits,
+                                int expected_export_status )
+{
+    int slot = 1;
+    psa_key_type_t type = type_arg;
+    psa_status_t status;
+    unsigned char *data = NULL;
+    unsigned char *exported = NULL;
+    size_t data_size;
+    size_t export_size;
+    size_t exported_length;
+    psa_key_type_t got_type;
+    size_t got_bits;
+
+    data = unhexify_alloc( hex, &data_size );
+    TEST_ASSERT( data != NULL );
+    export_size = (ssize_t) data_size ;
+    exported = mbedtls_calloc( 1, export_size );
+    TEST_ASSERT( exported != NULL );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    /* Import the key */
+    TEST_ASSERT( psa_import_key( slot, type,
+                                 data, data_size ) == PSA_SUCCESS );
+
+    /* Test the key information */
+    TEST_ASSERT( psa_get_key_information( slot,
+                 &got_type, &got_bits ) == PSA_SUCCESS );
+    TEST_ASSERT( got_type == type );
+    TEST_ASSERT( got_bits == (size_t) expected_bits );
+
+    /* Export the key */
+    status = psa_export_public_key( slot,
+                             exported, export_size,
+                             &exported_length );
+    TEST_ASSERT( status == (psa_status_t) expected_export_status );
+    if( status != PSA_SUCCESS )
+        goto destroy;
+
+ 
+    TEST_ASSERT( exported_length == data_size );
+
+destroy:
+    /* Destroy the key */
+    TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_get_key_information(
+                     slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
+
+exit:
+    mbedtls_free( data );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
\ No newline at end of file

From 5010828fb6039bb0741ade578dacac779785da23 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Mon, 16 Apr 2018 11:12:31 +0300
Subject: [PATCH 071/889] adjust indentation per Mbed TLS standards

---
 library/psa_crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 57a392478..0fa400031 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -534,7 +534,7 @@ psa_status_t psa_export_public_key(psa_key_slot_t key,
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );   
 
-    if( !(PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || PSA_KEY_TYPE_IS_KEYPAIR(slot->type))  )
+    if( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || PSA_KEY_TYPE_IS_KEYPAIR(slot->type) )  )
         return( PSA_ERROR_INVALID_ARGUMENT );   
     
 #if defined(MBEDTLS_PK_WRITE_C)

From 4ff99f36a7a6a3223ad79ad55f9c8334ae5d0143 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Mon, 16 Apr 2018 17:35:09 +0300
Subject: [PATCH 072/889] change test case descriptions + add newline of
 test_suite_psa_crypto.function

---
 tests/suites/test_suite_psa_crypto.data     | 2 +-
 tests/suites/test_suite_psa_crypto.function | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index b04c281b8..fcd320be9 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -109,6 +109,6 @@ PSA import/export RSA public key: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_SUCCESS
 
-PSA import/export RSA keypair: good, 1024-bit
+PSA import/export-public PSA keypair: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_SUCCESS
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index f4dbf1e1f..ae208be73 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -584,4 +584,4 @@ exit:
     mbedtls_free( data );
     mbedtls_psa_crypto_free( );
 }
-/* END_CASE */
\ No newline at end of file
+/* END_CASE */

From a998bc6ac99e63c7b81530655f9905a3a020089c Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Mon, 16 Apr 2018 18:16:20 +0300
Subject: [PATCH 073/889] psa_internal_export_key function for common code.

create psa_internal_export_key function for common code in psa_export_key and psa_export_public_key.
---
 library/psa_crypto.c | 133 ++++++++++++++++++-------------------------
 1 file changed, 54 insertions(+), 79 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 0fa400031..7f18bd42b 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -457,23 +457,28 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_export_key(psa_key_slot_t key,
-                            uint8_t *data,
-                            size_t data_size,
-                            size_t *data_length)
+
+static  psa_status_t psa_internal_export_key(psa_key_slot_t key,
+                                             uint8_t *data,
+                                             size_t data_size,
+                                             size_t *data_length,
+                                             int export_public_key)
 {
     key_slot_t *slot;
 
     if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_EMPTY_SLOT );
-    slot = &global_data.key_slots[key];
+    slot = &global_data.key_slots[ key ];
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
-
+		
     if( !( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) )
         return( PSA_ERROR_NOT_PERMITTED );
+		
+    if( ( export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) ) )
+        return( PSA_ERROR_INVALID_ARGUMENT );
 
-    if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
+    if( ( !export_public_key) && PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
     {
         if( slot->data.raw.bytes > data_size )
             return( PSA_ERROR_BUFFER_TOO_SMALL );
@@ -483,41 +488,51 @@ psa_status_t psa_export_key(psa_key_slot_t key,
     }
     else
 #if defined(MBEDTLS_PK_WRITE_C)
-    if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
-        slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ||
-        PSA_KEY_TYPE_IS_ECC( slot->type ) )
-    {
-        mbedtls_pk_context pk;
-        int ret;
-        mbedtls_pk_init( &pk );
         if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
-            slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
+            slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ||
+            PSA_KEY_TYPE_IS_ECC( slot->type ) )
         {
-            pk.pk_info = &mbedtls_rsa_info;
-            pk.pk_ctx = slot->data.rsa;
+            mbedtls_pk_context pk;
+            int ret;
+            mbedtls_pk_init( &pk );
+            if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
+                slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
+            {
+                pk.pk_info = &mbedtls_rsa_info;
+                pk.pk_ctx = slot->data.rsa;
+            }
+            else
+            {
+                pk.pk_info = &mbedtls_eckey_info;
+                pk.pk_ctx = slot->data.ecp;
+            }
+
+            if( ( ! export_public_key ) && PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
+                ret = mbedtls_pk_write_key_der( &pk, data, data_size );
+            else
+                ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size );
+            if ( ret < 0 )
+                return( mbedtls_to_psa_error( ret ) );
+            *data_length = ret;
+            return( PSA_SUCCESS );
         }
         else
-        {
-            pk.pk_info = &mbedtls_eckey_info;
-            pk.pk_ctx = slot->data.ecp;
-        }
-        if( PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
-            ret = mbedtls_pk_write_key_der( &pk, data, data_size );
-        else
-            ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size );
-        if( ret < 0 )
-            return( mbedtls_to_psa_error( ret ) );
-        *data_length = ret;
-        return( PSA_SUCCESS );
-    }
-    else
 #endif /* defined(MBEDTLS_PK_WRITE_C) */
-    {
-        /* This shouldn't happen in the reference implementation, but
-           it is valid for a special-purpose implementation to omit
-           support for exporting certain key types. */
-        return( PSA_ERROR_NOT_SUPPORTED );
-    }
+        {
+            /* This shouldn't happen in the reference implementation, but
+            it is valid for a special-purpose implementation to omit
+            support for exporting certain key types. */
+            return( PSA_ERROR_NOT_SUPPORTED );
+        }
+}
+
+psa_status_t psa_export_key(psa_key_slot_t key,
+                            uint8_t *data,
+                            size_t data_size,
+                            size_t *data_length)
+{
+    return psa_internal_export_key( key, data, data_size,
+                                  data_length, 0 );
 }
 
 
@@ -526,50 +541,10 @@ psa_status_t psa_export_public_key(psa_key_slot_t key,
                                    size_t data_size,
                                    size_t *data_length)
 {
-    key_slot_t *slot;
-
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
-        return( PSA_ERROR_EMPTY_SLOT );
-    slot = &global_data.key_slots[key];        
-    if( slot->type == PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_EMPTY_SLOT );   
-
-    if( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || PSA_KEY_TYPE_IS_KEYPAIR(slot->type) )  )
-        return( PSA_ERROR_INVALID_ARGUMENT );   
-    
-#if defined(MBEDTLS_PK_WRITE_C)
-    if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
-        slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ||
-        PSA_KEY_TYPE_IS_ECC( slot->type ) )
-    {
-        mbedtls_pk_context pk;
-        int ret;
-        mbedtls_pk_init( &pk );
-        if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
-            slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
-        {
-            pk.pk_info = &mbedtls_rsa_info;
-            pk.pk_ctx = slot->data.rsa;
-        }
-        else
-        {
-            pk.pk_info = &mbedtls_eckey_info;
-            pk.pk_ctx = slot->data.ecp;
-        }
-        ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size );
-        if( ret < 0 )
-            return( mbedtls_to_psa_error( ret ) );
-        *data_length = ret;
-        return( PSA_SUCCESS );
-    }
-#endif /* defined(MBEDTLS_PK_WRITE_C) */
-    /* This shouldn't happen in the reference implementation, but
-        it is valid for a special-purpose implementation to omit
-        support for exporting certain key types. */
-    return( PSA_ERROR_NOT_SUPPORTED );
+    return psa_internal_export_key( key, data, data_size,
+                                   data_length, 1 );
 }
 
-
 /****************************************************************/
 /* Message digests */
 /****************************************************************/

From 60364326174444c8ed3b8838db0331fc2c16b03e Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Sun, 29 Apr 2018 11:34:58 +0300
Subject: [PATCH 074/889] adjust indentation per Mbed TLS standards

---
 library/psa_crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 7f18bd42b..76d742088 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -511,7 +511,7 @@ static  psa_status_t psa_internal_export_key(psa_key_slot_t key,
                 ret = mbedtls_pk_write_key_der( &pk, data, data_size );
             else
                 ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size );
-            if ( ret < 0 )
+            if( ret < 0 )
                 return( mbedtls_to_psa_error( ret ) );
             *data_length = ret;
             return( PSA_SUCCESS );

From 17e36e1bd9dec3a74a05575ad8d6097cbafe3204 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Wed, 2 May 2018 12:55:20 +0300
Subject: [PATCH 075/889] fix conditions

---
 library/psa_crypto.c | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 76d742088..dddd88bba 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -468,7 +468,7 @@ static  psa_status_t psa_internal_export_key(psa_key_slot_t key,
 
     if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_EMPTY_SLOT );
-    slot = &global_data.key_slots[ key ];
+    slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
 		
@@ -478,7 +478,7 @@ static  psa_status_t psa_internal_export_key(psa_key_slot_t key,
     if( ( export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    if( ( !export_public_key) && PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
+    if ( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
     {
         if( slot->data.raw.bytes > data_size )
             return( PSA_ERROR_BUFFER_TOO_SMALL );
@@ -487,6 +487,7 @@ static  psa_status_t psa_internal_export_key(psa_key_slot_t key,
         return( PSA_SUCCESS );
     }
     else
+    {
 #if defined(MBEDTLS_PK_WRITE_C)
         if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
             slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ||
@@ -506,11 +507,10 @@ static  psa_status_t psa_internal_export_key(psa_key_slot_t key,
                 pk.pk_info = &mbedtls_eckey_info;
                 pk.pk_ctx = slot->data.ecp;
             }
-
-            if( ( ! export_public_key ) && PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
-                ret = mbedtls_pk_write_key_der( &pk, data, data_size );
-            else
+            if ( export_public_key || PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) )
                 ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size );
+            else
+                ret = mbedtls_pk_write_key_der( &pk, data, data_size );
             if( ret < 0 )
                 return( mbedtls_to_psa_error( ret ) );
             *data_length = ret;
@@ -524,6 +524,7 @@ static  psa_status_t psa_internal_export_key(psa_key_slot_t key,
             support for exporting certain key types. */
             return( PSA_ERROR_NOT_SUPPORTED );
         }
+    }
 }
 
 psa_status_t psa_export_key(psa_key_slot_t key,

From 338a0cf569755475c0c4869e6f34f550beb3a6a9 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Wed, 2 May 2018 12:55:55 +0300
Subject: [PATCH 076/889] fix import_export_public_key test

---
 tests/suites/test_suite_psa_crypto.data     | 4 ++--
 tests/suites/test_suite_psa_crypto.function | 3 ++-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index fcd320be9..d483a74d1 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -107,8 +107,8 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
 
 PSA import/export RSA public key: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_SUCCESS
+import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:162:PSA_SUCCESS
 
 PSA import/export-public PSA keypair: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_SUCCESS
+import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:162:PSA_SUCCESS
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index ae208be73..6458aa382 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -532,6 +532,7 @@ exit:
 void import_export_public_key( char *hex,
                                 int type_arg,
                                 int expected_bits,
+                                int public_key_expected_length,
                                 int expected_export_status )
 {
     int slot = 1;
@@ -572,7 +573,7 @@ void import_export_public_key( char *hex,
         goto destroy;
 
  
-    TEST_ASSERT( exported_length == data_size );
+    TEST_ASSERT( exported_length == public_key_expected_length );
 
 destroy:
     /* Destroy the key */

From b34879b61a89ee0ec5ed0124deabac6fa669f281 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Tue, 29 May 2018 16:45:14 +0300
Subject: [PATCH 077/889] fix import_export_public_key test to use policy

---
 tests/suites/test_suite_psa_crypto.function | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 6458aa382..65b4739cb 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -545,6 +545,7 @@ void import_export_public_key( char *hex,
     size_t exported_length;
     psa_key_type_t got_type;
     size_t got_bits;
+    psa_key_policy_t policy = {0};
 
     data = unhexify_alloc( hex, &data_size );
     TEST_ASSERT( data != NULL );
@@ -554,6 +555,13 @@ void import_export_public_key( char *hex,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 
+                              PSA_ALG_VENDOR_FLAG );
+
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
     /* Import the key */
     TEST_ASSERT( psa_import_key( slot, type,
                                  data, data_size ) == PSA_SUCCESS );

From d732659867fa7174f6cfd2ee436cad6ab4e57b17 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Tue, 29 May 2018 16:56:39 +0300
Subject: [PATCH 078/889] adjust indentation per Mbed TLS standards

---
 library/psa_crypto.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index dddd88bba..4df8533b1 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -457,7 +457,6 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
     return( PSA_SUCCESS );
 }
 
-
 static  psa_status_t psa_internal_export_key(psa_key_slot_t key,
                                              uint8_t *data,
                                              size_t data_size,
@@ -478,7 +477,7 @@ static  psa_status_t psa_internal_export_key(psa_key_slot_t key,
     if( ( export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    if ( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
+    if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
     {
         if( slot->data.raw.bytes > data_size )
             return( PSA_ERROR_BUFFER_TOO_SMALL );
@@ -507,7 +506,7 @@ static  psa_status_t psa_internal_export_key(psa_key_slot_t key,
                 pk.pk_info = &mbedtls_eckey_info;
                 pk.pk_ctx = slot->data.ecp;
             }
-            if ( export_public_key || PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) )
+            if( export_public_key || PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) )
                 ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size );
             else
                 ret = mbedtls_pk_write_key_der( &pk, data, data_size );
@@ -1011,10 +1010,10 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
         return( status );
     slot = &global_data.key_slots[key];
 
-    if ( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 )
+    if( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 )
         operation->key_usage_sign = 1;
 
-    if ( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 )
+    if( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 )
         operation->key_usage_verify = 1;
 
     if( ! PSA_ALG_IS_HMAC( alg ) )
@@ -1416,7 +1415,7 @@ psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
     if( slot->type != PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_OCCUPIED_SLOT );
 
-    if ( lifetime != PSA_KEY_LIFETIME_VOLATILE )
+    if( lifetime != PSA_KEY_LIFETIME_VOLATILE )
         return( PSA_ERROR_NOT_SUPPORTED );
         
     slot->lifetime = lifetime;

From cceea98bfe2224843040c9f4e88d2d382dec757e Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Tue, 29 May 2018 16:59:38 +0300
Subject: [PATCH 079/889] adjust indentation per Mbed TLS standards

---
 library/psa_crypto.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 4df8533b1..5fd11421d 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -470,11 +470,12 @@ static  psa_status_t psa_internal_export_key(psa_key_slot_t key,
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
-		
+
     if( !( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) )
         return( PSA_ERROR_NOT_PERMITTED );
 		
-    if( ( export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) ) )
+    if( ( export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) 
+				 || PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )

From c425e87af7b639458d253e6db15798adca3bfe76 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 4 Jun 2018 15:07:13 +0200
Subject: [PATCH 080/889] Add cast to satisfy gcc -Wsign-compare

---
 tests/suites/test_suite_psa_crypto.function | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 65b4739cb..8c29f1d2e 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -581,7 +581,7 @@ void import_export_public_key( char *hex,
         goto destroy;
 
  
-    TEST_ASSERT( exported_length == public_key_expected_length );
+    TEST_ASSERT( exported_length == (size_t) public_key_expected_length );
 
 destroy:
     /* Destroy the key */

From 785fd55a39f37543bb613dba132771b5ab74e323 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 4 Jun 2018 15:08:56 +0200
Subject: [PATCH 081/889] Whitespace fixes; removed redundant parentheses

No semantic change.
---
 library/psa_crypto.c                        | 10 +++++-----
 tests/suites/test_suite_psa_crypto.function |  3 +--
 2 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 5fd11421d..d1960f727 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -473,9 +473,9 @@ static  psa_status_t psa_internal_export_key(psa_key_slot_t key,
 
     if( !( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) )
         return( PSA_ERROR_NOT_PERMITTED );
-		
-    if( ( export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) 
-				 || PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) ) )
+
+    if( export_public_key && !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ||
+                                PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
@@ -520,8 +520,8 @@ static  psa_status_t psa_internal_export_key(psa_key_slot_t key,
 #endif /* defined(MBEDTLS_PK_WRITE_C) */
         {
             /* This shouldn't happen in the reference implementation, but
-            it is valid for a special-purpose implementation to omit
-            support for exporting certain key types. */
+               it is valid for a special-purpose implementation to omit
+               support for exporting certain key types. */
             return( PSA_ERROR_NOT_SUPPORTED );
         }
     }
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 8c29f1d2e..48c6228af 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -557,7 +557,7 @@ void import_export_public_key( char *hex,
 
     psa_key_policy_init( &policy );
 
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT,
                               PSA_ALG_VENDOR_FLAG );
 
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
@@ -580,7 +580,6 @@ void import_export_public_key( char *hex,
     if( status != PSA_SUCCESS )
         goto destroy;
 
- 
     TEST_ASSERT( exported_length == (size_t) public_key_expected_length );
 
 destroy:

From 8756763cf1ff15a2a075f0677327f4d29c0a7588 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Mon, 4 Jun 2018 18:41:37 +0300
Subject: [PATCH 082/889] change error check on psa_internal_export_key func

---
 library/psa_crypto.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index d1960f727..17d7d1a1f 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -471,13 +471,13 @@ static  psa_status_t psa_internal_export_key(psa_key_slot_t key,
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
 
-    if( !( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) )
-        return( PSA_ERROR_NOT_PERMITTED );
-
-    if( export_public_key && !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ||
-                                PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) )
+    if( export_public_key && ( !( PSA_KEY_TYPE_IS_ASYMMETRIC( slot->type ) ) ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
+    if( ( !export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) ) &&
+        ( !( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) ) )
+        return( PSA_ERROR_NOT_PERMITTED );
+    
     if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
     {
         if( slot->data.raw.bytes > data_size )

From a964a8f9b0e8b2e6789aa1ae49b9607b08c1a436 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Mon, 4 Jun 2018 18:42:36 +0300
Subject: [PATCH 083/889] add non-regression tests for export public/non public
 key

---
 tests/suites/test_suite_psa_crypto.data     | 28 +++++++++++++--------
 tests/suites/test_suite_psa_crypto.function | 11 +++++---
 2 files changed, 25 insertions(+), 14 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index d483a74d1..42adea2a5 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -2,28 +2,32 @@ PSA init/deinit
 init_deinit:
 
 PSA import/export raw: 0 bytes
-import_export:"":PSA_KEY_TYPE_RAW_DATA:0:0:PSA_SUCCESS:1
+import_export:"":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1
 
 PSA import/export raw: 1 bytes
-import_export:"2a":PSA_KEY_TYPE_RAW_DATA:8:0:PSA_SUCCESS:1
+import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:8:0:PSA_SUCCESS:1
 
 PSA import/export raw: 1 bytes, larger buffer
-import_export:"2a":PSA_KEY_TYPE_RAW_DATA:8:1:PSA_SUCCESS:1
+import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:8:1:PSA_SUCCESS:1
 
 PSA import/export raw: 2 bytes, buffer too small
-import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
+import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
 
 PSA import/export RSA public key: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0:PSA_SUCCESS:1
+import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
+
+PSA import/export RSA keypair usage encrypt: bad, 1024-bit
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1
 
 PSA import/export RSA keypair: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:0:PSA_SUCCESS:1
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
 
 PSA import/export RSA keypair: trailing garbage ignored
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:1024:-1:PSA_SUCCESS:0
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0
 
 PSA import RSA keypair: truncated
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
@@ -31,7 +35,7 @@ import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541e
 
 PSA import/export RSA keypair: good, 1023-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:1023:0:PSA_SUCCESS:1
+import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:1023:0:PSA_SUCCESS:1
 
 #PSA import/export EC secp256r1: good
 #depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
@@ -107,8 +111,12 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
 
 PSA import/export RSA public key: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:162:PSA_SUCCESS
+import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE:1024:162:PSA_SUCCESS
 
 PSA import/export-public PSA keypair: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:162:PSA_SUCCESS
+import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE:1024:162:PSA_SUCCESS
+
+PSA import/export symmetric key: bad, 128-bit
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE:128:162:PSA_ERROR_INVALID_ARGUMENT
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 48c6228af..e7a4ea56c 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -49,7 +49,10 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void import_export( char *hex, int type_arg,
+void import_export( char *hex,
+                    int type_arg,
+                    int alg_arg,
+                    int usage_arg,
                     int expected_bits,
                     int export_size_delta,
                     int expected_export_status,
@@ -84,8 +87,7 @@ void import_export( char *hex, int type_arg,
 
     psa_key_policy_init( &policy );
 
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 
-                              PSA_ALG_VENDOR_FLAG );
+    psa_key_policy_set_usage( &policy, usage_arg, alg_arg );
 
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
@@ -531,6 +533,7 @@ exit:
 /* BEGIN_CASE */
 void import_export_public_key( char *hex,
                                 int type_arg,
+                                int alg_arg,
                                 int expected_bits,
                                 int public_key_expected_length,
                                 int expected_export_status )
@@ -558,7 +561,7 @@ void import_export_public_key( char *hex,
     psa_key_policy_init( &policy );
 
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT,
-                              PSA_ALG_VENDOR_FLAG );
+                              alg_arg );
 
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 

From ce1b23a68c41e6155087628e58923d99b29e3b14 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Tue, 5 Jun 2018 11:11:23 +0300
Subject: [PATCH 084/889] PSA_ALG_CBC_BASE -> PSA_ALG_CBC_BASE |
 PSA_ALG_BLOCK_CIPHER_PAD_NONE

+ update tests description
---
 tests/suites/test_suite_psa_crypto.data | 28 ++++++++++++-------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 42adea2a5..2467d86bb 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -2,32 +2,32 @@ PSA init/deinit
 init_deinit:
 
 PSA import/export raw: 0 bytes
-import_export:"":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1
+import_export:"":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1
 
 PSA import/export raw: 1 bytes
-import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:8:0:PSA_SUCCESS:1
+import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:8:0:PSA_SUCCESS:1
 
 PSA import/export raw: 1 bytes, larger buffer
-import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:8:1:PSA_SUCCESS:1
+import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:8:1:PSA_SUCCESS:1
 
 PSA import/export raw: 2 bytes, buffer too small
-import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
+import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
 
 PSA import/export RSA public key: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
+import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
 
-PSA import/export RSA keypair usage encrypt: bad, 1024-bit
+PSA import/export RSA keypair usage encrypt: bad, plicy usage set to ENCRYPT instead of EXPORT 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1
 
 PSA import/export RSA keypair: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
 
 PSA import/export RSA keypair: trailing garbage ignored
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0
 
 PSA import RSA keypair: truncated
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
@@ -35,7 +35,7 @@ import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541e
 
 PSA import/export RSA keypair: good, 1023-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE:PSA_KEY_USAGE_EXPORT:1023:0:PSA_SUCCESS:1
+import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1023:0:PSA_SUCCESS:1
 
 #PSA import/export EC secp256r1: good
 #depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
@@ -111,12 +111,12 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
 
 PSA import/export RSA public key: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE:1024:162:PSA_SUCCESS
+import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:1024:162:PSA_SUCCESS
 
 PSA import/export-public PSA keypair: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE:1024:162:PSA_SUCCESS
+import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:1024:162:PSA_SUCCESS
 
-PSA import/export symmetric key: bad, 128-bit
+PSA import/export symmetric key: bad, try to use export public key with symmetric key type 128-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE:128:162:PSA_ERROR_INVALID_ARGUMENT
+import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:128:162:PSA_ERROR_INVALID_ARGUMENT

From 503973bdf33e08ffa99f686ddf52834131d9964a Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 12 Mar 2018 15:59:30 +0200
Subject: [PATCH 085/889] initial implementation for PSA symmetric APIs -
 missing tests and documentations

---
 include/psa/crypto.h        |  11 ++-
 include/psa/crypto_struct.h |   2 +-
 library/psa_crypto.c        | 146 ++++++++++++++++++++++++++++++++++++
 3 files changed, 154 insertions(+), 5 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index f8b8ceadc..089484f19 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1057,12 +1057,15 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation,
 
 psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
                                const uint8_t *input,
-                               size_t input_length);
+                               size_t input_length,
+                               unsigned char *output, 
+                               size_t output_size, 
+                               size_t *output_length);
 
 psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
-                               uint8_t *mac,
-                               size_t mac_size,
-                               size_t *mac_length);
+                               uint8_t *output,
+                               size_t output_size,
+                               size_t *output_length);
 
 psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
 
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index eba4862c6..2975bdcb0 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -106,7 +106,7 @@ struct psa_cipher_operation_s
     uint8_t block_size;
     union
     {
-        unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
+        mbedtls_cipher_context_t cipher;
     } ctx;
 };
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 7e633a3ce..428a237df 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1289,6 +1289,152 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
 }
 
 
+/****************************************************************/
+/* Symmetric cryptography */
+/****************************************************************/
+
+psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation,
+                               psa_key_slot_t key,
+                               psa_algorithm_t alg);
+{
+    int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+    psa_status_t status;
+    key_slot_t *slot;
+    psa_key_type_t key_type;
+    size_t key_bits;
+    const mbedtls_cipher_info_t *cipher_info = NULL;
+
+    operation->alg = 0;
+    operation->key_set = 0;
+    operation->iv_set = 0;
+    operation->block_size = 0;
+    operation->iv_size = 0;
+
+    status = psa_get_key_information( key, &key_type, &key_bits );
+    if( status != PSA_SUCCESS )
+        return( status );
+    slot = &global_data.key_slots[key];
+
+    cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits );
+    if( cipher_info == NULL )
+        return( PSA_ERROR_NOT_SUPPORTED );
+
+    operation->block_size = cipher_info->block_size;
+
+    mbedtls_cipher_init( &operation->ctx.cipher );
+    ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info );
+    if (ret != 0)
+    {
+        psa_cipher_abort( operation );
+        return( mbedtls_to_psa_error( ret ) );
+    }
+
+    ret = mbedtls_cipher_setkey( &operation->ctx.cipher, slot->data.raw.data,
+                   key_bits, MBEDTLS_DECRYPT );
+    if (ret != 0)
+    {
+        psa_cipher_abort( operation );
+        return( mbedtls_to_psa_error( ret ) );
+    }
+
+    operation->key_set = 1;
+    operation->alg = alg;
+
+    return ( PSA_SUCCESS );
+}
+
+psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation,
+                                     unsigned char *iv,
+                                     size_t iv_size,
+                                     size_t *iv_length)
+{
+    int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+
+    ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, iv, iv_size);
+    if (ret != 0)
+    {
+        return( mbedtls_to_psa_error( ret ) );       
+    }
+    
+    *iv_length = iv_size;
+    retuen ( PSA_SUCCESS );
+}
+
+psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation,
+                                const unsigned char *iv,
+                                size_t iv_length)
+{
+    int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+
+    ret =  mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length );
+    if (ret != 0)
+    {
+        psa_cipher_abort( operation );
+        return( mbedtls_to_psa_error( ret ) );
+    }
+
+    operation->iv_set = 1;
+    operation->iv_size = iv_length;
+
+    return ( PSA_SUCCESS );
+}
+
+psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
+                               const uint8_t *input,
+                               size_t input_length,
+                               unsigned char *output, 
+                               size_t output_size, 
+                               size_t *output_length)
+{
+    int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+
+    ret = mbedtls_cipher_update( &operation->ctx.cipher, input,
+                   input_length, output, output_length );
+    if (ret != 0)
+    {
+        psa_cipher_abort( operation );
+        return( mbedtls_to_psa_error( ret ) );
+    }
+
+    return ( PSA_SUCCESS );
+}
+
+psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
+                               uint8_t *output,
+                               size_t output_size,
+                               size_t *output_length)
+{
+    int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+    
+    if( ! operation->key_set )
+        return( PSA_ERROR_BAD_STATE );
+    if( ! operation->iv_set )
+        return( PSA_ERROR_BAD_STATE );
+
+    ret = mbedtls_cipher_finish( &operation->ctx.cipher, output, 
+                                output_length );
+    if (ret != 0)
+    {
+        psa_cipher_abort( operation );
+        return( mbedtls_to_psa_error( ret ) );
+    }
+
+    return ( PSA_SUCCESS );
+}
+
+psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
+{   
+    mbedtls_cipher_free( &operation->ctx.cipher );
+    
+    operation->alg = 0;
+    operation->key_set = 0;
+    operation->iv_set = 0;
+    operation->block_size = 0;
+    operation->iv_size = 0;
+    
+    return ( PSA_SUCCESS );
+}
+
 
 /****************************************************************/
 /* Key Policy */

From 9bc76953ae20230f519328f1e74f5985d5345c6d Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Wed, 6 Jun 2018 17:25:35 +0300
Subject: [PATCH 086/889] export->export-public + move tests case

---
 tests/suites/test_suite_psa_crypto.data | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 2467d86bb..8d22fced5 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -37,6 +37,18 @@ PSA import/export RSA keypair: good, 1023-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1023:0:PSA_SUCCESS:1
 
+PSA import/export-public RSA public key: good, 1024-bit
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:1024:162:PSA_SUCCESS
+
+PSA import/export-public PSA keypair: good, 1024-bit
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:1024:162:PSA_SUCCESS
+
+PSA import/export-public symmetric key: bad, try to use export public key with symmetric key type 128-bit
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:128:162:PSA_ERROR_INVALID_ARGUMENT
+
 #PSA import/export EC secp256r1: good
 #depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 #import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_NISTP256R1:256:0:PSA_SUCCESS:1
@@ -108,15 +120,3 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED
 
 PSA Key Lifetime set fail, invalid key lifetime value
 key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
-
-PSA import/export RSA public key: good, 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:1024:162:PSA_SUCCESS
-
-PSA import/export-public PSA keypair: good, 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:1024:162:PSA_SUCCESS
-
-PSA import/export symmetric key: bad, try to use export public key with symmetric key type 128-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:128:162:PSA_ERROR_INVALID_ARGUMENT

From 8275961178a62874496bf4c5090775ec8bce09da Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 12 Mar 2018 18:16:40 +0200
Subject: [PATCH 087/889] warnings fixes

---
 include/psa/crypto.h |  3 +--
 library/psa_crypto.c | 15 ++++++++++-----
 2 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 089484f19..97819b74f 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1046,8 +1046,7 @@ psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation,
                                psa_key_slot_t key,
                                psa_algorithm_t alg);
 
-psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation,
-                                     unsigned char *iv,
+psa_status_t psa_encrypt_generate_iv(unsigned char *iv,
                                      size_t iv_size,
                                      size_t *iv_length);
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 428a237df..d349d1957 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1295,7 +1295,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
 
 psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation,
                                psa_key_slot_t key,
-                               psa_algorithm_t alg);
+                               psa_algorithm_t alg)
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
     psa_status_t status;
@@ -1343,13 +1343,12 @@ psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation,
     return ( PSA_SUCCESS );
 }
 
-psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation,
-                                     unsigned char *iv,
+psa_status_t psa_encrypt_generate_iv(unsigned char *iv,
                                      size_t iv_size,
                                      size_t *iv_length)
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
-
+    
     ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, iv, iv_size);
     if (ret != 0)
     {
@@ -1357,7 +1356,7 @@ psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation,
     }
     
     *iv_length = iv_size;
-    retuen ( PSA_SUCCESS );
+    return ( PSA_SUCCESS );
 }
 
 psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation,
@@ -1388,6 +1387,9 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
 
+    if ( output_size < input_length )
+        return ( PSA_ERROR_BUFFER_TOO_SMALL );
+
     ret = mbedtls_cipher_update( &operation->ctx.cipher, input,
                    input_length, output, output_length );
     if (ret != 0)
@@ -1405,6 +1407,9 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
                                size_t *output_length)
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+
+    if ( output_size < operation->block_size )
+        return ( PSA_ERROR_BUFFER_TOO_SMALL );
     
     if( ! operation->key_set )
         return( PSA_ERROR_BAD_STATE );

From f709f4a3564d7d02e86a73b1dee7d862b8bdb37e Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Wed, 6 Jun 2018 17:26:04 +0300
Subject: [PATCH 088/889] move import_export_public_key func place

---
 tests/suites/test_suite_psa_crypto.function | 136 ++++++++++----------
 1 file changed, 68 insertions(+), 68 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index e7a4ea56c..22a5de69d 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -143,6 +143,74 @@ exit:
 }
 /* END_CASE */
 
+
+/* BEGIN_CASE */
+void import_export_public_key( char *hex,
+                                int type_arg,
+                                int alg_arg,
+                                int expected_bits,
+                                int public_key_expected_length,
+                                int expected_export_status )
+{
+    int slot = 1;
+    psa_key_type_t type = type_arg;
+    psa_status_t status;
+    unsigned char *data = NULL;
+    unsigned char *exported = NULL;
+    size_t data_size;
+    size_t export_size;
+    size_t exported_length;
+    psa_key_type_t got_type;
+    size_t got_bits;
+    psa_key_policy_t policy = {0};
+
+    data = unhexify_alloc( hex, &data_size );
+    TEST_ASSERT( data != NULL );
+    export_size = (ssize_t) data_size ;
+    exported = mbedtls_calloc( 1, export_size );
+    TEST_ASSERT( exported != NULL );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT,
+                              alg_arg );
+
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    /* Import the key */
+    TEST_ASSERT( psa_import_key( slot, type,
+                                 data, data_size ) == PSA_SUCCESS );
+
+    /* Test the key information */
+    TEST_ASSERT( psa_get_key_information( slot,
+                 &got_type, &got_bits ) == PSA_SUCCESS );
+    TEST_ASSERT( got_type == type );
+    TEST_ASSERT( got_bits == (size_t) expected_bits );
+
+    /* Export the key */
+    status = psa_export_public_key( slot,
+                             exported, export_size,
+                             &exported_length );
+    TEST_ASSERT( status == (psa_status_t) expected_export_status );
+    if( status != PSA_SUCCESS )
+        goto destroy;
+
+    TEST_ASSERT( exported_length == (size_t) public_key_expected_length );
+
+destroy:
+    /* Destroy the key */
+    TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_get_key_information(
+                     slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
+
+exit:
+    mbedtls_free( data );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void hash_finish( int alg_arg, char *input_hex, char *hash_hex )
 {
@@ -528,71 +596,3 @@ exit:
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
-
-
-/* BEGIN_CASE */
-void import_export_public_key( char *hex,
-                                int type_arg,
-                                int alg_arg,
-                                int expected_bits,
-                                int public_key_expected_length,
-                                int expected_export_status )
-{
-    int slot = 1;
-    psa_key_type_t type = type_arg;
-    psa_status_t status;
-    unsigned char *data = NULL;
-    unsigned char *exported = NULL;
-    size_t data_size;
-    size_t export_size;
-    size_t exported_length;
-    psa_key_type_t got_type;
-    size_t got_bits;
-    psa_key_policy_t policy = {0};
-
-    data = unhexify_alloc( hex, &data_size );
-    TEST_ASSERT( data != NULL );
-    export_size = (ssize_t) data_size ;
-    exported = mbedtls_calloc( 1, export_size );
-    TEST_ASSERT( exported != NULL );
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT,
-                              alg_arg );
-
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
-
-    /* Import the key */
-    TEST_ASSERT( psa_import_key( slot, type,
-                                 data, data_size ) == PSA_SUCCESS );
-
-    /* Test the key information */
-    TEST_ASSERT( psa_get_key_information( slot,
-                 &got_type, &got_bits ) == PSA_SUCCESS );
-    TEST_ASSERT( got_type == type );
-    TEST_ASSERT( got_bits == (size_t) expected_bits );
-
-    /* Export the key */
-    status = psa_export_public_key( slot,
-                             exported, export_size,
-                             &exported_length );
-    TEST_ASSERT( status == (psa_status_t) expected_export_status );
-    if( status != PSA_SUCCESS )
-        goto destroy;
-
-    TEST_ASSERT( exported_length == (size_t) public_key_expected_length );
-
-destroy:
-    /* Destroy the key */
-    TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_get_key_information(
-                     slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
-
-exit:
-    mbedtls_free( data );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */

From d7d7ba5749287334271a559c64fd6379ae932381 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 12 Mar 2018 18:51:53 +0200
Subject: [PATCH 089/889] add positive test scenarios

---
 tests/suites/test_suite_psa_crypto.data     |   9 ++
 tests/suites/test_suite_psa_crypto.function | 141 ++++++++++++++++++++
 2 files changed, 150 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 38f4b8090..533bb71da 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -104,3 +104,12 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED
 
 PSA Key Lifetime set fail, invalid key lifetime value
 key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA Symmetric encryption: AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_positive:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411"
+
+PSA Symmetric encryption/decryption: AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_verify_output:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411"
+
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index de388dbc3..6f364938a 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -526,3 +526,144 @@ exit:
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
+
+* BEGIN_CASE */
+void cipher_test_positive( psa_algorithm_t alg_arg, int key_type_arg, 
+                           char *key_hex,
+                           char *input_hex )
+{
+    int key_slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key = NULL;
+    size_t key_size;
+    unsigned char *iv[16] = NULL;
+    size_t iv_size = 16;
+    size_t iv_length = 0;
+    unsigned char *input = NULL;
+    size_t input_size = 0;
+    unsigned char *output = NULL;
+    size_t output_size = 0;
+    size_t output_length = 0;
+    psa_cipher_operation_t operation;
+
+    key = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key != NULL );
+
+    input = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input != NULL );
+ 
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_encrypt_generate_iv( &operation, iv,
+                                        iv_size, &iv_length) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
+                                     iv_length) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
+                                    output, output_size, 
+                                    &output_length) == PSA_SUCCESS );
+    
+    TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
+                                    output_size - output_length,
+                                    &output_length) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
+
+exit:
+    mbedtls_free( key );
+    mbedtls_free( input );
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_test_verify_output( psa_algorithm_t alg_arg, int key_type_arg, 
+                           char *key_hex,
+                           char *input_hex )
+{
+    int key_slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key = NULL;
+    size_t key_size;
+    unsigned char *iv[16] = NULL;
+    size_t iv_size = 16;
+    size_t iv_length = 0;
+    unsigned char *input = NULL;
+    size_t input_size = 0;
+    unsigned char *output1 = NULL;
+    size_t output1_size = 0;
+    size_t output1_length = 0;
+    unsigned char *output2 = NULL;
+    size_t output2_size = 0;
+    size_t output2_length = 0;
+    size_t tmp_output_length = 0;
+    psa_cipher_operation_t operation1;
+    psa_cipher_operation_t operation2;
+
+    key = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key != NULL );
+
+    input = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input != NULL );
+ 
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_decrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv,
+                                        iv_size, &iv_length) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_encrypt_set_iv( &operation1, iv,
+                                     iv_length) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_cipher_update( &operation1, input, input_size,
+                                    output1, output1_size, 
+                                    &output1_length) == PSA_SUCCESS );
+    
+    TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length,
+                                    output1_size - output1_length,
+                                    &tmp_output_length) == PSA_SUCCESS );
+
+    output1_length += tmp_output_length;
+
+    TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv,
+                                     iv_length) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_cipher_update( &operation2, output, output_length, 
+                                    output2, output2_size, &output2_length) == PSA_SUCCESS );
+    tmp_output_length = 0;
+    TEST_ASSERT( psa_cipher_finish( &operation, output2 + output2_length,
+                                    output2_size - output2_length,
+                                    &tmp_output_length) == PSA_SUCCESS );  
+
+    output2_length += tmp_output_length;
+    
+    TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
+
+    TEST_ASSERT( input_size == output1_length );
+    TEST_ASSERT( output1_length == output2_length );
+    TEST_ASSERT( memcmp( input, output, input_size ) == 0 );
+
+exit:
+    mbedtls_free( key );
+    mbedtls_free( input );
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */

From d1e8e41737ea221bbe179effb5255d217cdf0946 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 7 Jun 2018 09:49:39 +0200
Subject: [PATCH 090/889] Adapt older import_export test data to the new
 function signature

---
 include/psa/crypto.h                    | 2 ++
 tests/suites/test_suite_psa_crypto.data | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 0c9bf618f..c8a05a437 100755
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -340,6 +340,8 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_RSA_GET_HASH(alg)                                       \
     (((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH)
 
+#define PSA_ALG_ECDSA_RAW                       ((psa_algorithm_t)0x10030000)
+
 /**@}*/
 
 /** \defgroup key_management Key management
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 3d80c865c..9778a55cc 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -51,7 +51,7 @@ import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA
 
 PSA import/export EC secp256r1: good
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):256:0:PSA_SUCCESS:1
+import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
 
 PSA hash finish: SHA-256
 depends_on:MBEDTLS_SHA256_C

From e6b67a1e78808da6e750f53a5151a518c23558a8 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 12 Mar 2018 10:38:49 -0700
Subject: [PATCH 091/889] Fix parameters in test suite

Fix test function signature in test suite
---
 tests/suites/test_suite_psa_crypto.function | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 6f364938a..ce33228b2 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -528,7 +528,7 @@ exit:
 /* END_CASE */
 
 * BEGIN_CASE */
-void cipher_test_positive( psa_algorithm_t alg_arg, int key_type_arg, 
+void cipher_test_positive( int alg_arg, int key_type_arg, 
                            char *key_hex,
                            char *input_hex )
 {
@@ -537,7 +537,7 @@ void cipher_test_positive( psa_algorithm_t alg_arg, int key_type_arg,
     psa_algorithm_t alg = alg_arg;
     unsigned char *key = NULL;
     size_t key_size;
-    unsigned char *iv[16] = NULL;
+    unsigned char iv[16] = {0};
     size_t iv_size = 16;
     size_t iv_length = 0;
     unsigned char *input = NULL;
@@ -560,7 +560,7 @@ void cipher_test_positive( psa_algorithm_t alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_generate_iv( &operation, iv,
+    TEST_ASSERT( psa_encrypt_generate_iv( iv,
                                         iv_size, &iv_length) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
@@ -574,7 +574,7 @@ void cipher_test_positive( psa_algorithm_t alg_arg, int key_type_arg,
                                     output_size - output_length,
                                     &output_length) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
 exit:
     mbedtls_free( key );
@@ -585,7 +585,7 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void cipher_test_verify_output( psa_algorithm_t alg_arg, int key_type_arg, 
+void cipher_test_verify_output( int alg_arg, int key_type_arg, 
                            char *key_hex,
                            char *input_hex )
 {
@@ -594,7 +594,7 @@ void cipher_test_verify_output( psa_algorithm_t alg_arg, int key_type_arg,
     psa_algorithm_t alg = alg_arg;
     unsigned char *key = NULL;
     size_t key_size;
-    unsigned char *iv[16] = NULL;
+    unsigned char iv[16] = {0};
     size_t iv_size = 16;
     size_t iv_length = 0;
     unsigned char *input = NULL;
@@ -622,7 +622,7 @@ void cipher_test_verify_output( psa_algorithm_t alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_decrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv,
+    TEST_ASSERT( psa_encrypt_generate_iv( iv,
                                         iv_size, &iv_length) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation1, iv,
@@ -645,10 +645,10 @@ void cipher_test_verify_output( psa_algorithm_t alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv,
                                      iv_length) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_cipher_update( &operation2, output, output_length, 
+    TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length, 
                                     output2, output2_size, &output2_length) == PSA_SUCCESS );
     tmp_output_length = 0;
-    TEST_ASSERT( psa_cipher_finish( &operation, output2 + output2_length,
+    TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length,
                                     output2_size - output2_length,
                                     &tmp_output_length) == PSA_SUCCESS );  
 
@@ -658,7 +658,7 @@ void cipher_test_verify_output( psa_algorithm_t alg_arg, int key_type_arg,
 
     TEST_ASSERT( input_size == output1_length );
     TEST_ASSERT( output1_length == output2_length );
-    TEST_ASSERT( memcmp( input, output, input_size ) == 0 );
+    TEST_ASSERT( memcmp( input, output2, input_size ) == 0 );
 
 exit:
     mbedtls_free( key );

From cdd3be9cfb9b1cd23b2b23d84bd71adaf117b7c0 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Tue, 13 Mar 2018 04:38:38 -0700
Subject: [PATCH 092/889] Add psa_crypto test suite to Cmake

Add psa_crypto test suite to Cmake
---
 tests/CMakeLists.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 58126bedc..d8b74f227 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -110,6 +110,7 @@ add_test_suite(pk)
 add_test_suite(pkparse)
 add_test_suite(pkwrite)
 add_test_suite(poly1305)
+add_test_suite(psa_crypto)
 add_test_suite(shax)
 add_test_suite(ssl)
 add_test_suite(timing)

From 990a18c2f00a8ff539b7bb3a781ac76e3c2357d7 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 14 Mar 2018 15:15:33 +0200
Subject: [PATCH 093/889] add ecb to cipher algorithms

---
 include/psa/crypto.h | 1 +
 library/psa_crypto.c | 5 +++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 97819b74f..73cf7bd27 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -317,6 +317,7 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_CFB_BASE                        ((psa_algorithm_t)0x04000002)
 #define PSA_ALG_OFB_BASE                        ((psa_algorithm_t)0x04000003)
 #define PSA_ALG_XTS_BASE                        ((psa_algorithm_t)0x04000004)
+#define PSA_ALG_ECB_BASE                        ((psa_algorithm_t)0x04000005)
 #define PSA_ALG_STREAM_CIPHER                   ((psa_algorithm_t)0x04800000)
 #define PSA_ALG_CTR                             ((psa_algorithm_t)0x04800001)
 #define PSA_ALG_ARC4                            ((psa_algorithm_t)0x04800002)
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index d349d1957..37befc0e5 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -880,13 +880,14 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
 
     if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) )
     {
-        if( PSA_ALG_IS_BLOCK_CIPHER( alg ) )
-            alg &= ~PSA_ALG_BLOCK_CIPHER_MODE_MASK;
         switch( alg )
         {
             case PSA_ALG_STREAM_CIPHER:
                 mode = MBEDTLS_MODE_STREAM;
                 break;
+            case PSA_ALG_ECB_BASE:
+                mode = MBEDTLS_MODE_ECB;
+                break;
             case PSA_ALG_CBC_BASE:
                 mode = MBEDTLS_MODE_CBC;
                 break;

From efb0107fbe22de6461aab040d0b3714422587ccf Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 14 Mar 2018 17:03:52 +0200
Subject: [PATCH 094/889] CR fix, remove exposing ECB

---
 include/psa/crypto.h | 1 -
 library/psa_crypto.c | 3 ---
 2 files changed, 4 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 73cf7bd27..97819b74f 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -317,7 +317,6 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_CFB_BASE                        ((psa_algorithm_t)0x04000002)
 #define PSA_ALG_OFB_BASE                        ((psa_algorithm_t)0x04000003)
 #define PSA_ALG_XTS_BASE                        ((psa_algorithm_t)0x04000004)
-#define PSA_ALG_ECB_BASE                        ((psa_algorithm_t)0x04000005)
 #define PSA_ALG_STREAM_CIPHER                   ((psa_algorithm_t)0x04800000)
 #define PSA_ALG_CTR                             ((psa_algorithm_t)0x04800001)
 #define PSA_ALG_ARC4                            ((psa_algorithm_t)0x04800002)
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 37befc0e5..d170505c3 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -885,9 +885,6 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
             case PSA_ALG_STREAM_CIPHER:
                 mode = MBEDTLS_MODE_STREAM;
                 break;
-            case PSA_ALG_ECB_BASE:
-                mode = MBEDTLS_MODE_ECB;
-                break;
             case PSA_ALG_CBC_BASE:
                 mode = MBEDTLS_MODE_CBC;
                 break;

From 8481e74eccdbfdfe101e0e481aada00617bae9d4 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Sun, 18 Mar 2018 13:57:31 +0200
Subject: [PATCH 095/889] CR fixes

more fixes

Compilation fixes

Compilation fixes for PSA crypto code and tests
---
 include/psa/crypto.h                        |   3 +-
 library/psa_crypto.c                        | 123 +++++++++++++++-----
 tests/suites/test_suite_psa_crypto.function |   4 +-
 3 files changed, 99 insertions(+), 31 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 97819b74f..089484f19 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1046,7 +1046,8 @@ psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation,
                                psa_key_slot_t key,
                                psa_algorithm_t alg);
 
-psa_status_t psa_encrypt_generate_iv(unsigned char *iv,
+psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation,
+                                     unsigned char *iv,
                                      size_t iv_size,
                                      size_t *iv_length);
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index d170505c3..9a812b866 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -286,7 +286,40 @@ static psa_status_t mbedtls_to_psa_error( int ret )
     }
 }
 
+static void psa_operation_init(void *operation,
+                                psa_algorithm_t alg)
+{
+    if( PSA_ALG_IS_MAC(alg) )
+    {
+        if ( ((psa_mac_operation_t*)operation)->alg != 0 ) //restart
+        {
+            ((psa_mac_operation_t*)operation)->alg = 0;
+            ((psa_mac_operation_t*)operation)->iv_required = 0;
+        }
+        else
+        {
+            ((psa_mac_operation_t*)operation)->alg = alg;
+            ((psa_mac_operation_t*)operation)->iv_required = 1;
+        }
 
+        ((psa_mac_operation_t*)operation)->key_set = 0;
+        ((psa_mac_operation_t*)operation)->iv_set = 0;
+        ((psa_mac_operation_t*)operation)->has_input = 0;
+        ((psa_mac_operation_t*)operation)->mac_size = 0;
+    }
+    else if( PSA_ALG_IS_CIPHER(alg) )
+    {
+        if ( ((psa_cipher_operation_t*)operation)->alg != 0 ) //restart
+            ((psa_cipher_operation_t*)operation)->alg = 0;
+        else
+            ((psa_cipher_operation_t*)operation)->alg = alg;
+
+        ((psa_cipher_operation_t*)operation)->key_set = 0;
+        ((psa_cipher_operation_t*)operation)->iv_set = 0;
+        ((psa_cipher_operation_t*)operation)->iv_size = 0;
+        ((psa_cipher_operation_t*)operation)->block_size = 0;
+    }
+}
 
 /****************************************************************/
 /* Key management */
@@ -880,6 +913,10 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
 
     if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) )
     {
+        if( PSA_ALG_IS_BLOCK_CIPHER( alg ) )
+        {
+            alg &= ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
+        }
         switch( alg )
         {
             case PSA_ALG_STREAM_CIPHER:
@@ -955,11 +992,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
 #endif /* MBEDTLS_MD_C */
                 return( PSA_ERROR_NOT_SUPPORTED );
     }
-    operation->alg = 0;
-    operation->key_set = 0;
-    operation->iv_set = 0;
-    operation->iv_required = 0;
-    operation->has_input = 0;
+    psa_operation_init(operation, 0);
     return( PSA_SUCCESS );
 }
 
@@ -974,11 +1007,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
     size_t key_bits;
     const mbedtls_cipher_info_t *cipher_info = NULL;
 
-    operation->alg = 0;
-    operation->key_set = 0;
-    operation->iv_set = 0;
-    operation->iv_required = 1;
-    operation->has_input = 0;
+    psa_operation_init(operation, alg);
 
     status = psa_get_key_information( key, &key_type, &key_bits );
     if( status != PSA_SUCCESS )
@@ -1291,9 +1320,9 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
 /* Symmetric cryptography */
 /****************************************************************/
 
-psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation,
+static psa_status_t psa_setup(psa_cipher_operation_t *operation,
                                psa_key_slot_t key,
-                               psa_algorithm_t alg)
+                               psa_algorithm_t alg, mbedtls_operation_t cipher_operation)
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
     psa_status_t status;
@@ -1301,12 +1330,10 @@ psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation,
     psa_key_type_t key_type;
     size_t key_bits;
     const mbedtls_cipher_info_t *cipher_info = NULL;
+    psa_algorithm_t padding_mode = PSA_ALG_BLOCK_CIPHER_PAD_NONE;
+    mbedtls_cipher_padding_t mode = MBEDTLS_PADDING_NONE;
 
-    operation->alg = 0;
-    operation->key_set = 0;
-    operation->iv_set = 0;
-    operation->block_size = 0;
-    operation->iv_size = 0;
+    psa_operation_init(operation, alg);
 
     status = psa_get_key_information( key, &key_type, &key_bits );
     if( status != PSA_SUCCESS )
@@ -1328,33 +1355,78 @@ psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation,
     }
 
     ret = mbedtls_cipher_setkey( &operation->ctx.cipher, slot->data.raw.data,
-                   key_bits, MBEDTLS_DECRYPT );
+                   key_bits, cipher_operation );
     if (ret != 0)
     {
         psa_cipher_abort( operation );
         return( mbedtls_to_psa_error( ret ) );
     }
 
+#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+    if (( alg & PSA_ALG_CBC_BASE) == PSA_ALG_CBC_BASE)
+    {
+        padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
+
+        switch (padding_mode)
+        {
+            case PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:
+                mode = MBEDTLS_PADDING_PKCS7;
+                break;
+            case PSA_ALG_BLOCK_CIPHER_PAD_NONE:
+                mode = MBEDTLS_PADDING_NONE;
+                break;
+            default:
+                return ( PSA_ERROR_INVALID_PADDING );
+        }
+        ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, mode );
+        if (ret != 0)
+            return( mbedtls_to_psa_error( ret ) );
+    }
+#endif //MBEDTLS_CIPHER_MODE_WITH_PADDING
+
     operation->key_set = 1;
     operation->alg = alg;
+    operation->block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type);
+    if ( PSA_ALG_IS_BLOCK_CIPHER(alg) )
+    {
+        operation->iv_size = operation->block_size;
+    }
 
     return ( PSA_SUCCESS );
 }
 
-psa_status_t psa_encrypt_generate_iv(unsigned char *iv,
+psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation,
+                               psa_key_slot_t key,
+                               psa_algorithm_t alg)
+{
+    return psa_setup(operation, key, alg, MBEDTLS_ENCRYPT);
+}
+
+psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation,
+                               psa_key_slot_t key,
+                               psa_algorithm_t alg)
+{
+    return psa_setup(operation, key, alg, MBEDTLS_DECRYPT);
+}
+
+psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation,
+                                     unsigned char *iv,
                                      size_t iv_size,
                                      size_t *iv_length)
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+    if (iv_size < operation->iv_size)
+        return ( PSA_ERROR_BUFFER_TOO_SMALL );
     
-    ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, iv, iv_size);
+    ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, iv, operation->iv_size);
     if (ret != 0)
     {
         return( mbedtls_to_psa_error( ret ) );       
     }
     
-    *iv_length = iv_size;
-    return ( PSA_SUCCESS );
+    *iv_length = operation->iv_size;
+
+    return psa_encrypt_set_iv( operation, iv, *iv_length);
 }
 
 psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation,
@@ -1371,7 +1443,6 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation,
     }
 
     operation->iv_set = 1;
-    operation->iv_size = iv_length;
 
     return ( PSA_SUCCESS );
 }
@@ -1429,11 +1500,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
 {   
     mbedtls_cipher_free( &operation->ctx.cipher );
     
-    operation->alg = 0;
-    operation->key_set = 0;
-    operation->iv_set = 0;
-    operation->block_size = 0;
-    operation->iv_size = 0;
+    psa_operation_init(operation, 0);
     
     return ( PSA_SUCCESS );
 }
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index ce33228b2..66ab296ed 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -560,7 +560,7 @@ void cipher_test_positive( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_generate_iv( iv,
+    TEST_ASSERT( psa_encrypt_generate_iv( &operation, iv,
                                         iv_size, &iv_length) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
@@ -622,7 +622,7 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_decrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_generate_iv( iv,
+    TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv,
                                         iv_size, &iv_length) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation1, iv,

From 16864af80bae0f3c2717d8291c74ea265e15db25 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 19 Mar 2018 16:22:57 +0200
Subject: [PATCH 096/889] fix static function name

---
 library/psa_crypto.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 9a812b866..57847fa1f 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1320,7 +1320,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
 /* Symmetric cryptography */
 /****************************************************************/
 
-static psa_status_t psa_setup(psa_cipher_operation_t *operation,
+static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
                                psa_key_slot_t key,
                                psa_algorithm_t alg, mbedtls_operation_t cipher_operation)
 {
@@ -1399,14 +1399,14 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation,
                                psa_key_slot_t key,
                                psa_algorithm_t alg)
 {
-    return psa_setup(operation, key, alg, MBEDTLS_ENCRYPT);
+    return psa_cipher_setup(operation, key, alg, MBEDTLS_ENCRYPT);
 }
 
 psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation,
                                psa_key_slot_t key,
                                psa_algorithm_t alg)
 {
-    return psa_setup(operation, key, alg, MBEDTLS_DECRYPT);
+    return psa_cipher_setup(operation, key, alg, MBEDTLS_DECRYPT);
 }
 
 psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation,

From 3205a6592ba7b410bceadd49c8f263fcc45ced13 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Tue, 20 Mar 2018 17:09:59 +0200
Subject: [PATCH 097/889] tests fix

---
 library/psa_crypto.c                        |  6 +--
 tests/suites/test_suite_psa_crypto.data     |  5 +--
 tests/suites/test_suite_psa_crypto.function | 44 ++++++++++-----------
 3 files changed, 24 insertions(+), 31 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 57847fa1f..96eea5b9f 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1425,7 +1425,6 @@ psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation,
     }
     
     *iv_length = operation->iv_size;
-
     return psa_encrypt_set_iv( operation, iv, *iv_length);
 }
 
@@ -1476,16 +1475,13 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
                                size_t *output_length)
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
-
-    if ( output_size < operation->block_size )
-        return ( PSA_ERROR_BUFFER_TOO_SMALL );
     
     if( ! operation->key_set )
         return( PSA_ERROR_BAD_STATE );
     if( ! operation->iv_set )
         return( PSA_ERROR_BAD_STATE );
 
-    ret = mbedtls_cipher_finish( &operation->ctx.cipher, output, 
+    ret = mbedtls_cipher_finish( &operation->ctx.cipher, output,
                                 output_length );
     if (ret != 0)
     {
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 533bb71da..d8cab1fd4 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -107,9 +107,8 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
 
 PSA Symmetric encryption: AES-128
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_positive:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411"
+cipher_test_positive:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
 PSA Symmetric encryption/decryption: AES-128
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_verify_output:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411"
-
+cipher_test_verify_output:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 66ab296ed..5b4702bef 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -542,11 +542,12 @@ void cipher_test_positive( int alg_arg, int key_type_arg,
     size_t iv_length = 0;
     unsigned char *input = NULL;
     size_t input_size = 0;
-    unsigned char *output = NULL;
+    unsigned char *output ;
     size_t output_size = 0;
     size_t output_length = 0;
     psa_cipher_operation_t operation;
 
+
     key = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key != NULL );
 
@@ -558,20 +559,19 @@ void cipher_test_positive( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key, key_size ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_generate_iv( &operation, iv,
                                         iv_size, &iv_length) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
-                                     iv_length) == PSA_SUCCESS );
+	output_size = input_size;
+	output = mbedtls_calloc(0, output_size);
 
     TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
                                     output, output_size, 
                                     &output_length) == PSA_SUCCESS );
-    
-    TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
-                                    output_size - output_length,
+	TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
+                                    output_size,
                                     &output_length) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
@@ -599,10 +599,10 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg,
     size_t iv_length = 0;
     unsigned char *input = NULL;
     size_t input_size = 0;
-    unsigned char *output1 = NULL;
+    unsigned char *output1;
     size_t output1_size = 0;
     size_t output1_length = 0;
-    unsigned char *output2 = NULL;
+    unsigned char *output2;
     size_t output2_size = 0;
     size_t output2_length = 0;
     size_t tmp_output_length = 0;
@@ -620,39 +620,37 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key, key_size ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_decrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS );
+	TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS );
+	TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv,
                                         iv_size, &iv_length) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_encrypt_set_iv( &operation1, iv,
-                                     iv_length) == PSA_SUCCESS );
-
+	output1_size = input_size;
+	output1 = mbedtls_calloc(0, output1_size);
     TEST_ASSERT( psa_cipher_update( &operation1, input, input_size,
                                     output1, output1_size, 
                                     &output1_length) == PSA_SUCCESS );
-    
-    TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length,
+	TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length,
                                     output1_size - output1_length,
                                     &tmp_output_length) == PSA_SUCCESS );
-
+									
     output1_length += tmp_output_length;
 
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS );
+	output2_size = output1_length;
+	output2 = mbedtls_calloc(0, output2_size);
 
-    TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv,
+	TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv,
                                      iv_length) == PSA_SUCCESS );
-
     TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length, 
                                     output2, output2_size, &output2_length) == PSA_SUCCESS );
     tmp_output_length = 0;
-    TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length,
+	TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length,
                                     output2_size - output2_length,
                                     &tmp_output_length) == PSA_SUCCESS );  
-
-    output2_length += tmp_output_length;
+    
+	output2_length += tmp_output_length;
     
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 

From e1210dcac39c6258b9d6f4435b81fe5be6c1b3c6 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Sun, 25 Mar 2018 15:44:12 +0300
Subject: [PATCH 098/889] remove unused parameter in psa_cipher_finish.

---
 include/psa/crypto.h                        | 1 -
 library/psa_crypto.c                        | 1 -
 tests/suites/test_suite_psa_crypto.function | 3 ---
 3 files changed, 5 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 089484f19..b1c1abb06 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1064,7 +1064,6 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
 
 psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
                                uint8_t *output,
-                               size_t output_size,
                                size_t *output_length);
 
 psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 96eea5b9f..0d309c00b 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1471,7 +1471,6 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
 
 psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
                                uint8_t *output,
-                               size_t output_size,
                                size_t *output_length)
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 5b4702bef..e3294a79b 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -571,7 +571,6 @@ void cipher_test_positive( int alg_arg, int key_type_arg,
                                     output, output_size, 
                                     &output_length) == PSA_SUCCESS );
 	TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
-                                    output_size,
                                     &output_length) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
@@ -631,7 +630,6 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg,
                                     output1, output1_size, 
                                     &output1_length) == PSA_SUCCESS );
 	TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length,
-                                    output1_size - output1_length,
                                     &tmp_output_length) == PSA_SUCCESS );
 									
     output1_length += tmp_output_length;
@@ -647,7 +645,6 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg,
                                     output2, output2_size, &output2_length) == PSA_SUCCESS );
     tmp_output_length = 0;
 	TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length,
-                                    output2_size - output2_length,
                                     &tmp_output_length) == PSA_SUCCESS );  
     
 	output2_length += tmp_output_length;

From 41deec44947a9303fd6fee5e9e9ad3d9f470d167 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Wed, 4 Apr 2018 15:43:05 +0300
Subject: [PATCH 099/889] partly pr fix

---
 library/psa_crypto.c | 116 ++++++++++++++++++++-----------------------
 1 file changed, 55 insertions(+), 61 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 0d309c00b..0761978f7 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -286,41 +286,6 @@ static psa_status_t mbedtls_to_psa_error( int ret )
     }
 }
 
-static void psa_operation_init(void *operation,
-                                psa_algorithm_t alg)
-{
-    if( PSA_ALG_IS_MAC(alg) )
-    {
-        if ( ((psa_mac_operation_t*)operation)->alg != 0 ) //restart
-        {
-            ((psa_mac_operation_t*)operation)->alg = 0;
-            ((psa_mac_operation_t*)operation)->iv_required = 0;
-        }
-        else
-        {
-            ((psa_mac_operation_t*)operation)->alg = alg;
-            ((psa_mac_operation_t*)operation)->iv_required = 1;
-        }
-
-        ((psa_mac_operation_t*)operation)->key_set = 0;
-        ((psa_mac_operation_t*)operation)->iv_set = 0;
-        ((psa_mac_operation_t*)operation)->has_input = 0;
-        ((psa_mac_operation_t*)operation)->mac_size = 0;
-    }
-    else if( PSA_ALG_IS_CIPHER(alg) )
-    {
-        if ( ((psa_cipher_operation_t*)operation)->alg != 0 ) //restart
-            ((psa_cipher_operation_t*)operation)->alg = 0;
-        else
-            ((psa_cipher_operation_t*)operation)->alg = alg;
-
-        ((psa_cipher_operation_t*)operation)->key_set = 0;
-        ((psa_cipher_operation_t*)operation)->iv_set = 0;
-        ((psa_cipher_operation_t*)operation)->iv_size = 0;
-        ((psa_cipher_operation_t*)operation)->block_size = 0;
-    }
-}
-
 /****************************************************************/
 /* Key management */
 /****************************************************************/
@@ -992,7 +957,13 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
 #endif /* MBEDTLS_MD_C */
                 return( PSA_ERROR_NOT_SUPPORTED );
     }
-    psa_operation_init(operation, 0);
+
+    operation->alg = 0;
+    operation->key_set = 0;	
+    operation->iv_set = 0;	
+    operation->iv_required = 0;	
+    operation->has_input = 0;
+
     return( PSA_SUCCESS );
 }
 
@@ -1007,7 +978,11 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
     size_t key_bits;
     const mbedtls_cipher_info_t *cipher_info = NULL;
 
-    psa_operation_init(operation, alg);
+    operation->alg = 0;
+    operation->key_set = 0;	
+    operation->iv_set = 0;	
+    operation->iv_required = 1;	
+    operation->has_input = 0;
 
     status = psa_get_key_information( key, &key_type, &key_bits );
     if( status != PSA_SUCCESS )
@@ -1333,7 +1308,11 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
     psa_algorithm_t padding_mode = PSA_ALG_BLOCK_CIPHER_PAD_NONE;
     mbedtls_cipher_padding_t mode = MBEDTLS_PADDING_NONE;
 
-    psa_operation_init(operation, alg);
+    operation->alg = alg;
+    operation->key_set = 0;	
+    operation->iv_set = 0;	
+    operation->iv_size = 0;	
+    operation->block_size = 0;
 
     status = psa_get_key_information( key, &key_type, &key_bits );
     if( status != PSA_SUCCESS )
@@ -1348,7 +1327,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
 
     mbedtls_cipher_init( &operation->ctx.cipher );
     ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info );
-    if (ret != 0)
+    if( ret != 0 )
     {
         psa_cipher_abort( operation );
         return( mbedtls_to_psa_error( ret ) );
@@ -1356,14 +1335,14 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
 
     ret = mbedtls_cipher_setkey( &operation->ctx.cipher, slot->data.raw.data,
                    key_bits, cipher_operation );
-    if (ret != 0)
+    if( ret != 0 )
     {
         psa_cipher_abort( operation );
         return( mbedtls_to_psa_error( ret ) );
     }
 
 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
-    if (( alg & PSA_ALG_CBC_BASE) == PSA_ALG_CBC_BASE)
+    if( ( alg & PSA_ALG_CBC_BASE) == PSA_ALG_CBC_BASE )
     {
         padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
 
@@ -1376,10 +1355,10 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
                 mode = MBEDTLS_PADDING_NONE;
                 break;
             default:
-                return ( PSA_ERROR_INVALID_PADDING );
+                return ( PSA_ERROR_INVALID_ARGUMENT );
         }
         ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, mode );
-        if (ret != 0)
+        if( ret != 0 )
             return( mbedtls_to_psa_error( ret ) );
     }
 #endif //MBEDTLS_CIPHER_MODE_WITH_PADDING
@@ -1387,9 +1366,9 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
     operation->key_set = 1;
     operation->alg = alg;
     operation->block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type);
-    if ( PSA_ALG_IS_BLOCK_CIPHER(alg) )
+    if( PSA_ALG_IS_BLOCK_CIPHER( alg ) || ( alg == PSA_ALG_CTR ) )
     {
-        operation->iv_size = operation->block_size;
+        operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type);
     }
 
     return ( PSA_SUCCESS );
@@ -1414,28 +1393,39 @@ psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation,
                                      size_t iv_size,
                                      size_t *iv_length)
 {
-    int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
-    if (iv_size < operation->iv_size)
-        return ( PSA_ERROR_BUFFER_TOO_SMALL );
-    
-    ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, iv, operation->iv_size);
-    if (ret != 0)
+    int ret = PSA_SUCCESS;
+    if( operation->iv_set )
+        return( PSA_ERROR_BAD_STATE );
+    if( iv_size < operation->iv_size )
     {
-        return( mbedtls_to_psa_error( ret ) );       
+        ret = PSA_ERROR_BUFFER_TOO_SMALL;
+        goto exit;
+    }
+    ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, iv, operation->iv_size);
+    if( ret != 0 )
+    {
+        ret = mbedtls_to_psa_error( ret );
+        goto exit;       
     }
     
     *iv_length = operation->iv_size;
-    return psa_encrypt_set_iv( operation, iv, *iv_length);
+    ret = psa_encrypt_set_iv( operation, iv, *iv_length);
+
+    exit:
+        if( ret != PSA_SUCCESS)
+        psa_cipher_abort( operation );
+        return( ret );
 }
 
 psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation,
                                 const unsigned char *iv,
                                 size_t iv_length)
 {
-    int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
-
+    int ret = PSA_SUCCESS;
+    if( operation->iv_set )
+        return( PSA_ERROR_BAD_STATE );
     ret =  mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length );
-    if (ret != 0)
+    if( ret != 0 )
     {
         psa_cipher_abort( operation );
         return( mbedtls_to_psa_error( ret ) );
@@ -1455,12 +1445,12 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
 
-    if ( output_size < input_length )
+    if( output_size < input_length )
         return ( PSA_ERROR_BUFFER_TOO_SMALL );
 
     ret = mbedtls_cipher_update( &operation->ctx.cipher, input,
                    input_length, output, output_length );
-    if (ret != 0)
+    if( ret != 0 )
     {
         psa_cipher_abort( operation );
         return( mbedtls_to_psa_error( ret ) );
@@ -1482,7 +1472,7 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
 
     ret = mbedtls_cipher_finish( &operation->ctx.cipher, output,
                                 output_length );
-    if (ret != 0)
+    if( ret != 0 )
     {
         psa_cipher_abort( operation );
         return( mbedtls_to_psa_error( ret ) );
@@ -1495,8 +1485,12 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
 {   
     mbedtls_cipher_free( &operation->ctx.cipher );
     
-    psa_operation_init(operation, 0);
-    
+    operation->alg = 0;
+    operation->key_set = 0;	
+    operation->iv_set = 0;	
+    operation->iv_size = 0;	
+    operation->block_size = 0;
+
     return ( PSA_SUCCESS );
 }
 

From 89e0f468bfec34330f9ac29fe1066b902e9a6656 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Thu, 12 Apr 2018 08:48:45 +0300
Subject: [PATCH 100/889] style

---
 library/psa_crypto.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 0761978f7..96d2c0f69 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1368,7 +1368,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
     operation->block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type);
     if( PSA_ALG_IS_BLOCK_CIPHER( alg ) || ( alg == PSA_ALG_CTR ) )
     {
-        operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type);
+        operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     }
 
     return ( PSA_SUCCESS );
@@ -1401,7 +1401,7 @@ psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation,
         ret = PSA_ERROR_BUFFER_TOO_SMALL;
         goto exit;
     }
-    ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, iv, operation->iv_size);
+    ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, iv, operation->iv_size );
     if( ret != 0 )
     {
         ret = mbedtls_to_psa_error( ret );
@@ -1409,10 +1409,10 @@ psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation,
     }
     
     *iv_length = operation->iv_size;
-    ret = psa_encrypt_set_iv( operation, iv, *iv_length);
+    ret = psa_encrypt_set_iv( operation, iv, *iv_length );
 
     exit:
-        if( ret != PSA_SUCCESS)
+        if( ret != PSA_SUCCESS )
         psa_cipher_abort( operation );
         return( ret );
 }

From b152d4d8b6116746584a2011333295d855635bcc Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 11 Apr 2018 23:51:20 -0700
Subject: [PATCH 101/889] add test scenarios to decrypt and encrypt input and
 compare with given output

---
 library/psa_crypto.c                        |  2 +-
 tests/suites/test_suite_psa_crypto.data     |  6 +-
 tests/suites/test_suite_psa_crypto.function | 82 +++++++++++++++++++--
 3 files changed, 82 insertions(+), 8 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 96d2c0f69..9ad44e7f3 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1365,7 +1365,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
 
     operation->key_set = 1;
     operation->alg = alg;
-    operation->block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type);
+    operation->block_size = PSA_ALG_IS_BLOCK_CIPHER( alg ) ? PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) : 1;
     if( PSA_ALG_IS_BLOCK_CIPHER( alg ) || ( alg == PSA_ALG_CTR ) )
     {
         operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index d8cab1fd4..3bf93b842 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -107,7 +107,11 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
 
 PSA Symmetric encryption: AES-128
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_positive:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+cipher_test_encrypt:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b"
+
+PSA Symmetric encryption: AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_decrypt:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955"
 
 PSA Symmetric encryption/decryption: AES-128
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index e3294a79b..eb217f9f9 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -538,11 +538,10 @@ void cipher_test_positive( int alg_arg, int key_type_arg,
     unsigned char *key = NULL;
     size_t key_size;
     unsigned char iv[16] = {0};
-    size_t iv_size = 16;
-    size_t iv_length = 0;
     unsigned char *input = NULL;
     size_t input_size = 0;
-    unsigned char *output ;
+    unsigned char *output;
+    unsigned char *expected_output;
     size_t output_size = 0;
     size_t output_length = 0;
     psa_cipher_operation_t operation;
@@ -553,6 +552,11 @@ void cipher_test_positive( int alg_arg, int key_type_arg,
 
     input = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input != NULL );
+
+    expected_output = unhexify_alloc( output_hex, &output_size );
+    TEST_ASSERT( expected_output != NULL );
+
+    memset( iv, 0x2a, sizeof( iv ) );
  
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -561,10 +565,9 @@ void cipher_test_positive( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_generate_iv( &operation, iv,
-                                        iv_size, &iv_length) == PSA_SUCCESS );
+    TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
+                                        sizeof( iv ) ) == PSA_SUCCESS );
 
-	output_size = input_size;
 	output = mbedtls_calloc(0, output_size);
 
     TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
@@ -575,6 +578,9 @@ void cipher_test_positive( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
+    TEST_ASSERT( input_size == output_size );
+    TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 );
+
 exit:
     mbedtls_free( key );
     mbedtls_free( input );
@@ -583,6 +589,70 @@ exit:
 }
 /* END_CASE */
 
+
+/* BEGIN_CASE */
+void cipher_test_decrypt( int alg_arg, int key_type_arg, 
+                           char *key_hex,
+                           char *input_hex, char *output_hex )
+{
+    int key_slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key = NULL;
+    size_t key_size;
+    unsigned char iv[16] = {0};
+    unsigned char *input = NULL;
+    size_t input_size = 0;
+    unsigned char *output;
+    unsigned char *expected_output;
+    size_t output_size = 0;
+    size_t output_length = 0;
+    psa_cipher_operation_t operation;
+
+
+    key = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key != NULL );
+
+    input = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input != NULL );
+
+    expected_output = unhexify_alloc( output_hex, &output_size );
+    TEST_ASSERT( expected_output != NULL );
+
+    memset( iv, 0x2a, sizeof( iv ) );
+ 
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
+                                        sizeof( iv ) ) == PSA_SUCCESS );
+
+	output = mbedtls_calloc(0, output_size);
+
+    TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
+                                    output, output_size, 
+                                    &output_length) == PSA_SUCCESS );
+	TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
+                                    &output_length) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
+
+    TEST_ASSERT( input_size == output_size );
+    TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 );
+
+exit:
+    mbedtls_free( key );
+    mbedtls_free( input );
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+
 /* BEGIN_CASE */
 void cipher_test_verify_output( int alg_arg, int key_type_arg, 
                            char *key_hex,

From 4c80d8331a1cabbad3f61f7d1b16eadbadd3ad2c Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Sun, 22 Apr 2018 20:15:31 +0300
Subject: [PATCH 102/889] adjust indentation per Mbed TLS standards

---
 library/psa_crypto.c | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 9ad44e7f3..bb74c2660 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -959,9 +959,9 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
     }
 
     operation->alg = 0;
-    operation->key_set = 0;	
-    operation->iv_set = 0;	
-    operation->iv_required = 0;	
+    operation->key_set = 0;
+    operation->iv_set = 0;
+    operation->iv_required = 0;
     operation->has_input = 0;
 
     return( PSA_SUCCESS );
@@ -979,9 +979,9 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
     const mbedtls_cipher_info_t *cipher_info = NULL;
 
     operation->alg = 0;
-    operation->key_set = 0;	
-    operation->iv_set = 0;	
-    operation->iv_required = 1;	
+    operation->key_set = 0;
+    operation->iv_set = 0;
+    operation->iv_required = 1;
     operation->has_input = 0;
 
     status = psa_get_key_information( key, &key_type, &key_bits );
@@ -1358,7 +1358,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
                 return ( PSA_ERROR_INVALID_ARGUMENT );
         }
         ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, mode );
-        if( ret != 0 )
+        if (ret != 0)
             return( mbedtls_to_psa_error( ret ) );
     }
 #endif //MBEDTLS_CIPHER_MODE_WITH_PADDING
@@ -1413,7 +1413,7 @@ psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation,
 
     exit:
         if( ret != PSA_SUCCESS )
-        psa_cipher_abort( operation );
+            psa_cipher_abort( operation );
         return( ret );
 }
 
@@ -1478,7 +1478,7 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
         return( mbedtls_to_psa_error( ret ) );
     }
 
-    return ( PSA_SUCCESS );
+    return( PSA_SUCCESS );
 }
 
 psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)

From 0071b873a3609885597e20be5ec6f428ceb22b95 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Sun, 22 Apr 2018 20:16:58 +0300
Subject: [PATCH 103/889] add missing parameter output_size on
 psa_cipher_finish

---
 include/psa/crypto.h                        | 1 +
 library/psa_crypto.c                        | 1 +
 tests/suites/test_suite_psa_crypto.function | 8 ++++----
 3 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index b1c1abb06..089484f19 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1064,6 +1064,7 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
 
 psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
                                uint8_t *output,
+                               size_t output_size,
                                size_t *output_length);
 
 psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index bb74c2660..fbc5949dd 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1461,6 +1461,7 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
 
 psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
                                uint8_t *output,
+                               size_t output_size,
                                size_t *output_length)
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index eb217f9f9..bc46ad215 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -574,7 +574,7 @@ void cipher_test_positive( int alg_arg, int key_type_arg,
                                     output, output_size, 
                                     &output_length) == PSA_SUCCESS );
 	TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
-                                    &output_length) == PSA_SUCCESS );
+                                    output_size, &output_length) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
@@ -637,7 +637,7 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg,
                                     output, output_size, 
                                     &output_length) == PSA_SUCCESS );
 	TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
-                                    &output_length) == PSA_SUCCESS );
+                                    output_size, &output_length) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
@@ -700,7 +700,7 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg,
                                     output1, output1_size, 
                                     &output1_length) == PSA_SUCCESS );
 	TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length,
-                                    &tmp_output_length) == PSA_SUCCESS );
+                                    output1_size, &tmp_output_length) == PSA_SUCCESS );
 									
     output1_length += tmp_output_length;
 
@@ -715,7 +715,7 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg,
                                     output2, output2_size, &output2_length) == PSA_SUCCESS );
     tmp_output_length = 0;
 	TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length,
-                                    &tmp_output_length) == PSA_SUCCESS );  
+                                    output2_size, &tmp_output_length) == PSA_SUCCESS );  
     
 	output2_length += tmp_output_length;
     

From bed71a2b17b5c7c046c5f4c0c3ae2176aaae200a Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Sun, 22 Apr 2018 20:19:20 +0300
Subject: [PATCH 104/889] fix missing check on output_size in psa_cipher_finish
 func

---
 include/psa/crypto.h |  4 ++++
 library/psa_crypto.c | 22 ++++++++++++++++++++--
 2 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 089484f19..31079525b 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -321,6 +321,10 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_CTR                             ((psa_algorithm_t)0x04800001)
 #define PSA_ALG_ARC4                            ((psa_algorithm_t)0x04800002)
 
+#define PSA_ALG_IS_STREAM_CIPHER(alg)            \
+    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_SUBCATEGORY_MASK)) == \
+        PSA_ALG_STREAM_CIPHER)
+
 #define PSA_ALG_CCM                             ((psa_algorithm_t)0x06000001)
 #define PSA_ALG_GCM                             ((psa_algorithm_t)0x06000002)
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index fbc5949dd..267262721 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1466,13 +1466,31 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
     
+    uint8_t temp_output_buffer[ MBEDTLS_MAX_BLOCK_LENGTH ];
+
     if( ! operation->key_set )
         return( PSA_ERROR_BAD_STATE );
     if( ! operation->iv_set )
         return( PSA_ERROR_BAD_STATE );
+    if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT )
+    {
+        if (operation->ctx.cipher.unprocessed_len > operation->block_size)
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        if ( ( ( ( operation->alg ) & PSA_ALG_BLOCK_CIPHER_PAD_NONE ) == PSA_ALG_BLOCK_CIPHER_PAD_NONE )
+            && ( operation->ctx.cipher.unprocessed_len != 0 ) )
+            return(PSA_ERROR_INVALID_ARGUMENT);
+        if ( ( ( ( operation->alg ) & PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ) == PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 )
+            && ( output_size != operation->block_size ) )
+            return(PSA_ERROR_INVALID_ARGUMENT);
+    }
+    if ( operation->ctx.cipher.operation == MBEDTLS_DECRYPT )
+        if (operation->ctx.cipher.unprocessed_len != 0)
+            return( PSA_ERROR_INVALID_ARGUMENT );
 
-    ret = mbedtls_cipher_finish( &operation->ctx.cipher, output,
-                                output_length );
+    ret = mbedtls_cipher_finish(&operation->ctx.cipher, temp_output_buffer,
+                                output_length);
+    if ( output_size > *output_length )
+        memcpy( temp_output_buffer, output, *output_length );
     if( ret != 0 )
     {
         psa_cipher_abort( operation );

From 406008ab4c4a90e133b258ef0234997517876ed6 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Sun, 22 Apr 2018 20:20:29 +0300
Subject: [PATCH 105/889] add missing check on output_size in psa_cipher_update
 func

---
 library/psa_crypto.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 267262721..0e2d6dafa 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1445,7 +1445,8 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
 
-    if( output_size < input_length )
+    if( ( ( PSA_ALG_IS_STREAM_CIPHER( operation->alg ) ) && ( output_size < input_length ) )
+        || ( ( PSA_ALG_IS_BLOCK_CIPHER(operation->alg)) && ( output_size < ((operation->ctx.cipher.unprocessed_len + input_length)/16)*16 ) ) )
         return ( PSA_ERROR_BUFFER_TOO_SMALL );
 
     ret = mbedtls_cipher_update( &operation->ctx.cipher, input,

From 71f19ae6f8370f7f261f2c6979d0328a63deec27 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Sun, 22 Apr 2018 20:23:16 +0300
Subject: [PATCH 106/889] add missing call to psa_cipher_abort in cipher_setup
 func + iv_length check in cipher_set_iv func

---
 library/psa_crypto.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 0e2d6dafa..b29b763f6 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1359,7 +1359,10 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
         }
         ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, mode );
         if (ret != 0)
+        {
+            psa_cipher_abort( operation );
             return( mbedtls_to_psa_error( ret ) );
+        }
     }
 #endif //MBEDTLS_CIPHER_MODE_WITH_PADDING
 
@@ -1424,6 +1427,13 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation,
     int ret = PSA_SUCCESS;
     if( operation->iv_set )
         return( PSA_ERROR_BAD_STATE );
+    if (iv_length != operation->iv_size)
+    {
+        if (((operation->alg) & PSA_ALG_ARC4) == PSA_ALG_ARC4)
+            return(PSA_ERROR_BAD_STATE);
+        else
+            return (PSA_ERROR_INVALID_ARGUMENT);
+    }
     ret =  mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length );
     if( ret != 0 )
     {
@@ -1466,7 +1476,6 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
                                size_t *output_length)
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
-    
     uint8_t temp_output_buffer[ MBEDTLS_MAX_BLOCK_LENGTH ];
 
     if( ! operation->key_set )

From ad9d82cc0e675ae2daec00d31d19b123998f2a23 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Mon, 30 Apr 2018 12:31:04 +0300
Subject: [PATCH 107/889] add iv_required field to psa_cipher_operation_s and
 fix relevant functions

---
 include/psa/crypto_struct.h |  1 +
 library/psa_crypto.c        | 21 ++++++++++++---------
 2 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 2975bdcb0..639c15e76 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -101,6 +101,7 @@ struct psa_cipher_operation_s
 {
     psa_algorithm_t alg;
     int key_set : 1;
+    int iv_required : 1;
     int iv_set : 1;
     uint8_t iv_size;
     uint8_t block_size;
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index b29b763f6..c5a845664 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1309,9 +1309,10 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
     mbedtls_cipher_padding_t mode = MBEDTLS_PADDING_NONE;
 
     operation->alg = alg;
-    operation->key_set = 0;	
-    operation->iv_set = 0;	
-    operation->iv_size = 0;	
+    operation->key_set = 0;
+    operation->iv_set = 0;
+    operation->iv_required = 1;
+    operation->iv_size = 0;
     operation->block_size = 0;
 
     status = psa_get_key_information( key, &key_type, &key_bits );
@@ -1397,7 +1398,7 @@ psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation,
                                      size_t *iv_length)
 {
     int ret = PSA_SUCCESS;
-    if( operation->iv_set )
+    if( operation->iv_set || !( operation->iv_required ) )
         return( PSA_ERROR_BAD_STATE );
     if( iv_size < operation->iv_size )
     {
@@ -1425,7 +1426,7 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation,
                                 size_t iv_length)
 {
     int ret = PSA_SUCCESS;
-    if( operation->iv_set )
+    if( operation->iv_set || !( operation->iv_required ) )
         return( PSA_ERROR_BAD_STATE );
     if (iv_length != operation->iv_size)
     {
@@ -1442,6 +1443,7 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation,
     }
 
     operation->iv_set = 1;
+    operation->iv_required = 0;
 
     return ( PSA_SUCCESS );
 }
@@ -1480,7 +1482,7 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
 
     if( ! operation->key_set )
         return( PSA_ERROR_BAD_STATE );
-    if( ! operation->iv_set )
+    if ( operation->iv_required && ! operation->iv_set )
         return( PSA_ERROR_BAD_STATE );
     if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT )
     {
@@ -1515,10 +1517,11 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
     mbedtls_cipher_free( &operation->ctx.cipher );
     
     operation->alg = 0;
-    operation->key_set = 0;	
-    operation->iv_set = 0;	
-    operation->iv_size = 0;	
+    operation->key_set = 0;
+    operation->iv_set = 0;
+    operation->iv_size = 0;
     operation->block_size = 0;
+    operation->iv_required = 0;
 
     return ( PSA_SUCCESS );
 }

From dc38ebc068f0fe023a881785a63a6d465cc21003 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Mon, 30 Apr 2018 15:45:34 +0300
Subject: [PATCH 108/889] delete decrypt checks + fix memcpy& return value

---
 library/psa_crypto.c | 39 +++++++++++++++++++++------------------
 1 file changed, 21 insertions(+), 18 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c5a845664..ee45a150f 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1484,30 +1484,33 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
         return( PSA_ERROR_BAD_STATE );
     if ( operation->iv_required && ! operation->iv_set )
         return( PSA_ERROR_BAD_STATE );
-    if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT )
-    {
-        if (operation->ctx.cipher.unprocessed_len > operation->block_size)
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        if ( ( ( ( operation->alg ) & PSA_ALG_BLOCK_CIPHER_PAD_NONE ) == PSA_ALG_BLOCK_CIPHER_PAD_NONE )
-            && ( operation->ctx.cipher.unprocessed_len != 0 ) )
-            return(PSA_ERROR_INVALID_ARGUMENT);
-        if ( ( ( ( operation->alg ) & PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ) == PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 )
-            && ( output_size != operation->block_size ) )
-            return(PSA_ERROR_INVALID_ARGUMENT);
-    }
-    if ( operation->ctx.cipher.operation == MBEDTLS_DECRYPT )
-        if (operation->ctx.cipher.unprocessed_len != 0)
-            return( PSA_ERROR_INVALID_ARGUMENT );
 
-    ret = mbedtls_cipher_finish(&operation->ctx.cipher, temp_output_buffer,
-                                output_length);
-    if ( output_size > *output_length )
-        memcpy( temp_output_buffer, output, *output_length );
+    if ( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT )
+    {
+        if( operation->ctx.cipher.unprocessed_len > operation->block_size )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        if( ( ( ( operation->alg ) & PSA_ALG_BLOCK_CIPHER_PAD_NONE ) == PSA_ALG_BLOCK_CIPHER_PAD_NONE )
+            && ( operation->ctx.cipher.unprocessed_len != 0 ) )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        if( ( ( ( operation->alg) & PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ) == PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 )
+            && ( output_size != operation->block_size ) )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+    }
+
+    ret = mbedtls_cipher_finish( &operation->ctx.cipher, temp_output_buffer,
+        output_length );
     if( ret != 0 )
     {
         psa_cipher_abort( operation );
         return( mbedtls_to_psa_error( ret ) );
     }
+    if(output_size >= *output_length)
+        memcpy( output, temp_output_buffer, *output_length );
+    else
+    {
+        psa_cipher_abort( operation );
+        return( PSA_ERROR_BUFFER_TOO_SMALL );
+    }
 
     return( PSA_SUCCESS );
 }

From 2cab25aacf6eff41cd171dcaf57719bd24983fef Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Wed, 2 May 2018 16:43:13 +0300
Subject: [PATCH 109/889] fix conditions in psa_cipher_finish function

---
 library/psa_crypto.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ee45a150f..3cf63a9b3 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1489,11 +1489,11 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
     {
         if( operation->ctx.cipher.unprocessed_len > operation->block_size )
             return( PSA_ERROR_INVALID_ARGUMENT );
-        if( ( ( ( operation->alg ) & PSA_ALG_BLOCK_CIPHER_PAD_NONE ) == PSA_ALG_BLOCK_CIPHER_PAD_NONE )
+        if( ( ( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) == PSA_ALG_BLOCK_CIPHER_PAD_NONE )
             && ( operation->ctx.cipher.unprocessed_len != 0 ) )
             return( PSA_ERROR_INVALID_ARGUMENT );
-        if( ( ( ( operation->alg) & PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ) == PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 )
-            && ( output_size != operation->block_size ) )
+        if( ( ( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) == PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 )
+            && ( *output_length != operation->block_size ) )
             return( PSA_ERROR_INVALID_ARGUMENT );
     }
 

From a28258c594ec7752004ede906527f8aec41a8dc1 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Tue, 29 May 2018 16:25:04 +0300
Subject: [PATCH 110/889] adjust indentation per Mbed TLS standards

---
 library/psa_crypto.c | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 3cf63a9b3..4f02bb2bc 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -989,10 +989,10 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
         return( status );
     slot = &global_data.key_slots[key];
 
-    if ( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 )
+    \ ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 )
         operation->key_usage_sign = 1;
 
-    if ( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 )
+    if( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 )
         operation->key_usage_verify = 1;
 
     if( ! PSA_ALG_IS_HMAC( alg ) )
@@ -1347,7 +1347,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
     {
         padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
 
-        switch (padding_mode)
+        switch ( padding_mode )
         {
             case PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:
                 mode = MBEDTLS_PADDING_PKCS7;
@@ -1359,7 +1359,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
                 return ( PSA_ERROR_INVALID_ARGUMENT );
         }
         ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, mode );
-        if (ret != 0)
+        if( ret != 0 )
         {
             psa_cipher_abort( operation );
             return( mbedtls_to_psa_error( ret ) );
@@ -1382,14 +1382,14 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation,
                                psa_key_slot_t key,
                                psa_algorithm_t alg)
 {
-    return psa_cipher_setup(operation, key, alg, MBEDTLS_ENCRYPT);
+    return psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT );
 }
 
 psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation,
                                psa_key_slot_t key,
                                psa_algorithm_t alg)
 {
-    return psa_cipher_setup(operation, key, alg, MBEDTLS_DECRYPT);
+    return psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT );
 }
 
 psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation,
@@ -1428,12 +1428,12 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation,
     int ret = PSA_SUCCESS;
     if( operation->iv_set || !( operation->iv_required ) )
         return( PSA_ERROR_BAD_STATE );
-    if (iv_length != operation->iv_size)
+    if( iv_length != operation->iv_size )
     {
-        if (((operation->alg) & PSA_ALG_ARC4) == PSA_ALG_ARC4)
-            return(PSA_ERROR_BAD_STATE);
+        if( ( ( operation->alg ) & PSA_ALG_ARC4 ) == PSA_ALG_ARC4 )
+            return( PSA_ERROR_BAD_STATE );
         else
-            return (PSA_ERROR_INVALID_ARGUMENT);
+            return( PSA_ERROR_INVALID_ARGUMENT );
     }
     ret =  mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length );
     if( ret != 0 )
@@ -1482,10 +1482,10 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
 
     if( ! operation->key_set )
         return( PSA_ERROR_BAD_STATE );
-    if ( operation->iv_required && ! operation->iv_set )
+    if( operation->iv_required && ! operation->iv_set )
         return( PSA_ERROR_BAD_STATE );
 
-    if ( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT )
+    if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT )
     {
         if( operation->ctx.cipher.unprocessed_len > operation->block_size )
             return( PSA_ERROR_INVALID_ARGUMENT );
@@ -1632,7 +1632,7 @@ psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
     if( slot->type != PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_OCCUPIED_SLOT );
 
-    if ( lifetime != PSA_KEY_LIFETIME_VOLATILE )
+    if( lifetime != PSA_KEY_LIFETIME_VOLATILE )
         return( PSA_ERROR_NOT_SUPPORTED );
         
     slot->lifetime = lifetime;

From f55e804e0765249061977d2e3d165175c73560ae Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Tue, 29 May 2018 16:28:28 +0300
Subject: [PATCH 111/889] adjust indentation per Mbed TLS standards

---
 tests/suites/test_suite_psa_crypto.function | 36 ++++++++++-----------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index bc46ad215..081b8d571 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -568,12 +568,12 @@ void cipher_test_positive( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
                                         sizeof( iv ) ) == PSA_SUCCESS );
 
-	output = mbedtls_calloc(0, output_size);
+    output = mbedtls_calloc(0, output_size);
 
     TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
                                     output, output_size, 
                                     &output_length) == PSA_SUCCESS );
-	TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
+    TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
                                     output_size, &output_length) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
@@ -631,12 +631,12 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
                                         sizeof( iv ) ) == PSA_SUCCESS );
 
-	output = mbedtls_calloc(0, output_size);
+    output = mbedtls_calloc(0, output_size);
 
     TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
                                     output, output_size, 
                                     &output_length) == PSA_SUCCESS );
-	TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
+    TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
                                     output_size, &output_length) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
@@ -689,35 +689,35 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key, key_size ) == PSA_SUCCESS );
 
-	TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS );
-	TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv,
                                         iv_size, &iv_length) == PSA_SUCCESS );
-	output1_size = input_size;
-	output1 = mbedtls_calloc(0, output1_size);
+    output1_size = input_size;
+    output1 = mbedtls_calloc(0, output1_size);
     TEST_ASSERT( psa_cipher_update( &operation1, input, input_size,
                                     output1, output1_size, 
                                     &output1_length) == PSA_SUCCESS );
-	TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length,
-                                    output1_size, &tmp_output_length) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length,
+			            output1_size, &tmp_output_length) == PSA_SUCCESS );
 									
     output1_length += tmp_output_length;
 
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 
-	output2_size = output1_length;
-	output2 = mbedtls_calloc(0, output2_size);
+    output2_size = output1_length;
+    output2 = mbedtls_calloc(0, output2_size);
 
-	TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv,
-                                     iv_length) == PSA_SUCCESS );
+    TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv,
+			             iv_length) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length, 
                                     output2, output2_size, &output2_length) == PSA_SUCCESS );
     tmp_output_length = 0;
-	TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length,
-                                    output2_size, &tmp_output_length) == PSA_SUCCESS );  
-    
-	output2_length += tmp_output_length;
+    TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length,
+			            output2_size, &tmp_output_length) == PSA_SUCCESS );  
+
+    output2_length += tmp_output_length;
     
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 

From 96cc00a8577e582e2a59bfc7412e73e0695ddf05 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Thu, 31 May 2018 14:03:56 +0300
Subject: [PATCH 112/889] add missing tests function

---
 tests/suites/test_suite_psa_crypto.function | 61 +++++++++++++++++++++
 1 file changed, 61 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 081b8d571..6a7a2d12a 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -589,6 +589,67 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void cipher_test_encrypt( int alg_arg, int key_type_arg, 
+                           char *key_hex,
+                           char *input_hex, char *output_hex )
+{
+    int key_slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key = NULL;
+    size_t key_size;
+    unsigned char iv[16] = {0};
+    unsigned char *input = NULL;
+    size_t input_size = 0;
+    unsigned char *output;
+    unsigned char *expected_output;
+    size_t output_size = 0;
+    size_t output_length = 0;
+    psa_cipher_operation_t operation;
+
+
+    key = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key != NULL );
+
+    input = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input != NULL );
+
+    expected_output = unhexify_alloc( output_hex, &output_size );
+    TEST_ASSERT( expected_output != NULL );
+
+    memset( iv, 0x2a, sizeof( iv ) );
+ 
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
+                                        sizeof( iv ) ) == PSA_SUCCESS );
+
+    output = mbedtls_calloc(0, output_size);
+
+    TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
+                                    output, output_size, 
+                                    &output_length) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
+                                    output_size, &output_length) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
+
+    TEST_ASSERT( input_size == output_size );
+    TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 );
+
+exit:
+    mbedtls_free( key );
+    mbedtls_free( input );
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
 
 /* BEGIN_CASE */
 void cipher_test_decrypt( int alg_arg, int key_type_arg, 

From 70531163a9a94d39f85e4b7118f60a391ca0c37f Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Thu, 31 May 2018 14:04:45 +0300
Subject: [PATCH 113/889] fix compilation error - missing if

---
 library/psa_crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 4f02bb2bc..56f3e1d4e 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -989,7 +989,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
         return( status );
     slot = &global_data.key_slots[key];
 
-    \ ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 )
+    if( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 )
         operation->key_usage_sign = 1;
 
     if( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 )

From ae382791fba342d5a630b727f7ad144f053ad03a Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Thu, 31 May 2018 14:06:17 +0300
Subject: [PATCH 114/889] add missing psa_cipher_abort( operation )

---
 library/psa_crypto.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 56f3e1d4e..a85b16845 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1356,7 +1356,8 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
                 mode = MBEDTLS_PADDING_NONE;
                 break;
             default:
-                return ( PSA_ERROR_INVALID_ARGUMENT );
+                psa_cipher_abort( operation );
+                return( PSA_ERROR_INVALID_ARGUMENT );
         }
         ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, mode );
         if( ret != 0 )
@@ -1430,10 +1431,8 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation,
         return( PSA_ERROR_BAD_STATE );
     if( iv_length != operation->iv_size )
     {
-        if( ( ( operation->alg ) & PSA_ALG_ARC4 ) == PSA_ALG_ARC4 )
-            return( PSA_ERROR_BAD_STATE );
-        else
-            return( PSA_ERROR_INVALID_ARGUMENT );
+        psa_cipher_abort( operation );
+        return( PSA_ERROR_INVALID_ARGUMENT );
     }
     ret =  mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length );
     if( ret != 0 )

From 395db875e6906ea6e064e742b448ab77e2c74343 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Thu, 31 May 2018 14:07:14 +0300
Subject: [PATCH 115/889] adjust indentation per Mbed TLS standards

---
 library/psa_crypto.c | 26 ++++++++++++++------------
 1 file changed, 14 insertions(+), 12 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index a85b16845..9f647af84 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1376,7 +1376,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
         operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     }
 
-    return ( PSA_SUCCESS );
+    return( PSA_SUCCESS );
 }
 
 psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation,
@@ -1416,10 +1416,10 @@ psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation,
     *iv_length = operation->iv_size;
     ret = psa_encrypt_set_iv( operation, iv, *iv_length );
 
-    exit:
-        if( ret != PSA_SUCCESS )
-            psa_cipher_abort( operation );
-        return( ret );
+exit:
+    if( ret != PSA_SUCCESS )
+        psa_cipher_abort( operation );
+    return( ret );
 }
 
 psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation,
@@ -1444,7 +1444,7 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation,
     operation->iv_set = 1;
     operation->iv_required = 0;
 
-    return ( PSA_SUCCESS );
+    return( PSA_SUCCESS );
 }
 
 psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
@@ -1455,10 +1455,12 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
                                size_t *output_length)
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
-
-    if( ( ( PSA_ALG_IS_STREAM_CIPHER( operation->alg ) ) && ( output_size < input_length ) )
-        || ( ( PSA_ALG_IS_BLOCK_CIPHER(operation->alg)) && ( output_size < ((operation->ctx.cipher.unprocessed_len + input_length)/16)*16 ) ) )
-        return ( PSA_ERROR_BUFFER_TOO_SMALL );
+    size_t expected_output_size = ( ( operation->ctx.cipher.unprocessed_len + input_length )/operation->block_size )*operation->block_size; 
+    if( ( ( PSA_ALG_IS_STREAM_CIPHER( operation->alg ) ) && 
+        ( output_size < input_length ) ) || 
+        ( ( PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) ) && 
+        ( output_size < expected_output_size ) ) )
+        return( PSA_ERROR_BUFFER_TOO_SMALL );
 
     ret = mbedtls_cipher_update( &operation->ctx.cipher, input,
                    input_length, output, output_length );
@@ -1468,7 +1470,7 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
         return( mbedtls_to_psa_error( ret ) );
     }
 
-    return ( PSA_SUCCESS );
+    return( PSA_SUCCESS );
 }
 
 psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
@@ -1525,7 +1527,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
     operation->block_size = 0;
     operation->iv_required = 0;
 
-    return ( PSA_SUCCESS );
+    return( PSA_SUCCESS );
 }
 
 

From 3520c2c4f713c972afb80fce92109c032f491d4b Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Thu, 31 May 2018 14:51:58 +0300
Subject: [PATCH 116/889] unset iv_required to 0 (psa_encrypt_set_iv)and
 block_size (psa_cipher_setup)

---
 library/psa_crypto.c | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 9f647af84..34b5e2530 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1324,8 +1324,6 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
     if( cipher_info == NULL )
         return( PSA_ERROR_NOT_SUPPORTED );
 
-    operation->block_size = cipher_info->block_size;
-
     mbedtls_cipher_init( &operation->ctx.cipher );
     ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info );
     if( ret != 0 )
@@ -1442,7 +1440,6 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation,
     }
 
     operation->iv_set = 1;
-    operation->iv_required = 0;
 
     return( PSA_SUCCESS );
 }

From 7691fb7b6bd176ff4b0f715bc574af06287b80f8 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Thu, 31 May 2018 16:15:31 +0300
Subject: [PATCH 117/889] add new test scenario (cipher_test_encrypt_multipart)

---
 tests/suites/test_suite_psa_crypto.data     | 12 ++++
 tests/suites/test_suite_psa_crypto.function | 67 +++++++++++++++++++++
 2 files changed, 79 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 3bf93b842..3d844d531 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -116,3 +116,15 @@ cipher_test_decrypt:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf715880
 PSA Symmetric encryption/decryption: AES-128
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_verify_output:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA Symmetric encryption multipart: AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b"
+
+PSA Symmetric encryption multipart: AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b"
+
+PSA Symmetric encryption multipart: AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b"
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 6a7a2d12a..e3007716f 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -651,6 +651,73 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, 
+                           char *key_hex,
+                           char *input_hex,
+                           int first_part_size, char *output_hex )
+{
+    int key_slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key = NULL;
+    size_t key_size;
+    unsigned char iv[16] = {0};
+    unsigned char *input = NULL;
+    size_t input_size = 0;
+    unsigned char *output;
+    unsigned char *expected_output;
+    size_t output_size = 0;
+    size_t output_length = 0;
+    psa_cipher_operation_t operation;
+
+
+    key = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key != NULL );
+
+    input = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input != NULL );
+
+    expected_output = unhexify_alloc( output_hex, &output_size );
+    TEST_ASSERT( expected_output != NULL );
+
+    memset( iv, 0x2a, sizeof( iv ) );
+ 
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
+                                        sizeof( iv ) ) == PSA_SUCCESS );
+
+    output = mbedtls_calloc(0, output_size);
+
+    TEST_ASSERT( (unsigned int)first_part_size < input_size );
+    TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
+                                    output, output_size, 
+                                    &output_length) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size, input_size - first_part_size,
+                                    output, output_size, 
+                                    &output_length) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
+                                    output_size, &output_length) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
+
+    TEST_ASSERT( input_size == output_size );
+    TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 );
+
+exit:
+    mbedtls_free( key );
+    mbedtls_free( input );
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void cipher_test_decrypt( int alg_arg, int key_type_arg, 
                            char *key_hex,

From d8100245d8c5b8a70092ca16f60e63437069441d Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 4 Jun 2018 16:18:38 +0200
Subject: [PATCH 118/889] Remove cipher_test_positive, duplicated as
 cipher_test_encrypt

cipher_test_positive was never compiled due to a syntax error in the
BEGIN_CASE magic comment. It has now been duplicated as
cipher_test_encrypt. Remove the copy that was never compiled.
---
 tests/suites/test_suite_psa_crypto.function | 62 ---------------------
 1 file changed, 62 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index e3007716f..4c62962d8 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -527,68 +527,6 @@ exit:
 }
 /* END_CASE */
 
-* BEGIN_CASE */
-void cipher_test_positive( int alg_arg, int key_type_arg, 
-                           char *key_hex,
-                           char *input_hex )
-{
-    int key_slot = 1;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    unsigned char *key = NULL;
-    size_t key_size;
-    unsigned char iv[16] = {0};
-    unsigned char *input = NULL;
-    size_t input_size = 0;
-    unsigned char *output;
-    unsigned char *expected_output;
-    size_t output_size = 0;
-    size_t output_length = 0;
-    psa_cipher_operation_t operation;
-
-
-    key = unhexify_alloc( key_hex, &key_size );
-    TEST_ASSERT( key != NULL );
-
-    input = unhexify_alloc( input_hex, &input_size );
-    TEST_ASSERT( input != NULL );
-
-    expected_output = unhexify_alloc( output_hex, &output_size );
-    TEST_ASSERT( expected_output != NULL );
-
-    memset( iv, 0x2a, sizeof( iv ) );
- 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, key_size ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
-                                        sizeof( iv ) ) == PSA_SUCCESS );
-
-    output = mbedtls_calloc(0, output_size);
-
-    TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
-                                    output, output_size, 
-                                    &output_length) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
-                                    output_size, &output_length) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
-
-    TEST_ASSERT( input_size == output_size );
-    TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 );
-
-exit:
-    mbedtls_free( key );
-    mbedtls_free( input );
-    psa_destroy_key( key_slot );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
 /* BEGIN_CASE */
 void cipher_test_encrypt( int alg_arg, int key_type_arg, 
                            char *key_hex,

From e553c65cc3da11fa3137b4b0cb4af4cd694325b4 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 4 Jun 2018 16:22:46 +0200
Subject: [PATCH 119/889] Fix indentation and horizontal whitespace

Only whitespace changes in this commit.
---
 library/psa_crypto.c | 78 ++++++++++++++++++++++----------------------
 1 file changed, 39 insertions(+), 39 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 34b5e2530..ddc007bc8 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1295,8 +1295,8 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
 /* Symmetric cryptography */
 /****************************************************************/
 
-static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
-                               psa_key_slot_t key,
+static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
+                                      psa_key_slot_t key,
                                psa_algorithm_t alg, mbedtls_operation_t cipher_operation)
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
@@ -1333,7 +1333,7 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
     }
 
     ret = mbedtls_cipher_setkey( &operation->ctx.cipher, slot->data.raw.data,
-                   key_bits, cipher_operation );
+                                 key_bits, cipher_operation );
     if( ret != 0 )
     {
         psa_cipher_abort( operation );
@@ -1377,24 +1377,24 @@ static psa_status_t psa_cipher_setup(psa_cipher_operation_t *operation,
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation,
-                               psa_key_slot_t key,
-                               psa_algorithm_t alg)
+psa_status_t psa_encrypt_setup( psa_cipher_operation_t *operation,
+                                psa_key_slot_t key,
+                                psa_algorithm_t alg )
 {
     return psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT );
 }
 
-psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation,
-                               psa_key_slot_t key,
-                               psa_algorithm_t alg)
+psa_status_t psa_decrypt_setup( psa_cipher_operation_t *operation,
+                                psa_key_slot_t key,
+                                psa_algorithm_t alg )
 {
     return psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT );
 }
 
-psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation,
-                                     unsigned char *iv,
-                                     size_t iv_size,
-                                     size_t *iv_length)
+psa_status_t psa_encrypt_generate_iv( psa_cipher_operation_t *operation,
+                                      unsigned char *iv,
+                                      size_t iv_size,
+                                      size_t *iv_length )
 {
     int ret = PSA_SUCCESS;
     if( operation->iv_set || !( operation->iv_required ) )
@@ -1408,9 +1408,9 @@ psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation,
     if( ret != 0 )
     {
         ret = mbedtls_to_psa_error( ret );
-        goto exit;       
+        goto exit;
     }
-    
+
     *iv_length = operation->iv_size;
     ret = psa_encrypt_set_iv( operation, iv, *iv_length );
 
@@ -1420,9 +1420,9 @@ exit:
     return( ret );
 }
 
-psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation,
-                                const unsigned char *iv,
-                                size_t iv_length)
+psa_status_t psa_encrypt_set_iv( psa_cipher_operation_t *operation,
+                                 const unsigned char *iv,
+                                 size_t iv_length )
 {
     int ret = PSA_SUCCESS;
     if( operation->iv_set || !( operation->iv_required ) )
@@ -1444,23 +1444,23 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation,
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
-                               const uint8_t *input,
-                               size_t input_length,
-                               unsigned char *output, 
-                               size_t output_size, 
-                               size_t *output_length)
+psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
+                                const uint8_t *input,
+                                size_t input_length,
+                                unsigned char *output,
+                                size_t output_size,
+                                size_t *output_length )
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
     size_t expected_output_size = ( ( operation->ctx.cipher.unprocessed_len + input_length )/operation->block_size )*operation->block_size; 
-    if( ( ( PSA_ALG_IS_STREAM_CIPHER( operation->alg ) ) && 
-        ( output_size < input_length ) ) || 
-        ( ( PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) ) && 
-        ( output_size < expected_output_size ) ) )
+    if( ( ( PSA_ALG_IS_STREAM_CIPHER( operation->alg ) ) &&
+          ( output_size < input_length ) ) ||
+        ( ( PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) ) &&
+          ( output_size < expected_output_size ) ) )
         return( PSA_ERROR_BUFFER_TOO_SMALL );
 
     ret = mbedtls_cipher_update( &operation->ctx.cipher, input,
-                   input_length, output, output_length );
+                                 input_length, output, output_length );
     if( ret != 0 )
     {
         psa_cipher_abort( operation );
@@ -1470,13 +1470,13 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
-                               uint8_t *output,
-                               size_t output_size,
-                               size_t *output_length)
+psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,
+                                uint8_t *output,
+                                size_t output_size,
+                                size_t *output_length )
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
-    uint8_t temp_output_buffer[ MBEDTLS_MAX_BLOCK_LENGTH ];
+    uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH];
 
     if( ! operation->key_set )
         return( PSA_ERROR_BAD_STATE );
@@ -1496,13 +1496,13 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
     }
 
     ret = mbedtls_cipher_finish( &operation->ctx.cipher, temp_output_buffer,
-        output_length );
+                                 output_length );
     if( ret != 0 )
     {
         psa_cipher_abort( operation );
         return( mbedtls_to_psa_error( ret ) );
     }
-    if(output_size >= *output_length)
+    if( output_size >= *output_length )
         memcpy( output, temp_output_buffer, *output_length );
     else
     {
@@ -1513,10 +1513,10 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation)
-{   
+psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation )
+{
     mbedtls_cipher_free( &operation->ctx.cipher );
-    
+
     operation->alg = 0;
     operation->key_set = 0;
     operation->iv_set = 0;

From 7e9288520f317045a1c5fa63ba1c192d03931db5 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 4 Jun 2018 16:23:10 +0200
Subject: [PATCH 120/889] Wrap lines to 80 columns

---
 library/psa_crypto.c | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ddc007bc8..621e733ef 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1297,7 +1297,8 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
 
 static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
                                       psa_key_slot_t key,
-                               psa_algorithm_t alg, mbedtls_operation_t cipher_operation)
+                                      psa_algorithm_t alg,
+                                      mbedtls_operation_t cipher_operation )
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
     psa_status_t status;
@@ -1368,7 +1369,9 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
 
     operation->key_set = 1;
     operation->alg = alg;
-    operation->block_size = PSA_ALG_IS_BLOCK_CIPHER( alg ) ? PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) : 1;
+    operation->block_size = ( PSA_ALG_IS_BLOCK_CIPHER( alg ) ?
+                              PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) :
+                              1 );
     if( PSA_ALG_IS_BLOCK_CIPHER( alg ) || ( alg == PSA_ALG_CTR ) )
     {
         operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
@@ -1404,7 +1407,8 @@ psa_status_t psa_encrypt_generate_iv( psa_cipher_operation_t *operation,
         ret = PSA_ERROR_BUFFER_TOO_SMALL;
         goto exit;
     }
-    ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, iv, operation->iv_size );
+    ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg,
+                                   iv, operation->iv_size );
     if( ret != 0 )
     {
         ret = mbedtls_to_psa_error( ret );
@@ -1452,7 +1456,9 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
                                 size_t *output_length )
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
-    size_t expected_output_size = ( ( operation->ctx.cipher.unprocessed_len + input_length )/operation->block_size )*operation->block_size; 
+    size_t expected_output_size =
+        ( ( operation->ctx.cipher.unprocessed_len + input_length ) /
+          operation->block_size ) * operation->block_size;
     if( ( ( PSA_ALG_IS_STREAM_CIPHER( operation->alg ) ) &&
           ( output_size < input_length ) ) ||
         ( ( PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) ) &&
@@ -1487,10 +1493,12 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,
     {
         if( operation->ctx.cipher.unprocessed_len > operation->block_size )
             return( PSA_ERROR_INVALID_ARGUMENT );
-        if( ( ( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) == PSA_ALG_BLOCK_CIPHER_PAD_NONE )
+        if( ( ( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK )
+              == PSA_ALG_BLOCK_CIPHER_PAD_NONE )
             && ( operation->ctx.cipher.unprocessed_len != 0 ) )
             return( PSA_ERROR_INVALID_ARGUMENT );
-        if( ( ( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) == PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 )
+        if( ( ( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK )
+              == PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 )
             && ( *output_length != operation->block_size ) )
             return( PSA_ERROR_INVALID_ARGUMENT );
     }

From 89d789c9bc7785e511091dda26b5d946afd9b992 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 4 Jun 2018 17:17:16 +0200
Subject: [PATCH 121/889] Refactor some argument checks for readability

No intended behavior change.
---
 library/psa_crypto.c | 42 +++++++++++++++++++++++++++---------------
 1 file changed, 27 insertions(+), 15 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 621e733ef..4d84ab252 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1456,13 +1456,22 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
                                 size_t *output_length )
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
-    size_t expected_output_size =
-        ( ( operation->ctx.cipher.unprocessed_len + input_length ) /
-          operation->block_size ) * operation->block_size;
-    if( ( ( PSA_ALG_IS_STREAM_CIPHER( operation->alg ) ) &&
-          ( output_size < input_length ) ) ||
-        ( ( PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) ) &&
-          ( output_size < expected_output_size ) ) )
+    size_t expected_output_size;
+    if( PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) )
+    {
+        /* Take the unprocessed partial block left over from previous
+         * update calls, if any, plus the input to this call. Remove
+         * the last partial block, if any. You get the data that will be
+         * output in this call. */
+        expected_output_size =
+            ( operation->ctx.cipher.unprocessed_len + input_length )
+            / operation->block_size * operation->block_size;
+    }
+    else
+    {
+        expected_output_size = input_length;
+    }
+    if( output_size < expected_output_size )
         return( PSA_ERROR_BUFFER_TOO_SMALL );
 
     ret = mbedtls_cipher_update( &operation->ctx.cipher, input,
@@ -1493,14 +1502,17 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,
     {
         if( operation->ctx.cipher.unprocessed_len > operation->block_size )
             return( PSA_ERROR_INVALID_ARGUMENT );
-        if( ( ( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK )
-              == PSA_ALG_BLOCK_CIPHER_PAD_NONE )
-            && ( operation->ctx.cipher.unprocessed_len != 0 ) )
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        if( ( ( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK )
-              == PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 )
-            && ( *output_length != operation->block_size ) )
-            return( PSA_ERROR_INVALID_ARGUMENT );
+        switch( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK )
+        {
+            case PSA_ALG_BLOCK_CIPHER_PAD_NONE:
+                if( operation->ctx.cipher.unprocessed_len != 0 )
+                    return( PSA_ERROR_INVALID_ARGUMENT );
+                break;
+            case PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:
+                if( *output_length != operation->block_size )
+                    return( PSA_ERROR_INVALID_ARGUMENT );
+                break;
+        }
     }
 
     ret = mbedtls_cipher_finish( &operation->ctx.cipher, temp_output_buffer,

From 5eb6e9ed60d42ebd8c11e167ca014d7502105037 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Tue, 5 Jun 2018 11:38:39 +0300
Subject: [PATCH 122/889] PSA_ALG_CBC_BASE -> SA_ALG_CBC_BASE |
 PSA_ALG_BLOCK_CIPHER_PAD_NONE

---
 tests/suites/test_suite_psa_crypto.data | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 3d844d531..3519f11c3 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -85,7 +85,7 @@ PSA sign RSA PKCS#1 v1.5 SHA-256, output buffer too small
 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL
 
 PSA Key Policy set and get
-key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE
+key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE
 
 PSA Key Policy enforcement - export
 key_policy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
@@ -107,24 +107,24 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
 
 PSA Symmetric encryption: AES-128
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_encrypt:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b"
+cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b"
 
 PSA Symmetric encryption: AES-128
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_decrypt:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955"
+cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955"
 
 PSA Symmetric encryption/decryption: AES-128
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_verify_output:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
 PSA Symmetric encryption multipart: AES-128
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b"
+cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b"
 
 PSA Symmetric encryption multipart: AES-128
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b"
+cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b"
 
 PSA Symmetric encryption multipart: AES-128
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b"
+cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b"

From 7cb22b8327e97838c4b51d03b74e0f076ad77925 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Tue, 5 Jun 2018 11:40:02 +0300
Subject: [PATCH 123/889] abort operation before return + fix error checks

---
 library/psa_crypto.c | 39 ++++++++++++++++++++++-----------------
 1 file changed, 22 insertions(+), 17 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 4d84ab252..78e0dc485 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1342,7 +1342,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
     }
 
 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
-    if( ( alg & PSA_ALG_CBC_BASE) == PSA_ALG_CBC_BASE )
+    if( ( alg & ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) == PSA_ALG_CBC_BASE )
     {
         padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
 
@@ -1494,24 +1494,29 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,
     uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH];
 
     if( ! operation->key_set )
-        return( PSA_ERROR_BAD_STATE );
-    if( operation->iv_required && ! operation->iv_set )
-        return( PSA_ERROR_BAD_STATE );
-
-    if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT )
     {
-        if( operation->ctx.cipher.unprocessed_len > operation->block_size )
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        switch( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK )
+        psa_cipher_abort( operation );
+        return( PSA_ERROR_BAD_STATE );
+    }
+    if( operation->iv_required && ! operation->iv_set )
+    {
+        psa_cipher_abort( operation );    
+        return( PSA_ERROR_BAD_STATE );
+    }
+    if( ( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT ) && PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) )
+    {
+        if( operation->ctx.cipher.unprocessed_len >= operation->block_size )
         {
-            case PSA_ALG_BLOCK_CIPHER_PAD_NONE:
-                if( operation->ctx.cipher.unprocessed_len != 0 )
-                    return( PSA_ERROR_INVALID_ARGUMENT );
-                break;
-            case PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:
-                if( *output_length != operation->block_size )
-                    return( PSA_ERROR_INVALID_ARGUMENT );
-                break;
+            psa_cipher_abort( operation );    
+            return( PSA_ERROR_TAMPERING_DETECTED );
+        }
+        if( ( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) == PSA_ALG_BLOCK_CIPHER_PAD_NONE )
+        {
+            if( operation->ctx.cipher.unprocessed_len != 0 )
+            {
+                psa_cipher_abort( operation );            
+                return( PSA_ERROR_INVALID_ARGUMENT );
+            }
         }
     }
 

From 5351420b3e5a4e26c58ddc6341bc026fbea519a4 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 6 Jun 2018 15:11:46 +0200
Subject: [PATCH 124/889] Use block local variable for padding_mode for
 readability

No intended behavior change.
---
 library/psa_crypto.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 78e0dc485..7b5979778 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1306,8 +1306,6 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
     psa_key_type_t key_type;
     size_t key_bits;
     const mbedtls_cipher_info_t *cipher_info = NULL;
-    psa_algorithm_t padding_mode = PSA_ALG_BLOCK_CIPHER_PAD_NONE;
-    mbedtls_cipher_padding_t mode = MBEDTLS_PADDING_NONE;
 
     operation->alg = alg;
     operation->key_set = 0;
@@ -1344,7 +1342,8 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
     if( ( alg & ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) == PSA_ALG_CBC_BASE )
     {
-        padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
+        psa_algorithm_t padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
+        mbedtls_cipher_padding_t mode;
 
         switch ( padding_mode )
         {
@@ -1505,12 +1504,14 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,
     }
     if( ( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT ) && PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) )
     {
+        psa_algorithm_t padding_mode =
+            operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
         if( operation->ctx.cipher.unprocessed_len >= operation->block_size )
         {
             psa_cipher_abort( operation );    
             return( PSA_ERROR_TAMPERING_DETECTED );
         }
-        if( ( operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) == PSA_ALG_BLOCK_CIPHER_PAD_NONE )
+        if( padding_mode == PSA_ALG_BLOCK_CIPHER_PAD_NONE )
         {
             if( operation->ctx.cipher.unprocessed_len != 0 )
             {

From 2c5219a06d65d3677f90b4a3a5407cbc0d0e3067 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 6 Jun 2018 15:12:32 +0200
Subject: [PATCH 125/889] Whitespace normalization

No semantic change.
---
 library/psa_crypto.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 7b5979778..dc25dfb4d 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1499,23 +1499,24 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,
     }
     if( operation->iv_required && ! operation->iv_set )
     {
-        psa_cipher_abort( operation );    
+        psa_cipher_abort( operation );
         return( PSA_ERROR_BAD_STATE );
     }
-    if( ( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT ) && PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) )
+    if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT &&
+        PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) )
     {
         psa_algorithm_t padding_mode =
             operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
         if( operation->ctx.cipher.unprocessed_len >= operation->block_size )
         {
-            psa_cipher_abort( operation );    
+            psa_cipher_abort( operation );
             return( PSA_ERROR_TAMPERING_DETECTED );
         }
         if( padding_mode == PSA_ALG_BLOCK_CIPHER_PAD_NONE )
         {
             if( operation->ctx.cipher.unprocessed_len != 0 )
             {
-                psa_cipher_abort( operation );            
+                psa_cipher_abort( operation );
                 return( PSA_ERROR_INVALID_ARGUMENT );
             }
         }

From 691dfb3e3a3292cc98616916b6dc3d946bf9025e Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 6 Jun 2018 15:18:02 +0200
Subject: [PATCH 126/889] Whitespce normalization

No semantic change.
---
 tests/suites/test_suite_psa_crypto.function | 47 +++++++++++----------
 1 file changed, 24 insertions(+), 23 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 4c62962d8..058c34411 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -528,9 +528,9 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void cipher_test_encrypt( int alg_arg, int key_type_arg, 
-                           char *key_hex,
-                           char *input_hex, char *output_hex )
+void cipher_test_encrypt( int alg_arg, int key_type_arg,
+                          char *key_hex,
+                          char *input_hex, char *output_hex )
 {
     int key_slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -557,7 +557,7 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( expected_output != NULL );
 
     memset( iv, 0x2a, sizeof( iv ) );
- 
+
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
@@ -571,7 +571,7 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg,
     output = mbedtls_calloc(0, output_size);
 
     TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
-                                    output, output_size, 
+                                    output, output_size,
                                     &output_length) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
                                     output_size, &output_length) == PSA_SUCCESS );
@@ -590,7 +590,7 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, 
+void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg,
                            char *key_hex,
                            char *input_hex,
                            int first_part_size, char *output_hex )
@@ -620,7 +620,7 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( expected_output != NULL );
 
     memset( iv, 0x2a, sizeof( iv ) );
- 
+
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
@@ -629,16 +629,17 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
-                                        sizeof( iv ) ) == PSA_SUCCESS );
+                                     sizeof( iv ) ) == PSA_SUCCESS );
 
     output = mbedtls_calloc(0, output_size);
 
     TEST_ASSERT( (unsigned int)first_part_size < input_size );
     TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
-                                    output, output_size, 
+                                    output, output_size,
                                     &output_length) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size, input_size - first_part_size,
-                                    output, output_size, 
+    TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size,
+                                    input_size - first_part_size,
+                                    output, output_size,
                                     &output_length) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
                                     output_size, &output_length) == PSA_SUCCESS );
@@ -657,7 +658,7 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void cipher_test_decrypt( int alg_arg, int key_type_arg, 
+void cipher_test_decrypt( int alg_arg, int key_type_arg,
                            char *key_hex,
                            char *input_hex, char *output_hex )
 {
@@ -686,7 +687,7 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( expected_output != NULL );
 
     memset( iv, 0x2a, sizeof( iv ) );
- 
+
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
@@ -700,7 +701,7 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg,
     output = mbedtls_calloc(0, output_size);
 
     TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
-                                    output, output_size, 
+                                    output, output_size,
                                     &output_length) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
                                     output_size, &output_length) == PSA_SUCCESS );
@@ -720,7 +721,7 @@ exit:
 
 
 /* BEGIN_CASE */
-void cipher_test_verify_output( int alg_arg, int key_type_arg, 
+void cipher_test_verify_output( int alg_arg, int key_type_arg,
                            char *key_hex,
                            char *input_hex )
 {
@@ -749,7 +750,7 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg,
 
     input = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input != NULL );
- 
+
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
@@ -763,11 +764,11 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg,
     output1_size = input_size;
     output1 = mbedtls_calloc(0, output1_size);
     TEST_ASSERT( psa_cipher_update( &operation1, input, input_size,
-                                    output1, output1_size, 
+                                    output1, output1_size,
                                     &output1_length) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length,
-			            output1_size, &tmp_output_length) == PSA_SUCCESS );
-									
+                                    output1_size, &tmp_output_length) == PSA_SUCCESS );
+
     output1_length += tmp_output_length;
 
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
@@ -776,15 +777,15 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg,
     output2 = mbedtls_calloc(0, output2_size);
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv,
-			             iv_length) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length, 
+                                     iv_length) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length,
                                     output2, output2_size, &output2_length) == PSA_SUCCESS );
     tmp_output_length = 0;
     TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length,
-			            output2_size, &tmp_output_length) == PSA_SUCCESS );  
+                                    output2_size, &tmp_output_length) == PSA_SUCCESS );
 
     output2_length += tmp_output_length;
-    
+
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 
     TEST_ASSERT( input_size == output1_length );

From 7268afc29e5fadfc7ade62a8dfa3dcf54aecef70 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 6 Jun 2018 15:19:24 +0200
Subject: [PATCH 127/889] Reordered cipher tests to be just after MAC tests

---
 tests/suites/test_suite_psa_crypto.data     |  48 +-
 tests/suites/test_suite_psa_crypto.function | 530 ++++++++++----------
 2 files changed, 291 insertions(+), 287 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 3519f11c3..6fa907d58 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -53,6 +53,30 @@ PSA MAC verify: CMAC-AES-128
 depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
 mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
 
+PSA Symmetric encryption: AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b"
+
+PSA Symmetric encryption: AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955"
+
+PSA Symmetric encryption/decryption: AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA Symmetric encryption multipart: AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b"
+
+PSA Symmetric encryption multipart: AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b"
+
+PSA Symmetric encryption multipart: AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b"
+
 PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw
 signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
 
@@ -104,27 +128,3 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED
 
 PSA Key Lifetime set fail, invalid key lifetime value
 key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
-
-PSA Symmetric encryption: AES-128
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b"
-
-PSA Symmetric encryption: AES-128
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955"
-
-PSA Symmetric encryption/decryption: AES-128
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
-
-PSA Symmetric encryption multipart: AES-128
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b"
-
-PSA Symmetric encryption multipart: AES-128
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b"
-
-PSA Symmetric encryption multipart: AES-128
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b"
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 058c34411..5ac87214f 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -264,269 +264,6 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
-void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg )
-{
-    psa_key_type_t type = type_arg;
-    psa_algorithm_t alg = alg_arg;
-    size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(type, bits, alg);
-    TEST_ASSERT( actual_size == (size_t) expected_size_arg );
-exit:
-    ;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void sign_deterministic( int key_type_arg, char *key_hex,
-                         int alg_arg, char *input_hex, char *output_hex )
-{
-    int slot = 1;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    unsigned char *key_data = NULL;
-    size_t key_size;
-    size_t key_bits;
-    unsigned char *input_data = NULL;
-    size_t input_size;
-    unsigned char *output_data = NULL;
-    size_t output_size;
-    unsigned char *signature = NULL;
-    size_t signature_size;
-    size_t signature_length = 0xdeadbeef;
-    psa_key_policy_t policy = {0};
-
-    key_data = unhexify_alloc( key_hex, &key_size );
-    TEST_ASSERT( key_data != NULL );
-    input_data = unhexify_alloc( input_hex, &input_size );
-    TEST_ASSERT( input_data != NULL );
-    output_data = unhexify_alloc( output_hex, &output_size );
-    TEST_ASSERT( output_data != NULL );
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg );
-
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data, key_size ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_get_key_information( slot,
-                                          NULL,
-                                          &key_bits ) == PSA_SUCCESS );
-
-    signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, alg, key_bits );
-    TEST_ASSERT( signature_size != 0 );
-    signature = mbedtls_calloc( 1, signature_size );
-    TEST_ASSERT( signature != NULL );
-
-    TEST_ASSERT( psa_asymmetric_sign( slot, alg,
-                                      input_data, input_size,
-                                      NULL, 0,
-                                      signature, signature_size,
-                                      &signature_length ) == PSA_SUCCESS );
-    TEST_ASSERT( signature_length == output_size );
-    TEST_ASSERT( memcmp( signature, output_data, output_size ) == 0 );
-
-exit:
-    psa_destroy_key( slot );
-    mbedtls_free( key_data );
-    mbedtls_free( input_data );
-    mbedtls_free( output_data );
-    mbedtls_free( signature );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void sign_fail( int key_type_arg, char *key_hex,
-                int alg_arg, char *input_hex,
-                int signature_size, int expected_status_arg )
-{
-    int slot = 1;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    unsigned char *key_data = NULL;
-    size_t key_size;
-    unsigned char *input_data = NULL;
-    size_t input_size;
-    psa_status_t actual_status;
-    psa_status_t expected_status = expected_status_arg;
-    unsigned char *signature = NULL;
-    size_t signature_length = 0xdeadbeef;
-    psa_key_policy_t policy = {0};
-
-    key_data = unhexify_alloc( key_hex, &key_size );
-    TEST_ASSERT( key_data != NULL );
-    input_data = unhexify_alloc( input_hex, &input_size );
-    TEST_ASSERT( input_data != NULL );
-    signature = mbedtls_calloc( 1, signature_size );
-    TEST_ASSERT( signature != NULL );
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg );
-
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data, key_size ) == PSA_SUCCESS );
-
-    actual_status = psa_asymmetric_sign( slot, alg,
-                                         input_data, input_size,
-                                         NULL, 0,
-                                         signature, signature_size,
-                                         &signature_length );
-    TEST_ASSERT( actual_status == expected_status );
-    TEST_ASSERT( signature_length == 0 );
-
-exit:
-    psa_destroy_key( slot );
-    mbedtls_free( key_data );
-    mbedtls_free( input_data );
-    mbedtls_free( signature );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_policy( int usage_arg, int alg_arg )
-{
-    int key_slot = 1;
-    psa_key_type_t key_type = PSA_KEY_TYPE_AES;
-    unsigned char key[32] = {0};
-    psa_key_policy_t policy_set = {0};
-    psa_key_policy_t policy_get = {0};
-        
-
-    memset( key, 0x2a, sizeof( key ) );
- 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    psa_key_policy_init(& policy_set );
-    psa_key_policy_init(& policy_get );
-
-    psa_key_policy_set_usage( &policy_set, usage_arg, alg_arg );
-
-    TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == ( psa_key_usage_t )usage_arg );
-
-    TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set) == ( psa_algorithm_t )alg_arg );
-
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, sizeof( key ) ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_get_key_policy( key_slot, &policy_get ) == PSA_SUCCESS );
-
-    TEST_ASSERT( policy_get.usage == policy_set.usage );
-    TEST_ASSERT( policy_get.alg == policy_set.alg );
-
-    
-
-
-exit:
-    psa_destroy_key( key_slot );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key_hex )
-{
-    int key_slot = 1;
-    unsigned char* keypair = NULL;
-    size_t key_size = 0;
-    size_t signature_length = 0;
-    psa_key_policy_t policy = {0};
-    int actual_status = PSA_SUCCESS;
- 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, usage_arg, alg_arg );
-
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
-
-    if( usage_arg & PSA_KEY_USAGE_EXPORT )
-    {
-        keypair = unhexify_alloc( key_hex, &key_size );
-        TEST_ASSERT( keypair != NULL );
-        TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
-                                keypair, key_size ) == PSA_SUCCESS );
-        actual_status = psa_asymmetric_sign( key_slot, 
-                        ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0, 
-                        NULL, 0, &signature_length );
-    }
-    
-    if( usage_arg & PSA_KEY_USAGE_SIGN )
-    {
-        keypair = unhexify_alloc( key_hex, &key_size );
-        TEST_ASSERT( keypair != NULL );
-        TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
-                                keypair, key_size ) == PSA_SUCCESS );
-        actual_status = psa_export_key( key_slot, NULL, 0, NULL );
-    }
-
-    TEST_ASSERT( actual_status == expected_status );
-
-exit:
-    psa_destroy_key( key_slot );
-    mbedtls_free( keypair );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_lifetime( int lifetime_arg )
-{
-    int key_slot = 1;
-    psa_key_type_t key_type = PSA_ALG_CBC_BASE;
-    unsigned char key[32] = {0};
-    psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
-    psa_key_lifetime_t lifetime_get;
-    memset( key, 0x2a, sizeof( key ) );
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_set_key_lifetime( key_slot, 
-                                 lifetime_set ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, sizeof( key ) ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_get_key_lifetime( key_slot, 
-                                 &lifetime_get ) == PSA_SUCCESS );
-    TEST_ASSERT( lifetime_get == lifetime_set ); 
-exit:
-    psa_destroy_key( key_slot );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_status_arg )
-{
-    int key_slot = 1;
-    psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
-    psa_status_t actual_status;
-    psa_status_t expected_status = expected_status_arg;
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set );
-
-    if( actual_status == PSA_SUCCESS )
-        actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set );
-    
-    TEST_ASSERT( expected_status == actual_status );
-
-exit:
-    psa_destroy_key( key_slot );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
 /* BEGIN_CASE */
 void cipher_test_encrypt( int alg_arg, int key_type_arg,
                           char *key_hex,
@@ -799,3 +536,270 @@ exit:
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg )
+{
+    psa_key_type_t type = type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(type, bits, alg);
+    TEST_ASSERT( actual_size == (size_t) expected_size_arg );
+exit:
+    ;
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void sign_deterministic( int key_type_arg, char *key_hex,
+                         int alg_arg, char *input_hex, char *output_hex )
+{
+    int slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key_data = NULL;
+    size_t key_size;
+    size_t key_bits;
+    unsigned char *input_data = NULL;
+    size_t input_size;
+    unsigned char *output_data = NULL;
+    size_t output_size;
+    unsigned char *signature = NULL;
+    size_t signature_size;
+    size_t signature_length = 0xdeadbeef;
+    psa_key_policy_t policy = {0};
+
+    key_data = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key_data != NULL );
+    input_data = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input_data != NULL );
+    output_data = unhexify_alloc( output_hex, &output_size );
+    TEST_ASSERT( output_data != NULL );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg );
+
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, key_type,
+                                 key_data, key_size ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_get_key_information( slot,
+                                          NULL,
+                                          &key_bits ) == PSA_SUCCESS );
+
+    signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, alg, key_bits );
+    TEST_ASSERT( signature_size != 0 );
+    signature = mbedtls_calloc( 1, signature_size );
+    TEST_ASSERT( signature != NULL );
+
+    TEST_ASSERT( psa_asymmetric_sign( slot, alg,
+                                      input_data, input_size,
+                                      NULL, 0,
+                                      signature, signature_size,
+                                      &signature_length ) == PSA_SUCCESS );
+    TEST_ASSERT( signature_length == output_size );
+    TEST_ASSERT( memcmp( signature, output_data, output_size ) == 0 );
+
+exit:
+    psa_destroy_key( slot );
+    mbedtls_free( key_data );
+    mbedtls_free( input_data );
+    mbedtls_free( output_data );
+    mbedtls_free( signature );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void sign_fail( int key_type_arg, char *key_hex,
+                int alg_arg, char *input_hex,
+                int signature_size, int expected_status_arg )
+{
+    int slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key_data = NULL;
+    size_t key_size;
+    unsigned char *input_data = NULL;
+    size_t input_size;
+    psa_status_t actual_status;
+    psa_status_t expected_status = expected_status_arg;
+    unsigned char *signature = NULL;
+    size_t signature_length = 0xdeadbeef;
+    psa_key_policy_t policy = {0};
+
+    key_data = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key_data != NULL );
+    input_data = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input_data != NULL );
+    signature = mbedtls_calloc( 1, signature_size );
+    TEST_ASSERT( signature != NULL );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg );
+
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, key_type,
+                                 key_data, key_size ) == PSA_SUCCESS );
+
+    actual_status = psa_asymmetric_sign( slot, alg,
+                                         input_data, input_size,
+                                         NULL, 0,
+                                         signature, signature_size,
+                                         &signature_length );
+    TEST_ASSERT( actual_status == expected_status );
+    TEST_ASSERT( signature_length == 0 );
+
+exit:
+    psa_destroy_key( slot );
+    mbedtls_free( key_data );
+    mbedtls_free( input_data );
+    mbedtls_free( signature );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_policy( int usage_arg, int alg_arg )
+{
+    int key_slot = 1;
+    psa_key_type_t key_type = PSA_KEY_TYPE_AES;
+    unsigned char key[32] = {0};
+    psa_key_policy_t policy_set = {0};
+    psa_key_policy_t policy_get = {0};
+        
+    memset( key, 0x2a, sizeof( key ) );
+ 
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init(& policy_set );
+    psa_key_policy_init(& policy_get );
+
+    psa_key_policy_set_usage( &policy_set, usage_arg, alg_arg );
+
+    TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == ( psa_key_usage_t )usage_arg );
+
+    TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set) == ( psa_algorithm_t )alg_arg );
+
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, sizeof( key ) ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_get_key_policy( key_slot, &policy_get ) == PSA_SUCCESS );
+
+    TEST_ASSERT( policy_get.usage == policy_set.usage );
+    TEST_ASSERT( policy_get.alg == policy_set.alg );
+
+exit:
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key_hex )
+{
+    int key_slot = 1;
+    unsigned char* keypair = NULL;
+    size_t key_size = 0;
+    size_t signature_length = 0;
+    psa_key_policy_t policy = {0};
+    int actual_status = PSA_SUCCESS;
+ 
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, usage_arg, alg_arg );
+
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
+    if( usage_arg & PSA_KEY_USAGE_EXPORT )
+    {
+        keypair = unhexify_alloc( key_hex, &key_size );
+        TEST_ASSERT( keypair != NULL );
+        TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
+                                keypair, key_size ) == PSA_SUCCESS );
+        actual_status = psa_asymmetric_sign( key_slot, 
+                        ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0, 
+                        NULL, 0, &signature_length );
+    }
+    
+    if( usage_arg & PSA_KEY_USAGE_SIGN )
+    {
+        keypair = unhexify_alloc( key_hex, &key_size );
+        TEST_ASSERT( keypair != NULL );
+        TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
+                                keypair, key_size ) == PSA_SUCCESS );
+        actual_status = psa_export_key( key_slot, NULL, 0, NULL );
+    }
+
+    TEST_ASSERT( actual_status == expected_status );
+
+exit:
+    psa_destroy_key( key_slot );
+    mbedtls_free( keypair );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_lifetime( int lifetime_arg )
+{
+    int key_slot = 1;
+    psa_key_type_t key_type = PSA_ALG_CBC_BASE;
+    unsigned char key[32] = {0};
+    psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
+    psa_key_lifetime_t lifetime_get;
+
+    memset( key, 0x2a, sizeof( key ) );
+ 
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_set_key_lifetime( key_slot, 
+                                 lifetime_set ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, sizeof( key ) ) == PSA_SUCCESS );
+    
+    TEST_ASSERT( psa_get_key_lifetime( key_slot, 
+                                 &lifetime_get ) == PSA_SUCCESS );
+
+    TEST_ASSERT( lifetime_get == lifetime_set ); 
+
+exit:
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+
+/* BEGIN_CASE */
+void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_status_arg )
+{
+    int key_slot = 1;
+    psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
+    psa_status_t actual_status;
+    psa_status_t expected_status = expected_status_arg;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set );
+
+    if( actual_status == PSA_SUCCESS )
+        actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set );
+    
+    TEST_ASSERT( expected_status == actual_status );
+
+exit:
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */

From 5cbb4c8508919f2f0e74ae3426b8cbefad6fc093 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 6 Jun 2018 15:21:31 +0200
Subject: [PATCH 128/889] Correct some test case descriptions

---
 tests/suites/test_suite_psa_crypto.data | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 6fa907d58..2126462c0 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -57,7 +57,7 @@ PSA Symmetric encryption: AES-128
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b"
 
-PSA Symmetric encryption: AES-128
+PSA Symmetric decryption: AES-128
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955"
 
@@ -65,15 +65,15 @@ PSA Symmetric encryption/decryption: AES-128
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric encryption multipart: AES-128
+PSA Symmetric encryption multipart: AES-128, 7+9
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b"
 
-PSA Symmetric encryption multipart: AES-128
+PSA Symmetric encryption multipart: AES-128, 3+13
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b"
 
-PSA Symmetric encryption multipart: AES-128
+PSA Symmetric encryption multipart: AES-128, 11+5
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b"
 

From ded844092e7ae866b03f6cdd0d9d4201b6c85371 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Wed, 6 Jun 2018 16:36:50 +0300
Subject: [PATCH 129/889] fix and add tests case + fix for padding mode

---
 tests/suites/test_suite_psa_crypto.data     |  61 ++++-
 tests/suites/test_suite_psa_crypto.function | 287 ++++++++++++++++----
 2 files changed, 294 insertions(+), 54 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 2126462c0..3ebbd5985 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -55,28 +55,77 @@ mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"":"
 
 PSA Symmetric encryption: AES-128
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b"
+cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
+
+PSA Symmetric encryption: bad, input buffer too small AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
 
 PSA Symmetric decryption: AES-128
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955"
+cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
+
+PSA Symmetric decryption: AES-128 bad, input buffer too small AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE
+
 
 PSA Symmetric encryption/decryption: AES-128
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric encryption multipart: AES-128, 7+9
+PSA Symmetric encryption/decryption: 16 bytes PKC padding
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA Symmetric encryption/decryption: 15 bytes PKC padding
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
+
+PSA Symmetric encryption/decryption CTR alg: AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_verify_output:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+
+PSA Symmetric encryption multipart: AES-128 7+9
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b"
 
-PSA Symmetric encryption multipart: AES-128, 3+13
+PSA Symmetric encryption multipart: AES-128 3+13
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b"
 
-PSA Symmetric encryption multipart: AES-128, 11+5
+PSA Symmetric encryption multipart: AES-128 4+12
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:"a076ec9dfbe47d52afc357336f20743b"
+
+PSA Symmetric encryption multipart: AES-128 11+5
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b"
 
+PSA Symmetric decryption multipart: AES-128 7+9
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a"
+
+PSA Symmetric decryption multipart: AES-128 3+12
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:"6bc1bee22e409f96e93d7e117393172a"
+
+PSA Symmetric decryption multipart: AES-128 11+5
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:"6bc1bee22e409f96e93d7e117393172a"
+
+PSA Symmetric encryption + decryption multipart: AES-128 11+5
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11
+
+PSA Symmetric encryption + decryption multipart: AES-128 PKC padding, 4+12
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4
+
+PSA Symmetric encryption + decryption multipart: AES-128 16+16
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743ba076ec9dfbe47d52afc357336f20743b":16
+
 PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw
 signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
 
@@ -128,3 +177,5 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED
 
 PSA Key Lifetime set fail, invalid key lifetime value
 key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
+
+
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 5ac87214f..8d16c6fbf 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -265,11 +265,13 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void cipher_test_encrypt( int alg_arg, int key_type_arg,
-                          char *key_hex,
-                          char *input_hex, char *output_hex )
+void cipher_test_encrypt( int alg_arg, int key_type_arg, 
+                           char *key_hex,
+                           char *input_hex, char *output_hex,
+                           int expected_status )
 {
     int key_slot = 1;
+    psa_status_t status;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     unsigned char *key = NULL;
@@ -279,7 +281,7 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg,
     size_t input_size = 0;
     unsigned char *output;
     unsigned char *expected_output;
-    size_t output_size = 0;
+    size_t output_size, output_size_1 = 0;
     size_t output_length = 0;
     psa_cipher_operation_t operation;
 
@@ -294,7 +296,7 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( expected_output != NULL );
 
     memset( iv, 0x2a, sizeof( iv ) );
-
+ 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
@@ -304,20 +306,22 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
                                         sizeof( iv ) ) == PSA_SUCCESS );
-
-    output = mbedtls_calloc(0, output_size);
+    output_size_1 = input_size + operation.block_size;
+    output = mbedtls_calloc(1, output_size_1);
 
     TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
-                                    output, output_size,
+                                    output, output_size_1, 
                                     &output_length) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
-                                    output_size, &output_length) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
-
-    TEST_ASSERT( input_size == output_size );
-    TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 );
+    status = psa_cipher_finish( &operation, output + output_length,
+                                    output_size_1, &output_length);
+    TEST_ASSERT( status == (psa_status_t) expected_status );
+    if( expected_status == PSA_SUCCESS )
+    {
+        TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
+        TEST_ASSERT( input_size == output_size );
+        TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 );
+    }
 exit:
     mbedtls_free( key );
     mbedtls_free( input );
@@ -327,7 +331,7 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg,
+void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, 
                            char *key_hex,
                            char *input_hex,
                            int first_part_size, char *output_hex )
@@ -342,7 +346,7 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg,
     size_t input_size = 0;
     unsigned char *output;
     unsigned char *expected_output;
-    size_t output_size = 0;
+    size_t output_size, output_size_1 = 0;
     size_t output_length = 0;
     psa_cipher_operation_t operation;
 
@@ -357,7 +361,7 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( expected_output != NULL );
 
     memset( iv, 0x2a, sizeof( iv ) );
-
+ 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
@@ -366,20 +370,19 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
-                                     sizeof( iv ) ) == PSA_SUCCESS );
-
-    output = mbedtls_calloc(0, output_size);
+                                        sizeof( iv ) ) == PSA_SUCCESS );
+    output_size_1 = input_size + operation.block_size;
+    output = mbedtls_calloc(1, output_size_1);
 
     TEST_ASSERT( (unsigned int)first_part_size < input_size );
     TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
-                                    output, output_size,
+                                    output, output_size_1, 
                                     &output_length) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size,
-                                    input_size - first_part_size,
-                                    output, output_size,
+    TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size, input_size - first_part_size,
+                                    output, output_size_1, 
                                     &output_length) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
-                                    output_size, &output_length) == PSA_SUCCESS );
+                                    output_size_1, &output_length) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
@@ -395,11 +398,13 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void cipher_test_decrypt( int alg_arg, int key_type_arg,
+void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg, 
                            char *key_hex,
-                           char *input_hex, char *output_hex )
+                           char *input_hex,
+                           int first_part_size, char *output_hex)
 {
     int key_slot = 1;
+    
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     unsigned char *key = NULL;
@@ -409,7 +414,7 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg,
     size_t input_size = 0;
     unsigned char *output;
     unsigned char *expected_output;
-    size_t output_size = 0;
+    size_t output_size, output_size_1 = 0;
     size_t output_length = 0;
     psa_cipher_operation_t operation;
 
@@ -424,7 +429,7 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( expected_output != NULL );
 
     memset( iv, 0x2a, sizeof( iv ) );
-
+ 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
@@ -435,14 +440,18 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
                                         sizeof( iv ) ) == PSA_SUCCESS );
 
-    output = mbedtls_calloc(0, output_size);
+    output_size_1 = input_size + operation.block_size;
+    output = mbedtls_calloc(1, output_size_1);
 
-    TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
-                                    output, output_size,
+    TEST_ASSERT( (unsigned int)first_part_size < input_size );
+    TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
+                                    output, output_size_1, 
+                                    &output_length) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size, input_size - first_part_size,
+                                    output, output_size_1, 
                                     &output_length) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
-                                    output_size, &output_length) == PSA_SUCCESS );
-
+                                    output_size_1, &output_length) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
     TEST_ASSERT( input_size == output_size );
@@ -458,7 +467,78 @@ exit:
 
 
 /* BEGIN_CASE */
-void cipher_test_verify_output( int alg_arg, int key_type_arg,
+void cipher_test_decrypt( int alg_arg, int key_type_arg, 
+                           char *key_hex,
+                           char *input_hex, char *output_hex,
+                           int expected_status )
+{
+    int key_slot = 1;
+    psa_status_t status;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key = NULL;
+    size_t key_size;
+    unsigned char iv[16] = {0};
+    unsigned char *input = NULL;
+    size_t input_size = 0;
+    unsigned char *output;
+    unsigned char *expected_output;
+    size_t output_size, output_size_1 = 0;
+    size_t output_length = 0;
+    psa_cipher_operation_t operation;
+
+
+    key = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key != NULL );
+
+    input = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input != NULL );
+
+    expected_output = unhexify_alloc( output_hex, &output_size );
+    TEST_ASSERT( expected_output != NULL );
+
+    memset( iv, 0x2a, sizeof( iv ) );
+ 
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
+                                        sizeof( iv ) ) == PSA_SUCCESS );
+
+    output_size_1 = input_size + operation.block_size;
+    output = mbedtls_calloc(1, output_size);
+
+    TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
+                                    output, output_size_1, 
+                                    &output_length) == PSA_SUCCESS );
+    status = psa_cipher_finish( &operation, output + output_length,
+                                    output_size_1, &output_length);
+    TEST_ASSERT( status == (psa_status_t) expected_status );
+
+    if( expected_status == PSA_SUCCESS )
+    {
+        TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
+
+        TEST_ASSERT( input_size == output_size );
+        TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 );
+    }
+
+
+exit:
+    mbedtls_free( key );
+    mbedtls_free( input );
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+
+/* BEGIN_CASE */
+void cipher_test_verify_output( int alg_arg, int key_type_arg, 
                            char *key_hex,
                            char *input_hex )
 {
@@ -487,7 +567,7 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg,
 
     input = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input != NULL );
-
+ 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
@@ -498,45 +578,154 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv,
                                         iv_size, &iv_length) == PSA_SUCCESS );
-    output1_size = input_size;
-    output1 = mbedtls_calloc(0, output1_size);
+    output1_size = input_size + operation1.block_size;
+    output1 = mbedtls_calloc(1, output1_size);
+    TEST_ASSERT( output1 != NULL);
+
     TEST_ASSERT( psa_cipher_update( &operation1, input, input_size,
-                                    output1, output1_size,
+                                    output1, output1_size, 
                                     &output1_length) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length,
-                                    output1_size, &tmp_output_length) == PSA_SUCCESS );
+			            output1_size, &tmp_output_length) == PSA_SUCCESS );
+									
+    output1_length += tmp_output_length;
+
+    TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
+
+    output2_size = output1_length;
+    output2 = mbedtls_calloc(1, output2_size);
+
+    TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv,
+			             iv_length) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length, 
+                                    output2, output2_size, &output2_length) == PSA_SUCCESS );
+    tmp_output_length = 0;
+    TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length,
+			            output2_size, &tmp_output_length) == PSA_SUCCESS );  
+
+    output2_length += tmp_output_length;
+    
+    TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
+
+    TEST_ASSERT( input_size == output2_length );
+    TEST_ASSERT( memcmp( input, output2, input_size ) == 0 );
+
+exit:
+    mbedtls_free( key );
+    mbedtls_free( input );
+    mbedtls_free( output1 );
+    mbedtls_free( output2 );
+
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_test_verify_output_multpart( int alg_arg,
+                           int key_type_arg, 
+                           char *key_hex,
+                           char *input_hex,
+                           int first_part_size )
+{
+    int key_slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key = NULL;
+    size_t key_size;
+    unsigned char iv[16] = {0};
+    size_t iv_size = 16;
+    size_t iv_length = 0;
+    unsigned char *input = NULL;
+    size_t input_size = 0;
+    unsigned char *output1;
+    size_t output1_size = 0;
+    size_t output1_length = 0;
+    unsigned char *output2;
+    size_t output2_size = 0;
+    size_t output2_length = 0;
+    size_t tmp_output_length , temp = 0;
+    psa_cipher_operation_t operation1;
+    psa_cipher_operation_t operation2;
+
+    key = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key != NULL );
+
+    input = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input != NULL );
+ 
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv,
+                                        iv_size, &iv_length) == PSA_SUCCESS );
+    output1_size = input_size + operation1.block_size;
+    output1 = mbedtls_calloc(1, output1_size);
+
+    TEST_ASSERT( (unsigned int)first_part_size < input_size );
+    
+    TEST_ASSERT( psa_cipher_update( &operation1, input, first_part_size,
+                                    output1, output1_size, 
+                                    &output1_length) == PSA_SUCCESS );
+    temp = output1_length ;
+
+    TEST_ASSERT( psa_cipher_update( &operation1, input + first_part_size, input_size - first_part_size,
+                                    output1, output1_size, 
+                                    &output1_length) == PSA_SUCCESS );
+    output1_length += temp;
+
+    TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length,
+			            output1_size - output1_length, &tmp_output_length) == PSA_SUCCESS );
 
     output1_length += tmp_output_length;
 
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 
     output2_size = output1_length;
-    output2 = mbedtls_calloc(0, output2_size);
+    output2 = mbedtls_calloc(1, output2_size);
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv,
-                                     iv_length) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length,
-                                    output2, output2_size, &output2_length) == PSA_SUCCESS );
+			             iv_length) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_cipher_update( &operation2, output1, first_part_size,
+                                    output2, output2_size, 
+                                    &output2_length) == PSA_SUCCESS );
+
+    temp = output2_length ;
+
+    TEST_ASSERT( psa_cipher_update( &operation2, output1 + first_part_size, 
+                                output1_length - first_part_size,
+                                output2, output2_size, 
+                                &output2_length) == PSA_SUCCESS );           
+
+    output2_length += temp;
     tmp_output_length = 0;
     TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length,
-                                    output2_size, &tmp_output_length) == PSA_SUCCESS );
+			            output2_size - output2_length, &tmp_output_length) == PSA_SUCCESS );  
 
     output2_length += tmp_output_length;
-
+    
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 
-    TEST_ASSERT( input_size == output1_length );
-    TEST_ASSERT( output1_length == output2_length );
+    TEST_ASSERT( input_size == output2_length );
     TEST_ASSERT( memcmp( input, output2, input_size ) == 0 );
 
 exit:
     mbedtls_free( key );
     mbedtls_free( input );
+    mbedtls_free( output1 );
+    mbedtls_free( output2 );
     psa_destroy_key( key_slot );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
 
+
 /* BEGIN_CASE */
 void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg )
 {

From 7f87850fc41bb5abe4496838827f6e1b2c42ba7e Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Wed, 6 Jun 2018 17:09:40 +0300
Subject: [PATCH 130/889] fix and add tests case + fix for padding mode

---
 tests/suites/test_suite_psa_crypto.data     | 8 +-------
 tests/suites/test_suite_psa_crypto.function | 7 +------
 2 files changed, 2 insertions(+), 13 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 3ebbd5985..2958b30ac 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -69,7 +69,6 @@ PSA Symmetric decryption: AES-128 bad, input buffer too small AES-128
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE
 
-
 PSA Symmetric encryption/decryption: AES-128
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
@@ -106,7 +105,7 @@ PSA Symmetric decryption multipart: AES-128 7+9
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric decryption multipart: AES-128 3+12
+PSA Symmetric decryption multipart: AES-128 3+13
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:"6bc1bee22e409f96e93d7e117393172a"
 
@@ -122,10 +121,6 @@ PSA Symmetric encryption + decryption multipart: AES-128 PKC padding, 4+12
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4
 
-PSA Symmetric encryption + decryption multipart: AES-128 16+16
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743ba076ec9dfbe47d52afc357336f20743b":16
-
 PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw
 signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
 
@@ -178,4 +173,3 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED
 PSA Key Lifetime set fail, invalid key lifetime value
 key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
 
-
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 8d16c6fbf..4f1d3d60e 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -264,6 +264,7 @@ exit:
 }
 /* END_CASE */
 
+
 /* BEGIN_CASE */
 void cipher_test_encrypt( int alg_arg, int key_type_arg, 
                            char *key_hex,
@@ -613,9 +614,6 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg,
 exit:
     mbedtls_free( key );
     mbedtls_free( input );
-    mbedtls_free( output1 );
-    mbedtls_free( output2 );
-
     psa_destroy_key( key_slot );
     mbedtls_psa_crypto_free( );
 }
@@ -718,14 +716,11 @@ void cipher_test_verify_output_multpart( int alg_arg,
 exit:
     mbedtls_free( key );
     mbedtls_free( input );
-    mbedtls_free( output1 );
-    mbedtls_free( output2 );
     psa_destroy_key( key_slot );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
 
-
 /* BEGIN_CASE */
 void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg )
 {

From 4ca9c3f9a163185f8e67a46ecb37f37000a4e3c9 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 6 Jun 2018 18:44:09 +0200
Subject: [PATCH 131/889] Fix whitespace issues

Only whitespace changes.

* Remove tabs.
* Remove trailing whitespace.
* Correct some misindented lines.
* Normalize whitespace around some punctuation.
* Split some lines to avoid going over 80 columns.
---
 tests/suites/test_suite_psa_crypto.data     |   1 -
 tests/suites/test_suite_psa_crypto.function | 219 +++++++++++---------
 2 files changed, 117 insertions(+), 103 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 2958b30ac..16bce06eb 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -172,4 +172,3 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED
 
 PSA Key Lifetime set fail, invalid key lifetime value
 key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
-
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 4f1d3d60e..16b65ac37 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -266,7 +266,7 @@ exit:
 
 
 /* BEGIN_CASE */
-void cipher_test_encrypt( int alg_arg, int key_type_arg, 
+void cipher_test_encrypt( int alg_arg, int key_type_arg,
                            char *key_hex,
                            char *input_hex, char *output_hex,
                            int expected_status )
@@ -297,7 +297,7 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( expected_output != NULL );
 
     memset( iv, 0x2a, sizeof( iv ) );
- 
+
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
@@ -305,16 +305,16 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
-                                        sizeof( iv ) ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_encrypt_set_iv( &operation,
+                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
     output_size_1 = input_size + operation.block_size;
-    output = mbedtls_calloc(1, output_size_1);
+    output = mbedtls_calloc( 1, output_size_1 );
 
     TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
-                                    output, output_size_1, 
-                                    &output_length) == PSA_SUCCESS );
+                                    output, output_size_1,
+                                    &output_length ) == PSA_SUCCESS );
     status = psa_cipher_finish( &operation, output + output_length,
-                                    output_size_1, &output_length);
+                                output_size_1, &output_length );
     TEST_ASSERT( status == (psa_status_t) expected_status );
     if( expected_status == PSA_SUCCESS )
     {
@@ -332,10 +332,10 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg, 
-                           char *key_hex,
-                           char *input_hex,
-                           int first_part_size, char *output_hex )
+void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg,
+                                    char *key_hex,
+                                    char *input_hex,
+                                    int first_part_size, char *output_hex )
 {
     int key_slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -362,7 +362,7 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( expected_output != NULL );
 
     memset( iv, 0x2a, sizeof( iv ) );
- 
+
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
@@ -370,20 +370,22 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
-                                        sizeof( iv ) ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_encrypt_set_iv( &operation,
+                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
     output_size_1 = input_size + operation.block_size;
-    output = mbedtls_calloc(1, output_size_1);
+    output = mbedtls_calloc( 1, output_size_1 );
 
-    TEST_ASSERT( (unsigned int)first_part_size < input_size );
+    TEST_ASSERT( (unsigned int) first_part_size < input_size );
     TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
-                                    output, output_size_1, 
-                                    &output_length) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size, input_size - first_part_size,
-                                    output, output_size_1, 
-                                    &output_length) == PSA_SUCCESS );
+                                    output, output_size_1,
+                                    &output_length ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_update( &operation,
+                                    input + first_part_size,
+                                    input_size - first_part_size,
+                                    output, output_size_1,
+                                    &output_length ) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
-                                    output_size_1, &output_length) == PSA_SUCCESS );
+                                    output_size_1, &output_length ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
@@ -399,13 +401,13 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg, 
-                           char *key_hex,
-                           char *input_hex,
-                           int first_part_size, char *output_hex)
+void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg,
+                                    char *key_hex,
+                                    char *input_hex,
+                                    int first_part_size, char *output_hex )
 {
     int key_slot = 1;
-    
+
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     unsigned char *key = NULL;
@@ -430,7 +432,7 @@ void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( expected_output != NULL );
 
     memset( iv, 0x2a, sizeof( iv ) );
- 
+
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
@@ -438,21 +440,23 @@ void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
-                                        sizeof( iv ) ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_encrypt_set_iv( &operation,
+                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
 
     output_size_1 = input_size + operation.block_size;
-    output = mbedtls_calloc(1, output_size_1);
+    output = mbedtls_calloc( 1, output_size_1 );
 
-    TEST_ASSERT( (unsigned int)first_part_size < input_size );
+    TEST_ASSERT( (unsigned int) first_part_size < input_size );
     TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
-                                    output, output_size_1, 
-                                    &output_length) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_update( &operation, input + first_part_size, input_size - first_part_size,
-                                    output, output_size_1, 
-                                    &output_length) == PSA_SUCCESS );
+                                    output, output_size_1,
+                                    &output_length ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_update( &operation,
+                                    input + first_part_size,
+                                    input_size - first_part_size,
+                                    output, output_size_1,
+                                    &output_length ) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
-                                    output_size_1, &output_length) == PSA_SUCCESS );
+                                    output_size_1, &output_length ) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
     TEST_ASSERT( input_size == output_size );
@@ -468,10 +472,10 @@ exit:
 
 
 /* BEGIN_CASE */
-void cipher_test_decrypt( int alg_arg, int key_type_arg, 
-                           char *key_hex,
-                           char *input_hex, char *output_hex,
-                           int expected_status )
+void cipher_test_decrypt( int alg_arg, int key_type_arg,
+                          char *key_hex,
+                          char *input_hex, char *output_hex,
+                          int expected_status )
 {
     int key_slot = 1;
     psa_status_t status;
@@ -499,7 +503,7 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( expected_output != NULL );
 
     memset( iv, 0x2a, sizeof( iv ) );
- 
+
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
@@ -507,17 +511,17 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_set_iv( &operation, iv,
-                                        sizeof( iv ) ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_encrypt_set_iv( &operation,
+                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
 
     output_size_1 = input_size + operation.block_size;
-    output = mbedtls_calloc(1, output_size);
+    output = mbedtls_calloc( 1, output_size );
 
     TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
-                                    output, output_size_1, 
-                                    &output_length) == PSA_SUCCESS );
+                                    output, output_size_1,
+                                    &output_length ) == PSA_SUCCESS );
     status = psa_cipher_finish( &operation, output + output_length,
-                                    output_size_1, &output_length);
+                                output_size_1, &output_length );
     TEST_ASSERT( status == (psa_status_t) expected_status );
 
     if( expected_status == PSA_SUCCESS )
@@ -539,9 +543,9 @@ exit:
 
 
 /* BEGIN_CASE */
-void cipher_test_verify_output( int alg_arg, int key_type_arg, 
-                           char *key_hex,
-                           char *input_hex )
+void cipher_test_verify_output( int alg_arg, int key_type_arg,
+                                char *key_hex,
+                                char *input_hex )
 {
     int key_slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -568,7 +572,7 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg,
 
     input = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input != NULL );
- 
+
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
@@ -577,35 +581,40 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv,
-                                        iv_size, &iv_length) == PSA_SUCCESS );
+    TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
+                                          iv, iv_size,
+                                          &iv_length ) == PSA_SUCCESS );
     output1_size = input_size + operation1.block_size;
-    output1 = mbedtls_calloc(1, output1_size);
-    TEST_ASSERT( output1 != NULL);
+    output1 = mbedtls_calloc( 1, output1_size );
+    TEST_ASSERT( output1 != NULL );
 
     TEST_ASSERT( psa_cipher_update( &operation1, input, input_size,
-                                    output1, output1_size, 
-                                    &output1_length) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length,
-			            output1_size, &tmp_output_length) == PSA_SUCCESS );
-									
+                                    output1, output1_size,
+                                    &output1_length ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_finish( &operation1,
+                                    output1 + output1_length, output1_size,
+                                    &tmp_output_length ) == PSA_SUCCESS );
+
     output1_length += tmp_output_length;
 
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 
     output2_size = output1_length;
-    output2 = mbedtls_calloc(1, output2_size);
+    output2 = mbedtls_calloc( 1, output2_size );
 
-    TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv,
-			             iv_length) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length, 
-                                    output2, output2_size, &output2_length) == PSA_SUCCESS );
+    TEST_ASSERT( psa_encrypt_set_iv( &operation2,
+                                     iv, iv_length ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length,
+                                    output2, output2_size,
+                                    &output2_length ) == PSA_SUCCESS );
     tmp_output_length = 0;
-    TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length,
-			            output2_size, &tmp_output_length) == PSA_SUCCESS );  
+    TEST_ASSERT( psa_cipher_finish( &operation2,
+                                    output2 + output2_length,
+                                    output2_size,
+                                    &tmp_output_length ) == PSA_SUCCESS );
 
     output2_length += tmp_output_length;
-    
+
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 
     TEST_ASSERT( input_size == output2_length );
@@ -621,10 +630,10 @@ exit:
 
 /* BEGIN_CASE */
 void cipher_test_verify_output_multpart( int alg_arg,
-                           int key_type_arg, 
-                           char *key_hex,
-                           char *input_hex,
-                           int first_part_size )
+                                         int key_type_arg,
+                                         char *key_hex,
+                                         char *input_hex,
+                                         int first_part_size )
 {
     int key_slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -642,7 +651,7 @@ void cipher_test_verify_output_multpart( int alg_arg,
     unsigned char *output2;
     size_t output2_size = 0;
     size_t output2_length = 0;
-    size_t tmp_output_length , temp = 0;
+    size_t tmp_output_length, temp = 0;
     psa_cipher_operation_t operation1;
     psa_cipher_operation_t operation2;
 
@@ -651,7 +660,7 @@ void cipher_test_verify_output_multpart( int alg_arg,
 
     input = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input != NULL );
- 
+
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
@@ -660,54 +669,60 @@ void cipher_test_verify_output_multpart( int alg_arg,
     TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_generate_iv( &operation1, iv,
-                                        iv_size, &iv_length) == PSA_SUCCESS );
+    TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
+                                          iv, iv_size,
+                                          &iv_length ) == PSA_SUCCESS );
     output1_size = input_size + operation1.block_size;
-    output1 = mbedtls_calloc(1, output1_size);
+    output1 = mbedtls_calloc( 1, output1_size );
+
+    TEST_ASSERT( (unsigned int) first_part_size < input_size );
 
-    TEST_ASSERT( (unsigned int)first_part_size < input_size );
-    
     TEST_ASSERT( psa_cipher_update( &operation1, input, first_part_size,
-                                    output1, output1_size, 
-                                    &output1_length) == PSA_SUCCESS );
-    temp = output1_length ;
+                                    output1, output1_size,
+                                    &output1_length ) == PSA_SUCCESS );
+    temp = output1_length;
 
-    TEST_ASSERT( psa_cipher_update( &operation1, input + first_part_size, input_size - first_part_size,
-                                    output1, output1_size, 
-                                    &output1_length) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_update( &operation1,
+                                    input + first_part_size,
+                                    input_size - first_part_size,
+                                    output1, output1_size,
+                                    &output1_length ) == PSA_SUCCESS );
     output1_length += temp;
 
     TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length,
-			            output1_size - output1_length, &tmp_output_length) == PSA_SUCCESS );
+                                    output1_size - output1_length,
+                                    &tmp_output_length ) == PSA_SUCCESS );
 
     output1_length += tmp_output_length;
 
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 
     output2_size = output1_length;
-    output2 = mbedtls_calloc(1, output2_size);
+    output2 = mbedtls_calloc( 1, output2_size );
 
-    TEST_ASSERT( psa_encrypt_set_iv( &operation2, iv,
-			             iv_length) == PSA_SUCCESS );
+    TEST_ASSERT( psa_encrypt_set_iv( &operation2,
+                                     iv, iv_length ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_update( &operation2, output1, first_part_size,
-                                    output2, output2_size, 
-                                    &output2_length) == PSA_SUCCESS );
+                                    output2, output2_size,
+                                    &output2_length ) == PSA_SUCCESS );
 
-    temp = output2_length ;
+    temp = output2_length;
 
-    TEST_ASSERT( psa_cipher_update( &operation2, output1 + first_part_size, 
-                                output1_length - first_part_size,
-                                output2, output2_size, 
-                                &output2_length) == PSA_SUCCESS );           
+    TEST_ASSERT( psa_cipher_update( &operation2, output1 + first_part_size,
+                                    output1_length - first_part_size,
+                                    output2, output2_size,
+                                    &output2_length ) == PSA_SUCCESS );
 
     output2_length += temp;
     tmp_output_length = 0;
-    TEST_ASSERT( psa_cipher_finish( &operation2, output2 + output2_length,
-			            output2_size - output2_length, &tmp_output_length) == PSA_SUCCESS );  
+    TEST_ASSERT( psa_cipher_finish( &operation2,
+                                    output2 + output2_length,
+                                    output2_size - output2_length,
+                                    &tmp_output_length ) == PSA_SUCCESS );
 
     output2_length += tmp_output_length;
-    
+
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 
     TEST_ASSERT( input_size == output2_length );

From 9cf78d301d2d839083723b31ef9d893f921ea8ee Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 6 Jun 2018 18:57:11 +0200
Subject: [PATCH 132/889] Fix some test case dependencies on cipher modes

---
 tests/suites/test_suite_psa_crypto.data | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 16bce06eb..88b26d283 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -74,15 +74,15 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
 PSA Symmetric encryption/decryption: 16 bytes PKC padding
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
 cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
 PSA Symmetric encryption/decryption: 15 bytes PKC padding
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
 cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
 
 PSA Symmetric encryption/decryption CTR alg: AES-128
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
 cipher_test_verify_output:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
 PSA Symmetric encryption multipart: AES-128 7+9
@@ -118,7 +118,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11
 
 PSA Symmetric encryption + decryption multipart: AES-128 PKC padding, 4+12
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
 cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4
 
 PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw

From 17ddaa27b0ccb95cf7d76af0be38e2882f50e2c8 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 6 Jun 2018 18:57:49 +0200
Subject: [PATCH 133/889] Correct and improve cipher test case descriptions

---
 tests/suites/test_suite_psa_crypto.data | 34 ++++++++++++-------------
 1 file changed, 17 insertions(+), 17 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 88b26d283..783148cf1 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -53,71 +53,71 @@ PSA MAC verify: CMAC-AES-128
 depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
 mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
 
-PSA Symmetric encryption: AES-128
+PSA Symmetric encryption: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
 
-PSA Symmetric encryption: bad, input buffer too small AES-128
+PSA Symmetric encryption: AES-CBC-nopad, input too short
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
 
-PSA Symmetric decryption: AES-128
+PSA Symmetric decryption: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
 
-PSA Symmetric decryption: AES-128 bad, input buffer too small AES-128
+PSA Symmetric decryption: AES-CBC-nopad, input too short
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE
 
-PSA Symmetric encryption/decryption: AES-128
+PSA Symmetric encryption/decryption: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric encryption/decryption: 16 bytes PKC padding
+PSA Symmetric encryption/decryption: AES-CBC-PKCS#7, 16 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
 cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric encryption/decryption: 15 bytes PKC padding
+PSA Symmetric encryption/decryption: AES-CBC-PKCS#7, 15 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
 cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
 
-PSA Symmetric encryption/decryption CTR alg: AES-128
+PSA Symmetric encryption/decryption: AES-CTR
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
 cipher_test_verify_output:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric encryption multipart: AES-128 7+9
+PSA Symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b"
 
-PSA Symmetric encryption multipart: AES-128 3+13
+PSA Symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b"
 
-PSA Symmetric encryption multipart: AES-128 4+12
+PSA Symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:"a076ec9dfbe47d52afc357336f20743b"
 
-PSA Symmetric encryption multipart: AES-128 11+5
+PSA Symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b"
 
-PSA Symmetric decryption multipart: AES-128 7+9
+PSA Symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric decryption multipart: AES-128 3+13
+PSA Symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric decryption multipart: AES-128 11+5
+PSA Symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric encryption + decryption multipart: AES-128 11+5
+PSA Symmetric encryption + decryption multipart: AES-CBC-nopad, 11+5 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11
 
-PSA Symmetric encryption + decryption multipart: AES-128 PKC padding, 4+12
+PSA Symmetric encryption + decryption multipart: AES-CBC-PKCS#7 padding, 4+12 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
 cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4
 

From 9e3aa62c137c751eb31dc9dff2d331b3d3bc6bef Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Thu, 7 Jun 2018 12:08:47 +0300
Subject: [PATCH 134/889] change variable naming

---
 tests/suites/test_suite_psa_crypto.function | 42 ++++++++++-----------
 1 file changed, 21 insertions(+), 21 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 16b65ac37..906100328 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -282,7 +282,7 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg,
     size_t input_size = 0;
     unsigned char *output;
     unsigned char *expected_output;
-    size_t output_size, output_size_1 = 0;
+    size_t output_size, max_output_size = 0;
     size_t output_length = 0;
     psa_cipher_operation_t operation;
 
@@ -307,14 +307,14 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
-    output_size_1 = input_size + operation.block_size;
-    output = mbedtls_calloc( 1, output_size_1 );
+    max_output_size = input_size + operation.block_size;
+    output = mbedtls_calloc( 1, max_output_size );
 
     TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
-                                    output, output_size_1,
+                                    output, max_output_size,
                                     &output_length ) == PSA_SUCCESS );
     status = psa_cipher_finish( &operation, output + output_length,
-                                output_size_1, &output_length );
+                                max_output_size, &output_length );
     TEST_ASSERT( status == (psa_status_t) expected_status );
     if( expected_status == PSA_SUCCESS )
     {
@@ -347,7 +347,7 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg,
     size_t input_size = 0;
     unsigned char *output;
     unsigned char *expected_output;
-    size_t output_size, output_size_1 = 0;
+    size_t output_size, max_output_size = 0;
     size_t output_length = 0;
     psa_cipher_operation_t operation;
 
@@ -372,20 +372,20 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
-    output_size_1 = input_size + operation.block_size;
-    output = mbedtls_calloc( 1, output_size_1 );
+    max_output_size = input_size + operation.block_size;
+    output = mbedtls_calloc( 1, max_output_size );
 
     TEST_ASSERT( (unsigned int) first_part_size < input_size );
     TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
-                                    output, output_size_1,
+                                    output, max_output_size,
                                     &output_length ) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_update( &operation,
                                     input + first_part_size,
                                     input_size - first_part_size,
-                                    output, output_size_1,
+                                    output, max_output_size,
                                     &output_length ) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
-                                    output_size_1, &output_length ) == PSA_SUCCESS );
+                                    max_output_size, &output_length ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
@@ -417,7 +417,7 @@ void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg,
     size_t input_size = 0;
     unsigned char *output;
     unsigned char *expected_output;
-    size_t output_size, output_size_1 = 0;
+    size_t output_size, max_output_size = 0;
     size_t output_length = 0;
     psa_cipher_operation_t operation;
 
@@ -443,20 +443,20 @@ void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
 
-    output_size_1 = input_size + operation.block_size;
-    output = mbedtls_calloc( 1, output_size_1 );
+    output_simax_output_sizeze_1 = input_size + operation.block_size;
+    output = mbedtls_calloc( 1, max_output_size );
 
     TEST_ASSERT( (unsigned int) first_part_size < input_size );
     TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
-                                    output, output_size_1,
+                                    output, max_output_size,
                                     &output_length ) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_update( &operation,
                                     input + first_part_size,
                                     input_size - first_part_size,
-                                    output, output_size_1,
+                                    output, max_output_size,
                                     &output_length ) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
-                                    output_size_1, &output_length ) == PSA_SUCCESS );
+                                    max_output_size, &output_length ) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
     TEST_ASSERT( input_size == output_size );
@@ -488,7 +488,7 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg,
     size_t input_size = 0;
     unsigned char *output;
     unsigned char *expected_output;
-    size_t output_size, output_size_1 = 0;
+    size_t output_size, max_output_size = 0;
     size_t output_length = 0;
     psa_cipher_operation_t operation;
 
@@ -514,14 +514,14 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
 
-    output_size_1 = input_size + operation.block_size;
+    max_output_size = input_size + operation.block_size;
     output = mbedtls_calloc( 1, output_size );
 
     TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
-                                    output, output_size_1,
+                                    output, max_output_size,
                                     &output_length ) == PSA_SUCCESS );
     status = psa_cipher_finish( &operation, output + output_length,
-                                output_size_1, &output_length );
+                                max_output_size, &output_length );
     TEST_ASSERT( status == (psa_status_t) expected_status );
 
     if( expected_status == PSA_SUCCESS )

From a9c3a658becf3486c77f812f575c1a979f654e5a Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Thu, 7 Jun 2018 18:08:58 +0300
Subject: [PATCH 135/889] tests fix + max_output_size

---
 tests/suites/test_suite_psa_crypto.function | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 906100328..9f9dd6808 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -319,8 +319,6 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg,
     if( expected_status == PSA_SUCCESS )
     {
         TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
-
-        TEST_ASSERT( input_size == output_size );
         TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 );
     }
 exit:
@@ -443,7 +441,7 @@ void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
 
-    output_simax_output_sizeze_1 = input_size + operation.block_size;
+    max_output_size = input_size + operation.block_size;
     output = mbedtls_calloc( 1, max_output_size );
 
     TEST_ASSERT( (unsigned int) first_part_size < input_size );
@@ -515,7 +513,7 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
 
     max_output_size = input_size + operation.block_size;
-    output = mbedtls_calloc( 1, output_size );
+    output = mbedtls_calloc( 1, max_output_size );
 
     TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
                                     output, max_output_size,
@@ -527,8 +525,6 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg,
     if( expected_status == PSA_SUCCESS )
     {
         TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
-
-        TEST_ASSERT( input_size == output_size );
         TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 );
     }
 

From 8172b87a6332120b7d2c1ae12107e7a9072df99e Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Thu, 7 Jun 2018 18:09:18 +0300
Subject: [PATCH 136/889] add tests cases

---
 tests/suites/test_suite_psa_crypto.data | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 783148cf1..e9f26bc24 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -57,14 +57,38 @@ PSA Symmetric encryption: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
 
+PSA Symmetric encryption: AES-CBC-PKCS#7, 16 bytes, good
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
+
+PSA Symmetric encryption: AES-CBC-PKCS#7, 15 bytes, good
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS
+
 PSA Symmetric encryption: AES-CBC-nopad, input too short
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
 
+PSA Symmetric encryption: AES-CTR, 16 bytes, good
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
+
+PSA Symmetric encryption: AES-CTR, 15 bytes, good
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd00":PSA_SUCCESS
+
 PSA Symmetric decryption: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
 
+PSA Symmetric decryption: AES-CBC-PKCS#7, 15 bytes, bad - cipher full block expected
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE
+
+PSA Symmetric decryption: AES-CTR, 16 bytes, good
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_test_decrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS
+
 PSA Symmetric decryption: AES-CBC-nopad, input too short
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE

From 048b7f080203519c2ca8d258dcd84ef62d4e2c2e Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 8 Jun 2018 14:20:49 +0200
Subject: [PATCH 137/889] Rename some variables to make the code easier to read

In cipher_test_verify_output_multpart, tweak the ways chunk sizes are
added in order to get rid of the variable temp. In other functions,
this commit does not change the logic at all.
---
 tests/suites/test_suite_psa_crypto.function | 178 +++++++++++---------
 1 file changed, 95 insertions(+), 83 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 9f9dd6808..29f233b55 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -282,8 +282,9 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg,
     size_t input_size = 0;
     unsigned char *output;
     unsigned char *expected_output;
-    size_t output_size, max_output_size = 0;
-    size_t output_length = 0;
+    size_t expected_output_size;
+    size_t output_buffer_size = 0;
+    size_t function_output_length = 0;
     psa_cipher_operation_t operation;
 
 
@@ -293,7 +294,7 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg,
     input = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input != NULL );
 
-    expected_output = unhexify_alloc( output_hex, &output_size );
+    expected_output = unhexify_alloc( output_hex, &expected_output_size );
     TEST_ASSERT( expected_output != NULL );
 
     memset( iv, 0x2a, sizeof( iv ) );
@@ -307,19 +308,22 @@ void cipher_test_encrypt( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
-    max_output_size = input_size + operation.block_size;
-    output = mbedtls_calloc( 1, max_output_size );
+    output_buffer_size = input_size + operation.block_size;
+    output = mbedtls_calloc( 1, output_buffer_size );
 
     TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
-                                    output, max_output_size,
-                                    &output_length ) == PSA_SUCCESS );
-    status = psa_cipher_finish( &operation, output + output_length,
-                                max_output_size, &output_length );
+                                    output, output_buffer_size,
+                                    &function_output_length ) == PSA_SUCCESS );
+    status = psa_cipher_finish( &operation,
+                                output + function_output_length,
+                                output_buffer_size,
+                                &function_output_length );
     TEST_ASSERT( status == (psa_status_t) expected_status );
     if( expected_status == PSA_SUCCESS )
     {
         TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
-        TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 );
+        TEST_ASSERT( memcmp( expected_output, output,
+                             expected_output_size ) == 0 );
     }
 exit:
     mbedtls_free( key );
@@ -345,8 +349,9 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg,
     size_t input_size = 0;
     unsigned char *output;
     unsigned char *expected_output;
-    size_t output_size, max_output_size = 0;
-    size_t output_length = 0;
+    size_t expected_output_size;
+    size_t output_buffer_size = 0;
+    size_t function_output_length = 0;
     psa_cipher_operation_t operation;
 
 
@@ -356,7 +361,7 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg,
     input = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input != NULL );
 
-    expected_output = unhexify_alloc( output_hex, &output_size );
+    expected_output = unhexify_alloc( output_hex, &expected_output_size );
     TEST_ASSERT( expected_output != NULL );
 
     memset( iv, 0x2a, sizeof( iv ) );
@@ -370,25 +375,27 @@ void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
-    max_output_size = input_size + operation.block_size;
-    output = mbedtls_calloc( 1, max_output_size );
+    output_buffer_size = input_size + operation.block_size;
+    output = mbedtls_calloc( 1, output_buffer_size );
 
     TEST_ASSERT( (unsigned int) first_part_size < input_size );
     TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
-                                    output, max_output_size,
-                                    &output_length ) == PSA_SUCCESS );
+                                    output, output_buffer_size,
+                                    &function_output_length ) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_update( &operation,
                                     input + first_part_size,
                                     input_size - first_part_size,
-                                    output, max_output_size,
-                                    &output_length ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
-                                    max_output_size, &output_length ) == PSA_SUCCESS );
+                                    output, output_buffer_size,
+                                    &function_output_length ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_finish( &operation,
+                                    output + function_output_length,
+                                    output_buffer_size,
+                                    &function_output_length ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
-    TEST_ASSERT( input_size == output_size );
-    TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 );
+    TEST_ASSERT( input_size == expected_output_size );
+    TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 );
 
 exit:
     mbedtls_free( key );
@@ -415,8 +422,9 @@ void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg,
     size_t input_size = 0;
     unsigned char *output;
     unsigned char *expected_output;
-    size_t output_size, max_output_size = 0;
-    size_t output_length = 0;
+    size_t expected_output_size;
+    size_t output_buffer_size = 0;
+    size_t function_output_length = 0;
     psa_cipher_operation_t operation;
 
 
@@ -426,7 +434,7 @@ void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg,
     input = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input != NULL );
 
-    expected_output = unhexify_alloc( output_hex, &output_size );
+    expected_output = unhexify_alloc( output_hex, &expected_output_size );
     TEST_ASSERT( expected_output != NULL );
 
     memset( iv, 0x2a, sizeof( iv ) );
@@ -441,24 +449,26 @@ void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
 
-    max_output_size = input_size + operation.block_size;
-    output = mbedtls_calloc( 1, max_output_size );
+    output_buffer_size = input_size + operation.block_size;
+    output = mbedtls_calloc( 1, output_buffer_size );
 
     TEST_ASSERT( (unsigned int) first_part_size < input_size );
     TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
-                                    output, max_output_size,
-                                    &output_length ) == PSA_SUCCESS );
+                                    output, output_buffer_size,
+                                    &function_output_length ) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_update( &operation,
                                     input + first_part_size,
                                     input_size - first_part_size,
-                                    output, max_output_size,
-                                    &output_length ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_finish( &operation, output + output_length,
-                                    max_output_size, &output_length ) == PSA_SUCCESS );
+                                    output, output_buffer_size,
+                                    &function_output_length ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_finish( &operation,
+                                    output + function_output_length,
+                                    output_buffer_size,
+                                    &function_output_length ) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
-    TEST_ASSERT( input_size == output_size );
-    TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 );
+    TEST_ASSERT( input_size == expected_output_size );
+    TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 );
 
 exit:
     mbedtls_free( key );
@@ -486,8 +496,9 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg,
     size_t input_size = 0;
     unsigned char *output;
     unsigned char *expected_output;
-    size_t output_size, max_output_size = 0;
-    size_t output_length = 0;
+    size_t expected_output_size;
+    size_t output_buffer_size = 0;
+    size_t function_output_length = 0;
     psa_cipher_operation_t operation;
 
 
@@ -497,7 +508,7 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg,
     input = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input != NULL );
 
-    expected_output = unhexify_alloc( output_hex, &output_size );
+    expected_output = unhexify_alloc( output_hex, &expected_output_size );
     TEST_ASSERT( expected_output != NULL );
 
     memset( iv, 0x2a, sizeof( iv ) );
@@ -512,20 +523,23 @@ void cipher_test_decrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
 
-    max_output_size = input_size + operation.block_size;
-    output = mbedtls_calloc( 1, max_output_size );
+    output_buffer_size = input_size + operation.block_size;
+    output = mbedtls_calloc( 1, output_buffer_size );
 
     TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
-                                    output, max_output_size,
-                                    &output_length ) == PSA_SUCCESS );
-    status = psa_cipher_finish( &operation, output + output_length,
-                                max_output_size, &output_length );
+                                    output, output_buffer_size,
+                                    &function_output_length ) == PSA_SUCCESS );
+    status = psa_cipher_finish( &operation,
+                                output + function_output_length,
+                                output_buffer_size,
+                                &function_output_length );
     TEST_ASSERT( status == (psa_status_t) expected_status );
 
     if( expected_status == PSA_SUCCESS )
     {
         TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
-        TEST_ASSERT( memcmp( expected_output, output, output_size ) == 0 );
+        TEST_ASSERT( memcmp( expected_output, output,
+                             expected_output_size ) == 0 );
     }
 
 
@@ -559,7 +573,7 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg,
     unsigned char *output2;
     size_t output2_size = 0;
     size_t output2_length = 0;
-    size_t tmp_output_length = 0;
+    size_t function_output_length = 0;
     psa_cipher_operation_t operation1;
     psa_cipher_operation_t operation2;
 
@@ -589,9 +603,9 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg,
                                     &output1_length ) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_finish( &operation1,
                                     output1 + output1_length, output1_size,
-                                    &tmp_output_length ) == PSA_SUCCESS );
+                                    &function_output_length ) == PSA_SUCCESS );
 
-    output1_length += tmp_output_length;
+    output1_length += function_output_length;
 
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 
@@ -603,13 +617,13 @@ void cipher_test_verify_output( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length,
                                     output2, output2_size,
                                     &output2_length ) == PSA_SUCCESS );
-    tmp_output_length = 0;
+    function_output_length = 0;
     TEST_ASSERT( psa_cipher_finish( &operation2,
                                     output2 + output2_length,
                                     output2_size,
-                                    &tmp_output_length ) == PSA_SUCCESS );
+                                    &function_output_length ) == PSA_SUCCESS );
 
-    output2_length += tmp_output_length;
+    output2_length += function_output_length;
 
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 
@@ -642,12 +656,12 @@ void cipher_test_verify_output_multpart( int alg_arg,
     unsigned char *input = NULL;
     size_t input_size = 0;
     unsigned char *output1;
-    size_t output1_size = 0;
+    size_t output1_buffer_size = 0;
     size_t output1_length = 0;
     unsigned char *output2;
-    size_t output2_size = 0;
+    size_t output2_buffer_size = 0;
     size_t output2_length = 0;
-    size_t tmp_output_length, temp = 0;
+    size_t function_output_length;
     psa_cipher_operation_t operation1;
     psa_cipher_operation_t operation2;
 
@@ -668,56 +682,54 @@ void cipher_test_verify_output_multpart( int alg_arg,
     TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
                                           iv, iv_size,
                                           &iv_length ) == PSA_SUCCESS );
-    output1_size = input_size + operation1.block_size;
-    output1 = mbedtls_calloc( 1, output1_size );
+    output1_buffer_size = input_size + operation1.block_size;
+    output1 = mbedtls_calloc( 1, output1_buffer_size );
 
     TEST_ASSERT( (unsigned int) first_part_size < input_size );
 
     TEST_ASSERT( psa_cipher_update( &operation1, input, first_part_size,
-                                    output1, output1_size,
-                                    &output1_length ) == PSA_SUCCESS );
-    temp = output1_length;
+                                    output1, output1_buffer_size,
+                                    &function_output_length ) == PSA_SUCCESS );
+    output1_length += function_output_length;
 
     TEST_ASSERT( psa_cipher_update( &operation1,
                                     input + first_part_size,
                                     input_size - first_part_size,
-                                    output1, output1_size,
-                                    &output1_length ) == PSA_SUCCESS );
-    output1_length += temp;
+                                    output1, output1_buffer_size,
+                                    &function_output_length ) == PSA_SUCCESS );
+    output1_length += function_output_length;
 
-    TEST_ASSERT( psa_cipher_finish( &operation1, output1 + output1_length,
-                                    output1_size - output1_length,
-                                    &tmp_output_length ) == PSA_SUCCESS );
-
-    output1_length += tmp_output_length;
+    TEST_ASSERT( psa_cipher_finish( &operation1,
+                                    output1 + output1_length,
+                                    output1_buffer_size - output1_length,
+                                    &function_output_length ) == PSA_SUCCESS );
+    output1_length += function_output_length;
 
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 
-    output2_size = output1_length;
-    output2 = mbedtls_calloc( 1, output2_size );
+    output2_buffer_size = output1_length;
+    output2 = mbedtls_calloc( 1, output2_buffer_size );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation2,
                                      iv, iv_length ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_update( &operation2, output1, first_part_size,
-                                    output2, output2_size,
-                                    &output2_length ) == PSA_SUCCESS );
+                                    output2, output2_buffer_size,
+                                    &function_output_length ) == PSA_SUCCESS );
+    output2_length += function_output_length;
 
-    temp = output2_length;
-
-    TEST_ASSERT( psa_cipher_update( &operation2, output1 + first_part_size,
+    TEST_ASSERT( psa_cipher_update( &operation2,
+                                    output1 + first_part_size,
                                     output1_length - first_part_size,
-                                    output2, output2_size,
-                                    &output2_length ) == PSA_SUCCESS );
+                                    output2, output2_buffer_size,
+                                    &function_output_length ) == PSA_SUCCESS );
+    output2_length += function_output_length;
 
-    output2_length += temp;
-    tmp_output_length = 0;
     TEST_ASSERT( psa_cipher_finish( &operation2,
                                     output2 + output2_length,
-                                    output2_size - output2_length,
-                                    &tmp_output_length ) == PSA_SUCCESS );
-
-    output2_length += tmp_output_length;
+                                    output2_buffer_size - output2_length,
+                                    &function_output_length ) == PSA_SUCCESS );
+    output2_length += function_output_length;
 
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 

From 50e586b691cb81ad3dcf5f43ede156feb22fb8d2 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 8 Jun 2018 14:28:46 +0200
Subject: [PATCH 138/889] We don't need _test_ in test function names

Also fix typo multpart -> multipart
---
 tests/suites/test_suite_psa_crypto.data     |  46 +-
 tests/suites/test_suite_psa_crypto.function | 588 ++++++++++----------
 2 files changed, 317 insertions(+), 317 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index e9f26bc24..14eb73477 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -55,95 +55,95 @@ mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"":"
 
 PSA Symmetric encryption: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
+cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
 
 PSA Symmetric encryption: AES-CBC-PKCS#7, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
+cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
 
 PSA Symmetric encryption: AES-CBC-PKCS#7, 15 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS
+cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS
 
 PSA Symmetric encryption: AES-CBC-nopad, input too short
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
+cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
 
 PSA Symmetric encryption: AES-CTR, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
+cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
 
 PSA Symmetric encryption: AES-CTR, 15 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd00":PSA_SUCCESS
+cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd00":PSA_SUCCESS
 
 PSA Symmetric decryption: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
+cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
 
 PSA Symmetric decryption: AES-CBC-PKCS#7, 15 bytes, bad - cipher full block expected
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE
+cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE
 
 PSA Symmetric decryption: AES-CTR, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_decrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS
+cipher_decrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS
 
 PSA Symmetric decryption: AES-CBC-nopad, input too short
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE
+cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE
 
 PSA Symmetric encryption/decryption: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
 PSA Symmetric encryption/decryption: AES-CBC-PKCS#7, 16 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
 PSA Symmetric encryption/decryption: AES-CBC-PKCS#7, 15 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-cipher_test_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
+cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
 
 PSA Symmetric encryption/decryption: AES-CTR
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_test_verify_output:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+cipher_verify_output:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
 PSA Symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b"
+cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b"
 
 PSA Symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b"
+cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b"
 
 PSA Symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:"a076ec9dfbe47d52afc357336f20743b"
+cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:"a076ec9dfbe47d52afc357336f20743b"
 
 PSA Symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b"
+cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b"
 
 PSA Symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a"
+cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a"
 
 PSA Symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:"6bc1bee22e409f96e93d7e117393172a"
+cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:"6bc1bee22e409f96e93d7e117393172a"
 
 PSA Symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:"6bc1bee22e409f96e93d7e117393172a"
+cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:"6bc1bee22e409f96e93d7e117393172a"
 
 PSA Symmetric encryption + decryption multipart: AES-CBC-nopad, 11+5 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11
+cipher_verify_output_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11
 
 PSA Symmetric encryption + decryption multipart: AES-CBC-PKCS#7 padding, 4+12 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-cipher_test_verify_output_multpart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4
+cipher_verify_output_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4
 
 PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw
 signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 29f233b55..bee64ef6c 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -266,296 +266,296 @@ exit:
 
 
 /* BEGIN_CASE */
-void cipher_test_encrypt( int alg_arg, int key_type_arg,
+void cipher_encrypt( int alg_arg, int key_type_arg,
+                     char *key_hex,
+                     char *input_hex, char *output_hex,
+                     int expected_status )
+{
+    int key_slot = 1;
+    psa_status_t status;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key = NULL;
+    size_t key_size;
+    unsigned char iv[16] = {0};
+    unsigned char *input = NULL;
+    size_t input_size = 0;
+    unsigned char *output;
+    unsigned char *expected_output;
+    size_t expected_output_size;
+    size_t output_buffer_size = 0;
+    size_t function_output_length = 0;
+    psa_cipher_operation_t operation;
+
+
+    key = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key != NULL );
+
+    input = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input != NULL );
+
+    expected_output = unhexify_alloc( output_hex, &expected_output_size );
+    TEST_ASSERT( expected_output != NULL );
+
+    memset( iv, 0x2a, sizeof( iv ) );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_encrypt_set_iv( &operation,
+                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
+    output_buffer_size = input_size + operation.block_size;
+    output = mbedtls_calloc( 1, output_buffer_size );
+
+    TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
+                                    output, output_buffer_size,
+                                    &function_output_length ) == PSA_SUCCESS );
+    status = psa_cipher_finish( &operation,
+                                output + function_output_length,
+                                output_buffer_size,
+                                &function_output_length );
+    TEST_ASSERT( status == (psa_status_t) expected_status );
+    if( expected_status == PSA_SUCCESS )
+    {
+        TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
+        TEST_ASSERT( memcmp( expected_output, output,
+                             expected_output_size ) == 0 );
+    }
+exit:
+    mbedtls_free( key );
+    mbedtls_free( input );
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
+                               char *key_hex,
+                               char *input_hex,
+                               int first_part_size, char *output_hex )
+{
+    int key_slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key = NULL;
+    size_t key_size;
+    unsigned char iv[16] = {0};
+    unsigned char *input = NULL;
+    size_t input_size = 0;
+    unsigned char *output;
+    unsigned char *expected_output;
+    size_t expected_output_size;
+    size_t output_buffer_size = 0;
+    size_t function_output_length = 0;
+    psa_cipher_operation_t operation;
+
+
+    key = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key != NULL );
+
+    input = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input != NULL );
+
+    expected_output = unhexify_alloc( output_hex, &expected_output_size );
+    TEST_ASSERT( expected_output != NULL );
+
+    memset( iv, 0x2a, sizeof( iv ) );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_encrypt_set_iv( &operation,
+                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
+    output_buffer_size = input_size + operation.block_size;
+    output = mbedtls_calloc( 1, output_buffer_size );
+
+    TEST_ASSERT( (unsigned int) first_part_size < input_size );
+    TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
+                                    output, output_buffer_size,
+                                    &function_output_length ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_update( &operation,
+                                    input + first_part_size,
+                                    input_size - first_part_size,
+                                    output, output_buffer_size,
+                                    &function_output_length ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_finish( &operation,
+                                    output + function_output_length,
+                                    output_buffer_size,
+                                    &function_output_length ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
+
+    TEST_ASSERT( input_size == expected_output_size );
+    TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 );
+
+exit:
+    mbedtls_free( key );
+    mbedtls_free( input );
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
+                               char *key_hex,
+                               char *input_hex,
+                               int first_part_size, char *output_hex )
+{
+    int key_slot = 1;
+
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key = NULL;
+    size_t key_size;
+    unsigned char iv[16] = {0};
+    unsigned char *input = NULL;
+    size_t input_size = 0;
+    unsigned char *output;
+    unsigned char *expected_output;
+    size_t expected_output_size;
+    size_t output_buffer_size = 0;
+    size_t function_output_length = 0;
+    psa_cipher_operation_t operation;
+
+
+    key = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key != NULL );
+
+    input = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input != NULL );
+
+    expected_output = unhexify_alloc( output_hex, &expected_output_size );
+    TEST_ASSERT( expected_output != NULL );
+
+    memset( iv, 0x2a, sizeof( iv ) );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_encrypt_set_iv( &operation,
+                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
+
+    output_buffer_size = input_size + operation.block_size;
+    output = mbedtls_calloc( 1, output_buffer_size );
+
+    TEST_ASSERT( (unsigned int) first_part_size < input_size );
+    TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
+                                    output, output_buffer_size,
+                                    &function_output_length ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_update( &operation,
+                                    input + first_part_size,
+                                    input_size - first_part_size,
+                                    output, output_buffer_size,
+                                    &function_output_length ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_finish( &operation,
+                                    output + function_output_length,
+                                    output_buffer_size,
+                                    &function_output_length ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
+
+    TEST_ASSERT( input_size == expected_output_size );
+    TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 );
+
+exit:
+    mbedtls_free( key );
+    mbedtls_free( input );
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+
+/* BEGIN_CASE */
+void cipher_decrypt( int alg_arg, int key_type_arg,
+                     char *key_hex,
+                     char *input_hex, char *output_hex,
+                     int expected_status )
+{
+    int key_slot = 1;
+    psa_status_t status;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key = NULL;
+    size_t key_size;
+    unsigned char iv[16] = {0};
+    unsigned char *input = NULL;
+    size_t input_size = 0;
+    unsigned char *output;
+    unsigned char *expected_output;
+    size_t expected_output_size;
+    size_t output_buffer_size = 0;
+    size_t function_output_length = 0;
+    psa_cipher_operation_t operation;
+
+
+    key = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key != NULL );
+
+    input = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input != NULL );
+
+    expected_output = unhexify_alloc( output_hex, &expected_output_size );
+    TEST_ASSERT( expected_output != NULL );
+
+    memset( iv, 0x2a, sizeof( iv ) );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_encrypt_set_iv( &operation,
+                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
+
+    output_buffer_size = input_size + operation.block_size;
+    output = mbedtls_calloc( 1, output_buffer_size );
+
+    TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
+                                    output, output_buffer_size,
+                                    &function_output_length ) == PSA_SUCCESS );
+    status = psa_cipher_finish( &operation,
+                                output + function_output_length,
+                                output_buffer_size,
+                                &function_output_length );
+    TEST_ASSERT( status == (psa_status_t) expected_status );
+
+    if( expected_status == PSA_SUCCESS )
+    {
+        TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
+        TEST_ASSERT( memcmp( expected_output, output,
+                             expected_output_size ) == 0 );
+    }
+
+
+exit:
+    mbedtls_free( key );
+    mbedtls_free( input );
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+
+/* BEGIN_CASE */
+void cipher_verify_output( int alg_arg, int key_type_arg,
                            char *key_hex,
-                           char *input_hex, char *output_hex,
-                           int expected_status )
-{
-    int key_slot = 1;
-    psa_status_t status;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    unsigned char *key = NULL;
-    size_t key_size;
-    unsigned char iv[16] = {0};
-    unsigned char *input = NULL;
-    size_t input_size = 0;
-    unsigned char *output;
-    unsigned char *expected_output;
-    size_t expected_output_size;
-    size_t output_buffer_size = 0;
-    size_t function_output_length = 0;
-    psa_cipher_operation_t operation;
-
-
-    key = unhexify_alloc( key_hex, &key_size );
-    TEST_ASSERT( key != NULL );
-
-    input = unhexify_alloc( input_hex, &input_size );
-    TEST_ASSERT( input != NULL );
-
-    expected_output = unhexify_alloc( output_hex, &expected_output_size );
-    TEST_ASSERT( expected_output != NULL );
-
-    memset( iv, 0x2a, sizeof( iv ) );
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, key_size ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_encrypt_set_iv( &operation,
-                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
-    output_buffer_size = input_size + operation.block_size;
-    output = mbedtls_calloc( 1, output_buffer_size );
-
-    TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
-                                    output, output_buffer_size,
-                                    &function_output_length ) == PSA_SUCCESS );
-    status = psa_cipher_finish( &operation,
-                                output + function_output_length,
-                                output_buffer_size,
-                                &function_output_length );
-    TEST_ASSERT( status == (psa_status_t) expected_status );
-    if( expected_status == PSA_SUCCESS )
-    {
-        TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
-        TEST_ASSERT( memcmp( expected_output, output,
-                             expected_output_size ) == 0 );
-    }
-exit:
-    mbedtls_free( key );
-    mbedtls_free( input );
-    psa_destroy_key( key_slot );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_test_encrypt_multipart( int alg_arg, int key_type_arg,
-                                    char *key_hex,
-                                    char *input_hex,
-                                    int first_part_size, char *output_hex )
-{
-    int key_slot = 1;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    unsigned char *key = NULL;
-    size_t key_size;
-    unsigned char iv[16] = {0};
-    unsigned char *input = NULL;
-    size_t input_size = 0;
-    unsigned char *output;
-    unsigned char *expected_output;
-    size_t expected_output_size;
-    size_t output_buffer_size = 0;
-    size_t function_output_length = 0;
-    psa_cipher_operation_t operation;
-
-
-    key = unhexify_alloc( key_hex, &key_size );
-    TEST_ASSERT( key != NULL );
-
-    input = unhexify_alloc( input_hex, &input_size );
-    TEST_ASSERT( input != NULL );
-
-    expected_output = unhexify_alloc( output_hex, &expected_output_size );
-    TEST_ASSERT( expected_output != NULL );
-
-    memset( iv, 0x2a, sizeof( iv ) );
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, key_size ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_encrypt_set_iv( &operation,
-                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
-    output_buffer_size = input_size + operation.block_size;
-    output = mbedtls_calloc( 1, output_buffer_size );
-
-    TEST_ASSERT( (unsigned int) first_part_size < input_size );
-    TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
-                                    output, output_buffer_size,
-                                    &function_output_length ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_update( &operation,
-                                    input + first_part_size,
-                                    input_size - first_part_size,
-                                    output, output_buffer_size,
-                                    &function_output_length ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_finish( &operation,
-                                    output + function_output_length,
-                                    output_buffer_size,
-                                    &function_output_length ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
-
-    TEST_ASSERT( input_size == expected_output_size );
-    TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 );
-
-exit:
-    mbedtls_free( key );
-    mbedtls_free( input );
-    psa_destroy_key( key_slot );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void cipher_test_decrypt_multipart( int alg_arg, int key_type_arg,
-                                    char *key_hex,
-                                    char *input_hex,
-                                    int first_part_size, char *output_hex )
-{
-    int key_slot = 1;
-
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    unsigned char *key = NULL;
-    size_t key_size;
-    unsigned char iv[16] = {0};
-    unsigned char *input = NULL;
-    size_t input_size = 0;
-    unsigned char *output;
-    unsigned char *expected_output;
-    size_t expected_output_size;
-    size_t output_buffer_size = 0;
-    size_t function_output_length = 0;
-    psa_cipher_operation_t operation;
-
-
-    key = unhexify_alloc( key_hex, &key_size );
-    TEST_ASSERT( key != NULL );
-
-    input = unhexify_alloc( input_hex, &input_size );
-    TEST_ASSERT( input != NULL );
-
-    expected_output = unhexify_alloc( output_hex, &expected_output_size );
-    TEST_ASSERT( expected_output != NULL );
-
-    memset( iv, 0x2a, sizeof( iv ) );
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, key_size ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_encrypt_set_iv( &operation,
-                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
-
-    output_buffer_size = input_size + operation.block_size;
-    output = mbedtls_calloc( 1, output_buffer_size );
-
-    TEST_ASSERT( (unsigned int) first_part_size < input_size );
-    TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
-                                    output, output_buffer_size,
-                                    &function_output_length ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_update( &operation,
-                                    input + first_part_size,
-                                    input_size - first_part_size,
-                                    output, output_buffer_size,
-                                    &function_output_length ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_finish( &operation,
-                                    output + function_output_length,
-                                    output_buffer_size,
-                                    &function_output_length ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
-
-    TEST_ASSERT( input_size == expected_output_size );
-    TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 );
-
-exit:
-    mbedtls_free( key );
-    mbedtls_free( input );
-    psa_destroy_key( key_slot );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
-
-/* BEGIN_CASE */
-void cipher_test_decrypt( int alg_arg, int key_type_arg,
-                          char *key_hex,
-                          char *input_hex, char *output_hex,
-                          int expected_status )
-{
-    int key_slot = 1;
-    psa_status_t status;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    unsigned char *key = NULL;
-    size_t key_size;
-    unsigned char iv[16] = {0};
-    unsigned char *input = NULL;
-    size_t input_size = 0;
-    unsigned char *output;
-    unsigned char *expected_output;
-    size_t expected_output_size;
-    size_t output_buffer_size = 0;
-    size_t function_output_length = 0;
-    psa_cipher_operation_t operation;
-
-
-    key = unhexify_alloc( key_hex, &key_size );
-    TEST_ASSERT( key != NULL );
-
-    input = unhexify_alloc( input_hex, &input_size );
-    TEST_ASSERT( input != NULL );
-
-    expected_output = unhexify_alloc( output_hex, &expected_output_size );
-    TEST_ASSERT( expected_output != NULL );
-
-    memset( iv, 0x2a, sizeof( iv ) );
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, key_size ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_encrypt_set_iv( &operation,
-                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
-
-    output_buffer_size = input_size + operation.block_size;
-    output = mbedtls_calloc( 1, output_buffer_size );
-
-    TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
-                                    output, output_buffer_size,
-                                    &function_output_length ) == PSA_SUCCESS );
-    status = psa_cipher_finish( &operation,
-                                output + function_output_length,
-                                output_buffer_size,
-                                &function_output_length );
-    TEST_ASSERT( status == (psa_status_t) expected_status );
-
-    if( expected_status == PSA_SUCCESS )
-    {
-        TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
-        TEST_ASSERT( memcmp( expected_output, output,
-                             expected_output_size ) == 0 );
-    }
-
-
-exit:
-    mbedtls_free( key );
-    mbedtls_free( input );
-    psa_destroy_key( key_slot );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
-
-/* BEGIN_CASE */
-void cipher_test_verify_output( int alg_arg, int key_type_arg,
-                                char *key_hex,
-                                char *input_hex )
+                           char *input_hex )
 {
     int key_slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -639,11 +639,11 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void cipher_test_verify_output_multpart( int alg_arg,
-                                         int key_type_arg,
-                                         char *key_hex,
-                                         char *input_hex,
-                                         int first_part_size )
+void cipher_verify_output_multipart( int alg_arg,
+                                     int key_type_arg,
+                                     char *key_hex,
+                                     char *input_hex,
+                                     int first_part_size )
 {
     int key_slot = 1;
     psa_key_type_t key_type = key_type_arg;

From a7ec95f1ea08139290184dcaf2f5b450da51a4af Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 8 Jun 2018 14:40:59 +0200
Subject: [PATCH 139/889] Cipher tests: calculate and verify the actual output
 size

---
 tests/suites/test_suite_psa_crypto.function | 25 ++++++++++++++++-----
 1 file changed, 20 insertions(+), 5 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index bee64ef6c..6be41c350 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -285,6 +285,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
     size_t expected_output_size;
     size_t output_buffer_size = 0;
     size_t function_output_length = 0;
+    size_t total_output_length = 0;
     psa_cipher_operation_t operation;
 
 
@@ -314,17 +315,22 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
+    total_output_length += function_output_length;
     status = psa_cipher_finish( &operation,
                                 output + function_output_length,
                                 output_buffer_size,
                                 &function_output_length );
+    total_output_length += function_output_length;
+
     TEST_ASSERT( status == (psa_status_t) expected_status );
     if( expected_status == PSA_SUCCESS )
     {
         TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
+        TEST_ASSERT( total_output_length == expected_output_size );
         TEST_ASSERT( memcmp( expected_output, output,
                              expected_output_size ) == 0 );
     }
+
 exit:
     mbedtls_free( key );
     mbedtls_free( input );
@@ -352,9 +358,9 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
     size_t expected_output_size;
     size_t output_buffer_size = 0;
     size_t function_output_length = 0;
+    size_t total_output_length = 0;
     psa_cipher_operation_t operation;
 
-
     key = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key != NULL );
 
@@ -382,19 +388,21 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
+    total_output_length += function_output_length;
     TEST_ASSERT( psa_cipher_update( &operation,
                                     input + first_part_size,
                                     input_size - first_part_size,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
+    total_output_length += function_output_length;
     TEST_ASSERT( psa_cipher_finish( &operation,
                                     output + function_output_length,
                                     output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
-
+    total_output_length += function_output_length;
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
-    TEST_ASSERT( input_size == expected_output_size );
+    TEST_ASSERT( total_output_length == expected_output_size );
     TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 );
 
 exit:
@@ -425,9 +433,9 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     size_t expected_output_size;
     size_t output_buffer_size = 0;
     size_t function_output_length = 0;
+    size_t total_output_length = 0;
     psa_cipher_operation_t operation;
 
-
     key = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key != NULL );
 
@@ -456,18 +464,21 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
+    total_output_length += function_output_length;
     TEST_ASSERT( psa_cipher_update( &operation,
                                     input + first_part_size,
                                     input_size - first_part_size,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
+    total_output_length += function_output_length;
     TEST_ASSERT( psa_cipher_finish( &operation,
                                     output + function_output_length,
                                     output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
+    total_output_length += function_output_length;
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
-    TEST_ASSERT( input_size == expected_output_size );
+    TEST_ASSERT( total_output_length == expected_output_size );
     TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 );
 
 exit:
@@ -499,6 +510,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     size_t expected_output_size;
     size_t output_buffer_size = 0;
     size_t function_output_length = 0;
+    size_t total_output_length = 0;
     psa_cipher_operation_t operation;
 
 
@@ -529,15 +541,18 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
+    total_output_length += function_output_length;
     status = psa_cipher_finish( &operation,
                                 output + function_output_length,
                                 output_buffer_size,
                                 &function_output_length );
+    total_output_length += function_output_length;
     TEST_ASSERT( status == (psa_status_t) expected_status );
 
     if( expected_status == PSA_SUCCESS )
     {
         TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
+        TEST_ASSERT( total_output_length == expected_output_size );
         TEST_ASSERT( memcmp( expected_output, output,
                              expected_output_size ) == 0 );
     }

From 42b8aec7923d03f909649f2234d773d2ab8cc3b0 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 8 Jun 2018 14:41:49 +0200
Subject: [PATCH 140/889] Correct some bad test data

* PKCS#7 padding always adds at least one byte of padding, so test
  data with plaintext length = ciphertext length could not have been
  correct.
* CTR has plaintext length = ciphertext length, so test data with
  differing lengths could not have been correct.
---
 tests/suites/test_suite_psa_crypto.data | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 14eb73477..e2fea7035 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -59,7 +59,7 @@ cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES
 
 PSA Symmetric encryption: AES-CBC-PKCS#7, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
+cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS
 
 PSA Symmetric encryption: AES-CBC-PKCS#7, 15 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
@@ -75,7 +75,7 @@ cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7
 
 PSA Symmetric encryption: AES-CTR, 15 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd00":PSA_SUCCESS
+cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
 
 PSA Symmetric decryption: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC

From 5809ce7bd602202e6b4a703a5987344f339665af Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 8 Jun 2018 14:42:50 +0200
Subject: [PATCH 141/889] Add PKCS#7 good decryption test cases

---
 tests/suites/test_suite_psa_crypto.data | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index e2fea7035..2d2431577 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -81,6 +81,14 @@ PSA Symmetric decryption: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
 
+PSA Symmetric decryption: AES-CBC-PKCS#7, 16 bytes, good
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
+
+PSA Symmetric decryption: AES-CBC-PKCS#7, 15 bytes, good
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS
+
 PSA Symmetric decryption: AES-CBC-PKCS#7, 15 bytes, bad - cipher full block expected
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE

From 39ee871d3fb213357ecb0697e3e112e626117f61 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Thu, 26 Apr 2018 00:51:02 +0300
Subject: [PATCH 142/889] Change AEAD APIs to integrated AEAD APIs.

Change AEAD APIs to integrated AEAD APIs, this will allow t support CCM and
GCM algorithms.
---
 include/psa/crypto.h        | 87 ++++++++++---------------------------
 include/psa/crypto_struct.h | 14 ------
 2 files changed, 23 insertions(+), 78 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index c0b318776..7fc14a222 100755
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1072,14 +1072,6 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
 /** \defgroup aead Authenticated encryption with associated data (AEAD)
  * @{
  */
-
-/** The type of the state data structure for multipart AEAD operations.
- *
- * This is an implementation-defined \c struct. Applications should not
- * make any assumptions about the content of this structure except
- * as directed by the documentation of a specific implementation. */
-typedef struct psa_aead_operation_s psa_aead_operation_t;
-
 /** Set the key for a multipart authenticated encryption operation.
  *
  * The sequence of operations to authenticate-and-encrypt a message
@@ -1131,32 +1123,7 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation,
                                     psa_key_slot_t key,
                                     psa_algorithm_t alg);
 
-/** Set the key for a multipart authenticated decryption operation.
- *
- * The sequence of operations to authenticated and decrypt a message
- * is as follows:
- * -# Allocate an operation object which will be passed to all the functions
- *    listed here.
- * -# Call psa_aead_decrypt_setup() to specify the algorithm and key.
- *    The key remains associated with the operation even if the content
- *    of the key slot changes.
- * -# Call psa_aead_set_iv() to pass the initialization vector (IV)
- *    for the authenticated decryption.
- * -# Call psa_aead_update_ad() to pass the associated data that is
- *    to be authenticated but not encrypted. You may omit this step if
- *    there is no associated data.
- * -# Call psa_aead_update() zero, one or more times, passing a fragment
- *    of the data to decrypt each time.
- * -# Call psa_aead_finish().
- *
- * The application may call psa_aead_abort() at any time after the operation
- * has been initialized with psa_aead_decrypt_setup().
- *
- * After a successful call to psa_aead_decrypt_setup(), the application must
- * eventually terminate the operation. The following events terminate an
- * operation:
- * - A failed call to psa_aead_update().
- * - A call to psa_aead_finish() or psa_aead_abort().
+/** Process an integrated authenticated encryption operation.
  *
  * \param operation
  * \param alg       The AEAD algorithm to compute (\c PSA_ALG_XXX value
@@ -1175,37 +1142,29 @@ psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation,
  * \retval PSA_ERROR_HARDWARE_FAILURE
  * \retval PSA_ERROR_TAMPERING_DETECTED
  */
-psa_status_t psa_aead_decrypt_setup(psa_aead_operation_t *operation,
-                                    psa_key_slot_t key,
-                                    psa_algorithm_t alg);
+psa_status_t psa_aead_encrypt( psa_key_slot_t key,
+                               psa_algorithm_t alg,
+                               const uint8_t *nonce,
+                               size_t nonce_length,
+                               const uint8_t *additional_data,
+                               size_t additional_data_length,
+                               const uint8_t *plaintext,
+                               size_t plaintext_length,
+                               uint8_t *ciphertext,
+                               size_t ciphertext_size,
+                               size_t *ciphertext_length );
 
-psa_status_t psa_aead_generate_iv(psa_aead_operation_t *operation,
-                                  unsigned char *iv,
-                                  size_t iv_size,
-                                  size_t *iv_length);
-
-psa_status_t psa_aead_set_iv(psa_aead_operation_t *operation,
-                             const unsigned char *iv,
-                             size_t iv_length);
-
-psa_status_t psa_aead_update_ad(psa_aead_operation_t *operation,
-                                const uint8_t *input,
-                                size_t input_length);
-
-psa_status_t psa_aead_update(psa_aead_operation_t *operation,
-                             const uint8_t *input,
-                             size_t input_length);
-
-psa_status_t psa_aead_finish(psa_aead_operation_t *operation,
-                             uint8_t *tag,
-                             size_t tag_size,
-                             size_t *tag_length);
-
-psa_status_t psa_aead_verify(psa_aead_operation_t *operation,
-                             uint8_t *tag,
-                             size_t tag_length);
-
-psa_status_t psa_aead_abort(psa_aead_operation_t *operation);
+psa_status_t psa_aead_decrypt( psa_key_slot_t key,
+                               psa_algorithm_t alg,
+                               const uint8_t *nonce,
+                               size_t nonce_length,
+                               const uint8_t *additional_data,
+                               size_t additional_data_length,
+                               const uint8_t *ciphertext,
+                               size_t ciphertext_length,
+                               uint8_t *plaintext,
+                               size_t plaintext_size,
+                               size_t *plaintext_length );
 
 /**@}*/
 
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index eba4862c6..20a153d23 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -110,20 +110,6 @@ struct psa_cipher_operation_s
     } ctx;
 };
 
-struct psa_aead_operation_s
-{
-    psa_algorithm_t alg;
-    int key_set : 1;
-    int iv_set : 1;
-    int ad_set : 1;
-    uint8_t iv_size;
-    uint8_t block_size;
-    union
-    {
-        unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
-    } ctx;
-};
-
 struct psa_key_policy_s
 {
     psa_key_usage_t usage;

From 5955c98779dfdc9c51c676ea7be0ebacd919881d Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Thu, 26 Apr 2018 00:53:03 +0300
Subject: [PATCH 143/889] Initial implementation of the AEAD decrypt/encrypt
 APIs

Initial implementation for the AEAD APIs, missing the following:
* Concatenation of the tag to the output buffer.
* Updated documentation of the new functions.
* argument validations
* tests
---
 library/psa_crypto.c | 185 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 185 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index edb81c435..9efad5583 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1466,6 +1466,191 @@ psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
 }
 
 
+/****************************************************************/
+/* AEAD */
+/****************************************************************/
+psa_status_t psa_aead_encrypt( psa_key_slot_t key,
+                               psa_algorithm_t alg,
+                               const uint8_t *nonce,
+                               size_t nonce_length,
+                               const uint8_t *additional_data,
+                               size_t additional_data_length,
+                               const uint8_t *plaintext,
+                               size_t plaintext_length,
+                               uint8_t *ciphertext,
+                               size_t ciphertext_size,
+                               size_t *ciphertext_length )
+{
+    int ret;
+    psa_status_t status;
+    key_slot_t *slot;
+    psa_key_type_t key_type;
+    size_t key_bits;
+    const mbedtls_cipher_info_t *cipher_info = NULL;
+    unsigned char tag[16];
+
+    status = psa_get_key_information( key, &key_type, &key_bits );
+    if( status != PSA_SUCCESS )
+        return( status );
+    slot = &global_data.key_slots[key];
+
+    //TODO: check key policy
+
+    cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits );
+    if( cipher_info == NULL )
+        return( PSA_ERROR_NOT_SUPPORTED );
+
+    if ( key_type != PSA_KEY_TYPE_RAW_DATA)
+        return( PSA_ERROR_BAD_STATE );
+
+    operation->block_size = cipher_info->block_size;
+
+    if( alg == PSA_ALG_GCM )
+    {
+        mbedtls_gcm_context gcm;
+        mbedtls_gcm_init( &gcm );
+        ret = mbedtls_gcm_setkey( &gcm, cipher_info->base->cipher, 
+                                ( const unsigned char * )slot->data.raw.data, key_bits );
+        if( ret != 0 )
+        {
+            mbedtls_gcm_free( &gcm );
+            return( mbedtls_to_psa_error( ret ) );
+        }
+        ret = mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_ENCRYPT,
+                       plaintext_length, ( const unsigned char* )nonce ,
+                       nonce_length, ( const unsigned char* )additional_data,
+                       additional_data_length,
+                       ( const unsigned char* ) plaintext,
+                       ( unsigned char* )ciphertext, sizeof( tag ), tag );
+        if( ret != 0 )
+        {
+            mbedtls_gcm_free( &gcm );
+            return( mbedtls_to_psa_error( ret ) );
+        }
+
+        //TODO: append the tag to the output buffer and update the output buffer length.
+        mbedtls_gcm_free( &gcm );
+    }
+    else if( alg == PSA_ALG_CCM )
+    {
+        mbedtls_ccm_context ccm;
+        mbedtls_ccm_init( &ccm );
+        ret = mbedtls_ccm_setkey( &ccm, cipher_info->base->cipher, 
+                                ( const unsigned char * )slot->data.raw.data, key_bits );
+        if( ret != 0 )
+        {
+            mbedtls_ccm_free( &ccm );
+            return( mbedtls_to_psa_error( ret ) );
+        }
+        ret = mbedtls_ccm_encrypt_and_tag( &ccm, plaintext_length, 
+                       ( const unsigned char* )nonce ,
+                       nonce_length, ( const unsigned char* )additional_data,
+                       additional_data_length,
+                       ( const unsigned char* ) plaintext,
+                       ( unsigned char* )ciphertext, sizeof( tag ), tag );
+        if( ret != 0 )
+        {
+            mbedtls_ccm_free( &ccm );
+            return( mbedtls_to_psa_error( ret ) );
+        }
+
+        //TODO: append the tag to the output buffer and update the output buffer length.
+        mbedtls_ccm_free( &ccm );
+    }
+}
+
+psa_status_t psa_aead_decrypt( psa_key_slot_t key,
+                               psa_algorithm_t alg,
+                               const uint8_t *nonce,
+                               size_t nonce_length,
+                               const uint8_t *additional_data,
+                               size_t additional_data_length,
+                               const uint8_t *ciphertext,
+                               size_t ciphertext_length,
+                               uint8_t *plaintext,
+                               size_t plaintext_size,
+                               size_t *plaintext_length )
+{
+    int ret;
+    psa_status_t status;
+    key_slot_t *slot;
+    psa_key_type_t key_type;
+    size_t key_bits;
+    const mbedtls_cipher_info_t *cipher_info = NULL;
+    unsigned char tag[16];
+
+    status = psa_get_key_information( key, &key_type, &key_bits );
+    if( status != PSA_SUCCESS )
+        return( status );
+    slot = &global_data.key_slots[key];
+
+    //TODO: check key policy
+
+    cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits );
+    if( cipher_info == NULL )
+        return( PSA_ERROR_NOT_SUPPORTED );
+
+    if ( key_type != PSA_KEY_TYPE_RAW_DATA)
+        return( PSA_ERROR_BAD_STATE );
+
+    operation->block_size = cipher_info->block_size;
+
+    if( alg == PSA_ALG_GCM )
+    {
+        mbedtls_gcm_context gcm;
+        mbedtls_gcm_init( &gcm );
+        ret = mbedtls_gcm_setkey( &gcm, cipher_info->base->cipher, 
+                                ( const unsigned char * )slot->data.raw.data, key_bits );
+        if( ret != 0 )
+        {
+            mbedtls_gcm_free( &gcm );
+            return( mbedtls_to_psa_error( ret ) );
+        }
+        ret = mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_DECRYPT,
+                       ciphertext_length, ( const unsigned char* )nonce ,
+                       nonce_length, ( const unsigned char* )additional_data,
+                       additional_data_length,
+                       ( const unsigned char* )ciphertext,
+                       ( unsigned char* )plaintext, sizeof( tag ), tag );
+        if( ret != 0 )
+        {
+            mbedtls_gcm_free( &gcm );
+            return( mbedtls_to_psa_error( ret ) );
+        }
+
+        //TODO: append the tag to the output buffer and update the output buffer length.
+        mbedtls_gcm_free( &gcm );
+    }
+    else if( alg == PSA_ALG_CCM )
+    {
+        mbedtls_ccm_context ccm;
+        mbedtls_ccm_init( &ccm );
+        ret = mbedtls_ccm_setkey( &ccm, cipher_info->base->cipher, 
+                                ( const unsigned char * )slot->data.raw.data, key_bits );
+        if( ret != 0 )
+        {
+            mbedtls_ccm_free( &ccm );
+            return( mbedtls_to_psa_error( ret ) );
+        }
+        ret = mbedtls_ccm_auth_decrypt( &ccm, ciphertext_length, 
+                       ( const unsigned char* )nonce ,
+                       nonce_length, ( const unsigned char* )additional_data,
+                       additional_data_length,
+                       ( const unsigned char* )ciphertext ,
+                       ( unsigned char* )plaintext, sizeof( tag ), tag );
+        if( ret != 0 )
+        {
+            mbedtls_ccm_free( &ccm );
+            return( mbedtls_to_psa_error( ret ) );
+        }
+
+        //TODO: append the tag to the output buffer and update the output buffer length.
+        mbedtls_ccm_free( &ccm );
+    }
+
+    return( PSA_SUCCESS );
+}
+
 
 /****************************************************************/
 /* Module setup */

From 47ddf3d544408a2ff630786492e5b985d4df3b00 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Thu, 26 Apr 2018 01:11:21 +0300
Subject: [PATCH 144/889] Concatenate the tag to the output buffer

Concatenate the tag to the output buffer.
---
 library/psa_crypto.c | 25 ++++++++++++++++++++-----
 1 file changed, 20 insertions(+), 5 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 9efad5583..11a805e55 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1508,6 +1508,9 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     if( alg == PSA_ALG_GCM )
     {
         mbedtls_gcm_context gcm;
+        if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+
         mbedtls_gcm_init( &gcm );
         ret = mbedtls_gcm_setkey( &gcm, cipher_info->base->cipher, 
                                 ( const unsigned char * )slot->data.raw.data, key_bits );
@@ -1528,12 +1531,16 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
             return( mbedtls_to_psa_error( ret ) );
         }
 
-        //TODO: append the tag to the output buffer and update the output buffer length.
         mbedtls_gcm_free( &gcm );
     }
     else if( alg == PSA_ALG_CCM )
     {
         mbedtls_ccm_context ccm;
+        if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        if( nonce_length < 7 || nonce_length > 13 )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+
         mbedtls_ccm_init( &ccm );
         ret = mbedtls_ccm_setkey( &ccm, cipher_info->base->cipher, 
                                 ( const unsigned char * )slot->data.raw.data, key_bits );
@@ -1554,9 +1561,10 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
             return( mbedtls_to_psa_error( ret ) );
         }
 
-        //TODO: append the tag to the output buffer and update the output buffer length.
         mbedtls_ccm_free( &ccm );
     }
+    memcpy( ciphertext + plaintext_length, tag, sizeof( tag ) );
+    return( PSA_SUCCESS );
 }
 
 psa_status_t psa_aead_decrypt( psa_key_slot_t key,
@@ -1598,6 +1606,9 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     if( alg == PSA_ALG_GCM )
     {
         mbedtls_gcm_context gcm;
+        if( plaintext_size < ( ciphertext_length + 8 + sizeof( tag ) ) )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+
         mbedtls_gcm_init( &gcm );
         ret = mbedtls_gcm_setkey( &gcm, cipher_info->base->cipher, 
                                 ( const unsigned char * )slot->data.raw.data, key_bits );
@@ -1618,12 +1629,17 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
             return( mbedtls_to_psa_error( ret ) );
         }
 
-        //TODO: append the tag to the output buffer and update the output buffer length.
         mbedtls_gcm_free( &gcm );
+        memcpy( plaintext + ciphertext_length + 8, tag, sizeof( tag ) );
     }
     else if( alg == PSA_ALG_CCM )
     {
         mbedtls_ccm_context ccm;
+        if( plaintext_size < ( ciphertext_length + sizeof( tag ) ) )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        if( nonce_length < 7 || nonce_length > 13 )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+
         mbedtls_ccm_init( &ccm );
         ret = mbedtls_ccm_setkey( &ccm, cipher_info->base->cipher, 
                                 ( const unsigned char * )slot->data.raw.data, key_bits );
@@ -1644,10 +1660,9 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
             return( mbedtls_to_psa_error( ret ) );
         }
 
-        //TODO: append the tag to the output buffer and update the output buffer length.
         mbedtls_ccm_free( &ccm );
+        memcpy( plaintext + ciphertext_length, tag, sizeof( tag ) );
     }
-
     return( PSA_SUCCESS );
 }
 

From 9e5a515aa8ca51a186db0df4c9d1c3f625306dd1 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Thu, 26 Apr 2018 12:07:35 +0300
Subject: [PATCH 145/889] Fix parameter validation

---
 library/psa_crypto.c | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 11a805e55..005b9feb4 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1489,6 +1489,9 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     const mbedtls_cipher_info_t *cipher_info = NULL;
     unsigned char tag[16];
 
+    if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+
     status = psa_get_key_information( key, &key_type, &key_bits );
     if( status != PSA_SUCCESS )
         return( status );
@@ -1508,9 +1511,6 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     if( alg == PSA_ALG_GCM )
     {
         mbedtls_gcm_context gcm;
-        if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) )
-            return( PSA_ERROR_INVALID_ARGUMENT );
-
         mbedtls_gcm_init( &gcm );
         ret = mbedtls_gcm_setkey( &gcm, cipher_info->base->cipher, 
                                 ( const unsigned char * )slot->data.raw.data, key_bits );
@@ -1536,8 +1536,6 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     else if( alg == PSA_ALG_CCM )
     {
         mbedtls_ccm_context ccm;
-        if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) )
-            return( PSA_ERROR_INVALID_ARGUMENT );
         if( nonce_length < 7 || nonce_length > 13 )
             return( PSA_ERROR_INVALID_ARGUMENT );
 
@@ -1587,6 +1585,9 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     const mbedtls_cipher_info_t *cipher_info = NULL;
     unsigned char tag[16];
 
+    if( plaintext_size < ( ciphertext_length + sizeof( tag ) ) )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+
     status = psa_get_key_information( key, &key_type, &key_bits );
     if( status != PSA_SUCCESS )
         return( status );
@@ -1606,8 +1607,6 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     if( alg == PSA_ALG_GCM )
     {
         mbedtls_gcm_context gcm;
-        if( plaintext_size < ( ciphertext_length + 8 + sizeof( tag ) ) )
-            return( PSA_ERROR_INVALID_ARGUMENT );
 
         mbedtls_gcm_init( &gcm );
         ret = mbedtls_gcm_setkey( &gcm, cipher_info->base->cipher, 
@@ -1635,8 +1634,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     else if( alg == PSA_ALG_CCM )
     {
         mbedtls_ccm_context ccm;
-        if( plaintext_size < ( ciphertext_length + sizeof( tag ) ) )
-            return( PSA_ERROR_INVALID_ARGUMENT );
+        
         if( nonce_length < 7 || nonce_length > 13 )
             return( PSA_ERROR_INVALID_ARGUMENT );
 

From ce5cba9a6aeac759ebd5d624586185b2fecbf971 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Thu, 26 Apr 2018 12:08:21 +0300
Subject: [PATCH 146/889] unify the concatenation of the tag and update output
 length

---
 library/psa_crypto.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 005b9feb4..c0ef1c54f 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1562,6 +1562,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         mbedtls_ccm_free( &ccm );
     }
     memcpy( ciphertext + plaintext_length, tag, sizeof( tag ) );
+    *ciphertext_length = plaintext_length + sizeof( tag );
     return( PSA_SUCCESS );
 }
 
@@ -1629,7 +1630,6 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         }
 
         mbedtls_gcm_free( &gcm );
-        memcpy( plaintext + ciphertext_length + 8, tag, sizeof( tag ) );
     }
     else if( alg == PSA_ALG_CCM )
     {
@@ -1659,8 +1659,10 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         }
 
         mbedtls_ccm_free( &ccm );
-        memcpy( plaintext + ciphertext_length, tag, sizeof( tag ) );
     }
+
+    memcpy( plaintext + ciphertext_length, tag, sizeof( tag ) );
+    *plaintext_length = ciphertext_length + sizeof( tag );
     return( PSA_SUCCESS );
 }
 

From 579d35900798077c201b4fc17ffe7eba036691ed Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 30 Apr 2018 08:51:35 +0300
Subject: [PATCH 147/889] remove psa_aead_encrypt_setup from header file

remove psa_aead_encrypt_setup from header file
---
 include/psa/crypto.h | 51 --------------------------------------------
 1 file changed, 51 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 7fc14a222..cd86080c1 100755
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1072,57 +1072,6 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
 /** \defgroup aead Authenticated encryption with associated data (AEAD)
  * @{
  */
-/** Set the key for a multipart authenticated encryption operation.
- *
- * The sequence of operations to authenticate-and-encrypt a message
- * is as follows:
- * -# Allocate an operation object which will be passed to all the functions
- *    listed here.
- * -# Call psa_aead_encrypt_setup() to specify the algorithm and key.
- *    The key remains associated with the operation even if the content
- *    of the key slot changes.
- * -# Call either psa_aead_generate_iv() or psa_aead_set_iv() to
- *    generate or set the IV (initialization vector). You should use
- *    psa_encrypt_generate_iv() unless the protocol you are implementing
- *    requires a specific IV value.
- * -# Call psa_aead_update_ad() to pass the associated data that is
- *    to be authenticated but not encrypted. You may omit this step if
- *    there is no associated data.
- * -# Call psa_aead_update() zero, one or more times, passing a fragment
- *    of the data to encrypt each time.
- * -# Call psa_aead_finish().
- *
- * The application may call psa_aead_abort() at any time after the operation
- * has been initialized with psa_aead_encrypt_setup().
- *
- * After a successful call to psa_aead_encrypt_setup(), the application must
- * eventually terminate the operation. The following events terminate an
- * operation:
- * - A failed call to psa_aead_generate_iv(), psa_aead_set_iv(),
- *   psa_aead_update_ad() or psa_aead_update().
- * - A call to psa_aead_finish() or psa_aead_abort().
- *
- * \param operation
- * \param alg       The AEAD algorithm to compute (\c PSA_ALG_XXX value
- *                  such that #PSA_ALG_IS_AEAD(alg) is true).
- *
- * \retval PSA_SUCCESS
- *         Success.
- * \retval PSA_ERROR_EMPTY_SLOT
- * \retval PSA_ERROR_NOT_PERMITTED
- * \retval PSA_ERROR_INVALID_ARGUMENT
- *         \c key is not compatible with \c alg.
- * \retval PSA_ERROR_NOT_SUPPORTED
- *         \c alg is not supported or is not an AEAD algorithm.
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
- */
-psa_status_t psa_aead_encrypt_setup(psa_aead_operation_t *operation,
-                                    psa_key_slot_t key,
-                                    psa_algorithm_t alg);
-
 /** Process an integrated authenticated encryption operation.
  *
  * \param operation

From 9112693930a8575c44863a83bdeccf150912cfa7 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 30 Apr 2018 11:10:16 +0300
Subject: [PATCH 148/889] aead test scenario

---
 tests/suites/test_suite_psa_crypto.function | 70 +++++++++++++++++++++
 1 file changed, 70 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 04a95d4f8..4721c87f3 100755
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -573,3 +573,73 @@ exit:
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void aead_encrypt_decrypt( int key_type_arg, char *key_hex,
+                int alg_arg, char *input_hex,
+                cahr* additional_data, int additional_data_length )
+{
+    int slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key_data = NULL;
+    size_t key_size;
+    unsigned char *input_data = NULL;
+    size_t input_size;
+    unsigned char *output_data = NULL;
+    size_t output_length;
+    unsigned char *output_data2 = NULL;
+    size_t output_length2;
+    psa_status_t actual_status;
+    uint8_t* nonce = NULL;
+    size_t nonce_length = 16;
+    size_t tag_length = 16;
+
+
+    key_data = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key_data != NULL );
+    input_data = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input_data != NULL );
+    output_data = mbedtls_calloc( 1, input_size + tag_length );
+    TEST_ASSERT( output_data != NULL );
+    if( alg == PSA_ALG_CCM )
+    {
+        nonce_length = 12;
+    }
+    nonce = mbedtls_calloc( 1, nonce_length );
+    TEST_ASSERT( nonce != NULL );
+    for( int i = 0; i < nonce_length; ++nonce_length )
+        nonce[i] = i;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, key_type,
+                                 key_data, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_aead_encrypt( slot, alg,
+                               nonce, nonce_length,
+                               additional_data, additional_data_length,
+                               input_data, input_size, output_data,
+                               input_size, &output_length ) );
+
+    output_data2 = mbedtls_calloc( 1, output_length );
+    TEST_ASSERT( output_data2 != NULL );
+
+    TEST_ASSERT( psa_aead_decrypt( slot, alg,
+                            nonce, nonce_length,
+                            additional_data, additional_data_length,
+                            output_data, output_length - tag_length, output_data2,
+                            output_length, &output_length2 ) );
+    
+    TEST_ASSERT( memcmp( input, output_data2,
+                             input_size ) == 0 );
+    
+
+exit:
+    psa_destroy_key( slot );
+    mbedtls_free( key_data );
+    mbedtls_free( input_data );
+    mbedtls_free( signature );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */

From db6247315fb944c1aca0389ba18525a72112a352 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 30 Apr 2018 17:21:50 +0300
Subject: [PATCH 149/889] Parameters validation fixes

Fix key_type validation test and no need to ask for place for tag in decryption
---
 library/psa_crypto.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c0ef1c54f..2650fffe6 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1503,8 +1503,9 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     if( cipher_info == NULL )
         return( PSA_ERROR_NOT_SUPPORTED );
 
-    if ( key_type != PSA_KEY_TYPE_RAW_DATA)
-        return( PSA_ERROR_BAD_STATE );
+    if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER
+           && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 )
+        return( PSA_ERROR_INVALID_ARGUMENT );
 
     operation->block_size = cipher_info->block_size;
 
@@ -1586,7 +1587,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     const mbedtls_cipher_info_t *cipher_info = NULL;
     unsigned char tag[16];
 
-    if( plaintext_size < ( ciphertext_length + sizeof( tag ) ) )
+    if( plaintext_size < ciphertext_length )
             return( PSA_ERROR_INVALID_ARGUMENT );
 
     status = psa_get_key_information( key, &key_type, &key_bits );

From 6bbd8c75dcf1460bb499c8ba4037309a0817350f Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 30 Apr 2018 17:22:52 +0300
Subject: [PATCH 150/889] Remove unnecessary cast

Remove unnecessary cast
---
 library/psa_crypto.c | 37 +++++++++++++++----------------------
 1 file changed, 15 insertions(+), 22 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 2650fffe6..7589432c9 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1521,11 +1521,10 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
             return( mbedtls_to_psa_error( ret ) );
         }
         ret = mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_ENCRYPT,
-                       plaintext_length, ( const unsigned char* )nonce ,
-                       nonce_length, ( const unsigned char* )additional_data,
-                       additional_data_length,
-                       ( const unsigned char* ) plaintext,
-                       ( unsigned char* )ciphertext, sizeof( tag ), tag );
+                       plaintext_length, nonce ,
+                       nonce_length, additional_data,
+                       additional_data_length, plaintext,
+                       ciphertext, sizeof( tag ), tag );
         if( ret != 0 )
         {
             mbedtls_gcm_free( &gcm );
@@ -1542,18 +1541,16 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
 
         mbedtls_ccm_init( &ccm );
         ret = mbedtls_ccm_setkey( &ccm, cipher_info->base->cipher, 
-                                ( const unsigned char * )slot->data.raw.data, key_bits );
+                                  slot->data.raw.data, key_bits );
         if( ret != 0 )
         {
             mbedtls_ccm_free( &ccm );
             return( mbedtls_to_psa_error( ret ) );
         }
         ret = mbedtls_ccm_encrypt_and_tag( &ccm, plaintext_length, 
-                       ( const unsigned char* )nonce ,
-                       nonce_length, ( const unsigned char* )additional_data,
+                       nonce , nonce_length, additional_data,
                        additional_data_length,
-                       ( const unsigned char* ) plaintext,
-                       ( unsigned char* )ciphertext, sizeof( tag ), tag );
+                       plaintext, ciphertext, sizeof( tag ), tag );
         if( ret != 0 )
         {
             mbedtls_ccm_free( &ccm );
@@ -1612,18 +1609,16 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
 
         mbedtls_gcm_init( &gcm );
         ret = mbedtls_gcm_setkey( &gcm, cipher_info->base->cipher, 
-                                ( const unsigned char * )slot->data.raw.data, key_bits );
+                                  slot->data.raw.data, key_bits );
         if( ret != 0 )
         {
             mbedtls_gcm_free( &gcm );
             return( mbedtls_to_psa_error( ret ) );
         }
         ret = mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_DECRYPT,
-                       ciphertext_length, ( const unsigned char* )nonce ,
-                       nonce_length, ( const unsigned char* )additional_data,
-                       additional_data_length,
-                       ( const unsigned char* )ciphertext,
-                       ( unsigned char* )plaintext, sizeof( tag ), tag );
+                       ciphertext_length, nonce , nonce_length, 
+                       additional_data, additional_data_length,
+                       ciphertext, plaintext, sizeof( tag ), tag );
         if( ret != 0 )
         {
             mbedtls_gcm_free( &gcm );
@@ -1641,18 +1636,16 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
 
         mbedtls_ccm_init( &ccm );
         ret = mbedtls_ccm_setkey( &ccm, cipher_info->base->cipher, 
-                                ( const unsigned char * )slot->data.raw.data, key_bits );
+                                  slot->data.raw.data, key_bits );
         if( ret != 0 )
         {
             mbedtls_ccm_free( &ccm );
             return( mbedtls_to_psa_error( ret ) );
         }
         ret = mbedtls_ccm_auth_decrypt( &ccm, ciphertext_length, 
-                       ( const unsigned char* )nonce ,
-                       nonce_length, ( const unsigned char* )additional_data,
-                       additional_data_length,
-                       ( const unsigned char* )ciphertext ,
-                       ( unsigned char* )plaintext, sizeof( tag ), tag );
+                       nonce , nonce_length, additional_data,
+                       additional_data_length, ciphertext ,
+                       plaintext, sizeof( tag ), tag );
         if( ret != 0 )
         {
             mbedtls_ccm_free( &ccm );

From 4f5eb7cb5411fea304a10f1eadaa9ddeded16395 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 30 Apr 2018 17:23:47 +0300
Subject: [PATCH 151/889] Fill the the output buffer with zero data in case of
 failure

---
 library/psa_crypto.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 7589432c9..0ed9dd9bf 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1528,6 +1528,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         if( ret != 0 )
         {
             mbedtls_gcm_free( &gcm );
+            mbedtls_zeroize( ciphertext, plaintext_length );
             return( mbedtls_to_psa_error( ret ) );
         }
 
@@ -1554,6 +1555,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         if( ret != 0 )
         {
             mbedtls_ccm_free( &ccm );
+            mbedtls_zeroize( ciphertext, plaintext_length );
             return( mbedtls_to_psa_error( ret ) );
         }
 
@@ -1622,6 +1624,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         if( ret != 0 )
         {
             mbedtls_gcm_free( &gcm );
+            mbedtls_zeroize( plaintext, ciphertext_length );
             return( mbedtls_to_psa_error( ret ) );
         }
 
@@ -1649,14 +1652,14 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         if( ret != 0 )
         {
             mbedtls_ccm_free( &ccm );
+            mbedtls_zeroize( plaintext, ciphertext_length );
             return( mbedtls_to_psa_error( ret ) );
         }
 
         mbedtls_ccm_free( &ccm );
     }
 
-    memcpy( plaintext + ciphertext_length, tag, sizeof( tag ) );
-    *plaintext_length = ciphertext_length + sizeof( tag );
+    *plaintext_length = ciphertext_length;
     return( PSA_SUCCESS );
 }
 

From 091e73b22b4759d938ee0afeb9bf6d7b112fd861 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 30 Apr 2018 17:24:39 +0300
Subject: [PATCH 152/889] Fix usage of TEST_ASSERT

Add missing == PSA_SUCCESS in TEST_ASSERT usage
---
 tests/suites/test_suite_psa_crypto.function | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 4721c87f3..6376e5659 100755
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -591,7 +591,7 @@ void aead_encrypt_decrypt( int key_type_arg, char *key_hex,
     unsigned char *output_data2 = NULL;
     size_t output_length2;
     psa_status_t actual_status;
-    uint8_t* nonce = NULL;
+    uint8_t nonce[16];
     size_t nonce_length = 16;
     size_t tag_length = 16;
 
@@ -606,8 +606,7 @@ void aead_encrypt_decrypt( int key_type_arg, char *key_hex,
     {
         nonce_length = 12;
     }
-    nonce = mbedtls_calloc( 1, nonce_length );
-    TEST_ASSERT( nonce != NULL );
+
     for( int i = 0; i < nonce_length; ++nonce_length )
         nonce[i] = i;
 
@@ -620,7 +619,7 @@ void aead_encrypt_decrypt( int key_type_arg, char *key_hex,
                                nonce, nonce_length,
                                additional_data, additional_data_length,
                                input_data, input_size, output_data,
-                               input_size, &output_length ) );
+                               input_size, &output_length ) == PSA_SUCCESS );
 
     output_data2 = mbedtls_calloc( 1, output_length );
     TEST_ASSERT( output_data2 != NULL );
@@ -629,7 +628,7 @@ void aead_encrypt_decrypt( int key_type_arg, char *key_hex,
                             nonce, nonce_length,
                             additional_data, additional_data_length,
                             output_data, output_length - tag_length, output_data2,
-                            output_length, &output_length2 ) );
+                            output_length, &output_length2 ) == PSA_SUCCESS );
     
     TEST_ASSERT( memcmp( input, output_data2,
                              input_size ) == 0 );

From a7e6df76ead156437d97aa592aa8bbec28f77b9d Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 30 Apr 2018 17:25:45 +0300
Subject: [PATCH 153/889] Validation fixes for key_type

---
 library/psa_crypto.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 0ed9dd9bf..33e265766 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1600,8 +1600,9 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     if( cipher_info == NULL )
         return( PSA_ERROR_NOT_SUPPORTED );
 
-    if ( key_type != PSA_KEY_TYPE_RAW_DATA)
-        return( PSA_ERROR_BAD_STATE );
+    if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER
+           && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 )
+        return( PSA_ERROR_INVALID_ARGUMENT );
 
     operation->block_size = cipher_info->block_size;
 

From dad36fa855e17a039e1f8f1a5671093a8255808b Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 9 May 2018 02:24:42 -0700
Subject: [PATCH 154/889] add Key and Algorithm validation

---
 include/psa/crypto.h |  1 +
 library/psa_crypto.c | 38 +++++++++++++++++++++++++++-----------
 2 files changed, 28 insertions(+), 11 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index cd86080c1..deeab4a64 100755
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -143,6 +143,7 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_CATEGORY_MASK              ((psa_key_type_t)0x7e000000)
 #define PSA_KEY_TYPE_RAW_DATA                   ((psa_key_type_t)0x02000000)
 #define PSA_KEY_TYPE_CATEGORY_SYMMETRIC         ((psa_key_type_t)0x04000000)
+#define PSA_KEY_TYPE_CATEGORY_CIPHER            ((psa_key_type_t)0x04000000)
 #define PSA_KEY_TYPE_CATEGORY_ASYMMETRIC        ((psa_key_type_t)0x06000000)
 #define PSA_KEY_TYPE_PAIR_FLAG                  ((psa_key_type_t)0x01000000)
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 33e265766..7d70d534a 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1488,7 +1488,8 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     size_t key_bits;
     const mbedtls_cipher_info_t *cipher_info = NULL;
     unsigned char tag[16];
-
+    mbedtls_cipher_id_t cipher_id;
+    
     if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) )
             return( PSA_ERROR_INVALID_ARGUMENT );
 
@@ -1497,6 +1498,15 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         return( status );
     slot = &global_data.key_slots[key];
 
+    if ( key_type == PSA_KEY_TYPE_AES )
+    {
+        cipher_id = MBEDTLS_CIPHER_ID_AES;
+    }
+    else
+    {
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    }
+
     //TODO: check key policy
 
     cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits );
@@ -1507,13 +1517,11 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
            && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    operation->block_size = cipher_info->block_size;
-
     if( alg == PSA_ALG_GCM )
     {
         mbedtls_gcm_context gcm;
         mbedtls_gcm_init( &gcm );
-        ret = mbedtls_gcm_setkey( &gcm, cipher_info->base->cipher, 
+        ret = mbedtls_gcm_setkey( &gcm, cipher_id, 
                                 ( const unsigned char * )slot->data.raw.data, key_bits );
         if( ret != 0 )
         {
@@ -1541,7 +1549,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
             return( PSA_ERROR_INVALID_ARGUMENT );
 
         mbedtls_ccm_init( &ccm );
-        ret = mbedtls_ccm_setkey( &ccm, cipher_info->base->cipher, 
+        ret = mbedtls_ccm_setkey( &ccm, cipher_id, 
                                   slot->data.raw.data, key_bits );
         if( ret != 0 )
         {
@@ -1551,7 +1559,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         ret = mbedtls_ccm_encrypt_and_tag( &ccm, plaintext_length, 
                        nonce , nonce_length, additional_data,
                        additional_data_length,
-                       plaintext, ciphertext, sizeof( tag ), tag );
+                       plaintext, ciphertext, tag, sizeof( tag ) );
         if( ret != 0 )
         {
             mbedtls_ccm_free( &ccm );
@@ -1585,6 +1593,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     size_t key_bits;
     const mbedtls_cipher_info_t *cipher_info = NULL;
     unsigned char tag[16];
+    mbedtls_cipher_id_t cipher_id;
 
     if( plaintext_size < ciphertext_length )
             return( PSA_ERROR_INVALID_ARGUMENT );
@@ -1594,6 +1603,15 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         return( status );
     slot = &global_data.key_slots[key];
 
+    if ( key_type == PSA_KEY_TYPE_AES )
+    {
+        cipher_id = MBEDTLS_CIPHER_ID_AES;
+    }
+    else
+    {
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    }
+
     //TODO: check key policy
 
     cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits );
@@ -1604,14 +1622,12 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
            && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    operation->block_size = cipher_info->block_size;
-
     if( alg == PSA_ALG_GCM )
     {
         mbedtls_gcm_context gcm;
 
         mbedtls_gcm_init( &gcm );
-        ret = mbedtls_gcm_setkey( &gcm, cipher_info->base->cipher, 
+        ret = mbedtls_gcm_setkey( &gcm, cipher_id, 
                                   slot->data.raw.data, key_bits );
         if( ret != 0 )
         {
@@ -1639,7 +1655,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
             return( PSA_ERROR_INVALID_ARGUMENT );
 
         mbedtls_ccm_init( &ccm );
-        ret = mbedtls_ccm_setkey( &ccm, cipher_info->base->cipher, 
+        ret = mbedtls_ccm_setkey( &ccm, cipher_id, 
                                   slot->data.raw.data, key_bits );
         if( ret != 0 )
         {
@@ -1649,7 +1665,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         ret = mbedtls_ccm_auth_decrypt( &ccm, ciphertext_length, 
                        nonce , nonce_length, additional_data,
                        additional_data_length, ciphertext ,
-                       plaintext, sizeof( tag ), tag );
+                       plaintext, tag, sizeof( tag ) );
         if( ret != 0 )
         {
             mbedtls_ccm_free( &ccm );

From bdd892aef57c341d1b9d26cc189ec1f6cae39b73 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 9 May 2018 02:26:51 -0700
Subject: [PATCH 155/889] Add test scenario

---
 tests/suites/test_suite_psa_crypto.data     |  3 +++
 tests/suites/test_suite_psa_crypto.function | 17 ++++++++++-------
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index c3f5f9001..3e80c9072 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -120,3 +120,6 @@ sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"307802010
 PSA verify ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+
+PSA AEAD Encrypt-Decrypt, first scenario
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B"
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 6376e5659..f6a0d2208 100755
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -575,9 +575,9 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void aead_encrypt_decrypt( int key_type_arg, char *key_hex,
-                int alg_arg, char *input_hex,
-                cahr* additional_data, int additional_data_length )
+void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
+                int alg_arg, char * input_hex,
+                char * add_data )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -590,16 +590,20 @@ void aead_encrypt_decrypt( int key_type_arg, char *key_hex,
     size_t output_length;
     unsigned char *output_data2 = NULL;
     size_t output_length2;
-    psa_status_t actual_status;
     uint8_t nonce[16];
     size_t nonce_length = 16;
     size_t tag_length = 16;
+    unsigned char *additional_data = NULL;
+    size_t additional_data_length = 0;
+    size_t i = 0;
 
 
     key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
     input_data = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input_data != NULL );
+    additional_data = unhexify_alloc( add_data, &additional_data_length );
+    TEST_ASSERT( input_data != NULL );
     output_data = mbedtls_calloc( 1, input_size + tag_length );
     TEST_ASSERT( output_data != NULL );
     if( alg == PSA_ALG_CCM )
@@ -607,7 +611,7 @@ void aead_encrypt_decrypt( int key_type_arg, char *key_hex,
         nonce_length = 12;
     }
 
-    for( int i = 0; i < nonce_length; ++nonce_length )
+    for( ; i < nonce_length; ++nonce_length )
         nonce[i] = i;
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
@@ -630,7 +634,7 @@ void aead_encrypt_decrypt( int key_type_arg, char *key_hex,
                             output_data, output_length - tag_length, output_data2,
                             output_length, &output_length2 ) == PSA_SUCCESS );
     
-    TEST_ASSERT( memcmp( input, output_data2,
+    TEST_ASSERT( memcmp( input_data, output_data2,
                              input_size ) == 0 );
     
 
@@ -638,7 +642,6 @@ exit:
     psa_destroy_key( slot );
     mbedtls_free( key_data );
     mbedtls_free( input_data );
-    mbedtls_free( signature );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */

From 17638efc469ffbb40b248df47c1351bb0c3dcf9f Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 9 May 2018 04:58:00 -0700
Subject: [PATCH 156/889] remove unused variable

---
 library/psa_crypto.c | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 7d70d534a..45f55638b 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1486,7 +1486,6 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     key_slot_t *slot;
     psa_key_type_t key_type;
     size_t key_bits;
-    const mbedtls_cipher_info_t *cipher_info = NULL;
     unsigned char tag[16];
     mbedtls_cipher_id_t cipher_id;
     
@@ -1509,9 +1508,6 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
 
     //TODO: check key policy
 
-    cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits );
-    if( cipher_info == NULL )
-        return( PSA_ERROR_NOT_SUPPORTED );
 
     if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER
            && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 )
@@ -1591,7 +1587,6 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     key_slot_t *slot;
     psa_key_type_t key_type;
     size_t key_bits;
-    const mbedtls_cipher_info_t *cipher_info = NULL;
     unsigned char tag[16];
     mbedtls_cipher_id_t cipher_id;
 
@@ -1614,9 +1609,6 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
 
     //TODO: check key policy
 
-    cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits );
-    if( cipher_info == NULL )
-        return( PSA_ERROR_NOT_SUPPORTED );
 
     if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER
            && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 )

From e58e68458e6051c5c4a2d9222fd03787ca29a02f Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 9 May 2018 04:58:32 -0700
Subject: [PATCH 157/889] fix condition over key type

---
 library/psa_crypto.c | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 45f55638b..5810853cb 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1488,7 +1488,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     size_t key_bits;
     unsigned char tag[16];
     mbedtls_cipher_id_t cipher_id;
-    
+
     if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) )
             return( PSA_ERROR_INVALID_ARGUMENT );
 
@@ -1508,9 +1508,8 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
 
     //TODO: check key policy
 
-
-    if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER
-           && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 )
+    if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER
+           && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     if( alg == PSA_ALG_GCM )
@@ -1609,9 +1608,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
 
     //TODO: check key policy
 
-
-    if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER
-           && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 )
+    if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER
+           && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     if( alg == PSA_ALG_GCM )

From d973472a37647e52913729a8d0d10c5da2d3ffca Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 9 May 2018 04:59:26 -0700
Subject: [PATCH 158/889] Fix loop index and output size parameter value

---
 tests/suites/test_suite_psa_crypto.function | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index f6a0d2208..d366608c8 100755
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -587,6 +587,7 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
     unsigned char *input_data = NULL;
     size_t input_size;
     unsigned char *output_data = NULL;
+    size_t output_size = 0;
     size_t output_length;
     unsigned char *output_data2 = NULL;
     size_t output_length2;
@@ -604,14 +605,15 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
     TEST_ASSERT( input_data != NULL );
     additional_data = unhexify_alloc( add_data, &additional_data_length );
     TEST_ASSERT( input_data != NULL );
-    output_data = mbedtls_calloc( 1, input_size + tag_length );
+    output_size = input_size + tag_length;
+    output_data = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output_data != NULL );
     if( alg == PSA_ALG_CCM )
     {
         nonce_length = 12;
     }
 
-    for( ; i < nonce_length; ++nonce_length )
+    for( ; i < nonce_length; ++i )
         nonce[i] = i;
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
@@ -623,7 +625,7 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
                                nonce, nonce_length,
                                additional_data, additional_data_length,
                                input_data, input_size, output_data,
-                               input_size, &output_length ) == PSA_SUCCESS );
+                               output_size, &output_length ) == PSA_SUCCESS );
 
     output_data2 = mbedtls_calloc( 1, output_length );
     TEST_ASSERT( output_data2 != NULL );

From 5c8845f5635d0fca6a25cca89880be0efde884cb Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 9 May 2018 05:40:09 -0700
Subject: [PATCH 159/889] return invalid argument for unsupported algorithms

---
 library/psa_crypto.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 5810853cb..aaaa8a53c 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1564,6 +1564,10 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
 
         mbedtls_ccm_free( &ccm );
     }
+    else
+    {
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    }
     memcpy( ciphertext + plaintext_length, tag, sizeof( tag ) );
     *ciphertext_length = plaintext_length + sizeof( tag );
     return( PSA_SUCCESS );

From f07db2e919742d760e60409054524c16f387cfda Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 9 May 2018 05:41:08 -0700
Subject: [PATCH 160/889] Add more test scenario for GCM and failure cases

---
 tests/suites/test_suite_psa_crypto.data     | 19 +++++++++++++++++--
 tests/suites/test_suite_psa_crypto.function | 13 +++++++++----
 2 files changed, 26 insertions(+), 6 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 3e80c9072..05d579a38 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -121,5 +121,20 @@ PSA verify ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
-PSA AEAD Encrypt-Decrypt, first scenario
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B"
+PSA AEAD Encrypt-Decrypt, AES CCM scenario 1
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":PSA_SUCCESS
+
+PSA AEAD Encrypt-Decrypt, AES CCM scenario 2
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
+
+PSA AEAD Encrypt-Decrypt, AES GCM scenario 1
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":PSA_SUCCESS
+
+PSA AEAD Encrypt-Decrypt, AES GCM scenario 2
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
+
+PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid key type
+aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_INVALID_ARGUMENT
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index d366608c8..9a6004a49 100755
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -577,7 +577,7 @@ exit:
 /* BEGIN_CASE */
 void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
                 int alg_arg, char * input_hex,
-                char * add_data )
+                char * add_data, int expected_result )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -625,7 +625,7 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
                                nonce, nonce_length,
                                additional_data, additional_data_length,
                                input_data, input_size, output_data,
-                               output_size, &output_length ) == PSA_SUCCESS );
+                               output_size, &output_length ) == ( psa_status_t )expected_result );
 
     output_data2 = mbedtls_calloc( 1, output_length );
     TEST_ASSERT( output_data2 != NULL );
@@ -634,16 +634,21 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
                             nonce, nonce_length,
                             additional_data, additional_data_length,
                             output_data, output_length - tag_length, output_data2,
-                            output_length, &output_length2 ) == PSA_SUCCESS );
+                            output_length, &output_length2 ) == ( psa_status_t )expected_result );
     
-    TEST_ASSERT( memcmp( input_data, output_data2,
+    if( expected_result == 0 )
+    {
+        TEST_ASSERT( memcmp( input_data, output_data2,
                              input_size ) == 0 );
+    }
     
 
 exit:
     psa_destroy_key( slot );
     mbedtls_free( key_data );
     mbedtls_free( input_data );
+    mbedtls_free( additional_data );
+    mbedtls_free( output_data );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */

From 9b071325913e9c1786c41510d0c4769dca6c7665 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Thu, 31 May 2018 03:18:45 -0700
Subject: [PATCH 161/889] remove compilation warnings

---
 tests/suites/test_suite_psa_crypto.function | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 9a6004a49..b592c6eca 100755
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -577,7 +577,8 @@ exit:
 /* BEGIN_CASE */
 void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
                 int alg_arg, char * input_hex,
-                char * add_data, int expected_result )
+                char * add_data
+                , int expected_result_arg )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -597,6 +598,7 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
     unsigned char *additional_data = NULL;
     size_t additional_data_length = 0;
     size_t i = 0;
+    psa_status_t expected_result = (psa_status_t) expected_result_arg;
 
 
     key_data = unhexify_alloc( key_hex, &key_size );
@@ -625,7 +627,7 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
                                nonce, nonce_length,
                                additional_data, additional_data_length,
                                input_data, input_size, output_data,
-                               output_size, &output_length ) == ( psa_status_t )expected_result );
+                               output_size, &output_length ) == expected_result );
 
     output_data2 = mbedtls_calloc( 1, output_length );
     TEST_ASSERT( output_data2 != NULL );
@@ -634,9 +636,9 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
                             nonce, nonce_length,
                             additional_data, additional_data_length,
                             output_data, output_length - tag_length, output_data2,
-                            output_length, &output_length2 ) == ( psa_status_t )expected_result );
+                            output_length, &output_length2 ) == expected_result );
     
-    if( expected_result == 0 )
+    if( PSA_SUCCESS == expected_result )
     {
         TEST_ASSERT( memcmp( input_data, output_data2,
                              input_size ) == 0 );
@@ -649,6 +651,7 @@ exit:
     mbedtls_free( input_data );
     mbedtls_free( additional_data );
     mbedtls_free( output_data );
+    mbedtls_free( output_data2 );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */

From 39574652ae0d9ed1b1558b150f1347727260b00b Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Fri, 1 Jun 2018 04:39:53 -0700
Subject: [PATCH 162/889] add else for not supported algorithm

---
 library/psa_crypto.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index aaaa8a53c..beb5f559d 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1669,7 +1669,11 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
 
         mbedtls_ccm_free( &ccm );
     }
-
+    else
+    {
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    }
+    
     *plaintext_length = ciphertext_length;
     return( PSA_SUCCESS );
 }

From e797945ea9f0c64c725effd551af34b76ea5a40b Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Fri, 1 Jun 2018 04:41:03 -0700
Subject: [PATCH 163/889] initialize length variables and process decrypt only
 when encrypts passes

---
 tests/suites/test_suite_psa_crypto.function | 25 +++++++++++----------
 1 file changed, 13 insertions(+), 12 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index b592c6eca..93bb9cc2a 100755
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -589,9 +589,9 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
     size_t input_size;
     unsigned char *output_data = NULL;
     size_t output_size = 0;
-    size_t output_length;
+    size_t output_length = 0;
     unsigned char *output_data2 = NULL;
-    size_t output_length2;
+    size_t output_length2 = 0;
     uint8_t nonce[16];
     size_t nonce_length = 16;
     size_t tag_length = 16;
@@ -629,19 +629,20 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
                                input_data, input_size, output_data,
                                output_size, &output_length ) == expected_result );
 
-    output_data2 = mbedtls_calloc( 1, output_length );
-    TEST_ASSERT( output_data2 != NULL );
-
-    TEST_ASSERT( psa_aead_decrypt( slot, alg,
-                            nonce, nonce_length,
-                            additional_data, additional_data_length,
-                            output_data, output_length - tag_length, output_data2,
-                            output_length, &output_length2 ) == expected_result );
-    
     if( PSA_SUCCESS == expected_result )
     {
+        output_data2 = mbedtls_calloc( 1, output_length );
+        TEST_ASSERT( output_data2 != NULL );
+
+        TEST_ASSERT( psa_aead_decrypt( slot, alg,
+                                nonce, nonce_length,
+                                additional_data, additional_data_length,
+                                output_data, output_length - tag_length, output_data2,
+                                output_length, &output_length2 ) == expected_result );
+        
+
         TEST_ASSERT( memcmp( input_data, output_data2,
-                             input_size ) == 0 );
+                                input_size ) == 0 );
     }
     
 

From 20399393a5190a6b921fa4448d60777584480b67 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Fri, 1 Jun 2018 04:41:27 -0700
Subject: [PATCH 164/889] add psa_crypto to test suites

---
 tests/CMakeLists.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 58126bedc..d8b74f227 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -110,6 +110,7 @@ add_test_suite(pk)
 add_test_suite(pkparse)
 add_test_suite(pkwrite)
 add_test_suite(poly1305)
+add_test_suite(psa_crypto)
 add_test_suite(shax)
 add_test_suite(ssl)
 add_test_suite(timing)

From a40d77477de223beba1c50fd8b3db42de0bfac5a Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 1 Jun 2018 16:28:30 +0200
Subject: [PATCH 165/889] Whitespace fixes

Changed indentation to match Mbed TLS style. Wrapped some lines to 80 columns.
---
 library/psa_crypto.c | 55 +++++++++++++++++++++++---------------------
 1 file changed, 29 insertions(+), 26 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index beb5f559d..ba43e1968 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1490,7 +1490,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     mbedtls_cipher_id_t cipher_id;
 
     if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) )
-            return( PSA_ERROR_INVALID_ARGUMENT );
+        return( PSA_ERROR_INVALID_ARGUMENT );
 
     status = psa_get_key_information( key, &key_type, &key_bits );
     if( status != PSA_SUCCESS )
@@ -1509,25 +1509,26 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     //TODO: check key policy
 
     if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER
-           && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) )
+            && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     if( alg == PSA_ALG_GCM )
     {
         mbedtls_gcm_context gcm;
         mbedtls_gcm_init( &gcm );
-        ret = mbedtls_gcm_setkey( &gcm, cipher_id, 
-                                ( const unsigned char * )slot->data.raw.data, key_bits );
+        ret = mbedtls_gcm_setkey( &gcm, cipher_id,
+                                  ( const unsigned char * )slot->data.raw.data,
+                                  key_bits );
         if( ret != 0 )
         {
             mbedtls_gcm_free( &gcm );
             return( mbedtls_to_psa_error( ret ) );
         }
         ret = mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_ENCRYPT,
-                       plaintext_length, nonce ,
-                       nonce_length, additional_data,
-                       additional_data_length, plaintext,
-                       ciphertext, sizeof( tag ), tag );
+                                         plaintext_length, nonce,
+                                         nonce_length, additional_data,
+                                         additional_data_length, plaintext,
+                                         ciphertext, sizeof( tag ), tag );
         if( ret != 0 )
         {
             mbedtls_gcm_free( &gcm );
@@ -1544,17 +1545,18 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
             return( PSA_ERROR_INVALID_ARGUMENT );
 
         mbedtls_ccm_init( &ccm );
-        ret = mbedtls_ccm_setkey( &ccm, cipher_id, 
+        ret = mbedtls_ccm_setkey( &ccm, cipher_id,
                                   slot->data.raw.data, key_bits );
         if( ret != 0 )
         {
             mbedtls_ccm_free( &ccm );
             return( mbedtls_to_psa_error( ret ) );
         }
-        ret = mbedtls_ccm_encrypt_and_tag( &ccm, plaintext_length, 
-                       nonce , nonce_length, additional_data,
-                       additional_data_length,
-                       plaintext, ciphertext, tag, sizeof( tag ) );
+        ret = mbedtls_ccm_encrypt_and_tag( &ccm, plaintext_length,
+                                           nonce, nonce_length, additional_data,
+                                           additional_data_length,
+                                           plaintext, ciphertext,
+                                           tag, sizeof( tag ) );
         if( ret != 0 )
         {
             mbedtls_ccm_free( &ccm );
@@ -1594,7 +1596,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     mbedtls_cipher_id_t cipher_id;
 
     if( plaintext_size < ciphertext_length )
-            return( PSA_ERROR_INVALID_ARGUMENT );
+        return( PSA_ERROR_INVALID_ARGUMENT );
 
     status = psa_get_key_information( key, &key_type, &key_bits );
     if( status != PSA_SUCCESS )
@@ -1613,7 +1615,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     //TODO: check key policy
 
     if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER
-           && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) )
+            && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     if( alg == PSA_ALG_GCM )
@@ -1621,7 +1623,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         mbedtls_gcm_context gcm;
 
         mbedtls_gcm_init( &gcm );
-        ret = mbedtls_gcm_setkey( &gcm, cipher_id, 
+        ret = mbedtls_gcm_setkey( &gcm, cipher_id,
                                   slot->data.raw.data, key_bits );
         if( ret != 0 )
         {
@@ -1629,9 +1631,10 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
             return( mbedtls_to_psa_error( ret ) );
         }
         ret = mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_DECRYPT,
-                       ciphertext_length, nonce , nonce_length, 
-                       additional_data, additional_data_length,
-                       ciphertext, plaintext, sizeof( tag ), tag );
+                                         ciphertext_length, nonce, nonce_length,
+                                         additional_data, additional_data_length,
+                                         ciphertext, plaintext,
+                                         sizeof( tag ), tag );
         if( ret != 0 )
         {
             mbedtls_gcm_free( &gcm );
@@ -1644,22 +1647,22 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     else if( alg == PSA_ALG_CCM )
     {
         mbedtls_ccm_context ccm;
-        
+
         if( nonce_length < 7 || nonce_length > 13 )
             return( PSA_ERROR_INVALID_ARGUMENT );
 
         mbedtls_ccm_init( &ccm );
-        ret = mbedtls_ccm_setkey( &ccm, cipher_id, 
+        ret = mbedtls_ccm_setkey( &ccm, cipher_id,
                                   slot->data.raw.data, key_bits );
         if( ret != 0 )
         {
             mbedtls_ccm_free( &ccm );
             return( mbedtls_to_psa_error( ret ) );
         }
-        ret = mbedtls_ccm_auth_decrypt( &ccm, ciphertext_length, 
-                       nonce , nonce_length, additional_data,
-                       additional_data_length, ciphertext ,
-                       plaintext, tag, sizeof( tag ) );
+        ret = mbedtls_ccm_auth_decrypt( &ccm, ciphertext_length,
+                                        nonce, nonce_length, additional_data,
+                                        additional_data_length, ciphertext,
+                                        plaintext, tag, sizeof( tag ) );
         if( ret != 0 )
         {
             mbedtls_ccm_free( &ccm );
@@ -1673,7 +1676,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     {
         return( PSA_ERROR_INVALID_ARGUMENT );
     }
-    
+
     *plaintext_length = ciphertext_length;
     return( PSA_SUCCESS );
 }

From 1e7d8f1b09f26776c6734b16280ae7affbaad75d Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 1 Jun 2018 16:29:38 +0200
Subject: [PATCH 166/889] Document AEAD functions

Write documentation for psa_aead_encrypt and psa_aead_decrypt. Define
macros PSA_AEAD_ENCRYPT_OUTPUT_SIZE and PSA_AEAD_DECRYPT_OUTPUT_SIZE
(untested).
---
 include/psa/crypto.h | 82 +++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 78 insertions(+), 4 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index deeab4a64..af1ab37c4 100755
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1073,11 +1073,39 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
 /** \defgroup aead Authenticated encryption with associated data (AEAD)
  * @{
  */
-/** Process an integrated authenticated encryption operation.
+
+#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length)     \
+    ((alg) == PSA_ALG_GCM ? (plaintext_length) + 16 :           \
+     (alg) == PSA_ALG_CCM ? (plaintext_length) + 16 :           \
+     0)
+
+/** Process an authenticated encryption operation.
  *
- * \param operation
- * \param alg       The AEAD algorithm to compute (\c PSA_ALG_XXX value
- *                  such that #PSA_ALG_IS_AEAD(alg) is true).
+ * \param key                     Slot containing the key to use.
+ * \param alg                     The AEAD algorithm to compute
+ *                                (\c PSA_ALG_XXX value such that
+ *                                #PSA_ALG_IS_AEAD(alg) is true).
+ * \param nonce                   Nonce or IV to use.
+ * \param nonce_length            Size of the \p nonce buffer in bytes.
+ * \param additional_data         Additional data that will be authenticated
+ *                                but not encrypted.
+ * \param additional_data_length  Size of \p additional_data in bytes.
+ * \param plaintext               Data that will be authenticated and
+ *                                encrypted.
+ * \param plaintext_length        Size of \p plaintext in bytes.
+ * \param ciphertext              Output buffer for the authenticated and
+ *                                encrypted data. The additional data is not
+ *                                part of this output. For algorithms where the
+ *                                encrypted data and the authentication tag
+ *                                are defined as separate outputs, the
+ *                                authentication tag is appended to the
+ *                                encrypted data.
+ * \param ciphertext_size         Size of the \p ciphertext buffer in bytes.
+ *                                This must be at least
+ *                                #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg,
+ *                                \p plaintext_length).
+ * \param ciphertext_length       On success, the size of the output
+ *                                in the \b ciphertext buffer.
  *
  * \retval PSA_SUCCESS
  *         Success.
@@ -1104,6 +1132,52 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
                                size_t ciphertext_size,
                                size_t *ciphertext_length );
 
+#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length)     \
+    ((alg) == PSA_ALG_GCM ? (ciphertext_length) - 16 :           \
+     (alg) == PSA_ALG_CCM ? (ciphertext_length) - 16 :           \
+     0)
+
+/** Process an authenticated decryption operation.
+ *
+ * \param key                     Slot containing the key to use.
+ * \param alg                     The AEAD algorithm to compute
+ *                                (\c PSA_ALG_XXX value such that
+ *                                #PSA_ALG_IS_AEAD(alg) is true).
+ * \param nonce                   Nonce or IV to use.
+ * \param nonce_length            Size of the \p nonce buffer in bytes.
+ * \param additional_data         Additional data that has been authenticated
+ *                                but not encrypted.
+ * \param additional_data_length  Size of \p additional_data in bytes.
+ * \param ciphertext              Data that has been authenticated and
+ *                                encrypted. For algorithms where the
+ *                                encrypted data and the authentication tag
+ *                                are defined as separate inputs, the buffer
+ *                                must contain the encrypted data followed
+ *                                by the authentication tag.
+ * \param ciphertext_length       Size of \p ciphertext in bytes.
+ * \param plaintext               Output buffer for the decrypted data.
+ * \param plaintext_size          Size of the \p plaintext buffer in bytes.
+ *                                This must be at least
+ *                                #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg,
+ *                                \p ciphertext_length).
+ * \param plaintext_length        On success, the size of the output
+ *                                in the \b plainrtext buffer.
+ *
+ * \retval PSA_SUCCESS
+ *         Success.
+ * \retval PSA_ERROR_EMPTY_SLOT
+ * \retval PSA_ERROR_INVALID_SIGNATURE
+ *         The ciphertext is not authentic.
+ * \retval PSA_ERROR_NOT_PERMITTED
+ * \retval PSA_ERROR_INVALID_ARGUMENT
+ *         \c key is not compatible with \c alg.
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ *         \c alg is not supported or is not an AEAD algorithm.
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ */
 psa_status_t psa_aead_decrypt( psa_key_slot_t key,
                                psa_algorithm_t alg,
                                const uint8_t *nonce,

From 36a74b71a0c4b5514e0b066d4d461fc0d20b768c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 1 Jun 2018 16:30:32 +0200
Subject: [PATCH 167/889] Fix Doxygen comments to pass clang -Wdocumentation

---
 include/psa/crypto.h | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index af1ab37c4..d916cffb9 100755
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -711,7 +711,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
  * - A failed call to psa_hash_update().
  * - A call to psa_hash_finish(), psa_hash_verify() or psa_hash_abort().
  *
- * \param operation
+ * \param operation The operation object to use.
  * \param alg       The hash algorithm to compute (\c PSA_ALG_XXX value
  *                  such that #PSA_ALG_IS_HASH(alg) is true).
  *
@@ -904,7 +904,7 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
  * - A failed call to psa_mac_update().
  * - A call to psa_mac_finish(), psa_mac_verify() or psa_mac_abort().
  *
- * \param operation
+ * \param operation The operation object to use.
  * \param alg       The MAC algorithm to compute (\c PSA_ALG_XXX value
  *                  such that #PSA_ALG_IS_MAC(alg) is true).
  *
@@ -980,7 +980,7 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
  *   or psa_cipher_update().
  * - A call to psa_cipher_finish() or psa_cipher_abort().
  *
- * \param operation
+ * \param operation The operation object to use.
  * \param alg       The cipher algorithm to compute (\c PSA_ALG_XXX value
  *                  such that #PSA_ALG_IS_CIPHER(alg) is true).
  *
@@ -1027,7 +1027,7 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation,
  * - A failed call to psa_cipher_update().
  * - A call to psa_cipher_finish() or psa_cipher_abort().
  *
- * \param operation
+ * \param operation The operation object to use.
  * \param alg       The cipher algorithm to compute (\c PSA_ALG_XXX value
  *                  such that #PSA_ALG_IS_CIPHER(alg) is true).
  *

From ee652a344cc4f19b2e557766f3e11265dbbc38a4 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 1 Jun 2018 19:23:52 +0200
Subject: [PATCH 168/889] Fix psa_aead_decrypt to read the tag at the end of
 the ciphertext

---
 library/psa_crypto.c                        | 86 ++++++++++++++-------
 tests/suites/test_suite_psa_crypto.function |  2 +-
 2 files changed, 60 insertions(+), 28 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ba43e1968..b5208f0d0 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1544,6 +1544,14 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         if( nonce_length < 7 || nonce_length > 13 )
             return( PSA_ERROR_INVALID_ARGUMENT );
 
+        tag_length = 16;
+        status = psa_aead_unpadded_locate_tag( tag_length,
+                                               ciphertext, ciphertext_length,
+                                               plaintext_size, plaintext_length,
+                                               &tag );
+        if( status != PSA_SUCCESS )
+            return( status );
+
         mbedtls_ccm_init( &ccm );
         ret = mbedtls_ccm_setkey( &ccm, cipher_id,
                                   slot->data.raw.data, key_bits );
@@ -1575,6 +1583,29 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     return( PSA_SUCCESS );
 }
 
+/* Locate the tag in a ciphertext buffer containing the encrypted data
+ * followed by the tag. Return the length of the part preceding the tag in
+ * *plaintext_length. This is the size of the plaintext in modes where
+ * the encrypted data has the same size as the plaintext, such as
+ * CCM and GCM. */
+static psa_status_t psa_aead_unpadded_locate_tag( size_t tag_length,
+                                                  const uint8_t *ciphertext,
+                                                  size_t ciphertext_length,
+                                                  size_t plaintext_size,
+                                                  size_t *plaintext_length,
+                                                  const uint8_t **p_tag )
+{
+    size_t payload_length;
+    if( tag_length > ciphertext_length )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    payload_length = ciphertext_length - tag_length;
+    if( payload_length > plaintext_size )
+        return( PSA_ERROR_BUFFER_TOO_SMALL );
+    *p_tag = ciphertext + payload_length;
+    *plaintext_length = payload_length;
+    return( PSA_SUCCESS );
+}
+
 psa_status_t psa_aead_decrypt( psa_key_slot_t key,
                                psa_algorithm_t alg,
                                const uint8_t *nonce,
@@ -1592,11 +1623,11 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     key_slot_t *slot;
     psa_key_type_t key_type;
     size_t key_bits;
-    unsigned char tag[16];
+    const uint8_t *tag;
+    size_t tag_length;
     mbedtls_cipher_id_t cipher_id;
 
-    if( plaintext_size < ciphertext_length )
-        return( PSA_ERROR_INVALID_ARGUMENT );
+    *plaintext_length = 0;
 
     status = psa_get_key_information( key, &key_type, &key_bits );
     if( status != PSA_SUCCESS )
@@ -1622,6 +1653,14 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     {
         mbedtls_gcm_context gcm;
 
+        tag_length = 16;
+        status = psa_aead_unpadded_locate_tag( tag_length,
+                                               ciphertext, ciphertext_length,
+                                               plaintext_size, plaintext_length,
+                                               &tag );
+        if( status != PSA_SUCCESS )
+            return( status );
+
         mbedtls_gcm_init( &gcm );
         ret = mbedtls_gcm_setkey( &gcm, cipher_id,
                                   slot->data.raw.data, key_bits );
@@ -1630,18 +1669,13 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
             mbedtls_gcm_free( &gcm );
             return( mbedtls_to_psa_error( ret ) );
         }
-        ret = mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_DECRYPT,
-                                         ciphertext_length, nonce, nonce_length,
-                                         additional_data, additional_data_length,
-                                         ciphertext, plaintext,
-                                         sizeof( tag ), tag );
-        if( ret != 0 )
-        {
-            mbedtls_gcm_free( &gcm );
-            mbedtls_zeroize( plaintext, ciphertext_length );
-            return( mbedtls_to_psa_error( ret ) );
-        }
 
+        ret = mbedtls_gcm_auth_decrypt( &gcm,
+                                        *plaintext_length,
+                                        nonce, nonce_length,
+                                        additional_data, additional_data_length,
+                                        tag, tag_length,
+                                        ciphertext, plaintext );
         mbedtls_gcm_free( &gcm );
     }
     else if( alg == PSA_ALG_CCM )
@@ -1659,17 +1693,11 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
             mbedtls_ccm_free( &ccm );
             return( mbedtls_to_psa_error( ret ) );
         }
-        ret = mbedtls_ccm_auth_decrypt( &ccm, ciphertext_length,
-                                        nonce, nonce_length, additional_data,
-                                        additional_data_length, ciphertext,
-                                        plaintext, tag, sizeof( tag ) );
-        if( ret != 0 )
-        {
-            mbedtls_ccm_free( &ccm );
-            mbedtls_zeroize( plaintext, ciphertext_length );
-            return( mbedtls_to_psa_error( ret ) );
-        }
-
+        ret = mbedtls_ccm_auth_decrypt( &ccm, *plaintext_length,
+                                        nonce, nonce_length,
+                                        additional_data, additional_data_length,
+                                        ciphertext, plaintext,
+                                        tag, tag_length );
         mbedtls_ccm_free( &ccm );
     }
     else
@@ -1677,8 +1705,12 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         return( PSA_ERROR_INVALID_ARGUMENT );
     }
 
-    *plaintext_length = ciphertext_length;
-    return( PSA_SUCCESS );
+    if( ret != 0 )
+    {
+        mbedtls_zeroize( plaintext, *plaintext_length );
+        *plaintext_length = 0;
+    }
+    return( mbedtls_to_psa_error( ret ) );
 }
 
 
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 93bb9cc2a..e36719d31 100755
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -637,7 +637,7 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
         TEST_ASSERT( psa_aead_decrypt( slot, alg,
                                 nonce, nonce_length,
                                 additional_data, additional_data_length,
-                                output_data, output_length - tag_length, output_data2,
+                                output_data, output_length, output_data2,
                                 output_length, &output_length2 ) == expected_result );
         
 

From 9375f8403a2ad8e082b6356dfa0cc65945ee3da2 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Sun, 3 Jun 2018 14:28:24 +0300
Subject: [PATCH 169/889] fix code offsets after rebase

---
 library/psa_crypto.c | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index b5208f0d0..e64b69116 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1544,14 +1544,6 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         if( nonce_length < 7 || nonce_length > 13 )
             return( PSA_ERROR_INVALID_ARGUMENT );
 
-        tag_length = 16;
-        status = psa_aead_unpadded_locate_tag( tag_length,
-                                               ciphertext, ciphertext_length,
-                                               plaintext_size, plaintext_length,
-                                               &tag );
-        if( status != PSA_SUCCESS )
-            return( status );
-
         mbedtls_ccm_init( &ccm );
         ret = mbedtls_ccm_setkey( &ccm, cipher_id,
                                   slot->data.raw.data, key_bits );
@@ -1685,6 +1677,14 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         if( nonce_length < 7 || nonce_length > 13 )
             return( PSA_ERROR_INVALID_ARGUMENT );
 
+        tag_length = 16;
+        status = psa_aead_unpadded_locate_tag( tag_length,
+                                               ciphertext, ciphertext_length,
+                                               plaintext_size, plaintext_length,
+                                               &tag );
+        if( status != PSA_SUCCESS )
+            return( status );
+
         mbedtls_ccm_init( &ccm );
         ret = mbedtls_ccm_setkey( &ccm, cipher_id,
                                   slot->data.raw.data, key_bits );

From 22898ba0bda0c016d35eab037700fe661a4e302f Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Sun, 3 Jun 2018 15:03:52 +0300
Subject: [PATCH 170/889] remove duplicated definition

---
 include/psa/crypto.h | 1 -
 1 file changed, 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index d916cffb9..fc26e51fd 100755
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -143,7 +143,6 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_CATEGORY_MASK              ((psa_key_type_t)0x7e000000)
 #define PSA_KEY_TYPE_RAW_DATA                   ((psa_key_type_t)0x02000000)
 #define PSA_KEY_TYPE_CATEGORY_SYMMETRIC         ((psa_key_type_t)0x04000000)
-#define PSA_KEY_TYPE_CATEGORY_CIPHER            ((psa_key_type_t)0x04000000)
 #define PSA_KEY_TYPE_CATEGORY_ASYMMETRIC        ((psa_key_type_t)0x06000000)
 #define PSA_KEY_TYPE_PAIR_FLAG                  ((psa_key_type_t)0x01000000)
 

From f4f0d612ba80e44cb5e6491b932b9d29d15c8b07 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Sun, 3 Jun 2018 15:04:51 +0300
Subject: [PATCH 171/889] change mbedtls_cipher_info_from_psa to provide
 cipher_id also

---
 library/psa_crypto.c | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index e64b69116..6c431586e 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -888,10 +888,11 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
 static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
     psa_algorithm_t alg,
     psa_key_type_t key_type,
-    size_t key_bits )
+    size_t key_bits, 
+    mbedtls_cipher_id_t* cipher_id )
 {
-    mbedtls_cipher_id_t cipher_id;
     mbedtls_cipher_mode_t mode;
+    mbedtls_cipher_id_t cipher_id_tmp;
 
     if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) )
     {
@@ -934,25 +935,27 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
     switch( key_type )
     {
         case PSA_KEY_TYPE_AES:
-            cipher_id = MBEDTLS_CIPHER_ID_AES;
+            cipher_id_tmp = MBEDTLS_CIPHER_ID_AES;
             break;
         case PSA_KEY_TYPE_DES:
             if( key_bits == 64 )
-                cipher_id = MBEDTLS_CIPHER_ID_DES;
+                cipher_id_tmp = MBEDTLS_CIPHER_ID_DES;
             else
-                cipher_id = MBEDTLS_CIPHER_ID_3DES;
+                cipher_id_tmp = MBEDTLS_CIPHER_ID_3DES;
             break;
         case PSA_KEY_TYPE_CAMELLIA:
-            cipher_id = MBEDTLS_CIPHER_ID_CAMELLIA;
+            cipher_id_tmp = MBEDTLS_CIPHER_ID_CAMELLIA;
             break;
         case PSA_KEY_TYPE_ARC4:
-            cipher_id = MBEDTLS_CIPHER_ID_ARC4;
+            cipher_id_tmp = MBEDTLS_CIPHER_ID_ARC4;
             break;
         default:
             return( NULL );
     }
+    if( cipher_id != NULL )
+        *cipher_id == cipher_id_tmp;
 
-    return( mbedtls_cipher_info_from_values( cipher_id, key_bits, mode ) );
+    return( mbedtls_cipher_info_from_values( cipher_id_tmp, key_bits, mode ) );
 }
 
 psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
@@ -1010,7 +1013,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
 
     if( ! PSA_ALG_IS_HMAC( alg ) )
     {
-        cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits );
+        cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, NULL );
         if( cipher_info == NULL )
             return( PSA_ERROR_NOT_SUPPORTED );
         operation->mac_size = cipher_info->block_size;

From f08a550e688b444f53e9d254671a113c06c50e1d Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Sun, 3 Jun 2018 15:05:47 +0300
Subject: [PATCH 172/889] set output length to zero to cover output length in
 error case

---
 library/psa_crypto.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 6c431586e..1123a78c1 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1491,6 +1491,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     size_t key_bits;
     unsigned char tag[16];
     mbedtls_cipher_id_t cipher_id;
+    *ciphertext_length = 0;
 
     if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) )
         return( PSA_ERROR_INVALID_ARGUMENT );

From 95893f834de554f7a5e04aba000cc799a74e2207 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Sun, 3 Jun 2018 15:06:17 +0300
Subject: [PATCH 173/889] remove usless cast

---
 library/psa_crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 1123a78c1..eadd42890 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1521,7 +1521,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         mbedtls_gcm_context gcm;
         mbedtls_gcm_init( &gcm );
         ret = mbedtls_gcm_setkey( &gcm, cipher_id,
-                                  ( const unsigned char * )slot->data.raw.data,
+                                  slot->data.raw.data,
                                   key_bits );
         if( ret != 0 )
         {

From 554faad2603d9b8c96dfd5ab4ae8348ca4a1ff3a Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Sun, 3 Jun 2018 15:07:38 +0300
Subject: [PATCH 174/889] return NOT_SUPPORTED instead of INVLID_ARGUMENT

---
 library/psa_crypto.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index eadd42890..699b8f301 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1572,7 +1572,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     }
     else
     {
-        return( PSA_ERROR_INVALID_ARGUMENT );
+        return( PSA_ERROR_NOT_SUPPORTED );
     }
     memcpy( ciphertext + plaintext_length, tag, sizeof( tag ) );
     *ciphertext_length = plaintext_length + sizeof( tag );
@@ -1706,7 +1706,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     }
     else
     {
-        return( PSA_ERROR_INVALID_ARGUMENT );
+        return( PSA_ERROR_NOT_SUPPORTED );
     }
 
     if( ret != 0 )

From f58aa6ade6ea13983fafbebbd780159a2c60d2f6 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Sun, 3 Jun 2018 15:08:32 +0300
Subject: [PATCH 175/889] use memset instead of mbedtils_zeroize

---
 library/psa_crypto.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 699b8f301..ddeb36d59 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1564,7 +1564,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         if( ret != 0 )
         {
             mbedtls_ccm_free( &ccm );
-            mbedtls_zeroize( ciphertext, plaintext_length );
+            memset( ciphertext, 0, plaintext_length );
             return( mbedtls_to_psa_error( ret ) );
         }
 
@@ -1711,7 +1711,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
 
     if( ret != 0 )
     {
-        mbedtls_zeroize( plaintext, *plaintext_length );
+        memset( plaintext, 0, *plaintext_length );
         *plaintext_length = 0;
     }
     return( mbedtls_to_psa_error( ret ) );

From 0f21465175662498cf3f84a92a08f8fd65d36fc7 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Sun, 3 Jun 2018 15:10:06 +0300
Subject: [PATCH 176/889] use mbedtls_cipher_info_from_psa to get cipher ID

---
 library/psa_crypto.c | 28 ++++++++++------------------
 1 file changed, 10 insertions(+), 18 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ddeb36d59..317417d69 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1491,6 +1491,8 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     size_t key_bits;
     unsigned char tag[16];
     mbedtls_cipher_id_t cipher_id;
+    const mbedtls_cipher_info_t *cipher_info = NULL;
+    
     *ciphertext_length = 0;
 
     if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) )
@@ -1501,14 +1503,9 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         return( status );
     slot = &global_data.key_slots[key];
 
-    if ( key_type == PSA_KEY_TYPE_AES )
-    {
-        cipher_id = MBEDTLS_CIPHER_ID_AES;
-    }
-    else
-    {
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    }
+    cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, &cipher_id );
+    if( cipher_info == NULL )
+            return( PSA_ERROR_NOT_SUPPORTED );
 
     //TODO: check key policy
 
@@ -1622,7 +1619,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     const uint8_t *tag;
     size_t tag_length;
     mbedtls_cipher_id_t cipher_id;
-
+    const mbedtls_cipher_info_t *cipher_info = NULL;
+    
     *plaintext_length = 0;
 
     status = psa_get_key_information( key, &key_type, &key_bits );
@@ -1630,15 +1628,9 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         return( status );
     slot = &global_data.key_slots[key];
 
-    if ( key_type == PSA_KEY_TYPE_AES )
-    {
-        cipher_id = MBEDTLS_CIPHER_ID_AES;
-    }
-    else
-    {
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    }
-
+    cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, &cipher_id );
+    if( cipher_info == NULL )
+            return( PSA_ERROR_NOT_SUPPORTED );
     //TODO: check key policy
 
     if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER

From 4fc744f8af1fef75f8d005584275dc3a6e209090 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Sun, 3 Jun 2018 15:10:47 +0300
Subject: [PATCH 177/889] change the check of block size for all supported
 algorithms

---
 library/psa_crypto.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 317417d69..905b9a80f 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1509,8 +1509,8 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
 
     //TODO: check key policy
 
-    if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER
-            && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) )
+    if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC
+            && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == cipher_info->block_size ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     if( alg == PSA_ALG_GCM )
@@ -1633,8 +1633,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
             return( PSA_ERROR_NOT_SUPPORTED );
     //TODO: check key policy
 
-    if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER
-            && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) )
+    if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC
+            && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == cipher_info->block_size ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     if( alg == PSA_ALG_GCM )

From 15223a8b899903d6a92a9af7dda35cb15ab13ecd Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Sun, 3 Jun 2018 17:19:55 +0300
Subject: [PATCH 178/889] write the tag directly on the ciphertext buffer.

---
 library/psa_crypto.c | 54 ++++++++++++++++++++++++++------------------
 1 file changed, 32 insertions(+), 22 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 905b9a80f..8cf0df4ee 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1489,15 +1489,13 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     key_slot_t *slot;
     psa_key_type_t key_type;
     size_t key_bits;
-    unsigned char tag[16];
+    uint8_t *tag;
+    size_t tag_length;
     mbedtls_cipher_id_t cipher_id;
     const mbedtls_cipher_info_t *cipher_info = NULL;
     
     *ciphertext_length = 0;
 
-    if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
     status = psa_get_key_information( key, &key_type, &key_bits );
     if( status != PSA_SUCCESS )
         return( status );
@@ -1516,6 +1514,15 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     if( alg == PSA_ALG_GCM )
     {
         mbedtls_gcm_context gcm;
+        tag_length = 16;
+
+        //make sure we have place to hold the tag in the ciphertext buffer
+        if( ciphertext_size < ( plaintext_length + tag_length ) )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+
+        //update the tag pointer to point to the end of the ciphertext_length
+        tag = ciphertext + plaintext_length;
+
         mbedtls_gcm_init( &gcm );
         ret = mbedtls_gcm_setkey( &gcm, cipher_id,
                                   slot->data.raw.data,
@@ -1529,22 +1536,26 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
                                          plaintext_length, nonce,
                                          nonce_length, additional_data,
                                          additional_data_length, plaintext,
-                                         ciphertext, sizeof( tag ), tag );
-        if( ret != 0 )
-        {
-            mbedtls_gcm_free( &gcm );
-            mbedtls_zeroize( ciphertext, plaintext_length );
-            return( mbedtls_to_psa_error( ret ) );
-        }
-
+                                         ciphertext, tag_length, tag );
         mbedtls_gcm_free( &gcm );
     }
     else if( alg == PSA_ALG_CCM )
     {
         mbedtls_ccm_context ccm;
+        tag_length = 16;
+
         if( nonce_length < 7 || nonce_length > 13 )
             return( PSA_ERROR_INVALID_ARGUMENT );
 
+        //make sure we have place to hold the tag in the ciphertext buffer
+        if( ciphertext_size < ( plaintext_length + tag_length ) )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+
+        //update the tag pointer to point to the end of the ciphertext_length
+        tag = ciphertext + plaintext_length;
+
+
+
         mbedtls_ccm_init( &ccm );
         ret = mbedtls_ccm_setkey( &ccm, cipher_id,
                                   slot->data.raw.data, key_bits );
@@ -1557,22 +1568,21 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
                                            nonce, nonce_length, additional_data,
                                            additional_data_length,
                                            plaintext, ciphertext,
-                                           tag, sizeof( tag ) );
-        if( ret != 0 )
-        {
-            mbedtls_ccm_free( &ccm );
-            memset( ciphertext, 0, plaintext_length );
-            return( mbedtls_to_psa_error( ret ) );
-        }
-
+                                           tag, tag_length );
         mbedtls_ccm_free( &ccm );
     }
     else
     {
         return( PSA_ERROR_NOT_SUPPORTED );
     }
-    memcpy( ciphertext + plaintext_length, tag, sizeof( tag ) );
-    *ciphertext_length = plaintext_length + sizeof( tag );
+    
+    if( ret != 0 )
+    {
+        memset( ciphertext, 0, ciphertext_size );
+        return( mbedtls_to_psa_error( ret ) );
+    }
+    
+    *ciphertext_length = plaintext_length + tag_length;
     return( PSA_SUCCESS );
 }
 

From 60a64d079a0f3b15e13dbe99a7eac3db559acd07 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Sun, 3 Jun 2018 17:20:42 +0300
Subject: [PATCH 179/889] remove unnecessary argument to the
 psa_aead_unpadded_locate_tag function

---
 library/psa_crypto.c | 22 +++++++++-------------
 1 file changed, 9 insertions(+), 13 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 8cf0df4ee..c5001f909 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -953,7 +953,7 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
             return( NULL );
     }
     if( cipher_id != NULL )
-        *cipher_id == cipher_id_tmp;
+        *cipher_id = cipher_id_tmp;
 
     return( mbedtls_cipher_info_from_values( cipher_id_tmp, key_bits, mode ) );
 }
@@ -1595,7 +1595,6 @@ static psa_status_t psa_aead_unpadded_locate_tag( size_t tag_length,
                                                   const uint8_t *ciphertext,
                                                   size_t ciphertext_length,
                                                   size_t plaintext_size,
-                                                  size_t *plaintext_length,
                                                   const uint8_t **p_tag )
 {
     size_t payload_length;
@@ -1605,7 +1604,6 @@ static psa_status_t psa_aead_unpadded_locate_tag( size_t tag_length,
     if( payload_length > plaintext_size )
         return( PSA_ERROR_BUFFER_TOO_SMALL );
     *p_tag = ciphertext + payload_length;
-    *plaintext_length = payload_length;
     return( PSA_SUCCESS );
 }
 
@@ -1654,8 +1652,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         tag_length = 16;
         status = psa_aead_unpadded_locate_tag( tag_length,
                                                ciphertext, ciphertext_length,
-                                               plaintext_size, plaintext_length,
-                                               &tag );
+                                               plaintext_size, &tag );
         if( status != PSA_SUCCESS )
             return( status );
 
@@ -1669,7 +1666,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         }
 
         ret = mbedtls_gcm_auth_decrypt( &gcm,
-                                        *plaintext_length,
+                                        ciphertext_length - tag_length,
                                         nonce, nonce_length,
                                         additional_data, additional_data_length,
                                         tag, tag_length,
@@ -1686,8 +1683,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         tag_length = 16;
         status = psa_aead_unpadded_locate_tag( tag_length,
                                                ciphertext, ciphertext_length,
-                                               plaintext_size, plaintext_length,
-                                               &tag );
+                                               plaintext_size, &tag );
         if( status != PSA_SUCCESS )
             return( status );
 
@@ -1699,7 +1695,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
             mbedtls_ccm_free( &ccm );
             return( mbedtls_to_psa_error( ret ) );
         }
-        ret = mbedtls_ccm_auth_decrypt( &ccm, *plaintext_length,
+        ret = mbedtls_ccm_auth_decrypt( &ccm, ciphertext_length - tag_length,
                                         nonce, nonce_length,
                                         additional_data, additional_data_length,
                                         ciphertext, plaintext,
@@ -1712,10 +1708,10 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     }
 
     if( ret != 0 )
-    {
-        memset( plaintext, 0, *plaintext_length );
-        *plaintext_length = 0;
-    }
+        memset( plaintext, 0, plaintext_size );
+    else
+        *plaintext_length = ciphertext_length - tag_length;
+
     return( mbedtls_to_psa_error( ret ) );
 }
 

From 4b26850a1575375c22494db1057cdc4d8951f203 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Sun, 3 Jun 2018 19:01:25 +0300
Subject: [PATCH 180/889] fix tests according to the code changes in error
 value

---
 tests/suites/test_suite_psa_crypto.data     | 4 ++--
 tests/suites/test_suite_psa_crypto.function | 3 +--
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 05d579a38..4d67714ef 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -134,7 +134,7 @@ PSA AEAD Encrypt-Decrypt, AES GCM scenario 2
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
 
 PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid key type
-aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_INVALID_ARGUMENT
+aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
 
 PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_INVALID_ARGUMENT
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index e36719d31..10687cdbf 100755
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -577,8 +577,7 @@ exit:
 /* BEGIN_CASE */
 void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
                 int alg_arg, char * input_hex,
-                char * add_data
-                , int expected_result_arg )
+                char * add_data, int expected_result_arg )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;

From f2525ebda769dcb2fe1cefd46177fb042c3946ee Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Sun, 3 Jun 2018 19:13:34 +0300
Subject: [PATCH 181/889] add encryption only test case

---
 tests/suites/test_suite_psa_crypto.data     |  3 +
 tests/suites/test_suite_psa_crypto.function | 67 +++++++++++++++++++++
 2 files changed, 70 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 4d67714ef..ac9feefcc 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -138,3 +138,6 @@ aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG
 
 PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
+
+PSA AEAD Encrypt, AES CCM
+aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8E78CF7CB0CDDD7B3"
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 10687cdbf..a582b56c3 100755
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -655,3 +655,70 @@ exit:
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void aead_encrypt( int key_type_arg, char * key_hex,
+                int alg_arg, char * input_hex,
+                char * add_data, char * nonce_hex,
+                char * expected_result_hex )
+{
+    int slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key_data = NULL;
+    size_t key_size;
+    unsigned char *input_data = NULL;
+    size_t input_size;
+    unsigned char *output_data = NULL;
+    size_t output_size = 0;
+    size_t output_length = 0;
+    unsigned char *expected_result = NULL;
+    size_t expected_result_length = 0;
+    uint8_t* nonce = NULL;
+    size_t nonce_length = 0;
+    size_t tag_length = 16;
+    unsigned char *additional_data = NULL;
+    size_t additional_data_length = 0;
+
+
+    key_data = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key_data != NULL );
+    input_data = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input_data != NULL );
+    additional_data = unhexify_alloc( add_data, &additional_data_length );
+    TEST_ASSERT( input_data != NULL );
+    output_size = input_size + tag_length;
+    output_data = mbedtls_calloc( 1, output_size );
+    TEST_ASSERT( output_data != NULL );
+    nonce = unhexify_alloc( nonce_hex, &nonce_length );
+    TEST_ASSERT( nonce != NULL );
+    expected_result = unhexify_alloc( expected_result_hex, &expected_result_length );
+    TEST_ASSERT( expected_result != NULL );
+    
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, key_type,
+                                 key_data, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_aead_encrypt( slot, alg,
+                               nonce, nonce_length,
+                               additional_data, additional_data_length,
+                               input_data, input_size, output_data,
+                               output_size, &output_length ) == PSA_SUCCESS );
+
+
+    TEST_ASSERT( memcmp( output_data, expected_result,
+                                output_length ) == 0 );
+    
+
+exit:
+    psa_destroy_key( slot );
+    mbedtls_free( key_data );
+    mbedtls_free( input_data );
+    mbedtls_free( additional_data );
+    mbedtls_free( output_data );
+    mbedtls_free( nonce );
+    mbedtls_free( expected_result );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */

From 0317945a375abdbfc3a3a4fe0795002be551adb7 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 4 Jun 2018 12:06:29 +0300
Subject: [PATCH 182/889] disable uncompleted tests

---
 tests/suites/test_suite_psa_crypto.data | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index ac9feefcc..494ebd504 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -139,5 +139,5 @@ aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG
 PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
 
-PSA AEAD Encrypt, AES CCM
-aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8E78CF7CB0CDDD7B3"
+#PSA AEAD Encrypt, AES CCM
+#aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8E78CF7CB0CDDD7B3"

From 96910d807ed73db0c5a06b5d17c07acd4c0120fd Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 4 Jun 2018 14:33:00 +0300
Subject: [PATCH 183/889] fix block size depending on algorithm

---
 library/psa_crypto.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c5001f909..df0201b1d 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1507,8 +1507,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
 
     //TODO: check key policy
 
-    if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC
-            && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == cipher_info->block_size ) )
+    if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     if( alg == PSA_ALG_GCM )
@@ -1516,6 +1515,9 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         mbedtls_gcm_context gcm;
         tag_length = 16;
 
+        if( PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) != 16 )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+
         //make sure we have place to hold the tag in the ciphertext buffer
         if( ciphertext_size < ( plaintext_length + tag_length ) )
             return( PSA_ERROR_INVALID_ARGUMENT );
@@ -1544,6 +1546,9 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         mbedtls_ccm_context ccm;
         tag_length = 16;
 
+        if( PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) != 16 )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+
         if( nonce_length < 7 || nonce_length > 13 )
             return( PSA_ERROR_INVALID_ARGUMENT );
 

From f14394b25f19a7c3ad9e4809778ee36487f23e50 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 4 Jun 2018 14:33:19 +0300
Subject: [PATCH 184/889] add policy checks

---
 library/psa_crypto.c                        |  7 +++++--
 tests/suites/test_suite_psa_crypto.function | 14 ++++++++++++++
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index df0201b1d..8207a9bc1 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1505,7 +1505,8 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     if( cipher_info == NULL )
             return( PSA_ERROR_NOT_SUPPORTED );
 
-    //TODO: check key policy
+    if( !( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) )
+        return( PSA_ERROR_NOT_PERMITTED );
 
     if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
         return( PSA_ERROR_INVALID_ARGUMENT );
@@ -1644,7 +1645,9 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, &cipher_id );
     if( cipher_info == NULL )
             return( PSA_ERROR_NOT_SUPPORTED );
-    //TODO: check key policy
+    
+    if( !( slot->policy.usage & PSA_KEY_USAGE_DECRYPT ) )
+        return( PSA_ERROR_NOT_PERMITTED );
 
     if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC
             && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == cipher_info->block_size ) )
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index a582b56c3..16577dd91 100755
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -598,6 +598,7 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
     size_t additional_data_length = 0;
     size_t i = 0;
     psa_status_t expected_result = (psa_status_t) expected_result_arg;
+    psa_key_policy_t policy = {0};
 
 
     key_data = unhexify_alloc( key_hex, &key_size );
@@ -619,6 +620,12 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT , alg );
+
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data, key_size ) == PSA_SUCCESS );
 
@@ -679,6 +686,7 @@ void aead_encrypt( int key_type_arg, char * key_hex,
     size_t tag_length = 16;
     unsigned char *additional_data = NULL;
     size_t additional_data_length = 0;
+    psa_key_policy_t policy = {0};
 
 
     key_data = unhexify_alloc( key_hex, &key_size );
@@ -697,6 +705,12 @@ void aead_encrypt( int key_type_arg, char * key_hex,
     
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg );
+
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data, key_size ) == PSA_SUCCESS );
 

From ed8dbeb43462b2fd1b6860ae40dab232b2dbc80e Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 4 Jun 2018 15:00:52 +0300
Subject: [PATCH 185/889] add and fix data vectors

---
 tests/suites/test_suite_psa_crypto.data | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 494ebd504..c0c5f92bc 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -139,5 +139,8 @@ aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG
 PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
 
-#PSA AEAD Encrypt, AES CCM
-#aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8E78CF7CB0CDDD7B3"
+#PSA AEAD Encrypt, AES CCM - scenario 1
+#aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8"
+
+#PSA AEAD Encrypt, AES CCM - scenario 2
+#aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"

From 371a6e4067fb0ddd1582caf9f22a20db8f20ac89 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 4 Jun 2018 15:11:08 +0300
Subject: [PATCH 186/889] add decrypt tests for CCM

---
 tests/suites/test_suite_psa_crypto.data     | 14 ++--
 tests/suites/test_suite_psa_crypto.function | 74 +++++++++++++++++++++
 2 files changed, 84 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index c0c5f92bc..4aafeffaa 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -139,8 +139,14 @@ aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG
 PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
 
-#PSA AEAD Encrypt, AES CCM - scenario 1
-#aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8"
+PSA AEAD Encrypt, AES CCM - scenario 1
+aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8"
 
-#PSA AEAD Encrypt, AES CCM - scenario 2
-#aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
+PSA AEAD Encrypt, AES CCM - scenario 2
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
+
+PSA AEAD Decrypt, AES CCM - scenario 1
+aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C"
+
+PSA AEAD Decrypt, AES CCM - scenario 2
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef"
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 16577dd91..f276bee87 100755
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -736,3 +736,77 @@ exit:
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void aead_decrypt( int key_type_arg, char * key_hex,
+                int alg_arg, char * input_hex,
+                char * add_data, char * nonce_hex,
+                char * expected_result_hex )
+{
+    int slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key_data = NULL;
+    size_t key_size;
+    unsigned char *input_data = NULL;
+    size_t input_size;
+    unsigned char *output_data = NULL;
+    size_t output_size = 0;
+    size_t output_length = 0;
+    unsigned char *expected_result = NULL;
+    size_t expected_result_length = 0;
+    uint8_t* nonce = NULL;
+    size_t nonce_length = 0;
+    size_t tag_length = 16;
+    unsigned char *additional_data = NULL;
+    size_t additional_data_length = 0;
+    psa_key_policy_t policy = {0};
+
+
+    key_data = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key_data != NULL );
+    input_data = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input_data != NULL );
+    additional_data = unhexify_alloc( add_data, &additional_data_length );
+    TEST_ASSERT( input_data != NULL );
+    output_size = input_size + tag_length;
+    output_data = mbedtls_calloc( 1, output_size );
+    TEST_ASSERT( output_data != NULL );
+    nonce = unhexify_alloc( nonce_hex, &nonce_length );
+    TEST_ASSERT( nonce != NULL );
+    expected_result = unhexify_alloc( expected_result_hex, &expected_result_length );
+    TEST_ASSERT( expected_result != NULL );
+    
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg );
+
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, key_type,
+                                 key_data, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_aead_decrypt( slot, alg,
+                               nonce, nonce_length,
+                               additional_data, additional_data_length,
+                               input_data, input_size, output_data,
+                               output_size, &output_length ) == PSA_SUCCESS );
+
+
+    TEST_ASSERT( memcmp( output_data, expected_result,
+                                output_length ) == 0 );
+    
+
+exit:
+    psa_destroy_key( slot );
+    mbedtls_free( key_data );
+    mbedtls_free( input_data );
+    mbedtls_free( additional_data );
+    mbedtls_free( output_data );
+    mbedtls_free( nonce );
+    mbedtls_free( expected_result );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */

From c1ee32e1f4d742b5cbad44d23fdac75eea364ba2 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 4 Jun 2018 16:21:56 +0300
Subject: [PATCH 187/889] add GCM test vectors encrypt/decrypt

---
 tests/suites/test_suite_psa_crypto.data | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 4aafeffaa..ae86bfa21 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -150,3 +150,15 @@ aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4C
 
 PSA AEAD Decrypt, AES CCM - scenario 2
 aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef"
+
+PSA AEAD Encrypt, AES GCM - scenario 1
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
+
+PSA AEAD Encrypt, AES GCM - scenario 2
+aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56"
+
+PSA AEAD Decrypt, AES GCM - scenario 1
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826"
+
+PSA AEAD Decrypt, AES GCM - scenario 2
+aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013"

From f7f72da7695056b7b9a9171681090f33ca2dc1f3 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Mon, 4 Jun 2018 16:32:11 +0300
Subject: [PATCH 188/889] add invalid signature test case

---
 tests/suites/test_suite_psa_crypto.data     | 14 ++++++++++----
 tests/suites/test_suite_psa_crypto.function | 21 +++++++++++++--------
 2 files changed, 23 insertions(+), 12 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index ae86bfa21..b75536c7a 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -146,10 +146,10 @@ PSA AEAD Encrypt, AES CCM - scenario 2
 aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
 
 PSA AEAD Decrypt, AES CCM - scenario 1
-aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C"
+aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS
 
 PSA AEAD Decrypt, AES CCM - scenario 2
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef"
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
 
 PSA AEAD Encrypt, AES GCM - scenario 1
 aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
@@ -158,7 +158,13 @@ PSA AEAD Encrypt, AES GCM - scenario 2
 aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56"
 
 PSA AEAD Decrypt, AES GCM - scenario 1
-aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826"
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
 
 PSA AEAD Decrypt, AES GCM - scenario 2
-aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013"
+aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS
+
+PSA AEAD Decrypt, AES GCM - invalid signature
+aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE
+
+PSA AEAD Decrypt, AES CCM - invalid signature
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index f276bee87..0e1662ff1 100755
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -741,7 +741,7 @@ exit:
 void aead_decrypt( int key_type_arg, char * key_hex,
                 int alg_arg, char * input_hex,
                 char * add_data, char * nonce_hex,
-                char * expected_result_hex )
+                char * expected_result_hex, int expected_result_arg )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -753,7 +753,7 @@ void aead_decrypt( int key_type_arg, char * key_hex,
     unsigned char *output_data = NULL;
     size_t output_size = 0;
     size_t output_length = 0;
-    unsigned char *expected_result = NULL;
+    unsigned char *expected_data = NULL;
     size_t expected_result_length = 0;
     uint8_t* nonce = NULL;
     size_t nonce_length = 0;
@@ -761,6 +761,7 @@ void aead_decrypt( int key_type_arg, char * key_hex,
     unsigned char *additional_data = NULL;
     size_t additional_data_length = 0;
     psa_key_policy_t policy = {0};
+    psa_status_t expected_result = (psa_status_t) expected_result_arg;
 
 
     key_data = unhexify_alloc( key_hex, &key_size );
@@ -774,8 +775,8 @@ void aead_decrypt( int key_type_arg, char * key_hex,
     TEST_ASSERT( output_data != NULL );
     nonce = unhexify_alloc( nonce_hex, &nonce_length );
     TEST_ASSERT( nonce != NULL );
-    expected_result = unhexify_alloc( expected_result_hex, &expected_result_length );
-    TEST_ASSERT( expected_result != NULL );
+    expected_data = unhexify_alloc( expected_result_hex, &expected_result_length );
+    TEST_ASSERT( expected_data != NULL );
     
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -792,11 +793,15 @@ void aead_decrypt( int key_type_arg, char * key_hex,
                                nonce, nonce_length,
                                additional_data, additional_data_length,
                                input_data, input_size, output_data,
-                               output_size, &output_length ) == PSA_SUCCESS );
+                               output_size, &output_length ) == expected_result );
 
 
-    TEST_ASSERT( memcmp( output_data, expected_result,
-                                output_length ) == 0 );
+    if ( expected_result == PSA_SUCCESS )
+    {
+        TEST_ASSERT( memcmp( output_data, expected_data,
+                                    output_length ) == 0 );
+    }
+
     
 
 exit:
@@ -806,7 +811,7 @@ exit:
     mbedtls_free( additional_data );
     mbedtls_free( output_data );
     mbedtls_free( nonce );
-    mbedtls_free( expected_result );
+    mbedtls_free( expected_data );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */

From 5ed0621dd4c2cd77f534a64dd9e38a3f37d1aac8 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 6 Jun 2018 13:09:34 +0300
Subject: [PATCH 189/889] aligned with coding standards - line length

---
 library/psa_crypto.c | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 8207a9bc1..3ee3f9d8d 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1501,14 +1501,16 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         return( status );
     slot = &global_data.key_slots[key];
 
-    cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, &cipher_id );
+    cipher_info = mbedtls_cipher_info_from_psa( alg, key_type,
+                                                key_bits, &cipher_id );
     if( cipher_info == NULL )
             return( PSA_ERROR_NOT_SUPPORTED );
 
     if( !( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) )
         return( PSA_ERROR_NOT_PERMITTED );
 
-    if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
+    if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != 
+           PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     if( alg == PSA_ALG_GCM )
@@ -1642,15 +1644,18 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         return( status );
     slot = &global_data.key_slots[key];
 
-    cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, &cipher_id );
+    cipher_info = mbedtls_cipher_info_from_psa( alg, key_type,
+                                                key_bits, &cipher_id );
     if( cipher_info == NULL )
             return( PSA_ERROR_NOT_SUPPORTED );
     
     if( !( slot->policy.usage & PSA_KEY_USAGE_DECRYPT ) )
         return( PSA_ERROR_NOT_PERMITTED );
 
-    if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC
-            && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == cipher_info->block_size ) )
+    if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == 
+            PSA_KEY_TYPE_CATEGORY_SYMMETRIC
+            && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 
+            cipher_info->block_size ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     if( alg == PSA_ALG_GCM )
@@ -1676,7 +1681,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         ret = mbedtls_gcm_auth_decrypt( &gcm,
                                         ciphertext_length - tag_length,
                                         nonce, nonce_length,
-                                        additional_data, additional_data_length,
+                                        additional_data,
+                                        additional_data_length,
                                         tag, tag_length,
                                         ciphertext, plaintext );
         mbedtls_gcm_free( &gcm );

From 6b4d98cf78d1ba453c4a83dd999b2a002c37d1db Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 6 Jun 2018 13:19:51 +0300
Subject: [PATCH 190/889] remove trailing spaces

---
 library/psa_crypto.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 3ee3f9d8d..190abe1ea 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1509,7 +1509,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     if( !( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) )
         return( PSA_ERROR_NOT_PERMITTED );
 
-    if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != 
+    if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) !=
            PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
@@ -1652,9 +1652,9 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     if( !( slot->policy.usage & PSA_KEY_USAGE_DECRYPT ) )
         return( PSA_ERROR_NOT_PERMITTED );
 
-    if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == 
+    if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) ==
             PSA_KEY_TYPE_CATEGORY_SYMMETRIC
-            && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 
+            && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ==
             cipher_info->block_size ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 

From 8ffd764e23e39aa330c7d1c7f31774e20a672f73 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 6 Jun 2018 13:37:29 +0300
Subject: [PATCH 191/889] re-group test vectors and change vectors' names

---
 tests/suites/test_suite_psa_crypto.data | 42 ++++++++++++-------------
 1 file changed, 21 insertions(+), 21 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index b75536c7a..2b466b164 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -121,50 +121,50 @@ PSA verify ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
-PSA AEAD Encrypt-Decrypt, AES CCM scenario 1
+PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 1
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":PSA_SUCCESS
 
-PSA AEAD Encrypt-Decrypt, AES CCM scenario 2
+PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 2
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
 
-PSA AEAD Encrypt-Decrypt, AES GCM scenario 1
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":PSA_SUCCESS
-
-PSA AEAD Encrypt-Decrypt, AES GCM scenario 2
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
-
 PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid key type
 aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
 
-PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
-
-PSA AEAD Encrypt, AES CCM - scenario 1
+PSA AEAD Encrypt, AES CCM - 23-bytes input
 aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8"
 
-PSA AEAD Encrypt, AES CCM - scenario 2
+PSA AEAD Encrypt, AES CCM - 24-bytes input
 aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
 
-PSA AEAD Decrypt, AES CCM - scenario 1
+PSA AEAD Decrypt, AES CCM - 39-bytes input
 aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS
 
-PSA AEAD Decrypt, AES CCM - scenario 2
+PSA AEAD Decrypt, AES CCM - 40-bytes input
 aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
 
-PSA AEAD Encrypt, AES GCM - scenario 1
+PSA AEAD Decrypt, AES CCM - invalid signature
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
+
+PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 1
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":PSA_SUCCESS
+
+PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 2
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
+
+PSA AEAD Encrypt, AES GCM - 128-bytes input - 1
 aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
 
-PSA AEAD Encrypt, AES GCM - scenario 2
+PSA AEAD Encrypt, AES GCM - 128-bytes input - 2
 aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56"
 
-PSA AEAD Decrypt, AES GCM - scenario 1
+PSA AEAD Decrypt, AES GCM - 144-bytes input - 1
 aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
 
-PSA AEAD Decrypt, AES GCM - scenario 2
+PSA AEAD Decrypt, AES GCM - 144-bytes input - 2
 aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS
 
 PSA AEAD Decrypt, AES GCM - invalid signature
 aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE
 
-PSA AEAD Decrypt, AES CCM - invalid signature
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
+PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED

From fb5b9cbb8d79f80c49f80f213b51b2161aafe924 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 6 Jun 2018 13:44:27 +0300
Subject: [PATCH 192/889] add missing documentations

---
 include/psa/crypto.h | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index fc26e51fd..c45fccd4b 100755
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1073,6 +1073,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
  * @{
  */
 
+// This macro calculates the encryption output size according to given algorithm
 #define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length)     \
     ((alg) == PSA_ALG_GCM ? (plaintext_length) + 16 :           \
      (alg) == PSA_ALG_CCM ? (plaintext_length) + 16 :           \
@@ -1131,6 +1132,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
                                size_t ciphertext_size,
                                size_t *ciphertext_length );
 
+// This macro calculates the decryption output size according to given algorithm
 #define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length)     \
     ((alg) == PSA_ALG_GCM ? (ciphertext_length) - 16 :           \
      (alg) == PSA_ALG_CCM ? (ciphertext_length) - 16 :           \
@@ -1160,7 +1162,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
  *                                #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg,
  *                                \p ciphertext_length).
  * \param plaintext_length        On success, the size of the output
- *                                in the \b plainrtext buffer.
+ *                                in the \b plaintext buffer.
  *
  * \retval PSA_SUCCESS
  *         Success.

From e3cb8a8d8b8667caa0e41131b27d19ceec1b8e66 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 6 Jun 2018 13:45:03 +0300
Subject: [PATCH 193/889] return PSA_ERROR_BUFFER_TOO_SMALL intead of
 PSA_ERROR_INVALID_ARGUMENT

---
 library/psa_crypto.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 190abe1ea..d507a53c8 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1523,7 +1523,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
 
         //make sure we have place to hold the tag in the ciphertext buffer
         if( ciphertext_size < ( plaintext_length + tag_length ) )
-            return( PSA_ERROR_INVALID_ARGUMENT );
+            return( PSA_ERROR_BUFFER_TOO_SMALL );
 
         //update the tag pointer to point to the end of the ciphertext_length
         tag = ciphertext + plaintext_length;
@@ -1557,7 +1557,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
 
         //make sure we have place to hold the tag in the ciphertext buffer
         if( ciphertext_size < ( plaintext_length + tag_length ) )
-            return( PSA_ERROR_INVALID_ARGUMENT );
+            return( PSA_ERROR_BUFFER_TOO_SMALL );
 
         //update the tag pointer to point to the end of the ciphertext_length
         tag = ciphertext + plaintext_length;

From a1d980168357d6554008b7bb29a3f15b3594e13f Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Wed, 6 Jun 2018 13:45:55 +0300
Subject: [PATCH 194/889] add slot validation

---
 library/psa_crypto.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index d507a53c8..f0439e3ec 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1500,6 +1500,8 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     if( status != PSA_SUCCESS )
         return( status );
     slot = &global_data.key_slots[key];
+    if( slot->type == PSA_KEY_TYPE_NONE )
+            return( PSA_ERROR_EMPTY_SLOT );
 
     cipher_info = mbedtls_cipher_info_from_psa( alg, key_type,
                                                 key_bits, &cipher_id );
@@ -1643,6 +1645,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     if( status != PSA_SUCCESS )
         return( status );
     slot = &global_data.key_slots[key];
+    if( slot->type == PSA_KEY_TYPE_NONE )
+            return( PSA_ERROR_EMPTY_SLOT );
 
     cipher_info = mbedtls_cipher_info_from_psa( alg, key_type,
                                                 key_bits, &cipher_id );

From e109f216383a8a7cbe737dc337becb617285b78f Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Thu, 7 Jun 2018 01:38:14 +0300
Subject: [PATCH 195/889] remove unnecessary check for block size

---
 library/psa_crypto.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index f0439e3ec..ba1fd9d4c 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1657,9 +1657,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         return( PSA_ERROR_NOT_PERMITTED );
 
     if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) ==
-            PSA_KEY_TYPE_CATEGORY_SYMMETRIC
-            && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) ==
-            cipher_info->block_size ) )
+            PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     if( alg == PSA_ALG_GCM )

From 1347a73fbe09927c7187dcfd871bbb0ce68e0ea7 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Thu, 7 Jun 2018 01:38:45 +0300
Subject: [PATCH 196/889] fix macros documentation style.

---
 include/psa/crypto.h | 37 +++++++++++++++++++++++++++++++++++--
 1 file changed, 35 insertions(+), 2 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index c45fccd4b..8e20013a2 100755
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1073,7 +1073,24 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
  * @{
  */
 
-// This macro calculates the encryption output size according to given algorithm
+
+/** AEAD Encrypted data size
+ *
+ * This macro calculates the encrypted data size according to given algorithm
+ * and plaintext_length.
+ *
+ *
+ * \param alg                 The AEAD algorithm to compute
+ *                            (\c PSA_ALG_XXX value such that
+ *                            #PSA_ALG_IS_AEAD(alg) is true).
+ * \param plaintext_length    Size of \p plaintext in bytes.
+ *
+ * \return If the algorithm is PSA_ALG_GCM the encrypted data size is 
+ *         plaintext_length plus 16-bytes for tag.
+ *         If the algorithm is PSA_ALG_CCM the encrypted data size is 
+ *         plaintext_length plus 16-bytes for tag.
+ *         Otherwise return zero.
+ */
 #define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length)     \
     ((alg) == PSA_ALG_GCM ? (plaintext_length) + 16 :           \
      (alg) == PSA_ALG_CCM ? (plaintext_length) + 16 :           \
@@ -1132,7 +1149,23 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
                                size_t ciphertext_size,
                                size_t *ciphertext_length );
 
-// This macro calculates the decryption output size according to given algorithm
+/** AEAD Decrypted data size
+ *
+ * This macro calculates the decrypted data size according to given algorithm
+ * and ciphertext_length.
+ *
+ *
+ * \param alg                 The AEAD algorithm to compute
+ *                            (\c PSA_ALG_XXX value such that
+ *                            #PSA_ALG_IS_AEAD(alg) is true).
+ * \param ciphertext_length    Size of \p ciphertext in bytes.
+ *
+ * \return If the algorithm is PSA_ALG_GCM the decrypted data size is 
+ *         ciphertext_length minus 16-bytes for tag.
+ *         If the algorithm is PSA_ALG_CCM the decrypted data size is 
+ *         ciphertext_length minus 16-bytes for tag.
+ *         Otherwise return zero.
+ */
 #define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length)     \
     ((alg) == PSA_ALG_GCM ? (ciphertext_length) - 16 :           \
      (alg) == PSA_ALG_CCM ? (ciphertext_length) - 16 :           \

From fc614b1e0eacd372c10480c53a720ceb18f832b8 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Thu, 7 Jun 2018 01:43:52 +0300
Subject: [PATCH 197/889] fix parentheses

---
 library/psa_crypto.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ba1fd9d4c..a8306ab24 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1656,8 +1656,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     if( !( slot->policy.usage & PSA_KEY_USAGE_DECRYPT ) )
         return( PSA_ERROR_NOT_PERMITTED );
 
-    if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) ==
-            PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
+    if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != 
+         PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     if( alg == PSA_ALG_GCM )

From 3158564f089f26a534123b67b3058885de3962cf Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Thu, 7 Jun 2018 11:45:03 +0300
Subject: [PATCH 198/889] add nonce as argument to the test function of
 encrypt/decrypt

---
 tests/suites/test_suite_psa_crypto.data     | 12 ++++++------
 tests/suites/test_suite_psa_crypto.function | 14 ++++----------
 2 files changed, 10 insertions(+), 16 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 2b466b164..8fc7985b8 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -122,13 +122,13 @@ depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R
 asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
 PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 1
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":PSA_SUCCESS
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":"000102030405060708090A0B":PSA_SUCCESS
 
 PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 2
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
 
 PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid key type
-aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
+aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
 
 PSA AEAD Encrypt, AES CCM - 23-bytes input
 aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8"
@@ -146,10 +146,10 @@ PSA AEAD Decrypt, AES CCM - invalid signature
 aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
 
 PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 1
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":PSA_SUCCESS
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":PSA_SUCCESS
 
 PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 2
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
 
 PSA AEAD Encrypt, AES GCM - 128-bytes input - 1
 aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
@@ -167,4 +167,4 @@ PSA AEAD Decrypt, AES GCM - invalid signature
 aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE
 
 PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 0e1662ff1..1cb938108 100755
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -576,7 +576,7 @@ exit:
 
 /* BEGIN_CASE */
 void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
-                int alg_arg, char * input_hex,
+                int alg_arg, char * input_hex, char * nonce_hex,
                 char * add_data, int expected_result_arg )
 {
     int slot = 1;
@@ -591,12 +591,11 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
     size_t output_length = 0;
     unsigned char *output_data2 = NULL;
     size_t output_length2 = 0;
-    uint8_t nonce[16];
+    uint8_t* nonce;
     size_t nonce_length = 16;
     size_t tag_length = 16;
     unsigned char *additional_data = NULL;
     size_t additional_data_length = 0;
-    size_t i = 0;
     psa_status_t expected_result = (psa_status_t) expected_result_arg;
     psa_key_policy_t policy = {0};
 
@@ -610,13 +609,8 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
     output_size = input_size + tag_length;
     output_data = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output_data != NULL );
-    if( alg == PSA_ALG_CCM )
-    {
-        nonce_length = 12;
-    }
-
-    for( ; i < nonce_length; ++i )
-        nonce[i] = i;
+    nonce = unhexify_alloc( nonce_hex, &nonce_length );
+    TEST_ASSERT( nonce != NULL );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 

From 65eb8588fec079d476d701e9106ba86fcb077153 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 19 Apr 2018 08:28:58 +0200
Subject: [PATCH 199/889] Expand the description of error codes

---
 include/psa/crypto.h | 221 +++++++++++++++++++++++++++++++++++++++----
 1 file changed, 200 insertions(+), 21 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index f5db4d26b..a463cc05a 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -54,43 +54,206 @@ typedef enum {
     /** The action was completed successfully. */
     PSA_SUCCESS = 0,
     /** The requested operation or a parameter is not supported
-        by this implementation. */
+     * by this implementation.
+     *
+     * Implementations should return this error code when an enumeration
+     * parameter such as a key type, algorithm, etc. is not recognized.
+     * If a combination of parameters is recognized and identified as
+     * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */
     PSA_ERROR_NOT_SUPPORTED,
-    /** The requested action is denied by a policy. */
+    /** The requested action is denied by a policy.
+     *
+     * Implementations should return this error code when the parameters
+     * are recognized as valid and supported, and a policy explicitly
+     * denies the requested operation.
+     *
+     * If a subset of the parameters of a function call identify a
+     * forbidden operation, and another subset of the parameters are
+     * not valid or not supported, it is unspecified whether the function
+     * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or
+     * #PSA_ERROR_INVALID_ARGUMENT. */
     PSA_ERROR_NOT_PERMITTED,
-    /** An output buffer is too small. */
+    /** An output buffer is too small.
+     *
+     * Applications can call the `PSA_xxx_SIZE` macro listed in the function
+     * description to determine a sufficient buffer size.
+     *
+     * Implementations should preferably return this error code only
+     * in cases when performing the operation with a larger output
+     * buffer would succeed. However implementations may return this
+     * error if a function has invalid or unsupported parameters in addition
+     * to the parameters that determine the necessary output buffer size. */
     PSA_ERROR_BUFFER_TOO_SMALL,
     /** A slot is occupied, but must be empty to carry out the
-        requested action. */
+     * requested action.
+     *
+     * If the slot number is invalid (i.e. the requested action could
+     * not be performed even after erasing the slot's content),
+     * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */
     PSA_ERROR_OCCUPIED_SLOT,
     /** A slot is empty, but must be occupied to carry out the
-        requested action. */
+     * requested action.
+     *
+     * If the slot number is invalid (i.e. the requested action could
+     * not be performed even after creating appropriate content in the slot),
+     * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */
     PSA_ERROR_EMPTY_SLOT,
-    /** The requested action cannot be performed in the current state. */
+    /** The requested action cannot be performed in the current state.
+     *
+     * Multipart operations return this error when one of the
+     * functions is called out of sequence. Refer to the function
+     * descriptions for permitted sequencing of functions.
+     *
+     * Implementations shall not return this error code to indicate
+     * that a key slot is occupied when it needs to be free or vice versa,
+     * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT
+     * as applicable. */
     PSA_ERROR_BAD_STATE,
-    /** The parameters passed to the function are invalid. */
+    /** The parameters passed to the function are invalid.
+     *
+     * Implementations may return this error any time a parameter or
+     * combination of parameters are recognized as invalid.
+     *
+     * Implementations shall not return this error code to indicate
+     * that a key slot is occupied when it needs to be free or vice versa,
+     * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT
+     * as applicable. */
     PSA_ERROR_INVALID_ARGUMENT,
-    /** There is not enough runtime memory. */
+    /** There is not enough runtime memory.
+     *
+     * If the action is carried out across multiple security realms, this
+     * error can refer to available memory in any of the security realms. */
     PSA_ERROR_INSUFFICIENT_MEMORY,
-    /** There is not enough persistent storage. */
+    /** There is not enough persistent storage.
+     *
+     * Functions that modify the key storage return this error code if
+     * there is insufficient storage space on the host media. In addition,
+     * many functions that do not otherwise access storage may return this
+     * error code if the implementation requires a mandatory log entry for
+     * the requested action and the log storage space is full. */
     PSA_ERROR_INSUFFICIENT_STORAGE,
-    /** There was a communication failure inside the implementation. */
+    /** There was a communication failure inside the implementation.
+     *
+     * This can indicate a communication failure between the application
+     * and an external cryptoprocessor or between the cryptoprocessor and
+     * an external volatile or persistent memory. A communication failure
+     * may be transient or permanent depending on the cause.
+     *
+     * \warning If a function returns this error, it is undetermined
+     * whether the requested action has completed or not. Implementations
+     * should return #PSA_SUCCESS on successful completion whenver
+     * possible, however functions may return #PSA_ERROR_COMMUNICATION_FAILURE
+     * if the requested action was completed successfully in an external
+     * cryptoprocessor but there was a breakdown of communication before
+     * the cryptoprocessor could report the status to the application.
+     */
     PSA_ERROR_COMMUNICATION_FAILURE,
-    /** There was a storage failure that may have led to data loss. */
+    /** There was a storage failure that may have led to data loss.
+     *
+     * This error indicates that some persistent storage is corrupted.
+     * It should not be used for a corruption of volatile memory
+     * (use #PSA_ERROR_TAMPERING_DETECTED), for a communication error
+     * between the cryptoprocessor and its external storage (use
+     * #PSA_ERROR_COMMUNICATION_FAILURE), or when the storage is
+     * in a valid state but is full (use #PSA_ERROR_INSUFFICIENT_STORAGE).
+     *
+     * Note that a storage failure does not indicate that any data that was
+     * previously read is invalid. However this previously read data may no
+     * longer be readable from storage.
+     *
+     * When a storage failure occurs, it is no longer possible to ensure
+     * the global integrity of the keystore. Depending on the global
+     * integrity guarantees offered by the implementation, access to other
+     * data may or may not fail even if the data is still readable but
+     * its integrity canont be guaranteed.
+     *
+     * Implementations should only use this error code to report a
+     * permanent storage corruption. However application writers should
+     * keep in mind that transient errors while reading the storage may be
+     * reported using this error code. */
     PSA_ERROR_STORAGE_FAILURE,
-    /** A hardware failure was detected. */
+    /** A hardware failure was detected.
+     *
+     * A hardware failure may be transient or permanent depending on the
+     * cause. */
     PSA_ERROR_HARDWARE_FAILURE,
-    /** A tampering attempt was detected. */
+    /** A tampering attempt was detected.
+     *
+     * If an application receives this error code, there is no guarantee
+     * that previously accessed or computed data was correct and remains
+     * confidential. Applications should not perform any security function
+     * and should enter a safe failure state.
+     *
+     * Implementations may return this error code if they detect an invalid
+     * state that cannot happen during normal operation and that indicates
+     * that the implementation's security guarantees no longer hold. Depending
+     * on the implementation architecture and on its security and safety goals,
+     * the implementation may forcibly terminate the application.
+     *
+     * This error code is intended as a last resort when a security breach
+     * is detected and it is unsure whether the keystore data is still
+     * protected. Implementations shall only return this error code
+     * to report an alarm from a tampering detector, to indicate that
+     * the confidentiality of stored data can no longer be guaranteed,
+     * or to indicate that the integrity of previously returned data is now
+     * considered compromised. Implementations shall not use this error code
+     * to indicate a hardware failure that merely makes it impossible to
+     * perform the requested operation (use #PSA_ERROR_COMMUNICATION_FAILURE,
+     * #PSA_ERROR_STORAGE_FAILURE, #PSA_ERROR_HARDWARE_FAILURE,
+     * #PSA_ERROR_INSUFFICIENT_ENTROPY or other applicable error code
+     * instead).
+     *
+     * This error indicates an attack against the application. Implementations
+     * shall not return this error code as a consequence of the behavior of
+     * the application itself. */
     PSA_ERROR_TAMPERING_DETECTED,
     /** There is not enough entropy to generate random data needed
-        for the requested action. */
+     * for the requested action.
+     *
+     * This error indicates a failure of a hardware random generator.
+     * Application writers should note that this error can be returned not
+     * only by functions whose purpose is to generate random data, such
+     * as key, IV or nonce generation, but also by functions that execute
+     * an algorithm with a randomized result, as well as functions that
+     * use randomization of intermediate computations as a countermeasure
+     * to certain attacks.
+     *
+     * Implementations should avoid returning this error after psa_crypto_init()
+     * has succeeded. Implementations should generate sufficient
+     * entropy during initialization and subsequently use a cryptographically
+     * secure pseudorandom generator (PRNG). However implementations may return
+     * this error at any time if a policy requires the PRNG to be reseeded
+     * during normal operation. */
     PSA_ERROR_INSUFFICIENT_ENTROPY,
-    /** The signature, MAC or hash is incorrect. */
+    /** The signature, MAC or hash is incorrect.
+     *
+     * Verification functions return this error if the verification
+     * calculations completed successfully, and the value to be verified
+     * was determined to be incorrect.
+     *
+     * If the value to verify has an invalid size, implementations may return
+     * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */
     PSA_ERROR_INVALID_SIGNATURE,
-    /** The decrypted padding is incorrect. */
+    /** The decrypted padding is incorrect.
+     *
+     * \warning In some protocols, when decrypting data, it is essential that
+     * the behavior of the application does not depend on whether the padding
+     * is correct, down to precise timing. Applications should prefer
+     * protocols that use authenticated encryption rather than plain
+     * encryption. If the application must perform a decryption of
+     * unauthenticated data, the application writer should take care not
+     * to reveal whether the padding is invalid.
+     *
+     * Implementations should strive to make valid and invalid padding
+     * as close as possible to indistinguishable to an external observer.
+     * In particular, the timing of a decryption operation should not
+     * depend on the validity of the padding. */
     PSA_ERROR_INVALID_PADDING,
     /** An error occurred that does not correspond to any defined
-        failure cause. */
+     * failure cause.
+     *
+     * Implementations may use this error code if none of the other standard
+     * error codes are applicable. */
     PSA_ERROR_UNKNOWN_ERROR,
 } psa_status_t;
 
@@ -357,13 +520,15 @@ typedef uint32_t psa_algorithm_t;
  * \retval PSA_SUCCESS
  *         Success.
  * \retval PSA_ERROR_NOT_SUPPORTED
- *         The key type or key size is not supported.
+ *         The key type or key size is not supported, either by the
+ *         implementation in general or in this particular slot.
  * \retval PSA_ERROR_INVALID_ARGUMENT
  *         The key slot is invalid,
  *         or the key data is not correctly formatted.
  * \retval PSA_ERROR_OCCUPIED_SLOT
-           There is already a key in the specified slot.
+ *         There is already a key in the specified slot.
  * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_INSUFFICIENT_STORAGE
  * \retval PSA_ERROR_COMMUNICATION_FAILURE
  * \retval PSA_ERROR_HARDWARE_FAILURE
  * \retval PSA_ERROR_TAMPERING_DETECTED
@@ -377,10 +542,24 @@ psa_status_t psa_import_key(psa_key_slot_t key,
  * \brief Destroy a key.
  *
  * \retval PSA_SUCCESS
- * \retval PSA_ERROR_EMPTY_SLOT
+ *         The slot's content, if any, has been erased.
+ * \retval PSA_ERROR_NOT_PERMITTED
+ *         The slot holds content and cannot be erased because it is
+ *         read-only, either due to a policy or due to physical restrictions.
+ * \retval PSA_ERROR_INVALID_ARGUMENT
+ *         The specified slot number does not designate a valid slot.
  * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
+ *         There was an failure in communication with the cryptoprocessor.
+ *         The key material may still be present in the cryptoprocessor.
+ * \retval PSA_ERROR_STORAGE_FAILURE
+ *         The storage is corrupted. Implementations shall make a best effort
+ *         to erase key material even in this stage, however applications
+ *         should be aware that it may be impossible to guarantee that the
+ *         key material is not recoverable in such cases.
  * \retval PSA_ERROR_TAMPERING_DETECTED
+ *         An unexpected condition which is not a storage corruption or
+ *         a communication failure occurred. The cryptoprocessor may have
+ *         been compromised.
  */
 psa_status_t psa_destroy_key(psa_key_slot_t key);
 

From 212e4d8f7c213221c3f7dce04654983da22686a0 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 8 Jun 2018 11:36:37 +0200
Subject: [PATCH 200/889] Improve documentation of PSA_AEAD_xxx_OUTPUT_SIZE

---
 include/psa/crypto.h | 48 ++++++++++++++++++++++++--------------------
 1 file changed, 26 insertions(+), 22 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 8e20013a2..7286ef9d8 100755
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1074,22 +1074,24 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
  */
 
 
-/** AEAD Encrypted data size
+/** The maximum size of the output of psa_aead_encrypt(), in bytes.
  *
- * This macro calculates the encrypted data size according to given algorithm
- * and plaintext_length.
+ * If the size of the ciphertext buffer is at least this large, it is
+ * guaranteed that psa_aead_encrypt() will not fail due to an
+ * insufficient buffer size. Depending on the algorithm, the actual size of
+ * the ciphertext may be smaller.
  *
- *
- * \param alg                 The AEAD algorithm to compute
+ * \param alg                 An AEAD algorithm
  *                            (\c PSA_ALG_XXX value such that
  *                            #PSA_ALG_IS_AEAD(alg) is true).
- * \param plaintext_length    Size of \p plaintext in bytes.
+ * \param plaintext_length    Size of the plaintext in bytes.
  *
- * \return If the algorithm is PSA_ALG_GCM the encrypted data size is 
- *         plaintext_length plus 16-bytes for tag.
- *         If the algorithm is PSA_ALG_CCM the encrypted data size is 
- *         plaintext_length plus 16-bytes for tag.
- *         Otherwise return zero.
+ * \return                    The AEAD ciphertext size for the specified
+ *                            algorithm.
+ *                            If the AEAD algorithm is not recognized, return 0.
+ *                            An implementation may return either 0 or a
+ *                            correct size for an AEAD algorithm that it
+ *                            recognizes, but does not support.
  */
 #define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length)     \
     ((alg) == PSA_ALG_GCM ? (plaintext_length) + 16 :           \
@@ -1149,22 +1151,24 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
                                size_t ciphertext_size,
                                size_t *ciphertext_length );
 
-/** AEAD Decrypted data size
+/** The maximum size of the output of psa_aead_decrypt(), in bytes.
  *
- * This macro calculates the decrypted data size according to given algorithm
- * and ciphertext_length.
+ * If the size of the plaintext buffer is at least this large, it is
+ * guaranteed that psa_aead_decrypt() will not fail due to an
+ * insufficient buffer size. Depending on the algorithm, the actual size of
+ * the plaintext may be smaller.
  *
- *
- * \param alg                 The AEAD algorithm to compute
+ * \param alg                 An AEAD algorithm
  *                            (\c PSA_ALG_XXX value such that
  *                            #PSA_ALG_IS_AEAD(alg) is true).
- * \param ciphertext_length    Size of \p ciphertext in bytes.
+ * \param ciphertext_length   Size of the plaintext in bytes.
  *
- * \return If the algorithm is PSA_ALG_GCM the decrypted data size is 
- *         ciphertext_length minus 16-bytes for tag.
- *         If the algorithm is PSA_ALG_CCM the decrypted data size is 
- *         ciphertext_length minus 16-bytes for tag.
- *         Otherwise return zero.
+ * \return                    The AEAD ciphertext size for the specified
+ *                            algorithm.
+ *                            If the AEAD algorithm is not recognized, return 0.
+ *                            An implementation may return either 0 or a
+ *                            correct size for an AEAD algorithm that it
+ *                            recognizes, but does not support.
  */
 #define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length)     \
     ((alg) == PSA_ALG_GCM ? (ciphertext_length) - 16 :           \

From 71bb7b77f05fd3e8f07c99249f9e645326fbd96a Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 19 Apr 2018 08:29:59 +0200
Subject: [PATCH 201/889] Switch PSA_HASH_FINAL_SIZE to PSA_HASH_SIZE

Make this macro work on derived algorithms as well (HMAC,
hash-and-sign, etc.).
---
 include/psa/crypto.h | 40 ++++++++++++++++++++--------------------
 library/psa_crypto.c |  2 +-
 2 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index a463cc05a..c880586fe 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -814,23 +814,23 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
  *         An implementation may return either 0 or the correct size
  *         for a hash algorithm that it recognizes, but does not support.
  */
-#define PSA_HASH_FINAL_SIZE(alg)                \
-    (                                           \
-        (alg) == PSA_ALG_MD2 ? 16 :             \
-        (alg) == PSA_ALG_MD4 ? 16 :             \
-        (alg) == PSA_ALG_MD5 ? 16 :             \
-        (alg) == PSA_ALG_RIPEMD160 ? 20 :       \
-        (alg) == PSA_ALG_SHA_1 ? 20 :           \
-        (alg) == PSA_ALG_SHA_224 ? 28 :         \
-        (alg) == PSA_ALG_SHA_256 ? 32 :         \
-        (alg) == PSA_ALG_SHA_384 ? 48 :         \
-        (alg) == PSA_ALG_SHA_512 ? 64 :         \
-        (alg) == PSA_ALG_SHA_512_224 ? 28 :     \
-        (alg) == PSA_ALG_SHA_512_256 ? 32 :     \
-        (alg) == PSA_ALG_SHA3_224 ? 28 :        \
-        (alg) == PSA_ALG_SHA3_256 ? 32 :        \
-        (alg) == PSA_ALG_SHA3_384 ? 48 :        \
-        (alg) == PSA_ALG_SHA3_512 ? 64 :        \
+#define PSA_HASH_SIZE(alg)                                            \
+    (                                                                 \
+        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_MD2 ? 16 :               \
+        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_MD4 ? 16 :               \
+        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_MD5 ? 16 :               \
+        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 :         \
+        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 :             \
+        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28 :           \
+        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32 :           \
+        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48 :           \
+        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64 :           \
+        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 :       \
+        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 :       \
+        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28 :          \
+        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32 :          \
+        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48 :          \
+        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64 :          \
         0)
 
 /** Start a multipart hash operation.
@@ -915,7 +915,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation,
  * \param hash_size     Size of the \c hash buffer in bytes.
  * \param hash_length   On success, the number of bytes
  *                      that make up the hash value. This is always
- *                      #PSA_HASH_FINAL_SIZE(alg) where \c alg is the
+ *                      #PSA_HASH_SIZE(alg) where \c alg is the
  *                      hash algorithm that is calculated.
  *
  * \retval PSA_SUCCESS
@@ -924,7 +924,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation,
  *         The operation state is not valid (not started, or already completed).
  * \retval PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \c hash buffer is too small. You can determine a
- *         sufficient buffer size by calling #PSA_HASH_FINAL_SIZE(alg)
+ *         sufficient buffer size by calling #PSA_HASH_SIZE(alg)
  *         where \c alg is the hash algorithm that is calculated.
  * \retval PSA_ERROR_INSUFFICIENT_MEMORY
  * \retval PSA_ERROR_COMMUNICATION_FAILURE
@@ -1020,7 +1020,7 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
  *         for a MAC algorithm that it recognizes, but does not support.
  */
 #define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg)                     \
-    (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_FINAL_SIZE(PSA_ALG_HMAC_HASH(alg)) : \
+    (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_HASH(alg)) : \
      PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \
      0)
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 3ea87f642..b66862c50 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -774,7 +774,7 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation,
                               size_t *hash_length )
 {
     int ret;
-    size_t actual_hash_length = PSA_HASH_FINAL_SIZE( operation->alg );
+    size_t actual_hash_length = PSA_HASH_SIZE( operation->alg );
 
     /* Fill the output buffer with something that isn't a valid hash
      * (barring an attack on the hash and deliberately-crafted input),

From 5e39dc96e009587401397590ec16d3da001ac7dc Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 8 Jun 2018 11:41:57 +0200
Subject: [PATCH 202/889] New macro PSA_AEAD_TAG_SIZE, use it for
 PSA_AEAD_xxx_OUTPUT_SIZE

---
 include/psa/crypto.h | 29 ++++++++++++++++++++++++-----
 1 file changed, 24 insertions(+), 5 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 7286ef9d8..9806c959d 100755
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1073,6 +1073,25 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
  * @{
  */
 
+/** The tag size for an AEAD algorithm, in bytes.
+ *
+ * \param alg                 An AEAD algorithm
+ *                            (\c PSA_ALG_XXX value such that
+ *                            #PSA_ALG_IS_AEAD(alg) is true).
+ *
+ * \return                    The tag size for the specified algorithm.
+ *                            If the AEAD algorithm does not have an identified
+ *                            tag that can be distinguished from the rest of
+ *                            the ciphertext, return 0.
+ *                            If the AEAD algorithm is not recognized, return 0.
+ *                            An implementation may return either 0 or a
+ *                            correct size for an AEAD algorithm that it
+ *                            recognizes, but does not support.
+ */
+#define PSA_AEAD_TAG_SIZE(alg)             \
+    ((alg) == PSA_ALG_GCM ? 16 :           \
+     (alg) == PSA_ALG_CCM ? 16 :           \
+     0)
 
 /** The maximum size of the output of psa_aead_encrypt(), in bytes.
  *
@@ -1094,8 +1113,8 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
  *                            recognizes, but does not support.
  */
 #define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length)     \
-    ((alg) == PSA_ALG_GCM ? (plaintext_length) + 16 :           \
-     (alg) == PSA_ALG_CCM ? (plaintext_length) + 16 :           \
+    (PSA_AEAD_TAG_SIZE(alg) != 0 ?                              \
+     (plaintext_length) + PSA_AEAD_TAG_SIZE(alg) :              \
      0)
 
 /** Process an authenticated encryption operation.
@@ -1170,9 +1189,9 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
  *                            correct size for an AEAD algorithm that it
  *                            recognizes, but does not support.
  */
-#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length)     \
-    ((alg) == PSA_ALG_GCM ? (ciphertext_length) - 16 :           \
-     (alg) == PSA_ALG_CCM ? (ciphertext_length) - 16 :           \
+#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length)    \
+    (PSA_AEAD_TAG_SIZE(alg) != 0 ?                              \
+     (plaintext_length) - PSA_AEAD_TAG_SIZE(alg) :              \
      0)
 
 /** Process an authenticated decryption operation.

From 154bd95131470b5d58efc60829dbb8d371b8cd63 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 19 Apr 2018 08:38:16 +0200
Subject: [PATCH 203/889] psa_destroy_key: return SUCCESS on an empty slot

Do wipe the slot even if it doesn't contain a key, to erase any metadata.
---
 include/psa/crypto.h | 12 +++++++++++-
 library/psa_crypto.c |  8 +++++---
 2 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index c880586fe..982cca701 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -539,7 +539,17 @@ psa_status_t psa_import_key(psa_key_slot_t key,
                             size_t data_length);
 
 /**
- * \brief Destroy a key.
+ * \brief Destroy a key and restore the slot to its default state.
+ *
+ * This function destroys the content of the key slot from both volatile
+ * memory and, if applicable, non-volatile storage. Implementations shall
+ * make a best effort to ensure that any previous content of the slot is
+ * unrecoverable.
+ *
+ * This function also erases any metadata such as policies. It returns the
+ * specified slot to its default state.
+ *
+ * \param key           The key slot to erase.
  *
  * \retval PSA_SUCCESS
  *         The slot's content, if any, has been erased.
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index b66862c50..deeffa3b8 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -373,9 +373,11 @@ psa_status_t psa_destroy_key(psa_key_slot_t key)
         return( PSA_ERROR_INVALID_ARGUMENT );
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_EMPTY_SLOT );
-
-    if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
+    {
+        /* No key material to clean, but do zeroize the slot below to wipe
+         * metadata such as policies. */
+    }
+    else if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
     {
         mbedtls_free( slot->data.raw.data );
     }

From 3585596aecb48e79d33ade6bccd34d316c203547 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 19 Apr 2018 08:39:16 +0200
Subject: [PATCH 204/889] Document a few more macros

---
 include/psa/crypto.h | 58 +++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 54 insertions(+), 4 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 982cca701..a2ce15665 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -304,15 +304,47 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_VENDOR_FLAG                ((psa_key_type_t)0x80000000)
 
 #define PSA_KEY_TYPE_CATEGORY_MASK              ((psa_key_type_t)0x7e000000)
+/** Raw data.
+ *
+ * A "key" of this type cannot be used for any cryptographic operation.
+ * Applications may use this type to store arbitrary data in the keystore. */
 #define PSA_KEY_TYPE_RAW_DATA                   ((psa_key_type_t)0x02000000)
 #define PSA_KEY_TYPE_CATEGORY_SYMMETRIC         ((psa_key_type_t)0x04000000)
 #define PSA_KEY_TYPE_CATEGORY_ASYMMETRIC        ((psa_key_type_t)0x06000000)
 #define PSA_KEY_TYPE_PAIR_FLAG                  ((psa_key_type_t)0x01000000)
 
+/** HMAC key.
+ *
+ * The key policy determines which underlying hash algorithm the key can be
+ * used for.
+ *
+ * HMAC keys should generally have the same size as the underlying hash.
+ * This size can be calculated with `PSA_HASH_SIZE(alg)` where
+ * `alg` is the HMAC algorithm or the underlying hash algorithm. */
 #define PSA_KEY_TYPE_HMAC                       ((psa_key_type_t)0x02000001)
+/** Key for an cipher, AEAD or MAC algorithm based on the AES block cipher.
+ *
+ * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or
+ * 32 bytes (AES-256).
+ */
 #define PSA_KEY_TYPE_AES                        ((psa_key_type_t)0x04000001)
+/** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES).
+ *
+ * The size of the key can be 8 bytes (single DES), 16 bytes (2-key 3DES) or
+ * 24 bytes (3-key 3DES).
+ *
+ * Note that single DES and 2-key 3DES are weak and strongly
+ * deprecated and should only be used to decrypt legacy data. 3-key 3DES
+ * is weak and deprecated and should only be used in legacy protocols.
+ */
 #define PSA_KEY_TYPE_DES                        ((psa_key_type_t)0x04000002)
+/** Key for an cipher, AEAD or MAC algorithm based on the
+ * Camellia block cipher. */
 #define PSA_KEY_TYPE_CAMELLIA                   ((psa_key_type_t)0x04000003)
+/** Key for the RC4 stream cipher.
+ *
+ * Note that RC4 is weak and deprecated and should only be used in
+ * legacy protocols. */
 #define PSA_KEY_TYPE_ARC4                       ((psa_key_type_t)0x04000004)
 
 /** RSA public key. */
@@ -369,8 +401,14 @@ typedef uint32_t psa_key_type_t;
  * \param type  A cipher key type (value of type #psa_key_type_t).
  *
  * \return      The block size for a block cipher, or 1 for a stream cipher.
- *              The return value is undefined if \c type does not identify
- *              a cipher algorithm.
+ *              The return value is undefined if \c type is not a supported
+ *              cipher key type.
+ *
+ * \note It is possible to build stream cipher algorithms on top of a block
+ *       cipher, for example CTR mode (#PSA_ALG_CTR).
+ *       This macro only takes the key type into account, so it cannot be
+ *       used to determine the size of the data that #psa_cipher_update()
+ *       might buffer for future processing in general.
  *
  * \note This macro returns a compile-time constant if its argument is one.
  *
@@ -451,7 +489,17 @@ typedef uint32_t psa_algorithm_t;
 
 #define PSA_ALG_MAC_SUBCATEGORY_MASK            ((psa_algorithm_t)0x00c00000)
 #define PSA_ALG_HMAC_BASE                       ((psa_algorithm_t)0x02800000)
-#define PSA_ALG_HMAC(hash_alg)                  \
+/** Macro to build an HMAC algorithm.
+ *
+ * For example, `PSA_ALG_HMAC(PSA_ALG_SHA256)` is HMAC-SHA-256.
+ *
+ * \param alg   A hash algorithm (\c PSA_ALG_XXX value such that
+ *              #PSA_ALG_IS_HASH(alg) is true).
+ *
+ * \return      The corresponding HMAC algorithm.
+ * \return      Unspecified if \p alg is not a hash algorithm.
+ */
+#define PSA_ALG_HMAC(hash_alg)                                  \
     (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
 #define PSA_ALG_HMAC_HASH(hmac_alg)                             \
     (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
@@ -817,7 +865,9 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
  * This is also the hash size that psa_hash_verify() expects.
  *
  * \param alg   A hash algorithm (\c PSA_ALG_XXX value such that
- *              #PSA_ALG_IS_HASH(alg) is true).
+ *              #PSA_ALG_IS_HASH(alg) is true), or an HMAC algorithm
+ *              (`PSA_ALG_HMAC(hash_alg)` where `hash_alg` is a
+ *              hash algorithm).
  *
  * \return The hash size for the specified hash algorithm.
  *         If the hash algorithm is not recognized, return 0.

From bb1072f64296de6e13437f37227533f97f5c0dfa Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 8 Jun 2018 18:46:05 +0200
Subject: [PATCH 205/889] Fix use of mbedtls_cipher_info_from_psa

One branch added an extra argument, the other branch added a call of
this function. Pass the extra argument on the code from the other
branch.
---
 library/psa_crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 4d42c8d2b..e4f2a8722 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1411,7 +1411,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
         return( status );
     slot = &global_data.key_slots[key];
 
-    cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits );
+    cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, NULL );
     if( cipher_info == NULL )
         return( PSA_ERROR_NOT_SUPPORTED );
 

From 39e59144f6717e7414d4876bbf58f22084fe6c31 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Wed, 2 May 2018 23:16:26 +0300
Subject: [PATCH 206/889] added support for PKCSv1.5 signature verification and
 encryption/decryption and very basic tests.

---
 library/psa_crypto.c                        | 240 ++++++++++++++++++
 tests/suites/test_suite_psa_crypto.data     |  45 ++++
 tests/suites/test_suite_psa_crypto.function | 262 ++++++++++++++++++++
 3 files changed, 547 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index edb81c435..a18abcd95 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1353,7 +1353,247 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
     }
 }
 
+psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
+                                   psa_algorithm_t alg,
+                                   const uint8_t *hash,
+                                   size_t hash_length,
+                                   const uint8_t *salt,
+                                   size_t salt_length,
+                                   uint8_t *signature,
+                                   size_t signature_size)
+{
+    key_slot_t *slot;
+    (void) salt;
+    (void) salt_length;
 
+    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+        return( PSA_ERROR_EMPTY_SLOT );
+    slot = &global_data.key_slots[key];
+    if( slot->type == PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_EMPTY_SLOT );
+    if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    #if defined(MBEDTLS_RSA_C)
+    if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
+    {
+        mbedtls_rsa_context *rsa = slot->data.rsa;
+        int ret;
+        psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH( alg );
+        const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
+        mbedtls_md_type_t md_alg =
+            hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type( md_info );
+        if( md_alg == MBEDTLS_MD_NONE )
+        {
+#if SIZE_MAX > UINT_MAX
+            if( hash_length > UINT_MAX )
+                return( PSA_ERROR_INVALID_ARGUMENT );
+#endif
+        }
+        else
+        {
+            if( mbedtls_md_get_size( md_info ) != hash_length )
+                return( PSA_ERROR_INVALID_ARGUMENT );
+            if( md_info == NULL )
+                return( PSA_ERROR_NOT_SUPPORTED );
+        }
+        if( signature_size < rsa->len )
+            return( PSA_ERROR_BUFFER_TOO_SMALL );
+#if defined(MBEDTLS_PKCS1_V15)
+        if( PSA_ALG_IS_RSA_PKCS1V15( alg ) )
+        {
+            mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
+                                     MBEDTLS_MD_NONE );
+
+            ret = mbedtls_rsa_pkcs1_verify( rsa,
+                      mbedtls_ctr_drbg_random,
+                      &global_data.ctr_drbg,
+                      MBEDTLS_RSA_PUBLIC,
+                      md_alg,
+                      hash_length,
+                      hash,
+                      signature );
+
+        }
+        else
+#endif /* MBEDTLS_PKCS1_V15 */
+#if defined(MBEDTLS_PKCS1_V21)
+        if( alg == PSA_ALG_RSA_PSS_MGF1 )
+        {
+            return( PSA_ERROR_NOT_SUPPORTED );
+        }
+        else
+#endif /* MBEDTLS_PKCS1_V21 */
+        {
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        }
+        return( mbedtls_to_psa_error( ret ) );
+    }
+    else
+#endif /* defined(MBEDTLS_RSA_C) */
+#if defined(MBEDTLS_ECP_C)
+    if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
+    {
+        // TODO
+        return( PSA_ERROR_NOT_SUPPORTED );
+    }
+    else
+#endif /* defined(MBEDTLS_ECP_C) */
+    {
+        return( PSA_ERROR_NOT_SUPPORTED );
+    }
+}
+
+ 
+psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, 
+                                    psa_algorithm_t alg, 
+                                    const uint8_t *input, 
+                                    size_t input_length, 
+                                    const uint8_t *salt, 
+                                    size_t salt_length, 
+                                    uint8_t *output, 
+                                    size_t output_size, 
+                                    size_t *output_length)
+{
+    key_slot_t *slot;
+    (void) salt;
+    (void) salt_length;
+
+    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+        return( PSA_ERROR_EMPTY_SLOT );
+    slot = &global_data.key_slots[key];
+    if( slot->type == PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_EMPTY_SLOT );
+    if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    // check output size?
+
+#if defined(MBEDTLS_RSA_C)
+    if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
+    {
+        mbedtls_rsa_context *rsa = slot->data.rsa;
+        int ret;
+        if( output_size < rsa->len ) 
+                return( PSA_ERROR_INVALID_ARGUMENT );
+#if defined(MBEDTLS_PKCS1_V15)
+        if( PSA_ALG_IS_RSA_PKCS1V15( alg ) )
+        {
+        ret = mbedtls_rsa_pkcs1_encrypt(  rsa,
+                                        mbedtls_ctr_drbg_random,
+                                        &global_data.ctr_drbg,
+                                        MBEDTLS_RSA_PUBLIC,
+                                        input_length, 
+                                        input,
+                                        output );
+        }
+        else
+#endif /* MBEDTLS_PKCS1_V15 */
+#if defined(MBEDTLS_PKCS1_V21)
+        if( alg == PSA_ALG_RSA_PSS_MGF1 )
+        {
+            return( PSA_ERROR_NOT_SUPPORTED );
+        }
+        else
+#endif /* MBEDTLS_PKCS1_V21 */
+        {
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        }
+        if( ret == 0 )
+            *output_length = rsa->len; // check if this is correct
+        return( mbedtls_to_psa_error( ret ) );
+    }
+#endif
+#if defined(MBEDTLS_ECP_C)
+    if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
+    {
+        // TODO
+        return( PSA_ERROR_NOT_SUPPORTED );
+    }
+    else
+#endif /* defined(MBEDTLS_ECP_C) */
+    {
+        return( PSA_ERROR_NOT_SUPPORTED );
+    }
+
+} 
+
+ 
+psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, 
+                                    psa_algorithm_t alg, 
+                                    const uint8_t *input, 
+                                    size_t input_length, 
+                                    const uint8_t *salt, 
+                                    size_t salt_length, 
+                                    uint8_t *output, 
+                                    size_t output_size, 
+                                    size_t *output_length)
+{
+    key_slot_t *slot;
+    (void) salt;
+    (void) salt_length;
+
+    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+        return( PSA_ERROR_EMPTY_SLOT );
+    slot = &global_data.key_slots[key];
+    if( slot->type == PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_EMPTY_SLOT );
+    if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+#if defined(MBEDTLS_RSA_C)
+    if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
+    {
+        mbedtls_rsa_context *rsa = slot->data.rsa;
+        int ret;
+
+        if( output_size < rsa->len ) 
+            return( PSA_ERROR_INVALID_ARGUMENT );
+
+#if defined(MBEDTLS_PKCS1_V15)
+        if( PSA_ALG_IS_RSA_PKCS1V15( alg ) )
+        {
+            *output_length = input_length; // check this
+            ret = mbedtls_rsa_pkcs1_decrypt(  rsa,
+                                            mbedtls_ctr_drbg_random,
+                                            &global_data.ctr_drbg,
+                                            MBEDTLS_RSA_PRIVATE,
+                                            output_length, 
+                                            input,
+                                            output, 
+                                            output_size );
+        }
+        else
+#endif /* MBEDTLS_PKCS1_V15 */
+#if defined(MBEDTLS_PKCS1_V21)
+        if( alg == PSA_ALG_RSA_PSS_MGF1 )
+        {
+            return( PSA_ERROR_NOT_SUPPORTED );
+        }
+        else
+#endif /* MBEDTLS_PKCS1_V21 */
+        {
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        }
+        if( ret == 0 )
+            *output_length = rsa->len; // check if this is correct
+        return( mbedtls_to_psa_error( ret ) );
+    }
+#endif
+#if defined(MBEDTLS_ECP_C)
+    if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
+    {
+        // TODO
+        return( PSA_ERROR_NOT_SUPPORTED );
+    }
+    else
+#endif /* defined(MBEDTLS_ECP_C) */
+    {
+        return( PSA_ERROR_NOT_SUPPORTED );
+    }
+
+} 
+                    
 
 /****************************************************************/
 /* Key Policy */
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index c3f5f9001..a86f963d5 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -100,6 +100,18 @@ key_policy_fail:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_P
 PSA Key Lifetime set and get volatile
 key_lifetime:PSA_KEY_LIFETIME_VOLATILE
 
+PSA verify RSA PKCS#1 v1.5 signature
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
+
+PSA verify RSA PKCS#1 v1.5 SHA-256 , wrong hash
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT
+
+PSA verify RSA PKCS#1 v1.5 SHA-256 , wrong signature
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
+
 PSA Key Lifetime set fail, invalid key slot
 key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
 
@@ -120,3 +132,36 @@ sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"307802010
 PSA verify ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+
+PSA encrypt using RSA PKCS#1 v1.5
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":128
+
+PSA encrypt using RSA PKCS#1 v1.5
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":128
+
+PSA encrypt using RSA PKCS#1 v1.5 fail ARGUMENTS
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
+
+PSA encrypt using RSA PKCS#1 v1.5 fail wrong key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt using RSA PKCS#1 v1.5
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128
+
+PSA decrypt using RSA PKCS#1 v1.5
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":128
+
+PSA decrypt using RSA PKCS#1 v1.5 fail ARGUMENTS
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt using RSA PKCS#1 v1.5 fail wrong key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
+
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 04a95d4f8..01e0a3fa5 100755
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -573,3 +573,265 @@ exit:
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_verify_fail( int key_type_arg, char *key_hex,
+                         int alg_arg, char *hash_hex, char *signature_hex,
+                          int expected_status_arg )
+{
+
+    int slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key_data = NULL;
+    size_t key_size;
+    unsigned char *hash_data = NULL;
+    size_t hash_size;
+    unsigned char *signature_data = NULL;
+    size_t signature_size;
+    psa_status_t actual_status;
+    psa_status_t expected_status = expected_status_arg;
+
+    key_data = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key_data != NULL );
+    hash_data = unhexify_alloc( hash_hex, &hash_size );
+    TEST_ASSERT( hash_data != NULL );
+    signature_data = unhexify_alloc( signature_hex, &signature_size );
+    TEST_ASSERT( signature_data != NULL );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, key_type,
+                                 key_data, key_size ) == PSA_SUCCESS );
+
+    actual_status = psa_asymmetric_verify( slot, alg,
+                                        hash_data, hash_size,
+                                        NULL, 0,
+                                        signature_data, signature_size );
+
+
+    TEST_ASSERT( actual_status == expected_status );
+
+exit:
+    psa_destroy_key( slot );
+    mbedtls_free( key_data );
+    mbedtls_free( hash_data );
+    mbedtls_free( signature_data );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+
+/* BEGIN_CASE */
+void asymmetric_encrypt( int key_type_arg, char *key_hex,
+                         int alg_arg, char *input_hex,
+                          char *expected_hex, int expected_size )
+{
+    int slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key_data = NULL;
+    size_t key_size;
+    unsigned char *input_data = NULL;
+    size_t input_size;
+    unsigned char *expected_data = NULL;
+    size_t expected_data_size;
+    unsigned char *output = NULL;
+    size_t output_size = 4096;
+    size_t output_length = 0;
+
+    key_data = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key_data != NULL );
+    input_data = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input_data != NULL );
+    expected_data = unhexify_alloc( expected_hex, &expected_data_size );
+    TEST_ASSERT( expected_data != NULL );
+    output = mbedtls_calloc( 1, output_size );
+    TEST_ASSERT( output != NULL );
+    
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, key_type,
+                                 key_data, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_asymmetric_encrypt(slot, alg, 
+                                    input_data, 
+                                    input_size, 
+                                    NULL, 0, 
+                                    output, 
+                                    output_size, 
+                                    &output_length) == PSA_SUCCESS );
+    TEST_ASSERT( ((size_t)expected_size) == output_length );
+    // function uses random internally 
+    //TEST_ASSERT( memcmp( expected_data, output, output_length ) == 0 ); 
+
+exit:
+    psa_destroy_key( slot );
+    mbedtls_free( key_data );
+    mbedtls_free( input_data );
+    mbedtls_free( expected_data );
+    mbedtls_free( output);
+    mbedtls_psa_crypto_free( );
+
+}
+/* END_CASE */
+
+
+/* BEGIN_CASE */
+void asymmetric_encrypt_fail( int key_type_arg, char *key_hex,
+                            int alg_arg, char *input_hex,
+                            int expected_status_arg )
+{
+
+
+    int slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key_data = NULL;
+    size_t key_size;
+    unsigned char *input_data = NULL;
+    size_t input_size;
+    unsigned char *output = NULL;
+    size_t output_size = 4096;
+    size_t output_length = 0;
+    psa_status_t actual_status;
+    psa_status_t expected_status = expected_status_arg;
+
+    key_data = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key_data != NULL );
+    input_data = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input_data != NULL );
+    output = mbedtls_calloc( 1, output_size );
+    TEST_ASSERT( output != NULL );
+    
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, key_type,
+                                 key_data, key_size ) == PSA_SUCCESS );
+
+    actual_status = psa_asymmetric_encrypt(slot, alg, 
+                                    input_data, 
+                                    input_size, 
+                                    NULL, 0, 
+                                    output, 
+                                    output_size, 
+                                    &output_length);
+    TEST_ASSERT( actual_status == expected_status );
+
+exit:
+    psa_destroy_key( slot );
+    mbedtls_free( key_data );
+    mbedtls_free( input_data );
+    mbedtls_free( output);
+    mbedtls_psa_crypto_free( );
+
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_decrypt( int key_type_arg, char *key_hex,
+                         int alg_arg, char *input_hex,
+                         char *expected_hex, int expected_size )
+{
+    int slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key_data = NULL;
+    size_t key_size;
+    unsigned char *input_data = NULL;
+    size_t input_size;
+    unsigned char *expected_data = NULL;
+    size_t expected_data_size;
+    unsigned char *output = NULL;
+    size_t output_size = 4096;
+    size_t output_length = 0;
+
+    key_data = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key_data != NULL );
+    input_data = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input_data != NULL );
+    expected_data = unhexify_alloc( expected_hex, &expected_data_size );
+    TEST_ASSERT( expected_data != NULL );
+    output = mbedtls_calloc( 1, output_size );
+    TEST_ASSERT( output != NULL );
+    
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, key_type,
+                                 key_data, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_asymmetric_decrypt( slot, alg, 
+                                    input_data, 
+                                    input_size, 
+                                    NULL, 0, 
+                                    output, 
+                                    output_size, 
+                                    &output_length) == PSA_SUCCESS );
+    TEST_ASSERT( ((size_t)expected_size) == output_length );
+    TEST_ASSERT( memcmp( expected_data, output, (output_length/8) ) == 0 );
+
+exit:
+    psa_destroy_key( slot );
+    mbedtls_free( key_data );
+    mbedtls_free( input_data );
+    mbedtls_free( expected_data );
+    mbedtls_free( output);
+    mbedtls_psa_crypto_free( );
+
+
+}
+/* END_CASE */
+
+
+/* BEGIN_CASE */
+void asymmetric_decrypt_fail( int key_type_arg, char *key_hex,
+                            int alg_arg, char *input_hex,
+                            int expected_status_arg  )
+{
+
+    int slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key_data = NULL;
+    size_t key_size;
+    unsigned char *input_data = NULL;
+    size_t input_size;
+    unsigned char *output = NULL;
+    size_t output_size = 4096;
+    size_t output_length = 0;
+    psa_status_t actual_status;
+    psa_status_t expected_status = expected_status_arg;
+
+    key_data = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key_data != NULL );
+    input_data = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input_data != NULL );
+    output = mbedtls_calloc( 1, output_size );
+    TEST_ASSERT( output != NULL );
+    
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, key_type,
+                                 key_data, key_size ) == PSA_SUCCESS );
+
+    actual_status = psa_asymmetric_decrypt(slot, alg, 
+                                    input_data, 
+                                    input_size, 
+                                    NULL, 0, 
+                                    output, 
+                                    output_size, 
+                                    &output_length);
+    TEST_ASSERT( actual_status == expected_status );
+
+exit:
+    psa_destroy_key( slot );
+    mbedtls_free( key_data );
+    mbedtls_free( input_data );
+    mbedtls_free( output);
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
\ No newline at end of file

From 0f3bdbddeedee6f224662c19dbd5dea62c4b801d Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Wed, 2 May 2018 23:56:12 +0300
Subject: [PATCH 207/889] change RSA encryption tests compensate for random
 component in encryption.

---
 tests/suites/test_suite_psa_crypto.data     |  4 +-
 tests/suites/test_suite_psa_crypto.function | 77 +++++++++++----------
 2 files changed, 44 insertions(+), 37 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index a86f963d5..d8de1cc59 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -135,11 +135,11 @@ asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3
 
 PSA encrypt using RSA PKCS#1 v1.5
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":128
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
 
 PSA encrypt using RSA PKCS#1 v1.5
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":128
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff"
 
 PSA encrypt using RSA PKCS#1 v1.5 fail ARGUMENTS
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 01e0a3fa5..70e7574a6 100755
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -624,8 +624,7 @@ exit:
 
 /* BEGIN_CASE */
 void asymmetric_encrypt( int key_type_arg, char *key_hex,
-                         int alg_arg, char *input_hex,
-                          char *expected_hex, int expected_size )
+                         int alg_arg, char *input_hex )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -634,44 +633,52 @@ void asymmetric_encrypt( int key_type_arg, char *key_hex,
     size_t key_size;
     unsigned char *input_data = NULL;
     size_t input_size;
-    unsigned char *expected_data = NULL;
-    size_t expected_data_size;
     unsigned char *output = NULL;
     size_t output_size = 4096;
     size_t output_length = 0;
+    unsigned char *output2 = NULL;
+    size_t output2_size = 4096;
+    size_t output2_length = 0;
 
     key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
     input_data = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input_data != NULL );
-    expected_data = unhexify_alloc( expected_hex, &expected_data_size );
-    TEST_ASSERT( expected_data != NULL );
     output = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output != NULL );
-    
+    output2 = mbedtls_calloc( 1, output2_size );
+    TEST_ASSERT( output2 != NULL );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data, key_size ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_asymmetric_encrypt(slot, alg, 
-                                    input_data, 
-                                    input_size, 
-                                    NULL, 0, 
-                                    output, 
-                                    output_size, 
+    //checked using encrypt/decrpyt because of non-optional random 
+    // part of encryption process preventing using fixed vectors
+    TEST_ASSERT( psa_asymmetric_encrypt(slot, alg,
+                                    input_data,
+                                    input_size,
+                                    NULL, 0,
+                                    output,
+                                    output_size,
                                     &output_length) == PSA_SUCCESS );
-    TEST_ASSERT( ((size_t)expected_size) == output_length );
-    // function uses random internally 
-    //TEST_ASSERT( memcmp( expected_data, output, output_length ) == 0 ); 
+
+    TEST_ASSERT( psa_asymmetric_decrypt(slot, alg,
+                                    output,
+                                    output_length,
+                                    NULL, 0,
+                                    output2,
+                                    output2_size,
+                                    &output2_length) == PSA_SUCCESS ); 
+    TEST_ASSERT( memcmp( input_data, output2, input_size ) == 0 );
 
 exit:
     psa_destroy_key( slot );
     mbedtls_free( key_data );
     mbedtls_free( input_data );
-    mbedtls_free( expected_data );
     mbedtls_free( output);
+    mbedtls_free( output2);
     mbedtls_psa_crypto_free( );
 
 }
@@ -711,12 +718,12 @@ void asymmetric_encrypt_fail( int key_type_arg, char *key_hex,
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data, key_size ) == PSA_SUCCESS );
 
-    actual_status = psa_asymmetric_encrypt(slot, alg, 
-                                    input_data, 
-                                    input_size, 
-                                    NULL, 0, 
-                                    output, 
-                                    output_size, 
+    actual_status = psa_asymmetric_encrypt(slot, alg,
+                                    input_data,
+                                    input_size,
+                                    NULL, 0,
+                                    output,
+                                    output_size,
                                     &output_length);
     TEST_ASSERT( actual_status == expected_status );
 
@@ -763,12 +770,12 @@ void asymmetric_decrypt( int key_type_arg, char *key_hex,
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data, key_size ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_asymmetric_decrypt( slot, alg, 
-                                    input_data, 
-                                    input_size, 
-                                    NULL, 0, 
-                                    output, 
-                                    output_size, 
+    TEST_ASSERT( psa_asymmetric_decrypt( slot, alg,
+                                    input_data,
+                                    input_size,
+                                    NULL, 0,
+                                    output,
+                                    output_size,
                                     &output_length) == PSA_SUCCESS );
     TEST_ASSERT( ((size_t)expected_size) == output_length );
     TEST_ASSERT( memcmp( expected_data, output, (output_length/8) ) == 0 );
@@ -818,12 +825,12 @@ void asymmetric_decrypt_fail( int key_type_arg, char *key_hex,
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data, key_size ) == PSA_SUCCESS );
 
-    actual_status = psa_asymmetric_decrypt(slot, alg, 
-                                    input_data, 
-                                    input_size, 
-                                    NULL, 0, 
-                                    output, 
-                                    output_size, 
+    actual_status = psa_asymmetric_decrypt(slot, alg,
+                                    input_data,
+                                    input_size,
+                                    NULL, 0,
+                                    output,
+                                    output_size,
                                     &output_length);
     TEST_ASSERT( actual_status == expected_status );
 

From 7f5a31915b6e80731cbd4504746fcd925a5aab63 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Sun, 6 May 2018 22:26:54 +0300
Subject: [PATCH 208/889] code fixes for internal code review:

1. change to correct error code
2. removed unneeded comment
---
 library/psa_crypto.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index a18abcd95..e24638a3a 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1367,7 +1367,7 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
     (void) salt_length;
 
     if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
-        return( PSA_ERROR_EMPTY_SLOT );
+        return( PSA_ERROR_INVALID_ARGUMENT );
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
@@ -1460,14 +1460,13 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
     (void) salt_length;
 
     if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
-        return( PSA_ERROR_EMPTY_SLOT );
+        return( PSA_ERROR_INVALID_ARGUMENT );
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
     if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    // check output size?
 
 #if defined(MBEDTLS_RSA_C)
     if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )

From 4f594eca401edce71e599bbc28e22f8d177138db Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Tue, 29 May 2018 16:09:13 +0300
Subject: [PATCH 209/889] remove check for key pair (public key should be
 enough for verification)

---
 library/psa_crypto.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index e24638a3a..05df3e32f 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1371,8 +1371,6 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
-    if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
-        return( PSA_ERROR_INVALID_ARGUMENT );
 
     #if defined(MBEDTLS_RSA_C)
     if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )

From a1cac84e833787585fd45d78678a1021c930263a Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 11 Jun 2018 19:33:02 +0200
Subject: [PATCH 210/889] Move AEAD tests just after cipher

Always adding things at the end tends to create merge conflicts.
Adding in the middle in this way makes the order more logical in
addition to avoiding conflicts.
---
 tests/suites/test_suite_psa_crypto.data     |  96 ++--
 tests/suites/test_suite_psa_crypto.function | 472 ++++++++++----------
 2 files changed, 284 insertions(+), 284 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 1af3e5334..d3dc68e63 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -169,6 +169,54 @@ PSA Symmetric encryption + decryption multipart: AES-CBC-PKCS#7 padding, 4+12 by
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
 cipher_verify_output_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4
 
+PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 1
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":"000102030405060708090A0B":PSA_SUCCESS
+
+PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 2
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
+
+PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid key type
+aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
+
+PSA AEAD Encrypt, AES CCM - 23-bytes input
+aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8"
+
+PSA AEAD Encrypt, AES CCM - 24-bytes input
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
+
+PSA AEAD Decrypt, AES CCM - 39-bytes input
+aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS
+
+PSA AEAD Decrypt, AES CCM - 40-bytes input
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD Decrypt, AES CCM - invalid signature
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
+
+PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 1
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":PSA_SUCCESS
+
+PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 2
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
+
+PSA AEAD Encrypt, AES GCM - 128-bytes input - 1
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
+
+PSA AEAD Encrypt, AES GCM - 128-bytes input - 2
+aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56"
+
+PSA AEAD Decrypt, AES GCM - 144-bytes input - 1
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
+
+PSA AEAD Decrypt, AES GCM - 144-bytes input - 2
+aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS
+
+PSA AEAD Decrypt, AES GCM - invalid signature
+aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE
+
+PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
+
 PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw
 signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
 
@@ -236,51 +284,3 @@ sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"307802010
 PSA verify ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
-
-PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 1
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":"000102030405060708090A0B":PSA_SUCCESS
-
-PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 2
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
-
-PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid key type
-aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
-
-PSA AEAD Encrypt, AES CCM - 23-bytes input
-aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8"
-
-PSA AEAD Encrypt, AES CCM - 24-bytes input
-aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
-
-PSA AEAD Decrypt, AES CCM - 39-bytes input
-aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS
-
-PSA AEAD Decrypt, AES CCM - 40-bytes input
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
-
-PSA AEAD Decrypt, AES CCM - invalid signature
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
-
-PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 1
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":PSA_SUCCESS
-
-PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 2
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
-
-PSA AEAD Encrypt, AES GCM - 128-bytes input - 1
-aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
-
-PSA AEAD Encrypt, AES GCM - 128-bytes input - 2
-aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56"
-
-PSA AEAD Decrypt, AES GCM - 144-bytes input - 1
-aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
-
-PSA AEAD Decrypt, AES GCM - 144-bytes input - 2
-aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS
-
-PSA AEAD Decrypt, AES GCM - invalid signature
-aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE
-
-PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index a308cbd18..3905e01d4 100755
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -829,6 +829,242 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
+                int alg_arg, char * input_hex, char * nonce_hex,
+                char * add_data, int expected_result_arg )
+{
+    int slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key_data = NULL;
+    size_t key_size;
+    unsigned char *input_data = NULL;
+    size_t input_size;
+    unsigned char *output_data = NULL;
+    size_t output_size = 0;
+    size_t output_length = 0;
+    unsigned char *output_data2 = NULL;
+    size_t output_length2 = 0;
+    uint8_t* nonce;
+    size_t nonce_length = 16;
+    size_t tag_length = 16;
+    unsigned char *additional_data = NULL;
+    size_t additional_data_length = 0;
+    psa_status_t expected_result = (psa_status_t) expected_result_arg;
+    psa_key_policy_t policy = {0};
+
+
+    key_data = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key_data != NULL );
+    input_data = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input_data != NULL );
+    additional_data = unhexify_alloc( add_data, &additional_data_length );
+    TEST_ASSERT( input_data != NULL );
+    output_size = input_size + tag_length;
+    output_data = mbedtls_calloc( 1, output_size );
+    TEST_ASSERT( output_data != NULL );
+    nonce = unhexify_alloc( nonce_hex, &nonce_length );
+    TEST_ASSERT( nonce != NULL );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT , alg );
+
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, key_type,
+                                 key_data, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_aead_encrypt( slot, alg,
+                               nonce, nonce_length,
+                               additional_data, additional_data_length,
+                               input_data, input_size, output_data,
+                               output_size, &output_length ) == expected_result );
+
+    if( PSA_SUCCESS == expected_result )
+    {
+        output_data2 = mbedtls_calloc( 1, output_length );
+        TEST_ASSERT( output_data2 != NULL );
+
+        TEST_ASSERT( psa_aead_decrypt( slot, alg,
+                                nonce, nonce_length,
+                                additional_data, additional_data_length,
+                                output_data, output_length, output_data2,
+                                output_length, &output_length2 ) == expected_result );
+        
+
+        TEST_ASSERT( memcmp( input_data, output_data2,
+                                input_size ) == 0 );
+    }
+    
+
+exit:
+    psa_destroy_key( slot );
+    mbedtls_free( key_data );
+    mbedtls_free( input_data );
+    mbedtls_free( additional_data );
+    mbedtls_free( output_data );
+    mbedtls_free( output_data2 );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aead_encrypt( int key_type_arg, char * key_hex,
+                int alg_arg, char * input_hex,
+                char * add_data, char * nonce_hex,
+                char * expected_result_hex )
+{
+    int slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key_data = NULL;
+    size_t key_size;
+    unsigned char *input_data = NULL;
+    size_t input_size;
+    unsigned char *output_data = NULL;
+    size_t output_size = 0;
+    size_t output_length = 0;
+    unsigned char *expected_result = NULL;
+    size_t expected_result_length = 0;
+    uint8_t* nonce = NULL;
+    size_t nonce_length = 0;
+    size_t tag_length = 16;
+    unsigned char *additional_data = NULL;
+    size_t additional_data_length = 0;
+    psa_key_policy_t policy = {0};
+
+
+    key_data = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key_data != NULL );
+    input_data = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input_data != NULL );
+    additional_data = unhexify_alloc( add_data, &additional_data_length );
+    TEST_ASSERT( input_data != NULL );
+    output_size = input_size + tag_length;
+    output_data = mbedtls_calloc( 1, output_size );
+    TEST_ASSERT( output_data != NULL );
+    nonce = unhexify_alloc( nonce_hex, &nonce_length );
+    TEST_ASSERT( nonce != NULL );
+    expected_result = unhexify_alloc( expected_result_hex, &expected_result_length );
+    TEST_ASSERT( expected_result != NULL );
+    
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg );
+
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, key_type,
+                                 key_data, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_aead_encrypt( slot, alg,
+                               nonce, nonce_length,
+                               additional_data, additional_data_length,
+                               input_data, input_size, output_data,
+                               output_size, &output_length ) == PSA_SUCCESS );
+
+
+    TEST_ASSERT( memcmp( output_data, expected_result,
+                                output_length ) == 0 );
+    
+
+exit:
+    psa_destroy_key( slot );
+    mbedtls_free( key_data );
+    mbedtls_free( input_data );
+    mbedtls_free( additional_data );
+    mbedtls_free( output_data );
+    mbedtls_free( nonce );
+    mbedtls_free( expected_result );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aead_decrypt( int key_type_arg, char * key_hex,
+                int alg_arg, char * input_hex,
+                char * add_data, char * nonce_hex,
+                char * expected_result_hex, int expected_result_arg )
+{
+    int slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    unsigned char *key_data = NULL;
+    size_t key_size;
+    unsigned char *input_data = NULL;
+    size_t input_size;
+    unsigned char *output_data = NULL;
+    size_t output_size = 0;
+    size_t output_length = 0;
+    unsigned char *expected_data = NULL;
+    size_t expected_result_length = 0;
+    uint8_t* nonce = NULL;
+    size_t nonce_length = 0;
+    size_t tag_length = 16;
+    unsigned char *additional_data = NULL;
+    size_t additional_data_length = 0;
+    psa_key_policy_t policy = {0};
+    psa_status_t expected_result = (psa_status_t) expected_result_arg;
+
+
+    key_data = unhexify_alloc( key_hex, &key_size );
+    TEST_ASSERT( key_data != NULL );
+    input_data = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( input_data != NULL );
+    additional_data = unhexify_alloc( add_data, &additional_data_length );
+    TEST_ASSERT( input_data != NULL );
+    output_size = input_size + tag_length;
+    output_data = mbedtls_calloc( 1, output_size );
+    TEST_ASSERT( output_data != NULL );
+    nonce = unhexify_alloc( nonce_hex, &nonce_length );
+    TEST_ASSERT( nonce != NULL );
+    expected_data = unhexify_alloc( expected_result_hex, &expected_result_length );
+    TEST_ASSERT( expected_data != NULL );
+    
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg );
+
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, key_type,
+                                 key_data, key_size ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_aead_decrypt( slot, alg,
+                               nonce, nonce_length,
+                               additional_data, additional_data_length,
+                               input_data, input_size, output_data,
+                               output_size, &output_length ) == expected_result );
+
+
+    if ( expected_result == PSA_SUCCESS )
+    {
+        TEST_ASSERT( memcmp( output_data, expected_data,
+                                    output_length ) == 0 );
+    }
+
+    
+
+exit:
+    psa_destroy_key( slot );
+    mbedtls_free( key_data );
+    mbedtls_free( input_data );
+    mbedtls_free( additional_data );
+    mbedtls_free( output_data );
+    mbedtls_free( nonce );
+    mbedtls_free( expected_data );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg )
 {
@@ -1142,239 +1378,3 @@ exit:
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
-
-/* BEGIN_CASE */
-void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
-                int alg_arg, char * input_hex, char * nonce_hex,
-                char * add_data, int expected_result_arg )
-{
-    int slot = 1;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    unsigned char *key_data = NULL;
-    size_t key_size;
-    unsigned char *input_data = NULL;
-    size_t input_size;
-    unsigned char *output_data = NULL;
-    size_t output_size = 0;
-    size_t output_length = 0;
-    unsigned char *output_data2 = NULL;
-    size_t output_length2 = 0;
-    uint8_t* nonce;
-    size_t nonce_length = 16;
-    size_t tag_length = 16;
-    unsigned char *additional_data = NULL;
-    size_t additional_data_length = 0;
-    psa_status_t expected_result = (psa_status_t) expected_result_arg;
-    psa_key_policy_t policy = {0};
-
-
-    key_data = unhexify_alloc( key_hex, &key_size );
-    TEST_ASSERT( key_data != NULL );
-    input_data = unhexify_alloc( input_hex, &input_size );
-    TEST_ASSERT( input_data != NULL );
-    additional_data = unhexify_alloc( add_data, &additional_data_length );
-    TEST_ASSERT( input_data != NULL );
-    output_size = input_size + tag_length;
-    output_data = mbedtls_calloc( 1, output_size );
-    TEST_ASSERT( output_data != NULL );
-    nonce = unhexify_alloc( nonce_hex, &nonce_length );
-    TEST_ASSERT( nonce != NULL );
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT , alg );
-
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data, key_size ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_aead_encrypt( slot, alg,
-                               nonce, nonce_length,
-                               additional_data, additional_data_length,
-                               input_data, input_size, output_data,
-                               output_size, &output_length ) == expected_result );
-
-    if( PSA_SUCCESS == expected_result )
-    {
-        output_data2 = mbedtls_calloc( 1, output_length );
-        TEST_ASSERT( output_data2 != NULL );
-
-        TEST_ASSERT( psa_aead_decrypt( slot, alg,
-                                nonce, nonce_length,
-                                additional_data, additional_data_length,
-                                output_data, output_length, output_data2,
-                                output_length, &output_length2 ) == expected_result );
-        
-
-        TEST_ASSERT( memcmp( input_data, output_data2,
-                                input_size ) == 0 );
-    }
-    
-
-exit:
-    psa_destroy_key( slot );
-    mbedtls_free( key_data );
-    mbedtls_free( input_data );
-    mbedtls_free( additional_data );
-    mbedtls_free( output_data );
-    mbedtls_free( output_data2 );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void aead_encrypt( int key_type_arg, char * key_hex,
-                int alg_arg, char * input_hex,
-                char * add_data, char * nonce_hex,
-                char * expected_result_hex )
-{
-    int slot = 1;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    unsigned char *key_data = NULL;
-    size_t key_size;
-    unsigned char *input_data = NULL;
-    size_t input_size;
-    unsigned char *output_data = NULL;
-    size_t output_size = 0;
-    size_t output_length = 0;
-    unsigned char *expected_result = NULL;
-    size_t expected_result_length = 0;
-    uint8_t* nonce = NULL;
-    size_t nonce_length = 0;
-    size_t tag_length = 16;
-    unsigned char *additional_data = NULL;
-    size_t additional_data_length = 0;
-    psa_key_policy_t policy = {0};
-
-
-    key_data = unhexify_alloc( key_hex, &key_size );
-    TEST_ASSERT( key_data != NULL );
-    input_data = unhexify_alloc( input_hex, &input_size );
-    TEST_ASSERT( input_data != NULL );
-    additional_data = unhexify_alloc( add_data, &additional_data_length );
-    TEST_ASSERT( input_data != NULL );
-    output_size = input_size + tag_length;
-    output_data = mbedtls_calloc( 1, output_size );
-    TEST_ASSERT( output_data != NULL );
-    nonce = unhexify_alloc( nonce_hex, &nonce_length );
-    TEST_ASSERT( nonce != NULL );
-    expected_result = unhexify_alloc( expected_result_hex, &expected_result_length );
-    TEST_ASSERT( expected_result != NULL );
-    
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg );
-
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data, key_size ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_aead_encrypt( slot, alg,
-                               nonce, nonce_length,
-                               additional_data, additional_data_length,
-                               input_data, input_size, output_data,
-                               output_size, &output_length ) == PSA_SUCCESS );
-
-
-    TEST_ASSERT( memcmp( output_data, expected_result,
-                                output_length ) == 0 );
-    
-
-exit:
-    psa_destroy_key( slot );
-    mbedtls_free( key_data );
-    mbedtls_free( input_data );
-    mbedtls_free( additional_data );
-    mbedtls_free( output_data );
-    mbedtls_free( nonce );
-    mbedtls_free( expected_result );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void aead_decrypt( int key_type_arg, char * key_hex,
-                int alg_arg, char * input_hex,
-                char * add_data, char * nonce_hex,
-                char * expected_result_hex, int expected_result_arg )
-{
-    int slot = 1;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    unsigned char *key_data = NULL;
-    size_t key_size;
-    unsigned char *input_data = NULL;
-    size_t input_size;
-    unsigned char *output_data = NULL;
-    size_t output_size = 0;
-    size_t output_length = 0;
-    unsigned char *expected_data = NULL;
-    size_t expected_result_length = 0;
-    uint8_t* nonce = NULL;
-    size_t nonce_length = 0;
-    size_t tag_length = 16;
-    unsigned char *additional_data = NULL;
-    size_t additional_data_length = 0;
-    psa_key_policy_t policy = {0};
-    psa_status_t expected_result = (psa_status_t) expected_result_arg;
-
-
-    key_data = unhexify_alloc( key_hex, &key_size );
-    TEST_ASSERT( key_data != NULL );
-    input_data = unhexify_alloc( input_hex, &input_size );
-    TEST_ASSERT( input_data != NULL );
-    additional_data = unhexify_alloc( add_data, &additional_data_length );
-    TEST_ASSERT( input_data != NULL );
-    output_size = input_size + tag_length;
-    output_data = mbedtls_calloc( 1, output_size );
-    TEST_ASSERT( output_data != NULL );
-    nonce = unhexify_alloc( nonce_hex, &nonce_length );
-    TEST_ASSERT( nonce != NULL );
-    expected_data = unhexify_alloc( expected_result_hex, &expected_result_length );
-    TEST_ASSERT( expected_data != NULL );
-    
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg );
-
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data, key_size ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_aead_decrypt( slot, alg,
-                               nonce, nonce_length,
-                               additional_data, additional_data_length,
-                               input_data, input_size, output_data,
-                               output_size, &output_length ) == expected_result );
-
-
-    if ( expected_result == PSA_SUCCESS )
-    {
-        TEST_ASSERT( memcmp( output_data, expected_data,
-                                    output_length ) == 0 );
-    }
-
-    
-
-exit:
-    psa_destroy_key( slot );
-    mbedtls_free( key_data );
-    mbedtls_free( input_data );
-    mbedtls_free( additional_data );
-    mbedtls_free( output_data );
-    mbedtls_free( nonce );
-    mbedtls_free( expected_data );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */

From 6afe789d4c16e1e22010290719cdf0af513e8315 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 31 May 2018 13:16:08 +0200
Subject: [PATCH 211/889] Finish renaming around PSA_ALG_IS_RSA_PKCS1V15

Now the code compiles. Some OAEP and PSS macros may still need to be fixed.
---
 library/psa_crypto.c                    |  6 +++---
 tests/suites/test_suite_psa_crypto.data | 18 +++++++++---------
 2 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 05df3e32f..c9562d346 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1398,7 +1398,7 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
         if( signature_size < rsa->len )
             return( PSA_ERROR_BUFFER_TOO_SMALL );
 #if defined(MBEDTLS_PKCS1_V15)
-        if( PSA_ALG_IS_RSA_PKCS1V15( alg ) )
+        if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
         {
             mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
                                      MBEDTLS_MD_NONE );
@@ -1474,7 +1474,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
         if( output_size < rsa->len ) 
                 return( PSA_ERROR_INVALID_ARGUMENT );
 #if defined(MBEDTLS_PKCS1_V15)
-        if( PSA_ALG_IS_RSA_PKCS1V15( alg ) )
+        if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT )
         {
         ret = mbedtls_rsa_pkcs1_encrypt(  rsa,
                                         mbedtls_ctr_drbg_random,
@@ -1548,7 +1548,7 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
             return( PSA_ERROR_INVALID_ARGUMENT );
 
 #if defined(MBEDTLS_PKCS1_V15)
-        if( PSA_ALG_IS_RSA_PKCS1V15( alg ) )
+        if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT )
         {
             *output_length = input_length; // check this
             ret = mbedtls_rsa_pkcs1_decrypt(  rsa,
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index d8de1cc59..97a7038a4 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -102,15 +102,15 @@ key_lifetime:PSA_KEY_LIFETIME_VOLATILE
 
 PSA verify RSA PKCS#1 v1.5 signature
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
+asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
 
 PSA verify RSA PKCS#1 v1.5 SHA-256 , wrong hash
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT
+asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT
 
 PSA verify RSA PKCS#1 v1.5 SHA-256 , wrong signature
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
+asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
 
 PSA Key Lifetime set fail, invalid key slot
 key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
@@ -135,11 +135,11 @@ asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3
 
 PSA encrypt using RSA PKCS#1 v1.5
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
 
 PSA encrypt using RSA PKCS#1 v1.5
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff"
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff"
 
 PSA encrypt using RSA PKCS#1 v1.5 fail ARGUMENTS
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
@@ -147,15 +147,15 @@ asymmetric_encrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d39
 
 PSA encrypt using RSA PKCS#1 v1.5 fail wrong key
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
+asymmetric_encrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
 
 PSA decrypt using RSA PKCS#1 v1.5
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128
 
 PSA decrypt using RSA PKCS#1 v1.5
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":128
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":128
 
 PSA decrypt using RSA PKCS#1 v1.5 fail ARGUMENTS
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
@@ -163,5 +163,5 @@ asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d39
 
 PSA decrypt using RSA PKCS#1 v1.5 fail wrong key
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_RAW:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
+asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
 

From 5b051bc608dc99cd77200d614c4c177a9096aa66 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 31 May 2018 13:25:48 +0200
Subject: [PATCH 212/889] Remove trailing whitespace

Only horizontal whitespace changes in this commit.
---
 library/psa_crypto.c                        | 68 ++++++++++-----------
 tests/suites/test_suite_psa_crypto.function | 44 +++++++------
 2 files changed, 58 insertions(+), 54 deletions(-)
 mode change 100755 => 100644 tests/suites/test_suite_psa_crypto.function

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c9562d346..69854c765 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1442,15 +1442,15 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
     }
 }
 
- 
-psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key, 
-                                    psa_algorithm_t alg, 
-                                    const uint8_t *input, 
-                                    size_t input_length, 
-                                    const uint8_t *salt, 
-                                    size_t salt_length, 
-                                    uint8_t *output, 
-                                    size_t output_size, 
+
+psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
+                                    psa_algorithm_t alg,
+                                    const uint8_t *input,
+                                    size_t input_length,
+                                    const uint8_t *salt,
+                                    size_t salt_length,
+                                    uint8_t *output,
+                                    size_t output_size,
                                     size_t *output_length)
 {
     key_slot_t *slot;
@@ -1471,7 +1471,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
     {
         mbedtls_rsa_context *rsa = slot->data.rsa;
         int ret;
-        if( output_size < rsa->len ) 
+        if( output_size < rsa->len )
                 return( PSA_ERROR_INVALID_ARGUMENT );
 #if defined(MBEDTLS_PKCS1_V15)
         if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT )
@@ -1480,7 +1480,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
                                         mbedtls_ctr_drbg_random,
                                         &global_data.ctr_drbg,
                                         MBEDTLS_RSA_PUBLIC,
-                                        input_length, 
+                                        input_length,
                                         input,
                                         output );
         }
@@ -1513,17 +1513,17 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
         return( PSA_ERROR_NOT_SUPPORTED );
     }
 
-} 
+}
 
- 
-psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key, 
-                                    psa_algorithm_t alg, 
-                                    const uint8_t *input, 
-                                    size_t input_length, 
-                                    const uint8_t *salt, 
-                                    size_t salt_length, 
-                                    uint8_t *output, 
-                                    size_t output_size, 
+
+psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
+                                    psa_algorithm_t alg,
+                                    const uint8_t *input,
+                                    size_t input_length,
+                                    const uint8_t *salt,
+                                    size_t salt_length,
+                                    uint8_t *output,
+                                    size_t output_size,
                                     size_t *output_length)
 {
     key_slot_t *slot;
@@ -1544,7 +1544,7 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
         mbedtls_rsa_context *rsa = slot->data.rsa;
         int ret;
 
-        if( output_size < rsa->len ) 
+        if( output_size < rsa->len )
             return( PSA_ERROR_INVALID_ARGUMENT );
 
 #if defined(MBEDTLS_PKCS1_V15)
@@ -1555,9 +1555,9 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
                                             mbedtls_ctr_drbg_random,
                                             &global_data.ctr_drbg,
                                             MBEDTLS_RSA_PRIVATE,
-                                            output_length, 
+                                            output_length,
                                             input,
-                                            output, 
+                                            output,
                                             output_size );
         }
         else
@@ -1589,8 +1589,8 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
         return( PSA_ERROR_NOT_SUPPORTED );
     }
 
-} 
-                    
+}
+
 
 /****************************************************************/
 /* Key Policy */
@@ -1626,13 +1626,13 @@ psa_status_t psa_set_key_policy(psa_key_slot_t key,
 
     if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT || policy == NULL )
         return( PSA_ERROR_INVALID_ARGUMENT );
-    
+
     slot = &global_data.key_slots[key];
     if( slot->type != PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_OCCUPIED_SLOT );
 
-    if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT 
-                        | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN 
+    if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT
+                        | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN
                         | PSA_KEY_USAGE_VERIFY ) ) != 0 )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
@@ -1650,7 +1650,7 @@ psa_status_t psa_get_key_policy(psa_key_slot_t key,
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     slot = &global_data.key_slots[key];
-    
+
     *policy = slot->policy;
 
     return( PSA_SUCCESS );
@@ -1671,7 +1671,7 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     slot = &global_data.key_slots[key];
-    
+
     *lifetime = slot->lifetime;
 
     return( PSA_SUCCESS );
@@ -1685,8 +1685,8 @@ psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
     if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    if( lifetime != PSA_KEY_LIFETIME_VOLATILE && 
-        lifetime != PSA_KEY_LIFETIME_PERSISTENT && 
+    if( lifetime != PSA_KEY_LIFETIME_VOLATILE &&
+        lifetime != PSA_KEY_LIFETIME_PERSISTENT &&
         lifetime != PSA_KEY_LIFETIME_WRITE_ONCE)
         return( PSA_ERROR_INVALID_ARGUMENT );
 
@@ -1696,7 +1696,7 @@ psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
 
     if ( lifetime != PSA_KEY_LIFETIME_VOLATILE )
         return( PSA_ERROR_NOT_SUPPORTED );
-        
+
     slot->lifetime = lifetime;
 
     return( PSA_SUCCESS );
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
old mode 100755
new mode 100644
index 70e7574a6..b6ba9b47b
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -84,7 +84,7 @@ void import_export( char *hex, int type_arg,
 
     psa_key_policy_init( &policy );
 
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT,
                               PSA_ALG_VENDOR_FLAG );
 
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
@@ -400,10 +400,9 @@ void key_policy( int usage_arg, int alg_arg )
     unsigned char key[32] = {0};
     psa_key_policy_t policy_set = {0};
     psa_key_policy_t policy_get = {0};
-        
 
     memset( key, 0x2a, sizeof( key ) );
- 
+
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init(& policy_set );
@@ -425,9 +424,6 @@ void key_policy( int usage_arg, int alg_arg )
     TEST_ASSERT( policy_get.usage == policy_set.usage );
     TEST_ASSERT( policy_get.alg == policy_set.alg );
 
-    
-
-
 exit:
     psa_destroy_key( key_slot );
     mbedtls_psa_crypto_free( );
@@ -443,7 +439,7 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key
     size_t signature_length = 0;
     psa_key_policy_t policy = {0};
     int actual_status = PSA_SUCCESS;
- 
+
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
@@ -458,11 +454,11 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key
         TEST_ASSERT( keypair != NULL );
         TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
                                 keypair, key_size ) == PSA_SUCCESS );
-        actual_status = psa_asymmetric_sign( key_slot, 
-                        ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0, 
+        actual_status = psa_asymmetric_sign( key_slot,
+                        ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0,
                         NULL, 0, &signature_length );
     }
-    
+
     if( usage_arg & PSA_KEY_USAGE_SIGN )
     {
         keypair = unhexify_alloc( key_hex, &key_size );
@@ -489,21 +485,29 @@ void key_lifetime( int lifetime_arg )
     unsigned char key[32] = {0};
     psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
     psa_key_lifetime_t lifetime_get;
+
     memset( key, 0x2a, sizeof( key ) );
+
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_set_key_lifetime( key_slot, 
+
+    TEST_ASSERT( psa_set_key_lifetime( key_slot,
                                  lifetime_set ) == PSA_SUCCESS );
+
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key, sizeof( key ) ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_get_key_lifetime( key_slot, 
+
+    TEST_ASSERT( psa_get_key_lifetime( key_slot,
                                  &lifetime_get ) == PSA_SUCCESS );
-    TEST_ASSERT( lifetime_get == lifetime_set ); 
+
+    TEST_ASSERT( lifetime_get == lifetime_set );
+
 exit:
     psa_destroy_key( key_slot );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
 
+
 /* BEGIN_CASE */
 void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_status_arg )
 {
@@ -518,7 +522,7 @@ void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_sta
 
     if( actual_status == PSA_SUCCESS )
         actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set );
-    
+
     TEST_ASSERT( expected_status == actual_status );
 
 exit:
@@ -654,7 +658,7 @@ void asymmetric_encrypt( int key_type_arg, char *key_hex,
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data, key_size ) == PSA_SUCCESS );
 
-    //checked using encrypt/decrpyt because of non-optional random 
+    //checked using encrypt/decrpyt because of non-optional random
     // part of encryption process preventing using fixed vectors
     TEST_ASSERT( psa_asymmetric_encrypt(slot, alg,
                                     input_data,
@@ -670,7 +674,7 @@ void asymmetric_encrypt( int key_type_arg, char *key_hex,
                                     NULL, 0,
                                     output2,
                                     output2_size,
-                                    &output2_length) == PSA_SUCCESS ); 
+                                    &output2_length) == PSA_SUCCESS );
     TEST_ASSERT( memcmp( input_data, output2, input_size ) == 0 );
 
 exit:
@@ -711,7 +715,7 @@ void asymmetric_encrypt_fail( int key_type_arg, char *key_hex,
     TEST_ASSERT( input_data != NULL );
     output = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output != NULL );
-    
+
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -763,7 +767,7 @@ void asymmetric_decrypt( int key_type_arg, char *key_hex,
     TEST_ASSERT( expected_data != NULL );
     output = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output != NULL );
-    
+
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -818,7 +822,7 @@ void asymmetric_decrypt_fail( int key_type_arg, char *key_hex,
     TEST_ASSERT( input_data != NULL );
     output = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output != NULL );
-    
+
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -841,4 +845,4 @@ exit:
     mbedtls_free( output);
     mbedtls_psa_crypto_free( );
 }
-/* END_CASE */
\ No newline at end of file
+/* END_CASE */

From 723feffe159b7eacbab7272bc55f429bf726648a Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 31 May 2018 20:08:13 +0200
Subject: [PATCH 213/889] Fix some errors in PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE

A call to PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE wouldn't even have
compiled. Fix some obvious errors. This is still untested.
---
 include/psa/crypto.h | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index c0b318776..084049430 100755
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1368,11 +1368,13 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
     (PSA_KEY_TYPE_IS_RSA(key_type) ?                                    \
      ((void)alg, PSA_BITS_TO_BYTES(key_bits)) :                         \
      0)
-#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg) \
+#define PSA_RSA_MINIMUM_PADDING_SIZE(alg)                               \
+    (PSA_ALG_IS_RSA_OAEP_MGF1(alg) ?                                    \
+     2 * PSA_HASH_FINAL_SIZE(PSA_ALG_RSA_GET_HASH(alg)) + 1 :           \
+     11 /*PKCS#1v1.5*/)
+#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg)     \
     (PSA_KEY_TYPE_IS_RSA(key_type) ?                                    \
-     PSA_BITS_TO_BYTES(key_bits) - ((alg) == PSA_ALG_IS_RSA_OAEP_MGF1 ? \
-                                    2 * (PSA_ALG_RSA_GET_HASH(alg) + 1) : \
-                                    11 /*PKCS#1v1.5*/) :                \
+     PSA_BITS_TO_BYTES(key_bits) - PSA_RSA_MINIMUM_PADDING_SIZE(alg) :  \
      0)
 
 /**

From 72eca16afe60edda0113f92f0f6d1b654e4bdc21 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Mon, 4 Jun 2018 16:19:38 +0300
Subject: [PATCH 214/889] Fix scenario test names

1. make all names unique
2. fix spacing issue in names
---
 tests/suites/test_suite_psa_crypto.data | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 97a7038a4..64f5431d3 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -104,11 +104,11 @@ PSA verify RSA PKCS#1 v1.5 signature
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
 
-PSA verify RSA PKCS#1 v1.5 SHA-256 , wrong hash
+PSA verify RSA PKCS#1 v1.5 SHA-256, wrong hash
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT
 
-PSA verify RSA PKCS#1 v1.5 SHA-256 , wrong signature
+PSA verify RSA PKCS#1 v1.5 SHA-256, wrong signature
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
 
@@ -133,35 +133,35 @@ PSA verify ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
-PSA encrypt using RSA PKCS#1 v1.5
+PSA encrypt using RSA PKCS#1 v1.5 vector #1
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
 
-PSA encrypt using RSA PKCS#1 v1.5
+PSA encrypt using RSA PKCS#1 v1.5 vector #2
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff"
 
-PSA encrypt using RSA PKCS#1 v1.5 fail ARGUMENTS
+PSA encrypt using RSA PKCS#1 v1.5 fail - invalid algorithm
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
 
-PSA encrypt using RSA PKCS#1 v1.5 fail wrong key
+PSA encrypt using RSA PKCS#1 v1.5 fail - mangled key and incorrect key type
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
 
-PSA decrypt using RSA PKCS#1 v1.5
+PSA decrypt using RSA PKCS#1 v1.5 vector #1
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128
 
-PSA decrypt using RSA PKCS#1 v1.5
+PSA decrypt using RSA PKCS#1 v1.5 vector #2
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":128
 
-PSA decrypt using RSA PKCS#1 v1.5 fail ARGUMENTS
+PSA decrypt using RSA PKCS#1 v1.5 fail - invalid algorithm
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
 
-PSA decrypt using RSA PKCS#1 v1.5 fail wrong key
+PSA decrypt using RSA PKCS#1 v1.5 fail - mangled key and incorrect key type
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
 

From 553b8f39e95ce60f1c1087c310aa5ce65da760db Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Mon, 4 Jun 2018 16:20:59 +0300
Subject: [PATCH 215/889] Fix test data

test data used incorrect clear-text length.
---
 tests/suites/test_suite_psa_crypto.data | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 64f5431d3..72ddbc066 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -151,11 +151,11 @@ asymmetric_encrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb7
 
 PSA decrypt using RSA PKCS#1 v1.5 vector #1
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":32
 
 PSA decrypt using RSA PKCS#1 v1.5 vector #2
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":128
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":34
 
 PSA decrypt using RSA PKCS#1 v1.5 fail - invalid algorithm
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15

From d70bc48630f6ded3c11daf350e066f94b1d96dc2 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Mon, 4 Jun 2018 16:31:13 +0300
Subject: [PATCH 216/889] Fix test output size

1. set output size to safe value
2. set output size correctly
3. check correct length of actual output
---
 tests/suites/test_suite_psa_crypto.function | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index b6ba9b47b..caa0abd0b 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -638,14 +638,16 @@ void asymmetric_encrypt( int key_type_arg, char *key_hex,
     unsigned char *input_data = NULL;
     size_t input_size;
     unsigned char *output = NULL;
-    size_t output_size = 4096;
+    size_t output_size = 0;
     size_t output_length = 0;
     unsigned char *output2 = NULL;
-    size_t output2_size = 4096;
+    size_t output2_size = 0;
     size_t output2_length = 0;
 
     key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
+    output_size = key_size;
+    output2_size = key_size;
     input_data = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input_data != NULL );
     output = mbedtls_calloc( 1, output_size );
@@ -704,19 +706,19 @@ void asymmetric_encrypt_fail( int key_type_arg, char *key_hex,
     unsigned char *input_data = NULL;
     size_t input_size;
     unsigned char *output = NULL;
-    size_t output_size = 4096;
+    size_t output_size = 0;
     size_t output_length = 0;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
 
     key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
+    output_size = key_size;
     input_data = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input_data != NULL );
     output = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output != NULL );
 
-
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
@@ -756,11 +758,13 @@ void asymmetric_decrypt( int key_type_arg, char *key_hex,
     unsigned char *expected_data = NULL;
     size_t expected_data_size;
     unsigned char *output = NULL;
-    size_t output_size = 4096;
+    size_t output_size = 0;
     size_t output_length = 0;
+    psa_key_policy_t policy = {0};
 
     key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
+    output_size = key_size;
     input_data = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input_data != NULL );
     expected_data = unhexify_alloc( expected_hex, &expected_data_size );
@@ -768,7 +772,6 @@ void asymmetric_decrypt( int key_type_arg, char *key_hex,
     output = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output != NULL );
 
-
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
@@ -782,7 +785,7 @@ void asymmetric_decrypt( int key_type_arg, char *key_hex,
                                     output_size,
                                     &output_length) == PSA_SUCCESS );
     TEST_ASSERT( ((size_t)expected_size) == output_length );
-    TEST_ASSERT( memcmp( expected_data, output, (output_length/8) ) == 0 );
+    TEST_ASSERT( memcmp( expected_data, output, (output_length) ) == 0 );
 
 exit:
     psa_destroy_key( slot );
@@ -811,19 +814,19 @@ void asymmetric_decrypt_fail( int key_type_arg, char *key_hex,
     unsigned char *input_data = NULL;
     size_t input_size;
     unsigned char *output = NULL;
-    size_t output_size = 4096;
+    size_t output_size = 0;
     size_t output_length = 0;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
 
     key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
+    output_size = key_size;
     input_data = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input_data != NULL );
     output = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output != NULL );
 
-
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,

From 717a040df55a8db0d6526b19b8d1ebef3dfbc18e Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Mon, 4 Jun 2018 16:36:15 +0300
Subject: [PATCH 217/889] Remove duplicate / unneeded code

1. remove duplicate function introduced by re-base
2. remove unneeded code
---
 library/psa_crypto.c | 46 ++------------------------------------------
 1 file changed, 2 insertions(+), 44 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 69854c765..4913adfed 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1313,46 +1313,6 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
     }
 }
 
-psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
-                                    psa_algorithm_t alg,
-                                    const uint8_t *hash,
-                                    size_t hash_length,
-                                    const uint8_t *salt,
-                                    size_t salt_length,
-                                    uint8_t *signature,
-                                    size_t signature_size )
-{
-    key_slot_t *slot;
-    (void) salt;
-    (void) salt_length;
-
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    slot = &global_data.key_slots[key];
-    if( slot->type == PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_EMPTY_SLOT );
-    if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    if( !( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) )
-        return( PSA_ERROR_NOT_PERMITTED );
-
-#if defined(MBEDTLS_ECP_C)
-    if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
-    {
-        mbedtls_ecp_keypair *ecdsa = slot->data.ecp;
-        int ret;
-        (void) alg;
-        ret = mbedtls_ecdsa_read_signature( ecdsa, hash, hash_length, signature,
-            signature_size );
-        return( mbedtls_to_psa_error( ret ) );
-    }
-    else
-#endif /* defined(MBEDTLS_ECP_C) */
-    {
-        return( PSA_ERROR_NOT_SUPPORTED );
-    }
-}
-
 psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
                                    psa_algorithm_t alg,
                                    const uint8_t *hash,
@@ -1497,7 +1457,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
             return( PSA_ERROR_INVALID_ARGUMENT );
         }
         if( ret == 0 )
-            *output_length = rsa->len; // check if this is correct
+            *output_length = rsa->len;
         return( mbedtls_to_psa_error( ret ) );
     }
 #endif
@@ -1550,7 +1510,6 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
 #if defined(MBEDTLS_PKCS1_V15)
         if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT )
         {
-            *output_length = input_length; // check this
             ret = mbedtls_rsa_pkcs1_decrypt(  rsa,
                                             mbedtls_ctr_drbg_random,
                                             &global_data.ctr_drbg,
@@ -1572,8 +1531,7 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
         {
             return( PSA_ERROR_INVALID_ARGUMENT );
         }
-        if( ret == 0 )
-            *output_length = rsa->len; // check if this is correct
+
         return( mbedtls_to_psa_error( ret ) );
     }
 #endif

From 4db79eb36b6b1f7aa87519133f1de5af85000180 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Mon, 4 Jun 2018 16:40:31 +0300
Subject: [PATCH 218/889] Extract common code

Make code easier to maintain.
---
 library/psa_crypto.c | 78 +++++++++++++++++++++++---------------------
 1 file changed, 40 insertions(+), 38 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 4913adfed..17ab2cfae 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1203,6 +1203,30 @@ psa_status_t psa_mac_verify( psa_mac_operation_t *operation,
 /* Asymmetric cryptography */
 /****************************************************************/
 
+static psa_status_t verify_RSA_hash_input_and_get_md_type(psa_algorithm_t alg, size_t hash_length, mbedtls_md_type_t *md_alg)
+{
+    psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH(alg);
+    const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa(hash_alg);
+    *md_alg = hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type(md_info);
+    if (*md_alg == MBEDTLS_MD_NONE)
+    {
+#if SIZE_MAX > UINT_MAX
+        if (hash_length > UINT_MAX)
+            return(PSA_ERROR_INVALID_ARGUMENT);
+#endif
+    }
+    else
+    {
+        if (mbedtls_md_get_size(md_info) != hash_length)
+            return(PSA_ERROR_INVALID_ARGUMENT);
+        if (md_info == NULL)
+            return(PSA_ERROR_NOT_SUPPORTED);
+    }
+    return PSA_SUCCESS;
+}
+
+
+
 psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
                                  psa_algorithm_t alg,
                                  const uint8_t *hash,
@@ -1214,11 +1238,12 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
                                  size_t *signature_length)
 {
     key_slot_t *slot;
-
+    psa_status_t status;
     *signature_length = 0;
     (void) salt;
     (void) salt_length;
 
+
     if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_EMPTY_SLOT );
     slot = &global_data.key_slots[key];
@@ -1234,24 +1259,12 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
     {
         mbedtls_rsa_context *rsa = slot->data.rsa;
         int ret;
-        psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH( alg );
-        const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
-        mbedtls_md_type_t md_alg =
-            hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type( md_info );
-        if( md_alg == MBEDTLS_MD_NONE )
-        {
-#if SIZE_MAX > UINT_MAX
-            if( hash_length > UINT_MAX )
-                return( PSA_ERROR_INVALID_ARGUMENT );
-#endif
-        }
-        else
-        {
-            if( mbedtls_md_get_size( md_info ) != hash_length )
-                return( PSA_ERROR_INVALID_ARGUMENT );
-            if( md_info == NULL )
-                return( PSA_ERROR_NOT_SUPPORTED );
-        }
+        mbedtls_md_type_t md_alg;
+        status = verify_RSA_hash_input_and_get_md_type( alg, hash_length,
+                                                       &md_alg );
+        if ( status != PSA_SUCCESS )
+            return status;
+
         if( signature_size < rsa->len )
             return( PSA_ERROR_BUFFER_TOO_SMALL );
 #if defined(MBEDTLS_PKCS1_V15)
@@ -1323,6 +1336,7 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
                                    size_t signature_size)
 {
     key_slot_t *slot;
+    psa_status_t status;
     (void) salt;
     (void) salt_length;
 
@@ -1332,29 +1346,17 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
 
-    #if defined(MBEDTLS_RSA_C)
+ #if defined(MBEDTLS_RSA_C)
     if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
     {
         mbedtls_rsa_context *rsa = slot->data.rsa;
         int ret;
-        psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH( alg );
-        const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
-        mbedtls_md_type_t md_alg =
-            hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type( md_info );
-        if( md_alg == MBEDTLS_MD_NONE )
-        {
-#if SIZE_MAX > UINT_MAX
-            if( hash_length > UINT_MAX )
-                return( PSA_ERROR_INVALID_ARGUMENT );
-#endif
-        }
-        else
-        {
-            if( mbedtls_md_get_size( md_info ) != hash_length )
-                return( PSA_ERROR_INVALID_ARGUMENT );
-            if( md_info == NULL )
-                return( PSA_ERROR_NOT_SUPPORTED );
-        }
+        mbedtls_md_type_t md_alg;
+        status = verify_RSA_hash_input_and_get_md_type(alg, hash_length,
+            &md_alg);
+        if (status != PSA_SUCCESS)
+            return status;
+
         if( signature_size < rsa->len )
             return( PSA_ERROR_BUFFER_TOO_SMALL );
 #if defined(MBEDTLS_PKCS1_V15)

From c460291714754ca4ab56b5fe6292139555805f95 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Mon, 4 Jun 2018 16:42:18 +0300
Subject: [PATCH 219/889] Re-Add ECC verification code which was not properly
 merged in re-base.

---
 library/psa_crypto.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 17ab2cfae..c1c47d231 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1394,8 +1394,12 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
 #if defined(MBEDTLS_ECP_C)
     if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
     {
-        // TODO
-        return( PSA_ERROR_NOT_SUPPORTED );
+        mbedtls_ecp_keypair *ecdsa = slot->data.ecp;
+        int ret;
+        (void)alg;
+        ret = mbedtls_ecdsa_read_signature(ecdsa, hash, hash_length, signature,
+            signature_size);
+        return(mbedtls_to_psa_error(ret));
     }
     else
 #endif /* defined(MBEDTLS_ECP_C) */

From ca466c89b09e2ad7ae23e47a1142c0f9129c309a Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Mon, 4 Jun 2018 16:43:12 +0300
Subject: [PATCH 220/889] Set output length to safe value

---
 library/psa_crypto.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c1c47d231..ba688bccd 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1422,6 +1422,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
     key_slot_t *slot;
     (void) salt;
     (void) salt_length;
+    *output_length = 0;
 
     if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_INVALID_ARGUMENT );
@@ -1495,6 +1496,7 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
     key_slot_t *slot;
     (void) salt;
     (void) salt_length;
+    *output_length = 0;
 
     if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_EMPTY_SLOT );

From d708260de45c74786c85124f8341ef210686087e Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Mon, 4 Jun 2018 16:45:27 +0300
Subject: [PATCH 221/889] add key policy enforcement implementation

add checks that keys have been set for the correct usage for asymmetric
functions.
---
 library/psa_crypto.c                        |  6 +++++
 tests/suites/test_suite_psa_crypto.function | 26 +++++++++++++++++++++
 2 files changed, 32 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ba688bccd..dce8e097f 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1345,6 +1345,8 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
+    if (!(slot->policy.usage & PSA_KEY_USAGE_VERIFY))
+        return(PSA_ERROR_NOT_PERMITTED);
 
  #if defined(MBEDTLS_RSA_C)
     if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
@@ -1431,6 +1433,8 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
         return( PSA_ERROR_EMPTY_SLOT );
     if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
+    if (!(slot->policy.usage & PSA_KEY_USAGE_ENCRYPT))
+        return(PSA_ERROR_NOT_PERMITTED);
 
 
 #if defined(MBEDTLS_RSA_C)
@@ -1505,6 +1509,8 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
         return( PSA_ERROR_EMPTY_SLOT );
     if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
+    if (!(slot->policy.usage & PSA_KEY_USAGE_DECRYPT))
+        return(PSA_ERROR_NOT_PERMITTED);
 
 #if defined(MBEDTLS_RSA_C)
     if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index caa0abd0b..690b22c88 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -595,6 +595,7 @@ void asymmetric_verify_fail( int key_type_arg, char *key_hex,
     size_t signature_size;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
+    psa_key_policy_t policy = {0};
 
     key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
@@ -605,6 +606,12 @@ void asymmetric_verify_fail( int key_type_arg, char *key_hex,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg_arg );
+
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data, key_size ) == PSA_SUCCESS );
 
@@ -643,6 +650,7 @@ void asymmetric_encrypt( int key_type_arg, char *key_hex,
     unsigned char *output2 = NULL;
     size_t output2_size = 0;
     size_t output2_length = 0;
+    psa_key_policy_t policy = {0};
 
     key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
@@ -657,6 +665,10 @@ void asymmetric_encrypt( int key_type_arg, char *key_hex,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg_arg );
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data, key_size ) == PSA_SUCCESS );
 
@@ -710,6 +722,7 @@ void asymmetric_encrypt_fail( int key_type_arg, char *key_hex,
     size_t output_length = 0;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
+    psa_key_policy_t policy = {0};
 
     key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
@@ -721,6 +734,10 @@ void asymmetric_encrypt_fail( int key_type_arg, char *key_hex,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg_arg );
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data, key_size ) == PSA_SUCCESS );
 
@@ -774,6 +791,10 @@ void asymmetric_decrypt( int key_type_arg, char *key_hex,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg_arg );
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data, key_size ) == PSA_SUCCESS );
 
@@ -818,6 +839,7 @@ void asymmetric_decrypt_fail( int key_type_arg, char *key_hex,
     size_t output_length = 0;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
+    psa_key_policy_t policy = {0};
 
     key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
@@ -829,6 +851,10 @@ void asymmetric_decrypt_fail( int key_type_arg, char *key_hex,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg_arg );
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data, key_size ) == PSA_SUCCESS );
 

From 1c2a7ea4e240f373a87c8316636ad10ca4023753 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Tue, 5 Jun 2018 15:01:42 +0300
Subject: [PATCH 222/889] Allow psa_asymmetric_verify and
 psa_asymmetric_encrypt to use public key only.

---
 library/psa_crypto.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index dce8e097f..3722987f1 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1349,7 +1349,8 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
         return(PSA_ERROR_NOT_PERMITTED);
 
  #if defined(MBEDTLS_RSA_C)
-    if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
+    if( ( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) ||
+        ( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) )
     {
         mbedtls_rsa_context *rsa = slot->data.rsa;
         int ret;
@@ -1438,7 +1439,8 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
 
 
 #if defined(MBEDTLS_RSA_C)
-    if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
+    if( ( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) ||
+        ( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY) )
     {
         mbedtls_rsa_context *rsa = slot->data.rsa;
         int ret;

From 61b91d4476b9d187913166e39bb85d15e942242b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 8 Jun 2018 16:09:36 +0200
Subject: [PATCH 223/889] Normalize whitespace to Mbed TLS standards

Only whitespace changes in this commit.
---
 library/psa_crypto.c                        | 191 ++++++++++----------
 tests/suites/test_suite_psa_crypto.function |   2 +-
 2 files changed, 95 insertions(+), 98 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 3722987f1..c716b7beb 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1203,39 +1203,39 @@ psa_status_t psa_mac_verify( psa_mac_operation_t *operation,
 /* Asymmetric cryptography */
 /****************************************************************/
 
-static psa_status_t verify_RSA_hash_input_and_get_md_type(psa_algorithm_t alg, size_t hash_length, mbedtls_md_type_t *md_alg)
+static psa_status_t verify_RSA_hash_input_and_get_md_type( psa_algorithm_t alg,
+                                                           size_t hash_length,
+                                                           mbedtls_md_type_t *md_alg )
 {
-    psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH(alg);
-    const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa(hash_alg);
-    *md_alg = hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type(md_info);
-    if (*md_alg == MBEDTLS_MD_NONE)
+    psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH( alg );
+    const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
+    *md_alg = hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type( md_info );
+    if( *md_alg == MBEDTLS_MD_NONE )
     {
 #if SIZE_MAX > UINT_MAX
-        if (hash_length > UINT_MAX)
-            return(PSA_ERROR_INVALID_ARGUMENT);
+        if( hash_length > UINT_MAX )
+            return( PSA_ERROR_INVALID_ARGUMENT );
 #endif
     }
     else
     {
-        if (mbedtls_md_get_size(md_info) != hash_length)
-            return(PSA_ERROR_INVALID_ARGUMENT);
-        if (md_info == NULL)
-            return(PSA_ERROR_NOT_SUPPORTED);
+        if( mbedtls_md_get_size( md_info ) != hash_length )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        if( md_info == NULL )
+            return( PSA_ERROR_NOT_SUPPORTED );
     }
-    return PSA_SUCCESS;
+    return( PSA_SUCCESS );
 }
 
-
-
-psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
-                                 psa_algorithm_t alg,
-                                 const uint8_t *hash,
-                                 size_t hash_length,
-                                 const uint8_t *salt,
-                                 size_t salt_length,
-                                 uint8_t *signature,
-                                 size_t signature_size,
-                                 size_t *signature_length)
+psa_status_t psa_asymmetric_sign( psa_key_slot_t key,
+                                  psa_algorithm_t alg,
+                                  const uint8_t *hash,
+                                  size_t hash_length,
+                                  const uint8_t *salt,
+                                  size_t salt_length,
+                                  uint8_t *signature,
+                                  size_t signature_size,
+                                  size_t *signature_length )
 {
     key_slot_t *slot;
     psa_status_t status;
@@ -1243,7 +1243,6 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
     (void) salt;
     (void) salt_length;
 
-
     if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_EMPTY_SLOT );
     slot = &global_data.key_slots[key];
@@ -1251,7 +1250,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
         return( PSA_ERROR_EMPTY_SLOT );
     if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
-    if( !( slot->policy.usage & PSA_KEY_USAGE_SIGN ) )
+    if( ! ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) )
         return( PSA_ERROR_NOT_PERMITTED );
 
 #if defined(MBEDTLS_RSA_C)
@@ -1261,9 +1260,9 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
         int ret;
         mbedtls_md_type_t md_alg;
         status = verify_RSA_hash_input_and_get_md_type( alg, hash_length,
-                                                       &md_alg );
-        if ( status != PSA_SUCCESS )
-            return status;
+                                                        &md_alg );
+        if( status != PSA_SUCCESS )
+            return( status );
 
         if( signature_size < rsa->len )
             return( PSA_ERROR_BUFFER_TOO_SMALL );
@@ -1315,8 +1314,9 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
         md_info = mbedtls_md_info_from_psa( alg );
         md_alg = mbedtls_md_get_type( md_info );
         ret = mbedtls_ecdsa_write_signature( ecdsa, md_alg, hash, hash_length,
-            signature, signature_length, mbedtls_ctr_drbg_random,
-            &global_data.ctr_drbg );
+                                             signature, signature_length,
+                                             mbedtls_ctr_drbg_random,
+                                             &global_data.ctr_drbg );
         return( mbedtls_to_psa_error( ret ) );
     }
     else
@@ -1326,14 +1326,14 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
     }
 }
 
-psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
-                                   psa_algorithm_t alg,
-                                   const uint8_t *hash,
-                                   size_t hash_length,
-                                   const uint8_t *salt,
-                                   size_t salt_length,
-                                   uint8_t *signature,
-                                   size_t signature_size)
+psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
+                                    psa_algorithm_t alg,
+                                    const uint8_t *hash,
+                                    size_t hash_length,
+                                    const uint8_t *salt,
+                                    size_t salt_length,
+                                    uint8_t *signature,
+                                    size_t signature_size )
 {
     key_slot_t *slot;
     psa_status_t status;
@@ -1345,20 +1345,20 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
-    if (!(slot->policy.usage & PSA_KEY_USAGE_VERIFY))
-        return(PSA_ERROR_NOT_PERMITTED);
+    if( ! ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) )
+        return( PSA_ERROR_NOT_PERMITTED );
 
- #if defined(MBEDTLS_RSA_C)
+#if defined(MBEDTLS_RSA_C)
     if( ( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) ||
         ( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) )
     {
         mbedtls_rsa_context *rsa = slot->data.rsa;
         int ret;
         mbedtls_md_type_t md_alg;
-        status = verify_RSA_hash_input_and_get_md_type(alg, hash_length,
-            &md_alg);
-        if (status != PSA_SUCCESS)
-            return status;
+        status = verify_RSA_hash_input_and_get_md_type( alg, hash_length,
+                                                       &md_alg );
+        if( status != PSA_SUCCESS )
+            return( status );
 
         if( signature_size < rsa->len )
             return( PSA_ERROR_BUFFER_TOO_SMALL );
@@ -1369,13 +1369,13 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
                                      MBEDTLS_MD_NONE );
 
             ret = mbedtls_rsa_pkcs1_verify( rsa,
-                      mbedtls_ctr_drbg_random,
-                      &global_data.ctr_drbg,
-                      MBEDTLS_RSA_PUBLIC,
-                      md_alg,
-                      hash_length,
-                      hash,
-                      signature );
+                                            mbedtls_ctr_drbg_random,
+                                            &global_data.ctr_drbg,
+                                            MBEDTLS_RSA_PUBLIC,
+                                            md_alg,
+                                            hash_length,
+                                            hash,
+                                            signature );
 
         }
         else
@@ -1400,9 +1400,9 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
         mbedtls_ecp_keypair *ecdsa = slot->data.ecp;
         int ret;
         (void)alg;
-        ret = mbedtls_ecdsa_read_signature(ecdsa, hash, hash_length, signature,
-            signature_size);
-        return(mbedtls_to_psa_error(ret));
+        ret = mbedtls_ecdsa_read_signature( ecdsa, hash, hash_length,
+                                            signature, signature_size );
+        return( mbedtls_to_psa_error( ret ) );
     }
     else
 #endif /* defined(MBEDTLS_ECP_C) */
@@ -1411,16 +1411,15 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
     }
 }
 
-
-psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
-                                    psa_algorithm_t alg,
-                                    const uint8_t *input,
-                                    size_t input_length,
-                                    const uint8_t *salt,
-                                    size_t salt_length,
-                                    uint8_t *output,
-                                    size_t output_size,
-                                    size_t *output_length)
+psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
+                                     psa_algorithm_t alg,
+                                     const uint8_t *input,
+                                     size_t input_length,
+                                     const uint8_t *salt,
+                                     size_t salt_length,
+                                     uint8_t *output,
+                                     size_t output_size,
+                                     size_t *output_length )
 {
     key_slot_t *slot;
     (void) salt;
@@ -1434,28 +1433,27 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
         return( PSA_ERROR_EMPTY_SLOT );
     if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
-    if (!(slot->policy.usage & PSA_KEY_USAGE_ENCRYPT))
-        return(PSA_ERROR_NOT_PERMITTED);
-
+    if( ! ( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) )
+        return( PSA_ERROR_NOT_PERMITTED );
 
 #if defined(MBEDTLS_RSA_C)
     if( ( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) ||
-        ( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY) )
+        ( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) )
     {
         mbedtls_rsa_context *rsa = slot->data.rsa;
         int ret;
         if( output_size < rsa->len )
-                return( PSA_ERROR_INVALID_ARGUMENT );
+            return( PSA_ERROR_INVALID_ARGUMENT );
 #if defined(MBEDTLS_PKCS1_V15)
         if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT )
         {
-        ret = mbedtls_rsa_pkcs1_encrypt(  rsa,
-                                        mbedtls_ctr_drbg_random,
-                                        &global_data.ctr_drbg,
-                                        MBEDTLS_RSA_PUBLIC,
-                                        input_length,
-                                        input,
-                                        output );
+            ret = mbedtls_rsa_pkcs1_encrypt( rsa,
+                                             mbedtls_ctr_drbg_random,
+                                             &global_data.ctr_drbg,
+                                             MBEDTLS_RSA_PUBLIC,
+                                             input_length,
+                                             input,
+                                             output );
         }
         else
 #endif /* MBEDTLS_PKCS1_V15 */
@@ -1488,16 +1486,15 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
 
 }
 
-
-psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
-                                    psa_algorithm_t alg,
-                                    const uint8_t *input,
-                                    size_t input_length,
-                                    const uint8_t *salt,
-                                    size_t salt_length,
-                                    uint8_t *output,
-                                    size_t output_size,
-                                    size_t *output_length)
+psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
+                                     psa_algorithm_t alg,
+                                     const uint8_t *input,
+                                     size_t input_length,
+                                     const uint8_t *salt,
+                                     size_t salt_length,
+                                     uint8_t *output,
+                                     size_t output_size,
+                                     size_t *output_length )
 {
     key_slot_t *slot;
     (void) salt;
@@ -1511,8 +1508,8 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
         return( PSA_ERROR_EMPTY_SLOT );
     if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
-    if (!(slot->policy.usage & PSA_KEY_USAGE_DECRYPT))
-        return(PSA_ERROR_NOT_PERMITTED);
+    if( ! ( slot->policy.usage & PSA_KEY_USAGE_DECRYPT ) )
+        return( PSA_ERROR_NOT_PERMITTED );
 
 #if defined(MBEDTLS_RSA_C)
     if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
@@ -1526,14 +1523,14 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
 #if defined(MBEDTLS_PKCS1_V15)
         if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT )
         {
-            ret = mbedtls_rsa_pkcs1_decrypt(  rsa,
-                                            mbedtls_ctr_drbg_random,
-                                            &global_data.ctr_drbg,
-                                            MBEDTLS_RSA_PRIVATE,
-                                            output_length,
-                                            input,
-                                            output,
-                                            output_size );
+            ret = mbedtls_rsa_pkcs1_decrypt( rsa,
+                                             mbedtls_ctr_drbg_random,
+                                             &global_data.ctr_drbg,
+                                             MBEDTLS_RSA_PRIVATE,
+                                             output_length,
+                                             input,
+                                             output,
+                                             output_size );
         }
         else
 #endif /* MBEDTLS_PKCS1_V15 */
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 690b22c88..4522b9a8d 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -84,7 +84,7 @@ void import_export( char *hex, int type_arg,
 
     psa_key_policy_init( &policy );
 
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT,
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 
                               PSA_ALG_VENDOR_FLAG );
 
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );

From 8b18a4fef304f5baca485af7600a18ec9deb0f8c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 8 Jun 2018 16:34:46 +0200
Subject: [PATCH 224/889] Rename verify_RSA_hash_input_and_get_md_type

Give it a shorter name that's more in line with our naming conventions.
---
 library/psa_crypto.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c716b7beb..2a0d59c50 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1203,9 +1203,11 @@ psa_status_t psa_mac_verify( psa_mac_operation_t *operation,
 /* Asymmetric cryptography */
 /****************************************************************/
 
-static psa_status_t verify_RSA_hash_input_and_get_md_type( psa_algorithm_t alg,
-                                                           size_t hash_length,
-                                                           mbedtls_md_type_t *md_alg )
+/* Decode the hash algorithm from alg and store the mbedtls encoding in
+ * md_alg. Verify that the hash length is consistent. */
+static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
+                                            size_t hash_length,
+                                            mbedtls_md_type_t *md_alg )
 {
     psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH( alg );
     const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
@@ -1259,8 +1261,7 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key,
         mbedtls_rsa_context *rsa = slot->data.rsa;
         int ret;
         mbedtls_md_type_t md_alg;
-        status = verify_RSA_hash_input_and_get_md_type( alg, hash_length,
-                                                        &md_alg );
+        status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
         if( status != PSA_SUCCESS )
             return( status );
 
@@ -1355,8 +1356,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
         mbedtls_rsa_context *rsa = slot->data.rsa;
         int ret;
         mbedtls_md_type_t md_alg;
-        status = verify_RSA_hash_input_and_get_md_type( alg, hash_length,
-                                                       &md_alg );
+        status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
         if( status != PSA_SUCCESS )
             return( status );
 

From 625b01c9c3ba8e3b52c75336d6d41f43d960af46 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 8 Jun 2018 17:43:16 +0200
Subject: [PATCH 225/889] Add OAEP placeholders in asymmetric encrypt/decrypt

Replace PSS placeholders by OAEP placeholders. PSS is a signature
algorithm, not an encryption algorithm.

Fix typo in PSA_ALG_IS_RSA_OAEP_MGF1.
---
 include/psa/crypto.h | 2 +-
 library/psa_crypto.c | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 084049430..db5b5f6ab 100755
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -336,7 +336,7 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_RSA_OAEP_MGF1(hash_alg)                             \
     (PSA_ALG_RSA_OAEP_MGF1_RAW | ((hash_alg) & PSA_ALG_HASH_MASK))
 #define PSA_ALG_IS_RSA_OAEP_MGF1(alg)                               \
-    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_MGF1_RAW)
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_MGF1_BASE)
 #define PSA_ALG_RSA_GET_HASH(alg)                                       \
     (((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH)
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 2a0d59c50..cd20738d9 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1458,7 +1458,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
         else
 #endif /* MBEDTLS_PKCS1_V15 */
 #if defined(MBEDTLS_PKCS1_V21)
-        if( alg == PSA_ALG_RSA_PSS_MGF1 )
+        if( PSA_ALG_IS_RSA_OAEP_MGF1( alg ) )
         {
             return( PSA_ERROR_NOT_SUPPORTED );
         }
@@ -1535,7 +1535,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
         else
 #endif /* MBEDTLS_PKCS1_V15 */
 #if defined(MBEDTLS_PKCS1_V21)
-        if( alg == PSA_ALG_RSA_PSS_MGF1 )
+        if( PSA_ALG_IS_RSA_OAEP_MGF1( alg ) )
         {
             return( PSA_ERROR_NOT_SUPPORTED );
         }

From beb4948d1067b41bc52ef2ec0f5a08d825e46b21 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 8 Jun 2018 17:44:35 +0200
Subject: [PATCH 226/889] Add RSA PSS verification (untested)

---
 library/psa_crypto.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index cd20738d9..459373652 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1383,7 +1383,13 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
 #if defined(MBEDTLS_PKCS1_V21)
         if( alg == PSA_ALG_RSA_PSS_MGF1 )
         {
-            return( PSA_ERROR_NOT_SUPPORTED );
+            mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
+            ret = mbedtls_rsa_rsassa_pss_verify( rsa,
+                                                 mbedtls_ctr_drbg_random,
+                                                 &global_data.ctr_drbg,
+                                                 MBEDTLS_RSA_PUBLIC,
+                                                 md_alg, hash_length, hash,
+                                                 signature );
         }
         else
 #endif /* MBEDTLS_PKCS1_V21 */

From b75e4f131454fe3e3ac322800dc9d6a811a42819 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 8 Jun 2018 17:44:47 +0200
Subject: [PATCH 227/889] Remove ECC boilerplate in asymmetric encrypt/decrypt

We don't have any encryption algorithm using ECC keys at the moment.
---
 library/psa_crypto.c | 18 ++----------------
 1 file changed, 2 insertions(+), 16 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 459373652..5b92f49b1 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1477,15 +1477,8 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
             *output_length = rsa->len;
         return( mbedtls_to_psa_error( ret ) );
     }
-#endif
-#if defined(MBEDTLS_ECP_C)
-    if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
-    {
-        // TODO
-        return( PSA_ERROR_NOT_SUPPORTED );
-    }
     else
-#endif /* defined(MBEDTLS_ECP_C) */
+#endif /* defined(MBEDTLS_RSA_C) */
     {
         return( PSA_ERROR_NOT_SUPPORTED );
     }
@@ -1553,15 +1546,8 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
 
         return( mbedtls_to_psa_error( ret ) );
     }
-#endif
-#if defined(MBEDTLS_ECP_C)
-    if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
-    {
-        // TODO
-        return( PSA_ERROR_NOT_SUPPORTED );
-    }
     else
-#endif /* defined(MBEDTLS_ECP_C) */
+#endif /* defined(MBEDTLS_RSA_C) */
     {
         return( PSA_ERROR_NOT_SUPPORTED );
     }

From c4def2f2280bcfb988e7be41e79a2b9afd450c66 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 8 Jun 2018 17:53:48 +0200
Subject: [PATCH 228/889] Add input length check in psa_asymmetric_decrypt

Remove output size check which is not needed here and was copypasta.

Add non-regression tests.
---
 library/psa_crypto.c                    | 2 +-
 tests/suites/test_suite_psa_crypto.data | 7 +++++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 5b92f49b1..ef34f857a 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1516,7 +1516,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
         mbedtls_rsa_context *rsa = slot->data.rsa;
         int ret;
 
-        if( output_size < rsa->len )
+        if( input_length != rsa->len )
             return( PSA_ERROR_INVALID_ARGUMENT );
 
 #if defined(MBEDTLS_PKCS1_V15)
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 72ddbc066..0cf6bc53f 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -165,3 +165,10 @@ PSA decrypt using RSA PKCS#1 v1.5 fail - mangled key and incorrect key type
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
 
+PSA decrypt using RSA PKCS#1 v1.5 fail - input buffer too small
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt using RSA PKCS#1 v1.5 fail - input buffer too large
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT

From eebd7381bb84de01d74c3cee2219e9c3e1ee7955 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 8 Jun 2018 18:11:54 +0200
Subject: [PATCH 229/889] Rename asymmetric_encrypt to clarify what it does

Renamed to asymmetric_encrypt_decrypt
---
 tests/suites/test_suite_psa_crypto.data     | 8 ++++----
 tests/suites/test_suite_psa_crypto.function | 9 +++++----
 2 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 0cf6bc53f..e854870c5 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -133,13 +133,13 @@ PSA verify ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
-PSA encrypt using RSA PKCS#1 v1.5 vector #1
+PSA encrypt-decrypt using RSA PKCS#1 v1.5 vector #1
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
+asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
 
-PSA encrypt using RSA PKCS#1 v1.5 vector #2
+PSA encrypt-decrypt using RSA PKCS#1 v1.5 vector #2
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff"
+asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff"
 
 PSA encrypt using RSA PKCS#1 v1.5 fail - invalid algorithm
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 4522b9a8d..39e104145 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -634,8 +634,8 @@ exit:
 
 
 /* BEGIN_CASE */
-void asymmetric_encrypt( int key_type_arg, char *key_hex,
-                         int alg_arg, char *input_hex )
+void asymmetric_encrypt_decrypt( int key_type_arg, char *key_hex,
+                                 int alg_arg, char *input_hex )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -672,8 +672,9 @@ void asymmetric_encrypt( int key_type_arg, char *key_hex,
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data, key_size ) == PSA_SUCCESS );
 
-    //checked using encrypt/decrpyt because of non-optional random
-    // part of encryption process preventing using fixed vectors
+    /* We test encryption by checking that encrypt-then-decrypt gives back
+     * the original plaintext because of the non-optional random
+     * part of encryption process which prevents using fixed vectors. */
     TEST_ASSERT( psa_asymmetric_encrypt(slot, alg,
                                     input_data,
                                     input_size,

From 423f219bb22a6e5b2fd5b831171b255948274c2f Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Tue, 12 Jun 2018 17:05:20 +0300
Subject: [PATCH 230/889] Fixed missing dependencies in psa crypto tests

    PSA verify RSA PKCS#1 v1.5 SHA-256, wrong hash
    PSA Symmetric decryption: AES-CTR, 16 bytes, good
    PSA Symmetric encryption: AES-CTR, 15 bytes, good
    PSA Symmetric encryption: AES-CTR, 16 bytes, good
---
 tests/suites/test_suite_psa_crypto.data | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index b36e54979..f1fb30f50 100755
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -86,11 +86,11 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
 
 PSA Symmetric encryption: AES-CTR, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
 cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
 
 PSA Symmetric encryption: AES-CTR, 15 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
 cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
 
 PSA Symmetric decryption: AES-CBC-nopad, 16 bytes, good
@@ -110,7 +110,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE
 
 PSA Symmetric decryption: AES-CTR, 16 bytes, good
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
 cipher_decrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS
 
 PSA Symmetric decryption: AES-CBC-nopad, input too short
@@ -269,7 +269,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
 
 PSA verify RSA PKCS#1 v1.5 SHA-256, wrong hash
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C
 asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT
 
 PSA verify RSA PKCS#1 v1.5 SHA-256, wrong signature

From 3e02b3b28092661702cc343000927e0d961b8e6b Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Tue, 12 Jun 2018 17:06:52 +0300
Subject: [PATCH 231/889] On target testing tests adaptation

Updated all psa crypto tests to use the new test format
---
 tests/suites/test_suite_psa_crypto.data     |   0
 tests/suites/test_suite_psa_crypto.function | 778 ++++++++------------
 2 files changed, 327 insertions(+), 451 deletions(-)
 mode change 100755 => 100644 tests/suites/test_suite_psa_crypto.data

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
old mode 100755
new mode 100644
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index add059ed2..002f9f7d0 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1,7 +1,13 @@
 /* BEGIN_HEADER */
+#include <stdint.h>
 #include "psa/crypto.h"
-
 #include "mbedtls/md.h"
+
+#if(UINT32_MAX > SIZE_MAX)
+#define PSA_CRYPTO_TEST_SIZE_T_RANGE(x) ((x) <= SIZE_MAX)
+#else
+#define PSA_CRYPTO_TEST_SIZE_T_RANGE(x) 1
+#endif
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
@@ -26,30 +32,27 @@ void init_deinit()
 /* END_CASE */
 
 /* BEGIN_CASE */
-void import( char *hex, int type, int expected_status )
+void import( data_t *data, int type, int expected_status )
 {
     int slot = 1;
     psa_status_t status;
-    unsigned char *data = NULL;
-    size_t data_size;
 
-    data = unhexify_alloc( hex, &data_size );
     TEST_ASSERT( data != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
-    status = psa_import_key( slot, type, data, data_size );
+    status = psa_import_key( slot, type, data->x, (size_t) data->len );
     TEST_ASSERT( status == (psa_status_t) expected_status );
     if( status == PSA_SUCCESS )
         TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
 
 exit:
-    mbedtls_free( data );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
 
 /* BEGIN_CASE */
-void import_export( char *hex,
+void import_export( data_t *data,
                     int type_arg,
                     int alg_arg,
                     int usage_arg,
@@ -62,10 +65,8 @@ void import_export( char *hex,
     int slot2 = slot + 1;
     psa_key_type_t type = type_arg;
     psa_status_t status;
-    unsigned char *data = NULL;
     unsigned char *exported = NULL;
     unsigned char *reexported = NULL;
-    size_t data_size;
     size_t export_size;
     size_t exported_length;
     size_t reexported_length;
@@ -73,9 +74,9 @@ void import_export( char *hex,
     size_t got_bits;
     psa_key_policy_t policy = {0};
 
-    data = unhexify_alloc( hex, &data_size );
     TEST_ASSERT( data != NULL );
-    export_size = (ssize_t) data_size + export_size_delta;
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
+    export_size = (ssize_t) data->len + export_size_delta;
     exported = mbedtls_calloc( 1, export_size );
     TEST_ASSERT( exported != NULL );
     if( ! canonical_input )
@@ -93,7 +94,7 @@ void import_export( char *hex,
 
     /* Import the key */
     TEST_ASSERT( psa_import_key( slot, type,
-                                 data, data_size ) == PSA_SUCCESS );
+                                 data->x, (size_t) data->len ) == PSA_SUCCESS );
 
     /* Test the key information */
     TEST_ASSERT( psa_get_key_information( slot,
@@ -112,8 +113,8 @@ void import_export( char *hex,
 
     if( canonical_input )
     {
-        TEST_ASSERT( exported_length == data_size );
-        TEST_ASSERT( memcmp( exported, data, data_size ) == 0 );
+        TEST_ASSERT( exported_length == (size_t) data->len );
+        TEST_ASSERT( memcmp( exported, data->x, (size_t) data->len ) == 0 );
     }
     else
     {
@@ -138,14 +139,15 @@ destroy:
                      slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
 
 exit:
-    mbedtls_free( data );
+    mbedtls_free( exported );
+    mbedtls_free( reexported );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
 
 
 /* BEGIN_CASE */
-void import_export_public_key( char *hex,
+void import_export_public_key( data_t *data,
                                 int type_arg,
                                 int alg_arg,
                                 int expected_bits,
@@ -155,18 +157,16 @@ void import_export_public_key( char *hex,
     int slot = 1;
     psa_key_type_t type = type_arg;
     psa_status_t status;
-    unsigned char *data = NULL;
     unsigned char *exported = NULL;
-    size_t data_size;
     size_t export_size;
     size_t exported_length;
     psa_key_type_t got_type;
     size_t got_bits;
     psa_key_policy_t policy = {0};
 
-    data = unhexify_alloc( hex, &data_size );
     TEST_ASSERT( data != NULL );
-    export_size = (ssize_t) data_size ;
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
+    export_size = (ssize_t) data->len;
     exported = mbedtls_calloc( 1, export_size );
     TEST_ASSERT( exported != NULL );
 
@@ -181,7 +181,8 @@ void import_export_public_key( char *hex,
 
     /* Import the key */
     TEST_ASSERT( psa_import_key( slot, type,
-                                 data, data_size ) == PSA_SUCCESS );
+                                 data->x, (size_t) data->len ) ==
+                                 PSA_SUCCESS );
 
     /* Test the key information */
     TEST_ASSERT( psa_get_key_information( slot,
@@ -206,104 +207,88 @@ destroy:
                      slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
 
 exit:
-    mbedtls_free( data );
+    mbedtls_free( exported );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
 
 /* BEGIN_CASE */
-void hash_finish( int alg_arg, char *input_hex, char *hash_hex )
+void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
 {
     psa_algorithm_t alg = alg_arg;
-    unsigned char *input = NULL;
-    size_t input_size;
-    unsigned char expected_hash[MBEDTLS_MD_MAX_SIZE];
-    size_t expected_hash_length;
     unsigned char actual_hash[MBEDTLS_MD_MAX_SIZE];
     size_t actual_hash_length;
     psa_hash_operation_t operation;
 
-    input = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input != NULL );
-    expected_hash_length = unhexify( expected_hash, hash_hex );
+    TEST_ASSERT( expected_hash != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_hash->len ) );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_update( &operation,
-                                  input, input_size ) == PSA_SUCCESS );
+                                  input->x, (size_t) input->len ) ==
+                                  PSA_SUCCESS );
     TEST_ASSERT( psa_hash_finish( &operation,
                                   actual_hash, sizeof( actual_hash ),
                                   &actual_hash_length ) == PSA_SUCCESS );
-    TEST_ASSERT( actual_hash_length == expected_hash_length );
-    TEST_ASSERT( memcmp( expected_hash, actual_hash,
-                         expected_hash_length ) == 0 );
+    TEST_ASSERT( actual_hash_length == (size_t) expected_hash->len );
+    TEST_ASSERT( memcmp( expected_hash->x, actual_hash,
+                         (size_t) expected_hash->len ) == 0 );
 
 exit:
-    mbedtls_free( input );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
 
 /* BEGIN_CASE */
-void hash_verify( int alg_arg, char *input_hex, char *hash_hex )
+void hash_verify( int alg_arg, data_t *input, data_t *expected_hash )
 {
     psa_algorithm_t alg = alg_arg;
-    unsigned char *input = NULL;
-    size_t input_size;
-    unsigned char expected_hash[MBEDTLS_MD_MAX_SIZE];
-    size_t expected_hash_length;
     psa_hash_operation_t operation;
 
-    input = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input != NULL );
-    expected_hash_length = unhexify( expected_hash, hash_hex );
+    TEST_ASSERT( expected_hash != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_hash->len ) );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_update( &operation,
-                                  input, input_size ) == PSA_SUCCESS );
+                                  input->x, (size_t) input->len ) ==
+                                  PSA_SUCCESS );
     TEST_ASSERT( psa_hash_verify( &operation,
-                                  expected_hash,
-                                  expected_hash_length ) == PSA_SUCCESS );
+                                  expected_hash->x,
+                                  (size_t) expected_hash->len ) ==
+                                  PSA_SUCCESS );
 
 exit:
-    mbedtls_free( input );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
 
 /* BEGIN_CASE */
-void mac_verify( int key_type_arg, char *key_hex,
-                 int alg_arg, char *iv_hex,
-                 char *input_hex, char *mac_hex )
+void mac_verify( int key_type_arg, data_t *key,
+                 int alg_arg, data_t *iv,
+                 data_t *input, data_t *expected_mac )
 {
     int key_slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
-    unsigned char *key = NULL;
-    size_t key_size;
-    unsigned char *iv = NULL;
-    size_t iv_size;
-    unsigned char *input = NULL;
-    size_t input_size;
-    unsigned char *expected_mac = NULL;
-    size_t expected_mac_size;
     psa_mac_operation_t operation;
     psa_key_policy_t policy;
 
-    key = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key != NULL );
-    if( iv_hex[0] != 0 )
-    {
-        iv = unhexify_alloc( iv_hex, &iv_size );
-        TEST_ASSERT( iv != NULL );
-    }
-    input = unhexify_alloc( input_hex, &input_size );
+    TEST_ASSERT( iv != NULL );
     TEST_ASSERT( input != NULL );
-    expected_mac = unhexify_alloc( mac_hex, &expected_mac_size );
     TEST_ASSERT( expected_mac != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( iv->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_mac->len ) );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -314,21 +299,18 @@ void mac_verify( int key_type_arg, char *key_hex,
     TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, key_size ) == PSA_SUCCESS );
+                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
     // TODO: support IV
     TEST_ASSERT( psa_mac_start( &operation, key_slot, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS );
     TEST_ASSERT( psa_mac_update( &operation,
-                                 input, input_size ) == PSA_SUCCESS );
+                                 input->x, (size_t) input->len ) ==
+                                 PSA_SUCCESS );
     TEST_ASSERT( psa_mac_verify( &operation,
-                                 expected_mac,
-                                 expected_mac_size ) == PSA_SUCCESS );
+                                 expected_mac->x,
+                                 (size_t) expected_mac->len ) == PSA_SUCCESS );
 
 exit:
-    mbedtls_free( key );
-    mbedtls_free( iv );
-    mbedtls_free( input );
-    mbedtls_free( expected_mac );
     psa_destroy_key( key_slot );
     mbedtls_psa_crypto_free( );
 }
@@ -337,52 +319,44 @@ exit:
 
 /* BEGIN_CASE */
 void cipher_encrypt( int alg_arg, int key_type_arg,
-                     char *key_hex,
-                     char *input_hex, char *output_hex,
+                     data_t *key,
+                     data_t *input, data_t *expected_output,
                      int expected_status )
 {
     int key_slot = 1;
     psa_status_t status;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
-    unsigned char *key = NULL;
-    size_t key_size;
     unsigned char iv[16] = {0};
-    unsigned char *input = NULL;
-    size_t input_size = 0;
-    unsigned char *output;
-    unsigned char *expected_output;
-    size_t expected_output_size;
+    unsigned char *output = NULL;
     size_t output_buffer_size = 0;
     size_t function_output_length = 0;
     size_t total_output_length = 0;
     psa_cipher_operation_t operation;
 
-
-    key = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key != NULL );
-
-    input = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input != NULL );
-
-    expected_output = unhexify_alloc( output_hex, &expected_output_size );
     TEST_ASSERT( expected_output != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
 
     memset( iv, 0x2a, sizeof( iv ) );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, key_size ) == PSA_SUCCESS );
+                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
-    output_buffer_size = input_size + operation.block_size;
+    output_buffer_size = (size_t) input->len + operation.block_size;
     output = mbedtls_calloc( 1, output_buffer_size );
+    TEST_ASSERT( output != NULL );
 
-    TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
+    TEST_ASSERT( psa_cipher_update( &operation, input->x, (size_t) input->len,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     total_output_length += function_output_length;
@@ -396,14 +370,13 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
     if( expected_status == PSA_SUCCESS )
     {
         TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
-        TEST_ASSERT( total_output_length == expected_output_size );
-        TEST_ASSERT( memcmp( expected_output, output,
-                             expected_output_size ) == 0 );
+        TEST_ASSERT( total_output_length == (size_t) expected_output->len );
+        TEST_ASSERT( memcmp( expected_output->x, output,
+                             (size_t) expected_output->len ) == 0 );
     }
 
 exit:
-    mbedtls_free( key );
-    mbedtls_free( input );
+    mbedtls_free( output );
     psa_destroy_key( key_slot );
     mbedtls_psa_crypto_free( );
 }
@@ -411,57 +384,51 @@ exit:
 
 /* BEGIN_CASE */
 void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
-                               char *key_hex,
-                               char *input_hex,
-                               int first_part_size, char *output_hex )
+                               data_t *key,
+                               data_t *input,
+                               int first_part_size,
+                               data_t *expected_output )
 {
     int key_slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
-    unsigned char *key = NULL;
-    size_t key_size;
     unsigned char iv[16] = {0};
-    unsigned char *input = NULL;
-    size_t input_size = 0;
-    unsigned char *output;
-    unsigned char *expected_output;
-    size_t expected_output_size;
+    unsigned char *output = NULL;
     size_t output_buffer_size = 0;
     size_t function_output_length = 0;
     size_t total_output_length = 0;
     psa_cipher_operation_t operation;
 
-    key = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key != NULL );
-
-    input = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input != NULL );
-
-    expected_output = unhexify_alloc( output_hex, &expected_output_size );
     TEST_ASSERT( expected_output != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
 
     memset( iv, 0x2a, sizeof( iv ) );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, key_size ) == PSA_SUCCESS );
+                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
-    output_buffer_size = input_size + operation.block_size;
+    output_buffer_size = (size_t) input->len + operation.block_size;
     output = mbedtls_calloc( 1, output_buffer_size );
+    TEST_ASSERT( output != NULL );
 
-    TEST_ASSERT( (unsigned int) first_part_size < input_size );
-    TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
+    TEST_ASSERT( (unsigned int) first_part_size < (size_t) input->len );
+    TEST_ASSERT( psa_cipher_update( &operation, input->x, first_part_size,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     total_output_length += function_output_length;
     TEST_ASSERT( psa_cipher_update( &operation,
-                                    input + first_part_size,
-                                    input_size - first_part_size,
+                                    input->x + first_part_size,
+                                    (size_t) input->len - first_part_size,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     total_output_length += function_output_length;
@@ -472,12 +439,12 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
     total_output_length += function_output_length;
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
-    TEST_ASSERT( total_output_length == expected_output_size );
-    TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 );
+    TEST_ASSERT( total_output_length == (size_t) expected_output->len );
+    TEST_ASSERT( memcmp( expected_output->x, output,
+                        (size_t) expected_output->len ) == 0 );
 
 exit:
-    mbedtls_free( key );
-    mbedtls_free( input );
+    mbedtls_free( output );
     psa_destroy_key( key_slot );
     mbedtls_psa_crypto_free( );
 }
@@ -485,59 +452,53 @@ exit:
 
 /* BEGIN_CASE */
 void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
-                               char *key_hex,
-                               char *input_hex,
-                               int first_part_size, char *output_hex )
+                               data_t *key,
+                               data_t *input,
+                               int first_part_size,
+                               data_t *expected_output )
 {
     int key_slot = 1;
 
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
-    unsigned char *key = NULL;
-    size_t key_size;
     unsigned char iv[16] = {0};
-    unsigned char *input = NULL;
-    size_t input_size = 0;
-    unsigned char *output;
-    unsigned char *expected_output;
-    size_t expected_output_size;
+    unsigned char *output = NULL;
     size_t output_buffer_size = 0;
     size_t function_output_length = 0;
     size_t total_output_length = 0;
     psa_cipher_operation_t operation;
 
-    key = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key != NULL );
-
-    input = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input != NULL );
-
-    expected_output = unhexify_alloc( output_hex, &expected_output_size );
     TEST_ASSERT( expected_output != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
 
     memset( iv, 0x2a, sizeof( iv ) );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, key_size ) == PSA_SUCCESS );
+                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
 
-    output_buffer_size = input_size + operation.block_size;
+    output_buffer_size = (size_t) input->len + operation.block_size;
     output = mbedtls_calloc( 1, output_buffer_size );
+    TEST_ASSERT( output != NULL );
 
-    TEST_ASSERT( (unsigned int) first_part_size < input_size );
-    TEST_ASSERT( psa_cipher_update( &operation, input, first_part_size,
+    TEST_ASSERT( (unsigned int) first_part_size < (size_t) input->len );
+    TEST_ASSERT( psa_cipher_update( &operation, input->x, first_part_size,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     total_output_length += function_output_length;
     TEST_ASSERT( psa_cipher_update( &operation,
-                                    input + first_part_size,
-                                    input_size - first_part_size,
+                                    input->x + first_part_size,
+                                    (size_t) input->len - first_part_size,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     total_output_length += function_output_length;
@@ -548,12 +509,12 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     total_output_length += function_output_length;
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
-    TEST_ASSERT( total_output_length == expected_output_size );
-    TEST_ASSERT( memcmp( expected_output, output, expected_output_size ) == 0 );
+    TEST_ASSERT( total_output_length == (size_t) expected_output->len );
+    TEST_ASSERT( memcmp( expected_output->x, output, 
+                        (size_t) expected_output->len ) == 0 );
 
 exit:
-    mbedtls_free( key );
-    mbedtls_free( input );
+    mbedtls_free( output );
     psa_destroy_key( key_slot );
     mbedtls_psa_crypto_free( );
 }
@@ -562,53 +523,45 @@ exit:
 
 /* BEGIN_CASE */
 void cipher_decrypt( int alg_arg, int key_type_arg,
-                     char *key_hex,
-                     char *input_hex, char *output_hex,
+                     data_t *key,
+                     data_t *input, data_t *expected_output,
                      int expected_status )
 {
     int key_slot = 1;
     psa_status_t status;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
-    unsigned char *key = NULL;
-    size_t key_size;
     unsigned char iv[16] = {0};
-    unsigned char *input = NULL;
-    size_t input_size = 0;
-    unsigned char *output;
-    unsigned char *expected_output;
-    size_t expected_output_size;
+    unsigned char *output = NULL;
     size_t output_buffer_size = 0;
     size_t function_output_length = 0;
     size_t total_output_length = 0;
     psa_cipher_operation_t operation;
 
-
-    key = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key != NULL );
-
-    input = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input != NULL );
-
-    expected_output = unhexify_alloc( output_hex, &expected_output_size );
     TEST_ASSERT( expected_output != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
 
     memset( iv, 0x2a, sizeof( iv ) );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, key_size ) == PSA_SUCCESS );
+                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
 
-    output_buffer_size = input_size + operation.block_size;
+    output_buffer_size = (size_t) input->len + operation.block_size;
     output = mbedtls_calloc( 1, output_buffer_size );
+    TEST_ASSERT( output != NULL );
 
-    TEST_ASSERT( psa_cipher_update( &operation, input, input_size,
+    TEST_ASSERT( psa_cipher_update( &operation, input->x, (size_t) input->len,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     total_output_length += function_output_length;
@@ -622,15 +575,14 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     if( expected_status == PSA_SUCCESS )
     {
         TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
-        TEST_ASSERT( total_output_length == expected_output_size );
-        TEST_ASSERT( memcmp( expected_output, output,
-                             expected_output_size ) == 0 );
+        TEST_ASSERT( total_output_length == (size_t) expected_output->len );
+        TEST_ASSERT( memcmp( expected_output->x, output,
+                             (size_t) expected_output->len ) == 0 );
     }
 
 
 exit:
-    mbedtls_free( key );
-    mbedtls_free( input );
+    mbedtls_free( output );
     psa_destroy_key( key_slot );
     mbedtls_psa_crypto_free( );
 }
@@ -639,39 +591,34 @@ exit:
 
 /* BEGIN_CASE */
 void cipher_verify_output( int alg_arg, int key_type_arg,
-                           char *key_hex,
-                           char *input_hex )
+                           data_t *key,
+                           data_t *input )
 {
     int key_slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
-    unsigned char *key = NULL;
-    size_t key_size;
     unsigned char iv[16] = {0};
     size_t iv_size = 16;
     size_t iv_length = 0;
-    unsigned char *input = NULL;
-    size_t input_size = 0;
-    unsigned char *output1;
+    unsigned char *output1 = NULL;
     size_t output1_size = 0;
     size_t output1_length = 0;
-    unsigned char *output2;
+    unsigned char *output2 = NULL;
     size_t output2_size = 0;
     size_t output2_length = 0;
     size_t function_output_length = 0;
     psa_cipher_operation_t operation1;
     psa_cipher_operation_t operation2;
 
-    key = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key != NULL );
-
-    input = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, key_size ) == PSA_SUCCESS );
+                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS );
@@ -679,11 +626,11 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
                                           iv, iv_size,
                                           &iv_length ) == PSA_SUCCESS );
-    output1_size = input_size + operation1.block_size;
+    output1_size = (size_t) input->len + operation1.block_size;
     output1 = mbedtls_calloc( 1, output1_size );
     TEST_ASSERT( output1 != NULL );
 
-    TEST_ASSERT( psa_cipher_update( &operation1, input, input_size,
+    TEST_ASSERT( psa_cipher_update( &operation1, input->x, (size_t) input->len,
                                     output1, output1_size,
                                     &output1_length ) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_finish( &operation1,
@@ -696,6 +643,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
 
     output2_size = output1_length;
     output2 = mbedtls_calloc( 1, output2_size );
+    TEST_ASSERT( output2 != NULL );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation2,
                                      iv, iv_length ) == PSA_SUCCESS );
@@ -712,12 +660,12 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 
-    TEST_ASSERT( input_size == output2_length );
-    TEST_ASSERT( memcmp( input, output2, input_size ) == 0 );
+    TEST_ASSERT( (size_t) input->len == output2_length );
+    TEST_ASSERT( memcmp( input->x, output2, (size_t) input->len ) == 0 );
 
 exit:
-    mbedtls_free( key );
-    mbedtls_free( input );
+    mbedtls_free( output1 );
+    mbedtls_free( output2 );
     psa_destroy_key( key_slot );
     mbedtls_psa_crypto_free( );
 }
@@ -726,40 +674,35 @@ exit:
 /* BEGIN_CASE */
 void cipher_verify_output_multipart( int alg_arg,
                                      int key_type_arg,
-                                     char *key_hex,
-                                     char *input_hex,
+                                     data_t *key,
+                                     data_t *input,
                                      int first_part_size )
 {
     int key_slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
-    unsigned char *key = NULL;
-    size_t key_size;
     unsigned char iv[16] = {0};
     size_t iv_size = 16;
     size_t iv_length = 0;
-    unsigned char *input = NULL;
-    size_t input_size = 0;
-    unsigned char *output1;
+    unsigned char *output1 = NULL;
     size_t output1_buffer_size = 0;
     size_t output1_length = 0;
-    unsigned char *output2;
+    unsigned char *output2 = NULL;
     size_t output2_buffer_size = 0;
     size_t output2_length = 0;
     size_t function_output_length;
     psa_cipher_operation_t operation1;
     psa_cipher_operation_t operation2;
 
-    key = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key != NULL );
-
-    input = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, key_size ) == PSA_SUCCESS );
+                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS );
@@ -767,19 +710,20 @@ void cipher_verify_output_multipart( int alg_arg,
     TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
                                           iv, iv_size,
                                           &iv_length ) == PSA_SUCCESS );
-    output1_buffer_size = input_size + operation1.block_size;
+    output1_buffer_size = (size_t) input->len + operation1.block_size;
     output1 = mbedtls_calloc( 1, output1_buffer_size );
+    TEST_ASSERT( output1 != NULL );
 
-    TEST_ASSERT( (unsigned int) first_part_size < input_size );
+    TEST_ASSERT( (unsigned int) first_part_size < (size_t) input->len );
 
-    TEST_ASSERT( psa_cipher_update( &operation1, input, first_part_size,
+    TEST_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size,
                                     output1, output1_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     output1_length += function_output_length;
 
     TEST_ASSERT( psa_cipher_update( &operation1,
-                                    input + first_part_size,
-                                    input_size - first_part_size,
+                                    input->x + first_part_size,
+                                    (size_t) input->len - first_part_size,
                                     output1, output1_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     output1_length += function_output_length;
@@ -794,6 +738,7 @@ void cipher_verify_output_multipart( int alg_arg,
 
     output2_buffer_size = output1_length;
     output2 = mbedtls_calloc( 1, output2_buffer_size );
+    TEST_ASSERT( output2 != NULL );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation2,
                                      iv, iv_length ) == PSA_SUCCESS );
@@ -818,54 +763,46 @@ void cipher_verify_output_multipart( int alg_arg,
 
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 
-    TEST_ASSERT( input_size == output2_length );
-    TEST_ASSERT( memcmp( input, output2, input_size ) == 0 );
+    TEST_ASSERT( (size_t) input->len == output2_length );
+    TEST_ASSERT( memcmp( input->x, output2, (size_t) input->len ) == 0 );
 
 exit:
-    mbedtls_free( key );
-    mbedtls_free( input );
+    mbedtls_free( output1 );
+    mbedtls_free( output2 );
     psa_destroy_key( key_slot );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
 
 /* BEGIN_CASE */
-void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
-                int alg_arg, char * input_hex, char * nonce_hex,
-                char * add_data, int expected_result_arg )
+void aead_encrypt_decrypt( int key_type_arg, data_t * key_data,
+                int alg_arg, data_t * input_data, data_t * nonce,
+                data_t * additional_data, int expected_result_arg )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
-    unsigned char *key_data = NULL;
-    size_t key_size;
-    unsigned char *input_data = NULL;
-    size_t input_size;
     unsigned char *output_data = NULL;
     size_t output_size = 0;
     size_t output_length = 0;
     unsigned char *output_data2 = NULL;
     size_t output_length2 = 0;
-    uint8_t* nonce;
-    size_t nonce_length = 16;
     size_t tag_length = 16;
-    unsigned char *additional_data = NULL;
-    size_t additional_data_length = 0;
     psa_status_t expected_result = (psa_status_t) expected_result_arg;
     psa_key_policy_t policy = {0};
 
-
-    key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
-    input_data = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input_data != NULL );
-    additional_data = unhexify_alloc( add_data, &additional_data_length );
-    TEST_ASSERT( input_data != NULL );
-    output_size = input_size + tag_length;
+    TEST_ASSERT( nonce != NULL );
+    TEST_ASSERT( additional_data != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) );
+
+    output_size = (size_t) input_data->len + tag_length;
     output_data = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output_data != NULL );
-    nonce = unhexify_alloc( nonce_hex, &nonce_length );
-    TEST_ASSERT( nonce != NULL );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -876,13 +813,16 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data, key_size ) == PSA_SUCCESS );
+                                 key_data->x, (size_t) key_data->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_aead_encrypt( slot, alg,
-                               nonce, nonce_length,
-                               additional_data, additional_data_length,
-                               input_data, input_size, output_data,
-                               output_size, &output_length ) == expected_result );
+                               nonce->x, (size_t) nonce->len,
+                               additional_data->x,
+                               (size_t) additional_data->len,
+                               input_data->x, (size_t) input_data->len,
+                               output_data,
+                               output_size, &output_length ) ==
+                               expected_result );
 
     if( PSA_SUCCESS == expected_result )
     {
@@ -890,22 +830,21 @@ void aead_encrypt_decrypt( int key_type_arg, char * key_hex,
         TEST_ASSERT( output_data2 != NULL );
 
         TEST_ASSERT( psa_aead_decrypt( slot, alg,
-                                nonce, nonce_length,
-                                additional_data, additional_data_length,
+                                nonce->x, (size_t) nonce->len,
+                                additional_data->x,
+                                (size_t) additional_data->len,
                                 output_data, output_length, output_data2,
-                                output_length, &output_length2 ) == expected_result );
+                                output_length, &output_length2 ) ==
+                                expected_result );
         
 
-        TEST_ASSERT( memcmp( input_data, output_data2,
-                                input_size ) == 0 );
+        TEST_ASSERT( memcmp( input_data->x, output_data2,
+                                (size_t) input_data->len ) == 0 );
     }
     
 
 exit:
     psa_destroy_key( slot );
-    mbedtls_free( key_data );
-    mbedtls_free( input_data );
-    mbedtls_free( additional_data );
     mbedtls_free( output_data );
     mbedtls_free( output_data2 );
     mbedtls_psa_crypto_free( );
@@ -913,44 +852,34 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void aead_encrypt( int key_type_arg, char * key_hex,
-                int alg_arg, char * input_hex,
-                char * add_data, char * nonce_hex,
-                char * expected_result_hex )
+void aead_encrypt( int key_type_arg, data_t * key_data,
+                int alg_arg, data_t * input_data,
+                data_t * additional_data, data_t * nonce,
+                data_t * expected_result )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
-    unsigned char *key_data = NULL;
-    size_t key_size;
-    unsigned char *input_data = NULL;
-    size_t input_size;
     unsigned char *output_data = NULL;
     size_t output_size = 0;
     size_t output_length = 0;
-    unsigned char *expected_result = NULL;
-    size_t expected_result_length = 0;
-    uint8_t* nonce = NULL;
-    size_t nonce_length = 0;
     size_t tag_length = 16;
-    unsigned char *additional_data = NULL;
-    size_t additional_data_length = 0;
     psa_key_policy_t policy = {0};
 
-
-    key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
-    input_data = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input_data != NULL );
-    additional_data = unhexify_alloc( add_data, &additional_data_length );
-    TEST_ASSERT( input_data != NULL );
-    output_size = input_size + tag_length;
+    TEST_ASSERT( additional_data != NULL );
+    TEST_ASSERT( nonce != NULL );
+    TEST_ASSERT( expected_result != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_result->len ) );
+
+    output_size = (size_t) input_data->len + tag_length;
     output_data = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output_data != NULL );
-    nonce = unhexify_alloc( nonce_hex, &nonce_length );
-    TEST_ASSERT( nonce != NULL );
-    expected_result = unhexify_alloc( expected_result_hex, &expected_result_length );
-    TEST_ASSERT( expected_result != NULL );
     
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -961,71 +890,60 @@ void aead_encrypt( int key_type_arg, char * key_hex,
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data, key_size ) == PSA_SUCCESS );
+                                 key_data->x, (size_t) key_data->len ) ==
+                                 PSA_SUCCESS );
 
     TEST_ASSERT( psa_aead_encrypt( slot, alg,
-                               nonce, nonce_length,
-                               additional_data, additional_data_length,
-                               input_data, input_size, output_data,
+                               nonce->x, (size_t) nonce->len,
+                               additional_data->x,
+                               (size_t) additional_data->len,
+                               input_data->x, (size_t) input_data->len,
+                               output_data,
                                output_size, &output_length ) == PSA_SUCCESS );
 
 
-    TEST_ASSERT( memcmp( output_data, expected_result,
+    TEST_ASSERT( memcmp( output_data, expected_result->x,
                                 output_length ) == 0 );
     
 
 exit:
     psa_destroy_key( slot );
-    mbedtls_free( key_data );
-    mbedtls_free( input_data );
-    mbedtls_free( additional_data );
     mbedtls_free( output_data );
-    mbedtls_free( nonce );
-    mbedtls_free( expected_result );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
 
 /* BEGIN_CASE */
-void aead_decrypt( int key_type_arg, char * key_hex,
-                int alg_arg, char * input_hex,
-                char * add_data, char * nonce_hex,
-                char * expected_result_hex, int expected_result_arg )
+void aead_decrypt( int key_type_arg, data_t * key_data,
+                int alg_arg, data_t * input_data,
+                data_t * additional_data, data_t * nonce,
+                data_t * expected_data, int expected_result_arg )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
-    unsigned char *key_data = NULL;
-    size_t key_size;
-    unsigned char *input_data = NULL;
-    size_t input_size;
     unsigned char *output_data = NULL;
     size_t output_size = 0;
     size_t output_length = 0;
-    unsigned char *expected_data = NULL;
-    size_t expected_result_length = 0;
-    uint8_t* nonce = NULL;
-    size_t nonce_length = 0;
     size_t tag_length = 16;
-    unsigned char *additional_data = NULL;
-    size_t additional_data_length = 0;
     psa_key_policy_t policy = {0};
     psa_status_t expected_result = (psa_status_t) expected_result_arg;
 
 
-    key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
-    input_data = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input_data != NULL );
-    additional_data = unhexify_alloc( add_data, &additional_data_length );
-    TEST_ASSERT( input_data != NULL );
-    output_size = input_size + tag_length;
+    TEST_ASSERT( additional_data != NULL );
+    TEST_ASSERT( nonce != NULL );
+    TEST_ASSERT( expected_data != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) );
+
+    output_size = (size_t) input_data->len + tag_length;
     output_data = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output_data != NULL );
-    nonce = unhexify_alloc( nonce_hex, &nonce_length );
-    TEST_ASSERT( nonce != NULL );
-    expected_data = unhexify_alloc( expected_result_hex, &expected_result_length );
-    TEST_ASSERT( expected_data != NULL );
     
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -1036,18 +954,21 @@ void aead_decrypt( int key_type_arg, char * key_hex,
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data, key_size ) == PSA_SUCCESS );
+                                 key_data->x, (size_t) key_data->len ) ==
+                                 PSA_SUCCESS );
 
     TEST_ASSERT( psa_aead_decrypt( slot, alg,
-                               nonce, nonce_length,
-                               additional_data, additional_data_length,
-                               input_data, input_size, output_data,
-                               output_size, &output_length ) == expected_result );
+                               nonce->x, (size_t) nonce->len,
+                               additional_data->x, (size_t) additional_data->len,
+                               input_data->x, (size_t) input_data->len,
+                               output_data,
+                               output_size, &output_length ) ==
+                               expected_result );
 
 
     if ( expected_result == PSA_SUCCESS )
     {
-        TEST_ASSERT( memcmp( output_data, expected_data,
+        TEST_ASSERT( memcmp( output_data, expected_data->x,
                                     output_length ) == 0 );
     }
 
@@ -1055,12 +976,7 @@ void aead_decrypt( int key_type_arg, char * key_hex,
 
 exit:
     psa_destroy_key( slot );
-    mbedtls_free( key_data );
-    mbedtls_free( input_data );
-    mbedtls_free( additional_data );
     mbedtls_free( output_data );
-    mbedtls_free( nonce );
-    mbedtls_free( expected_data );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -1078,30 +994,25 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void sign_deterministic( int key_type_arg, char *key_hex,
-                         int alg_arg, char *input_hex, char *output_hex )
+void sign_deterministic( int key_type_arg, data_t *key_data,
+                         int alg_arg, data_t *input_data,
+                         data_t *output_data )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
-    unsigned char *key_data = NULL;
-    size_t key_size;
     size_t key_bits;
-    unsigned char *input_data = NULL;
-    size_t input_size;
-    unsigned char *output_data = NULL;
-    size_t output_size;
     unsigned char *signature = NULL;
     size_t signature_size;
     size_t signature_length = 0xdeadbeef;
     psa_key_policy_t policy = {0};
 
-    key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
-    input_data = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input_data != NULL );
-    output_data = unhexify_alloc( output_hex, &output_size );
     TEST_ASSERT( output_data != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( output_data->len ) );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -1112,7 +1023,7 @@ void sign_deterministic( int key_type_arg, char *key_hex,
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data, key_size ) == PSA_SUCCESS );
+                                 key_data->x, (size_t) key_data->len ) == PSA_SUCCESS );
     TEST_ASSERT( psa_get_key_information( slot,
                                           NULL,
                                           &key_bits ) == PSA_SUCCESS );
@@ -1123,45 +1034,40 @@ void sign_deterministic( int key_type_arg, char *key_hex,
     TEST_ASSERT( signature != NULL );
 
     TEST_ASSERT( psa_asymmetric_sign( slot, alg,
-                                      input_data, input_size,
+                                      input_data->x, (size_t) input_data->len,
                                       NULL, 0,
                                       signature, signature_size,
                                       &signature_length ) == PSA_SUCCESS );
-    TEST_ASSERT( signature_length == output_size );
-    TEST_ASSERT( memcmp( signature, output_data, output_size ) == 0 );
+    TEST_ASSERT( signature_length == (size_t) output_data->len );
+    TEST_ASSERT( memcmp( signature, output_data->x, (size_t) output_data->len )
+                        == 0 );
 
 exit:
     psa_destroy_key( slot );
-    mbedtls_free( key_data );
-    mbedtls_free( input_data );
-    mbedtls_free( output_data );
     mbedtls_free( signature );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
 
 /* BEGIN_CASE */
-void sign_fail( int key_type_arg, char *key_hex,
-                int alg_arg, char *input_hex,
+void sign_fail( int key_type_arg, data_t *key_data,
+                int alg_arg, data_t *input_data,
                 int signature_size, int expected_status_arg )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
-    unsigned char *key_data = NULL;
-    size_t key_size;
-    unsigned char *input_data = NULL;
-    size_t input_size;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
     unsigned char *signature = NULL;
     size_t signature_length = 0xdeadbeef;
     psa_key_policy_t policy = {0};
 
-    key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
-    input_data = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input_data != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
+
     signature = mbedtls_calloc( 1, signature_size );
     TEST_ASSERT( signature != NULL );
 
@@ -1174,10 +1080,12 @@ void sign_fail( int key_type_arg, char *key_hex,
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data, key_size ) == PSA_SUCCESS );
+                                 key_data->x, (size_t) key_data->len ) ==
+                                 PSA_SUCCESS );
 
     actual_status = psa_asymmetric_sign( slot, alg,
-                                         input_data, input_size,
+                                         input_data->x,
+                                         (size_t) input_data->len,
                                          NULL, 0,
                                          signature, signature_size,
                                          &signature_length );
@@ -1186,8 +1094,6 @@ void sign_fail( int key_type_arg, char *key_hex,
 
 exit:
     psa_destroy_key( slot );
-    mbedtls_free( key_data );
-    mbedtls_free( input_data );
     mbedtls_free( signature );
     mbedtls_psa_crypto_free( );
 }
@@ -1232,11 +1138,10 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key_hex )
+void key_policy_fail( int usage_arg, int alg_arg, int expected_status,
+                      data_t *keypair )
 {
     int key_slot = 1;
-    unsigned char* keypair = NULL;
-    size_t key_size = 0;
     size_t signature_length = 0;
     psa_key_policy_t policy = {0};
     int actual_status = PSA_SUCCESS;
@@ -1251,21 +1156,23 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key
 
     if( usage_arg & PSA_KEY_USAGE_EXPORT )
     {
-        keypair = unhexify_alloc( key_hex, &key_size );
         TEST_ASSERT( keypair != NULL );
+        TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
         TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
-                                keypair, key_size ) == PSA_SUCCESS );
-        actual_status = psa_asymmetric_sign( key_slot,
-                        ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0,
+                                keypair->x, (size_t) keypair->len ) ==
+                                PSA_SUCCESS );
+        actual_status = psa_asymmetric_sign( key_slot, 
+                        ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0, 
                         NULL, 0, &signature_length );
     }
 
     if( usage_arg & PSA_KEY_USAGE_SIGN )
     {
-        keypair = unhexify_alloc( key_hex, &key_size );
         TEST_ASSERT( keypair != NULL );
+        TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
         TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
-                                keypair, key_size ) == PSA_SUCCESS );
+                                keypair->x, (size_t) keypair->len ) ==
+                                PSA_SUCCESS );
         actual_status = psa_export_key( key_slot, NULL, 0, NULL );
     }
 
@@ -1273,7 +1180,6 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status, char *key
 
 exit:
     psa_destroy_key( key_slot );
-    mbedtls_free( keypair );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -1333,26 +1239,21 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void asymmetric_verify( int key_type_arg, char *key_hex,
-                         int alg_arg, char *hash_hex, char *signature_hex )
+void asymmetric_verify( int key_type_arg, data_t *key_data,
+                        int alg_arg, data_t *hash_data,
+                        data_t *signature_data )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
-    unsigned char *key_data = NULL;
-    size_t key_size;
-    unsigned char *hash_data = NULL;
-    size_t hash_size;
-    unsigned char *signature_data = NULL;
-    size_t signature_size;
     psa_key_policy_t policy = {0};
 
-    key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
-    hash_data = unhexify_alloc( hash_hex, &hash_size );
     TEST_ASSERT( hash_data != NULL );
-    signature_data = unhexify_alloc( signature_hex, &signature_size );
     TEST_ASSERT( signature_data != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( hash_data->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( signature_data->len ) );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -1363,47 +1264,41 @@ void asymmetric_verify( int key_type_arg, char *key_hex,
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data, key_size ) == PSA_SUCCESS );
+                                 key_data->x, (size_t) key_data->len ) ==
+                                 PSA_SUCCESS );
 
     TEST_ASSERT( psa_asymmetric_verify( slot, alg,
-                                        hash_data, hash_size,
+                                        hash_data->x, (size_t) hash_data->len,
                                         NULL, 0,
-                                        signature_data, signature_size ) ==
+                                        signature_data->x,
+                                        (size_t) signature_data->len ) ==
                                         PSA_SUCCESS );
 exit:
     psa_destroy_key( slot );
-    mbedtls_free( key_data );
-    mbedtls_free( hash_data );
-    mbedtls_free( signature_data );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
 
 /* BEGIN_CASE */
-void asymmetric_verify_fail( int key_type_arg, char *key_hex,
-                         int alg_arg, char *hash_hex, char *signature_hex,
-                          int expected_status_arg )
+void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
+                             int alg_arg, data_t *hash_data,
+                             data_t *signature_data,
+                             int expected_status_arg )
 {
 
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
-    unsigned char *key_data = NULL;
-    size_t key_size;
-    unsigned char *hash_data = NULL;
-    size_t hash_size;
-    unsigned char *signature_data = NULL;
-    size_t signature_size;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
     psa_key_policy_t policy = {0};
 
-    key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
-    hash_data = unhexify_alloc( hash_hex, &hash_size );
     TEST_ASSERT( hash_data != NULL );
-    signature_data = unhexify_alloc( signature_hex, &signature_size );
     TEST_ASSERT( signature_data != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( hash_data->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( signature_data->len ) );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -1414,37 +1309,32 @@ void asymmetric_verify_fail( int key_type_arg, char *key_hex,
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data, key_size ) == PSA_SUCCESS );
+                                 key_data->x, (size_t) key_data->len ) ==
+                                 PSA_SUCCESS );
 
     actual_status = psa_asymmetric_verify( slot, alg,
-                                        hash_data, hash_size,
+                                        hash_data->x, (size_t) hash_data->len,
                                         NULL, 0,
-                                        signature_data, signature_size );
+                                        signature_data->x,
+                                        (size_t) signature_data->len );
 
 
     TEST_ASSERT( actual_status == expected_status );
 
 exit:
     psa_destroy_key( slot );
-    mbedtls_free( key_data );
-    mbedtls_free( hash_data );
-    mbedtls_free( signature_data );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
 
 
 /* BEGIN_CASE */
-void asymmetric_encrypt_decrypt( int key_type_arg, char *key_hex,
-                                 int alg_arg, char *input_hex )
+void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data,
+                                 int alg_arg, data_t *input_data )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
-    unsigned char *key_data = NULL;
-    size_t key_size;
-    unsigned char *input_data = NULL;
-    size_t input_size;
     unsigned char *output = NULL;
     size_t output_size = 0;
     size_t output_length = 0;
@@ -1453,12 +1343,13 @@ void asymmetric_encrypt_decrypt( int key_type_arg, char *key_hex,
     size_t output2_length = 0;
     psa_key_policy_t policy = {0};
 
-    key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
-    output_size = key_size;
-    output2_size = key_size;
-    input_data = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input_data != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
+
+    output_size = (size_t) key_data->len;
+    output2_size = output_size;
     output = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output != NULL );
     output2 = mbedtls_calloc( 1, output2_size );
@@ -1471,14 +1362,15 @@ void asymmetric_encrypt_decrypt( int key_type_arg, char *key_hex,
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data, key_size ) == PSA_SUCCESS );
+                                 key_data->x, (size_t) key_data->len ) ==
+                                 PSA_SUCCESS );
 
     /* We test encryption by checking that encrypt-then-decrypt gives back
      * the original plaintext because of the non-optional random
      * part of encryption process which prevents using fixed vectors. */
     TEST_ASSERT( psa_asymmetric_encrypt(slot, alg,
-                                    input_data,
-                                    input_size,
+                                    input_data->x,
+                                    (size_t) input_data->len,
                                     NULL, 0,
                                     output,
                                     output_size,
@@ -1491,14 +1383,13 @@ void asymmetric_encrypt_decrypt( int key_type_arg, char *key_hex,
                                     output2,
                                     output2_size,
                                     &output2_length) == PSA_SUCCESS );
-    TEST_ASSERT( memcmp( input_data, output2, input_size ) == 0 );
+    TEST_ASSERT( memcmp( input_data->x, output2, (size_t) input_data->len )
+                         == 0 );
 
 exit:
     psa_destroy_key( slot );
-    mbedtls_free( key_data );
-    mbedtls_free( input_data );
-    mbedtls_free( output);
-    mbedtls_free( output2);
+    mbedtls_free( output );
+    mbedtls_free( output2 );
     mbedtls_psa_crypto_free( );
 
 }
@@ -1506,8 +1397,8 @@ exit:
 
 
 /* BEGIN_CASE */
-void asymmetric_encrypt_fail( int key_type_arg, char *key_hex,
-                            int alg_arg, char *input_hex,
+void asymmetric_encrypt_fail( int key_type_arg, data_t *key_data,
+                            int alg_arg, data_t *input_data,
                             int expected_status_arg )
 {
 
@@ -1515,10 +1406,6 @@ void asymmetric_encrypt_fail( int key_type_arg, char *key_hex,
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
-    unsigned char *key_data = NULL;
-    size_t key_size;
-    unsigned char *input_data = NULL;
-    size_t input_size;
     unsigned char *output = NULL;
     size_t output_size = 0;
     size_t output_length = 0;
@@ -1526,11 +1413,12 @@ void asymmetric_encrypt_fail( int key_type_arg, char *key_hex,
     psa_status_t expected_status = expected_status_arg;
     psa_key_policy_t policy = {0};
 
-    key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
-    output_size = key_size;
-    input_data = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input_data != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
+
+    output_size = (size_t) key_data->len;
     output = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output != NULL );
 
@@ -1541,11 +1429,12 @@ void asymmetric_encrypt_fail( int key_type_arg, char *key_hex,
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data, key_size ) == PSA_SUCCESS );
+                                 key_data->x, (size_t) key_data->len ) ==
+                                 PSA_SUCCESS );
 
     actual_status = psa_asymmetric_encrypt(slot, alg,
-                                    input_data,
-                                    input_size,
+                                    input_data->x,
+                                    (size_t) input_data->len,
                                     NULL, 0,
                                     output,
                                     output_size,
@@ -1554,40 +1443,33 @@ void asymmetric_encrypt_fail( int key_type_arg, char *key_hex,
 
 exit:
     psa_destroy_key( slot );
-    mbedtls_free( key_data );
-    mbedtls_free( input_data );
-    mbedtls_free( output);
+    mbedtls_free( output );
     mbedtls_psa_crypto_free( );
 
 }
 /* END_CASE */
 
 /* BEGIN_CASE */
-void asymmetric_decrypt( int key_type_arg, char *key_hex,
-                         int alg_arg, char *input_hex,
-                         char *expected_hex, int expected_size )
+void asymmetric_decrypt( int key_type_arg, data_t *key_data,
+                         int alg_arg, data_t *input_data,
+                         data_t *expected_data, int expected_size )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
-    unsigned char *key_data = NULL;
-    size_t key_size;
-    unsigned char *input_data = NULL;
-    size_t input_size;
-    unsigned char *expected_data = NULL;
-    size_t expected_data_size;
     unsigned char *output = NULL;
     size_t output_size = 0;
     size_t output_length = 0;
     psa_key_policy_t policy = {0};
 
-    key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
-    output_size = key_size;
-    input_data = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input_data != NULL );
-    expected_data = unhexify_alloc( expected_hex, &expected_data_size );
     TEST_ASSERT( expected_data != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) );
+
+    output_size = (size_t) key_data->len;
     output = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output != NULL );
 
@@ -1598,24 +1480,22 @@ void asymmetric_decrypt( int key_type_arg, char *key_hex,
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data, key_size ) == PSA_SUCCESS );
+                                 key_data->x, (size_t) key_data->len ) ==
+                                 PSA_SUCCESS );
 
     TEST_ASSERT( psa_asymmetric_decrypt( slot, alg,
-                                    input_data,
-                                    input_size,
+                                    input_data->x,
+                                    (size_t) input_data->len,
                                     NULL, 0,
                                     output,
                                     output_size,
                                     &output_length) == PSA_SUCCESS );
     TEST_ASSERT( ((size_t)expected_size) == output_length );
-    TEST_ASSERT( memcmp( expected_data, output, (output_length) ) == 0 );
+    TEST_ASSERT( memcmp( expected_data->x, output, (output_length) ) == 0 );
 
 exit:
     psa_destroy_key( slot );
-    mbedtls_free( key_data );
-    mbedtls_free( input_data );
-    mbedtls_free( expected_data );
-    mbedtls_free( output);
+    mbedtls_free( output );
     mbedtls_psa_crypto_free( );
 
 
@@ -1624,18 +1504,14 @@ exit:
 
 
 /* BEGIN_CASE */
-void asymmetric_decrypt_fail( int key_type_arg, char *key_hex,
-                            int alg_arg, char *input_hex,
+void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data,
+                            int alg_arg, data_t *input_data,
                             int expected_status_arg  )
 {
 
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
-    unsigned char *key_data = NULL;
-    size_t key_size;
-    unsigned char *input_data = NULL;
-    size_t input_size;
     unsigned char *output = NULL;
     size_t output_size = 0;
     size_t output_length = 0;
@@ -1643,11 +1519,12 @@ void asymmetric_decrypt_fail( int key_type_arg, char *key_hex,
     psa_status_t expected_status = expected_status_arg;
     psa_key_policy_t policy = {0};
 
-    key_data = unhexify_alloc( key_hex, &key_size );
     TEST_ASSERT( key_data != NULL );
-    output_size = key_size;
-    input_data = unhexify_alloc( input_hex, &input_size );
     TEST_ASSERT( input_data != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
+
+    output_size = (size_t) key_data->len;
     output = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output != NULL );
 
@@ -1658,11 +1535,12 @@ void asymmetric_decrypt_fail( int key_type_arg, char *key_hex,
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data, key_size ) == PSA_SUCCESS );
+                                 key_data->x, (size_t) key_data->len ) ==
+                                 PSA_SUCCESS );
 
     actual_status = psa_asymmetric_decrypt(slot, alg,
-                                    input_data,
-                                    input_size,
+                                    input_data->x,
+                                    (size_t) input_data->len,
                                     NULL, 0,
                                     output,
                                     output_size,
@@ -1671,8 +1549,6 @@ void asymmetric_decrypt_fail( int key_type_arg, char *key_hex,
 
 exit:
     psa_destroy_key( slot );
-    mbedtls_free( key_data );
-    mbedtls_free( input_data );
     mbedtls_free( output);
     mbedtls_psa_crypto_free( );
 }

From dcd636a73f2b61b8ab6681049f6731eee3439249 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Mon, 4 Jun 2018 16:03:32 +0300
Subject: [PATCH 232/889] Commit changes to hmac to not use MD abstraction

this PR is part of efforts to use "lower level" mbedTLS APIs vs "higher level" abstract APIs.
---
 include/psa/crypto_struct.h |  12 ++-
 library/psa_crypto.c        | 155 +++++++++++++++++++++++++++++++-----
 2 files changed, 144 insertions(+), 23 deletions(-)

diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 74e1146b2..8e332b534 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -75,6 +75,16 @@ struct psa_hash_operation_s
     } ctx;
 };
 
+
+typedef struct {
+        unsigned int block_size;
+        /** The hash context. */
+        struct psa_hash_operation_s hash_ctx;
+        /** The HMAC part of the context. */
+        void *hmac_ctx;
+} psa_hmac_internal_data;
+
+
 struct psa_mac_operation_s
 {
     psa_algorithm_t alg;
@@ -89,7 +99,7 @@ struct psa_mac_operation_s
     {
         unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
 #if defined(MBEDTLS_MD_C)
-        mbedtls_md_context_t hmac;
+        psa_hmac_internal_data hmac;
 #endif
 #if defined(MBEDTLS_CMAC_C)
         mbedtls_cipher_context_t cmac;
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 18cd44ce3..5c9a8288e 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -996,7 +996,16 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
         default:
 #if defined(MBEDTLS_MD_C)
             if( PSA_ALG_IS_HMAC( operation->alg ) )
-                mbedtls_md_free( &operation->ctx.hmac );
+            {
+                psa_hash_abort( &operation->ctx.hmac.hash_ctx );
+                if ( operation->ctx.hmac.hmac_ctx != NULL )
+                {
+                    mbedtls_zeroize( operation->ctx.hmac.hmac_ctx, 
+                        sizeof(  operation->ctx.hmac.block_size * 2 ) );
+                    mbedtls_free( operation->ctx.hmac.hmac_ctx );
+                    operation->ctx.hmac.block_size = 0;
+                }
+            }
             else
 #endif /* MBEDTLS_MD_C */
                 return( PSA_ERROR_NOT_SUPPORTED );
@@ -1015,11 +1024,13 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
                             psa_key_slot_t key,
                             psa_algorithm_t alg )
 {
-    int ret = MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE;
+    int ret = 0;
     psa_status_t status;
     key_slot_t *slot;
     psa_key_type_t key_type;
     size_t key_bits;
+    size_t keylen;
+    uint8_t* key_ptr = NULL;
     const mbedtls_cipher_info_t *cipher_info = NULL;
 
     operation->alg = 0;
@@ -1027,11 +1038,19 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
     operation->iv_set = 0;
     operation->iv_required = 1;
     operation->has_input = 0;
+    operation->key_usage_sign = 0;
+    operation->key_usage_verify = 0;
 
     status = psa_get_key_information( key, &key_type, &key_bits );
     if( status != PSA_SUCCESS )
         return( status );
+
     slot = &global_data.key_slots[key];
+    if (slot->type == PSA_KEY_TYPE_NONE)
+        return(PSA_ERROR_EMPTY_SLOT);
+
+    key_ptr = slot->data.raw.data;
+    keylen = slot->data.raw.bytes;
 
     if( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 )
         operation->key_usage_sign = 1;
@@ -1064,28 +1083,78 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
 #if defined(MBEDTLS_MD_C)
             if( PSA_ALG_IS_HMAC( alg ) )
             {
+                unsigned char sum[MBEDTLS_MD_MAX_SIZE];
+                unsigned char *ipad, *opad;
+                size_t i;
+                size_t sum_size = MBEDTLS_MD_MAX_SIZE;
                 const mbedtls_md_info_t *md_info =
                     mbedtls_md_info_from_psa( PSA_ALG_HMAC_HASH( alg ) );
+
                 if( md_info == NULL )
                     return( PSA_ERROR_NOT_SUPPORTED );
                 if( key_type != PSA_KEY_TYPE_HMAC )
                     return( PSA_ERROR_INVALID_ARGUMENT );
+
                 operation->iv_required = 0;
-                operation->mac_size = mbedtls_md_get_size( md_info );
-                mbedtls_md_init( &operation->ctx.hmac );
-                ret = mbedtls_md_setup( &operation->ctx.hmac, md_info, 1 );
-                if( ret != 0 )
-                    break;
-                ret = mbedtls_md_hmac_starts( &operation->ctx.hmac,
-                                              slot->data.raw.data,
-                                              slot->data.raw.bytes );
+                operation->mac_size = md_info->size;
+                operation->ctx.hmac.block_size = md_info->block_size;
+                operation->ctx.hmac.hmac_ctx = mbedtls_calloc( 2,
+                                                         md_info->block_size );
+                if( operation->ctx.hmac.hmac_ctx == NULL )
+                {
+                    ret = MBEDTLS_ERR_MD_ALLOC_FAILED;
+                    goto cleanup;
+                }
+
+                status = psa_hash_start( &operation->ctx.hmac.hash_ctx,
+                                        PSA_ALG_HMAC_HASH( alg ) );
+                if( status != PSA_SUCCESS )
+                    goto cleanup;
+
+                if( key_bits / 8  > (size_t) operation->ctx.hmac.block_size )
+                {
+                    status = psa_hash_update(&operation->ctx.hmac.hash_ctx,
+                                              key_ptr, slot->data.raw.bytes);
+                    if( status != PSA_SUCCESS )
+                        goto cleanup;
+                    status = psa_hash_finish(&operation->ctx.hmac.hash_ctx, sum,
+                                             sum_size, &sum_size);
+                    if ( status != PSA_SUCCESS )
+                        goto cleanup;
+
+                    keylen = sum_size;
+                    key_ptr = sum;
+                }
+
+                ipad = ( unsigned char * ) operation->ctx.hmac.hmac_ctx;
+                opad = ( unsigned char * ) operation->ctx.hmac.hmac_ctx +
+                                           operation->ctx.hmac.block_size;
+
+                memset( ipad, 0x36, operation->ctx.hmac.block_size );
+                memset( opad, 0x5C, operation->ctx.hmac.block_size );
+
+                for( i = 0; i < keylen; i++ )
+                {
+                    ipad[i] = ( unsigned char )( ipad[i] ^ key_ptr[i] );
+                    opad[i] = ( unsigned char )( opad[i] ^ key_ptr[i] );
+                }
+
+                status = psa_hash_start( &operation->ctx.hmac.hash_ctx,
+                                         PSA_ALG_HMAC_HASH( alg ) );
+                if( status != PSA_SUCCESS )
+                    goto cleanup;
+
+                status = psa_hash_update( &operation->ctx.hmac.hash_ctx, ipad,
+                     operation->ctx.hmac.block_size );
+                if( status != PSA_SUCCESS )
+                        goto cleanup;
                 break;
             }
             else
 #endif /* MBEDTLS_MD_C */
                 return( PSA_ERROR_NOT_SUPPORTED );
     }
-
+cleanup:
     /* If we reach this point, then the algorithm-specific part of the
      * context has at least been initialized, and may contain data that
      * needs to be wiped on error. */
@@ -1103,7 +1172,8 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
                              const uint8_t *input,
                              size_t input_length )
 {
-    int ret;
+    int ret = 0 ;
+    psa_status_t status = PSA_SUCCESS;
     if( ! operation->key_set )
         return( PSA_ERROR_BAD_STATE );
     if( operation->iv_required && ! operation->iv_set )
@@ -1122,8 +1192,8 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
 #if defined(MBEDTLS_MD_C)
             if( PSA_ALG_IS_HMAC( operation->alg ) )
             {
-                ret = mbedtls_md_hmac_update( &operation->ctx.hmac,
-                                              input, input_length );
+                status = psa_hash_update( &operation->ctx.hmac.hash_ctx, input,
+                                                input_length );
             }
             else
 #endif /* MBEDTLS_MD_C */
@@ -1132,9 +1202,14 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
             }
             break;
     }
-    if( ret != 0 )
-        psa_mac_abort( operation );
-    return( mbedtls_to_psa_error( ret ) );
+    if ( ( ret != 0 ) || ( status != PSA_SUCCESS ) )
+    {
+        psa_mac_abort(operation);
+        if (ret != 0)
+            status = mbedtls_to_psa_error(ret);
+    }
+
+    return status;
 }
 
 static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
@@ -1142,7 +1217,8 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                              size_t mac_size,
                              size_t *mac_length )
 {
-    int ret;
+    int ret = 0;
+    psa_status_t status = PSA_SUCCESS;
     if( ! operation->key_set )
         return( PSA_ERROR_BAD_STATE );
     if( operation->iv_required && ! operation->iv_set )
@@ -1168,7 +1244,37 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
 #if defined(MBEDTLS_MD_C)
             if( PSA_ALG_IS_HMAC( operation->alg ) )
             {
-                ret = mbedtls_md_hmac_finish( &operation->ctx.hmac, mac );
+                unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
+                unsigned char *opad;
+                size_t hash_size = 0;
+
+                opad = (unsigned char *) operation->ctx.hmac.hmac_ctx +
+                                         operation->ctx.hmac.block_size;
+
+                status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, tmp,
+                                         sizeof ( tmp ), &hash_size );
+                if( status != PSA_SUCCESS )
+                    goto cleanup;
+
+                status = psa_hash_start( &operation->ctx.hmac.hash_ctx,
+                                         PSA_ALG_HMAC_HASH( operation->alg ) );
+                if( status != PSA_SUCCESS )
+                    goto cleanup;
+
+                status = psa_hash_update( &operation->ctx.hmac.hash_ctx, opad,
+                           operation->ctx.hmac.block_size );
+                if( status != PSA_SUCCESS )
+                    goto cleanup;
+
+                status = psa_hash_update( &operation->ctx.hmac.hash_ctx, tmp,
+                                          hash_size);
+                if( status != PSA_SUCCESS )
+                    goto cleanup;
+
+                status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, mac,
+                                          mac_size, mac_length );
+                if( status != PSA_SUCCESS )
+                    goto cleanup;
             }
             else
 #endif /* MBEDTLS_MD_C */
@@ -1177,15 +1283,19 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
             }
             break;
     }
+cleanup:
 
-    if( ret == 0 )
+    if( ( ret == 0 ) && (status == PSA_SUCCESS) )
     {
         return( psa_mac_abort( operation ) );
     }
     else
     {
         psa_mac_abort( operation );
-        return( mbedtls_to_psa_error( ret ) );
+        if (ret != 0)
+            status = mbedtls_to_psa_error(ret);
+
+        return status;
     }
 }
 
@@ -1197,7 +1307,8 @@ psa_status_t psa_mac_finish( psa_mac_operation_t *operation,
     if( !( operation->key_usage_sign ) )
         return( PSA_ERROR_NOT_PERMITTED );
 
-    return( psa_mac_finish_internal(operation, mac, mac_size, mac_length ) );
+    return( psa_mac_finish_internal(operation, mac,
+                                mac_size, mac_length ) );
 }
 
 #define MBEDTLS_PSA_MAC_MAX_SIZE                       \

From 7810be273af28fffe6340c93d7395370cedfc656 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Mon, 4 Jun 2018 17:48:23 +0300
Subject: [PATCH 233/889] Code correction: remove unneeded sizeof

---
 library/psa_crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 5c9a8288e..c4f220988 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1001,7 +1001,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
                 if ( operation->ctx.hmac.hmac_ctx != NULL )
                 {
                     mbedtls_zeroize( operation->ctx.hmac.hmac_ctx, 
-                        sizeof(  operation->ctx.hmac.block_size * 2 ) );
+                                    operation->ctx.hmac.block_size * 2  );
                     mbedtls_free( operation->ctx.hmac.hmac_ctx );
                     operation->ctx.hmac.block_size = 0;
                 }

From eeace0bf7f0809887b91fe55db2c8257b4212496 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Tue, 5 Jun 2018 11:21:07 +0300
Subject: [PATCH 234/889] Code style fix : changed keylen to key_length

---
 library/psa_crypto.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c4f220988..a2670ef6f 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1029,7 +1029,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
     key_slot_t *slot;
     psa_key_type_t key_type;
     size_t key_bits;
-    size_t keylen;
+    size_t key_length;
     uint8_t* key_ptr = NULL;
     const mbedtls_cipher_info_t *cipher_info = NULL;
 
@@ -1050,7 +1050,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
         return(PSA_ERROR_EMPTY_SLOT);
 
     key_ptr = slot->data.raw.data;
-    keylen = slot->data.raw.bytes;
+    key_length = slot->data.raw.bytes;
 
     if( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 )
         operation->key_usage_sign = 1;
@@ -1122,7 +1122,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
                     if ( status != PSA_SUCCESS )
                         goto cleanup;
 
-                    keylen = sum_size;
+                    key_length = sum_size;
                     key_ptr = sum;
                 }
 
@@ -1133,7 +1133,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
                 memset( ipad, 0x36, operation->ctx.hmac.block_size );
                 memset( opad, 0x5C, operation->ctx.hmac.block_size );
 
-                for( i = 0; i < keylen; i++ )
+                for( i = 0; i < key_length; i++ )
                 {
                     ipad[i] = ( unsigned char )( ipad[i] ^ key_ptr[i] );
                     opad[i] = ( unsigned char )( opad[i] ^ key_ptr[i] );

From 0c9ec53a10abe14789867b1243b974a3a65c2627 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Thu, 7 Jun 2018 13:27:47 +0300
Subject: [PATCH 235/889] remove reliance on md_info context for hash
 information

1. remove reliance on md_info context for hash information by decoding locally
2. remove block_size field in context as this is dynamically computed
---
 library/psa_crypto.c | 114 ++++++++++++++++++++++++++++++++++++-------
 1 file changed, 96 insertions(+), 18 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index a2670ef6f..d676f67a8 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -984,8 +984,74 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
     return( mbedtls_cipher_info_from_values( cipher_id_tmp, key_bits, mode ) );
 }
 
+
+static psa_status_t get_block_size_from_hash_algorithm( psa_algorithm_t alg, unsigned int *block_size, unsigned int *digest_size)
+{
+    *block_size = 0;
+    *digest_size = 0;
+
+    switch( PSA_ALG_HMAC_HASH( alg ) )
+    {
+#if defined(MBEDTLS_MD2_C)
+        case PSA_ALG_MD2:
+            *block_size = 16;
+            *digest_size = 16;
+            break;
+#endif
+#if defined(MBEDTLS_MD4_C)
+        case PSA_ALG_MD4:
+            *block_size = 64;
+            *digest_size = 16;
+            break;
+#endif
+#if defined(MBEDTLS_MD5_C)
+        case PSA_ALG_MD5:
+            *block_size = 64;
+            *digest_size = 16;
+            break;
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+        case PSA_ALG_RIPEMD160:
+            *block_size = 64;
+            *digest_size = 20;
+            break;
+#endif
+#if defined(MBEDTLS_SHA1_C)
+        case PSA_ALG_SHA_1:
+            *block_size = 64;
+            *digest_size = 20;
+            break;
+#endif
+#if defined(MBEDTLS_SHA256_C)
+        case PSA_ALG_SHA_224:
+            *block_size = 64;
+            *digest_size = 28;
+            break;
+        case PSA_ALG_SHA_256:
+            *block_size = 64;
+            *digest_size = 32;
+            break;
+#endif
+#if defined(MBEDTLS_SHA512_C)
+        case PSA_ALG_SHA_384:
+            *block_size = 128;
+            *digest_size = 48;
+            break;
+        case PSA_ALG_SHA_512:
+            *block_size = 128;
+            *digest_size = 64;
+            break;
+#endif
+        default:
+            return( PSA_ERROR_NOT_SUPPORTED );
+    }
+return ( PSA_SUCCESS );
+}
+
+
 psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
 {
+    psa_status_t status;
     switch( operation->alg )
     {
 #if defined(MBEDTLS_CMAC_C)
@@ -997,13 +1063,19 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
 #if defined(MBEDTLS_MD_C)
             if( PSA_ALG_IS_HMAC( operation->alg ) )
             {
+                unsigned int block_size = 0;
+                unsigned int digest_size = 0;
+                status = get_block_size_from_hash_algorithm( operation->alg,
+                                                 &block_size, &digest_size);
+                if( status != PSA_SUCCESS )
+                    return( status );
+                
                 psa_hash_abort( &operation->ctx.hmac.hash_ctx );
                 if ( operation->ctx.hmac.hmac_ctx != NULL )
                 {
-                    mbedtls_zeroize( operation->ctx.hmac.hmac_ctx, 
-                                    operation->ctx.hmac.block_size * 2  );
+                    mbedtls_zeroize( operation->ctx.hmac.hmac_ctx,
+                                     block_size * 2 );
                     mbedtls_free( operation->ctx.hmac.hmac_ctx );
-                    operation->ctx.hmac.block_size = 0;
                 }
             }
             else
@@ -1087,19 +1159,19 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
                 unsigned char *ipad, *opad;
                 size_t i;
                 size_t sum_size = MBEDTLS_MD_MAX_SIZE;
-                const mbedtls_md_info_t *md_info =
-                    mbedtls_md_info_from_psa( PSA_ALG_HMAC_HASH( alg ) );
+                unsigned int block_size = 0;
+                unsigned int digest_size = 0;
+                status = get_block_size_from_hash_algorithm( alg,
+                                                 &block_size, &digest_size);
+                if( status != PSA_SUCCESS )
+                    return( status );
 
-                if( md_info == NULL )
-                    return( PSA_ERROR_NOT_SUPPORTED );
                 if( key_type != PSA_KEY_TYPE_HMAC )
                     return( PSA_ERROR_INVALID_ARGUMENT );
 
                 operation->iv_required = 0;
-                operation->mac_size = md_info->size;
-                operation->ctx.hmac.block_size = md_info->block_size;
-                operation->ctx.hmac.hmac_ctx = mbedtls_calloc( 2,
-                                                         md_info->block_size );
+                operation->mac_size = digest_size;
+                operation->ctx.hmac.hmac_ctx = mbedtls_calloc( 2, block_size );
                 if( operation->ctx.hmac.hmac_ctx == NULL )
                 {
                     ret = MBEDTLS_ERR_MD_ALLOC_FAILED;
@@ -1111,7 +1183,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
                 if( status != PSA_SUCCESS )
                     goto cleanup;
 
-                if( key_bits / 8  > (size_t) operation->ctx.hmac.block_size )
+                if( key_bits / 8  > (size_t) block_size )
                 {
                     status = psa_hash_update(&operation->ctx.hmac.hash_ctx,
                                               key_ptr, slot->data.raw.bytes);
@@ -1128,10 +1200,10 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
 
                 ipad = ( unsigned char * ) operation->ctx.hmac.hmac_ctx;
                 opad = ( unsigned char * ) operation->ctx.hmac.hmac_ctx +
-                                           operation->ctx.hmac.block_size;
+                                           block_size;
 
-                memset( ipad, 0x36, operation->ctx.hmac.block_size );
-                memset( opad, 0x5C, operation->ctx.hmac.block_size );
+                memset( ipad, 0x36, block_size );
+                memset( opad, 0x5C, block_size );
 
                 for( i = 0; i < key_length; i++ )
                 {
@@ -1145,7 +1217,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
                     goto cleanup;
 
                 status = psa_hash_update( &operation->ctx.hmac.hash_ctx, ipad,
-                     operation->ctx.hmac.block_size );
+                                          block_size );
                 if( status != PSA_SUCCESS )
                         goto cleanup;
                 break;
@@ -1247,9 +1319,15 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                 unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
                 unsigned char *opad;
                 size_t hash_size = 0;
+                unsigned int block_size = 0;
+                unsigned int digest_size = 0;
+                status = get_block_size_from_hash_algorithm( operation->alg,
+                                                 &block_size, &digest_size);
+                if( status != PSA_SUCCESS )
+                    return( status );
 
                 opad = (unsigned char *) operation->ctx.hmac.hmac_ctx +
-                                         operation->ctx.hmac.block_size;
+                                         block_size;
 
                 status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, tmp,
                                          sizeof ( tmp ), &hash_size );
@@ -1262,7 +1340,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                     goto cleanup;
 
                 status = psa_hash_update( &operation->ctx.hmac.hash_ctx, opad,
-                           operation->ctx.hmac.block_size );
+                                          block_size );
                 if( status != PSA_SUCCESS )
                     goto cleanup;
 

From 35dfbf4601ac49d4f76781fda464288753c64119 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Thu, 7 Jun 2018 16:20:17 +0300
Subject: [PATCH 236/889] change hmac context to use statically allocated
 memory

1. removed dynamic allocation of stack context
2. moved ipad to stack
3. added defines for maximal sizes
---
 include/psa/crypto_struct.h | 11 +++++++++--
 library/psa_crypto.c        | 21 ++++++---------------
 2 files changed, 15 insertions(+), 17 deletions(-)

diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 8e332b534..ebf80cb03 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -45,6 +45,14 @@
 #include "mbedtls/sha256.h"
 #include "mbedtls/sha512.h"
 
+#if defined(MBEDTLS_SHA512_C)
+#define PSA_CRYPTO_MD_MAX_SIZE 64
+#define PSA_CRYPTO_MD_BLOCK_SIZE 128
+#else 
+#define PSA_CRYPTO_MD_MAX_SIZE 32
+#define PSA_CRYPTO_MD_BLOCK_SIZE 64
+#endif
+
 struct psa_hash_operation_s
 {
     psa_algorithm_t alg;
@@ -77,11 +85,10 @@ struct psa_hash_operation_s
 
 
 typedef struct {
-        unsigned int block_size;
         /** The hash context. */
         struct psa_hash_operation_s hash_ctx;
         /** The HMAC part of the context. */
-        void *hmac_ctx;
+        char hmac_ctx[PSA_CRYPTO_MD_BLOCK_SIZE];
 } psa_hmac_internal_data;
 
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index d676f67a8..29a541faa 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1074,8 +1074,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
                 if ( operation->ctx.hmac.hmac_ctx != NULL )
                 {
                     mbedtls_zeroize( operation->ctx.hmac.hmac_ctx,
-                                     block_size * 2 );
-                    mbedtls_free( operation->ctx.hmac.hmac_ctx );
+                                     block_size);
                 }
             }
             else
@@ -1155,8 +1154,9 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
 #if defined(MBEDTLS_MD_C)
             if( PSA_ALG_IS_HMAC( alg ) )
             {
-                unsigned char sum[MBEDTLS_MD_MAX_SIZE];
-                unsigned char *ipad, *opad;
+                unsigned char sum[PSA_CRYPTO_MD_MAX_SIZE];
+                unsigned char ipad[PSA_CRYPTO_MD_BLOCK_SIZE];
+                unsigned char *opad;
                 size_t i;
                 size_t sum_size = MBEDTLS_MD_MAX_SIZE;
                 unsigned int block_size = 0;
@@ -1171,12 +1171,6 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
 
                 operation->iv_required = 0;
                 operation->mac_size = digest_size;
-                operation->ctx.hmac.hmac_ctx = mbedtls_calloc( 2, block_size );
-                if( operation->ctx.hmac.hmac_ctx == NULL )
-                {
-                    ret = MBEDTLS_ERR_MD_ALLOC_FAILED;
-                    goto cleanup;
-                }
 
                 status = psa_hash_start( &operation->ctx.hmac.hash_ctx,
                                         PSA_ALG_HMAC_HASH( alg ) );
@@ -1198,9 +1192,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
                     key_ptr = sum;
                 }
 
-                ipad = ( unsigned char * ) operation->ctx.hmac.hmac_ctx;
-                opad = ( unsigned char * ) operation->ctx.hmac.hmac_ctx +
-                                           block_size;
+                opad = ( unsigned char * ) operation->ctx.hmac.hmac_ctx;
 
                 memset( ipad, 0x36, block_size );
                 memset( opad, 0x5C, block_size );
@@ -1326,8 +1318,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                 if( status != PSA_SUCCESS )
                     return( status );
 
-                opad = (unsigned char *) operation->ctx.hmac.hmac_ctx +
-                                         block_size;
+                opad = (unsigned char *) operation->ctx.hmac.hmac_ctx;
 
                 status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, tmp,
                                          sizeof ( tmp ), &hash_size );

From 1e2b04602641a0b8b2794f61a5fe08b81ba75ef5 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Thu, 7 Jun 2018 23:45:51 +0300
Subject: [PATCH 237/889] adding more test cases for hmac

---
 tests/suites/test_suite_psa_crypto.data | 96 +++++++++++++++++++++++++
 1 file changed, 96 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index f1fb30f50..41a597de6 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -65,6 +65,102 @@ PSA MAC verify: HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 mac_verify:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"53616d706c65206d65737361676520666f72206b65796c656e3d626c6f636b6c656e":"8bb9a1db9806f20df7f77b82138c7914d174d59e13dc4d0169c9057b133e1d62"
 
+PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-224
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
+
+PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"
+
+PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-384
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6"
+
+PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-512
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
+
+PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-224
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44"
+
+PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843"
+
+PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-384
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649"
+
+PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-512
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737"
+
+PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-224
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea"
+
+PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe"
+
+PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-384
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27"
+
+PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-512
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb"
+
+PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-224
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a"
+
+PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b"
+
+PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-384
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb"
+
+PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-512
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd"
+
+PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-224
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e"
+
+PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54"
+
+PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-384
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952"
+
+PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-512
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598"
+
+PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-224
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1"
+
+PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2"
+
+PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-384
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e"
+
+PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-512
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58"
+
 PSA MAC verify: CMAC-AES-128
 depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
 mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"

From 9e2ffe83acda69dc0a15da9a823ae461b6be16ca Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Fri, 8 Jun 2018 22:51:15 +0300
Subject: [PATCH 238/889] change type of hash block to uint8_t

---
 include/psa/crypto_struct.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index ebf80cb03..60c44fbb8 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -88,7 +88,7 @@ typedef struct {
         /** The hash context. */
         struct psa_hash_operation_s hash_ctx;
         /** The HMAC part of the context. */
-        char hmac_ctx[PSA_CRYPTO_MD_BLOCK_SIZE];
+        uint8_t hmac_ctx[PSA_CRYPTO_MD_BLOCK_SIZE];
 } psa_hmac_internal_data;
 
 

From 084832d65f04a50038fed754def6134e17455411 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Fri, 8 Jun 2018 22:52:24 +0300
Subject: [PATCH 239/889] replace get_block_size_from_hash_algorithm with
 PSA_HASH_BLOCK_SIZE macro

---
 library/psa_crypto.c | 49 +++++++++++++++++++++++++++-----------------
 1 file changed, 30 insertions(+), 19 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 29a541faa..75a87ad45 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -984,6 +984,18 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
     return( mbedtls_cipher_info_from_values( cipher_id_tmp, key_bits, mode ) );
 }
 
+#define PSA_HASH_BLOCK_SIZE(alg)                \
+    (                                           \
+        (alg) == PSA_ALG_MD2 ? 16 :             \
+        (alg) == PSA_ALG_MD4 ? 64 :             \
+        (alg) == PSA_ALG_MD5 ? 64 :             \
+        (alg) == PSA_ALG_RIPEMD160 ? 64 :       \
+        (alg) == PSA_ALG_SHA_1 ? 64 :           \
+        (alg) == PSA_ALG_SHA_224 ? 64 :         \
+        (alg) == PSA_ALG_SHA_256 ? 64 :         \
+        (alg) == PSA_ALG_SHA_384 ? 128 :        \
+        (alg) == PSA_ALG_SHA_512 ? 128 :        \
+        0)
 
 static psa_status_t get_block_size_from_hash_algorithm( psa_algorithm_t alg, unsigned int *block_size, unsigned int *digest_size)
 {
@@ -1063,13 +1075,12 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
 #if defined(MBEDTLS_MD_C)
             if( PSA_ALG_IS_HMAC( operation->alg ) )
             {
-                unsigned int block_size = 0;
-                unsigned int digest_size = 0;
-                status = get_block_size_from_hash_algorithm( operation->alg,
-                                                 &block_size, &digest_size);
-                if( status != PSA_SUCCESS )
-                    return( status );
-                
+                unsigned int block_size = 
+                PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( operation->alg ) ) );
+
+                if(block_size == 0)
+                    return( PSA_ERROR_NOT_SUPPORTED );
+
                 psa_hash_abort( &operation->ctx.hmac.hash_ctx );
                 if ( operation->ctx.hmac.hmac_ctx != NULL )
                 {
@@ -1159,12 +1170,13 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
                 unsigned char *opad;
                 size_t i;
                 size_t sum_size = MBEDTLS_MD_MAX_SIZE;
-                unsigned int block_size = 0;
-                unsigned int digest_size = 0;
-                status = get_block_size_from_hash_algorithm( alg,
-                                                 &block_size, &digest_size);
-                if( status != PSA_SUCCESS )
-                    return( status );
+                unsigned int block_size =
+                    PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) );
+                unsigned int digest_size =
+                    PSA_HASH_FINAL_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) );
+
+                if( ( block_size == 0 ) || ( digest_size == 0 ) )
+                    return( PSA_ERROR_NOT_SUPPORTED );
 
                 if( key_type != PSA_KEY_TYPE_HMAC )
                     return( PSA_ERROR_INVALID_ARGUMENT );
@@ -1311,12 +1323,11 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                 unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
                 unsigned char *opad;
                 size_t hash_size = 0;
-                unsigned int block_size = 0;
-                unsigned int digest_size = 0;
-                status = get_block_size_from_hash_algorithm( operation->alg,
-                                                 &block_size, &digest_size);
-                if( status != PSA_SUCCESS )
-                    return( status );
+                unsigned int block_size =
+                PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( operation->alg ) ) );
+
+                if (block_size == 0)
+                    return(PSA_ERROR_NOT_SUPPORTED);
 
                 opad = (unsigned char *) operation->ctx.hmac.hmac_ctx;
 

From ef057ac8ed8e6ef7ec023a4947eacb833fbfcc6a Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 11 Jun 2018 17:11:54 +0200
Subject: [PATCH 240/889] Remove dead code

Remove an unused function and an unused variable. Now the code builds
with gcc -Wall -Wextra -Werror.
---
 library/psa_crypto.c | 65 --------------------------------------------
 1 file changed, 65 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 75a87ad45..b6cee8709 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -997,73 +997,8 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
         (alg) == PSA_ALG_SHA_512 ? 128 :        \
         0)
 
-static psa_status_t get_block_size_from_hash_algorithm( psa_algorithm_t alg, unsigned int *block_size, unsigned int *digest_size)
-{
-    *block_size = 0;
-    *digest_size = 0;
-
-    switch( PSA_ALG_HMAC_HASH( alg ) )
-    {
-#if defined(MBEDTLS_MD2_C)
-        case PSA_ALG_MD2:
-            *block_size = 16;
-            *digest_size = 16;
-            break;
-#endif
-#if defined(MBEDTLS_MD4_C)
-        case PSA_ALG_MD4:
-            *block_size = 64;
-            *digest_size = 16;
-            break;
-#endif
-#if defined(MBEDTLS_MD5_C)
-        case PSA_ALG_MD5:
-            *block_size = 64;
-            *digest_size = 16;
-            break;
-#endif
-#if defined(MBEDTLS_RIPEMD160_C)
-        case PSA_ALG_RIPEMD160:
-            *block_size = 64;
-            *digest_size = 20;
-            break;
-#endif
-#if defined(MBEDTLS_SHA1_C)
-        case PSA_ALG_SHA_1:
-            *block_size = 64;
-            *digest_size = 20;
-            break;
-#endif
-#if defined(MBEDTLS_SHA256_C)
-        case PSA_ALG_SHA_224:
-            *block_size = 64;
-            *digest_size = 28;
-            break;
-        case PSA_ALG_SHA_256:
-            *block_size = 64;
-            *digest_size = 32;
-            break;
-#endif
-#if defined(MBEDTLS_SHA512_C)
-        case PSA_ALG_SHA_384:
-            *block_size = 128;
-            *digest_size = 48;
-            break;
-        case PSA_ALG_SHA_512:
-            *block_size = 128;
-            *digest_size = 64;
-            break;
-#endif
-        default:
-            return( PSA_ERROR_NOT_SUPPORTED );
-    }
-return ( PSA_SUCCESS );
-}
-
-
 psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
 {
-    psa_status_t status;
     switch( operation->alg )
     {
 #if defined(MBEDTLS_CMAC_C)

From 99bc649760c0f3632d14c9f4aef62b6850772d75 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 11 Jun 2018 17:13:00 +0200
Subject: [PATCH 241/889] Normalize whitespace to Mbed TLS standards

Only whitespace changes in this commit.
---
 library/psa_crypto.c | 48 ++++++++++++++++++++++----------------------
 1 file changed, 24 insertions(+), 24 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index b6cee8709..c34d621e2 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1010,10 +1010,10 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
 #if defined(MBEDTLS_MD_C)
             if( PSA_ALG_IS_HMAC( operation->alg ) )
             {
-                unsigned int block_size = 
-                PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( operation->alg ) ) );
+                unsigned int block_size =
+                    PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( operation->alg ) ) );
 
-                if(block_size == 0)
+                if( block_size == 0 )
                     return( PSA_ERROR_NOT_SUPPORTED );
 
                 psa_hash_abort( &operation->ctx.hmac.hash_ctx );
@@ -1063,8 +1063,8 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
         return( status );
 
     slot = &global_data.key_slots[key];
-    if (slot->type == PSA_KEY_TYPE_NONE)
-        return(PSA_ERROR_EMPTY_SLOT);
+    if( slot->type == PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_EMPTY_SLOT );
 
     key_ptr = slot->data.raw.data;
     key_length = slot->data.raw.bytes;
@@ -1120,34 +1120,34 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
                 operation->mac_size = digest_size;
 
                 status = psa_hash_start( &operation->ctx.hmac.hash_ctx,
-                                        PSA_ALG_HMAC_HASH( alg ) );
+                                         PSA_ALG_HMAC_HASH( alg ) );
                 if( status != PSA_SUCCESS )
                     goto cleanup;
 
-                if( key_bits / 8  > (size_t) block_size )
+                if( key_bits / 8 > (size_t) block_size )
                 {
-                    status = psa_hash_update(&operation->ctx.hmac.hash_ctx,
+                    status = psa_hash_update( &operation->ctx.hmac.hash_ctx,
                                               key_ptr, slot->data.raw.bytes);
                     if( status != PSA_SUCCESS )
                         goto cleanup;
-                    status = psa_hash_finish(&operation->ctx.hmac.hash_ctx, sum,
-                                             sum_size, &sum_size);
-                    if ( status != PSA_SUCCESS )
+                    status = psa_hash_finish( &operation->ctx.hmac.hash_ctx,
+                                              sum, sum_size, &sum_size);
+                    if( status != PSA_SUCCESS )
                         goto cleanup;
 
                     key_length = sum_size;
                     key_ptr = sum;
                 }
 
-                opad = ( unsigned char * ) operation->ctx.hmac.hmac_ctx;
+                opad = (unsigned char *) operation->ctx.hmac.hmac_ctx;
 
                 memset( ipad, 0x36, block_size );
                 memset( opad, 0x5C, block_size );
 
                 for( i = 0; i < key_length; i++ )
                 {
-                    ipad[i] = ( unsigned char )( ipad[i] ^ key_ptr[i] );
-                    opad[i] = ( unsigned char )( opad[i] ^ key_ptr[i] );
+                    ipad[i] = (unsigned char) ( ipad[i] ^ key_ptr[i] );
+                    opad[i] = (unsigned char) ( opad[i] ^ key_ptr[i] );
                 }
 
                 status = psa_hash_start( &operation->ctx.hmac.hash_ctx,
@@ -1172,11 +1172,11 @@ cleanup:
     operation->alg = alg;
     if( ret != 0 )
     {
-        psa_mac_abort( operation );
-        return( mbedtls_to_psa_error( ret ) );
+        psa_mac_abort(operation);
+        if ( ret != 0 )
+            status = mbedtls_to_psa_error(ret);
     }
-    operation->key_set = 1;
-    return( PSA_SUCCESS );
+
 }
 
 psa_status_t psa_mac_update( psa_mac_operation_t *operation,
@@ -1261,13 +1261,13 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                 unsigned int block_size =
                 PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( operation->alg ) ) );
 
-                if (block_size == 0)
-                    return(PSA_ERROR_NOT_SUPPORTED);
+                if( block_size == 0 )
+                    return( PSA_ERROR_NOT_SUPPORTED );
 
                 opad = (unsigned char *) operation->ctx.hmac.hmac_ctx;
 
                 status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, tmp,
-                                         sizeof ( tmp ), &hash_size );
+                                          sizeof( tmp ), &hash_size );
                 if( status != PSA_SUCCESS )
                     goto cleanup;
 
@@ -1307,7 +1307,7 @@ cleanup:
     else
     {
         psa_mac_abort( operation );
-        if (ret != 0)
+        if( ret != 0 )
             status = mbedtls_to_psa_error(ret);
 
         return status;
@@ -1322,8 +1322,8 @@ psa_status_t psa_mac_finish( psa_mac_operation_t *operation,
     if( !( operation->key_usage_sign ) )
         return( PSA_ERROR_NOT_PERMITTED );
 
-    return( psa_mac_finish_internal(operation, mac,
-                                mac_size, mac_length ) );
+    return( psa_mac_finish_internal( operation, mac,
+                                     mac_size, mac_length ) );
 }
 
 #define MBEDTLS_PSA_MAC_MAX_SIZE                       \

From 7e454bc19f2422c8086232ff77244f03f069577b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 11 Jun 2018 17:26:17 +0200
Subject: [PATCH 242/889] Split out CMAC and HMAC code into auxiliary functions

Split algorithm-specific code out of psa_mac_start. This makes the
function easier to read.

The behavior is mostly unchanged. In a few cases, errors before
setting a key trigger a context wipe where they didn't. This is a
marginal performance loss but only cases that are an error in caller
code.
---
 library/psa_crypto.c | 193 ++++++++++++++++++++++++-------------------
 1 file changed, 109 insertions(+), 84 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c34d621e2..1eecd3e7c 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -925,6 +925,7 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
             alg &= ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
         }
         switch( alg )
+
         {
             case PSA_ALG_STREAM_CIPHER:
                 mode = MBEDTLS_MODE_STREAM;
@@ -1037,18 +1038,105 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
     return( PSA_SUCCESS );
 }
 
+static int psa_cmac_start( psa_mac_operation_t *operation,
+                           size_t key_bits,
+                           key_slot_t *slot,
+                           const mbedtls_cipher_info_t *cipher_info )
+{
+    int ret;
+
+    operation->mac_size = cipher_info->block_size;
+    operation->iv_required = 0;
+    mbedtls_cipher_init( &operation->ctx.cmac );
+
+    ret = mbedtls_cipher_setup( &operation->ctx.cmac, cipher_info );
+    if( ret != 0 )
+        return( ret );
+
+    ret = mbedtls_cipher_cmac_starts( &operation->ctx.cmac,
+                                      slot->data.raw.data,
+                                      key_bits );
+    return( ret );
+}
+
+static int psa_hmac_start( psa_mac_operation_t *operation,
+                           psa_key_type_t key_type,
+                           size_t key_bits,
+                           key_slot_t *slot,
+                           psa_algorithm_t alg )
+{
+    unsigned char sum[PSA_CRYPTO_MD_MAX_SIZE];
+    unsigned char ipad[PSA_CRYPTO_MD_BLOCK_SIZE];
+    unsigned char *opad;
+    size_t i;
+    size_t sum_size = MBEDTLS_MD_MAX_SIZE;
+    unsigned int block_size =
+        PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) );
+    unsigned int digest_size =
+        PSA_HASH_FINAL_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) );
+    uint8_t* key_ptr = slot->data.raw.data;
+    size_t key_length = slot->data.raw.bytes;
+    psa_status_t status;
+
+    if( ( block_size == 0 ) || ( digest_size == 0 ) )
+        return( PSA_ERROR_NOT_SUPPORTED );
+
+    if( key_type != PSA_KEY_TYPE_HMAC )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    operation->iv_required = 0;
+    operation->mac_size = digest_size;
+
+    status = psa_hash_start( &operation->ctx.hmac.hash_ctx,
+                             PSA_ALG_HMAC_HASH( alg ) );
+    if( status != PSA_SUCCESS )
+        return( status );
+
+    if( key_bits / 8 > (size_t) block_size )
+    {
+        status = psa_hash_update( &operation->ctx.hmac.hash_ctx,
+                                  key_ptr, slot->data.raw.bytes);
+        if( status != PSA_SUCCESS )
+            return( status );
+        status = psa_hash_finish( &operation->ctx.hmac.hash_ctx,
+                                  sum, sum_size, &sum_size);
+        if( status != PSA_SUCCESS )
+            return( status );
+
+        key_length = sum_size;
+        key_ptr = sum;
+    }
+
+    opad = (unsigned char *) operation->ctx.hmac.hmac_ctx;
+
+    memset( ipad, 0x36, block_size );
+    memset( opad, 0x5C, block_size );
+
+    for( i = 0; i < key_length; i++ )
+    {
+        ipad[i] = (unsigned char) ( ipad[i] ^ key_ptr[i] );
+        opad[i] = (unsigned char) ( opad[i] ^ key_ptr[i] );
+    }
+
+    status = psa_hash_start( &operation->ctx.hmac.hash_ctx,
+                             PSA_ALG_HMAC_HASH( alg ) );
+    if( status != PSA_SUCCESS )
+        return( status );
+
+    status = psa_hash_update( &operation->ctx.hmac.hash_ctx, ipad,
+                              block_size );
+    return( status );
+}
+
 psa_status_t psa_mac_start( psa_mac_operation_t *operation,
                             psa_key_slot_t key,
                             psa_algorithm_t alg )
 {
-    int ret = 0;
     psa_status_t status;
     key_slot_t *slot;
     psa_key_type_t key_type;
     size_t key_bits;
-    size_t key_length;
-    uint8_t* key_ptr = NULL;
-    const mbedtls_cipher_info_t *cipher_info = NULL;
+    const mbedtls_cipher_info_t *cipher_info;
 
     operation->alg = 0;
     operation->key_set = 0;
@@ -1066,9 +1154,6 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
 
-    key_ptr = slot->data.raw.data;
-    key_length = slot->data.raw.bytes;
-
     if( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 )
         operation->key_usage_sign = 1;
 
@@ -1086,97 +1171,37 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
     {
 #if defined(MBEDTLS_CMAC_C)
         case PSA_ALG_CMAC:
-            operation->iv_required = 0;
-            mbedtls_cipher_init( &operation->ctx.cmac );
-            ret = mbedtls_cipher_setup( &operation->ctx.cmac, cipher_info );
-            if( ret != 0 )
-                break;
-            ret = mbedtls_cipher_cmac_starts( &operation->ctx.cmac,
-                                              slot->data.raw.data,
-                                              key_bits );
+            status = mbedtls_to_psa_error( psa_cmac_start( operation,
+                                                           key_bits,
+                                                           slot,
+                                                           cipher_info ) );
             break;
 #endif /* MBEDTLS_CMAC_C */
         default:
 #if defined(MBEDTLS_MD_C)
             if( PSA_ALG_IS_HMAC( alg ) )
-            {
-                unsigned char sum[PSA_CRYPTO_MD_MAX_SIZE];
-                unsigned char ipad[PSA_CRYPTO_MD_BLOCK_SIZE];
-                unsigned char *opad;
-                size_t i;
-                size_t sum_size = MBEDTLS_MD_MAX_SIZE;
-                unsigned int block_size =
-                    PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) );
-                unsigned int digest_size =
-                    PSA_HASH_FINAL_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) );
-
-                if( ( block_size == 0 ) || ( digest_size == 0 ) )
-                    return( PSA_ERROR_NOT_SUPPORTED );
-
-                if( key_type != PSA_KEY_TYPE_HMAC )
-                    return( PSA_ERROR_INVALID_ARGUMENT );
-
-                operation->iv_required = 0;
-                operation->mac_size = digest_size;
-
-                status = psa_hash_start( &operation->ctx.hmac.hash_ctx,
-                                         PSA_ALG_HMAC_HASH( alg ) );
-                if( status != PSA_SUCCESS )
-                    goto cleanup;
-
-                if( key_bits / 8 > (size_t) block_size )
-                {
-                    status = psa_hash_update( &operation->ctx.hmac.hash_ctx,
-                                              key_ptr, slot->data.raw.bytes);
-                    if( status != PSA_SUCCESS )
-                        goto cleanup;
-                    status = psa_hash_finish( &operation->ctx.hmac.hash_ctx,
-                                              sum, sum_size, &sum_size);
-                    if( status != PSA_SUCCESS )
-                        goto cleanup;
-
-                    key_length = sum_size;
-                    key_ptr = sum;
-                }
-
-                opad = (unsigned char *) operation->ctx.hmac.hmac_ctx;
-
-                memset( ipad, 0x36, block_size );
-                memset( opad, 0x5C, block_size );
-
-                for( i = 0; i < key_length; i++ )
-                {
-                    ipad[i] = (unsigned char) ( ipad[i] ^ key_ptr[i] );
-                    opad[i] = (unsigned char) ( opad[i] ^ key_ptr[i] );
-                }
-
-                status = psa_hash_start( &operation->ctx.hmac.hash_ctx,
-                                         PSA_ALG_HMAC_HASH( alg ) );
-                if( status != PSA_SUCCESS )
-                    goto cleanup;
-
-                status = psa_hash_update( &operation->ctx.hmac.hash_ctx, ipad,
-                                          block_size );
-                if( status != PSA_SUCCESS )
-                        goto cleanup;
-                break;
-            }
+                status = psa_hmac_start( operation,
+                                         key_type, key_bits, slot,
+                                         alg );
             else
 #endif /* MBEDTLS_MD_C */
                 return( PSA_ERROR_NOT_SUPPORTED );
     }
-cleanup:
+
     /* If we reach this point, then the algorithm-specific part of the
-     * context has at least been initialized, and may contain data that
-     * needs to be wiped on error. */
-    operation->alg = alg;
-    if( ret != 0 )
+
+     * context may contain data that needs to be wiped on error. */
+    if( status != PSA_SUCCESS )
     {
         psa_mac_abort(operation);
-        if ( ret != 0 )
-            status = mbedtls_to_psa_error(ret);
     }
 
+    else
+    {
+        operation->alg = alg;
+        operation->key_set = 1;
+    }
+    return( status );
 }
 
 psa_status_t psa_mac_update( psa_mac_operation_t *operation,

From e1bc6800cc60a7f1aa337276059fa15ef81b8f15 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 11 Jun 2018 17:36:05 +0200
Subject: [PATCH 243/889] psa_hmac_start: remove useless casts

---
 library/psa_crypto.c | 16 ++++++----------
 1 file changed, 6 insertions(+), 10 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 1eecd3e7c..794af37f8 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1067,10 +1067,10 @@ static int psa_hmac_start( psa_mac_operation_t *operation,
 {
     unsigned char sum[PSA_CRYPTO_MD_MAX_SIZE];
     unsigned char ipad[PSA_CRYPTO_MD_BLOCK_SIZE];
-    unsigned char *opad;
+    unsigned char *opad = operation->ctx.hmac.hmac_ctx;
     size_t i;
     size_t sum_size = MBEDTLS_MD_MAX_SIZE;
-    unsigned int block_size =
+    size_t block_size =
         PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) );
     unsigned int digest_size =
         PSA_HASH_FINAL_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) );
@@ -1092,7 +1092,7 @@ static int psa_hmac_start( psa_mac_operation_t *operation,
     if( status != PSA_SUCCESS )
         return( status );
 
-    if( key_bits / 8 > (size_t) block_size )
+    if( key_bits / 8 > block_size )
     {
         status = psa_hash_update( &operation->ctx.hmac.hash_ctx,
                                   key_ptr, slot->data.raw.bytes);
@@ -1107,15 +1107,13 @@ static int psa_hmac_start( psa_mac_operation_t *operation,
         key_ptr = sum;
     }
 
-    opad = (unsigned char *) operation->ctx.hmac.hmac_ctx;
-
     memset( ipad, 0x36, block_size );
     memset( opad, 0x5C, block_size );
 
     for( i = 0; i < key_length; i++ )
     {
-        ipad[i] = (unsigned char) ( ipad[i] ^ key_ptr[i] );
-        opad[i] = (unsigned char) ( opad[i] ^ key_ptr[i] );
+        ipad[i] = ipad[i] ^ key_ptr[i];
+        opad[i] = opad[i] ^ key_ptr[i];
     }
 
     status = psa_hash_start( &operation->ctx.hmac.hash_ctx,
@@ -1281,7 +1279,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
             if( PSA_ALG_IS_HMAC( operation->alg ) )
             {
                 unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
-                unsigned char *opad;
+                unsigned char *opad = operation->ctx.hmac.hmac_ctx;
                 size_t hash_size = 0;
                 unsigned int block_size =
                 PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( operation->alg ) ) );
@@ -1289,8 +1287,6 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                 if( block_size == 0 )
                     return( PSA_ERROR_NOT_SUPPORTED );
 
-                opad = (unsigned char *) operation->ctx.hmac.hmac_ctx;
-
                 status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, tmp,
                                           sizeof( tmp ), &hash_size );
                 if( status != PSA_SUCCESS )

From c102e3ce4b6652b76bf0ca6520e04e3095a0cf41 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 11 Jun 2018 17:38:53 +0200
Subject: [PATCH 244/889] psa_hmac_start: simplify key_length logic in
 hash-the-key case

---
 library/psa_crypto.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 794af37f8..9fb80bb21 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1069,7 +1069,6 @@ static int psa_hmac_start( psa_mac_operation_t *operation,
     unsigned char ipad[PSA_CRYPTO_MD_BLOCK_SIZE];
     unsigned char *opad = operation->ctx.hmac.hmac_ctx;
     size_t i;
-    size_t sum_size = MBEDTLS_MD_MAX_SIZE;
     size_t block_size =
         PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) );
     unsigned int digest_size =
@@ -1099,11 +1098,9 @@ static int psa_hmac_start( psa_mac_operation_t *operation,
         if( status != PSA_SUCCESS )
             return( status );
         status = psa_hash_finish( &operation->ctx.hmac.hash_ctx,
-                                  sum, sum_size, &sum_size);
+                                  sum, sizeof( sum ), &key_length );
         if( status != PSA_SUCCESS )
             return( status );
-
-        key_length = sum_size;
         key_ptr = sum;
     }
 

From 6a0a44e16704b59040f8b330e57e52cf1cfa645d Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 11 Jun 2018 17:42:48 +0200
Subject: [PATCH 245/889] HMAC: clean up local variables containing key
 material

In psa_mac_start, the hash of the key and ipad contain material that
can be used to make HMAC calculations with the key, therefore they
must be wiped.

In psa_mac_finish_internal, tmp contains an intermediate value which
could reveal the HMAC. This is definitely sensitive in the verify case,
and marginally sensitive in the finish case (it isn't if the hash
function is ideal, but it could make things worse if the hash function
is partially broken).
---
 library/psa_crypto.c | 24 +++++++++++++++++-------
 1 file changed, 17 insertions(+), 7 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 9fb80bb21..b5b1a96ee 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1116,10 +1116,19 @@ static int psa_hmac_start( psa_mac_operation_t *operation,
     status = psa_hash_start( &operation->ctx.hmac.hash_ctx,
                              PSA_ALG_HMAC_HASH( alg ) );
     if( status != PSA_SUCCESS )
-        return( status );
+        goto cleanup;
 
     status = psa_hash_update( &operation->ctx.hmac.hash_ctx, ipad,
                               block_size );
+
+cleanup:
+    if( key_bits / 8 > (size_t) block_size )
+        mbedtls_zeroize( sum, key_length );
+    mbedtls_zeroize( ipad, key_length );
+    /* opad is in the context. It needs to stay in memory if this function
+     * succeeds, and it will be wiped by psa_mac_abort() called from
+     * psa_mac_start in the error case. */
+
     return( status );
 }
 
@@ -1188,7 +1197,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
      * context may contain data that needs to be wiped on error. */
     if( status != PSA_SUCCESS )
     {
-        psa_mac_abort(operation);
+        psa_mac_abort( operation );
     }
 
     else
@@ -1288,26 +1297,27 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                                           sizeof( tmp ), &hash_size );
                 if( status != PSA_SUCCESS )
                     goto cleanup;
+                /* From here on, tmp needs to be wiped. */
 
                 status = psa_hash_start( &operation->ctx.hmac.hash_ctx,
                                          PSA_ALG_HMAC_HASH( operation->alg ) );
                 if( status != PSA_SUCCESS )
-                    goto cleanup;
+                    goto hmac_cleanup;
 
                 status = psa_hash_update( &operation->ctx.hmac.hash_ctx, opad,
                                           block_size );
                 if( status != PSA_SUCCESS )
-                    goto cleanup;
+                    goto hmac_cleanup;
 
                 status = psa_hash_update( &operation->ctx.hmac.hash_ctx, tmp,
                                           hash_size);
                 if( status != PSA_SUCCESS )
-                    goto cleanup;
+                    goto hmac_cleanup;
 
                 status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, mac,
                                           mac_size, mac_length );
-                if( status != PSA_SUCCESS )
-                    goto cleanup;
+            hmac_cleanup:
+                mbedtls_zeroize( tmp, hash_size );
             }
             else
 #endif /* MBEDTLS_MD_C */

From d223b52a9a5bc0bef69f8f5745ef4a9952facdfb Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 11 Jun 2018 18:12:58 +0200
Subject: [PATCH 246/889] psa_hmac_start: reduce stack usage

Store the temporary key in the long-key case (where the key is first
hashed) directly into ipad. This reduces the stack usage a little, at
a slight cost in complexity.
---
 library/psa_crypto.c | 35 ++++++++++++++++-------------------
 1 file changed, 16 insertions(+), 19 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index b5b1a96ee..dbb35928f 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1061,11 +1061,9 @@ static int psa_cmac_start( psa_mac_operation_t *operation,
 
 static int psa_hmac_start( psa_mac_operation_t *operation,
                            psa_key_type_t key_type,
-                           size_t key_bits,
                            key_slot_t *slot,
                            psa_algorithm_t alg )
 {
-    unsigned char sum[PSA_CRYPTO_MD_MAX_SIZE];
     unsigned char ipad[PSA_CRYPTO_MD_BLOCK_SIZE];
     unsigned char *opad = operation->ctx.hmac.hmac_ctx;
     size_t i;
@@ -1073,7 +1071,6 @@ static int psa_hmac_start( psa_mac_operation_t *operation,
         PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) );
     unsigned int digest_size =
         PSA_HASH_FINAL_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) );
-    uint8_t* key_ptr = slot->data.raw.data;
     size_t key_length = slot->data.raw.bytes;
     psa_status_t status;
 
@@ -1091,27 +1088,31 @@ static int psa_hmac_start( psa_mac_operation_t *operation,
     if( status != PSA_SUCCESS )
         return( status );
 
-    if( key_bits / 8 > block_size )
+    if( key_length > block_size )
     {
         status = psa_hash_update( &operation->ctx.hmac.hash_ctx,
-                                  key_ptr, slot->data.raw.bytes);
+                                  slot->data.raw.data, slot->data.raw.bytes );
         if( status != PSA_SUCCESS )
             return( status );
         status = psa_hash_finish( &operation->ctx.hmac.hash_ctx,
-                                  sum, sizeof( sum ), &key_length );
+                                  ipad, sizeof( ipad ), &key_length );
         if( status != PSA_SUCCESS )
             return( status );
-        key_ptr = sum;
     }
+    else
+        memcpy( ipad, slot->data.raw.data, slot->data.raw.bytes );
 
-    memset( ipad, 0x36, block_size );
-    memset( opad, 0x5C, block_size );
-
+    /* ipad contains the key followed by garbage. Xor and fill with 0x36
+     * to create the ipad value. */
     for( i = 0; i < key_length; i++ )
-    {
-        ipad[i] = ipad[i] ^ key_ptr[i];
-        opad[i] = opad[i] ^ key_ptr[i];
-    }
+        ipad[i] ^= 0x36;
+    memset( ipad + key_length, 0x36, block_size - key_length );
+
+    /* Copy the key material from ipad to opad, flipping the requisite bits,
+     * and filling the rest of opad with the requisite constant. */
+    for( i = 0; i < key_length; i++ )
+        opad[i] = ipad[i] ^ 0x36 ^ 0x5C;
+    memset( opad + key_length, 0x5C, block_size - key_length );
 
     status = psa_hash_start( &operation->ctx.hmac.hash_ctx,
                              PSA_ALG_HMAC_HASH( alg ) );
@@ -1122,8 +1123,6 @@ static int psa_hmac_start( psa_mac_operation_t *operation,
                               block_size );
 
 cleanup:
-    if( key_bits / 8 > (size_t) block_size )
-        mbedtls_zeroize( sum, key_length );
     mbedtls_zeroize( ipad, key_length );
     /* opad is in the context. It needs to stay in memory if this function
      * succeeds, and it will be wiped by psa_mac_abort() called from
@@ -1184,9 +1183,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
         default:
 #if defined(MBEDTLS_MD_C)
             if( PSA_ALG_IS_HMAC( alg ) )
-                status = psa_hmac_start( operation,
-                                         key_type, key_bits, slot,
-                                         alg );
+                status = psa_hmac_start( operation, key_type, slot, alg );
             else
 #endif /* MBEDTLS_MD_C */
                 return( PSA_ERROR_NOT_SUPPORTED );

From caec7f0c49630d25570c2d6656e85dbdef45e1e6 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Thu, 14 Jun 2018 15:34:50 +0300
Subject: [PATCH 247/889] Fix rename issue missed by re-base

---
 library/psa_crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index dbb35928f..60a1197ed 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1070,7 +1070,7 @@ static int psa_hmac_start( psa_mac_operation_t *operation,
     size_t block_size =
         PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) );
     unsigned int digest_size =
-        PSA_HASH_FINAL_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) );
+        PSA_HASH_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) );
     size_t key_length = slot->data.raw.bytes;
     psa_status_t status;
 

From 5ca6547b77f93c39ba673b8a4f5d36cd1bf701bb Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Sun, 17 Jun 2018 14:03:40 +0300
Subject: [PATCH 248/889] Renamed hmac_ctx to opad and removed null check.

this array is now part of the struct and not dynamically allocated
so it can't be null.
---
 include/psa/crypto_struct.h | 2 +-
 library/psa_crypto.c        | 9 +++------
 2 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 60c44fbb8..f554b6eab 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -88,7 +88,7 @@ typedef struct {
         /** The hash context. */
         struct psa_hash_operation_s hash_ctx;
         /** The HMAC part of the context. */
-        uint8_t hmac_ctx[PSA_CRYPTO_MD_BLOCK_SIZE];
+        uint8_t opad[PSA_CRYPTO_MD_BLOCK_SIZE];
 } psa_hmac_internal_data;
 
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 60a1197ed..e51de04cb 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1018,11 +1018,8 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
                     return( PSA_ERROR_NOT_SUPPORTED );
 
                 psa_hash_abort( &operation->ctx.hmac.hash_ctx );
-                if ( operation->ctx.hmac.hmac_ctx != NULL )
-                {
-                    mbedtls_zeroize( operation->ctx.hmac.hmac_ctx,
+                mbedtls_zeroize( operation->ctx.hmac.opad,
                                      block_size);
-                }
             }
             else
 #endif /* MBEDTLS_MD_C */
@@ -1065,7 +1062,7 @@ static int psa_hmac_start( psa_mac_operation_t *operation,
                            psa_algorithm_t alg )
 {
     unsigned char ipad[PSA_CRYPTO_MD_BLOCK_SIZE];
-    unsigned char *opad = operation->ctx.hmac.hmac_ctx;
+    unsigned char *opad = operation->ctx.hmac.opad;
     size_t i;
     size_t block_size =
         PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) );
@@ -1282,7 +1279,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
             if( PSA_ALG_IS_HMAC( operation->alg ) )
             {
                 unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
-                unsigned char *opad = operation->ctx.hmac.hmac_ctx;
+                unsigned char *opad = operation->ctx.hmac.opad;
                 size_t hash_size = 0;
                 unsigned int block_size =
                 PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( operation->alg ) ) );

From 9627241beb2898b1d491f2d99981836935a06ca1 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Sun, 17 Jun 2018 14:41:10 +0300
Subject: [PATCH 249/889] change macro PSA_HASH_BLOCK_SIZE to function
 psa_get_hash_block_size

---
 library/psa_crypto.c | 46 +++++++++++++++++++++++++++++---------------
 1 file changed, 30 insertions(+), 16 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index e51de04cb..2f0cff2e7 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -985,18 +985,32 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
     return( mbedtls_cipher_info_from_values( cipher_id_tmp, key_bits, mode ) );
 }
 
-#define PSA_HASH_BLOCK_SIZE(alg)                \
-    (                                           \
-        (alg) == PSA_ALG_MD2 ? 16 :             \
-        (alg) == PSA_ALG_MD4 ? 64 :             \
-        (alg) == PSA_ALG_MD5 ? 64 :             \
-        (alg) == PSA_ALG_RIPEMD160 ? 64 :       \
-        (alg) == PSA_ALG_SHA_1 ? 64 :           \
-        (alg) == PSA_ALG_SHA_224 ? 64 :         \
-        (alg) == PSA_ALG_SHA_256 ? 64 :         \
-        (alg) == PSA_ALG_SHA_384 ? 128 :        \
-        (alg) == PSA_ALG_SHA_512 ? 128 :        \
-        0)
+static size_t psa_get_hash_block_size(psa_algorithm_t alg)
+{
+    switch(alg)
+    {
+        case PSA_ALG_MD2:
+            return 16;
+        case PSA_ALG_MD4:
+            return 64;
+        case PSA_ALG_MD5:
+            return 64;
+        case PSA_ALG_RIPEMD160:
+            return 64;
+        case PSA_ALG_SHA_1:
+            return 64;
+        case PSA_ALG_SHA_224:
+            return 64;
+        case PSA_ALG_SHA_256:
+            return 64;
+        case PSA_ALG_SHA_384:
+            return 128;
+        case PSA_ALG_SHA_512:
+            return 128;
+        default: 
+            return 0;
+    }
+}
 
 psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
 {
@@ -1012,7 +1026,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
             if( PSA_ALG_IS_HMAC( operation->alg ) )
             {
                 unsigned int block_size =
-                    PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( operation->alg ) ) );
+                    psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( operation->alg ) ) );
 
                 if( block_size == 0 )
                     return( PSA_ERROR_NOT_SUPPORTED );
@@ -1065,7 +1079,7 @@ static int psa_hmac_start( psa_mac_operation_t *operation,
     unsigned char *opad = operation->ctx.hmac.opad;
     size_t i;
     size_t block_size =
-        PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) );
+        psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( alg ) ) );
     unsigned int digest_size =
         PSA_HASH_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) );
     size_t key_length = slot->data.raw.bytes;
@@ -1281,8 +1295,8 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                 unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
                 unsigned char *opad = operation->ctx.hmac.opad;
                 size_t hash_size = 0;
-                unsigned int block_size =
-                PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( operation->alg ) ) );
+                size_t block_size =
+                psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( operation->alg ) ) );
 
                 if( block_size == 0 )
                     return( PSA_ERROR_NOT_SUPPORTED );

From e9664c30f0ebdbd6e5f057646c03b51cdeec53a8 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Sun, 17 Jun 2018 14:41:30 +0300
Subject: [PATCH 250/889] space and style fixes

---
 library/psa_crypto.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 2f0cff2e7..90c76732e 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -924,8 +924,8 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
         {
             alg &= ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
         }
-        switch( alg )
 
+        switch( alg )
         {
             case PSA_ALG_STREAM_CIPHER:
                 mode = MBEDTLS_MODE_STREAM;
@@ -1252,9 +1252,9 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
     }
     if ( ( ret != 0 ) || ( status != PSA_SUCCESS ) )
     {
-        psa_mac_abort(operation);
-        if (ret != 0)
-            status = mbedtls_to_psa_error(ret);
+        psa_mac_abort( operation );
+        if ( ret != 0 )
+            status = mbedtls_to_psa_error( ret );
     }
 
     return status;

From aa5aea0bac33142a9a37d1e7340a7cc001eb4c64 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Mon, 18 Jun 2018 12:24:33 +0300
Subject: [PATCH 251/889] fix spaces and add braces

---
 library/psa_crypto.c | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 90c76732e..4a256988b 100755
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -985,30 +985,30 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
     return( mbedtls_cipher_info_from_values( cipher_id_tmp, key_bits, mode ) );
 }
 
-static size_t psa_get_hash_block_size(psa_algorithm_t alg)
+static size_t psa_get_hash_block_size( psa_algorithm_t alg )
 {
     switch(alg)
     {
         case PSA_ALG_MD2:
-            return 16;
+            return( 16 );
         case PSA_ALG_MD4:
-            return 64;
+            return( 64 );
         case PSA_ALG_MD5:
-            return 64;
+            return( 64 );
         case PSA_ALG_RIPEMD160:
-            return 64;
+            return( 64 );
         case PSA_ALG_SHA_1:
-            return 64;
+            return( 64 );
         case PSA_ALG_SHA_224:
-            return 64;
+            return( 64 );
         case PSA_ALG_SHA_256:
-            return 64;
+            return( 64 );
         case PSA_ALG_SHA_384:
-            return 128;
+            return( 128 );
         case PSA_ALG_SHA_512:
-            return 128;
+            return ( 128 );
         default: 
-            return 0;
+            return ( 0 );
     }
 }
 

From 27fbaf7781da515eb9be35437c317c1faf41805e Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Tue, 12 Jun 2018 17:09:28 +0300
Subject: [PATCH 252/889] Fixed test sign_deterministic, macro
 PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE

Arguments in the wrong order
---
 tests/suites/test_suite_psa_crypto.function | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 002f9f7d0..cb9301ab6 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1028,7 +1028,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
                                           NULL,
                                           &key_bits ) == PSA_SUCCESS );
 
-    signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, alg, key_bits );
+    signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, key_bits, alg );
     TEST_ASSERT( signature_size != 0 );
     signature = mbedtls_calloc( 1, signature_size );
     TEST_ASSERT( signature != NULL );

From 6de7a179c882b0b6484ae79e2e326fc7c5e941de Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 17:51:17 +0200
Subject: [PATCH 253/889] Fix file permissions

Some files were marked as executable but shouldn't have been.
---
 include/psa/crypto.h | 0
 library/psa_crypto.c | 0
 2 files changed, 0 insertions(+), 0 deletions(-)
 mode change 100755 => 100644 include/psa/crypto.h
 mode change 100755 => 100644 library/psa_crypto.c

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
old mode 100755
new mode 100644
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
old mode 100755
new mode 100644

From 2d2778650b04edb0791217ce6c31c42f1844d092 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 15:41:12 +0200
Subject: [PATCH 254/889] Normalize whitespace

Normalize whitespace to Mbed TLS standards. There are only whitespace
changes in this commit.
---
 include/psa/crypto.h                        |   4 +-
 include/psa/crypto_struct.h                 |   5 +-
 library/psa_crypto.c                        | 165 ++++++------
 tests/suites/test_suite_psa_crypto.function | 270 ++++++++++----------
 4 files changed, 225 insertions(+), 219 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 94060c1eb..c513b24c2 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1304,8 +1304,8 @@ psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation,
 psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
                                const uint8_t *input,
                                size_t input_length,
-                               unsigned char *output, 
-                               size_t output_size, 
+                               unsigned char *output,
+                               size_t output_size,
                                size_t *output_length);
 
 psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index f554b6eab..4b0f9799b 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -48,7 +48,7 @@
 #if defined(MBEDTLS_SHA512_C)
 #define PSA_CRYPTO_MD_MAX_SIZE 64
 #define PSA_CRYPTO_MD_BLOCK_SIZE 128
-#else 
+#else
 #define PSA_CRYPTO_MD_MAX_SIZE 32
 #define PSA_CRYPTO_MD_BLOCK_SIZE 64
 #endif
@@ -84,7 +84,8 @@ struct psa_hash_operation_s
 };
 
 
-typedef struct {
+typedef struct
+{
         /** The hash context. */
         struct psa_hash_operation_s hash_ctx;
         /** The HMAC part of the context. */
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 4a256988b..954895910 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -94,12 +94,15 @@ static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n )
  * The value is a compile-time constant for now, for simplicity. */
 #define MBEDTLS_PSA_KEY_SLOT_COUNT 32
 
-typedef struct {
+typedef struct
+{
     psa_key_type_t type;
     psa_key_policy_t policy;
     psa_key_lifetime_t lifetime;
-    union {
-        struct raw_data {
+    union
+    {
+        struct raw_data
+        {
             uint8_t *data;
             size_t bytes;
         } raw;
@@ -112,7 +115,8 @@ typedef struct {
     } data;
 } key_slot_t;
 
-typedef struct {
+typedef struct
+{
     int initialized;
     mbedtls_entropy_context entropy;
     mbedtls_ctr_drbg_context ctr_drbg;
@@ -305,10 +309,10 @@ static psa_status_t mbedtls_to_psa_error( int ret )
 /* Key management */
 /****************************************************************/
 
-psa_status_t psa_import_key(psa_key_slot_t key,
-                            psa_key_type_t type,
-                            const uint8_t *data,
-                            size_t data_length)
+psa_status_t psa_import_key( psa_key_slot_t key,
+                             psa_key_type_t type,
+                             const uint8_t *data,
+                             size_t data_length )
 {
     key_slot_t *slot;
 
@@ -380,7 +384,7 @@ psa_status_t psa_import_key(psa_key_slot_t key,
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_destroy_key(psa_key_slot_t key)
+psa_status_t psa_destroy_key( psa_key_slot_t key )
 {
     key_slot_t *slot;
 
@@ -424,9 +428,9 @@ psa_status_t psa_destroy_key(psa_key_slot_t key)
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_get_key_information(psa_key_slot_t key,
-                                     psa_key_type_t *type,
-                                     size_t *bits)
+psa_status_t psa_get_key_information( psa_key_slot_t key,
+                                      psa_key_type_t *type,
+                                      size_t *bits )
 {
     key_slot_t *slot;
 
@@ -472,11 +476,11 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
     return( PSA_SUCCESS );
 }
 
-static  psa_status_t psa_internal_export_key(psa_key_slot_t key,
-                                             uint8_t *data,
-                                             size_t data_size,
-                                             size_t *data_length,
-                                             int export_public_key)
+static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
+                                              uint8_t *data,
+                                              size_t data_size,
+                                              size_t *data_length,
+                                              int export_public_key )
 {
     key_slot_t *slot;
 
@@ -492,7 +496,7 @@ static  psa_status_t psa_internal_export_key(psa_key_slot_t key,
     if( ( !export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) ) &&
         ( !( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) ) )
         return( PSA_ERROR_NOT_PERMITTED );
-    
+
     if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
     {
         if( slot->data.raw.bytes > data_size )
@@ -542,23 +546,23 @@ static  psa_status_t psa_internal_export_key(psa_key_slot_t key,
     }
 }
 
-psa_status_t psa_export_key(psa_key_slot_t key,
-                            uint8_t *data,
-                            size_t data_size,
-                            size_t *data_length)
+psa_status_t psa_export_key( psa_key_slot_t key,
+                             uint8_t *data,
+                             size_t data_size,
+                             size_t *data_length )
 {
     return psa_internal_export_key( key, data, data_size,
-                                  data_length, 0 );
+                                    data_length, 0 );
 }
 
 
-psa_status_t psa_export_public_key(psa_key_slot_t key,
-                                   uint8_t *data,
-                                   size_t data_size,
-                                   size_t *data_length)
+psa_status_t psa_export_public_key( psa_key_slot_t key,
+                                    uint8_t *data,
+                                    size_t data_size,
+                                    size_t *data_length )
 {
     return psa_internal_export_key( key, data, data_size,
-                                   data_length, 1 );
+                                    data_length, 1 );
 }
 
 /****************************************************************/
@@ -884,9 +888,9 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation,
     }
 }
 
-psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
-                             const uint8_t *hash,
-                             size_t hash_length)
+psa_status_t psa_hash_verify( psa_hash_operation_t *operation,
+                              const uint8_t *hash,
+                              size_t hash_length )
 {
     uint8_t actual_hash[MBEDTLS_MD_MAX_SIZE];
     size_t actual_hash_length;
@@ -912,7 +916,7 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
 static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
     psa_algorithm_t alg,
     psa_key_type_t key_type,
-    size_t key_bits, 
+    size_t key_bits,
     mbedtls_cipher_id_t* cipher_id )
 {
     mbedtls_cipher_mode_t mode;
@@ -987,7 +991,7 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
 
 static size_t psa_get_hash_block_size( psa_algorithm_t alg )
 {
-    switch(alg)
+    switch( alg )
     {
         case PSA_ALG_MD2:
             return( 16 );
@@ -1006,9 +1010,9 @@ static size_t psa_get_hash_block_size( psa_algorithm_t alg )
         case PSA_ALG_SHA_384:
             return( 128 );
         case PSA_ALG_SHA_512:
-            return ( 128 );
-        default: 
-            return ( 0 );
+            return( 128 );
+        default:
+            return( 0 );
     }
 }
 
@@ -1032,8 +1036,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
                     return( PSA_ERROR_NOT_SUPPORTED );
 
                 psa_hash_abort( &operation->ctx.hmac.hash_ctx );
-                mbedtls_zeroize( operation->ctx.hmac.opad,
-                                     block_size);
+                mbedtls_zeroize( operation->ctx.hmac.opad, block_size );
             }
             else
 #endif /* MBEDTLS_MD_C */
@@ -1241,7 +1244,7 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
             if( PSA_ALG_IS_HMAC( operation->alg ) )
             {
                 status = psa_hash_update( &operation->ctx.hmac.hash_ctx, input,
-                                                input_length );
+                                          input_length );
             }
             else
 #endif /* MBEDTLS_MD_C */
@@ -1250,10 +1253,10 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
             }
             break;
     }
-    if ( ( ret != 0 ) || ( status != PSA_SUCCESS ) )
+    if( ( ret != 0 ) || ( status != PSA_SUCCESS ) )
     {
         psa_mac_abort( operation );
-        if ( ret != 0 )
+        if( ret != 0 )
             status = mbedtls_to_psa_error( ret );
     }
 
@@ -1261,9 +1264,9 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
 }
 
 static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
-                             uint8_t *mac,
-                             size_t mac_size,
-                             size_t *mac_length )
+                                             uint8_t *mac,
+                                             size_t mac_size,
+                                             size_t *mac_length )
 {
     int ret = 0;
     psa_status_t status = PSA_SUCCESS;
@@ -1296,7 +1299,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                 unsigned char *opad = operation->ctx.hmac.opad;
                 size_t hash_size = 0;
                 size_t block_size =
-                psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( operation->alg ) ) );
+                    psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( operation->alg ) ) );
 
                 if( block_size == 0 )
                     return( PSA_ERROR_NOT_SUPPORTED );
@@ -1318,7 +1321,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                     goto hmac_cleanup;
 
                 status = psa_hash_update( &operation->ctx.hmac.hash_ctx, tmp,
-                                          hash_size);
+                                          hash_size );
                 if( status != PSA_SUCCESS )
                     goto hmac_cleanup;
 
@@ -1336,7 +1339,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
     }
 cleanup:
 
-    if( ( ret == 0 ) && (status == PSA_SUCCESS) )
+    if( ( ret == 0 ) && ( status == PSA_SUCCESS ) )
     {
         return( psa_mac_abort( operation ) );
     }
@@ -1344,7 +1347,7 @@ cleanup:
     {
         psa_mac_abort( operation );
         if( ret != 0 )
-            status = mbedtls_to_psa_error(ret);
+            status = mbedtls_to_psa_error( ret );
 
         return status;
     }
@@ -1362,9 +1365,9 @@ psa_status_t psa_mac_finish( psa_mac_operation_t *operation,
                                      mac_size, mac_length ) );
 }
 
-#define MBEDTLS_PSA_MAC_MAX_SIZE                       \
-    ( MBEDTLS_MD_MAX_SIZE > MBEDTLS_MAX_BLOCK_LENGTH ? \
-      MBEDTLS_MD_MAX_SIZE :                            \
+#define MBEDTLS_PSA_MAC_MAX_SIZE                        \
+    ( MBEDTLS_MD_MAX_SIZE > MBEDTLS_MAX_BLOCK_LENGTH ?  \
+      MBEDTLS_MD_MAX_SIZE :                             \
       MBEDTLS_MAX_BLOCK_LENGTH )
 psa_status_t psa_mac_verify( psa_mac_operation_t *operation,
                              const uint8_t *mac,
@@ -1598,7 +1601,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
     {
         mbedtls_ecp_keypair *ecdsa = slot->data.ecp;
         int ret;
-        (void)alg;
+        (void) alg;
         ret = mbedtls_ecdsa_read_signature( ecdsa, hash, hash_length,
                                             signature, signature_size );
         return( mbedtls_to_psa_error( ret ) );
@@ -2015,31 +2018,31 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation )
 /* Key Policy */
 /****************************************************************/
 
-void psa_key_policy_init(psa_key_policy_t *policy)
+void psa_key_policy_init( psa_key_policy_t *policy )
 {
     memset( policy, 0, sizeof( psa_key_policy_t ) );
 }
 
-void psa_key_policy_set_usage(psa_key_policy_t *policy,
-                              psa_key_usage_t usage,
-                              psa_algorithm_t alg)
+void psa_key_policy_set_usage( psa_key_policy_t *policy,
+                               psa_key_usage_t usage,
+                               psa_algorithm_t alg )
 {
     policy->usage = usage;
     policy->alg = alg;
 }
 
-psa_key_usage_t psa_key_policy_get_usage(psa_key_policy_t *policy)
+psa_key_usage_t psa_key_policy_get_usage( psa_key_policy_t *policy )
 {
     return( policy->usage );
 }
 
-psa_algorithm_t psa_key_policy_get_algorithm(psa_key_policy_t *policy)
+psa_algorithm_t psa_key_policy_get_algorithm( psa_key_policy_t *policy )
 {
     return( policy->alg );
 }
 
-psa_status_t psa_set_key_policy(psa_key_slot_t key,
-                                const psa_key_policy_t *policy)
+psa_status_t psa_set_key_policy( psa_key_slot_t key,
+                                 const psa_key_policy_t *policy )
 {
     key_slot_t *slot;
 
@@ -2051,8 +2054,8 @@ psa_status_t psa_set_key_policy(psa_key_slot_t key,
         return( PSA_ERROR_OCCUPIED_SLOT );
 
     if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT
-                        | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN
-                        | PSA_KEY_USAGE_VERIFY ) ) != 0 )
+                             | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN
+                             | PSA_KEY_USAGE_VERIFY ) ) != 0 )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     slot->policy = *policy;
@@ -2060,8 +2063,8 @@ psa_status_t psa_set_key_policy(psa_key_slot_t key,
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_get_key_policy(psa_key_slot_t key,
-                                psa_key_policy_t *policy)
+psa_status_t psa_get_key_policy( psa_key_slot_t key,
+                                 psa_key_policy_t *policy )
 {
     key_slot_t *slot;
 
@@ -2081,8 +2084,8 @@ psa_status_t psa_get_key_policy(psa_key_slot_t key,
 /* Key Lifetime */
 /****************************************************************/
 
-psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
-                                  psa_key_lifetime_t *lifetime)
+psa_status_t psa_get_key_lifetime( psa_key_slot_t key,
+                                   psa_key_lifetime_t *lifetime )
 {
     key_slot_t *slot;
 
@@ -2096,8 +2099,8 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
-                                  const psa_key_lifetime_t lifetime)
+psa_status_t psa_set_key_lifetime( psa_key_slot_t key,
+                                   const psa_key_lifetime_t lifetime )
 {
     key_slot_t *slot;
 
@@ -2146,7 +2149,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     size_t tag_length;
     mbedtls_cipher_id_t cipher_id;
     const mbedtls_cipher_info_t *cipher_info = NULL;
-    
+
     *ciphertext_length = 0;
 
     status = psa_get_key_information( key, &key_type, &key_bits );
@@ -2154,18 +2157,18 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         return( status );
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
-            return( PSA_ERROR_EMPTY_SLOT );
+        return( PSA_ERROR_EMPTY_SLOT );
 
     cipher_info = mbedtls_cipher_info_from_psa( alg, key_type,
                                                 key_bits, &cipher_id );
     if( cipher_info == NULL )
-            return( PSA_ERROR_NOT_SUPPORTED );
+        return( PSA_ERROR_NOT_SUPPORTED );
 
     if( !( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) )
         return( PSA_ERROR_NOT_PERMITTED );
 
-    if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) !=
-           PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
+    if( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) !=
+        PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     if( alg == PSA_ALG_GCM )
@@ -2238,13 +2241,13 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     {
         return( PSA_ERROR_NOT_SUPPORTED );
     }
-    
+
     if( ret != 0 )
     {
         memset( ciphertext, 0, ciphertext_size );
         return( mbedtls_to_psa_error( ret ) );
     }
-    
+
     *ciphertext_length = plaintext_length + tag_length;
     return( PSA_SUCCESS );
 }
@@ -2291,7 +2294,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     size_t tag_length;
     mbedtls_cipher_id_t cipher_id;
     const mbedtls_cipher_info_t *cipher_info = NULL;
-    
+
     *plaintext_length = 0;
 
     status = psa_get_key_information( key, &key_type, &key_bits );
@@ -2299,18 +2302,18 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         return( status );
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
-            return( PSA_ERROR_EMPTY_SLOT );
+        return( PSA_ERROR_EMPTY_SLOT );
 
     cipher_info = mbedtls_cipher_info_from_psa( alg, key_type,
                                                 key_bits, &cipher_id );
     if( cipher_info == NULL )
-            return( PSA_ERROR_NOT_SUPPORTED );
-    
+        return( PSA_ERROR_NOT_SUPPORTED );
+
     if( !( slot->policy.usage & PSA_KEY_USAGE_DECRYPT ) )
         return( PSA_ERROR_NOT_PERMITTED );
 
-    if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) != 
-         PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
+    if( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) !=
+        PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     if( alg == PSA_ALG_GCM )
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index cb9301ab6..5a68074e4 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -4,9 +4,9 @@
 #include "mbedtls/md.h"
 
 #if(UINT32_MAX > SIZE_MAX)
-#define PSA_CRYPTO_TEST_SIZE_T_RANGE(x) ((x) <= SIZE_MAX)
+#define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) ( ( x ) <= SIZE_MAX )
 #else
-#define PSA_CRYPTO_TEST_SIZE_T_RANGE(x) 1
+#define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) 1
 #endif
 /* END_HEADER */
 
@@ -16,7 +16,7 @@
  */
 
 /* BEGIN_CASE */
-void init_deinit()
+void init_deinit( )
 {
     psa_status_t status;
     int i;
@@ -148,11 +148,11 @@ exit:
 
 /* BEGIN_CASE */
 void import_export_public_key( data_t *data,
-                                int type_arg,
-                                int alg_arg,
-                                int expected_bits,
-                                int public_key_expected_length,
-                                int expected_export_status )
+                               int type_arg,
+                               int alg_arg,
+                               int expected_bits,
+                               int public_key_expected_length,
+                               int expected_export_status )
 {
     int slot = 1;
     psa_key_type_t type = type_arg;
@@ -182,18 +182,18 @@ void import_export_public_key( data_t *data,
     /* Import the key */
     TEST_ASSERT( psa_import_key( slot, type,
                                  data->x, (size_t) data->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
 
     /* Test the key information */
     TEST_ASSERT( psa_get_key_information( slot,
-                 &got_type, &got_bits ) == PSA_SUCCESS );
+                                          &got_type, &got_bits ) == PSA_SUCCESS );
     TEST_ASSERT( got_type == type );
     TEST_ASSERT( got_bits == (size_t) expected_bits );
 
     /* Export the key */
     status = psa_export_public_key( slot,
-                             exported, export_size,
-                             &exported_length );
+                                    exported, export_size,
+                                    &exported_length );
     TEST_ASSERT( status == (psa_status_t) expected_export_status );
     if( status != PSA_SUCCESS )
         goto destroy;
@@ -230,7 +230,7 @@ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
     TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_update( &operation,
                                   input->x, (size_t) input->len ) ==
-                                  PSA_SUCCESS );
+                 PSA_SUCCESS );
     TEST_ASSERT( psa_hash_finish( &operation,
                                   actual_hash, sizeof( actual_hash ),
                                   &actual_hash_length ) == PSA_SUCCESS );
@@ -259,11 +259,11 @@ void hash_verify( int alg_arg, data_t *input, data_t *expected_hash )
     TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_update( &operation,
                                   input->x, (size_t) input->len ) ==
-                                  PSA_SUCCESS );
+                 PSA_SUCCESS );
     TEST_ASSERT( psa_hash_verify( &operation,
                                   expected_hash->x,
                                   (size_t) expected_hash->len ) ==
-                                  PSA_SUCCESS );
+                 PSA_SUCCESS );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -305,7 +305,7 @@ void mac_verify( int key_type_arg, data_t *key,
     TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS );
     TEST_ASSERT( psa_mac_update( &operation,
                                  input->x, (size_t) input->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
     TEST_ASSERT( psa_mac_verify( &operation,
                                  expected_mac->x,
                                  (size_t) expected_mac->len ) == PSA_SUCCESS );
@@ -441,7 +441,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( total_output_length == (size_t) expected_output->len );
     TEST_ASSERT( memcmp( expected_output->x, output,
-                        (size_t) expected_output->len ) == 0 );
+                         (size_t) expected_output->len ) == 0 );
 
 exit:
     mbedtls_free( output );
@@ -510,8 +510,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
     TEST_ASSERT( total_output_length == (size_t) expected_output->len );
-    TEST_ASSERT( memcmp( expected_output->x, output, 
-                        (size_t) expected_output->len ) == 0 );
+    TEST_ASSERT( memcmp( expected_output->x, output,
+                         (size_t) expected_output->len ) == 0 );
 
 exit:
     mbedtls_free( output );
@@ -776,8 +776,8 @@ exit:
 
 /* BEGIN_CASE */
 void aead_encrypt_decrypt( int key_type_arg, data_t * key_data,
-                int alg_arg, data_t * input_data, data_t * nonce,
-                data_t * additional_data, int expected_result_arg )
+                           int alg_arg, data_t * input_data, data_t * nonce,
+                           data_t * additional_data, int expected_result_arg )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -816,13 +816,13 @@ void aead_encrypt_decrypt( int key_type_arg, data_t * key_data,
                                  key_data->x, (size_t) key_data->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_aead_encrypt( slot, alg,
-                               nonce->x, (size_t) nonce->len,
-                               additional_data->x,
-                               (size_t) additional_data->len,
-                               input_data->x, (size_t) input_data->len,
-                               output_data,
-                               output_size, &output_length ) ==
-                               expected_result );
+                                   nonce->x, (size_t) nonce->len,
+                                   additional_data->x,
+                                   (size_t) additional_data->len,
+                                   input_data->x, (size_t) input_data->len,
+                                   output_data,
+                                   output_size, &output_length ) ==
+                 expected_result );
 
     if( PSA_SUCCESS == expected_result )
     {
@@ -830,18 +830,18 @@ void aead_encrypt_decrypt( int key_type_arg, data_t * key_data,
         TEST_ASSERT( output_data2 != NULL );
 
         TEST_ASSERT( psa_aead_decrypt( slot, alg,
-                                nonce->x, (size_t) nonce->len,
-                                additional_data->x,
-                                (size_t) additional_data->len,
-                                output_data, output_length, output_data2,
-                                output_length, &output_length2 ) ==
-                                expected_result );
-        
+                                       nonce->x, (size_t) nonce->len,
+                                       additional_data->x,
+                                       (size_t) additional_data->len,
+                                       output_data, output_length, output_data2,
+                                       output_length, &output_length2 ) ==
+                     expected_result );
+
 
         TEST_ASSERT( memcmp( input_data->x, output_data2,
-                                (size_t) input_data->len ) == 0 );
+                             (size_t) input_data->len ) == 0 );
     }
-    
+
 
 exit:
     psa_destroy_key( slot );
@@ -853,9 +853,9 @@ exit:
 
 /* BEGIN_CASE */
 void aead_encrypt( int key_type_arg, data_t * key_data,
-                int alg_arg, data_t * input_data,
-                data_t * additional_data, data_t * nonce,
-                data_t * expected_result )
+                   int alg_arg, data_t * input_data,
+                   data_t * additional_data, data_t * nonce,
+                   data_t * expected_result )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -880,7 +880,7 @@ void aead_encrypt( int key_type_arg, data_t * key_data,
     output_size = (size_t) input_data->len + tag_length;
     output_data = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output_data != NULL );
-    
+
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
@@ -891,20 +891,20 @@ void aead_encrypt( int key_type_arg, data_t * key_data,
 
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data->x, (size_t) key_data->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
 
     TEST_ASSERT( psa_aead_encrypt( slot, alg,
-                               nonce->x, (size_t) nonce->len,
-                               additional_data->x,
-                               (size_t) additional_data->len,
-                               input_data->x, (size_t) input_data->len,
-                               output_data,
-                               output_size, &output_length ) == PSA_SUCCESS );
+                                   nonce->x, (size_t) nonce->len,
+                                   additional_data->x,
+                                   (size_t) additional_data->len,
+                                   input_data->x, (size_t) input_data->len,
+                                   output_data,
+                                   output_size, &output_length ) == PSA_SUCCESS );
 
 
     TEST_ASSERT( memcmp( output_data, expected_result->x,
-                                output_length ) == 0 );
-    
+                         output_length ) == 0 );
+
 
 exit:
     psa_destroy_key( slot );
@@ -915,9 +915,9 @@ exit:
 
 /* BEGIN_CASE */
 void aead_decrypt( int key_type_arg, data_t * key_data,
-                int alg_arg, data_t * input_data,
-                data_t * additional_data, data_t * nonce,
-                data_t * expected_data, int expected_result_arg )
+                   int alg_arg, data_t * input_data,
+                   data_t * additional_data, data_t * nonce,
+                   data_t * expected_data, int expected_result_arg )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -944,7 +944,7 @@ void aead_decrypt( int key_type_arg, data_t * key_data,
     output_size = (size_t) input_data->len + tag_length;
     output_data = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output_data != NULL );
-    
+
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
@@ -955,24 +955,24 @@ void aead_decrypt( int key_type_arg, data_t * key_data,
 
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data->x, (size_t) key_data->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
 
     TEST_ASSERT( psa_aead_decrypt( slot, alg,
-                               nonce->x, (size_t) nonce->len,
-                               additional_data->x, (size_t) additional_data->len,
-                               input_data->x, (size_t) input_data->len,
-                               output_data,
-                               output_size, &output_length ) ==
-                               expected_result );
+                                   nonce->x, (size_t) nonce->len,
+                                   additional_data->x, (size_t) additional_data->len,
+                                   input_data->x, (size_t) input_data->len,
+                                   output_data,
+                                   output_size, &output_length ) ==
+                 expected_result );
 
 
-    if ( expected_result == PSA_SUCCESS )
+    if( expected_result == PSA_SUCCESS )
     {
         TEST_ASSERT( memcmp( output_data, expected_data->x,
-                                    output_length ) == 0 );
+                             output_length ) == 0 );
     }
 
-    
+
 
 exit:
     psa_destroy_key( slot );
@@ -986,7 +986,7 @@ void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg
 {
     psa_key_type_t type = type_arg;
     psa_algorithm_t alg = alg_arg;
-    size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(type, bits, alg);
+    size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( type, bits, alg );
     TEST_ASSERT( actual_size == (size_t) expected_size_arg );
 exit:
     ;
@@ -1039,8 +1039,8 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
                                       signature, signature_size,
                                       &signature_length ) == PSA_SUCCESS );
     TEST_ASSERT( signature_length == (size_t) output_data->len );
-    TEST_ASSERT( memcmp( signature, output_data->x, (size_t) output_data->len )
-                        == 0 );
+    TEST_ASSERT( memcmp( signature, output_data->x,
+                         (size_t) output_data->len ) == 0 );
 
 exit:
     psa_destroy_key( slot );
@@ -1081,7 +1081,7 @@ void sign_fail( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data->x, (size_t) key_data->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
 
     actual_status = psa_asymmetric_sign( slot, alg,
                                          input_data->x,
@@ -1112,14 +1112,14 @@ void key_policy( int usage_arg, int alg_arg )
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
-    psa_key_policy_init(& policy_set );
-    psa_key_policy_init(& policy_get );
+    psa_key_policy_init( &policy_set );
+    psa_key_policy_init( &policy_get );
 
     psa_key_policy_set_usage( &policy_set, usage_arg, alg_arg );
 
-    TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == ( psa_key_usage_t )usage_arg );
+    TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == (psa_key_usage_t) usage_arg );
 
-    TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set) == ( psa_algorithm_t )alg_arg );
+    TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == (psa_algorithm_t) alg_arg );
 
     TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS );
 
@@ -1159,11 +1159,13 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status,
         TEST_ASSERT( keypair != NULL );
         TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
         TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
-                                keypair->x, (size_t) keypair->len ) ==
-                                PSA_SUCCESS );
-        actual_status = psa_asymmetric_sign( key_slot, 
-                        ( psa_algorithm_t )alg_arg, NULL, 0, NULL, 0, 
-                        NULL, 0, &signature_length );
+                                     keypair->x, (size_t) keypair->len ) ==
+                     PSA_SUCCESS );
+        actual_status = psa_asymmetric_sign( key_slot,
+                                             (psa_algorithm_t) alg_arg,
+                                             NULL, 0,
+                                             NULL, 0,
+                                             NULL, 0, &signature_length );
     }
 
     if( usage_arg & PSA_KEY_USAGE_SIGN )
@@ -1171,8 +1173,8 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status,
         TEST_ASSERT( keypair != NULL );
         TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
         TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
-                                keypair->x, (size_t) keypair->len ) ==
-                                PSA_SUCCESS );
+                                     keypair->x, (size_t) keypair->len ) ==
+                     PSA_SUCCESS );
         actual_status = psa_export_key( key_slot, NULL, 0, NULL );
     }
 
@@ -1198,13 +1200,13 @@ void key_lifetime( int lifetime_arg )
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_set_key_lifetime( key_slot,
-                                 lifetime_set ) == PSA_SUCCESS );
+                                       lifetime_set ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key, sizeof( key ) ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_get_key_lifetime( key_slot,
-                                 &lifetime_get ) == PSA_SUCCESS );
+                                       &lifetime_get ) == PSA_SUCCESS );
 
     TEST_ASSERT( lifetime_get == lifetime_set );
 
@@ -1265,14 +1267,14 @@ void asymmetric_verify( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data->x, (size_t) key_data->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
 
     TEST_ASSERT( psa_asymmetric_verify( slot, alg,
                                         hash_data->x, (size_t) hash_data->len,
                                         NULL, 0,
                                         signature_data->x,
                                         (size_t) signature_data->len ) ==
-                                        PSA_SUCCESS );
+                 PSA_SUCCESS );
 exit:
     psa_destroy_key( slot );
     mbedtls_psa_crypto_free( );
@@ -1310,13 +1312,13 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data->x, (size_t) key_data->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
 
     actual_status = psa_asymmetric_verify( slot, alg,
-                                        hash_data->x, (size_t) hash_data->len,
-                                        NULL, 0,
-                                        signature_data->x,
-                                        (size_t) signature_data->len );
+                                           hash_data->x, (size_t) hash_data->len,
+                                           NULL, 0,
+                                           signature_data->x,
+                                           (size_t) signature_data->len );
 
 
     TEST_ASSERT( actual_status == expected_status );
@@ -1363,28 +1365,28 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data->x, (size_t) key_data->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
 
     /* We test encryption by checking that encrypt-then-decrypt gives back
      * the original plaintext because of the non-optional random
      * part of encryption process which prevents using fixed vectors. */
-    TEST_ASSERT( psa_asymmetric_encrypt(slot, alg,
-                                    input_data->x,
-                                    (size_t) input_data->len,
-                                    NULL, 0,
-                                    output,
-                                    output_size,
-                                    &output_length) == PSA_SUCCESS );
+    TEST_ASSERT( psa_asymmetric_encrypt( slot, alg,
+                                         input_data->x,
+                                         (size_t) input_data->len,
+                                         NULL, 0,
+                                         output,
+                                         output_size,
+                                         &output_length ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_asymmetric_decrypt(slot, alg,
-                                    output,
-                                    output_length,
-                                    NULL, 0,
-                                    output2,
-                                    output2_size,
-                                    &output2_length) == PSA_SUCCESS );
+    TEST_ASSERT( psa_asymmetric_decrypt( slot, alg,
+                                         output,
+                                         output_length,
+                                         NULL, 0,
+                                         output2,
+                                         output2_size,
+                                         &output2_length ) == PSA_SUCCESS );
     TEST_ASSERT( memcmp( input_data->x, output2, (size_t) input_data->len )
-                         == 0 );
+                 == 0 );
 
 exit:
     psa_destroy_key( slot );
@@ -1398,8 +1400,8 @@ exit:
 
 /* BEGIN_CASE */
 void asymmetric_encrypt_fail( int key_type_arg, data_t *key_data,
-                            int alg_arg, data_t *input_data,
-                            int expected_status_arg )
+                              int alg_arg, data_t *input_data,
+                              int expected_status_arg )
 {
 
 
@@ -1430,15 +1432,15 @@ void asymmetric_encrypt_fail( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data->x, (size_t) key_data->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
 
-    actual_status = psa_asymmetric_encrypt(slot, alg,
-                                    input_data->x,
-                                    (size_t) input_data->len,
-                                    NULL, 0,
-                                    output,
-                                    output_size,
-                                    &output_length);
+    actual_status = psa_asymmetric_encrypt( slot, alg,
+                                            input_data->x,
+                                            (size_t) input_data->len,
+                                            NULL, 0,
+                                            output,
+                                            output_size,
+                                            &output_length );
     TEST_ASSERT( actual_status == expected_status );
 
 exit:
@@ -1481,17 +1483,17 @@ void asymmetric_decrypt( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data->x, (size_t) key_data->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
 
     TEST_ASSERT( psa_asymmetric_decrypt( slot, alg,
-                                    input_data->x,
-                                    (size_t) input_data->len,
-                                    NULL, 0,
-                                    output,
-                                    output_size,
-                                    &output_length) == PSA_SUCCESS );
-    TEST_ASSERT( ((size_t)expected_size) == output_length );
-    TEST_ASSERT( memcmp( expected_data->x, output, (output_length) ) == 0 );
+                                         input_data->x,
+                                         (size_t) input_data->len,
+                                         NULL, 0,
+                                         output,
+                                         output_size,
+                                         &output_length ) == PSA_SUCCESS );
+    TEST_ASSERT( ( (size_t) expected_size ) == output_length );
+    TEST_ASSERT( memcmp( expected_data->x, output, ( output_length ) ) == 0 );
 
 exit:
     psa_destroy_key( slot );
@@ -1505,8 +1507,8 @@ exit:
 
 /* BEGIN_CASE */
 void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data,
-                            int alg_arg, data_t *input_data,
-                            int expected_status_arg  )
+                              int alg_arg, data_t *input_data,
+                              int expected_status_arg  )
 {
 
     int slot = 1;
@@ -1536,20 +1538,20 @@ void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_import_key( slot, key_type,
                                  key_data->x, (size_t) key_data->len ) ==
-                                 PSA_SUCCESS );
+                 PSA_SUCCESS );
 
-    actual_status = psa_asymmetric_decrypt(slot, alg,
-                                    input_data->x,
-                                    (size_t) input_data->len,
-                                    NULL, 0,
-                                    output,
-                                    output_size,
-                                    &output_length);
+    actual_status = psa_asymmetric_decrypt( slot, alg,
+                                            input_data->x,
+                                            (size_t) input_data->len,
+                                            NULL, 0,
+                                            output,
+                                            output_size,
+                                            &output_length );
     TEST_ASSERT( actual_status == expected_status );
 
 exit:
     psa_destroy_key( slot );
-    mbedtls_free( output);
+    mbedtls_free( output );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */

From c1bb6c8dcca3686698104374f45c6dec5a5b67d6 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 16:04:39 +0200
Subject: [PATCH 255/889] Formatting improvements

Avoid lines longer than 80 columns.

Remove some redundant parentheses, e.g. change
    if( ( a == b ) && ( c == d ) )
to
    if( a == b && c == d )
which makes lines less long and makes the remaining parentheses more
relevant.

Add missing parentheses around return statements.

There should be no semantic change in this commit.
---
 library/psa_crypto.c                        | 71 +++++++++---------
 tests/suites/test_suite_psa_crypto.function | 81 ++++++++++++++-------
 2 files changed, 92 insertions(+), 60 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 954895910..ff03abd16 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -490,11 +490,12 @@ static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
 
-    if( export_public_key && ( !( PSA_KEY_TYPE_IS_ASYMMETRIC( slot->type ) ) ) )
+    if( export_public_key && ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->type ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    if( ( !export_public_key ) && ( !( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ) ) &&
-        ( !( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) ) )
+    if( ! export_public_key &&
+        ! PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) &&
+        ( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) == 0 )
         return( PSA_ERROR_NOT_PERMITTED );
 
     if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
@@ -551,8 +552,8 @@ psa_status_t psa_export_key( psa_key_slot_t key,
                              size_t data_size,
                              size_t *data_length )
 {
-    return psa_internal_export_key( key, data, data_size,
-                                    data_length, 0 );
+    return( psa_internal_export_key( key, data, data_size,
+                                     data_length, 0 ) );
 }
 
 
@@ -561,8 +562,8 @@ psa_status_t psa_export_public_key( psa_key_slot_t key,
                                     size_t data_size,
                                     size_t *data_length )
 {
-    return psa_internal_export_key( key, data, data_size,
-                                    data_length, 1 );
+    return( psa_internal_export_key( key, data, data_size,
+                                     data_length, 1 ) );
 }
 
 /****************************************************************/
@@ -1030,7 +1031,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
             if( PSA_ALG_IS_HMAC( operation->alg ) )
             {
                 unsigned int block_size =
-                    psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( operation->alg ) ) );
+                    psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) );
 
                 if( block_size == 0 )
                     return( PSA_ERROR_NOT_SUPPORTED );
@@ -1082,13 +1083,13 @@ static int psa_hmac_start( psa_mac_operation_t *operation,
     unsigned char *opad = operation->ctx.hmac.opad;
     size_t i;
     size_t block_size =
-        psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( alg ) ) );
+        psa_get_hash_block_size( PSA_ALG_HMAC_HASH( alg ) );
     unsigned int digest_size =
-        PSA_HASH_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) );
+        PSA_HASH_SIZE( PSA_ALG_HMAC_HASH( alg ) );
     size_t key_length = slot->data.raw.bytes;
     psa_status_t status;
 
-    if( ( block_size == 0 ) || ( digest_size == 0 ) )
+    if( block_size == 0 || digest_size == 0 )
         return( PSA_ERROR_NOT_SUPPORTED );
 
     if( key_type != PSA_KEY_TYPE_HMAC )
@@ -1253,14 +1254,14 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
             }
             break;
     }
-    if( ( ret != 0 ) || ( status != PSA_SUCCESS ) )
+    if( ret != 0 || status != PSA_SUCCESS )
     {
         psa_mac_abort( operation );
         if( ret != 0 )
             status = mbedtls_to_psa_error( ret );
     }
 
-    return status;
+    return( status );
 }
 
 static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
@@ -1299,7 +1300,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                 unsigned char *opad = operation->ctx.hmac.opad;
                 size_t hash_size = 0;
                 size_t block_size =
-                    psa_get_hash_block_size( ( PSA_ALG_HMAC_HASH( operation->alg ) ) );
+                    psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) );
 
                 if( block_size == 0 )
                     return( PSA_ERROR_NOT_SUPPORTED );
@@ -1339,7 +1340,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
     }
 cleanup:
 
-    if( ( ret == 0 ) && ( status == PSA_SUCCESS ) )
+    if( ret == 0 && status == PSA_SUCCESS )
     {
         return( psa_mac_abort( operation ) );
     }
@@ -1349,7 +1350,7 @@ cleanup:
         if( ret != 0 )
             status = mbedtls_to_psa_error( ret );
 
-        return status;
+        return( status );
     }
 }
 
@@ -1358,7 +1359,7 @@ psa_status_t psa_mac_finish( psa_mac_operation_t *operation,
                              size_t mac_size,
                              size_t *mac_length )
 {
-    if( !( operation->key_usage_sign ) )
+    if( ! operation->key_usage_sign )
         return( PSA_ERROR_NOT_PERMITTED );
 
     return( psa_mac_finish_internal( operation, mac,
@@ -1377,7 +1378,7 @@ psa_status_t psa_mac_verify( psa_mac_operation_t *operation,
     size_t actual_mac_length;
     psa_status_t status;
 
-    if( !( operation->key_usage_verify ) )
+    if( ! operation->key_usage_verify )
         return( PSA_ERROR_NOT_PERMITTED );
 
     status = psa_mac_finish_internal( operation,
@@ -1546,8 +1547,8 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
         return( PSA_ERROR_NOT_PERMITTED );
 
 #if defined(MBEDTLS_RSA_C)
-    if( ( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) ||
-        ( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) )
+    if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ||
+        slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY )
     {
         mbedtls_rsa_context *rsa = slot->data.rsa;
         int ret;
@@ -1639,8 +1640,8 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
         return( PSA_ERROR_NOT_PERMITTED );
 
 #if defined(MBEDTLS_RSA_C)
-    if( ( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ) ||
-        ( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ) )
+    if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ||
+        slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY )
     {
         mbedtls_rsa_context *rsa = slot->data.rsa;
         int ret;
@@ -1830,7 +1831,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
     operation->block_size = ( PSA_ALG_IS_BLOCK_CIPHER( alg ) ?
                               PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) :
                               1 );
-    if( PSA_ALG_IS_BLOCK_CIPHER( alg ) || ( alg == PSA_ALG_CTR ) )
+    if( PSA_ALG_IS_BLOCK_CIPHER( alg ) || alg == PSA_ALG_CTR )
     {
         operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     }
@@ -1842,14 +1843,14 @@ psa_status_t psa_encrypt_setup( psa_cipher_operation_t *operation,
                                 psa_key_slot_t key,
                                 psa_algorithm_t alg )
 {
-    return psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT );
+    return( psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT ) );
 }
 
 psa_status_t psa_decrypt_setup( psa_cipher_operation_t *operation,
                                 psa_key_slot_t key,
                                 psa_algorithm_t alg )
 {
-    return psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT );
+    return( psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT ) );
 }
 
 psa_status_t psa_encrypt_generate_iv( psa_cipher_operation_t *operation,
@@ -1858,7 +1859,7 @@ psa_status_t psa_encrypt_generate_iv( psa_cipher_operation_t *operation,
                                       size_t *iv_length )
 {
     int ret = PSA_SUCCESS;
-    if( operation->iv_set || !( operation->iv_required ) )
+    if( operation->iv_set || ! operation->iv_required )
         return( PSA_ERROR_BAD_STATE );
     if( iv_size < operation->iv_size )
     {
@@ -1887,7 +1888,7 @@ psa_status_t psa_encrypt_set_iv( psa_cipher_operation_t *operation,
                                  size_t iv_length )
 {
     int ret = PSA_SUCCESS;
-    if( operation->iv_set || !( operation->iv_required ) )
+    if( operation->iv_set || ! operation->iv_required )
         return( PSA_ERROR_BAD_STATE );
     if( iv_length != operation->iv_size )
     {
@@ -2053,9 +2054,11 @@ psa_status_t psa_set_key_policy( psa_key_slot_t key,
     if( slot->type != PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_OCCUPIED_SLOT );
 
-    if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT
-                             | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_SIGN
-                             | PSA_KEY_USAGE_VERIFY ) ) != 0 )
+    if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT |
+                             PSA_KEY_USAGE_ENCRYPT |
+                             PSA_KEY_USAGE_DECRYPT |
+                             PSA_KEY_USAGE_SIGN |
+                             PSA_KEY_USAGE_VERIFY ) ) != 0 )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     slot->policy = *policy;
@@ -2164,7 +2167,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     if( cipher_info == NULL )
         return( PSA_ERROR_NOT_SUPPORTED );
 
-    if( !( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) )
+    if( ( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) == 0 )
         return( PSA_ERROR_NOT_PERMITTED );
 
     if( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) !=
@@ -2231,7 +2234,8 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
             return( mbedtls_to_psa_error( ret ) );
         }
         ret = mbedtls_ccm_encrypt_and_tag( &ccm, plaintext_length,
-                                           nonce, nonce_length, additional_data,
+                                           nonce, nonce_length,
+                                           additional_data,
                                            additional_data_length,
                                            plaintext, ciphertext,
                                            tag, tag_length );
@@ -2369,7 +2373,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         }
         ret = mbedtls_ccm_auth_decrypt( &ccm, ciphertext_length - tag_length,
                                         nonce, nonce_length,
-                                        additional_data, additional_data_length,
+                                        additional_data,
+                                        additional_data_length,
                                         ciphertext, plaintext,
                                         tag, tag_length );
         mbedtls_ccm_free( &ccm );
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 5a68074e4..5e66986ae 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -186,7 +186,8 @@ void import_export_public_key( data_t *data,
 
     /* Test the key information */
     TEST_ASSERT( psa_get_key_information( slot,
-                                          &got_type, &got_bits ) == PSA_SUCCESS );
+                                          &got_type,
+                                          &got_bits ) == PSA_SUCCESS );
     TEST_ASSERT( got_type == type );
     TEST_ASSERT( got_bits == (size_t) expected_bits );
 
@@ -348,7 +349,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, (size_t) key->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_encrypt_setup( &operation,
+                                    key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
@@ -413,7 +415,8 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, (size_t) key->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_encrypt_setup( &operation,
+                                    key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
@@ -482,7 +485,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, (size_t) key->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_decrypt_setup( &operation,
+                                    key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
@@ -552,7 +556,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, (size_t) key->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_decrypt_setup( &operation, key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_decrypt_setup( &operation,
+                                    key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
@@ -620,8 +625,10 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, (size_t) key->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_encrypt_setup( &operation1,
+                                    key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_decrypt_setup( &operation2,
+                                    key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
                                           iv, iv_size,
@@ -704,8 +711,10 @@ void cipher_verify_output_multipart( int alg_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, (size_t) key->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_setup( &operation1, key_slot, alg ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_decrypt_setup( &operation2, key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_encrypt_setup( &operation1,
+                                    key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_decrypt_setup( &operation2,
+                                    key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
                                           iv, iv_size,
@@ -775,9 +784,13 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void aead_encrypt_decrypt( int key_type_arg, data_t * key_data,
-                           int alg_arg, data_t * input_data, data_t * nonce,
-                           data_t * additional_data, int expected_result_arg )
+void aead_encrypt_decrypt( int key_type_arg,
+                           data_t * key_data,
+                           int alg_arg,
+                           data_t * input_data,
+                           data_t * nonce,
+                           data_t * additional_data,
+                           int expected_result_arg )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -808,7 +821,9 @@ void aead_encrypt_decrypt( int key_type_arg, data_t * key_data,
 
     psa_key_policy_init( &policy );
 
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT , alg );
+    psa_key_policy_set_usage( &policy,
+                              PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
+                              alg );
 
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
@@ -833,8 +848,9 @@ void aead_encrypt_decrypt( int key_type_arg, data_t * key_data,
                                        nonce->x, (size_t) nonce->len,
                                        additional_data->x,
                                        (size_t) additional_data->len,
-                                       output_data, output_length, output_data2,
-                                       output_length, &output_length2 ) ==
+                                       output_data, output_length,
+                                       output_data2, output_length,
+                                       &output_length2 ) ==
                      expected_result );
 
 
@@ -898,8 +914,8 @@ void aead_encrypt( int key_type_arg, data_t * key_data,
                                    additional_data->x,
                                    (size_t) additional_data->len,
                                    input_data->x, (size_t) input_data->len,
-                                   output_data,
-                                   output_size, &output_length ) == PSA_SUCCESS );
+                                   output_data, output_size,
+                                   &output_length ) == PSA_SUCCESS );
 
 
     TEST_ASSERT( memcmp( output_data, expected_result->x,
@@ -959,7 +975,8 @@ void aead_decrypt( int key_type_arg, data_t * key_data,
 
     TEST_ASSERT( psa_aead_decrypt( slot, alg,
                                    nonce->x, (size_t) nonce->len,
-                                   additional_data->x, (size_t) additional_data->len,
+                                   additional_data->x,
+                                   (size_t) additional_data->len,
                                    input_data->x, (size_t) input_data->len,
                                    output_data,
                                    output_size, &output_length ) ==
@@ -982,7 +999,10 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void signature_size( int type_arg, int bits, int alg_arg, int expected_size_arg )
+void signature_size( int type_arg,
+                     int bits,
+                     int alg_arg,
+                     int expected_size_arg )
 {
     psa_key_type_t type = type_arg;
     psa_algorithm_t alg = alg_arg;
@@ -1028,7 +1048,8 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
                                           NULL,
                                           &key_bits ) == PSA_SUCCESS );
 
-    signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type, key_bits, alg );
+    signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type,
+                                                      key_bits, alg );
     TEST_ASSERT( signature_size != 0 );
     signature = mbedtls_calloc( 1, signature_size );
     TEST_ASSERT( signature != NULL );
@@ -1117,9 +1138,11 @@ void key_policy( int usage_arg, int alg_arg )
 
     psa_key_policy_set_usage( &policy_set, usage_arg, alg_arg );
 
-    TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == (psa_key_usage_t) usage_arg );
+    TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) ==
+                 (psa_key_usage_t) usage_arg );
 
-    TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == (psa_algorithm_t) alg_arg );
+    TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) ==
+                 (psa_algorithm_t) alg_arg );
 
     TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS );
 
@@ -1218,7 +1241,9 @@ exit:
 
 
 /* BEGIN_CASE */
-void key_lifetime_set_fail( int key_slot_arg, int lifetime_arg, int expected_status_arg )
+void key_lifetime_set_fail( int key_slot_arg,
+                            int lifetime_arg,
+                            int expected_status_arg )
 {
     int key_slot = 1;
     psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
@@ -1360,7 +1385,9 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg_arg );
+    psa_key_policy_set_usage( &policy,
+                              PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
+                              alg_arg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
@@ -1385,8 +1412,8 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data,
                                          output2,
                                          output2_size,
                                          &output2_length ) == PSA_SUCCESS );
-    TEST_ASSERT( memcmp( input_data->x, output2, (size_t) input_data->len )
-                 == 0 );
+    TEST_ASSERT( memcmp( input_data->x, output2,
+                         (size_t) input_data->len ) == 0 );
 
 exit:
     psa_destroy_key( slot );
@@ -1493,7 +1520,7 @@ void asymmetric_decrypt( int key_type_arg, data_t *key_data,
                                          output_size,
                                          &output_length ) == PSA_SUCCESS );
     TEST_ASSERT( ( (size_t) expected_size ) == output_length );
-    TEST_ASSERT( memcmp( expected_data->x, output, ( output_length ) ) == 0 );
+    TEST_ASSERT( memcmp( expected_data->x, output, output_length ) == 0 );
 
 exit:
     psa_destroy_key( slot );

From 803ce7402ac3776e1667d735e971c456f8137fea Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 16:07:14 +0200
Subject: [PATCH 256/889] Change sizeof(type) to sizeof(variable)

---
 library/psa_crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ff03abd16..190341fbd 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2021,7 +2021,7 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation )
 
 void psa_key_policy_init( psa_key_policy_t *policy )
 {
-    memset( policy, 0, sizeof( psa_key_policy_t ) );
+    memset( policy, 0, sizeof( *policy ) );
 }
 
 void psa_key_policy_set_usage( psa_key_policy_t *policy,

From 7bcfc0a9aeced4d4f011ba7865682d961e932c71 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 21:49:39 +0200
Subject: [PATCH 257/889] Be more consistent about blank lines

---
 library/psa_crypto.c                        | 17 ++++++++------
 tests/suites/test_suite_psa_crypto.function | 26 ---------------------
 2 files changed, 10 insertions(+), 33 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 190341fbd..e5ac7bd81 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -305,6 +305,8 @@ static psa_status_t mbedtls_to_psa_error( int ret )
     }
 }
 
+
+
 /****************************************************************/
 /* Key management */
 /****************************************************************/
@@ -556,7 +558,6 @@ psa_status_t psa_export_key( psa_key_slot_t key,
                                      data_length, 0 ) );
 }
 
-
 psa_status_t psa_export_public_key( psa_key_slot_t key,
                                     uint8_t *data,
                                     size_t data_size,
@@ -566,6 +567,8 @@ psa_status_t psa_export_public_key( psa_key_slot_t key,
                                      data_length, 1 ) );
 }
 
+
+
 /****************************************************************/
 /* Message digests */
 /****************************************************************/
@@ -909,7 +912,6 @@ psa_status_t psa_hash_verify( psa_hash_operation_t *operation,
 
 
 
-
 /****************************************************************/
 /* MAC */
 /****************************************************************/
@@ -1395,7 +1397,6 @@ psa_status_t psa_mac_verify( psa_mac_operation_t *operation,
 
 
 
-
 /****************************************************************/
 /* Asymmetric cryptography */
 /****************************************************************/
@@ -1679,7 +1680,6 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
     {
         return( PSA_ERROR_NOT_SUPPORTED );
     }
-
 }
 
 psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
@@ -1748,9 +1748,10 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
     {
         return( PSA_ERROR_NOT_SUPPORTED );
     }
-
 }
 
+
+
 /****************************************************************/
 /* Symmetric cryptography */
 /****************************************************************/
@@ -2015,6 +2016,7 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation )
 }
 
 
+
 /****************************************************************/
 /* Key Policy */
 /****************************************************************/
@@ -2128,9 +2130,11 @@ psa_status_t psa_set_key_lifetime( psa_key_slot_t key,
 }
 
 
+
 /****************************************************************/
 /* AEAD */
 /****************************************************************/
+
 psa_status_t psa_aead_encrypt( psa_key_slot_t key,
                                psa_algorithm_t alg,
                                const uint8_t *nonce,
@@ -2223,8 +2227,6 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         //update the tag pointer to point to the end of the ciphertext_length
         tag = ciphertext + plaintext_length;
 
-
-
         mbedtls_ccm_init( &ccm );
         ret = mbedtls_ccm_setkey( &ccm, cipher_id,
                                   slot->data.raw.data, key_bits );
@@ -2393,6 +2395,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
 }
 
 
+
 /****************************************************************/
 /* Module setup */
 /****************************************************************/
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 5e66986ae..3de4745bf 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -145,7 +145,6 @@ exit:
 }
 /* END_CASE */
 
-
 /* BEGIN_CASE */
 void import_export_public_key( data_t *data,
                                int type_arg,
@@ -317,7 +316,6 @@ exit:
 }
 /* END_CASE */
 
-
 /* BEGIN_CASE */
 void cipher_encrypt( int alg_arg, int key_type_arg,
                      data_t *key,
@@ -524,7 +522,6 @@ exit:
 }
 /* END_CASE */
 
-
 /* BEGIN_CASE */
 void cipher_decrypt( int alg_arg, int key_type_arg,
                      data_t *key,
@@ -585,7 +582,6 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
                              (size_t) expected_output->len ) == 0 );
     }
 
-
 exit:
     mbedtls_free( output );
     psa_destroy_key( key_slot );
@@ -593,7 +589,6 @@ exit:
 }
 /* END_CASE */
 
-
 /* BEGIN_CASE */
 void cipher_verify_output( int alg_arg, int key_type_arg,
                            data_t *key,
@@ -853,12 +848,10 @@ void aead_encrypt_decrypt( int key_type_arg,
                                        &output_length2 ) ==
                      expected_result );
 
-
         TEST_ASSERT( memcmp( input_data->x, output_data2,
                              (size_t) input_data->len ) == 0 );
     }
 
-
 exit:
     psa_destroy_key( slot );
     mbedtls_free( output_data );
@@ -917,11 +910,9 @@ void aead_encrypt( int key_type_arg, data_t * key_data,
                                    output_data, output_size,
                                    &output_length ) == PSA_SUCCESS );
 
-
     TEST_ASSERT( memcmp( output_data, expected_result->x,
                          output_length ) == 0 );
 
-
 exit:
     psa_destroy_key( slot );
     mbedtls_free( output_data );
@@ -945,7 +936,6 @@ void aead_decrypt( int key_type_arg, data_t * key_data,
     psa_key_policy_t policy = {0};
     psa_status_t expected_result = (psa_status_t) expected_result_arg;
 
-
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
     TEST_ASSERT( additional_data != NULL );
@@ -982,15 +972,12 @@ void aead_decrypt( int key_type_arg, data_t * key_data,
                                    output_size, &output_length ) ==
                  expected_result );
 
-
     if( expected_result == PSA_SUCCESS )
     {
         TEST_ASSERT( memcmp( output_data, expected_data->x,
                              output_length ) == 0 );
     }
 
-
-
 exit:
     psa_destroy_key( slot );
     mbedtls_free( output_data );
@@ -1239,7 +1226,6 @@ exit:
 }
 /* END_CASE */
 
-
 /* BEGIN_CASE */
 void key_lifetime_set_fail( int key_slot_arg,
                             int lifetime_arg,
@@ -1312,7 +1298,6 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
                              data_t *signature_data,
                              int expected_status_arg )
 {
-
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
@@ -1345,7 +1330,6 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
                                            signature_data->x,
                                            (size_t) signature_data->len );
 
-
     TEST_ASSERT( actual_status == expected_status );
 
 exit:
@@ -1354,7 +1338,6 @@ exit:
 }
 /* END_CASE */
 
-
 /* BEGIN_CASE */
 void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data,
                                  int alg_arg, data_t *input_data )
@@ -1420,18 +1403,14 @@ exit:
     mbedtls_free( output );
     mbedtls_free( output2 );
     mbedtls_psa_crypto_free( );
-
 }
 /* END_CASE */
 
-
 /* BEGIN_CASE */
 void asymmetric_encrypt_fail( int key_type_arg, data_t *key_data,
                               int alg_arg, data_t *input_data,
                               int expected_status_arg )
 {
-
-
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
@@ -1474,7 +1453,6 @@ exit:
     psa_destroy_key( slot );
     mbedtls_free( output );
     mbedtls_psa_crypto_free( );
-
 }
 /* END_CASE */
 
@@ -1526,18 +1504,14 @@ exit:
     psa_destroy_key( slot );
     mbedtls_free( output );
     mbedtls_psa_crypto_free( );
-
-
 }
 /* END_CASE */
 
-
 /* BEGIN_CASE */
 void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data,
                               int alg_arg, data_t *input_data,
                               int expected_status_arg  )
 {
-
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;

From 4abf741e6a4d5705de1f75b47a9f795efd5861f0 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 16:35:34 +0200
Subject: [PATCH 258/889] Hygiene improvements in PSA crypto test code

Get rid of many redundant casts. In particular, it is not useful to
cast uint32_t values to size_t before performing arithmetic or
comparisons on them.

Rewrap a number of function calls, many of which now have narrower
arguments thanks to the removed casts. When a function call doesn't
fit on a single line, avoid grouping unrelated parameters together,
but do try to group a buffer pointer and the associated size.

Define more auxiliary variables xxx of a particular integer
type (psa_algorithm_t, psa_key_usage_t, etc.) corresponding to a test
function xxx_arg which has the type int. This avoids the need to cast
xxx_arg to an unsigned type sometimes in the code.
---
 tests/suites/test_suite_psa_crypto.function | 351 +++++++++-----------
 1 file changed, 158 insertions(+), 193 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 3de4745bf..3786e57a3 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -41,7 +41,7 @@ void import( data_t *data, int type, int expected_status )
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
-    status = psa_import_key( slot, type, data->x, (size_t) data->len );
+    status = psa_import_key( slot, type, data->x, data->len );
     TEST_ASSERT( status == (psa_status_t) expected_status );
     if( status == PSA_SUCCESS )
         TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
@@ -64,6 +64,7 @@ void import_export( data_t *data,
     int slot = 1;
     int slot2 = slot + 1;
     psa_key_type_t type = type_arg;
+    psa_algorithm_t alg = alg_arg;
     psa_status_t status;
     unsigned char *exported = NULL;
     unsigned char *reexported = NULL;
@@ -87,19 +88,17 @@ void import_export( data_t *data,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, usage_arg, alg_arg );
-
+    psa_key_policy_set_usage( &policy, usage_arg, alg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     /* Import the key */
     TEST_ASSERT( psa_import_key( slot, type,
-                                 data->x, (size_t) data->len ) == PSA_SUCCESS );
+                                 data->x, data->len ) == PSA_SUCCESS );
 
     /* Test the key information */
     TEST_ASSERT( psa_get_key_information( slot,
-                                          &got_type, &got_bits ) ==
-                 PSA_SUCCESS );
+                                          &got_type,
+                                          &got_bits ) == PSA_SUCCESS );
     TEST_ASSERT( got_type == type );
     TEST_ASSERT( got_bits == (size_t) expected_bits );
 
@@ -113,20 +112,20 @@ void import_export( data_t *data,
 
     if( canonical_input )
     {
-        TEST_ASSERT( exported_length == (size_t) data->len );
-        TEST_ASSERT( memcmp( exported, data->x, (size_t) data->len ) == 0 );
+        TEST_ASSERT( exported_length == data->len );
+        TEST_ASSERT( memcmp( exported, data->x, data->len ) == 0 );
     }
     else
     {
         TEST_ASSERT( psa_set_key_policy( slot2, &policy ) == PSA_SUCCESS );
 
         TEST_ASSERT( psa_import_key( slot2, type,
-                                     exported, export_size ) ==
-                     PSA_SUCCESS );
+                                     exported,
+                                     export_size ) == PSA_SUCCESS );
         TEST_ASSERT( psa_export_key( slot2,
-                                     reexported, export_size,
-                                     &reexported_length ) ==
-                     PSA_SUCCESS );
+                                     reexported,
+                                     export_size,
+                                     &reexported_length ) == PSA_SUCCESS );
         TEST_ASSERT( reexported_length == exported_length );
         TEST_ASSERT( memcmp( reexported, exported,
                              exported_length ) == 0 );
@@ -155,6 +154,7 @@ void import_export_public_key( data_t *data,
 {
     int slot = 1;
     psa_key_type_t type = type_arg;
+    psa_algorithm_t alg = alg_arg;
     psa_status_t status;
     unsigned char *exported = NULL;
     size_t export_size;
@@ -172,16 +172,12 @@ void import_export_public_key( data_t *data,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT,
-                              alg_arg );
-
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     /* Import the key */
     TEST_ASSERT( psa_import_key( slot, type,
-                                 data->x, (size_t) data->len ) ==
-                 PSA_SUCCESS );
+                                 data->x, data->len ) == PSA_SUCCESS );
 
     /* Test the key information */
     TEST_ASSERT( psa_get_key_information( slot,
@@ -229,14 +225,13 @@ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
 
     TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_update( &operation,
-                                  input->x, (size_t) input->len ) ==
-                 PSA_SUCCESS );
+                                  input->x, input->len ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_finish( &operation,
                                   actual_hash, sizeof( actual_hash ),
                                   &actual_hash_length ) == PSA_SUCCESS );
-    TEST_ASSERT( actual_hash_length == (size_t) expected_hash->len );
+    TEST_ASSERT( actual_hash_length == expected_hash->len );
     TEST_ASSERT( memcmp( expected_hash->x, actual_hash,
-                         (size_t) expected_hash->len ) == 0 );
+                         expected_hash->len ) == 0 );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -258,12 +253,11 @@ void hash_verify( int alg_arg, data_t *input, data_t *expected_hash )
 
     TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_update( &operation,
-                                  input->x, (size_t) input->len ) ==
-                 PSA_SUCCESS );
+                                  input->x,
+                                  input->len ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_verify( &operation,
                                   expected_hash->x,
-                                  (size_t) expected_hash->len ) ==
-                 PSA_SUCCESS );
+                                  expected_hash->len ) == PSA_SUCCESS );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -293,22 +287,19 @@ void mac_verify( int key_type_arg, data_t *key,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg_arg );
-
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
     TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
+                                 key->x, key->len ) == PSA_SUCCESS );
     // TODO: support IV
     TEST_ASSERT( psa_mac_start( &operation, key_slot, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS );
     TEST_ASSERT( psa_mac_update( &operation,
-                                 input->x, (size_t) input->len ) ==
-                 PSA_SUCCESS );
+                                 input->x, input->len ) == PSA_SUCCESS );
     TEST_ASSERT( psa_mac_verify( &operation,
                                  expected_mac->x,
-                                 (size_t) expected_mac->len ) == PSA_SUCCESS );
+                                 expected_mac->len ) == PSA_SUCCESS );
 
 exit:
     psa_destroy_key( key_slot );
@@ -345,18 +336,19 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
+                                 key->x, key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_setup( &operation,
                                     key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
-    output_buffer_size = (size_t) input->len + operation.block_size;
+    output_buffer_size = input->len + operation.block_size;
     output = mbedtls_calloc( 1, output_buffer_size );
     TEST_ASSERT( output != NULL );
 
-    TEST_ASSERT( psa_cipher_update( &operation, input->x, (size_t) input->len,
+    TEST_ASSERT( psa_cipher_update( &operation,
+                                    input->x, input->len,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     total_output_length += function_output_length;
@@ -370,9 +362,9 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
     if( expected_status == PSA_SUCCESS )
     {
         TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
-        TEST_ASSERT( total_output_length == (size_t) expected_output->len );
+        TEST_ASSERT( total_output_length == expected_output->len );
         TEST_ASSERT( memcmp( expected_output->x, output,
-                             (size_t) expected_output->len ) == 0 );
+                             expected_output->len ) == 0 );
     }
 
 exit:
@@ -411,25 +403,25 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
+                                 key->x, key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_setup( &operation,
                                     key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
-    output_buffer_size = (size_t) input->len + operation.block_size;
+    output_buffer_size = input->len + operation.block_size;
     output = mbedtls_calloc( 1, output_buffer_size );
     TEST_ASSERT( output != NULL );
 
-    TEST_ASSERT( (unsigned int) first_part_size < (size_t) input->len );
+    TEST_ASSERT( (unsigned int) first_part_size < input->len );
     TEST_ASSERT( psa_cipher_update( &operation, input->x, first_part_size,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     total_output_length += function_output_length;
     TEST_ASSERT( psa_cipher_update( &operation,
                                     input->x + first_part_size,
-                                    (size_t) input->len - first_part_size,
+                                    input->len - first_part_size,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     total_output_length += function_output_length;
@@ -440,9 +432,9 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
     total_output_length += function_output_length;
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
-    TEST_ASSERT( total_output_length == (size_t) expected_output->len );
+    TEST_ASSERT( total_output_length == expected_output->len );
     TEST_ASSERT( memcmp( expected_output->x, output,
-                         (size_t) expected_output->len ) == 0 );
+                         expected_output->len ) == 0 );
 
 exit:
     mbedtls_free( output );
@@ -481,7 +473,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
+                                 key->x, key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_decrypt_setup( &operation,
                                     key_slot, alg ) == PSA_SUCCESS );
@@ -489,18 +481,19 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
 
-    output_buffer_size = (size_t) input->len + operation.block_size;
+    output_buffer_size = input->len + operation.block_size;
     output = mbedtls_calloc( 1, output_buffer_size );
     TEST_ASSERT( output != NULL );
 
-    TEST_ASSERT( (unsigned int) first_part_size < (size_t) input->len );
-    TEST_ASSERT( psa_cipher_update( &operation, input->x, first_part_size,
+    TEST_ASSERT( (unsigned int) first_part_size < input->len );
+    TEST_ASSERT( psa_cipher_update( &operation,
+                                    input->x, first_part_size,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     total_output_length += function_output_length;
     TEST_ASSERT( psa_cipher_update( &operation,
                                     input->x + first_part_size,
-                                    (size_t) input->len - first_part_size,
+                                    input->len - first_part_size,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     total_output_length += function_output_length;
@@ -511,9 +504,9 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     total_output_length += function_output_length;
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
-    TEST_ASSERT( total_output_length == (size_t) expected_output->len );
+    TEST_ASSERT( total_output_length == expected_output->len );
     TEST_ASSERT( memcmp( expected_output->x, output,
-                         (size_t) expected_output->len ) == 0 );
+                         expected_output->len ) == 0 );
 
 exit:
     mbedtls_free( output );
@@ -551,7 +544,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
+                                 key->x, key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_decrypt_setup( &operation,
                                     key_slot, alg ) == PSA_SUCCESS );
@@ -559,11 +552,12 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
 
-    output_buffer_size = (size_t) input->len + operation.block_size;
+    output_buffer_size = input->len + operation.block_size;
     output = mbedtls_calloc( 1, output_buffer_size );
     TEST_ASSERT( output != NULL );
 
-    TEST_ASSERT( psa_cipher_update( &operation, input->x, (size_t) input->len,
+    TEST_ASSERT( psa_cipher_update( &operation,
+                                    input->x, input->len,
                                     output, output_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     total_output_length += function_output_length;
@@ -577,9 +571,9 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     if( expected_status == PSA_SUCCESS )
     {
         TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
-        TEST_ASSERT( total_output_length == (size_t) expected_output->len );
+        TEST_ASSERT( total_output_length == expected_output->len );
         TEST_ASSERT( memcmp( expected_output->x, output,
-                             (size_t) expected_output->len ) == 0 );
+                             expected_output->len ) == 0 );
     }
 
 exit:
@@ -618,7 +612,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
+                                 key->x, key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_setup( &operation1,
                                     key_slot, alg ) == PSA_SUCCESS );
@@ -628,11 +622,11 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
                                           iv, iv_size,
                                           &iv_length ) == PSA_SUCCESS );
-    output1_size = (size_t) input->len + operation1.block_size;
+    output1_size = input->len + operation1.block_size;
     output1 = mbedtls_calloc( 1, output1_size );
     TEST_ASSERT( output1 != NULL );
 
-    TEST_ASSERT( psa_cipher_update( &operation1, input->x, (size_t) input->len,
+    TEST_ASSERT( psa_cipher_update( &operation1, input->x, input->len,
                                     output1, output1_size,
                                     &output1_length ) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_finish( &operation1,
@@ -662,8 +656,8 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 
-    TEST_ASSERT( (size_t) input->len == output2_length );
-    TEST_ASSERT( memcmp( input->x, output2, (size_t) input->len ) == 0 );
+    TEST_ASSERT( input->len == output2_length );
+    TEST_ASSERT( memcmp( input->x, output2, input->len ) == 0 );
 
 exit:
     mbedtls_free( output1 );
@@ -704,7 +698,7 @@ void cipher_verify_output_multipart( int alg_arg,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key->x, (size_t) key->len ) == PSA_SUCCESS );
+                                 key->x, key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_setup( &operation1,
                                     key_slot, alg ) == PSA_SUCCESS );
@@ -714,11 +708,11 @@ void cipher_verify_output_multipart( int alg_arg,
     TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
                                           iv, iv_size,
                                           &iv_length ) == PSA_SUCCESS );
-    output1_buffer_size = (size_t) input->len + operation1.block_size;
+    output1_buffer_size = input->len + operation1.block_size;
     output1 = mbedtls_calloc( 1, output1_buffer_size );
     TEST_ASSERT( output1 != NULL );
 
-    TEST_ASSERT( (unsigned int) first_part_size < (size_t) input->len );
+    TEST_ASSERT( (unsigned int) first_part_size < input->len );
 
     TEST_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size,
                                     output1, output1_buffer_size,
@@ -727,7 +721,7 @@ void cipher_verify_output_multipart( int alg_arg,
 
     TEST_ASSERT( psa_cipher_update( &operation1,
                                     input->x + first_part_size,
-                                    (size_t) input->len - first_part_size,
+                                    input->len - first_part_size,
                                     output1, output1_buffer_size,
                                     &function_output_length ) == PSA_SUCCESS );
     output1_length += function_output_length;
@@ -767,8 +761,8 @@ void cipher_verify_output_multipart( int alg_arg,
 
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 
-    TEST_ASSERT( (size_t) input->len == output2_length );
-    TEST_ASSERT( memcmp( input->x, output2, (size_t) input->len ) == 0 );
+    TEST_ASSERT( input->len == output2_length );
+    TEST_ASSERT( memcmp( input->x, output2, input->len ) == 0 );
 
 exit:
     mbedtls_free( output1 );
@@ -796,7 +790,7 @@ void aead_encrypt_decrypt( int key_type_arg,
     unsigned char *output_data2 = NULL;
     size_t output_length2 = 0;
     size_t tag_length = 16;
-    psa_status_t expected_result = (psa_status_t) expected_result_arg;
+    psa_status_t expected_result = expected_result_arg;
     psa_key_policy_t policy = {0};
 
     TEST_ASSERT( key_data != NULL );
@@ -808,31 +802,28 @@ void aead_encrypt_decrypt( int key_type_arg,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) );
 
-    output_size = (size_t) input_data->len + tag_length;
+    output_size = input_data->len + tag_length;
     output_data = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output_data != NULL );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
     psa_key_policy_set_usage( &policy,
                               PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
                               alg );
-
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) == PSA_SUCCESS );
+                                 key_data->x, key_data->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_aead_encrypt( slot, alg,
-                                   nonce->x, (size_t) nonce->len,
+                                   nonce->x, nonce->len,
                                    additional_data->x,
-                                   (size_t) additional_data->len,
-                                   input_data->x, (size_t) input_data->len,
-                                   output_data,
-                                   output_size, &output_length ) ==
-                 expected_result );
+                                   additional_data->len,
+                                   input_data->x, input_data->len,
+                                   output_data, output_size,
+                                   &output_length ) == expected_result );
 
     if( PSA_SUCCESS == expected_result )
     {
@@ -840,16 +831,15 @@ void aead_encrypt_decrypt( int key_type_arg,
         TEST_ASSERT( output_data2 != NULL );
 
         TEST_ASSERT( psa_aead_decrypt( slot, alg,
-                                       nonce->x, (size_t) nonce->len,
+                                       nonce->x, nonce->len,
                                        additional_data->x,
-                                       (size_t) additional_data->len,
+                                       additional_data->len,
                                        output_data, output_length,
                                        output_data2, output_length,
-                                       &output_length2 ) ==
-                     expected_result );
+                                       &output_length2 ) == expected_result );
 
         TEST_ASSERT( memcmp( input_data->x, output_data2,
-                             (size_t) input_data->len ) == 0 );
+                             input_data->len ) == 0 );
     }
 
 exit:
@@ -886,27 +876,24 @@ void aead_encrypt( int key_type_arg, data_t * key_data,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_result->len ) );
 
-    output_size = (size_t) input_data->len + tag_length;
+    output_size = input_data->len + tag_length;
     output_data = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output_data != NULL );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg );
-
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) ==
-                 PSA_SUCCESS );
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_aead_encrypt( slot, alg,
-                                   nonce->x, (size_t) nonce->len,
-                                   additional_data->x,
-                                   (size_t) additional_data->len,
-                                   input_data->x, (size_t) input_data->len,
+                                   nonce->x, nonce->len,
+                                   additional_data->x, additional_data->len,
+                                   input_data->x, input_data->len,
                                    output_data, output_size,
                                    &output_length ) == PSA_SUCCESS );
 
@@ -934,7 +921,7 @@ void aead_decrypt( int key_type_arg, data_t * key_data,
     size_t output_length = 0;
     size_t tag_length = 16;
     psa_key_policy_t policy = {0};
-    psa_status_t expected_result = (psa_status_t) expected_result_arg;
+    psa_status_t expected_result = expected_result_arg;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
@@ -947,30 +934,27 @@ void aead_decrypt( int key_type_arg, data_t * key_data,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) );
 
-    output_size = (size_t) input_data->len + tag_length;
+    output_size = input_data->len + tag_length;
     output_data = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output_data != NULL );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg );
-
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) ==
-                 PSA_SUCCESS );
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_aead_decrypt( slot, alg,
-                                   nonce->x, (size_t) nonce->len,
+                                   nonce->x, nonce->len,
                                    additional_data->x,
-                                   (size_t) additional_data->len,
-                                   input_data->x, (size_t) input_data->len,
-                                   output_data,
-                                   output_size, &output_length ) ==
-                 expected_result );
+                                   additional_data->len,
+                                   input_data->x, input_data->len,
+                                   output_data, output_size,
+                                   &output_length ) == expected_result );
 
     if( expected_result == PSA_SUCCESS )
     {
@@ -1024,13 +1008,12 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg );
-
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) == PSA_SUCCESS );
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
     TEST_ASSERT( psa_get_key_information( slot,
                                           NULL,
                                           &key_bits ) == PSA_SUCCESS );
@@ -1042,13 +1025,13 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
     TEST_ASSERT( signature != NULL );
 
     TEST_ASSERT( psa_asymmetric_sign( slot, alg,
-                                      input_data->x, (size_t) input_data->len,
+                                      input_data->x, input_data->len,
                                       NULL, 0,
                                       signature, signature_size,
                                       &signature_length ) == PSA_SUCCESS );
-    TEST_ASSERT( signature_length == (size_t) output_data->len );
+    TEST_ASSERT( signature_length == output_data->len );
     TEST_ASSERT( memcmp( signature, output_data->x,
-                         (size_t) output_data->len ) == 0 );
+                         output_data->len ) == 0 );
 
 exit:
     psa_destroy_key( slot );
@@ -1082,18 +1065,15 @@ void sign_fail( int key_type_arg, data_t *key_data,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg_arg );
-
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) ==
-                 PSA_SUCCESS );
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
 
     actual_status = psa_asymmetric_sign( slot, alg,
-                                         input_data->x,
-                                         (size_t) input_data->len,
+                                         input_data->x, input_data->len,
                                          NULL, 0,
                                          signature, signature_size,
                                          &signature_length );
@@ -1111,6 +1091,8 @@ exit:
 void key_policy( int usage_arg, int alg_arg )
 {
     int key_slot = 1;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_usage_t usage = usage_arg;
     psa_key_type_t key_type = PSA_KEY_TYPE_AES;
     unsigned char key[32] = {0};
     psa_key_policy_t policy_set = {0};
@@ -1123,14 +1105,10 @@ void key_policy( int usage_arg, int alg_arg )
     psa_key_policy_init( &policy_set );
     psa_key_policy_init( &policy_get );
 
-    psa_key_policy_set_usage( &policy_set, usage_arg, alg_arg );
-
-    TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) ==
-                 (psa_key_usage_t) usage_arg );
-
-    TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) ==
-                 (psa_algorithm_t) alg_arg );
+    psa_key_policy_set_usage( &policy_set, usage, alg );
 
+    TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == usage );
+    TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == alg );
     TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
@@ -1152,6 +1130,8 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status,
                       data_t *keypair )
 {
     int key_slot = 1;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_usage_t usage = usage_arg;
     size_t signature_length = 0;
     psa_key_policy_t policy = {0};
     int actual_status = PSA_SUCCESS;
@@ -1159,32 +1139,31 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, usage_arg, alg_arg );
-
+    psa_key_policy_set_usage( &policy, usage, alg );
     TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
 
-    if( usage_arg & PSA_KEY_USAGE_EXPORT )
+    if( usage & PSA_KEY_USAGE_EXPORT )
     {
         TEST_ASSERT( keypair != NULL );
         TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
-        TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
-                                     keypair->x, (size_t) keypair->len ) ==
-                     PSA_SUCCESS );
-        actual_status = psa_asymmetric_sign( key_slot,
-                                             (psa_algorithm_t) alg_arg,
+        TEST_ASSERT( psa_import_key( key_slot,
+                                     PSA_KEY_TYPE_RSA_KEYPAIR,
+                                     keypair->x,
+                                     keypair->len ) == PSA_SUCCESS );
+        actual_status = psa_asymmetric_sign( key_slot, alg,
                                              NULL, 0,
                                              NULL, 0,
                                              NULL, 0, &signature_length );
     }
 
-    if( usage_arg & PSA_KEY_USAGE_SIGN )
+    if( usage & PSA_KEY_USAGE_SIGN )
     {
         TEST_ASSERT( keypair != NULL );
         TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
-        TEST_ASSERT( psa_import_key( key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
-                                     keypair->x, (size_t) keypair->len ) ==
-                     PSA_SUCCESS );
+        TEST_ASSERT( psa_import_key( key_slot,
+                                     PSA_KEY_TYPE_RSA_KEYPAIR,
+                                     keypair->x,
+                                     keypair->len ) == PSA_SUCCESS );
         actual_status = psa_export_key( key_slot, NULL, 0, NULL );
     }
 
@@ -1202,7 +1181,7 @@ void key_lifetime( int lifetime_arg )
     int key_slot = 1;
     psa_key_type_t key_type = PSA_ALG_CBC_BASE;
     unsigned char key[32] = {0};
-    psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
+    psa_key_lifetime_t lifetime_set = lifetime_arg;
     psa_key_lifetime_t lifetime_get;
 
     memset( key, 0x2a, sizeof( key ) );
@@ -1232,7 +1211,7 @@ void key_lifetime_set_fail( int key_slot_arg,
                             int expected_status_arg )
 {
     int key_slot = 1;
-    psa_key_lifetime_t lifetime_set = (psa_key_lifetime_t) lifetime_arg;
+    psa_key_lifetime_t lifetime_set = lifetime_arg;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
 
@@ -1271,21 +1250,18 @@ void asymmetric_verify( int key_type_arg, data_t *key_data,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg_arg );
-
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) ==
-                 PSA_SUCCESS );
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_asymmetric_verify( slot, alg,
-                                        hash_data->x, (size_t) hash_data->len,
+                                        hash_data->x, hash_data->len,
                                         NULL, 0,
                                         signature_data->x,
-                                        (size_t) signature_data->len ) ==
-                 PSA_SUCCESS );
+                                        signature_data->len ) == PSA_SUCCESS );
 exit:
     psa_destroy_key( slot );
     mbedtls_psa_crypto_free( );
@@ -1315,20 +1291,18 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg_arg );
-
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) ==
-                 PSA_SUCCESS );
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
 
     actual_status = psa_asymmetric_verify( slot, alg,
-                                           hash_data->x, (size_t) hash_data->len,
+                                           hash_data->x, hash_data->len,
                                            NULL, 0,
                                            signature_data->x,
-                                           (size_t) signature_data->len );
+                                           signature_data->len );
 
     TEST_ASSERT( actual_status == expected_status );
 
@@ -1358,7 +1332,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
 
-    output_size = (size_t) key_data->len;
+    output_size = key_data->len;
     output2_size = output_size;
     output = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output != NULL );
@@ -1370,33 +1344,29 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data,
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy,
                               PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
-                              alg_arg );
+                              alg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) ==
-                 PSA_SUCCESS );
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
 
     /* We test encryption by checking that encrypt-then-decrypt gives back
      * the original plaintext because of the non-optional random
      * part of encryption process which prevents using fixed vectors. */
     TEST_ASSERT( psa_asymmetric_encrypt( slot, alg,
-                                         input_data->x,
-                                         (size_t) input_data->len,
+                                         input_data->x, input_data->len,
                                          NULL, 0,
-                                         output,
-                                         output_size,
+                                         output, output_size,
                                          &output_length ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_asymmetric_decrypt( slot, alg,
-                                         output,
-                                         output_length,
+                                         output, output_length,
                                          NULL, 0,
-                                         output2,
-                                         output2_size,
+                                         output2, output2_size,
                                          &output2_length ) == PSA_SUCCESS );
     TEST_ASSERT( memcmp( input_data->x, output2,
-                         (size_t) input_data->len ) == 0 );
+                         input_data->len ) == 0 );
 
 exit:
     psa_destroy_key( slot );
@@ -1426,26 +1396,24 @@ void asymmetric_encrypt_fail( int key_type_arg, data_t *key_data,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
 
-    output_size = (size_t) key_data->len;
+    output_size = key_data->len;
     output = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output != NULL );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg_arg );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) ==
-                 PSA_SUCCESS );
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
 
     actual_status = psa_asymmetric_encrypt( slot, alg,
-                                            input_data->x,
-                                            (size_t) input_data->len,
+                                            input_data->x, input_data->len,
                                             NULL, 0,
-                                            output,
-                                            output_size,
+                                            output, output_size,
                                             &output_length );
     TEST_ASSERT( actual_status == expected_status );
 
@@ -1476,28 +1444,27 @@ void asymmetric_decrypt( int key_type_arg, data_t *key_data,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) );
 
-    output_size = (size_t) key_data->len;
+    output_size = key_data->len;
     output = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output != NULL );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg_arg );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) ==
-                 PSA_SUCCESS );
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_asymmetric_decrypt( slot, alg,
-                                         input_data->x,
-                                         (size_t) input_data->len,
+                                         input_data->x, input_data->len,
                                          NULL, 0,
                                          output,
                                          output_size,
                                          &output_length ) == PSA_SUCCESS );
-    TEST_ASSERT( ( (size_t) expected_size ) == output_length );
+    TEST_ASSERT( (size_t) expected_size == output_length );
     TEST_ASSERT( memcmp( expected_data->x, output, output_length ) == 0 );
 
 exit:
@@ -1527,26 +1494,24 @@ void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
 
-    output_size = (size_t) key_data->len;
+    output_size = key_data->len;
     output = mbedtls_calloc( 1, output_size );
     TEST_ASSERT( output != NULL );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg_arg );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
     TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x, (size_t) key_data->len ) ==
-                 PSA_SUCCESS );
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
 
     actual_status = psa_asymmetric_decrypt( slot, alg,
-                                            input_data->x,
-                                            (size_t) input_data->len,
+                                            input_data->x, input_data->len,
                                             NULL, 0,
-                                            output,
-                                            output_size,
+                                            output, output_size,
                                             &output_length );
     TEST_ASSERT( actual_status == expected_status );
 

From 01b929c85bfd2737402d2fcb57db86e845a42a0f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 16:40:34 +0200
Subject: [PATCH 259/889] Fix key_lifetime_set_fail not cleaning up the right
 key slot

---
 tests/suites/test_suite_psa_crypto.function | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 3786e57a3..01262e038 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1210,17 +1210,17 @@ void key_lifetime_set_fail( int key_slot_arg,
                             int lifetime_arg,
                             int expected_status_arg )
 {
-    int key_slot = 1;
+    psa_key_slot_t key_slot = key_slot_arg;
     psa_key_lifetime_t lifetime_set = lifetime_arg;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
-    actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set );
+    actual_status = psa_set_key_lifetime( key_slot, lifetime_set );
 
     if( actual_status == PSA_SUCCESS )
-        actual_status = psa_set_key_lifetime( key_slot_arg, lifetime_set );
+        actual_status = psa_set_key_lifetime( key_slot, lifetime_set );
 
     TEST_ASSERT( expected_status == actual_status );
 

From c0ec97222b5e8a94bfa8c05cf2c022cee92295a3 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 17:03:37 +0200
Subject: [PATCH 260/889] mac_verify: remove unused IV argument

We aren't going to have MAC with IV in the API any time soon, if at
all, so remove the embryonic support for it in the tests.
---
 tests/suites/test_suite_psa_crypto.data     | 52 ++++++++++-----------
 tests/suites/test_suite_psa_crypto.function | 12 ++---
 2 files changed, 32 insertions(+), 32 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 41a597de6..8a2e88eda 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -63,107 +63,107 @@ hash_verify:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5
 
 PSA MAC verify: HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"53616d706c65206d65737361676520666f72206b65796c656e3d626c6f636b6c656e":"8bb9a1db9806f20df7f77b82138c7914d174d59e13dc4d0169c9057b133e1d62"
+mac_verify:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):"53616d706c65206d65737361676520666f72206b65796c656e3d626c6f636b6c656e":"8bb9a1db9806f20df7f77b82138c7914d174d59e13dc4d0169c9057b133e1d62"
 
 PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-224
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
 
 PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"
 
 PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-384
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6"
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6"
 
 PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-512
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
 
 PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-224
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44"
+mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_224):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44"
 
 PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843"
+mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_256):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843"
 
 PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-384
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649"
+mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_384):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649"
 
 PSA MAC verify: RFC4231 Test case 2 - HMAC-SHA-512
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737"
+mac_verify:PSA_KEY_TYPE_HMAC:"4a656665":PSA_ALG_HMAC(PSA_ALG_SHA_512):"7768617420646f2079612077616e7420666f72206e6f7468696e673f":"164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737"
 
 PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-224
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea"
 
 PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe"
 
 PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-384
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27"
 
 PSA MAC verify: RFC4231 Test case 3 - HMAC-SHA-512
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd":"fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb"
 
 PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-224
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a"
+mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_224):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a"
 
 PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b"
+mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_256):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b"
 
 PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-384
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb"
+mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_384):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb"
 
 PSA MAC verify: RFC4231 Test case 4 - HMAC-SHA-512
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd"
+mac_verify:PSA_KEY_TYPE_HMAC:"0102030405060708090a0b0c0d0e0f10111213141516171819":PSA_ALG_HMAC(PSA_ALG_SHA_512):"cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd":"b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd"
 
 PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-224
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e"
 
 PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54"
 
 PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-384
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952"
 
 PSA MAC verify: RFC4231 Test case 6 - HMAC-SHA-512
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b6579202d2048617368204b6579204669727374":"80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598"
 
 PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-224
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"":"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1"
 
 PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2"
 
 PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-384
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"":"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_384):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e"
 
 PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-512
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
-mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"":"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58"
+mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58"
 
 PSA MAC verify: CMAC-AES-128
 depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
-mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"":"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
+mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
 
 PSA Symmetric encryption: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 01262e038..a89bdf90e 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -265,9 +265,11 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void mac_verify( int key_type_arg, data_t *key,
-                 int alg_arg, data_t *iv,
-                 data_t *input, data_t *expected_mac )
+void mac_verify( int key_type_arg,
+                 data_t *key,
+                 int alg_arg,
+                 data_t *input,
+                 data_t *expected_mac )
 {
     int key_slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -276,11 +278,9 @@ void mac_verify( int key_type_arg, data_t *key,
     psa_key_policy_t policy;
 
     TEST_ASSERT( key != NULL );
-    TEST_ASSERT( iv != NULL );
     TEST_ASSERT( input != NULL );
     TEST_ASSERT( expected_mac != NULL );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( iv->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_mac->len ) );
 
@@ -292,7 +292,7 @@ void mac_verify( int key_type_arg, data_t *key,
 
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
-    // TODO: support IV
+
     TEST_ASSERT( psa_mac_start( &operation, key_slot, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS );
     TEST_ASSERT( psa_mac_update( &operation,

From dec7261df175daac4a4ace5f3733485e8a372620 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 18:12:37 +0200
Subject: [PATCH 261/889] Remove redundant initialization of policies to {0}

Some compilers don't like initializing a structure to {0} (incomplete
initializer). It's redundant anyway since we always call
psa_key_policy_init.
---
 tests/suites/test_suite_psa_crypto.function | 32 ++++++++++-----------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index a89bdf90e..a88e02fd7 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -73,7 +73,7 @@ void import_export( data_t *data,
     size_t reexported_length;
     psa_key_type_t got_type;
     size_t got_bits;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( data != NULL );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
@@ -161,7 +161,7 @@ void import_export_public_key( data_t *data,
     size_t exported_length;
     psa_key_type_t got_type;
     size_t got_bits;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( data != NULL );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
@@ -791,7 +791,7 @@ void aead_encrypt_decrypt( int key_type_arg,
     size_t output_length2 = 0;
     size_t tag_length = 16;
     psa_status_t expected_result = expected_result_arg;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
@@ -863,7 +863,7 @@ void aead_encrypt( int key_type_arg, data_t * key_data,
     size_t output_size = 0;
     size_t output_length = 0;
     size_t tag_length = 16;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
@@ -920,7 +920,7 @@ void aead_decrypt( int key_type_arg, data_t * key_data,
     size_t output_size = 0;
     size_t output_length = 0;
     size_t tag_length = 16;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
     psa_status_t expected_result = expected_result_arg;
 
     TEST_ASSERT( key_data != NULL );
@@ -996,7 +996,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
     unsigned char *signature = NULL;
     size_t signature_size;
     size_t signature_length = 0xdeadbeef;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
@@ -1052,7 +1052,7 @@ void sign_fail( int key_type_arg, data_t *key_data,
     psa_status_t expected_status = expected_status_arg;
     unsigned char *signature = NULL;
     size_t signature_length = 0xdeadbeef;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
@@ -1095,8 +1095,8 @@ void key_policy( int usage_arg, int alg_arg )
     psa_key_usage_t usage = usage_arg;
     psa_key_type_t key_type = PSA_KEY_TYPE_AES;
     unsigned char key[32] = {0};
-    psa_key_policy_t policy_set = {0};
-    psa_key_policy_t policy_get = {0};
+    psa_key_policy_t policy_set;
+    psa_key_policy_t policy_get;
 
     memset( key, 0x2a, sizeof( key ) );
 
@@ -1133,7 +1133,7 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status,
     psa_algorithm_t alg = alg_arg;
     psa_key_usage_t usage = usage_arg;
     size_t signature_length = 0;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
     int actual_status = PSA_SUCCESS;
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
@@ -1238,7 +1238,7 @@ void asymmetric_verify( int key_type_arg, data_t *key_data,
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( hash_data != NULL );
@@ -1279,7 +1279,7 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
     psa_algorithm_t alg = alg_arg;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( hash_data != NULL );
@@ -1325,7 +1325,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data,
     unsigned char *output2 = NULL;
     size_t output2_size = 0;
     size_t output2_length = 0;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
@@ -1389,7 +1389,7 @@ void asymmetric_encrypt_fail( int key_type_arg, data_t *key_data,
     size_t output_length = 0;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
@@ -1435,7 +1435,7 @@ void asymmetric_decrypt( int key_type_arg, data_t *key_data,
     unsigned char *output = NULL;
     size_t output_size = 0;
     size_t output_length = 0;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
@@ -1487,7 +1487,7 @@ void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data,
     size_t output_length = 0;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
-    psa_key_policy_t policy = {0};
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );

From b3e6e5deebb7ffbe68b11ab19a9090aa9494b651 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 22:16:43 +0200
Subject: [PATCH 262/889] Rename hash max sizes for consistency

Use "hash" throughout the library, not "md" as in Mbed TLS.
---
 include/psa/crypto_struct.h                 | 10 +++----
 library/psa_crypto.c                        | 33 +--------------------
 tests/suites/test_suite_psa_crypto.function |  3 +-
 3 files changed, 7 insertions(+), 39 deletions(-)

diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 4b0f9799b..0dbd86c18 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -46,11 +46,11 @@
 #include "mbedtls/sha512.h"
 
 #if defined(MBEDTLS_SHA512_C)
-#define PSA_CRYPTO_MD_MAX_SIZE 64
-#define PSA_CRYPTO_MD_BLOCK_SIZE 128
+#define PSA_HASH_MAX_SIZE 64
+#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128
 #else
-#define PSA_CRYPTO_MD_MAX_SIZE 32
-#define PSA_CRYPTO_MD_BLOCK_SIZE 64
+#define PSA_HASH_MAX_SIZE 32
+#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64
 #endif
 
 struct psa_hash_operation_s
@@ -89,7 +89,7 @@ typedef struct
         /** The hash context. */
         struct psa_hash_operation_s hash_ctx;
         /** The HMAC part of the context. */
-        uint8_t opad[PSA_CRYPTO_MD_BLOCK_SIZE];
+        uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
 } psa_hmac_internal_data;
 
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index e5ac7bd81..446c90ea0 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -614,37 +614,6 @@ static const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg )
     }
 }
 
-#if 0
-static psa_algorithm_t mbedtls_md_alg_to_psa( mbedtls_md_type_t md_alg )
-{
-    switch( md_alg )
-    {
-        case MBEDTLS_MD_NONE:
-            return( 0 );
-        case MBEDTLS_MD_MD2:
-            return( PSA_ALG_MD2 );
-        case MBEDTLS_MD_MD4:
-            return( PSA_ALG_MD4 );
-        case MBEDTLS_MD_MD5:
-            return( PSA_ALG_MD5 );
-        case MBEDTLS_MD_SHA1:
-            return( PSA_ALG_SHA_1 );
-        case MBEDTLS_MD_SHA224:
-            return( PSA_ALG_SHA_224 );
-        case MBEDTLS_MD_SHA256:
-            return( PSA_ALG_SHA_256 );
-        case MBEDTLS_MD_SHA384:
-            return( PSA_ALG_SHA_384 );
-        case MBEDTLS_MD_SHA512:
-            return( PSA_ALG_SHA_512 );
-        case MBEDTLS_MD_RIPEMD160:
-            return( PSA_ALG_RIPEMD160 );
-        default:
-            return( 0 );
-    }
-}
-#endif
-
 psa_status_t psa_hash_abort( psa_hash_operation_t *operation )
 {
     switch( operation->alg )
@@ -1081,7 +1050,7 @@ static int psa_hmac_start( psa_mac_operation_t *operation,
                            key_slot_t *slot,
                            psa_algorithm_t alg )
 {
-    unsigned char ipad[PSA_CRYPTO_MD_BLOCK_SIZE];
+    unsigned char ipad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
     unsigned char *opad = operation->ctx.hmac.opad;
     size_t i;
     size_t block_size =
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index a88e02fd7..69deba11e 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1,7 +1,6 @@
 /* BEGIN_HEADER */
 #include <stdint.h>
 #include "psa/crypto.h"
-#include "mbedtls/md.h"
 
 #if(UINT32_MAX > SIZE_MAX)
 #define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) ( ( x ) <= SIZE_MAX )
@@ -212,7 +211,7 @@ exit:
 void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
 {
     psa_algorithm_t alg = alg_arg;
-    unsigned char actual_hash[MBEDTLS_MD_MAX_SIZE];
+    unsigned char actual_hash[PSA_HASH_MAX_SIZE];
     size_t actual_hash_length;
     psa_hash_operation_t operation;
 

From e1fed0de18e83884d95faef3796432cfccb61ac3 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 20:45:45 +0200
Subject: [PATCH 263/889] Define elliptic curve identifiers from TLS

Instead of rolling our own list of elliptic curve identifiers, use one
from somewhere. Pick TLS because it's the right size (16 bits) and
it's as good as any.
---
 include/psa/crypto.h                    | 50 ++++++++++++++++++++++++-
 tests/suites/test_suite_psa_crypto.data | 10 ++---
 2 files changed, 54 insertions(+), 6 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index c513b24c2..28103c78b 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -357,7 +357,6 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_DSA_KEYPAIR                ((psa_key_type_t)0x07020000)
 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE        ((psa_key_type_t)0x06030000)
 #define PSA_KEY_TYPE_ECC_KEYPAIR_BASE           ((psa_key_type_t)0x07030000)
-#define PSA_KEY_TYPE_ECC_CURVE_NISTP256R1       ((psa_key_type_t)0x00000001)
 #define PSA_KEY_TYPE_ECC_CURVE_MASK             ((psa_key_type_t)0x0000ffff)
 #define PSA_KEY_TYPE_ECC_KEYPAIR(curve)         \
     (PSA_KEY_TYPE_ECC_KEYPAIR_BASE | (curve))
@@ -397,6 +396,55 @@ typedef uint32_t psa_key_type_t;
     ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) &                        \
       ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
 
+/** The type of PSA elliptic curve identifiers. */
+typedef uint16_t psa_ecc_curve_t;
+/** Extract the curve from an elliptic curve key type. */
+#define PSA_KEY_TYPE_GET_CURVE(type)                             \
+    ((psa_ecc_curve_t) (PSA_KEY_TYPE_IS_ECC(type) ?              \
+                        ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
+                        0))
+
+/* The encoding of curve identifiers is currently aligned with the
+ * TLS Supported Groups Registry (formerly known as the
+ * TLS EC Named Curve Registry)
+ * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
+ * The values are defined by RFC 4492, RFC 7027 and RFC 7919. */
+#define PSA_ECC_CURVE_SECT163K1         ((psa_ecc_curve_t) 0x0001)
+#define PSA_ECC_CURVE_SECT163R1         ((psa_ecc_curve_t) 0x0002)
+#define PSA_ECC_CURVE_SECT163R2         ((psa_ecc_curve_t) 0x0003)
+#define PSA_ECC_CURVE_SECT193R1         ((psa_ecc_curve_t) 0x0004)
+#define PSA_ECC_CURVE_SECT193R2         ((psa_ecc_curve_t) 0x0005)
+#define PSA_ECC_CURVE_SECT233K1         ((psa_ecc_curve_t) 0x0006)
+#define PSA_ECC_CURVE_SECT233R1         ((psa_ecc_curve_t) 0x0007)
+#define PSA_ECC_CURVE_SECT239K1         ((psa_ecc_curve_t) 0x0008)
+#define PSA_ECC_CURVE_SECT283K1         ((psa_ecc_curve_t) 0x0009)
+#define PSA_ECC_CURVE_SECT283R1         ((psa_ecc_curve_t) 0x000a)
+#define PSA_ECC_CURVE_SECT409K1         ((psa_ecc_curve_t) 0x000b)
+#define PSA_ECC_CURVE_SECT409R1         ((psa_ecc_curve_t) 0x000c)
+#define PSA_ECC_CURVE_SECT571K1         ((psa_ecc_curve_t) 0x000d)
+#define PSA_ECC_CURVE_SECT571R1         ((psa_ecc_curve_t) 0x000e)
+#define PSA_ECC_CURVE_SECP160K1         ((psa_ecc_curve_t) 0x000f)
+#define PSA_ECC_CURVE_SECP160R1         ((psa_ecc_curve_t) 0x0010)
+#define PSA_ECC_CURVE_SECP160R2         ((psa_ecc_curve_t) 0x0011)
+#define PSA_ECC_CURVE_SECP192K1         ((psa_ecc_curve_t) 0x0012)
+#define PSA_ECC_CURVE_SECP192R1         ((psa_ecc_curve_t) 0x0013)
+#define PSA_ECC_CURVE_SECP224K1         ((psa_ecc_curve_t) 0x0014)
+#define PSA_ECC_CURVE_SECP224R1         ((psa_ecc_curve_t) 0x0015)
+#define PSA_ECC_CURVE_SECP256K1         ((psa_ecc_curve_t) 0x0016)
+#define PSA_ECC_CURVE_SECP256R1         ((psa_ecc_curve_t) 0x0017)
+#define PSA_ECC_CURVE_SECP384R1         ((psa_ecc_curve_t) 0x0018)
+#define PSA_ECC_CURVE_SECP521R1         ((psa_ecc_curve_t) 0x0019)
+#define PSA_ECC_CURVE_BRAINPOOL_P256R1  ((psa_ecc_curve_t) 0x001a)
+#define PSA_ECC_CURVE_BRAINPOOL_P384R1  ((psa_ecc_curve_t) 0x001b)
+#define PSA_ECC_CURVE_BRAINPOOL_P512R1  ((psa_ecc_curve_t) 0x001c)
+#define PSA_ECC_CURVE_CURVE25519        ((psa_ecc_curve_t) 0x001d)
+#define PSA_ECC_CURVE_CURVE448          ((psa_ecc_curve_t) 0x001e)
+#define PSA_ECC_CURVE_FFDHE_2048        ((psa_ecc_curve_t) 0x0100)
+#define PSA_ECC_CURVE_FFDHE_3072        ((psa_ecc_curve_t) 0x0101)
+#define PSA_ECC_CURVE_FFDHE_4096        ((psa_ecc_curve_t) 0x0102)
+#define PSA_ECC_CURVE_FFDHE_6144        ((psa_ecc_curve_t) 0x0103)
+#define PSA_ECC_CURVE_FFDHE_8192        ((psa_ecc_curve_t) 0x0104)
+
 /** The block size of a block cipher.
  *
  * \param type  A cipher key type (value of type #psa_key_type_t).
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 8a2e88eda..ff96c9024 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -51,7 +51,7 @@ import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA
 
 PSA import/export EC secp256r1: good
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
+import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
 
 PSA hash finish: SHA-256
 depends_on:MBEDTLS_SHA256_C
@@ -340,7 +340,7 @@ sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84
 
 PSA sign ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
-sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
 PSA sign RSA PKCS#1 v1.5 SHA-256, wrong hash size
 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT
@@ -383,15 +383,15 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
 
 PSA sign ECDSA SECP256R1 SHA-256, output buffer too small
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL
 
 PSA sign ECDSA SECP256R1, invalid md alg
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
-sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":0:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":0:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
 
 PSA verify ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_KEY_TYPE_ECC_CURVE_NISTP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
 PSA encrypt-decrypt using RSA PKCS#1 v1.5 vector #1
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15

From 34ef7f5a552c5a11365c03f5f6de88ebce2098fe Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 20:47:51 +0200
Subject: [PATCH 264/889] Check the curve of an elliptic curve key on import

psa_import_key must check that the imported key data matches the
expected key type. Implement the missing check for EC keys that the
curve is the expected one.
---
 library/psa_crypto.c                    | 47 +++++++++++++++++++++++--
 tests/suites/test_suite_psa_crypto.data |  8 +++++
 2 files changed, 52 insertions(+), 3 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 446c90ea0..603a5101c 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -311,6 +311,41 @@ static psa_status_t mbedtls_to_psa_error( int ret )
 /* Key management */
 /****************************************************************/
 
+static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid )
+{
+    switch( grpid )
+    {
+        case MBEDTLS_ECP_DP_SECP192R1:
+            return( PSA_ECC_CURVE_SECP192R1 );
+        case MBEDTLS_ECP_DP_SECP224R1:
+            return( PSA_ECC_CURVE_SECP224R1 );
+        case MBEDTLS_ECP_DP_SECP256R1:
+            return( PSA_ECC_CURVE_SECP256R1 );
+        case MBEDTLS_ECP_DP_SECP384R1:
+            return( PSA_ECC_CURVE_SECP384R1 );
+        case MBEDTLS_ECP_DP_SECP521R1:
+            return( PSA_ECC_CURVE_SECP521R1 );
+        case MBEDTLS_ECP_DP_BP256R1:
+            return( PSA_ECC_CURVE_BRAINPOOL_P256R1 );
+        case MBEDTLS_ECP_DP_BP384R1:
+            return( PSA_ECC_CURVE_BRAINPOOL_P384R1 );
+        case MBEDTLS_ECP_DP_BP512R1:
+            return( PSA_ECC_CURVE_BRAINPOOL_P512R1 );
+        case MBEDTLS_ECP_DP_CURVE25519:
+            return( PSA_ECC_CURVE_CURVE25519 );
+        case MBEDTLS_ECP_DP_SECP192K1:
+            return( PSA_ECC_CURVE_SECP192K1 );
+        case MBEDTLS_ECP_DP_SECP224K1:
+            return( PSA_ECC_CURVE_SECP224K1 );
+        case MBEDTLS_ECP_DP_SECP256K1:
+            return( PSA_ECC_CURVE_SECP256K1 );
+        case MBEDTLS_ECP_DP_CURVE448:
+            return( PSA_ECC_CURVE_CURVE448 );
+        default:
+            return( 0 );
+    }
+}
+
 psa_status_t psa_import_key( psa_key_slot_t key,
                              psa_key_type_t type,
                              const uint8_t *data,
@@ -356,7 +391,7 @@ psa_status_t psa_import_key( psa_key_slot_t key,
             case MBEDTLS_PK_RSA:
                 if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
                     type == PSA_KEY_TYPE_RSA_KEYPAIR )
-                    slot->data.rsa = pk.pk_ctx;
+                    slot->data.rsa = mbedtls_pk_rsa( pk );
                 else
                     return( PSA_ERROR_INVALID_ARGUMENT );
                 break;
@@ -365,8 +400,14 @@ psa_status_t psa_import_key( psa_key_slot_t key,
             case MBEDTLS_PK_ECKEY:
                 if( PSA_KEY_TYPE_IS_ECC( type ) )
                 {
-                    // TODO: check curve
-                    slot->data.ecp = pk.pk_ctx;
+                    mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk );
+                    psa_ecc_curve_t actual_curve =
+                        mbedtls_ecc_group_to_psa( ecp->grp.id );
+                    psa_ecc_curve_t expected_curve =
+                        PSA_KEY_TYPE_GET_CURVE( type );
+                    if( actual_curve != expected_curve )
+                        return( PSA_ERROR_INVALID_ARGUMENT );
+                    slot->data.ecp = ecp;
                 }
                 else
                     return( PSA_ERROR_INVALID_ARGUMENT );
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index ff96c9024..3e4465cc0 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -53,6 +53,14 @@ PSA import/export EC secp256r1: good
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
 
+PSA import/export EC secp384r1: good
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1
+
+PSA import EC keypair secp384r1: wrong curve
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT
+
 PSA hash finish: SHA-256
 depends_on:MBEDTLS_SHA256_C
 hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"

From d5b3322f72fe56fa4db898bcf2586c68ad14b1cf Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 22:20:03 +0200
Subject: [PATCH 265/889] Reorder PSA test cases to group them by topic

* init-deinit
* import-export
* policies
* lifetime
* hash
* MAC
* cipher
* AEAD
* asymmetric sign
* asymmetric verify
* asymmetric encrypt-decrypt

This commit only moves test functions and test cases around. It does
not modify, add or remove tests.
---
 tests/suites/test_suite_psa_crypto.data     |  54 ++--
 tests/suites/test_suite_psa_crypto.function | 286 ++++++++++----------
 2 files changed, 170 insertions(+), 170 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 3e4465cc0..b1a372cdc 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -61,6 +61,27 @@ PSA import EC keypair secp384r1: wrong curve
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT
 
+PSA Key Policy set and get
+key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE
+
+PSA Key Policy enforcement - export
+key_policy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+PSA Key Policy enforcement - sign
+key_policy_fail:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+PSA Key Lifetime set and get volatile
+key_lifetime:PSA_KEY_LIFETIME_VOLATILE
+
+PSA Key Lifetime set fail, invalid key slot
+key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
+
+PSA Key Lifetime set fail, can not change write_once lifetime
+key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED
+
+PSA Key Lifetime set fail, invalid key lifetime value
+key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
+
 PSA hash finish: SHA-256
 depends_on:MBEDTLS_SHA256_C
 hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
@@ -356,17 +377,13 @@ sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5
 PSA sign RSA PKCS#1 v1.5 SHA-256, output buffer too small
 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL
 
-PSA Key Policy set and get
-key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE
+PSA sign ECDSA SECP256R1 SHA-256, output buffer too small
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL
 
-PSA Key Policy enforcement - export
-key_policy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
-
-PSA Key Policy enforcement - sign
-key_policy_fail:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
-
-PSA Key Lifetime set and get volatile
-key_lifetime:PSA_KEY_LIFETIME_VOLATILE
+PSA sign ECDSA SECP256R1, invalid md alg
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":0:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
 
 PSA verify RSA PKCS#1 v1.5 signature
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
@@ -380,23 +397,6 @@ PSA verify RSA PKCS#1 v1.5 SHA-256, wrong signature
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
 
-PSA Key Lifetime set fail, invalid key slot
-key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
-
-PSA Key Lifetime set fail, can not change write_once lifetime
-key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED
-
-PSA Key Lifetime set fail, invalid key lifetime value
-key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
-
-PSA sign ECDSA SECP256R1 SHA-256, output buffer too small
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL
-
-PSA sign ECDSA SECP256R1, invalid md alg
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
-sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":0:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
-
 PSA verify ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 69deba11e..9dbf0340d 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -207,6 +207,149 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void key_policy( int usage_arg, int alg_arg )
+{
+    int key_slot = 1;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_usage_t usage = usage_arg;
+    psa_key_type_t key_type = PSA_KEY_TYPE_AES;
+    unsigned char key[32] = {0};
+    psa_key_policy_t policy_set;
+    psa_key_policy_t policy_get;
+
+    memset( key, 0x2a, sizeof( key ) );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy_set );
+    psa_key_policy_init( &policy_get );
+
+    psa_key_policy_set_usage( &policy_set, usage, alg );
+
+    TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == usage );
+    TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == alg );
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, sizeof( key ) ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_get_key_policy( key_slot, &policy_get ) == PSA_SUCCESS );
+
+    TEST_ASSERT( policy_get.usage == policy_set.usage );
+    TEST_ASSERT( policy_get.alg == policy_set.alg );
+
+exit:
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_policy_fail( int usage_arg, int alg_arg, int expected_status,
+                      data_t *keypair )
+{
+    int key_slot = 1;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_usage_t usage = usage_arg;
+    size_t signature_length = 0;
+    psa_key_policy_t policy;
+    int actual_status = PSA_SUCCESS;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, usage, alg );
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
+    if( usage & PSA_KEY_USAGE_EXPORT )
+    {
+        TEST_ASSERT( keypair != NULL );
+        TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
+        TEST_ASSERT( psa_import_key( key_slot,
+                                     PSA_KEY_TYPE_RSA_KEYPAIR,
+                                     keypair->x,
+                                     keypair->len ) == PSA_SUCCESS );
+        actual_status = psa_asymmetric_sign( key_slot, alg,
+                                             NULL, 0,
+                                             NULL, 0,
+                                             NULL, 0, &signature_length );
+    }
+
+    if( usage & PSA_KEY_USAGE_SIGN )
+    {
+        TEST_ASSERT( keypair != NULL );
+        TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
+        TEST_ASSERT( psa_import_key( key_slot,
+                                     PSA_KEY_TYPE_RSA_KEYPAIR,
+                                     keypair->x,
+                                     keypair->len ) == PSA_SUCCESS );
+        actual_status = psa_export_key( key_slot, NULL, 0, NULL );
+    }
+
+    TEST_ASSERT( actual_status == expected_status );
+
+exit:
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_lifetime( int lifetime_arg )
+{
+    int key_slot = 1;
+    psa_key_type_t key_type = PSA_ALG_CBC_BASE;
+    unsigned char key[32] = {0};
+    psa_key_lifetime_t lifetime_set = lifetime_arg;
+    psa_key_lifetime_t lifetime_get;
+
+    memset( key, 0x2a, sizeof( key ) );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_set_key_lifetime( key_slot,
+                                       lifetime_set ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key, sizeof( key ) ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_get_key_lifetime( key_slot,
+                                       &lifetime_get ) == PSA_SUCCESS );
+
+    TEST_ASSERT( lifetime_get == lifetime_set );
+
+exit:
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_lifetime_set_fail( int key_slot_arg,
+                            int lifetime_arg,
+                            int expected_status_arg )
+{
+    psa_key_slot_t key_slot = key_slot_arg;
+    psa_key_lifetime_t lifetime_set = lifetime_arg;
+    psa_status_t actual_status;
+    psa_status_t expected_status = expected_status_arg;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    actual_status = psa_set_key_lifetime( key_slot, lifetime_set );
+
+    if( actual_status == PSA_SUCCESS )
+        actual_status = psa_set_key_lifetime( key_slot, lifetime_set );
+
+    TEST_ASSERT( expected_status == actual_status );
+
+exit:
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
 {
@@ -1086,149 +1229,6 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
-void key_policy( int usage_arg, int alg_arg )
-{
-    int key_slot = 1;
-    psa_algorithm_t alg = alg_arg;
-    psa_key_usage_t usage = usage_arg;
-    psa_key_type_t key_type = PSA_KEY_TYPE_AES;
-    unsigned char key[32] = {0};
-    psa_key_policy_t policy_set;
-    psa_key_policy_t policy_get;
-
-    memset( key, 0x2a, sizeof( key ) );
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    psa_key_policy_init( &policy_set );
-    psa_key_policy_init( &policy_get );
-
-    psa_key_policy_set_usage( &policy_set, usage, alg );
-
-    TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == usage );
-    TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, sizeof( key ) ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_get_key_policy( key_slot, &policy_get ) == PSA_SUCCESS );
-
-    TEST_ASSERT( policy_get.usage == policy_set.usage );
-    TEST_ASSERT( policy_get.alg == policy_set.alg );
-
-exit:
-    psa_destroy_key( key_slot );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_policy_fail( int usage_arg, int alg_arg, int expected_status,
-                      data_t *keypair )
-{
-    int key_slot = 1;
-    psa_algorithm_t alg = alg_arg;
-    psa_key_usage_t usage = usage_arg;
-    size_t signature_length = 0;
-    psa_key_policy_t policy;
-    int actual_status = PSA_SUCCESS;
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    psa_key_policy_init( &policy );
-    psa_key_policy_set_usage( &policy, usage, alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
-
-    if( usage & PSA_KEY_USAGE_EXPORT )
-    {
-        TEST_ASSERT( keypair != NULL );
-        TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
-        TEST_ASSERT( psa_import_key( key_slot,
-                                     PSA_KEY_TYPE_RSA_KEYPAIR,
-                                     keypair->x,
-                                     keypair->len ) == PSA_SUCCESS );
-        actual_status = psa_asymmetric_sign( key_slot, alg,
-                                             NULL, 0,
-                                             NULL, 0,
-                                             NULL, 0, &signature_length );
-    }
-
-    if( usage & PSA_KEY_USAGE_SIGN )
-    {
-        TEST_ASSERT( keypair != NULL );
-        TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
-        TEST_ASSERT( psa_import_key( key_slot,
-                                     PSA_KEY_TYPE_RSA_KEYPAIR,
-                                     keypair->x,
-                                     keypair->len ) == PSA_SUCCESS );
-        actual_status = psa_export_key( key_slot, NULL, 0, NULL );
-    }
-
-    TEST_ASSERT( actual_status == expected_status );
-
-exit:
-    psa_destroy_key( key_slot );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_lifetime( int lifetime_arg )
-{
-    int key_slot = 1;
-    psa_key_type_t key_type = PSA_ALG_CBC_BASE;
-    unsigned char key[32] = {0};
-    psa_key_lifetime_t lifetime_set = lifetime_arg;
-    psa_key_lifetime_t lifetime_get;
-
-    memset( key, 0x2a, sizeof( key ) );
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_set_key_lifetime( key_slot,
-                                       lifetime_set ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, sizeof( key ) ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_get_key_lifetime( key_slot,
-                                       &lifetime_get ) == PSA_SUCCESS );
-
-    TEST_ASSERT( lifetime_get == lifetime_set );
-
-exit:
-    psa_destroy_key( key_slot );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_lifetime_set_fail( int key_slot_arg,
-                            int lifetime_arg,
-                            int expected_status_arg )
-{
-    psa_key_slot_t key_slot = key_slot_arg;
-    psa_key_lifetime_t lifetime_set = lifetime_arg;
-    psa_status_t actual_status;
-    psa_status_t expected_status = expected_status_arg;
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    actual_status = psa_set_key_lifetime( key_slot, lifetime_set );
-
-    if( actual_status == PSA_SUCCESS )
-        actual_status = psa_set_key_lifetime( key_slot, lifetime_set );
-
-    TEST_ASSERT( expected_status == actual_status );
-
-exit:
-    psa_destroy_key( key_slot );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
 /* BEGIN_CASE */
 void asymmetric_verify( int key_type_arg, data_t *key_data,
                         int alg_arg, data_t *hash_data,

From 313b8af18e6a85303d50eeafe7cd704d0bcd2fd9 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 22:45:01 +0200
Subject: [PATCH 266/889] Improve the description of some test cases

Make the descriptions more consistent.
---
 tests/suites/test_suite_psa_crypto.data | 142 ++++++++++++------------
 1 file changed, 71 insertions(+), 71 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index b1a372cdc..0d7a31bdf 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -17,7 +17,7 @@ PSA import/export RSA public key: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
 
-PSA import/export RSA keypair usage encrypt: bad, plicy usage set to ENCRYPT instead of EXPORT 1024-bit
+PSA import/export RSA keypair: policy forbids export
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1
 
@@ -45,7 +45,7 @@ PSA import/export-public PSA keypair: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:1024:162:PSA_SUCCESS
 
-PSA import/export-public symmetric key: bad, try to use export public key with symmetric key type 128-bit
+PSA import/export-public: cannot export-public a symmetric key
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:128:162:PSA_ERROR_INVALID_ARGUMENT
 
@@ -61,25 +61,25 @@ PSA import EC keypair secp384r1: wrong curve
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT
 
-PSA Key Policy set and get
+PSA key policy set and get
 key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE
 
-PSA Key Policy enforcement - export
+PSA key policy enforcement: export
 key_policy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
 
-PSA Key Policy enforcement - sign
+PSA key policy enforcement: sign
 key_policy_fail:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
 
-PSA Key Lifetime set and get volatile
+PSA key lifetime: set and get volatile
 key_lifetime:PSA_KEY_LIFETIME_VOLATILE
 
-PSA Key Lifetime set fail, invalid key slot
+PSA key lifetime set: invalid key slot
 key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
 
-PSA Key Lifetime set fail, can not change write_once lifetime
+PSA key lifetime set: cannot change write_once lifetime
 key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED
 
-PSA Key Lifetime set fail, invalid key lifetime value
+PSA key lifetime set: invalid key lifetime value
 key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
 
 PSA hash finish: SHA-256
@@ -194,152 +194,152 @@ PSA MAC verify: CMAC-AES-128
 depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
 mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
 
-PSA Symmetric encryption: AES-CBC-nopad, 16 bytes, good
+PSA symmetric encrypt: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
 
-PSA Symmetric encryption: AES-CBC-PKCS#7, 16 bytes, good
+PSA symmetric encrypt: AES-CBC-PKCS#7, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS
 
-PSA Symmetric encryption: AES-CBC-PKCS#7, 15 bytes, good
+PSA symmetric encrypt: AES-CBC-PKCS#7, 15 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS
 
-PSA Symmetric encryption: AES-CBC-nopad, input too short
+PSA symmetric encrypt: AES-CBC-nopad, input too short
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
 
-PSA Symmetric encryption: AES-CTR, 16 bytes, good
+PSA symmetric encrypt: AES-CTR, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
 cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
 
-PSA Symmetric encryption: AES-CTR, 15 bytes, good
+PSA symmetric encrypt: AES-CTR, 15 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
 cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
 
-PSA Symmetric decryption: AES-CBC-nopad, 16 bytes, good
+PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
 
-PSA Symmetric decryption: AES-CBC-PKCS#7, 16 bytes, good
+PSA symmetric decrypt: AES-CBC-PKCS#7, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
 
-PSA Symmetric decryption: AES-CBC-PKCS#7, 15 bytes, good
+PSA symmetric decrypt: AES-CBC-PKCS#7, 15 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS
 
-PSA Symmetric decryption: AES-CBC-PKCS#7, 15 bytes, bad - cipher full block expected
+PSA symmetric decrypt: AES-CBC-PKCS#7, input too short (15 bytes)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE
 
-PSA Symmetric decryption: AES-CTR, 16 bytes, good
+PSA symmetric decrypt: AES-CTR, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
 cipher_decrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS
 
-PSA Symmetric decryption: AES-CBC-nopad, input too short
+PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE
 
-PSA Symmetric encryption/decryption: AES-CBC-nopad, 16 bytes, good
+PSA symmetric encrypt/decrypt: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric encryption/decryption: AES-CBC-PKCS#7, 16 bytes
+PSA symmetric encrypt/decrypt: AES-CBC-PKCS#7, 16 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
 cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric encryption/decryption: AES-CBC-PKCS#7, 15 bytes
+PSA symmetric encrypt/decrypt: AES-CBC-PKCS#7, 15 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
 cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
 
-PSA Symmetric encryption/decryption: AES-CTR
+PSA symmetric encrypt/decrypt: AES-CTR
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
 cipher_verify_output:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes
+PSA symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b"
 
-PSA Symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes
+PSA symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b"
 
-PSA Symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes
+PSA symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:"a076ec9dfbe47d52afc357336f20743b"
 
-PSA Symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes
+PSA symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b"
 
-PSA Symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes
+PSA symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes
+PSA symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes
+PSA symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:"6bc1bee22e409f96e93d7e117393172a"
 
-PSA Symmetric encryption + decryption multipart: AES-CBC-nopad, 11+5 bytes
+PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 11+5 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_verify_output_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11
 
-PSA Symmetric encryption + decryption multipart: AES-CBC-PKCS#7 padding, 4+12 bytes
+PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7 padding, 4+12 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
 cipher_verify_output_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4
 
-PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 1
+PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #1
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":"000102030405060708090A0B":PSA_SUCCESS
 
-PSA AEAD Encrypt-Decrypt, AES CCM 19-bytes input - 2
+PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #2
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
 
-PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid key type
+PSA AEAD encrypt/decrypt: DES-CCM not supported
 aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
 
-PSA AEAD Encrypt, AES CCM - 23-bytes input
+PSA AEAD encrypt: AES-CCM, 23 bytes
 aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8"
 
-PSA AEAD Encrypt, AES CCM - 24-bytes input
+PSA AEAD encrypt: AES-CCM, 24 bytes
 aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
 
-PSA AEAD Decrypt, AES CCM - 39-bytes input
+PSA AEAD decrypt: AES-CCM, 39 bytes
 aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS
 
-PSA AEAD Decrypt, AES CCM - 40-bytes input
+PSA AEAD decrypt, AES-CCM, 40 bytes
 aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
 
-PSA AEAD Decrypt, AES CCM - invalid signature
+PSA AEAD decrypt: AES-CCM, invalid signature
 aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
 
-PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 1
+PSA AEAD encrypt/decrypt, AES-GCM, 19 bytes #1
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":PSA_SUCCESS
 
-PSA AEAD Encrypt-Decrypt, AES GCM 19-bytes input - 2
+PSA AEAD encrypt/decrypt, AES GCM, 19 bytes #2
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
 
-PSA AEAD Encrypt, AES GCM - 128-bytes input - 1
+PSA AEAD encrypt, AES-GCM, 128 bytes #1
 aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
 
-PSA AEAD Encrypt, AES GCM - 128-bytes input - 2
+PSA AEAD encrypt, AES-GCM, 128 bytes #2
 aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56"
 
-PSA AEAD Decrypt, AES GCM - 144-bytes input - 1
+PSA AEAD decrypt, AES-GCM, 144 bytes #1
 aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
 
-PSA AEAD Decrypt, AES GCM - 144-bytes input - 2
+PSA AEAD decrypt, AES-GCM, 144 bytes #2
 aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS
 
-PSA AEAD Decrypt, AES GCM - invalid signature
+PSA AEAD decrypt, AES-GCM, invalid signature
 aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE
 
-PSA AEAD Encrypt-Decrypt, Fail Scenario - Invalid algorithm
+PSA AEAD encrypt/decrypt: invalid algorithm (CTR)
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
 
 PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw
@@ -360,83 +360,83 @@ signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1023:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
 PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw
 signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1025:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:129
 
-PSA sign RSA PKCS#1 v1.5, raw
+PSA sign: RSA PKCS#1 v1.5, raw
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a"
 
-PSA sign RSA PKCS#1 v1.5 SHA-256
+PSA sign: RSA PKCS#1 v1.5 SHA-256
 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
 
-PSA sign ECDSA SECP256R1 SHA-256
+PSA sign: ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
 sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
-PSA sign RSA PKCS#1 v1.5 SHA-256, wrong hash size
+PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size
 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT
 
-PSA sign RSA PKCS#1 v1.5 SHA-256, output buffer too small
+PSA sign: RSA PKCS#1 v1.5 SHA-256, output buffer too small
 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL
 
-PSA sign ECDSA SECP256R1 SHA-256, output buffer too small
+PSA sign: ECDSA SECP256R1 SHA-256, output buffer too small
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL
 
-PSA sign ECDSA SECP256R1, invalid md alg
+PSA sign: ECDSA SECP256R1, invalid hash
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
 sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":0:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
 
-PSA verify RSA PKCS#1 v1.5 signature
+PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
 
-PSA verify RSA PKCS#1 v1.5 SHA-256, wrong hash
+PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong hash
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C
 asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT
 
-PSA verify RSA PKCS#1 v1.5 SHA-256, wrong signature
+PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
 
-PSA verify ECDSA SECP256R1 SHA-256
+PSA verify: ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
-PSA encrypt-decrypt using RSA PKCS#1 v1.5 vector #1
+PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #1
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
 
-PSA encrypt-decrypt using RSA PKCS#1 v1.5 vector #2
+PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #2
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff"
 
-PSA encrypt using RSA PKCS#1 v1.5 fail - invalid algorithm
+PSA encrypt: invalid algorithm
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
 
-PSA encrypt using RSA PKCS#1 v1.5 fail - mangled key and incorrect key type
+PSA encrypt: RSA PKCS#1 v1.5: invalid key type
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
 
-PSA decrypt using RSA PKCS#1 v1.5 vector #1
+PSA decrypt: RSA PKCS#1 v1.5: good #1
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":32
 
-PSA decrypt using RSA PKCS#1 v1.5 vector #2
+PSA decrypt: RSA PKCS#1 v1.5: good #2
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":34
 
-PSA decrypt using RSA PKCS#1 v1.5 fail - invalid algorithm
+PSA decrypt: invalid algorithm
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
 
-PSA decrypt using RSA PKCS#1 v1.5 fail - mangled key and incorrect key type
+PSA decrypt: RSA PKCS#1 v1.5: incorrect key type
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
 
-PSA decrypt using RSA PKCS#1 v1.5 fail - input buffer too small
+PSA decrypt: RSA PKCS#1 v1.5, input too small
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT
 
-PSA decrypt using RSA PKCS#1 v1.5 fail - input buffer too large
+PSA decrypt: RSA PKCS#1 v1.5, input too large
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT

From 4e69d7a9a7e757810d6f9a9f826a4d6f776aae72 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 19 Jun 2018 20:19:14 +0200
Subject: [PATCH 267/889] psa_generate_key: pass parameters_size argument

When calling psa_generate_key, pass the size of the parameters buffer
explicitly. This makes calls more verbose but less error-prone. This
also has the benefit that in an implementation with separation, the
frontend knows how many bytes to send to the backend without needing
to know about each key type.
---
 include/psa/crypto.h | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 28103c78b..204ac267a 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1846,14 +1846,17 @@ psa_status_t psa_generate_random(uint8_t *output,
 /**
  * \brief Generate a key or key pair.
  *
- * \param key         Slot where the key will be stored. This must be a
- *                    valid slot for a key of the chosen type. It must
- *                    be unoccupied.
- * \param type        Key type (a \c PSA_KEY_TYPE_XXX value).
- * \param bits        Key size in bits.
- * \param parameters  Extra parameters for key generation. The interpretation
- *                    of this parameter depends on \c type. All types support
- *                    \c NULL to use default parameters specified below.
+ * \param key               Slot where the key will be stored. This must be a
+ *                          valid slot for a key of the chosen type. It must
+ *                          be unoccupied.
+ * \param type              Key type (a \c PSA_KEY_TYPE_XXX value).
+ * \param bits              Key size in bits.
+ * \param parameters        Extra parameters for key generation. The
+ *                          interpretation of this parameter depends on
+ *                          \c type. All types support \c NULL to use
+ *                          the default parameters specified below.
+ * \param parameters_size   Size of the buffer that \param parameters
+ *                          points to, in bytes.
  *
  * For any symmetric key type (type such that
  * `PSA_KEY_TYPE_IS_ASYMMETRIC(type)` is false), \c parameters must be
@@ -1878,7 +1881,8 @@ psa_status_t psa_generate_random(uint8_t *output,
 psa_status_t psa_generate_key(psa_key_slot_t key,
                               psa_key_type_t type,
                               size_t bits,
-                              const void *parameters);
+                              const void *parameters,
+                              size_t parameters_size);
 
 /**@}*/
 

From 2d9d6db60f5fd0a4993d90e47f39462647624ad6 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 23:25:28 +0200
Subject: [PATCH 268/889] check-names: also check PSA files

Allow both mbedtls and psa identifiers in either set of files for now.
---
 tests/scripts/check-names.sh      | 2 +-
 tests/scripts/list-identifiers.sh | 2 +-
 tests/scripts/list-macros.sh      | 1 +
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/tests/scripts/check-names.sh b/tests/scripts/check-names.sh
index 4c66440e2..68493f91b 100755
--- a/tests/scripts/check-names.sh
+++ b/tests/scripts/check-names.sh
@@ -53,7 +53,7 @@ done
 for THING in identifiers; do
     printf "Names of $THING: "
     test -r $THING
-    BAD=$( grep -v '^mbedtls_[0-9a-z_]*[0-9a-z]$' $THING || true )
+    BAD=$( grep -E -v '^(mbedtls|psa)_[0-9a-z_]*[0-9a-z]$' $THING || true )
     if [ "x$BAD" = "x" ]; then
         echo "PASS"
     else
diff --git a/tests/scripts/list-identifiers.sh b/tests/scripts/list-identifiers.sh
index 130d9d63f..89daa68c7 100755
--- a/tests/scripts/list-identifiers.sh
+++ b/tests/scripts/list-identifiers.sh
@@ -7,7 +7,7 @@ if [ -d include/mbedtls ]; then :; else
     exit 1
 fi
 
-HEADERS=$( ls include/mbedtls/*.h | egrep -v 'compat-1\.3\.h|bn_mul' )
+HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-1\.3\.h|bn_mul' )
 
 rm -f identifiers
 
diff --git a/tests/scripts/list-macros.sh b/tests/scripts/list-macros.sh
index 3c84adba6..34d909517 100755
--- a/tests/scripts/list-macros.sh
+++ b/tests/scripts/list-macros.sh
@@ -8,6 +8,7 @@ if [ -d include/mbedtls ]; then :; else
 fi
 
 HEADERS=$( ls include/mbedtls/*.h | egrep -v 'compat-1\.3\.h' )
+HEADERS="$HEADERS configs/config-default.h"
 
 sed -n -e 's/.*#define \([a-zA-Z0-9_]*\).*/\1/p' $HEADERS \
     | egrep -v '^(asm|inline|EMIT|_CRT_SECURE_NO_DEPRECATE)$|^MULADDC_' \

From ca36a23bcefe20dc45a2c261d731b2b3cd6c81ff Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 19 Jun 2018 21:18:00 +0200
Subject: [PATCH 269/889] Fix asymmetric encrypt/decrypt test with invalid key
 types

The key data was invalid on import. The import doesn't fail because it
doesn't check the data enough.
---
 tests/suites/test_suite_psa_crypto.data | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 0d7a31bdf..ca8ea2336 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -415,7 +415,7 @@ asymmetric_encrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d39
 
 PSA encrypt: RSA PKCS#1 v1.5: invalid key type
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
+asymmetric_encrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
 
 PSA decrypt: RSA PKCS#1 v1.5: good #1
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
@@ -429,9 +429,9 @@ PSA decrypt: invalid algorithm
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
 
-PSA decrypt: RSA PKCS#1 v1.5: incorrect key type
+PSA decrypt: RSA PKCS#1 v1.5: invalid key type
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
+asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
 
 PSA decrypt: RSA PKCS#1 v1.5, input too small
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15

From 828ed149d5bc65e7dbd1a0216e3458cfb7eed14a Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 18 Jun 2018 23:25:51 +0200
Subject: [PATCH 270/889] Rename MBEDTLS_xxx macros in psa_crypto.c to placate
 check-names.sh

---
 library/psa_crypto.c | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 603a5101c..1de19555f 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -92,7 +92,7 @@ static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n )
 
 /* Number of key slots (plus one because 0 is not used).
  * The value is a compile-time constant for now, for simplicity. */
-#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
+#define PSA_KEY_SLOT_COUNT 32
 
 typedef struct
 {
@@ -120,7 +120,7 @@ typedef struct
     int initialized;
     mbedtls_entropy_context entropy;
     mbedtls_ctr_drbg_context ctr_drbg;
-    key_slot_t key_slots[MBEDTLS_PSA_KEY_SLOT_COUNT];
+    key_slot_t key_slots[PSA_KEY_SLOT_COUNT];
 } psa_global_data_t;
 
 static psa_global_data_t global_data;
@@ -353,7 +353,7 @@ psa_status_t psa_import_key( psa_key_slot_t key,
 {
     key_slot_t *slot;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_INVALID_ARGUMENT );
     slot = &global_data.key_slots[key];
     if( slot->type != PSA_KEY_TYPE_NONE )
@@ -431,7 +431,7 @@ psa_status_t psa_destroy_key( psa_key_slot_t key )
 {
     key_slot_t *slot;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_INVALID_ARGUMENT );
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
@@ -477,7 +477,7 @@ psa_status_t psa_get_key_information( psa_key_slot_t key,
 {
     key_slot_t *slot;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_EMPTY_SLOT );
     slot = &global_data.key_slots[key];
     if( type != NULL )
@@ -527,7 +527,7 @@ static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
 {
     key_slot_t *slot;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_EMPTY_SLOT );
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
@@ -1166,7 +1166,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
     key_slot_t *slot;
     psa_key_type_t key_type;
     size_t key_bits;
-    const mbedtls_cipher_info_t *cipher_info;
+    const mbedtls_cipher_info_t *cipher_info = NULL;
 
     operation->alg = 0;
     operation->key_set = 0;
@@ -1378,7 +1378,7 @@ psa_status_t psa_mac_finish( psa_mac_operation_t *operation,
                                      mac_size, mac_length ) );
 }
 
-#define MBEDTLS_PSA_MAC_MAX_SIZE                        \
+#define PSA_MAC_MAX_SIZE                                \
     ( MBEDTLS_MD_MAX_SIZE > MBEDTLS_MAX_BLOCK_LENGTH ?  \
       MBEDTLS_MD_MAX_SIZE :                             \
       MBEDTLS_MAX_BLOCK_LENGTH )
@@ -1386,7 +1386,7 @@ psa_status_t psa_mac_verify( psa_mac_operation_t *operation,
                              const uint8_t *mac,
                              size_t mac_length )
 {
-    uint8_t actual_mac[MBEDTLS_PSA_MAC_MAX_SIZE];
+    uint8_t actual_mac[PSA_MAC_MAX_SIZE];
     size_t actual_mac_length;
     psa_status_t status;
 
@@ -1453,7 +1453,7 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key,
     (void) salt;
     (void) salt_length;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_EMPTY_SLOT );
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
@@ -1549,7 +1549,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
     (void) salt;
     (void) salt_length;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_INVALID_ARGUMENT );
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
@@ -1640,7 +1640,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
     (void) salt_length;
     *output_length = 0;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_INVALID_ARGUMENT );
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
@@ -1707,7 +1707,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
     (void) salt_length;
     *output_length = 0;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_EMPTY_SLOT );
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
@@ -2059,7 +2059,7 @@ psa_status_t psa_set_key_policy( psa_key_slot_t key,
 {
     key_slot_t *slot;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT || policy == NULL )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT || policy == NULL )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     slot = &global_data.key_slots[key];
@@ -2083,7 +2083,7 @@ psa_status_t psa_get_key_policy( psa_key_slot_t key,
 {
     key_slot_t *slot;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT || policy == NULL )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT || policy == NULL )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     slot = &global_data.key_slots[key];
@@ -2104,7 +2104,7 @@ psa_status_t psa_get_key_lifetime( psa_key_slot_t key,
 {
     key_slot_t *slot;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     slot = &global_data.key_slots[key];
@@ -2119,7 +2119,7 @@ psa_status_t psa_set_key_lifetime( psa_key_slot_t key,
 {
     key_slot_t *slot;
 
-    if( key == 0 || key > MBEDTLS_PSA_KEY_SLOT_COUNT )
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     if( lifetime != PSA_KEY_LIFETIME_VOLATILE &&
@@ -2413,7 +2413,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
 void mbedtls_psa_crypto_free( void )
 {
     size_t key;
-    for( key = 1; key < MBEDTLS_PSA_KEY_SLOT_COUNT; key++ )
+    for( key = 1; key < PSA_KEY_SLOT_COUNT; key++ )
         psa_destroy_key( key );
     mbedtls_ctr_drbg_free( &global_data.ctr_drbg );
     mbedtls_entropy_free( &global_data.entropy );

From 0ff4b0f7f98740197944e67303c244aba2578fa1 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 19 Jun 2018 21:31:50 +0200
Subject: [PATCH 271/889] psa_import_key: validate symmetric key size

When importing a symmetric key, validate that the key size is valid
for the given key type.

Non-supported key types may no longer be imported.
---
 library/psa_crypto.c                    | 61 +++++++++++++++++++++++--
 tests/suites/test_suite_psa_crypto.data | 16 +++++++
 2 files changed, 73 insertions(+), 4 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index e41e51287..4d2f8d05b 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -346,6 +346,57 @@ static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid )
     }
 }
 
+static psa_status_t prepare_raw_data_slot( psa_key_type_t type,
+                                           size_t bits,
+                                           struct raw_data *raw )
+{
+    /* Check that the bit size is acceptable for the key type */
+    switch( type )
+    {
+        case PSA_KEY_TYPE_RAW_DATA:
+#if defined(MBEDTLS_MD_C)
+        case PSA_KEY_TYPE_HMAC:
+#endif
+            break;
+#if defined(MBEDTLS_AES_C)
+        case PSA_KEY_TYPE_AES:
+            if( bits != 128 && bits != 192 && bits != 256 )
+                return( PSA_ERROR_INVALID_ARGUMENT );
+            break;
+#endif
+#if defined(MBEDTLS_CAMELLIA_C)
+        case PSA_KEY_TYPE_CAMELLIA:
+            if( bits != 128 && bits != 192 && bits != 256 )
+                return( PSA_ERROR_INVALID_ARGUMENT );
+            break;
+#endif
+#if defined(MBEDTLS_DES_C)
+        case PSA_KEY_TYPE_DES:
+            if( bits != 64 && bits != 128 && bits != 192 )
+                return( PSA_ERROR_INVALID_ARGUMENT );
+            break;
+#endif
+#if defined(MBEDTLS_ARC4_C)
+        case PSA_KEY_TYPE_ARC4:
+            if( bits < 8 || bits > 2048 )
+                return( PSA_ERROR_INVALID_ARGUMENT );
+            break;
+#endif
+        default:
+            return( PSA_ERROR_NOT_SUPPORTED );
+    }
+
+    /* Allocate memory for the key */
+    raw->bytes = PSA_BITS_TO_BYTES( bits );
+    raw->data = mbedtls_calloc( 1, raw->bytes );
+    if( raw->data == NULL )
+    {
+        raw->bytes = 0;
+        return( PSA_ERROR_INSUFFICIENT_MEMORY );
+    }
+    return( PSA_SUCCESS );
+}
+
 psa_status_t psa_import_key( psa_key_slot_t key,
                              psa_key_type_t type,
                              const uint8_t *data,
@@ -361,14 +412,16 @@ psa_status_t psa_import_key( psa_key_slot_t key,
 
     if( PSA_KEY_TYPE_IS_RAW_BYTES( type ) )
     {
+        psa_status_t status;
         /* Ensure that a bytes-to-bit conversion won't overflow. */
         if( data_length > SIZE_MAX / 8 )
             return( PSA_ERROR_NOT_SUPPORTED );
-        slot->data.raw.data = mbedtls_calloc( 1, data_length );
-        if( slot->data.raw.data == NULL )
-            return( PSA_ERROR_INSUFFICIENT_MEMORY );
+        status = prepare_raw_data_slot( type,
+                                        PSA_BYTES_TO_BITS( data_length ),
+                                        &slot->data.raw );
+        if( status != PSA_SUCCESS )
+            return( status );
         memcpy( slot->data.raw.data, data, data_length );
-        slot->data.raw.bytes = data_length;
     }
     else
 #if defined(MBEDTLS_PK_PARSE_C)
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index ca8ea2336..00add7d64 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -13,6 +13,22 @@ import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER
 PSA import/export raw: 2 bytes, buffer too small
 import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
 
+PSA import/export AES-128
+depends_on:MBEDTLS_AES_C
+import_export:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:128:0:PSA_SUCCESS:1
+
+PSA import/export AES-192
+depends_on:MBEDTLS_AES_C
+import_export:"0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:192:0:PSA_SUCCESS:1
+
+PSA import/export AES-256
+depends_on:MBEDTLS_AES_C
+import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
+
+PSA import AES: bad key size
+depends_on:MBEDTLS_AES_C
+import:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT
+
 PSA import/export RSA public key: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1

From 13187931f17cd6dcb43a703319eaa41a704b476f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 19 Jun 2018 11:49:23 +0200
Subject: [PATCH 272/889] Update the PSA crypto-only config.h in configs

The file was derived from an earlier version of Mbed TLS and had not
been updated in a rebase of the PSA branch.
---
 configs/config-psa-crypto.h | 58 +++++++++++++++++++++++++++++++++++--
 1 file changed, 56 insertions(+), 2 deletions(-)

diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h
index 9c4f62aa0..9ae09c9ec 100644
--- a/configs/config-psa-crypto.h
+++ b/configs/config-psa-crypto.h
@@ -398,12 +398,45 @@
 /**
  * \def MBEDTLS_AES_ROM_TABLES
  *
- * Store the AES tables in ROM.
+ * Use precomputed AES tables stored in ROM.
+ *
+ * Uncomment this macro to use precomputed AES tables stored in ROM.
+ * Comment this macro to generate AES tables in RAM at runtime.
+ *
+ * Tradeoff: Using precomputed ROM tables reduces RAM usage by ~8kb
+ * (or ~2kb if \c MBEDTLS_AES_FEWER_TABLES is used) and reduces the
+ * initialization time before the first AES operation can be performed.
+ * It comes at the cost of additional ~8kb ROM use (resp. ~2kb if \c
+ * MBEDTLS_AES_FEWER_TABLES below is used), and potentially degraded
+ * performance if ROM access is slower than RAM access.
+ *
+ * This option is independent of \c MBEDTLS_AES_FEWER_TABLES.
  *
- * Uncomment this macro to store the AES tables in ROM.
  */
 //#define MBEDTLS_AES_ROM_TABLES
 
+/**
+ * \def MBEDTLS_AES_FEWER_TABLES
+ *
+ * Use less ROM/RAM for AES tables.
+ *
+ * Uncommenting this macro omits 75% of the AES tables from
+ * ROM / RAM (depending on the value of \c MBEDTLS_AES_ROM_TABLES)
+ * by computing their values on the fly during operations
+ * (the tables are entry-wise rotations of one another).
+ *
+ * Tradeoff: Uncommenting this reduces the RAM / ROM footprint
+ * by ~6kb but at the cost of more arithmetic operations during
+ * runtime. Specifically, one has to compare 4 accesses within
+ * different tables to 4 accesses with additional arithmetic
+ * operations within the same table. The performance gain/loss
+ * depends on the system and memory details.
+ *
+ * This option is independent of \c MBEDTLS_AES_ROM_TABLES.
+ *
+ */
+//#define MBEDTLS_AES_FEWER_TABLES
+
 /**
  * \def MBEDTLS_CAMELLIA_SMALL_MEMORY
  *
@@ -470,6 +503,7 @@
 #define MBEDTLS_ECP_DP_BP384R1_ENABLED
 #define MBEDTLS_ECP_DP_BP512R1_ENABLED
 #define MBEDTLS_ECP_DP_CURVE25519_ENABLED
+#define MBEDTLS_ECP_DP_CURVE448_ENABLED
 
 /**
  * \def MBEDTLS_ECP_NIST_OPTIM
@@ -1704,6 +1738,26 @@
 //#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO   mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
 //#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO  mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
 
+/**
+ * Uncomment the macro to let mbed TLS use your alternate implementation of
+ * mbedtls_platform_zeroize(). This replaces the default implementation in
+ * platform_util.c.
+ *
+ * mbedtls_platform_zeroize() is a widely used function across the library to
+ * zero a block of memory. The implementation is expected to be secure in the
+ * sense that it has been written to prevent the compiler from removing calls
+ * to mbedtls_platform_zeroize() as part of redundant code elimination
+ * optimizations. However, it is difficult to guarantee that calls to
+ * mbedtls_platform_zeroize() will not be optimized by the compiler as older
+ * versions of the C language standards do not provide a secure implementation
+ * of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to
+ * configure their own implementation of mbedtls_platform_zeroize(), for
+ * example by using directives specific to their compiler, features from newer
+ * C standards (e.g using memset_s() in C11) or calling a secure memset() from
+ * their system (e.g explicit_bzero() in BSD).
+ */
+//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
+
 /* \} name SECTION: Customisation configuration options */
 
 #include "mbedtls/check_config.h"

From 05d69890ee67641d0cffd30880dd82636cccb6ab Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 19 Jun 2018 22:00:52 +0200
Subject: [PATCH 273/889] Implement psa_generate_random

---
 library/psa_crypto.c                        | 22 +++++++++++
 tests/suites/test_suite_psa_crypto.data     | 15 ++++++++
 tests/suites/test_suite_psa_crypto.function | 41 +++++++++++++++++++++
 3 files changed, 78 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 4d2f8d05b..5609f4283 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2461,6 +2461,28 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
 
 
 
+/****************************************************************/
+/* Key generation */
+/****************************************************************/
+
+psa_status_t psa_generate_random( uint8_t *output,
+                                  size_t output_size )
+{
+    int ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg,
+                                       output, output_size );
+    return( mbedtls_to_psa_error( ret ) );
+}
+
+psa_status_t psa_generate_key( psa_key_slot_t key,
+                               psa_key_type_t type,
+                               size_t bits,
+                               const void *parameters,
+                               size_t parameters_size )
+{
+    return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+
 /****************************************************************/
 /* Module setup */
 /****************************************************************/
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 00add7d64..4b6085c40 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -456,3 +456,18 @@ asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d39
 PSA decrypt: RSA PKCS#1 v1.5, input too large
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT
+
+PSA generate random: 0 bytes
+generate_random:0:0
+
+PSA generate random: 1 byte
+generate_random:1:8
+
+PSA generate random: 4 bytes
+generate_random:1:2
+
+PSA generate random: 16 bytes
+generate_random:16:0
+
+PSA generate random: 19 bytes
+generate_random:19:0
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 9dbf0340d..c1d0e149a 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1520,3 +1520,44 @@ exit:
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void generate_random( int bytes, int retries )
+{
+    const unsigned char trail[] = "foobar";
+    unsigned char *buffer1 = mbedtls_calloc( 1, bytes + sizeof( trail ) );
+    unsigned char *buffer2 = mbedtls_calloc( 1, bytes );
+
+    TEST_ASSERT( buffer1 != NULL );
+    TEST_ASSERT( buffer2 != NULL );
+    memcpy( buffer1 + bytes, trail, sizeof( trail ) );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_generate_random( buffer1, bytes ) == PSA_SUCCESS );
+
+    /* Check that no more than bytes have been overwritten */
+    TEST_ASSERT( memcmp( buffer1 + bytes, trail, sizeof( trail ) ) == 0 );
+
+    if( bytes == 0 )
+        goto exit;
+
+    /* We can't validate that the data is really random, but we can
+     * validate that it doesn't repeat between calls. There's a
+     * 1/256^bytes chance that it does repeat, of course, so allow
+     * a few retries. */
+    ++retries; /* The first time isn't a REtry */
+    do
+    {
+        --retries;
+        TEST_ASSERT( psa_generate_random( buffer2, bytes ) == PSA_SUCCESS );
+    }
+    while( memcmp( buffer1, buffer2, bytes ) == 0 && retries >= -1 );
+    TEST_ASSERT( retries >= 0 );
+
+exit:
+    mbedtls_psa_crypto_free( );
+    mbedtls_free( buffer1 );
+    mbedtls_free( buffer2 );
+}
+/* END_CASE */

From 1672d1d2e4400ba91d034e1853944dda32a9100a Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 19 Jun 2018 11:50:35 +0200
Subject: [PATCH 274/889] Remove features with missing dependencies from
 config.h

The default config.h omits non-crypto features. Remove some features
that had been accidentally left in but have dependencies that had been
removed.

Also update configs/config-psa-crypto.h to match
include/mbedtls/config.h. They were historically identical but started
diverging when the feature-psa branch was rebased on top of a more
recent upstream.

Now the code builds with the "full" config.
---
 configs/config-psa-crypto.h | 26 --------------------------
 include/mbedtls/config.h    | 26 --------------------------
 2 files changed, 52 deletions(-)

diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h
index 9ae09c9ec..184e1ab64 100644
--- a/configs/config-psa-crypto.h
+++ b/configs/config-psa-crypto.h
@@ -152,13 +152,10 @@
  * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
  * MBEDTLS_PLATFORM_XXX_MACRO!
  *
- * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
- *
  * Uncomment a macro to enable alternate implementation of specific base
  * platform function
  */
 //#define MBEDTLS_PLATFORM_EXIT_ALT
-//#define MBEDTLS_PLATFORM_TIME_ALT
 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
 //#define MBEDTLS_PLATFORM_PRINTF_ALT
 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
@@ -1221,29 +1218,6 @@
  */
 #define MBEDTLS_GCM_C
 
-/**
- * \def MBEDTLS_HAVEGE_C
- *
- * Enable the HAVEGE random generator.
- *
- * Warning: the HAVEGE random generator is not suitable for virtualized
- *          environments
- *
- * Warning: the HAVEGE random generator is dependent on timing and specific
- *          processor traits. It is therefore not advised to use HAVEGE as
- *          your applications primary random generator or primary entropy pool
- *          input. As a secondary input to your entropy pool, it IS able add
- *          the (limited) extra entropy it provides.
- *
- * Module:  library/havege.c
- * Caller:
- *
- * Requires: MBEDTLS_TIMING_C
- *
- * Uncomment to enable the HAVEGE random generator.
- */
-//#define MBEDTLS_HAVEGE_C
-
 /**
  * \def MBEDTLS_HMAC_DRBG_C
  *
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 9f063be72..2ae69911c 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -178,13 +178,10 @@
  * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
  * MBEDTLS_PLATFORM_XXX_MACRO!
  *
- * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
- *
  * Uncomment a macro to enable alternate implementation of specific base
  * platform function
  */
 //#define MBEDTLS_PLATFORM_EXIT_ALT
-//#define MBEDTLS_PLATFORM_TIME_ALT
 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
 //#define MBEDTLS_PLATFORM_PRINTF_ALT
 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
@@ -1395,29 +1392,6 @@
  */
 #define MBEDTLS_GCM_C
 
-/**
- * \def MBEDTLS_HAVEGE_C
- *
- * Enable the HAVEGE random generator.
- *
- * Warning: the HAVEGE random generator is not suitable for virtualized
- *          environments
- *
- * Warning: the HAVEGE random generator is dependent on timing and specific
- *          processor traits. It is therefore not advised to use HAVEGE as
- *          your applications primary random generator or primary entropy pool
- *          input. As a secondary input to your entropy pool, it IS able add
- *          the (limited) extra entropy it provides.
- *
- * Module:  library/havege.c
- * Caller:
- *
- * Requires: MBEDTLS_TIMING_C
- *
- * Uncomment to enable the HAVEGE random generator.
- */
-//#define MBEDTLS_HAVEGE_C
-
 /**
  * \def MBEDTLS_HKDF_C
  *

From 0e2315859fd46cedff76869b0600109d2aee44bb Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 20 Jun 2018 00:11:07 +0200
Subject: [PATCH 275/889] psa_export_key: fix asymmetric key in larger buffer

Exporting an asymmetric key only worked if the target buffer had
exactly the right size, because psa_export_key uses
mbedtls_pk_write_key_der or mbedtls_pk_write_pubkey_der and these
functions write to the end of the buffer, which psa_export_key did not
correct for. Fix this by moving the data to the beginning of the
buffer if necessary.

Add non-regression tests.
---
 library/psa_crypto.c                    | 11 +++++++++++
 tests/suites/test_suite_psa_crypto.data |  8 ++++++++
 2 files changed, 19 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 5609f4283..c552b5331 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -629,6 +629,17 @@ static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
                 ret = mbedtls_pk_write_key_der( &pk, data, data_size );
             if( ret < 0 )
                 return( mbedtls_to_psa_error( ret ) );
+            /* The mbedtls_pk_xxx functions write to the end of the buffer.
+             * Move the data to the beginning and erase remaining data
+             * at the original location. */
+            if( 2 * (size_t) ret <= data_size )
+            {
+                memcpy( data, data + data_size - ret, ret );
+            }
+            else if( (size_t) ret < data_size )
+            {
+                memmove( data, data + data_size - ret, ret );
+            }
             *data_length = ret;
             return( PSA_SUCCESS );
         }
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 4b6085c40..b4c0fa97a 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -33,6 +33,10 @@ PSA import/export RSA public key: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
 
+PSA import/export RSA public key: good, 1024-bit, larger buffer
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1
+
 PSA import/export RSA keypair: policy forbids export
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1
@@ -41,6 +45,10 @@ PSA import/export RSA keypair: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
 
+PSA import/export RSA keypair: good, 1024-bit, larger buffer
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1
+
 PSA import/export RSA keypair: trailing garbage ignored
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0

From 9a9e19f3fb40f164eceed41193bd45875aae2e78 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 19 Jun 2018 11:56:47 +0200
Subject: [PATCH 276/889] Switch default config back to the upstream one + PSA
 + CMAC

Switch the default config.h back to the upstream version, plus the new
feature from this branch MBEDTLS_PSA_CRYPTO_C, plus MBEDTLS_CMAC_C
because it's a features we're using to explore the API design but
that's off by default in Mbed TLS.

Having a crypto-only version saved a bit of developer time, and it's
something we want to ship, but we also need a full build with TLS to
work, and the CI scripts assume that the default build includes TLS.

As a consequence, list-macros.sh no longer needs a special case to
pass check-names.sh.
---
 include/mbedtls/config.h     | 1068 +++++++++++++++++++++++++++++++++-
 tests/scripts/list-macros.sh |    1 -
 2 files changed, 1058 insertions(+), 11 deletions(-)

diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 2ae69911c..d3df9eeda 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1,9 +1,11 @@
 /**
- * \file config-psa-crypto.h
+ * \file config.h
  *
- * \brief Configuration with all cryptography features and no X.509 or TLS.
+ * \brief Configuration options (set of defines)
  *
- * This configuration is intended to prototype the PSA reference implementation.
+ *  This set of compile-time options may be used to enable
+ *  or disable features selectively, and reduce the global
+ *  memory footprint.
  */
 /*
  *  Copyright (C) 2006-2018, ARM Limited, All Rights Reserved
@@ -117,6 +119,33 @@
  */
 //#define MBEDTLS_HAVE_SSE2
 
+/**
+ * \def MBEDTLS_HAVE_TIME
+ *
+ * System has time.h and time().
+ * The time does not need to be correct, only time differences are used,
+ * by contrast with MBEDTLS_HAVE_TIME_DATE
+ *
+ * Defining MBEDTLS_HAVE_TIME allows you to specify MBEDTLS_PLATFORM_TIME_ALT,
+ * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and
+ * MBEDTLS_PLATFORM_STD_TIME.
+ *
+ * Comment if your system does not support time functions
+ */
+#define MBEDTLS_HAVE_TIME
+
+/**
+ * \def MBEDTLS_HAVE_TIME_DATE
+ *
+ * System has time.h and time(), gmtime() and the clock is correct.
+ * The time needs to be correct (not necesarily very accurate, but at least
+ * the date should be correct). This is used to verify the validity period of
+ * X.509 certificates.
+ *
+ * Comment if your system does not have a correct clock.
+ */
+#define MBEDTLS_HAVE_TIME_DATE
+
 /**
  * \def MBEDTLS_PLATFORM_MEMORY
  *
@@ -178,10 +207,13 @@
  * \warning MBEDTLS_PLATFORM_XXX_ALT cannot be defined at the same time as
  * MBEDTLS_PLATFORM_XXX_MACRO!
  *
+ * Requires: MBEDTLS_PLATFORM_TIME_ALT requires MBEDTLS_HAVE_TIME
+ *
  * Uncomment a macro to enable alternate implementation of specific base
  * platform function
  */
 //#define MBEDTLS_PLATFORM_EXIT_ALT
+//#define MBEDTLS_PLATFORM_TIME_ALT
 //#define MBEDTLS_PLATFORM_FPRINTF_ALT
 //#define MBEDTLS_PLATFORM_PRINTF_ALT
 //#define MBEDTLS_PLATFORM_SNPRINTF_ALT
@@ -225,6 +257,19 @@
  * \{
  */
 
+/**
+ * \def MBEDTLS_TIMING_ALT
+ *
+ * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(),
+ * mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
+ *
+ * Only works if you have MBEDTLS_TIMING_C enabled.
+ *
+ * You will need to provide a header "timing_alt.h" and an implementation at
+ * compile time.
+ */
+//#define MBEDTLS_TIMING_ALT
+
 /**
  * \def MBEDTLS_AES_ALT
  *
@@ -559,6 +604,37 @@
 #define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
 #define MBEDTLS_CIPHER_PADDING_ZEROS
 
+/**
+ * \def MBEDTLS_ENABLE_WEAK_CIPHERSUITES
+ *
+ * Enable weak ciphersuites in SSL / TLS.
+ * Warning: Only do so when you know what you are doing. This allows for
+ * channels with virtually no security at all!
+ *
+ * This enables the following ciphersuites:
+ *      MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA
+ *
+ * Uncomment this macro to enable weak ciphersuites
+ *
+ * \warning   DES is considered a weak cipher and its use constitutes a
+ *            security risk. We recommend considering stronger ciphers instead.
+ */
+//#define MBEDTLS_ENABLE_WEAK_CIPHERSUITES
+
+/**
+ * \def MBEDTLS_REMOVE_ARC4_CIPHERSUITES
+ *
+ * Remove RC4 ciphersuites by default in SSL / TLS.
+ * This flag removes the ciphersuites based on RC4 from the default list as
+ * returned by mbedtls_ssl_list_ciphersuites(). However, it is still possible to
+ * enable (some of) them with mbedtls_ssl_conf_ciphersuites() by including them
+ * explicitly.
+ *
+ * Uncomment this macro to remove RC4 ciphersuites by default.
+ */
+#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
+
 /**
  * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
  *
@@ -606,6 +682,281 @@
  */
 #define MBEDTLS_ECDSA_DETERMINISTIC
 
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+ *
+ * Enable the PSK based ciphersuite modes in SSL / TLS.
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_PSK_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
+ *
+ * Enable the DHE-PSK based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_DHM_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA
+ *
+ * \warning    Using DHE constitutes a security risk as it
+ *             is not possible to validate custom DH parameters.
+ *             If possible, it is recommended users should consider
+ *             preferring other methods of key exchange.
+ *             See dhm.h for more details.
+ *
+ */
+#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+ *
+ * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
+ *
+ * Enable the RSA-PSK based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ *           MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+ *
+ * Enable the RSA-only based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ *           MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_RSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_RSA_WITH_RC4_128_MD5
+ */
+#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
+ *
+ * Enable the DHE-RSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_DHM_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ *           MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
+ *      MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
+ *
+ * \warning    Using DHE constitutes a security risk as it
+ *             is not possible to validate custom DH parameters.
+ *             If possible, it is recommended users should consider
+ *             preferring other methods of key exchange.
+ *             See dhm.h for more details.
+ *
+ */
+#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+ *
+ * Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ *           MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+ *
+ * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C,
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+ *
+ * Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+ *
+ * Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ */
+#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+
+/**
+ * \def MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
+ *
+ * Enable the ECJPAKE based ciphersuite modes in SSL / TLS.
+ *
+ * \warning This is currently experimental. EC J-PAKE support is based on the
+ * Thread v1.0.0 specification; incompatible changes to the specification
+ * might still happen. For this reason, this is disabled by default.
+ *
+ * Requires: MBEDTLS_ECJPAKE_C
+ *           MBEDTLS_SHA256_C
+ *           MBEDTLS_ECP_DP_SECP256R1_ENABLED
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *      MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8
+ */
+//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
+
 /**
  * \def MBEDTLS_PK_PARSE_EC_EXTENDED
  *
@@ -778,7 +1129,8 @@
 /**
  * \def MBEDTLS_RSA_NO_CRT
  *
- * Do not use the Chinese Remainder Theorem for the RSA private operation.
+ * Do not use the Chinese Remainder Theorem
+ * for the RSA private operation.
  *
  * Uncomment this macro to disable the use of CRT in RSA.
  *
@@ -808,6 +1160,20 @@
  */
 //#define MBEDTLS_SHA256_SMALLER
 
+/**
+ * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES
+ *
+ * Enable sending of alert messages in case of encountered errors as per RFC.
+ * If you choose not to send the alert messages, mbed TLS can still communicate
+ * with other servers, only debugging of failures is harder.
+ *
+ * The advantage of not sending alert messages, is that no information is given
+ * about reasons for failures thus preventing adversaries of gaining intel.
+ *
+ * Enable sending of all alert messages
+ */
+#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
+
 /**
  * \def MBEDTLS_SSL_ASYNC_PRIVATE
  *
@@ -819,6 +1185,348 @@
  */
 //#define MBEDTLS_SSL_ASYNC_PRIVATE
 
+/**
+ * \def MBEDTLS_SSL_DEBUG_ALL
+ *
+ * Enable the debug messages in SSL module for all issues.
+ * Debug messages have been disabled in some places to prevent timing
+ * attacks due to (unbalanced) debugging function calls.
+ *
+ * If you need all error reporting you should enable this during debugging,
+ * but remove this for production servers that should log as well.
+ *
+ * Uncomment this macro to report all debug messages on errors introducing
+ * a timing side-channel.
+ *
+ */
+//#define MBEDTLS_SSL_DEBUG_ALL
+
+/** \def MBEDTLS_SSL_ENCRYPT_THEN_MAC
+ *
+ * Enable support for Encrypt-then-MAC, RFC 7366.
+ *
+ * This allows peers that both support it to use a more robust protection for
+ * ciphersuites using CBC, providing deep resistance against timing attacks
+ * on the padding or underlying cipher.
+ *
+ * This only affects CBC ciphersuites, and is useless if none is defined.
+ *
+ * Requires: MBEDTLS_SSL_PROTO_TLS1    or
+ *           MBEDTLS_SSL_PROTO_TLS1_1  or
+ *           MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for Encrypt-then-MAC
+ */
+#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
+
+/** \def MBEDTLS_SSL_EXTENDED_MASTER_SECRET
+ *
+ * Enable support for Extended Master Secret, aka Session Hash
+ * (draft-ietf-tls-session-hash-02).
+ *
+ * This was introduced as "the proper fix" to the Triple Handshake familiy of
+ * attacks, but it is recommended to always use it (even if you disable
+ * renegotiation), since it actually fixes a more fundamental issue in the
+ * original SSL/TLS design, and has implications beyond Triple Handshake.
+ *
+ * Requires: MBEDTLS_SSL_PROTO_TLS1    or
+ *           MBEDTLS_SSL_PROTO_TLS1_1  or
+ *           MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for Extended Master Secret.
+ */
+#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
+
+/**
+ * \def MBEDTLS_SSL_FALLBACK_SCSV
+ *
+ * Enable support for FALLBACK_SCSV (draft-ietf-tls-downgrade-scsv-00).
+ *
+ * For servers, it is recommended to always enable this, unless you support
+ * only one version of TLS, or know for sure that none of your clients
+ * implements a fallback strategy.
+ *
+ * For clients, you only need this if you're using a fallback strategy, which
+ * is not recommended in the first place, unless you absolutely need it to
+ * interoperate with buggy (version-intolerant) servers.
+ *
+ * Comment this macro to disable support for FALLBACK_SCSV
+ */
+#define MBEDTLS_SSL_FALLBACK_SCSV
+
+/**
+ * \def MBEDTLS_SSL_HW_RECORD_ACCEL
+ *
+ * Enable hooking functions in SSL module for hardware acceleration of
+ * individual records.
+ *
+ * Uncomment this macro to enable hooking functions.
+ */
+//#define MBEDTLS_SSL_HW_RECORD_ACCEL
+
+/**
+ * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING
+ *
+ * Enable 1/n-1 record splitting for CBC mode in SSLv3 and TLS 1.0.
+ *
+ * This is a countermeasure to the BEAST attack, which also minimizes the risk
+ * of interoperability issues compared to sending 0-length records.
+ *
+ * Comment this macro to disable 1/n-1 record splitting.
+ */
+#define MBEDTLS_SSL_CBC_RECORD_SPLITTING
+
+/**
+ * \def MBEDTLS_SSL_RENEGOTIATION
+ *
+ * Disable support for TLS renegotiation.
+ *
+ * The two main uses of renegotiation are (1) refresh keys on long-lived
+ * connections and (2) client authentication after the initial handshake.
+ * If you don't need renegotiation, it's probably better to disable it, since
+ * it has been associated with security issues in the past and is easy to
+ * misuse/misunderstand.
+ *
+ * Comment this to disable support for renegotiation.
+ *
+ * \note   Even if this option is disabled, both client and server are aware
+ *         of the Renegotiation Indication Extension (RFC 5746) used to
+ *         prevent the SSL renegotiation attack (see RFC 5746 Sect. 1).
+ *         (See \c mbedtls_ssl_conf_legacy_renegotiation for the
+ *          configuration of this extension).
+ *
+ */
+#define MBEDTLS_SSL_RENEGOTIATION
+
+/**
+ * \def MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
+ *
+ * Enable support for receiving and parsing SSLv2 Client Hello messages for the
+ * SSL Server module (MBEDTLS_SSL_SRV_C).
+ *
+ * Uncomment this macro to enable support for SSLv2 Client Hello messages.
+ */
+//#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
+
+/**
+ * \def MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
+ *
+ * Pick the ciphersuite according to the client's preferences rather than ours
+ * in the SSL Server module (MBEDTLS_SSL_SRV_C).
+ *
+ * Uncomment this macro to respect client's ciphersuite order
+ */
+//#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
+
+/**
+ * \def MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+ *
+ * Enable support for RFC 6066 max_fragment_length extension in SSL.
+ *
+ * Comment this macro to disable support for the max_fragment_length extension
+ */
+#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
+
+/**
+ * \def MBEDTLS_SSL_PROTO_SSL3
+ *
+ * Enable support for SSL 3.0.
+ *
+ * Requires: MBEDTLS_MD5_C
+ *           MBEDTLS_SHA1_C
+ *
+ * Comment this macro to disable support for SSL 3.0
+ */
+//#define MBEDTLS_SSL_PROTO_SSL3
+
+/**
+ * \def MBEDTLS_SSL_PROTO_TLS1
+ *
+ * Enable support for TLS 1.0.
+ *
+ * Requires: MBEDTLS_MD5_C
+ *           MBEDTLS_SHA1_C
+ *
+ * Comment this macro to disable support for TLS 1.0
+ */
+#define MBEDTLS_SSL_PROTO_TLS1
+
+/**
+ * \def MBEDTLS_SSL_PROTO_TLS1_1
+ *
+ * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled).
+ *
+ * Requires: MBEDTLS_MD5_C
+ *           MBEDTLS_SHA1_C
+ *
+ * Comment this macro to disable support for TLS 1.1 / DTLS 1.0
+ */
+#define MBEDTLS_SSL_PROTO_TLS1_1
+
+/**
+ * \def MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Enable support for TLS 1.2 (and DTLS 1.2 if DTLS is enabled).
+ *
+ * Requires: MBEDTLS_SHA1_C or MBEDTLS_SHA256_C or MBEDTLS_SHA512_C
+ *           (Depends on ciphersuites)
+ *
+ * Comment this macro to disable support for TLS 1.2 / DTLS 1.2
+ */
+#define MBEDTLS_SSL_PROTO_TLS1_2
+
+/**
+ * \def MBEDTLS_SSL_PROTO_DTLS
+ *
+ * Enable support for DTLS (all available versions).
+ *
+ * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0,
+ * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2.
+ *
+ * Requires: MBEDTLS_SSL_PROTO_TLS1_1
+ *        or MBEDTLS_SSL_PROTO_TLS1_2
+ *
+ * Comment this macro to disable support for DTLS
+ */
+#define MBEDTLS_SSL_PROTO_DTLS
+
+/**
+ * \def MBEDTLS_SSL_ALPN
+ *
+ * Enable support for RFC 7301 Application Layer Protocol Negotiation.
+ *
+ * Comment this macro to disable support for ALPN.
+ */
+#define MBEDTLS_SSL_ALPN
+
+/**
+ * \def MBEDTLS_SSL_DTLS_ANTI_REPLAY
+ *
+ * Enable support for the anti-replay mechanism in DTLS.
+ *
+ * Requires: MBEDTLS_SSL_TLS_C
+ *           MBEDTLS_SSL_PROTO_DTLS
+ *
+ * \warning Disabling this is often a security risk!
+ * See mbedtls_ssl_conf_dtls_anti_replay() for details.
+ *
+ * Comment this to disable anti-replay in DTLS.
+ */
+#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
+
+/**
+ * \def MBEDTLS_SSL_DTLS_HELLO_VERIFY
+ *
+ * Enable support for HelloVerifyRequest on DTLS servers.
+ *
+ * This feature is highly recommended to prevent DTLS servers being used as
+ * amplifiers in DoS attacks against other hosts. It should always be enabled
+ * unless you know for sure amplification cannot be a problem in the
+ * environment in which your server operates.
+ *
+ * \warning Disabling this can ba a security risk! (see above)
+ *
+ * Requires: MBEDTLS_SSL_PROTO_DTLS
+ *
+ * Comment this to disable support for HelloVerifyRequest.
+ */
+#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
+
+/**
+ * \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
+ *
+ * Enable server-side support for clients that reconnect from the same port.
+ *
+ * Some clients unexpectedly close the connection and try to reconnect using the
+ * same source port. This needs special support from the server to handle the
+ * new connection securely, as described in section 4.2.8 of RFC 6347. This
+ * flag enables that support.
+ *
+ * Requires: MBEDTLS_SSL_DTLS_HELLO_VERIFY
+ *
+ * Comment this to disable support for clients reusing the source port.
+ */
+#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
+
+/**
+ * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT
+ *
+ * Enable support for a limit of records with bad MAC.
+ *
+ * See mbedtls_ssl_conf_dtls_badmac_limit().
+ *
+ * Requires: MBEDTLS_SSL_PROTO_DTLS
+ */
+#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT
+
+/**
+ * \def MBEDTLS_SSL_SESSION_TICKETS
+ *
+ * Enable support for RFC 5077 session tickets in SSL.
+ * Client-side, provides full support for session tickets (maintainance of a
+ * session store remains the responsibility of the application, though).
+ * Server-side, you also need to provide callbacks for writing and parsing
+ * tickets, including authenticated encryption and key management. Example
+ * callbacks are provided by MBEDTLS_SSL_TICKET_C.
+ *
+ * Comment this macro to disable support for SSL session tickets
+ */
+#define MBEDTLS_SSL_SESSION_TICKETS
+
+/**
+ * \def MBEDTLS_SSL_EXPORT_KEYS
+ *
+ * Enable support for exporting key block and master secret.
+ * This is required for certain users of TLS, e.g. EAP-TLS.
+ *
+ * Comment this macro to disable support for key export
+ */
+#define MBEDTLS_SSL_EXPORT_KEYS
+
+/**
+ * \def MBEDTLS_SSL_SERVER_NAME_INDICATION
+ *
+ * Enable support for RFC 6066 server name indication (SNI) in SSL.
+ *
+ * Requires: MBEDTLS_X509_CRT_PARSE_C
+ *
+ * Comment this macro to disable support for server name indication in SSL
+ */
+#define MBEDTLS_SSL_SERVER_NAME_INDICATION
+
+/**
+ * \def MBEDTLS_SSL_TRUNCATED_HMAC
+ *
+ * Enable support for RFC 6066 truncated HMAC in SSL.
+ *
+ * Comment this macro to disable support for truncated HMAC in SSL
+ */
+#define MBEDTLS_SSL_TRUNCATED_HMAC
+
+/**
+ * \def MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
+ *
+ * Fallback to old (pre-2.7), non-conforming implementation of the truncated
+ * HMAC extension which also truncates the HMAC key. Note that this option is
+ * only meant for a transitory upgrade period and is likely to be removed in
+ * a future version of the library.
+ *
+ * \warning The old implementation is non-compliant and has a security weakness
+ *          (2^80 brute force attack on the HMAC key used for a single,
+ *          uninterrupted connection). This should only be enabled temporarily
+ *          when (1) the use of truncated HMAC is essential in order to save
+ *          bandwidth, and (2) the peer is an Mbed TLS stack that doesn't use
+ *          the fixed implementation yet (pre-2.7).
+ *
+ * \deprecated This option is deprecated and will likely be removed in a
+ *             future version of Mbed TLS.
+ *
+ * Uncomment to fallback to old, non-compliant truncated HMAC implementation.
+ *
+ * Requires: MBEDTLS_SSL_TRUNCATED_HMAC
+ */
+//#define MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT
+
 /**
  * \def MBEDTLS_THREADING_ALT
  *
@@ -854,6 +1562,89 @@
  */
 #define MBEDTLS_VERSION_FEATURES
 
+/**
+ * \def MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
+ *
+ * If set, the X509 parser will not break-off when parsing an X509 certificate
+ * and encountering an extension in a v1 or v2 certificate.
+ *
+ * Uncomment to prevent an error.
+ */
+//#define MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3
+
+/**
+ * \def MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
+ *
+ * If set, the X509 parser will not break-off when parsing an X509 certificate
+ * and encountering an unknown critical extension.
+ *
+ * \warning Depending on your PKI use, enabling this can be a security risk!
+ *
+ * Uncomment to prevent an error.
+ */
+//#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
+
+/**
+ * \def MBEDTLS_X509_CHECK_KEY_USAGE
+ *
+ * Enable verification of the keyUsage extension (CA and leaf certificates).
+ *
+ * Disabling this avoids problems with mis-issued and/or misused
+ * (intermediate) CA and leaf certificates.
+ *
+ * \warning Depending on your PKI use, disabling this can be a security risk!
+ *
+ * Comment to skip keyUsage checking for both CA and leaf certificates.
+ */
+#define MBEDTLS_X509_CHECK_KEY_USAGE
+
+/**
+ * \def MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
+ *
+ * Enable verification of the extendedKeyUsage extension (leaf certificates).
+ *
+ * Disabling this avoids problems with mis-issued and/or misused certificates.
+ *
+ * \warning Depending on your PKI use, disabling this can be a security risk!
+ *
+ * Comment to skip extendedKeyUsage checking for certificates.
+ */
+#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
+
+/**
+ * \def MBEDTLS_X509_RSASSA_PSS_SUPPORT
+ *
+ * Enable parsing and verification of X.509 certificates, CRLs and CSRS
+ * signed with RSASSA-PSS (aka PKCS#1 v2.1).
+ *
+ * Comment this macro to disallow using RSASSA-PSS in certificates.
+ */
+#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
+
+/**
+ * \def MBEDTLS_ZLIB_SUPPORT
+ *
+ * If set, the SSL/TLS module uses ZLIB to support compression and
+ * decompression of packet data.
+ *
+ * \warning TLS-level compression MAY REDUCE SECURITY! See for example the
+ * CRIME attack. Before enabling this option, you should examine with care if
+ * CRIME or similar exploits may be a applicable to your use case.
+ *
+ * \note Currently compression can't be used with DTLS.
+ *
+ * \deprecated This feature is deprecated and will be removed
+ *             in the next major revision of the library.
+ *
+ * Used in: library/ssl_tls.c
+ *          library/ssl_cli.c
+ *          library/ssl_srv.c
+ *
+ * This feature requires zlib library and headers to be present.
+ *
+ * Uncomment to enable use of ZLIB
+ */
+//#define MBEDTLS_ZLIB_SUPPORT
 /* \} name SECTION: mbed TLS feature support */
 
 /**
@@ -1238,6 +2029,20 @@
  */
 #define MBEDTLS_CTR_DRBG_C
 
+/**
+ * \def MBEDTLS_DEBUG_C
+ *
+ * Enable the debug functions.
+ *
+ * Module:  library/debug.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *          library/ssl_tls.c
+ *
+ * This module provides debugging functions.
+ */
+#define MBEDTLS_DEBUG_C
+
 /**
  * \def MBEDTLS_DES_C
  *
@@ -1336,7 +2141,7 @@
  *
  * Requires: MBEDTLS_ECP_C, MBEDTLS_MD_C
  */
-#define MBEDTLS_ECJPAKE_C
+//#define MBEDTLS_ECJPAKE_C
 
 /**
  * \def MBEDTLS_ECP_C
@@ -1392,6 +2197,29 @@
  */
 #define MBEDTLS_GCM_C
 
+/**
+ * \def MBEDTLS_HAVEGE_C
+ *
+ * Enable the HAVEGE random generator.
+ *
+ * Warning: the HAVEGE random generator is not suitable for virtualized
+ *          environments
+ *
+ * Warning: the HAVEGE random generator is dependent on timing and specific
+ *          processor traits. It is therefore not advised to use HAVEGE as
+ *          your applications primary random generator or primary entropy pool
+ *          input. As a secondary input to your entropy pool, it IS able add
+ *          the (limited) extra entropy it provides.
+ *
+ * Module:  library/havege.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_TIMING_C
+ *
+ * Uncomment to enable the HAVEGE random generator.
+ */
+//#define MBEDTLS_HAVEGE_C
+
 /**
  * \def MBEDTLS_HKDF_C
  *
@@ -1461,7 +2289,7 @@
  *            it, and considering stronger message digests instead.
  *
  */
-#define MBEDTLS_MD2_C
+//#define MBEDTLS_MD2_C
 
 /**
  * \def MBEDTLS_MD4_C
@@ -1478,7 +2306,7 @@
  *            it, and considering stronger message digests instead.
  *
  */
-#define MBEDTLS_MD4_C
+//#define MBEDTLS_MD4_C
 
 /**
  * \def MBEDTLS_MD5_C
@@ -1518,6 +2346,25 @@
  */
 //#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
 
+/**
+ * \def MBEDTLS_NET_C
+ *
+ * Enable the TCP and UDP over IPv6/IPv4 networking routines.
+ *
+ * \note This module only works on POSIX/Unix (including Linux, BSD and OS X)
+ * and Windows. For other platforms, you'll want to disable it, and write your
+ * own networking callbacks to be passed to \c mbedtls_ssl_set_bio().
+ *
+ * \note See also our Knowledge Base article about porting to a new
+ * environment:
+ * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
+ *
+ * Module:  library/net_sockets.c
+ *
+ * This module provides networking routines.
+ */
+#define MBEDTLS_NET_C
+
 /**
  * \def MBEDTLS_OID_C
  *
@@ -1553,7 +2400,7 @@
  *
  * This modules adds support for the VIA PadLock on x86.
  */
-//#define MBEDTLS_PADLOCK_C
+#define MBEDTLS_PADLOCK_C
 
 /**
  * \def MBEDTLS_PEM_PARSE_C
@@ -1804,6 +2651,84 @@
  */
 #define MBEDTLS_SHA512_C
 
+/**
+ * \def MBEDTLS_SSL_CACHE_C
+ *
+ * Enable simple SSL cache implementation.
+ *
+ * Module:  library/ssl_cache.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SSL_CACHE_C
+ */
+#define MBEDTLS_SSL_CACHE_C
+
+/**
+ * \def MBEDTLS_SSL_COOKIE_C
+ *
+ * Enable basic implementation of DTLS cookies for hello verification.
+ *
+ * Module:  library/ssl_cookie.c
+ * Caller:
+ */
+#define MBEDTLS_SSL_COOKIE_C
+
+/**
+ * \def MBEDTLS_SSL_TICKET_C
+ *
+ * Enable an implementation of TLS server-side callbacks for session tickets.
+ *
+ * Module:  library/ssl_ticket.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_CIPHER_C
+ */
+#define MBEDTLS_SSL_TICKET_C
+
+/**
+ * \def MBEDTLS_SSL_CLI_C
+ *
+ * Enable the SSL/TLS client code.
+ *
+ * Module:  library/ssl_cli.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SSL_TLS_C
+ *
+ * This module is required for SSL/TLS client support.
+ */
+#define MBEDTLS_SSL_CLI_C
+
+/**
+ * \def MBEDTLS_SSL_SRV_C
+ *
+ * Enable the SSL/TLS server code.
+ *
+ * Module:  library/ssl_srv.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_SSL_TLS_C
+ *
+ * This module is required for SSL/TLS server support.
+ */
+#define MBEDTLS_SSL_SRV_C
+
+/**
+ * \def MBEDTLS_SSL_TLS_C
+ *
+ * Enable the generic SSL/TLS code.
+ *
+ * Module:  library/ssl_tls.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *
+ * Requires: MBEDTLS_CIPHER_C, MBEDTLS_MD_C
+ *           and at least one of the MBEDTLS_SSL_PROTO_XXX defines
+ *
+ * This module is required for SSL/TLS.
+ */
+#define MBEDTLS_SSL_TLS_C
+
 /**
  * \def MBEDTLS_THREADING_C
  *
@@ -1826,6 +2751,29 @@
  */
 //#define MBEDTLS_THREADING_C
 
+/**
+ * \def MBEDTLS_TIMING_C
+ *
+ * Enable the semi-portable timing interface.
+ *
+ * \note The provided implementation only works on POSIX/Unix (including Linux,
+ * BSD and OS X) and Windows. On other platforms, you can either disable that
+ * module and provide your own implementations of the callbacks needed by
+ * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide
+ * your own implementation of the whole module by setting
+ * \c MBEDTLS_TIMING_ALT in the current file.
+ *
+ * \note See also our Knowledge Base article about porting to a new
+ * environment:
+ * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
+ *
+ * Module:  library/timing.c
+ * Caller:  library/havege.c
+ *
+ * This module is used by the HAVEGE random number generator.
+ */
+#define MBEDTLS_TIMING_C
+
 /**
  * \def MBEDTLS_VERSION_C
  *
@@ -1837,6 +2785,106 @@
  */
 #define MBEDTLS_VERSION_C
 
+/**
+ * \def MBEDTLS_X509_USE_C
+ *
+ * Enable X.509 core for using certificates.
+ *
+ * Module:  library/x509.c
+ * Caller:  library/x509_crl.c
+ *          library/x509_crt.c
+ *          library/x509_csr.c
+ *
+ * Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_BIGNUM_C, MBEDTLS_OID_C,
+ *           MBEDTLS_PK_PARSE_C
+ *
+ * This module is required for the X.509 parsing modules.
+ */
+#define MBEDTLS_X509_USE_C
+
+/**
+ * \def MBEDTLS_X509_CRT_PARSE_C
+ *
+ * Enable X.509 certificate parsing.
+ *
+ * Module:  library/x509_crt.c
+ * Caller:  library/ssl_cli.c
+ *          library/ssl_srv.c
+ *          library/ssl_tls.c
+ *
+ * Requires: MBEDTLS_X509_USE_C
+ *
+ * This module is required for X.509 certificate parsing.
+ */
+#define MBEDTLS_X509_CRT_PARSE_C
+
+/**
+ * \def MBEDTLS_X509_CRL_PARSE_C
+ *
+ * Enable X.509 CRL parsing.
+ *
+ * Module:  library/x509_crl.c
+ * Caller:  library/x509_crt.c
+ *
+ * Requires: MBEDTLS_X509_USE_C
+ *
+ * This module is required for X.509 CRL parsing.
+ */
+#define MBEDTLS_X509_CRL_PARSE_C
+
+/**
+ * \def MBEDTLS_X509_CSR_PARSE_C
+ *
+ * Enable X.509 Certificate Signing Request (CSR) parsing.
+ *
+ * Module:  library/x509_csr.c
+ * Caller:  library/x509_crt_write.c
+ *
+ * Requires: MBEDTLS_X509_USE_C
+ *
+ * This module is used for reading X.509 certificate request.
+ */
+#define MBEDTLS_X509_CSR_PARSE_C
+
+/**
+ * \def MBEDTLS_X509_CREATE_C
+ *
+ * Enable X.509 core for creating certificates.
+ *
+ * Module:  library/x509_create.c
+ *
+ * Requires: MBEDTLS_BIGNUM_C, MBEDTLS_OID_C, MBEDTLS_PK_WRITE_C
+ *
+ * This module is the basis for creating X.509 certificates and CSRs.
+ */
+#define MBEDTLS_X509_CREATE_C
+
+/**
+ * \def MBEDTLS_X509_CRT_WRITE_C
+ *
+ * Enable creating X.509 certificates.
+ *
+ * Module:  library/x509_crt_write.c
+ *
+ * Requires: MBEDTLS_X509_CREATE_C
+ *
+ * This module is required for X.509 certificate creation.
+ */
+#define MBEDTLS_X509_CRT_WRITE_C
+
+/**
+ * \def MBEDTLS_X509_CSR_WRITE_C
+ *
+ * Enable creating X.509 Certificate Signing Requests (CSR).
+ *
+ * Module:  library/x509_csr_write.c
+ *
+ * Requires: MBEDTLS_X509_CREATE_C
+ *
+ * This module is required for X.509 certificate request writing.
+ */
+#define MBEDTLS_X509_CSR_WRITE_C
+
 /**
  * \def MBEDTLS_XTEA_C
  *
@@ -2067,7 +3115,7 @@
 /* \} name SECTION: Customisation configuration options */
 
 /* Target and application specific configurations */
-//#define YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE "target_config.h"
+//#define YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE "mbedtls/target_config.h"
 
 #if defined(TARGET_LIKE_MBED) && defined(YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE)
 #include YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE
@@ -2086,6 +3134,6 @@
 #include MBEDTLS_USER_CONFIG_FILE
 #endif
 
-#include "mbedtls/check_config.h"
+#include "check_config.h"
 
 #endif /* MBEDTLS_CONFIG_H */
diff --git a/tests/scripts/list-macros.sh b/tests/scripts/list-macros.sh
index 34d909517..3c84adba6 100755
--- a/tests/scripts/list-macros.sh
+++ b/tests/scripts/list-macros.sh
@@ -8,7 +8,6 @@ if [ -d include/mbedtls ]; then :; else
 fi
 
 HEADERS=$( ls include/mbedtls/*.h | egrep -v 'compat-1\.3\.h' )
-HEADERS="$HEADERS configs/config-default.h"
 
 sed -n -e 's/.*#define \([a-zA-Z0-9_]*\).*/\1/p' $HEADERS \
     | egrep -v '^(asm|inline|EMIT|_CRT_SECURE_NO_DEPRECATE)$|^MULADDC_' \

From e66ca3bbf36332bca6a97f6bca2a5883f5f32387 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 20 Jun 2018 00:11:45 +0200
Subject: [PATCH 277/889] psa_export_key: zero out potential garbage in the
 output buffer

In psa_export_key, ensure that each byte of the output buffer either
contains its original value, is zero, or is part of the actual output.
Specifically, don't risk having partial output on error, and don't
leave extra data at the end of the buffer when exporting an asymmetric
key.

Test that exporting to a previously zeroed buffer leaves the buffer
zeroed outside the actual output if any.
---
 library/psa_crypto.c                        |  5 +++++
 tests/suites/test_suite_psa_crypto.function | 24 +++++++++++++++++++++
 2 files changed, 29 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c552b5331..8e7aeefa2 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -628,17 +628,22 @@ static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
             else
                 ret = mbedtls_pk_write_key_der( &pk, data, data_size );
             if( ret < 0 )
+            {
+                memset( data, 0, data_size );
                 return( mbedtls_to_psa_error( ret ) );
+            }
             /* The mbedtls_pk_xxx functions write to the end of the buffer.
              * Move the data to the beginning and erase remaining data
              * at the original location. */
             if( 2 * (size_t) ret <= data_size )
             {
                 memcpy( data, data + data_size - ret, ret );
+                memset( data + data_size - ret, 0, ret );
             }
             else if( (size_t) ret < data_size )
             {
                 memmove( data, data + data_size - ret, ret );
+                memset( data + ret, 0, data_size - ret );
             }
             *data_length = ret;
             return( PSA_SUCCESS );
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index c1d0e149a..958637560 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -7,6 +7,25 @@
 #else
 #define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) 1
 #endif
+
+/** Test if a buffer is not all-bits zero.
+ *
+ * \param buffer    Pointer to the beginning of the buffer.
+ * \param size      Size of the buffer in bytes.
+ *
+ * \return          0 if the buffer is all-bits-zero.
+ * \return          A nonzero value otherwise.
+ */
+int mem_is_nonzero( void *buffer, size_t size )
+{
+    size_t i;
+    for( i = 0; i < size; i++ )
+    {
+        if( ( (unsigned char *) buffer )[i] != 0 )
+            return( i + 1 );
+    }
+    return( 0 );
+}
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
@@ -106,8 +125,13 @@ void import_export( data_t *data,
                              exported, export_size,
                              &exported_length );
     TEST_ASSERT( status == (psa_status_t) expected_export_status );
+    TEST_ASSERT( ! mem_is_nonzero( exported + exported_length,
+                                   export_size - exported_length ) );
     if( status != PSA_SUCCESS )
+    {
+        TEST_ASSERT( exported_length == 0 );
         goto destroy;
+    }
 
     if( canonical_input )
     {

From e3b07d81d6bf52203cfbb5ed7b98f8e6ede942a2 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 19 Jun 2018 11:57:35 +0200
Subject: [PATCH 278/889] Fix build without CMAC

Add missing guard for MBEDTLS_CMAC_C.
---
 library/psa_crypto.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 1de19555f..e41e51287 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1065,6 +1065,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
     return( PSA_SUCCESS );
 }
 
+#if defined(MBEDTLS_CMAC_C)
 static int psa_cmac_start( psa_mac_operation_t *operation,
                            size_t key_bits,
                            key_slot_t *slot,
@@ -1085,6 +1086,7 @@ static int psa_cmac_start( psa_mac_operation_t *operation,
                                       key_bits );
     return( ret );
 }
+#endif /* MBEDTLS_CMAC_C */
 
 static int psa_hmac_start( psa_mac_operation_t *operation,
                            psa_key_type_t key_type,

From 12313cd84c57be7ad3d150706171adadc529a3ff Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 20 Jun 2018 00:20:32 +0200
Subject: [PATCH 279/889] Implement psa_generate_key: AES, DES, RSA, ECP

In the test cases, try exporting the generated key and perform sanity
checks on it.
---
 library/psa_crypto.c                        | 144 +++++++++++++++++++-
 tests/suites/test_suite_psa_crypto.data     |  51 +++++++
 tests/suites/test_suite_psa_crypto.function | 130 ++++++++++++++++++
 3 files changed, 324 insertions(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 8e7aeefa2..d75226cc6 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -346,6 +346,41 @@ static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid )
     }
 }
 
+static mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve )
+{
+    switch( curve )
+    {
+        case PSA_ECC_CURVE_SECP192R1:
+            return( MBEDTLS_ECP_DP_SECP192R1 );
+        case PSA_ECC_CURVE_SECP224R1:
+            return( MBEDTLS_ECP_DP_SECP224R1 );
+        case PSA_ECC_CURVE_SECP256R1:
+            return( MBEDTLS_ECP_DP_SECP256R1 );
+        case PSA_ECC_CURVE_SECP384R1:
+            return( MBEDTLS_ECP_DP_SECP384R1 );
+        case PSA_ECC_CURVE_SECP521R1:
+            return( MBEDTLS_ECP_DP_SECP521R1 );
+        case PSA_ECC_CURVE_BRAINPOOL_P256R1:
+            return( MBEDTLS_ECP_DP_BP256R1 );
+        case PSA_ECC_CURVE_BRAINPOOL_P384R1:
+            return( MBEDTLS_ECP_DP_BP384R1 );
+        case PSA_ECC_CURVE_BRAINPOOL_P512R1:
+            return( MBEDTLS_ECP_DP_BP512R1 );
+        case PSA_ECC_CURVE_CURVE25519:
+            return( MBEDTLS_ECP_DP_CURVE25519 );
+        case PSA_ECC_CURVE_SECP192K1:
+            return( MBEDTLS_ECP_DP_SECP192K1 );
+        case PSA_ECC_CURVE_SECP224K1:
+            return( MBEDTLS_ECP_DP_SECP224K1 );
+        case PSA_ECC_CURVE_SECP256K1:
+            return( MBEDTLS_ECP_DP_SECP256K1 );
+        case PSA_ECC_CURVE_CURVE448:
+            return( MBEDTLS_ECP_DP_CURVE448 );
+        default:
+            return( MBEDTLS_ECP_DP_NONE );
+    }
+}
+
 static psa_status_t prepare_raw_data_slot( psa_key_type_t type,
                                            size_t bits,
                                            struct raw_data *raw )
@@ -2495,7 +2530,114 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
                                const void *parameters,
                                size_t parameters_size )
 {
-    return( PSA_ERROR_NOT_SUPPORTED );
+    key_slot_t *slot;
+
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    slot = &global_data.key_slots[key];
+    if( slot->type != PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_OCCUPIED_SLOT );
+    if( parameters == NULL && parameters_size != 0 )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    if( PSA_KEY_TYPE_IS_RAW_BYTES( type ) )
+    {
+        psa_status_t status = prepare_raw_data_slot( type, bits,
+                                                     &slot->data.raw );
+        if( status != PSA_SUCCESS )
+            return( status );
+        status = psa_generate_random( slot->data.raw.data,
+                                      slot->data.raw.bytes );
+        if( status != PSA_SUCCESS )
+        {
+            mbedtls_free( slot->data.raw.data );
+            return( status );
+        }
+#if defined(MBEDTLS_DES_C)
+        if( type == PSA_KEY_TYPE_DES )
+        {
+            mbedtls_des_key_set_parity( slot->data.raw.data );
+            if( slot->data.raw.bytes >= 16 )
+                mbedtls_des_key_set_parity( slot->data.raw.data + 8 );
+            if( slot->data.raw.bytes == 24 )
+                mbedtls_des_key_set_parity( slot->data.raw.data + 16 );
+        }
+#endif /* MBEDTLS_DES_C */
+    }
+    else
+
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
+    if ( type == PSA_KEY_TYPE_RSA_KEYPAIR )
+    {
+        mbedtls_rsa_context *rsa;
+        int ret;
+        int exponent = 65537;
+        if( parameters != NULL )
+        {
+            const unsigned *p = parameters;
+            if( parameters_size != sizeof( *p ) )
+                return( PSA_ERROR_INVALID_ARGUMENT );
+            if( *p > INT_MAX )
+                return( PSA_ERROR_INVALID_ARGUMENT );
+            exponent = *p;
+        }
+        rsa = mbedtls_calloc( 1, sizeof( *rsa ) );
+        if( rsa == NULL )
+            return( PSA_ERROR_INSUFFICIENT_MEMORY );
+        mbedtls_rsa_init( rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE );
+        ret = mbedtls_rsa_gen_key( rsa,
+                                   mbedtls_ctr_drbg_random,
+                                   &global_data.ctr_drbg,
+                                   bits,
+                                   exponent );
+        if( ret != 0 )
+        {
+            mbedtls_rsa_free( rsa );
+            mbedtls_free( rsa );
+            return( mbedtls_to_psa_error( ret ) );
+        }
+        slot->data.rsa = rsa;
+    }
+    else
+#endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */
+
+#if defined(MBEDTLS_ECP_C)
+    if ( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_KEYPAIR( type ) )
+    {
+        psa_ecc_curve_t curve = PSA_KEY_TYPE_GET_CURVE( type );
+        mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa( curve );
+        const mbedtls_ecp_curve_info *curve_info =
+            mbedtls_ecp_curve_info_from_grp_id( grp_id );
+        mbedtls_ecp_keypair *ecp;
+        int ret;
+        if( parameters != NULL )
+            return( PSA_ERROR_NOT_SUPPORTED );
+        if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
+            return( PSA_ERROR_NOT_SUPPORTED );
+        if( curve_info->bit_size != bits )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        ecp = mbedtls_calloc( 1, sizeof( *ecp ) );
+        if( ecp == NULL )
+            return( PSA_ERROR_INSUFFICIENT_MEMORY );
+        mbedtls_ecp_keypair_init( ecp );
+        ret = mbedtls_ecp_gen_key( grp_id, ecp,
+                                   mbedtls_ctr_drbg_random,
+                                   &global_data.ctr_drbg );
+        if( ret != 0 )
+        {
+            mbedtls_ecp_keypair_free( ecp );
+            mbedtls_free( ecp );
+            return( mbedtls_to_psa_error( ret ) );
+        }
+        slot->data.ecp = ecp;
+    }
+    else
+#endif /* MBEDTLS_ECP_C */
+
+        return( PSA_ERROR_NOT_SUPPORTED );
+
+    slot->type = type;
+    return( PSA_SUCCESS );
 }
 
 
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index b4c0fa97a..9902a0ecb 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -479,3 +479,54 @@ generate_random:16:0
 
 PSA generate random: 19 bytes
 generate_random:19:0
+
+PSA generate key: bad type (0xffffffff)
+generate_key:0xffffffff:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA generate key: bad type (RSA public key)
+generate_key:PSA_KEY_TYPE_RSA_PUBLIC_KEY:512:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED
+
+PSA generate key: raw data, 0 bits
+generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS
+
+PSA generate key: raw data, 8 bits
+generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS
+
+PSA generate key: raw data, 7 bits
+generate_key:PSA_KEY_TYPE_AES:7:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA generate key: AES, 128 bits, CTR
+depends_on:MBEDTLS_AES_C
+generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_SUCCESS
+
+PSA generate key: DES, 64 bits, CTR
+depends_on:MBEDTLS_DES_C
+generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_SUCCESS
+
+PSA generate key: DES, 128 bits, CTR
+depends_on:MBEDTLS_DES_C
+generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_SUCCESS
+
+PSA generate key: DES, 192 bits, CTR
+depends_on:MBEDTLS_DES_C
+generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_SUCCESS
+
+PSA generate key: invalid key size: AES, 64 bits
+depends_on:MBEDTLS_AES_C
+generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA generate key: RSA, 512 bits, good
+depends_on:MBEDTLS_RSA_C
+generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_SIGN|PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
+
+PSA generate key: RSA, 1024 bits, good
+depends_on:MBEDTLS_RSA_C
+generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_SIGN|PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
+
+PSA generate key: ECC, SECP256R1, good
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_SIGN|PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_RAW:PSA_SUCCESS
+
+PSA generate key: ECC, SECP256R1, incorrect bit size
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_SIGN|PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_RAW:PSA_ERROR_INVALID_ARGUMENT
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 958637560..1cd9c22a0 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1585,3 +1585,133 @@ exit:
     mbedtls_free( buffer2 );
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void generate_key( int type_arg,
+                   int bits_arg,
+                   int usage_arg,
+                   int alg_arg,
+                   int expected_status_arg )
+{
+    int slot = 1;
+    psa_key_type_t type = type_arg;
+    psa_key_usage_t usage = usage_arg;
+    size_t bits = bits_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_type_t got_type;
+    size_t got_bits;
+    unsigned char exported[616] = {0}; /* enough for a 1024-bit RSA key */
+    size_t exported_length;
+    psa_status_t expected_export_status =
+        usage & PSA_KEY_USAGE_EXPORT ? PSA_SUCCESS : PSA_ERROR_NOT_PERMITTED;
+    psa_status_t expected_info_status =
+        expected_status == PSA_SUCCESS ? PSA_SUCCESS : PSA_ERROR_EMPTY_SLOT;
+    psa_key_policy_t policy;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, usage, alg );
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    /* Generate a key */
+    TEST_ASSERT( psa_generate_key( slot, type, bits,
+                                   NULL, 0 ) == expected_status );
+
+    /* Test the key information */
+    TEST_ASSERT( psa_get_key_information( slot,
+                                          &got_type,
+                                          &got_bits ) == expected_info_status );
+    if( expected_info_status != PSA_SUCCESS )
+        goto exit;
+    TEST_ASSERT( got_type == type );
+    TEST_ASSERT( got_bits == bits );
+
+    /* Export the key */
+    TEST_ASSERT( psa_export_key( slot,
+                                 exported, sizeof( exported ),
+                                 &exported_length ) == expected_export_status );
+    if( expected_export_status == PSA_SUCCESS )
+    {
+        if( PSA_KEY_TYPE_IS_RAW_BYTES( type ) )
+            TEST_ASSERT( exported_length == ( bits + 7 ) / 8 );
+#if defined(MBEDTLS_DES_C)
+        if( type == PSA_KEY_TYPE_DES )
+        {
+            /* Check the parity bits. */
+            unsigned i;
+            for( i = 0; i < bits / 8; i++ )
+            {
+                unsigned bit_count = 0;
+                unsigned m;
+                for( m = 1; m <= 0x100; m <<= 1 )
+                {
+                    if( exported[i] & m )
+                        ++bit_count;
+                }
+                TEST_ASSERT( bit_count % 2 != 0 );
+            }
+        }
+#endif
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C)
+        if( type == PSA_KEY_TYPE_RSA_KEYPAIR )
+        {
+            /* Sanity check: does this look like the beginning of a PKCS#8
+             * RSA key pair? Assumes bits is a multiple of 8. */
+            size_t n_bytes = bits / 8 + 1;
+            size_t n_encoded_bytes;
+            unsigned char *n_end;
+            TEST_ASSERT( exported_length >= 7 + ( n_bytes + 3 ) * 9 / 2 );
+            TEST_ASSERT( exported[0] == 0x30 );
+            TEST_ASSERT( exported[1] == 0x82 ); // assumes >=416-bit key
+            TEST_ASSERT( exported[4] == 0x02 );
+            TEST_ASSERT( exported[5] == 0x01 );
+            TEST_ASSERT( exported[6] == 0x00 );
+            TEST_ASSERT( exported[7] == 0x02 );
+            n_encoded_bytes = exported[8];
+            n_end = exported + 9 + n_encoded_bytes;
+            if( n_encoded_bytes & 0x80 )
+            {
+                n_encoded_bytes = ( n_encoded_bytes & 0x7f ) << 7;
+                n_encoded_bytes |= exported[9] & 0x7f;
+                n_end += 1;
+            }
+            /* The encoding of n should start with a 0 byte since it should
+             * have its high bit set. However Mbed TLS is not compliant and
+             * generates an invalid, but widely tolerated, encoding of
+             * positive INTEGERs with a bit size that is a multiple of 8
+             * with no leading 0 byte. Accept this here. */
+            TEST_ASSERT( n_bytes == n_encoded_bytes ||
+                         n_bytes == n_encoded_bytes + 1 );
+            if( n_bytes == n_encoded_bytes )
+                TEST_ASSERT( exported[n_encoded_bytes <= 127 ? 9 : 10] == 0x00 );
+            /* Sanity check: e must be 3 */
+            TEST_ASSERT( n_end[0] == 0x02 );
+            TEST_ASSERT( n_end[1] == 0x03 );
+            TEST_ASSERT( n_end[2] == 0x01 );
+            TEST_ASSERT( n_end[3] == 0x00 );
+            TEST_ASSERT( n_end[4] == 0x01 );
+            TEST_ASSERT( n_end[5] == 0x02 );
+        }
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECP_C)
+        if( PSA_KEY_TYPE_IS_ECC( type ) )
+        {
+            /* Sanity check: does this look like the beginning of a PKCS#8
+             * elliptic curve key pair? */
+            TEST_ASSERT( exported_length >= bits * 3 / 8 + 10 );
+            TEST_ASSERT( exported[0] == 0x30 );
+        }
+#endif /* MBEDTLS_ECP_C */
+    }
+
+    /* We should do something with the key according to its permitted usage.
+     * This would require figuring out what the key type allows or
+     * specifying it somehow in the test data. */
+
+exit:
+    psa_destroy_key( slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */

From c939f6fcba1cda328c4a21b7c8df596690e36add Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Wed, 20 Jun 2018 11:11:08 +0100
Subject: [PATCH 280/889] fixup! New function mbedtls_rsa_get_bitlen

In some configurations (like config-mini-tls1_1.h), size is unused. This
leads to failures when building with CMake Asan, because that build
doesn't use "-Wno-unused-value".

Fixes: e01822299624 ("New function mbedtls_rsa_get_bitlen")
---
 tests/suites/test_suite_pk.function | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index a1d9b0b7a..916b3c54d 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -16,6 +16,7 @@ static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len );
 static int pk_genkey( mbedtls_pk_context *pk, int size )
 {
     ((void) pk);
+    ((void) size);
 
 #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
     if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_RSA )

From 16c0f4f787e7d4f52072b4ad211fdc6e04c2c98e Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 20 Jun 2018 16:05:20 +0200
Subject: [PATCH 281/889] Fix potential memory corruption on MAC/cipher setup
 failure

When psa_mac_start(), psa_encrypt_setup() or psa_cipher_setup()
failed, depending on when the failure happened, it was possible that
psa_mac_abort() or psa_cipher_abort() would crash because it would try
to call a free() function uninitialized data in the operation
structure. Refactor the functions so that they initialize the
operation structure before doing anything else.

Add non-regression tests and a few more positive and negative unit
tests for psa_mac_start() and psa_cipher_setup() (the latter via
psa_encrypt_setip()).
---
 library/psa_crypto.c                        | 94 +++++++++++++++------
 tests/suites/test_suite_psa_crypto.data     | 47 +++++++++++
 tests/suites/test_suite_psa_crypto.function | 85 +++++++++++++++++++
 3 files changed, 202 insertions(+), 24 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index d75226cc6..535384c42 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1133,10 +1133,53 @@ static size_t psa_get_hash_block_size( psa_algorithm_t alg )
     }
 }
 
+/* Initialize the MAC operation structure. Once this function has been
+ * called, psa_mac_abort can run and will do the right thing. */
+static psa_status_t psa_mac_init( psa_mac_operation_t *operation,
+                                  psa_algorithm_t alg )
+{
+    psa_status_t status = PSA_ERROR_NOT_SUPPORTED;
+
+    operation->alg = alg;
+    operation->key_set = 0;
+    operation->iv_set = 0;
+    operation->iv_required = 0;
+    operation->has_input = 0;
+    operation->key_usage_sign = 0;
+    operation->key_usage_verify = 0;
+
+#if defined(MBEDTLS_CMAC_C)
+    if( alg == PSA_ALG_CMAC )
+    {
+        operation->iv_required = 0;
+        mbedtls_cipher_init( &operation->ctx.cmac );
+        status = PSA_SUCCESS;
+    }
+    else
+#endif /* MBEDTLS_CMAC_C */
+#if defined(MBEDTLS_MD_C)
+    if( PSA_ALG_IS_HMAC( operation->alg ) )
+    {
+        status = psa_hash_start( &operation->ctx.hmac.hash_ctx,
+                                 PSA_ALG_HMAC_HASH( alg ) );
+    }
+    else
+#endif /* MBEDTLS_MD_C */
+    {
+        /* fall through with NOT_SUPPORTED */
+    }
+
+    if( status != PSA_SUCCESS )
+        memset( operation, 0, sizeof( *operation ) );
+    return( status );
+}
+
 psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
 {
     switch( operation->alg )
     {
+        case 0:
+            return( PSA_SUCCESS );
 #if defined(MBEDTLS_CMAC_C)
         case PSA_ALG_CMAC:
             mbedtls_cipher_free( &operation->ctx.cmac );
@@ -1165,6 +1208,8 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
     operation->iv_set = 0;
     operation->iv_required = 0;
     operation->has_input = 0;
+    operation->key_usage_sign = 0;
+    operation->key_usage_verify = 0;
 
     return( PSA_SUCCESS );
 }
@@ -1178,8 +1223,6 @@ static int psa_cmac_start( psa_mac_operation_t *operation,
     int ret;
 
     operation->mac_size = cipher_info->block_size;
-    operation->iv_required = 0;
-    mbedtls_cipher_init( &operation->ctx.cmac );
 
     ret = mbedtls_cipher_setup( &operation->ctx.cmac, cipher_info );
     if( ret != 0 )
@@ -1213,14 +1256,9 @@ static int psa_hmac_start( psa_mac_operation_t *operation,
     if( key_type != PSA_KEY_TYPE_HMAC )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    operation->iv_required = 0;
     operation->mac_size = digest_size;
 
-    status = psa_hash_start( &operation->ctx.hmac.hash_ctx,
-                             PSA_ALG_HMAC_HASH( alg ) );
-    if( status != PSA_SUCCESS )
-        return( status );
-
+    /* The hash was started earlier in psa_mac_init. */
     if( key_length > block_size )
     {
         status = psa_hash_update( &operation->ctx.hmac.hash_ctx,
@@ -1274,13 +1312,9 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
     size_t key_bits;
     const mbedtls_cipher_info_t *cipher_info = NULL;
 
-    operation->alg = 0;
-    operation->key_set = 0;
-    operation->iv_set = 0;
-    operation->iv_required = 1;
-    operation->has_input = 0;
-    operation->key_usage_sign = 0;
-    operation->key_usage_verify = 0;
+    status = psa_mac_init( operation, alg );
+    if( status != PSA_SUCCESS )
+        return( status );
 
     status = psa_get_key_information( key, &key_type, &key_bits );
     if( status != PSA_SUCCESS )
@@ -1332,7 +1366,6 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
 
     else
     {
-        operation->alg = alg;
         operation->key_set = 1;
     }
     return( status );
@@ -1872,6 +1905,21 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
 /* Symmetric cryptography */
 /****************************************************************/
 
+/* Initialize the cipher operation structure. Once this function has been
+ * called, psa_cipher_abort can run and will do the right thing. */
+static psa_status_t psa_cipher_init( psa_cipher_operation_t *operation,
+                                     psa_algorithm_t alg )
+{
+    operation->alg = alg;
+    operation->key_set = 0;
+    operation->iv_set = 0;
+    operation->iv_required = 1;
+    operation->iv_size = 0;
+    operation->block_size = 0;
+    mbedtls_cipher_init( &operation->ctx.cipher );
+    return( PSA_SUCCESS );
+}
+
 static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
                                       psa_key_slot_t key,
                                       psa_algorithm_t alg,
@@ -1884,12 +1932,9 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
     size_t key_bits;
     const mbedtls_cipher_info_t *cipher_info = NULL;
 
-    operation->alg = alg;
-    operation->key_set = 0;
-    operation->iv_set = 0;
-    operation->iv_required = 1;
-    operation->iv_size = 0;
-    operation->block_size = 0;
+    status = psa_cipher_init( operation, alg );
+    if( status != PSA_SUCCESS )
+        return( status );
 
     status = psa_get_key_information( key, &key_type, &key_bits );
     if( status != PSA_SUCCESS )
@@ -1900,7 +1945,6 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
     if( cipher_info == NULL )
         return( PSA_ERROR_NOT_SUPPORTED );
 
-    mbedtls_cipher_init( &operation->ctx.cipher );
     ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info );
     if( ret != 0 )
     {
@@ -1944,7 +1988,6 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
 #endif //MBEDTLS_CIPHER_MODE_WITH_PADDING
 
     operation->key_set = 1;
-    operation->alg = alg;
     operation->block_size = ( PSA_ALG_IS_BLOCK_CIPHER( alg ) ?
                               PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) :
                               1 );
@@ -2119,6 +2162,9 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,
 
 psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation )
 {
+    if( operation->alg == 0 )
+        return( PSA_SUCCESS );
+
     mbedtls_cipher_free( &operation->ctx.cipher );
 
     operation->alg = 0;
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 9902a0ecb..552faf9c4 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -106,6 +106,14 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED
 PSA key lifetime set: invalid key lifetime value
 key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
 
+PSA hash setup: good, SHA-256
+depends_on:MBEDTLS_SHA256_C
+hash_setup:PSA_ALG_SHA_256:PSA_SUCCESS
+
+PSA hash setup: bad (unknown hash algorithm)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+hash_setup:0x80000000 | PSA_ALG_SHA_256:PSA_ERROR_NOT_SUPPORTED
+
 PSA hash finish: SHA-256
 depends_on:MBEDTLS_SHA256_C
 hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
@@ -114,6 +122,27 @@ PSA hash verify: SHA-256
 depends_on:MBEDTLS_SHA256_C
 hash_verify:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
 
+PSA MAC setup: good, HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
+
+PSA MAC setup: good, AES-CMAC
+depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
+mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_SUCCESS
+
+PSA MAC setup: bad algorithm (unknown MAC algorithm)
+depends_on:MBEDTLS_MD_C
+mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(0):PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC setup: invalid key type, HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
+PSA MAC setup: incompatible key DES for CMAC
+depends_on:MBEDTLS_DES_C:MBEDTLS_CMAC_C
+# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
+mac_setup:PSA_KEY_TYPE_DES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED
+
 PSA MAC verify: HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 mac_verify:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):"53616d706c65206d65737361676520666f72206b65796c656e3d626c6f636b6c656e":"8bb9a1db9806f20df7f77b82138c7914d174d59e13dc4d0169c9057b133e1d62"
@@ -218,6 +247,24 @@ PSA MAC verify: CMAC-AES-128
 depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
 mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
 
+PSA cipher setup: good, AES-CTR
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_SUCCESS
+
+PSA cipher setup: bad algorithm (unknown cipher algorithm)
+depends_on:MBEDTLS_AES_C
+cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CATEGORY_CIPHER:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher setup: invalid key type, CTR
+depends_on:MBEDTLS_CIPHER_MODE_CTR
+# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
+cipher_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED
+
+PSA cipher setup: incompatible key ARC4 for CTR
+depends_on:MBEDTLS_ARC4_C:MBEDTLS_CIPHER_MODE_CTR
+# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
+cipher_setup:PSA_KEY_TYPE_ARC4:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED
+
 PSA symmetric encrypt: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 1cd9c22a0..ee781326e 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -374,6 +374,25 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void hash_setup( int alg_arg,
+                 int expected_status_arg )
+{
+    psa_algorithm_t alg = alg_arg;
+    psa_hash_operation_t operation;
+    psa_status_t status;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    status = psa_hash_start( &operation, alg );
+    psa_hash_abort( &operation );
+    TEST_ASSERT( status == (psa_status_t) expected_status_arg );
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
 {
@@ -430,6 +449,40 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void mac_setup( int key_type_arg,
+                data_t *key,
+                int alg_arg,
+                int expected_status_arg )
+{
+    int key_slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_mac_operation_t operation;
+    psa_key_policy_t policy;
+    psa_status_t status;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy,
+                              PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY,
+                              alg );
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key->x, key->len ) == PSA_SUCCESS );
+
+    status = psa_mac_start( &operation, key_slot, alg );
+    psa_mac_abort( &operation );
+    TEST_ASSERT( status == (psa_status_t) expected_status_arg );
+
+exit:
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void mac_verify( int key_type_arg,
                  data_t *key,
@@ -473,6 +526,38 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void cipher_setup( int key_type_arg,
+                   data_t *key,
+                   int alg_arg,
+                   int expected_status_arg )
+{
+    int key_slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_cipher_operation_t operation;
+    psa_key_policy_t policy;
+    psa_status_t status;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key->x, key->len ) == PSA_SUCCESS );
+
+    status = psa_encrypt_setup( &operation, key_slot, alg );
+    psa_cipher_abort( &operation );
+    TEST_ASSERT( status == (psa_status_t) expected_status_arg );
+
+exit:
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void cipher_encrypt( int alg_arg, int key_type_arg,
                      data_t *key,

From 248051acb6a1d24bb83504cd9eaae2a3f9418044 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 20 Jun 2018 16:09:38 +0200
Subject: [PATCH 282/889] Add missing #ifdef guards around psa_hmac_start

---
 library/psa_crypto.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 535384c42..dba8a5daf 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1235,6 +1235,7 @@ static int psa_cmac_start( psa_mac_operation_t *operation,
 }
 #endif /* MBEDTLS_CMAC_C */
 
+#if defined(MBEDTLS_MD_C)
 static int psa_hmac_start( psa_mac_operation_t *operation,
                            psa_key_type_t key_type,
                            key_slot_t *slot,
@@ -1301,6 +1302,7 @@ cleanup:
 
     return( status );
 }
+#endif /* MBEDTLS_MD_C */
 
 psa_status_t psa_mac_start( psa_mac_operation_t *operation,
                             psa_key_slot_t key,
@@ -1357,13 +1359,11 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
     }
 
     /* If we reach this point, then the algorithm-specific part of the
-
      * context may contain data that needs to be wiped on error. */
     if( status != PSA_SUCCESS )
     {
         psa_mac_abort( operation );
     }
-
     else
     {
         operation->key_set = 1;

From c06e07128c0588f100803eda09cd11b42bb5f16e Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 20 Jun 2018 16:21:04 +0200
Subject: [PATCH 283/889] Favor INVALID_ARGUMENT over NOT_SUPPORTED for bad
 algorithm types

In psa_hash_start, psa_mac_start and psa_cipher_setup, return
PSA_ERROR_INVALID_ARGUMENT rather than PSA_ERROR_NOT_SUPPORTED when
the algorithm parameter is not the right category.
---
 library/psa_crypto.c                    | 13 +++++++++++--
 tests/suites/test_suite_psa_crypto.data | 12 ++++++++++++
 2 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index dba8a5daf..90b43549c 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -865,7 +865,9 @@ psa_status_t psa_hash_start( psa_hash_operation_t *operation,
             break;
 #endif
         default:
-            return( PSA_ERROR_NOT_SUPPORTED );
+            return( PSA_ALG_IS_HASH( alg ) ?
+                    PSA_ERROR_NOT_SUPPORTED :
+                    PSA_ERROR_INVALID_ARGUMENT );
     }
     if( ret == 0 )
         operation->alg = alg;
@@ -1166,7 +1168,8 @@ static psa_status_t psa_mac_init( psa_mac_operation_t *operation,
     else
 #endif /* MBEDTLS_MD_C */
     {
-        /* fall through with NOT_SUPPORTED */
+        if( ! PSA_ALG_IS_MAC( alg ) )
+            status = PSA_ERROR_INVALID_ARGUMENT;
     }
 
     if( status != PSA_SUCCESS )
@@ -1910,6 +1913,12 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
 static psa_status_t psa_cipher_init( psa_cipher_operation_t *operation,
                                      psa_algorithm_t alg )
 {
+    if( ! PSA_ALG_IS_CIPHER( alg ) )
+    {
+        memset( operation, 0, sizeof( *operation ) );
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    }
+
     operation->alg = alg;
     operation->key_set = 0;
     operation->iv_set = 0;
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 552faf9c4..c0d7c3ebe 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -114,6 +114,10 @@ PSA hash setup: bad (unknown hash algorithm)
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 hash_setup:0x80000000 | PSA_ALG_SHA_256:PSA_ERROR_NOT_SUPPORTED
 
+PSA hash setup: bad (not a hash algorithm)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
+
 PSA hash finish: SHA-256
 depends_on:MBEDTLS_SHA256_C
 hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
@@ -134,6 +138,10 @@ PSA MAC setup: bad algorithm (unknown MAC algorithm)
 depends_on:MBEDTLS_MD_C
 mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(0):PSA_ERROR_NOT_SUPPORTED
 
+PSA MAC setup: bad algorithm (not a MAC algorithm)
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_ERROR_INVALID_ARGUMENT
+
 PSA MAC setup: invalid key type, HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
@@ -255,6 +263,10 @@ PSA cipher setup: bad algorithm (unknown cipher algorithm)
 depends_on:MBEDTLS_AES_C
 cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CATEGORY_CIPHER:PSA_ERROR_NOT_SUPPORTED
 
+PSA cipher setup: bad algorithm (not a cipher algorithm)
+depends_on:MBEDTLS_AES_C
+cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
+
 PSA cipher setup: invalid key type, CTR
 depends_on:MBEDTLS_CIPHER_MODE_CTR
 # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here

From 818ca1283a44506ac3ab13fb79edb3a60cae10ed Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 20 Jun 2018 18:16:48 +0200
Subject: [PATCH 284/889] generate_key tests: exercise the key

After generating a key, perform a smoke test: run one operation with
it and check that the operation has the expected status.
---
 tests/suites/test_suite_psa_crypto.data     |  38 ++--
 tests/suites/test_suite_psa_crypto.function | 238 +++++++++++++++++++-
 2 files changed, 258 insertions(+), 18 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index c0d7c3ebe..2e6b63e33 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -556,36 +556,44 @@ generate_key:PSA_KEY_TYPE_AES:7:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMEN
 
 PSA generate key: AES, 128 bits, CTR
 depends_on:MBEDTLS_AES_C
-generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_SUCCESS
+generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_SUCCESS
 
-PSA generate key: DES, 64 bits, CTR
-depends_on:MBEDTLS_DES_C
-generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_SUCCESS
+PSA generate key: AES, 128 bits, GCM
+depends_on:MBEDTLS_AES_C
+generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_GCM:PSA_SUCCESS
 
-PSA generate key: DES, 128 bits, CTR
+PSA generate key: DES, 64 bits, CBC-nopad
 depends_on:MBEDTLS_DES_C
-generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_SUCCESS
+generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS
 
-PSA generate key: DES, 192 bits, CTR
+PSA generate key: DES, 128 bits, CBC-nopad
 depends_on:MBEDTLS_DES_C
-generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_SUCCESS
+generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS
+
+PSA generate key: DES, 192 bits, CBC-nopad
+depends_on:MBEDTLS_DES_C
+generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS
 
 PSA generate key: invalid key size: AES, 64 bits
 depends_on:MBEDTLS_AES_C
-generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
+generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
 
-PSA generate key: RSA, 512 bits, good
+PSA generate key: RSA, 512 bits, good, sign
 depends_on:MBEDTLS_RSA_C
-generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_SIGN|PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
+generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
 
-PSA generate key: RSA, 1024 bits, good
+PSA generate key: RSA, 1024 bits, good, sign
 depends_on:MBEDTLS_RSA_C
-generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_SIGN|PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
+generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
+
+PSA generate key: RSA, 512 bits, good, encrypt
+depends_on:MBEDTLS_RSA_C
+generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS
 
 PSA generate key: ECC, SECP256R1, good
 depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_SIGN|PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_RAW:PSA_SUCCESS
+generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_RAW | PSA_ALG_SHA_256:PSA_SUCCESS
 
 PSA generate key: ECC, SECP256R1, incorrect bit size
 depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT|PSA_KEY_USAGE_SIGN|PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_RAW:PSA_ERROR_INVALID_ARGUMENT
+generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_RAW:PSA_ERROR_INVALID_ARGUMENT
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index ee781326e..ac6746d06 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -26,6 +26,230 @@ int mem_is_nonzero( void *buffer, size_t size )
     }
     return( 0 );
 }
+
+static int exercise_mac_key( psa_key_slot_t key,
+                             psa_key_usage_t usage,
+                             psa_algorithm_t alg )
+{
+    psa_mac_operation_t operation;
+    const unsigned char input[] = "foo";
+    unsigned char mac[64] = {0};
+    size_t mac_length = sizeof( mac );
+
+    if( usage & PSA_KEY_USAGE_SIGN )
+    {
+        TEST_ASSERT( psa_mac_start( &operation, key, alg ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_mac_update( &operation,
+                                     input, sizeof( input ) ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_mac_finish( &operation,
+                                     mac, sizeof( input ),
+                                     &mac_length ) == PSA_SUCCESS );
+    }
+
+    if( usage & PSA_KEY_USAGE_VERIFY )
+    {
+        psa_status_t verify_status =
+            ( usage & PSA_KEY_USAGE_SIGN ?
+              PSA_SUCCESS :
+              PSA_ERROR_INVALID_SIGNATURE );
+        TEST_ASSERT( psa_mac_start( &operation, key, alg ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_mac_update( &operation,
+                                     input, sizeof( input ) ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_mac_verify( &operation, mac, mac_length ) == verify_status );
+    }
+
+    return( 1 );
+
+exit:
+    psa_mac_abort( &operation );
+    return( 0 );
+}
+
+static int exercise_cipher_key( psa_key_slot_t key,
+                                psa_key_usage_t usage,
+                                psa_algorithm_t alg )
+{
+    psa_cipher_operation_t operation;
+    unsigned char iv[16] = {0};
+    size_t iv_length = sizeof( iv );
+    const unsigned char plaintext[16] = "Hello, world...";
+    unsigned char ciphertext[32] = "(wabblewebblewibblewobblewubble)";
+    size_t ciphertext_length = sizeof( ciphertext );
+    unsigned char decrypted[sizeof( ciphertext )];
+    size_t part_length;
+
+    if( usage & PSA_KEY_USAGE_ENCRYPT )
+    {
+        TEST_ASSERT( psa_encrypt_setup( &operation, key, alg ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_encrypt_generate_iv( &operation,
+                                              iv, sizeof( iv ),
+                                              &iv_length ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_cipher_update( &operation,
+                                        plaintext, sizeof( plaintext ),
+                                        ciphertext, sizeof( ciphertext ),
+                                        &ciphertext_length ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_cipher_finish( &operation,
+                                        ciphertext + ciphertext_length,
+                                        sizeof( ciphertext ) - ciphertext_length,
+                                        &part_length ) == PSA_SUCCESS );
+        ciphertext_length += part_length;
+    }
+
+    if( usage & PSA_KEY_USAGE_DECRYPT )
+    {
+        psa_status_t status;
+        if( ! ( usage & PSA_KEY_USAGE_ENCRYPT ) )
+        {
+            psa_key_type_t type;
+            size_t bits;
+            TEST_ASSERT( psa_get_key_information( key, &type, &bits ) );
+            iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE( type );
+        }
+        TEST_ASSERT( psa_decrypt_setup( &operation, key, alg ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_encrypt_set_iv( &operation,
+                                         iv, iv_length ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_cipher_update( &operation,
+                                        ciphertext, ciphertext_length,
+                                        decrypted, sizeof( decrypted ),
+                                        &part_length ) == PSA_SUCCESS );
+        status = psa_cipher_finish( &operation,
+                                    decrypted + part_length,
+                                    sizeof( decrypted ) - part_length,
+                                    &part_length );
+        /* For a stream cipher, all inputs are valid. For a block cipher,
+         * if the input is some aribtrary data rather than an actual
+         ciphertext, a padding error is likely.  */
+        if( ( usage & PSA_KEY_USAGE_DECRYPT ) ||
+            PSA_BLOCK_CIPHER_BLOCK_SIZE( alg ) == 1 )
+            TEST_ASSERT( status == PSA_SUCCESS );
+        else
+            TEST_ASSERT( status == PSA_SUCCESS ||
+                         status == PSA_ERROR_INVALID_PADDING );
+    }
+
+    return( 1 );
+
+exit:
+    psa_cipher_abort( &operation );
+    return( 0 );
+}
+
+static int exercise_aead_key( psa_key_slot_t key,
+                              psa_key_usage_t usage,
+                              psa_algorithm_t alg )
+{
+    unsigned char nonce[16] = {0};
+    size_t nonce_length = sizeof( nonce );
+    unsigned char plaintext[16] = "Hello, world...";
+    unsigned char ciphertext[48] = "(wabblewebblewibblewobblewubble)";
+    size_t ciphertext_length = sizeof( ciphertext );
+    size_t plaintext_length = sizeof( ciphertext );
+
+    if( usage & PSA_KEY_USAGE_ENCRYPT )
+    {
+        TEST_ASSERT( psa_aead_encrypt( key, alg,
+                                       nonce, nonce_length,
+                                       NULL, 0,
+                                       plaintext, sizeof( plaintext ),
+                                       ciphertext, sizeof( ciphertext ),
+                                       &ciphertext_length ) == PSA_SUCCESS );
+    }
+
+    if( usage & PSA_KEY_USAGE_DECRYPT )
+    {
+        psa_status_t verify_status =
+            ( usage & PSA_KEY_USAGE_ENCRYPT ?
+              PSA_SUCCESS :
+              PSA_ERROR_INVALID_SIGNATURE );
+        TEST_ASSERT( psa_aead_decrypt( key, alg,
+                                       nonce, nonce_length,
+                                       NULL, 0,
+                                       ciphertext, ciphertext_length,
+                                       plaintext, sizeof( plaintext ),
+                                       &plaintext_length ) == verify_status );
+    }
+
+    return( 1 );
+
+exit:
+    return( 0 );
+}
+
+static int exercise_signature_key( psa_key_slot_t key,
+                                   psa_key_usage_t usage,
+                                   psa_algorithm_t alg )
+{
+    unsigned char payload[16] = {0};
+    size_t payload_length = sizeof( payload );
+    unsigned char signature[256] = {0};
+    size_t signature_length = sizeof( signature );
+
+    if( usage & PSA_KEY_USAGE_SIGN )
+    {
+        TEST_ASSERT( psa_asymmetric_sign( key, alg,
+                                          payload, payload_length,
+                                          NULL, 0,
+                                          signature, sizeof( signature ),
+                                          &signature_length ) == PSA_SUCCESS );
+    }
+
+    if( usage & PSA_KEY_USAGE_VERIFY )
+    {
+        psa_status_t verify_status =
+            ( usage & PSA_KEY_USAGE_SIGN ?
+              PSA_SUCCESS :
+              PSA_ERROR_INVALID_SIGNATURE );
+        TEST_ASSERT( psa_asymmetric_verify( key, alg,
+                                            payload, payload_length,
+                                            NULL, 0,
+                                            signature, signature_length ) ==
+                     verify_status );
+    }
+
+    return( 1 );
+
+exit:
+    return( 0 );
+}
+
+static int exercise_asymmetric_encryption_key( psa_key_slot_t key,
+                                               psa_key_usage_t usage,
+                                               psa_algorithm_t alg )
+{
+    unsigned char plaintext[256] = "Hello, world...";
+    unsigned char ciphertext[256] = "(wabblewebblewibblewobblewubble)";
+    size_t ciphertext_length = sizeof( ciphertext );
+    size_t plaintext_length = 16;
+
+    if( usage & PSA_KEY_USAGE_ENCRYPT )
+    {
+        TEST_ASSERT(
+            psa_asymmetric_encrypt( key, alg,
+                                    plaintext, plaintext_length,
+                                    NULL, 0,
+                                    ciphertext, sizeof( ciphertext ),
+                                    &ciphertext_length ) == PSA_SUCCESS );
+    }
+
+    if( usage & PSA_KEY_USAGE_DECRYPT )
+    {
+        psa_status_t status =
+            psa_asymmetric_decrypt( key, alg,
+                                    ciphertext, ciphertext_length,
+                                    NULL, 0,
+                                    plaintext, sizeof( plaintext ),
+                                    &plaintext_length );
+        TEST_ASSERT( status == PSA_SUCCESS ||
+                     ( ( usage & PSA_KEY_USAGE_ENCRYPT ) == 0 &&
+                       ( status == PSA_ERROR_INVALID_ARGUMENT ||
+                         status == PSA_ERROR_INVALID_PADDING ) ) );
+    }
+
+    return( 1 );
+
+exit:
+    return( 0 );
+}
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
@@ -1791,9 +2015,17 @@ void generate_key( int type_arg,
 #endif /* MBEDTLS_ECP_C */
     }
 
-    /* We should do something with the key according to its permitted usage.
-     * This would require figuring out what the key type allows or
-     * specifying it somehow in the test data. */
+    /* Do something with the key according to its type and permitted usage. */
+    if( PSA_ALG_IS_MAC( alg ) )
+        exercise_mac_key( slot, usage, alg );
+    else if( PSA_ALG_IS_CIPHER( alg ) )
+        exercise_cipher_key( slot, usage, alg );
+    else if( PSA_ALG_IS_AEAD( alg ) )
+        exercise_aead_key( slot, usage, alg );
+    else if( PSA_ALG_IS_SIGN( alg ) )
+        exercise_signature_key( slot, usage, alg );
+    else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) )
+        exercise_asymmetric_encryption_key( slot, usage, alg );
 
 exit:
     psa_destroy_key( slot );

From 3f669c374af40f5fbf980e4ec430a7e007f1fffd Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 21 Jun 2018 09:21:51 +0200
Subject: [PATCH 285/889] Simplify mem_is_nonzero to mem_is_zero

This also fixes a bug that the value that mem_is_nonzero tried to
return could overflow int.
---
 tests/suites/test_suite_psa_crypto.function | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index ac6746d06..773163ba1 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -13,18 +13,18 @@
  * \param buffer    Pointer to the beginning of the buffer.
  * \param size      Size of the buffer in bytes.
  *
- * \return          0 if the buffer is all-bits-zero.
- * \return          A nonzero value otherwise.
+ * \return          1 if the buffer is all-bits-zero.
+ * \return          0 if there is at least one nonzero byte.
  */
-int mem_is_nonzero( void *buffer, size_t size )
+static int mem_is_zero( void *buffer, size_t size )
 {
     size_t i;
     for( i = 0; i < size; i++ )
     {
         if( ( (unsigned char *) buffer )[i] != 0 )
-            return( i + 1 );
+            return( 0 );
     }
-    return( 0 );
+    return( 1 );
 }
 
 static int exercise_mac_key( psa_key_slot_t key,
@@ -349,8 +349,8 @@ void import_export( data_t *data,
                              exported, export_size,
                              &exported_length );
     TEST_ASSERT( status == (psa_status_t) expected_export_status );
-    TEST_ASSERT( ! mem_is_nonzero( exported + exported_length,
-                                   export_size - exported_length ) );
+    TEST_ASSERT( mem_is_zero( exported + exported_length,
+                              export_size - exported_length ) );
     if( status != PSA_SUCCESS )
     {
         TEST_ASSERT( exported_length == 0 );

From b866e2b4d26c2580a9c903f160fc08a0c9c9a9cf Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 21 Jun 2018 09:25:10 +0200
Subject: [PATCH 286/889] Get rid of some casts in test_suite_psa_crypto

Use more auxiliary variables to unmarshall int values.
---
 tests/suites/test_suite_psa_crypto.function | 34 +++++++++++++--------
 1 file changed, 21 insertions(+), 13 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 773163ba1..84cb69a66 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -274,9 +274,10 @@ void init_deinit( )
 /* END_CASE */
 
 /* BEGIN_CASE */
-void import( data_t *data, int type, int expected_status )
+void import( data_t *data, int type, int expected_status_arg )
 {
     int slot = 1;
+    psa_status_t expected_status = expected_status_arg;
     psa_status_t status;
 
     TEST_ASSERT( data != NULL );
@@ -284,7 +285,7 @@ void import( data_t *data, int type, int expected_status )
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     status = psa_import_key( slot, type, data->x, data->len );
-    TEST_ASSERT( status == (psa_status_t) expected_status );
+    TEST_ASSERT( status == expected_status );
     if( status == PSA_SUCCESS )
         TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
 
@@ -300,13 +301,14 @@ void import_export( data_t *data,
                     int usage_arg,
                     int expected_bits,
                     int export_size_delta,
-                    int expected_export_status,
+                    int expected_export_status_arg,
                     int canonical_input )
 {
     int slot = 1;
     int slot2 = slot + 1;
     psa_key_type_t type = type_arg;
     psa_algorithm_t alg = alg_arg;
+    psa_status_t expected_export_status = expected_export_status_arg;
     psa_status_t status;
     unsigned char *exported = NULL;
     unsigned char *reexported = NULL;
@@ -348,7 +350,7 @@ void import_export( data_t *data,
     status = psa_export_key( slot,
                              exported, export_size,
                              &exported_length );
-    TEST_ASSERT( status == (psa_status_t) expected_export_status );
+    TEST_ASSERT( status == expected_export_status );
     TEST_ASSERT( mem_is_zero( exported + exported_length,
                               export_size - exported_length ) );
     if( status != PSA_SUCCESS )
@@ -397,11 +399,12 @@ void import_export_public_key( data_t *data,
                                int alg_arg,
                                int expected_bits,
                                int public_key_expected_length,
-                               int expected_export_status )
+                               int expected_export_status_arg )
 {
     int slot = 1;
     psa_key_type_t type = type_arg;
     psa_algorithm_t alg = alg_arg;
+    psa_status_t expected_export_status = expected_export_status_arg;
     psa_status_t status;
     unsigned char *exported = NULL;
     size_t export_size;
@@ -437,7 +440,7 @@ void import_export_public_key( data_t *data,
     status = psa_export_public_key( slot,
                                     exported, export_size,
                                     &exported_length );
-    TEST_ASSERT( status == (psa_status_t) expected_export_status );
+    TEST_ASSERT( status == expected_export_status );
     if( status != PSA_SUCCESS )
         goto destroy;
 
@@ -603,6 +606,7 @@ void hash_setup( int alg_arg,
                  int expected_status_arg )
 {
     psa_algorithm_t alg = alg_arg;
+    psa_status_t expected_status = expected_status_arg;
     psa_hash_operation_t operation;
     psa_status_t status;
 
@@ -610,7 +614,7 @@ void hash_setup( int alg_arg,
 
     status = psa_hash_start( &operation, alg );
     psa_hash_abort( &operation );
-    TEST_ASSERT( status == (psa_status_t) expected_status_arg );
+    TEST_ASSERT( status == expected_status );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -682,6 +686,7 @@ void mac_setup( int key_type_arg,
     int key_slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
+    psa_status_t expected_status = expected_status_arg;
     psa_mac_operation_t operation;
     psa_key_policy_t policy;
     psa_status_t status;
@@ -699,7 +704,7 @@ void mac_setup( int key_type_arg,
 
     status = psa_mac_start( &operation, key_slot, alg );
     psa_mac_abort( &operation );
-    TEST_ASSERT( status == (psa_status_t) expected_status_arg );
+    TEST_ASSERT( status == expected_status );
 
 exit:
     psa_destroy_key( key_slot );
@@ -759,6 +764,7 @@ void cipher_setup( int key_type_arg,
     int key_slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
+    psa_status_t expected_status = expected_status_arg;
     psa_cipher_operation_t operation;
     psa_key_policy_t policy;
     psa_status_t status;
@@ -774,7 +780,7 @@ void cipher_setup( int key_type_arg,
 
     status = psa_encrypt_setup( &operation, key_slot, alg );
     psa_cipher_abort( &operation );
-    TEST_ASSERT( status == (psa_status_t) expected_status_arg );
+    TEST_ASSERT( status == expected_status );
 
 exit:
     psa_destroy_key( key_slot );
@@ -786,12 +792,13 @@ exit:
 void cipher_encrypt( int alg_arg, int key_type_arg,
                      data_t *key,
                      data_t *input, data_t *expected_output,
-                     int expected_status )
+                     int expected_status_arg )
 {
     int key_slot = 1;
     psa_status_t status;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
+    psa_status_t expected_status = expected_status_arg;
     unsigned char iv[16] = {0};
     unsigned char *output = NULL;
     size_t output_buffer_size = 0;
@@ -833,7 +840,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
                                 &function_output_length );
     total_output_length += function_output_length;
 
-    TEST_ASSERT( status == (psa_status_t) expected_status );
+    TEST_ASSERT( status == expected_status );
     if( expected_status == PSA_SUCCESS )
     {
         TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
@@ -994,12 +1001,13 @@ exit:
 void cipher_decrypt( int alg_arg, int key_type_arg,
                      data_t *key,
                      data_t *input, data_t *expected_output,
-                     int expected_status )
+                     int expected_status_arg )
 {
     int key_slot = 1;
     psa_status_t status;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
+    psa_status_t expected_status = expected_status_arg;
     unsigned char iv[16] = {0};
     unsigned char *output = NULL;
     size_t output_buffer_size = 0;
@@ -1041,7 +1049,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
                                 output_buffer_size,
                                 &function_output_length );
     total_output_length += function_output_length;
-    TEST_ASSERT( status == (psa_status_t) expected_status );
+    TEST_ASSERT( status == expected_status );
 
     if( expected_status == PSA_SUCCESS )
     {

From 140855615fbac66e21a601657742f9693437430d Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 21 Jun 2018 09:28:55 +0200
Subject: [PATCH 287/889] Fix copypasta in some test cases

---
 tests/suites/test_suite_psa_crypto.data | 28 ++++++++++++-------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 2e6b63e33..631447cd2 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -31,27 +31,27 @@ import:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT
 
 PSA import/export RSA public key: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
+import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
 
 PSA import/export RSA public key: good, 1024-bit, larger buffer
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1
+import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1
 
 PSA import/export RSA keypair: policy forbids export
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1
 
 PSA import/export RSA keypair: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
 
 PSA import/export RSA keypair: good, 1024-bit, larger buffer
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1
 
 PSA import/export RSA keypair: trailing garbage ignored
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0
 
 PSA import RSA keypair: truncated
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
@@ -59,15 +59,15 @@ import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541e
 
 PSA import/export RSA keypair: good, 1023-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:1023:0:PSA_SUCCESS:1
+import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1023:0:PSA_SUCCESS:1
 
 PSA import/export-public RSA public key: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:1024:162:PSA_SUCCESS
+import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS
 
 PSA import/export-public PSA keypair: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:1024:162:PSA_SUCCESS
+import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS
 
 PSA import/export-public: cannot export-public a symmetric key
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
@@ -546,13 +546,13 @@ PSA generate key: bad type (RSA public key)
 generate_key:PSA_KEY_TYPE_RSA_PUBLIC_KEY:512:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED
 
 PSA generate key: raw data, 0 bits
-generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS
+generate_key:PSA_KEY_TYPE_RAW_DATA:128:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS
+
+PSA generate key: raw data, 7 bits: invalid argument
+generate_key:PSA_KEY_TYPE_RAW_DATA:7:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT
 
 PSA generate key: raw data, 8 bits
-generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS
-
-PSA generate key: raw data, 7 bits
-generate_key:PSA_KEY_TYPE_AES:7:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_INVALID_ARGUMENT
+generate_key:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS
 
 PSA generate key: AES, 128 bits, CTR
 depends_on:MBEDTLS_AES_C

From b54979a297702014f12f50bf3b2652f2671737bb Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 21 Jun 2018 09:32:47 +0200
Subject: [PATCH 288/889] Refuse non-byte-sized raw data keys

Since the key size is stored in bytes, we can't have a key whose size
isn't a whole number of bytes.
---
 library/psa_crypto.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 90b43549c..ba80912dd 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -420,6 +420,8 @@ static psa_status_t prepare_raw_data_slot( psa_key_type_t type,
         default:
             return( PSA_ERROR_NOT_SUPPORTED );
     }
+    if( bits % 8 != 0 )
+        return( PSA_ERROR_INVALID_ARGUMENT );
 
     /* Allocate memory for the key */
     raw->bytes = PSA_BITS_TO_BYTES( bits );

From 775b8e97b1795a720870c304413a9f1f65a4180d Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 21 Jun 2018 09:34:34 +0200
Subject: [PATCH 289/889] export asymmetric key: more larger buffer cases

Test not only a buffer that's one byte larger than the minimum, but
also larger sizes that currently trigger a different code path.
---
 tests/suites/test_suite_psa_crypto.data | 28 +++++++++++++++++++++++--
 1 file changed, 26 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 631447cd2..aafc243fc 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -33,10 +33,22 @@ PSA import/export RSA public key: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
 
-PSA import/export RSA public key: good, 1024-bit, larger buffer
+PSA import/export RSA public key: good, larger buffer (+1 byte)
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1
 
+PSA import/export RSA public key: good, larger buffer (*2-1)
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:161:PSA_SUCCESS:1
+
+PSA import/export RSA public key: good, larger buffer (*2)
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:162:PSA_SUCCESS:1
+
+PSA import/export RSA public key: good, larger buffer (*2+1)
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:163:PSA_SUCCESS:1
+
 PSA import/export RSA keypair: policy forbids export
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1
@@ -45,10 +57,22 @@ PSA import/export RSA keypair: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
 
-PSA import/export RSA keypair: good, 1024-bit, larger buffer
+PSA import/export RSA keypair: good, larger buffer (+1 byte)
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1
 
+PSA import/export RSA keypair: good, larger buffer (*2-1)
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:609:PSA_SUCCESS:1
+
+PSA import/export RSA keypair: good, larger buffer (*2)
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:610:PSA_SUCCESS:1
+
+PSA import/export RSA keypair: good, larger buffer (*2+1)
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:611:PSA_SUCCESS:1
+
 PSA import/export RSA keypair: trailing garbage ignored
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0

From 9a94480685ee3280be70aeaf650ee6d49ffdfe74 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 21 Jun 2018 09:35:35 +0200
Subject: [PATCH 290/889] Convert ERR_ASN1 error codes to PSA

This fixes the error code when psa_export_key on an asymmetric key
reports that the output buffer is too small.
---
 library/psa_crypto.c                    | 12 ++++++++++++
 tests/suites/test_suite_psa_crypto.data |  8 ++++++++
 2 files changed, 20 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ba80912dd..adcadf3f5 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -39,6 +39,7 @@
 #endif
 
 #include "mbedtls/arc4.h"
+#include "mbedtls/asn1.h"
 #include "mbedtls/blowfish.h"
 #include "mbedtls/camellia.h"
 #include "mbedtls/cipher.h"
@@ -144,6 +145,17 @@ static psa_status_t mbedtls_to_psa_error( int ret )
         case MBEDTLS_ERR_ARC4_HW_ACCEL_FAILED:
             return( PSA_ERROR_HARDWARE_FAILURE );
 
+        case MBEDTLS_ERR_ASN1_OUT_OF_DATA:
+        case MBEDTLS_ERR_ASN1_UNEXPECTED_TAG:
+        case MBEDTLS_ERR_ASN1_INVALID_LENGTH:
+        case MBEDTLS_ERR_ASN1_LENGTH_MISMATCH:
+        case MBEDTLS_ERR_ASN1_INVALID_DATA:
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        case MBEDTLS_ERR_ASN1_ALLOC_FAILED:
+            return( PSA_ERROR_INSUFFICIENT_MEMORY );
+        case MBEDTLS_ERR_ASN1_BUF_TOO_SMALL:
+            return( PSA_ERROR_BUFFER_TOO_SMALL );
+
         case MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH:
         case MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH:
             return( PSA_ERROR_NOT_SUPPORTED );
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index aafc243fc..94fb181e0 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -49,6 +49,10 @@ PSA import/export RSA public key: good, larger buffer (*2+1)
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:163:PSA_SUCCESS:1
 
+PSA import/export RSA public key: export buffer too small
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
+
 PSA import/export RSA keypair: policy forbids export
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1
@@ -73,6 +77,10 @@ PSA import/export RSA keypair: good, larger buffer (*2+1)
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:611:PSA_SUCCESS:1
 
+PSA import/export RSA keypair: export buffer too small
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
+
 PSA import/export RSA keypair: trailing garbage ignored
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0

From 9ad29e2bee1c12f6799d269307abf10f6153d8f0 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 21 Jun 2018 09:40:04 +0200
Subject: [PATCH 291/889] Add what little was missing to fully support DES

Also add what was missing in the test suite to support block ciphers
with a block size that isn't 16.

Fix some buggy test data that passed only due to problems with DES
support in the product.
---
 library/psa_crypto.c                        | 27 ++++++++++++++--
 tests/suites/test_suite_psa_crypto.data     | 34 ++++++++++++++++++---
 tests/suites/test_suite_psa_crypto.function | 20 ++++++++----
 3 files changed, 68 insertions(+), 13 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index adcadf3f5..a610af364 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1102,10 +1102,17 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
             cipher_id_tmp = MBEDTLS_CIPHER_ID_AES;
             break;
         case PSA_KEY_TYPE_DES:
+            /* key_bits is 64 for Single-DES, 128 for two-key Triple-DES,
+             * and 192 for three-key Triple-DES. */
             if( key_bits == 64 )
                 cipher_id_tmp = MBEDTLS_CIPHER_ID_DES;
             else
                 cipher_id_tmp = MBEDTLS_CIPHER_ID_3DES;
+            /* mbedtls doesn't recognize two-key Triple-DES as an algorithm,
+             * but two-key Triple-DES is functionally three-key Triple-DES
+             * with K1=K3, so that's how we present it to mbedtls. */
+            if( key_bits == 128 )
+                key_bits = 192;
             break;
         case PSA_KEY_TYPE_CAMELLIA:
             cipher_id_tmp = MBEDTLS_CIPHER_ID_CAMELLIA;
@@ -1975,8 +1982,24 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
         return( mbedtls_to_psa_error( ret ) );
     }
 
-    ret = mbedtls_cipher_setkey( &operation->ctx.cipher, slot->data.raw.data,
-                                 key_bits, cipher_operation );
+#if defined(MBEDTLS_DES_C)
+    if( key_type == PSA_KEY_TYPE_DES && key_bits == 128 )
+    {
+        /* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */
+        unsigned char keys[24];
+        memcpy( keys, slot->data.raw.data, 16 );
+        memcpy( keys + 16, slot->data.raw.data, 8 );
+        ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
+                                     keys,
+                                     192, cipher_operation );
+    }
+    else
+#endif
+    {
+        ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
+                                     slot->data.raw.data,
+                                     key_bits, cipher_operation );
+    }
     if( ret != 0 )
     {
         psa_cipher_abort( operation );
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 94fb181e0..9ed9cf532 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -178,10 +178,10 @@ PSA MAC setup: invalid key type, HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
 
-PSA MAC setup: incompatible key DES for CMAC
-depends_on:MBEDTLS_DES_C:MBEDTLS_CMAC_C
+PSA MAC setup: incompatible key HMAC for CMAC
+depends_on:MBEDTLS_CMAC_C
 # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
-mac_setup:PSA_KEY_TYPE_DES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED
 
 PSA MAC verify: HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
@@ -333,6 +333,18 @@ PSA symmetric encrypt: AES-CTR, 15 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
 cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
 
+PSA symmetric encrypt: DES-CBC-nopad, 8 bytes, good
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0e":"eda4011239bc3ac9":"64f917b0152f8f05":PSA_SUCCESS
+
+PSA symmetric encrypt: 2-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"eda4011239bc3ac9":"5d0652429c5b0ac7":PSA_SUCCESS
+
+PSA symmetric encrypt: 3-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"eda4011239bc3ac9":"817ca7d69b80d86a":PSA_SUCCESS
+
 PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
@@ -357,6 +369,18 @@ PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE
 
+PSA symmetric decrypt: DES-CBC-nopad, 8 bytes, good
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0e":"64f917b0152f8f05":"eda4011239bc3ac9":PSA_SUCCESS
+
+PSA symmetric decrypt: 2-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"5d0652429c5b0ac7":"eda4011239bc3ac9":PSA_SUCCESS
+
+PSA symmetric decrypt: 3-key 3DES-CBC-nopad, 8 bytes, good
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"817ca7d69b80d86a":"eda4011239bc3ac9":PSA_SUCCESS
+
 PSA symmetric encrypt/decrypt: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
@@ -600,11 +624,11 @@ generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT |
 
 PSA generate key: DES, 128 bits, CBC-nopad
 depends_on:MBEDTLS_DES_C
-generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS
+generate_key:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS
 
 PSA generate key: DES, 192 bits, CBC-nopad
 depends_on:MBEDTLS_DES_C
-generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS
+generate_key:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS
 
 PSA generate key: invalid key size: AES, 64 bits
 depends_on:MBEDTLS_AES_C
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 84cb69a66..c64138223 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -800,6 +800,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
     psa_algorithm_t alg = alg_arg;
     psa_status_t expected_status = expected_status_arg;
     unsigned char iv[16] = {0};
+    size_t iv_size;
     unsigned char *output = NULL;
     size_t output_buffer_size = 0;
     size_t function_output_length = 0;
@@ -813,7 +814,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
 
-    memset( iv, 0x2a, sizeof( iv ) );
+    iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
+    memset( iv, 0x2a, iv_size );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -824,7 +826,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
                                     key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
-                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
+                                     iv, iv_size ) == PSA_SUCCESS );
     output_buffer_size = input->len + operation.block_size;
     output = mbedtls_calloc( 1, output_buffer_size );
     TEST_ASSERT( output != NULL );
@@ -867,6 +869,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     unsigned char iv[16] = {0};
+    size_t iv_size;
     unsigned char *output = NULL;
     size_t output_buffer_size = 0;
     size_t function_output_length = 0;
@@ -880,7 +883,8 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
 
-    memset( iv, 0x2a, sizeof( iv ) );
+    iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
+    memset( iv, 0x2a, iv_size );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -937,6 +941,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     unsigned char iv[16] = {0};
+    size_t iv_size;
     unsigned char *output = NULL;
     size_t output_buffer_size = 0;
     size_t function_output_length = 0;
@@ -950,7 +955,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
 
-    memset( iv, 0x2a, sizeof( iv ) );
+    iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
+    memset( iv, 0x2a, iv_size );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -1009,6 +1015,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     psa_algorithm_t alg = alg_arg;
     psa_status_t expected_status = expected_status_arg;
     unsigned char iv[16] = {0};
+    size_t iv_size;
     unsigned char *output = NULL;
     size_t output_buffer_size = 0;
     size_t function_output_length = 0;
@@ -1022,7 +1029,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
 
-    memset( iv, 0x2a, sizeof( iv ) );
+    iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
+    memset( iv, 0x2a, iv_size );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -1033,7 +1041,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
                                     key_slot, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
-                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
+                                     iv, iv_size ) == PSA_SUCCESS );
 
     output_buffer_size = input->len + operation.block_size;
     output = mbedtls_calloc( 1, output_buffer_size );

From a50d7396f3ef605ebf5529ca211bae71836502c0 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 21 Jun 2018 10:22:13 +0200
Subject: [PATCH 292/889] test of generate_random: focus on testing the output
 buffer size

In the test generate_random, focus on testing that psa_generate_random
is writing all the bytes of the output buffer and no more. Add a check
that it is writing to each byte of the output buffer. Do not try to
look for repeating output as the structure of a unit test isn't likely
to catch that sort of problem anyway.
---
 tests/suites/test_suite_psa_crypto.data     | 13 +++--
 tests/suites/test_suite_psa_crypto.function | 62 ++++++++++++---------
 2 files changed, 43 insertions(+), 32 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 9ed9cf532..265a6d5be 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -581,19 +581,22 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT
 
 PSA generate random: 0 bytes
-generate_random:0:0
+generate_random:0
 
 PSA generate random: 1 byte
-generate_random:1:8
+generate_random:1
 
 PSA generate random: 4 bytes
-generate_random:1:2
+generate_random:4
 
 PSA generate random: 16 bytes
-generate_random:16:0
+generate_random:16
 
 PSA generate random: 19 bytes
-generate_random:19:0
+generate_random:19
+
+PSA generate random: 260 bytes
+generate_random:260
 
 PSA generate key: bad type (0xffffffff)
 generate_key:0xffffffff:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index c64138223..9af19fa6d 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1871,43 +1871,51 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void generate_random( int bytes, int retries )
+void generate_random( int bytes_arg )
 {
-    const unsigned char trail[] = "foobar";
-    unsigned char *buffer1 = mbedtls_calloc( 1, bytes + sizeof( trail ) );
-    unsigned char *buffer2 = mbedtls_calloc( 1, bytes );
+    size_t bytes = bytes_arg;
+    const unsigned char trail[] = "don't overwrite me";
+    unsigned char *output = mbedtls_calloc( 1, bytes + sizeof( trail ) );
+    unsigned char *changed = mbedtls_calloc( 1, bytes );
+    size_t i;
+    unsigned run;
 
-    TEST_ASSERT( buffer1 != NULL );
-    TEST_ASSERT( buffer2 != NULL );
-    memcpy( buffer1 + bytes, trail, sizeof( trail ) );
+    TEST_ASSERT( output != NULL );
+    TEST_ASSERT( changed != NULL );
+    memcpy( output + bytes, trail, sizeof( trail ) );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_generate_random( buffer1, bytes ) == PSA_SUCCESS );
-
-    /* Check that no more than bytes have been overwritten */
-    TEST_ASSERT( memcmp( buffer1 + bytes, trail, sizeof( trail ) ) == 0 );
-
-    if( bytes == 0 )
-        goto exit;
-
-    /* We can't validate that the data is really random, but we can
-     * validate that it doesn't repeat between calls. There's a
-     * 1/256^bytes chance that it does repeat, of course, so allow
-     * a few retries. */
-    ++retries; /* The first time isn't a REtry */
-    do
+    /* Run several times, to ensure that every output byte will be
+     * nonzero at least once with overwhelming probability
+     * (2^(-8*number_of_runs)). */
+    for( run = 0; run < 10; run++ )
     {
-        --retries;
-        TEST_ASSERT( psa_generate_random( buffer2, bytes ) == PSA_SUCCESS );
+        memset( output, 0, bytes );
+        TEST_ASSERT( psa_generate_random( output, bytes ) == PSA_SUCCESS );
+
+        /* Check that no more than bytes have been overwritten */
+        TEST_ASSERT( memcmp( output + bytes, trail, sizeof( trail ) ) == 0 );
+
+        for( i = 0; i < bytes; i++ )
+        {
+            if( output[i] != 0 )
+                ++changed[i];
+        }
+    }
+
+    /* Check that every byte was changed to nonzero at least once. This
+     * validates that psa_generate_random is overwriting every byte of
+     * the output buffer. */
+    for( i = 0; i < bytes; i++ )
+    {
+        TEST_ASSERT( changed[i] != 0 );
     }
-    while( memcmp( buffer1, buffer2, bytes ) == 0 && retries >= -1 );
-    TEST_ASSERT( retries >= 0 );
 
 exit:
     mbedtls_psa_crypto_free( );
-    mbedtls_free( buffer1 );
-    mbedtls_free( buffer2 );
+    mbedtls_free( output );
+    mbedtls_free( changed );
 }
 /* END_CASE */
 

From 48c0ea14c66998c956c5fd4b0b17020a11d60fef Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 21 Jun 2018 14:15:31 +0200
Subject: [PATCH 293/889] Remove PSA_KEY_TYPE_IS_RAW_BYTES from crypto.h

It isn't used to define other macros and it doesn't seem that useful
for users. Remove it, we can reintroduce it if needed.

Define a similar function key_type_is_raw_bytes in the implementation
with a clear semantics: it's a key that's represented as a struct
raw_data.
---
 include/psa/crypto.h                        |  3 ---
 library/psa_crypto.c                        | 17 ++++++++++++-----
 tests/suites/test_suite_psa_crypto.function |  9 ++++++++-
 3 files changed, 20 insertions(+), 9 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 204ac267a..4a46eb8c3 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -366,9 +366,6 @@ typedef uint32_t psa_key_type_t;
 /** Whether a key type is vendor-defined. */
 #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
     (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
-#define PSA_KEY_TYPE_IS_RAW_BYTES(type)                                 \
-    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_RAW_DATA ||  \
-     ((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
 
 /** Whether a key type is asymmetric: either a key pair or a public key. */
 #define PSA_KEY_TYPE_IS_ASYMMETRIC(type)                                \
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index a610af364..fc73b2cf2 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -116,6 +116,13 @@ typedef struct
     } data;
 } key_slot_t;
 
+static int key_type_is_raw_bytes( psa_key_type_t type )
+{
+    psa_key_type_t category = type & PSA_KEY_TYPE_CATEGORY_MASK;
+    return( category == PSA_KEY_TYPE_RAW_DATA ||
+            category == PSA_KEY_TYPE_CATEGORY_SYMMETRIC );
+}
+
 typedef struct
 {
     int initialized;
@@ -459,7 +466,7 @@ psa_status_t psa_import_key( psa_key_slot_t key,
     if( slot->type != PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_OCCUPIED_SLOT );
 
-    if( PSA_KEY_TYPE_IS_RAW_BYTES( type ) )
+    if( key_type_is_raw_bytes( type ) )
     {
         psa_status_t status;
         /* Ensure that a bytes-to-bit conversion won't overflow. */
@@ -541,7 +548,7 @@ psa_status_t psa_destroy_key( psa_key_slot_t key )
         /* No key material to clean, but do zeroize the slot below to wipe
          * metadata such as policies. */
     }
-    else if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
+    else if( key_type_is_raw_bytes( slot->type ) )
     {
         mbedtls_free( slot->data.raw.data );
     }
@@ -589,7 +596,7 @@ psa_status_t psa_get_key_information( psa_key_slot_t key,
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
 
-    if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
+    if( key_type_is_raw_bytes( slot->type ) )
     {
         if( bits != NULL )
             *bits = slot->data.raw.bytes * 8;
@@ -643,7 +650,7 @@ static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
         ( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) == 0 )
         return( PSA_ERROR_NOT_PERMITTED );
 
-    if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
+    if( key_type_is_raw_bytes( slot->type ) )
     {
         if( slot->data.raw.bytes > data_size )
             return( PSA_ERROR_BUFFER_TOO_SMALL );
@@ -2632,7 +2639,7 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
     if( parameters == NULL && parameters_size != 0 )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    if( PSA_KEY_TYPE_IS_RAW_BYTES( type ) )
+    if( key_type_is_raw_bytes( type ) )
     {
         psa_status_t status = prepare_raw_data_slot( type, bits,
                                                      &slot->data.raw );
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 9af19fa6d..2d279fc38 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -27,6 +27,13 @@ static int mem_is_zero( void *buffer, size_t size )
     return( 1 );
 }
 
+static int key_type_is_raw_bytes( psa_key_type_t type )
+{
+    psa_key_type_t category = type & PSA_KEY_TYPE_CATEGORY_MASK;
+    return( category == PSA_KEY_TYPE_RAW_DATA ||
+            category == PSA_KEY_TYPE_CATEGORY_SYMMETRIC );
+}
+
 static int exercise_mac_key( psa_key_slot_t key,
                              psa_key_usage_t usage,
                              psa_algorithm_t alg )
@@ -1967,7 +1974,7 @@ void generate_key( int type_arg,
                                  &exported_length ) == expected_export_status );
     if( expected_export_status == PSA_SUCCESS )
     {
-        if( PSA_KEY_TYPE_IS_RAW_BYTES( type ) )
+        if( key_type_is_raw_bytes( type ) )
             TEST_ASSERT( exported_length == ( bits + 7 ) / 8 );
 #if defined(MBEDTLS_DES_C)
         if( type == PSA_KEY_TYPE_DES )

From f9c2c09810a2ba0cdca72b08b5eafe8872a7e150 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 21 Jun 2018 16:57:07 +0200
Subject: [PATCH 294/889] In abort functions, return BAD_STATE on obviously bad
 input

psa_hash_abort, psa_mac_abort and psa_cipher_abort now return
PSA_ERROR_BAD_STATE if operation->alg is obviously not valid, which
can only happen due to a programming error in the caller or in the
library. We can't detect all cases of calling abort on uninitialized
memory but this is dirt cheap and better than nothing.
---
 library/psa_crypto.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index fc73b2cf2..12c21d7b6 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -822,7 +822,7 @@ psa_status_t psa_hash_abort( psa_hash_operation_t *operation )
             break;
 #endif
         default:
-            return( PSA_ERROR_NOT_SUPPORTED );
+            return( PSA_ERROR_BAD_STATE );
     }
     operation->alg = 0;
     return( PSA_SUCCESS );
@@ -1231,7 +1231,11 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
             }
             else
 #endif /* MBEDTLS_MD_C */
-                return( PSA_ERROR_NOT_SUPPORTED );
+            {
+                /* Sanity check (shouldn't happen: operation->alg should
+                 * always have been initialized to a valid value). */
+                return( PSA_ERROR_BAD_STATE );
+            }
     }
 
     operation->alg = 0;
@@ -2218,6 +2222,11 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation )
     if( operation->alg == 0 )
         return( PSA_SUCCESS );
 
+    /* Sanity check (shouldn't happen: operation->alg should
+     * always have been initialized to a valid value). */
+    if( ! PSA_ALG_IS_CIPHER( operation->alg ) )
+        return( PSA_ERROR_BAD_STATE );
+
     mbedtls_cipher_free( &operation->ctx.cipher );
 
     operation->alg = 0;

From c2a79768867bdc5425fe3408482b74888ad4faa5 Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Mon, 18 Jun 2018 16:20:16 +0300
Subject: [PATCH 295/889] PSA Crypto error code definitions

Removed the psa_status_t enum and defined error codes as defines.
Conditionally defining PSA_SUCCESS and psa_status_t.
---
 include/psa/crypto.h | 432 ++++++++++++++++++++++---------------------
 1 file changed, 226 insertions(+), 206 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 94060c1eb..9780681be 100755
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -50,212 +50,232 @@ extern "C" {
  *
  * Zero indicates success, anything else indicates an error.
  */
-typedef enum {
-    /** The action was completed successfully. */
-    PSA_SUCCESS = 0,
-    /** The requested operation or a parameter is not supported
-     * by this implementation.
-     *
-     * Implementations should return this error code when an enumeration
-     * parameter such as a key type, algorithm, etc. is not recognized.
-     * If a combination of parameters is recognized and identified as
-     * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */
-    PSA_ERROR_NOT_SUPPORTED,
-    /** The requested action is denied by a policy.
-     *
-     * Implementations should return this error code when the parameters
-     * are recognized as valid and supported, and a policy explicitly
-     * denies the requested operation.
-     *
-     * If a subset of the parameters of a function call identify a
-     * forbidden operation, and another subset of the parameters are
-     * not valid or not supported, it is unspecified whether the function
-     * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or
-     * #PSA_ERROR_INVALID_ARGUMENT. */
-    PSA_ERROR_NOT_PERMITTED,
-    /** An output buffer is too small.
-     *
-     * Applications can call the `PSA_xxx_SIZE` macro listed in the function
-     * description to determine a sufficient buffer size.
-     *
-     * Implementations should preferably return this error code only
-     * in cases when performing the operation with a larger output
-     * buffer would succeed. However implementations may return this
-     * error if a function has invalid or unsupported parameters in addition
-     * to the parameters that determine the necessary output buffer size. */
-    PSA_ERROR_BUFFER_TOO_SMALL,
-    /** A slot is occupied, but must be empty to carry out the
-     * requested action.
-     *
-     * If the slot number is invalid (i.e. the requested action could
-     * not be performed even after erasing the slot's content),
-     * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */
-    PSA_ERROR_OCCUPIED_SLOT,
-    /** A slot is empty, but must be occupied to carry out the
-     * requested action.
-     *
-     * If the slot number is invalid (i.e. the requested action could
-     * not be performed even after creating appropriate content in the slot),
-     * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */
-    PSA_ERROR_EMPTY_SLOT,
-    /** The requested action cannot be performed in the current state.
-     *
-     * Multipart operations return this error when one of the
-     * functions is called out of sequence. Refer to the function
-     * descriptions for permitted sequencing of functions.
-     *
-     * Implementations shall not return this error code to indicate
-     * that a key slot is occupied when it needs to be free or vice versa,
-     * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT
-     * as applicable. */
-    PSA_ERROR_BAD_STATE,
-    /** The parameters passed to the function are invalid.
-     *
-     * Implementations may return this error any time a parameter or
-     * combination of parameters are recognized as invalid.
-     *
-     * Implementations shall not return this error code to indicate
-     * that a key slot is occupied when it needs to be free or vice versa,
-     * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT
-     * as applicable. */
-    PSA_ERROR_INVALID_ARGUMENT,
-    /** There is not enough runtime memory.
-     *
-     * If the action is carried out across multiple security realms, this
-     * error can refer to available memory in any of the security realms. */
-    PSA_ERROR_INSUFFICIENT_MEMORY,
-    /** There is not enough persistent storage.
-     *
-     * Functions that modify the key storage return this error code if
-     * there is insufficient storage space on the host media. In addition,
-     * many functions that do not otherwise access storage may return this
-     * error code if the implementation requires a mandatory log entry for
-     * the requested action and the log storage space is full. */
-    PSA_ERROR_INSUFFICIENT_STORAGE,
-    /** There was a communication failure inside the implementation.
-     *
-     * This can indicate a communication failure between the application
-     * and an external cryptoprocessor or between the cryptoprocessor and
-     * an external volatile or persistent memory. A communication failure
-     * may be transient or permanent depending on the cause.
-     *
-     * \warning If a function returns this error, it is undetermined
-     * whether the requested action has completed or not. Implementations
-     * should return #PSA_SUCCESS on successful completion whenver
-     * possible, however functions may return #PSA_ERROR_COMMUNICATION_FAILURE
-     * if the requested action was completed successfully in an external
-     * cryptoprocessor but there was a breakdown of communication before
-     * the cryptoprocessor could report the status to the application.
-     */
-    PSA_ERROR_COMMUNICATION_FAILURE,
-    /** There was a storage failure that may have led to data loss.
-     *
-     * This error indicates that some persistent storage is corrupted.
-     * It should not be used for a corruption of volatile memory
-     * (use #PSA_ERROR_TAMPERING_DETECTED), for a communication error
-     * between the cryptoprocessor and its external storage (use
-     * #PSA_ERROR_COMMUNICATION_FAILURE), or when the storage is
-     * in a valid state but is full (use #PSA_ERROR_INSUFFICIENT_STORAGE).
-     *
-     * Note that a storage failure does not indicate that any data that was
-     * previously read is invalid. However this previously read data may no
-     * longer be readable from storage.
-     *
-     * When a storage failure occurs, it is no longer possible to ensure
-     * the global integrity of the keystore. Depending on the global
-     * integrity guarantees offered by the implementation, access to other
-     * data may or may not fail even if the data is still readable but
-     * its integrity canont be guaranteed.
-     *
-     * Implementations should only use this error code to report a
-     * permanent storage corruption. However application writers should
-     * keep in mind that transient errors while reading the storage may be
-     * reported using this error code. */
-    PSA_ERROR_STORAGE_FAILURE,
-    /** A hardware failure was detected.
-     *
-     * A hardware failure may be transient or permanent depending on the
-     * cause. */
-    PSA_ERROR_HARDWARE_FAILURE,
-    /** A tampering attempt was detected.
-     *
-     * If an application receives this error code, there is no guarantee
-     * that previously accessed or computed data was correct and remains
-     * confidential. Applications should not perform any security function
-     * and should enter a safe failure state.
-     *
-     * Implementations may return this error code if they detect an invalid
-     * state that cannot happen during normal operation and that indicates
-     * that the implementation's security guarantees no longer hold. Depending
-     * on the implementation architecture and on its security and safety goals,
-     * the implementation may forcibly terminate the application.
-     *
-     * This error code is intended as a last resort when a security breach
-     * is detected and it is unsure whether the keystore data is still
-     * protected. Implementations shall only return this error code
-     * to report an alarm from a tampering detector, to indicate that
-     * the confidentiality of stored data can no longer be guaranteed,
-     * or to indicate that the integrity of previously returned data is now
-     * considered compromised. Implementations shall not use this error code
-     * to indicate a hardware failure that merely makes it impossible to
-     * perform the requested operation (use #PSA_ERROR_COMMUNICATION_FAILURE,
-     * #PSA_ERROR_STORAGE_FAILURE, #PSA_ERROR_HARDWARE_FAILURE,
-     * #PSA_ERROR_INSUFFICIENT_ENTROPY or other applicable error code
-     * instead).
-     *
-     * This error indicates an attack against the application. Implementations
-     * shall not return this error code as a consequence of the behavior of
-     * the application itself. */
-    PSA_ERROR_TAMPERING_DETECTED,
-    /** There is not enough entropy to generate random data needed
-     * for the requested action.
-     *
-     * This error indicates a failure of a hardware random generator.
-     * Application writers should note that this error can be returned not
-     * only by functions whose purpose is to generate random data, such
-     * as key, IV or nonce generation, but also by functions that execute
-     * an algorithm with a randomized result, as well as functions that
-     * use randomization of intermediate computations as a countermeasure
-     * to certain attacks.
-     *
-     * Implementations should avoid returning this error after psa_crypto_init()
-     * has succeeded. Implementations should generate sufficient
-     * entropy during initialization and subsequently use a cryptographically
-     * secure pseudorandom generator (PRNG). However implementations may return
-     * this error at any time if a policy requires the PRNG to be reseeded
-     * during normal operation. */
-    PSA_ERROR_INSUFFICIENT_ENTROPY,
-    /** The signature, MAC or hash is incorrect.
-     *
-     * Verification functions return this error if the verification
-     * calculations completed successfully, and the value to be verified
-     * was determined to be incorrect.
-     *
-     * If the value to verify has an invalid size, implementations may return
-     * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */
-    PSA_ERROR_INVALID_SIGNATURE,
-    /** The decrypted padding is incorrect.
-     *
-     * \warning In some protocols, when decrypting data, it is essential that
-     * the behavior of the application does not depend on whether the padding
-     * is correct, down to precise timing. Applications should prefer
-     * protocols that use authenticated encryption rather than plain
-     * encryption. If the application must perform a decryption of
-     * unauthenticated data, the application writer should take care not
-     * to reveal whether the padding is invalid.
-     *
-     * Implementations should strive to make valid and invalid padding
-     * as close as possible to indistinguishable to an external observer.
-     * In particular, the timing of a decryption operation should not
-     * depend on the validity of the padding. */
-    PSA_ERROR_INVALID_PADDING,
-    /** An error occurred that does not correspond to any defined
-     * failure cause.
-     *
-     * Implementations may use this error code if none of the other standard
-     * error codes are applicable. */
-    PSA_ERROR_UNKNOWN_ERROR,
-} psa_status_t;
+#if defined(PSA_SUCCESS)
+typedef psa_error_t psa_status_t;
+#else
+typedef int32_t psa_status_t;
+/** The action was completed successfully. */
+#define PSA_SUCCESS ((psa_status_t)0)
+#endif // PSA_SUCCESS
+
+/** The requested operation or a parameter is not supported
+ * by this implementation.
+ *
+ * Implementations should return this error code when an enumeration
+ * parameter such as a key type, algorithm, etc. is not recognized.
+ * If a combination of parameters is recognized and identified as
+ * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */
+#define PSA_ERROR_NOT_SUPPORTED         ((psa_status_t)1)
+
+/** The requested action is denied by a policy.
+ *
+ * Implementations should return this error code when the parameters
+ * are recognized as valid and supported, and a policy explicitly
+ * denies the requested operation.
+ *
+ * If a subset of the parameters of a function call identify a
+ * forbidden operation, and another subset of the parameters are
+ * not valid or not supported, it is unspecified whether the function
+ * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or
+ * #PSA_ERROR_INVALID_ARGUMENT. */
+#define PSA_ERROR_NOT_PERMITTED         ((psa_status_t)2)
+
+/** An output buffer is too small.
+ *
+ * Applications can call the `PSA_xxx_SIZE` macro listed in the function
+ * description to determine a sufficient buffer size.
+ *
+ * Implementations should preferably return this error code only
+ * in cases when performing the operation with a larger output
+ * buffer would succeed. However implementations may return this
+ * error if a function has invalid or unsupported parameters in addition
+ * to the parameters that determine the necessary output buffer size. */
+#define PSA_ERROR_BUFFER_TOO_SMALL      ((psa_status_t)3)
+
+/** A slot is occupied, but must be empty to carry out the
+ * requested action.
+ *
+ * If the slot number is invalid (i.e. the requested action could
+ * not be performed even after erasing the slot's content),
+ * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */
+#define PSA_ERROR_OCCUPIED_SLOT         ((psa_status_t)4)
+
+/** A slot is empty, but must be occupied to carry out the
+ * requested action.
+ *
+ * If the slot number is invalid (i.e. the requested action could
+ * not be performed even after creating appropriate content in the slot),
+ * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */
+#define PSA_ERROR_EMPTY_SLOT            ((psa_status_t)5)
+
+/** The requested action cannot be performed in the current state.
+ *
+ * Multipart operations return this error when one of the
+ * functions is called out of sequence. Refer to the function
+ * descriptions for permitted sequencing of functions.
+ *
+ * Implementations shall not return this error code to indicate
+ * that a key slot is occupied when it needs to be free or vice versa,
+ * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT
+ * as applicable. */
+#define PSA_ERROR_BAD_STATE             ((psa_status_t)6)
+
+/** The parameters passed to the function are invalid.
+ *
+ * Implementations may return this error any time a parameter or
+ * combination of parameters are recognized as invalid.
+ *
+ * Implementations shall not return this error code to indicate
+ * that a key slot is occupied when it needs to be free or vice versa,
+ * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT
+ * as applicable. */
+#define PSA_ERROR_INVALID_ARGUMENT      ((psa_status_t)7)
+
+/** There is not enough runtime memory.
+ *
+ * If the action is carried out across multiple security realms, this
+ * error can refer to available memory in any of the security realms. */
+#define PSA_ERROR_INSUFFICIENT_MEMORY   ((psa_status_t)8)
+
+/** There is not enough persistent storage.
+ *
+ * Functions that modify the key storage return this error code if
+ * there is insufficient storage space on the host media. In addition,
+ * many functions that do not otherwise access storage may return this
+ * error code if the implementation requires a mandatory log entry for
+ * the requested action and the log storage space is full. */
+#define PSA_ERROR_INSUFFICIENT_STORAGE  ((psa_status_t)9)
+
+/** There was a communication failure inside the implementation.
+ *
+ * This can indicate a communication failure between the application
+ * and an external cryptoprocessor or between the cryptoprocessor and
+ * an external volatile or persistent memory. A communication failure
+ * may be transient or permanent depending on the cause.
+ *
+ * \warning If a function returns this error, it is undetermined
+ * whether the requested action has completed or not. Implementations
+ * should return #PSA_SUCCESS on successful completion whenver
+ * possible, however functions may return #PSA_ERROR_COMMUNICATION_FAILURE
+ * if the requested action was completed successfully in an external
+ * cryptoprocessor but there was a breakdown of communication before
+ * the cryptoprocessor could report the status to the application.
+ */
+#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)10)
+
+/** There was a storage failure that may have led to data loss.
+ *
+ * This error indicates that some persistent storage is corrupted.
+ * It should not be used for a corruption of volatile memory
+ * (use #PSA_ERROR_TAMPERING_DETECTED), for a communication error
+ * between the cryptoprocessor and its external storage (use
+ * #PSA_ERROR_COMMUNICATION_FAILURE), or when the storage is
+ * in a valid state but is full (use #PSA_ERROR_INSUFFICIENT_STORAGE).
+ *
+ * Note that a storage failure does not indicate that any data that was
+ * previously read is invalid. However this previously read data may no
+ * longer be readable from storage.
+ *
+ * When a storage failure occurs, it is no longer possible to ensure
+ * the global integrity of the keystore. Depending on the global
+ * integrity guarantees offered by the implementation, access to other
+ * data may or may not fail even if the data is still readable but
+ * its integrity canont be guaranteed.
+ *
+ * Implementations should only use this error code to report a
+ * permanent storage corruption. However application writers should
+ * keep in mind that transient errors while reading the storage may be
+ * reported using this error code. */
+#define PSA_ERROR_STORAGE_FAILURE       ((psa_status_t)11)
+
+/** A hardware failure was detected.
+ *
+ * A hardware failure may be transient or permanent depending on the
+ * cause. */
+#define PSA_ERROR_HARDWARE_FAILURE      ((psa_status_t)12)
+
+/** A tampering attempt was detected.
+ *
+ * If an application receives this error code, there is no guarantee
+ * that previously accessed or computed data was correct and remains
+ * confidential. Applications should not perform any security function
+ * and should enter a safe failure state.
+ *
+ * Implementations may return this error code if they detect an invalid
+ * state that cannot happen during normal operation and that indicates
+ * that the implementation's security guarantees no longer hold. Depending
+ * on the implementation architecture and on its security and safety goals,
+ * the implementation may forcibly terminate the application.
+ *
+ * This error code is intended as a last resort when a security breach
+ * is detected and it is unsure whether the keystore data is still
+ * protected. Implementations shall only return this error code
+ * to report an alarm from a tampering detector, to indicate that
+ * the confidentiality of stored data can no longer be guaranteed,
+ * or to indicate that the integrity of previously returned data is now
+ * considered compromised. Implementations shall not use this error code
+ * to indicate a hardware failure that merely makes it impossible to
+ * perform the requested operation (use #PSA_ERROR_COMMUNICATION_FAILURE,
+ * #PSA_ERROR_STORAGE_FAILURE, #PSA_ERROR_HARDWARE_FAILURE,
+ * #PSA_ERROR_INSUFFICIENT_ENTROPY or other applicable error code
+ * instead).
+ *
+ * This error indicates an attack against the application. Implementations
+ * shall not return this error code as a consequence of the behavior of
+ * the application itself. */
+#define PSA_ERROR_TAMPERING_DETECTED    ((psa_status_t)13)
+
+/** There is not enough entropy to generate random data needed
+ * for the requested action.
+ *
+ * This error indicates a failure of a hardware random generator.
+ * Application writers should note that this error can be returned not
+ * only by functions whose purpose is to generate random data, such
+ * as key, IV or nonce generation, but also by functions that execute
+ * an algorithm with a randomized result, as well as functions that
+ * use randomization of intermediate computations as a countermeasure
+ * to certain attacks.
+ *
+ * Implementations should avoid returning this error after psa_crypto_init()
+ * has succeeded. Implementations should generate sufficient
+ * entropy during initialization and subsequently use a cryptographically
+ * secure pseudorandom generator (PRNG). However implementations may return
+ * this error at any time if a policy requires the PRNG to be reseeded
+ * during normal operation. */
+#define PSA_ERROR_INSUFFICIENT_ENTROPY  ((psa_status_t)14)
+
+/** The signature, MAC or hash is incorrect.
+ *
+ * Verification functions return this error if the verification
+ * calculations completed successfully, and the value to be verified
+ * was determined to be incorrect.
+ *
+ * If the value to verify has an invalid size, implementations may return
+ * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */
+#define PSA_ERROR_INVALID_SIGNATURE     ((psa_status_t)15)
+
+/** The decrypted padding is incorrect.
+ *
+ * \warning In some protocols, when decrypting data, it is essential that
+ * the behavior of the application does not depend on whether the padding
+ * is correct, down to precise timing. Applications should prefer
+ * protocols that use authenticated encryption rather than plain
+ * encryption. If the application must perform a decryption of
+ * unauthenticated data, the application writer should take care not
+ * to reveal whether the padding is invalid.
+ *
+ * Implementations should strive to make valid and invalid padding
+ * as close as possible to indistinguishable to an external observer.
+ * In particular, the timing of a decryption operation should not
+ * depend on the validity of the padding. */
+#define PSA_ERROR_INVALID_PADDING       ((psa_status_t)16)
+
+/** An error occurred that does not correspond to any defined
+ * failure cause.
+ *
+ * Implementations may use this error code if none of the other standard
+ * error codes are applicable. */
+#define PSA_ERROR_UNKNOWN_ERROR         ((psa_status_t)17)
 
 /**
  * \brief Library initialization.

From 8173631d7e889882d00b40e95a5f3915957d18be Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 26 Jun 2018 15:04:31 +0200
Subject: [PATCH 296/889] psa_hash_abort: return PSA_SUCCESS if alg=0

Make psa_hash_abort consistent with psa_mac_abort and
psa_cipher_abort.

Add a comment explaining the reasoning.
---
 library/psa_crypto.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 12c21d7b6..2670e4139 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -784,6 +784,11 @@ psa_status_t psa_hash_abort( psa_hash_operation_t *operation )
 {
     switch( operation->alg )
     {
+        case 0:
+            /* The object has (apparently) been initialized but it is not
+             * in use. It's ok to call abort on such an object, and there's
+             * nothing to do. */
+            break;
 #if defined(MBEDTLS_MD2_C)
         case PSA_ALG_MD2:
             mbedtls_md2_free( &operation->ctx.md2 );
@@ -1210,6 +1215,9 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
     switch( operation->alg )
     {
         case 0:
+            /* The object has (apparently) been initialized but it is not
+             * in use. It's ok to call abort on such an object, and there's
+             * nothing to do. */
             return( PSA_SUCCESS );
 #if defined(MBEDTLS_CMAC_C)
         case PSA_ALG_CMAC:
@@ -2220,7 +2228,12 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,
 psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation )
 {
     if( operation->alg == 0 )
+    {
+        /* The object has (apparently) been initialized but it is not
+         * in use. It's ok to call abort on such an object, and there's
+         * nothing to do. */
         return( PSA_SUCCESS );
+    }
 
     /* Sanity check (shouldn't happen: operation->alg should
      * always have been initialized to a valid value). */

From f24c7f80a07d37de80d277ea326f12df2bf510ae Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Wed, 27 Jun 2018 17:20:43 +0100
Subject: [PATCH 297/889] psa_export_key: Always set a valid data length

Make psa_export_key() always set a valid data_length when exporting,
even when there are errors. This makes the API easier to use for buggy
programs (like our test code).

Our test code previously used exported_length uninitialized when
checking to see that the buffer returned was all zero in import_export()
in the case where an error was returned from psa_export_key().
Initialize exported_length to an invalid length, and check that it gets
set properly by psa_export_key(), to avoid this using export_length
uninitialized. Note that the mem_is_zero() check is still valid when
psa_export_key() returns an error, e.g. where exported_length is 0, as
we want to check that nothing was written to the buffer on error.

Out test code also previous passed NULL for the data_length parameter of
psa_export_key() when it expected a failure (in key_policy_fail()).
However, data_length is not allowed to be NULL, especially now that we
write to data_length from psa_export_key() even when there are errors.
Update the test code to not pass in a NULL data_length.
---
 library/psa_crypto.c                        |  6 ++++++
 tests/suites/test_suite_psa_crypto.function | 15 +++++++++++++--
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 2670e4139..de2bf40a9 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -636,6 +636,12 @@ static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
 {
     key_slot_t *slot;
 
+    /* Set the key to empty now, so that even when there are errors, we always
+     * set data_length to a value between 0 and data_size. On error, setting
+     * the key to empty is a good choice because an empty key representation is
+     * unlikely to be accepted anywhere. */
+    *data_length = 0;
+
     if( key == 0 || key > PSA_KEY_SLOT_COUNT )
         return( PSA_ERROR_EMPTY_SLOT );
     slot = &global_data.key_slots[key];
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 2d279fc38..c67725d70 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -8,6 +8,9 @@
 #define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) 1
 #endif
 
+/** An invalid export length that will never be set by psa_export_key(). */
+static const size_t INVALID_EXPORT_LENGTH = ~0U;
+
 /** Test if a buffer is not all-bits zero.
  *
  * \param buffer    Pointer to the beginning of the buffer.
@@ -320,7 +323,7 @@ void import_export( data_t *data,
     unsigned char *exported = NULL;
     unsigned char *reexported = NULL;
     size_t export_size;
-    size_t exported_length;
+    size_t exported_length = INVALID_EXPORT_LENGTH;
     size_t reexported_length;
     psa_key_type_t got_type;
     size_t got_bits;
@@ -358,6 +361,13 @@ void import_export( data_t *data,
                              exported, export_size,
                              &exported_length );
     TEST_ASSERT( status == expected_export_status );
+
+    /* The exported length must be set by psa_export_key() to a value between 0
+     * and export_size. On errors, the exported length must be 0. */
+    TEST_ASSERT( exported_length != INVALID_EXPORT_LENGTH );
+    TEST_ASSERT( status == PSA_SUCCESS || exported_length == 0 );
+    TEST_ASSERT( exported_length <= export_size );
+
     TEST_ASSERT( mem_is_zero( exported + exported_length,
                               export_size - exported_length ) );
     if( status != PSA_SUCCESS )
@@ -536,13 +546,14 @@ void key_policy_fail( int usage_arg, int alg_arg, int expected_status,
 
     if( usage & PSA_KEY_USAGE_SIGN )
     {
+        size_t data_length;
         TEST_ASSERT( keypair != NULL );
         TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
         TEST_ASSERT( psa_import_key( key_slot,
                                      PSA_KEY_TYPE_RSA_KEYPAIR,
                                      keypair->x,
                                      keypair->len ) == PSA_SUCCESS );
-        actual_status = psa_export_key( key_slot, NULL, 0, NULL );
+        actual_status = psa_export_key( key_slot, NULL, 0, &data_length );
     }
 
     TEST_ASSERT( actual_status == expected_status );

From e9a0a9d74d5098572edd23138b11f270a3091641 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 20 Jun 2018 13:59:04 +0200
Subject: [PATCH 298/889] Update documentation of psa_success_t

Now that the type is not an enum, explain what values are valid.

Also add a comment to explain the #if defined(PSA_SUCCESS) temporary hack.
---
 include/psa/crypto.h | 25 ++++++++++++++++++++-----
 1 file changed, 20 insertions(+), 5 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 9780681be..20e2942c9 100755
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -45,18 +45,33 @@ extern "C" {
  * @{
  */
 
+#if defined(PSA_SUCCESS)
+/* If PSA_SUCCESS is defined, assume that PSA crypto is being used
+ * together with PSA IPC, which also defines the identifier
+ * PSA_SUCCESS. We must not define PSA_SUCCESS ourselves in that case;
+ * the other error code names don't clash. Also define psa_status_t as
+ * an alias for the type used by PSA IPC. This is a temporary hack
+ * until we unify error reporting in PSA IPC and PSA crypo.
+ *
+ * Note that psa_defs.h must be included before this header!
+ */
+typedef psa_error_t psa_status_t;
+
+#else /* defined(PSA_SUCCESS) */
+
 /**
  * \brief Function return status.
  *
- * Zero indicates success, anything else indicates an error.
+ * This is either #PSA_SUCCESS (which is zero), indicating success,
+ * or a nonzero value indicating that an error occurred. Errors are
+ * encoded as one of the \c PSA_ERROR_xxx values defined here.
  */
-#if defined(PSA_SUCCESS)
-typedef psa_error_t psa_status_t;
-#else
 typedef int32_t psa_status_t;
+
 /** The action was completed successfully. */
 #define PSA_SUCCESS ((psa_status_t)0)
-#endif // PSA_SUCCESS
+
+#endif /* !defined(PSA_SUCCESS) */
 
 /** The requested operation or a parameter is not supported
  * by this implementation.

From c648d6949d75718e23d78fbee802247202c584fb Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 28 Jun 2018 08:46:13 +0200
Subject: [PATCH 299/889] psa_import_key: fix memory leak on error

Free the content of the pk object if an error occurs after the import.
---
 library/psa_crypto.c | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index de2bf40a9..dbeeef6ae 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -487,6 +487,7 @@ psa_status_t psa_import_key( psa_key_slot_t key,
     {
         int ret;
         mbedtls_pk_context pk;
+        psa_status_t status = PSA_SUCCESS;
         mbedtls_pk_init( &pk );
         if( PSA_KEY_TYPE_IS_KEYPAIR( type ) )
             ret = mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 );
@@ -502,7 +503,7 @@ psa_status_t psa_import_key( psa_key_slot_t key,
                     type == PSA_KEY_TYPE_RSA_KEYPAIR )
                     slot->data.rsa = mbedtls_pk_rsa( pk );
                 else
-                    return( PSA_ERROR_INVALID_ARGUMENT );
+                    status = PSA_ERROR_INVALID_ARGUMENT;
                 break;
 #endif /* MBEDTLS_RSA_C */
 #if defined(MBEDTLS_ECP_C)
@@ -515,15 +516,26 @@ psa_status_t psa_import_key( psa_key_slot_t key,
                     psa_ecc_curve_t expected_curve =
                         PSA_KEY_TYPE_GET_CURVE( type );
                     if( actual_curve != expected_curve )
-                        return( PSA_ERROR_INVALID_ARGUMENT );
+                    {
+                        status = PSA_ERROR_INVALID_ARGUMENT;
+                        break;
+                    }
                     slot->data.ecp = ecp;
                 }
                 else
-                    return( PSA_ERROR_INVALID_ARGUMENT );
+                    status = PSA_ERROR_INVALID_ARGUMENT;
                 break;
 #endif /* MBEDTLS_ECP_C */
             default:
-                return( PSA_ERROR_INVALID_ARGUMENT );
+                status = PSA_ERROR_INVALID_ARGUMENT;
+                break;
+        }
+        /* Free the content of the pk object only on error. On success,
+         * the content of the object has been stored in the slot. */
+        if( status != PSA_SUCCESS )
+        {
+            mbedtls_pk_free( &pk );
+            return( status );
         }
     }
     else

From e7edf7bb20f9295f0e26cc09601d524aaf0377b0 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Wed, 27 Jun 2018 17:55:12 +0100
Subject: [PATCH 300/889] psa: Expect zero-length exported-public symmetric
 keys

Because exporting-public a symmetric key fails, we have no reasonable
expectation that the exported key length has any value at all other than
something obviously incorrect or "empty", like a key with a length of 0.
Our current implementation explicitly sets the exported key length to 0
on errors, so test for this. Fix the "PSA import/export-public: cannot
export-public a symmetric key" test to expect a key length of 0 instead
of 162.
---
 tests/suites/test_suite_psa_crypto.data | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 265a6d5be..612a15220 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -103,7 +103,7 @@ import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5
 
 PSA import/export-public: cannot export-public a symmetric key
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:128:162:PSA_ERROR_INVALID_ARGUMENT
+import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:128:0:PSA_ERROR_INVALID_ARGUMENT
 
 PSA import/export EC secp256r1: good
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED

From 7baf0d57024b32b99b6dfaba74fca28cc006bde6 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Tue, 26 Jun 2018 18:02:59 +0100
Subject: [PATCH 301/889] psa: doxygen: Fix parameters reference

Doxygen interprets `\param` as starting documentation for a new param, or
to extend a previously started `\param` documentation when the same
reference is used. The intention here was to reference the function
parameter, not extend the previous documentation. Use `\p` to refer to
function parameters.
---
 include/psa/crypto.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 38735f2dc..9a1eec96a 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1887,7 +1887,7 @@ psa_status_t psa_generate_random(uint8_t *output,
  *                          interpretation of this parameter depends on
  *                          \c type. All types support \c NULL to use
  *                          the default parameters specified below.
- * \param parameters_size   Size of the buffer that \param parameters
+ * \param parameters_size   Size of the buffer that \p parameters
  *                          points to, in bytes.
  *
  * For any symmetric key type (type such that

From 202d0793a228a718b20656033e0aab9a81a62df9 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 28 Jun 2018 08:48:24 +0200
Subject: [PATCH 302/889] Add import test cases with a key pair of the wrong
 type

---
 tests/suites/test_suite_psa_crypto.data | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 612a15220..957e574a4 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -89,6 +89,10 @@ PSA import RSA keypair: truncated
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT
 
+PSA import RSA keypair: valid key but EC
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT
+
 PSA import/export RSA keypair: good, 1023-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1023:0:PSA_SUCCESS:1
@@ -113,10 +117,14 @@ PSA import/export EC secp384r1: good
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1
 
-PSA import EC keypair secp384r1: wrong curve
+PSA import EC keypair secp384r1: valid key but wrong curve
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT
 
+PSA import EC keypair: valid key but RSA
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT
+
 PSA key policy set and get
 key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE
 

From adb9b2372b9edd355e4d1a87cf8c742033264dd0 Mon Sep 17 00:00:00 2001
From: Mohammad AboMokh <mohammad.abomokh@arm.com>
Date: Thu, 28 Jun 2018 01:52:54 -0700
Subject: [PATCH 303/889] fix PSA_BLOCK_CIPHER_BLOCK_SIZE() argument in test
 code

---
 tests/suites/test_suite_psa_crypto.function | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 0d056db2a..51e541902 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -108,9 +108,9 @@ static int exercise_cipher_key( psa_key_slot_t key,
     if( usage & PSA_KEY_USAGE_DECRYPT )
     {
         psa_status_t status;
+        psa_key_type_t type = PSA_KEY_TYPE_NONE;
         if( ! ( usage & PSA_KEY_USAGE_ENCRYPT ) )
         {
-            psa_key_type_t type;
             size_t bits;
             TEST_ASSERT( psa_get_key_information( key, &type, &bits ) );
             iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE( type );
@@ -130,7 +130,7 @@ static int exercise_cipher_key( psa_key_slot_t key,
          * if the input is some aribtrary data rather than an actual
          ciphertext, a padding error is likely.  */
         if( ( usage & PSA_KEY_USAGE_DECRYPT ) ||
-            PSA_BLOCK_CIPHER_BLOCK_SIZE( alg ) == 1 )
+            PSA_BLOCK_CIPHER_BLOCK_SIZE( type ) == 1 )
             TEST_ASSERT( status == PSA_SUCCESS );
         else
             TEST_ASSERT( status == PSA_SUCCESS ||

From 2a671e9031a1a760d4d4cfb8fcc6c469052ec7da Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Wed, 27 Jun 2018 17:47:40 +0100
Subject: [PATCH 304/889] psa: export_public_key: Check for all zero on error

---
 tests/suites/test_suite_psa_crypto.function | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index c67725d70..0d056db2a 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -425,7 +425,7 @@ void import_export_public_key( data_t *data,
     psa_status_t status;
     unsigned char *exported = NULL;
     size_t export_size;
-    size_t exported_length;
+    size_t exported_length = INVALID_EXPORT_LENGTH;
     psa_key_type_t got_type;
     size_t got_bits;
     psa_key_policy_t policy;
@@ -458,11 +458,12 @@ void import_export_public_key( data_t *data,
                                     exported, export_size,
                                     &exported_length );
     TEST_ASSERT( status == expected_export_status );
+    TEST_ASSERT( exported_length == (size_t) public_key_expected_length );
+    TEST_ASSERT( mem_is_zero( exported + exported_length,
+                              export_size - exported_length ) );
     if( status != PSA_SUCCESS )
         goto destroy;
 
-    TEST_ASSERT( exported_length == (size_t) public_key_expected_length );
-
 destroy:
     /* Destroy the key */
     TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );

From 7ed29c56f176d3ce4e5d9258da22bd5990cb81d3 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 26 Jun 2018 15:50:08 +0200
Subject: [PATCH 305/889] Rename PSA_ALG_RSA_GET_HASH to PSA_ALG_SIGN_GET_HASH

And don't use it for HMAC when there's a perfectly serviceable
PSA_ALG_HMAC_HASH. HMAC isn't hash-and-sign.
---
 include/psa/crypto.h | 58 +++++++++++++++++++++++++++++---------------
 library/psa_crypto.c |  2 +-
 2 files changed, 40 insertions(+), 20 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 9a1eec96a..90f5b6426 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -632,8 +632,28 @@ typedef uint32_t psa_algorithm_t;
     (PSA_ALG_RSA_OAEP_MGF1_RAW | ((hash_alg) & PSA_ALG_HASH_MASK))
 #define PSA_ALG_IS_RSA_OAEP_MGF1(alg)                               \
     (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_MGF1_BASE)
-#define PSA_ALG_RSA_GET_HASH(alg)                                       \
-    (((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH)
+/** Get the hash used by a hash-and-sign signature algorithm.
+ *
+ * A hash-and-sign algorithm is a signature algorithm which is
+ * composed of two phases: first a hashing phase which does not use
+ * the key and produces a hash of the input message, then a signing
+ * phase which only uses the hash and the key and not the message
+ * itself.
+ *
+ * \param alg   A signature algorithm (\c PSA_ALG_XXX value such that
+ *              #PSA_ALG_IS_SIGN(alg) is true).
+ *
+ * \return      The underlying hash algorithm if \p alg is a hash-and-sign
+ *              algorithm.
+ * \return      0 if \p alg is a signature algorithm that does not
+ *              follow the hash-and-sign structure.
+ * \return      Unspecified if \p alg is not a signature algorithm or
+ *              if it is not supported by the implementation.
+ */
+#define PSA_ALG_SIGN_GET_HASH(alg)                                     \
+    (PSA_ALG_IS_SIGN(alg) ?                                            \
+     ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH :             \
+     0)
 
 #define PSA_ALG_ECDSA_RAW                       ((psa_algorithm_t)0x10030000)
 
@@ -994,23 +1014,23 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
  *         An implementation may return either 0 or the correct size
  *         for a hash algorithm that it recognizes, but does not support.
  */
-#define PSA_HASH_SIZE(alg)                                            \
-    (                                                                 \
-        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_MD2 ? 16 :               \
-        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_MD4 ? 16 :               \
-        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_MD5 ? 16 :               \
-        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 :         \
-        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 :             \
-        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28 :           \
-        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32 :           \
-        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48 :           \
-        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64 :           \
-        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 :       \
-        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 :       \
-        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28 :          \
-        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32 :          \
-        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48 :          \
-        PSA_ALG_RSA_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64 :          \
+#define PSA_HASH_SIZE(alg)                                      \
+    (                                                           \
+        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD2 ? 16 :            \
+        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD4 ? 16 :            \
+        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD5 ? 16 :            \
+        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 :      \
+        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_1 ? 20 :          \
+        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_224 ? 28 :        \
+        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_256 ? 32 :        \
+        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_384 ? 48 :        \
+        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512 ? 64 :        \
+        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 :    \
+        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 :    \
+        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_224 ? 28 :       \
+        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_256 ? 32 :       \
+        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_384 ? 48 :       \
+        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_512 ? 64 :       \
         0)
 
 /** Start a multipart hash operation.
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index dbeeef6ae..44867dc48 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1617,7 +1617,7 @@ static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
                                             size_t hash_length,
                                             mbedtls_md_type_t *md_alg )
 {
-    psa_algorithm_t hash_alg = PSA_ALG_RSA_GET_HASH( alg );
+    psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
     const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
     *md_alg = hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type( md_info );
     if( *md_alg == MBEDTLS_MD_NONE )

From a9a3c23ccd439e79b37ee80071eddd01ec2fcd2a Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 28 Jun 2018 08:49:03 +0200
Subject: [PATCH 306/889] Fix a config dependency in a test case

---
 tests/suites/test_suite_psa_crypto.data | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 957e574a4..961cb7385 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -118,7 +118,7 @@ depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R
 import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1
 
 PSA import EC keypair secp384r1: valid key but wrong curve
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT
 
 PSA import EC keypair: valid key but RSA

From 65fa0b84339ac07ec93db350a11437b46752c188 Mon Sep 17 00:00:00 2001
From: Mohammad AboMokh <mohammad.abomokh@arm.com>
Date: Thu, 28 Jun 2018 02:14:00 -0700
Subject: [PATCH 307/889] fix if condition to validate encrypt key usage

---
 tests/suites/test_suite_psa_crypto.function | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 51e541902..6bcc65f31 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -129,7 +129,7 @@ static int exercise_cipher_key( psa_key_slot_t key,
         /* For a stream cipher, all inputs are valid. For a block cipher,
          * if the input is some aribtrary data rather than an actual
          ciphertext, a padding error is likely.  */
-        if( ( usage & PSA_KEY_USAGE_DECRYPT ) ||
+        if( ( usage & PSA_KEY_USAGE_ENCRYPT ) ||
             PSA_BLOCK_CIPHER_BLOCK_SIZE( type ) == 1 )
             TEST_ASSERT( status == PSA_SUCCESS );
         else

From ea4469f8d1dde253f873b226fbe3a9e959c89395 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 28 Jun 2018 13:57:23 +0200
Subject: [PATCH 308/889] Fix parameter name in Doxygen documentation

---
 include/psa/crypto.h | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 90f5b6426..8988be105 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -574,11 +574,12 @@ typedef uint32_t psa_algorithm_t;
  *
  * For example, `PSA_ALG_HMAC(PSA_ALG_SHA256)` is HMAC-SHA-256.
  *
- * \param alg   A hash algorithm (\c PSA_ALG_XXX value such that
- *              #PSA_ALG_IS_HASH(alg) is true).
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(alg) is true).
  *
- * \return      The corresponding HMAC algorithm.
- * \return      Unspecified if \p alg is not a hash algorithm.
+ * \return              The corresponding HMAC algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      hash algorithm.
  */
 #define PSA_ALG_HMAC(hash_alg)                                  \
     (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))

From 559d2f6d3e404a6fb95f59ed945d9de2cd029888 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 28 Jun 2018 10:29:10 +0200
Subject: [PATCH 309/889] Add bad-type import tests with coinciding key sizes

Add a negative test for import where the expected key is an EC key
with the correct key size, but the wrong curve. Change the test that
tries to import an RSA key when an EC key is expected to have the
expected key size.
---
 tests/suites/test_suite_psa_crypto.data | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 961cb7385..5bdc718c6 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -117,13 +117,17 @@ PSA import/export EC secp384r1: good
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1
 
-PSA import EC keypair secp384r1: valid key but wrong curve
+PSA import EC keypair secp384r1: valid key but wrong curve (secp256r1)
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT
 
+PSA import EC keypair brainpool384r1: valid key but wrong curve (secp384r1)
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ERROR_INVALID_ARGUMENT
+
 PSA import EC keypair: valid key but RSA
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C
+import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ERROR_INVALID_ARGUMENT
 
 PSA key policy set and get
 key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE

From 9e73ff17d43bf9a88b7d96bbcf24ca4b7e75c55c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 26 Jun 2018 21:25:40 +0200
Subject: [PATCH 310/889] Add missing parameters to some documentation

tests/scripts/doxygen.sh now passes.
---
 include/psa/crypto.h | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 8988be105..e6911238c 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1212,13 +1212,18 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
  *
  * This is also the MAC size that psa_mac_verify() expects.
  *
- * \param alg   A MAC algorithm (\c PSA_ALG_XXX value such that
- *              #PSA_ALG_IS_MAC(alg) is true).
+ * \param key_type      The type of the MAC key.
+ * \param key_bits      The size of the MAC key in bits.
+ * \param alg           A MAC algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_MAC(alg) is true).
  *
- * \return The MAC size for the specified algorithm.
- *         If the MAC algorithm is not recognized, return 0.
- *         An implementation may return either 0 or the correct size
- *         for a MAC algorithm that it recognizes, but does not support.
+ * \return              The MAC size for the specified algorithm with
+ *                      the specified key parameters.
+ * \return              0 if the MAC algorithm is not recognized.
+ * \return              Either 0 or the correct size for a MAC algorithm that
+ *                      the implementation recognizes, but does not support.
+ * \return              Unspecified if the key parameters are not consistent
+ *                      with the algorithm.
  */
 #define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg)                     \
     (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_HASH(alg)) : \
@@ -1250,6 +1255,7 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
  * - A call to psa_mac_finish(), psa_mac_verify() or psa_mac_abort().
  *
  * \param operation The operation object to use.
+ * \param key       Slot containing the key to use for the operation.
  * \param alg       The MAC algorithm to compute (\c PSA_ALG_XXX value
  *                  such that #PSA_ALG_IS_MAC(alg) is true).
  *
@@ -1326,6 +1332,7 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
  * - A call to psa_cipher_finish() or psa_cipher_abort().
  *
  * \param operation The operation object to use.
+ * \param key       Slot containing the key to use for the operation.
  * \param alg       The cipher algorithm to compute (\c PSA_ALG_XXX value
  *                  such that #PSA_ALG_IS_CIPHER(alg) is true).
  *
@@ -1373,6 +1380,7 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation,
  * - A call to psa_cipher_finish() or psa_cipher_abort().
  *
  * \param operation The operation object to use.
+ * \param key       Slot containing the key to use for the operation.
  * \param alg       The cipher algorithm to compute (\c PSA_ALG_XXX value
  *                  such that #PSA_ALG_IS_CIPHER(alg) is true).
  *

From 55bf3d117124f21a28d2b57e0549ab266d1deb78 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 26 Jun 2018 15:53:48 +0200
Subject: [PATCH 311/889] Sort out RSA mechanisms

* PSS needs to be parametrized by a hash.
* Don't use `_MGF1` in the names of macros for OAEP and PSS. No one
  ever uses anything else.
* Add brief documentation for the RSA signature mechanisms.
---
 include/psa/crypto.h                    | 60 ++++++++++++++++++++-----
 library/psa_crypto.c                    |  8 ++--
 tests/suites/test_suite_psa_crypto.data |  2 +-
 3 files changed, 55 insertions(+), 15 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index e6911238c..32e0f3d83 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -621,18 +621,52 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_CCM                             ((psa_algorithm_t)0x06000001)
 #define PSA_ALG_GCM                             ((psa_algorithm_t)0x06000002)
 
-#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW           ((psa_algorithm_t)0x10010000)
-#define PSA_ALG_RSA_PSS_MGF1                    ((psa_algorithm_t)0x10020000)
-#define PSA_ALG_RSA_PKCS1V15_CRYPT              ((psa_algorithm_t)0x12010000)
-#define PSA_ALG_RSA_OAEP_MGF1_BASE              ((psa_algorithm_t)0x12020000)
+#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE          ((psa_algorithm_t)0x10020000)
+/** RSA PKCS#1 v1.5 signature with hashing.
+ *
+ * This is the signature scheme defined by RFC 8017
+ * (PKCS#1: RSA Cryptography Specifications) under the name
+ * RSASSA-PKCS1-v1_5.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(alg) is true).
+ *
+ * \return              The corresponding RSA PKCS#1 v1.5 signature algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      hash algorithm.
+ */
 #define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg)                             \
-    (PSA_ALG_RSA_PKCS1V15_SIGN_RAW | ((hash_alg) & PSA_ALG_HASH_MASK))
+    (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+/** Raw PKCS#1 v1.5 signature.
+ *
+ * The input to this algorithm is the DigestInfo structure used by
+ * RFC 8017 (PKCS#1: RSA Cryptography Specifications), &sect;9.2
+ * steps 3&ndash;6.
+ */
+#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE
 #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)                               \
-    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_RAW)
-#define PSA_ALG_RSA_OAEP_MGF1(hash_alg)                             \
-    (PSA_ALG_RSA_OAEP_MGF1_RAW | ((hash_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_IS_RSA_OAEP_MGF1(alg)                               \
-    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_MGF1_BASE)
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
+#define PSA_ALG_RSA_PSS_BASE               ((psa_algorithm_t)0x10030000)
+/** RSA PSS signature with hashing.
+ *
+ * This is the signature scheme defined by RFC 8017
+ * (PKCS#1: RSA Cryptography Specifications) under the name
+ * RSASSA-PSS, with the message generation function MGF1. The specified
+ * hash algorithm is used to hash the input message, to create the
+ * salted hash, and for the mask generation.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(alg) is true).
+ *
+ * \return              The corresponding RSA PSS signature algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_RSA_PSS(hash_alg)                               \
+    (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_IS_RSA_PSS(alg)                                 \
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE)
+
 /** Get the hash used by a hash-and-sign signature algorithm.
  *
  * A hash-and-sign algorithm is a signature algorithm which is
@@ -657,6 +691,12 @@ typedef uint32_t psa_algorithm_t;
      0)
 
 #define PSA_ALG_ECDSA_RAW                       ((psa_algorithm_t)0x10030000)
+#define PSA_ALG_RSA_PKCS1V15_CRYPT              ((psa_algorithm_t)0x12020000)
+#define PSA_ALG_RSA_OAEP_BASE                   ((psa_algorithm_t)0x12030000)
+#define PSA_ALG_RSA_OAEP(hash_alg)                              \
+    (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_IS_RSA_OAEP(alg)                                \
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE)
 
 /**@}*/
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 44867dc48..a4fac648e 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1690,7 +1690,7 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key,
         else
 #endif /* MBEDTLS_PKCS1_V15 */
 #if defined(MBEDTLS_PKCS1_V21)
-        if( alg == PSA_ALG_RSA_PSS_MGF1 )
+        if( PSA_ALG_IS_RSA_PSS( alg ) )
         {
             mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
             ret = mbedtls_rsa_rsassa_pss_sign( rsa,
@@ -1789,7 +1789,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
         else
 #endif /* MBEDTLS_PKCS1_V15 */
 #if defined(MBEDTLS_PKCS1_V21)
-        if( alg == PSA_ALG_RSA_PSS_MGF1 )
+        if( PSA_ALG_IS_RSA_PSS( alg ) )
         {
             mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
             ret = mbedtls_rsa_rsassa_pss_verify( rsa,
@@ -1872,7 +1872,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
         else
 #endif /* MBEDTLS_PKCS1_V15 */
 #if defined(MBEDTLS_PKCS1_V21)
-        if( PSA_ALG_IS_RSA_OAEP_MGF1( alg ) )
+        if( PSA_ALG_IS_RSA_OAEP( alg ) )
         {
             return( PSA_ERROR_NOT_SUPPORTED );
         }
@@ -1941,7 +1941,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
         else
 #endif /* MBEDTLS_PKCS1_V15 */
 #if defined(MBEDTLS_PKCS1_V21)
-        if( PSA_ALG_IS_RSA_OAEP_MGF1( alg ) )
+        if( PSA_ALG_IS_RSA_OAEP( alg ) )
         {
             return( PSA_ERROR_NOT_SUPPORTED );
         }
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 5bdc718c6..d3186783d 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -503,7 +503,7 @@ PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 SHA-256
 signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):128
 
 PSA signature size: RSA keypair, 1024 bits, PSS
-signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PSS_MGF1:128
+signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):128
 
 PSA signature size: RSA keypair, 1023 bits, PKCS#1 v1.5 raw
 signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1023:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128

From 08bac713dfb06ae152beaa80b8c8f3d4d5bb69e0 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 26 Jun 2018 16:14:46 +0200
Subject: [PATCH 312/889] Clarify that asymmetric_{sign,verify} operate on a
 hash

---
 include/psa/crypto.h | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 32e0f3d83..b67f322f3 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1715,10 +1715,16 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
 /**
  * \brief Sign a hash or short message with a private key.
  *
+ * Note that to perform a hash-and-sign signature algorithm, you must
+ * first calculate the hash by calling psa_hash_start(), psa_hash_update()
+ * and psa_hash_finish(). Then pass the resulting hash as the \p hash
+ * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg)
+ * to determine the hash algorithm to use.
+ *
  * \param key               Key slot containing an asymmetric key pair.
  * \param alg               A signature algorithm that is compatible with
  *                          the type of \c key.
- * \param hash              The message to sign.
+ * \param hash              The hash or message to sign.
  * \param hash_length       Size of the \c hash buffer in bytes.
  * \param salt              A salt or label, if supported by the signature
  *                          algorithm.
@@ -1762,11 +1768,18 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
 /**
  * \brief Verify the signature a hash or short message using a public key.
  *
+ * Note that to perform a hash-and-sign signature algorithm, you must
+ * first calculate the hash by calling psa_hash_start(), psa_hash_update()
+ * and psa_hash_finish(). Then pass the resulting hash as the \p hash
+ * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg)
+ * to determine the hash algorithm to use.
+ *
  * \param key               Key slot containing a public key or an
  *                          asymmetric key pair.
  * \param alg               A signature algorithm that is compatible with
  *                          the type of \c key.
- * \param hash              The message whose signature is to be verified.
+ * \param hash              The hash or message whose signature is to be
+ *                          verified.
  * \param hash_length       Size of the \c hash buffer in bytes.
  * \param salt              A salt or label, if supported by the signature
  *                          algorithm.

From e9191ff90bb3c3c71a6f73a5159613faf9991a70 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 27 Jun 2018 14:58:41 +0200
Subject: [PATCH 313/889] Add missing const for signature parameter of
 psa_asymmetric_verify

---
 include/psa/crypto.h | 2 +-
 library/psa_crypto.c | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index b67f322f3..4f1fd7d91 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1811,7 +1811,7 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
                                    size_t hash_length,
                                    const uint8_t *salt,
                                    size_t salt_length,
-                                   uint8_t *signature,
+                                   const uint8_t *signature,
                                    size_t signature_size);
 
 #define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg)     \
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index a4fac648e..c7a44f6a7 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1741,7 +1741,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
                                     size_t hash_length,
                                     const uint8_t *salt,
                                     size_t salt_length,
-                                    uint8_t *signature,
+                                    const uint8_t *signature,
                                     size_t signature_size )
 {
     key_slot_t *slot;

From 526fab0066cb4ab06bf3b291d2a718131010d165 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 27 Jun 2018 18:19:40 +0200
Subject: [PATCH 314/889] Fix parameter name signature_size for
 psa_asymmetric_verify

It should have been signature_length, following our conventions.
---
 include/psa/crypto.h | 4 ++--
 library/psa_crypto.c | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 4f1fd7d91..62334dd6b 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1791,7 +1791,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
  * \param salt_length       Size of the \c salt buffer in bytes.
  *                          If \c salt is \c NULL, pass 0.
  * \param signature         Buffer containing the signature to verify.
- * \param signature_size    Size of the \c signature buffer in bytes.
+ * \param signature_length  Size of the \c signature buffer in bytes.
  *
  * \retval PSA_SUCCESS
  *         The signature is valid.
@@ -1812,7 +1812,7 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
                                    const uint8_t *salt,
                                    size_t salt_length,
                                    const uint8_t *signature,
-                                   size_t signature_size);
+                                   size_t signature_length);
 
 #define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg)     \
     (PSA_KEY_TYPE_IS_RSA(key_type) ?                                    \
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c7a44f6a7..35adbb4ae 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1742,7 +1742,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
                                     const uint8_t *salt,
                                     size_t salt_length,
                                     const uint8_t *signature,
-                                    size_t signature_size )
+                                    size_t signature_length )
 {
     key_slot_t *slot;
     psa_status_t status;
@@ -1768,7 +1768,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
         if( status != PSA_SUCCESS )
             return( status );
 
-        if( signature_size < rsa->len )
+        if( signature_length < rsa->len )
             return( PSA_ERROR_BUFFER_TOO_SMALL );
 #if defined(MBEDTLS_PKCS1_V15)
         if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
@@ -1815,7 +1815,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
         int ret;
         (void) alg;
         ret = mbedtls_ecdsa_read_signature( ecdsa, hash, hash_length,
-                                            signature, signature_size );
+                                            signature, signature_length );
         return( mbedtls_to_psa_error( ret ) );
     }
     else

From a81d85b732d077e2fde8745a011cf7f36277e0a2 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 26 Jun 2018 16:10:23 +0200
Subject: [PATCH 315/889] Sort out ECDSA mechanisms

* Distinguish randomized ECDSA from deterministic ECDSA.
* Deterministic ECDSA needs to be parametrized by a hash.
* Randomized ECDSA only uses the hash for the initial hash step,
  but add ECDSA(hash) algorithms anyway so that all the signature
  algorithms encode the initial hashing step.
* Add brief documentation for the ECDSA signature mechanisms.
* Also define DSA signature mechanisms while I'm at it. There were
  already key types for DSA.
---
 include/psa/crypto.h                    |  81 ++++++++++++++++-
 library/psa_crypto.c                    | 116 ++++++++++++++++++++----
 tests/suites/test_suite_psa_crypto.data |  32 ++++---
 3 files changed, 194 insertions(+), 35 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 62334dd6b..2f972d37d 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -667,6 +667,83 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_IS_RSA_PSS(alg)                                 \
     (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE)
 
+#define PSA_ALG_DSA_BASE                        ((psa_algorithm_t)0x10040000)
+/** DSA signature with hashing.
+ *
+ * This is the signature scheme defined by FIPS 186-4,
+ * with a random per-message secret number (*k*).
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(alg) is true).
+ *
+ * \return              The corresponding DSA signature algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_DSA(hash_alg)                             \
+    (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_DETERMINISTIC_DSA_BASE          ((psa_algorithm_t)0x10050000)
+#define PSA_ALG_DSA_DETERMINISTIC_FLAG          ((psa_algorithm_t)0x00010000)
+#define PSA_ALG_DETERMINISTIC_DSA(hash_alg)                             \
+    (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_IS_DSA(alg)                                             \
+    (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) ==  \
+     PSA_ALG_DSA_BASE)
+#define PSA_ALG_DSA_IS_DETERMINISTIC(alg)               \
+    (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
+
+#define PSA_ALG_ECDSA_BASE                      ((psa_algorithm_t)0x10060000)
+/** ECDSA signature with hashing.
+ *
+ * This is the ECDSA signature scheme defined by ANSI X9.62,
+ * with a random per-message secret number (*k*).
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(alg) is true).
+ *
+ * \return              The corresponding ECDSA signature algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_ECDSA(hash_alg)                                 \
+    (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+/** ECDSA signature without hashing.
+ *
+ * This is the signature scheme defined by ANSI X9.62,
+ * without specifying a hash algorithm. This algorithm may only be
+ * used to sign or verify a sequence of bytes that should be an
+ * already-calculated hash. Note that the input is padded with
+ * zeros on the left or truncated on the left as required to fit
+ * the curve size.
+ */
+#define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
+#define PSA_ALG_DETERMINISTIC_ECDSA_BASE        ((psa_algorithm_t)0x10070000)
+/** Deterministic ECDSA signature with hashing.
+ *
+ * This is the deterministic ECDSA signature scheme defined by RFC 6979.
+ *
+ * Note that when this algorithm is used for verification, signatures
+ * made with randomized ECDSA (#PSA_ALG_ECDSA(\c hash_alg)) with the
+ * same private key are accepted. In other words,
+ * #PSA_ALG_DETERMINISTIC_ECDSA(\c hash_alg) differs from
+ * #PSA_ALG_ECDSA(\c hash_alg) only for signature, not for verification.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(alg) is true).
+ *
+ * \return              The corresponding deterministic ECDSA signature
+ *                      algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg)                           \
+    (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_IS_ECDSA(alg)                                           \
+    (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) ==  \
+     PSA_ALG_ECDSA_BASE)
+#define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)             \
+    (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
+
 /** Get the hash used by a hash-and-sign signature algorithm.
  *
  * A hash-and-sign algorithm is a signature algorithm which is
@@ -686,11 +763,11 @@ typedef uint32_t psa_algorithm_t;
  *              if it is not supported by the implementation.
  */
 #define PSA_ALG_SIGN_GET_HASH(alg)                                     \
-    (PSA_ALG_IS_SIGN(alg) ?                                            \
+    (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) ||   \
+     PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg) ?                    \
      ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH :             \
      0)
 
-#define PSA_ALG_ECDSA_RAW                       ((psa_algorithm_t)0x10030000)
 #define PSA_ALG_RSA_PKCS1V15_CRYPT              ((psa_algorithm_t)0x12020000)
 #define PSA_ALG_RSA_OAEP_BASE                   ((psa_algorithm_t)0x12030000)
 #define PSA_ALG_RSA_OAEP(hash_alg)                              \
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 35adbb4ae..ffc587a1e 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -40,6 +40,8 @@
 
 #include "mbedtls/arc4.h"
 #include "mbedtls/asn1.h"
+#include "mbedtls/asn1write.h"
+#include "mbedtls/bignum.h"
 #include "mbedtls/blowfish.h"
 #include "mbedtls/camellia.h"
 #include "mbedtls/cipher.h"
@@ -1637,6 +1639,74 @@ static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
     return( PSA_SUCCESS );
 }
 
+#if defined(MBEDTLS_ECDSA_C)
+/* Temporary copy from ecdsa.c */
+static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s,
+                                    unsigned char *sig, size_t *slen )
+{
+    int ret;
+    unsigned char buf[MBEDTLS_ECDSA_MAX_LEN];
+    unsigned char *p = buf + sizeof( buf );
+    size_t len = 0;
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, s ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, r ) );
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, buf, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, buf,
+                                       MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
+
+    memcpy( sig, p, len );
+    *slen = len;
+
+    return( 0 );
+}
+
+/* `ecp` cannot be const because `ecp->grp` needs to be non-const
+ * for mbedtls_ecdsa_sign() and mbedtls_ecdsa_sign_det()
+ * (even though these functions don't modify it). */
+static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp,
+                                    psa_algorithm_t alg,
+                                    const uint8_t *hash,
+                                    size_t hash_length,
+                                    uint8_t *signature,
+                                    size_t signature_size,
+                                    size_t *signature_length )
+{
+    int ret;
+    mbedtls_mpi r, s;
+    mbedtls_mpi_init( &r );
+    mbedtls_mpi_init( &s );
+
+    if( signature_size < PSA_ECDSA_SIGNATURE_SIZE( ecp->grp.pbits ) )
+        return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+    if( PSA_ALG_DSA_IS_DETERMINISTIC( alg ) )
+    {
+        psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
+        const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
+        mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info );
+        MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det( &ecp->grp, &r, &s, &ecp->d,
+                                                 hash, hash_length,
+                                                 md_alg ) );
+    }
+    else
+    {
+        MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ecp->grp, &r, &s, &ecp->d,
+                                             hash, hash_length,
+                                             mbedtls_ctr_drbg_random,
+                                             &global_data.ctr_drbg ) );
+    }
+    MBEDTLS_MPI_CHK( ecdsa_signature_to_asn1( &r, &s,
+                                              signature, signature_length ) );
+
+cleanup:
+    mbedtls_mpi_free( &r );
+    mbedtls_mpi_free( &s );
+    return( mbedtls_to_psa_error( ret ) );
+}
+#endif /* MBEDTLS_ECDSA_C */
+
 psa_status_t psa_asymmetric_sign( psa_key_slot_t key,
                                   psa_algorithm_t alg,
                                   const uint8_t *hash,
@@ -1714,19 +1784,19 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key,
 #if defined(MBEDTLS_ECP_C)
     if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
     {
-        mbedtls_ecp_keypair *ecdsa = slot->data.ecp;
-        int ret;
-        const mbedtls_md_info_t *md_info;
-        mbedtls_md_type_t md_alg;
-        if( signature_size < PSA_ECDSA_SIGNATURE_SIZE( ecdsa->grp.pbits ) )
-            return( PSA_ERROR_BUFFER_TOO_SMALL );
-        md_info = mbedtls_md_info_from_psa( alg );
-        md_alg = mbedtls_md_get_type( md_info );
-        ret = mbedtls_ecdsa_write_signature( ecdsa, md_alg, hash, hash_length,
-                                             signature, signature_length,
-                                             mbedtls_ctr_drbg_random,
-                                             &global_data.ctr_drbg );
-        return( mbedtls_to_psa_error( ret ) );
+#if defined(MBEDTLS_ECDSA_C)
+        if( PSA_ALG_IS_ECDSA( alg ) )
+            status = psa_ecdsa_sign( slot->data.ecp,
+                                     alg,
+                                     hash, hash_length,
+                                     signature, signature_size,
+                                     signature_length );
+        else
+#endif /* defined(MBEDTLS_ECDSA_C) */
+        {
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        }
+        return( status );
     }
     else
 #endif /* defined(MBEDTLS_ECP_C) */
@@ -1811,12 +1881,20 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
 #if defined(MBEDTLS_ECP_C)
     if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
     {
-        mbedtls_ecp_keypair *ecdsa = slot->data.ecp;
-        int ret;
-        (void) alg;
-        ret = mbedtls_ecdsa_read_signature( ecdsa, hash, hash_length,
-                                            signature, signature_length );
-        return( mbedtls_to_psa_error( ret ) );
+#if defined(MBEDTLS_ECDSA_C)
+        if( PSA_ALG_IS_ECDSA( alg ) )
+        {
+            int ret;
+            ret = mbedtls_ecdsa_read_signature( slot->data.ecp,
+                                                hash, hash_length,
+                                                signature, signature_length );
+            return( mbedtls_to_psa_error( ret ) );
+        }
+        else
+#endif /* defined(MBEDTLS_ECDSA_C) */
+        {
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        }
     }
     else
 #endif /* defined(MBEDTLS_ECP_C) */
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index d3186783d..17e3a5538 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -111,11 +111,11 @@ import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA
 
 PSA import/export EC secp256r1: good
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
+import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
 
 PSA import/export EC secp384r1: good
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_RAW:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1
+import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1
 
 PSA import EC keypair secp384r1: valid key but wrong curve (secp256r1)
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
@@ -518,9 +518,9 @@ sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84
 PSA sign: RSA PKCS#1 v1.5 SHA-256
 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
 
-PSA sign: ECDSA SECP256R1 SHA-256
+PSA sign: deterministic ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
-sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
 PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size
 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT
@@ -528,13 +528,13 @@ sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5
 PSA sign: RSA PKCS#1 v1.5 SHA-256, output buffer too small
 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL
 
-PSA sign: ECDSA SECP256R1 SHA-256, output buffer too small
+PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL
 
-PSA sign: ECDSA SECP256R1, invalid hash
+PSA sign: deterministic ECDSA SECP256R1, invalid hash
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
-sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":0:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
 
 PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
@@ -548,9 +548,13 @@ PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
 
-PSA verify: ECDSA SECP256R1 SHA-256
+PSA verify: ECDSA SECP256R1, good
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_SHA_256:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+
+PSA verify: ECDSA SECP256R1, wrong signature
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE
 
 PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #1
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
@@ -662,9 +666,9 @@ depends_on:MBEDTLS_RSA_C
 generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS
 
 PSA generate key: ECC, SECP256R1, good
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_RAW | PSA_ALG_SHA_256:PSA_SUCCESS
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
+generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_SUCCESS
 
 PSA generate key: ECC, SECP256R1, incorrect bit size
-depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_RAW:PSA_ERROR_INVALID_ARGUMENT
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
+generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT

From a680c7a9fcf7765dd35a177e9b6ddd607520ab3f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 26 Jun 2018 16:12:43 +0200
Subject: [PATCH 316/889] Add import-and-exercise tests for some signature
 algorithms

---
 tests/suites/test_suite_psa_crypto.data     | 12 ++++
 tests/suites/test_suite_psa_crypto.function | 61 +++++++++++++++++++++
 2 files changed, 73 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 17e3a5538..2f9035438 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -511,6 +511,18 @@ signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1023:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
 PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw
 signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1025:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:129
 
+PSA import/exercise RSA keypair, PKCS#1 v1.5 raw
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW
+
+PSA import/exercise: ECP SECP256R1 keypair, ECDSA
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
+import_and_exercise_key:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDSA_ANY
+
+PSA import/exercise: ECP SECP256R1 keypair, deterministic ECDSA
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
+import_and_exercise_key:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 )
+
 PSA sign: RSA PKCS#1 v1.5, raw
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a"
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 6bcc65f31..446af5a19 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -476,6 +476,67 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void import_and_exercise_key( data_t *data,
+                              int type_arg,
+                              int bits_arg,
+                              int alg_arg )
+{
+    int slot = 1;
+    psa_key_type_t type = type_arg;
+    size_t bits = bits_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_usage_t usage =
+        ( PSA_ALG_IS_MAC( alg ) || PSA_ALG_IS_SIGN( alg ) ?
+          ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ?
+            PSA_KEY_USAGE_VERIFY :
+            PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY ) :
+          PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) ||
+          PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ?
+          ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ?
+            PSA_KEY_USAGE_ENCRYPT :
+            PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ) :
+          0 );
+    psa_key_policy_t policy;
+    psa_key_type_t got_type;
+    size_t got_bits;
+    psa_status_t status;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, usage, alg );
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    /* Import the key */
+    status = psa_import_key( slot, type, data->x, data->len );
+    TEST_ASSERT( status == PSA_SUCCESS );
+
+    /* Test the key information */
+    TEST_ASSERT( psa_get_key_information( slot,
+                                          &got_type,
+                                          &got_bits ) == PSA_SUCCESS );
+    TEST_ASSERT( got_type == type );
+    TEST_ASSERT( got_bits == bits );
+
+    /* Do something with the key according to its type and permitted usage. */
+    if( PSA_ALG_IS_MAC( alg ) )
+        exercise_mac_key( slot, usage, alg );
+    else if( PSA_ALG_IS_CIPHER( alg ) )
+        exercise_cipher_key( slot, usage, alg );
+    else if( PSA_ALG_IS_AEAD( alg ) )
+        exercise_aead_key( slot, usage, alg );
+    else if( PSA_ALG_IS_SIGN( alg ) )
+        exercise_signature_key( slot, usage, alg );
+    else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) )
+        exercise_asymmetric_encryption_key( slot, usage, alg );
+
+exit:
+    psa_destroy_key( slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void key_policy( int usage_arg, int alg_arg )
 {

From 2853849498e8a69ff237c52cea29b23d488cb307 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 11 Jul 2018 17:34:00 +0200
Subject: [PATCH 317/889] Doxygen: linkify references to macro names

---
 include/psa/crypto.h | 380 +++++++++++++++++++++----------------------
 1 file changed, 190 insertions(+), 190 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index a30af423a..f1c836834 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -301,12 +301,12 @@ typedef int32_t psa_status_t;
  * Applications may call this function more than once. Once a call
  * succeeds, subsequent calls are guaranteed to succeed.
  *
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
- * \retval PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
  */
 psa_status_t psa_crypto_init(void);
 
@@ -354,7 +354,7 @@ typedef uint32_t psa_key_type_t;
  * used for.
  *
  * HMAC keys should generally have the same size as the underlying hash.
- * This size can be calculated with `PSA_HASH_SIZE(alg)` where
+ * This size can be calculated with #PSA_HASH_SIZE(`alg`) where
  * `alg` is the HMAC algorithm or the underlying hash algorithm. */
 #define PSA_KEY_TYPE_HMAC                       ((psa_key_type_t)0x02000001)
 /** Key for an cipher, AEAD or MAC algorithm based on the AES block cipher.
@@ -802,21 +802,21 @@ typedef uint32_t psa_algorithm_t;
  * \param data        Buffer containing the key data.
  * \param data_length Size of the \c data buffer in bytes.
  *
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
  *         Success.
- * \retval PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_NOT_SUPPORTED
  *         The key type or key size is not supported, either by the
  *         implementation in general or in this particular slot.
- * \retval PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         The key slot is invalid,
  *         or the key data is not correctly formatted.
- * \retval PSA_ERROR_OCCUPIED_SLOT
+ * \retval #PSA_ERROR_OCCUPIED_SLOT
  *         There is already a key in the specified slot.
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_INSUFFICIENT_STORAGE
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_import_key(psa_key_slot_t key,
                             psa_key_type_t type,
@@ -836,22 +836,22 @@ psa_status_t psa_import_key(psa_key_slot_t key,
  *
  * \param key           The key slot to erase.
  *
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
  *         The slot's content, if any, has been erased.
- * \retval PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_NOT_PERMITTED
  *         The slot holds content and cannot be erased because it is
  *         read-only, either due to a policy or due to physical restrictions.
- * \retval PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         The specified slot number does not designate a valid slot.
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  *         There was an failure in communication with the cryptoprocessor.
  *         The key material may still be present in the cryptoprocessor.
- * \retval PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_STORAGE_FAILURE
  *         The storage is corrupted. Implementations shall make a best effort
  *         to erase key material even in this stage, however applications
  *         should be aware that it may be impossible to guarantee that the
  *         key material is not recoverable in such cases.
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  *         An unexpected condition which is not a storage corruption or
  *         a communication failure occurred. The cryptoprocessor may have
  *         been compromised.
@@ -870,11 +870,11 @@ psa_status_t psa_destroy_key(psa_key_slot_t key);
  *                      This may be a null pointer, in which case the key size
  *                      is not written.
  *
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_EMPTY_SLOT
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_get_key_information(psa_key_slot_t key,
                                      psa_key_type_t *type,
@@ -912,12 +912,12 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  * \param data_length   On success, the number of bytes
  *                      that make up the key data.
  *
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_EMPTY_SLOT
- * \retval PSA_ERROR_NOT_PERMITTED
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_export_key(psa_key_slot_t key,
                             uint8_t *data,
@@ -943,12 +943,12 @@ psa_status_t psa_export_key(psa_key_slot_t key,
  * \param data_length   On success, the number of bytes
  *                      that make up the key data.
  *
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_EMPTY_SLOT
- * \retval PSA_ERROR_INVALID_ARGUMENT
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_export_public_key(psa_key_slot_t key,
                                    uint8_t *data,
@@ -1075,13 +1075,13 @@ typedef uint32_t psa_key_lifetime_t;
  * \param key           Slot to query.
  * \param lifetime      On success, the lifetime value.
  *
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
  *         Success.
- * \retval PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         The key slot is invalid.
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
                                   psa_key_lifetime_t *lifetime);
@@ -1095,20 +1095,20 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
  * \param key           Slot whose lifetime is to be changed.
  * \param lifetime      The lifetime value to set for the given key slot.
  *
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
  *         Success.
- * \retval PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         The key slot is invalid,
  *         or the lifetime value is invalid.
- * \retval PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_NOT_SUPPORTED
  *         The implementation does not support the specified lifetime value,
  *         at least for the specified key slot.
- * \retval PSA_ERROR_OCCUPIED_SLOT
+ * \retval #PSA_ERROR_OCCUPIED_SLOT
  *         The slot contains a key, and the implementation does not support
  *         changing the lifetime of an occupied slot.
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
                                   psa_key_lifetime_t lifetime);
@@ -1132,7 +1132,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
  *
  * \param alg   A hash algorithm (\c PSA_ALG_XXX value such that
  *              #PSA_ALG_IS_HASH(alg) is true), or an HMAC algorithm
- *              (`PSA_ALG_HMAC(hash_alg)` where `hash_alg` is a
+ *              (#PSA_ALG_HMAC(`hash_alg`) where `hash_alg` is a
  *              hash algorithm).
  *
  * \return The hash size for the specified hash algorithm.
@@ -1185,14 +1185,14 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
  * \param alg       The hash algorithm to compute (\c PSA_ALG_XXX value
  *                  such that #PSA_ALG_IS_HASH(alg) is true).
  *
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
  *         Success.
- * \retval PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \c alg is not supported or is not a hash algorithm.
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
                             psa_algorithm_t alg);
@@ -1207,14 +1207,14 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
  * \param input         Buffer containing the message fragment to hash.
  * \param input_length  Size of the \c input buffer in bytes.
  *
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
  *         Success.
- * \retval PSA_ERROR_BAD_STATE
+ * \retval #PSA_ERROR_BAD_STATE
  *         The operation state is not valid (not started, or already completed).
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_hash_update(psa_hash_operation_t *operation,
                              const uint8_t *input,
@@ -1244,18 +1244,18 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation,
  *                      #PSA_HASH_SIZE(alg) where \c alg is the
  *                      hash algorithm that is calculated.
  *
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
  *         Success.
- * \retval PSA_ERROR_BAD_STATE
+ * \retval #PSA_ERROR_BAD_STATE
  *         The operation state is not valid (not started, or already completed).
- * \retval PSA_ERROR_BUFFER_TOO_SMALL
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \c hash buffer is too small. You can determine a
  *         sufficient buffer size by calling #PSA_HASH_SIZE(alg)
  *         where \c alg is the hash algorithm that is calculated.
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
                              uint8_t *hash,
@@ -1281,17 +1281,17 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
  * \param hash          Buffer containing the expected hash value.
  * \param hash_length   Size of the \c hash buffer in bytes.
  *
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
  *         The expected hash is identical to the actual hash of the message.
- * \retval PSA_ERROR_INVALID_SIGNATURE
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
  *         The hash of the message was calculated successfully, but it
  *         differs from the expected hash.
- * \retval PSA_ERROR_BAD_STATE
+ * \retval #PSA_ERROR_BAD_STATE
  *         The operation state is not valid (not started, or already completed).
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
                              const uint8_t *hash,
@@ -1311,12 +1311,12 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
  *
  * \param operation     Active hash operation.
  *
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_BAD_STATE
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BAD_STATE
  *         \c operation is not an active hash operation.
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_hash_abort(psa_hash_operation_t *operation);
 
@@ -1365,18 +1365,18 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
  * \param alg       The MAC algorithm to compute (\c PSA_ALG_XXX value
  *                  such that #PSA_ALG_IS_MAC(alg) is true).
  *
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
  *         Success.
- * \retval PSA_ERROR_EMPTY_SLOT
- * \retval PSA_ERROR_NOT_PERMITTED
- * \retval PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \c key is not compatible with \c alg.
- * \retval PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \c alg is not supported or is not a MAC algorithm.
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
                                 psa_key_slot_t key,
@@ -1413,18 +1413,18 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
  * \param alg       The MAC algorithm to compute (\c PSA_ALG_XXX value
  *                  such that #PSA_ALG_IS_MAC(alg) is true).
  *
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
  *         Success.
- * \retval PSA_ERROR_EMPTY_SLOT
- * \retval PSA_ERROR_NOT_PERMITTED
- * \retval PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \c key is not compatible with \c alg.
- * \retval PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \c alg is not supported or is not a MAC algorithm.
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
                                   psa_key_slot_t key,
@@ -1490,18 +1490,18 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
  * \param alg       The cipher algorithm to compute (\c PSA_ALG_XXX value
  *                  such that #PSA_ALG_IS_CIPHER(alg) is true).
  *
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
  *         Success.
- * \retval PSA_ERROR_EMPTY_SLOT
- * \retval PSA_ERROR_NOT_PERMITTED
- * \retval PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \c key is not compatible with \c alg.
- * \retval PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \c alg is not supported or is not a cipher algorithm.
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
                                       psa_key_slot_t key,
@@ -1538,18 +1538,18 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
  * \param alg       The cipher algorithm to compute (\c PSA_ALG_XXX value
  *                  such that #PSA_ALG_IS_CIPHER(alg) is true).
  *
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
  *         Success.
- * \retval PSA_ERROR_EMPTY_SLOT
- * \retval PSA_ERROR_NOT_PERMITTED
- * \retval PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \c key is not compatible with \c alg.
- * \retval PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \c alg is not supported or is not a cipher algorithm.
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
                                       psa_key_slot_t key,
@@ -1632,18 +1632,18 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
  * \param ciphertext_length       On success, the size of the output
  *                                in the \b ciphertext buffer.
  *
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
  *         Success.
- * \retval PSA_ERROR_EMPTY_SLOT
- * \retval PSA_ERROR_NOT_PERMITTED
- * \retval PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \c key is not compatible with \c alg.
- * \retval PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \c alg is not supported or is not an AEAD algorithm.
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_aead_encrypt( psa_key_slot_t key,
                                psa_algorithm_t alg,
@@ -1683,20 +1683,20 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
  * \param plaintext_length        On success, the size of the output
  *                                in the \b plaintext buffer.
  *
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
  *         Success.
- * \retval PSA_ERROR_EMPTY_SLOT
- * \retval PSA_ERROR_INVALID_SIGNATURE
+ * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
  *         The ciphertext is not authentic.
- * \retval PSA_ERROR_NOT_PERMITTED
- * \retval PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         \c key is not compatible with \c alg.
- * \retval PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_NOT_SUPPORTED
  *         \c alg is not supported or is not an AEAD algorithm.
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_aead_decrypt( psa_key_slot_t key,
                                psa_algorithm_t alg,
@@ -1755,20 +1755,20 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
  * \param signature_length  On success, the number of bytes
  *                          that make up the returned signature value.
  *
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_BUFFER_TOO_SMALL
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \c signature buffer is too small. You can
  *         determine a sufficient buffer size by calling
  *         #PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg)
  *         where \c key_type and \c key_bits are the type and bit-size
  *         respectively of \c key.
- * \retval PSA_ERROR_NOT_SUPPORTED
- * \retval PSA_ERROR_INVALID_ARGUMENT
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
- * \retval PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
  */
 psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
                                  psa_algorithm_t alg,
@@ -1808,17 +1808,17 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
  * \param signature         Buffer containing the signature to verify.
  * \param signature_length  Size of the \c signature buffer in bytes.
  *
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
  *         The signature is valid.
- * \retval PSA_ERROR_INVALID_SIGNATURE
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
  *         The calculation was perfomed successfully, but the passed
  *         signature is not a valid signature.
- * \retval PSA_ERROR_NOT_SUPPORTED
- * \retval PSA_ERROR_INVALID_ARGUMENT
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
                                    psa_algorithm_t alg,
@@ -1860,20 +1860,20 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
  * \param output_length     On success, the number of bytes
  *                          that make up the returned output.
  *
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_BUFFER_TOO_SMALL
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \c output buffer is too small. You can
  *         determine a sufficient buffer size by calling
  *         #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg)
  *         where \c key_type and \c key_bits are the type and bit-size
  *         respectively of \c key.
- * \retval PSA_ERROR_NOT_SUPPORTED
- * \retval PSA_ERROR_INVALID_ARGUMENT
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
- * \retval PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
  */
 psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
                                     psa_algorithm_t alg,
@@ -1910,21 +1910,21 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
  * \param output_length     On success, the number of bytes
  *                          that make up the returned output.
  *
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_BUFFER_TOO_SMALL
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \c output buffer is too small. You can
  *         determine a sufficient buffer size by calling
  *         #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg)
  *         where \c key_type and \c key_bits are the type and bit-size
  *         respectively of \c key.
- * \retval PSA_ERROR_NOT_SUPPORTED
- * \retval PSA_ERROR_INVALID_ARGUMENT
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
- * \retval PSA_ERROR_INSUFFICIENT_ENTROPY
- * \retval PSA_ERROR_INVALID_PADDING
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval #PSA_ERROR_INVALID_PADDING
  */
 psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
                                     psa_algorithm_t alg,
@@ -1954,12 +1954,12 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
  * \param output            Output buffer for the generated data.
  * \param output_size       Number of bytes to generate and output.
  *
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_NOT_SUPPORTED
- * \retval PSA_ERROR_INSUFFICIENT_ENTROPY
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_generate_random(uint8_t *output,
                                  size_t output_size);
@@ -1979,8 +1979,8 @@ psa_status_t psa_generate_random(uint8_t *output,
  * \param parameters_size   Size of the buffer that \p parameters
  *                          points to, in bytes.
  *
- * For any symmetric key type (type such that
- * `PSA_KEY_TYPE_IS_ASYMMETRIC(type)` is false), \c parameters must be
+ * For any symmetric key type (a type such that
+ * #PSA_KEY_TYPE_IS_ASYMMETRIC(`type`) is false), \c parameters must be
  * \c NULL. For asymmetric key types defined by this specification,
  * the parameter type and the default parameters are defined by the
  * table below. For vendor-defined key types, the vendor documentation
@@ -1990,14 +1990,14 @@ psa_status_t psa_generate_random(uint8_t *output,
  * ---- | -------------- | ------- | ---------------------------------------
  * `PSA_KEY_TYPE_RSA_KEYPAIR` | `unsigned int` | Public exponent | 65537
  *
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_NOT_SUPPORTED
- * \retval PSA_ERROR_INVALID_ARGUMENT
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_INSUFFICIENT_ENTROPY
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_generate_key(psa_key_slot_t key,
                               psa_key_type_t type,

From 0cad07c2fb0f34b2ad8502433b0e387408e97e21 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 27 Jun 2018 19:49:02 +0200
Subject: [PATCH 318/889] New header crypto_sizes.h

This header will contain macros that calculate buffer sizes, whose
semantics are standardized but whose definitions are
implementation-specific because they depend on the available algorithms
and on some permitted buffer size tolerances.

Move size macros from crypto_struct.h to crypto_sizes.h, because these
definitions need to be available both in the frontend and in the
backend, whereas structures have different contents.
---
 include/psa/crypto.h        |  4 +++
 include/psa/crypto_sizes.h  | 50 +++++++++++++++++++++++++++++++++++++
 include/psa/crypto_struct.h |  8 ------
 3 files changed, 54 insertions(+), 8 deletions(-)
 create mode 100644 include/psa/crypto_sizes.h

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index dcf1ba227..8f3a7f039 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -2070,6 +2070,10 @@ psa_status_t psa_generate_key(psa_key_slot_t key,
 }
 #endif
 
+/* The file "crypto_sizes.h" contains definitions for size calculation
+ * macros whose definitions are implementation-specific. */
+#include "crypto_sizes.h"
+
 /* The file "crypto_struct.h" contains definitions for
  * implementation-specific structs that are declared above. */
 #include "crypto_struct.h"
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
new file mode 100644
index 000000000..1de26e6d6
--- /dev/null
+++ b/include/psa/crypto_sizes.h
@@ -0,0 +1,50 @@
+/**
+ * \file psa/crypto_sizes.h
+ *
+ * \brief PSA cryptography module: Mbed TLS buffer size macros
+ *
+ * This file contains the definitions of macros that are useful to
+ * compute buffer sizes. The signatures and semantics of these macros
+ * are standardized, but the definitions are not, because they depend on
+ * the available algorithms and, in some cases, on permitted tolerances
+ * on buffer sizes.
+ */
+/*
+ *  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_SIZES_H
+#define PSA_CRYPTO_SIZES_H
+
+/* Include the Mbed TLS configuration file, the way Mbed TLS does it
+ * in each of its header files. */
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "../mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_SHA512_C)
+#define PSA_HASH_MAX_SIZE 64
+#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128
+#else
+#define PSA_HASH_MAX_SIZE 32
+#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64
+#endif
+
+#endif /* PSA_CRYPTO_SIZES_H */
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 0dbd86c18..1935f9099 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -45,14 +45,6 @@
 #include "mbedtls/sha256.h"
 #include "mbedtls/sha512.h"
 
-#if defined(MBEDTLS_SHA512_C)
-#define PSA_HASH_MAX_SIZE 64
-#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128
-#else
-#define PSA_HASH_MAX_SIZE 32
-#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64
-#endif
-
 struct psa_hash_operation_s
 {
     psa_algorithm_t alg;

From ca45c35e65818ec2e2c13291053d2f7a20e709a0 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 26 Jun 2018 16:13:09 +0200
Subject: [PATCH 319/889] Fix exercise_signature_key for ECDSA

mbedtls_ecdsa_verify fails when the input is all-bits-zero (mbedtls
issue #1792). Use a different input.
---
 tests/suites/test_suite_psa_crypto.function | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 446af5a19..cb6da7f44 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -189,7 +189,7 @@ static int exercise_signature_key( psa_key_slot_t key,
                                    psa_key_usage_t usage,
                                    psa_algorithm_t alg )
 {
-    unsigned char payload[16] = {0};
+    unsigned char payload[16] = {1};
     size_t payload_length = sizeof( payload );
     unsigned char signature[256] = {0};
     size_t signature_length = sizeof( signature );

From 5d1888ebc547535294f20e9041680911b5d99e1b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 00:32:42 +0200
Subject: [PATCH 320/889] Rename PSA_ALG_STREAM_CIPHER ->
 PSA_ALG_STREAM_CIPHER_BASE

Follow the usual naming convention: PSA_ALG_xxx_BASE for a constant
that isn't an algorithm, just used to build one.
---
 include/psa/crypto.h | 5 +++--
 library/psa_crypto.c | 2 +-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index f1c836834..95fe42d69 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -610,13 +610,14 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_CFB_BASE                        ((psa_algorithm_t)0x04000002)
 #define PSA_ALG_OFB_BASE                        ((psa_algorithm_t)0x04000003)
 #define PSA_ALG_XTS_BASE                        ((psa_algorithm_t)0x04000004)
-#define PSA_ALG_STREAM_CIPHER                   ((psa_algorithm_t)0x04800000)
+
+#define PSA_ALG_STREAM_CIPHER_BASE              ((psa_algorithm_t)0x04800000)
 #define PSA_ALG_CTR                             ((psa_algorithm_t)0x04800001)
 #define PSA_ALG_ARC4                            ((psa_algorithm_t)0x04800002)
 
 #define PSA_ALG_IS_STREAM_CIPHER(alg)            \
     (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_SUBCATEGORY_MASK)) == \
-        PSA_ALG_STREAM_CIPHER)
+        PSA_ALG_STREAM_CIPHER_BASE)
 
 #define PSA_ALG_CCM                             ((psa_algorithm_t)0x06000001)
 #define PSA_ALG_GCM                             ((psa_algorithm_t)0x06000002)
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 9145a6df1..50a99904c 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1191,7 +1191,7 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
 
         switch( alg )
         {
-            case PSA_ALG_STREAM_CIPHER:
+            case PSA_ALG_STREAM_CIPHER_BASE:
                 mode = MBEDTLS_MODE_STREAM;
                 break;
             case PSA_ALG_CBC_BASE:

From 49cee6c582397a55a753bffe20acc52d84ef6327 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 27 Jun 2018 21:03:58 +0200
Subject: [PATCH 321/889] Move implementation-dependent size macros to
 crypto_sizes.h

Macros such as PSA_HASH_SIZE whose definitions can be the same
everywhere except in implementations that support non-standard
algorithms remain in crypto.h, at least for the time being.
---
 include/psa/crypto.h       | 110 -----------------------------------
 include/psa/crypto_sizes.h | 115 +++++++++++++++++++++++++++++++++++++
 2 files changed, 115 insertions(+), 110 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 8f3a7f039..e29a464de 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1333,28 +1333,6 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation);
  * as directed by the documentation of a specific implementation. */
 typedef struct psa_mac_operation_s psa_mac_operation_t;
 
-/** The size of the output of psa_mac_finish(), in bytes.
- *
- * This is also the MAC size that psa_mac_verify() expects.
- *
- * \param key_type      The type of the MAC key.
- * \param key_bits      The size of the MAC key in bits.
- * \param alg           A MAC algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_MAC(alg) is true).
- *
- * \return              The MAC size for the specified algorithm with
- *                      the specified key parameters.
- * \return              0 if the MAC algorithm is not recognized.
- * \return              Either 0 or the correct size for a MAC algorithm that
- *                      the implementation recognizes, but does not support.
- * \return              Unspecified if the key parameters are not consistent
- *                      with the algorithm.
- */
-#define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg)                     \
-    (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_HASH(alg)) : \
-     PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \
-     0)
-
 /** Start a multipart MAC operation.
  *
  * The sequence of operations to calculate a MAC (message authentication code)
@@ -1575,30 +1553,6 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
      (alg) == PSA_ALG_CCM ? 16 :           \
      0)
 
-/** The maximum size of the output of psa_aead_encrypt(), in bytes.
- *
- * If the size of the ciphertext buffer is at least this large, it is
- * guaranteed that psa_aead_encrypt() will not fail due to an
- * insufficient buffer size. Depending on the algorithm, the actual size of
- * the ciphertext may be smaller.
- *
- * \param alg                 An AEAD algorithm
- *                            (\c PSA_ALG_XXX value such that
- *                            #PSA_ALG_IS_AEAD(alg) is true).
- * \param plaintext_length    Size of the plaintext in bytes.
- *
- * \return                    The AEAD ciphertext size for the specified
- *                            algorithm.
- *                            If the AEAD algorithm is not recognized, return 0.
- *                            An implementation may return either 0 or a
- *                            correct size for an AEAD algorithm that it
- *                            recognizes, but does not support.
- */
-#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length)     \
-    (PSA_AEAD_TAG_SIZE(alg) != 0 ?                              \
-     (plaintext_length) + PSA_AEAD_TAG_SIZE(alg) :              \
-     0)
-
 /** Process an authenticated encryption operation.
  *
  * \param key                     Slot containing the key to use.
@@ -1652,30 +1606,6 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
                                size_t ciphertext_size,
                                size_t *ciphertext_length );
 
-/** The maximum size of the output of psa_aead_decrypt(), in bytes.
- *
- * If the size of the plaintext buffer is at least this large, it is
- * guaranteed that psa_aead_decrypt() will not fail due to an
- * insufficient buffer size. Depending on the algorithm, the actual size of
- * the plaintext may be smaller.
- *
- * \param alg                 An AEAD algorithm
- *                            (\c PSA_ALG_XXX value such that
- *                            #PSA_ALG_IS_AEAD(alg) is true).
- * \param ciphertext_length   Size of the plaintext in bytes.
- *
- * \return                    The AEAD ciphertext size for the specified
- *                            algorithm.
- *                            If the AEAD algorithm is not recognized, return 0.
- *                            An implementation may return either 0 or a
- *                            correct size for an AEAD algorithm that it
- *                            recognizes, but does not support.
- */
-#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length)    \
-    (PSA_AEAD_TAG_SIZE(alg) != 0 ?                              \
-     (plaintext_length) - PSA_AEAD_TAG_SIZE(alg) :              \
-     0)
-
 /** Process an authenticated decryption operation.
  *
  * \param key                     Slot containing the key to use.
@@ -1746,38 +1676,6 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
 #define PSA_ECDSA_SIGNATURE_SIZE(curve_bits)    \
     (PSA_BITS_TO_BYTES(curve_bits) * 2)
 
-/** Safe signature buffer size for psa_asymmetric_sign().
- *
- * This macro returns a safe buffer size for a signature using a key
- * of the specified type and size, with the specified algorithm.
- * Note that the actual size of the signature may be smaller
- * (some algorithms produce a variable-size signature).
- *
- * \warning This function may call its arguments multiple times or
- *          zero times, so you should not pass arguments that contain
- *          side effects.
- *
- * \param key_type  An asymmetric key type (this may indifferently be a
- *                  key pair type or a public key type).
- * \param key_bits  The size of the key in bits.
- * \param alg       The signature algorithm.
- *
- * \return If the parameters are valid and supported, return
- *         a buffer size in bytes that guarantees that
- *         psa_asymmetric_sign() will not fail with
- *         #PSA_ERROR_BUFFER_TOO_SMALL.
- *         If the parameters are a valid combination that is not supported
- *         by the implementation, this macro either shall return either a
- *         sensible size or 0.
- *         If the parameters are not valid, the
- *         return value is unspecified.
- *
- */
-#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg)        \
-    (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \
-     PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \
-     ((void)alg, 0))
-
 /**
  * \brief Sign a hash or short message with a private key.
  *
@@ -1880,18 +1778,10 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
                                    const uint8_t *signature,
                                    size_t signature_length);
 
-#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg)     \
-    (PSA_KEY_TYPE_IS_RSA(key_type) ?                                    \
-     ((void)alg, PSA_BITS_TO_BYTES(key_bits)) :                         \
-     0)
 #define PSA_RSA_MINIMUM_PADDING_SIZE(alg)                               \
     (PSA_ALG_IS_RSA_OAEP_MGF1(alg) ?                                    \
      2 * PSA_HASH_FINAL_SIZE(PSA_ALG_RSA_GET_HASH(alg)) + 1 :           \
      11 /*PKCS#1v1.5*/)
-#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg)     \
-    (PSA_KEY_TYPE_IS_RSA(key_type) ?                                    \
-     PSA_BITS_TO_BYTES(key_bits) - PSA_RSA_MINIMUM_PADDING_SIZE(alg) :  \
-     0)
 
 /**
  * \brief Encrypt a short message with a public key.
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index 1de26e6d6..d7eab4e61 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -8,6 +8,9 @@
  * are standardized, but the definitions are not, because they depend on
  * the available algorithms and, in some cases, on permitted tolerances
  * on buffer sizes.
+ *
+ * Macros that compute sizes whose values do not depend on the
+ * implementation are in crypto.h.
  */
 /*
  *  Copyright (C) 2018, ARM Limited, All Rights Reserved
@@ -47,4 +50,116 @@
 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64
 #endif
 
+
+/** The size of the output of psa_mac_finish(), in bytes.
+ *
+ * This is also the MAC size that psa_mac_verify() expects.
+ *
+ * \param key_type      The type of the MAC key.
+ * \param key_bits      The size of the MAC key in bits.
+ * \param alg           A MAC algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_MAC(alg) is true).
+ *
+ * \return              The MAC size for the specified algorithm with
+ *                      the specified key parameters.
+ * \return              0 if the MAC algorithm is not recognized.
+ * \return              Either 0 or the correct size for a MAC algorithm that
+ *                      the implementation recognizes, but does not support.
+ * \return              Unspecified if the key parameters are not consistent
+ *                      with the algorithm.
+ */
+#define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg)                     \
+    (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_HASH(alg)) : \
+     PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \
+     0)
+
+/** The maximum size of the output of psa_aead_encrypt(), in bytes.
+ *
+ * If the size of the ciphertext buffer is at least this large, it is
+ * guaranteed that psa_aead_encrypt() will not fail due to an
+ * insufficient buffer size. Depending on the algorithm, the actual size of
+ * the ciphertext may be smaller.
+ *
+ * \param alg                 An AEAD algorithm
+ *                            (\c PSA_ALG_XXX value such that
+ *                            #PSA_ALG_IS_AEAD(alg) is true).
+ * \param plaintext_length    Size of the plaintext in bytes.
+ *
+ * \return                    The AEAD ciphertext size for the specified
+ *                            algorithm.
+ *                            If the AEAD algorithm is not recognized, return 0.
+ *                            An implementation may return either 0 or a
+ *                            correct size for an AEAD algorithm that it
+ *                            recognizes, but does not support.
+ */
+#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length)     \
+    (PSA_AEAD_TAG_SIZE(alg) != 0 ?                              \
+     (plaintext_length) + PSA_AEAD_TAG_SIZE(alg) :              \
+     0)
+
+/** The maximum size of the output of psa_aead_decrypt(), in bytes.
+ *
+ * If the size of the plaintext buffer is at least this large, it is
+ * guaranteed that psa_aead_decrypt() will not fail due to an
+ * insufficient buffer size. Depending on the algorithm, the actual size of
+ * the plaintext may be smaller.
+ *
+ * \param alg                 An AEAD algorithm
+ *                            (\c PSA_ALG_XXX value such that
+ *                            #PSA_ALG_IS_AEAD(alg) is true).
+ * \param ciphertext_length   Size of the plaintext in bytes.
+ *
+ * \return                    The AEAD ciphertext size for the specified
+ *                            algorithm.
+ *                            If the AEAD algorithm is not recognized, return 0.
+ *                            An implementation may return either 0 or a
+ *                            correct size for an AEAD algorithm that it
+ *                            recognizes, but does not support.
+ */
+#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length)    \
+    (PSA_AEAD_TAG_SIZE(alg) != 0 ?                              \
+     (plaintext_length) - PSA_AEAD_TAG_SIZE(alg) :              \
+     0)
+
+/** Safe signature buffer size for psa_asymmetric_sign().
+ *
+ * This macro returns a safe buffer size for a signature using a key
+ * of the specified type and size, with the specified algorithm.
+ * Note that the actual size of the signature may be smaller
+ * (some algorithms produce a variable-size signature).
+ *
+ * \warning This function may call its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * \param key_type  An asymmetric key type (this may indifferently be a
+ *                  key pair type or a public key type).
+ * \param key_bits  The size of the key in bits.
+ * \param alg       The signature algorithm.
+ *
+ * \return If the parameters are valid and supported, return
+ *         a buffer size in bytes that guarantees that
+ *         psa_asymmetric_sign() will not fail with
+ *         #PSA_ERROR_BUFFER_TOO_SMALL.
+ *         If the parameters are a valid combination that is not supported
+ *         by the implementation, this macro either shall return either a
+ *         sensible size or 0.
+ *         If the parameters are not valid, the
+ *         return value is unspecified.
+ *
+ */
+#define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg)        \
+    (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \
+     PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \
+     ((void)alg, 0))
+
+#define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg)     \
+    (PSA_KEY_TYPE_IS_RSA(key_type) ?                                    \
+     ((void)alg, PSA_BITS_TO_BYTES(key_bits)) :                         \
+     0)
+#define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg)     \
+    (PSA_KEY_TYPE_IS_RSA(key_type) ?                                    \
+     PSA_BITS_TO_BYTES(key_bits) - PSA_RSA_MINIMUM_PADDING_SIZE(alg) :  \
+     0)
+
 #endif /* PSA_CRYPTO_SIZES_H */

From eae6eee24c1c09839efcbaf38669073fc6239fa9 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 28 Jun 2018 13:56:01 +0200
Subject: [PATCH 322/889] Change ECDSA signature representation to r||s

Change the representation of an ECDSA signature from the ASN.1 DER
encoding used in TLS and X.509, to the concatenation of r and s
in big-endian order with a fixed size. A fixed size helps memory and
buffer management and this representation is generally easier to use
for anything that doesn't require the ASN.1 representation. This is
the same representation as PKCS#11 (Cryptoki) except that PKCS#11
allows r and s to be truncated (both to the same length), which
complicates the implementation and negates the advantage of a
fixed-size representation.
---
 include/psa/crypto.h                    | 39 ++++-------
 library/psa_crypto.c                    | 86 +++++++++++++++----------
 tests/suites/test_suite_psa_crypto.data | 14 ++--
 3 files changed, 75 insertions(+), 64 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 2f972d37d..dcf1ba227 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -698,6 +698,12 @@ typedef uint32_t psa_algorithm_t;
  * This is the ECDSA signature scheme defined by ANSI X9.62,
  * with a random per-message secret number (*k*).
  *
+ * The representation of the signature as a byte string consists of
+ * the concatentation of the signature values *r* and *s*. Each of
+ * *r* and *s* is encoded as an *N*-octet string, where *N* is the length
+ * of the base point of the curve in octets. Each value is represented
+ * in big-endian order (most significant octet first).
+ *
  * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
  *                      #PSA_ALG_IS_HASH(alg) is true).
  *
@@ -709,7 +715,7 @@ typedef uint32_t psa_algorithm_t;
     (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
 /** ECDSA signature without hashing.
  *
- * This is the signature scheme defined by ANSI X9.62,
+ * This is the same signature scheme as #PSA_ALG_ECDSA(), but
  * without specifying a hash algorithm. This algorithm may only be
  * used to sign or verify a sequence of bytes that should be an
  * already-calculated hash. Note that the input is padded with
@@ -722,6 +728,8 @@ typedef uint32_t psa_algorithm_t;
  *
  * This is the deterministic ECDSA signature scheme defined by RFC 6979.
  *
+ * The representation of a signature is the same as with #PSA_ALG_ECDSA().
+ *
  * Note that when this algorithm is used for verification, signatures
  * made with randomized ECDSA (#PSA_ALG_ECDSA(\c hash_alg)) with the
  * same private key are accepted. In other words,
@@ -1728,34 +1736,15 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
  */
 
 /**
- * \brief Maximum ECDSA signature size for a given curve bit size
+ * \brief ECDSA signature size for a given curve bit size
  *
- * \param curve_bits    Curve size in bits
- * \return              Maximum signature size in bytes
+ * \param curve_bits    Curve size in bits.
+ * \return              Signature size in bytes.
  *
  * \note This macro returns a compile-time constant if its argument is one.
- *
- * \warning This macro may evaluate its argument multiple times.
  */
-/*
- * RFC 4492 page 20:
- *
- *     Ecdsa-Sig-Value ::= SEQUENCE {
- *         r       INTEGER,
- *         s       INTEGER
- *     }
- *
- * Size is at most
- *    1 (tag) + 1 (len) + 1 (initial 0) + curve_bytes for each of r and s,
- *    twice that + 1 (tag) + 2 (len) for the sequence
- * (assuming curve_bytes is less than 126 for r and s,
- * and less than 124 (total len <= 255) for the sequence)
- */
-#define PSA_ECDSA_SIGNATURE_SIZE(curve_bits)                          \
-    ( /*T,L of SEQUENCE*/ ((curve_bits) >= 61 * 8 ? 3 : 2) +          \
-      /*T,L of r,s*/       2 * (((curve_bits) >= 127 * 8 ? 3 : 2) +   \
-      /*V of r,s*/               ((curve_bits) + 8) / 8))
-
+#define PSA_ECDSA_SIGNATURE_SIZE(curve_bits)    \
+    (PSA_BITS_TO_BYTES(curve_bits) * 2)
 
 /** Safe signature buffer size for psa_asymmetric_sign().
  *
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ffc587a1e..9454f478c 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -40,7 +40,6 @@
 
 #include "mbedtls/arc4.h"
 #include "mbedtls/asn1.h"
-#include "mbedtls/asn1write.h"
 #include "mbedtls/bignum.h"
 #include "mbedtls/blowfish.h"
 #include "mbedtls/camellia.h"
@@ -1640,28 +1639,6 @@ static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
 }
 
 #if defined(MBEDTLS_ECDSA_C)
-/* Temporary copy from ecdsa.c */
-static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s,
-                                    unsigned char *sig, size_t *slen )
-{
-    int ret;
-    unsigned char buf[MBEDTLS_ECDSA_MAX_LEN];
-    unsigned char *p = buf + sizeof( buf );
-    size_t len = 0;
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, s ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, r ) );
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, buf, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, buf,
-                                       MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
-
-    memcpy( sig, p, len );
-    *slen = len;
-
-    return( 0 );
-}
-
 /* `ecp` cannot be const because `ecp->grp` needs to be non-const
  * for mbedtls_ecdsa_sign() and mbedtls_ecdsa_sign_det()
  * (even though these functions don't modify it). */
@@ -1675,11 +1652,16 @@ static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp,
 {
     int ret;
     mbedtls_mpi r, s;
+    size_t curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits );
     mbedtls_mpi_init( &r );
     mbedtls_mpi_init( &s );
 
-    if( signature_size < PSA_ECDSA_SIGNATURE_SIZE( ecp->grp.pbits ) )
-        return( PSA_ERROR_BUFFER_TOO_SMALL );
+    *signature_length = 0;
+    if( signature_size < 2 * curve_bytes )
+    {
+        ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
+        goto cleanup;
+    }
 
     if( PSA_ALG_DSA_IS_DETERMINISTIC( alg ) )
     {
@@ -1697,8 +1679,48 @@ static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp,
                                              mbedtls_ctr_drbg_random,
                                              &global_data.ctr_drbg ) );
     }
-    MBEDTLS_MPI_CHK( ecdsa_signature_to_asn1( &r, &s,
-                                              signature, signature_length ) );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &r,
+                                               signature,
+                                               curve_bytes ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &s,
+                                               signature + curve_bytes,
+                                               curve_bytes ) );
+
+cleanup:
+    mbedtls_mpi_free( &r );
+    mbedtls_mpi_free( &s );
+    if( ret == 0 )
+        *signature_length = 2 * curve_bytes;
+    memset( signature + *signature_length, 0,
+            signature_size - *signature_length );
+    return( mbedtls_to_psa_error( ret ) );
+}
+
+static psa_status_t psa_ecdsa_verify( mbedtls_ecp_keypair *ecp,
+                                      const uint8_t *hash,
+                                      size_t hash_length,
+                                      const uint8_t *signature,
+                                      size_t signature_length )
+{
+    int ret;
+    mbedtls_mpi r, s;
+    size_t curve_bytes = PSA_BITS_TO_BYTES( ecp->grp.pbits );
+    mbedtls_mpi_init( &r );
+    mbedtls_mpi_init( &s );
+
+    if( signature_length != 2 * curve_bytes )
+        return( PSA_ERROR_INVALID_SIGNATURE );
+
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &r,
+                                              signature,
+                                              curve_bytes ) );
+    MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &s,
+                                              signature + curve_bytes,
+                                              curve_bytes ) );
+
+    ret = mbedtls_ecdsa_verify( &ecp->grp, hash, hash_length,
+                                &ecp->Q, &r, &s );
 
 cleanup:
     mbedtls_mpi_free( &r );
@@ -1883,13 +1905,9 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
     {
 #if defined(MBEDTLS_ECDSA_C)
         if( PSA_ALG_IS_ECDSA( alg ) )
-        {
-            int ret;
-            ret = mbedtls_ecdsa_read_signature( slot->data.ecp,
-                                                hash, hash_length,
-                                                signature, signature_length );
-            return( mbedtls_to_psa_error( ret ) );
-        }
+            return( psa_ecdsa_verify( slot->data.ecp,
+                                      hash, hash_length,
+                                      signature, signature_length ) );
         else
 #endif /* defined(MBEDTLS_ECDSA_C) */
         {
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 2f9035438..1181fcd92 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -532,7 +532,7 @@ sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84
 
 PSA sign: deterministic ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
-sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
 PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size
 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT
@@ -542,7 +542,7 @@ sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5
 
 PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":10:PSA_ERROR_BUFFER_TOO_SMALL
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL
 
 PSA sign: deterministic ECDSA SECP256R1, invalid hash
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
@@ -562,11 +562,15 @@ asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396
 
 PSA verify: ECDSA SECP256R1, good
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
-PSA verify: ECDSA SECP256R1, wrong signature
+PSA verify: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded)
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE
+asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE
+
+PSA verify: ECDSA SECP256R1, wrong signature of correct size
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE
 
 PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #1
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15

From 5ce3e59dfe3d79e2a0196cea426bd9fdf25be492 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 00:35:06 +0200
Subject: [PATCH 323/889] Doc: PSA_ALG_IS_HASH is unspecified if alg is not
 *supported*

---
 include/psa/crypto.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 95fe42d69..fb7edf83c 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -531,7 +531,7 @@ typedef uint32_t psa_algorithm_t;
  * \param alg An algorithm identifier (value of type #psa_algorithm_t).
  *
  * \return 1 if \c alg is a hash algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a valid
+ *         This macro may return either 0 or 1 if \c alg is not a supported
  *         algorithm identifier.
  */
 #define PSA_ALG_IS_HASH(alg)                                            \

From af3baabd058559821afab7d3d44c5c7253f0c9bc Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 27 Jun 2018 22:55:52 +0200
Subject: [PATCH 324/889] Define max sizes for MAC and signatures

This requires defining a maximum RSA key size, since the RSA key size
is the signature size. Enforce the maximum RSA key size when importing
or generating a key.
---
 include/psa/crypto_sizes.h | 83 ++++++++++++++++++++++++++++++++++++++
 library/psa_crypto.c       | 14 ++++---
 2 files changed, 92 insertions(+), 5 deletions(-)

diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index d7eab4e61..f4d2cd839 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -42,6 +42,14 @@
 #include MBEDTLS_CONFIG_FILE
 #endif
 
+/** \def PSA_HASH_MAX_SIZE
+ *
+ * Maximum size of a hash.
+ *
+ * This macro must expand to a compile-time constant integer. This value
+ * should be the maximum size of a hash supported by the implementation,
+ * in bytes, and must be no smaller than this maximum.
+ */
 #if defined(MBEDTLS_SHA512_C)
 #define PSA_HASH_MAX_SIZE 64
 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128
@@ -50,6 +58,81 @@
 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64
 #endif
 
+/** \def PSA_MAC_MAX_SIZE
+ *
+ * Maximum size of a MAC.
+ *
+ * This macro must expand to a compile-time constant integer. This value
+ * should be the maximum size of a MAC supported by the implementation,
+ * in bytes, and must be no smaller than this maximum.
+ */
+/* All non-HMAC MACs have a maximum size that's smaller than the
+ * minimum possible value of PSA_HASH_MAX_SIZE in this implementation. */
+#define PSA_MAC_MAX_SIZE PSA_HASH_MAX_SIZE
+
+/* The maximum size of an RSA key on this implementation, in bits.
+ * This is a vendor-specific macro.
+ *
+ * Mbed TLS does not set a hard limit on the size of RSA keys: any key
+ * whose parameters fit in a bignum is accepted. However large keys can
+ * induce a large memory usage and long computation times. Unlike other
+ * auxiliary macros in this file and in crypto.h, which reflect how the
+ * library is configured, this macro defines how the library is
+ * configured. This implementation refuses to import or generate an
+ * RSA key whose size is larger than the value defined here.
+ *
+ * Note that an implementation may set different size limits for different
+ * operations, and does not need to accept all key sizes up to the limit. */
+#define PSA_VENDOR_RSA_MAX_KEY_BITS 4096
+
+/* The maximum size of an ECC key on this implementation, in bits.
+ * This is a vendor-specific macro. */
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 521
+#elif defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 512
+#elif defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 448
+#elif defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 384
+#elif defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 384
+#elif defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256
+#elif defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256
+#elif defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256
+#elif defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 255
+#elif defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 224
+#elif defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 224
+#elif defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 192
+#elif defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 192
+#else
+#define PSA_VENDOR_ECC_MAX_CURVE_BITS 0
+#endif
+
+/** \def PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE
+ *
+ * Maximum size of an asymmetric signature.
+ *
+ * This macro must expand to a compile-time constant integer. This value
+ * should be the maximum size of a MAC supported by the implementation,
+ * in bytes, and must be no smaller than this maximum.
+ */
+#define PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE                               \
+    PSA_BITS_TO_BYTES(                                                  \
+        PSA_VENDOR_RSA_MAX_KEY_BITS > PSA_VENDOR_ECC_MAX_CURVE_BITS ?   \
+        PSA_VENDOR_RSA_MAX_KEY_BITS :                                   \
+        PSA_VENDOR_ECC_MAX_CURVE_BITS                                   \
+        )
+
+
 
 /** The size of the output of psa_mac_finish(), in bytes.
  *
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 1d8eb506d..8ce668ce3 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -502,7 +502,13 @@ psa_status_t psa_import_key( psa_key_slot_t key,
             case MBEDTLS_PK_RSA:
                 if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
                     type == PSA_KEY_TYPE_RSA_KEYPAIR )
-                    slot->data.rsa = mbedtls_pk_rsa( pk );
+                {
+                    mbedtls_rsa_context *rsa = mbedtls_pk_rsa( pk );
+                    size_t bits = mbedtls_rsa_get_bitlen( rsa );
+                    if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
+                        return( PSA_ERROR_NOT_SUPPORTED );
+                    slot->data.rsa = rsa;
+                }
                 else
                     status = PSA_ERROR_INVALID_ARGUMENT;
                 break;
@@ -1579,10 +1585,6 @@ psa_status_t psa_mac_finish( psa_mac_operation_t *operation,
                                      mac_size, mac_length ) );
 }
 
-#define PSA_MAC_MAX_SIZE                                \
-    ( MBEDTLS_MD_MAX_SIZE > MBEDTLS_MAX_BLOCK_LENGTH ?  \
-      MBEDTLS_MD_MAX_SIZE :                             \
-      MBEDTLS_MAX_BLOCK_LENGTH )
 psa_status_t psa_mac_verify( psa_mac_operation_t *operation,
                              const uint8_t *mac,
                              size_t mac_length )
@@ -2862,6 +2864,8 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
         mbedtls_rsa_context *rsa;
         int ret;
         int exponent = 65537;
+        if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
+            return( PSA_ERROR_NOT_SUPPORTED );
         if( parameters != NULL )
         {
             const unsigned *p = parameters;

From d35a1cce7f20b3d6a28813961e46331e3e371d4d Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 26 Jun 2018 21:26:10 +0200
Subject: [PATCH 325/889] Correct the documentation of mem_is_zero

---
 tests/suites/test_suite_psa_crypto.function | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index cb6da7f44..2fba85414 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -11,7 +11,7 @@
 /** An invalid export length that will never be set by psa_export_key(). */
 static const size_t INVALID_EXPORT_LENGTH = ~0U;
 
-/** Test if a buffer is not all-bits zero.
+/** Test if a buffer is all-bits zero.
  *
  * \param buffer    Pointer to the beginning of the buffer.
  * \param size      Size of the buffer in bytes.

From dcd149432700c971d2709eb1533f4b5896d448c9 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 00:30:52 +0200
Subject: [PATCH 326/889] Doc: write documentation for many macros and
 functions

As of this commit, all #identifier links in the documentation are resolved.
---
 include/psa/crypto.h       | 437 +++++++++++++++++++++++++++++++++++++
 include/psa/crypto_sizes.h |  54 ++++-
 2 files changed, 490 insertions(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index fb7edf83c..34ab8e112 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -339,11 +339,13 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_VENDOR_FLAG                ((psa_key_type_t)0x80000000)
 
 #define PSA_KEY_TYPE_CATEGORY_MASK              ((psa_key_type_t)0x7e000000)
+
 /** Raw data.
  *
  * A "key" of this type cannot be used for any cryptographic operation.
  * Applications may use this type to store arbitrary data in the keystore. */
 #define PSA_KEY_TYPE_RAW_DATA                   ((psa_key_type_t)0x02000000)
+
 #define PSA_KEY_TYPE_CATEGORY_SYMMETRIC         ((psa_key_type_t)0x04000000)
 #define PSA_KEY_TYPE_CATEGORY_ASYMMETRIC        ((psa_key_type_t)0x06000000)
 #define PSA_KEY_TYPE_PAIR_FLAG                  ((psa_key_type_t)0x01000000)
@@ -357,12 +359,14 @@ typedef uint32_t psa_key_type_t;
  * This size can be calculated with #PSA_HASH_SIZE(`alg`) where
  * `alg` is the HMAC algorithm or the underlying hash algorithm. */
 #define PSA_KEY_TYPE_HMAC                       ((psa_key_type_t)0x02000001)
+
 /** Key for an cipher, AEAD or MAC algorithm based on the AES block cipher.
  *
  * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or
  * 32 bytes (AES-256).
  */
 #define PSA_KEY_TYPE_AES                        ((psa_key_type_t)0x04000001)
+
 /** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES).
  *
  * The size of the key can be 8 bytes (single DES), 16 bytes (2-key 3DES) or
@@ -373,9 +377,11 @@ typedef uint32_t psa_key_type_t;
  * is weak and deprecated and should only be used in legacy protocols.
  */
 #define PSA_KEY_TYPE_DES                        ((psa_key_type_t)0x04000002)
+
 /** Key for an cipher, AEAD or MAC algorithm based on the
  * Camellia block cipher. */
 #define PSA_KEY_TYPE_CAMELLIA                   ((psa_key_type_t)0x04000003)
+
 /** Key for the RC4 stream cipher.
  *
  * Note that RC4 is weak and deprecated and should only be used in
@@ -386,15 +392,19 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_RSA_PUBLIC_KEY             ((psa_key_type_t)0x06010000)
 /** RSA key pair (private and public key). */
 #define PSA_KEY_TYPE_RSA_KEYPAIR                ((psa_key_type_t)0x07010000)
+
 /** DSA public key. */
 #define PSA_KEY_TYPE_DSA_PUBLIC_KEY             ((psa_key_type_t)0x06020000)
 /** DSA key pair (private and public key). */
 #define PSA_KEY_TYPE_DSA_KEYPAIR                ((psa_key_type_t)0x07020000)
+
 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE        ((psa_key_type_t)0x06030000)
 #define PSA_KEY_TYPE_ECC_KEYPAIR_BASE           ((psa_key_type_t)0x07030000)
 #define PSA_KEY_TYPE_ECC_CURVE_MASK             ((psa_key_type_t)0x0000ffff)
+/** Elliptic curve key pair. */
 #define PSA_KEY_TYPE_ECC_KEYPAIR(curve)         \
     (PSA_KEY_TYPE_ECC_KEYPAIR_BASE | (curve))
+/** Elliptic curve public key. */
 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve)              \
     (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
 
@@ -526,6 +536,7 @@ typedef uint32_t psa_algorithm_t;
 
 #define PSA_ALG_IS_VENDOR_DEFINED(alg)                                  \
     (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
+
 /** Whether the specified algorithm is a hash algorithm.
  *
  * \param alg An algorithm identifier (value of type #psa_algorithm_t).
@@ -536,18 +547,82 @@ typedef uint32_t psa_algorithm_t;
  */
 #define PSA_ALG_IS_HASH(alg)                                            \
     (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
+
+/** Whether the specified algorithm is a MAC algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a MAC algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         algorithm identifier.
+ */
 #define PSA_ALG_IS_MAC(alg)                                             \
     (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC)
+
+/** Whether the specified algorithm is a symmetric cipher algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a symmetric cipher algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         algorithm identifier.
+ */
 #define PSA_ALG_IS_CIPHER(alg)                                          \
     (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER)
+
+/** Whether the specified algorithm is an authenticated encryption
+ * with associated data (AEAD) algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is an AEAD algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         algorithm identifier.
+ */
 #define PSA_ALG_IS_AEAD(alg)                                            \
     (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD)
+
+/** Whether the specified algorithm is a public-key signature algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a public-key signature algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         algorithm identifier.
+ */
 #define PSA_ALG_IS_SIGN(alg)                                            \
     (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN)
+
+/** Whether the specified algorithm is a public-key encryption algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a public-key encryption algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         algorithm identifier.
+ */
 #define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)                           \
     (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION)
+
+/** Whether the specified algorithm is a key agreement algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a key agreement algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         algorithm identifier.
+ */
 #define PSA_ALG_IS_KEY_AGREEMENT(alg)                                   \
     (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT)
+
+/** Whether the specified algorithm is a key derivation algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a key derivation algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         algorithm identifier.
+ */
 #define PSA_ALG_IS_KEY_DERIVATION(alg)                                  \
     (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION)
 
@@ -583,15 +658,35 @@ typedef uint32_t psa_algorithm_t;
  */
 #define PSA_ALG_HMAC(hash_alg)                                  \
     (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+
 #define PSA_ALG_HMAC_HASH(hmac_alg)                             \
     (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
+
+/** Whether the specified algorithm is an HMAC algorithm.
+ *
+ * HMAC is a family of MAC algorithms that are based on a hash function.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is an HMAC algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         algorithm identifier.
+ */
 #define PSA_ALG_IS_HMAC(alg)                                            \
     (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
      PSA_ALG_HMAC_BASE)
+
 #define PSA_ALG_CIPHER_MAC_BASE                 ((psa_algorithm_t)0x02c00000)
 #define PSA_ALG_CBC_MAC                         ((psa_algorithm_t)0x02c00001)
 #define PSA_ALG_CMAC                            ((psa_algorithm_t)0x02c00002)
 #define PSA_ALG_GMAC                            ((psa_algorithm_t)0x02c00003)
+
+/** Whether the specified algorithm is a MAC algorithm based on a block cipher.
+ *
+ * \return 1 if \c alg is a MAC algorithm based on a block cipher, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         algorithm identifier.
+ */
 #define PSA_ALG_IS_CIPHER_MAC(alg)                                      \
     (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
      PSA_ALG_CIPHER_MAC_BASE)
@@ -600,21 +695,71 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_BLOCK_CIPHER_BASE               ((psa_algorithm_t)0x04000000)
 #define PSA_ALG_BLOCK_CIPHER_MODE_MASK          ((psa_algorithm_t)0x000000ff)
 #define PSA_ALG_BLOCK_CIPHER_PADDING_MASK       ((psa_algorithm_t)0x003f0000)
+
+/** Use a block cipher mode without padding.
+ *
+ * This padding mode may only be used with messages whose lengths are a
+ * whole number of blocks for the chosen block cipher.
+ */
 #define PSA_ALG_BLOCK_CIPHER_PAD_NONE           ((psa_algorithm_t)0x00000000)
 #define PSA_ALG_BLOCK_CIPHER_PAD_PKCS7          ((psa_algorithm_t)0x00010000)
+
+/** Whether the specified algorithm is a block cipher.
+ *
+ * A block cipher is a symmetric cipher that encrypts or decrypts messages
+ * by chopping them into fixed-size blocks. Processing a message requires
+ * applying a _padding mode_ to transform the message into one whose
+ * length is a whole number of blocks. To construct an algorithm
+ * identifier for a block cipher, apply a bitwise-or between the block
+ * cipher mode and the padding mode. For example, CBC with PKCS#7 padding
+ * is `PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7`.
+ *
+ * The transformation applied to each block is determined by the key type.
+ * For example, to use AES-128-CBC-PKCS7, use the algorithm above with
+ * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes).
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a block cipher algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         algorithm identifier or if it is not a symmetric cipher algorithm.
+ */
 #define PSA_ALG_IS_BLOCK_CIPHER(alg)            \
     (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_SUBCATEGORY_MASK)) == \
         PSA_ALG_BLOCK_CIPHER_BASE)
 
+/** The CBC block cipher mode.
+ */
 #define PSA_ALG_CBC_BASE                        ((psa_algorithm_t)0x04000001)
 #define PSA_ALG_CFB_BASE                        ((psa_algorithm_t)0x04000002)
 #define PSA_ALG_OFB_BASE                        ((psa_algorithm_t)0x04000003)
 #define PSA_ALG_XTS_BASE                        ((psa_algorithm_t)0x04000004)
 
 #define PSA_ALG_STREAM_CIPHER_BASE              ((psa_algorithm_t)0x04800000)
+/** The CTR stream cipher mode.
+ *
+ * CTR is a stream cipher which is built from a block cipher. The
+ * underlying block cipher is determined by the key type. For example,
+ * to use AES-128-CTR, use this algorithm with
+ * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes).
+ */
 #define PSA_ALG_CTR                             ((psa_algorithm_t)0x04800001)
+/** The ARC4 stream cipher algorithm.
+ */
 #define PSA_ALG_ARC4                            ((psa_algorithm_t)0x04800002)
 
+/** Whether the specified algorithm is a stream cipher.
+ *
+ * A stream cipher is a symmetric cipher that encrypts or decrypts messages
+ * by applying a bitwise-xor with a stream of bytes that is generated
+ * from a key.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a stream cipher algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         algorithm identifier or if it is not a symmetric cipher algorithm.
+ */
 #define PSA_ALG_IS_STREAM_CIPHER(alg)            \
     (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_SUBCATEGORY_MASK)) == \
         PSA_ALG_STREAM_CIPHER_BASE)
@@ -647,6 +792,7 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE
 #define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)                               \
     (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
+
 #define PSA_ALG_RSA_PSS_BASE               ((psa_algorithm_t)0x10030000)
 /** RSA PSS signature with hashing.
  *
@@ -777,8 +923,25 @@ typedef uint32_t psa_algorithm_t;
      ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH :             \
      0)
 
+/** RSA PKCS#1 v1.5 encryption.
+ */
 #define PSA_ALG_RSA_PKCS1V15_CRYPT              ((psa_algorithm_t)0x12020000)
+
 #define PSA_ALG_RSA_OAEP_BASE                   ((psa_algorithm_t)0x12030000)
+/** RSA OAEP encryption.
+ *
+ * This is the encryption scheme defined by RFC 8017
+ * (PKCS#1: RSA Cryptography Specifications) under the name
+ * RSAES-OAEP, with the message generation function MGF1.
+ *
+ * \param hash_alg      The hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true) to use
+ *                      for MGF1.
+ *
+ * \return              The corresponding RSA OAEP signature algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      hash algorithm.
+ */
 #define PSA_ALG_RSA_OAEP(hash_alg)                              \
     (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
 #define PSA_ALG_IS_RSA_OAEP(alg)                                \
@@ -979,24 +1142,42 @@ typedef uint32_t psa_key_usage_t;
 #define PSA_KEY_USAGE_EXPORT                    ((psa_key_usage_t)0x00000001)
 
 /** Whether the key may be used to encrypt a message.
+ *
+ * This flag allows the key to be used for a symmetric encryption operation,
+ * for an AEAD encryption-and-authentication operation,
+ * or for an asymmetric encryption operation,
+ * if otherwise permitted by the key's type and policy.
  *
  * For a key pair, this concerns the public key.
  */
 #define PSA_KEY_USAGE_ENCRYPT                   ((psa_key_usage_t)0x00000100)
 
 /** Whether the key may be used to decrypt a message.
+ *
+ * This flag allows the key to be used for a symmetric decryption operation,
+ * for an AEAD decryption-and-verification operation,
+ * or for an asymmetric decryption operation,
+ * if otherwise permitted by the key's type and policy.
  *
  * For a key pair, this concerns the private key.
  */
 #define PSA_KEY_USAGE_DECRYPT                   ((psa_key_usage_t)0x00000200)
 
 /** Whether the key may be used to sign a message.
+ *
+ * This flag allows the key to be used for a MAC calculation operation
+ * or for an asymmetric signature operation,
+ * if otherwise permitted by the key's type and policy.
  *
  * For a key pair, this concerns the private key.
  */
 #define PSA_KEY_USAGE_SIGN                      ((psa_key_usage_t)0x00000400)
 
 /** Whether the key may be used to verify a message signature.
+ *
+ * This flag allows the key to be used for a MAC verification operation
+ * or for an asymmetric signature verification operation,
+ * if otherwise permitted by by the key's type and policy.
  *
  * For a key pair, this concerns the public key.
  */
@@ -1023,8 +1204,10 @@ void psa_key_policy_set_usage(psa_key_policy_t *policy,
                               psa_key_usage_t usage,
                               psa_algorithm_t alg);
 
+/** \brief Retrieve the usage field of a policy structure. */
 psa_key_usage_t psa_key_policy_get_usage(psa_key_policy_t *policy);
 
+/** \brief Retrieve the algorithm field of a policy structure. */
 psa_algorithm_t psa_key_policy_get_algorithm(psa_key_policy_t *policy);
 
 /** \brief Set the usage policy on a key slot.
@@ -1431,19 +1614,131 @@ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
                                   psa_key_slot_t key,
                                   psa_algorithm_t alg);
 
+/** Add a message fragment to a multipart MAC operation.
+ *
+ * The application must call psa_mac_sign_setup() or psa_mac_verify_setup()
+ * before calling this function.
+ *
+ * If this function returns an error status, the operation becomes inactive.
+ *
+ * \param operation     Active MAC operation.
+ * \param input         Buffer containing the message fragment to add to
+ *                      the MAC calculation.
+ * \param input_length  Size of the \c input buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (not started, or already completed).
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
 psa_status_t psa_mac_update(psa_mac_operation_t *operation,
                             const uint8_t *input,
                             size_t input_length);
 
+/** Finish the calculation of the MAC of a message.
+ *
+ * The application must call psa_mac_sign_setup() before calling this function.
+ * This function calculates the MAC of the message formed by concatenating
+ * the inputs passed to preceding calls to psa_mac_update().
+ *
+ * When this function returns, the operation becomes inactive.
+ *
+ * \warning Applications should not call this function if they expect
+ *          a specific value for the MAC. Call psa_mac_verify_finish() instead.
+ *          Beware that comparing integrity or authenticity data such as
+ *          MAC values with a function such as \c memcmp is risky
+ *          because the time taken by the comparison may leak information
+ *          about the MAC value which could allow an attacker to guess
+ *          a valid MAC and thereby bypass security controls.
+ *
+ * \param operation     Active MAC operation.
+ * \param mac           Buffer where the MAC value is to be written.
+ * \param mac_size      Size of the \p mac buffer in bytes.
+ * \param mac_length    On success, the number of bytes
+ *                      that make up the MAC value. This is always
+ *                      #PSA_MAC_FINAL_SIZE(\c key_type, \c key_bits, \p alg)
+ *                      where \c key_type and \c key_bits are the type and
+ *                      bit-size respectively of \c key and `alg` is the
+ *                      MAC algorithm that is calculated.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (not started, or already completed).
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \c mac buffer is too small. You can determine a
+ *         sufficient buffer size by calling PSA_MAC_FINAL_SIZE().
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
 psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
                                  uint8_t *mac,
                                  size_t mac_size,
                                  size_t *mac_length);
 
+/** Finish the calculation of the MAC of a message and compare it with
+ * an expected value.
+ *
+ * The application must call psa_mac_verify_setup() before calling this function.
+ * This function calculates the MAC of the message formed by concatenating
+ * the inputs passed to preceding calls to psa_mac_update(). It then
+ * compares the calculated MAC with the expected MAC passed as a
+ * parameter to this function.
+ *
+ * When this function returns, the operation becomes inactive.
+ *
+ * \note Implementations shall make the best effort to ensure that the
+ * comparison between the actual MAC and the expected MAC is performed
+ * in constant time.
+ *
+ * \param operation     Active MAC operation.
+ * \param mac           Buffer containing the expected MAC value.
+ * \param mac_length    Size of the \c mac buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ *         The expected MAC is identical to the actual MAC of the message.
+ * \retval #PSA_ERROR_INVALID_SIGNATURE
+ *         The MAC of the message was calculated successfully, but it
+ *         differs from the expected MAC.
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (not started, or already completed).
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
 psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
                                    const uint8_t *mac,
                                    size_t mac_length);
 
+/** Abort a MAC operation.
+ *
+ * This function may be called at any time after psa_mac_sign_setup()
+ * or psa_mac_verify_setup().
+ * Aborting an operation frees all associated resources except for the
+ * \c operation structure itself.
+ *
+ * Implementation should strive to be robust and handle inactive MAC
+ * operations safely (do nothing and return #PSA_ERROR_BAD_STATE). However,
+ * application writers should beware that uninitialized memory may happen
+ * to be indistinguishable from an active MAC operation, and the behavior
+ * of psa_mac_abort() is undefined in this case.
+ *
+ * \param operation     Active MAC operation.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BAD_STATE
+ *         \c operation is not an active MAC operation.
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
 psa_status_t psa_mac_abort(psa_mac_operation_t *operation);
 
 /**@}*/
@@ -1556,15 +1851,104 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
                                       psa_key_slot_t key,
                                       psa_algorithm_t alg);
 
+/** Generate an IV for a symmetric encryption operation.
+ *
+ * This function generates a random IV (initialization vector), nonce
+ * or initial counter value for the encryption operation as appropriate
+ * for the chosen algorithm, key type and key size.
+ *
+ * The application must call psa_cipher_encrypt_setup() before
+ * calling this function.
+ *
+ * If this function returns an error status, the operation becomes inactive.
+ *
+ * \param operation     Active cipher operation.
+ * \param iv            Buffer where the generated IV is to be written.
+ * \param iv_size       Size of the \c iv buffer in bytes.
+ * \param iv_length     On success, the number of bytes of the generated IV.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (not started, or IV already set).
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \c output buffer is too small.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
 psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
                                     unsigned char *iv,
                                     size_t iv_size,
                                     size_t *iv_length);
 
+/** Set the IV for a symmetric encryption or decryption operation.
+ *
+ * This function sets the random IV (initialization vector), nonce
+ * or initial counter value for the encryption or decryption operation.
+ *
+ * The application must call psa_cipher_encrypt_setup() before
+ * calling this function.
+ *
+ * If this function returns an error status, the operation becomes inactive.
+ *
+ * \note When encrypting, applications should use psa_cipher_generate_iv()
+ * instead of this function, unless implementing a protocol that requires
+ * a non-random IV.
+ *
+ * \param operation     Active cipher operation.
+ * \param iv            Buffer containing the IV to use.
+ * \param iv_length     Size of the IV in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (not started, or IV already set).
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         The size of the \c iv is not acceptable for the chosen algorithm,
+ *         or the chosen algorithm does not use an IV.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
 psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
                                const unsigned char *iv,
                                size_t iv_length);
 
+/** Encrypt or decrypt a message fragment in an active cipher operation.
+ *
+ * The application must call psa_cipher_encrypt_setup() or
+ * psa_cipher_decrypt_setup() before calling this function. The choice
+ * of setup function determines whether this function encrypts or
+ * decrypts its input. After calling a setup function, if the chosen
+ * algorithm requires an IV, the application must call
+ * psa_cipher_generate_iv() or psa_cipher_set_iv().
+ *
+ * If this function returns an error status, the operation becomes inactive.
+ *
+ * \param operation     Active cipher operation.
+ * \param input         Buffer containing the message fragment to
+ *                      encrypt or decrypt.
+ * \param input_length  Size of the \c input buffer in bytes.
+ * \param output        Buffer where the output is to be written.
+ * \param output_size   Size of the \c output buffer in bytes.
+ * \param output_length On success, the number of bytes
+ *                      that make up the returned output.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (not started, IV required but
+ *         not set, or already completed).
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \p output buffer is too small.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
 psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
                                const uint8_t *input,
                                size_t input_length,
@@ -1572,11 +1956,64 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
                                size_t output_size,
                                size_t *output_length);
 
+/** Finish encrypting or decrypting a message in a cipher operation.
+ *
+ * The application must call psa_cipher_encrypt_setup() or
+ * psa_cipher_decrypt_setup() before calling this function. The choice
+ * of setup function determines whether this function encrypts or
+ * decrypts its input.
+ *
+ * This function finishes the encryption or decryption of the message
+ * formed by concatenating the inputs passed to preceding calls to
+ * psa_cipher_update().
+ *
+ * When this function returns, the operation becomes inactive.
+ *
+ * \param operation     Active cipher operation.
+ * \param output        Buffer where the output is to be written.
+ * \param output_size   Size of the \c output buffer in bytes.
+ * \param output_length On success, the number of bytes
+ *                      that make up the returned output.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The operation state is not valid (not started, IV required but
+ *         not set, or already completed).
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \p output buffer is too small.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
 psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
                                uint8_t *output,
                                size_t output_size,
                                size_t *output_length);
 
+/** Abort a cipher operation.
+ *
+ * This function may be called at any time after
+ * psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup().
+ * Aborting an operation frees all associated resources except for the
+ * \c operation structure itself.
+ *
+ * Implementation should strive to be robust and handle inactive cipher
+ * operations safely (do nothing and return #PSA_ERROR_BAD_STATE). However,
+ * application writers should beware that uninitialized memory may happen
+ * to be indistinguishable from an active cipher operation, and the behavior
+ * of psa_cipher_abort() is undefined in this case.
+ *
+ * \param operation     Active cipher operation.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BAD_STATE
+ *         \c operation is not an active cipher operation.
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
 psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
 
 /**@}*/
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index 574d3e55c..ab5b17e19 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -237,17 +237,69 @@
  *         sensible size or 0.
  *         If the parameters are not valid, the
  *         return value is unspecified.
- *
  */
 #define PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg)        \
     (PSA_KEY_TYPE_IS_RSA(key_type) ? ((void)alg, PSA_BITS_TO_BYTES(key_bits)) : \
      PSA_KEY_TYPE_IS_ECC(key_type) ? PSA_ECDSA_SIGNATURE_SIZE(key_bits) : \
      ((void)alg, 0))
 
+/** Safe output buffer size for psa_asymmetric_encrypt().
+ *
+ * This macro returns a safe buffer size for a ciphertext produced using
+ * a key of the specified type and size, with the specified algorithm.
+ * Note that the actual size of the ciphertext may be smaller, depending
+ * on the algorithm.
+ *
+ * \warning This function may call its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * \param key_type  An asymmetric key type (this may indifferently be a
+ *                  key pair type or a public key type).
+ * \param key_bits  The size of the key in bits.
+ * \param alg       The signature algorithm.
+ *
+ * \return If the parameters are valid and supported, return
+ *         a buffer size in bytes that guarantees that
+ *         psa_asymmetric_encrypt() will not fail with
+ *         #PSA_ERROR_BUFFER_TOO_SMALL.
+ *         If the parameters are a valid combination that is not supported
+ *         by the implementation, this macro either shall return either a
+ *         sensible size or 0.
+ *         If the parameters are not valid, the
+ *         return value is unspecified.
+ */
 #define PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg)     \
     (PSA_KEY_TYPE_IS_RSA(key_type) ?                                    \
      ((void)alg, PSA_BITS_TO_BYTES(key_bits)) :                         \
      0)
+
+/** Safe output buffer size for psa_asymmetric_decrypt().
+ *
+ * This macro returns a safe buffer size for a ciphertext produced using
+ * a key of the specified type and size, with the specified algorithm.
+ * Note that the actual size of the ciphertext may be smaller, depending
+ * on the algorithm.
+ *
+ * \warning This function may call its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * \param key_type  An asymmetric key type (this may indifferently be a
+ *                  key pair type or a public key type).
+ * \param key_bits  The size of the key in bits.
+ * \param alg       The signature algorithm.
+ *
+ * \return If the parameters are valid and supported, return
+ *         a buffer size in bytes that guarantees that
+ *         psa_asymmetric_decrypt() will not fail with
+ *         #PSA_ERROR_BUFFER_TOO_SMALL.
+ *         If the parameters are a valid combination that is not supported
+ *         by the implementation, this macro either shall return either a
+ *         sensible size or 0.
+ *         If the parameters are not valid, the
+ *         return value is unspecified.
+ */
 #define PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg)     \
     (PSA_KEY_TYPE_IS_RSA(key_type) ?                                    \
      PSA_BITS_TO_BYTES(key_bits) - PSA_RSA_MINIMUM_PADDING_SIZE(alg) :  \

From 480416af9d4acb874d5f60bb725334f71103daf7 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 28 Jun 2018 19:04:07 +0200
Subject: [PATCH 327/889] Fix argument validation in asn1_write_10x

1 << bits doesn't work when bits is too large. Found by ASan.
---
 tests/suites/test_suite_psa_crypto.function | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 0d1a25c82..5f705e3e3 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -46,7 +46,9 @@ static int asn1_write_10x( unsigned char **p,
 {
     int ret;
     int len = bits / 8 + 1;
-    if( x >= 1 << bits )
+    if( bits == 0 )
+        return( MBEDTLS_ERR_ASN1_INVALID_DATA );
+    if( bits <= 8 && x >= 1 << ( bits - 1 ) )
         return( MBEDTLS_ERR_ASN1_INVALID_DATA );
     if( *p < start || *p - start < (ssize_t) len )
         return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );

From 65fb236799af6634e44860040f4ba1ec1eb00936 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Tue, 26 Jun 2018 13:55:30 +0100
Subject: [PATCH 328/889] psa: Make psa_set_key_lifetime() match declaration

Previously, the psa_set_key_lifetime() implementation did not match the
function declaration in psa/crypto.h. Value types don't need const,
since they are passed by value. Fix psa_set_key_lifetime()
implementation by making it match its declaration in the header.
---
 library/psa_crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 8ce668ce3..7d7882745 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2513,7 +2513,7 @@ psa_status_t psa_get_key_lifetime( psa_key_slot_t key,
 }
 
 psa_status_t psa_set_key_lifetime( psa_key_slot_t key,
-                                   const psa_key_lifetime_t lifetime )
+                                   psa_key_lifetime_t lifetime )
 {
     key_slot_t *slot;
 

From 2743e42580dd30a7fb0eeb8d4b9b5d90b8090f19 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 27 Jun 2018 22:57:11 +0200
Subject: [PATCH 329/889] Correct reference for RSA keypair export format

---
 include/psa/crypto.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index e29a464de..07ee00061 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -900,8 +900,8 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  * - For Triple-DES, the format is the concatenation of the
  *   two or three DES keys.
  * - For RSA key pairs (#PSA_KEY_TYPE_RSA_KEYPAIR), the format
- *   is the non-encrypted DER representation defined by PKCS\#8 (RFC 5208)
- *   as PrivateKeyInfo.
+ *   is the non-encrypted DER representation defined by PKCS\#1 (RFC 8017)
+ *   as RSAPrivateKey.
  * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the format
  *   is the DER representation defined by RFC 5280 as SubjectPublicKeyInfo.
  *

From 2b450e3a01e138598e31dbb0c0f8b8a4182e92f7 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 27 Jun 2018 15:42:46 +0200
Subject: [PATCH 330/889] Factor RSA sign/verify code into its own functions

This makes the functions smaller and makes error paths easier to read.
---
 library/psa_crypto.c | 219 ++++++++++++++++++++++++-------------------
 1 file changed, 125 insertions(+), 94 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 9454f478c..cb2a4f271 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1612,6 +1612,7 @@ psa_status_t psa_mac_verify( psa_mac_operation_t *operation,
 /* Asymmetric cryptography */
 /****************************************************************/
 
+#if defined(MBEDTLS_RSA_C)
 /* Decode the hash algorithm from alg and store the mbedtls encoding in
  * md_alg. Verify that the hash length is consistent. */
 static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
@@ -1638,6 +1639,115 @@ static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
     return( PSA_SUCCESS );
 }
 
+static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa,
+                                  psa_algorithm_t alg,
+                                  const uint8_t *hash,
+                                  size_t hash_length,
+                                  uint8_t *signature,
+                                  size_t signature_size,
+                                  size_t *signature_length )
+{
+    psa_status_t status;
+    int ret;
+    mbedtls_md_type_t md_alg;
+
+    status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
+    if( status != PSA_SUCCESS )
+        return( status );
+
+    if( signature_size < rsa->len )
+        return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+#if defined(MBEDTLS_PKCS1_V15)
+    if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
+    {
+        mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
+                                 MBEDTLS_MD_NONE );
+        ret = mbedtls_rsa_pkcs1_sign( rsa,
+                                      mbedtls_ctr_drbg_random,
+                                      &global_data.ctr_drbg,
+                                      MBEDTLS_RSA_PRIVATE,
+                                      md_alg, hash_length, hash,
+                                      signature );
+    }
+    else
+#endif /* MBEDTLS_PKCS1_V15 */
+#if defined(MBEDTLS_PKCS1_V21)
+    if( PSA_ALG_IS_RSA_PSS( alg ) )
+    {
+        mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
+        ret = mbedtls_rsa_rsassa_pss_sign( rsa,
+                                           mbedtls_ctr_drbg_random,
+                                           &global_data.ctr_drbg,
+                                           MBEDTLS_RSA_PRIVATE,
+                                           md_alg, hash_length, hash,
+                                           signature );
+    }
+    else
+#endif /* MBEDTLS_PKCS1_V21 */
+    {
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    }
+
+    if( ret == 0 )
+        *signature_length = rsa->len;
+    return( mbedtls_to_psa_error( ret ) );
+}
+
+static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa,
+                                    psa_algorithm_t alg,
+                                    const uint8_t *hash,
+                                    size_t hash_length,
+                                    const uint8_t *signature,
+                                    size_t signature_length )
+{
+    psa_status_t status;
+    int ret;
+    mbedtls_md_type_t md_alg;
+
+    status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
+    if( status != PSA_SUCCESS )
+        return( status );
+
+    if( signature_length < rsa->len )
+        return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+#if defined(MBEDTLS_PKCS1_V15)
+    if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
+    {
+        mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
+                                 MBEDTLS_MD_NONE );
+        ret = mbedtls_rsa_pkcs1_verify( rsa,
+                                        mbedtls_ctr_drbg_random,
+                                        &global_data.ctr_drbg,
+                                        MBEDTLS_RSA_PUBLIC,
+                                        md_alg,
+                                        hash_length,
+                                        hash,
+                                        signature );
+    }
+    else
+#endif /* MBEDTLS_PKCS1_V15 */
+#if defined(MBEDTLS_PKCS1_V21)
+    if( PSA_ALG_IS_RSA_PSS( alg ) )
+    {
+        mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
+        ret = mbedtls_rsa_rsassa_pss_verify( rsa,
+                                             mbedtls_ctr_drbg_random,
+                                             &global_data.ctr_drbg,
+                                             MBEDTLS_RSA_PUBLIC,
+                                             md_alg, hash_length, hash,
+                                             signature );
+    }
+    else
+#endif /* MBEDTLS_PKCS1_V21 */
+    {
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    }
+    return( mbedtls_to_psa_error( ret ) );
+}
+#endif /* MBEDTLS_RSA_C */
+
 #if defined(MBEDTLS_ECDSA_C)
 /* `ecp` cannot be const because `ecp->grp` needs to be non-const
  * for mbedtls_ecdsa_sign() and mbedtls_ecdsa_sign_det()
@@ -1740,7 +1850,6 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key,
                                   size_t *signature_length )
 {
     key_slot_t *slot;
-    psa_status_t status;
     *signature_length = 0;
     (void) salt;
     (void) salt_length;
@@ -1758,48 +1867,11 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key,
 #if defined(MBEDTLS_RSA_C)
     if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
     {
-        mbedtls_rsa_context *rsa = slot->data.rsa;
-        int ret;
-        mbedtls_md_type_t md_alg;
-        status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
-        if( status != PSA_SUCCESS )
-            return( status );
-
-        if( signature_size < rsa->len )
-            return( PSA_ERROR_BUFFER_TOO_SMALL );
-#if defined(MBEDTLS_PKCS1_V15)
-        if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
-        {
-            mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
-                                     MBEDTLS_MD_NONE );
-            ret = mbedtls_rsa_pkcs1_sign( rsa,
-                                          mbedtls_ctr_drbg_random,
-                                          &global_data.ctr_drbg,
-                                          MBEDTLS_RSA_PRIVATE,
-                                          md_alg, hash_length, hash,
-                                          signature );
-        }
-        else
-#endif /* MBEDTLS_PKCS1_V15 */
-#if defined(MBEDTLS_PKCS1_V21)
-        if( PSA_ALG_IS_RSA_PSS( alg ) )
-        {
-            mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
-            ret = mbedtls_rsa_rsassa_pss_sign( rsa,
-                                               mbedtls_ctr_drbg_random,
-                                               &global_data.ctr_drbg,
-                                               MBEDTLS_RSA_PRIVATE,
-                                               md_alg, hash_length, hash,
-                                               signature );
-        }
-        else
-#endif /* MBEDTLS_PKCS1_V21 */
-        {
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        }
-        if( ret == 0 )
-            *signature_length = rsa->len;
-        return( mbedtls_to_psa_error( ret ) );
+        return( psa_rsa_sign( slot->data.rsa,
+                              alg,
+                              hash, hash_length,
+                              signature, signature_size,
+                              signature_length ) );
     }
     else
 #endif /* defined(MBEDTLS_RSA_C) */
@@ -1808,17 +1880,16 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key,
     {
 #if defined(MBEDTLS_ECDSA_C)
         if( PSA_ALG_IS_ECDSA( alg ) )
-            status = psa_ecdsa_sign( slot->data.ecp,
-                                     alg,
-                                     hash, hash_length,
-                                     signature, signature_size,
-                                     signature_length );
+            return( psa_ecdsa_sign( slot->data.ecp,
+                                    alg,
+                                    hash, hash_length,
+                                    signature, signature_size,
+                                    signature_length ) );
         else
 #endif /* defined(MBEDTLS_ECDSA_C) */
         {
             return( PSA_ERROR_INVALID_ARGUMENT );
         }
-        return( status );
     }
     else
 #endif /* defined(MBEDTLS_ECP_C) */
@@ -1837,7 +1908,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
                                     size_t signature_length )
 {
     key_slot_t *slot;
-    psa_status_t status;
+
     (void) salt;
     (void) salt_length;
 
@@ -1853,50 +1924,10 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
     if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ||
         slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY )
     {
-        mbedtls_rsa_context *rsa = slot->data.rsa;
-        int ret;
-        mbedtls_md_type_t md_alg;
-        status = psa_rsa_decode_md_type( alg, hash_length, &md_alg );
-        if( status != PSA_SUCCESS )
-            return( status );
-
-        if( signature_length < rsa->len )
-            return( PSA_ERROR_BUFFER_TOO_SMALL );
-#if defined(MBEDTLS_PKCS1_V15)
-        if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
-        {
-            mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
-                                     MBEDTLS_MD_NONE );
-
-            ret = mbedtls_rsa_pkcs1_verify( rsa,
-                                            mbedtls_ctr_drbg_random,
-                                            &global_data.ctr_drbg,
-                                            MBEDTLS_RSA_PUBLIC,
-                                            md_alg,
-                                            hash_length,
-                                            hash,
-                                            signature );
-
-        }
-        else
-#endif /* MBEDTLS_PKCS1_V15 */
-#if defined(MBEDTLS_PKCS1_V21)
-        if( PSA_ALG_IS_RSA_PSS( alg ) )
-        {
-            mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
-            ret = mbedtls_rsa_rsassa_pss_verify( rsa,
-                                                 mbedtls_ctr_drbg_random,
-                                                 &global_data.ctr_drbg,
-                                                 MBEDTLS_RSA_PUBLIC,
-                                                 md_alg, hash_length, hash,
-                                                 signature );
-        }
-        else
-#endif /* MBEDTLS_PKCS1_V21 */
-        {
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        }
-        return( mbedtls_to_psa_error( ret ) );
+        return( psa_rsa_verify( slot->data.rsa,
+                                alg,
+                                hash, hash_length,
+                                signature, signature_length ) );
     }
     else
 #endif /* defined(MBEDTLS_RSA_C) */

From 9911b02f323aa319f9e0a9ec8623af19e852c386 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 29 Jun 2018 17:30:48 +0200
Subject: [PATCH 331/889] Add sign_verify test and use it to smoke-test PSS

---
 tests/suites/test_suite_psa_crypto.data     | 20 ++++++
 tests/suites/test_suite_psa_crypto.function | 77 ++++++++++++++++++++-
 2 files changed, 96 insertions(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 27c15389f..e964186c0 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -681,6 +681,26 @@ PSA sign: deterministic ECDSA SECP256R1, invalid hash
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
 sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
 
+PSA sign/verify: RSA PKCS#1 v1.5, raw
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263"
+
+PSA sign/verify: RSA PKCS#1 v1.5 SHA-256
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
+
+PSA sign/verify: RSA PSS-SHA-256
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
+
+PSA sign/verify: randomized ECDSA SECP256R1 SHA-256
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
+
+PSA sign/verify: deterministic ECDSA SECP256R1 SHA-256
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
+sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
+
 PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
 asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index e9efb3a0a..cbb3f37b2 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -2014,7 +2014,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
                                       NULL, 0,
                                       signature, signature_size,
                                       &signature_length ) == PSA_SUCCESS );
-    /* Verify that the signature is correct. */
+    /* Verify that the signature is what is expected. */
     TEST_ASSERT( signature_length == output_data->len );
     TEST_ASSERT( memcmp( signature, output_data->x,
                          output_data->len ) == 0 );
@@ -2078,6 +2078,81 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void sign_verify( int key_type_arg, data_t *key_data,
+                  int alg_arg, data_t *input_data )
+{
+    int slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t key_bits;
+    unsigned char *signature = NULL;
+    size_t signature_size;
+    size_t signature_length = 0xdeadbeef;
+    psa_key_policy_t policy;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy,
+                              PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY,
+                              alg );
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, key_type,
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_get_key_information( slot,
+                                          NULL,
+                                          &key_bits ) == PSA_SUCCESS );
+
+    /* Allocate a buffer which has the size advertized by the
+     * library. */
+    signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type,
+                                                      key_bits, alg );
+    TEST_ASSERT( signature_size != 0 );
+    TEST_ASSERT( signature_size <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE );
+    signature = mbedtls_calloc( 1, signature_size );
+    TEST_ASSERT( signature != NULL );
+
+    /* Perform the signature. */
+    TEST_ASSERT( psa_asymmetric_sign( slot, alg,
+                                      input_data->x, input_data->len,
+                                      NULL, 0,
+                                      signature, signature_size,
+                                      &signature_length ) == PSA_SUCCESS );
+    /* Check that the signature length looks sensible. */
+    TEST_ASSERT( signature_length <= signature_size );
+    TEST_ASSERT( signature_length > 0 );
+
+    /* Use the library to verify that the signature is correct. */
+    TEST_ASSERT( psa_asymmetric_verify(
+                     slot, alg,
+                     input_data->x, input_data->len,
+                     NULL, 0,
+                     signature, signature_length ) == PSA_SUCCESS );
+
+    if( input_data->len != 0 )
+    {
+        /* Flip a bit in the input and verify that the signature is now
+         * detected as invalid. Flip a bit at the beginning, not at the end,
+         * because ECDSA may ignore the last few bits of the input. */
+        input_data->x[0] ^= 1;
+        TEST_ASSERT( psa_asymmetric_verify(
+                         slot, alg,
+                         input_data->x, input_data->len,
+                         NULL, 0,
+                         signature,
+                         signature_length ) == PSA_ERROR_INVALID_SIGNATURE );
+    }
+
+exit:
+    psa_destroy_key( slot );
+    mbedtls_free( signature );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void asymmetric_verify( int key_type_arg, data_t *key_data,
                         int alg_arg, data_t *hash_data,

From 7256e6c9a4421800768a180b533ba7f315c9048a Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 00:34:26 +0200
Subject: [PATCH 332/889] Doc: fix formatting of some macro arguments in
 explanations

---
 include/psa/crypto.h | 44 ++++++++++++++++++++++----------------------
 1 file changed, 22 insertions(+), 22 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 34ab8e112..4c8cc40fd 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -356,7 +356,7 @@ typedef uint32_t psa_key_type_t;
  * used for.
  *
  * HMAC keys should generally have the same size as the underlying hash.
- * This size can be calculated with #PSA_HASH_SIZE(`alg`) where
+ * This size can be calculated with #PSA_HASH_SIZE(\p alg) where
  * `alg` is the HMAC algorithm or the underlying hash algorithm. */
 #define PSA_KEY_TYPE_HMAC                       ((psa_key_type_t)0x02000001)
 
@@ -650,7 +650,7 @@ typedef uint32_t psa_algorithm_t;
  * For example, `PSA_ALG_HMAC(PSA_ALG_SHA256)` is HMAC-SHA-256.
  *
  * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(alg) is true).
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
  *
  * \return              The corresponding HMAC algorithm.
  * \return              Unspecified if \p alg is not a supported
@@ -775,7 +775,7 @@ typedef uint32_t psa_algorithm_t;
  * RSASSA-PKCS1-v1_5.
  *
  * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(alg) is true).
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
  *
  * \return              The corresponding RSA PKCS#1 v1.5 signature algorithm.
  * \return              Unspecified if \p alg is not a supported
@@ -803,7 +803,7 @@ typedef uint32_t psa_algorithm_t;
  * salted hash, and for the mask generation.
  *
  * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(alg) is true).
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
  *
  * \return              The corresponding RSA PSS signature algorithm.
  * \return              Unspecified if \p alg is not a supported
@@ -821,7 +821,7 @@ typedef uint32_t psa_algorithm_t;
  * with a random per-message secret number (*k*).
  *
  * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(alg) is true).
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
  *
  * \return              The corresponding DSA signature algorithm.
  * \return              Unspecified if \p alg is not a supported
@@ -852,7 +852,7 @@ typedef uint32_t psa_algorithm_t;
  * in big-endian order (most significant octet first).
  *
  * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(alg) is true).
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
  *
  * \return              The corresponding ECDSA signature algorithm.
  * \return              Unspecified if \p alg is not a supported
@@ -884,7 +884,7 @@ typedef uint32_t psa_algorithm_t;
  * #PSA_ALG_ECDSA(\c hash_alg) only for signature, not for verification.
  *
  * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(alg) is true).
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
  *
  * \return              The corresponding deterministic ECDSA signature
  *                      algorithm.
@@ -908,7 +908,7 @@ typedef uint32_t psa_algorithm_t;
  * itself.
  *
  * \param alg   A signature algorithm (\c PSA_ALG_XXX value such that
- *              #PSA_ALG_IS_SIGN(alg) is true).
+ *              #PSA_ALG_IS_SIGN(\p alg) is true).
  *
  * \return      The underlying hash algorithm if \p alg is a hash-and-sign
  *              algorithm.
@@ -1315,7 +1315,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
  * This is also the hash size that psa_hash_verify() expects.
  *
  * \param alg   A hash algorithm (\c PSA_ALG_XXX value such that
- *              #PSA_ALG_IS_HASH(alg) is true), or an HMAC algorithm
+ *              #PSA_ALG_IS_HASH(\p alg) is true), or an HMAC algorithm
  *              (#PSA_ALG_HMAC(`hash_alg`) where `hash_alg` is a
  *              hash algorithm).
  *
@@ -1367,7 +1367,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
  *
  * \param operation The operation object to use.
  * \param alg       The hash algorithm to compute (\c PSA_ALG_XXX value
- *                  such that #PSA_ALG_IS_HASH(alg) is true).
+ *                  such that #PSA_ALG_IS_HASH(\p alg) is true).
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -1422,10 +1422,10 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation,
  *
  * \param operation     Active hash operation.
  * \param hash          Buffer where the hash is to be written.
- * \param hash_size     Size of the \c hash buffer in bytes.
+ * \param hash_size     Size of the \p hash buffer in bytes.
  * \param hash_length   On success, the number of bytes
  *                      that make up the hash value. This is always
- *                      #PSA_HASH_SIZE(alg) where \c alg is the
+ *                      #PSA_HASH_SIZE(`alg`) where `alg` is the
  *                      hash algorithm that is calculated.
  *
  * \retval #PSA_SUCCESS
@@ -1434,7 +1434,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation,
  *         The operation state is not valid (not started, or already completed).
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \c hash buffer is too small. You can determine a
- *         sufficient buffer size by calling #PSA_HASH_SIZE(alg)
+ *         sufficient buffer size by calling #PSA_HASH_SIZE(\c alg)
  *         where \c alg is the hash algorithm that is calculated.
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
@@ -1595,7 +1595,7 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
  * \param operation The operation object to use.
  * \param key       Slot containing the key to use for the operation.
  * \param alg       The MAC algorithm to compute (\c PSA_ALG_XXX value
- *                  such that #PSA_ALG_IS_MAC(alg) is true).
+ *                  such that #PSA_ALG_IS_MAC(\p alg) is true).
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -1784,7 +1784,7 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
  * \param operation The operation object to use.
  * \param key       Slot containing the key to use for the operation.
  * \param alg       The cipher algorithm to compute (\c PSA_ALG_XXX value
- *                  such that #PSA_ALG_IS_CIPHER(alg) is true).
+ *                  such that #PSA_ALG_IS_CIPHER(\p alg) is true).
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -1832,7 +1832,7 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
  * \param operation The operation object to use.
  * \param key       Slot containing the key to use for the operation.
  * \param alg       The cipher algorithm to compute (\c PSA_ALG_XXX value
- *                  such that #PSA_ALG_IS_CIPHER(alg) is true).
+ *                  such that #PSA_ALG_IS_CIPHER(\p alg) is true).
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -2026,7 +2026,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
  *
  * \param alg                 An AEAD algorithm
  *                            (\c PSA_ALG_XXX value such that
- *                            #PSA_ALG_IS_AEAD(alg) is true).
+ *                            #PSA_ALG_IS_AEAD(\p alg) is true).
  *
  * \return                    The tag size for the specified algorithm.
  *                            If the AEAD algorithm does not have an identified
@@ -2047,7 +2047,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
  * \param key                     Slot containing the key to use.
  * \param alg                     The AEAD algorithm to compute
  *                                (\c PSA_ALG_XXX value such that
- *                                #PSA_ALG_IS_AEAD(alg) is true).
+ *                                #PSA_ALG_IS_AEAD(\p alg) is true).
  * \param nonce                   Nonce or IV to use.
  * \param nonce_length            Size of the \p nonce buffer in bytes.
  * \param additional_data         Additional data that will be authenticated
@@ -2100,7 +2100,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
  * \param key                     Slot containing the key to use.
  * \param alg                     The AEAD algorithm to compute
  *                                (\c PSA_ALG_XXX value such that
- *                                #PSA_ALG_IS_AEAD(alg) is true).
+ *                                #PSA_ALG_IS_AEAD(\p alg) is true).
  * \param nonce                   Nonce or IV to use.
  * \param nonce_length            Size of the \p nonce buffer in bytes.
  * \param additional_data         Additional data that has been authenticated
@@ -2197,7 +2197,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \c signature buffer is too small. You can
  *         determine a sufficient buffer size by calling
- *         #PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(key_type, key_bits, alg)
+ *         #PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
  *         where \c key_type and \c key_bits are the type and bit-size
  *         respectively of \c key.
  * \retval #PSA_ERROR_NOT_SUPPORTED
@@ -2302,7 +2302,7 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \c output buffer is too small. You can
  *         determine a sufficient buffer size by calling
- *         #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(key_type, key_bits, alg)
+ *         #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
  *         where \c key_type and \c key_bits are the type and bit-size
  *         respectively of \c key.
  * \retval #PSA_ERROR_NOT_SUPPORTED
@@ -2418,7 +2418,7 @@ psa_status_t psa_generate_random(uint8_t *output,
  *                          points to, in bytes.
  *
  * For any symmetric key type (a type such that
- * #PSA_KEY_TYPE_IS_ASYMMETRIC(`type`) is false), \c parameters must be
+ * #PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) is false), \c parameters must be
  * \c NULL. For asymmetric key types defined by this specification,
  * the parameter type and the default parameters are defined by the
  * table below. For vendor-defined key types, the vendor documentation

From ed34695e08f01dcee3e6079cc103301efbb16a39 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Thu, 5 Jul 2018 15:22:45 +0300
Subject: [PATCH 333/889] Fix tests in test_suite_psa_crypto to set policy
 usage

---
 tests/suites/test_suite_psa_crypto.function | 30 +++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index c90447f81..9128e8fc5 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1041,6 +1041,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
     size_t function_output_length = 0;
     size_t total_output_length = 0;
     psa_cipher_operation_t operation;
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key != NULL );
     TEST_ASSERT( input != NULL );
@@ -1054,6 +1055,10 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
@@ -1111,6 +1116,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
     size_t function_output_length = 0;
     size_t total_output_length = 0;
     psa_cipher_operation_t operation;
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key != NULL );
     TEST_ASSERT( input != NULL );
@@ -1124,6 +1130,10 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
@@ -1184,6 +1194,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     size_t function_output_length = 0;
     size_t total_output_length = 0;
     psa_cipher_operation_t operation;
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key != NULL );
     TEST_ASSERT( input != NULL );
@@ -1197,6 +1208,10 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
@@ -1259,6 +1274,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     size_t function_output_length = 0;
     size_t total_output_length = 0;
     psa_cipher_operation_t operation;
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key != NULL );
     TEST_ASSERT( input != NULL );
@@ -1272,6 +1288,10 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
@@ -1333,6 +1353,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
     size_t function_output_length = 0;
     psa_cipher_operation_t operation1;
     psa_cipher_operation_t operation2;
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key != NULL );
     TEST_ASSERT( input != NULL );
@@ -1341,6 +1362,10 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg );
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
@@ -1420,6 +1445,7 @@ void cipher_verify_output_multipart( int alg_arg,
     size_t function_output_length;
     psa_cipher_operation_t operation1;
     psa_cipher_operation_t operation2;
+    psa_key_policy_t policy;
 
     TEST_ASSERT( key != NULL );
     TEST_ASSERT( input != NULL );
@@ -1428,6 +1454,10 @@ void cipher_verify_output_multipart( int alg_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg );
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 

From 46f1fd7afd4f17062883ebd6c0dbf915602212f5 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 28 Jun 2018 19:31:31 +0200
Subject: [PATCH 334/889] Handle null pointers safely when used as buffers of
 size 0

When the size of a buffer is 0, the corresponding pointer argument may
be null. In such cases, library functions must not perform arithmetic
on the pointer or call standard library functions such as memset and
memcpy, since that would be undefined behavior in C. Protect such
cases.

Refactor the storage of a 0-sized raw data object to make it store a
null pointer, rather than depending on the behavior of calloc(1,0).
---
 library/psa_crypto.c | 50 +++++++++++++++++++++++++++++++++++---------
 1 file changed, 40 insertions(+), 10 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 4a3363952..19db5a9ec 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -409,10 +409,17 @@ static psa_status_t prepare_raw_data_slot( psa_key_type_t type,
     switch( type )
     {
         case PSA_KEY_TYPE_RAW_DATA:
+            if( bits == 0 )
+            {
+                raw->bytes = 0;
+                raw->data = NULL;
+                return( PSA_SUCCESS );
+            }
+            break;
 #if defined(MBEDTLS_MD_C)
         case PSA_KEY_TYPE_HMAC:
-#endif
             break;
+#endif
 #if defined(MBEDTLS_AES_C)
         case PSA_KEY_TYPE_AES:
             if( bits != 128 && bits != 192 && bits != 256 )
@@ -478,7 +485,8 @@ psa_status_t psa_import_key( psa_key_slot_t key,
                                         &slot->data.raw );
         if( status != PSA_SUCCESS )
             return( status );
-        memcpy( slot->data.raw.data, data, data_length );
+        if( data_length != 0 )
+            memcpy( slot->data.raw.data, data, data_length );
     }
     else
 #if defined(MBEDTLS_PK_PARSE_C)
@@ -679,7 +687,8 @@ static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
     {
         if( slot->data.raw.bytes > data_size )
             return( PSA_ERROR_BUFFER_TOO_SMALL );
-        memcpy( data, slot->data.raw.data, slot->data.raw.bytes );
+        if( slot->data.raw.bytes != 0 )
+            memcpy( data, slot->data.raw.data, slot->data.raw.bytes );
         *data_length = slot->data.raw.bytes;
         return( PSA_SUCCESS );
     }
@@ -710,7 +719,10 @@ static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
                 ret = mbedtls_pk_write_key_der( &pk, data, data_size );
             if( ret < 0 )
             {
-                memset( data, 0, data_size );
+                /* If data_size is 0 then data may be NULL and then the
+                 * call to memset would have undefined behavior. */
+                if( data_size != 0 )
+                    memset( data, 0, data_size );
                 return( mbedtls_to_psa_error( ret ) );
             }
             /* The mbedtls_pk_xxx functions write to the end of the buffer.
@@ -999,7 +1011,10 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation,
      * (barring an attack on the hash and deliberately-crafted input),
      * in case the caller doesn't check the return status properly. */
     *hash_length = actual_hash_length;
-    memset( hash, '!', hash_size );
+    /* If hash_size is 0 then hash may be NULL and then the
+     * call to memset would have undefined behavior. */
+    if( hash_size != 0 )
+        memset( hash, '!', hash_size );
 
     if( hash_size < actual_hash_length )
         return( PSA_ERROR_BUFFER_TOO_SMALL );
@@ -1500,7 +1515,10 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
      * (barring an attack on the mac and deliberately-crafted input),
      * in case the caller doesn't check the return status properly. */
     *mac_length = operation->mac_size;
-    memset( mac, '!', mac_size );
+    /* If mac_size is 0 then mac may be NULL and then the
+     * call to memset would have undefined behavior. */
+    if( mac_size != 0 )
+        memset( mac, '!', mac_size );
 
     if( mac_size < operation->mac_size )
         return( PSA_ERROR_BUFFER_TOO_SMALL );
@@ -1944,8 +1962,10 @@ exit:
     if( status == PSA_SUCCESS )
         memset( signature + *signature_length, '!',
                 signature_size - *signature_length );
-    else
+    else if( signature_size != 0 )
         memset( signature, '!', signature_size );
+    /* If signature_size is 0 then we have nothing to do. We must not call
+     * memset because signature may be NULL in this case. */
     return( status );
 }
 
@@ -2410,7 +2430,9 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,
         psa_cipher_abort( operation );
         return( mbedtls_to_psa_error( ret ) );
     }
-    if( output_size >= *output_length )
+    if( *output_length == 0 )
+        /* Nothing to copy. Note that output may be NULL in this case. */ ;
+    else if( output_size >= *output_length )
         memcpy( output, temp_output_buffer, *output_length );
     else
     {
@@ -2684,7 +2706,10 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
 
     if( ret != 0 )
     {
-        memset( ciphertext, 0, ciphertext_size );
+        /* If ciphertext_size is 0 then ciphertext may be NULL and then the
+         * call to memset would have undefined behavior. */
+        if( ciphertext_size != 0 )
+            memset( ciphertext, 0, ciphertext_size );
         return( mbedtls_to_psa_error( ret ) );
     }
 
@@ -2823,7 +2848,12 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     }
 
     if( ret != 0 )
-        memset( plaintext, 0, plaintext_size );
+    {
+        /* If plaintext_size is 0 then plaintext may be NULL and then the
+         * call to memset has undefined behavior. */
+        if( plaintext_size != 0 )
+            memset( plaintext, 0, plaintext_size );
+    }
     else
         *plaintext_length = ciphertext_length - tag_length;
 

From 045bd50a78a3d8d639ea470c79300eb6331bedff Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Tue, 26 Jun 2018 14:00:08 +0100
Subject: [PATCH 335/889] psa: Use key slot type in mbedtls_psa_crypto_free()

To avoid a possible loss of precision, and to be semantically correct,
use psa_key_slot_t (which is 16 bits) instead of size_t (which is 32 or
64 bits on common platforms) in mbedtls_psa_crypto_free().
---
 library/psa_crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 7d7882745..4b17e5594 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2941,7 +2941,7 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
 
 void mbedtls_psa_crypto_free( void )
 {
-    size_t key;
+    psa_key_slot_t key;
     for( key = 1; key < PSA_KEY_SLOT_COUNT; key++ )
         psa_destroy_key( key );
     mbedtls_ctr_drbg_free( &global_data.ctr_drbg );

From 69c1267fd21c94cdf1f9289fd18e7cf0d36f6162 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 28 Jun 2018 00:07:19 +0200
Subject: [PATCH 336/889] Use PSA_xxx_MAX_SIZE for hash/MAC/signature size in
 tests

In tests that had a hard-coded buffer size, use PSA_MAC_MAX_SIZE or
PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE as appropriate.

Test that PSA_xxx_MAX_SIZE is larger than the size used in tests that
expect a specific output.
---
 tests/suites/test_suite_psa_crypto.function | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 1959e13d0..03ce5b33b 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -43,7 +43,7 @@ static int exercise_mac_key( psa_key_slot_t key,
 {
     psa_mac_operation_t operation;
     const unsigned char input[] = "foo";
-    unsigned char mac[64] = {0};
+    unsigned char mac[PSA_MAC_MAX_SIZE] = {0};
     size_t mac_length = sizeof( mac );
 
     if( usage & PSA_KEY_USAGE_SIGN )
@@ -191,7 +191,7 @@ static int exercise_signature_key( psa_key_slot_t key,
 {
     unsigned char payload[16] = {1};
     size_t payload_length = sizeof( payload );
-    unsigned char signature[256] = {0};
+    unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0};
     size_t signature_length = sizeof( signature );
 
     if( usage & PSA_KEY_USAGE_SIGN )
@@ -709,6 +709,9 @@ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
     size_t actual_hash_length;
     psa_hash_operation_t operation;
 
+    TEST_ASSERT( expected_hash->len == PSA_HASH_SIZE( alg ) );
+    TEST_ASSERT( expected_hash->len <= PSA_HASH_MAX_SIZE );
+
     TEST_ASSERT( input != NULL );
     TEST_ASSERT( expected_hash != NULL );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
@@ -737,6 +740,9 @@ void hash_verify( int alg_arg, data_t *input, data_t *expected_hash )
     psa_algorithm_t alg = alg_arg;
     psa_hash_operation_t operation;
 
+    TEST_ASSERT( expected_hash->len == PSA_HASH_SIZE( alg ) );
+    TEST_ASSERT( expected_hash->len <= PSA_HASH_MAX_SIZE );
+
     TEST_ASSERT( input != NULL );
     TEST_ASSERT( expected_hash != NULL );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
@@ -805,6 +811,8 @@ void mac_verify( int key_type_arg,
     psa_mac_operation_t operation;
     psa_key_policy_t policy;
 
+    TEST_ASSERT( expected_mac->len <= PSA_MAC_MAX_SIZE );
+
     TEST_ASSERT( key != NULL );
     TEST_ASSERT( input != NULL );
     TEST_ASSERT( expected_mac != NULL );
@@ -1594,6 +1602,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
     signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type,
                                                       key_bits, alg );
     TEST_ASSERT( signature_size != 0 );
+    TEST_ASSERT( signature_size <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE );
     signature = mbedtls_calloc( 1, signature_size );
     TEST_ASSERT( signature != NULL );
 
@@ -1677,6 +1686,8 @@ void asymmetric_verify( int key_type_arg, data_t *key_data,
     psa_algorithm_t alg = alg_arg;
     psa_key_policy_t policy;
 
+    TEST_ASSERT( signature_data->len <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE );
+
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( hash_data != NULL );
     TEST_ASSERT( signature_data != NULL );

From a26ff6a290ff8b8bfbc836f0fd54bc7e55306e0f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 28 Jun 2018 12:21:19 +0200
Subject: [PATCH 337/889] psa_asymmetric_sign: consistently fill unused output
 with '!'

Fill the unused part of the output buffer with '!', for consistency
with hash and mac.

On error, set the output length to the output buffer size and fill the
output buffer with '!', again for consistency with hash and mac. This
way an invalid output is more visible in a memory dump.

Restructure the error paths so that there is a single place where the
unused part of the output buffer is filled.

Also remove a redundant initialization of *signature_length to 0.
---
 library/psa_crypto.c | 64 ++++++++++++++++++++++++++++++--------------
 1 file changed, 44 insertions(+), 20 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index cb2a4f271..1d8eb506d 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1766,7 +1766,6 @@ static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp,
     mbedtls_mpi_init( &r );
     mbedtls_mpi_init( &s );
 
-    *signature_length = 0;
     if( signature_size < 2 * curve_bytes )
     {
         ret = MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL;
@@ -1802,8 +1801,6 @@ cleanup:
     mbedtls_mpi_free( &s );
     if( ret == 0 )
         *signature_length = 2 * curve_bytes;
-    memset( signature + *signature_length, 0,
-            signature_size - *signature_length );
     return( mbedtls_to_psa_error( ret ) );
 }
 
@@ -1850,28 +1847,43 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key,
                                   size_t *signature_length )
 {
     key_slot_t *slot;
-    *signature_length = 0;
+    psa_status_t status;
+
+    *signature_length = signature_size;
+
     (void) salt;
     (void) salt_length;
 
     if( key == 0 || key > PSA_KEY_SLOT_COUNT )
-        return( PSA_ERROR_EMPTY_SLOT );
+    {
+        status = PSA_ERROR_EMPTY_SLOT;
+        goto exit;
+    }
     slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_EMPTY_SLOT );
+    {
+        status = PSA_ERROR_EMPTY_SLOT;
+        goto exit;
+    }
     if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
-        return( PSA_ERROR_INVALID_ARGUMENT );
+    {
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
+    }
     if( ! ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) )
-        return( PSA_ERROR_NOT_PERMITTED );
+    {
+        status = PSA_ERROR_NOT_PERMITTED;
+        goto exit;
+    }
 
 #if defined(MBEDTLS_RSA_C)
     if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
     {
-        return( psa_rsa_sign( slot->data.rsa,
-                              alg,
-                              hash, hash_length,
-                              signature, signature_size,
-                              signature_length ) );
+        status = psa_rsa_sign( slot->data.rsa,
+                               alg,
+                               hash, hash_length,
+                               signature, signature_size,
+                               signature_length );
     }
     else
 #endif /* defined(MBEDTLS_RSA_C) */
@@ -1880,22 +1892,34 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key,
     {
 #if defined(MBEDTLS_ECDSA_C)
         if( PSA_ALG_IS_ECDSA( alg ) )
-            return( psa_ecdsa_sign( slot->data.ecp,
-                                    alg,
-                                    hash, hash_length,
-                                    signature, signature_size,
-                                    signature_length ) );
+            status = psa_ecdsa_sign( slot->data.ecp,
+                                     alg,
+                                     hash, hash_length,
+                                     signature, signature_size,
+                                     signature_length );
         else
 #endif /* defined(MBEDTLS_ECDSA_C) */
         {
-            return( PSA_ERROR_INVALID_ARGUMENT );
+            status = PSA_ERROR_INVALID_ARGUMENT;
         }
     }
     else
 #endif /* defined(MBEDTLS_ECP_C) */
     {
-        return( PSA_ERROR_NOT_SUPPORTED );
+        status = PSA_ERROR_NOT_SUPPORTED;
     }
+
+exit:
+    /* Fill the unused part of the output buffer (the whole buffer on error,
+     * the trailing part on success) with something that isn't a valid mac
+     * (barring an attack on the mac and deliberately-crafted input),
+     * in case the caller doesn't check the return status properly. */
+    if( status == PSA_SUCCESS )
+        memset( signature + *signature_length, '!',
+                signature_size - *signature_length );
+    else
+        memset( signature, '!', signature_size );
+    return( status );
 }
 
 psa_status_t psa_asymmetric_verify( psa_key_slot_t key,

From 3ff2162d14dd4457eee3d206d755942fd5138249 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 29 Jun 2018 17:37:13 +0200
Subject: [PATCH 338/889] Remove salt from asymmetric_{sign,verify}

No common signature algorithm uses a salt (RSA-PKCS#1v1.5, RSA-PSS,
DSA, ECDSA, EdDSA). We don't even take an IV for MAC whereas MAC
algorithms with IV are uncommon but heard of. So remove the salt
parameter from psa_asymmetric_sign and psa_asymmetric_verify.
---
 include/psa/crypto.h                        | 22 ---------------------
 library/psa_crypto.c                        | 10 ----------
 tests/suites/test_suite_psa_crypto.function | 11 -----------
 3 files changed, 43 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 8ac817a6e..68e3b0aa3 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -2241,15 +2241,6 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
  *                              the type of \p key.
  * \param[in] hash              The hash or message to sign.
  * \param hash_length           Size of the \p hash buffer in bytes.
- * \param[in] salt              A salt or label, if supported by the
- *                              signature algorithm.
- *                              If the signature algorithm does not support
- *                              a salt, pass \c NULL.
- *                              If the signature algorithm supports an
- *                              optional salt and you do not want to pass
- *                              a salt, pass \c NULL.
- * \param salt_length           Size of the \p salt buffer in bytes.
- *                              If \p salt is \c NULL, pass 0.
  * \param[out] signature        Buffer where the signature is to be written.
  * \param signature_size        Size of the \p signature buffer in bytes.
  * \param[out] signature_length On success, the number of bytes
@@ -2274,8 +2265,6 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
                                  psa_algorithm_t alg,
                                  const uint8_t *hash,
                                  size_t hash_length,
-                                 const uint8_t *salt,
-                                 size_t salt_length,
                                  uint8_t *signature,
                                  size_t signature_size,
                                  size_t *signature_length);
@@ -2296,15 +2285,6 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
  * \param[in] hash          The hash or message whose signature is to be
  *                          verified.
  * \param hash_length       Size of the \p hash buffer in bytes.
- * \param[in] salt          A salt or label, if supported by the signature
- *                          algorithm.
- *                          If the signature algorithm does not support a
- *                          salt, pass \c NULL.
- *                          If the signature algorithm supports an optional
- *                          salt and you do not want to pass a salt,
- *                          pass \c NULL.
- * \param salt_length       Size of the \p salt buffer in bytes.
- *                          If \p salt is \c NULL, pass 0.
  * \param[in] signature     Buffer containing the signature to verify.
  * \param signature_length  Size of the \p signature buffer in bytes.
  *
@@ -2324,8 +2304,6 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
                                    psa_algorithm_t alg,
                                    const uint8_t *hash,
                                    size_t hash_length,
-                                   const uint8_t *salt,
-                                   size_t salt_length,
                                    const uint8_t *signature,
                                    size_t signature_length);
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index eb140ea2c..9988ec09e 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1983,8 +1983,6 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key,
                                   psa_algorithm_t alg,
                                   const uint8_t *hash,
                                   size_t hash_length,
-                                  const uint8_t *salt,
-                                  size_t salt_length,
                                   uint8_t *signature,
                                   size_t signature_size,
                                   size_t *signature_length )
@@ -1994,9 +1992,6 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key,
 
     *signature_length = signature_size;
 
-    (void) salt;
-    (void) salt_length;
-
     status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_SIGN, alg );
     if( status != PSA_SUCCESS )
         goto exit;
@@ -2058,17 +2053,12 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
                                     psa_algorithm_t alg,
                                     const uint8_t *hash,
                                     size_t hash_length,
-                                    const uint8_t *salt,
-                                    size_t salt_length,
                                     const uint8_t *signature,
                                     size_t signature_length )
 {
     key_slot_t *slot;
     psa_status_t status;
 
-    (void) salt;
-    (void) salt_length;
-
     status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_VERIFY, alg );
     if( status != PSA_SUCCESS )
         return( status );
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index cbb3f37b2..9505ab6eb 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -294,7 +294,6 @@ static int exercise_signature_key( psa_key_slot_t key,
     {
         TEST_ASSERT( psa_asymmetric_sign( key, alg,
                                           payload, payload_length,
-                                          NULL, 0,
                                           signature, sizeof( signature ),
                                           &signature_length ) == PSA_SUCCESS );
     }
@@ -307,7 +306,6 @@ static int exercise_signature_key( psa_key_slot_t key,
               PSA_ERROR_INVALID_SIGNATURE );
         TEST_ASSERT( psa_asymmetric_verify( key, alg,
                                             payload, payload_length,
-                                            NULL, 0,
                                             signature, signature_length ) ==
                      verify_status );
     }
@@ -965,7 +963,6 @@ void asymmetric_signature_key_policy( int policy_usage,
 
     status = psa_asymmetric_sign( key_slot, exercise_alg,
                                   payload, payload_length,
-                                  NULL, 0,
                                   signature, sizeof( signature ),
                                   &signature_length );
     if( policy_alg == exercise_alg &&
@@ -977,7 +974,6 @@ void asymmetric_signature_key_policy( int policy_usage,
     memset( signature, 0, sizeof( signature ) );
     status = psa_asymmetric_verify( key_slot, exercise_alg,
                                     payload, payload_length,
-                                    NULL, 0,
                                     signature, sizeof( signature ) );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 )
@@ -2011,7 +2007,6 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
     /* Perform the signature. */
     TEST_ASSERT( psa_asymmetric_sign( slot, alg,
                                       input_data->x, input_data->len,
-                                      NULL, 0,
                                       signature, signature_size,
                                       &signature_length ) == PSA_SUCCESS );
     /* Verify that the signature is what is expected. */
@@ -2061,7 +2056,6 @@ void sign_fail( int key_type_arg, data_t *key_data,
 
     actual_status = psa_asymmetric_sign( slot, alg,
                                          input_data->x, input_data->len,
-                                         NULL, 0,
                                          signature, signature_size,
                                          &signature_length );
     TEST_ASSERT( actual_status == expected_status );
@@ -2118,7 +2112,6 @@ void sign_verify( int key_type_arg, data_t *key_data,
     /* Perform the signature. */
     TEST_ASSERT( psa_asymmetric_sign( slot, alg,
                                       input_data->x, input_data->len,
-                                      NULL, 0,
                                       signature, signature_size,
                                       &signature_length ) == PSA_SUCCESS );
     /* Check that the signature length looks sensible. */
@@ -2129,7 +2122,6 @@ void sign_verify( int key_type_arg, data_t *key_data,
     TEST_ASSERT( psa_asymmetric_verify(
                      slot, alg,
                      input_data->x, input_data->len,
-                     NULL, 0,
                      signature, signature_length ) == PSA_SUCCESS );
 
     if( input_data->len != 0 )
@@ -2141,7 +2133,6 @@ void sign_verify( int key_type_arg, data_t *key_data,
         TEST_ASSERT( psa_asymmetric_verify(
                          slot, alg,
                          input_data->x, input_data->len,
-                         NULL, 0,
                          signature,
                          signature_length ) == PSA_ERROR_INVALID_SIGNATURE );
     }
@@ -2184,7 +2175,6 @@ void asymmetric_verify( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_asymmetric_verify( slot, alg,
                                         hash_data->x, hash_data->len,
-                                        NULL, 0,
                                         signature_data->x,
                                         signature_data->len ) == PSA_SUCCESS );
 exit:
@@ -2225,7 +2215,6 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
 
     actual_status = psa_asymmetric_verify( slot, alg,
                                            hash_data->x, hash_data->len,
-                                           NULL, 0,
                                            signature_data->x,
                                            signature_data->len );
 

From aa7bc47f738bc4c91a127b2a29029c5a8af63045 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 00:54:56 +0200
Subject: [PATCH 339/889] Add missing const on policy_get_xxx function
 parameter

---
 include/psa/crypto.h | 4 ++--
 library/psa_crypto.c | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 4c8cc40fd..e57f5647e 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1205,10 +1205,10 @@ void psa_key_policy_set_usage(psa_key_policy_t *policy,
                               psa_algorithm_t alg);
 
 /** \brief Retrieve the usage field of a policy structure. */
-psa_key_usage_t psa_key_policy_get_usage(psa_key_policy_t *policy);
+psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy);
 
 /** \brief Retrieve the algorithm field of a policy structure. */
-psa_algorithm_t psa_key_policy_get_algorithm(psa_key_policy_t *policy);
+psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy);
 
 /** \brief Set the usage policy on a key slot.
  *
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 50a99904c..fce9e3c82 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2585,12 +2585,12 @@ void psa_key_policy_set_usage( psa_key_policy_t *policy,
     policy->alg = alg;
 }
 
-psa_key_usage_t psa_key_policy_get_usage( psa_key_policy_t *policy )
+psa_key_usage_t psa_key_policy_get_usage( const psa_key_policy_t *policy )
 {
     return( policy->usage );
 }
 
-psa_algorithm_t psa_key_policy_get_algorithm( psa_key_policy_t *policy )
+psa_algorithm_t psa_key_policy_get_algorithm( const psa_key_policy_t *policy )
 {
     return( policy->alg );
 }

From b0b255c82a4df82807c58636eb61cad999fb277f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 6 Jul 2018 17:01:38 +0200
Subject: [PATCH 340/889] Always access key slots through accessor functions

New functions psa_get_key_slot(), psa_get_empty_key_slot(),
psa_get_key_from_slot() to access a key slot object from a key slot
number. These functions perform all requisite validations:

* psa_get_key_slot() verifies that the key slot number is in range.
* psa_get_empty_key_slot() verifies that the slot is empty.
* psa_get_key_from_slot() verifies that the slot contains a key with
  a suitable policy.

Always use these functions so as to make sure that the requisite
validations are always performed.
---
 library/psa_crypto.c | 254 ++++++++++++++++++++++++++-----------------
 1 file changed, 152 insertions(+), 102 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 6dff2f532..f156d0c27 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -339,6 +339,72 @@ static psa_status_t mbedtls_to_psa_error( int ret )
     }
 }
 
+/* Retrieve a key slot, occupied or not. */
+static psa_status_t psa_get_key_slot( psa_key_slot_t key,
+                                      key_slot_t **p_slot )
+{
+    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    *p_slot = &global_data.key_slots[key];
+    return( PSA_SUCCESS );
+}
+
+/* Retrieve an empty key slot (slot with no key data, but possibly
+ * with some metadata such as a policy). */
+static psa_status_t psa_get_empty_key_slot( psa_key_slot_t key,
+                                            key_slot_t **p_slot )
+{
+    psa_status_t status;
+    key_slot_t *slot = NULL;
+
+    *p_slot = NULL;
+
+    status = psa_get_key_slot( key, &slot );
+    if( status != PSA_SUCCESS )
+        return( status );
+
+    if( slot->type != PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_OCCUPIED_SLOT );
+
+    *p_slot = slot;
+    return( status );
+}
+
+/* Retrieve a slot which must contain a key. The key must have allow all
+ * the usage flags set in \p usage. If \p alg is nonzero, the key must
+ * allow operations with this algorithm. */
+static psa_status_t psa_get_key_from_slot( psa_key_slot_t key,
+                                           key_slot_t **p_slot,
+                                           psa_key_usage_t usage,
+                                           psa_algorithm_t alg )
+{
+    psa_status_t status;
+    key_slot_t *slot = NULL;
+
+    *p_slot = NULL;
+
+    status = psa_get_key_slot( key, &slot );
+    if( status != PSA_SUCCESS )
+        return( status );
+    if( slot->type == PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_EMPTY_SLOT );
+
+    /* Enforce that usage policy for the key slot contains all the flags
+     * required by the usage parameter. There is one exception: public
+     * keys can always be exported, so we treat public key objects as
+     * if they had the export flag. */
+    if( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) )
+        usage &= ~PSA_KEY_USAGE_EXPORT;
+    if( ( slot->policy.usage & usage ) != usage )
+        return( PSA_ERROR_NOT_PERMITTED );
+    if( alg != 0 && ( alg != slot->policy.alg ) )
+        return( PSA_ERROR_NOT_PERMITTED );
+
+    *p_slot = slot;
+    return( PSA_SUCCESS );
+}
+
 
 
 /****************************************************************/
@@ -481,16 +547,13 @@ psa_status_t psa_import_key( psa_key_slot_t key,
                              size_t data_length )
 {
     key_slot_t *slot;
-
-    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    slot = &global_data.key_slots[key];
-    if( slot->type != PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_OCCUPIED_SLOT );
+    psa_status_t status = PSA_SUCCESS;
+    status = psa_get_empty_key_slot( key, &slot );
+    if( status != PSA_SUCCESS )
+        return( status );
 
     if( key_type_is_raw_bytes( type ) )
     {
-        psa_status_t status;
         /* Ensure that a bytes-to-bit conversion won't overflow. */
         if( data_length > SIZE_MAX / 8 )
             return( PSA_ERROR_NOT_SUPPORTED );
@@ -510,7 +573,6 @@ psa_status_t psa_import_key( psa_key_slot_t key,
     {
         int ret;
         mbedtls_pk_context pk;
-        psa_status_t status = PSA_SUCCESS;
         mbedtls_pk_init( &pk );
         if( PSA_KEY_TYPE_IS_KEYPAIR( type ) )
             ret = mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 );
@@ -583,10 +645,12 @@ psa_status_t psa_import_key( psa_key_slot_t key,
 psa_status_t psa_destroy_key( psa_key_slot_t key )
 {
     key_slot_t *slot;
+    psa_status_t status;
+
+    status = psa_get_key_slot( key, &slot );
+    if( status != PSA_SUCCESS )
+        return( status );
 
-    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    slot = &global_data.key_slots[key];
     if( slot->type == PSA_KEY_TYPE_NONE )
     {
         /* No key material to clean, but do zeroize the slot below to wipe
@@ -629,16 +693,19 @@ psa_status_t psa_get_key_information( psa_key_slot_t key,
                                       size_t *bits )
 {
     key_slot_t *slot;
+    psa_status_t status;
 
-    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
-        return( PSA_ERROR_EMPTY_SLOT );
-    slot = &global_data.key_slots[key];
     if( type != NULL )
-        *type = slot->type;
+        *type = 0;
     if( bits != NULL )
         *bits = 0;
+    status = psa_get_key_slot( key, &slot );
+    if( status != PSA_SUCCESS )
+        return( status );
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
+    if( type != NULL )
+        *type = slot->type;
 
     if( key_type_is_raw_bytes( slot->type ) )
     {
@@ -679,6 +746,13 @@ static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
                                               int export_public_key )
 {
     key_slot_t *slot;
+    psa_status_t status;
+    /* Exporting a public key doesn't require a usage flag. If we're
+     * called by psa_export_public_key(), don't require the EXPORT flag.
+     * If we're called by psa_export_key(), do require the EXPORT flag;
+     * if the key turns out to be public key object, psa_get_key_from_slot()
+     * will ignore this flag. */
+    psa_key_usage_t usage = export_public_key ? 0 : PSA_KEY_USAGE_EXPORT;
 
     /* Set the key to empty now, so that even when there are errors, we always
      * set data_length to a value between 0 and data_size. On error, setting
@@ -686,20 +760,12 @@ static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
      * unlikely to be accepted anywhere. */
     *data_length = 0;
 
-    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
-        return( PSA_ERROR_EMPTY_SLOT );
-    slot = &global_data.key_slots[key];
-    if( slot->type == PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_EMPTY_SLOT );
-
+    status = psa_get_key_from_slot( key, &slot, usage, 0 );
+    if( status != PSA_SUCCESS )
+        return( status );
     if( export_public_key && ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->type ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    if( ! export_public_key &&
-        ! PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) &&
-        ( slot->policy.usage & PSA_KEY_USAGE_EXPORT ) == 0 )
-        return( PSA_ERROR_NOT_PERMITTED );
-
     if( key_type_is_raw_bytes( slot->type ) )
     {
         if( slot->data.raw.bytes > data_size )
@@ -1424,13 +1490,17 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
     if( status != PSA_SUCCESS )
         return( status );
 
-    slot = &global_data.key_slots[key];
-    if( slot->type == PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_EMPTY_SLOT );
+    status = psa_get_key_from_slot( key, &slot, 0, alg );
+    if( status != PSA_SUCCESS )
+        return( status );
 
+    /* Since this function is called identically for a sign or verify
+     * operation, we don't know yet whether the operation is permitted.
+     * Store the part of the key policy that we can't check in the
+     * operation structure. psa_mac_finish() or psa_mac_verify() will
+     * check that remaining part. */
     if( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 )
         operation->key_usage_sign = 1;
-
     if( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 )
         operation->key_usage_verify = 1;
 
@@ -1919,27 +1989,14 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key,
     (void) salt;
     (void) salt_length;
 
-    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
-    {
-        status = PSA_ERROR_EMPTY_SLOT;
+    status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_SIGN, alg );
+    if( status != PSA_SUCCESS )
         goto exit;
-    }
-    slot = &global_data.key_slots[key];
-    if( slot->type == PSA_KEY_TYPE_NONE )
-    {
-        status = PSA_ERROR_EMPTY_SLOT;
-        goto exit;
-    }
     if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
     {
         status = PSA_ERROR_INVALID_ARGUMENT;
         goto exit;
     }
-    if( ! ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) )
-    {
-        status = PSA_ERROR_NOT_PERMITTED;
-        goto exit;
-    }
 
 #if defined(MBEDTLS_RSA_C)
     if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
@@ -1999,17 +2056,14 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
                                     size_t signature_length )
 {
     key_slot_t *slot;
+    psa_status_t status;
 
     (void) salt;
     (void) salt_length;
 
-    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    slot = &global_data.key_slots[key];
-    if( slot->type == PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_EMPTY_SLOT );
-    if( ! ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) )
-        return( PSA_ERROR_NOT_PERMITTED );
+    status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_VERIFY, alg );
+    if( status != PSA_SUCCESS )
+        return( status );
 
 #if defined(MBEDTLS_RSA_C)
     if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ||
@@ -2054,19 +2108,17 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
                                      size_t *output_length )
 {
     key_slot_t *slot;
+    psa_status_t status;
+
     (void) salt;
     (void) salt_length;
     *output_length = 0;
 
-    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    slot = &global_data.key_slots[key];
-    if( slot->type == PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_EMPTY_SLOT );
+    status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg );
+    if( status != PSA_SUCCESS )
+        return( status );
     if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
-    if( ! ( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) )
-        return( PSA_ERROR_NOT_PERMITTED );
 
 #if defined(MBEDTLS_RSA_C)
     if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ||
@@ -2121,19 +2173,17 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
                                      size_t *output_length )
 {
     key_slot_t *slot;
+    psa_status_t status;
+
     (void) salt;
     (void) salt_length;
     *output_length = 0;
 
-    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
-        return( PSA_ERROR_EMPTY_SLOT );
-    slot = &global_data.key_slots[key];
-    if( slot->type == PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_EMPTY_SLOT );
+    status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DECRYPT, alg );
+    if( status != PSA_SUCCESS )
+        return( status );
     if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
-    if( ! ( slot->policy.usage & PSA_KEY_USAGE_DECRYPT ) )
-        return( PSA_ERROR_NOT_PERMITTED );
 
 #if defined(MBEDTLS_RSA_C)
     if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
@@ -2216,6 +2266,9 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
     psa_key_type_t key_type;
     size_t key_bits;
     const mbedtls_cipher_info_t *cipher_info = NULL;
+    psa_key_usage_t usage = ( cipher_operation == MBEDTLS_ENCRYPT ?
+                              PSA_KEY_USAGE_ENCRYPT :
+                              PSA_KEY_USAGE_DECRYPT );
 
     status = psa_cipher_init( operation, alg );
     if( status != PSA_SUCCESS )
@@ -2224,7 +2277,9 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
     status = psa_get_key_information( key, &key_type, &key_bits );
     if( status != PSA_SUCCESS )
         return( status );
-    slot = &global_data.key_slots[key];
+    status = psa_get_key_from_slot( key, &slot, usage, alg);
+    if( status != PSA_SUCCESS )
+        return( status );
 
     cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, NULL );
     if( cipher_info == NULL )
@@ -2525,13 +2580,14 @@ psa_status_t psa_set_key_policy( psa_key_slot_t key,
                                  const psa_key_policy_t *policy )
 {
     key_slot_t *slot;
+    psa_status_t status;
 
-    if( key == 0 || key > PSA_KEY_SLOT_COUNT || policy == NULL )
+    if( policy == NULL )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    slot = &global_data.key_slots[key];
-    if( slot->type != PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_OCCUPIED_SLOT );
+    status = psa_get_empty_key_slot( key, &slot );
+    if( status != PSA_SUCCESS )
+        return( status );
 
     if( ( policy->usage & ~( PSA_KEY_USAGE_EXPORT |
                              PSA_KEY_USAGE_ENCRYPT |
@@ -2549,11 +2605,14 @@ psa_status_t psa_get_key_policy( psa_key_slot_t key,
                                  psa_key_policy_t *policy )
 {
     key_slot_t *slot;
+    psa_status_t status;
 
-    if( key == 0 || key > PSA_KEY_SLOT_COUNT || policy == NULL )
+    if( policy == NULL )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    slot = &global_data.key_slots[key];
+    status = psa_get_key_slot( key, &slot );
+    if( status != PSA_SUCCESS )
+        return( status );
 
     *policy = slot->policy;
 
@@ -2570,11 +2629,11 @@ psa_status_t psa_get_key_lifetime( psa_key_slot_t key,
                                    psa_key_lifetime_t *lifetime )
 {
     key_slot_t *slot;
+    psa_status_t status;
 
-    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
-    slot = &global_data.key_slots[key];
+    status = psa_get_key_slot( key, &slot );
+    if( status != PSA_SUCCESS )
+        return( status );
 
     *lifetime = slot->lifetime;
 
@@ -2585,18 +2644,16 @@ psa_status_t psa_set_key_lifetime( psa_key_slot_t key,
                                    psa_key_lifetime_t lifetime )
 {
     key_slot_t *slot;
-
-    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
-        return( PSA_ERROR_INVALID_ARGUMENT );
+    psa_status_t status;
 
     if( lifetime != PSA_KEY_LIFETIME_VOLATILE &&
         lifetime != PSA_KEY_LIFETIME_PERSISTENT &&
         lifetime != PSA_KEY_LIFETIME_WRITE_ONCE)
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    slot = &global_data.key_slots[key];
-    if( slot->type != PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_OCCUPIED_SLOT );
+    status = psa_get_empty_key_slot( key, &slot );
+    if( status != PSA_SUCCESS )
+        return( status );
 
     if( lifetime != PSA_KEY_LIFETIME_VOLATILE )
         return( PSA_ERROR_NOT_SUPPORTED );
@@ -2639,18 +2696,15 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     status = psa_get_key_information( key, &key_type, &key_bits );
     if( status != PSA_SUCCESS )
         return( status );
-    slot = &global_data.key_slots[key];
-    if( slot->type == PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_EMPTY_SLOT );
+    status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg );
+    if( status != PSA_SUCCESS )
+        return( status );
 
     cipher_info = mbedtls_cipher_info_from_psa( alg, key_type,
                                                 key_bits, &cipher_id );
     if( cipher_info == NULL )
         return( PSA_ERROR_NOT_SUPPORTED );
 
-    if( ( slot->policy.usage & PSA_KEY_USAGE_ENCRYPT ) == 0 )
-        return( PSA_ERROR_NOT_PERMITTED );
-
     if( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) !=
         PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
         return( PSA_ERROR_INVALID_ARGUMENT );
@@ -2787,18 +2841,15 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     status = psa_get_key_information( key, &key_type, &key_bits );
     if( status != PSA_SUCCESS )
         return( status );
-    slot = &global_data.key_slots[key];
-    if( slot->type == PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_EMPTY_SLOT );
+    status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DECRYPT, alg );
+    if( status != PSA_SUCCESS )
+        return( status );
 
     cipher_info = mbedtls_cipher_info_from_psa( alg, key_type,
                                                 key_bits, &cipher_id );
     if( cipher_info == NULL )
         return( PSA_ERROR_NOT_SUPPORTED );
 
-    if( !( slot->policy.usage & PSA_KEY_USAGE_DECRYPT ) )
-        return( PSA_ERROR_NOT_PERMITTED );
-
     if( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) !=
         PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
         return( PSA_ERROR_INVALID_ARGUMENT );
@@ -2903,19 +2954,18 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
                                size_t parameters_size )
 {
     key_slot_t *slot;
+    psa_status_t status;
 
-    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    slot = &global_data.key_slots[key];
-    if( slot->type != PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_OCCUPIED_SLOT );
     if( parameters == NULL && parameters_size != 0 )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
+    status = psa_get_empty_key_slot( key, &slot );
+    if( status != PSA_SUCCESS )
+        return( status );
+
     if( key_type_is_raw_bytes( type ) )
     {
-        psa_status_t status = prepare_raw_data_slot( type, bits,
-                                                     &slot->data.raw );
+        status = prepare_raw_data_slot( type, bits, &slot->data.raw );
         if( status != PSA_SUCCESS )
             return( status );
         status = psa_generate_random( slot->data.raw.data,

From 1ae051409f69d0db7c492fa59b57bc8755c71109 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 30 Jun 2018 17:46:59 +0200
Subject: [PATCH 341/889] Fix memory leak when importing an RSA key that is too
 large

---
 library/psa_crypto.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 19db5a9ec..1d5337bfb 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -514,7 +514,10 @@ psa_status_t psa_import_key( psa_key_slot_t key,
                     mbedtls_rsa_context *rsa = mbedtls_pk_rsa( pk );
                     size_t bits = mbedtls_rsa_get_bitlen( rsa );
                     if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
-                        return( PSA_ERROR_NOT_SUPPORTED );
+                    {
+                        status = PSA_ERROR_NOT_SUPPORTED;
+                        break;
+                    }
                     slot->data.rsa = rsa;
                 }
                 else

From 5390f695909db67994d2193f1115132b0a49b551 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Tue, 26 Jun 2018 14:18:50 +0100
Subject: [PATCH 342/889] psa: Use type of block_size consistently

Use size_t for block_size in psa_mac_abort() because
psa_get_hash_block_size() returns a size_t. This also helps to avoid
compiler warnings on LLP64 systems.
---
 library/psa_crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 4b17e5594..dc0a27d6b 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1253,7 +1253,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
 #if defined(MBEDTLS_MD_C)
             if( PSA_ALG_IS_HMAC( operation->alg ) )
             {
-                unsigned int block_size =
+                size_t block_size =
                     psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) );
 
                 if( block_size == 0 )

From 0b352bcf957694d81b747c92e6d71c6d596e84ed Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 28 Jun 2018 00:16:11 +0200
Subject: [PATCH 343/889] Test that creating RSA keys larger than the maximum
 fails

Test keypair import, public key import and key generation.
---
 tests/suites/test_suite_psa_crypto.data     |   9 ++
 tests/suites/test_suite_psa_crypto.function | 118 ++++++++++++++++++++
 2 files changed, 127 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 1181fcd92..b281cb3af 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -129,6 +129,12 @@ PSA import EC keypair: valid key but RSA
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C
 import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ERROR_INVALID_ARGUMENT
 
+PSA import RSA key pair: maximum size exceeded
+import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:1:PSA_ERROR_NOT_SUPPORTED
+
+PSA import RSA public key: maximum size exceeded
+import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED
+
 PSA key policy set and get
 key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE
 
@@ -681,6 +687,9 @@ PSA generate key: RSA, 512 bits, good, encrypt
 depends_on:MBEDTLS_RSA_C
 generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS
 
+PSA generate key: RSA, maximum size exceeded
+generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:PSA_VENDOR_RSA_MAX_KEY_BITS+1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED
+
 PSA generate key: ECC, SECP256R1, good
 depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
 generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_SUCCESS
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 03ce5b33b..0d1a25c82 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1,5 +1,6 @@
 /* BEGIN_HEADER */
 #include <stdint.h>
+#include "mbedtls/asn1write.h"
 #include "psa/crypto.h"
 
 #if(UINT32_MAX > SIZE_MAX)
@@ -37,6 +38,88 @@ static int key_type_is_raw_bytes( psa_key_type_t type )
             category == PSA_KEY_TYPE_CATEGORY_SYMMETRIC );
 }
 
+/* Write the ASN.1 INTEGER with the value 2^(bits-1)+x backwards from *p. */
+static int asn1_write_10x( unsigned char **p,
+                           unsigned char *start,
+                           size_t bits,
+                           unsigned char x )
+{
+    int ret;
+    int len = bits / 8 + 1;
+    if( x >= 1 << bits )
+        return( MBEDTLS_ERR_ASN1_INVALID_DATA );
+    if( *p < start || *p - start < (ssize_t) len )
+        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+    *p -= len;
+    ( *p )[len-1] = x;
+    if( bits % 8 == 0 )
+        ( *p )[1] |= 1;
+    else
+        ( *p )[0] |= 1 << ( bits % 8 );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start,
+                                                       MBEDTLS_ASN1_INTEGER ) );
+    return( len );
+}
+
+static int construct_fake_rsa_key( unsigned char *buffer,
+                                   size_t buffer_size,
+                                   unsigned char **p,
+                                   size_t bits,
+                                   int keypair )
+{
+    size_t half_bits = ( bits + 1 ) / 2;
+    int ret;
+    int len = 0;
+    /* Construct something that looks like a DER encoding of
+     * as defined by PKCS#1 v2.2 (RFC 8017) section A.1.2:
+     *   RSAPrivateKey ::= SEQUENCE {
+     *       version           Version,
+     *       modulus           INTEGER,  -- n
+     *       publicExponent    INTEGER,  -- e
+     *       privateExponent   INTEGER,  -- d
+     *       prime1            INTEGER,  -- p
+     *       prime2            INTEGER,  -- q
+     *       exponent1         INTEGER,  -- d mod (p-1)
+     *       exponent2         INTEGER,  -- d mod (q-1)
+     *       coefficient       INTEGER,  -- (inverse of q) mod p
+     *       otherPrimeInfos   OtherPrimeInfos OPTIONAL
+     *   }
+     * Or, for a public key, the same structure with only
+     * version, modulus and publicExponent.
+     */
+    *p = buffer + buffer_size;
+    if( keypair )
+    {
+        MBEDTLS_ASN1_CHK_ADD( len, /* pq */
+                              asn1_write_10x( p, buffer, half_bits, 1 ) );
+        MBEDTLS_ASN1_CHK_ADD( len, /* dq */
+                              asn1_write_10x( p, buffer, half_bits, 1 ) );
+        MBEDTLS_ASN1_CHK_ADD( len, /* dp */
+                              asn1_write_10x( p, buffer, half_bits, 1 ) );
+        MBEDTLS_ASN1_CHK_ADD( len, /* q */
+                              asn1_write_10x( p, buffer, half_bits, 1 ) );
+        MBEDTLS_ASN1_CHK_ADD( len, /* p != q to pass mbedtls sanity checks */
+                              asn1_write_10x( p, buffer, half_bits, 3 ) );
+        MBEDTLS_ASN1_CHK_ADD( len, /* d */
+                              asn1_write_10x( p, buffer, bits, 1 ) );
+    }
+    MBEDTLS_ASN1_CHK_ADD( len, /* e = 65537 */
+                          asn1_write_10x( p, buffer, 17, 1 ) );
+    MBEDTLS_ASN1_CHK_ADD( len, /* n */
+                          asn1_write_10x( p, buffer, bits, 1 ) );
+    if( keypair )
+        MBEDTLS_ASN1_CHK_ADD( len, /* version = 0 */
+                              mbedtls_asn1_write_int( p, buffer, 0 ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, buffer, len ) );
+    {
+        const unsigned char tag =
+            MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE;
+        MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, buffer, tag ) );
+    }
+    return( len );
+}
+
 static int exercise_mac_key( psa_key_slot_t key,
                              psa_key_usage_t usage,
                              psa_algorithm_t alg )
@@ -304,6 +387,41 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg )
+{
+    int slot = 1;
+    size_t bits = bits_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_status_t status;
+    psa_key_type_t type =
+        keypair ? PSA_KEY_TYPE_RSA_KEYPAIR : PSA_KEY_TYPE_RSA_PUBLIC_KEY;
+    size_t buffer_size = /* Slight overapproximations */
+        keypair ? bits * 9 / 16 + 80 : bits / 8 + 20;
+    unsigned char *buffer = mbedtls_calloc( 1, buffer_size );
+    unsigned char *p;
+    int ret;
+    size_t length;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    TEST_ASSERT( buffer != NULL );
+
+    TEST_ASSERT( ( ret = construct_fake_rsa_key( buffer, buffer_size, &p,
+                                                 bits, keypair ) ) >= 0 );
+    length = ret;
+
+    /* Try importing the key */
+    status = psa_import_key( slot, type, p, length );
+    TEST_ASSERT( status == expected_status );
+    if( status == PSA_SUCCESS )
+        TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
+
+exit:
+    mbedtls_free( buffer );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void import_export( data_t *data,
                     int type_arg,

From 860ce9d9e53c700cdc20819fd70bae46d9262932 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 28 Jun 2018 12:23:00 +0200
Subject: [PATCH 344/889] Document what the signature tests are doing a bit
 better

Add a check that the purported output length is less than the buffer
size in sign_fail.
---
 tests/suites/test_suite_psa_crypto.function | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 2fba85414..1959e13d0 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1589,17 +1589,21 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
                                           NULL,
                                           &key_bits ) == PSA_SUCCESS );
 
+    /* Allocate a buffer which has the size advertized by the
+     * library. */
     signature_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( key_type,
                                                       key_bits, alg );
     TEST_ASSERT( signature_size != 0 );
     signature = mbedtls_calloc( 1, signature_size );
     TEST_ASSERT( signature != NULL );
 
+    /* Perform the signature. */
     TEST_ASSERT( psa_asymmetric_sign( slot, alg,
                                       input_data->x, input_data->len,
                                       NULL, 0,
                                       signature, signature_size,
                                       &signature_length ) == PSA_SUCCESS );
+    /* Verify that the signature is correct. */
     TEST_ASSERT( signature_length == output_data->len );
     TEST_ASSERT( memcmp( signature, output_data->x,
                          output_data->len ) == 0 );
@@ -1614,11 +1618,12 @@ exit:
 /* BEGIN_CASE */
 void sign_fail( int key_type_arg, data_t *key_data,
                 int alg_arg, data_t *input_data,
-                int signature_size, int expected_status_arg )
+                int signature_size_arg, int expected_status_arg )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
+    size_t signature_size = signature_size_arg;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
     unsigned char *signature = NULL;
@@ -1649,7 +1654,11 @@ void sign_fail( int key_type_arg, data_t *key_data,
                                          signature, signature_size,
                                          &signature_length );
     TEST_ASSERT( actual_status == expected_status );
-    TEST_ASSERT( signature_length == 0 );
+    /* The value of *signature_length is unspecified on error, but
+     * whatever it is, it should be less than signature_size, so that
+     * if the caller tries to read *signature_length bytes without
+     * checking the error code then they don't overflow a buffer. */
+    TEST_ASSERT( signature_length <= signature_size );
 
 exit:
     psa_destroy_key( slot );

From 630a18a51e8e04a2a73eff86f14786ca13f464d7 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 29 Jun 2018 17:49:35 +0200
Subject: [PATCH 345/889] Don't break the rsa context abstraction

This would fail on alternative implementation.
---
 library/psa_crypto.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 9988ec09e..af0b2f61a 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1774,7 +1774,7 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa,
     if( status != PSA_SUCCESS )
         return( status );
 
-    if( signature_size < rsa->len )
+    if( signature_size < mbedtls_rsa_get_len( rsa ) )
         return( PSA_ERROR_BUFFER_TOO_SMALL );
 
     /* The Mbed TLS RSA module uses an unsigned int for hash_length. See if
@@ -1822,7 +1822,7 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa,
     }
 
     if( ret == 0 )
-        *signature_length = rsa->len;
+        *signature_length = mbedtls_rsa_get_len( rsa );
     return( mbedtls_to_psa_error( ret ) );
 }
 
@@ -1841,7 +1841,7 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa,
     if( status != PSA_SUCCESS )
         return( status );
 
-    if( signature_length < rsa->len )
+    if( signature_length < mbedtls_rsa_get_len( rsa ) )
         return( PSA_ERROR_BUFFER_TOO_SMALL );
 
 #if defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21)
@@ -2124,7 +2124,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
     {
         mbedtls_rsa_context *rsa = slot->data.rsa;
         int ret;
-        if( output_size < rsa->len )
+        if( output_size < mbedtls_rsa_get_len( rsa ) )
             return( PSA_ERROR_INVALID_ARGUMENT );
 #if defined(MBEDTLS_PKCS1_V15)
         if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT )
@@ -2150,7 +2150,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
             return( PSA_ERROR_INVALID_ARGUMENT );
         }
         if( ret == 0 )
-            *output_length = rsa->len;
+            *output_length = mbedtls_rsa_get_len( rsa );
         return( mbedtls_to_psa_error( ret ) );
     }
     else
@@ -2189,7 +2189,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
         mbedtls_rsa_context *rsa = slot->data.rsa;
         int ret;
 
-        if( input_length != rsa->len )
+        if( input_length != mbedtls_rsa_get_len( rsa ) )
             return( PSA_ERROR_INVALID_ARGUMENT );
 
 #if defined(MBEDTLS_PKCS1_V15)

From edd11a14aad385d508b85986580f432f1ac2e187 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 01:08:58 +0200
Subject: [PATCH 346/889] Doc: add [in] or [out] annotations to pointer
 arguments

---
 include/psa/crypto.h | 327 ++++++++++++++++++++++---------------------
 1 file changed, 166 insertions(+), 161 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index e57f5647e..c2144fb49 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -963,7 +963,7 @@ typedef uint32_t psa_algorithm_t;
  *                    valid slot for a key of the chosen type. It must
  *                    be unoccupied.
  * \param type        Key type (a \c PSA_KEY_TYPE_XXX value).
- * \param data        Buffer containing the key data.
+ * \param[in] data    Buffer containing the key data.
  * \param data_length Size of the \c data buffer in bytes.
  *
  * \retval #PSA_SUCCESS
@@ -1027,10 +1027,10 @@ psa_status_t psa_destroy_key(psa_key_slot_t key);
  *
  * \param key           Slot whose content is queried. This must
  *                      be an occupied key slot.
- * \param type          On success, the key type (a \c PSA_KEY_TYPE_XXX value).
+ * \param[out] type     On success, the key type (a \c PSA_KEY_TYPE_XXX value).
  *                      This may be a null pointer, in which case the key type
  *                      is not written.
- * \param bits          On success, the key size in bits.
+ * \param[out] bits     On success, the key size in bits.
  *                      This may be a null pointer, in which case the key size
  *                      is not written.
  *
@@ -1069,12 +1069,12 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the format
  *   is the DER representation defined by RFC 5280 as SubjectPublicKeyInfo.
  *
- * \param key           Slot whose content is to be exported. This must
- *                      be an occupied key slot.
- * \param data          Buffer where the key data is to be written.
- * \param data_size     Size of the \c data buffer in bytes.
- * \param data_length   On success, the number of bytes
- *                      that make up the key data.
+ * \param key               Slot whose content is to be exported. This must
+ *                          be an occupied key slot.
+ * \param[out] data         Buffer where the key data is to be written.
+ * \param data_size         Size of the \c data buffer in bytes.
+ * \param[out] data_length  On success, the number of bytes
+ *                          that make up the key data.
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_EMPTY_SLOT
@@ -1100,12 +1100,12 @@ psa_status_t psa_export_key(psa_key_slot_t key,
  *   the format is the DER representation of the public key defined by RFC 5280
  *   as SubjectPublicKeyInfo.
  *
- * \param key           Slot whose content is to be exported. This must
- *                      be an occupied key slot.
- * \param data          Buffer where the key data is to be written.
- * \param data_size     Size of the \c data buffer in bytes.
- * \param data_length   On success, the number of bytes
- *                      that make up the key data.
+ * \param key               Slot whose content is to be exported. This must
+ *                          be an occupied key slot.
+ * \param[out] data         Buffer where the key data is to be written.
+ * \param data_size         Size of the \c data buffer in bytes.
+ * \param[out] data_length  On success, the number of bytes
+ *                          that make up the key data.
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_EMPTY_SLOT
@@ -1257,7 +1257,7 @@ typedef uint32_t psa_key_lifetime_t;
  * The assignment of lifetimes to slots is implementation-dependent.
  *
  * \param key           Slot to query.
- * \param lifetime      On success, the lifetime value.
+ * \param[out] lifetime On success, the lifetime value.
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -1365,9 +1365,9 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
  * - A failed call to psa_hash_update().
  * - A call to psa_hash_finish(), psa_hash_verify() or psa_hash_abort().
  *
- * \param operation The operation object to use.
- * \param alg       The hash algorithm to compute (\c PSA_ALG_XXX value
- *                  such that #PSA_ALG_IS_HASH(\p alg) is true).
+ * \param[out] operation    The operation object to use.
+ * \param alg               The hash algorithm to compute (\c PSA_ALG_XXX value
+ *                          such that #PSA_ALG_IS_HASH(\p alg) is true).
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -1387,9 +1387,9 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
  *
  * If this function returns an error status, the operation becomes inactive.
  *
- * \param operation     Active hash operation.
- * \param input         Buffer containing the message fragment to hash.
- * \param input_length  Size of the \c input buffer in bytes.
+ * \param[in,out] operation Active hash operation.
+ * \param[in] input         Buffer containing the message fragment to hash.
+ * \param input_length      Size of the \c input buffer in bytes.
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -1420,13 +1420,13 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation,
  *          about the hashed data which could allow an attacker to guess
  *          a valid hash and thereby bypass security controls.
  *
- * \param operation     Active hash operation.
- * \param hash          Buffer where the hash is to be written.
- * \param hash_size     Size of the \p hash buffer in bytes.
- * \param hash_length   On success, the number of bytes
- *                      that make up the hash value. This is always
- *                      #PSA_HASH_SIZE(`alg`) where `alg` is the
- *                      hash algorithm that is calculated.
+ * \param[in,out] operation     Active hash operation.
+ * \param[out] hash             Buffer where the hash is to be written.
+ * \param hash_size             Size of the \p hash buffer in bytes.
+ * \param[out] hash_length      On success, the number of bytes
+ *                              that make up the hash value. This is always
+ *                              #PSA_HASH_SIZE(`alg`) where `alg` is the
+ *                              hash algorithm that is calculated.
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -1461,9 +1461,9 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
  * comparison between the actual hash and the expected hash is performed
  * in constant time.
  *
- * \param operation     Active hash operation.
- * \param hash          Buffer containing the expected hash value.
- * \param hash_length   Size of the \c hash buffer in bytes.
+ * \param[in,out] operation     Active hash operation.
+ * \param[in] hash              Buffer containing the expected hash value.
+ * \param hash_length           Size of the \c hash buffer in bytes.
  *
  * \retval #PSA_SUCCESS
  *         The expected hash is identical to the actual hash of the message.
@@ -1493,7 +1493,7 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
  * to be indistinguishable from an active hash operation, and the behavior
  * of psa_hash_abort() is undefined in this case.
  *
- * \param operation     Active hash operation.
+ * \param[in,out] operation     Active hash operation.
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_BAD_STATE
@@ -1544,10 +1544,10 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
  * - A failed call to psa_mac_update().
  * - A call to psa_mac_sign_finish() or psa_mac_abort().
  *
- * \param operation The operation object to use.
- * \param key       Slot containing the key to use for the operation.
- * \param alg       The MAC algorithm to compute (\c PSA_ALG_XXX value
- *                  such that #PSA_ALG_IS_MAC(alg) is true).
+ * \param[out] operation    The operation object to use.
+ * \param key               Slot containing the key to use for the operation.
+ * \param alg               The MAC algorithm to compute (\c PSA_ALG_XXX value
+ *                          such that #PSA_ALG_IS_MAC(alg) is true).
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -1592,10 +1592,10 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
  * - A failed call to psa_mac_update().
  * - A call to psa_mac_verify_finish() or psa_mac_abort().
  *
- * \param operation The operation object to use.
- * \param key       Slot containing the key to use for the operation.
- * \param alg       The MAC algorithm to compute (\c PSA_ALG_XXX value
- *                  such that #PSA_ALG_IS_MAC(\p alg) is true).
+ * \param[out] operation    The operation object to use.
+ * \param key               Slot containing the key to use for the operation.
+ * \param alg               The MAC algorithm to compute (\c PSA_ALG_XXX value
+ *                          such that #PSA_ALG_IS_MAC(\p alg) is true).
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -1621,10 +1621,10 @@ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
  *
  * If this function returns an error status, the operation becomes inactive.
  *
- * \param operation     Active MAC operation.
- * \param input         Buffer containing the message fragment to add to
- *                      the MAC calculation.
- * \param input_length  Size of the \c input buffer in bytes.
+ * \param[in,out] operation Active MAC operation.
+ * \param[in] input         Buffer containing the message fragment to add to
+ *                          the MAC calculation.
+ * \param input_length      Size of the \c input buffer in bytes.
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -1655,15 +1655,15 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation,
  *          about the MAC value which could allow an attacker to guess
  *          a valid MAC and thereby bypass security controls.
  *
- * \param operation     Active MAC operation.
- * \param mac           Buffer where the MAC value is to be written.
- * \param mac_size      Size of the \p mac buffer in bytes.
- * \param mac_length    On success, the number of bytes
- *                      that make up the MAC value. This is always
- *                      #PSA_MAC_FINAL_SIZE(\c key_type, \c key_bits, \p alg)
- *                      where \c key_type and \c key_bits are the type and
- *                      bit-size respectively of \c key and `alg` is the
- *                      MAC algorithm that is calculated.
+ * \param[in,out] operation Active MAC operation.
+ * \param[out] mac          Buffer where the MAC value is to be written.
+ * \param mac_size          Size of the \p mac buffer in bytes.
+ * \param[out] mac_length   On success, the number of bytes
+ *                          that make up the MAC value. This is always
+ *                          #PSA_MAC_FINAL_SIZE(\c key_type, \c key_bits, \p alg)
+ *                          where \c key_type and \c key_bits are the type and
+ *                          bit-size respectively of \c key and `alg` is the
+ *                          MAC algorithm that is calculated.
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -1697,9 +1697,9 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
  * comparison between the actual MAC and the expected MAC is performed
  * in constant time.
  *
- * \param operation     Active MAC operation.
- * \param mac           Buffer containing the expected MAC value.
- * \param mac_length    Size of the \c mac buffer in bytes.
+ * \param[in,out] operation Active MAC operation.
+ * \param[in] mac           Buffer containing the expected MAC value.
+ * \param mac_length        Size of the \c mac buffer in bytes.
  *
  * \retval #PSA_SUCCESS
  *         The expected MAC is identical to the actual MAC of the message.
@@ -1730,7 +1730,7 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
  * to be indistinguishable from an active MAC operation, and the behavior
  * of psa_mac_abort() is undefined in this case.
  *
- * \param operation     Active MAC operation.
+ * \param[in,out] operation Active MAC operation.
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_BAD_STATE
@@ -1781,10 +1781,11 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
  *   or psa_cipher_update().
  * - A call to psa_cipher_finish() or psa_cipher_abort().
  *
- * \param operation The operation object to use.
- * \param key       Slot containing the key to use for the operation.
- * \param alg       The cipher algorithm to compute (\c PSA_ALG_XXX value
- *                  such that #PSA_ALG_IS_CIPHER(\p alg) is true).
+ * \param[out] operation        The operation object to use.
+ * \param key                   Slot containing the key to use for the operation.
+ * \param alg                   The cipher algorithm to compute
+ *                              (\c PSA_ALG_XXX value such that
+ *                              #PSA_ALG_IS_CIPHER(\p alg) is true).
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -1829,10 +1830,11 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
  * - A failed call to psa_cipher_update().
  * - A call to psa_cipher_finish() or psa_cipher_abort().
  *
- * \param operation The operation object to use.
- * \param key       Slot containing the key to use for the operation.
- * \param alg       The cipher algorithm to compute (\c PSA_ALG_XXX value
- *                  such that #PSA_ALG_IS_CIPHER(\p alg) is true).
+ * \param[out] operation        The operation object to use.
+ * \param key                   Slot containing the key to use for the operation.
+ * \param alg                   The cipher algorithm to compute
+ *                              (\c PSA_ALG_XXX value such that
+ *                              #PSA_ALG_IS_CIPHER(\p alg) is true).
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -1862,10 +1864,11 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
  *
  * If this function returns an error status, the operation becomes inactive.
  *
- * \param operation     Active cipher operation.
- * \param iv            Buffer where the generated IV is to be written.
- * \param iv_size       Size of the \c iv buffer in bytes.
- * \param iv_length     On success, the number of bytes of the generated IV.
+ * \param[in,out] operation     Active cipher operation.
+ * \param[out] iv               Buffer where the generated IV is to be written.
+ * \param iv_size               Size of the \c iv buffer in bytes.
+ * \param[out] iv_length        On success, the number of bytes of the
+ *                              generated IV.
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -1897,9 +1900,9 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
  * instead of this function, unless implementing a protocol that requires
  * a non-random IV.
  *
- * \param operation     Active cipher operation.
- * \param iv            Buffer containing the IV to use.
- * \param iv_length     Size of the IV in bytes.
+ * \param[in,out] operation     Active cipher operation.
+ * \param[in] iv                Buffer containing the IV to use.
+ * \param iv_length             Size of the IV in bytes.
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -1928,14 +1931,14 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
  *
  * If this function returns an error status, the operation becomes inactive.
  *
- * \param operation     Active cipher operation.
- * \param input         Buffer containing the message fragment to
- *                      encrypt or decrypt.
- * \param input_length  Size of the \c input buffer in bytes.
- * \param output        Buffer where the output is to be written.
- * \param output_size   Size of the \c output buffer in bytes.
- * \param output_length On success, the number of bytes
- *                      that make up the returned output.
+ * \param[in,out] operation     Active cipher operation.
+ * \param[in] input             Buffer containing the message fragment to
+ *                              encrypt or decrypt.
+ * \param input_length          Size of the \c input buffer in bytes.
+ * \param[out] output           Buffer where the output is to be written.
+ * \param output_size           Size of the \c output buffer in bytes.
+ * \param[out] output_length    On success, the number of bytes
+ *                              that make up the returned output.
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -1969,11 +1972,11 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
  *
  * When this function returns, the operation becomes inactive.
  *
- * \param operation     Active cipher operation.
- * \param output        Buffer where the output is to be written.
- * \param output_size   Size of the \c output buffer in bytes.
- * \param output_length On success, the number of bytes
- *                      that make up the returned output.
+ * \param[in,out] operation     Active cipher operation.
+ * \param[out] output           Buffer where the output is to be written.
+ * \param output_size           Size of the \c output buffer in bytes.
+ * \param[out] output_length    On success, the number of bytes
+ *                              that make up the returned output.
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -2005,7 +2008,7 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
  * to be indistinguishable from an active cipher operation, and the behavior
  * of psa_cipher_abort() is undefined in this case.
  *
- * \param operation     Active cipher operation.
+ * \param[in,out] operation     Active cipher operation.
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_BAD_STATE
@@ -2048,15 +2051,15 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
  * \param alg                     The AEAD algorithm to compute
  *                                (\c PSA_ALG_XXX value such that
  *                                #PSA_ALG_IS_AEAD(\p alg) is true).
- * \param nonce                   Nonce or IV to use.
+ * \param[in] nonce               Nonce or IV to use.
  * \param nonce_length            Size of the \p nonce buffer in bytes.
- * \param additional_data         Additional data that will be authenticated
+ * \param[in] additional_data     Additional data that will be authenticated
  *                                but not encrypted.
  * \param additional_data_length  Size of \p additional_data in bytes.
- * \param plaintext               Data that will be authenticated and
+ * \param[in] plaintext           Data that will be authenticated and
  *                                encrypted.
  * \param plaintext_length        Size of \p plaintext in bytes.
- * \param ciphertext              Output buffer for the authenticated and
+ * \param[out] ciphertext         Output buffer for the authenticated and
  *                                encrypted data. The additional data is not
  *                                part of this output. For algorithms where the
  *                                encrypted data and the authentication tag
@@ -2067,7 +2070,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
  *                                This must be at least
  *                                #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg,
  *                                \p plaintext_length).
- * \param ciphertext_length       On success, the size of the output
+ * \param[out] ciphertext_length  On success, the size of the output
  *                                in the \b ciphertext buffer.
  *
  * \retval #PSA_SUCCESS
@@ -2101,24 +2104,24 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
  * \param alg                     The AEAD algorithm to compute
  *                                (\c PSA_ALG_XXX value such that
  *                                #PSA_ALG_IS_AEAD(\p alg) is true).
- * \param nonce                   Nonce or IV to use.
+ * \param[in] nonce               Nonce or IV to use.
  * \param nonce_length            Size of the \p nonce buffer in bytes.
- * \param additional_data         Additional data that has been authenticated
+ * \param[in] additional_data     Additional data that has been authenticated
  *                                but not encrypted.
  * \param additional_data_length  Size of \p additional_data in bytes.
- * \param ciphertext              Data that has been authenticated and
+ * \param[in] ciphertext          Data that has been authenticated and
  *                                encrypted. For algorithms where the
  *                                encrypted data and the authentication tag
  *                                are defined as separate inputs, the buffer
  *                                must contain the encrypted data followed
  *                                by the authentication tag.
  * \param ciphertext_length       Size of \p ciphertext in bytes.
- * \param plaintext               Output buffer for the decrypted data.
+ * \param[out] plaintext          Output buffer for the decrypted data.
  * \param plaintext_size          Size of the \p plaintext buffer in bytes.
  *                                This must be at least
  *                                #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg,
  *                                \p ciphertext_length).
- * \param plaintext_length        On success, the size of the output
+ * \param[out] plaintext_length   On success, the size of the output
  *                                in the \b plaintext buffer.
  *
  * \retval #PSA_SUCCESS
@@ -2174,24 +2177,24 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
  * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg)
  * to determine the hash algorithm to use.
  *
- * \param key               Key slot containing an asymmetric key pair.
- * \param alg               A signature algorithm that is compatible with
- *                          the type of \c key.
- * \param hash              The hash or message to sign.
- * \param hash_length       Size of the \c hash buffer in bytes.
- * \param salt              A salt or label, if supported by the signature
- *                          algorithm.
- *                          If the signature algorithm does not support a
- *                          salt, pass \c NULL.
- *                          If the signature algorithm supports an optional
- *                          salt and you do not want to pass a salt,
- *                          pass \c NULL.
- * \param salt_length       Size of the \c salt buffer in bytes.
- *                          If \c salt is \c NULL, pass 0.
- * \param signature         Buffer where the signature is to be written.
- * \param signature_size    Size of the \c signature buffer in bytes.
- * \param signature_length  On success, the number of bytes
- *                          that make up the returned signature value.
+ * \param key                   Key slot containing an asymmetric key pair.
+ * \param alg                   A signature algorithm that is compatible with
+ *                              the type of \c key.
+ * \param[in] hash              The hash or message to sign.
+ * \param hash_length           Size of the \c hash buffer in bytes.
+ * \param[in] salt              A salt or label, if supported by the
+ *                              signature algorithm.
+ *                              If the signature algorithm does not support
+ *                              a salt, pass \c NULL.
+ *                              If the signature algorithm supports an
+ *                              optional salt and you do not want to pass
+ *                              a salt, pass \c NULL.
+ * \param salt_length           Size of the \c salt buffer in bytes.
+ *                              If \c salt is \c NULL, pass 0.
+ * \param[out] signature        Buffer where the signature is to be written.
+ * \param signature_size        Size of the \c signature buffer in bytes.
+ * \param[out] signature_length On success, the number of bytes
+ *                              that make up the returned signature value.
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
@@ -2231,10 +2234,10 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
  *                          asymmetric key pair.
  * \param alg               A signature algorithm that is compatible with
  *                          the type of \c key.
- * \param hash              The hash or message whose signature is to be
+ * \param[in] hash          The hash or message whose signature is to be
  *                          verified.
  * \param hash_length       Size of the \c hash buffer in bytes.
- * \param salt              A salt or label, if supported by the signature
+ * \param[in] salt          A salt or label, if supported by the signature
  *                          algorithm.
  *                          If the signature algorithm does not support a
  *                          salt, pass \c NULL.
@@ -2243,7 +2246,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
  *                          pass \c NULL.
  * \param salt_length       Size of the \c salt buffer in bytes.
  *                          If \c salt is \c NULL, pass 0.
- * \param signature         Buffer containing the signature to verify.
+ * \param[in] signature     Buffer containing the signature to verify.
  * \param signature_length  Size of the \c signature buffer in bytes.
  *
  * \retval #PSA_SUCCESS
@@ -2275,28 +2278,29 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
 /**
  * \brief Encrypt a short message with a public key.
  *
- * \param key               Key slot containing a public key or an asymmetric
- *                          key pair.
- * \param alg               An asymmetric encryption algorithm that is
- *                          compatible with the type of \c key.
- * \param input             The message to encrypt.
- * \param input_length      Size of the \c input buffer in bytes.
- * \param salt              A salt or label, if supported by the encryption
- *                          algorithm.
- *                          If the algorithm does not support a
- *                          salt, pass \c NULL.
- *                          If the algorithm supports an optional
- *                          salt and you do not want to pass a salt,
- *                          pass \c NULL.
+ * \param key                   Key slot containing a public key or an
+ *                              asymmetric key pair.
+ * \param alg                   An asymmetric encryption algorithm that is
+ *                              compatible with the type of \c key.
+ * \param[in] input             The message to encrypt.
+ * \param input_length          Size of the \c input buffer in bytes.
+ * \param[in] salt              A salt or label, if supported by the
+ *                              encryption algorithm.
+ *                              If the algorithm does not support a
+ *                              salt, pass \c NULL.
+ *                              If the algorithm supports an optional
+ *                              salt and you do not want to pass a salt,
+ *                              pass \c NULL.
  *
- *                          - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
- *                            supported.
- * \param salt_length       Size of the \c salt buffer in bytes.
- *                          If \c salt is \c NULL, pass 0.
- * \param output            Buffer where the encrypted message is to be written.
- * \param output_size       Size of the \c output buffer in bytes.
- * \param output_length     On success, the number of bytes
- *                          that make up the returned output.
+ *                              - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
+ *                                supported.
+ * \param salt_length           Size of the \c salt buffer in bytes.
+ *                              If \c salt is \c NULL, pass 0.
+ * \param[out] output           Buffer where the encrypted message is to
+ *                              be written.
+ * \param output_size           Size of the \c output buffer in bytes.
+ * \param[out] output_length    On success, the number of bytes
+ *                              that make up the returned output.
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
@@ -2326,27 +2330,28 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
 /**
  * \brief Decrypt a short message with a private key.
  *
- * \param key               Key slot containing an asymmetric key pair.
- * \param alg               An asymmetric encryption algorithm that is
- *                          compatible with the type of \c key.
- * \param input             The message to decrypt.
- * \param input_length      Size of the \c input buffer in bytes.
- * \param salt              A salt or label, if supported by the encryption
- *                          algorithm.
- *                          If the algorithm does not support a
- *                          salt, pass \c NULL.
- *                          If the algorithm supports an optional
- *                          salt and you do not want to pass a salt,
- *                          pass \c NULL.
+ * \param key                   Key slot containing an asymmetric key pair.
+ * \param alg                   An asymmetric encryption algorithm that is
+ *                              compatible with the type of \c key.
+ * \param[in] input             The message to decrypt.
+ * \param input_length          Size of the \c input buffer in bytes.
+ * \param[in] salt              A salt or label, if supported by the
+ *                              encryption algorithm.
+ *                              If the algorithm does not support a
+ *                              salt, pass \c NULL.
+ *                              If the algorithm supports an optional
+ *                              salt and you do not want to pass a salt,
+ *                              pass \c NULL.
  *
- *                          - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
- *                            supported.
- * \param salt_length       Size of the \c salt buffer in bytes.
- *                          If \c salt is \c NULL, pass 0.
- * \param output            Buffer where the decrypted message is to be written.
- * \param output_size       Size of the \c output buffer in bytes.
- * \param output_length     On success, the number of bytes
- *                          that make up the returned output.
+ *                              - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
+ *                                supported.
+ * \param salt_length           Size of the \c salt buffer in bytes.
+ *                              If \c salt is \c NULL, pass 0.
+ * \param[out] output           Buffer where the decrypted message is to
+ *                              be written.
+ * \param output_size           Size of the \c output buffer in bytes.
+ * \param[out] output_length    On success, the number of bytes
+ *                              that make up the returned output.
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
@@ -2389,7 +2394,7 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
  *
  * \note    To generate a key, use psa_generate_key() instead.
  *
- * \param output            Output buffer for the generated data.
+ * \param[out] output       Output buffer for the generated data.
  * \param output_size       Number of bytes to generate and output.
  *
  * \retval #PSA_SUCCESS
@@ -2410,7 +2415,7 @@ psa_status_t psa_generate_random(uint8_t *output,
  *                          be unoccupied.
  * \param type              Key type (a \c PSA_KEY_TYPE_XXX value).
  * \param bits              Key size in bits.
- * \param parameters        Extra parameters for key generation. The
+ * \param[in] parameters    Extra parameters for key generation. The
  *                          interpretation of this parameter depends on
  *                          \c type. All types support \c NULL to use
  *                          the default parameters specified below.

From da8191d1cd031d06fa78208f22dafadf659d0ca8 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sun, 8 Jul 2018 19:46:38 +0200
Subject: [PATCH 347/889] Rename psa_hash_start -> psa_hash_setup

Make function names for multipart operations more consistent (hash
edition).
---
 include/psa/crypto.h                        | 20 ++++++++++----------
 library/psa_crypto.c                        |  8 ++++----
 tests/suites/test_suite_psa_crypto.function |  6 +++---
 3 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 07ee00061..1ee403cf7 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1165,7 +1165,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
  * is as follows:
  * -# Allocate an operation object which will be passed to all the functions
  *    listed here.
- * -# Call psa_hash_start() to specify the algorithm.
+ * -# Call psa_hash_setup() to specify the algorithm.
  * -# Call psa_hash_update() zero, one or more times, passing a fragment
  *    of the message each time. The hash that is calculated is the hash
  *    of the concatenation of these messages in order.
@@ -1173,9 +1173,9 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
  *    To compare the hash with an expected value, call psa_hash_verify().
  *
  * The application may call psa_hash_abort() at any time after the operation
- * has been initialized with psa_hash_start().
+ * has been initialized with psa_hash_setup().
  *
- * After a successful call to psa_hash_start(), the application must
+ * After a successful call to psa_hash_setup(), the application must
  * eventually terminate the operation. The following events terminate an
  * operation:
  * - A failed call to psa_hash_update().
@@ -1194,12 +1194,12 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
  * \retval PSA_ERROR_HARDWARE_FAILURE
  * \retval PSA_ERROR_TAMPERING_DETECTED
  */
-psa_status_t psa_hash_start(psa_hash_operation_t *operation,
+psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
                             psa_algorithm_t alg);
 
 /** Add a message fragment to a multipart hash operation.
  *
- * The application must call psa_hash_start() before calling this function.
+ * The application must call psa_hash_setup() before calling this function.
  *
  * If this function returns an error status, the operation becomes inactive.
  *
@@ -1222,7 +1222,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation,
 
 /** Finish the calculation of the hash of a message.
  *
- * The application must call psa_hash_start() before calling this function.
+ * The application must call psa_hash_setup() before calling this function.
  * This function calculates the hash of the message formed by concatenating
  * the inputs passed to preceding calls to psa_hash_update().
  *
@@ -1265,7 +1265,7 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
 /** Finish the calculation of the hash of a message and compare it with
  * an expected value.
  *
- * The application must call psa_hash_start() before calling this function.
+ * The application must call psa_hash_setup() before calling this function.
  * This function calculates the hash of the message formed by concatenating
  * the inputs passed to preceding calls to psa_hash_update(). It then
  * compares the calculated hash with the expected hash passed as a
@@ -1299,7 +1299,7 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
 
 /** Abort a hash operation.
  *
- * This function may be called at any time after psa_hash_start().
+ * This function may be called at any time after psa_hash_setup().
  * Aborting an operation frees all associated resources except for the
  * \c operation structure itself.
  *
@@ -1680,7 +1680,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
  * \brief Sign a hash or short message with a private key.
  *
  * Note that to perform a hash-and-sign signature algorithm, you must
- * first calculate the hash by calling psa_hash_start(), psa_hash_update()
+ * first calculate the hash by calling psa_hash_setup(), psa_hash_update()
  * and psa_hash_finish(). Then pass the resulting hash as the \p hash
  * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg)
  * to determine the hash algorithm to use.
@@ -1733,7 +1733,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
  * \brief Verify the signature a hash or short message using a public key.
  *
  * Note that to perform a hash-and-sign signature algorithm, you must
- * first calculate the hash by calling psa_hash_start(), psa_hash_update()
+ * first calculate the hash by calling psa_hash_setup(), psa_hash_update()
  * and psa_hash_finish(). Then pass the resulting hash as the \p hash
  * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg)
  * to determine the hash algorithm to use.
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index cc996a01c..76e1a68e5 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -944,7 +944,7 @@ psa_status_t psa_hash_abort( psa_hash_operation_t *operation )
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_hash_start( psa_hash_operation_t *operation,
+psa_status_t psa_hash_setup( psa_hash_operation_t *operation,
                              psa_algorithm_t alg )
 {
     int ret;
@@ -1311,7 +1311,7 @@ static psa_status_t psa_mac_init( psa_mac_operation_t *operation,
 #if defined(MBEDTLS_MD_C)
     if( PSA_ALG_IS_HMAC( operation->alg ) )
     {
-        status = psa_hash_start( &operation->ctx.hmac.hash_ctx,
+        status = psa_hash_setup( &operation->ctx.hmac.hash_ctx,
                                  PSA_ALG_HMAC_HASH( alg ) );
     }
     else
@@ -1445,7 +1445,7 @@ static int psa_hmac_start( psa_mac_operation_t *operation,
         opad[i] = ipad[i] ^ 0x36 ^ 0x5C;
     memset( opad + key_length, 0x5C, block_size - key_length );
 
-    status = psa_hash_start( &operation->ctx.hmac.hash_ctx,
+    status = psa_hash_setup( &operation->ctx.hmac.hash_ctx,
                              PSA_ALG_HMAC_HASH( alg ) );
     if( status != PSA_SUCCESS )
         goto cleanup;
@@ -1627,7 +1627,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                     goto cleanup;
                 /* From here on, tmp needs to be wiped. */
 
-                status = psa_hash_start( &operation->ctx.hmac.hash_ctx,
+                status = psa_hash_setup( &operation->ctx.hmac.hash_ctx,
                                          PSA_ALG_HMAC_HASH( operation->alg ) );
                 if( status != PSA_SUCCESS )
                     goto hmac_cleanup;
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 3681a2ee1..438b7219f 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1057,7 +1057,7 @@ void hash_setup( int alg_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
-    status = psa_hash_start( &operation, alg );
+    status = psa_hash_setup( &operation, alg );
     psa_hash_abort( &operation );
     TEST_ASSERT( status == expected_status );
 
@@ -1084,7 +1084,7 @@ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_update( &operation,
                                   input->x, input->len ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_finish( &operation,
@@ -1115,7 +1115,7 @@ void hash_verify( int alg_arg, data_t *input, data_t *expected_hash )
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_hash_start( &operation, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_update( &operation,
                                   input->x,
                                   input->len ) == PSA_SUCCESS );

From b870b188ad2007424bdabb9c1a7bc2a4975c37bb Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 6 Jul 2018 16:02:09 +0200
Subject: [PATCH 348/889] New internal function psa_get_key_bits

Isolate the code of psa_get_key_information that calculates the bit
size of a key into its own function which can be called by functions
that have a key slot pointer.
---
 library/psa_crypto.c | 51 ++++++++++++++++++--------------------------
 1 file changed, 21 insertions(+), 30 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index f156d0c27..63dbcce47 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -688,6 +688,24 @@ psa_status_t psa_destroy_key( psa_key_slot_t key )
     return( PSA_SUCCESS );
 }
 
+/* Return the size of the key in the given slot, in bits. */
+static size_t psa_get_key_bits( const key_slot_t *slot )
+{
+    if( key_type_is_raw_bytes( slot->type ) )
+        return( slot->data.raw.bytes * 8 );
+#if defined(MBEDTLS_RSA_C)
+    if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
+        slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
+        return( mbedtls_rsa_get_bitlen( slot->data.rsa ) );
+#endif /* defined(MBEDTLS_RSA_C) */
+#if defined(MBEDTLS_ECP_C)
+    if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
+        return( slot->data.ecp->grp.pbits );
+#endif /* defined(MBEDTLS_ECP_C) */
+    /* Shouldn't happen except on an empty slot. */
+    return( 0 );
+}
+
 psa_status_t psa_get_key_information( psa_key_slot_t key,
                                       psa_key_type_t *type,
                                       size_t *bits )
@@ -702,40 +720,13 @@ psa_status_t psa_get_key_information( psa_key_slot_t key,
     status = psa_get_key_slot( key, &slot );
     if( status != PSA_SUCCESS )
         return( status );
+
     if( slot->type == PSA_KEY_TYPE_NONE )
         return( PSA_ERROR_EMPTY_SLOT );
     if( type != NULL )
         *type = slot->type;
-
-    if( key_type_is_raw_bytes( slot->type ) )
-    {
-        if( bits != NULL )
-            *bits = slot->data.raw.bytes * 8;
-    }
-    else
-#if defined(MBEDTLS_RSA_C)
-    if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
-        slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
-    {
-        if( bits != NULL )
-            *bits = mbedtls_rsa_get_bitlen( slot->data.rsa );
-    }
-    else
-#endif /* defined(MBEDTLS_RSA_C) */
-#if defined(MBEDTLS_ECP_C)
-    if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
-    {
-        if( bits != NULL )
-            *bits = slot->data.ecp->grp.pbits;
-    }
-    else
-#endif /* defined(MBEDTLS_ECP_C) */
-    {
-        /* Shouldn't happen: the key type is not any type that we
-         * put in. */
-        return( PSA_ERROR_TAMPERING_DETECTED );
-    }
-
+    if( bits != NULL )
+        *bits = psa_get_key_bits( slot );
     return( PSA_SUCCESS );
 }
 

From 02b750781f64f04c9c23f06245f39535ac4607bb Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sun, 1 Jul 2018 22:31:34 +0200
Subject: [PATCH 349/889] Factor duplicated code into exercise_key

Also fail the test if the test code lacks a way to exercise the key.
---
 tests/suites/test_suite_psa_crypto.function | 54 +++++++++++++--------
 1 file changed, 34 insertions(+), 20 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 5f705e3e3..1017e88c8 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -345,6 +345,36 @@ static int exercise_asymmetric_encryption_key( psa_key_slot_t key,
 exit:
     return( 0 );
 }
+
+static int exercise_key( psa_key_slot_t slot,
+                         psa_key_usage_t usage,
+                         psa_algorithm_t alg )
+{
+    int ok;
+    if( alg == 0 )
+        ok = 1; /* If no algorihm, do nothing (used for raw data "keys"). */
+    else if( PSA_ALG_IS_MAC( alg ) )
+        ok = exercise_mac_key( slot, usage, alg );
+    else if( PSA_ALG_IS_CIPHER( alg ) )
+        ok = exercise_cipher_key( slot, usage, alg );
+    else if( PSA_ALG_IS_AEAD( alg ) )
+        ok = exercise_aead_key( slot, usage, alg );
+    else if( PSA_ALG_IS_SIGN( alg ) )
+        ok = exercise_signature_key( slot, usage, alg );
+    else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) )
+        ok = exercise_asymmetric_encryption_key( slot, usage, alg );
+    else
+    {
+        char message[40];
+        mbedtls_snprintf( message, sizeof( message ),
+                          "No code to exercise alg=0x%08lx",
+                          (unsigned long) alg );
+        test_fail( message, __LINE__, __FILE__ );
+        ok = 0;
+    }
+    return( ok );
+}
+
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
@@ -640,16 +670,8 @@ void import_and_exercise_key( data_t *data,
     TEST_ASSERT( got_bits == bits );
 
     /* Do something with the key according to its type and permitted usage. */
-    if( PSA_ALG_IS_MAC( alg ) )
-        exercise_mac_key( slot, usage, alg );
-    else if( PSA_ALG_IS_CIPHER( alg ) )
-        exercise_cipher_key( slot, usage, alg );
-    else if( PSA_ALG_IS_AEAD( alg ) )
-        exercise_aead_key( slot, usage, alg );
-    else if( PSA_ALG_IS_SIGN( alg ) )
-        exercise_signature_key( slot, usage, alg );
-    else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) )
-        exercise_asymmetric_encryption_key( slot, usage, alg );
+    if( ! exercise_key( slot, usage, alg ) )
+        goto exit;
 
 exit:
     psa_destroy_key( slot );
@@ -2260,16 +2282,8 @@ void generate_key( int type_arg,
     }
 
     /* Do something with the key according to its type and permitted usage. */
-    if( PSA_ALG_IS_MAC( alg ) )
-        exercise_mac_key( slot, usage, alg );
-    else if( PSA_ALG_IS_CIPHER( alg ) )
-        exercise_cipher_key( slot, usage, alg );
-    else if( PSA_ALG_IS_AEAD( alg ) )
-        exercise_aead_key( slot, usage, alg );
-    else if( PSA_ALG_IS_SIGN( alg ) )
-        exercise_signature_key( slot, usage, alg );
-    else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) )
-        exercise_asymmetric_encryption_key( slot, usage, alg );
+    if( ! exercise_key( slot, usage, alg ) )
+        goto exit;
 
 exit:
     psa_destroy_key( slot );

From 23bbb757adc2bc84ff29f02db566e9755b123de2 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Tue, 26 Jun 2018 14:16:54 +0100
Subject: [PATCH 350/889] psa: Pass the number of bits with explicit types

The GCM, CCM, RSA, and cipher modules inconsistently use int or unsigned
int for a count of bits. The PSA Crypto API uses size_t for counting
things. This causes issues on LLP64 systems where a size_t can hold more
than an unsigned int. Add casts for where key_bits and bits are passed to
mbedtls_* APIs.
---
 library/psa_crypto.c | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index dc0a27d6b..1bea9ed37 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1163,7 +1163,8 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
     if( cipher_id != NULL )
         *cipher_id = cipher_id_tmp;
 
-    return( mbedtls_cipher_info_from_values( cipher_id_tmp, key_bits, mode ) );
+    return( mbedtls_cipher_info_from_values( cipher_id_tmp,
+                                             (int) key_bits, mode ) );
 }
 
 static size_t psa_get_hash_block_size( psa_algorithm_t alg )
@@ -2188,7 +2189,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
     {
         ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
                                      slot->data.raw.data,
-                                     key_bits, cipher_operation );
+                                     (int) key_bits, cipher_operation );
     }
     if( ret != 0 )
     {
@@ -2604,7 +2605,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         mbedtls_gcm_init( &gcm );
         ret = mbedtls_gcm_setkey( &gcm, cipher_id,
                                   slot->data.raw.data,
-                                  key_bits );
+                                  (unsigned int) key_bits );
         if( ret != 0 )
         {
             mbedtls_gcm_free( &gcm );
@@ -2637,7 +2638,8 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
 
         mbedtls_ccm_init( &ccm );
         ret = mbedtls_ccm_setkey( &ccm, cipher_id,
-                                  slot->data.raw.data, key_bits );
+                                  slot->data.raw.data,
+                                  (unsigned int) key_bits );
         if( ret != 0 )
         {
             mbedtls_ccm_free( &ccm );
@@ -2743,7 +2745,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
 
         mbedtls_gcm_init( &gcm );
         ret = mbedtls_gcm_setkey( &gcm, cipher_id,
-                                  slot->data.raw.data, key_bits );
+                                  slot->data.raw.data,
+                                  (unsigned int) key_bits );
         if( ret != 0 )
         {
             mbedtls_gcm_free( &gcm );
@@ -2775,7 +2778,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
 
         mbedtls_ccm_init( &ccm );
         ret = mbedtls_ccm_setkey( &ccm, cipher_id,
-                                  slot->data.raw.data, key_bits );
+                                  slot->data.raw.data,
+                                  (unsigned int) key_bits );
         if( ret != 0 )
         {
             mbedtls_ccm_free( &ccm );
@@ -2882,7 +2886,7 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
         ret = mbedtls_rsa_gen_key( rsa,
                                    mbedtls_ctr_drbg_random,
                                    &global_data.ctr_drbg,
-                                   bits,
+                                   (unsigned int) bits,
                                    exponent );
         if( ret != 0 )
         {

From 07c91f5df33631c40c3152cc0db0923580bd1ab2 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 28 Jun 2018 18:02:53 +0200
Subject: [PATCH 351/889] Add notes about the purpose and usage of auxiliary
 header files

---
 include/psa/crypto_extra.h    |  5 +++++
 include/psa/crypto_platform.h | 10 ++++++++++
 include/psa/crypto_sizes.h    |  8 ++++++++
 include/psa/crypto_struct.h   | 10 ++++++++++
 4 files changed, 33 insertions(+)

diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index b9e12bb6f..2d03f7311 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -2,6 +2,11 @@
  * \file psa/crypto_extra.h
  *
  * \brief PSA cryptography module: Mbed TLS vendor extensions
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * This file is reserved for vendor-specific definitions.
  */
 /*
  *  Copyright (C) 2018, ARM Limited, All Rights Reserved
diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h
index 7aabd1bc0..9af320d1e 100644
--- a/include/psa/crypto_platform.h
+++ b/include/psa/crypto_platform.h
@@ -2,6 +2,16 @@
  * \file psa/crypto_platform.h
  *
  * \brief PSA cryptography module: Mbed TLS platfom definitions
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * This file contains platform-dependent type definitions.
+ *
+ * In implementations with isolation between the application and the
+ * cryptography module, implementers should take care to ensure that
+ * the definitions that are exposed to applications match what the
+ * module implements.
  */
 /*
  *  Copyright (C) 2018, ARM Limited, All Rights Reserved
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index f4d2cd839..80b2f9d62 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -3,12 +3,20 @@
  *
  * \brief PSA cryptography module: Mbed TLS buffer size macros
  *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
  * This file contains the definitions of macros that are useful to
  * compute buffer sizes. The signatures and semantics of these macros
  * are standardized, but the definitions are not, because they depend on
  * the available algorithms and, in some cases, on permitted tolerances
  * on buffer sizes.
  *
+ * In implementations with isolation between the application and the
+ * cryptography module, implementers should take care to ensure that
+ * the definitions that are exposed to applications match what the
+ * module implements.
+ *
  * Macros that compute sizes whose values do not depend on the
  * implementation are in crypto.h.
  */
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 1935f9099..b981f23c7 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -2,6 +2,16 @@
  * \file psa/crypto_struct.h
  *
  * \brief PSA cryptography module: Mbed TLS structured type implementations
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * This file contains the definitions of some data structures with
+ * implementation-specific definitions.
+ *
+ * In implementations with isolation between the application and the
+ * cryptography module, it is expected that the front-end and the back-end
+ * would have different versions of this file.
  */
 /*
  *  Copyright (C) 2018, ARM Limited, All Rights Reserved

From 6b530867e4e504fa1aae7d762f81311e40846392 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 30 Jun 2018 00:14:39 +0200
Subject: [PATCH 352/889] Test importing a key pair as a public key and vice
 versa

---
 tests/suites/test_suite_psa_crypto.data | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index e964186c0..53d8c958f 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -85,6 +85,14 @@ PSA import RSA keypair: truncated
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT
 
+PSA import RSA keypair: public key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA import RSA public key: key pair
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ERROR_INVALID_ARGUMENT
+
 PSA import RSA keypair: valid key but EC
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT
@@ -97,7 +105,7 @@ PSA import/export-public RSA public key: good, 1024-bit
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS
 
-PSA import/export-public PSA keypair: good, 1024-bit
+PSA import/export-public RSA keypair: good, 1024-bit
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS
 
@@ -137,6 +145,18 @@ PSA import EC keypair brainpool384r1: valid key but wrong curve (secp384r1)
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ERROR_INVALID_ARGUMENT
 
+PSA import EC keypair: public key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+import:"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC public key: key pair
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+# For consistency with ECpub as ECpair, RSApub as RSApair and RSApair as RSApub,
+# one would expect the status to be PSA_ERROR_INVALID_ARGUMENT. But the
+# Mbed TLS pkparse module returns MBEDTLS_ERR_PK_INVALID_ALG, I think because
+# it's looking for an OID where there is no OID.
+import:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_NOT_SUPPORTED
+
 PSA import EC keypair: valid key but RSA
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C
 import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ERROR_INVALID_ARGUMENT

From 53d991e655b9141aad6d719629521606f312907e Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 01:14:59 +0200
Subject: [PATCH 353/889] generate_key: rename \p parameters to \p extra

\p parameters is a confusing name for a function parameter. Rename it
to \p extra.
---
 include/psa/crypto.h | 15 ++++++++-------
 library/psa_crypto.c | 14 +++++++-------
 2 files changed, 15 insertions(+), 14 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index c2144fb49..ff85924aa 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -2415,21 +2415,22 @@ psa_status_t psa_generate_random(uint8_t *output,
  *                          be unoccupied.
  * \param type              Key type (a \c PSA_KEY_TYPE_XXX value).
  * \param bits              Key size in bits.
- * \param[in] parameters    Extra parameters for key generation. The
+ * \param[in] extra         Extra parameters for key generation. The
  *                          interpretation of this parameter depends on
  *                          \c type. All types support \c NULL to use
  *                          the default parameters specified below.
- * \param parameters_size   Size of the buffer that \p parameters
- *                          points to, in bytes.
+ * \param extra_size        Size of the buffer that \p extra
+ *                          points to, in bytes. Note that if \p extra is
+ *                          \c NULL then \p extra_size must be zero.
  *
  * For any symmetric key type (a type such that
- * #PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) is false), \c parameters must be
+ * #PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) is false), \p extra must be
  * \c NULL. For asymmetric key types defined by this specification,
  * the parameter type and the default parameters are defined by the
  * table below. For vendor-defined key types, the vendor documentation
  * shall define the parameter type and the default parameters.
  *
- * Type | Parameter type | Meaning | Parameters used if `parameters == NULL`
+ * Type | Parameter type | Meaning | Parameters used if `extra == NULL`
  * ---- | -------------- | ------- | ---------------------------------------
  * `PSA_KEY_TYPE_RSA_KEYPAIR` | `unsigned int` | Public exponent | 65537
  *
@@ -2445,8 +2446,8 @@ psa_status_t psa_generate_random(uint8_t *output,
 psa_status_t psa_generate_key(psa_key_slot_t key,
                               psa_key_type_t type,
                               size_t bits,
-                              const void *parameters,
-                              size_t parameters_size);
+                              const void *extra,
+                              size_t extra_size);
 
 /**@}*/
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index fce9e3c82..a256ad7ee 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2964,13 +2964,13 @@ psa_status_t psa_generate_random( uint8_t *output,
 psa_status_t psa_generate_key( psa_key_slot_t key,
                                psa_key_type_t type,
                                size_t bits,
-                               const void *parameters,
-                               size_t parameters_size )
+                               const void *extra,
+                               size_t extra_size )
 {
     key_slot_t *slot;
     psa_status_t status;
 
-    if( parameters == NULL && parameters_size != 0 )
+    if( extra == NULL && extra_size != 0 )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     status = psa_get_empty_key_slot( key, &slot );
@@ -3010,10 +3010,10 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
         int exponent = 65537;
         if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
             return( PSA_ERROR_NOT_SUPPORTED );
-        if( parameters != NULL )
+        if( extra != NULL )
         {
-            const unsigned *p = parameters;
-            if( parameters_size != sizeof( *p ) )
+            const unsigned *p = extra;
+            if( extra_size != sizeof( *p ) )
                 return( PSA_ERROR_INVALID_ARGUMENT );
             if( *p > INT_MAX )
                 return( PSA_ERROR_INVALID_ARGUMENT );
@@ -3048,7 +3048,7 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
             mbedtls_ecp_curve_info_from_grp_id( grp_id );
         mbedtls_ecp_keypair *ecp;
         int ret;
-        if( parameters != NULL )
+        if( extra != NULL )
             return( PSA_ERROR_NOT_SUPPORTED );
         if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
             return( PSA_ERROR_NOT_SUPPORTED );

From acd4be36faff4bd0f774fae95a7ee39853a84dc9 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sun, 8 Jul 2018 19:56:25 +0200
Subject: [PATCH 354/889] Rename psa_mac_{finish,verify} ->
 psa_mac_{sign,verify}_finish

Make function names for multipart operations more consistent (MAC
finish edition).
---
 include/psa/crypto.h                        | 21 ++++++++++----------
 include/psa/crypto_sizes.h                  |  4 ++--
 library/psa_crypto.c                        | 18 ++++++++---------
 tests/suites/test_suite_psa_crypto.function | 22 +++++++++++----------
 4 files changed, 34 insertions(+), 31 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 1ee403cf7..957385916 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1345,8 +1345,8 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
  * -# Call psa_mac_update() zero, one or more times, passing a fragment
  *    of the message each time. The MAC that is calculated is the MAC
  *    of the concatenation of these messages in order.
- * -# To calculate the MAC, call psa_mac_finish().
- *    To compare the MAC with an expected value, call psa_mac_verify().
+ * -# To calculate the MAC, call psa_mac_sign_finish().
+ *    To compare the MAC with an expected value, call psa_mac_verify_finish().
  *
  * The application may call psa_mac_abort() at any time after the operation
  * has been initialized with psa_mac_start().
@@ -1355,7 +1355,8 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
  * eventually terminate the operation. The following events terminate an
  * operation:
  * - A failed call to psa_mac_update().
- * - A call to psa_mac_finish(), psa_mac_verify() or psa_mac_abort().
+ * - A call to psa_mac_sign_finish(), psa_mac_verify_finish() or
+ *   psa_mac_abort().
  *
  * \param operation The operation object to use.
  * \param key       Slot containing the key to use for the operation.
@@ -1383,14 +1384,14 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation,
                             const uint8_t *input,
                             size_t input_length);
 
-psa_status_t psa_mac_finish(psa_mac_operation_t *operation,
-                            uint8_t *mac,
-                            size_t mac_size,
-                            size_t *mac_length);
+psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
+                                 uint8_t *mac,
+                                 size_t mac_size,
+                                 size_t *mac_length);
 
-psa_status_t psa_mac_verify(psa_mac_operation_t *operation,
-                            const uint8_t *mac,
-                            size_t mac_length);
+psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
+                                   const uint8_t *mac,
+                                   size_t mac_length);
 
 psa_status_t psa_mac_abort(psa_mac_operation_t *operation);
 
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index 80b2f9d62..574d3e55c 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -142,9 +142,9 @@
 
 
 
-/** The size of the output of psa_mac_finish(), in bytes.
+/** The size of the output of psa_mac_sign_finish(), in bytes.
  *
- * This is also the MAC size that psa_mac_verify() expects.
+ * This is also the MAC size that psa_mac_verify_finish() expects.
  *
  * \param key_type      The type of the MAC key.
  * \param key_bits      The size of the MAC key in bits.
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 76e1a68e5..4c42d61e0 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1483,8 +1483,8 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
     /* Since this function is called identically for a sign or verify
      * operation, we don't know yet whether the operation is permitted.
      * Store the part of the key policy that we can't check in the
-     * operation structure. psa_mac_finish() or psa_mac_verify() will
-     * check that remaining part. */
+     * operation structure. psa_mac_sign_finish() or psa_mac_verify_finish()
+     * will check that remaining part. */
     if( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 )
         operation->key_usage_sign = 1;
     if( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 )
@@ -1671,10 +1671,10 @@ cleanup:
     }
 }
 
-psa_status_t psa_mac_finish( psa_mac_operation_t *operation,
-                             uint8_t *mac,
-                             size_t mac_size,
-                             size_t *mac_length )
+psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation,
+                                  uint8_t *mac,
+                                  size_t mac_size,
+                                  size_t *mac_length )
 {
     if( ! operation->key_usage_sign )
         return( PSA_ERROR_NOT_PERMITTED );
@@ -1683,9 +1683,9 @@ psa_status_t psa_mac_finish( psa_mac_operation_t *operation,
                                      mac_size, mac_length ) );
 }
 
-psa_status_t psa_mac_verify( psa_mac_operation_t *operation,
-                             const uint8_t *mac,
-                             size_t mac_length )
+psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation,
+                                    const uint8_t *mac,
+                                    size_t mac_length )
 {
     uint8_t actual_mac[PSA_MAC_MAX_SIZE];
     size_t actual_mac_length;
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 438b7219f..fcab07bc3 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -141,9 +141,9 @@ static int exercise_mac_key( psa_key_slot_t key,
         TEST_ASSERT( psa_mac_start( &operation, key, alg ) == PSA_SUCCESS );
         TEST_ASSERT( psa_mac_update( &operation,
                                      input, sizeof( input ) ) == PSA_SUCCESS );
-        TEST_ASSERT( psa_mac_finish( &operation,
-                                     mac, sizeof( input ),
-                                     &mac_length ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_mac_sign_finish( &operation,
+                                          mac, sizeof( input ),
+                                          &mac_length ) == PSA_SUCCESS );
     }
 
     if( usage & PSA_KEY_USAGE_VERIFY )
@@ -155,7 +155,9 @@ static int exercise_mac_key( psa_key_slot_t key,
         TEST_ASSERT( psa_mac_start( &operation, key, alg ) == PSA_SUCCESS );
         TEST_ASSERT( psa_mac_update( &operation,
                                      input, sizeof( input ) ) == PSA_SUCCESS );
-        TEST_ASSERT( psa_mac_verify( &operation, mac, mac_length ) == verify_status );
+        TEST_ASSERT( psa_mac_verify_finish( &operation,
+                                            mac,
+                                            mac_length ) == verify_status );
     }
 
     return( 1 );
@@ -747,8 +749,8 @@ void mac_key_policy( int policy_usage,
 
     status = psa_mac_start( &operation, key_slot, exercise_alg );
     if( status == PSA_SUCCESS )
-        status = psa_mac_finish( &operation,
-                                 mac, sizeof( mac ), &output_length );
+        status = psa_mac_sign_finish( &operation,
+                                      mac, sizeof( mac ), &output_length );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 )
         TEST_ASSERT( status == PSA_SUCCESS );
@@ -759,7 +761,7 @@ void mac_key_policy( int policy_usage,
     memset( mac, 0, sizeof( mac ) );
     status = psa_mac_start( &operation, key_slot, exercise_alg );
     if( status == PSA_SUCCESS )
-        status = psa_mac_verify( &operation, mac, sizeof( mac ) );
+        status = psa_mac_verify_finish( &operation, mac, sizeof( mac ) );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 )
         TEST_ASSERT( status == PSA_ERROR_INVALID_SIGNATURE );
@@ -1198,9 +1200,9 @@ void mac_verify( int key_type_arg,
     TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS );
     TEST_ASSERT( psa_mac_update( &operation,
                                  input->x, input->len ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_mac_verify( &operation,
-                                 expected_mac->x,
-                                 expected_mac->len ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_mac_verify_finish( &operation,
+                                        expected_mac->x,
+                                        expected_mac->len ) == PSA_SUCCESS );
 
 exit:
     psa_destroy_key( key_slot );

From ab1d7ab89f66c08a32912c434558ba3268a7a98b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 6 Jul 2018 16:07:47 +0200
Subject: [PATCH 355/889] Don't call psa_get_key_information internally

When you have a key slot pointer, read the key type directly, and call
psa_get_key_bits to get the bit size.
---
 library/psa_crypto.c | 47 +++++++++++++++++---------------------------
 1 file changed, 18 insertions(+), 29 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 63dbcce47..d730bd821 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1469,7 +1469,6 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
 {
     psa_status_t status;
     key_slot_t *slot;
-    psa_key_type_t key_type;
     size_t key_bits;
     const mbedtls_cipher_info_t *cipher_info = NULL;
 
@@ -1477,10 +1476,6 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
     if( status != PSA_SUCCESS )
         return( status );
 
-    status = psa_get_key_information( key, &key_type, &key_bits );
-    if( status != PSA_SUCCESS )
-        return( status );
-
     status = psa_get_key_from_slot( key, &slot, 0, alg );
     if( status != PSA_SUCCESS )
         return( status );
@@ -1495,9 +1490,12 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
     if( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 )
         operation->key_usage_verify = 1;
 
+    key_bits = psa_get_key_bits( slot );
+
     if( ! PSA_ALG_IS_HMAC( alg ) )
     {
-        cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, NULL );
+        cipher_info = mbedtls_cipher_info_from_psa( alg, slot->type, key_bits,
+                                                    NULL );
         if( cipher_info == NULL )
             return( PSA_ERROR_NOT_SUPPORTED );
         operation->mac_size = cipher_info->block_size;
@@ -1515,7 +1513,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
         default:
 #if defined(MBEDTLS_MD_C)
             if( PSA_ALG_IS_HMAC( alg ) )
-                status = psa_hmac_start( operation, key_type, slot, alg );
+                status = psa_hmac_start( operation, slot->type, slot, alg );
             else
 #endif /* MBEDTLS_MD_C */
                 return( PSA_ERROR_NOT_SUPPORTED );
@@ -2254,7 +2252,6 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
     psa_status_t status;
     key_slot_t *slot;
-    psa_key_type_t key_type;
     size_t key_bits;
     const mbedtls_cipher_info_t *cipher_info = NULL;
     psa_key_usage_t usage = ( cipher_operation == MBEDTLS_ENCRYPT ?
@@ -2265,14 +2262,12 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
     if( status != PSA_SUCCESS )
         return( status );
 
-    status = psa_get_key_information( key, &key_type, &key_bits );
-    if( status != PSA_SUCCESS )
-        return( status );
     status = psa_get_key_from_slot( key, &slot, usage, alg);
     if( status != PSA_SUCCESS )
         return( status );
+    key_bits = psa_get_key_bits( slot );
 
-    cipher_info = mbedtls_cipher_info_from_psa( alg, key_type, key_bits, NULL );
+    cipher_info = mbedtls_cipher_info_from_psa( alg, slot->type, key_bits, NULL );
     if( cipher_info == NULL )
         return( PSA_ERROR_NOT_SUPPORTED );
 
@@ -2284,7 +2279,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
     }
 
 #if defined(MBEDTLS_DES_C)
-    if( key_type == PSA_KEY_TYPE_DES && key_bits == 128 )
+    if( slot->type == PSA_KEY_TYPE_DES && key_bits == 128 )
     {
         /* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */
         unsigned char keys[24];
@@ -2336,11 +2331,11 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
 
     operation->key_set = 1;
     operation->block_size = ( PSA_ALG_IS_BLOCK_CIPHER( alg ) ?
-                              PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) :
+                              PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ) :
                               1 );
     if( PSA_ALG_IS_BLOCK_CIPHER( alg ) || alg == PSA_ALG_CTR )
     {
-        operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
+        operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type );
     }
 
     return( PSA_SUCCESS );
@@ -2675,7 +2670,6 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     int ret;
     psa_status_t status;
     key_slot_t *slot;
-    psa_key_type_t key_type;
     size_t key_bits;
     uint8_t *tag;
     size_t tag_length;
@@ -2684,19 +2678,17 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
 
     *ciphertext_length = 0;
 
-    status = psa_get_key_information( key, &key_type, &key_bits );
-    if( status != PSA_SUCCESS )
-        return( status );
     status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg );
     if( status != PSA_SUCCESS )
         return( status );
+    key_bits = psa_get_key_bits( slot );
 
-    cipher_info = mbedtls_cipher_info_from_psa( alg, key_type,
+    cipher_info = mbedtls_cipher_info_from_psa( alg, slot->type,
                                                 key_bits, &cipher_id );
     if( cipher_info == NULL )
         return( PSA_ERROR_NOT_SUPPORTED );
 
-    if( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) !=
+    if( ( slot->type & PSA_KEY_TYPE_CATEGORY_MASK ) !=
         PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
@@ -2705,7 +2697,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         mbedtls_gcm_context gcm;
         tag_length = 16;
 
-        if( PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) != 16 )
+        if( PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ) != 16 )
             return( PSA_ERROR_INVALID_ARGUMENT );
 
         //make sure we have place to hold the tag in the ciphertext buffer
@@ -2736,7 +2728,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         mbedtls_ccm_context ccm;
         tag_length = 16;
 
-        if( PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) != 16 )
+        if( PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ) != 16 )
             return( PSA_ERROR_INVALID_ARGUMENT );
 
         if( nonce_length < 7 || nonce_length > 13 )
@@ -2820,7 +2812,6 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     int ret;
     psa_status_t status;
     key_slot_t *slot;
-    psa_key_type_t key_type;
     size_t key_bits;
     const uint8_t *tag;
     size_t tag_length;
@@ -2829,19 +2820,17 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
 
     *plaintext_length = 0;
 
-    status = psa_get_key_information( key, &key_type, &key_bits );
-    if( status != PSA_SUCCESS )
-        return( status );
     status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DECRYPT, alg );
     if( status != PSA_SUCCESS )
         return( status );
+    key_bits = psa_get_key_bits( slot );
 
-    cipher_info = mbedtls_cipher_info_from_psa( alg, key_type,
+    cipher_info = mbedtls_cipher_info_from_psa( alg, slot->type,
                                                 key_bits, &cipher_id );
     if( cipher_info == NULL )
         return( PSA_ERROR_NOT_SUPPORTED );
 
-    if( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) !=
+    if( ( slot->type & PSA_KEY_TYPE_CATEGORY_MASK ) !=
         PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
         return( PSA_ERROR_INVALID_ARGUMENT );
 

From 3d91abefac0e6be0a6cc1aa094392181c549acb0 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Tue, 3 Jul 2018 13:15:54 +0300
Subject: [PATCH 356/889] Use PSA_BLOCK_CIPHER_BLOCK_SIZE() macro to get the
 cipher block size

Use PSA_BLOCK_CIPHER_BLOCK_SIZE() macro to get the cipher block size instead of accessing the operation struct
additionally, for SPM case, the 'block_size' member is not a member in the operation struct
---
 tests/suites/test_suite_psa_crypto.function | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 1017e88c8..9eac29b43 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1057,7 +1057,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, iv_size ) == PSA_SUCCESS );
-    output_buffer_size = input->len + operation.block_size;
+    output_buffer_size = (size_t) input->len +
+                         PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     output = mbedtls_calloc( 1, output_buffer_size );
     TEST_ASSERT( output != NULL );
 
@@ -1126,7 +1127,8 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
-    output_buffer_size = input->len + operation.block_size;
+    output_buffer_size = (size_t) input->len +
+                         PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     output = mbedtls_calloc( 1, output_buffer_size );
     TEST_ASSERT( output != NULL );
 
@@ -1199,7 +1201,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, sizeof( iv ) ) == PSA_SUCCESS );
 
-    output_buffer_size = input->len + operation.block_size;
+    output_buffer_size = (size_t) input->len +
+                         PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     output = mbedtls_calloc( 1, output_buffer_size );
     TEST_ASSERT( output != NULL );
 
@@ -1273,7 +1276,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_set_iv( &operation,
                                      iv, iv_size ) == PSA_SUCCESS );
 
-    output_buffer_size = input->len + operation.block_size;
+    output_buffer_size = (size_t) input->len +
+                         PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     output = mbedtls_calloc( 1, output_buffer_size );
     TEST_ASSERT( output != NULL );
 
@@ -1343,7 +1347,8 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
                                           iv, iv_size,
                                           &iv_length ) == PSA_SUCCESS );
-    output1_size = input->len + operation1.block_size;
+    output1_size = (size_t) input->len +
+                   PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     output1 = mbedtls_calloc( 1, output1_size );
     TEST_ASSERT( output1 != NULL );
 
@@ -1429,7 +1434,8 @@ void cipher_verify_output_multipart( int alg_arg,
     TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
                                           iv, iv_size,
                                           &iv_length ) == PSA_SUCCESS );
-    output1_buffer_size = input->len + operation1.block_size;
+    output1_buffer_size = (size_t) input->len +
+                          PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     output1 = mbedtls_calloc( 1, output1_buffer_size );
     TEST_ASSERT( output1 != NULL );
 

From aee13338b3a26045a7a8c8ff999312a26c30b6f1 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 2 Jul 2018 12:15:28 +0200
Subject: [PATCH 357/889] Fix safe output length in hash and mac finish

In psa_hash_finish and psa_mac_finish_internal, set the fallback
output length (which is reported on error) to the output buffer size,
not to the _expected_ buffer size which could be larger.
---
 library/psa_crypto.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 1d5337bfb..a2f68975b 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1013,7 +1013,7 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation,
     /* Fill the output buffer with something that isn't a valid hash
      * (barring an attack on the hash and deliberately-crafted input),
      * in case the caller doesn't check the return status properly. */
-    *hash_length = actual_hash_length;
+    *hash_length = hash_size;
     /* If hash_size is 0 then hash may be NULL and then the
      * call to memset would have undefined behavior. */
     if( hash_size != 0 )
@@ -1068,6 +1068,7 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation,
 
     if( ret == 0 )
     {
+        *hash_length = actual_hash_length;
         return( psa_hash_abort( operation ) );
     }
     else
@@ -1517,7 +1518,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
     /* Fill the output buffer with something that isn't a valid mac
      * (barring an attack on the mac and deliberately-crafted input),
      * in case the caller doesn't check the return status properly. */
-    *mac_length = operation->mac_size;
+    *mac_length = mac_size;
     /* If mac_size is 0 then mac may be NULL and then the
      * call to memset would have undefined behavior. */
     if( mac_size != 0 )
@@ -1583,6 +1584,7 @@ cleanup:
 
     if( ret == 0 && status == PSA_SUCCESS )
     {
+        *mac_length = operation->mac_size;
         return( psa_mac_abort( operation ) );
     }
     else

From bbf97e3cf16cd2678dedf6c875eeb4e8c86acf54 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Tue, 26 Jun 2018 14:20:51 +0100
Subject: [PATCH 358/889] psa: Pass hash_length with explicit types

The RSA module uses unsigned int for hash_length. The PSA Crypto API
uses size_t for hash_length. Cast hash_length to unsigned int when
passed to the hash module.
---
 library/psa_crypto.c | 32 ++++++++++++++++++++++++++++----
 1 file changed, 28 insertions(+), 4 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 1bea9ed37..4a3363952 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1661,6 +1661,15 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa,
     if( signature_size < rsa->len )
         return( PSA_ERROR_BUFFER_TOO_SMALL );
 
+    /* The Mbed TLS RSA module uses an unsigned int for hash_length. See if
+     * hash_length will fit and return an error if it doesn't. */
+#if defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21)
+#if SIZE_MAX > UINT_MAX
+    if( hash_length > UINT_MAX )
+        return( PSA_ERROR_NOT_SUPPORTED );
+#endif
+#endif
+
 #if defined(MBEDTLS_PKCS1_V15)
     if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
     {
@@ -1670,7 +1679,9 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa,
                                       mbedtls_ctr_drbg_random,
                                       &global_data.ctr_drbg,
                                       MBEDTLS_RSA_PRIVATE,
-                                      md_alg, hash_length, hash,
+                                      md_alg,
+                                      (unsigned int) hash_length,
+                                      hash,
                                       signature );
     }
     else
@@ -1683,7 +1694,9 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa,
                                            mbedtls_ctr_drbg_random,
                                            &global_data.ctr_drbg,
                                            MBEDTLS_RSA_PRIVATE,
-                                           md_alg, hash_length, hash,
+                                           md_alg,
+                                           (unsigned int) hash_length,
+                                           hash,
                                            signature );
     }
     else
@@ -1715,6 +1728,15 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa,
     if( signature_length < rsa->len )
         return( PSA_ERROR_BUFFER_TOO_SMALL );
 
+#if defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21)
+#if SIZE_MAX > UINT_MAX
+    /* The Mbed TLS RSA module uses an unsigned int for hash_length. See if
+     * hash_length will fit and return an error if it doesn't. */
+    if( hash_length > UINT_MAX )
+        return( PSA_ERROR_NOT_SUPPORTED );
+#endif
+#endif
+
 #if defined(MBEDTLS_PKCS1_V15)
     if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
     {
@@ -1725,7 +1747,7 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa,
                                         &global_data.ctr_drbg,
                                         MBEDTLS_RSA_PUBLIC,
                                         md_alg,
-                                        hash_length,
+                                        (unsigned int) hash_length,
                                         hash,
                                         signature );
     }
@@ -1739,7 +1761,9 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa,
                                              mbedtls_ctr_drbg_random,
                                              &global_data.ctr_drbg,
                                              MBEDTLS_RSA_PUBLIC,
-                                             md_alg, hash_length, hash,
+                                             md_alg,
+                                             (unsigned int) hash_length,
+                                             hash,
                                              signature );
     }
     else

From 35da9a2f2efae290d1e54e7a27f76c310b5fa86c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 29 Jun 2018 19:17:49 +0200
Subject: [PATCH 359/889] In psa_asymmetric_encrypt, allow public keys

The code was accepting key pairs only, even though encryption doesn't
require the private key.
---
 library/psa_crypto.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index af0b2f61a..a1b8104f7 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2115,7 +2115,8 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
     status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg );
     if( status != PSA_SUCCESS )
         return( status );
-    if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
+    if( ! ( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ||
+            PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
 #if defined(MBEDTLS_RSA_C)

From 4c317f4b4c5dd3dce1b755bb12ad939ca1a7710e Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 01:24:09 +0200
Subject: [PATCH 360/889] generate_key: define a structure type for RSA extra
 parameters

---
 include/psa/crypto.h | 11 ++++++++++-
 library/psa_crypto.c | 12 ++++++++----
 2 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index ff85924aa..b190907cf 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -2407,6 +2407,15 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
 psa_status_t psa_generate_random(uint8_t *output,
                                  size_t output_size);
 
+/** Extra parameters for RSA key generation.
+ *
+ * You may pass a pointer to a structure of this type as the `extra`
+ * parameter to psa_generate_key().
+ */
+typedef struct {
+    uint32_t e; /**! Public exponent value. Default: 65537. */
+} psa_generate_key_extra_rsa;
+
 /**
  * \brief Generate a key or key pair.
  *
@@ -2432,7 +2441,7 @@ psa_status_t psa_generate_random(uint8_t *output,
  *
  * Type | Parameter type | Meaning | Parameters used if `extra == NULL`
  * ---- | -------------- | ------- | ---------------------------------------
- * `PSA_KEY_TYPE_RSA_KEYPAIR` | `unsigned int` | Public exponent | 65537
+ * `PSA_KEY_TYPE_RSA_KEYPAIR` | #psa_generate_key_extra_rsa | Public exponent | 65537
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_NOT_SUPPORTED
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index a256ad7ee..eb140ea2c 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3012,12 +3012,16 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
             return( PSA_ERROR_NOT_SUPPORTED );
         if( extra != NULL )
         {
-            const unsigned *p = extra;
+            const psa_generate_key_extra_rsa *p = extra;
             if( extra_size != sizeof( *p ) )
                 return( PSA_ERROR_INVALID_ARGUMENT );
-            if( *p > INT_MAX )
-                return( PSA_ERROR_INVALID_ARGUMENT );
-            exponent = *p;
+#if INT_MAX < 0xffffffff
+            /* Check that the uint32_t value passed by the caller fits
+             * in the range supported by this implementation. */
+            if( p->e > INT_MAX )
+                return( PSA_ERROR_NOT_SUPPORTED );
+#endif
+            exponent = p->e;
         }
         rsa = mbedtls_calloc( 1, sizeof( *rsa ) );
         if( rsa == NULL )

From 89167cb597c58dd6b9516c6701ab0dc86496adb8 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sun, 8 Jul 2018 20:12:23 +0200
Subject: [PATCH 361/889] Split psa_mac_setup -> psa_mac_{sign,verify}_setup

Make function names for multipart operations more consistent (MAC
setup edition).

Split psa_mac_setup into two functions psa_mac_sign_setup and
psa_mac_verify_setup. These functions behave identically except that
they require different usage flags on the key. The goal of the split
is to enforce the key policy during setup rather than at the end of
the operation (which was a bit of a hack).

In psa_mac_sign_finish and psa_mac_verify_finish, if the operation is
of the wrong type, abort the operation before returning BAD_STATE.
---
 include/psa/crypto.h                        | 80 +++++++++++++++++----
 include/psa/crypto_struct.h                 |  3 +-
 library/psa_crypto.c                        | 67 ++++++++++-------
 tests/suites/test_suite_psa_crypto.function | 23 +++---
 4 files changed, 116 insertions(+), 57 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 957385916..98573c90f 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1333,30 +1333,32 @@ psa_status_t psa_hash_abort(psa_hash_operation_t *operation);
  * as directed by the documentation of a specific implementation. */
 typedef struct psa_mac_operation_s psa_mac_operation_t;
 
-/** Start a multipart MAC operation.
+/** Start a multipart MAC calculation operation.
  *
- * The sequence of operations to calculate a MAC (message authentication code)
- * is as follows:
+ * This function sets up the calculation of the MAC
+ * (message authentication code) of a byte string.
+ * To verify the MAC of a message against an
+ * expected value, use psa_mac_verify_setup() instead.
+ *
+ * The sequence of operations to calculate a MAC is as follows:
  * -# Allocate an operation object which will be passed to all the functions
  *    listed here.
- * -# Call psa_mac_start() to specify the algorithm and key.
+ * -# Call psa_mac_sign_setup() to specify the algorithm and key.
  *    The key remains associated with the operation even if the content
  *    of the key slot changes.
  * -# Call psa_mac_update() zero, one or more times, passing a fragment
  *    of the message each time. The MAC that is calculated is the MAC
  *    of the concatenation of these messages in order.
- * -# To calculate the MAC, call psa_mac_sign_finish().
- *    To compare the MAC with an expected value, call psa_mac_verify_finish().
+ * -# At the end of the message, call psa_mac_sign_finish() to finish
+ *    calculating the MAC value and retrieve it.
  *
  * The application may call psa_mac_abort() at any time after the operation
- * has been initialized with psa_mac_start().
+ * has been initialized with psa_mac_sign_setup().
  *
- * After a successful call to psa_mac_start(), the application must
- * eventually terminate the operation. The following events terminate an
- * operation:
+ * After a successful call to psa_mac_sign_setup(), the application must
+ * eventually terminate the operation through one of the following methods:
  * - A failed call to psa_mac_update().
- * - A call to psa_mac_sign_finish(), psa_mac_verify_finish() or
- *   psa_mac_abort().
+ * - A call to psa_mac_sign_finish() or psa_mac_abort().
  *
  * \param operation The operation object to use.
  * \param key       Slot containing the key to use for the operation.
@@ -1376,9 +1378,57 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
  * \retval PSA_ERROR_HARDWARE_FAILURE
  * \retval PSA_ERROR_TAMPERING_DETECTED
  */
-psa_status_t psa_mac_start(psa_mac_operation_t *operation,
-                           psa_key_slot_t key,
-                           psa_algorithm_t alg);
+psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
+                                psa_key_slot_t key,
+                                psa_algorithm_t alg);
+
+/** Start a multipart MAC verification operation.
+ *
+ * This function sets up the verification of the MAC
+ * (message authentication code) of a byte string against an expected value.
+ *
+ * The sequence of operations to verify a MAC is as follows:
+ * -# Allocate an operation object which will be passed to all the functions
+ *    listed here.
+ * -# Call psa_mac_verify_setup() to specify the algorithm and key.
+ *    The key remains associated with the operation even if the content
+ *    of the key slot changes.
+ * -# Call psa_mac_update() zero, one or more times, passing a fragment
+ *    of the message each time. The MAC that is calculated is the MAC
+ *    of the concatenation of these messages in order.
+ * -# At the end of the message, call psa_mac_verify_finish() to finish
+ *    calculating the actual MAC of the message and verify it against
+ *    the expected value.
+ *
+ * The application may call psa_mac_abort() at any time after the operation
+ * has been initialized with psa_mac_verify_setup().
+ *
+ * After a successful call to psa_mac_verify_setup(), the application must
+ * eventually terminate the operation through one of the following methods:
+ * - A failed call to psa_mac_update().
+ * - A call to psa_mac_verify_finish() or psa_mac_abort().
+ *
+ * \param operation The operation object to use.
+ * \param key       Slot containing the key to use for the operation.
+ * \param alg       The MAC algorithm to compute (\c PSA_ALG_XXX value
+ *                  such that #PSA_ALG_IS_MAC(alg) is true).
+ *
+ * \retval PSA_SUCCESS
+ *         Success.
+ * \retval PSA_ERROR_EMPTY_SLOT
+ * \retval PSA_ERROR_NOT_PERMITTED
+ * \retval PSA_ERROR_INVALID_ARGUMENT
+ *         \c key is not compatible with \c alg.
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ *         \c alg is not supported or is not a MAC algorithm.
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
+                                  psa_key_slot_t key,
+                                  psa_algorithm_t alg);
 
 psa_status_t psa_mac_update(psa_mac_operation_t *operation,
                             const uint8_t *input,
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index b981f23c7..85c997485 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -102,8 +102,7 @@ struct psa_mac_operation_s
     int iv_required : 1;
     int iv_set : 1;
     int has_input : 1;
-    int key_usage_sign : 1;
-    int key_usage_verify : 1;
+    int is_sign : 1;
     uint8_t mac_size;
     union
     {
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 4c42d61e0..61eef45ca 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1296,8 +1296,7 @@ static psa_status_t psa_mac_init( psa_mac_operation_t *operation,
     operation->iv_set = 0;
     operation->iv_required = 0;
     operation->has_input = 0;
-    operation->key_usage_sign = 0;
-    operation->key_usage_verify = 0;
+    operation->is_sign = 0;
 
 #if defined(MBEDTLS_CMAC_C)
     if( alg == PSA_ALG_CMAC )
@@ -1367,14 +1366,13 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
     operation->iv_set = 0;
     operation->iv_required = 0;
     operation->has_input = 0;
-    operation->key_usage_sign = 0;
-    operation->key_usage_verify = 0;
+    operation->is_sign = 0;
 
     return( PSA_SUCCESS );
 }
 
 #if defined(MBEDTLS_CMAC_C)
-static int psa_cmac_start( psa_mac_operation_t *operation,
+static int psa_cmac_setup( psa_mac_operation_t *operation,
                            size_t key_bits,
                            key_slot_t *slot,
                            const mbedtls_cipher_info_t *cipher_info )
@@ -1395,7 +1393,7 @@ static int psa_cmac_start( psa_mac_operation_t *operation,
 #endif /* MBEDTLS_CMAC_C */
 
 #if defined(MBEDTLS_MD_C)
-static int psa_hmac_start( psa_mac_operation_t *operation,
+static int psa_hmac_setup( psa_mac_operation_t *operation,
                            psa_key_type_t key_type,
                            key_slot_t *slot,
                            psa_algorithm_t alg )
@@ -1457,39 +1455,34 @@ cleanup:
     mbedtls_zeroize( ipad, key_length );
     /* opad is in the context. It needs to stay in memory if this function
      * succeeds, and it will be wiped by psa_mac_abort() called from
-     * psa_mac_start in the error case. */
+     * psa_mac_setup in the error case. */
 
     return( status );
 }
 #endif /* MBEDTLS_MD_C */
 
-psa_status_t psa_mac_start( psa_mac_operation_t *operation,
-                            psa_key_slot_t key,
-                            psa_algorithm_t alg )
+static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
+                                   psa_key_slot_t key,
+                                   psa_algorithm_t alg,
+                                   int is_sign )
 {
     psa_status_t status;
     key_slot_t *slot;
     size_t key_bits;
+    psa_key_usage_t usage =
+        is_sign ? PSA_KEY_USAGE_SIGN : PSA_KEY_USAGE_VERIFY;
     const mbedtls_cipher_info_t *cipher_info = NULL;
 
     status = psa_mac_init( operation, alg );
     if( status != PSA_SUCCESS )
         return( status );
+    if( is_sign )
+        operation->is_sign = 1;
 
-    status = psa_get_key_from_slot( key, &slot, 0, alg );
+    status = psa_get_key_from_slot( key, &slot, usage, alg );
     if( status != PSA_SUCCESS )
         return( status );
 
-    /* Since this function is called identically for a sign or verify
-     * operation, we don't know yet whether the operation is permitted.
-     * Store the part of the key policy that we can't check in the
-     * operation structure. psa_mac_sign_finish() or psa_mac_verify_finish()
-     * will check that remaining part. */
-    if( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 )
-        operation->key_usage_sign = 1;
-    if( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 )
-        operation->key_usage_verify = 1;
-
     key_bits = psa_get_key_bits( slot );
 
     if( ! PSA_ALG_IS_HMAC( alg ) )
@@ -1504,7 +1497,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
     {
 #if defined(MBEDTLS_CMAC_C)
         case PSA_ALG_CMAC:
-            status = mbedtls_to_psa_error( psa_cmac_start( operation,
+            status = mbedtls_to_psa_error( psa_cmac_setup( operation,
                                                            key_bits,
                                                            slot,
                                                            cipher_info ) );
@@ -1513,7 +1506,7 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
         default:
 #if defined(MBEDTLS_MD_C)
             if( PSA_ALG_IS_HMAC( alg ) )
-                status = psa_hmac_start( operation, slot->type, slot, alg );
+                status = psa_hmac_setup( operation, slot->type, slot, alg );
             else
 #endif /* MBEDTLS_MD_C */
                 return( PSA_ERROR_NOT_SUPPORTED );
@@ -1532,6 +1525,20 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
     return( status );
 }
 
+psa_status_t psa_mac_sign_setup( psa_mac_operation_t *operation,
+                                 psa_key_slot_t key,
+                                 psa_algorithm_t alg )
+{
+    return( psa_mac_setup( operation, key, alg, 1 ) );
+}
+
+psa_status_t psa_mac_verify_setup( psa_mac_operation_t *operation,
+                                   psa_key_slot_t key,
+                                   psa_algorithm_t alg )
+{
+    return( psa_mac_setup( operation, key, alg, 0 ) );
+}
+
 psa_status_t psa_mac_update( psa_mac_operation_t *operation,
                              const uint8_t *input,
                              size_t input_length )
@@ -1676,8 +1683,11 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation,
                                   size_t mac_size,
                                   size_t *mac_length )
 {
-    if( ! operation->key_usage_sign )
-        return( PSA_ERROR_NOT_PERMITTED );
+    if( ! operation->is_sign )
+    {
+        psa_mac_abort( operation );
+        return( PSA_ERROR_BAD_STATE );
+    }
 
     return( psa_mac_finish_internal( operation, mac,
                                      mac_size, mac_length ) );
@@ -1691,8 +1701,11 @@ psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation,
     size_t actual_mac_length;
     psa_status_t status;
 
-    if( ! operation->key_usage_verify )
-        return( PSA_ERROR_NOT_PERMITTED );
+    if( operation->is_sign )
+    {
+        psa_mac_abort( operation );
+        return( PSA_ERROR_BAD_STATE );
+    }
 
     status = psa_mac_finish_internal( operation,
                                       actual_mac, sizeof( actual_mac ),
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index fcab07bc3..3a03a76bf 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -138,7 +138,8 @@ static int exercise_mac_key( psa_key_slot_t key,
 
     if( usage & PSA_KEY_USAGE_SIGN )
     {
-        TEST_ASSERT( psa_mac_start( &operation, key, alg ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_mac_sign_setup( &operation,
+                                         key, alg ) == PSA_SUCCESS );
         TEST_ASSERT( psa_mac_update( &operation,
                                      input, sizeof( input ) ) == PSA_SUCCESS );
         TEST_ASSERT( psa_mac_sign_finish( &operation,
@@ -152,7 +153,8 @@ static int exercise_mac_key( psa_key_slot_t key,
             ( usage & PSA_KEY_USAGE_SIGN ?
               PSA_SUCCESS :
               PSA_ERROR_INVALID_SIGNATURE );
-        TEST_ASSERT( psa_mac_start( &operation, key, alg ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_mac_verify_setup( &operation,
+                                           key, alg ) == PSA_SUCCESS );
         TEST_ASSERT( psa_mac_update( &operation,
                                      input, sizeof( input ) ) == PSA_SUCCESS );
         TEST_ASSERT( psa_mac_verify_finish( &operation,
@@ -736,7 +738,6 @@ void mac_key_policy( int policy_usage,
     psa_mac_operation_t operation;
     psa_status_t status;
     unsigned char mac[PSA_MAC_MAX_SIZE];
-    size_t output_length;
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -747,10 +748,7 @@ void mac_key_policy( int policy_usage,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key_data->x, key_data->len ) == PSA_SUCCESS );
 
-    status = psa_mac_start( &operation, key_slot, exercise_alg );
-    if( status == PSA_SUCCESS )
-        status = psa_mac_sign_finish( &operation,
-                                      mac, sizeof( mac ), &output_length );
+    status = psa_mac_sign_setup( &operation, key_slot, exercise_alg );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 )
         TEST_ASSERT( status == PSA_SUCCESS );
@@ -759,12 +757,10 @@ void mac_key_policy( int policy_usage,
     psa_mac_abort( &operation );
 
     memset( mac, 0, sizeof( mac ) );
-    status = psa_mac_start( &operation, key_slot, exercise_alg );
-    if( status == PSA_SUCCESS )
-        status = psa_mac_verify_finish( &operation, mac, sizeof( mac ) );
+    status = psa_mac_verify_setup( &operation, key_slot, exercise_alg );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 )
-        TEST_ASSERT( status == PSA_ERROR_INVALID_SIGNATURE );
+        TEST_ASSERT( status == PSA_SUCCESS );
     else
         TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 
@@ -1155,7 +1151,7 @@ void mac_setup( int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
-    status = psa_mac_start( &operation, key_slot, alg );
+    status = psa_mac_sign_setup( &operation, key_slot, alg );
     psa_mac_abort( &operation );
     TEST_ASSERT( status == expected_status );
 
@@ -1196,7 +1192,8 @@ void mac_verify( int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_mac_start( &operation, key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_mac_verify_setup( &operation,
+                                       key_slot, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS );
     TEST_ASSERT( psa_mac_update( &operation,
                                  input->x, input->len ) == PSA_SUCCESS );

From 69e033aea05618084e3ac3aa1b264c617c717c21 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 6 Jul 2018 15:47:54 +0200
Subject: [PATCH 362/889] RSA encryption: accept input=NULL if ilen=0

In mbedtls_rsa_rsaes_oaep_encrypt and
mbedtls_rsa_rsaes_pkcs1_v15_encrypt, if the input length is 0 (which
is unusual and mostly useless, but permitted) then it is fine for the
input pointer to be NULL. Don't return an error in this case.

When `input` is NULL, `memcpy( p, input, ilen )` has undefined
behavior even if `ilen` is zero. So skip the `memcpy` call in this
case. Likewise, in `mbedtls_rsa_rsaes_oaep_decrypt` and
`mbedtls_rsa_rsaes_pkcs1_v15_decrypt`, skip the `memcpy` call if
`*olen` is zero.
---
 library/rsa.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/library/rsa.c b/library/rsa.c
index ad196391f..499d14540 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -1122,7 +1122,8 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
     p += hlen;
     p += olen - 2 * hlen - 2 - ilen;
     *p++ = 1;
-    memcpy( p, input, ilen );
+    if( ilen != 0 )
+        memcpy( p, input, ilen );
 
     mbedtls_md_init( &md_ctx );
     if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
@@ -1169,7 +1170,9 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
         return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
 
     // We don't check p_rng because it won't be dereferenced here
-    if( f_rng == NULL || input == NULL || output == NULL )
+    if( f_rng == NULL || output == NULL )
+        return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+    if( ilen != 0 && input == NULL )
         return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
 
     olen = ctx->len;
@@ -1209,7 +1212,8 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
     }
 
     *p++ = 0;
-    memcpy( p, input, ilen );
+    if( ilen != 0 )
+        memcpy( p, input, ilen );
 
     return( ( mode == MBEDTLS_RSA_PUBLIC )
             ? mbedtls_rsa_public(  ctx, output, output )
@@ -1373,7 +1377,8 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
     }
 
     *olen = ilen - (p - buf);
-    memcpy( output, p, *olen );
+    if( *olen != 0 )
+        memcpy( output, p, *olen );
     ret = 0;
 
 cleanup:
@@ -1471,7 +1476,8 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx,
     }
 
     *olen = ilen - (p - buf);
-    memcpy( output, p, *olen );
+    if( *olen != 0 )
+        memcpy( output, p, *olen );
     ret = 0;
 
 cleanup:

From 2701005b46953d6f993a57115ceda2d1384c8bd1 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Tue, 3 Jul 2018 13:16:15 +0300
Subject: [PATCH 363/889] Modifications for psa-crypto in order to integrate
 with SPM

Add required includes in tests and psa_crypto.c file in order to be able to compilef for the SPM solution.
Some functions needed to be deprecated from psa_crypto.c since they already implemented in the SPM.
---
 library/psa_crypto.c                        | 15 +++++++++++++--
 tests/suites/test_suite_psa_crypto.function |  5 +++++
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ca461c20e..68fa0ef67 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -27,6 +27,17 @@
 
 #if defined(MBEDTLS_PSA_CRYPTO_C)
 
+//! In case MBEDTLS_PSA_CRYPTO_SPM is defined the code is built for SPM (Secure
+//! Partition Manager) integration which separate the code into two parts
+//! NSPE (Non-Secure Process Environment) and SPE (Secure Process Environment).
+//! In this mode an additional header file should be included.
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+//! PSA_CRYPTO_SECURE means that this file is compiled to the SPE side.
+//! some headers will be affected by this flag.
+#define PSA_CRYPTO_SECURE 1
+#include "crypto_spe.h"
+#endif
+
 #include "psa/crypto.h"
 
 #include <stdlib.h>
@@ -2481,7 +2492,7 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation )
 /****************************************************************/
 /* Key Policy */
 /****************************************************************/
-
+#if !defined(MBEDTLS_PSA_CRYPTO_SPM)
 void psa_key_policy_init( psa_key_policy_t *policy )
 {
     memset( policy, 0, sizeof( *policy ) );
@@ -2504,7 +2515,7 @@ psa_algorithm_t psa_key_policy_get_algorithm( psa_key_policy_t *policy )
 {
     return( policy->alg );
 }
-
+#endif /* !defined(MBEDTLS_PSA_CRYPTO_SPM) */
 psa_status_t psa_set_key_policy( psa_key_slot_t key,
                                  const psa_key_policy_t *policy )
 {
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 9eac29b43..c90447f81 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1,5 +1,10 @@
 /* BEGIN_HEADER */
 #include <stdint.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+#include "spm/psa_defs.h"
+#endif
+
 #include "mbedtls/asn1write.h"
 #include "psa/crypto.h"
 

From 1d96fff61a26090ea6f4c0ad4ee078b39a912aef Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 2 Jul 2018 12:15:39 +0200
Subject: [PATCH 364/889] In psa_mac_finish, write a safe output even in the
 BAD_STATE case

---
 library/psa_crypto.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index a2f68975b..ca461c20e 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1510,10 +1510,6 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
 {
     int ret = 0;
     psa_status_t status = PSA_SUCCESS;
-    if( ! operation->key_set )
-        return( PSA_ERROR_BAD_STATE );
-    if( operation->iv_required && ! operation->iv_set )
-        return( PSA_ERROR_BAD_STATE );
 
     /* Fill the output buffer with something that isn't a valid mac
      * (barring an attack on the mac and deliberately-crafted input),
@@ -1524,6 +1520,11 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
     if( mac_size != 0 )
         memset( mac, '!', mac_size );
 
+    if( ! operation->key_set )
+        return( PSA_ERROR_BAD_STATE );
+    if( operation->iv_required && ! operation->iv_set )
+        return( PSA_ERROR_BAD_STATE );
+
     if( mac_size < operation->mac_size )
         return( PSA_ERROR_BUFFER_TOO_SMALL );
 

From 656896e4c36749f03b7ec24defad1fbc485d1944 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 29 Jun 2018 19:12:28 +0200
Subject: [PATCH 365/889] Add positive asymmetric encryption tests

Revise the test function asymmetric_encrypt_fail into
asymmetric_encrypt and use it for positive tests as well. Get the
expected output length from PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE. Check
the actual output length against test data.

Add positive test cases for encryption: one with an RSA public
key (this is the only test for encryption with a public key rather
than a key pair) and one with a key pair.
---
 tests/suites/test_suite_psa_crypto.data     |  30 ++++--
 tests/suites/test_suite_psa_crypto.function | 102 +++++++++++---------
 2 files changed, 75 insertions(+), 57 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 53d8c958f..f61c281b5 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -745,6 +745,22 @@ PSA verify: ECDSA SECP256R1, wrong signature of correct size
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE
 
+PSA encrypt: RSA PKCS#1 v1.5, good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS
+
+PSA encrypt: RSA PKCS#1 v1.5, key pair
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS
+
+PSA encrypt: invalid algorithm
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA encrypt: RSA PKCS#1 v1.5: invalid key type
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encrypt:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_INVALID_ARGUMENT
+
 PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #1
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
@@ -753,14 +769,6 @@ PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #2
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff"
 
-PSA encrypt: invalid algorithm
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
-
-PSA encrypt: RSA PKCS#1 v1.5: invalid key type
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
-
 PSA decrypt: RSA PKCS#1 v1.5: good #1
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":32
@@ -773,7 +781,11 @@ PSA decrypt: invalid algorithm
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
 
-PSA decrypt: RSA PKCS#1 v1.5: invalid key type
+PSA decrypt: RSA PKCS#1 v1.5, invalid key type (RSA public key)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt: RSA PKCS#1 v1.5: invalid key type (AES)
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
 
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 9505ab6eb..71325745a 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -2226,6 +2226,60 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void asymmetric_encrypt( int key_type_arg,
+                         data_t *key_data,
+                         int alg_arg,
+                         data_t *input_data,
+                         int expected_output_length_arg,
+                         int expected_status_arg )
+{
+    int slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t expected_output_length = expected_output_length_arg;
+    size_t key_bits;
+    unsigned char *output = NULL;
+    size_t output_size;
+    size_t output_length = ~0;
+    psa_status_t actual_status;
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_policy_t policy;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    /* Import the key */
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_import_key( slot, key_type,
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
+
+    /* Determine the maximum output length */
+    TEST_ASSERT( psa_get_key_information( slot,
+                                          NULL,
+                                          &key_bits ) == PSA_SUCCESS );
+    output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
+    output = mbedtls_calloc( 1, output_size );
+    TEST_ASSERT( output != NULL );
+
+    /* Encrypt the input */
+    actual_status = psa_asymmetric_encrypt( slot, alg,
+                                            input_data->x, input_data->len,
+                                            NULL, 0,
+                                            output, output_size,
+                                            &output_length );
+    TEST_ASSERT( actual_status == expected_status );
+    TEST_ASSERT( output_length == expected_output_length );
+
+exit:
+    psa_destroy_key( slot );
+    mbedtls_free( output );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data,
                                  int alg_arg, data_t *input_data )
@@ -2290,54 +2344,6 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
-void asymmetric_encrypt_fail( int key_type_arg, data_t *key_data,
-                              int alg_arg, data_t *input_data,
-                              int expected_status_arg )
-{
-    int slot = 1;
-    psa_key_type_t key_type = key_type_arg;
-    psa_algorithm_t alg = alg_arg;
-    unsigned char *output = NULL;
-    size_t output_size = 0;
-    size_t output_length = 0;
-    psa_status_t actual_status;
-    psa_status_t expected_status = expected_status_arg;
-    psa_key_policy_t policy;
-
-    TEST_ASSERT( key_data != NULL );
-    TEST_ASSERT( input_data != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
-
-    output_size = key_data->len;
-    output = mbedtls_calloc( 1, output_size );
-    TEST_ASSERT( output != NULL );
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    psa_key_policy_init( &policy );
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_import_key( slot, key_type,
-                                 key_data->x,
-                                 key_data->len ) == PSA_SUCCESS );
-
-    actual_status = psa_asymmetric_encrypt( slot, alg,
-                                            input_data->x, input_data->len,
-                                            NULL, 0,
-                                            output, output_size,
-                                            &output_length );
-    TEST_ASSERT( actual_status == expected_status );
-
-exit:
-    psa_destroy_key( slot );
-    mbedtls_free( output );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
 /* BEGIN_CASE */
 void asymmetric_decrypt( int key_type_arg, data_t *key_data,
                          int alg_arg, data_t *input_data,

From 3fa675cd971941c58405f6f30ee69cca62c8fc78 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 01:31:03 +0200
Subject: [PATCH 366/889] Doc: generate_key: improve documentation of \p extra

---
 include/psa/crypto.h | 29 +++++++++++++++++------------
 1 file changed, 17 insertions(+), 12 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index b190907cf..3cd516097 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -2427,22 +2427,27 @@ typedef struct {
  * \param[in] extra         Extra parameters for key generation. The
  *                          interpretation of this parameter depends on
  *                          \c type. All types support \c NULL to use
- *                          the default parameters specified below.
+ *                          default parameters. Implementation that support
+ *                          the generation of vendor-specific key types
+ *                          that allow extra parameters shall document
+ *                          the format of these extra parameters and
+ *                          the default values. For standard parameters,
+ *                          the meaning of \p extra is as follows:
+ *                          - For a symmetric key type (a type \c type such
+ *                            that #PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) is
+ *                            false), \p extra must be \c NULL.
+ *                          - For an elliptic curve key type (a type \c type
+ *                            such that #PSA_KEY_TYPE_IS_ECC(\p type) is
+ *                            false), \p extra must be \c NULL.
+ *                          - For an RSA key, \p extra is an optional
+ *                            #psa_generate_key_extra_rsa structure
+ *                            specifying the public exponent. The
+ *                            default public exponent used when \p extra
+ *                            is \c NULL is 65537.
  * \param extra_size        Size of the buffer that \p extra
  *                          points to, in bytes. Note that if \p extra is
  *                          \c NULL then \p extra_size must be zero.
  *
- * For any symmetric key type (a type such that
- * #PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) is false), \p extra must be
- * \c NULL. For asymmetric key types defined by this specification,
- * the parameter type and the default parameters are defined by the
- * table below. For vendor-defined key types, the vendor documentation
- * shall define the parameter type and the default parameters.
- *
- * Type | Parameter type | Meaning | Parameters used if `extra == NULL`
- * ---- | -------------- | ------- | ---------------------------------------
- * `PSA_KEY_TYPE_RSA_KEYPAIR` | #psa_generate_key_extra_rsa | Public exponent | 65537
- *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_NOT_SUPPORTED
  * \retval #PSA_ERROR_INVALID_ARGUMENT

From 5d0b864944c7017a59c7adaf97c3881612001d8b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sun, 8 Jul 2018 20:35:02 +0200
Subject: [PATCH 367/889] Streamline cleanup logic in MAC finish

Reorganize error handling code in psa_mac_finish_internal,
psa_mac_sign_finish and psa_mac_verify finish to ensure that:

* psa_mac_abort() is always called, on all success and error paths.
* psa_mac_finish places a safe value in the output parameters on
  all error paths, even if abort fails.
---
 library/psa_crypto.c | 106 +++++++++++++++++++++++--------------------
 1 file changed, 58 insertions(+), 48 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 61eef45ca..a29c07769 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1585,20 +1585,9 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
 
 static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                                              uint8_t *mac,
-                                             size_t mac_size,
-                                             size_t *mac_length )
+                                             size_t mac_size )
 {
-    int ret = 0;
-    psa_status_t status = PSA_SUCCESS;
-
-    /* Fill the output buffer with something that isn't a valid mac
-     * (barring an attack on the mac and deliberately-crafted input),
-     * in case the caller doesn't check the return status properly. */
-    *mac_length = mac_size;
-    /* If mac_size is 0 then mac may be NULL and then the
-     * call to memset would have undefined behavior. */
-    if( mac_size != 0 )
-        memset( mac, '!', mac_size );
+    psa_status_t status;
 
     if( ! operation->key_set )
         return( PSA_ERROR_BAD_STATE );
@@ -1612,8 +1601,10 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
     {
 #if defined(MBEDTLS_CMAC_C)
         case PSA_ALG_CMAC:
-            ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, mac );
-            break;
+        {
+            int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, mac );
+            return( mbedtls_to_psa_error( ret ) );
+        }
 #endif /* MBEDTLS_CMAC_C */
         default:
 #if defined(MBEDTLS_MD_C)
@@ -1631,7 +1622,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                 status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, tmp,
                                           sizeof( tmp ), &hash_size );
                 if( status != PSA_SUCCESS )
-                    goto cleanup;
+                    return( status );
                 /* From here on, tmp needs to be wiped. */
 
                 status = psa_hash_setup( &operation->ctx.hmac.hash_ctx,
@@ -1650,32 +1641,21 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                     goto hmac_cleanup;
 
                 status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, mac,
-                                          mac_size, mac_length );
+                                          mac_size, &hash_size );
             hmac_cleanup:
                 mbedtls_zeroize( tmp, hash_size );
             }
             else
 #endif /* MBEDTLS_MD_C */
             {
-                ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA;
+                /* This shouldn't happen if operation was initialized by
+                 * a setup function. */
+                return( PSA_ERROR_BAD_STATE );
             }
             break;
     }
-cleanup:
 
-    if( ret == 0 && status == PSA_SUCCESS )
-    {
-        *mac_length = operation->mac_size;
-        return( psa_mac_abort( operation ) );
-    }
-    else
-    {
-        psa_mac_abort( operation );
-        if( ret != 0 )
-            status = mbedtls_to_psa_error( ret );
-
-        return( status );
-    }
+    return( status );
 }
 
 psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation,
@@ -1683,14 +1663,37 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation,
                                   size_t mac_size,
                                   size_t *mac_length )
 {
+    psa_status_t status;
+
+    /* Fill the output buffer with something that isn't a valid mac
+     * (barring an attack on the mac and deliberately-crafted input),
+     * in case the caller doesn't check the return status properly. */
+    *mac_length = mac_size;
+    /* If mac_size is 0 then mac may be NULL and then the
+     * call to memset would have undefined behavior. */
+    if( mac_size != 0 )
+        memset( mac, '!', mac_size );
+
     if( ! operation->is_sign )
     {
-        psa_mac_abort( operation );
-        return( PSA_ERROR_BAD_STATE );
+        status = PSA_ERROR_BAD_STATE;
+        goto cleanup;
     }
 
-    return( psa_mac_finish_internal( operation, mac,
-                                     mac_size, mac_length ) );
+    status = psa_mac_finish_internal( operation, mac, mac_size );
+
+cleanup:
+    if( status == PSA_SUCCESS )
+    {
+        status = psa_mac_abort( operation );
+        if( status == PSA_SUCCESS )
+            *mac_length = operation->mac_size;
+        else
+            memset( mac, '!', mac_size );
+    }
+    else
+        psa_mac_abort( operation );
+    return( status );
 }
 
 psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation,
@@ -1698,25 +1701,32 @@ psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation,
                                     size_t mac_length )
 {
     uint8_t actual_mac[PSA_MAC_MAX_SIZE];
-    size_t actual_mac_length;
     psa_status_t status;
 
     if( operation->is_sign )
     {
-        psa_mac_abort( operation );
-        return( PSA_ERROR_BAD_STATE );
+        status = PSA_ERROR_BAD_STATE;
+        goto cleanup;
+    }
+    if( operation->mac_size != mac_length )
+    {
+        status = PSA_ERROR_INVALID_SIGNATURE;
+        goto cleanup;
     }
 
     status = psa_mac_finish_internal( operation,
-                                      actual_mac, sizeof( actual_mac ),
-                                      &actual_mac_length );
-    if( status != PSA_SUCCESS )
-        return( status );
-    if( actual_mac_length != mac_length )
-        return( PSA_ERROR_INVALID_SIGNATURE );
-    if( safer_memcmp( mac, actual_mac, actual_mac_length ) != 0 )
-        return( PSA_ERROR_INVALID_SIGNATURE );
-    return( PSA_SUCCESS );
+                                      actual_mac, sizeof( actual_mac ) );
+
+    if( safer_memcmp( mac, actual_mac, mac_length ) != 0 )
+        status = PSA_ERROR_INVALID_SIGNATURE;
+
+cleanup:
+    if( status == PSA_SUCCESS )
+        status = psa_mac_abort( operation );
+    else
+        psa_mac_abort( operation );
+
+    return( status );
 }
 
 

From 25c4fa8fb0537fbb9d5a4af42d1b4643e9ee9aca Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Fri, 6 Jul 2018 16:23:25 +0100
Subject: [PATCH 368/889] Fix copy paste error PSA test suite

At this point it fixes memory leaks as well. These memory leaks are the
fault of the 'psa_cipher_finish()' function and the calls fixed in this
commit (among with many others in the test suite) will become obsolete
after fixing 'psa_cipher_finish()'.
---
 tests/suites/test_suite_psa_crypto.function | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index c90447f81..715236896 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1385,7 +1385,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
 
     output2_length += function_output_length;
 
-    TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_abort( &operation2 ) == PSA_SUCCESS );
 
     TEST_ASSERT( input->len == output2_length );
     TEST_ASSERT( memcmp( input->x, output2, input->len ) == 0 );
@@ -1491,7 +1491,7 @@ void cipher_verify_output_multipart( int alg_arg,
                                     &function_output_length ) == PSA_SUCCESS );
     output2_length += function_output_length;
 
-    TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_abort( &operation2 ) == PSA_SUCCESS );
 
     TEST_ASSERT( input->len == output2_length );
     TEST_ASSERT( memcmp( input->x, output2, input->len ) == 0 );

From 76f5c7b6a874edb4de057d159827d8c8dbd2d70c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 6 Jul 2018 16:53:09 +0200
Subject: [PATCH 369/889] Tests: cover policy checks for all operations

Add tests of key policy checks for MAC, cipher, AEAD, asymmetric
encryption and asymmetric signature. For each category, test
with/without the requisite usage flag in each direction, and test
algorithm mismatch.
---
 tests/suites/test_suite_psa_crypto.data     | 102 ++++++-
 tests/suites/test_suite_psa_crypto.function | 282 +++++++++++++++++---
 2 files changed, 348 insertions(+), 36 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index b281cb3af..f1075bbac 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -138,11 +138,105 @@ import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED
 PSA key policy set and get
 key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE
 
-PSA key policy enforcement: export
-key_policy_fail:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+PSA key policy: MAC, sign | verify
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256)
 
-PSA key policy enforcement: sign
-key_policy_fail:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_ERROR_NOT_PERMITTED:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+PSA key policy: MAC, wrong algorithm
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_224)
+
+PSA key policy: MAC, sign but not verify
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256)
+
+PSA key policy: MAC, verify but not sign
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_key_policy:PSA_KEY_USAGE_VERIFY:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256)
+
+PSA key policy: MAC, neither sign nor verify
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_key_policy:0:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_256)
+
+PSA key policy: cipher, encrypt | decrypt
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
+
+PSA key policy: cipher, wrong algorithm
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC
+cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE
+
+PSA key policy: cipher, encrypt but not decrypt
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
+
+PSA key policy: cipher, decrypt but not encrypt
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
+
+PSA key policy: cipher, neither encrypt nor decrypt
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+cipher_key_policy:0:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CTR
+
+PSA key policy: AEAD, encrypt | decrypt
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM
+
+PSA key policy: AEAD, wrong algorithm
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_GCM_C
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":16:16:PSA_ALG_GCM
+
+PSA key policy: AEAD, encrypt but not decrypt
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM
+
+PSA key policy: AEAD, decrypt but not encrypt
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM
+
+PSA key policy: AEAD, neither encrypt nor decrypt
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_key_policy:0:PSA_ALG_CCM:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":13:16:PSA_ALG_CCM
+
+PSA key policy: asymmetric encryption, encrypt | decrypt
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
+
+PSA key policy: asymmetric encryption, wrong algorithm
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256)
+
+PSA key policy: asymmetric encryption, encrypt but not decrypt
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encryption_key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
+
+PSA key policy: asymmetric encryption, decrypt but not encrypt
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encryption_key_policy:PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
+
+PSA key policy: asymmetric encryption, neither encrypt nor decrypt
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encryption_key_policy:0:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_CRYPT
+
+PSA key policy: asymmetric signature, sign | verify
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW
+
+PSA key policy: asymmetric signature, wrong algorithm
+depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_224)
+
+PSA key policy: asymmetric signature, sign but not verify
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW
+
+PSA key policy: asymmetric signature, verify but not sign
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW
+
+PSA key policy: asymmetric signature, neither sign nor verify
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW
 
 PSA key lifetime: set and get volatile
 key_lifetime:PSA_KEY_LIFETIME_VOLATILE
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 9128e8fc5..977222bbf 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -723,49 +723,267 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void key_policy_fail( int usage_arg, int alg_arg, int expected_status,
-                      data_t *keypair )
+void mac_key_policy( int policy_usage,
+                     int policy_alg,
+                     int key_type,
+                     data_t *key_data,
+                     int exercise_alg )
 {
     int key_slot = 1;
-    psa_algorithm_t alg = alg_arg;
-    psa_key_usage_t usage = usage_arg;
-    size_t signature_length = 0;
     psa_key_policy_t policy;
-    int actual_status = PSA_SUCCESS;
+    psa_mac_operation_t operation;
+    psa_status_t status;
+    unsigned char mac[PSA_MAC_MAX_SIZE];
+    size_t output_length;
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-    psa_key_policy_set_usage( &policy, usage, alg );
+    psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
     TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
 
-    if( usage & PSA_KEY_USAGE_EXPORT )
-    {
-        TEST_ASSERT( keypair != NULL );
-        TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
-        TEST_ASSERT( psa_import_key( key_slot,
-                                     PSA_KEY_TYPE_RSA_KEYPAIR,
-                                     keypair->x,
-                                     keypair->len ) == PSA_SUCCESS );
-        actual_status = psa_asymmetric_sign( key_slot, alg,
-                                             NULL, 0,
-                                             NULL, 0,
-                                             NULL, 0, &signature_length );
-    }
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key_data->x, key_data->len ) == PSA_SUCCESS );
 
-    if( usage & PSA_KEY_USAGE_SIGN )
-    {
-        size_t data_length;
-        TEST_ASSERT( keypair != NULL );
-        TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( keypair->len ) );
-        TEST_ASSERT( psa_import_key( key_slot,
-                                     PSA_KEY_TYPE_RSA_KEYPAIR,
-                                     keypair->x,
-                                     keypair->len ) == PSA_SUCCESS );
-        actual_status = psa_export_key( key_slot, NULL, 0, &data_length );
-    }
+    status = psa_mac_start( &operation, key_slot, exercise_alg );
+    if( status == PSA_SUCCESS )
+        status = psa_mac_finish( &operation,
+                                 mac, sizeof( mac ), &output_length );
+    if( policy_alg == exercise_alg &&
+        ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 )
+        TEST_ASSERT( status == PSA_SUCCESS );
+    else
+        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+    psa_mac_abort( &operation );
 
-    TEST_ASSERT( actual_status == expected_status );
+    memset( mac, 0, sizeof( mac ) );
+    status = psa_mac_start( &operation, key_slot, exercise_alg );
+    if( status == PSA_SUCCESS )
+        status = psa_mac_verify( &operation, mac, sizeof( mac ) );
+    if( policy_alg == exercise_alg &&
+        ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 )
+        TEST_ASSERT( status == PSA_ERROR_INVALID_SIGNATURE );
+    else
+        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+
+exit:
+    psa_mac_abort( &operation );
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_key_policy( int policy_usage,
+                        int policy_alg,
+                        int key_type,
+                        data_t *key_data,
+                        int exercise_alg )
+{
+    int key_slot = 1;
+    psa_key_policy_t policy;
+    psa_cipher_operation_t operation;
+    psa_status_t status;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key_data->x, key_data->len ) == PSA_SUCCESS );
+
+    status = psa_encrypt_setup( &operation, key_slot, exercise_alg );
+    if( policy_alg == exercise_alg &&
+        ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
+        TEST_ASSERT( status == PSA_SUCCESS );
+    else
+        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+    psa_cipher_abort( &operation );
+
+    status = psa_decrypt_setup( &operation, key_slot, exercise_alg );
+    if( policy_alg == exercise_alg &&
+        ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 )
+        TEST_ASSERT( status == PSA_SUCCESS );
+    else
+        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+
+exit:
+    psa_cipher_abort( &operation );
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aead_key_policy( int policy_usage,
+                      int policy_alg,
+                      int key_type,
+                      data_t *key_data,
+                      int nonce_length_arg,
+                      int tag_length_arg,
+                      int exercise_alg )
+{
+    int key_slot = 1;
+    psa_key_policy_t policy;
+    psa_status_t status;
+    unsigned char nonce[16] = {0};
+    size_t nonce_length = nonce_length_arg;
+    unsigned char tag[16];
+    size_t tag_length = tag_length_arg;
+    size_t output_length;
+
+    TEST_ASSERT( nonce_length <= sizeof( nonce ) );
+    TEST_ASSERT( tag_length <= sizeof( tag ) );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key_data->x, key_data->len ) == PSA_SUCCESS );
+
+    status = psa_aead_encrypt( key_slot, exercise_alg,
+                               nonce, nonce_length,
+                               NULL, 0,
+                               NULL, 0,
+                               tag, tag_length,
+                               &output_length );
+    if( policy_alg == exercise_alg &&
+        ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
+        TEST_ASSERT( status == PSA_SUCCESS );
+    else
+        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+
+    memset( tag, 0, sizeof( tag ) );
+    status = psa_aead_decrypt( key_slot, exercise_alg,
+                               nonce, nonce_length,
+                               NULL, 0,
+                               tag, tag_length,
+                               NULL, 0,
+                               &output_length );
+    if( policy_alg == exercise_alg &&
+        ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 )
+        TEST_ASSERT( status == PSA_ERROR_INVALID_SIGNATURE );
+    else
+        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+
+exit:
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_encryption_key_policy( int policy_usage,
+                                       int policy_alg,
+                                       int key_type,
+                                       data_t *key_data,
+                                       int exercise_alg )
+{
+    int key_slot = 1;
+    psa_key_policy_t policy;
+    psa_status_t status;
+    size_t key_bits;
+    size_t buffer_length;
+    unsigned char *buffer = NULL;
+    size_t output_length;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key_data->x, key_data->len ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_get_key_information( key_slot,
+                                          NULL,
+                                          &key_bits ) == PSA_SUCCESS );
+    buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits,
+                                                        exercise_alg );
+    buffer = mbedtls_calloc( 1, buffer_length );
+    TEST_ASSERT( buffer != NULL );
+
+    status = psa_asymmetric_encrypt( key_slot, exercise_alg,
+                                     NULL, 0,
+                                     NULL, 0,
+                                     buffer, buffer_length,
+                                     &output_length );
+    if( policy_alg == exercise_alg &&
+        ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
+        TEST_ASSERT( status == PSA_SUCCESS );
+    else
+        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+
+    memset( buffer, 0, buffer_length );
+    status = psa_asymmetric_decrypt( key_slot, exercise_alg,
+                                     buffer, buffer_length,
+                                     NULL, 0,
+                                     buffer, buffer_length,
+                                     &output_length );
+    if( policy_alg == exercise_alg &&
+        ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 )
+        TEST_ASSERT( status == PSA_ERROR_INVALID_PADDING );
+    else
+        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+
+exit:
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+    mbedtls_free( buffer );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_signature_key_policy( int policy_usage,
+                                      int policy_alg,
+                                      int key_type,
+                                      data_t *key_data,
+                                      int exercise_alg )
+{
+    int key_slot = 1;
+    psa_key_policy_t policy;
+    psa_status_t status;
+    unsigned char payload[16] = {1};
+    size_t payload_length = sizeof( payload );
+    unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0};
+    size_t signature_length;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key_data->x, key_data->len ) == PSA_SUCCESS );
+
+    status = psa_asymmetric_sign( key_slot, exercise_alg,
+                                  payload, payload_length,
+                                  NULL, 0,
+                                  signature, sizeof( signature ),
+                                  &signature_length );
+    if( policy_alg == exercise_alg &&
+        ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 )
+        TEST_ASSERT( status == PSA_SUCCESS );
+    else
+        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+
+    memset( signature, 0, sizeof( signature ) );
+    status = psa_asymmetric_verify( key_slot, exercise_alg,
+                                    payload, payload_length,
+                                    NULL, 0,
+                                    signature, sizeof( signature ) );
+    if( policy_alg == exercise_alg &&
+        ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 )
+        TEST_ASSERT( status == PSA_ERROR_INVALID_SIGNATURE );
+    else
+        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 
 exit:
     psa_destroy_key( key_slot );

From a5c7b7d0ddcfcc1b5313abb28311c0c2c6b39223 Mon Sep 17 00:00:00 2001
From: Mohammad Abo Mokh <mohabo01@e108870.kfn.arm.com>
Date: Wed, 4 Jul 2018 15:57:00 +0300
Subject: [PATCH 370/889] Style fixes

---
 library/psa_crypto.c | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 68fa0ef67..6dff2f532 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -26,14 +26,17 @@
 #endif
 
 #if defined(MBEDTLS_PSA_CRYPTO_C)
-
-//! In case MBEDTLS_PSA_CRYPTO_SPM is defined the code is built for SPM (Secure
-//! Partition Manager) integration which separate the code into two parts
-//! NSPE (Non-Secure Process Environment) and SPE (Secure Process Environment).
-//! In this mode an additional header file should be included.
+/*
+ * In case MBEDTLS_PSA_CRYPTO_SPM is defined the code is built for SPM (Secure
+ * Partition Manager) integration which separate the code into two parts
+ * NSPE (Non-Secure Process Environment) and SPE (Secure Process Environment).
+ * In this mode an additional header file should be included.
+ */
 #if defined(MBEDTLS_PSA_CRYPTO_SPM)
-//! PSA_CRYPTO_SECURE means that this file is compiled to the SPE side.
-//! some headers will be affected by this flag.
+/*
+ * PSA_CRYPTO_SECURE means that this file is compiled to the SPE side.
+ * some headers will be affected by this flag.
+ */
 #define PSA_CRYPTO_SECURE 1
 #include "crypto_spe.h"
 #endif
@@ -2492,6 +2495,7 @@ psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation )
 /****************************************************************/
 /* Key Policy */
 /****************************************************************/
+
 #if !defined(MBEDTLS_PSA_CRYPTO_SPM)
 void psa_key_policy_init( psa_key_policy_t *policy )
 {
@@ -2516,6 +2520,7 @@ psa_algorithm_t psa_key_policy_get_algorithm( psa_key_policy_t *policy )
     return( policy->alg );
 }
 #endif /* !defined(MBEDTLS_PSA_CRYPTO_SPM) */
+
 psa_status_t psa_set_key_policy( psa_key_slot_t key,
                                  const psa_key_policy_t *policy )
 {

From 365b984e38b37cef4a98e1019d19d19549762842 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 30 Jun 2018 00:19:25 +0200
Subject: [PATCH 371/889] Add asymmetric_verify tests with public keys

Change most asymmetric_verify to use public keys (they were all using
key pairs before). Keep one test with an RSA key pair and one with an
EC key pair.
---
 tests/suites/test_suite_psa_crypto.data | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index f61c281b5..4ac25b4d8 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -723,27 +723,35 @@ sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100a
 
 PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
+
+PSA verify with keypair: RSA PKCS#1 v1.5 SHA-256, good signature
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
 asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
 
 PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong hash
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C
-asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT
+asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT
 
 PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
-asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
+asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
 
 PSA verify: ECDSA SECP256R1, good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+
+PSA verify with keypair: ECDSA SECP256R1, good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
 PSA verify: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded)
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE
+asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE
 
 PSA verify: ECDSA SECP256R1, wrong signature of correct size
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE
+asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE
 
 PSA encrypt: RSA PKCS#1 v1.5, good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15

From fa4070c50bd17d2d1c231e752a3f5e11709fd0f6 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 19:23:03 +0200
Subject: [PATCH 372/889] Doc: Fix some \c name that should have been \p name

---
 include/psa/crypto.h | 174 +++++++++++++++++++++----------------------
 1 file changed, 87 insertions(+), 87 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 3cd516097..fa2765667 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -492,7 +492,7 @@ typedef uint16_t psa_ecc_curve_t;
  * \param type  A cipher key type (value of type #psa_key_type_t).
  *
  * \return      The block size for a block cipher, or 1 for a stream cipher.
- *              The return value is undefined if \c type is not a supported
+ *              The return value is undefined if \p type is not a supported
  *              cipher key type.
  *
  * \note It is possible to build stream cipher algorithms on top of a block
@@ -541,8 +541,8 @@ typedef uint32_t psa_algorithm_t;
  *
  * \param alg An algorithm identifier (value of type #psa_algorithm_t).
  *
- * \return 1 if \c alg is a hash algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
+ * \return 1 if \p alg is a hash algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
  *         algorithm identifier.
  */
 #define PSA_ALG_IS_HASH(alg)                                            \
@@ -552,8 +552,8 @@ typedef uint32_t psa_algorithm_t;
  *
  * \param alg An algorithm identifier (value of type #psa_algorithm_t).
  *
- * \return 1 if \c alg is a MAC algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
+ * \return 1 if \p alg is a MAC algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
  *         algorithm identifier.
  */
 #define PSA_ALG_IS_MAC(alg)                                             \
@@ -563,8 +563,8 @@ typedef uint32_t psa_algorithm_t;
  *
  * \param alg An algorithm identifier (value of type #psa_algorithm_t).
  *
- * \return 1 if \c alg is a symmetric cipher algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
+ * \return 1 if \p alg is a symmetric cipher algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
  *         algorithm identifier.
  */
 #define PSA_ALG_IS_CIPHER(alg)                                          \
@@ -575,8 +575,8 @@ typedef uint32_t psa_algorithm_t;
  *
  * \param alg An algorithm identifier (value of type #psa_algorithm_t).
  *
- * \return 1 if \c alg is an AEAD algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
+ * \return 1 if \p alg is an AEAD algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
  *         algorithm identifier.
  */
 #define PSA_ALG_IS_AEAD(alg)                                            \
@@ -586,8 +586,8 @@ typedef uint32_t psa_algorithm_t;
  *
  * \param alg An algorithm identifier (value of type #psa_algorithm_t).
  *
- * \return 1 if \c alg is a public-key signature algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
+ * \return 1 if \p alg is a public-key signature algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
  *         algorithm identifier.
  */
 #define PSA_ALG_IS_SIGN(alg)                                            \
@@ -597,8 +597,8 @@ typedef uint32_t psa_algorithm_t;
  *
  * \param alg An algorithm identifier (value of type #psa_algorithm_t).
  *
- * \return 1 if \c alg is a public-key encryption algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
+ * \return 1 if \p alg is a public-key encryption algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
  *         algorithm identifier.
  */
 #define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)                           \
@@ -608,8 +608,8 @@ typedef uint32_t psa_algorithm_t;
  *
  * \param alg An algorithm identifier (value of type #psa_algorithm_t).
  *
- * \return 1 if \c alg is a key agreement algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
+ * \return 1 if \p alg is a key agreement algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
  *         algorithm identifier.
  */
 #define PSA_ALG_IS_KEY_AGREEMENT(alg)                                   \
@@ -619,8 +619,8 @@ typedef uint32_t psa_algorithm_t;
  *
  * \param alg An algorithm identifier (value of type #psa_algorithm_t).
  *
- * \return 1 if \c alg is a key derivation algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
+ * \return 1 if \p alg is a key derivation algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
  *         algorithm identifier.
  */
 #define PSA_ALG_IS_KEY_DERIVATION(alg)                                  \
@@ -668,8 +668,8 @@ typedef uint32_t psa_algorithm_t;
  *
  * \param alg An algorithm identifier (value of type #psa_algorithm_t).
  *
- * \return 1 if \c alg is an HMAC algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
+ * \return 1 if \p alg is an HMAC algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
  *         algorithm identifier.
  */
 #define PSA_ALG_IS_HMAC(alg)                                            \
@@ -683,8 +683,8 @@ typedef uint32_t psa_algorithm_t;
 
 /** Whether the specified algorithm is a MAC algorithm based on a block cipher.
  *
- * \return 1 if \c alg is a MAC algorithm based on a block cipher, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
+ * \return 1 if \p alg is a MAC algorithm based on a block cipher, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
  *         algorithm identifier.
  */
 #define PSA_ALG_IS_CIPHER_MAC(alg)                                      \
@@ -720,8 +720,8 @@ typedef uint32_t psa_algorithm_t;
  *
  * \param alg An algorithm identifier (value of type #psa_algorithm_t).
  *
- * \return 1 if \c alg is a block cipher algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
+ * \return 1 if \p alg is a block cipher algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
  *         algorithm identifier or if it is not a symmetric cipher algorithm.
  */
 #define PSA_ALG_IS_BLOCK_CIPHER(alg)            \
@@ -756,8 +756,8 @@ typedef uint32_t psa_algorithm_t;
  *
  * \param alg An algorithm identifier (value of type #psa_algorithm_t).
  *
- * \return 1 if \c alg is a stream cipher algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
+ * \return 1 if \p alg is a stream cipher algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
  *         algorithm identifier or if it is not a symmetric cipher algorithm.
  */
 #define PSA_ALG_IS_STREAM_CIPHER(alg)            \
@@ -878,10 +878,10 @@ typedef uint32_t psa_algorithm_t;
  * The representation of a signature is the same as with #PSA_ALG_ECDSA().
  *
  * Note that when this algorithm is used for verification, signatures
- * made with randomized ECDSA (#PSA_ALG_ECDSA(\c hash_alg)) with the
+ * made with randomized ECDSA (#PSA_ALG_ECDSA(\p hash_alg)) with the
  * same private key are accepted. In other words,
- * #PSA_ALG_DETERMINISTIC_ECDSA(\c hash_alg) differs from
- * #PSA_ALG_ECDSA(\c hash_alg) only for signature, not for verification.
+ * #PSA_ALG_DETERMINISTIC_ECDSA(\p hash_alg) differs from
+ * #PSA_ALG_ECDSA(\p hash_alg) only for signature, not for verification.
  *
  * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
  *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
@@ -964,7 +964,7 @@ typedef uint32_t psa_algorithm_t;
  *                    be unoccupied.
  * \param type        Key type (a \c PSA_KEY_TYPE_XXX value).
  * \param[in] data    Buffer containing the key data.
- * \param data_length Size of the \c data buffer in bytes.
+ * \param data_length Size of the \p data buffer in bytes.
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -1072,7 +1072,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  * \param key               Slot whose content is to be exported. This must
  *                          be an occupied key slot.
  * \param[out] data         Buffer where the key data is to be written.
- * \param data_size         Size of the \c data buffer in bytes.
+ * \param data_size         Size of the \p data buffer in bytes.
  * \param[out] data_length  On success, the number of bytes
  *                          that make up the key data.
  *
@@ -1103,7 +1103,7 @@ psa_status_t psa_export_key(psa_key_slot_t key,
  * \param key               Slot whose content is to be exported. This must
  *                          be an occupied key slot.
  * \param[out] data         Buffer where the key data is to be written.
- * \param data_size         Size of the \c data buffer in bytes.
+ * \param data_size         Size of the \p data buffer in bytes.
  * \param[out] data_length  On success, the number of bytes
  *                          that make up the key data.
  *
@@ -1372,7 +1372,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
  * \retval #PSA_SUCCESS
  *         Success.
  * \retval #PSA_ERROR_NOT_SUPPORTED
- *         \c alg is not supported or is not a hash algorithm.
+ *         \p alg is not supported or is not a hash algorithm.
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
@@ -1389,7 +1389,7 @@ psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
  *
  * \param[in,out] operation Active hash operation.
  * \param[in] input         Buffer containing the message fragment to hash.
- * \param input_length      Size of the \c input buffer in bytes.
+ * \param input_length      Size of the \p input buffer in bytes.
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -1433,7 +1433,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation,
  * \retval #PSA_ERROR_BAD_STATE
  *         The operation state is not valid (not started, or already completed).
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
- *         The size of the \c hash buffer is too small. You can determine a
+ *         The size of the \p hash buffer is too small. You can determine a
  *         sufficient buffer size by calling #PSA_HASH_SIZE(\c alg)
  *         where \c alg is the hash algorithm that is calculated.
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@@ -1463,7 +1463,7 @@ psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
  *
  * \param[in,out] operation     Active hash operation.
  * \param[in] hash              Buffer containing the expected hash value.
- * \param hash_length           Size of the \c hash buffer in bytes.
+ * \param hash_length           Size of the \p hash buffer in bytes.
  *
  * \retval #PSA_SUCCESS
  *         The expected hash is identical to the actual hash of the message.
@@ -1485,7 +1485,7 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
  *
  * This function may be called at any time after psa_hash_setup().
  * Aborting an operation frees all associated resources except for the
- * \c operation structure itself.
+ * \p operation structure itself.
  *
  * Implementation should strive to be robust and handle inactive hash
  * operations safely (do nothing and return #PSA_ERROR_BAD_STATE). However,
@@ -1497,7 +1497,7 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_BAD_STATE
- *         \c operation is not an active hash operation.
+ *         \p operation is not an active hash operation.
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
@@ -1554,9 +1554,9 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
  * \retval #PSA_ERROR_EMPTY_SLOT
  * \retval #PSA_ERROR_NOT_PERMITTED
  * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         \c key is not compatible with \c alg.
+ *         \p key is not compatible with \p alg.
  * \retval #PSA_ERROR_NOT_SUPPORTED
- *         \c alg is not supported or is not a MAC algorithm.
+ *         \p alg is not supported or is not a MAC algorithm.
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
@@ -1624,7 +1624,7 @@ psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
  * \param[in,out] operation Active MAC operation.
  * \param[in] input         Buffer containing the message fragment to add to
  *                          the MAC calculation.
- * \param input_length      Size of the \c input buffer in bytes.
+ * \param input_length      Size of the \p input buffer in bytes.
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -1670,7 +1670,7 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation,
  * \retval #PSA_ERROR_BAD_STATE
  *         The operation state is not valid (not started, or already completed).
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
- *         The size of the \c mac buffer is too small. You can determine a
+ *         The size of the \p mac buffer is too small. You can determine a
  *         sufficient buffer size by calling PSA_MAC_FINAL_SIZE().
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
@@ -1699,7 +1699,7 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
  *
  * \param[in,out] operation Active MAC operation.
  * \param[in] mac           Buffer containing the expected MAC value.
- * \param mac_length        Size of the \c mac buffer in bytes.
+ * \param mac_length        Size of the \p mac buffer in bytes.
  *
  * \retval #PSA_SUCCESS
  *         The expected MAC is identical to the actual MAC of the message.
@@ -1722,7 +1722,7 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
  * This function may be called at any time after psa_mac_sign_setup()
  * or psa_mac_verify_setup().
  * Aborting an operation frees all associated resources except for the
- * \c operation structure itself.
+ * \p operation structure itself.
  *
  * Implementation should strive to be robust and handle inactive MAC
  * operations safely (do nothing and return #PSA_ERROR_BAD_STATE). However,
@@ -1734,7 +1734,7 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_BAD_STATE
- *         \c operation is not an active MAC operation.
+ *         \p operation is not an active MAC operation.
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
@@ -1792,9 +1792,9 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
  * \retval #PSA_ERROR_EMPTY_SLOT
  * \retval #PSA_ERROR_NOT_PERMITTED
  * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         \c key is not compatible with \c alg.
+ *         \p key is not compatible with \p alg.
  * \retval #PSA_ERROR_NOT_SUPPORTED
- *         \c alg is not supported or is not a cipher algorithm.
+ *         \p alg is not supported or is not a cipher algorithm.
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
@@ -1841,9 +1841,9 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
  * \retval #PSA_ERROR_EMPTY_SLOT
  * \retval #PSA_ERROR_NOT_PERMITTED
  * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         \c key is not compatible with \c alg.
+ *         \p key is not compatible with \p alg.
  * \retval #PSA_ERROR_NOT_SUPPORTED
- *         \c alg is not supported or is not a cipher algorithm.
+ *         \p alg is not supported or is not a cipher algorithm.
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
@@ -1866,7 +1866,7 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
  *
  * \param[in,out] operation     Active cipher operation.
  * \param[out] iv               Buffer where the generated IV is to be written.
- * \param iv_size               Size of the \c iv buffer in bytes.
+ * \param iv_size               Size of the \p iv buffer in bytes.
  * \param[out] iv_length        On success, the number of bytes of the
  *                              generated IV.
  *
@@ -1909,7 +1909,7 @@ psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
  * \retval #PSA_ERROR_BAD_STATE
  *         The operation state is not valid (not started, or IV already set).
  * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         The size of the \c iv is not acceptable for the chosen algorithm,
+ *         The size of \p iv is not acceptable for the chosen algorithm,
  *         or the chosen algorithm does not use an IV.
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
@@ -1934,9 +1934,9 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
  * \param[in,out] operation     Active cipher operation.
  * \param[in] input             Buffer containing the message fragment to
  *                              encrypt or decrypt.
- * \param input_length          Size of the \c input buffer in bytes.
+ * \param input_length          Size of the \p input buffer in bytes.
  * \param[out] output           Buffer where the output is to be written.
- * \param output_size           Size of the \c output buffer in bytes.
+ * \param output_size           Size of the \p output buffer in bytes.
  * \param[out] output_length    On success, the number of bytes
  *                              that make up the returned output.
  *
@@ -1974,7 +1974,7 @@ psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
  *
  * \param[in,out] operation     Active cipher operation.
  * \param[out] output           Buffer where the output is to be written.
- * \param output_size           Size of the \c output buffer in bytes.
+ * \param output_size           Size of the \p output buffer in bytes.
  * \param[out] output_length    On success, the number of bytes
  *                              that make up the returned output.
  *
@@ -2000,7 +2000,7 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
  * This function may be called at any time after
  * psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup().
  * Aborting an operation frees all associated resources except for the
- * \c operation structure itself.
+ * \p operation structure itself.
  *
  * Implementation should strive to be robust and handle inactive cipher
  * operations safely (do nothing and return #PSA_ERROR_BAD_STATE). However,
@@ -2012,7 +2012,7 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_BAD_STATE
- *         \c operation is not an active cipher operation.
+ *         \p operation is not an active cipher operation.
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
@@ -2078,9 +2078,9 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
  * \retval #PSA_ERROR_EMPTY_SLOT
  * \retval #PSA_ERROR_NOT_PERMITTED
  * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         \c key is not compatible with \c alg.
+ *         \p key is not compatible with \p alg.
  * \retval #PSA_ERROR_NOT_SUPPORTED
- *         \c alg is not supported or is not an AEAD algorithm.
+ *         \p alg is not supported or is not an AEAD algorithm.
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
@@ -2131,9 +2131,9 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
  *         The ciphertext is not authentic.
  * \retval #PSA_ERROR_NOT_PERMITTED
  * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         \c key is not compatible with \c alg.
+ *         \p key is not compatible with \p alg.
  * \retval #PSA_ERROR_NOT_SUPPORTED
- *         \c alg is not supported or is not an AEAD algorithm.
+ *         \p alg is not supported or is not an AEAD algorithm.
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
@@ -2179,9 +2179,9 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
  *
  * \param key                   Key slot containing an asymmetric key pair.
  * \param alg                   A signature algorithm that is compatible with
- *                              the type of \c key.
+ *                              the type of \p key.
  * \param[in] hash              The hash or message to sign.
- * \param hash_length           Size of the \c hash buffer in bytes.
+ * \param hash_length           Size of the \p hash buffer in bytes.
  * \param[in] salt              A salt or label, if supported by the
  *                              signature algorithm.
  *                              If the signature algorithm does not support
@@ -2189,20 +2189,20 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
  *                              If the signature algorithm supports an
  *                              optional salt and you do not want to pass
  *                              a salt, pass \c NULL.
- * \param salt_length           Size of the \c salt buffer in bytes.
- *                              If \c salt is \c NULL, pass 0.
+ * \param salt_length           Size of the \p salt buffer in bytes.
+ *                              If \p salt is \c NULL, pass 0.
  * \param[out] signature        Buffer where the signature is to be written.
- * \param signature_size        Size of the \c signature buffer in bytes.
+ * \param signature_size        Size of the \p signature buffer in bytes.
  * \param[out] signature_length On success, the number of bytes
  *                              that make up the returned signature value.
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
- *         The size of the \c signature buffer is too small. You can
+ *         The size of the \p signature buffer is too small. You can
  *         determine a sufficient buffer size by calling
  *         #PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
  *         where \c key_type and \c key_bits are the type and bit-size
- *         respectively of \c key.
+ *         respectively of \p key.
  * \retval #PSA_ERROR_NOT_SUPPORTED
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@@ -2233,10 +2233,10 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
  * \param key               Key slot containing a public key or an
  *                          asymmetric key pair.
  * \param alg               A signature algorithm that is compatible with
- *                          the type of \c key.
+ *                          the type of \p key.
  * \param[in] hash          The hash or message whose signature is to be
  *                          verified.
- * \param hash_length       Size of the \c hash buffer in bytes.
+ * \param hash_length       Size of the \p hash buffer in bytes.
  * \param[in] salt          A salt or label, if supported by the signature
  *                          algorithm.
  *                          If the signature algorithm does not support a
@@ -2244,10 +2244,10 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
  *                          If the signature algorithm supports an optional
  *                          salt and you do not want to pass a salt,
  *                          pass \c NULL.
- * \param salt_length       Size of the \c salt buffer in bytes.
- *                          If \c salt is \c NULL, pass 0.
+ * \param salt_length       Size of the \p salt buffer in bytes.
+ *                          If \p salt is \c NULL, pass 0.
  * \param[in] signature     Buffer containing the signature to verify.
- * \param signature_length  Size of the \c signature buffer in bytes.
+ * \param signature_length  Size of the \p signature buffer in bytes.
  *
  * \retval #PSA_SUCCESS
  *         The signature is valid.
@@ -2281,9 +2281,9 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
  * \param key                   Key slot containing a public key or an
  *                              asymmetric key pair.
  * \param alg                   An asymmetric encryption algorithm that is
- *                              compatible with the type of \c key.
+ *                              compatible with the type of \p key.
  * \param[in] input             The message to encrypt.
- * \param input_length          Size of the \c input buffer in bytes.
+ * \param input_length          Size of the \p input buffer in bytes.
  * \param[in] salt              A salt or label, if supported by the
  *                              encryption algorithm.
  *                              If the algorithm does not support a
@@ -2294,21 +2294,21 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
  *
  *                              - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
  *                                supported.
- * \param salt_length           Size of the \c salt buffer in bytes.
- *                              If \c salt is \c NULL, pass 0.
+ * \param salt_length           Size of the \p salt buffer in bytes.
+ *                              If \p salt is \c NULL, pass 0.
  * \param[out] output           Buffer where the encrypted message is to
  *                              be written.
- * \param output_size           Size of the \c output buffer in bytes.
+ * \param output_size           Size of the \p output buffer in bytes.
  * \param[out] output_length    On success, the number of bytes
  *                              that make up the returned output.
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
- *         The size of the \c output buffer is too small. You can
+ *         The size of the \p output buffer is too small. You can
  *         determine a sufficient buffer size by calling
  *         #PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
  *         where \c key_type and \c key_bits are the type and bit-size
- *         respectively of \c key.
+ *         respectively of \p key.
  * \retval #PSA_ERROR_NOT_SUPPORTED
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@@ -2332,9 +2332,9 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
  *
  * \param key                   Key slot containing an asymmetric key pair.
  * \param alg                   An asymmetric encryption algorithm that is
- *                              compatible with the type of \c key.
+ *                              compatible with the type of \p key.
  * \param[in] input             The message to decrypt.
- * \param input_length          Size of the \c input buffer in bytes.
+ * \param input_length          Size of the \p input buffer in bytes.
  * \param[in] salt              A salt or label, if supported by the
  *                              encryption algorithm.
  *                              If the algorithm does not support a
@@ -2345,8 +2345,8 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
  *
  *                              - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
  *                                supported.
- * \param salt_length           Size of the \c salt buffer in bytes.
- *                              If \c salt is \c NULL, pass 0.
+ * \param salt_length           Size of the \p salt buffer in bytes.
+ *                              If \p salt is \c NULL, pass 0.
  * \param[out] output           Buffer where the decrypted message is to
  *                              be written.
  * \param output_size           Size of the \c output buffer in bytes.
@@ -2355,11 +2355,11 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
- *         The size of the \c output buffer is too small. You can
+ *         The size of the \p output buffer is too small. You can
  *         determine a sufficient buffer size by calling
  *         #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg)
  *         where \c key_type and \c key_bits are the type and bit-size
- *         respectively of \c key.
+ *         respectively of \p key.
  * \retval #PSA_ERROR_NOT_SUPPORTED
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@@ -2426,17 +2426,17 @@ typedef struct {
  * \param bits              Key size in bits.
  * \param[in] extra         Extra parameters for key generation. The
  *                          interpretation of this parameter depends on
- *                          \c type. All types support \c NULL to use
+ *                          \p type. All types support \c NULL to use
  *                          default parameters. Implementation that support
  *                          the generation of vendor-specific key types
  *                          that allow extra parameters shall document
  *                          the format of these extra parameters and
  *                          the default values. For standard parameters,
  *                          the meaning of \p extra is as follows:
- *                          - For a symmetric key type (a type \c type such
+ *                          - For a symmetric key type (a type such
  *                            that #PSA_KEY_TYPE_IS_ASYMMETRIC(\p type) is
  *                            false), \p extra must be \c NULL.
- *                          - For an elliptic curve key type (a type \c type
+ *                          - For an elliptic curve key type (a type
  *                            such that #PSA_KEY_TYPE_IS_ECC(\p type) is
  *                            false), \p extra must be \c NULL.
  *                          - For an RSA key, \p extra is an optional

From fbfac6867b02e5d6b8a8e9df744d42138c262449 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sun, 8 Jul 2018 20:51:54 +0200
Subject: [PATCH 373/889] Simplify algorithm checking logic in MAC functions

Use if-else-if chains rather than switch because many blocks apply to
a class of algoritmhs rather than a single algorithm or a fixed set
of algorithms.

Call abort on more error paths that were missed earlier.
---
 library/psa_crypto.c | 272 +++++++++++++++++++++----------------------
 1 file changed, 134 insertions(+), 138 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index a29c07769..4160bd1eb 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1327,38 +1327,37 @@ static psa_status_t psa_mac_init( psa_mac_operation_t *operation,
 
 psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
 {
-    switch( operation->alg )
+    if( operation->alg == 0 )
     {
-        case 0:
-            /* The object has (apparently) been initialized but it is not
-             * in use. It's ok to call abort on such an object, and there's
-             * nothing to do. */
-            return( PSA_SUCCESS );
+        /* The object has (apparently) been initialized but it is not
+         * in use. It's ok to call abort on such an object, and there's
+         * nothing to do. */
+        return( PSA_SUCCESS );
+    }
+    else
 #if defined(MBEDTLS_CMAC_C)
-        case PSA_ALG_CMAC:
-            mbedtls_cipher_free( &operation->ctx.cmac );
-            break;
+    if( operation->alg == PSA_ALG_CMAC )
+    {
+        mbedtls_cipher_free( &operation->ctx.cmac );
+    }
+    else
 #endif /* MBEDTLS_CMAC_C */
-        default:
 #if defined(MBEDTLS_MD_C)
-            if( PSA_ALG_IS_HMAC( operation->alg ) )
-            {
-                size_t block_size =
-                    psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) );
-
-                if( block_size == 0 )
-                    return( PSA_ERROR_NOT_SUPPORTED );
-
-                psa_hash_abort( &operation->ctx.hmac.hash_ctx );
-                mbedtls_zeroize( operation->ctx.hmac.opad, block_size );
-            }
-            else
+    if( PSA_ALG_IS_HMAC( operation->alg ) )
+    {
+        size_t block_size =
+            psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) );
+        if( block_size == 0 )
+            goto bad_state;
+        psa_hash_abort( &operation->ctx.hmac.hash_ctx );
+        mbedtls_zeroize( operation->ctx.hmac.opad, block_size );
+    }
+    else
 #endif /* MBEDTLS_MD_C */
-            {
-                /* Sanity check (shouldn't happen: operation->alg should
-                 * always have been initialized to a valid value). */
-                return( PSA_ERROR_BAD_STATE );
-            }
+    {
+        /* Sanity check (shouldn't happen: operation->alg should
+         * always have been initialized to a valid value). */
+        goto bad_state;
     }
 
     operation->alg = 0;
@@ -1369,6 +1368,14 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
     operation->is_sign = 0;
 
     return( PSA_SUCCESS );
+
+bad_state:
+    /* If abort is called on an uninitialized object, we can't trust
+     * anything. Wipe the object in case it contains confidential data.
+     * This may result in a memory leak if a pointer gets overwritten,
+     * but it's too late to do anything about this. */
+    memset( operation, 0, sizeof( *operation ) );
+    return( PSA_ERROR_BAD_STATE );
 }
 
 #if defined(MBEDTLS_CMAC_C)
@@ -1471,7 +1478,6 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
     size_t key_bits;
     psa_key_usage_t usage =
         is_sign ? PSA_KEY_USAGE_SIGN : PSA_KEY_USAGE_VERIFY;
-    const mbedtls_cipher_info_t *cipher_info = NULL;
 
     status = psa_mac_init( operation, alg );
     if( status != PSA_SUCCESS )
@@ -1481,39 +1487,38 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
 
     status = psa_get_key_from_slot( key, &slot, usage, alg );
     if( status != PSA_SUCCESS )
-        return( status );
-
+        goto exit;
     key_bits = psa_get_key_bits( slot );
 
-    if( ! PSA_ALG_IS_HMAC( alg ) )
-    {
-        cipher_info = mbedtls_cipher_info_from_psa( alg, slot->type, key_bits,
-                                                    NULL );
-        if( cipher_info == NULL )
-            return( PSA_ERROR_NOT_SUPPORTED );
-        operation->mac_size = cipher_info->block_size;
-    }
-    switch( alg )
-    {
 #if defined(MBEDTLS_CMAC_C)
-        case PSA_ALG_CMAC:
-            status = mbedtls_to_psa_error( psa_cmac_setup( operation,
-                                                           key_bits,
-                                                           slot,
-                                                           cipher_info ) );
-            break;
+    if( alg == PSA_ALG_CMAC )
+    {
+        const mbedtls_cipher_info_t *cipher_info =
+            mbedtls_cipher_info_from_psa( alg, slot->type, key_bits, NULL );
+        int ret;
+        if( cipher_info == NULL )
+        {
+            status = PSA_ERROR_NOT_SUPPORTED;
+            goto exit;
+        }
+        operation->mac_size = cipher_info->block_size;
+        ret = psa_cmac_setup( operation, key_bits, slot, cipher_info );
+        status = mbedtls_to_psa_error( ret );
+    }
+    else
 #endif /* MBEDTLS_CMAC_C */
-        default:
 #if defined(MBEDTLS_MD_C)
-            if( PSA_ALG_IS_HMAC( alg ) )
-                status = psa_hmac_setup( operation, slot->type, slot, alg );
-            else
+    if( PSA_ALG_IS_HMAC( alg ) )
+    {
+        status = psa_hmac_setup( operation, slot->type, slot, alg );
+    }
+    else
 #endif /* MBEDTLS_MD_C */
-                return( PSA_ERROR_NOT_SUPPORTED );
+    {
+        status = PSA_ERROR_NOT_SUPPORTED;
     }
 
-    /* If we reach this point, then the algorithm-specific part of the
-     * context may contain data that needs to be wiped on error. */
+exit:
     if( status != PSA_SUCCESS )
     {
         psa_mac_abort( operation );
@@ -1543,43 +1548,39 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
                              const uint8_t *input,
                              size_t input_length )
 {
-    int ret = 0 ;
-    psa_status_t status = PSA_SUCCESS;
+    psa_status_t status = PSA_ERROR_BAD_STATE;
     if( ! operation->key_set )
-        return( PSA_ERROR_BAD_STATE );
+        goto cleanup;
     if( operation->iv_required && ! operation->iv_set )
-        return( PSA_ERROR_BAD_STATE );
+        goto cleanup;
     operation->has_input = 1;
 
-    switch( operation->alg )
-    {
 #if defined(MBEDTLS_CMAC_C)
-        case PSA_ALG_CMAC:
-            ret = mbedtls_cipher_cmac_update( &operation->ctx.cmac,
-                                              input, input_length );
-            break;
-#endif /* MBEDTLS_CMAC_C */
-        default:
-#if defined(MBEDTLS_MD_C)
-            if( PSA_ALG_IS_HMAC( operation->alg ) )
-            {
-                status = psa_hash_update( &operation->ctx.hmac.hash_ctx, input,
-                                          input_length );
-            }
-            else
-#endif /* MBEDTLS_MD_C */
-            {
-                ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA;
-            }
-            break;
-    }
-    if( ret != 0 || status != PSA_SUCCESS )
+    if( operation->alg == PSA_ALG_CMAC )
     {
-        psa_mac_abort( operation );
-        if( ret != 0 )
-            status = mbedtls_to_psa_error( ret );
+        int ret = mbedtls_cipher_cmac_update( &operation->ctx.cmac,
+                                              input, input_length );
+        status = mbedtls_to_psa_error( ret );
+    }
+    else
+#endif /* MBEDTLS_CMAC_C */
+#if defined(MBEDTLS_MD_C)
+    if( PSA_ALG_IS_HMAC( operation->alg ) )
+    {
+        status = psa_hash_update( &operation->ctx.hmac.hash_ctx, input,
+                                  input_length );
+    }
+    else
+#endif /* MBEDTLS_MD_C */
+    {
+        /* This shouldn't happen if `operation` was initialized by
+         * a setup function. */
+        status = PSA_ERROR_BAD_STATE;
     }
 
+cleanup:
+    if( status != PSA_SUCCESS )
+        psa_mac_abort( operation );
     return( status );
 }
 
@@ -1597,65 +1598,60 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
     if( mac_size < operation->mac_size )
         return( PSA_ERROR_BUFFER_TOO_SMALL );
 
-    switch( operation->alg )
-    {
 #if defined(MBEDTLS_CMAC_C)
-        case PSA_ALG_CMAC:
-        {
-            int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, mac );
-            return( mbedtls_to_psa_error( ret ) );
-        }
-#endif /* MBEDTLS_CMAC_C */
-        default:
-#if defined(MBEDTLS_MD_C)
-            if( PSA_ALG_IS_HMAC( operation->alg ) )
-            {
-                unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
-                unsigned char *opad = operation->ctx.hmac.opad;
-                size_t hash_size = 0;
-                size_t block_size =
-                    psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) );
-
-                if( block_size == 0 )
-                    return( PSA_ERROR_NOT_SUPPORTED );
-
-                status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, tmp,
-                                          sizeof( tmp ), &hash_size );
-                if( status != PSA_SUCCESS )
-                    return( status );
-                /* From here on, tmp needs to be wiped. */
-
-                status = psa_hash_setup( &operation->ctx.hmac.hash_ctx,
-                                         PSA_ALG_HMAC_HASH( operation->alg ) );
-                if( status != PSA_SUCCESS )
-                    goto hmac_cleanup;
-
-                status = psa_hash_update( &operation->ctx.hmac.hash_ctx, opad,
-                                          block_size );
-                if( status != PSA_SUCCESS )
-                    goto hmac_cleanup;
-
-                status = psa_hash_update( &operation->ctx.hmac.hash_ctx, tmp,
-                                          hash_size );
-                if( status != PSA_SUCCESS )
-                    goto hmac_cleanup;
-
-                status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, mac,
-                                          mac_size, &hash_size );
-            hmac_cleanup:
-                mbedtls_zeroize( tmp, hash_size );
-            }
-            else
-#endif /* MBEDTLS_MD_C */
-            {
-                /* This shouldn't happen if operation was initialized by
-                 * a setup function. */
-                return( PSA_ERROR_BAD_STATE );
-            }
-            break;
+    if( operation->alg == PSA_ALG_CMAC )
+    {
+        int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, mac );
+        return( mbedtls_to_psa_error( ret ) );
     }
+    else
+#endif /* MBEDTLS_CMAC_C */
+#if defined(MBEDTLS_MD_C)
+    if( PSA_ALG_IS_HMAC( operation->alg ) )
+    {
+        unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
+        unsigned char *opad = operation->ctx.hmac.opad;
+        size_t hash_size = 0;
+        size_t block_size =
+            psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) );
 
-    return( status );
+        if( block_size == 0 )
+            return( PSA_ERROR_NOT_SUPPORTED );
+
+        status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, tmp,
+                                  sizeof( tmp ), &hash_size );
+        if( status != PSA_SUCCESS )
+            return( status );
+        /* From here on, tmp needs to be wiped. */
+
+        status = psa_hash_setup( &operation->ctx.hmac.hash_ctx,
+                                 PSA_ALG_HMAC_HASH( operation->alg ) );
+        if( status != PSA_SUCCESS )
+            goto hmac_cleanup;
+
+        status = psa_hash_update( &operation->ctx.hmac.hash_ctx, opad,
+                                  block_size );
+        if( status != PSA_SUCCESS )
+            goto hmac_cleanup;
+
+        status = psa_hash_update( &operation->ctx.hmac.hash_ctx, tmp,
+                                  hash_size );
+        if( status != PSA_SUCCESS )
+            goto hmac_cleanup;
+
+        status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, mac,
+                                  mac_size, &hash_size );
+    hmac_cleanup:
+        mbedtls_zeroize( tmp, hash_size );
+        return( status );
+    }
+    else
+#endif /* MBEDTLS_MD_C */
+    {
+        /* This shouldn't happen if `operation` was initialized by
+         * a setup function. */
+        return( PSA_ERROR_BAD_STATE );
+    }
 }
 
 psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation,

From 315b51c22d8356db9bd550a4b71239b19faa7420 Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Mon, 9 Jul 2018 16:04:51 +0100
Subject: [PATCH 374/889] Fix memory leak in psa_cipher_finish()

---
 library/psa_crypto.c | 49 ++++++++++++++++++++++++++++----------------
 1 file changed, 31 insertions(+), 18 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 6dff2f532..e10ca30ed 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2410,18 +2410,19 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,
                                 size_t output_size,
                                 size_t *output_length )
 {
-    int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+    psa_status_t status = PSA_ERROR_UNKNOWN_ERROR;
+    int cipher_ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
     uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH];
 
     if( ! operation->key_set )
     {
-        psa_cipher_abort( operation );
-        return( PSA_ERROR_BAD_STATE );
+        status = PSA_ERROR_BAD_STATE;
+        goto error;
     }
     if( operation->iv_required && ! operation->iv_set )
     {
-        psa_cipher_abort( operation );
-        return( PSA_ERROR_BAD_STATE );
+        status = PSA_ERROR_BAD_STATE;
+        goto error;
     }
     if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT &&
         PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) )
@@ -2430,37 +2431,49 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,
             operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
         if( operation->ctx.cipher.unprocessed_len >= operation->block_size )
         {
-            psa_cipher_abort( operation );
-            return( PSA_ERROR_TAMPERING_DETECTED );
+            status = PSA_ERROR_TAMPERING_DETECTED;
+            goto error;
         }
         if( padding_mode == PSA_ALG_BLOCK_CIPHER_PAD_NONE )
         {
             if( operation->ctx.cipher.unprocessed_len != 0 )
             {
-                psa_cipher_abort( operation );
-                return( PSA_ERROR_INVALID_ARGUMENT );
+                status = PSA_ERROR_INVALID_ARGUMENT;
+                goto error;
             }
         }
     }
 
-    ret = mbedtls_cipher_finish( &operation->ctx.cipher, temp_output_buffer,
-                                 output_length );
-    if( ret != 0 )
+    cipher_ret = mbedtls_cipher_finish( &operation->ctx.cipher,
+                                        temp_output_buffer,
+                                        output_length );
+    if( cipher_ret != 0 )
     {
-        psa_cipher_abort( operation );
-        return( mbedtls_to_psa_error( ret ) );
+        status = mbedtls_to_psa_error( cipher_ret );
+        goto error;
     }
+
     if( *output_length == 0 )
-        /* Nothing to copy. Note that output may be NULL in this case. */ ;
+        ; /* Nothing to copy. Note that output may be NULL in this case. */
     else if( output_size >= *output_length )
         memcpy( output, temp_output_buffer, *output_length );
     else
     {
-        psa_cipher_abort( operation );
-        return( PSA_ERROR_BUFFER_TOO_SMALL );
+        status = PSA_ERROR_BUFFER_TOO_SMALL;
+        goto error;
     }
 
-    return( PSA_SUCCESS );
+    status = psa_cipher_abort( operation );
+
+    return( status );
+
+error:
+
+    *output_length = 0;
+
+    (void) psa_cipher_abort( operation );
+
+    return( status );
 }
 
 psa_status_t psa_cipher_abort( psa_cipher_operation_t *operation )

From ab4152b3d4e7ec7284ae04f5791385aa324e94e4 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 6 Jul 2018 16:12:42 +0200
Subject: [PATCH 375/889] Diversify export tests without the export usage flag

Test both with a symmetric key and with a key pair.
---
 tests/suites/test_suite_psa_crypto.data | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index f1075bbac..72c602181 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -53,10 +53,6 @@ PSA import/export RSA public key: export buffer too small
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
 
-PSA import/export RSA keypair: policy forbids export
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_ENCRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1
-
 PSA import/export RSA keypair: good, 1024-bit
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
@@ -117,6 +113,22 @@ PSA import/export EC secp384r1: good
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1
 
+PSA import/export AES key: policy forbids export
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:128:0:PSA_ERROR_NOT_PERMITTED:1
+
+PSA import/export HMAC key: policy forbids export
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:256:0:PSA_ERROR_NOT_PERMITTED:1
+
+PSA import/export RSA keypair: policy forbids export (crypt)
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1
+
+PSA import/export RSA keypair: policy forbids export (sign)
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:1024:0:PSA_ERROR_NOT_PERMITTED:1
+
 PSA import EC keypair secp384r1: valid key but wrong curve (secp256r1)
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT

From d8008d6dfea95f15990a260230dde868d34b59a2 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 29 Jun 2018 19:51:51 +0200
Subject: [PATCH 376/889] New macro PSA_KEY_TYPE_IS_RSA

---
 include/psa/crypto.h |  6 +++++-
 library/psa_crypto.c | 25 ++++++++-----------------
 2 files changed, 13 insertions(+), 18 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 68e3b0aa3..ba0755b2e 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -433,7 +433,11 @@ typedef uint32_t psa_key_type_t;
 /** Whether a key type is an RSA key pair or public key. */
 #define PSA_KEY_TYPE_IS_RSA(type)                                       \
     (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
-/** Whether a key type is an elliptic curve key pair or public key. */
+/** Whether a key type is an RSA key (pair or public-only). */
+#define PSA_KEY_TYPE_IS_RSA(type)                                       \
+    (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) ==                        \
+     PSA_KEY_TYPE_RSA_PUBLIC_KEY)
+/** Whether a key type is an elliptic curve key (pair or public-only). */
 #define PSA_KEY_TYPE_IS_ECC(type)                                       \
     ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) &                        \
       ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index a1b8104f7..fac1c7564 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -567,9 +567,7 @@ psa_status_t psa_import_key( psa_key_slot_t key,
     }
     else
 #if defined(MBEDTLS_PK_PARSE_C)
-    if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
-        type == PSA_KEY_TYPE_RSA_KEYPAIR ||
-        PSA_KEY_TYPE_IS_ECC( type ) )
+    if( PSA_KEY_TYPE_IS_RSA( type ) || PSA_KEY_TYPE_IS_ECC( type ) )
     {
         int ret;
         mbedtls_pk_context pk;
@@ -584,8 +582,7 @@ psa_status_t psa_import_key( psa_key_slot_t key,
         {
 #if defined(MBEDTLS_RSA_C)
             case MBEDTLS_PK_RSA:
-                if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
-                    type == PSA_KEY_TYPE_RSA_KEYPAIR )
+                if( PSA_KEY_TYPE_IS_RSA( type ) )
                 {
                     mbedtls_rsa_context *rsa = mbedtls_pk_rsa( pk );
                     size_t bits = mbedtls_rsa_get_bitlen( rsa );
@@ -662,8 +659,7 @@ psa_status_t psa_destroy_key( psa_key_slot_t key )
     }
     else
 #if defined(MBEDTLS_RSA_C)
-    if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
-        slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
+    if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
     {
         mbedtls_rsa_free( slot->data.rsa );
         mbedtls_free( slot->data.rsa );
@@ -694,8 +690,7 @@ static size_t psa_get_key_bits( const key_slot_t *slot )
     if( key_type_is_raw_bytes( slot->type ) )
         return( slot->data.raw.bytes * 8 );
 #if defined(MBEDTLS_RSA_C)
-    if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
-        slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
+    if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
         return( mbedtls_rsa_get_bitlen( slot->data.rsa ) );
 #endif /* defined(MBEDTLS_RSA_C) */
 #if defined(MBEDTLS_ECP_C)
@@ -769,15 +764,13 @@ static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
     else
     {
 #if defined(MBEDTLS_PK_WRITE_C)
-        if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
-            slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ||
+        if( PSA_KEY_TYPE_IS_RSA( slot->type ) ||
             PSA_KEY_TYPE_IS_ECC( slot->type ) )
         {
             mbedtls_pk_context pk;
             int ret;
             mbedtls_pk_init( &pk );
-            if( slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY ||
-                slot->type == PSA_KEY_TYPE_RSA_KEYPAIR )
+            if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
             {
                 pk.pk_info = &mbedtls_rsa_info;
                 pk.pk_ctx = slot->data.rsa;
@@ -2064,8 +2057,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
         return( status );
 
 #if defined(MBEDTLS_RSA_C)
-    if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ||
-        slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY )
+    if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
     {
         return( psa_rsa_verify( slot->data.rsa,
                                 alg,
@@ -2120,8 +2112,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
         return( PSA_ERROR_INVALID_ARGUMENT );
 
 #if defined(MBEDTLS_RSA_C)
-    if( slot->type == PSA_KEY_TYPE_RSA_KEYPAIR ||
-        slot->type == PSA_KEY_TYPE_RSA_PUBLIC_KEY )
+    if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
     {
         mbedtls_rsa_context *rsa = slot->data.rsa;
         int ret;

From dda3bd344d42165c696b65b67b957aaec0fb89e5 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 19:40:46 +0200
Subject: [PATCH 377/889] Doc: Minor formatting and copy fixes

---
 include/psa/crypto.h | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index fa2765667..43d8d0986 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -647,7 +647,7 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_HMAC_BASE                       ((psa_algorithm_t)0x02800000)
 /** Macro to build an HMAC algorithm.
  *
- * For example, `PSA_ALG_HMAC(PSA_ALG_SHA256)` is HMAC-SHA-256.
+ * For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256.
  *
  * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
  *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
@@ -702,6 +702,7 @@ typedef uint32_t psa_algorithm_t;
  * whole number of blocks for the chosen block cipher.
  */
 #define PSA_ALG_BLOCK_CIPHER_PAD_NONE           ((psa_algorithm_t)0x00000000)
+
 #define PSA_ALG_BLOCK_CIPHER_PAD_PKCS7          ((psa_algorithm_t)0x00010000)
 
 /** Whether the specified algorithm is a block cipher.
@@ -736,6 +737,7 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_XTS_BASE                        ((psa_algorithm_t)0x04000004)
 
 #define PSA_ALG_STREAM_CIPHER_BASE              ((psa_algorithm_t)0x04800000)
+
 /** The CTR stream cipher mode.
  *
  * CTR is a stream cipher which is built from a block cipher. The
@@ -744,6 +746,7 @@ typedef uint32_t psa_algorithm_t;
  * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes).
  */
 #define PSA_ALG_CTR                             ((psa_algorithm_t)0x04800001)
+
 /** The ARC4 stream cipher algorithm.
  */
 #define PSA_ALG_ARC4                            ((psa_algorithm_t)0x04800002)
@@ -1660,9 +1663,9 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation,
  * \param mac_size          Size of the \p mac buffer in bytes.
  * \param[out] mac_length   On success, the number of bytes
  *                          that make up the MAC value. This is always
- *                          #PSA_MAC_FINAL_SIZE(\c key_type, \c key_bits, \p alg)
+ *                          #PSA_MAC_FINAL_SIZE(\c key_type, \c key_bits, \c alg)
  *                          where \c key_type and \c key_bits are the type and
- *                          bit-size respectively of \c key and `alg` is the
+ *                          bit-size respectively of the key and \c alg is the
  *                          MAC algorithm that is calculated.
  *
  * \retval #PSA_SUCCESS
@@ -1875,7 +1878,7 @@ psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
  * \retval #PSA_ERROR_BAD_STATE
  *         The operation state is not valid (not started, or IV already set).
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
- *         The size of the \c output buffer is too small.
+ *         The size of the \p iv buffer is too small.
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
@@ -2357,7 +2360,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \p output buffer is too small. You can
  *         determine a sufficient buffer size by calling
- *         #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(key_type, key_bits, alg)
+ *         #PSA_ASYMMETRIC_DECRYPT_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg)
  *         where \c key_type and \c key_bits are the type and bit-size
  *         respectively of \p key.
  * \retval #PSA_ERROR_NOT_SUPPORTED
@@ -2439,8 +2442,9 @@ typedef struct {
  *                          - For an elliptic curve key type (a type
  *                            such that #PSA_KEY_TYPE_IS_ECC(\p type) is
  *                            false), \p extra must be \c NULL.
- *                          - For an RSA key, \p extra is an optional
- *                            #psa_generate_key_extra_rsa structure
+ *                          - For an RSA key (\p type is
+ *                            #PSA_KEY_TYPE_RSA_KEYPAIR), \p extra is an
+ *                            optional #psa_generate_key_extra_rsa structure
  *                            specifying the public exponent. The
  *                            default public exponent used when \p extra
  *                            is \c NULL is 65537.

From fe11951c167c92d4727fcdd8625e86da261e3cbc Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sun, 8 Jul 2018 21:39:34 +0200
Subject: [PATCH 378/889] Rename psa cipher functions to psa_cipher_xxx

Make function names for multipart operations more consistent (cipher
edition).

Rename symmetric cipher multipart operation functions so that they all
start with psa_cipher_:

* psa_encrypt_setup -> psa_cipher_encrypt_setup
* psa_decrypt_setup -> psa_cipher_decrypt_setup
* psa_encrypt_set_iv -> psa_cipher_set_iv
* psa_encrypt_generate_iv -> psa_cipher_generate_iv
---
 include/psa/crypto.h                        | 42 +++++-----
 library/psa_crypto.c                        | 28 +++----
 tests/suites/test_suite_psa_crypto.function | 90 +++++++++++----------
 3 files changed, 81 insertions(+), 79 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 98573c90f..9fea83e7c 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1464,10 +1464,10 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
  * is as follows:
  * -# Allocate an operation object which will be passed to all the functions
  *    listed here.
- * -# Call psa_encrypt_setup() to specify the algorithm and key.
+ * -# Call psa_cipher_encrypt_setup() to specify the algorithm and key.
  *    The key remains associated with the operation even if the content
  *    of the key slot changes.
- * -# Call either psa_encrypt_generate_iv() or psa_encrypt_set_iv() to
+ * -# Call either psa_encrypt_generate_iv() or psa_cipher_set_iv() to
  *    generate or set the IV (initialization vector). You should use
  *    psa_encrypt_generate_iv() unless the protocol you are implementing
  *    requires a specific IV value.
@@ -1476,12 +1476,12 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
  * -# Call psa_cipher_finish().
  *
  * The application may call psa_cipher_abort() at any time after the operation
- * has been initialized with psa_encrypt_setup().
+ * has been initialized with psa_cipher_encrypt_setup().
  *
- * After a successful call to psa_encrypt_setup(), the application must
+ * After a successful call to psa_cipher_encrypt_setup(), the application must
  * eventually terminate the operation. The following events terminate an
  * operation:
- * - A failed call to psa_encrypt_generate_iv(), psa_encrypt_set_iv()
+ * - A failed call to psa_encrypt_generate_iv(), psa_cipher_set_iv()
  *   or psa_cipher_update().
  * - A call to psa_cipher_finish() or psa_cipher_abort().
  *
@@ -1503,9 +1503,9 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
  * \retval PSA_ERROR_HARDWARE_FAILURE
  * \retval PSA_ERROR_TAMPERING_DETECTED
  */
-psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation,
-                               psa_key_slot_t key,
-                               psa_algorithm_t alg);
+psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
+                                      psa_key_slot_t key,
+                                      psa_algorithm_t alg);
 
 /** Set the key for a multipart symmetric decryption operation.
  *
@@ -1513,7 +1513,7 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation,
  * is as follows:
  * -# Allocate an operation object which will be passed to all the functions
  *    listed here.
- * -# Call psa_decrypt_setup() to specify the algorithm and key.
+ * -# Call psa_cipher_decrypt_setup() to specify the algorithm and key.
  *    The key remains associated with the operation even if the content
  *    of the key slot changes.
  * -# Call psa_cipher_update() with the IV (initialization vector) for the
@@ -1525,9 +1525,9 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation,
  * -# Call psa_cipher_finish().
  *
  * The application may call psa_cipher_abort() at any time after the operation
- * has been initialized with psa_encrypt_setup().
+ * has been initialized with psa_cipher_decrypt_setup().
  *
- * After a successful call to psa_decrypt_setup(), the application must
+ * After a successful call to psa_cipher_decrypt_setup(), the application must
  * eventually terminate the operation. The following events terminate an
  * operation:
  * - A failed call to psa_cipher_update().
@@ -1551,18 +1551,18 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation,
  * \retval PSA_ERROR_HARDWARE_FAILURE
  * \retval PSA_ERROR_TAMPERING_DETECTED
  */
-psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation,
-                               psa_key_slot_t key,
-                               psa_algorithm_t alg);
+psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
+                                      psa_key_slot_t key,
+                                      psa_algorithm_t alg);
 
-psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation,
-                                     unsigned char *iv,
-                                     size_t iv_size,
-                                     size_t *iv_length);
+psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
+                                    unsigned char *iv,
+                                    size_t iv_size,
+                                    size_t *iv_length);
 
-psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation,
-                                const unsigned char *iv,
-                                size_t iv_length);
+psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
+                               const unsigned char *iv,
+                               size_t iv_length);
 
 psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
                                const uint8_t *input,
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 4160bd1eb..b9f43b54a 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2360,24 +2360,24 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_encrypt_setup( psa_cipher_operation_t *operation,
-                                psa_key_slot_t key,
-                                psa_algorithm_t alg )
+psa_status_t psa_cipher_encrypt_setup( psa_cipher_operation_t *operation,
+                                       psa_key_slot_t key,
+                                       psa_algorithm_t alg )
 {
     return( psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT ) );
 }
 
-psa_status_t psa_decrypt_setup( psa_cipher_operation_t *operation,
-                                psa_key_slot_t key,
-                                psa_algorithm_t alg )
+psa_status_t psa_cipher_decrypt_setup( psa_cipher_operation_t *operation,
+                                       psa_key_slot_t key,
+                                       psa_algorithm_t alg )
 {
     return( psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT ) );
 }
 
-psa_status_t psa_encrypt_generate_iv( psa_cipher_operation_t *operation,
-                                      unsigned char *iv,
-                                      size_t iv_size,
-                                      size_t *iv_length )
+psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation,
+                                     unsigned char *iv,
+                                     size_t iv_size,
+                                     size_t *iv_length )
 {
     int ret = PSA_SUCCESS;
     if( operation->iv_set || ! operation->iv_required )
@@ -2396,7 +2396,7 @@ psa_status_t psa_encrypt_generate_iv( psa_cipher_operation_t *operation,
     }
 
     *iv_length = operation->iv_size;
-    ret = psa_encrypt_set_iv( operation, iv, *iv_length );
+    ret = psa_cipher_set_iv( operation, iv, *iv_length );
 
 exit:
     if( ret != PSA_SUCCESS )
@@ -2404,9 +2404,9 @@ exit:
     return( ret );
 }
 
-psa_status_t psa_encrypt_set_iv( psa_cipher_operation_t *operation,
-                                 const unsigned char *iv,
-                                 size_t iv_length )
+psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation,
+                                const unsigned char *iv,
+                                size_t iv_length )
 {
     int ret = PSA_SUCCESS;
     if( operation->iv_set || ! operation->iv_required )
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 3a03a76bf..e9efb3a0a 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -184,10 +184,11 @@ static int exercise_cipher_key( psa_key_slot_t key,
 
     if( usage & PSA_KEY_USAGE_ENCRYPT )
     {
-        TEST_ASSERT( psa_encrypt_setup( &operation, key, alg ) == PSA_SUCCESS );
-        TEST_ASSERT( psa_encrypt_generate_iv( &operation,
-                                              iv, sizeof( iv ),
-                                              &iv_length ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_cipher_encrypt_setup( &operation,
+                                               key, alg ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_cipher_generate_iv( &operation,
+                                             iv, sizeof( iv ),
+                                             &iv_length ) == PSA_SUCCESS );
         TEST_ASSERT( psa_cipher_update( &operation,
                                         plaintext, sizeof( plaintext ),
                                         ciphertext, sizeof( ciphertext ),
@@ -209,9 +210,10 @@ static int exercise_cipher_key( psa_key_slot_t key,
             TEST_ASSERT( psa_get_key_information( key, &type, &bits ) );
             iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE( type );
         }
-        TEST_ASSERT( psa_decrypt_setup( &operation, key, alg ) == PSA_SUCCESS );
-        TEST_ASSERT( psa_encrypt_set_iv( &operation,
-                                         iv, iv_length ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_cipher_decrypt_setup( &operation,
+                                               key, alg ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_cipher_set_iv( &operation,
+                                        iv, iv_length ) == PSA_SUCCESS );
         TEST_ASSERT( psa_cipher_update( &operation,
                                         ciphertext, ciphertext_length,
                                         decrypted, sizeof( decrypted ),
@@ -792,7 +794,7 @@ void cipher_key_policy( int policy_usage,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key_data->x, key_data->len ) == PSA_SUCCESS );
 
-    status = psa_encrypt_setup( &operation, key_slot, exercise_alg );
+    status = psa_cipher_encrypt_setup( &operation, key_slot, exercise_alg );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
         TEST_ASSERT( status == PSA_SUCCESS );
@@ -800,7 +802,7 @@ void cipher_key_policy( int policy_usage,
         TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
     psa_cipher_abort( &operation );
 
-    status = psa_decrypt_setup( &operation, key_slot, exercise_alg );
+    status = psa_cipher_decrypt_setup( &operation, key_slot, exercise_alg );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 )
         TEST_ASSERT( status == PSA_SUCCESS );
@@ -1230,7 +1232,7 @@ void cipher_setup( int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
-    status = psa_encrypt_setup( &operation, key_slot, alg );
+    status = psa_cipher_encrypt_setup( &operation, key_slot, alg );
     psa_cipher_abort( &operation );
     TEST_ASSERT( status == expected_status );
 
@@ -1279,11 +1281,11 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_setup( &operation,
-                                    key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_encrypt_setup( &operation,
+                                           key_slot, alg ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_set_iv( &operation,
-                                     iv, iv_size ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_set_iv( &operation,
+                                    iv, iv_size ) == PSA_SUCCESS );
     output_buffer_size = (size_t) input->len +
                          PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     output = mbedtls_calloc( 1, output_buffer_size );
@@ -1354,11 +1356,11 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_setup( &operation,
-                                    key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_encrypt_setup( &operation,
+                                           key_slot, alg ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_set_iv( &operation,
-                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_set_iv( &operation,
+                                    iv, sizeof( iv ) ) == PSA_SUCCESS );
     output_buffer_size = (size_t) input->len +
                          PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     output = mbedtls_calloc( 1, output_buffer_size );
@@ -1432,11 +1434,11 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_decrypt_setup( &operation,
-                                    key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_decrypt_setup( &operation,
+                                           key_slot, alg ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_set_iv( &operation,
-                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_set_iv( &operation,
+                                    iv, sizeof( iv ) ) == PSA_SUCCESS );
 
     output_buffer_size = (size_t) input->len +
                          PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
@@ -1512,11 +1514,11 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_decrypt_setup( &operation,
-                                    key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_decrypt_setup( &operation,
+                                           key_slot, alg ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_set_iv( &operation,
-                                     iv, iv_size ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_set_iv( &operation,
+                                    iv, iv_size ) == PSA_SUCCESS );
 
     output_buffer_size = (size_t) input->len +
                          PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
@@ -1586,14 +1588,14 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_setup( &operation1,
-                                    key_slot, alg ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_decrypt_setup( &operation2,
-                                    key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_encrypt_setup( &operation1,
+                                           key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_decrypt_setup( &operation2,
+                                           key_slot, alg ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
-                                          iv, iv_size,
-                                          &iv_length ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_generate_iv( &operation1,
+                                         iv, iv_size,
+                                         &iv_length ) == PSA_SUCCESS );
     output1_size = (size_t) input->len +
                    PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     output1 = mbedtls_calloc( 1, output1_size );
@@ -1614,8 +1616,8 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
     output2 = mbedtls_calloc( 1, output2_size );
     TEST_ASSERT( output2 != NULL );
 
-    TEST_ASSERT( psa_encrypt_set_iv( &operation2,
-                                     iv, iv_length ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_set_iv( &operation2,
+                                    iv, iv_length ) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length,
                                     output2, output2_size,
                                     &output2_length ) == PSA_SUCCESS );
@@ -1678,14 +1680,14 @@ void cipher_verify_output_multipart( int alg_arg,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_setup( &operation1,
-                                    key_slot, alg ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_decrypt_setup( &operation2,
-                                    key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_encrypt_setup( &operation1,
+                                           key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_decrypt_setup( &operation2,
+                                           key_slot, alg ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_encrypt_generate_iv( &operation1,
-                                          iv, iv_size,
-                                          &iv_length ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_generate_iv( &operation1,
+                                         iv, iv_size,
+                                         &iv_length ) == PSA_SUCCESS );
     output1_buffer_size = (size_t) input->len +
                           PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     output1 = mbedtls_calloc( 1, output1_buffer_size );
@@ -1717,8 +1719,8 @@ void cipher_verify_output_multipart( int alg_arg,
     output2 = mbedtls_calloc( 1, output2_buffer_size );
     TEST_ASSERT( output2 != NULL );
 
-    TEST_ASSERT( psa_encrypt_set_iv( &operation2,
-                                     iv, iv_length ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_cipher_set_iv( &operation2,
+                                    iv, iv_length ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_update( &operation2, output1, first_part_size,
                                     output2, output2_buffer_size,

From 279ab8e69be6c05105f5b422507886dd112733fd Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Mon, 9 Jul 2018 16:13:21 +0100
Subject: [PATCH 379/889] Prevent leaking plaintext in psa_cipher_finish()

---
 library/psa_crypto.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index e10ca30ed..e5833ce22 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2463,6 +2463,7 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,
         goto error;
     }
 
+    mbedtls_zeroize( temp_output_buffer, sizeof( temp_output_buffer ) );
     status = psa_cipher_abort( operation );
 
     return( status );
@@ -2471,6 +2472,7 @@ error:
 
     *output_length = 0;
 
+    mbedtls_zeroize( temp_output_buffer, sizeof( temp_output_buffer ) );
     (void) psa_cipher_abort( operation );
 
     return( status );

From af89fd771ecde904536e769746887947373ad37e Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 29 Jun 2018 19:52:37 +0200
Subject: [PATCH 380/889] psa_import_key: split RSA and ECP code into small
 functions

No intended behavior change except that some edge cases may have
swapped between INVALID_ARGUMENT and NOT_SUPPORTED.
---
 library/psa_crypto.c | 91 ++++++++++++++++++++++++++------------------
 1 file changed, 53 insertions(+), 38 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index fac1c7564..30b68faf6 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -541,6 +541,43 @@ static psa_status_t prepare_raw_data_slot( psa_key_type_t type,
     return( PSA_SUCCESS );
 }
 
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C)
+static psa_status_t psa_import_rsa_key( mbedtls_pk_context *pk,
+                                        mbedtls_rsa_context **p_rsa )
+{
+    if( mbedtls_pk_get_type( pk ) != MBEDTLS_PK_RSA )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    else
+    {
+        mbedtls_rsa_context *rsa = mbedtls_pk_rsa( *pk );
+        size_t bits = mbedtls_rsa_get_bitlen( rsa );
+        if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
+            return( PSA_ERROR_NOT_SUPPORTED );
+        *p_rsa = rsa;
+        return( PSA_SUCCESS );
+    }
+}
+#endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */
+
+#if defined(MBEDTLS_ECP_C) && defined(MBEDTLS_PK_PARSE_C)
+static psa_status_t psa_import_ecp_key( psa_ecc_curve_t expected_curve,
+                                        mbedtls_pk_context *pk,
+                                        mbedtls_ecp_keypair **p_ecp )
+{
+    if( mbedtls_pk_get_type( pk ) != MBEDTLS_PK_ECKEY )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    else
+    {
+        mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( *pk );
+        psa_ecc_curve_t actual_curve = mbedtls_ecc_group_to_psa( ecp->grp.id );
+        if( actual_curve != expected_curve )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        *p_ecp = ecp;
+        return( PSA_SUCCESS );
+    }
+}
+#endif /* defined(MBEDTLS_ECP_C) && defined(MBEDTLS_PK_PARSE_C) */
+
 psa_status_t psa_import_key( psa_key_slot_t key,
                              psa_key_type_t type,
                              const uint8_t *data,
@@ -572,55 +609,33 @@ psa_status_t psa_import_key( psa_key_slot_t key,
         int ret;
         mbedtls_pk_context pk;
         mbedtls_pk_init( &pk );
+
+        /* Parse the data. */
         if( PSA_KEY_TYPE_IS_KEYPAIR( type ) )
             ret = mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 );
         else
             ret = mbedtls_pk_parse_public_key( &pk, data, data_length );
         if( ret != 0 )
             return( mbedtls_to_psa_error( ret ) );
-        switch( mbedtls_pk_get_type( &pk ) )
-        {
+
+        /* We have something that the pkparse module recognizes.
+         * If it has the expected type and passes any type-specific
+         * checks, store it. */
 #if defined(MBEDTLS_RSA_C)
-            case MBEDTLS_PK_RSA:
-                if( PSA_KEY_TYPE_IS_RSA( type ) )
-                {
-                    mbedtls_rsa_context *rsa = mbedtls_pk_rsa( pk );
-                    size_t bits = mbedtls_rsa_get_bitlen( rsa );
-                    if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
-                    {
-                        status = PSA_ERROR_NOT_SUPPORTED;
-                        break;
-                    }
-                    slot->data.rsa = rsa;
-                }
-                else
-                    status = PSA_ERROR_INVALID_ARGUMENT;
-                break;
+        if( PSA_KEY_TYPE_IS_RSA( type ) )
+            status = psa_import_rsa_key( &pk, &slot->data.rsa );
+        else
 #endif /* MBEDTLS_RSA_C */
 #if defined(MBEDTLS_ECP_C)
-            case MBEDTLS_PK_ECKEY:
-                if( PSA_KEY_TYPE_IS_ECC( type ) )
-                {
-                    mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk );
-                    psa_ecc_curve_t actual_curve =
-                        mbedtls_ecc_group_to_psa( ecp->grp.id );
-                    psa_ecc_curve_t expected_curve =
-                        PSA_KEY_TYPE_GET_CURVE( type );
-                    if( actual_curve != expected_curve )
-                    {
-                        status = PSA_ERROR_INVALID_ARGUMENT;
-                        break;
-                    }
-                    slot->data.ecp = ecp;
-                }
-                else
-                    status = PSA_ERROR_INVALID_ARGUMENT;
-                break;
+        if( PSA_KEY_TYPE_IS_ECC( type ) )
+            status = psa_import_ecp_key( PSA_KEY_TYPE_GET_CURVE( type ),
+                                         &pk, &slot->data.ecp );
+        else
 #endif /* MBEDTLS_ECP_C */
-            default:
-                status = PSA_ERROR_INVALID_ARGUMENT;
-                break;
+        {
+            status = PSA_ERROR_NOT_SUPPORTED;
         }
+
         /* Free the content of the pk object only on error. On success,
          * the content of the object has been stored in the slot. */
         if( status != PSA_SUCCESS )

From 6ac73a912bda829756b6d6772c28c64727d2f4d2 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 19:47:19 +0200
Subject: [PATCH 381/889] Doc: add some missing documentation of function and
 macro parameters

---
 include/psa/crypto.h | 44 +++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 41 insertions(+), 3 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 43d8d0986..4b2e9a0aa 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -682,6 +682,8 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_GMAC                            ((psa_algorithm_t)0x02c00003)
 
 /** Whether the specified algorithm is a MAC algorithm based on a block cipher.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
  *
  * \return 1 if \p alg is a MAC algorithm based on a block cipher, 0 otherwise.
  *         This macro may return either 0 or 1 if \p alg is not a supported
@@ -1194,7 +1196,10 @@ typedef uint32_t psa_key_usage_t;
 typedef struct psa_key_policy_s psa_key_policy_t;
 
 /** \brief Initialize a key policy structure to a default that forbids all
- * usage of the key. */
+ * usage of the key.
+ *
+ * \param[out] policy   The policy object to initialize.
+ */
 void psa_key_policy_init(psa_key_policy_t *policy);
 
 /** \brief Set the standard fields of a policy structure.
@@ -1202,15 +1207,29 @@ void psa_key_policy_init(psa_key_policy_t *policy);
  * Note that this function does not make any consistency check of the
  * parameters. The values are only checked when applying the policy to
  * a key slot with psa_set_key_policy().
+ *
+ * \param[out] policy   The policy object to modify.
+ * \param usage         The permitted uses for the key.
+ * \param alg           The algorithm that the key may be used for.
  */
 void psa_key_policy_set_usage(psa_key_policy_t *policy,
                               psa_key_usage_t usage,
                               psa_algorithm_t alg);
 
-/** \brief Retrieve the usage field of a policy structure. */
+/** \brief Retrieve the usage field of a policy structure.
+ *
+ * \param[in] policy    The policy object to query.
+ *
+ * \return The permitted uses for a key with this policy.
+ */
 psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy);
 
-/** \brief Retrieve the algorithm field of a policy structure. */
+/** \brief Retrieve the algorithm field of a policy structure.
+ *
+ * \param[in] policy    The policy object to query.
+ *
+ * \return The permitted algorithm for a key with this policy.
+ */
 psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy);
 
 /** \brief Set the usage policy on a key slot.
@@ -1221,11 +1240,30 @@ psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy);
  *
  * Implementations may set restrictions on supported key policies
  * depending on the key type and the key slot.
+ *
+ * \param key           The key slot whose policy is to be changed.
+ * \param[in] policy    The policy object to query.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_OCCUPIED_SLOT
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_set_key_policy(psa_key_slot_t key,
                                 const psa_key_policy_t *policy);
 
 /** \brief Get the usage policy for a key slot.
+ *
+ * \param key           The key slot whose policy is being queried.
+ * \param[out] policy   On success, the key's policy.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_get_key_policy(psa_key_slot_t key,
                                 psa_key_policy_t *policy);

From b4fa8c9c6d97a65ebf5c18513b2aed53ad8f6b61 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Wed, 11 Jul 2018 15:57:44 +0100
Subject: [PATCH 382/889] psa: Fix Doxygen comment on psa_get_key_from_slot

We failed all.sh on the "test: doxygen markup outside doxygen blocks" due
to doxygen markup being outside a Doxygen block. Add an extra `*` to the
psa_get_key_from_slot comment to denote the comment as a Doxygen comment.
---
 library/psa_crypto.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index cc996a01c..aee00787b 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -371,9 +371,9 @@ static psa_status_t psa_get_empty_key_slot( psa_key_slot_t key,
     return( status );
 }
 
-/* Retrieve a slot which must contain a key. The key must have allow all
- * the usage flags set in \p usage. If \p alg is nonzero, the key must
- * allow operations with this algorithm. */
+/** Retrieve a slot which must contain a key. The key must have allow all the
+ * usage flags set in \p usage. If \p alg is nonzero, the key must allow
+ * operations with this algorithm. */
 static psa_status_t psa_get_key_from_slot( psa_key_slot_t key,
                                            key_slot_t **p_slot,
                                            psa_key_usage_t usage,

From 61a60376b7364a439a683aa26d9ff058dcac288c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sun, 8 Jul 2018 21:48:44 +0200
Subject: [PATCH 383/889] Fix misplaced Doxygen comment

---
 include/psa/crypto.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 9fea83e7c..a30af423a 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -414,13 +414,13 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_IS_KEYPAIR(type)                                   \
     (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG)) == \
      (PSA_KEY_TYPE_CATEGORY_ASYMMETRIC | PSA_KEY_TYPE_PAIR_FLAG))
-/** Whether a key type is an RSA key pair or public key. */
 /** The key pair type corresponding to a public key type. */
 #define PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY(type)        \
     ((type) | PSA_KEY_TYPE_PAIR_FLAG)
 /** The public key type corresponding to a key pair type. */
 #define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type)        \
     ((type) & ~PSA_KEY_TYPE_PAIR_FLAG)
+/** Whether a key type is an RSA key pair or public key. */
 #define PSA_KEY_TYPE_IS_RSA(type)                                       \
     (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
 /** Whether a key type is an elliptic curve key pair or public key. */

From d00444cf33abb3f82156ffbf5593e61c1479e161 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 29 Jun 2018 21:10:56 +0200
Subject: [PATCH 384/889] Improve test coverage of PKCS#1 v1.5 encrypt/decrypt

* Add a test for decryption with invalid padding.
* Add a test for encryption with input too large.
* In negative tests, pass input whose length matches the key length,
  unless that's what the test is about.
---
 tests/suites/test_suite_psa_crypto.data | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 4ac25b4d8..6968ff9aa 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -761,6 +761,10 @@ PSA encrypt: RSA PKCS#1 v1.5, key pair
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS
 
+PSA encrypt: RSA PKCS#1 v1.5, input too large
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":0:PSA_ERROR_INVALID_ARGUMENT
+
 PSA encrypt: invalid algorithm
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_INVALID_ARGUMENT
@@ -785,17 +789,21 @@ PSA decrypt: RSA PKCS#1 v1.5: good #2
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":34
 
+PSA decrypt: RSA PKCS#1 v1.5, invalid padding
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":PSA_ERROR_INVALID_PADDING
+
 PSA decrypt: invalid algorithm
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":PSA_ERROR_INVALID_ARGUMENT
 
 PSA decrypt: RSA PKCS#1 v1.5, invalid key type (RSA public key)
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":PSA_ERROR_INVALID_ARGUMENT
 
 PSA decrypt: RSA PKCS#1 v1.5: invalid key type (AES)
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":PSA_ERROR_INVALID_ARGUMENT
+asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396e":PSA_ERROR_INVALID_ARGUMENT
 
 PSA decrypt: RSA PKCS#1 v1.5, input too small
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15

From 9ac9426731a58cee9b13b7184e457c00fc54ac52 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 20:15:32 +0200
Subject: [PATCH 385/889] Doc: clarify the preconditions for psa_cipher_update

---
 include/psa/crypto.h | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 4b2e9a0aa..8a80620dd 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1963,12 +1963,12 @@ psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
 
 /** Encrypt or decrypt a message fragment in an active cipher operation.
  *
- * The application must call psa_cipher_encrypt_setup() or
- * psa_cipher_decrypt_setup() before calling this function. The choice
- * of setup function determines whether this function encrypts or
- * decrypts its input. After calling a setup function, if the chosen
- * algorithm requires an IV, the application must call
- * psa_cipher_generate_iv() or psa_cipher_set_iv().
+ * Before calling this function, you must:
+ * 1. Call either psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup().
+ *    The choice of setup function determines whether this function
+ *    encrypts or decrypts its input.
+ * 2. If the algorithm requires an IV, call psa_cipher_generate_iv()
+ *    (recommended when encrypting) or psa_cipher_set_iv().
  *
  * If this function returns an error status, the operation becomes inactive.
  *

From 67a9351bc5813346f047a3fbc8384afa0a2c19b2 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Wed, 11 Jul 2018 16:07:40 +0100
Subject: [PATCH 386/889] psa: config: Add MBEDTLS_PSA_CRYPTO_SPM

We failed check-names.sh due to using a define which wasn't described or
defined anywhere. Even though we won't realistically enable
MBEDTLS_PSA_CRYPTO_SPM via the configuration system (and will do it from
PSA Crypto SPM tooling instead), add a description of the configuration to
config.h as good practice. Exclude MBEDTLS_PSA_CRYPTO_SPM from the "full"
configuration as well.
---
 configs/config-psa-crypto.h    | 14 ++++++++++++++
 include/mbedtls/check_config.h |  4 ++++
 include/mbedtls/config.h       | 14 ++++++++++++++
 library/version_features.c     |  3 +++
 scripts/config.pl              |  1 +
 5 files changed, 36 insertions(+)

diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h
index 184e1ab64..870e335d1 100644
--- a/configs/config-psa-crypto.h
+++ b/configs/config-psa-crypto.h
@@ -696,6 +696,20 @@
  */
 #define MBEDTLS_PKCS1_V21
 
+/**
+ * \def MBEDTLS_PSA_CRYPTO_SPM
+ *
+ * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure
+ * Partition Manager) integration which separates the code into two parts: a
+ * NSPE (Non-Secure Process Environment) and an SPE (Secure Process
+ * Environment).
+ *
+ * Module:  library/psa_crypto.c
+ * Requires: MBEDTLS_PSA_CRYPTO_C
+ *
+ */
+//#define MBEDTLS_PSA_CRYPTO_SPM
+
 /**
  * \def MBEDTLS_RSA_NO_CRT
  *
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 41c3f2458..620aff999 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -492,6 +492,10 @@
 #error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites"
 #endif
 
+#if defined(MBEDTLS_PSA_CRYPTO_SPM) && !defined(MBEDTLS_PSA_CRYPTO_C)
+#error "MBEDTLS_PSA_CRYPTO_SPM defined, but not all prerequisites"
+#endif
+
 #if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) ||         \
     !defined(MBEDTLS_OID_C) )
 #error "MBEDTLS_RSA_C defined, but not all prerequisites"
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index d3df9eeda..385381f7c 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1126,6 +1126,20 @@
  */
 #define MBEDTLS_PKCS1_V21
 
+/**
+ * \def MBEDTLS_PSA_CRYPTO_SPM
+ *
+ * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure
+ * Partition Manager) integration which separates the code into two parts: a
+ * NSPE (Non-Secure Process Environment) and an SPE (Secure Process
+ * Environment).
+ *
+ * Module:  library/psa_crypto.c
+ * Requires: MBEDTLS_PSA_CRYPTO_C
+ *
+ */
+//#define MBEDTLS_PSA_CRYPTO_SPM
+
 /**
  * \def MBEDTLS_RSA_NO_CRT
  *
diff --git a/library/version_features.c b/library/version_features.c
index b77bf2658..9917ec03e 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -414,6 +414,9 @@ static const char *features[] = {
 #if defined(MBEDTLS_PKCS1_V21)
     "MBEDTLS_PKCS1_V21",
 #endif /* MBEDTLS_PKCS1_V21 */
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+    "MBEDTLS_PSA_CRYPTO_SPM",
+#endif /* MBEDTLS_PSA_CRYPTO_SPM */
 #if defined(MBEDTLS_RSA_NO_CRT)
     "MBEDTLS_RSA_NO_CRT",
 #endif /* MBEDTLS_RSA_NO_CRT */
diff --git a/scripts/config.pl b/scripts/config.pl
index 3d2884cc9..2e4ac3bb6 100755
--- a/scripts/config.pl
+++ b/scripts/config.pl
@@ -96,6 +96,7 @@ MBEDTLS_ZLIB_SUPPORT
 MBEDTLS_PKCS11_C
 MBEDTLS_NO_UDBL_DIVISION
 MBEDTLS_NO_64BIT_MULTIPLICATION
+MBEDTLS_PSA_CRYPTO_SPM
 _ALT\s*$
 );
 

From 66763a008a08f41d7bcdc24acb926f47a640b797 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 29 Jun 2018 21:54:10 +0200
Subject: [PATCH 387/889] asymmetric_decrypt test: remove redundant argument

The expected output size is the size of the expected output, it
doesn't need to be passed separately.
---
 tests/suites/test_suite_psa_crypto.data     | 4 ++--
 tests/suites/test_suite_psa_crypto.function | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 6968ff9aa..eb5f77b93 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -783,11 +783,11 @@ asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057
 
 PSA decrypt: RSA PKCS#1 v1.5: good #1
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":32
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
 
 PSA decrypt: RSA PKCS#1 v1.5: good #2
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":34
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff"
 
 PSA decrypt: RSA PKCS#1 v1.5, invalid padding
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 71325745a..8c8d41d26 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -2347,7 +2347,7 @@ exit:
 /* BEGIN_CASE */
 void asymmetric_decrypt( int key_type_arg, data_t *key_data,
                          int alg_arg, data_t *input_data,
-                         data_t *expected_data, int expected_size )
+                         data_t *expected_data )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -2384,7 +2384,7 @@ void asymmetric_decrypt( int key_type_arg, data_t *key_data,
                                          output,
                                          output_size,
                                          &output_length ) == PSA_SUCCESS );
-    TEST_ASSERT( (size_t) expected_size == output_length );
+    TEST_ASSERT( expected_data->len == output_length );
     TEST_ASSERT( memcmp( expected_data->x, output, output_length ) == 0 );
 
 exit:

From be42f312a81d2ac628ad05de20fbd0c398ee794a Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 13 Jul 2018 14:38:15 +0200
Subject: [PATCH 388/889] Doxygen: use \c foo in preference to `foo` for
 consistency

---
 include/psa/crypto.h | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 8a80620dd..d5bda81f9 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -97,7 +97,7 @@ typedef int32_t psa_status_t;
 
 /** An output buffer is too small.
  *
- * Applications can call the `PSA_xxx_SIZE` macro listed in the function
+ * Applications can call the \c PSA_xxx_SIZE macro listed in the function
  * description to determine a sufficient buffer size.
  *
  * Implementations should preferably return this error code only
@@ -356,8 +356,8 @@ typedef uint32_t psa_key_type_t;
  * used for.
  *
  * HMAC keys should generally have the same size as the underlying hash.
- * This size can be calculated with #PSA_HASH_SIZE(\p alg) where
- * `alg` is the HMAC algorithm or the underlying hash algorithm. */
+ * This size can be calculated with #PSA_HASH_SIZE(\c alg) where
+ * \c alg is the HMAC algorithm or the underlying hash algorithm. */
 #define PSA_KEY_TYPE_HMAC                       ((psa_key_type_t)0x02000001)
 
 /** Key for an cipher, AEAD or MAC algorithm based on the AES block cipher.
@@ -1357,7 +1357,7 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
  *
  * \param alg   A hash algorithm (\c PSA_ALG_XXX value such that
  *              #PSA_ALG_IS_HASH(\p alg) is true), or an HMAC algorithm
- *              (#PSA_ALG_HMAC(`hash_alg`) where `hash_alg` is a
+ *              (#PSA_ALG_HMAC(\c hash_alg) where \c hash_alg is a
  *              hash algorithm).
  *
  * \return The hash size for the specified hash algorithm.
@@ -1466,7 +1466,7 @@ psa_status_t psa_hash_update(psa_hash_operation_t *operation,
  * \param hash_size             Size of the \p hash buffer in bytes.
  * \param[out] hash_length      On success, the number of bytes
  *                              that make up the hash value. This is always
- *                              #PSA_HASH_SIZE(`alg`) where `alg` is the
+ *                              #PSA_HASH_SIZE(\c alg) where \c alg is the
  *                              hash algorithm that is calculated.
  *
  * \retval #PSA_SUCCESS
@@ -2450,7 +2450,7 @@ psa_status_t psa_generate_random(uint8_t *output,
 
 /** Extra parameters for RSA key generation.
  *
- * You may pass a pointer to a structure of this type as the `extra`
+ * You may pass a pointer to a structure of this type as the \c extra
  * parameter to psa_generate_key().
  */
 typedef struct {

From 1c211b3e01ca1692e5e3a5b2625f1bec804b7eca Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 30 Jun 2018 00:24:04 +0200
Subject: [PATCH 389/889] Fix some test dependencies

* No test depends on MBEDTLS_PK_C except via MBEDTLS_PK_PARSE_C, so
  remove MBEDTLS_PK_C and keep only MBEDTLS_PK_PARSE_C.
* Add MBEDTLS_PK_WRITE_C for pk export tests.
* Add MBEDTLS_GENPRIME for RSA key generation tests.
* Add dependencies to AEAD tests.
* Add missing dependencies to many RSA tests.
---
 tests/suites/test_suite_psa_crypto.data | 102 ++++++++++++++----------
 1 file changed, 62 insertions(+), 40 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 72c602181..27c15389f 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -30,87 +30,87 @@ depends_on:MBEDTLS_AES_C
 import:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT
 
 PSA import/export RSA public key: good, 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
 
 PSA import/export RSA public key: good, larger buffer (+1 byte)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1
 
 PSA import/export RSA public key: good, larger buffer (*2-1)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:161:PSA_SUCCESS:1
 
 PSA import/export RSA public key: good, larger buffer (*2)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:162:PSA_SUCCESS:1
 
 PSA import/export RSA public key: good, larger buffer (*2+1)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:163:PSA_SUCCESS:1
 
 PSA import/export RSA public key: export buffer too small
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
 
 PSA import/export RSA keypair: good, 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:1
 
 PSA import/export RSA keypair: good, larger buffer (+1 byte)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:1:PSA_SUCCESS:1
 
 PSA import/export RSA keypair: good, larger buffer (*2-1)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:609:PSA_SUCCESS:1
 
 PSA import/export RSA keypair: good, larger buffer (*2)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:610:PSA_SUCCESS:1
 
 PSA import/export RSA keypair: good, larger buffer (*2+1)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:611:PSA_SUCCESS:1
 
 PSA import/export RSA keypair: export buffer too small
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
 
 PSA import/export RSA keypair: trailing garbage ignored
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:-1:PSA_SUCCESS:0
 
 PSA import RSA keypair: truncated
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT
 
 PSA import RSA keypair: valid key but EC
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT
 
 PSA import/export RSA keypair: good, 1023-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1023:0:PSA_SUCCESS:1
 
 PSA import/export-public RSA public key: good, 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS
 
 PSA import/export-public PSA keypair: good, 1024-bit
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS
 
 PSA import/export-public: cannot export-public a symmetric key
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:128:0:PSA_ERROR_INVALID_ARGUMENT
 
 PSA import/export EC secp256r1: good
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
 
 PSA import/export EC secp384r1: good
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1
 
 PSA import/export AES key: policy forbids export
@@ -122,29 +122,31 @@ depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_HMAC:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:256:0:PSA_ERROR_NOT_PERMITTED:1
 
 PSA import/export RSA keypair: policy forbids export (crypt)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:1024:0:PSA_ERROR_NOT_PERMITTED:1
 
 PSA import/export RSA keypair: policy forbids export (sign)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:1024:0:PSA_ERROR_NOT_PERMITTED:1
 
 PSA import EC keypair secp384r1: valid key but wrong curve (secp256r1)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT
 
 PSA import EC keypair brainpool384r1: valid key but wrong curve (secp384r1)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ERROR_INVALID_ARGUMENT
 
 PSA import EC keypair: valid key but RSA
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C
 import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ERROR_INVALID_ARGUMENT
 
 PSA import RSA key pair: maximum size exceeded
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:1:PSA_ERROR_NOT_SUPPORTED
 
 PSA import RSA public key: maximum size exceeded
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED
 
 PSA key policy set and get
@@ -558,51 +560,67 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
 cipher_verify_output_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4
 
 PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #1
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":"000102030405060708090A0B":PSA_SUCCESS
 
 PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #2
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
 
 PSA AEAD encrypt/decrypt: DES-CCM not supported
+depends_on:MBEDTLS_DES_C:MBEDTLS_CCM_C
 aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
 
 PSA AEAD encrypt: AES-CCM, 23 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
 aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8"
 
 PSA AEAD encrypt: AES-CCM, 24 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
 aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
 
 PSA AEAD decrypt: AES-CCM, 39 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
 aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS
 
 PSA AEAD decrypt, AES-CCM, 40 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
 aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
 
 PSA AEAD decrypt: AES-CCM, invalid signature
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
 aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
 
 PSA AEAD encrypt/decrypt, AES-GCM, 19 bytes #1
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":PSA_SUCCESS
 
 PSA AEAD encrypt/decrypt, AES GCM, 19 bytes #2
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
 
 PSA AEAD encrypt, AES-GCM, 128 bytes #1
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
 
 PSA AEAD encrypt, AES-GCM, 128 bytes #2
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56"
 
 PSA AEAD decrypt, AES-GCM, 144 bytes #1
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
 
 PSA AEAD decrypt, AES-GCM, 144 bytes #2
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS
 
 PSA AEAD decrypt, AES-GCM, invalid signature
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE
 
 PSA AEAD encrypt/decrypt: invalid algorithm (CTR)
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
 
 PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw
@@ -624,15 +642,15 @@ PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw
 signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1025:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:129
 
 PSA import/exercise RSA keypair, PKCS#1 v1.5 raw
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW
 
 PSA import/exercise: ECP SECP256R1 keypair, ECDSA
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
 import_and_exercise_key:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDSA_ANY
 
 PSA import/exercise: ECP SECP256R1 keypair, deterministic ECDSA
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
 import_and_exercise_key:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 )
 
 PSA sign: RSA PKCS#1 v1.5, raw
@@ -640,28 +658,31 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a"
 
 PSA sign: RSA PKCS#1 v1.5 SHA-256
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
 
 PSA sign: deterministic ECDSA SECP256R1 SHA-256
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
 sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
 PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT
 
 PSA sign: RSA PKCS#1 v1.5 SHA-256, output buffer too small
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL
 
 PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
 sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL
 
 PSA sign: deterministic ECDSA SECP256R1, invalid hash
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
 sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
 
 PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
 asymmetric_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
 
 PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong hash
@@ -669,19 +690,19 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C
 asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT
 
 PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
 asymmetric_verify_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
 
 PSA verify: ECDSA SECP256R1, good
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
 PSA verify: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded)
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE
 
 PSA verify: ECDSA SECP256R1, wrong signature of correct size
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE
 
 PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #1
@@ -782,18 +803,19 @@ depends_on:MBEDTLS_AES_C
 generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
 
 PSA generate key: RSA, 512 bits, good, sign
-depends_on:MBEDTLS_RSA_C
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
 generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
 
 PSA generate key: RSA, 1024 bits, good, sign
-depends_on:MBEDTLS_RSA_C
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
 generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
 
 PSA generate key: RSA, 512 bits, good, encrypt
-depends_on:MBEDTLS_RSA_C
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
 generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS
 
 PSA generate key: RSA, maximum size exceeded
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
 generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:PSA_VENDOR_RSA_MAX_KEY_BITS+1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED
 
 PSA generate key: ECC, SECP256R1, good

From 54622aec806255443afbd99e57442b673d18bcb3 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 29 Jun 2018 22:24:24 +0200
Subject: [PATCH 390/889] Fix PSA_ALG_SIGN_GET_HASH for PSA_ALG_SIGN_xxx_RAW

---
 include/psa/crypto.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index ba0755b2e..2477e58a5 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -929,6 +929,7 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_SIGN_GET_HASH(alg)                                     \
     (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) ||   \
      PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg) ?                    \
+     ((alg) & PSA_ALG_HASH_MASK) == 0 ? /*"raw" algorithm*/ 0 :        \
      ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH :             \
      0)
 

From b82ab6f402535f5b262fb2f1faa70c7f8ac0b402 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 13 Jul 2018 15:33:43 +0200
Subject: [PATCH 391/889] Improve documentation of abort functions

Explicitly state that calling abort is safe after initializing to
zero.

Explicitly state that calling abort on an inactive operation is safe,
and replace "active" by "initialized" in the description of the
parameter.

Get rid of the recommendation for implementers to try to handle
uninitialized structures safely. It's good advice in principle but
cannot be achieved in a robust way and the wording was confusing.
---
 include/psa/crypto.h | 70 ++++++++++++++++++++++++++++----------------
 1 file changed, 44 insertions(+), 26 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index d5bda81f9..8ac817a6e 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1524,17 +1524,23 @@ psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
 
 /** Abort a hash operation.
  *
- * This function may be called at any time after psa_hash_setup().
  * Aborting an operation frees all associated resources except for the
- * \p operation structure itself.
+ * \p operation structure itself. Once aborted, the operation object
+ * can be reused for another operation by calling
+ * psa_hash_setup() again.
  *
- * Implementation should strive to be robust and handle inactive hash
- * operations safely (do nothing and return #PSA_ERROR_BAD_STATE). However,
- * application writers should beware that uninitialized memory may happen
- * to be indistinguishable from an active hash operation, and the behavior
- * of psa_hash_abort() is undefined in this case.
+ * You may call this function any time after the operation object has
+ * been initialized by any of the following methods:
+ * - A call to psa_hash_setup(), whether it succeeds or not.
+ * - Initializing the \c struct to all-bits-zero.
+ * - Initializing the \c struct to logical zeros, e.g.
+ *   `psa_hash_operation_t operation = {0}`.
  *
- * \param[in,out] operation     Active hash operation.
+ * In particular, calling psa_hash_abort() after the operation has been
+ * terminated by a call to psa_hash_abort(), psa_hash_finish() or
+ * psa_hash_verify() is safe and has no effect.
+ *
+ * \param[in,out] operation     Initialized hash operation.
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_BAD_STATE
@@ -1760,18 +1766,24 @@ psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
 
 /** Abort a MAC operation.
  *
- * This function may be called at any time after psa_mac_sign_setup()
- * or psa_mac_verify_setup().
  * Aborting an operation frees all associated resources except for the
- * \p operation structure itself.
+ * \p operation structure itself. Once aborted, the operation object
+ * can be reused for another operation by calling
+ * psa_mac_sign_setup() or psa_mac_verify_setup() again.
  *
- * Implementation should strive to be robust and handle inactive MAC
- * operations safely (do nothing and return #PSA_ERROR_BAD_STATE). However,
- * application writers should beware that uninitialized memory may happen
- * to be indistinguishable from an active MAC operation, and the behavior
- * of psa_mac_abort() is undefined in this case.
+ * You may call this function any time after the operation object has
+ * been initialized by any of the following methods:
+ * - A call to psa_mac_sign_setup() or psa_mac_verify_setup(), whether
+ *   it succeeds or not.
+ * - Initializing the \c struct to all-bits-zero.
+ * - Initializing the \c struct to logical zeros, e.g.
+ *   `psa_mac_operation_t operation = {0}`.
  *
- * \param[in,out] operation Active MAC operation.
+ * In particular, calling psa_mac_abort() after the operation has been
+ * terminated by a call to psa_mac_abort(), psa_mac_sign_finish() or
+ * psa_mac_verify_finish() is safe and has no effect.
+ *
+ * \param[in,out] operation Initialized MAC operation.
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_BAD_STATE
@@ -2038,18 +2050,24 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
 
 /** Abort a cipher operation.
  *
- * This function may be called at any time after
- * psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup().
  * Aborting an operation frees all associated resources except for the
- * \p operation structure itself.
+ * \p operation structure itself. Once aborted, the operation object
+ * can be reused for another operation by calling
+ * psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup() again.
  *
- * Implementation should strive to be robust and handle inactive cipher
- * operations safely (do nothing and return #PSA_ERROR_BAD_STATE). However,
- * application writers should beware that uninitialized memory may happen
- * to be indistinguishable from an active cipher operation, and the behavior
- * of psa_cipher_abort() is undefined in this case.
+ * You may call this function any time after the operation object has
+ * been initialized by any of the following methods:
+ * - A call to psa_cipher_encrypt_setup() or psa_cipher_decrypt_setup(),
+ *   whether it succeeds or not.
+ * - Initializing the \c struct to all-bits-zero.
+ * - Initializing the \c struct to logical zeros, e.g.
+ *   `psa_cipher_operation_t operation = {0}`.
  *
- * \param[in,out] operation     Active cipher operation.
+ * In particular, calling psa_cipher_abort() after the operation has been
+ * terminated by a call to psa_cipher_abort() or psa_cipher_finish()
+ * is safe and has no effect.
+ *
+ * \param[in,out] operation     Initialized cipher operation.
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_BAD_STATE

From f969b3ac74dcabea70a7a80ee09bf56581c3adbb Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 30 Jun 2018 00:20:25 +0200
Subject: [PATCH 392/889] Change a generate_key test to exercise with PSS

This required tweaking exercise_signature_key to use a payload size
for the signature based on the algorithm, since our implementation of
PSS requires that the input size matches the hash size. This would
also be the case for PKCS#1 v1.5 with a specified hash.
---
 tests/suites/test_suite_psa_crypto.data     | 10 +++++-----
 tests/suites/test_suite_psa_crypto.function | 10 ++++++++--
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index eb5f77b93..e3d74ba93 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -870,13 +870,13 @@ PSA generate key: invalid key size: AES, 64 bits
 depends_on:MBEDTLS_AES_C
 generate_key:PSA_KEY_TYPE_AES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_ERROR_INVALID_ARGUMENT
 
-PSA generate key: RSA, 512 bits, good, sign
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
+PSA generate key: RSA, 512 bits, good, sign (PKCS#1 v1.5)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15
 generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
 
-PSA generate key: RSA, 1024 bits, good, sign
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
-generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
+PSA generate key: RSA, 1024 bits, good, sign (PSS SHA-256)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS
 
 PSA generate key: RSA, 512 bits, good, encrypt
 depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 8c8d41d26..dbe306e04 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -285,13 +285,19 @@ static int exercise_signature_key( psa_key_slot_t key,
                                    psa_key_usage_t usage,
                                    psa_algorithm_t alg )
 {
-    unsigned char payload[16] = {1};
-    size_t payload_length = sizeof( payload );
+    unsigned char payload[PSA_HASH_MAX_SIZE] = {1};
+    size_t payload_length = 16;
     unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0};
     size_t signature_length = sizeof( signature );
 
     if( usage & PSA_KEY_USAGE_SIGN )
     {
+        /* Some algorithms require the payload to have the size of
+         * the hash encoded in the algorithm. Use this input size
+         * even for algorithms that allow other input sizes. */
+        psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
+        if( hash_alg != 0 )
+            payload_length = PSA_HASH_SIZE( hash_alg );
         TEST_ASSERT( psa_asymmetric_sign( key, alg,
                                           payload, payload_length,
                                           signature, sizeof( signature ),

From ef0cb407361cc42cacf3d9a8c74ddf028ffd966e Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 16:55:59 +0200
Subject: [PATCH 393/889] Fix bug in exercise_mac_key that almost always broke
 the SIGN case

That case isn't used in the test suite yet.
---
 tests/suites/test_suite_psa_crypto.function | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index e9efb3a0a..37d6aca3f 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -143,7 +143,7 @@ static int exercise_mac_key( psa_key_slot_t key,
         TEST_ASSERT( psa_mac_update( &operation,
                                      input, sizeof( input ) ) == PSA_SUCCESS );
         TEST_ASSERT( psa_mac_sign_finish( &operation,
-                                          mac, sizeof( input ),
+                                          mac, sizeof( mac ),
                                           &mac_length ) == PSA_SUCCESS );
     }
 

From f64ee8a7f10f05c5b624afd817aef7ef7d1d5adb Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 16:57:40 +0200
Subject: [PATCH 394/889] Fix "unknown MAC algorithm" to actually use a MAC
 algorithm

---
 tests/suites/test_suite_psa_crypto.data | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 27c15389f..b44c347e2 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -294,7 +294,7 @@ mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_S
 
 PSA MAC setup: bad algorithm (unknown MAC algorithm)
 depends_on:MBEDTLS_MD_C
-mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(0):PSA_ERROR_NOT_SUPPORTED
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(0):PSA_ERROR_NOT_SUPPORTED
 
 PSA MAC setup: bad algorithm (not a MAC algorithm)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC

From a4d20bd3879c206fe9f6b55d86bc640b25bf3a09 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 29 Jun 2018 23:35:02 +0200
Subject: [PATCH 395/889] For RSA PSS, document that salt length = hash length

This is the most common mode and the only mode that Mbed TLS functions
fully supports (mbedtls_rsa_rsassa_pss_verify_ext can verify
signatures with a different salt length).
---
 include/psa/crypto.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 2477e58a5..ea209852a 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -807,7 +807,8 @@ typedef uint32_t psa_algorithm_t;
  *
  * This is the signature scheme defined by RFC 8017
  * (PKCS#1: RSA Cryptography Specifications) under the name
- * RSASSA-PSS, with the message generation function MGF1. The specified
+ * RSASSA-PSS, with the message generation function MGF1, and with
+ * a salt length equal to the length of the hash. The specified
  * hash algorithm is used to hash the input message, to create the
  * salted hash, and for the mask generation.
  *

From 94e44540ff9eb42fb4e63f371335d3e7a36c32e4 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 16:58:43 +0200
Subject: [PATCH 396/889] psa_hash_update: robustify the case length=0

Don't require hash implementations to behave correctly on a
zero-length input, which may have an invalid pointer.
---
 library/psa_crypto.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index eb140ea2c..47605d432 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1018,6 +1018,12 @@ psa_status_t psa_hash_update( psa_hash_operation_t *operation,
                               size_t input_length )
 {
     int ret;
+
+    /* Don't require hash implementations to behave correctly on a
+     * zero-length input, which may have an invalid pointer. */
+    if( input_length == 0 )
+        return( PSA_SUCCESS );
+
     switch( operation->alg )
     {
 #if defined(MBEDTLS_MD2_C)
@@ -1068,6 +1074,7 @@ psa_status_t psa_hash_update( psa_hash_operation_t *operation,
             ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA;
             break;
     }
+
     if( ret != 0 )
         psa_hash_abort( operation );
     return( mbedtls_to_psa_error( ret ) );

From 71ac7b11a755dfe2b7daf02481d99e3fcee449d2 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 29 Jun 2018 23:36:35 +0200
Subject: [PATCH 397/889] Allow RSA PSS with any input size

Although RSASSA-PSS defines its input as a message to be hashed, we
implement a sign-the-hash function. This function can take an input
which isn't a hash, so don't restrict the size of the input, any more
than Mbed TLS does.

Remove a redundant check that hash_length fits in unsigned int for the
sake of Mbed TLS RSA functions.

Test that PSS accepts inputs of various lengths. For PKCS#1 v1.5
signature in raw mode, test the maximum input length.
---
 library/psa_crypto.c                    | 55 ++++++++++++-------------
 tests/suites/test_suite_psa_crypto.data | 26 +++++++++++-
 2 files changed, 52 insertions(+), 29 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 30b68faf6..2a60b6feb 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1741,28 +1741,45 @@ cleanup:
 
 #if defined(MBEDTLS_RSA_C)
 /* Decode the hash algorithm from alg and store the mbedtls encoding in
- * md_alg. Verify that the hash length is consistent. */
+ * md_alg. Verify that the hash length is acceptable. */
 static psa_status_t psa_rsa_decode_md_type( psa_algorithm_t alg,
                                             size_t hash_length,
                                             mbedtls_md_type_t *md_alg )
 {
     psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
     const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
-    *md_alg = hash_alg == 0 ? MBEDTLS_MD_NONE : mbedtls_md_get_type( md_info );
-    if( *md_alg == MBEDTLS_MD_NONE )
-    {
+    *md_alg = mbedtls_md_get_type( md_info );
+
+    /* The Mbed TLS RSA module uses an unsigned int for hash length
+     * parameters. Validate that it fits so that we don't risk an
+     * overflow later. */
 #if SIZE_MAX > UINT_MAX
-        if( hash_length > UINT_MAX )
-            return( PSA_ERROR_INVALID_ARGUMENT );
+    if( hash_length > UINT_MAX )
+        return( PSA_ERROR_INVALID_ARGUMENT );
 #endif
-    }
-    else
+
+#if defined(MBEDTLS_PKCS1_V15)
+    /* For PKCS#1 v1.5 signature, if using a hash, the hash length
+     * must be correct. */
+    if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) &&
+        alg != PSA_ALG_RSA_PKCS1V15_SIGN_RAW )
     {
+        if( md_info == NULL )
+            return( PSA_ERROR_NOT_SUPPORTED );
         if( mbedtls_md_get_size( md_info ) != hash_length )
             return( PSA_ERROR_INVALID_ARGUMENT );
+    }
+#endif /* MBEDTLS_PKCS1_V15 */
+
+#if defined(MBEDTLS_PKCS1_V21)
+    /* PSS requires a hash internally. */
+    if( PSA_ALG_IS_RSA_PSS( alg ) )
+    {
         if( md_info == NULL )
             return( PSA_ERROR_NOT_SUPPORTED );
     }
+#endif /* MBEDTLS_PKCS1_V21 */
+
     return( PSA_SUCCESS );
 }
 
@@ -1785,15 +1802,6 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa,
     if( signature_size < mbedtls_rsa_get_len( rsa ) )
         return( PSA_ERROR_BUFFER_TOO_SMALL );
 
-    /* The Mbed TLS RSA module uses an unsigned int for hash_length. See if
-     * hash_length will fit and return an error if it doesn't. */
-#if defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21)
-#if SIZE_MAX > UINT_MAX
-    if( hash_length > UINT_MAX )
-        return( PSA_ERROR_NOT_SUPPORTED );
-#endif
-#endif
-
 #if defined(MBEDTLS_PKCS1_V15)
     if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
     {
@@ -1818,7 +1826,7 @@ static psa_status_t psa_rsa_sign( mbedtls_rsa_context *rsa,
                                            mbedtls_ctr_drbg_random,
                                            &global_data.ctr_drbg,
                                            MBEDTLS_RSA_PRIVATE,
-                                           md_alg,
+                                           MBEDTLS_MD_NONE,
                                            (unsigned int) hash_length,
                                            hash,
                                            signature );
@@ -1852,15 +1860,6 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa,
     if( signature_length < mbedtls_rsa_get_len( rsa ) )
         return( PSA_ERROR_BUFFER_TOO_SMALL );
 
-#if defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21)
-#if SIZE_MAX > UINT_MAX
-    /* The Mbed TLS RSA module uses an unsigned int for hash_length. See if
-     * hash_length will fit and return an error if it doesn't. */
-    if( hash_length > UINT_MAX )
-        return( PSA_ERROR_NOT_SUPPORTED );
-#endif
-#endif
-
 #if defined(MBEDTLS_PKCS1_V15)
     if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
     {
@@ -1885,7 +1884,7 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa,
                                              mbedtls_ctr_drbg_random,
                                              &global_data.ctr_drbg,
                                              MBEDTLS_RSA_PUBLIC,
-                                             md_alg,
+                                             MBEDTLS_MD_NONE,
                                              (unsigned int) hash_length,
                                              hash,
                                              signature );
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index e3d74ba93..9770f0453 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -689,6 +689,10 @@ PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT
 
+PSA sign: RSA PKCS#1 v1.5 raw, input too large
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_INVALID_ARGUMENT
+
 PSA sign: RSA PKCS#1 v1.5 SHA-256, output buffer too small
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL
@@ -709,10 +713,18 @@ PSA sign/verify: RSA PKCS#1 v1.5 SHA-256
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
 sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
 
-PSA sign/verify: RSA PSS-SHA-256
+PSA sign/verify: RSA PSS SHA-256, 0 bytes
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):""
+
+PSA sign/verify: RSA PSS SHA-256, 32 bytes (hash size)
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
 sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
 
+PSA sign/verify: RSA PSS SHA-256, 129 bytes
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+
 PSA sign/verify: randomized ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
@@ -737,6 +749,18 @@ PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
 asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE
 
+PSA verify: RSA PSS SHA-256, good signature, 0 bytes
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d"
+
+PSA verify: RSA PSS SHA-256, good signature, 32 bytes (hash size)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"1967ae568cc071dfebeeca76b11d40bd1ec5af241c50b3dcceff21f4536c0693a7179a8d5d163a7625fefd37c161127800edeebc24fa73ca772096827bd3f75e8ccf2c64f07b7171b5c99022a4d73b760f34a385ccff0bd5ed7997d2a29d2847acb0767f93a2a404bc046c97de66d95dc9f7646fdb216b627b2ea0de8afcefb7"
+
+PSA verify: RSA PSS SHA-256, good signature, 129 bytes
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308"
+
 PSA verify: ECDSA SECP256R1, good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
 asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"

From 01126fae7fa4c4d0584a852818cf1087b74d367f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 17:04:55 +0200
Subject: [PATCH 398/889] Isolate HMAC code into its own functions

Create internal functions for HMAC operations. This prepares for two
things: separating crypto-sensitive code from argument decoding and
validation, and using HMAC for other purposes than a MAC inside the
library (e.g. HMAC_DRBG, HKDF).

No intended observable behavior change in this commit.
---
 library/psa_crypto.c | 151 ++++++++++++++++++++++---------------------
 1 file changed, 79 insertions(+), 72 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 47605d432..de1f772ea 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1332,6 +1332,14 @@ static psa_status_t psa_mac_init( psa_mac_operation_t *operation,
     return( status );
 }
 
+#if defined(MBEDTLS_MD_C)
+static psa_status_t psa_hmac_abort_internal( psa_hmac_internal_data *hmac )
+{
+    mbedtls_zeroize( hmac->opad, sizeof( hmac->opad ) );
+    return( psa_hash_abort( &hmac->hash_ctx ) );
+}
+#endif /* MBEDTLS_MD_C */
+
 psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
 {
     if( operation->alg == 0 )
@@ -1352,12 +1360,7 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
 #if defined(MBEDTLS_MD_C)
     if( PSA_ALG_IS_HMAC( operation->alg ) )
     {
-        size_t block_size =
-            psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) );
-        if( block_size == 0 )
-            goto bad_state;
-        psa_hash_abort( &operation->ctx.hmac.hash_ctx );
-        mbedtls_zeroize( operation->ctx.hmac.opad, block_size );
+        psa_hmac_abort_internal( &operation->ctx.hmac );
     }
     else
 #endif /* MBEDTLS_MD_C */
@@ -1407,43 +1410,33 @@ static int psa_cmac_setup( psa_mac_operation_t *operation,
 #endif /* MBEDTLS_CMAC_C */
 
 #if defined(MBEDTLS_MD_C)
-static int psa_hmac_setup( psa_mac_operation_t *operation,
-                           psa_key_type_t key_type,
-                           key_slot_t *slot,
-                           psa_algorithm_t alg )
+static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac,
+                                             const uint8_t *key,
+                                             size_t key_length,
+                                             psa_algorithm_t hash_alg )
 {
     unsigned char ipad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
-    unsigned char *opad = operation->ctx.hmac.opad;
     size_t i;
-    size_t block_size =
-        psa_get_hash_block_size( PSA_ALG_HMAC_HASH( alg ) );
-    unsigned int digest_size =
-        PSA_HASH_SIZE( PSA_ALG_HMAC_HASH( alg ) );
-    size_t key_length = slot->data.raw.bytes;
+    size_t block_size = psa_get_hash_block_size( hash_alg );
     psa_status_t status;
 
-    if( block_size == 0 || digest_size == 0 )
+    if( block_size == 0 )
         return( PSA_ERROR_NOT_SUPPORTED );
 
-    if( key_type != PSA_KEY_TYPE_HMAC )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
-    operation->mac_size = digest_size;
 
     /* The hash was started earlier in psa_mac_init. */
     if( key_length > block_size )
     {
-        status = psa_hash_update( &operation->ctx.hmac.hash_ctx,
-                                  slot->data.raw.data, slot->data.raw.bytes );
+        status = psa_hash_update( &hmac->hash_ctx, key, key_length );
         if( status != PSA_SUCCESS )
             return( status );
-        status = psa_hash_finish( &operation->ctx.hmac.hash_ctx,
+        status = psa_hash_finish( &hmac->hash_ctx,
                                   ipad, sizeof( ipad ), &key_length );
         if( status != PSA_SUCCESS )
             return( status );
     }
     else
-        memcpy( ipad, slot->data.raw.data, slot->data.raw.bytes );
+        memcpy( ipad, key, key_length );
 
     /* ipad contains the key followed by garbage. Xor and fill with 0x36
      * to create the ipad value. */
@@ -1454,22 +1447,17 @@ static int psa_hmac_setup( psa_mac_operation_t *operation,
     /* Copy the key material from ipad to opad, flipping the requisite bits,
      * and filling the rest of opad with the requisite constant. */
     for( i = 0; i < key_length; i++ )
-        opad[i] = ipad[i] ^ 0x36 ^ 0x5C;
-    memset( opad + key_length, 0x5C, block_size - key_length );
+        hmac->opad[i] = ipad[i] ^ 0x36 ^ 0x5C;
+    memset( hmac->opad + key_length, 0x5C, block_size - key_length );
 
-    status = psa_hash_setup( &operation->ctx.hmac.hash_ctx,
-                             PSA_ALG_HMAC_HASH( alg ) );
+    status = psa_hash_setup( &hmac->hash_ctx, hash_alg );
     if( status != PSA_SUCCESS )
         goto cleanup;
 
-    status = psa_hash_update( &operation->ctx.hmac.hash_ctx, ipad,
-                              block_size );
+    status = psa_hash_update( &hmac->hash_ctx, ipad, block_size );
 
 cleanup:
     mbedtls_zeroize( ipad, key_length );
-    /* opad is in the context. It needs to stay in memory if this function
-     * succeeds, and it will be wiped by psa_mac_abort() called from
-     * psa_mac_setup in the error case. */
 
     return( status );
 }
@@ -1517,7 +1505,22 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
 #if defined(MBEDTLS_MD_C)
     if( PSA_ALG_IS_HMAC( alg ) )
     {
-        status = psa_hmac_setup( operation, slot->type, slot, alg );
+        psa_algorithm_t hash_alg = PSA_ALG_HMAC_HASH( alg );
+        if( hash_alg == 0 )
+        {
+            status = PSA_ERROR_NOT_SUPPORTED;
+            goto exit;
+        }
+        if( slot->type != PSA_KEY_TYPE_HMAC )
+        {
+            status = PSA_ERROR_INVALID_ARGUMENT;
+            goto exit;
+        }
+        status = psa_hmac_setup_internal( &operation->ctx.hmac,
+                                          slot->data.raw.data,
+                                          slot->data.raw.bytes,
+                                          hash_alg );
+        operation->mac_size = PSA_HASH_SIZE( hash_alg );
     }
     else
 #endif /* MBEDTLS_MD_C */
@@ -1591,12 +1594,49 @@ cleanup:
     return( status );
 }
 
+#if defined(MBEDTLS_MD_C)
+static psa_status_t psa_hmac_finish_internal( psa_hmac_internal_data *hmac,
+                                              uint8_t *mac,
+                                              size_t mac_size )
+{
+    unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
+    psa_algorithm_t hash_alg = hmac->hash_ctx.alg;
+    size_t hash_size = 0;
+    size_t block_size = psa_get_hash_block_size( hash_alg );
+    psa_status_t status;
+
+    if( block_size == 0 )
+        return( PSA_ERROR_NOT_SUPPORTED );
+
+    status = psa_hash_finish( &hmac->hash_ctx, tmp, sizeof( tmp ), &hash_size );
+    if( status != PSA_SUCCESS )
+        return( status );
+    /* From here on, tmp needs to be wiped. */
+
+    status = psa_hash_setup( &hmac->hash_ctx, hash_alg );
+    if( status != PSA_SUCCESS )
+        goto exit;
+
+    status = psa_hash_update( &hmac->hash_ctx, hmac->opad, block_size );
+    if( status != PSA_SUCCESS )
+        goto exit;
+
+    status = psa_hash_update( &hmac->hash_ctx, tmp, hash_size );
+    if( status != PSA_SUCCESS )
+        goto exit;
+
+    status = psa_hash_finish( &hmac->hash_ctx, mac, mac_size, &hash_size );
+
+exit:
+    mbedtls_zeroize( tmp, hash_size );
+    return( status );
+}
+#endif /* MBEDTLS_MD_C */
+
 static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
                                              uint8_t *mac,
                                              size_t mac_size )
 {
-    psa_status_t status;
-
     if( ! operation->key_set )
         return( PSA_ERROR_BAD_STATE );
     if( operation->iv_required && ! operation->iv_set )
@@ -1616,41 +1656,8 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
 #if defined(MBEDTLS_MD_C)
     if( PSA_ALG_IS_HMAC( operation->alg ) )
     {
-        unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
-        unsigned char *opad = operation->ctx.hmac.opad;
-        size_t hash_size = 0;
-        size_t block_size =
-            psa_get_hash_block_size( PSA_ALG_HMAC_HASH( operation->alg ) );
-
-        if( block_size == 0 )
-            return( PSA_ERROR_NOT_SUPPORTED );
-
-        status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, tmp,
-                                  sizeof( tmp ), &hash_size );
-        if( status != PSA_SUCCESS )
-            return( status );
-        /* From here on, tmp needs to be wiped. */
-
-        status = psa_hash_setup( &operation->ctx.hmac.hash_ctx,
-                                 PSA_ALG_HMAC_HASH( operation->alg ) );
-        if( status != PSA_SUCCESS )
-            goto hmac_cleanup;
-
-        status = psa_hash_update( &operation->ctx.hmac.hash_ctx, opad,
-                                  block_size );
-        if( status != PSA_SUCCESS )
-            goto hmac_cleanup;
-
-        status = psa_hash_update( &operation->ctx.hmac.hash_ctx, tmp,
-                                  hash_size );
-        if( status != PSA_SUCCESS )
-            goto hmac_cleanup;
-
-        status = psa_hash_finish( &operation->ctx.hmac.hash_ctx, mac,
-                                  mac_size, &hash_size );
-    hmac_cleanup:
-        mbedtls_zeroize( tmp, hash_size );
-        return( status );
+        return( psa_hmac_finish_internal( &operation->ctx.hmac,
+                                          mac, mac_size ) );
     }
     else
 #endif /* MBEDTLS_MD_C */

From 072ac56a03942a3c194b39c67b294dd79ab614df Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 30 Jun 2018 00:21:29 +0200
Subject: [PATCH 399/889] Implement OAEP

Implement RSAES-OAEP encryption and decryption.

Test it to the same level as PKCS#1 v1.5.
---
 include/psa/crypto.h                    |  8 +++-
 library/psa_crypto.c                    | 38 +++++++++++++++-
 tests/suites/test_suite_psa_crypto.data | 60 ++++++++++++++++++++++++-
 3 files changed, 100 insertions(+), 6 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index ea209852a..78836288c 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -957,6 +957,10 @@ typedef uint32_t psa_algorithm_t;
     (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
 #define PSA_ALG_IS_RSA_OAEP(alg)                                \
     (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE)
+#define PSA_ALG_RSA_OAEP_GET_HASH(alg)                          \
+    (PSA_ALG_IS_RSA_OAEP(alg) ?                                 \
+     ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH :      \
+     0)
 
 /**@}*/
 
@@ -2314,8 +2318,8 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
                                    size_t signature_length);
 
 #define PSA_RSA_MINIMUM_PADDING_SIZE(alg)                               \
-    (PSA_ALG_IS_RSA_OAEP_MGF1(alg) ?                                    \
-     2 * PSA_HASH_FINAL_SIZE(PSA_ALG_RSA_GET_HASH(alg)) + 1 :           \
+    (PSA_ALG_IS_RSA_OAEP(alg) ?                                         \
+     2 * PSA_HASH_FINAL_SIZE(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 :      \
      11 /*PKCS#1v1.5*/)
 
 /**
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 2a60b6feb..c1cf490da 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2101,6 +2101,17 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
     }
 }
 
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21)
+static void psa_rsa_oaep_set_padding_mode( psa_algorithm_t alg,
+                                           mbedtls_rsa_context *rsa )
+{
+    psa_algorithm_t hash_alg = PSA_ALG_RSA_OAEP_GET_HASH( alg );
+    const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
+    mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info );
+    mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
+}
+#endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) */
+
 psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
                                      psa_algorithm_t alg,
                                      const uint8_t *input,
@@ -2114,8 +2125,11 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
     key_slot_t *slot;
     psa_status_t status;
 
+    /* Only used by some algorithms which may or may not be included in the
+     * build-time configuration use the salt. */
     (void) salt;
     (void) salt_length;
+
     *output_length = 0;
 
     status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg );
@@ -2148,7 +2162,15 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
 #if defined(MBEDTLS_PKCS1_V21)
         if( PSA_ALG_IS_RSA_OAEP( alg ) )
         {
-            return( PSA_ERROR_NOT_SUPPORTED );
+            psa_rsa_oaep_set_padding_mode( alg, rsa );
+            ret = mbedtls_rsa_rsaes_oaep_encrypt( rsa,
+                                                  mbedtls_ctr_drbg_random,
+                                                  &global_data.ctr_drbg,
+                                                  MBEDTLS_RSA_PUBLIC,
+                                                  salt, salt_length,
+                                                  input_length,
+                                                  input,
+                                                  output );
         }
         else
 #endif /* MBEDTLS_PKCS1_V21 */
@@ -2179,8 +2201,11 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
     key_slot_t *slot;
     psa_status_t status;
 
+    /* Only used by some algorithms which may or may not be included in the
+     * build-time configuration use the salt. */
     (void) salt;
     (void) salt_length;
+
     *output_length = 0;
 
     status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DECRYPT, alg );
@@ -2215,7 +2240,16 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
 #if defined(MBEDTLS_PKCS1_V21)
         if( PSA_ALG_IS_RSA_OAEP( alg ) )
         {
-            return( PSA_ERROR_NOT_SUPPORTED );
+            psa_rsa_oaep_set_padding_mode( alg, rsa );
+            ret = mbedtls_rsa_rsaes_oaep_decrypt( rsa,
+                                                  mbedtls_ctr_drbg_random,
+                                                  &global_data.ctr_drbg,
+                                                  MBEDTLS_RSA_PRIVATE,
+                                                  salt, salt_length,
+                                                  output_length,
+                                                  input,
+                                                  output,
+                                                  output_size );
         }
         else
 #endif /* MBEDTLS_PKCS1_V21 */
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 9770f0453..db8a59f89 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -781,14 +781,30 @@ PSA encrypt: RSA PKCS#1 v1.5, good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS
 
+PSA encrypt: RSA OAEP-SHA-256, good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS
+
+PSA encrypt: RSA OAEP-SHA-384, good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":128:PSA_SUCCESS
+
 PSA encrypt: RSA PKCS#1 v1.5, key pair
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS
 
+PSA encrypt: RSA OAEP-SHA-256, key pair
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS
+
 PSA encrypt: RSA PKCS#1 v1.5, input too large
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":0:PSA_ERROR_INVALID_ARGUMENT
 
+PSA encrypt: RSA OAEP-SHA-384, input too large
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":0:PSA_ERROR_INVALID_ARGUMENT
+
 PSA encrypt: invalid algorithm
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_INVALID_ARGUMENT
@@ -805,6 +821,14 @@ PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #2
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff"
 
+PSA encrypt-decrypt: RSA OAEP-SHA-256
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
+
+PSA encrypt-decrypt: RSA OAEP-SHA-384
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C
+asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e"
+
 PSA decrypt: RSA PKCS#1 v1.5: good #1
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
@@ -813,10 +837,26 @@ PSA decrypt: RSA PKCS#1 v1.5: good #2
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff"
 
+PSA decrypt: RSA OAEP-SHA-256, 0 bytes
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3d3146b1c982004273a9ebb9b063e6ae53b1a85bfc802324bcdd04faa0f7211fb2bdeea40358095554df9c250866c7361e738f0d270eaa27738e87928c5e31815506346727900ff03cef0be6f9dd6bba63ce89074e8194fe68b5a5739422d4f138bbbb61f49b76cf1f18def2c993e3113b08c191ea1da0feb94f8fd9b30109a1":""
+
+PSA decrypt: RSA OAEP-SHA-256, 30 bytes
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"74686973206973206e6f2073717565616d697368206f7373696672616765"
+
+PSA decrypt: RSA OAEP-SHA-384, 30 bytes
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0df6750b8fed749359c016887d2cf097cc512c065526a91a7ee9b345a1bfff833737e7326e54d03f6bb65971962885a7661a16858d53ea55821052f4c7798d395b5c5495332fd4174451a1a437f36c27f446b96f309ff1cb6837274aa8ae2b51a8a479d736d25b8d2ca8ab96fe589553a3e52818b7df75544eb5469977b29aa4":"74686973206973206e6f2073717565616d697368206f7373696672616765"
+
 PSA decrypt: RSA PKCS#1 v1.5, invalid padding
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":PSA_ERROR_INVALID_PADDING
 
+PSA decrypt: RSA OAEP-SHA-256, invalid padding
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75428":PSA_ERROR_INVALID_PADDING
+
 PSA decrypt: invalid algorithm
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":PSA_ERROR_INVALID_ARGUMENT
@@ -825,6 +865,10 @@ PSA decrypt: RSA PKCS#1 v1.5, invalid key type (RSA public key)
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":PSA_ERROR_INVALID_ARGUMENT
 
+PSA decrypt: RSA OAEP, invalid key type (RSA public key)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":PSA_ERROR_INVALID_ARGUMENT
+
 PSA decrypt: RSA PKCS#1 v1.5: invalid key type (AES)
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396e":PSA_ERROR_INVALID_ARGUMENT
@@ -837,6 +881,14 @@ PSA decrypt: RSA PKCS#1 v1.5, input too large
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT
 
+PSA decrypt: RSA OAEP-SHA-256, input too small
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT
+
+PSA decrypt: RSA OAEP-SHA-256, input too large
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT
+
 PSA generate random: 0 bytes
 generate_random:0
 
@@ -902,10 +954,14 @@ PSA generate key: RSA, 1024 bits, good, sign (PSS SHA-256)
 depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
 generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS
 
-PSA generate key: RSA, 512 bits, good, encrypt
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
+PSA generate key: RSA, 512 bits, good, encrypt (PKCS#1 v1.5)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15
 generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS
 
+PSA generate key: RSA, 1024 bits, good, encrypt (OAEP SHA-256)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_SUCCESS
+
 PSA generate key: RSA, maximum size exceeded
 depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
 generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:PSA_VENDOR_RSA_MAX_KEY_BITS+1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED

From 9688997301a315933290ed4d55ec407d045ac324 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 17:07:03 +0200
Subject: [PATCH 400/889] MAC setup: support 0-length HMAC key

Avoid undefined behavior when using a 0-length HMAC key (Asan
complained).
---
 library/psa_crypto.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index de1f772ea..a0f278086 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1435,7 +1435,11 @@ static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac,
         if( status != PSA_SUCCESS )
             return( status );
     }
-    else
+    /* A 0-length key is not commonly used in HMAC when used as a MAC,
+     * but it is permitted. It is common when HMAC is used in HKDF, for
+     * example. Don't call `memcpy` in the 0-length because `key` could be
+     * an invalid pointer which would make the behavior undefined. */
+    else if( key_length != 0 )
         memcpy( ipad, key, key_length );
 
     /* ipad contains the key followed by garbage. Xor and fill with 0x36

From 68428121885b7f729a75a825680820efcc4e8fe9 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 30 Jun 2018 18:42:41 +0200
Subject: [PATCH 401/889] Asymmetric encryption tests: allow label argument

Add a label argument to all asymmetric encryption test functions
(currently empty in all tests, but that will change soon).

In asymmetric_encrypt and asymmetric_decrypt, with an empty label,
test with both a null pointer and a non-null pointer.
---
 tests/suites/test_suite_psa_crypto.data     | 56 +++++++--------
 tests/suites/test_suite_psa_crypto.function | 77 ++++++++++++++++++---
 2 files changed, 94 insertions(+), 39 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index db8a59f89..1660f0674 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -779,115 +779,115 @@ asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"305
 
 PSA encrypt: RSA PKCS#1 v1.5, good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
 
 PSA encrypt: RSA OAEP-SHA-256, good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
 
 PSA encrypt: RSA OAEP-SHA-384, good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":128:PSA_SUCCESS
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS
 
 PSA encrypt: RSA PKCS#1 v1.5, key pair
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
 
 PSA encrypt: RSA OAEP-SHA-256, key pair
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":128:PSA_SUCCESS
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
 
 PSA encrypt: RSA PKCS#1 v1.5, input too large
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":0:PSA_ERROR_INVALID_ARGUMENT
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"":0:PSA_ERROR_INVALID_ARGUMENT
 
 PSA encrypt: RSA OAEP-SHA-384, input too large
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":0:PSA_ERROR_INVALID_ARGUMENT
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"":0:PSA_ERROR_INVALID_ARGUMENT
 
 PSA encrypt: invalid algorithm
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_INVALID_ARGUMENT
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_SHA_256:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":0:PSA_ERROR_INVALID_ARGUMENT
 
 PSA encrypt: RSA PKCS#1 v1.5: invalid key type
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_INVALID_ARGUMENT
+asymmetric_encrypt:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":0:PSA_ERROR_INVALID_ARGUMENT
 
 PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #1
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
+asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":""
 
 PSA encrypt-decrypt: RSA PKCS#1 v1.5 vector #2
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff"
+asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff":""
 
 PSA encrypt-decrypt: RSA OAEP-SHA-256
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
+asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":""
 
 PSA encrypt-decrypt: RSA OAEP-SHA-384
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C
-asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e"
+asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":""
 
 PSA decrypt: RSA PKCS#1 v1.5: good #1
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad"
 
 PSA decrypt: RSA PKCS#1 v1.5: good #2
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff"
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":"99e8a6144bcb9a29660303bdc4305bb5eca8c64b96788cad062be9967bdab2f7ffff"
 
 PSA decrypt: RSA OAEP-SHA-256, 0 bytes
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3d3146b1c982004273a9ebb9b063e6ae53b1a85bfc802324bcdd04faa0f7211fb2bdeea40358095554df9c250866c7361e738f0d270eaa27738e87928c5e31815506346727900ff03cef0be6f9dd6bba63ce89074e8194fe68b5a5739422d4f138bbbb61f49b76cf1f18def2c993e3113b08c191ea1da0feb94f8fd9b30109a1":""
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3d3146b1c982004273a9ebb9b063e6ae53b1a85bfc802324bcdd04faa0f7211fb2bdeea40358095554df9c250866c7361e738f0d270eaa27738e87928c5e31815506346727900ff03cef0be6f9dd6bba63ce89074e8194fe68b5a5739422d4f138bbbb61f49b76cf1f18def2c993e3113b08c191ea1da0feb94f8fd9b30109a1":"":""
 
 PSA decrypt: RSA OAEP-SHA-256, 30 bytes
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"74686973206973206e6f2073717565616d697368206f7373696672616765"
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"":"74686973206973206e6f2073717565616d697368206f7373696672616765"
 
 PSA decrypt: RSA OAEP-SHA-384, 30 bytes
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C
-asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0df6750b8fed749359c016887d2cf097cc512c065526a91a7ee9b345a1bfff833737e7326e54d03f6bb65971962885a7661a16858d53ea55821052f4c7798d395b5c5495332fd4174451a1a437f36c27f446b96f309ff1cb6837274aa8ae2b51a8a479d736d25b8d2ca8ab96fe589553a3e52818b7df75544eb5469977b29aa4":"74686973206973206e6f2073717565616d697368206f7373696672616765"
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0df6750b8fed749359c016887d2cf097cc512c065526a91a7ee9b345a1bfff833737e7326e54d03f6bb65971962885a7661a16858d53ea55821052f4c7798d395b5c5495332fd4174451a1a437f36c27f446b96f309ff1cb6837274aa8ae2b51a8a479d736d25b8d2ca8ab96fe589553a3e52818b7df75544eb5469977b29aa4":"":"74686973206973206e6f2073717565616d697368206f7373696672616765"
 
 PSA decrypt: RSA PKCS#1 v1.5, invalid padding
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":PSA_ERROR_INVALID_PADDING
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":"":PSA_ERROR_INVALID_PADDING
 
 PSA decrypt: RSA OAEP-SHA-256, invalid padding
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75428":PSA_ERROR_INVALID_PADDING
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75428":"":PSA_ERROR_INVALID_PADDING
 
 PSA decrypt: invalid algorithm
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":PSA_ERROR_INVALID_ARGUMENT
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_SHA_256:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":PSA_ERROR_INVALID_ARGUMENT
 
 PSA decrypt: RSA PKCS#1 v1.5, invalid key type (RSA public key)
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":PSA_ERROR_INVALID_ARGUMENT
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":PSA_ERROR_INVALID_ARGUMENT
 
 PSA decrypt: RSA OAEP, invalid key type (RSA public key)
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":PSA_ERROR_INVALID_ARGUMENT
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"adeecba2db7f867a733853f0136c554e5e01c7a2015721a9bfe30c3ad163b93a9c7589170311209f91420ad8a1a8280c7e890a6d7bca3c500b4da4f53a17bd84a21d58f979a9b4b8f2246b482d930804f12b3aeb2ac8b5ac7938d452ca13be8eb8e973c4e2b19fd454058cbae037bcef7ef68a5fbabf050de5f283cf1998c695":"":PSA_ERROR_INVALID_ARGUMENT
 
 PSA decrypt: RSA PKCS#1 v1.5: invalid key type (AES)
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396e":PSA_ERROR_INVALID_ARGUMENT
+asymmetric_decrypt_fail:PSA_KEY_TYPE_AES:"3082025e02010002818100af057d396e":PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396e":"":PSA_ERROR_INVALID_ARGUMENT
 
 PSA decrypt: RSA PKCS#1 v1.5, input too small
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":PSA_ERROR_INVALID_ARGUMENT
 
 PSA decrypt: RSA PKCS#1 v1.5, input too large
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":PSA_ERROR_INVALID_ARGUMENT
 
 PSA decrypt: RSA OAEP-SHA-256, input too small
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":PSA_ERROR_INVALID_ARGUMENT
 
 PSA decrypt: RSA OAEP-SHA-256, input too large
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
-asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":PSA_ERROR_INVALID_ARGUMENT
 
 PSA generate random: 0 bytes
 generate_random:0
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index dbe306e04..9bb548c00 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -2237,6 +2237,7 @@ void asymmetric_encrypt( int key_type_arg,
                          data_t *key_data,
                          int alg_arg,
                          data_t *input_data,
+                         data_t *label,
                          int expected_output_length_arg,
                          int expected_status_arg )
 {
@@ -2273,12 +2274,27 @@ void asymmetric_encrypt( int key_type_arg,
     /* Encrypt the input */
     actual_status = psa_asymmetric_encrypt( slot, alg,
                                             input_data->x, input_data->len,
-                                            NULL, 0,
+                                            label->x, label->len,
                                             output, output_size,
                                             &output_length );
     TEST_ASSERT( actual_status == expected_status );
     TEST_ASSERT( output_length == expected_output_length );
 
+    /* If the label is empty, the test framework puts a non-null pointer
+     * in label->x. Test that a null pointer works as well. */
+    if( label->len == 0 )
+    {
+        output_length = ~0;
+        memset( output, 0, output_size );
+        actual_status = psa_asymmetric_encrypt( slot, alg,
+                                                input_data->x, input_data->len,
+                                                NULL, label->len,
+                                                output, output_size,
+                                                &output_length );
+        TEST_ASSERT( actual_status == expected_status );
+        TEST_ASSERT( output_length == expected_output_length );
+    }
+
 exit:
     psa_destroy_key( slot );
     mbedtls_free( output );
@@ -2287,8 +2303,11 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data,
-                                 int alg_arg, data_t *input_data )
+void asymmetric_encrypt_decrypt( int key_type_arg,
+                                 data_t *key_data,
+                                 int alg_arg,
+                                 data_t *input_data,
+                                 data_t *label )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -2330,13 +2349,13 @@ void asymmetric_encrypt_decrypt( int key_type_arg, data_t *key_data,
      * part of encryption process which prevents using fixed vectors. */
     TEST_ASSERT( psa_asymmetric_encrypt( slot, alg,
                                          input_data->x, input_data->len,
-                                         NULL, 0,
+                                         label->x, label->len,
                                          output, output_size,
                                          &output_length ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_asymmetric_decrypt( slot, alg,
                                          output, output_length,
-                                         NULL, 0,
+                                         label->x, label->len,
                                          output2, output2_size,
                                          &output2_length ) == PSA_SUCCESS );
     TEST_ASSERT( memcmp( input_data->x, output2,
@@ -2351,8 +2370,11 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void asymmetric_decrypt( int key_type_arg, data_t *key_data,
-                         int alg_arg, data_t *input_data,
+void asymmetric_decrypt( int key_type_arg,
+                         data_t *key_data,
+                         int alg_arg,
+                         data_t *input_data,
+                         data_t *label,
                          data_t *expected_data )
 {
     int slot = 1;
@@ -2386,13 +2408,29 @@ void asymmetric_decrypt( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_asymmetric_decrypt( slot, alg,
                                          input_data->x, input_data->len,
-                                         NULL, 0,
+                                         label->x, label->len,
                                          output,
                                          output_size,
                                          &output_length ) == PSA_SUCCESS );
     TEST_ASSERT( expected_data->len == output_length );
     TEST_ASSERT( memcmp( expected_data->x, output, output_length ) == 0 );
 
+    /* If the label is empty, the test framework puts a non-null pointer
+     * in label->x. Test that a null pointer works as well. */
+    if( label->len == 0 )
+    {
+        output_length = ~0;
+        memset( output, 0, output_size );
+        TEST_ASSERT( psa_asymmetric_decrypt( slot, alg,
+                                             input_data->x, input_data->len,
+                                             NULL, label->len,
+                                             output,
+                                             output_size,
+                                             &output_length ) == PSA_SUCCESS );
+        TEST_ASSERT( expected_data->len == output_length );
+        TEST_ASSERT( memcmp( expected_data->x, output, output_length ) == 0 );
+    }
+
 exit:
     psa_destroy_key( slot );
     mbedtls_free( output );
@@ -2401,8 +2439,11 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data,
-                              int alg_arg, data_t *input_data,
+void asymmetric_decrypt_fail( int key_type_arg,
+                              data_t *key_data,
+                              int alg_arg,
+                              data_t *input_data,
+                              data_t *label,
                               int expected_status_arg  )
 {
     int slot = 1;
@@ -2436,11 +2477,25 @@ void asymmetric_decrypt_fail( int key_type_arg, data_t *key_data,
 
     actual_status = psa_asymmetric_decrypt( slot, alg,
                                             input_data->x, input_data->len,
-                                            NULL, 0,
+                                            label->x, label->len,
                                             output, output_size,
                                             &output_length );
     TEST_ASSERT( actual_status == expected_status );
 
+    /* If the label is empty, the test framework puts a non-null pointer
+     * in label->x. Test that a null pointer works as well. */
+    if( label->len == 0 )
+    {
+        output_length = ~0;
+        memset( output, 0, output_size );
+        actual_status = psa_asymmetric_decrypt( slot, alg,
+                                                input_data->x, input_data->len,
+                                                NULL, label->len,
+                                                output, output_size,
+                                                &output_length );
+        TEST_ASSERT( actual_status == expected_status );
+    }
+
 exit:
     psa_destroy_key( slot );
     mbedtls_free( output );

From b8be288374a462738613861d776362ee11f9b854 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 17 Jul 2018 16:24:34 +0200
Subject: [PATCH 402/889] psa_hmac_setup_internal: add some missing cleanup on
 failure

Clean ipad if hashing the key failed.
---
 library/psa_crypto.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index a0f278086..f157f4506 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1429,11 +1429,11 @@ static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac,
     {
         status = psa_hash_update( &hmac->hash_ctx, key, key_length );
         if( status != PSA_SUCCESS )
-            return( status );
+            goto cleanup;
         status = psa_hash_finish( &hmac->hash_ctx,
                                   ipad, sizeof( ipad ), &key_length );
         if( status != PSA_SUCCESS )
-            return( status );
+            goto cleanup;
     }
     /* A 0-length key is not commonly used in HMAC when used as a MAC,
      * but it is permitted. It is common when HMAC is used in HKDF, for

From 55c94dd500b88f429bdc5af6092448fc8932166e Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 30 Jun 2018 18:54:48 +0200
Subject: [PATCH 403/889] Asymmetric encrypt/decrypt tests: check output length

In asymmetric_encrypt_decrypt, use the buffer size advertized by the
library for the ciphertext, and the length of the plaintext for the
re-decrypted output.

Test the output length if known. Require it to be 0 on error for
encrypt/decrypt functions. If the output length is unknown, test at
least that it's within the buffer limits.
---
 tests/suites/test_suite_psa_crypto.function | 38 ++++++++++++++-------
 1 file changed, 25 insertions(+), 13 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 9bb548c00..4ff25fe6b 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -2312,12 +2312,13 @@ void asymmetric_encrypt_decrypt( int key_type_arg,
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
+    size_t key_bits;
     unsigned char *output = NULL;
-    size_t output_size = 0;
-    size_t output_length = 0;
+    size_t output_size;
+    size_t output_length = ~0;
     unsigned char *output2 = NULL;
-    size_t output2_size = 0;
-    size_t output2_length = 0;
+    size_t output2_size;
+    size_t output2_length = ~0;
     psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
@@ -2325,13 +2326,6 @@ void asymmetric_encrypt_decrypt( int key_type_arg,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
 
-    output_size = key_data->len;
-    output2_size = output_size;
-    output = mbedtls_calloc( 1, output_size );
-    TEST_ASSERT( output != NULL );
-    output2 = mbedtls_calloc( 1, output2_size );
-    TEST_ASSERT( output2 != NULL );
-
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
@@ -2344,6 +2338,18 @@ void asymmetric_encrypt_decrypt( int key_type_arg,
                                  key_data->x,
                                  key_data->len ) == PSA_SUCCESS );
 
+
+    /* Determine the maximum ciphertext length */
+    TEST_ASSERT( psa_get_key_information( slot,
+                                          NULL,
+                                          &key_bits ) == PSA_SUCCESS );
+    output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
+    output = mbedtls_calloc( 1, output_size );
+    TEST_ASSERT( output != NULL );
+    output2_size = input_data->len;
+    output2 = mbedtls_calloc( 1, output2_size );
+    TEST_ASSERT( output2 != NULL );
+
     /* We test encryption by checking that encrypt-then-decrypt gives back
      * the original plaintext because of the non-optional random
      * part of encryption process which prevents using fixed vectors. */
@@ -2352,12 +2358,16 @@ void asymmetric_encrypt_decrypt( int key_type_arg,
                                          label->x, label->len,
                                          output, output_size,
                                          &output_length ) == PSA_SUCCESS );
+    /* We don't know what ciphertext length to expect, but check that
+     * it looks sensible. */
+    TEST_ASSERT( output_length <= output_size );
 
     TEST_ASSERT( psa_asymmetric_decrypt( slot, alg,
                                          output, output_length,
                                          label->x, label->len,
                                          output2, output2_size,
                                          &output2_length ) == PSA_SUCCESS );
+    TEST_ASSERT( output2_length == input_data->len );
     TEST_ASSERT( memcmp( input_data->x, output2,
                          input_data->len ) == 0 );
 
@@ -2382,7 +2392,7 @@ void asymmetric_decrypt( int key_type_arg,
     psa_algorithm_t alg = alg_arg;
     unsigned char *output = NULL;
     size_t output_size = 0;
-    size_t output_length = 0;
+    size_t output_length = ~0;
     psa_key_policy_t policy;
 
     TEST_ASSERT( key_data != NULL );
@@ -2451,7 +2461,7 @@ void asymmetric_decrypt_fail( int key_type_arg,
     psa_algorithm_t alg = alg_arg;
     unsigned char *output = NULL;
     size_t output_size = 0;
-    size_t output_length = 0;
+    size_t output_length = ~0;
     psa_status_t actual_status;
     psa_status_t expected_status = expected_status_arg;
     psa_key_policy_t policy;
@@ -2481,6 +2491,7 @@ void asymmetric_decrypt_fail( int key_type_arg,
                                             output, output_size,
                                             &output_length );
     TEST_ASSERT( actual_status == expected_status );
+    TEST_ASSERT( output_length <= output_size );
 
     /* If the label is empty, the test framework puts a non-null pointer
      * in label->x. Test that a null pointer works as well. */
@@ -2494,6 +2505,7 @@ void asymmetric_decrypt_fail( int key_type_arg,
                                                 output, output_size,
                                                 &output_length );
         TEST_ASSERT( actual_status == expected_status );
+        TEST_ASSERT( output_length <= output_size );
     }
 
 exit:

From ff94abdf3a95d08921c31281f82d8f7bfda9db15 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 17:07:52 +0200
Subject: [PATCH 404/889] Make psa_hmac_setup_internal more standalone

Call psa_hash_setup in psa_hmac_setup_internal rather than
psa_mac_init. This makes it easier to use psa_hmac_setup_internal on
its own (for the sake of using HMAC internally inside the library).
---
 library/psa_crypto.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index f157f4506..b1555631e 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1317,8 +1317,9 @@ static psa_status_t psa_mac_init( psa_mac_operation_t *operation,
 #if defined(MBEDTLS_MD_C)
     if( PSA_ALG_IS_HMAC( operation->alg ) )
     {
-        status = psa_hash_setup( &operation->ctx.hmac.hash_ctx,
-                                 PSA_ALG_HMAC_HASH( alg ) );
+        /* We'll set up the hash operation later in psa_hmac_setup_internal. */
+        operation->ctx.hmac.hash_ctx.alg = 0;
+        status = PSA_SUCCESS;
     }
     else
 #endif /* MBEDTLS_MD_C */
@@ -1423,8 +1424,10 @@ static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac,
     if( block_size == 0 )
         return( PSA_ERROR_NOT_SUPPORTED );
 
+    status = psa_hash_setup( &hmac->hash_ctx, hash_alg );
+    if( status != PSA_SUCCESS )
+        return( status );
 
-    /* The hash was started earlier in psa_mac_init. */
     if( key_length > block_size )
     {
         status = psa_hash_update( &hmac->hash_ctx, key, key_length );

From 3bd1a42203bd3b7a3999c363aab9864cc7a41b1d Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 19 Jul 2018 11:55:51 +0200
Subject: [PATCH 405/889] Remove duplicate definition of PSA_KEY_TYPE_IS_RSA

---
 include/psa/crypto.h | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 78836288c..cbc7f4d45 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -430,13 +430,10 @@ typedef uint32_t psa_key_type_t;
 /** The public key type corresponding to a key pair type. */
 #define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type)        \
     ((type) & ~PSA_KEY_TYPE_PAIR_FLAG)
-/** Whether a key type is an RSA key pair or public key. */
-#define PSA_KEY_TYPE_IS_RSA(type)                                       \
-    (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
 /** Whether a key type is an RSA key (pair or public-only). */
 #define PSA_KEY_TYPE_IS_RSA(type)                                       \
-    (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) ==                        \
-     PSA_KEY_TYPE_RSA_PUBLIC_KEY)
+    (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
+
 /** Whether a key type is an elliptic curve key (pair or public-only). */
 #define PSA_KEY_TYPE_IS_ECC(type)                                       \
     ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) &                        \

From b3fc05d77693fcc81d1dfee069e870cacff9364b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 30 Jun 2018 19:04:35 +0200
Subject: [PATCH 406/889] psa_asymmetric_{encrypt,decrypt}: reject salt when
 not allowed

In psa_asymmetric_encrypt and psa_asymmetric_decrypt, if the algorithm
does not use a salt, require the salt to be empty.
---
 library/psa_crypto.c                    | 16 ++++++----------
 tests/suites/test_suite_psa_crypto.data |  8 ++++++++
 2 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c1cf490da..02807a22c 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2125,13 +2125,11 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
     key_slot_t *slot;
     psa_status_t status;
 
-    /* Only used by some algorithms which may or may not be included in the
-     * build-time configuration use the salt. */
-    (void) salt;
-    (void) salt_length;
-
     *output_length = 0;
 
+    if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
     status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg );
     if( status != PSA_SUCCESS )
         return( status );
@@ -2201,13 +2199,11 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
     key_slot_t *slot;
     psa_status_t status;
 
-    /* Only used by some algorithms which may or may not be included in the
-     * build-time configuration use the salt. */
-    (void) salt;
-    (void) salt_length;
-
     *output_length = 0;
 
+    if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
     status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DECRYPT, alg );
     if( status != PSA_SUCCESS )
         return( status );
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 1660f0674..b232f2ce4 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -801,6 +801,10 @@ PSA encrypt: RSA PKCS#1 v1.5, input too large
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":"":0:PSA_ERROR_INVALID_ARGUMENT
 
+PSA encrypt: RSA PKCS#1 v1.5: salt not allowed
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":0:PSA_ERROR_INVALID_ARGUMENT
+
 PSA encrypt: RSA OAEP-SHA-384, input too large
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C
 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"":0:PSA_ERROR_INVALID_ARGUMENT
@@ -853,6 +857,10 @@ PSA decrypt: RSA PKCS#1 v1.5, invalid padding
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":"":PSA_ERROR_INVALID_PADDING
 
+PSA decrypt: RSA PKCS#1 v1.5: salt not allowed
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":PSA_ERROR_INVALID_ARGUMENT
+
 PSA decrypt: RSA OAEP-SHA-256, invalid padding
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75428":"":PSA_ERROR_INVALID_PADDING

From 1e6bfdff5eb0e3d0b50acd3416ce4545aa5c3d46 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 17 Jul 2018 16:22:47 +0200
Subject: [PATCH 407/889] psa_hmac_setup_internal: fix double call of
 psa_hash_setup

In the common case (key no longer than the block size), psa_hash_setup
was being called twice in succession. With current implementations
this is just a small performance loss, but potentially with
alternative implementations this could have lead to a memory leak.
---
 library/psa_crypto.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index b1555631e..7ea614f45 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1424,12 +1424,11 @@ static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac,
     if( block_size == 0 )
         return( PSA_ERROR_NOT_SUPPORTED );
 
-    status = psa_hash_setup( &hmac->hash_ctx, hash_alg );
-    if( status != PSA_SUCCESS )
-        return( status );
-
     if( key_length > block_size )
     {
+        status = psa_hash_setup( &hmac->hash_ctx, hash_alg );
+        if( status != PSA_SUCCESS )
+            goto cleanup;
         status = psa_hash_update( &hmac->hash_ctx, key, key_length );
         if( status != PSA_SUCCESS )
             goto cleanup;

From 55728b0e704dc1b6128e57da2ddb8b811d7da176 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 16 Jul 2018 23:08:16 +0200
Subject: [PATCH 408/889] Add a few key type and algorithm test macros

These new PSA_xxx_IS_yyy macros fill a few missing gaps.
---
 include/psa/crypto.h | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index cbc7f4d45..5135e122d 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -438,6 +438,12 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_IS_ECC(type)                                       \
     ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) &                        \
       ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
+#define PSA_KEY_TYPE_IS_ECC_KEYPAIR(type)                               \
+    (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) ==                         \
+     PSA_KEY_TYPE_ECC_KEYPAIR_BASE)
+#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type)                            \
+    (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) ==                         \
+     PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
 
 /** The type of PSA elliptic curve identifiers. */
 typedef uint16_t psa_ecc_curve_t;
@@ -845,6 +851,10 @@ typedef uint32_t psa_algorithm_t;
      PSA_ALG_DSA_BASE)
 #define PSA_ALG_DSA_IS_DETERMINISTIC(alg)               \
     (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
+#define PSA_ALG_IS_DETERMINISTIC_DSA(alg)                       \
+    (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg))
+#define PSA_ALG_IS_RANDOMIZED_DSA(alg)                          \
+    (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg))
 
 #define PSA_ALG_ECDSA_BASE                      ((psa_algorithm_t)0x10060000)
 /** ECDSA signature with hashing.
@@ -905,6 +915,10 @@ typedef uint32_t psa_algorithm_t;
      PSA_ALG_ECDSA_BASE)
 #define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)             \
     (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
+#define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg)                             \
+    (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
+#define PSA_ALG_IS_RANDOMIZED_ECDSA(alg)                                \
+    (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
 
 /** Get the hash used by a hash-and-sign signature algorithm.
  *

From 731606c580f53dff26a11a4ac9275b56a76bae5b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 30 Jun 2018 19:21:59 +0200
Subject: [PATCH 409/889] Add OAEP tests with non-empty labels

---
 tests/suites/test_suite_psa_crypto.data | 32 +++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index b232f2ce4..4ae8db886 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -785,6 +785,14 @@ PSA encrypt: RSA OAEP-SHA-256, good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS
 
+PSA encrypt: RSA OAEP-SHA-256, good, with label
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00":128:PSA_SUCCESS
+
+PSA encrypt: RSA OAEP-SHA-384, good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C
+asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS
+
 PSA encrypt: RSA OAEP-SHA-384, good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C
 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS
@@ -829,6 +837,10 @@ PSA encrypt-decrypt: RSA OAEP-SHA-256
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
 asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":""
 
+PSA encrypt-decrypt: RSA OAEP-SHA-256, with label
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00"
+
 PSA encrypt-decrypt: RSA OAEP-SHA-384
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C
 asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":""
@@ -845,14 +857,34 @@ PSA decrypt: RSA OAEP-SHA-256, 0 bytes
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3d3146b1c982004273a9ebb9b063e6ae53b1a85bfc802324bcdd04faa0f7211fb2bdeea40358095554df9c250866c7361e738f0d270eaa27738e87928c5e31815506346727900ff03cef0be6f9dd6bba63ce89074e8194fe68b5a5739422d4f138bbbb61f49b76cf1f18def2c993e3113b08c191ea1da0feb94f8fd9b30109a1":"":""
 
+PSA decrypt: RSA OAEP-SHA-256, 0 bytes, with label
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"14e57648fbbd3c2c195d71fcb9b6c332e2ad9e3402aa701e7270b05775e9ddd025e2330d7b84e67866524c67f9c38b11e4679e28a38574b47f8d218a1a04a7466754d6ea7f959ab1f5b85d066d3f90076e8219f66653f7b78a9789d76213505b4e75ec28081608ed2f1ea1238e3eeab011ce4ec147327cd0ca029c2818133cb6":"746869730069730061006c6162656c00":""
+
 PSA decrypt: RSA OAEP-SHA-256, 30 bytes
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"":"74686973206973206e6f2073717565616d697368206f7373696672616765"
 
+PSA decrypt: RSA OAEP-SHA-256, 30 bytes, with label
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c00":"74686973206973206e6f2073717565616d697368206f7373696672616765"
+
 PSA decrypt: RSA OAEP-SHA-384, 30 bytes
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA512_C
 asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0df6750b8fed749359c016887d2cf097cc512c065526a91a7ee9b345a1bfff833737e7326e54d03f6bb65971962885a7661a16858d53ea55821052f4c7798d395b5c5495332fd4174451a1a437f36c27f446b96f309ff1cb6837274aa8ae2b51a8a479d736d25b8d2ca8ab96fe589553a3e52818b7df75544eb5469977b29aa4":"":"74686973206973206e6f2073717565616d697368206f7373696672616765"
 
+PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (should be empty)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3fd3c81e3919a19014400d91098090f273312e0150e09eff7f66fb9624d2ec9764fc80befcb592e9d102493c882b8bc0334a257e73aba23a0ee13f826cbc64f8200b9150784d004ccb2955c877c95ab888e3917f423dd52f3c8a49cb61c1966ec04f336068729ae0bce7d7fb3e680f9d15d658db9b906efcbf2c2fae45e75429":"00":PSA_ERROR_INVALID_PADDING
+
+PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (empty)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"":PSA_ERROR_INVALID_PADDING
+
+PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (same length)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
+asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c01":PSA_ERROR_INVALID_PADDING
+
 PSA decrypt: RSA PKCS#1 v1.5, invalid padding
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"99ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46873":"":PSA_ERROR_INVALID_PADDING

From 9aa369eafb2a19b84d0f46e837d8ec1e73f0dd9a Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 16 Jul 2018 00:36:29 +0200
Subject: [PATCH 410/889] HMAC: improve robustness checks on hash/block size

In psa_mac_setup and psa_hmac_setup_internal, perform a sanity check
on the hash size and the hash block size respectively. These sanity
checks should only trigger on an incompletely or incorrectly
implemented hash function.

Remove the check on the block size in psa_hmac_finish_internal
because at this point it has already been checked and used.
---
 library/psa_crypto.c | 28 +++++++++++++++++++++++-----
 1 file changed, 23 insertions(+), 5 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 7ea614f45..67536f2ac 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1418,10 +1418,21 @@ static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac,
 {
     unsigned char ipad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
     size_t i;
+    size_t hash_size = PSA_HASH_SIZE( hash_alg );
     size_t block_size = psa_get_hash_block_size( hash_alg );
     psa_status_t status;
 
-    if( block_size == 0 )
+    /* Sanity checks on block_size, to guarantee that there won't be a buffer
+     * overflow below. This should never trigger if the hash algorithm
+     * is implemented correctly. */
+    /* The size checks against the ipad and opad buffers cannot be written
+     * `block_size > sizeof( ipad ) || block_size > sizeof( hmac->opad )`
+     * because that triggers -Wlogical-op on GCC 7.3. */
+    if( block_size > sizeof( ipad ) )
+        return( PSA_ERROR_NOT_SUPPORTED );
+    if( block_size > sizeof( hmac->opad ) )
+        return( PSA_ERROR_NOT_SUPPORTED );
+    if( block_size < hash_size )
         return( PSA_ERROR_NOT_SUPPORTED );
 
     if( key_length > block_size )
@@ -1517,16 +1528,26 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
             status = PSA_ERROR_NOT_SUPPORTED;
             goto exit;
         }
+
+        operation->mac_size = PSA_HASH_SIZE( hash_alg );
+        /* Sanity check. This shouldn't fail on a valid configuration. */
+        if( operation->mac_size == 0 ||
+            operation->mac_size > sizeof( operation->ctx.hmac.opad ) )
+        {
+            status = PSA_ERROR_NOT_SUPPORTED;
+            goto exit;
+        }
+
         if( slot->type != PSA_KEY_TYPE_HMAC )
         {
             status = PSA_ERROR_INVALID_ARGUMENT;
             goto exit;
         }
+
         status = psa_hmac_setup_internal( &operation->ctx.hmac,
                                           slot->data.raw.data,
                                           slot->data.raw.bytes,
                                           hash_alg );
-        operation->mac_size = PSA_HASH_SIZE( hash_alg );
     }
     else
 #endif /* MBEDTLS_MD_C */
@@ -1611,9 +1632,6 @@ static psa_status_t psa_hmac_finish_internal( psa_hmac_internal_data *hmac,
     size_t block_size = psa_get_hash_block_size( hash_alg );
     psa_status_t status;
 
-    if( block_size == 0 )
-        return( PSA_ERROR_NOT_SUPPORTED );
-
     status = psa_hash_finish( &hmac->hash_ctx, tmp, sizeof( tmp ), &hash_size );
     if( status != PSA_SUCCESS )
         return( status );

From cb088e7059e1f12fde99c022c6c7c4a4a68043e0 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Tue, 17 Jul 2018 17:36:59 +0300
Subject: [PATCH 411/889] Replace ssize_t by ptrdiff_t

ssize_t is a POSIX thing, not standard C
---
 tests/suites/test_suite_psa_crypto.function | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index e9efb3a0a..c94e4b086 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -55,7 +55,7 @@ static int asn1_write_10x( unsigned char **p,
         return( MBEDTLS_ERR_ASN1_INVALID_DATA );
     if( bits <= 8 && x >= 1 << ( bits - 1 ) )
         return( MBEDTLS_ERR_ASN1_INVALID_DATA );
-    if( *p < start || *p - start < (ssize_t) len )
+    if( *p < start || *p - start < (ptrdiff_t) len )
         return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
     *p -= len;
     ( *p )[len-1] = x;
@@ -492,7 +492,7 @@ void import_export( data_t *data,
 
     TEST_ASSERT( data != NULL );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
-    export_size = (ssize_t) data->len + export_size_delta;
+    export_size = (ptrdiff_t) data->len + export_size_delta;
     exported = mbedtls_calloc( 1, export_size );
     TEST_ASSERT( exported != NULL );
     if( ! canonical_input )
@@ -593,7 +593,7 @@ void import_export_public_key( data_t *data,
 
     TEST_ASSERT( data != NULL );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
-    export_size = (ssize_t) data->len;
+    export_size = (ptrdiff_t) data->len;
     exported = mbedtls_calloc( 1, export_size );
     TEST_ASSERT( exported != NULL );
 

From 029b5d648d4fb9bba51d5f8daebdaffa66354f75 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 16 Jul 2018 23:13:37 +0200
Subject: [PATCH 412/889] New utility program psa/psa_constant_names

Print the symbolic name corresponding to a numerical value.

Supported types: status values, algorithms, elliptic curves,
key types, key usage masks.

The program is partly generated from parsing psa/crypto.h with a few
hard-coded assumptions. This isn't ideal but it works and requires
little machinery.
---
 programs/.gitignore               |   2 +
 programs/Makefile                 |  16 +-
 programs/psa/psa_constant_names.c | 157 ++++++++++++++++
 scripts/generate_psa_constants.py | 301 ++++++++++++++++++++++++++++++
 4 files changed, 474 insertions(+), 2 deletions(-)
 create mode 100644 programs/psa/psa_constant_names.c
 create mode 100755 scripts/generate_psa_constants.py

diff --git a/programs/.gitignore b/programs/.gitignore
index 02418966f..327dbdc17 100644
--- a/programs/.gitignore
+++ b/programs/.gitignore
@@ -29,6 +29,8 @@ pkey/rsa_sign
 pkey/rsa_sign_pss
 pkey/rsa_verify
 pkey/rsa_verify_pss
+psa/psa_constant_names
+psa/psa_constant_names_generated.c
 random/gen_entropy
 random/gen_random_ctr_drbg
 random/gen_random_havege
diff --git a/programs/Makefile b/programs/Makefile
index b6d1fa25b..c65a10c43 100644
--- a/programs/Makefile
+++ b/programs/Makefile
@@ -60,6 +60,7 @@ APPS =	aes/aescrypt2$(EXEXT)		aes/crypt_and_hash$(EXEXT)	\
 	pkey/rsa_decrypt$(EXEXT)	pkey/rsa_encrypt$(EXEXT)	\
 	pkey/rsa_sign$(EXEXT)		pkey/rsa_verify$(EXEXT)		\
 	pkey/rsa_sign_pss$(EXEXT)	pkey/rsa_verify_pss$(EXEXT)	\
+	psa/psa_constant_names$(EXEXT)	\
 	ssl/dtls_client$(EXEXT)		ssl/dtls_server$(EXEXT)		\
 	ssl/ssl_client1$(EXEXT)		ssl/ssl_client2$(EXEXT)		\
 	ssl/ssl_server$(EXEXT)		ssl/ssl_server2$(EXEXT)		\
@@ -83,6 +84,8 @@ ifdef TEST_CPP
 APPS += test/cpp_dummy_build$(EXEXT)
 endif
 
+EXTRA_GENERATED =
+
 .SILENT:
 
 .PHONY: all clean list
@@ -92,6 +95,11 @@ all: $(APPS)
 $(DEP):
 	$(MAKE) -C ../library
 
+EXTRA_GENERATED += psa/psa_constant_names_generated.c
+psa/psa_constant_names$(EXEXT): psa/psa_constant_names_generated.c
+psa/psa_constant_names_generated.c: ../scripts/generate_psa_constants.py ../include/psa/crypto.h
+	../scripts/generate_psa_constants.py
+
 aes/aescrypt2$(EXEXT): aes/aescrypt2.c $(DEP)
 	echo "  CC    aes/aescrypt2.c"
 	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) aes/aescrypt2.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
@@ -188,6 +196,10 @@ pkey/rsa_encrypt$(EXEXT): pkey/rsa_encrypt.c $(DEP)
 	echo "  CC    pkey/rsa_encrypt.c"
 	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_encrypt.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
 
+psa/psa_constant_names$(EXEXT): psa/psa_constant_names.c $(DEP)
+	echo "  CC    psa/psa_constant_names.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/psa_constant_names.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
 random/gen_entropy$(EXEXT): random/gen_entropy.c $(DEP)
 	echo "  CC    random/gen_entropy.c"
 	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) random/gen_entropy.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
@@ -294,9 +306,9 @@ x509/req_app$(EXEXT): x509/req_app.c $(DEP)
 
 clean:
 ifndef WINDOWS
-	rm -f $(APPS)
+	rm -f $(APPS) $(EXTRA_GENERATED)
 else
-	del /S /Q /F *.o *.exe
+	del /S /Q /F *.o *.exe $(EXTRA_GENERATED)
 endif
 
 list:
diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c
new file mode 100644
index 000000000..d422e14f6
--- /dev/null
+++ b/programs/psa/psa_constant_names.c
@@ -0,0 +1,157 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "psa/crypto.h"
+
+/* There are different GET_HASH macros for different kinds of algorithms
+ * built from hashes, but the values are all constructed on the
+ * same model. */
+#define PSA_ALG_GET_HASH(alg)                                   \
+    (((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH)
+
+static void append(char **buffer, size_t buffer_size,
+                   size_t *required_size,
+                   const char *string, size_t length)
+{
+    *required_size += length;
+    if (*required_size < buffer_size) {
+        memcpy(*buffer, string, length);
+        *buffer += length;
+    }
+}
+
+/* The code of these function is automatically generated and included below. */
+static const char *psa_ecc_curve_name(psa_ecc_curve_t curve);
+static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg);
+
+static void append_with_curve(char **buffer, size_t buffer_size,
+                              size_t *required_size,
+                              const char *string, size_t length,
+                              psa_ecc_curve_t curve)
+{
+    const char *curve_name = psa_ecc_curve_name(curve);
+    append(buffer, buffer_size, required_size, string, length);
+    append(buffer, buffer_size, required_size, "(", 1);
+    if (curve_name != NULL) {
+        append(buffer, buffer_size, required_size,
+               curve_name, strlen(curve_name));
+    } else {
+        size_t n = snprintf(*buffer, buffer_size - *required_size,
+                            "0x%04x", (unsigned) curve);
+        if (n < buffer_size - *required_size) *buffer += n;
+        *required_size += n;
+    }
+    append(buffer, buffer_size, required_size, ")", 1);
+}
+
+static void append_with_hash(char **buffer, size_t buffer_size,
+                             size_t *required_size,
+                             const char *string, size_t length,
+                             psa_algorithm_t hash_alg)
+{
+    const char *hash_name = psa_hash_algorithm_name(hash_alg);
+    append(buffer, buffer_size, required_size, string, length);
+    append(buffer, buffer_size, required_size, "(", 1);
+    if (hash_name != NULL) {
+        append(buffer, buffer_size, required_size,
+               hash_name, strlen(hash_name));
+    } else {
+        size_t n = snprintf(*buffer, buffer_size - *required_size,
+                            "0x%08lx", (unsigned long) hash_alg);
+        if (n < buffer_size - *required_size) *buffer += n;
+        *required_size += n;
+    }
+    append(buffer, buffer_size, required_size, ")", 1);
+}
+
+#include "psa_constant_names_generated.c"
+
+static int psa_snprint_status(char *buffer, size_t buffer_size,
+                              psa_status_t status)
+{
+    const char *name = psa_strerror(status);
+    if (name == NULL) {
+        return snprintf(buffer, buffer_size, "%ld", (long) status);
+    } else {
+        size_t length = strlen(name);
+        if (length < buffer_size) {
+            memcpy(buffer, name, length + 1);
+            return length;
+        } else {
+            return buffer_size;
+        }
+    }
+}
+
+static int psa_snprint_ecc_curve(char *buffer, size_t buffer_size,
+                                 psa_ecc_curve_t curve)
+{
+    const char *name = psa_ecc_curve_name(curve);
+    if (name == NULL) {
+        return snprintf(buffer, buffer_size, "0x%04x", (unsigned) curve);
+    } else {
+        size_t length = strlen(name);
+        if (length < buffer_size) {
+            memcpy(buffer, name, length + 1);
+            return length;
+        } else {
+            return buffer_size;
+        }
+    }
+}
+
+static void usage(const char *program_name)
+{
+    printf("Usage: %s TYPE VALUE\n",
+           program_name == NULL ? "psa_constant_names" : program_name);
+    printf("Print the symbolic name whose numerical value is VALUE in TYPE.\n");
+    printf("Supported types (with = between aliases):\n");
+    printf("  alg=algorithm         Status code (psa_algorithm_t)\n");
+    printf("  curve=ecc_curve       Elliptic curve identifier (psa_ecc_curve_t)\n");
+    printf("  type=key_type         Status code (psa_key_type_t)\n");
+    printf("  usage=key_usage       Key usage (psa_key_usage_t)\n");
+    printf("  error=status          Status code (psa_status_t)\n");
+}
+
+int main(int argc, char *argv[])
+{
+    char buffer[200];
+    unsigned long value;
+    char *end;
+
+    if (argc <= 1 ||
+        !strcmp(argv[1], "help") ||
+        !strcmp(argv[1], "--help"))
+    {
+        usage(argv[0]);
+        return EXIT_FAILURE;
+    }
+    if (argc != 3) {
+        usage(argv[0]);
+        return EXIT_FAILURE;
+    }
+    value = strtoul(argv[2], &end, 0);
+    if (*end) {
+        printf("Non-numeric value: %s\n", argv[2]);
+        return EXIT_FAILURE;
+    }
+
+    if (!strcmp(argv[1], "error") || !strcmp(argv[1], "status"))
+        psa_snprint_status(buffer, sizeof(buffer), value);
+    else if (!strcmp(argv[1], "alg") || !strcmp(argv[1], "algorithm"))
+        psa_snprint_algorithm(buffer, sizeof(buffer), value);
+    else if (!strcmp(argv[1], "curve") || !strcmp(argv[1], "ecc_curve"))
+        psa_snprint_ecc_curve(buffer, sizeof(buffer), value);
+    else if (!strcmp(argv[1], "type") || !strcmp(argv[1], "key_type"))
+        psa_snprint_key_type(buffer, sizeof(buffer), value);
+    else if (!strcmp(argv[1], "usage") || !strcmp(argv[1], "key_usage"))
+        psa_snprint_key_usage(buffer, sizeof(buffer), value);
+    else {
+        printf("Unknown type: %s\n", argv[1]);
+        return EXIT_FAILURE;
+    }
+
+    puts(buffer);
+    return EXIT_SUCCESS;
+}
diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py
new file mode 100755
index 000000000..e4cb45b4a
--- /dev/null
+++ b/scripts/generate_psa_constants.py
@@ -0,0 +1,301 @@
+#!/usr/bin/env python
+import os
+import re
+import sys
+
+output_template = '''\
+/* Automatically generated by generate_psa_constant.py. DO NOT EDIT. */
+
+static const char *psa_strerror(psa_status_t status)
+{
+    switch (status) {
+    %(status_cases)s
+    default: return NULL;
+    }
+}
+
+static const char *psa_ecc_curve_name(psa_ecc_curve_t curve)
+{
+    switch (curve) {
+    %(ecc_curve_cases)s
+    default: return NULL;
+    }
+}
+
+static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg)
+{
+    switch (hash_alg) {
+    %(hash_algorithm_cases)s
+    default: return NULL;
+    }
+}
+
+static int psa_snprint_key_type(char *buffer, size_t buffer_size,
+                                psa_key_type_t type)
+{
+    size_t required_size = 0;
+    switch (type) {
+    %(key_type_cases)s
+    default:
+        %(key_type_code)s{
+            return snprintf(buffer, buffer_size,
+                            "0x%%08lx", (unsigned long) type);
+        }
+        break;
+    }
+    buffer[0] = 0;
+    return required_size;
+}
+
+static void append_padding_mode(char **buffer, size_t buffer_size,
+                                size_t *required_size,
+                                psa_algorithm_t padding_mode)
+{
+    size_t n;
+    append(buffer, buffer_size, required_size, " | ", 3);
+    switch (padding_mode) {
+    %(padding_mode_cases)s
+    default:
+        n = snprintf(*buffer, buffer_size - *required_size,
+                     "0x%%08lx", (unsigned long) padding_mode);
+        if (n < buffer_size - *required_size) *buffer += n;
+        *required_size += n;
+        break;
+    }
+}
+
+static int psa_snprint_algorithm(char *buffer, size_t buffer_size,
+                                 psa_algorithm_t alg)
+{
+    size_t required_size = 0;
+    psa_algorithm_t padding_mode = -1;
+    psa_algorithm_t alg_without_padding = alg;
+    if (PSA_ALG_IS_CIPHER(alg) && PSA_ALG_IS_BLOCK_CIPHER(alg)) {
+            padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
+            alg_without_padding = alg & ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
+    }
+    switch (alg_without_padding) {
+    %(algorithm_cases)s
+    default:
+        %(algorithm_code)s{
+            return snprintf(buffer, buffer_size,
+                            "0x%%08lx", (unsigned long) alg);
+        }
+        break;
+    }
+    if (padding_mode != (psa_algorithm_t) -1) {
+        append_padding_mode(&buffer, buffer_size, &required_size, padding_mode);
+    }
+    buffer[0] = 0;
+    return required_size;
+}
+
+static int psa_snprint_key_usage(char *buffer, size_t buffer_size,
+                                 psa_key_usage_t usage)
+{
+    size_t required_size = 0;
+    if (usage == 0) {
+        if (buffer_size > 1) {
+            buffer[0] = '0';
+            buffer[1] = 0;
+        } else if (buffer_size == 1) {
+            buffer[0] = 0;
+        }
+        return 1;
+    }
+%(key_usage_code)s
+    if (usage != 0) {
+        if (required_size != 0) {
+            append(&buffer, buffer_size, &required_size, " | ", 3);
+        }
+        required_size += snprintf(buffer, buffer_size - required_size,
+                                  "0x%%08x", usage);
+    } else {
+        buffer[0] = 0;
+    }
+    return required_size;
+}
+
+/* End of automatically generated file. */
+'''
+
+key_type_from_curve_template = '''if (%(tester)s(type)) {
+        append_with_curve(&buffer, buffer_size, &required_size,
+                          "%(builder)s", %(builder_length)s,
+                          PSA_KEY_TYPE_GET_CURVE(type));
+    } else '''
+
+algorithm_from_hash_template = '''if (%(tester)s(alg_without_padding)) {
+        append_with_hash(&buffer, buffer_size, &required_size,
+                         "%(builder)s", %(builder_length)s,
+                         PSA_ALG_GET_HASH(alg_without_padding));
+    } else '''
+
+bit_test_template = '''\
+    if (%(var)s & %(flag)s) {
+        if (required_size != 0) {
+            append(&buffer, buffer_size, &required_size, " | ", 3);
+        }
+        append(&buffer, buffer_size, &required_size, "%(flag)s", %(length)d);
+        %(var)s ^= %(flag)s;
+    }\
+'''
+
+class MacroCollector:
+    def __init__(self):
+        self.statuses = set()
+        self.key_types = set()
+        self.key_types_from_curve = {}
+        self.ecc_curves = set()
+        self.algorithms = set()
+        self.hash_algorithms = set()
+        self.block_cipher_padding_modes = set()
+        self.algorithms_from_hash = {}
+        self.key_usages = set()
+
+    # "#define" followed by a macro name with either no parameters
+    # or a single parameter. Grab the macro name in group 1, the
+    # parameter name if any in group 2 and the definition in group 3.
+    definition_re = re.compile(r'\s*#\s*define\s+(\w+)(?:\s+|\((\w+)\)\s*)(.+)(?:/[*/])?')
+
+    def read_line(self, line):
+        m = re.match(self.definition_re, line)
+        if not m:
+            return
+        name, parameter, definition = m.groups()
+        if name.endswith('_FLAG') or name.endswith('MASK'):
+            # Macro only to build actual values
+            return
+        elif (name.startswith('PSA_ERROR_') or name == 'PSA_SUCCESS') \
+           and not parameter:
+            self.statuses.add(name)
+        elif name.startswith('PSA_KEY_TYPE_') and not parameter:
+            self.key_types.add(name)
+        elif name.startswith('PSA_KEY_TYPE_') and parameter == 'curve':
+            self.key_types_from_curve[name] = name[:13] + 'IS_' + name[13:]
+        elif name.startswith('PSA_ECC_CURVE_') and not parameter:
+            self.ecc_curves.add(name)
+        elif name.startswith('PSA_ALG_BLOCK_CIPHER_PAD_') and not parameter:
+            self.block_cipher_padding_modes.add(name)
+        elif name.startswith('PSA_ALG_') and not parameter:
+            if name in ['PSA_ALG_BLOCK_CIPHER_BASE',
+                        'PSA_ALG_ECDSA_BASE',
+                        'PSA_ALG_RSA_PKCS1V15_SIGN_BASE']:
+                # Ad hoc skipping of duplicate names for some numerical values
+                return
+            self.algorithms.add(name)
+            # Ad hoc detection of hash algorithms
+            if re.search(r'0x010000[0-9A-Fa-f]{2}', definition):
+                self.hash_algorithms.add(name)
+        elif name.startswith('PSA_ALG_') and parameter == 'hash_alg':
+            if name in ['PSA_ALG_DSA', 'PSA_ALG_ECDSA']:
+                # A naming irregularity
+                tester = name[:8] + 'IS_RANDOMIZED_' + name[8:]
+            else:
+                tester = name[:8] + 'IS_' + name[8:]
+            self.algorithms_from_hash[name] = tester
+        elif name.startswith('PSA_KEY_USAGE_') and not parameter:
+            self.key_usages.add(name)
+        else:
+            # Other macro without parameter
+            return
+
+    def read_file(self, header_file):
+        for line in header_file:
+            self.read_line(line)
+
+    def make_return_case(self, name):
+        return 'case %(name)s: return "%(name)s";' % {'name': name}
+
+    def make_append_case(self, name):
+        template = ('case %(name)s: '
+                    'append(&buffer, buffer_size, &required_size, "%(name)s", %(length)d); '
+                    'break;')
+        return template % {'name': name, 'length': len(name)}
+
+    def make_inner_append_case(self, name):
+        template = ('case %(name)s: '
+                    'append(buffer, buffer_size, required_size, "%(name)s", %(length)d); '
+                    'break;')
+        return template % {'name': name, 'length': len(name)}
+
+    def make_bit_test(self, var, flag):
+        return bit_test_template % {'var': var,
+                                    'flag': flag,
+                                    'length': len(flag)}
+
+    def make_status_cases(self):
+        return '\n    '.join(map(self.make_return_case,
+                                 sorted(self.statuses)))
+
+    def make_ecc_curve_cases(self):
+        return '\n    '.join(map(self.make_return_case,
+                                 sorted(self.ecc_curves)))
+
+    def make_key_type_cases(self):
+        return '\n    '.join(map(self.make_append_case,
+                                 sorted(self.key_types)))
+
+    def make_key_type_from_curve_code(self, builder, tester):
+        return key_type_from_curve_template % {'builder': builder,
+                                               'builder_length': len(builder),
+                                               'tester': tester}
+
+    def make_key_type_code(self):
+        d = self.key_types_from_curve
+        make = self.make_key_type_from_curve_code
+        return '\n        '.join([make(k, d[k]) for k in sorted(d.keys())])
+
+    def make_hash_algorithm_cases(self):
+        return '\n    '.join(map(self.make_return_case,
+                                 sorted(self.hash_algorithms)))
+
+    def make_padding_mode_cases(self):
+        return '\n    '.join(map(self.make_inner_append_case,
+                                 sorted(self.block_cipher_padding_modes)))
+
+    def make_algorithm_cases(self):
+        return '\n    '.join(map(self.make_append_case,
+                                 sorted(self.algorithms)))
+
+    def make_algorithm_from_hash_code(self, builder, tester):
+        return algorithm_from_hash_template % {'builder': builder,
+                                               'builder_length': len(builder),
+                                               'tester': tester}
+
+    def make_algorithm_code(self):
+        d = self.algorithms_from_hash
+        make = self.make_algorithm_from_hash_code
+        return '\n        '.join([make(k, d[k]) for k in sorted(d.keys())])
+
+    def make_key_usage_code(self):
+        return '\n'.join([self.make_bit_test('usage', bit)
+                          for bit in sorted(self.key_usages)])
+
+    def write_file(self, output_file):
+        data = {}
+        data['status_cases'] = self.make_status_cases()
+        data['ecc_curve_cases'] = self.make_ecc_curve_cases()
+        data['key_type_cases'] = self.make_key_type_cases()
+        data['key_type_code'] = self.make_key_type_code()
+        data['hash_algorithm_cases'] = self.make_hash_algorithm_cases()
+        data['padding_mode_cases'] = self.make_padding_mode_cases()
+        data['algorithm_cases'] = self.make_algorithm_cases()
+        data['algorithm_code'] = self.make_algorithm_code()
+        data['key_usage_code'] = self.make_key_usage_code()
+        output_file.write(output_template % data)
+
+def generate_psa_constants(header_file_name, output_file_name):
+    collector = MacroCollector()
+    with open(header_file_name) as header_file:
+        collector.read_file(header_file)
+    temp_file_name = output_file_name + '.tmp'
+    with open(temp_file_name, 'w') as output_file:
+        collector.write_file(output_file)
+    os.rename(temp_file_name, output_file_name)
+
+if __name__ == '__main__':
+    if not os.path.isdir('programs') and os.path.isdir('../programs'):
+        os.chdir('..')
+    generate_psa_constants('include/psa/crypto.h',
+                           'programs/psa/psa_constant_names_generated.c')

From 674038aaa485104b8c219adf656c0365033f1880 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 18 Jul 2018 18:25:30 +0200
Subject: [PATCH 413/889] README file for Mbed Crypto

Link to the API documentation in docs/.
---
 crypto/.gitignore |  2 ++
 crypto/README.md  | 66 +++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 68 insertions(+)
 create mode 100644 crypto/.gitignore
 create mode 100644 crypto/README.md

diff --git a/crypto/.gitignore b/crypto/.gitignore
new file mode 100644
index 000000000..bf39198d1
--- /dev/null
+++ b/crypto/.gitignore
@@ -0,0 +1,2 @@
+/docs/*.pdf
+/docs/html
diff --git a/crypto/README.md b/crypto/README.md
new file mode 100644
index 000000000..7663c0f78
--- /dev/null
+++ b/crypto/README.md
@@ -0,0 +1,66 @@
+# Mbed Crypto library
+
+The Mbed cryptography library is a reference implementation of the cryptography interface of the Arm Platform Security (PSA) architecture. This is a preview release of Mbed Crypto, provided for evaluation purposes only.
+
+Mbed Crypto is distributed under the Apache License, version 2.0. See the [LICENSE](LICENSE) file for the full text of the license.
+
+## PSA cryptography API
+
+Arm's Platform Security Architecture (PSA) is a holistic set of threat models, security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level.
+
+The PSA Cryptography API provides access to a set of cryptographic primitives. It has a dual purpose: it can be used in a PSA-compliant platform to build services such as secure boot, secure storage and secure communication; and it can also be used independently of PSA on any platform.
+
+The design goals of the PSA Cryptography API include:
+
+* The API distinguishes caller memory from internal memory, which allows the library to be implemented in an isolated space for additional security. Library calls can be implemented as direct function calls if isolation is not desired, and as remote procedure calls if isolation is desired.
+* The structure of internal data is hidden to the application, which allows substituting alternative implementations at build time or run time, in order to take advantage of hardware accelerators.
+* All access to keys is done via handles, which allows support for external cryptoprocessors that is transparent to applications.
+* The interface to algorithms is generic, favoring algorithm agility.
+* The interface is designed to be easy to use, and hard to accidentally misuse.
+
+## Mbed Crypto implementation
+
+Mbed Crypto is a reference implementation of the PSA Cryptography API. It is written in portable C.
+
+## Documentation
+
+The Mbed Crypto library is a reference implementation of the PSA Cryptography API. Therefore, the library's API documentation is the PSA Cryptography API specification. The PSA Cryptography API specification consists of the following documents:
+
+* The [PSA Cryptography API overview](docs/PSA_Crypto_API_Overview.pdf).
+* The [PSA Cryptography API detailed function reference](docs/PSA_Crypto_API_Reference.pdf), which you can also browse in [HTML format](docs/html/modules.html).
+
+## Compiling
+
+You need the following tools to build the library with the provided makefiles:
+
+* GNU Make.
+* A C toolchain (compiler, linker, archiver).
+* Python 2 or Python 3 (either will work) to generate the test code.
+* Perl to run the tests.
+
+If you have a C compiler such as GCC or Clang, just run `make` in the toplevel directory to build the library, a set of unit tests and some sample programs.
+
+To select a different compiler, set the `CC` variable to name or path of the compiler and linker (default: `cc`) and set `AR` to a compatible archiver (default: `ar`). For example:
+```
+make CC=arm-linux-gnueabi-gcc AR=arm-linux-gnueabi-ar
+```
+The provided makefiles pass options to the compiler that assume a GCC-like command line syntax. To use a different compiler, you may need to pass different values for `CFLAGS`, `WARNINGS_CFLAGS` and `LDFLAGS`.
+
+To run the unit tests on the host machine, run `make test` from the toplevel directory. If you are cross-compiling, copy the test executable from the `tests` directory to the target machine.
+
+## Example programs
+
+The `programs/` subdirectory contains some sample programs that use the library. Please note that the goal of these sample programs is to demonstrate specific features of the library and the code may need to be adapted to build a real-world application.
+
+## Upcoming features
+
+Future releases of this library will include:
+
+* A driver programming interface, to use hardware accelerators instead of the default software implementation for chosen algorithms.
+* Support for external keys, stored and manipulated exclusively in a separate cryptoprocessor.
+* A configuration mechanism to compile only the algorithms you need for your application.
+* A wider set of cryptographic algorithms.
+
+## Feedback welcome
+
+Arm welcomes feedback on the design of the API. If you think something could be improved, please open an issue on our Github repository. Alternatively, if you prefer to provide your feedback privately, please email us at [`mbed-crypto@arm.com`](mailto:mbed-crypto@arm.com). All feedback received in email will be treated confidentially.

From eab56e4159cdfb7ca7a033735025aadb0ad1a627 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 17:12:33 +0200
Subject: [PATCH 414/889] Add generator API

Add an API for byte generators: psa_crypto_generator_t,
PSA_CRYPTO_GENERATOR_INIT, psa_crypto_generator_init,
psa_get_generator_capacity, psa_generator_read,
psa_generator_import_key, psa_generator_abort.

This commit does not yet implement any generator algorithm, it only
provides the framework. This code may not compile with -Wunused.
---
 include/psa/crypto.h        | 177 +++++++++++++++++++++++++++++++++++-
 include/psa/crypto_struct.h |  21 +++++
 library/psa_crypto.c        | 100 +++++++++++++++++++-
 3 files changed, 296 insertions(+), 2 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 8ac817a6e..4dbbdedcd 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -285,12 +285,18 @@ typedef int32_t psa_status_t;
  * depend on the validity of the padding. */
 #define PSA_ERROR_INVALID_PADDING       ((psa_status_t)16)
 
+/** The generator has insufficient capacity left.
+ *
+ * Once a function returns this error, attempts to read from the
+ * generator will always return this error. */
+#define PSA_ERROR_INSUFFICIENT_CAPACITY ((psa_status_t)17)
+
 /** An error occurred that does not correspond to any defined
  * failure cause.
  *
  * Implementations may use this error code if none of the other standard
  * error codes are applicable. */
-#define PSA_ERROR_UNKNOWN_ERROR         ((psa_status_t)17)
+#define PSA_ERROR_UNKNOWN_ERROR         ((psa_status_t)18)
 
 /**
  * \brief Library initialization.
@@ -2440,6 +2446,175 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
 
 /**@}*/
 
+/** \defgroup generation Generators
+ * @{
+ */
+
+/** The type of the state data structure for generators.
+ *
+ * Before calling any function on a generator, the application must
+ * initialize it by any of the following means:
+ * - Set the structure to all-bits-zero, for example:
+ *   \code
+ *   psa_crypto_generator_t generator;
+ *   memset(&generator, 0, sizeof(generator));
+ *   \endcode
+ * - Initialize the structure to logical zero values, for example:
+ *   \code
+ *   psa_crypto_generator_t generator = {0};
+ *   \endcode
+ * - Initialize the structure to the initializer #PSA_CRYPTO_GENERATOR_INIT,
+ *   for example:
+ *   \code
+ *   psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ *   \endcode
+ * - Assign the result of the function psa_crypto_generator_init()
+ *   to the structure, for example:
+ *   \code
+ *   psa_crypto_generator_t generator;
+ *   generator = psa_crypto_generator_init();
+ *   \endcode
+ *
+ * This is an implementation-defined \c struct. Applications should not
+ * make any assumptions about the content of this structure except
+ * as directed by the documentation of a specific implementation.
+ */
+typedef struct psa_crypto_generator_s psa_crypto_generator_t;
+
+/** \def PSA_CRYPTO_GENERATOR_INIT
+ *
+ * This macro returns a suitable initializer for a generator object
+ * of type #psa_crypto_generator_t.
+ */
+#ifdef __DOXYGEN_ONLY__
+/* This is an example definition for documentation purposes.
+ * Implementations should define a suitable value in `crypto_struct.h`.
+ */
+#define PSA_CRYPTO_GENERATOR_INIT {0}
+#endif
+
+/** Return an initial value for a generator object.
+ */
+static psa_crypto_generator_t psa_crypto_generator_init(void);
+
+/** Retrieve the current capacity of a generator.
+ *
+ * The capacity of a generator is the maximum number of bytes that it can
+ * return. Reading *N* bytes from a generator reduces its capacity by *N*.
+ *
+ * \param[in] generator     The generator to query.
+ * \param[out] capacity     On success, the capacity of the generator.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_BAD_STATE
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ */
+psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator,
+                                        size_t *capacity);
+
+/** Read some data from a generator.
+ *
+ * This function reads and returns a sequence of bytes from a generator.
+ * The data that is read is discarded from the generator. The generator's
+ * capacity is decreased by the number of bytes read.
+ *
+ * \param[in,out] generator The generator object to read from.
+ * \param[out] output       Buffer where the generator output will be
+ *                          written.
+ * \param output_length     Number of bytes to output.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_INSUFFICIENT_CAPACITY
+ *                          There were fewer than \p output_length bytes
+ *                          in the generator. Note that in this case, no
+ *                          output is written to the output buffer.
+ *                          The generator's capacity is set to 0, thus
+ *                          subsequent calls to this function will not
+ *                          succeed, even with a smaller output buffer.
+ * \retval PSA_ERROR_BAD_STATE
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_generator_read(psa_crypto_generator_t *generator,
+                                uint8_t *output,
+                                size_t output_length);
+
+/** Create a symmetric key from data read from a generator.
+ *
+ * This function reads a sequence of bytes from a generator and imports
+ * these bytes as a key.
+ * The data that is read is discarded from the generator. The generator's
+ * capacity is decreased by the number of bytes read.
+ *
+ * This function is equivalent to calling #psa_generator_read and
+ * passing the resulting output to #psa_import_key, but
+ * if the implementation provides an isolation boundary then
+ * the key material is not exposed outside the isolation boundary.
+ *
+ * \param key               Slot where the key will be stored. This must be a
+ *                          valid slot for a key of the chosen type. It must
+ *                          be unoccupied.
+ * \param type              Key type (a \c PSA_KEY_TYPE_XXX value).
+ *                          This must be a symmetric key type.
+ * \param bits              Key size in bits.
+ * \param[in,out] generator The generator object to read from.
+ *
+ * \retval PSA_SUCCESS
+ *         Success.
+ * \retval PSA_ERROR_INSUFFICIENT_CAPACITY
+ *                          There were fewer than \p output_length bytes
+ *                          in the generator. Note that in this case, no
+ *                          output is written to the output buffer.
+ *                          The generator's capacity is set to 0, thus
+ *                          subsequent calls to this function will not
+ *                          succeed, even with a smaller output buffer.
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ *         The key type or key size is not supported, either by the
+ *         implementation in general or in this particular slot.
+ * \retval PSA_ERROR_BAD_STATE
+ * \retval PSA_ERROR_INVALID_ARGUMENT
+ *         The key slot is invalid.
+ * \retval PSA_ERROR_OCCUPIED_SLOT
+ *         There is already a key in the specified slot.
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_INSUFFICIENT_STORAGE
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_generator_import_key(psa_key_slot_t key,
+                                      psa_key_type_t type,
+                                      size_t bits,
+                                      psa_crypto_generator_t *generator);
+
+/** Abort a generator.
+ *
+ * Once a generator has been aborted, its capacity is zero.
+ * Aborting a generator frees all associated resources except for the
+ * \c generator structure itself.
+ *
+ * This function may be called at any time as long as the generator
+ * object has been initialized to #PSA_CRYPTO_GENERATOR_INIT, to
+ * psa_crypto_generator_init() or a zero value. In particular, it is valid
+ * to call psa_generator_abort() twice, or to call psa_generator_abort()
+ * on a generator that has not been set up.
+ *
+ * Once aborted, the generator object may be called.
+ *
+ * \param[in,out] generator    The generator to abort.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_BAD_STATE
+ * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval PSA_ERROR_HARDWARE_FAILURE
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_generator_abort(psa_crypto_generator_t *generator);
+
+/**@}*/
+
 /** \defgroup generation Key generation
  * @{
  */
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 85c997485..27a9f1efc 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -130,6 +130,27 @@ struct psa_cipher_operation_s
     } ctx;
 };
 
+struct psa_crypto_generator_s
+{
+    psa_algorithm_t alg;
+    size_t capacity;
+    union
+    {
+        struct
+        {
+            uint8_t *data;
+            size_t size;
+        } buffer;
+    } ctx;
+};
+
+#define PSA_CRYPTO_GENERATOR_INIT {0, 0, {{0, 0}}}
+static inline struct psa_crypto_generator_s psa_crypto_generator_init( void )
+{
+    const struct psa_crypto_generator_s v = PSA_CRYPTO_GENERATOR_INIT;
+    return( v );
+}
+
 struct psa_key_policy_s
 {
     psa_key_usage_t usage;
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 67536f2ac..6cc42c6ba 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2988,7 +2988,105 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
 
 
 /****************************************************************/
-/* Key generation */
+/* Generators */
+/****************************************************************/
+
+psa_status_t psa_generator_abort( psa_crypto_generator_t *generator )
+{
+    psa_status_t status = PSA_SUCCESS;
+    if( generator->alg == 0 )
+    {
+        /* The object has (apparently) been initialized but it is not
+         * in use. It's ok to call abort on such an object, and there's
+         * nothing to do. */
+    }
+    else
+    {
+        status = PSA_ERROR_BAD_STATE;
+    }
+    memset( generator, 0, sizeof( *generator ) );
+    return( status );
+}
+
+
+psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator,
+                                        size_t *capacity)
+{
+    *capacity = generator->capacity;
+    return( PSA_SUCCESS );
+}
+
+psa_status_t psa_generator_read( psa_crypto_generator_t *generator,
+                                 uint8_t *output,
+                                 size_t output_length )
+{
+    psa_status_t status;
+
+    if( output_length > generator->capacity )
+    {
+        generator->capacity = 0;
+        /* Go through the error path to wipe all confidential data now
+         * that the generator object is useless. */
+        status = PSA_ERROR_INSUFFICIENT_CAPACITY;
+        goto exit;
+    }
+    if( output_length == 0 &&
+        generator->capacity == 0 && generator->alg == 0 )
+    {
+        /* Edge case: this is a blank or finished generator, and 0
+         * bytes were requested. The right error in this case could
+         * be either INSUFFICIENT_CAPACITY or BAD_STATE. Return
+         * INSUFFICIENT_CAPACITY, which is right for a finished
+         * generator, for consistency with the case when
+         * output_length > 0. */
+        return( PSA_ERROR_INSUFFICIENT_CAPACITY );
+    }
+    generator->capacity -= output_length;
+
+    {
+        return( PSA_ERROR_BAD_STATE );
+    }
+
+exit:
+    if( status != PSA_SUCCESS )
+    {
+        psa_generator_abort( generator );
+        memset( output, '!', output_length );
+    }
+    return( status );
+}
+
+psa_status_t psa_generator_import_key( psa_key_slot_t key,
+                                       psa_key_type_t type,
+                                       size_t bits,
+                                       psa_crypto_generator_t *generator )
+{
+    uint8_t *data = NULL;
+    size_t bytes = PSA_BITS_TO_BYTES( bits );
+    psa_status_t status;
+
+    if( ! key_type_is_raw_bytes( type ) )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    if( bits % 8 != 0 )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    data = mbedtls_calloc( 1, bytes );
+    if( data == NULL )
+        return( PSA_ERROR_INSUFFICIENT_MEMORY );
+
+    status = psa_generator_read( generator, data, bytes );
+    if( status != PSA_SUCCESS )
+        goto exit;
+    status = psa_import_key( key, type, data, bytes );
+
+exit:
+    mbedtls_free( data );
+    return( status );
+}
+
+
+
+/****************************************************************/
+/* Random generation */
 /****************************************************************/
 
 psa_status_t psa_generate_random( uint8_t *output,

From f2ffdb87f67992b9d5b768f82e6759c2f0c63d62 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Sun, 22 Jul 2018 18:23:32 +0300
Subject: [PATCH 415/889] Fix generate_key and hash_setup tests vectors

-Add depends_on MBEDTLS_CIPHER_MODE_CTR for CTR test_suite_psa_crypto
-Change bad type/hash alg parameter to *_CATEGORY_*
---
 tests/suites/test_suite_psa_crypto.data | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 27c15389f..19348bdf3 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -270,7 +270,7 @@ hash_setup:PSA_ALG_SHA_256:PSA_SUCCESS
 
 PSA hash setup: bad (unknown hash algorithm)
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-hash_setup:0x80000000 | PSA_ALG_SHA_256:PSA_ERROR_NOT_SUPPORTED
+hash_setup:PSA_ALG_CATEGORY_HASH:PSA_ERROR_NOT_SUPPORTED
 
 PSA hash setup: bad (not a hash algorithm)
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
@@ -763,8 +763,8 @@ generate_random:19
 PSA generate random: 260 bytes
 generate_random:260
 
-PSA generate key: bad type (0xffffffff)
-generate_key:0xffffffff:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED
+PSA generate key: bad type (PSA_KEY_TYPE_CATEGORY_MASK)
+generate_key:PSA_KEY_TYPE_CATEGORY_MASK:128:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED
 
 PSA generate key: bad type (RSA public key)
 generate_key:PSA_KEY_TYPE_RSA_PUBLIC_KEY:512:PSA_KEY_USAGE_EXPORT:0:PSA_ERROR_NOT_SUPPORTED
@@ -779,7 +779,7 @@ PSA generate key: raw data, 8 bits
 generate_key:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:PSA_SUCCESS
 
 PSA generate key: AES, 128 bits, CTR
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
 generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_SUCCESS
 
 PSA generate key: AES, 128 bits, GCM

From e83f06a2296b98ab3e69b05d1ce1d4fb5f220bde Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 18 Jul 2018 22:00:25 +0200
Subject: [PATCH 416/889] Minor clarifications

---
 crypto/README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/crypto/README.md b/crypto/README.md
index 7663c0f78..b05e0464f 100644
--- a/crypto/README.md
+++ b/crypto/README.md
@@ -8,12 +8,12 @@ Mbed Crypto is distributed under the Apache License, version 2.0. See the [LICEN
 
 Arm's Platform Security Architecture (PSA) is a holistic set of threat models, security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level.
 
-The PSA Cryptography API provides access to a set of cryptographic primitives. It has a dual purpose: it can be used in a PSA-compliant platform to build services such as secure boot, secure storage and secure communication; and it can also be used independently of PSA on any platform.
+The PSA Cryptography API provides access to a set of cryptographic primitives. It has a dual purpose: it can be used in a PSA-compliant platform to build services such as secure boot, secure storage and secure communication; and it can also be used independently of other PSA components on any platform.
 
 The design goals of the PSA Cryptography API include:
 
 * The API distinguishes caller memory from internal memory, which allows the library to be implemented in an isolated space for additional security. Library calls can be implemented as direct function calls if isolation is not desired, and as remote procedure calls if isolation is desired.
-* The structure of internal data is hidden to the application, which allows substituting alternative implementations at build time or run time, in order to take advantage of hardware accelerators.
+* The structure of internal data is hidden to the application, which allows substituting alternative implementations at build time or run time, for example in order to take advantage of hardware accelerators.
 * All access to keys is done via handles, which allows support for external cryptoprocessors that is transparent to applications.
 * The interface to algorithms is generic, favoring algorithm agility.
 * The interface is designed to be easy to use, and hard to accidentally misuse.

From ea0fb4975c3be493773b9be7d57400ef9d99a107 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 17:17:20 +0200
Subject: [PATCH 417/889] Add framework for simple key derivation

New key type PSA_KEY_TYPE_DERIVE. New usage flag PSA_KEY_USAGE_DERIVE.
New function psa_key_derivation.

No key derivation algorithm is implemented yet. The code may not
compile with -Wunused.

Write some unit test code for psa_key_derivation. Most of it cannot be
used yet due to the lack of a key derivation algorithm.
---
 include/psa/crypto.h                        |  62 +++++++++++
 library/psa_crypto.c                        |  49 ++++++++-
 tests/suites/test_suite_psa_crypto.data     |   4 +
 tests/suites/test_suite_psa_crypto.function | 111 ++++++++++++++++++++
 4 files changed, 224 insertions(+), 2 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 4dbbdedcd..9165463f5 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -366,6 +366,13 @@ typedef uint32_t psa_key_type_t;
  * \c alg is the HMAC algorithm or the underlying hash algorithm. */
 #define PSA_KEY_TYPE_HMAC                       ((psa_key_type_t)0x02000001)
 
+/** A secret for key derivation.
+ *
+ * The key policy determines which key derivation algorithm the key
+ * can be used for.
+ */
+#define PSA_KEY_TYPE_DERIVE                     ((psa_key_type_t)0x02000101)
+
 /** Key for an cipher, AEAD or MAC algorithm based on the AES block cipher.
  *
  * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or
@@ -1194,6 +1201,10 @@ typedef uint32_t psa_key_usage_t;
  */
 #define PSA_KEY_USAGE_VERIFY                    ((psa_key_usage_t)0x00000800)
 
+/** Whether the key may be used to derive other keys.
+ */
+#define PSA_KEY_USAGE_DERIVE                    ((psa_key_usage_t)0x00001000)
+
 /** The type of the key policy data structure.
  *
  * This is an implementation-defined \c struct. Applications should not
@@ -2615,6 +2626,57 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator);
 
 /**@}*/
 
+/** \defgroup derivation Key derivation
+ * @{
+ */
+
+/** Set up a key derivation operation.
+ *
+ * A key derivation algorithm takes three inputs: a secret input \p key and
+ * two non-secret inputs \p label and p salt.
+ * The result of this function is a byte generator which can
+ * be used to produce keys and other cryptographic material.
+ *
+ * The role of \p label and \p salt is as follows:
+ *
+ * \param[in,out] generator       The generator object to set up. It must
+ *                                have been initialized to .
+ * \param key                     Slot containing the secret key to use.
+ * \param alg                     The key derivation algorithm to compute
+ *                                (\c PSA_ALG_XXX value such that
+ *                                #PSA_ALG_IS_KEY_DERIVATION(\p alg) is true).
+ * \param[in] salt                Salt to use.
+ * \param salt_length             Size of the \p salt buffer in bytes.
+ * \param[in] label               Label to use.
+ * \param label_length            Size of the \p label buffer in bytes.
+ * \param capacity                The maximum number of bytes that the
+ *                                generator will be able to provide.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         \c key is not compatible with \c alg,
+ *         or \p capacity is too large for the specified algorithm and key.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ *         \c alg is not supported or is not a key derivation algorithm.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
+                                psa_key_type_t key,
+                                psa_algorithm_t alg,
+                                const uint8_t *salt,
+                                size_t salt_length,
+                                const uint8_t *label,
+                                size_t label_length,
+                                size_t capacity);
+
+/**@}*/
+
 /** \defgroup generation Key generation
  * @{
  */
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 6cc42c6ba..cc59ca800 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -498,8 +498,9 @@ static psa_status_t prepare_raw_data_slot( psa_key_type_t type,
             break;
 #if defined(MBEDTLS_MD_C)
         case PSA_KEY_TYPE_HMAC:
-            break;
 #endif
+        case PSA_KEY_TYPE_DERIVE:
+            break;
 #if defined(MBEDTLS_AES_C)
         case PSA_KEY_TYPE_AES:
             if( bits != 128 && bits != 192 && bits != 256 )
@@ -2651,7 +2652,8 @@ psa_status_t psa_set_key_policy( psa_key_slot_t key,
                              PSA_KEY_USAGE_ENCRYPT |
                              PSA_KEY_USAGE_DECRYPT |
                              PSA_KEY_USAGE_SIGN |
-                             PSA_KEY_USAGE_VERIFY ) ) != 0 )
+                             PSA_KEY_USAGE_VERIFY |
+                             PSA_KEY_USAGE_DERIVE ) ) != 0 )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     slot->policy = *policy;
@@ -3085,6 +3087,49 @@ exit:
 
 
 
+/****************************************************************/
+/* Key derivation */
+/****************************************************************/
+
+psa_status_t psa_key_derivation( psa_crypto_generator_t *generator,
+                                 psa_key_type_t key,
+                                 psa_algorithm_t alg,
+                                 const uint8_t *salt,
+                                 size_t salt_length,
+                                 const uint8_t *label,
+                                 size_t label_length,
+                                 size_t capacity )
+{
+    key_slot_t *slot;
+    psa_status_t status;
+
+    if( generator->alg != 0 )
+        return( PSA_ERROR_BAD_STATE );
+
+    status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DERIVE, alg );
+    if( status != PSA_SUCCESS )
+        return( status );
+    if( slot->type != PSA_KEY_TYPE_DERIVE )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    if( ! PSA_ALG_IS_KEY_DERIVATION( alg ) )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    {
+        return( PSA_ERROR_NOT_SUPPORTED );
+    }
+
+    /* Set generator->alg even on failure so that abort knows what to do. */
+    generator->alg = alg;
+    if( status == PSA_SUCCESS )
+        generator->capacity = capacity;
+    else
+        psa_generator_abort( generator );
+    return( status );
+}
+
+
+
 /****************************************************************/
 /* Random generation */
 /****************************************************************/
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index b44c347e2..1113eec81 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -745,6 +745,10 @@ PSA decrypt: RSA PKCS#1 v1.5, input too large
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT
 
+
+PSA key derivation: not a key derivation algorithm
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT
 PSA generate random: 0 bytes
 generate_random:0
 
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 37d6aca3f..278554f75 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -357,6 +357,36 @@ exit:
     return( 0 );
 }
 
+static int exercise_key_derivation_key( psa_key_slot_t key,
+                                        psa_key_usage_t usage,
+                                        psa_algorithm_t alg )
+{
+    psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+    unsigned char label[16] = "This is a label.";
+    size_t label_length = sizeof( label );
+    unsigned char seed[16] = "abcdefghijklmnop";
+    size_t seed_length = sizeof( seed );
+    unsigned char output[1];
+
+    if( usage & PSA_KEY_USAGE_DERIVE )
+    {
+        TEST_ASSERT( psa_key_derivation( &generator,
+                                         key, alg,
+                                         label, label_length,
+                                         seed, seed_length,
+                                         sizeof( output ) ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_generator_read( &generator,
+                                         output,
+                                         sizeof( output ) ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS );
+    }
+
+    return( 1 );
+
+exit:
+    return( 0 );
+}
+
 static int exercise_key( psa_key_slot_t slot,
                          psa_key_usage_t usage,
                          psa_algorithm_t alg )
@@ -374,6 +404,8 @@ static int exercise_key( psa_key_slot_t slot,
         ok = exercise_signature_key( slot, usage, alg );
     else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) )
         ok = exercise_asymmetric_encryption_key( slot, usage, alg );
+    else if( PSA_ALG_IS_KEY_DERIVATION( alg ) )
+        ok = exercise_key_derivation_key( slot, usage, alg );
     else
     {
         char message[40];
@@ -657,6 +689,7 @@ void import_and_exercise_key( data_t *data,
           ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ?
             PSA_KEY_USAGE_ENCRYPT :
             PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ) :
+          PSA_ALG_IS_KEY_DERIVATION( alg ) ? PSA_KEY_USAGE_DERIVE :
           0 );
     psa_key_policy_t policy;
     psa_key_type_t got_type;
@@ -991,6 +1024,45 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void derive_key_policy( int policy_usage,
+                        int policy_alg,
+                        int key_type,
+                        data_t *key_data,
+                        int exercise_alg )
+{
+    int key_slot = 1;
+    psa_key_policy_t policy;
+    psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+    psa_status_t status;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key_data->x, key_data->len ) == PSA_SUCCESS );
+
+    status = psa_key_derivation( &generator, key_slot,
+                                 exercise_alg,
+                                 NULL, 0,
+                                 NULL, 0,
+                                 1 );
+    if( policy_alg == exercise_alg &&
+        ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 )
+        TEST_ASSERT( status == PSA_SUCCESS );
+    else
+        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+
+exit:
+    psa_generator_abort( &generator );
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void key_lifetime( int lifetime_arg )
 {
@@ -2372,6 +2444,45 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void derive_setup( int key_type_arg,
+                   data_t *key_data,
+                   int alg_arg,
+                   data_t *salt,
+                   data_t *label,
+                   int requested_capacity_arg,
+                   int expected_status_arg )
+{
+    psa_key_slot_t slot = 1;
+    size_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    size_t requested_capacity = requested_capacity_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+    psa_key_policy_t policy;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, key_type,
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_key_derivation( &generator, slot, alg,
+                                     salt->x, salt->len,
+                                     label->x, label->len,
+                                     requested_capacity ) == expected_status );
+
+exit:
+    psa_generator_abort( &generator );
+    psa_destroy_key( slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void generate_random( int bytes_arg )
 {

From bef7f14f8e251cf1f8f82ea520ea0e97a57efaef Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 17:22:21 +0200
Subject: [PATCH 418/889] Implement HKDF

---
 include/psa/crypto.h        |  32 +++++++++
 include/psa/crypto_struct.h |  17 +++++
 library/psa_crypto.c        | 133 ++++++++++++++++++++++++++++++++++++
 3 files changed, 182 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 9165463f5..47241a68c 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -965,6 +965,36 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_IS_RSA_OAEP(alg)                                \
     (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE)
 
+#define PSA_ALG_HKDF_BASE                       ((psa_algorithm_t)0x30000100)
+/** Macro to build an HKDF algorithm.
+ *
+ * For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *
+ * \return              The corresponding HKDF algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_HKDF(hash_alg)                                  \
+    (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+/** Whether the specified algorithm is an HKDF algorithm.
+ *
+ * HKDF is a family of key derivation algorithms that are based on a hash
+ * function and the HMAC construction.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is an HKDF algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         key derivation algorithm identifier.
+ */
+#define PSA_ALG_IS_HKDF(alg)                            \
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE)
+#define PSA_ALG_HKDF_GET_HASH(hkdf_alg)                         \
+    (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
+
 /**@}*/
 
 /** \defgroup key_management Key management
@@ -2638,6 +2668,8 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator);
  * be used to produce keys and other cryptographic material.
  *
  * The role of \p label and \p salt is as follows:
+ * - For HKDF (#PSA_ALG_HKDF), \p salt is the salt used in the "extract" step
+ *   and \p label is the info string used in the "expand" step.
  *
  * \param[in,out] generator       The generator object to set up. It must
  *                                have been initialized to .
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 27a9f1efc..baf5b1495 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -130,6 +130,20 @@ struct psa_cipher_operation_s
     } ctx;
 };
 
+typedef struct
+{
+    uint8_t *info;
+    size_t info_length;
+    psa_hmac_internal_data hmac;
+    uint8_t prk[PSA_HASH_MAX_SIZE];
+    uint8_t output_block[PSA_HASH_MAX_SIZE];
+#if PSA_HASH_MAX_SIZE > 0xff
+#error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
+#endif
+    uint8_t offset_in_block;
+    uint8_t block_number;
+} psa_hkdf_generator_t;
+
 struct psa_crypto_generator_s
 {
     psa_algorithm_t alg;
@@ -141,6 +155,9 @@ struct psa_crypto_generator_s
             uint8_t *data;
             size_t size;
         } buffer;
+#if defined(MBEDTLS_MD_C)
+        psa_hkdf_generator_t hkdf;
+#endif
     } ctx;
 };
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index cc59ca800..9e8f90b54 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3003,6 +3003,14 @@ psa_status_t psa_generator_abort( psa_crypto_generator_t *generator )
          * nothing to do. */
     }
     else
+#if defined(MBEDTLS_MD_C)
+    if( PSA_ALG_IS_HKDF( generator->alg ) )
+    {
+        mbedtls_free( generator->ctx.hkdf.info );
+        status = psa_hmac_abort_internal( &generator->ctx.hkdf.hmac );
+    }
+    else
+#endif /* MBEDTLS_MD_C */
     {
         status = PSA_ERROR_BAD_STATE;
     }
@@ -3018,6 +3026,66 @@ psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator,
     return( PSA_SUCCESS );
 }
 
+#if defined(MBEDTLS_MD_C)
+/* Read some bytes from an HKDF-based generator. This performs a chunk
+ * of the expand phase of the HKDF algorithm. */
+static psa_status_t psa_generator_hkdf_read( psa_hkdf_generator_t *hkdf,
+                                             psa_algorithm_t hash_alg,
+                                             uint8_t *output,
+                                             size_t output_length )
+{
+    uint8_t hash_length = PSA_HASH_SIZE( hash_alg );
+    psa_status_t status;
+
+    while( output_length != 0 )
+    {
+        /* Copy what remains of the current block */
+        uint8_t n = hash_length - hkdf->offset_in_block;
+        if( n > output_length )
+            n = (uint8_t) output_length;
+        memcpy( output, hkdf->output_block + hkdf->offset_in_block, n );
+        output += n;
+        output_length -= n;
+        hkdf->offset_in_block += n;
+        if( output_length == 0 || hkdf->block_number == 0xff )
+            break;
+
+        /* We need a new block */
+        ++hkdf->block_number;
+        hkdf->offset_in_block = 0;
+        status = psa_hmac_setup_internal( &hkdf->hmac,
+                                          hkdf->prk, hash_length,
+                                          hash_alg );
+        if( status != PSA_SUCCESS )
+            return( status );
+        if( hkdf->block_number != 1 )
+        {
+            status = psa_hash_update( &hkdf->hmac.hash_ctx,
+                                      hkdf->output_block,
+                                      hash_length );
+            if( status != PSA_SUCCESS )
+                return( status );
+        }
+        status = psa_hash_update( &hkdf->hmac.hash_ctx,
+                                  hkdf->info,
+                                  hkdf->info_length );
+        if( status != PSA_SUCCESS )
+            return( status );
+        status = psa_hash_update( &hkdf->hmac.hash_ctx,
+                                  &hkdf->block_number, 1 );
+        if( status != PSA_SUCCESS )
+            return( status );
+        status = psa_hmac_finish_internal( &hkdf->hmac,
+                                           hkdf->output_block,
+                                           sizeof( hkdf->output_block ) );
+        if( status != PSA_SUCCESS )
+            return( status );
+    }
+
+    return( PSA_SUCCESS );
+}
+#endif /* MBEDTLS_MD_C */
+
 psa_status_t psa_generator_read( psa_crypto_generator_t *generator,
                                  uint8_t *output,
                                  size_t output_length )
@@ -3045,6 +3113,15 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator,
     }
     generator->capacity -= output_length;
 
+#if defined(MBEDTLS_MD_C)
+    if( PSA_ALG_IS_HKDF( generator->alg ) )
+    {
+        psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( generator->alg );
+        status = psa_generator_hkdf_read( &generator->ctx.hkdf, hash_alg,
+                                          output, output_length );
+    }
+    else
+#endif /* MBEDTLS_MD_C */
     {
         return( PSA_ERROR_BAD_STATE );
     }
@@ -3091,6 +3168,45 @@ exit:
 /* Key derivation */
 /****************************************************************/
 
+/* Set up an HKDF-based generator. This is exactly the extract phase
+ * of the HKDF algorithm. */
+static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf,
+                                              key_slot_t *slot,
+                                              psa_algorithm_t hash_alg,
+                                              const uint8_t *salt,
+                                              size_t salt_length,
+                                              const uint8_t *label,
+                                              size_t label_length )
+{
+    psa_status_t status;
+    status = psa_hmac_setup_internal( &hkdf->hmac,
+                                      salt, salt_length,
+                                      PSA_ALG_HMAC_HASH( hash_alg ) );
+    if( status != PSA_SUCCESS )
+        return( status );
+    status = psa_hash_update( &hkdf->hmac.hash_ctx,
+                              slot->data.raw.data,
+                              slot->data.raw.bytes );
+    if( status != PSA_SUCCESS )
+        return( status );
+    status = psa_hmac_finish_internal( &hkdf->hmac,
+                                       hkdf->prk,
+                                       sizeof( hkdf->prk ) );
+    if( status != PSA_SUCCESS )
+        return( status );
+    hkdf->offset_in_block = PSA_HASH_SIZE( hash_alg );
+    hkdf->block_number = 0;
+    hkdf->info_length = label_length;
+    if( label_length != 0 )
+    {
+        hkdf->info = mbedtls_calloc( 1, label_length );
+        if( hkdf->info == NULL )
+            return( PSA_ERROR_INSUFFICIENT_MEMORY );
+        memcpy( hkdf->info, label, label_length );
+    }
+    return( PSA_SUCCESS );
+}
+
 psa_status_t psa_key_derivation( psa_crypto_generator_t *generator,
                                  psa_key_type_t key,
                                  psa_algorithm_t alg,
@@ -3115,6 +3231,23 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator,
     if( ! PSA_ALG_IS_KEY_DERIVATION( alg ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
+#if defined(MBEDTLS_MD_C)
+    if( PSA_ALG_IS_HKDF( alg ) )
+    {
+        psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg );
+        size_t hash_size = PSA_HASH_SIZE( hash_alg );
+        if( hash_size == 0 )
+            return( PSA_ERROR_NOT_SUPPORTED );
+        if( capacity > 255 * hash_size )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        status = psa_generator_hkdf_setup( &generator->ctx.hkdf,
+                                           slot,
+                                           hash_alg,
+                                           salt, salt_length,
+                                           label, label_length );
+    }
+    else
+#endif
     {
         return( PSA_ERROR_NOT_SUPPORTED );
     }

From 96ee5c70b96652b4f7c0a97a2e7a76dedf1286bc Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 17:24:54 +0200
Subject: [PATCH 419/889] HKDF: positive tests

---
 tests/suites/test_suite_psa_crypto.data     |  48 ++++++++++
 tests/suites/test_suite_psa_crypto.function | 100 ++++++++++++++++++++
 2 files changed, 148 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 1113eec81..3d7031b8c 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -749,6 +749,54 @@ asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d39
 PSA key derivation: not a key derivation algorithm
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":""
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 32+10
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf":"34007208d5b887185865"
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 0+42
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 1+41
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3c":"b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 41+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858":""
+
+PSA key derivation: HKDF SHA-256, RFC5869 #1, output 1+40
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3c":"b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858"
+
+PSA key derivation: HKDF SHA-256, RFC5869 #2, output 82+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":82:"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87":""
+
+PSA key derivation: HKDF SHA-256, RFC5869 #3, output 42+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":42:"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8":""
+
+PSA key derivation: HKDF SHA-1, RFC5869 #4, output 42+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896":""
+
+PSA key derivation: HKDF SHA-1, RFC5869 #5, output 82+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":82:"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4":""
+
+PSA key derivation: HKDF SHA-1, RFC5869 #6, output 42+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":42:"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918":""
+
+PSA key derivation: HKDF SHA-1, RFC5869 #7, output 42+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":42:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":""
 PSA generate random: 0 bytes
 generate_random:0
 
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 278554f75..cf72e489e 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -8,6 +8,8 @@
 #include "mbedtls/asn1write.h"
 #include "psa/crypto.h"
 
+#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
+
 #if(UINT32_MAX > SIZE_MAX)
 #define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) ( ( x ) <= SIZE_MAX )
 #else
@@ -2483,6 +2485,104 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void derive_output( int alg_arg,
+                    data_t *key_data,
+                    data_t *salt,
+                    data_t *label,
+                    int requested_capacity_arg,
+                    data_t *expected_output1,
+                    data_t *expected_output2 )
+{
+    psa_key_slot_t slot = 1;
+    psa_algorithm_t alg = alg_arg;
+    size_t requested_capacity = requested_capacity_arg;
+    psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+    uint8_t *expected_outputs[2] =
+        {expected_output1->x, expected_output2->x};
+    size_t output_sizes[2] =
+        {expected_output1->len, expected_output2->len};
+    size_t output_buffer_size = 0;
+    uint8_t *output_buffer = NULL;
+    size_t expected_capacity;
+    size_t current_capacity;
+    psa_key_policy_t policy;
+    psa_status_t status;
+    unsigned i;
+
+    for( i = 0; i < ARRAY_LENGTH( expected_outputs ); i++ )
+    {
+        if( output_sizes[i] > output_buffer_size )
+            output_buffer_size = output_sizes[i];
+        if( output_sizes[i] == 0 )
+            expected_outputs[i] = NULL;
+    }
+    output_buffer = mbedtls_calloc( 1, output_buffer_size );
+    TEST_ASSERT( output_buffer != NULL );
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, PSA_KEY_TYPE_DERIVE,
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
+
+    /* Extraction phase. */
+    TEST_ASSERT( psa_key_derivation( &generator, slot, alg,
+                                     salt->x, salt->len,
+                                     label->x, label->len,
+                                     requested_capacity ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_get_generator_capacity( &generator,
+                                             &current_capacity ) ==
+                 PSA_SUCCESS );
+    TEST_ASSERT( current_capacity == requested_capacity );
+    expected_capacity = requested_capacity;
+
+    /* Expansion phase. */
+    for( i = 0; i < ARRAY_LENGTH( expected_outputs ); i++ )
+    {
+        /* Read some bytes. */
+        status = psa_generator_read( &generator,
+                                     output_buffer, output_sizes[i] );
+        if( expected_capacity == 0 && output_sizes[i] == 0 )
+        {
+            /* Reading 0 bytes when 0 bytes are available can go either way. */
+            TEST_ASSERT( status == PSA_SUCCESS ||
+                         status == PSA_ERROR_INSUFFICIENT_CAPACITY );
+            continue;
+        }
+        else if( expected_capacity == 0 ||
+                 output_sizes[i] > expected_capacity )
+        {
+            /* Capacity exceeded. */
+            TEST_ASSERT( status == PSA_ERROR_INSUFFICIENT_CAPACITY );
+            expected_capacity = 0;
+            continue;
+        }
+        /* Success. Check the read data. */
+        TEST_ASSERT( status == PSA_SUCCESS );
+        if( output_sizes[i] != 0 )
+            TEST_ASSERT( memcmp( output_buffer, expected_outputs[i],
+                                 output_sizes[i] ) == 0 );
+        /* Check the generator status. */
+        expected_capacity -= output_sizes[i];
+        TEST_ASSERT( psa_get_generator_capacity( &generator,
+                                                 &current_capacity ) ==
+                     PSA_SUCCESS );
+        TEST_ASSERT( expected_capacity == current_capacity );
+    }
+    TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS );
+
+exit:
+    mbedtls_free( output_buffer );
+    psa_generator_abort( &generator );
+    psa_destroy_key( slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void generate_random( int bytes_arg )
 {

From f24af9602f7e5e88dc5e9d4db1617c06e4ed4bb1 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 17:29:05 +0200
Subject: [PATCH 420/889] Key derivation with HKDF: add a few negative tests

---
 tests/suites/test_suite_psa_crypto.data | 55 +++++++++++++++++++++++++
 1 file changed, 55 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 3d7031b8c..f906874ed 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -252,6 +252,18 @@ PSA key policy: asymmetric signature, neither sign nor verify
 depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW
 
+PSA key policy: derive, permitted
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256)
+
+PSA key policy: derive, not permitted
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_key_policy:0:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256)
+
+PSA key policy: derive, wrong algorithm
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224)
+
 PSA key lifetime: set and get volatile
 key_lifetime:PSA_KEY_LIFETIME_VOLATILE
 
@@ -745,11 +757,22 @@ PSA decrypt: RSA PKCS#1 v1.5, input too large
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_CRYPT:"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":PSA_ERROR_INVALID_ARGUMENT
 
+PSA key derivation: HKDF-SHA-256, good case
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"":"":42:PSA_SUCCESS
+
+PSA key derivation: bad key type
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_setup:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT
 
 PSA key derivation: not a key derivation algorithm
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT
 
+PSA key derivation: unsupported key derivation algorithm
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):"":"":42:PSA_ERROR_NOT_SUPPORTED
+
 PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":""
@@ -797,6 +820,38 @@ derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0
 PSA key derivation: HKDF SHA-1, RFC5869 #7, output 42+0
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C
 derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":42:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":""
+
+PSA key derivation: HKDF SHA-256, request maximum capacity
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":""
+
+PSA key derivation: HKDF SHA-1, request maximum capacity
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":255 * 20:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":""
+
+PSA key derivation: HKDF SHA-256, request too much capacity
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 + 1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key derivation: HKDF SHA-1, request too much capacity
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C
+derive_setup:PSA_KEY_TYPE_DERIVE:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":PSA_ALG_HKDF(PSA_ALG_SHA_1):"":"":255 * 20 + 1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key derivation: over capacity 42: output 42+1
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"ff"
+
+PSA key derivation: over capacity 42: output 41+2
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b8871858":"65ff"
+
+PSA key derivation: over capacity 42: output 43+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":""
+
+PSA key derivation: over capacity 42: output 43+1
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":"ff"
 PSA generate random: 0 bytes
 generate_random:0
 

From 0386fbaa70883c9ef7f8390c2a264f11ef8596ec Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 12 Jul 2018 17:29:22 +0200
Subject: [PATCH 421/889] Key derivation: test deriving a key from the KDF
 output

---
 tests/suites/test_suite_psa_crypto.data     |  17 +++
 tests/suites/test_suite_psa_crypto.function | 143 ++++++++++++++++++++
 2 files changed, 160 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index f906874ed..43b964730 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -852,6 +852,23 @@ derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0
 PSA key derivation: over capacity 42: output 43+1
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":"ff"
+
+PSA key derivation: HKDF SHA-256, exercise HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN:PSA_ALG_HMAC(PSA_ALG_SHA_256)
+
+PSA key derivation: HKDF SHA-256, exercise HKDF-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DERIVE:400:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256)
+
+PSA key derivation: HKDF SHA-256, derive key, 16+32
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":16:32
+
+PSA key derivation: HKDF SHA-256, derive key, 1+41
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41
+
 PSA generate random: 0 bytes
 generate_random:0
 
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index cf72e489e..1f1732e65 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -2583,6 +2583,149 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void derive_key_exercise( int alg_arg,
+                          data_t *key_data,
+                          data_t *salt,
+                          data_t *label,
+                          int derived_type_arg,
+                          int derived_bits_arg,
+                          int derived_usage_arg,
+                          int derived_alg_arg )
+{
+    psa_key_slot_t base_key = 1;
+    psa_key_slot_t derived_key = 2;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_type_t derived_type = derived_type_arg;
+    size_t derived_bits = derived_bits_arg;
+    psa_key_usage_t derived_usage = derived_usage_arg;
+    psa_algorithm_t derived_alg = derived_alg_arg;
+    size_t capacity = PSA_BITS_TO_BYTES( derived_bits );
+    psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+    psa_key_policy_t policy;
+    psa_key_type_t got_type;
+    size_t got_bits;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+    TEST_ASSERT( psa_set_key_policy( base_key, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_import_key( base_key, PSA_KEY_TYPE_DERIVE,
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
+
+    /* Derive a key. */
+    TEST_ASSERT( psa_key_derivation( &generator, base_key, alg,
+                                     salt->x, salt->len,
+                                     label->x, label->len,
+                                     capacity ) == PSA_SUCCESS );
+    psa_key_policy_set_usage( &policy, derived_usage, derived_alg );
+    TEST_ASSERT( psa_set_key_policy( derived_key, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_generator_import_key( derived_key,
+                                           derived_type,
+                                           derived_bits,
+                                           &generator ) == PSA_SUCCESS );
+
+    /* Test the key information */
+    TEST_ASSERT( psa_get_key_information( derived_key,
+                                          &got_type,
+                                          &got_bits ) == PSA_SUCCESS );
+    TEST_ASSERT( got_type == derived_type );
+    TEST_ASSERT( got_bits == derived_bits );
+
+    /* Exercise the derived key. */
+    if( ! exercise_key( derived_key, derived_usage, derived_alg ) )
+        goto exit;
+
+exit:
+    psa_generator_abort( &generator );
+    psa_destroy_key( base_key );
+    psa_destroy_key( derived_key );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void derive_key_export( int alg_arg,
+                        data_t *key_data,
+                        data_t *salt,
+                        data_t *label,
+                        int bytes1_arg,
+                        int bytes2_arg )
+{
+    psa_key_slot_t base_key = 1;
+    psa_key_slot_t derived_key = 2;
+    psa_algorithm_t alg = alg_arg;
+    size_t bytes1 = bytes1_arg;
+    size_t bytes2 = bytes2_arg;
+    size_t capacity = bytes1 + bytes2;
+    psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+    uint8_t *output_buffer = mbedtls_calloc( 1, capacity );
+    uint8_t *export_buffer = mbedtls_calloc( 1, capacity );
+    psa_key_policy_t policy;
+    size_t length;
+
+    TEST_ASSERT( output_buffer != NULL );
+    TEST_ASSERT( export_buffer != NULL );
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+    TEST_ASSERT( psa_set_key_policy( base_key, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_import_key( base_key, PSA_KEY_TYPE_DERIVE,
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
+
+    /* Derive some material and output it. */
+    TEST_ASSERT( psa_key_derivation( &generator, base_key, alg,
+                                     salt->x, salt->len,
+                                     label->x, label->len,
+                                     capacity ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_generator_read( &generator,
+                                     output_buffer,
+                                     capacity ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS );
+
+    /* Derive the same output again, but this time store it in key objects. */
+    TEST_ASSERT( psa_key_derivation( &generator, base_key, alg,
+                                     salt->x, salt->len,
+                                     label->x, label->len,
+                                     capacity ) == PSA_SUCCESS );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 );
+    TEST_ASSERT( psa_set_key_policy( derived_key, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_generator_import_key( derived_key,
+                                           PSA_KEY_TYPE_RAW_DATA,
+                                           PSA_BYTES_TO_BITS( bytes1 ),
+                                           &generator ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_export_key( derived_key,
+                                 export_buffer, bytes1,
+                                 &length ) == PSA_SUCCESS );
+    TEST_ASSERT( length == bytes1 );
+    TEST_ASSERT( psa_destroy_key( derived_key ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( derived_key, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_generator_import_key( derived_key,
+                                           PSA_KEY_TYPE_RAW_DATA,
+                                           PSA_BYTES_TO_BITS( bytes2 ),
+                                           &generator ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_export_key( derived_key,
+                                 export_buffer + bytes1, bytes2,
+                                 &length ) == PSA_SUCCESS );
+    TEST_ASSERT( length == bytes2 );
+
+    /* Compare the outputs from the two runs. */
+    TEST_ASSERT( memcmp( output_buffer, export_buffer, capacity ) == 0 );
+
+exit:
+    mbedtls_free( output_buffer );
+    mbedtls_free( export_buffer );
+    psa_generator_abort( &generator );
+    psa_destroy_key( base_key );
+    psa_destroy_key( derived_key );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void generate_random( int bytes_arg )
 {

From d54931c7c4d199ec709d7f6f7516d361cdff4b4b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 17 Jul 2018 21:06:59 +0200
Subject: [PATCH 422/889] HKDF: be more robust if we reach the maximum ouptut
 length

In psa_generator_hkdf_read, return BAD_STATE if we're trying to
construct more output than the algorithm allows. This can't happen
through the API due to the capacity limit, but it could potentially
happen in an internal call.

Also add a test case that verifies that we can set up HKDF with its
maximum capacity and read up to the maximum capacity.
---
 library/psa_crypto.c                        |  9 ++-
 tests/suites/test_suite_psa_crypto.data     |  8 +++
 tests/suites/test_suite_psa_crypto.function | 66 +++++++++++++++++++++
 3 files changed, 82 insertions(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 9e8f90b54..ef99403e3 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3047,8 +3047,15 @@ static psa_status_t psa_generator_hkdf_read( psa_hkdf_generator_t *hkdf,
         output += n;
         output_length -= n;
         hkdf->offset_in_block += n;
-        if( output_length == 0 || hkdf->block_number == 0xff )
+        if( output_length == 0 )
             break;
+        /* We can't be wanting more output after block 0xff, otherwise
+         * the capacity check in psa_generator_read() would have
+         * prevented this call. It could happen only if the generator
+         * object was corrupted or if this function is called directly
+         * inside the library. */
+        if( hkdf->block_number == 0xff )
+            return( PSA_ERROR_BAD_STATE );
 
         /* We need a new block */
         ++hkdf->block_number;
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 43b964730..8ffaa8779 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -853,6 +853,14 @@ PSA key derivation: over capacity 42: output 43+1
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865ff":"ff"
 
+PSA key derivation: HKDF SHA-256, read maximum capacity minus 1
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32 - 1
+
+PSA key derivation: HKDF SHA-256, read maximum capacity
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32
+
 PSA key derivation: HKDF SHA-256, exercise HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN:PSA_ALG_HMAC(PSA_ALG_SHA_256)
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 1f1732e65..27bc4e1d5 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -2583,6 +2583,72 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void derive_full( int alg_arg,
+                  data_t *key_data,
+                  data_t *salt,
+                  data_t *label,
+                  int requested_capacity_arg )
+{
+    psa_key_slot_t slot = 1;
+    psa_algorithm_t alg = alg_arg;
+    size_t requested_capacity = requested_capacity_arg;
+    psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+    unsigned char output_buffer[16];
+    size_t expected_capacity = requested_capacity;
+    size_t current_capacity;
+    psa_key_policy_t policy;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, PSA_KEY_TYPE_DERIVE,
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
+
+    /* Extraction phase. */
+    TEST_ASSERT( psa_key_derivation( &generator, slot, alg,
+                                     salt->x, salt->len,
+                                     label->x, label->len,
+                                     requested_capacity ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_get_generator_capacity( &generator,
+                                             &current_capacity ) ==
+                 PSA_SUCCESS );
+    TEST_ASSERT( current_capacity == expected_capacity );
+
+    /* Expansion phase. */
+    while( current_capacity > 0 )
+    {
+        size_t read_size = sizeof( output_buffer );
+        if( read_size > current_capacity )
+            read_size = current_capacity;
+        TEST_ASSERT( psa_generator_read( &generator,
+                                         output_buffer,
+                                         read_size ) == PSA_SUCCESS );
+        expected_capacity -= read_size;
+        TEST_ASSERT( psa_get_generator_capacity( &generator,
+                                                 &current_capacity ) ==
+                     PSA_SUCCESS );
+        TEST_ASSERT( current_capacity == expected_capacity );
+    }
+
+    /* Check that the generator refuses to go over capacity. */
+    TEST_ASSERT( psa_generator_read( &generator,
+                                     output_buffer,
+                                     1 ) == PSA_ERROR_INSUFFICIENT_CAPACITY );
+
+    TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS );
+
+exit:
+    psa_generator_abort( &generator );
+    psa_destroy_key( slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void derive_key_exercise( int alg_arg,
                           data_t *key_data,

From 50a058c9f383d635ef9b1a00b7793a556cf5362c Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Mon, 25 Jun 2018 17:12:53 +0100
Subject: [PATCH 423/889] crypto/library: Add a Makefile

---
 crypto/library/Makefile | 76 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 76 insertions(+)
 create mode 100644 crypto/library/Makefile

diff --git a/crypto/library/Makefile b/crypto/library/Makefile
new file mode 100644
index 000000000..9151662a7
--- /dev/null
+++ b/crypto/library/Makefile
@@ -0,0 +1,76 @@
+CFLAGS ?= -O2 -I../include
+WARNING_CFLAGS ?= \
+	-Werror -Wall -Wextra \
+	-Wno-unused-function \
+	-Wno-overlength-strings \
+	-Wdeclaration-after-statement \
+# Don't delete this line.
+
+OBJS_CRYPTO := \
+	aes.o \
+	aesni.o \
+	arc4.o \
+	asn1parse.o \
+	asn1write.o \
+	base64.o \
+	bignum.o \
+	blowfish.o \
+	camellia.o \
+	ccm.o \
+	cipher.o \
+	cipher_wrap.o \
+	cmac.o \
+	ctr_drbg.o \
+	des.o \
+	ecdsa.o \
+	ecp.o \
+	ecp_curves.o \
+	entropy.o \
+	entropy_poll.o \
+	gcm.o \
+	hmac_drbg.o \
+	md.o \
+	md2.o \
+	md4.o \
+	md5.o \
+	md_wrap.o \
+	oid.o \
+	pem.o \
+	pk.o \
+	pk_wrap.o \
+	pkcs12.o \
+	pkcs5.o \
+	pkparse.o \
+	pkwrite.o \
+	platform.o \
+	platform_util.o \
+	psa_crypto.o \
+	ripemd160.o \
+	rsa_internal.o \
+	rsa.o \
+	sha1.o \
+	sha256.o \
+	sha512.o \
+	xtea.o \
+# Don't delete this line.
+
+.SILENT:
+
+.PHONY: all static clean
+
+all: static
+
+static: libmbedcrypto.a
+
+libmbedcrypto.a: $(OBJS_CRYPTO)
+	echo "  AR    $@"
+	$(AR) -rc $@ $(OBJS_CRYPTO)
+	echo "  RL    $@"
+	$(AR) -s $@
+
+.c.o:
+	echo "  CC    $<"
+	$(CC) $(CFLAGS) $(WARNING_CFLAGS) -c $<
+
+clean:
+	rm -f *.o libmbedcrypto.a

From 1efc5fe6c5a468f20ea340c4c0cd48343b33566a Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Fri, 6 Jul 2018 10:37:06 +0100
Subject: [PATCH 424/889] crypto/tests: Add a Makefile

---
 crypto/tests/Makefile | 73 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 73 insertions(+)
 create mode 100644 crypto/tests/Makefile

diff --git a/crypto/tests/Makefile b/crypto/tests/Makefile
new file mode 100644
index 000000000..3315a6eca
--- /dev/null
+++ b/crypto/tests/Makefile
@@ -0,0 +1,73 @@
+CFLAGS ?= -O2 -I../include
+WARNING_CFLAGS ?= \
+	-Werror -Wall -Wextra \
+	-Wno-unused-function \
+	-Wno-overlength-strings \
+	-Wdeclaration-after-statement \
+# Don't delete this line.
+
+LDFLAGS ?= -L../library -lmbedcrypto
+
+DEP := ../library/libmbedcrypto.a
+
+# Python executable
+PYTHON ?= python
+
+APPS := \
+	test_suite_psa_crypto \
+# Don't delete this line.
+
+# Look up for associated function files
+func.test_suite_psa_crypto := test_suite_psa_crypto
+
+.SILENT:
+
+.PHONY: all test clean
+
+all: $(APPS)
+
+$(DEP):
+	$(MAKE) -C ../library
+
+C_FILES := $(addsuffix .c,$(APPS))
+
+.SECONDEXPANSION:
+$(C_FILES): %.c: suites/$$(func.$$*).function suites/%.data scripts/generate_test_code.py suites/helpers.function suites/main_test.function suites/host_test.function
+	echo "  Gen   $@"
+	$(PYTHON) scripts/generate_test_code.py -f suites/$(func.$*).function \
+		-d suites/$*.data \
+		-t suites/main_test.function \
+		-p suites/host_test.function \
+		-s suites  \
+		--help-file suites/helpers.function \
+		-o .
+
+
+$(APPS): %: %.c $(DEP)
+	echo "  CC    $<"
+	$(CC) $(CFLAGS) $(WARNING_CFLAGS) $< $(LDFLAGS) -o $@
+
+clean:
+	rm -rf $(APPS) *.c *.data TESTS
+	rm -rf data_files/ctr_drbg_seed data_files/hmac_drbg_seed data_files/mpi_write
+
+test: $(APPS)
+	./test_suite_psa_crypto
+
+# Create separate targets for generating embedded tests.
+EMBEDDED_TESTS := $(addprefix embedded_,$(APPS))
+
+# Generate test code for target.
+
+.SECONDEXPANSION:
+$(EMBEDDED_TESTS): embedded_%: suites/$$(func.$$*).function suites/%.data scripts/generate_test_code.py suites/helpers.function suites/main_test.function suites/target_test.function
+	echo "  Gen  ./TESTS/mbedcrypto/$*/$*.c"
+	$(PYTHON) scripts/generate_test_code.py -f suites/$(func.$*).function \
+		-d suites/$*.data \
+		-t suites/main_test.function \
+		-p suites/target_test.function \
+		-s suites  \
+		--help-file suites/helpers.function \
+		-o ./TESTS/mbedcrypto/$*
+
+gen-embedded-test: $(EMBEDDED_TESTS)

From a3ff8a6ed59e9c8e803f5388a41a1bba18f77919 Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Tue, 10 Jul 2018 10:10:21 +0300
Subject: [PATCH 425/889] psa: programs: Add cipher example

Add `programs/psa/crypto_examples.c`. Update relevant Makefiles,
CMakeLists.txt, and .gitignore files.
---
 programs/.gitignore            | 1 +
 programs/CMakeLists.txt        | 1 +
 programs/Makefile              | 5 +++++
 programs/psa/CMakeLists.txt    | 7 +++++++
 programs/psa/crypto_examples.c | 4 ++++
 5 files changed, 18 insertions(+)
 create mode 100644 programs/psa/CMakeLists.txt
 create mode 100644 programs/psa/crypto_examples.c

diff --git a/programs/.gitignore b/programs/.gitignore
index d58253d49..453ae0d13 100644
--- a/programs/.gitignore
+++ b/programs/.gitignore
@@ -29,6 +29,7 @@ pkey/rsa_sign
 pkey/rsa_sign_pss
 pkey/rsa_verify
 pkey/rsa_verify_pss
+psa/crypto_examples
 psa/psa_constant_names
 psa/psa_constant_names_generated.c
 psa/key_ladder_demo
diff --git a/programs/CMakeLists.txt b/programs/CMakeLists.txt
index 4cdae7821..661b12071 100644
--- a/programs/CMakeLists.txt
+++ b/programs/CMakeLists.txt
@@ -1,6 +1,7 @@
 add_subdirectory(aes)
 add_subdirectory(hash)
 add_subdirectory(pkey)
+add_subdirectory(psa)
 add_subdirectory(random)
 add_subdirectory(ssl)
 add_subdirectory(test)
diff --git a/programs/Makefile b/programs/Makefile
index 9e1a5279e..b1534071c 100644
--- a/programs/Makefile
+++ b/programs/Makefile
@@ -60,6 +60,7 @@ APPS =	aes/aescrypt2$(EXEXT)		aes/crypt_and_hash$(EXEXT)	\
 	pkey/rsa_decrypt$(EXEXT)	pkey/rsa_encrypt$(EXEXT)	\
 	pkey/rsa_sign$(EXEXT)		pkey/rsa_verify$(EXEXT)		\
 	pkey/rsa_sign_pss$(EXEXT)	pkey/rsa_verify_pss$(EXEXT)	\
+	psa/crypto_examples$(EXEXT)					\
 	psa/key_ladder_demo$(EXEXT)	psa/psa_constant_names$(EXEXT)	\
 	ssl/dtls_client$(EXEXT)		ssl/dtls_server$(EXEXT)		\
 	ssl/ssl_client1$(EXEXT)		ssl/ssl_client2$(EXEXT)		\
@@ -308,6 +309,10 @@ x509/req_app$(EXEXT): x509/req_app.c $(DEP)
 	echo "  CC    x509/req_app.c"
 	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) x509/req_app.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
 
+psa/crypto_examples$(EXEXT): psa/crypto_examples.c $(DEP)
+	echo "  CC    psa/crypto_examples.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/crypto_examples.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
 clean:
 ifndef WINDOWS
 	rm -f $(APPS) $(EXTRA_GENERATED)
diff --git a/programs/psa/CMakeLists.txt b/programs/psa/CMakeLists.txt
new file mode 100644
index 000000000..a0fe803d7
--- /dev/null
+++ b/programs/psa/CMakeLists.txt
@@ -0,0 +1,7 @@
+add_executable(crypto_examples crypto_examples.c)
+target_link_libraries(crypto_examples mbedtls)
+
+install(TARGETS crypto_examples
+        DESTINATION "bin"
+        PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+
diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c
new file mode 100644
index 000000000..3a549ff86
--- /dev/null
+++ b/programs/psa/crypto_examples.c
@@ -0,0 +1,4 @@
+int main( void )
+{
+    return( 0 );
+}

From 5a6ade8ab664e65830e8e2fde2e7ca23e468c585 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Thu, 19 Jul 2018 13:39:30 +0100
Subject: [PATCH 426/889] crypto/programs: Add a Makefile

---
 crypto/programs/Makefile | 51 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 51 insertions(+)
 create mode 100644 crypto/programs/Makefile

diff --git a/crypto/programs/Makefile b/crypto/programs/Makefile
new file mode 100644
index 000000000..093b43dcf
--- /dev/null
+++ b/crypto/programs/Makefile
@@ -0,0 +1,51 @@
+CFLAGS ?= -O2 -I../include
+WARNING_CFLAGS ?= \
+	-Werror -Wall -Wextra \
+	-Wno-unused-function \
+	-Wno-overlength-strings \
+	-Wdeclaration-after-statement \
+# Don't delete this line.
+
+LDFLAGS ?= -L../library -lmbedcrypto
+
+DEP := ../library/libmbedcrypto.a
+
+APPS := \
+	psa/crypto_examples \
+	psa/key_ladder_demo \
+	psa/psa_constant_names \
+# Don't delete this line.
+
+EXTRA_GENERATED := \
+	psa/psa_constant_names_generated.c \
+# Don't delete this line.
+
+.SILENT:
+
+.PHONY: all clean list
+
+all: $(APPS)
+
+$(DEP):
+	$(MAKE) -C ../library
+
+psa/crypto_examples: psa/crypto_examples.c $(DEP)
+	echo "  CC    psa/crypto_examples.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/crypto_examples.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+psa/key_ladder_demo: psa/key_ladder_demo.c $(DEP)
+	echo "  CC    psa/key_ladder_demo.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/key_ladder_demo.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+psa/psa_constant_names_generated.c: ../scripts/generate_psa_constants.py ../include/psa/crypto.h
+	../scripts/generate_psa_constants.py
+
+psa/psa_constant_names: psa/psa_constant_names_generated.c psa/psa_constant_names.c $(DEP)
+	echo "  CC    psa/psa_constant_names.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/psa_constant_names.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+clean:
+	rm -f $(APPS) $(EXTRA_GENERATED)
+
+list:
+	echo $(APPS)

From 10366708d6a4c6c68ae6961ca0620919aaf71ea3 Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Wed, 11 Jul 2018 13:44:41 +0300
Subject: [PATCH 427/889] psa: programs: Add cipher AES CBC no padding

---
 programs/psa/crypto_examples.c | 210 +++++++++++++++++++++++++++++++++
 1 file changed, 210 insertions(+)

diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c
index 3a549ff86..18f93a299 100644
--- a/programs/psa/crypto_examples.c
+++ b/programs/psa/crypto_examples.c
@@ -1,4 +1,214 @@
+#include "psa/crypto.h"
+#include <string.h>
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_printf printf
+#endif
+
+#define ASSERT( predicate )                                                   \
+    do                                                                        \
+    {                                                                         \
+        if( ! ( predicate ) )                                                 \
+        {                                                                     \
+            mbedtls_printf( "\tassertion failed at %s:%d - '%s'\r\n",         \
+                            __FILE__, __LINE__, #predicate);                  \
+            goto exit;                                                        \
+        }                                                                     \
+    } while ( 0 )
+
+#define ASSERT_STATUS( actual, expected )                                     \
+    do                                                                        \
+    {                                                                         \
+        if( ( actual ) != ( expected ) )                                      \
+        {                                                                     \
+            mbedtls_printf( "\tassertion failed at %s:%d - "                  \
+                            "actual:%d expected:%d\r\n", __FILE__, __LINE__,  \
+                            (psa_status_t) actual, (psa_status_t) expected ); \
+            goto exit;                                                        \
+        }                                                                     \
+    } while ( 0 )
+
+/* Use key slot 1 for our cipher key. Key slot 0 is reserved as unused. */
+static const psa_key_slot_t key_slot_cipher = 1;
+
+static psa_status_t set_key_policy( psa_key_slot_t key_slot,
+                                    psa_key_usage_t key_usage,
+                                    psa_algorithm_t alg )
+{
+    psa_status_t status;
+    psa_key_policy_t policy;
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, key_usage, alg );
+    status = psa_set_key_policy( key_slot, &policy );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+exit:
+    return( status );
+}
+
+static psa_status_t cipher_operation( psa_cipher_operation_t *operation,
+                                      const uint8_t * input,
+                                      size_t input_size,
+                                      size_t part_size,
+                                      uint8_t * output,
+                                      size_t output_size,
+                                      size_t *output_len )
+{
+    psa_status_t status;
+    size_t bytes_to_write = 0, bytes_written = 0, len = 0;
+
+    *output_len = 0;
+    while( bytes_written != input_size )
+    {
+        bytes_to_write = ( input_size - bytes_written > part_size ?
+                           part_size :
+                           input_size - bytes_written );
+
+        status = psa_cipher_update( operation, input + bytes_written,
+                                    bytes_to_write, output + *output_len,
+                                    output_size - *output_len, &len );
+        ASSERT_STATUS( status, PSA_SUCCESS );
+
+        bytes_written += bytes_to_write;
+        *output_len += len;
+    }
+
+    status = psa_cipher_finish( operation, output + *output_len,
+                                output_size - *output_len, &len );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+    *output_len += len;
+
+exit:
+    return( status );
+}
+
+static psa_status_t cipher_encrypt( psa_key_slot_t key_slot,
+                                    psa_algorithm_t alg,
+                                    uint8_t * iv,
+                                    size_t iv_size,
+                                    const uint8_t * input,
+                                    size_t input_size,
+                                    size_t part_size,
+                                    uint8_t * output,
+                                    size_t output_size,
+                                    size_t *output_len )
+{
+    psa_status_t status;
+    psa_cipher_operation_t operation;
+    size_t iv_len = 0;
+
+    memset( &operation, 0, sizeof( operation ) );
+    status = psa_cipher_encrypt_setup( &operation, key_slot, alg );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = psa_cipher_generate_iv( &operation, iv, iv_size, &iv_len );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = cipher_operation( &operation, input, input_size, part_size,
+                               output, output_size, output_len );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+exit:
+    psa_cipher_abort( &operation );
+    return( status );
+}
+
+static psa_status_t cipher_decrypt( psa_key_slot_t key_slot,
+                                    psa_algorithm_t alg,
+                                    const uint8_t * iv,
+                                    size_t iv_size,
+                                    const uint8_t * input,
+                                    size_t input_size,
+                                    size_t part_size,
+                                    uint8_t * output,
+                                    size_t output_size,
+                                    size_t *output_len )
+{
+    psa_status_t status;
+    psa_cipher_operation_t operation;
+
+    memset( &operation, 0, sizeof( operation ) );
+    status = psa_cipher_decrypt_setup( &operation, key_slot, alg );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = psa_cipher_set_iv( &operation, iv, iv_size );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = cipher_operation( &operation, input, input_size, part_size,
+                               output, output_size, output_len );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+exit:
+    psa_cipher_abort( &operation );
+    return( status );
+}
+
+static psa_status_t
+cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void )
+{
+    enum {
+        block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( PSA_KEY_TYPE_AES ),
+        key_bits = 256,
+        part_size = block_size,
+    };
+    const psa_algorithm_t alg = PSA_ALG_CBC_BASE |
+                                PSA_ALG_BLOCK_CIPHER_PAD_NONE;
+
+    psa_status_t status;
+    size_t output_len = 0;
+    uint8_t iv[block_size];
+    uint8_t input[block_size];
+    uint8_t encrypt[block_size];
+    uint8_t decrypt[block_size];
+
+    status = psa_generate_random( input, sizeof( input ) );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = set_key_policy( key_slot_cipher,
+                             PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
+                             alg );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = psa_generate_key( key_slot_cipher, PSA_KEY_TYPE_AES, key_bits,
+                               NULL, 0 );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = cipher_encrypt( key_slot_cipher, alg, iv, sizeof( iv ),
+                             input, sizeof( input ), part_size,
+                             encrypt, sizeof( encrypt ), &output_len );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = cipher_decrypt( key_slot_cipher, alg, iv, sizeof( iv ),
+                             encrypt, output_len, part_size,
+                             decrypt, sizeof( decrypt ), &output_len );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = memcmp( input, decrypt, sizeof( input ) );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+exit:
+    psa_destroy_key( key_slot_cipher );
+    return( status );
+}
+
+static void cipher_examples( void )
+{
+    psa_status_t status;
+
+    mbedtls_printf( "cipher encrypt/decrypt AES CBC no padding:\r\n" );
+    status = cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( );
+    if( status == PSA_SUCCESS )
+        mbedtls_printf( "\tsuccess!\r\n" );
+}
+
 int main( void )
 {
+    ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    cipher_examples( );
+exit:
+    mbedtls_psa_crypto_free( );
     return( 0 );
 }

From 1ff639d37cf229c01acbf966eb21895b3bc26b07 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Mon, 25 Jun 2018 17:08:36 +0100
Subject: [PATCH 428/889] crypto: Add a Makefile

---
 crypto/Makefile | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 crypto/Makefile

diff --git a/crypto/Makefile b/crypto/Makefile
new file mode 100644
index 000000000..2230ed97c
--- /dev/null
+++ b/crypto/Makefile
@@ -0,0 +1,20 @@
+.PHONY: all lib programs tests clean test
+
+all: programs tests
+
+lib:
+	$(MAKE) -C library
+
+programs: lib
+	$(MAKE) -C programs
+
+tests: lib
+	$(MAKE) -C tests
+
+clean:
+	$(MAKE) -C library clean
+	$(MAKE) -C programs clean
+	$(MAKE) -C tests clean
+
+test: lib tests
+	$(MAKE) -C tests test

From a2d0804b334347cd7899bd90d16b6d1594066d8c Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Thu, 12 Jul 2018 10:27:58 +0300
Subject: [PATCH 429/889] psa: programs: Add cipher AES CBC PKCS7 multipart

---
 programs/psa/crypto_examples.c | 52 ++++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)

diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c
index 18f93a299..e2d2cf553 100644
--- a/programs/psa/crypto_examples.c
+++ b/programs/psa/crypto_examples.c
@@ -194,6 +194,53 @@ exit:
     return( status );
 }
 
+static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void )
+{
+    enum {
+        block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( PSA_KEY_TYPE_AES ),
+        key_bits = 256,
+        input_size = 100,
+        part_size = 10,
+    };
+
+    const psa_algorithm_t alg = PSA_ALG_CBC_BASE |
+                                PSA_ALG_BLOCK_CIPHER_PAD_PKCS7;
+
+    psa_status_t status;
+    size_t output_len = 0;
+    uint8_t iv[block_size], input[input_size],
+            encrypt[input_size + block_size], decrypt[input_size + block_size];
+
+    status = psa_generate_random( input, sizeof( input ) );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = set_key_policy( key_slot_cipher,
+                             PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
+                             alg );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = psa_generate_key( key_slot_cipher, PSA_KEY_TYPE_AES, key_bits,
+                               NULL, 0 );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = cipher_encrypt( key_slot_cipher, alg, iv, sizeof( iv ),
+                             input, sizeof( input ), part_size,
+                             encrypt, sizeof( encrypt ), &output_len );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = cipher_decrypt( key_slot_cipher, alg, iv, sizeof( iv ),
+                             encrypt, output_len, part_size,
+                             decrypt, sizeof( decrypt ), &output_len );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = memcmp( input, decrypt, sizeof( input ) );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+exit:
+    psa_destroy_key( key_slot_cipher );
+    return( status );
+}
+
 static void cipher_examples( void )
 {
     psa_status_t status;
@@ -202,6 +249,11 @@ static void cipher_examples( void )
     status = cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( );
     if( status == PSA_SUCCESS )
         mbedtls_printf( "\tsuccess!\r\n" );
+
+    mbedtls_printf( "cipher encrypt/decrypt AES CBC PKCS7 multipart:\r\n" );
+    status = cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( );
+    if( status == PSA_SUCCESS )
+        mbedtls_printf( "\tsuccess!\r\n" );
 }
 
 int main( void )

From 9fb0e011771b03c15466e6b0f86dcc62ac057048 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 19 Jul 2018 15:51:49 +0200
Subject: [PATCH 430/889] Fix nonstandard whitespace

---
 include/psa/crypto.h | 44 ++++++++++++++++++++++----------------------
 1 file changed, 22 insertions(+), 22 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 47241a68c..63be86b3e 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -2192,17 +2192,17 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
-psa_status_t psa_aead_encrypt( psa_key_slot_t key,
-                               psa_algorithm_t alg,
-                               const uint8_t *nonce,
-                               size_t nonce_length,
-                               const uint8_t *additional_data,
-                               size_t additional_data_length,
-                               const uint8_t *plaintext,
-                               size_t plaintext_length,
-                               uint8_t *ciphertext,
-                               size_t ciphertext_size,
-                               size_t *ciphertext_length );
+psa_status_t psa_aead_encrypt(psa_key_slot_t key,
+                              psa_algorithm_t alg,
+                              const uint8_t *nonce,
+                              size_t nonce_length,
+                              const uint8_t *additional_data,
+                              size_t additional_data_length,
+                              const uint8_t *plaintext,
+                              size_t plaintext_length,
+                              uint8_t *ciphertext,
+                              size_t ciphertext_size,
+                              size_t *ciphertext_length);
 
 /** Process an authenticated decryption operation.
  *
@@ -2245,17 +2245,17 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
-psa_status_t psa_aead_decrypt( psa_key_slot_t key,
-                               psa_algorithm_t alg,
-                               const uint8_t *nonce,
-                               size_t nonce_length,
-                               const uint8_t *additional_data,
-                               size_t additional_data_length,
-                               const uint8_t *ciphertext,
-                               size_t ciphertext_length,
-                               uint8_t *plaintext,
-                               size_t plaintext_size,
-                               size_t *plaintext_length );
+psa_status_t psa_aead_decrypt(psa_key_slot_t key,
+                              psa_algorithm_t alg,
+                              const uint8_t *nonce,
+                              size_t nonce_length,
+                              const uint8_t *additional_data,
+                              size_t additional_data_length,
+                              const uint8_t *ciphertext,
+                              size_t ciphertext_length,
+                              uint8_t *plaintext,
+                              size_t plaintext_size,
+                              size_t *plaintext_length);
 
 /**@}*/
 

From debb2c0d12ff29e947383dedfff5740c904e292d Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Mon, 25 Jun 2018 17:25:29 +0100
Subject: [PATCH 431/889] crypto: Add an Mbed Crypto exporter script

Create a tarball-based ditribution of the Mbed Crypto source code using the
code from Mbed TLS. Only export the files needed by Mbed Crypto to
implement the PSA Crypto API. Rename "mbedtls_*" and "MBEDTLS_*" symbols to
"mbedcrypto_*" and "MBEDCRYPTO_*".

The exported distribution can stand alone, without any Mbed TLS repository
needing to be present. "make test" will continue to work as before and will
run only the PSA Crypto test suite.
---
 scripts/mbed_crypto.make | 226 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 226 insertions(+)
 create mode 100644 scripts/mbed_crypto.make

diff --git a/scripts/mbed_crypto.make b/scripts/mbed_crypto.make
new file mode 100644
index 000000000..391c914f4
--- /dev/null
+++ b/scripts/mbed_crypto.make
@@ -0,0 +1,226 @@
+###########################################################################
+#
+#  Copyright (c) 2018, ARM Limited, All Rights Reserved
+#  SPDX-License-Identifier: Apache-2.0
+#
+#  Licensed under the Apache License, Version 2.0 (the "License"); you may
+#  not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#  http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+###########################################################################
+
+#
+# Use this file to export an Mbed Crypto release tarball as follows, from the
+# top level of the mbedtls repo:
+#
+#   1) make -f scripts/mbed_crypto.make
+#
+
+.PHONY: all clean FORCE
+
+all: mbedcrypto.tar.gz
+
+#
+# Crypto-necessary library files
+#
+LIB_FILES := \
+	aes.c \
+	aesni.c \
+	arc4.c \
+	asn1parse.c \
+	asn1write.c \
+	base64.c \
+	bignum.c \
+	blowfish.c \
+	camellia.c \
+	ccm.c \
+	cipher.c \
+	cipher_wrap.c \
+	cmac.c \
+	ctr_drbg.c \
+	des.c \
+	ecdsa.c \
+	ecp.c \
+	ecp_curves.c \
+	entropy.c \
+	entropy_poll.c \
+	gcm.c \
+	hmac_drbg.c \
+	md.c \
+	md2.c \
+	md4.c \
+	md5.c \
+	md_wrap.c \
+	oid.c \
+	pem.c \
+	pk.c \
+	pk_wrap.c \
+	pkcs12.c \
+	pkcs5.c \
+	pkparse.c \
+	pkwrite.c \
+	platform.c \
+	platform_util.c \
+	psa_crypto.c \
+	ripemd160.c \
+	rsa_internal.c \
+	rsa.c \
+	sha1.c \
+	sha256.c \
+	sha512.c \
+	xtea.c \
+# Don't delete this line.
+
+#
+# Crypto-necessary include files
+#
+INC_FILES := \
+	mbedcrypto/aes.h \
+	mbedcrypto/aesni.h \
+	mbedcrypto/arc4.h \
+	mbedcrypto/asn1.h \
+	mbedcrypto/asn1write.h \
+	mbedcrypto/base64.h \
+	mbedcrypto/bignum.h \
+	mbedcrypto/blowfish.h \
+	mbedcrypto/bn_mul.h \
+	mbedcrypto/camellia.h \
+	mbedcrypto/ccm.h \
+	mbedcrypto/certs.h \
+	mbedcrypto/check_config.h \
+	mbedcrypto/cipher.h \
+	mbedcrypto/cipher_internal.h \
+	mbedcrypto/cmac.h \
+	mbedcrypto/config.h \
+	mbedcrypto/ctr_drbg.h \
+	mbedcrypto/des.h \
+	mbedcrypto/ecdsa.h \
+	mbedcrypto/ecp.h \
+	mbedcrypto/ecp_internal.h \
+	mbedcrypto/entropy.h \
+	mbedcrypto/entropy_poll.h \
+	mbedcrypto/error.h \
+	mbedcrypto/gcm.h \
+	mbedcrypto/hmac_drbg.h \
+	mbedcrypto/md.h \
+	mbedcrypto/md2.h \
+	mbedcrypto/md4.h \
+	mbedcrypto/md5.h \
+	mbedcrypto/md_internal.h \
+	mbedcrypto/oid.h \
+	mbedcrypto/pem.h \
+	mbedcrypto/pk.h \
+	mbedcrypto/pk_internal.h \
+	mbedcrypto/pkcs11.h \
+	mbedcrypto/pkcs12.h \
+	mbedcrypto/pkcs5.h \
+	mbedcrypto/platform.h \
+	mbedcrypto/platform_util.h \
+	mbedcrypto/ripemd160.h \
+	mbedcrypto/rsa.h \
+	mbedcrypto/rsa_internal.h \
+	mbedcrypto/sha1.h \
+	mbedcrypto/sha256.h \
+	mbedcrypto/sha512.h \
+	mbedcrypto/threading.h \
+	mbedcrypto/xtea.h \
+	psa/crypto.h \
+	psa/crypto_extra.h \
+	psa/crypto_platform.h \
+	psa/crypto_sizes.h \
+	psa/crypto_struct.h \
+# Don't delete this line.
+
+TEST_FILES := \
+	tests/scripts/generate_test_code.py \
+	tests/scripts/mbedtls_test.py \
+	tests/scripts/test_generate_test_code.py \
+	tests/scripts/run-test-suites.pl \
+	tests/suites/helpers.function \
+	tests/suites/host_test.function \
+	tests/suites/main_test.function \
+	tests/suites/target_test.function \
+	tests/suites/test_suite_psa_crypto.data \
+	tests/suites/test_suite_psa_crypto.function \
+# Don't delete this line.
+
+OTHER_FILES := \
+	LICENSE \
+	VERSION.txt \
+	programs/psa/crypto_examples.c \
+	programs/psa/key_ladder_demo.c \
+	programs/psa/psa_constant_names.c \
+	scripts/config.pl \
+	scripts/generate_psa_constants.py \
+# Don't delete this line.
+
+# Prepend destination directory
+LIB_FILES := $(addprefix crypto/library/,$(LIB_FILES))
+INC_FILES := $(addprefix crypto/include/,$(INC_FILES))
+TEST_FILES := $(addprefix crypto/,$(TEST_FILES))
+OTHER_FILES := $(addprefix crypto/,$(OTHER_FILES))
+
+define rename_mbedcrypto
+	@sed -i -e 's/Mbed TLS/Mbed Crypto/g' $(1)
+	@sed -i -e 's/mbed TLS/Mbed Crypto/g' $(1)
+	@sed -i -e 's/MBEDTLS_/MBEDCRYPTO_/g' $(1)
+	@sed -i -e 's/mbedtls/mbedcrypto/g' $(1)
+	@sed -i -e 's/MbedTls/MbedCrypto/g' $(1)
+	@sed -i -e 's/include\/mbedtls/include\/mbedcrypto/g' $(1)
+endef
+
+crypto/include/mbedcrypto/config.h: configs/config-psa-crypto.h
+	@echo $@
+	@mkdir -p $(dir $@)
+	@cp $< $@
+	@#Rename the file in the comments
+	@sed -i -e 's/config-psa-crypto.h/config.h/g' $@
+	$(call rename_mbedcrypto,$@)
+
+crypto/tests/data_files/%: tests/data_files/%
+	@echo $@
+	@mkdir -p $(dir $@)
+	@cp $< $@
+	@#Don't rename things inside data files
+
+crypto/include/mbedcrypto/%.h: include/mbedtls/%.h
+	@echo $@
+	@mkdir -p $(dir $@)
+	@cp $< $@
+	$(call rename_mbedcrypto,$@)
+
+crypto/LICENSE: apache-2.0.txt
+	@echo $@
+	@mkdir -p $(dir $@)
+	@cp $< $@
+	@#Don't rename anything in the license
+
+crypto/%: %
+	@echo $@
+	@mkdir -p $(dir $@)
+	@cp $< $@
+	$(call rename_mbedcrypto,$@)
+
+crypto/VERSION.txt: FORCE
+	@git describe --tags --abbrev=12 --dirty > $@
+
+mbedcrypto.tar.gz: $(LIB_FILES) $(INC_FILES) $(TEST_FILES) $(OTHER_FILES)
+	@echo $@
+	@tar czf mbedcrypto.tar.gz crypto
+
+clean:
+	@echo clean
+	@rm -rf mbedcrypto.tar.gz \
+		$(LIB_FILES) $(INC_FILES) $(TEST_FILES) $(OTHER_FILES)
+
+FORCE:
+
+# vi: ft=make

From 44b09d2a67a4c33eb39d4eb4ebbe3e9877a7c22d Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Thu, 12 Jul 2018 13:06:41 +0300
Subject: [PATCH 432/889] psa: programs: Add cipher AES CTR multipart

---
 programs/psa/crypto_examples.c | 50 ++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)

diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c
index e2d2cf553..a7c36fa04 100644
--- a/programs/psa/crypto_examples.c
+++ b/programs/psa/crypto_examples.c
@@ -241,6 +241,51 @@ exit:
     return( status );
 }
 
+static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void )
+{
+    enum {
+        block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( PSA_KEY_TYPE_AES ),
+        key_bits = 256,
+        input_size = 100,
+        part_size = 10,
+    };
+    const psa_algorithm_t alg = PSA_ALG_CTR;
+
+    psa_status_t status;
+    size_t output_len = 0;
+    uint8_t iv[block_size], input[input_size], encrypt[input_size],
+            decrypt[input_size];
+
+    status = psa_generate_random( input, sizeof( input ) );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = set_key_policy( key_slot_cipher,
+                             PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
+                             alg );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = psa_generate_key( key_slot_cipher, PSA_KEY_TYPE_AES, key_bits,
+                               NULL, 0 );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = cipher_encrypt( key_slot_cipher, alg, iv, sizeof( iv ),
+                             input, sizeof( input ), part_size,
+                             encrypt, sizeof( encrypt ), &output_len );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = cipher_decrypt( key_slot_cipher, alg, iv, sizeof( iv ),
+                             encrypt, output_len, part_size,
+                             decrypt, sizeof( decrypt ), &output_len );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = memcmp( input, decrypt, sizeof( input ) );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+exit:
+    psa_destroy_key( key_slot_cipher );
+    return( status );
+}
+
 static void cipher_examples( void )
 {
     psa_status_t status;
@@ -254,6 +299,11 @@ static void cipher_examples( void )
     status = cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( );
     if( status == PSA_SUCCESS )
         mbedtls_printf( "\tsuccess!\r\n" );
+
+    mbedtls_printf( "cipher encrypt/decrypt AES CTR multipart:\r\n" );
+    status = cipher_example_encrypt_decrypt_aes_ctr_multi( );
+    if( status == PSA_SUCCESS )
+        mbedtls_printf( "\tsuccess!\r\n" );
 }
 
 int main( void )

From 08542d80376b46999dbaada5dde810733b9ea547 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 19 Jul 2018 17:05:42 +0200
Subject: [PATCH 433/889] Fix psa_generator_import_key for DES

In psa_generator_import_key, if generating a DES or 3DES key, set the
parity bits.

Add tests for deriving a DES key. Also test deriving an AES key while
I'm at it.
---
 library/psa_crypto.c                    | 25 ++++++++++++++++++-------
 tests/suites/test_suite_psa_crypto.data | 20 ++++++++++++++++++++
 2 files changed, 38 insertions(+), 7 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ef99403e3..a532bd358 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3142,6 +3142,18 @@ exit:
     return( status );
 }
 
+#if defined(MBEDTLS_DES_C)
+static void psa_des_set_key_parity( uint8_t *data, size_t data_size )
+{
+    if( data_size >= 8 )
+        mbedtls_des_key_set_parity( data );
+    if( data_size >= 16 )
+        mbedtls_des_key_set_parity( data + 8 );
+    if( data_size >= 24 )
+        mbedtls_des_key_set_parity( data + 16 );
+}
+#endif /* MBEDTLS_DES_C */
+
 psa_status_t psa_generator_import_key( psa_key_slot_t key,
                                        psa_key_type_t type,
                                        size_t bits,
@@ -3162,6 +3174,10 @@ psa_status_t psa_generator_import_key( psa_key_slot_t key,
     status = psa_generator_read( generator, data, bytes );
     if( status != PSA_SUCCESS )
         goto exit;
+#if defined(MBEDTLS_DES_C)
+    if( type == PSA_KEY_TYPE_DES )
+        psa_des_set_key_parity( data, bytes );
+#endif /* MBEDTLS_DES_C */
     status = psa_import_key( key, type, data, bytes );
 
 exit:
@@ -3312,13 +3328,8 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
         }
 #if defined(MBEDTLS_DES_C)
         if( type == PSA_KEY_TYPE_DES )
-        {
-            mbedtls_des_key_set_parity( slot->data.raw.data );
-            if( slot->data.raw.bytes >= 16 )
-                mbedtls_des_key_set_parity( slot->data.raw.data + 8 );
-            if( slot->data.raw.bytes == 24 )
-                mbedtls_des_key_set_parity( slot->data.raw.data + 16 );
-        }
+            psa_des_set_key_parity( slot->data.raw.data,
+                                    slot->data.raw.bytes );
 #endif /* MBEDTLS_DES_C */
     }
     else
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 8ffaa8779..4904dff21 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -861,6 +861,26 @@ PSA key derivation: HKDF SHA-256, read maximum capacity
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_full:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32
 
+PSA key derivation: HKDF SHA-256, exercise AES128-CTR
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
+
+PSA key derivation: HKDF SHA-256, exercise AES256-CTR
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CTR
+
+PSA key derivation: HKDF SHA-256, exercise DES-CBC
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7
+
+PSA key derivation: HKDF SHA-256, exercise 2-key 3DES-CBC
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7
+
+PSA key derivation: HKDF SHA-256, exercise 3-key 3DES-CBC
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7
+
 PSA key derivation: HKDF SHA-256, exercise HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_SIGN:PSA_ALG_HMAC(PSA_ALG_SHA_256)

From 80e317af15575e2106b6abe72461033649cda83e Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Wed, 11 Jul 2018 15:45:23 +0100
Subject: [PATCH 434/889] all.sh: Test the Mbed Crypto exporter

Ensure that the exporter creates a "crypto" folder where "make test"
runs and passes. Ensure that cleanup also runs without error.
---
 scripts/mbed_crypto.make | 1 +
 tests/scripts/all.sh     | 8 ++++++++
 2 files changed, 9 insertions(+)

diff --git a/scripts/mbed_crypto.make b/scripts/mbed_crypto.make
index 391c914f4..f06bdfba2 100644
--- a/scripts/mbed_crypto.make
+++ b/scripts/mbed_crypto.make
@@ -157,6 +157,7 @@ OTHER_FILES := \
 	VERSION.txt \
 	programs/psa/crypto_examples.c \
 	programs/psa/key_ladder_demo.c \
+	programs/psa/key_ladder_demo.sh \
 	programs/psa/psa_constant_names.c \
 	scripts/config.pl \
 	scripts/generate_psa_constants.py \
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 1faa5d561..996204662 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -456,6 +456,14 @@ msg "test: doxygen warnings" # ~ 3s
 cleanup
 tests/scripts/doxygen.sh
 
+msg "test: Mbed Crypto exporter " # ~ 30s
+cleanup
+make -f scripts/mbed_crypto.make
+cd crypto
+make test
+make clean
+cd ..
+make -f scripts/mbed_crypto.make clean
 
 
 ################################################################

From 18ac331e1517897a66cbb39be0d38cfcee55e07e Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Tue, 17 Jul 2018 09:28:11 +0300
Subject: [PATCH 435/889] psa: programs: Add cipher example fallback main

When dependencies are missing, print an error message from the example
about missing dependencies at run-time.
---
 programs/psa/crypto_examples.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c
index a7c36fa04..e8b64f19a 100644
--- a/programs/psa/crypto_examples.c
+++ b/programs/psa/crypto_examples.c
@@ -31,6 +31,19 @@
         }                                                                     \
     } while ( 0 )
 
+#if !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_AES_C) || \
+    !defined(MBEDTLS_CIPHER_MODE_CBC) || !defined(MBEDTLS_CIPHER_MODE_CTR) || \
+    !defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
+int main( void )
+{
+    mbedtls_printf( "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_AES_C and/or "
+                    "MBEDTLS_CIPHER_MODE_CBC and/or MBEDTLS_CIPHER_MODE_CTR "
+                    "and/or MBEDTLS_CIPHER_MODE_WITH_PADDING "
+                    "not defined.\r\n" );
+    return( 0 );
+}
+#else
+
 /* Use key slot 1 for our cipher key. Key slot 0 is reserved as unused. */
 static const psa_key_slot_t key_slot_cipher = 1;
 
@@ -314,3 +327,5 @@ exit:
     mbedtls_psa_crypto_free( );
     return( 0 );
 }
+#endif /* MBEDTLS_PSA_CRYPTO_C && MBEDTLS_AES_C && MBEDTLS_CIPHER_MODE_CBC &&
+          MBEDTLS_CIPHER_MODE_CTR && MBEDTLS_CIPHER_MODE_WITH_PADDING */

From f0fa436b65813c0c3d02ce55ef5d9238931b9058 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 16 Jul 2018 17:08:43 +0200
Subject: [PATCH 436/889] New sample program key_ladder_demo

Demo of a key derivation ladder.

Sample run in key_ladder_demo.sh.
---
 programs/.gitignore             |   1 +
 programs/Makefile               |   6 +-
 programs/psa/key_ladder_demo.c  | 682 ++++++++++++++++++++++++++++++++
 programs/psa/key_ladder_demo.sh |  49 +++
 4 files changed, 737 insertions(+), 1 deletion(-)
 create mode 100644 programs/psa/key_ladder_demo.c
 create mode 100755 programs/psa/key_ladder_demo.sh

diff --git a/programs/.gitignore b/programs/.gitignore
index 327dbdc17..d58253d49 100644
--- a/programs/.gitignore
+++ b/programs/.gitignore
@@ -31,6 +31,7 @@ pkey/rsa_verify
 pkey/rsa_verify_pss
 psa/psa_constant_names
 psa/psa_constant_names_generated.c
+psa/key_ladder_demo
 random/gen_entropy
 random/gen_random_ctr_drbg
 random/gen_random_havege
diff --git a/programs/Makefile b/programs/Makefile
index c65a10c43..9e1a5279e 100644
--- a/programs/Makefile
+++ b/programs/Makefile
@@ -60,7 +60,7 @@ APPS =	aes/aescrypt2$(EXEXT)		aes/crypt_and_hash$(EXEXT)	\
 	pkey/rsa_decrypt$(EXEXT)	pkey/rsa_encrypt$(EXEXT)	\
 	pkey/rsa_sign$(EXEXT)		pkey/rsa_verify$(EXEXT)		\
 	pkey/rsa_sign_pss$(EXEXT)	pkey/rsa_verify_pss$(EXEXT)	\
-	psa/psa_constant_names$(EXEXT)	\
+	psa/key_ladder_demo$(EXEXT)	psa/psa_constant_names$(EXEXT)	\
 	ssl/dtls_client$(EXEXT)		ssl/dtls_server$(EXEXT)		\
 	ssl/ssl_client1$(EXEXT)		ssl/ssl_client2$(EXEXT)		\
 	ssl/ssl_server$(EXEXT)		ssl/ssl_server2$(EXEXT)		\
@@ -196,6 +196,10 @@ pkey/rsa_encrypt$(EXEXT): pkey/rsa_encrypt.c $(DEP)
 	echo "  CC    pkey/rsa_encrypt.c"
 	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) pkey/rsa_encrypt.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
 
+psa/key_ladder_demo$(EXEXT): psa/key_ladder_demo.c $(DEP)
+	echo "  CC    psa/key_ladder_demo.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/key_ladder_demo.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
 psa/psa_constant_names$(EXEXT): psa/psa_constant_names.c $(DEP)
 	echo "  CC    psa/psa_constant_names.c"
 	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/psa_constant_names.c    $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c
new file mode 100644
index 000000000..2c75ca462
--- /dev/null
+++ b/programs/psa/key_ladder_demo.c
@@ -0,0 +1,682 @@
+/**
+ * PSA API key derivation demonstration
+ *
+ * This program calculates a key ladder: a chain of secret material, each
+ * derived from the previous one in a deterministic way based on a label.
+ * Two keys are identical if and only if they are derived from the same key
+ * using the same label.
+ *
+ * The initial key is called the master key. The master key is normally
+ * randomly generated, but it could itself be derived from another key.
+ *
+ * This program derives a series of keys called intermediate keys.
+ * The first intermediate key is derived from the master key using the
+ * first label passed on the command line. Each subsequent intermediate
+ * key is derived from the previous one using the next label passed
+ * on the command line.
+ *
+ * This program has four modes of operation:
+ *
+ * - "generate": generate a random master key.
+ * - "wrap": derive a wrapping key from the last intermediate key,
+ *           and use that key to encrypt-and-authenticate some data.
+ * - "unwrap": derive a wrapping key from the last intermediate key,
+ *             and use that key to decrypt-and-authenticate some
+ *             ciphertext created by wrap mode.
+ * - "save": save the last intermediate key so that it can be reused as
+ *           the master key in another run of the program.
+ *
+ * See the usage() output for the command line usage. See the file
+ * `key_ladder_demo.sh` for an example run.
+ */
+
+/*  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+/* First include Mbed TLS headers to get the Mbed TLS configuration and
+ * platform definitions that we'll use in this program. Also include
+ * standard C headers for functions we'll use here. */
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
+#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
+#define mbedtls_calloc       calloc
+#define mbedtls_free         free
+#define mbedtls_printf       printf
+#endif
+#include <stdio.h>
+#include <string.h>
+
+#include "mbedtls/platform_util.h" // for mbedtls_platform_zeroize
+
+/* If the build options we need are not enabled, compile a placeholder. */
+#if !defined(MBEDTLS_SHA256_C) || !defined(MBEDTLS_MD_C) ||     \
+    !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CCM_C) ||       \
+    !defined(MBEDTLS_PSA_CRYPTO_C) || !defined(MBEDTLS_FS_IO)
+int main( void )
+{
+    mbedtls_printf("MBEDTLS_SHA256_C and/or MBEDTLS_MD_C and/or "
+                   "MBEDTLS_AES_C and/or MBEDTLS_CCM_C and/or "
+                   "MBEDTLS_PSA_CRYPTO_C and/or MBEDTLS_FS_IO not defined.\n");
+    return( 0 );
+}
+#else
+
+/* The real program starts here. */
+
+
+
+#include <psa/crypto.h>
+
+/* Run a system function and bail out if it fails. */
+#define SYS_CHECK( expr )                                       \
+    do                                                          \
+    {                                                           \
+        if( ! ( expr ) )                                        \
+        {                                                       \
+            perror( #expr );                                    \
+            status = DEMO_ERROR;                                \
+            goto exit;                                          \
+        }                                                       \
+    }                                                           \
+    while( 0 )
+
+/* Run a PSA function and bail out if it fails. */
+#define PSA_CHECK( expr )                                       \
+    do                                                          \
+    {                                                           \
+        status = ( expr );                                      \
+        if( status != PSA_SUCCESS )                             \
+        {                                                       \
+            mbedtls_printf( "Error %d at line %u: %s\n",        \
+                            (int) status,                       \
+                            __LINE__,                           \
+                            #expr );                            \
+            goto exit;                                          \
+        }                                                       \
+    }                                                           \
+    while( 0 )
+
+/* To report operational errors in this program, use an error code that is
+ * different from every PSA error code. */
+#define DEMO_ERROR 120
+
+/* The maximum supported key ladder depth. */
+#define MAX_LADDER_DEPTH 10
+
+/* Salt to use when deriving an intermediate key. */
+#define DERIVE_KEY_SALT ( (uint8_t *) "key_ladder_demo.derive" )
+#define DERIVE_KEY_SALT_LENGTH ( strlen( (const char*) DERIVE_KEY_SALT ) )
+
+/* Salt to use when deriving a wrapping key. */
+#define WRAPPING_KEY_SALT ( (uint8_t *) "key_ladder_demo.wrap" )
+#define WRAPPING_KEY_SALT_LENGTH ( strlen( (const char*) WRAPPING_KEY_SALT ) )
+
+/* Size of the key derivation keys (applies both to the master key and
+ * to intermediate keys). */
+#define KEY_SIZE_BYTES 40
+
+/* Algorithm for key derivation. */
+#define KDF_ALG PSA_ALG_HKDF( PSA_ALG_SHA_256 )
+
+/* Type and size of the key used to wrap data. */
+#define WRAPPING_KEY_TYPE PSA_KEY_TYPE_AES
+#define WRAPPING_KEY_BITS 128
+
+/* Cipher mode used to wrap data. */
+#define WRAPPING_ALG PSA_ALG_CCM
+
+/* Nonce size used to wrap data. */
+#define WRAPPING_IV_SIZE 13
+
+/* Header used in files containing wrapped data. We'll save this header
+ * directly without worrying about data representation issues such as
+ * integer sizes and endianness, because the data is meant to be read
+ * back by the same program on the same machine. */
+#define WRAPPED_DATA_MAGIC "key_ladder_demo" // including trailing null byte
+#define WRAPPED_DATA_MAGIC_LENGTH ( sizeof( WRAPPED_DATA_MAGIC ) )
+typedef struct
+{
+    char magic[WRAPPED_DATA_MAGIC_LENGTH];
+    size_t ad_size; /* Size of the additional data, which is this header. */
+    size_t payload_size; /* Size of the encrypted data. */
+    /* Store the IV inside the additional data. It's convenient. */
+    uint8_t iv[WRAPPING_IV_SIZE];
+} wrapped_data_header_t;
+
+/* This program uses three key slots: one for the master key, one to
+ * derive intermediate keys, and one for the wrapping key. We use a
+ * single slot for all the intermediate keys because they are only
+ * needed successively, so each time we derive an intermediate key,
+ * we destroy the previous one. */
+static const psa_key_slot_t master_key_slot = 1;
+static const psa_key_slot_t derived_key_slot = 2;
+static const psa_key_slot_t wrapping_key_slot = 3;
+
+/* The modes that this program can operate in (see usage). */
+enum program_mode
+{
+    MODE_GENERATE,
+    MODE_SAVE,
+    MODE_UNWRAP,
+    MODE_WRAP
+};
+
+/* Save a key to a file. In the real world, you may want to export a derived
+ * key sometimes, to share it with another party. */
+static psa_status_t save_key( psa_key_slot_t key_slot,
+                              const char *output_file_name )
+{
+    psa_status_t status = PSA_SUCCESS;
+    uint8_t key_data[KEY_SIZE_BYTES];
+    size_t key_size;
+    FILE *key_file = NULL;
+
+    PSA_CHECK( psa_export_key( key_slot,
+                               key_data, sizeof( key_data ),
+                               &key_size ) );
+    SYS_CHECK( ( key_file = fopen( output_file_name, "wb" ) ) != NULL );
+    SYS_CHECK( fwrite( key_data, 1, key_size, key_file ) == key_size );
+    SYS_CHECK( fclose( key_file ) == 0 );
+    key_file = NULL;
+
+exit:
+    if( key_file != NULL)
+        fclose( key_file );
+    return( status );
+}
+
+/* Generate a master key for use in this demo.
+ *
+ * Normally a master key would be non-exportable. For the purpose of this
+ * demo, we want to save it to a file, to avoid relying on the keystore
+ * capability of the PSA crypto library. */
+static psa_status_t generate( const char *key_file_name )
+{
+    psa_status_t status = PSA_SUCCESS;
+    psa_key_policy_t policy;
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy,
+                              PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT,
+                              KDF_ALG );
+    PSA_CHECK( psa_set_key_policy( master_key_slot, &policy ) );
+
+    PSA_CHECK( psa_generate_key( master_key_slot,
+                                 PSA_KEY_TYPE_DERIVE,
+                                 PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ),
+                                 NULL, 0 ) );
+
+    PSA_CHECK( save_key( master_key_slot, key_file_name ) );
+
+exit:
+    return( status );
+}
+
+/* Load the master key from a file.
+ *
+ * In the real world, this master key would be stored in an internal memory
+ * and the storage would be managed by the keystore capability of the PSA
+ * crypto library. */
+static psa_status_t import_key_from_file( psa_key_slot_t key_slot,
+                                          psa_key_usage_t usage,
+                                          psa_algorithm_t alg,
+                                          const char *key_file_name )
+{
+    psa_status_t status = PSA_SUCCESS;
+    psa_key_policy_t policy;
+    uint8_t key_data[KEY_SIZE_BYTES];
+    size_t key_size;
+    FILE *key_file = NULL;
+    unsigned char extra_byte;
+
+    SYS_CHECK( ( key_file = fopen( key_file_name, "rb" ) ) != NULL );
+    SYS_CHECK( ( key_size = fread( key_data, 1, sizeof( key_data ),
+                                   key_file ) ) != 0 );
+    if( fread( &extra_byte, 1, 1, key_file ) != 0 )
+    {
+        mbedtls_printf( "Key file too large (max: %u).\n",
+                        (unsigned) sizeof( key_data ) );
+        status = DEMO_ERROR;
+        goto exit;
+    }
+    SYS_CHECK( fclose( key_file ) == 0 );
+    key_file = NULL;
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, usage, alg );
+    PSA_CHECK( psa_set_key_policy( key_slot, &policy ) );
+    PSA_CHECK( psa_import_key( key_slot,
+                               PSA_KEY_TYPE_DERIVE,
+                               key_data, key_size ) );
+exit:
+    if( key_file != NULL )
+        fclose( key_file );
+    mbedtls_platform_zeroize( key_data, sizeof( key_data ) );
+    return( status );
+}
+
+/* Derive the intermediate keys, using the list of labels provided on
+ * the command line. */
+static psa_status_t derive_key_ladder( const char *ladder[],
+                                       size_t ladder_depth )
+{
+    psa_status_t status = PSA_SUCCESS;
+    psa_key_policy_t policy;
+    psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+    /* We'll derive the first intermediate key from the master key, then
+     * each subsequent intemediate key from the previous intemediate key. */
+    psa_key_slot_t parent_key_slot = master_key_slot;
+    size_t i;
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy,
+                              PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT,
+                              KDF_ALG );
+
+    /* For each label in turn, ... */
+    for( i = 0; i < ladder_depth; i++ )
+    {
+        /* Start deriving material from the master key (if i=0) or from
+         * the current intermediate key (if i>0). */
+        PSA_CHECK( psa_key_derivation(
+                       &generator,
+                       parent_key_slot,
+                       KDF_ALG,
+                       DERIVE_KEY_SALT, DERIVE_KEY_SALT_LENGTH,
+                       (uint8_t*) ladder[i], strlen( ladder[i] ),
+                       KEY_SIZE_BYTES ) );
+        /* When the parent key is not the master key, destroy it,
+         * since it is no longer needed. */
+        if( i != 0 )
+            PSA_CHECK( psa_destroy_key( derived_key_slot ) );
+        PSA_CHECK( psa_set_key_policy( derived_key_slot, &policy ) );
+        /* Use the generator obtained from the parent key to create
+         * the next intermediate key. */
+        PSA_CHECK( psa_generator_import_key(
+                       derived_key_slot,
+                       PSA_KEY_TYPE_DERIVE,
+                       PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ),
+                       &generator ) );
+        PSA_CHECK( psa_generator_abort( &generator ) );
+        parent_key_slot = derived_key_slot;
+    }
+
+exit:
+    psa_generator_abort( &generator );
+    return( status );
+}
+
+/* Derive a wrapping key from the last intermediate key. */
+static psa_status_t derive_wrapping_key( psa_key_usage_t usage )
+{
+    psa_status_t status = PSA_SUCCESS;
+    psa_key_policy_t policy;
+    psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, usage, WRAPPING_ALG );
+    PSA_CHECK( psa_set_key_policy( wrapping_key_slot, &policy ) );
+
+    PSA_CHECK( psa_key_derivation(
+                   &generator,
+                   derived_key_slot,
+                   KDF_ALG,
+                   WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH,
+                   NULL, 0,
+                   PSA_BITS_TO_BYTES( WRAPPING_KEY_BITS ) ) );
+    PSA_CHECK( psa_generator_import_key(
+                   wrapping_key_slot,
+                   PSA_KEY_TYPE_AES,
+                   WRAPPING_KEY_BITS,
+                   &generator ) );
+
+exit:
+    psa_generator_abort( &generator );
+    return( status );
+}
+
+static psa_status_t wrap_data( const char *input_file_name,
+                               const char *output_file_name )
+{
+    psa_status_t status;
+    FILE *input_file = NULL;
+    FILE *output_file = NULL;
+    long input_position;
+    size_t input_size;
+    size_t buffer_size;
+    unsigned char *buffer = NULL;
+    size_t ciphertext_size;
+    wrapped_data_header_t header;
+
+    /* Find the size of the data to wrap. */
+    SYS_CHECK( ( input_file = fopen( input_file_name, "rb" ) ) != NULL );
+    SYS_CHECK( fseek( input_file, 0, SEEK_END ) == 0 );
+    SYS_CHECK( ( input_position = ftell( input_file ) ) != -1 );
+#if LONG_MAX > SIZE_MAX
+    if( input_position > SIZE_MAX )
+    {
+        mbedtls_printf( "Input file too large.\n" );
+        status = DEMO_ERROR;
+        goto exit;
+    }
+#endif
+    input_size = input_position;
+    buffer_size = PSA_AEAD_ENCRYPT_OUTPUT_SIZE( WRAPPING_ALG, input_size );
+    /* Check for integer overflow. */
+    if( buffer_size < input_size )
+    {
+        mbedtls_printf( "Input file too large.\n" );
+        status = DEMO_ERROR;
+        goto exit;
+    }
+
+    /* Load the data to wrap. */
+    SYS_CHECK( fseek( input_file, 0, SEEK_SET ) == 0 );
+    SYS_CHECK( ( buffer = mbedtls_calloc( 1, buffer_size ) ) != NULL );
+    SYS_CHECK( fread( buffer, 1, input_size, input_file ) == input_size );
+    SYS_CHECK( fclose( input_file ) == 0 );
+    input_file = NULL;
+
+    /* Construct a header. */
+    memcpy( &header.magic, WRAPPED_DATA_MAGIC, WRAPPED_DATA_MAGIC_LENGTH );
+    header.ad_size = sizeof( header );
+    header.payload_size = input_size;
+
+    /* Wrap the data. */
+    PSA_CHECK( psa_generate_random( header.iv, WRAPPING_IV_SIZE ) );
+    PSA_CHECK( psa_aead_encrypt( wrapping_key_slot, WRAPPING_ALG,
+                                 header.iv, WRAPPING_IV_SIZE,
+                                 (uint8_t *) &header, sizeof( header ),
+                                 buffer, input_size,
+                                 buffer, buffer_size,
+                                 &ciphertext_size ) );
+
+    /* Write the output. */
+    SYS_CHECK( ( output_file = fopen( output_file_name, "wb" ) ) != NULL );
+    SYS_CHECK( fwrite( &header, 1, sizeof( header ),
+                       output_file ) == sizeof( header ) );
+    SYS_CHECK( fwrite( buffer, 1, ciphertext_size,
+                       output_file ) == ciphertext_size );
+    SYS_CHECK( fclose( output_file ) == 0 );
+    output_file = NULL;
+
+exit:
+    if( input_file != NULL )
+        fclose( input_file );
+    if( output_file != NULL )
+        fclose( output_file );
+    if( buffer != NULL )
+        mbedtls_platform_zeroize( buffer, buffer_size );
+    mbedtls_free( buffer );
+    return( status );
+}
+
+static psa_status_t unwrap_data( const char *input_file_name,
+                                 const char *output_file_name )
+{
+    psa_status_t status;
+    FILE *input_file = NULL;
+    FILE *output_file = NULL;
+    unsigned char *buffer = NULL;
+    size_t ciphertext_size;
+    size_t plaintext_size;
+    wrapped_data_header_t header;
+    unsigned char extra_byte;
+
+    /* Load and validate the header. */
+    SYS_CHECK( ( input_file = fopen( input_file_name, "rb" ) ) != NULL );
+    SYS_CHECK( fread( &header, 1, sizeof( header ),
+                      input_file ) == sizeof( header ) );
+    if( memcmp( &header.magic, WRAPPED_DATA_MAGIC,
+                WRAPPED_DATA_MAGIC_LENGTH ) != 0 )
+    {
+        mbedtls_printf( "The input does not start with a valid magic header.\n" );
+        status = DEMO_ERROR;
+        goto exit;
+    }
+    if( header.ad_size != sizeof( header ) )
+    {
+        mbedtls_printf( "The header size is not correct.\n" );
+        status = DEMO_ERROR;
+        goto exit;
+    }
+    ciphertext_size =
+        PSA_AEAD_ENCRYPT_OUTPUT_SIZE( WRAPPING_ALG, header.payload_size );
+    /* Check for integer overflow. */
+    if( ciphertext_size < header.payload_size )
+    {
+        mbedtls_printf( "Input file too large.\n" );
+        status = DEMO_ERROR;
+        goto exit;
+    }
+
+    /* Load the payload data. */
+    SYS_CHECK( ( buffer = mbedtls_calloc( 1, ciphertext_size ) ) != NULL );
+    SYS_CHECK( fread( buffer, 1, ciphertext_size,
+                      input_file ) == ciphertext_size );
+    if( fread( &extra_byte, 1, 1, input_file ) != 0 )
+    {
+        mbedtls_printf( "Extra garbage after ciphertext\n" );
+        status = DEMO_ERROR;
+        goto exit;
+    }
+    SYS_CHECK( fclose( input_file ) == 0 );
+    input_file = NULL;
+
+    /* Unwrap the data. */
+    PSA_CHECK( psa_aead_decrypt( wrapping_key_slot, WRAPPING_ALG,
+                                 header.iv, WRAPPING_IV_SIZE,
+                                 (uint8_t *) &header, sizeof( header ),
+                                 buffer, ciphertext_size,
+                                 buffer, ciphertext_size,
+                                 &plaintext_size ) );
+    if( plaintext_size != header.payload_size )
+    {
+        mbedtls_printf( "Incorrect payload size in the header.\n" );
+        status = DEMO_ERROR;
+        goto exit;
+    }
+
+    /* Write the output. */
+    SYS_CHECK( ( output_file = fopen( output_file_name, "wb" ) ) != NULL );
+    SYS_CHECK( fwrite( buffer, 1, plaintext_size,
+                       output_file ) == plaintext_size );
+    SYS_CHECK( fclose( output_file ) == 0 );
+    output_file = NULL;
+
+exit:
+    if( input_file != NULL )
+        fclose( input_file );
+    if( output_file != NULL )
+        fclose( output_file );
+    if( buffer != NULL )
+        mbedtls_platform_zeroize( buffer, ciphertext_size );
+    mbedtls_free( buffer );
+    return( status );
+}
+
+static psa_status_t run( enum program_mode mode,
+                         const char *key_file_name,
+                         const char *ladder[], size_t ladder_depth,
+                         const char *input_file_name,
+                         const char *output_file_name )
+{
+    psa_status_t status = PSA_SUCCESS;
+
+    /* Initialize the PSA crypto library. */
+    PSA_CHECK( psa_crypto_init( ) );
+
+    /* Generate mode is unlike the others. Generate the master key and exit. */
+    if( mode == MODE_GENERATE )
+        return( generate( key_file_name ) );
+
+    /* Read the master key. */
+    PSA_CHECK( import_key_from_file( master_key_slot,
+                                     PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT,
+                                     KDF_ALG,
+                                     key_file_name ) );
+
+    /* Calculate the derived key for this session. */
+    PSA_CHECK( derive_key_ladder( ladder, ladder_depth ) );
+
+    switch( mode )
+    {
+        case MODE_SAVE:
+            PSA_CHECK( save_key( derived_key_slot, output_file_name ) );
+            break;
+        case MODE_UNWRAP:
+            PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_DECRYPT ) );
+            PSA_CHECK( unwrap_data( input_file_name, output_file_name ) );
+            break;
+        case MODE_WRAP:
+            PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_ENCRYPT ) );
+            PSA_CHECK( wrap_data( input_file_name, output_file_name ) );
+            break;
+        default:
+            /* Unreachable but some compilers don't realize it. */
+            break;
+    }
+
+exit:
+    /* Deinitialize the PSA crypto library. */
+    mbedtls_psa_crypto_free( );
+    return( status );
+}
+
+static void usage( void )
+{
+    mbedtls_printf( "Usage: key_ladder_demo MODE [OPTION=VALUE]...\n" );
+    mbedtls_printf( "Demonstrate the usage of a key derivation ladder.\n" );
+    mbedtls_printf( "\n" );
+    mbedtls_printf( "Modes:\n" );
+    mbedtls_printf( "  generate  Generate the master key\n" );
+    mbedtls_printf( "  save      Save the derived key\n" );
+    mbedtls_printf( "  unwrap    Unwrap (decrypt) input with the derived key\n" );
+    mbedtls_printf( "  wrap      Wrap (encrypt) input with the derived key\n" );
+    mbedtls_printf( "\n" );
+    mbedtls_printf( "Options:\n" );
+    mbedtls_printf( "  input=FILENAME    Input file (required for wrap/unwrap)\n" );
+    mbedtls_printf( "  master=FILENAME   File containing the master key (default: master.key)\n" );
+    mbedtls_printf( "  output=FILENAME   Output file (required for save/wrap/unwrap)\n" );
+    mbedtls_printf( "  label=TEXT        Label for the key derivation.\n" );
+    mbedtls_printf( "                    This may be repeated multiple times.\n" );
+    mbedtls_printf( "                    To get the same key, you must use the same master key\n" );
+    mbedtls_printf( "                    and the same sequence of labels.\n" );
+}
+
+int main( int argc, char *argv[] )
+{
+    char *key_file_name = "master.key";
+    char *input_file_name = NULL;
+    char *output_file_name = NULL;
+    const char *ladder[MAX_LADDER_DEPTH];
+    size_t ladder_depth = 0;
+    int i;
+    enum program_mode mode;
+    psa_status_t status;
+
+    if( argc <= 1 ||
+        strcmp( argv[1], "help" ) == 0 ||
+        strcmp( argv[1], "-help" ) == 0 ||
+        strcmp( argv[1], "--help" ) == 0 )
+    {
+        usage( );
+        return( MBEDTLS_EXIT_SUCCESS );
+    }
+
+    for( i = 2; i < argc; i++ )
+    {
+        char *q = strchr( argv[i], '=' );
+        if( q == NULL )
+        {
+            mbedtls_printf( "Missing argument to option %s\n", argv[i] );
+            goto usage_failure;
+        }
+        *q = 0;
+        ++q;
+        if( strcmp( argv[i], "input" ) == 0 )
+            input_file_name = q;
+        else if( strcmp( argv[i], "label" ) == 0 )
+        {
+            if( ladder_depth == MAX_LADDER_DEPTH )
+            {
+                mbedtls_printf( "Maximum ladder depth %u exceeded.\n",
+                                (unsigned) MAX_LADDER_DEPTH );
+                return( MBEDTLS_EXIT_FAILURE );
+            }
+            ladder[ladder_depth] = q;
+            ++ladder_depth;
+        }
+        else if( strcmp( argv[i], "master" ) == 0 )
+            key_file_name = q;
+        else if( strcmp( argv[i], "output" ) == 0 )
+            output_file_name = q;
+        else
+        {
+            mbedtls_printf( "Unknown option: %s\n", argv[i] );
+            goto usage_failure;
+        }
+    }
+
+    if( strcmp( argv[1], "generate" ) == 0 )
+        mode = MODE_GENERATE;
+    else if( strcmp( argv[1], "save" ) == 0 )
+        mode = MODE_SAVE;
+    else if( strcmp( argv[1], "unwrap" ) == 0 )
+        mode = MODE_UNWRAP;
+    else if( strcmp( argv[1], "wrap" ) == 0 )
+        mode = MODE_WRAP;
+    else
+    {
+        mbedtls_printf( "Unknown action: %s\n", argv[1] );
+        goto usage_failure;
+    }
+
+    if( input_file_name == NULL &&
+        ( mode == MODE_WRAP || mode == MODE_UNWRAP ) )
+    {
+        mbedtls_printf( "Required argument missing: input\n" );
+        return( DEMO_ERROR );
+    }
+    if( output_file_name == NULL &&
+        ( mode == MODE_SAVE || mode == MODE_WRAP || mode == MODE_UNWRAP ) )
+    {
+        mbedtls_printf( "Required argument missing: output\n" );
+        return( DEMO_ERROR );
+    }
+
+    status = run( mode, key_file_name,
+                  ladder, ladder_depth,
+                  input_file_name, output_file_name );
+    return( status == PSA_SUCCESS ?
+            MBEDTLS_EXIT_SUCCESS :
+            MBEDTLS_EXIT_FAILURE );
+
+usage_failure:
+    usage( );
+    return( MBEDTLS_EXIT_FAILURE );
+}
+#endif /* MBEDTLS_SHA256_C && MBEDTLS_MD_C && MBEDTLS_AES_C && MBEDTLS_CCM_C && MBEDTLS_PSA_CRYPTO_C && MBEDTLS_FS_IO */
diff --git a/programs/psa/key_ladder_demo.sh b/programs/psa/key_ladder_demo.sh
new file mode 100755
index 000000000..2cec945f5
--- /dev/null
+++ b/programs/psa/key_ladder_demo.sh
@@ -0,0 +1,49 @@
+#!/bin/sh
+set -e -u
+
+program="${0%/*}"/key_ladder_demo
+files_to_clean=
+
+run () {
+    echo
+    echo "# $1"
+    shift
+    echo "+ $*"
+    "$@"
+}
+
+if [ -e master.key ]; then
+    echo "# Reusing the existing master.key file."
+else
+    files_to_clean="$files_to_clean master.key"
+    run "Generate a master key." \
+        "$program" generate master=master.key
+fi
+
+files_to_clean="$files_to_clean input.txt hello_world.wrap"
+echo "Here is some input. See it wrapped." >input.txt
+run "Derive a key and wrap some data with it." \
+    "$program" wrap master=master.key label=hello label=world \
+               input=input.txt output=hello_world.wrap
+
+files_to_clean="$files_to_clean hello_world.txt"
+run "Derive the same key again and unwrap the data." \
+    "$program" unwrap master=master.key label=hello label=world \
+               input=hello_world.wrap output=hello_world.txt
+run "Compare the unwrapped data with the original input." \
+    cmp input.txt hello_world.txt
+
+files_to_clean="$files_to_clean hellow_orld.txt"
+! run "Derive a different key and attempt to unwrap the data. This must fail." \
+  "$program" unwrap master=master.key input=hello_world.wrap output=hellow_orld.txt label=hellow label=orld
+
+files_to_clean="$files_to_clean hello.key"
+run "Save the first step of the key ladder, then load it as a master key and construct the rest of the ladder." \
+    "$program" save master=master.key label=hello \
+               input=hello_world.wrap output=hello.key
+run "Check that we get the same key by unwrapping data made by the other key." \
+    "$program" unwrap master=hello.key label=world \
+               input=hello_world.wrap output=hello_world.txt
+
+# Cleanup
+rm -f $files_to_clean

From 65731b8e08f8cc62e0fe3763c861ee474c07f19a Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Wed, 18 Jul 2018 16:40:26 +0100
Subject: [PATCH 437/889] gitignore: Ignore Mbed Crypto exported files

---
 .gitignore | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/.gitignore b/.gitignore
index f40064d5b..2edbc997c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -26,3 +26,16 @@ massif-*
 
 # CMake generates *.dir/ folders for in-tree builds (used by MSVC projects), ignore all of those:
 *.dir/
+
+# Exported Mbed Crypto files
+crypto/LICENSE
+crypto/VERSION.txt
+crypto/include
+crypto/library/*.c
+crypto/library/libmbedcrypto*
+crypto/scripts
+crypto/tests/scripts
+crypto/tests/suites
+crypto/tests/test_suite*
+crypto/programs/psa
+mbedcrypto.tar.gz

From edd768775f8b0d45b24d7693424e4fd9f4880712 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 20 Jul 2018 17:42:05 +0200
Subject: [PATCH 438/889] Fix doxygen warnings

* Broken link #PSA_ALG_SHA_256
* Duplicate group name "generators"
* Missing documentation in psa_generate_key_extra_rsa due to bad magic
  comment marker
---
 include/psa/crypto.h | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index f282aa20b..4c615f0e1 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -652,15 +652,25 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_MD5                             ((psa_algorithm_t)0x01000003)
 #define PSA_ALG_RIPEMD160                       ((psa_algorithm_t)0x01000004)
 #define PSA_ALG_SHA_1                           ((psa_algorithm_t)0x01000005)
+/** SHA2-224 */
 #define PSA_ALG_SHA_224                         ((psa_algorithm_t)0x01000008)
+/** SHA2-256 */
 #define PSA_ALG_SHA_256                         ((psa_algorithm_t)0x01000009)
+/** SHA2-384 */
 #define PSA_ALG_SHA_384                         ((psa_algorithm_t)0x0100000a)
+/** SHA2-512 */
 #define PSA_ALG_SHA_512                         ((psa_algorithm_t)0x0100000b)
+/** SHA2-512/224 */
 #define PSA_ALG_SHA_512_224                     ((psa_algorithm_t)0x0100000c)
+/** SHA2-512/256 */
 #define PSA_ALG_SHA_512_256                     ((psa_algorithm_t)0x0100000d)
+/** SHA3-224 */
 #define PSA_ALG_SHA3_224                        ((psa_algorithm_t)0x01000010)
+/** SHA3-256 */
 #define PSA_ALG_SHA3_256                        ((psa_algorithm_t)0x01000011)
+/** SHA3-384 */
 #define PSA_ALG_SHA3_384                        ((psa_algorithm_t)0x01000012)
+/** SHA3-512 */
 #define PSA_ALG_SHA3_512                        ((psa_algorithm_t)0x01000013)
 
 #define PSA_ALG_MAC_SUBCATEGORY_MASK            ((psa_algorithm_t)0x00c00000)
@@ -2486,7 +2496,7 @@ psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
 
 /**@}*/
 
-/** \defgroup generation Generators
+/** \defgroup generators Generators
  * @{
  */
 
@@ -2708,7 +2718,7 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
 
 /**@}*/
 
-/** \defgroup generation Key generation
+/** \defgroup random Random generation
  * @{
  */
 
@@ -2740,7 +2750,7 @@ psa_status_t psa_generate_random(uint8_t *output,
  * parameter to psa_generate_key().
  */
 typedef struct {
-    uint32_t e; /**! Public exponent value. Default: 65537. */
+    uint32_t e; /**< Public exponent value. Default: 65537. */
 } psa_generate_key_extra_rsa;
 
 /**

From 588e8cb94081a6da2dffa469874f42c38aa2d4e9 Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Fri, 20 Jul 2018 13:27:58 +0100
Subject: [PATCH 439/889] Add psa headers to generate_visualc_files.pl

---
 scripts/generate_visualc_files.pl | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl
index 811c71f47..488a5beb6 100755
--- a/scripts/generate_visualc_files.pl
+++ b/scripts/generate_visualc_files.pl
@@ -19,7 +19,8 @@ my $vsx_sln_tpl_file = "scripts/data_files/vs2010-sln-template.sln";
 my $vsx_sln_file = "$vsx_dir/mbedTLS.sln";
 
 my $programs_dir = 'programs';
-my $header_dir = 'include/mbedtls';
+my $mbedtls_header_dir = 'include/mbedtls';
+my $psa_header_dir = 'include/psa';
 my $source_dir = 'library';
 
 # Need windows line endings!
@@ -53,7 +54,8 @@ exit( main() );
 
 sub check_dirs {
     return -d $vsx_dir
-        && -d $header_dir
+        && -d $mbedtls_header_dir
+        && -d $psa_header_dir
         && -d $source_dir
         && -d $programs_dir;
 }
@@ -131,9 +133,10 @@ sub gen_entry_list {
 }
 
 sub gen_main_file {
-    my ($headers, $sources, $hdr_tpl, $src_tpl, $main_tpl, $main_out) = @_;
+    my ($mbedtls_headers, $psa_headers, $sources, $hdr_tpl, $src_tpl, $main_tpl, $main_out) = @_;
 
-    my $header_entries = gen_entry_list( $hdr_tpl, @$headers );
+    my $header_entries = gen_entry_list( $hdr_tpl, @$mbedtls_headers );
+    $header_entries .= gen_entry_list( $hdr_tpl, @$psa_headers );
     my $source_entries = gen_entry_list( $src_tpl, @$sources );
 
     my $out = slurp_file( $main_tpl );
@@ -187,14 +190,16 @@ sub main {
     del_vsx_files();
 
     my @app_list = get_app_list();
-    my @headers = <$header_dir/*.h>;
+    my @mbedtls_headers = <$mbedtls_header_dir/*.h>;
+    my @psa_headers = <$psa_header_dir/*.h>;
     my @sources = <$source_dir/*.c>;
-    map { s!/!\\!g } @headers;
+    map { s!/!\\!g } @mbedtls_headers;
+    map { s!/!\\!g } @psa_headers;
     map { s!/!\\!g } @sources;
 
     gen_app_files( @app_list );
 
-    gen_main_file( \@headers, \@sources,
+    gen_main_file( \@mbedtls_headers, \@psa_headers, \@sources,
                    $vsx_hdr_tpl, $vsx_src_tpl,
                    $vsx_main_tpl_file, $vsx_main_file );
 

From 1692363b3ea4e7e473115e61c115be38a3531c64 Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Fri, 20 Jul 2018 13:29:25 +0100
Subject: [PATCH 440/889] Add visualc files generated by
 generate_visualc_files.pl

---
 visualc/VS2010/crypto_examples.vcxproj    | 174 ++++++++++++++++++++++
 visualc/VS2010/key_ladder_demo.vcxproj    | 174 ++++++++++++++++++++++
 visualc/VS2010/mbedTLS.sln                |  39 +++++
 visualc/VS2010/mbedTLS.vcxproj            |   6 +-
 visualc/VS2010/psa_constant_names.vcxproj | 174 ++++++++++++++++++++++
 5 files changed, 565 insertions(+), 2 deletions(-)
 create mode 100644 visualc/VS2010/crypto_examples.vcxproj
 create mode 100644 visualc/VS2010/key_ladder_demo.vcxproj
 create mode 100644 visualc/VS2010/psa_constant_names.vcxproj

diff --git a/visualc/VS2010/crypto_examples.vcxproj b/visualc/VS2010/crypto_examples.vcxproj
new file mode 100644
index 000000000..9ca6b6485
--- /dev/null
+++ b/visualc/VS2010/crypto_examples.vcxproj
@@ -0,0 +1,174 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|Win32">
+      <Configuration>Debug</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Debug|x64">
+      <Configuration>Debug</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|Win32">
+      <Configuration>Release</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|x64">
+      <Configuration>Release</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="..\..\programs\psa\crypto_examples.c" />
+  </ItemGroup>
+  <ItemGroup>
+    <ProjectReference Include="mbedTLS.vcxproj">
+      <Project>{46cf2d25-6a36-4189-b59c-e4815388e554}</Project>
+      <LinkLibraryDependencies>true</LinkLibraryDependencies>
+    </ProjectReference>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <ProjectGuid>{020C31BD-C4DF-BABA-E537-F517C4E98537}</ProjectGuid>
+    <Keyword>Win32Proj</Keyword>
+    <RootNamespace>crypto_examples</RootNamespace>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+    <PlatformToolset>Windows7.1SDK</PlatformToolset>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <LinkIncremental>true</LinkIncremental>
+    <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <LinkIncremental>true</LinkIncremental>
+    <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <LinkIncremental>false</LinkIncremental>
+    <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <LinkIncremental>false</LinkIncremental>
+    <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <ClCompile>
+      <PrecompiledHeader>
+      </PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>Disabled</Optimization>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <ShowProgress>NotSet</ShowProgress>
+      <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
+    </Link>
+    <ProjectReference>
+      <LinkLibraryDependencies>false</LinkLibraryDependencies>
+    </ProjectReference>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <ClCompile>
+      <PrecompiledHeader>
+      </PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>Disabled</Optimization>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <ShowProgress>NotSet</ShowProgress>
+      <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
+    </Link>
+    <ProjectReference>
+      <LinkLibraryDependencies>false</LinkLibraryDependencies>
+    </ProjectReference>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <PrecompiledHeader>
+      </PrecompiledHeader>
+      <Optimization>MaxSpeed</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+      <AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
+      <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <PrecompiledHeader>
+      </PrecompiledHeader>
+      <Optimization>MaxSpeed</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+      <AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
+      <AdditionalDependencies>%(AdditionalDependencies);</AdditionalDependencies>
+    </Link>
+  </ItemDefinitionGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>
diff --git a/visualc/VS2010/key_ladder_demo.vcxproj b/visualc/VS2010/key_ladder_demo.vcxproj
new file mode 100644
index 000000000..80914ffbe
--- /dev/null
+++ b/visualc/VS2010/key_ladder_demo.vcxproj
@@ -0,0 +1,174 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|Win32">
+      <Configuration>Debug</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Debug|x64">
+      <Configuration>Debug</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|Win32">
+      <Configuration>Release</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|x64">
+      <Configuration>Release</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="..\..\programs\psa\key_ladder_demo.c" />
+  </ItemGroup>
+  <ItemGroup>
+    <ProjectReference Include="mbedTLS.vcxproj">
+      <Project>{46cf2d25-6a36-4189-b59c-e4815388e554}</Project>
+      <LinkLibraryDependencies>true</LinkLibraryDependencies>
+    </ProjectReference>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <ProjectGuid>{778777A0-393D-45E8-83C1-EAF487236F1F}</ProjectGuid>
+    <Keyword>Win32Proj</Keyword>
+    <RootNamespace>key_ladder_demo</RootNamespace>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+    <PlatformToolset>Windows7.1SDK</PlatformToolset>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <LinkIncremental>true</LinkIncremental>
+    <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <LinkIncremental>true</LinkIncremental>
+    <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <LinkIncremental>false</LinkIncremental>
+    <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <LinkIncremental>false</LinkIncremental>
+    <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <ClCompile>
+      <PrecompiledHeader>
+      </PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>Disabled</Optimization>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <ShowProgress>NotSet</ShowProgress>
+      <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
+    </Link>
+    <ProjectReference>
+      <LinkLibraryDependencies>false</LinkLibraryDependencies>
+    </ProjectReference>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <ClCompile>
+      <PrecompiledHeader>
+      </PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>Disabled</Optimization>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <ShowProgress>NotSet</ShowProgress>
+      <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
+    </Link>
+    <ProjectReference>
+      <LinkLibraryDependencies>false</LinkLibraryDependencies>
+    </ProjectReference>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <PrecompiledHeader>
+      </PrecompiledHeader>
+      <Optimization>MaxSpeed</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+      <AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
+      <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <PrecompiledHeader>
+      </PrecompiledHeader>
+      <Optimization>MaxSpeed</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+      <AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
+      <AdditionalDependencies>%(AdditionalDependencies);</AdditionalDependencies>
+    </Link>
+  </ItemDefinitionGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>
diff --git a/visualc/VS2010/mbedTLS.sln b/visualc/VS2010/mbedTLS.sln
index 66b96c3a3..32c86c09b 100644
--- a/visualc/VS2010/mbedTLS.sln
+++ b/visualc/VS2010/mbedTLS.sln
@@ -123,6 +123,21 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_verify_pss", "rsa_verif
 		{46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
 	EndProjectSection
 EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "crypto_examples", "crypto_examples.vcxproj", "{020C31BD-C4DF-BABA-E537-F517C4E98537}"
+	ProjectSection(ProjectDependencies) = postProject
+		{46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "key_ladder_demo", "key_ladder_demo.vcxproj", "{778777A0-393D-45E8-83C1-EAF487236F1F}"
+	ProjectSection(ProjectDependencies) = postProject
+		{46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "psa_constant_names", "psa_constant_names.vcxproj", "{A0BAD8F0-69B5-8382-86ED-C36ACBE54117}"
+	ProjectSection(ProjectDependencies) = postProject
+		{46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
+	EndProjectSection
+EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dtls_client", "dtls_client.vcxproj", "{FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}"
 	ProjectSection(ProjectDependencies) = postProject
 		{46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554}
@@ -451,6 +466,30 @@ Global
 		{95C50864-854C-2A11-4C91-BCE654E344FB}.Release|Win32.Build.0 = Release|Win32
 		{95C50864-854C-2A11-4C91-BCE654E344FB}.Release|x64.ActiveCfg = Release|x64
 		{95C50864-854C-2A11-4C91-BCE654E344FB}.Release|x64.Build.0 = Release|x64
+		{020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|Win32.ActiveCfg = Debug|Win32
+		{020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|Win32.Build.0 = Debug|Win32
+		{020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|x64.ActiveCfg = Debug|x64
+		{020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|x64.Build.0 = Debug|x64
+		{020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|Win32.ActiveCfg = Release|Win32
+		{020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|Win32.Build.0 = Release|Win32
+		{020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|x64.ActiveCfg = Release|x64
+		{020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|x64.Build.0 = Release|x64
+		{778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|Win32.ActiveCfg = Debug|Win32
+		{778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|Win32.Build.0 = Debug|Win32
+		{778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|x64.ActiveCfg = Debug|x64
+		{778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|x64.Build.0 = Debug|x64
+		{778777A0-393D-45E8-83C1-EAF487236F1F}.Release|Win32.ActiveCfg = Release|Win32
+		{778777A0-393D-45E8-83C1-EAF487236F1F}.Release|Win32.Build.0 = Release|Win32
+		{778777A0-393D-45E8-83C1-EAF487236F1F}.Release|x64.ActiveCfg = Release|x64
+		{778777A0-393D-45E8-83C1-EAF487236F1F}.Release|x64.Build.0 = Release|x64
+		{A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|Win32.ActiveCfg = Debug|Win32
+		{A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|Win32.Build.0 = Debug|Win32
+		{A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|x64.ActiveCfg = Debug|x64
+		{A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|x64.Build.0 = Debug|x64
+		{A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|Win32.ActiveCfg = Release|Win32
+		{A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|Win32.Build.0 = Release|Win32
+		{A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|x64.ActiveCfg = Release|x64
+		{A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|x64.Build.0 = Release|x64
 		{FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|Win32.ActiveCfg = Debug|Win32
 		{FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|Win32.Build.0 = Debug|Win32
 		{FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|x64.ActiveCfg = Debug|x64
diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 2c569e52d..4d8b92af1 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -225,8 +225,10 @@
     <ClInclude Include="..\..\include\mbedtls\x509_csr.h" />
     <ClInclude Include="..\..\include\mbedtls\xtea.h" />
     <ClInclude Include="..\..\include\psa\crypto.h" />
-    <ClInclude Include="..\..\include\psa\crypto_platform.h" />
     <ClInclude Include="..\..\include\psa\crypto_extra.h" />
+    <ClInclude Include="..\..\include\psa\crypto_platform.h" />
+    <ClInclude Include="..\..\include\psa\crypto_sizes.h" />
+    <ClInclude Include="..\..\include\psa\crypto_struct.h" />
   </ItemGroup>
   <ItemGroup>
     <ClCompile Include="..\..\library\aes.c" />
@@ -283,8 +285,8 @@
     <ClCompile Include="..\..\library\platform.c" />
     <ClCompile Include="..\..\library\platform_util.c" />
     <ClCompile Include="..\..\library\poly1305.c" />
-    <ClCompile Include="..\..\library\ripemd160.c" />
     <ClCompile Include="..\..\library\psa_crypto.c" />
+    <ClCompile Include="..\..\library\ripemd160.c" />
     <ClCompile Include="..\..\library\rsa.c" />
     <ClCompile Include="..\..\library\rsa_internal.c" />
     <ClCompile Include="..\..\library\sha1.c" />
diff --git a/visualc/VS2010/psa_constant_names.vcxproj b/visualc/VS2010/psa_constant_names.vcxproj
new file mode 100644
index 000000000..2618c7c0a
--- /dev/null
+++ b/visualc/VS2010/psa_constant_names.vcxproj
@@ -0,0 +1,174 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|Win32">
+      <Configuration>Debug</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Debug|x64">
+      <Configuration>Debug</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|Win32">
+      <Configuration>Release</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|x64">
+      <Configuration>Release</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="..\..\programs\psa\psa_constant_names.c" />
+  </ItemGroup>
+  <ItemGroup>
+    <ProjectReference Include="mbedTLS.vcxproj">
+      <Project>{46cf2d25-6a36-4189-b59c-e4815388e554}</Project>
+      <LinkLibraryDependencies>true</LinkLibraryDependencies>
+    </ProjectReference>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <ProjectGuid>{A0BAD8F0-69B5-8382-86ED-C36ACBE54117}</ProjectGuid>
+    <Keyword>Win32Proj</Keyword>
+    <RootNamespace>psa_constant_names</RootNamespace>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+    <PlatformToolset>Windows7.1SDK</PlatformToolset>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <LinkIncremental>true</LinkIncremental>
+    <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <LinkIncremental>true</LinkIncremental>
+    <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <LinkIncremental>false</LinkIncremental>
+    <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <LinkIncremental>false</LinkIncremental>
+    <IntDir>$(Configuration)\$(TargetName)\</IntDir>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <ClCompile>
+      <PrecompiledHeader>
+      </PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>Disabled</Optimization>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <ShowProgress>NotSet</ShowProgress>
+      <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
+    </Link>
+    <ProjectReference>
+      <LinkLibraryDependencies>false</LinkLibraryDependencies>
+    </ProjectReference>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <ClCompile>
+      <PrecompiledHeader>
+      </PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <Optimization>Disabled</Optimization>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <ShowProgress>NotSet</ShowProgress>
+      <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalLibraryDirectories>Debug</AdditionalLibraryDirectories>
+    </Link>
+    <ProjectReference>
+      <LinkLibraryDependencies>false</LinkLibraryDependencies>
+    </ProjectReference>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <PrecompiledHeader>
+      </PrecompiledHeader>
+      <Optimization>MaxSpeed</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+      <AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
+      <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies)</AdditionalDependencies>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <PrecompiledHeader>
+      </PrecompiledHeader>
+      <Optimization>MaxSpeed</Optimization>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <PreprocessorDefinitions>WIN64;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <AdditionalIncludeDirectories>../../include</AdditionalIncludeDirectories>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+      <EnableCOMDATFolding>true</EnableCOMDATFolding>
+      <OptimizeReferences>true</OptimizeReferences>
+      <AdditionalLibraryDirectories>Release</AdditionalLibraryDirectories>
+      <AdditionalDependencies>%(AdditionalDependencies);</AdditionalDependencies>
+    </Link>
+  </ItemDefinitionGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>

From 13a61f705e21ab346c7f5c33e30ad5cee416c783 Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Tue, 24 Jul 2018 11:54:24 +0100
Subject: [PATCH 441/889] Add psa header files to yotta build

---
 yotta/create-module.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/yotta/create-module.sh b/yotta/create-module.sh
index 4c79ebe51..a7845faa2 100755
--- a/yotta/create-module.sh
+++ b/yotta/create-module.sh
@@ -20,8 +20,9 @@ fi
 TMP=$DEST-tmp
 rm -rf $TMP
 
-mkdir -p $TMP/mbedtls $TMP/source
+mkdir -p $TMP/mbedtls $TMP/psa $TMP/source
 cp $TREE/include/mbedtls/*.h $TMP/mbedtls
+cp $TREE/include/psa/*.h $TMP/psa
 cp $TREE/library/*.c $TMP/source
 
 # temporary, should depend on external module later

From 9c862253cc146d029b1ae2824f93eb2e9b9124df Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Tue, 24 Jul 2018 12:52:44 +0100
Subject: [PATCH 442/889] Add handling for zero-length buffers in tests

The buffer can be NULL if the length is zero, so we only check it's not NULL if the length is nonzero
---
 tests/suites/test_suite_psa_crypto.function | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 2e0804bf5..65a0365ba 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -532,11 +532,11 @@ void import_export( data_t *data,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
     export_size = (ptrdiff_t) data->len + export_size_delta;
     exported = mbedtls_calloc( 1, export_size );
-    TEST_ASSERT( exported != NULL );
+    TEST_ASSERT( export_size == 0 || exported != NULL );
     if( ! canonical_input )
     {
         reexported = mbedtls_calloc( 1, export_size );
-        TEST_ASSERT( reexported != NULL );
+        TEST_ASSERT( export_size == 0 || reexported != NULL );
     }
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -2343,7 +2343,7 @@ void asymmetric_encrypt( int key_type_arg,
                                           &key_bits ) == PSA_SUCCESS );
     output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
     output = mbedtls_calloc( 1, output_size );
-    TEST_ASSERT( output != NULL );
+    TEST_ASSERT( output_size == 0 || output != NULL );
 
     /* Encrypt the input */
     actual_status = psa_asymmetric_encrypt( slot, alg,
@@ -2946,7 +2946,7 @@ void generate_random( int bytes_arg )
     unsigned run;
 
     TEST_ASSERT( output != NULL );
-    TEST_ASSERT( changed != NULL );
+    TEST_ASSERT( bytes == 0 || changed != NULL );
     memcpy( output + bytes, trail, sizeof( trail ) );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );

From 77b33b29265b8266a683014041dda45142a228ec Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Tue, 24 Jul 2018 15:29:42 +0100
Subject: [PATCH 443/889] Add missing dependencies on MBEDTLS_SHA256_C

---
 tests/suites/test_suite_psa_crypto.data | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 894317e32..337b44fc2 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -694,7 +694,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
 
 PSA sign: deterministic ECDSA SECP256R1 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
 sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
 PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size
@@ -742,7 +742,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
 
 PSA sign/verify: deterministic ECDSA SECP256R1 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
 sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
 
 PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature

From 5cc689a821b86ca249d613ee58d621ab3e1748ac Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Tue, 24 Jul 2018 15:34:10 +0100
Subject: [PATCH 444/889] Add handling for (sometimes) unused parameters

---
 library/psa_crypto.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 210fa5ff4..94f6b1776 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2164,6 +2164,12 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
     key_slot_t *slot;
     psa_status_t status;
 
+    (void) input;
+    (void) input_length;
+    (void) salt;
+    (void) output;
+    (void) output_size;
+
     *output_length = 0;
 
     if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 )
@@ -2238,6 +2244,12 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
     key_slot_t *slot;
     psa_status_t status;
 
+    (void) input;
+    (void) input_length;
+    (void) salt;
+    (void) output;
+    (void) output_size;
+
     *output_length = 0;
 
     if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 )

From efb52d53bf17d0d235d9ba0177bc4391cfce531f Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Tue, 24 Jul 2018 15:41:49 +0100
Subject: [PATCH 445/889] Add missing dependency on MBEDTLS_PKCS1_V15

---
 tests/suites/test_suite_psa_crypto.data | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 337b44fc2..91b5b7248 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -674,7 +674,7 @@ PSA signature size: RSA keypair, 1025 bits, PKCS#1 v1.5 raw
 signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1025:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:129
 
 PSA import/exercise RSA keypair, PKCS#1 v1.5 raw
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW
 
 PSA import/exercise: ECP SECP256R1 keypair, ECDSA

From 8f8aa8f9311d8ff058ec70e63de6762eb6d827ce Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Tue, 24 Jul 2018 15:44:51 +0100
Subject: [PATCH 446/889] Add ifdef for MBEDTLS_ECP_C around ecc_group_to_psa
 functions

These are unused if MBEDTLS_ECP_C isn't defined.
---
 library/psa_crypto.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 94f6b1776..75c7ea8a5 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -411,6 +411,7 @@ static psa_status_t psa_get_key_from_slot( psa_key_slot_t key,
 /* Key management */
 /****************************************************************/
 
+#if defined(MBEDTLS_ECP_C)
 static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid )
 {
     switch( grpid )
@@ -480,6 +481,7 @@ static mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_curve_t curve )
             return( MBEDTLS_ECP_DP_NONE );
     }
 }
+#endif /* defined(MBEDTLS_ECP_C) */
 
 static psa_status_t prepare_raw_data_slot( psa_key_type_t type,
                                            size_t bits,

From 10ccc641acbc03b17c6e17fac9ebf710a034c5b6 Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Tue, 24 Jul 2018 16:30:56 +0100
Subject: [PATCH 447/889] Add missing dependencies on MBEDTLS_ECDSA_C

---
 tests/suites/test_suite_psa_crypto.data | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 91b5b7248..47a8f0c42 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -694,7 +694,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
 
 PSA sign: deterministic ECDSA SECP256R1 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
 sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
 PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size
@@ -710,7 +710,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
 sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL
 
 PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
 sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL
 
 PSA sign: deterministic ECDSA SECP256R1, invalid hash
@@ -738,11 +738,11 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
 sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
 
 PSA sign/verify: randomized ECDSA SECP256R1 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
 sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
 
 PSA sign/verify: deterministic ECDSA SECP256R1 SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
 sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
 
 PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature
@@ -774,19 +774,19 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
 asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308"
 
 PSA verify: ECDSA SECP256R1, good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
 asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
 PSA verify with keypair: ECDSA SECP256R1, good
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
 asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
 PSA verify: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
 asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE
 
 PSA verify: ECDSA SECP256R1, wrong signature of correct size
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
 asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE
 
 PSA encrypt: RSA PKCS#1 v1.5, good

From cab5494b122012ba4360929440f8c137b637449f Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Wed, 25 Jul 2018 13:26:13 +0100
Subject: [PATCH 448/889] psa: Add license header to crypto.h

---
 include/psa/crypto.h | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 4c615f0e1..0ba34929b 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -2,6 +2,22 @@
  * \file psa/crypto.h
  * \brief Platform Security Architecture cryptography module
  */
+/*
+ *  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
 
 #ifndef PSA_CRYPTO_H
 #define PSA_CRYPTO_H

From 9e2d7a09f1c2db2e42fdf5877932768e230bd9b3 Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Tue, 24 Jul 2018 16:33:30 +0100
Subject: [PATCH 449/889] Add ifdefs for psa_internal_export_key function

MBEDTLS_PK_WRITE_C only requires either MBEDTLS_RSA_C or MBEDTLS_ECP_C to be defined.
Added wrappers to handle the cases where only one has been defined.
Moved mbedtls_pk_init to be within the ifdefs, so it's only called if appropriate.
---
 include/psa/crypto.h |  1 +
 library/psa_crypto.c | 11 ++++++++++-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 9f0b13541..896235b35 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1174,6 +1174,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_EMPTY_SLOT
  * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_NOT_SUPPORTED
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 75c7ea8a5..959b9ecc4 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -787,16 +787,25 @@ static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
         {
             mbedtls_pk_context pk;
             int ret;
-            mbedtls_pk_init( &pk );
             if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
             {
+#if defined(MBEDTLS_RSA_C)
+                mbedtls_pk_init( &pk );
                 pk.pk_info = &mbedtls_rsa_info;
                 pk.pk_ctx = slot->data.rsa;
+#else
+                return( PSA_ERROR_NOT_SUPPORTED );
+#endif
             }
             else
             {
+#if defined(MBEDTLS_ECP_C)
+                mbedtls_pk_init( &pk );
                 pk.pk_info = &mbedtls_eckey_info;
                 pk.pk_ctx = slot->data.ecp;
+#else
+                return( PSA_ERROR_NOT_SUPPORTED );
+#endif
             }
             if( export_public_key || PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) )
                 ret = mbedtls_pk_write_pubkey_der( &pk, data, data_size );

From 8800136156816ac3d0313751eb6942a73fede607 Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Thu, 26 Jul 2018 13:59:04 +0100
Subject: [PATCH 450/889] Fix key parameter in psa_key_derivation to use
 correct type

---
 include/psa/crypto.h | 2 +-
 library/psa_crypto.c | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 0ba34929b..9f0b13541 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -2724,7 +2724,7 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator);
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
-                                psa_key_type_t key,
+                                psa_key_slot_t key,
                                 psa_algorithm_t alg,
                                 const uint8_t *salt,
                                 size_t salt_length,
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index a62fac7b1..210fa5ff4 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3257,7 +3257,7 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf,
 }
 
 psa_status_t psa_key_derivation( psa_crypto_generator_t *generator,
-                                 psa_key_type_t key,
+                                 psa_key_slot_t key,
                                  psa_algorithm_t alg,
                                  const uint8_t *salt,
                                  size_t salt_length,

From 80bed236dee9885c43feb75292757b938acbd55f Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Thu, 26 Jul 2018 13:03:38 +0100
Subject: [PATCH 451/889] Change psa_structs to use unsigned ints

These structs are using bitfields of length one, which can only represent 0 and -1 for signed ints.
Changing these to unsigned int lets them represent 0 and 1, which is what we want.
---
 include/psa/crypto_struct.h | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index baf5b1495..e38a9bfba 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -98,11 +98,11 @@ typedef struct
 struct psa_mac_operation_s
 {
     psa_algorithm_t alg;
-    int key_set : 1;
-    int iv_required : 1;
-    int iv_set : 1;
-    int has_input : 1;
-    int is_sign : 1;
+    unsigned int key_set : 1;
+    unsigned int iv_required : 1;
+    unsigned int iv_set : 1;
+    unsigned int has_input : 1;
+    unsigned int is_sign : 1;
     uint8_t mac_size;
     union
     {
@@ -119,9 +119,9 @@ struct psa_mac_operation_s
 struct psa_cipher_operation_s
 {
     psa_algorithm_t alg;
-    int key_set : 1;
-    int iv_required : 1;
-    int iv_set : 1;
+    unsigned int key_set : 1;
+    unsigned int iv_required : 1;
+    unsigned int iv_set : 1;
     uint8_t iv_size;
     uint8_t block_size;
     union

From c32f0304db583e166a71370e744251b8d7445cad Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 10 Aug 2018 16:02:11 +0200
Subject: [PATCH 452/889] Fix bad key type constant that worked by accident

---
 tests/suites/test_suite_psa_crypto.function | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 04c1c7982..310df38f4 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1128,7 +1128,7 @@ exit:
 void key_lifetime( int lifetime_arg )
 {
     int key_slot = 1;
-    psa_key_type_t key_type = PSA_ALG_CBC_BASE;
+    psa_key_type_t key_type = PSA_KEY_TYPE_RAW_DATA;
     unsigned char key[32] = {0};
     psa_key_lifetime_t lifetime_set = lifetime_arg;
     psa_key_lifetime_t lifetime_get;

From 78b3bb670da616b206fb1d9be1a28674deea95ff Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 10 Aug 2018 16:03:41 +0200
Subject: [PATCH 453/889] Change the bitwise encoding of key type categories

There were only 5 categories (now 4). Reduce the category mask from 7
bits to 3.

Combine unformatted, not-necessarily-uniform keys (HMAC, derivation)
with raw data.

Reintroduce a KEY_TYPE_IS_UNSTRUCTURED macro (which used to exist
under the name KEY_TYPE_IS_RAW_DATA macro) for key types that don't
have any structure, including both should-be-uniform keys (such as
block cipher and stream cipher keys) and not-necessarily-uniform
keys (such as HMAC keys and secrets for key derivation).
---
 include/psa/crypto.h | 82 +++++++++++++++++++++++++++++---------------
 library/psa_crypto.c |  4 +--
 2 files changed, 56 insertions(+), 30 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 6d3132283..55c0c0413 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -360,17 +360,19 @@ typedef uint32_t psa_key_type_t;
  */
 #define PSA_KEY_TYPE_VENDOR_FLAG                ((psa_key_type_t)0x80000000)
 
-#define PSA_KEY_TYPE_CATEGORY_MASK              ((psa_key_type_t)0x7e000000)
+#define PSA_KEY_TYPE_CATEGORY_MASK              ((psa_key_type_t)0x70000000)
+#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC         ((psa_key_type_t)0x40000000)
+#define PSA_KEY_TYPE_CATEGORY_RAW               ((psa_key_type_t)0x50000000)
+#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY        ((psa_key_type_t)0x60000000)
+#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR          ((psa_key_type_t)0x70000000)
+
+#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR         ((psa_key_type_t)0x10000000)
 
 /** Raw data.
  *
  * A "key" of this type cannot be used for any cryptographic operation.
  * Applications may use this type to store arbitrary data in the keystore. */
-#define PSA_KEY_TYPE_RAW_DATA                   ((psa_key_type_t)0x02000000)
-
-#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC         ((psa_key_type_t)0x04000000)
-#define PSA_KEY_TYPE_CATEGORY_ASYMMETRIC        ((psa_key_type_t)0x06000000)
-#define PSA_KEY_TYPE_PAIR_FLAG                  ((psa_key_type_t)0x01000000)
+#define PSA_KEY_TYPE_RAW_DATA                   ((psa_key_type_t)0x50000001)
 
 /** HMAC key.
  *
@@ -380,21 +382,21 @@ typedef uint32_t psa_key_type_t;
  * HMAC keys should generally have the same size as the underlying hash.
  * This size can be calculated with #PSA_HASH_SIZE(\c alg) where
  * \c alg is the HMAC algorithm or the underlying hash algorithm. */
-#define PSA_KEY_TYPE_HMAC                       ((psa_key_type_t)0x02000001)
+#define PSA_KEY_TYPE_HMAC                       ((psa_key_type_t)0x51000000)
 
 /** A secret for key derivation.
  *
  * The key policy determines which key derivation algorithm the key
  * can be used for.
  */
-#define PSA_KEY_TYPE_DERIVE                     ((psa_key_type_t)0x02000101)
+#define PSA_KEY_TYPE_DERIVE                     ((psa_key_type_t)0x52000000)
 
 /** Key for an cipher, AEAD or MAC algorithm based on the AES block cipher.
  *
  * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or
  * 32 bytes (AES-256).
  */
-#define PSA_KEY_TYPE_AES                        ((psa_key_type_t)0x04000001)
+#define PSA_KEY_TYPE_AES                        ((psa_key_type_t)0x40000001)
 
 /** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES).
  *
@@ -405,30 +407,30 @@ typedef uint32_t psa_key_type_t;
  * deprecated and should only be used to decrypt legacy data. 3-key 3DES
  * is weak and deprecated and should only be used in legacy protocols.
  */
-#define PSA_KEY_TYPE_DES                        ((psa_key_type_t)0x04000002)
+#define PSA_KEY_TYPE_DES                        ((psa_key_type_t)0x40000002)
 
 /** Key for an cipher, AEAD or MAC algorithm based on the
  * Camellia block cipher. */
-#define PSA_KEY_TYPE_CAMELLIA                   ((psa_key_type_t)0x04000003)
+#define PSA_KEY_TYPE_CAMELLIA                   ((psa_key_type_t)0x40000003)
 
 /** Key for the RC4 stream cipher.
  *
  * Note that RC4 is weak and deprecated and should only be used in
  * legacy protocols. */
-#define PSA_KEY_TYPE_ARC4                       ((psa_key_type_t)0x04000004)
+#define PSA_KEY_TYPE_ARC4                       ((psa_key_type_t)0x40000004)
 
 /** RSA public key. */
-#define PSA_KEY_TYPE_RSA_PUBLIC_KEY             ((psa_key_type_t)0x06010000)
+#define PSA_KEY_TYPE_RSA_PUBLIC_KEY             ((psa_key_type_t)0x60010000)
 /** RSA key pair (private and public key). */
-#define PSA_KEY_TYPE_RSA_KEYPAIR                ((psa_key_type_t)0x07010000)
+#define PSA_KEY_TYPE_RSA_KEYPAIR                ((psa_key_type_t)0x70010000)
 
 /** DSA public key. */
-#define PSA_KEY_TYPE_DSA_PUBLIC_KEY             ((psa_key_type_t)0x06020000)
+#define PSA_KEY_TYPE_DSA_PUBLIC_KEY             ((psa_key_type_t)0x60020000)
 /** DSA key pair (private and public key). */
-#define PSA_KEY_TYPE_DSA_KEYPAIR                ((psa_key_type_t)0x07020000)
+#define PSA_KEY_TYPE_DSA_KEYPAIR                ((psa_key_type_t)0x70020000)
 
-#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE        ((psa_key_type_t)0x06030000)
-#define PSA_KEY_TYPE_ECC_KEYPAIR_BASE           ((psa_key_type_t)0x07030000)
+#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE        ((psa_key_type_t)0x60030000)
+#define PSA_KEY_TYPE_ECC_KEYPAIR_BASE           ((psa_key_type_t)0x70030000)
 #define PSA_KEY_TYPE_ECC_CURVE_MASK             ((psa_key_type_t)0x0000ffff)
 /** Elliptic curve key pair. */
 #define PSA_KEY_TYPE_ECC_KEYPAIR(curve)         \
@@ -441,24 +443,50 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
     (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
 
+/** Whether a key type is an unstructured array of bytes.
+ *
+ * This encompasses both symmetric keys and non-key data.
+ */
+#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \
+    (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \
+     PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
+
 /** Whether a key type is asymmetric: either a key pair or a public key. */
 #define PSA_KEY_TYPE_IS_ASYMMETRIC(type)                                \
-    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_ASYMMETRIC)
+    (((type) & PSA_KEY_TYPE_CATEGORY_MASK                               \
+      & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) ==                            \
+     PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
 /** Whether a key type is the public part of a key pair. */
 #define PSA_KEY_TYPE_IS_PUBLIC_KEY(type)                                \
-    (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG)) == \
-      PSA_KEY_TYPE_CATEGORY_ASYMMETRIC)
+    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
 /** Whether a key type is a key pair containing a private part and a public
  * part. */
 #define PSA_KEY_TYPE_IS_KEYPAIR(type)                                   \
-    (((type) & (PSA_KEY_TYPE_CATEGORY_MASK | PSA_KEY_TYPE_PAIR_FLAG)) == \
-     (PSA_KEY_TYPE_CATEGORY_ASYMMETRIC | PSA_KEY_TYPE_PAIR_FLAG))
-/** The key pair type corresponding to a public key type. */
+    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR)
+/** The key pair type corresponding to a public key type.
+ *
+ * You may also pass a key pair type as \p type, it will be left unchanged.
+ *
+ * \param type      A public key type or key pair type.
+ *
+ * \return          The corresponding key pair type.
+ *                  If \p type is not a public key or a key pair,
+ *                  the return value is undefined.
+ */
 #define PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY(type)        \
-    ((type) | PSA_KEY_TYPE_PAIR_FLAG)
-/** The public key type corresponding to a key pair type. */
+    ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
+/** The public key type corresponding to a key pair type.
+ *
+ * You may also pass a key pair type as \p type, it will be left unchanged.
+ *
+ * \param type      A public key type or key pair type.
+ *
+ * \return          The corresponding public key type.
+ *                  If \p type is not a public key or a key pair,
+ *                  the return value is undefined.
+ */
 #define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type)        \
-    ((type) & ~PSA_KEY_TYPE_PAIR_FLAG)
+    ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
 /** Whether a key type is an RSA key (pair or public-only). */
 #define PSA_KEY_TYPE_IS_RSA(type)                                       \
     (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 316acbe64..dfbb6800f 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -135,9 +135,7 @@ typedef struct
 
 static int key_type_is_raw_bytes( psa_key_type_t type )
 {
-    psa_key_type_t category = type & PSA_KEY_TYPE_CATEGORY_MASK;
-    return( category == PSA_KEY_TYPE_RAW_DATA ||
-            category == PSA_KEY_TYPE_CATEGORY_SYMMETRIC );
+    return( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) );
 }
 
 typedef struct

From e8779747947f0fd3ae5187d3cbe746b77ddd33f7 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 10 Aug 2018 16:10:56 +0200
Subject: [PATCH 454/889] Move key type feature test macros to a more logical
 place

---
 include/psa/crypto.h | 104 +++++++++++++++++++++----------------------
 1 file changed, 52 insertions(+), 52 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 55c0c0413..8a76a2151 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -368,6 +368,58 @@ typedef uint32_t psa_key_type_t;
 
 #define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR         ((psa_key_type_t)0x10000000)
 
+/** Whether a key type is vendor-defined. */
+#define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
+    (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
+
+/** Whether a key type is an unstructured array of bytes.
+ *
+ * This encompasses both symmetric keys and non-key data.
+ */
+#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \
+    (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \
+     PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
+
+/** Whether a key type is asymmetric: either a key pair or a public key. */
+#define PSA_KEY_TYPE_IS_ASYMMETRIC(type)                                \
+    (((type) & PSA_KEY_TYPE_CATEGORY_MASK                               \
+      & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) ==                            \
+     PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
+/** Whether a key type is the public part of a key pair. */
+#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type)                                \
+    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
+/** Whether a key type is a key pair containing a private part and a public
+ * part. */
+#define PSA_KEY_TYPE_IS_KEYPAIR(type)                                   \
+    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR)
+/** The key pair type corresponding to a public key type.
+ *
+ * You may also pass a key pair type as \p type, it will be left unchanged.
+ *
+ * \param type      A public key type or key pair type.
+ *
+ * \return          The corresponding key pair type.
+ *                  If \p type is not a public key or a key pair,
+ *                  the return value is undefined.
+ */
+#define PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY(type)        \
+    ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
+/** The public key type corresponding to a key pair type.
+ *
+ * You may also pass a key pair type as \p type, it will be left unchanged.
+ *
+ * \param type      A public key type or key pair type.
+ *
+ * \return          The corresponding public key type.
+ *                  If \p type is not a public key or a key pair,
+ *                  the return value is undefined.
+ */
+#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type)        \
+    ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
+/** Whether a key type is an RSA key (pair or public-only). */
+#define PSA_KEY_TYPE_IS_RSA(type)                                       \
+    (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
+
 /** Raw data.
  *
  * A "key" of this type cannot be used for any cryptographic operation.
@@ -439,58 +491,6 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve)              \
     (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
 
-/** Whether a key type is vendor-defined. */
-#define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
-    (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
-
-/** Whether a key type is an unstructured array of bytes.
- *
- * This encompasses both symmetric keys and non-key data.
- */
-#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \
-    (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \
-     PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
-
-/** Whether a key type is asymmetric: either a key pair or a public key. */
-#define PSA_KEY_TYPE_IS_ASYMMETRIC(type)                                \
-    (((type) & PSA_KEY_TYPE_CATEGORY_MASK                               \
-      & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) ==                            \
-     PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
-/** Whether a key type is the public part of a key pair. */
-#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type)                                \
-    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
-/** Whether a key type is a key pair containing a private part and a public
- * part. */
-#define PSA_KEY_TYPE_IS_KEYPAIR(type)                                   \
-    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR)
-/** The key pair type corresponding to a public key type.
- *
- * You may also pass a key pair type as \p type, it will be left unchanged.
- *
- * \param type      A public key type or key pair type.
- *
- * \return          The corresponding key pair type.
- *                  If \p type is not a public key or a key pair,
- *                  the return value is undefined.
- */
-#define PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY(type)        \
-    ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
-/** The public key type corresponding to a key pair type.
- *
- * You may also pass a key pair type as \p type, it will be left unchanged.
- *
- * \param type      A public key type or key pair type.
- *
- * \return          The corresponding public key type.
- *                  If \p type is not a public key or a key pair,
- *                  the return value is undefined.
- */
-#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type)        \
-    ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
-/** Whether a key type is an RSA key (pair or public-only). */
-#define PSA_KEY_TYPE_IS_RSA(type)                                       \
-    (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
-
 /** Whether a key type is an elliptic curve key (pair or public-only). */
 #define PSA_KEY_TYPE_IS_ECC(type)                                       \
     ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) &                        \

From 4e1e9beb56f711b01812b50a9c3282445d9ac578 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 10 Aug 2018 18:57:40 +0200
Subject: [PATCH 455/889] Define the encoding of ECC and DSA keys

---
 include/psa/crypto.h | 114 ++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 106 insertions(+), 8 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 8a76a2151..837f737c3 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1187,10 +1187,50 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  * - For Triple-DES, the format is the concatenation of the
  *   two or three DES keys.
  * - For RSA key pairs (#PSA_KEY_TYPE_RSA_KEYPAIR), the format
- *   is the non-encrypted DER representation defined by PKCS\#1 (RFC 8017)
- *   as RSAPrivateKey.
- * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the format
- *   is the DER representation defined by RFC 5280 as SubjectPublicKeyInfo.
+ *   is the non-encrypted DER encoding of the representation defined by
+ *   PKCS\#1 (RFC 8017) as `RSAPrivateKey`, version 0.
+ *   ```
+ *   RSAPrivateKey ::= SEQUENCE {
+ *       version             Version,  -- 0
+ *       modulus             INTEGER,  -- n
+ *       publicExponent      INTEGER,  -- e
+ *       privateExponent     INTEGER,  -- d
+ *       prime1              INTEGER,  -- p
+ *       prime2              INTEGER,  -- q
+ *       exponent1           INTEGER,  -- d mod (p-1)
+ *       exponent2           INTEGER,  -- d mod (q-1)
+ *       coefficient         INTEGER,  -- (inverse of q) mod p
+ *   }
+ *   ```
+ * - For DSA private keys (#PSA_KEY_TYPE_DSA_KEYPAIR), the format
+ *   is the non-encrypted DER encoding of the representation used by
+ *   OpenSSL and OpenSSH, which the following ASN.1 structure:
+ *   ```
+ *   DSAPrivateKey ::= SEQUENCE {
+ *       version             Version,  -- 0
+ *       prime               INTEGER,  -- p
+ *       subprime            INTEGER,  -- q
+ *       generator           INTEGER,  -- g
+ *       public              INTEGER,  -- y
+ *       private             INTEGER,  -- x
+ *   }
+ *   ```
+ * - For elliptic curve key pairs (key types for which
+ *   #PSA_KEY_TYPE_IS_ECC_KEYPAIR is true), the format is the
+ *   non-encrypted DER encoding of the representation defined by RFC 5915 as
+ *   `ECPrivateKey`, version 1.
+ *   ```
+ *   ECPrivateKey ::= SEQUENCE {
+ *       version             INTEGER,  -- must be 1
+ *       privateKey          OCTET STRING,
+ *           -- `ceiling(log_{256}(n))`-byte string, big endian,
+ *           -- where n is the order of the curve.
+ *       parameters          ECParameters {{ NamedCurve }},  -- mandatory
+ *       publicKey           BIT STRING  -- mandatory
+ *   }
+ *   ```
+ * - For public keys (key types for which #PSA_KEY_TYPE_IS_PUBLIC_KEY is
+ *   true), the format is the same as for psa_export_public_key().
  *
  * \param key               Slot whose content is to be exported. This must
  *                          be an occupied key slot.
@@ -1218,11 +1258,69 @@ psa_status_t psa_export_key(psa_key_slot_t key,
  * The output of this function can be passed to psa_import_key() to
  * create an object that is equivalent to the public key.
  *
- * For standard key types, the output format is as follows:
+ * The format is the DER representation defined by RFC 5280 as
+ * `SubjectPublicKeyInfo`, with the `subjectPublicKey` format
+ * specified below.
+ * ```
+ * SubjectPublicKeyInfo  ::=  SEQUENCE  {
+ *      algorithm          AlgorithmIdentifier,
+ *      subjectPublicKey   BIT STRING  }
+ * AlgorithmIdentifier  ::=  SEQUENCE  {
+ *      algorithm          OBJECT IDENTIFIER,
+ *      parameters         ANY DEFINED BY algorithm OPTIONAL  }
+ * ```
  *
- * - For RSA keys (#PSA_KEY_TYPE_RSA_KEYPAIR or #PSA_KEY_TYPE_RSA_PUBLIC_KEY),
- *   the format is the DER representation of the public key defined by RFC 5280
- *   as SubjectPublicKeyInfo.
+ * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY),
+ *   the `subjectPublicKey` format is defined by RFC 3279 &sect;2.3.1 as
+ *   `RSAPublicKey`,
+ *   with the OID `rsaEncryption`,
+ *   and with the parameters `NULL`.
+ *   ```
+ *   pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
+ *                                  rsadsi(113549) pkcs(1) 1 }
+ *   rsaEncryption OBJECT IDENTIFIER ::=  { pkcs-1 1 }
+ *
+ *   RSAPublicKey ::= SEQUENCE {
+ *      modulus            INTEGER,    -- n
+ *      publicExponent     INTEGER  }  -- e
+ *   ```
+ * - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY),
+ *   the `subjectPublicKey` format is defined by RFC 3279 &sect;2.3.2 as
+ *   `DSAPublicKey`,
+ *   with the OID `id-dsa`,
+ *   and with the parameters `DSS-Parms`.
+ *   ```
+ *   id-dsa OBJECT IDENTIFIER ::= {
+ *      iso(1) member-body(2) us(840) x9-57(10040) x9cm(4) 1 }
+ *
+ *   Dss-Parms  ::=  SEQUENCE  {
+ *      p                  INTEGER,
+ *      q                  INTEGER,
+ *      g                  INTEGER  }
+ *   DSAPublicKey ::= INTEGER -- public key, Y
+ *   ```
+ * - For elliptic curve public keys (key types for which
+ *   #PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY is true),
+ *   the `subjectPublicKey` format is defined by RFC 3279 &sect;2.3.5 as
+ *   `ECPoint`, which is an OCTET STRING containing the uncompressed
+ *   representation defined by SEC1 &sect;2.3.3.
+ *   The OID is `id-ecPublicKey`,
+ *   and the parameters must be given as a `namedCurve`.
+ *   ```
+ *   ansi-X9-62 OBJECT IDENTIFIER ::=
+ *                           { iso(1) member-body(2) us(840) 10045 }
+ *   id-public-key-type OBJECT IDENTIFIER  ::= { ansi-X9.62 2 }
+ *   id-ecPublicKey OBJECT IDENTIFIER ::= { id-publicKeyType 1 }
+ *
+ *   ECPoint ::= OCTET STRING
+ *      -- first byte: 0x04;
+ *      -- then x_P as a `ceiling(log_{256}(n))`-byte string, big endian;
+ *      -- then y_P as a `ceiling(log_{256}(n))`-byte string, big endian,
+ *      -- where n is the order of the curve.
+ *
+ *   EcpkParameters ::= CHOICE { -- other choices are not allowed
+ *      namedCurve    OBJECT IDENTIFIER }
+ *   ```
  *
  * \param key               Slot whose content is to be exported. This must
  *                          be an occupied key slot.

From 1be949b8461474f113c6fe2ef249cec8be6455d8 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 10 Aug 2018 19:06:59 +0200
Subject: [PATCH 456/889] New macro PSA_KEY_EXPORT_MAX_SIZE

Sufficient buffer size for psa_export_key() and psa_export_public_key().
---
 include/psa/crypto.h       |  14 +++
 include/psa/crypto_sizes.h | 209 +++++++++++++++++++++++++++++++++++++
 2 files changed, 223 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 837f737c3..87f2d60b7 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1243,6 +1243,12 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  * \retval #PSA_ERROR_EMPTY_SLOT
  * \retval #PSA_ERROR_NOT_PERMITTED
  * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \p data buffer is too small. You can determine a
+ *         sufficient buffer size by calling
+ *         #PSA_KEY_EXPORT_MAX_SIZE(\c type, \c bits)
+ *         where \c type is the key type
+ *         and \c bits is the key size in bits.
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
@@ -1332,6 +1338,14 @@ psa_status_t psa_export_key(psa_key_slot_t key,
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_EMPTY_SLOT
  * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         The key is neither a public key nor a key pair.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_BUFFER_TOO_SMALL
+ *         The size of the \p data buffer is too small. You can determine a
+ *         sufficient buffer size by calling
+ *         #PSA_KEY_EXPORT_MAX_SIZE(#PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(\c type), \c bits)
+ *         where \c type is the key type
+ *         and \c bits is the key size in bits.
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index ab5b17e19..bc8edc612 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -305,4 +305,213 @@
      PSA_BITS_TO_BYTES(key_bits) - PSA_RSA_MINIMUM_PADDING_SIZE(alg) :  \
      0)
 
+/* Maximum size of the ASN.1 encoding of an INTEGER with the specified
+ * number of bits.
+ *
+ * This definition assumes that bits <= 2^19 - 9 so that the length field
+ * is at most 3 bytes. The length of the encoding is the length of the
+ * bit string padded to a whole number of bytes plus:
+ * - 1 type byte;
+ * - 1 to 3 length bytes;
+ * - 0 to 1 bytes of leading 0 due to the sign bit.
+ */
+#define PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(bits)      \
+    ((bits) / 8 + 5)
+
+/* Maximum size of the export encoding of an RSA public key.
+ * Assumes that the public exponent is less than 2^32.
+ *
+ * SubjectPublicKeyInfo  ::=  SEQUENCE  {
+ *      algorithm            AlgorithmIdentifier,
+ *      subjectPublicKey     BIT STRING  } -- contains RSAPublicKey
+ * AlgorithmIdentifier  ::=  SEQUENCE  {
+ *      algorithm               OBJECT IDENTIFIER,
+ *      parameters              NULL  }
+ * RSAPublicKey  ::=  SEQUENCE  {
+ *    modulus            INTEGER,    -- n
+ *    publicExponent     INTEGER  }  -- e
+ *
+ * - 3 * 4 bytes of SEQUENCE overhead;
+ * - 1 + 1 + 9 bytes of algorithm (RSA OID);
+ * - 2 bytes of NULL;
+ * - 4 bytes of BIT STRING overhead;
+ * - n : INTEGER;
+ * - 7 bytes for the public exponent.
+ */
+#define PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits)        \
+    (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) + 36)
+
+/* Maximum size of the export encoding of an RSA key pair.
+ * Assumes thatthe public exponent is less than 2^32 and that the size
+ * difference between the two primes is at most 1 bit.
+ *
+ * RSAPrivateKey ::= SEQUENCE {
+ *     version           Version,  -- 0
+ *     modulus           INTEGER,  -- N-bit
+ *     publicExponent    INTEGER,  -- 32-bit
+ *     privateExponent   INTEGER,  -- N-bit
+ *     prime1            INTEGER,  -- N/2-bit
+ *     prime2            INTEGER,  -- N/2-bit
+ *     exponent1         INTEGER,  -- N/2-bit
+ *     exponent2         INTEGER,  -- N/2-bit
+ *     coefficient       INTEGER,  -- N/2-bit
+ * }
+ *
+ * - 4 bytes of SEQUENCE overhead;
+ * - 3 bytes of version;
+ * - 7 half-size INTEGERs plus 2 full-size INTEGERs,
+ *   overapproximated as 9 half-size INTEGERS;
+ * - 7 bytes for the public exponent.
+ */
+#define PSA_KEY_EXPORT_RSA_KEYPAIR_MAX_SIZE(key_bits)   \
+    (9 * PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE((key_bits) / 2 + 1) + 14)
+
+/* Maximum size of the export encoding of a DSA public key.
+ *
+ * SubjectPublicKeyInfo  ::=  SEQUENCE  {
+ *      algorithm            AlgorithmIdentifier,
+ *      subjectPublicKey     BIT STRING  } -- contains DSAPublicKey
+ * AlgorithmIdentifier  ::=  SEQUENCE  {
+ *      algorithm               OBJECT IDENTIFIER,
+ *      parameters              Dss-Parms  } -- SEQUENCE of 3 INTEGERs
+ * DSAPublicKey  ::=  INTEGER -- public key, Y
+ *
+ * - 3 * 4 bytes of SEQUENCE overhead;
+ * - 1 + 1 + 7 bytes of algorithm (DSA OID);
+ * - 4 bytes of BIT STRING overhead;
+ * - 3 full-size INTEGERs (p, g, y);
+ * - 1 + 1 + 32 bytes for 1 sub-size INTEGER (q <= 256 bits).
+ */
+#define PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits)        \
+    (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3 + 59)
+
+/* Maximum size of the export encoding of a DSA key pair.
+ *
+ * DSAPrivateKey ::= SEQUENCE {
+ *     version             Version,  -- 0
+ *     prime               INTEGER,  -- p
+ *     subprime            INTEGER,  -- q
+ *     generator           INTEGER,  -- g
+ *     public              INTEGER,  -- y
+ *     private             INTEGER,  -- x
+ * }
+ *
+ * - 4 bytes of SEQUENCE overhead;
+ * - 3 bytes of version;
+ * - 3 full-size INTEGERs (p, g, y);
+ * - 2 * (1 + 1 + 32) bytes for 2 sub-size INTEGERs (q, x <= 256 bits).
+ */
+#define PSA_KEY_EXPORT_DSA_KEYPAIR_MAX_SIZE(key_bits)   \
+    (PSA_KEY_EXPORT_ASN1_INTEGER_MAX_SIZE(key_bits) * 3 + 75)
+
+/* Maximum size of the export encoding of an ECC public key.
+ *
+ * SubjectPublicKeyInfo  ::=  SEQUENCE  {
+ *      algorithm            AlgorithmIdentifier,
+ *      subjectPublicKey     BIT STRING  } -- contains ECPoint
+ * AlgorithmIdentifier  ::=  SEQUENCE  {
+ *      algorithm               OBJECT IDENTIFIER,
+ *      parameters              OBJECT IDENTIFIER } -- namedCurve
+ * ECPoint ::= OCTET STRING
+ *    -- first byte: 0x04;
+ *    -- then x_P as a `ceiling(log_{256}(n))`-byte string, big endian;
+ *    -- then y_P as a `ceiling(log_{256}(n))`-byte string, big endian,
+ *    -- where n is the order of the curve.
+ *
+ * - 2 * 4 bytes of SEQUENCE overhead;
+ * - 1 + 1 + 7 bytes of algorithm (id-ecPublicKey OID);
+ * - 1 + 1 + 12 bytes of namedCurve OID;
+ * - 4 bytes of BIT STRING overhead;
+ * - 1 byte + 2 * point size in ECPoint.
+ */
+#define PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits)        \
+    (2 * PSA_BITS_TO_BYTES(key_bits) + 36)
+
+/* Maximum size of the export encoding of an ECC key pair.
+ *
+ *   ECPrivateKey ::= SEQUENCE {
+ *       version             INTEGER,  -- must be 1
+ *       privateKey          OCTET STRING,
+ *           -- `ceiling(log_{256}(n))`-byte string, big endian,
+ *           -- where n is the order of the curve.
+ *       parameters          ECParameters {{ NamedCurve }},  -- mandatory
+ *       publicKey           BIT STRING  -- mandatory
+ *   }
+ *
+ * - 4 bytes of SEQUENCE overhead;
+ * - 1 * point size in privateKey
+ * - 1 + 1 + 12 bytes of namedCurve OID;
+ * - 4 bytes of BIT STRING overhead;
+ * - public key as for #PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE.
+ */
+#define PSA_KEY_EXPORT_ECC_KEYPAIR_MAX_SIZE(key_bits)   \
+    (3 * PSA_BITS_TO_BYTES(key_bits) + 56)
+
+/** Safe output buffer size for psa_export_key() or psa_export_public_key().
+ *
+ * This macro returns a compile-time constant if its arguments are
+ * compile-time constants.
+ *
+ * \warning This function may call its arguments multiple times or
+ *          zero times, so you should not pass arguments that contain
+ *          side effects.
+ *
+ * The following code illustrates how to allocate enough memory to export
+ * a key by querying the key type and size at runtime.
+ * \code{c}
+ * psa_key_type_t key_type;
+ * size_t key_bits;
+ * psa_status_t status;
+ * status = psa_get_key_information(key, &key_type, &key_bits);
+ * if (status != PSA_SUCCESS) handle_error(...);
+ * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits);
+ * unsigned char *buffer = malloc(buffer_size);
+ * if (buffer != NULL) handle_error(...);
+ * size_t buffer_length;
+ * status = psa_export_key(key, buffer, buffer_size, &buffer_length);
+ * if (status != PSA_SUCCESS) handle_error(...);
+ * \endcode
+ *
+ * For psa_export_public_key(), calculate the buffer size from the
+ * public key type. You can use the macro #PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR
+ * to convert a key pair type to the corresponding public key type.
+ * \code{c}
+ * psa_key_type_t key_type;
+ * size_t key_bits;
+ * psa_status_t status;
+ * status = psa_get_key_information(key, &key_type, &key_bits);
+ * if (status != PSA_SUCCESS) handle_error(...);
+ * psa_key_type_t public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(key_type);
+ * size_t buffer_size = PSA_KEY_EXPORT_MAX_SIZE(public_key_type, key_bits);
+ * unsigned char *buffer = malloc(buffer_size);
+ * if (buffer != NULL) handle_error(...);
+ * size_t buffer_length;
+ * status = psa_export_public_key(key, buffer, buffer_size, &buffer_length);
+ * if (status != PSA_SUCCESS) handle_error(...);
+ * \endcode
+ *
+ * \param key_type  A supported key type.
+ * \param key_bits  The size of the key in bits.
+ * \param alg       The signature algorithm.
+ *
+ * \return If the parameters are valid and supported, return
+ *         a buffer size in bytes that guarantees that
+ *         psa_asymmetric_sign() will not fail with
+ *         #PSA_ERROR_BUFFER_TOO_SMALL.
+ *         If the parameters are a valid combination that is not supported
+ *         by the implementation, this macro either shall return either a
+ *         sensible size or 0.
+ *         If the parameters are not valid, the
+ *         return value is unspecified.
+ */
+#define PSA_KEY_EXPORT_MAX_SIZE(key_type, key_bits)                     \
+    (PSA_KEY_TYPE_IS_UNSTRUCTURED(key_type) ? PSA_BITS_TO_BYTES(key_bits) : \
+     (key_type) == PSA_KEY_TYPE_RSA_KEYPAIR ? PSA_KEY_EXPORT_RSA_KEYPAIR_MAX_SIZE(key_bits) : \
+     (key_type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY ? PSA_KEY_EXPORT_RSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \
+     (key_type) == PSA_KEY_TYPE_DSA_KEYPAIR ? PSA_KEY_EXPORT_DSA_KEYPAIR_MAX_SIZE(key_bits) : \
+     (key_type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY ? PSA_KEY_EXPORT_DSA_PUBLIC_KEY_MAX_SIZE(key_bits) : \
+     PSA_KEY_TYPE_IS_ECC_KEYPAIR(key_type) ? PSA_KEY_EXPORT_ECC_KEYPAIR_MAX_SIZE(key_bits) : \
+     PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \
+     0)
+
 #endif /* PSA_CRYPTO_SIZES_H */

From d14664a79b40e0497d919bf73ed4c4cd327a3026 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 10 Aug 2018 19:07:32 +0200
Subject: [PATCH 457/889] Move export key sanity check from generate to
 exercise

Move the code to perform sanity checks on the exported key from
generate_key to exercise_key. This way the sanity checks can be
performed after importing or deriving a key as well.

In addition to checking the exported key if its usage allows it, check
the exported public key if the key is asymmetric.
---
 tests/suites/test_suite_psa_crypto.function | 236 +++++++++++++-------
 1 file changed, 154 insertions(+), 82 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 310df38f4..317475041 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -393,6 +393,156 @@ exit:
     return( 0 );
 }
 
+int exported_key_sanity_check( psa_key_type_t type, size_t bits,
+                               uint8_t *exported, size_t exported_length )
+{
+    if( key_type_is_raw_bytes( type ) )
+        TEST_ASSERT( exported_length == ( bits + 7 ) / 8 );
+
+#if defined(MBEDTLS_DES_C)
+    if( type == PSA_KEY_TYPE_DES )
+    {
+        /* Check the parity bits. */
+        unsigned i;
+        for( i = 0; i < bits / 8; i++ )
+        {
+            unsigned bit_count = 0;
+            unsigned m;
+            for( m = 1; m <= 0x100; m <<= 1 )
+            {
+                if( exported[i] & m )
+                    ++bit_count;
+            }
+            TEST_ASSERT( bit_count % 2 != 0 );
+        }
+    }
+#endif
+
+#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C)
+    if( type == PSA_KEY_TYPE_RSA_KEYPAIR )
+    {
+        /* Sanity check: does this look like the beginning of a PKCS#8
+         * RSA key pair? Assumes bits is a multiple of 8. */
+        size_t n_bytes = bits / 8 + 1;
+        size_t n_encoded_bytes;
+        unsigned char *n_end;
+        TEST_ASSERT( exported_length >= 7 + ( n_bytes + 3 ) * 9 / 2 );
+        TEST_ASSERT( exported[0] == 0x30 );
+        TEST_ASSERT( exported[1] == 0x82 ); // assumes >=416-bit key
+        TEST_ASSERT( exported[4] == 0x02 );
+        TEST_ASSERT( exported[5] == 0x01 );
+        TEST_ASSERT( exported[6] == 0x00 );
+        TEST_ASSERT( exported[7] == 0x02 );
+        n_encoded_bytes = exported[8];
+        n_end = exported + 9 + n_encoded_bytes;
+        if( n_encoded_bytes & 0x80 )
+        {
+            n_encoded_bytes = ( n_encoded_bytes & 0x7f ) << 7;
+            n_encoded_bytes |= exported[9] & 0x7f;
+            n_end += 1;
+        }
+        /* The encoding of n should start with a 0 byte since it should
+         * have its high bit set. However Mbed TLS is not compliant and
+         * generates an invalid, but widely tolerated, encoding of
+         * positive INTEGERs with a bit size that is a multiple of 8
+         * with no leading 0 byte. Accept this here. */
+        TEST_ASSERT( n_bytes == n_encoded_bytes ||
+                     n_bytes == n_encoded_bytes + 1 );
+        if( n_bytes == n_encoded_bytes )
+            TEST_ASSERT( exported[n_encoded_bytes <= 127 ? 9 : 10] == 0x00 );
+        /* Sanity check: e must be 3 */
+        TEST_ASSERT( n_end[0] == 0x02 );
+        TEST_ASSERT( n_end[1] == 0x03 );
+        TEST_ASSERT( n_end[2] == 0x01 );
+        TEST_ASSERT( n_end[3] == 0x00 );
+        TEST_ASSERT( n_end[4] == 0x01 );
+        TEST_ASSERT( n_end[5] == 0x02 );
+    }
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_ECP_C)
+    if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) )
+    {
+        /* Sanity check: does this look like the beginning of a PKCS#8
+         * elliptic curve key pair? */
+        TEST_ASSERT( exported_length >= bits * 3 / 8 + 10 );
+        TEST_ASSERT( exported[0] == 0x30 );
+    }
+#endif /* MBEDTLS_ECP_C */
+
+    return( 0 );
+
+exit:
+    return( 1 );
+}
+
+static int exercise_export_key( psa_key_slot_t slot,
+                                psa_key_usage_t usage )
+{
+    psa_key_type_t type;
+    size_t bits;
+    uint8_t *exported = NULL;
+    size_t exported_size = 0;
+    size_t exported_length = 0;
+    int ok = 0;
+
+    if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 )
+    {
+        TEST_ASSERT( psa_export_key( slot, NULL, 0, &exported_length ) ==
+                     PSA_ERROR_NOT_PERMITTED );
+        return( 1 );
+    }
+
+    TEST_ASSERT( psa_get_key_information( slot, &type, &bits ) == PSA_SUCCESS );
+    exported_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits );
+    exported = mbedtls_calloc( 1, exported_size );
+    TEST_ASSERT( exported != NULL );
+
+    TEST_ASSERT( psa_export_key( slot,
+                                 exported, exported_size,
+                                 &exported_length ) == PSA_SUCCESS );
+    ok = exported_key_sanity_check( type, bits, exported, exported_length );
+
+exit:
+    mbedtls_free( exported );
+    return( ok );
+}
+
+static int exercise_export_public_key( psa_key_slot_t slot )
+{
+    psa_key_type_t type;
+    psa_key_type_t public_type;
+    size_t bits;
+    uint8_t *exported = NULL;
+    size_t exported_size = 0;
+    size_t exported_length = 0;
+    int ok = 0;
+
+    TEST_ASSERT( psa_get_key_information( slot, &type, &bits ) == PSA_SUCCESS );
+    if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( type ) )
+    {
+        TEST_ASSERT( psa_export_public_key( slot,
+                                            NULL, 0, &exported_length ) ==
+                     PSA_ERROR_INVALID_ARGUMENT );
+        return( 1 );
+    }
+
+    public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type );
+    exported_size = PSA_KEY_EXPORT_MAX_SIZE( public_type, bits );
+    exported = mbedtls_calloc( 1, exported_size );
+    TEST_ASSERT( exported != NULL );
+
+    TEST_ASSERT( psa_export_public_key( slot,
+                                        exported, exported_size,
+                                        &exported_length ) == PSA_SUCCESS );
+    ok = exported_key_sanity_check( public_type, bits,
+                                    exported, exported_length );
+
+exit:
+    mbedtls_free( exported );
+    return( ok );
+}
+
 static int exercise_key( psa_key_slot_t slot,
                          psa_key_usage_t usage,
                          psa_algorithm_t alg )
@@ -421,6 +571,10 @@ static int exercise_key( psa_key_slot_t slot,
         test_fail( message, __LINE__, __FILE__ );
         ok = 0;
     }
+
+    ok = ok && exercise_export_key( slot, usage );
+    ok = ok && exercise_export_public_key( slot );
+
     return( ok );
 }
 
@@ -3056,10 +3210,6 @@ void generate_key( int type_arg,
     psa_status_t expected_status = expected_status_arg;
     psa_key_type_t got_type;
     size_t got_bits;
-    unsigned char exported[616] = {0}; /* enough for a 1024-bit RSA key */
-    size_t exported_length;
-    psa_status_t expected_export_status =
-        usage & PSA_KEY_USAGE_EXPORT ? PSA_SUCCESS : PSA_ERROR_NOT_PERMITTED;
     psa_status_t expected_info_status =
         expected_status == PSA_SUCCESS ? PSA_SUCCESS : PSA_ERROR_EMPTY_SLOT;
     psa_key_policy_t policy;
@@ -3083,84 +3233,6 @@ void generate_key( int type_arg,
     TEST_ASSERT( got_type == type );
     TEST_ASSERT( got_bits == bits );
 
-    /* Export the key */
-    TEST_ASSERT( psa_export_key( slot,
-                                 exported, sizeof( exported ),
-                                 &exported_length ) == expected_export_status );
-    if( expected_export_status == PSA_SUCCESS )
-    {
-        if( key_type_is_raw_bytes( type ) )
-            TEST_ASSERT( exported_length == ( bits + 7 ) / 8 );
-#if defined(MBEDTLS_DES_C)
-        if( type == PSA_KEY_TYPE_DES )
-        {
-            /* Check the parity bits. */
-            unsigned i;
-            for( i = 0; i < bits / 8; i++ )
-            {
-                unsigned bit_count = 0;
-                unsigned m;
-                for( m = 1; m <= 0x100; m <<= 1 )
-                {
-                    if( exported[i] & m )
-                        ++bit_count;
-                }
-                TEST_ASSERT( bit_count % 2 != 0 );
-            }
-        }
-#endif
-#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C)
-        if( type == PSA_KEY_TYPE_RSA_KEYPAIR )
-        {
-            /* Sanity check: does this look like the beginning of a PKCS#8
-             * RSA key pair? Assumes bits is a multiple of 8. */
-            size_t n_bytes = bits / 8 + 1;
-            size_t n_encoded_bytes;
-            unsigned char *n_end;
-            TEST_ASSERT( exported_length >= 7 + ( n_bytes + 3 ) * 9 / 2 );
-            TEST_ASSERT( exported[0] == 0x30 );
-            TEST_ASSERT( exported[1] == 0x82 ); // assumes >=416-bit key
-            TEST_ASSERT( exported[4] == 0x02 );
-            TEST_ASSERT( exported[5] == 0x01 );
-            TEST_ASSERT( exported[6] == 0x00 );
-            TEST_ASSERT( exported[7] == 0x02 );
-            n_encoded_bytes = exported[8];
-            n_end = exported + 9 + n_encoded_bytes;
-            if( n_encoded_bytes & 0x80 )
-            {
-                n_encoded_bytes = ( n_encoded_bytes & 0x7f ) << 7;
-                n_encoded_bytes |= exported[9] & 0x7f;
-                n_end += 1;
-            }
-            /* The encoding of n should start with a 0 byte since it should
-             * have its high bit set. However Mbed TLS is not compliant and
-             * generates an invalid, but widely tolerated, encoding of
-             * positive INTEGERs with a bit size that is a multiple of 8
-             * with no leading 0 byte. Accept this here. */
-            TEST_ASSERT( n_bytes == n_encoded_bytes ||
-                         n_bytes == n_encoded_bytes + 1 );
-            if( n_bytes == n_encoded_bytes )
-                TEST_ASSERT( exported[n_encoded_bytes <= 127 ? 9 : 10] == 0x00 );
-            /* Sanity check: e must be 3 */
-            TEST_ASSERT( n_end[0] == 0x02 );
-            TEST_ASSERT( n_end[1] == 0x03 );
-            TEST_ASSERT( n_end[2] == 0x01 );
-            TEST_ASSERT( n_end[3] == 0x00 );
-            TEST_ASSERT( n_end[4] == 0x01 );
-            TEST_ASSERT( n_end[5] == 0x02 );
-        }
-#endif /* MBEDTLS_RSA_C */
-#if defined(MBEDTLS_ECP_C)
-        if( PSA_KEY_TYPE_IS_ECC( type ) )
-        {
-            /* Sanity check: does this look like the beginning of a PKCS#8
-             * elliptic curve key pair? */
-            TEST_ASSERT( exported_length >= bits * 3 / 8 + 10 );
-            TEST_ASSERT( exported[0] == 0x30 );
-        }
-#endif /* MBEDTLS_ECP_C */
-    }
-
     /* Do something with the key according to its type and permitted usage. */
     if( ! exercise_key( slot, usage, alg ) )
         goto exit;

From 4f6c77b0a9f4534b52c67b3416cc34d290ad9b5f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 11 Aug 2018 01:17:53 +0200
Subject: [PATCH 458/889] fixup format spec

---
 include/psa/crypto.h | 29 +++++++++++++++++------------
 1 file changed, 17 insertions(+), 12 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 87f2d60b7..3f8cb44c9 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1191,7 +1191,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  *   PKCS\#1 (RFC 8017) as `RSAPrivateKey`, version 0.
  *   ```
  *   RSAPrivateKey ::= SEQUENCE {
- *       version             Version,  -- 0
+ *       version             INTEGER,  -- must be 0
  *       modulus             INTEGER,  -- n
  *       publicExponent      INTEGER,  -- e
  *       privateExponent     INTEGER,  -- d
@@ -1207,7 +1207,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  *   OpenSSL and OpenSSH, which the following ASN.1 structure:
  *   ```
  *   DSAPrivateKey ::= SEQUENCE {
- *       version             Version,  -- 0
+ *       version             INTEGER,  -- must be 0
  *       prime               INTEGER,  -- p
  *       subprime            INTEGER,  -- q
  *       generator           INTEGER,  -- g
@@ -1218,15 +1218,19 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  * - For elliptic curve key pairs (key types for which
  *   #PSA_KEY_TYPE_IS_ECC_KEYPAIR is true), the format is the
  *   non-encrypted DER encoding of the representation defined by RFC 5915 as
- *   `ECPrivateKey`, version 1.
+ *   `ECPrivateKey`, version 1. The `ECParameters` field must be a
+ *   `namedCurve` OID as specified in RFC 5480 &sect;2.1.1.1. The public key
+ *   must be present and must be an `ECPoint` in the same format
+ *   (uncompressed variant) an ECC public key of the
+ *   corresponding type exported with psa_export_public_key().
  *   ```
  *   ECPrivateKey ::= SEQUENCE {
  *       version             INTEGER,  -- must be 1
  *       privateKey          OCTET STRING,
- *           -- `ceiling(log_{256}(n))`-byte string, big endian,
+ *           -- `ceiling(log2(n)/8)`-byte string, big endian,
  *           -- where n is the order of the curve.
- *       parameters          ECParameters {{ NamedCurve }},  -- mandatory
- *       publicKey           BIT STRING  -- mandatory
+ *       parameters      [0] IMPLICIT ECParameters {{ namedCurve }},  -- mandatory
+ *       publicKey       [1] IMPLICIT BIT STRING  -- mandatory
  *   }
  *   ```
  * - For public keys (key types for which #PSA_KEY_TYPE_IS_PUBLIC_KEY is
@@ -1308,20 +1312,21 @@ psa_status_t psa_export_key(psa_key_slot_t key,
  * - For elliptic curve public keys (key types for which
  *   #PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY is true),
  *   the `subjectPublicKey` format is defined by RFC 3279 &sect;2.3.5 as
- *   `ECPoint`, which is an OCTET STRING containing the uncompressed
+ *   `ECPoint`, which contains the uncompressed
  *   representation defined by SEC1 &sect;2.3.3.
  *   The OID is `id-ecPublicKey`,
- *   and the parameters must be given as a `namedCurve`.
+ *   and the parameters must be given as a `namedCurve` OID as specified in
+ *   RFC 5480 &sect;2.1.1.1.
  *   ```
  *   ansi-X9-62 OBJECT IDENTIFIER ::=
  *                           { iso(1) member-body(2) us(840) 10045 }
  *   id-public-key-type OBJECT IDENTIFIER  ::= { ansi-X9.62 2 }
  *   id-ecPublicKey OBJECT IDENTIFIER ::= { id-publicKeyType 1 }
  *
- *   ECPoint ::= OCTET STRING
- *      -- first byte: 0x04;
- *      -- then x_P as a `ceiling(log_{256}(n))`-byte string, big endian;
- *      -- then y_P as a `ceiling(log_{256}(n))`-byte string, big endian,
+ *   ECPoint ::= ...
+ *      -- first 8 bits: 0x04;
+ *      -- then x_P as an n-bit string, big endian;
+ *      -- then y_P as a n-bit string, big endian,
  *      -- where n is the order of the curve.
  *
  *   EcpkParameters ::= CHOICE { -- other choices are not allowed

From 996deb18cca397d5be2728bde8fd27e57ea11052 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 1 Aug 2018 15:45:45 +0200
Subject: [PATCH 459/889] Fix buffer overflow in the slot array

Slots are numbered from 1, but the slot array is a C array so it's
numbered from 0.

Add a non-regression test.
---
 library/psa_crypto.c                        |  9 +++-
 tests/suites/test_suite_psa_crypto.data     |  3 ++
 tests/suites/test_suite_psa_crypto.function | 59 +++++++++++++++++++++
 3 files changed, 69 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 210fa5ff4..fe3072935 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -82,6 +82,8 @@
 
 
 
+#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
+
 /* Implementation that should never be optimized out by the compiler */
 static void mbedtls_zeroize( void *v, size_t n )
 {
@@ -343,10 +345,13 @@ static psa_status_t mbedtls_to_psa_error( int ret )
 static psa_status_t psa_get_key_slot( psa_key_slot_t key,
                                       key_slot_t **p_slot )
 {
-    if( key == 0 || key > PSA_KEY_SLOT_COUNT )
+    /* 0 is not a valid slot number under any circumstance. This
+     * implementation provides slots number 1 to N where N is the
+     * number of available slots. */
+    if( key == 0 || key > ARRAY_LENGTH( global_data.key_slots ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    *p_slot = &global_data.key_slots[key];
+    *p_slot = &global_data.key_slots[key - 1];
     return( PSA_SUCCESS );
 }
 
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 894317e32..0f7c8a97f 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1,6 +1,9 @@
 PSA init/deinit
 init_deinit:
 
+PSA fill 250 slots
+fill_slots:250
+
 PSA import/export raw: 0 bytes
 import_export:"":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1
 
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 2e0804bf5..88ef27fbb 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -447,6 +447,65 @@ void init_deinit( )
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void fill_slots( int max_arg )
+{
+    /* Fill all the slots until we run out of memory or out of slots,
+     * or until some limit specified in the test data for the sake of
+     * implementations with an essentially unlimited number of slots.
+     * This test assumes that available slots are numbered from 1. */
+
+    psa_key_slot_t slot;
+    psa_key_slot_t max = 0;
+    psa_key_policy_t policy;
+    uint8_t exported[sizeof( max )];
+    size_t exported_size;
+    psa_status_t status;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 );
+
+    for( max = 1; max <= (size_t) max_arg; max++ )
+    {
+        status = psa_set_key_policy( max, &policy );
+        /* Stop filling slots if we run out of memory or out of
+         * available slots. */
+        TEST_ASSERT( status == PSA_SUCCESS ||
+                     status == PSA_ERROR_INSUFFICIENT_MEMORY ||
+                     status == PSA_ERROR_INVALID_ARGUMENT );
+        if( status != PSA_SUCCESS )
+            break;
+        status = psa_import_key( max, PSA_KEY_TYPE_RAW_DATA,
+                                 (uint8_t*) &max, sizeof( max ) );
+        /* Since psa_set_key_policy succeeded, we know that the slot
+         * number is valid. But we may legitimately run out of memory. */
+        TEST_ASSERT( status == PSA_SUCCESS ||
+                     status == PSA_ERROR_INSUFFICIENT_MEMORY );
+        if( status != PSA_SUCCESS )
+            break;
+    }
+    /* `max` is now the first slot number that wasn't filled. */
+    max -= 1;
+
+    for( slot = 1; slot <= max; slot++ )
+    {
+        TEST_ASSERT( psa_export_key( slot,
+                                     exported, sizeof( exported ),
+                                     &exported_size ) == PSA_SUCCESS );
+        TEST_ASSERT( exported_size == sizeof( slot ) );
+        TEST_ASSERT( memcmp( exported, &slot, sizeof( slot ) ) == 0 );
+        TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
+    }
+
+exit:
+    for( slot = 1; slot <= max; slot++ )
+        psa_destroy_key( slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void import( data_t *data, int type, int expected_status_arg )
 {

From cb6adbb75023bc47cbd4082bccf0cff297f6d752 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 11 Aug 2018 01:18:12 +0200
Subject: [PATCH 460/889] fixup sizes

---
 include/psa/crypto_sizes.h | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index bc8edc612..4df72b025 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -412,10 +412,10 @@
  * AlgorithmIdentifier  ::=  SEQUENCE  {
  *      algorithm               OBJECT IDENTIFIER,
  *      parameters              OBJECT IDENTIFIER } -- namedCurve
- * ECPoint ::= OCTET STRING
- *    -- first byte: 0x04;
- *    -- then x_P as a `ceiling(log_{256}(n))`-byte string, big endian;
- *    -- then y_P as a `ceiling(log_{256}(n))`-byte string, big endian,
+ * ECPoint ::= ...
+ *    -- first 8 bits: 0x04;
+ *    -- then x_P as an n-bit string, big endian;
+ *    -- then y_P as a n-bit string, big endian,
  *    -- where n is the order of the curve.
  *
  * - 2 * 4 bytes of SEQUENCE overhead;
@@ -432,10 +432,10 @@
  *   ECPrivateKey ::= SEQUENCE {
  *       version             INTEGER,  -- must be 1
  *       privateKey          OCTET STRING,
- *           -- `ceiling(log_{256}(n))`-byte string, big endian,
+ *           -- `ceiling(log2(n)/8)`-byte string, big endian,
  *           -- where n is the order of the curve.
- *       parameters          ECParameters {{ NamedCurve }},  -- mandatory
- *       publicKey           BIT STRING  -- mandatory
+ *       parameters      [0] IMPLICIT ECParameters {{ NamedCurve }},
+ *       publicKey       [1] IMPLICIT BIT STRING
  *   }
  *
  * - 4 bytes of SEQUENCE overhead;

From 9a05634558ccd2f8cbb8cf62a22555a7085f4d42 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 1 Aug 2018 15:46:54 +0200
Subject: [PATCH 461/889] psa_crypto_free: destroy the last slot

The last slot in the array was not freed due to an off-by-one error.

Amend the fill_slots test to serve as a non-regression test for this
issue: without this bug fix, it would cause a memory leak.
---
 library/psa_crypto.c                        | 2 +-
 tests/suites/test_suite_psa_crypto.function | 4 +---
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index fe3072935..8b25dac1a 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3453,7 +3453,7 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
 void mbedtls_psa_crypto_free( void )
 {
     psa_key_slot_t key;
-    for( key = 1; key < PSA_KEY_SLOT_COUNT; key++ )
+    for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ )
         psa_destroy_key( key );
     mbedtls_ctr_drbg_free( &global_data.ctr_drbg );
     mbedtls_entropy_free( &global_data.entropy );
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 88ef27fbb..43e479470 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -496,12 +496,10 @@ void fill_slots( int max_arg )
                                      &exported_size ) == PSA_SUCCESS );
         TEST_ASSERT( exported_size == sizeof( slot ) );
         TEST_ASSERT( memcmp( exported, &slot, sizeof( slot ) ) == 0 );
-        TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
     }
 
 exit:
-    for( slot = 1; slot <= max; slot++ )
-        psa_destroy_key( slot );
+    /* Do not destroy the keys. mbedtls_psa_crypto_free() should do it. */
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */

From ddeb55ad3244c640416e7cf6fac85b5c75afa944 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 2 Aug 2018 15:08:07 +0200
Subject: [PATCH 462/889] Remove trailing whitespace and fix indentation in
 generated C file

---
 scripts/generate_psa_constants.py | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py
index e4cb45b4a..bc2302aff 100755
--- a/scripts/generate_psa_constants.py
+++ b/scripts/generate_psa_constants.py
@@ -120,16 +120,16 @@ static int psa_snprint_key_usage(char *buffer, size_t buffer_size,
 '''
 
 key_type_from_curve_template = '''if (%(tester)s(type)) {
-        append_with_curve(&buffer, buffer_size, &required_size,
-                          "%(builder)s", %(builder_length)s,
-                          PSA_KEY_TYPE_GET_CURVE(type));
-    } else '''
+            append_with_curve(&buffer, buffer_size, &required_size,
+                              "%(builder)s", %(builder_length)s,
+                              PSA_KEY_TYPE_GET_CURVE(type));
+        } else '''
 
 algorithm_from_hash_template = '''if (%(tester)s(alg_without_padding)) {
-        append_with_hash(&buffer, buffer_size, &required_size,
-                         "%(builder)s", %(builder_length)s,
-                         PSA_ALG_GET_HASH(alg_without_padding));
-    } else '''
+            append_with_hash(&buffer, buffer_size, &required_size,
+                             "%(builder)s", %(builder_length)s,
+                             PSA_ALG_GET_HASH(alg_without_padding));
+        } else '''
 
 bit_test_template = '''\
     if (%(var)s & %(flag)s) {
@@ -244,7 +244,7 @@ class MacroCollector:
     def make_key_type_code(self):
         d = self.key_types_from_curve
         make = self.make_key_type_from_curve_code
-        return '\n        '.join([make(k, d[k]) for k in sorted(d.keys())])
+        return ''.join([make(k, d[k]) for k in sorted(d.keys())])
 
     def make_hash_algorithm_cases(self):
         return '\n    '.join(map(self.make_return_case,
@@ -266,7 +266,7 @@ class MacroCollector:
     def make_algorithm_code(self):
         d = self.algorithms_from_hash
         make = self.make_algorithm_from_hash_code
-        return '\n        '.join([make(k, d[k]) for k in sorted(d.keys())])
+        return ''.join([make(k, d[k]) for k in sorted(d.keys())])
 
     def make_key_usage_code(self):
         return '\n'.join([self.make_bit_test('usage', bit)

From dd2f95b855f9c570dd1d73260abc01f3000e7868 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 11 Aug 2018 01:22:42 +0200
Subject: [PATCH 463/889] Improve and augment export sanity checks

Implement sanity checks of exported public keys, using ASN.1 parsing.
Rewrite the sanity checks of key pairs using ASN.1 parsing, so as to
check more things with simpler code.
---
 tests/suites/test_suite_psa_crypto.function | 323 ++++++++++++++++----
 1 file changed, 269 insertions(+), 54 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 317475041..b04f6a390 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -5,7 +5,10 @@
 #include "spm/psa_defs.h"
 #endif
 
+#include "mbedtls/asn1.h"
 #include "mbedtls/asn1write.h"
+#include "mbedtls/oid.h"
+
 #include "psa/crypto.h"
 
 #define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
@@ -38,13 +41,6 @@ static int mem_is_zero( void *buffer, size_t size )
     return( 1 );
 }
 
-static int key_type_is_raw_bytes( psa_key_type_t type )
-{
-    psa_key_type_t category = type & PSA_KEY_TYPE_CATEGORY_MASK;
-    return( category == PSA_KEY_TYPE_RAW_DATA ||
-            category == PSA_KEY_TYPE_CATEGORY_SYMMETRIC );
-}
-
 /* Write the ASN.1 INTEGER with the value 2^(bits-1)+x backwards from *p. */
 static int asn1_write_10x( unsigned char **p,
                            unsigned char *start,
@@ -393,11 +389,118 @@ exit:
     return( 0 );
 }
 
-int exported_key_sanity_check( psa_key_type_t type, size_t bits,
-                               uint8_t *exported, size_t exported_length )
+typedef struct
 {
-    if( key_type_is_raw_bytes( type ) )
+    unsigned char length;
+    unsigned char string[];
+} small_byte_string_t;
+#define DECLARE_SMALL_STRING_OF_LITERAL( name, literal )                \
+    static const small_byte_string_t name =                             \
+    { sizeof( literal ) - 1, literal }
+
+#if defined(MBEDTLS_RSA_C)
+DECLARE_SMALL_STRING_OF_LITERAL( key_type_oid_rsa,
+                                 MBEDTLS_OID_PKCS1_RSA );
+#endif
+#if defined(MBEDTLS_ECP_C)
+DECLARE_SMALL_STRING_OF_LITERAL( key_type_oid_ecc,
+                                 MBEDTLS_OID_EC_ALG_UNRESTRICTED );
+#endif
+
+static int is_oid_of_key_type( psa_key_type_t type,
+                               const uint8_t *oid, size_t oid_length )
+{
+    const small_byte_string_t *expected_oid =
+#if defined(MBEDTLS_RSA_C)
+        PSA_KEY_TYPE_IS_RSA( type ) ? &key_type_oid_rsa :
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECP_C)
+        PSA_KEY_TYPE_IS_ECC( type ) ? &key_type_oid_ecc :
+#endif /* MBEDTLS_ECP_C */
+        NULL;
+
+    if( expected_oid == NULL )
+    {
+        char message[40];
+        mbedtls_snprintf( message, sizeof( message ),
+                          "OID not known for key type=0x%08lx",
+                          (unsigned long) type );
+        test_fail( message, __LINE__, __FILE__ );
+        return( 0 );
+    }
+
+    TEST_ASSERT( oid_length == expected_oid->length );
+    TEST_ASSERT( memcmp( oid, expected_oid->string, oid_length ) == 0 );
+    return( 1 );
+
+exit:
+    return( 0 );
+}
+
+static int asn1_skip_integer( unsigned char **p, const unsigned char *end,
+                              size_t min_bits, size_t max_bits,
+                              int must_be_odd )
+{
+    size_t len;
+    size_t actual_bits;
+    unsigned char msb;
+    TEST_ASSERT( mbedtls_asn1_get_tag( p, end, &len,
+                                       MBEDTLS_ASN1_INTEGER ) == 0 );
+    /* Tolerate a slight departure from DER encoding:
+     * - 0 may be represented by an empty string or a 1-byte string.
+     * - The sign bit may be used as a value bit. */
+    if( ( len == 1 && ( *p )[0] == 0 ) ||
+        ( len > 1 && ( *p )[0] == 0 && ( ( *p )[1] & 0x80 ) != 0 ) )
+    {
+        ++( *p );
+        --len;
+    }
+    if( min_bits == 0 && len == 0 )
+        return( 1 );
+    msb = ( *p )[0];
+    TEST_ASSERT( msb != 0 );
+    actual_bits = 8 * ( len - 1 );
+    while( msb != 0 )
+    {
+        msb >>= 1;
+        ++actual_bits;
+    }
+    TEST_ASSERT( actual_bits >= min_bits );
+    TEST_ASSERT( actual_bits <= max_bits );
+    if( must_be_odd )
+        TEST_ASSERT( ( ( *p )[len-1] & 1 ) != 0 );
+    *p += len;
+    return( 1 );
+exit:
+    return( 0 );
+}
+
+static int asn1_get_implicit_tag( unsigned char **p, const unsigned char *end,
+                                  size_t *len,
+                                  unsigned char n, unsigned char tag )
+{
+    int ret;
+    ret = mbedtls_asn1_get_tag( p, end, len,
+                                MBEDTLS_ASN1_CONTEXT_SPECIFIC |
+                                MBEDTLS_ASN1_CONSTRUCTED | ( n ) );
+    if( ret != 0 )
+        return( ret );
+    end = *p + *len;
+    ret = mbedtls_asn1_get_tag( p, end, len, tag );
+    if( ret != 0 )
+        return( ret );
+    if( *p + *len != end )
+        return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
+    return( 0 );
+}
+
+static int exported_key_sanity_check( psa_key_type_t type, size_t bits,
+                                      uint8_t *exported, size_t exported_length )
+{
+    if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) )
         TEST_ASSERT( exported_length == ( bits + 7 ) / 8 );
+    else
+        TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, bits ) );
 
 #if defined(MBEDTLS_DES_C)
     if( type == PSA_KEY_TYPE_DES )
@@ -416,64 +519,176 @@ int exported_key_sanity_check( psa_key_type_t type, size_t bits,
             TEST_ASSERT( bit_count % 2 != 0 );
         }
     }
+    else
 #endif
 
 #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C)
     if( type == PSA_KEY_TYPE_RSA_KEYPAIR )
     {
-        /* Sanity check: does this look like the beginning of a PKCS#8
-         * RSA key pair? Assumes bits is a multiple of 8. */
-        size_t n_bytes = bits / 8 + 1;
-        size_t n_encoded_bytes;
-        unsigned char *n_end;
-        TEST_ASSERT( exported_length >= 7 + ( n_bytes + 3 ) * 9 / 2 );
-        TEST_ASSERT( exported[0] == 0x30 );
-        TEST_ASSERT( exported[1] == 0x82 ); // assumes >=416-bit key
-        TEST_ASSERT( exported[4] == 0x02 );
-        TEST_ASSERT( exported[5] == 0x01 );
-        TEST_ASSERT( exported[6] == 0x00 );
-        TEST_ASSERT( exported[7] == 0x02 );
-        n_encoded_bytes = exported[8];
-        n_end = exported + 9 + n_encoded_bytes;
-        if( n_encoded_bytes & 0x80 )
-        {
-            n_encoded_bytes = ( n_encoded_bytes & 0x7f ) << 7;
-            n_encoded_bytes |= exported[9] & 0x7f;
-            n_end += 1;
-        }
-        /* The encoding of n should start with a 0 byte since it should
-         * have its high bit set. However Mbed TLS is not compliant and
-         * generates an invalid, but widely tolerated, encoding of
-         * positive INTEGERs with a bit size that is a multiple of 8
-         * with no leading 0 byte. Accept this here. */
-        TEST_ASSERT( n_bytes == n_encoded_bytes ||
-                     n_bytes == n_encoded_bytes + 1 );
-        if( n_bytes == n_encoded_bytes )
-            TEST_ASSERT( exported[n_encoded_bytes <= 127 ? 9 : 10] == 0x00 );
-        /* Sanity check: e must be 3 */
-        TEST_ASSERT( n_end[0] == 0x02 );
-        TEST_ASSERT( n_end[1] == 0x03 );
-        TEST_ASSERT( n_end[2] == 0x01 );
-        TEST_ASSERT( n_end[3] == 0x00 );
-        TEST_ASSERT( n_end[4] == 0x01 );
-        TEST_ASSERT( n_end[5] == 0x02 );
-    }
+        uint8_t *p = exported;
+        uint8_t *end = exported + exported_length;
+        size_t len;
+        /*   RSAPrivateKey ::= SEQUENCE {
+         *       version             Version,  -- 0
+         *       modulus             INTEGER,  -- n
+         *       publicExponent      INTEGER,  -- e
+         *       privateExponent     INTEGER,  -- d
+         *       prime1              INTEGER,  -- p
+         *       prime2              INTEGER,  -- q
+         *       exponent1           INTEGER,  -- d mod (p-1)
+         *       exponent2           INTEGER,  -- d mod (q-1)
+         *       coefficient         INTEGER,  -- (inverse of q) mod p
+         *   }
+         */
+        TEST_ASSERT( mbedtls_asn1_get_tag( &p, end, &len,
+                                           MBEDTLS_ASN1_SEQUENCE |
+                                           MBEDTLS_ASN1_CONSTRUCTED ) == 0 );
+        TEST_ASSERT( p + len == end );
+        if( ! asn1_skip_integer( &p, end, 0, 0, 0 ) )
+            goto exit;
+        if( ! asn1_skip_integer( &p, end, bits, bits, 1 ) )
+            goto exit;
+        if( ! asn1_skip_integer( &p, end, 2, bits, 1 ) )
+            goto exit;
+        /* Require d to be at least half the size of n. */
+        if( ! asn1_skip_integer( &p, end, bits / 2, bits, 1 ) )
+            goto exit;
+        /* Require p and q to be at most half the size of n, rounded up. */
+        if( ! asn1_skip_integer( &p, end, bits / 2, bits / 2 + 1, 1 ) )
+            goto exit;
+        if( ! asn1_skip_integer( &p, end, bits / 2, bits / 2 + 1, 1 ) )
+            goto exit;
+        if( ! asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) )
+            goto exit;
+        if( ! asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) )
+            goto exit;
+        if( ! asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) )
+            goto exit;
+        TEST_ASSERT( p == end );
+     }
+    else
 #endif /* MBEDTLS_RSA_C */
 
 #if defined(MBEDTLS_ECP_C)
     if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) )
     {
-        /* Sanity check: does this look like the beginning of a PKCS#8
-         * elliptic curve key pair? */
-        TEST_ASSERT( exported_length >= bits * 3 / 8 + 10 );
-        TEST_ASSERT( exported[0] == 0x30 );
-    }
+        uint8_t *p = exported;
+        uint8_t *end = exported + exported_length;
+        size_t len;
+        int version;
+        /*   ECPrivateKey ::= SEQUENCE {
+         *       version             INTEGER,  -- must be 1
+         *       privateKey          OCTET STRING,
+         *           -- `ceiling(log_{256}(n))`-byte string, big endian,
+         *           -- where n is the order of the curve.
+         *       parameters          ECParameters {{ NamedCurve }},  -- mandatory
+         *       publicKey           BIT STRING  -- mandatory
+         *   }
+         */
+        TEST_ASSERT( mbedtls_asn1_get_tag( &p, end, &len,
+                                           MBEDTLS_ASN1_SEQUENCE |
+                                           MBEDTLS_ASN1_CONSTRUCTED ) == 0 );
+        TEST_ASSERT( p + len == end );
+        TEST_ASSERT( mbedtls_asn1_get_int( &p, end, &version ) == 0 );
+        TEST_ASSERT( version == 1 );
+        TEST_ASSERT( mbedtls_asn1_get_tag( &p, end, &len,
+                                           MBEDTLS_ASN1_OCTET_STRING ) == 0 );
+        /* Bug in Mbed TLS: the length of the octet string depends on the value */
+        // TEST_ASSERT( len == PSA_BITS_TO_BYTES( bits ) );
+        p += len;
+        TEST_ASSERT( asn1_get_implicit_tag( &p, end, &len, 0,
+                                            MBEDTLS_ASN1_OID ) == 0 );
+        p += len;
+        TEST_ASSERT( asn1_get_implicit_tag( &p, end, &len, 1,
+                                            MBEDTLS_ASN1_BIT_STRING ) == 0 );
+        TEST_ASSERT( p + len == end );
+        TEST_ASSERT( p[0] == 0 ); /* 0 unused bits in the bit string */
+        ++p;
+        TEST_ASSERT( p + 1 + 2 * PSA_BITS_TO_BYTES( bits ) == end );
+        TEST_ASSERT( p[0] == 4 );
+     }
+    else
 #endif /* MBEDTLS_ECP_C */
 
-    return( 0 );
+    if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
+    {
+        uint8_t *p = exported;
+        uint8_t *end = exported + exported_length;
+        size_t len;
+        mbedtls_asn1_buf alg;
+        mbedtls_asn1_buf params;
+        mbedtls_asn1_bitstring bitstring;
+        /* SubjectPublicKeyInfo  ::=  SEQUENCE  {
+         *      algorithm          AlgorithmIdentifier,
+         *      subjectPublicKey   BIT STRING  }
+         * AlgorithmIdentifier  ::=  SEQUENCE  {
+         *      algorithm          OBJECT IDENTIFIER,
+         *      parameters         ANY DEFINED BY algorithm OPTIONAL  }
+         */
+        TEST_ASSERT( mbedtls_asn1_get_tag( &p, end, &len,
+                                           MBEDTLS_ASN1_SEQUENCE |
+                                           MBEDTLS_ASN1_CONSTRUCTED ) == 0 );
+        TEST_ASSERT( p + len == end );
+        TEST_ASSERT( mbedtls_asn1_get_alg( &p, end, &alg, &params ) == 0 );
+        if( ! is_oid_of_key_type( type, alg.p, alg.len ) )
+            goto exit;
+        TEST_ASSERT( mbedtls_asn1_get_bitstring( &p, end, &bitstring ) == 0 );
+        TEST_ASSERT( p == end );
+        p = bitstring.p;
+#if defined(MBEDTLS_RSA_C)
+        if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY )
+        {
+            /*   RSAPublicKey ::= SEQUENCE {
+             *      modulus            INTEGER,    -- n
+             *      publicExponent     INTEGER  }  -- e
+             */
+            TEST_ASSERT( bitstring.unused_bits == 0 );
+            TEST_ASSERT( mbedtls_asn1_get_tag( &p, end, &len,
+                                               MBEDTLS_ASN1_SEQUENCE |
+                                               MBEDTLS_ASN1_CONSTRUCTED ) == 0 );
+            TEST_ASSERT( p + len == end );
+            if( ! asn1_skip_integer( &p, end, bits, bits, 1 ) )
+                goto exit;
+            if( ! asn1_skip_integer( &p, end, 2, bits, 1 ) )
+                goto exit;
+            TEST_ASSERT( p == end );
+        }
+        else
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECP_C)
+        if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) )
+        {
+            /*   ECPoint ::= ...
+             *      -- first 8 bits: 0x04;
+             *      -- then x_P as an n-bit string, big endian;
+             *      -- then y_P as a n-bit string, big endian,
+             *      -- where n is the order of the curve.
+             */
+            TEST_ASSERT( bitstring.unused_bits == 0 );
+            TEST_ASSERT( p + 1 + 2 * PSA_BITS_TO_BYTES( bits ) == end );
+            TEST_ASSERT( p[0] == 4 );
+        }
+        else
+#endif /* MBEDTLS_ECP_C */
+        {
+            char message[40];
+            mbedtls_snprintf( message, sizeof( message ),
+                              "No sanity check for public key type=0x%08lx",
+                              (unsigned long) type );
+            test_fail( message, __LINE__, __FILE__ );
+            return( 0 );
+        }
+    }
+    else
+
+    {
+        /* No sanity checks for other types */
+    }
+
+    return( 1 );
 
 exit:
-    return( 1 );
+    return( 0 );
 }
 
 static int exercise_export_key( psa_key_slot_t slot,

From f26dbfc096ce53117f368ce9d5b2179aa4529f34 Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Wed, 1 Aug 2018 16:09:08 +0300
Subject: [PATCH 464/889] Rearrange PSA_ERROR_XXX error codes

Set PSA_ERROR_UNKNOWN_ERROR as the first error code to prevent the
need to change its value whenever a new error code is added.
---
 include/psa/crypto.h | 48 ++++++++++++++++++++++----------------------
 1 file changed, 24 insertions(+), 24 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 896235b35..128c2c0cd 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -89,6 +89,13 @@ typedef int32_t psa_status_t;
 
 #endif /* !defined(PSA_SUCCESS) */
 
+/** An error occurred that does not correspond to any defined
+ * failure cause.
+ *
+ * Implementations may use this error code if none of the other standard
+ * error codes are applicable. */
+#define PSA_ERROR_UNKNOWN_ERROR         ((psa_status_t)1)
+
 /** The requested operation or a parameter is not supported
  * by this implementation.
  *
@@ -96,7 +103,7 @@ typedef int32_t psa_status_t;
  * parameter such as a key type, algorithm, etc. is not recognized.
  * If a combination of parameters is recognized and identified as
  * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */
-#define PSA_ERROR_NOT_SUPPORTED         ((psa_status_t)1)
+#define PSA_ERROR_NOT_SUPPORTED         ((psa_status_t)2)
 
 /** The requested action is denied by a policy.
  *
@@ -109,7 +116,7 @@ typedef int32_t psa_status_t;
  * not valid or not supported, it is unspecified whether the function
  * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or
  * #PSA_ERROR_INVALID_ARGUMENT. */
-#define PSA_ERROR_NOT_PERMITTED         ((psa_status_t)2)
+#define PSA_ERROR_NOT_PERMITTED         ((psa_status_t)3)
 
 /** An output buffer is too small.
  *
@@ -121,7 +128,7 @@ typedef int32_t psa_status_t;
  * buffer would succeed. However implementations may return this
  * error if a function has invalid or unsupported parameters in addition
  * to the parameters that determine the necessary output buffer size. */
-#define PSA_ERROR_BUFFER_TOO_SMALL      ((psa_status_t)3)
+#define PSA_ERROR_BUFFER_TOO_SMALL      ((psa_status_t)4)
 
 /** A slot is occupied, but must be empty to carry out the
  * requested action.
@@ -129,7 +136,7 @@ typedef int32_t psa_status_t;
  * If the slot number is invalid (i.e. the requested action could
  * not be performed even after erasing the slot's content),
  * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */
-#define PSA_ERROR_OCCUPIED_SLOT         ((psa_status_t)4)
+#define PSA_ERROR_OCCUPIED_SLOT         ((psa_status_t)5)
 
 /** A slot is empty, but must be occupied to carry out the
  * requested action.
@@ -137,7 +144,7 @@ typedef int32_t psa_status_t;
  * If the slot number is invalid (i.e. the requested action could
  * not be performed even after creating appropriate content in the slot),
  * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */
-#define PSA_ERROR_EMPTY_SLOT            ((psa_status_t)5)
+#define PSA_ERROR_EMPTY_SLOT            ((psa_status_t)6)
 
 /** The requested action cannot be performed in the current state.
  *
@@ -149,7 +156,7 @@ typedef int32_t psa_status_t;
  * that a key slot is occupied when it needs to be free or vice versa,
  * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT
  * as applicable. */
-#define PSA_ERROR_BAD_STATE             ((psa_status_t)6)
+#define PSA_ERROR_BAD_STATE             ((psa_status_t)7)
 
 /** The parameters passed to the function are invalid.
  *
@@ -160,13 +167,13 @@ typedef int32_t psa_status_t;
  * that a key slot is occupied when it needs to be free or vice versa,
  * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT
  * as applicable. */
-#define PSA_ERROR_INVALID_ARGUMENT      ((psa_status_t)7)
+#define PSA_ERROR_INVALID_ARGUMENT      ((psa_status_t)8)
 
 /** There is not enough runtime memory.
  *
  * If the action is carried out across multiple security realms, this
  * error can refer to available memory in any of the security realms. */
-#define PSA_ERROR_INSUFFICIENT_MEMORY   ((psa_status_t)8)
+#define PSA_ERROR_INSUFFICIENT_MEMORY   ((psa_status_t)9)
 
 /** There is not enough persistent storage.
  *
@@ -175,7 +182,7 @@ typedef int32_t psa_status_t;
  * many functions that do not otherwise access storage may return this
  * error code if the implementation requires a mandatory log entry for
  * the requested action and the log storage space is full. */
-#define PSA_ERROR_INSUFFICIENT_STORAGE  ((psa_status_t)9)
+#define PSA_ERROR_INSUFFICIENT_STORAGE  ((psa_status_t)10)
 
 /** There was a communication failure inside the implementation.
  *
@@ -192,7 +199,7 @@ typedef int32_t psa_status_t;
  * cryptoprocessor but there was a breakdown of communication before
  * the cryptoprocessor could report the status to the application.
  */
-#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)10)
+#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)11)
 
 /** There was a storage failure that may have led to data loss.
  *
@@ -217,13 +224,13 @@ typedef int32_t psa_status_t;
  * permanent storage corruption. However application writers should
  * keep in mind that transient errors while reading the storage may be
  * reported using this error code. */
-#define PSA_ERROR_STORAGE_FAILURE       ((psa_status_t)11)
+#define PSA_ERROR_STORAGE_FAILURE       ((psa_status_t)12)
 
 /** A hardware failure was detected.
  *
  * A hardware failure may be transient or permanent depending on the
  * cause. */
-#define PSA_ERROR_HARDWARE_FAILURE      ((psa_status_t)12)
+#define PSA_ERROR_HARDWARE_FAILURE      ((psa_status_t)13)
 
 /** A tampering attempt was detected.
  *
@@ -254,7 +261,7 @@ typedef int32_t psa_status_t;
  * This error indicates an attack against the application. Implementations
  * shall not return this error code as a consequence of the behavior of
  * the application itself. */
-#define PSA_ERROR_TAMPERING_DETECTED    ((psa_status_t)13)
+#define PSA_ERROR_TAMPERING_DETECTED    ((psa_status_t)14)
 
 /** There is not enough entropy to generate random data needed
  * for the requested action.
@@ -273,7 +280,7 @@ typedef int32_t psa_status_t;
  * secure pseudorandom generator (PRNG). However implementations may return
  * this error at any time if a policy requires the PRNG to be reseeded
  * during normal operation. */
-#define PSA_ERROR_INSUFFICIENT_ENTROPY  ((psa_status_t)14)
+#define PSA_ERROR_INSUFFICIENT_ENTROPY  ((psa_status_t)15)
 
 /** The signature, MAC or hash is incorrect.
  *
@@ -283,7 +290,7 @@ typedef int32_t psa_status_t;
  *
  * If the value to verify has an invalid size, implementations may return
  * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */
-#define PSA_ERROR_INVALID_SIGNATURE     ((psa_status_t)15)
+#define PSA_ERROR_INVALID_SIGNATURE     ((psa_status_t)16)
 
 /** The decrypted padding is incorrect.
  *
@@ -299,20 +306,13 @@ typedef int32_t psa_status_t;
  * as close as possible to indistinguishable to an external observer.
  * In particular, the timing of a decryption operation should not
  * depend on the validity of the padding. */
-#define PSA_ERROR_INVALID_PADDING       ((psa_status_t)16)
+#define PSA_ERROR_INVALID_PADDING       ((psa_status_t)17)
 
 /** The generator has insufficient capacity left.
  *
  * Once a function returns this error, attempts to read from the
  * generator will always return this error. */
-#define PSA_ERROR_INSUFFICIENT_CAPACITY ((psa_status_t)17)
-
-/** An error occurred that does not correspond to any defined
- * failure cause.
- *
- * Implementations may use this error code if none of the other standard
- * error codes are applicable. */
-#define PSA_ERROR_UNKNOWN_ERROR         ((psa_status_t)18)
+#define PSA_ERROR_INSUFFICIENT_CAPACITY ((psa_status_t)18)
 
 /**
  * \brief Library initialization.

From 23b9d149a2841a2d69c97df60c75e9a77b209133 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 2 Aug 2018 15:08:46 +0200
Subject: [PATCH 465/889] Fix indentation in generated C file

The indentation now complies with Emacs's "k&r" style.
---
 scripts/generate_psa_constants.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py
index bc2302aff..5a5d2e5cf 100755
--- a/scripts/generate_psa_constants.py
+++ b/scripts/generate_psa_constants.py
@@ -71,8 +71,8 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size,
     psa_algorithm_t padding_mode = -1;
     psa_algorithm_t alg_without_padding = alg;
     if (PSA_ALG_IS_CIPHER(alg) && PSA_ALG_IS_BLOCK_CIPHER(alg)) {
-            padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
-            alg_without_padding = alg & ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
+        padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
+        alg_without_padding = alg & ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
     }
     switch (alg_without_padding) {
     %(algorithm_cases)s

From 8f609239d59426d2078508cd620c0982af7c26ad Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Sat, 11 Aug 2018 01:24:55 +0200
Subject: [PATCH 466/889] Do export sanity checks in import_export as well

This is not useful to validate the implementation when importing
canonical input, which is the case for most import/export test cases,
but it helps validate the sanity checks themselves.
---
 tests/suites/test_suite_psa_crypto.function | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index b04f6a390..ee29ec951 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1001,6 +1001,9 @@ void import_export( data_t *data,
         goto destroy;
     }
 
+    if( ! exercise_export_key( slot, usage_arg ) )
+        goto exit;
+
     if( canonical_input )
     {
         TEST_ASSERT( exported_length == data->len );

From 13f43948f302725788118ae4db08f3833f5f5484 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Sun, 5 Aug 2018 12:09:44 +0300
Subject: [PATCH 467/889] typo fix

---
 include/psa/crypto.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 128c2c0cd..8ecd17bb4 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -67,7 +67,7 @@ extern "C" {
  * PSA_SUCCESS. We must not define PSA_SUCCESS ourselves in that case;
  * the other error code names don't clash. Also define psa_status_t as
  * an alias for the type used by PSA IPC. This is a temporary hack
- * until we unify error reporting in PSA IPC and PSA crypo.
+ * until we unify error reporting in PSA IPC and PSA crypto.
  *
  * Note that psa_defs.h must be included before this header!
  */

From ae3d2a2c26cccc2b7c83e335d7d2bd7d5a387211 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 13 Aug 2018 14:14:22 +0200
Subject: [PATCH 468/889] Avoid non-standard C constructs

Don't rely on static initialization of a flexible array member, that's
a GNU extension. The previous code also triggered a Clang warning
"suggest braces around initialization of subobject" (-Wmissing-braces)
for `struct {char a[]} = {"foo"}`.
---
 tests/suites/test_suite_psa_crypto.function | 42 ++++++++-------------
 1 file changed, 16 insertions(+), 26 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index ee29ec951..d5922b767 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -389,37 +389,27 @@ exit:
     return( 0 );
 }
 
-typedef struct
-{
-    unsigned char length;
-    unsigned char string[];
-} small_byte_string_t;
-#define DECLARE_SMALL_STRING_OF_LITERAL( name, literal )                \
-    static const small_byte_string_t name =                             \
-    { sizeof( literal ) - 1, literal }
-
-#if defined(MBEDTLS_RSA_C)
-DECLARE_SMALL_STRING_OF_LITERAL( key_type_oid_rsa,
-                                 MBEDTLS_OID_PKCS1_RSA );
-#endif
-#if defined(MBEDTLS_ECP_C)
-DECLARE_SMALL_STRING_OF_LITERAL( key_type_oid_ecc,
-                                 MBEDTLS_OID_EC_ALG_UNRESTRICTED );
-#endif
-
 static int is_oid_of_key_type( psa_key_type_t type,
                                const uint8_t *oid, size_t oid_length )
 {
-    const small_byte_string_t *expected_oid =
+    const uint8_t *expected_oid = NULL;
+    size_t expected_oid_length = 0;
 #if defined(MBEDTLS_RSA_C)
-        PSA_KEY_TYPE_IS_RSA( type ) ? &key_type_oid_rsa :
+    if( PSA_KEY_TYPE_IS_RSA( type ) )
+    {
+        expected_oid = (uint8_t *) MBEDTLS_OID_PKCS1_RSA;
+        expected_oid_length = sizeof( MBEDTLS_OID_PKCS1_RSA ) - 1;
+    }
+    else
 #endif /* MBEDTLS_RSA_C */
 #if defined(MBEDTLS_ECP_C)
-        PSA_KEY_TYPE_IS_ECC( type ) ? &key_type_oid_ecc :
+    if( PSA_KEY_TYPE_IS_ECC( type ) )
+    {
+        expected_oid = (uint8_t *) MBEDTLS_OID_EC_ALG_UNRESTRICTED;
+        expected_oid_length = sizeof( MBEDTLS_OID_EC_ALG_UNRESTRICTED ) - 1;
+    }
+    else
 #endif /* MBEDTLS_ECP_C */
-        NULL;
-
-    if( expected_oid == NULL )
     {
         char message[40];
         mbedtls_snprintf( message, sizeof( message ),
@@ -429,8 +419,8 @@ static int is_oid_of_key_type( psa_key_type_t type,
         return( 0 );
     }
 
-    TEST_ASSERT( oid_length == expected_oid->length );
-    TEST_ASSERT( memcmp( oid, expected_oid->string, oid_length ) == 0 );
+    TEST_ASSERT( oid_length == expected_oid_length );
+    TEST_ASSERT( memcmp( oid, expected_oid, oid_length ) == 0 );
     return( 1 );
 
 exit:

From 40835d4e560acfbaf9552b7b693d2b2c17e3eb9d Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Thu, 2 Aug 2018 13:14:17 +0300
Subject: [PATCH 469/889] Add missing calls to psa_hash_abort in hash functions

---
 library/psa_crypto.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c7d5a6780..b94e0e6a5 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1110,6 +1110,7 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation,
                               size_t hash_size,
                               size_t *hash_length )
 {
+    psa_status_t status;
     int ret;
     size_t actual_hash_length = PSA_HASH_SIZE( operation->alg );
 
@@ -1123,7 +1124,10 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation,
         memset( hash, '!', hash_size );
 
     if( hash_size < actual_hash_length )
-        return( PSA_ERROR_BUFFER_TOO_SMALL );
+    {
+        status = PSA_ERROR_BUFFER_TOO_SMALL;
+        goto exit;
+    }
 
     switch( operation->alg )
     {
@@ -1168,8 +1172,10 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation,
             ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA;
             break;
     }
+    status = mbedtls_to_psa_error( ret );
 
-    if( ret == 0 )
+exit:
+    if( status == PSA_SUCCESS )
     {
         *hash_length = actual_hash_length;
         return( psa_hash_abort( operation ) );
@@ -1177,7 +1183,7 @@ psa_status_t psa_hash_finish( psa_hash_operation_t *operation,
     else
     {
         psa_hash_abort( operation );
-        return( mbedtls_to_psa_error( ret ) );
+        return( status );
     }
 }
 

From ed7382f6a72cabea82504b7e33f2be289143b46c Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Thu, 2 Aug 2018 14:19:33 +0300
Subject: [PATCH 470/889] Update documentation due to function renaming

---
 include/psa/crypto.h | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 128c2c0cd..e1b70aeab 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1911,9 +1911,9 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
  * -# Call psa_cipher_encrypt_setup() to specify the algorithm and key.
  *    The key remains associated with the operation even if the content
  *    of the key slot changes.
- * -# Call either psa_encrypt_generate_iv() or psa_cipher_set_iv() to
+ * -# Call either psa_cipher_generate_iv() or psa_cipher_set_iv() to
  *    generate or set the IV (initialization vector). You should use
- *    psa_encrypt_generate_iv() unless the protocol you are implementing
+ *    psa_cipher_generate_iv() unless the protocol you are implementing
  *    requires a specific IV value.
  * -# Call psa_cipher_update() zero, one or more times, passing a fragment
  *    of the message each time.
@@ -1925,7 +1925,7 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
  * After a successful call to psa_cipher_encrypt_setup(), the application must
  * eventually terminate the operation. The following events terminate an
  * operation:
- * - A failed call to psa_encrypt_generate_iv(), psa_cipher_set_iv()
+ * - A failed call to psa_cipher_generate_iv(), psa_cipher_set_iv()
  *   or psa_cipher_update().
  * - A call to psa_cipher_finish() or psa_cipher_abort().
  *

From 6ef7983208a01a2e2da58c5edabfcbc0b0dcd00c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 13 Aug 2018 14:17:06 +0200
Subject: [PATCH 471/889] Fix copypasta in PSA_KEY_EXPORT_MAX_SIZE
 documentation

---
 include/psa/crypto_sizes.h | 1 -
 1 file changed, 1 deletion(-)

diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index 4df72b025..c42375beb 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -492,7 +492,6 @@
  *
  * \param key_type  A supported key type.
  * \param key_bits  The size of the key in bits.
- * \param alg       The signature algorithm.
  *
  * \return If the parameters are valid and supported, return
  *         a buffer size in bytes that guarantees that

From b67f308c4f982f5d5e224d0822c046c9af269cbf Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 7 Aug 2018 15:33:10 +0200
Subject: [PATCH 472/889] Fix re-import size in import_export test with
 non-canonical input

---
 tests/suites/test_suite_psa_crypto.function | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 04c1c7982..97501af6a 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -643,7 +643,7 @@ void import_export( data_t *data,
 
         TEST_ASSERT( psa_import_key( slot2, type,
                                      exported,
-                                     export_size ) == PSA_SUCCESS );
+                                     exported_length ) == PSA_SUCCESS );
         TEST_ASSERT( psa_export_key( slot2,
                                      reexported,
                                      export_size,

From 534bd7c33b6acfccb48a85532bf4c52d7ffbaca6 Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Thu, 2 Aug 2018 13:56:32 +0300
Subject: [PATCH 473/889] Add missing calls to psa_cipher_abort in cipher
 functions

---
 library/psa_crypto.c | 65 +++++++++++++++++++++++++-------------------
 1 file changed, 37 insertions(+), 28 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index b94e0e6a5..316acbe64 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2478,53 +2478,59 @@ psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation,
                                      size_t iv_size,
                                      size_t *iv_length )
 {
-    int ret = PSA_SUCCESS;
+    psa_status_t status;
+    int ret;
     if( operation->iv_set || ! operation->iv_required )
-        return( PSA_ERROR_BAD_STATE );
+    {
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
     if( iv_size < operation->iv_size )
     {
-        ret = PSA_ERROR_BUFFER_TOO_SMALL;
+        status = PSA_ERROR_BUFFER_TOO_SMALL;
         goto exit;
     }
     ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg,
                                    iv, operation->iv_size );
     if( ret != 0 )
     {
-        ret = mbedtls_to_psa_error( ret );
+        status = mbedtls_to_psa_error( ret );
         goto exit;
     }
 
     *iv_length = operation->iv_size;
-    ret = psa_cipher_set_iv( operation, iv, *iv_length );
+    status = psa_cipher_set_iv( operation, iv, *iv_length );
 
 exit:
-    if( ret != PSA_SUCCESS )
+    if( status != PSA_SUCCESS )
         psa_cipher_abort( operation );
-    return( ret );
+    return( status );
 }
 
 psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation,
                                 const unsigned char *iv,
                                 size_t iv_length )
 {
-    int ret = PSA_SUCCESS;
+    psa_status_t status;
+    int ret;
     if( operation->iv_set || ! operation->iv_required )
-        return( PSA_ERROR_BAD_STATE );
+    {
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
     if( iv_length != operation->iv_size )
     {
-        psa_cipher_abort( operation );
-        return( PSA_ERROR_INVALID_ARGUMENT );
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
     }
-    ret =  mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length );
-    if( ret != 0 )
-    {
+    ret = mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length );
+    status = mbedtls_to_psa_error( ret );
+exit:
+    if( status == PSA_SUCCESS )
+        operation->iv_set = 1;
+    else
         psa_cipher_abort( operation );
-        return( mbedtls_to_psa_error( ret ) );
-    }
-
-    operation->iv_set = 1;
-
-    return( PSA_SUCCESS );
+    return( status );
 }
 
 psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
@@ -2534,7 +2540,8 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
                                 size_t output_size,
                                 size_t *output_length )
 {
-    int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+    psa_status_t status;
+    int ret;
     size_t expected_output_size;
     if( PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) )
     {
@@ -2550,18 +2557,20 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
     {
         expected_output_size = input_length;
     }
+
     if( output_size < expected_output_size )
-        return( PSA_ERROR_BUFFER_TOO_SMALL );
+    {
+        status = PSA_ERROR_BUFFER_TOO_SMALL;
+        goto exit;
+    }
 
     ret = mbedtls_cipher_update( &operation->ctx.cipher, input,
                                  input_length, output, output_length );
-    if( ret != 0 )
-    {
+    status = mbedtls_to_psa_error( ret );
+exit:
+    if( status != PSA_SUCCESS )
         psa_cipher_abort( operation );
-        return( mbedtls_to_psa_error( ret ) );
-    }
-
-    return( PSA_SUCCESS );
+    return( status );
 }
 
 psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,

From c6290c043e4095768aef2bd4c145c7ae36a124a3 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 13 Aug 2018 17:24:59 +0200
Subject: [PATCH 474/889] Minor documentation improvements

---
 include/psa/crypto.h                        | 4 ++--
 tests/suites/test_suite_psa_crypto.function | 3 ++-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 3f8cb44c9..c3899bfe7 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1204,7 +1204,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  *   ```
  * - For DSA private keys (#PSA_KEY_TYPE_DSA_KEYPAIR), the format
  *   is the non-encrypted DER encoding of the representation used by
- *   OpenSSL and OpenSSH, which the following ASN.1 structure:
+ *   OpenSSL and OpenSSH, whose structure is described in ASN.1 as follows:
  *   ```
  *   DSAPrivateKey ::= SEQUENCE {
  *       version             INTEGER,  -- must be 0
@@ -1316,7 +1316,7 @@ psa_status_t psa_export_key(psa_key_slot_t key,
  *   representation defined by SEC1 &sect;2.3.3.
  *   The OID is `id-ecPublicKey`,
  *   and the parameters must be given as a `namedCurve` OID as specified in
- *   RFC 5480 &sect;2.1.1.1.
+ *   RFC 5480 &sect;2.1.1.1 or other applicable standards.
  *   ```
  *   ansi-X9-62 OBJECT IDENTIFIER ::=
  *                           { iso(1) member-body(2) us(840) 10045 }
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index d5922b767..16227fb6d 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -589,6 +589,7 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits,
         TEST_ASSERT( asn1_get_implicit_tag( &p, end, &len, 0,
                                             MBEDTLS_ASN1_OID ) == 0 );
         p += len;
+        /* publicKey: ECPoint in uncompressed representation (as below) */
         TEST_ASSERT( asn1_get_implicit_tag( &p, end, &len, 1,
                                             MBEDTLS_ASN1_BIT_STRING ) == 0 );
         TEST_ASSERT( p + len == end );
@@ -649,7 +650,7 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits,
         if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) )
         {
             /*   ECPoint ::= ...
-             *      -- first 8 bits: 0x04;
+             *      -- first 8 bits: 0x04 (uncompressed representation);
              *      -- then x_P as an n-bit string, big endian;
              *      -- then y_P as a n-bit string, big endian,
              *      -- where n is the order of the curve.

From 8a1a8f31e3336f27a94543e25b5975075138577c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 7 Aug 2018 15:33:49 +0200
Subject: [PATCH 475/889] Add test cases for PEM import

This is not a standard PSA feature, it's an extension provided by the
current implementation.
---
 tests/suites/test_suite_psa_crypto.data | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 6bdd3274e..01be797ab 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -140,6 +140,16 @@ PSA import/export RSA keypair: policy forbids export (sign)
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:1024:0:PSA_ERROR_NOT_PERMITTED:1
 
+# Test PEM import. Note that this is not a PSA feature, it's an Mbed TLS
+# extension which we may drop in the future.
+PSA import/export RSA public key: import PEM
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"2d2d2d2d2d424547494e205055424c4943204b45592d2d2d2d2d0a4d4947664d413047435371475349623344514542415155414134474e4144434269514b4267514376425830356275685074312f6274634b7850482f6c706c53710a69714a4843315165346636777353306c7835635255784a4a34524b574b41517475376242494e46454e5354765441357548596c57377249486576456a536433750a355553447641624378686c497a514b7941756557727232553036664c2b466e43775947634d6b79344b357a545474346d4f69712f2f6b637a384865476e6f5a670a3939614454615539615137336d46397277774944415141420a2d2d2d2d2d454e44205055424c4943204b45592d2d2d2d2d0a00":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:0
+
+PSA import/export RSA keypair: import PEM
+depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:0
+
 PSA import EC keypair secp384r1: valid key but wrong curve (secp256r1)
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT

From dea46cf8f15c2357dd515039c5e494d766f53595 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 21 Aug 2018 16:12:54 +0200
Subject: [PATCH 476/889] Clarify comment in test

In RSAPrivateKey, Version is an INTEGER. The version must be 0.
---
 tests/suites/test_suite_psa_crypto.function | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 16227fb6d..87bf28e23 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -519,7 +519,7 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits,
         uint8_t *end = exported + exported_length;
         size_t len;
         /*   RSAPrivateKey ::= SEQUENCE {
-         *       version             Version,  -- 0
+         *       version             INTEGER,  -- must be 0
          *       modulus             INTEGER,  -- n
          *       publicExponent      INTEGER,  -- e
          *       privateExponent     INTEGER,  -- d

From 517e73736eb1284f4cd55b02db78d6578c4ec361 Mon Sep 17 00:00:00 2001
From: Jen Andruska <Jennifer.Andruska@arm.com>
Date: Tue, 7 Aug 2018 12:31:32 +0100
Subject: [PATCH 477/889] Update README.md

---
 crypto/README.md | 32 ++++++++++++++++----------------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/crypto/README.md b/crypto/README.md
index b05e0464f..9699ca3d4 100644
--- a/crypto/README.md
+++ b/crypto/README.md
@@ -1,6 +1,6 @@
 # Mbed Crypto library
 
-The Mbed cryptography library is a reference implementation of the cryptography interface of the Arm Platform Security (PSA) architecture. This is a preview release of Mbed Crypto, provided for evaluation purposes only.
+The Mbed cryptography library is a reference implementation of the cryptography interface of the Arm Platform Security Architecture (PSA). This is a preview release of Mbed Crypto, provided for evaluation purposes only.
 
 Mbed Crypto is distributed under the Apache License, version 2.0. See the [LICENSE](LICENSE) file for the full text of the license.
 
@@ -8,23 +8,23 @@ Mbed Crypto is distributed under the Apache License, version 2.0. See the [LICEN
 
 Arm's Platform Security Architecture (PSA) is a holistic set of threat models, security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level.
 
-The PSA Cryptography API provides access to a set of cryptographic primitives. It has a dual purpose: it can be used in a PSA-compliant platform to build services such as secure boot, secure storage and secure communication; and it can also be used independently of other PSA components on any platform.
+The PSA cryptography API provides access to a set of cryptographic primitives. It has a dual purpose. First, it can be used in a PSA-compliant platform to build services, such as secure boot, secure storage and secure communication. Second, it can also be used independently of other PSA components on any platform.
 
-The design goals of the PSA Cryptography API include:
+The design goals of the PSA cryptography API include:
 
 * The API distinguishes caller memory from internal memory, which allows the library to be implemented in an isolated space for additional security. Library calls can be implemented as direct function calls if isolation is not desired, and as remote procedure calls if isolation is desired.
-* The structure of internal data is hidden to the application, which allows substituting alternative implementations at build time or run time, for example in order to take advantage of hardware accelerators.
-* All access to keys is done via handles, which allows support for external cryptoprocessors that is transparent to applications.
+* The structure of internal data is hidden to the application, which allows substituting alternative implementations at build time or run time, for example, in order to take advantage of hardware accelerators.
+* All access to the keys happens through handles, which allows support for external cryptoprocessors that is transparent to applications.
 * The interface to algorithms is generic, favoring algorithm agility.
-* The interface is designed to be easy to use, and hard to accidentally misuse.
+* The interface is designed to be easy to use and hard to accidentally misuse.
 
 ## Mbed Crypto implementation
 
-Mbed Crypto is a reference implementation of the PSA Cryptography API. It is written in portable C.
+Mbed Crypto is a reference implementation of the PSA cryptography API. It is written in portable C.
 
 ## Documentation
 
-The Mbed Crypto library is a reference implementation of the PSA Cryptography API. Therefore, the library's API documentation is the PSA Cryptography API specification. The PSA Cryptography API specification consists of the following documents:
+Since the Mbed Crypto library is a reference implementation of the PSA cryptography API, the library's API documentation is the PSA cryptography API specification. The PSA cryptography API specification consists of the following documents:
 
 * The [PSA Cryptography API overview](docs/PSA_Crypto_API_Overview.pdf).
 * The [PSA Cryptography API detailed function reference](docs/PSA_Crypto_API_Reference.pdf), which you can also browse in [HTML format](docs/html/modules.html).
@@ -38,29 +38,29 @@ You need the following tools to build the library with the provided makefiles:
 * Python 2 or Python 3 (either will work) to generate the test code.
 * Perl to run the tests.
 
-If you have a C compiler such as GCC or Clang, just run `make` in the toplevel directory to build the library, a set of unit tests and some sample programs.
+If you have a C compiler, such as GCC or Clang, just run `make` in the top-level directory to build the library, a set of unit tests and some sample programs.
 
-To select a different compiler, set the `CC` variable to name or path of the compiler and linker (default: `cc`) and set `AR` to a compatible archiver (default: `ar`). For example:
+To select a different compiler, set the `CC` variable to the name or path of the compiler and linker (default: `cc`), and set `AR` to a compatible archiver (default: `ar`). For example:
 ```
 make CC=arm-linux-gnueabi-gcc AR=arm-linux-gnueabi-ar
 ```
-The provided makefiles pass options to the compiler that assume a GCC-like command line syntax. To use a different compiler, you may need to pass different values for `CFLAGS`, `WARNINGS_CFLAGS` and `LDFLAGS`.
+The provided makefiles pass options to the compiler that assume a GCC-like command-line syntax. To use a different compiler, you may need to pass different values for `CFLAGS`, `WARNINGS_CFLAGS` and `LDFLAGS`.
 
-To run the unit tests on the host machine, run `make test` from the toplevel directory. If you are cross-compiling, copy the test executable from the `tests` directory to the target machine.
+To run the unit tests on the host machine, run `make test` from the top-level directory. If you are cross-compiling, copy the test executable from the `tests` directory to the target machine.
 
 ## Example programs
 
-The `programs/` subdirectory contains some sample programs that use the library. Please note that the goal of these sample programs is to demonstrate specific features of the library and the code may need to be adapted to build a real-world application.
+The `programs/` subdirectory contains sample programs that use the library. Please note that the goal of these sample programs is to demonstrate specific features of the library, and the code may need to be adapted to build a real-world application.
 
 ## Upcoming features
 
 Future releases of this library will include:
 
-* A driver programming interface, to use hardware accelerators instead of the default software implementation for chosen algorithms.
-* Support for external keys, stored and manipulated exclusively in a separate cryptoprocessor.
+* A driver programming interface, which makes it possible to use hardware accelerators instead of the default software implementation for chosen algorithms.
+* Support for external keys to be stored and manipulated exclusively in a separate cryptoprocessor.
 * A configuration mechanism to compile only the algorithms you need for your application.
 * A wider set of cryptographic algorithms.
 
 ## Feedback welcome
 
-Arm welcomes feedback on the design of the API. If you think something could be improved, please open an issue on our Github repository. Alternatively, if you prefer to provide your feedback privately, please email us at [`mbed-crypto@arm.com`](mailto:mbed-crypto@arm.com). All feedback received in email will be treated confidentially.
+Arm welcomes feedback on the design of the API. If you think something could be improved, please open an issue on our Github repository. Alternatively, if you prefer to provide your feedback privately, please email us at [`mbed-crypto@arm.com`](mailto:mbed-crypto@arm.com). All feedback received by email is treated confidentially.

From e852df846649dbf0a8ece71c2d77dfa5f5907c8d Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Fri, 14 Sep 2018 12:00:46 +0100
Subject: [PATCH 478/889] fixup! Add PSA crypto module

---
 include/mbedtls/config.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 385381f7c..4a5edc1f2 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -2570,7 +2570,7 @@
 #define MBEDTLS_POLY1305_C
 
 /**
-* \def MBEDTLS_PSA_CRYPTO_C
+ * \def MBEDTLS_PSA_CRYPTO_C
  *
  * Enable the Platform Security Architecture cryptography API.
  *

From 0adf0fc31c2ed664f7536e15c8c7ef4e99e1b5a5 Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Thu, 6 Sep 2018 16:24:41 +0300
Subject: [PATCH 479/889] Ensure the module is initialized in
 psa_generate_random

---
 include/psa/crypto.h                        |  1 +
 library/psa_crypto.c                        | 10 ++++++++--
 tests/suites/test_suite_psa_crypto.data     |  3 +++
 tests/suites/test_suite_psa_crypto.function | 10 ++++++++++
 4 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index c3899bfe7..b0bbb16cf 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -2902,6 +2902,7 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_generate_random(uint8_t *output,
                                  size_t output_size);
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index dfbb6800f..01dbf3c3a 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -148,6 +148,10 @@ typedef struct
 
 static psa_global_data_t global_data;
 
+#define GUARD_MODULE_INITIALIZED        \
+    if( global_data.initialized == 0 )  \
+        return( PSA_ERROR_BAD_STATE );
+
 static psa_status_t mbedtls_to_psa_error( int ret )
 {
     /* If there's both a high-level code and low-level code, dispatch on
@@ -3360,8 +3364,10 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator,
 psa_status_t psa_generate_random( uint8_t *output,
                                   size_t output_size )
 {
-    int ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg,
-                                       output, output_size );
+    int ret;
+    GUARD_MODULE_INITIALIZED;
+
+    ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg, output, output_size );
     return( mbedtls_to_psa_error( ret ) );
 }
 
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 01be797ab..202bd420f 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1178,3 +1178,6 @@ generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE
 PSA generate key: ECC, SECP256R1, incorrect bit size
 depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
 generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
+
+PSA validate module initialization: random
+validate_module_init_generate_random:
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index e14b2256d..e4a776ac0 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -3451,3 +3451,13 @@ exit:
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void validate_module_init_generate_random( )
+{
+    psa_status_t status;
+    uint8_t random[10] = { 0 };
+    status = psa_generate_random( random, sizeof( random ) );
+    TEST_ASSERT( status == PSA_ERROR_BAD_STATE );
+}
+/* END_CASE */

From 90d8c7a728053bac46bf8552d35dc67904cf54ac Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Wed, 12 Sep 2018 11:44:52 +0300
Subject: [PATCH 480/889] Ensure the module is initialized in key based
 functions

---
 include/psa/crypto.h                        | 22 +++++++++++++++++++++
 library/psa_crypto.c                        |  2 ++
 tests/suites/test_suite_psa_crypto.data     |  3 +++
 tests/suites/test_suite_psa_crypto.function | 10 ++++++++++
 4 files changed, 37 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index b0bbb16cf..92d394d5a 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1104,6 +1104,7 @@ typedef uint32_t psa_algorithm_t;
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_import_key(psa_key_slot_t key,
                             psa_key_type_t type,
@@ -1142,6 +1143,7 @@ psa_status_t psa_import_key(psa_key_slot_t key,
  *         An unexpected condition which is not a storage corruption or
  *         a communication failure occurred. The cryptoprocessor may have
  *         been compromised.
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_destroy_key(psa_key_slot_t key);
 
@@ -1162,6 +1164,7 @@ psa_status_t psa_destroy_key(psa_key_slot_t key);
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_get_key_information(psa_key_slot_t key,
                                      psa_key_type_t *type,
@@ -1256,6 +1259,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_export_key(psa_key_slot_t key,
                             uint8_t *data,
@@ -1354,6 +1358,7 @@ psa_status_t psa_export_key(psa_key_slot_t key,
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_export_public_key(psa_key_slot_t key,
                                    uint8_t *data,
@@ -1491,6 +1496,7 @@ psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy);
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_set_key_policy(psa_key_slot_t key,
                                 const psa_key_policy_t *policy);
@@ -1504,6 +1510,7 @@ psa_status_t psa_set_key_policy(psa_key_slot_t key,
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_get_key_policy(psa_key_slot_t key,
                                 psa_key_policy_t *policy);
@@ -1547,6 +1554,7 @@ typedef uint32_t psa_key_lifetime_t;
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
                                   psa_key_lifetime_t *lifetime);
@@ -1574,6 +1582,7 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
                                   psa_key_lifetime_t lifetime);
@@ -1848,6 +1857,7 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
                                 psa_key_slot_t key,
@@ -1896,6 +1906,7 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
                                   psa_key_slot_t key,
@@ -2092,6 +2103,7 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
                                       psa_key_slot_t key,
@@ -2141,6 +2153,7 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
                                       psa_key_slot_t key,
@@ -2384,6 +2397,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_aead_encrypt(psa_key_slot_t key,
                               psa_algorithm_t alg,
@@ -2437,6 +2451,7 @@ psa_status_t psa_aead_encrypt(psa_key_slot_t key,
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_aead_decrypt(psa_key_slot_t key,
                               psa_algorithm_t alg,
@@ -2500,6 +2515,7 @@ psa_status_t psa_aead_decrypt(psa_key_slot_t key,
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
                                  psa_algorithm_t alg,
@@ -2539,6 +2555,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
                                    psa_algorithm_t alg,
@@ -2593,6 +2610,7 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
                                     psa_algorithm_t alg,
@@ -2645,6 +2663,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
  * \retval #PSA_ERROR_INVALID_PADDING
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
                                     psa_algorithm_t alg,
@@ -2795,6 +2814,7 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator,
  * \retval PSA_ERROR_COMMUNICATION_FAILURE
  * \retval PSA_ERROR_HARDWARE_FAILURE
  * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_generator_import_key(psa_key_slot_t key,
                                       psa_key_type_t type,
@@ -2868,6 +2888,7 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator);
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
                                 psa_key_slot_t key,
@@ -2957,6 +2978,7 @@ typedef struct {
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_generate_key(psa_key_slot_t key,
                               psa_key_type_t type,
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 01dbf3c3a..8aa3145bd 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -347,6 +347,8 @@ static psa_status_t mbedtls_to_psa_error( int ret )
 static psa_status_t psa_get_key_slot( psa_key_slot_t key,
                                       key_slot_t **p_slot )
 {
+    GUARD_MODULE_INITIALIZED;
+
     /* 0 is not a valid slot number under any circumstance. This
      * implementation provides slots number 1 to N where N is the
      * number of available slots. */
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 202bd420f..b4c276377 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1181,3 +1181,6 @@ generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE
 
 PSA validate module initialization: random
 validate_module_init_generate_random:
+
+PSA validate module initialization: key based
+validate_module_init_key_based:
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index e4a776ac0..2b1a946ec 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -3461,3 +3461,13 @@ void validate_module_init_generate_random( )
     TEST_ASSERT( status == PSA_ERROR_BAD_STATE );
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void validate_module_init_key_based( )
+{
+    psa_status_t status;
+    uint8_t data[10] = { 0 };
+    status = psa_import_key( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) );
+    TEST_ASSERT( status == PSA_ERROR_BAD_STATE );
+}
+/* END_CASE */

From 1861709e5cb389f548515103ab8938c7517677c6 Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Sun, 16 Sep 2018 12:22:41 +0300
Subject: [PATCH 481/889] Add documentation describing behavior of not calling
 psa_crypto_init

---
 include/psa/crypto.h | 77 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 77 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 92d394d5a..d976d7b18 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -323,6 +323,14 @@ typedef int32_t psa_status_t;
  * Applications may call this function more than once. Once a call
  * succeeds, subsequent calls are guaranteed to succeed.
  *
+ * If the application calls other functions before calling psa_crypto_init(),
+ * the behavior is undefined. Implementations are encouraged to either perform
+ * the operation as if the library had been initialized or to return
+ * #PSA_ERROR_BAD_STATE or some other applicable error. In particular,
+ * implementations should not return a success status if the lack of
+ * initialization may have security implications, for example due to improper
+ * seeding of the random number generator.
+ *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
@@ -1105,6 +1113,9 @@ typedef uint32_t psa_algorithm_t;
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_import_key(psa_key_slot_t key,
                             psa_key_type_t type,
@@ -1144,6 +1155,9 @@ psa_status_t psa_import_key(psa_key_slot_t key,
  *         a communication failure occurred. The cryptoprocessor may have
  *         been compromised.
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_destroy_key(psa_key_slot_t key);
 
@@ -1165,6 +1179,9 @@ psa_status_t psa_destroy_key(psa_key_slot_t key);
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_get_key_information(psa_key_slot_t key,
                                      psa_key_type_t *type,
@@ -1260,6 +1277,9 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_export_key(psa_key_slot_t key,
                             uint8_t *data,
@@ -1359,6 +1379,9 @@ psa_status_t psa_export_key(psa_key_slot_t key,
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_export_public_key(psa_key_slot_t key,
                                    uint8_t *data,
@@ -1497,6 +1520,9 @@ psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy);
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_set_key_policy(psa_key_slot_t key,
                                 const psa_key_policy_t *policy);
@@ -1511,6 +1537,9 @@ psa_status_t psa_set_key_policy(psa_key_slot_t key,
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_get_key_policy(psa_key_slot_t key,
                                 psa_key_policy_t *policy);
@@ -1555,6 +1584,9 @@ typedef uint32_t psa_key_lifetime_t;
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
                                   psa_key_lifetime_t *lifetime);
@@ -1583,6 +1615,9 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
                                   psa_key_lifetime_t lifetime);
@@ -1858,6 +1893,9 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
                                 psa_key_slot_t key,
@@ -1907,6 +1945,9 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
                                   psa_key_slot_t key,
@@ -2104,6 +2145,9 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
                                       psa_key_slot_t key,
@@ -2154,6 +2198,9 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
                                       psa_key_slot_t key,
@@ -2398,6 +2445,9 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_aead_encrypt(psa_key_slot_t key,
                               psa_algorithm_t alg,
@@ -2452,6 +2502,9 @@ psa_status_t psa_aead_encrypt(psa_key_slot_t key,
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_aead_decrypt(psa_key_slot_t key,
                               psa_algorithm_t alg,
@@ -2516,6 +2569,9 @@ psa_status_t psa_aead_decrypt(psa_key_slot_t key,
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
                                  psa_algorithm_t alg,
@@ -2556,6 +2612,9 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
                                    psa_algorithm_t alg,
@@ -2611,6 +2670,9 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
                                     psa_algorithm_t alg,
@@ -2664,6 +2726,9 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
  * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY
  * \retval #PSA_ERROR_INVALID_PADDING
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
                                     psa_algorithm_t alg,
@@ -2815,6 +2880,9 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator,
  * \retval PSA_ERROR_HARDWARE_FAILURE
  * \retval PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_generator_import_key(psa_key_slot_t key,
                                       psa_key_type_t type,
@@ -2889,6 +2957,9 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator);
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
                                 psa_key_slot_t key,
@@ -2924,6 +2995,9 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_generate_random(uint8_t *output,
                                  size_t output_size);
@@ -2979,6 +3053,9 @@ typedef struct {
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
  */
 psa_status_t psa_generate_key(psa_key_slot_t key,
                               psa_key_type_t type,

From 81ba4abb02936516da93c9ec05a74d3748efb055 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 21 Aug 2018 14:02:08 +0200
Subject: [PATCH 482/889] Fix bad algorithm and key type values in some tests

---
 tests/suites/test_suite_psa_crypto.data | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 01be797ab..c60b2fcec 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -5,16 +5,16 @@ PSA fill 250 slots
 fill_slots:250
 
 PSA import/export raw: 0 bytes
-import_export:"":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1
+import_export:"":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1
 
 PSA import/export raw: 1 bytes
-import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:8:0:PSA_SUCCESS:1
+import_export:"2a":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:8:0:PSA_SUCCESS:1
 
 PSA import/export raw: 1 bytes, larger buffer
-import_export:"2a":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:8:1:PSA_SUCCESS:1
+import_export:"2a":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:8:1:PSA_SUCCESS:1
 
 PSA import/export raw: 2 bytes, buffer too small
-import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_USAGE_EXPORT:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
+import_export:"2a2b":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:16:-1:PSA_ERROR_BUFFER_TOO_SMALL:1
 
 PSA import/export AES-128
 depends_on:MBEDTLS_AES_C

From acec7b6fa11ff0f48cf6ba4e3226e1620fa5a545 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 13 Sep 2018 20:34:11 +0200
Subject: [PATCH 483/889] exercise_export_key: fix public key case

Public keys are always exportable, even if their usage doesn't include
the EXPORT flag.
---
 tests/suites/test_suite_psa_crypto.function | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 2b1a946ec..81ddee003 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -692,14 +692,16 @@ static int exercise_export_key( psa_key_slot_t slot,
     size_t exported_length = 0;
     int ok = 0;
 
-    if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 )
+    TEST_ASSERT( psa_get_key_information( slot, &type, &bits ) == PSA_SUCCESS );
+
+    if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 &&
+        ! PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
     {
         TEST_ASSERT( psa_export_key( slot, NULL, 0, &exported_length ) ==
                      PSA_ERROR_NOT_PERMITTED );
         return( 1 );
     }
 
-    TEST_ASSERT( psa_get_key_information( slot, &type, &bits ) == PSA_SUCCESS );
     exported_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits );
     exported = mbedtls_calloc( 1, exported_size );
     TEST_ASSERT( exported != NULL );

From 821adfe51c7f855aada178b33f012cbdda40bfff Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 13 Sep 2018 20:34:46 +0200
Subject: [PATCH 484/889] Add exercise tests for RSA public keys and for PSS

---
 tests/suites/test_suite_psa_crypto.data | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index b4c276377..74fc26b7e 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -690,6 +690,18 @@ PSA import/exercise RSA keypair, PKCS#1 v1.5 raw
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW
 
+PSA import/exercise RSA keypair, PSS-SHA-256
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256)
+
+PSA import/exercise RSA public key, PKCS#1 v1.5 raw
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+import_and_exercise_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW
+
+PSA import/exercise RSA public key, PSS-SHA-256
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+import_and_exercise_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256)
+
 PSA import/exercise: ECP SECP256R1 keypair, ECDSA
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
 import_and_exercise_key:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDSA_ANY

From ef12c63de0611099b7fe70e564c6806289a27523 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 13 Sep 2018 20:37:48 +0200
Subject: [PATCH 485/889] RSA verification: don't report an invalid padding
 error

Mbed TLS distinguishes "invalid padding" from "valid padding but the
rest of the signature is invalid". This has little use in practice and
PSA doesn't report this distinction. We just report "invalid
signature".
---
 library/psa_crypto.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 8aa3145bd..0100441ac 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1959,6 +1959,12 @@ static psa_status_t psa_rsa_verify( mbedtls_rsa_context *rsa,
     {
         return( PSA_ERROR_INVALID_ARGUMENT );
     }
+
+    /* Mbed TLS distinguishes "invalid padding" from "valid padding but
+     * the rest of the signature is invalid". This has little use in
+     * practice and PSA doesn't report this distinction. */
+    if( ret == MBEDTLS_ERR_RSA_INVALID_PADDING )
+        return( PSA_ERROR_INVALID_SIGNATURE );
     return( mbedtls_to_psa_error( ret ) );
 }
 #endif /* MBEDTLS_RSA_C */

From daea26f70fcb66788f1f3ca2f6d9e13445389596 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 21 Aug 2018 14:02:45 +0200
Subject: [PATCH 486/889] Correct and simplify block-based cipher modes

OFB and CFB are streaming modes. XTS is a not a cipher mode but it
doesn't use a separate padding step. This leaves only CBC as a block
cipher mode that needs a padding step.

Since CBC is the only mode that uses a separate padding step, and is
likely to remain the only mode in the future, encode the padding mode
directly in the algorithm constant, rather than building up an
algorithm value from a chaining mode and a padding mode. This greatly
simplifies the interface as well as some parts of the implementation.
---
 include/psa/crypto.h                    | 107 ++++++++++--------------
 library/psa_crypto.c                    |  96 +++++++++------------
 programs/psa/crypto_examples.c          |   6 +-
 scripts/generate_psa_constants.py       |  43 +---------
 tests/suites/test_suite_psa_crypto.data |  82 +++++++++---------
 5 files changed, 132 insertions(+), 202 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index c3899bfe7..1c68304a6 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -767,65 +767,8 @@ typedef uint32_t psa_algorithm_t;
     (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
      PSA_ALG_CIPHER_MAC_BASE)
 
-#define PSA_ALG_CIPHER_SUBCATEGORY_MASK         ((psa_algorithm_t)0x00c00000)
-#define PSA_ALG_BLOCK_CIPHER_BASE               ((psa_algorithm_t)0x04000000)
-#define PSA_ALG_BLOCK_CIPHER_MODE_MASK          ((psa_algorithm_t)0x000000ff)
-#define PSA_ALG_BLOCK_CIPHER_PADDING_MASK       ((psa_algorithm_t)0x003f0000)
-
-/** Use a block cipher mode without padding.
- *
- * This padding mode may only be used with messages whose lengths are a
- * whole number of blocks for the chosen block cipher.
- */
-#define PSA_ALG_BLOCK_CIPHER_PAD_NONE           ((psa_algorithm_t)0x00000000)
-
-#define PSA_ALG_BLOCK_CIPHER_PAD_PKCS7          ((psa_algorithm_t)0x00010000)
-
-/** Whether the specified algorithm is a block cipher.
- *
- * A block cipher is a symmetric cipher that encrypts or decrypts messages
- * by chopping them into fixed-size blocks. Processing a message requires
- * applying a _padding mode_ to transform the message into one whose
- * length is a whole number of blocks. To construct an algorithm
- * identifier for a block cipher, apply a bitwise-or between the block
- * cipher mode and the padding mode. For example, CBC with PKCS#7 padding
- * is `PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7`.
- *
- * The transformation applied to each block is determined by the key type.
- * For example, to use AES-128-CBC-PKCS7, use the algorithm above with
- * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes).
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is a block cipher algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier or if it is not a symmetric cipher algorithm.
- */
-#define PSA_ALG_IS_BLOCK_CIPHER(alg)            \
-    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_SUBCATEGORY_MASK)) == \
-        PSA_ALG_BLOCK_CIPHER_BASE)
-
-/** The CBC block cipher mode.
- */
-#define PSA_ALG_CBC_BASE                        ((psa_algorithm_t)0x04000001)
-#define PSA_ALG_CFB_BASE                        ((psa_algorithm_t)0x04000002)
-#define PSA_ALG_OFB_BASE                        ((psa_algorithm_t)0x04000003)
-#define PSA_ALG_XTS_BASE                        ((psa_algorithm_t)0x04000004)
-
-#define PSA_ALG_STREAM_CIPHER_BASE              ((psa_algorithm_t)0x04800000)
-
-/** The CTR stream cipher mode.
- *
- * CTR is a stream cipher which is built from a block cipher. The
- * underlying block cipher is determined by the key type. For example,
- * to use AES-128-CTR, use this algorithm with
- * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes).
- */
-#define PSA_ALG_CTR                             ((psa_algorithm_t)0x04800001)
-
-/** The ARC4 stream cipher algorithm.
- */
-#define PSA_ALG_ARC4                            ((psa_algorithm_t)0x04800002)
+#define PSA_ALG_CIPHER_STREAM_FLAG              ((psa_algorithm_t)0x00800000)
+#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG          ((psa_algorithm_t)0x00400000)
 
 /** Whether the specified algorithm is a stream cipher.
  *
@@ -840,8 +783,50 @@ typedef uint32_t psa_algorithm_t;
  *         algorithm identifier or if it is not a symmetric cipher algorithm.
  */
 #define PSA_ALG_IS_STREAM_CIPHER(alg)            \
-    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_SUBCATEGORY_MASK)) == \
-        PSA_ALG_STREAM_CIPHER_BASE)
+    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \
+        (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
+
+/** The ARC4 stream cipher algorithm.
+ */
+#define PSA_ALG_ARC4                            ((psa_algorithm_t)0x04800001)
+
+/** The CTR stream cipher mode.
+ *
+ * CTR is a stream cipher which is built from a block cipher.
+ * The underlying block cipher is determined by the key type.
+ * For example, to use AES-128-CTR, use this algorithm with
+ * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes).
+ */
+#define PSA_ALG_CTR                             ((psa_algorithm_t)0x04c00001)
+
+#define PSA_ALG_CFB                             ((psa_algorithm_t)0x04c00002)
+
+#define PSA_ALG_OFB                             ((psa_algorithm_t)0x04c00003)
+
+/** The XTS cipher mode.
+ *
+ * XTS is a cipher mode which is built from a block cipher. It requires at
+ * least one full block of input, but beyond this minimum the input
+ * does not need to be a whole number of blocks.
+ */
+#define PSA_ALG_XTS                             ((psa_algorithm_t)0x044000ff)
+
+/** The CBC block cipher chaining mode, with no padding.
+ *
+ * The underlying block cipher is determined by the key type.
+ *
+ * This symmetric cipher mode can only be used with messages whose lengths
+ * are whole number of blocks for the chosen block cipher.
+ */
+#define PSA_ALG_CBC_NO_PADDING                  ((psa_algorithm_t)0x04600100)
+
+/** The CBC block cipher chaining mode with PKCS#7 padding.
+ *
+ * The underlying block cipher is determined by the key type.
+ *
+ * This is the padding method defined by PKCS#7 (RFC 2315) &sect;10.3.
+ */
+#define PSA_ALG_CBC_PKCS7                       ((psa_algorithm_t)0x04600101)
 
 #define PSA_ALG_CCM                             ((psa_algorithm_t)0x06000001)
 #define PSA_ALG_GCM                             ((psa_algorithm_t)0x06000002)
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index dfbb6800f..66a6feb3a 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1220,28 +1220,26 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
 
     if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) )
     {
-        if( PSA_ALG_IS_BLOCK_CIPHER( alg ) )
-        {
-            alg &= ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
-        }
-
         switch( alg )
         {
-            case PSA_ALG_STREAM_CIPHER_BASE:
+            case PSA_ALG_ARC4:
                 mode = MBEDTLS_MODE_STREAM;
                 break;
-            case PSA_ALG_CBC_BASE:
-                mode = MBEDTLS_MODE_CBC;
-                break;
-            case PSA_ALG_CFB_BASE:
-                mode = MBEDTLS_MODE_CFB;
-                break;
-            case PSA_ALG_OFB_BASE:
-                mode = MBEDTLS_MODE_OFB;
-                break;
             case PSA_ALG_CTR:
                 mode = MBEDTLS_MODE_CTR;
                 break;
+            case PSA_ALG_CFB:
+                mode = MBEDTLS_MODE_CFB;
+                break;
+            case PSA_ALG_OFB:
+                mode = MBEDTLS_MODE_OFB;
+                break;
+            case PSA_ALG_CBC_NO_PADDING:
+                mode = MBEDTLS_MODE_CBC;
+                break;
+            case PSA_ALG_CBC_PKCS7:
+                mode = MBEDTLS_MODE_CBC;
+                break;
             case PSA_ALG_CCM:
                 mode = MBEDTLS_MODE_CCM;
                 break;
@@ -2419,37 +2417,32 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
     }
 
 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
-    if( ( alg & ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK ) == PSA_ALG_CBC_BASE )
+    switch( alg )
     {
-        psa_algorithm_t padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
-        mbedtls_cipher_padding_t mode;
-
-        switch ( padding_mode )
-        {
-            case PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:
-                mode = MBEDTLS_PADDING_PKCS7;
-                break;
-            case PSA_ALG_BLOCK_CIPHER_PAD_NONE:
-                mode = MBEDTLS_PADDING_NONE;
-                break;
-            default:
-                psa_cipher_abort( operation );
-                return( PSA_ERROR_INVALID_ARGUMENT );
-        }
-        ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher, mode );
-        if( ret != 0 )
-        {
-            psa_cipher_abort( operation );
-            return( mbedtls_to_psa_error( ret ) );
-        }
+        case PSA_ALG_CBC_NO_PADDING:
+            ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher,
+                                                   MBEDTLS_PADDING_NONE );
+            break;
+        case PSA_ALG_CBC_PKCS7:
+            ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher,
+                                                   MBEDTLS_PADDING_PKCS7 );
+            break;
+        default:
+            /* The algorithm doesn't involve padding. */
+            ret = 0;
+            break;
+    }
+    if( ret != 0 )
+    {
+        psa_cipher_abort( operation );
+        return( mbedtls_to_psa_error( ret ) );
     }
 #endif //MBEDTLS_CIPHER_MODE_WITH_PADDING
 
     operation->key_set = 1;
-    operation->block_size = ( PSA_ALG_IS_BLOCK_CIPHER( alg ) ?
-                              PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ) :
-                              1 );
-    if( PSA_ALG_IS_BLOCK_CIPHER( alg ) || alg == PSA_ALG_CTR )
+    operation->block_size = ( PSA_ALG_IS_STREAM_CIPHER( alg ) ? 1 :
+                              PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ) );
+    if( alg & PSA_ALG_CIPHER_FROM_BLOCK_FLAG )
     {
         operation->iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type );
     }
@@ -2541,7 +2534,7 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
     psa_status_t status;
     int ret;
     size_t expected_output_size;
-    if( PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) )
+    if( ! PSA_ALG_IS_STREAM_CIPHER( operation->alg ) )
     {
         /* Take the unprocessed partial block left over from previous
          * update calls, if any, plus the input to this call. Remove
@@ -2590,24 +2583,13 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,
         status = PSA_ERROR_BAD_STATE;
         goto error;
     }
+
     if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT &&
-        PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) )
+        operation->alg == PSA_ALG_CBC_NO_PADDING &&
+        operation->ctx.cipher.unprocessed_len != 0 )
     {
-        psa_algorithm_t padding_mode =
-            operation->alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
-        if( operation->ctx.cipher.unprocessed_len >= operation->block_size )
-        {
-            status = PSA_ERROR_TAMPERING_DETECTED;
+            status = PSA_ERROR_INVALID_ARGUMENT;
             goto error;
-        }
-        if( padding_mode == PSA_ALG_BLOCK_CIPHER_PAD_NONE )
-        {
-            if( operation->ctx.cipher.unprocessed_len != 0 )
-            {
-                status = PSA_ERROR_INVALID_ARGUMENT;
-                goto error;
-            }
-        }
     }
 
     cipher_ret = mbedtls_cipher_finish( &operation->ctx.cipher,
diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c
index e8b64f19a..72c41fa79 100644
--- a/programs/psa/crypto_examples.c
+++ b/programs/psa/crypto_examples.c
@@ -167,8 +167,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void )
         key_bits = 256,
         part_size = block_size,
     };
-    const psa_algorithm_t alg = PSA_ALG_CBC_BASE |
-                                PSA_ALG_BLOCK_CIPHER_PAD_NONE;
+    const psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING;
 
     psa_status_t status;
     size_t output_len = 0;
@@ -216,8 +215,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void )
         part_size = 10,
     };
 
-    const psa_algorithm_t alg = PSA_ALG_CBC_BASE |
-                                PSA_ALG_BLOCK_CIPHER_PAD_PKCS7;
+    const psa_algorithm_t alg = PSA_ALG_CBC_PKCS7;
 
     psa_status_t status;
     size_t output_len = 0;
diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py
index 5a5d2e5cf..7ab1c0a93 100755
--- a/scripts/generate_psa_constants.py
+++ b/scripts/generate_psa_constants.py
@@ -47,34 +47,11 @@ static int psa_snprint_key_type(char *buffer, size_t buffer_size,
     return required_size;
 }
 
-static void append_padding_mode(char **buffer, size_t buffer_size,
-                                size_t *required_size,
-                                psa_algorithm_t padding_mode)
-{
-    size_t n;
-    append(buffer, buffer_size, required_size, " | ", 3);
-    switch (padding_mode) {
-    %(padding_mode_cases)s
-    default:
-        n = snprintf(*buffer, buffer_size - *required_size,
-                     "0x%%08lx", (unsigned long) padding_mode);
-        if (n < buffer_size - *required_size) *buffer += n;
-        *required_size += n;
-        break;
-    }
-}
-
 static int psa_snprint_algorithm(char *buffer, size_t buffer_size,
                                  psa_algorithm_t alg)
 {
     size_t required_size = 0;
-    psa_algorithm_t padding_mode = -1;
-    psa_algorithm_t alg_without_padding = alg;
-    if (PSA_ALG_IS_CIPHER(alg) && PSA_ALG_IS_BLOCK_CIPHER(alg)) {
-        padding_mode = alg & PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
-        alg_without_padding = alg & ~PSA_ALG_BLOCK_CIPHER_PADDING_MASK;
-    }
-    switch (alg_without_padding) {
+    switch (alg) {
     %(algorithm_cases)s
     default:
         %(algorithm_code)s{
@@ -83,9 +60,6 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size,
         }
         break;
     }
-    if (padding_mode != (psa_algorithm_t) -1) {
-        append_padding_mode(&buffer, buffer_size, &required_size, padding_mode);
-    }
     buffer[0] = 0;
     return required_size;
 }
@@ -125,10 +99,10 @@ key_type_from_curve_template = '''if (%(tester)s(type)) {
                               PSA_KEY_TYPE_GET_CURVE(type));
         } else '''
 
-algorithm_from_hash_template = '''if (%(tester)s(alg_without_padding)) {
+algorithm_from_hash_template = '''if (%(tester)s(alg)) {
             append_with_hash(&buffer, buffer_size, &required_size,
                              "%(builder)s", %(builder_length)s,
-                             PSA_ALG_GET_HASH(alg_without_padding));
+                             PSA_ALG_GET_HASH(alg));
         } else '''
 
 bit_test_template = '''\
@@ -149,7 +123,6 @@ class MacroCollector:
         self.ecc_curves = set()
         self.algorithms = set()
         self.hash_algorithms = set()
-        self.block_cipher_padding_modes = set()
         self.algorithms_from_hash = {}
         self.key_usages = set()
 
@@ -175,11 +148,8 @@ class MacroCollector:
             self.key_types_from_curve[name] = name[:13] + 'IS_' + name[13:]
         elif name.startswith('PSA_ECC_CURVE_') and not parameter:
             self.ecc_curves.add(name)
-        elif name.startswith('PSA_ALG_BLOCK_CIPHER_PAD_') and not parameter:
-            self.block_cipher_padding_modes.add(name)
         elif name.startswith('PSA_ALG_') and not parameter:
-            if name in ['PSA_ALG_BLOCK_CIPHER_BASE',
-                        'PSA_ALG_ECDSA_BASE',
+            if name in ['PSA_ALG_ECDSA_BASE',
                         'PSA_ALG_RSA_PKCS1V15_SIGN_BASE']:
                 # Ad hoc skipping of duplicate names for some numerical values
                 return
@@ -250,10 +220,6 @@ class MacroCollector:
         return '\n    '.join(map(self.make_return_case,
                                  sorted(self.hash_algorithms)))
 
-    def make_padding_mode_cases(self):
-        return '\n    '.join(map(self.make_inner_append_case,
-                                 sorted(self.block_cipher_padding_modes)))
-
     def make_algorithm_cases(self):
         return '\n    '.join(map(self.make_append_case,
                                  sorted(self.algorithms)))
@@ -279,7 +245,6 @@ class MacroCollector:
         data['key_type_cases'] = self.make_key_type_cases()
         data['key_type_code'] = self.make_key_type_code()
         data['hash_algorithm_cases'] = self.make_hash_algorithm_cases()
-        data['padding_mode_cases'] = self.make_padding_mode_cases()
         data['algorithm_cases'] = self.make_algorithm_cases()
         data['algorithm_code'] = self.make_algorithm_code()
         data['key_usage_code'] = self.make_key_usage_code()
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index c60b2fcec..94e8d5bd8 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -114,7 +114,7 @@ import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5
 
 PSA import/export-public: cannot export-public a symmetric key
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:128:0:PSA_ERROR_INVALID_ARGUMENT
+import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:128:0:PSA_ERROR_INVALID_ARGUMENT
 
 PSA import/export EC secp256r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
@@ -183,7 +183,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:0:PSA_ERROR_NOT_SUPPORTED
 
 PSA key policy set and get
-key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE
+key_policy:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_NO_PADDING
 
 PSA key policy: MAC, sign | verify
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
@@ -211,7 +211,7 @@ cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_
 
 PSA key policy: cipher, wrong algorithm
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_CIPHER_MODE_CBC
-cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE
+cipher_key_policy:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_CBC_NO_PADDING
 
 PSA key policy: cipher, encrypt but not decrypt
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
@@ -343,7 +343,7 @@ mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f1011121314151617181
 
 PSA MAC setup: bad algorithm (not a MAC algorithm)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_ERROR_INVALID_ARGUMENT
+mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
 
 PSA MAC setup: invalid key type, HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
@@ -482,127 +482,127 @@ cipher_setup:PSA_KEY_TYPE_ARC4:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PS
 
 PSA symmetric encrypt: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
+cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743b":PSA_SUCCESS
 
 PSA symmetric encrypt: AES-CBC-PKCS#7, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS
+cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":PSA_SUCCESS
 
 PSA symmetric encrypt: AES-CBC-PKCS#7, 15 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS
+cipher_encrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"6279b49d7f7a8dd87b685175d4276e24":PSA_SUCCESS
 
 PSA symmetric encrypt: AES-CBC-nopad, input too short
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
+cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_INVALID_ARGUMENT
 
 PSA symmetric encrypt: AES-CTR, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
+cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":PSA_SUCCESS
 
 PSA symmetric encrypt: AES-CTR, 15 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
-cipher_encrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
+cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"8f9408fe80a81d3e813da3c7b0b2bd":PSA_SUCCESS
 
 PSA symmetric encrypt: DES-CBC-nopad, 8 bytes, good
 depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0e":"eda4011239bc3ac9":"64f917b0152f8f05":PSA_SUCCESS
+cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"eda4011239bc3ac9":"64f917b0152f8f05":PSA_SUCCESS
 
 PSA symmetric encrypt: 2-key 3DES-CBC-nopad, 8 bytes, good
 depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"eda4011239bc3ac9":"5d0652429c5b0ac7":PSA_SUCCESS
+cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"eda4011239bc3ac9":"5d0652429c5b0ac7":PSA_SUCCESS
 
 PSA symmetric encrypt: 3-key 3DES-CBC-nopad, 8 bytes, good
 depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"eda4011239bc3ac9":"817ca7d69b80d86a":PSA_SUCCESS
+cipher_encrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"eda4011239bc3ac9":"817ca7d69b80d86a":PSA_SUCCESS
 
 PSA symmetric decrypt: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"49e4e66c89a86b67758df89db9ad6955":PSA_SUCCESS
 
 PSA symmetric decrypt: AES-CBC-PKCS#7, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
+cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743bca7e8a15dc3c776436314293031cd4f3":"6bc1bee22e409f96e93d7e117393172a":PSA_SUCCESS
 
 PSA symmetric decrypt: AES-CBC-PKCS#7, 15 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS
+cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6279b49d7f7a8dd87b685175d4276e24":"6bc1bee22e409f96e93d7e11739317":PSA_SUCCESS
 
 PSA symmetric decrypt: AES-CBC-PKCS#7, input too short (15 bytes)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE
+cipher_decrypt:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317":"49e4e66c89a86b67758df89db9ad6955":PSA_ERROR_BAD_STATE
 
 PSA symmetric decrypt: AES-CTR, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_MODE_CTR
-cipher_decrypt:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS
+cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":PSA_SUCCESS
 
 PSA symmetric decrypt: AES-CBC-nopad, input too short (5 bytes)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee223":"6bc1bee223":PSA_ERROR_BAD_STATE
 
 PSA symmetric decrypt: DES-CBC-nopad, 8 bytes, good
 depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0e":"64f917b0152f8f05":"eda4011239bc3ac9":PSA_SUCCESS
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0e":"64f917b0152f8f05":"eda4011239bc3ac9":PSA_SUCCESS
 
 PSA symmetric decrypt: 2-key 3DES-CBC-nopad, 8 bytes, good
 depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"5d0652429c5b0ac7":"eda4011239bc3ac9":PSA_SUCCESS
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce":"5d0652429c5b0ac7":"eda4011239bc3ac9":PSA_SUCCESS
 
 PSA symmetric decrypt: 3-key 3DES-CBC-nopad, 8 bytes, good
 depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"817ca7d69b80d86a":"eda4011239bc3ac9":PSA_SUCCESS
+cipher_decrypt:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_DES:"01020407080b0d0ec1c2c4c7c8cbcdce31323437383b3d3e":"817ca7d69b80d86a":"eda4011239bc3ac9":PSA_SUCCESS
 
 PSA symmetric encrypt/decrypt: AES-CBC-nopad, 16 bytes, good
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+cipher_verify_output:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
 PSA symmetric encrypt/decrypt: AES-CBC-PKCS#7, 16 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+cipher_verify_output:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
 PSA symmetric encrypt/decrypt: AES-CBC-PKCS#7, 15 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-cipher_verify_output:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
+cipher_verify_output:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
 
 PSA symmetric encrypt/decrypt: AES-CTR
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
-cipher_verify_output:PSA_ALG_CTR | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
+cipher_verify_output:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
 
 PSA symmetric encryption multipart: AES-CBC-nopad, 7+9 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b"
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":7:"a076ec9dfbe47d52afc357336f20743b"
 
 PSA symmetric encryption multipart: AES-CBC-nopad, 3+13 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b"
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":3:"a076ec9dfbe47d52afc357336f20743b"
 
 PSA symmetric encryption multipart: AES-CBC-nopad, 4+12 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:"a076ec9dfbe47d52afc357336f20743b"
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":4:"a076ec9dfbe47d52afc357336f20743b"
 
 PSA symmetric encryption multipart: AES-CBC-nopad, 11+5 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_encrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b"
+cipher_encrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a":11:"a076ec9dfbe47d52afc357336f20743b"
 
 PSA symmetric decryption multipart: AES-CBC-nopad, 7+9 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a"
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":7:"6bc1bee22e409f96e93d7e117393172a"
 
 PSA symmetric decryption multipart: AES-CBC-nopad, 3+13 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:"6bc1bee22e409f96e93d7e117393172a"
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":3:"6bc1bee22e409f96e93d7e117393172a"
 
 PSA symmetric decryption multipart: AES-CBC-nopad, 11+5 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_decrypt_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:"6bc1bee22e409f96e93d7e117393172a"
+cipher_decrypt_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11:"6bc1bee22e409f96e93d7e117393172a"
 
 PSA symmetric encrypt/decrypt multipart: AES-CBC-nopad, 11+5 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-cipher_verify_output_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11
+cipher_verify_output_multipart:PSA_ALG_CBC_NO_PADDING:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":11
 
 PSA symmetric encrypt/decrypt multipart: AES-CBC-PKCS#7 padding, 4+12 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-cipher_verify_output_multipart:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4
+cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"a076ec9dfbe47d52afc357336f20743b":4
 
 PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #1
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
@@ -1068,15 +1068,15 @@ derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0
 
 PSA key derivation: HKDF SHA-256, exercise DES-CBC
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
 
 PSA key derivation: HKDF SHA-256, exercise 2-key 3DES-CBC
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
 
 PSA key derivation: HKDF SHA-256, exercise 3-key 3DES-CBC
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
-derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_PKCS7
+derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_ENCRYPT:PSA_ALG_CBC_PKCS7
 
 PSA key derivation: HKDF SHA-256, exercise HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
@@ -1137,15 +1137,15 @@ generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT |
 
 PSA generate key: DES, 64 bits, CBC-nopad
 depends_on:MBEDTLS_DES_C
-generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS
+generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS
 
 PSA generate key: DES, 128 bits, CBC-nopad
 depends_on:MBEDTLS_DES_C
-generate_key:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS
+generate_key:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS
 
 PSA generate key: DES, 192 bits, CBC-nopad
 depends_on:MBEDTLS_DES_C
-generate_key:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_SUCCESS
+generate_key:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS
 
 PSA generate key: invalid key size: AES, 64 bits
 depends_on:MBEDTLS_AES_C

From 44fed61e01486435d7c4e2248739e581fd1dd83e Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 21 Aug 2018 18:20:20 +0200
Subject: [PATCH 487/889] Create infrastructure for metadata validation unit
 tests

---
 crypto/tests/Makefile                          |  3 +++
 scripts/mbed_crypto.make                       |  2 ++
 .../suites/test_suite_psa_crypto_metadata.data |  0
 .../test_suite_psa_crypto_metadata.function    | 18 ++++++++++++++++++
 4 files changed, 23 insertions(+)
 create mode 100644 tests/suites/test_suite_psa_crypto_metadata.data
 create mode 100644 tests/suites/test_suite_psa_crypto_metadata.function

diff --git a/crypto/tests/Makefile b/crypto/tests/Makefile
index 3315a6eca..2de5ffa7a 100644
--- a/crypto/tests/Makefile
+++ b/crypto/tests/Makefile
@@ -15,10 +15,12 @@ PYTHON ?= python
 
 APPS := \
 	test_suite_psa_crypto \
+	test_suite_psa_crypto_metadata \
 # Don't delete this line.
 
 # Look up for associated function files
 func.test_suite_psa_crypto := test_suite_psa_crypto
+func.test_suite_psa_crypto_metadata := test_suite_psa_crypto_metadata
 
 .SILENT:
 
@@ -52,6 +54,7 @@ clean:
 	rm -rf data_files/ctr_drbg_seed data_files/hmac_drbg_seed data_files/mpi_write
 
 test: $(APPS)
+	./test_suite_psa_crypto_metadata
 	./test_suite_psa_crypto
 
 # Create separate targets for generating embedded tests.
diff --git a/scripts/mbed_crypto.make b/scripts/mbed_crypto.make
index f06bdfba2..5da57084d 100644
--- a/scripts/mbed_crypto.make
+++ b/scripts/mbed_crypto.make
@@ -150,6 +150,8 @@ TEST_FILES := \
 	tests/suites/target_test.function \
 	tests/suites/test_suite_psa_crypto.data \
 	tests/suites/test_suite_psa_crypto.function \
+	tests/suites/test_suite_psa_crypto_metadata.data \
+	tests/suites/test_suite_psa_crypto_metadata.function \
 # Don't delete this line.
 
 OTHER_FILES := \
diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data
new file mode 100644
index 000000000..e69de29bb
diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
new file mode 100644
index 000000000..51f7a5ef5
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -0,0 +1,18 @@
+/* BEGIN_HEADER */
+/* Test macros that provide metadata about algorithms and key types.
+ * This test suite only contains tests that don't require executing
+ * code. Other test suites validate macros that require creating a key
+ * and using it. */
+
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+#include "spm/psa_defs.h"
+#endif
+
+#include "psa/crypto.h"
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */

From 583b55d97d4e263df379aea04be1f18f623caef3 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 22 Aug 2018 18:21:32 +0200
Subject: [PATCH 488/889] Add PSA_KEY_TYPE_IS_DSA to go with
 PSA_KEY_TYPE_IS_RSA

Also move PSA_KEY_TYPE_IS_RSA to a more logical location.
---
 include/psa/crypto.h | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 1c68304a6..439ca52b2 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -416,9 +416,6 @@ typedef uint32_t psa_key_type_t;
  */
 #define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type)        \
     ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
-/** Whether a key type is an RSA key (pair or public-only). */
-#define PSA_KEY_TYPE_IS_RSA(type)                                       \
-    (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
 
 /** Raw data.
  *
@@ -475,11 +472,17 @@ typedef uint32_t psa_key_type_t;
 #define PSA_KEY_TYPE_RSA_PUBLIC_KEY             ((psa_key_type_t)0x60010000)
 /** RSA key pair (private and public key). */
 #define PSA_KEY_TYPE_RSA_KEYPAIR                ((psa_key_type_t)0x70010000)
+/** Whether a key type is an RSA key (pair or public-only). */
+#define PSA_KEY_TYPE_IS_RSA(type)                                       \
+    (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
 
 /** DSA public key. */
 #define PSA_KEY_TYPE_DSA_PUBLIC_KEY             ((psa_key_type_t)0x60020000)
 /** DSA key pair (private and public key). */
 #define PSA_KEY_TYPE_DSA_KEYPAIR                ((psa_key_type_t)0x70020000)
+/** Whether a key type is an DSA key (pair or public-only). */
+#define PSA_KEY_TYPE_IS_DSA(type)                                       \
+    (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
 
 #define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE        ((psa_key_type_t)0x60030000)
 #define PSA_KEY_TYPE_ECC_KEYPAIR_BASE           ((psa_key_type_t)0x70030000)

From 70ce2c6170a2eb46f56854e520c8ef3de55df82b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 22 Aug 2018 18:21:57 +0200
Subject: [PATCH 489/889] FFDHE groups are not elliptic curves

TLS now defines named curves in the "TLS Supported Groups registry",
but we're using the encoding only for elliptic curves, so don't
include values that aren't named curve.

While we're at it, upgrade the reference to the shiny new RFC 8422.
---
 include/psa/crypto.h | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 439ca52b2..ff299362e 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -517,7 +517,7 @@ typedef uint16_t psa_ecc_curve_t;
  * TLS Supported Groups Registry (formerly known as the
  * TLS EC Named Curve Registry)
  * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
- * The values are defined by RFC 4492, RFC 7027 and RFC 7919. */
+ * The values are defined by RFC 8422 and RFC 7027. */
 #define PSA_ECC_CURVE_SECT163K1         ((psa_ecc_curve_t) 0x0001)
 #define PSA_ECC_CURVE_SECT163R1         ((psa_ecc_curve_t) 0x0002)
 #define PSA_ECC_CURVE_SECT163R2         ((psa_ecc_curve_t) 0x0003)
@@ -548,11 +548,6 @@ typedef uint16_t psa_ecc_curve_t;
 #define PSA_ECC_CURVE_BRAINPOOL_P512R1  ((psa_ecc_curve_t) 0x001c)
 #define PSA_ECC_CURVE_CURVE25519        ((psa_ecc_curve_t) 0x001d)
 #define PSA_ECC_CURVE_CURVE448          ((psa_ecc_curve_t) 0x001e)
-#define PSA_ECC_CURVE_FFDHE_2048        ((psa_ecc_curve_t) 0x0100)
-#define PSA_ECC_CURVE_FFDHE_3072        ((psa_ecc_curve_t) 0x0101)
-#define PSA_ECC_CURVE_FFDHE_4096        ((psa_ecc_curve_t) 0x0102)
-#define PSA_ECC_CURVE_FFDHE_6144        ((psa_ecc_curve_t) 0x0103)
-#define PSA_ECC_CURVE_FFDHE_8192        ((psa_ecc_curve_t) 0x0104)
 
 /** The block size of a block cipher.
  *

From 9df2dc87ab9b50633345068aba36b9aa71ecda65 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 22 Aug 2018 18:24:17 +0200
Subject: [PATCH 490/889] Fix name of PSA_ALG_IS_BLOCK_CIPHER_MAC

The macro was used under the name PSA_ALG_IS_BLOCK_CIPHER_MAC but
defined as PSA_ALG_IS_CIPHER_MAC. That wouldn't have worked if we used
this macro (we currently don't but it may become useful).
---
 include/psa/crypto.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index ff299362e..ab9bb8e66 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -761,7 +761,7 @@ typedef uint32_t psa_algorithm_t;
  *         This macro may return either 0 or 1 if \p alg is not a supported
  *         algorithm identifier.
  */
-#define PSA_ALG_IS_CIPHER_MAC(alg)                                      \
+#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg)                                \
     (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
      PSA_ALG_CIPHER_MAC_BASE)
 

From 00709fafb80ea8a8ab3963a0880e5585257d7339 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 22 Aug 2018 18:25:41 +0200
Subject: [PATCH 491/889] Rename PSA_ALG_HMAC_HASH to PSA_ALG_HMAC_GET_HASH

Be consistent with other GET_HASH macros.
---
 include/psa/crypto.h       | 32 ++++++++++++++++----------------
 include/psa/crypto_sizes.h |  2 +-
 library/psa_crypto.c       |  4 ++--
 3 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index ab9bb8e66..276eb238d 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -731,7 +731,7 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_HMAC(hash_alg)                                  \
     (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
 
-#define PSA_ALG_HMAC_HASH(hmac_alg)                             \
+#define PSA_ALG_HMAC_GET_HASH(hmac_alg)                             \
     (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
 
 /** Whether the specified algorithm is an HMAC algorithm.
@@ -1590,21 +1590,21 @@ typedef struct psa_hash_operation_s psa_hash_operation_t;
  */
 #define PSA_HASH_SIZE(alg)                                      \
     (                                                           \
-        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD2 ? 16 :            \
-        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD4 ? 16 :            \
-        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD5 ? 16 :            \
-        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 :      \
-        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_1 ? 20 :          \
-        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_224 ? 28 :        \
-        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_256 ? 32 :        \
-        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_384 ? 48 :        \
-        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512 ? 64 :        \
-        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 :    \
-        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 :    \
-        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_224 ? 28 :       \
-        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_256 ? 32 :       \
-        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_384 ? 48 :       \
-        PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_512 ? 64 :       \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 :            \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 16 :            \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 :            \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 :      \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 :          \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28 :        \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32 :        \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48 :        \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64 :        \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 :    \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 :    \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28 :       \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32 :       \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48 :       \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64 :       \
         0)
 
 /** Start a multipart hash operation.
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index c42375beb..988c43f5a 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -160,7 +160,7 @@
  *                      with the algorithm.
  */
 #define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg)                     \
-    (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_HASH(alg)) : \
+    (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_GET_HASH(alg)) : \
      PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \
      0)
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 66a6feb3a..91c14bb03 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1549,7 +1549,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
 #if defined(MBEDTLS_MD_C)
     if( PSA_ALG_IS_HMAC( alg ) )
     {
-        psa_algorithm_t hash_alg = PSA_ALG_HMAC_HASH( alg );
+        psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg );
         if( hash_alg == 0 )
         {
             status = PSA_ERROR_NOT_SUPPORTED;
@@ -3253,7 +3253,7 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf,
     psa_status_t status;
     status = psa_hmac_setup_internal( &hkdf->hmac,
                                       salt, salt_length,
-                                      PSA_ALG_HMAC_HASH( hash_alg ) );
+                                      PSA_ALG_HMAC_GET_HASH( hash_alg ) );
     if( status != PSA_SUCCESS )
         return( status );
     status = psa_hash_update( &hkdf->hmac.hash_ctx,

From 35fe2034c1d6089217bb91f8c4da2f9afbb88d4d Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 22 Aug 2018 18:26:02 +0200
Subject: [PATCH 492/889] PSA_MAC_FINAL_SIZE: we don't use key_bits at the
 moment

None of the currently defined MAC algorithms have a MAC size that
depends on the key size, so the key_bits parameter is unused. The
key_type parameter may be unused on an implementation where there is
no block cipher MAC. Declare the key_type and key_bits parameters as
used so that callers who define a variable just for this don't risk
getting "unused variable" warnings.
---
 include/psa/crypto_sizes.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index 988c43f5a..4aa7cd89e 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -162,7 +162,7 @@
 #define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg)                     \
     (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_GET_HASH(alg)) : \
      PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \
-     0)
+     ((void)(key_type), (void)(key_bits), 0))
 
 /** The maximum size of the output of psa_aead_encrypt(), in bytes.
  *

From 17351eb7f26facc20aff5ddf03521961988bfc08 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 22 Aug 2018 18:36:36 +0200
Subject: [PATCH 493/889] Algorithm validation tests

For all algorithms, validate feature test macros (PSA_ALG_IS_xxx).

For hash algorithms, validate the exact hash size, and validate
xxx_GET_HASH macros on dependent algorithms.

For MAC algorithms, validate the MAC size. For AEAD algorithms,
validate the tag size.

There is a separate test case for each HMAC algorithm, which is
necessary because each has its own MAC size. For other hash-dependent
algorithms, there is no interesting variation to test here, so only
one hash gets tested.
---
 .../test_suite_psa_crypto_metadata.data       | 183 ++++++++++++++
 .../test_suite_psa_crypto_metadata.function   | 232 ++++++++++++++++++
 2 files changed, 415 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data
index e69de29bb..d1a5986d8 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.data
+++ b/tests/suites/test_suite_psa_crypto_metadata.data
@@ -0,0 +1,183 @@
+Hash: MD2
+hash_algorithm:PSA_ALG_MD2:16
+
+Hash: MD4
+hash_algorithm:PSA_ALG_MD4:16
+
+Hash: MD5
+hash_algorithm:PSA_ALG_MD5:16
+
+Hash: RIPEMD160
+hash_algorithm:PSA_ALG_RIPEMD160:20
+
+Hash: SHA-1
+hash_algorithm:PSA_ALG_SHA_1:20
+
+Hash: SHA-2 SHA-224
+hash_algorithm:PSA_ALG_SHA_224:28
+
+Hash: SHA-2 SHA-256
+hash_algorithm:PSA_ALG_SHA_256:32
+
+Hash: SHA-2 SHA-384
+hash_algorithm:PSA_ALG_SHA_384:48
+
+Hash: SHA-2 SHA-512
+hash_algorithm:PSA_ALG_SHA_512:64
+
+Hash: SHA-2 SHA-512/224
+hash_algorithm:PSA_ALG_SHA_512_224:28
+
+Hash: SHA-2 SHA-512/256
+hash_algorithm:PSA_ALG_SHA_512_256:32
+
+Hash: SHA-3 SHA3-224
+hash_algorithm:PSA_ALG_SHA3_224:28
+
+Hash: SHA-3 SHA3-256
+hash_algorithm:PSA_ALG_SHA3_256:32
+
+Hash: SHA-3 SHA3-384
+hash_algorithm:PSA_ALG_SHA3_384:48
+
+Hash: SHA-3 SHA3-512
+hash_algorithm:PSA_ALG_SHA3_512:64
+
+MAC: HMAC-MD2
+mac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD2 ):ALG_IS_HMAC:16:PSA_KEY_TYPE_HMAC:128
+
+MAC: HMAC-MD4
+mac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD4 ):ALG_IS_HMAC:16:PSA_KEY_TYPE_HMAC:128
+
+MAC: HMAC-MD5
+mac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):ALG_IS_HMAC:16:PSA_KEY_TYPE_HMAC:128
+
+MAC: HMAC-RIPEMD160
+mac_algorithm:PSA_ALG_HMAC( PSA_ALG_RIPEMD160 ):ALG_IS_HMAC:20:PSA_KEY_TYPE_HMAC:160
+
+MAC: HMAC-SHA-1
+mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_1 ):ALG_IS_HMAC:20:PSA_KEY_TYPE_HMAC:160
+
+MAC: HMAC-SHA-224
+mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_224 ):ALG_IS_HMAC:28:PSA_KEY_TYPE_HMAC:224
+
+MAC: HMAC-SHA-256
+mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_256 ):ALG_IS_HMAC:32:PSA_KEY_TYPE_HMAC:256
+
+MAC: HMAC-SHA-384
+mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_384 ):ALG_IS_HMAC:48:PSA_KEY_TYPE_HMAC:384
+
+MAC: HMAC-SHA-512
+mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512 ):ALG_IS_HMAC:64:PSA_KEY_TYPE_HMAC:512
+
+MAC: HMAC-SHA-512/224
+mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_224 ):ALG_IS_HMAC:28:PSA_KEY_TYPE_HMAC:224
+
+MAC: HMAC-SHA-512/256
+mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_256 ):ALG_IS_HMAC:32:PSA_KEY_TYPE_HMAC:256
+
+MAC: HMAC-SHA3-224
+mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_224 ):ALG_IS_HMAC:28:PSA_KEY_TYPE_HMAC:224
+
+MAC: HMAC-SHA3-256
+mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_256 ):ALG_IS_HMAC:32:PSA_KEY_TYPE_HMAC:256
+
+MAC: HMAC-SHA3-384
+mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_384 ):ALG_IS_HMAC:48:PSA_KEY_TYPE_HMAC:384
+
+MAC: HMAC-SHA3-512
+mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_512 ):ALG_IS_HMAC:64:PSA_KEY_TYPE_HMAC:512
+
+MAC: CBC_MAC-AES-128
+mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
+
+MAC: CBC_MAC-AES-192
+mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
+
+MAC: CBC_MAC-AES-256
+mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
+
+MAC: CBC_MAC-3DES
+mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192
+
+MAC: CMAC-AES-128
+mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
+
+MAC: CMAC-AES-192
+mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
+
+MAC: CMAC-AES-256
+mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
+
+MAC: CMAC-3DES
+mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192
+
+MAC: GMAC-AES-128
+mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
+
+MAC: GMAC-AES-192
+mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
+
+MAC: GMAC-AES-256
+mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
+
+Cipher: ARC4
+cipher_algorithm:PSA_ALG_ARC4:ALG_IS_STREAM_CIPHER
+
+Cipher: CTR
+cipher_algorithm:PSA_ALG_CTR:ALG_IS_STREAM_CIPHER
+
+Cipher: CFB
+cipher_algorithm:PSA_ALG_CFB:ALG_IS_STREAM_CIPHER
+
+Cipher: OFB
+cipher_algorithm:PSA_ALG_OFB:ALG_IS_STREAM_CIPHER
+
+Cipher: CBC-nopad
+cipher_algorithm:PSA_ALG_CBC_NO_PADDING:0
+
+Cipher: CBC-PKCS#7
+cipher_algorithm:PSA_ALG_CBC_PKCS7:0
+
+Cipher: XTS
+cipher_algorithm:PSA_ALG_XTS:0
+
+AEAD: CCM
+aead_algorithm:PSA_ALG_CCM:0:16
+
+AEAD: GCM
+aead_algorithm:PSA_ALG_GCM:0:16
+
+Asymmetric signature: RSA PKCS#1 v1.5 raw
+asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:ALG_IS_RSA_PKCS1V15_SIGN
+
+Asymmetric signature: RSA PKCS#1 v1.5 SHA-256
+asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 ):ALG_IS_RSA_PKCS1V15_SIGN
+
+Asymmetric signature: RSA PSS SHA-256
+asymmetric_signature_algorithm:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):ALG_IS_RSA_PSS
+
+Asymmetric signature: SHA-256 + randomized DSA SHA-256 using SHA-256
+asymmetric_signature_algorithm:PSA_ALG_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA
+
+Asymmetric signature: SHA-256 + deterministic DSA using SHA-256
+asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC
+
+Asymmetric signature: randomized ECDSA (no hashing)
+asymmetric_signature_algorithm:PSA_ALG_ECDSA_ANY:ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA
+
+Asymmetric signature: SHA-256 + randomized ECDSA
+asymmetric_signature_algorithm:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA
+
+Asymmetric signature: SHA-256 + deterministic DSA using SHA-256
+asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC
+
+Asymmetric encryption: RSA PKCS#1 v1.5
+asymmetric_encryption_algorithm:PSA_ALG_RSA_PKCS1V15_CRYPT:0
+
+Asymmetric encryption: RSA OAEP using SHA-256
+asymmetric_encryption_algorithm:PSA_ALG_RSA_OAEP( PSA_ALG_SHA_256 ):ALG_IS_RSA_OAEP
+
+Key derivation: HKDF using SHA-256
+key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):ALG_IS_HKDF
+
diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
index 51f7a5ef5..d25aace10 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.function
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -10,9 +10,241 @@
 
 #include "psa/crypto.h"
 
+/* Flags for algorithm classification macros. There is a flag for every
+ * algorithm classification macro PSA_ALG_IS_xxx except for the
+ * category test macros, which are hard-coded in each
+ * category-specific function. The name of the flag is the name of the
+ * classification macro without the PSA_ prefix. */
+#define ALG_IS_VENDOR_DEFINED           ( 1u << 0 )
+#define ALG_IS_HMAC                     ( 1u << 1 )
+#define ALG_IS_BLOCK_CIPHER_MAC         ( 1u << 2 )
+#define ALG_IS_STREAM_CIPHER            ( 1u << 3 )
+#define ALG_IS_RSA_PKCS1V15_SIGN        ( 1u << 4 )
+#define ALG_IS_RSA_PSS                  ( 1u << 5 )
+#define ALG_IS_DSA                      ( 1u << 6 )
+#define ALG_DSA_IS_DETERMINISTIC        ( 1u << 7 )
+#define ALG_IS_DETERMINISTIC_DSA        ( 1u << 8 )
+#define ALG_IS_RANDOMIZED_DSA           ( 1u << 9 )
+#define ALG_IS_ECDSA                    ( 1u << 10 )
+#define ALG_ECDSA_IS_DETERMINISTIC      ( 1u << 11 )
+#define ALG_IS_DETERMINISTIC_ECDSA      ( 1u << 12 )
+#define ALG_IS_RANDOMIZED_ECDSA         ( 1u << 13 )
+#define ALG_IS_RSA_OAEP                 ( 1u << 14 )
+#define ALG_IS_HKDF                     ( 1u << 15 )
+
+#define TEST_CLASSIFICATION_MACRO( flag, alg, flags )            \
+    TEST_ASSERT( PSA_##flag( alg ) == !! ( ( flags ) & flag ) )
+
+void algorithm_classification( psa_algorithm_t alg, unsigned flags )
+{
+    TEST_CLASSIFICATION_MACRO( ALG_IS_VENDOR_DEFINED, alg, flags );
+    TEST_CLASSIFICATION_MACRO( ALG_IS_HMAC, alg, flags );
+    TEST_CLASSIFICATION_MACRO( ALG_IS_BLOCK_CIPHER_MAC, alg, flags );
+    TEST_CLASSIFICATION_MACRO( ALG_IS_STREAM_CIPHER, alg, flags );
+    TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_PKCS1V15_SIGN, alg, flags );
+    TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_PSS, alg, flags );
+    TEST_CLASSIFICATION_MACRO( ALG_IS_DSA, alg, flags );
+    if ( PSA_ALG_IS_DSA( alg ) )
+        TEST_CLASSIFICATION_MACRO( ALG_DSA_IS_DETERMINISTIC, alg, flags );
+    TEST_CLASSIFICATION_MACRO( ALG_IS_DETERMINISTIC_DSA, alg, flags );
+    TEST_CLASSIFICATION_MACRO( ALG_IS_RANDOMIZED_DSA, alg, flags );
+    TEST_CLASSIFICATION_MACRO( ALG_IS_ECDSA, alg, flags );
+    if ( PSA_ALG_IS_ECDSA( alg ) )
+        TEST_CLASSIFICATION_MACRO( ALG_ECDSA_IS_DETERMINISTIC, alg, flags );
+    TEST_CLASSIFICATION_MACRO( ALG_IS_DETERMINISTIC_ECDSA, alg, flags );
+    TEST_CLASSIFICATION_MACRO( ALG_IS_RANDOMIZED_ECDSA, alg, flags );
+    TEST_CLASSIFICATION_MACRO( ALG_IS_RSA_OAEP, alg, flags );
+    TEST_CLASSIFICATION_MACRO( ALG_IS_HKDF, alg, flags );
+exit: ;
+}
+
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
  * depends_on:MBEDTLS_PSA_CRYPTO_C
  * END_DEPENDENCIES
  */
+
+/* BEGIN_CASE */
+void hash_algorithm( int alg_arg, int length_arg )
+{
+    psa_algorithm_t alg = alg_arg;
+    size_t length = length_arg;
+    psa_algorithm_t hmac_alg = PSA_ALG_HMAC( alg );
+    psa_algorithm_t rsa_pkcs1v15_sign_alg = PSA_ALG_RSA_PKCS1V15_SIGN( alg );
+    psa_algorithm_t rsa_pss_alg = PSA_ALG_RSA_PSS( alg );
+    psa_algorithm_t dsa_alg = PSA_ALG_DSA( alg );
+    psa_algorithm_t deterministic_dsa_alg = PSA_ALG_DETERMINISTIC_DSA( alg );
+    psa_algorithm_t ecdsa_alg = PSA_ALG_ECDSA( alg );
+    psa_algorithm_t deterministic_ecdsa_alg = PSA_ALG_DETERMINISTIC_ECDSA( alg );
+    psa_algorithm_t rsa_oaep_alg = PSA_ALG_RSA_OAEP( alg );
+    psa_algorithm_t hkdf_alg = PSA_ALG_HKDF( alg );
+
+    /* Algorithm classification */
+    TEST_ASSERT( PSA_ALG_IS_HASH( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+    algorithm_classification( alg, 0 );
+
+    /* Dependent algorithms */
+    TEST_ASSERT( PSA_ALG_HMAC_GET_HASH( hmac_alg ) == alg );
+    TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( rsa_pkcs1v15_sign_alg ) == alg );
+    TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( rsa_pss_alg ) == alg );
+    TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( dsa_alg ) == alg );
+    TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( deterministic_dsa_alg ) == alg );
+    TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( ecdsa_alg ) == alg );
+    TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( deterministic_ecdsa_alg ) == alg );
+    TEST_ASSERT( PSA_ALG_RSA_OAEP_GET_HASH( rsa_oaep_alg ) == alg );
+    TEST_ASSERT( PSA_ALG_HKDF_GET_HASH( hkdf_alg ) == alg );
+
+    /* Hash length and block size */
+    TEST_ASSERT( length == PSA_HASH_SIZE( alg ) );
+    TEST_ASSERT( length <= PSA_HASH_MAX_SIZE );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mac_algorithm( int alg_arg, int classification_flags,
+                    int length_arg,
+                    int key_type_arg, int key_bits_arg )
+{
+    psa_algorithm_t alg = alg_arg;
+    size_t length = length_arg;
+    size_t key_type = key_type_arg;
+    size_t key_bits = key_bits_arg;
+
+    /* Algorithm classification */
+    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+    TEST_ASSERT( PSA_ALG_IS_MAC( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+    algorithm_classification( alg, classification_flags );
+
+    /* Length */
+    TEST_ASSERT( length == PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) );
+    TEST_ASSERT( length <= PSA_MAC_MAX_SIZE );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void cipher_algorithm( int alg_arg, int classification_flags )
+{
+    psa_algorithm_t alg = alg_arg;
+
+    /* Algorithm classification */
+    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+    TEST_ASSERT( PSA_ALG_IS_CIPHER( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+    algorithm_classification( alg, classification_flags );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void aead_algorithm( int alg_arg, int classification_flags,
+                     int tag_length_arg )
+{
+    psa_algorithm_t alg = alg_arg;
+    size_t tag_length = tag_length_arg;
+
+    /* Algorithm classification */
+    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+    TEST_ASSERT( PSA_ALG_IS_AEAD( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+    algorithm_classification( alg, classification_flags );
+
+    /* Tag length */
+    TEST_ASSERT( tag_length == PSA_AEAD_TAG_SIZE( alg ) );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_signature_algorithm( int alg_arg, int classification_flags )
+{
+    psa_algorithm_t alg = alg_arg;
+
+    /* Algorithm classification */
+    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+    TEST_ASSERT( PSA_ALG_IS_SIGN( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+    algorithm_classification( alg, classification_flags );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void asymmetric_encryption_algorithm( int alg_arg, int classification_flags )
+{
+    psa_algorithm_t alg = alg_arg;
+
+    /* Algorithm classification */
+    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+    TEST_ASSERT( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+    algorithm_classification( alg, classification_flags );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_agreement_algorithm( int alg_arg, int classification_flags )
+{
+    psa_algorithm_t alg = alg_arg;
+
+    /* Algorithm classification */
+    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+    TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+    algorithm_classification( alg, classification_flags );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_derivation_algorithm( int alg_arg, int classification_flags )
+{
+    psa_algorithm_t alg = alg_arg;
+
+    /* Algorithm classification */
+    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+    TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( alg ) );
+    algorithm_classification( alg, classification_flags );
+}
+/* END_CASE */
+

From 49cd3299089843bb16485e938a928393c6c3dfba Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 22 Aug 2018 18:43:09 +0200
Subject: [PATCH 494/889] Key type validation tests

For all key types, validate feature test macros (PSA_KEY_TYPE_IS_xxx).

For asymmetric keys (public key or key pair), validate the
corresponding public/pair type.

For ECC keys, validate GET_CURVE.
---
 .../test_suite_psa_crypto_metadata.data       | 122 ++++++++++++++++++
 .../test_suite_psa_crypto_metadata.function   |  81 ++++++++++++
 2 files changed, 203 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data
index d1a5986d8..714d094f2 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.data
+++ b/tests/suites/test_suite_psa_crypto_metadata.data
@@ -181,3 +181,125 @@ asymmetric_encryption_algorithm:PSA_ALG_RSA_OAEP( PSA_ALG_SHA_256 ):ALG_IS_RSA_O
 Key derivation: HKDF using SHA-256
 key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):ALG_IS_HKDF
 
+Key type: raw data
+key_type:PSA_KEY_TYPE_RAW_DATA:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: HMAC
+key_type:PSA_KEY_TYPE_HMAC:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: secret for key derivation
+key_type:PSA_KEY_TYPE_DERIVE:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: AES
+key_type:PSA_KEY_TYPE_AES:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: DES
+key_type:PSA_KEY_TYPE_DES:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: Camellia
+key_type:PSA_KEY_TYPE_CAMELLIA:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: ARC4
+key_type:PSA_KEY_TYPE_ARC4:KEY_TYPE_IS_UNSTRUCTURED
+
+Key type: RSA public key
+key_type:PSA_KEY_TYPE_RSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_RSA
+
+Key type: RSA key pair
+key_type:PSA_KEY_TYPE_RSA_KEYPAIR:KEY_TYPE_IS_KEYPAIR | KEY_TYPE_IS_RSA
+
+Key type: DSA public key
+key_type:PSA_KEY_TYPE_DSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_DSA
+
+Key type: DSA key pair
+key_type:PSA_KEY_TYPE_DSA_KEYPAIR:KEY_TYPE_IS_KEYPAIR | KEY_TYPE_IS_DSA
+
+ECC key types: sect163k1
+ecc_key_types:PSA_ECC_CURVE_SECT163K1
+
+ECC key types: sect163r1
+ecc_key_types:PSA_ECC_CURVE_SECT163R1
+
+ECC key types: sect163r2
+ecc_key_types:PSA_ECC_CURVE_SECT163R2
+
+ECC key types: sect193r1
+ecc_key_types:PSA_ECC_CURVE_SECT193R1
+
+ECC key types: sect193r2
+ecc_key_types:PSA_ECC_CURVE_SECT193R2
+
+ECC key types: sect233k1
+ecc_key_types:PSA_ECC_CURVE_SECT233K1
+
+ECC key types: sect233r1
+ecc_key_types:PSA_ECC_CURVE_SECT233R1
+
+ECC key types: sect239k1
+ecc_key_types:PSA_ECC_CURVE_SECT239K1
+
+ECC key types: sect283k1
+ecc_key_types:PSA_ECC_CURVE_SECT283K1
+
+ECC key types: sect283r1
+ecc_key_types:PSA_ECC_CURVE_SECT283R1
+
+ECC key types: sect409k1
+ecc_key_types:PSA_ECC_CURVE_SECT409K1
+
+ECC key types: sect409r1
+ecc_key_types:PSA_ECC_CURVE_SECT409R1
+
+ECC key types: sect571k1
+ecc_key_types:PSA_ECC_CURVE_SECT571K1
+
+ECC key types: sect571r1
+ecc_key_types:PSA_ECC_CURVE_SECT571R1
+
+ECC key types: secp160k1
+ecc_key_types:PSA_ECC_CURVE_SECP160K1
+
+ECC key types: secp160r1
+ecc_key_types:PSA_ECC_CURVE_SECP160R1
+
+ECC key types: secp160r2
+ecc_key_types:PSA_ECC_CURVE_SECP160R2
+
+ECC key types: secp192k1
+ecc_key_types:PSA_ECC_CURVE_SECP192K1
+
+ECC key types: secp192r1
+ecc_key_types:PSA_ECC_CURVE_SECP192R1
+
+ECC key types: secp224k1
+ecc_key_types:PSA_ECC_CURVE_SECP224K1
+
+ECC key types: secp224r1
+ecc_key_types:PSA_ECC_CURVE_SECP224R1
+
+ECC key types: secp256k1
+ecc_key_types:PSA_ECC_CURVE_SECP256K1
+
+ECC key types: secp256r1
+ecc_key_types:PSA_ECC_CURVE_SECP256R1
+
+ECC key types: secp384r1
+ecc_key_types:PSA_ECC_CURVE_SECP384R1
+
+ECC key types: secp521r1
+ecc_key_types:PSA_ECC_CURVE_SECP521R1
+
+ECC key types: Brainpool P256R1
+ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P256R1
+
+ECC key types: Brainpool P384R1
+ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P384R1
+
+ECC key types: Brainpool P512R1
+ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P512R1
+
+ECC key types: Curve25519
+ecc_key_types:PSA_ECC_CURVE_CURVE25519
+
+ECC key types: Curve448
+ecc_key_types:PSA_ECC_CURVE_CURVE448
diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
index d25aace10..0b8fba075 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.function
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -32,6 +32,18 @@
 #define ALG_IS_RSA_OAEP                 ( 1u << 14 )
 #define ALG_IS_HKDF                     ( 1u << 15 )
 
+/* Flags for key type classification macros. There is a flag for every
+ * key type classification macro PSA_KEY_TYPE_IS_xxx except for some that
+ * are tested as derived from other macros. The name of the flag is
+ * the name of the classification macro without the PSA_ prefix. */
+#define KEY_TYPE_IS_VENDOR_DEFINED      ( 1u << 0 )
+#define KEY_TYPE_IS_UNSTRUCTURED        ( 1u << 1 )
+#define KEY_TYPE_IS_PUBLIC_KEY          ( 1u << 2 )
+#define KEY_TYPE_IS_KEYPAIR             ( 1u << 3 )
+#define KEY_TYPE_IS_RSA                 ( 1u << 4 )
+#define KEY_TYPE_IS_DSA                 ( 1u << 5 )
+#define KEY_TYPE_IS_ECC                 ( 1u << 6 )
+
 #define TEST_CLASSIFICATION_MACRO( flag, alg, flags )            \
     TEST_ASSERT( PSA_##flag( alg ) == !! ( ( flags ) & flag ) )
 
@@ -58,6 +70,30 @@ void algorithm_classification( psa_algorithm_t alg, unsigned flags )
 exit: ;
 }
 
+void key_type_classification( psa_key_type_t type, unsigned flags )
+{
+    /* Macros tested based on the test case parameter */
+    TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_VENDOR_DEFINED, type, flags );
+    TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_UNSTRUCTURED, type, flags );
+    TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_PUBLIC_KEY, type, flags );
+    TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_KEYPAIR, type, flags );
+    TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_RSA, type, flags );
+    TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_ECC, type, flags );
+
+    /* Macros with derived semantics */
+    TEST_ASSERT( PSA_KEY_TYPE_IS_ASYMMETRIC( type ) ==
+                 ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ||
+                   PSA_KEY_TYPE_IS_KEYPAIR( type ) ) );
+    TEST_ASSERT( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) ==
+                 ( PSA_KEY_TYPE_IS_ECC( type ) &&
+                   PSA_KEY_TYPE_IS_KEYPAIR( type ) ) );
+    TEST_ASSERT( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) ==
+                 ( PSA_KEY_TYPE_IS_ECC( type ) &&
+                   PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) );
+
+exit: ;
+}
+
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
@@ -248,3 +284,48 @@ void key_derivation_algorithm( int alg_arg, int classification_flags )
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void key_type( int type_arg, int classification_flags )
+{
+    psa_key_type_t type = type_arg;
+
+    key_type_classification( type, classification_flags );
+
+    /* For asymmetric types, check the corresponding pair/public type */
+    if( classification_flags & KEY_TYPE_IS_PUBLIC_KEY )
+    {
+        psa_key_type_t pair_type = PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( type );
+        TEST_ASSERT( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( pair_type ) == type );
+        key_type_classification( pair_type,
+                                 ( classification_flags
+                                   & ~KEY_TYPE_IS_PUBLIC_KEY )
+                                 | KEY_TYPE_IS_KEYPAIR );
+        TEST_ASSERT( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ) == type );
+    }
+    if( classification_flags & KEY_TYPE_IS_KEYPAIR )
+    {
+        psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type );
+        TEST_ASSERT( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( public_type ) == type );
+        key_type_classification( public_type,
+                                 ( classification_flags
+                                   & ~KEY_TYPE_IS_KEYPAIR )
+                                 | KEY_TYPE_IS_PUBLIC_KEY );
+        TEST_ASSERT( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( type ) == type );
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void ecc_key_types( int curve_arg )
+{
+    psa_ecc_curve_t curve = curve_arg;
+    psa_key_type_t public_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve );
+    psa_key_type_t pair_type = PSA_KEY_TYPE_ECC_KEYPAIR( curve );
+
+    test_key_type( public_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_PUBLIC_KEY );
+    test_key_type( pair_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_KEYPAIR );
+
+    TEST_ASSERT( PSA_KEY_TYPE_GET_CURVE( public_type ) == curve );
+    TEST_ASSERT( PSA_KEY_TYPE_GET_CURVE( pair_type ) == curve );
+}
+/* END_CASE */

From d9c8260f23527d896945fd73e94775198b6f8e19 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 17 Sep 2018 13:58:36 +0200
Subject: [PATCH 495/889] Add dependencies to metadata validation tests

If some algorithms are excluded in the build, it's ok for the corresponding
macros not to give the correct results. Therefore the corresponding test cases
should depend on the implementation of the algorithm. For example, it's ok for
PSA_HASH_MAX_SIZE to be less than PSA_HASH_SIZE(PSA_ALG_SHA_512) if we build
without SHA-512 support, and we indeed do this. It's even ok for an
implementation to return 0 for PSA_ALG_IS_HASH(PSA_ALG_SHA_512) if it doesn't
support SHA-512; we return 1 anyway but the tests are less
implementation-specific if we don't enforce it.

This commit adds dependencies on symbols that don't exist in Mbed TLS,
for algorithms that Mbed TLS doesn't implement. These are:
MBEDTLS_SHA512_256 for SHA-512/256, MBEDTLS_SHA3_C for SHA-3,
MBEDTLS_DSA_C and MBEDTLS_DSA_DETERMINISTIC for DSA, and
MBEDTLS_ECP_DP_xxx_ENABLED for elliptic curves that have a PSA
encoding but are not supported in Mbed TLS.
---
 .../test_suite_psa_crypto_metadata.data       | 99 +++++++++++++++++++
 1 file changed, 99 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data
index 714d094f2..552e83160 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.data
+++ b/tests/suites/test_suite_psa_crypto_metadata.data
@@ -1,184 +1,245 @@
 Hash: MD2
+depends_on:MBEDTLS_MD2_C
 hash_algorithm:PSA_ALG_MD2:16
 
 Hash: MD4
+depends_on:MBEDTLS_MD4_C
 hash_algorithm:PSA_ALG_MD4:16
 
 Hash: MD5
+depends_on:MBEDTLS_MD5_C
 hash_algorithm:PSA_ALG_MD5:16
 
 Hash: RIPEMD160
+depends_on:MBEDTLS_RIPEMD160_C
 hash_algorithm:PSA_ALG_RIPEMD160:20
 
 Hash: SHA-1
+depends_on:MBEDTLS_SHA1_C
 hash_algorithm:PSA_ALG_SHA_1:20
 
 Hash: SHA-2 SHA-224
+depends_on:MBEDTLS_SHA256_C
 hash_algorithm:PSA_ALG_SHA_224:28
 
 Hash: SHA-2 SHA-256
+depends_on:MBEDTLS_SHA256_C
 hash_algorithm:PSA_ALG_SHA_256:32
 
 Hash: SHA-2 SHA-384
+depends_on:MBEDTLS_SHA512_C
 hash_algorithm:PSA_ALG_SHA_384:48
 
 Hash: SHA-2 SHA-512
+depends_on:MBEDTLS_SHA512_C
 hash_algorithm:PSA_ALG_SHA_512:64
 
 Hash: SHA-2 SHA-512/224
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
 hash_algorithm:PSA_ALG_SHA_512_224:28
 
 Hash: SHA-2 SHA-512/256
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
 hash_algorithm:PSA_ALG_SHA_512_256:32
 
 Hash: SHA-3 SHA3-224
+depends_on:MBEDTLS_SHA3_C
 hash_algorithm:PSA_ALG_SHA3_224:28
 
 Hash: SHA-3 SHA3-256
+depends_on:MBEDTLS_SHA3_C
 hash_algorithm:PSA_ALG_SHA3_256:32
 
 Hash: SHA-3 SHA3-384
+depends_on:MBEDTLS_SHA3_C
 hash_algorithm:PSA_ALG_SHA3_384:48
 
 Hash: SHA-3 SHA3-512
+depends_on:MBEDTLS_SHA3_C
 hash_algorithm:PSA_ALG_SHA3_512:64
 
 MAC: HMAC-MD2
+depends_on:MBEDTLS_MD2_C
 mac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD2 ):ALG_IS_HMAC:16:PSA_KEY_TYPE_HMAC:128
 
 MAC: HMAC-MD4
+depends_on:MBEDTLS_MD4_C
 mac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD4 ):ALG_IS_HMAC:16:PSA_KEY_TYPE_HMAC:128
 
 MAC: HMAC-MD5
+depends_on:MBEDTLS_MD5_C
 mac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):ALG_IS_HMAC:16:PSA_KEY_TYPE_HMAC:128
 
 MAC: HMAC-RIPEMD160
+depends_on:MBEDTLS_RIPEMD160_C
 mac_algorithm:PSA_ALG_HMAC( PSA_ALG_RIPEMD160 ):ALG_IS_HMAC:20:PSA_KEY_TYPE_HMAC:160
 
 MAC: HMAC-SHA-1
+depends_on:MBEDTLS_SHA1_C
 mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_1 ):ALG_IS_HMAC:20:PSA_KEY_TYPE_HMAC:160
 
 MAC: HMAC-SHA-224
+depends_on:MBEDTLS_SHA256_C
 mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_224 ):ALG_IS_HMAC:28:PSA_KEY_TYPE_HMAC:224
 
 MAC: HMAC-SHA-256
+depends_on:MBEDTLS_SHA256_C
 mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_256 ):ALG_IS_HMAC:32:PSA_KEY_TYPE_HMAC:256
 
 MAC: HMAC-SHA-384
+depends_on:MBEDTLS_SHA512_C
 mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_384 ):ALG_IS_HMAC:48:PSA_KEY_TYPE_HMAC:384
 
 MAC: HMAC-SHA-512
+depends_on:MBEDTLS_SHA512_C
 mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512 ):ALG_IS_HMAC:64:PSA_KEY_TYPE_HMAC:512
 
 MAC: HMAC-SHA-512/224
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
 mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_224 ):ALG_IS_HMAC:28:PSA_KEY_TYPE_HMAC:224
 
 MAC: HMAC-SHA-512/256
+depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
 mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_256 ):ALG_IS_HMAC:32:PSA_KEY_TYPE_HMAC:256
 
 MAC: HMAC-SHA3-224
+depends_on:MBEDTLS_SHA3_C
 mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_224 ):ALG_IS_HMAC:28:PSA_KEY_TYPE_HMAC:224
 
 MAC: HMAC-SHA3-256
+depends_on:MBEDTLS_SHA3_C
 mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_256 ):ALG_IS_HMAC:32:PSA_KEY_TYPE_HMAC:256
 
 MAC: HMAC-SHA3-384
+depends_on:MBEDTLS_SHA3_C
 mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_384 ):ALG_IS_HMAC:48:PSA_KEY_TYPE_HMAC:384
 
 MAC: HMAC-SHA3-512
+depends_on:MBEDTLS_SHA3_C
 mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_512 ):ALG_IS_HMAC:64:PSA_KEY_TYPE_HMAC:512
 
 MAC: CBC_MAC-AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
 mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
 
 MAC: CBC_MAC-AES-192
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
 mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
 
 MAC: CBC_MAC-AES-256
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
 mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
 
 MAC: CBC_MAC-3DES
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_C
 mac_algorithm:PSA_ALG_CBC_MAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192
 
 MAC: CMAC-AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
 mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
 
 MAC: CMAC-AES-192
+depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
 mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
 
 MAC: CMAC-AES-256
+depends_on:MBEDTLS_AES_C:MBEDTLS_CMAC_C
 mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
 
 MAC: CMAC-3DES
+depends_on:MBEDTLS_DES_C:MBEDTLS_CMAC_C
 mac_algorithm:PSA_ALG_CMAC:ALG_IS_BLOCK_CIPHER_MAC:8:PSA_KEY_TYPE_DES:192
 
 MAC: GMAC-AES-128
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:128
 
 MAC: GMAC-AES-192
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:192
 
 MAC: GMAC-AES-256
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 mac_algorithm:PSA_ALG_GMAC:ALG_IS_BLOCK_CIPHER_MAC:16:PSA_KEY_TYPE_AES:256
 
 Cipher: ARC4
+depends_on:MBEDTLS_ARC4_C
 cipher_algorithm:PSA_ALG_ARC4:ALG_IS_STREAM_CIPHER
 
 Cipher: CTR
+depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CTR
 cipher_algorithm:PSA_ALG_CTR:ALG_IS_STREAM_CIPHER
 
 Cipher: CFB
+depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CFB
 cipher_algorithm:PSA_ALG_CFB:ALG_IS_STREAM_CIPHER
 
 Cipher: OFB
+depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_OFB
 cipher_algorithm:PSA_ALG_OFB:ALG_IS_STREAM_CIPHER
 
 Cipher: CBC-nopad
+depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC
 cipher_algorithm:PSA_ALG_CBC_NO_PADDING:0
 
 Cipher: CBC-PKCS#7
+depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
 cipher_algorithm:PSA_ALG_CBC_PKCS7:0
 
 Cipher: XTS
+depends_on:MBEDTLS_CIPHER_C:MBEDTLS_CIPHER_MODE_XTS
 cipher_algorithm:PSA_ALG_XTS:0
 
 AEAD: CCM
+depends_on:MBEDTLS_CCM_C
 aead_algorithm:PSA_ALG_CCM:0:16
 
 AEAD: GCM
+depends_on:MBEDTLS_GCM_C
 aead_algorithm:PSA_ALG_GCM:0:16
 
 Asymmetric signature: RSA PKCS#1 v1.5 raw
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:ALG_IS_RSA_PKCS1V15_SIGN
 
 Asymmetric signature: RSA PKCS#1 v1.5 SHA-256
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
 asymmetric_signature_algorithm:PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 ):ALG_IS_RSA_PKCS1V15_SIGN
 
 Asymmetric signature: RSA PSS SHA-256
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
 asymmetric_signature_algorithm:PSA_ALG_RSA_PSS( PSA_ALG_SHA_256 ):ALG_IS_RSA_PSS
 
 Asymmetric signature: SHA-256 + randomized DSA SHA-256 using SHA-256
+depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C
 asymmetric_signature_algorithm:PSA_ALG_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_RANDOMIZED_DSA
 
 Asymmetric signature: SHA-256 + deterministic DSA using SHA-256
+depends_on:MBEDTLS_DSA_C:MBEDTLS_SHA256_C:MBEDTLS_DSA_DETERMINISTIC
 asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_DSA( PSA_ALG_SHA_256 ):ALG_IS_DSA | ALG_IS_DETERMINISTIC_DSA | ALG_DSA_IS_DETERMINISTIC
 
 Asymmetric signature: randomized ECDSA (no hashing)
+depends_on:MBEDTLS_ECDSA_C
 asymmetric_signature_algorithm:PSA_ALG_ECDSA_ANY:ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA
 
 Asymmetric signature: SHA-256 + randomized ECDSA
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C
 asymmetric_signature_algorithm:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_RANDOMIZED_ECDSA
 
 Asymmetric signature: SHA-256 + deterministic DSA using SHA-256
+depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
 asymmetric_signature_algorithm:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):ALG_IS_ECDSA | ALG_IS_DETERMINISTIC_ECDSA | ALG_ECDSA_IS_DETERMINISTIC
 
 Asymmetric encryption: RSA PKCS#1 v1.5
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encryption_algorithm:PSA_ALG_RSA_PKCS1V15_CRYPT:0
 
 Asymmetric encryption: RSA OAEP using SHA-256
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
 asymmetric_encryption_algorithm:PSA_ALG_RSA_OAEP( PSA_ALG_SHA_256 ):ALG_IS_RSA_OAEP
 
 Key derivation: HKDF using SHA-256
+depends_on:MBEDTLS_SHA256_C
 key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):ALG_IS_HKDF
 
 Key type: raw data
@@ -191,115 +252,153 @@ Key type: secret for key derivation
 key_type:PSA_KEY_TYPE_DERIVE:KEY_TYPE_IS_UNSTRUCTURED
 
 Key type: AES
+depends_on:MBEDTLS_AES_C
 key_type:PSA_KEY_TYPE_AES:KEY_TYPE_IS_UNSTRUCTURED
 
 Key type: DES
+depends_on:MBEDTLS_DES_C
 key_type:PSA_KEY_TYPE_DES:KEY_TYPE_IS_UNSTRUCTURED
 
 Key type: Camellia
+depends_on:MBEDTLS_CAMELLIA_C
 key_type:PSA_KEY_TYPE_CAMELLIA:KEY_TYPE_IS_UNSTRUCTURED
 
 Key type: ARC4
+depends_on:MBEDTLS_ARC4_C
 key_type:PSA_KEY_TYPE_ARC4:KEY_TYPE_IS_UNSTRUCTURED
 
 Key type: RSA public key
+depends_on:MBEDTLS_RSA_C
 key_type:PSA_KEY_TYPE_RSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_RSA
 
 Key type: RSA key pair
+depends_on:MBEDTLS_RSA_C
 key_type:PSA_KEY_TYPE_RSA_KEYPAIR:KEY_TYPE_IS_KEYPAIR | KEY_TYPE_IS_RSA
 
 Key type: DSA public key
+depends_on:MBEDTLS_DSA_C
 key_type:PSA_KEY_TYPE_DSA_PUBLIC_KEY:KEY_TYPE_IS_PUBLIC_KEY | KEY_TYPE_IS_DSA
 
 Key type: DSA key pair
+depends_on:MBEDTLS_DSA_C
 key_type:PSA_KEY_TYPE_DSA_KEYPAIR:KEY_TYPE_IS_KEYPAIR | KEY_TYPE_IS_DSA
 
 ECC key types: sect163k1
+depends_on:MBEDTLS_ECP_DP_SECT163K1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECT163K1
 
 ECC key types: sect163r1
+depends_on:MBEDTLS_ECP_DP_SECT163R1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECT163R1
 
 ECC key types: sect163r2
+depends_on:MBEDTLS_ECP_DP_SECT163R2_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECT163R2
 
 ECC key types: sect193r1
+depends_on:MBEDTLS_ECP_DP_SECT193R1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECT193R1
 
 ECC key types: sect193r2
+depends_on:MBEDTLS_ECP_DP_SECT193R2_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECT193R2
 
 ECC key types: sect233k1
+depends_on:MBEDTLS_ECP_DP_SECT233K1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECT233K1
 
 ECC key types: sect233r1
+depends_on:MBEDTLS_ECP_DP_SECT233R1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECT233R1
 
 ECC key types: sect239k1
+depends_on:MBEDTLS_ECP_DP_SECT239K1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECT239K1
 
 ECC key types: sect283k1
+depends_on:MBEDTLS_ECP_DP_SECT283K1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECT283K1
 
 ECC key types: sect283r1
+depends_on:MBEDTLS_ECP_DP_SECT283R1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECT283R1
 
 ECC key types: sect409k1
+depends_on:MBEDTLS_ECP_DP_SECT409K1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECT409K1
 
 ECC key types: sect409r1
+depends_on:MBEDTLS_ECP_DP_SECT409R1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECT409R1
 
 ECC key types: sect571k1
+depends_on:MBEDTLS_ECP_DP_SECT571K1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECT571K1
 
 ECC key types: sect571r1
+depends_on:MBEDTLS_ECP_DP_SECT571R1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECT571R1
 
 ECC key types: secp160k1
+depends_on:MBEDTLS_ECP_DP_SECP160K1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECP160K1
 
 ECC key types: secp160r1
+depends_on:MBEDTLS_ECP_DP_SECP160R1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECP160R1
 
 ECC key types: secp160r2
+depends_on:MBEDTLS_ECP_DP_SECP160R2_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECP160R2
 
 ECC key types: secp192k1
+depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECP192K1
 
 ECC key types: secp192r1
+depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECP192R1
 
 ECC key types: secp224k1
+depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECP224K1
 
 ECC key types: secp224r1
+depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECP224R1
 
 ECC key types: secp256k1
+depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECP256K1
 
 ECC key types: secp256r1
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECP256R1
 
 ECC key types: secp384r1
+depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECP384R1
 
 ECC key types: secp521r1
+depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_SECP521R1
 
 ECC key types: Brainpool P256R1
+depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P256R1
 
 ECC key types: Brainpool P384R1
+depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P384R1
 
 ECC key types: Brainpool P512R1
+depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED
 ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P512R1
 
 ECC key types: Curve25519
+depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
 ecc_key_types:PSA_ECC_CURVE_CURVE25519
 
 ECC key types: Curve448
+depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
 ecc_key_types:PSA_ECC_CURVE_CURVE448

From 3052f53c37a4be1b66fc032cae898097c1f66363 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 17 Sep 2018 14:13:26 +0200
Subject: [PATCH 496/889] Add block sizes to HMAC metadata validation tests

---
 include/psa/crypto_sizes.h                    |  3 ++
 .../test_suite_psa_crypto_metadata.data       | 30 +++++++++----------
 .../test_suite_psa_crypto_metadata.function   | 21 ++++++++++++-
 3 files changed, 38 insertions(+), 16 deletions(-)

diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index 4aa7cd89e..edb240be0 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -58,6 +58,9 @@
  * should be the maximum size of a hash supported by the implementation,
  * in bytes, and must be no smaller than this maximum.
  */
+/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-226,
+ * 136 bytes for HMAC-SHA3-256, 104 bytes for SHA3-384, 72 bytes for
+ * HMAC-SHA3-512. */
 #if defined(MBEDTLS_SHA512_C)
 #define PSA_HASH_MAX_SIZE 64
 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128
diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data
index 552e83160..ca42d5b9a 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.data
+++ b/tests/suites/test_suite_psa_crypto_metadata.data
@@ -60,63 +60,63 @@ hash_algorithm:PSA_ALG_SHA3_512:64
 
 MAC: HMAC-MD2
 depends_on:MBEDTLS_MD2_C
-mac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD2 ):ALG_IS_HMAC:16:PSA_KEY_TYPE_HMAC:128
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD2 ):16:64
 
 MAC: HMAC-MD4
 depends_on:MBEDTLS_MD4_C
-mac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD4 ):ALG_IS_HMAC:16:PSA_KEY_TYPE_HMAC:128
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD4 ):16:64
 
 MAC: HMAC-MD5
 depends_on:MBEDTLS_MD5_C
-mac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):ALG_IS_HMAC:16:PSA_KEY_TYPE_HMAC:128
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):16:64
 
 MAC: HMAC-RIPEMD160
 depends_on:MBEDTLS_RIPEMD160_C
-mac_algorithm:PSA_ALG_HMAC( PSA_ALG_RIPEMD160 ):ALG_IS_HMAC:20:PSA_KEY_TYPE_HMAC:160
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_RIPEMD160 ):20:64
 
 MAC: HMAC-SHA-1
 depends_on:MBEDTLS_SHA1_C
-mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_1 ):ALG_IS_HMAC:20:PSA_KEY_TYPE_HMAC:160
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_1 ):20:64
 
 MAC: HMAC-SHA-224
 depends_on:MBEDTLS_SHA256_C
-mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_224 ):ALG_IS_HMAC:28:PSA_KEY_TYPE_HMAC:224
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_224 ):28:64
 
 MAC: HMAC-SHA-256
 depends_on:MBEDTLS_SHA256_C
-mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_256 ):ALG_IS_HMAC:32:PSA_KEY_TYPE_HMAC:256
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_256 ):32:64
 
 MAC: HMAC-SHA-384
 depends_on:MBEDTLS_SHA512_C
-mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_384 ):ALG_IS_HMAC:48:PSA_KEY_TYPE_HMAC:384
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_384 ):48:128
 
 MAC: HMAC-SHA-512
 depends_on:MBEDTLS_SHA512_C
-mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512 ):ALG_IS_HMAC:64:PSA_KEY_TYPE_HMAC:512
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512 ):64:128
 
 MAC: HMAC-SHA-512/224
 depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
-mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_224 ):ALG_IS_HMAC:28:PSA_KEY_TYPE_HMAC:224
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_224 ):28:128
 
 MAC: HMAC-SHA-512/256
 depends_on:MBEDTLS_SHA512_C:MBEDTLS_SHA512_256
-mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_256 ):ALG_IS_HMAC:32:PSA_KEY_TYPE_HMAC:256
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA_512_256 ):32:128
 
 MAC: HMAC-SHA3-224
 depends_on:MBEDTLS_SHA3_C
-mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_224 ):ALG_IS_HMAC:28:PSA_KEY_TYPE_HMAC:224
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_224 ):28:144
 
 MAC: HMAC-SHA3-256
 depends_on:MBEDTLS_SHA3_C
-mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_256 ):ALG_IS_HMAC:32:PSA_KEY_TYPE_HMAC:256
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_256 ):32:136
 
 MAC: HMAC-SHA3-384
 depends_on:MBEDTLS_SHA3_C
-mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_384 ):ALG_IS_HMAC:48:PSA_KEY_TYPE_HMAC:384
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_384 ):48:104
 
 MAC: HMAC-SHA3-512
 depends_on:MBEDTLS_SHA3_C
-mac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_512 ):ALG_IS_HMAC:64:PSA_KEY_TYPE_HMAC:512
+hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_SHA3_512 ):64:72
 
 MAC: CBC_MAC-AES-128
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_C
diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
index 0b8fba075..bbd51717f 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.function
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -138,7 +138,7 @@ void hash_algorithm( int alg_arg, int length_arg )
     TEST_ASSERT( PSA_ALG_RSA_OAEP_GET_HASH( rsa_oaep_alg ) == alg );
     TEST_ASSERT( PSA_ALG_HKDF_GET_HASH( hkdf_alg ) == alg );
 
-    /* Hash length and block size */
+    /* Hash length */
     TEST_ASSERT( length == PSA_HASH_SIZE( alg ) );
     TEST_ASSERT( length <= PSA_HASH_MAX_SIZE );
 }
@@ -171,6 +171,25 @@ void mac_algorithm( int alg_arg, int classification_flags,
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void hmac_algorithm( int alg_arg,
+                     int length_arg,
+                     int block_size_arg )
+{
+    psa_algorithm_t alg = alg_arg;
+    psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg );
+    size_t block_size = block_size_arg;
+
+    TEST_ASSERT( PSA_ALG_IS_HASH( hash_alg ) );
+    TEST_ASSERT( PSA_ALG_HMAC( hash_alg ) == alg );
+
+    TEST_ASSERT( block_size <= PSA_HMAC_MAX_HASH_BLOCK_SIZE );
+
+    test_mac_algorithm( alg_arg, ALG_IS_HMAC, length_arg,
+                        PSA_KEY_TYPE_HMAC, PSA_BYTES_TO_BITS( length_arg ) );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void cipher_algorithm( int alg_arg, int classification_flags )
 {

From fa764b161bdd00e5b244e1be6afc6ef0cf35dbbe Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 17 Sep 2018 14:19:57 +0200
Subject: [PATCH 497/889] Add curve sizes to ECC curve metadata validation
 tests

---
 .../test_suite_psa_crypto_metadata.data       | 60 +++++++++----------
 .../test_suite_psa_crypto_metadata.function   |  8 ++-
 2 files changed, 37 insertions(+), 31 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data
index ca42d5b9a..c9df6c74e 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.data
+++ b/tests/suites/test_suite_psa_crypto_metadata.data
@@ -285,120 +285,120 @@ key_type:PSA_KEY_TYPE_DSA_KEYPAIR:KEY_TYPE_IS_KEYPAIR | KEY_TYPE_IS_DSA
 
 ECC key types: sect163k1
 depends_on:MBEDTLS_ECP_DP_SECT163K1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECT163K1
+ecc_key_types:PSA_ECC_CURVE_SECT163K1:163
 
 ECC key types: sect163r1
 depends_on:MBEDTLS_ECP_DP_SECT163R1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECT163R1
+ecc_key_types:PSA_ECC_CURVE_SECT163R1:163
 
 ECC key types: sect163r2
 depends_on:MBEDTLS_ECP_DP_SECT163R2_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECT163R2
+ecc_key_types:PSA_ECC_CURVE_SECT163R2:163
 
 ECC key types: sect193r1
 depends_on:MBEDTLS_ECP_DP_SECT193R1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECT193R1
+ecc_key_types:PSA_ECC_CURVE_SECT193R1:193
 
 ECC key types: sect193r2
 depends_on:MBEDTLS_ECP_DP_SECT193R2_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECT193R2
+ecc_key_types:PSA_ECC_CURVE_SECT193R2:193
 
 ECC key types: sect233k1
 depends_on:MBEDTLS_ECP_DP_SECT233K1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECT233K1
+ecc_key_types:PSA_ECC_CURVE_SECT233K1:233
 
 ECC key types: sect233r1
 depends_on:MBEDTLS_ECP_DP_SECT233R1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECT233R1
+ecc_key_types:PSA_ECC_CURVE_SECT233R1:233
 
 ECC key types: sect239k1
 depends_on:MBEDTLS_ECP_DP_SECT239K1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECT239K1
+ecc_key_types:PSA_ECC_CURVE_SECT239K1:239
 
 ECC key types: sect283k1
 depends_on:MBEDTLS_ECP_DP_SECT283K1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECT283K1
+ecc_key_types:PSA_ECC_CURVE_SECT283K1:283
 
 ECC key types: sect283r1
 depends_on:MBEDTLS_ECP_DP_SECT283R1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECT283R1
+ecc_key_types:PSA_ECC_CURVE_SECT283R1:283
 
 ECC key types: sect409k1
 depends_on:MBEDTLS_ECP_DP_SECT409K1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECT409K1
+ecc_key_types:PSA_ECC_CURVE_SECT409K1:409
 
 ECC key types: sect409r1
 depends_on:MBEDTLS_ECP_DP_SECT409R1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECT409R1
+ecc_key_types:PSA_ECC_CURVE_SECT409R1:409
 
 ECC key types: sect571k1
 depends_on:MBEDTLS_ECP_DP_SECT571K1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECT571K1
+ecc_key_types:PSA_ECC_CURVE_SECT571K1:571
 
 ECC key types: sect571r1
 depends_on:MBEDTLS_ECP_DP_SECT571R1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECT571R1
+ecc_key_types:PSA_ECC_CURVE_SECT571R1:571
 
 ECC key types: secp160k1
 depends_on:MBEDTLS_ECP_DP_SECP160K1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECP160K1
+ecc_key_types:PSA_ECC_CURVE_SECP160K1:160
 
 ECC key types: secp160r1
 depends_on:MBEDTLS_ECP_DP_SECP160R1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECP160R1
+ecc_key_types:PSA_ECC_CURVE_SECP160R1:160
 
 ECC key types: secp160r2
 depends_on:MBEDTLS_ECP_DP_SECP160R2_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECP160R2
+ecc_key_types:PSA_ECC_CURVE_SECP160R2:160
 
 ECC key types: secp192k1
 depends_on:MBEDTLS_ECP_DP_SECP192K1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECP192K1
+ecc_key_types:PSA_ECC_CURVE_SECP192K1:192
 
 ECC key types: secp192r1
 depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECP192R1
+ecc_key_types:PSA_ECC_CURVE_SECP192R1:192
 
 ECC key types: secp224k1
 depends_on:MBEDTLS_ECP_DP_SECP224K1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECP224K1
+ecc_key_types:PSA_ECC_CURVE_SECP224K1:224
 
 ECC key types: secp224r1
 depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECP224R1
+ecc_key_types:PSA_ECC_CURVE_SECP224R1:224
 
 ECC key types: secp256k1
 depends_on:MBEDTLS_ECP_DP_SECP256K1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECP256K1
+ecc_key_types:PSA_ECC_CURVE_SECP256K1:256
 
 ECC key types: secp256r1
 depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECP256R1
+ecc_key_types:PSA_ECC_CURVE_SECP256R1:256
 
 ECC key types: secp384r1
 depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECP384R1
+ecc_key_types:PSA_ECC_CURVE_SECP384R1:384
 
 ECC key types: secp521r1
 depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_SECP521R1
+ecc_key_types:PSA_ECC_CURVE_SECP521R1:521
 
 ECC key types: Brainpool P256R1
 depends_on:MBEDTLS_ECP_DP_BP256R1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P256R1
+ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P256R1:256
 
 ECC key types: Brainpool P384R1
 depends_on:MBEDTLS_ECP_DP_BP384R1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P384R1
+ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P384R1:384
 
 ECC key types: Brainpool P512R1
 depends_on:MBEDTLS_ECP_DP_BP512R1_ENABLED
-ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P512R1
+ecc_key_types:PSA_ECC_CURVE_BRAINPOOL_P512R1:512
 
 ECC key types: Curve25519
 depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED
-ecc_key_types:PSA_ECC_CURVE_CURVE25519
+ecc_key_types:PSA_ECC_CURVE_CURVE25519:255
 
 ECC key types: Curve448
 depends_on:MBEDTLS_ECP_DP_CURVE448_ENABLED
-ecc_key_types:PSA_ECC_CURVE_CURVE448
+ecc_key_types:PSA_ECC_CURVE_CURVE448:448
diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
index bbd51717f..ca9d5576a 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.function
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -335,9 +335,10 @@ void key_type( int type_arg, int classification_flags )
 /* END_CASE */
 
 /* BEGIN_CASE */
-void ecc_key_types( int curve_arg )
+void ecc_key_types( int curve_arg, int curve_bits_arg )
 {
     psa_ecc_curve_t curve = curve_arg;
+    size_t curve_bits = curve_bits_arg;
     psa_key_type_t public_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve );
     psa_key_type_t pair_type = PSA_KEY_TYPE_ECC_KEYPAIR( curve );
 
@@ -346,5 +347,10 @@ void ecc_key_types( int curve_arg )
 
     TEST_ASSERT( PSA_KEY_TYPE_GET_CURVE( public_type ) == curve );
     TEST_ASSERT( PSA_KEY_TYPE_GET_CURVE( pair_type ) == curve );
+
+    /* Validate that the bit size is less than the maximum ECC bit size
+     * in this implementation. There's no parameter that should be equal
+     * to curve_bits and can be validated without creating a key. */
+    TEST_ASSERT( curve_bits <= PSA_VENDOR_ECC_MAX_CURVE_BITS );
 }
 /* END_CASE */

From 8954d0c274fedb54f416d65255d61fb8b3e909f8 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 27 Sep 2018 13:51:25 +0200
Subject: [PATCH 498/889] Write documentation for TEST_ASSERT

---
 tests/suites/helpers.function | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function
index 32b1b790d..ad219ab63 100644
--- a/tests/suites/helpers.function
+++ b/tests/suites/helpers.function
@@ -69,6 +69,18 @@ typedef struct data_tag
 /*----------------------------------------------------------------------------*/
 /* Macros */
 
+/** Evaluate an expression and fail the test case if it is false.
+ *
+ * Failing the test means:
+ * - Mark this test case as failed.
+ * - Print a message identifying the failure.
+ * - Jump to the \c exit label.
+ *
+ * This macro expands to an instruction, not an expression.
+ * It may jump to the \c exit label.
+ *
+ * \param TEST      The expression to evaluate.
+ */
 #define TEST_ASSERT( TEST )                         \
     do {                                            \
         if( ! (TEST) )                              \

From b75125c5ff2989f83b59d1259a0603d520783949 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 27 Sep 2018 13:52:16 +0200
Subject: [PATCH 499/889] New macro ASSERT_ALLOC to allocate memory in tests

The new macro ASSERT_ALLOC allocates memory with mbedtls_calloc and
fails the test if the allocation fails. It outputs a null pointer if
the requested size is 0. It is meant to replace existing calls to
mbedtls_calloc.
---
 tests/suites/helpers.function | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function
index ad219ab63..0a4cf8737 100644
--- a/tests/suites/helpers.function
+++ b/tests/suites/helpers.function
@@ -90,6 +90,37 @@ typedef struct data_tag
         }                                           \
     } while( 0 )
 
+/** Allocate memory dynamically and fail the test case if this fails.
+ *
+ * You must set \p pointer to \c NULL before calling this macro and
+ * put `mbedtls_free( pointer )` in the test's cleanup code.
+ *
+ * If \p size is zero, the resulting \p pointer will be \c NULL.
+ * This is usually what we want in tests since API functions are
+ * supposed to accept null pointers when a buffer size is zero.
+ *
+ * This macro expands to an instruction, not an expression.
+ * It may jump to the \c exit label.
+ *
+ * \param pointer   An lvalue where the address of the allocated buffer
+ *                  will be stored.
+ *                  This expression may be evaluated multiple times.
+ * \param size      Buffer size to allocate in bytes.
+ *                  This expression may be evaluated multiple times.
+ *
+ */
+#define ASSERT_ALLOC( pointer, size )                           \
+    do                                                          \
+    {                                                           \
+        TEST_ASSERT( ( pointer ) == NULL );                     \
+        if( ( size ) != 0 )                                     \
+        {                                                       \
+            ( pointer ) = mbedtls_calloc( 1, ( size ) );        \
+            TEST_ASSERT( ( pointer ) != NULL );                 \
+        }                                                       \
+    }                                                           \
+    while( 0 )
+
 #define assert(a) if( !( a ) )                                      \
 {                                                                   \
     mbedtls_fprintf( stderr, "Assertion Failed at %s:%d - %s\n",   \

From 8cebbba7e6509d58a29aecdae7f45361b1372d0d Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 27 Sep 2018 13:54:18 +0200
Subject: [PATCH 500/889] Use ASSERT_ALLOC instead of mbedtls_calloc in PSA
 tests

This commit resolves a bug whereby some test cases failed on systems
where mbedtls_calloc returns NULL when the size of 0, because the test
case asserted `pointer != NULL` regardless of the size.
---
 tests/suites/test_suite_psa_crypto.function | 103 +++++++-------------
 1 file changed, 37 insertions(+), 66 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 81ddee003..a55cfc7ac 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -703,8 +703,7 @@ static int exercise_export_key( psa_key_slot_t slot,
     }
 
     exported_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits );
-    exported = mbedtls_calloc( 1, exported_size );
-    TEST_ASSERT( exported != NULL );
+    ASSERT_ALLOC( exported, exported_size );
 
     TEST_ASSERT( psa_export_key( slot,
                                  exported, exported_size,
@@ -737,8 +736,7 @@ static int exercise_export_public_key( psa_key_slot_t slot )
 
     public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type );
     exported_size = PSA_KEY_EXPORT_MAX_SIZE( public_type, bits );
-    exported = mbedtls_calloc( 1, exported_size );
-    TEST_ASSERT( exported != NULL );
+    ASSERT_ALLOC( exported, exported_size );
 
     TEST_ASSERT( psa_export_public_key( slot,
                                         exported, exported_size,
@@ -898,13 +896,13 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg )
         keypair ? PSA_KEY_TYPE_RSA_KEYPAIR : PSA_KEY_TYPE_RSA_PUBLIC_KEY;
     size_t buffer_size = /* Slight overapproximations */
         keypair ? bits * 9 / 16 + 80 : bits / 8 + 20;
-    unsigned char *buffer = mbedtls_calloc( 1, buffer_size );
+    unsigned char *buffer = NULL;
     unsigned char *p;
     int ret;
     size_t length;
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-    TEST_ASSERT( buffer != NULL );
+    ASSERT_ALLOC( buffer, buffer_size );
 
     TEST_ASSERT( ( ret = construct_fake_rsa_key( buffer, buffer_size, &p,
                                                  bits, keypair ) ) >= 0 );
@@ -950,13 +948,9 @@ void import_export( data_t *data,
     TEST_ASSERT( data != NULL );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
     export_size = (ptrdiff_t) data->len + export_size_delta;
-    exported = mbedtls_calloc( 1, export_size );
-    TEST_ASSERT( export_size == 0 || exported != NULL );
+    ASSERT_ALLOC( exported, export_size );
     if( ! canonical_input )
-    {
-        reexported = mbedtls_calloc( 1, export_size );
-        TEST_ASSERT( export_size == 0 || reexported != NULL );
-    }
+        ASSERT_ALLOC( reexported, export_size );
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
@@ -1054,8 +1048,7 @@ void import_export_public_key( data_t *data,
     TEST_ASSERT( data != NULL );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
     export_size = (ptrdiff_t) data->len;
-    exported = mbedtls_calloc( 1, export_size );
-    TEST_ASSERT( exported != NULL );
+    ASSERT_ALLOC( exported, export_size );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -1367,8 +1360,7 @@ void asymmetric_encryption_key_policy( int policy_usage,
                                           &key_bits ) == PSA_SUCCESS );
     buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits,
                                                         exercise_alg );
-    buffer = mbedtls_calloc( 1, buffer_length );
-    TEST_ASSERT( buffer != NULL );
+    ASSERT_ALLOC( buffer, buffer_length );
 
     status = psa_asymmetric_encrypt( key_slot, exercise_alg,
                                      NULL, 0,
@@ -1786,8 +1778,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
                                     iv, iv_size ) == PSA_SUCCESS );
     output_buffer_size = (size_t) input->len +
                          PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
-    output = mbedtls_calloc( 1, output_buffer_size );
-    TEST_ASSERT( output != NULL );
+    ASSERT_ALLOC( output, output_buffer_size );
 
     TEST_ASSERT( psa_cipher_update( &operation,
                                     input->x, input->len,
@@ -1861,8 +1852,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
     output_buffer_size = (size_t) input->len +
                          PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
-    output = mbedtls_calloc( 1, output_buffer_size );
-    TEST_ASSERT( output != NULL );
+    ASSERT_ALLOC( output, output_buffer_size );
 
     TEST_ASSERT( (unsigned int) first_part_size < input->len );
     TEST_ASSERT( psa_cipher_update( &operation, input->x, first_part_size,
@@ -1940,8 +1930,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
 
     output_buffer_size = (size_t) input->len +
                          PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
-    output = mbedtls_calloc( 1, output_buffer_size );
-    TEST_ASSERT( output != NULL );
+    ASSERT_ALLOC( output, output_buffer_size );
 
     TEST_ASSERT( (unsigned int) first_part_size < input->len );
     TEST_ASSERT( psa_cipher_update( &operation,
@@ -2020,8 +2009,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
 
     output_buffer_size = (size_t) input->len +
                          PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
-    output = mbedtls_calloc( 1, output_buffer_size );
-    TEST_ASSERT( output != NULL );
+    ASSERT_ALLOC( output, output_buffer_size );
 
     TEST_ASSERT( psa_cipher_update( &operation,
                                     input->x, input->len,
@@ -2096,8 +2084,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
                                          &iv_length ) == PSA_SUCCESS );
     output1_size = (size_t) input->len +
                    PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
-    output1 = mbedtls_calloc( 1, output1_size );
-    TEST_ASSERT( output1 != NULL );
+    ASSERT_ALLOC( output1, output1_size );
 
     TEST_ASSERT( psa_cipher_update( &operation1, input->x, input->len,
                                     output1, output1_size,
@@ -2111,8 +2098,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 
     output2_size = output1_length;
-    output2 = mbedtls_calloc( 1, output2_size );
-    TEST_ASSERT( output2 != NULL );
+    ASSERT_ALLOC( output2, output2_size );
 
     TEST_ASSERT( psa_cipher_set_iv( &operation2,
                                     iv, iv_length ) == PSA_SUCCESS );
@@ -2188,8 +2174,7 @@ void cipher_verify_output_multipart( int alg_arg,
                                          &iv_length ) == PSA_SUCCESS );
     output1_buffer_size = (size_t) input->len +
                           PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
-    output1 = mbedtls_calloc( 1, output1_buffer_size );
-    TEST_ASSERT( output1 != NULL );
+    ASSERT_ALLOC( output1, output1_buffer_size );
 
     TEST_ASSERT( (unsigned int) first_part_size < input->len );
 
@@ -2214,8 +2199,7 @@ void cipher_verify_output_multipart( int alg_arg,
     TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
 
     output2_buffer_size = output1_length;
-    output2 = mbedtls_calloc( 1, output2_buffer_size );
-    TEST_ASSERT( output2 != NULL );
+    ASSERT_ALLOC( output2, output2_buffer_size );
 
     TEST_ASSERT( psa_cipher_set_iv( &operation2,
                                     iv, iv_length ) == PSA_SUCCESS );
@@ -2282,8 +2266,7 @@ void aead_encrypt_decrypt( int key_type_arg,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) );
 
     output_size = input_data->len + tag_length;
-    output_data = mbedtls_calloc( 1, output_size );
-    TEST_ASSERT( output_data != NULL );
+    ASSERT_ALLOC( output_data, output_size );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -2306,8 +2289,7 @@ void aead_encrypt_decrypt( int key_type_arg,
 
     if( PSA_SUCCESS == expected_result )
     {
-        output_data2 = mbedtls_calloc( 1, output_length );
-        TEST_ASSERT( output_data2 != NULL );
+        ASSERT_ALLOC( output_data2, output_length );
 
         TEST_ASSERT( psa_aead_decrypt( slot, alg,
                                        nonce->x, nonce->len,
@@ -2356,8 +2338,7 @@ void aead_encrypt( int key_type_arg, data_t * key_data,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_result->len ) );
 
     output_size = input_data->len + tag_length;
-    output_data = mbedtls_calloc( 1, output_size );
-    TEST_ASSERT( output_data != NULL );
+    ASSERT_ALLOC( output_data, output_size );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -2414,8 +2395,7 @@ void aead_decrypt( int key_type_arg, data_t * key_data,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) );
 
     output_size = input_data->len + tag_length;
-    output_data = mbedtls_calloc( 1, output_size );
-    TEST_ASSERT( output_data != NULL );
+    ASSERT_ALLOC( output_data, output_size );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -2503,8 +2483,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
                                                       key_bits, alg );
     TEST_ASSERT( signature_size != 0 );
     TEST_ASSERT( signature_size <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE );
-    signature = mbedtls_calloc( 1, signature_size );
-    TEST_ASSERT( signature != NULL );
+    ASSERT_ALLOC( signature, signature_size );
 
     /* Perform the signature. */
     TEST_ASSERT( psa_asymmetric_sign( slot, alg,
@@ -2543,8 +2522,7 @@ void sign_fail( int key_type_arg, data_t *key_data,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
 
-    signature = mbedtls_calloc( 1, signature_size );
-    TEST_ASSERT( signature != NULL );
+    ASSERT_ALLOC( signature, signature_size );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -2608,8 +2586,7 @@ void sign_verify( int key_type_arg, data_t *key_data,
                                                       key_bits, alg );
     TEST_ASSERT( signature_size != 0 );
     TEST_ASSERT( signature_size <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE );
-    signature = mbedtls_calloc( 1, signature_size );
-    TEST_ASSERT( signature != NULL );
+    ASSERT_ALLOC( signature, signature_size );
 
     /* Perform the signature. */
     TEST_ASSERT( psa_asymmetric_sign( slot, alg,
@@ -2764,8 +2741,7 @@ void asymmetric_encrypt( int key_type_arg,
                                           NULL,
                                           &key_bits ) == PSA_SUCCESS );
     output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
-    output = mbedtls_calloc( 1, output_size );
-    TEST_ASSERT( output_size == 0 || output != NULL );
+    ASSERT_ALLOC( output, output_size );
 
     /* Encrypt the input */
     actual_status = psa_asymmetric_encrypt( slot, alg,
@@ -2840,11 +2816,9 @@ void asymmetric_encrypt_decrypt( int key_type_arg,
                                           NULL,
                                           &key_bits ) == PSA_SUCCESS );
     output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
-    output = mbedtls_calloc( 1, output_size );
-    TEST_ASSERT( output != NULL );
+    ASSERT_ALLOC( output, output_size );
     output2_size = input_data->len;
-    output2 = mbedtls_calloc( 1, output2_size );
-    TEST_ASSERT( output2 != NULL );
+    ASSERT_ALLOC( output2, output2_size );
 
     /* We test encryption by checking that encrypt-then-decrypt gives back
      * the original plaintext because of the non-optional random
@@ -2899,8 +2873,7 @@ void asymmetric_decrypt( int key_type_arg,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) );
 
     output_size = key_data->len;
-    output = mbedtls_calloc( 1, output_size );
-    TEST_ASSERT( output != NULL );
+    ASSERT_ALLOC( output, output_size );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -2968,8 +2941,7 @@ void asymmetric_decrypt_fail( int key_type_arg,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
 
     output_size = key_data->len;
-    output = mbedtls_calloc( 1, output_size );
-    TEST_ASSERT( output != NULL );
+    ASSERT_ALLOC( output, output_size );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -3082,8 +3054,7 @@ void derive_output( int alg_arg,
         if( output_sizes[i] == 0 )
             expected_outputs[i] = NULL;
     }
-    output_buffer = mbedtls_calloc( 1, output_buffer_size );
-    TEST_ASSERT( output_buffer != NULL );
+    ASSERT_ALLOC( output_buffer, output_buffer_size );
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
@@ -3292,13 +3263,13 @@ void derive_key_export( int alg_arg,
     size_t bytes2 = bytes2_arg;
     size_t capacity = bytes1 + bytes2;
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
-    uint8_t *output_buffer = mbedtls_calloc( 1, capacity );
-    uint8_t *export_buffer = mbedtls_calloc( 1, capacity );
+    uint8_t *output_buffer = NULL;
+    uint8_t *export_buffer = NULL;
     psa_key_policy_t policy;
     size_t length;
 
-    TEST_ASSERT( output_buffer != NULL );
-    TEST_ASSERT( export_buffer != NULL );
+    ASSERT_ALLOC( output_buffer, capacity );
+    ASSERT_ALLOC( export_buffer, capacity );
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
@@ -3362,13 +3333,13 @@ void generate_random( int bytes_arg )
 {
     size_t bytes = bytes_arg;
     const unsigned char trail[] = "don't overwrite me";
-    unsigned char *output = mbedtls_calloc( 1, bytes + sizeof( trail ) );
-    unsigned char *changed = mbedtls_calloc( 1, bytes );
+    unsigned char *output = NULL;
+    unsigned char *changed = NULL;
     size_t i;
     unsigned run;
 
-    TEST_ASSERT( output != NULL );
-    TEST_ASSERT( bytes == 0 || changed != NULL );
+    ASSERT_ALLOC( output, bytes + sizeof( trail ) );
+    ASSERT_ALLOC( changed, bytes );
     memcpy( output + bytes, trail, sizeof( trail ) );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );

From 3c22596d9b1d5d82e8eaff48c20f215c4f93ffc2 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 27 Sep 2018 13:56:31 +0200
Subject: [PATCH 501/889] New macro ASSERT_COMPARE to compare two buffers

ASSERT_COMPARE tests that the two buffers have the same size and
content. The intended use is to replace TEST_ASSERT( size1 == size2 )
followed by memcmp on the content. Keep using memcmp when comparing
two buffers that have the same size by construction.
---
 tests/suites/helpers.function | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function
index 0a4cf8737..f416b3035 100644
--- a/tests/suites/helpers.function
+++ b/tests/suites/helpers.function
@@ -121,6 +121,27 @@ typedef struct data_tag
     }                                                           \
     while( 0 )
 
+/** Compare two buffers and fail the test case if they differ.
+ *
+ * This macro expands to an instruction, not an expression.
+ * It may jump to the \c exit label.
+ *
+ * \param p1        Pointer to the start of the first buffer.
+ * \param size1     Size of the first buffer in bytes.
+ *                  This expression may be evaluated multiple times.
+ * \param p2        Pointer to the start of the second buffer.
+ * \param size2     Size of the second buffer in bytes.
+ *                  This expression may be evaluated multiple times.
+ */
+#define ASSERT_COMPARE( p1, size1, p2, size2 )                          \
+    do                                                                  \
+    {                                                                   \
+        TEST_ASSERT( ( size1 ) == ( size2 ) );                          \
+        if( ( size1 ) != 0 )                                            \
+            TEST_ASSERT( memcmp( ( p1 ), ( p2 ), ( size1 ) ) == 0 );    \
+    }                                                                   \
+    while( 0 )
+
 #define assert(a) if( !( a ) )                                      \
 {                                                                   \
     mbedtls_fprintf( stderr, "Assertion Failed at %s:%d - %s\n",   \

From bd7dea9e640dddccab75afecf4f739af5c36c9d8 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 27 Sep 2018 13:57:19 +0200
Subject: [PATCH 502/889] Use ASSERT_COMPARE instead of memcmp in PSA tests

This commit fixes some missing size comparison. In
aead_encrypt_decrypt, aead_encrypt and aead_decrypt, the test code
would not have noticed if the library function had reported an output
length that was not the expected length.
---
 tests/suites/test_suite_psa_crypto.function | 79 ++++++++-------------
 1 file changed, 31 insertions(+), 48 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index a55cfc7ac..ea1547e1f 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -419,8 +419,7 @@ static int is_oid_of_key_type( psa_key_type_t type,
         return( 0 );
     }
 
-    TEST_ASSERT( oid_length == expected_oid_length );
-    TEST_ASSERT( memcmp( oid, expected_oid, oid_length ) == 0 );
+    ASSERT_COMPARE( expected_oid, expected_oid_length, oid, oid_length );
     return( 1 );
 
 exit:
@@ -854,8 +853,7 @@ void fill_slots( int max_arg )
         TEST_ASSERT( psa_export_key( slot,
                                      exported, sizeof( exported ),
                                      &exported_size ) == PSA_SUCCESS );
-        TEST_ASSERT( exported_size == sizeof( slot ) );
-        TEST_ASSERT( memcmp( exported, &slot, sizeof( slot ) ) == 0 );
+        ASSERT_COMPARE( &slot, sizeof( slot ), exported, exported_size );
     }
 
 exit:
@@ -992,10 +990,7 @@ void import_export( data_t *data,
         goto exit;
 
     if( canonical_input )
-    {
-        TEST_ASSERT( exported_length == data->len );
-        TEST_ASSERT( memcmp( exported, data->x, data->len ) == 0 );
-    }
+        ASSERT_COMPARE( data->x, data->len, exported, exported_length );
     else
     {
         TEST_ASSERT( psa_set_key_policy( slot2, &policy ) == PSA_SUCCESS );
@@ -1007,9 +1002,8 @@ void import_export( data_t *data,
                                      reexported,
                                      export_size,
                                      &reexported_length ) == PSA_SUCCESS );
-        TEST_ASSERT( reexported_length == exported_length );
-        TEST_ASSERT( memcmp( reexported, exported,
-                             exported_length ) == 0 );
+        ASSERT_COMPARE( exported, exported_length,
+                        reexported, reexported_length );
     }
 
 destroy:
@@ -1580,9 +1574,8 @@ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
     TEST_ASSERT( psa_hash_finish( &operation,
                                   actual_hash, sizeof( actual_hash ),
                                   &actual_hash_length ) == PSA_SUCCESS );
-    TEST_ASSERT( actual_hash_length == expected_hash->len );
-    TEST_ASSERT( memcmp( expected_hash->x, actual_hash,
-                         expected_hash->len ) == 0 );
+    ASSERT_COMPARE( expected_hash->x, expected_hash->len,
+                    actual_hash, actual_hash_length );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -1795,9 +1788,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
     if( expected_status == PSA_SUCCESS )
     {
         TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
-        TEST_ASSERT( total_output_length == expected_output->len );
-        TEST_ASSERT( memcmp( expected_output->x, output,
-                             expected_output->len ) == 0 );
+        ASSERT_COMPARE( expected_output->x, expected_output->len,
+                        output, total_output_length );
     }
 
 exit:
@@ -1872,9 +1864,8 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
     total_output_length += function_output_length;
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
-    TEST_ASSERT( total_output_length == expected_output->len );
-    TEST_ASSERT( memcmp( expected_output->x, output,
-                         expected_output->len ) == 0 );
+    ASSERT_COMPARE( expected_output->x, expected_output->len,
+                    output, total_output_length );
 
 exit:
     mbedtls_free( output );
@@ -1951,9 +1942,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     total_output_length += function_output_length;
     TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
 
-    TEST_ASSERT( total_output_length == expected_output->len );
-    TEST_ASSERT( memcmp( expected_output->x, output,
-                         expected_output->len ) == 0 );
+    ASSERT_COMPARE( expected_output->x, expected_output->len,
+                    output, total_output_length );
 
 exit:
     mbedtls_free( output );
@@ -2026,9 +2016,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     if( expected_status == PSA_SUCCESS )
     {
         TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
-        TEST_ASSERT( total_output_length == expected_output->len );
-        TEST_ASSERT( memcmp( expected_output->x, output,
-                             expected_output->len ) == 0 );
+        ASSERT_COMPARE( expected_output->x, expected_output->len,
+                        output, total_output_length );
     }
 
 exit:
@@ -2115,8 +2104,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_cipher_abort( &operation2 ) == PSA_SUCCESS );
 
-    TEST_ASSERT( input->len == output2_length );
-    TEST_ASSERT( memcmp( input->x, output2, input->len ) == 0 );
+    ASSERT_COMPARE( input->x, input->len, output2, output2_length );
 
 exit:
     mbedtls_free( output1 );
@@ -2224,8 +2212,7 @@ void cipher_verify_output_multipart( int alg_arg,
 
     TEST_ASSERT( psa_cipher_abort( &operation2 ) == PSA_SUCCESS );
 
-    TEST_ASSERT( input->len == output2_length );
-    TEST_ASSERT( memcmp( input->x, output2, input->len ) == 0 );
+    ASSERT_COMPARE( input->x, input->len, output2, output2_length );
 
 exit:
     mbedtls_free( output1 );
@@ -2299,8 +2286,8 @@ void aead_encrypt_decrypt( int key_type_arg,
                                        output_data2, output_length,
                                        &output_length2 ) == expected_result );
 
-        TEST_ASSERT( memcmp( input_data->x, output_data2,
-                             input_data->len ) == 0 );
+        ASSERT_COMPARE( input_data->x, input_data->len,
+                        output_data2, output_length2 );
     }
 
 exit:
@@ -2357,8 +2344,8 @@ void aead_encrypt( int key_type_arg, data_t * key_data,
                                    output_data, output_size,
                                    &output_length ) == PSA_SUCCESS );
 
-    TEST_ASSERT( memcmp( output_data, expected_result->x,
-                         output_length ) == 0 );
+    ASSERT_COMPARE( expected_result->x, expected_result->len,
+                    output_data, output_length );
 
 exit:
     psa_destroy_key( slot );
@@ -2416,10 +2403,8 @@ void aead_decrypt( int key_type_arg, data_t * key_data,
                                    &output_length ) == expected_result );
 
     if( expected_result == PSA_SUCCESS )
-    {
-        TEST_ASSERT( memcmp( output_data, expected_data->x,
-                             output_length ) == 0 );
-    }
+        ASSERT_COMPARE( expected_data->x, expected_data->len,
+                        output_data, output_length );
 
 exit:
     psa_destroy_key( slot );
@@ -2491,9 +2476,8 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
                                       signature, signature_size,
                                       &signature_length ) == PSA_SUCCESS );
     /* Verify that the signature is what is expected. */
-    TEST_ASSERT( signature_length == output_data->len );
-    TEST_ASSERT( memcmp( signature, output_data->x,
-                         output_data->len ) == 0 );
+    ASSERT_COMPARE( output_data->x, output_data->len,
+                    signature, signature_length );
 
 exit:
     psa_destroy_key( slot );
@@ -2837,9 +2821,8 @@ void asymmetric_encrypt_decrypt( int key_type_arg,
                                          label->x, label->len,
                                          output2, output2_size,
                                          &output2_length ) == PSA_SUCCESS );
-    TEST_ASSERT( output2_length == input_data->len );
-    TEST_ASSERT( memcmp( input_data->x, output2,
-                         input_data->len ) == 0 );
+    ASSERT_COMPARE( input_data->x, input_data->len,
+                    output2, output2_length );
 
 exit:
     psa_destroy_key( slot );
@@ -2891,8 +2874,8 @@ void asymmetric_decrypt( int key_type_arg,
                                          output,
                                          output_size,
                                          &output_length ) == PSA_SUCCESS );
-    TEST_ASSERT( expected_data->len == output_length );
-    TEST_ASSERT( memcmp( expected_data->x, output, output_length ) == 0 );
+    ASSERT_COMPARE( expected_data->x, expected_data->len,
+                    output, output_length );
 
     /* If the label is empty, the test framework puts a non-null pointer
      * in label->x. Test that a null pointer works as well. */
@@ -2906,8 +2889,8 @@ void asymmetric_decrypt( int key_type_arg,
                                              output,
                                              output_size,
                                              &output_length ) == PSA_SUCCESS );
-        TEST_ASSERT( expected_data->len == output_length );
-        TEST_ASSERT( memcmp( expected_data->x, output, output_length ) == 0 );
+        ASSERT_COMPARE( expected_data->x, expected_data->len,
+                        output, output_length );
     }
 
 exit:

From 79722b06725113fcd1c5381d77b8eabf957d65aa Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 26 Sep 2018 15:46:41 +0200
Subject: [PATCH 503/889] Fix incorrect test dependencies for MBEDTLS_PKCS1_V21

---
 tests/suites/test_suite_psa_crypto.data | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 38c5fee98..0319782fa 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -691,7 +691,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW
 
 PSA import/exercise RSA keypair, PSS-SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
 import_and_exercise_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256)
 
 PSA import/exercise RSA public key, PKCS#1 v1.5 raw
@@ -699,7 +699,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 import_and_exercise_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW
 
 PSA import/exercise RSA public key, PSS-SHA-256
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
 import_and_exercise_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256)
 
 PSA import/exercise: ECP SECP256R1 keypair, ECDSA

From a84f97c9bd6e96979f41266fa2a34d377b75ede9 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 26 Sep 2018 15:50:21 +0200
Subject: [PATCH 504/889] Update build script for tests after mbedcrypto
 exporter

Update to the latest syntax changes of generate_test_code.py. This was
missed in the rebase onto mbedtls-2.13.
---
 crypto/tests/Makefile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/crypto/tests/Makefile b/crypto/tests/Makefile
index 2de5ffa7a..f76c1c0f8 100644
--- a/crypto/tests/Makefile
+++ b/crypto/tests/Makefile
@@ -41,7 +41,7 @@ $(C_FILES): %.c: suites/$$(func.$$*).function suites/%.data scripts/generate_tes
 		-t suites/main_test.function \
 		-p suites/host_test.function \
 		-s suites  \
-		--help-file suites/helpers.function \
+		--helpers-file suites/helpers.function \
 		-o .
 
 
@@ -70,7 +70,7 @@ $(EMBEDDED_TESTS): embedded_%: suites/$$(func.$$*).function suites/%.data script
 		-t suites/main_test.function \
 		-p suites/target_test.function \
 		-s suites  \
-		--help-file suites/helpers.function \
+		--helpers-file suites/helpers.function \
 		-o ./TESTS/mbedcrypto/$*
 
 gen-embedded-test: $(EMBEDDED_TESTS)

From 1596554c9930cbd1c5ef1f0e07196cfab192bcea Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 26 Sep 2018 13:42:26 +0200
Subject: [PATCH 505/889] Fix "make WINDOWS_BUILD=1 clean" on non-Windows hosts

The clean rule was not using the correct names for the compiled
executable files.
---
 tests/Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/Makefile b/tests/Makefile
index 4d2edd456..b6e49bf8a 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -105,7 +105,7 @@ $(BINARIES): %$(EXEXT): %.c $(DEP)
 
 clean:
 ifndef WINDOWS
-	rm -rf $(APPS) *.c *.datax TESTS
+	rm -rf $(BINARIES) *.c *.datax TESTS
 else
 	del /Q /F *.c *.exe *.datax
 ifneq ($(wildcard TESTS/.*),)

From 899c6521955ca6a8f505ef1d01c6efe541059e8f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 26 Sep 2018 15:54:40 +0200
Subject: [PATCH 506/889] In keep-going mode, don't hard-fail on some auxiliary
 script

Add record_status in front of the invocation of several scripts where
it was missing.
---
 tests/scripts/all.sh | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 996204662..a323d1553 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -436,25 +436,25 @@ OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_CLI" \
     ARMC6_CC="$ARMC6_CC" RUN_ARMCC="$RUN_ARMCC" scripts/output_env.sh
 
 msg "test: recursion.pl" # < 1s
-tests/scripts/recursion.pl library/*.c
+record_status tests/scripts/recursion.pl library/*.c
 
 msg "test: freshness of generated source files" # < 1s
-tests/scripts/check-generated-files.sh
+record_status tests/scripts/check-generated-files.sh
 
 msg "test: doxygen markup outside doxygen blocks" # < 1s
-tests/scripts/check-doxy-blocks.pl
+record_status tests/scripts/check-doxy-blocks.pl
 
 msg "test: check-files.py" # < 1s
 cleanup
-tests/scripts/check-files.py
+record_status tests/scripts/check-files.py
 
 msg "test/build: declared and exported names" # < 3s
 cleanup
-tests/scripts/check-names.sh
+record_status tests/scripts/check-names.sh
 
 msg "test: doxygen warnings" # ~ 3s
 cleanup
-tests/scripts/doxygen.sh
+record_status tests/scripts/doxygen.sh
 
 msg "test: Mbed Crypto exporter " # ~ 30s
 cleanup
@@ -1079,10 +1079,10 @@ for optimization_flag in -O2 -O3 -Ofast -Os; do
 done
 
 msg "Lint: Python scripts"
-tests/scripts/check-python-files.sh
+record_status tests/scripts/check-python-files.sh
 
 msg "uint test: generate_test_code.py"
-./tests/scripts/test_generate_test_code.py
+record_status ./tests/scripts/test_generate_test_code.py
 
 ################################################################
 #### Termination

From 99ca35e968421d7ae0c5e3d93a9a2bd67da9386e Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 26 Sep 2018 17:49:57 +0200
Subject: [PATCH 507/889] Look for documentation only in specific directories

Generate the documentation from include and doxygen/input only. Don't
get snared by files containing Doxygen comments that lie in other
directories such as tests, yotta, crypto/include, ...

The only difference this makes in a fresh checkout is that the
documentation no longer lists target_config.h. This file is from
yotta, does not contain any Doxygen comment, and its inclusion in the
rendered documentation was clearly an oversight.
---
 doxygen/mbedtls.doxyfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile
index 43d6e6e72..5ad20d65b 100644
--- a/doxygen/mbedtls.doxyfile
+++ b/doxygen/mbedtls.doxyfile
@@ -664,7 +664,7 @@ WARN_LOGFILE           =
 # directories like "/usr/src/myproject". Separate the files or directories
 # with spaces.
 
-INPUT                  = ..
+INPUT                  = ../include input
 
 # This tag can be used to specify the character encoding of the source files
 # that doxygen parses. Internally doxygen uses the UTF-8 encoding, which is
@@ -696,7 +696,7 @@ RECURSIVE              = YES
 # Note that relative paths are relative to the directory from which doxygen is
 # run.
 
-EXCLUDE                = ../configs ../yotta/module
+EXCLUDE                =
 
 # The EXCLUDE_SYMLINKS tag can be used to select whether or not files or
 # directories that are symbolic links (a Unix file system feature) are excluded

From f7ab5ad13a4d1749c720c3db28c008343852e336 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 26 Sep 2018 18:19:24 +0200
Subject: [PATCH 508/889] Skip calling memset when the size is 0

memset(NULL, c, 0) has undefined behavior, so don't do it. clang-asan
complains.
---
 tests/suites/test_suite_psa_crypto.function | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index ea1547e1f..59cc7166d 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1367,7 +1367,8 @@ void asymmetric_encryption_key_policy( int policy_usage,
     else
         TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 
-    memset( buffer, 0, buffer_length );
+    if( buffer_length != 0 )
+        memset( buffer, 0, buffer_length );
     status = psa_asymmetric_decrypt( key_slot, exercise_alg,
                                      buffer, buffer_length,
                                      NULL, 0,
@@ -2741,7 +2742,8 @@ void asymmetric_encrypt( int key_type_arg,
     if( label->len == 0 )
     {
         output_length = ~0;
-        memset( output, 0, output_size );
+        if( output_size != 0 )
+            memset( output, 0, output_size );
         actual_status = psa_asymmetric_encrypt( slot, alg,
                                                 input_data->x, input_data->len,
                                                 NULL, label->len,
@@ -2882,7 +2884,8 @@ void asymmetric_decrypt( int key_type_arg,
     if( label->len == 0 )
     {
         output_length = ~0;
-        memset( output, 0, output_size );
+        if( output_size != 0 )
+            memset( output, 0, output_size );
         TEST_ASSERT( psa_asymmetric_decrypt( slot, alg,
                                              input_data->x, input_data->len,
                                              NULL, label->len,
@@ -2949,7 +2952,8 @@ void asymmetric_decrypt_fail( int key_type_arg,
     if( label->len == 0 )
     {
         output_length = ~0;
-        memset( output, 0, output_size );
+        if( output_size != 0 )
+            memset( output, 0, output_size );
         actual_status = psa_asymmetric_decrypt( slot, alg,
                                                 input_data->x, input_data->len,
                                                 NULL, label->len,
@@ -3332,7 +3336,8 @@ void generate_random( int bytes_arg )
      * (2^(-8*number_of_runs)). */
     for( run = 0; run < 10; run++ )
     {
-        memset( output, 0, bytes );
+        if( bytes != 0 )
+            memset( output, 0, bytes );
         TEST_ASSERT( psa_generate_random( output, bytes ) == PSA_SUCCESS );
 
         /* Check that no more than bytes have been overwritten */

From 3e954cf84de6ae30697080782a8a493432fe3a1c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 27 Sep 2018 10:12:17 +0200
Subject: [PATCH 509/889] In keep-going mode, don't hard-fail on some tests

Add if_build_succeeded in front of the invocation of some test runs
where it was missing.
---
 tests/scripts/all.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index a323d1553..a63b3fc27 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -539,10 +539,10 @@ msg "test: RSA_NO_CRT - main suites (inc. selftests) (ASan build)" # ~ 50s
 make test
 
 msg "test: RSA_NO_CRT - RSA-related part of ssl-opt.sh (ASan build)" # ~ 5s
-tests/ssl-opt.sh -f RSA
+if_build_succeeded tests/ssl-opt.sh -f RSA
 
 msg "test: RSA_NO_CRT - RSA-related part of compat.sh (ASan build)" # ~ 3 min
-tests/compat.sh -t RSA
+if_build_succeeded tests/compat.sh -t RSA
 
 msg "build: small SSL_OUT_CONTENT_LEN (ASan build)"
 cleanup

From 3a33c01a98d8ed899f5e23ff54e6131a95b18615 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Thu, 27 Sep 2018 10:14:36 +0100
Subject: [PATCH 510/889] mbed_crypto: Always describe the current version

Even with a shallow clone of the repo where there are no tags available
to version with, don't error and instead show a unique abbreviated
commit hash as fallback.
---
 scripts/mbed_crypto.make | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/mbed_crypto.make b/scripts/mbed_crypto.make
index 5da57084d..c0e5a0531 100644
--- a/scripts/mbed_crypto.make
+++ b/scripts/mbed_crypto.make
@@ -213,7 +213,7 @@ crypto/%: %
 	$(call rename_mbedcrypto,$@)
 
 crypto/VERSION.txt: FORCE
-	@git describe --tags --abbrev=12 --dirty > $@
+	@git describe --tags --abbrev=12 --dirty --always > $@
 
 mbedcrypto.tar.gz: $(LIB_FILES) $(INC_FILES) $(TEST_FILES) $(OTHER_FILES)
 	@echo $@

From 2bb56095ec50c373b899a4614346e694678f271f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 27 Sep 2018 11:49:52 +0200
Subject: [PATCH 511/889] Remove redundant check in all.sh

test -s can't fail if the subsequent grep succeeds.
---
 tests/scripts/all.sh | 1 -
 1 file changed, 1 deletion(-)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index a63b3fc27..0bce2a886 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -1071,7 +1071,6 @@ for optimization_flag in -O2 -O3 -Ofast -Os; do
         cleanup
         make programs CC="$compiler" DEBUG=1 CFLAGS="$optimization_flag"
         if_build_succeeded gdb -x tests/scripts/test_zeroize.gdb -nw -batch -nx 2>&1 | tee test_zeroize.log
-        if_build_succeeded [ -s test_zeroize.log ]
         if_build_succeeded grep "The buffer was correctly zeroized" test_zeroize.log
         if_build_succeeded not grep -i "error" test_zeroize.log
         rm -f test_zeroize.log

From e04d4e6d13398f6cfd6d85df3f7563b551df1885 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 27 Sep 2018 11:50:24 +0200
Subject: [PATCH 512/889] Don't try to disable ASLR

We don't need to disable ASLR, so don't try. If gdb tries but fails,
the test runs normally, but all.sh then trips up because it sees
`warning: Error disabling address space randomization: Operation not permitted`
and interprets it as an error that indicates a test failure.
---
 tests/scripts/test_zeroize.gdb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/tests/scripts/test_zeroize.gdb b/tests/scripts/test_zeroize.gdb
index 617ab5544..77c812a0b 100644
--- a/tests/scripts/test_zeroize.gdb
+++ b/tests/scripts/test_zeroize.gdb
@@ -41,6 +41,9 @@
 # number does not need to be updated often.
 
 set confirm off
+# We don't need to turn off ASLR, so don't try.
+set disable-randomization off
+
 file ./programs/test/zeroize
 break zeroize.c:100
 

From c426352ec5dfd48a4c7ac7db42d4c194a1ac8322 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 28 Sep 2018 11:48:10 +0200
Subject: [PATCH 513/889] check-files: exclude .git and third-party files

Exclude ".git" directories anywhere. This avoids spurious errors in git
checkouts that contain branch names that look like a file
check-files.py would check.

Exclude "mbed-os" anywhere and "examples" from the root. Switch to the
new mechanism to exclude "yotta/module". These are directories where
we store third-party files that do not need to match our preferences.

Exclude "cov-int" from the root. Fix #1691
---
 tests/scripts/check-files.py | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/tests/scripts/check-files.py b/tests/scripts/check-files.py
index f560d0378..0fb2117a3 100755
--- a/tests/scripts/check-files.py
+++ b/tests/scripts/check-files.py
@@ -155,6 +155,12 @@ class IntegrityChecker(object):
             ".c", ".h", ".sh", ".pl", ".py", ".md", ".function", ".data",
             "Makefile", "CMakeLists.txt", "ChangeLog"
         )
+        self.excluded_directories = ['.git', 'mbed-os']
+        self.excluded_paths = list(map(os.path.normpath, [
+            'cov-int',
+            'examples',
+            'yotta/module'
+        ]))
         self.issues_to_check = [
             PermissionIssueTracker(),
             EndOfFileNewlineIssueTracker(),
@@ -179,12 +185,19 @@ class IntegrityChecker(object):
             console = logging.StreamHandler()
             self.logger.addHandler(console)
 
+    def prune_branch(self, root, d):
+        if d in self.excluded_directories:
+            return True
+        if os.path.normpath(os.path.join(root, d)) in self.excluded_paths:
+            return True
+        return False
+
     def check_files(self):
-        for root, dirs, files in sorted(os.walk(".")):
+        for root, dirs, files in os.walk("."):
+            dirs[:] = sorted(d for d in dirs if not self.prune_branch(root, d))
             for filename in sorted(files):
                 filepath = os.path.join(root, filename)
-                if (os.path.join("yotta", "module") in filepath or
-                        not filepath.endswith(self.files_to_check)):
+                if not filepath.endswith(self.files_to_check):
                     continue
                 for issue_to_check in self.issues_to_check:
                     if issue_to_check.should_check_file(filepath):

From f18c146d6bd2356b8db0b4f575c1d361ab60dec6 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 14 Aug 2018 15:17:29 +0200
Subject: [PATCH 514/889] Remove a redundant test case

---
 tests/suites/test_suite_psa_crypto.data | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 0319782fa..6a5a21fc7 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -354,10 +354,6 @@ depends_on:MBEDTLS_CMAC_C
 # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
 mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED
 
-PSA MAC verify: HMAC-SHA-256
-depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-mac_verify:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):"53616d706c65206d65737361676520666f72206b65796c656e3d626c6f636b6c656e":"8bb9a1db9806f20df7f77b82138c7914d174d59e13dc4d0169c9057b133e1d62"
-
 PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-224
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"

From a7aa442c7cdee82eacc55115aeef5a2410e5f27f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 14 Aug 2018 15:17:54 +0200
Subject: [PATCH 515/889] Add tests for mac_sign

---
 tests/suites/test_suite_psa_crypto.data     | 16 +++++
 tests/suites/test_suite_psa_crypto.function | 69 +++++++++++++++++++--
 2 files changed, 80 insertions(+), 5 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 6a5a21fc7..913c69460 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -354,18 +354,34 @@ depends_on:MBEDTLS_CMAC_C
 # Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
 mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_NOT_SUPPORTED
 
+PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-224
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
+
 PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-224
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_224):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
 
+PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"
+
 PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"4869205468657265":"b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"
 
+PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-384
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6"
+
 PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-384
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
 mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_384):"4869205468657265":"afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6"
 
+PSA MAC sign: RFC4231 Test case 1 - HMAC-SHA-512
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
+
 PSA MAC verify: RFC4231 Test case 1 - HMAC-SHA-512
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
 mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_512):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 59cc7166d..9f1945809 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -22,20 +22,23 @@
 /** An invalid export length that will never be set by psa_export_key(). */
 static const size_t INVALID_EXPORT_LENGTH = ~0U;
 
-/** Test if a buffer is all-bits zero.
+/** Test if a buffer contains a constant byte value.
+ *
+ * `mem_is_char(buffer, c, size)` is true after `memset(buffer, c, size)`.
  *
  * \param buffer    Pointer to the beginning of the buffer.
+ * \param c         Expected value of every byte.
  * \param size      Size of the buffer in bytes.
  *
  * \return          1 if the buffer is all-bits-zero.
  * \return          0 if there is at least one nonzero byte.
  */
-static int mem_is_zero( void *buffer, size_t size )
+static int mem_is_char( void *buffer, unsigned char c, size_t size )
 {
     size_t i;
     for( i = 0; i < size; i++ )
     {
-        if( ( (unsigned char *) buffer )[i] != 0 )
+        if( ( (unsigned char *) buffer )[i] != c )
             return( 0 );
     }
     return( 1 );
@@ -978,7 +981,7 @@ void import_export( data_t *data,
     TEST_ASSERT( status == PSA_SUCCESS || exported_length == 0 );
     TEST_ASSERT( exported_length <= export_size );
 
-    TEST_ASSERT( mem_is_zero( exported + exported_length,
+    TEST_ASSERT( mem_is_char( exported + exported_length, 0,
                               export_size - exported_length ) );
     if( status != PSA_SUCCESS )
     {
@@ -1067,7 +1070,7 @@ void import_export_public_key( data_t *data,
                                     &exported_length );
     TEST_ASSERT( status == expected_export_status );
     TEST_ASSERT( exported_length == (size_t) public_key_expected_length );
-    TEST_ASSERT( mem_is_zero( exported + exported_length,
+    TEST_ASSERT( mem_is_char( exported + exported_length, 0,
                               export_size - exported_length ) );
     if( status != PSA_SUCCESS )
         goto destroy;
@@ -1647,6 +1650,62 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void mac_sign( int key_type_arg,
+               data_t *key,
+               int alg_arg,
+               data_t *input,
+               data_t *expected_mac )
+{
+    int key_slot = 1;
+    psa_key_type_t key_type = key_type_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_mac_operation_t operation;
+    psa_key_policy_t policy;
+    /* Leave a little extra room in the output buffer. At the end of the
+     * test, we'll check that the implementation didn't overwrite onto
+     * this extra room. */
+    uint8_t actual_mac[PSA_MAC_MAX_SIZE + 10];
+    size_t mac_buffer_size =
+        PSA_MAC_FINAL_SIZE( key_type, PSA_BYTES_TO_BITS( key->len ), alg );
+    size_t mac_length = 0;
+
+    memset( actual_mac, '+', sizeof( actual_mac ) );
+    TEST_ASSERT( mac_buffer_size <= PSA_MAC_MAX_SIZE );
+    TEST_ASSERT( expected_mac->len <= mac_buffer_size );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key->x, key->len ) == PSA_SUCCESS );
+
+    /* Calculate the MAC. */
+    TEST_ASSERT( psa_mac_sign_setup( &operation,
+                                     key_slot, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_mac_update( &operation,
+                                 input->x, input->len ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_mac_sign_finish( &operation,
+                                      actual_mac, mac_buffer_size,
+                                      &mac_length ) == PSA_SUCCESS );
+
+    /* Compare with the expected value. */
+    TEST_ASSERT( mac_length == expected_mac->len );
+    TEST_ASSERT( memcmp( actual_mac, expected_mac->x, mac_length ) == 0 );
+
+    /* Verify that the end of the buffer is untouched. */
+    TEST_ASSERT( mem_is_char( actual_mac + mac_length, '+',
+                              sizeof( actual_mac ) - mac_length ) );
+
+exit:
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void mac_verify( int key_type_arg,
                  data_t *key,

From d911eb79151565c755b5ff5d1c82206d7517c570 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 14 Aug 2018 15:18:45 +0200
Subject: [PATCH 516/889] Add support for truncated MAC algorithms

---
 include/psa/crypto.h                    | 50 ++++++++++++++++
 include/psa/crypto_sizes.h              |  6 +-
 library/psa_crypto.c                    | 45 ++++++++++++---
 tests/suites/test_suite_psa_crypto.data | 76 +++++++++++++++++++++++++
 4 files changed, 168 insertions(+), 9 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 62d392017..0269be959 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -756,6 +756,56 @@ typedef uint32_t psa_algorithm_t;
     (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
      PSA_ALG_HMAC_BASE)
 
+#define PSA_ALG_MAC_TRUNCATION_MASK             ((psa_algorithm_t)0x00003f00)
+#define PSA_MAC_TRUNCATION_OFFSET 8
+
+/** Macro to build a truncated MAC algorithm.
+ *
+ * A truncated MAC algorithm is identical to the corresponding MAC
+ * algorithm except that the MAC value for the truncated algorithm
+ * consists of only the first \p mac_length bytes of the MAC value
+ * for the untruncated algorithm.
+ *
+ * \note    This macro may allow constructing algorithm identifiers that
+ *          are not valid, either because the specified length is larger
+ *          than the untruncated MAC or because the specified length is
+ *          smaller than permitted by the implementation.
+ *
+ * \note    It is implementation-defined whether a truncated MAC that
+ *          is truncated to the same length as the MAC of the untruncated
+ *          algorithm is considered identical to the untruncated algorithm
+ *          for policy comparison purposes.
+ *
+ * \param alg           A MAC algorithm identifier (value of type
+ *                      #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
+ *                      is true). This may be a truncated or untruncated
+ *                      MAC algorithm.
+ * \param mac_length    Desired length of the truncated MAC in bytes.
+ *
+ * \return              The corresponding MAC algorithm with the specified
+ *                      length.
+ * \return              Unspecified if \p alg is not a supported
+ *                      MAC algorithm or if \p mac_length is too small or
+ *                      too large for the specified MAC algorithm.
+ */
+#define PSA_ALG_TRUNCATED_MAC(alg, mac_length)                          \
+    (((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) |                           \
+     ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK))
+
+/** Length to which a MAC algorithm is truncated.
+ *
+ * \param alg           A MAC algorithm identifier (value of type
+ *                      #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
+ *                      is true).
+ *
+ * \return              Length of the truncated MAC in bytes.
+ * \return              0 if \p alg is a non-truncated MAC algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      MAC algorithm.
+ */
+#define PSA_MAC_TRUNCATED_LENGTH(alg)           \
+    (((alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)
+
 #define PSA_ALG_CIPHER_MAC_BASE                 ((psa_algorithm_t)0x02c00000)
 #define PSA_ALG_CBC_MAC                         ((psa_algorithm_t)0x02c00001)
 #define PSA_ALG_CMAC                            ((psa_algorithm_t)0x02c00002)
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index edb240be0..c058afc38 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -143,7 +143,8 @@
         PSA_VENDOR_ECC_MAX_CURVE_BITS                                   \
         )
 
-
+/** The maximum size of a block cipher supported by the implementation. */
+#define PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE 16
 
 /** The size of the output of psa_mac_sign_finish(), in bytes.
  *
@@ -163,7 +164,8 @@
  *                      with the algorithm.
  */
 #define PSA_MAC_FINAL_SIZE(key_type, key_bits, alg)                     \
-    (PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_GET_HASH(alg)) : \
+    ((alg) & PSA_ALG_MAC_TRUNCATION_MASK ? PSA_MAC_TRUNCATED_LENGTH(alg) : \
+     PSA_ALG_IS_HMAC(alg) ? PSA_HASH_SIZE(PSA_ALG_HMAC_GET_HASH(alg)) : \
      PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \
      ((void)(key_type), (void)(key_bits), 0))
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 6fd905c8c..3411cc843 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1523,8 +1523,10 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
     size_t key_bits;
     psa_key_usage_t usage =
         is_sign ? PSA_KEY_USAGE_SIGN : PSA_KEY_USAGE_VERIFY;
+    unsigned char truncated = PSA_MAC_TRUNCATED_LENGTH( alg );
+    psa_algorithm_t full_length_alg = alg & ~PSA_ALG_MAC_TRUNCATION_MASK;
 
-    status = psa_mac_init( operation, alg );
+    status = psa_mac_init( operation, full_length_alg );
     if( status != PSA_SUCCESS )
         return( status );
     if( is_sign )
@@ -1536,10 +1538,11 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
     key_bits = psa_get_key_bits( slot );
 
 #if defined(MBEDTLS_CMAC_C)
-    if( alg == PSA_ALG_CMAC )
+    if( full_length_alg == PSA_ALG_CMAC )
     {
         const mbedtls_cipher_info_t *cipher_info =
-            mbedtls_cipher_info_from_psa( alg, slot->type, key_bits, NULL );
+            mbedtls_cipher_info_from_psa( full_length_alg,
+                                          slot->type, key_bits, NULL );
         int ret;
         if( cipher_info == NULL )
         {
@@ -1553,7 +1556,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
     else
 #endif /* MBEDTLS_CMAC_C */
 #if defined(MBEDTLS_MD_C)
-    if( PSA_ALG_IS_HMAC( alg ) )
+    if( PSA_ALG_IS_HMAC( full_length_alg ) )
     {
         psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg );
         if( hash_alg == 0 )
@@ -1588,6 +1591,24 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
         status = PSA_ERROR_NOT_SUPPORTED;
     }
 
+    if( truncated == 0 )
+    {
+        /* The "normal" case: untruncated algorithm. Nothing to do. */
+    }
+    else if( truncated < 4 )
+    {
+        /* Too small to make any sense. Reject. 4 bytes is too small for
+         * security but ancient protocols with 32-bit MACs do exist. */
+        status = PSA_ERROR_NOT_SUPPORTED;
+    }
+    else if( truncated > operation->mac_size )
+    {
+        /* It's impossible to "truncate" to a larger length. */
+        status = PSA_ERROR_INVALID_ARGUMENT;
+    }
+    else
+        operation->mac_size = truncated;
+
 exit:
     if( status != PSA_SUCCESS )
     {
@@ -1682,7 +1703,11 @@ static psa_status_t psa_hmac_finish_internal( psa_hmac_internal_data *hmac,
     if( status != PSA_SUCCESS )
         goto exit;
 
-    status = psa_hash_finish( &hmac->hash_ctx, mac, mac_size, &hash_size );
+    status = psa_hash_finish( &hmac->hash_ctx, tmp, sizeof( tmp ), &hash_size );
+    if( status != PSA_SUCCESS )
+        goto exit;
+
+    memcpy( mac, tmp, mac_size );
 
 exit:
     mbedtls_zeroize( tmp, hash_size );
@@ -1705,7 +1730,11 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
 #if defined(MBEDTLS_CMAC_C)
     if( operation->alg == PSA_ALG_CMAC )
     {
-        int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, mac );
+        uint8_t tmp[PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE];
+        int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, tmp );
+        if( ret == 0 )
+            memcpy( mac, tmp, mac_size );
+        mbedtls_zeroize( tmp, sizeof( tmp ) );
         return( mbedtls_to_psa_error( ret ) );
     }
     else
@@ -1714,7 +1743,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
     if( PSA_ALG_IS_HMAC( operation->alg ) )
     {
         return( psa_hmac_finish_internal( &operation->ctx.hmac,
-                                          mac, mac_size ) );
+                                          mac, operation->mac_size ) );
     }
     else
 #endif /* MBEDTLS_MD_C */
@@ -1793,6 +1822,8 @@ cleanup:
     else
         psa_mac_abort( operation );
 
+    mbedtls_zeroize( actual_mac, mac_length );
+
     return( status );
 }
 
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 913c69460..b76f3071e 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -466,10 +466,86 @@ PSA MAC verify: RFC4231 Test case 7 - HMAC-SHA-512
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
 mac_verify:PSA_KEY_TYPE_HMAC:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HMAC(PSA_ALG_SHA_512):"5468697320697320612074657374207573696e672061206c6172676572207468616e20626c6f636b2d73697a65206b657920616e642061206c6172676572207468616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565647320746f20626520686173686564206265666f7265206265696e6720757365642062792074686520484d414320616c676f726974686d2e":"e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58"
 
+PSA MAC sign: HMAC-SHA-224, truncated to 28 bytes (actual size)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 28):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
+
+PSA MAC verify: HMAC-SHA-224, truncated to 28 bytes (actual size)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 28):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"
+
+PSA MAC sign: HMAC-SHA-512, truncated to 64 bytes (actual size)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 64):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
+
+PSA MAC verify: HMAC-SHA-512, truncated to 64 bytes (actual size)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 64):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"
+
+PSA MAC sign: HMAC-SHA-224, truncated to 27 bytes
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 27):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b"
+
+PSA MAC verify: HMAC-SHA-224, truncated to 27 bytes
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 27):"4869205468657265":"896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b"
+
+PSA MAC sign: HMAC-SHA-512, truncated to 63 bytes
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 63):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a1268"
+
+PSA MAC verify: HMAC-SHA-512, truncated to 63 bytes
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 63):"4869205468657265":"87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a1268"
+
+PSA MAC sign: HMAC-SHA-224, truncated to 4 bytes
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 4):"4869205468657265":"896fb112"
+
+PSA MAC verify: HMAC-SHA-224, truncated to 4 bytes
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 4):"4869205468657265":"896fb112"
+
+PSA MAC sign: HMAC-SHA-512, truncated to 4 bytes
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_sign:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 4):"4869205468657265":"87aa7cde"
+
+PSA MAC verify: HMAC-SHA-512, truncated to 4 bytes
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+mac_verify:PSA_KEY_TYPE_HMAC:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_512), 4):"4869205468657265":"87aa7cde"
+
+PSA MAC sign: CMAC-AES-128
+depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
+
 PSA MAC verify: CMAC-AES-128
 depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
 mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_CMAC:"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
 
+PSA MAC sign: CMAC-AES-128, truncated to 16 bytes (actual size)
+depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
+
+PSA MAC verify: CMAC-AES-128, truncated to 16 bytes (actual size)
+depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 16):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c827"
+
+PSA MAC sign: CMAC-AES-128, truncated to 15 bytes
+depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 15):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c8"
+
+PSA MAC verify: CMAC-AES-128, truncated to 15 bytes
+depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 15):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747de9ae63030ca32611497c8"
+
+PSA MAC sign: CMAC-AES-128, truncated to 4 bytes
+depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+mac_sign:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 4):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747"
+
+PSA MAC verify: CMAC-AES-128, truncated to 4 bytes
+depends_on:MBEDTLS_CMAC_C:MBEDTLS_AES_C
+mac_verify:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 4):"6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411":"dfa66747"
+
 PSA cipher setup: good, AES-CTR
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
 cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_SUCCESS

From edf9a6576d4cd7ebf6d0287a2fbfd9b8d1546e7a Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 17 Aug 2018 18:11:56 +0200
Subject: [PATCH 517/889] Refactor AEAD setup into a common function

There was a lot of repetition between psa_aead_encrypt and
psa_aead_decrypt. Refactor the code into a new function psa_aead_setup.
The new code should behave identically except that in some cases where
multiple error conditions apply, the code may now return a different
error code.

Internally, I rearranged some of the code:

* I removed a check that the key type was in CATEGORY_SYMMETRIC because
  it's redundant with mbedtls_cipher_info_from_psa which enumerates
  supported key types explicitly.
* The order of some validations is different to allow the split between
  setup and data processing. The code now calls a more robust function
  psa_aead_abort in case of any error after the early stage of the setup.
---
 library/psa_crypto.c | 320 +++++++++++++++++++++----------------------
 1 file changed, 159 insertions(+), 161 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 3411cc843..82af92086 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2821,6 +2821,102 @@ psa_status_t psa_set_key_lifetime( psa_key_slot_t key,
 /* AEAD */
 /****************************************************************/
 
+typedef struct
+{
+    key_slot_t *slot;
+    const mbedtls_cipher_info_t *cipher_info;
+    union
+    {
+#if defined(MBEDTLS_CCM_C)
+        mbedtls_ccm_context ccm;
+#endif /* MBEDTLS_CCM_C */
+#if defined(MBEDTLS_GCM_C)
+        mbedtls_gcm_context gcm;
+#endif /* MBEDTLS_GCM_C */
+    } ctx;
+    uint8_t tag_length;
+} aead_operation_t;
+
+static void psa_aead_abort( aead_operation_t *operation,
+                            psa_algorithm_t alg )
+{
+    switch( alg )
+    {
+#if defined(MBEDTLS_CCM_C)
+        case PSA_ALG_CCM:
+            mbedtls_ccm_free( &operation->ctx.ccm );
+            break;
+#endif /* MBEDTLS_CCM_C */
+#if defined(MBEDTLS_CCM_C)
+        case PSA_ALG_GCM:
+            mbedtls_gcm_free( &operation->ctx.gcm );
+            break;
+#endif /* MBEDTLS_GCM_C */
+    }
+}
+
+static psa_status_t psa_aead_setup( aead_operation_t *operation,
+                                    psa_key_slot_t key,
+                                    psa_key_usage_t usage,
+                                    psa_algorithm_t alg )
+{
+    psa_status_t status;
+    size_t key_bits;
+    mbedtls_cipher_id_t cipher_id;
+
+    status = psa_get_key_from_slot( key, &operation->slot, usage, alg );
+    if( status != PSA_SUCCESS )
+        return( status );
+
+    key_bits = psa_get_key_bits( operation->slot );
+
+    operation->cipher_info =
+        mbedtls_cipher_info_from_psa( alg, operation->slot->type, key_bits,
+                                      &cipher_id );
+    if( operation->cipher_info == NULL )
+        return( PSA_ERROR_NOT_SUPPORTED );
+
+    switch( alg )
+    {
+#if defined(MBEDTLS_CCM_C)
+        case PSA_ALG_CCM:
+            operation->tag_length = 16;
+            if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->type ) != 16 )
+                return( PSA_ERROR_INVALID_ARGUMENT );
+            mbedtls_ccm_init( &operation->ctx.ccm );
+            status = mbedtls_to_psa_error(
+                mbedtls_ccm_setkey( &operation->ctx.ccm, cipher_id,
+                                    operation->slot->data.raw.data,
+                                    (unsigned int) key_bits ) );
+            if( status != 0 )
+                goto cleanup;
+            break;
+#endif /* MBEDTLS_CCM_C */
+
+#if defined(MBEDTLS_GCM_C)
+        case PSA_ALG_GCM:
+            operation->tag_length = 16;
+            if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->type ) != 16 )
+                return( PSA_ERROR_INVALID_ARGUMENT );
+            mbedtls_gcm_init( &operation->ctx.gcm );
+            status = mbedtls_to_psa_error(
+                mbedtls_gcm_setkey( &operation->ctx.gcm, cipher_id,
+                                    operation->slot->data.raw.data,
+                                    (unsigned int) key_bits ) );
+            break;
+#endif /* MBEDTLS_GCM_C */
+
+        default:
+            return( PSA_ERROR_NOT_SUPPORTED );
+    }
+
+    return( PSA_SUCCESS );
+
+cleanup:
+    psa_aead_abort( operation, alg );
+    return( status );
+}
+
 psa_status_t psa_aead_encrypt( psa_key_slot_t key,
                                psa_algorithm_t alg,
                                const uint8_t *nonce,
@@ -2833,113 +2929,60 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
                                size_t ciphertext_size,
                                size_t *ciphertext_length )
 {
-    int ret;
     psa_status_t status;
-    key_slot_t *slot;
-    size_t key_bits;
+    aead_operation_t operation;
     uint8_t *tag;
-    size_t tag_length;
-    mbedtls_cipher_id_t cipher_id;
-    const mbedtls_cipher_info_t *cipher_info = NULL;
 
     *ciphertext_length = 0;
 
-    status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg );
+    status = psa_aead_setup( &operation, key, PSA_KEY_USAGE_ENCRYPT, alg );
     if( status != PSA_SUCCESS )
         return( status );
-    key_bits = psa_get_key_bits( slot );
 
-    cipher_info = mbedtls_cipher_info_from_psa( alg, slot->type,
-                                                key_bits, &cipher_id );
-    if( cipher_info == NULL )
-        return( PSA_ERROR_NOT_SUPPORTED );
-
-    if( ( slot->type & PSA_KEY_TYPE_CATEGORY_MASK ) !=
-        PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
-        return( PSA_ERROR_INVALID_ARGUMENT );
+    /* For all currently supported modes, the tag is at the end of the
+     * ciphertext. */
+    if( ciphertext_size < ( plaintext_length + operation.tag_length ) )
+    {
+        status = PSA_ERROR_BUFFER_TOO_SMALL;
+        goto exit;
+    }
+    tag = ciphertext + plaintext_length;
 
     if( alg == PSA_ALG_GCM )
     {
-        mbedtls_gcm_context gcm;
-        tag_length = 16;
-
-        if( PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ) != 16 )
-            return( PSA_ERROR_INVALID_ARGUMENT );
-
-        //make sure we have place to hold the tag in the ciphertext buffer
-        if( ciphertext_size < ( plaintext_length + tag_length ) )
-            return( PSA_ERROR_BUFFER_TOO_SMALL );
-
-        //update the tag pointer to point to the end of the ciphertext_length
-        tag = ciphertext + plaintext_length;
-
-        mbedtls_gcm_init( &gcm );
-        ret = mbedtls_gcm_setkey( &gcm, cipher_id,
-                                  slot->data.raw.data,
-                                  (unsigned int) key_bits );
-        if( ret != 0 )
-        {
-            mbedtls_gcm_free( &gcm );
-            return( mbedtls_to_psa_error( ret ) );
-        }
-        ret = mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_ENCRYPT,
-                                         plaintext_length, nonce,
-                                         nonce_length, additional_data,
-                                         additional_data_length, plaintext,
-                                         ciphertext, tag_length, tag );
-        mbedtls_gcm_free( &gcm );
+        status = mbedtls_to_psa_error(
+            mbedtls_gcm_crypt_and_tag( &operation.ctx.gcm,
+                                       MBEDTLS_GCM_ENCRYPT,
+                                       plaintext_length,
+                                       nonce, nonce_length,
+                                       additional_data, additional_data_length,
+                                       plaintext, ciphertext,
+                                       operation.tag_length, tag ) );
     }
     else if( alg == PSA_ALG_CCM )
     {
-        mbedtls_ccm_context ccm;
-        tag_length = 16;
-
-        if( PSA_BLOCK_CIPHER_BLOCK_SIZE( slot->type ) != 16 )
-            return( PSA_ERROR_INVALID_ARGUMENT );
-
-        if( nonce_length < 7 || nonce_length > 13 )
-            return( PSA_ERROR_INVALID_ARGUMENT );
-
-        //make sure we have place to hold the tag in the ciphertext buffer
-        if( ciphertext_size < ( plaintext_length + tag_length ) )
-            return( PSA_ERROR_BUFFER_TOO_SMALL );
-
-        //update the tag pointer to point to the end of the ciphertext_length
-        tag = ciphertext + plaintext_length;
-
-        mbedtls_ccm_init( &ccm );
-        ret = mbedtls_ccm_setkey( &ccm, cipher_id,
-                                  slot->data.raw.data,
-                                  (unsigned int) key_bits );
-        if( ret != 0 )
-        {
-            mbedtls_ccm_free( &ccm );
-            return( mbedtls_to_psa_error( ret ) );
-        }
-        ret = mbedtls_ccm_encrypt_and_tag( &ccm, plaintext_length,
-                                           nonce, nonce_length,
-                                           additional_data,
-                                           additional_data_length,
-                                           plaintext, ciphertext,
-                                           tag, tag_length );
-        mbedtls_ccm_free( &ccm );
+        status = mbedtls_to_psa_error(
+            mbedtls_ccm_encrypt_and_tag( &operation.ctx.ccm,
+                                         plaintext_length,
+                                         nonce, nonce_length,
+                                         additional_data,
+                                         additional_data_length,
+                                         plaintext, ciphertext,
+                                         tag, operation.tag_length ) );
     }
     else
     {
         return( PSA_ERROR_NOT_SUPPORTED );
     }
 
-    if( ret != 0 )
-    {
-        /* If ciphertext_size is 0 then ciphertext may be NULL and then the
-         * call to memset would have undefined behavior. */
-        if( ciphertext_size != 0 )
-            memset( ciphertext, 0, ciphertext_size );
-        return( mbedtls_to_psa_error( ret ) );
-    }
+    if( status != PSA_SUCCESS && ciphertext_size != 0 )
+        memset( ciphertext, 0, ciphertext_size );
 
-    *ciphertext_length = plaintext_length + tag_length;
-    return( PSA_SUCCESS );
+exit:
+    psa_aead_abort( &operation, alg );
+    if( status == PSA_SUCCESS )
+        *ciphertext_length = plaintext_length + operation.tag_length;
+    return( status );
 }
 
 /* Locate the tag in a ciphertext buffer containing the encrypted data
@@ -2975,108 +3018,63 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
                                size_t plaintext_size,
                                size_t *plaintext_length )
 {
-    int ret;
     psa_status_t status;
-    key_slot_t *slot;
-    size_t key_bits;
-    const uint8_t *tag;
-    size_t tag_length;
-    mbedtls_cipher_id_t cipher_id;
-    const mbedtls_cipher_info_t *cipher_info = NULL;
+    aead_operation_t operation;
+    const uint8_t *tag = NULL;
 
     *plaintext_length = 0;
 
-    status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DECRYPT, alg );
+    status = psa_aead_setup( &operation, key, PSA_KEY_USAGE_DECRYPT, alg );
     if( status != PSA_SUCCESS )
         return( status );
-    key_bits = psa_get_key_bits( slot );
-
-    cipher_info = mbedtls_cipher_info_from_psa( alg, slot->type,
-                                                key_bits, &cipher_id );
-    if( cipher_info == NULL )
-        return( PSA_ERROR_NOT_SUPPORTED );
-
-    if( ( slot->type & PSA_KEY_TYPE_CATEGORY_MASK ) !=
-        PSA_KEY_TYPE_CATEGORY_SYMMETRIC )
-        return( PSA_ERROR_INVALID_ARGUMENT );
 
     if( alg == PSA_ALG_GCM )
     {
-        mbedtls_gcm_context gcm;
-
-        tag_length = 16;
-        status = psa_aead_unpadded_locate_tag( tag_length,
+        status = psa_aead_unpadded_locate_tag( operation.tag_length,
                                                ciphertext, ciphertext_length,
                                                plaintext_size, &tag );
         if( status != PSA_SUCCESS )
-            return( status );
+            goto exit;
 
-        mbedtls_gcm_init( &gcm );
-        ret = mbedtls_gcm_setkey( &gcm, cipher_id,
-                                  slot->data.raw.data,
-                                  (unsigned int) key_bits );
-        if( ret != 0 )
-        {
-            mbedtls_gcm_free( &gcm );
-            return( mbedtls_to_psa_error( ret ) );
-        }
-
-        ret = mbedtls_gcm_auth_decrypt( &gcm,
-                                        ciphertext_length - tag_length,
-                                        nonce, nonce_length,
-                                        additional_data,
-                                        additional_data_length,
-                                        tag, tag_length,
-                                        ciphertext, plaintext );
-        mbedtls_gcm_free( &gcm );
+        status = mbedtls_to_psa_error(
+            mbedtls_gcm_auth_decrypt( &operation.ctx.gcm,
+                                      ciphertext_length - operation.tag_length,
+                                      nonce, nonce_length,
+                                      additional_data,
+                                      additional_data_length,
+                                      tag, operation.tag_length,
+                                      ciphertext, plaintext ) );
     }
     else if( alg == PSA_ALG_CCM )
     {
-        mbedtls_ccm_context ccm;
-
-        if( nonce_length < 7 || nonce_length > 13 )
-            return( PSA_ERROR_INVALID_ARGUMENT );
-
-        tag_length = 16;
-        status = psa_aead_unpadded_locate_tag( tag_length,
+        status = psa_aead_unpadded_locate_tag( operation.tag_length,
                                                ciphertext, ciphertext_length,
                                                plaintext_size, &tag );
         if( status != PSA_SUCCESS )
-            return( status );
+            goto exit;
 
-        mbedtls_ccm_init( &ccm );
-        ret = mbedtls_ccm_setkey( &ccm, cipher_id,
-                                  slot->data.raw.data,
-                                  (unsigned int) key_bits );
-        if( ret != 0 )
-        {
-            mbedtls_ccm_free( &ccm );
-            return( mbedtls_to_psa_error( ret ) );
-        }
-        ret = mbedtls_ccm_auth_decrypt( &ccm, ciphertext_length - tag_length,
-                                        nonce, nonce_length,
-                                        additional_data,
-                                        additional_data_length,
-                                        ciphertext, plaintext,
-                                        tag, tag_length );
-        mbedtls_ccm_free( &ccm );
+        status = mbedtls_to_psa_error(
+            mbedtls_ccm_auth_decrypt( &operation.ctx.ccm,
+                                      ciphertext_length - operation.tag_length,
+                                      nonce, nonce_length,
+                                      additional_data,
+                                      additional_data_length,
+                                      ciphertext, plaintext,
+                                      tag, operation.tag_length ) );
     }
     else
     {
         return( PSA_ERROR_NOT_SUPPORTED );
     }
 
-    if( ret != 0 )
-    {
-        /* If plaintext_size is 0 then plaintext may be NULL and then the
-         * call to memset has undefined behavior. */
-        if( plaintext_size != 0 )
-            memset( plaintext, 0, plaintext_size );
-    }
-    else
-        *plaintext_length = ciphertext_length - tag_length;
+    if( status != PSA_SUCCESS && plaintext_size != 0 )
+        memset( plaintext, 0, plaintext_size );
 
-    return( mbedtls_to_psa_error( ret ) );
+exit:
+    psa_aead_abort( &operation, alg );
+    if( status == PSA_SUCCESS )
+        *plaintext_length = ciphertext_length - operation.tag_length;
+    return( status );
 }
 
 

From 7da96b0d913169d3811a39c39522293b5055fd15 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 17 Aug 2018 18:45:42 +0200
Subject: [PATCH 518/889] Reorder parameters of AEAD unit tests to be more
 logical

Pass the nonce first, then the AD, then the input. This is the order
in which the data is processed and it's the order of the parameters to
the API functions.
---
 tests/suites/test_suite_psa_crypto.data     | 32 ++++++++++-----------
 tests/suites/test_suite_psa_crypto.function | 30 ++++++++++---------
 2 files changed, 33 insertions(+), 29 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index b76f3071e..71b0d1b2d 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -694,67 +694,67 @@ cipher_verify_output_multipart:PSA_ALG_CBC_PKCS7:PSA_KEY_TYPE_AES:"2b7e151628aed
 
 PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #1
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B":"000102030405060708090A0B":PSA_SUCCESS
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"000102030405060708090A0B":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E":PSA_SUCCESS
 
 PSA AEAD encrypt/decrypt: AES-CCM, 19 bytes #2
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_SUCCESS
 
 PSA AEAD encrypt/decrypt: DES-CCM not supported
 depends_on:MBEDTLS_DES_C:MBEDTLS_CCM_C
-aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
+aead_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_ERROR_NOT_SUPPORTED
 
 PSA AEAD encrypt: AES-CCM, 23 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8"
+aead_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8"
 
 PSA AEAD encrypt: AES-CCM, 24 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
 
 PSA AEAD decrypt: AES-CCM, 39 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"0BE1A88BACE018B1":"00412B4EA9CDBE3C9696766CFA":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS
+aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS
 
 PSA AEAD decrypt, AES-CCM, 40 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
 
 PSA AEAD decrypt: AES-CCM, invalid signature
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"48c0906930561e0ab0ef4cd972":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
 
 PSA AEAD encrypt/decrypt, AES-GCM, 19 bytes #1
 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"0C0D0E0F101112131415161718191A1B1C1D1E":"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":PSA_SUCCESS
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E":PSA_SUCCESS
 
 PSA AEAD encrypt/decrypt, AES GCM, 19 bytes #2
 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_SUCCESS
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_SUCCESS
 
 PSA AEAD encrypt, AES-GCM, 128 bytes #1
 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
 
 PSA AEAD encrypt, AES-GCM, 128 bytes #2
 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56"
+aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56"
 
 PSA AEAD decrypt, AES-GCM, 144 bytes #1
 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"00e440846db73a490573deaf3728c94f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
 
 PSA AEAD decrypt, AES-GCM, 144 bytes #2
 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS
+aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS
 
 PSA AEAD decrypt, AES-GCM, invalid signature
 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"97ce3f848276783599c6875de324361e":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE
+aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE
 
 PSA AEAD encrypt/decrypt: invalid algorithm (CTR)
 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
-aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"B96B49E21D621741632875DB7F6C9243D2D7C2":"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":PSA_ERROR_NOT_SUPPORTED
+aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_ERROR_NOT_SUPPORTED
 
 PSA signature size: RSA keypair, 1024 bits, PKCS#1 v1.5 raw
 signature_size:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:128
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 9f1945809..5503c94b6 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -2283,12 +2283,11 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void aead_encrypt_decrypt( int key_type_arg,
-                           data_t * key_data,
+void aead_encrypt_decrypt( int key_type_arg, data_t *key_data,
                            int alg_arg,
-                           data_t * input_data,
-                           data_t * nonce,
-                           data_t * additional_data,
+                           data_t *nonce,
+                           data_t *additional_data,
+                           data_t *input_data,
                            int expected_result_arg )
 {
     int slot = 1;
@@ -2359,10 +2358,12 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void aead_encrypt( int key_type_arg, data_t * key_data,
-                   int alg_arg, data_t * input_data,
-                   data_t * additional_data, data_t * nonce,
-                   data_t * expected_result )
+void aead_encrypt( int key_type_arg, data_t *key_data,
+                   int alg_arg,
+                   data_t *nonce,
+                   data_t *additional_data,
+                   data_t *input_data,
+                   data_t *expected_result )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;
@@ -2415,10 +2416,13 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void aead_decrypt( int key_type_arg, data_t * key_data,
-                   int alg_arg, data_t * input_data,
-                   data_t * additional_data, data_t * nonce,
-                   data_t * expected_data, int expected_result_arg )
+void aead_decrypt( int key_type_arg, data_t *key_data,
+                   int alg_arg,
+                   data_t *nonce,
+                   data_t *additional_data,
+                   data_t *input_data,
+                   data_t *expected_data,
+                   int expected_result_arg )
 {
     int slot = 1;
     psa_key_type_t key_type = key_type_arg;

From 23cc2ff9a82b4d6b0e9abbfc6ca16b5d47c1e460 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 17 Aug 2018 19:47:52 +0200
Subject: [PATCH 519/889] Add support for non-default-tag-size AEAD (CCM and
 GCM)

---
 include/psa/crypto.h                          | 36 ++++++++++++++---
 include/psa/crypto_sizes.h                    | 12 +++---
 library/psa_crypto.c                          | 39 +++++++++++++------
 .../test_suite_psa_crypto_metadata.function   |  2 +-
 4 files changed, 66 insertions(+), 23 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 0269be959..c22e85338 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -884,8 +884,34 @@ typedef uint32_t psa_algorithm_t;
  */
 #define PSA_ALG_CBC_PKCS7                       ((psa_algorithm_t)0x04600101)
 
-#define PSA_ALG_CCM                             ((psa_algorithm_t)0x06000001)
-#define PSA_ALG_GCM                             ((psa_algorithm_t)0x06000002)
+#define PSA_ALG_CCM                             ((psa_algorithm_t)0x06001001)
+#define PSA_ALG_GCM                             ((psa_algorithm_t)0x06001002)
+
+#define PSA_ALG_AEAD_TAG_LENGTH_MASK            ((psa_algorithm_t)0x00003f00)
+#define PSA_AEAD_TAG_LENGTH_OFFSET 8
+
+/** Macro to build a shortened AEAD algorithm.
+ *
+ * A shortened AEAD algorithm is similar to the corresponding AEAD
+ * algorithm, but has an authentication tag that consists of fewer bytes.
+ * Depending on the algorithm, the tag length may affect the calculation
+ * of the ciphertext.
+ *
+ * \param alg           A AEAD algorithm identifier (value of type
+ *                      #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p alg)
+ *                      is true).
+ * \param mac_length    Desired length of the authentication tag in bytes.
+ *
+ * \return              The corresponding AEAD algorithm with the specified
+ *                      length.
+ * \return              Unspecified if \p alg is not a supported
+ *                      AEAD algorithm or if \p tag_length is not valid
+ *                      for the specified AEAD algorithm.
+ */
+#define PSA_ALG_AEAD_WITH_TAG_LENGTH(alg, tag_length)                   \
+    (((alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) |                          \
+     ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET &                      \
+      PSA_ALG_AEAD_TAG_LENGTH_MASK))
 
 #define PSA_ALG_RSA_PKCS1V15_SIGN_BASE          ((psa_algorithm_t)0x10020000)
 /** RSA PKCS#1 v1.5 signature with hashing.
@@ -2432,9 +2458,9 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
  *                            correct size for an AEAD algorithm that it
  *                            recognizes, but does not support.
  */
-#define PSA_AEAD_TAG_SIZE(alg)             \
-    ((alg) == PSA_ALG_GCM ? 16 :           \
-     (alg) == PSA_ALG_CCM ? 16 :           \
+#define PSA_AEAD_TAG_LENGTH(alg)                                        \
+    (PSA_ALG_IS_AEAD(alg) ?                                             \
+     (((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET) : \
      0)
 
 /** Process an authenticated encryption operation.
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index c058afc38..169566ece 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -188,9 +188,9 @@
  *                            correct size for an AEAD algorithm that it
  *                            recognizes, but does not support.
  */
-#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length)     \
-    (PSA_AEAD_TAG_SIZE(alg) != 0 ?                              \
-     (plaintext_length) + PSA_AEAD_TAG_SIZE(alg) :              \
+#define PSA_AEAD_ENCRYPT_OUTPUT_SIZE(alg, plaintext_length)       \
+    (PSA_AEAD_TAG_LENGTH(alg) != 0 ?                              \
+     (plaintext_length) + PSA_AEAD_TAG_LENGTH(alg) :              \
      0)
 
 /** The maximum size of the output of psa_aead_decrypt(), in bytes.
@@ -212,9 +212,9 @@
  *                            correct size for an AEAD algorithm that it
  *                            recognizes, but does not support.
  */
-#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length)    \
-    (PSA_AEAD_TAG_SIZE(alg) != 0 ?                              \
-     (plaintext_length) - PSA_AEAD_TAG_SIZE(alg) :              \
+#define PSA_AEAD_DECRYPT_OUTPUT_SIZE(alg, ciphertext_length)      \
+    (PSA_AEAD_TAG_LENGTH(alg) != 0 ?                              \
+     (plaintext_length) - PSA_AEAD_TAG_LENGTH(alg) :              \
      0)
 
 /** Safe signature buffer size for psa_asymmetric_sign().
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 82af92086..44862424d 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1224,6 +1224,9 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
     mbedtls_cipher_mode_t mode;
     mbedtls_cipher_id_t cipher_id_tmp;
 
+    if( PSA_ALG_IS_AEAD( alg ) )
+        alg &= ~PSA_ALG_AEAD_TAG_LENGTH_MASK;
+
     if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) )
     {
         switch( alg )
@@ -1246,10 +1249,10 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
             case PSA_ALG_CBC_PKCS7:
                 mode = MBEDTLS_MODE_CBC;
                 break;
-            case PSA_ALG_CCM:
+            case PSA_ALG_CCM & ~PSA_ALG_AEAD_TAG_LENGTH_MASK:
                 mode = MBEDTLS_MODE_CCM;
                 break;
-            case PSA_ALG_GCM:
+            case PSA_ALG_GCM & ~PSA_ALG_AEAD_TAG_LENGTH_MASK:
                 mode = MBEDTLS_MODE_GCM;
                 break;
             default:
@@ -2834,6 +2837,8 @@ typedef struct
         mbedtls_gcm_context gcm;
 #endif /* MBEDTLS_GCM_C */
     } ctx;
+    psa_algorithm_t core_alg;
+    uint8_t full_tag_length;
     uint8_t tag_length;
 } aead_operation_t;
 
@@ -2876,11 +2881,12 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation,
     if( operation->cipher_info == NULL )
         return( PSA_ERROR_NOT_SUPPORTED );
 
-    switch( alg )
+    switch( PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 0 ) )
     {
 #if defined(MBEDTLS_CCM_C)
-        case PSA_ALG_CCM:
-            operation->tag_length = 16;
+        case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 0 ):
+            operation->core_alg = PSA_ALG_CCM;
+            operation->full_tag_length = 16;
             if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->type ) != 16 )
                 return( PSA_ERROR_INVALID_ARGUMENT );
             mbedtls_ccm_init( &operation->ctx.ccm );
@@ -2894,8 +2900,9 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation,
 #endif /* MBEDTLS_CCM_C */
 
 #if defined(MBEDTLS_GCM_C)
-        case PSA_ALG_GCM:
-            operation->tag_length = 16;
+        case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 0 ):
+            operation->core_alg = PSA_ALG_GCM;
+            operation->full_tag_length = 16;
             if( PSA_BLOCK_CIPHER_BLOCK_SIZE( operation->slot->type ) != 16 )
                 return( PSA_ERROR_INVALID_ARGUMENT );
             mbedtls_gcm_init( &operation->ctx.gcm );
@@ -2910,6 +2917,16 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation,
             return( PSA_ERROR_NOT_SUPPORTED );
     }
 
+    if( PSA_AEAD_TAG_LENGTH( alg ) > operation->full_tag_length )
+    {
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto cleanup;
+    }
+    operation->tag_length = PSA_AEAD_TAG_LENGTH( alg );
+    /* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16.
+     * GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16.
+     * In both cases, mbedtls_xxx will validate the tag length below. */
+
     return( PSA_SUCCESS );
 
 cleanup:
@@ -2948,7 +2965,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     }
     tag = ciphertext + plaintext_length;
 
-    if( alg == PSA_ALG_GCM )
+    if( operation.core_alg == PSA_ALG_GCM )
     {
         status = mbedtls_to_psa_error(
             mbedtls_gcm_crypt_and_tag( &operation.ctx.gcm,
@@ -2959,7 +2976,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
                                        plaintext, ciphertext,
                                        operation.tag_length, tag ) );
     }
-    else if( alg == PSA_ALG_CCM )
+    else if( operation.core_alg == PSA_ALG_CCM )
     {
         status = mbedtls_to_psa_error(
             mbedtls_ccm_encrypt_and_tag( &operation.ctx.ccm,
@@ -3028,7 +3045,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     if( status != PSA_SUCCESS )
         return( status );
 
-    if( alg == PSA_ALG_GCM )
+    if( operation.core_alg == PSA_ALG_GCM )
     {
         status = psa_aead_unpadded_locate_tag( operation.tag_length,
                                                ciphertext, ciphertext_length,
@@ -3045,7 +3062,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
                                       tag, operation.tag_length,
                                       ciphertext, plaintext ) );
     }
-    else if( alg == PSA_ALG_CCM )
+    else if( operation.core_alg == PSA_ALG_CCM )
     {
         status = psa_aead_unpadded_locate_tag( operation.tag_length,
                                                ciphertext, ciphertext_length,
diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
index ca9d5576a..a264389cd 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.function
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -227,7 +227,7 @@ void aead_algorithm( int alg_arg, int classification_flags,
     algorithm_classification( alg, classification_flags );
 
     /* Tag length */
-    TEST_ASSERT( tag_length == PSA_AEAD_TAG_SIZE( alg ) );
+    TEST_ASSERT( tag_length == PSA_AEAD_TAG_LENGTH( alg ) );
 }
 /* END_CASE */
 

From be00a71c90991c867247b2c554c5e5bafc951451 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 17 Aug 2018 19:59:43 +0200
Subject: [PATCH 520/889] Add tests for shorter-tag AEAD (CCM, GCM)

---
 tests/suites/test_suite_psa_crypto.data | 96 +++++++++++++++++++++++++
 1 file changed, 96 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 71b0d1b2d..d8a5924cb 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -712,6 +712,34 @@ PSA AEAD encrypt: AES-CCM, 24 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
 aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
 
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=4
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=6
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 6 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=8
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 8 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=10
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 10 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=12
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 12 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=14
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 14 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f"
+
+PSA AEAD encrypt: AES-CCM, 24 bytes, T=16
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 16 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
+
 PSA AEAD decrypt: AES-CCM, 39 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
 aead_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS
@@ -720,10 +748,50 @@ PSA AEAD decrypt, AES-CCM, 40 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
 aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
 
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=4
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=6
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 6 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=8
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 8 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=10
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 10 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=12
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 12 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=14
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 14 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
+PSA AEAD decrypt: AES-CCM, 24 bytes, T=16
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 16 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
+
 PSA AEAD decrypt: AES-CCM, invalid signature
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
 aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
 
+PSA AEAD decrypt: AES-CCM, invalid signature, T=4
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f38":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
+
+PSA AEAD decrypt: AES-CCM, truncated tag of the right length
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
+
+PSA AEAD decrypt: AES-CCM, invalid tag length 0
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 0 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
 PSA AEAD encrypt/decrypt, AES-GCM, 19 bytes #1
 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E":PSA_SUCCESS
@@ -740,6 +808,18 @@ PSA AEAD encrypt, AES-GCM, 128 bytes #2
 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 aead_encrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56"
 
+PSA AEAD encrypt, AES-GCM, 128 bytes #1, T=4
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 4 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847f"
+
+PSA AEAD encrypt, AES-GCM, 128 bytes #1, T=15
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a"
+
+PSA AEAD encrypt, AES-GCM, 128 bytes #1, T=16
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 16 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
+
 PSA AEAD decrypt, AES-GCM, 144 bytes #1
 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
@@ -748,10 +828,26 @@ PSA AEAD decrypt, AES-GCM, 144 bytes #2
 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12495120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_SUCCESS
 
+PSA AEAD decrypt, AES-GCM, 144 bytes, T=4
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 4 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847f":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
+
+PSA AEAD decrypt, AES-GCM, 144 bytes, T=15
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
+
+PSA AEAD decrypt, AES-GCM, 144 bytes, T=16
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 16 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_SUCCESS
+
 PSA AEAD decrypt, AES-GCM, invalid signature
 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 aead_decrypt:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f6bac793bdc2190a195122c98544ccf56":"194c8bbbfae4a671386b8cd38f390f46f9df6b8661b470c310921a1c858a938045834bb10380037fbf5f5e00688554537be0fcafe8270b9b59068fa056ab1268fc166c2d729243a06650a171c929c7845c85330c04568d62977eedf3b1ba9dca13bdb8f9522817c8cb99e635e37465ec1c9f6f148d51437aa9f994a62e1bd013":PSA_ERROR_INVALID_SIGNATURE
 
+PSA AEAD decrypt, AES-GCM, T=15 but passing 16 bytes
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_INVALID_SIGNATURE
+
 PSA AEAD encrypt/decrypt: invalid algorithm (CTR)
 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_ERROR_NOT_SUPPORTED

From 70f46e17e8c08022c9c0303074165976c745cc3f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 20 Aug 2018 15:07:53 +0200
Subject: [PATCH 521/889] New macro PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH

Useful to analyze algorithm values.
---
 include/psa/crypto.h | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index c22e85338..ac3852912 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -913,6 +913,24 @@ typedef uint32_t psa_algorithm_t;
      ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET &                      \
       PSA_ALG_AEAD_TAG_LENGTH_MASK))
 
+/** Calculate the corresponding AEAD algorithm with the default tag length.
+ *
+ * \param alg   An AEAD algorithm (\c PSA_ALG_XXX value such that
+ *              #PSA_ALG_IS_AEAD(\p alg) is true).
+ *
+ * \return      The corresponding AEAD algorithm with the default tag length
+ *              for that algorithm.
+ */
+#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg)                       \
+    (                                                                   \
+        PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, PSA_ALG_CCM)   \
+        PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, PSA_ALG_GCM)   \
+        0)
+#define PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, ref) \
+    PSA_ALG_AEAD_WITH_TAG_LENGTH(alg, 0) == \
+    PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ?  \
+    ref :
+
 #define PSA_ALG_RSA_PKCS1V15_SIGN_BASE          ((psa_algorithm_t)0x10020000)
 /** RSA PKCS#1 v1.5 signature with hashing.
  *

From 0deaf3d8d71d38a5b2258e3dcca34a02ece331ff Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 20 Aug 2018 15:06:39 +0200
Subject: [PATCH 522/889] psa_constant_names: new function append_integer

Factor repeated code into a new function append_integer.
---
 programs/psa/psa_constant_names.c | 22 ++++++++++++++--------
 scripts/generate_psa_constants.py |  8 ++++----
 2 files changed, 18 insertions(+), 12 deletions(-)

diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c
index d422e14f6..755bc8c1e 100644
--- a/programs/psa/psa_constant_names.c
+++ b/programs/psa/psa_constant_names.c
@@ -21,6 +21,16 @@ static void append(char **buffer, size_t buffer_size,
     }
 }
 
+static void append_integer(char **buffer, size_t buffer_size,
+                           size_t *required_size,
+                           const char *format /*printf format for value*/,
+                           unsigned long value)
+{
+    size_t n = snprintf(*buffer, buffer_size - *required_size, format, value);
+    if (n < buffer_size - *required_size) *buffer += n;
+    *required_size += n;
+}
+
 /* The code of these function is automatically generated and included below. */
 static const char *psa_ecc_curve_name(psa_ecc_curve_t curve);
 static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg);
@@ -37,10 +47,8 @@ static void append_with_curve(char **buffer, size_t buffer_size,
         append(buffer, buffer_size, required_size,
                curve_name, strlen(curve_name));
     } else {
-        size_t n = snprintf(*buffer, buffer_size - *required_size,
-                            "0x%04x", (unsigned) curve);
-        if (n < buffer_size - *required_size) *buffer += n;
-        *required_size += n;
+        append_integer(buffer, buffer_size, required_size,
+                       "0x%04x", curve);
     }
     append(buffer, buffer_size, required_size, ")", 1);
 }
@@ -57,10 +65,8 @@ static void append_with_hash(char **buffer, size_t buffer_size,
         append(buffer, buffer_size, required_size,
                hash_name, strlen(hash_name));
     } else {
-        size_t n = snprintf(*buffer, buffer_size - *required_size,
-                            "0x%08lx", (unsigned long) hash_alg);
-        if (n < buffer_size - *required_size) *buffer += n;
-        *required_size += n;
+        append_integer(buffer, buffer_size, required_size,
+                       "0x%08lx", hash_alg);
     }
     append(buffer, buffer_size, required_size, ")", 1);
 }
diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py
index 7ab1c0a93..0e80f40c5 100755
--- a/scripts/generate_psa_constants.py
+++ b/scripts/generate_psa_constants.py
@@ -55,8 +55,8 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size,
     %(algorithm_cases)s
     default:
         %(algorithm_code)s{
-            return snprintf(buffer, buffer_size,
-                            "0x%%08lx", (unsigned long) alg);
+            append_integer(&buffer, buffer_size, &required_size,
+                           "0x%%08lx", (unsigned long) alg);
         }
         break;
     }
@@ -82,8 +82,8 @@ static int psa_snprint_key_usage(char *buffer, size_t buffer_size,
         if (required_size != 0) {
             append(&buffer, buffer_size, &required_size, " | ", 3);
         }
-        required_size += snprintf(buffer, buffer_size - required_size,
-                                  "0x%%08x", usage);
+        append_integer(&buffer, buffer_size, &required_size,
+                       "0x%%08lx", (unsigned long) usage);
     } else {
         buffer[0] = 0;
     }

From 498c2a1ff5fdca66c4600c00deaeeefcfa2b3ad9 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 20 Aug 2018 15:07:20 +0200
Subject: [PATCH 523/889] psa_constant_names: support truncated MAC and AEAD

---
 scripts/generate_psa_constants.py | 29 ++++++++++++++++++++++++++---
 1 file changed, 26 insertions(+), 3 deletions(-)

diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py
index 0e80f40c5..85bfe3ae9 100755
--- a/scripts/generate_psa_constants.py
+++ b/scripts/generate_psa_constants.py
@@ -51,7 +51,24 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size,
                                  psa_algorithm_t alg)
 {
     size_t required_size = 0;
-    switch (alg) {
+    psa_algorithm_t core_alg = alg;
+    unsigned long length_modifier = 0;
+    if (PSA_ALG_IS_MAC(alg)) {
+        core_alg = PSA_ALG_TRUNCATED_MAC(alg, 0);
+        if (core_alg != alg) {
+            append(&buffer, buffer_size, &required_size,
+                   "PSA_ALG_TRUNCATED_MAC(", 22);
+            length_modifier = PSA_MAC_TRUNCATED_LENGTH(alg);
+        }
+    } else if (PSA_ALG_IS_AEAD(alg)) {
+        core_alg = PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg);
+        if (core_alg != alg) {
+            append(&buffer, buffer_size, &required_size,
+                   "PSA_ALG_AEAD_WITH_TAG_LENGTH(", 29);
+            length_modifier = PSA_AEAD_TAG_LENGTH(alg);
+        }
+    }
+    switch (core_alg) {
     %(algorithm_cases)s
     default:
         %(algorithm_code)s{
@@ -60,6 +77,12 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size,
         }
         break;
     }
+    if (core_alg != alg) {
+        append(&buffer, buffer_size, &required_size, ", ", 2);
+        append_integer(&buffer, buffer_size, &required_size,
+                       "%%lu", length_modifier);
+        append(&buffer, buffer_size, &required_size, ")", 1);
+    }
     buffer[0] = 0;
     return required_size;
 }
@@ -99,10 +122,10 @@ key_type_from_curve_template = '''if (%(tester)s(type)) {
                               PSA_KEY_TYPE_GET_CURVE(type));
         } else '''
 
-algorithm_from_hash_template = '''if (%(tester)s(alg)) {
+algorithm_from_hash_template = '''if (%(tester)s(core_alg)) {
             append_with_hash(&buffer, buffer_size, &required_size,
                              "%(builder)s", %(builder_length)s,
-                             PSA_ALG_GET_HASH(alg));
+                             PSA_ALG_GET_HASH(core_alg));
         } else '''
 
 bit_test_template = '''\

From 38808fa094d6cb50e2108081f476ea608f69d492 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 20 Aug 2018 15:07:37 +0200
Subject: [PATCH 524/889] psa_constant_names: fix some copypasta

---
 programs/psa/psa_constant_names.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c
index 755bc8c1e..55a70c60d 100644
--- a/programs/psa/psa_constant_names.c
+++ b/programs/psa/psa_constant_names.c
@@ -113,9 +113,9 @@ static void usage(const char *program_name)
            program_name == NULL ? "psa_constant_names" : program_name);
     printf("Print the symbolic name whose numerical value is VALUE in TYPE.\n");
     printf("Supported types (with = between aliases):\n");
-    printf("  alg=algorithm         Status code (psa_algorithm_t)\n");
+    printf("  alg=algorithm         Algorithm (psa_algorithm_t)\n");
     printf("  curve=ecc_curve       Elliptic curve identifier (psa_ecc_curve_t)\n");
-    printf("  type=key_type         Status code (psa_key_type_t)\n");
+    printf("  type=key_type         Key type (psa_key_type_t)\n");
     printf("  usage=key_usage       Key usage (psa_key_usage_t)\n");
     printf("  error=status          Status code (psa_status_t)\n");
 }

From 3111981d94a41f74a561f65def0e40a278842e8d Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 21 Aug 2018 14:47:48 +0200
Subject: [PATCH 525/889] Fix parameter name in Doxygen documentation

---
 include/psa/crypto.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index ac3852912..a64610773 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -900,7 +900,7 @@ typedef uint32_t psa_algorithm_t;
  * \param alg           A AEAD algorithm identifier (value of type
  *                      #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p alg)
  *                      is true).
- * \param mac_length    Desired length of the authentication tag in bytes.
+ * \param tag_length    Desired length of the authentication tag in bytes.
  *
  * \return              The corresponding AEAD algorithm with the specified
  *                      length.

From 5b3417a3d10c08b99516a327a53471d6ee9e850f Mon Sep 17 00:00:00 2001
From: Derek Miller <derek.miller@arm.com>
Date: Wed, 10 Oct 2018 17:55:03 -0500
Subject: [PATCH 526/889] Added the crypto driver API header file

---
 include/psa/crypto_driver.h | 1287 +++++++++++++++++++++++++++++++++++
 1 file changed, 1287 insertions(+)
 create mode 100644 include/psa/crypto_driver.h

diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h
new file mode 100644
index 000000000..64c21b591
--- /dev/null
+++ b/include/psa/crypto_driver.h
@@ -0,0 +1,1287 @@
+#ifndef __PSA_CRYPTO_DRIVER_H__
+#define __PSA_CRYPTO_DRIVER_H__
+
+#include <stddef.h>
+#include <stdint.h>
+
+typedef uint32_t psa_status_t;
+typedef uint32_t psa_algorithm_t;
+typedef uint32_t encrypt_or_decrypt_t;
+typedef uint32_t psa_key_slot_t;
+typedef uint32_t psa_key_type_t;
+
+/** \defgroup opaque_mac Opaque Message Authentication Code
+ * @{
+ */
+/** \brief A function that starts an MAC operation for a PSA Crypto Driver implementation using an opaque key
+ * 
+ * \param p_context     A structure that will contain the hardware-specific MAC context
+ * \param key_slot      The slot of the key to be used for the operation
+ * \param algorithm     The algorithm to be used to underly the MAC operation
+ * 
+ * \retval  PSA_SUCCESS
+ *          Success.
+ */
+typedef psa_status_t (*pcd_mac_opaque_setup_t)( void *p_context,
+                                                psa_key_slot_t key_slot,
+                                                psa_algorithm_t algorithm );
+
+/** \brief A function that continues a previously started MAC operation using an opaque key
+ * 
+ * \param p_context     A hardware-specific structure for the previously-established MAC operation to be continued
+ * \param p_input       A buffer containing the message to be appended to the MAC operation
+ * \param input_length  The size in bytes of the input message buffer
+ */
+typedef psa_status_t (*pcd_mac_opaque_update_t)( void *p_context,
+                                                 const unsigned char *p_input,
+                                                 size_t input_length );
+
+/** \brief a function that completes a previously started MAC operation by returning the resulting MAC using an opaque key
+ * 
+ * \param p_context         A hardware-specific structure for the previously started MAC operation to be fiinished
+ * \param p_output          A buffer where the generated MAC will be placed
+ * \param output_size       The size in bytes of the buffer that has been allocated for the `output` buffer
+ * \param p_output_length   After completion, the address will contain the number of bytes placed in the `p_output` buffer
+ * 
+ * \retval PSA_SUCCESS
+ *          Success.
+ */
+typedef psa_status_t (*pcd_mac_opaque_finish_t)( void *p_ctx,
+                                                 unsigned char *p_output,
+                                                 size_t output_size,
+                                                 size_t *p_output_length );
+
+/** \brief A function that completes a previously started MAC operation by comparing the resulting MAC against a known value
+ *   using an opaque key
+ * 
+ * \param p_context     A hardware-specific structure for the previously started MAC operation to be fiinished
+ * \param p_mac         The MAC value against which the resulting MAC will be compared against
+ * \param mac_length    The size in bytes of the value stored in `mac`
+ * 
+ * \retval PSA_SUCCESS
+ *         The operation completed successfully and the MACs matched each other
+ * \retval PSA_ERROR_INVALID_SIGNATURE
+ *         The operation completed successfully, but the calculated MAC did not match the provided MAC
+ */
+typedef psa_status_t (*pcd_mac_opaque_finish_verify_t)( void *p_context,
+                                                        const unsigned char *p_mac,
+                                                        size_t mac_length );
+
+/** \brief A funciton that performs an MAC operation in one command and return the calculated MAC using an opaque key
+ * 
+ * \param p_input           A buffer containing the message to be MACed
+ * \param input_length      The size in bytes of `input`
+ * \param key_slot          The slot of the key to be used
+ * \param alg               The algorithm to be used to underlie the MAC operation
+ * \param p_output          A buffer where the generated MAC will be placed
+ * \param output_size       The size in bytes of the `output` buffer
+ * \param p_output_length   After completion, the address will contain the number of bytes placed in the `output` buffer
+ * 
+ * \retval PSA_SUCCESS
+ *         Success.
+ */
+typedef psa_status_t (*pcd_mac_opaque_t)( const unsigned char *p_input,
+                                         size_t input_length,
+                                         psa_key_slot_t key_slot,
+                                         psa_algorithm_t alg,
+                                         unsigned char *p_output,
+                                         size_t output_size,
+                                         size_t *p_output_length );
+
+/** \brief A function that performs an MAC operation in one command and compare the resulting MAC against a known value using an opaque key
+ * 
+ * \param p_input       A buffer containing the message to be MACed
+ * \param input_length  The size in bytes of `input`
+ * \param key_slot      The slot of the key to be used
+ * \param alg           The algorithm to be used to underlie the MAC operation
+ * \param p_mac         The MAC value against which the resulting MAC will be compared against
+ * \param mac_length   The size in bytes of `mac`
+ * 
+ * \retval PSA_SUCCESS
+ *         The operation completed successfully and the MACs matched each other
+ * \retval PSA_ERROR_INVALID_SIGNATURE
+ *         The operation completed successfully, but the calculated MAC did not match the provided MAC
+ */
+typedef psa_status_t (*pcd_mac_opaque_verify_t)( const unsigned char *p_input,
+                                                size_t input_length,
+                                                psa_key_slot_t key_slot,
+                                                psa_algorithm_t alg,
+                                                const unsigned char *p_mac,
+                                                size_t mac_length );
+
+/** \brief A struct containing all of the function pointers needed to implement MAC operations using opaque keys.
+ * 
+ * PSA Crypto API implementations should populate the table as appropriate upon startup.
+ *
+ * If one of the functions is not implemented (such as `pcd_mac_opaque_t`), it should be set to NULL.
+ * 
+ */
+struct pcd_mac_opaque_t {
+    size_t                   context_size;  /**<The size in bytes of the hardware-specific Opaque-MAC Context structure */
+    pcd_mac_opaque_setup_t  *p_setup;       /**< Function that performs the setup operation */
+    pcd_mac_opaque_update_t *p_update;      /**< Function that performs the update operation */
+    pcd_mac_opaque_finish_t *p_finish;      /**< Function that completes the operation */
+    pcd_mac_opaque_t        *p_mac;         /**< Function that performs the MAC operation in one call */
+    pcd_mac_opaque_verify_t *p_mac_verify;  /**<Function that performs the MAC and verify operation in one call */
+};
+/** @} */
+
+/** \defgroup transparent_mac Transparent Message Authentication Code
+ * @{
+ */
+
+/** \brief The hardware-specific transparent-key MAC context structure
+ *  The contents of this structure are implementation dependent and are therefore not described here
+ */
+struct pcd_mac_transparent_context_t {
+    // Implementation specific
+};
+
+/** \brief The function prototype for the setup operation of a transparent-key MAC operation
+ * 
+ *  Functions that implement the prototype should be named in the following convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_start
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying hash function, and `MAC_VARIANT` is the specific variant of a 
+ * MAC operation (such as HMAC or CMAC)
+ * 
+ * \param p_context     A structure that will contain the hardware-specific MAC context
+ * \param p_key         A buffer containing the cleartext key material to be used in the operation
+ * \param key_length    The size in bytes of the key material
+ * 
+ * \retval  PSA_SUCCESS
+ *          Success.
+ */
+typedef psa_status_t (*pcd_mac_transparent_start_t)( struct pcd_mac_transparent_context_t *p_context,
+                                                     const unsigned char *p_key,
+                                                     size_t key_length );
+
+/** \brief The function prototype for the update operation of a transparent-key MAC operation
+ *
+ * Functions that implement the prototype should be named in the following convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_update
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is the specific variant of a 
+ * MAC operation (such as HMAC or CMAC)
+ * 
+ * \param p_context     A hardware-specific structure for the previously-established MAC operation to be continued
+ * \param p_input       A buffer containing the message to be appended to the MAC operation
+ * \param input_length  The size in bytes of the input message buffer
+ */
+typedef psa_status_t (*pcd_mac_transparent_update_t)( struct pcd_mac_transparent_context_t *p_context,
+                                                      const unsigned char *p_input,
+                                                      size_t input_length );
+
+/** \brief  The function prototype for the finish operation of a transparent-key MAC operation
+ * 
+ * Functions that implement the prototype should be named in the following convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_finish
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is the specific variant of a 
+ * MAC operation (such as HMAC or CMAC)
+ * 
+ * \param p_context         A hardware-specific structure for the previously started MAC operation to be fiinished
+ * \param p_output          A buffer where the generated MAC will be placed
+ * \param output_size       The size in bytes of the buffer that has been allocated for the `p_output` buffer
+ * \param p_output_length   After completion, will contain the number of bytes placed in the `p_output` buffer
+ * 
+ * \retval PSA_SUCCESS
+ *          Success.
+ */
+typedef psa_status_t (*pcd_mac_transparent_finish_t)( struct pcd_mac_transparent_context_t *p_context,
+                                                     unsigned char *p_output,
+                                                     size_t output_size,
+                                                     size_t *p_output_length );
+
+/** @}
+ */
+
+/** \defgroup opaque_cipher Opaque Symmetric Ciphers
+ ** @{
+ */
+
+/** \brief A function pointer that provides the cipher setup function for opaque-key operations
+ *
+ * TBD: Since this is an opaque API (External, in Gilles nomeclature), shouldn't we be receiving a key handle/slot instead of key data? This is how I
+ * will write it
+
+ * \param p_context     A structure that will contain the hardware-specific cipher context.
+ * \param key_slot      THe slot of the key to be used for the operation
+ * \param algorithm     The algorithm to be used in the cipher operation
+ * \param direction     Indicates whether the operation is an encrypt or decrypt
+ * 
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ */
+typedef psa_status_t (*pcd_cipher_opaque_setup_t) ( void *p_context,
+                                                    psa_key_slot_t key_slot,
+                                                    psa_algorithm_t algorithm,
+                                                    encrypt_or_decrypt_t direction );
+
+
+/** \brief A function pointer that sets the initialization vector (if necessary) for an opaque cipher operation
+ * 
+ * Note that the psa_cipher_* function set has two IV functions: one to set the IV, and one to generate it
+ * internally. the generate function is not necessary for the driver API as the PSA Crypto implementation 
+ * can do the generation using it's RNG features
+ * 
+ * \param p_context A structure that contains the previously set up hardware-specific cipher context
+ * \param p_iv      A buffer containing the initialization vector
+ * \param iv_length The size (in bytes) of the `p_iv` buffer
+ * 
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_cipher_opaque_set_iv_t)( void *p_context,
+                                                    const uint8_t *p_iv,
+                                                    size_t iv_length );
+
+/** \brief A function that continues a previously started opaque-key cipher operation
+ * 
+ * \param p_context         A hardware-specific structure for the previously started cipher operation
+ * \param p_input           A buffer containing the data to be encrypted/decrypted
+ * \param input_size        The size in bytes of the buffer pointed to by `p_input`
+ * \param p_output          The caller-allocated buffer where the output will be placed
+ * \param output_size       The allocated size in bytes of the `p_output` buffer
+ * \param p_output_length   After completion, will contain the number of bytes placed in the `p_output` buffer
+ * 
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_cipher_opaque_update_t) (void *p_context,
+                                                    const uint8_t *p_input,
+                                                    size_t input_size,
+                                                    uint8_t *p_output,
+                                                    size_t output_size,
+                                                    size_t *p_output_length );
+
+/** \brief A function that completes a previously started opaque-key cipher operation
+ *
+ * \param p_context         A hardware-specific structure for the previously started cipher operation
+ * \param p_output          The caller-callocated buffer where the output will be placed
+ * \param output_size       The allocated size in bytes of the `p_output` buffer
+ * \param p_output_length   After completion, will contain the number of bytes placed in the `p_output` buffer
+ * 
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_cipher_opaque_finish_t) (void *p_context, uint8_t *p_output, size_t output_size, size_t *p_output_length );
+
+/** \brief A function that performs the ECB block mode for opaque-key cipher operations
+ * 
+ * Note: this function should only be used with implementations that do not provide a needed higher-level operation.
+ * 
+ * \param key_slot      The slot of the key to be used for the operation
+ * \param algorithm     The algorithm to be used in the cipher operation
+ * \param direction     Indicates whether the operation is an encrypt or decrypt
+ * \param p_input       A buffer containing the data to be encrypted/decrypted
+ * \param input_size    The size in bytes of the buffer pointed to by `p_input`
+ * \param p_output      The caller-allocated byffer where the output will be placed
+ * \param output_size   The allocated size in bytes of the `p_output` buffer
+ * 
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ */
+typedef psa_status_t (*pcd_cipher_opaque_ecb_t) ( psa_key_slot_t key_slot,
+                                                  psa_algorithm_t algorithm,
+                                                  encrypt_or_decrypt_t direction,
+                                                  const uint8_t *p_input,
+                                                  size_t input_size,
+                                                  uint8_t *p_output,
+                                                  size_t output_size );
+
+/**
+ * \brief A struct containing all of the function pointers needed to implement cipher operations using opaque keys.
+ * 
+ * PSA Crypto API implementations should populate instances of the table as appropriate upon startup.
+ * 
+ * If one of the functions is not implemented (such as `pcd_cipher_opaque_ecb_t`), it should be set to NULL.
+ */
+struct pcd_cipher_opaque_t {
+    size_t                      size;       /**<The size in bytes of the hardware-specific Opaque Cipher context structure */
+    pcd_cipher_opaque_setup_t  *p_setup;    /**< Function that performs the setup operation */
+    pcd_cipher_opaque_set_iv_t *p_set_iv;   /**< Function that sets the IV (if necessary) */
+    pcd_cipher_opaque_update_t *p_update;   /**< Function that performs the update operation */
+    pcd_cipher_opaque_finish_t *p_finish;   /**< Function that completes the operation */
+    pcd_cipher_opaque_ecb_t    *p_ecb;      /**< Function that performs ECB mode for the cipher (Danger: ECB mode is insecure) */
+};
+
+/** @}
+ */
+
+/** \defgroup transparent_cipher Transparent Block Cipher
+ * @{
+ */
+
+/** \brief The hardware-specific transparent-key Cipher context structure
+ *  The contents of this structure are implementation dependent and are therefore not described here
+ */
+struct pcd_cipher_transparent_context_t {
+    // Implementation specific
+};
+
+/** \brief The function prototype for the setup operation of transparent-key block cipher operations.
+ *  Functions that implement the prototype should be named in the following convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_cipher_transparent_setup_<CIPHER_NAME>_<MODE>
+ * ~~~~~~~~~~~~~
+ * Where
+ * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
+ * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
+ * 
+ * \param p_context         A structure that will contain the hardware-specific cipher context
+ * \param direction         Indicates if the operation is an encrypt or a decrypt
+ * \param p_key_data        A buffer containing the cleartext key material to be used in the operation
+ * \param key_data_size     The size in bytes of the key material
+ * 
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_cipher_transparent_setup_t) ( struct pcd_cipher_transparent_context_t *p_context,
+                                                         encrypt_or_decrypt_t direction,
+                                                         const uint8_t *p_key_data,
+                                                         size_t key_data_size );
+
+/** \brief The function prototype for the set initialization vector operation of transparent-key block cipher operations
+ *  Functions that implement the prototype should be named in the following convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_cipher_transparent_set_iv_<CIPHER_NAME>_<MODE>
+ * ~~~~~~~~~~~~~
+ * Where
+ * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
+ * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
+ * 
+ * \param p_context     A structure that contains the previously setup hardware-specific cipher context
+ * \param p_iv          A buffer containing the initialization vecotr
+ * \param iv_length     The size in bytes of the contents of `p_iv`
+ * 
+ * \retval PSA_SUCCESS
+*/
+typedef psa_status_t (*pcd_cipher_transparent_set_iv_t) ( struct pcd_cipher_transparent_context_t *p_context,
+                                                          const uint8_t *p_iv,
+                                                          size_t iv_length );
+/** \brief The function prototype for the update operation of transparent-key block cipher operations.
+ *
+ *  Functions that implement the prototype should be named in the following convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_cipher_transparent_update_<CIPHER_NAME>_<MODE>
+ * ~~~~~~~~~~~~~
+ * Where
+ * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
+ * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
+ * 
+ * TODO: Should the PSA Crypto API implementation calling these functions handle padding? What about hardware that handles padding?
+ * 
+ * \param p_context         A hardware-specific structure for the previously started cipher operation
+ * \param p_input           A buffer containing the data to be encrypted or decrypted
+ * \param input_size        The size in bytes of the `p_input` buffer
+ * \param p_output          A caller-allocated buffer where the generated output will be placed
+ * \param output_size       The size in bytes of the `p_output` buffer
+ * \param p_output_length   After completion, will contain the number of bytes placed in the `p_output` buffer
+ * 
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_cipher_transparent_update_t) ( struct pcd_cipher_transparent_context_t *p_context,
+                                                          const uint8_t *p_input,
+                                                          size_t input_size,
+                                                          uint8_t *p_output,
+                                                          size_t output_size,
+                                                          size_t *p_output_length );
+
+/** \brief The function prototype for the finish operation of transparent-key block cipher operations.
+*
+ *  Functions that implement the prototype should be named in the following convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_cipher_transparent_finish_<CIPHER_NAME>_<MODE>
+ * ~~~~~~~~~~~~~
+ * Where
+ * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
+ * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
+ * 
+ * TODO: Should the PSA Crypto API implementation calling these functions handle padding? What about hardware that handles padding?
+ * 
+ * \param p_context         A hardware-specific structure for the previously started cipher operation
+ * \param p_output          A caller-allocated buffer where the generated output will be placed
+ * \param output_size       The size in bytes of the `p_output` buffer
+ * \param p_output_length   After completion, will contain the number of bytes placed in the `p_output` buffer
+ * 
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_cipher_transparent_finish_t) ( struct pcd_cipher_transparent_context_t *p_context,
+                                                          uint8_t *p_output,
+                                                          size_t output_size,
+                                                          size_t *p_output_length );
+
+/** \brief The function prototype for the abort operation of transparent-key block cipher operations.
+ * 
+ *  Functions that implement the following prototype should be named in the following convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_cipher_transparent_abort_<CIPHER_NAME>_<MODE>
+ * ~~~~~~~~~~~~~
+ * Where
+ * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
+ * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
+ * 
+ * TODO: Should the PSA Crypto API implementation calling these functions handle padding? What about hardware that handles padding?
+ * 
+ * \param p_context         A hardware-specific structure for the previously started cipher operation
+ * 
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_cipher_transparent_abort_t) ( struct pcd_cipher_transparent_context_t *p_context );
+
+/** @}
+ */
+
+/** \defgroup digest Message Digests
+ * @{
+ */
+
+/** \brief The hardware-specific hash context structure
+ *  The contents of this structure are implementation dependent and are therefore not described here
+ */
+struct pcd_hash_context_t {
+    // Implementation specific
+};
+
+/** \brief The function prototype for the start operation of a hash (message digest) operation
+ * 
+ *  Functions that implement the prototype should be named in the following convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_hash_<ALGO>_start
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying hash function
+ * 
+ * \param p_context     A structure that will contain the hardware-specific hash context
+ * 
+ * \retval  PSA_SUCCESS     Success.
+ */
+typedef psa_status_t (*pcd_hash_start_t)(struct pcd_hash_context_t *p_context );
+
+
+
+/** \brief The function prototype for the update operation of a hash (message digest) operation
+ *
+ * Functions that implement the prototype should be named in the following convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_hash_<ALGO>_update
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm
+ * 
+ * \param p_context     A hardware-specific structure for the previously-established hash operation to be continued
+ * \param p_input       A buffer containing the message to be appended to the hash operation
+ * \param input_length  The size in bytes of the input message buffer
+ */
+typedef psa_status_t (*pcd_hash_update_t)(struct pcd_hash_context_t *p_context, const unsigned char *p_input, size_t input_length);
+
+/** \brief  The prototype for the finish operation of a hash (message digest) operation
+ * 
+ * Functions that implement the prototype should be named in the following convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_hash_<ALGO>_finish
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm
+ * 
+ * \param p_context         A hardware-specific structure for the previously started hash operation to be fiinished
+ * \param p_output          A buffer where the generated digest will be placed
+ * \param output_size       The size in bytes of the buffer that has been allocated for the `p_output` buffer
+ * 
+ * \retval PSA_SUCCESS
+ *          Success.
+ */
+typedef psa_status_t (*pcd_hash_finish_t)(struct pcd_hash_context_t *p_context, unsigned char *p_output, size_t output_size);
+
+/** \brief The function prototype for the abort operation of a hash (message digest) operation
+ * 
+ * Functions that implement the prototype should be named in the following convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_hash_<ALGO>_abort
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm
+ * 
+ * \param p_context     A hardware-specific structure for the previously started hash operation to be aborted
+ */
+typedef void (*pcd_hash_abort_t)(struct pcd_hash_context_t *p_context);
+
+/** @}
+ */
+
+
+/** \defgroup opaque_asymmetric Opaque Asymmetric Cryptography
+ * @{
+ */
+
+/**
+ * \brief A function that signs a hash or short message with a private key.
+ *
+ * \param key_slot                  Key slot of an asymmetric key pair.
+ * \param alg                       A signature algorithm that is compatible with
+ *                                  the type of `key`.
+ * \param[in] p_hash                The hash or message to sign.
+ * \param hash_length               Size of the `p_hash` buffer in bytes.
+ * \param[out] p_signature          Buffer where the signature is to be written.
+ * \param signature_size            Size of the `p_signature` buffer in bytes.
+ * \param[out] p_signature_length   On success, the number of bytes
+ *                                  that make up the returned signature value.
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_asymmetric_opaque_sign_t)( psa_key_slot_t key_slot,
+                                                      psa_algorithm_t alg,
+                                                      const uint8_t *p_hash,
+                                                      size_t hash_length,
+                                                      uint8_t *p_signature,
+                                                      size_t signature_size,
+                                                      size_t *p_signature_length );
+
+/**
+ * \brief A function that verifies the signature a hash or short message using a public key.
+ *
+  * \param key_slot         Key slot of a public key or an asymmetric key pair.
+ * \param alg               A signature algorithm that is compatible with
+ *                          the type of `key`.
+ * \param[in] p_hash        The hash or message whose signature is to be
+ *                          verified.
+ * \param hash_length       Size of the `p_hash` buffer in bytes.
+ * \param[in] p_signature   Buffer containing the signature to verify.
+ * \param signature_length  Size of the `p_signature` buffer in bytes.
+ *
+ * \retval PSA_SUCCESS
+ *         The signature is valid.
+ */
+typedef psa_status_t (*pcd_asymmetric_opaque_verify_t)( psa_key_slot_t key_slot,
+                                                        psa_algorithm_t alg,
+                                                        const uint8_t *p_hash,
+                                                        size_t hash_length,
+                                                        const uint8_t *p_signature,
+                                                        size_t signature_length );
+
+/**
+ * \brief A function that encrypts a short message with a public key.
+ *
+ * \param key_slot              Key slot of a public key or an asymmetric key pair.
+ * \param alg                   An asymmetric encryption algorithm that is
+ *                              compatible with the type of `key`.
+ * \param[in] p_input           The message to encrypt.
+ * \param input_length          Size of the `p_input` buffer in bytes.
+ * \param[in] p_salt            A salt or label, if supported by the
+ *                              encryption algorithm.
+ *                              If the algorithm does not support a
+ *                              salt, pass `NULL`.
+ *                              If the algorithm supports an optional
+ *                              salt and you do not want to pass a salt,
+ *                              pass `NULL`.
+ *
+ *                              - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
+ *                                supported.
+ * \param salt_length           Size of the `p_salt` buffer in bytes.
+ *                              If `p_salt` is `NULL`, pass 0.
+ * \param[out] p_output         Buffer where the encrypted message is to
+ *                              be written.
+ * \param output_size           Size of the `p_output` buffer in bytes.
+ * \param[out] p_output_length  On success, the number of bytes
+ *                              that make up the returned output.
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_asymmetric_opaque_encrypt_t)( psa_key_slot_t key_slot,
+                                                         psa_algorithm_t alg,
+                                                         const uint8_t *p_input,
+                                                         size_t input_length,
+                                                         const uint8_t *p_salt,
+                                                         size_t salt_length,
+                                                         uint8_t *p_output,
+                                                         size_t output_size,
+                                                         size_t *p_output_length );
+
+/**
+ * \brief Decrypt a short message with a private key.
+ *
+ * \param key_slot              Key slot of an asymmetric key pair.
+ * \param alg                   An asymmetric encryption algorithm that is
+ *                              compatible with the type of \p key.
+ * \param[in] p_input           The message to decrypt.
+ * \param input_length          Size of the `p_input` buffer in bytes.
+ * \param[in] p_salt            A salt or label, if supported by the
+ *                              encryption algorithm.
+ *                              If the algorithm does not support a
+ *                              salt, pass `NULL`.
+ *                              If the algorithm supports an optional
+ *                              salt and you do not want to pass a salt,
+ *                              pass `NULL`.
+ *
+ *                              - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
+ *                                supported.
+ * \param salt_length           Size of the `p_salt` buffer in bytes.
+ *                              If `p_salt` is `NULL`, pass 0.
+ * \param[out] p_output         Buffer where the decrypted message is to
+ *                              be written.
+ * \param output_size           Size of the `p_output` buffer in bytes.
+ * \param[out] p_output_length  On success, the number of bytes
+ *                              that make up the returned output.
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_asymmetric_opaque_decrypt_t)( psa_key_slot_t key_slot,
+                                                         psa_algorithm_t alg,
+                                                         const uint8_t *p_input,
+                                                         size_t input_length,
+                                                         const uint8_t *p_salt,
+                                                         size_t salt_length,
+                                                         uint8_t *p_output,
+                                                         size_t output_size,
+                                                         size_t *p_output_length );
+
+/**
+ * \brief A struct containing all of the function pointers needed to implement asymmetric cryptographic operations
+ * using opaque keys.
+ * 
+ * PSA Crypto API implementations should populate instances of the table as appropriate upon startup.
+ * 
+ * If one of the functions is not implemented, it should be set to NULL.
+ */
+struct pcd_asymmetric_opaque_t {
+    pcd_asymmetric_opaque_sign_t    *p_sign;    /**< Function that performs the asymmetric sign operation */
+    pcd_asymmetric_opaque_verify_t  *p_verify;  /**< Function that performs the asymmetric verify operation */
+    pcd_asymmetric_opaque_encrypt_t *p_encrypt; /**< Function that performs the asymmetric encrypt operation */
+    pcd_asymmetric_opaque_decrypt_t *p_decrypt; /**< Function that performs the asymmetric decrypt operation */
+};
+
+/** @}
+ */
+
+/** \defgroup transparent_asymmetric Transparent Asymmetric Cryptography
+ * @{
+ */
+
+
+/**
+ * \brief A function that signs a hash or short message with a transparent private key.
+ * 
+ * Functions that implement the prototype should be named in the following convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_asymmetric_<ALGO>_sign
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the signing algorithm
+ * 
+ * \param p_key                     A buffer containing the private key material.
+ * \param key_size                  The size in bytes of the `p_key` data
+ * \param alg                       A signature algorithm that is compatible with
+ *                                  the type of `p_key`.
+ * \param[in] p_hash                The hash or message to sign.
+ * \param hash_length               Size of the `p_hash` buffer in bytes.
+ * \param[out] p_signature          Buffer where the signature is to be written.
+ * \param signature_size            Size of the `p_signature` buffer in bytes.
+ * \param[out] p_signature_length   On success, the number of bytes
+ *                                  that make up the returned signature value.
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_asymmetric_transparent_sign_t)( const uint8_t *p_key,
+                                                           size_t key_size,
+                                                           psa_algorithm_t alg,
+                                                           const uint8_t *p_hash,
+                                                           size_t hash_length,
+                                                           uint8_t *p_signature,
+                                                           size_t signature_size,
+                                                           size_t *p_signature_length );
+
+/**
+ * \brief A function that verifies the signature a hash or short message using a transparent public key.
+ *
+ * Functions that implement the prototype should be named in the following convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_asymmetric_<ALGO>_verify
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the signing algorithm 
+ * 
+ * \param p_key             A buffer containing the public key material.
+ * \param key_size          The size in bytes of the `p_key` data
+ * \param alg               A signature algorithm that is compatible with
+ *                          the type of `key`.
+ * \param[in] p_hash        The hash or message whose signature is to be
+ *                          verified.
+ * \param hash_length       Size of the `p_hash` buffer in bytes.
+ * \param[in] p_signature   Buffer containing the signature to verify.
+ * \param signature_length  Size of the `p_signature` buffer in bytes.
+ *
+ * \retval PSA_SUCCESS
+ *         The signature is valid.
+ */
+typedef psa_status_t (*pcd_asymmetric_transparent_verify_t)( const uint8_t *p_key,
+                                                             size_t key_size,
+                                                             psa_algorithm_t alg,
+                                                             const uint8_t *p_hash,
+                                                             size_t hash_length,
+                                                             const uint8_t *p_signature,
+                                                             size_t signature_length );
+
+/**
+ * \brief A function that encrypts a short message with a transparent public key.
+ *
+ * Functions that implement the prototype should be named in the following convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_asymmetric_<ALGO>_encrypt
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the encryption algorithm
+ * 
+ * \param p_key                 A buffer containing the public key material
+ * \param key_size              The size in bytes of the `p_key` data
+ * \param alg                   An asymmetric encryption algorithm that is
+ *                              compatible with the type of `key`.
+ * \param[in] p_input           The message to encrypt.
+ * \param input_length          Size of the `p_input` buffer in bytes.
+ * \param[in] p_salt            A salt or label, if supported by the
+ *                              encryption algorithm.
+ *                              If the algorithm does not support a
+ *                              salt, pass `NULL`.
+ *                              If the algorithm supports an optional
+ *                              salt and you do not want to pass a salt,
+ *                              pass `NULL`.
+ *
+ *                              - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
+ *                                supported.
+ * \param salt_length           Size of the `p_salt` buffer in bytes.
+ *                              If `p_salt` is `NULL`, pass 0.
+ * \param[out] p_output         Buffer where the encrypted message is to
+ *                              be written.
+ * \param output_size           Size of the `p_output` buffer in bytes.
+ * \param[out] p_output_length  On success, the number of bytes
+ *                              that make up the returned output.
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)( const uint8_t *p_key,
+                                                             size_t key_size,
+                                                             psa_algorithm_t alg,
+                                                             const uint8_t *p_input,
+                                                             size_t input_length,
+                                                             const uint8_t *p_salt,
+                                                             size_t salt_length,
+                                                             uint8_t *p_output,
+                                                             size_t output_size,
+                                                             size_t *p_output_length );
+
+/**
+ * \brief Decrypt a short message with a transparent private key.
+ *
+ * Functions that implement the prototype should be named in the following convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_asymmetric_<ALGO>_decrypt
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the encryption algorithm
+ * 
+ * \param p_key                 A buffer containing the private key material
+ * \param key_size              The size in bytes of the `p_key` data
+ * \param alg                   An asymmetric encryption algorithm that is
+ *                              compatible with the type of \p key.
+ * \param[in] p_input           The message to decrypt.
+ * \param input_length          Size of the `p_input` buffer in bytes.
+ * \param[in] p_salt            A salt or label, if supported by the
+ *                              encryption algorithm.
+ *                              If the algorithm does not support a
+ *                              salt, pass `NULL`.
+ *                              If the algorithm supports an optional
+ *                              salt and you do not want to pass a salt,
+ *                              pass `NULL`.
+ *
+ *                              - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
+ *                                supported.
+ * \param salt_length           Size of the `p_salt` buffer in bytes.
+ *                              If `p_salt` is `NULL`, pass 0.
+ * \param[out] p_output         Buffer where the decrypted message is to
+ *                              be written.
+ * \param output_size           Size of the `p_output` buffer in bytes.
+ * \param[out] p_output_length  On success, the number of bytes
+ *                              that make up the returned output.
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_asymmetric_transparent_decrypt_t)( const uint8_t *p_key,
+                                                              size_t key_size,
+                                                              psa_algorithm_t alg,
+                                                              const uint8_t *p_input,
+                                                              size_t input_length,
+                                                              const uint8_t *p_salt,
+                                                              size_t salt_length,
+                                                              uint8_t *p_output,
+                                                              size_t output_size,
+                                                              size_t *p_output_length );
+
+/** @}
+ */
+
+/** \defgroup aead_opaque AEAD Opaque
+ * * @{
+ */
+
+/** Process an authenticated encryption operation using an opaque key.
+ *
+ * \param key_slot                  Slot containing the key to use.
+ * \param algorithm                 The AEAD algorithm to compute
+ *                                  (\c PSA_ALG_XXX value such that
+ *                                  #PSA_ALG_IS_AEAD(\p alg) is true).
+ * \param[in] p_nonce               Nonce or IV to use.
+ * \param nonce_length              Size of the `p_nonce` buffer in bytes.
+ * \param[in] p_additional_data     Additional data that will be authenticated
+ *                                  but not encrypted.
+ * \param additional_data_length    Size of `p_additional_data` in bytes.
+ * \param[in] p_plaintext           Data that will be authenticated and
+ *                                  encrypted.
+ * \param plaintext_length          Size of `p_plaintext` in bytes.
+ * \param[out] p_ciphertext         Output buffer for the authenticated and
+ *                                  encrypted data. The additional data is not
+ *                                  part of this output. For algorithms where the
+ *                                  encrypted data and the authentication tag
+ *                                  are defined as separate outputs, the
+ *                                  authentication tag is appended to the
+ *                                  encrypted data.
+ * \param ciphertext_size           Size of the `p_ciphertext` buffer in bytes.
+ * \param[out] p_ciphertext_length  On success, the size of the output
+ *                                  in the `p_ciphertext` buffer.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ */
+typedef psa_status_t (*psa_aead_opaque_encrypt_t)( psa_key_slot_t key_slot,
+                                                  psa_algorithm_t algorithm,
+                                                  const uint8_t *p_nonce,
+                                                  size_t nonce_length,
+                                                  const uint8_t *p_additional_data,
+                                                  size_t additional_data_length,
+                                                  const uint8_t *p_plaintext,
+                                                  size_t plaintext_length,
+                                                  uint8_t *p_ciphertext,
+                                                  size_t ciphertext_size,
+                                                  size_t *p_ciphertext_length);
+
+/** Process an authenticated decryption operation using an opaque key.
+ *
+ * \param key_slot                  Slot containing the key to use.
+ * \param algorithm                 The AEAD algorithm to compute
+ *                                  (\c PSA_ALG_XXX value such that
+ *                                  #PSA_ALG_IS_AEAD(\p alg) is true).
+ * \param[in] p_nonce               Nonce or IV to use.
+ * \param nonce_length              Size of the `p_nonce` buffer in bytes.
+ * \param[in] p_additional_data     Additional data that has been authenticated
+ *                                  but not encrypted.
+ * \param additional_data_length    Size of `p_additional_data` in bytes.
+ * \param[in] p_ciphertext          Data that has been authenticated and
+ *                                  encrypted. For algorithms where the
+ *                                  encrypted data and the authentication tag
+ *                                  are defined as separate inputs, the buffer
+ *                                  must contain the encrypted data followed
+ *                                  by the authentication tag.
+ * \param ciphertext_length         Size of `p_ciphertext` in bytes.
+ * \param[out] p_plaintext          Output buffer for the decrypted data.
+ * \param plaintext_size            Size of the `p_plaintext` buffer in bytes.
+ * \param[out] p_plaintext_length   On success, the size of the output
+ *                                  in the `p_plaintext` buffer.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ */
+typedef psa_status_t (*psa_aead_opaque_decrypt_t)( psa_key_slot_t key_slot,
+                                                   psa_algorithm_t algorithm,
+                                                   const uint8_t *p_nonce,
+                                                   size_t nonce_length,
+                                                   const uint8_t *p_additional_data,
+                                                   size_t additional_data_length,
+                                                   const uint8_t *p_ciphertext,
+                                                   size_t ciphertext_length,
+                                                   uint8_t *p_plaintext,
+                                                   size_t plaintext_size,
+                                                   size_t *p_plaintext_length);
+
+/**
+ * \brief A struct containing all of the function pointers needed to implement Authenticated Encryption
+ * with Additional Data operations using opaque keys
+ * 
+ * PSA Crypto API implementations should populate instances of the table as appropriate upon startup.
+ * 
+ * If one of the functions is not implemented, it should be set to NULL.
+ */
+struct psa_aead_opaque_t {
+    psa_aead_opaque_encrypt_t *p_encrypt;   /**< Function that performs the AEAD encrypt operation */
+    psa_aead_opaque_decrypt_t *p_decrypt;   /**< Function that performs the AEAD decrypt operation */
+};
+/** @} 
+ */
+
+/** \defgroup aead_transparent AEAD Transparent
+ */
+
+/** Process an authenticated encryption operation.
+ * 
+ * Functions that implement the prototype should be named in the following convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_aead_<ALGO>_encrypt
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the AEAD algorithm
+ *
+ * \param p_key                   A pointer to the key material
+ * \param key_length              The size in bytes of the key material
+ * \param alg                     The AEAD algorithm to compute
+ *                                (\c PSA_ALG_XXX value such that
+ *                                #PSA_ALG_IS_AEAD(\p alg) is true).
+ * \param[in] nonce               Nonce or IV to use.
+ * \param nonce_length            Size of the \p nonce buffer in bytes.
+ * \param[in] additional_data     Additional data that will be MACed
+ *                                but not encrypted.
+ * \param additional_data_length  Size of \p additional_data in bytes.
+ * \param[in] plaintext           Data that will be MACed and
+ *                                encrypted.
+ * \param plaintext_length        Size of \p plaintext in bytes.
+ * \param[out] ciphertext         Output buffer for the authenticated and
+ *                                encrypted data. The additional data is not
+ *                                part of this output. For algorithms where the
+ *                                encrypted data and the authentication tag
+ *                                are defined as separate outputs, the
+ *                                authentication tag is appended to the
+ *                                encrypted data.
+ * \param ciphertext_size         Size of the \p ciphertext buffer in bytes.
+ *                                This must be at least
+ *                                #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg,
+ *                                \p plaintext_length).
+ * \param[out] ciphertext_length  On success, the size of the output
+ *                                in the \b ciphertext buffer.
+ *
+ * \retval #PSA_SUCCESS
+ 
+ */
+typedef psa_status_t (*psa_aead_transparent_encrypt_t)( const uint8_t *p_key,
+                                                        size_t key_length,
+                                                        psa_algorithm_t alg,
+                                                        const uint8_t *nonce,
+                                                        size_t nonce_length,
+                                                        const uint8_t *additional_data,
+                                                        size_t additional_data_length,
+                                                        const uint8_t *plaintext,
+                                                        size_t plaintext_length,
+                                                        uint8_t *ciphertext,
+                                                        size_t ciphertext_size,
+                                                        size_t *ciphertext_length );
+
+/** Process an authenticated decryption operation.
+ * 
+ * Functions that implement the prototype should be named in the following convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_aead_<ALGO>_decrypt
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the AEAD algorithm
+ * \param p_key                   A pointer to the key material
+ * \param key_length              The size in bytes of the key material
+ * \param alg                     The AEAD algorithm to compute
+ *                                (\c PSA_ALG_XXX value such that
+ *                                #PSA_ALG_IS_AEAD(\p alg) is true).
+ * \param[in] nonce               Nonce or IV to use.
+ * \param nonce_length            Size of the \p nonce buffer in bytes.
+ * \param[in] additional_data     Additional data that has been MACed
+ *                                but not encrypted.
+ * \param additional_data_length  Size of \p additional_data in bytes.
+ * \param[in] ciphertext          Data that has been MACed and
+ *                                encrypted. For algorithms where the
+ *                                encrypted data and the authentication tag
+ *                                are defined as separate inputs, the buffer
+ *                                must contain the encrypted data followed
+ *                                by the authentication tag.
+ * \param ciphertext_length       Size of \p ciphertext in bytes.
+ * \param[out] plaintext          Output buffer for the decrypted data.
+ * \param plaintext_size          Size of the \p plaintext buffer in bytes.
+ *                                This must be at least
+ *                                #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg,
+ *                                \p ciphertext_length).
+ * \param[out] plaintext_length   On success, the size of the output
+ *                                in the \b plaintext buffer.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ */
+typedef psa_status_t (*psa_aead_transparent_decrypt_t) ( const uint8_t *p_key,
+                                                         size_t key_length,
+                                                         psa_algorithm_t alg,
+                                                         const uint8_t *nonce,
+                                                         size_t nonce_length,
+                                                         const uint8_t *additional_data,
+                                                         size_t additional_data_length,
+                                                         const uint8_t *ciphertext,
+                                                         size_t ciphertext_length,
+                                                         uint8_t *plaintext,
+                                                         size_t plaintext_size,
+                                                         size_t *plaintext_length);
+
+/** @}
+
+
+/** \defgroup rng Entropy Generation
+ * @{
+ */
+
+/** \brief A hardware-specific structure for a entropy providing hardware
+ */
+struct pcd_entropy_context_t {
+    // Implementation specific
+};
+
+/** \brief Initialize an entropy driver
+ *
+ * 
+ * \param p_context             A hardware-specific structure containing any context information for the implementation
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_entropy_init_t)( struct pcd_entropy_context_t *p_context );
+
+/** \brief Get a specified number of bytes from the entropy source
+ * 
+ * Retrives `buffer_size` bytes of data from the entropy source. The entropy source will always fill the provided buffer to its full size.
+ * However, most entropy sources have biases, and the actual amount of entropy contained in the buffer will be less than the number of bytes.
+ * The driver will return the actual number of bytes of entropy placed in the buffer in `p_received_entropy_bytes`.
+ * A PSA Crypto API implementation will likely feed the output of this function into a Digital Random Bit Generator (DRBG), and typically has 
+ * a minimum amount of entropy that it needs.
+ * To accomplish this, the PSA Crypto implementation should be designed to call this function multiple times until it has received the required
+ * amount of entropy from the entropy source.
+ * 
+ * \param p_context                 A hardware-specific structure containing any context information for the implementation
+ * \param p_buffer                  A caller-allocated buffer for the retrieved bytes to be placed in
+ * \param buffer_size               The allocated size of `p_buffer`
+ * \param p_received_entropy_bytes  The amount of entropy (in bytes) actually provided in `p_buffer`
+ * 
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_entropy_get_bytes_t)( struct pcd_entropy_context_t *p_context, uint8_t *p_buffer, uint32_t buffer_size, uint32_t *p_received_entropy_bytes );
+
+/**
+ * \brief A struct containing all of the function pointers needed to interface to an entropy source
+ * 
+ * PSA Crypto API implementations should populate instances of the table as appropriate upon startup.
+ * 
+ * If one of the functions is not implemented, it should be set to NULL.
+ */
+struct pcd_entropy_t {
+    pcd_entropy_init_t *p_init;            /**< Function that performs initialization for the entropy source */
+    pcd_entropy_get_bytes_t *p_get_bytes;  /**< Function that performs the get_bytes operation for the entropy source */
+};
+/** @}
+ */
+
+/** \defgroup key_management Key Management
+ * @{
+ */
+
+/** \brief Import a key in binary format.
+ *
+ * This function can support any output from psa_export_key(). Refer to the
+ * documentation of psa_export_key() for the format for each key type.
+ *
+ * \param key_slot      Slot where the key will be stored. This must be a
+ *                      valid slot for a key of the chosen type. It must
+ *                      be unoccupied.
+ * \param type          Key type (a \c PSA_KEY_TYPE_XXX value).
+ * \param[in] p_data    Buffer containing the key data.
+ * \param data_length   Size of the \p data buffer in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ */
+typedef psa_status_t (*pcd_opaque_import_key_t) ( psa_key_slot_t key_slot,
+                                                  psa_key_type_t type,
+                                                  const uint8_t *p_data,
+                                                  size_t data_length );
+
+/**
+ * \brief Destroy a key and restore the slot to its default state.
+ *
+ * This function destroys the content of the key slot from both volatile
+ * memory and, if applicable, non-volatile storage. Implementations shall
+ * make a best effort to ensure that any previous content of the slot is
+ * unrecoverable.
+ *
+ * This function also erases any metadata such as policies. It returns the
+ * specified slot to its default state.
+ *
+ * \param key_slot        The key slot to erase.
+ *
+ * \retval #PSA_SUCCESS
+ *         The slot's content, if any, has been erased.
+ */
+typedef psa_status_t (*pcd_destroy_key_t)( psa_key_slot_t key );
+
+/**
+ * \brief Export a key in binary format.
+ *
+ * The output of this function can be passed to psa_import_key() to
+ * create an equivalent object.
+ *
+ * If a key is created with psa_import_key() and then exported with
+ * this function, it is not guaranteed that the resulting data is
+ * identical: the implementation may choose a different representation
+ * of the same key if the format permits it.
+ *
+ * For standard key types, the output format is as follows:
+ *
+ * - For symmetric keys (including MAC keys), the format is the
+ *   raw bytes of the key.
+ * - For DES, the key data consists of 8 bytes. The parity bits must be
+ *   correct.
+ * - For Triple-DES, the format is the concatenation of the
+ *   two or three DES keys.
+ * - For RSA key pairs (#PSA_KEY_TYPE_RSA_KEYPAIR), the format
+ *   is the non-encrypted DER representation defined by PKCS\#1 (RFC 8017)
+ *   as RSAPrivateKey.
+ * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the format
+ *   is the DER representation defined by RFC 5280 as SubjectPublicKeyInfo.
+ *
+ * \param key                   Slot whose content is to be exported. This must
+ *                              be an occupied key slot.
+ * \param[out] p_data           Buffer where the key data is to be written.
+ * \param data_size             Size of the `p_data` buffer in bytes.
+ * \param[out] p_data_length    On success, the number of bytes
+ *                              that make up the key data.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+typedef psa_status_t (*pcd_export_key_t)( psa_key_slot_t key,
+                                          uint8_t *p_data,
+                                          size_t data_size,
+                                          size_t *p_data_length );
+
+/**
+ * \brief Export a public key or the public part of a key pair in binary format.
+ *
+ * The output of this function can be passed to psa_import_key() to
+ * create an object that is equivalent to the public key.
+ *
+ * For standard key types, the output format is as follows:
+ *
+ * - For RSA keys (#PSA_KEY_TYPE_RSA_KEYPAIR or #PSA_KEY_TYPE_RSA_PUBLIC_KEY),
+ *   the format is the DER representation of the public key defined by RFC 5280
+ *   as SubjectPublicKeyInfo.
+ *
+ * \param key_slot              Slot whose content is to be exported. This must
+ *                              be an occupied key slot.
+ * \param[out] p_data           Buffer where the key data is to be written.
+ * \param data_size             Size of the \p data buffer in bytes.
+ * \param[out] p_data_length    On success, the number of bytes
+ *                              that make up the key data.
+ *
+ * \retval #PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_export_public_key_t)( psa_key_slot_t key,
+                                                 uint8_t *p_data,
+                                                 size_t data_size,
+                                                 size_t *p_data_length );
+
+/**
+ * \brief A struct containing all of the function pointers needed to for key management using
+ * opaque keys.
+ * 
+ * PSA Crypto API implementations should populate instances of the table as appropriate upon startup.
+ * 
+ * If one of the functions is not implemented, it should be set to NULL.
+ */
+struct pcd_key_management_t {
+    pcd_opaque_import_key_t *p_import;          /**< Function that performs the key import operation */
+    pcd_destroy_key_t       *p_destroy;         /**< Function that performs the key destroy operation */
+    pcd_export_key_t        *p_export;          /**< Function that performs the key export operation */
+    pcd_export_public_key_t *p_export_public;   /**< Function that perforsm the public key export operation */
+};
+
+/** @}
+ */
+
+/** \defgroup derivation Key Derivation and Agreement
+ * @{
+ * Key derivation is the process of generating new key material using an existing key and additional parameters, iterating through a basic
+ * cryptographic function, such as a hash.
+ * Key agreement is a part of cryptographic protocols that allows two parties to agree on the same key value, but starting from different original
+ * key material.
+ * The flows are similar, and the PSA Crypto Driver API uses the same functions for both of the flows.
+ * 
+ * There are two different final functions for the flows, `pcd_key_derivation_derive` and `pcd_key_derivation_export`. `pcd_key_derivation_derive`
+ * is used when the key material should be placed in a slot on the hardware and not exposed to the caller. `pcd_key_derivation_export` is used 
+ * when the key material should be returned to the PSA Cryptographic API implementation.
+ * 
+ * Different key derivation algorithms require a different number of inputs. Instead of having an API that 
+ * takes as input variable length arrays, which can be problemmatic to manage on embedded platforms, the inputs
+ * are passed to the driver via a function, `pcd_key_derivation_collateral`, that is called multiple times with different `collateral_id`s.
+ * Thus, for a key derivation algorithm that required 3 paramter inputs, the flow would look something like:
+```C
+pcd_key_derivation_setup(kdf_algorithm, source_key, dest_key_size_bytes);
+pcd_key_derivation_collateral(kdf_algorithm_collateral_id_0, p_collateral_0, collateral_0_size);
+pcd_key_derivation_collateral(kdf_algorithm_collateral_id_1, p_collateral_1, collateral_1_size);
+pcd_key_derivation_collateral(kdf_algorithm_collateral_id_2, p_collateral_2, collateral_2_size);
+pcd_key_derivation_derive();
+```
+
+key agreement example:
+```C
+pcd_key_derivation_setup(alg, source_key. dest_key_size_bytes);
+pcd_key_derivation_collateral(DHE_PUBKEY, p_pubkey, pubkey_size);
+pcd_key_derivation_export(p_session_key, session_key_size, &session_key_length);
+```
+ */
+
+/** \brief Set up a key derivation operation by specifying the algorithm and the source key sot
+ * 
+ * \param kdf_alg       The algorithm to be used for the key derivation
+ * \param souce_key     The key to be used as the source material for the key derivation
+ * 
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t ( *pcd_key_derivation_setup_t )( psa_algorithm_t kdf_alg, psa_key_slot_t source_key );
+
+/** \brief Provide collateral (parameters) needed for a key derivation or key agreement operation
+ * 
+ * Since many key derivation algorithms require multiple parameters, it is expeced that this function may be called multiple
+ * times for the same operation, each with a different algorithm-specific `collateral_id`
+ * 
+ * \param collateral_id
+ * \param p_collateral
+ * \param collateral_size
+ * 
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_key_derivation_collateral_t ) ( uint32_t collateral_id, const uint8_t p_collateral, uint32_t collateral_size );
+
+/** \brief Perform the final key derivation step and place the generated key material in a slot
+ * 
+ * param dest_key       The slot where the generated key material should be placed
+ * 
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t ( *pcd_key_derivation_derive_t )( psa_key_slot_t dest_key );
+
+/** \brief Pefform the final step of a key agreement and place the generated key material in a buffer
+ * 
+ * \param p_output
+ * \param output_size
+ * \param p_output_length
+ * 
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t ( *pcd_key_derivation_export_t )( uint8_t *p_output, uint32_t output_size, uint32_t *p_output_length );
+
+/**
+ * \brief A struct containing all of the function pointers needed to for key derivation and agreement
+ * 
+ * PSA Crypto API implementations should populate instances of the table as appropriate upon startup.
+ * 
+ * If one of the functions is not implemented, it should be set to NULL.
+ */
+struct pcd_key_derivation_t {
+    pcd_key_derivation_setup_t      *p_setup;       /**< Function that performs the key derivation setup */
+    pcd_key_derivation_collateral_t *p_collateral;  /**< Function that sets the key derivation collateral */
+    pcd_key_derivation_derive_t     *p_derive;      /**< Function that performs the final key derivation step */
+    pcd_key_derivation_export_t     *p_export;      /**< Function that perforsm the final key derivation or agreement and exports the key */
+};
+
+/** @}
+ */
+
+#endif // __PSA_CRYPTO_DRIVER_H__
\ No newline at end of file

From 16e72299cd418ed63044b65ad4251accdea80c5d Mon Sep 17 00:00:00 2001
From: Derek Miller <derek.miller@arm.com>
Date: Mon, 15 Oct 2018 16:14:24 -0500
Subject: [PATCH 527/889] Changed crypto_driver.h based on PR feedback

---
 include/psa/crypto_driver.h | 1866 +++++++++++++++++++++--------------
 1 file changed, 1128 insertions(+), 738 deletions(-)

diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h
index 64c21b591..c0a62b268 100644
--- a/include/psa/crypto_driver.h
+++ b/include/psa/crypto_driver.h
@@ -1,348 +1,615 @@
+/**
+ * \file psa/crypto_driver.h
+ * \brief Platform Security Architecture cryptographic driver module
+ * 
+ * This file describes an API for driver developers to implement to enable
+ * hardware to be called in a standardized way by a PSA Cryptographic API
+ * implementation. The API described is not intended to be called by
+ * application developers.
+ */
+
+/*
+ *  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
 #ifndef __PSA_CRYPTO_DRIVER_H__
 #define __PSA_CRYPTO_DRIVER_H__
 
 #include <stddef.h>
 #include <stdint.h>
 
+/** The following types are redefinitions from the psa/crypto.h file.
+ * It is intended that these will be moved to a new common header file to 
+ * avoid duplication. They are included here for expediency in publication.
+ */
 typedef uint32_t psa_status_t;
 typedef uint32_t psa_algorithm_t;
-typedef uint32_t encrypt_or_decrypt_t;
+typedef uint8_t encrypt_or_decrypt_t;
 typedef uint32_t psa_key_slot_t;
 typedef uint32_t psa_key_type_t;
 
 /** \defgroup opaque_mac Opaque Message Authentication Code
- * @{
  */
-/** \brief A function that starts an MAC operation for a PSA Crypto Driver implementation using an opaque key
+/**@{*/
+/** \brief A function that starts a MAC operation for a PSA Crypto Driver 
+ * implementation using an opaque key
  * 
- * \param p_context     A structure that will contain the hardware-specific MAC context
- * \param key_slot      The slot of the key to be used for the operation
- * \param algorithm     The algorithm to be used to underly the MAC operation
+ * \param[in,out] p_context     A structure that will contain the 
+ *                              hardware-specific MAC context
+ * \param[in] key_slot          The slot of the key to be used for the
+ *                              operation
+ * \param[in] algorithm         The algorithm to be used to underly the MAC 
+ *                              operation
  * 
  * \retval  PSA_SUCCESS
  *          Success.
  */
-typedef psa_status_t (*pcd_mac_opaque_setup_t)( void *p_context,
-                                                psa_key_slot_t key_slot,
-                                                psa_algorithm_t algorithm );
+typedef psa_status_t (*pcd_mac_opaque_setup_t)(void *p_context,
+                                               psa_key_slot_t key_slot,
+                                               psa_algorithm_t algorithm);
 
-/** \brief A function that continues a previously started MAC operation using an opaque key
+/** \brief A function that continues a previously started MAC operation using
+ * an opaque key
  * 
- * \param p_context     A hardware-specific structure for the previously-established MAC operation to be continued
- * \param p_input       A buffer containing the message to be appended to the MAC operation
- * \param input_length  The size in bytes of the input message buffer
+ * \param[in,out] p_context     A hardware-specific structure for the
+ *                              previously-established MAC operation to be
+ *                              continued
+ * \param[in] p_input           A buffer containing the message to be appended
+ *                              to the MAC operation
+ * \param[in] input_length  The size in bytes of the input message buffer
  */
-typedef psa_status_t (*pcd_mac_opaque_update_t)( void *p_context,
-                                                 const unsigned char *p_input,
-                                                 size_t input_length );
+typedef psa_status_t (*pcd_mac_opaque_update_t)(void *p_context,
+                                                const uint8_t *p_input,
+                                                size_t input_length);
 
-/** \brief a function that completes a previously started MAC operation by returning the resulting MAC using an opaque key
+/** \brief a function that completes a previously started MAC operation by
+ * returning the resulting MAC using an opaque key
  * 
- * \param p_context         A hardware-specific structure for the previously started MAC operation to be fiinished
- * \param p_output          A buffer where the generated MAC will be placed
- * \param output_size       The size in bytes of the buffer that has been allocated for the `output` buffer
- * \param p_output_length   After completion, the address will contain the number of bytes placed in the `p_output` buffer
+ * \param[in] p_context         A hardware-specific structure for the 
+ *                              previously started MAC operation to be 
+ *                              finished
+ * \param[out] p_mac            A buffer where the generated MAC will be
+ *                              placed
+ * \param[in] mac_size          The size in bytes of the buffer that has been
+ *                              allocated for the `output` buffer
+ * \param[out] p_mac_length     After completion, will contain the number of
+ *                              bytes placed in the `p_output` buffer
  * 
  * \retval PSA_SUCCESS
  *          Success.
  */
-typedef psa_status_t (*pcd_mac_opaque_finish_t)( void *p_ctx,
-                                                 unsigned char *p_output,
-                                                 size_t output_size,
-                                                 size_t *p_output_length );
+typedef psa_status_t (*pcd_mac_opaque_finish_t)(void *p_context,
+                                                uint8_t *p_mac,
+                                                size_t mac_size,
+                                                size_t *p_mac_length);
 
-/** \brief A function that completes a previously started MAC operation by comparing the resulting MAC against a known value
- *   using an opaque key
+/** \brief A function that completes a previously started MAC operation by
+ * comparing the resulting MAC against a known value using an opaque key
  * 
- * \param p_context     A hardware-specific structure for the previously started MAC operation to be fiinished
- * \param p_mac         The MAC value against which the resulting MAC will be compared against
- * \param mac_length    The size in bytes of the value stored in `mac`
+ * \param[in] p_context     A hardware-specific structure for the previously
+ *                          started MAC operation to be fiinished
+ * \param[in] p_mac         The MAC value against which the resulting MAC will
+ *                          be compared against
+ * \param[in] mac_length    The size in bytes of the value stored in `p_mac`
  * 
  * \retval PSA_SUCCESS
- *         The operation completed successfully and the MACs matched each other
+ *         The operation completed successfully and the MACs matched each
+ *         other
  * \retval PSA_ERROR_INVALID_SIGNATURE
- *         The operation completed successfully, but the calculated MAC did not match the provided MAC
+ *         The operation completed successfully, but the calculated MAC did
+ *         not match the provided MAC
  */
-typedef psa_status_t (*pcd_mac_opaque_finish_verify_t)( void *p_context,
-                                                        const unsigned char *p_mac,
-                                                        size_t mac_length );
+typedef psa_status_t (*pcd_mac_opaque_finish_verify_t)(void *p_context,
+                                                       const uint8_t *p_mac,
+                                                       size_t mac_length);
 
-/** \brief A funciton that performs an MAC operation in one command and return the calculated MAC using an opaque key
+/** \brief A function that aborts a previous started opaque-key MAC operation
+
+ * \param[in] p_context     A hardware-specific structure for the previously
+ *                          started MAC operation to be aborted
+ */
+typedef psa_status_t (*pcd_mac_opaque_abort_t)(void *p_context);
+
+/** \brief A funciton that performs a MAC operation in one command and return
+ * the calculated MAC using an opaque key
  * 
- * \param p_input           A buffer containing the message to be MACed
- * \param input_length      The size in bytes of `input`
- * \param key_slot          The slot of the key to be used
- * \param alg               The algorithm to be used to underlie the MAC operation
- * \param p_output          A buffer where the generated MAC will be placed
- * \param output_size       The size in bytes of the `output` buffer
- * \param p_output_length   After completion, the address will contain the number of bytes placed in the `output` buffer
+ * \param[in] p_input           A buffer containing the message to be MACed
+ * \param[in] input_length      The size in bytes of `input`
+ * \param[in] key_slot          The slot of the key to be used
+ * \param[in] alg               The algorithm to be used to underlie the MA
+ *                              operation
+ * \param[out] p_mac            A buffer where the generated MAC will be
+ *                              placed
+ * \param[in] mac_size          The size in bytes of the `output` buffer
+ * \param[out] p_mac_length     After completion, will contain the number of
+ *                              bytes placed in the `output` buffer
  * 
  * \retval PSA_SUCCESS
  *         Success.
  */
-typedef psa_status_t (*pcd_mac_opaque_t)( const unsigned char *p_input,
-                                         size_t input_length,
-                                         psa_key_slot_t key_slot,
-                                         psa_algorithm_t alg,
-                                         unsigned char *p_output,
-                                         size_t output_size,
-                                         size_t *p_output_length );
+typedef psa_status_t (*pcd_mac_opaque_generate_t)(const uint8_t *p_input,
+                                                  size_t input_length,
+                                                  psa_key_slot_t key_slot,
+                                                  psa_algorithm_t alg,
+                                                  uint8_t *p_mac,
+                                                  size_t mac_size,
+                                                  size_t *p_mac_length);
 
-/** \brief A function that performs an MAC operation in one command and compare the resulting MAC against a known value using an opaque key
+/** \brief A function that performs an MAC operation in one command and
+ * compare the resulting MAC against a known value using an opaque key
  * 
- * \param p_input       A buffer containing the message to be MACed
- * \param input_length  The size in bytes of `input`
- * \param key_slot      The slot of the key to be used
- * \param alg           The algorithm to be used to underlie the MAC operation
- * \param p_mac         The MAC value against which the resulting MAC will be compared against
- * \param mac_length   The size in bytes of `mac`
+ * \param[in] p_input       A buffer containing the message to be MACed
+ * \param[in] input_length  The size in bytes of `input`
+ * \param[in] key_slot      The slot of the key to be used
+ * \param[in] alg           The algorithm to be used to underlie the MAC
+ *                          operation
+ * \param[in] p_mac         The MAC value against which the resulting MAC will
+ *                          be compared against
+ * \param[in] mac_length   The size in bytes of `mac`
  * 
  * \retval PSA_SUCCESS
- *         The operation completed successfully and the MACs matched each other
+ *         The operation completed successfully and the MACs matched each
+ *         other
  * \retval PSA_ERROR_INVALID_SIGNATURE
- *         The operation completed successfully, but the calculated MAC did not match the provided MAC
+ *         The operation completed successfully, but the calculated MAC did
+ *         not match the provided MAC
  */
-typedef psa_status_t (*pcd_mac_opaque_verify_t)( const unsigned char *p_input,
+typedef psa_status_t (*pcd_mac_opaque_verify_t)(const uint8_t *p_input,
                                                 size_t input_length,
                                                 psa_key_slot_t key_slot,
                                                 psa_algorithm_t alg,
-                                                const unsigned char *p_mac,
-                                                size_t mac_length );
+                                                const uint8_t *p_mac,
+                                                size_t mac_length);
 
-/** \brief A struct containing all of the function pointers needed to implement MAC operations using opaque keys.
+/** \brief A struct containing all of the function pointers needed to
+ * implement MAC operations using opaque keys.
  * 
- * PSA Crypto API implementations should populate the table as appropriate upon startup.
+ * PSA Crypto API implementations should populate the table as appropriate
+ * upon startup.
  *
- * If one of the functions is not implemented (such as `pcd_mac_opaque_t`), it should be set to NULL.
+ * If one of the functions is not implemented (such as `pcd_mac_opaque_t`),
+ * it should be set to NULL.
+ * 
+ * Driver implementers should ensure that they implement all of the functions
+ * that make sense for their hardware, and that they provide a full solution
+ * (for example, if they support `p_setup`, they should also support
+ * `p_update` and at least one of `p_finish` or `p_finish_verify`).
  * 
  */
 struct pcd_mac_opaque_t {
-    size_t                   context_size;  /**<The size in bytes of the hardware-specific Opaque-MAC Context structure */
-    pcd_mac_opaque_setup_t  *p_setup;       /**< Function that performs the setup operation */
-    pcd_mac_opaque_update_t *p_update;      /**< Function that performs the update operation */
-    pcd_mac_opaque_finish_t *p_finish;      /**< Function that completes the operation */
-    pcd_mac_opaque_t        *p_mac;         /**< Function that performs the MAC operation in one call */
-    pcd_mac_opaque_verify_t *p_mac_verify;  /**<Function that performs the MAC and verify operation in one call */
+    /**The size in bytes of the hardware-specific Opaque-MAC Context structure
+    */
+    size_t                          context_size;
+    /** Function that performs the setup operation
+     */
+    pcd_mac_opaque_setup_t          *p_setup;
+    /** Function that performs the update operation
+     */
+    pcd_mac_opaque_update_t         *p_update;
+    /** Function that completes the operation
+     */
+    pcd_mac_opaque_finish_t         *p_finish;
+    /** Function that completed a MAC operation with a verify check
+     */
+    pcd_mac_opaque_finish_verify_t  *p_finish_verify;
+    /** Function that aborts a previoustly started operation
+     */
+    pcd_mac_opaque_abort_t          *p_abort;
+    /** Function that performs the MAC operation in one call
+     */
+    pcd_mac_opaque_generate_t       *p_mac;
+    /** Function that performs the MAC and verify operation in one call
+     */
+    pcd_mac_opaque_verify_t         *p_mac_verify;
 };
-/** @} */
+/**@}*/
 
 /** \defgroup transparent_mac Transparent Message Authentication Code
- * @{
  */
+/**@{*/
 
 /** \brief The hardware-specific transparent-key MAC context structure
- *  The contents of this structure are implementation dependent and are therefore not described here
+ * The contents of this structure are implementation dependent and are
+ * therefore not described here.
  */
 struct pcd_mac_transparent_context_t {
     // Implementation specific
 };
 
-/** \brief The function prototype for the setup operation of a transparent-key MAC operation
+/** \brief The function prototype for the setup operation of a
+ * transparent-key MAC operation
  * 
- *  Functions that implement the prototype should be named in the following convention:
+ *  Functions that implement the prototype should be named in the following
+ * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_start
+ * pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_setup
  * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying hash function, and `MAC_VARIANT` is the specific variant of a 
- * MAC operation (such as HMAC or CMAC)
+ * Where `ALGO` is the name of the underlying primitive, and `MAC_VARIANT`
+ * is the specific variant of a MAC operation (such as HMAC or CMAC)
  * 
- * \param p_context     A structure that will contain the hardware-specific MAC context
- * \param p_key         A buffer containing the cleartext key material to be used in the operation
- * \param key_length    The size in bytes of the key material
+ * \param[in,out] p_context     A structure that will contain the 
+ *                              hardware-specific MAC context
+ * \param[in] p_key             A buffer containing the cleartext key material
+ *                              to be used in the operation
+ * \param[in] key_length        The size in bytes of the key material
  * 
  * \retval  PSA_SUCCESS
  *          Success.
  */
-typedef psa_status_t (*pcd_mac_transparent_start_t)( struct pcd_mac_transparent_context_t *p_context,
-                                                     const unsigned char *p_key,
-                                                     size_t key_length );
+typedef psa_status_t (*pcd_mac_transparent_setup_t)(struct pcd_mac_transparent_context_t *p_context,
+                                                    const uint8_t *p_key,
+                                                    size_t key_length);
 
-/** \brief The function prototype for the update operation of a transparent-key MAC operation
+/** \brief The function prototype for the update operation of a
+ * transparent-key MAC operation
  *
- * Functions that implement the prototype should be named in the following convention:
+ * Functions that implement the prototype should be named in the following
+ * convention:
  * ~~~~~~~~~~~~~{.c}
  * pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_update
  * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is the specific variant of a 
- * MAC operation (such as HMAC or CMAC)
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT`
+ * is the specific variant of a MAC operation (such as HMAC or CMAC)
  * 
- * \param p_context     A hardware-specific structure for the previously-established MAC operation to be continued
- * \param p_input       A buffer containing the message to be appended to the MAC operation
- * \param input_length  The size in bytes of the input message buffer
+ * \param[in,out] p_context     A hardware-specific structure for the
+ *                              previously-established MAC operation to be
+ *                              continued
+ * \param[in] p_input           A buffer containing the message to be appended
+ *                              to the MAC operation
+ * \param[in] input_length      The size in bytes of the input message buffer
  */
-typedef psa_status_t (*pcd_mac_transparent_update_t)( struct pcd_mac_transparent_context_t *p_context,
-                                                      const unsigned char *p_input,
-                                                      size_t input_length );
+typedef psa_status_t (*pcd_mac_transparent_update_t)(struct pcd_mac_transparent_context_t *p_context,
+                                                     const uint8_t *p_input,
+                                                     size_t input_length);
 
-/** \brief  The function prototype for the finish operation of a transparent-key MAC operation
+/** \brief  The function prototype for the finish operation of a
+ * transparent-key MAC operation
  * 
- * Functions that implement the prototype should be named in the following convention:
+ * Functions that implement the prototype should be named in the following
+ *  convention:
  * ~~~~~~~~~~~~~{.c}
  * pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_finish
  * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is the specific variant of a 
- * MAC operation (such as HMAC or CMAC)
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
+ * the specific variant of a MAC operation (such as HMAC or CMAC)
  * 
- * \param p_context         A hardware-specific structure for the previously started MAC operation to be fiinished
- * \param p_output          A buffer where the generated MAC will be placed
- * \param output_size       The size in bytes of the buffer that has been allocated for the `p_output` buffer
- * \param p_output_length   After completion, will contain the number of bytes placed in the `p_output` buffer
+ * \param[in] p_context         A hardware-specific structure for the
+ *                              previously started MAC operation to be
+ *                              finished
+ * \param[out] p_mac            A buffer where the generated MAC will be placed
+ * \param[in] mac_length        The size in bytes of the buffer that has been
+ *                              allocated for the `p_mac` buffer
  * 
  * \retval PSA_SUCCESS
  *          Success.
  */
-typedef psa_status_t (*pcd_mac_transparent_finish_t)( struct pcd_mac_transparent_context_t *p_context,
-                                                     unsigned char *p_output,
-                                                     size_t output_size,
-                                                     size_t *p_output_length );
+typedef psa_status_t (*pcd_mac_transparent_finish_t)(struct pcd_mac_transparent_context_t *p_context,
+                                                     uint8_t *p_mac,
+                                                     size_t mac_length);
 
-/** @}
+/** \brief The function prototype for the finish and verify operation of a
+ * transparent-key MAC operation
+ * 
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_finish_verify
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
+ * the specific variant of a MAC operation (such as HMAC or CMAC)
+ * 
+ * \param[in] p_context         A hardware-specific structure for the
+ *                              previously started MAC operation to be
+ *                              fiinished
+ * \param[in] p_mac             A buffer containing the MAC that will be used
+ *                              for verification
+ * \param[in] mac_length        The size in bytes of the data in the `p_mac`
+ *                              buffer
+ * 
+ * \retval PSA_SUCCESS
+ *          The operation completed successfully and the comparison matched
  */
+typedef psa_status_t (*pcd_mac_transparent_verify_finish_t)(struct pcd_mac_transparent_context_t *p_context,
+                                                            const uint8_t *p_mac,
+                                                            size_t mac_length);
+
+/** \brief The function prototype for the abort operation for a previously
+ * started transparent-key MAC operation
+ * 
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_abort
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
+ * the specific variant of a MAC operation (such as HMAC or CMAC)
+ * 
+ * \param[in] p_context         A hardware-specific structure for the
+ *                              previously started MAC operation to be
+ *                              fiinished
+ * 
+ */
+typedef psa_status_t (*pcd_mac_transparent_abort_t)(struct pcd_mac_transparent_context_t *p_context);
+
+/** \brief The function prototype for a one-shot operation of a transparent-key
+ * MAC operation
+ * 
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_mac_transparent_<ALGO>_<MAC_VARIANT>
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is 
+ * the specific variant of a MAC operation (such as HMAC or CMAC)
+ * 
+ * \param[in] p_input        A buffer containing the data to be MACed
+ * \param[in] input_length   The length in bytes of the `p_input` data
+ * \param[in] p_key          A buffer containing the key material to be used
+ *                           for the MAC operation
+ * \param[in] key_length     The length in bytes of the `p_key` data
+ * \param[in] alg            The algorithm to be performed
+ * \param[out] p_mac         The buffer where the resulting MAC will be placed
+ *                           upon success
+ * \param[in] mac_length     The length in bytes of the `p_mac` buffer
+ */
+typedef psa_status_t (*pcd_mac_transparent_t)(const uint8_t *p_input,
+                                              size_t input_length,
+                                              const uint8_t *p_key,
+                                              size_t key_length,
+                                              psa_algorithm_t alg,
+                                              uint8_t *p_mac,
+                                              size_t mac_length);
+
+/** \brief The function prototype for a one-shot operation of a transparent-key
+ * MAC Verify operation
+ * 
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_verify
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
+ * the specific variant of a MAC operation (such as HMAC or CMAC)
+ * 
+ * \param[in] p_input        A buffer containing the data to be MACed
+ * \param[in] input_length   The length in bytes of the `p_input` data
+ * \param[in] p_key          A buffer containing the key material to be used
+ *                           for the MAC operation
+ * \param[in] key_length     The length in bytes of the `p_key` data
+ * \param[in] alg            The algorithm to be performed
+ * \param[in] p_mac          The MAC data to be compared
+ * \param[in] mac_length     The length in bytes of the `p_mac` buffer
+ * 
+ * \retval PSA_SUCCESS
+ *  The operation completed successfully and the comparison matched
+ */
+typedef psa_status_t (*pcd_mac_transparent_verify_t)(const uint8_t *p_input,
+                                                     size_t input_length,
+                                                     const uint8_t *p_key,
+                                                     size_t key_length,
+                                                     psa_algorithm_t alg,
+                                                     const uint8_t *p_mac,
+                                                     size_t mac_length);
+/**@}*/
 
 /** \defgroup opaque_cipher Opaque Symmetric Ciphers
- ** @{
  */
+/**@{*/
 
-/** \brief A function pointer that provides the cipher setup function for opaque-key operations
+/** \brief A function pointer that provides the cipher setup function for
+ * opaque-key operations
  *
- * TBD: Since this is an opaque API (External, in Gilles nomeclature), shouldn't we be receiving a key handle/slot instead of key data? This is how I
- * will write it
-
- * \param p_context     A structure that will contain the hardware-specific cipher context.
- * \param key_slot      THe slot of the key to be used for the operation
- * \param algorithm     The algorithm to be used in the cipher operation
- * \param direction     Indicates whether the operation is an encrypt or decrypt
+ * \param[in,out] p_context     A structure that will contain the
+ *                              hardware-specific cipher context.
+ * \param[in] key_slot          The slot of the key to be used for the
+ *                              operation
+ * \param[in] algorithm         The algorithm to be used in the cipher
+ *                              operation
+ * \param[in] direction         Indicates whether the operation is an encrypt
+ *                              or decrypt
  * 
  * \retval PSA_SUCCESS
  * \retval PSA_ERROR_NOT_SUPPORTED
  */
-typedef psa_status_t (*pcd_cipher_opaque_setup_t) ( void *p_context,
-                                                    psa_key_slot_t key_slot,
-                                                    psa_algorithm_t algorithm,
-                                                    encrypt_or_decrypt_t direction );
-
-
-/** \brief A function pointer that sets the initialization vector (if necessary) for an opaque cipher operation
- * 
- * Note that the psa_cipher_* function set has two IV functions: one to set the IV, and one to generate it
- * internally. the generate function is not necessary for the driver API as the PSA Crypto implementation 
- * can do the generation using it's RNG features
- * 
- * \param p_context A structure that contains the previously set up hardware-specific cipher context
- * \param p_iv      A buffer containing the initialization vector
- * \param iv_length The size (in bytes) of the `p_iv` buffer
- * 
- * \retval PSA_SUCCESS
- */
-typedef psa_status_t (*pcd_cipher_opaque_set_iv_t)( void *p_context,
-                                                    const uint8_t *p_iv,
-                                                    size_t iv_length );
-
-/** \brief A function that continues a previously started opaque-key cipher operation
- * 
- * \param p_context         A hardware-specific structure for the previously started cipher operation
- * \param p_input           A buffer containing the data to be encrypted/decrypted
- * \param input_size        The size in bytes of the buffer pointed to by `p_input`
- * \param p_output          The caller-allocated buffer where the output will be placed
- * \param output_size       The allocated size in bytes of the `p_output` buffer
- * \param p_output_length   After completion, will contain the number of bytes placed in the `p_output` buffer
- * 
- * \retval PSA_SUCCESS
- */
-typedef psa_status_t (*pcd_cipher_opaque_update_t) (void *p_context,
-                                                    const uint8_t *p_input,
-                                                    size_t input_size,
-                                                    uint8_t *p_output,
-                                                    size_t output_size,
-                                                    size_t *p_output_length );
-
-/** \brief A function that completes a previously started opaque-key cipher operation
- *
- * \param p_context         A hardware-specific structure for the previously started cipher operation
- * \param p_output          The caller-callocated buffer where the output will be placed
- * \param output_size       The allocated size in bytes of the `p_output` buffer
- * \param p_output_length   After completion, will contain the number of bytes placed in the `p_output` buffer
- * 
- * \retval PSA_SUCCESS
- */
-typedef psa_status_t (*pcd_cipher_opaque_finish_t) (void *p_context, uint8_t *p_output, size_t output_size, size_t *p_output_length );
-
-/** \brief A function that performs the ECB block mode for opaque-key cipher operations
- * 
- * Note: this function should only be used with implementations that do not provide a needed higher-level operation.
- * 
- * \param key_slot      The slot of the key to be used for the operation
- * \param algorithm     The algorithm to be used in the cipher operation
- * \param direction     Indicates whether the operation is an encrypt or decrypt
- * \param p_input       A buffer containing the data to be encrypted/decrypted
- * \param input_size    The size in bytes of the buffer pointed to by `p_input`
- * \param p_output      The caller-allocated byffer where the output will be placed
- * \param output_size   The allocated size in bytes of the `p_output` buffer
- * 
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_NOT_SUPPORTED
- */
-typedef psa_status_t (*pcd_cipher_opaque_ecb_t) ( psa_key_slot_t key_slot,
+typedef psa_status_t (*pcd_cipher_opaque_setup_t)(void *p_context,
+                                                  psa_key_slot_t key_slot,
                                                   psa_algorithm_t algorithm,
-                                                  encrypt_or_decrypt_t direction,
-                                                  const uint8_t *p_input,
-                                                  size_t input_size,
-                                                  uint8_t *p_output,
-                                                  size_t output_size );
+                                                  encrypt_or_decrypt_t direction);
+
+/** \brief A function pointer that sets the initialization vector (if
+ * necessary) for an opaque cipher operation
+ * 
+ * Rationale: that the psa_cipher_* function set has two IV functions: one to
+ * set the IV, and one to generate it internally. the generate function is not
+ * necessary for the driver API as the PSA Crypto implementation can do the
+ * generation using its RNG features.
+ * 
+ * \param[in,out] p_context     A structure that contains the previously set up
+ *                              hardware-specific cipher context
+ * \param[in] p_iv              A buffer containing the initialization vector
+ * \param[in] iv_length         The size (in bytes) of the `p_iv` buffer
+ * 
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_cipher_opaque_set_iv_t)(void *p_context,
+                                                   const uint8_t *p_iv,
+                                                   size_t iv_length);
+
+/** \brief A function that continues a previously started opaque-key cipher
+ * operation
+ * 
+ * \param[in,out] p_context         A hardware-specific structure for the
+ *                                  previously started cipher operation
+ * \param[in] p_input               A buffer containing the data to be
+ *                                  encrypted/decrypted
+ * \param[in] input_size            The size in bytes of the buffer pointed to
+ *                                  by `p_input`
+ * \param[out] p_output             The caller-allocated buffer where the
+ *                                  output will be placed
+ * \param[in] output_size           The allocated size in bytes of the
+ *                                  `p_output` buffer
+ * \param[out] p_output_length      After completion, will contain the number
+ *                                  of bytes placed in the `p_output` buffer
+ * 
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_cipher_opaque_update_t)(void *p_context,
+                                                   const uint8_t *p_input,
+                                                   size_t input_size,
+                                                   uint8_t *p_output,
+                                                   size_t output_size,
+                                                   size_t *p_output_length);
+
+/** \brief A function that completes a previously started opaque-key cipher
+ * operation
+ *
+ * \param[in] p_context         A hardware-specific structure for the
+ *                              previously started cipher operation
+ * \param[out] p_output         The caller-callocated buffer where the output
+ *                              will be placed
+ * \param[in] output_size       The allocated size in bytes of the `p_output`
+ *                              buffer
+ * \param[out] p_output_length  After completion, will contain the number of
+ *                              bytes placed in the `p_output` buffer
+ * 
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_cipher_opaque_finish_t)(void *p_context,
+                                                   uint8_t *p_output,
+                                                   size_t output_size,
+                                                   size_t *p_output_length);
+
+/** \brief A function that aborts a previously started opaque-key cipher
+ * operation
+ *
+ * \param[in] p_context         A hardware-specific structure for the
+ *                              previously started cipher operation
+ */
+typedef psa_status_t (*pcd_cipher_opaque_abort_t)(void *p_context);
+
+/** \brief A function that performs the ECB block mode for opaque-key cipher
+ * operations
+ * 
+ * Note: this function should only be used with implementations that do not
+ * provide a needed higher-level operation.
+ * 
+ * \param[in] key_slot      The slot of the key to be used for the operation
+ * \param[in] algorithm     The algorithm to be used in the cipher operation
+ * \param[in] direction     Indicates whether the operation is an encrypt or
+ *                          decrypt
+ * \param[in] p_input       A buffer containing the data to be
+ *                          encrypted/decrypted
+ * \param[in] input_size    The size in bytes of the buffer pointed to by
+ *                          `p_input`
+ * \param[out] p_output     The caller-allocated byffer where the output will
+ *                          be placed
+ * \param[in] output_size   The allocated size in bytes of the `p_output`
+ *                          buffer
+ * 
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ */
+typedef psa_status_t (*pcd_cipher_opaque_ecb_t)(psa_key_slot_t key_slot,
+                                                psa_algorithm_t algorithm,
+                                                encrypt_or_decrypt_t direction,
+                                                const uint8_t *p_input,
+                                                size_t input_size,
+                                                uint8_t *p_output,
+                                                size_t output_size);
 
 /**
- * \brief A struct containing all of the function pointers needed to implement cipher operations using opaque keys.
+ * \brief A struct containing all of the function pointers needed to implement
+ * cipher operations using opaque keys.
  * 
- * PSA Crypto API implementations should populate instances of the table as appropriate upon startup.
+ * PSA Crypto API implementations should populate instances of the table as
+ * appropriate upon startup.
  * 
- * If one of the functions is not implemented (such as `pcd_cipher_opaque_ecb_t`), it should be set to NULL.
+ * If one of the functions is not implemented (such as
+ * `pcd_cipher_opaque_ecb_t`), it should be set to NULL.
  */
 struct pcd_cipher_opaque_t {
-    size_t                      size;       /**<The size in bytes of the hardware-specific Opaque Cipher context structure */
-    pcd_cipher_opaque_setup_t  *p_setup;    /**< Function that performs the setup operation */
-    pcd_cipher_opaque_set_iv_t *p_set_iv;   /**< Function that sets the IV (if necessary) */
-    pcd_cipher_opaque_update_t *p_update;   /**< Function that performs the update operation */
-    pcd_cipher_opaque_finish_t *p_finish;   /**< Function that completes the operation */
-    pcd_cipher_opaque_ecb_t    *p_ecb;      /**< Function that performs ECB mode for the cipher (Danger: ECB mode is insecure) */
+    /** The size in bytes of the hardware-specific Opaque Cipher context
+     * structure
+     */
+    size_t                      size;
+    /** Function that performs the setup operation */
+    pcd_cipher_opaque_setup_t  *p_setup;
+    /** Function that sets the IV (if necessary) */
+    pcd_cipher_opaque_set_iv_t *p_set_iv;
+    /** Function that performs the update operation */
+    pcd_cipher_opaque_update_t *p_update;
+    /** Function that completes the operation */
+    pcd_cipher_opaque_finish_t *p_finish;
+    /** Function that aborts the operation */
+    pcd_cipher_opaque_abort_t  *p_abort;
+    /** Function that performs ECB mode for the cipher
+     * (Danger: ECB mode should not be used directly by clients of the PSA
+     * Crypto Client API)
+     */
+    pcd_cipher_opaque_ecb_t    *p_ecb;
 };
 
-/** @}
- */
+/**@}*/
 
 /** \defgroup transparent_cipher Transparent Block Cipher
- * @{
  */
+/**@{*/
 
 /** \brief The hardware-specific transparent-key Cipher context structure
- *  The contents of this structure are implementation dependent and are therefore not described here
+ *  The contents of this structure are implementation dependent and are
+ * therefore not described here.
  */
 struct pcd_cipher_transparent_context_t {
     // Implementation specific
 };
 
-/** \brief The function prototype for the setup operation of transparent-key block cipher operations.
- *  Functions that implement the prototype should be named in the following convention:
+/** \brief The function prototype for the setup operation of transparent-key
+ * block cipher operations.
+ *  Functions that implement the prototype should be named in the following
+ * conventions:
  * ~~~~~~~~~~~~~{.c}
  * pcd_cipher_transparent_setup_<CIPHER_NAME>_<MODE>
  * ~~~~~~~~~~~~~
  * Where
  * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
  * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
+ * or for stream ciphers:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_cipher_transparent_setup_<CIPHER_NAME>
+ * ~~~~~~~~~~~~~
+ * Where `CIPHER_NAME` is the name of a stream cipher (i.e. RC4)
  * 
- * \param p_context         A structure that will contain the hardware-specific cipher context
- * \param direction         Indicates if the operation is an encrypt or a decrypt
- * \param p_key_data        A buffer containing the cleartext key material to be used in the operation
- * \param key_data_size     The size in bytes of the key material
+ * \param[in,out] p_context     A structure that will contain the
+ *                              hardware-specific cipher context
+ * \param[in] direction         Indicates if the operation is an encrypt or a
+ *                              decrypt
+ * \param[in] p_key_data        A buffer containing the cleartext key material
+ *                              to be used in the operation
+ * \param[in] key_data_size     The size in bytes of the key material
  * 
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_cipher_transparent_setup_t) ( struct pcd_cipher_transparent_context_t *p_context,
-                                                         encrypt_or_decrypt_t direction,
-                                                         const uint8_t *p_key_data,
-                                                         size_t key_data_size );
+typedef psa_status_t (*pcd_cipher_transparent_setup_t)(struct pcd_cipher_transparent_context_t *p_context,
+                                                       encrypt_or_decrypt_t direction,
+                                                       const uint8_t *p_key_data,
+                                                       size_t key_data_size);
 
-/** \brief The function prototype for the set initialization vector operation of transparent-key block cipher operations
- *  Functions that implement the prototype should be named in the following convention:
+/** \brief The function prototype for the set initialization vector operation
+ * of transparent-key block cipher operations
+ * Functions that implement the prototype should be named in the following
+ * convention:
  * ~~~~~~~~~~~~~{.c}
  * pcd_cipher_transparent_set_iv_<CIPHER_NAME>_<MODE>
  * ~~~~~~~~~~~~~
@@ -350,18 +617,22 @@ typedef psa_status_t (*pcd_cipher_transparent_setup_t) ( struct pcd_cipher_trans
  * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
  * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
  * 
- * \param p_context     A structure that contains the previously setup hardware-specific cipher context
- * \param p_iv          A buffer containing the initialization vecotr
- * \param iv_length     The size in bytes of the contents of `p_iv`
+ * \param[in,out] p_context     A structure that contains the previously setup
+ *                              hardware-specific cipher context
+ * \param[in] p_iv              A buffer containing the initialization vecotr
+ * \param[in] iv_length         The size in bytes of the contents of `p_iv`
  * 
  * \retval PSA_SUCCESS
 */
-typedef psa_status_t (*pcd_cipher_transparent_set_iv_t) ( struct pcd_cipher_transparent_context_t *p_context,
-                                                          const uint8_t *p_iv,
-                                                          size_t iv_length );
-/** \brief The function prototype for the update operation of transparent-key block cipher operations.
+typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(struct pcd_cipher_transparent_context_t *p_context,
+                                                        const uint8_t *p_iv,
+                                                        size_t iv_length);
+
+/** \brief The function prototype for the update operation of transparent-key
+ * block cipher operations.
  *
- *  Functions that implement the prototype should be named in the following convention:
+ *  Functions that implement the prototype should be named in the following
+ * convention:
  * ~~~~~~~~~~~~~{.c}
  * pcd_cipher_transparent_update_<CIPHER_NAME>_<MODE>
  * ~~~~~~~~~~~~~
@@ -369,51 +640,58 @@ typedef psa_status_t (*pcd_cipher_transparent_set_iv_t) ( struct pcd_cipher_tran
  * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
  * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
  * 
- * TODO: Should the PSA Crypto API implementation calling these functions handle padding? What about hardware that handles padding?
- * 
- * \param p_context         A hardware-specific structure for the previously started cipher operation
- * \param p_input           A buffer containing the data to be encrypted or decrypted
- * \param input_size        The size in bytes of the `p_input` buffer
- * \param p_output          A caller-allocated buffer where the generated output will be placed
- * \param output_size       The size in bytes of the `p_output` buffer
- * \param p_output_length   After completion, will contain the number of bytes placed in the `p_output` buffer
+ * \param[in,out] p_context         A hardware-specific structure for the
+ *                                  previously started cipher operation
+ * \param[in] p_input               A buffer containing the data to be
+ *                                  encrypted or decrypted
+ * \param[in] input_size            The size in bytes of the `p_input` buffer
+ * \param[out] p_output             A caller-allocated buffer where the
+ *                                  generated output will be placed
+ * \param[in] output_size           The size in bytes of the `p_output` buffer
+ * \param[out] p_output_length      After completion, will contain the number
+ *                                  of bytes placed in the `p_output` buffer
  * 
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_cipher_transparent_update_t) ( struct pcd_cipher_transparent_context_t *p_context,
-                                                          const uint8_t *p_input,
-                                                          size_t input_size,
-                                                          uint8_t *p_output,
-                                                          size_t output_size,
-                                                          size_t *p_output_length );
+typedef psa_status_t (*pcd_cipher_transparent_update_t)(struct pcd_cipher_transparent_context_t *p_context,
+                                                        const uint8_t *p_input,
+                                                        size_t input_size,
+                                                        uint8_t *p_output,
+                                                        size_t output_size,
+                                                        size_t *p_output_length);
 
-/** \brief The function prototype for the finish operation of transparent-key block cipher operations.
+/** \brief The function prototype for the finish operation of transparent-key
+ * block cipher operations.
 *
- *  Functions that implement the prototype should be named in the following convention:
+ *  Functions that implement the prototype should be named in the following
+ * convention:
  * ~~~~~~~~~~~~~{.c}
  * pcd_cipher_transparent_finish_<CIPHER_NAME>_<MODE>
  * ~~~~~~~~~~~~~
  * Where
  * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
  * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
- * 
- * TODO: Should the PSA Crypto API implementation calling these functions handle padding? What about hardware that handles padding?
- * 
- * \param p_context         A hardware-specific structure for the previously started cipher operation
- * \param p_output          A caller-allocated buffer where the generated output will be placed
- * \param output_size       The size in bytes of the `p_output` buffer
- * \param p_output_length   After completion, will contain the number of bytes placed in the `p_output` buffer
+ *
+ * \param[in] p_context         A hardware-specific structure for the
+ *                              previously started cipher operation
+ * \param[out] p_output         A caller-allocated buffer where the generated
+ *                              output will be placed
+ * \param[in] output_size       The size in bytes of the `p_output` buffer
+ * \param[out] p_output_length  After completion, will contain the number of
+ *                              bytes placed in the `p_output` buffer
  * 
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_cipher_transparent_finish_t) ( struct pcd_cipher_transparent_context_t *p_context,
-                                                          uint8_t *p_output,
-                                                          size_t output_size,
-                                                          size_t *p_output_length );
+typedef psa_status_t (*pcd_cipher_transparent_finish_t)(struct pcd_cipher_transparent_context_t *p_context,
+                                                        uint8_t *p_output,
+                                                        size_t output_size,
+                                                        size_t *p_output_length);
 
-/** \brief The function prototype for the abort operation of transparent-key block cipher operations.
+/** \brief The function prototype for the abort operation of transparent-key
+ * block cipher operations.
  * 
- *  Functions that implement the following prototype should be named in the following convention:
+ *  Functions that implement the following prototype should be named in the
+ * following convention:
  * ~~~~~~~~~~~~~{.c}
  * pcd_cipher_transparent_abort_<CIPHER_NAME>_<MODE>
  * ~~~~~~~~~~~~~
@@ -421,336 +699,364 @@ typedef psa_status_t (*pcd_cipher_transparent_finish_t) ( struct pcd_cipher_tran
  * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
  * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
  * 
- * TODO: Should the PSA Crypto API implementation calling these functions handle padding? What about hardware that handles padding?
- * 
- * \param p_context         A hardware-specific structure for the previously started cipher operation
+ * \param[in] p_context         A hardware-specific structure for the
+ *                              previously started cipher operation
  * 
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_cipher_transparent_abort_t) ( struct pcd_cipher_transparent_context_t *p_context );
+typedef psa_status_t (*pcd_cipher_transparent_abort_t)(struct pcd_cipher_transparent_context_t *p_context);
 
-/** @}
- */
+/**@}*/
 
-/** \defgroup digest Message Digests
- * @{
+/** \defgroup driver_digest Message Digests
  */
+/**@{*/
 
 /** \brief The hardware-specific hash context structure
- *  The contents of this structure are implementation dependent and are therefore not described here
+ * The contents of this structure are implementation dependent and are
+ * therefore not described here
  */
 struct pcd_hash_context_t {
     // Implementation specific
 };
 
-/** \brief The function prototype for the start operation of a hash (message digest) operation
+/** \brief The function prototype for the start operation of a hash (message
+ * digest) operation
  * 
- *  Functions that implement the prototype should be named in the following convention:
+ *  Functions that implement the prototype should be named in the following
+ * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_hash_<ALGO>_start
+ * pcd_hash_<ALGO>_setup
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying hash function
  * 
- * \param p_context     A structure that will contain the hardware-specific hash context
+ * \param[in,out] p_context     A structure that will contain the
+ * hardware-specific hash context
  * 
  * \retval  PSA_SUCCESS     Success.
  */
-typedef psa_status_t (*pcd_hash_start_t)(struct pcd_hash_context_t *p_context );
+typedef psa_status_t (*pcd_hash_setup_t)(struct pcd_hash_context_t *p_context);
 
-
-
-/** \brief The function prototype for the update operation of a hash (message digest) operation
+/** \brief The function prototype for the update operation of a hash (message
+ * digest) operation
  *
- * Functions that implement the prototype should be named in the following convention:
+ * Functions that implement the prototype should be named in the following
+ * convention:
  * ~~~~~~~~~~~~~{.c}
  * pcd_hash_<ALGO>_update
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm
  * 
- * \param p_context     A hardware-specific structure for the previously-established hash operation to be continued
- * \param p_input       A buffer containing the message to be appended to the hash operation
- * \param input_length  The size in bytes of the input message buffer
+ * \param[in,out] p_context     A hardware-specific structure for the
+ *                              previously-established hash operation to be
+ *                              continued
+ * \param[in] p_input           A buffer containing the message to be appended
+ *                              to the hash operation
+ * \param[in] input_length      The size in bytes of the input message buffer
  */
-typedef psa_status_t (*pcd_hash_update_t)(struct pcd_hash_context_t *p_context, const unsigned char *p_input, size_t input_length);
+typedef psa_status_t (*pcd_hash_update_t)(struct pcd_hash_context_t *p_context,
+                                          const uint8_t *p_input,
+                                          size_t input_length);
 
-/** \brief  The prototype for the finish operation of a hash (message digest) operation
+/** \brief  The prototype for the finish operation of a hash (message digest)
+ * operation
  * 
- * Functions that implement the prototype should be named in the following convention:
+ * Functions that implement the prototype should be named in the following
+ * convention:
  * ~~~~~~~~~~~~~{.c}
  * pcd_hash_<ALGO>_finish
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm
  * 
- * \param p_context         A hardware-specific structure for the previously started hash operation to be fiinished
- * \param p_output          A buffer where the generated digest will be placed
- * \param output_size       The size in bytes of the buffer that has been allocated for the `p_output` buffer
+ * \param[in] p_context         A hardware-specific structure for the
+ *                              previously started hash operation to be
+ *                              fiinished
+ * \param[out] p_output         A buffer where the generated digest will be
+ *                              placed
+ * \param[in] output_size       The size in bytes of the buffer that has been
+ *                              allocated for the `p_output` buffer
  * 
  * \retval PSA_SUCCESS
  *          Success.
  */
-typedef psa_status_t (*pcd_hash_finish_t)(struct pcd_hash_context_t *p_context, unsigned char *p_output, size_t output_size);
+typedef psa_status_t (*pcd_hash_finish_t)(struct pcd_hash_context_t *p_context,
+                                          uint8_t *p_output,
+                                          size_t output_size);
 
-/** \brief The function prototype for the abort operation of a hash (message digest) operation
+/** \brief The function prototype for the abort operation of a hash (message
+ * digest) operation
  * 
- * Functions that implement the prototype should be named in the following convention:
+ * Functions that implement the prototype should be named in the following
+ * convention:
  * ~~~~~~~~~~~~~{.c}
  * pcd_hash_<ALGO>_abort
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm
  * 
- * \param p_context     A hardware-specific structure for the previously started hash operation to be aborted
+ * \param[in] p_context     A hardware-specific structure for the previously
+ *                          started hash operation to be aborted
  */
 typedef void (*pcd_hash_abort_t)(struct pcd_hash_context_t *p_context);
 
-/** @}
- */
+/**@}*/
 
 
 /** \defgroup opaque_asymmetric Opaque Asymmetric Cryptography
- * @{
  */
+/**@{*/
 
 /**
- * \brief A function that signs a hash or short message with a private key.
+ * \brief A function that signs a hash or short message with a private key
  *
- * \param key_slot                  Key slot of an asymmetric key pair.
- * \param alg                       A signature algorithm that is compatible with
- *                                  the type of `key`.
- * \param[in] p_hash                The hash or message to sign.
- * \param hash_length               Size of the `p_hash` buffer in bytes.
- * \param[out] p_signature          Buffer where the signature is to be written.
- * \param signature_size            Size of the `p_signature` buffer in bytes.
+ * \param[in] key_slot              Key slot of an asymmetric key pair
+ * \param[in] alg                   A signature algorithm that is compatible
+ *                                  with the type of `key`
+ * \param[in] p_hash                The hash or message to sign
+ * \param[in] hash_length           Size of the `p_hash` buffer in bytes
+ * \param[out] p_signature          Buffer where the signature is to be written
+ * \param signature_size            Size of the `p_signature` buffer in bytes
  * \param[out] p_signature_length   On success, the number of bytes
- *                                  that make up the returned signature value.
+ *                                  that make up the returned signature value
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_asymmetric_opaque_sign_t)( psa_key_slot_t key_slot,
-                                                      psa_algorithm_t alg,
-                                                      const uint8_t *p_hash,
-                                                      size_t hash_length,
-                                                      uint8_t *p_signature,
-                                                      size_t signature_size,
-                                                      size_t *p_signature_length );
+typedef psa_status_t (*pcd_asymmetric_opaque_sign_t)(psa_key_slot_t key_slot,
+                                                     psa_algorithm_t alg,
+                                                     const uint8_t *p_hash,
+                                                     size_t hash_length,
+                                                     uint8_t *p_signature,
+                                                     size_t signature_size,
+                                                     size_t *p_signature_length);
 
 /**
- * \brief A function that verifies the signature a hash or short message using a public key.
+ * \brief A function that verifies the signature a hash or short message using
+ * a public key
  *
-  * \param key_slot         Key slot of a public key or an asymmetric key pair.
- * \param alg               A signature algorithm that is compatible with
- *                          the type of `key`.
- * \param[in] p_hash        The hash or message whose signature is to be
- *                          verified.
- * \param hash_length       Size of the `p_hash` buffer in bytes.
- * \param[in] p_signature   Buffer containing the signature to verify.
- * \param signature_length  Size of the `p_signature` buffer in bytes.
+ * \param[in] key_slot          Key slot of a public key or an asymmetric key
+ *                              pair
+ * \param[in] alg               A signature algorithm that is compatible with
+ *                              the type of `key`
+ * \param[in] p_hash            The hash or message whose signature is to be
+ *                              verified
+ * \param[in] hash_length       Size of the `p_hash` buffer in bytes
+ * \param[in] p_signature       Buffer containing the signature to verify
+ * \param[in] signature_length  Size of the `p_signature` buffer in bytes
  *
  * \retval PSA_SUCCESS
  *         The signature is valid.
  */
-typedef psa_status_t (*pcd_asymmetric_opaque_verify_t)( psa_key_slot_t key_slot,
-                                                        psa_algorithm_t alg,
-                                                        const uint8_t *p_hash,
-                                                        size_t hash_length,
-                                                        const uint8_t *p_signature,
-                                                        size_t signature_length );
+typedef psa_status_t (*pcd_asymmetric_opaque_verify_t)(psa_key_slot_t key_slot,
+                                                       psa_algorithm_t alg,
+                                                       const uint8_t *p_hash,
+                                                       size_t hash_length,
+                                                       const uint8_t *p_signature,
+                                                       size_t signature_length);
 
 /**
- * \brief A function that encrypts a short message with a public key.
+ * \brief A function that encrypts a short message with a public key
  *
- * \param key_slot              Key slot of a public key or an asymmetric key pair.
- * \param alg                   An asymmetric encryption algorithm that is
- *                              compatible with the type of `key`.
- * \param[in] p_input           The message to encrypt.
- * \param input_length          Size of the `p_input` buffer in bytes.
+ * \param[in] key_slot          Key slot of a public key or an asymmetric key
+ *                              pair
+ * \param[in] alg               An asymmetric encryption algorithm that is
+ *                              compatible with the type of `key`
+ * \param[in] p_input           The message to encrypt
+ * \param[in] input_length      Size of the `p_input` buffer in bytes
  * \param[in] p_salt            A salt or label, if supported by the
- *                              encryption algorithm.
+ *                              encryption algorithm
  *                              If the algorithm does not support a
  *                              salt, pass `NULL`.
  *                              If the algorithm supports an optional
  *                              salt and you do not want to pass a salt,
  *                              pass `NULL`.
- *
- *                              - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
- *                                supported.
- * \param salt_length           Size of the `p_salt` buffer in bytes.
+ *                              For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
+ *                              supported.
+ * \param[in] salt_length       Size of the `p_salt` buffer in bytes
  *                              If `p_salt` is `NULL`, pass 0.
  * \param[out] p_output         Buffer where the encrypted message is to
- *                              be written.
- * \param output_size           Size of the `p_output` buffer in bytes.
- * \param[out] p_output_length  On success, the number of bytes
- *                              that make up the returned output.
+ *                              be written
+ * \param[in] output_size       Size of the `p_output` buffer in bytes
+ * \param[out] p_output_length  On success, the number of bytes that make up
+ *                              the returned output
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_asymmetric_opaque_encrypt_t)( psa_key_slot_t key_slot,
-                                                         psa_algorithm_t alg,
-                                                         const uint8_t *p_input,
-                                                         size_t input_length,
-                                                         const uint8_t *p_salt,
-                                                         size_t salt_length,
-                                                         uint8_t *p_output,
-                                                         size_t output_size,
-                                                         size_t *p_output_length );
+typedef psa_status_t (*pcd_asymmetric_opaque_encrypt_t)(psa_key_slot_t key_slot,
+                                                        psa_algorithm_t alg,
+                                                        const uint8_t *p_input,
+                                                        size_t input_length,
+                                                        const uint8_t *p_salt,
+                                                        size_t salt_length,
+                                                        uint8_t *p_output,
+                                                        size_t output_size,
+                                                        size_t *p_output_length);
 
 /**
  * \brief Decrypt a short message with a private key.
  *
- * \param key_slot              Key slot of an asymmetric key pair.
- * \param alg                   An asymmetric encryption algorithm that is
- *                              compatible with the type of \p key.
- * \param[in] p_input           The message to decrypt.
- * \param input_length          Size of the `p_input` buffer in bytes.
+ * \param[in] key_slot          Key slot of an asymmetric key pair
+ * \param[in] alg               An asymmetric encryption algorithm that is
+ *                              compatible with the type of `key`
+ * \param[in] p_input           The message to decrypt
+ * \param[in] input_length      Size of the `p_input` buffer in bytes
  * \param[in] p_salt            A salt or label, if supported by the
- *                              encryption algorithm.
+ *                              encryption algorithm
  *                              If the algorithm does not support a
  *                              salt, pass `NULL`.
  *                              If the algorithm supports an optional
  *                              salt and you do not want to pass a salt,
  *                              pass `NULL`.
- *
- *                              - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
- *                                supported.
- * \param salt_length           Size of the `p_salt` buffer in bytes.
+ *                              For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
+ *                              supported.
+ * \param[in] salt_length       Size of the `p_salt` buffer in bytes
  *                              If `p_salt` is `NULL`, pass 0.
  * \param[out] p_output         Buffer where the decrypted message is to
- *                              be written.
- * \param output_size           Size of the `p_output` buffer in bytes.
+ *                              be written
+ * \param[in] output_size       Size of the `p_output` buffer in bytes
  * \param[out] p_output_length  On success, the number of bytes
- *                              that make up the returned output.
+ *                              that make up the returned output
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_asymmetric_opaque_decrypt_t)( psa_key_slot_t key_slot,
-                                                         psa_algorithm_t alg,
-                                                         const uint8_t *p_input,
-                                                         size_t input_length,
-                                                         const uint8_t *p_salt,
-                                                         size_t salt_length,
-                                                         uint8_t *p_output,
-                                                         size_t output_size,
-                                                         size_t *p_output_length );
+typedef psa_status_t (*pcd_asymmetric_opaque_decrypt_t)(psa_key_slot_t key_slot,
+                                                        psa_algorithm_t alg,
+                                                        const uint8_t *p_input,
+                                                        size_t input_length,
+                                                        const uint8_t *p_salt,
+                                                        size_t salt_length,
+                                                        uint8_t *p_output,
+                                                        size_t output_size,
+                                                        size_t *p_output_length);
 
 /**
- * \brief A struct containing all of the function pointers needed to implement asymmetric cryptographic operations
- * using opaque keys.
+ * \brief A struct containing all of the function pointers needed to implement
+ * asymmetric cryptographic operations using opaque keys.
  * 
- * PSA Crypto API implementations should populate instances of the table as appropriate upon startup.
+ * PSA Crypto API implementations should populate instances of the table as
+ * appropriate upon startup.
  * 
  * If one of the functions is not implemented, it should be set to NULL.
  */
 struct pcd_asymmetric_opaque_t {
-    pcd_asymmetric_opaque_sign_t    *p_sign;    /**< Function that performs the asymmetric sign operation */
-    pcd_asymmetric_opaque_verify_t  *p_verify;  /**< Function that performs the asymmetric verify operation */
-    pcd_asymmetric_opaque_encrypt_t *p_encrypt; /**< Function that performs the asymmetric encrypt operation */
-    pcd_asymmetric_opaque_decrypt_t *p_decrypt; /**< Function that performs the asymmetric decrypt operation */
+    /** Function that performs the asymmetric sign operation */
+    pcd_asymmetric_opaque_sign_t    *p_sign;
+    /** Function that performs the asymmetric verify operation */
+    pcd_asymmetric_opaque_verify_t  *p_verify;
+    /** Function that performs the asymmetric encrypt operation */
+    pcd_asymmetric_opaque_encrypt_t *p_encrypt;
+    /** Function that performs the asymmetric decrypt operation */
+    pcd_asymmetric_opaque_decrypt_t *p_decrypt;
 };
 
-/** @}
- */
+/**@}*/
 
 /** \defgroup transparent_asymmetric Transparent Asymmetric Cryptography
- * @{
  */
+/**@{*/
 
 
 /**
- * \brief A function that signs a hash or short message with a transparent private key.
+ * \brief A function that signs a hash or short message with a transparent
+ * private key
  * 
- * Functions that implement the prototype should be named in the following convention:
+ * Functions that implement the prototype should be named in the following
+ * convention:
  * ~~~~~~~~~~~~~{.c}
  * pcd_asymmetric_<ALGO>_sign
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the signing algorithm
  * 
- * \param p_key                     A buffer containing the private key material.
- * \param key_size                  The size in bytes of the `p_key` data
- * \param alg                       A signature algorithm that is compatible with
- *                                  the type of `p_key`.
- * \param[in] p_hash                The hash or message to sign.
- * \param hash_length               Size of the `p_hash` buffer in bytes.
- * \param[out] p_signature          Buffer where the signature is to be written.
- * \param signature_size            Size of the `p_signature` buffer in bytes.
+ * \param[in] p_key                 A buffer containing the private key
+ *                                  material
+ * \param[in] key_size              The size in bytes of the `p_key` data
+ * \param[in] alg                   A signature algorithm that is compatible
+ *                                  with the type of `p_key`
+ * \param[in] p_hash                The hash or message to sign
+ * \param[in] hash_length           Size of the `p_hash` buffer in bytes
+ * \param[out] p_signature          Buffer where the signature is to be written
+ * \param[in] signature_size        Size of the `p_signature` buffer in bytes
  * \param[out] p_signature_length   On success, the number of bytes
- *                                  that make up the returned signature value.
+ *                                  that make up the returned signature value
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_asymmetric_transparent_sign_t)( const uint8_t *p_key,
-                                                           size_t key_size,
-                                                           psa_algorithm_t alg,
-                                                           const uint8_t *p_hash,
-                                                           size_t hash_length,
-                                                           uint8_t *p_signature,
-                                                           size_t signature_size,
-                                                           size_t *p_signature_length );
+typedef psa_status_t (*pcd_asymmetric_transparent_sign_t)(const uint8_t *p_key,
+                                                          size_t key_size,
+                                                          psa_algorithm_t alg,
+                                                          const uint8_t *p_hash,
+                                                          size_t hash_length,
+                                                          uint8_t *p_signature,
+                                                          size_t signature_size,
+                                                          size_t *p_signature_length);
 
 /**
- * \brief A function that verifies the signature a hash or short message using a transparent public key.
+ * \brief A function that verifies the signature a hash or short message using
+ * a transparent public key
  *
- * Functions that implement the prototype should be named in the following convention:
+ * Functions that implement the prototype should be named in the following
+ * convention:
  * ~~~~~~~~~~~~~{.c}
  * pcd_asymmetric_<ALGO>_verify
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the signing algorithm 
  * 
- * \param p_key             A buffer containing the public key material.
- * \param key_size          The size in bytes of the `p_key` data
- * \param alg               A signature algorithm that is compatible with
- *                          the type of `key`.
- * \param[in] p_hash        The hash or message whose signature is to be
- *                          verified.
- * \param hash_length       Size of the `p_hash` buffer in bytes.
- * \param[in] p_signature   Buffer containing the signature to verify.
- * \param signature_length  Size of the `p_signature` buffer in bytes.
+ * \param[in] p_key             A buffer containing the public key material
+ * \param[in] key_size          The size in bytes of the `p_key` data
+ * \param[in] alg               A signature algorithm that is compatible with
+ *                              the type of `key`
+ * \param[in] p_hash            The hash or message whose signature is to be
+ *                              verified
+ * \param[in] hash_length       Size of the `p_hash` buffer in bytes
+ * \param[in] p_signature       Buffer containing the signature to verify
+ * \param[in] signature_length  Size of the `p_signature` buffer in bytes
  *
  * \retval PSA_SUCCESS
  *         The signature is valid.
  */
-typedef psa_status_t (*pcd_asymmetric_transparent_verify_t)( const uint8_t *p_key,
-                                                             size_t key_size,
-                                                             psa_algorithm_t alg,
-                                                             const uint8_t *p_hash,
-                                                             size_t hash_length,
-                                                             const uint8_t *p_signature,
-                                                             size_t signature_length );
+typedef psa_status_t (*pcd_asymmetric_transparent_verify_t)(const uint8_t *p_key,
+                                                            size_t key_size,
+                                                            psa_algorithm_t alg,
+                                                            const uint8_t *p_hash,
+                                                            size_t hash_length,
+                                                            const uint8_t *p_signature,
+                                                            size_t signature_length);
 
 /**
- * \brief A function that encrypts a short message with a transparent public key.
+ * \brief A function that encrypts a short message with a transparent public
+ * key
  *
- * Functions that implement the prototype should be named in the following convention:
+ * Functions that implement the prototype should be named in the following
+ * convention:
  * ~~~~~~~~~~~~~{.c}
  * pcd_asymmetric_<ALGO>_encrypt
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the encryption algorithm
  * 
- * \param p_key                 A buffer containing the public key material
- * \param key_size              The size in bytes of the `p_key` data
- * \param alg                   An asymmetric encryption algorithm that is
- *                              compatible with the type of `key`.
- * \param[in] p_input           The message to encrypt.
- * \param input_length          Size of the `p_input` buffer in bytes.
+ * \param[in] p_key             A buffer containing the public key material
+ * \param[in] key_size          The size in bytes of the `p_key` data
+ * \param[in] alg               An asymmetric encryption algorithm that is
+ *                              compatible with the type of `key`
+ * \param[in] p_input           The message to encrypt
+ * \param[in] input_length      Size of the `p_input` buffer in bytes
  * \param[in] p_salt            A salt or label, if supported by the
- *                              encryption algorithm.
+ *                              encryption algorithm
  *                              If the algorithm does not support a
- *                              salt, pass `NULL`.
+ *                              salt, pass `NULL`
  *                              If the algorithm supports an optional
  *                              salt and you do not want to pass a salt,
  *                              pass `NULL`.
- *
- *                              - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
- *                                supported.
- * \param salt_length           Size of the `p_salt` buffer in bytes.
+ *                              For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
+ *                              supported.
+ * \param[in] salt_length       Size of the `p_salt` buffer in bytes
  *                              If `p_salt` is `NULL`, pass 0.
  * \param[out] p_output         Buffer where the encrypted message is to
- *                              be written.
- * \param output_size           Size of the `p_output` buffer in bytes.
+ *                              be written
+ * \param[in] output_size       Size of the `p_output` buffer in bytes
  * \param[out] p_output_length  On success, the number of bytes
- *                              that make up the returned output.
+ *                              that make up the returned output
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)( const uint8_t *p_key,
+typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)(const uint8_t *p_key,
                                                              size_t key_size,
                                                              psa_algorithm_t alg,
                                                              const uint8_t *p_input,
@@ -759,90 +1065,90 @@ typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)( const uint8_t *p_k
                                                              size_t salt_length,
                                                              uint8_t *p_output,
                                                              size_t output_size,
-                                                             size_t *p_output_length );
+                                                             size_t *p_output_length);
 
 /**
- * \brief Decrypt a short message with a transparent private key.
+ * \brief Decrypt a short message with a transparent private key
  *
- * Functions that implement the prototype should be named in the following convention:
+ * Functions that implement the prototype should be named in the following
+ * convention:
  * ~~~~~~~~~~~~~{.c}
  * pcd_asymmetric_<ALGO>_decrypt
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the encryption algorithm
  * 
- * \param p_key                 A buffer containing the private key material
- * \param key_size              The size in bytes of the `p_key` data
- * \param alg                   An asymmetric encryption algorithm that is
- *                              compatible with the type of \p key.
- * \param[in] p_input           The message to decrypt.
- * \param input_length          Size of the `p_input` buffer in bytes.
+ * \param[in] p_key             A buffer containing the private key material
+ * \param[in] key_size          The size in bytes of the `p_key` data
+ * \param[in] alg               An asymmetric encryption algorithm that is
+ *                              compatible with the type of `key`
+ * \param[in] p_input           The message to decrypt
+ * \param[in] input_length      Size of the `p_input` buffer in bytes
  * \param[in] p_salt            A salt or label, if supported by the
- *                              encryption algorithm.
+ *                              encryption algorithm
  *                              If the algorithm does not support a
  *                              salt, pass `NULL`.
  *                              If the algorithm supports an optional
  *                              salt and you do not want to pass a salt,
  *                              pass `NULL`.
- *
- *                              - For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
- *                                supported.
- * \param salt_length           Size of the `p_salt` buffer in bytes.
- *                              If `p_salt` is `NULL`, pass 0.
+ *                              For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
+ *                              supported
+ * \param[in] salt_length       Size of the `p_salt` buffer in bytes
+ *                              If `p_salt` is `NULL`, pass 0
  * \param[out] p_output         Buffer where the decrypted message is to
- *                              be written.
- * \param output_size           Size of the `p_output` buffer in bytes.
+ *                              be written
+ * \param[in] output_size       Size of the `p_output` buffer in bytes
  * \param[out] p_output_length  On success, the number of bytes
- *                              that make up the returned output.
+ *                              that make up the returned output
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_asymmetric_transparent_decrypt_t)( const uint8_t *p_key,
-                                                              size_t key_size,
-                                                              psa_algorithm_t alg,
-                                                              const uint8_t *p_input,
-                                                              size_t input_length,
-                                                              const uint8_t *p_salt,
-                                                              size_t salt_length,
-                                                              uint8_t *p_output,
-                                                              size_t output_size,
-                                                              size_t *p_output_length );
+typedef psa_status_t (*pcd_asymmetric_transparent_decrypt_t)(const uint8_t *p_key,
+                                                             size_t key_size,
+                                                             psa_algorithm_t alg,
+                                                             const uint8_t *p_input,
+                                                             size_t input_length,
+                                                             const uint8_t *p_salt,
+                                                             size_t salt_length,
+                                                             uint8_t *p_output,
+                                                             size_t output_size,
+                                                             size_t *p_output_length);
 
-/** @}
- */
+/**@}*/
 
 /** \defgroup aead_opaque AEAD Opaque
- * * @{
  */
+/**@{*/
 
-/** Process an authenticated encryption operation using an opaque key.
+/** \brief Process an authenticated encryption operation using an opaque key
  *
- * \param key_slot                  Slot containing the key to use.
- * \param algorithm                 The AEAD algorithm to compute
- *                                  (\c PSA_ALG_XXX value such that
- *                                  #PSA_ALG_IS_AEAD(\p alg) is true).
- * \param[in] p_nonce               Nonce or IV to use.
- * \param nonce_length              Size of the `p_nonce` buffer in bytes.
- * \param[in] p_additional_data     Additional data that will be authenticated
- *                                  but not encrypted.
- * \param additional_data_length    Size of `p_additional_data` in bytes.
- * \param[in] p_plaintext           Data that will be authenticated and
- *                                  encrypted.
- * \param plaintext_length          Size of `p_plaintext` in bytes.
- * \param[out] p_ciphertext         Output buffer for the authenticated and
- *                                  encrypted data. The additional data is not
- *                                  part of this output. For algorithms where the
- *                                  encrypted data and the authentication tag
- *                                  are defined as separate outputs, the
- *                                  authentication tag is appended to the
- *                                  encrypted data.
- * \param ciphertext_size           Size of the `p_ciphertext` buffer in bytes.
- * \param[out] p_ciphertext_length  On success, the size of the output
- *                                  in the `p_ciphertext` buffer.
+ * \param[in] key_slot                  Slot containing the key to use.
+ * \param[in] algorithm                 The AEAD algorithm to compute
+ *                                      (\c PSA_ALG_XXX value such that
+ *                                      #PSA_ALG_IS_AEAD(`alg`) is true)
+ * \param[in] p_nonce                   Nonce or IV to use
+ * \param[in] nonce_length              Size of the `p_nonce` buffer in bytes
+ * \param[in] p_additional_data         Additional data that will be
+ *                                      authenticated but not encrypted
+ * \param[in] additional_data_length    Size of `p_additional_data` in bytes
+ * \param[in] p_plaintext               Data that will be authenticated and
+ *                                      encrypted
+ * \param[in] plaintext_length          Size of `p_plaintext` in bytes
+ * \param[out] p_ciphertext             Output buffer for the authenticated and
+ *                                      encrypted data. The additional data is
+ *                                      not part of this output. For algorithms
+ *                                      where the encrypted data and the
+ *                                      authentication tag are defined as
+ *                                      separate outputs, the authentication
+ *                                      tag is appended to the encrypted data.
+ * \param[in] ciphertext_size           Size of the `p_ciphertext` buffer in
+ *                                      bytes
+ * \param[out] p_ciphertext_length      On success, the size of the output in
+ *                                      the `p_ciphertext` buffer
  *
  * \retval #PSA_SUCCESS
  *         Success.
  */
-typedef psa_status_t (*psa_aead_opaque_encrypt_t)( psa_key_slot_t key_slot,
+typedef psa_status_t (*psa_aead_opaque_encrypt_t)(psa_key_slot_t key_slot,
                                                   psa_algorithm_t algorithm,
                                                   const uint8_t *p_nonce,
                                                   size_t nonce_length,
@@ -854,167 +1160,177 @@ typedef psa_status_t (*psa_aead_opaque_encrypt_t)( psa_key_slot_t key_slot,
                                                   size_t ciphertext_size,
                                                   size_t *p_ciphertext_length);
 
-/** Process an authenticated decryption operation using an opaque key.
+/** Process an authenticated decryption operation using an opaque key
  *
- * \param key_slot                  Slot containing the key to use.
- * \param algorithm                 The AEAD algorithm to compute
- *                                  (\c PSA_ALG_XXX value such that
- *                                  #PSA_ALG_IS_AEAD(\p alg) is true).
- * \param[in] p_nonce               Nonce or IV to use.
- * \param nonce_length              Size of the `p_nonce` buffer in bytes.
- * \param[in] p_additional_data     Additional data that has been authenticated
- *                                  but not encrypted.
- * \param additional_data_length    Size of `p_additional_data` in bytes.
- * \param[in] p_ciphertext          Data that has been authenticated and
- *                                  encrypted. For algorithms where the
- *                                  encrypted data and the authentication tag
- *                                  are defined as separate inputs, the buffer
- *                                  must contain the encrypted data followed
- *                                  by the authentication tag.
- * \param ciphertext_length         Size of `p_ciphertext` in bytes.
- * \param[out] p_plaintext          Output buffer for the decrypted data.
- * \param plaintext_size            Size of the `p_plaintext` buffer in bytes.
- * \param[out] p_plaintext_length   On success, the size of the output
- *                                  in the `p_plaintext` buffer.
+ * \param[in] key_slot                  Slot containing the key to use
+ * \param[in] algorithm                 The AEAD algorithm to compute
+ *                                      (\c PSA_ALG_XXX value such that
+ *                                      #PSA_ALG_IS_AEAD(`alg`) is true)
+ * \param[in] p_nonce                   Nonce or IV to use
+ * \param[in] nonce_length              Size of the `p_nonce` buffer in bytes
+ * \param[in] p_additional_data         Additional data that has been
+ *                                      authenticated but not encrypted
+ * \param[in] additional_data_length    Size of `p_additional_data` in bytes
+ * \param[in] p_ciphertext              Data that has been authenticated and
+ *                                      encrypted.
+ *                                      For algorithms where the encrypted data
+ *                                      and the authentication tag are defined
+ *                                      as separate inputs, the buffer must
+ *                                      contain the encrypted data followed by
+ *                                      the authentication tag.
+ * \param[in] ciphertext_length         Size of `p_ciphertext` in bytes
+ * \param[out] p_plaintext              Output buffer for the decrypted data
+ * \param[in] plaintext_size            Size of the `p_plaintext` buffer in
+ *                                      bytes
+ * \param[out] p_plaintext_length       On success, the size of the output in
+ *                                      the `p_plaintext` buffer
  *
  * \retval #PSA_SUCCESS
  *         Success.
  */
-typedef psa_status_t (*psa_aead_opaque_decrypt_t)( psa_key_slot_t key_slot,
-                                                   psa_algorithm_t algorithm,
-                                                   const uint8_t *p_nonce,
-                                                   size_t nonce_length,
-                                                   const uint8_t *p_additional_data,
-                                                   size_t additional_data_length,
-                                                   const uint8_t *p_ciphertext,
-                                                   size_t ciphertext_length,
-                                                   uint8_t *p_plaintext,
-                                                   size_t plaintext_size,
-                                                   size_t *p_plaintext_length);
+typedef psa_status_t (*psa_aead_opaque_decrypt_t)(psa_key_slot_t key_slot,
+                                                  psa_algorithm_t algorithm,
+                                                  const uint8_t *p_nonce,
+                                                  size_t nonce_length,
+                                                  const uint8_t *p_additional_data,
+                                                  size_t additional_data_length,
+                                                  const uint8_t *p_ciphertext,
+                                                  size_t ciphertext_length,
+                                                  uint8_t *p_plaintext,
+                                                  size_t plaintext_size,
+                                                  size_t *p_plaintext_length);
 
 /**
- * \brief A struct containing all of the function pointers needed to implement Authenticated Encryption
- * with Additional Data operations using opaque keys
+ * \brief A struct containing all of the function pointers needed to implement
+ * Authenticated Encryption with Additional Data operations using opaque keys
  * 
- * PSA Crypto API implementations should populate instances of the table as appropriate upon startup.
+ * PSA Crypto API implementations should populate instances of the table as
+ * appropriate upon startup.
  * 
  * If one of the functions is not implemented, it should be set to NULL.
  */
 struct psa_aead_opaque_t {
-    psa_aead_opaque_encrypt_t *p_encrypt;   /**< Function that performs the AEAD encrypt operation */
-    psa_aead_opaque_decrypt_t *p_decrypt;   /**< Function that performs the AEAD decrypt operation */
+    /** Function that performs the AEAD encrypt operation */
+    psa_aead_opaque_encrypt_t *p_encrypt;
+    /** Function that performs the AEAD decrypt operation */
+    psa_aead_opaque_decrypt_t *p_decrypt;
 };
-/** @} 
- */
+/**@}*/
 
 /** \defgroup aead_transparent AEAD Transparent
  */
+/**@{*/
 
 /** Process an authenticated encryption operation.
  * 
- * Functions that implement the prototype should be named in the following convention:
+ * Functions that implement the prototype should be named in the following
+ * convention:
  * ~~~~~~~~~~~~~{.c}
  * pcd_aead_<ALGO>_encrypt
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the AEAD algorithm
  *
- * \param p_key                   A pointer to the key material
- * \param key_length              The size in bytes of the key material
- * \param alg                     The AEAD algorithm to compute
- *                                (\c PSA_ALG_XXX value such that
- *                                #PSA_ALG_IS_AEAD(\p alg) is true).
- * \param[in] nonce               Nonce or IV to use.
- * \param nonce_length            Size of the \p nonce buffer in bytes.
- * \param[in] additional_data     Additional data that will be MACed
- *                                but not encrypted.
- * \param additional_data_length  Size of \p additional_data in bytes.
- * \param[in] plaintext           Data that will be MACed and
- *                                encrypted.
- * \param plaintext_length        Size of \p plaintext in bytes.
- * \param[out] ciphertext         Output buffer for the authenticated and
- *                                encrypted data. The additional data is not
- *                                part of this output. For algorithms where the
- *                                encrypted data and the authentication tag
- *                                are defined as separate outputs, the
- *                                authentication tag is appended to the
- *                                encrypted data.
- * \param ciphertext_size         Size of the \p ciphertext buffer in bytes.
- *                                This must be at least
- *                                #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(\p alg,
- *                                \p plaintext_length).
- * \param[out] ciphertext_length  On success, the size of the output
- *                                in the \b ciphertext buffer.
+ * \param[in] p_key                     A pointer to the key material
+ * \param[in] key_length                The size in bytes of the key material
+ * \param[in] alg                       The AEAD algorithm to compute
+ *                                      (\c PSA_ALG_XXX value such that
+ *                                      #PSA_ALG_IS_AEAD(`alg`) is true)
+ * \param[in] nonce                     Nonce or IV to use
+ * \param[in] nonce_length              Size of the `nonce` buffer in bytes
+ * \param[in] additional_data           Additional data that will be MACed
+ *                                      but not encrypted.
+ * \param[in] additional_data_length    Size of `additional_data` in bytes
+ * \param[in] plaintext                 Data that will be MACed and
+ *                                      encrypted.
+ * \param[in] plaintext_length          Size of `plaintext` in bytes
+ * \param[out] ciphertext               Output buffer for the authenticated and
+ *                                      encrypted data. The additional data is
+ *                                      not part of this output. For algorithms
+ *                                      where the encrypted data and the
+ *                                      authentication tag are defined as
+ *                                      separate outputs, the authentication
+ *                                      tag is appended to the encrypted data.
+ * \param[in] ciphertext_size           Size of the `ciphertext` buffer in
+ *                                      bytes
+ *                                      This must be at least
+ *                                      #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(`alg`,
+ *                                      `plaintext_length`).
+ * \param[out] ciphertext_length        On success, the size of the output in
+ *                                      the `ciphertext` buffer
  *
  * \retval #PSA_SUCCESS
  
  */
-typedef psa_status_t (*psa_aead_transparent_encrypt_t)( const uint8_t *p_key,
-                                                        size_t key_length,
-                                                        psa_algorithm_t alg,
-                                                        const uint8_t *nonce,
-                                                        size_t nonce_length,
-                                                        const uint8_t *additional_data,
-                                                        size_t additional_data_length,
-                                                        const uint8_t *plaintext,
-                                                        size_t plaintext_length,
-                                                        uint8_t *ciphertext,
-                                                        size_t ciphertext_size,
-                                                        size_t *ciphertext_length );
+typedef psa_status_t (*psa_aead_transparent_encrypt_t)(const uint8_t *p_key,
+                                                       size_t key_length,
+                                                       psa_algorithm_t alg,
+                                                       const uint8_t *nonce,
+                                                       size_t nonce_length,
+                                                       const uint8_t *additional_data,
+                                                       size_t additional_data_length,
+                                                       const uint8_t *plaintext,
+                                                       size_t plaintext_length,
+                                                       uint8_t *ciphertext,
+                                                       size_t ciphertext_size,
+                                                       size_t *ciphertext_length);
 
 /** Process an authenticated decryption operation.
  * 
- * Functions that implement the prototype should be named in the following convention:
+ * Functions that implement the prototype should be named in the following
+ * convention:
  * ~~~~~~~~~~~~~{.c}
  * pcd_aead_<ALGO>_decrypt
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the AEAD algorithm
- * \param p_key                   A pointer to the key material
- * \param key_length              The size in bytes of the key material
- * \param alg                     The AEAD algorithm to compute
- *                                (\c PSA_ALG_XXX value such that
- *                                #PSA_ALG_IS_AEAD(\p alg) is true).
- * \param[in] nonce               Nonce or IV to use.
- * \param nonce_length            Size of the \p nonce buffer in bytes.
- * \param[in] additional_data     Additional data that has been MACed
- *                                but not encrypted.
- * \param additional_data_length  Size of \p additional_data in bytes.
- * \param[in] ciphertext          Data that has been MACed and
- *                                encrypted. For algorithms where the
- *                                encrypted data and the authentication tag
- *                                are defined as separate inputs, the buffer
- *                                must contain the encrypted data followed
- *                                by the authentication tag.
- * \param ciphertext_length       Size of \p ciphertext in bytes.
- * \param[out] plaintext          Output buffer for the decrypted data.
- * \param plaintext_size          Size of the \p plaintext buffer in bytes.
- *                                This must be at least
- *                                #PSA_AEAD_DECRYPT_OUTPUT_SIZE(\p alg,
- *                                \p ciphertext_length).
- * \param[out] plaintext_length   On success, the size of the output
- *                                in the \b plaintext buffer.
+ * \param[in] p_key                     A pointer to the key material
+ * \param[in] key_length                The size in bytes of the key material
+ * \param[in] alg                       The AEAD algorithm to compute
+ *                                      (\c PSA_ALG_XXX value such that
+ *                                      #PSA_ALG_IS_AEAD(`alg`) is true)
+ * \param[in] nonce                     Nonce or IV to use
+ * \param[in] nonce_length              Size of the `nonce` buffer in bytes
+ * \param[in] additional_data           Additional data that has been MACed
+ *                                      but not encrypted
+ * \param[in] additional_data_length    Size of `additional_data` in bytes
+ * \param[in] ciphertext                Data that has been MACed and
+ *                                      encrypted
+ *                                      For algorithms where the encrypted data
+ *                                      and the authentication tag are defined
+ *                                      as separate inputs, the buffer must
+ *                                      contain the encrypted data followed by
+ *                                      the authentication tag.
+ * \param[in] ciphertext_length         Size of `ciphertext` in bytes
+ * \param[out] plaintext                Output buffer for the decrypted data
+ * \param[in] plaintext_size            Size of the `plaintext` buffer in
+ *                                      bytes
+ *                                      This must be at least
+ *                                      #PSA_AEAD_DECRYPT_OUTPUT_SIZE(`alg`,
+ *                                      `ciphertext_length`).
+ * \param[out] plaintext_length         On success, the size of the output
+ *                                      in the \b plaintext buffer
  *
  * \retval #PSA_SUCCESS
  *         Success.
  */
-typedef psa_status_t (*psa_aead_transparent_decrypt_t) ( const uint8_t *p_key,
-                                                         size_t key_length,
-                                                         psa_algorithm_t alg,
-                                                         const uint8_t *nonce,
-                                                         size_t nonce_length,
-                                                         const uint8_t *additional_data,
-                                                         size_t additional_data_length,
-                                                         const uint8_t *ciphertext,
-                                                         size_t ciphertext_length,
-                                                         uint8_t *plaintext,
-                                                         size_t plaintext_size,
-                                                         size_t *plaintext_length);
+typedef psa_status_t (*psa_aead_transparent_decrypt_t)(const uint8_t *p_key,
+                                                       size_t key_length,
+                                                       psa_algorithm_t alg,
+                                                       const uint8_t *nonce,
+                                                       size_t nonce_length,
+                                                       const uint8_t *additional_data,
+                                                       size_t additional_data_length,
+                                                       const uint8_t *ciphertext,
+                                                       size_t ciphertext_length,
+                                                       uint8_t *plaintext,
+                                                       size_t plaintext_size,
+                                                       size_t *plaintext_length);
 
-/** @}
+/**@}*/
 
 
-/** \defgroup rng Entropy Generation
- * @{
+/** \defgroup driver_rng Entropy Generation
  */
+/**@{*/
 
 /** \brief A hardware-specific structure for a entropy providing hardware
  */
@@ -1025,71 +1341,89 @@ struct pcd_entropy_context_t {
 /** \brief Initialize an entropy driver
  *
  * 
- * \param p_context             A hardware-specific structure containing any context information for the implementation
+ * \param[in,out] p_context             A hardware-specific structure
+ *                                      containing any context information for
+ *                                      the implementation
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_entropy_init_t)( struct pcd_entropy_context_t *p_context );
+typedef psa_status_t (*pcd_entropy_init_t)(struct pcd_entropy_context_t *p_context);
 
 /** \brief Get a specified number of bytes from the entropy source
  * 
- * Retrives `buffer_size` bytes of data from the entropy source. The entropy source will always fill the provided buffer to its full size.
- * However, most entropy sources have biases, and the actual amount of entropy contained in the buffer will be less than the number of bytes.
- * The driver will return the actual number of bytes of entropy placed in the buffer in `p_received_entropy_bytes`.
- * A PSA Crypto API implementation will likely feed the output of this function into a Digital Random Bit Generator (DRBG), and typically has 
- * a minimum amount of entropy that it needs.
- * To accomplish this, the PSA Crypto implementation should be designed to call this function multiple times until it has received the required
- * amount of entropy from the entropy source.
+ * It retrives `buffer_size` bytes of data from the entropy source. The entropy
+ * source will always fill the provided buffer to its full size, however, most
+ * entropy sources have biases, and the actual amount of entropy contained in
+ * the buffer will be less than the number of bytes.
+ * The driver will return the actual number of bytes of entropy placed in the
+ * buffer in `p_received_entropy_bytes`.
+ * A PSA Crypto API implementation will likely feed the output of this function
+ * into a Digital Random Bit Generator (DRBG), and typically has a minimum
+ * amount of entropy that it needs.
+ * To accomplish this, the PSA Crypto implementation should be designed to call
+ * this function multiple times until it has received the required amount of
+ * entropy from the entropy source.
  * 
- * \param p_context                 A hardware-specific structure containing any context information for the implementation
- * \param p_buffer                  A caller-allocated buffer for the retrieved bytes to be placed in
- * \param buffer_size               The allocated size of `p_buffer`
- * \param p_received_entropy_bytes  The amount of entropy (in bytes) actually provided in `p_buffer`
+ * \param[in,out] p_context                 A hardware-specific structure
+ *                                          containing any context information
+ *                                          for the implementation
+ * \param[out] p_buffer                     A caller-allocated buffer for the
+ *                                          retrieved bytes to be placed in
+ * \param[in] buffer_size                   The allocated size of `p_buffer`
+ * \param[out] p_received_entropy_bytes     The amount of entropy (in bytes)
+ *                                          actually provided in `p_buffer`
  * 
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_entropy_get_bytes_t)( struct pcd_entropy_context_t *p_context, uint8_t *p_buffer, uint32_t buffer_size, uint32_t *p_received_entropy_bytes );
+typedef psa_status_t (*pcd_entropy_get_bytes_t)(struct pcd_entropy_context_t *p_context,
+                                                uint8_t *p_buffer,
+                                                uint32_t buffer_size,
+                                                uint32_t *p_received_entropy_bytes);
 
 /**
- * \brief A struct containing all of the function pointers needed to interface to an entropy source
+ * \brief A struct containing all of the function pointers needed to interface
+ * to an entropy source
  * 
- * PSA Crypto API implementations should populate instances of the table as appropriate upon startup.
+ * PSA Crypto API implementations should populate instances of the table as
+ * appropriate upon startup.
  * 
  * If one of the functions is not implemented, it should be set to NULL.
  */
 struct pcd_entropy_t {
-    pcd_entropy_init_t *p_init;            /**< Function that performs initialization for the entropy source */
-    pcd_entropy_get_bytes_t *p_get_bytes;  /**< Function that performs the get_bytes operation for the entropy source */
+    /** Function that performs initialization for the entropy source */
+    pcd_entropy_init_t *p_init;
+    /** Function that performs the get_bytes operation for the entropy source
+    */
+    pcd_entropy_get_bytes_t *p_get_bytes;
 };
-/** @}
- */
+/**@}*/
 
-/** \defgroup key_management Key Management
- * @{
+/** \defgroup driver_key_management Key Management
  */
+/**@{*/
 
-/** \brief Import a key in binary format.
+/** \brief Import a key in binary format
  *
  * This function can support any output from psa_export_key(). Refer to the
  * documentation of psa_export_key() for the format for each key type.
  *
- * \param key_slot      Slot where the key will be stored. This must be a
- *                      valid slot for a key of the chosen type. It must
- *                      be unoccupied.
- * \param type          Key type (a \c PSA_KEY_TYPE_XXX value).
- * \param[in] p_data    Buffer containing the key data.
- * \param data_length   Size of the \p data buffer in bytes.
+ * \param[in] key_slot      Slot where the key will be stored. This must be a
+ *                          valid slot for a key of the chosen type. It must
+ *                          be unoccupied.
+ * \param[in] type          Key type (a \c PSA_KEY_TYPE_XXX value).
+ * \param[in] p_data        Buffer containing the key data.
+ * \param[in] data_length   Size of the `data` buffer in bytes.
  *
  * \retval #PSA_SUCCESS
  *         Success.
  */
-typedef psa_status_t (*pcd_opaque_import_key_t) ( psa_key_slot_t key_slot,
-                                                  psa_key_type_t type,
-                                                  const uint8_t *p_data,
-                                                  size_t data_length );
+typedef psa_status_t (*pcd_opaque_import_key_t)(psa_key_slot_t key_slot,
+                                                psa_key_type_t type,
+                                                const uint8_t *p_data,
+                                                size_t data_length);
 
 /**
- * \brief Destroy a key and restore the slot to its default state.
+ * \brief Destroy a key and restore the slot to its default state
  *
  * This function destroys the content of the key slot from both volatile
  * memory and, if applicable, non-volatile storage. Implementations shall
@@ -1099,20 +1433,20 @@ typedef psa_status_t (*pcd_opaque_import_key_t) ( psa_key_slot_t key_slot,
  * This function also erases any metadata such as policies. It returns the
  * specified slot to its default state.
  *
- * \param key_slot        The key slot to erase.
+ * \param[in] key_slot        The key slot to erase.
  *
  * \retval #PSA_SUCCESS
  *         The slot's content, if any, has been erased.
  */
-typedef psa_status_t (*pcd_destroy_key_t)( psa_key_slot_t key );
+typedef psa_status_t (*pcd_destroy_key_t)(psa_key_slot_t key);
 
 /**
- * \brief Export a key in binary format.
+ * \brief Export a key in binary format
  *
  * The output of this function can be passed to psa_import_key() to
  * create an equivalent object.
  *
- * If a key is created with psa_import_key() and then exported with
+ * If a key is created with `psa_import_key()` and then exported with
  * this function, it is not guaranteed that the resulting data is
  * identical: the implementation may choose a different representation
  * of the same key if the format permits it.
@@ -1131,10 +1465,10 @@ typedef psa_status_t (*pcd_destroy_key_t)( psa_key_slot_t key );
  * - For RSA public keys (#PSA_KEY_TYPE_RSA_PUBLIC_KEY), the format
  *   is the DER representation defined by RFC 5280 as SubjectPublicKeyInfo.
  *
- * \param key                   Slot whose content is to be exported. This must
+ * \param[in] key               Slot whose content is to be exported. This must
  *                              be an occupied key slot.
  * \param[out] p_data           Buffer where the key data is to be written.
- * \param data_size             Size of the `p_data` buffer in bytes.
+ * \param[in] data_size         Size of the `p_data` buffer in bytes.
  * \param[out] p_data_length    On success, the number of bytes
  *                              that make up the key data.
  *
@@ -1146,13 +1480,13 @@ typedef psa_status_t (*pcd_destroy_key_t)( psa_key_slot_t key );
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
-typedef psa_status_t (*pcd_export_key_t)( psa_key_slot_t key,
-                                          uint8_t *p_data,
-                                          size_t data_size,
-                                          size_t *p_data_length );
+typedef psa_status_t (*pcd_export_key_t)(psa_key_slot_t key,
+                                         uint8_t *p_data,
+                                         size_t data_size,
+                                         size_t *p_data_length);
 
 /**
- * \brief Export a public key or the public part of a key pair in binary format.
+ * \brief Export a public key or the public part of a key pair in binary format
  *
  * The output of this function can be passed to psa_import_key() to
  * create an object that is equivalent to the public key.
@@ -1163,125 +1497,181 @@ typedef psa_status_t (*pcd_export_key_t)( psa_key_slot_t key,
  *   the format is the DER representation of the public key defined by RFC 5280
  *   as SubjectPublicKeyInfo.
  *
- * \param key_slot              Slot whose content is to be exported. This must
+ * \param[in] key_slot          Slot whose content is to be exported. This must
  *                              be an occupied key slot.
  * \param[out] p_data           Buffer where the key data is to be written.
- * \param data_size             Size of the \p data buffer in bytes.
+ * \param[in] data_size         Size of the `data` buffer in bytes.
  * \param[out] p_data_length    On success, the number of bytes
  *                              that make up the key data.
  *
  * \retval #PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_export_public_key_t)( psa_key_slot_t key,
-                                                 uint8_t *p_data,
-                                                 size_t data_size,
-                                                 size_t *p_data_length );
+typedef psa_status_t (*pcd_export_public_key_t)(psa_key_slot_t key,
+                                                uint8_t *p_data,
+                                                size_t data_size,
+                                                size_t *p_data_length);
 
 /**
- * \brief A struct containing all of the function pointers needed to for key management using
- * opaque keys.
+ * \brief A struct containing all of the function pointers needed to for key
+ * management using opaque keys
  * 
- * PSA Crypto API implementations should populate instances of the table as appropriate upon startup.
+ * PSA Crypto API implementations should populate instances of the table as
+ * appropriate upon startup.
  * 
  * If one of the functions is not implemented, it should be set to NULL.
  */
 struct pcd_key_management_t {
-    pcd_opaque_import_key_t *p_import;          /**< Function that performs the key import operation */
-    pcd_destroy_key_t       *p_destroy;         /**< Function that performs the key destroy operation */
-    pcd_export_key_t        *p_export;          /**< Function that performs the key export operation */
-    pcd_export_public_key_t *p_export_public;   /**< Function that perforsm the public key export operation */
+    /** Function that performs the key import operation */
+    pcd_opaque_import_key_t *p_import;
+    /** Function that performs the key destroy operation */
+    pcd_destroy_key_t       *p_destroy;
+    /** Function that performs the key export operation */
+    pcd_export_key_t        *p_export;
+    /** Function that perforsm the public key export operation */
+    pcd_export_public_key_t *p_export_public;
 };
 
-/** @}
- */
+/**@}*/
 
-/** \defgroup derivation Key Derivation and Agreement
- * @{
- * Key derivation is the process of generating new key material using an existing key and additional parameters, iterating through a basic
- * cryptographic function, such as a hash.
- * Key agreement is a part of cryptographic protocols that allows two parties to agree on the same key value, but starting from different original
- * key material.
- * The flows are similar, and the PSA Crypto Driver API uses the same functions for both of the flows.
- * 
- * There are two different final functions for the flows, `pcd_key_derivation_derive` and `pcd_key_derivation_export`. `pcd_key_derivation_derive`
- * is used when the key material should be placed in a slot on the hardware and not exposed to the caller. `pcd_key_derivation_export` is used 
- * when the key material should be returned to the PSA Cryptographic API implementation.
- * 
- * Different key derivation algorithms require a different number of inputs. Instead of having an API that 
- * takes as input variable length arrays, which can be problemmatic to manage on embedded platforms, the inputs
- * are passed to the driver via a function, `pcd_key_derivation_collateral`, that is called multiple times with different `collateral_id`s.
- * Thus, for a key derivation algorithm that required 3 paramter inputs, the flow would look something like:
-```C
-pcd_key_derivation_setup(kdf_algorithm, source_key, dest_key_size_bytes);
-pcd_key_derivation_collateral(kdf_algorithm_collateral_id_0, p_collateral_0, collateral_0_size);
-pcd_key_derivation_collateral(kdf_algorithm_collateral_id_1, p_collateral_1, collateral_1_size);
-pcd_key_derivation_collateral(kdf_algorithm_collateral_id_2, p_collateral_2, collateral_2_size);
-pcd_key_derivation_derive();
-```
-
-key agreement example:
-```C
-pcd_key_derivation_setup(alg, source_key. dest_key_size_bytes);
-pcd_key_derivation_collateral(DHE_PUBKEY, p_pubkey, pubkey_size);
-pcd_key_derivation_export(p_session_key, session_key_size, &session_key_length);
-```
+/** \defgroup driver_derivation Key Derivation and Agreement
  */
-
-/** \brief Set up a key derivation operation by specifying the algorithm and the source key sot
- * 
- * \param kdf_alg       The algorithm to be used for the key derivation
- * \param souce_key     The key to be used as the source material for the key derivation
- * 
- * \retval PSA_SUCCESS
- */
-typedef psa_status_t ( *pcd_key_derivation_setup_t )( psa_algorithm_t kdf_alg, psa_key_slot_t source_key );
-
-/** \brief Provide collateral (parameters) needed for a key derivation or key agreement operation
- * 
- * Since many key derivation algorithms require multiple parameters, it is expeced that this function may be called multiple
- * times for the same operation, each with a different algorithm-specific `collateral_id`
- * 
- * \param collateral_id
- * \param p_collateral
- * \param collateral_size
- * 
- * \retval PSA_SUCCESS
- */
-typedef psa_status_t (*pcd_key_derivation_collateral_t ) ( uint32_t collateral_id, const uint8_t p_collateral, uint32_t collateral_size );
-
-/** \brief Perform the final key derivation step and place the generated key material in a slot
- * 
- * param dest_key       The slot where the generated key material should be placed
- * 
- * \retval PSA_SUCCESS
- */
-typedef psa_status_t ( *pcd_key_derivation_derive_t )( psa_key_slot_t dest_key );
-
-/** \brief Pefform the final step of a key agreement and place the generated key material in a buffer
- * 
- * \param p_output
- * \param output_size
- * \param p_output_length
- * 
- * \retval PSA_SUCCESS
- */
-typedef psa_status_t ( *pcd_key_derivation_export_t )( uint8_t *p_output, uint32_t output_size, uint32_t *p_output_length );
+/**@{*/
 
 /**
- * \brief A struct containing all of the function pointers needed to for key derivation and agreement
+ * Key derivation is the process of generating new key material using an
+ * existing key and additional parameters, iterating through a basic
+ * cryptographic function, such as a hash.
+ * Key agreement is a part of cryptographic protocols that allows two parties
+ * to agree on the same key value, but starting from different original key
+ * material.
+ * The flows are similar, and the PSA Crypto Driver API uses the same functions
+ * for both of the flows.
  * 
- * PSA Crypto API implementations should populate instances of the table as appropriate upon startup.
+ * There are two different final functions for the flows,
+ * `pcd_key_derivation_derive` and `pcd_key_derivation_export`.
+ * `pcd_key_derivation_derive` is used when the key material should be placed
+ * in a slot on the hardware and not exposed to the caller.
+ * `pcd_key_derivation_export` is used when the key material should be returned
+ * to the PSA Cryptographic API implementation.
+ * 
+ * Different key derivation algorithms require a different number of inputs.
+ * Instead of having an API that takes as input variable length arrays, which
+ * can be problemmatic to manage on embedded platforms, the inputs are passed
+ * to the driver via a function, `pcd_key_derivation_collateral`, that is
+ * called multiple times with different `collateral_id`s. Thus, for a key
+ * derivation algorithm that required 3 paramter inputs, the flow would look
+ * something like:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_key_derivation_setup(kdf_algorithm, source_key, dest_key_size_bytes);
+ * pcd_key_derivation_collateral(kdf_algorithm_collateral_id_0,
+ *                               p_collateral_0,
+ *                               collateral_0_size);
+ * pcd_key_derivation_collateral(kdf_algorithm_collateral_id_1,
+ *                               p_collateral_1,
+ *                               collateral_1_size);
+ * pcd_key_derivation_collateral(kdf_algorithm_collateral_id_2,
+ *                               p_collateral_2,
+ *                               collateral_2_size);
+ * pcd_key_derivation_derive();
+ * ~~~~~~~~~~~~~
+ * 
+ * key agreement example:
+ * ~~~~~~~~~~~~~{.c}
+ * pcd_key_derivation_setup(alg, source_key. dest_key_size_bytes);
+ * pcd_key_derivation_collateral(DHE_PUBKEY, p_pubkey, pubkey_size);
+ * pcd_key_derivation_export(p_session_key,
+ *                           session_key_size,
+ *                           &session_key_length);
+ * ~~~~~~~~~~~~~
+ */
+
+struct pcd_key_derivation_context_t {
+    // Implementation specific
+};
+
+/** \brief Set up a key derivation operation by specifying the algorithm and
+ * the source key sot
+ * 
+ * \param[in,out] p_context A hardware-specific structure containing any
+ *                          context information for the implementation
+ * \param[in] kdf_alg       The algorithm to be used for the key derivation
+ * \param[in] souce_key     The key to be used as the source material for the
+ *                          key derivation
+ * 
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_key_derivation_setup_t)(struct pcd_key_derivation_context_t *p_context,
+                                                   psa_algorithm_t kdf_alg,
+                                                   psa_key_slot_t source_key);
+
+/** \brief Provide collateral (parameters) needed for a key derivation or key
+ * agreement operation
+ * 
+ * Since many key derivation algorithms require multiple parameters, it is
+ * expeced that this function may be called multiple times for the same
+ * operation, each with a different algorithm-specific `collateral_id`
+ * 
+ * \param[in,out] p_context     A hardware-specific structure containing any
+ *                              context information for the implementation
+ * \param[in] collateral_id     An ID for the collateral being provided
+ * \param[in] p_collateral      A buffer containing the collateral data
+ * \param[in] collateral_size   The size in bytes of the collateral
+ * 
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_key_derivation_collateral_t)(struct pcd_key_derivation_context_t *p_context,
+                                                         uint32_t collateral_id,
+                                                         const uint8_t p_collateral,
+                                                         size_t collateral_size);
+
+/** \brief Perform the final key derivation step and place the generated key
+ * material in a slot
+ * \param[in,out] p_context     A hardware-specific structure containing any
+ *                              context information for the implementation
+ * \param[in] dest_key          The slot where the generated key material
+ *                              should be placed
+ * 
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_key_derivation_derive_t)(struct pcd_key_derivation_context_t *p_context,
+                                                    psa_key_slot_t dest_key);
+
+/** \brief Perform the final step of a key agreement and place the generated
+ * key material in a buffer
+ * 
+ * \param[out] p_output         Buffer in which to place the generated key
+ *                              material
+ * \param[in] output_size       The size in bytes of `p_output`
+ * \param[out] p_output_length  Upon success, contains the number of bytes of
+ *                              key material placed in `p_output`
+ * 
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*pcd_key_derivation_export_t)(uint8_t *p_output,
+                                                    size_t output_size,
+                                                    size_t *p_output_length);
+
+/**
+ * \brief A struct containing all of the function pointers needed to for key
+ * derivation and agreement
+ * 
+ * PSA Crypto API implementations should populate instances of the table as
+ * appropriate upon startup.
  * 
  * If one of the functions is not implemented, it should be set to NULL.
  */
 struct pcd_key_derivation_t {
-    pcd_key_derivation_setup_t      *p_setup;       /**< Function that performs the key derivation setup */
-    pcd_key_derivation_collateral_t *p_collateral;  /**< Function that sets the key derivation collateral */
-    pcd_key_derivation_derive_t     *p_derive;      /**< Function that performs the final key derivation step */
-    pcd_key_derivation_export_t     *p_export;      /**< Function that perforsm the final key derivation or agreement and exports the key */
+    /** Function that performs the key derivation setup */
+    pcd_key_derivation_setup_t      *p_setup;
+    /** Function that sets the key derivation collateral */
+    pcd_key_derivation_collateral_t *p_collateral;
+    /** Function that performs the final key derivation step */
+    pcd_key_derivation_derive_t     *p_derive;
+    /** Function that perforsm the final key derivation or agreement and
+     * exports the key */
+    pcd_key_derivation_export_t     *p_export;
 };
 
-/** @}
- */
+/**@}*/
 
 #endif // __PSA_CRYPTO_DRIVER_H__
\ No newline at end of file

From e1f2d7d1ac985df3c5330fe33479e77fff58cca6 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 21 Aug 2018 14:54:54 +0200
Subject: [PATCH 528/889] Document and check the consistency of truncated MAC
 encodings

Add comments noting that the maximum length of a MAC must fit in
PSA_ALG_MAC_TRUNCATION_MASK. Add a unit test that verifies that the
maximum MAC size fits.
---
 include/psa/crypto.h                        | 11 +++++++++++
 include/psa/crypto_sizes.h                  |  3 +++
 tests/suites/test_suite_psa_crypto.data     |  3 +++
 tests/suites/test_suite_psa_crypto.function | 13 +++++++++++++
 4 files changed, 30 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index a64610773..3d99933c0 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -756,6 +756,13 @@ typedef uint32_t psa_algorithm_t;
     (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
      PSA_ALG_HMAC_BASE)
 
+/* In the encoding of a MAC algorithm, the bits corresponding to
+ * PSA_ALG_MAC_TRUNCATION_MASK encode the length to which the MAC is
+ * truncated. As an exception, the value 0 means the untruncated algorithm,
+ * whatever its length is. The length is encoded in 6 bits, so it can
+ * reach up to 63; the largest MAC is 64 bytes so its trivial truncation
+ * to full length is correctly encoded as 0 and any non-trivial truncation
+ * is correctly encoded as a value between 1 and 63. */
 #define PSA_ALG_MAC_TRUNCATION_MASK             ((psa_algorithm_t)0x00003f00)
 #define PSA_MAC_TRUNCATION_OFFSET 8
 
@@ -887,6 +894,10 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_CCM                             ((psa_algorithm_t)0x06001001)
 #define PSA_ALG_GCM                             ((psa_algorithm_t)0x06001002)
 
+/* In the encoding of a AEAD algorithm, the bits corresponding to
+ * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag.
+ * The constants for default lengths follow this encoding.
+ */
 #define PSA_ALG_AEAD_TAG_LENGTH_MASK            ((psa_algorithm_t)0x00003f00)
 #define PSA_AEAD_TAG_LENGTH_OFFSET 8
 
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index 169566ece..b5ff2aac3 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -79,6 +79,9 @@
  */
 /* All non-HMAC MACs have a maximum size that's smaller than the
  * minimum possible value of PSA_HASH_MAX_SIZE in this implementation. */
+/* Note that the encoding of truncated MAC algorithms limits this value
+ * to 64 bytes.
+ */
 #define PSA_MAC_MAX_SIZE PSA_HASH_MAX_SIZE
 
 /* The maximum size of an RSA key on this implementation, in bits.
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index d8a5924cb..e8b119ea6 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1,3 +1,6 @@
+PSA compile-time sanity checks
+static_checks:
+
 PSA init/deinit
 init_deinit:
 
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 5503c94b6..63d837fdc 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -793,6 +793,19 @@ static int exercise_key( psa_key_slot_t slot,
  * END_DEPENDENCIES
  */
 
+/* BEGIN_CASE */
+void static_checks( )
+{
+    size_t max_truncated_mac_size =
+        PSA_ALG_MAC_TRUNCATION_MASK >> PSA_MAC_TRUNCATION_OFFSET;
+
+    /* Check that the length for a truncated MAC always fits in the algorithm
+     * encoding. The shifted mask is the maximum truncated value. The
+     * untruncated algorithm may be one byte larger. */
+    TEST_ASSERT( PSA_MAC_MAX_SIZE <= 1 + max_truncated_mac_size );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void init_deinit( )
 {

From 6d72ff9e7935dc1861c1fbfd25a847456289bcef Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 21 Aug 2018 14:55:08 +0200
Subject: [PATCH 529/889] Document that the minimum truncated MAC length is
 implementation-defined

---
 include/psa/crypto.h | 4 ++++
 library/psa_crypto.c | 6 ++++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 3d99933c0..48c971351 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -788,6 +788,10 @@ typedef uint32_t psa_algorithm_t;
  *                      is true). This may be a truncated or untruncated
  *                      MAC algorithm.
  * \param mac_length    Desired length of the truncated MAC in bytes.
+ *                      This must be at most the full length of the MAC
+ *                      and must be at least an implementation-specified
+ *                      minimum. The implementation-specified minimum
+ *                      shall not be zero.
  *
  * \return              The corresponding MAC algorithm with the specified
  *                      length.
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 44862424d..0aa19cf9d 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1600,8 +1600,10 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
     }
     else if( truncated < 4 )
     {
-        /* Too small to make any sense. Reject. 4 bytes is too small for
-         * security but ancient protocols with 32-bit MACs do exist. */
+        /* A very short MAC is too short for security since it can be
+         * brute-forced. Ancient protocols with 32-bit MACs do exist,
+         * so we make this our minimum, even though 32 bits is still
+         * too small for security. */
         status = PSA_ERROR_NOT_SUPPORTED;
     }
     else if( truncated > operation->mac_size )

From 87b0ac49f8a07bb887cac0e6189232bcfe7f6fe8 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 21 Aug 2018 14:55:49 +0200
Subject: [PATCH 530/889] Fix possible buffer overread in
 psa_mac_finish_internal (CMAC)

---
 library/psa_crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 0aa19cf9d..410f64821 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1738,7 +1738,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
         uint8_t tmp[PSA_MAX_BLOCK_CIPHER_BLOCK_SIZE];
         int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, tmp );
         if( ret == 0 )
-            memcpy( mac, tmp, mac_size );
+            memcpy( mac, tmp, operation->mac_size );
         mbedtls_zeroize( tmp, sizeof( tmp ) );
         return( mbedtls_to_psa_error( ret ) );
     }

From 99b7d6b700b003f996dfbeca4952141e2c3610b2 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 21 Aug 2018 14:56:19 +0200
Subject: [PATCH 531/889] Wipe sensitive data in psa_mac_verify_finish

Wipe the whole MAC intermediate buffer, not just the requested MAC
size. With truncated MAC algorithms, the requested MAC size may be
smaller than what is written to the intermediate buffer.
---
 library/psa_crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 410f64821..da6bd612f 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1827,7 +1827,7 @@ cleanup:
     else
         psa_mac_abort( operation );
 
-    mbedtls_zeroize( actual_mac, mac_length );
+    mbedtls_zeroize( actual_mac, sizeof( actual_mac ) );
 
     return( status );
 }

From 28dfea6bb9f0f468073158667a85902997bf51f5 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 21 Aug 2018 14:59:24 +0200
Subject: [PATCH 532/889] Add test cases for truncated MAC with a too
 short/long length

---
 tests/suites/test_suite_psa_crypto.data | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index e8b119ea6..3faa82df6 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -348,6 +348,14 @@ PSA MAC setup: bad algorithm (not a MAC algorithm)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
 mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CBC_NO_PADDING:PSA_ERROR_INVALID_ARGUMENT
 
+PSA MAC setup: truncated MAC too small (1 byte)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_TRUNCATED_MAC( PSA_ALG_HMAC( PSA_ALG_SHA_256 ), 1 ):PSA_ERROR_NOT_SUPPORTED
+
+PSA MAC setup: truncated MAC too large (33 bytes for SHA-256)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_TRUNCATED_MAC( PSA_ALG_HMAC( PSA_ALG_SHA_256 ), 33 ):PSA_ERROR_INVALID_ARGUMENT
+
 PSA MAC setup: invalid key type, HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT

From 8cac2e628e93d1bff2e0400678b1e2c3545d398c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 21 Aug 2018 15:07:38 +0200
Subject: [PATCH 533/889] Translate GCM_BAD_INPUT to INVALID_ARGUMENT, not
 NOT_SUPPORTED

---
 library/psa_crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index da6bd612f..d512d4c7c 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -242,7 +242,7 @@ static psa_status_t mbedtls_to_psa_error( int ret )
         case MBEDTLS_ERR_GCM_AUTH_FAILED:
             return( PSA_ERROR_INVALID_SIGNATURE );
         case MBEDTLS_ERR_GCM_BAD_INPUT:
-            return( PSA_ERROR_NOT_SUPPORTED );
+            return( PSA_ERROR_INVALID_ARGUMENT );
         case MBEDTLS_ERR_GCM_HW_ACCEL_FAILED:
             return( PSA_ERROR_HARDWARE_FAILURE );
 

From 85ea2b397c2b479e369b7b653d522693ef4b0292 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 21 Aug 2018 15:07:55 +0200
Subject: [PATCH 534/889] Add some negative tests of CCM and GCM with invalid
 tag lengths

---
 tests/suites/test_suite_psa_crypto.data | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 3faa82df6..ac9c81d98 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -803,6 +803,18 @@ PSA AEAD decrypt: AES-CCM, invalid tag length 0
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
 aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 0 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
 
+PSA AEAD decrypt: AES-CCM, invalid tag length 2
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 2 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: AES-CCM, invalid tag length 15
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 15 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: AES-CCM, invalid tag length 18
+depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 18 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
 PSA AEAD encrypt/decrypt, AES-GCM, 19 bytes #1
 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E":PSA_SUCCESS
@@ -859,6 +871,18 @@ PSA AEAD decrypt, AES-GCM, T=15 but passing 16 bytes
 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 15 ):"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":PSA_ERROR_INVALID_SIGNATURE
 
+PSA AEAD decrypt: AES-GCM, invalid tag length 0
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 0 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: AES-GCM, invalid tag length 2
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 2 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
+PSA AEAD decrypt: AES-GCM, invalid tag length 18
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
+aead_decrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 18 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
+
 PSA AEAD encrypt/decrypt: invalid algorithm (CTR)
 depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"000102030405060708090A0B0C0D0E0F":"EC46BB63B02520C33C49FD70":"B96B49E21D621741632875DB7F6C9243D2D7C2":PSA_ERROR_NOT_SUPPORTED

From c26eae1a9d3ce20dfd79808a967594bd256ece33 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 21 Aug 2018 16:01:19 +0200
Subject: [PATCH 535/889] Clarify the description of a CCM truncated tag test

---
 tests/suites/test_suite_psa_crypto.data | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index ac9c81d98..871a511b2 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -795,7 +795,7 @@ PSA AEAD decrypt: AES-CCM, invalid signature, T=4
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
 aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f38":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
 
-PSA AEAD decrypt: AES-CCM, truncated tag of the right length
+PSA AEAD decrypt: AES-CCM, T=4, tag is truncated tag for T=16
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
 aead_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
 

From f8a8fe60f85d77ee4a4c930fb8b340c452aa8d6f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 21 Aug 2018 16:38:05 +0200
Subject: [PATCH 536/889] Fix memory leak with AEAD with non-default tag
 lengths

When freeing the key context, choose the context format based on the
base algorithm value stored in the operation object.
---
 library/psa_crypto.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index d512d4c7c..f3a2c64af 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2844,10 +2844,9 @@ typedef struct
     uint8_t tag_length;
 } aead_operation_t;
 
-static void psa_aead_abort( aead_operation_t *operation,
-                            psa_algorithm_t alg )
+static void psa_aead_abort( aead_operation_t *operation )
 {
-    switch( alg )
+    switch( operation->core_alg )
     {
 #if defined(MBEDTLS_CCM_C)
         case PSA_ALG_CCM:
@@ -2932,7 +2931,7 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation,
     return( PSA_SUCCESS );
 
 cleanup:
-    psa_aead_abort( operation, alg );
+    psa_aead_abort( operation );
     return( status );
 }
 
@@ -2998,7 +2997,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
         memset( ciphertext, 0, ciphertext_size );
 
 exit:
-    psa_aead_abort( &operation, alg );
+    psa_aead_abort( &operation );
     if( status == PSA_SUCCESS )
         *ciphertext_length = plaintext_length + operation.tag_length;
     return( status );
@@ -3090,7 +3089,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
         memset( plaintext, 0, plaintext_size );
 
 exit:
-    psa_aead_abort( &operation, alg );
+    psa_aead_abort( &operation );
     if( status == PSA_SUCCESS )
         *plaintext_length = ciphertext_length - operation.tag_length;
     return( status );

From 7fa99d90ddd2be932bd2ee76301a1184486266d6 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 24 Sep 2018 22:09:46 +0200
Subject: [PATCH 537/889] Add metadata tests for truncated MAC and short-tag
 AEAD

---
 .../test_suite_psa_crypto_metadata.function   | 120 ++++++++++++++----
 1 file changed, 93 insertions(+), 27 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
index a264389cd..9cb68b9fa 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.function
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -94,6 +94,47 @@ void key_type_classification( psa_key_type_t type, unsigned flags )
 exit: ;
 }
 
+void mac_algorithm_core( psa_algorithm_t alg, int classification_flags,
+                         psa_key_type_t key_type, size_t key_bits,
+                         size_t length )
+{
+    /* Algorithm classification */
+    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+    TEST_ASSERT( PSA_ALG_IS_MAC( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+    algorithm_classification( alg, classification_flags );
+
+    /* Length */
+    TEST_ASSERT( length == PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) );
+
+exit: ;
+}
+
+void aead_algorithm_core( psa_algorithm_t alg, int classification_flags,
+                          size_t tag_length )
+{
+    /* Algorithm classification */
+    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+    TEST_ASSERT( PSA_ALG_IS_AEAD( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+    algorithm_classification( alg, classification_flags );
+
+    /* Tag length */
+    TEST_ASSERT( tag_length == PSA_AEAD_TAG_LENGTH( alg ) );
+
+exit: ;
+}
+
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
@@ -151,23 +192,30 @@ void mac_algorithm( int alg_arg, int classification_flags,
 {
     psa_algorithm_t alg = alg_arg;
     size_t length = length_arg;
+    size_t n;
     size_t key_type = key_type_arg;
     size_t key_bits = key_bits_arg;
 
-    /* Algorithm classification */
-    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
-    TEST_ASSERT( PSA_ALG_IS_MAC( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
-    algorithm_classification( alg, classification_flags );
-
-    /* Length */
-    TEST_ASSERT( length == PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) );
+    mac_algorithm_core( alg, classification_flags,
+                        key_type, key_bits, length );
     TEST_ASSERT( length <= PSA_MAC_MAX_SIZE );
+
+    /* Truncated versions */
+    for( n = 1; n <= length; n++ )
+    {
+        psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC( alg, n );
+        mac_algorithm_core( truncated_alg, classification_flags,
+                            key_type, key_bits, n );
+        /* Check that calling PSA_ALG_TRUNCATED_MAC twice gives the length
+         * of the outer truncation (even if the outer length is smaller than
+         * the inner length). */
+        TEST_ASSERT( PSA_ALG_TRUNCATED_MAC( truncated_alg, 1 ) ==
+                     PSA_ALG_TRUNCATED_MAC( alg, 1 ) );
+        TEST_ASSERT( PSA_ALG_TRUNCATED_MAC( truncated_alg, length - 1 ) ==
+                     PSA_ALG_TRUNCATED_MAC( alg, length - 1) );
+        TEST_ASSERT( PSA_ALG_TRUNCATED_MAC( truncated_alg, length ) ==
+                     PSA_ALG_TRUNCATED_MAC( alg, length ) );
+    }
 }
 /* END_CASE */
 
@@ -179,14 +227,22 @@ void hmac_algorithm( int alg_arg,
     psa_algorithm_t alg = alg_arg;
     psa_algorithm_t hash_alg = PSA_ALG_HMAC_GET_HASH( alg );
     size_t block_size = block_size_arg;
+    size_t length = length_arg;
+    size_t n;
 
     TEST_ASSERT( PSA_ALG_IS_HASH( hash_alg ) );
     TEST_ASSERT( PSA_ALG_HMAC( hash_alg ) == alg );
 
     TEST_ASSERT( block_size <= PSA_HMAC_MAX_HASH_BLOCK_SIZE );
 
-    test_mac_algorithm( alg_arg, ALG_IS_HMAC, length_arg,
-                        PSA_KEY_TYPE_HMAC, PSA_BYTES_TO_BITS( length_arg ) );
+    test_mac_algorithm( alg_arg, ALG_IS_HMAC, length,
+                        PSA_KEY_TYPE_HMAC, PSA_BYTES_TO_BITS( length ) );
+
+    for( n = 1; n <= length; n++ )
+    {
+        psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC( alg, n );
+        TEST_ASSERT( PSA_ALG_HMAC_GET_HASH( truncated_alg ) == hash_alg );
+    }
 }
 /* END_CASE */
 
@@ -214,20 +270,30 @@ void aead_algorithm( int alg_arg, int classification_flags,
 {
     psa_algorithm_t alg = alg_arg;
     size_t tag_length = tag_length_arg;
+    size_t n;
 
-    /* Algorithm classification */
-    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
-    TEST_ASSERT( PSA_ALG_IS_AEAD( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
-    algorithm_classification( alg, classification_flags );
+    aead_algorithm_core( alg, classification_flags, tag_length );
 
-    /* Tag length */
-    TEST_ASSERT( tag_length == PSA_AEAD_TAG_LENGTH( alg ) );
+    /* Truncated versions */
+    for( n = 1; n <= tag_length; n++ )
+    {
+        psa_algorithm_t truncated_alg = PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, n );
+        aead_algorithm_core( truncated_alg, classification_flags, n );
+        TEST_ASSERT(
+            PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH( truncated_alg ) == alg );
+        /* Check that calling PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH twice gives
+         * the length of the outer truncation (even if the outer length is
+         * smaller than the inner length). */
+        TEST_ASSERT(
+            PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, 1 ) ==
+            PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 1 ) );
+        TEST_ASSERT(
+            PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length - 1 ) ==
+            PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length - 1) );
+        TEST_ASSERT(
+            PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length ) ==
+            PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length ) );
+    }
 }
 /* END_CASE */
 

From 57fbdb19397ec8b45a002252f5f187d7f6c76a19 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 17 Oct 2018 18:29:17 +0200
Subject: [PATCH 538/889] Use a public macro for AEAD tag length variations

Avoid depending on the encoding of algorithms inside psa_crypto.c.
---
 library/psa_crypto.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index f3a2c64af..ab9ec725e 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1225,7 +1225,7 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
     mbedtls_cipher_id_t cipher_id_tmp;
 
     if( PSA_ALG_IS_AEAD( alg ) )
-        alg &= ~PSA_ALG_AEAD_TAG_LENGTH_MASK;
+        alg = PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 0 );
 
     if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) )
     {
@@ -1249,10 +1249,10 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
             case PSA_ALG_CBC_PKCS7:
                 mode = MBEDTLS_MODE_CBC;
                 break;
-            case PSA_ALG_CCM & ~PSA_ALG_AEAD_TAG_LENGTH_MASK:
+            case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, 0 ):
                 mode = MBEDTLS_MODE_CCM;
                 break;
-            case PSA_ALG_GCM & ~PSA_ALG_AEAD_TAG_LENGTH_MASK:
+            case PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, 0 ):
                 mode = MBEDTLS_MODE_GCM;
                 break;
             default:

From e0e9c7c417e694b30870a9068769f1ca933f7d42 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 17 Oct 2018 18:28:05 +0200
Subject: [PATCH 539/889] New macro PSA_ALG_FULL_LENGTH_MAC

Provide a documented way of constructing the full-length MAC algorithm
from a truncated version.
---
 include/psa/crypto.h                              | 15 +++++++++++++++
 library/psa_crypto.c                              |  2 +-
 .../test_suite_psa_crypto_metadata.function       |  2 ++
 3 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 48c971351..99c4b523d 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -803,6 +803,21 @@ typedef uint32_t psa_algorithm_t;
     (((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) |                           \
      ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK))
 
+/** Macro to build the base MAC algorithm corresponding to a truncated
+ * MAC algorithm.
+ *
+ * \param alg           A MAC algorithm identifier (value of type
+ *                      #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
+ *                      is true). This may be a truncated or untruncated
+ *                      MAC algorithm.
+ *
+ * \return              The corresponding base MAC algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      MAC algorithm.
+ */
+#define PSA_ALG_FULL_LENGTH_MAC(alg)            \
+    ((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK)
+
 /** Length to which a MAC algorithm is truncated.
  *
  * \param alg           A MAC algorithm identifier (value of type
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ab9ec725e..6b01c13f0 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1527,7 +1527,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
     psa_key_usage_t usage =
         is_sign ? PSA_KEY_USAGE_SIGN : PSA_KEY_USAGE_VERIFY;
     unsigned char truncated = PSA_MAC_TRUNCATED_LENGTH( alg );
-    psa_algorithm_t full_length_alg = alg & ~PSA_ALG_MAC_TRUNCATION_MASK;
+    psa_algorithm_t full_length_alg = PSA_ALG_FULL_LENGTH_MAC( alg );
 
     status = psa_mac_init( operation, full_length_alg );
     if( status != PSA_SUCCESS )
diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
index 9cb68b9fa..215110a32 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.function
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -198,6 +198,7 @@ void mac_algorithm( int alg_arg, int classification_flags,
 
     mac_algorithm_core( alg, classification_flags,
                         key_type, key_bits, length );
+    TEST_ASSERT( PSA_ALG_FULL_LENGTH_MAC( alg ) == alg );
     TEST_ASSERT( length <= PSA_MAC_MAX_SIZE );
 
     /* Truncated versions */
@@ -206,6 +207,7 @@ void mac_algorithm( int alg_arg, int classification_flags,
         psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC( alg, n );
         mac_algorithm_core( truncated_alg, classification_flags,
                             key_type, key_bits, n );
+        TEST_ASSERT( PSA_ALG_FULL_LENGTH_MAC( truncated_alg ) == alg );
         /* Check that calling PSA_ALG_TRUNCATED_MAC twice gives the length
          * of the outer truncation (even if the outer length is smaller than
          * the inner length). */

From f3d0a56841493cb184e9244f1d0d9aa3929b0ee4 Mon Sep 17 00:00:00 2001
From: Derek Miller <derek.miller@arm.com>
Date: Thu, 18 Oct 2018 16:41:08 -0500
Subject: [PATCH 540/889] Integrated mostly cosmetic feedback from Alex

---
 include/psa/crypto_driver.h | 45 ++++++++++++++++++++-----------------
 1 file changed, 24 insertions(+), 21 deletions(-)

diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h
index c0a62b268..c571764ce 100644
--- a/include/psa/crypto_driver.h
+++ b/include/psa/crypto_driver.h
@@ -77,7 +77,7 @@ typedef psa_status_t (*pcd_mac_opaque_update_t)(void *p_context,
 /** \brief a function that completes a previously started MAC operation by
  * returning the resulting MAC using an opaque key
  * 
- * \param[in] p_context         A hardware-specific structure for the 
+ * \param[in,out] p_context     A hardware-specific structure for the 
  *                              previously started MAC operation to be 
  *                              finished
  * \param[out] p_mac            A buffer where the generated MAC will be
@@ -85,7 +85,7 @@ typedef psa_status_t (*pcd_mac_opaque_update_t)(void *p_context,
  * \param[in] mac_size          The size in bytes of the buffer that has been
  *                              allocated for the `output` buffer
  * \param[out] p_mac_length     After completion, will contain the number of
- *                              bytes placed in the `p_output` buffer
+ *                              bytes placed in the `p_mac` buffer
  * 
  * \retval PSA_SUCCESS
  *          Success.
@@ -98,7 +98,7 @@ typedef psa_status_t (*pcd_mac_opaque_finish_t)(void *p_context,
 /** \brief A function that completes a previously started MAC operation by
  * comparing the resulting MAC against a known value using an opaque key
  * 
- * \param[in] p_context     A hardware-specific structure for the previously
+ * \param[in,out] p_context A hardware-specific structure for the previously
  *                          started MAC operation to be fiinished
  * \param[in] p_mac         The MAC value against which the resulting MAC will
  *                          be compared against
@@ -117,7 +117,7 @@ typedef psa_status_t (*pcd_mac_opaque_finish_verify_t)(void *p_context,
 
 /** \brief A function that aborts a previous started opaque-key MAC operation
 
- * \param[in] p_context     A hardware-specific structure for the previously
+ * \param[in,out] p_context A hardware-specific structure for the previously
  *                          started MAC operation to be aborted
  */
 typedef psa_status_t (*pcd_mac_opaque_abort_t)(void *p_context);
@@ -126,9 +126,9 @@ typedef psa_status_t (*pcd_mac_opaque_abort_t)(void *p_context);
  * the calculated MAC using an opaque key
  * 
  * \param[in] p_input           A buffer containing the message to be MACed
- * \param[in] input_length      The size in bytes of `input`
+ * \param[in] input_length      The size in bytes of `p_input`
  * \param[in] key_slot          The slot of the key to be used
- * \param[in] alg               The algorithm to be used to underlie the MA
+ * \param[in] alg               The algorithm to be used to underlie the MAC
  *                              operation
  * \param[out] p_mac            A buffer where the generated MAC will be
  *                              placed
@@ -285,7 +285,7 @@ typedef psa_status_t (*pcd_mac_transparent_update_t)(struct pcd_mac_transparent_
  * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
  * the specific variant of a MAC operation (such as HMAC or CMAC)
  * 
- * \param[in] p_context         A hardware-specific structure for the
+ * \param[in,out] p_context     A hardware-specific structure for the
  *                              previously started MAC operation to be
  *                              finished
  * \param[out] p_mac            A buffer where the generated MAC will be placed
@@ -310,9 +310,9 @@ typedef psa_status_t (*pcd_mac_transparent_finish_t)(struct pcd_mac_transparent_
  * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
  * the specific variant of a MAC operation (such as HMAC or CMAC)
  * 
- * \param[in] p_context         A hardware-specific structure for the
+ * \param[in,out] p_context     A hardware-specific structure for the
  *                              previously started MAC operation to be
- *                              fiinished
+ *                              verified and finished
  * \param[in] p_mac             A buffer containing the MAC that will be used
  *                              for verification
  * \param[in] mac_length        The size in bytes of the data in the `p_mac`
@@ -336,9 +336,9 @@ typedef psa_status_t (*pcd_mac_transparent_verify_finish_t)(struct pcd_mac_trans
  * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
  * the specific variant of a MAC operation (such as HMAC or CMAC)
  * 
- * \param[in] p_context         A hardware-specific structure for the
+ * \param[in,out] p_context     A hardware-specific structure for the
  *                              previously started MAC operation to be
- *                              fiinished
+ *                              aborted
  * 
  */
 typedef psa_status_t (*pcd_mac_transparent_abort_t)(struct pcd_mac_transparent_context_t *p_context);
@@ -475,9 +475,9 @@ typedef psa_status_t (*pcd_cipher_opaque_update_t)(void *p_context,
 /** \brief A function that completes a previously started opaque-key cipher
  * operation
  *
- * \param[in] p_context         A hardware-specific structure for the
+ * \param[in,out] p_context     A hardware-specific structure for the
  *                              previously started cipher operation
- * \param[out] p_output         The caller-callocated buffer where the output
+ * \param[out] p_output         The caller-allocated buffer where the output
  *                              will be placed
  * \param[in] output_size       The allocated size in bytes of the `p_output`
  *                              buffer
@@ -494,7 +494,7 @@ typedef psa_status_t (*pcd_cipher_opaque_finish_t)(void *p_context,
 /** \brief A function that aborts a previously started opaque-key cipher
  * operation
  *
- * \param[in] p_context         A hardware-specific structure for the
+ * \param[in,out] p_context     A hardware-specific structure for the
  *                              previously started cipher operation
  */
 typedef psa_status_t (*pcd_cipher_opaque_abort_t)(void *p_context);
@@ -513,7 +513,7 @@ typedef psa_status_t (*pcd_cipher_opaque_abort_t)(void *p_context);
  *                          encrypted/decrypted
  * \param[in] input_size    The size in bytes of the buffer pointed to by
  *                          `p_input`
- * \param[out] p_output     The caller-allocated byffer where the output will
+ * \param[out] p_output     The caller-allocated buffer where the output will
  *                          be placed
  * \param[in] output_size   The allocated size in bytes of the `p_output`
  *                          buffer
@@ -672,7 +672,7 @@ typedef psa_status_t (*pcd_cipher_transparent_update_t)(struct pcd_cipher_transp
  * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
  * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
  *
- * \param[in] p_context         A hardware-specific structure for the
+ * \param[in,out] p_context     A hardware-specific structure for the
  *                              previously started cipher operation
  * \param[out] p_output         A caller-allocated buffer where the generated
  *                              output will be placed
@@ -699,7 +699,7 @@ typedef psa_status_t (*pcd_cipher_transparent_finish_t)(struct pcd_cipher_transp
  * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
  * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
  * 
- * \param[in] p_context         A hardware-specific structure for the
+ * \param[in,out] p_context     A hardware-specific structure for the
  *                              previously started cipher operation
  * 
  * \retval PSA_SUCCESS
@@ -768,20 +768,23 @@ typedef psa_status_t (*pcd_hash_update_t)(struct pcd_hash_context_t *p_context,
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm
  * 
- * \param[in] p_context         A hardware-specific structure for the
+ * \param[in,out] p_context     A hardware-specific structure for the
  *                              previously started hash operation to be
  *                              fiinished
  * \param[out] p_output         A buffer where the generated digest will be
  *                              placed
  * \param[in] output_size       The size in bytes of the buffer that has been
  *                              allocated for the `p_output` buffer
+ * \param[out] p_output_length  The number of bytes placed in `p_output` after
+ *                              success
  * 
  * \retval PSA_SUCCESS
  *          Success.
  */
 typedef psa_status_t (*pcd_hash_finish_t)(struct pcd_hash_context_t *p_context,
                                           uint8_t *p_output,
-                                          size_t output_size);
+                                          size_t output_size,
+                                          size_t *p_output_length);
 
 /** \brief The function prototype for the abort operation of a hash (message
  * digest) operation
@@ -793,7 +796,7 @@ typedef psa_status_t (*pcd_hash_finish_t)(struct pcd_hash_context_t *p_context,
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm
  * 
- * \param[in] p_context     A hardware-specific structure for the previously
+ * \param[in,out] p_context A hardware-specific structure for the previously
  *                          started hash operation to be aborted
  */
 typedef void (*pcd_hash_abort_t)(struct pcd_hash_context_t *p_context);
@@ -814,7 +817,7 @@ typedef void (*pcd_hash_abort_t)(struct pcd_hash_context_t *p_context);
  * \param[in] p_hash                The hash or message to sign
  * \param[in] hash_length           Size of the `p_hash` buffer in bytes
  * \param[out] p_signature          Buffer where the signature is to be written
- * \param signature_size            Size of the `p_signature` buffer in bytes
+ * \param[in] signature_size        Size of the `p_signature` buffer in bytes
  * \param[out] p_signature_length   On success, the number of bytes
  *                                  that make up the returned signature value
  *

From ddb4f3bdf7fba1e02fd03de906b0d5ef91dcc1c9 Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Fri, 19 Oct 2018 11:34:50 +0100
Subject: [PATCH 541/889] Add a Jenkinsfile for PR job testing

---
 tests/.jenkins/Jenkinsfile | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 tests/.jenkins/Jenkinsfile

diff --git a/tests/.jenkins/Jenkinsfile b/tests/.jenkins/Jenkinsfile
new file mode 100644
index 000000000..78a7878ee
--- /dev/null
+++ b/tests/.jenkins/Jenkinsfile
@@ -0,0 +1 @@
+mbedtls_psa.run_job()

From 1824696681de10a1f01048ef7e3bdd21f407a788 Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Wed, 17 Oct 2018 15:01:45 +0100
Subject: [PATCH 542/889] Fix integer conversion warnings in psa_constant_names

---
 programs/psa/psa_constant_names.c | 18 +++++++++---------
 scripts/generate_psa_constants.py |  6 +++---
 2 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c
index 55a70c60d..88821dab5 100644
--- a/programs/psa/psa_constant_names.c
+++ b/programs/psa/psa_constant_names.c
@@ -83,9 +83,9 @@ static int psa_snprint_status(char *buffer, size_t buffer_size,
         size_t length = strlen(name);
         if (length < buffer_size) {
             memcpy(buffer, name, length + 1);
-            return length;
+            return (int) length;
         } else {
-            return buffer_size;
+            return (int) buffer_size;
         }
     }
 }
@@ -100,9 +100,9 @@ static int psa_snprint_ecc_curve(char *buffer, size_t buffer_size,
         size_t length = strlen(name);
         if (length < buffer_size) {
             memcpy(buffer, name, length + 1);
-            return length;
+            return (int) length;
         } else {
-            return buffer_size;
+            return (int) buffer_size;
         }
     }
 }
@@ -144,15 +144,15 @@ int main(int argc, char *argv[])
     }
 
     if (!strcmp(argv[1], "error") || !strcmp(argv[1], "status"))
-        psa_snprint_status(buffer, sizeof(buffer), value);
+        psa_snprint_status(buffer, sizeof(buffer), (psa_status_t) value);
     else if (!strcmp(argv[1], "alg") || !strcmp(argv[1], "algorithm"))
-        psa_snprint_algorithm(buffer, sizeof(buffer), value);
+        psa_snprint_algorithm(buffer, sizeof(buffer), (psa_algorithm_t) value);
     else if (!strcmp(argv[1], "curve") || !strcmp(argv[1], "ecc_curve"))
-        psa_snprint_ecc_curve(buffer, sizeof(buffer), value);
+        psa_snprint_ecc_curve(buffer, sizeof(buffer), (psa_ecc_curve_t) value);
     else if (!strcmp(argv[1], "type") || !strcmp(argv[1], "key_type"))
-        psa_snprint_key_type(buffer, sizeof(buffer), value);
+        psa_snprint_key_type(buffer, sizeof(buffer), (psa_key_type_t) value);
     else if (!strcmp(argv[1], "usage") || !strcmp(argv[1], "key_usage"))
-        psa_snprint_key_usage(buffer, sizeof(buffer), value);
+        psa_snprint_key_usage(buffer, sizeof(buffer), (psa_key_usage_t) value);
     else {
         printf("Unknown type: %s\n", argv[1]);
         return EXIT_FAILURE;
diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py
index 85bfe3ae9..7e4420b69 100755
--- a/scripts/generate_psa_constants.py
+++ b/scripts/generate_psa_constants.py
@@ -44,7 +44,7 @@ static int psa_snprint_key_type(char *buffer, size_t buffer_size,
         break;
     }
     buffer[0] = 0;
-    return required_size;
+    return (int) required_size;
 }
 
 static int psa_snprint_algorithm(char *buffer, size_t buffer_size,
@@ -84,7 +84,7 @@ static int psa_snprint_algorithm(char *buffer, size_t buffer_size,
         append(&buffer, buffer_size, &required_size, ")", 1);
     }
     buffer[0] = 0;
-    return required_size;
+    return (int) required_size;
 }
 
 static int psa_snprint_key_usage(char *buffer, size_t buffer_size,
@@ -110,7 +110,7 @@ static int psa_snprint_key_usage(char *buffer, size_t buffer_size,
     } else {
         buffer[0] = 0;
     }
-    return required_size;
+    return (int) required_size;
 }
 
 /* End of automatically generated file. */

From e5204c94a148b48da8819682bf77bfd54448c924 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Mon, 22 Oct 2018 17:24:55 +0300
Subject: [PATCH 543/889] add tests that increase key derivation code coverage
 slightly

added tests that increase code coverage for the key derivation functions slightly
by reaching error cases not covered before.
---
 tests/suites/test_suite_psa_crypto.data     | 12 +++++++++++
 tests/suites/test_suite_psa_crypto.function | 23 +++++++++++++++++++++
 2 files changed, 35 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 871a511b2..1a93a8929 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1189,6 +1189,10 @@ PSA key derivation: HKDF-SHA-256, good case
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"":"":42:PSA_SUCCESS
 
+PSA key derivation: HKDF-SHA-512, good case
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_512):"":"":42:PSA_SUCCESS
+
 PSA key derivation: bad key type
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_setup:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT
@@ -1201,6 +1205,14 @@ PSA key derivation: unsupported key derivation algorithm
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_CATEGORY_HASH):"":"":42:PSA_ERROR_NOT_SUPPORTED
 
+PSA key derivation: unsupported key derivation algorithm
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_CATEGORY_KEY_DERIVATION:"":"":42:PSA_ERROR_NOT_SUPPORTED
+
+PSA key derivation: bad arguments test
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+test_derive_invalid_generator:
+
 PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":""
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 63d837fdc..c6f49c007 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -3085,6 +3085,29 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void test_derive_invalid_generator()
+{
+    psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+    psa_key_slot_t base_key = 1;
+    psa_algorithm_t alg = PSA_ALG_HKDF(PSA_ALG_SHA_256);
+    data_t salt;
+    data_t label;
+    size_t capacity = 0;
+    salt.x = NULL;
+    salt.len = 0;
+    label.x = NULL;
+    label.len = 0;
+
+    generator.alg = alg;
+    /* invalid generator.alg */
+    TEST_ASSERT(  psa_key_derivation( &generator, base_key, alg,
+                                     salt.x, salt.len,
+                                     label.x, label.len,
+                                     capacity ) == PSA_ERROR_BAD_STATE );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void derive_output( int alg_arg,
                     data_t *key_data,

From 6dee5c9649651629542c647876b61cf8c80e6e42 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 22 Oct 2018 19:11:00 +0200
Subject: [PATCH 544/889] Add test_suite_psa_crypto_metadata to cmake builds

This test suite was run by make builds, but I had forgotten to add it
to CMakeLists.txt.
---
 tests/CMakeLists.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index d8b74f227..a7821d7bc 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -111,6 +111,7 @@ add_test_suite(pkparse)
 add_test_suite(pkwrite)
 add_test_suite(poly1305)
 add_test_suite(psa_crypto)
+add_test_suite(psa_crypto_metadata)
 add_test_suite(shax)
 add_test_suite(ssl)
 add_test_suite(timing)

From 9ba61d0ce5143cafac2aa057ab4ae1d05eccf972 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 22 Oct 2018 19:26:38 +0200
Subject: [PATCH 545/889] Ignore generated files under crypto/ from
 crypto/.gitignore

In /crypto/.gitignore, list files that are generated by a build done
under /crypto/. In the outer /.gitignore, list files under /crypto/
only if they are created by the export process.

This commit slightly refines both lists and adds some build products
to /crypto/.gitignore.
---
 .gitignore        | 11 ++++++-----
 crypto/.gitignore | 11 +++++++++++
 2 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/.gitignore b/.gitignore
index 2edbc997c..ea732a496 100644
--- a/.gitignore
+++ b/.gitignore
@@ -30,12 +30,13 @@ massif-*
 # Exported Mbed Crypto files
 crypto/LICENSE
 crypto/VERSION.txt
-crypto/include
+crypto/include/mbedcrypto/*.h
+crypto/include/psa/*.h
 crypto/library/*.c
-crypto/library/libmbedcrypto*
+crypto/programs/psa/*.c
+crypto/programs/psa/*.sh
 crypto/scripts
 crypto/tests/scripts
-crypto/tests/suites
-crypto/tests/test_suite*
-crypto/programs/psa
+crypto/tests/suites/*.data
+crypto/tests/suites/*.function
 mbedcrypto.tar.gz
diff --git a/crypto/.gitignore b/crypto/.gitignore
index bf39198d1..ae4ba4530 100644
--- a/crypto/.gitignore
+++ b/crypto/.gitignore
@@ -1,2 +1,13 @@
+*.exe
+*.o
+*.obj
 /docs/*.pdf
 /docs/html
+/library/libmbedcrypto*.a
+/library/libmbedcrypto*.dll
+/library/libmbedcrypto*.so
+/library/libmbedcrypto*.so.[0-9]*
+/programs/psa/crypto_examples
+/programs/psa/key_ladder_demo
+/programs/psa/psa_constant_names
+/tests/test_suite_*

From 765682cf09604656d31e68f99126450c87fd5080 Mon Sep 17 00:00:00 2001
From: Derek Miller <derek.miller@arm.com>
Date: Mon, 22 Oct 2018 15:27:27 -0500
Subject: [PATCH 546/889] Added detailed descriptions for modules. Additional
 small edits.

---
 include/psa/crypto_driver.h | 150 ++++++++++++++++++++++++++++++------
 1 file changed, 125 insertions(+), 25 deletions(-)

diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h
index c571764ce..14784bb72 100644
--- a/include/psa/crypto_driver.h
+++ b/include/psa/crypto_driver.h
@@ -41,6 +41,20 @@ typedef uint32_t psa_key_slot_t;
 typedef uint32_t psa_key_type_t;
 
 /** \defgroup opaque_mac Opaque Message Authentication Code
+ * Generation and authentication of Message Authentication Codes (MACs) using
+ * opaque keys can be done either as a single function call (via the 
+ * `pcd_mac_opaque_generate_t` or `psa_mac_opaque_verify_t` functions), or in
+ * parts using the following sequence:
+ * - `psa_mac_opaque_setup_t`
+ * - `psa_mac_opaque_update_t`
+ * - `psa_mac_opaque_update_t`
+ * - ...
+ * - `psa_mac_opaque_finish_t` or `psa_mac_opaque_finish_verify_t`
+ * 
+ * If a previously started Opaque MAC operation needs to be terminated, it 
+ * should be done so by the `psa_mac_opaque_abort_t`. Failure to do so may
+ * result in allocated resources not being freed or in other undefined
+ * behavior.
  */
 /**@{*/
 /** \brief A function that starts a MAC operation for a PSA Crypto Driver 
@@ -179,8 +193,8 @@ typedef psa_status_t (*pcd_mac_opaque_verify_t)(const uint8_t *p_input,
  * PSA Crypto API implementations should populate the table as appropriate
  * upon startup.
  *
- * If one of the functions is not implemented (such as `pcd_mac_opaque_t`),
- * it should be set to NULL.
+ * If one of the functions is not implemented (such as
+ * `pcd_mac_opaque_generate_t`), it should be set to NULL.
  * 
  * Driver implementers should ensure that they implement all of the functions
  * that make sense for their hardware, and that they provide a full solution
@@ -217,10 +231,26 @@ struct pcd_mac_opaque_t {
 /**@}*/
 
 /** \defgroup transparent_mac Transparent Message Authentication Code
+ * Generation and authentication of Message Authentication Codes (MACs) using
+ * transparent keys can be done either as a single function call (via the 
+ * `pcd_mac_transparent_generate_t` or `psa_mac_transparent_verify_t`
+ * functions), or in parts using the following sequence:
+ * - `psa_mac_transparent_setup_t`
+ * - `psa_mac_transparent_update_t`
+ * - `psa_mac_transparent_update_t`
+ * - ...
+ * - `psa_mac_transparent_finish_t` or `psa_mac_transparent_finish_verify_t`
+ * 
+ * If a previously started Transparent MAC operation needs to be terminated, it 
+ * should be done so by the `psa_mac_transparent_abort_t`. Failure to do so may
+ * result in allocated resources not being freed or in other undefined
+ * behavior.
+ * 
  */
 /**@{*/
 
 /** \brief The hardware-specific transparent-key MAC context structure
+ *
  * The contents of this structure are implementation dependent and are
  * therefore not described here.
  */
@@ -321,7 +351,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_t)(struct pcd_mac_transparent_
  * \retval PSA_SUCCESS
  *          The operation completed successfully and the comparison matched
  */
-typedef psa_status_t (*pcd_mac_transparent_verify_finish_t)(struct pcd_mac_transparent_context_t *p_context,
+typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(struct pcd_mac_transparent_context_t *p_context,
                                                             const uint8_t *p_mac,
                                                             size_t mac_length);
 
@@ -405,6 +435,24 @@ typedef psa_status_t (*pcd_mac_transparent_verify_t)(const uint8_t *p_input,
 /**@}*/
 
 /** \defgroup opaque_cipher Opaque Symmetric Ciphers
+ * 
+ * Encryption and Decryption using opaque keys in block modes other than ECB
+ * must be done in multiple parts, using the following flow:
+ * - `pcd_cipher_opaque_setup_t`
+ * - `pcd_cipher_opaque_set_iv_t` (optional depending upon block mode)
+ * - `pcd_cipher_opaque_update_t`
+ * - ...
+ * - `pcd_cipher_opaque_finish_t`
+
+ * If a previously started Opaque Cipher operation needs to be terminated, it 
+ * should be done so by the `psa_cipher_opaque_abort_t`. Failure to do so may
+ * result in allocated resources not being freed or in other undefined
+ * behavior.
+ * 
+ * In situations where a PSA Cryptographic API implementation is using a block
+ * mode not-supported by the underlying hardware or driver, it can construct
+ * the block mode itself, while calling the `pcd_cipher_opaque_ecb_t` function
+ * pointer for the cipher operations.
  */
 /**@{*/
 
@@ -431,10 +479,10 @@ typedef psa_status_t (*pcd_cipher_opaque_setup_t)(void *p_context,
 /** \brief A function pointer that sets the initialization vector (if
  * necessary) for an opaque cipher operation
  * 
- * Rationale: that the psa_cipher_* function set has two IV functions: one to
- * set the IV, and one to generate it internally. the generate function is not
- * necessary for the driver API as the PSA Crypto implementation can do the
- * generation using its RNG features.
+ * Rationale: The `psa_cipher_*` function in the PSA Cryptographif API has two
+ * IV functions: one to set the IV, and one to generate it internally. The
+ * generate function is not necessary for the driver API as the PSA Crypto
+ * implementation can do the generation using its RNG features.
  * 
  * \param[in,out] p_context     A structure that contains the previously set up
  *                              hardware-specific cipher context
@@ -564,11 +612,24 @@ struct pcd_cipher_opaque_t {
 /**@}*/
 
 /** \defgroup transparent_cipher Transparent Block Cipher
+ * Encryption and Decryption using transparent keys in block modes other than
+ * ECB must be done in multiple parts, using the following flow:
+ * - `pcd_cipher_transparent_setup_t`
+ * - `pcd_cipher_transparent_set_iv_t` (optional depending upon block mode)
+ * - `pcd_cipher_transparent_update_t`
+ * - ...
+ * - `pcd_cipher_transparent_finish_t`
+
+ * If a previously started Transparent Cipher operation needs to be terminated,
+ * it should be done so by the `psa_cipher_transparent_abort_t`. Failure to do
+ * so may result in allocated resources not being freed or in other undefined
+ * behavior.
  */
 /**@{*/
 
 /** \brief The hardware-specific transparent-key Cipher context structure
- *  The contents of this structure are implementation dependent and are
+ * 
+ * The contents of this structure are implementation dependent and are
  * therefore not described here.
  */
 struct pcd_cipher_transparent_context_t {
@@ -709,10 +770,23 @@ typedef psa_status_t (*pcd_cipher_transparent_abort_t)(struct pcd_cipher_transpa
 /**@}*/
 
 /** \defgroup driver_digest Message Digests
+ * 
+ * Generation and authentication of Message Digests (aka hashes) must be done
+ * in parts using the following sequence:
+ * - `psa_hash_setup_t`
+ * - `psa_hash_update_t`
+ * - ...
+ * - `psa_hash_finish_t`
+ * 
+ * If a previously started Message Digest operation needs to be terminated
+ * before the `psa_hash_finish_t` operation is complete, it should be aborted
+ * by the `psa_hash_abort_t`. Failure to do so may result in allocated
+ * resources not being freed or in other undefined behavior.
  */
 /**@{*/
 
 /** \brief The hardware-specific hash context structure
+ * 
  * The contents of this structure are implementation dependent and are
  * therefore not described here
  */
@@ -805,6 +879,10 @@ typedef void (*pcd_hash_abort_t)(struct pcd_hash_context_t *p_context);
 
 
 /** \defgroup opaque_asymmetric Opaque Asymmetric Cryptography
+ * 
+ * Since the amount of data that can (or should) be encrypted or signed using
+ * asymmetric keys is limited by the key size, asymmetric key operations using
+ * opaque keys must be done in single function calls.
  */
 /**@{*/
 
@@ -814,7 +892,7 @@ typedef void (*pcd_hash_abort_t)(struct pcd_hash_context_t *p_context);
  * \param[in] key_slot              Key slot of an asymmetric key pair
  * \param[in] alg                   A signature algorithm that is compatible
  *                                  with the type of `key`
- * \param[in] p_hash                The hash or message to sign
+ * \param[in] p_hash                The hash to sign
  * \param[in] hash_length           Size of the `p_hash` buffer in bytes
  * \param[out] p_signature          Buffer where the signature is to be written
  * \param[in] signature_size        Size of the `p_signature` buffer in bytes
@@ -833,14 +911,13 @@ typedef psa_status_t (*pcd_asymmetric_opaque_sign_t)(psa_key_slot_t key_slot,
 
 /**
  * \brief A function that verifies the signature a hash or short message using
- * a public key
+ * an asymmetric public key
  *
  * \param[in] key_slot          Key slot of a public key or an asymmetric key
  *                              pair
  * \param[in] alg               A signature algorithm that is compatible with
  *                              the type of `key`
- * \param[in] p_hash            The hash or message whose signature is to be
- *                              verified
+ * \param[in] p_hash            The hash whose signature is to be verified
  * \param[in] hash_length       Size of the `p_hash` buffer in bytes
  * \param[in] p_signature       Buffer containing the signature to verify
  * \param[in] signature_length  Size of the `p_signature` buffer in bytes
@@ -856,7 +933,8 @@ typedef psa_status_t (*pcd_asymmetric_opaque_verify_t)(psa_key_slot_t key_slot,
                                                        size_t signature_length);
 
 /**
- * \brief A function that encrypts a short message with a public key
+ * \brief A function that encrypts a short message with an asymmetric public
+ * key
  *
  * \param[in] key_slot          Key slot of a public key or an asymmetric key
  *                              pair
@@ -894,7 +972,7 @@ typedef psa_status_t (*pcd_asymmetric_opaque_encrypt_t)(psa_key_slot_t key_slot,
                                                         size_t *p_output_length);
 
 /**
- * \brief Decrypt a short message with a private key.
+ * \brief Decrypt a short message with an asymmetric private key.
  *
  * \param[in] key_slot          Key slot of an asymmetric key pair
  * \param[in] alg               An asymmetric encryption algorithm that is
@@ -953,13 +1031,17 @@ struct pcd_asymmetric_opaque_t {
 /**@}*/
 
 /** \defgroup transparent_asymmetric Transparent Asymmetric Cryptography
+ *
+ * Since the amount of data that can (or should) be encrypted or signed using
+ * asymmetric keys is limited by the key size, asymmetric key operations using
+ * transparent keys must be done in single function calls.
  */
 /**@{*/
 
 
 /**
  * \brief A function that signs a hash or short message with a transparent
- * private key
+ * asymmetric private key
  * 
  * Functions that implement the prototype should be named in the following
  * convention:
@@ -993,7 +1075,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_sign_t)(const uint8_t *p_key,
 
 /**
  * \brief A function that verifies the signature a hash or short message using
- * a transparent public key
+ * a transparent asymmetric public key
  *
  * Functions that implement the prototype should be named in the following
  * convention:
@@ -1024,8 +1106,8 @@ typedef psa_status_t (*pcd_asymmetric_transparent_verify_t)(const uint8_t *p_key
                                                             size_t signature_length);
 
 /**
- * \brief A function that encrypts a short message with a transparent public
- * key
+ * \brief A function that encrypts a short message with a transparent
+ * asymmetric public key
  *
  * Functions that implement the prototype should be named in the following
  * convention:
@@ -1071,7 +1153,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)(const uint8_t *p_ke
                                                              size_t *p_output_length);
 
 /**
- * \brief Decrypt a short message with a transparent private key
+ * \brief Decrypt a short message with a transparent asymmetric private key
  *
  * Functions that implement the prototype should be named in the following
  * convention:
@@ -1119,6 +1201,11 @@ typedef psa_status_t (*pcd_asymmetric_transparent_decrypt_t)(const uint8_t *p_ke
 /**@}*/
 
 /** \defgroup aead_opaque AEAD Opaque
+ * Authenticated Encryption with Additional Data (AEAD) operations with opaque
+ * keys must be done in one function call. While this creates a burden for 
+ * implementers as there must be sufficient space in memory for the entire
+ * message, it prevents decrypted data from being made available before the
+ * authentication operation is complete and the data is known to be authentic.
  */
 /**@{*/
 
@@ -1221,10 +1308,17 @@ struct psa_aead_opaque_t {
 /**@}*/
 
 /** \defgroup aead_transparent AEAD Transparent
+ * 
+ * Authenticated Encryption with Additional Data (AEAD) operations with
+ * transparent keys must be done in one function call. While this creates a
+ * burden for implementers as there must be sufficient space in memory for the
+ * entire message, it prevents decrypted data from being made available before
+ * the authentication operation is complete and the data is known to be
+ * authentic.
  */
 /**@{*/
 
-/** Process an authenticated encryption operation.
+/** Process an authenticated encryption operation using an opaque key.
  * 
  * Functions that implement the prototype should be named in the following
  * convention:
@@ -1277,7 +1371,7 @@ typedef psa_status_t (*psa_aead_transparent_encrypt_t)(const uint8_t *p_key,
                                                        size_t ciphertext_size,
                                                        size_t *ciphertext_length);
 
-/** Process an authenticated decryption operation.
+/** Process an authenticated decryption operation using an opaque key.
  * 
  * Functions that implement the prototype should be named in the following
  * convention:
@@ -1402,6 +1496,10 @@ struct pcd_entropy_t {
 /**@}*/
 
 /** \defgroup driver_key_management Key Management
+ * Currently, key management is limited to importing keys in the clear,
+ * destroying keys, and exporting keys in the clear.
+ * Whether a key may be exported is determined by the key policies in place
+ * on the key slot.
  */
 /**@{*/
 
@@ -1537,10 +1635,6 @@ struct pcd_key_management_t {
 /**@}*/
 
 /** \defgroup driver_derivation Key Derivation and Agreement
- */
-/**@{*/
-
-/**
  * Key derivation is the process of generating new key material using an
  * existing key and additional parameters, iterating through a basic
  * cryptographic function, such as a hash.
@@ -1587,7 +1681,13 @@ struct pcd_key_management_t {
  *                           &session_key_length);
  * ~~~~~~~~~~~~~
  */
+/**@{*/
 
+/** \brief The hardware-specific key derivation context structure
+ * 
+ * The contents of this structure are implementation dependent and are
+ * therefore not described here
+ */
 struct pcd_key_derivation_context_t {
     // Implementation specific
 };

From 608e091d9a44f562d8b240d9602cbb268eab1b6d Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Wed, 17 Oct 2018 14:48:27 +0100
Subject: [PATCH 547/889] Add pre Visual Studio 2015 support to
 psa_constant_names

snprintf was only added in Visual Studio 2015. This adds support
for building using Visual Studio versions prior to 2015.

This implementation of snprintf has been taken from platform.c
---
 programs/psa/psa_constant_names.c | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c
index 88821dab5..dd19677c4 100644
--- a/programs/psa/psa_constant_names.c
+++ b/programs/psa/psa_constant_names.c
@@ -4,6 +4,35 @@
 
 #include "psa/crypto.h"
 
+/* This block is present to support Visual Studio builds prior to 2015 */
+#if defined(_MSC_VER) && _MSC_VER < 1900
+#include <stdarg.h>
+int snprintf( char *s, size_t n, const char *fmt, ... )
+{
+    int ret;
+    va_list argp;
+
+    /* Avoid calling the invalid parameter handler by checking ourselves */
+    if( s == NULL || n == 0 || fmt == NULL )
+        return( -1 );
+
+    va_start( argp, fmt );
+#if defined(_TRUNCATE) && !defined(__MINGW32__)
+    ret = _vsnprintf_s( s, n, _TRUNCATE, fmt, argp );
+#else
+    ret = _vsnprintf( s, n, fmt, argp );
+    if( ret < 0 || (size_t) ret == n )
+    {
+        s[n-1] = '\0';
+        ret = -1;
+    }
+#endif
+    va_end( argp );
+
+    return( ret );
+}
+#endif
+
 /* There are different GET_HASH macros for different kinds of algorithms
  * built from hashes, but the values are all constructed on the
  * same model. */

From 3b80ab93ce0c6e173c773622f77b2899c949ef0b Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Wed, 17 Oct 2018 16:11:34 +0100
Subject: [PATCH 548/889] Add path handling for psa_constant_names on Windows

---
 programs/Makefile | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/programs/Makefile b/programs/Makefile
index b1534071c..9cc28c47e 100644
--- a/programs/Makefile
+++ b/programs/Makefile
@@ -96,7 +96,12 @@ all: $(APPS)
 $(DEP):
 	$(MAKE) -C ../library
 
+ifdef WINDOWS
+EXTRA_GENERATED += psa\psa_constant_names_generated.c
+else
 EXTRA_GENERATED += psa/psa_constant_names_generated.c
+endif
+
 psa/psa_constant_names$(EXEXT): psa/psa_constant_names_generated.c
 psa/psa_constant_names_generated.c: ../scripts/generate_psa_constants.py ../include/psa/crypto.h
 	../scripts/generate_psa_constants.py

From 6c0f94cbd0ede1dad6383ea27a8d8569123afefc Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Wed, 17 Oct 2018 16:12:33 +0100
Subject: [PATCH 549/889] Add better handling when deleting files on Windows

Windows complains if you try to delete a file that doesn't exist.
Makefiles now check if the files exist before trying to delete them.
---
 library/Makefile  | 3 ++-
 programs/Makefile | 4 +++-
 tests/Makefile    | 4 +++-
 3 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/library/Makefile b/library/Makefile
index f4b39bdeb..cf6750d05 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -200,5 +200,6 @@ clean:
 ifndef WINDOWS
 	rm -f *.o libmbed*
 else
-	del /Q /F *.o libmbed*
+	if exist *.o del /Q /F *.o
+	if exist libmbed* del /Q /F libmbed*
 endif
diff --git a/programs/Makefile b/programs/Makefile
index 9cc28c47e..f3627c906 100644
--- a/programs/Makefile
+++ b/programs/Makefile
@@ -322,7 +322,9 @@ clean:
 ifndef WINDOWS
 	rm -f $(APPS) $(EXTRA_GENERATED)
 else
-	del /S /Q /F *.o *.exe $(EXTRA_GENERATED)
+	if exist *.o del /S /Q /F *.o
+	if exist *.exe del /S /Q /F *.exe
+	if exist $(EXTRA_GENERATED) del /S /Q /F $(EXTRA_GENERATED)
 endif
 
 list:
diff --git a/tests/Makefile b/tests/Makefile
index b6e49bf8a..889d2a7da 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -107,7 +107,9 @@ clean:
 ifndef WINDOWS
 	rm -rf $(BINARIES) *.c *.datax TESTS
 else
-	del /Q /F *.c *.exe *.datax
+	if exist *.c del /Q /F *.c
+	if exist *.exe del /Q /F *.exe
+	if exist *.datax del /Q /F *.datax
 ifneq ($(wildcard TESTS/.*),)
 	rmdir /Q /S TESTS
 endif

From 81133a6f76cce15019e631e4c771a4ba2cf4fe4a Mon Sep 17 00:00:00 2001
From: Derek Miller <derek.miller@arm.com>
Date: Tue, 23 Oct 2018 14:55:32 -0500
Subject: [PATCH 550/889] More changes due to PR feedback

---
 include/psa/crypto_driver.h | 83 +++++++++++++++++--------------------
 1 file changed, 39 insertions(+), 44 deletions(-)

diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h
index 14784bb72..19f5adaac 100644
--- a/include/psa/crypto_driver.h
+++ b/include/psa/crypto_driver.h
@@ -39,6 +39,7 @@ typedef uint32_t psa_algorithm_t;
 typedef uint8_t encrypt_or_decrypt_t;
 typedef uint32_t psa_key_slot_t;
 typedef uint32_t psa_key_type_t;
+typedef uint32_t psa_key_usage_t;
 
 /** \defgroup opaque_mac Opaque Message Authentication Code
  * Generation and authentication of Message Authentication Codes (MACs) using
@@ -136,7 +137,7 @@ typedef psa_status_t (*pcd_mac_opaque_finish_verify_t)(void *p_context,
  */
 typedef psa_status_t (*pcd_mac_opaque_abort_t)(void *p_context);
 
-/** \brief A funciton that performs a MAC operation in one command and return
+/** \brief A function that performs a MAC operation in one command and returns
  * the calculated MAC using an opaque key
  * 
  * \param[in] p_input           A buffer containing the message to be MACed
@@ -146,7 +147,7 @@ typedef psa_status_t (*pcd_mac_opaque_abort_t)(void *p_context);
  *                              operation
  * \param[out] p_mac            A buffer where the generated MAC will be
  *                              placed
- * \param[in] mac_size          The size in bytes of the `output` buffer
+ * \param[in] mac_size          The size in bytes of the `p_mac` buffer
  * \param[out] p_mac_length     After completion, will contain the number of
  *                              bytes placed in the `output` buffer
  * 
@@ -254,9 +255,7 @@ struct pcd_mac_opaque_t {
  * The contents of this structure are implementation dependent and are
  * therefore not described here.
  */
-struct pcd_mac_transparent_context_t {
-    // Implementation specific
-};
+typedef struct pcd_mac_transparent_context_s pcd_mac_transparent_context_t;
 
 /** \brief The function prototype for the setup operation of a
  * transparent-key MAC operation
@@ -278,7 +277,7 @@ struct pcd_mac_transparent_context_t {
  * \retval  PSA_SUCCESS
  *          Success.
  */
-typedef psa_status_t (*pcd_mac_transparent_setup_t)(struct pcd_mac_transparent_context_t *p_context,
+typedef psa_status_t (*pcd_mac_transparent_setup_t)(pcd_mac_transparent_context_t *p_context,
                                                     const uint8_t *p_key,
                                                     size_t key_length);
 
@@ -300,7 +299,7 @@ typedef psa_status_t (*pcd_mac_transparent_setup_t)(struct pcd_mac_transparent_c
  *                              to the MAC operation
  * \param[in] input_length      The size in bytes of the input message buffer
  */
-typedef psa_status_t (*pcd_mac_transparent_update_t)(struct pcd_mac_transparent_context_t *p_context,
+typedef psa_status_t (*pcd_mac_transparent_update_t)(pcd_mac_transparent_context_t *p_context,
                                                      const uint8_t *p_input,
                                                      size_t input_length);
 
@@ -325,7 +324,7 @@ typedef psa_status_t (*pcd_mac_transparent_update_t)(struct pcd_mac_transparent_
  * \retval PSA_SUCCESS
  *          Success.
  */
-typedef psa_status_t (*pcd_mac_transparent_finish_t)(struct pcd_mac_transparent_context_t *p_context,
+typedef psa_status_t (*pcd_mac_transparent_finish_t)(pcd_mac_transparent_context_t *p_context,
                                                      uint8_t *p_mac,
                                                      size_t mac_length);
 
@@ -351,7 +350,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_t)(struct pcd_mac_transparent_
  * \retval PSA_SUCCESS
  *          The operation completed successfully and the comparison matched
  */
-typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(struct pcd_mac_transparent_context_t *p_context,
+typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(pcd_mac_transparent_context_t *p_context,
                                                             const uint8_t *p_mac,
                                                             size_t mac_length);
 
@@ -371,7 +370,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(struct pcd_mac_trans
  *                              aborted
  * 
  */
-typedef psa_status_t (*pcd_mac_transparent_abort_t)(struct pcd_mac_transparent_context_t *p_context);
+typedef psa_status_t (*pcd_mac_transparent_abort_t)(pcd_mac_transparent_context_t *p_context);
 
 /** \brief The function prototype for a one-shot operation of a transparent-key
  * MAC operation
@@ -479,7 +478,7 @@ typedef psa_status_t (*pcd_cipher_opaque_setup_t)(void *p_context,
 /** \brief A function pointer that sets the initialization vector (if
  * necessary) for an opaque cipher operation
  * 
- * Rationale: The `psa_cipher_*` function in the PSA Cryptographif API has two
+ * Rationale: The `psa_cipher_*` function in the PSA Cryptographic API has two
  * IV functions: one to set the IV, and one to generate it internally. The
  * generate function is not necessary for the driver API as the PSA Crypto
  * implementation can do the generation using its RNG features.
@@ -632,9 +631,7 @@ struct pcd_cipher_opaque_t {
  * The contents of this structure are implementation dependent and are
  * therefore not described here.
  */
-struct pcd_cipher_transparent_context_t {
-    // Implementation specific
-};
+typedef struct pcd_cipher_transparent_context_s pcd_cipher_transparent_context_t;
 
 /** \brief The function prototype for the setup operation of transparent-key
  * block cipher operations.
@@ -662,7 +659,7 @@ struct pcd_cipher_transparent_context_t {
  * 
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_cipher_transparent_setup_t)(struct pcd_cipher_transparent_context_t *p_context,
+typedef psa_status_t (*pcd_cipher_transparent_setup_t)(pcd_cipher_transparent_context_t *p_context,
                                                        encrypt_or_decrypt_t direction,
                                                        const uint8_t *p_key_data,
                                                        size_t key_data_size);
@@ -685,7 +682,7 @@ typedef psa_status_t (*pcd_cipher_transparent_setup_t)(struct pcd_cipher_transpa
  * 
  * \retval PSA_SUCCESS
 */
-typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(struct pcd_cipher_transparent_context_t *p_context,
+typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(pcd_cipher_transparent_context_t *p_context,
                                                         const uint8_t *p_iv,
                                                         size_t iv_length);
 
@@ -714,7 +711,7 @@ typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(struct pcd_cipher_transp
  * 
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_cipher_transparent_update_t)(struct pcd_cipher_transparent_context_t *p_context,
+typedef psa_status_t (*pcd_cipher_transparent_update_t)(pcd_cipher_transparent_context_t *p_context,
                                                         const uint8_t *p_input,
                                                         size_t input_size,
                                                         uint8_t *p_output,
@@ -743,7 +740,7 @@ typedef psa_status_t (*pcd_cipher_transparent_update_t)(struct pcd_cipher_transp
  * 
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_cipher_transparent_finish_t)(struct pcd_cipher_transparent_context_t *p_context,
+typedef psa_status_t (*pcd_cipher_transparent_finish_t)(pcd_cipher_transparent_context_t *p_context,
                                                         uint8_t *p_output,
                                                         size_t output_size,
                                                         size_t *p_output_length);
@@ -765,7 +762,7 @@ typedef psa_status_t (*pcd_cipher_transparent_finish_t)(struct pcd_cipher_transp
  * 
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_cipher_transparent_abort_t)(struct pcd_cipher_transparent_context_t *p_context);
+typedef psa_status_t (*pcd_cipher_transparent_abort_t)(pcd_cipher_transparent_context_t *p_context);
 
 /**@}*/
 
@@ -790,9 +787,7 @@ typedef psa_status_t (*pcd_cipher_transparent_abort_t)(struct pcd_cipher_transpa
  * The contents of this structure are implementation dependent and are
  * therefore not described here
  */
-struct pcd_hash_context_t {
-    // Implementation specific
-};
+typedef struct pcd_hash_context_s pcd_hash_context_t;
 
 /** \brief The function prototype for the start operation of a hash (message
  * digest) operation
@@ -809,7 +804,7 @@ struct pcd_hash_context_t {
  * 
  * \retval  PSA_SUCCESS     Success.
  */
-typedef psa_status_t (*pcd_hash_setup_t)(struct pcd_hash_context_t *p_context);
+typedef psa_status_t (*pcd_hash_setup_t)(pcd_hash_context_t *p_context);
 
 /** \brief The function prototype for the update operation of a hash (message
  * digest) operation
@@ -828,7 +823,7 @@ typedef psa_status_t (*pcd_hash_setup_t)(struct pcd_hash_context_t *p_context);
  *                              to the hash operation
  * \param[in] input_length      The size in bytes of the input message buffer
  */
-typedef psa_status_t (*pcd_hash_update_t)(struct pcd_hash_context_t *p_context,
+typedef psa_status_t (*pcd_hash_update_t)(pcd_hash_context_t *p_context,
                                           const uint8_t *p_input,
                                           size_t input_length);
 
@@ -855,7 +850,7 @@ typedef psa_status_t (*pcd_hash_update_t)(struct pcd_hash_context_t *p_context,
  * \retval PSA_SUCCESS
  *          Success.
  */
-typedef psa_status_t (*pcd_hash_finish_t)(struct pcd_hash_context_t *p_context,
+typedef psa_status_t (*pcd_hash_finish_t)(pcd_hash_context_t *p_context,
                                           uint8_t *p_output,
                                           size_t output_size,
                                           size_t *p_output_length);
@@ -873,7 +868,7 @@ typedef psa_status_t (*pcd_hash_finish_t)(struct pcd_hash_context_t *p_context,
  * \param[in,out] p_context A hardware-specific structure for the previously
  *                          started hash operation to be aborted
  */
-typedef void (*pcd_hash_abort_t)(struct pcd_hash_context_t *p_context);
+typedef void (*pcd_hash_abort_t)(pcd_hash_context_t *p_context);
 
 /**@}*/
 
@@ -1431,9 +1426,7 @@ typedef psa_status_t (*psa_aead_transparent_decrypt_t)(const uint8_t *p_key,
 
 /** \brief A hardware-specific structure for a entropy providing hardware
  */
-struct pcd_entropy_context_t {
-    // Implementation specific
-};
+typedef struct pcd_entropy_context_s pcd_entropy_context_t;
 
 /** \brief Initialize an entropy driver
  *
@@ -1444,7 +1437,7 @@ struct pcd_entropy_context_t {
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_entropy_init_t)(struct pcd_entropy_context_t *p_context);
+typedef psa_status_t (*pcd_entropy_init_t)(pcd_entropy_context_t *p_context);
 
 /** \brief Get a specified number of bytes from the entropy source
  * 
@@ -1472,7 +1465,7 @@ typedef psa_status_t (*pcd_entropy_init_t)(struct pcd_entropy_context_t *p_conte
  * 
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_entropy_get_bytes_t)(struct pcd_entropy_context_t *p_context,
+typedef psa_status_t (*pcd_entropy_get_bytes_t)(pcd_entropy_context_t *p_context,
                                                 uint8_t *p_buffer,
                                                 uint32_t buffer_size,
                                                 uint32_t *p_received_entropy_bytes);
@@ -1508,18 +1501,22 @@ struct pcd_entropy_t {
  * This function can support any output from psa_export_key(). Refer to the
  * documentation of psa_export_key() for the format for each key type.
  *
- * \param[in] key_slot      Slot where the key will be stored. This must be a
- *                          valid slot for a key of the chosen type. It must
- *                          be unoccupied.
- * \param[in] type          Key type (a \c PSA_KEY_TYPE_XXX value).
- * \param[in] p_data        Buffer containing the key data.
- * \param[in] data_length   Size of the `data` buffer in bytes.
+ * \param[in] key_slot      Slot where the key will be stored
+ *                          This must be a valid slot for a key of the chosen
+ *                          type. It must be unoccupied.
+ * \param[in] type          Key type (a \c PSA_KEY_TYPE_XXX value)
+ * \param[in] algorithm     Key algorithm (a \c PSA_ALG_XXX value)
+ * \param[in] usage         The allowed uses of the key
+ * \param[in] p_data        Buffer containing the key data
+ * \param[in] data_length   Size of the `data` buffer in bytes
  *
  * \retval #PSA_SUCCESS
  *         Success.
  */
 typedef psa_status_t (*pcd_opaque_import_key_t)(psa_key_slot_t key_slot,
                                                 psa_key_type_t type,
+                                                psa_algorithm_t algorithm,
+                                                psa_key_usage_t usage,
                                                 const uint8_t *p_data,
                                                 size_t data_length);
 
@@ -1688,9 +1685,7 @@ struct pcd_key_management_t {
  * The contents of this structure are implementation dependent and are
  * therefore not described here
  */
-struct pcd_key_derivation_context_t {
-    // Implementation specific
-};
+typedef struct pcd_key_derivation_context_s pcd_key_derivation_context_t;
 
 /** \brief Set up a key derivation operation by specifying the algorithm and
  * the source key sot
@@ -1703,7 +1698,7 @@ struct pcd_key_derivation_context_t {
  * 
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_key_derivation_setup_t)(struct pcd_key_derivation_context_t *p_context,
+typedef psa_status_t (*pcd_key_derivation_setup_t)(pcd_key_derivation_context_t *p_context,
                                                    psa_algorithm_t kdf_alg,
                                                    psa_key_slot_t source_key);
 
@@ -1722,9 +1717,9 @@ typedef psa_status_t (*pcd_key_derivation_setup_t)(struct pcd_key_derivation_con
  * 
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_key_derivation_collateral_t)(struct pcd_key_derivation_context_t *p_context,
+typedef psa_status_t (*pcd_key_derivation_collateral_t)(pcd_key_derivation_context_t *p_context,
                                                          uint32_t collateral_id,
-                                                         const uint8_t p_collateral,
+                                                         const uint8_t *p_collateral,
                                                          size_t collateral_size);
 
 /** \brief Perform the final key derivation step and place the generated key
@@ -1736,7 +1731,7 @@ typedef psa_status_t (*pcd_key_derivation_collateral_t)(struct pcd_key_derivatio
  * 
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_key_derivation_derive_t)(struct pcd_key_derivation_context_t *p_context,
+typedef psa_status_t (*pcd_key_derivation_derive_t)(pcd_key_derivation_context_t *p_context,
                                                     psa_key_slot_t dest_key);
 
 /** \brief Perform the final step of a key agreement and place the generated

From 6f960ab063ee9d70f19e4fa56bb97cc1351a48b5 Mon Sep 17 00:00:00 2001
From: Derek Miller <derek.miller@arm.com>
Date: Tue, 23 Oct 2018 15:58:06 -0500
Subject: [PATCH 551/889] Additional fixes per comments in PR#92 in psa-crypto

---
 include/psa/crypto_driver.h | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h
index 19f5adaac..d2008b7c3 100644
--- a/include/psa/crypto_driver.h
+++ b/include/psa/crypto_driver.h
@@ -41,6 +41,9 @@ typedef uint32_t psa_key_slot_t;
 typedef uint32_t psa_key_type_t;
 typedef uint32_t psa_key_usage_t;
 
+#define PSA_CRYPTO_DRIVER_ENCRYPT 1
+#define PSA_CRYPTO_DRIVER_DECRYPT 0
+
 /** \defgroup opaque_mac Opaque Message Authentication Code
  * Generation and authentication of Message Authentication Codes (MACs) using
  * opaque keys can be done either as a single function call (via the 
@@ -1439,7 +1442,7 @@ typedef struct pcd_entropy_context_s pcd_entropy_context_t;
  */
 typedef psa_status_t (*pcd_entropy_init_t)(pcd_entropy_context_t *p_context);
 
-/** \brief Get a specified number of bytes from the entropy source
+/** \brief Get a specified number of bits from the entropy source
  * 
  * It retrives `buffer_size` bytes of data from the entropy source. The entropy
  * source will always fill the provided buffer to its full size, however, most
@@ -1458,17 +1461,17 @@ typedef psa_status_t (*pcd_entropy_init_t)(pcd_entropy_context_t *p_context);
  *                                          containing any context information
  *                                          for the implementation
  * \param[out] p_buffer                     A caller-allocated buffer for the
- *                                          retrieved bytes to be placed in
+ *                                          retrieved entropy to be placed in
  * \param[in] buffer_size                   The allocated size of `p_buffer`
- * \param[out] p_received_entropy_bytes     The amount of entropy (in bytes)
+ * \param[out] p_received_entropy_bits      The amount of entropy (in bits)
  *                                          actually provided in `p_buffer`
  * 
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_entropy_get_bytes_t)(pcd_entropy_context_t *p_context,
-                                                uint8_t *p_buffer,
-                                                uint32_t buffer_size,
-                                                uint32_t *p_received_entropy_bytes);
+typedef psa_status_t (*pcd_entropy_get_bits_t)(pcd_entropy_context_t *p_context,
+                                               uint8_t *p_buffer,
+                                               uint32_t buffer_size,
+                                               uint32_t *p_received_entropy_bits);
 
 /**
  * \brief A struct containing all of the function pointers needed to interface
@@ -1482,9 +1485,9 @@ typedef psa_status_t (*pcd_entropy_get_bytes_t)(pcd_entropy_context_t *p_context
 struct pcd_entropy_t {
     /** Function that performs initialization for the entropy source */
     pcd_entropy_init_t *p_init;
-    /** Function that performs the get_bytes operation for the entropy source
+    /** Function that performs the get_bits operation for the entropy source
     */
-    pcd_entropy_get_bytes_t *p_get_bytes;
+    pcd_entropy_get_bits_t *p_get_bits;
 };
 /**@}*/
 

From 8ffded300d7a0590de52530b9604069ec68a4279 Mon Sep 17 00:00:00 2001
From: Mohammad AboMokh <mohammad.abomokh@arm.com>
Date: Thu, 25 Oct 2018 13:49:38 +0300
Subject: [PATCH 552/889] Improve line coverage for asymmetric sign function by
 adding new bad scenarios

---
 tests/suites/test_suite_psa_crypto.data | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 0319782fa..25d9fba2b 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -742,6 +742,13 @@ PSA sign: deterministic ECDSA SECP256R1, invalid hash
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
 sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
 
+PSA sign: invalid key slot type
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+
+PSA sign: invalid algorithm for ECC key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_CCM:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+
 PSA sign/verify: RSA PKCS#1 v1.5, raw
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263"

From 87576c5c5afb58caf8896bc297e315bf205f2d96 Mon Sep 17 00:00:00 2001
From: Mohammad AboMokh <mohammad.abomokh@arm.com>
Date: Thu, 25 Oct 2018 13:49:59 +0300
Subject: [PATCH 553/889] Improve line coverage for asymmetric verify function
 by adding new bad scenarios

---
 tests/suites/test_suite_psa_crypto.data | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 25d9fba2b..b8a770932 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -821,6 +821,10 @@ PSA verify: ECDSA SECP256R1, wrong signature of correct size
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
 asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE
 
+PSA verify: invalid algorithm for ECC key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
+asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_CCM:"":"":PSA_ERROR_INVALID_ARGUMENT
+
 PSA encrypt: RSA PKCS#1 v1.5, good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS

From b46e7ca16bd1f06d3162d9ba8576cb44751f79f6 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Thu, 25 Oct 2018 14:46:09 +0300
Subject: [PATCH 554/889] add additional generator tests and generalize key
 derivation test

Key derivation test now uses an indirect way to test generator validity
as the direct way previously used isn't compatible with the PSA IPC
implementation. Additional bad path test for the generator added
to check basic bad-path scenarios.
---
 tests/suites/test_suite_psa_crypto.data     |  8 ++-
 tests/suites/test_suite_psa_crypto.function | 80 +++++++++++++++++----
 2 files changed, 72 insertions(+), 16 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 1a93a8929..39ac88839 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1209,9 +1209,13 @@ PSA key derivation: unsupported key derivation algorithm
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_CATEGORY_KEY_DERIVATION:"":"":42:PSA_ERROR_NOT_SUPPORTED
 
-PSA key derivation: bad arguments test
+PSA key derivation: invalid generator state ( double generate + read past capacity )
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-test_derive_invalid_generator:
+test_derive_invalid_generator_state:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"
+
+PSA key derivation:  invalid generator state ( call read/get_capacity after init and abort )
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+test_derive_invalid_generator_tests:
 
 PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index c6f49c007..65bec58c3 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -3086,25 +3086,77 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void test_derive_invalid_generator()
+void test_derive_invalid_generator_state( int key_type_arg, data_t *key_data)
 {
-    psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
     psa_key_slot_t base_key = 1;
+    size_t key_type = key_type_arg;
+    psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
     psa_algorithm_t alg = PSA_ALG_HKDF(PSA_ALG_SHA_256);
-    data_t salt;
-    data_t label;
-    size_t capacity = 0;
-    salt.x = NULL;
-    salt.len = 0;
-    label.x = NULL;
-    label.len = 0;
+    size_t capacity = 42;
+    uint8_t buffer[42];
+    psa_key_policy_t policy;
 
-    generator.alg = alg;
-    /* invalid generator.alg */
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+    TEST_ASSERT( psa_set_key_policy( base_key, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( base_key, key_type,
+                                 key_data->x,
+                                 key_data->len ) == PSA_SUCCESS );
+
+    /* valid key derivation */
     TEST_ASSERT(  psa_key_derivation( &generator, base_key, alg,
-                                     salt.x, salt.len,
-                                     label.x, label.len,
-                                     capacity ) == PSA_ERROR_BAD_STATE );
+                                      NULL, 0,
+                                      NULL, 0,
+                                      capacity ) == PSA_SUCCESS );
+
+    /* state of generator shouldn't allow additional generation */
+    TEST_ASSERT(  psa_key_derivation( &generator, base_key, alg,
+                                      NULL, 0,
+                                      NULL, 0,
+                                      capacity ) == PSA_ERROR_BAD_STATE );
+
+    TEST_ASSERT( psa_generator_read( &generator, buffer, capacity )
+                 == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_generator_read( &generator, buffer, capacity )
+                 == PSA_ERROR_INSUFFICIENT_CAPACITY );
+
+
+exit:
+    psa_generator_abort( &generator );
+    psa_destroy_key( base_key );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+
+/* BEGIN_CASE */
+void test_derive_invalid_generator_tests( )
+{
+    uint8_t output_buffer[16];
+    size_t buffer_size = 16;
+    size_t capacity = 0;
+    psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+
+    TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size)
+                 == PSA_ERROR_INSUFFICIENT_CAPACITY );
+
+    TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity )
+                 == PSA_ERROR_BAD_STATE );
+
+    TEST_ASSERT( psa_generator_abort(&generator) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size)
+                 == PSA_ERROR_INSUFFICIENT_CAPACITY );
+
+    TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity)
+                 == PSA_ERROR_BAD_STATE );
+
+exit:
+    psa_generator_abort( &generator );
 }
 /* END_CASE */
 

From 00646883f1cef7713e3e15c3228f5ea3d13f675f Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Fri, 26 Oct 2018 10:04:44 +0100
Subject: [PATCH 555/889] visualc: Add crypto_driver.h to project

A new header file for crypto drivers has been added, so we need to ensure
that the Visual Studio project files reference the new header.
---
 visualc/VS2010/mbedTLS.vcxproj | 1 +
 1 file changed, 1 insertion(+)

diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 4d8b92af1..301d3333f 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -225,6 +225,7 @@
     <ClInclude Include="..\..\include\mbedtls\x509_csr.h" />
     <ClInclude Include="..\..\include\mbedtls\xtea.h" />
     <ClInclude Include="..\..\include\psa\crypto.h" />
+    <ClInclude Include="..\..\include\psa\crypto_driver.h" />
     <ClInclude Include="..\..\include\psa\crypto_extra.h" />
     <ClInclude Include="..\..\include\psa\crypto_platform.h" />
     <ClInclude Include="..\..\include\psa\crypto_sizes.h" />

From d3d26aa6b2477e5d5b65da5a578458157fb22f7f Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Fri, 26 Oct 2018 10:07:32 +0100
Subject: [PATCH 556/889] psa: driver: Fix trailing whitespace issues

Remove all trailing whitespace from crypto_driver.h. Ensure there is a new
line at the end of crypto_driver.h.
---
 include/psa/crypto_driver.h | 250 ++++++++++++++++++------------------
 1 file changed, 125 insertions(+), 125 deletions(-)

diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h
index d2008b7c3..9bf00d513 100644
--- a/include/psa/crypto_driver.h
+++ b/include/psa/crypto_driver.h
@@ -1,7 +1,7 @@
 /**
  * \file psa/crypto_driver.h
  * \brief Platform Security Architecture cryptographic driver module
- * 
+ *
  * This file describes an API for driver developers to implement to enable
  * hardware to be called in a standardized way by a PSA Cryptographic API
  * implementation. The API described is not intended to be called by
@@ -31,7 +31,7 @@
 #include <stdint.h>
 
 /** The following types are redefinitions from the psa/crypto.h file.
- * It is intended that these will be moved to a new common header file to 
+ * It is intended that these will be moved to a new common header file to
  * avoid duplication. They are included here for expediency in publication.
  */
 typedef uint32_t psa_status_t;
@@ -46,7 +46,7 @@ typedef uint32_t psa_key_usage_t;
 
 /** \defgroup opaque_mac Opaque Message Authentication Code
  * Generation and authentication of Message Authentication Codes (MACs) using
- * opaque keys can be done either as a single function call (via the 
+ * opaque keys can be done either as a single function call (via the
  * `pcd_mac_opaque_generate_t` or `psa_mac_opaque_verify_t` functions), or in
  * parts using the following sequence:
  * - `psa_mac_opaque_setup_t`
@@ -54,23 +54,23 @@ typedef uint32_t psa_key_usage_t;
  * - `psa_mac_opaque_update_t`
  * - ...
  * - `psa_mac_opaque_finish_t` or `psa_mac_opaque_finish_verify_t`
- * 
- * If a previously started Opaque MAC operation needs to be terminated, it 
+ *
+ * If a previously started Opaque MAC operation needs to be terminated, it
  * should be done so by the `psa_mac_opaque_abort_t`. Failure to do so may
  * result in allocated resources not being freed or in other undefined
  * behavior.
  */
 /**@{*/
-/** \brief A function that starts a MAC operation for a PSA Crypto Driver 
+/** \brief A function that starts a MAC operation for a PSA Crypto Driver
  * implementation using an opaque key
- * 
- * \param[in,out] p_context     A structure that will contain the 
+ *
+ * \param[in,out] p_context     A structure that will contain the
  *                              hardware-specific MAC context
  * \param[in] key_slot          The slot of the key to be used for the
  *                              operation
- * \param[in] algorithm         The algorithm to be used to underly the MAC 
+ * \param[in] algorithm         The algorithm to be used to underly the MAC
  *                              operation
- * 
+ *
  * \retval  PSA_SUCCESS
  *          Success.
  */
@@ -80,7 +80,7 @@ typedef psa_status_t (*pcd_mac_opaque_setup_t)(void *p_context,
 
 /** \brief A function that continues a previously started MAC operation using
  * an opaque key
- * 
+ *
  * \param[in,out] p_context     A hardware-specific structure for the
  *                              previously-established MAC operation to be
  *                              continued
@@ -94,9 +94,9 @@ typedef psa_status_t (*pcd_mac_opaque_update_t)(void *p_context,
 
 /** \brief a function that completes a previously started MAC operation by
  * returning the resulting MAC using an opaque key
- * 
- * \param[in,out] p_context     A hardware-specific structure for the 
- *                              previously started MAC operation to be 
+ *
+ * \param[in,out] p_context     A hardware-specific structure for the
+ *                              previously started MAC operation to be
  *                              finished
  * \param[out] p_mac            A buffer where the generated MAC will be
  *                              placed
@@ -104,7 +104,7 @@ typedef psa_status_t (*pcd_mac_opaque_update_t)(void *p_context,
  *                              allocated for the `output` buffer
  * \param[out] p_mac_length     After completion, will contain the number of
  *                              bytes placed in the `p_mac` buffer
- * 
+ *
  * \retval PSA_SUCCESS
  *          Success.
  */
@@ -115,13 +115,13 @@ typedef psa_status_t (*pcd_mac_opaque_finish_t)(void *p_context,
 
 /** \brief A function that completes a previously started MAC operation by
  * comparing the resulting MAC against a known value using an opaque key
- * 
+ *
  * \param[in,out] p_context A hardware-specific structure for the previously
  *                          started MAC operation to be fiinished
  * \param[in] p_mac         The MAC value against which the resulting MAC will
  *                          be compared against
  * \param[in] mac_length    The size in bytes of the value stored in `p_mac`
- * 
+ *
  * \retval PSA_SUCCESS
  *         The operation completed successfully and the MACs matched each
  *         other
@@ -142,7 +142,7 @@ typedef psa_status_t (*pcd_mac_opaque_abort_t)(void *p_context);
 
 /** \brief A function that performs a MAC operation in one command and returns
  * the calculated MAC using an opaque key
- * 
+ *
  * \param[in] p_input           A buffer containing the message to be MACed
  * \param[in] input_length      The size in bytes of `p_input`
  * \param[in] key_slot          The slot of the key to be used
@@ -153,7 +153,7 @@ typedef psa_status_t (*pcd_mac_opaque_abort_t)(void *p_context);
  * \param[in] mac_size          The size in bytes of the `p_mac` buffer
  * \param[out] p_mac_length     After completion, will contain the number of
  *                              bytes placed in the `output` buffer
- * 
+ *
  * \retval PSA_SUCCESS
  *         Success.
  */
@@ -167,7 +167,7 @@ typedef psa_status_t (*pcd_mac_opaque_generate_t)(const uint8_t *p_input,
 
 /** \brief A function that performs an MAC operation in one command and
  * compare the resulting MAC against a known value using an opaque key
- * 
+ *
  * \param[in] p_input       A buffer containing the message to be MACed
  * \param[in] input_length  The size in bytes of `input`
  * \param[in] key_slot      The slot of the key to be used
@@ -176,7 +176,7 @@ typedef psa_status_t (*pcd_mac_opaque_generate_t)(const uint8_t *p_input,
  * \param[in] p_mac         The MAC value against which the resulting MAC will
  *                          be compared against
  * \param[in] mac_length   The size in bytes of `mac`
- * 
+ *
  * \retval PSA_SUCCESS
  *         The operation completed successfully and the MACs matched each
  *         other
@@ -193,18 +193,18 @@ typedef psa_status_t (*pcd_mac_opaque_verify_t)(const uint8_t *p_input,
 
 /** \brief A struct containing all of the function pointers needed to
  * implement MAC operations using opaque keys.
- * 
+ *
  * PSA Crypto API implementations should populate the table as appropriate
  * upon startup.
  *
  * If one of the functions is not implemented (such as
  * `pcd_mac_opaque_generate_t`), it should be set to NULL.
- * 
+ *
  * Driver implementers should ensure that they implement all of the functions
  * that make sense for their hardware, and that they provide a full solution
  * (for example, if they support `p_setup`, they should also support
  * `p_update` and at least one of `p_finish` or `p_finish_verify`).
- * 
+ *
  */
 struct pcd_mac_opaque_t {
     /**The size in bytes of the hardware-specific Opaque-MAC Context structure
@@ -236,7 +236,7 @@ struct pcd_mac_opaque_t {
 
 /** \defgroup transparent_mac Transparent Message Authentication Code
  * Generation and authentication of Message Authentication Codes (MACs) using
- * transparent keys can be done either as a single function call (via the 
+ * transparent keys can be done either as a single function call (via the
  * `pcd_mac_transparent_generate_t` or `psa_mac_transparent_verify_t`
  * functions), or in parts using the following sequence:
  * - `psa_mac_transparent_setup_t`
@@ -244,12 +244,12 @@ struct pcd_mac_opaque_t {
  * - `psa_mac_transparent_update_t`
  * - ...
  * - `psa_mac_transparent_finish_t` or `psa_mac_transparent_finish_verify_t`
- * 
- * If a previously started Transparent MAC operation needs to be terminated, it 
+ *
+ * If a previously started Transparent MAC operation needs to be terminated, it
  * should be done so by the `psa_mac_transparent_abort_t`. Failure to do so may
  * result in allocated resources not being freed or in other undefined
  * behavior.
- * 
+ *
  */
 /**@{*/
 
@@ -262,7 +262,7 @@ typedef struct pcd_mac_transparent_context_s pcd_mac_transparent_context_t;
 
 /** \brief The function prototype for the setup operation of a
  * transparent-key MAC operation
- * 
+ *
  *  Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
@@ -270,13 +270,13 @@ typedef struct pcd_mac_transparent_context_s pcd_mac_transparent_context_t;
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying primitive, and `MAC_VARIANT`
  * is the specific variant of a MAC operation (such as HMAC or CMAC)
- * 
- * \param[in,out] p_context     A structure that will contain the 
+ *
+ * \param[in,out] p_context     A structure that will contain the
  *                              hardware-specific MAC context
  * \param[in] p_key             A buffer containing the cleartext key material
  *                              to be used in the operation
  * \param[in] key_length        The size in bytes of the key material
- * 
+ *
  * \retval  PSA_SUCCESS
  *          Success.
  */
@@ -294,7 +294,7 @@ typedef psa_status_t (*pcd_mac_transparent_setup_t)(pcd_mac_transparent_context_
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT`
  * is the specific variant of a MAC operation (such as HMAC or CMAC)
- * 
+ *
  * \param[in,out] p_context     A hardware-specific structure for the
  *                              previously-established MAC operation to be
  *                              continued
@@ -308,7 +308,7 @@ typedef psa_status_t (*pcd_mac_transparent_update_t)(pcd_mac_transparent_context
 
 /** \brief  The function prototype for the finish operation of a
  * transparent-key MAC operation
- * 
+ *
  * Functions that implement the prototype should be named in the following
  *  convention:
  * ~~~~~~~~~~~~~{.c}
@@ -316,14 +316,14 @@ typedef psa_status_t (*pcd_mac_transparent_update_t)(pcd_mac_transparent_context
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
  * the specific variant of a MAC operation (such as HMAC or CMAC)
- * 
+ *
  * \param[in,out] p_context     A hardware-specific structure for the
  *                              previously started MAC operation to be
  *                              finished
  * \param[out] p_mac            A buffer where the generated MAC will be placed
  * \param[in] mac_length        The size in bytes of the buffer that has been
  *                              allocated for the `p_mac` buffer
- * 
+ *
  * \retval PSA_SUCCESS
  *          Success.
  */
@@ -333,7 +333,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_t)(pcd_mac_transparent_context
 
 /** \brief The function prototype for the finish and verify operation of a
  * transparent-key MAC operation
- * 
+ *
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
@@ -341,7 +341,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_t)(pcd_mac_transparent_context
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
  * the specific variant of a MAC operation (such as HMAC or CMAC)
- * 
+ *
  * \param[in,out] p_context     A hardware-specific structure for the
  *                              previously started MAC operation to be
  *                              verified and finished
@@ -349,7 +349,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_t)(pcd_mac_transparent_context
  *                              for verification
  * \param[in] mac_length        The size in bytes of the data in the `p_mac`
  *                              buffer
- * 
+ *
  * \retval PSA_SUCCESS
  *          The operation completed successfully and the comparison matched
  */
@@ -359,7 +359,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(pcd_mac_transparent_
 
 /** \brief The function prototype for the abort operation for a previously
  * started transparent-key MAC operation
- * 
+ *
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
@@ -367,25 +367,25 @@ typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(pcd_mac_transparent_
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
  * the specific variant of a MAC operation (such as HMAC or CMAC)
- * 
+ *
  * \param[in,out] p_context     A hardware-specific structure for the
  *                              previously started MAC operation to be
  *                              aborted
- * 
+ *
  */
 typedef psa_status_t (*pcd_mac_transparent_abort_t)(pcd_mac_transparent_context_t *p_context);
 
 /** \brief The function prototype for a one-shot operation of a transparent-key
  * MAC operation
- * 
+ *
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
  * pcd_mac_transparent_<ALGO>_<MAC_VARIANT>
  * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is 
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
  * the specific variant of a MAC operation (such as HMAC or CMAC)
- * 
+ *
  * \param[in] p_input        A buffer containing the data to be MACed
  * \param[in] input_length   The length in bytes of the `p_input` data
  * \param[in] p_key          A buffer containing the key material to be used
@@ -406,7 +406,7 @@ typedef psa_status_t (*pcd_mac_transparent_t)(const uint8_t *p_input,
 
 /** \brief The function prototype for a one-shot operation of a transparent-key
  * MAC Verify operation
- * 
+ *
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
@@ -414,7 +414,7 @@ typedef psa_status_t (*pcd_mac_transparent_t)(const uint8_t *p_input,
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
  * the specific variant of a MAC operation (such as HMAC or CMAC)
- * 
+ *
  * \param[in] p_input        A buffer containing the data to be MACed
  * \param[in] input_length   The length in bytes of the `p_input` data
  * \param[in] p_key          A buffer containing the key material to be used
@@ -423,7 +423,7 @@ typedef psa_status_t (*pcd_mac_transparent_t)(const uint8_t *p_input,
  * \param[in] alg            The algorithm to be performed
  * \param[in] p_mac          The MAC data to be compared
  * \param[in] mac_length     The length in bytes of the `p_mac` buffer
- * 
+ *
  * \retval PSA_SUCCESS
  *  The operation completed successfully and the comparison matched
  */
@@ -437,7 +437,7 @@ typedef psa_status_t (*pcd_mac_transparent_verify_t)(const uint8_t *p_input,
 /**@}*/
 
 /** \defgroup opaque_cipher Opaque Symmetric Ciphers
- * 
+ *
  * Encryption and Decryption using opaque keys in block modes other than ECB
  * must be done in multiple parts, using the following flow:
  * - `pcd_cipher_opaque_setup_t`
@@ -446,11 +446,11 @@ typedef psa_status_t (*pcd_mac_transparent_verify_t)(const uint8_t *p_input,
  * - ...
  * - `pcd_cipher_opaque_finish_t`
 
- * If a previously started Opaque Cipher operation needs to be terminated, it 
+ * If a previously started Opaque Cipher operation needs to be terminated, it
  * should be done so by the `psa_cipher_opaque_abort_t`. Failure to do so may
  * result in allocated resources not being freed or in other undefined
  * behavior.
- * 
+ *
  * In situations where a PSA Cryptographic API implementation is using a block
  * mode not-supported by the underlying hardware or driver, it can construct
  * the block mode itself, while calling the `pcd_cipher_opaque_ecb_t` function
@@ -469,7 +469,7 @@ typedef psa_status_t (*pcd_mac_transparent_verify_t)(const uint8_t *p_input,
  *                              operation
  * \param[in] direction         Indicates whether the operation is an encrypt
  *                              or decrypt
- * 
+ *
  * \retval PSA_SUCCESS
  * \retval PSA_ERROR_NOT_SUPPORTED
  */
@@ -480,17 +480,17 @@ typedef psa_status_t (*pcd_cipher_opaque_setup_t)(void *p_context,
 
 /** \brief A function pointer that sets the initialization vector (if
  * necessary) for an opaque cipher operation
- * 
+ *
  * Rationale: The `psa_cipher_*` function in the PSA Cryptographic API has two
  * IV functions: one to set the IV, and one to generate it internally. The
  * generate function is not necessary for the driver API as the PSA Crypto
  * implementation can do the generation using its RNG features.
- * 
+ *
  * \param[in,out] p_context     A structure that contains the previously set up
  *                              hardware-specific cipher context
  * \param[in] p_iv              A buffer containing the initialization vector
  * \param[in] iv_length         The size (in bytes) of the `p_iv` buffer
- * 
+ *
  * \retval PSA_SUCCESS
  */
 typedef psa_status_t (*pcd_cipher_opaque_set_iv_t)(void *p_context,
@@ -499,7 +499,7 @@ typedef psa_status_t (*pcd_cipher_opaque_set_iv_t)(void *p_context,
 
 /** \brief A function that continues a previously started opaque-key cipher
  * operation
- * 
+ *
  * \param[in,out] p_context         A hardware-specific structure for the
  *                                  previously started cipher operation
  * \param[in] p_input               A buffer containing the data to be
@@ -512,7 +512,7 @@ typedef psa_status_t (*pcd_cipher_opaque_set_iv_t)(void *p_context,
  *                                  `p_output` buffer
  * \param[out] p_output_length      After completion, will contain the number
  *                                  of bytes placed in the `p_output` buffer
- * 
+ *
  * \retval PSA_SUCCESS
  */
 typedef psa_status_t (*pcd_cipher_opaque_update_t)(void *p_context,
@@ -533,7 +533,7 @@ typedef psa_status_t (*pcd_cipher_opaque_update_t)(void *p_context,
  *                              buffer
  * \param[out] p_output_length  After completion, will contain the number of
  *                              bytes placed in the `p_output` buffer
- * 
+ *
  * \retval PSA_SUCCESS
  */
 typedef psa_status_t (*pcd_cipher_opaque_finish_t)(void *p_context,
@@ -551,10 +551,10 @@ typedef psa_status_t (*pcd_cipher_opaque_abort_t)(void *p_context);
 
 /** \brief A function that performs the ECB block mode for opaque-key cipher
  * operations
- * 
+ *
  * Note: this function should only be used with implementations that do not
  * provide a needed higher-level operation.
- * 
+ *
  * \param[in] key_slot      The slot of the key to be used for the operation
  * \param[in] algorithm     The algorithm to be used in the cipher operation
  * \param[in] direction     Indicates whether the operation is an encrypt or
@@ -567,7 +567,7 @@ typedef psa_status_t (*pcd_cipher_opaque_abort_t)(void *p_context);
  *                          be placed
  * \param[in] output_size   The allocated size in bytes of the `p_output`
  *                          buffer
- * 
+ *
  * \retval PSA_SUCCESS
  * \retval PSA_ERROR_NOT_SUPPORTED
  */
@@ -582,10 +582,10 @@ typedef psa_status_t (*pcd_cipher_opaque_ecb_t)(psa_key_slot_t key_slot,
 /**
  * \brief A struct containing all of the function pointers needed to implement
  * cipher operations using opaque keys.
- * 
+ *
  * PSA Crypto API implementations should populate instances of the table as
  * appropriate upon startup.
- * 
+ *
  * If one of the functions is not implemented (such as
  * `pcd_cipher_opaque_ecb_t`), it should be set to NULL.
  */
@@ -630,7 +630,7 @@ struct pcd_cipher_opaque_t {
 /**@{*/
 
 /** \brief The hardware-specific transparent-key Cipher context structure
- * 
+ *
  * The contents of this structure are implementation dependent and are
  * therefore not described here.
  */
@@ -651,7 +651,7 @@ typedef struct pcd_cipher_transparent_context_s pcd_cipher_transparent_context_t
  * pcd_cipher_transparent_setup_<CIPHER_NAME>
  * ~~~~~~~~~~~~~
  * Where `CIPHER_NAME` is the name of a stream cipher (i.e. RC4)
- * 
+ *
  * \param[in,out] p_context     A structure that will contain the
  *                              hardware-specific cipher context
  * \param[in] direction         Indicates if the operation is an encrypt or a
@@ -659,7 +659,7 @@ typedef struct pcd_cipher_transparent_context_s pcd_cipher_transparent_context_t
  * \param[in] p_key_data        A buffer containing the cleartext key material
  *                              to be used in the operation
  * \param[in] key_data_size     The size in bytes of the key material
- * 
+ *
  * \retval PSA_SUCCESS
  */
 typedef psa_status_t (*pcd_cipher_transparent_setup_t)(pcd_cipher_transparent_context_t *p_context,
@@ -677,12 +677,12 @@ typedef psa_status_t (*pcd_cipher_transparent_setup_t)(pcd_cipher_transparent_co
  * Where
  * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
  * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
- * 
+ *
  * \param[in,out] p_context     A structure that contains the previously setup
  *                              hardware-specific cipher context
  * \param[in] p_iv              A buffer containing the initialization vecotr
  * \param[in] iv_length         The size in bytes of the contents of `p_iv`
- * 
+ *
  * \retval PSA_SUCCESS
 */
 typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(pcd_cipher_transparent_context_t *p_context,
@@ -700,7 +700,7 @@ typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(pcd_cipher_transparent_c
  * Where
  * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
  * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
- * 
+ *
  * \param[in,out] p_context         A hardware-specific structure for the
  *                                  previously started cipher operation
  * \param[in] p_input               A buffer containing the data to be
@@ -711,7 +711,7 @@ typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(pcd_cipher_transparent_c
  * \param[in] output_size           The size in bytes of the `p_output` buffer
  * \param[out] p_output_length      After completion, will contain the number
  *                                  of bytes placed in the `p_output` buffer
- * 
+ *
  * \retval PSA_SUCCESS
  */
 typedef psa_status_t (*pcd_cipher_transparent_update_t)(pcd_cipher_transparent_context_t *p_context,
@@ -740,7 +740,7 @@ typedef psa_status_t (*pcd_cipher_transparent_update_t)(pcd_cipher_transparent_c
  * \param[in] output_size       The size in bytes of the `p_output` buffer
  * \param[out] p_output_length  After completion, will contain the number of
  *                              bytes placed in the `p_output` buffer
- * 
+ *
  * \retval PSA_SUCCESS
  */
 typedef psa_status_t (*pcd_cipher_transparent_finish_t)(pcd_cipher_transparent_context_t *p_context,
@@ -750,7 +750,7 @@ typedef psa_status_t (*pcd_cipher_transparent_finish_t)(pcd_cipher_transparent_c
 
 /** \brief The function prototype for the abort operation of transparent-key
  * block cipher operations.
- * 
+ *
  *  Functions that implement the following prototype should be named in the
  * following convention:
  * ~~~~~~~~~~~~~{.c}
@@ -759,10 +759,10 @@ typedef psa_status_t (*pcd_cipher_transparent_finish_t)(pcd_cipher_transparent_c
  * Where
  * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
  * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
- * 
+ *
  * \param[in,out] p_context     A hardware-specific structure for the
  *                              previously started cipher operation
- * 
+ *
  * \retval PSA_SUCCESS
  */
 typedef psa_status_t (*pcd_cipher_transparent_abort_t)(pcd_cipher_transparent_context_t *p_context);
@@ -770,14 +770,14 @@ typedef psa_status_t (*pcd_cipher_transparent_abort_t)(pcd_cipher_transparent_co
 /**@}*/
 
 /** \defgroup driver_digest Message Digests
- * 
+ *
  * Generation and authentication of Message Digests (aka hashes) must be done
  * in parts using the following sequence:
  * - `psa_hash_setup_t`
  * - `psa_hash_update_t`
  * - ...
  * - `psa_hash_finish_t`
- * 
+ *
  * If a previously started Message Digest operation needs to be terminated
  * before the `psa_hash_finish_t` operation is complete, it should be aborted
  * by the `psa_hash_abort_t`. Failure to do so may result in allocated
@@ -786,7 +786,7 @@ typedef psa_status_t (*pcd_cipher_transparent_abort_t)(pcd_cipher_transparent_co
 /**@{*/
 
 /** \brief The hardware-specific hash context structure
- * 
+ *
  * The contents of this structure are implementation dependent and are
  * therefore not described here
  */
@@ -794,17 +794,17 @@ typedef struct pcd_hash_context_s pcd_hash_context_t;
 
 /** \brief The function prototype for the start operation of a hash (message
  * digest) operation
- * 
+ *
  *  Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
  * pcd_hash_<ALGO>_setup
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying hash function
- * 
+ *
  * \param[in,out] p_context     A structure that will contain the
  * hardware-specific hash context
- * 
+ *
  * \retval  PSA_SUCCESS     Success.
  */
 typedef psa_status_t (*pcd_hash_setup_t)(pcd_hash_context_t *p_context);
@@ -818,7 +818,7 @@ typedef psa_status_t (*pcd_hash_setup_t)(pcd_hash_context_t *p_context);
  * pcd_hash_<ALGO>_update
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm
- * 
+ *
  * \param[in,out] p_context     A hardware-specific structure for the
  *                              previously-established hash operation to be
  *                              continued
@@ -832,14 +832,14 @@ typedef psa_status_t (*pcd_hash_update_t)(pcd_hash_context_t *p_context,
 
 /** \brief  The prototype for the finish operation of a hash (message digest)
  * operation
- * 
+ *
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
  * pcd_hash_<ALGO>_finish
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm
- * 
+ *
  * \param[in,out] p_context     A hardware-specific structure for the
  *                              previously started hash operation to be
  *                              fiinished
@@ -849,7 +849,7 @@ typedef psa_status_t (*pcd_hash_update_t)(pcd_hash_context_t *p_context,
  *                              allocated for the `p_output` buffer
  * \param[out] p_output_length  The number of bytes placed in `p_output` after
  *                              success
- * 
+ *
  * \retval PSA_SUCCESS
  *          Success.
  */
@@ -860,14 +860,14 @@ typedef psa_status_t (*pcd_hash_finish_t)(pcd_hash_context_t *p_context,
 
 /** \brief The function prototype for the abort operation of a hash (message
  * digest) operation
- * 
+ *
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
  * pcd_hash_<ALGO>_abort
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm
- * 
+ *
  * \param[in,out] p_context A hardware-specific structure for the previously
  *                          started hash operation to be aborted
  */
@@ -877,7 +877,7 @@ typedef void (*pcd_hash_abort_t)(pcd_hash_context_t *p_context);
 
 
 /** \defgroup opaque_asymmetric Opaque Asymmetric Cryptography
- * 
+ *
  * Since the amount of data that can (or should) be encrypted or signed using
  * asymmetric keys is limited by the key size, asymmetric key operations using
  * opaque keys must be done in single function calls.
@@ -1009,10 +1009,10 @@ typedef psa_status_t (*pcd_asymmetric_opaque_decrypt_t)(psa_key_slot_t key_slot,
 /**
  * \brief A struct containing all of the function pointers needed to implement
  * asymmetric cryptographic operations using opaque keys.
- * 
+ *
  * PSA Crypto API implementations should populate instances of the table as
  * appropriate upon startup.
- * 
+ *
  * If one of the functions is not implemented, it should be set to NULL.
  */
 struct pcd_asymmetric_opaque_t {
@@ -1040,14 +1040,14 @@ struct pcd_asymmetric_opaque_t {
 /**
  * \brief A function that signs a hash or short message with a transparent
  * asymmetric private key
- * 
+ *
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
  * pcd_asymmetric_<ALGO>_sign
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the signing algorithm
- * 
+ *
  * \param[in] p_key                 A buffer containing the private key
  *                                  material
  * \param[in] key_size              The size in bytes of the `p_key` data
@@ -1080,8 +1080,8 @@ typedef psa_status_t (*pcd_asymmetric_transparent_sign_t)(const uint8_t *p_key,
  * ~~~~~~~~~~~~~{.c}
  * pcd_asymmetric_<ALGO>_verify
  * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the signing algorithm 
- * 
+ * Where `ALGO` is the name of the signing algorithm
+ *
  * \param[in] p_key             A buffer containing the public key material
  * \param[in] key_size          The size in bytes of the `p_key` data
  * \param[in] alg               A signature algorithm that is compatible with
@@ -1113,7 +1113,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_verify_t)(const uint8_t *p_key
  * pcd_asymmetric_<ALGO>_encrypt
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the encryption algorithm
- * 
+ *
  * \param[in] p_key             A buffer containing the public key material
  * \param[in] key_size          The size in bytes of the `p_key` data
  * \param[in] alg               An asymmetric encryption algorithm that is
@@ -1159,7 +1159,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)(const uint8_t *p_ke
  * pcd_asymmetric_<ALGO>_decrypt
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the encryption algorithm
- * 
+ *
  * \param[in] p_key             A buffer containing the private key material
  * \param[in] key_size          The size in bytes of the `p_key` data
  * \param[in] alg               An asymmetric encryption algorithm that is
@@ -1200,7 +1200,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_decrypt_t)(const uint8_t *p_ke
 
 /** \defgroup aead_opaque AEAD Opaque
  * Authenticated Encryption with Additional Data (AEAD) operations with opaque
- * keys must be done in one function call. While this creates a burden for 
+ * keys must be done in one function call. While this creates a burden for
  * implementers as there must be sufficient space in memory for the entire
  * message, it prevents decrypted data from being made available before the
  * authentication operation is complete and the data is known to be authentic.
@@ -1291,10 +1291,10 @@ typedef psa_status_t (*psa_aead_opaque_decrypt_t)(psa_key_slot_t key_slot,
 /**
  * \brief A struct containing all of the function pointers needed to implement
  * Authenticated Encryption with Additional Data operations using opaque keys
- * 
+ *
  * PSA Crypto API implementations should populate instances of the table as
  * appropriate upon startup.
- * 
+ *
  * If one of the functions is not implemented, it should be set to NULL.
  */
 struct psa_aead_opaque_t {
@@ -1306,7 +1306,7 @@ struct psa_aead_opaque_t {
 /**@}*/
 
 /** \defgroup aead_transparent AEAD Transparent
- * 
+ *
  * Authenticated Encryption with Additional Data (AEAD) operations with
  * transparent keys must be done in one function call. While this creates a
  * burden for implementers as there must be sufficient space in memory for the
@@ -1317,7 +1317,7 @@ struct psa_aead_opaque_t {
 /**@{*/
 
 /** Process an authenticated encryption operation using an opaque key.
- * 
+ *
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
@@ -1354,7 +1354,7 @@ struct psa_aead_opaque_t {
  *                                      the `ciphertext` buffer
  *
  * \retval #PSA_SUCCESS
- 
+
  */
 typedef psa_status_t (*psa_aead_transparent_encrypt_t)(const uint8_t *p_key,
                                                        size_t key_length,
@@ -1370,7 +1370,7 @@ typedef psa_status_t (*psa_aead_transparent_encrypt_t)(const uint8_t *p_key,
                                                        size_t *ciphertext_length);
 
 /** Process an authenticated decryption operation using an opaque key.
- * 
+ *
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
@@ -1433,7 +1433,7 @@ typedef struct pcd_entropy_context_s pcd_entropy_context_t;
 
 /** \brief Initialize an entropy driver
  *
- * 
+ *
  * \param[in,out] p_context             A hardware-specific structure
  *                                      containing any context information for
  *                                      the implementation
@@ -1443,7 +1443,7 @@ typedef struct pcd_entropy_context_s pcd_entropy_context_t;
 typedef psa_status_t (*pcd_entropy_init_t)(pcd_entropy_context_t *p_context);
 
 /** \brief Get a specified number of bits from the entropy source
- * 
+ *
  * It retrives `buffer_size` bytes of data from the entropy source. The entropy
  * source will always fill the provided buffer to its full size, however, most
  * entropy sources have biases, and the actual amount of entropy contained in
@@ -1456,7 +1456,7 @@ typedef psa_status_t (*pcd_entropy_init_t)(pcd_entropy_context_t *p_context);
  * To accomplish this, the PSA Crypto implementation should be designed to call
  * this function multiple times until it has received the required amount of
  * entropy from the entropy source.
- * 
+ *
  * \param[in,out] p_context                 A hardware-specific structure
  *                                          containing any context information
  *                                          for the implementation
@@ -1465,7 +1465,7 @@ typedef psa_status_t (*pcd_entropy_init_t)(pcd_entropy_context_t *p_context);
  * \param[in] buffer_size                   The allocated size of `p_buffer`
  * \param[out] p_received_entropy_bits      The amount of entropy (in bits)
  *                                          actually provided in `p_buffer`
- * 
+ *
  * \retval PSA_SUCCESS
  */
 typedef psa_status_t (*pcd_entropy_get_bits_t)(pcd_entropy_context_t *p_context,
@@ -1476,10 +1476,10 @@ typedef psa_status_t (*pcd_entropy_get_bits_t)(pcd_entropy_context_t *p_context,
 /**
  * \brief A struct containing all of the function pointers needed to interface
  * to an entropy source
- * 
+ *
  * PSA Crypto API implementations should populate instances of the table as
  * appropriate upon startup.
- * 
+ *
  * If one of the functions is not implemented, it should be set to NULL.
  */
 struct pcd_entropy_t {
@@ -1615,10 +1615,10 @@ typedef psa_status_t (*pcd_export_public_key_t)(psa_key_slot_t key,
 /**
  * \brief A struct containing all of the function pointers needed to for key
  * management using opaque keys
- * 
+ *
  * PSA Crypto API implementations should populate instances of the table as
  * appropriate upon startup.
- * 
+ *
  * If one of the functions is not implemented, it should be set to NULL.
  */
 struct pcd_key_management_t {
@@ -1643,14 +1643,14 @@ struct pcd_key_management_t {
  * material.
  * The flows are similar, and the PSA Crypto Driver API uses the same functions
  * for both of the flows.
- * 
+ *
  * There are two different final functions for the flows,
  * `pcd_key_derivation_derive` and `pcd_key_derivation_export`.
  * `pcd_key_derivation_derive` is used when the key material should be placed
  * in a slot on the hardware and not exposed to the caller.
  * `pcd_key_derivation_export` is used when the key material should be returned
  * to the PSA Cryptographic API implementation.
- * 
+ *
  * Different key derivation algorithms require a different number of inputs.
  * Instead of having an API that takes as input variable length arrays, which
  * can be problemmatic to manage on embedded platforms, the inputs are passed
@@ -1671,7 +1671,7 @@ struct pcd_key_management_t {
  *                               collateral_2_size);
  * pcd_key_derivation_derive();
  * ~~~~~~~~~~~~~
- * 
+ *
  * key agreement example:
  * ~~~~~~~~~~~~~{.c}
  * pcd_key_derivation_setup(alg, source_key. dest_key_size_bytes);
@@ -1684,7 +1684,7 @@ struct pcd_key_management_t {
 /**@{*/
 
 /** \brief The hardware-specific key derivation context structure
- * 
+ *
  * The contents of this structure are implementation dependent and are
  * therefore not described here
  */
@@ -1692,13 +1692,13 @@ typedef struct pcd_key_derivation_context_s pcd_key_derivation_context_t;
 
 /** \brief Set up a key derivation operation by specifying the algorithm and
  * the source key sot
- * 
+ *
  * \param[in,out] p_context A hardware-specific structure containing any
  *                          context information for the implementation
  * \param[in] kdf_alg       The algorithm to be used for the key derivation
  * \param[in] souce_key     The key to be used as the source material for the
  *                          key derivation
- * 
+ *
  * \retval PSA_SUCCESS
  */
 typedef psa_status_t (*pcd_key_derivation_setup_t)(pcd_key_derivation_context_t *p_context,
@@ -1707,17 +1707,17 @@ typedef psa_status_t (*pcd_key_derivation_setup_t)(pcd_key_derivation_context_t
 
 /** \brief Provide collateral (parameters) needed for a key derivation or key
  * agreement operation
- * 
+ *
  * Since many key derivation algorithms require multiple parameters, it is
  * expeced that this function may be called multiple times for the same
  * operation, each with a different algorithm-specific `collateral_id`
- * 
+ *
  * \param[in,out] p_context     A hardware-specific structure containing any
  *                              context information for the implementation
  * \param[in] collateral_id     An ID for the collateral being provided
  * \param[in] p_collateral      A buffer containing the collateral data
  * \param[in] collateral_size   The size in bytes of the collateral
- * 
+ *
  * \retval PSA_SUCCESS
  */
 typedef psa_status_t (*pcd_key_derivation_collateral_t)(pcd_key_derivation_context_t *p_context,
@@ -1731,7 +1731,7 @@ typedef psa_status_t (*pcd_key_derivation_collateral_t)(pcd_key_derivation_conte
  *                              context information for the implementation
  * \param[in] dest_key          The slot where the generated key material
  *                              should be placed
- * 
+ *
  * \retval PSA_SUCCESS
  */
 typedef psa_status_t (*pcd_key_derivation_derive_t)(pcd_key_derivation_context_t *p_context,
@@ -1739,13 +1739,13 @@ typedef psa_status_t (*pcd_key_derivation_derive_t)(pcd_key_derivation_context_t
 
 /** \brief Perform the final step of a key agreement and place the generated
  * key material in a buffer
- * 
+ *
  * \param[out] p_output         Buffer in which to place the generated key
  *                              material
  * \param[in] output_size       The size in bytes of `p_output`
  * \param[out] p_output_length  Upon success, contains the number of bytes of
  *                              key material placed in `p_output`
- * 
+ *
  * \retval PSA_SUCCESS
  */
 typedef psa_status_t (*pcd_key_derivation_export_t)(uint8_t *p_output,
@@ -1755,10 +1755,10 @@ typedef psa_status_t (*pcd_key_derivation_export_t)(uint8_t *p_output,
 /**
  * \brief A struct containing all of the function pointers needed to for key
  * derivation and agreement
- * 
+ *
  * PSA Crypto API implementations should populate instances of the table as
  * appropriate upon startup.
- * 
+ *
  * If one of the functions is not implemented, it should be set to NULL.
  */
 struct pcd_key_derivation_t {
@@ -1775,4 +1775,4 @@ struct pcd_key_derivation_t {
 
 /**@}*/
 
-#endif // __PSA_CRYPTO_DRIVER_H__
\ No newline at end of file
+#endif // __PSA_CRYPTO_DRIVER_H__

From 0a09f77357737a4df763a3c13131519a82984db5 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Fri, 26 Oct 2018 11:42:32 +0100
Subject: [PATCH 557/889] psa: driver: Fix comment whitespace format

Fix comment formatting whitespace issues in crypto_driver.h to match our
style.
---
 include/psa/crypto_driver.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h
index 9bf00d513..737476a9d 100644
--- a/include/psa/crypto_driver.h
+++ b/include/psa/crypto_driver.h
@@ -684,7 +684,7 @@ typedef psa_status_t (*pcd_cipher_transparent_setup_t)(pcd_cipher_transparent_co
  * \param[in] iv_length         The size in bytes of the contents of `p_iv`
  *
  * \retval PSA_SUCCESS
-*/
+ */
 typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(pcd_cipher_transparent_context_t *p_context,
                                                         const uint8_t *p_iv,
                                                         size_t iv_length);
@@ -723,7 +723,7 @@ typedef psa_status_t (*pcd_cipher_transparent_update_t)(pcd_cipher_transparent_c
 
 /** \brief The function prototype for the finish operation of transparent-key
  * block cipher operations.
-*
+ *
  *  Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}

From 72244ae5954c76f7ebe21929fe64dfdd6fc88680 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Fri, 26 Oct 2018 10:59:12 +0100
Subject: [PATCH 558/889] psa: driver: Fix names of AEAD functions

The driver AEAD functions had a `psa_` prefix. They should have had a
`pcd_` prefix like the other driver functions.
---
 include/psa/crypto_driver.h | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h
index 737476a9d..0e07eef0e 100644
--- a/include/psa/crypto_driver.h
+++ b/include/psa/crypto_driver.h
@@ -1236,7 +1236,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_decrypt_t)(const uint8_t *p_ke
  * \retval #PSA_SUCCESS
  *         Success.
  */
-typedef psa_status_t (*psa_aead_opaque_encrypt_t)(psa_key_slot_t key_slot,
+typedef psa_status_t (*pcd_aead_opaque_encrypt_t)(psa_key_slot_t key_slot,
                                                   psa_algorithm_t algorithm,
                                                   const uint8_t *p_nonce,
                                                   size_t nonce_length,
@@ -1276,7 +1276,7 @@ typedef psa_status_t (*psa_aead_opaque_encrypt_t)(psa_key_slot_t key_slot,
  * \retval #PSA_SUCCESS
  *         Success.
  */
-typedef psa_status_t (*psa_aead_opaque_decrypt_t)(psa_key_slot_t key_slot,
+typedef psa_status_t (*pcd_aead_opaque_decrypt_t)(psa_key_slot_t key_slot,
                                                   psa_algorithm_t algorithm,
                                                   const uint8_t *p_nonce,
                                                   size_t nonce_length,
@@ -1297,11 +1297,11 @@ typedef psa_status_t (*psa_aead_opaque_decrypt_t)(psa_key_slot_t key_slot,
  *
  * If one of the functions is not implemented, it should be set to NULL.
  */
-struct psa_aead_opaque_t {
+struct pcd_aead_opaque_t {
     /** Function that performs the AEAD encrypt operation */
-    psa_aead_opaque_encrypt_t *p_encrypt;
+    pcd_aead_opaque_encrypt_t *p_encrypt;
     /** Function that performs the AEAD decrypt operation */
-    psa_aead_opaque_decrypt_t *p_decrypt;
+    pcd_aead_opaque_decrypt_t *p_decrypt;
 };
 /**@}*/
 
@@ -1356,7 +1356,7 @@ struct psa_aead_opaque_t {
  * \retval #PSA_SUCCESS
 
  */
-typedef psa_status_t (*psa_aead_transparent_encrypt_t)(const uint8_t *p_key,
+typedef psa_status_t (*pcd_aead_transparent_encrypt_t)(const uint8_t *p_key,
                                                        size_t key_length,
                                                        psa_algorithm_t alg,
                                                        const uint8_t *nonce,
@@ -1407,7 +1407,7 @@ typedef psa_status_t (*psa_aead_transparent_encrypt_t)(const uint8_t *p_key,
  * \retval #PSA_SUCCESS
  *         Success.
  */
-typedef psa_status_t (*psa_aead_transparent_decrypt_t)(const uint8_t *p_key,
+typedef psa_status_t (*pcd_aead_transparent_decrypt_t)(const uint8_t *p_key,
                                                        size_t key_length,
                                                        psa_algorithm_t alg,
                                                        const uint8_t *nonce,

From e095d60d95f587aeeb1ab054eed9b11a18d0ad3e Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Fri, 26 Oct 2018 12:09:31 +0100
Subject: [PATCH 559/889] psa: driver: Use "Driver Model" terminology

"Driver APIs" can be interpreted to mean APIs used when you want to write a
driver, not the set of functions you implement to make a driver. See
https://www.kernel.org/doc/html/latest/driver-api/index.html "The kernel
offers a wide variety of interfaces to support the development of device
drivers."

As such, we are renaming "Driver API" to "Driver Model" and updating our
work so far to reflect this change.
---
 include/psa/crypto_driver.h | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h
index 0e07eef0e..a59ff6e29 100644
--- a/include/psa/crypto_driver.h
+++ b/include/psa/crypto_driver.h
@@ -2,10 +2,11 @@
  * \file psa/crypto_driver.h
  * \brief Platform Security Architecture cryptographic driver module
  *
- * This file describes an API for driver developers to implement to enable
- * hardware to be called in a standardized way by a PSA Cryptographic API
- * implementation. The API described is not intended to be called by
- * application developers.
+ * This file describes the PSA Crypto Driver Model, containing functions for
+ * driver developers to implement to enable hardware to be called in a
+ * standardized way by a PSA Cryptographic API implementation. The functions
+ * comprising the driver model, which driver authors implement, are not
+ * intended to be called by application developers.
  */
 
 /*
@@ -483,8 +484,8 @@ typedef psa_status_t (*pcd_cipher_opaque_setup_t)(void *p_context,
  *
  * Rationale: The `psa_cipher_*` function in the PSA Cryptographic API has two
  * IV functions: one to set the IV, and one to generate it internally. The
- * generate function is not necessary for the driver API as the PSA Crypto
- * implementation can do the generation using its RNG features.
+ * generate function is not necessary for the drivers to implement as the PSA
+ * Crypto implementation can do the generation using its RNG features.
  *
  * \param[in,out] p_context     A structure that contains the previously set up
  *                              hardware-specific cipher context
@@ -1641,7 +1642,7 @@ struct pcd_key_management_t {
  * Key agreement is a part of cryptographic protocols that allows two parties
  * to agree on the same key value, but starting from different original key
  * material.
- * The flows are similar, and the PSA Crypto Driver API uses the same functions
+ * The flows are similar, and the PSA Crypto Driver Model uses the same functions
  * for both of the flows.
  *
  * There are two different final functions for the flows,

From 1acb2c43179837c8adcb5f167fb8d29cff9be201 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Fri, 26 Oct 2018 10:49:58 +0100
Subject: [PATCH 560/889] psa: driver: Replace `pcd_` prefix with `psa_drv_`

The `pcd_` prefix is ambiguous and does not make it clear that the types
and symbols are standardized by PSA. Replace `pcd_` with a prefix that can
be shared with all PSA drivers, `psa_drv_`.
---
 include/psa/crypto_driver.h | 698 ++++++++++++++++++------------------
 1 file changed, 349 insertions(+), 349 deletions(-)

diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h
index a59ff6e29..9acd33066 100644
--- a/include/psa/crypto_driver.h
+++ b/include/psa/crypto_driver.h
@@ -48,7 +48,7 @@ typedef uint32_t psa_key_usage_t;
 /** \defgroup opaque_mac Opaque Message Authentication Code
  * Generation and authentication of Message Authentication Codes (MACs) using
  * opaque keys can be done either as a single function call (via the
- * `pcd_mac_opaque_generate_t` or `psa_mac_opaque_verify_t` functions), or in
+ * `psa_drv_mac_opaque_generate_t` or `psa_mac_opaque_verify_t` functions), or in
  * parts using the following sequence:
  * - `psa_mac_opaque_setup_t`
  * - `psa_mac_opaque_update_t`
@@ -75,9 +75,9 @@ typedef uint32_t psa_key_usage_t;
  * \retval  PSA_SUCCESS
  *          Success.
  */
-typedef psa_status_t (*pcd_mac_opaque_setup_t)(void *p_context,
-                                               psa_key_slot_t key_slot,
-                                               psa_algorithm_t algorithm);
+typedef psa_status_t (*psa_drv_mac_opaque_setup_t)(void *p_context,
+                                                   psa_key_slot_t key_slot,
+                                                   psa_algorithm_t algorithm);
 
 /** \brief A function that continues a previously started MAC operation using
  * an opaque key
@@ -89,9 +89,9 @@ typedef psa_status_t (*pcd_mac_opaque_setup_t)(void *p_context,
  *                              to the MAC operation
  * \param[in] input_length  The size in bytes of the input message buffer
  */
-typedef psa_status_t (*pcd_mac_opaque_update_t)(void *p_context,
-                                                const uint8_t *p_input,
-                                                size_t input_length);
+typedef psa_status_t (*psa_drv_mac_opaque_update_t)(void *p_context,
+                                                    const uint8_t *p_input,
+                                                    size_t input_length);
 
 /** \brief a function that completes a previously started MAC operation by
  * returning the resulting MAC using an opaque key
@@ -109,10 +109,10 @@ typedef psa_status_t (*pcd_mac_opaque_update_t)(void *p_context,
  * \retval PSA_SUCCESS
  *          Success.
  */
-typedef psa_status_t (*pcd_mac_opaque_finish_t)(void *p_context,
-                                                uint8_t *p_mac,
-                                                size_t mac_size,
-                                                size_t *p_mac_length);
+typedef psa_status_t (*psa_drv_mac_opaque_finish_t)(void *p_context,
+                                                    uint8_t *p_mac,
+                                                    size_t mac_size,
+                                                    size_t *p_mac_length);
 
 /** \brief A function that completes a previously started MAC operation by
  * comparing the resulting MAC against a known value using an opaque key
@@ -130,16 +130,16 @@ typedef psa_status_t (*pcd_mac_opaque_finish_t)(void *p_context,
  *         The operation completed successfully, but the calculated MAC did
  *         not match the provided MAC
  */
-typedef psa_status_t (*pcd_mac_opaque_finish_verify_t)(void *p_context,
-                                                       const uint8_t *p_mac,
-                                                       size_t mac_length);
+typedef psa_status_t (*psa_drv_mac_opaque_finish_verify_t)(void *p_context,
+                                                           const uint8_t *p_mac,
+                                                           size_t mac_length);
 
 /** \brief A function that aborts a previous started opaque-key MAC operation
 
  * \param[in,out] p_context A hardware-specific structure for the previously
  *                          started MAC operation to be aborted
  */
-typedef psa_status_t (*pcd_mac_opaque_abort_t)(void *p_context);
+typedef psa_status_t (*psa_drv_mac_opaque_abort_t)(void *p_context);
 
 /** \brief A function that performs a MAC operation in one command and returns
  * the calculated MAC using an opaque key
@@ -158,13 +158,13 @@ typedef psa_status_t (*pcd_mac_opaque_abort_t)(void *p_context);
  * \retval PSA_SUCCESS
  *         Success.
  */
-typedef psa_status_t (*pcd_mac_opaque_generate_t)(const uint8_t *p_input,
-                                                  size_t input_length,
-                                                  psa_key_slot_t key_slot,
-                                                  psa_algorithm_t alg,
-                                                  uint8_t *p_mac,
-                                                  size_t mac_size,
-                                                  size_t *p_mac_length);
+typedef psa_status_t (*psa_drv_mac_opaque_generate_t)(const uint8_t *p_input,
+                                                      size_t input_length,
+                                                      psa_key_slot_t key_slot,
+                                                      psa_algorithm_t alg,
+                                                      uint8_t *p_mac,
+                                                      size_t mac_size,
+                                                      size_t *p_mac_length);
 
 /** \brief A function that performs an MAC operation in one command and
  * compare the resulting MAC against a known value using an opaque key
@@ -185,12 +185,12 @@ typedef psa_status_t (*pcd_mac_opaque_generate_t)(const uint8_t *p_input,
  *         The operation completed successfully, but the calculated MAC did
  *         not match the provided MAC
  */
-typedef psa_status_t (*pcd_mac_opaque_verify_t)(const uint8_t *p_input,
-                                                size_t input_length,
-                                                psa_key_slot_t key_slot,
-                                                psa_algorithm_t alg,
-                                                const uint8_t *p_mac,
-                                                size_t mac_length);
+typedef psa_status_t (*psa_drv_mac_opaque_verify_t)(const uint8_t *p_input,
+                                                    size_t input_length,
+                                                    psa_key_slot_t key_slot,
+                                                    psa_algorithm_t alg,
+                                                    const uint8_t *p_mac,
+                                                    size_t mac_length);
 
 /** \brief A struct containing all of the function pointers needed to
  * implement MAC operations using opaque keys.
@@ -199,7 +199,7 @@ typedef psa_status_t (*pcd_mac_opaque_verify_t)(const uint8_t *p_input,
  * upon startup.
  *
  * If one of the functions is not implemented (such as
- * `pcd_mac_opaque_generate_t`), it should be set to NULL.
+ * `psa_drv_mac_opaque_generate_t`), it should be set to NULL.
  *
  * Driver implementers should ensure that they implement all of the functions
  * that make sense for their hardware, and that they provide a full solution
@@ -207,38 +207,38 @@ typedef psa_status_t (*pcd_mac_opaque_verify_t)(const uint8_t *p_input,
  * `p_update` and at least one of `p_finish` or `p_finish_verify`).
  *
  */
-struct pcd_mac_opaque_t {
+struct psa_drv_mac_opaque_t {
     /**The size in bytes of the hardware-specific Opaque-MAC Context structure
     */
-    size_t                          context_size;
+    size_t                              context_size;
     /** Function that performs the setup operation
      */
-    pcd_mac_opaque_setup_t          *p_setup;
+    psa_drv_mac_opaque_setup_t          *p_setup;
     /** Function that performs the update operation
      */
-    pcd_mac_opaque_update_t         *p_update;
+    psa_drv_mac_opaque_update_t         *p_update;
     /** Function that completes the operation
      */
-    pcd_mac_opaque_finish_t         *p_finish;
+    psa_drv_mac_opaque_finish_t         *p_finish;
     /** Function that completed a MAC operation with a verify check
      */
-    pcd_mac_opaque_finish_verify_t  *p_finish_verify;
+    psa_drv_mac_opaque_finish_verify_t  *p_finish_verify;
     /** Function that aborts a previoustly started operation
      */
-    pcd_mac_opaque_abort_t          *p_abort;
+    psa_drv_mac_opaque_abort_t          *p_abort;
     /** Function that performs the MAC operation in one call
      */
-    pcd_mac_opaque_generate_t       *p_mac;
+    psa_drv_mac_opaque_generate_t       *p_mac;
     /** Function that performs the MAC and verify operation in one call
      */
-    pcd_mac_opaque_verify_t         *p_mac_verify;
+    psa_drv_mac_opaque_verify_t         *p_mac_verify;
 };
 /**@}*/
 
 /** \defgroup transparent_mac Transparent Message Authentication Code
  * Generation and authentication of Message Authentication Codes (MACs) using
  * transparent keys can be done either as a single function call (via the
- * `pcd_mac_transparent_generate_t` or `psa_mac_transparent_verify_t`
+ * `psa_drv_mac_transparent_generate_t` or `psa_mac_transparent_verify_t`
  * functions), or in parts using the following sequence:
  * - `psa_mac_transparent_setup_t`
  * - `psa_mac_transparent_update_t`
@@ -259,7 +259,7 @@ struct pcd_mac_opaque_t {
  * The contents of this structure are implementation dependent and are
  * therefore not described here.
  */
-typedef struct pcd_mac_transparent_context_s pcd_mac_transparent_context_t;
+typedef struct psa_drv_mac_transparent_context_s psa_drv_mac_transparent_context_t;
 
 /** \brief The function prototype for the setup operation of a
  * transparent-key MAC operation
@@ -267,7 +267,7 @@ typedef struct pcd_mac_transparent_context_s pcd_mac_transparent_context_t;
  *  Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_setup
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_setup
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying primitive, and `MAC_VARIANT`
  * is the specific variant of a MAC operation (such as HMAC or CMAC)
@@ -281,9 +281,9 @@ typedef struct pcd_mac_transparent_context_s pcd_mac_transparent_context_t;
  * \retval  PSA_SUCCESS
  *          Success.
  */
-typedef psa_status_t (*pcd_mac_transparent_setup_t)(pcd_mac_transparent_context_t *p_context,
-                                                    const uint8_t *p_key,
-                                                    size_t key_length);
+typedef psa_status_t (*psa_drv_mac_transparent_setup_t)(psa_drv_mac_transparent_context_t *p_context,
+                                                        const uint8_t *p_key,
+                                                        size_t key_length);
 
 /** \brief The function prototype for the update operation of a
  * transparent-key MAC operation
@@ -291,7 +291,7 @@ typedef psa_status_t (*pcd_mac_transparent_setup_t)(pcd_mac_transparent_context_
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_update
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_update
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT`
  * is the specific variant of a MAC operation (such as HMAC or CMAC)
@@ -303,9 +303,9 @@ typedef psa_status_t (*pcd_mac_transparent_setup_t)(pcd_mac_transparent_context_
  *                              to the MAC operation
  * \param[in] input_length      The size in bytes of the input message buffer
  */
-typedef psa_status_t (*pcd_mac_transparent_update_t)(pcd_mac_transparent_context_t *p_context,
-                                                     const uint8_t *p_input,
-                                                     size_t input_length);
+typedef psa_status_t (*psa_drv_mac_transparent_update_t)(psa_drv_mac_transparent_context_t *p_context,
+                                                         const uint8_t *p_input,
+                                                         size_t input_length);
 
 /** \brief  The function prototype for the finish operation of a
  * transparent-key MAC operation
@@ -313,7 +313,7 @@ typedef psa_status_t (*pcd_mac_transparent_update_t)(pcd_mac_transparent_context
  * Functions that implement the prototype should be named in the following
  *  convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_finish
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_finish
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
  * the specific variant of a MAC operation (such as HMAC or CMAC)
@@ -328,9 +328,9 @@ typedef psa_status_t (*pcd_mac_transparent_update_t)(pcd_mac_transparent_context
  * \retval PSA_SUCCESS
  *          Success.
  */
-typedef psa_status_t (*pcd_mac_transparent_finish_t)(pcd_mac_transparent_context_t *p_context,
-                                                     uint8_t *p_mac,
-                                                     size_t mac_length);
+typedef psa_status_t (*psa_drv_mac_transparent_finish_t)(psa_drv_mac_transparent_context_t *p_context,
+                                                         uint8_t *p_mac,
+                                                         size_t mac_length);
 
 /** \brief The function prototype for the finish and verify operation of a
  * transparent-key MAC operation
@@ -338,7 +338,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_t)(pcd_mac_transparent_context
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_finish_verify
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_finish_verify
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
  * the specific variant of a MAC operation (such as HMAC or CMAC)
@@ -354,9 +354,9 @@ typedef psa_status_t (*pcd_mac_transparent_finish_t)(pcd_mac_transparent_context
  * \retval PSA_SUCCESS
  *          The operation completed successfully and the comparison matched
  */
-typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(pcd_mac_transparent_context_t *p_context,
-                                                            const uint8_t *p_mac,
-                                                            size_t mac_length);
+typedef psa_status_t (*psa_drv_mac_transparent_finish_verify_t)(psa_drv_mac_transparent_context_t *p_context,
+                                                                const uint8_t *p_mac,
+                                                                size_t mac_length);
 
 /** \brief The function prototype for the abort operation for a previously
  * started transparent-key MAC operation
@@ -364,7 +364,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(pcd_mac_transparent_
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_abort
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_abort
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
  * the specific variant of a MAC operation (such as HMAC or CMAC)
@@ -374,7 +374,7 @@ typedef psa_status_t (*pcd_mac_transparent_finish_verify_t)(pcd_mac_transparent_
  *                              aborted
  *
  */
-typedef psa_status_t (*pcd_mac_transparent_abort_t)(pcd_mac_transparent_context_t *p_context);
+typedef psa_status_t (*psa_drv_mac_transparent_abort_t)(psa_drv_mac_transparent_context_t *p_context);
 
 /** \brief The function prototype for a one-shot operation of a transparent-key
  * MAC operation
@@ -382,7 +382,7 @@ typedef psa_status_t (*pcd_mac_transparent_abort_t)(pcd_mac_transparent_context_
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_mac_transparent_<ALGO>_<MAC_VARIANT>
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
  * the specific variant of a MAC operation (such as HMAC or CMAC)
@@ -397,13 +397,13 @@ typedef psa_status_t (*pcd_mac_transparent_abort_t)(pcd_mac_transparent_context_
  *                           upon success
  * \param[in] mac_length     The length in bytes of the `p_mac` buffer
  */
-typedef psa_status_t (*pcd_mac_transparent_t)(const uint8_t *p_input,
-                                              size_t input_length,
-                                              const uint8_t *p_key,
-                                              size_t key_length,
-                                              psa_algorithm_t alg,
-                                              uint8_t *p_mac,
-                                              size_t mac_length);
+typedef psa_status_t (*psa_drv_mac_transparent_t)(const uint8_t *p_input,
+                                                  size_t input_length,
+                                                  const uint8_t *p_key,
+                                                  size_t key_length,
+                                                  psa_algorithm_t alg,
+                                                  uint8_t *p_mac,
+                                                  size_t mac_length);
 
 /** \brief The function prototype for a one-shot operation of a transparent-key
  * MAC Verify operation
@@ -411,7 +411,7 @@ typedef psa_status_t (*pcd_mac_transparent_t)(const uint8_t *p_input,
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_mac_transparent_<ALGO>_<MAC_VARIANT>_verify
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_verify
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
  * the specific variant of a MAC operation (such as HMAC or CMAC)
@@ -428,24 +428,24 @@ typedef psa_status_t (*pcd_mac_transparent_t)(const uint8_t *p_input,
  * \retval PSA_SUCCESS
  *  The operation completed successfully and the comparison matched
  */
-typedef psa_status_t (*pcd_mac_transparent_verify_t)(const uint8_t *p_input,
-                                                     size_t input_length,
-                                                     const uint8_t *p_key,
-                                                     size_t key_length,
-                                                     psa_algorithm_t alg,
-                                                     const uint8_t *p_mac,
-                                                     size_t mac_length);
+typedef psa_status_t (*psa_drv_mac_transparent_verify_t)(const uint8_t *p_input,
+                                                         size_t input_length,
+                                                         const uint8_t *p_key,
+                                                         size_t key_length,
+                                                         psa_algorithm_t alg,
+                                                         const uint8_t *p_mac,
+                                                         size_t mac_length);
 /**@}*/
 
 /** \defgroup opaque_cipher Opaque Symmetric Ciphers
  *
  * Encryption and Decryption using opaque keys in block modes other than ECB
  * must be done in multiple parts, using the following flow:
- * - `pcd_cipher_opaque_setup_t`
- * - `pcd_cipher_opaque_set_iv_t` (optional depending upon block mode)
- * - `pcd_cipher_opaque_update_t`
+ * - `psa_drv_cipher_opaque_setup_t`
+ * - `psa_drv_cipher_opaque_set_iv_t` (optional depending upon block mode)
+ * - `psa_drv_cipher_opaque_update_t`
  * - ...
- * - `pcd_cipher_opaque_finish_t`
+ * - `psa_drv_cipher_opaque_finish_t`
 
  * If a previously started Opaque Cipher operation needs to be terminated, it
  * should be done so by the `psa_cipher_opaque_abort_t`. Failure to do so may
@@ -454,7 +454,7 @@ typedef psa_status_t (*pcd_mac_transparent_verify_t)(const uint8_t *p_input,
  *
  * In situations where a PSA Cryptographic API implementation is using a block
  * mode not-supported by the underlying hardware or driver, it can construct
- * the block mode itself, while calling the `pcd_cipher_opaque_ecb_t` function
+ * the block mode itself, while calling the `psa_drv_cipher_opaque_ecb_t` function
  * pointer for the cipher operations.
  */
 /**@{*/
@@ -474,10 +474,10 @@ typedef psa_status_t (*pcd_mac_transparent_verify_t)(const uint8_t *p_input,
  * \retval PSA_SUCCESS
  * \retval PSA_ERROR_NOT_SUPPORTED
  */
-typedef psa_status_t (*pcd_cipher_opaque_setup_t)(void *p_context,
-                                                  psa_key_slot_t key_slot,
-                                                  psa_algorithm_t algorithm,
-                                                  encrypt_or_decrypt_t direction);
+typedef psa_status_t (*psa_drv_cipher_opaque_setup_t)(void *p_context,
+                                                      psa_key_slot_t key_slot,
+                                                      psa_algorithm_t algorithm,
+                                                      encrypt_or_decrypt_t direction);
 
 /** \brief A function pointer that sets the initialization vector (if
  * necessary) for an opaque cipher operation
@@ -494,9 +494,9 @@ typedef psa_status_t (*pcd_cipher_opaque_setup_t)(void *p_context,
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_cipher_opaque_set_iv_t)(void *p_context,
-                                                   const uint8_t *p_iv,
-                                                   size_t iv_length);
+typedef psa_status_t (*psa_drv_cipher_opaque_set_iv_t)(void *p_context,
+                                                       const uint8_t *p_iv,
+                                                       size_t iv_length);
 
 /** \brief A function that continues a previously started opaque-key cipher
  * operation
@@ -516,12 +516,12 @@ typedef psa_status_t (*pcd_cipher_opaque_set_iv_t)(void *p_context,
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_cipher_opaque_update_t)(void *p_context,
-                                                   const uint8_t *p_input,
-                                                   size_t input_size,
-                                                   uint8_t *p_output,
-                                                   size_t output_size,
-                                                   size_t *p_output_length);
+typedef psa_status_t (*psa_drv_cipher_opaque_update_t)(void *p_context,
+                                                       const uint8_t *p_input,
+                                                       size_t input_size,
+                                                       uint8_t *p_output,
+                                                       size_t output_size,
+                                                       size_t *p_output_length);
 
 /** \brief A function that completes a previously started opaque-key cipher
  * operation
@@ -537,10 +537,10 @@ typedef psa_status_t (*pcd_cipher_opaque_update_t)(void *p_context,
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_cipher_opaque_finish_t)(void *p_context,
-                                                   uint8_t *p_output,
-                                                   size_t output_size,
-                                                   size_t *p_output_length);
+typedef psa_status_t (*psa_drv_cipher_opaque_finish_t)(void *p_context,
+                                                       uint8_t *p_output,
+                                                       size_t output_size,
+                                                       size_t *p_output_length);
 
 /** \brief A function that aborts a previously started opaque-key cipher
  * operation
@@ -548,7 +548,7 @@ typedef psa_status_t (*pcd_cipher_opaque_finish_t)(void *p_context,
  * \param[in,out] p_context     A hardware-specific structure for the
  *                              previously started cipher operation
  */
-typedef psa_status_t (*pcd_cipher_opaque_abort_t)(void *p_context);
+typedef psa_status_t (*psa_drv_cipher_opaque_abort_t)(void *p_context);
 
 /** \brief A function that performs the ECB block mode for opaque-key cipher
  * operations
@@ -572,13 +572,13 @@ typedef psa_status_t (*pcd_cipher_opaque_abort_t)(void *p_context);
  * \retval PSA_SUCCESS
  * \retval PSA_ERROR_NOT_SUPPORTED
  */
-typedef psa_status_t (*pcd_cipher_opaque_ecb_t)(psa_key_slot_t key_slot,
-                                                psa_algorithm_t algorithm,
-                                                encrypt_or_decrypt_t direction,
-                                                const uint8_t *p_input,
-                                                size_t input_size,
-                                                uint8_t *p_output,
-                                                size_t output_size);
+typedef psa_status_t (*psa_drv_cipher_opaque_ecb_t)(psa_key_slot_t key_slot,
+                                                    psa_algorithm_t algorithm,
+                                                    encrypt_or_decrypt_t direction,
+                                                    const uint8_t *p_input,
+                                                    size_t input_size,
+                                                    uint8_t *p_output,
+                                                    size_t output_size);
 
 /**
  * \brief A struct containing all of the function pointers needed to implement
@@ -588,28 +588,28 @@ typedef psa_status_t (*pcd_cipher_opaque_ecb_t)(psa_key_slot_t key_slot,
  * appropriate upon startup.
  *
  * If one of the functions is not implemented (such as
- * `pcd_cipher_opaque_ecb_t`), it should be set to NULL.
+ * `psa_drv_cipher_opaque_ecb_t`), it should be set to NULL.
  */
-struct pcd_cipher_opaque_t {
+struct psa_drv_cipher_opaque_t {
     /** The size in bytes of the hardware-specific Opaque Cipher context
      * structure
      */
-    size_t                      size;
+    size_t                         size;
     /** Function that performs the setup operation */
-    pcd_cipher_opaque_setup_t  *p_setup;
+    psa_drv_cipher_opaque_setup_t  *p_setup;
     /** Function that sets the IV (if necessary) */
-    pcd_cipher_opaque_set_iv_t *p_set_iv;
+    psa_drv_cipher_opaque_set_iv_t *p_set_iv;
     /** Function that performs the update operation */
-    pcd_cipher_opaque_update_t *p_update;
+    psa_drv_cipher_opaque_update_t *p_update;
     /** Function that completes the operation */
-    pcd_cipher_opaque_finish_t *p_finish;
+    psa_drv_cipher_opaque_finish_t *p_finish;
     /** Function that aborts the operation */
-    pcd_cipher_opaque_abort_t  *p_abort;
+    psa_drv_cipher_opaque_abort_t  *p_abort;
     /** Function that performs ECB mode for the cipher
      * (Danger: ECB mode should not be used directly by clients of the PSA
      * Crypto Client API)
      */
-    pcd_cipher_opaque_ecb_t    *p_ecb;
+    psa_drv_cipher_opaque_ecb_t    *p_ecb;
 };
 
 /**@}*/
@@ -617,11 +617,11 @@ struct pcd_cipher_opaque_t {
 /** \defgroup transparent_cipher Transparent Block Cipher
  * Encryption and Decryption using transparent keys in block modes other than
  * ECB must be done in multiple parts, using the following flow:
- * - `pcd_cipher_transparent_setup_t`
- * - `pcd_cipher_transparent_set_iv_t` (optional depending upon block mode)
- * - `pcd_cipher_transparent_update_t`
+ * - `psa_drv_cipher_transparent_setup_t`
+ * - `psa_drv_cipher_transparent_set_iv_t` (optional depending upon block mode)
+ * - `psa_drv_cipher_transparent_update_t`
  * - ...
- * - `pcd_cipher_transparent_finish_t`
+ * - `psa_drv_cipher_transparent_finish_t`
 
  * If a previously started Transparent Cipher operation needs to be terminated,
  * it should be done so by the `psa_cipher_transparent_abort_t`. Failure to do
@@ -635,21 +635,21 @@ struct pcd_cipher_opaque_t {
  * The contents of this structure are implementation dependent and are
  * therefore not described here.
  */
-typedef struct pcd_cipher_transparent_context_s pcd_cipher_transparent_context_t;
+typedef struct psa_drv_cipher_transparent_context_s psa_drv_cipher_transparent_context_t;
 
 /** \brief The function prototype for the setup operation of transparent-key
  * block cipher operations.
  *  Functions that implement the prototype should be named in the following
  * conventions:
  * ~~~~~~~~~~~~~{.c}
- * pcd_cipher_transparent_setup_<CIPHER_NAME>_<MODE>
+ * psa_drv_cipher_transparent_setup_<CIPHER_NAME>_<MODE>
  * ~~~~~~~~~~~~~
  * Where
  * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
  * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
  * or for stream ciphers:
  * ~~~~~~~~~~~~~{.c}
- * pcd_cipher_transparent_setup_<CIPHER_NAME>
+ * psa_drv_cipher_transparent_setup_<CIPHER_NAME>
  * ~~~~~~~~~~~~~
  * Where `CIPHER_NAME` is the name of a stream cipher (i.e. RC4)
  *
@@ -663,17 +663,17 @@ typedef struct pcd_cipher_transparent_context_s pcd_cipher_transparent_context_t
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_cipher_transparent_setup_t)(pcd_cipher_transparent_context_t *p_context,
-                                                       encrypt_or_decrypt_t direction,
-                                                       const uint8_t *p_key_data,
-                                                       size_t key_data_size);
+typedef psa_status_t (*psa_drv_cipher_transparent_setup_t)(psa_drv_cipher_transparent_context_t *p_context,
+                                                           encrypt_or_decrypt_t direction,
+                                                           const uint8_t *p_key_data,
+                                                           size_t key_data_size);
 
 /** \brief The function prototype for the set initialization vector operation
  * of transparent-key block cipher operations
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_cipher_transparent_set_iv_<CIPHER_NAME>_<MODE>
+ * psa_drv_cipher_transparent_set_iv_<CIPHER_NAME>_<MODE>
  * ~~~~~~~~~~~~~
  * Where
  * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
@@ -686,9 +686,9 @@ typedef psa_status_t (*pcd_cipher_transparent_setup_t)(pcd_cipher_transparent_co
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(pcd_cipher_transparent_context_t *p_context,
-                                                        const uint8_t *p_iv,
-                                                        size_t iv_length);
+typedef psa_status_t (*psa_drv_cipher_transparent_set_iv_t)(psa_drv_cipher_transparent_context_t *p_context,
+                                                            const uint8_t *p_iv,
+                                                            size_t iv_length);
 
 /** \brief The function prototype for the update operation of transparent-key
  * block cipher operations.
@@ -696,7 +696,7 @@ typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(pcd_cipher_transparent_c
  *  Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_cipher_transparent_update_<CIPHER_NAME>_<MODE>
+ * psa_drv_cipher_transparent_update_<CIPHER_NAME>_<MODE>
  * ~~~~~~~~~~~~~
  * Where
  * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
@@ -715,12 +715,12 @@ typedef psa_status_t (*pcd_cipher_transparent_set_iv_t)(pcd_cipher_transparent_c
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_cipher_transparent_update_t)(pcd_cipher_transparent_context_t *p_context,
-                                                        const uint8_t *p_input,
-                                                        size_t input_size,
-                                                        uint8_t *p_output,
-                                                        size_t output_size,
-                                                        size_t *p_output_length);
+typedef psa_status_t (*psa_drv_cipher_transparent_update_t)(psa_drv_cipher_transparent_context_t *p_context,
+                                                            const uint8_t *p_input,
+                                                            size_t input_size,
+                                                            uint8_t *p_output,
+                                                            size_t output_size,
+                                                            size_t *p_output_length);
 
 /** \brief The function prototype for the finish operation of transparent-key
  * block cipher operations.
@@ -728,7 +728,7 @@ typedef psa_status_t (*pcd_cipher_transparent_update_t)(pcd_cipher_transparent_c
  *  Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_cipher_transparent_finish_<CIPHER_NAME>_<MODE>
+ * psa_drv_cipher_transparent_finish_<CIPHER_NAME>_<MODE>
  * ~~~~~~~~~~~~~
  * Where
  * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
@@ -744,10 +744,10 @@ typedef psa_status_t (*pcd_cipher_transparent_update_t)(pcd_cipher_transparent_c
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_cipher_transparent_finish_t)(pcd_cipher_transparent_context_t *p_context,
-                                                        uint8_t *p_output,
-                                                        size_t output_size,
-                                                        size_t *p_output_length);
+typedef psa_status_t (*psa_drv_cipher_transparent_finish_t)(psa_drv_cipher_transparent_context_t *p_context,
+                                                            uint8_t *p_output,
+                                                            size_t output_size,
+                                                            size_t *p_output_length);
 
 /** \brief The function prototype for the abort operation of transparent-key
  * block cipher operations.
@@ -755,7 +755,7 @@ typedef psa_status_t (*pcd_cipher_transparent_finish_t)(pcd_cipher_transparent_c
  *  Functions that implement the following prototype should be named in the
  * following convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_cipher_transparent_abort_<CIPHER_NAME>_<MODE>
+ * psa_drv_cipher_transparent_abort_<CIPHER_NAME>_<MODE>
  * ~~~~~~~~~~~~~
  * Where
  * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
@@ -766,7 +766,7 @@ typedef psa_status_t (*pcd_cipher_transparent_finish_t)(pcd_cipher_transparent_c
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_cipher_transparent_abort_t)(pcd_cipher_transparent_context_t *p_context);
+typedef psa_status_t (*psa_drv_cipher_transparent_abort_t)(psa_drv_cipher_transparent_context_t *p_context);
 
 /**@}*/
 
@@ -791,7 +791,7 @@ typedef psa_status_t (*pcd_cipher_transparent_abort_t)(pcd_cipher_transparent_co
  * The contents of this structure are implementation dependent and are
  * therefore not described here
  */
-typedef struct pcd_hash_context_s pcd_hash_context_t;
+typedef struct psa_drv_hash_context_s psa_drv_hash_context_t;
 
 /** \brief The function prototype for the start operation of a hash (message
  * digest) operation
@@ -799,7 +799,7 @@ typedef struct pcd_hash_context_s pcd_hash_context_t;
  *  Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_hash_<ALGO>_setup
+ * psa_drv_hash_<ALGO>_setup
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying hash function
  *
@@ -808,7 +808,7 @@ typedef struct pcd_hash_context_s pcd_hash_context_t;
  *
  * \retval  PSA_SUCCESS     Success.
  */
-typedef psa_status_t (*pcd_hash_setup_t)(pcd_hash_context_t *p_context);
+typedef psa_status_t (*psa_drv_hash_setup_t)(psa_drv_hash_context_t *p_context);
 
 /** \brief The function prototype for the update operation of a hash (message
  * digest) operation
@@ -816,7 +816,7 @@ typedef psa_status_t (*pcd_hash_setup_t)(pcd_hash_context_t *p_context);
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_hash_<ALGO>_update
+ * psa_drv_hash_<ALGO>_update
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm
  *
@@ -827,9 +827,9 @@ typedef psa_status_t (*pcd_hash_setup_t)(pcd_hash_context_t *p_context);
  *                              to the hash operation
  * \param[in] input_length      The size in bytes of the input message buffer
  */
-typedef psa_status_t (*pcd_hash_update_t)(pcd_hash_context_t *p_context,
-                                          const uint8_t *p_input,
-                                          size_t input_length);
+typedef psa_status_t (*psa_drv_hash_update_t)(psa_drv_hash_context_t *p_context,
+                                              const uint8_t *p_input,
+                                              size_t input_length);
 
 /** \brief  The prototype for the finish operation of a hash (message digest)
  * operation
@@ -837,7 +837,7 @@ typedef psa_status_t (*pcd_hash_update_t)(pcd_hash_context_t *p_context,
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_hash_<ALGO>_finish
+ * psa_drv_hash_<ALGO>_finish
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm
  *
@@ -854,10 +854,10 @@ typedef psa_status_t (*pcd_hash_update_t)(pcd_hash_context_t *p_context,
  * \retval PSA_SUCCESS
  *          Success.
  */
-typedef psa_status_t (*pcd_hash_finish_t)(pcd_hash_context_t *p_context,
-                                          uint8_t *p_output,
-                                          size_t output_size,
-                                          size_t *p_output_length);
+typedef psa_status_t (*psa_drv_hash_finish_t)(psa_drv_hash_context_t *p_context,
+                                              uint8_t *p_output,
+                                              size_t output_size,
+                                              size_t *p_output_length);
 
 /** \brief The function prototype for the abort operation of a hash (message
  * digest) operation
@@ -865,14 +865,14 @@ typedef psa_status_t (*pcd_hash_finish_t)(pcd_hash_context_t *p_context,
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_hash_<ALGO>_abort
+ * psa_drv_hash_<ALGO>_abort
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the underlying algorithm
  *
  * \param[in,out] p_context A hardware-specific structure for the previously
  *                          started hash operation to be aborted
  */
-typedef void (*pcd_hash_abort_t)(pcd_hash_context_t *p_context);
+typedef void (*psa_drv_hash_abort_t)(psa_drv_hash_context_t *p_context);
 
 /**@}*/
 
@@ -900,13 +900,13 @@ typedef void (*pcd_hash_abort_t)(pcd_hash_context_t *p_context);
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_asymmetric_opaque_sign_t)(psa_key_slot_t key_slot,
-                                                     psa_algorithm_t alg,
-                                                     const uint8_t *p_hash,
-                                                     size_t hash_length,
-                                                     uint8_t *p_signature,
-                                                     size_t signature_size,
-                                                     size_t *p_signature_length);
+typedef psa_status_t (*psa_drv_asymmetric_opaque_sign_t)(psa_key_slot_t key_slot,
+                                                         psa_algorithm_t alg,
+                                                         const uint8_t *p_hash,
+                                                         size_t hash_length,
+                                                         uint8_t *p_signature,
+                                                         size_t signature_size,
+                                                         size_t *p_signature_length);
 
 /**
  * \brief A function that verifies the signature a hash or short message using
@@ -924,12 +924,12 @@ typedef psa_status_t (*pcd_asymmetric_opaque_sign_t)(psa_key_slot_t key_slot,
  * \retval PSA_SUCCESS
  *         The signature is valid.
  */
-typedef psa_status_t (*pcd_asymmetric_opaque_verify_t)(psa_key_slot_t key_slot,
-                                                       psa_algorithm_t alg,
-                                                       const uint8_t *p_hash,
-                                                       size_t hash_length,
-                                                       const uint8_t *p_signature,
-                                                       size_t signature_length);
+typedef psa_status_t (*psa_drv_asymmetric_opaque_verify_t)(psa_key_slot_t key_slot,
+                                                           psa_algorithm_t alg,
+                                                           const uint8_t *p_hash,
+                                                           size_t hash_length,
+                                                           const uint8_t *p_signature,
+                                                           size_t signature_length);
 
 /**
  * \brief A function that encrypts a short message with an asymmetric public
@@ -960,15 +960,15 @@ typedef psa_status_t (*pcd_asymmetric_opaque_verify_t)(psa_key_slot_t key_slot,
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_asymmetric_opaque_encrypt_t)(psa_key_slot_t key_slot,
-                                                        psa_algorithm_t alg,
-                                                        const uint8_t *p_input,
-                                                        size_t input_length,
-                                                        const uint8_t *p_salt,
-                                                        size_t salt_length,
-                                                        uint8_t *p_output,
-                                                        size_t output_size,
-                                                        size_t *p_output_length);
+typedef psa_status_t (*psa_drv_asymmetric_opaque_encrypt_t)(psa_key_slot_t key_slot,
+                                                            psa_algorithm_t alg,
+                                                            const uint8_t *p_input,
+                                                            size_t input_length,
+                                                            const uint8_t *p_salt,
+                                                            size_t salt_length,
+                                                            uint8_t *p_output,
+                                                            size_t output_size,
+                                                            size_t *p_output_length);
 
 /**
  * \brief Decrypt a short message with an asymmetric private key.
@@ -997,15 +997,15 @@ typedef psa_status_t (*pcd_asymmetric_opaque_encrypt_t)(psa_key_slot_t key_slot,
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_asymmetric_opaque_decrypt_t)(psa_key_slot_t key_slot,
-                                                        psa_algorithm_t alg,
-                                                        const uint8_t *p_input,
-                                                        size_t input_length,
-                                                        const uint8_t *p_salt,
-                                                        size_t salt_length,
-                                                        uint8_t *p_output,
-                                                        size_t output_size,
-                                                        size_t *p_output_length);
+typedef psa_status_t (*psa_drv_asymmetric_opaque_decrypt_t)(psa_key_slot_t key_slot,
+                                                            psa_algorithm_t alg,
+                                                            const uint8_t *p_input,
+                                                            size_t input_length,
+                                                            const uint8_t *p_salt,
+                                                            size_t salt_length,
+                                                            uint8_t *p_output,
+                                                            size_t output_size,
+                                                            size_t *p_output_length);
 
 /**
  * \brief A struct containing all of the function pointers needed to implement
@@ -1016,15 +1016,15 @@ typedef psa_status_t (*pcd_asymmetric_opaque_decrypt_t)(psa_key_slot_t key_slot,
  *
  * If one of the functions is not implemented, it should be set to NULL.
  */
-struct pcd_asymmetric_opaque_t {
+struct psa_drv_asymmetric_opaque_t {
     /** Function that performs the asymmetric sign operation */
-    pcd_asymmetric_opaque_sign_t    *p_sign;
+    psa_drv_asymmetric_opaque_sign_t    *p_sign;
     /** Function that performs the asymmetric verify operation */
-    pcd_asymmetric_opaque_verify_t  *p_verify;
+    psa_drv_asymmetric_opaque_verify_t  *p_verify;
     /** Function that performs the asymmetric encrypt operation */
-    pcd_asymmetric_opaque_encrypt_t *p_encrypt;
+    psa_drv_asymmetric_opaque_encrypt_t *p_encrypt;
     /** Function that performs the asymmetric decrypt operation */
-    pcd_asymmetric_opaque_decrypt_t *p_decrypt;
+    psa_drv_asymmetric_opaque_decrypt_t *p_decrypt;
 };
 
 /**@}*/
@@ -1045,7 +1045,7 @@ struct pcd_asymmetric_opaque_t {
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_asymmetric_<ALGO>_sign
+ * psa_drv_asymmetric_<ALGO>_sign
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the signing algorithm
  *
@@ -1063,14 +1063,14 @@ struct pcd_asymmetric_opaque_t {
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_asymmetric_transparent_sign_t)(const uint8_t *p_key,
-                                                          size_t key_size,
-                                                          psa_algorithm_t alg,
-                                                          const uint8_t *p_hash,
-                                                          size_t hash_length,
-                                                          uint8_t *p_signature,
-                                                          size_t signature_size,
-                                                          size_t *p_signature_length);
+typedef psa_status_t (*psa_drv_asymmetric_transparent_sign_t)(const uint8_t *p_key,
+                                                              size_t key_size,
+                                                              psa_algorithm_t alg,
+                                                              const uint8_t *p_hash,
+                                                              size_t hash_length,
+                                                              uint8_t *p_signature,
+                                                              size_t signature_size,
+                                                              size_t *p_signature_length);
 
 /**
  * \brief A function that verifies the signature a hash or short message using
@@ -1079,7 +1079,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_sign_t)(const uint8_t *p_key,
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_asymmetric_<ALGO>_verify
+ * psa_drv_asymmetric_<ALGO>_verify
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the signing algorithm
  *
@@ -1096,13 +1096,13 @@ typedef psa_status_t (*pcd_asymmetric_transparent_sign_t)(const uint8_t *p_key,
  * \retval PSA_SUCCESS
  *         The signature is valid.
  */
-typedef psa_status_t (*pcd_asymmetric_transparent_verify_t)(const uint8_t *p_key,
-                                                            size_t key_size,
-                                                            psa_algorithm_t alg,
-                                                            const uint8_t *p_hash,
-                                                            size_t hash_length,
-                                                            const uint8_t *p_signature,
-                                                            size_t signature_length);
+typedef psa_status_t (*psa_drv_asymmetric_transparent_verify_t)(const uint8_t *p_key,
+                                                                size_t key_size,
+                                                                psa_algorithm_t alg,
+                                                                const uint8_t *p_hash,
+                                                                size_t hash_length,
+                                                                const uint8_t *p_signature,
+                                                                size_t signature_length);
 
 /**
  * \brief A function that encrypts a short message with a transparent
@@ -1111,7 +1111,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_verify_t)(const uint8_t *p_key
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_asymmetric_<ALGO>_encrypt
+ * psa_drv_asymmetric_<ALGO>_encrypt
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the encryption algorithm
  *
@@ -1140,16 +1140,16 @@ typedef psa_status_t (*pcd_asymmetric_transparent_verify_t)(const uint8_t *p_key
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)(const uint8_t *p_key,
-                                                             size_t key_size,
-                                                             psa_algorithm_t alg,
-                                                             const uint8_t *p_input,
-                                                             size_t input_length,
-                                                             const uint8_t *p_salt,
-                                                             size_t salt_length,
-                                                             uint8_t *p_output,
-                                                             size_t output_size,
-                                                             size_t *p_output_length);
+typedef psa_status_t (*psa_drv_asymmetric_transparent_encrypt_t)(const uint8_t *p_key,
+                                                                 size_t key_size,
+                                                                 psa_algorithm_t alg,
+                                                                 const uint8_t *p_input,
+                                                                 size_t input_length,
+                                                                 const uint8_t *p_salt,
+                                                                 size_t salt_length,
+                                                                 uint8_t *p_output,
+                                                                 size_t output_size,
+                                                                 size_t *p_output_length);
 
 /**
  * \brief Decrypt a short message with a transparent asymmetric private key
@@ -1157,7 +1157,7 @@ typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)(const uint8_t *p_ke
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_asymmetric_<ALGO>_decrypt
+ * psa_drv_asymmetric_<ALGO>_decrypt
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the encryption algorithm
  *
@@ -1186,16 +1186,16 @@ typedef psa_status_t (*pcd_asymmetric_transparent_encrypt_t)(const uint8_t *p_ke
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_asymmetric_transparent_decrypt_t)(const uint8_t *p_key,
-                                                             size_t key_size,
-                                                             psa_algorithm_t alg,
-                                                             const uint8_t *p_input,
-                                                             size_t input_length,
-                                                             const uint8_t *p_salt,
-                                                             size_t salt_length,
-                                                             uint8_t *p_output,
-                                                             size_t output_size,
-                                                             size_t *p_output_length);
+typedef psa_status_t (*psa_drv_asymmetric_transparent_decrypt_t)(const uint8_t *p_key,
+                                                                 size_t key_size,
+                                                                 psa_algorithm_t alg,
+                                                                 const uint8_t *p_input,
+                                                                 size_t input_length,
+                                                                 const uint8_t *p_salt,
+                                                                 size_t salt_length,
+                                                                 uint8_t *p_output,
+                                                                 size_t output_size,
+                                                                 size_t *p_output_length);
 
 /**@}*/
 
@@ -1237,17 +1237,17 @@ typedef psa_status_t (*pcd_asymmetric_transparent_decrypt_t)(const uint8_t *p_ke
  * \retval #PSA_SUCCESS
  *         Success.
  */
-typedef psa_status_t (*pcd_aead_opaque_encrypt_t)(psa_key_slot_t key_slot,
-                                                  psa_algorithm_t algorithm,
-                                                  const uint8_t *p_nonce,
-                                                  size_t nonce_length,
-                                                  const uint8_t *p_additional_data,
-                                                  size_t additional_data_length,
-                                                  const uint8_t *p_plaintext,
-                                                  size_t plaintext_length,
-                                                  uint8_t *p_ciphertext,
-                                                  size_t ciphertext_size,
-                                                  size_t *p_ciphertext_length);
+typedef psa_status_t (*psa_drv_aead_opaque_encrypt_t)(psa_key_slot_t key_slot,
+                                                      psa_algorithm_t algorithm,
+                                                      const uint8_t *p_nonce,
+                                                      size_t nonce_length,
+                                                      const uint8_t *p_additional_data,
+                                                      size_t additional_data_length,
+                                                      const uint8_t *p_plaintext,
+                                                      size_t plaintext_length,
+                                                      uint8_t *p_ciphertext,
+                                                      size_t ciphertext_size,
+                                                      size_t *p_ciphertext_length);
 
 /** Process an authenticated decryption operation using an opaque key
  *
@@ -1277,17 +1277,17 @@ typedef psa_status_t (*pcd_aead_opaque_encrypt_t)(psa_key_slot_t key_slot,
  * \retval #PSA_SUCCESS
  *         Success.
  */
-typedef psa_status_t (*pcd_aead_opaque_decrypt_t)(psa_key_slot_t key_slot,
-                                                  psa_algorithm_t algorithm,
-                                                  const uint8_t *p_nonce,
-                                                  size_t nonce_length,
-                                                  const uint8_t *p_additional_data,
-                                                  size_t additional_data_length,
-                                                  const uint8_t *p_ciphertext,
-                                                  size_t ciphertext_length,
-                                                  uint8_t *p_plaintext,
-                                                  size_t plaintext_size,
-                                                  size_t *p_plaintext_length);
+typedef psa_status_t (*psa_drv_aead_opaque_decrypt_t)(psa_key_slot_t key_slot,
+                                                      psa_algorithm_t algorithm,
+                                                      const uint8_t *p_nonce,
+                                                      size_t nonce_length,
+                                                      const uint8_t *p_additional_data,
+                                                      size_t additional_data_length,
+                                                      const uint8_t *p_ciphertext,
+                                                      size_t ciphertext_length,
+                                                      uint8_t *p_plaintext,
+                                                      size_t plaintext_size,
+                                                      size_t *p_plaintext_length);
 
 /**
  * \brief A struct containing all of the function pointers needed to implement
@@ -1298,11 +1298,11 @@ typedef psa_status_t (*pcd_aead_opaque_decrypt_t)(psa_key_slot_t key_slot,
  *
  * If one of the functions is not implemented, it should be set to NULL.
  */
-struct pcd_aead_opaque_t {
+struct psa_drv_aead_opaque_t {
     /** Function that performs the AEAD encrypt operation */
-    pcd_aead_opaque_encrypt_t *p_encrypt;
+    psa_drv_aead_opaque_encrypt_t *p_encrypt;
     /** Function that performs the AEAD decrypt operation */
-    pcd_aead_opaque_decrypt_t *p_decrypt;
+    psa_drv_aead_opaque_decrypt_t *p_decrypt;
 };
 /**@}*/
 
@@ -1322,7 +1322,7 @@ struct pcd_aead_opaque_t {
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_aead_<ALGO>_encrypt
+ * psa_drv_aead_<ALGO>_encrypt
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the AEAD algorithm
  *
@@ -1357,25 +1357,25 @@ struct pcd_aead_opaque_t {
  * \retval #PSA_SUCCESS
 
  */
-typedef psa_status_t (*pcd_aead_transparent_encrypt_t)(const uint8_t *p_key,
-                                                       size_t key_length,
-                                                       psa_algorithm_t alg,
-                                                       const uint8_t *nonce,
-                                                       size_t nonce_length,
-                                                       const uint8_t *additional_data,
-                                                       size_t additional_data_length,
-                                                       const uint8_t *plaintext,
-                                                       size_t plaintext_length,
-                                                       uint8_t *ciphertext,
-                                                       size_t ciphertext_size,
-                                                       size_t *ciphertext_length);
+typedef psa_status_t (*psa_drv_aead_transparent_encrypt_t)(const uint8_t *p_key,
+                                                           size_t key_length,
+                                                           psa_algorithm_t alg,
+                                                           const uint8_t *nonce,
+                                                           size_t nonce_length,
+                                                           const uint8_t *additional_data,
+                                                           size_t additional_data_length,
+                                                           const uint8_t *plaintext,
+                                                           size_t plaintext_length,
+                                                           uint8_t *ciphertext,
+                                                           size_t ciphertext_size,
+                                                           size_t *ciphertext_length);
 
 /** Process an authenticated decryption operation using an opaque key.
  *
  * Functions that implement the prototype should be named in the following
  * convention:
  * ~~~~~~~~~~~~~{.c}
- * pcd_aead_<ALGO>_decrypt
+ * psa_drv_aead_<ALGO>_decrypt
  * ~~~~~~~~~~~~~
  * Where `ALGO` is the name of the AEAD algorithm
  * \param[in] p_key                     A pointer to the key material
@@ -1408,18 +1408,18 @@ typedef psa_status_t (*pcd_aead_transparent_encrypt_t)(const uint8_t *p_key,
  * \retval #PSA_SUCCESS
  *         Success.
  */
-typedef psa_status_t (*pcd_aead_transparent_decrypt_t)(const uint8_t *p_key,
-                                                       size_t key_length,
-                                                       psa_algorithm_t alg,
-                                                       const uint8_t *nonce,
-                                                       size_t nonce_length,
-                                                       const uint8_t *additional_data,
-                                                       size_t additional_data_length,
-                                                       const uint8_t *ciphertext,
-                                                       size_t ciphertext_length,
-                                                       uint8_t *plaintext,
-                                                       size_t plaintext_size,
-                                                       size_t *plaintext_length);
+typedef psa_status_t (*psa_drv_aead_transparent_decrypt_t)(const uint8_t *p_key,
+                                                           size_t key_length,
+                                                           psa_algorithm_t alg,
+                                                           const uint8_t *nonce,
+                                                           size_t nonce_length,
+                                                           const uint8_t *additional_data,
+                                                           size_t additional_data_length,
+                                                           const uint8_t *ciphertext,
+                                                           size_t ciphertext_length,
+                                                           uint8_t *plaintext,
+                                                           size_t plaintext_size,
+                                                           size_t *plaintext_length);
 
 /**@}*/
 
@@ -1430,7 +1430,7 @@ typedef psa_status_t (*pcd_aead_transparent_decrypt_t)(const uint8_t *p_key,
 
 /** \brief A hardware-specific structure for a entropy providing hardware
  */
-typedef struct pcd_entropy_context_s pcd_entropy_context_t;
+typedef struct psa_drv_entropy_context_s psa_drv_entropy_context_t;
 
 /** \brief Initialize an entropy driver
  *
@@ -1441,7 +1441,7 @@ typedef struct pcd_entropy_context_s pcd_entropy_context_t;
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_entropy_init_t)(pcd_entropy_context_t *p_context);
+typedef psa_status_t (*psa_drv_entropy_init_t)(psa_drv_entropy_context_t *p_context);
 
 /** \brief Get a specified number of bits from the entropy source
  *
@@ -1469,10 +1469,10 @@ typedef psa_status_t (*pcd_entropy_init_t)(pcd_entropy_context_t *p_context);
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_entropy_get_bits_t)(pcd_entropy_context_t *p_context,
-                                               uint8_t *p_buffer,
-                                               uint32_t buffer_size,
-                                               uint32_t *p_received_entropy_bits);
+typedef psa_status_t (*psa_drv_entropy_get_bits_t)(psa_drv_entropy_context_t *p_context,
+                                                   uint8_t *p_buffer,
+                                                   uint32_t buffer_size,
+                                                   uint32_t *p_received_entropy_bits);
 
 /**
  * \brief A struct containing all of the function pointers needed to interface
@@ -1483,12 +1483,12 @@ typedef psa_status_t (*pcd_entropy_get_bits_t)(pcd_entropy_context_t *p_context,
  *
  * If one of the functions is not implemented, it should be set to NULL.
  */
-struct pcd_entropy_t {
+struct psa_drv_entropy_t {
     /** Function that performs initialization for the entropy source */
-    pcd_entropy_init_t *p_init;
+    psa_drv_entropy_init_t *p_init;
     /** Function that performs the get_bits operation for the entropy source
     */
-    pcd_entropy_get_bits_t *p_get_bits;
+    psa_drv_entropy_get_bits_t *p_get_bits;
 };
 /**@}*/
 
@@ -1517,12 +1517,12 @@ struct pcd_entropy_t {
  * \retval #PSA_SUCCESS
  *         Success.
  */
-typedef psa_status_t (*pcd_opaque_import_key_t)(psa_key_slot_t key_slot,
-                                                psa_key_type_t type,
-                                                psa_algorithm_t algorithm,
-                                                psa_key_usage_t usage,
-                                                const uint8_t *p_data,
-                                                size_t data_length);
+typedef psa_status_t (*psa_drv_opaque_import_key_t)(psa_key_slot_t key_slot,
+                                                    psa_key_type_t type,
+                                                    psa_algorithm_t algorithm,
+                                                    psa_key_usage_t usage,
+                                                    const uint8_t *p_data,
+                                                    size_t data_length);
 
 /**
  * \brief Destroy a key and restore the slot to its default state
@@ -1540,7 +1540,7 @@ typedef psa_status_t (*pcd_opaque_import_key_t)(psa_key_slot_t key_slot,
  * \retval #PSA_SUCCESS
  *         The slot's content, if any, has been erased.
  */
-typedef psa_status_t (*pcd_destroy_key_t)(psa_key_slot_t key);
+typedef psa_status_t (*psa_drv_destroy_key_t)(psa_key_slot_t key);
 
 /**
  * \brief Export a key in binary format
@@ -1582,10 +1582,10 @@ typedef psa_status_t (*pcd_destroy_key_t)(psa_key_slot_t key);
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
-typedef psa_status_t (*pcd_export_key_t)(psa_key_slot_t key,
-                                         uint8_t *p_data,
-                                         size_t data_size,
-                                         size_t *p_data_length);
+typedef psa_status_t (*psa_drv_export_key_t)(psa_key_slot_t key,
+                                             uint8_t *p_data,
+                                             size_t data_size,
+                                             size_t *p_data_length);
 
 /**
  * \brief Export a public key or the public part of a key pair in binary format
@@ -1608,10 +1608,10 @@ typedef psa_status_t (*pcd_export_key_t)(psa_key_slot_t key,
  *
  * \retval #PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_export_public_key_t)(psa_key_slot_t key,
-                                                uint8_t *p_data,
-                                                size_t data_size,
-                                                size_t *p_data_length);
+typedef psa_status_t (*psa_drv_export_public_key_t)(psa_key_slot_t key,
+                                                    uint8_t *p_data,
+                                                    size_t data_size,
+                                                    size_t *p_data_length);
 
 /**
  * \brief A struct containing all of the function pointers needed to for key
@@ -1622,15 +1622,15 @@ typedef psa_status_t (*pcd_export_public_key_t)(psa_key_slot_t key,
  *
  * If one of the functions is not implemented, it should be set to NULL.
  */
-struct pcd_key_management_t {
+struct psa_drv_key_management_t {
     /** Function that performs the key import operation */
-    pcd_opaque_import_key_t *p_import;
+    psa_drv_opaque_import_key_t *p_import;
     /** Function that performs the key destroy operation */
-    pcd_destroy_key_t       *p_destroy;
+    psa_drv_destroy_key_t       *p_destroy;
     /** Function that performs the key export operation */
-    pcd_export_key_t        *p_export;
+    psa_drv_export_key_t        *p_export;
     /** Function that perforsm the public key export operation */
-    pcd_export_public_key_t *p_export_public;
+    psa_drv_export_public_key_t *p_export_public;
 };
 
 /**@}*/
@@ -1646,40 +1646,40 @@ struct pcd_key_management_t {
  * for both of the flows.
  *
  * There are two different final functions for the flows,
- * `pcd_key_derivation_derive` and `pcd_key_derivation_export`.
- * `pcd_key_derivation_derive` is used when the key material should be placed
+ * `psa_drv_key_derivation_derive` and `psa_drv_key_derivation_export`.
+ * `psa_drv_key_derivation_derive` is used when the key material should be placed
  * in a slot on the hardware and not exposed to the caller.
- * `pcd_key_derivation_export` is used when the key material should be returned
+ * `psa_drv_key_derivation_export` is used when the key material should be returned
  * to the PSA Cryptographic API implementation.
  *
  * Different key derivation algorithms require a different number of inputs.
  * Instead of having an API that takes as input variable length arrays, which
  * can be problemmatic to manage on embedded platforms, the inputs are passed
- * to the driver via a function, `pcd_key_derivation_collateral`, that is
+ * to the driver via a function, `psa_drv_key_derivation_collateral`, that is
  * called multiple times with different `collateral_id`s. Thus, for a key
  * derivation algorithm that required 3 paramter inputs, the flow would look
  * something like:
  * ~~~~~~~~~~~~~{.c}
- * pcd_key_derivation_setup(kdf_algorithm, source_key, dest_key_size_bytes);
- * pcd_key_derivation_collateral(kdf_algorithm_collateral_id_0,
- *                               p_collateral_0,
- *                               collateral_0_size);
- * pcd_key_derivation_collateral(kdf_algorithm_collateral_id_1,
- *                               p_collateral_1,
- *                               collateral_1_size);
- * pcd_key_derivation_collateral(kdf_algorithm_collateral_id_2,
- *                               p_collateral_2,
- *                               collateral_2_size);
- * pcd_key_derivation_derive();
+ * psa_drv_key_derivation_setup(kdf_algorithm, source_key, dest_key_size_bytes);
+ * psa_drv_key_derivation_collateral(kdf_algorithm_collateral_id_0,
+ *                                   p_collateral_0,
+ *                                   collateral_0_size);
+ * psa_drv_key_derivation_collateral(kdf_algorithm_collateral_id_1,
+ *                                   p_collateral_1,
+ *                                   collateral_1_size);
+ * psa_drv_key_derivation_collateral(kdf_algorithm_collateral_id_2,
+ *                                   p_collateral_2,
+ *                                   collateral_2_size);
+ * psa_drv_key_derivation_derive();
  * ~~~~~~~~~~~~~
  *
  * key agreement example:
  * ~~~~~~~~~~~~~{.c}
- * pcd_key_derivation_setup(alg, source_key. dest_key_size_bytes);
- * pcd_key_derivation_collateral(DHE_PUBKEY, p_pubkey, pubkey_size);
- * pcd_key_derivation_export(p_session_key,
- *                           session_key_size,
- *                           &session_key_length);
+ * psa_drv_key_derivation_setup(alg, source_key. dest_key_size_bytes);
+ * psa_drv_key_derivation_collateral(DHE_PUBKEY, p_pubkey, pubkey_size);
+ * psa_drv_key_derivation_export(p_session_key,
+ *                               session_key_size,
+ *                               &session_key_length);
  * ~~~~~~~~~~~~~
  */
 /**@{*/
@@ -1689,7 +1689,7 @@ struct pcd_key_management_t {
  * The contents of this structure are implementation dependent and are
  * therefore not described here
  */
-typedef struct pcd_key_derivation_context_s pcd_key_derivation_context_t;
+typedef struct psa_drv_key_derivation_context_s psa_drv_key_derivation_context_t;
 
 /** \brief Set up a key derivation operation by specifying the algorithm and
  * the source key sot
@@ -1702,9 +1702,9 @@ typedef struct pcd_key_derivation_context_s pcd_key_derivation_context_t;
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_key_derivation_setup_t)(pcd_key_derivation_context_t *p_context,
-                                                   psa_algorithm_t kdf_alg,
-                                                   psa_key_slot_t source_key);
+typedef psa_status_t (*psa_drv_key_derivation_setup_t)(psa_drv_key_derivation_context_t *p_context,
+                                                       psa_algorithm_t kdf_alg,
+                                                       psa_key_slot_t source_key);
 
 /** \brief Provide collateral (parameters) needed for a key derivation or key
  * agreement operation
@@ -1721,10 +1721,10 @@ typedef psa_status_t (*pcd_key_derivation_setup_t)(pcd_key_derivation_context_t
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_key_derivation_collateral_t)(pcd_key_derivation_context_t *p_context,
-                                                         uint32_t collateral_id,
-                                                         const uint8_t *p_collateral,
-                                                         size_t collateral_size);
+typedef psa_status_t (*psa_drv_key_derivation_collateral_t)(psa_drv_key_derivation_context_t *p_context,
+                                                            uint32_t collateral_id,
+                                                            const uint8_t *p_collateral,
+                                                            size_t collateral_size);
 
 /** \brief Perform the final key derivation step and place the generated key
  * material in a slot
@@ -1735,8 +1735,8 @@ typedef psa_status_t (*pcd_key_derivation_collateral_t)(pcd_key_derivation_conte
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_key_derivation_derive_t)(pcd_key_derivation_context_t *p_context,
-                                                    psa_key_slot_t dest_key);
+typedef psa_status_t (*psa_drv_key_derivation_derive_t)(psa_drv_key_derivation_context_t *p_context,
+                                                        psa_key_slot_t dest_key);
 
 /** \brief Perform the final step of a key agreement and place the generated
  * key material in a buffer
@@ -1749,9 +1749,9 @@ typedef psa_status_t (*pcd_key_derivation_derive_t)(pcd_key_derivation_context_t
  *
  * \retval PSA_SUCCESS
  */
-typedef psa_status_t (*pcd_key_derivation_export_t)(uint8_t *p_output,
-                                                    size_t output_size,
-                                                    size_t *p_output_length);
+typedef psa_status_t (*psa_drv_key_derivation_export_t)(uint8_t *p_output,
+                                                        size_t output_size,
+                                                        size_t *p_output_length);
 
 /**
  * \brief A struct containing all of the function pointers needed to for key
@@ -1762,16 +1762,16 @@ typedef psa_status_t (*pcd_key_derivation_export_t)(uint8_t *p_output,
  *
  * If one of the functions is not implemented, it should be set to NULL.
  */
-struct pcd_key_derivation_t {
+struct psa_drv_key_derivation_t {
     /** Function that performs the key derivation setup */
-    pcd_key_derivation_setup_t      *p_setup;
+    psa_drv_key_derivation_setup_t      *p_setup;
     /** Function that sets the key derivation collateral */
-    pcd_key_derivation_collateral_t *p_collateral;
+    psa_drv_key_derivation_collateral_t *p_collateral;
     /** Function that performs the final key derivation step */
-    pcd_key_derivation_derive_t     *p_derive;
+    psa_drv_key_derivation_derive_t     *p_derive;
     /** Function that perforsm the final key derivation or agreement and
      * exports the key */
-    pcd_key_derivation_export_t     *p_export;
+    psa_drv_key_derivation_export_t     *p_export;
 };
 
 /**@}*/

From 7632f628d7b336c51a6fd396fc088630f1babea0 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Fri, 26 Oct 2018 11:26:45 +0100
Subject: [PATCH 561/889] psa: driver: Prefix "encrypt or decrypt" type

The driver model's "encrypt or decrypt" type, encrypt_or_decrypt_t, is
publicly exposed and needs to have a `psa_` prefix in order to properly
communicate that it is part of the PSA driver model.
---
 include/psa/crypto_driver.h | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h
index 9acd33066..25cbf3ed4 100644
--- a/include/psa/crypto_driver.h
+++ b/include/psa/crypto_driver.h
@@ -37,7 +37,7 @@
  */
 typedef uint32_t psa_status_t;
 typedef uint32_t psa_algorithm_t;
-typedef uint8_t encrypt_or_decrypt_t;
+typedef uint8_t psa_encrypt_or_decrypt_t;
 typedef uint32_t psa_key_slot_t;
 typedef uint32_t psa_key_type_t;
 typedef uint32_t psa_key_usage_t;
@@ -477,7 +477,7 @@ typedef psa_status_t (*psa_drv_mac_transparent_verify_t)(const uint8_t *p_input,
 typedef psa_status_t (*psa_drv_cipher_opaque_setup_t)(void *p_context,
                                                       psa_key_slot_t key_slot,
                                                       psa_algorithm_t algorithm,
-                                                      encrypt_or_decrypt_t direction);
+                                                      psa_encrypt_or_decrypt_t direction);
 
 /** \brief A function pointer that sets the initialization vector (if
  * necessary) for an opaque cipher operation
@@ -574,7 +574,7 @@ typedef psa_status_t (*psa_drv_cipher_opaque_abort_t)(void *p_context);
  */
 typedef psa_status_t (*psa_drv_cipher_opaque_ecb_t)(psa_key_slot_t key_slot,
                                                     psa_algorithm_t algorithm,
-                                                    encrypt_or_decrypt_t direction,
+                                                    psa_encrypt_or_decrypt_t direction,
                                                     const uint8_t *p_input,
                                                     size_t input_size,
                                                     uint8_t *p_output,
@@ -664,7 +664,7 @@ typedef struct psa_drv_cipher_transparent_context_s psa_drv_cipher_transparent_c
  * \retval PSA_SUCCESS
  */
 typedef psa_status_t (*psa_drv_cipher_transparent_setup_t)(psa_drv_cipher_transparent_context_t *p_context,
-                                                           encrypt_or_decrypt_t direction,
+                                                           psa_encrypt_or_decrypt_t direction,
                                                            const uint8_t *p_key_data,
                                                            size_t key_data_size);
 

From 4155850dd9283acfde4124c669042ed54c019631 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Fri, 26 Oct 2018 11:44:33 +0100
Subject: [PATCH 562/889] psa: driver: Use header guard style consistently

The file crypto_driver.h was not using the header guard style as other PSA
Crypto header files. Remove the `__` prefix and suffix. Use C-style
comments for the end-of-guard comment.
---
 include/psa/crypto_driver.h | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h
index 25cbf3ed4..006453151 100644
--- a/include/psa/crypto_driver.h
+++ b/include/psa/crypto_driver.h
@@ -25,8 +25,8 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-#ifndef __PSA_CRYPTO_DRIVER_H__
-#define __PSA_CRYPTO_DRIVER_H__
+#ifndef PSA_CRYPTO_DRIVER_H
+#define PSA_CRYPTO_DRIVER_H
 
 #include <stddef.h>
 #include <stdint.h>
@@ -1776,4 +1776,4 @@ struct psa_drv_key_derivation_t {
 
 /**@}*/
 
-#endif // __PSA_CRYPTO_DRIVER_H__
+#endif /* PSA_CRYPTO_DRIVER_H */

From 20b8a4f2ffb9d794b517ad69a971515e68307c08 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Fri, 26 Oct 2018 11:57:26 +0100
Subject: [PATCH 563/889] psa: driver: Convert struct types to typedefs

Convert PSA Crypto driver model structs to typedefs so that the `struct`
name doesn't need to be used and for consistent style with other PSA
structures.
---
 include/psa/crypto_driver.h | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h
index 006453151..f6fe04835 100644
--- a/include/psa/crypto_driver.h
+++ b/include/psa/crypto_driver.h
@@ -207,7 +207,7 @@ typedef psa_status_t (*psa_drv_mac_opaque_verify_t)(const uint8_t *p_input,
  * `p_update` and at least one of `p_finish` or `p_finish_verify`).
  *
  */
-struct psa_drv_mac_opaque_t {
+typedef struct {
     /**The size in bytes of the hardware-specific Opaque-MAC Context structure
     */
     size_t                              context_size;
@@ -232,7 +232,7 @@ struct psa_drv_mac_opaque_t {
     /** Function that performs the MAC and verify operation in one call
      */
     psa_drv_mac_opaque_verify_t         *p_mac_verify;
-};
+} psa_drv_mac_opaque_t;
 /**@}*/
 
 /** \defgroup transparent_mac Transparent Message Authentication Code
@@ -590,7 +590,7 @@ typedef psa_status_t (*psa_drv_cipher_opaque_ecb_t)(psa_key_slot_t key_slot,
  * If one of the functions is not implemented (such as
  * `psa_drv_cipher_opaque_ecb_t`), it should be set to NULL.
  */
-struct psa_drv_cipher_opaque_t {
+typedef struct {
     /** The size in bytes of the hardware-specific Opaque Cipher context
      * structure
      */
@@ -610,7 +610,7 @@ struct psa_drv_cipher_opaque_t {
      * Crypto Client API)
      */
     psa_drv_cipher_opaque_ecb_t    *p_ecb;
-};
+} psa_drv_cipher_opaque_t;
 
 /**@}*/
 
@@ -1016,7 +1016,7 @@ typedef psa_status_t (*psa_drv_asymmetric_opaque_decrypt_t)(psa_key_slot_t key_s
  *
  * If one of the functions is not implemented, it should be set to NULL.
  */
-struct psa_drv_asymmetric_opaque_t {
+typedef struct {
     /** Function that performs the asymmetric sign operation */
     psa_drv_asymmetric_opaque_sign_t    *p_sign;
     /** Function that performs the asymmetric verify operation */
@@ -1025,7 +1025,7 @@ struct psa_drv_asymmetric_opaque_t {
     psa_drv_asymmetric_opaque_encrypt_t *p_encrypt;
     /** Function that performs the asymmetric decrypt operation */
     psa_drv_asymmetric_opaque_decrypt_t *p_decrypt;
-};
+} psa_drv_asymmetric_opaque_t;
 
 /**@}*/
 
@@ -1298,12 +1298,12 @@ typedef psa_status_t (*psa_drv_aead_opaque_decrypt_t)(psa_key_slot_t key_slot,
  *
  * If one of the functions is not implemented, it should be set to NULL.
  */
-struct psa_drv_aead_opaque_t {
+typedef struct {
     /** Function that performs the AEAD encrypt operation */
     psa_drv_aead_opaque_encrypt_t *p_encrypt;
     /** Function that performs the AEAD decrypt operation */
     psa_drv_aead_opaque_decrypt_t *p_decrypt;
-};
+} psa_drv_aead_opaque_t;
 /**@}*/
 
 /** \defgroup aead_transparent AEAD Transparent
@@ -1483,13 +1483,13 @@ typedef psa_status_t (*psa_drv_entropy_get_bits_t)(psa_drv_entropy_context_t *p_
  *
  * If one of the functions is not implemented, it should be set to NULL.
  */
-struct psa_drv_entropy_t {
+typedef struct {
     /** Function that performs initialization for the entropy source */
     psa_drv_entropy_init_t *p_init;
     /** Function that performs the get_bits operation for the entropy source
     */
     psa_drv_entropy_get_bits_t *p_get_bits;
-};
+} psa_drv_entropy_t;
 /**@}*/
 
 /** \defgroup driver_key_management Key Management
@@ -1622,7 +1622,7 @@ typedef psa_status_t (*psa_drv_export_public_key_t)(psa_key_slot_t key,
  *
  * If one of the functions is not implemented, it should be set to NULL.
  */
-struct psa_drv_key_management_t {
+typedef struct {
     /** Function that performs the key import operation */
     psa_drv_opaque_import_key_t *p_import;
     /** Function that performs the key destroy operation */
@@ -1631,7 +1631,7 @@ struct psa_drv_key_management_t {
     psa_drv_export_key_t        *p_export;
     /** Function that perforsm the public key export operation */
     psa_drv_export_public_key_t *p_export_public;
-};
+} psa_drv_key_management_t;
 
 /**@}*/
 
@@ -1762,7 +1762,7 @@ typedef psa_status_t (*psa_drv_key_derivation_export_t)(uint8_t *p_output,
  *
  * If one of the functions is not implemented, it should be set to NULL.
  */
-struct psa_drv_key_derivation_t {
+typedef struct {
     /** Function that performs the key derivation setup */
     psa_drv_key_derivation_setup_t      *p_setup;
     /** Function that sets the key derivation collateral */
@@ -1772,7 +1772,7 @@ struct psa_drv_key_derivation_t {
     /** Function that perforsm the final key derivation or agreement and
      * exports the key */
     psa_drv_key_derivation_export_t     *p_export;
-};
+} psa_drv_key_derivation_t;
 
 /**@}*/
 

From 9411db74c4917490ff02eebf298b70cbcba6d918 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Fri, 26 Oct 2018 11:59:58 +0100
Subject: [PATCH 564/889] psa: driver: Wrap types and symbols for C/C++ use

Add extern "C" wrappers around type and function declarations to enable C++
interoperability of the driver header. This is done so that the driver
functions and types can be used or implmented by C++ code.
---
 include/psa/crypto_driver.h | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h
index f6fe04835..b2e3a1d5f 100644
--- a/include/psa/crypto_driver.h
+++ b/include/psa/crypto_driver.h
@@ -31,6 +31,10 @@
 #include <stddef.h>
 #include <stdint.h>
 
+#ifdef __cplusplus
+extern "C" {
+#endif
+
 /** The following types are redefinitions from the psa/crypto.h file.
  * It is intended that these will be moved to a new common header file to
  * avoid duplication. They are included here for expediency in publication.
@@ -1776,4 +1780,8 @@ typedef struct {
 
 /**@}*/
 
+#ifdef __cplusplus
+}
+#endif
+
 #endif /* PSA_CRYPTO_DRIVER_H */

From f015feced9973c96fa7616970e7136662783400f Mon Sep 17 00:00:00 2001
From: "Derek D. Miller" <derek.miller@arm.com>
Date: Fri, 26 Oct 2018 10:56:11 -0500
Subject: [PATCH 565/889] Some changes from 'pcd_' to 'psa_drv_' were missed

In the comments, some of the changes from `pcd_` to `psa_drv_` omitted the `_drv_` part.
Changed them to be consistent
---
 include/psa/crypto_driver.h | 38 ++++++++++++++++++-------------------
 1 file changed, 19 insertions(+), 19 deletions(-)

diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h
index b2e3a1d5f..a52ecc427 100644
--- a/include/psa/crypto_driver.h
+++ b/include/psa/crypto_driver.h
@@ -52,16 +52,16 @@ typedef uint32_t psa_key_usage_t;
 /** \defgroup opaque_mac Opaque Message Authentication Code
  * Generation and authentication of Message Authentication Codes (MACs) using
  * opaque keys can be done either as a single function call (via the
- * `psa_drv_mac_opaque_generate_t` or `psa_mac_opaque_verify_t` functions), or in
+ * `psa_drv_mac_opaque_generate_t` or `psa_drv_mac_opaque_verify_t` functions), or in
  * parts using the following sequence:
- * - `psa_mac_opaque_setup_t`
- * - `psa_mac_opaque_update_t`
- * - `psa_mac_opaque_update_t`
+ * - `psa_drv_mac_opaque_setup_t`
+ * - `psa_drv_mac_opaque_update_t`
+ * - `psa_drv_mac_opaque_update_t`
  * - ...
- * - `psa_mac_opaque_finish_t` or `psa_mac_opaque_finish_verify_t`
+ * - `psa_drv_mac_opaque_finish_t` or `psa_drv_mac_opaque_finish_verify_t`
  *
  * If a previously started Opaque MAC operation needs to be terminated, it
- * should be done so by the `psa_mac_opaque_abort_t`. Failure to do so may
+ * should be done so by the `psa_drv_mac_opaque_abort_t`. Failure to do so may
  * result in allocated resources not being freed or in other undefined
  * behavior.
  */
@@ -242,16 +242,16 @@ typedef struct {
 /** \defgroup transparent_mac Transparent Message Authentication Code
  * Generation and authentication of Message Authentication Codes (MACs) using
  * transparent keys can be done either as a single function call (via the
- * `psa_drv_mac_transparent_generate_t` or `psa_mac_transparent_verify_t`
+ * `psa_drv_mac_transparent_generate_t` or `psa_drv_mac_transparent_verify_t`
  * functions), or in parts using the following sequence:
- * - `psa_mac_transparent_setup_t`
- * - `psa_mac_transparent_update_t`
- * - `psa_mac_transparent_update_t`
+ * - `psa_drv_mac_transparent_setup_t`
+ * - `psa_drv_mac_transparent_update_t`
+ * - `psa_drv_mac_transparent_update_t`
  * - ...
- * - `psa_mac_transparent_finish_t` or `psa_mac_transparent_finish_verify_t`
+ * - `psa_drv_mac_transparent_finish_t` or `psa_drv_mac_transparent_finish_verify_t`
  *
  * If a previously started Transparent MAC operation needs to be terminated, it
- * should be done so by the `psa_mac_transparent_abort_t`. Failure to do so may
+ * should be done so by the `psa_drv_mac_transparent_abort_t`. Failure to do so may
  * result in allocated resources not being freed or in other undefined
  * behavior.
  *
@@ -452,7 +452,7 @@ typedef psa_status_t (*psa_drv_mac_transparent_verify_t)(const uint8_t *p_input,
  * - `psa_drv_cipher_opaque_finish_t`
 
  * If a previously started Opaque Cipher operation needs to be terminated, it
- * should be done so by the `psa_cipher_opaque_abort_t`. Failure to do so may
+ * should be done so by the `psa_drv_cipher_opaque_abort_t`. Failure to do so may
  * result in allocated resources not being freed or in other undefined
  * behavior.
  *
@@ -628,7 +628,7 @@ typedef struct {
  * - `psa_drv_cipher_transparent_finish_t`
 
  * If a previously started Transparent Cipher operation needs to be terminated,
- * it should be done so by the `psa_cipher_transparent_abort_t`. Failure to do
+ * it should be done so by the `psa_drv_cipher_transparent_abort_t`. Failure to do
  * so may result in allocated resources not being freed or in other undefined
  * behavior.
  */
@@ -778,14 +778,14 @@ typedef psa_status_t (*psa_drv_cipher_transparent_abort_t)(psa_drv_cipher_transp
  *
  * Generation and authentication of Message Digests (aka hashes) must be done
  * in parts using the following sequence:
- * - `psa_hash_setup_t`
- * - `psa_hash_update_t`
+ * - `psa_drv_hash_setup_t`
+ * - `psa_drv_hash_update_t`
  * - ...
- * - `psa_hash_finish_t`
+ * - `psa_drv_hash_finish_t`
  *
  * If a previously started Message Digest operation needs to be terminated
- * before the `psa_hash_finish_t` operation is complete, it should be aborted
- * by the `psa_hash_abort_t`. Failure to do so may result in allocated
+ * before the `psa_drv_hash_finish_t` operation is complete, it should be aborted
+ * by the `psa_drv_hash_abort_t`. Failure to do so may result in allocated
  * resources not being freed or in other undefined behavior.
  */
 /**@{*/

From 49c25919169b4780059ed8f974a16dba72e7c6eb Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 29 Oct 2018 15:15:31 +0100
Subject: [PATCH 566/889] Improve export_public_key test function

In the test function for export_public_key, don't just check the
length of the result. Compare the actual result to the expected
result.

Take an extra argument that allows using an export buffer that's
larger or smaller than needed. Zero is the size given by
PSA_KEY_EXPORT_MAX_SIZE.

Don't check the output of psa_get_key_information. That's useful in
import_export because it tests both import and export, but not in
import_export_public_key whose goal is only to test public key export.

This commit adjusts the existing test data but does not add new test
cases.
---
 tests/suites/test_suite_psa_crypto.data     |  6 ++--
 tests/suites/test_suite_psa_crypto.function | 40 ++++++---------------
 2 files changed, 13 insertions(+), 33 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 871a511b2..f8bf77427 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -109,15 +109,15 @@ import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1
 
 PSA import/export-public RSA public key: good, 1024-bit
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS
+import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
 
 PSA import/export-public RSA keypair: good, 1024-bit
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1024:162:PSA_SUCCESS
+import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
 
 PSA import/export-public: cannot export-public a symmetric key
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:128:0:PSA_ERROR_INVALID_ARGUMENT
+import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT:""
 
 PSA import/export EC secp256r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 63d837fdc..99e95562b 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1039,9 +1039,9 @@ exit:
 void import_export_public_key( data_t *data,
                                int type_arg,
                                int alg_arg,
-                               int expected_bits,
-                               int public_key_expected_length,
-                               int expected_export_status_arg )
+                               int export_size_delta,
+                               int expected_export_status_arg,
+                               data_t *expected_public_key )
 {
     int slot = 1;
     psa_key_type_t type = type_arg;
@@ -1049,17 +1049,10 @@ void import_export_public_key( data_t *data,
     psa_status_t expected_export_status = expected_export_status_arg;
     psa_status_t status;
     unsigned char *exported = NULL;
-    size_t export_size;
+    size_t export_size = expected_public_key->len + export_size_delta;
     size_t exported_length = INVALID_EXPORT_LENGTH;
-    psa_key_type_t got_type;
-    size_t got_bits;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( data != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
-    export_size = (ptrdiff_t) data->len;
-    ASSERT_ALLOC( exported, export_size );
-
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
@@ -1070,32 +1063,19 @@ void import_export_public_key( data_t *data,
     TEST_ASSERT( psa_import_key( slot, type,
                                  data->x, data->len ) == PSA_SUCCESS );
 
-    /* Test the key information */
-    TEST_ASSERT( psa_get_key_information( slot,
-                                          &got_type,
-                                          &got_bits ) == PSA_SUCCESS );
-    TEST_ASSERT( got_type == type );
-    TEST_ASSERT( got_bits == (size_t) expected_bits );
-
-    /* Export the key */
+    /* Export the public key */
+    ASSERT_ALLOC( exported, export_size );
     status = psa_export_public_key( slot,
                                     exported, export_size,
                                     &exported_length );
     TEST_ASSERT( status == expected_export_status );
-    TEST_ASSERT( exported_length == (size_t) public_key_expected_length );
-    TEST_ASSERT( mem_is_char( exported + exported_length, 0,
-                              export_size - exported_length ) );
-    if( status != PSA_SUCCESS )
-        goto destroy;
-
-destroy:
-    /* Destroy the key */
-    TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_get_key_information(
-                     slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
+    if( status == PSA_SUCCESS )
+        ASSERT_COMPARE( expected_public_key->x, expected_public_key->len,
+                        exported, exported_length );
 
 exit:
     mbedtls_free( exported );
+    psa_destroy_key( slot );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */

From d8b7d4f87e3d157351718ffe2917720cccac4e65 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 29 Oct 2018 15:18:41 +0100
Subject: [PATCH 567/889] In export tests, also test PSA_KEY_EXPORT_MAX_SIZE

When testing psa_export_key or psa_export_public_key, test that the
expected result fits in the size given by PSA_KEY_EXPORT_MAX_SIZE.
---
 tests/suites/test_suite_psa_crypto.function | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 99e95562b..139a62f64 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1021,6 +1021,7 @@ void import_export( data_t *data,
         ASSERT_COMPARE( exported, exported_length,
                         reexported, reexported_length );
     }
+    TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, got_bits ) );
 
 destroy:
     /* Destroy the key */
@@ -1070,8 +1071,16 @@ void import_export_public_key( data_t *data,
                                     &exported_length );
     TEST_ASSERT( status == expected_export_status );
     if( status == PSA_SUCCESS )
+    {
+        psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type );
+        size_t bits;
+        TEST_ASSERT( psa_get_key_information( slot, NULL, &bits ) ==
+                     PSA_SUCCESS );
+        TEST_ASSERT( expected_public_key->len <=
+                     PSA_KEY_EXPORT_MAX_SIZE( public_type, bits ) );
         ASSERT_COMPARE( expected_public_key->x, expected_public_key->len,
                         exported, exported_length );
+    }
 
 exit:
     mbedtls_free( exported );

From 1010628a9978a4634a723c4cbcac5d757e6812dc Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 29 Oct 2018 15:55:17 +0100
Subject: [PATCH 568/889] Add some key pair and public key export tests

Add buffer-too-small tests for export_public_key.

Add some good cases of export and export-public with EC keys.
---
 tests/suites/test_suite_psa_crypto.data | 60 ++++++++++++++++++++++++-
 1 file changed, 58 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index f8bf77427..2660f3018 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -115,18 +115,74 @@ PSA import/export-public RSA keypair: good, 1024-bit
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
 
-PSA import/export-public: cannot export-public a symmetric key
+PSA import/export-public RSA public key: buffer too small
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT:""
+import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+PSA import/export-public RSA keypair: buffer too small
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
+
+PSA import/export EC secp224r1: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED
+import_export:"3068020101041c6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742a00706052b81040021a13c033a00041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:224:0:PSA_SUCCESS:1
+
+PSA import/export-public EC secp224r1: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED
+import_export_public_key:"3068020101041c6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742a00706052b81040021a13c033a00041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"304e301006072a8648ce3d020106052b81040021033a00041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7"
 
 PSA import/export EC secp256r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
 
+PSA import/export-public EC secp256r1: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+import_export_public_key:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"3059301306072a8648ce3d020106082a8648ce3d030107034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+
 PSA import/export EC secp384r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1
 
+PSA import/export-public EC secp384r1: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+import_export_public_key:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"3076301006072a8648ce3d020106052b8104002203620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+
+PSA import/export EC secp521r1: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+import_export:"3081dc020101044201b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aaea00706052b81040023a181890381860004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:521:0:PSA_SUCCESS:1
+
+PSA import/export-public EC secp521r1: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
+import_export_public_key:"3081dc020101044201b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aaea00706052b81040023a181890381860004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"30819b301006072a8648ce3d020106052b810400230381860004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+
+PSA import/export EC brainpool256r1: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
+import_export:"307802010104202161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ffa00b06092b2403030208010107a14403420004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
+
+PSA import/export-public EC brainpool256r1: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
+import_export_public_key:"307802010104202161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ffa00b06092b2403030208010107a14403420004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"305a301406072a8648ce3d020106092b240303020801010703420004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+
+PSA import/export EC brainpool384r1: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED
+import_export:"3081a802010104303dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcba00b06092b240303020801010ba16403620004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1
+
+PSA import/export-public EC brainpool384r1: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED
+import_export_public_key:"3081a802010104303dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcba00b06092b240303020801010ba16403620004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"307a301406072a8648ce3d020106092b240303020801010b03620004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+
+PSA import/export EC brainpool512r1: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
+import_export:"3081da0201010440372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2a00b06092b240303020801010da18185038182000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:512:0:PSA_SUCCESS:1
+
+PSA import/export-public EC brainpool512r1: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
+import_export_public_key:"3081da0201010440372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2a00b06092b240303020801010da18185038182000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"30819b301406072a8648ce3d020106092b240303020801010d038182000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+
+PSA import/export-public: cannot export-public a symmetric key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT:""
+
 PSA import/export AES key: policy forbids export
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
 import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:128:0:PSA_ERROR_NOT_PERMITTED:1

From e783d34543e7a95b0f26dd6fc3f7897426ca233f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 29 Oct 2018 19:16:53 +0100
Subject: [PATCH 569/889] Private EC key format: change test data to raw
 private keys

In preparation for the import/export format change for private
elliptic curve keys from RFC 5915 to the raw secret value, transform the
test data to the new format.

Tests will not pass until the implementation has been changed to the
new format and some test cases and test functions have been adjusted.

I used the script below to look for lines containing a
PSA_KEY_TYPE_ECC_KEYPAIR and change the first hex string in the
line with an ASN.1 header that looks like the beginning of an RFC 5915
ECPrivateKey. This always happens to be a private key input.

perl -a -F: -i -pe 'sub pad { local ($_) = @_; s/^00// if length == $digits + 2; die if length > $digits; sprintf("\"%0${digits}s\"", $_) } if ($F[0] !~ /\W/ && /:PSA_KEY_TYPE_ECC_KEYPAIR\( *PSA_ECC_CURVE_[A-Z_]+([0-9]+)/) {$digits = int(($1+7)/8)*2; s/"30(?:[0-7].|81..|82....)02010104(..)([0-9a-f]+)"/pad(substr($2, 0, hex($1)*2))/ie}' tests/suites/test_suite_psa_crypto.data
---
 tests/suites/test_suite_psa_crypto.data | 48 ++++++++++++-------------
 1 file changed, 24 insertions(+), 24 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 2660f3018..973597535 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -125,59 +125,59 @@ import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5
 
 PSA import/export EC secp224r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED
-import_export:"3068020101041c6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742a00706052b81040021a13c033a00041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:224:0:PSA_SUCCESS:1
+import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:224:0:PSA_SUCCESS:1
 
 PSA import/export-public EC secp224r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED
-import_export_public_key:"3068020101041c6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742a00706052b81040021a13c033a00041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"304e301006072a8648ce3d020106052b81040021033a00041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7"
+import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"304e301006072a8648ce3d020106052b81040021033a00041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7"
 
 PSA import/export EC secp256r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_export:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
+import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
 
 PSA import/export-public EC secp256r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-import_export_public_key:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"3059301306072a8648ce3d020106082a8648ce3d030107034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
+import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"3059301306072a8648ce3d020106082a8648ce3d030107034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
 
 PSA import/export EC secp384r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-import_export:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1
+import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1
 
 PSA import/export-public EC secp384r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-import_export_public_key:"3081a402010104303f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76aa00706052b81040022a16403620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"3076301006072a8648ce3d020106052b8104002203620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
+import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"3076301006072a8648ce3d020106052b8104002203620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
 
 PSA import/export EC secp521r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-import_export:"3081dc020101044201b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aaea00706052b81040023a181890381860004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:521:0:PSA_SUCCESS:1
+import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:521:0:PSA_SUCCESS:1
 
 PSA import/export-public EC secp521r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
-import_export_public_key:"3081dc020101044201b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aaea00706052b81040023a181890381860004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"30819b301006072a8648ce3d020106052b810400230381860004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
+import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"30819b301006072a8648ce3d020106052b810400230381860004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
 
 PSA import/export EC brainpool256r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
-import_export:"307802010104202161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ffa00b06092b2403030208010107a14403420004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
+import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
 
 PSA import/export-public EC brainpool256r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
-import_export_public_key:"307802010104202161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ffa00b06092b2403030208010107a14403420004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"305a301406072a8648ce3d020106092b240303020801010703420004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
+import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"305a301406072a8648ce3d020106092b240303020801010703420004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
 
 PSA import/export EC brainpool384r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED
-import_export:"3081a802010104303dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcba00b06092b240303020801010ba16403620004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1
+import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1
 
 PSA import/export-public EC brainpool384r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED
-import_export_public_key:"3081a802010104303dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcba00b06092b240303020801010ba16403620004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"307a301406072a8648ce3d020106092b240303020801010b03620004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
+import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"307a301406072a8648ce3d020106092b240303020801010b03620004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
 
 PSA import/export EC brainpool512r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
-import_export:"3081da0201010440372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2a00b06092b240303020801010da18185038182000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:512:0:PSA_SUCCESS:1
+import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:512:0:PSA_SUCCESS:1
 
 PSA import/export-public EC brainpool512r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
-import_export_public_key:"3081da0201010440372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2a00b06092b240303020801010da18185038182000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"30819b301406072a8648ce3d020106092b240303020801010d038182000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
+import_export_public_key:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"30819b301406072a8648ce3d020106092b240303020801010d038182000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a"
 
 PSA import/export-public: cannot export-public a symmetric key
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
@@ -211,11 +211,11 @@ import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa24
 
 PSA import EC keypair secp384r1: valid key but wrong curve (secp256r1)
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT
+import:"0000000000000000000000000000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT
 
 PSA import EC keypair brainpool384r1: valid key but wrong curve (secp384r1)
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ERROR_INVALID_ARGUMENT
+import:"0000000000000000000000000000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ERROR_INVALID_ARGUMENT
 
 PSA import EC keypair: public key
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
@@ -979,11 +979,11 @@ import_and_exercise_key:"30819f300d06092a864886f70d010101050003818d0030818902818
 
 PSA import/exercise: ECP SECP256R1 keypair, ECDSA
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-import_and_exercise_key:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDSA_ANY
+import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDSA_ANY
 
 PSA import/exercise: ECP SECP256R1 keypair, deterministic ECDSA
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
-import_and_exercise_key:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 )
+import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 )
 
 PSA sign: RSA PKCS#1 v1.5, raw
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
@@ -995,7 +995,7 @@ sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84
 
 PSA sign: deterministic ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+sign_deterministic:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
 PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
@@ -1011,11 +1011,11 @@ sign_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5
 
 PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL
 
 PSA sign: deterministic ECDSA SECP256R1, invalid hash
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
-sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
 
 PSA sign/verify: RSA PKCS#1 v1.5, raw
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
@@ -1039,11 +1039,11 @@ sign_verify:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdb
 
 PSA sign/verify: randomized ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
+sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
 
 PSA sign/verify: deterministic ECDSA SECP256R1 SHA-256
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
+sign_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
 
 PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA256_C
@@ -1079,7 +1079,7 @@ asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"30593013
 
 PSA verify with keypair: ECDSA SECP256R1, good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
-asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
+asymmetric_verify:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
 
 PSA verify: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded)
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C

From 5b802a366a0fc114092894a89b8945e3f353be12 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 29 Oct 2018 19:21:41 +0100
Subject: [PATCH 570/889] Private EC key format: remove ASN.1-based sanity
 checks

In preparation for the import/export format change for private
elliptic curve keys from RFC 5915 to the raw secret value,
remove ASN.1-based sanity checks. For the raw secret value, most byte
strings of the correct length are valid (the details depend on the
curve), so as a sanity check, just check the length.
---
 tests/suites/test_suite_psa_crypto.function | 39 ++-------------------
 1 file changed, 3 insertions(+), 36 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 139a62f64..73f03b5c3 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -564,42 +564,9 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits,
 #if defined(MBEDTLS_ECP_C)
     if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) )
     {
-        uint8_t *p = exported;
-        uint8_t *end = exported + exported_length;
-        size_t len;
-        int version;
-        /*   ECPrivateKey ::= SEQUENCE {
-         *       version             INTEGER,  -- must be 1
-         *       privateKey          OCTET STRING,
-         *           -- `ceiling(log_{256}(n))`-byte string, big endian,
-         *           -- where n is the order of the curve.
-         *       parameters          ECParameters {{ NamedCurve }},  -- mandatory
-         *       publicKey           BIT STRING  -- mandatory
-         *   }
-         */
-        TEST_ASSERT( mbedtls_asn1_get_tag( &p, end, &len,
-                                           MBEDTLS_ASN1_SEQUENCE |
-                                           MBEDTLS_ASN1_CONSTRUCTED ) == 0 );
-        TEST_ASSERT( p + len == end );
-        TEST_ASSERT( mbedtls_asn1_get_int( &p, end, &version ) == 0 );
-        TEST_ASSERT( version == 1 );
-        TEST_ASSERT( mbedtls_asn1_get_tag( &p, end, &len,
-                                           MBEDTLS_ASN1_OCTET_STRING ) == 0 );
-        /* Bug in Mbed TLS: the length of the octet string depends on the value */
-        // TEST_ASSERT( len == PSA_BITS_TO_BYTES( bits ) );
-        p += len;
-        TEST_ASSERT( asn1_get_implicit_tag( &p, end, &len, 0,
-                                            MBEDTLS_ASN1_OID ) == 0 );
-        p += len;
-        /* publicKey: ECPoint in uncompressed representation (as below) */
-        TEST_ASSERT( asn1_get_implicit_tag( &p, end, &len, 1,
-                                            MBEDTLS_ASN1_BIT_STRING ) == 0 );
-        TEST_ASSERT( p + len == end );
-        TEST_ASSERT( p[0] == 0 ); /* 0 unused bits in the bit string */
-        ++p;
-        TEST_ASSERT( p + 1 + 2 * PSA_BITS_TO_BYTES( bits ) == end );
-        TEST_ASSERT( p[0] == 4 );
-     }
+        /* Just the secret value */
+        TEST_ASSERT( exported_length == PSA_BITS_TO_BYTES( bits ) );
+    }
     else
 #endif /* MBEDTLS_ECP_C */
 

From 991aee67cfc9971e950af75f53ac9fdae206f3f0 Mon Sep 17 00:00:00 2001
From: Mohammad AboMokh <mohammad.abomokh@arm.com>
Date: Wed, 31 Oct 2018 10:36:48 +0200
Subject: [PATCH 571/889] improve test description

---
 tests/suites/test_suite_psa_crypto.data | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index b8a770932..4db358e84 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -742,7 +742,7 @@ PSA sign: deterministic ECDSA SECP256R1, invalid hash
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
 sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
 
-PSA sign: invalid key slot type
+PSA sign: invalid key type, signing with a public key
 sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
 
 PSA sign: invalid algorithm for ECC key

From 4eda37bb9e831a8c28fa1706e08908f84e367ce7 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Wed, 31 Oct 2018 12:15:58 +0200
Subject: [PATCH 572/889] streamline test function API by removing parameter

streamline the API for the test test_derive_invalid_generator_state by removing
the key type paramter (it is assumed to always be PSA_KEY_TYPE_DERIVE)
---
 tests/suites/test_suite_psa_crypto.data     | 2 +-
 tests/suites/test_suite_psa_crypto.function | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 39ac88839..66bb175a2 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1211,7 +1211,7 @@ derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":
 
 PSA key derivation: invalid generator state ( double generate + read past capacity )
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-test_derive_invalid_generator_state:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"
+test_derive_invalid_generator_state:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"
 
 PSA key derivation:  invalid generator state ( call read/get_capacity after init and abort )
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 65bec58c3..34455fffa 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -3086,10 +3086,10 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void test_derive_invalid_generator_state( int key_type_arg, data_t *key_data)
+void test_derive_invalid_generator_state( data_t *key_data )
 {
     psa_key_slot_t base_key = 1;
-    size_t key_type = key_type_arg;
+    size_t key_type = PSA_KEY_TYPE_DERIVE;
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
     psa_algorithm_t alg = PSA_ALG_HKDF(PSA_ALG_SHA_256);
     size_t capacity = 42;

From 5078930459f6be94b9984a2518b9b26340fefe55 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Wed, 31 Oct 2018 12:16:38 +0200
Subject: [PATCH 573/889] fix whitespace issues

---
 tests/suites/test_suite_psa_crypto.function | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 34455fffa..f7a48093b 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -3141,18 +3141,18 @@ void test_derive_invalid_generator_tests( )
     size_t capacity = 0;
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
 
-    TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size)
+    TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size )
                  == PSA_ERROR_INSUFFICIENT_CAPACITY );
 
     TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity )
                  == PSA_ERROR_BAD_STATE );
 
-    TEST_ASSERT( psa_generator_abort(&generator) == PSA_SUCCESS );
+    TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size)
+    TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size )
                  == PSA_ERROR_INSUFFICIENT_CAPACITY );
 
-    TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity)
+    TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity )
                  == PSA_ERROR_BAD_STATE );
 
 exit:

From f76aa7789bc7468a8594cf5fb9e822501d54e4f9 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 29 Oct 2018 19:24:33 +0100
Subject: [PATCH 574/889] Private EC key format: change to raw secret value
 (doc, import)

Change the import/export format of private elliptic curve keys from
RFC 5915 to the raw secret value. This commit updates the format
specification and the import code, but not the export code.
---
 include/psa/crypto.h | 22 +++---------
 library/psa_crypto.c | 81 ++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 86 insertions(+), 17 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 99c4b523d..b54585a7e 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1343,23 +1343,11 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  *   }
  *   ```
  * - For elliptic curve key pairs (key types for which
- *   #PSA_KEY_TYPE_IS_ECC_KEYPAIR is true), the format is the
- *   non-encrypted DER encoding of the representation defined by RFC 5915 as
- *   `ECPrivateKey`, version 1. The `ECParameters` field must be a
- *   `namedCurve` OID as specified in RFC 5480 &sect;2.1.1.1. The public key
- *   must be present and must be an `ECPoint` in the same format
- *   (uncompressed variant) an ECC public key of the
- *   corresponding type exported with psa_export_public_key().
- *   ```
- *   ECPrivateKey ::= SEQUENCE {
- *       version             INTEGER,  -- must be 1
- *       privateKey          OCTET STRING,
- *           -- `ceiling(log2(n)/8)`-byte string, big endian,
- *           -- where n is the order of the curve.
- *       parameters      [0] IMPLICIT ECParameters {{ namedCurve }},  -- mandatory
- *       publicKey       [1] IMPLICIT BIT STRING  -- mandatory
- *   }
- *   ```
+ *   #PSA_KEY_TYPE_IS_ECC_KEYPAIR is true), the format is
+ *   a big-endian representation of the private point as a
+ *   `ceiling(log2(n)/8)`-byte string where `n` is the order of the curve.
+ *   This is the content of the `privateKey` field of the `ECPrivateKey`
+ *   format defined by RFC 5915.
  * - For public keys (key types for which #PSA_KEY_TYPE_IS_PUBLIC_KEY is
  *   true), the format is the same as for psa_export_public_key().
  *
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 6b01c13f0..f77df3051 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -262,6 +262,23 @@ static psa_status_t mbedtls_to_psa_error( int ret )
         case MBEDTLS_ERR_MD_HW_ACCEL_FAILED:
             return( PSA_ERROR_HARDWARE_FAILURE );
 
+        case MBEDTLS_ERR_MPI_FILE_IO_ERROR:
+            return( PSA_ERROR_STORAGE_FAILURE );
+        case MBEDTLS_ERR_MPI_BAD_INPUT_DATA:
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        case MBEDTLS_ERR_MPI_INVALID_CHARACTER:
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        case MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL:
+            return( PSA_ERROR_BUFFER_TOO_SMALL );
+        case MBEDTLS_ERR_MPI_NEGATIVE_VALUE:
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        case MBEDTLS_ERR_MPI_DIVISION_BY_ZERO:
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        case MBEDTLS_ERR_MPI_NOT_ACCEPTABLE:
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        case MBEDTLS_ERR_MPI_ALLOC_FAILED:
+            return( PSA_ERROR_INSUFFICIENT_MEMORY );
+
         case MBEDTLS_ERR_PK_ALLOC_FAILED:
             return( PSA_ERROR_INSUFFICIENT_MEMORY );
         case MBEDTLS_ERR_PK_TYPE_MISMATCH:
@@ -572,6 +589,7 @@ static psa_status_t psa_import_rsa_key( mbedtls_pk_context *pk,
 #endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C) */
 
 #if defined(MBEDTLS_ECP_C) && defined(MBEDTLS_PK_PARSE_C)
+/* Import an elliptic curve parsed by the mbedtls pk module. */
 static psa_status_t psa_import_ecp_key( psa_ecc_curve_t expected_curve,
                                         mbedtls_pk_context *pk,
                                         mbedtls_ecp_keypair **p_ecp )
@@ -590,6 +608,58 @@ static psa_status_t psa_import_ecp_key( psa_ecc_curve_t expected_curve,
 }
 #endif /* defined(MBEDTLS_ECP_C) && defined(MBEDTLS_PK_PARSE_C) */
 
+#if defined(MBEDTLS_ECP_C)
+/* Import a private key given as a byte string which is the private value
+ * in big-endian order. */
+static psa_status_t psa_import_ec_private_key( psa_ecc_curve_t curve,
+                                               const uint8_t *data,
+                                               size_t data_length,
+                                               mbedtls_ecp_keypair **p_ecp )
+{
+    psa_status_t status = PSA_ERROR_TAMPERING_DETECTED;
+    mbedtls_ecp_keypair *ecp = NULL;
+    mbedtls_ecp_group_id grp_id = mbedtls_ecc_group_of_psa( curve );
+
+    *p_ecp = NULL;
+    ecp = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) );
+    if( ecp == NULL )
+        return( PSA_ERROR_INSUFFICIENT_MEMORY );
+
+    /* Load the group. */
+    status = mbedtls_to_psa_error(
+        mbedtls_ecp_group_load( &ecp->grp, grp_id ) );
+    if( status != PSA_SUCCESS )
+        goto exit;
+    /* Load the secret value. */
+    status = mbedtls_to_psa_error(
+        mbedtls_mpi_read_binary( &ecp->d, data, data_length ) );
+    if( status != PSA_SUCCESS )
+        goto exit;
+    /* Validate the private key. */
+    status = mbedtls_to_psa_error(
+        mbedtls_ecp_check_privkey( &ecp->grp, &ecp->d ) );
+    if( status != PSA_SUCCESS )
+        goto exit;
+    /* Calculate the public key from the private key. */
+    status = mbedtls_to_psa_error(
+        mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, &ecp->grp.G,
+                         mbedtls_ctr_drbg_random, &global_data.ctr_drbg ) );
+    if( status != PSA_SUCCESS )
+        goto exit;
+
+    *p_ecp = ecp;
+    return( PSA_SUCCESS );
+
+exit:
+    if( ecp != NULL )
+    {
+        mbedtls_ecp_keypair_free( ecp );
+        mbedtls_free( ecp );
+    }
+    return( status );
+}
+#endif /* defined(MBEDTLS_ECP_C) */
+
 psa_status_t psa_import_key( psa_key_slot_t key,
                              psa_key_type_t type,
                              const uint8_t *data,
@@ -615,6 +685,17 @@ psa_status_t psa_import_key( psa_key_slot_t key,
             memcpy( slot->data.raw.data, data, data_length );
     }
     else
+#if defined(MBEDTLS_ECP_C)
+    if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) )
+    {
+        status = psa_import_ec_private_key( PSA_KEY_TYPE_GET_CURVE( type ),
+                                            data, data_length,
+                                            &slot->data.ecp );
+        if( status != PSA_SUCCESS )
+            return( status );
+    }
+    else
+#endif /* MBEDTLS_ECP_C */
 #if defined(MBEDTLS_PK_PARSE_C)
     if( PSA_KEY_TYPE_IS_RSA( type ) || PSA_KEY_TYPE_IS_ECC( type ) )
     {

From 188c71e38253c2741494b57352e5a15158838ed9 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 29 Oct 2018 19:26:02 +0100
Subject: [PATCH 575/889] Private EC key format: change to raw secret value
 (export)

Change the import/export format of private elliptic curve keys from
RFC 5915 to the raw secret value. This commit updates the export code.
---
 library/psa_crypto.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index f77df3051..eac1eb4d5 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -869,6 +869,21 @@ static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
         *data_length = slot->data.raw.bytes;
         return( PSA_SUCCESS );
     }
+#if defined(MBEDTLS_ECP_C)
+    if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( slot->type ) && !export_public_key )
+    {
+        size_t bytes = PSA_BITS_TO_BYTES( psa_get_key_bits( slot ) );
+        if( bytes > data_size )
+            return( PSA_ERROR_BUFFER_TOO_SMALL );
+        status = mbedtls_to_psa_error(
+            mbedtls_mpi_write_binary( &slot->data.ecp->d, data, bytes ) );
+        if( status != PSA_SUCCESS )
+            return( status );
+        memset( data + bytes, 0, data_size - bytes );
+        *data_length = bytes;
+        return( PSA_SUCCESS );
+    }
+#endif
     else
     {
 #if defined(MBEDTLS_PK_WRITE_C)

From 52b9018cf7d8a905fbad9752560a224fc75f6784 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 29 Oct 2018 19:26:27 +0100
Subject: [PATCH 576/889] psa_export_key: for raw-byte keys, zero the end of
 the output buffer

Skip all writing to the target buffer if its size is 0, since in this
case the pointer might be invalid and this would cause the calls to
memcpy and memset to have undefined behavior.
---
 library/psa_crypto.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index eac1eb4d5..87f9147a6 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -864,8 +864,12 @@ static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
     {
         if( slot->data.raw.bytes > data_size )
             return( PSA_ERROR_BUFFER_TOO_SMALL );
-        if( slot->data.raw.bytes != 0 )
+        if( data_size != 0 )
+        {
             memcpy( data, slot->data.raw.data, slot->data.raw.bytes );
+            memset( data + slot->data.raw.bytes, 0,
+                    data_size - slot->data.raw.bytes );
+        }
         *data_length = slot->data.raw.bytes;
         return( PSA_SUCCESS );
     }

From 2257649ce43234bbf5946a2f925d5254a6fa865e Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 30 Oct 2018 09:09:39 +0100
Subject: [PATCH 577/889] Private EC key import: boundary test cases

Add boundary test cases for private key validity for a short
Weierstrass curve (0 < d < n).

Remove obsolete test cases "valid key but wrong curve". With the new
format, the private key representation does not contain an encoding of
the curve.
---
 tests/suites/test_suite_psa_crypto.data | 26 ++++++++++++++++++-------
 1 file changed, 19 insertions(+), 7 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 973597535..5f202c3d4 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -209,18 +209,30 @@ PSA import/export RSA keypair: import PEM
 depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b2400":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1024:0:PSA_SUCCESS:0
 
-PSA import EC keypair secp384r1: valid key but wrong curve (secp256r1)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-import:"0000000000000000000000000000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT
-
-PSA import EC keypair brainpool384r1: valid key but wrong curve (secp384r1)
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
-import:"0000000000000000000000000000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ERROR_INVALID_ARGUMENT
+PSA import EC keypair: DER format
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT
 
 PSA import EC keypair: public key
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 import:"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT
 
+PSA import EC keypair: secp256r1, all-bits-zero (bad)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+import:"0000000000000000000000000000000000000000000000000000000000000000":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC keypair: secp256r1, d == n - 1 (good)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632550":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_SUCCESS
+
+PSA import EC keypair: secp256r1, d == n (bad)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA import EC keypair: secp256r1, d > n (bad)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+import:"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632552":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT
+
 PSA import EC public key: key pair
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 # For consistency with ECpub as ECpair, RSApub as RSApair and RSApair as RSApub,

From 5eb1521957dba7118640fce1dfe9d9eb4d4361d8 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 31 Oct 2018 13:24:35 +0100
Subject: [PATCH 578/889] Private EC key format: update key representation size
 macro

---
 include/psa/crypto_sizes.h | 17 ++---------------
 1 file changed, 2 insertions(+), 15 deletions(-)

diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index b5ff2aac3..edddca47a 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -437,23 +437,10 @@
 
 /* Maximum size of the export encoding of an ECC key pair.
  *
- *   ECPrivateKey ::= SEQUENCE {
- *       version             INTEGER,  -- must be 1
- *       privateKey          OCTET STRING,
- *           -- `ceiling(log2(n)/8)`-byte string, big endian,
- *           -- where n is the order of the curve.
- *       parameters      [0] IMPLICIT ECParameters {{ NamedCurve }},
- *       publicKey       [1] IMPLICIT BIT STRING
- *   }
- *
- * - 4 bytes of SEQUENCE overhead;
- * - 1 * point size in privateKey
- * - 1 + 1 + 12 bytes of namedCurve OID;
- * - 4 bytes of BIT STRING overhead;
- * - public key as for #PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE.
+ * An ECC key pair is represented by the secret value.
  */
 #define PSA_KEY_EXPORT_ECC_KEYPAIR_MAX_SIZE(key_bits)   \
-    (3 * PSA_BITS_TO_BYTES(key_bits) + 56)
+    (PSA_BITS_TO_BYTES(key_bits))
 
 /** Safe output buffer size for psa_export_key() or psa_export_public_key().
  *

From f7933939b31459fcfdd670dc9b4283c44847409b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 31 Oct 2018 14:07:52 +0100
Subject: [PATCH 579/889] Expand the documentation of import/export formats

Clarify that the key type determines the syntax of the input.

Clarify the constraints on implementations that support extra import
formats.
---
 include/psa/crypto.h | 28 +++++++++++++++++++++-------
 1 file changed, 21 insertions(+), 7 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index b54585a7e..732bc2fad 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1195,13 +1195,27 @@ typedef uint32_t psa_algorithm_t;
  * \brief Import a key in binary format.
  *
  * This function supports any output from psa_export_key(). Refer to the
- * documentation of psa_export_key() for the format for each key type.
+ * documentation of psa_export_public_key() for the format of public keys
+ * and to the documentation of psa_export_key() for the format for
+ * other key types.
+ *
+ * This specification supports a single format for each key type.
+ * Implementations may support other formats as long as the standard
+ * format is supported. Implementations that support other formats
+ * should ensure that the formats are clearly unambiguous so as to
+ * minimize the risk that an invalid input is accidentally interpreted
+ * according to a different format.
  *
  * \param key         Slot where the key will be stored. This must be a
  *                    valid slot for a key of the chosen type. It must
  *                    be unoccupied.
- * \param type        Key type (a \c PSA_KEY_TYPE_XXX value).
- * \param[in] data    Buffer containing the key data.
+ * \param type        Key type (a \c PSA_KEY_TYPE_XXX value). On a successful
+ *                    import, the key slot will contain a key of this type.
+ * \param[in] data    Buffer containing the key data. The content of this
+ *                    buffer is interpreted according to \p type. It must
+ *                    contain the format described in the documentation
+ *                    of psa_export_key() or psa_export_public_key() for
+ *                    the chosen type.
  * \param data_length Size of the \p data buffer in bytes.
  *
  * \retval #PSA_SUCCESS
@@ -1300,10 +1314,10 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  * The output of this function can be passed to psa_import_key() to
  * create an equivalent object.
  *
- * If a key is created with psa_import_key() and then exported with
- * this function, it is not guaranteed that the resulting data is
- * identical: the implementation may choose a different representation
- * of the same key if the format permits it.
+ * If the implementation of psa_import_key() supports other formats
+ * beyond the format specified here, the output from psa_export_key()
+ * must use the representation specified here, not the original
+ * representation.
  *
  * For standard key types, the output format is as follows:
  *

From f8964b95804fb2212ace60ab78a272dcc540fd7b Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Wed, 31 Oct 2018 18:06:14 +0200
Subject: [PATCH 580/889] updated test to work around
 https://github.com/ARMmbed/mbedtls-psa/issues/183

test should check the correct error values once this issue is fixed
---
 tests/suites/test_suite_psa_crypto.function | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index f7a48093b..7e8120040 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -3145,7 +3145,7 @@ void test_derive_invalid_generator_tests( )
                  == PSA_ERROR_INSUFFICIENT_CAPACITY );
 
     TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity )
-                 == PSA_ERROR_BAD_STATE );
+                 == PSA_SUCCESS ); // should be PSA_ERROR_BAD_STATE:issue opened
 
     TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS );
 
@@ -3153,7 +3153,7 @@ void test_derive_invalid_generator_tests( )
                  == PSA_ERROR_INSUFFICIENT_CAPACITY );
 
     TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity )
-                 == PSA_ERROR_BAD_STATE );
+                 == PSA_SUCCESS );// should be PSA_ERROR_BAD_STATE:issue opened
 
 exit:
     psa_generator_abort( &generator );

From dd69d8b7ffd73deb184c81bfca1b2c4c04e4e0d2 Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Thu, 1 Nov 2018 12:24:23 +0200
Subject: [PATCH 581/889] Streamline test function API by removing parameter

streamline the API for the test test_derive_invalid_generator_state: by removing
the key_data parameter.
This parameter is not important for test flow and can be hard-coded.
---
 tests/suites/test_suite_psa_crypto.data     | 2 +-
 tests/suites/test_suite_psa_crypto.function | 9 ++++++---
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 66bb175a2..10ab81222 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1211,7 +1211,7 @@ derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":
 
 PSA key derivation: invalid generator state ( double generate + read past capacity )
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-test_derive_invalid_generator_state:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"
+test_derive_invalid_generator_state:
 
 PSA key derivation:  invalid generator state ( call read/get_capacity after init and abort )
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 7e8120040..528857b8e 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -3086,7 +3086,7 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void test_derive_invalid_generator_state( data_t *key_data )
+void test_derive_invalid_generator_state( )
 {
     psa_key_slot_t base_key = 1;
     size_t key_type = PSA_KEY_TYPE_DERIVE;
@@ -3094,6 +3094,9 @@ void test_derive_invalid_generator_state( data_t *key_data )
     psa_algorithm_t alg = PSA_ALG_HKDF(PSA_ALG_SHA_256);
     size_t capacity = 42;
     uint8_t buffer[42];
+    const uint8_t key_data[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+                                   0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+                                   0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b};
     psa_key_policy_t policy;
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
@@ -3103,8 +3106,8 @@ void test_derive_invalid_generator_state( data_t *key_data )
     TEST_ASSERT( psa_set_key_policy( base_key, &policy ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( base_key, key_type,
-                                 key_data->x,
-                                 key_data->len ) == PSA_SUCCESS );
+                                 key_data,
+                                 sizeof(key_data) ) == PSA_SUCCESS );
 
     /* valid key derivation */
     TEST_ASSERT(  psa_key_derivation( &generator, base_key, alg,

From 1caf6d24f2b642996cd82569880808830977bfed Mon Sep 17 00:00:00 2001
From: Nir Sonnenschein <nir.sonnenschein@arm.com>
Date: Thu, 1 Nov 2018 12:27:20 +0200
Subject: [PATCH 582/889] Fix code style and clarify issue comment

* remove unneeded constants
* clarify comment reference to issue 183
* add additional reference comment
* fix brace spacing issues
---
 tests/suites/test_suite_psa_crypto.function | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 528857b8e..56a23fe04 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -3091,9 +3091,9 @@ void test_derive_invalid_generator_state( )
     psa_key_slot_t base_key = 1;
     size_t key_type = PSA_KEY_TYPE_DERIVE;
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
-    psa_algorithm_t alg = PSA_ALG_HKDF(PSA_ALG_SHA_256);
-    size_t capacity = 42;
+    psa_algorithm_t alg = PSA_ALG_HKDF( PSA_ALG_SHA_256 );
     uint8_t buffer[42];
+    size_t capacity = sizeof( buffer );
     const uint8_t key_data[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
                                    0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
                                    0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b};
@@ -3107,7 +3107,7 @@ void test_derive_invalid_generator_state( )
 
     TEST_ASSERT( psa_import_key( base_key, key_type,
                                  key_data,
-                                 sizeof(key_data) ) == PSA_SUCCESS );
+                                 sizeof( key_data ) ) == PSA_SUCCESS );
 
     /* valid key derivation */
     TEST_ASSERT(  psa_key_derivation( &generator, base_key, alg,
@@ -3145,18 +3145,18 @@ void test_derive_invalid_generator_tests( )
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
 
     TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size )
-                 == PSA_ERROR_INSUFFICIENT_CAPACITY );
+                 == PSA_ERROR_INSUFFICIENT_CAPACITY ); // should be PSA_ERROR_BAD_STATE:#183
 
     TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity )
-                 == PSA_SUCCESS ); // should be PSA_ERROR_BAD_STATE:issue opened
+                 == PSA_SUCCESS ); // should be PSA_ERROR_BAD_STATE:#183
 
     TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size )
-                 == PSA_ERROR_INSUFFICIENT_CAPACITY );
+                 == PSA_ERROR_INSUFFICIENT_CAPACITY ); // should be PSA_ERROR_BAD_STATE:#183
 
     TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity )
-                 == PSA_SUCCESS );// should be PSA_ERROR_BAD_STATE:issue opened
+                 == PSA_SUCCESS );// should be PSA_ERROR_BAD_STATE:#183
 
 exit:
     psa_generator_abort( &generator );

From 18b1a227ac5783f65db912e550c27f3627420e0a Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Thu, 18 Oct 2018 15:04:06 +0300
Subject: [PATCH 583/889] Add missing algorithms to existing hash tests

---
 tests/suites/test_suite_psa_crypto.data | 96 +++++++++++++++++++++++++
 1 file changed, 96 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 871a511b2..43d243e1b 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -312,10 +312,42 @@ key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED
 PSA key lifetime set: invalid key lifetime value
 key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
 
+PSA hash setup: good, SHA-1
+depends_on:MBEDTLS_SHA1_C
+hash_setup:PSA_ALG_SHA_1:PSA_SUCCESS
+
+PSA hash setup: good, SHA-224
+depends_on:MBEDTLS_SHA256_C
+hash_setup:PSA_ALG_SHA_224:PSA_SUCCESS
+
 PSA hash setup: good, SHA-256
 depends_on:MBEDTLS_SHA256_C
 hash_setup:PSA_ALG_SHA_256:PSA_SUCCESS
 
+PSA hash setup: good, SHA-384
+depends_on:MBEDTLS_SHA512_C
+hash_setup:PSA_ALG_SHA_384:PSA_SUCCESS
+
+PSA hash setup: good, SHA-512
+depends_on:MBEDTLS_SHA512_C
+hash_setup:PSA_ALG_SHA_512:PSA_SUCCESS
+
+PSA hash setup: good, MD-2
+depends_on:MBEDTLS_MD2_C
+hash_setup:PSA_ALG_MD2:PSA_SUCCESS
+
+PSA hash setup: good, MD-4
+depends_on:MBEDTLS_MD4_C
+hash_setup:PSA_ALG_MD4:PSA_SUCCESS
+
+PSA hash setup: good, MD-5
+depends_on:MBEDTLS_MD5_C
+hash_setup:PSA_ALG_MD5:PSA_SUCCESS
+
+PSA hash setup: good, RIPEMD160
+depends_on:MBEDTLS_RIPEMD160_C
+hash_setup:PSA_ALG_RIPEMD160:PSA_SUCCESS
+
 PSA hash setup: bad (unknown hash algorithm)
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 hash_setup:PSA_ALG_CATEGORY_HASH:PSA_ERROR_NOT_SUPPORTED
@@ -324,14 +356,78 @@ PSA hash setup: bad (not a hash algorithm)
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
 
+PSA hash finish: SHA-1
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"bd":"9034aaf45143996a2b14465c352ab0c6fa26b221"
+
+PSA hash finish: SHA-224
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"bd":"b1e46bb9efe45af554363449c6945a0d6169fc3a5a396a56cb97cb57"
+
 PSA hash finish: SHA-256
 depends_on:MBEDTLS_SHA256_C
 hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
 
+PSA hash finish: SHA-384
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"bd":"4372e38a92a28b5d2c391e62452a86d50e0267228be176c77d2402effe9fa50de407bbb851b37d5904aba2dede74da2a"
+
+PSA hash finish: SHA-512
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"bd":"296e2267d74c278daaaa940d17b0cfb74a5083f8e069726d8c841cbe596e0431cb7741a5b50f71666cfd54bacb7b00aea891499cf4ef6a03c8a83fe37c3f7baf"
+
+PSA hash finish: MD-2
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"bd":"8c9c17665d25b35fc413c41805c679cf"
+
+PSA hash finish: MD-4
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"bd":"18c33f97297efe5f8a732258289fda25"
+
+PSA hash finish: MD-5
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"bd":"abae57cb562ecf295b4a37a76efe61fb"
+
+PSA hash finish: RIPEMD160
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37"
+
+PSA hash verify: SHA-1
+depends_on:MBEDTLS_SHA1_C
+hash_verify:PSA_ALG_SHA_1:"bd":"9034aaf45143996a2b14465c352ab0c6fa26b221"
+
+PSA hash verify: SHA-224
+depends_on:MBEDTLS_SHA256_C
+hash_verify:PSA_ALG_SHA_224:"bd":"b1e46bb9efe45af554363449c6945a0d6169fc3a5a396a56cb97cb57"
+
 PSA hash verify: SHA-256
 depends_on:MBEDTLS_SHA256_C
 hash_verify:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
 
+PSA hash verify: SHA-384
+depends_on:MBEDTLS_SHA512_C
+hash_verify:PSA_ALG_SHA_384:"bd":"4372e38a92a28b5d2c391e62452a86d50e0267228be176c77d2402effe9fa50de407bbb851b37d5904aba2dede74da2a"
+
+PSA hash verify: SHA-512
+depends_on:MBEDTLS_SHA512_C
+hash_verify:PSA_ALG_SHA_512:"bd":"296e2267d74c278daaaa940d17b0cfb74a5083f8e069726d8c841cbe596e0431cb7741a5b50f71666cfd54bacb7b00aea891499cf4ef6a03c8a83fe37c3f7baf"
+
+PSA hash verify: MD-2
+depends_on:MBEDTLS_MD2_C
+hash_verify:PSA_ALG_MD2:"bd":"8c9c17665d25b35fc413c41805c679cf"
+
+PSA hash verify: MD-4
+depends_on:MBEDTLS_MD4_C
+hash_verify:PSA_ALG_MD4:"bd":"18c33f97297efe5f8a732258289fda25"
+
+PSA hash verify: MD-5
+depends_on:MBEDTLS_MD5_C
+hash_verify:PSA_ALG_MD5:"bd":"abae57cb562ecf295b4a37a76efe61fb"
+
+PSA hash verify: RIPEMD160
+depends_on:MBEDTLS_RIPEMD160_C
+hash_verify:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37"
+
 PSA MAC setup: good, HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS

From ec93d30b45dbf7a5a36fe907f1d4e37ddcd0c248 Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Thu, 18 Oct 2018 18:01:10 +0300
Subject: [PATCH 584/889] Add hash bad paths test

Increase code coverage
---
 tests/suites/test_suite_psa_crypto.data     |  4 ++
 tests/suites/test_suite_psa_crypto.function | 56 +++++++++++++++++++++
 2 files changed, 60 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 43d243e1b..0eb06e436 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -428,6 +428,10 @@ PSA hash verify: RIPEMD160
 depends_on:MBEDTLS_RIPEMD160_C
 hash_verify:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37"
 
+PSA hash: bad paths
+depends_on:MBEDTLS_SHA256_C
+hash_bad_paths:
+
 PSA MAC setup: good, HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 63d837fdc..4a05adf8c 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1628,6 +1628,62 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void hash_bad_paths(  )
+{
+    psa_algorithm_t alg = PSA_ALG_SHA_256;
+    unsigned char hash[PSA_HASH_MAX_SIZE] = { 0 };
+    size_t expected_size = PSA_HASH_SIZE( alg );
+    unsigned char input[] = "input";
+    psa_hash_operation_t operation;
+    size_t hash_len;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    /* psa_hash_update without calling psa_hash_setup beforehand */
+    memset( &operation, 0, sizeof( operation ) );
+    TEST_ASSERT( psa_hash_update( &operation,
+                                  input, sizeof( input ) ) ==
+                                  PSA_ERROR_INVALID_ARGUMENT );
+
+    /* psa_hash_finish without calling psa_hash_setup beforehand */
+    memset( &operation, 0, sizeof( operation ) );
+    TEST_ASSERT( psa_hash_finish( &operation,
+                                  hash, expected_size,
+                                  &hash_len ) == PSA_ERROR_INVALID_ARGUMENT );
+
+    /* psa_hash_verify without calling psa_hash_setup beforehand */
+    memset( &operation, 0, sizeof( operation ) );
+    TEST_ASSERT( psa_hash_verify( &operation,
+                                  hash, expected_size ) ==
+                                  PSA_ERROR_INVALID_ARGUMENT );
+
+    /* psa_hash_finish with a smaller hash buffer than expected */
+    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_hash_finish( &operation,
+                                  hash, expected_size - 1,
+                                  &hash_len ) == PSA_ERROR_BUFFER_TOO_SMALL );
+
+
+    /* psa_hash_verify with a smaller hash buffer than expected */
+    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_hash_verify( &operation,
+                                  hash, expected_size - 1 ) ==
+                                  PSA_ERROR_INVALID_SIGNATURE );
+
+    /* psa_hash_verify with a non-matching hash buffer */
+    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_hash_update( &operation,
+                                  input, sizeof( input ) ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_hash_verify( &operation,
+                                  hash, expected_size ) ==
+                                  PSA_ERROR_INVALID_SIGNATURE );
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void mac_setup( int key_type_arg,
                 data_t *key,

From f5b3eb85b5647a233931dca0d7854bbfc958b62b Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Sun, 21 Oct 2018 17:18:06 +0300
Subject: [PATCH 585/889] Add hash test for multipart operation

Test vectors migrated from mbedTLS
---
 tests/suites/test_suite_psa_crypto.data     | 276 ++++++++++++++++++++
 tests/suites/test_suite_psa_crypto.function |  41 +++
 2 files changed, 317 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 0eb06e436..fc69b14d7 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -432,6 +432,282 @@ PSA hash: bad paths
 depends_on:MBEDTLS_SHA256_C
 hash_bad_paths:
 
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #9
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #10
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
+
+PSA hash multi part: MD-2 Test vector RFC1319 #1
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773"
+
+PSA hash multi part: MD-2 Test vector RFC1319 #2
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
+
+PSA hash multi part: MD-2 Test vector RFC1319 #3
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
+
+PSA hash multi part: MD-2 Test vector RFC1319 #4
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0"
+
+PSA hash multi part: MD-2 Test vector RFC1319 #5
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b"
+
+PSA hash multi part: MD-2 Test vector RFC1319 #6
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd"
+
+PSA hash multi part: MD-2 Test vector RFC1319 #7
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8"
+
+PSA hash multi part: MD-4 Test vector RFC1320 #1
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
+
+PSA hash multi part: MD-4 Test vector RFC1320 #2
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24"
+
+PSA hash multi part: MD-4 Test vector RFC1320 #3
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
+
+PSA hash multi part: MD-4 Test vector RFC1320 #4
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b"
+
+PSA hash multi part: MD-4 Test vector RFC1320 #5
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9"
+
+PSA hash multi part: MD-4 Test vector RFC1320 #6
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4"
+
+PSA hash multi part: MD-4 Test vector RFC1320 #7
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536"
+
+PSA hash multi part: MD-5 Test vector RFC1321 #1
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
+
+PSA hash multi part: MD-5 Test vector RFC1321 #2
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661"
+
+PSA hash multi part: MD-5 Test vector RFC1321 #3
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72"
+
+PSA hash multi part: MD-5 Test vector RFC1321 #4
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0"
+
+PSA hash multi part: MD-5 Test vector RFC1321 #5
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b"
+
+PSA hash multi part: MD-5 Test vector RFC1321 #6
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f"
+
+PSA hash multi part: MD-5 Test vector RFC1321 #7
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #1
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #2
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"61":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #3
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #4
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"6d65737361676520646967657374":"5d0689ef49d2fae572b881b123a85ffa21595f36"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #5
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #6
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"12a053384a9c0c88e405a06c27dcf49ada62eb2b"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #7
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"b0e20b6e3116640286ed3a87a5713079b21f5189"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #8
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
+
 PSA MAC setup: good, HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 4a05adf8c..f66c37b75 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1775,6 +1775,47 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash )
+{
+    psa_algorithm_t alg = alg_arg;
+    unsigned char actual_hash[PSA_HASH_MAX_SIZE] = { 0 };
+    size_t actual_hash_length;
+    psa_hash_operation_t operation;
+    uint32_t halfway;
+
+    TEST_ASSERT( expected_hash->len == PSA_HASH_SIZE( alg ) );
+    TEST_ASSERT( expected_hash->len <= PSA_HASH_MAX_SIZE );
+
+    TEST_ASSERT( input != NULL );
+    TEST_ASSERT( expected_hash != NULL );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
+    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_hash->len ) );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
+
+    halfway = input->len / 2;
+    TEST_ASSERT( psa_hash_update( &operation,
+                                  input->x,
+                                  halfway ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_hash_update( &operation,
+                                  input->x + halfway,
+                                  input->len - halfway ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_hash_finish( &operation,
+                                  actual_hash, sizeof( actual_hash ),
+                                  &actual_hash_length ) == PSA_SUCCESS );
+
+    ASSERT_COMPARE( expected_hash->x, expected_hash->len,
+                    actual_hash, actual_hash_length );
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void mac_verify( int key_type_arg,
                  data_t *key,

From a00f1d8b004efa9df7ccff1580344526cbb20323 Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Mon, 22 Oct 2018 15:10:29 +0300
Subject: [PATCH 586/889] Add additional test vectors for hash single part

Test vectors migrated from mbedTLS
---
 tests/suites/test_suite_psa_crypto.data | 276 ++++++++++++++++++++++++
 1 file changed, 276 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index fc69b14d7..77d62a899 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -392,6 +392,282 @@ PSA hash finish: RIPEMD160
 depends_on:MBEDTLS_RIPEMD160_C
 hash_finish:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37"
 
+PSA hash finish: SHA-1 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #9
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #10
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
+
+PSA hash finish: MD-2 Test vector RFC1319 #1
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773"
+
+PSA hash finish: MD-2 Test vector RFC1319 #2
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
+
+PSA hash finish: MD-2 Test vector RFC1319 #3
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
+
+PSA hash finish: MD-2 Test vector RFC1319 #4
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0"
+
+PSA hash finish: MD-2 Test vector RFC1319 #5
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b"
+
+PSA hash finish: MD-2 Test vector RFC1319 #6
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd"
+
+PSA hash finish: MD-2 Test vector RFC1319 #7
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8"
+
+PSA hash finish: MD-4 Test vector RFC1320 #1
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
+
+PSA hash finish: MD-4 Test vector RFC1320 #2
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24"
+
+PSA hash finish: MD-4 Test vector RFC1320 #3
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
+
+PSA hash finish: MD-4 Test vector RFC1320 #4
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b"
+
+PSA hash finish: MD-4 Test vector RFC1320 #5
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9"
+
+PSA hash finish: MD-4 Test vector RFC1320 #6
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4"
+
+PSA hash finish: MD-4 Test vector RFC1320 #7
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536"
+
+PSA hash finish: MD-5 Test vector RFC1321 #1
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
+
+PSA hash finish: MD-5 Test vector RFC1321 #2
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661"
+
+PSA hash finish: MD-5 Test vector RFC1321 #3
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72"
+
+PSA hash finish: MD-5 Test vector RFC1321 #4
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0"
+
+PSA hash finish: MD-5 Test vector RFC1321 #5
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b"
+
+PSA hash finish: MD-5 Test vector RFC1321 #6
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f"
+
+PSA hash finish: MD-5 Test vector RFC1321 #7
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a"
+
+PSA hash finish: RIPEMD160 Test vector from paper #1
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
+
+PSA hash finish: RIPEMD160 Test vector from paper #2
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"61":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe"
+
+PSA hash finish: RIPEMD160 Test vector from paper #3
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
+
+PSA hash finish: RIPEMD160 Test vector from paper #4
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"6d65737361676520646967657374":"5d0689ef49d2fae572b881b123a85ffa21595f36"
+
+PSA hash finish: RIPEMD160 Test vector from paper #5
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc"
+
+PSA hash finish: RIPEMD160 Test vector from paper #6
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"12a053384a9c0c88e405a06c27dcf49ada62eb2b"
+
+PSA hash finish: RIPEMD160 Test vector from paper #7
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"b0e20b6e3116640286ed3a87a5713079b21f5189"
+
+PSA hash finish: RIPEMD160 Test vector from paper #8
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
+
 PSA hash verify: SHA-1
 depends_on:MBEDTLS_SHA1_C
 hash_verify:PSA_ALG_SHA_1:"bd":"9034aaf45143996a2b14465c352ab0c6fa26b221"

From 9b3b31dc521695e8830d5f7c7e3f39f613f8c783 Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Mon, 22 Oct 2018 16:03:34 +0300
Subject: [PATCH 587/889] Delete redundant hash test vectors

Due to migration of test vectors from mbedTLS
---
 tests/suites/test_suite_psa_crypto.data | 36 -------------------------
 1 file changed, 36 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 77d62a899..3c131caf9 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -356,42 +356,6 @@ PSA hash setup: bad (not a hash algorithm)
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
 
-PSA hash finish: SHA-1
-depends_on:MBEDTLS_SHA1_C
-hash_finish:PSA_ALG_SHA_1:"bd":"9034aaf45143996a2b14465c352ab0c6fa26b221"
-
-PSA hash finish: SHA-224
-depends_on:MBEDTLS_SHA256_C
-hash_finish:PSA_ALG_SHA_224:"bd":"b1e46bb9efe45af554363449c6945a0d6169fc3a5a396a56cb97cb57"
-
-PSA hash finish: SHA-256
-depends_on:MBEDTLS_SHA256_C
-hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
-
-PSA hash finish: SHA-384
-depends_on:MBEDTLS_SHA512_C
-hash_finish:PSA_ALG_SHA_384:"bd":"4372e38a92a28b5d2c391e62452a86d50e0267228be176c77d2402effe9fa50de407bbb851b37d5904aba2dede74da2a"
-
-PSA hash finish: SHA-512
-depends_on:MBEDTLS_SHA512_C
-hash_finish:PSA_ALG_SHA_512:"bd":"296e2267d74c278daaaa940d17b0cfb74a5083f8e069726d8c841cbe596e0431cb7741a5b50f71666cfd54bacb7b00aea891499cf4ef6a03c8a83fe37c3f7baf"
-
-PSA hash finish: MD-2
-depends_on:MBEDTLS_MD2_C
-hash_finish:PSA_ALG_MD2:"bd":"8c9c17665d25b35fc413c41805c679cf"
-
-PSA hash finish: MD-4
-depends_on:MBEDTLS_MD4_C
-hash_finish:PSA_ALG_MD4:"bd":"18c33f97297efe5f8a732258289fda25"
-
-PSA hash finish: MD-5
-depends_on:MBEDTLS_MD5_C
-hash_finish:PSA_ALG_MD5:"bd":"abae57cb562ecf295b4a37a76efe61fb"
-
-PSA hash finish: RIPEMD160
-depends_on:MBEDTLS_RIPEMD160_C
-hash_finish:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37"
-
 PSA hash finish: SHA-1 Test Vector NIST CAVS #1
 depends_on:MBEDTLS_SHA1_C
 hash_finish:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709"

From 931fa6d663883e62c0b5a660cbdffcd0d4995bba Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Wed, 24 Oct 2018 12:20:22 +0300
Subject: [PATCH 588/889] Remove input parameter validations from hash test
 functions

Remove from hash_finish, hash_verify and hash_multi_part
---
 tests/suites/test_suite_psa_crypto.function | 24 ---------------------
 1 file changed, 24 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index f66c37b75..879a77c2f 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1575,14 +1575,6 @@ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
     size_t actual_hash_length;
     psa_hash_operation_t operation;
 
-    TEST_ASSERT( expected_hash->len == PSA_HASH_SIZE( alg ) );
-    TEST_ASSERT( expected_hash->len <= PSA_HASH_MAX_SIZE );
-
-    TEST_ASSERT( input != NULL );
-    TEST_ASSERT( expected_hash != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_hash->len ) );
-
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
@@ -1605,14 +1597,6 @@ void hash_verify( int alg_arg, data_t *input, data_t *expected_hash )
     psa_algorithm_t alg = alg_arg;
     psa_hash_operation_t operation;
 
-    TEST_ASSERT( expected_hash->len == PSA_HASH_SIZE( alg ) );
-    TEST_ASSERT( expected_hash->len <= PSA_HASH_MAX_SIZE );
-
-    TEST_ASSERT( input != NULL );
-    TEST_ASSERT( expected_hash != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_hash->len ) );
-
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
@@ -1784,14 +1768,6 @@ void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash )
     psa_hash_operation_t operation;
     uint32_t halfway;
 
-    TEST_ASSERT( expected_hash->len == PSA_HASH_SIZE( alg ) );
-    TEST_ASSERT( expected_hash->len <= PSA_HASH_MAX_SIZE );
-
-    TEST_ASSERT( input != NULL );
-    TEST_ASSERT( expected_hash != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_hash->len ) );
-
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );

From 02d6295e5354a161c9be29aa386695cac5208620 Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Wed, 24 Oct 2018 12:45:18 +0300
Subject: [PATCH 589/889] Move positive hash tests into a new test suite

Move hash_finish, hash_verify and hash_multi_part to a
new test suite test_suite_psa_crypto_hash.
---
 scripts/mbed_crypto.make                      |   2 +
 tests/CMakeLists.txt                          |   1 +
 tests/suites/test_suite_psa_crypto.data       | 588 ------------------
 tests/suites/test_suite_psa_crypto.function   |  80 +--
 tests/suites/test_suite_psa_crypto_hash.data  | 587 +++++++++++++++++
 .../test_suite_psa_crypto_hash.function       |  94 +++
 6 files changed, 685 insertions(+), 667 deletions(-)
 create mode 100644 tests/suites/test_suite_psa_crypto_hash.data
 create mode 100644 tests/suites/test_suite_psa_crypto_hash.function

diff --git a/scripts/mbed_crypto.make b/scripts/mbed_crypto.make
index c0e5a0531..e5e6ded6d 100644
--- a/scripts/mbed_crypto.make
+++ b/scripts/mbed_crypto.make
@@ -150,6 +150,8 @@ TEST_FILES := \
 	tests/suites/target_test.function \
 	tests/suites/test_suite_psa_crypto.data \
 	tests/suites/test_suite_psa_crypto.function \
+	tests/suites/test_suite_psa_crypto_hash.data \
+	tests/suites/test_suite_psa_crypto_hash.function \
 	tests/suites/test_suite_psa_crypto_metadata.data \
 	tests/suites/test_suite_psa_crypto_metadata.function \
 # Don't delete this line.
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index a7821d7bc..89be6feb7 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -111,6 +111,7 @@ add_test_suite(pkparse)
 add_test_suite(pkwrite)
 add_test_suite(poly1305)
 add_test_suite(psa_crypto)
+add_test_suite(psa_crypto_hash)
 add_test_suite(psa_crypto_metadata)
 add_test_suite(shax)
 add_test_suite(ssl)
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 3c131caf9..bfd391ce9 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -356,598 +356,10 @@ PSA hash setup: bad (not a hash algorithm)
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
 
-PSA hash finish: SHA-1 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA1_C
-hash_finish:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
-
-PSA hash finish: SHA-1 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA1_C
-hash_finish:PSA_ALG_SHA_1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15"
-
-PSA hash finish: SHA-1 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA1_C
-hash_finish:PSA_ALG_SHA_1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024"
-
-PSA hash finish: SHA-1 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA1_C
-hash_finish:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619"
-
-PSA hash finish: SHA-1 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA1_C
-hash_finish:PSA_ALG_SHA_1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253"
-
-PSA hash finish: SHA-1 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA1_C
-hash_finish:PSA_ALG_SHA_1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93"
-
-PSA hash finish: SHA-1 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA1_C
-hash_finish:PSA_ALG_SHA_1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217"
-
-PSA hash finish: SHA-1 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA1_C
-hash_finish:PSA_ALG_SHA_1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19"
-
-PSA hash finish: SHA-1 Test Vector NIST CAVS #9
-depends_on:MBEDTLS_SHA1_C
-hash_finish:PSA_ALG_SHA_1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45"
-
-PSA hash finish: SHA-1 Test Vector NIST CAVS #10
-depends_on:MBEDTLS_SHA1_C
-hash_finish:PSA_ALG_SHA_1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af"
-
-PSA hash finish: SHA-224 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA256_C
-hash_finish:PSA_ALG_SHA_224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
-
-PSA hash finish: SHA-224 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA256_C
-hash_finish:PSA_ALG_SHA_224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5"
-
-PSA hash finish: SHA-224 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA256_C
-hash_finish:PSA_ALG_SHA_224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e"
-
-PSA hash finish: SHA-224 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA256_C
-hash_finish:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
-
-PSA hash finish: SHA-224 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA256_C
-hash_finish:PSA_ALG_SHA_224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d"
-
-PSA hash finish: SHA-224 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA256_C
-hash_finish:PSA_ALG_SHA_224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713"
-
-PSA hash finish: SHA-224 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA256_C
-hash_finish:PSA_ALG_SHA_224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe"
-
-PSA hash finish: SHA-256 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA256_C
-hash_finish:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
-
-PSA hash finish: SHA-256 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA256_C
-hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
-
-PSA hash finish: SHA-256 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA256_C
-hash_finish:PSA_ALG_SHA_256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788"
-
-PSA hash finish: SHA-256 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA256_C
-hash_finish:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803"
-
-PSA hash finish: SHA-256 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA256_C
-hash_finish:PSA_ALG_SHA_256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504"
-
-PSA hash finish: SHA-256 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA256_C
-hash_finish:PSA_ALG_SHA_256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605"
-
-PSA hash finish: SHA-256 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA256_C
-hash_finish:PSA_ALG_SHA_256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e"
-
-PSA hash finish: SHA-384 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA512_C
-hash_finish:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b"
-
-PSA hash finish: SHA-384 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA512_C
-hash_finish:PSA_ALG_SHA_384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d"
-
-PSA hash finish: SHA-384 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA512_C
-hash_finish:PSA_ALG_SHA_384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc"
-
-PSA hash finish: SHA-384 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA512_C
-hash_finish:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955"
-
-PSA hash finish: SHA-384 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA512_C
-hash_finish:PSA_ALG_SHA_384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a"
-
-PSA hash finish: SHA-384 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA512_C
-hash_finish:PSA_ALG_SHA_384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649"
-
-PSA hash finish: SHA-384 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA512_C
-hash_finish:PSA_ALG_SHA_384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980"
-
-PSA hash finish: SHA-384 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA512_C
-hash_finish:PSA_ALG_SHA_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e"
-
-PSA hash finish: SHA-512 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA512_C
-hash_finish:PSA_ALG_SHA_512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"
-
-PSA hash finish: SHA-512 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA512_C
-hash_finish:PSA_ALG_SHA_512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a"
-
-PSA hash finish: SHA-512 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA512_C
-hash_finish:PSA_ALG_SHA_512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231"
-
-PSA hash finish: SHA-512 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA512_C
-hash_finish:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
-
-PSA hash finish: SHA-512 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA512_C
-hash_finish:PSA_ALG_SHA_512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f"
-
-PSA hash finish: SHA-512 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA512_C
-hash_finish:PSA_ALG_SHA_512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297"
-
-PSA hash finish: SHA-512 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA512_C
-hash_finish:PSA_ALG_SHA_512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94"
-
-PSA hash finish: SHA-512 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA512_C
-hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
-
-PSA hash finish: MD-2 Test vector RFC1319 #1
-depends_on:MBEDTLS_MD2_C
-hash_finish:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773"
-
-PSA hash finish: MD-2 Test vector RFC1319 #2
-depends_on:MBEDTLS_MD2_C
-hash_finish:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
-
-PSA hash finish: MD-2 Test vector RFC1319 #3
-depends_on:MBEDTLS_MD2_C
-hash_finish:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
-
-PSA hash finish: MD-2 Test vector RFC1319 #4
-depends_on:MBEDTLS_MD2_C
-hash_finish:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0"
-
-PSA hash finish: MD-2 Test vector RFC1319 #5
-depends_on:MBEDTLS_MD2_C
-hash_finish:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b"
-
-PSA hash finish: MD-2 Test vector RFC1319 #6
-depends_on:MBEDTLS_MD2_C
-hash_finish:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd"
-
-PSA hash finish: MD-2 Test vector RFC1319 #7
-depends_on:MBEDTLS_MD2_C
-hash_finish:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8"
-
-PSA hash finish: MD-4 Test vector RFC1320 #1
-depends_on:MBEDTLS_MD4_C
-hash_finish:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
-
-PSA hash finish: MD-4 Test vector RFC1320 #2
-depends_on:MBEDTLS_MD4_C
-hash_finish:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24"
-
-PSA hash finish: MD-4 Test vector RFC1320 #3
-depends_on:MBEDTLS_MD4_C
-hash_finish:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
-
-PSA hash finish: MD-4 Test vector RFC1320 #4
-depends_on:MBEDTLS_MD4_C
-hash_finish:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b"
-
-PSA hash finish: MD-4 Test vector RFC1320 #5
-depends_on:MBEDTLS_MD4_C
-hash_finish:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9"
-
-PSA hash finish: MD-4 Test vector RFC1320 #6
-depends_on:MBEDTLS_MD4_C
-hash_finish:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4"
-
-PSA hash finish: MD-4 Test vector RFC1320 #7
-depends_on:MBEDTLS_MD4_C
-hash_finish:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536"
-
-PSA hash finish: MD-5 Test vector RFC1321 #1
-depends_on:MBEDTLS_MD5_C
-hash_finish:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
-
-PSA hash finish: MD-5 Test vector RFC1321 #2
-depends_on:MBEDTLS_MD5_C
-hash_finish:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661"
-
-PSA hash finish: MD-5 Test vector RFC1321 #3
-depends_on:MBEDTLS_MD5_C
-hash_finish:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72"
-
-PSA hash finish: MD-5 Test vector RFC1321 #4
-depends_on:MBEDTLS_MD5_C
-hash_finish:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0"
-
-PSA hash finish: MD-5 Test vector RFC1321 #5
-depends_on:MBEDTLS_MD5_C
-hash_finish:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b"
-
-PSA hash finish: MD-5 Test vector RFC1321 #6
-depends_on:MBEDTLS_MD5_C
-hash_finish:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f"
-
-PSA hash finish: MD-5 Test vector RFC1321 #7
-depends_on:MBEDTLS_MD5_C
-hash_finish:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a"
-
-PSA hash finish: RIPEMD160 Test vector from paper #1
-depends_on:MBEDTLS_RIPEMD160_C
-hash_finish:PSA_ALG_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
-
-PSA hash finish: RIPEMD160 Test vector from paper #2
-depends_on:MBEDTLS_RIPEMD160_C
-hash_finish:PSA_ALG_RIPEMD160:"61":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe"
-
-PSA hash finish: RIPEMD160 Test vector from paper #3
-depends_on:MBEDTLS_RIPEMD160_C
-hash_finish:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
-
-PSA hash finish: RIPEMD160 Test vector from paper #4
-depends_on:MBEDTLS_RIPEMD160_C
-hash_finish:PSA_ALG_RIPEMD160:"6d65737361676520646967657374":"5d0689ef49d2fae572b881b123a85ffa21595f36"
-
-PSA hash finish: RIPEMD160 Test vector from paper #5
-depends_on:MBEDTLS_RIPEMD160_C
-hash_finish:PSA_ALG_RIPEMD160:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc"
-
-PSA hash finish: RIPEMD160 Test vector from paper #6
-depends_on:MBEDTLS_RIPEMD160_C
-hash_finish:PSA_ALG_RIPEMD160:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"12a053384a9c0c88e405a06c27dcf49ada62eb2b"
-
-PSA hash finish: RIPEMD160 Test vector from paper #7
-depends_on:MBEDTLS_RIPEMD160_C
-hash_finish:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"b0e20b6e3116640286ed3a87a5713079b21f5189"
-
-PSA hash finish: RIPEMD160 Test vector from paper #8
-depends_on:MBEDTLS_RIPEMD160_C
-hash_finish:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
-
-PSA hash verify: SHA-1
-depends_on:MBEDTLS_SHA1_C
-hash_verify:PSA_ALG_SHA_1:"bd":"9034aaf45143996a2b14465c352ab0c6fa26b221"
-
-PSA hash verify: SHA-224
-depends_on:MBEDTLS_SHA256_C
-hash_verify:PSA_ALG_SHA_224:"bd":"b1e46bb9efe45af554363449c6945a0d6169fc3a5a396a56cb97cb57"
-
-PSA hash verify: SHA-256
-depends_on:MBEDTLS_SHA256_C
-hash_verify:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
-
-PSA hash verify: SHA-384
-depends_on:MBEDTLS_SHA512_C
-hash_verify:PSA_ALG_SHA_384:"bd":"4372e38a92a28b5d2c391e62452a86d50e0267228be176c77d2402effe9fa50de407bbb851b37d5904aba2dede74da2a"
-
-PSA hash verify: SHA-512
-depends_on:MBEDTLS_SHA512_C
-hash_verify:PSA_ALG_SHA_512:"bd":"296e2267d74c278daaaa940d17b0cfb74a5083f8e069726d8c841cbe596e0431cb7741a5b50f71666cfd54bacb7b00aea891499cf4ef6a03c8a83fe37c3f7baf"
-
-PSA hash verify: MD-2
-depends_on:MBEDTLS_MD2_C
-hash_verify:PSA_ALG_MD2:"bd":"8c9c17665d25b35fc413c41805c679cf"
-
-PSA hash verify: MD-4
-depends_on:MBEDTLS_MD4_C
-hash_verify:PSA_ALG_MD4:"bd":"18c33f97297efe5f8a732258289fda25"
-
-PSA hash verify: MD-5
-depends_on:MBEDTLS_MD5_C
-hash_verify:PSA_ALG_MD5:"bd":"abae57cb562ecf295b4a37a76efe61fb"
-
-PSA hash verify: RIPEMD160
-depends_on:MBEDTLS_RIPEMD160_C
-hash_verify:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37"
-
 PSA hash: bad paths
 depends_on:MBEDTLS_SHA256_C
 hash_bad_paths:
 
-PSA hash multi part: SHA-1 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA1_C
-hash_multi_part:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
-
-PSA hash multi part: SHA-1 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA1_C
-hash_multi_part:PSA_ALG_SHA_1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15"
-
-PSA hash multi part: SHA-1 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA1_C
-hash_multi_part:PSA_ALG_SHA_1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024"
-
-PSA hash multi part: SHA-1 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA1_C
-hash_multi_part:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619"
-
-PSA hash multi part: SHA-1 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA1_C
-hash_multi_part:PSA_ALG_SHA_1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253"
-
-PSA hash multi part: SHA-1 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA1_C
-hash_multi_part:PSA_ALG_SHA_1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93"
-
-PSA hash multi part: SHA-1 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA1_C
-hash_multi_part:PSA_ALG_SHA_1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217"
-
-PSA hash multi part: SHA-1 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA1_C
-hash_multi_part:PSA_ALG_SHA_1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19"
-
-PSA hash multi part: SHA-1 Test Vector NIST CAVS #9
-depends_on:MBEDTLS_SHA1_C
-hash_multi_part:PSA_ALG_SHA_1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45"
-
-PSA hash multi part: SHA-1 Test Vector NIST CAVS #10
-depends_on:MBEDTLS_SHA1_C
-hash_multi_part:PSA_ALG_SHA_1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af"
-
-PSA hash multi part: SHA-224 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA256_C
-hash_multi_part:PSA_ALG_SHA_224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
-
-PSA hash multi part: SHA-224 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA256_C
-hash_multi_part:PSA_ALG_SHA_224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5"
-
-PSA hash multi part: SHA-224 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA256_C
-hash_multi_part:PSA_ALG_SHA_224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e"
-
-PSA hash multi part: SHA-224 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA256_C
-hash_multi_part:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
-
-PSA hash multi part: SHA-224 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA256_C
-hash_multi_part:PSA_ALG_SHA_224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d"
-
-PSA hash multi part: SHA-224 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA256_C
-hash_multi_part:PSA_ALG_SHA_224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713"
-
-PSA hash multi part: SHA-224 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA256_C
-hash_multi_part:PSA_ALG_SHA_224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe"
-
-PSA hash multi part: SHA-256 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA256_C
-hash_multi_part:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
-
-PSA hash multi part: SHA-256 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA256_C
-hash_multi_part:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
-
-PSA hash multi part: SHA-256 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA256_C
-hash_multi_part:PSA_ALG_SHA_256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788"
-
-PSA hash multi part: SHA-256 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA256_C
-hash_multi_part:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803"
-
-PSA hash multi part: SHA-256 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA256_C
-hash_multi_part:PSA_ALG_SHA_256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504"
-
-PSA hash multi part: SHA-256 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA256_C
-hash_multi_part:PSA_ALG_SHA_256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605"
-
-PSA hash multi part: SHA-256 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA256_C
-hash_multi_part:PSA_ALG_SHA_256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e"
-
-PSA hash multi part: SHA-384 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA512_C
-hash_multi_part:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b"
-
-PSA hash multi part: SHA-384 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA512_C
-hash_multi_part:PSA_ALG_SHA_384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d"
-
-PSA hash multi part: SHA-384 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA512_C
-hash_multi_part:PSA_ALG_SHA_384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc"
-
-PSA hash multi part: SHA-384 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA512_C
-hash_multi_part:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955"
-
-PSA hash multi part: SHA-384 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA512_C
-hash_multi_part:PSA_ALG_SHA_384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a"
-
-PSA hash multi part: SHA-384 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA512_C
-hash_multi_part:PSA_ALG_SHA_384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649"
-
-PSA hash multi part: SHA-384 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA512_C
-hash_multi_part:PSA_ALG_SHA_384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980"
-
-PSA hash multi part: SHA-384 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA512_C
-hash_multi_part:PSA_ALG_SHA_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e"
-
-PSA hash multi part: SHA-512 Test Vector NIST CAVS #1
-depends_on:MBEDTLS_SHA512_C
-hash_multi_part:PSA_ALG_SHA_512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"
-
-PSA hash multi part: SHA-512 Test Vector NIST CAVS #2
-depends_on:MBEDTLS_SHA512_C
-hash_multi_part:PSA_ALG_SHA_512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a"
-
-PSA hash multi part: SHA-512 Test Vector NIST CAVS #3
-depends_on:MBEDTLS_SHA512_C
-hash_multi_part:PSA_ALG_SHA_512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231"
-
-PSA hash multi part: SHA-512 Test Vector NIST CAVS #4
-depends_on:MBEDTLS_SHA512_C
-hash_multi_part:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
-
-PSA hash multi part: SHA-512 Test Vector NIST CAVS #5
-depends_on:MBEDTLS_SHA512_C
-hash_multi_part:PSA_ALG_SHA_512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f"
-
-PSA hash multi part: SHA-512 Test Vector NIST CAVS #6
-depends_on:MBEDTLS_SHA512_C
-hash_multi_part:PSA_ALG_SHA_512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297"
-
-PSA hash multi part: SHA-512 Test Vector NIST CAVS #7
-depends_on:MBEDTLS_SHA512_C
-hash_multi_part:PSA_ALG_SHA_512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94"
-
-PSA hash multi part: SHA-512 Test Vector NIST CAVS #8
-depends_on:MBEDTLS_SHA512_C
-hash_multi_part:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
-
-PSA hash multi part: MD-2 Test vector RFC1319 #1
-depends_on:MBEDTLS_MD2_C
-hash_multi_part:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773"
-
-PSA hash multi part: MD-2 Test vector RFC1319 #2
-depends_on:MBEDTLS_MD2_C
-hash_multi_part:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
-
-PSA hash multi part: MD-2 Test vector RFC1319 #3
-depends_on:MBEDTLS_MD2_C
-hash_multi_part:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
-
-PSA hash multi part: MD-2 Test vector RFC1319 #4
-depends_on:MBEDTLS_MD2_C
-hash_multi_part:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0"
-
-PSA hash multi part: MD-2 Test vector RFC1319 #5
-depends_on:MBEDTLS_MD2_C
-hash_multi_part:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b"
-
-PSA hash multi part: MD-2 Test vector RFC1319 #6
-depends_on:MBEDTLS_MD2_C
-hash_multi_part:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd"
-
-PSA hash multi part: MD-2 Test vector RFC1319 #7
-depends_on:MBEDTLS_MD2_C
-hash_multi_part:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8"
-
-PSA hash multi part: MD-4 Test vector RFC1320 #1
-depends_on:MBEDTLS_MD4_C
-hash_multi_part:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
-
-PSA hash multi part: MD-4 Test vector RFC1320 #2
-depends_on:MBEDTLS_MD4_C
-hash_multi_part:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24"
-
-PSA hash multi part: MD-4 Test vector RFC1320 #3
-depends_on:MBEDTLS_MD4_C
-hash_multi_part:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
-
-PSA hash multi part: MD-4 Test vector RFC1320 #4
-depends_on:MBEDTLS_MD4_C
-hash_multi_part:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b"
-
-PSA hash multi part: MD-4 Test vector RFC1320 #5
-depends_on:MBEDTLS_MD4_C
-hash_multi_part:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9"
-
-PSA hash multi part: MD-4 Test vector RFC1320 #6
-depends_on:MBEDTLS_MD4_C
-hash_multi_part:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4"
-
-PSA hash multi part: MD-4 Test vector RFC1320 #7
-depends_on:MBEDTLS_MD4_C
-hash_multi_part:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536"
-
-PSA hash multi part: MD-5 Test vector RFC1321 #1
-depends_on:MBEDTLS_MD5_C
-hash_multi_part:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
-
-PSA hash multi part: MD-5 Test vector RFC1321 #2
-depends_on:MBEDTLS_MD5_C
-hash_multi_part:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661"
-
-PSA hash multi part: MD-5 Test vector RFC1321 #3
-depends_on:MBEDTLS_MD5_C
-hash_multi_part:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72"
-
-PSA hash multi part: MD-5 Test vector RFC1321 #4
-depends_on:MBEDTLS_MD5_C
-hash_multi_part:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0"
-
-PSA hash multi part: MD-5 Test vector RFC1321 #5
-depends_on:MBEDTLS_MD5_C
-hash_multi_part:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b"
-
-PSA hash multi part: MD-5 Test vector RFC1321 #6
-depends_on:MBEDTLS_MD5_C
-hash_multi_part:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f"
-
-PSA hash multi part: MD-5 Test vector RFC1321 #7
-depends_on:MBEDTLS_MD5_C
-hash_multi_part:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a"
-
-PSA hash multi part: RIPEMD160 Test vector from paper #1
-depends_on:MBEDTLS_RIPEMD160_C
-hash_multi_part:PSA_ALG_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
-
-PSA hash multi part: RIPEMD160 Test vector from paper #2
-depends_on:MBEDTLS_RIPEMD160_C
-hash_multi_part:PSA_ALG_RIPEMD160:"61":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe"
-
-PSA hash multi part: RIPEMD160 Test vector from paper #3
-depends_on:MBEDTLS_RIPEMD160_C
-hash_multi_part:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
-
-PSA hash multi part: RIPEMD160 Test vector from paper #4
-depends_on:MBEDTLS_RIPEMD160_C
-hash_multi_part:PSA_ALG_RIPEMD160:"6d65737361676520646967657374":"5d0689ef49d2fae572b881b123a85ffa21595f36"
-
-PSA hash multi part: RIPEMD160 Test vector from paper #5
-depends_on:MBEDTLS_RIPEMD160_C
-hash_multi_part:PSA_ALG_RIPEMD160:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc"
-
-PSA hash multi part: RIPEMD160 Test vector from paper #6
-depends_on:MBEDTLS_RIPEMD160_C
-hash_multi_part:PSA_ALG_RIPEMD160:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"12a053384a9c0c88e405a06c27dcf49ada62eb2b"
-
-PSA hash multi part: RIPEMD160 Test vector from paper #7
-depends_on:MBEDTLS_RIPEMD160_C
-hash_multi_part:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"b0e20b6e3116640286ed3a87a5713079b21f5189"
-
-PSA hash multi part: RIPEMD160 Test vector from paper #8
-depends_on:MBEDTLS_RIPEMD160_C
-hash_multi_part:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
-
 PSA MAC setup: good, HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_SUCCESS
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 879a77c2f..898588879 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1568,52 +1568,7 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
-{
-    psa_algorithm_t alg = alg_arg;
-    unsigned char actual_hash[PSA_HASH_MAX_SIZE];
-    size_t actual_hash_length;
-    psa_hash_operation_t operation;
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_hash_update( &operation,
-                                  input->x, input->len ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_hash_finish( &operation,
-                                  actual_hash, sizeof( actual_hash ),
-                                  &actual_hash_length ) == PSA_SUCCESS );
-    ASSERT_COMPARE( expected_hash->x, expected_hash->len,
-                    actual_hash, actual_hash_length );
-
-exit:
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void hash_verify( int alg_arg, data_t *input, data_t *expected_hash )
-{
-    psa_algorithm_t alg = alg_arg;
-    psa_hash_operation_t operation;
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_hash_update( &operation,
-                                  input->x,
-                                  input->len ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_hash_verify( &operation,
-                                  expected_hash->x,
-                                  expected_hash->len ) == PSA_SUCCESS );
-
-exit:
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void hash_bad_paths(  )
+void hash_bad_paths( )
 {
     psa_algorithm_t alg = PSA_ALG_SHA_256;
     unsigned char hash[PSA_HASH_MAX_SIZE] = { 0 };
@@ -1759,39 +1714,6 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
-void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash )
-{
-    psa_algorithm_t alg = alg_arg;
-    unsigned char actual_hash[PSA_HASH_MAX_SIZE] = { 0 };
-    size_t actual_hash_length;
-    psa_hash_operation_t operation;
-    uint32_t halfway;
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
-
-    halfway = input->len / 2;
-    TEST_ASSERT( psa_hash_update( &operation,
-                                  input->x,
-                                  halfway ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_hash_update( &operation,
-                                  input->x + halfway,
-                                  input->len - halfway ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_hash_finish( &operation,
-                                  actual_hash, sizeof( actual_hash ),
-                                  &actual_hash_length ) == PSA_SUCCESS );
-
-    ASSERT_COMPARE( expected_hash->x, expected_hash->len,
-                    actual_hash, actual_hash_length );
-
-exit:
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
 /* BEGIN_CASE */
 void mac_verify( int key_type_arg,
                  data_t *key,
diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data
new file mode 100644
index 000000000..3d32bab90
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_hash.data
@@ -0,0 +1,587 @@
+PSA hash finish: SHA-1 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #9
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45"
+
+PSA hash finish: SHA-1 Test Vector NIST CAVS #10
+depends_on:MBEDTLS_SHA1_C
+hash_finish:PSA_ALG_SHA_1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713"
+
+PSA hash finish: SHA-224 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605"
+
+PSA hash finish: SHA-256 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA256_C
+hash_finish:PSA_ALG_SHA_256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980"
+
+PSA hash finish: SHA-384 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94"
+
+PSA hash finish: SHA-512 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA512_C
+hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
+
+PSA hash finish: MD-2 Test vector RFC1319 #1
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773"
+
+PSA hash finish: MD-2 Test vector RFC1319 #2
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
+
+PSA hash finish: MD-2 Test vector RFC1319 #3
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
+
+PSA hash finish: MD-2 Test vector RFC1319 #4
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0"
+
+PSA hash finish: MD-2 Test vector RFC1319 #5
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b"
+
+PSA hash finish: MD-2 Test vector RFC1319 #6
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd"
+
+PSA hash finish: MD-2 Test vector RFC1319 #7
+depends_on:MBEDTLS_MD2_C
+hash_finish:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8"
+
+PSA hash finish: MD-4 Test vector RFC1320 #1
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
+
+PSA hash finish: MD-4 Test vector RFC1320 #2
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24"
+
+PSA hash finish: MD-4 Test vector RFC1320 #3
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
+
+PSA hash finish: MD-4 Test vector RFC1320 #4
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b"
+
+PSA hash finish: MD-4 Test vector RFC1320 #5
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9"
+
+PSA hash finish: MD-4 Test vector RFC1320 #6
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4"
+
+PSA hash finish: MD-4 Test vector RFC1320 #7
+depends_on:MBEDTLS_MD4_C
+hash_finish:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536"
+
+PSA hash finish: MD-5 Test vector RFC1321 #1
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
+
+PSA hash finish: MD-5 Test vector RFC1321 #2
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661"
+
+PSA hash finish: MD-5 Test vector RFC1321 #3
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72"
+
+PSA hash finish: MD-5 Test vector RFC1321 #4
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0"
+
+PSA hash finish: MD-5 Test vector RFC1321 #5
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b"
+
+PSA hash finish: MD-5 Test vector RFC1321 #6
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f"
+
+PSA hash finish: MD-5 Test vector RFC1321 #7
+depends_on:MBEDTLS_MD5_C
+hash_finish:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a"
+
+PSA hash finish: RIPEMD160 Test vector from paper #1
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
+
+PSA hash finish: RIPEMD160 Test vector from paper #2
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"61":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe"
+
+PSA hash finish: RIPEMD160 Test vector from paper #3
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
+
+PSA hash finish: RIPEMD160 Test vector from paper #4
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"6d65737361676520646967657374":"5d0689ef49d2fae572b881b123a85ffa21595f36"
+
+PSA hash finish: RIPEMD160 Test vector from paper #5
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc"
+
+PSA hash finish: RIPEMD160 Test vector from paper #6
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"12a053384a9c0c88e405a06c27dcf49ada62eb2b"
+
+PSA hash finish: RIPEMD160 Test vector from paper #7
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"b0e20b6e3116640286ed3a87a5713079b21f5189"
+
+PSA hash finish: RIPEMD160 Test vector from paper #8
+depends_on:MBEDTLS_RIPEMD160_C
+hash_finish:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
+
+PSA hash verify: SHA-1
+depends_on:MBEDTLS_SHA1_C
+hash_verify:PSA_ALG_SHA_1:"bd":"9034aaf45143996a2b14465c352ab0c6fa26b221"
+
+PSA hash verify: SHA-224
+depends_on:MBEDTLS_SHA256_C
+hash_verify:PSA_ALG_SHA_224:"bd":"b1e46bb9efe45af554363449c6945a0d6169fc3a5a396a56cb97cb57"
+
+PSA hash verify: SHA-256
+depends_on:MBEDTLS_SHA256_C
+hash_verify:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
+
+PSA hash verify: SHA-384
+depends_on:MBEDTLS_SHA512_C
+hash_verify:PSA_ALG_SHA_384:"bd":"4372e38a92a28b5d2c391e62452a86d50e0267228be176c77d2402effe9fa50de407bbb851b37d5904aba2dede74da2a"
+
+PSA hash verify: SHA-512
+depends_on:MBEDTLS_SHA512_C
+hash_verify:PSA_ALG_SHA_512:"bd":"296e2267d74c278daaaa940d17b0cfb74a5083f8e069726d8c841cbe596e0431cb7741a5b50f71666cfd54bacb7b00aea891499cf4ef6a03c8a83fe37c3f7baf"
+
+PSA hash verify: MD-2
+depends_on:MBEDTLS_MD2_C
+hash_verify:PSA_ALG_MD2:"bd":"8c9c17665d25b35fc413c41805c679cf"
+
+PSA hash verify: MD-4
+depends_on:MBEDTLS_MD4_C
+hash_verify:PSA_ALG_MD4:"bd":"18c33f97297efe5f8a732258289fda25"
+
+PSA hash verify: MD-5
+depends_on:MBEDTLS_MD5_C
+hash_verify:PSA_ALG_MD5:"bd":"abae57cb562ecf295b4a37a76efe61fb"
+
+PSA hash verify: RIPEMD160
+depends_on:MBEDTLS_RIPEMD160_C
+hash_verify:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"a8":"99f2aa95e36f95c2acb0eaf23998f030638f3f15"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"3000":"f944dcd635f9801f7ac90a407fbc479964dec024"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"42749e":"a444319e9b6cc1e8464c511ec0969c37d6bb2619"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"9fc3fe08":"16a0ff84fcc156fd5d3ca3a744f20a232d172253"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"b5c1c6f1af":"fec9deebfcdedaf66dda525e1be43597a73a1f93"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"ec29561244ede706b6eb30a1c371d74450a105c3f9735f7fa9fe38cf67f304a5736a106e92e17139a6813b1c81a4f3d3fb9546ab4296fa9f722826c066869edacd73b2548035185813e22634a9da44000d95a281ff9f264ecce0a931222162d021cca28db5f3c2aa24945ab1e31cb413ae29810fd794cad5dfaf29ec43cb38d198fe4ae1da2359780221405bd6712a5305da4b1b737fce7cd21c0eb7728d08235a9011":"970111c4e77bcc88cc20459c02b69b4aa8f58217"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"5fc2c3f6a7e79dc94be526e5166a238899d54927ce470018fbfd668fd9dd97cbf64e2c91584d01da63be3cc9fdff8adfefc3ac728e1e335b9cdc87f069172e323d094b47fa1e652afe4d6aa147a9f46fda33cacb65f3aa12234746b9007a8c85fe982afed7815221e43dba553d8fe8a022cdac1b99eeeea359e5a9d2e72e382dffa6d19f359f4f27dc3434cd27daeeda8e38594873398678065fbb23665aba9309d946135da0e4a4afdadff14db18e85e71dd93c3bf9faf7f25c8194c4269b1ee3d9934097ab990025d9c3aaf63d5109f52335dd3959d38ae485050e4bbb6235574fc0102be8f7a306d6e8de6ba6becf80f37415b57f9898a5824e77414197422be3d36a6080":"0423dc76a8791107d14e13f5265b343f24cc0f19"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #9
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"0f865f46a8f3aed2da18482aa09a8f390dc9da07d51d1bd10fe0bf5f3928d5927d08733d32075535a6d1c8ac1b2dc6ba0f2f633dc1af68e3f0fa3d85e6c60cb7b56c239dc1519a007ea536a07b518ecca02a6c31b46b76f021620ef3fc6976804018380e5ab9c558ebfc5cb1c9ed2d974722bf8ab6398f1f2b82fa5083f85c16a5767a3a07271d67743f00850ce8ec428c7f22f1cf01f99895c0c844845b06a06cecb0c6cf83eb55a1d4ebc44c2c13f6f7aa5e0e08abfd84e7864279057abc471ee4a45dbbb5774afa24e51791a0eada11093b88681fe30baa3b2e94113dc63342c51ca5d1a6096d0897b626e42cb91761058008f746f35465465540ad8c6b8b60f7e1461b3ce9e6529625984cb8c7d46f07f735be067588a0117f23e34ff57800e2bbe9a1605fde6087fb15d22c5d3ac47566b8c448b0cee40373e5ba6eaa21abee71366afbb27dbbd300477d70c371e7b8963812f5ed4fb784fb2f3bd1d3afe883cdd47ef32beaea":"6692a71d73e00f27df976bc56df4970650d90e45"
+
+PSA hash multi part: SHA-1 Test Vector NIST CAVS #10
+depends_on:MBEDTLS_SHA1_C
+hash_multi_part:PSA_ALG_SHA_1:"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713"
+
+PSA hash multi part: SHA-224 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"5fd4":"7c4fbf484498d21b487b9d61de8914b2eadaf2698712936d47c3ada2558f6788"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"b0bd69":"4096804221093ddccfbf46831490ea63e9e99414858f8d75ff7f642c7ca61803"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"c98c8e55":"7abc22c0ae5af26ce93dbb94433a0e0b2e119d014f8e7f65bd56c61ccccd9504"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"81a723d966":"7516fb8bb11350df2bf386bc3c33bd0f52cb4c67c6e4745e0488e62c2aea2605"
+
+PSA hash multi part: SHA-256 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA256_C
+hash_multi_part:PSA_ALG_SHA_256:"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980"
+
+PSA hash multi part: SHA-384 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #1
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #2
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"8f":"e4cd2d19931b5aad9c920f45f56f6ce34e3d38c6d319a6e11d0588ab8b838576d6ce6d68eea7c830de66e2bd96458bfa7aafbcbec981d4ed040498c3dd95f22a"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #3
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"e724":"7dbb520221a70287b23dbcf62bfc1b73136d858e86266732a7fffa875ecaa2c1b8f673b5c065d360c563a7b9539349f5f59bef8c0c593f9587e3cd50bb26a231"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #4
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #5
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"a801e94b":"dadb1b5a27f9fece8d86adb2a51879beb1787ff28f4e8ce162cad7fee0f942efcabbf738bc6f797fc7cc79a3a75048cd4c82ca0757a324695bfb19a557e56e2f"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #6
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"94390d3502":"b6175c4c4cccf69e0ce5f0312010886ea6b34d43673f942ae42483f9cbb7da817de4e11b5d58e25a3d9bd721a22cdffe1c40411cc45df1911fa5506129b69297"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #7
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"49297dd63e5f":"1fcc1e6f6870859d11649f5e5336a9cd16329c029baf04d5a6edf257889a2e9522b497dd656bb402da461307c4ee382e2e89380c8e6e6e7697f1e439f650fa94"
+
+PSA hash multi part: SHA-512 Test Vector NIST CAVS #8
+depends_on:MBEDTLS_SHA512_C
+hash_multi_part:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
+
+PSA hash multi part: MD-2 Test vector RFC1319 #1
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773"
+
+PSA hash multi part: MD-2 Test vector RFC1319 #2
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
+
+PSA hash multi part: MD-2 Test vector RFC1319 #3
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
+
+PSA hash multi part: MD-2 Test vector RFC1319 #4
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0"
+
+PSA hash multi part: MD-2 Test vector RFC1319 #5
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b"
+
+PSA hash multi part: MD-2 Test vector RFC1319 #6
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd"
+
+PSA hash multi part: MD-2 Test vector RFC1319 #7
+depends_on:MBEDTLS_MD2_C
+hash_multi_part:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8"
+
+PSA hash multi part: MD-4 Test vector RFC1320 #1
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
+
+PSA hash multi part: MD-4 Test vector RFC1320 #2
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24"
+
+PSA hash multi part: MD-4 Test vector RFC1320 #3
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
+
+PSA hash multi part: MD-4 Test vector RFC1320 #4
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b"
+
+PSA hash multi part: MD-4 Test vector RFC1320 #5
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9"
+
+PSA hash multi part: MD-4 Test vector RFC1320 #6
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4"
+
+PSA hash multi part: MD-4 Test vector RFC1320 #7
+depends_on:MBEDTLS_MD4_C
+hash_multi_part:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536"
+
+PSA hash multi part: MD-5 Test vector RFC1321 #1
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
+
+PSA hash multi part: MD-5 Test vector RFC1321 #2
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661"
+
+PSA hash multi part: MD-5 Test vector RFC1321 #3
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72"
+
+PSA hash multi part: MD-5 Test vector RFC1321 #4
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0"
+
+PSA hash multi part: MD-5 Test vector RFC1321 #5
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b"
+
+PSA hash multi part: MD-5 Test vector RFC1321 #6
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f"
+
+PSA hash multi part: MD-5 Test vector RFC1321 #7
+depends_on:MBEDTLS_MD5_C
+hash_multi_part:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #1
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"":"9c1185a5c5e9fc54612808977ee8f548b2258d31"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #2
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"61":"0bdc9d2d256b3ee9daae347be6f4dc835a467ffe"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #3
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"616263":"8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #4
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"6d65737361676520646967657374":"5d0689ef49d2fae572b881b123a85ffa21595f36"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #5
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"f71c27109c692c1b56bbdceb5b9d2865b3708dbc"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #6
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"12a053384a9c0c88e405a06c27dcf49ada62eb2b"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #7
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"b0e20b6e3116640286ed3a87a5713079b21f5189"
+
+PSA hash multi part: RIPEMD160 Test vector from paper #8
+depends_on:MBEDTLS_RIPEMD160_C
+hash_multi_part:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function
new file mode 100644
index 000000000..75878ef3c
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_hash.function
@@ -0,0 +1,94 @@
+/* BEGIN_HEADER */
+
+#include <stdint.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+#include "spm/psa_defs.h"
+#endif
+
+#include "psa/crypto.h"
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+ /* BEGIN_CASE */
+void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
+{
+    psa_algorithm_t alg = alg_arg;
+    unsigned char actual_hash[PSA_HASH_MAX_SIZE];
+    size_t actual_hash_length;
+    psa_hash_operation_t operation;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_hash_update( &operation,
+                                  input->x, input->len ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_hash_finish( &operation,
+                                  actual_hash, sizeof( actual_hash ),
+                                  &actual_hash_length ) == PSA_SUCCESS );
+    ASSERT_COMPARE( expected_hash->x, expected_hash->len,
+                    actual_hash, actual_hash_length );
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_verify( int alg_arg, data_t *input, data_t *expected_hash )
+{
+    psa_algorithm_t alg = alg_arg;
+    psa_hash_operation_t operation;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_hash_update( &operation,
+                                  input->x,
+                                  input->len ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_hash_verify( &operation,
+                                  expected_hash->x,
+                                  expected_hash->len ) == PSA_SUCCESS );
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash )
+{
+    psa_algorithm_t alg = alg_arg;
+    unsigned char actual_hash[PSA_HASH_MAX_SIZE] = { 0 };
+    size_t actual_hash_length;
+    psa_hash_operation_t operation;
+    uint32_t halfway;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
+
+    halfway = input->len / 2;
+    TEST_ASSERT( psa_hash_update( &operation,
+                                  input->x,
+                                  halfway ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_hash_update( &operation,
+                                  input->x + halfway,
+                                  input->len - halfway ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_hash_finish( &operation,
+                                  actual_hash, sizeof( actual_hash ),
+                                  &actual_hash_length ) == PSA_SUCCESS );
+
+    ASSERT_COMPARE( expected_hash->x, expected_hash->len,
+                    actual_hash, actual_hash_length );
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */

From 69290f0e71ceb687527ab7281ad54b12afa38523 Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Wed, 24 Oct 2018 13:50:54 +0300
Subject: [PATCH 590/889] Update hash tests documentation

---
 tests/suites/test_suite_psa_crypto.data      |  6 +-
 tests/suites/test_suite_psa_crypto.function  |  4 +-
 tests/suites/test_suite_psa_crypto_hash.data | 90 ++++++++++----------
 3 files changed, 50 insertions(+), 50 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index bfd391ce9..01ca74f5a 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -332,15 +332,15 @@ PSA hash setup: good, SHA-512
 depends_on:MBEDTLS_SHA512_C
 hash_setup:PSA_ALG_SHA_512:PSA_SUCCESS
 
-PSA hash setup: good, MD-2
+PSA hash setup: good, MD2
 depends_on:MBEDTLS_MD2_C
 hash_setup:PSA_ALG_MD2:PSA_SUCCESS
 
-PSA hash setup: good, MD-4
+PSA hash setup: good, MD4
 depends_on:MBEDTLS_MD4_C
 hash_setup:PSA_ALG_MD4:PSA_SUCCESS
 
-PSA hash setup: good, MD-5
+PSA hash setup: good, MD5
 depends_on:MBEDTLS_MD5_C
 hash_setup:PSA_ALG_MD5:PSA_SUCCESS
 
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 898588879..3bca3cb5f 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1604,13 +1604,13 @@ void hash_bad_paths( )
                                   &hash_len ) == PSA_ERROR_BUFFER_TOO_SMALL );
 
 
-    /* psa_hash_verify with a smaller hash buffer than expected */
+    /* psa_hash_verify with a smaller hash digest than expected */
     TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_verify( &operation,
                                   hash, expected_size - 1 ) ==
                                   PSA_ERROR_INVALID_SIGNATURE );
 
-    /* psa_hash_verify with a non-matching hash buffer */
+    /* psa_hash_verify with a non-matching hash digest */
     TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_update( &operation,
                                   input, sizeof( input ) ) == PSA_SUCCESS );
diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data
index 3d32bab90..746d810f1 100644
--- a/tests/suites/test_suite_psa_crypto_hash.data
+++ b/tests/suites/test_suite_psa_crypto_hash.data
@@ -158,87 +158,87 @@ PSA hash finish: SHA-512 Test Vector NIST CAVS #8
 depends_on:MBEDTLS_SHA512_C
 hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
 
-PSA hash finish: MD-2 Test vector RFC1319 #1
+PSA hash finish: MD2 Test vector RFC1319 #1
 depends_on:MBEDTLS_MD2_C
 hash_finish:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773"
 
-PSA hash finish: MD-2 Test vector RFC1319 #2
+PSA hash finish: MD2 Test vector RFC1319 #2
 depends_on:MBEDTLS_MD2_C
 hash_finish:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
 
-PSA hash finish: MD-2 Test vector RFC1319 #3
+PSA hash finish: MD2 Test vector RFC1319 #3
 depends_on:MBEDTLS_MD2_C
 hash_finish:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
 
-PSA hash finish: MD-2 Test vector RFC1319 #4
+PSA hash finish: MD2 Test vector RFC1319 #4
 depends_on:MBEDTLS_MD2_C
 hash_finish:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0"
 
-PSA hash finish: MD-2 Test vector RFC1319 #5
+PSA hash finish: MD2 Test vector RFC1319 #5
 depends_on:MBEDTLS_MD2_C
 hash_finish:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b"
 
-PSA hash finish: MD-2 Test vector RFC1319 #6
+PSA hash finish: MD2 Test vector RFC1319 #6
 depends_on:MBEDTLS_MD2_C
 hash_finish:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd"
 
-PSA hash finish: MD-2 Test vector RFC1319 #7
+PSA hash finish: MD2 Test vector RFC1319 #7
 depends_on:MBEDTLS_MD2_C
 hash_finish:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8"
 
-PSA hash finish: MD-4 Test vector RFC1320 #1
+PSA hash finish: MD4 Test vector RFC1320 #1
 depends_on:MBEDTLS_MD4_C
 hash_finish:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
 
-PSA hash finish: MD-4 Test vector RFC1320 #2
+PSA hash finish: MD4 Test vector RFC1320 #2
 depends_on:MBEDTLS_MD4_C
 hash_finish:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24"
 
-PSA hash finish: MD-4 Test vector RFC1320 #3
+PSA hash finish: MD4 Test vector RFC1320 #3
 depends_on:MBEDTLS_MD4_C
 hash_finish:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
 
-PSA hash finish: MD-4 Test vector RFC1320 #4
+PSA hash finish: MD4 Test vector RFC1320 #4
 depends_on:MBEDTLS_MD4_C
 hash_finish:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b"
 
-PSA hash finish: MD-4 Test vector RFC1320 #5
+PSA hash finish: MD4 Test vector RFC1320 #5
 depends_on:MBEDTLS_MD4_C
 hash_finish:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9"
 
-PSA hash finish: MD-4 Test vector RFC1320 #6
+PSA hash finish: MD4 Test vector RFC1320 #6
 depends_on:MBEDTLS_MD4_C
 hash_finish:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4"
 
-PSA hash finish: MD-4 Test vector RFC1320 #7
+PSA hash finish: MD4 Test vector RFC1320 #7
 depends_on:MBEDTLS_MD4_C
 hash_finish:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536"
 
-PSA hash finish: MD-5 Test vector RFC1321 #1
+PSA hash finish: MD5 Test vector RFC1321 #1
 depends_on:MBEDTLS_MD5_C
 hash_finish:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
 
-PSA hash finish: MD-5 Test vector RFC1321 #2
+PSA hash finish: MD5 Test vector RFC1321 #2
 depends_on:MBEDTLS_MD5_C
 hash_finish:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661"
 
-PSA hash finish: MD-5 Test vector RFC1321 #3
+PSA hash finish: MD5 Test vector RFC1321 #3
 depends_on:MBEDTLS_MD5_C
 hash_finish:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72"
 
-PSA hash finish: MD-5 Test vector RFC1321 #4
+PSA hash finish: MD5 Test vector RFC1321 #4
 depends_on:MBEDTLS_MD5_C
 hash_finish:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0"
 
-PSA hash finish: MD-5 Test vector RFC1321 #5
+PSA hash finish: MD5 Test vector RFC1321 #5
 depends_on:MBEDTLS_MD5_C
 hash_finish:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b"
 
-PSA hash finish: MD-5 Test vector RFC1321 #6
+PSA hash finish: MD5 Test vector RFC1321 #6
 depends_on:MBEDTLS_MD5_C
 hash_finish:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f"
 
-PSA hash finish: MD-5 Test vector RFC1321 #7
+PSA hash finish: MD5 Test vector RFC1321 #7
 depends_on:MBEDTLS_MD5_C
 hash_finish:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a"
 
@@ -294,15 +294,15 @@ PSA hash verify: SHA-512
 depends_on:MBEDTLS_SHA512_C
 hash_verify:PSA_ALG_SHA_512:"bd":"296e2267d74c278daaaa940d17b0cfb74a5083f8e069726d8c841cbe596e0431cb7741a5b50f71666cfd54bacb7b00aea891499cf4ef6a03c8a83fe37c3f7baf"
 
-PSA hash verify: MD-2
+PSA hash verify: MD2
 depends_on:MBEDTLS_MD2_C
 hash_verify:PSA_ALG_MD2:"bd":"8c9c17665d25b35fc413c41805c679cf"
 
-PSA hash verify: MD-4
+PSA hash verify: MD4
 depends_on:MBEDTLS_MD4_C
 hash_verify:PSA_ALG_MD4:"bd":"18c33f97297efe5f8a732258289fda25"
 
-PSA hash verify: MD-5
+PSA hash verify: MD5
 depends_on:MBEDTLS_MD5_C
 hash_verify:PSA_ALG_MD5:"bd":"abae57cb562ecf295b4a37a76efe61fb"
 
@@ -470,87 +470,87 @@ PSA hash multi part: SHA-512 Test Vector NIST CAVS #8
 depends_on:MBEDTLS_SHA512_C
 hash_multi_part:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
 
-PSA hash multi part: MD-2 Test vector RFC1319 #1
+PSA hash multi part: MD2 Test vector RFC1319 #1
 depends_on:MBEDTLS_MD2_C
 hash_multi_part:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773"
 
-PSA hash multi part: MD-2 Test vector RFC1319 #2
+PSA hash multi part: MD2 Test vector RFC1319 #2
 depends_on:MBEDTLS_MD2_C
 hash_multi_part:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
 
-PSA hash multi part: MD-2 Test vector RFC1319 #3
+PSA hash multi part: MD2 Test vector RFC1319 #3
 depends_on:MBEDTLS_MD2_C
 hash_multi_part:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
 
-PSA hash multi part: MD-2 Test vector RFC1319 #4
+PSA hash multi part: MD2 Test vector RFC1319 #4
 depends_on:MBEDTLS_MD2_C
 hash_multi_part:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0"
 
-PSA hash multi part: MD-2 Test vector RFC1319 #5
+PSA hash multi part: MD2 Test vector RFC1319 #5
 depends_on:MBEDTLS_MD2_C
 hash_multi_part:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b"
 
-PSA hash multi part: MD-2 Test vector RFC1319 #6
+PSA hash multi part: MD2 Test vector RFC1319 #6
 depends_on:MBEDTLS_MD2_C
 hash_multi_part:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd"
 
-PSA hash multi part: MD-2 Test vector RFC1319 #7
+PSA hash multi part: MD2 Test vector RFC1319 #7
 depends_on:MBEDTLS_MD2_C
 hash_multi_part:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8"
 
-PSA hash multi part: MD-4 Test vector RFC1320 #1
+PSA hash multi part: MD4 Test vector RFC1320 #1
 depends_on:MBEDTLS_MD4_C
 hash_multi_part:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
 
-PSA hash multi part: MD-4 Test vector RFC1320 #2
+PSA hash multi part: MD4 Test vector RFC1320 #2
 depends_on:MBEDTLS_MD4_C
 hash_multi_part:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24"
 
-PSA hash multi part: MD-4 Test vector RFC1320 #3
+PSA hash multi part: MD4 Test vector RFC1320 #3
 depends_on:MBEDTLS_MD4_C
 hash_multi_part:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
 
-PSA hash multi part: MD-4 Test vector RFC1320 #4
+PSA hash multi part: MD4 Test vector RFC1320 #4
 depends_on:MBEDTLS_MD4_C
 hash_multi_part:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b"
 
-PSA hash multi part: MD-4 Test vector RFC1320 #5
+PSA hash multi part: MD4 Test vector RFC1320 #5
 depends_on:MBEDTLS_MD4_C
 hash_multi_part:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9"
 
-PSA hash multi part: MD-4 Test vector RFC1320 #6
+PSA hash multi part: MD4 Test vector RFC1320 #6
 depends_on:MBEDTLS_MD4_C
 hash_multi_part:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4"
 
-PSA hash multi part: MD-4 Test vector RFC1320 #7
+PSA hash multi part: MD4 Test vector RFC1320 #7
 depends_on:MBEDTLS_MD4_C
 hash_multi_part:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536"
 
-PSA hash multi part: MD-5 Test vector RFC1321 #1
+PSA hash multi part: MD5 Test vector RFC1321 #1
 depends_on:MBEDTLS_MD5_C
 hash_multi_part:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
 
-PSA hash multi part: MD-5 Test vector RFC1321 #2
+PSA hash multi part: MD5 Test vector RFC1321 #2
 depends_on:MBEDTLS_MD5_C
 hash_multi_part:PSA_ALG_MD5:"61":"0cc175b9c0f1b6a831c399e269772661"
 
-PSA hash multi part: MD-5 Test vector RFC1321 #3
+PSA hash multi part: MD5 Test vector RFC1321 #3
 depends_on:MBEDTLS_MD5_C
 hash_multi_part:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72"
 
-PSA hash multi part: MD-5 Test vector RFC1321 #4
+PSA hash multi part: MD5 Test vector RFC1321 #4
 depends_on:MBEDTLS_MD5_C
 hash_multi_part:PSA_ALG_MD5:"6d65737361676520646967657374":"f96b697d7cb7938d525a2f31aaf161d0"
 
-PSA hash multi part: MD-5 Test vector RFC1321 #5
+PSA hash multi part: MD5 Test vector RFC1321 #5
 depends_on:MBEDTLS_MD5_C
 hash_multi_part:PSA_ALG_MD5:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"c3fcd3d76192e4007dfb496cca67e13b"
 
-PSA hash multi part: MD-5 Test vector RFC1321 #6
+PSA hash multi part: MD5 Test vector RFC1321 #6
 depends_on:MBEDTLS_MD5_C
 hash_multi_part:PSA_ALG_MD5:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"d174ab98d277d9f5a5611c2c9f419d9f"
 
-PSA hash multi part: MD-5 Test vector RFC1321 #7
+PSA hash multi part: MD5 Test vector RFC1321 #7
 depends_on:MBEDTLS_MD5_C
 hash_multi_part:PSA_ALG_MD5:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"57edf4a22be3c955ac49da2e2107b67a"
 

From 4271df932ca25660d888889fe5ccca5d9c72d9a0 Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Wed, 24 Oct 2018 18:16:19 +0300
Subject: [PATCH 591/889] Add scenario to test case hash_bad_paths

Tests where the verification hash digest is prefixed with
the expected digest but also has extra bytes appended at the end of it.
---
 tests/suites/test_suite_psa_crypto.function | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 3bca3cb5f..0d292e3ce 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1577,6 +1577,15 @@ void hash_bad_paths( )
     psa_hash_operation_t operation;
     size_t hash_len;
 
+    /* SHA-256 hash digest of the string 'input' with 2 extra bytes appended at
+     * the end */
+    unsigned char extra_length_digest[] =
+    {
+        0x3a, 0x28, 0x92, 0x32, 0x39, 0x9a, 0x20, 0x75, 0x09, 0xf4, 0xfa, 0x9d,
+        0x70, 0xfa, 0x6f, 0x68, 0x81, 0x7c, 0xe6, 0xa6, 0x6f, 0x21, 0x50, 0xff,
+        0x08, 0x23, 0x36, 0x31, 0x1f, 0x4e, 0x55, 0xfe, 0xaa, 0xbb
+    };
+
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     /* psa_hash_update without calling psa_hash_setup beforehand */
@@ -1618,6 +1627,18 @@ void hash_bad_paths( )
                                   hash, expected_size ) ==
                                   PSA_ERROR_INVALID_SIGNATURE );
 
+    /* psa_hash_verify with a hash digest longer than expected, where the first
+     * 32 bytes match the expected digest but 2 extra bytes are appended at the
+     * end of the digest */
+    memset( hash, 0, sizeof( hash ) );
+    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_hash_update( &operation,
+                                  input, sizeof( input ) ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_hash_verify( &operation,
+                                  extra_length_digest,
+                                  sizeof( extra_length_digest ) ) ==
+                                  PSA_ERROR_INVALID_SIGNATURE );
+
 exit:
     mbedtls_psa_crypto_free( );
 }

From 58028321b9606cb020a0ba23ecb99e3f1fbf6841 Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Thu, 25 Oct 2018 10:22:01 +0300
Subject: [PATCH 592/889] Split test hash_bad_paths into 3 different tests

1. Rename hash_bad_paths to hash_verify_bad_paths
2. Add test hash_update_bad_paths
3. Add test hash_finish_bad_paths

The different scenarios tested as part of hash_bad_paths are
moved to the relevant test.
---
 tests/suites/test_suite_psa_crypto.data     | 12 +++-
 tests/suites/test_suite_psa_crypto.function | 69 ++++++++++++++-------
 2 files changed, 58 insertions(+), 23 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 01ca74f5a..507ca9b43 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -356,9 +356,17 @@ PSA hash setup: bad (not a hash algorithm)
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
 
-PSA hash: bad paths
+PSA hash verify: bad paths
 depends_on:MBEDTLS_SHA256_C
-hash_bad_paths:
+hash_verify_bad_paths:
+
+PSA hash update: bad paths
+depends_on:MBEDTLS_SHA256_C
+hash_update_bad_paths:
+
+PSA hash finish: bad paths
+depends_on:MBEDTLS_SHA256_C
+hash_finish_bad_paths:
 
 PSA MAC setup: good, HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 0d292e3ce..3db6df5b8 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1568,14 +1568,13 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void hash_bad_paths( )
+void hash_verify_bad_paths( )
 {
     psa_algorithm_t alg = PSA_ALG_SHA_256;
     unsigned char hash[PSA_HASH_MAX_SIZE] = { 0 };
     size_t expected_size = PSA_HASH_SIZE( alg );
     unsigned char input[] = "input";
     psa_hash_operation_t operation;
-    size_t hash_len;
 
     /* SHA-256 hash digest of the string 'input' with 2 extra bytes appended at
      * the end */
@@ -1588,31 +1587,12 @@ void hash_bad_paths( )
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
-    /* psa_hash_update without calling psa_hash_setup beforehand */
-    memset( &operation, 0, sizeof( operation ) );
-    TEST_ASSERT( psa_hash_update( &operation,
-                                  input, sizeof( input ) ) ==
-                                  PSA_ERROR_INVALID_ARGUMENT );
-
-    /* psa_hash_finish without calling psa_hash_setup beforehand */
-    memset( &operation, 0, sizeof( operation ) );
-    TEST_ASSERT( psa_hash_finish( &operation,
-                                  hash, expected_size,
-                                  &hash_len ) == PSA_ERROR_INVALID_ARGUMENT );
-
     /* psa_hash_verify without calling psa_hash_setup beforehand */
     memset( &operation, 0, sizeof( operation ) );
     TEST_ASSERT( psa_hash_verify( &operation,
                                   hash, expected_size ) ==
                                   PSA_ERROR_INVALID_ARGUMENT );
 
-    /* psa_hash_finish with a smaller hash buffer than expected */
-    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_hash_finish( &operation,
-                                  hash, expected_size - 1,
-                                  &hash_len ) == PSA_ERROR_BUFFER_TOO_SMALL );
-
-
     /* psa_hash_verify with a smaller hash digest than expected */
     TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_verify( &operation,
@@ -1644,6 +1624,53 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void hash_update_bad_paths( )
+{
+    unsigned char input[] = "input";
+    psa_hash_operation_t operation;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    /* psa_hash_update without calling psa_hash_setup beforehand */
+    memset( &operation, 0, sizeof( operation ) );
+    TEST_ASSERT( psa_hash_update( &operation,
+                                  input, sizeof( input ) ) ==
+                                  PSA_ERROR_INVALID_ARGUMENT );
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_finish_bad_paths( )
+{
+    psa_algorithm_t alg = PSA_ALG_SHA_256;
+    unsigned char hash[PSA_HASH_MAX_SIZE] = { 0 };
+    size_t expected_size = PSA_HASH_SIZE( alg );
+    psa_hash_operation_t operation;
+    size_t hash_len;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    /* psa_hash_finish without calling psa_hash_setup beforehand */
+    memset( &operation, 0, sizeof( operation ) );
+    TEST_ASSERT( psa_hash_finish( &operation,
+                                  hash, expected_size,
+                                  &hash_len ) == PSA_ERROR_INVALID_ARGUMENT );
+
+    /* psa_hash_finish with a smaller hash buffer than expected */
+    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_hash_finish( &operation,
+                                  hash, expected_size - 1,
+                                  &hash_len ) == PSA_ERROR_BUFFER_TOO_SMALL );
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void mac_setup( int key_type_arg,
                 data_t *key,

From e1f932ba4d1a6f54870d7151a6b1ec829d073b08 Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Mon, 29 Oct 2018 13:34:37 +0200
Subject: [PATCH 593/889] Refactor hash multi part test

Refactor test hash_multi_part to test various sizes when
calling psa_hash_update.
---
 .../test_suite_psa_crypto_hash.function       | 33 ++++++++++---------
 1 file changed, 18 insertions(+), 15 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function
index 75878ef3c..14e6a9769 100644
--- a/tests/suites/test_suite_psa_crypto_hash.function
+++ b/tests/suites/test_suite_psa_crypto_hash.function
@@ -64,29 +64,32 @@ exit:
 void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash )
 {
     psa_algorithm_t alg = alg_arg;
-    unsigned char actual_hash[PSA_HASH_MAX_SIZE] = { 0 };
+    unsigned char actual_hash[PSA_HASH_MAX_SIZE];
     size_t actual_hash_length;
     psa_hash_operation_t operation;
-    uint32_t halfway;
+    uint32_t len = 0;
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
+    do
+    {
+        memset( actual_hash, 0, sizeof( actual_hash ) );
+        TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
 
-    halfway = input->len / 2;
-    TEST_ASSERT( psa_hash_update( &operation,
-                                  input->x,
-                                  halfway ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_hash_update( &operation,
-                                  input->x + halfway,
-                                  input->len - halfway ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_hash_update( &operation,
+                                      input->x, len ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_hash_update( &operation,
+                                      input->x + len, input->len - len ) ==
+                                      PSA_SUCCESS );
 
-    TEST_ASSERT( psa_hash_finish( &operation,
-                                  actual_hash, sizeof( actual_hash ),
-                                  &actual_hash_length ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_hash_finish( &operation,
+                                      actual_hash, sizeof( actual_hash ),
+                                      &actual_hash_length ) == PSA_SUCCESS );
 
-    ASSERT_COMPARE( expected_hash->x, expected_hash->len,
-                    actual_hash, actual_hash_length );
+        ASSERT_COMPARE( expected_hash->x, expected_hash->len,
+                        actual_hash, actual_hash_length );
+
+    } while( len++ != input->len );
 
 exit:
     mbedtls_psa_crypto_free( );

From f86548d674c83787f0cd7b12a656a7b9c62dfe57 Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Thu, 1 Nov 2018 10:44:32 +0200
Subject: [PATCH 594/889] Add test hash_bad_order

1. New test for testing bad order of hash function calls.
2. Removed test hash_update_bad_paths since it's test scenario
   was moved to the new test.
3. Moved some scenarios from test hash_verify_bad_paths to
   the new test.
---
 tests/suites/test_suite_psa_crypto.data     |  7 +--
 tests/suites/test_suite_psa_crypto.function | 68 +++++++++++----------
 2 files changed, 40 insertions(+), 35 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 507ca9b43..45ce896fc 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -356,14 +356,13 @@ PSA hash setup: bad (not a hash algorithm)
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
 
+PSA hash: bad order function calls
+hash_bad_order:
+
 PSA hash verify: bad paths
 depends_on:MBEDTLS_SHA256_C
 hash_verify_bad_paths:
 
-PSA hash update: bad paths
-depends_on:MBEDTLS_SHA256_C
-hash_update_bad_paths:
-
 PSA hash finish: bad paths
 depends_on:MBEDTLS_SHA256_C
 hash_finish_bad_paths:
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 3db6df5b8..a6ab78ede 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1567,6 +1567,43 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void hash_bad_order( )
+{
+    unsigned char input[] = "";
+    /* SHA-256 hash of an empty string */
+    unsigned char hash[] = {
+        0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8,
+        0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
+        0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 };
+    size_t hash_len;
+    psa_hash_operation_t operation;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    /* psa_hash_update without calling psa_hash_setup beforehand */
+    memset( &operation, 0, sizeof( operation ) );
+    TEST_ASSERT( psa_hash_update( &operation,
+                                  input, sizeof( input ) ) ==
+                                  PSA_ERROR_INVALID_ARGUMENT );
+
+    /* psa_hash_verify without calling psa_hash_setup beforehand */
+    memset( &operation, 0, sizeof( operation ) );
+    TEST_ASSERT( psa_hash_verify( &operation,
+                                  hash, sizeof( hash ) ) ==
+                                  PSA_ERROR_INVALID_ARGUMENT );
+
+    /* psa_hash_finish without calling psa_hash_setup beforehand */
+    memset( &operation, 0, sizeof( operation ) );
+    TEST_ASSERT( psa_hash_finish( &operation,
+                                  hash, sizeof( hash ), &hash_len ) ==
+                                  PSA_ERROR_INVALID_ARGUMENT );
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void hash_verify_bad_paths( )
 {
@@ -1587,12 +1624,6 @@ void hash_verify_bad_paths( )
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
-    /* psa_hash_verify without calling psa_hash_setup beforehand */
-    memset( &operation, 0, sizeof( operation ) );
-    TEST_ASSERT( psa_hash_verify( &operation,
-                                  hash, expected_size ) ==
-                                  PSA_ERROR_INVALID_ARGUMENT );
-
     /* psa_hash_verify with a smaller hash digest than expected */
     TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_verify( &operation,
@@ -1624,25 +1655,6 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
-void hash_update_bad_paths( )
-{
-    unsigned char input[] = "input";
-    psa_hash_operation_t operation;
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    /* psa_hash_update without calling psa_hash_setup beforehand */
-    memset( &operation, 0, sizeof( operation ) );
-    TEST_ASSERT( psa_hash_update( &operation,
-                                  input, sizeof( input ) ) ==
-                                  PSA_ERROR_INVALID_ARGUMENT );
-
-exit:
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
 /* BEGIN_CASE */
 void hash_finish_bad_paths( )
 {
@@ -1654,12 +1666,6 @@ void hash_finish_bad_paths( )
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
-    /* psa_hash_finish without calling psa_hash_setup beforehand */
-    memset( &operation, 0, sizeof( operation ) );
-    TEST_ASSERT( psa_hash_finish( &operation,
-                                  hash, expected_size,
-                                  &hash_len ) == PSA_ERROR_INVALID_ARGUMENT );
-
     /* psa_hash_finish with a smaller hash buffer than expected */
     TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_finish( &operation,

From b2dd5ed1e62f932fb6750fe89c1cdc02b24163d6 Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Thu, 1 Nov 2018 11:58:59 +0200
Subject: [PATCH 595/889] Rename test hash_finish_bad_paths to
 hash_finish_bad_args

Test dependency moved to .function file.
---
 tests/suites/test_suite_psa_crypto.data     | 5 ++---
 tests/suites/test_suite_psa_crypto.function | 6 +++---
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 45ce896fc..071d6f39f 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -363,9 +363,8 @@ PSA hash verify: bad paths
 depends_on:MBEDTLS_SHA256_C
 hash_verify_bad_paths:
 
-PSA hash finish: bad paths
-depends_on:MBEDTLS_SHA256_C
-hash_finish_bad_paths:
+PSA hash finish: bad arguments
+hash_finish_bad_args:
 
 PSA MAC setup: good, HMAC-SHA-256
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index a6ab78ede..305e95da7 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1655,11 +1655,11 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
-void hash_finish_bad_paths( )
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+void hash_finish_bad_args( )
 {
     psa_algorithm_t alg = PSA_ALG_SHA_256;
-    unsigned char hash[PSA_HASH_MAX_SIZE] = { 0 };
+    unsigned char hash[PSA_HASH_MAX_SIZE];
     size_t expected_size = PSA_HASH_SIZE( alg );
     psa_hash_operation_t operation;
     size_t hash_len;

From 27e6945f4303c13bd2ff3a789218443cf00b63af Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Thu, 1 Nov 2018 14:26:34 +0200
Subject: [PATCH 596/889] Refactor and rename test hash_verify_bad_paths to
 hash_verify_bad_args

1. Updated test scenarios.
2. Renamed test and updated test description.
3. Some documentation updates.
4. Test dependency moved to .function file.
---
 tests/suites/test_suite_psa_crypto.data     |  5 ++-
 tests/suites/test_suite_psa_crypto.function | 39 +++++++--------------
 2 files changed, 15 insertions(+), 29 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 071d6f39f..9f4887a1f 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -359,9 +359,8 @@ hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
 PSA hash: bad order function calls
 hash_bad_order:
 
-PSA hash verify: bad paths
-depends_on:MBEDTLS_SHA256_C
-hash_verify_bad_paths:
+PSA hash verify: bad arguments
+hash_verify_bad_args:
 
 PSA hash finish: bad arguments
 hash_finish_bad_args:
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 305e95da7..d128c742a 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1604,50 +1604,37 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
-void hash_verify_bad_paths( )
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
+void hash_verify_bad_args( )
 {
     psa_algorithm_t alg = PSA_ALG_SHA_256;
-    unsigned char hash[PSA_HASH_MAX_SIZE] = { 0 };
+    /* SHA-256 hash of an empty string with 2 extra bytes (0xaa and 0xbb)
+     * appended to it */
+    unsigned char hash[] = {
+        0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8,
+        0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
+        0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55, 0xaa, 0xbb };
     size_t expected_size = PSA_HASH_SIZE( alg );
-    unsigned char input[] = "input";
     psa_hash_operation_t operation;
 
-    /* SHA-256 hash digest of the string 'input' with 2 extra bytes appended at
-     * the end */
-    unsigned char extra_length_digest[] =
-    {
-        0x3a, 0x28, 0x92, 0x32, 0x39, 0x9a, 0x20, 0x75, 0x09, 0xf4, 0xfa, 0x9d,
-        0x70, 0xfa, 0x6f, 0x68, 0x81, 0x7c, 0xe6, 0xa6, 0x6f, 0x21, 0x50, 0xff,
-        0x08, 0x23, 0x36, 0x31, 0x1f, 0x4e, 0x55, 0xfe, 0xaa, 0xbb
-    };
-
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
-    /* psa_hash_verify with a smaller hash digest than expected */
+    /* psa_hash_verify with a smaller hash than expected */
     TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_verify( &operation,
                                   hash, expected_size - 1 ) ==
                                   PSA_ERROR_INVALID_SIGNATURE );
 
-    /* psa_hash_verify with a non-matching hash digest */
+    /* psa_hash_verify with a non-matching hash */
     TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_hash_update( &operation,
-                                  input, sizeof( input ) ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_verify( &operation,
-                                  hash, expected_size ) ==
+                                  hash + 1, expected_size ) ==
                                   PSA_ERROR_INVALID_SIGNATURE );
 
-    /* psa_hash_verify with a hash digest longer than expected, where the first
-     * 32 bytes match the expected digest but 2 extra bytes are appended at the
-     * end of the digest */
-    memset( hash, 0, sizeof( hash ) );
+    /* psa_hash_verify with a hash longer than expected */
     TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_hash_update( &operation,
-                                  input, sizeof( input ) ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_verify( &operation,
-                                  extra_length_digest,
-                                  sizeof( extra_length_digest ) ) ==
+                                  hash, sizeof( hash ) ) ==
                                   PSA_ERROR_INVALID_SIGNATURE );
 
 exit:

From 392952df933b6733bc4efe6ca97625ad94e5dcf3 Mon Sep 17 00:00:00 2001
From: Mohammad AboMokh <mohammad.abomokh@arm.com>
Date: Thu, 1 Nov 2018 14:27:19 +0200
Subject: [PATCH 597/889] Fix test dependencies lists

---
 tests/suites/test_suite_psa_crypto.data | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 4db358e84..dc614b3c6 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -743,10 +743,11 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE
 sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
 
 PSA sign: invalid key type, signing with a public key
-sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
 
 PSA sign: invalid algorithm for ECC key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
 sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_CCM:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
 
 PSA sign/verify: RSA PKCS#1 v1.5, raw
@@ -822,8 +823,8 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE
 asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE
 
 PSA verify: invalid algorithm for ECC key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_CCM:"":"":PSA_ERROR_INVALID_ARGUMENT
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21
+asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT
 
 PSA encrypt: RSA PKCS#1 v1.5, good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15

From 2d65cf0b16e62d6e074c3535ebf19b1a856b7446 Mon Sep 17 00:00:00 2001
From: Mohammad AboMokh <mohammad.abomokh@arm.com>
Date: Tue, 6 Nov 2018 11:56:45 +0200
Subject: [PATCH 598/889] Fix sign test dependencies and used algorithm

---
 tests/suites/test_suite_psa_crypto.data | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index dc614b3c6..a1c2311d7 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -747,8 +747,8 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
 
 PSA sign: invalid algorithm for ECC key
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
-sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_CCM:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
 
 PSA sign/verify: RSA PKCS#1 v1.5, raw
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15

From 8739da830ed643ab7cfad61b6f6941f79eab9d46 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 6 Nov 2018 15:15:05 +0100
Subject: [PATCH 599/889] Fix test data in an old format

Update some test data from the asymmetric_apis_coverage branch that
wasn't updated to the new format from the
psa-asymmetric-format-raw_private_key branch.
---
 tests/suites/test_suite_psa_crypto.data | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 13892cc2d..ecd21493a 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1068,7 +1068,7 @@ sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818
 
 PSA sign: invalid algorithm for ECC key
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21
-sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
+sign_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT
 
 PSA sign/verify: RSA PKCS#1 v1.5, raw
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
@@ -1144,7 +1144,7 @@ asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"305
 
 PSA verify: invalid algorithm for ECC key
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21
-asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT
+asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT
 
 PSA encrypt: RSA PKCS#1 v1.5, good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15

From 28a38e6e38195012317b4307569824154fdce650 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Wed, 7 Nov 2018 16:18:24 +0200
Subject: [PATCH 600/889] Add tests that checks key management corner cases

- import a key into a non empty key slot.
- export a key from invalid slot number.
---
 tests/suites/test_suite_psa_crypto.data     | 13 ++++++
 tests/suites/test_suite_psa_crypto.function | 44 +++++++++++++++++++++
 2 files changed, 57 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index ecd21493a..64cc16c1e 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -31,6 +31,19 @@ PSA import/export AES-256
 depends_on:MBEDTLS_AES_C
 import_export:"0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
 
+PSA import to non empty key slot
+depends_on:MBEDTLS_AES_C
+import_key_nonempty_slot
+
+PSA export empty key slot
+export_invalid_slot:1:PSA_ERROR_EMPTY_SLOT
+
+PSA export out of range key slot - lower bound
+export_invalid_slot:0:PSA_ERROR_INVALID_ARGUMENT
+
+PSA export out of range key slot - upper bound
+export_invalid_slot:(psa_key_slot_t)(-1):PSA_ERROR_INVALID_ARGUMENT
+
 PSA import AES: bad key size
 depends_on:MBEDTLS_AES_C
 import:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index c46da9648..001869e3e 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1003,6 +1003,50 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void import_key_nonempty_slot( )
+{
+    int slot = 1;
+    psa_key_type_t type = PSA_KEY_TYPE_RAW_DATA;
+    psa_status_t status;
+    const uint8_t data[] = { 0x1, 0x2, 0x3, 0x4, 0x5 };
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    /* Import the key */
+    TEST_ASSERT( psa_import_key( slot, type,
+                                 data, sizeof( data ) ) == PSA_SUCCESS );
+
+    /* Import the key again */
+    status = psa_import_key( slot, type, data, sizeof( data ) );
+    TEST_ASSERT( status == PSA_ERROR_OCCUPIED_SLOT );
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void export_invalid_slot( int slot, int expected_export_status_arg )
+{
+    psa_status_t status;
+    unsigned char *exported = NULL;
+    size_t export_size = 0;
+    size_t exported_length = INVALID_EXPORT_LENGTH;
+    psa_status_t expected_export_status = expected_export_status_arg;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    /* Export the key */
+    status = psa_export_key( slot,
+                             exported, export_size,
+                             &exported_length );
+    TEST_ASSERT( status == expected_export_status );
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void import_export_public_key( data_t *data,
                                int type_arg,

From 3455009116d0fa9f0169fcad55523f54f5015b61 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Wed, 7 Nov 2018 16:19:34 +0200
Subject: [PATCH 601/889] Add tests that check export failures after illegal
 behavior

- export a key after import key failure.
- export a key after the key was destroyed.
- export a key after set key policy but no key material
creation.
---
 tests/suites/test_suite_psa_crypto.data     | 27 ++++++
 tests/suites/test_suite_psa_crypto.function | 99 +++++++++++++++++++++
 2 files changed, 126 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 64cc16c1e..ae21e677e 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -44,6 +44,33 @@ export_invalid_slot:0:PSA_ERROR_INVALID_ARGUMENT
 PSA export out of range key slot - upper bound
 export_invalid_slot:(psa_key_slot_t)(-1):PSA_ERROR_INVALID_ARGUMENT
 
+PSA export a slot where there was some activity but no key material creation
+export_with_no_key_activity
+
+PSA export a slot after a failed import of a AES key
+depends_on:MBEDTLS_AES_C
+export_after_import_failure:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT
+
+PSA export a slot after a failed import of a RSA key
+depends_on:MBEDTLS_RSA_C:MBEDTLS_PK_PARSE_C
+export_after_import_failure:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT
+
+PSA export a slot after a failed import of an EC keypair: public key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+export_after_import_failure:"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT
+
+PSA export RSA public key from a slot where there was an import followed by destroy.
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+export_after_destroy_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY
+
+PSA export AES key from a slot where there was an import followed by destroy.
+depends_on:MBEDTLS_AES_C
+export_after_destroy_key:"0123456789abcdef0123456789abcdef":PSA_KEY_TYPE_AES
+
+PSA export EC key from a slot where there was an import followed by destroy.
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+export_after_destroy_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1)
+
 PSA import AES: bad key size
 depends_on:MBEDTLS_AES_C
 import:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 001869e3e..6e992939b 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1047,6 +1047,105 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void export_with_no_key_activity( )
+{
+    int slot = 1;
+    psa_algorithm_t alg = PSA_ALG_CTR;
+    psa_status_t status;
+    psa_key_policy_t policy;
+    unsigned char *exported = NULL;
+    size_t export_size = 0;
+    size_t exported_length = INVALID_EXPORT_LENGTH;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    /* Export the key */
+    status = psa_export_key( slot,
+                             exported, export_size,
+                             &exported_length );
+    TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT );
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void export_after_import_failure( data_t *data, int type_arg,
+                                  int expected_import_status_arg )
+{
+    int slot = 1;
+    psa_key_type_t type = type_arg;
+    psa_status_t status;
+    unsigned char *exported = NULL;
+    size_t export_size = 0;
+    psa_status_t expected_import_status = expected_import_status_arg;
+    size_t exported_length = INVALID_EXPORT_LENGTH;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    /* Import the key - expect failure */
+    status = psa_import_key( slot, type,
+                                 data->x, data->len );
+    TEST_ASSERT( status == expected_import_status );
+
+    /* Export the key */
+    status = psa_export_key( slot,
+                             exported, export_size,
+                             &exported_length );
+    TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT );
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void export_after_destroy_key( data_t *data, int type_arg )
+{
+    int slot = 1;
+    psa_key_type_t type = type_arg;
+    psa_status_t status;
+    psa_key_policy_t policy;
+    psa_algorithm_t alg = PSA_ALG_CTR;
+    unsigned char *exported = NULL;
+    size_t export_size = 0;
+    size_t exported_length = INVALID_EXPORT_LENGTH;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    export_size = (ptrdiff_t) data->len;
+    ASSERT_ALLOC( exported, export_size );
+
+    /* Import the key */
+    TEST_ASSERT( psa_import_key( slot, type,
+                                 data->x, data->len ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_export_key( slot, exported, export_size,
+                                 &exported_length ) == PSA_SUCCESS );
+
+    /* Destroy the key */
+    TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
+
+    /* Export the key */
+    status = psa_export_key( slot, exported, export_size,
+                             &exported_length );
+    TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT );
+
+exit:
+    mbedtls_free( exported );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void import_export_public_key( data_t *data,
                                int type_arg,

From ce50007f90d4936ce4bcac9c37de3e6a39a11e72 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Wed, 7 Nov 2018 16:20:07 +0200
Subject: [PATCH 602/889] Add tests of using cipher in bad state cases

- cipher setup after import key failure.
- cipher setup after set key policy but no key material
creation.
---
 tests/suites/test_suite_psa_crypto.data     |  7 +++
 tests/suites/test_suite_psa_crypto.function | 51 +++++++++++++++++++++
 2 files changed, 58 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index ae21e677e..3d93ee4e6 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -47,6 +47,9 @@ export_invalid_slot:(psa_key_slot_t)(-1):PSA_ERROR_INVALID_ARGUMENT
 PSA export a slot where there was some activity but no key material creation
 export_with_no_key_activity
 
+PSA setup cipher where there was some activity on key but no key material creation
+cipher_with_no_key_activity
+
 PSA export a slot after a failed import of a AES key
 depends_on:MBEDTLS_AES_C
 export_after_import_failure:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT
@@ -59,6 +62,10 @@ PSA export a slot after a failed import of an EC keypair: public key
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 export_after_import_failure:"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT
 
+PSA setup cipher after a failed import of a AES key
+depends_on:MBEDTLS_AES_C
+cipher_after_import_failure:"0123456789abcdef":PSA_KEY_TYPE_AES:PSA_ERROR_INVALID_ARGUMENT
+
 PSA export RSA public key from a slot where there was an import followed by destroy.
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 export_after_destroy_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 6e992939b..14caa9ddf 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1075,6 +1075,30 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void cipher_with_no_key_activity( )
+{
+    int slot = 1;
+    psa_status_t status;
+    psa_key_policy_t policy;
+    psa_cipher_operation_t operation;
+    int exercise_alg = PSA_ALG_CTR;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, exercise_alg );
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    status = psa_cipher_encrypt_setup( &operation, slot, exercise_alg );
+    TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT );
+
+exit:
+    psa_cipher_abort( &operation );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void export_after_import_failure( data_t *data, int type_arg,
                                   int expected_import_status_arg )
@@ -1105,6 +1129,33 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void cipher_after_import_failure( data_t *data, int type_arg,
+                                  int expected_import_status_arg )
+{
+    int slot = 1;
+    psa_cipher_operation_t operation;
+    psa_key_type_t type = type_arg;
+    psa_status_t status;
+    psa_status_t expected_import_status = expected_import_status_arg;
+    int exercise_alg = PSA_ALG_CTR;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    /* Import the key - expect failure */
+    status = psa_import_key( slot, type,
+                                 data->x, data->len );
+    TEST_ASSERT( status == expected_import_status );
+
+    status = psa_cipher_encrypt_setup( &operation, slot, exercise_alg );
+    TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT );
+
+exit:
+    psa_cipher_abort( &operation );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void export_after_destroy_key( data_t *data, int type_arg )
 {

From 728944718a07ed31fc62bc27e9ba061e9da0edc1 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 8 Nov 2018 10:00:08 +0100
Subject: [PATCH 603/889] Fix a test case with incorrect dependency

Simplify the test case "PSA export a slot after a failed import of an
EC keypair": use an invalid private value for the specified curve. Now
the dependencies match the test data, so this fixes curves.pl.
---
 tests/suites/test_suite_psa_crypto.data | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 3d93ee4e6..4a9714a27 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -58,9 +58,9 @@ PSA export a slot after a failed import of a RSA key
 depends_on:MBEDTLS_RSA_C:MBEDTLS_PK_PARSE_C
 export_after_import_failure:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT
 
-PSA export a slot after a failed import of an EC keypair: public key
+PSA export a slot after a failed import of an EC keypair
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
-export_after_import_failure:"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ERROR_INVALID_ARGUMENT
+export_after_import_failure:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT
 
 PSA setup cipher after a failed import of a AES key
 depends_on:MBEDTLS_AES_C

From 594a330eb7c344a54407956f3175ea97ee6f973b Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Fri, 26 Oct 2018 17:07:22 +0100
Subject: [PATCH 604/889] psa: test: Fix truncation of message by snprintf

We had only allocated 40 bytes for printing into, but we wanted to print 46
bytes. Update the buffer to be 47 bytes, which is large enough to hold what
we want to print plus a terminating null byte.
---
 tests/suites/test_suite_psa_crypto.function | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 14caa9ddf..d2875ae34 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -631,7 +631,7 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits,
         else
 #endif /* MBEDTLS_ECP_C */
         {
-            char message[40];
+            char message[47];
             mbedtls_snprintf( message, sizeof( message ),
                               "No sanity check for public key type=0x%08lx",
                               (unsigned long) type );

From aac64a2839e32ec3e74590de3f958b4f3747e5b9 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 12 Nov 2018 18:37:42 +0100
Subject: [PATCH 605/889] Remove support for non-byte-aligned RSA keys

Remove the need for an extra function mbedtls_rsa_get_bitlen. Use
mbedtls_rsa_get_len, which is only correct for keys whose size is a
multiple of 8. Key sizes that aren't a multiple of 8 are extremely
rarely used, so in practice this is not a problematic limitation.
---
 library/psa_crypto.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 87f9147a6..dc6f2da49 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -579,7 +579,11 @@ static psa_status_t psa_import_rsa_key( mbedtls_pk_context *pk,
     else
     {
         mbedtls_rsa_context *rsa = mbedtls_pk_rsa( *pk );
-        size_t bits = mbedtls_rsa_get_bitlen( rsa );
+        /* The size of an RSA key doesn't have to be a multiple of 8.
+         * Mbed TLS supports non-byte-aligned key sizes, but not well.
+         * For example, mbedtls_rsa_get_len() returns the key size in
+         * bytes, not in bits. */
+        size_t bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( rsa ) );
         if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
             return( PSA_ERROR_NOT_SUPPORTED );
         *p_rsa = rsa;
@@ -799,7 +803,7 @@ static size_t psa_get_key_bits( const key_slot_t *slot )
         return( slot->data.raw.bytes * 8 );
 #if defined(MBEDTLS_RSA_C)
     if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
-        return( mbedtls_rsa_get_bitlen( slot->data.rsa ) );
+        return( PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( slot->data.rsa ) ) );
 #endif /* defined(MBEDTLS_RSA_C) */
 #if defined(MBEDTLS_ECP_C)
     if( PSA_KEY_TYPE_IS_ECC( slot->type ) )

From 86a440b63864d61ba475548291a0bd4945ad2a22 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 12 Nov 2018 18:39:40 +0100
Subject: [PATCH 606/889] Reject non-byte-aligned RSA keys

On key import and key generation, for RSA, reject key sizes that are
not a multiple of 8. Such keys are not well-supported in Mbed TLS and
are hardly ever used in practice.

The previous commit removed support for non-byte-aligned keys at the
PSA level. This commit actively rejects such keys and adds
corresponding tests (test keys generated with "openssl genrsa").
---
 library/psa_crypto.c                    | 30 +++++++++++++++++++
 tests/suites/test_suite_psa_crypto.data | 40 ++++++++++++++++++++++---
 2 files changed, 66 insertions(+), 4 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index dc6f2da49..4584f6bde 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -571,6 +571,28 @@ static psa_status_t prepare_raw_data_slot( psa_key_type_t type,
 }
 
 #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C)
+/* Mbed TLS doesn't support non-byte-aligned key sizes (i.e. key sizes
+ * that are not a multiple of 8) well. For example, there is only
+ * mbedtls_rsa_get_len(), which returns a number of bytes, and no
+ * way to return the exact bit size of a key.
+ * To keep things simple, reject non-byte-aligned key sizes. */
+static psa_status_t psa_check_rsa_key_byte_aligned(
+    const mbedtls_rsa_context *rsa )
+{
+    mbedtls_mpi n;
+    psa_status_t status;
+    mbedtls_mpi_init( &n );
+    status = mbedtls_to_psa_error(
+        mbedtls_rsa_export( rsa, &n, NULL, NULL, NULL, NULL ) );
+    if( status == PSA_SUCCESS )
+    {
+        if( mbedtls_mpi_bitlen( &n ) % 8 != 0 )
+            status = PSA_ERROR_NOT_SUPPORTED;
+    }
+    mbedtls_mpi_free( &n );
+    return( status );
+}
+
 static psa_status_t psa_import_rsa_key( mbedtls_pk_context *pk,
                                         mbedtls_rsa_context **p_rsa )
 {
@@ -584,8 +606,12 @@ static psa_status_t psa_import_rsa_key( mbedtls_pk_context *pk,
          * For example, mbedtls_rsa_get_len() returns the key size in
          * bytes, not in bits. */
         size_t bits = PSA_BYTES_TO_BITS( mbedtls_rsa_get_len( rsa ) );
+        psa_status_t status;
         if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
             return( PSA_ERROR_NOT_SUPPORTED );
+        status = psa_check_rsa_key_byte_aligned( rsa );
+        if( status != PSA_SUCCESS )
+            return( status );
         *p_rsa = rsa;
         return( PSA_SUCCESS );
     }
@@ -3556,6 +3582,10 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
         int exponent = 65537;
         if( bits > PSA_VENDOR_RSA_MAX_KEY_BITS )
             return( PSA_ERROR_NOT_SUPPORTED );
+        /* Accept only byte-aligned keys, for the same reasons as
+         * in psa_import_rsa_key(). */
+        if( bits % 8 != 0 )
+            return( PSA_ERROR_NOT_SUPPORTED );
         if( extra != NULL )
         {
             const psa_generate_key_extra_rsa *p = extra;
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 4a9714a27..229fa81c5 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -150,10 +150,6 @@ PSA import RSA keypair: valid key but EC
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import:"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_INVALID_ARGUMENT
 
-PSA import/export RSA keypair: good, 1023-bit
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
-import_export:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1023:0:PSA_SUCCESS:1
-
 PSA import/export-public RSA public key: good, 1024-bit
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export_public_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0:PSA_SUCCESS:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
@@ -170,6 +166,30 @@ PSA import/export-public RSA keypair: buffer too small
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export_public_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:-1:PSA_ERROR_BUFFER_TOO_SMALL:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001"
 
+PSA import/export RSA public key: 1016-bit (good)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"30819e300d06092a864886f70d010101050003818c0030818802818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1016:0:PSA_SUCCESS:1
+
+PSA import/export RSA keypair: 1016-bit (good)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import_export:"3082025802010002818000cde684f1aee96917b89c8a0a72523cfce4686ed5a5fbd32abab12038fc75148e45314b7e31fe60d8258e7e78234a23df0f00cc20fd008b64cb5b0f4ced8c47aa048f767f859961adc22b3df14e63bd9e08c9707bbf4e0eba32b1cc35a020e7e815ca47e0d39601a80d683ab4a07f4d3a7acebaba6c87d25bce2d091ee115c50203010001028180009dd9c34411e769a540e7e9c03682abb4e95ad2d5c2297c6b7eb2fa5415dfa081adb42bff344ea36a31e8bb36593fa69e843f053fa916f8c6ae4c423fa4c1edbcfa7e8079bc19a738f4f861c198cf277d2c89fe3deab06db5a3a09f8d1622033a618fbfbab92b50a13f77cdb53b56d38bec4cdd8cbe65e8b30ab4e77565842102400eec9285833f973372458f354bff7d35bcb04f3b26f5b58a025887a966ca951b6667651a46034bbc99f9d688dfbcb4297a4d86824dd73abdfa7deeb232b1642902400dcbe74d51f3b93afe2a22e2be0c3c56911ef771fd8eb01f64d95d018315baf4144aeb957be95a77f17f2b8a12c2d3b87a1281f9c66d839fa603fbbe7381783d0240035398154a7c1227d580cbbb05859d532d0bdf9d3fc1e5052e20ad9c84dd02ff6884037527c5f44bc5c67a9b67c39824e6ae011d6a5c5f2b997a188a7fe22a810240076bf41ec5023e57bcd87ff1c7d89f30d65a793469f933478021ea056135f45f4ef74aaa1c8158b883422cf2d6cad5c83c6aee5ea65ecd5ab99d14f4cc000ee5024006d13905db5556627066596da3383458aea6ba5e2f94ccc5b922117a1ed3ae7a26c59e68c3885a41b366f1a5c8bff7ec8853ef8d32addb818141352b2da553dc":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_EXPORT:1016:0:PSA_SUCCESS:1
+
+PSA import RSA public key: 1022-bit (not supported)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import:"30819e300d06092a864886f70d010101050003818c0030818802818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd134450230203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ERROR_NOT_SUPPORTED
+
+PSA import RSA keypair: 1022-bit (not supported)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import:"3082025802010002818036e4b95f847dcd7a91b0972b7ba096e040ec04e42d59f733029fb2600b8ae9e4fd8ea76f3d7ec576288102285b612db7abc53770006046fef321172a6ad84053710d48528a8d51b6481db53c09e1524d6704b58bd30313016535eefe9bcff89eb599608daaa0a72ab7720af31486b51020421fdd3c6974cc445a78dd1344502302030100010281800ad9700e01e8bf68ff4c90c4465dfa13fea0e76295d817349ccb257d382acf89b3d7b31e18606af4ac92baf3710426fe0b54225ddfa527c31218b3346e03a9cae5395a780ade880b996f4061fad65689393fc8e77f46a4c1a29b0450cdaaef0710e523cd1028abe1653d23f0d5ec805a629bdf1fc4c1c00737760e1714f6b7f102407d5e545484b546bd61972b446a04af0cf17b126a8872b977da5035ca82dd0e4fef1381a6480f60db07628348602f86ba89a271563d9a3fb613b9b39703498f9902407017641093065eed178ff848b5f8a2b502a187511db28549ea7646f3e7b3ea171f4c34c0ecf0566adc4d172c057be077a45fcf8019a36a4588c4de3b8c0a631b02407cc7fccbbae2eb2be80c9c8615b7dfbbd4469907ec13b44274cacd1f69ad38679b2021352e18106131327e54f5579893e6160714bd6fdfe60c30136e45595c51024055250f779f96f94873db82a808c24325e847b6b8212cd81e9ba118a8715ab2f8b96773b310c8477c88b76e609c11cb22569408d4afa4f836b57b85ac09e661fd02400e5fc5df9614c95d77e9bc2df63d48e7a08a0034174f0f745eef4413ee36d929f194557e6990e148b7438e949a41e92bc9d9136c3e6563904151a578a2f4fc1b":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_NOT_SUPPORTED
+
+PSA import RSA public key: 1023-bit (not supported)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import:"30819e300d06092a864886f70d010101050003818c003081880281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:PSA_ERROR_NOT_SUPPORTED
+
+PSA import RSA keypair: 1023-bit (not supported)
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
+import:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_NOT_SUPPORTED
+
 PSA import/export EC secp224r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED
 import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:224:0:PSA_SUCCESS:1
@@ -1562,6 +1582,10 @@ PSA generate key: RSA, 512 bits, good, sign (PKCS#1 v1.5)
 depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15
 generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
 
+PSA generate key: RSA, 1016 bits, good, sign (PKCS#1 v1.5)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V15
+generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1016:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_SUCCESS
+
 PSA generate key: RSA, 1024 bits, good, sign (PSS SHA-256)
 depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
 generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):PSA_SUCCESS
@@ -1574,6 +1598,14 @@ PSA generate key: RSA, 1024 bits, good, encrypt (OAEP SHA-256)
 depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C
 generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_SUCCESS
 
+PSA generate key: RSA, 1022 bits: not supported
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
+generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1022:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED
+
+PSA generate key: RSA, 1023 bits: not supported
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
+generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:1023:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED
+
 PSA generate key: RSA, maximum size exceeded
 depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
 generate_key:PSA_KEY_TYPE_RSA_KEYPAIR:PSA_VENDOR_RSA_MAX_KEY_BITS+1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_ERROR_NOT_SUPPORTED

From 64a43ce48e4885f329eecc0bfd8efa59777bd5a4 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 12 Nov 2018 18:42:28 +0100
Subject: [PATCH 607/889] Revert "fixup! New function mbedtls_rsa_get_bitlen"

This reverts commit c939f6fcba1cda328c4a21b7c8df596690e36add.
---
 tests/suites/test_suite_pk.function | 1 -
 1 file changed, 1 deletion(-)

diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 916b3c54d..a1d9b0b7a 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -16,7 +16,6 @@ static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len );
 static int pk_genkey( mbedtls_pk_context *pk, int size )
 {
     ((void) pk);
-    ((void) size);
 
 #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
     if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_RSA )

From e19b7d54d052baee9c5bd24731ff3c252ad80ebf Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 12 Nov 2018 18:42:43 +0100
Subject: [PATCH 608/889] Revert "New function mbedtls_rsa_get_bitlen"

This reverts commit 1d26709dbd4a4f8ef9ea0ff58f2644a4bc3fc49c.
---
 include/mbedtls/rsa.h                | 10 -------
 library/pk_wrap.c                    |  2 +-
 library/rsa.c                        |  9 +------
 tests/suites/test_suite_pk.data      | 11 +-------
 tests/suites/test_suite_pk.function  | 39 +++++-----------------------
 tests/suites/test_suite_rsa.function | 27 +++++++------------
 6 files changed, 18 insertions(+), 80 deletions(-)

diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h
index 31a8db757..6eea5af2f 100644
--- a/include/mbedtls/rsa.h
+++ b/include/mbedtls/rsa.h
@@ -403,16 +403,6 @@ void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding,
  */
 size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx );
 
-/**
- * \brief          This function retrieves the length of the RSA modulus in bits.
- *
- * \param ctx      The initialized RSA context.
- *
- * \return         The length of the RSA modulus in bits.
- *
- */
-size_t mbedtls_rsa_get_bitlen( const mbedtls_rsa_context *ctx );
-
 /**
  * \brief          This function generates an RSA keypair.
  *
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index f9b4c659c..2c7d2d79b 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -66,7 +66,7 @@ static int rsa_can_do( mbedtls_pk_type_t type )
 static size_t rsa_get_bitlen( const void *ctx )
 {
     const mbedtls_rsa_context * rsa = (const mbedtls_rsa_context *) ctx;
-    return( mbedtls_rsa_get_bitlen( rsa ) );
+    return( 8 * mbedtls_rsa_get_len( rsa ) );
 }
 
 static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
diff --git a/library/rsa.c b/library/rsa.c
index 499d14540..56490f93e 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -480,19 +480,12 @@ void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, int hash_id
 /*
  * Get length in bytes of RSA modulus
  */
+
 size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx )
 {
     return( ctx->len );
 }
 
-/*
- * Get length in bits of RSA modulus
- */
-size_t mbedtls_rsa_get_bitlen( const mbedtls_rsa_context *ctx )
-{
-    return( mbedtls_mpi_bitlen( &ctx->N ) );
-}
-
 
 #if defined(MBEDTLS_GENPRIME)
 
diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data
index 77e3bd887..a066bd93e 100644
--- a/tests/suites/test_suite_pk.data
+++ b/tests/suites/test_suite_pk.data
@@ -1,16 +1,7 @@
-PK utils: RSA, 512 bits
+PK utils: RSA
 depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
 pk_utils:MBEDTLS_PK_RSA:512:64:"RSA"
 
-## RSA key generation only supports even bit sizes
-#PK utils: RSA, 511 bits
-#depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
-#pk_utils:MBEDTLS_PK_RSA:511:64:"RSA"
-#
-PK utils: RSA, 510 bits
-depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME
-pk_utils:MBEDTLS_PK_RSA:510:64:"RSA"
-
 PK utils: ECKEY
 depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
 pk_utils:MBEDTLS_PK_ECKEY:192:24:"EC"
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index a1d9b0b7a..9005ddb31 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -13,18 +13,13 @@ static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len );
 #define RSA_KEY_SIZE 512
 #define RSA_KEY_LEN   64
 
-static int pk_genkey( mbedtls_pk_context *pk, int size )
+static int pk_genkey( mbedtls_pk_context *pk )
 {
     ((void) pk);
 
 #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
     if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_RSA )
-    {
-        if( size == 0 )
-            size = RSA_KEY_SIZE;
-        return( mbedtls_rsa_gen_key( mbedtls_pk_rsa( *pk ),
-                                     rnd_std_rand, NULL, size, 3 ) );
-    }
+        return mbedtls_rsa_gen_key( mbedtls_pk_rsa( *pk ), rnd_std_rand, NULL, RSA_KEY_SIZE, 3 );
 #endif
 #if defined(MBEDTLS_ECP_C)
     if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY ||
@@ -32,30 +27,8 @@ static int pk_genkey( mbedtls_pk_context *pk, int size )
         mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECDSA )
     {
         int ret;
-        mbedtls_ecp_group_id curve;
-        switch( size )
-        {
-            case 0:
-            case 192:
-                curve = MBEDTLS_ECP_DP_SECP192R1;
-                break;
-            case 224:
-                curve = MBEDTLS_ECP_DP_SECP224R1;
-                break;
-            case 256:
-                curve = MBEDTLS_ECP_DP_SECP256R1;
-                break;
-            case 384:
-                curve = MBEDTLS_ECP_DP_SECP384R1;
-                break;
-            case 521:
-                curve = MBEDTLS_ECP_DP_SECP521R1;
-                break;
-            default:
-                return( -1 );
-        }
         if( ( ret = mbedtls_ecp_group_load( &mbedtls_pk_ec( *pk )->grp,
-                                            curve ) ) != 0 )
+                                      MBEDTLS_ECP_DP_SECP192R1 ) ) != 0 )
             return( ret );
 
         return mbedtls_ecp_gen_keypair( &mbedtls_pk_ec( *pk )->grp, &mbedtls_pk_ec( *pk )->d,
@@ -104,7 +77,7 @@ void pk_utils( int type, int size, int len, char * name )
     mbedtls_pk_init( &pk );
 
     TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
-    TEST_ASSERT( pk_genkey( &pk, size ) == 0 );
+    TEST_ASSERT( pk_genkey( &pk ) == 0 );
 
     TEST_ASSERT( (int) mbedtls_pk_get_type( &pk ) == type );
     TEST_ASSERT( mbedtls_pk_can_do( &pk, type ) );
@@ -279,7 +252,7 @@ void pk_sign_verify( int type, int sign_ret, int verify_ret )
     memset( sig, 0, sizeof sig );
 
     TEST_ASSERT( mbedtls_pk_setup( &pk, mbedtls_pk_info_from_type( type ) ) == 0 );
-    TEST_ASSERT( pk_genkey( &pk, 0 ) == 0 );
+    TEST_ASSERT( pk_genkey( &pk ) == 0 );
 
     TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256, hash, sizeof hash,
                           sig, &sig_len, rnd_std_rand, NULL ) == sign_ret );
@@ -474,7 +447,7 @@ void pk_rsa_alt(  )
     /* Initiliaze PK RSA context with random key */
     TEST_ASSERT( mbedtls_pk_setup( &rsa,
                               mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == 0 );
-    TEST_ASSERT( pk_genkey( &rsa, RSA_KEY_SIZE ) == 0 );
+    TEST_ASSERT( pk_genkey( &rsa ) == 0 );
 
     /* Extract key to the raw rsa context */
     TEST_ASSERT( mbedtls_rsa_copy( &raw, mbedtls_pk_rsa( rsa ) ) == 0 );
diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index 46c8bf96e..c43ef2050 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function
@@ -44,8 +44,7 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode,
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
     TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
     TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
 
@@ -87,8 +86,7 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode,
     TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
     TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
 
 
@@ -129,8 +127,7 @@ void rsa_pkcs1_sign_raw( data_t * hash_result,
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
     TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
     TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
 
@@ -195,8 +192,7 @@ void rsa_pkcs1_verify_raw( data_t * hash_result,
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
     TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
 
 
@@ -260,8 +256,7 @@ void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode,
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
     TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
 
 
@@ -299,8 +294,7 @@ void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode,
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
     TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
 
 
@@ -348,8 +342,7 @@ void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode,
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
     TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
     TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
 
@@ -388,8 +381,7 @@ void mbedtls_rsa_public( data_t * message_str, int mod, int radix_N,
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
     TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
 
 
@@ -448,8 +440,7 @@ void mbedtls_rsa_private( data_t * message_str, int mod, int radix_P,
     TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
 
     TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
-    TEST_ASSERT( mbedtls_rsa_get_bitlen( &ctx ) == (size_t) mod );
-    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod + 7 ) / 8 );
+    TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
     TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
     TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
 

From 92587dbf2b9c03f7fac62e6b1631e3c24d85ae0c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 18 Sep 2018 12:12:42 +0200
Subject: [PATCH 609/889] Write missing bit of the documentation of
 psa_key_derivation

---
 include/psa/crypto.h | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 732bc2fad..6efaa0242 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -3040,7 +3040,10 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator);
  *   and \p label is the info string used in the "expand" step.
  *
  * \param[in,out] generator       The generator object to set up. It must
- *                                have been initialized to .
+ *                                have been initialized to all-bits-zero,
+ *                                a logical zero (`{0}`),
+ *                                \c PSA_CRYPTO_GENERATOR_INIT or
+ *                                psa_crypto_generator_init().
  * \param key                     Slot containing the secret key to use.
  * \param alg                     The key derivation algorithm to compute
  *                                (\c PSA_ALG_XXX value such that

From e8f0e3dc3c1c97cdb0d850118aa9a29a2dad9747 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 18 Sep 2018 11:52:10 +0200
Subject: [PATCH 610/889] New algorithm category: key selection

A key selection algorithm is similar to a key derivation algorithm in
that it takes a secret input and produces a secret output stream.
However, unlike key derivation algorithms, there is no expectation
that the input cannot be reconstructed from the output. Key selection
algorithms are exclusively meant to be used on the output of a key
agreement algorithm to select chunks of the shared secret.
---
 include/psa/crypto.h                          | 35 ++++++++-
 tests/suites/test_suite_psa_crypto.data       |  6 +-
 .../test_suite_psa_crypto_metadata.data       |  2 +
 .../test_suite_psa_crypto_metadata.function   | 71 ++++++++++++++-----
 4 files changed, 94 insertions(+), 20 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 6efaa0242..f344e1467 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -603,6 +603,7 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION  ((psa_algorithm_t)0x12000000)
 #define PSA_ALG_CATEGORY_KEY_AGREEMENT          ((psa_algorithm_t)0x22000000)
 #define PSA_ALG_CATEGORY_KEY_DERIVATION         ((psa_algorithm_t)0x30000000)
+#define PSA_ALG_CATEGORY_KEY_SELECTION          ((psa_algorithm_t)0x31000000)
 
 #define PSA_ALG_IS_VENDOR_DEFINED(alg)                                  \
     (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
@@ -674,6 +675,7 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)                           \
     (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION)
 
+#define PSA_ALG_KEY_SELECTION_FLAG              ((psa_algorithm_t)0x01000000)
 /** Whether the specified algorithm is a key agreement algorithm.
  *
  * \param alg An algorithm identifier (value of type #psa_algorithm_t).
@@ -683,7 +685,8 @@ typedef uint32_t psa_algorithm_t;
  *         algorithm identifier.
  */
 #define PSA_ALG_IS_KEY_AGREEMENT(alg)                                   \
-    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_AGREEMENT)
+    (((alg) & PSA_ALG_CATEGORY_MASK & ~PSA_ALG_KEY_SELECTION_FLAG) ==   \
+     PSA_ALG_CATEGORY_KEY_AGREEMENT)
 
 /** Whether the specified algorithm is a key derivation algorithm.
  *
@@ -696,6 +699,17 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_IS_KEY_DERIVATION(alg)                                  \
     (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION)
 
+/** Whether the specified algorithm is a key selection algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a key selection algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_KEY_SELECTION(alg)                                   \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_SELECTION)
+
 #define PSA_ALG_HASH_MASK                       ((psa_algorithm_t)0x000000ff)
 #define PSA_ALG_MD2                             ((psa_algorithm_t)0x01000001)
 #define PSA_ALG_MD4                             ((psa_algorithm_t)0x01000002)
@@ -1185,6 +1199,25 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_HKDF_GET_HASH(hkdf_alg)                         \
     (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
 
+#define PSA_ALG_KEY_DERIVATION_MASK             ((psa_algorithm_t)0x010fffff)
+
+/** Use a shared secret as is.
+ *
+ * Specify this algorithm as the selection component of a key agreement
+ * to use the raw result of the key agreement as key material.
+ *
+ * \warning The raw result of a key agreement algorithm such as finite-field
+ * Diffie-Hellman or elliptic curve Diffie-Hellman has biases and should
+ * not be used directly as key material. It can however be used as the secret
+ * input in a key derivation algorithm.
+ */
+#define PSA_ALG_SELECT_RAW                      ((psa_algorithm_t)0x31000001)
+
+#define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg)                              \
+    (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION)
+
+#define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg)                              \
+    ((alg) & ~PSA_ALG_KEY_DERIVATION_MASK)
 /**@}*/
 
 /** \defgroup key_management Key management
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 229fa81c5..5759a15df 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1377,7 +1377,11 @@ PSA key derivation: bad key type
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_setup:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT
 
-PSA key derivation: not a key derivation algorithm
+PSA key derivation: not a key derivation algorithm (selection)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_SELECT_RAW:"":"":42:PSA_ERROR_INVALID_ARGUMENT
+
+PSA key derivation: not a key derivation algorithm (HMAC)
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HMAC(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT
 
diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data
index c9df6c74e..09544f4fb 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.data
+++ b/tests/suites/test_suite_psa_crypto_metadata.data
@@ -242,6 +242,8 @@ Key derivation: HKDF using SHA-256
 depends_on:MBEDTLS_SHA256_C
 key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):ALG_IS_HKDF
 
+Key selection: raw
+key_selection_algorithm:PSA_ALG_SELECT_RAW:0
 Key type: raw data
 key_type:PSA_KEY_TYPE_RAW_DATA:KEY_TYPE_IS_UNSTRUCTURED
 
diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
index 215110a32..4faa4341e 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.function
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -107,6 +107,7 @@ void mac_algorithm_core( psa_algorithm_t alg, int classification_flags,
     TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
     TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
     TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) );
     algorithm_classification( alg, classification_flags );
 
     /* Length */
@@ -127,6 +128,7 @@ void aead_algorithm_core( psa_algorithm_t alg, int classification_flags,
     TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
     TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
     TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) );
     algorithm_classification( alg, classification_flags );
 
     /* Tag length */
@@ -166,6 +168,7 @@ void hash_algorithm( int alg_arg, int length_arg )
     TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
     TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
     TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) );
     algorithm_classification( alg, 0 );
 
     /* Dependent algorithms */
@@ -262,6 +265,7 @@ void cipher_algorithm( int alg_arg, int classification_flags )
     TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
     TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
     TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) );
     algorithm_classification( alg, classification_flags );
 }
 /* END_CASE */
@@ -313,6 +317,7 @@ void asymmetric_signature_algorithm( int alg_arg, int classification_flags )
     TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
     TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
     TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) );
     algorithm_classification( alg, classification_flags );
 }
 /* END_CASE */
@@ -331,24 +336,7 @@ void asymmetric_encryption_algorithm( int alg_arg, int classification_flags )
     TEST_ASSERT( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
     TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
     TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
-    algorithm_classification( alg, classification_flags );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_agreement_algorithm( int alg_arg, int classification_flags )
-{
-    psa_algorithm_t alg = alg_arg;
-
-    /* Algorithm classification */
-    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
-    TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( alg ) );
-    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) );
     algorithm_classification( alg, classification_flags );
 }
 /* END_CASE */
@@ -367,10 +355,57 @@ void key_derivation_algorithm( int alg_arg, int classification_flags )
     TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
     TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
     TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) );
     algorithm_classification( alg, classification_flags );
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void key_selection_algorithm( int alg_arg, int classification_flags )
+{
+    psa_algorithm_t alg = alg_arg;
+
+    /* Algorithm classification */
+    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+    TEST_ASSERT( PSA_ALG_IS_KEY_SELECTION( alg ) );
+    algorithm_classification( alg, classification_flags );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_agreement_algorithm( int alg_arg, int classification_flags,
+                              int post_alg_arg )
+{
+    psa_algorithm_t alg = alg_arg;
+    psa_algorithm_t actual_post_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF( alg );
+    psa_algorithm_t expected_post_alg = post_alg_arg;
+
+    /* Algorithm classification */
+    TEST_ASSERT( ! PSA_ALG_IS_HASH( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_MAC( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_CIPHER( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_AEAD( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_SIGN( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) );
+    TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
+    TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) );
+    algorithm_classification( alg, classification_flags );
+
+    /* Shared secret derivation properties */
+    TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( actual_post_alg ) ||
+                 PSA_ALG_IS_KEY_SELECTION( actual_post_alg ) );
+    TEST_ASSERT( actual_post_alg == expected_post_alg );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void key_type( int type_arg, int classification_flags )
 {

From 93098fd996c466bc863bbb3109a6a5b6bf828cc1 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 18 Sep 2018 11:54:43 +0200
Subject: [PATCH 611/889] Key agreement: macros for finite-field
 Diffie-Hellman, ECDH

Declare macros to represent key agreement algorithms.
---
 include/psa/crypto.h                          | 67 +++++++++++++++++++
 .../test_suite_psa_crypto_metadata.data       | 17 +++++
 .../test_suite_psa_crypto_metadata.function   | 14 ++++
 3 files changed, 98 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index f344e1467..515e65f3d 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1218,6 +1218,73 @@ typedef uint32_t psa_algorithm_t;
 
 #define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg)                              \
     ((alg) & ~PSA_ALG_KEY_DERIVATION_MASK)
+
+#define PSA_ALG_FFDH_BASE                       ((psa_algorithm_t)0x22100000)
+/** The Diffie-Hellman key agreement algorithm.
+ *
+ * This algorithm combines the finite-field Diffie-Hellman-Merkle key
+ * agreement to produce a shared secret from a private key and the peer's
+ * public key, with a key selection or key derivation algorithm to produce
+ * one or more shared keys and other shared cryptographic material.
+ *
+ * \param kdf_alg       A key derivation algorithm (\c PSA_ALG_XXX value such
+ *                      that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true)
+ *                      or a key selection algorithm (\c PSA_ALG_XXX value such
+ *                      that #PSA_ALG_IS_SELECTION(\p hash_alg) is true).
+ *
+ * \return              The Diffie-Hellman algorithm with the specified
+ *                      selection or derivation algorithm.
+ */
+#define PSA_ALG_FFDH(kdf_alg) \
+    (PSA_ALG_FFDH_BASE | ((kdf_alg) & PSA_ALG_KEY_DERIVATION_MASK))
+/** Whether the specified algorithm is a finite field Diffie-Hellman algorithm.
+ *
+ * This includes every supported key selection or key agreement algorithm
+ * for the output of the Diffie-Hellman calculation.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a finite field Diffie-Hellman algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         key agreement algorithm identifier.
+ */
+#define PSA_ALG_IS_FFDH(alg) \
+    (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH_BASE)
+
+#define PSA_ALG_ECDH_BASE                       ((psa_algorithm_t)0x22200000)
+/** The elliptic curve Diffie-Hellman key agreement algorithm.
+ *
+ * This algorithm combines the elliptic curve Diffie-Hellman key
+ * agreement to produce a shared secret from a private key and the peer's
+ * public key, with a key selection or key derivation algorithm to produce
+ * one or more shared keys and other shared cryptographic material.
+ *
+ * \param kdf_alg       A key derivation algorithm (\c PSA_ALG_XXX value such
+ *                      that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true)
+ *                      or a selection algorithm (\c PSA_ALG_XXX value such
+ *                      that #PSA_ALG_IS_KEY_SELECTION(\p hash_alg) is true).
+ *
+ * \return              The Diffie-Hellman algorithm with the specified
+ *                      selection or derivation algorithm.
+ */
+#define PSA_ALG_ECDH(kdf_alg) \
+    (PSA_ALG_ECDH_BASE | ((kdf_alg) & PSA_ALG_KEY_DERIVATION_MASK))
+/** Whether the specified algorithm is an elliptic curve Diffie-Hellman
+ * algorithm.
+ *
+ * This includes every supported key selection or key agreement algorithm
+ * for the output of the Diffie-Hellman calculation.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is an elliptic curve Diffie-Hellman algorithm,
+ *         0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         key agreement algorithm identifier.
+ */
+#define PSA_ALG_IS_ECDH(alg) \
+    (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH_BASE)
+
 /**@}*/
 
 /** \defgroup key_management Key management
diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data
index 09544f4fb..b61d8e1aa 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.data
+++ b/tests/suites/test_suite_psa_crypto_metadata.data
@@ -244,6 +244,23 @@ key_derivation_algorithm:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):ALG_IS_HKDF
 
 Key selection: raw
 key_selection_algorithm:PSA_ALG_SELECT_RAW:0
+
+Key agreement: FFDH, raw output
+depends_on:MBEDTLS_DHM_C
+key_agreement_algorithm:PSA_ALG_FFDH( PSA_ALG_SELECT_RAW ):ALG_IS_FFDH:PSA_ALG_SELECT_RAW
+
+Key agreement: FFDH, HKDF using SHA-256
+depends_on:MBEDTLS_DHM_C
+key_agreement_algorithm:PSA_ALG_FFDH( PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):ALG_IS_FFDH:PSA_ALG_HKDF( PSA_ALG_SHA_256 )
+
+Key agreement: ECDH, raw output
+depends_on:MBEDTLS_ECDH_C
+key_agreement_algorithm:PSA_ALG_ECDH( PSA_ALG_SELECT_RAW ):ALG_IS_ECDH:PSA_ALG_SELECT_RAW
+
+Key agreement: ECDH, HKDF using SHA-256
+depends_on:MBEDTLS_ECDH_C
+key_agreement_algorithm:PSA_ALG_ECDH( PSA_ALG_HKDF( PSA_ALG_SHA_256 ) ):ALG_IS_ECDH:PSA_ALG_HKDF( PSA_ALG_SHA_256 )
+
 Key type: raw data
 key_type:PSA_KEY_TYPE_RAW_DATA:KEY_TYPE_IS_UNSTRUCTURED
 
diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
index 4faa4341e..a8316c40d 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.function
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -31,6 +31,8 @@
 #define ALG_IS_RANDOMIZED_ECDSA         ( 1u << 13 )
 #define ALG_IS_RSA_OAEP                 ( 1u << 14 )
 #define ALG_IS_HKDF                     ( 1u << 15 )
+#define ALG_IS_FFDH                     ( 1u << 16 )
+#define ALG_IS_ECDH                     ( 1u << 17 )
 
 /* Flags for key type classification macros. There is a flag for every
  * key type classification macro PSA_KEY_TYPE_IS_xxx except for some that
@@ -357,6 +359,12 @@ void key_derivation_algorithm( int alg_arg, int classification_flags )
     TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( alg ) );
     TEST_ASSERT( ! PSA_ALG_IS_KEY_SELECTION( alg ) );
     algorithm_classification( alg, classification_flags );
+
+    /* Check combinations with key agreements */
+    TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_FFDH( alg ) ) );
+    TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_ECDH( alg ) ) );
+    TEST_ASSERT( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_ECDH( alg ) ) == alg );
+    TEST_ASSERT( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_FFDH( alg ) ) == alg );
 }
 /* END_CASE */
 
@@ -376,6 +384,12 @@ void key_selection_algorithm( int alg_arg, int classification_flags )
     TEST_ASSERT( ! PSA_ALG_IS_KEY_DERIVATION( alg ) );
     TEST_ASSERT( PSA_ALG_IS_KEY_SELECTION( alg ) );
     algorithm_classification( alg, classification_flags );
+
+    /* Check combinations with key agreements */
+    TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_FFDH( alg ) ) );
+    TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_ECDH( alg ) ) );
+    TEST_ASSERT( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_ECDH( alg ) ) == alg );
+    TEST_ASSERT( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_FFDH( alg ) ) == alg );
 }
 /* END_CASE */
 

From cce18aec4ca3d68c53232c58a0b6d8a05ad956c4 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 18 Sep 2018 12:03:52 +0200
Subject: [PATCH 612/889] Split off psa_key_derivation_internal

Refactor psa_key_derivation to prepare for key agreement algorithms
which need to plug into key derivation after argument validation.
---
 library/psa_crypto.c | 100 ++++++++++++++++++++++++++++---------------
 1 file changed, 65 insertions(+), 35 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 4584f6bde..b99c808ca 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3432,7 +3432,8 @@ exit:
 /* Set up an HKDF-based generator. This is exactly the extract phase
  * of the HKDF algorithm. */
 static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf,
-                                              key_slot_t *slot,
+                                              const uint8_t *secret,
+                                              size_t secret_length,
                                               psa_algorithm_t hash_alg,
                                               const uint8_t *salt,
                                               size_t salt_length,
@@ -3445,9 +3446,7 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf,
                                       PSA_ALG_HMAC_GET_HASH( hash_alg ) );
     if( status != PSA_SUCCESS )
         return( status );
-    status = psa_hash_update( &hkdf->hmac.hash_ctx,
-                              slot->data.raw.data,
-                              slot->data.raw.bytes );
+    status = psa_hash_update( &hkdf->hmac.hash_ctx, secret, secret_length );
     if( status != PSA_SUCCESS )
         return( status );
     status = psa_hmac_finish_internal( &hkdf->hmac,
@@ -3468,6 +3467,51 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf,
     return( PSA_SUCCESS );
 }
 
+static psa_status_t psa_key_derivation_internal(
+    psa_crypto_generator_t *generator,
+    const uint8_t *secret, size_t secret_length,
+    psa_algorithm_t alg,
+    const uint8_t *salt, size_t salt_length,
+    const uint8_t *label, size_t label_length,
+    size_t capacity )
+{
+    psa_status_t status;
+    size_t max_capacity;
+
+    /* Set generator->alg even on failure so that abort knows what to do. */
+    generator->alg = alg;
+
+#if defined(MBEDTLS_MD_C)
+    if( PSA_ALG_IS_HKDF( alg ) )
+    {
+        psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg );
+        size_t hash_size = PSA_HASH_SIZE( hash_alg );
+        if( hash_size == 0 )
+            return( PSA_ERROR_NOT_SUPPORTED );
+        max_capacity = 255 * hash_size;
+        status = psa_generator_hkdf_setup( &generator->ctx.hkdf,
+                                           secret, secret_length,
+                                           hash_alg,
+                                           salt, salt_length,
+                                           label, label_length );
+    }
+    else
+#endif
+    {
+        return( PSA_ERROR_NOT_SUPPORTED );
+    }
+
+    if( status != PSA_SUCCESS )
+        return( status );
+
+    if( capacity <= max_capacity )
+        generator->capacity = capacity;
+    else
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    return( PSA_SUCCESS );
+}
+
 psa_status_t psa_key_derivation( psa_crypto_generator_t *generator,
                                  psa_key_slot_t key,
                                  psa_algorithm_t alg,
@@ -3483,41 +3527,27 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator,
     if( generator->alg != 0 )
         return( PSA_ERROR_BAD_STATE );
 
-    status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DERIVE, alg );
-    if( status != PSA_SUCCESS )
-        return( status );
-    if( slot->type != PSA_KEY_TYPE_DERIVE )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
+    /* Make sure that alg is a key derivation algorithm. This prevents
+     * key selection algorithms, which psa_key_derivation_internal
+     * accepts for the sake of key agreement. */
     if( ! PSA_ALG_IS_KEY_DERIVATION( alg ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-#if defined(MBEDTLS_MD_C)
-    if( PSA_ALG_IS_HKDF( alg ) )
-    {
-        psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg );
-        size_t hash_size = PSA_HASH_SIZE( hash_alg );
-        if( hash_size == 0 )
-            return( PSA_ERROR_NOT_SUPPORTED );
-        if( capacity > 255 * hash_size )
-            return( PSA_ERROR_INVALID_ARGUMENT );
-        status = psa_generator_hkdf_setup( &generator->ctx.hkdf,
-                                           slot,
-                                           hash_alg,
-                                           salt, salt_length,
-                                           label, label_length );
-    }
-    else
-#endif
-    {
-        return( PSA_ERROR_NOT_SUPPORTED );
-    }
+    status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DERIVE, alg );
+    if( status != PSA_SUCCESS )
+        return( status );
 
-    /* Set generator->alg even on failure so that abort knows what to do. */
-    generator->alg = alg;
-    if( status == PSA_SUCCESS )
-        generator->capacity = capacity;
-    else
+    if( slot->type != PSA_KEY_TYPE_DERIVE )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    status = psa_key_derivation_internal( generator,
+                                          slot->data.raw.data,
+                                          slot->data.raw.bytes,
+                                          alg,
+                                          salt, salt_length,
+                                          label, label_length,
+                                          capacity );
+    if( status != PSA_SUCCESS )
         psa_generator_abort( generator );
     return( status );
 }

From 751d965dfcd518d90e74ccaa22f6480f73bca990 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 18 Sep 2018 12:05:44 +0200
Subject: [PATCH 613/889] Implement PSA_ALG_SELECT_RAW

---
 library/psa_crypto.c | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index b99c808ca..202552391 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3241,6 +3241,16 @@ psa_status_t psa_generator_abort( psa_crypto_generator_t *generator )
          * nothing to do. */
     }
     else
+    if( generator->alg == PSA_ALG_SELECT_RAW )
+    {
+        if( generator->ctx.buffer.data != NULL )
+        {
+            mbedtls_zeroize( generator->ctx.buffer.data,
+                             generator->ctx.buffer.size );
+            mbedtls_free( generator->ctx.buffer.data );
+        }
+    }
+    else
 #if defined(MBEDTLS_MD_C)
     if( PSA_ALG_IS_HKDF( generator->alg ) )
     {
@@ -3358,6 +3368,14 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator,
     }
     generator->capacity -= output_length;
 
+    if( generator->alg == PSA_ALG_SELECT_RAW )
+    {
+        size_t offset =
+            generator->ctx.buffer.size - generator->capacity - output_length;
+        memcpy( output, generator->ctx.buffer.data + offset, output_length );
+        status = PSA_SUCCESS;
+    }
+    else
 #if defined(MBEDTLS_MD_C)
     if( PSA_ALG_IS_HKDF( generator->alg ) )
     {
@@ -3481,6 +3499,21 @@ static psa_status_t psa_key_derivation_internal(
     /* Set generator->alg even on failure so that abort knows what to do. */
     generator->alg = alg;
 
+    if( alg == PSA_ALG_SELECT_RAW )
+    {
+        if( salt_length != 0 )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        if( label_length != 0 )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        generator->ctx.buffer.data = mbedtls_calloc( 1, secret_length );
+        if( generator->ctx.buffer.data == NULL )
+            return( PSA_ERROR_INSUFFICIENT_MEMORY );
+        memcpy( generator->ctx.buffer.data, secret, secret_length );
+        generator->ctx.buffer.size = secret_length;
+        max_capacity = secret_length;
+        status = PSA_SUCCESS;
+    }
+    else
 #if defined(MBEDTLS_MD_C)
     if( PSA_ALG_IS_HKDF( alg ) )
     {

From 8feb3a886d8427aa6f541b1f389360a9f972f095 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 18 Sep 2018 12:06:11 +0200
Subject: [PATCH 614/889] Support key derivation with non-predefined capacity

psa_key_derivation requires the caller to specify a maximum capacity.
This commit adds a special value that indicates that the maximum
capacity should be the maximum supported by the algorithm. This is
currently meant only for selection algorithms used on the shared
secret produced by a key agreement.
---
 include/psa/crypto.h | 9 +++++++++
 library/psa_crypto.c | 2 ++
 2 files changed, 11 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 515e65f3d..8059ab9e2 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -3122,6 +3122,15 @@ psa_status_t psa_generator_import_key(psa_key_slot_t key,
  */
 psa_status_t psa_generator_abort(psa_crypto_generator_t *generator);
 
+/** Use the maximum possible capacity for a generator.
+ *
+ * Use this value as the capacity argument when setting up a generator
+ * to indicate that the generator should have the maximum possible capacity.
+ * The value of the maximum possible capacity depends on the generator
+ * algorithm.
+ */
+#define PSA_GENERATOR_UNBRIDLED_CAPACITY ((size_t)(-1))
+
 /**@}*/
 
 /** \defgroup derivation Key derivation
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 202552391..3c1cec930 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3539,6 +3539,8 @@ static psa_status_t psa_key_derivation_internal(
 
     if( capacity <= max_capacity )
         generator->capacity = capacity;
+    else if( capacity == PSA_GENERATOR_UNBRIDLED_CAPACITY )
+        generator->capacity = max_capacity;
     else
         return( PSA_ERROR_INVALID_ARGUMENT );
 

From 01d718cee89bfd057af43d4ff95e80e3acf9b372 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 18 Sep 2018 12:01:02 +0200
Subject: [PATCH 615/889] New API function: psa_key_agreement

Set up a generator from a key agreement.
---
 include/psa/crypto.h                        |  40 ++++++
 library/psa_crypto.c                        |  60 +++++++++
 tests/suites/test_suite_psa_crypto.data     |  20 +++
 tests/suites/test_suite_psa_crypto.function | 136 ++++++++++++++++++++
 4 files changed, 256 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 8059ab9e2..8fb641fdc 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -3191,6 +3191,46 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
                                 size_t label_length,
                                 size_t capacity);
 
+/** Set up a key agreement operation.
+ *
+ * A key agreement algorithm takes two inputs: a private key \p private_key
+ * a public key \p peer_key.
+ * The result of this function is a byte generator which can
+ * be used to produce keys and other cryptographic material.
+ *
+ * \param[in,out] generator       The generator object to set up. It must
+ *                                have been initialized to all-bits-zero,
+ *                                a logical zero (`{0}`),
+ *                                \c PSA_CRYPTO_GENERATOR_INIT or
+ *                                psa_crypto_generator_init().
+ * \param private_key             Slot containing the private key to use.
+ * \param[in] peer_key            Public key of the peer.
+ * \param peer_key_length         Size of \p peer_key in bytes.
+ * \param alg                     The key agreement algorithm to compute
+ *                                (\c PSA_ALG_XXX value such that
+ *                                #PSA_ALG_IS_KEY_AGREEMENT(\p alg) is true).
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         \c private_key is not compatible with \c alg,
+ *         or \p peer_key is not valid for \c alg or not compatible with
+ *         \c private_key.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ *         \c alg is not supported or is not a key derivation algorithm.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_key_agreement(psa_crypto_generator_t *generator,
+                               psa_key_slot_t private_key,
+                               const uint8_t *peer_key,
+                               size_t peer_key_length,
+                               psa_algorithm_t alg);
+
 /**@}*/
 
 /** \defgroup random Random generation
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 3c1cec930..6f25d8b29 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3589,6 +3589,66 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator,
 
 
 
+/****************************************************************/
+/* Key agreement */
+/****************************************************************/
+
+#define PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE MBEDTLS_ECP_MAX_BYTES
+
+static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generator,
+                                                key_slot_t *private_key,
+                                                const uint8_t *peer_key,
+                                                size_t peer_key_length,
+                                                psa_algorithm_t alg )
+{
+    psa_status_t status;
+    uint8_t shared_secret[PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE];
+    size_t shared_secret_length = 0;
+
+    /* Step 1: run the secret agreement algorithm to generate the shared
+     * secret. */
+    switch( PSA_ALG_KEY_AGREEMENT_GET_BASE( alg ) )
+    {
+        default:
+            return( PSA_ERROR_NOT_SUPPORTED );
+    }
+    if( status != PSA_SUCCESS )
+        goto exit;
+
+    /* Step 2: set up the key derivation to generate key material from
+     * the shared secret. */
+    status = psa_key_derivation_internal( generator,
+                                          shared_secret, shared_secret_length,
+                                          PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ),
+                                          NULL, 0, NULL, 0,
+                                          PSA_GENERATOR_UNBRIDLED_CAPACITY );
+exit:
+    mbedtls_zeroize( shared_secret, shared_secret_length );
+    return( status );
+}
+
+psa_status_t psa_key_agreement( psa_crypto_generator_t *generator,
+                                psa_key_slot_t private_key,
+                                const uint8_t *peer_key,
+                                size_t peer_key_length,
+                                psa_algorithm_t alg )
+{
+    key_slot_t *slot;
+    psa_status_t status;
+    if( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    status = psa_get_key_from_slot( private_key, &slot,
+                                    PSA_KEY_USAGE_DERIVE, alg );
+    if( status != PSA_SUCCESS )
+        return( status );
+    return( psa_key_agreement_internal( generator,
+                                        slot,
+                                        peer_key, peer_key_length,
+                                        alg ) );
+}
+
+
+
 /****************************************************************/
 /* Random generation */
 /****************************************************************/
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 5759a15df..d321e68ff 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -435,6 +435,18 @@ PSA key policy: derive, wrong algorithm
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224)
 
+PSA key policy: agreement, permitted
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_ALG_ECDH(PSA_ALG_SELECT_RAW)
+
+PSA key policy: agreement, not permitted
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+agreement_key_policy:0:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_ALG_ECDH(PSA_ALG_SELECT_RAW)
+
+PSA key policy: agreement, wrong algorithm
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_ALG_FFDH(PSA_ALG_SELECT_RAW)
+
 PSA key lifetime: set and get volatile
 key_lifetime:PSA_KEY_LIFETIME_VOLATILE
 
@@ -1525,6 +1537,14 @@ PSA key derivation: HKDF SHA-256, derive key, 1+41
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41
 
+PSA key agreement setup: ECDH, unknown KDF
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_setup:PSA_ALG_ECDH(0):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433a00a06082a8648ce3d030107a14403420004dad0b65394221cf9b051e1feca5787d098dfe637fc90b9ef945d0c37725811805271a0461cdb8252d61f1c456fa3e59ab1f45b33accf5f58389e0577b8990bb3":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED
+
+PSA key agreement setup: not a key agreement algorithm
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_setup:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433a00a06082a8648ce3d030107a14403420004dad0b65394221cf9b051e1feca5787d098dfe637fc90b9ef945d0c37725811805271a0461cdb8252d61f1c456fa3e59ab1f45b33accf5f58389e0577b8990bb3":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
+
 PSA generate random: 0 bytes
 generate_random:0
 
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index d2875ae34..b7b7c4c5d 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -392,6 +392,51 @@ exit:
     return( 0 );
 }
 
+static int exercise_key_agreement_key( psa_key_slot_t key,
+                                       psa_key_usage_t usage,
+                                       psa_algorithm_t alg )
+{
+    psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+    psa_key_type_t key_type;
+    psa_key_type_t public_key_type;
+    size_t key_bits;
+    uint8_t *public_key = NULL;
+    size_t public_key_length;
+    unsigned char output[1];
+    int ok = 0;
+
+    if( usage & PSA_KEY_USAGE_DERIVE )
+    {
+        /* We need two keys to exercise key agreement. Exercise the
+         * private key against its own public key. */
+        TEST_ASSERT( psa_get_key_information( key,
+                                              &key_type,
+                                              &key_bits ) == PSA_SUCCESS );
+        public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( key_type );
+        public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type,
+                                                     key_bits );
+        public_key = mbedtls_calloc( 1, public_key_length );
+        TEST_ASSERT( public_key != NULL );
+        TEST_ASSERT(
+            psa_export_public_key( key,
+                                   public_key, public_key_length,
+                                   &public_key_length ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_key_agreement( &generator,
+                                        key,
+                                        public_key, public_key_length,
+                                        alg ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_generator_read( &generator,
+                                         output,
+                                         sizeof( output ) ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS );
+    }
+    ok = 1;
+
+exit:
+    mbedtls_free( public_key );
+    return( ok );
+}
+
 static int is_oid_of_key_type( psa_key_type_t type,
                                const uint8_t *oid, size_t oid_length )
 {
@@ -737,6 +782,8 @@ static int exercise_key( psa_key_slot_t slot,
         ok = exercise_asymmetric_encryption_key( slot, usage, alg );
     else if( PSA_ALG_IS_KEY_DERIVATION( alg ) )
         ok = exercise_key_derivation_key( slot, usage, alg );
+    else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) )
+        ok = exercise_key_agreement_key( slot, usage, alg );
     else
     {
         char message[40];
@@ -1271,6 +1318,7 @@ void import_and_exercise_key( data_t *data,
             PSA_KEY_USAGE_ENCRYPT :
             PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ) :
           PSA_ALG_IS_KEY_DERIVATION( alg ) ? PSA_KEY_USAGE_DERIVE :
+          PSA_ALG_IS_KEY_AGREEMENT( alg ) ? PSA_KEY_USAGE_DERIVE :
           0 );
     psa_key_policy_t policy;
     psa_key_type_t got_type;
@@ -1642,6 +1690,61 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void agreement_key_policy( int policy_usage,
+                           int policy_alg,
+                           int key_type_arg,
+                           data_t *key_data,
+                           int exercise_alg )
+{
+    int key_slot = 1;
+    psa_key_policy_t policy;
+    psa_key_type_t key_type = key_type_arg;
+    psa_key_type_t public_key_type;
+    size_t key_bits;
+    uint8_t *public_key = NULL;
+    size_t public_key_length;
+    psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+    psa_status_t status;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
+    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( key_slot, key_type,
+                                 key_data->x, key_data->len ) == PSA_SUCCESS );
+
+    /* We need two keys to exercise key agreement. Exercise the
+     * private key against its own public key. */
+    TEST_ASSERT( psa_get_key_information( key_slot,
+                                          &key_type,
+                                          &key_bits ) == PSA_SUCCESS );
+    public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( key_type );
+    public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits );
+    public_key = mbedtls_calloc( 1, public_key_length );
+    TEST_ASSERT( public_key != NULL );
+    TEST_ASSERT( psa_export_public_key( key_slot,
+                                        public_key, public_key_length,
+                                        &public_key_length ) == PSA_SUCCESS );
+
+    status = psa_key_agreement( &generator, key_slot,
+                                public_key, public_key_length,
+                                exercise_alg );
+    if( policy_alg == exercise_alg &&
+        ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 )
+        TEST_ASSERT( status == PSA_SUCCESS );
+    else
+        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+
+exit:
+    psa_generator_abort( &generator );
+    psa_destroy_key( key_slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void key_lifetime( int lifetime_arg )
 {
@@ -3655,6 +3758,39 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void key_agreement_setup( int alg_arg,
+                          int our_key_type_arg, data_t *our_key_data,
+                          data_t *peer_key_data,
+                          int expected_status_arg )
+{
+    psa_key_slot_t our_key = 1;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_type_t our_key_type = our_key_type_arg;
+    psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+    psa_key_policy_t policy;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+    TEST_ASSERT( psa_set_key_policy( our_key, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_import_key( our_key, our_key_type,
+                                 our_key_data->x,
+                                 our_key_data->len ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_key_agreement( &generator,
+                                    our_key,
+                                    peer_key_data->x, peer_key_data->len,
+                                    alg ) == expected_status_arg );
+
+exit:
+    psa_generator_abort( &generator );
+    psa_destroy_key( our_key );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void generate_random( int bytes_arg )
 {

From 5968559a9cf5e7c03691de741e0b9e604617c1b8 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 18 Sep 2018 12:11:34 +0200
Subject: [PATCH 616/889] Key agreement test functions

---
 tests/suites/test_suite_psa_crypto.function | 81 +++++++++++++++++++++
 1 file changed, 81 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index b7b7c4c5d..fc02453e3 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -3791,6 +3791,87 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void key_agreement_capacity( int alg_arg,
+                             int our_key_type_arg, data_t *our_key_data,
+                             data_t *peer_key_data,
+                             int expected_capacity_arg )
+{
+    psa_key_slot_t our_key = 1;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_type_t our_key_type = our_key_type_arg;
+    psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+    psa_key_policy_t policy;
+    size_t actual_capacity;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+    TEST_ASSERT( psa_set_key_policy( our_key, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_import_key( our_key, our_key_type,
+                                 our_key_data->x,
+                                 our_key_data->len ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_key_agreement( &generator,
+                                    our_key,
+                                    peer_key_data->x, peer_key_data->len,
+                                    alg ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_get_generator_capacity(
+                     &generator, &actual_capacity ) == PSA_SUCCESS );
+    TEST_ASSERT( actual_capacity == (size_t) expected_capacity_arg );
+
+exit:
+    psa_generator_abort( &generator );
+    psa_destroy_key( our_key );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void key_agreement_output( int alg_arg,
+                           int our_key_type_arg, data_t *our_key_data,
+                           data_t *peer_key_data,
+                           data_t *expected_output )
+{
+    psa_key_slot_t our_key = 1;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_type_t our_key_type = our_key_type_arg;
+    psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+    psa_key_policy_t policy;
+    uint8_t *actual_output = mbedtls_calloc( 1, expected_output->len );
+
+    TEST_ASSERT( actual_output != NULL );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+    TEST_ASSERT( psa_set_key_policy( our_key, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_import_key( our_key, our_key_type,
+                                 our_key_data->x,
+                                 our_key_data->len ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_key_agreement( &generator,
+                                    our_key,
+                                    peer_key_data->x, peer_key_data->len,
+                                    alg ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_generator_read( &generator,
+                                     actual_output,
+                                     expected_output->len ) == PSA_SUCCESS );
+    TEST_ASSERT( memcmp( actual_output, expected_output->x,
+                         expected_output->len ) == 0 );
+
+exit:
+    psa_generator_abort( &generator );
+    psa_destroy_key( our_key );
+    mbedtls_psa_crypto_free( );
+    mbedtls_free( actual_output );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void generate_random( int bytes_arg )
 {

From b7ecdf0509742d1f0a03286ecbf38a69a8329d1d Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 18 Sep 2018 12:11:27 +0200
Subject: [PATCH 617/889] Implement ECDH

---
 library/psa_crypto.c                    | 54 ++++++++++++++++++
 tests/suites/test_suite_psa_crypto.data | 74 +++++++++++++++++++++++--
 2 files changed, 123 insertions(+), 5 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 6f25d8b29..c18c8f022 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -62,6 +62,7 @@
 #include "mbedtls/cmac.h"
 #include "mbedtls/ctr_drbg.h"
 #include "mbedtls/des.h"
+#include "mbedtls/ecdh.h"
 #include "mbedtls/ecp.h"
 #include "mbedtls/entropy.h"
 #include "mbedtls/error.h"
@@ -3593,6 +3594,48 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator,
 /* Key agreement */
 /****************************************************************/
 
+static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key,
+                                            size_t peer_key_length,
+                                            const mbedtls_ecp_keypair *our_key,
+                                            uint8_t *shared_secret,
+                                            size_t shared_secret_size,
+                                            size_t *shared_secret_length )
+{
+    mbedtls_pk_context pk;
+    mbedtls_ecp_keypair *their_key = NULL;
+    mbedtls_ecdh_context ecdh;
+    int ret;
+    mbedtls_ecdh_init( &ecdh );
+    mbedtls_pk_init( &pk );
+
+    ret = mbedtls_pk_parse_public_key( &pk, peer_key, peer_key_length );
+    if( ret != 0 )
+        goto exit;
+    if( mbedtls_pk_get_type( &pk ) != MBEDTLS_PK_ECKEY )
+    {
+        ret = MBEDTLS_ERR_ECP_INVALID_KEY;
+        goto exit;
+    }
+    their_key = mbedtls_pk_ec( pk );
+    ret = mbedtls_ecdh_get_params( &ecdh, their_key, MBEDTLS_ECDH_THEIRS );
+    if( ret != 0 )
+        goto exit;
+    ret = mbedtls_ecdh_get_params( &ecdh, our_key, MBEDTLS_ECDH_OURS );
+    if( ret != 0 )
+        goto exit;
+
+    ret = mbedtls_ecdh_calc_secret( &ecdh,
+                                    shared_secret_length,
+                                    shared_secret, shared_secret_size,
+                                    mbedtls_ctr_drbg_random,
+                                    &global_data.ctr_drbg );
+
+exit:
+    mbedtls_pk_free( &pk );
+    mbedtls_ecdh_free( &ecdh );
+    return( mbedtls_to_psa_error( ret ) );
+}
+
 #define PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE MBEDTLS_ECP_MAX_BYTES
 
 static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generator,
@@ -3609,6 +3652,17 @@ static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generato
      * secret. */
     switch( PSA_ALG_KEY_AGREEMENT_GET_BASE( alg ) )
     {
+#if defined(MBEDTLS_ECDH_C)
+        case PSA_ALG_ECDH_BASE:
+            if( ! PSA_KEY_TYPE_IS_ECC_KEYPAIR( private_key->type ) )
+                return( PSA_ERROR_INVALID_ARGUMENT );
+            status = psa_key_agreement_ecdh( peer_key, peer_key_length,
+                                             private_key->data.ecp,
+                                             shared_secret,
+                                             sizeof( shared_secret ),
+                                             &shared_secret_length );
+            break;
+#endif /* MBEDTLS_ECDH_C */
         default:
             return( PSA_ERROR_NOT_SUPPORTED );
     }
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index d321e68ff..374d3035a 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -437,15 +437,15 @@ derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYP
 
 PSA key policy: agreement, permitted
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_ALG_ECDH(PSA_ALG_SELECT_RAW)
+agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH(PSA_ALG_SELECT_RAW)
 
 PSA key policy: agreement, not permitted
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-agreement_key_policy:0:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_ALG_ECDH(PSA_ALG_SELECT_RAW)
+agreement_key_policy:0:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH(PSA_ALG_SELECT_RAW)
 
 PSA key policy: agreement, wrong algorithm
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3077020101042049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eeea00a06082a8648ce3d030107a144034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_ALG_FFDH(PSA_ALG_SELECT_RAW)
+agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH(PSA_ALG_SELECT_RAW)
 
 PSA key lifetime: set and get volatile
 key_lifetime:PSA_KEY_LIFETIME_VOLATILE
@@ -1109,6 +1109,10 @@ PSA import/exercise: ECP SECP256R1 keypair, deterministic ECDSA
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_SHA256_C
 import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 )
 
+PSA import/exercise: ECP SECP256R1 keypair, ECDH
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW)
+
 PSA sign: RSA PKCS#1 v1.5, raw
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 sign_deterministic:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a"
@@ -1537,13 +1541,73 @@ PSA key derivation: HKDF SHA-256, derive key, 1+41
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_key_export:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":1:41
 
+PSA key agreement setup: ECDH, raw: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS
+
+PSA key agreement setup: ECDH, raw: public key on different curve
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT
+
+PSA key agreement setup: ECDH, raw: public key instead of private key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
+
 PSA key agreement setup: ECDH, unknown KDF
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-key_agreement_setup:PSA_ALG_ECDH(0):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433a00a06082a8648ce3d030107a14403420004dad0b65394221cf9b051e1feca5787d098dfe637fc90b9ef945d0c37725811805271a0461cdb8252d61f1c456fa3e59ab1f45b33accf5f58389e0577b8990bb3":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED
+key_agreement_setup:PSA_ALG_ECDH(0):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_NOT_SUPPORTED
 
 PSA key agreement setup: not a key agreement algorithm
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-key_agreement_setup:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"3078020101042100c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433a00a06082a8648ce3d030107a14403420004dad0b65394221cf9b051e1feca5787d098dfe637fc90b9ef945d0c37725811805271a0461cdb8252d61f1c456fa3e59ab1f45b33accf5f58389e0577b8990bb3":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
+key_agreement_setup:PSA_ALG_HKDF( PSA_ALG_SHA_256 ):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_ERROR_INVALID_ARGUMENT
+
+PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: capacity=32
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":32
+
+PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de"
+
+PSA key agreement: ECDH SECP384R1 (RFC 5903), raw: capacity=48
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":48
+
+PSA key agreement: ECDH SECP384R1 (RFC 5903), raw: read
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746"
+
+PSA key agreement: ECDH SECP521R1 (RFC 5903), raw: capacity=66
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"30819b301006072a8648ce3d020106052b81040023038186000400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":66
+
+PSA key agreement: ECDH SECP521R1 (RFC 5903), raw: read
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"30819b301006072a8648ce3d020106052b81040023038186000400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea"
+
+PSA key agreement: ECDH brainpoolP256r1 (RFC 7027), raw: capacity=32
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"305a301406072a8648ce3d020106092b2403030208010107034200048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":32
+
+PSA key agreement: ECDH brainpoolP256r1 (RFC 7027), raw: read
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"305a301406072a8648ce3d020106092b2403030208010107034200048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b"
+
+PSA key agreement: ECDH brainpoolP384r1 (RFC 7027), raw: capacity=48
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"307a301406072a8648ce3d020106092b240303020801010b036200044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":48
+
+PSA key agreement: ECDH brainpoolP384r1 (RFC 7027), raw: read
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"307a301406072a8648ce3d020106092b240303020801010b036200044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42"
+
+PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: capacity=64
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":64
+
+PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: read
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f"
 
 PSA generate random: 0 bytes
 generate_random:0

From 1d7c082124547fcd2b2dc1203671bf99162bd69d Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 8 Oct 2018 19:05:22 +0200
Subject: [PATCH 618/889] Fix a memory leak in a test

---
 tests/suites/test_suite_psa_crypto.function | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index fc02453e3..5685a61cf 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1684,6 +1684,7 @@ void derive_key_policy( int policy_usage,
         TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 
 exit:
+    mbedtls_free( public_key );
     psa_generator_abort( &generator );
     psa_destroy_key( key_slot );
     mbedtls_psa_crypto_free( );

From 2607bca6664e38f130ea239a289deb1e75a7db38 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 25 Oct 2018 22:21:03 +0200
Subject: [PATCH 619/889] Give "DH" and "DHM" as alternative names

Be consistent about calling it just "Diffie-Hellman", except once
where I state that "Diffie-Hellman-Merkle" is an alternative name.
---
 include/psa/crypto.h | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 8fb641fdc..1ec9627eb 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1222,8 +1222,9 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_FFDH_BASE                       ((psa_algorithm_t)0x22100000)
 /** The Diffie-Hellman key agreement algorithm.
  *
- * This algorithm combines the finite-field Diffie-Hellman-Merkle key
- * agreement to produce a shared secret from a private key and the peer's
+ * This algorithm combines the finite-field Diffie-Hellman (DH) key
+ * agreement, also known as Diffie-Hellman-Merkle (DHM) key agreement,
+ * to produce a shared secret from a private key and the peer's
  * public key, with a key selection or key derivation algorithm to produce
  * one or more shared keys and other shared cryptographic material.
  *
@@ -1252,7 +1253,7 @@ typedef uint32_t psa_algorithm_t;
     (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH_BASE)
 
 #define PSA_ALG_ECDH_BASE                       ((psa_algorithm_t)0x22200000)
-/** The elliptic curve Diffie-Hellman key agreement algorithm.
+/** The elliptic curve Diffie-Hellman (ECDH) key agreement algorithm.
  *
  * This algorithm combines the elliptic curve Diffie-Hellman key
  * agreement to produce a shared secret from a private key and the peer's

From 79dd6229e4f767cf5a152fc4bea4514c8ec350dd Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 25 Oct 2018 22:22:11 +0200
Subject: [PATCH 620/889] Clarify the format of the (EC)DH shared secret

---
 include/psa/crypto.h | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 1ec9627eb..51d3716cd 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1228,6 +1228,9 @@ typedef uint32_t psa_algorithm_t;
  * public key, with a key selection or key derivation algorithm to produce
  * one or more shared keys and other shared cryptographic material.
  *
+ * The input to \p kdf_alg is the shared secret `g^{ab}` in big-endian format.
+ * It is `ceiling(n / 8)` bytes long where `n` is the size of the prime `p`.
+ *
  * \param kdf_alg       A key derivation algorithm (\c PSA_ALG_XXX value such
  *                      that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true)
  *                      or a key selection algorithm (\c PSA_ALG_XXX value such
@@ -1260,6 +1263,10 @@ typedef uint32_t psa_algorithm_t;
  * public key, with a key selection or key derivation algorithm to produce
  * one or more shared keys and other shared cryptographic material.
  *
+ * The input to \p kdf_alg is the shared secret `d_A Q_B = d_B Q_A` in
+ * big-endian format. It is `ceiling(n / 8)` bytes long where `n` is the
+ * curve size in bits.
+ *
  * \param kdf_alg       A key derivation algorithm (\c PSA_ALG_XXX value such
  *                      that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true)
  *                      or a selection algorithm (\c PSA_ALG_XXX value such

From 211a436f2e78e9f94086e76809a7a987da5ca759 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 25 Oct 2018 22:22:31 +0200
Subject: [PATCH 621/889] Document that key agreement produces a
 maximum-capacity generator

---
 include/psa/crypto.h | 3 +++
 library/psa_crypto.c | 9 +++++++++
 2 files changed, 12 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 51d3716cd..cc233f26e 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -3206,6 +3206,9 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
  * The result of this function is a byte generator which can
  * be used to produce keys and other cryptographic material.
  *
+ * The resulting generator always has the maximum capacity permitted by
+ * the algorithm.
+ *
  * \param[in,out] generator       The generator object to set up. It must
  *                                have been initialized to all-bits-zero,
  *                                a logical zero (`{0}`),
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c18c8f022..bc306cbd1 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3371,6 +3371,15 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator,
 
     if( generator->alg == PSA_ALG_SELECT_RAW )
     {
+        /* Initially, the capacity of a selection generator is always
+         * the size of the buffer, i.e. `generator->ctx.buffer.size`,
+         * abbreviated in this comment as `size`. When the remaining
+         * capacity is `c`, the next bytes to serve start `c` bytes
+         * from the end of the buffer, i.e. `size - c` from the
+         * beginning of the buffer. Since `generator->capacity` was just
+         * decremented above, we need to serve the bytes from
+         * `size - generator->capacity - output_length` to
+         * `size - generator->capacity`. */
         size_t offset =
             generator->ctx.buffer.size - generator->capacity - output_length;
         memcpy( output, generator->ctx.buffer.data + offset, output_length );

From fc411f1ac13b949c8c7459e0a1fdf69f9add9f4e Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 25 Oct 2018 22:34:48 +0200
Subject: [PATCH 622/889] Use ASSERT_ALLOC in key agreement tests

---
 tests/suites/test_suite_psa_crypto.function | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 5685a61cf..2245cfd34 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -11,6 +11,8 @@
 
 #include "psa/crypto.h"
 
+#define MAX( x, y ) ( ( x ) > ( y ) ? ( x ) : ( y ) )
+
 #define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
 
 #if(UINT32_MAX > SIZE_MAX)
@@ -415,7 +417,7 @@ static int exercise_key_agreement_key( psa_key_slot_t key,
         public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( key_type );
         public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type,
                                                      key_bits );
-        public_key = mbedtls_calloc( 1, public_key_length );
+        ASSERT_ALLOC( public_key, public_key_length );
         TEST_ASSERT( public_key != NULL );
         TEST_ASSERT(
             psa_export_public_key( key,
@@ -1724,7 +1726,7 @@ void agreement_key_policy( int policy_usage,
                                           &key_bits ) == PSA_SUCCESS );
     public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( key_type );
     public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits );
-    public_key = mbedtls_calloc( 1, public_key_length );
+    ASSERT_ALLOC( public_key, public_key_length );
     TEST_ASSERT( public_key != NULL );
     TEST_ASSERT( psa_export_public_key( key_slot,
                                         public_key, public_key_length,

From 10df341436a04690baa6bfff9f7ca897e411be65 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 25 Oct 2018 22:35:43 +0200
Subject: [PATCH 623/889] Factor usage_to_exercise into its own function

---
 tests/suites/test_suite_psa_crypto.function | 41 ++++++++++++++-------
 1 file changed, 28 insertions(+), 13 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 2245cfd34..59020f763 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -802,6 +802,33 @@ static int exercise_key( psa_key_slot_t slot,
     return( ok );
 }
 
+static psa_key_usage_t usage_to_exercise( psa_key_type_t type,
+                                          psa_algorithm_t alg )
+{
+    if( PSA_ALG_IS_MAC( alg ) || PSA_ALG_IS_SIGN( alg ) )
+    {
+        return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ?
+                PSA_KEY_USAGE_VERIFY :
+                PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY );
+    }
+    else if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) ||
+             PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) )
+    {
+        return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ?
+                PSA_KEY_USAGE_ENCRYPT :
+                PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT );
+    }
+    else if( PSA_ALG_IS_KEY_DERIVATION( alg ) ||
+             PSA_ALG_IS_KEY_AGREEMENT( alg ) )
+    {
+        return( PSA_KEY_USAGE_DERIVE );
+    }
+    else
+    {
+        return( 0 );
+    }
+
+}
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
@@ -1309,19 +1336,7 @@ void import_and_exercise_key( data_t *data,
     psa_key_type_t type = type_arg;
     size_t bits = bits_arg;
     psa_algorithm_t alg = alg_arg;
-    psa_key_usage_t usage =
-        ( PSA_ALG_IS_MAC( alg ) || PSA_ALG_IS_SIGN( alg ) ?
-          ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ?
-            PSA_KEY_USAGE_VERIFY :
-            PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY ) :
-          PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) ||
-          PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ?
-          ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ?
-            PSA_KEY_USAGE_ENCRYPT :
-            PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT ) :
-          PSA_ALG_IS_KEY_DERIVATION( alg ) ? PSA_KEY_USAGE_DERIVE :
-          PSA_ALG_IS_KEY_AGREEMENT( alg ) ? PSA_KEY_USAGE_DERIVE :
-          0 );
+    psa_key_usage_t usage = usage_to_exercise( type, alg );
     psa_key_policy_t policy;
     psa_key_type_t got_type;
     size_t got_bits;

From bf49197c9bb1b8d5086d7ee9f39ccdd1ad74da18 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 25 Oct 2018 22:36:12 +0200
Subject: [PATCH 624/889] key_agreement_capacity: test the actual capacity as
 well

After testing that the advertized capacity is what the test data says,
read that many bytes to test that this is also actual capacity.
---
 tests/suites/test_suite_psa_crypto.function | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 59020f763..a0f038107 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -3821,6 +3821,7 @@ void key_agreement_capacity( int alg_arg,
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
     psa_key_policy_t policy;
     size_t actual_capacity;
+    unsigned char output[16];
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -3836,10 +3837,25 @@ void key_agreement_capacity( int alg_arg,
                                     peer_key_data->x, peer_key_data->len,
                                     alg ) == PSA_SUCCESS );
 
+    /* Test the advertized capacity. */
     TEST_ASSERT( psa_get_generator_capacity(
                      &generator, &actual_capacity ) == PSA_SUCCESS );
     TEST_ASSERT( actual_capacity == (size_t) expected_capacity_arg );
 
+    /* Test the actual capacity by reading the output. */
+    while( actual_capacity > sizeof( output ) )
+    {
+        TEST_ASSERT( psa_generator_read( &generator,
+                                         output, sizeof( output ) ) ==
+                     PSA_SUCCESS );
+        actual_capacity -= sizeof( output );
+    }
+    TEST_ASSERT( psa_generator_read( &generator,
+                                     output, actual_capacity ) ==
+                 PSA_SUCCESS );
+    TEST_ASSERT( psa_generator_read( &generator, output, 1 ) ==
+                 PSA_ERROR_INSUFFICIENT_CAPACITY );
+
 exit:
     psa_generator_abort( &generator );
     psa_destroy_key( our_key );

From 3ec8ed8b512fcd573100859cbe519ec411cbb7d5 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 25 Oct 2018 22:37:15 +0200
Subject: [PATCH 625/889] Add multipart key agreement tests

Add test cases that do key agreement with raw selection in pieces, to
validate that selection works even when the application doesn't read
everything in one chunk.
---
 tests/suites/test_suite_psa_crypto.data     | 26 ++++++++++++++------
 tests/suites/test_suite_psa_crypto.function | 27 +++++++++++++++------
 2 files changed, 38 insertions(+), 15 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 374d3035a..6b1c38eee 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1565,9 +1565,21 @@ PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: capacity=32
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
 key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":32
 
-PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read
+PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 32 (full)
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
-key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de"
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":""
+
+PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 0+32
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de"
+
+PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 20+12
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9e":"ce7dce03812464d04b9442de"
+
+PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 7+15
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6ed":"afd13116e0e12565202fef8e9ece7d"
 
 PSA key agreement: ECDH SECP384R1 (RFC 5903), raw: capacity=48
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C
@@ -1575,7 +1587,7 @@ key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR
 
 PSA key agreement: ECDH SECP384R1 (RFC 5903), raw: read
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C
-key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746"
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):"099f3c7034d4a2c699884d73a375a67f7624ef7c6b3c0f160647b67414dce655e35b538041e649ee3faef896783ab194":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":"11187331c279962d93d604243fd592cb9d0a926f422e47187521287e7156c5c4d603135569b9e9d09cf5d4a270f59746":""
 
 PSA key agreement: ECDH SECP521R1 (RFC 5903), raw: capacity=66
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C
@@ -1583,7 +1595,7 @@ key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR
 
 PSA key agreement: ECDH SECP521R1 (RFC 5903), raw: read
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_ECDH_C
-key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"30819b301006072a8648ce3d020106052b81040023038186000400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea"
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):"0037ade9319a89f4dabdb3ef411aaccca5123c61acab57b5393dce47608172a095aa85a30fe1c2952c6771d937ba9777f5957b2639bab072462f68c27a57382d4a52":"30819b301006072a8648ce3d020106052b81040023038186000400d0b3975ac4b799f5bea16d5e13e9af971d5e9b984c9f39728b5e5739735a219b97c356436adc6e95bb0352f6be64a6c2912d4ef2d0433ced2b6171640012d9460f015c68226383956e3bd066e797b623c27ce0eac2f551a10c2c724d9852077b87220b6536c5c408a1d2aebb8e86d678ae49cb57091f4732296579ab44fcd17f0fc56a":"01144c7d79ae6956bc8edb8e7c787c4521cb086fa64407f97894e5e6b2d79b04d1427e73ca4baa240a34786859810c06b3c715a3a8cc3151f2bee417996d19f3ddea":""
 
 PSA key agreement: ECDH brainpoolP256r1 (RFC 7027), raw: capacity=32
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C
@@ -1591,7 +1603,7 @@ key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR
 
 PSA key agreement: ECDH brainpoolP256r1 (RFC 7027), raw: read
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED:MBEDTLS_ECDH_C
-key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"305a301406072a8648ce3d020106092b2403030208010107034200048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b"
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):"81db1ee100150ff2ea338d708271be38300cb54241d79950f77b063039804f1d":"305a301406072a8648ce3d020106092b2403030208010107034200048d2d688c6cf93e1160ad04cc4429117dc2c41825e1e9fca0addd34e6f1b39f7b990c57520812be512641e47034832106bc7d3e8dd0e4c7f1136d7006547cec6a":"89afc39d41d3b327814b80940b042590f96556ec91e6ae7939bce31f3a18bf2b":""
 
 PSA key agreement: ECDH brainpoolP384r1 (RFC 7027), raw: capacity=48
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C
@@ -1599,7 +1611,7 @@ key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR
 
 PSA key agreement: ECDH brainpoolP384r1 (RFC 7027), raw: read
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED:MBEDTLS_ECDH_C
-key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"307a301406072a8648ce3d020106092b240303020801010b036200044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42"
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):"1e20f5e048a5886f1f157c74e91bde2b98c8b52d58e5003d57053fc4b0bd65d6f15eb5d1ee1610df870795143627d042":"307a301406072a8648ce3d020106092b240303020801010b036200044d44326f269a597a5b58bba565da5556ed7fd9a8a9eb76c25f46db69d19dc8ce6ad18e404b15738b2086df37e71d1eb462d692136de56cbe93bf5fa3188ef58bc8a3a0ec6c1e151a21038a42e9185329b5b275903d192f8d4e1f32fe9cc78c48":"0bd9d3a7ea0b3d519d09d8e48d0785fb744a6b355e6304bc51c229fbbce239bbadf6403715c35d4fb2a5444f575d4f42":""
 
 PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: capacity=64
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C
@@ -1607,7 +1619,7 @@ key_agreement_capacity:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR
 
 PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: read
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C
-key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f"
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f":""
 
 PSA generate random: 0 bytes
 generate_random:0
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index a0f038107..bcd07c15f 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -3867,16 +3867,17 @@ exit:
 void key_agreement_output( int alg_arg,
                            int our_key_type_arg, data_t *our_key_data,
                            data_t *peer_key_data,
-                           data_t *expected_output )
+                           data_t *expected_output1, data_t *expected_output2 )
 {
     psa_key_slot_t our_key = 1;
     psa_algorithm_t alg = alg_arg;
     psa_key_type_t our_key_type = our_key_type_arg;
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
     psa_key_policy_t policy;
-    uint8_t *actual_output = mbedtls_calloc( 1, expected_output->len );
+    uint8_t *actual_output = NULL;
 
-    TEST_ASSERT( actual_output != NULL );
+    ASSERT_ALLOC( actual_output, MAX( expected_output1->len,
+                                      expected_output2->len ) );
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
@@ -3892,11 +3893,21 @@ void key_agreement_output( int alg_arg,
                                     peer_key_data->x, peer_key_data->len,
                                     alg ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_generator_read( &generator,
-                                     actual_output,
-                                     expected_output->len ) == PSA_SUCCESS );
-    TEST_ASSERT( memcmp( actual_output, expected_output->x,
-                         expected_output->len ) == 0 );
+    TEST_ASSERT(
+        psa_generator_read( &generator,
+                            actual_output,
+                            expected_output1->len ) == PSA_SUCCESS );
+    TEST_ASSERT( memcmp( actual_output, expected_output1->x,
+                         expected_output1->len ) == 0 );
+    if( expected_output2->len != 0 )
+    {
+        TEST_ASSERT(
+            psa_generator_read( &generator,
+                                actual_output,
+                                expected_output2->len ) == PSA_SUCCESS );
+        TEST_ASSERT( memcmp( actual_output, expected_output2->x,
+                             expected_output2->len ) == 0 );
+    }
 
 exit:
     psa_generator_abort( &generator );

From 714e16b37a576f57771ea48c6b00e24f45347c85 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 25 Oct 2018 22:49:49 +0200
Subject: [PATCH 626/889] Add import/export test of EC public key

---
 tests/suites/test_suite_psa_crypto.data | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 6b1c38eee..e8d836168 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -190,7 +190,7 @@ PSA import RSA keypair: 1023-bit (not supported)
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import:"3082025a0201000281806c49704e91f3df44fc99e9b3c0fee5025cc04d09529a1dd05754f2da2751d7a9aa5a79f7070132f2c47b31963e37cd74675f9c93ee7c85a143fefe303e94d1ee0e4d30898d17ab3a229e8457ef21fd179039f748305babe7f134f6d58ce5d721a1a5da98f63503d2466c6a515e53494a41180a91e535bd5b55d4dce2c17419870203010001028180491b277413fb35efe82dace68b544a9dd6aa8917d329731955ec66ec3b0178fcf5a29196e1a6c093bf6c8064b36a8f0d9840a78003d11392754a70a77788975515a1442a6c806cafa2f07fe99cac78a86fa868888d654cec4baf205352cf8255acaa47e2455f23b58c0e5ae43fa297bbffe5b970caa80f71e82084fd35425479024100ef27f3fb2df90ac4910ed95fdde4877d09b0dc4e95079f12a7e2041300a8884a39372a1c79691338cd5c3965bcf3a24f2ce9e10de19d4cb87c7546d60ca0aa0d024073e9e1283475e9ab3075da0b005ca7c7b05e76325f8deb648238831c8353041d594307f784cd527cfee9187b997713d71c0ff98f01beac4d1a85583be52e90e302402f0c801e311c2677274671933f96fee4a56c6adaf6ccaa09c4875d5fd3a8542fadf3e14ffabea62e6d90302688b6b17ebc0a42e1353a79e66d6db102d9371e5d02406731ef3c8607fbf266806590a9cfd3a79a435ee355e2d9906fc6b4236c5f3a288ed178844a7d295512f49ed15b3d82325e4f729478af3262aa9bd083f273d49502410090a32c0e8ca3bcd4c66f092cdc369cd1abb4a05b9a6f0e65e5a51da1d96d5aca8c1525b3f11322c0588062fc8592ebf25b7950f918d39018e82b8acccc8f7e7a":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_ERROR_NOT_SUPPORTED
 
-PSA import/export EC secp224r1: good
+PSA import/export EC secp224r1 key pair: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED
 import_export:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:224:0:PSA_SUCCESS:1
 
@@ -198,7 +198,7 @@ PSA import/export-public EC secp224r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED
 import_export_public_key:"6849f97d1066f6997759637c7e3899464cee3ec7ac970653a0be0742":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP224R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"304e301006072a8648ce3d020106052b81040021033a00041693a290f7f0b571fe2b41d5d84b01327631f4a860f995fa332c097f54192bb10f00113f2affb13c1a24ce44914571a95440ae014a00cbf7"
 
-PSA import/export EC secp256r1: good
+PSA import/export EC secp256r1 key pair: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 import_export:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
 
@@ -206,7 +206,7 @@ PSA import/export-public EC secp256r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 import_export_public_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"3059301306072a8648ce3d020106082a8648ce3d030107034200047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45"
 
-PSA import/export EC secp384r1: good
+PSA import/export EC secp384r1 key pair: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 import_export:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1
 
@@ -214,7 +214,7 @@ PSA import/export-public EC secp384r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
 import_export_public_key:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"3076301006072a8648ce3d020106052b8104002203620004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747"
 
-PSA import/export EC secp521r1: good
+PSA import/export EC secp521r1 key pair: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
 import_export:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:521:0:PSA_SUCCESS:1
 
@@ -222,7 +222,7 @@ PSA import/export-public EC secp521r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP521R1_ENABLED
 import_export_public_key:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP521R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"30819b301006072a8648ce3d020106052b810400230381860004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1"
 
-PSA import/export EC brainpool256r1: good
+PSA import/export EC brainpool256r1 key pair: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
 import_export:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
 
@@ -230,7 +230,7 @@ PSA import/export-public EC brainpool256r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP256R1_ENABLED
 import_export_public_key:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P256R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"305a301406072a8648ce3d020106092b240303020801010703420004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d"
 
-PSA import/export EC brainpool384r1: good
+PSA import/export EC brainpool384r1 key pair: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED
 import_export:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:384:0:PSA_SUCCESS:1
 
@@ -238,7 +238,7 @@ PSA import/export-public EC brainpool384r1: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP384R1_ENABLED
 import_export_public_key:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P384R1):PSA_ALG_ECDSA_ANY:0:PSA_SUCCESS:"307a301406072a8648ce3d020106092b240303020801010b03620004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a"
 
-PSA import/export EC brainpool512r1: good
+PSA import/export EC brainpool512r1 key pair: good
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED
 import_export:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:512:0:PSA_SUCCESS:1
 
@@ -250,6 +250,10 @@ PSA import/export-public: cannot export-public a symmetric key
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_RSA_C
 import_export_public_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:PSA_ALG_CBC_NO_PADDING:0:PSA_ERROR_INVALID_ARGUMENT:""
 
+PSA import/export EC secp256r1 public key: good
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+import_export:"3059301306072a8648ce3d020106082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ALG_ECDSA_ANY:PSA_KEY_USAGE_EXPORT:256:0:PSA_SUCCESS:1
+
 PSA import/export AES key: policy forbids export
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
 import_export:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_KEY_TYPE_AES:PSA_ALG_CTR:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:128:0:PSA_ERROR_NOT_PERMITTED:1

From 88714d78b8bd107c7d3787895e4a012605cc134d Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 25 Oct 2018 23:07:25 +0200
Subject: [PATCH 627/889] Allow ECDH-only public key in ECDH

In ECDH key agreement, allow a public key with the OID id-ECDH, not
just a public key with the OID id-ecPublicKey.

Public keys with the OID id-ECDH are not permitted by psa_import_key,
at least for now. There would be no way to use the key for a key
agreement operation anyway in the current API.
---
 library/psa_crypto.c                    | 10 +++++++---
 tests/suites/test_suite_psa_crypto.data | 11 +++++++++++
 2 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index bc306cbd1..5fe969c3c 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3620,10 +3620,14 @@ static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key,
     ret = mbedtls_pk_parse_public_key( &pk, peer_key, peer_key_length );
     if( ret != 0 )
         goto exit;
-    if( mbedtls_pk_get_type( &pk ) != MBEDTLS_PK_ECKEY )
+    switch( mbedtls_pk_get_type( &pk ) )
     {
-        ret = MBEDTLS_ERR_ECP_INVALID_KEY;
-        goto exit;
+        case MBEDTLS_PK_ECKEY:
+        case MBEDTLS_PK_ECKEY_DH:
+            break;
+        default:
+            ret = MBEDTLS_ERR_ECP_INVALID_KEY;
+            goto exit;
     }
     their_key = mbedtls_pk_ec( pk );
     ret = mbedtls_ecdh_get_params( &ecdh, their_key, MBEDTLS_ECDH_THEIRS );
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index e8d836168..5b8166428 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -312,6 +312,13 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 # it's looking for an OID where there is no OID.
 import:"3078020101042100ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3aa00a06082a8648ce3d030107a14403420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_NOT_SUPPORTED
 
+# A key with the OID id-ECDH is only valid for ECDH, not for ECDSA.
+# Such keys are currently not allowed by psa_import_key, only by
+# psa_key_agreement.
+PSA import EC public key: ECDH-only
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+import:"3057301106052b8104010c06082a8648ce3d03010703420004dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1):PSA_ERROR_INVALID_ARGUMENT
+
 PSA import EC keypair: valid key but RSA
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C
 import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ERROR_INVALID_ARGUMENT
@@ -1573,6 +1580,10 @@ PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 32 (full)
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
 key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":""
 
+PSA key agreement: ECDH SECP256R1 with ECDH-only public key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3057301106052b8104010c06082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de":""
+
 PSA key agreement: ECDH SECP256R1 (RFC 5903), raw: read 0+32
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
 key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"":"d6840f6b42f6edafd13116e0e12565202fef8e9ece7dce03812464d04b9442de"

From f5f442a50c3e19f738618d20a5288e1838760458 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 7 Nov 2018 18:20:48 +0100
Subject: [PATCH 628/889] More accurate description of the shared secret for
 ECDH

Don't refer to the "curve size", call it the "size of the order of the
curve".
---
 include/psa/crypto.h | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index cc233f26e..412fe5a75 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1263,9 +1263,10 @@ typedef uint32_t psa_algorithm_t;
  * public key, with a key selection or key derivation algorithm to produce
  * one or more shared keys and other shared cryptographic material.
  *
- * The input to \p kdf_alg is the shared secret `d_A Q_B = d_B Q_A` in
- * big-endian format. It is `ceiling(n / 8)` bytes long where `n` is the
- * curve size in bits.
+ * The input to \p kdf_alg is the x-coordinate of the shared secret
+ * `d_A Q_B = d_B Q_A` in big-endian format. It has the same size of
+ * the order of the curve, i.e. `ceiling(n / 8)` bytes where `n` is
+ * the size of the order of the curve.
  *
  * \param kdf_alg       A key derivation algorithm (\c PSA_ALG_XXX value such
  *                      that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true)

From c7998b78b8f4c6f58ad5a0216d321063d59f17a9 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 7 Nov 2018 18:45:02 +0100
Subject: [PATCH 629/889] Factor common code into key_agreement_with_self

---
 tests/suites/test_suite_psa_crypto.function | 80 ++++++++++-----------
 1 file changed, 38 insertions(+), 42 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index bcd07c15f..674a6e9fe 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -394,16 +394,46 @@ exit:
     return( 0 );
 }
 
+/* We need two keys to exercise key agreement. Exercise the
+ * private key against its own public key. */
+static psa_status_t key_agreement_with_self( psa_crypto_generator_t *generator,
+                                             psa_key_type_t key_slot,
+                                             psa_algorithm_t alg )
+{
+    psa_key_type_t private_key_type;
+    psa_key_type_t public_key_type;
+    size_t key_bits;
+    uint8_t *public_key = NULL;
+    size_t public_key_length;
+    /* Return UNKNOWN_ERROR if something other than the final call to
+     * psa_key_agreement fails. This isn't fully satisfactory, but it's
+     * good enough: callers will report it as a failed test anyway. */
+    psa_status_t status = PSA_ERROR_UNKNOWN_ERROR;
+
+    TEST_ASSERT( psa_get_key_information( key_slot,
+                                          &private_key_type,
+                                          &key_bits ) == PSA_SUCCESS );
+    public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( private_key_type );
+    public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits );
+    ASSERT_ALLOC( public_key, public_key_length );
+    TEST_ASSERT( public_key != NULL );
+    TEST_ASSERT( psa_export_public_key( key_slot,
+                                        public_key, public_key_length,
+                                        &public_key_length ) == PSA_SUCCESS );
+
+    status = psa_key_agreement( generator, key_slot,
+                                public_key, public_key_length,
+                                alg );
+exit:
+    mbedtls_free( public_key );
+    return( status );
+}
+
 static int exercise_key_agreement_key( psa_key_slot_t key,
                                        psa_key_usage_t usage,
                                        psa_algorithm_t alg )
 {
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
-    psa_key_type_t key_type;
-    psa_key_type_t public_key_type;
-    size_t key_bits;
-    uint8_t *public_key = NULL;
-    size_t public_key_length;
     unsigned char output[1];
     int ok = 0;
 
@@ -411,22 +441,8 @@ static int exercise_key_agreement_key( psa_key_slot_t key,
     {
         /* We need two keys to exercise key agreement. Exercise the
          * private key against its own public key. */
-        TEST_ASSERT( psa_get_key_information( key,
-                                              &key_type,
-                                              &key_bits ) == PSA_SUCCESS );
-        public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( key_type );
-        public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type,
-                                                     key_bits );
-        ASSERT_ALLOC( public_key, public_key_length );
-        TEST_ASSERT( public_key != NULL );
-        TEST_ASSERT(
-            psa_export_public_key( key,
-                                   public_key, public_key_length,
-                                   &public_key_length ) == PSA_SUCCESS );
-        TEST_ASSERT( psa_key_agreement( &generator,
-                                        key,
-                                        public_key, public_key_length,
-                                        alg ) == PSA_SUCCESS );
+        TEST_ASSERT( key_agreement_with_self( &generator, key, alg ) ==
+                     PSA_SUCCESS );
         TEST_ASSERT( psa_generator_read( &generator,
                                          output,
                                          sizeof( output ) ) == PSA_SUCCESS );
@@ -435,7 +451,6 @@ static int exercise_key_agreement_key( psa_key_slot_t key,
     ok = 1;
 
 exit:
-    mbedtls_free( public_key );
     return( ok );
 }
 
@@ -1701,7 +1716,6 @@ void derive_key_policy( int policy_usage,
         TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 
 exit:
-    mbedtls_free( public_key );
     psa_generator_abort( &generator );
     psa_destroy_key( key_slot );
     mbedtls_psa_crypto_free( );
@@ -1718,10 +1732,6 @@ void agreement_key_policy( int policy_usage,
     int key_slot = 1;
     psa_key_policy_t policy;
     psa_key_type_t key_type = key_type_arg;
-    psa_key_type_t public_key_type;
-    size_t key_bits;
-    uint8_t *public_key = NULL;
-    size_t public_key_length;
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
     psa_status_t status;
 
@@ -1734,22 +1744,8 @@ void agreement_key_policy( int policy_usage,
     TEST_ASSERT( psa_import_key( key_slot, key_type,
                                  key_data->x, key_data->len ) == PSA_SUCCESS );
 
-    /* We need two keys to exercise key agreement. Exercise the
-     * private key against its own public key. */
-    TEST_ASSERT( psa_get_key_information( key_slot,
-                                          &key_type,
-                                          &key_bits ) == PSA_SUCCESS );
-    public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( key_type );
-    public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits );
-    ASSERT_ALLOC( public_key, public_key_length );
-    TEST_ASSERT( public_key != NULL );
-    TEST_ASSERT( psa_export_public_key( key_slot,
-                                        public_key, public_key_length,
-                                        &public_key_length ) == PSA_SUCCESS );
+    status = key_agreement_with_self( &generator, key_slot, exercise_alg );
 
-    status = psa_key_agreement( &generator, key_slot,
-                                public_key, public_key_length,
-                                exercise_alg );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 )
         TEST_ASSERT( status == PSA_SUCCESS );

From b408661be987451e71fc94be5d6e23a111dfd002 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 14 Nov 2018 20:51:23 +0100
Subject: [PATCH 630/889] ECDH: check that the keys are on the same curve

In psa_key_agreement_ecdh, check that the public key is on the same
curve as the private key. The underlying mbedtls API doesn't check.

If the curves don't match, psa_key_agreement_ecdh is practically
guaranteed to return INVALID_ARGUMENT anyway, because way the code is
written, the public point is interpreted on the curve of the private
point, and it is rejected because the point is not on the curve. This
is why the test case "PSA key agreement setup: ECDH, raw: public key
on different curve" passed even before adding this check.
---
 library/psa_crypto.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 5fe969c3c..763074c9b 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3630,6 +3630,12 @@ static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key,
             goto exit;
     }
     their_key = mbedtls_pk_ec( pk );
+    if( their_key->grp.id != our_key->grp.id )
+    {
+        ret = MBEDTLS_ERR_ECP_INVALID_KEY;
+        goto exit;
+    }
+
     ret = mbedtls_ecdh_get_params( &ecdh, their_key, MBEDTLS_ECDH_THEIRS );
     if( ret != 0 )
         goto exit;

From 7b5b4a01a4b3cdb269a5b0535313203b2458b85f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 14 Nov 2018 21:05:10 +0100
Subject: [PATCH 631/889] Correct description of the ECDH shared secret

The endianness actually depends on the curve type.

Correct the terminology around "curve size" and "order of the curve".
I tried to find a formulation that is comprehensible to programmers
who do not know the underlying mathematics, but nonetheless correct
and precise.

Use similar terminology in other places that were using "order of the
curve" to describe the bit size associated with the curve.
---
 include/psa/crypto.h       | 34 +++++++++++++++++++++++++++-------
 include/psa/crypto_sizes.h |  7 ++++---
 2 files changed, 31 insertions(+), 10 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 412fe5a75..df760ddd5 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1263,10 +1263,29 @@ typedef uint32_t psa_algorithm_t;
  * public key, with a key selection or key derivation algorithm to produce
  * one or more shared keys and other shared cryptographic material.
  *
- * The input to \p kdf_alg is the x-coordinate of the shared secret
- * `d_A Q_B = d_B Q_A` in big-endian format. It has the same size of
- * the order of the curve, i.e. `ceiling(n / 8)` bytes where `n` is
- * the size of the order of the curve.
+ * The shared secret produced by key agreement and passed as input to the
+ * derivation or selection algorithm \p kdf_alg is the x-coordinate of
+ * the shared secret point. It is always `ceiling(q / 8)` bytes long where
+ * `q` is the bit size associated with the curve, i.e. the bit size of the
+ * order of the curve's coordinate field. When `q` is not a multiple of 8,
+ * the byte containing the most significant bit of the shared secret
+ * is padded with zero bits. The byte order is either little-endian
+ * or big-endian depending on the curve type.
+ *
+ * - For Montgomery curves (curve types `PSA_ECC_CURVE_CURVEXXX`),
+ *   the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
+ *   in little-endian byte order.
+ *   The bit size is 448 for Curve448 and 255 for Curve25519.
+ * - For Weierstrass curves over prime fields (curve types
+ *   `PSA_ECC_CURVE_SECPXXX` and `PSA_ECC_CURVE_BRAINPOOL_PXXX`),
+ *   the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
+ *   in big-endian byte order.
+ *   The bit size is `q = ceiling(log_2(p))` for the field `F_p`.
+ * - For Weierstrass curves over binary fields (curve types
+ *   `PSA_ECC_CURVE_SECTXXX`),
+ *   the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
+ *   in big-endian byte order.
+ *   The bit size is `q = m` for the field `F_{2^m}`.
  *
  * \param kdf_alg       A key derivation algorithm (\c PSA_ALG_XXX value such
  *                      that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true)
@@ -1567,9 +1586,10 @@ psa_status_t psa_export_key(psa_key_slot_t key,
  *
  *   ECPoint ::= ...
  *      -- first 8 bits: 0x04;
- *      -- then x_P as an n-bit string, big endian;
- *      -- then y_P as a n-bit string, big endian,
- *      -- where n is the order of the curve.
+ *      -- then x_P as a `ceiling(n/8)`-byte string, big endian;
+ *      -- then y_P as a `ceiling(n/8)`-byte string, big endian;
+ *      -- where `n` is the bit size associated with the curve,
+ *      --       i.e. the bit size of `q` for a curve over `F_q`.
  *
  *   EcpkParameters ::= CHOICE { -- other choices are not allowed
  *      namedCurve    OBJECT IDENTIFIER }
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index edddca47a..f4feb4d20 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -422,9 +422,10 @@
  *      parameters              OBJECT IDENTIFIER } -- namedCurve
  * ECPoint ::= ...
  *    -- first 8 bits: 0x04;
- *    -- then x_P as an n-bit string, big endian;
- *    -- then y_P as a n-bit string, big endian,
- *    -- where n is the order of the curve.
+ *    -- then x_P as a `ceiling(n/8)`-byte string, big endian;
+ *    -- then y_P as a `ceiling(n/8)`-byte string, big endian;
+ *    -- where `n` is the bit size associated with the curve,
+ *    --       i.e. the bit size of `q` for a curve over `F_q`.
  *
  * - 2 * 4 bytes of SEQUENCE overhead;
  * - 1 + 1 + 7 bytes of algorithm (id-ecPublicKey OID);

From 6c6a023f9994ca1854cada3d51be237e57680712 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 15 Nov 2018 17:44:43 +0100
Subject: [PATCH 632/889] More tweaks on EC-related wording

Use m for the bit size of the field order, not q which is
traditionally the field order.

Correct and clarify the private key representation format as has been
done for the private key and ECDH shared secret formats.
---
 include/psa/crypto.h       | 25 +++++++++++++++----------
 include/psa/crypto_sizes.h |  7 +++----
 2 files changed, 18 insertions(+), 14 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index df760ddd5..6e5bbe010 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1265,9 +1265,9 @@ typedef uint32_t psa_algorithm_t;
  *
  * The shared secret produced by key agreement and passed as input to the
  * derivation or selection algorithm \p kdf_alg is the x-coordinate of
- * the shared secret point. It is always `ceiling(q / 8)` bytes long where
- * `q` is the bit size associated with the curve, i.e. the bit size of the
- * order of the curve's coordinate field. When `q` is not a multiple of 8,
+ * the shared secret point. It is always `ceiling(m / 8)` bytes long where
+ * `m` is the bit size associated with the curve, i.e. the bit size of the
+ * order of the curve's coordinate field. When `m` is not a multiple of 8,
  * the byte containing the most significant bit of the shared secret
  * is padded with zero bits. The byte order is either little-endian
  * or big-endian depending on the curve type.
@@ -1280,12 +1280,12 @@ typedef uint32_t psa_algorithm_t;
  *   `PSA_ECC_CURVE_SECPXXX` and `PSA_ECC_CURVE_BRAINPOOL_PXXX`),
  *   the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
  *   in big-endian byte order.
- *   The bit size is `q = ceiling(log_2(p))` for the field `F_p`.
+ *   The bit size is `m = ceiling(log_2(p))` for the field `F_p`.
  * - For Weierstrass curves over binary fields (curve types
  *   `PSA_ECC_CURVE_SECTXXX`),
  *   the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
  *   in big-endian byte order.
- *   The bit size is `q = m` for the field `F_{2^m}`.
+ *   The bit size is `m` for the field `F_{2^m}`.
  *
  * \param kdf_alg       A key derivation algorithm (\c PSA_ALG_XXX value such
  *                      that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true)
@@ -1486,8 +1486,13 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  *   ```
  * - For elliptic curve key pairs (key types for which
  *   #PSA_KEY_TYPE_IS_ECC_KEYPAIR is true), the format is
- *   a big-endian representation of the private point as a
- *   `ceiling(log2(n)/8)`-byte string where `n` is the order of the curve.
+ *   a representation of the private value as a `ceiling(m/8)`-byte string
+ *   where `m` is the bit size associated with the curve, i.e. the bit size
+ *   of the order of the curve's coordinate field. This byte string is
+ *   in little-endian order for Montgomery curves (curve types
+ *   `PSA_ECC_CURVE_CURVEXXX`), and in big-endian order for Weierstrass
+ *   curves (curve types `PSA_ECC_CURVE_SECTXXX`, `PSA_ECC_CURVE_SECPXXX`
+ *   and `PSA_ECC_CURVE_BRAINPOOL_PXXX`).
  *   This is the content of the `privateKey` field of the `ECPrivateKey`
  *   format defined by RFC 5915.
  * - For public keys (key types for which #PSA_KEY_TYPE_IS_PUBLIC_KEY is
@@ -1586,9 +1591,9 @@ psa_status_t psa_export_key(psa_key_slot_t key,
  *
  *   ECPoint ::= ...
  *      -- first 8 bits: 0x04;
- *      -- then x_P as a `ceiling(n/8)`-byte string, big endian;
- *      -- then y_P as a `ceiling(n/8)`-byte string, big endian;
- *      -- where `n` is the bit size associated with the curve,
+ *      -- then x_P as a `ceiling(m/8)`-byte string, big endian;
+ *      -- then y_P as a `ceiling(m/8)`-byte string, big endian;
+ *      -- where `m` is the bit size associated with the curve,
  *      --       i.e. the bit size of `q` for a curve over `F_q`.
  *
  *   EcpkParameters ::= CHOICE { -- other choices are not allowed
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index f4feb4d20..f0a1ba7dd 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -422,10 +422,9 @@
  *      parameters              OBJECT IDENTIFIER } -- namedCurve
  * ECPoint ::= ...
  *    -- first 8 bits: 0x04;
- *    -- then x_P as a `ceiling(n/8)`-byte string, big endian;
- *    -- then y_P as a `ceiling(n/8)`-byte string, big endian;
- *    -- where `n` is the bit size associated with the curve,
- *    --       i.e. the bit size of `q` for a curve over `F_q`.
+ *    -- then x_P as a `ceiling(m/8)`-byte string, big endian;
+ *    -- then y_P as a `ceiling(m/8)`-byte string, big endian;
+ *    -- where `m` is the bit size associated with the curve.
  *
  * - 2 * 4 bytes of SEQUENCE overhead;
  * - 1 + 1 + 7 bytes of algorithm (id-ecPublicKey OID);

From d171e78b4691dba2d976021faffebabc3dcefec8 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 15 Nov 2018 17:46:21 +0100
Subject: [PATCH 633/889] Document the peer_key format for psa_key_agreement

---
 include/psa/crypto.h | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 6e5bbe010..a2191c664 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -3241,7 +3241,11 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
  *                                \c PSA_CRYPTO_GENERATOR_INIT or
  *                                psa_crypto_generator_init().
  * \param private_key             Slot containing the private key to use.
- * \param[in] peer_key            Public key of the peer.
+ * \param[in] peer_key            Public key of the peer. It must be
+ *                                in the same format that psa_import_key()
+ *                                accepts. The standard formats for public
+ *                                keys are documented in the documentation
+ *                                of psa_export_public_key().
  * \param peer_key_length         Size of \p peer_key in bytes.
  * \param alg                     The key agreement algorithm to compute
  *                                (\c PSA_ALG_XXX value such that

From 99d0259987fadf213323fe6621759c01d7ecca34 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 15 Nov 2018 17:47:25 +0100
Subject: [PATCH 634/889] Improve documentation the shared secret format for
 FFDH

---
 include/psa/crypto.h | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index a2191c664..64f343c6e 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1228,8 +1228,11 @@ typedef uint32_t psa_algorithm_t;
  * public key, with a key selection or key derivation algorithm to produce
  * one or more shared keys and other shared cryptographic material.
  *
- * The input to \p kdf_alg is the shared secret `g^{ab}` in big-endian format.
- * It is `ceiling(n / 8)` bytes long where `n` is the size of the prime `p`.
+ * The shared secret produced by key agreement and passed as input to the
+ * derivation or selection algorithm \p kdf_alg is the shared secret
+ * `g^{ab}` in big-endian format.
+ * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p`
+ * in bits.
  *
  * \param kdf_alg       A key derivation algorithm (\c PSA_ALG_XXX value such
  *                      that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true)

From 79250c255f365e295ab475019cd6477f7833c6fc Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 9 Oct 2018 17:32:46 +0100
Subject: [PATCH 635/889] Add identifiers for TLS-1.2 PRF

This commit adds KDF algorithm identifiers `PSA_ALG_TLS12_PRF(HASH)`
to the PSA crypto API. They represent the key derivation functions
used by TLS 1.2 for the PreMasterSecret->MasterSecret and
MasterSecret->KeyBlock conversions.
---
 include/psa/crypto.h | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 64f343c6e..8e439bab0 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1199,6 +1199,39 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_HKDF_GET_HASH(hkdf_alg)                         \
     (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
 
+#define PSA_ALG_TLS12_PRF_BASE                     ((psa_algorithm_t)0x30000200)
+/** Macro to build a TLS-1.2 PRF algorithm.
+ *
+ * For example, `PSA_ALG_TLS12_PRF(PSA_ALG_SHA256)` represents the
+ * TLS 1.2 PRF using HMAC-SHA-256.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *
+ * \return              The corresponding TLS-1.2 PRF algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_TLS12_PRF(hash_alg)                                  \
+    (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+
+/** Whether the specified algorithm is a TLS-1.2 PRF algorithm.
+ *
+ * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule,
+ * specified in Section 5 of RFC 5246. It is based on HMAC and can be
+ * used with either SHA-256 or SHA-384.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a TLS-1.2 PRF algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         key derivation algorithm identifier.
+ */
+#define PSA_ALG_IS_TLS12_PRF(alg)                                    \
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE)
+#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg)                         \
+    (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
+
 #define PSA_ALG_KEY_DERIVATION_MASK             ((psa_algorithm_t)0x010fffff)
 
 /** Use a shared secret as is.

From c8a41d71cba5b03f7be075cd3b904b5075011294 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 9 Oct 2018 17:33:01 +0100
Subject: [PATCH 636/889] Add implementation of TLS-1.2 PRF

---
 include/psa/crypto_struct.h |  30 +++++
 library/psa_crypto.c        | 240 ++++++++++++++++++++++++++++++++++++
 2 files changed, 270 insertions(+)

diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index e38a9bfba..2d7bb2682 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -144,6 +144,35 @@ typedef struct
     uint8_t block_number;
 } psa_hkdf_generator_t;
 
+typedef struct psa_tls12_prf_generator_s
+{
+    /* The TLS 1.2 PRF uses the key for each HMAC iteration,
+     * hence we must store it for the lifetime of the generator.
+     * This is different from HKDF, where the key is only used
+     * in the extraction phase, but not during expansion. */
+    unsigned char *key;
+    size_t key_len;
+
+    /* `A(i) + seed` in the notation of RFC 5246, Sect. 5 */
+    uint8_t Ai_with_seed[PSA_HASH_MAX_SIZE + 64];
+    size_t seed_length;
+
+    /* `HMAC_hash( prk, A(i) + seed )` in the notation of RFC 5246, Sect. 5. */
+    uint8_t output_block[PSA_HASH_MAX_SIZE];
+
+#if PSA_HASH_MAX_SIZE > 0xff
+#error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
+#endif
+
+    /* Indicates how many bytes in the current HMAC block have
+     * already been read by the user. */
+    uint8_t offset_in_block;
+
+    /* The 1-based number of the block. */
+    uint8_t block_number;
+
+} psa_tls12_prf_generator_t;
+
 struct psa_crypto_generator_s
 {
     psa_algorithm_t alg;
@@ -157,6 +186,7 @@ struct psa_crypto_generator_s
         } buffer;
 #if defined(MBEDTLS_MD_C)
         psa_hkdf_generator_t hkdf;
+        psa_tls12_prf_generator_t tls12_prf;
 #endif
     } ctx;
 };
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 763074c9b..ef4623716 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1506,6 +1506,12 @@ static psa_status_t psa_hmac_abort_internal( psa_hmac_internal_data *hmac )
     mbedtls_zeroize( hmac->opad, sizeof( hmac->opad ) );
     return( psa_hash_abort( &hmac->hash_ctx ) );
 }
+
+static void psa_hmac_init_internal( psa_hmac_internal_data *hmac )
+{
+    /* Instances of psa_hash_operation_s can be initialized by zeroization. */
+    memset( hmac, 0, sizeof( *hmac ) );
+}
 #endif /* MBEDTLS_MD_C */
 
 psa_status_t psa_mac_abort( psa_mac_operation_t *operation )
@@ -3258,6 +3264,15 @@ psa_status_t psa_generator_abort( psa_crypto_generator_t *generator )
         mbedtls_free( generator->ctx.hkdf.info );
         status = psa_hmac_abort_internal( &generator->ctx.hkdf.hmac );
     }
+    else if( PSA_ALG_IS_TLS12_PRF( generator->alg ) )
+    {
+        if( generator->ctx.tls12_prf.key != NULL )
+        {
+            mbedtls_zeroize( generator->ctx.tls12_prf.key,
+                             generator->ctx.tls12_prf.key_len );
+            mbedtls_free( generator->ctx.tls12_prf.key );
+        }
+    }
     else
 #endif /* MBEDTLS_MD_C */
     {
@@ -3340,6 +3355,172 @@ static psa_status_t psa_generator_hkdf_read( psa_hkdf_generator_t *hkdf,
 
     return( PSA_SUCCESS );
 }
+
+static psa_status_t psa_generator_tls12_prf_generate_next_block(
+    psa_tls12_prf_generator_t *tls12_prf,
+    psa_algorithm_t alg )
+{
+    psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg );
+    uint8_t hash_length = PSA_HASH_SIZE( hash_alg );
+    psa_hmac_internal_data hmac;
+    psa_status_t status, cleanup_status;
+
+    /* We can't be wanting more output after block 0xff, otherwise
+     * the capacity check in psa_generator_read() would have
+     * prevented this call. It could happen only if the generator
+     * object was corrupted or if this function is called directly
+     * inside the library. */
+    if( tls12_prf->block_number == 0xff )
+        return( PSA_ERROR_BAD_STATE );
+
+    /* We need a new block */
+    ++tls12_prf->block_number;
+    tls12_prf->offset_in_block = 0;
+
+    /* Recall the definition of the TLS-1.2-PRF from RFC 5246:
+     *
+     * PRF(secret, label, seed) = P_<hash>(secret, label + seed)
+     *
+     * P_hash(secret, seed) = HMAC_hash(secret, A(1) + seed) +
+     *                        HMAC_hash(secret, A(2) + seed) +
+     *                        HMAC_hash(secret, A(3) + seed) + ...
+     *
+     * A(0) = seed
+     * A(i) = HMAC_hash( secret, A(i-1) )
+     *
+     * The `psa_tls12_prf_generator` structures saves the block
+     * `HMAC_hash(secret, A(i) + seed)` from which the output
+     * is currently extracted as `output_block`, while
+     * `A(i) + seed` is stored in `Ai_with_seed`.
+     *
+     * Generating a new block means recalculating `Ai_with_seed`
+     * from the A(i)-part of it, and afterwards recalculating
+     * `output_block`.
+     *
+     * A(0) is computed at setup time.
+     *
+     */
+
+    psa_hmac_init_internal( &hmac );
+
+    /* We must distinguish the calculation of A(1) from those
+     * of A(2) and higher, because A(0)=seed has a different
+     * length than the other A(i). */
+    if( tls12_prf->block_number == 1 )
+    {
+        /* Compute A(1) = HMAC_hash(secret, label + seed) */
+        status = psa_hmac_setup_internal( &hmac,
+                                          tls12_prf->key,
+                                          tls12_prf->key_len,
+                                          hash_alg );
+        if( status != PSA_SUCCESS )
+            goto cleanup;
+
+        status = psa_hash_update( &hmac.hash_ctx,
+                                  /* This omits the (so far undefined)
+                                   * first hash_length bytes. */
+                                  tls12_prf->Ai_with_seed + hash_length,
+                                  tls12_prf->seed_length );
+        if( status != PSA_SUCCESS )
+            goto cleanup;
+        status = psa_hmac_finish_internal( &hmac,
+                                           tls12_prf->Ai_with_seed,
+                                           hash_length );
+        if( status != PSA_SUCCESS )
+            goto cleanup;
+    }
+    else
+    {
+        /* Compute A(i+1) = HMAC_hash(secret, A(i)) */
+        status = psa_hmac_setup_internal( &hmac,
+                                          tls12_prf->key,
+                                          tls12_prf->key_len,
+                                          hash_alg );
+        if( status != PSA_SUCCESS )
+            goto cleanup;
+
+        status = psa_hash_update( &hmac.hash_ctx,
+                                  tls12_prf->Ai_with_seed,
+                                  /* This omits the seed part of A(i) */
+                                  hash_length );
+        if( status != PSA_SUCCESS )
+            goto cleanup;
+
+        status = psa_hmac_finish_internal( &hmac,
+                                           tls12_prf->Ai_with_seed,
+                                           hash_length );
+        if( status != PSA_SUCCESS )
+            goto cleanup;
+    }
+
+    /* Compute the next block `HMAC_hash(secret, A(i+1) + seed)`. */
+    status = psa_hmac_setup_internal( &hmac,
+                                      tls12_prf->key,
+                                      tls12_prf->key_len,
+                                      hash_alg );
+    if( status != PSA_SUCCESS )
+        goto cleanup;
+
+    status = psa_hash_update( &hmac.hash_ctx,
+                              tls12_prf->Ai_with_seed,
+                              hash_length + tls12_prf->seed_length );
+    if( status != PSA_SUCCESS )
+        goto cleanup;
+
+    status = psa_hmac_finish_internal( &hmac,
+                                       tls12_prf->output_block,
+                                       hash_length );
+    if( status != PSA_SUCCESS )
+        goto cleanup;
+
+cleanup:
+
+    cleanup_status = psa_hmac_abort_internal( &hmac );
+    if( status == PSA_SUCCESS && cleanup_status != PSA_SUCCESS )
+        status = cleanup_status;
+
+    return( status );
+}
+
+/* Read some bytes from an TLS-1.2-PRF-based generator.
+ * See Section 5 of RFC 5246. */
+static psa_status_t psa_generator_tls12_prf_read(
+                                        psa_tls12_prf_generator_t *tls12_prf,
+                                        psa_algorithm_t alg,
+                                        uint8_t *output,
+                                        size_t output_length )
+{
+    psa_algorithm_t hash_alg = PSA_ALG_TLS12_PRF_GET_HASH( alg );
+    uint8_t hash_length = PSA_HASH_SIZE( hash_alg );
+    psa_status_t status;
+
+    while( output_length != 0 )
+    {
+        /* Copy what remains of the current block */
+        uint8_t n = hash_length - tls12_prf->offset_in_block;
+
+        /* Check if we have fully processed the current block. */
+        if( n == 0 )
+        {
+            status = psa_generator_tls12_prf_generate_next_block( tls12_prf,
+                                                                  alg );
+            if( status != PSA_SUCCESS )
+                return( status );
+
+            continue;
+        }
+
+        if( n > output_length )
+            n = (uint8_t) output_length;
+        memcpy( output, tls12_prf->output_block + tls12_prf->offset_in_block,
+                n );
+        output += n;
+        output_length -= n;
+        tls12_prf->offset_in_block += n;
+    }
+
+    return( PSA_SUCCESS );
+}
 #endif /* MBEDTLS_MD_C */
 
 psa_status_t psa_generator_read( psa_crypto_generator_t *generator,
@@ -3393,6 +3574,12 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator,
         status = psa_generator_hkdf_read( &generator->ctx.hkdf, hash_alg,
                                           output, output_length );
     }
+    else if( PSA_ALG_IS_TLS12_PRF( generator->alg ) )
+    {
+        status = psa_generator_tls12_prf_read( &generator->ctx.tls12_prf,
+                                               generator->alg, output,
+                                               output_length );
+    }
     else
 #endif /* MBEDTLS_MD_C */
     {
@@ -3495,6 +3682,41 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf,
     return( PSA_SUCCESS );
 }
 
+/* Set up a TLS-1.2-prf-based generator (see RFC 5246, Section 5). */
+static psa_status_t psa_generator_tls12_prf_setup(
+    psa_tls12_prf_generator_t *tls12_prf,
+    const unsigned char *key,
+    size_t key_len,
+    psa_algorithm_t hash_alg,
+    const uint8_t *salt,
+    size_t salt_length,
+    const uint8_t *label,
+    size_t label_length )
+{
+    uint8_t hash_length = PSA_HASH_SIZE( hash_alg );
+
+    tls12_prf->key = mbedtls_calloc( 1, key_len );
+    if( tls12_prf->key == NULL )
+        return( PSA_ERROR_INSUFFICIENT_MEMORY );
+    tls12_prf->key_len = key_len;
+    memcpy( tls12_prf->key, key, key_len );
+
+    /* Write `label + seed' at the end of the `A(i) + seed` buffer,
+     * leaving the initial `hash_length` bytes unspecified for now. */
+    memcpy( tls12_prf->Ai_with_seed + hash_length, label, label_length );
+    memcpy( tls12_prf->Ai_with_seed + hash_length + label_length,
+            salt, salt_length );
+
+    tls12_prf->seed_length = label_length + salt_length;
+
+    /* The first block gets generated when
+     * psa_generator_read() is called. */
+    tls12_prf->block_number    = 0;
+    tls12_prf->offset_in_block = hash_length;
+
+    return( PSA_SUCCESS );
+}
+
 static psa_status_t psa_key_derivation_internal(
     psa_crypto_generator_t *generator,
     const uint8_t *secret, size_t secret_length,
@@ -3538,6 +3760,24 @@ static psa_status_t psa_key_derivation_internal(
                                            salt, salt_length,
                                            label, label_length );
     }
+    else if( PSA_ALG_IS_TLS12_PRF( alg ) )
+    {
+        psa_algorithm_t hash_alg = PSA_ALG_TLS12_PRF_GET_HASH( alg );
+        size_t hash_size = PSA_HASH_SIZE( hash_alg );
+
+        /* TLS-1.2 PRF supports only SHA-256 and SHA-384. */
+        if( hash_alg != PSA_ALG_SHA_256 &&
+            hash_alg != PSA_ALG_SHA_384 )
+        {
+            return( PSA_ERROR_NOT_SUPPORTED );
+        }
+
+        max_capacity = 255 * hash_size;
+        status = psa_generator_tls12_prf_setup( &generator->ctx.tls12_prf,
+                                                secret, secret_length,
+                                                hash_alg, salt, salt_length,
+                                                label, label_length );
+    }
     else
 #endif
     {

From 24658c4ba1b9aa1a81117e38f1a959327a07a51a Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 9 Oct 2018 17:33:08 +0100
Subject: [PATCH 637/889] Add test vectors for TLS 1.2 PRF

Taken from https://www.ietf.org/mail-archive/web/tls/current/msg03416.html
---
 tests/suites/test_suite_psa_crypto.data | 69 +++++++++++++++++++++++--
 1 file changed, 65 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 5b8166428..7f37db197 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -434,18 +434,30 @@ PSA key policy: asymmetric signature, neither sign nor verify
 depends_on:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
 asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEYPAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW
 
-PSA key policy: derive, permitted
+PSA key policy: derive via HKDF, permitted
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256)
 
-PSA key policy: derive, not permitted
+PSA key policy: derive via TLS 1.2 PRF, permitted
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
+
+PSA key policy: derive via HKDF, not permitted
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_key_policy:0:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256)
 
-PSA key policy: derive, wrong algorithm
+PSA key policy: derive via TLS 1.2 PRF, not permitted
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_key_policy:0:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
+
+PSA key policy: derive via HKDF, wrong algorithm
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224)
 
+PSA key policy: derive via TLS 1.2 PRF, wrong algorithm
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_224)
+
 PSA key policy: agreement, permitted
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
 agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDH(PSA_ALG_SELECT_RAW)
@@ -1400,10 +1412,18 @@ PSA key derivation: HKDF-SHA-512, good case
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
 derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_512):"":"":42:PSA_SUCCESS
 
-PSA key derivation: bad key type
+PSA key derivation: HKDF-SHA-256, bad key type
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_setup:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_HKDF(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT
 
+PSA key derivation: TLS 1.2 PRF SHA-256, good case
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"":"":42:PSA_SUCCESS
+
+PSA key derivation: TLS 1.2 PRF SHA-256, bad key type
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_setup:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"":"":42:PSA_ERROR_INVALID_ARGUMENT
+
 PSA key derivation: not a key derivation algorithm (selection)
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_SELECT_RAW:"":"":42:PSA_ERROR_INVALID_ARGUMENT
@@ -1476,6 +1496,47 @@ PSA key derivation: HKDF SHA-1, RFC5869 #7, output 42+0
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C
 derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_1):"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":42:"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48":""
 
+# Test vectors taken from https://www.ietf.org/mail-archive/web/tls/current/msg03416.html
+PSA key derivation: TLS 1.2 PRF SHA-256, output 100+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66":""
+
+PSA key derivation: TLS 1.2 PRF SHA-256, output 99+1
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b":"66"
+
+PSA key derivation: TLS 1.2 PRF SHA-256, output 1+99
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3":"f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa022f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66"
+
+PSA key derivation: TLS 1.2 PRF SHA-256, output 50+50
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b66"
+
+PSA key derivation: TLS 1.2 PRF SHA-256, output 50+49
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"9bbe436ba940f017b17652849a71db35":"a0ba9f936cda311827a6f796ffd5198c":"74657374206c6162656c":100:"e3f229ba727be17b8d122620557cd453c2aab21d07c3d495329b52d4e61edb5a6b301791e90d35c9c9a46b4e14baf9af0fa0":"22f7077def17abfd3797c0564bab4fbc91666e9def9b97fce34f796789baa48082d122ee42c5a72e5a5110fff70187347b"
+
+PSA key derivation: TLS 1.2 PRF SHA-384, output 148+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f":""
+
+PSA key derivation: TLS 1.2 PRF SHA-384, output 147+1
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5":"6f"
+
+PSA key derivation: TLS 1.2 PRF SHA-384, output 1+147
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b":"0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792eca722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f"
+
+PSA key derivation: TLS 1.2 PRF SHA-384, output 74+74
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e56f"
+
+PSA key derivation: TLS 1.2 PRF SHA-384, output 74+73
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5"
+
 PSA key derivation: HKDF SHA-256, request maximum capacity
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":""

From 580fba143101b4c1403d45dc9f8c4691aa68320f Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 13 Nov 2018 20:50:45 +0000
Subject: [PATCH 638/889] Dynamically allocate `A(i) + seed` buffer for TLS-1.2
 PRF

---
 include/psa/crypto_struct.h |  4 ++--
 library/psa_crypto.c        | 25 +++++++++++++++++++++----
 2 files changed, 23 insertions(+), 6 deletions(-)

diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 2d7bb2682..f11b87cca 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -154,8 +154,8 @@ typedef struct psa_tls12_prf_generator_s
     size_t key_len;
 
     /* `A(i) + seed` in the notation of RFC 5246, Sect. 5 */
-    uint8_t Ai_with_seed[PSA_HASH_MAX_SIZE + 64];
-    size_t seed_length;
+    uint8_t *Ai_with_seed;
+    size_t Ai_with_seed_len;
 
     /* `HMAC_hash( prk, A(i) + seed )` in the notation of RFC 5246, Sect. 5. */
     uint8_t output_block[PSA_HASH_MAX_SIZE];
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ef4623716..2030315dd 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3272,6 +3272,13 @@ psa_status_t psa_generator_abort( psa_crypto_generator_t *generator )
                              generator->ctx.tls12_prf.key_len );
             mbedtls_free( generator->ctx.tls12_prf.key );
         }
+
+        if( generator->ctx.tls12_prf.Ai_with_seed != NULL )
+        {
+            mbedtls_zeroize( generator->ctx.tls12_prf.Ai_with_seed,
+                             generator->ctx.tls12_prf.Ai_with_seed_len );
+            mbedtls_free( generator->ctx.tls12_prf.Ai_with_seed );
+        }
     }
     else
 #endif /* MBEDTLS_MD_C */
@@ -3420,7 +3427,7 @@ static psa_status_t psa_generator_tls12_prf_generate_next_block(
                                   /* This omits the (so far undefined)
                                    * first hash_length bytes. */
                                   tls12_prf->Ai_with_seed + hash_length,
-                                  tls12_prf->seed_length );
+                                  tls12_prf->Ai_with_seed_len - hash_length );
         if( status != PSA_SUCCESS )
             goto cleanup;
         status = psa_hmac_finish_internal( &hmac,
@@ -3463,7 +3470,7 @@ static psa_status_t psa_generator_tls12_prf_generate_next_block(
 
     status = psa_hash_update( &hmac.hash_ctx,
                               tls12_prf->Ai_with_seed,
-                              hash_length + tls12_prf->seed_length );
+                              tls12_prf->Ai_with_seed_len );
     if( status != PSA_SUCCESS )
         goto cleanup;
 
@@ -3694,6 +3701,8 @@ static psa_status_t psa_generator_tls12_prf_setup(
     size_t label_length )
 {
     uint8_t hash_length = PSA_HASH_SIZE( hash_alg );
+    size_t Ai_with_seed_len = hash_length + salt_length + label_length;
+    int overflow;
 
     tls12_prf->key = mbedtls_calloc( 1, key_len );
     if( tls12_prf->key == NULL )
@@ -3701,14 +3710,22 @@ static psa_status_t psa_generator_tls12_prf_setup(
     tls12_prf->key_len = key_len;
     memcpy( tls12_prf->key, key, key_len );
 
+    overflow = ( salt_length + label_length               < salt_length ) ||
+               ( salt_length + label_length + hash_length < hash_length );
+    if( overflow )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    tls12_prf->Ai_with_seed = mbedtls_calloc( 1, Ai_with_seed_len );
+    if( tls12_prf->Ai_with_seed == NULL )
+        return( PSA_ERROR_INSUFFICIENT_MEMORY );
+    tls12_prf->Ai_with_seed_len = Ai_with_seed_len;
+
     /* Write `label + seed' at the end of the `A(i) + seed` buffer,
      * leaving the initial `hash_length` bytes unspecified for now. */
     memcpy( tls12_prf->Ai_with_seed + hash_length, label, label_length );
     memcpy( tls12_prf->Ai_with_seed + hash_length + label_length,
             salt, salt_length );
 
-    tls12_prf->seed_length = label_length + salt_length;
-
     /* The first block gets generated when
      * psa_generator_read() is called. */
     tls12_prf->block_number    = 0;

From 3b339e23427a315a294397f500d0c69fb73849d1 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 13 Nov 2018 20:56:14 +0000
Subject: [PATCH 639/889] Simplify
 psa_generator_tls12_prf_generate_next_block()

---
 library/psa_crypto.c | 66 +++++++++++++++++---------------------------
 1 file changed, 26 insertions(+), 40 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 2030315dd..5ee43e4d6 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3372,6 +3372,9 @@ static psa_status_t psa_generator_tls12_prf_generate_next_block(
     psa_hmac_internal_data hmac;
     psa_status_t status, cleanup_status;
 
+    unsigned char *Ai;
+    size_t Ai_len;
+
     /* We can't be wanting more output after block 0xff, otherwise
      * the capacity check in psa_generator_read() would have
      * prevented this call. It could happen only if the generator
@@ -3415,51 +3418,34 @@ static psa_status_t psa_generator_tls12_prf_generate_next_block(
      * length than the other A(i). */
     if( tls12_prf->block_number == 1 )
     {
-        /* Compute A(1) = HMAC_hash(secret, label + seed) */
-        status = psa_hmac_setup_internal( &hmac,
-                                          tls12_prf->key,
-                                          tls12_prf->key_len,
-                                          hash_alg );
-        if( status != PSA_SUCCESS )
-            goto cleanup;
-
-        status = psa_hash_update( &hmac.hash_ctx,
-                                  /* This omits the (so far undefined)
-                                   * first hash_length bytes. */
-                                  tls12_prf->Ai_with_seed + hash_length,
-                                  tls12_prf->Ai_with_seed_len - hash_length );
-        if( status != PSA_SUCCESS )
-            goto cleanup;
-        status = psa_hmac_finish_internal( &hmac,
-                                           tls12_prf->Ai_with_seed,
-                                           hash_length );
-        if( status != PSA_SUCCESS )
-            goto cleanup;
+        Ai     = tls12_prf->Ai_with_seed + hash_length;
+        Ai_len = tls12_prf->Ai_with_seed_len - hash_length;
     }
     else
     {
-        /* Compute A(i+1) = HMAC_hash(secret, A(i)) */
-        status = psa_hmac_setup_internal( &hmac,
-                                          tls12_prf->key,
-                                          tls12_prf->key_len,
-                                          hash_alg );
-        if( status != PSA_SUCCESS )
-            goto cleanup;
-
-        status = psa_hash_update( &hmac.hash_ctx,
-                                  tls12_prf->Ai_with_seed,
-                                  /* This omits the seed part of A(i) */
-                                  hash_length );
-        if( status != PSA_SUCCESS )
-            goto cleanup;
-
-        status = psa_hmac_finish_internal( &hmac,
-                                           tls12_prf->Ai_with_seed,
-                                           hash_length );
-        if( status != PSA_SUCCESS )
-            goto cleanup;
+        Ai     = tls12_prf->Ai_with_seed;
+        Ai_len = hash_length;
     }
 
+    /* Compute A(i+1) = HMAC_hash(secret, A(i)) */
+    status = psa_hmac_setup_internal( &hmac,
+                                      tls12_prf->key,
+                                      tls12_prf->key_len,
+                                      hash_alg );
+    if( status != PSA_SUCCESS )
+        goto cleanup;
+
+    status = psa_hash_update( &hmac.hash_ctx,
+                              Ai, Ai_len );
+    if( status != PSA_SUCCESS )
+        goto cleanup;
+
+    status = psa_hmac_finish_internal( &hmac,
+                                       tls12_prf->Ai_with_seed,
+                                       hash_length );
+    if( status != PSA_SUCCESS )
+        goto cleanup;
+
     /* Compute the next block `HMAC_hash(secret, A(i+1) + seed)`. */
     status = psa_hmac_setup_internal( &hmac,
                                       tls12_prf->key,

From 353e45361d9dc733f1ef5102eda0f0b28864848a Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 15 Nov 2018 09:53:57 +0000
Subject: [PATCH 640/889] Don't call memcpy() with 0-length arguments

The standard prohibits calling memcpy() with NULL pointer
arguments, even if the size argument is 0.

The TLS-1.2 PRF generator setup function previously called
memcpy() with the label and salt as the source, even if
they were of length 0, as exercised by the derive_key_policy
test case in the PSA crypto test suite.

This commit adds guards around the memcpy() calls so that they
are only executed of salt or label have positive length, respectively.
---
 library/psa_crypto.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 5ee43e4d6..f0de86124 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3708,9 +3708,17 @@ static psa_status_t psa_generator_tls12_prf_setup(
 
     /* Write `label + seed' at the end of the `A(i) + seed` buffer,
      * leaving the initial `hash_length` bytes unspecified for now. */
-    memcpy( tls12_prf->Ai_with_seed + hash_length, label, label_length );
-    memcpy( tls12_prf->Ai_with_seed + hash_length + label_length,
-            salt, salt_length );
+    if( label_length != 0 )
+    {
+        memcpy( tls12_prf->Ai_with_seed + hash_length,
+                label, label_length );
+    }
+
+    if( salt_length != 0 )
+    {
+        memcpy( tls12_prf->Ai_with_seed + hash_length + label_length,
+                salt, salt_length );
+    }
 
     /* The first block gets generated when
      * psa_generator_read() is called. */

From 87a7eeb9060e1a199c71422b0f18365da2c52596 Mon Sep 17 00:00:00 2001
From: mohammad1603 <mohammad.abomokh@arm.com>
Date: Thu, 1 Nov 2018 11:25:49 +0200
Subject: [PATCH 641/889] Add a getting started guide

Add a new guide intended to help users of the library quickly get going
with any of a number of tasks via code snippets and explanations.
---
 docs/getting_started.md | 526 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 526 insertions(+)
 create mode 100644 docs/getting_started.md

diff --git a/docs/getting_started.md b/docs/getting_started.md
new file mode 100644
index 000000000..eac831546
--- /dev/null
+++ b/docs/getting_started.md
@@ -0,0 +1,526 @@
+## Getting started with Mbed Crypto
+
+### What is Mbed Crypto?
+
+Mbed Crypto is an open source cryptographic library that supports a wide range of cryptographic operations, including:
+* Key management
+* Hashing
+* Symmetric cryptography
+* Asymmetric cryptography
+* Message authentication (MAC)
+* Key generation and derivation
+* Authenticated encryption with associated data (AEAD)
+
+The Mbed Crypto library is a reference implementation of the cryptography interface of the Arm Platform Security Architecture (PSA). It is written in portable C.
+
+The Mbed Crypto library is distributed under the Apache License, version 2.0.
+
+#### Platform Security Architecture (PSA)
+
+Arm's Platform Security Architecture (PSA) is a holistic set of threat models,
+security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level. Part of the API provided by PSA is the cryptography interface, which provides access to a set of primitives.
+
+### Using Mbed Crypto
+
+* [Getting the Mbed Crypto library](#getting-the-mbed-crypto-library)
+* [Building the Mbed Crypto library](#building-the-mbed-crypto-library)
+* [Using the Mbed Crypto library](#using-the-mbed-crypto-library)
+* [Importing a key](#importing-a-key)
+* [Signing a message using RSA](#signing-a-message-using-RSA)
+* [Encrypting or decrypting using symmetric ciphers](#encrypting-or-decrypting-using-symmetric-ciphers)
+* [Hashing a message](#hashing-a-message)
+* [Deriving a new key from an existing key](#deriving-a-new-key-from-an-existing-key)
+* [Generating a random value](#generating-a-random-value)
+* [Authenticating and encrypting or decrypting a message](#authenticating-and-encrypting-or-decrypting-a-message)
+* [Generating and exporting keys](#generating-and-exporting-keys)
+* [More about the Mbed Crypto library](#more-about-the-mbed-crypto-library)
+
+### Getting the Mbed Crypto library
+
+Mbed Crypto releases are available in the [public Github repository]( https://github.com/ARMmbed/mbed-crypto).
+
+### Building the Mbed Crypto library
+
+You need the following tools to build the library with the provided makefiles:
+* GNU Make.
+* A C toolchain (compiler, linker, archiver).
+* Python 2 or Python 3 (either works) to generate the test code.
+* Perl to run the tests.
+
+If you have a C compiler such as GCC or Clang, just run `make` in the top-level directory to build the library, a set of unit tests and some sample programs.
+
+To select a different compiler, set the `CC` variable to name or path of the compiler and linker (default: `cc`) and set `AR` to a compatible archiver (default: `ar`), such as:
+```
+make CC=arm-linux-gnueabi-gcc AR=arm-linux-gnueabi-ar
+```
+The provided makefiles pass options to the compiler that assume a GCC-like command line syntax. To use a different compiler, you may need to pass different values for `CFLAGS`, `WARNINGS_CFLAGS` and `LDFLAGS`.
+
+To run the unit tests on the host machine, run `make test` from the top-level directory. If you are cross-compiling, copy the test executable from the `tests` directory to the target machine.
+
+### Using the Mbed Crypto library
+
+To use the Mbed Crypto APIs, call `psa_crypto_init()` before calling any other API. This initializes the library.
+
+### Importing a key
+
+To use a key for cryptography operations in Mbed Crypto, you need to first import it into a key slot. Each slot can store only one key at a time. The slot where the key is stored must be unoccupied, and valid for a key of the chosen type.
+
+Prerequisites to importing keys:
+* Initialize the library with a successful call to `psa_crypto_init`.
+
+Importing a key and checking key information:
+1. Import a key pair into key slot `1`.
+1. Test the information stored in this slot:
+```C
+    int key_slot = 1;
+    uint8_t *data = "KEYPAIR_KEY_DATA";
+    size_t data_size;
+    psa_key_type_t type = PSA_KEY_TYPE_RSA_PUBLIC_KEY;
+    size_t got_bits;
+    psa_key_type_t got_type;
+    size_t expected_bits = data_size;
+    psa_key_type_t type = PSA_KEY_TYPE_RAW_DATA;
+    size_t export_size = data_size;
+
+    psa_crypto_init();
+
+    /* Import the key */
+    status = psa_import_key(key_slot, type, data, data_size);
+
+    /* Test the key information */
+    status = psa_get_key_information(slot, &got_type, &got_bits);
+
+    /* Destroy the key */
+    psa_destroy_key(key_slot);
+    mbedtls_psa_crypto_free();
+```
+
+### Signing a message using RSA
+
+Mbed Crypto provides support for encrypting, decrypting, signing and verifying messages using public key signature algorithms (such as RSA or ECDSA).
+
+Prerequisites to working with the asymmetric cipher API:
+* Initialize the library with a successful call to `psa_crypto_init`.
+* Configure the key policy accordingly:
+    * `PSA_KEY_USAGE_SIGN` to allow signing.
+    * `PSA_KEY_USAGE_VERIFY` to allow signature verification.
+* Have a valid key in the key slot.
+
+To sign a given message `payload` using RSA:
+1. Set the key policy of the chosen key slot by calling `psa_key_policy_set_usage()` with the `PSA_KEY_USAGE_SIGN` parameter and the algorithm `PSA_ALG_RSA_PKCS1V15_SIGN_RAW`.
+This allows the key in the key slot to be used for RSA signing.
+1. Import the key into the key slot by calling `psa_import_key()`. You can use an already imported key instead of importing a new one.
+1. Call `psa_asymmetric_sign()` and get the output buffer that contains the signature:
+```C
+    psa_status_t status;
+    int key_slot = 1;
+    unsigned char key[] = "RSA_KEY";
+    unsigned char payload[] = "ASYMMETRIC_INPUT_FOR_SIGN";
+    psa_key_policy_t policy;
+    unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0};
+    size_t signature_length;
+
+    status = psa_crypto_init();
+
+    /* Import the key */
+    psa_key_policy_init(&policy);
+    psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_SIGN,
+                             PSA_ALG_RSA_PKCS1V15_SIGN_RAW);
+    status = psa_set_key_policy(key_slot, &policy);
+
+    status = psa_import_key(key_slot, PSA_KEY_TYPE_RSA_KEYPAIR,
+                            key, sizeof(key));
+
+    /* Sing message using the key */
+    status = psa_asymmetric_sign(key_slot, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+                                 payload, sizeof(payload),
+                                 signature, sizeof(signature),
+                                 &signature_length);
+    /* Destroy the key */
+    psa_destroy_key(key_slot);
+    mbedtls_psa_crypto_free();
+```
+
+### Encrypting or decrypting using symmetric ciphers
+
+Mbed Crypto provides support for encrypting and decrypting messages using various symmetric cipher algorithms (both block and stream ciphers).
+
+Prerequisites to working with the symmetric cipher API:
+* Initialize the library with a successful call to `psa_crypto_init`.
+* Configure the key policy accordingly (`PSA_KEY_USAGE_ENCRYPT` to allow encryption or `PSA_KEY_USAGE_DECRYPT` to allow decryption).
+* Have a valid key in the key slot.
+
+Encrypting a message with a symmetric cipher:
+1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions.
+1. Call `psa_cipher_encrypt_setup` to initialize the operation structure and  specify the algorithm and the key to be used.
+1. Call either `psa_cipher_generate_iv` or `psa_cipher_set_iv` to generate or set the initialization vector (IV). We recommended `psa_cipher_generate_iv`, unless you require a specific IV value.
+1. Call `psa_cipher_update` one or more times, passing either the whole or only a fragment of the message each time.
+1. Call `psa_cipher_finish` to end the operation and output the encrypted message.
+
+Encrypting random data using an AES key in cipher block chain (CBC) mode with no padding (assuming all prerequisites have been fulfilled):
+```c
+    psa_key_slot_t key_slot = 1;
+    psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING;
+    psa_cipher_operation_t operation;
+    size_t block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES);
+    unsigned char input[block_size];
+    unsigned char iv[block_size];
+    size_t iv_len;
+    unsigned char output[block_size];
+    size_t output_len;
+
+    /* generate some random data to be encrypted */
+    psa_generate_random(input, sizeof(input));
+
+    /* encrypt the key */
+    psa_cipher_encrypt_setup(&operation, key_slot, alg);
+    psa_cipher_generate_iv(&operation, iv, sizeof(iv), &iv_len);
+    psa_cipher_update(&operation, input, sizeof(input),
+    output, sizeof(output),
+    &output_len);
+    psa_cipher_finish(&operation,
+    output + output_len, sizeof(output) - output_len,
+    &output_len);
+    /* Clean up cipher operation context */
+    psa_cipher_abort(&operation);
+```
+
+Decrypting a message with a symmetric cipher:
+1. Allocate an operation (`psa_cipher_operation_t`) structure to pass to the cipher functions.
+1. Call `psa_cipher_decrypt_setup` to initialize the operation structure and to specify the algorithm and the key to be used.
+1. Call `psa_cipher_set_iv` with the IV for the decryption.
+1. Call `psa_cipher_update` one or more times passing either the whole or only a fragment of the message each time.
+1. Call `psa_cipher_finish` to end the operation and output the decrypted message.
+
+Decrypting encrypted data using an AES key in CBC mode with no padding
+(assuming all prerequisites have been fulfilled):
+```c
+    psa_key_slot_t key_slot = 1;
+    psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING;
+    psa_cipher_operation_t operation;
+    size_t block_size = PSA_BLOCK_CIPHER_BLOCK_SIZE(PSA_KEY_TYPE_AES);
+    unsigned char input[block_size];
+    unsigned char iv[block_size];
+    size_t iv_len;
+    unsigned char output[block_size];
+    size_t output_len;
+
+    /* setup input data */
+    fetch_iv(iv, sizeof(iv));     /* fetch the IV used when the data was encrypted */
+    fetch_input(input, sizeof(input));      /* fetch the data to be decrypted */
+
+    /* encrypt the encrypted data */
+    psa_cipher_decrypt_setup(&operation, key_slot, alg);
+    psa_cipher_set_iv(&operation, iv, sizeof(iv));
+    psa_cipher_update(&operation, input, sizeof(input),
+    output, sizeof(output),
+    &output_len);
+    psa_cipher_finish(&operation,
+    output + output_len, sizeof(output) - output_len,
+    &output_len);
+    /* Clean up cipher operation context */
+    psa_cipher_abort(&operation);
+```
+
+#### Handling cipher operation contexts
+
+Once you've initialized the operation structure with a successful call to `psa_cipher_encrypt_setup` or `psa_cipher_decrypt_setup`, you can terminate the operation at any time by calling `psa_cipher_abort`.
+
+The call to `psa_cipher_abort` frees any resources associated with the operation (except for the operation structure itself). An implicit call to `psa_cipher_abort` occurs when any of these conditions occur:
+* A call to `psa_cipher_generate_iv`, `psa_cipher_set_iv` or `psa_cipher_update` has failed (returning any status other than `PSA_SUCCESS`).
+* Either a successful or failed call to `psa_cipher_finish`.
+
+Once `psa_cipher_abort` has been called (either implicitly by the implementation or explicitly by the user), the operation structure is invalidated and may not be reused for the same operation. However, the operation structure may be reused for a different operation by calling either `psa_cipher_encrypt_setup` or `psa_cipher_decrypt_setup` again.
+
+For an operation that has been initialized successfully (by a successful call to `psa_cipher_encrypt_setup` or `psa_cipher_decrypt_setup`) it is imperative that at some time `psa_cipher_abort` is called.
+
+Multiple sequential calls to `psa_cipher_abort` on an operation that has already been terminated (either implicitly or explicitly) are safe and have no effect.
+
+### Hashing a message
+
+Mbed Crypto lets you compute and verify hashes using various hashing algorithms.
+
+The current implementation supports the following hash algorithms: `MD2`, `MD4`, `MD5`, `RIPEMD160`, `SHA-1`, `SHA-224`, `SHA-256`, `SHA-384`, and `SHA-512`.
+
+Prerequisites to working with the hash APIs:
+* Initialize the library with a successful call to `psa_crypto_init`.
+
+To calculate a hash:
+1. Allocate an operation structure (`psa_hash_operation_t`) to pass to the hash functions.
+1. Call `psa_hash_setup` to initialize the operation structure and specify the hash algorithm.
+1. Call `psa_hash_update` one or more times, passing either the whole or only a fragment of the message each time.
+1. Call `psa_hash_finish` to calculate the hash, or `psa_hash_verify` to compare the computed hash with an expected hash value.
+
+Calculate the `SHA-256` hash of a message:
+```c
+    psa_algorithm_t alg = PSA_ALG_SHA_256;
+    psa_hash_operation_t operation;
+    unsigned char input[] = { 'a', 'b', 'c' };
+    unsigned char actual_hash[PSA_HASH_MAX_SIZE];
+    size_t actual_hash_len;
+
+    /* Compute hash of message  */
+    psa_hash_setup(&operation, alg);
+    psa_hash_update(&operation, input, sizeof(input));
+    psa_hash_finish(&operation, actual_hash, sizeof(actual_hash), &actual_hash_len);
+
+    /* Clean up hash operation context */
+    psa_hash_abort(&operation);
+```
+
+Verify the `SHA-256` hash of a message:
+```c
+    psa_algorithm_t alg = PSA_ALG_SHA_256;
+    psa_hash_operation_t operation;
+    unsigned char input[] = { 'a', 'b', 'c' };
+    unsigned char expected_hash[] = {
+        0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde,
+        0x5d, 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
+        0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
+    };
+    size_t expected_hash_len = PSA_HASH_SIZE(alg);
+
+    /* Verify message hash */
+    psa_hash_setup(&operation, alg);
+    psa_hash_update(&operation, input, sizeof(input));
+    psa_hash_verify(&operation, expected_hash, expected_hash_len);
+```
+
+The API provides the macro `PSA_HASH_SIZE`, which returns the expected hash length (in bytes) for the specified algorithm.
+
+#### Handling hash operation contexts
+
+Once the operation structure has been successfully initialized by a successful call to `psa_hash_setup`, it's possible to terminate the operation at any time by calling `psa_hash_abort`. The call to `psa_hash_abort` frees any resources associated with the operation (except for the operation structure itself).
+
+An implicit call to `psa_hash_abort` occurs when any of these conditions occur:
+1. A call to `psa_hash_update` has failed (returning any status other than `PSA_SUCCESS`).
+1. Either a successful or failed call to `psa_hash_finish`.
+1. Either a successful or failed call to `psa_hash_verify`.
+
+Once `psa_hash_abort` has been called (either implicitly by the implementation or explicitly by the user), the operation structure is invalidated and may not be reused for the same operation. However, the operation structure may be reused for a different operation by calling `psa_hash_setup` again.
+
+For an operation that has been initialized successfully (by a successful call to `psa_hash_setup`) it is imperative that at some time `psa_hash_abort` is called.
+
+Multiple sequential calls to `psa_hash_abort` on an operation that has already been terminated (either implicitly or explicitly) is safe and has no effect.
+
+### Generating a random value
+
+Mbed Crypto can generate random data.
+
+Prerequisites to random generation:
+* Initialize the library with a successful call to `psa_crypto_init`.
+
+Generate a random, ten-byte piece of data:
+1. Generate random bytes by calling `psa_generate_random()`:
+```C
+    psa_status_t status;
+    uint8_t random[10] = { 0 };
+    psa_crypto_init();
+    status = psa_generate_random(random, sizeof(random));
+
+    mbedtls_psa_crypto_free();
+```
+
+### Deriving a new key from an existing key
+
+Mbed Crypto provides a key derivation API that lets you derive new keys from existing ones. Key derivation is based upon the generator abstraction. A generator must first be initialized and set up (provided with a key and optionally other data) and then derived data can be read from it either to a buffer or directly imported into a key slot.
+
+Prerequisites to working with the key derivation APIs:
+* Initialize the library with a successful call to `psa_crypto_init`.
+* Configure the key policy for the key used for derivation (`PSA_KEY_USAGE_DERIVE`)
+* The key type must be `PSA_KEY_TYPE_DERIVE`.
+
+Deriving a new AES-CTR 128-bit encryption key into a given key slot using HKDF with a given key, salt and label:
+1. Set the key policy for key derivation by calling `psa_key_policy_set_usage()` with `PSA_KEY_USAGE_DERIVE` parameter, and the algorithm `PSA_ALG_HKDF(PSA_ALG_SHA_256)`.
+1. Import the key into the key slot by calling `psa_import_key()`. You can skip this step and the previous one if the key has already been imported into a known key slot.
+1. Set up the generator using the `psa_key_derivation` function providing a key slot containing a key that can be used for key derivation and a salt and label (Note: salt and label are optional).
+1. Initiate a key policy to for the derived key by calling `psa_key_policy_set_usage()` with `PSA_KEY_USAGE_ENCRYPT` parameter and the algorithm `PSA_ALG_CTR`.
+1. Set the key policy to the derived key slot.
+1. Import a key from generator into the desired key slot using (`psa_generator_import_key`).
+1. Clean up generator.
+
+At this point the derived key slot holds a new 128-bit AES-CTR encryption key derived from the key, salt and label provided:
+```C
+    psa_key_slot_t base_key = 1;
+    psa_key_slot_t derived_key = 2;
+    psa_key_policy_t policy;
+
+    unsigned char key[] = {
+        0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+        0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+        0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+        0x0b };
+
+    unsigned char salt[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
+                             0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c };
+
+    unsigned char label[] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6,
+                              0xf7, 0xf8, 0xf9 };
+
+    psa_algorithm_t alg = PSA_ALG_HKDF(PSA_ALG_SHA_256);
+    psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+    size_t derived_bits = 128;
+    size_t capacity = PSA_BITS_TO_BYTES(derived_bits);
+
+    status = psa_crypto_init();
+
+    /* Import a key for use in key derivation, if such a key has already been imported you can skip this part */
+    psa_key_policy_init(&policy);
+    psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_DERIVE, alg);
+    status = psa_set_key_policy(base_key, &policy);
+
+    status = psa_import_key(base_key, PSA_KEY_TYPE_DERIVE, key, sizeof(key));
+
+    /* Derive a key into a key slot*/
+    status = psa_key_derivation(&generator, base_key, alg, salt, sizeof(salt),
+                                label, sizeof(label), capacity);
+
+    psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR);
+
+    psa_set_key_policy(derived_key, &policy);
+
+    psa_generator_import_key(derived_key, PSA_KEY_TYPE_AES, derived_bits, &generator);
+
+    /* Clean up generator and key */
+    psa_generator_abort(&generator);
+    /* as part of clean up you may want to clean up the keys used by calling:
+     * psa_destroy_key( base_key ); or psa_destroy_key( derived_key ); */
+    mbedtls_psa_crypto_free();
+```
+
+### Authenticating and encrypting or decrypting a message
+
+Mbed Crypto provides a simple way for authenticate and encrypt with associated data (AEAD) supporting `PSA_ALG_CCM` algorithm.
+
+Prerequisites to working with the AEAD ciphers APIs:
+* Initialize the library with a successful call to `psa_crypto_init`.
+* The key policy for the key used for derivation must be configured accordingly (`PSA_KEY_USAGE_ENCRYPT` or `PSA_KEY_USAGE_DECRYPT`).
+
+To authenticate and encrypt a message:
+```C
+    int slot = 1;
+    psa_status_t status;
+    unsigned char key[] = { 0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7,
+                            0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF };
+
+    unsigned char nonce[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+                              0x08, 0x09, 0x0A, 0x0B };
+
+    unsigned char additional_data[] = { 0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, 0x20,
+                                        0xC3, 0x3C, 0x49, 0xFD, 0x70 };
+
+    unsigned char input_data[] = { 0xB9, 0x6B, 0x49, 0xE2, 0x1D, 0x62, 0x17, 0x41,
+                                   0x63, 0x28, 0x75, 0xDB, 0x7F, 0x6C, 0x92, 0x43,
+                                   0xD2, 0xD7, 0xC2 };
+    unsigned char *output_data = NULL;
+    size_t output_size = 0;
+    size_t output_length = 0;
+    size_t tag_length = 16;
+
+    output_size = sizeof(input_data) + tag_length;
+    output_data = malloc(output_size);
+    status = psa_crypto_init();
+
+    psa_key_policy_init(&policy);
+    psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM);
+    status = psa_set_key_policy(slot, &policy);
+
+    status = psa_import_key(slot, PSA_KEY_TYPE_AES, key, sizeof(key));
+
+    status = psa_aead_encrypt(slot, PSA_ALG_CCM,
+                              nonce, sizeof(nonce),
+                              additional_data, sizeof(additional_data),
+                              input_data, sizeof(input_data),
+                              output_data, output_size,
+                              &output_length);
+
+    psa_destroy_key(slot);
+    mbedtls_free(output_data);
+    mbedtls_psa_crypto_free();
+```
+
+To authenticate and decrypt a message:
+
+```C
+    int slot = 1;
+    psa_status_t status;
+    unsigned char key[] = {
+        0xC0, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7,
+        0xC8, 0xC9, 0xCA, 0xCB, 0xCC, 0xCD, 0xCE, 0xCF
+    };
+
+    unsigned char nonce[] = { 0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, 0x20, 0xC3,
+                              0x3C, 0x49, 0xFD, 0x70
+                            };
+
+    unsigned char additional_data[] = { 0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, 0x20,
+                                        0xC3, 0x3C, 0x49, 0xFD, 0x70
+                                      };
+    unsigned char input_data[] = { 0xB9, 0x6B, 0x49, 0xE2, 0x1D, 0x62, 0x17, 0x41,
+                                   0x63, 0x28, 0x75, 0xDB, 0x7F, 0x6C, 0x92, 0x43,
+                                   0xD2, 0xD7, 0xC2
+                                 };
+    unsigned char *output_data = NULL;
+    size_t output_size = 0;
+    size_t output_length = 0;
+
+    output_size = sizeof(input_data);
+    output_data = malloc(output_size);
+    status = psa_crypto_init();
+
+    psa_key_policy_init(&policy);
+    psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM);
+    status = psa_set_key_policy(slot, &policy);
+
+    status = psa_import_key(slot, PSA_KEY_TYPE_AES, key, sizeof(key));
+
+    status = psa_aead_decrypt(slot, PSA_ALG_CCM,
+                              nonce, sizeof(nonce),
+                              additional_data, sizeof(additional_data),
+                              input_data, sizeof(input_data),
+                              output_data, output_size,
+                              &output_length);
+
+    psa_destroy_key(slot);
+    mbedtls_free(output_data);
+    mbedtls_psa_crypto_free();
+```
+
+### Generating and exporting keys
+
+Mbed Crypto provides a simple way to generate a key or key pair.
+
+Prerequisites to using key generation and export APIs:
+* Initialize the library with a successful call to `psa_crypto_init`.
+
+Generate a piece of random 128-bit AES data:
+1. Set the key policy for key generation by calling `psa_key_policy_set_usage()` with the `PSA_KEY_USAGE_EXPORT` parameter and the algorithm `PSA_ALG_GCM`.
+1. Generate a random AES key by calling `psa_generate_key()`.
+1. Export the generated key by calling `psa_export_key()`:
+```C
+    int slot = 1;
+    size_t bits = 128;
+    size_t exported_size = bits;
+    size_t exported_length = 0;
+    uint8_t *exported = malloc(exported_size);
+
+    psa_crypto_init();
+
+    psa_key_policy_init(&policy);
+    psa_key_policy_set_usage(&policy, PSA_KEY_USAGE_EXPORT, PSA_ALG_GCM);
+    psa_set_key_policy(slot, &policy);
+
+    /* Generate a key */
+    psa_generate_key(slot, PSA_KEY_TYPE_AES, bits, NULL, 0);
+
+    psa_export_key(slot, exported, exported_size, &exported_length)
+
+    psa_destroy_key(slot);
+    mbedtls_psa_crypto_free();
+```
+
+### More about the Mbed Crypto library
+
+More information on [Mbed Crypto](https://github.com/ARMmbed/mbed-crypto/).
+
+More information on [PSA Crypto](https://github.com/ARMmbed/mbed-crypto/blob/development/docs/PSA_Crypto_API_Overview.pdf).

From a05219c70bc71eb0a656531e4a1a8a222a5146af Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 16 Nov 2018 16:02:56 +0100
Subject: [PATCH 642/889] Add some missing compilation guards

Add missing checks for defined(MBEDTLS_MD_C) around types and
functions that require it (HMAC, HKDF, TLS12_PRF).

Add missing checks for defined(MBEDTLS_ECDSA_DETERMINISTIC) around
code that calls mbedtls_ecdsa_sign_det().

Add missing checks for defined(MBEDTLS_ECDH_C) around ECDH-specific
functions.
---
 include/psa/crypto_struct.h |  8 ++++++--
 library/psa_crypto.c        | 21 ++++++++++++++++++++-
 2 files changed, 26 insertions(+), 3 deletions(-)

diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index f11b87cca..44a1a6057 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -85,7 +85,7 @@ struct psa_hash_operation_s
     } ctx;
 };
 
-
+#if defined(MBEDTLS_MD_C)
 typedef struct
 {
         /** The hash context. */
@@ -93,7 +93,7 @@ typedef struct
         /** The HMAC part of the context. */
         uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
 } psa_hmac_internal_data;
-
+#endif /* MBEDTLS_MD_C */
 
 struct psa_mac_operation_s
 {
@@ -130,6 +130,7 @@ struct psa_cipher_operation_s
     } ctx;
 };
 
+#if defined(MBEDTLS_MD_C)
 typedef struct
 {
     uint8_t *info;
@@ -143,7 +144,9 @@ typedef struct
     uint8_t offset_in_block;
     uint8_t block_number;
 } psa_hkdf_generator_t;
+#endif /* MBEDTLS_MD_C */
 
+#if defined(MBEDTLS_MD_C)
 typedef struct psa_tls12_prf_generator_s
 {
     /* The TLS 1.2 PRF uses the key for each HMAC iteration,
@@ -172,6 +175,7 @@ typedef struct psa_tls12_prf_generator_s
     uint8_t block_number;
 
 } psa_tls12_prf_generator_t;
+#endif /* MBEDTLS_MD_C */
 
 struct psa_crypto_generator_s
 {
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index f0de86124..c38d0484e 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1431,6 +1431,7 @@ static const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
                                              (int) key_bits, mode ) );
 }
 
+#if defined(MBEDTLS_MD_C)
 static size_t psa_get_hash_block_size( psa_algorithm_t alg )
 {
     switch( alg )
@@ -1457,6 +1458,7 @@ static size_t psa_get_hash_block_size( psa_algorithm_t alg )
             return( 0 );
     }
 }
+#endif /* MBEDTLS_MD_C */
 
 /* Initialize the MAC operation structure. Once this function has been
  * called, psa_mac_abort can run and will do the right thing. */
@@ -2164,6 +2166,7 @@ static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp,
         goto cleanup;
     }
 
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
     if( PSA_ALG_DSA_IS_DETERMINISTIC( alg ) )
     {
         psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
@@ -2174,7 +2177,9 @@ static psa_status_t psa_ecdsa_sign( mbedtls_ecp_keypair *ecp,
                                                  md_alg ) );
     }
     else
+#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
     {
+        (void) alg;
         MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ecp->grp, &r, &s, &ecp->d,
                                              hash, hash_length,
                                              mbedtls_ctr_drbg_random,
@@ -2265,7 +2270,13 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key,
     if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
     {
 #if defined(MBEDTLS_ECDSA_C)
-        if( PSA_ALG_IS_ECDSA( alg ) )
+        if(
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+            PSA_ALG_IS_ECDSA( alg )
+#else
+            PSA_ALG_IS_RANDOMIZED_ECDSA( alg )
+#endif
+            )
             status = psa_ecdsa_sign( slot->data.ecp,
                                      alg,
                                      hash, hash_length,
@@ -3637,6 +3648,7 @@ exit:
 /* Key derivation */
 /****************************************************************/
 
+#if defined(MBEDTLS_MD_C)
 /* Set up an HKDF-based generator. This is exactly the extract phase
  * of the HKDF algorithm. */
 static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf,
@@ -3674,7 +3686,9 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf,
     }
     return( PSA_SUCCESS );
 }
+#endif /* MBEDTLS_MD_C */
 
+#if defined(MBEDTLS_MD_C)
 /* Set up a TLS-1.2-prf-based generator (see RFC 5246, Section 5). */
 static psa_status_t psa_generator_tls12_prf_setup(
     psa_tls12_prf_generator_t *tls12_prf,
@@ -3727,6 +3741,7 @@ static psa_status_t psa_generator_tls12_prf_setup(
 
     return( PSA_SUCCESS );
 }
+#endif /* MBEDTLS_MD_C */
 
 static psa_status_t psa_key_derivation_internal(
     psa_crypto_generator_t *generator,
@@ -3744,8 +3759,10 @@ static psa_status_t psa_key_derivation_internal(
 
     if( alg == PSA_ALG_SELECT_RAW )
     {
+        (void) salt;
         if( salt_length != 0 )
             return( PSA_ERROR_INVALID_ARGUMENT );
+        (void) label;
         if( label_length != 0 )
             return( PSA_ERROR_INVALID_ARGUMENT );
         generator->ctx.buffer.data = mbedtls_calloc( 1, secret_length );
@@ -3854,6 +3871,7 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator,
 /* Key agreement */
 /****************************************************************/
 
+#if defined(MBEDTLS_ECDH_C)
 static psa_status_t psa_key_agreement_ecdh( const uint8_t *peer_key,
                                             size_t peer_key_length,
                                             const mbedtls_ecp_keypair *our_key,
@@ -3905,6 +3923,7 @@ exit:
     mbedtls_ecdh_free( &ecdh );
     return( mbedtls_to_psa_error( ret ) );
 }
+#endif /* MBEDTLS_ECDH_C */
 
 #define PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE MBEDTLS_ECP_MAX_BYTES
 

From 346797d7b9c4add1d8a367625c7940c657342ff5 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 16 Nov 2018 16:05:06 +0100
Subject: [PATCH 643/889] Add missing cleanup on failure in psa_key_agreement

If psa_key_derivation_internal() fails, it's up to the caller to clean
up. Do this, and add a note at the top of
psa_key_derivation_internal() and its auxiliary functions.

There is no non-regression test because at the moment the only way to
trigger an error is a borderline low-memory condition and we don't
have the means to trigger this.
---
 library/psa_crypto.c | 29 +++++++++++++++++++++++------
 1 file changed, 23 insertions(+), 6 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c38d0484e..072f626b3 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3650,7 +3650,11 @@ exit:
 
 #if defined(MBEDTLS_MD_C)
 /* Set up an HKDF-based generator. This is exactly the extract phase
- * of the HKDF algorithm. */
+ * of the HKDF algorithm.
+ *
+ * Note that if this function fails, you must call psa_generator_abort()
+ * to potentially free embedded data structures and wipe confidential data.
+ */
 static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf,
                                               const uint8_t *secret,
                                               size_t secret_length,
@@ -3689,7 +3693,11 @@ static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf,
 #endif /* MBEDTLS_MD_C */
 
 #if defined(MBEDTLS_MD_C)
-/* Set up a TLS-1.2-prf-based generator (see RFC 5246, Section 5). */
+/* Set up a TLS-1.2-prf-based generator (see RFC 5246, Section 5).
+ *
+ * Note that if this function fails, you must call psa_generator_abort()
+ * to potentially free embedded data structures and wipe confidential data.
+ */
 static psa_status_t psa_generator_tls12_prf_setup(
     psa_tls12_prf_generator_t *tls12_prf,
     const unsigned char *key,
@@ -3743,6 +3751,9 @@ static psa_status_t psa_generator_tls12_prf_setup(
 }
 #endif /* MBEDTLS_MD_C */
 
+/* Note that if this function fails, you must call psa_generator_abort()
+ * to potentially free embedded data structures and wipe confidential data.
+ */
 static psa_status_t psa_key_derivation_internal(
     psa_crypto_generator_t *generator,
     const uint8_t *secret, size_t secret_length,
@@ -3927,6 +3938,9 @@ exit:
 
 #define PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE MBEDTLS_ECP_MAX_BYTES
 
+/* Note that if this function fails, you must call psa_generator_abort()
+ * to potentially free embedded data structures and wipe confidential data.
+ */
 static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generator,
                                                 key_slot_t *private_key,
                                                 const uint8_t *peer_key,
@@ -3984,10 +3998,13 @@ psa_status_t psa_key_agreement( psa_crypto_generator_t *generator,
                                     PSA_KEY_USAGE_DERIVE, alg );
     if( status != PSA_SUCCESS )
         return( status );
-    return( psa_key_agreement_internal( generator,
-                                        slot,
-                                        peer_key, peer_key_length,
-                                        alg ) );
+    status = psa_key_agreement_internal( generator,
+                                         slot,
+                                         peer_key, peer_key_length,
+                                         alg );
+    if( status != PSA_SUCCESS )
+        psa_generator_abort( generator );
+    return( status );
 }
 
 

From 1dfb1ba684d82039c860fa1587a61eadd8a96bc7 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 16 Nov 2018 16:06:37 +0100
Subject: [PATCH 644/889] Add a test case for key agreement with a following
 KDF

There was no test case of ECDH with anything other than
PSA_ALG_SELECT_RAW. Exercise the code path from ECDH through a
"proper" KDF.

ECDH shared secret copied from an existing test, HKDF output
calculated with Cryptodome.
---
 tests/suites/test_suite_psa_crypto.data | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 7f37db197..0fbf2574a 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1697,6 +1697,10 @@ PSA key agreement: ECDH brainpoolP512r1 (RFC 7027), raw: read
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_ECDH_C
 key_agreement_output:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):"16302ff0dbbb5a8d733dab7141c1b45acbc8715939677f6a56850a38bd87bd59b09e80279609ff333eb9d4c061231fb26f92eeb04982a5f1d1764cad57665422":"30819b301406072a8648ce3d020106092b240303020801010d03818200049d45f66de5d67e2e6db6e93a59ce0bb48106097ff78a081de781cdb31fce8ccbaaea8dd4320c4119f1e9cd437a2eab3731fa9668ab268d871deda55a5473199f2fdc313095bcdd5fb3a91636f07a959c8e86b5636a1e930e8396049cb481961d365cc11453a06c719835475b12cb52fc3c383bce35e27ef194512b71876285fa":"a7927098655f1f9976fa50a9d566865dc530331846381c87256baf3226244b76d36403c024d7bbf0aa0803eaff405d3d24f11a9b5c0bef679fe1454b21c4cd1f":""
 
+PSA key agreement: ECDH SECP256R1 (RFC 5903) + HKDF-SHA-256: read 32
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C:MBEDTLS_SHA256_C:MBEDTLS_MD_C
+key_agreement_output:PSA_ALG_ECDH(PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":"3bf511eebadf44c1f7b0282a1262fe4ddd9da23bb1555cfda591ac46b088c441":""
+
 PSA generate random: 0 bytes
 generate_random:0
 

From a1b87e5afe228aed21a5c55d96dade4eee613253 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 16 Nov 2018 16:43:04 +0100
Subject: [PATCH 645/889] Add missing dependency in an ECDH test case

curves.pl passes.
---
 tests/suites/test_suite_psa_crypto.data | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 0fbf2574a..da105d2d1 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1618,7 +1618,7 @@ depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBE
 key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3059301306072a8648ce3d020106082a8648ce3d03010703420004d12dfb5289c8d4f81208b70270398c342296970a0bccb74c736fc7554494bf6356fbf3ca366cc23e8157854c13c58d6aac23f046ada30f8353e74f33039872ab":PSA_SUCCESS
 
 PSA key agreement setup: ECDH, raw: public key on different curve
-depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECDH_C
 key_agreement_setup:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":"3076301006072a8648ce3d020106052b8104002203620004e558dbef53eecde3d3fccfc1aea08a89a987475d12fd950d83cfa41732bc509d0d1ac43a0336def96fda41d0774a3571dcfbec7aacf3196472169e838430367f66eebe3c6e70c416dd5f0c68759dd1fff83fa40142209dff5eaad96db9e6386c":PSA_ERROR_INVALID_ARGUMENT
 
 PSA key agreement setup: ECDH, raw: public key instead of private key

From 93f8500e2ef5ba0d8e8b9d9b27c9f59980299060 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 16 Nov 2018 16:43:31 +0100
Subject: [PATCH 646/889] Fix unused variables warning if MBEDTLS_ECDH_C is off

depends-pkalgs.pl passes.
---
 library/psa_crypto.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 072f626b3..b0fb5a883 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3967,6 +3967,9 @@ static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generato
             break;
 #endif /* MBEDTLS_ECDH_C */
         default:
+            (void) private_key;
+            (void) peer_key;
+            (void) peer_key_length;
             return( PSA_ERROR_NOT_SUPPORTED );
     }
     if( status != PSA_SUCCESS )

From 19643c573d6c796f010a9ef25ac053bda34d2b2a Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 16 Nov 2018 16:45:02 +0100
Subject: [PATCH 647/889] Fix typo in documentation

tests/scripts/doxygen.sh passes.
---
 include/psa/crypto.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 8e439bab0..15c8130ef 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1270,7 +1270,7 @@ typedef uint32_t psa_algorithm_t;
  * \param kdf_alg       A key derivation algorithm (\c PSA_ALG_XXX value such
  *                      that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true)
  *                      or a key selection algorithm (\c PSA_ALG_XXX value such
- *                      that #PSA_ALG_IS_SELECTION(\p hash_alg) is true).
+ *                      that #PSA_ALG_IS_KEY_SELECTION(\p hash_alg) is true).
  *
  * \return              The Diffie-Hellman algorithm with the specified
  *                      selection or derivation algorithm.

From 8dbfca462818038190f3690ae48b5ef6173fde26 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 12 Oct 2018 11:56:55 +0100
Subject: [PATCH 648/889] Add TLS-1.2 PSK-to-MS key derivation algorithm
 identifier to PSA API

---
 include/psa/crypto.h       | 39 ++++++++++++++++++++++++++++++++++++++
 include/psa/crypto_sizes.h | 16 ++++++++++++++++
 2 files changed, 55 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 15c8130ef..bdddeca59 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1232,6 +1232,45 @@ typedef uint32_t psa_algorithm_t;
 #define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg)                         \
     (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
 
+#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x30000300)
+/** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm.
+ *
+ * For example, `PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA256)` represents the
+ * TLS-1.2 PSK to MasterSecret derivation PRF using HMAC-SHA-256.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *
+ * \return              The corresponding TLS-1.2 PSK to MS algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_TLS12_PSK_TO_MS(hash_alg)                                  \
+    (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+
+/** Whether the specified algorithm is a TLS-1.2 PSK to MS algorithm.
+ *
+ * In a pure-PSK handshake in TLS 1.2, the master secret is derived
+ * from the PreSharedKey (PSK) through the application of padding and
+ * the TLS-1.2 PRF (see below). The latter is based on HMAC and can
+ * be used with either SHA-256 or SHA-384.
+ *
+ * For the application to TLS-1.2, the salt passed to psa_key_derivation()
+ * (and forwarded to the TLS-1.2 PRF) is the concatenation of the
+ * ClientHello.Random + ServerHello.Random, while the label is "master secret".
+ * See RFC 5246, Section 8.1, Computing the Master Secret.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a TLS-1.2 PSK to MS algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         key derivation algorithm identifier.
+ */
+#define PSA_ALG_IS_TLS12_PSK_TO_MS(alg)                                    \
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE)
+#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg)                         \
+    (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
+
 #define PSA_ALG_KEY_DERIVATION_MASK             ((psa_algorithm_t)0x010fffff)
 
 /** Use a shared secret as is.
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index f0a1ba7dd..7e1795673 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -131,6 +131,22 @@
 #define PSA_VENDOR_ECC_MAX_CURVE_BITS 0
 #endif
 
+/** \def PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN
+ *
+ * This macro returns the maximum length of the PSK supported
+ * by the TLS-1.2 PSK-to-MS key derivation.
+ *
+ * Quoting RFC 4279, Sect 5.3:
+ * TLS implementations supporting these ciphersuites MUST support
+ * arbitrary PSK identities up to 128 octets in length, and arbitrary
+ * PSKs up to 64 octets in length.  Supporting longer identities and
+ * keys is RECOMMENDED.
+ *
+ * Therefore, no implementation should define a value smaller than 64
+ * for #PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN.
+ */
+#define PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN 128
+
 /** \def PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE
  *
  * Maximum size of an asymmetric signature.

From 1aaedc03d4402d5f6147b0e0a653fa7c7c9c5e13 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 16 Nov 2018 11:35:34 +0000
Subject: [PATCH 649/889] Add implementation of TLS-1.2 PSK-to-MS key
 derivation

---
 library/psa_crypto.c | 72 +++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 65 insertions(+), 7 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index b0fb5a883..010c338c0 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3275,7 +3275,9 @@ psa_status_t psa_generator_abort( psa_crypto_generator_t *generator )
         mbedtls_free( generator->ctx.hkdf.info );
         status = psa_hmac_abort_internal( &generator->ctx.hkdf.hmac );
     }
-    else if( PSA_ALG_IS_TLS12_PRF( generator->alg ) )
+    else if( PSA_ALG_IS_TLS12_PRF( generator->alg ) ||
+             /* TLS-1.2 PSK-to-MS KDF uses the same generator as TLS-1.2 PRF */
+             PSA_ALG_IS_TLS12_PSK_TO_MS( generator->alg ) )
     {
         if( generator->ctx.tls12_prf.key != NULL )
         {
@@ -3578,7 +3580,8 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator,
         status = psa_generator_hkdf_read( &generator->ctx.hkdf, hash_alg,
                                           output, output_length );
     }
-    else if( PSA_ALG_IS_TLS12_PRF( generator->alg ) )
+    else if( PSA_ALG_IS_TLS12_PRF( generator->alg ) ||
+             PSA_ALG_IS_TLS12_PSK_TO_MS( generator->alg ) )
     {
         status = psa_generator_tls12_prf_read( &generator->ctx.tls12_prf,
                                                generator->alg, output,
@@ -3749,6 +3752,47 @@ static psa_status_t psa_generator_tls12_prf_setup(
 
     return( PSA_SUCCESS );
 }
+
+/* Set up a TLS-1.2-PSK-to-MS-based generator. */
+static psa_status_t psa_generator_tls12_psk_to_ms_setup(
+    psa_tls12_prf_generator_t *tls12_prf,
+    const unsigned char *psk,
+    size_t psk_len,
+    psa_algorithm_t hash_alg,
+    const uint8_t *salt,
+    size_t salt_length,
+    const uint8_t *label,
+    size_t label_length )
+{
+    psa_status_t status;
+    unsigned char pms[ 4 + 2 * PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN ];
+
+    if( psk_len > PSA_ALG_TLS12_PSK_TO_MS_MAX_PSK_LEN )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    /* Quoting RFC 4279, Section 2:
+     *
+     * The premaster secret is formed as follows: if the PSK is N octets
+     * long, concatenate a uint16 with the value N, N zero octets, a second
+     * uint16 with the value N, and the PSK itself.
+     */
+
+    pms[0] = ( psk_len >> 8 ) & 0xff;
+    pms[1] = ( psk_len >> 0 ) & 0xff;
+    memset( pms + 2, 0, psk_len );
+    pms[2 + psk_len + 0] = pms[0];
+    pms[2 + psk_len + 1] = pms[1];
+    memcpy( pms + 4 + psk_len, psk, psk_len );
+
+    status = psa_generator_tls12_prf_setup( tls12_prf,
+                                            pms, 4 + 2 * psk_len,
+                                            hash_alg,
+                                            salt, salt_length,
+                                            label, label_length );
+
+    mbedtls_zeroize( pms, sizeof( pms ) );
+    return( status );
+}
 #endif /* MBEDTLS_MD_C */
 
 /* Note that if this function fails, you must call psa_generator_abort()
@@ -3799,7 +3843,9 @@ static psa_status_t psa_key_derivation_internal(
                                            salt, salt_length,
                                            label, label_length );
     }
-    else if( PSA_ALG_IS_TLS12_PRF( alg ) )
+    /* TLS-1.2 PRF and TLS-1.2 PSK-to-MS are very similar, so share code. */
+    else if( PSA_ALG_IS_TLS12_PRF( alg ) ||
+             PSA_ALG_IS_TLS12_PSK_TO_MS( alg ) )
     {
         psa_algorithm_t hash_alg = PSA_ALG_TLS12_PRF_GET_HASH( alg );
         size_t hash_size = PSA_HASH_SIZE( hash_alg );
@@ -3812,10 +3858,22 @@ static psa_status_t psa_key_derivation_internal(
         }
 
         max_capacity = 255 * hash_size;
-        status = psa_generator_tls12_prf_setup( &generator->ctx.tls12_prf,
-                                                secret, secret_length,
-                                                hash_alg, salt, salt_length,
-                                                label, label_length );
+
+        if( PSA_ALG_IS_TLS12_PRF( alg ) )
+        {
+            status = psa_generator_tls12_prf_setup( &generator->ctx.tls12_prf,
+                                                    secret, secret_length,
+                                                    hash_alg, salt, salt_length,
+                                                    label, label_length );
+        }
+        else
+        {
+            status = psa_generator_tls12_psk_to_ms_setup(
+                &generator->ctx.tls12_prf,
+                secret, secret_length,
+                hash_alg, salt, salt_length,
+                label, label_length );
+        }
     }
     else
 #endif

From a198f06feb5d2ab7a453d1708bf28c3717f98710 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 12 Oct 2018 15:48:17 +0100
Subject: [PATCH 650/889] Add tests for TLS-1.2 PSK-to-MS derivation

---
 tests/suites/test_suite_psa_crypto.data | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index da105d2d1..b09eb307d 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1537,6 +1537,21 @@ PSA key derivation: TLS 1.2 PRF SHA-384, output 74+73
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
 derive_output:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_384):"b80b733d6ceefcdc71566ea48e5567df":"cd665cf6a8447dd6ff8b27555edb7465":"74657374206c6162656c":148:"7b0c18e9ced410ed1804f2cfa34a336a1c14dffb4900bb5fd7942107e81c83cde9ca0faa60be9fe34f82b1233c9146a0e534cb400fed2700884f9dc236f80edd8bfa961144c9e8d792ec":"a722a7b32fc3d416d473ebc2c5fd4abfdad05d9184259b5bf8cd4d90fa0d31e2dec479e4f1a26066f2eea9a69236a3e52655c9e9aee691c8f3a26854308d5eaa3be85e0990703d73e5"
 
+# Test case manually extracted from debug output of TLS-PSK run
+# Label: "master secret"
+# Salt: Concatenation of ClientHello.Random and ServerHello.Random
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 48+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710":""
+
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 24+24
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48:"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32c":"a43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710"
+
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 0+48
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48:"":"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710"
+
 PSA key derivation: HKDF SHA-256, request maximum capacity
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":""

From f074938aaeb87425cd24df333e047d1238297163 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 15 Nov 2018 10:18:09 +0000
Subject: [PATCH 651/889] Add SHA-384 tests for TLS 1.2 PSK-to-MS key
 derivation

---
 tests/suites/test_suite_psa_crypto.data | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index b09eb307d..5f09c8dc0 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1552,6 +1552,18 @@ PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, 0+48
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"01020304":"5bc0b19b4a8b24b07afe7ec65c471e94a7d518fcef06c3574315255c52afe21b5bc0b19b872b9b26508458f03603744d575f463a11ae7f1b090c012606fd3e9f":"6d617374657220736563726574":48:"":"5a9dd5ffa78b4d1f28f40d91b4e6e6ed37849042d61ba32ca43d866e744cee7cd1baaa497e1ecd5c2e60f9f13030a710"
 
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 48+0
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18":""
+
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 24+24
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":"6d617374657220736563726574":48:"":"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c85ca71689301f9f4d875128c87608b75250b20a9550e4fe18"
+
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-384, 0+48
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA512_C
+derive_output:PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384):"01020304":"5bed47716a11a49a6268a8350b085929116ad9ccc8181f09a05b07a7741576d65bed47718dfd82f2d3f57544afe52decae6819b970dc716ada72ae0dd3072e9a":"6d617374657220736563726574":48:"f5a61fbdd2ec415762abb8042a6c16645a53d2edb6dec8c8":"5ca71689301f9f4d875128c87608b75250b20a9550e4fe18"
+
 PSA key derivation: HKDF SHA-256, request maximum capacity
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":255 * 32:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":""

From 6b123fbc39b2a1364dc0a7f51860461935c43f04 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 16 Nov 2018 14:34:55 +0000
Subject: [PATCH 652/889] Add test for overly long PSK in TLS-1.2 PSK-to-MS KDF

---
 tests/suites/test_suite_psa_crypto.data | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 5f09c8dc0..ea214d25a 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1580,6 +1580,10 @@ PSA key derivation: HKDF SHA-1, request too much capacity
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA1_C
 derive_setup:PSA_KEY_TYPE_DERIVE:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":PSA_ALG_HKDF(PSA_ALG_SHA_1):"":"":255 * 20 + 1:PSA_ERROR_INVALID_ARGUMENT
 
+PSA key derivation: TLS 1.2 PSK-to-MS, SHA-256, PSK too long (160 Bytes)
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
+derive_setup:PSA_KEY_TYPE_DERIVE:"01020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708010203040506070801020304050607080102030405060708":PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256):"":"":100:PSA_ERROR_INVALID_ARGUMENT
+
 PSA key derivation: over capacity 42: output 42+1
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
 derive_output:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":42:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865":"ff"

From 2255a360a6d1b86735f479678a220092658447da Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 16 Nov 2018 16:05:13 +0000
Subject: [PATCH 653/889] Improve documentation of TLS-1.2 PRF and PSK-to-MS
 KDF

---
 include/psa/crypto.h | 35 +++++++++++++++++++++--------------
 1 file changed, 21 insertions(+), 14 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index bdddeca59..d1a3f0f3b 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1201,6 +1201,16 @@ typedef uint32_t psa_algorithm_t;
 
 #define PSA_ALG_TLS12_PRF_BASE                     ((psa_algorithm_t)0x30000200)
 /** Macro to build a TLS-1.2 PRF algorithm.
+ *
+ * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule,
+ * specified in Section 5 of RFC 5246. It is based on HMAC and can be
+ * used with either SHA-256 or SHA-384.
+ *
+ * For the application to TLS-1.2, the salt and label arguments passed
+ * to psa_key_derivation() are what's called 'seed' and 'label' in RFC 5246,
+ * respectively. For example, for TLS key expansion, the salt is the
+ * concatenation of ServerHello.Random + ClientHello.Random,
+ * while the label is "key expansion".
  *
  * For example, `PSA_ALG_TLS12_PRF(PSA_ALG_SHA256)` represents the
  * TLS 1.2 PRF using HMAC-SHA-256.
@@ -1216,10 +1226,6 @@ typedef uint32_t psa_algorithm_t;
     (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
 
 /** Whether the specified algorithm is a TLS-1.2 PRF algorithm.
- *
- * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule,
- * specified in Section 5 of RFC 5246. It is based on HMAC and can be
- * used with either SHA-256 or SHA-384.
  *
  * \param alg An algorithm identifier (value of type #psa_algorithm_t).
  *
@@ -1234,6 +1240,17 @@ typedef uint32_t psa_algorithm_t;
 
 #define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x30000300)
 /** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm.
+ *
+ * In a pure-PSK handshake in TLS 1.2, the master secret is derived
+ * from the PreSharedKey (PSK) through the application of padding
+ * (RFC 4279, Section 2) and the TLS-1.2 PRF (RFC 5246, Section 5).
+ * The latter is based on HMAC and can be used with either SHA-256
+ * or SHA-384.
+ *
+ * For the application to TLS-1.2, the salt passed to psa_key_derivation()
+ * (and forwarded to the TLS-1.2 PRF) is the concatenation of the
+ * ClientHello.Random + ServerHello.Random, while the label is "master secret"
+ * or "extended master secret".
  *
  * For example, `PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA256)` represents the
  * TLS-1.2 PSK to MasterSecret derivation PRF using HMAC-SHA-256.
@@ -1249,16 +1266,6 @@ typedef uint32_t psa_algorithm_t;
     (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
 
 /** Whether the specified algorithm is a TLS-1.2 PSK to MS algorithm.
- *
- * In a pure-PSK handshake in TLS 1.2, the master secret is derived
- * from the PreSharedKey (PSK) through the application of padding and
- * the TLS-1.2 PRF (see below). The latter is based on HMAC and can
- * be used with either SHA-256 or SHA-384.
- *
- * For the application to TLS-1.2, the salt passed to psa_key_derivation()
- * (and forwarded to the TLS-1.2 PRF) is the concatenation of the
- * ClientHello.Random + ServerHello.Random, while the label is "master secret".
- * See RFC 5246, Section 8.1, Computing the Master Secret.
  *
  * \param alg An algorithm identifier (value of type #psa_algorithm_t).
  *

From 9989b5e6625255aa56c4815bf008fce1b0fe1c11 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Tue, 20 Nov 2018 10:30:51 +0000
Subject: [PATCH 654/889] Update config-default.h to latest default config

Upstream mbedtls maintains the default configuration in
include/mbedtls/config.h. We maintain the default configuration in
configs/config-default.h, and our PSA-specific configuration in
include/mbedtls/config.h. This means, each time we update Mbed TLS, we need
to update the default configuration file (configs/config-default.h)
manually using the copy from mbedtls.
---
 configs/config-default.h | 324 +++++++++++++++++++++++++++++++++++----
 1 file changed, 292 insertions(+), 32 deletions(-)

diff --git a/configs/config-default.h b/configs/config-default.h
index 4100c8e32..16ed503ca 100644
--- a/configs/config-default.h
+++ b/configs/config-default.h
@@ -8,7 +8,7 @@
  *  memory footprint.
  */
 /*
- *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  Copyright (C) 2006-2018, ARM Limited, All Rights Reserved
  *  SPDX-License-Identifier: Apache-2.0
  *
  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
@@ -48,10 +48,14 @@
  * Requires support for asm() in compiler.
  *
  * Used in:
+ *      library/aria.c
  *      library/timing.c
- *      library/padlock.c
  *      include/mbedtls/bn_mul.h
  *
+ * Required by:
+ *      MBEDTLS_AESNI_C
+ *      MBEDTLS_PADLOCK_C
+ *
  * Comment to disable the use of assembly code.
  */
 #define MBEDTLS_HAVE_ASM
@@ -84,6 +88,28 @@
  */
 //#define MBEDTLS_NO_UDBL_DIVISION
 
+/**
+ * \def MBEDTLS_NO_64BIT_MULTIPLICATION
+ *
+ * The platform lacks support for 32x32 -> 64-bit multiplication.
+ *
+ * Used in:
+ *      library/poly1305.c
+ *
+ * Some parts of the library may use multiplication of two unsigned 32-bit
+ * operands with a 64-bit result in order to speed up computations. On some
+ * platforms, this is not available in hardware and has to be implemented in
+ * software, usually in a library provided by the toolchain.
+ *
+ * Sometimes it is not desirable to have to link to that library. This option
+ * removes the dependency of that library on platforms that lack a hardware
+ * 64-bit multiplier by embedding a software implementation in Mbed TLS.
+ *
+ * Note that depending on the compiler, this may decrease performance compared
+ * to using the library function provided by the toolchain.
+ */
+//#define MBEDTLS_NO_64BIT_MULTIPLICATION
+
 /**
  * \def MBEDTLS_HAVE_SSE2
  *
@@ -111,12 +137,21 @@
 /**
  * \def MBEDTLS_HAVE_TIME_DATE
  *
- * System has time.h and time(), gmtime() and the clock is correct.
+ * System has time.h, time(), and an implementation for
+ * mbedtls_platform_gmtime_r() (see below).
  * The time needs to be correct (not necesarily very accurate, but at least
  * the date should be correct). This is used to verify the validity period of
  * X.509 certificates.
  *
  * Comment if your system does not have a correct clock.
+ *
+ * \note mbedtls_platform_gmtime_r() is an abstraction in platform_util.h that
+ * behaves similarly to the gmtime_r() function from the C standard. Refer to
+ * the documentation for mbedtls_platform_gmtime_r() for more information.
+ *
+ * \note It is possible to configure an implementation for
+ * mbedtls_platform_gmtime_r() at compile-time by using the macro
+ * MBEDTLS_PLATFORM_GMTIME_R_ALT.
  */
 #define MBEDTLS_HAVE_TIME_DATE
 
@@ -271,23 +306,29 @@
  */
 //#define MBEDTLS_AES_ALT
 //#define MBEDTLS_ARC4_ALT
+//#define MBEDTLS_ARIA_ALT
 //#define MBEDTLS_BLOWFISH_ALT
 //#define MBEDTLS_CAMELLIA_ALT
 //#define MBEDTLS_CCM_ALT
+//#define MBEDTLS_CHACHA20_ALT
+//#define MBEDTLS_CHACHAPOLY_ALT
 //#define MBEDTLS_CMAC_ALT
 //#define MBEDTLS_DES_ALT
 //#define MBEDTLS_DHM_ALT
 //#define MBEDTLS_ECJPAKE_ALT
 //#define MBEDTLS_GCM_ALT
+//#define MBEDTLS_NIST_KW_ALT
 //#define MBEDTLS_MD2_ALT
 //#define MBEDTLS_MD4_ALT
 //#define MBEDTLS_MD5_ALT
+//#define MBEDTLS_POLY1305_ALT
 //#define MBEDTLS_RIPEMD160_ALT
 //#define MBEDTLS_RSA_ALT
 //#define MBEDTLS_SHA1_ALT
 //#define MBEDTLS_SHA256_ALT
 //#define MBEDTLS_SHA512_ALT
 //#define MBEDTLS_XTEA_ALT
+
 /*
  * When replacing the elliptic curve module, pleace consider, that it is
  * implemented with two .c files:
@@ -509,6 +550,20 @@
  */
 #define MBEDTLS_CIPHER_MODE_CTR
 
+/**
+ * \def MBEDTLS_CIPHER_MODE_OFB
+ *
+ * Enable Output Feedback mode (OFB) for symmetric ciphers.
+ */
+#define MBEDTLS_CIPHER_MODE_OFB
+
+/**
+ * \def MBEDTLS_CIPHER_MODE_XTS
+ *
+ * Enable Xor-encrypt-xor with ciphertext stealing mode (XTS) for AES.
+ */
+#define MBEDTLS_CIPHER_MODE_XTS
+
 /**
  * \def MBEDTLS_CIPHER_NULL_CIPHER
  *
@@ -622,6 +677,30 @@
  */
 #define MBEDTLS_ECP_NIST_OPTIM
 
+/**
+ * \def MBEDTLS_ECP_RESTARTABLE
+ *
+ * Enable "non-blocking" ECC operations that can return early and be resumed.
+ *
+ * This allows various functions to pause by returning
+ * #MBEDTLS_ERR_ECP_IN_PROGRESS (or, for functions in the SSL module,
+ * #MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) and then be called later again in
+ * order to further progress and eventually complete their operation. This is
+ * controlled through mbedtls_ecp_set_max_ops() which limits the maximum
+ * number of ECC operations a function may perform before pausing; see
+ * mbedtls_ecp_set_max_ops() for more information.
+ *
+ * This is useful in non-threaded environments if you want to avoid blocking
+ * for too long on ECC (and, hence, X.509 or SSL/TLS) operations.
+ *
+ * Uncomment this macro to enable restartable ECC computations.
+ *
+ * \note  This option only works with the default software implementation of
+ *        elliptic curve functionality. It is incompatible with
+ *        MBEDTLS_ECP_ALT, MBEDTLS_ECDH_XXX_ALT and MBEDTLS_ECDSA_XXX_ALT.
+ */
+//#define MBEDTLS_ECP_RESTARTABLE
+
 /**
  * \def MBEDTLS_ECDSA_DETERMINISTIC
  *
@@ -1128,6 +1207,17 @@
  */
 #define MBEDTLS_SSL_ALL_ALERT_MESSAGES
 
+/**
+ * \def MBEDTLS_SSL_ASYNC_PRIVATE
+ *
+ * Enable asynchronous external private key operations in SSL. This allows
+ * you to configure an SSL connection to call an external cryptographic
+ * module to perform private key operations instead of performing the
+ * operation inside the library.
+ *
+ */
+//#define MBEDTLS_SSL_ASYNC_PRIVATE
+
 /**
  * \def MBEDTLS_SSL_DEBUG_ALL
  *
@@ -1222,7 +1312,7 @@
 /**
  * \def MBEDTLS_SSL_RENEGOTIATION
  *
- * Disable support for TLS renegotiation.
+ * Enable support for TLS renegotiation.
  *
  * The two main uses of renegotiation are (1) refresh keys on long-lived
  * connections and (2) client authentication after the initial handshake.
@@ -1617,7 +1707,7 @@
  * Enable the AES block cipher.
  *
  * Module:  library/aes.c
- * Caller:  library/ssl_tls.c
+ * Caller:  library/cipher.c
  *          library/pem.c
  *          library/ctr_drbg.c
  *
@@ -1692,7 +1782,7 @@
  * Enable the ARCFOUR stream cipher.
  *
  * Module:  library/arc4.c
- * Caller:  library/ssl_tls.c
+ * Caller:  library/cipher.c
  *
  * This module enables the following ciphersuites (if other requisites are
  * enabled as well):
@@ -1786,7 +1876,7 @@
  * Enable the Camellia block cipher.
  *
  * Module:  library/camellia.c
- * Caller:  library/ssl_tls.c
+ * Caller:  library/cipher.c
  *
  * This module enables the following ciphersuites (if other requisites are
  * enabled as well):
@@ -1835,6 +1925,58 @@
  */
 #define MBEDTLS_CAMELLIA_C
 
+/**
+ * \def MBEDTLS_ARIA_C
+ *
+ * Enable the ARIA block cipher.
+ *
+ * Module:  library/aria.c
+ * Caller:  library/cipher.c
+ *
+ * This module enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ *
+ *      MBEDTLS_TLS_RSA_WITH_ARIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_RSA_WITH_ARIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_ARIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384
+ *      MBEDTLS_TLS_PSK_WITH_ARIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256
+ *      MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256
+ *      MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384
+ */
+//#define MBEDTLS_ARIA_C
+
 /**
  * \def MBEDTLS_CCM_C
  *
@@ -1861,6 +2003,26 @@
  */
 #define MBEDTLS_CERTS_C
 
+/**
+ * \def MBEDTLS_CHACHA20_C
+ *
+ * Enable the ChaCha20 stream cipher.
+ *
+ * Module:  library/chacha20.c
+ */
+#define MBEDTLS_CHACHA20_C
+
+/**
+ * \def MBEDTLS_CHACHAPOLY_C
+ *
+ * Enable the ChaCha20-Poly1305 AEAD algorithm.
+ *
+ * Module:  library/chachapoly.c
+ *
+ * This module requires: MBEDTLS_CHACHA20_C, MBEDTLS_POLY1305_C
+ */
+#define MBEDTLS_CHACHAPOLY_C
+
 /**
  * \def MBEDTLS_CIPHER_C
  *
@@ -1889,14 +2051,16 @@
 /**
  * \def MBEDTLS_CTR_DRBG_C
  *
- * Enable the CTR_DRBG AES-256-based random generator.
+ * Enable the CTR_DRBG AES-based random generator.
+ * The CTR_DRBG generator uses AES-256 by default.
+ * To use AES-128 instead, enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY below.
  *
  * Module:  library/ctr_drbg.c
  * Caller:
  *
  * Requires: MBEDTLS_AES_C
  *
- * This module provides the CTR_DRBG AES-256 random number generator.
+ * This module provides the CTR_DRBG AES random number generator.
  */
 #define MBEDTLS_CTR_DRBG_C
 
@@ -1921,7 +2085,7 @@
  *
  * Module:  library/des.c
  * Caller:  library/pem.c
- *          library/ssl_tls.c
+ *          library/cipher.c
  *
  * This module enables the following ciphersuites (if other requisites are
  * enabled as well):
@@ -2091,6 +2255,21 @@
  */
 //#define MBEDTLS_HAVEGE_C
 
+/**
+ * \def MBEDTLS_HKDF_C
+ *
+ * Enable the HKDF algorithm (RFC 5869).
+ *
+ * Module:  library/hkdf.c
+ * Caller:
+ *
+ * Requires: MBEDTLS_MD_C
+ *
+ * This module adds support for the Hashed Message Authentication Code
+ * (HMAC)-based key derivation function (HKDF).
+ */
+#define MBEDTLS_HKDF_C
+
 /**
  * \def MBEDTLS_HMAC_DRBG_C
  *
@@ -2105,6 +2284,19 @@
  */
 #define MBEDTLS_HMAC_DRBG_C
 
+/**
+ * \def MBEDTLS_NIST_KW_C
+ *
+ * Enable the Key Wrapping mode for 128-bit block ciphers,
+ * as defined in NIST SP 800-38F. Only KW and KWP modes
+ * are supported. At the moment, only AES is approved by NIST.
+ *
+ * Module:  library/nist_kw.c
+ *
+ * Requires: MBEDTLS_AES_C and MBEDTLS_CIPHER_C
+ */
+//#define MBEDTLS_NIST_KW_C
+
 /**
  * \def MBEDTLS_MD_C
  *
@@ -2389,16 +2581,14 @@
 #define MBEDTLS_PLATFORM_C
 
 /**
- * \def MBEDTLS_PSA_CRYPTO_C
+ * \def MBEDTLS_POLY1305_C
  *
- * Enable the Platform Security Architecture cryptography API.
- *
- * Module:  library/psa_crypto.c
- *
- * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C
+ * Enable the Poly1305 MAC algorithm.
  *
+ * Module:  library/poly1305.c
+ * Caller:  library/chachapoly.c
  */
-#define MBEDTLS_PSA_CRYPTO_C
+#define MBEDTLS_POLY1305_C
 
 /**
  * \def MBEDTLS_RIPEMD160_C
@@ -2755,6 +2945,7 @@
 //#define MBEDTLS_CTR_DRBG_MAX_INPUT                256 /**< Maximum number of additional input bytes */
 //#define MBEDTLS_CTR_DRBG_MAX_REQUEST             1024 /**< Maximum number of requested bytes per call */
 //#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT           384 /**< Maximum size of (re)seed buffer */
+//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY              /**< Use 128-bit key for CTR_DRBG - may reduce security (see ctr_drbg.h) */
 
 /* HMAC_DRBG options */
 //#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL   10000 /**< Interval before reseed is performed by default */
@@ -2810,7 +3001,68 @@
 //#define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES      50 /**< Maximum entries in cache */
 
 /* SSL options */
-//#define MBEDTLS_SSL_MAX_CONTENT_LEN             16384 /**< Maxium fragment length in bytes, determines the size of each of the two internal I/O buffers */
+
+/** \def MBEDTLS_SSL_MAX_CONTENT_LEN
+ *
+ * Maximum fragment length in bytes.
+ *
+ * Determines the size of both the incoming and outgoing TLS I/O buffers.
+ *
+ * Uncommenting MBEDTLS_SSL_IN_CONTENT_LEN and/or MBEDTLS_SSL_OUT_CONTENT_LEN
+ * will override this length by setting maximum incoming and/or outgoing
+ * fragment length, respectively.
+ */
+//#define MBEDTLS_SSL_MAX_CONTENT_LEN             16384
+
+/** \def MBEDTLS_SSL_IN_CONTENT_LEN
+ *
+ * Maximum incoming fragment length in bytes.
+ *
+ * Uncomment to set the size of the inward TLS buffer independently of the
+ * outward buffer.
+ */
+//#define MBEDTLS_SSL_IN_CONTENT_LEN              16384
+
+/** \def MBEDTLS_SSL_OUT_CONTENT_LEN
+ *
+ * Maximum outgoing fragment length in bytes.
+ *
+ * Uncomment to set the size of the outward TLS buffer independently of the
+ * inward buffer.
+ *
+ * It is possible to save RAM by setting a smaller outward buffer, while keeping
+ * the default inward 16384 byte buffer to conform to the TLS specification.
+ *
+ * The minimum required outward buffer size is determined by the handshake
+ * protocol's usage. Handshaking will fail if the outward buffer is too small.
+ * The specific size requirement depends on the configured ciphers and any
+ * certificate data which is sent during the handshake.
+ *
+ * For absolute minimum RAM usage, it's best to enable
+ * MBEDTLS_SSL_MAX_FRAGMENT_LENGTH and reduce MBEDTLS_SSL_MAX_CONTENT_LEN. This
+ * reduces both incoming and outgoing buffer sizes. However this is only
+ * guaranteed if the other end of the connection also supports the TLS
+ * max_fragment_len extension. Otherwise the connection may fail.
+ */
+//#define MBEDTLS_SSL_OUT_CONTENT_LEN             16384
+
+/** \def MBEDTLS_SSL_DTLS_MAX_BUFFERING
+ *
+ * Maximum number of heap-allocated bytes for the purpose of
+ * DTLS handshake message reassembly and future message buffering.
+ *
+ * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN
+ * to account for a reassembled handshake message of maximum size,
+ * together with its reassembly bitmap.
+ *
+ * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default)
+ * should be sufficient for all practical situations as it allows
+ * to reassembly a large handshake message (such as a certificate)
+ * while buffering multiple smaller handshake messages.
+ *
+ */
+//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING             32768
+
 //#define MBEDTLS_SSL_DEFAULT_TICKET_LIFETIME     86400 /**< Lifetime of session tickets (if enabled) */
 //#define MBEDTLS_PSK_MAX_LEN               32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
 //#define MBEDTLS_SSL_COOKIE_TIMEOUT        60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
@@ -2884,25 +3136,33 @@
  */
 //#define MBEDTLS_PLATFORM_ZEROIZE_ALT
 
+/**
+ * Uncomment the macro to let Mbed TLS use your alternate implementation of
+ * mbedtls_platform_gmtime_r(). This replaces the default implementation in
+ * platform_util.c.
+ *
+ * gmtime() is not a thread-safe function as defined in the C standard. The
+ * library will try to use safer implementations of this function, such as
+ * gmtime_r() when available. However, if Mbed TLS cannot identify the target
+ * system, the implementation of mbedtls_platform_gmtime_r() will default to
+ * using the standard gmtime(). In this case, calls from the library to
+ * gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex
+ * if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the
+ * library are also guarded with this mutex to avoid race conditions. However,
+ * if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will
+ * unconditionally use the implementation for mbedtls_platform_gmtime_r()
+ * supplied at compile time.
+ */
+//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
+
 /* \} name SECTION: Customisation configuration options */
 
-/* Target and application specific configurations */
-//#define YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE "mbedtls/target_config.h"
-
-#if defined(TARGET_LIKE_MBED) && defined(YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE)
-#include YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE
-#endif
-
-/*
+/* Target and application specific configurations
+ *
  * Allow user to override any previous default.
  *
- * Use two macro names for that, as:
- * - with yotta the prefix YOTTA_CFG_ is forced
- * - without yotta is looks weird to have a YOTTA prefix.
  */
-#if defined(YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE)
-#include YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE
-#elif defined(MBEDTLS_USER_CONFIG_FILE)
+#if defined(MBEDTLS_USER_CONFIG_FILE)
 #include MBEDTLS_USER_CONFIG_FILE
 #endif
 

From 76a449ba497689c636f592934740ae3c0b31b3a3 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 20 Nov 2018 11:48:15 +0100
Subject: [PATCH 655/889] Add config-default.h to test-ref-configs.pl

This commit adds the default upstream configuration to the set of
tests we run on CI, which was long overdue.

config-default is a copy of the Mbed TLS upstream config.h. It's
useful for two things: to compare our local changes to
include/mbedtls/config.h, and to test that we aren't breaking the
default upstream configuration.

Run a subset of the TLS tests that focus on exercising cryptographic
algorithms as used from TLS. Don't run the full set of TLS tests
because they're unlikely to be affected by changes in the PSA branch.
---
 tests/scripts/test-ref-configs.pl | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl
index 80d5f3875..d12c4c2f0 100755
--- a/tests/scripts/test-ref-configs.pl
+++ b/tests/scripts/test-ref-configs.pl
@@ -17,6 +17,10 @@ use warnings;
 use strict;
 
 my %configs = (
+    'config-default.h' => {
+        'opt' => '-f Default',
+        'compat' => '-m tls1_2 -V NO',
+    },
     'config-mini-tls1_1.h' => {
         'compat' => '-m tls1_1 -f \'^DES-CBC3-SHA$\|^TLS-RSA-WITH-3DES-EDE-CBC-SHA$\'',
     },

From d9eee3b417c2e8f63dd10d835ab9a9472242c2ed Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Fri, 2 Nov 2018 10:45:36 +0000
Subject: [PATCH 656/889] Add library as valid header file location

The persistent key implementation will be split across multiple
files as it will eventually be implementing multiple storage
backends. As these internal functions will need to be callable by
other files, we will add the headers in the library folder. This
commit adds this include location to the necessary scripts.

For tests, the library is added as an include location as testing
on-target with Mbed OS is not possible with paths including ".."
---
 CMakeLists.txt                    | 1 +
 crypto/tests/Makefile             | 2 +-
 scripts/generate_visualc_files.pl | 8 +++++---
 tests/Makefile                    | 2 +-
 tests/scripts/list-identifiers.sh | 2 +-
 5 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 99bf31f1f..11efd87e4 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -168,6 +168,7 @@ else()
 endif()
 
 include_directories(include/)
+include_directories(library/)
 
 if(ENABLE_ZLIB_SUPPORT)
     find_package(ZLIB)
diff --git a/crypto/tests/Makefile b/crypto/tests/Makefile
index f76c1c0f8..b44b470a3 100644
--- a/crypto/tests/Makefile
+++ b/crypto/tests/Makefile
@@ -1,4 +1,4 @@
-CFLAGS ?= -O2 -I../include
+CFLAGS ?= -O2 -I../include -I../library
 WARNING_CFLAGS ?= \
 	-Werror -Wall -Wextra \
 	-Wno-unused-function \
diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl
index 488a5beb6..d8825eed5 100755
--- a/scripts/generate_visualc_files.pl
+++ b/scripts/generate_visualc_files.pl
@@ -133,10 +133,11 @@ sub gen_entry_list {
 }
 
 sub gen_main_file {
-    my ($mbedtls_headers, $psa_headers, $sources, $hdr_tpl, $src_tpl, $main_tpl, $main_out) = @_;
+    my ($mbedtls_headers, $psa_headers, $source_headers, $sources, $hdr_tpl, $src_tpl, $main_tpl, $main_out) = @_;
 
     my $header_entries = gen_entry_list( $hdr_tpl, @$mbedtls_headers );
     $header_entries .= gen_entry_list( $hdr_tpl, @$psa_headers );
+    $header_entries .= gen_entry_list( $hdr_tpl, @$source_headers );
     my $source_entries = gen_entry_list( $src_tpl, @$sources );
 
     my $out = slurp_file( $main_tpl );
@@ -192,6 +193,7 @@ sub main {
     my @app_list = get_app_list();
     my @mbedtls_headers = <$mbedtls_header_dir/*.h>;
     my @psa_headers = <$psa_header_dir/*.h>;
+    my @source_headers = <$source_dir/*.h>;
     my @sources = <$source_dir/*.c>;
     map { s!/!\\!g } @mbedtls_headers;
     map { s!/!\\!g } @psa_headers;
@@ -199,8 +201,8 @@ sub main {
 
     gen_app_files( @app_list );
 
-    gen_main_file( \@mbedtls_headers, \@psa_headers, \@sources,
-                   $vsx_hdr_tpl, $vsx_src_tpl,
+    gen_main_file( \@mbedtls_headers, \@psa_headers, \@source_headers,
+                   \@sources, $vsx_hdr_tpl, $vsx_src_tpl,
                    $vsx_main_tpl_file, $vsx_main_file );
 
     gen_vsx_solution( @app_list );
diff --git a/tests/Makefile b/tests/Makefile
index 889d2a7da..f5cafe585 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -6,7 +6,7 @@ CFLAGS	?= -O2
 WARNING_CFLAGS ?= -Wall -W -Wdeclaration-after-statement -Wno-unused-function -Wno-unused-value
 LDFLAGS ?=
 
-LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../include -D_FILE_OFFSET_BITS=64
+LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../include -I../library -D_FILE_OFFSET_BITS=64
 LOCAL_LDFLAGS = -L../library			\
 		-lmbedtls$(SHARED_SUFFIX)	\
 		-lmbedx509$(SHARED_SUFFIX)	\
diff --git a/tests/scripts/list-identifiers.sh b/tests/scripts/list-identifiers.sh
index 89daa68c7..ccd488c2e 100755
--- a/tests/scripts/list-identifiers.sh
+++ b/tests/scripts/list-identifiers.sh
@@ -7,7 +7,7 @@ if [ -d include/mbedtls ]; then :; else
     exit 1
 fi
 
-HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-1\.3\.h|bn_mul' )
+HEADERS=$( ls include/mbedtls/*.h include/psa/*.h library/*.h | egrep -v 'compat-1\.3\.h|bn_mul' )
 
 rm -f identifiers
 

From db2b8db7150183e15169636027f87c4145e5645c Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Fri, 15 Jun 2018 13:06:04 +0100
Subject: [PATCH 657/889] psa: Add storage implementation for files

Add new functions, psa_load_persistent_key(),
psa_free_persistent_key_data(), and psa_save_persistent_key(), for
managing persistent keys. These functions load to or save from our
internal representation of key slots. Serialization is a concern of the
storage backend implementation and doesn't abstraction-leak into the
lifetime management code.

An initial implementation for files is provided. Additional storage
backends can implement this interface for other storage types.
---
 configs/config-psa-crypto.h                   |  25 ++
 crypto/library/Makefile                       |   2 +
 crypto/tests/Makefile                         |   3 +
 include/mbedtls/check_config.h                |  12 +
 include/mbedtls/config.h                      |  25 ++
 library/CMakeLists.txt                        |   2 +
 library/Makefile                              |   2 +
 library/psa_crypto_storage.c                  | 195 ++++++++++++++++
 library/psa_crypto_storage.h                  | 177 ++++++++++++++
 library/psa_crypto_storage_backend.h          | 112 +++++++++
 library/psa_crypto_storage_file.c             | 218 ++++++++++++++++++
 library/version_features.c                    |   6 +
 scripts/config.pl                             |   2 +
 scripts/mbed_crypto.make                      |   6 +
 tests/CMakeLists.txt                          |   1 +
 tests/scripts/all.sh                          |  10 +
 .../test_suite_psa_crypto_storage_file.data   |  43 ++++
 ...est_suite_psa_crypto_storage_file.function | 159 +++++++++++++
 visualc/VS2010/mbedTLS.vcxproj                |   4 +
 19 files changed, 1004 insertions(+)
 create mode 100644 library/psa_crypto_storage.c
 create mode 100644 library/psa_crypto_storage.h
 create mode 100644 library/psa_crypto_storage_backend.h
 create mode 100644 library/psa_crypto_storage_file.c
 create mode 100644 tests/suites/test_suite_psa_crypto_storage_file.data
 create mode 100644 tests/suites/test_suite_psa_crypto_storage_file.function

diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h
index 870e335d1..27e9ef1d6 100644
--- a/configs/config-psa-crypto.h
+++ b/configs/config-psa-crypto.h
@@ -1522,6 +1522,31 @@
  */
 #define MBEDTLS_PSA_CRYPTO_C
 
+/**
+ * \def MBEDTLS_PSA_CRYPTO_STORAGE_C
+ *
+ * Enable the Platform Security Architecture persistent key storage.
+ *
+ * Module:  library/psa_crypto_storage.c
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ *
+ */
+#define MBEDTLS_PSA_CRYPTO_STORAGE_C
+
+/**
+ * \def MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ *
+ * Enable persistent key storage over files for the
+ * Platform Security Architecture cryptography API.
+ *
+ * Module:  library/psa_crypto_storage_file.c
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_FS_IO
+ *
+ */
+#define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+
 /**
  * \def MBEDTLS_RIPEMD160_C
  *
diff --git a/crypto/library/Makefile b/crypto/library/Makefile
index 9151662a7..5b963c5ea 100644
--- a/crypto/library/Makefile
+++ b/crypto/library/Makefile
@@ -45,6 +45,8 @@ OBJS_CRYPTO := \
 	platform.o \
 	platform_util.o \
 	psa_crypto.o \
+	psa_crypto_storage.o \
+	psa_crypto_storage_file.o \
 	ripemd160.o \
 	rsa_internal.o \
 	rsa.o \
diff --git a/crypto/tests/Makefile b/crypto/tests/Makefile
index b44b470a3..2f68e8677 100644
--- a/crypto/tests/Makefile
+++ b/crypto/tests/Makefile
@@ -16,11 +16,13 @@ PYTHON ?= python
 APPS := \
 	test_suite_psa_crypto \
 	test_suite_psa_crypto_metadata \
+	test_suite_psa_crypto_storage_file \
 # Don't delete this line.
 
 # Look up for associated function files
 func.test_suite_psa_crypto := test_suite_psa_crypto
 func.test_suite_psa_crypto_metadata := test_suite_psa_crypto_metadata
+func.test_suite_psa_crypto_storage_file := test_suite_psa_crypto_storage_file
 
 .SILENT:
 
@@ -56,6 +58,7 @@ clean:
 test: $(APPS)
 	./test_suite_psa_crypto_metadata
 	./test_suite_psa_crypto
+	./test_suite_psa_crypto_storage_file
 
 # Create separate targets for generating embedded tests.
 EMBEDDED_TESTS := $(addprefix embedded_,$(APPS))
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 6eec2ada9..f78e61bf1 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -506,6 +506,18 @@
 #error "MBEDTLS_PSA_CRYPTO_SPM defined, but not all prerequisites"
 #endif
 
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) &&            \
+    !( defined(MBEDTLS_PSA_CRYPTO_C) &&           \
+       defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) )
+#error "MBEDTLS_PSA_CRYPTO_STORAGE_C defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) &&            \
+    !( defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) &&           \
+       defined(MBEDTLS_FS_IO) )
+#error "MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C defined, but not all prerequisites"
+#endif
+
 #if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) ||         \
     !defined(MBEDTLS_OID_C) )
 #error "MBEDTLS_RSA_C defined, but not all prerequisites"
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index cd256c31c..2190ac519 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -2616,6 +2616,31 @@
  */
 #define MBEDTLS_PSA_CRYPTO_C
 
+/**
+ * \def MBEDTLS_PSA_CRYPTO_STORAGE_C
+ *
+ * Enable the Platform Security Architecture persistent key storage.
+ *
+ * Module:  library/psa_crypto_storage.c
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ *
+ */
+#define MBEDTLS_PSA_CRYPTO_STORAGE_C
+
+/**
+ * \def MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ *
+ * Enable persistent key storage over files for the
+ * Platform Security Architecture cryptography API.
+ *
+ * Module:  library/psa_crypto_storage_file.c
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_FS_IO
+ *
+ */
+#define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+
 /**
  * \def MBEDTLS_RIPEMD160_C
  *
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index 0c2ac888b..04e404c29 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -54,6 +54,8 @@ set(src_crypto
     platform_util.c
     poly1305.c
     psa_crypto.c
+    psa_crypto_storage.c
+    psa_crypto_storage_file.c
     ripemd160.c
     rsa.c
     rsa_internal.c
diff --git a/library/Makefile b/library/Makefile
index cf6750d05..83afa661e 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -82,6 +82,8 @@ OBJS_CRYPTO=	aes.o		aesni.o		arc4.o		\
 		pkcs5.o		pkparse.o	pkwrite.o	\
 		platform.o	platform_util.o	poly1305.o	\
 		psa_crypto.o					\
+		psa_crypto_storage.o				\
+		psa_crypto_storage_file.o			\
 		ripemd160.o	rsa_internal.o	rsa.o  		\
 		sha1.o		sha256.o	sha512.o	\
 		threading.o	timing.o	version.o	\
diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c
new file mode 100644
index 000000000..5285826ce
--- /dev/null
+++ b/library/psa_crypto_storage.c
@@ -0,0 +1,195 @@
+/*
+ *  PSA persistent key storage
+ */
+/*  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if defined(MBEDTLS_CONFIG_FILE)
+#include MBEDTLS_CONFIG_FILE
+#else
+#include "mbedtls/config.h"
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+
+#include <stdlib.h>
+#include <string.h>
+
+#include "psa/crypto.h"
+#include "psa_crypto_storage.h"
+#include "psa_crypto_storage_backend.h"
+#include "mbedtls/platform_util.h"
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#define mbedtls_calloc   calloc
+#define mbedtls_free     free
+#endif
+
+/*
+ * 32-bit integer manipulation macros (little endian)
+ */
+#ifndef GET_UINT32_LE
+#define GET_UINT32_LE(n,b,i)                            \
+{                                                       \
+    (n) = ( (uint32_t) (b)[(i)    ]       )             \
+        | ( (uint32_t) (b)[(i) + 1] <<  8 )             \
+        | ( (uint32_t) (b)[(i) + 2] << 16 )             \
+        | ( (uint32_t) (b)[(i) + 3] << 24 );            \
+}
+#endif
+
+#ifndef PUT_UINT32_LE
+#define PUT_UINT32_LE(n,b,i)                                    \
+{                                                               \
+    (b)[(i)    ] = (unsigned char) ( ( (n)       ) & 0xFF );    \
+    (b)[(i) + 1] = (unsigned char) ( ( (n) >>  8 ) & 0xFF );    \
+    (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF );    \
+    (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF );    \
+}
+#endif
+
+typedef struct {
+    uint8_t version[4];
+    uint8_t type[sizeof( psa_key_type_t )];
+    uint8_t policy[sizeof( psa_key_policy_t )];
+    uint8_t data_len[4];
+    uint8_t key_data[];
+} psa_persistent_key_storage_format;
+
+void psa_format_key_data_for_storage( const uint8_t *data,
+                                      const size_t data_length,
+                                      const psa_key_type_t type,
+                                      const psa_key_policy_t *policy,
+                                      uint8_t *storage_data )
+{
+    psa_persistent_key_storage_format *storage_format =
+        (psa_persistent_key_storage_format *) storage_data;
+
+    PUT_UINT32_LE(0, storage_format->version, 0);
+    PUT_UINT32_LE(type, storage_format->type, 0);
+    PUT_UINT32_LE(policy->usage, storage_format->policy, 0);
+    PUT_UINT32_LE(policy->alg, storage_format->policy, sizeof( uint32_t ));
+    PUT_UINT32_LE(data_length, storage_format->data_len, 0);
+    memcpy( storage_format->key_data, data, data_length );
+}
+
+psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data,
+                                              size_t storage_data_length,
+                                              uint8_t **key_data,
+                                              size_t *key_data_length,
+                                              psa_key_type_t *type,
+                                              psa_key_policy_t *policy )
+{
+    const psa_persistent_key_storage_format *storage_format =
+        (const psa_persistent_key_storage_format *)storage_data;
+    uint32_t version;
+
+    GET_UINT32_LE(version, storage_format->version, 0);
+    if( version != 0 )
+        return( PSA_ERROR_STORAGE_FAILURE );
+
+    GET_UINT32_LE(*key_data_length, storage_format->data_len, 0);
+    if( *key_data_length > ( storage_data_length - sizeof(*storage_format) ) ||
+        *key_data_length > PSA_CRYPTO_MAX_STORAGE_SIZE )
+        return( PSA_ERROR_STORAGE_FAILURE );
+
+    *key_data = mbedtls_calloc( 1, *key_data_length );
+    if( *key_data == NULL )
+        return( PSA_ERROR_INSUFFICIENT_MEMORY );
+
+    GET_UINT32_LE(*type, storage_format->type, 0);
+    GET_UINT32_LE(policy->usage, storage_format->policy, 0);
+    GET_UINT32_LE(policy->alg, storage_format->policy, sizeof( uint32_t ));
+
+    memcpy( *key_data, storage_format->key_data, *key_data_length );
+
+    return( PSA_SUCCESS );
+}
+
+psa_status_t psa_save_persistent_key( const psa_key_slot_t key,
+                                      const psa_key_type_t type,
+                                      const psa_key_policy_t *policy,
+                                      const uint8_t *data,
+                                      const size_t data_length )
+{
+    size_t storage_data_length;
+    uint8_t *storage_data;
+    psa_status_t status;
+
+    if( data_length > PSA_CRYPTO_MAX_STORAGE_SIZE )
+        return PSA_ERROR_INSUFFICIENT_STORAGE;
+    storage_data_length = data_length + sizeof( psa_persistent_key_storage_format );
+
+    storage_data = mbedtls_calloc( 1, storage_data_length );
+    if( storage_data == NULL )
+        return( PSA_ERROR_INSUFFICIENT_MEMORY );
+
+    psa_format_key_data_for_storage( data, data_length, type, policy,
+                                     storage_data );
+
+    status = psa_crypto_storage_store( key,
+                                       storage_data, storage_data_length );
+
+    mbedtls_free( storage_data );
+
+    return( status );
+}
+
+void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length )
+{
+    if( key_data != NULL )
+    {
+        mbedtls_platform_zeroize( key_data, key_data_length );
+    }
+    mbedtls_free( key_data );
+}
+
+psa_status_t psa_load_persistent_key( psa_key_slot_t key,
+                                      psa_key_type_t *type,
+                                      psa_key_policy_t *policy,
+                                      uint8_t **data,
+                                      size_t *data_length )
+{
+    psa_status_t status = PSA_SUCCESS;
+    uint8_t *loaded_data;
+    size_t storage_data_length = 0;
+
+    status = psa_crypto_storage_get_data_length( key, &storage_data_length );
+    if( status != PSA_SUCCESS )
+        return( status );
+
+    loaded_data = mbedtls_calloc( 1, storage_data_length );
+
+    if( loaded_data == NULL )
+        return( PSA_ERROR_INSUFFICIENT_MEMORY );
+
+    status = psa_crypto_storage_load( key, loaded_data, storage_data_length );
+    if( status != PSA_SUCCESS )
+        goto exit;
+
+    status = psa_parse_key_data_from_storage( loaded_data, storage_data_length,
+                                              data, data_length, type, policy );
+
+exit:
+    mbedtls_free( loaded_data );
+    return( status );
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h
new file mode 100644
index 000000000..167b0db05
--- /dev/null
+++ b/library/psa_crypto_storage.h
@@ -0,0 +1,177 @@
+/**
+ * \file psa_crypto_storage.h
+ *
+ * \brief PSA cryptography module: Mbed TLS key storage
+ */
+/*
+ *  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_STORAGE_H
+#define PSA_CRYPTO_STORAGE_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Include the Mbed TLS configuration file, the way Mbed TLS does it
+ * in each of its header files. */
+#if defined(MBEDTLS_CONFIG_FILE)
+#include MBEDTLS_CONFIG_FILE
+#else
+#include "mbedtls/config.h"
+#endif
+
+#include "psa/crypto.h"
+#include <stdint.h>
+
+/* Limit the maximum key size to 30kB (just in case someone tries to
+ * inadvertently store an obscene amount of data) */
+#define PSA_CRYPTO_MAX_STORAGE_SIZE ( 30 * 1024 )
+
+/**
+ * \brief Format key data and metadata and save to a location for given key
+ *        slot.
+ *
+ * This function formats the key data and metadata and saves it to a
+ * persistent storage backend. The storage location corresponding to the
+ * key slot must be empty, otherwise this function will fail. This function
+ * should be called after psa_import_key_into_slot() to ensure the
+ * persistent key is not saved into a storage location corresponding to an
+ * already occupied non-persistent key, as well as validating the key data.
+ *
+ *
+ * \param key           Slot number of the key to be stored. This must be a
+ *                      valid slot for a key of the chosen type. This should be
+ *                      an occupied key slot with an unoccupied corresponding
+ *                      storage location.
+ * \param type          Key type (a \c PSA_KEY_TYPE_XXX value).
+ * \param[in] policy    The key policy to save.
+ * \param[in] data      Buffer containing the key data.
+ * \param data_length   The number of bytes that make up the key data.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_INSUFFICIENT_STORAGE
+ * \retval PSA_ERROR_STORAGE_FAILURE
+ */
+psa_status_t psa_save_persistent_key( const psa_key_slot_t key,
+                                      const psa_key_type_t type,
+                                      const psa_key_policy_t *policy,
+                                      const uint8_t *data,
+                                      const size_t data_length );
+
+/**
+ * \brief Parses key data and metadata and load persistent key for given
+ * key slot number.
+ *
+ * This function reads from a storage backend, parses the key data and
+ * metadata and writes them to the appropriate output parameters.
+ *
+ * Note: This function allocates a buffer and returns a pointer to it through
+ * the data parameter. psa_free_persistent_key_data() must be called after
+ * this function to zeroize and free this buffer, regardless of whether this
+ * function succeeds or fails.
+ *
+ * \param key               Slot number whose content is to be loaded. This
+ *                          must be an unoccupied key slot with an occupied
+ *                          corresponding storage location. The key slot
+ *                          lifetime must be set to persistent.
+ * \param[out] type         On success, the key type (a \c PSA_KEY_TYPE_XXX
+ *                          value).
+ * \param[out] policy       On success, the key's policy.
+ * \param[out] data         Pointer to an allocated key data buffer on return.
+ * \param[out] data_length  The number of bytes that make up the key data.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_STORAGE_FAILURE
+ */
+psa_status_t psa_load_persistent_key( psa_key_slot_t key,
+                                      psa_key_type_t *type,
+                                      psa_key_policy_t *policy,
+                                      uint8_t **data,
+                                      size_t *data_length );
+
+/**
+ * \brief Remove persistent data for the given key slot number.
+ *
+ * \param key           Slot number whose content is to be removed
+ *                      from persistent storage.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_STORAGE_FAILURE
+ */
+psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key );
+
+/**
+ * \brief Zeroizes and frees the given buffer.
+ *
+ * This function must be called at some point after psa_load_persistent_key()
+ * to zeroize and free the memory allocated to the buffer in that function.
+ *
+ * \param key_data        Buffer for the key data.
+ * \param key_data_length Size of the key data buffer.
+ *
+ */
+void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length );
+
+/**
+ * \brief Formats key data and metadata for persistent storage
+ *
+ * \param[in] data          Buffer for the key data.
+ * \param data_length       Length of the key data buffer.
+ * \param type              Key type (a \c PSA_KEY_TYPE_XXX value).
+ * \param policy            The key policy.
+ * \param[out] storage_data Output buffer for the formatted data.
+ *
+ */
+void psa_format_key_data_for_storage( const uint8_t *data,
+                                      const size_t data_length,
+                                      const psa_key_type_t type,
+                                      const psa_key_policy_t *policy,
+                                      uint8_t *storage_data );
+
+/**
+ * \brief Parses persistent storage data into key data and metadata
+ *
+ * \param[in] storage_data     Buffer for the storage data.
+ * \param storage_data_length  Length of the storage data buffer
+ * \param[out] key_data        On output, pointer to a newly allocated buffer
+ *                             containing the key data. This must be freed
+ *                             using psa_free_persistent_key_data()
+ * \param[out] key_data_length Length of the key data buffer
+ * \param[out] type            Key type (a \c PSA_KEY_TYPE_XXX value).
+ * \param[out] policy          The key policy.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_INSUFFICIENT_STORAGE
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval PSA_ERROR_STORAGE_FAILURE
+ */
+psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data,
+                                              size_t storage_data_length,
+                                              uint8_t **key_data,
+                                              size_t *key_data_length,
+                                              psa_key_type_t *type,
+                                              psa_key_policy_t *policy );
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* PSA_CRYPTO_STORAGE_H */
diff --git a/library/psa_crypto_storage_backend.h b/library/psa_crypto_storage_backend.h
new file mode 100644
index 000000000..3ca9a1d74
--- /dev/null
+++ b/library/psa_crypto_storage_backend.h
@@ -0,0 +1,112 @@
+/**
+ * \file psa_crypto_storage_backend.h
+ *
+ * \brief PSA cryptography module: Mbed TLS key storage backend
+ */
+/*
+ *  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_STORAGE_BACKEND_H
+#define PSA_CRYPTO_STORAGE_BACKEND_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Include the Mbed TLS configuration file, the way Mbed TLS does it
+ * in each of its header files. */
+#if defined(MBEDTLS_CONFIG_FILE)
+#include MBEDTLS_CONFIG_FILE
+#else
+#include "mbedtls/config.h"
+#endif
+
+#include "psa/crypto.h"
+#include "psa_crypto_storage.h"
+#include <stdint.h>
+
+/**
+ * \brief Load persistent data for the given key slot number.
+ *
+ * This function reads data from a storage backend and returns the data in a
+ * buffer.
+ *
+ * \param key              Slot number whose content is to be loaded. This must
+ *                         be a key slot whose lifetime is set to persistent.
+ * \param[out] data        Buffer where the data is to be written.
+ * \param data_size        Size of the \c data buffer in bytes.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_STORAGE_FAILURE
+ */
+psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data,
+                                      size_t data_size );
+
+/**
+ * \brief Store persistent data for the given key slot number.
+ *
+ * This function stores the given data buffer to a persistent storage.
+ *
+ * \param key           Slot number whose content is to be stored.
+ * \param[in] data      Buffer containing the data to be stored.
+ * \param data_length   The number of bytes
+ *                      that make up the data.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_INSUFFICIENT_STORAGE
+ * \retval PSA_ERROR_STORAGE_FAILURE
+ */
+psa_status_t psa_crypto_storage_store( const psa_key_slot_t key,
+                                       const uint8_t *data,
+                                       size_t data_length );
+
+/**
+ * \brief Checks if persistent data is stored for the given key slot number
+ *
+ * This function checks if any key data or metadata exists for the key slot in
+ * the persistent storage.
+ *
+ * \param key           Slot number whose content is to be checked.
+ *
+ * \retval 0
+ *         No persistent data present for slot number
+ * \retval 1
+ *         Persistent data present for slot number
+ */
+int psa_is_key_present_in_storage( const psa_key_slot_t key );
+
+/**
+ * \brief Get data length for given key slot number.
+ *
+ * \param key              Slot number whose stored data length is to be obtained.
+ * \param[out] data_length The number of bytes
+ *                         that make up the data.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_STORAGE_FAILURE
+ */
+psa_status_t psa_crypto_storage_get_data_length( const psa_key_slot_t key,
+                                                 size_t *data_length );
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* PSA_CRYPTO_STORAGE_H */
diff --git a/library/psa_crypto_storage_file.c b/library/psa_crypto_storage_file.c
new file mode 100644
index 000000000..03c711af3
--- /dev/null
+++ b/library/psa_crypto_storage_file.c
@@ -0,0 +1,218 @@
+/*
+ *  PSA file storage backend for persistent keys
+ */
+/*  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if defined(MBEDTLS_CONFIG_FILE)
+#include MBEDTLS_CONFIG_FILE
+#else
+#include "mbedtls/config.h"
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C)
+
+#include <string.h>
+
+#include "psa/crypto.h"
+#include "psa_crypto_storage_backend.h"
+#include "mbedtls/platform_util.h"
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#define mbedtls_snprintf snprintf
+#endif
+
+/* This option sets where files are to be stored. If this is left unset,
+ * the files by default will be stored in the same location as the program,
+ * which may not be desired or possible. */
+#if !defined(CRYPTO_STORAGE_FILE_LOCATION)
+#define CRYPTO_STORAGE_FILE_LOCATION ""
+#endif
+
+enum { MAX_LOCATION_LEN = sizeof(CRYPTO_STORAGE_FILE_LOCATION) + 40 };
+
+static void key_slot_to_location( const psa_key_slot_t key,
+                                  char *location,
+                                  size_t location_size )
+{
+    mbedtls_snprintf( location, location_size,
+                      CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_%d", key );
+}
+
+psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data,
+                                      size_t data_size )
+{
+    psa_status_t status = PSA_SUCCESS;
+    FILE *file;
+    size_t num_read;
+    char slot_location[MAX_LOCATION_LEN];
+
+    key_slot_to_location( key, slot_location, MAX_LOCATION_LEN );
+    file = fopen( slot_location, "rb" );
+    if( file == NULL )
+    {
+        status = PSA_ERROR_STORAGE_FAILURE;
+        goto exit;
+    }
+    num_read = fread( data, 1, data_size, file );
+    if( num_read != data_size )
+        status = PSA_ERROR_STORAGE_FAILURE;
+
+exit:
+    if( file != NULL )
+        fclose( file );
+    return( status );
+}
+
+int psa_is_key_present_in_storage( const psa_key_slot_t key )
+{
+    char slot_location[MAX_LOCATION_LEN];
+    FILE *file;
+
+    key_slot_to_location( key, slot_location, MAX_LOCATION_LEN );
+
+    file = fopen( slot_location, "r" );
+    if( file == NULL )
+    {
+        /* File doesn't exist */
+        return( 0 );
+    }
+
+    fclose( file );
+    return( 1 );
+}
+
+psa_status_t psa_crypto_storage_store( const psa_key_slot_t key,
+                                       const uint8_t *data,
+                                       size_t data_length )
+{
+    psa_status_t status = PSA_SUCCESS;
+    int ret;
+    size_t num_written;
+    char slot_location[MAX_LOCATION_LEN];
+    FILE *file;
+    /* The storage location corresponding to "key slot 0" is used as a
+     * temporary location in order to make the apparition of the actual slot
+     * file atomic. 0 is not a valid key slot number, so this should not
+     * affect actual keys. */
+    const char *temp_location = CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_0";
+
+    key_slot_to_location( key, slot_location, MAX_LOCATION_LEN );
+
+    if( psa_is_key_present_in_storage( key ) == 1 )
+        return( PSA_ERROR_OCCUPIED_SLOT );
+
+    file = fopen( temp_location, "wb" );
+    if( file == NULL )
+    {
+        status = PSA_ERROR_STORAGE_FAILURE;
+        goto exit;
+    }
+
+    num_written = fwrite( data, 1, data_length, file );
+    if( num_written != data_length )
+    {
+        status = PSA_ERROR_STORAGE_FAILURE;
+        goto exit;
+    }
+
+    ret = fclose( file );
+    file = NULL;
+    if( ret != 0 )
+    {
+        status = PSA_ERROR_STORAGE_FAILURE;
+        goto exit;
+    }
+
+    if( rename( temp_location, slot_location ) != 0 )
+    {
+        status = PSA_ERROR_STORAGE_FAILURE;
+        goto exit;
+    }
+
+exit:
+    if( file != NULL )
+        fclose( file );
+    remove( temp_location );
+    return( status );
+}
+
+psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key )
+{
+    FILE *file;
+    char slot_location[MAX_LOCATION_LEN];
+
+    key_slot_to_location( key, slot_location, MAX_LOCATION_LEN );
+
+    /* Only try remove the file if it exists */
+    file = fopen( slot_location, "rb" );
+    if( file != NULL )
+    {
+        fclose( file );
+
+        if( remove( slot_location ) != 0 )
+            return( PSA_ERROR_STORAGE_FAILURE );
+    }
+    return( PSA_SUCCESS );
+}
+
+psa_status_t psa_crypto_storage_get_data_length( const psa_key_slot_t key,
+                                                 size_t *data_length )
+{
+    psa_status_t status = PSA_SUCCESS;
+    FILE *file;
+    long file_size;
+    char slot_location[MAX_LOCATION_LEN];
+
+    key_slot_to_location( key, slot_location, MAX_LOCATION_LEN );
+
+    file = fopen( slot_location, "rb" );
+    if( file == NULL )
+        return( PSA_ERROR_EMPTY_SLOT );
+
+    if( fseek( file, 0, SEEK_END ) != 0 )
+    {
+        status = PSA_ERROR_STORAGE_FAILURE;
+        goto exit;
+    }
+
+    file_size = ftell( file );
+
+    if( file_size < 0 )
+    {
+        status = PSA_ERROR_STORAGE_FAILURE;
+        goto exit;
+    }
+
+#if LONG_MAX > SIZE_MAX
+    if( (unsigned long) file_size > SIZE_MAX )
+    {
+        status = PSA_ERROR_STORAGE_FAILURE;
+        goto exit;
+    }
+#endif
+    *data_length = (size_t) file_size;
+
+exit:
+    fclose( file );
+    return( status );
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C */
diff --git a/library/version_features.c b/library/version_features.c
index ffad82fa4..7ef899717 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -687,6 +687,12 @@ static const char *features[] = {
 #if defined(MBEDTLS_PSA_CRYPTO_C)
     "MBEDTLS_PSA_CRYPTO_C",
 #endif /* MBEDTLS_PSA_CRYPTO_C */
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+    "MBEDTLS_PSA_CRYPTO_STORAGE_C",
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C)
+    "MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C",
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C */
 #if defined(MBEDTLS_RIPEMD160_C)
     "MBEDTLS_RIPEMD160_C",
 #endif /* MBEDTLS_RIPEMD160_C */
diff --git a/scripts/config.pl b/scripts/config.pl
index 2e4ac3bb6..69c6d5fce 100755
--- a/scripts/config.pl
+++ b/scripts/config.pl
@@ -116,6 +116,8 @@ MBEDTLS_MEMORY_BACKTRACE
 MBEDTLS_MEMORY_BUFFER_ALLOC_C
 MBEDTLS_PLATFORM_TIME_ALT
 MBEDTLS_PLATFORM_FPRINTF_ALT
+MBEDTLS_PSA_CRYPTO_STORAGE_C
+MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
 );
 
 # Things that should be enabled in "full" even if they match @excluded
diff --git a/scripts/mbed_crypto.make b/scripts/mbed_crypto.make
index e5e6ded6d..ab54d555f 100644
--- a/scripts/mbed_crypto.make
+++ b/scripts/mbed_crypto.make
@@ -70,6 +70,10 @@ LIB_FILES := \
 	platform.c \
 	platform_util.c \
 	psa_crypto.c \
+	psa_crypto_storage.h \
+	psa_crypto_storage.c \
+	psa_crypto_storage_backend.h \
+	psa_crypto_storage_file.c \
 	ripemd160.c \
 	rsa_internal.c \
 	rsa.c \
@@ -154,6 +158,8 @@ TEST_FILES := \
 	tests/suites/test_suite_psa_crypto_hash.function \
 	tests/suites/test_suite_psa_crypto_metadata.data \
 	tests/suites/test_suite_psa_crypto_metadata.function \
+	tests/suites/test_suite_psa_crypto_storage_file.data \
+	tests/suites/test_suite_psa_crypto_storage_file.function \
 # Don't delete this line.
 
 OTHER_FILES := \
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 89be6feb7..7af7fcf18 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -113,6 +113,7 @@ add_test_suite(poly1305)
 add_test_suite(psa_crypto)
 add_test_suite(psa_crypto_hash)
 add_test_suite(psa_crypto_metadata)
+add_test_suite(psa_crypto_storage_file)
 add_test_suite(shax)
 add_test_suite(ssl)
 add_test_suite(timing)
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 5b04d84a1..73152cf05 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -644,6 +644,8 @@ scripts/config.pl unset MBEDTLS_PLATFORM_EXIT_ALT
 scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
 scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
 scripts/config.pl unset MBEDTLS_FS_IO
+scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C
 # Note, _DEFAULT_SOURCE needs to be defined for platforms using glibc version >2.19,
 # to re-enable platform integration features otherwise disabled in C99 builds
 make CC=gcc CFLAGS='-Werror -Wall -Wextra -std=c99 -pedantic -O0 -D_DEFAULT_SOURCE' lib programs
@@ -859,6 +861,8 @@ scripts/config.pl unset MBEDTLS_THREADING_PTHREAD
 scripts/config.pl unset MBEDTLS_THREADING_C
 scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h
 scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit
+scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C # depends on MBEDTLS_FS_IO
+scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C # depends on MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
 make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -Wall -Wextra' lib
 
 msg "build: arm-none-eabi-gcc -DMBEDTLS_NO_UDBL_DIVISION, make" # ~ 10s
@@ -877,6 +881,8 @@ scripts/config.pl unset MBEDTLS_THREADING_C
 scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h
 scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit
 scripts/config.pl set MBEDTLS_NO_UDBL_DIVISION
+scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C # depends on MBEDTLS_FS_IO
+scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C # depends on MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
 make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -Wall -Wextra' lib
 echo "Checking that software 64-bit division is not required"
 if_build_succeeded not grep __aeabi_uldiv library/*.o
@@ -897,6 +903,8 @@ scripts/config.pl unset MBEDTLS_THREADING_C
 scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h
 scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit
 scripts/config.pl set MBEDTLS_NO_64BIT_MULTIPLICATION
+scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C # depends on MBEDTLS_FS_IO
+scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C # depends on MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
 make CC=arm-none-eabi-gcc AR=arm-none-eabi-ar LD=arm-none-eabi-ld CFLAGS='-Werror -O1 -march=armv6-m -mthumb' lib
 echo "Checking that software 64-bit multiplication is not required"
 if_build_succeeded not grep __aeabi_lmul library/*.o
@@ -920,6 +928,8 @@ scripts/config.pl unset MBEDTLS_THREADING_C
 scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # execinfo.h
 scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit
 scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT # depends on MBEDTLS_HAVE_TIME
+scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C # depends on MBEDTLS_FS_IO
+scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C # depends on MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
 
 if [ $RUN_ARMCC -ne 0 ]; then
     make CC="$ARMC5_CC" AR="$ARMC5_AR" WARNING_CFLAGS='--strict --c99' lib
diff --git a/tests/suites/test_suite_psa_crypto_storage_file.data b/tests/suites/test_suite_psa_crypto_storage_file.data
new file mode 100644
index 000000000..730e0925c
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_storage_file.data
@@ -0,0 +1,43 @@
+PSA Storage Load verify loaded file
+depends_on:MBEDTLS_FS_IO
+load_data_from_file:1:"deadbeef":1:4:PSA_SUCCESS
+
+PSA Storage Load check slots dont share state
+depends_on:MBEDTLS_FS_IO
+load_data_from_file:2:"deadbeef":1:4:PSA_ERROR_STORAGE_FAILURE
+
+PSA Storage Load zero length file
+depends_on:MBEDTLS_FS_IO
+load_data_from_file:1:"":1:1:PSA_SUCCESS
+
+PSA Storage Load less than capacity of data buffer
+depends_on:MBEDTLS_FS_IO
+load_data_from_file:1:"deadbeef":1:5:PSA_SUCCESS
+
+PSA Storage Load nonexistent file location, should fail
+depends_on:MBEDTLS_FS_IO
+load_data_from_file:1:"deadbeef":0:4:PSA_ERROR_STORAGE_FAILURE
+
+PSA Storage Store verify stored file
+depends_on:MBEDTLS_FS_IO
+write_data_to_file:"deadbeef":PSA_SUCCESS
+
+PSA Storage Store into preexisting location, should fail
+depends_on:MBEDTLS_FS_IO
+write_data_to_prexisting_file:"psa_key_slot_1":"deadbeef":PSA_ERROR_OCCUPIED_SLOT
+
+PSA Storage Store, preexisting temp_location file, should succeed
+depends_on:MBEDTLS_FS_IO
+write_data_to_prexisting_file:"psa_key_slot_0":"deadbeef":PSA_SUCCESS
+
+PSA Storage Get data size verify data size
+depends_on:MBEDTLS_FS_IO
+get_file_size:"deadbeef":4:PSA_SUCCESS:1
+
+PSA Storage Get data size verify data size zero length file
+depends_on:MBEDTLS_FS_IO
+get_file_size:"":0:PSA_SUCCESS:1
+
+PSA Storage Get data size nonexistent file location, should fail
+depends_on:MBEDTLS_FS_IO
+get_file_size:"deadbeef":4:PSA_ERROR_EMPTY_SLOT:0
diff --git a/tests/suites/test_suite_psa_crypto_storage_file.function b/tests/suites/test_suite_psa_crypto_storage_file.function
new file mode 100644
index 000000000..b6dcad777
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_storage_file.function
@@ -0,0 +1,159 @@
+/* BEGIN_HEADER */
+#include <stdint.h>
+#include "psa/crypto.h"
+#include "psa_crypto_storage_backend.h"
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void load_data_from_file( int slot_to_load, data_t *data, int should_make_file,
+                          int capacity_arg, int expected_status )
+{
+    char slot_location[] = "psa_key_slot_1";
+    psa_status_t status;
+    int ret;
+    size_t file_size = 0;
+    uint8_t *loaded_data = NULL;
+    size_t capacity = (size_t) capacity_arg;
+
+    if( should_make_file == 1 )
+    {
+        /* Create a file with data contents, with mask permissions. */
+        FILE *file;
+        file = fopen( slot_location, "wb+" );
+        TEST_ASSERT( file != NULL );
+        file_size = fwrite( data->x, 1, data->len, file );
+        TEST_ASSERT( file_size == data->len );
+        ret = fclose( file );
+        TEST_ASSERT( ret == 0 );
+    }
+
+    /* Read from the file with psa_crypto_storage_load. */
+    loaded_data = mbedtls_calloc( 1, capacity );
+    TEST_ASSERT( loaded_data != NULL );
+    status = psa_crypto_storage_load( (psa_key_slot_t) slot_to_load, loaded_data,
+                                   file_size );
+
+    /* Check we get the expected status. */
+    TEST_ASSERT( status == expected_status );
+    if( status != PSA_SUCCESS )
+        goto exit;
+
+    /* Check that the file data and data length is what we expect. */
+    ASSERT_COMPARE( data->x, data->len, loaded_data, file_size );
+
+exit:
+    mbedtls_free( loaded_data );
+    remove( slot_location );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void write_data_to_file( data_t *data, int expected_status )
+{
+    char slot_location[] = "psa_key_slot_1";
+    psa_status_t status;
+    int ret;
+    FILE *file;
+    size_t file_size;
+    size_t num_read;
+    uint8_t *loaded_data = NULL;
+
+    /* Write data to file. */
+    status = psa_crypto_storage_store( 1, data->x, data->len );
+
+    /* Check that we got the expected status. */
+    TEST_ASSERT( status == expected_status );
+    if( status != PSA_SUCCESS )
+        goto exit;
+
+    /* Check that the file length is what we expect */
+    file = fopen( slot_location, "rb" );
+    TEST_ASSERT( file != NULL );
+    fseek( file, 0, SEEK_END );
+    file_size = (size_t) ftell( file );
+    fseek( file, 0, SEEK_SET );
+    TEST_ASSERT( file_size == data->len );
+
+    /* Check that the file contents are what we expect */
+    loaded_data = mbedtls_calloc( 1, data->len );
+    TEST_ASSERT( loaded_data != NULL );
+
+    num_read = fread( loaded_data, 1, file_size, file );
+    TEST_ASSERT( num_read == file_size );
+    ASSERT_COMPARE( data->x, data->len, loaded_data, file_size );
+    ret = fclose( file );
+    TEST_ASSERT( ret == 0 );
+
+exit:
+    mbedtls_free( loaded_data );
+    remove( slot_location );
+}
+/* END_CASE */
+
+
+/* BEGIN_CASE */
+void get_file_size( data_t *data, int expected_data_length,
+                    int expected_status, int should_make_file )
+{
+    char slot_location[] = "psa_key_slot_1";
+    psa_status_t status;
+    int ret;
+    size_t file_size;
+
+    if( should_make_file )
+    {
+        /* Create a file with data contents, with mask permissions. */
+        FILE *file;
+        file = fopen( slot_location, "wb+" );
+        TEST_ASSERT( file != NULL );
+        file_size = fwrite( data->x, 1, data->len, file );
+        TEST_ASSERT( file_size == data->len );
+        ret = fclose( file );
+        TEST_ASSERT( ret == 0 );
+    }
+
+    /* Check get data size is what we expect */
+    status = psa_crypto_storage_get_data_length( 1, &file_size );
+    TEST_ASSERT( status == expected_status );
+    if( expected_status == PSA_SUCCESS )
+        TEST_ASSERT( file_size == (size_t)expected_data_length );
+
+exit:
+    remove( slot_location );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void write_data_to_prexisting_file( char *preexist_file_location,
+                                    data_t *data, int expected_status )
+{
+    char slot_location[] = "psa_key_slot_1";
+    psa_status_t status;
+    int ret;
+    FILE *file;
+
+    /* Create file first */
+    file = fopen( preexist_file_location, "wb" );
+    TEST_ASSERT( file != NULL );
+    ret = fclose( file );
+    TEST_ASSERT( ret == 0 );
+
+    /* Write data to file. */
+    status = psa_crypto_storage_store( 1, data->x, data->len );
+
+    /* Check that we got the expected status. */
+    TEST_ASSERT( status == expected_status );
+    if( status != PSA_SUCCESS )
+        goto exit;
+
+exit:
+    remove( preexist_file_location );
+    remove( slot_location );
+}
+/* END_CASE */
diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 301d3333f..91cf2f0fc 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -230,6 +230,8 @@
     <ClInclude Include="..\..\include\psa\crypto_platform.h" />
     <ClInclude Include="..\..\include\psa\crypto_sizes.h" />
     <ClInclude Include="..\..\include\psa\crypto_struct.h" />
+    <ClInclude Include="..\..\library/psa_crypto_storage.h" />
+    <ClInclude Include="..\..\library/psa_crypto_storage_backend.h" />
   </ItemGroup>
   <ItemGroup>
     <ClCompile Include="..\..\library\aes.c" />
@@ -287,6 +289,8 @@
     <ClCompile Include="..\..\library\platform_util.c" />
     <ClCompile Include="..\..\library\poly1305.c" />
     <ClCompile Include="..\..\library\psa_crypto.c" />
+    <ClCompile Include="..\..\library\psa_crypto_storage.c" />
+    <ClCompile Include="..\..\library\psa_crypto_storage_file.c" />
     <ClCompile Include="..\..\library\ripemd160.c" />
     <ClCompile Include="..\..\library\rsa.c" />
     <ClCompile Include="..\..\library\rsa_internal.c" />

From 96ebf9efcfa64392f33ed862ad8ed6ec4b424360 Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Thu, 28 Jun 2018 18:02:17 +0300
Subject: [PATCH 658/889] psa: Add magic header to storage backend

Add a magic header to the storage format used with files. The
header is used as an initial check that the data is what we expect,
rather than garbage data.
---
 library/psa_crypto_storage.c | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c
index 5285826ce..0a5805b62 100644
--- a/library/psa_crypto_storage.c
+++ b/library/psa_crypto_storage.c
@@ -65,7 +65,14 @@
 }
 #endif
 
+/**
+ * Persistent key storage magic header.
+ */
+#define PSA_KEY_STORAGE_MAGIC_HEADER "PSA\0KEY"
+#define PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ( sizeof( PSA_KEY_STORAGE_MAGIC_HEADER ) )
+
 typedef struct {
+    uint8_t magic[PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH];
     uint8_t version[4];
     uint8_t type[sizeof( psa_key_type_t )];
     uint8_t policy[sizeof( psa_key_policy_t )];
@@ -82,6 +89,7 @@ void psa_format_key_data_for_storage( const uint8_t *data,
     psa_persistent_key_storage_format *storage_format =
         (psa_persistent_key_storage_format *) storage_data;
 
+    memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH );
     PUT_UINT32_LE(0, storage_format->version, 0);
     PUT_UINT32_LE(type, storage_format->type, 0);
     PUT_UINT32_LE(policy->usage, storage_format->policy, 0);
@@ -90,6 +98,14 @@ void psa_format_key_data_for_storage( const uint8_t *data,
     memcpy( storage_format->key_data, data, data_length );
 }
 
+static psa_status_t check_magic_header( const uint8_t *data )
+{
+    if( memcmp( data, PSA_KEY_STORAGE_MAGIC_HEADER,
+                PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ) != 0 )
+        return( PSA_ERROR_STORAGE_FAILURE );
+    return( PSA_SUCCESS );
+}
+
 psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data,
                                               size_t storage_data_length,
                                               uint8_t **key_data,
@@ -97,10 +113,18 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data,
                                               psa_key_type_t *type,
                                               psa_key_policy_t *policy )
 {
+    psa_status_t status;
     const psa_persistent_key_storage_format *storage_format =
         (const psa_persistent_key_storage_format *)storage_data;
     uint32_t version;
 
+    if( storage_data_length < sizeof(*storage_format) )
+        return( PSA_ERROR_STORAGE_FAILURE );
+
+    status = check_magic_header( storage_data );
+    if( status != PSA_SUCCESS )
+        return( status );
+
     GET_UINT32_LE(version, storage_format->version, 0);
     if( version != 0 )
         return( PSA_ERROR_STORAGE_FAILURE );

From 940d72c3e827753226138379ed8ff1947c55af1a Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Fri, 13 Jul 2018 13:18:51 +0100
Subject: [PATCH 659/889] psa: Refactor psa_import_key()

Create a new function psa_import_key_into_slot() from psa_import_key().
This is common functionality that will be used both when importing a
key and loading a key from persistent storage.
---
 library/psa_crypto.c | 53 ++++++++++++++++++++++++++++++--------------
 1 file changed, 36 insertions(+), 17 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 010c338c0..77d91c3cd 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -691,23 +691,18 @@ exit:
 }
 #endif /* defined(MBEDTLS_ECP_C) */
 
-psa_status_t psa_import_key( psa_key_slot_t key,
-                             psa_key_type_t type,
-                             const uint8_t *data,
-                             size_t data_length )
+static psa_status_t psa_import_key_into_slot( key_slot_t *slot,
+                                              const uint8_t *data,
+                                              size_t data_length )
 {
-    key_slot_t *slot;
     psa_status_t status = PSA_SUCCESS;
-    status = psa_get_empty_key_slot( key, &slot );
-    if( status != PSA_SUCCESS )
-        return( status );
 
-    if( key_type_is_raw_bytes( type ) )
+    if( key_type_is_raw_bytes( slot->type ) )
     {
         /* Ensure that a bytes-to-bit conversion won't overflow. */
         if( data_length > SIZE_MAX / 8 )
             return( PSA_ERROR_NOT_SUPPORTED );
-        status = prepare_raw_data_slot( type,
+        status = prepare_raw_data_slot( slot->type,
                                         PSA_BYTES_TO_BITS( data_length ),
                                         &slot->data.raw );
         if( status != PSA_SUCCESS )
@@ -717,9 +712,9 @@ psa_status_t psa_import_key( psa_key_slot_t key,
     }
     else
 #if defined(MBEDTLS_ECP_C)
-    if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) )
+    if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( slot->type ) )
     {
-        status = psa_import_ec_private_key( PSA_KEY_TYPE_GET_CURVE( type ),
+        status = psa_import_ec_private_key( PSA_KEY_TYPE_GET_CURVE( slot->type ),
                                             data, data_length,
                                             &slot->data.ecp );
         if( status != PSA_SUCCESS )
@@ -728,14 +723,15 @@ psa_status_t psa_import_key( psa_key_slot_t key,
     else
 #endif /* MBEDTLS_ECP_C */
 #if defined(MBEDTLS_PK_PARSE_C)
-    if( PSA_KEY_TYPE_IS_RSA( type ) || PSA_KEY_TYPE_IS_ECC( type ) )
+    if( PSA_KEY_TYPE_IS_RSA( slot->type ) ||
+        PSA_KEY_TYPE_IS_ECC( slot->type ) )
     {
         int ret;
         mbedtls_pk_context pk;
         mbedtls_pk_init( &pk );
 
         /* Parse the data. */
-        if( PSA_KEY_TYPE_IS_KEYPAIR( type ) )
+        if( PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
             ret = mbedtls_pk_parse_key( &pk, data, data_length, NULL, 0 );
         else
             ret = mbedtls_pk_parse_public_key( &pk, data, data_length );
@@ -746,13 +742,13 @@ psa_status_t psa_import_key( psa_key_slot_t key,
          * If it has the expected type and passes any type-specific
          * checks, store it. */
 #if defined(MBEDTLS_RSA_C)
-        if( PSA_KEY_TYPE_IS_RSA( type ) )
+        if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
             status = psa_import_rsa_key( &pk, &slot->data.rsa );
         else
 #endif /* MBEDTLS_RSA_C */
 #if defined(MBEDTLS_ECP_C)
-        if( PSA_KEY_TYPE_IS_ECC( type ) )
-            status = psa_import_ecp_key( PSA_KEY_TYPE_GET_CURVE( type ),
+        if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
+            status = psa_import_ecp_key( PSA_KEY_TYPE_GET_CURVE( slot->type ),
                                          &pk, &slot->data.ecp );
         else
 #endif /* MBEDTLS_ECP_C */
@@ -773,8 +769,31 @@ psa_status_t psa_import_key( psa_key_slot_t key,
     {
         return( PSA_ERROR_NOT_SUPPORTED );
     }
+    return( PSA_SUCCESS );
+}
+
+
+psa_status_t psa_import_key( psa_key_slot_t key,
+                             psa_key_type_t type,
+                             const uint8_t *data,
+                             size_t data_length )
+{
+    key_slot_t *slot;
+    psa_status_t status;
+
+    status = psa_get_empty_key_slot( key, &slot );
+    if( status != PSA_SUCCESS )
+        return( status );
 
     slot->type = type;
+
+    status = psa_import_key_into_slot( slot, data, data_length );
+    if( status != PSA_SUCCESS )
+    {
+        slot->type = PSA_KEY_TYPE_NONE;
+        return( status );
+    }
+
     return( PSA_SUCCESS );
 }
 

From 06fd18de375f6713763c1bd65c927f0933a6c493 Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Mon, 16 Jul 2018 11:21:11 +0100
Subject: [PATCH 660/889] psa: Move get_key_slot functions

Move the psa_get_key_slot and related static functions as they will need
to call psa_import_key_into_slot() for persistent keys.
---
 library/psa_crypto.c | 140 +++++++++++++++++++++----------------------
 1 file changed, 70 insertions(+), 70 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 77d91c3cd..11621ee8a 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -361,76 +361,6 @@ static psa_status_t mbedtls_to_psa_error( int ret )
     }
 }
 
-/* Retrieve a key slot, occupied or not. */
-static psa_status_t psa_get_key_slot( psa_key_slot_t key,
-                                      key_slot_t **p_slot )
-{
-    GUARD_MODULE_INITIALIZED;
-
-    /* 0 is not a valid slot number under any circumstance. This
-     * implementation provides slots number 1 to N where N is the
-     * number of available slots. */
-    if( key == 0 || key > ARRAY_LENGTH( global_data.key_slots ) )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
-    *p_slot = &global_data.key_slots[key - 1];
-    return( PSA_SUCCESS );
-}
-
-/* Retrieve an empty key slot (slot with no key data, but possibly
- * with some metadata such as a policy). */
-static psa_status_t psa_get_empty_key_slot( psa_key_slot_t key,
-                                            key_slot_t **p_slot )
-{
-    psa_status_t status;
-    key_slot_t *slot = NULL;
-
-    *p_slot = NULL;
-
-    status = psa_get_key_slot( key, &slot );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    if( slot->type != PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_OCCUPIED_SLOT );
-
-    *p_slot = slot;
-    return( status );
-}
-
-/** Retrieve a slot which must contain a key. The key must have allow all the
- * usage flags set in \p usage. If \p alg is nonzero, the key must allow
- * operations with this algorithm. */
-static psa_status_t psa_get_key_from_slot( psa_key_slot_t key,
-                                           key_slot_t **p_slot,
-                                           psa_key_usage_t usage,
-                                           psa_algorithm_t alg )
-{
-    psa_status_t status;
-    key_slot_t *slot = NULL;
-
-    *p_slot = NULL;
-
-    status = psa_get_key_slot( key, &slot );
-    if( status != PSA_SUCCESS )
-        return( status );
-    if( slot->type == PSA_KEY_TYPE_NONE )
-        return( PSA_ERROR_EMPTY_SLOT );
-
-    /* Enforce that usage policy for the key slot contains all the flags
-     * required by the usage parameter. There is one exception: public
-     * keys can always be exported, so we treat public key objects as
-     * if they had the export flag. */
-    if( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) )
-        usage &= ~PSA_KEY_USAGE_EXPORT;
-    if( ( slot->policy.usage & usage ) != usage )
-        return( PSA_ERROR_NOT_PERMITTED );
-    if( alg != 0 && ( alg != slot->policy.alg ) )
-        return( PSA_ERROR_NOT_PERMITTED );
-
-    *p_slot = slot;
-    return( PSA_SUCCESS );
-}
 
 
 
@@ -772,6 +702,76 @@ static psa_status_t psa_import_key_into_slot( key_slot_t *slot,
     return( PSA_SUCCESS );
 }
 
+/* Retrieve a key slot, occupied or not. */
+static psa_status_t psa_get_key_slot( psa_key_slot_t key,
+                                      key_slot_t **p_slot )
+{
+    GUARD_MODULE_INITIALIZED;
+
+    /* 0 is not a valid slot number under any circumstance. This
+     * implementation provides slots number 1 to N where N is the
+     * number of available slots. */
+    if( key == 0 || key > ARRAY_LENGTH( global_data.key_slots ) )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    *p_slot = &global_data.key_slots[key - 1];
+    return( PSA_SUCCESS );
+}
+
+/* Retrieve an empty key slot (slot with no key data, but possibly
+ * with some metadata such as a policy). */
+static psa_status_t psa_get_empty_key_slot( psa_key_slot_t key,
+                                            key_slot_t **p_slot )
+{
+    psa_status_t status;
+    key_slot_t *slot = NULL;
+
+    *p_slot = NULL;
+
+    status = psa_get_key_slot( key, &slot );
+    if( status != PSA_SUCCESS )
+        return( status );
+
+    if( slot->type != PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_OCCUPIED_SLOT );
+
+    *p_slot = slot;
+    return( status );
+}
+
+/** Retrieve a slot which must contain a key. The key must have allow all the
+ * usage flags set in \p usage. If \p alg is nonzero, the key must allow
+ * operations with this algorithm. */
+static psa_status_t psa_get_key_from_slot( psa_key_slot_t key,
+                                           key_slot_t **p_slot,
+                                           psa_key_usage_t usage,
+                                           psa_algorithm_t alg )
+{
+    psa_status_t status;
+    key_slot_t *slot = NULL;
+
+    *p_slot = NULL;
+
+    status = psa_get_key_slot( key, &slot );
+    if( status != PSA_SUCCESS )
+        return( status );
+    if( slot->type == PSA_KEY_TYPE_NONE )
+        return( PSA_ERROR_EMPTY_SLOT );
+
+    /* Enforce that usage policy for the key slot contains all the flags
+     * required by the usage parameter. There is one exception: public
+     * keys can always be exported, so we treat public key objects as
+     * if they had the export flag. */
+    if( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) )
+        usage &= ~PSA_KEY_USAGE_EXPORT;
+    if( ( slot->policy.usage & usage ) != usage )
+        return( PSA_ERROR_NOT_PERMITTED );
+    if( alg != 0 && ( alg != slot->policy.alg ) )
+        return( PSA_ERROR_NOT_PERMITTED );
+
+    *p_slot = slot;
+    return( PSA_SUCCESS );
+}
 
 psa_status_t psa_import_key( psa_key_slot_t key,
                              psa_key_type_t type,

From 40225ba70961d8e2e6260a563c1bc7c2290566be Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Thu, 15 Nov 2018 14:48:15 +0000
Subject: [PATCH 661/889] psa: Refactor psa_destroy_key()

Create a new function psa_remove_key_from_memory() from psa_destroy_key().
This is needed as psa_destroy_key() will remove all key data, including
persistent storage. mbedtls_psa_crypto_free() will now only free in-memory
data and not persistent data.
---
 library/psa_crypto.c | 84 +++++++++++++++++++++++++-------------------
 1 file changed, 48 insertions(+), 36 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 11621ee8a..c205e12f6 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -773,6 +773,42 @@ static psa_status_t psa_get_key_from_slot( psa_key_slot_t key,
     return( PSA_SUCCESS );
 }
 
+static psa_status_t psa_remove_key_data_from_memory( key_slot_t *slot )
+{
+    if( slot->type == PSA_KEY_TYPE_NONE )
+    {
+        /* No key material to clean. */
+    }
+    else if( key_type_is_raw_bytes( slot->type ) )
+    {
+        mbedtls_free( slot->data.raw.data );
+    }
+    else
+#if defined(MBEDTLS_RSA_C)
+    if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
+    {
+        mbedtls_rsa_free( slot->data.rsa );
+        mbedtls_free( slot->data.rsa );
+    }
+    else
+#endif /* defined(MBEDTLS_RSA_C) */
+#if defined(MBEDTLS_ECP_C)
+    if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
+    {
+        mbedtls_ecp_keypair_free( slot->data.ecp );
+        mbedtls_free( slot->data.ecp );
+    }
+    else
+#endif /* defined(MBEDTLS_ECP_C) */
+    {
+        /* Shouldn't happen: the key type is not any type that we
+         * put in. */
+        return( PSA_ERROR_TAMPERING_DETECTED );
+    }
+
+    return( PSA_SUCCESS );
+}
+
 psa_status_t psa_import_key( psa_key_slot_t key,
                              psa_key_type_t type,
                              const uint8_t *data,
@@ -805,41 +841,7 @@ psa_status_t psa_destroy_key( psa_key_slot_t key )
     status = psa_get_key_slot( key, &slot );
     if( status != PSA_SUCCESS )
         return( status );
-
-    if( slot->type == PSA_KEY_TYPE_NONE )
-    {
-        /* No key material to clean, but do zeroize the slot below to wipe
-         * metadata such as policies. */
-    }
-    else if( key_type_is_raw_bytes( slot->type ) )
-    {
-        mbedtls_free( slot->data.raw.data );
-    }
-    else
-#if defined(MBEDTLS_RSA_C)
-    if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
-    {
-        mbedtls_rsa_free( slot->data.rsa );
-        mbedtls_free( slot->data.rsa );
-    }
-    else
-#endif /* defined(MBEDTLS_RSA_C) */
-#if defined(MBEDTLS_ECP_C)
-    if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
-    {
-        mbedtls_ecp_keypair_free( slot->data.ecp );
-        mbedtls_free( slot->data.ecp );
-    }
-    else
-#endif /* defined(MBEDTLS_ECP_C) */
-    {
-        /* Shouldn't happen: the key type is not any type that we
-         * put in. */
-        return( PSA_ERROR_TAMPERING_DETECTED );
-    }
-
-    mbedtls_zeroize( slot, sizeof( *slot ) );
-    return( PSA_SUCCESS );
+    return( psa_remove_key_from_memory( slot ) );
 }
 
 /* Return the size of the key in the given slot, in bits. */
@@ -4231,8 +4233,18 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
 void mbedtls_psa_crypto_free( void )
 {
     psa_key_slot_t key;
+    key_slot_t *slot;
+    psa_status_t status;
+
     for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ )
-        psa_destroy_key( key );
+    {
+        status = psa_get_key_slot( key, &slot );
+        if( status != PSA_SUCCESS )
+            continue;
+        psa_remove_key_data_from_memory( slot );
+        /* Zeroize the slot to wipe metadata such as policies. */
+        mbedtls_zeroize( slot, sizeof( *slot ) );
+    }
     mbedtls_ctr_drbg_free( &global_data.ctr_drbg );
     mbedtls_entropy_free( &global_data.entropy );
     mbedtls_zeroize( &global_data, sizeof( global_data ) );

From d49a499d033def28cbd5132d17974e462c628bda Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Mon, 18 Jun 2018 17:27:26 +0100
Subject: [PATCH 662/889] psa: Implement persistent keys

Allow use of persistent keys, including configuring them, importing and
exporting them, and destroying them.

When getting a slot using psa_get_key_slot, there are 3 scenarios that
can occur if the keys lifetime is persistent:

1. Key type is PSA_KEY_TYPE_NONE, no persistent storage entry:
   -  The key slot is treated as a standard empty key slot
2. Key type is PSA_KEY_TYPE_NONE, persistent storage entry exists:
   -  Attempt to load the key from persistent storage
3. Key type is not PSA_KEY_TYPE_NONE:
   -  As checking persistent storage on every use of the key could
      be expensive, the persistent key is assumed to be saved in
      persistent storage, the in-memory key is continued to be used.
---
 crypto/tests/Makefile                         |   3 +
 include/psa/crypto.h                          |  11 +
 library/psa_crypto.c                          |  83 ++++-
 scripts/mbed_crypto.make                      |   2 +
 tests/CMakeLists.txt                          |   1 +
 tests/suites/test_suite_psa_crypto.data       |   4 +
 tests/suites/test_suite_psa_crypto.function   |  81 +++++
 .../test_suite_psa_crypto_persistent_key.data |  78 ++++
 ...t_suite_psa_crypto_persistent_key.function | 341 ++++++++++++++++++
 9 files changed, 599 insertions(+), 5 deletions(-)
 create mode 100644 tests/suites/test_suite_psa_crypto_persistent_key.data
 create mode 100644 tests/suites/test_suite_psa_crypto_persistent_key.function

diff --git a/crypto/tests/Makefile b/crypto/tests/Makefile
index 2f68e8677..cc4355bed 100644
--- a/crypto/tests/Makefile
+++ b/crypto/tests/Makefile
@@ -16,12 +16,14 @@ PYTHON ?= python
 APPS := \
 	test_suite_psa_crypto \
 	test_suite_psa_crypto_metadata \
+	test_suite_psa_crypto_persistent_key \
 	test_suite_psa_crypto_storage_file \
 # Don't delete this line.
 
 # Look up for associated function files
 func.test_suite_psa_crypto := test_suite_psa_crypto
 func.test_suite_psa_crypto_metadata := test_suite_psa_crypto_metadata
+func.test_suite_psa_crypto_persistent_key := test_suite_psa_crypto_persistent_key
 func.test_suite_psa_crypto_storage_file := test_suite_psa_crypto_storage_file
 
 .SILENT:
@@ -58,6 +60,7 @@ clean:
 test: $(APPS)
 	./test_suite_psa_crypto_metadata
 	./test_suite_psa_crypto
+	./test_suite_psa_crypto_persistent_key
 	./test_suite_psa_crypto_storage_file
 
 # Create separate targets for generating embedded tests.
diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index d1a3f0f3b..1ca64922e 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1441,6 +1441,7 @@ typedef uint32_t psa_algorithm_t;
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
  * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_STORAGE_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
@@ -1922,6 +1923,16 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
  * whether the lifetime of an occupied key slot can be changed, is
  * implementation-dependent.
  *
+ * When creating a persistent key, you must call this function before creating
+ * the key material with psa_import_key(), psa_generate_key() or
+ * psa_generator_import_key(). To open an existing persistent key, you must
+ * call this function with the correct lifetime value before using the slot
+ * for a cryptographic operation. Once a slot's lifetime has been set,
+ * the lifetime remains associated with the slot until a subsequent call to
+ * psa_set_key_lifetime(), until the key is wiped with psa_destroy_key or
+ * until the application terminates (or disconnects from the cryptography
+ * service, if the implementation offers such a possibility).
+ *
  * \param key           Slot whose lifetime is to be changed.
  * \param lifetime      The lifetime value to set for the given key slot.
  *
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c205e12f6..6b089831e 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -43,6 +43,10 @@
 
 #include "psa/crypto.h"
 
+/* Include internal declarations that are useful for implementing persistently
+ * stored keys. */
+#include "psa_crypto_storage.h"
+
 #include <stdlib.h>
 #include <string.h>
 #if defined(MBEDTLS_PLATFORM_C)
@@ -702,6 +706,27 @@ static psa_status_t psa_import_key_into_slot( key_slot_t *slot,
     return( PSA_SUCCESS );
 }
 
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t key,
+                                                       key_slot_t *p_slot )
+{
+    psa_status_t status = PSA_SUCCESS;
+    uint8_t *key_data = NULL;
+    size_t key_data_length = 0;
+
+    status = psa_load_persistent_key( key, &( p_slot )->type,
+                                      &( p_slot )->policy, &key_data,
+                                      &key_data_length );
+    if( status != PSA_SUCCESS )
+        goto exit;
+    status = psa_import_key_into_slot( p_slot,
+                                       key_data, key_data_length );
+exit:
+    psa_free_persistent_key_data( key_data, key_data_length );
+    return( status );
+}
+#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
+
 /* Retrieve a key slot, occupied or not. */
 static psa_status_t psa_get_key_slot( psa_key_slot_t key,
                                       key_slot_t **p_slot )
@@ -715,6 +740,23 @@ static psa_status_t psa_get_key_slot( psa_key_slot_t key,
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     *p_slot = &global_data.key_slots[key - 1];
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+    if( ( *p_slot )->lifetime == PSA_KEY_LIFETIME_PERSISTENT )
+    {
+        /* There are two circumstances this can occur: the key material has
+         * not yet been created, or the key exists in storage but has not yet
+         * been loaded into memory. */
+        if( ( *p_slot )->type == PSA_KEY_TYPE_NONE )
+        {
+            psa_status_t status = PSA_SUCCESS;
+            status = psa_load_persistent_key_into_slot( key, *p_slot );
+            if( status != PSA_ERROR_EMPTY_SLOT )
+                return( status );
+        }
+    }
+#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
+
     return( PSA_SUCCESS );
 }
 
@@ -830,18 +872,44 @@ psa_status_t psa_import_key( psa_key_slot_t key,
         return( status );
     }
 
-    return( PSA_SUCCESS );
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+    if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT )
+    {
+        /* Store in file location */
+        status = psa_save_persistent_key( key, slot->type, &slot->policy, data,
+                                          data_length );
+        if( status != PSA_SUCCESS )
+        {
+            (void) psa_remove_key_data_from_memory( slot );
+            slot->type = PSA_KEY_TYPE_NONE;
+        }
+    }
+#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
+
+    return( status );
 }
 
 psa_status_t psa_destroy_key( psa_key_slot_t key )
 {
     key_slot_t *slot;
-    psa_status_t status;
+    psa_status_t status = PSA_SUCCESS;
+    psa_status_t storage_status = PSA_SUCCESS;
 
     status = psa_get_key_slot( key, &slot );
     if( status != PSA_SUCCESS )
         return( status );
-    return( psa_remove_key_from_memory( slot ) );
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+    if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT )
+    {
+        storage_status = psa_destroy_persistent_key( key );
+    }
+#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
+    status = psa_remove_key_data_from_memory( slot );
+    /* Zeroize the slot to wipe metadata such as policies. */
+    mbedtls_zeroize( slot, sizeof( *slot ) );
+    if( status != PSA_SUCCESS )
+        return( status );
+    return( storage_status );
 }
 
 /* Return the size of the key in the given slot, in bits. */
@@ -2974,16 +3042,21 @@ psa_status_t psa_set_key_lifetime( psa_key_slot_t key,
 
     if( lifetime != PSA_KEY_LIFETIME_VOLATILE &&
         lifetime != PSA_KEY_LIFETIME_PERSISTENT &&
-        lifetime != PSA_KEY_LIFETIME_WRITE_ONCE)
+        lifetime != PSA_KEY_LIFETIME_WRITE_ONCE )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     status = psa_get_empty_key_slot( key, &slot );
     if( status != PSA_SUCCESS )
         return( status );
 
-    if( lifetime != PSA_KEY_LIFETIME_VOLATILE )
+    if( lifetime == PSA_KEY_LIFETIME_WRITE_ONCE )
         return( PSA_ERROR_NOT_SUPPORTED );
 
+#if !defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+    if( lifetime == PSA_KEY_LIFETIME_PERSISTENT )
+        return( PSA_ERROR_NOT_SUPPORTED );
+#endif
+
     slot->lifetime = lifetime;
 
     return( PSA_SUCCESS );
diff --git a/scripts/mbed_crypto.make b/scripts/mbed_crypto.make
index ab54d555f..f51f5f8f3 100644
--- a/scripts/mbed_crypto.make
+++ b/scripts/mbed_crypto.make
@@ -158,6 +158,8 @@ TEST_FILES := \
 	tests/suites/test_suite_psa_crypto_hash.function \
 	tests/suites/test_suite_psa_crypto_metadata.data \
 	tests/suites/test_suite_psa_crypto_metadata.function \
+	tests/suites/test_suite_psa_crypto_persistent_key.data \
+	tests/suites/test_suite_psa_crypto_persistent_key.function \
 	tests/suites/test_suite_psa_crypto_storage_file.data \
 	tests/suites/test_suite_psa_crypto_storage_file.function \
 # Don't delete this line.
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 7af7fcf18..34658c8e1 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -113,6 +113,7 @@ add_test_suite(poly1305)
 add_test_suite(psa_crypto)
 add_test_suite(psa_crypto_hash)
 add_test_suite(psa_crypto_metadata)
+add_test_suite(psa_crypto_persistent_key)
 add_test_suite(psa_crypto_storage_file)
 add_test_suite(shax)
 add_test_suite(ssl)
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index ea214d25a..7e70de38a 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1834,3 +1834,7 @@ validate_module_init_generate_random:
 
 PSA validate module initialization: key based
 validate_module_init_key_based:
+
+persistent key can be accessed after in-memory deletion: AES, 128 bits, CTR
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 674a6e9fe..4692dbe84 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -4030,3 +4030,84 @@ void validate_module_init_key_based( )
     TEST_ASSERT( status == PSA_ERROR_BAD_STATE );
 }
 /* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
+void persistent_key_load_key_from_storage( data_t *data, int type_arg,
+                                           int bits, int usage_arg,
+                                           int alg_arg )
+{
+    psa_key_slot_t slot = 1;
+    psa_key_type_t type = (psa_key_type_t) type_arg;
+    psa_key_type_t type_get;
+    size_t bits_get;
+    psa_key_policy_t policy_set;
+    psa_key_policy_t policy_get;
+    psa_key_usage_t policy_usage = (psa_key_usage_t) usage_arg;
+    psa_algorithm_t policy_alg = (psa_algorithm_t) alg_arg;
+    unsigned char *first_export = NULL;
+    unsigned char *second_export = NULL;
+    size_t export_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits );
+    size_t first_exported_length;
+    size_t second_exported_length;
+
+    ASSERT_ALLOC( first_export, export_size );
+    ASSERT_ALLOC( second_export, export_size );
+
+    TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_set_key_lifetime(
+        slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy_set );
+
+    psa_key_policy_set_usage( &policy_set, policy_usage,
+                              policy_alg );
+
+    TEST_ASSERT( psa_set_key_policy( slot, &policy_set ) == PSA_SUCCESS );
+
+    /* Import the key */
+    TEST_ASSERT( psa_import_key( slot, type,
+                                 data->x, data->len ) == PSA_SUCCESS );
+
+    /* Export the key */
+    TEST_ASSERT( psa_export_key( slot, first_export, export_size,
+                                 &first_exported_length ) == PSA_SUCCESS );
+
+    /* Shutdown and restart */
+    mbedtls_psa_crypto_free();
+
+    TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
+
+    /* Mark slot as persistent again */
+    TEST_ASSERT( psa_set_key_lifetime(
+        slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS );
+
+    /* Check key slot still contains key data */
+    TEST_ASSERT( psa_get_key_information(
+        slot, &type_get, &bits_get ) == PSA_SUCCESS );
+    TEST_ASSERT( type_get == type );
+    TEST_ASSERT( bits_get == (size_t) bits );
+
+    TEST_ASSERT( psa_get_key_policy( slot, &policy_get ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_key_policy_get_usage(
+        &policy_get ) == policy_usage );
+    TEST_ASSERT( psa_key_policy_get_algorithm(
+        &policy_get ) == policy_alg );
+
+    /* Export the key again */
+    TEST_ASSERT( psa_export_key( slot, second_export, export_size,
+                                 &second_exported_length ) == PSA_SUCCESS );
+
+    ASSERT_COMPARE( first_export, first_exported_length,
+                    second_export, second_exported_length );
+
+    ASSERT_COMPARE( data->x, data->len,
+                    first_export, first_exported_length );
+
+exit:
+    mbedtls_free( first_export );
+    mbedtls_free( second_export );
+    psa_destroy_key( slot );
+    mbedtls_psa_crypto_free();
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data
new file mode 100644
index 000000000..46e547c93
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.data
@@ -0,0 +1,78 @@
+PSA Storage format data for storage
+format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION
+
+PSA Storage parse stored data
+parse_storage_data_check:"505341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_SUCCESS
+
+PSA Storage parse stored data wrong version, should fail
+parse_storage_data_check:"505341004b455900ffffffff000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE
+
+PSA Storage parse too big data, should fail
+parse_storage_data_check:"505341004b45590000000000000001700100000000000012ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE
+
+PSA Storage parse bad magic, should fail
+parse_storage_data_check:"645341004b45590000000000000001700100000000000012620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE
+
+PSA Storage parse not enough magic, should fail
+parse_storage_data_check:"505341004b4559":"":PSA_KEY_TYPE_RSA_KEYPAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ERROR_STORAGE_FAILURE
+
+# Not specific to files, but only run this test in an environment where the maximum size could be reached.
+Save maximum size persistent raw key
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+save_large_persistent_key:0:PSA_SUCCESS
+
+Save larger than maximum size persistent raw key, should fail
+save_large_persistent_key:1:PSA_ERROR_INSUFFICIENT_STORAGE
+
+Persistent key is configurable
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+persistent_key_is_configurable:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+Persistent key destroy
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+persistent_key_destroy:1:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef"
+
+Persistent key destroy missing key
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+persistent_key_destroy:1:0:PSA_KEY_TYPE_RSA_KEYPAIR:"":PSA_KEY_TYPE_RAW_DATA:"deadbeef"
+
+Key lifetime defaults to volatile
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+default_volatile_lifetime:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
+
+Persistent key import
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+persistent_key_import:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_SUCCESS
+
+Persistent key import garbage data, should fail
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+persistent_key_import:1:PSA_KEY_TYPE_RSA_KEYPAIR:"11111111":PSA_ERROR_INVALID_ARGUMENT
+
+import/export persistent raw key: 0 byte
+import_export_persistent_key:"":PSA_KEY_TYPE_RAW_DATA:0:0
+
+import/export persistent raw key: 1 byte
+import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:0
+
+import/export persistent key RSA public key: good, 1024-bit
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export_persistent_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:0
+
+import/export persistent key RSA keypair: good, 1024-bit
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:0
+
+import/export persistent raw key file not exist: 1 byte
+import_export_persistent_key:"2a":PSA_KEY_TYPE_RAW_DATA:8:1
+
+import/export persistent key RSA public key file not exist: 1024-bit
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export_persistent_key:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:1
+
+import/export persistent key RSA keypair file not exist: 1024-bit
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export_persistent_key:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RSA_KEYPAIR:1024:1
+
+PSA import/export-persistent symmetric key: 16 bytes
+depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
+import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:0
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function
new file mode 100644
index 000000000..505f1f9e1
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.function
@@ -0,0 +1,341 @@
+/* BEGIN_HEADER */
+#include <stdint.h>
+#include "psa/crypto.h"
+#include "psa_crypto_storage.h"
+#include "psa_crypto_storage_backend.h"
+#include "mbedtls/md.h"
+
+#define PSA_KEY_STORAGE_MAGIC_HEADER "PSA\0KEY"
+#define PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH ( sizeof( PSA_KEY_STORAGE_MAGIC_HEADER ) )
+
+typedef struct {
+    uint8_t magic[PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH];
+    uint8_t version[4];
+    uint8_t type[sizeof( psa_key_type_t )];
+    uint8_t policy[sizeof( psa_key_policy_t )];
+    uint8_t data_len[4];
+    uint8_t key_data[];
+} psa_persistent_key_storage_format;
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void format_storage_data_check( data_t *key_data,
+                                data_t *expected_file_data,
+                                int key_type, int key_usage, int key_alg )
+{
+    uint8_t *file_data;
+    size_t file_data_length;
+    psa_key_policy_t key_policy;
+
+    key_policy.usage = (psa_key_usage_t) key_usage;
+    key_policy.alg = (psa_algorithm_t) key_alg;
+
+    file_data_length = key_data->len + sizeof( psa_persistent_key_storage_format );
+    file_data = mbedtls_calloc( 1, file_data_length );
+    psa_format_key_data_for_storage( key_data->x, key_data->len,
+                                     (psa_key_type_t) key_type, &key_policy,
+                                     file_data );
+
+    ASSERT_COMPARE( expected_file_data->x, expected_file_data->len,
+                    file_data, file_data_length );
+    mbedtls_free( file_data );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void parse_storage_data_check( data_t *file_data,
+                               data_t *expected_key_data,
+                               int expected_key_type,
+                               int expected_key_usage,
+                               int expected_key_alg,
+                               int expected_status )
+{
+    uint8_t *key_data = NULL;
+    size_t key_data_length = 0;
+    psa_key_type_t key_type = 0;
+    psa_key_policy_t key_policy;
+    psa_status_t status;
+
+    status = psa_parse_key_data_from_storage( file_data->x, file_data->len,
+                                              &key_data, &key_data_length,
+                                              &key_type, &key_policy );
+
+    TEST_ASSERT( status == expected_status );
+    if( status != PSA_SUCCESS )
+        goto exit;
+
+    TEST_ASSERT( key_type == (psa_key_type_t) expected_key_type );
+    TEST_ASSERT( key_policy.usage == (uint32_t) expected_key_usage );
+    TEST_ASSERT( key_policy.alg == (uint32_t) expected_key_alg );
+    ASSERT_COMPARE( expected_key_data->x, expected_key_data->len,
+                    key_data, key_data_length );
+
+exit:
+    mbedtls_free( key_data );
+}
+/* END_CASE */
+
+
+/* BEGIN_CASE */
+void save_large_persistent_key( int data_too_large, int expected_status )
+{
+    psa_key_slot_t slot = 1;
+    uint8_t *data = NULL;
+    size_t data_length = PSA_CRYPTO_MAX_STORAGE_SIZE;
+
+    if( data_too_large )
+        data_length += 1;
+
+    ASSERT_ALLOC( data, data_length );
+
+    TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_set_key_lifetime(
+        slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, PSA_KEY_TYPE_RAW_DATA,
+        data, data_length ) == expected_status );
+
+exit:
+    mbedtls_free( data );
+    psa_destroy_persistent_key( slot );
+    mbedtls_psa_crypto_free();
+}
+/* END_CASE */
+
+
+/* BEGIN_CASE */
+void persistent_key_is_configurable( int slot_arg, int type_arg,
+                                     data_t *data )
+{
+    psa_key_policy_t policy;
+    psa_key_lifetime_t lifetime;
+    psa_key_slot_t slot = (psa_key_slot_t) slot_arg;
+    psa_key_type_t type = (psa_key_type_t) type_arg;
+
+    TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_set_key_lifetime(
+        slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key( slot, type,
+                                 data->x, data->len ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_get_key_lifetime( slot, &lifetime ) == PSA_SUCCESS );
+
+    TEST_ASSERT( lifetime == PSA_KEY_LIFETIME_PERSISTENT );
+
+exit:
+    psa_destroy_persistent_key( slot );
+    mbedtls_psa_crypto_free();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void persistent_key_destroy( int slot_arg, int should_store,
+                             int first_type_arg, data_t *first_data,
+                             int second_type_arg, data_t *second_data )
+{
+    psa_key_policy_t policy;
+    psa_key_slot_t slot = (psa_key_slot_t) slot_arg;
+    psa_key_type_t first_type = (psa_key_type_t) first_type_arg;
+    psa_key_type_t second_type = (psa_key_type_t) second_type_arg;
+
+    TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_set_key_lifetime(
+        slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+
+    if( should_store == 1 )
+    {
+        TEST_ASSERT( psa_import_key(
+            slot, first_type,
+            first_data->x, first_data->len ) == PSA_SUCCESS );
+    }
+
+    /* Destroy the key */
+    TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_get_key_information(
+        slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
+
+    /* Check key slot storage is removed */
+    TEST_ASSERT( psa_is_key_present_in_storage( slot ) == 0 );
+
+    /* Check destroying the key again doesn't report failure */
+    TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_get_key_information(
+        slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
+
+    /* Shutdown and restart */
+    mbedtls_psa_crypto_free();
+
+    TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
+
+    /* Mark slot as persistent again */
+    TEST_ASSERT( psa_set_key_lifetime(
+        slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS );
+
+    /* Check key slot is empty */
+    TEST_ASSERT( psa_get_key_information(
+        slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
+
+    /* Import different key data to ensure slot really was empty */
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT,
+                              PSA_ALG_VENDOR_FLAG );
+
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_import_key(
+        slot, second_type,
+        second_data->x, second_data->len ) == PSA_SUCCESS );
+
+exit:
+    psa_destroy_persistent_key( slot );
+    mbedtls_psa_crypto_free();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void default_volatile_lifetime( int slot_arg, int type_arg, data_t *data )
+{
+    psa_key_policy_t policy;
+    psa_key_slot_t slot = (psa_key_slot_t) slot_arg;
+    psa_key_type_t type = (psa_key_type_t) type_arg;
+
+    TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+
+    TEST_ASSERT( psa_import_key( slot, type,
+                                 data->x, data->len ) == PSA_SUCCESS );
+
+    /* Shutdown and restart */
+    mbedtls_psa_crypto_free();
+
+    TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
+
+    /* Check key slot is empty */
+    TEST_ASSERT( psa_get_key_information(
+        slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
+
+exit:
+    psa_destroy_persistent_key( slot );
+    mbedtls_psa_crypto_free();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void persistent_key_import( int slot_arg, int type_arg, data_t *data,
+                            int expected_status )
+{
+    psa_key_policy_t policy;
+    psa_key_lifetime_t lifetime;
+    psa_key_slot_t slot = (psa_key_slot_t) slot_arg;
+    psa_key_type_t type = (psa_key_type_t) type_arg;
+
+    TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_set_key_lifetime(
+        slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+
+    TEST_ASSERT( psa_import_key( slot, type,
+                                 data->x, data->len ) == expected_status );
+
+    if( expected_status != PSA_SUCCESS )
+    {
+        TEST_ASSERT( psa_is_key_present_in_storage( slot ) == 0 );
+        goto exit;
+    }
+
+    TEST_ASSERT( psa_get_key_lifetime( slot, &lifetime ) == PSA_SUCCESS );
+
+    TEST_ASSERT( lifetime == PSA_KEY_LIFETIME_PERSISTENT );
+
+exit:
+    psa_destroy_persistent_key( slot );
+    mbedtls_psa_crypto_free();
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void import_export_persistent_key( data_t *data, int type_arg,
+                                   int expected_bits, int key_not_exist )
+{
+    psa_key_slot_t slot = 1;
+    psa_key_type_t type = (psa_key_type_t) type_arg;
+    unsigned char *exported = NULL;
+    size_t export_size = data->len;
+    size_t exported_length;
+    psa_key_type_t got_type;
+    size_t got_bits;
+    psa_key_policy_t policy;
+    psa_key_lifetime_t lifetime_get;
+
+    ASSERT_ALLOC( exported, export_size );
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_set_key_lifetime(
+        slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT,
+                              PSA_ALG_VENDOR_FLAG );
+
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    /* Import the key */
+    TEST_ASSERT( psa_import_key( slot, type,
+                                 data->x, data->len ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_get_key_lifetime(
+        slot, &lifetime_get ) == PSA_SUCCESS );
+    TEST_ASSERT( lifetime_get == PSA_KEY_LIFETIME_PERSISTENT );
+
+    /* Test the key information */
+    TEST_ASSERT( psa_get_key_information(
+        slot, &got_type, &got_bits ) == PSA_SUCCESS );
+    TEST_ASSERT( got_type == type );
+    TEST_ASSERT( got_bits == (size_t) expected_bits );
+
+    TEST_ASSERT( psa_is_key_present_in_storage( slot ) == 1 );
+
+    if( key_not_exist )
+    {
+        psa_destroy_persistent_key( slot );
+    }
+    /* Export the key */
+    TEST_ASSERT( psa_export_key( slot, exported, export_size,
+                                 &exported_length ) == PSA_SUCCESS );
+
+    ASSERT_COMPARE( data->x, data->len, exported, exported_length );
+
+    /* Destroy the key */
+    TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_get_key_information(
+                     slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
+    TEST_ASSERT( psa_is_key_present_in_storage( slot ) == 0 );
+
+exit:
+    mbedtls_free( exported );
+    psa_destroy_persistent_key( slot );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */

From dd8fb777ce245c4e21a5806270e806d888ee52a7 Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Wed, 7 Nov 2018 16:00:44 +0000
Subject: [PATCH 663/889] psa: Refactor psa_internal_export_key to use slot,
 rather than key

When generating keys that have persistent lifetime, we will need
the keys to be in the exported format to save to persistent storage.
This refactoring to separate checking the slots usage from the
exporting of the key data will be necessary for using
psa_internal_export_key in psa_generate_key.
---
 library/psa_crypto.c | 52 ++++++++++++++++++++++++++++----------------
 1 file changed, 33 insertions(+), 19 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 6b089831e..74c3cfc0b 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -953,30 +953,14 @@ psa_status_t psa_get_key_information( psa_key_slot_t key,
     return( PSA_SUCCESS );
 }
 
-static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
+static  psa_status_t psa_internal_export_key( key_slot_t *slot,
                                               uint8_t *data,
                                               size_t data_size,
                                               size_t *data_length,
                                               int export_public_key )
 {
-    key_slot_t *slot;
-    psa_status_t status;
-    /* Exporting a public key doesn't require a usage flag. If we're
-     * called by psa_export_public_key(), don't require the EXPORT flag.
-     * If we're called by psa_export_key(), do require the EXPORT flag;
-     * if the key turns out to be public key object, psa_get_key_from_slot()
-     * will ignore this flag. */
-    psa_key_usage_t usage = export_public_key ? 0 : PSA_KEY_USAGE_EXPORT;
-
-    /* Set the key to empty now, so that even when there are errors, we always
-     * set data_length to a value between 0 and data_size. On error, setting
-     * the key to empty is a good choice because an empty key representation is
-     * unlikely to be accepted anywhere. */
     *data_length = 0;
 
-    status = psa_get_key_from_slot( key, &slot, usage, 0 );
-    if( status != PSA_SUCCESS )
-        return( status );
     if( export_public_key && ! PSA_KEY_TYPE_IS_ASYMMETRIC( slot->type ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
@@ -996,6 +980,8 @@ static  psa_status_t psa_internal_export_key( psa_key_slot_t key,
 #if defined(MBEDTLS_ECP_C)
     if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( slot->type ) && !export_public_key )
     {
+        psa_status_t status;
+
         size_t bytes = PSA_BITS_TO_BYTES( psa_get_key_bits( slot ) );
         if( bytes > data_size )
             return( PSA_ERROR_BUFFER_TOO_SMALL );
@@ -1080,7 +1066,22 @@ psa_status_t psa_export_key( psa_key_slot_t key,
                              size_t data_size,
                              size_t *data_length )
 {
-    return( psa_internal_export_key( key, data, data_size,
+    key_slot_t *slot;
+    psa_status_t status;
+
+    /* Set the key to empty now, so that even when there are errors, we always
+     * set data_length to a value between 0 and data_size. On error, setting
+     * the key to empty is a good choice because an empty key representation is
+     * unlikely to be accepted anywhere. */
+    *data_length = 0;
+
+    /* Export requires the EXPORT flag. There is an exception for public keys,
+     * which don't require any flag, but psa_get_key_from_slot takes
+     * care of this. */
+    status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_EXPORT, 0 );
+    if( status != PSA_SUCCESS )
+        return( status );
+    return( psa_internal_export_key( slot, data, data_size,
                                      data_length, 0 ) );
 }
 
@@ -1089,7 +1090,20 @@ psa_status_t psa_export_public_key( psa_key_slot_t key,
                                     size_t data_size,
                                     size_t *data_length )
 {
-    return( psa_internal_export_key( key, data, data_size,
+    key_slot_t *slot;
+    psa_status_t status;
+
+    /* Set the key to empty now, so that even when there are errors, we always
+     * set data_length to a value between 0 and data_size. On error, setting
+     * the key to empty is a good choice because an empty key representation is
+     * unlikely to be accepted anywhere. */
+    *data_length = 0;
+
+    /* Exporting a public key doesn't require a usage flag. */
+    status = psa_get_key_from_slot( key, &slot, 0, 0 );
+    if( status != PSA_SUCCESS )
+        return( status );
+    return( psa_internal_export_key( slot, data, data_size,
                                      data_length, 1 ) );
 }
 

From 0c6575a84dd77076b9f976396b07e3b39f56d316 Mon Sep 17 00:00:00 2001
From: Darryl Green <darryl.green@arm.com>
Date: Wed, 7 Nov 2018 16:05:30 +0000
Subject: [PATCH 664/889] psa: Extend psa_generate_key to support persistent
 lifetimes

---
 library/psa_crypto.c                          | 41 +++++++++-
 tests/suites/test_suite_psa_crypto.data       | 30 +++++++-
 tests/suites/test_suite_psa_crypto.function   | 76 ++++++++++++++++---
 ...t_suite_psa_crypto_persistent_key.function |  1 +
 4 files changed, 136 insertions(+), 12 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 74c3cfc0b..58cb73830 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1107,6 +1107,37 @@ psa_status_t psa_export_public_key( psa_key_slot_t key,
                                      data_length, 1 ) );
 }
 
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+static psa_status_t psa_save_generated_persistent_key( psa_key_slot_t key,
+                                                       key_slot_t *slot,
+                                                       size_t bits )
+{
+    psa_status_t status;
+    uint8_t *data;
+    size_t key_length;
+    size_t data_size = PSA_KEY_EXPORT_MAX_SIZE( slot->type, bits );
+    data = mbedtls_calloc( 1, data_size );
+    /* Get key data in export format */
+    status = psa_internal_export_key( slot, data, data_size, &key_length, 0 );
+    if( status != PSA_SUCCESS )
+    {
+        slot->type = PSA_KEY_TYPE_NONE;
+        goto exit;
+    }
+    /* Store in file location */
+    status = psa_save_persistent_key( key, slot->type, &slot->policy,
+                                      data, key_length );
+    if( status != PSA_SUCCESS )
+    {
+        slot->type = PSA_KEY_TYPE_NONE;
+    }
+exit:
+    mbedtls_zeroize( data, key_length );
+    mbedtls_free( data );
+    return( status );
+}
+#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
+
 
 
 /****************************************************************/
@@ -4309,7 +4340,15 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
         return( PSA_ERROR_NOT_SUPPORTED );
 
     slot->type = type;
-    return( PSA_SUCCESS );
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+    if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT )
+    {
+        return( psa_save_generated_persistent_key( key, slot, bits ) );
+    }
+#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
+
+    return( status );
 }
 
 
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 7e70de38a..e1c1b0545 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1837,4 +1837,32 @@ validate_module_init_key_based:
 
 persistent key can be accessed after in-memory deletion: AES, 128 bits, CTR
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
-persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR
+persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:IMPORT_KEY:PSA_SUCCESS
+
+PSA generate persistent key: raw data, 8 bits
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0:GENERATE_KEY:PSA_SUCCESS
+
+PSA generate persistent key: AES, 128 bits, CTR
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:GENERATE_KEY:PSA_SUCCESS
+
+PSA generate persistent key: DES, 64 bits, CBC-nopad
+depends_on:MBEDTLS_DES_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:GENERATE_KEY:PSA_SUCCESS
+
+PSA generate persistent key: RSA, 1024 bits, good, sign (PSS SHA-256)
+depends_on:MBEDTLS_RSA_C:MBEDTLS_GENPRIME:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_RSA_KEYPAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):GENERATE_KEY:PSA_SUCCESS
+
+PSA generate persistent key: ECC, SECP256R1, good
+depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:GENERATE_KEY:PSA_SUCCESS
+
+PSA derive persistent key: HKDF SHA-256
+depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_TYPE_RAW_DATA:1024:PSA_KEY_USAGE_EXPORT:0:DERIVE_KEY:PSA_SUCCESS
+
+PSA generate persistent key: AES, 128 bits, CTR
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR:MBEDTLS_PSA_CRYPTO_STORAGE_C
+persistent_key_load_key_from_storage:"":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:GENERATE_KEY:PSA_ERROR_NOT_PERMITTED
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 4692dbe84..53295befa 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -844,6 +844,13 @@ static psa_key_usage_t usage_to_exercise( psa_key_type_t type,
     }
 
 }
+
+typedef enum {
+    IMPORT_KEY = 0,
+    GENERATE_KEY = 1,
+    DERIVE_KEY = 2
+} generate_method;
+
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
@@ -4034,9 +4041,11 @@ void validate_module_init_key_based( )
 /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
 void persistent_key_load_key_from_storage( data_t *data, int type_arg,
                                            int bits, int usage_arg,
-                                           int alg_arg )
+                                           int alg_arg, int generation_method,
+                                           int export_status )
 {
     psa_key_slot_t slot = 1;
+    psa_key_slot_t base_key = 2;
     psa_key_type_t type = (psa_key_type_t) type_arg;
     psa_key_type_t type_get;
     size_t bits_get;
@@ -4044,6 +4053,9 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg,
     psa_key_policy_t policy_get;
     psa_key_usage_t policy_usage = (psa_key_usage_t) usage_arg;
     psa_algorithm_t policy_alg = (psa_algorithm_t) alg_arg;
+    psa_key_policy_t base_policy_set;
+    psa_algorithm_t base_policy_alg = PSA_ALG_HKDF(PSA_ALG_SHA_256);
+    psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
     unsigned char *first_export = NULL;
     unsigned char *second_export = NULL;
     size_t export_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits );
@@ -4064,14 +4076,44 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg,
                               policy_alg );
 
     TEST_ASSERT( psa_set_key_policy( slot, &policy_set ) == PSA_SUCCESS );
+    switch( generation_method )
+    {
+        case IMPORT_KEY:
+            /* Import the key */
+            TEST_ASSERT( psa_import_key( slot, type,
+                                         data->x, data->len ) == PSA_SUCCESS );
+            break;
 
-    /* Import the key */
-    TEST_ASSERT( psa_import_key( slot, type,
-                                 data->x, data->len ) == PSA_SUCCESS );
+        case GENERATE_KEY:
+            /* Generate a key */
+            TEST_ASSERT( psa_generate_key( slot, type, bits,
+                                           NULL, 0 ) == PSA_SUCCESS );
+            break;
+
+        case DERIVE_KEY:
+            /* Create base key */
+            psa_key_policy_init( &base_policy_set );
+
+            psa_key_policy_set_usage( &base_policy_set, PSA_KEY_USAGE_DERIVE,
+                                      base_policy_alg );
+            TEST_ASSERT( psa_set_key_policy(
+                base_key, &base_policy_set ) == PSA_SUCCESS );
+            TEST_ASSERT( psa_import_key( base_key, PSA_KEY_TYPE_DERIVE,
+                                         data->x, data->len ) == PSA_SUCCESS );
+            /* Derive a key. */
+            TEST_ASSERT( psa_key_derivation( &generator, base_key,
+                                             base_policy_alg,
+                                             NULL, 0, NULL, 0,
+                                             export_size ) == PSA_SUCCESS );
+            TEST_ASSERT( psa_generator_import_key(
+                slot, PSA_KEY_TYPE_RAW_DATA,
+                bits, &generator ) == PSA_SUCCESS );
+            break;
+    }
 
     /* Export the key */
     TEST_ASSERT( psa_export_key( slot, first_export, export_size,
-                                 &first_exported_length ) == PSA_SUCCESS );
+                                 &first_exported_length ) == export_status );
 
     /* Shutdown and restart */
     mbedtls_psa_crypto_free();
@@ -4096,13 +4138,27 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg,
 
     /* Export the key again */
     TEST_ASSERT( psa_export_key( slot, second_export, export_size,
-                                 &second_exported_length ) == PSA_SUCCESS );
+                                 &second_exported_length ) == export_status );
 
-    ASSERT_COMPARE( first_export, first_exported_length,
-                    second_export, second_exported_length );
+    if( export_status == PSA_SUCCESS )
+    {
+        ASSERT_COMPARE( first_export, first_exported_length,
+                        second_export, second_exported_length );
 
-    ASSERT_COMPARE( data->x, data->len,
-                    first_export, first_exported_length );
+        switch( generation_method )
+        {
+            case IMPORT_KEY:
+                ASSERT_COMPARE( data->x, data->len,
+                                first_export, first_exported_length );
+                break;
+            default:
+                break;
+        }
+    }
+
+    /* Do something with the key according to its type and permitted usage. */
+    if( ! exercise_key( slot, policy_usage, policy_alg ) )
+        goto exit;
 
 exit:
     mbedtls_free( first_export );
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function
index 505f1f9e1..0ede6e6c8 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.function
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.function
@@ -16,6 +16,7 @@ typedef struct {
     uint8_t data_len[4];
     uint8_t key_data[];
 } psa_persistent_key_storage_format;
+
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES

From 46119565607fed4149b804588629a80b39e91d8e Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Tue, 20 Nov 2018 18:30:34 +0200
Subject: [PATCH 665/889] Add new MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
 configuration option

- update configuration requires
- update check_config.h to include MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
- update con and config.h
---
 configs/config-psa-crypto.h    | 17 ++++++++++++++++-
 include/mbedtls/check_config.h | 14 ++++++++++++--
 include/mbedtls/config.h       | 17 ++++++++++++++++-
 library/version_features.c     |  3 +++
 scripts/config.pl              |  1 +
 5 files changed, 48 insertions(+), 4 deletions(-)

diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h
index 27e9ef1d6..f3a8b722f 100644
--- a/configs/config-psa-crypto.h
+++ b/configs/config-psa-crypto.h
@@ -1529,7 +1529,9 @@
  *
  * Module:  library/psa_crypto_storage.c
  *
- * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ * Requires: MBEDTLS_PSA_CRYPTO_C and one of either
+ * MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+ * (but not both)
  *
  */
 #define MBEDTLS_PSA_CRYPTO_STORAGE_C
@@ -1547,6 +1549,19 @@
  */
 #define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
 
+/**
+ * \def MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+ *
+ * Enable persistent key storage over PSA ITS for the
+ * Platform Security Architecture cryptography API.
+ *
+ * Module:  library/psa_crypto_storage_its.c
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_HAS_ITS_IO
+ *
+ */
+//#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+
 /**
  * \def MBEDTLS_RIPEMD160_C
  *
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index f78e61bf1..21bede707 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -506,9 +506,14 @@
 #error "MBEDTLS_PSA_CRYPTO_SPM defined, but not all prerequisites"
 #endif
 
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) && defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C)
+#error "Only one of MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C can be defined"
+#endif
+
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) &&            \
-    !( defined(MBEDTLS_PSA_CRYPTO_C) &&           \
-       defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) )
+    !( defined(MBEDTLS_PSA_CRYPTO_C) &&                 \
+       ( defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C) ||  \
+         defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) ) )
 #error "MBEDTLS_PSA_CRYPTO_STORAGE_C defined, but not all prerequisites"
 #endif
 
@@ -518,6 +523,11 @@
 #error "MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C defined, but not all prerequisites"
 #endif
 
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) &&             \
+    ! defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+#error "MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C defined, but not all prerequisites"
+#endif
+
 #if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) ||         \
     !defined(MBEDTLS_OID_C) )
 #error "MBEDTLS_RSA_C defined, but not all prerequisites"
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 2190ac519..b2a9a2e10 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -2623,7 +2623,9 @@
  *
  * Module:  library/psa_crypto_storage.c
  *
- * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+ * Requires: MBEDTLS_PSA_CRYPTO_C and one of either
+ * MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C or MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+ * (but not both)
  *
  */
 #define MBEDTLS_PSA_CRYPTO_STORAGE_C
@@ -2641,6 +2643,19 @@
  */
 #define MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
 
+/**
+ * \def MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+ *
+ * Enable persistent key storage over PSA ITS for the
+ * Platform Security Architecture cryptography API.
+ *
+ * Module:  library/psa_crypto_storage_its.c
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C, MBEDTLS_PSA_HAS_ITS_IO
+ *
+ */
+//#define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+
 /**
  * \def MBEDTLS_RIPEMD160_C
  *
diff --git a/library/version_features.c b/library/version_features.c
index 7ef899717..00652f1e4 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -693,6 +693,9 @@ static const char *features[] = {
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C)
     "MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C",
 #endif /* MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C */
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C)
+    "MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C",
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C */
 #if defined(MBEDTLS_RIPEMD160_C)
     "MBEDTLS_RIPEMD160_C",
 #endif /* MBEDTLS_RIPEMD160_C */
diff --git a/scripts/config.pl b/scripts/config.pl
index 69c6d5fce..81bb8950d 100755
--- a/scripts/config.pl
+++ b/scripts/config.pl
@@ -118,6 +118,7 @@ MBEDTLS_PLATFORM_TIME_ALT
 MBEDTLS_PLATFORM_FPRINTF_ALT
 MBEDTLS_PSA_CRYPTO_STORAGE_C
 MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
+MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
 );
 
 # Things that should be enabled in "full" even if they match @excluded

From a90abf13b6e2be43a22a1bca41474bb3e032852b Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Tue, 20 Nov 2018 18:32:25 +0200
Subject: [PATCH 666/889] add MBEDTLS_PSA_HAS_ITS_IO

update config.h,config-psa-crypto.h, version_features.c and config.pl
---
 configs/config-psa-crypto.h | 10 ++++++++++
 include/mbedtls/config.h    | 10 ++++++++++
 library/version_features.c  |  3 +++
 scripts/config.pl           |  3 +++
 4 files changed, 26 insertions(+)

diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h
index f3a8b722f..c9a8ebd62 100644
--- a/configs/config-psa-crypto.h
+++ b/configs/config-psa-crypto.h
@@ -710,6 +710,16 @@
  */
 //#define MBEDTLS_PSA_CRYPTO_SPM
 
+/**
+ * \def MBEDTLS_PSA_HAS_ITS_IO
+ *
+ * Enable the non-volatile secure storage usage.
+ *
+ * This is crucial on systems that do not have a HW TRNG support.
+ *
+ */
+//#define MBEDTLS_PSA_HAS_ITS_IO
+
 /**
  * \def MBEDTLS_RSA_NO_CRT
  *
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index b2a9a2e10..c47c4714a 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1173,6 +1173,16 @@
  */
 //#define MBEDTLS_PSA_CRYPTO_SPM
 
+/**
+ * \def MBEDTLS_PSA_HAS_ITS_IO
+ *
+ * Enable the non-volatile secure storage usage.
+ *
+ * This is crucial on systems that do not have a HW TRNG support.
+ *
+ */
+//#define MBEDTLS_PSA_HAS_ITS_IO
+
 /**
  * \def MBEDTLS_RSA_NO_CRT
  *
diff --git a/library/version_features.c b/library/version_features.c
index 00652f1e4..af8149052 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -420,6 +420,9 @@ static const char *features[] = {
 #if defined(MBEDTLS_PSA_CRYPTO_SPM)
     "MBEDTLS_PSA_CRYPTO_SPM",
 #endif /* MBEDTLS_PSA_CRYPTO_SPM */
+#if defined(MBEDTLS_PSA_HAS_ITS_IO)
+    "MBEDTLS_PSA_HAS_ITS_IO",
+#endif /* MBEDTLS_PSA_HAS_ITS_IO */
 #if defined(MBEDTLS_RSA_NO_CRT)
     "MBEDTLS_RSA_NO_CRT",
 #endif /* MBEDTLS_RSA_NO_CRT */
diff --git a/scripts/config.pl b/scripts/config.pl
index 81bb8950d..6d02ec05c 100755
--- a/scripts/config.pl
+++ b/scripts/config.pl
@@ -97,6 +97,8 @@ MBEDTLS_PKCS11_C
 MBEDTLS_NO_UDBL_DIVISION
 MBEDTLS_NO_64BIT_MULTIPLICATION
 MBEDTLS_PSA_CRYPTO_SPM
+MBEDTLS_PSA_HAS_ITS_IO
+MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
 _ALT\s*$
 );
 
@@ -119,6 +121,7 @@ MBEDTLS_PLATFORM_FPRINTF_ALT
 MBEDTLS_PSA_CRYPTO_STORAGE_C
 MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C
 MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+MBEDTLS_PSA_HAS_ITS_IO
 );
 
 # Things that should be enabled in "full" even if they match @excluded

From a26d764bae2c25c1d87eae326ffcd47924a6220a Mon Sep 17 00:00:00 2001
From: Moran Peker <moran.peker@arm.com>
Date: Tue, 20 Nov 2018 18:33:41 +0200
Subject: [PATCH 667/889] Add new PSA Crypto Storage backend implementation
 using ITS APIs

The new file is conditionally compiled with the new mbedtls
configuration option that  Mbed OS would set by default -
`MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C`.

-
---
 library/CMakeLists.txt           |   1 +
 library/Makefile                 |   1 +
 library/psa_crypto_storage_its.c | 184 +++++++++++++++++++++++++++++++
 visualc/VS2010/mbedTLS.vcxproj   |   1 +
 4 files changed, 187 insertions(+)
 create mode 100644 library/psa_crypto_storage_its.c

diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index 04e404c29..fb6b9569a 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -56,6 +56,7 @@ set(src_crypto
     psa_crypto.c
     psa_crypto_storage.c
     psa_crypto_storage_file.c
+    psa_crypto_storage_its.c
     ripemd160.c
     rsa.c
     rsa_internal.c
diff --git a/library/Makefile b/library/Makefile
index 83afa661e..aa8cecefa 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -84,6 +84,7 @@ OBJS_CRYPTO=	aes.o		aesni.o		arc4.o		\
 		psa_crypto.o					\
 		psa_crypto_storage.o				\
 		psa_crypto_storage_file.o			\
+		psa_crypto_storage_its.o			\
 		ripemd160.o	rsa_internal.o	rsa.o  		\
 		sha1.o		sha256.o	sha512.o	\
 		threading.o	timing.o	version.o	\
diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c
new file mode 100644
index 000000000..29394b5d8
--- /dev/null
+++ b/library/psa_crypto_storage_its.c
@@ -0,0 +1,184 @@
+/*
+ *  PSA storage backend for persistent keys using psa_its APIs.
+ */
+/*  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if defined(MBEDTLS_CONFIG_FILE)
+#include MBEDTLS_CONFIG_FILE
+#else
+#include "mbedtls/config.h"
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C)
+
+#include "psa/crypto.h"
+#include "psa_crypto_storage_backend.h"
+#include "psa_prot_internal_storage.h"
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#endif
+
+static psa_status_t its_to_psa_error( psa_its_status_t ret )
+{
+    switch( ret )
+    {
+        case PSA_ITS_SUCCESS:
+            return( PSA_SUCCESS );
+
+        case PSA_ITS_ERROR_KEY_NOT_FOUND:
+            return( PSA_ERROR_EMPTY_SLOT );
+
+        case PSA_ITS_ERROR_STORAGE_FAILURE:
+            return( PSA_ERROR_STORAGE_FAILURE );
+
+        case PSA_ITS_ERROR_INSUFFICIENT_SPACE:
+            return( PSA_ERROR_INSUFFICIENT_STORAGE );
+
+        case PSA_ITS_ERROR_INVALID_KEY:
+        case PSA_PS_ERROR_OFFSET_INVALID:
+        case PSA_ITS_ERROR_INCORRECT_SIZE:
+        case PSA_ITS_ERROR_BAD_POINTER:
+            return( PSA_ERROR_INVALID_ARGUMENT );
+
+        case PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED:
+            return( PSA_ERROR_NOT_SUPPORTED );
+
+        case PSA_ITS_ERROR_WRITE_ONCE:
+            return( PSA_ERROR_OCCUPIED_SLOT );
+
+        default:
+            return( PSA_ERROR_UNKNOWN_ERROR );
+    }
+}
+
+static uint32_t psa_its_identifier_of_slot( psa_key_slot_t key )
+{
+    return( key );
+}
+
+psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data,
+                                      size_t data_size )
+{
+    psa_its_status_t ret;
+    psa_status_t status;
+    uint32_t data_identifier = psa_its_identifier_of_slot( key );
+    struct psa_its_info_t data_identifier_info;
+
+    ret = psa_its_get_info( data_identifier, &data_identifier_info );
+    status = its_to_psa_error( ret );
+    if( status != PSA_SUCCESS )
+        return( status );
+
+    ret = psa_its_get( data_identifier, 0, data_size, data );
+    status = its_to_psa_error( ret );
+
+    return( status );
+}
+
+int psa_is_key_present_in_storage( const psa_key_slot_t key )
+{
+    psa_its_status_t ret;
+    uint32_t data_identifier = psa_its_identifier_of_slot( key );
+    struct psa_its_info_t data_identifier_info;
+
+    ret = psa_its_get_info( data_identifier, &data_identifier_info );
+
+    if( ret == PSA_ITS_ERROR_KEY_NOT_FOUND )
+        return( 0 );
+    return( 1 );
+}
+
+psa_status_t psa_crypto_storage_store( const psa_key_slot_t key,
+                                       const uint8_t *data,
+                                       size_t data_length )
+{
+    psa_its_status_t ret;
+    psa_status_t status;
+    uint32_t data_identifier = psa_its_identifier_of_slot( key );
+    struct psa_its_info_t data_identifier_info;
+
+    if( psa_is_key_present_in_storage( key ) == 1 )
+        return( PSA_ERROR_OCCUPIED_SLOT );
+
+    ret = psa_its_set( data_identifier, data_length, data, 0 );
+    status = its_to_psa_error( ret );
+    if( status != PSA_SUCCESS )
+    {
+        return( PSA_ERROR_STORAGE_FAILURE );
+    }
+
+    ret = psa_its_get_info( data_identifier, &data_identifier_info );
+    status = its_to_psa_error( ret );
+    if( status != PSA_SUCCESS )
+    {
+        goto exit;
+    }
+
+    if( data_identifier_info.size != data_length )
+    {
+        status = PSA_ERROR_STORAGE_FAILURE;
+        goto exit;
+    }
+
+exit:
+    if( status != PSA_SUCCESS )
+        psa_its_remove( data_identifier );
+    return( status );
+}
+
+psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key )
+{
+    psa_its_status_t ret;
+    uint32_t data_identifier = psa_its_identifier_of_slot( key );
+    struct psa_its_info_t data_identifier_info;
+
+    ret = psa_its_get_info( data_identifier, &data_identifier_info );
+    if( ret == PSA_ITS_ERROR_KEY_NOT_FOUND )
+        return( PSA_SUCCESS );
+
+    if( psa_its_remove( data_identifier ) != PSA_ITS_SUCCESS )
+        return( PSA_ERROR_STORAGE_FAILURE );
+
+    ret = psa_its_get_info( data_identifier, &data_identifier_info );
+    if( ret != PSA_ITS_ERROR_KEY_NOT_FOUND )
+        return( PSA_ERROR_STORAGE_FAILURE );
+
+    return( PSA_SUCCESS );
+}
+
+psa_status_t psa_crypto_storage_get_data_length( const psa_key_slot_t key,
+                                                 size_t *data_length )
+{
+    psa_its_status_t ret;
+    psa_status_t status;
+    uint32_t data_identifier = psa_its_identifier_of_slot( key );
+    struct psa_its_info_t data_identifier_info;
+
+    ret = psa_its_get_info( data_identifier, &data_identifier_info );
+    status = its_to_psa_error( ret );
+    if( status != PSA_SUCCESS )
+        return( status );
+
+    *data_length = (size_t) data_identifier_info.size;
+
+    return( PSA_SUCCESS );
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C */
diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 91cf2f0fc..5d57a7504 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -291,6 +291,7 @@
     <ClCompile Include="..\..\library\psa_crypto.c" />
     <ClCompile Include="..\..\library\psa_crypto_storage.c" />
     <ClCompile Include="..\..\library\psa_crypto_storage_file.c" />
+    <ClCompile Include="..\..\library\psa_crypto_storage_its.c" />
     <ClCompile Include="..\..\library\ripemd160.c" />
     <ClCompile Include="..\..\library\rsa.c" />
     <ClCompile Include="..\..\library\rsa_internal.c" />

From 3a45d9e13bad588a93739a00c2c5f6aa0c84bc5e Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Wed, 31 Oct 2018 19:00:48 +0000
Subject: [PATCH 668/889] CMake: psa: Enable installing of headers

When installing via CMake, also install PSA headers so that PSA APIs can be
more easily used from the installed library.
---
 include/CMakeLists.txt | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/include/CMakeLists.txt b/include/CMakeLists.txt
index 1b581a54d..67c66c8c6 100644
--- a/include/CMakeLists.txt
+++ b/include/CMakeLists.txt
@@ -3,11 +3,16 @@ option(INSTALL_MBEDTLS_HEADERS "Install mbed TLS headers." ON)
 if(INSTALL_MBEDTLS_HEADERS)
 
     file(GLOB headers "mbedtls/*.h")
+    file(GLOB psa_headers "psa/*.h")
 
     install(FILES ${headers}
         DESTINATION include/mbedtls
         PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
 
+    install(FILES ${psa_headers}
+        DESTINATION include/psa
+        PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
+
 endif(INSTALL_MBEDTLS_HEADERS)
 
 # Make config.h available in an out-of-source build. ssl-opt.sh requires it.

From 5ae1fb6f69893370a42a199eba3efd35ba365c8a Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Mon, 29 Oct 2018 17:40:05 +0000
Subject: [PATCH 669/889] CMake: Don't build non-crypto when a subproject

When building Mbed Crypto as a subproject, don't add targets for
libmbedx509 or libmbedtls, as the parent project should build these. The
parent project will define USE_CRYPTO_SUBMODULE variable when using Mbed
Crypto as a submodule, so we can depend on that variable to control whether
or not we build non-crypto libraries.
---
 library/CMakeLists.txt | 61 +++++++++++++++++++++++++++---------------
 1 file changed, 40 insertions(+), 21 deletions(-)

diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index 04e404c29..ba137b9f8 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -147,17 +147,23 @@ if(USE_STATIC_MBEDTLS_LIBRARY)
     set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto)
     target_link_libraries(${mbedcrypto_static_target} ${libs})
 
-    add_library(${mbedx509_static_target} STATIC ${src_x509})
-    set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509)
-    target_link_libraries(${mbedx509_static_target} ${libs} ${mbedcrypto_static_target})
+    if(USE_CRYPTO_SUBMODULE)
+        install(TARGETS ${mbedcrypto_static_target}
+                DESTINATION ${LIB_INSTALL_DIR}
+                PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+    else()
+        add_library(${mbedx509_static_target} STATIC ${src_x509})
+        set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509)
+        target_link_libraries(${mbedx509_static_target} ${libs} ${mbedcrypto_static_target})
 
-    add_library(${mbedtls_static_target} STATIC ${src_tls})
-    set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls)
-    target_link_libraries(${mbedtls_static_target} ${libs} ${mbedx509_static_target})
+        add_library(${mbedtls_static_target} STATIC ${src_tls})
+        set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls)
+        target_link_libraries(${mbedtls_static_target} ${libs} ${mbedx509_static_target})
 
-    install(TARGETS ${mbedtls_static_target} ${mbedx509_static_target} ${mbedcrypto_static_target}
-            DESTINATION ${LIB_INSTALL_DIR}
-            PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+        install(TARGETS ${mbedtls_static_target} ${mbedx509_static_target} ${mbedcrypto_static_target}
+                DESTINATION ${LIB_INSTALL_DIR}
+                PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+    endif()
 endif(USE_STATIC_MBEDTLS_LIBRARY)
 
 if(USE_SHARED_MBEDTLS_LIBRARY)
@@ -165,20 +171,33 @@ if(USE_SHARED_MBEDTLS_LIBRARY)
     set_target_properties(mbedcrypto PROPERTIES VERSION 2.14.0 SOVERSION 3)
     target_link_libraries(mbedcrypto ${libs})
 
-    add_library(mbedx509 SHARED ${src_x509})
-    set_target_properties(mbedx509 PROPERTIES VERSION 2.14.0 SOVERSION 0)
-    target_link_libraries(mbedx509 ${libs} mbedcrypto)
+    if(USE_CRYPTO_SUBMODULE)
+        install(TARGETS mbedcrypto
+                DESTINATION ${LIB_INSTALL_DIR}
+                PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+    else()
+        add_library(mbedx509 SHARED ${src_x509})
+        set_target_properties(mbedx509 PROPERTIES VERSION 2.14.0 SOVERSION 0)
+        target_link_libraries(mbedx509 ${libs} mbedcrypto)
 
-    add_library(mbedtls SHARED ${src_tls})
-    set_target_properties(mbedtls PROPERTIES VERSION 2.14.0 SOVERSION 12)
-    target_link_libraries(mbedtls ${libs} mbedx509)
+        add_library(mbedtls SHARED ${src_tls})
+        set_target_properties(mbedtls PROPERTIES VERSION 2.14.0 SOVERSION 12)
+        target_link_libraries(mbedtls ${libs} mbedx509)
 
-    install(TARGETS mbedtls mbedx509 mbedcrypto
-            DESTINATION ${LIB_INSTALL_DIR}
-            PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+        install(TARGETS mbedtls mbedx509 mbedcrypto
+                DESTINATION ${LIB_INSTALL_DIR}
+                PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+    endif()
 endif(USE_SHARED_MBEDTLS_LIBRARY)
 
-add_custom_target(lib DEPENDS mbedcrypto mbedx509 mbedtls)
-if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
-    add_dependencies(lib mbedcrypto_static mbedx509_static mbedtls_static)
+if(USE_CRYPTO_SUBMODULE)
+    add_custom_target(crypto_lib DEPENDS mbedcrypto)
+    if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
+        add_dependencies(crypto_lib mbedcrypto_static)
+    endif()
+else()
+    add_custom_target(lib DEPENDS mbedcrypto mbedx509 mbedtls)
+    if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
+        add_dependencies(lib mbedcrypto_static mbedx509_static mbedtls_static)
+    endif()
 endif()

From c74fe6a3e7afd048f84c81aa62f28666b44492db Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Tue, 30 Oct 2018 18:09:22 +0000
Subject: [PATCH 670/889] Add Mbed Crypto README.md

Move our Mbed Crypto README out from the crypto folder and up to the top
level for better visibility when using Mbed Crypto as a submodule of Mbed
TLS.
---
 README.md        | 203 ++++++++++-------------------------------------
 crypto/README.md |  66 ---------------
 2 files changed, 41 insertions(+), 228 deletions(-)
 delete mode 100644 crypto/README.md

diff --git a/README.md b/README.md
index d7a0e9d6b..9699ca3d4 100644
--- a/README.md
+++ b/README.md
@@ -1,187 +1,66 @@
-README for Mbed TLS
-===================
+# Mbed Crypto library
 
-Configuration
--------------
+The Mbed cryptography library is a reference implementation of the cryptography interface of the Arm Platform Security Architecture (PSA). This is a preview release of Mbed Crypto, provided for evaluation purposes only.
 
-Mbed TLS should build out of the box on most systems. Some platform specific options are available in the fully documented configuration file `include/mbedtls/config.h`, which is also the place where features can be selected. This file can be edited manually, or in a more programmatic way using the Perl script `scripts/config.pl` (use `--help` for usage instructions).
+Mbed Crypto is distributed under the Apache License, version 2.0. See the [LICENSE](LICENSE) file for the full text of the license.
 
-Compiler options can be set using conventional environment variables such as `CC` and `CFLAGS` when using the Make and CMake build system (see below).
+## PSA cryptography API
 
-Compiling
----------
+Arm's Platform Security Architecture (PSA) is a holistic set of threat models, security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level.
 
-There are currently three active build systems used within Mbed TLS releases:
+The PSA cryptography API provides access to a set of cryptographic primitives. It has a dual purpose. First, it can be used in a PSA-compliant platform to build services, such as secure boot, secure storage and secure communication. Second, it can also be used independently of other PSA components on any platform.
 
--   GNU Make
--   CMake
--   Microsoft Visual Studio (Microsoft Visual Studio 2010 or later)
+The design goals of the PSA cryptography API include:
 
-The main systems used for development are CMake and GNU Make. Those systems are always complete and up-to-date. The others should reflect all changes present in the CMake and Make build system, although features may not be ported there automatically.
+* The API distinguishes caller memory from internal memory, which allows the library to be implemented in an isolated space for additional security. Library calls can be implemented as direct function calls if isolation is not desired, and as remote procedure calls if isolation is desired.
+* The structure of internal data is hidden to the application, which allows substituting alternative implementations at build time or run time, for example, in order to take advantage of hardware accelerators.
+* All access to the keys happens through handles, which allows support for external cryptoprocessors that is transparent to applications.
+* The interface to algorithms is generic, favoring algorithm agility.
+* The interface is designed to be easy to use and hard to accidentally misuse.
 
-The Make and CMake build systems create three libraries: libmbedcrypto, libmbedx509, and libmbedtls. Note that libmbedtls depends on libmbedx509 and libmbedcrypto, and libmbedx509 depends on libmbedcrypto. As a result, some linkers will expect flags to be in a specific order, for example the GNU linker wants `-lmbedtls -lmbedx509 -lmbedcrypto`. Also, when loading shared libraries using dlopen(), you'll need to load libmbedcrypto first, then libmbedx509, before you can load libmbedtls.
+## Mbed Crypto implementation
 
-### Make
+Mbed Crypto is a reference implementation of the PSA cryptography API. It is written in portable C.
 
-We require GNU Make. To build the library and the sample programs, GNU Make and a C compiler are sufficient. Some of the more advanced build targets require some Unix/Linux tools.
+## Documentation
 
-We intentionally only use a minimum of functionality in the makefiles in order to keep them as simple and independent of different toolchains as possible, to allow users to more easily move between different platforms. Users who need more features are recommended to use CMake.
+Since the Mbed Crypto library is a reference implementation of the PSA cryptography API, the library's API documentation is the PSA cryptography API specification. The PSA cryptography API specification consists of the following documents:
 
-In order to build from the source code using GNU Make, just enter at the command line:
+* The [PSA Cryptography API overview](docs/PSA_Crypto_API_Overview.pdf).
+* The [PSA Cryptography API detailed function reference](docs/PSA_Crypto_API_Reference.pdf), which you can also browse in [HTML format](docs/html/modules.html).
 
-    make
+## Compiling
 
-In order to run the tests, enter:
+You need the following tools to build the library with the provided makefiles:
 
-    make check
+* GNU Make.
+* A C toolchain (compiler, linker, archiver).
+* Python 2 or Python 3 (either will work) to generate the test code.
+* Perl to run the tests.
 
-The tests need Perl to be built and run. If you don't have Perl installed, you can skip building the tests with:
+If you have a C compiler, such as GCC or Clang, just run `make` in the top-level directory to build the library, a set of unit tests and some sample programs.
 
-    make no_test
+To select a different compiler, set the `CC` variable to the name or path of the compiler and linker (default: `cc`), and set `AR` to a compatible archiver (default: `ar`). For example:
+```
+make CC=arm-linux-gnueabi-gcc AR=arm-linux-gnueabi-ar
+```
+The provided makefiles pass options to the compiler that assume a GCC-like command-line syntax. To use a different compiler, you may need to pass different values for `CFLAGS`, `WARNINGS_CFLAGS` and `LDFLAGS`.
 
-You'll still be able to run a much smaller set of tests with:
+To run the unit tests on the host machine, run `make test` from the top-level directory. If you are cross-compiling, copy the test executable from the `tests` directory to the target machine.
 
-    programs/test/selftest
+## Example programs
 
-In order to build for a Windows platform, you should use `WINDOWS_BUILD=1` if the target is Windows but the build environment is Unix-like (for instance when cross-compiling, or compiling from an MSYS shell), and `WINDOWS=1` if the build environment is a Windows shell (for instance using mingw32-make) (in that case some targets will not be available).
+The `programs/` subdirectory contains sample programs that use the library. Please note that the goal of these sample programs is to demonstrate specific features of the library, and the code may need to be adapted to build a real-world application.
 
-Setting the variable `SHARED` in your environment will build shared libraries in addition to the static libraries. Setting `DEBUG` gives you a debug build. You can override `CFLAGS` and `LDFLAGS` by setting them in your environment or on the make command line; compiler warning options may be overridden separately using `WARNING_CFLAGS`. Some directory-specific options (for example, `-I` directives) are still preserved.
+## Upcoming features
 
-Please note that setting `CFLAGS` overrides its default value of `-O2` and setting `WARNING_CFLAGS` overrides its default value (starting with `-Wall -W`), so if you just want to add some warning options to the default ones, you can do so by setting `CFLAGS=-O2 -Werror` for example. Setting `WARNING_CFLAGS` is useful when you want to get rid of its default content (for example because your compiler doesn't accept `-Wall` as an option). Directory-specific options cannot be overriden from the command line.
+Future releases of this library will include:
 
-Depending on your platform, you might run into some issues. Please check the Makefiles in `library/`, `programs/` and `tests/` for options to manually add or remove for specific platforms. You can also check [the Mbed TLS Knowledge Base](https://tls.mbed.org/kb) for articles on your platform or issue.
+* A driver programming interface, which makes it possible to use hardware accelerators instead of the default software implementation for chosen algorithms.
+* Support for external keys to be stored and manipulated exclusively in a separate cryptoprocessor.
+* A configuration mechanism to compile only the algorithms you need for your application.
+* A wider set of cryptographic algorithms.
 
-In case you find that you need to do something else as well, please let us know what, so we can add it to the [Mbed TLS Knowledge Base](https://tls.mbed.org/kb).
-
-### CMake
-
-In order to build the source using CMake in a separate directory (recommended), just enter at the command line:
-
-    mkdir /path/to/build_dir && cd /path/to/build_dir
-    cmake /path/to/mbedtls_source
-    make
-
-In order to run the tests, enter:
-
-    make test
-
-The test suites need Perl to be built. If you don't have Perl installed, you'll want to disable the test suites with:
-
-    cmake -DENABLE_TESTING=Off /path/to/mbedtls_source
-
-If you disabled the test suites, but kept the programs enabled, you can still run a much smaller set of tests with:
-
-    programs/test/selftest
-
-To configure CMake for building shared libraries, use:
-
-    cmake -DUSE_SHARED_MBEDTLS_LIBRARY=On /path/to/mbedtls_source
-
-There are many different build modes available within the CMake buildsystem. Most of them are available for gcc and clang, though some are compiler-specific:
-
--   `Release`. This generates the default code without any unnecessary information in the binary files.
--   `Debug`. This generates debug information and disables optimization of the code.
--   `Coverage`. This generates code coverage information in addition to debug information.
--   `ASan`. This instruments the code with AddressSanitizer to check for memory errors. (This includes LeakSanitizer, with recent version of gcc and clang.) (With recent version of clang, this mode also instruments the code with UndefinedSanitizer to check for undefined behaviour.)
--   `ASanDbg`. Same as ASan but slower, with debug information and better stack traces.
--   `MemSan`. This instruments the code with MemorySanitizer to check for uninitialised memory reads. Experimental, needs recent clang on Linux/x86\_64.
--   `MemSanDbg`. Same as MemSan but slower, with debug information, better stack traces and origin tracking.
--   `Check`. This activates the compiler warnings that depend on optimization and treats all warnings as errors.
-
-Switching build modes in CMake is simple. For debug mode, enter at the command line:
-
-    cmake -D CMAKE_BUILD_TYPE=Debug /path/to/mbedtls_source
-
-To list other available CMake options, use:
-
-    cmake -LH
-
-Note that, with CMake, you can't adjust the compiler or its flags after the
-initial invocation of cmake. This means that `CC=your_cc make` and `make
-CC=your_cc` will *not* work (similarly with `CFLAGS` and other variables).
-These variables need to be adjusted when invoking cmake for the first time,
-for example:
-
-    CC=your_cc cmake /path/to/mbedtls_source
-
-If you already invoked cmake and want to change those settings, you need to
-remove the build directory and create it again.
-
-Note that it is possible to build in-place; this will however overwrite the
-provided Makefiles (see `scripts/tmp_ignore_makefiles.sh` if you want to
-prevent `git status` from showing them as modified). In order to do so, from
-the Mbed TLS source directory, use:
-
-    cmake .
-    make
-
-If you want to change `CC` or `CFLAGS` afterwards, you will need to remove the
-CMake cache. This can be done with the following command using GNU find:
-
-    find . -iname '*cmake*' -not -name CMakeLists.txt -exec rm -rf {} +
-
-You can now make the desired change:
-
-    CC=your_cc cmake .
-    make
-
-Regarding variables, also note that if you set CFLAGS when invoking cmake,
-your value of CFLAGS doesn't override the content provided by cmake (depending
-on the build mode as seen above), it's merely prepended to it.
-
-### Microsoft Visual Studio
-
-The build files for Microsoft Visual Studio are generated for Visual Studio 2010.
-
-The solution file `mbedTLS.sln` contains all the basic projects needed to build the library and all the programs. The files in tests are not generated and compiled, as these need a perl environment as well. However, the selftest program in `programs/test/` is still available.
-
-Example programs
-----------------
-
-We've included example programs for a lot of different features and uses in [`programs/`](programs/README.md). Most programs only focus on a single feature or usage scenario, so keep that in mind when copying parts of the code.
-
-Tests
------
-
-Mbed TLS includes an elaborate test suite in `tests/` that initially requires Perl to generate the tests files (e.g. `test\_suite\_mpi.c`). These files are generated from a `function file` (e.g. `suites/test\_suite\_mpi.function`) and a `data file` (e.g. `suites/test\_suite\_mpi.data`). The `function file` contains the test functions. The `data file` contains the test cases, specified as parameters that will be passed to the test function.
-
-For machines with a Unix shell and OpenSSL (and optionally GnuTLS) installed, additional test scripts are available:
-
--   `tests/ssl-opt.sh` runs integration tests for various TLS options (renegotiation, resumption, etc.) and tests interoperability of these options with other implementations.
--   `tests/compat.sh` tests interoperability of every ciphersuite with other implementations.
--   `tests/scripts/test-ref-configs.pl` test builds in various reduced configurations.
--   `tests/scripts/key-exchanges.pl` test builds in configurations with a single key exchange enabled
--   `tests/scripts/all.sh` runs a combination of the above tests, plus some more, with various build options (such as ASan, full `config.h`, etc).
-
-Configurations
---------------
-
-We provide some non-standard configurations focused on specific use cases in the `configs/` directory. You can read more about those in `configs/README.txt`
-
-Porting Mbed TLS
-----------------
-
-Mbed TLS can be ported to many different architectures, OS's and platforms. Before starting a port, you may find the following Knowledge Base articles useful:
-
--   [Porting Mbed TLS to a new environment or OS](https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS)
--   [What external dependencies does Mbed TLS rely on?](https://tls.mbed.org/kb/development/what-external-dependencies-does-mbedtls-rely-on)
--   [How do I configure Mbed TLS](https://tls.mbed.org/kb/compiling-and-building/how-do-i-configure-mbedtls)
-
-Contributing
-------------
-
-We gratefully accept bug reports and contributions from the community. There are some requirements we need to fulfill in order to be able to integrate contributions:
-
--   All contributions, whether large or small require a Contributor's License Agreement (CLA) to be accepted. This is because source code can possibly fall under copyright law and we need your consent to share in the ownership of the copyright.
--   We would ask that contributions conform to [our coding standards](https://tls.mbed.org/kb/development/mbedtls-coding-standards), and that contributions should be fully tested before submission.
--   As with any open source project, contributions will be reviewed by the project team and community and may need some modifications to be accepted.
-
-To accept the Contributor’s Licence Agreement (CLA), individual contributors can do this by creating an Mbed account and [accepting the online agreement here with a click through](https://os.mbed.com/contributor_agreement/). Alternatively, for contributions from corporations, or those that do not wish to create an Mbed account, a slightly different agreement can be found [here](https://www.mbed.com/en/about-mbed/contributor-license-agreements/). This agreement should be signed and returned to Arm as described in the instructions given.
-
-### Making a Contribution
-
-1.  [Check for open issues](https://github.com/ARMmbed/mbedtls/issues) or [start a discussion](https://forums.mbed.com/c/mbed-tls) around a feature idea or a bug.
-2.  Fork the [Mbed TLS repository on GitHub](https://github.com/ARMmbed/mbedtls) to start making your changes. As a general rule, you should use the "development" branch as a basis.
-3.  Write a test which shows that the bug was fixed or that the feature works as expected.
-4.  Send a pull request and bug us until it gets merged and published. Contributions may need some modifications, so work with us to get your change accepted. We will include your name in the ChangeLog :)
+## Feedback welcome
 
+Arm welcomes feedback on the design of the API. If you think something could be improved, please open an issue on our Github repository. Alternatively, if you prefer to provide your feedback privately, please email us at [`mbed-crypto@arm.com`](mailto:mbed-crypto@arm.com). All feedback received by email is treated confidentially.
diff --git a/crypto/README.md b/crypto/README.md
deleted file mode 100644
index 9699ca3d4..000000000
--- a/crypto/README.md
+++ /dev/null
@@ -1,66 +0,0 @@
-# Mbed Crypto library
-
-The Mbed cryptography library is a reference implementation of the cryptography interface of the Arm Platform Security Architecture (PSA). This is a preview release of Mbed Crypto, provided for evaluation purposes only.
-
-Mbed Crypto is distributed under the Apache License, version 2.0. See the [LICENSE](LICENSE) file for the full text of the license.
-
-## PSA cryptography API
-
-Arm's Platform Security Architecture (PSA) is a holistic set of threat models, security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level.
-
-The PSA cryptography API provides access to a set of cryptographic primitives. It has a dual purpose. First, it can be used in a PSA-compliant platform to build services, such as secure boot, secure storage and secure communication. Second, it can also be used independently of other PSA components on any platform.
-
-The design goals of the PSA cryptography API include:
-
-* The API distinguishes caller memory from internal memory, which allows the library to be implemented in an isolated space for additional security. Library calls can be implemented as direct function calls if isolation is not desired, and as remote procedure calls if isolation is desired.
-* The structure of internal data is hidden to the application, which allows substituting alternative implementations at build time or run time, for example, in order to take advantage of hardware accelerators.
-* All access to the keys happens through handles, which allows support for external cryptoprocessors that is transparent to applications.
-* The interface to algorithms is generic, favoring algorithm agility.
-* The interface is designed to be easy to use and hard to accidentally misuse.
-
-## Mbed Crypto implementation
-
-Mbed Crypto is a reference implementation of the PSA cryptography API. It is written in portable C.
-
-## Documentation
-
-Since the Mbed Crypto library is a reference implementation of the PSA cryptography API, the library's API documentation is the PSA cryptography API specification. The PSA cryptography API specification consists of the following documents:
-
-* The [PSA Cryptography API overview](docs/PSA_Crypto_API_Overview.pdf).
-* The [PSA Cryptography API detailed function reference](docs/PSA_Crypto_API_Reference.pdf), which you can also browse in [HTML format](docs/html/modules.html).
-
-## Compiling
-
-You need the following tools to build the library with the provided makefiles:
-
-* GNU Make.
-* A C toolchain (compiler, linker, archiver).
-* Python 2 or Python 3 (either will work) to generate the test code.
-* Perl to run the tests.
-
-If you have a C compiler, such as GCC or Clang, just run `make` in the top-level directory to build the library, a set of unit tests and some sample programs.
-
-To select a different compiler, set the `CC` variable to the name or path of the compiler and linker (default: `cc`), and set `AR` to a compatible archiver (default: `ar`). For example:
-```
-make CC=arm-linux-gnueabi-gcc AR=arm-linux-gnueabi-ar
-```
-The provided makefiles pass options to the compiler that assume a GCC-like command-line syntax. To use a different compiler, you may need to pass different values for `CFLAGS`, `WARNINGS_CFLAGS` and `LDFLAGS`.
-
-To run the unit tests on the host machine, run `make test` from the top-level directory. If you are cross-compiling, copy the test executable from the `tests` directory to the target machine.
-
-## Example programs
-
-The `programs/` subdirectory contains sample programs that use the library. Please note that the goal of these sample programs is to demonstrate specific features of the library, and the code may need to be adapted to build a real-world application.
-
-## Upcoming features
-
-Future releases of this library will include:
-
-* A driver programming interface, which makes it possible to use hardware accelerators instead of the default software implementation for chosen algorithms.
-* Support for external keys to be stored and manipulated exclusively in a separate cryptoprocessor.
-* A configuration mechanism to compile only the algorithms you need for your application.
-* A wider set of cryptographic algorithms.
-
-## Feedback welcome
-
-Arm welcomes feedback on the design of the API. If you think something could be improved, please open an issue on our Github repository. Alternatively, if you prefer to provide your feedback privately, please email us at [`mbed-crypto@arm.com`](mailto:mbed-crypto@arm.com). All feedback received by email is treated confidentially.

From 74a04cdd59b1a60ad9dc03e0c3b61687e1a13158 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Wed, 31 Oct 2018 17:43:00 +0000
Subject: [PATCH 671/889] Remove exporter script

We no longer need an exporter script as we'll use our existing tooling in
the top level directory for builds and releases.
---
 .gitignore               |  14 ---
 crypto/.gitignore        |  13 ---
 crypto/Makefile          |  20 ----
 crypto/library/Makefile  |  78 -------------
 crypto/programs/Makefile |  51 ---------
 crypto/tests/Makefile    |  82 --------------
 scripts/mbed_crypto.make | 239 ---------------------------------------
 tests/scripts/all.sh     |   9 --
 8 files changed, 506 deletions(-)
 delete mode 100644 crypto/.gitignore
 delete mode 100644 crypto/Makefile
 delete mode 100644 crypto/library/Makefile
 delete mode 100644 crypto/programs/Makefile
 delete mode 100644 crypto/tests/Makefile
 delete mode 100644 scripts/mbed_crypto.make

diff --git a/.gitignore b/.gitignore
index ea732a496..f40064d5b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -26,17 +26,3 @@ massif-*
 
 # CMake generates *.dir/ folders for in-tree builds (used by MSVC projects), ignore all of those:
 *.dir/
-
-# Exported Mbed Crypto files
-crypto/LICENSE
-crypto/VERSION.txt
-crypto/include/mbedcrypto/*.h
-crypto/include/psa/*.h
-crypto/library/*.c
-crypto/programs/psa/*.c
-crypto/programs/psa/*.sh
-crypto/scripts
-crypto/tests/scripts
-crypto/tests/suites/*.data
-crypto/tests/suites/*.function
-mbedcrypto.tar.gz
diff --git a/crypto/.gitignore b/crypto/.gitignore
deleted file mode 100644
index ae4ba4530..000000000
--- a/crypto/.gitignore
+++ /dev/null
@@ -1,13 +0,0 @@
-*.exe
-*.o
-*.obj
-/docs/*.pdf
-/docs/html
-/library/libmbedcrypto*.a
-/library/libmbedcrypto*.dll
-/library/libmbedcrypto*.so
-/library/libmbedcrypto*.so.[0-9]*
-/programs/psa/crypto_examples
-/programs/psa/key_ladder_demo
-/programs/psa/psa_constant_names
-/tests/test_suite_*
diff --git a/crypto/Makefile b/crypto/Makefile
deleted file mode 100644
index 2230ed97c..000000000
--- a/crypto/Makefile
+++ /dev/null
@@ -1,20 +0,0 @@
-.PHONY: all lib programs tests clean test
-
-all: programs tests
-
-lib:
-	$(MAKE) -C library
-
-programs: lib
-	$(MAKE) -C programs
-
-tests: lib
-	$(MAKE) -C tests
-
-clean:
-	$(MAKE) -C library clean
-	$(MAKE) -C programs clean
-	$(MAKE) -C tests clean
-
-test: lib tests
-	$(MAKE) -C tests test
diff --git a/crypto/library/Makefile b/crypto/library/Makefile
deleted file mode 100644
index 5b963c5ea..000000000
--- a/crypto/library/Makefile
+++ /dev/null
@@ -1,78 +0,0 @@
-CFLAGS ?= -O2 -I../include
-WARNING_CFLAGS ?= \
-	-Werror -Wall -Wextra \
-	-Wno-unused-function \
-	-Wno-overlength-strings \
-	-Wdeclaration-after-statement \
-# Don't delete this line.
-
-OBJS_CRYPTO := \
-	aes.o \
-	aesni.o \
-	arc4.o \
-	asn1parse.o \
-	asn1write.o \
-	base64.o \
-	bignum.o \
-	blowfish.o \
-	camellia.o \
-	ccm.o \
-	cipher.o \
-	cipher_wrap.o \
-	cmac.o \
-	ctr_drbg.o \
-	des.o \
-	ecdsa.o \
-	ecp.o \
-	ecp_curves.o \
-	entropy.o \
-	entropy_poll.o \
-	gcm.o \
-	hmac_drbg.o \
-	md.o \
-	md2.o \
-	md4.o \
-	md5.o \
-	md_wrap.o \
-	oid.o \
-	pem.o \
-	pk.o \
-	pk_wrap.o \
-	pkcs12.o \
-	pkcs5.o \
-	pkparse.o \
-	pkwrite.o \
-	platform.o \
-	platform_util.o \
-	psa_crypto.o \
-	psa_crypto_storage.o \
-	psa_crypto_storage_file.o \
-	ripemd160.o \
-	rsa_internal.o \
-	rsa.o \
-	sha1.o \
-	sha256.o \
-	sha512.o \
-	xtea.o \
-# Don't delete this line.
-
-.SILENT:
-
-.PHONY: all static clean
-
-all: static
-
-static: libmbedcrypto.a
-
-libmbedcrypto.a: $(OBJS_CRYPTO)
-	echo "  AR    $@"
-	$(AR) -rc $@ $(OBJS_CRYPTO)
-	echo "  RL    $@"
-	$(AR) -s $@
-
-.c.o:
-	echo "  CC    $<"
-	$(CC) $(CFLAGS) $(WARNING_CFLAGS) -c $<
-
-clean:
-	rm -f *.o libmbedcrypto.a
diff --git a/crypto/programs/Makefile b/crypto/programs/Makefile
deleted file mode 100644
index 093b43dcf..000000000
--- a/crypto/programs/Makefile
+++ /dev/null
@@ -1,51 +0,0 @@
-CFLAGS ?= -O2 -I../include
-WARNING_CFLAGS ?= \
-	-Werror -Wall -Wextra \
-	-Wno-unused-function \
-	-Wno-overlength-strings \
-	-Wdeclaration-after-statement \
-# Don't delete this line.
-
-LDFLAGS ?= -L../library -lmbedcrypto
-
-DEP := ../library/libmbedcrypto.a
-
-APPS := \
-	psa/crypto_examples \
-	psa/key_ladder_demo \
-	psa/psa_constant_names \
-# Don't delete this line.
-
-EXTRA_GENERATED := \
-	psa/psa_constant_names_generated.c \
-# Don't delete this line.
-
-.SILENT:
-
-.PHONY: all clean list
-
-all: $(APPS)
-
-$(DEP):
-	$(MAKE) -C ../library
-
-psa/crypto_examples: psa/crypto_examples.c $(DEP)
-	echo "  CC    psa/crypto_examples.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/crypto_examples.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-psa/key_ladder_demo: psa/key_ladder_demo.c $(DEP)
-	echo "  CC    psa/key_ladder_demo.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/key_ladder_demo.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-psa/psa_constant_names_generated.c: ../scripts/generate_psa_constants.py ../include/psa/crypto.h
-	../scripts/generate_psa_constants.py
-
-psa/psa_constant_names: psa/psa_constant_names_generated.c psa/psa_constant_names.c $(DEP)
-	echo "  CC    psa/psa_constant_names.c"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/psa_constant_names.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
-
-clean:
-	rm -f $(APPS) $(EXTRA_GENERATED)
-
-list:
-	echo $(APPS)
diff --git a/crypto/tests/Makefile b/crypto/tests/Makefile
deleted file mode 100644
index cc4355bed..000000000
--- a/crypto/tests/Makefile
+++ /dev/null
@@ -1,82 +0,0 @@
-CFLAGS ?= -O2 -I../include -I../library
-WARNING_CFLAGS ?= \
-	-Werror -Wall -Wextra \
-	-Wno-unused-function \
-	-Wno-overlength-strings \
-	-Wdeclaration-after-statement \
-# Don't delete this line.
-
-LDFLAGS ?= -L../library -lmbedcrypto
-
-DEP := ../library/libmbedcrypto.a
-
-# Python executable
-PYTHON ?= python
-
-APPS := \
-	test_suite_psa_crypto \
-	test_suite_psa_crypto_metadata \
-	test_suite_psa_crypto_persistent_key \
-	test_suite_psa_crypto_storage_file \
-# Don't delete this line.
-
-# Look up for associated function files
-func.test_suite_psa_crypto := test_suite_psa_crypto
-func.test_suite_psa_crypto_metadata := test_suite_psa_crypto_metadata
-func.test_suite_psa_crypto_persistent_key := test_suite_psa_crypto_persistent_key
-func.test_suite_psa_crypto_storage_file := test_suite_psa_crypto_storage_file
-
-.SILENT:
-
-.PHONY: all test clean
-
-all: $(APPS)
-
-$(DEP):
-	$(MAKE) -C ../library
-
-C_FILES := $(addsuffix .c,$(APPS))
-
-.SECONDEXPANSION:
-$(C_FILES): %.c: suites/$$(func.$$*).function suites/%.data scripts/generate_test_code.py suites/helpers.function suites/main_test.function suites/host_test.function
-	echo "  Gen   $@"
-	$(PYTHON) scripts/generate_test_code.py -f suites/$(func.$*).function \
-		-d suites/$*.data \
-		-t suites/main_test.function \
-		-p suites/host_test.function \
-		-s suites  \
-		--helpers-file suites/helpers.function \
-		-o .
-
-
-$(APPS): %: %.c $(DEP)
-	echo "  CC    $<"
-	$(CC) $(CFLAGS) $(WARNING_CFLAGS) $< $(LDFLAGS) -o $@
-
-clean:
-	rm -rf $(APPS) *.c *.data TESTS
-	rm -rf data_files/ctr_drbg_seed data_files/hmac_drbg_seed data_files/mpi_write
-
-test: $(APPS)
-	./test_suite_psa_crypto_metadata
-	./test_suite_psa_crypto
-	./test_suite_psa_crypto_persistent_key
-	./test_suite_psa_crypto_storage_file
-
-# Create separate targets for generating embedded tests.
-EMBEDDED_TESTS := $(addprefix embedded_,$(APPS))
-
-# Generate test code for target.
-
-.SECONDEXPANSION:
-$(EMBEDDED_TESTS): embedded_%: suites/$$(func.$$*).function suites/%.data scripts/generate_test_code.py suites/helpers.function suites/main_test.function suites/target_test.function
-	echo "  Gen  ./TESTS/mbedcrypto/$*/$*.c"
-	$(PYTHON) scripts/generate_test_code.py -f suites/$(func.$*).function \
-		-d suites/$*.data \
-		-t suites/main_test.function \
-		-p suites/target_test.function \
-		-s suites  \
-		--helpers-file suites/helpers.function \
-		-o ./TESTS/mbedcrypto/$*
-
-gen-embedded-test: $(EMBEDDED_TESTS)
diff --git a/scripts/mbed_crypto.make b/scripts/mbed_crypto.make
deleted file mode 100644
index f51f5f8f3..000000000
--- a/scripts/mbed_crypto.make
+++ /dev/null
@@ -1,239 +0,0 @@
-###########################################################################
-#
-#  Copyright (c) 2018, ARM Limited, All Rights Reserved
-#  SPDX-License-Identifier: Apache-2.0
-#
-#  Licensed under the Apache License, Version 2.0 (the "License"); you may
-#  not use this file except in compliance with the License.
-#  You may obtain a copy of the License at
-#
-#  http://www.apache.org/licenses/LICENSE-2.0
-#
-#  Unless required by applicable law or agreed to in writing, software
-#  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-#  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#  See the License for the specific language governing permissions and
-#  limitations under the License.
-#
-###########################################################################
-
-#
-# Use this file to export an Mbed Crypto release tarball as follows, from the
-# top level of the mbedtls repo:
-#
-#   1) make -f scripts/mbed_crypto.make
-#
-
-.PHONY: all clean FORCE
-
-all: mbedcrypto.tar.gz
-
-#
-# Crypto-necessary library files
-#
-LIB_FILES := \
-	aes.c \
-	aesni.c \
-	arc4.c \
-	asn1parse.c \
-	asn1write.c \
-	base64.c \
-	bignum.c \
-	blowfish.c \
-	camellia.c \
-	ccm.c \
-	cipher.c \
-	cipher_wrap.c \
-	cmac.c \
-	ctr_drbg.c \
-	des.c \
-	ecdsa.c \
-	ecp.c \
-	ecp_curves.c \
-	entropy.c \
-	entropy_poll.c \
-	gcm.c \
-	hmac_drbg.c \
-	md.c \
-	md2.c \
-	md4.c \
-	md5.c \
-	md_wrap.c \
-	oid.c \
-	pem.c \
-	pk.c \
-	pk_wrap.c \
-	pkcs12.c \
-	pkcs5.c \
-	pkparse.c \
-	pkwrite.c \
-	platform.c \
-	platform_util.c \
-	psa_crypto.c \
-	psa_crypto_storage.h \
-	psa_crypto_storage.c \
-	psa_crypto_storage_backend.h \
-	psa_crypto_storage_file.c \
-	ripemd160.c \
-	rsa_internal.c \
-	rsa.c \
-	sha1.c \
-	sha256.c \
-	sha512.c \
-	xtea.c \
-# Don't delete this line.
-
-#
-# Crypto-necessary include files
-#
-INC_FILES := \
-	mbedcrypto/aes.h \
-	mbedcrypto/aesni.h \
-	mbedcrypto/arc4.h \
-	mbedcrypto/asn1.h \
-	mbedcrypto/asn1write.h \
-	mbedcrypto/base64.h \
-	mbedcrypto/bignum.h \
-	mbedcrypto/blowfish.h \
-	mbedcrypto/bn_mul.h \
-	mbedcrypto/camellia.h \
-	mbedcrypto/ccm.h \
-	mbedcrypto/certs.h \
-	mbedcrypto/check_config.h \
-	mbedcrypto/cipher.h \
-	mbedcrypto/cipher_internal.h \
-	mbedcrypto/cmac.h \
-	mbedcrypto/config.h \
-	mbedcrypto/ctr_drbg.h \
-	mbedcrypto/des.h \
-	mbedcrypto/ecdsa.h \
-	mbedcrypto/ecp.h \
-	mbedcrypto/ecp_internal.h \
-	mbedcrypto/entropy.h \
-	mbedcrypto/entropy_poll.h \
-	mbedcrypto/error.h \
-	mbedcrypto/gcm.h \
-	mbedcrypto/hmac_drbg.h \
-	mbedcrypto/md.h \
-	mbedcrypto/md2.h \
-	mbedcrypto/md4.h \
-	mbedcrypto/md5.h \
-	mbedcrypto/md_internal.h \
-	mbedcrypto/oid.h \
-	mbedcrypto/pem.h \
-	mbedcrypto/pk.h \
-	mbedcrypto/pk_internal.h \
-	mbedcrypto/pkcs11.h \
-	mbedcrypto/pkcs12.h \
-	mbedcrypto/pkcs5.h \
-	mbedcrypto/platform.h \
-	mbedcrypto/platform_util.h \
-	mbedcrypto/ripemd160.h \
-	mbedcrypto/rsa.h \
-	mbedcrypto/rsa_internal.h \
-	mbedcrypto/sha1.h \
-	mbedcrypto/sha256.h \
-	mbedcrypto/sha512.h \
-	mbedcrypto/threading.h \
-	mbedcrypto/xtea.h \
-	psa/crypto.h \
-	psa/crypto_extra.h \
-	psa/crypto_platform.h \
-	psa/crypto_sizes.h \
-	psa/crypto_struct.h \
-# Don't delete this line.
-
-TEST_FILES := \
-	tests/scripts/generate_test_code.py \
-	tests/scripts/mbedtls_test.py \
-	tests/scripts/test_generate_test_code.py \
-	tests/scripts/run-test-suites.pl \
-	tests/suites/helpers.function \
-	tests/suites/host_test.function \
-	tests/suites/main_test.function \
-	tests/suites/target_test.function \
-	tests/suites/test_suite_psa_crypto.data \
-	tests/suites/test_suite_psa_crypto.function \
-	tests/suites/test_suite_psa_crypto_hash.data \
-	tests/suites/test_suite_psa_crypto_hash.function \
-	tests/suites/test_suite_psa_crypto_metadata.data \
-	tests/suites/test_suite_psa_crypto_metadata.function \
-	tests/suites/test_suite_psa_crypto_persistent_key.data \
-	tests/suites/test_suite_psa_crypto_persistent_key.function \
-	tests/suites/test_suite_psa_crypto_storage_file.data \
-	tests/suites/test_suite_psa_crypto_storage_file.function \
-# Don't delete this line.
-
-OTHER_FILES := \
-	LICENSE \
-	VERSION.txt \
-	programs/psa/crypto_examples.c \
-	programs/psa/key_ladder_demo.c \
-	programs/psa/key_ladder_demo.sh \
-	programs/psa/psa_constant_names.c \
-	scripts/config.pl \
-	scripts/generate_psa_constants.py \
-# Don't delete this line.
-
-# Prepend destination directory
-LIB_FILES := $(addprefix crypto/library/,$(LIB_FILES))
-INC_FILES := $(addprefix crypto/include/,$(INC_FILES))
-TEST_FILES := $(addprefix crypto/,$(TEST_FILES))
-OTHER_FILES := $(addprefix crypto/,$(OTHER_FILES))
-
-define rename_mbedcrypto
-	@sed -i -e 's/Mbed TLS/Mbed Crypto/g' $(1)
-	@sed -i -e 's/mbed TLS/Mbed Crypto/g' $(1)
-	@sed -i -e 's/MBEDTLS_/MBEDCRYPTO_/g' $(1)
-	@sed -i -e 's/mbedtls/mbedcrypto/g' $(1)
-	@sed -i -e 's/MbedTls/MbedCrypto/g' $(1)
-	@sed -i -e 's/include\/mbedtls/include\/mbedcrypto/g' $(1)
-endef
-
-crypto/include/mbedcrypto/config.h: configs/config-psa-crypto.h
-	@echo $@
-	@mkdir -p $(dir $@)
-	@cp $< $@
-	@#Rename the file in the comments
-	@sed -i -e 's/config-psa-crypto.h/config.h/g' $@
-	$(call rename_mbedcrypto,$@)
-
-crypto/tests/data_files/%: tests/data_files/%
-	@echo $@
-	@mkdir -p $(dir $@)
-	@cp $< $@
-	@#Don't rename things inside data files
-
-crypto/include/mbedcrypto/%.h: include/mbedtls/%.h
-	@echo $@
-	@mkdir -p $(dir $@)
-	@cp $< $@
-	$(call rename_mbedcrypto,$@)
-
-crypto/LICENSE: apache-2.0.txt
-	@echo $@
-	@mkdir -p $(dir $@)
-	@cp $< $@
-	@#Don't rename anything in the license
-
-crypto/%: %
-	@echo $@
-	@mkdir -p $(dir $@)
-	@cp $< $@
-	$(call rename_mbedcrypto,$@)
-
-crypto/VERSION.txt: FORCE
-	@git describe --tags --abbrev=12 --dirty --always > $@
-
-mbedcrypto.tar.gz: $(LIB_FILES) $(INC_FILES) $(TEST_FILES) $(OTHER_FILES)
-	@echo $@
-	@tar czf mbedcrypto.tar.gz crypto
-
-clean:
-	@echo clean
-	@rm -rf mbedcrypto.tar.gz \
-		$(LIB_FILES) $(INC_FILES) $(TEST_FILES) $(OTHER_FILES)
-
-FORCE:
-
-# vi: ft=make
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 73152cf05..43f1db600 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -440,15 +440,6 @@ msg "test: doxygen warnings" # ~ 3s
 cleanup
 record_status tests/scripts/doxygen.sh
 
-msg "test: Mbed Crypto exporter " # ~ 30s
-cleanup
-make -f scripts/mbed_crypto.make
-cd crypto
-make test
-make clean
-cd ..
-make -f scripts/mbed_crypto.make clean
-
 
 ################################################################
 #### Build and test many configurations and targets

From c6e4ab00a8e6c67864eca6752efd03c6d6b64b56 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Thu, 1 Nov 2018 16:56:08 +0000
Subject: [PATCH 672/889] Use parent module includes when used as a submodule

For Makefiles, enable overriding where includes can come from in order to
enable the parent module to set the include path. This allows the parent
module to specify that its config.h should be used, even when the submodule
when built standalone would use a different config.h.

For CMake, always look in the parent's include folder and our own. List the
parent's include folder first, so that preference is given to parent
include files.
---
 library/CMakeLists.txt | 6 ++++++
 library/Makefile       | 3 ++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index ba137b9f8..433fab11c 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -146,6 +146,9 @@ if(USE_STATIC_MBEDTLS_LIBRARY)
     add_library(${mbedcrypto_static_target} STATIC ${src_crypto})
     set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto)
     target_link_libraries(${mbedcrypto_static_target} ${libs})
+    target_include_directories(${mbedcrypto_static_target}
+        PUBLIC ${CMAKE_SOURCE_DIR}/include/
+        PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/)
 
     if(USE_CRYPTO_SUBMODULE)
         install(TARGETS ${mbedcrypto_static_target}
@@ -170,6 +173,9 @@ if(USE_SHARED_MBEDTLS_LIBRARY)
     add_library(mbedcrypto SHARED ${src_crypto})
     set_target_properties(mbedcrypto PROPERTIES VERSION 2.14.0 SOVERSION 3)
     target_link_libraries(mbedcrypto ${libs})
+    target_include_directories(mbedcrypto
+        PUBLIC ${CMAKE_SOURCE_DIR}/include/
+        PUBLIC ${CMAKE_SOURCE_DIR}/crypto/include/)
 
     if(USE_CRYPTO_SUBMODULE)
         install(TARGETS mbedcrypto
diff --git a/library/Makefile b/library/Makefile
index 83afa661e..5814ae8a1 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -5,7 +5,8 @@ CFLAGS	?= -O2
 WARNING_CFLAGS ?=  -Wall -W -Wdeclaration-after-statement
 LDFLAGS ?=
 
-LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../include -D_FILE_OFFSET_BITS=64
+CRYPTO_INCLUDES ?= -I../include
+LOCAL_CFLAGS = $(WARNING_CFLAGS) $(CRYPTO_INCLUDES) -D_FILE_OFFSET_BITS=64
 LOCAL_LDFLAGS =
 
 ifdef DEBUG

From 11293cccedddc864d2f7ae1aa33d74fba4abf47b Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Fri, 2 Nov 2018 12:22:34 +0000
Subject: [PATCH 673/889] README: Update with how to use as a subproject

---
 README.md | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/README.md b/README.md
index 9699ca3d4..a7270686d 100644
--- a/README.md
+++ b/README.md
@@ -48,6 +48,23 @@ The provided makefiles pass options to the compiler that assume a GCC-like comma
 
 To run the unit tests on the host machine, run `make test` from the top-level directory. If you are cross-compiling, copy the test executable from the `tests` directory to the target machine.
 
+### Compiling as a subproject
+
+Mbed Crypto supports being built as a subproject of Mbed TLS. Mbed TLS can use Mbed Crypto for its cryptography implementation by using Mbed Crypto as a subproject.
+
+From the Mbed TLS project repository, CMake can be invoked as follows to build Mbed TLS using Mbed Crypto's `libmbedcrypto`.
+```
+mkdir cmake
+cd cmake
+cmake .. -DUSE_CRYPTO_SUBMODULE=1
+make -j
+make test
+```
+
+When building Mbed Crypto as a subproject of Mbed TLS, the Mbed TLS
+configuration file (config.h) is used, and not the Mbed Crypto configuration
+file.
+
 ## Example programs
 
 The `programs/` subdirectory contains sample programs that use the library. Please note that the goal of these sample programs is to demonstrate specific features of the library, and the code may need to be adapted to build a real-world application.

From a49ba5ea5f208fc8bc491176fdaca6e8b562f97e Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Fri, 9 Nov 2018 15:46:12 +0000
Subject: [PATCH 674/889] README: Specify that C99 is required

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index a7270686d..d412a4d79 100644
--- a/README.md
+++ b/README.md
@@ -34,7 +34,7 @@ Since the Mbed Crypto library is a reference implementation of the PSA cryptogra
 You need the following tools to build the library with the provided makefiles:
 
 * GNU Make.
-* A C toolchain (compiler, linker, archiver).
+* A C99 toolchain (compiler, linker, archiver).
 * Python 2 or Python 3 (either will work) to generate the test code.
 * Perl to run the tests.
 

From 852dac2df8d5a423716fa754c690a8e6bbdf38fb Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Fri, 9 Nov 2018 15:47:58 +0000
Subject: [PATCH 675/889] README: Update with the CMake build option

Note that one can also use CMake and doesn't strictly require GNU Make. For
instance, telling CMake to output Visual Studio project files and using
those would preclude the need for GNU Make.
---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index d412a4d79..5b5215329 100644
--- a/README.md
+++ b/README.md
@@ -33,7 +33,7 @@ Since the Mbed Crypto library is a reference implementation of the PSA cryptogra
 
 You need the following tools to build the library with the provided makefiles:
 
-* GNU Make.
+* GNU Make or a build tool that CMake supports.
 * A C99 toolchain (compiler, linker, archiver).
 * Python 2 or Python 3 (either will work) to generate the test code.
 * Perl to run the tests.

From 3c7cc5eb1858e1910edfcf2d9a8e73316c2ced8e Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Thu, 15 Nov 2018 17:38:58 +0000
Subject: [PATCH 676/889] Makefile: Install PSA headers

When running `make install`, it can be desirable for the PSA Crypto header
files to get installed as well, so that the PSA portions of the library are
usable.
---
 Makefile | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Makefile b/Makefile
index f4c0a0021..f32641a22 100644
--- a/Makefile
+++ b/Makefile
@@ -24,6 +24,8 @@ ifndef WINDOWS
 install: no_test
 	mkdir -p $(DESTDIR)/include/mbedtls
 	cp -rp include/mbedtls $(DESTDIR)/include
+	mkdir -p $(DESTDIR)/include/psa
+	cp -rp include/psa $(DESTDIR)/include
 
 	mkdir -p $(DESTDIR)/lib
 	cp -RP library/libmbedtls.*    $(DESTDIR)/lib

From 910c76b3d101a47fd39dbdadcbc1cabf37ed36de Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Wed, 21 Nov 2018 16:03:21 +0200
Subject: [PATCH 677/889] Check that memory allocation was successful in
 psa_save_generated_persistent_key

---
 library/psa_crypto.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 58cb73830..05b8a8e8b 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1117,6 +1117,8 @@ static psa_status_t psa_save_generated_persistent_key( psa_key_slot_t key,
     size_t key_length;
     size_t data_size = PSA_KEY_EXPORT_MAX_SIZE( slot->type, bits );
     data = mbedtls_calloc( 1, data_size );
+    if( data == NULL )
+        return( PSA_ERROR_INSUFFICIENT_MEMORY );
     /* Get key data in export format */
     status = psa_internal_export_key( slot, data, data_size, &key_length, 0 );
     if( status != PSA_SUCCESS )

From 2bcd312cda2f1eafaf827ae389963f2591d8f043 Mon Sep 17 00:00:00 2001
From: Netanel Gonen <netanel.gonen@arm.com>
Date: Mon, 19 Nov 2018 11:53:02 +0200
Subject: [PATCH 678/889] Add entropy injection function to psa cripto APIs

---
 include/psa/crypto_extra.h | 27 +++++++++++++++++++++++++++
 library/psa_crypto.c       | 29 ++++++++++++++++++++++++++++-
 2 files changed, 55 insertions(+), 1 deletion(-)

diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index 2d03f7311..f39f33963 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -34,6 +34,9 @@
 extern "C" {
 #endif
 
+/* UID for secure storage seed */
+#define MBED_RANDOM_SEED_ITS_UID 0xFFFFFF52
+
 /**
  * \brief Library deinitialization.
  *
@@ -44,6 +47,30 @@ extern "C" {
  */
 void mbedtls_psa_crypto_free( void );
 
+
+#if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) )
+/**
+ * \brief Inject initial entropy seed into persistent storage for random capabilities.
+ *
+ * \warning This function **can** fail! Callers MUST check the return status.
+ *
+ * \note    To use this function both mbedtls_nv_seed_read and mbedtls_nv_seed_write
+ *          must be defined.
+ *
+ * \param seed[in]            Buffer storing the seed value to inject.
+ * \param seed_size[in]       Size of the \p seed buffer. The minimum size of the seed is MBEDTLS_ENTROPY_MIN_PLATFORM
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ * \retval #PSA_ERROR_BAD_STATE
+ */
+psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed,
+                                        size_t seed_size);
+
+#endif
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 58cb73830..77314f2dd 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -69,6 +69,7 @@
 #include "mbedtls/ecdh.h"
 #include "mbedtls/ecp.h"
 #include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
 #include "mbedtls/error.h"
 #include "mbedtls/gcm.h"
 #include "mbedtls/md2.h"
@@ -85,7 +86,9 @@
 #include "mbedtls/sha512.h"
 #include "mbedtls/xtea.h"
 
-
+#if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) )
+#include "psa_prot_internal_storage.h"
+#endif
 
 #define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
 
@@ -4223,6 +4226,30 @@ psa_status_t psa_generate_random( uint8_t *output,
     return( mbedtls_to_psa_error( ret ) );
 }
 
+#if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) )
+psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed,
+                                         size_t seed_size )
+{
+    psa_status_t status;
+    struct psa_its_info_t p_info;
+    if( global_data.initialized )
+        return( PSA_ERROR_NOT_PERMITTED );
+    if( ( seed_size < MBEDTLS_ENTROPY_MIN_PLATFORM ) || ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    status = psa_its_get_info( MBED_RANDOM_SEED_ITS_UID, &p_info );
+    if( PSA_ITS_ERROR_KEY_NOT_FOUND == status ) /* No seed exists */
+    {
+        status = psa_its_set( MBED_RANDOM_SEED_ITS_UID, seed_size, seed, 0 );
+    }
+    else if( PSA_ITS_SUCCESS == status )
+    {
+        /* You should not be here. Seed needs to be injected only once */
+        status = PSA_ERROR_NOT_PERMITTED;
+    }
+    return( status );
+}
+#endif
+
 psa_status_t psa_generate_key( psa_key_slot_t key,
                                psa_key_type_t type,
                                size_t bits,

From 9468bb241c5c4ad9d7353966cb2db93eff540dd5 Mon Sep 17 00:00:00 2001
From: Netanel Gonen <netanel.gonen@arm.com>
Date: Mon, 19 Nov 2018 11:53:55 +0200
Subject: [PATCH 679/889] Add Tests for psa crypto entropy incjection

---
 tests/CMakeLists.txt                          |  1 +
 .../suites/test_suite_psa_crypto_entropy.data | 14 +++
 .../test_suite_psa_crypto_entropy.function    | 88 +++++++++++++++++++
 3 files changed, 103 insertions(+)
 create mode 100644 tests/suites/test_suite_psa_crypto_entropy.data
 create mode 100644 tests/suites/test_suite_psa_crypto_entropy.function

diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 34658c8e1..95d60ff31 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -111,6 +111,7 @@ add_test_suite(pkparse)
 add_test_suite(pkwrite)
 add_test_suite(poly1305)
 add_test_suite(psa_crypto)
+add_test_suite(psa_crypto_entropy)
 add_test_suite(psa_crypto_hash)
 add_test_suite(psa_crypto_metadata)
 add_test_suite(psa_crypto_persistent_key)
diff --git a/tests/suites/test_suite_psa_crypto_entropy.data b/tests/suites/test_suite_psa_crypto_entropy.data
new file mode 100644
index 000000000..1fc972aa0
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_entropy.data
@@ -0,0 +1,14 @@
+PSA validate entropy injection: good, minimum size
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_ERROR_NOT_PERMITTED
+
+PSA validate entropy injection: good, max size
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_SUCCESS:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_ERROR_NOT_PERMITTED
+
+PSA validate entropy injection: bad, too big
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE+1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS
+
+PSA validate entropy injection: bad, too small
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS
+
+PSA validate entropy injection: before and after crypto_init
+run_entropy_inject_with_crypto_init:
\ No newline at end of file
diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function
new file mode 100644
index 000000000..a134abe71
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_entropy.function
@@ -0,0 +1,88 @@
+/* BEGIN_HEADER */
+#include <stdint.h>
+
+#include "psa/crypto.h"
+#include "psa_prot_internal_storage.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_ENTROPY_NV_SEED:MBEDTLS_PSA_HAS_ITS_IO:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void validate_entropy_seed_injection( int seed_length_a,
+                                      int expected_status_a,
+                                      int seed_length_b,
+                                      int expected_status_b )
+{
+    psa_its_status_t its_status;
+    psa_status_t status;
+    uint8_t output[32] = { 0 };
+    uint8_t zeros[32] = { 0 };
+    uint8_t *seed = NULL;
+    int i;
+    int seed_size;
+    if( seed_length_a > seed_length_b)
+    {
+        seed_size = seed_length_a;
+    }
+    else
+    {
+        seed_size = seed_length_b;
+    }
+    ASSERT_ALLOC( seed, seed_size );
+    /* fill seed in some data */
+    for( i = 0; i < seed_size; ++i)
+    {
+        seed[i] = i;
+    }
+    its_status =  psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
+    TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) );
+    status = mbedtls_psa_inject_entropy( seed, seed_length_a );
+    TEST_ASSERT( status == expected_status_a );
+    status = mbedtls_psa_inject_entropy( seed, seed_length_b );
+    TEST_ASSERT( status == expected_status_b );
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_generate_random( output, sizeof( output ) ) == PSA_SUCCESS );
+    TEST_ASSERT( memcmp( output , zeros, sizeof( output ) ) != 0 );
+exit:
+    mbedtls_free( seed );
+    psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void run_entropy_inject_with_crypto_init( )
+{
+    psa_its_status_t its_status;
+    psa_status_t status;
+    int i;
+    uint8_t seed[MBEDTLS_ENTROPY_MIN_PLATFORM] = {0};
+    /* fill seed in some data */
+    for( i = 0; i < MBEDTLS_ENTROPY_MIN_PLATFORM; ++i)
+    {
+        seed[i] = i;
+    }
+    its_status =  psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
+    TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) );
+    status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM );
+    TEST_ASSERT( status == PSA_SUCCESS );
+    its_status =  psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
+    TEST_ASSERT( its_status == PSA_ITS_SUCCESS );
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM );
+    TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+    mbedtls_psa_crypto_free( );
+    /* The seed is written by nv_seed callback functions therefore the injection will fail */
+    status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM );
+    TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+exit:
+    psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */

From 212a793217b8356852f54c88d3769df28b970a97 Mon Sep 17 00:00:00 2001
From: Netanel Gonen <netanel.gonen@arm.com>
Date: Mon, 19 Nov 2018 12:19:19 +0200
Subject: [PATCH 680/889] add MBEDTLS_PSA_HAS_ITS_IO to config.h

---
 include/mbedtls/config.h | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index c47c4714a..c1619fbad 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1103,6 +1103,16 @@
  */
 //#define MBEDTLS_ENTROPY_NV_SEED
 
+/**
+ * \def MBEDTLS_PSA_HAS_ITS_IO
+ *
+ * Enable the non-volatile secure storage usage.
+ *
+ * This is crucial on systems that do not have a HW TRNG support.
+ *
+ */
+//#define MBEDTLS_PSA_HAS_ITS_IO
+
 /**
  * \def MBEDTLS_MEMORY_DEBUG
  *

From 0338ded2f4183251b6c4a8971087ba998629840f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 15 Nov 2018 18:19:27 +0100
Subject: [PATCH 681/889] Improve documentation of mbedtls_psa_inject_entropy

Explain what the function does, why one would use it, how to use it,
how to handle its input, and what the status codes mean.
---
 include/psa/crypto_extra.h | 51 +++++++++++++++++++++++++++++++++-----
 1 file changed, 45 insertions(+), 6 deletions(-)

diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index f39f33963..e40a50520 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -50,21 +50,60 @@ void mbedtls_psa_crypto_free( void );
 
 #if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) )
 /**
- * \brief Inject initial entropy seed into persistent storage for random capabilities.
+ * \brief Inject an initial entropy seed for the random generator.
+ *
+ * This function injects data to be used as a seed for the random generator
+ * used by the PSA Crypto implementation. On devices that lack a trusted
+ * entropy source (preferably a hardware random number generator),
+ * the Mbed PSA Crypto implementation uses this value to seed its
+ * random generator.
+ *
+ * On devices without a trusted entropy source, this function must be
+ * called exactly once in the lifetime of the device. On devices with
+ * a trusted entropy source, calling this function is optional.
+ * In all cases, this function may only be called before calling any
+ * other function in the PSA Crypto API, including psa_crypto_init().
+ *
+ * When this function returns successfully, it populates a file in
+ * persistent storage. Once the file has been created, this function
+ * can no longer succeed.
+ * If any error occurs, the file is not created, and you may call this
+ * function again after correcting the reason for the error.
  *
  * \warning This function **can** fail! Callers MUST check the return status.
  *
- * \note    To use this function both mbedtls_nv_seed_read and mbedtls_nv_seed_write
- *          must be defined.
+ * \warning If you use this function, you should use it as part of a
+ *          factory provisioning process. The value of the injected seed
+ *          is critical to the security of the device. It must be
+ *          *secret*, *unpredictable* and (statistically) *unique per device*.
+ *          You should be generate it randomly using a cryptographically
+ *          secure random generator seeded from trusted entropy sources.
+ *          You should transmit it securely to the device and ensure
+ *          that its value is not leaked or stored anywhere beyond the
+ *          needs of transmitting it from the point of generation to
+ *          the call of this function, and erase all copies of the value
+ *          once this function returns.
  *
- * \param seed[in]            Buffer storing the seed value to inject.
- * \param seed_size[in]       Size of the \p seed buffer. The minimum size of the seed is MBEDTLS_ENTROPY_MIN_PLATFORM
+ * This is an Mbed TLS extension.
+ *
+ * \param seed[in]      Buffer containing the seed value to inject.
+ * \param seed_size     Size of the \p seed buffer.
+ *                      The minimum size of the seed is
+ *                      #MBEDTLS_ENTROPY_MIN_PLATFORM.
  *
  * \retval #PSA_SUCCESS
+ *         The seed value was injected successfully. The random generator
+ *         of the PSA Crypto implementation is now ready for use.
+ *         You may now call psa_crypto_init() and use the PSA Crypto
+ *         implementation.
  * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         \p seed_size is not large enough.
  * \retval #PSA_ERROR_STORAGE_FAILURE
+ * \retval `PSA_ITS_ERROR_XXX`
+ *         There was a failure reading or writing from storage.
  * \retval #PSA_ERROR_NOT_PERMITTED
- * \retval #PSA_ERROR_BAD_STATE
+ *         The library has already been initialized. It is no longer
+ *         possible to call this function.
  */
 psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed,
                                         size_t seed_size);

From ee2ffd311bf5496f20d6984eb2f1b0c83390704c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 16 Nov 2018 11:02:49 +0100
Subject: [PATCH 682/889] Document the maximum seed size as well as the minimum

---
 include/psa/crypto_extra.h | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index e40a50520..c7accd1f9 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -50,7 +50,8 @@ void mbedtls_psa_crypto_free( void );
 
 #if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) )
 /**
- * \brief Inject an initial entropy seed for the random generator.
+ * \brief Inject an initial entropy seed for the random generator into
+ *        secure storage.
  *
  * This function injects data to be used as a seed for the random generator
  * used by the PSA Crypto implementation. On devices that lack a trusted
@@ -67,8 +68,10 @@ void mbedtls_psa_crypto_free( void );
  * When this function returns successfully, it populates a file in
  * persistent storage. Once the file has been created, this function
  * can no longer succeed.
- * If any error occurs, the file is not created, and you may call this
- * function again after correcting the reason for the error.
+ *
+ * If any error occurs, this function does not change the system state.
+ * You can call this function again after correcting the reason for the
+ * error if possible.
  *
  * \warning This function **can** fail! Callers MUST check the return status.
  *
@@ -88,8 +91,9 @@ void mbedtls_psa_crypto_free( void );
  *
  * \param seed[in]      Buffer containing the seed value to inject.
  * \param seed_size     Size of the \p seed buffer.
- *                      The minimum size of the seed is
- *                      #MBEDTLS_ENTROPY_MIN_PLATFORM.
+ *                      The size of the seed must be
+ *                      at least #MBEDTLS_ENTROPY_MIN_PLATFORM bytes
+ *                      and at most #MBEDTLS_ENTROPY_MAX_SEED_SIZE bytes.
  *
  * \retval #PSA_SUCCESS
  *         The seed value was injected successfully. The random generator
@@ -97,7 +101,7 @@ void mbedtls_psa_crypto_free( void );
  *         You may now call psa_crypto_init() and use the PSA Crypto
  *         implementation.
  * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         \p seed_size is not large enough.
+ *         \p seed_size is out of range.
  * \retval #PSA_ERROR_STORAGE_FAILURE
  * \retval `PSA_ITS_ERROR_XXX`
  *         There was a failure reading or writing from storage.

From 21f37cbbecd955f82854f2291a6e68dfd9183d8a Mon Sep 17 00:00:00 2001
From: Netanel Gonen <netanel.gonen@arm.com>
Date: Mon, 19 Nov 2018 11:53:55 +0200
Subject: [PATCH 683/889] Add Tests for psa crypto entropy incjection

Adjust code to handle and work with MBEDTLS_ENTROPY_BLOCK_SIZE definition option
---
 include/psa/crypto_extra.h                          |  6 ++++--
 library/psa_crypto.c                                |  8 ++++++--
 library/version_features.c                          |  3 +++
 tests/suites/test_suite_psa_crypto_entropy.data     |  9 +++++----
 tests/suites/test_suite_psa_crypto_entropy.function | 10 +++++-----
 5 files changed, 23 insertions(+), 13 deletions(-)

diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index c7accd1f9..13134926f 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -91,8 +91,10 @@ void mbedtls_psa_crypto_free( void );
  *
  * \param seed[in]      Buffer containing the seed value to inject.
  * \param seed_size     Size of the \p seed buffer.
- *                      The size of the seed must be
- *                      at least #MBEDTLS_ENTROPY_MIN_PLATFORM bytes
+ *                      The size of the seed must be equal or larger than any
+ *                      of the values defined both in
+ *                      #MBEDTLS_ENTROPY_MIN_PLATFORM
+ *                      and in the #MBEDTLS_ENTROPY_BLOCK_SIZE defines
  *                      and at most #MBEDTLS_ENTROPY_MAX_SEED_SIZE bytes.
  *
  * \retval #PSA_SUCCESS
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 77314f2dd..26bea1980 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -4234,8 +4234,12 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed,
     struct psa_its_info_t p_info;
     if( global_data.initialized )
         return( PSA_ERROR_NOT_PERMITTED );
-    if( ( seed_size < MBEDTLS_ENTROPY_MIN_PLATFORM ) || ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) )
-        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    if( ( ( seed_size < MBEDTLS_ENTROPY_MIN_PLATFORM ) ||
+          ( seed_size < MBEDTLS_ENTROPY_BLOCK_SIZE ) ) ||
+          ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+
     status = psa_its_get_info( MBED_RANDOM_SEED_ITS_UID, &p_info );
     if( PSA_ITS_ERROR_KEY_NOT_FOUND == status ) /* No seed exists */
     {
diff --git a/library/version_features.c b/library/version_features.c
index af8149052..590f949f4 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -402,6 +402,9 @@ static const char *features[] = {
 #if defined(MBEDTLS_ENTROPY_NV_SEED)
     "MBEDTLS_ENTROPY_NV_SEED",
 #endif /* MBEDTLS_ENTROPY_NV_SEED */
+#if defined(MBEDTLS_PSA_HAS_ITS_IO)
+    "MBEDTLS_PSA_HAS_ITS_IO",
+#endif /* MBEDTLS_PSA_HAS_ITS_IO */
 #if defined(MBEDTLS_MEMORY_DEBUG)
     "MBEDTLS_MEMORY_DEBUG",
 #endif /* MBEDTLS_MEMORY_DEBUG */
diff --git a/tests/suites/test_suite_psa_crypto_entropy.data b/tests/suites/test_suite_psa_crypto_entropy.data
index 1fc972aa0..bbc056d92 100644
--- a/tests/suites/test_suite_psa_crypto_entropy.data
+++ b/tests/suites/test_suite_psa_crypto_entropy.data
@@ -1,14 +1,15 @@
 PSA validate entropy injection: good, minimum size
-validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_ERROR_NOT_PERMITTED
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_ERROR_NOT_PERMITTED
 
 PSA validate entropy injection: good, max size
 validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_SUCCESS:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_ERROR_NOT_PERMITTED
 
 PSA validate entropy injection: bad, too big
-validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE+1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE+1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS
 
 PSA validate entropy injection: bad, too small
-validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_MIN_PLATFORM:PSA_SUCCESS
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_BLOCK_SIZE-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS
 
 PSA validate entropy injection: before and after crypto_init
-run_entropy_inject_with_crypto_init:
\ No newline at end of file
+run_entropy_inject_with_crypto_init:
+
diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function
index a134abe71..1cb58b9a2 100644
--- a/tests/suites/test_suite_psa_crypto_entropy.function
+++ b/tests/suites/test_suite_psa_crypto_entropy.function
@@ -62,24 +62,24 @@ void run_entropy_inject_with_crypto_init( )
     psa_its_status_t its_status;
     psa_status_t status;
     int i;
-    uint8_t seed[MBEDTLS_ENTROPY_MIN_PLATFORM] = {0};
+    uint8_t seed[MBEDTLS_ENTROPY_BLOCK_SIZE] = {0};
     /* fill seed in some data */
-    for( i = 0; i < MBEDTLS_ENTROPY_MIN_PLATFORM; ++i)
+    for( i = 0; i < MBEDTLS_ENTROPY_BLOCK_SIZE; ++i)
     {
         seed[i] = i;
     }
     its_status =  psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
     TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) );
-    status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM );
+    status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE );
     TEST_ASSERT( status == PSA_SUCCESS );
     its_status =  psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
     TEST_ASSERT( its_status == PSA_ITS_SUCCESS );
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-    status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM );
+    status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE );
     TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
     mbedtls_psa_crypto_free( );
     /* The seed is written by nv_seed callback functions therefore the injection will fail */
-    status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_MIN_PLATFORM );
+    status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE );
     TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 exit:
     psa_its_remove(MBED_RANDOM_SEED_ITS_UID);

From 4d27c94aee2746a9bce74edab06ed1dadcc707f5 Mon Sep 17 00:00:00 2001
From: avolinski <alex.volinski@arm.com>
Date: Tue, 20 Nov 2018 15:48:54 +0200
Subject: [PATCH 684/889] Adding testcase for PSA validate entropy injection:
 bad, too small using MBEDTLS_ENTROPY_MIN_PLATFORM

---
 tests/suites/test_suite_psa_crypto_entropy.data | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto_entropy.data b/tests/suites/test_suite_psa_crypto_entropy.data
index bbc056d92..a2355d50a 100644
--- a/tests/suites/test_suite_psa_crypto_entropy.data
+++ b/tests/suites/test_suite_psa_crypto_entropy.data
@@ -7,7 +7,10 @@ validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_SUCCESS:MBEDTL
 PSA validate entropy injection: bad, too big
 validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE+1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS
 
-PSA validate entropy injection: bad, too small
+PSA validate entropy injection: bad, too small using MBEDTLS_ENTROPY_MIN_PLATFORM
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS
+
+PSA validate entropy injection: bad, too small using MBEDTLS_ENTROPY_BLOCK_SIZE
 validate_entropy_seed_injection:MBEDTLS_ENTROPY_BLOCK_SIZE-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS
 
 PSA validate entropy injection: before and after crypto_init

From 7cc8229d80110c4664306d6bc728727c035e7858 Mon Sep 17 00:00:00 2001
From: avolinski <alex.volinski@arm.com>
Date: Tue, 20 Nov 2018 15:52:25 +0200
Subject: [PATCH 685/889] Replace MBED_RANDOM_SEED_ITS_UID with
 MBEDTLS_RANDOM_SEED_ITS_UID

Update mbedtls_psa_inject_entropy function documentation
---
 include/psa/crypto_extra.h                          | 12 ++++++------
 library/psa_crypto.c                                |  4 ++--
 tests/suites/test_suite_psa_crypto_entropy.function | 10 +++++-----
 3 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index 13134926f..880e09c24 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -35,7 +35,7 @@ extern "C" {
 #endif
 
 /* UID for secure storage seed */
-#define MBED_RANDOM_SEED_ITS_UID 0xFFFFFF52
+#define MBEDTLS_RANDOM_SEED_ITS_UID 0xFFFFFF52
 
 /**
  * \brief Library deinitialization.
@@ -91,11 +91,11 @@ void mbedtls_psa_crypto_free( void );
  *
  * \param seed[in]      Buffer containing the seed value to inject.
  * \param seed_size     Size of the \p seed buffer.
- *                      The size of the seed must be equal or larger than any
- *                      of the values defined both in
- *                      #MBEDTLS_ENTROPY_MIN_PLATFORM
- *                      and in the #MBEDTLS_ENTROPY_BLOCK_SIZE defines
- *                      and at most #MBEDTLS_ENTROPY_MAX_SEED_SIZE bytes.
+ *                      The size of the seed in bytes must be greater
+ *                      or equal to both #MBEDTLS_ENTROPY_MIN_PLATFORM
+ *                      and #MBEDTLS_ENTROPY_BLOCK_SIZE.
+ *                      It must be less or equal to
+ *                      #MBEDTLS_ENTROPY_MAX_SEED_SIZE.
  *
  * \retval #PSA_SUCCESS
  *         The seed value was injected successfully. The random generator
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 26bea1980..fe73d1d35 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -4240,10 +4240,10 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed,
           ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) )
             return( PSA_ERROR_INVALID_ARGUMENT );
 
-    status = psa_its_get_info( MBED_RANDOM_SEED_ITS_UID, &p_info );
+    status = psa_its_get_info( MBEDTLS_RANDOM_SEED_ITS_UID, &p_info );
     if( PSA_ITS_ERROR_KEY_NOT_FOUND == status ) /* No seed exists */
     {
-        status = psa_its_set( MBED_RANDOM_SEED_ITS_UID, seed_size, seed, 0 );
+        status = psa_its_set( MBEDTLS_RANDOM_SEED_ITS_UID, seed_size, seed, 0 );
     }
     else if( PSA_ITS_SUCCESS == status )
     {
diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function
index 1cb58b9a2..4be2c5a34 100644
--- a/tests/suites/test_suite_psa_crypto_entropy.function
+++ b/tests/suites/test_suite_psa_crypto_entropy.function
@@ -40,7 +40,7 @@ void validate_entropy_seed_injection( int seed_length_a,
     {
         seed[i] = i;
     }
-    its_status =  psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
+    its_status =  psa_its_remove(MBEDTLS_RANDOM_SEED_ITS_UID);
     TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) );
     status = mbedtls_psa_inject_entropy( seed, seed_length_a );
     TEST_ASSERT( status == expected_status_a );
@@ -51,7 +51,7 @@ void validate_entropy_seed_injection( int seed_length_a,
     TEST_ASSERT( memcmp( output , zeros, sizeof( output ) ) != 0 );
 exit:
     mbedtls_free( seed );
-    psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
+    psa_its_remove(MBEDTLS_RANDOM_SEED_ITS_UID);
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -68,11 +68,11 @@ void run_entropy_inject_with_crypto_init( )
     {
         seed[i] = i;
     }
-    its_status =  psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
+    its_status =  psa_its_remove(MBEDTLS_RANDOM_SEED_ITS_UID);
     TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) );
     status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE );
     TEST_ASSERT( status == PSA_SUCCESS );
-    its_status =  psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
+    its_status =  psa_its_remove(MBEDTLS_RANDOM_SEED_ITS_UID);
     TEST_ASSERT( its_status == PSA_ITS_SUCCESS );
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
     status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE );
@@ -82,7 +82,7 @@ void run_entropy_inject_with_crypto_init( )
     status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE );
     TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 exit:
-    psa_its_remove(MBED_RANDOM_SEED_ITS_UID);
+    psa_its_remove(MBEDTLS_RANDOM_SEED_ITS_UID);
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */

From 13beb100c285a19e7c71cd50cb15ef68662fdc3a Mon Sep 17 00:00:00 2001
From: avolinski <alex.volinski@arm.com>
Date: Tue, 20 Nov 2018 16:51:49 +0200
Subject: [PATCH 686/889] Adjust psa entropy inject tests to take as minimum
 seed size

the maximum of MBEDTLS_ENTROPY_MIN_PLATFORM and MBEDTLS_ENTROPY_BLOCK_SIZE
---
 library/psa_crypto.c                          | 48 +++++++++++++++--
 .../suites/test_suite_psa_crypto_entropy.data |  8 +--
 .../test_suite_psa_crypto_entropy.function    | 54 ++++++++++++-------
 3 files changed, 82 insertions(+), 28 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index fe73d1d35..cc5532a00 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -4227,10 +4227,46 @@ psa_status_t psa_generate_random( uint8_t *output,
 }
 
 #if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) )
+
+/* Support function for error conversion between psa_its error codes to psa crypto */
+static psa_status_t its_to_psa_error( psa_its_status_t ret )
+{
+    switch( ret )
+    {
+        case PSA_ITS_SUCCESS:
+            return( PSA_SUCCESS );
+
+        case PSA_ITS_ERROR_KEY_NOT_FOUND:
+            return( PSA_ERROR_EMPTY_SLOT );
+
+        case PSA_ITS_ERROR_STORAGE_FAILURE:
+            return( PSA_ERROR_STORAGE_FAILURE );
+
+        case PSA_ITS_ERROR_INSUFFICIENT_SPACE:
+            return( PSA_ERROR_INSUFFICIENT_STORAGE );
+
+        case PSA_ITS_ERROR_INVALID_KEY:
+        case PSA_PS_ERROR_OFFSET_INVALID:
+        case PSA_ITS_ERROR_INCORRECT_SIZE:
+        case PSA_ITS_ERROR_BAD_POINTER:
+            return( PSA_ERROR_INVALID_ARGUMENT );
+
+        case PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED:
+            return( PSA_ERROR_NOT_SUPPORTED );
+
+        case PSA_ITS_ERROR_WRITE_ONCE:
+            return( PSA_ERROR_OCCUPIED_SLOT );
+
+        default:
+            return( PSA_ERROR_UNKNOWN_ERROR );
+    }
+}
+
 psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed,
                                          size_t seed_size )
 {
     psa_status_t status;
+    psa_its_status_t its_status;
     struct psa_its_info_t p_info;
     if( global_data.initialized )
         return( PSA_ERROR_NOT_PERMITTED );
@@ -4240,16 +4276,20 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed,
           ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) )
             return( PSA_ERROR_INVALID_ARGUMENT );
 
-    status = psa_its_get_info( MBEDTLS_RANDOM_SEED_ITS_UID, &p_info );
-    if( PSA_ITS_ERROR_KEY_NOT_FOUND == status ) /* No seed exists */
+    its_status = psa_its_get_info( MBEDTLS_RANDOM_SEED_ITS_UID, &p_info );
+    status = its_to_psa_error( its_status );
+
+    if( PSA_ITS_ERROR_KEY_NOT_FOUND == its_status ) /* No seed exists */
     {
-        status = psa_its_set( MBEDTLS_RANDOM_SEED_ITS_UID, seed_size, seed, 0 );
+        its_status = psa_its_set( MBEDTLS_RANDOM_SEED_ITS_UID, seed_size, seed, 0 );
+        status = its_to_psa_error( its_status );
     }
-    else if( PSA_ITS_SUCCESS == status )
+    else if( PSA_ITS_SUCCESS == its_status )
     {
         /* You should not be here. Seed needs to be injected only once */
         status = PSA_ERROR_NOT_PERMITTED;
     }
+    
     return( status );
 }
 #endif
diff --git a/tests/suites/test_suite_psa_crypto_entropy.data b/tests/suites/test_suite_psa_crypto_entropy.data
index a2355d50a..61593e9d6 100644
--- a/tests/suites/test_suite_psa_crypto_entropy.data
+++ b/tests/suites/test_suite_psa_crypto_entropy.data
@@ -1,17 +1,17 @@
 PSA validate entropy injection: good, minimum size
-validate_entropy_seed_injection:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_ERROR_NOT_PERMITTED
+validate_entropy_seed_injection:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_ERROR_NOT_PERMITTED
 
 PSA validate entropy injection: good, max size
 validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_SUCCESS:MBEDTLS_ENTROPY_MAX_SEED_SIZE:PSA_ERROR_NOT_PERMITTED
 
 PSA validate entropy injection: bad, too big
-validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE+1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MAX_SEED_SIZE+1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS
 
 PSA validate entropy injection: bad, too small using MBEDTLS_ENTROPY_MIN_PLATFORM
-validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_MIN_PLATFORM-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS
 
 PSA validate entropy injection: bad, too small using MBEDTLS_ENTROPY_BLOCK_SIZE
-validate_entropy_seed_injection:MBEDTLS_ENTROPY_BLOCK_SIZE-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS
+validate_entropy_seed_injection:MBEDTLS_ENTROPY_BLOCK_SIZE-1:PSA_ERROR_INVALID_ARGUMENT:MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE:PSA_SUCCESS
 
 PSA validate entropy injection: before and after crypto_init
 run_entropy_inject_with_crypto_init:
diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function
index 4be2c5a34..2c069a9e3 100644
--- a/tests/suites/test_suite_psa_crypto_entropy.function
+++ b/tests/suites/test_suite_psa_crypto_entropy.function
@@ -6,6 +6,14 @@
 #include "mbedtls/entropy.h"
 #include "mbedtls/entropy_poll.h"
 
+/* MAX value support macro */
+#if !defined(MAX)
+#define MAX(a,b) (((a)>(b))?(a):(b))
+#endif
+
+/* Calculating the minimum allowed entropy size in bytes */
+#define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)
+
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
@@ -26,7 +34,7 @@ void validate_entropy_seed_injection( int seed_length_a,
     uint8_t *seed = NULL;
     int i;
     int seed_size;
-    if( seed_length_a > seed_length_b)
+    if( seed_length_a > seed_length_b )
     {
         seed_size = seed_length_a;
     }
@@ -35,23 +43,25 @@ void validate_entropy_seed_injection( int seed_length_a,
         seed_size = seed_length_b;
     }
     ASSERT_ALLOC( seed, seed_size );
-    /* fill seed in some data */
-    for( i = 0; i < seed_size; ++i)
+    /* fill seed with some data */
+    for( i = 0; i < seed_size; ++i )
     {
         seed[i] = i;
     }
-    its_status =  psa_its_remove(MBEDTLS_RANDOM_SEED_ITS_UID);
-    TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) );
+    its_status =  psa_its_remove( MBEDTLS_RANDOM_SEED_ITS_UID );
+    TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) ||
+                 ( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) );
     status = mbedtls_psa_inject_entropy( seed, seed_length_a );
     TEST_ASSERT( status == expected_status_a );
     status = mbedtls_psa_inject_entropy( seed, seed_length_b );
     TEST_ASSERT( status == expected_status_b );
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_generate_random( output, sizeof( output ) ) == PSA_SUCCESS );
-    TEST_ASSERT( memcmp( output , zeros, sizeof( output ) ) != 0 );
+    TEST_ASSERT( psa_generate_random( output,
+                                      sizeof( output ) ) == PSA_SUCCESS );
+    TEST_ASSERT( memcmp( output, zeros, sizeof( output ) ) != 0 );
 exit:
     mbedtls_free( seed );
-    psa_its_remove(MBEDTLS_RANDOM_SEED_ITS_UID);
+    psa_its_remove( MBEDTLS_RANDOM_SEED_ITS_UID );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -62,27 +72,31 @@ void run_entropy_inject_with_crypto_init( )
     psa_its_status_t its_status;
     psa_status_t status;
     int i;
-    uint8_t seed[MBEDTLS_ENTROPY_BLOCK_SIZE] = {0};
-    /* fill seed in some data */
-    for( i = 0; i < MBEDTLS_ENTROPY_BLOCK_SIZE; ++i)
+    uint8_t seed[MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE] = { 0 };
+    /* fill seed with some data */
+    for( i = 0; i < sizeof( seed ); ++i )
     {
         seed[i] = i;
     }
-    its_status =  psa_its_remove(MBEDTLS_RANDOM_SEED_ITS_UID);
-    TEST_ASSERT( (its_status == PSA_ITS_SUCCESS) || (its_status == PSA_ITS_ERROR_KEY_NOT_FOUND) );
-    status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE );
+    its_status =  psa_its_remove( MBEDTLS_RANDOM_SEED_ITS_UID );
+    TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) ||
+                 ( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) );
+    status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
     TEST_ASSERT( status == PSA_SUCCESS );
-    its_status =  psa_its_remove(MBEDTLS_RANDOM_SEED_ITS_UID);
+    its_status =  psa_its_remove( MBEDTLS_RANDOM_SEED_ITS_UID );
     TEST_ASSERT( its_status == PSA_ITS_SUCCESS );
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-    status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE );
-    TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+    status = psa_crypto_init( );
+    TEST_ASSERT( status == PSA_ERROR_INSUFFICIENT_ENTROPY );
+    status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
+    TEST_ASSERT( status == PSA_SUCCESS );
+    status = psa_crypto_init( );
+    TEST_ASSERT( status == PSA_SUCCESS );
     mbedtls_psa_crypto_free( );
     /* The seed is written by nv_seed callback functions therefore the injection will fail */
-    status = mbedtls_psa_inject_entropy( seed, MBEDTLS_ENTROPY_BLOCK_SIZE );
+    status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
     TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 exit:
-    psa_its_remove(MBEDTLS_RANDOM_SEED_ITS_UID);
+    psa_its_remove( MBEDTLS_RANDOM_SEED_ITS_UID );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */

From 1c66205df6ea46070adfb09a6490fc91c6e9a5b4 Mon Sep 17 00:00:00 2001
From: avolinski <alex.volinski@arm.com>
Date: Wed, 21 Nov 2018 16:54:09 +0200
Subject: [PATCH 687/889] Remove trailing space in psa_crypto.c

---
 library/psa_crypto.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index cc5532a00..9c85b7ce3 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -4289,7 +4289,6 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed,
         /* You should not be here. Seed needs to be injected only once */
         status = PSA_ERROR_NOT_PERMITTED;
     }
-    
     return( status );
 }
 #endif

From 0d2c266c06aea854a6b9d40790a9ab0879caff2d Mon Sep 17 00:00:00 2001
From: avolinski <alex.volinski@arm.com>
Date: Wed, 21 Nov 2018 17:31:07 +0200
Subject: [PATCH 688/889] change MBEDTLS_RANDOM_SEED_ITS define to be
 PSA_CRYPTO_ITS_RANDOM_SEED_UID

---
 include/psa/crypto_extra.h                          |  2 +-
 library/psa_crypto.c                                |  4 ++--
 tests/suites/test_suite_psa_crypto_entropy.function | 10 +++++-----
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index 880e09c24..b6f5adc89 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -35,7 +35,7 @@ extern "C" {
 #endif
 
 /* UID for secure storage seed */
-#define MBEDTLS_RANDOM_SEED_ITS_UID 0xFFFFFF52
+#define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52
 
 /**
  * \brief Library deinitialization.
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 9c85b7ce3..aefd3da14 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -4276,12 +4276,12 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed,
           ( seed_size > MBEDTLS_ENTROPY_MAX_SEED_SIZE ) )
             return( PSA_ERROR_INVALID_ARGUMENT );
 
-    its_status = psa_its_get_info( MBEDTLS_RANDOM_SEED_ITS_UID, &p_info );
+    its_status = psa_its_get_info( PSA_CRYPTO_ITS_RANDOM_SEED_UID, &p_info );
     status = its_to_psa_error( its_status );
 
     if( PSA_ITS_ERROR_KEY_NOT_FOUND == its_status ) /* No seed exists */
     {
-        its_status = psa_its_set( MBEDTLS_RANDOM_SEED_ITS_UID, seed_size, seed, 0 );
+        its_status = psa_its_set( PSA_CRYPTO_ITS_RANDOM_SEED_UID, seed_size, seed, 0 );
         status = its_to_psa_error( its_status );
     }
     else if( PSA_ITS_SUCCESS == its_status )
diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function
index 2c069a9e3..46c77e97c 100644
--- a/tests/suites/test_suite_psa_crypto_entropy.function
+++ b/tests/suites/test_suite_psa_crypto_entropy.function
@@ -48,7 +48,7 @@ void validate_entropy_seed_injection( int seed_length_a,
     {
         seed[i] = i;
     }
-    its_status =  psa_its_remove( MBEDTLS_RANDOM_SEED_ITS_UID );
+    its_status =  psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
     TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) ||
                  ( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) );
     status = mbedtls_psa_inject_entropy( seed, seed_length_a );
@@ -61,7 +61,7 @@ void validate_entropy_seed_injection( int seed_length_a,
     TEST_ASSERT( memcmp( output, zeros, sizeof( output ) ) != 0 );
 exit:
     mbedtls_free( seed );
-    psa_its_remove( MBEDTLS_RANDOM_SEED_ITS_UID );
+    psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -78,12 +78,12 @@ void run_entropy_inject_with_crypto_init( )
     {
         seed[i] = i;
     }
-    its_status =  psa_its_remove( MBEDTLS_RANDOM_SEED_ITS_UID );
+    its_status =  psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
     TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) ||
                  ( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) );
     status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
     TEST_ASSERT( status == PSA_SUCCESS );
-    its_status =  psa_its_remove( MBEDTLS_RANDOM_SEED_ITS_UID );
+    its_status =  psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
     TEST_ASSERT( its_status == PSA_ITS_SUCCESS );
     status = psa_crypto_init( );
     TEST_ASSERT( status == PSA_ERROR_INSUFFICIENT_ENTROPY );
@@ -96,7 +96,7 @@ void run_entropy_inject_with_crypto_init( )
     status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
     TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 exit:
-    psa_its_remove( MBEDTLS_RANDOM_SEED_ITS_UID );
+    psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */

From b309eec4a54dcc171c59d74c54ad3838e3537e61 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 20 Nov 2018 20:56:14 +0100
Subject: [PATCH 689/889] Move library initialization tests to a new test suite

---
 tests/CMakeLists.txt                          |  1 +
 tests/suites/test_suite_psa_crypto.data       |  9 ----
 tests/suites/test_suite_psa_crypto.function   | 36 -------------
 tests/suites/test_suite_psa_crypto_init.data  |  8 +++
 .../test_suite_psa_crypto_init.function       | 50 +++++++++++++++++++
 5 files changed, 59 insertions(+), 45 deletions(-)
 create mode 100644 tests/suites/test_suite_psa_crypto_init.data
 create mode 100644 tests/suites/test_suite_psa_crypto_init.function

diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 95d60ff31..56ce9338a 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -113,6 +113,7 @@ add_test_suite(poly1305)
 add_test_suite(psa_crypto)
 add_test_suite(psa_crypto_entropy)
 add_test_suite(psa_crypto_hash)
+add_test_suite(psa_crypto_init)
 add_test_suite(psa_crypto_metadata)
 add_test_suite(psa_crypto_persistent_key)
 add_test_suite(psa_crypto_storage_file)
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index e1c1b0545..1ce394e5a 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1,9 +1,6 @@
 PSA compile-time sanity checks
 static_checks:
 
-PSA init/deinit
-init_deinit:
-
 PSA fill 250 slots
 fill_slots:250
 
@@ -1829,12 +1826,6 @@ PSA generate key: ECC, SECP256R1, incorrect bit size
 depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDSA_C
 generate_key:PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY:PSA_ALG_ECDSA_ANY:PSA_ERROR_INVALID_ARGUMENT
 
-PSA validate module initialization: random
-validate_module_init_generate_random:
-
-PSA validate module initialization: key based
-validate_module_init_key_based:
-
 persistent key can be accessed after in-memory deletion: AES, 128 bits, CTR
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PSA_CRYPTO_STORAGE_C
 persistent_key_load_key_from_storage:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:IMPORT_KEY:PSA_SUCCESS
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 53295befa..2fa060b25 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -871,22 +871,6 @@ void static_checks( )
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
-void init_deinit( )
-{
-    psa_status_t status;
-    int i;
-    for( i = 0; i <= 1; i++ )
-    {
-        status = psa_crypto_init( );
-        TEST_ASSERT( status == PSA_SUCCESS );
-        status = psa_crypto_init( );
-        TEST_ASSERT( status == PSA_SUCCESS );
-        mbedtls_psa_crypto_free( );
-    }
-}
-/* END_CASE */
-
 /* BEGIN_CASE */
 void fill_slots( int max_arg )
 {
@@ -4018,26 +4002,6 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
-void validate_module_init_generate_random( )
-{
-    psa_status_t status;
-    uint8_t random[10] = { 0 };
-    status = psa_generate_random( random, sizeof( random ) );
-    TEST_ASSERT( status == PSA_ERROR_BAD_STATE );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void validate_module_init_key_based( )
-{
-    psa_status_t status;
-    uint8_t data[10] = { 0 };
-    status = psa_import_key( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) );
-    TEST_ASSERT( status == PSA_ERROR_BAD_STATE );
-}
-/* END_CASE */
-
 /* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
 void persistent_key_load_key_from_storage( data_t *data, int type_arg,
                                            int bits, int usage_arg,
diff --git a/tests/suites/test_suite_psa_crypto_init.data b/tests/suites/test_suite_psa_crypto_init.data
new file mode 100644
index 000000000..ad90c17cd
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_init.data
@@ -0,0 +1,8 @@
+PSA init/deinit
+init_deinit:
+
+PSA validate module initialization: random
+validate_module_init_generate_random:
+
+PSA validate module initialization: key based
+validate_module_init_key_based:
diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function
new file mode 100644
index 000000000..4ac76a3a5
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_init.function
@@ -0,0 +1,50 @@
+/* BEGIN_HEADER */
+#include <stdint.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+#include "spm/psa_defs.h"
+#endif
+#include "psa/crypto.h"
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void init_deinit( )
+{
+    psa_status_t status;
+    int i;
+    for( i = 0; i <= 1; i++ )
+    {
+        status = psa_crypto_init( );
+        TEST_ASSERT( status == PSA_SUCCESS );
+        status = psa_crypto_init( );
+        TEST_ASSERT( status == PSA_SUCCESS );
+        mbedtls_psa_crypto_free( );
+    }
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void validate_module_init_generate_random( )
+{
+    psa_status_t status;
+    uint8_t random[10] = { 0 };
+    status = psa_generate_random( random, sizeof( random ) );
+    TEST_ASSERT( status == PSA_ERROR_BAD_STATE );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void validate_module_init_key_based( )
+{
+    psa_status_t status;
+    uint8_t data[10] = { 0 };
+    status = psa_import_key( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) );
+    TEST_ASSERT( status == PSA_ERROR_BAD_STATE );
+}
+/* END_CASE */

From 445e2257453520b3af895b62649415771d3f4bfc Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 20 Nov 2018 21:00:42 +0100
Subject: [PATCH 690/889] Test that deinit deactivates random generation and
 key slots

---
 tests/suites/test_suite_psa_crypto_init.data  | 16 +++++++++-----
 .../test_suite_psa_crypto_init.function       | 22 +++++++++++++++----
 2 files changed, 29 insertions(+), 9 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto_init.data b/tests/suites/test_suite_psa_crypto_init.data
index ad90c17cd..61f067d06 100644
--- a/tests/suites/test_suite_psa_crypto_init.data
+++ b/tests/suites/test_suite_psa_crypto_init.data
@@ -1,8 +1,14 @@
 PSA init/deinit
-init_deinit:
+init_deinit:2
 
-PSA validate module initialization: random
-validate_module_init_generate_random:
+No random without init
+validate_module_init_generate_random:0
 
-PSA validate module initialization: key based
-validate_module_init_key_based:
+No key slot access without init
+validate_module_init_key_based:0
+
+No random after deinit
+validate_module_init_generate_random:1
+
+No key slot access after deinit
+validate_module_init_key_based:1
diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function
index 4ac76a3a5..7fccc13d2 100644
--- a/tests/suites/test_suite_psa_crypto_init.function
+++ b/tests/suites/test_suite_psa_crypto_init.function
@@ -14,11 +14,11 @@
  */
 
 /* BEGIN_CASE */
-void init_deinit( )
+void init_deinit( int count )
 {
     psa_status_t status;
     int i;
-    for( i = 0; i <= 1; i++ )
+    for( i = 0; i < count; i++ )
     {
         status = psa_crypto_init( );
         TEST_ASSERT( status == PSA_SUCCESS );
@@ -30,20 +30,34 @@ void init_deinit( )
 /* END_CASE */
 
 /* BEGIN_CASE */
-void validate_module_init_generate_random( )
+void validate_module_init_generate_random( int count )
 {
     psa_status_t status;
     uint8_t random[10] = { 0 };
+    int i;
+    for( i = 0; i < count; i++ )
+    {
+        status = psa_crypto_init( );
+        TEST_ASSERT( status == PSA_SUCCESS );
+        mbedtls_psa_crypto_free( );
+    }
     status = psa_generate_random( random, sizeof( random ) );
     TEST_ASSERT( status == PSA_ERROR_BAD_STATE );
 }
 /* END_CASE */
 
 /* BEGIN_CASE */
-void validate_module_init_key_based( )
+void validate_module_init_key_based( int count )
 {
     psa_status_t status;
     uint8_t data[10] = { 0 };
+    int i;
+    for( i = 0; i < count; i++ )
+    {
+        status = psa_crypto_init( );
+        TEST_ASSERT( status == PSA_SUCCESS );
+        mbedtls_psa_crypto_free( );
+    }
     status = psa_import_key( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) );
     TEST_ASSERT( status == PSA_ERROR_BAD_STATE );
 }

From c6b6907066b016a2e2babb9ea6940d6a8c202575 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 20 Nov 2018 21:42:52 +0100
Subject: [PATCH 691/889] Make library init and deinit more robust to errors

Allow mbedtls_psa_crypto_free to be called twice, or without a prior
call to psa_crypto_init. Keep track of the initialization state more
precisely in psa_crypto_init so that mbedtls_psa_crypto_free knows
what to do.
---
 library/psa_crypto.c                          | 51 ++++++++++++++-----
 tests/suites/test_suite_psa_crypto_init.data  |  6 +++
 .../test_suite_psa_crypto_init.function       | 13 +++++
 3 files changed, 58 insertions(+), 12 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 291dcdb0d..4c0ac1213 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -146,12 +146,21 @@ static int key_type_is_raw_bytes( psa_key_type_t type )
     return( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) );
 }
 
+enum rng_state
+{
+    RNG_NOT_INITIALIZED = 0,
+    RNG_INITIALIZED,
+    RNG_SEEDED,
+};
+
 typedef struct
 {
-    int initialized;
     mbedtls_entropy_context entropy;
     mbedtls_ctr_drbg_context ctr_drbg;
     key_slot_t key_slots[PSA_KEY_SLOT_COUNT];
+    unsigned initialized : 1;
+    enum rng_state rng_state : 2;
+    unsigned key_slots_initialized : 1;
 } psa_global_data_t;
 
 static psa_global_data_t global_data;
@@ -4433,18 +4442,26 @@ void mbedtls_psa_crypto_free( void )
     psa_key_slot_t key;
     key_slot_t *slot;
     psa_status_t status;
-
-    for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ )
+    if( global_data.key_slots_initialized )
     {
-        status = psa_get_key_slot( key, &slot );
-        if( status != PSA_SUCCESS )
-            continue;
-        psa_remove_key_data_from_memory( slot );
-        /* Zeroize the slot to wipe metadata such as policies. */
-        mbedtls_zeroize( slot, sizeof( *slot ) );
+        for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ )
+        {
+            status = psa_get_key_slot( key, &slot );
+            if( status != PSA_SUCCESS )
+                continue;
+            psa_remove_key_data_from_memory( slot );
+            /* Zeroize the slot to wipe metadata such as policies. */
+            mbedtls_zeroize( slot, sizeof( *slot ) );
+        }
     }
-    mbedtls_ctr_drbg_free( &global_data.ctr_drbg );
-    mbedtls_entropy_free( &global_data.entropy );
+    if( global_data.rng_state != RNG_NOT_INITIALIZED )
+    {
+        mbedtls_ctr_drbg_free( &global_data.ctr_drbg );
+        mbedtls_entropy_free( &global_data.entropy );
+    }
+    /* Wipe all remaining data, including configuration.
+     * In particular, this sets all state indicator to the value
+     * indicating "uninitialized". */
     mbedtls_zeroize( &global_data, sizeof( global_data ) );
 }
 
@@ -4453,20 +4470,30 @@ psa_status_t psa_crypto_init( void )
     int ret;
     const unsigned char drbg_seed[] = "PSA";
 
+    /* Double initialization is explicitly allowed. */
     if( global_data.initialized != 0 )
         return( PSA_SUCCESS );
 
     mbedtls_zeroize( &global_data, sizeof( global_data ) );
+
+    /* Initialize the random generator. */
     mbedtls_entropy_init( &global_data.entropy );
     mbedtls_ctr_drbg_init( &global_data.ctr_drbg );
-
+    global_data.rng_state = RNG_INITIALIZED;
     ret = mbedtls_ctr_drbg_seed( &global_data.ctr_drbg,
                                  mbedtls_entropy_func,
                                  &global_data.entropy,
                                  drbg_seed, sizeof( drbg_seed ) - 1 );
     if( ret != 0 )
         goto exit;
+    global_data.rng_state = RNG_SEEDED;
 
+    /* Initialize the key slots. Zero-initialization has made all key
+     * slots empty, so there is nothing to do. In a future version we will
+     * load data from storage. */
+    global_data.key_slots_initialized = 1;
+
+    /* All done. */
     global_data.initialized = 1;
 
 exit:
diff --git a/tests/suites/test_suite_psa_crypto_init.data b/tests/suites/test_suite_psa_crypto_init.data
index 61f067d06..e44111814 100644
--- a/tests/suites/test_suite_psa_crypto_init.data
+++ b/tests/suites/test_suite_psa_crypto_init.data
@@ -1,6 +1,12 @@
 PSA init/deinit
 init_deinit:2
 
+PSA deinit without init
+deinit_without_init:0
+
+PSA deinit twice
+deinit_without_init:1
+
 No random without init
 validate_module_init_generate_random:0
 
diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function
index 7fccc13d2..7cb10c0a1 100644
--- a/tests/suites/test_suite_psa_crypto_init.function
+++ b/tests/suites/test_suite_psa_crypto_init.function
@@ -29,6 +29,19 @@ void init_deinit( int count )
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void deinit_without_init( int count )
+{
+    int i;
+    for( i = 0; i < count; i++ )
+    {
+        TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+        mbedtls_psa_crypto_free( );
+    }
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void validate_module_init_generate_random( int count )
 {

From ef42f22edd92cdac4221d17d89db22f1ce80bdc2 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 15 Nov 2018 17:43:32 +0000
Subject: [PATCH 692/889] Add NIST AES GCM test vectors to single-step cipher
 API test suite

The test suites `test_suite_gcm.aes{128,192,256}_en.data` contains
numerous NIST test vectors for AES-*-GCM against which the GCM
API mbedtls_gcm_xxx() is tested.

However, one level higher at the cipher API, no tests exist which
exercise mbedtls_cipher_auth_{encrypt/decrypt}() for GCM ciphers,
although test_suite_cipher.function contains the test auth_crypt_tv
which does precisely that and is already used e.g. in
test_suite_cipher.ccm.

This commit replicates the test vectors from
test_suite_gcm.aes{128,192,256}_en.data in test_suite_cipher.gcm.data
and adds a run of auth_crypt_tv for each of them.

The conversion was mainly done through the sed command line

```
s/gcm_decrypt_and_verify:\([^:]*\):\([^:]*\):\([^:]*\):\([^:]*\):
\([^:]*\):\([^:]*\):\([^:]*\):\([^:]*\):\([^:]*\):\([^:]*\)/auth_crypt_tv:
\1:\2:\4:\5:\3:\7:\8:\9/
```
---
 tests/suites/test_suite_cipher.gcm.data | 2016 +++++++++++++++++++++++
 1 file changed, 2016 insertions(+)

diff --git a/tests/suites/test_suite_cipher.gcm.data b/tests/suites/test_suite_cipher.gcm.data
index 0efed5848..62cc42b8c 100644
--- a/tests/suites/test_suite_cipher.gcm.data
+++ b/tests/suites/test_suite_cipher.gcm.data
@@ -701,3 +701,2019 @@ decrypt_test_vec:MBEDTLS_CIPHER_CAMELLIA_256_GCM:-1:"feffe9928665731c6d6a8f94673
 CAMELLIA 256 GCM Decrypt test vector #5
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_GCM_C
 decrypt_test_vec:MBEDTLS_CIPHER_CAMELLIA_256_GCM:-1:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"cafebabefacedbad":"6ca95fbb7d16577a9ef2fded94dc85b5d40c629f6bef2c649888e3cbb0ededc7810c04b12c2983bbbbc482e16e45c9215ae12c15c55f2f4809d06652":"":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"e6472b8ebd331bfcc7c0fa63ce094462":0:MBEDTLS_ERR_CIPHER_AUTH_FAILED
+
+AES-GCM NIST Validation (AES-128,128,0,0,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d785dafea3e966731ef6fc6202262584":"d91a46205ee94058b3b8403997592dd2":"":"":"3b92a17c1b9c3578a68cffea5a5b6245":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aec963833b9098de1ababc853ab74d96":"4e0ffd93beffd732c6f7d6ad606a2d24":"":"":"e9fcedc176dfe587dc61b2011010cdf1":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4fb9e3393681da9cec5ec96f87c5c31":"845e910bc055d895879f62101d08b4c7":"":"":"99fb783c497416e4b6e2a5de7c782057":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2a930f2e09beceacd9919cb76f2ac8d3":"340d9af44f6370eff534c653033a785a":"":"":"0c1e5e9c8fe5edfd11f114f3503d63":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe71177e02073b1c407b5724e2263a5e":"83c23d20d2a9d4b8f92da96587c96b18":"":"":"43b2ca795420f35f6cb39f5dfa47a2":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b02392fd7f228888c281e59d1eaa15fb":"2726344ba8912c737e195424e1e6679e":"":"":"a10b601ca8053536a2af2cc255d2b6":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"21895cbafc16b7b8bf5867e88e0853d4":"f987ce1005d9bbd31d2452fb80957753":"":"":"952a7e265830d58a6778d68b9450":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9bb9742bf47f68caf64963d7c10a97b0":"34a85669de64e1cd44731905fddbcbc5":"":"":"e9b6be928aa77b2de28b480ae74c":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e9708e4b37e2e1b5feaf4f5ab54e2a6":"1c53a9fdd23919b036d99560619a9939":"":"":"6611b50d6fbca83047f9f5fe1768":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"82fede79db25f00be96eb050a22cea87":"e9c50b517ab26c89b83c1f0cac50162c":"":"":"d0c0ce9db60b77b0e31d05e048":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1d98566fca5201abb12914311a8bd532":"590aef4b46a9023405d075edab7e6849":"":"":"a1cfd1a27b341f49eda2ca8305":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3038771820c2e1319f02a74b8a7a0c08":"e556d9f07fb69d7e9a644261c80fac92":"":"":"4d2f005d662b6a8787f231c5e1":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0fb7eef50de598d7d8b508d019a30d5a":"a2a2617040116c2c7e4236d2d8278213":"":"":"68413c58df7bb5f067197ca0":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8cc58b609204215c8ab4908286e56e5c":"fb83ea637279332677b5f68081173e99":"":"":"a2a9160d82739a55d8cd419f":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"81a5fd184742a478432963f6477e8f92":"da297cbb53b11d7c379e0566299b4d5a":"":"":"200bee49466fdda2f21f0062":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"f604ac66d626959e595cbb7b4128e096":"269d2a49d533c6bb38008711f38e0b39":"":"":"468200fa4683e8be":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2e308ba7903e925f768c1d00ff3eb623":"335acd2aa48a47a37cfe21e491f1b141":"":"":"4872bfd5e2ff55f6":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1304e2a5a3520454a5109df61a67da7a":"dbe8b452acf4fa1444c3668e9ee72d26":"":"":"83a0d3440200ca95":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ecf1ec2c9a8f2e9cc799f9b9fddb3232":"ddf0b695aef5df2b594fcaae72b7e41c":"":"":"2819aedf":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9ab5c8ca905b5fe50461f4a68941144b":"96dd3927a96e16123f2e9d6b367d303f":"":"":"6e0c53ef":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b5fc7af605721a9cfe61c1ee6a4b3e22":"6b757d4055823d1035d01077666037d6":"":"":"e8c09ddd":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03c0b4a6e508a8490db0d086a82c9db7":"ac52f6c1a05030321fa39f87e89fdb5e":"33316ca79d10a79f4fd038593e8eef09625089dc4e0ffe4bc1f2871554fa6666ab3e7fe7885edef694b410456f3ec0e513bb25f1b48d95e4820c5972c1aabb25c84c08566002dadc36df334c1ce86847964a122016d389ac873bca8c335a7a99bcef91e1b985ae5d488a2d7f78b4bf14e0c2dc715e814f4e24276057cf668172":"":"756292d8b4653887edef51679b161812":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b228d3d15219ea9ad5651fce02c8374d":"5c7eafaead029c3fe3cf3835fe758d0e":"8c35dd805c08686b9b4d460f81b4dcb8c46c6d57842dc3e72ba90952e2bebf17fe7184445b02f801800a944486d662a127d01d3b7f42679052cdc73ce533129af8d13957415c5495142157d6ce8a68aa977e56f562fed98e468e42522767656ce50369471060381bb752dd5e77c79677a4cadffa39e518e30a789e793b07ea21":"":"a4dde1ab93c84937c3bbc3ad5237818d":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"776afcbabedd5577fe660a60f920b536":"5bbb7f1b14084e520408dd87b97705e9":"44631fc9d4a07416b0dfb4e2b42071e3e2be45502c9ddf72b3e61810eeda31a7d685ebb2ee43a2c06af374569f439ee1668c550067de2dece9ec46ee72b260858d6033f814e85275c5ae669b60803a8c516de32804fa34d3a213ccfaf6689046e25eeb30b9e1608e689f4d31cc664b83a468a51165f5625f12f098a6bf7ddab2":"":"a5347d41d93b587240651bcd5230264f":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"20abeafa25fc4ea7d0592cb3e9b4d5fe":"3aba79a58c5aa664856b41d552c7a8d3":"98cfecaae9eb9a7c3b17e6bc5f80d8a4bf7a9f4fa5e01b74cae15ee6af14633205aafe3b28fb7b7918e12322ea27352056a603746d728a61361134a561619400ff2bf679045bac2e0fbc2c1d41f8faba4b27c7827bceda4e9bf505df4185515dd3a5e26f7639c8ad5a38bc5906a44be062f02cc53862678ae36fa3de3c02c982":"":"2a67ad1471a520fe09a304f0975f31":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2bc73fba942ff105823b5dccf6befb1c":"902c3e3b69b1ef8395d7281ff74cce38":"4adec0b4ac00325a860044d9f9519daa4f7c163229a75819b0fd7d8e23319f030e61dfa8eadabff42ea27bc36bdb6cad249e801ca631b656836448b7172c11126bad2781e6a1aa4f62c4eda53409408b008c057e0b81215cc13ddabbb8f1915f4bbab854f8b00763a530ad5055d265778cd3080d0bd35b76a329bdd5b5a2d268":"":"ebdd7c8e87fe733138a433543542d1":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"356a4c245868243d61756cabe86da887":"b442f2ec6d45a17144c258fd59fe5b3b":"12cccc3c60474b0a1579c5006c2134850724fa6c9da3a7022d4f65fd238b052bdf34ea34aa7dbadad64996065acee588ab6bd29726d07ed24ffae2d33aadf3e66ebb87f57e689fd85128be1c9e3d8362fad1f8096ee391f75b576fb213d394cef6f091fc5488d9aa152be69475b9167abd6dd4fd93bbbc7b8ca316c952eb19c6":"":"ed26080dcb670590613d97d7c47cf4":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfa7e93aff73600fc552324253066e2c":"c20001e93f1cd05253c277a9445d61e4":"a64d1e20058a1f7e698622a02f7ff8dc11886717ede17bbdc3c4645a66a71d8b04346fb389a251ffb0a7f445a25faf642bb7e4697d2cacf925e78c4be98457996afb25b0516b50f179441d1923312364947f8f1e0f5715b43bd537727bf943d7b4679b0b0b28b94e56e7bbf554d9cf79fcee4387f32bb6f91efdd23620035be6":"":"6ba5e4dace9a54b50b901d9b73ad":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2ecea80b48d2ecd194a7699aa7d8ccfc":"8b4db08bafc23b65ae50a2d20661d270":"efc2ca1a3b41b90f8ddf74291d68f072a6e025d0c91c3ce2b133525943c73ebadc71f150be20afeb097442fa51be31a641df65d90ebd81dcbaf32711ed31f5e0271421377ffe14ddafea3ca60a600588d484856a98de73f56a766ae60bae384a4ae01a1a06821cf0c7a6b4ee4c8f413748457b3777283d3310218fb55c107293":"":"246a9d37553088b6411ebb62aa16":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d38fee3fd3d6d08224c3c83529a25d08":"a942ccb11cf9468186fabfc18c899801":"1c92a4ce0a1dae27e720d6f9b1e460276538de437f3812ab1177cf0273b05908f296f33ba0f4c790abe2ce958b1d92b930a0d81243e6ad09ef86ee8e3270243095096537cb1054fcfcf537d828b65af9b6cf7c50f5b8470f7908f314d0859107eed772ee1732c78e8a2e35b2493f3e8c1e601b08aeab8d9729e0294dca168c62":"":"803a08700ec86fdeb88f7a388921":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1899b0cbae41d705c6eed3226afb5bc0":"82d0910aa53e300a487d880d018d0dea":"6bf5583cc1007d74f3529db63b8d4e085400ccf3725eab8e19cb145f3910c61465a21486740a26f74691866a9f632af9fae81f5f0bffedf0c28a6ce0fd520bb4db04a3cd1a7d29d8801e05e4b9c9374fd89bcb539489c2f7f1f801c253a1cc737408669bcd133b62da357f7399a52179125aa59fae6707d340846886d730a835":"":"c5d58870fee9ce157f5ec1fa8f":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b95323d86d02754f4c2874b42ec6eb0":"4f76084acbdef9999c71dcc794238d7c":"ebc75788377c0b264818a6f97c19cf92c29f1c7cdeb6b5f0a92d238fa4614bc35d0cfe4ec9d045cd628ff6262c460679ac15b0c6366d9289bbd217e5012279e0af0fb2cfcbdf51fe16935968cbb727f725fe5bcd4428905849746c8493600ce8b2cfc1b61b04c8b752b915fed611d6b54ef73ec4e3950d6db1807b1ce7ed1dcc":"":"c4724ff1d2c57295eb733e9cad":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30da555559eb11cf7e0eff9d99e9607d":"7799275bf12335f281ec94a870f90a0b":"e735d556e15aec78d9736016c8c99db753ed14d4e4adaaa1dd7eaad702ea5dc337433f8c2b45afdf2f385fdf6c55574425571e079ca759b6235f877ed11618ff212bafd865a22b80b76b3b5cf1acfd24d92fd41607bbb7382f26cd703757088d497b16b32de80e1256c734a9b83356b6fced207177de75458481eaef59a431d7":"":"3c82272130e17c4a0a007a908e":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ed2ac74af896c5190c271cfa6af02fd2":"e0226e2d8da47badad1fb78b9a797f27":"8f11353ae476ff923013e6e736ffc9d23101a1c471ccc07ad372a8430d6559c376075efce2e318cdf4c9443dbf132e7e6da5524045028c97e904633b44c4d189a4b64237ac7692dd03c0e751ce9f04d0fdbd8a96074cd7dfa2fd441a52328b4ac3974b4902db45663f7b6f24947dba618f8b9769e927faf84c9f49ad8239b9fb":"":"db8af7a0d548fc54d9457c73":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0225b73fe5fbbe52f838d873173959d8":"02a048764f48d9aed1147ee922395bbf":"9b46a57b06e156c877e94c089814493ead879397dab3dfcab2db349ef387efcd0cc339a7e79131a2c580188fc7429044a465b8329d74cd8f47272a4ed32582b1c5c7e3d32341ae902ea4923dc33df8062bc24bb51a11d2ecc82f464f615041387f9c82bd2135d4e240fe56fa8a68e6a9a417e6702430a434b14d70cf02db3181":"":"e2c2ce4022c49a95c9ac9026":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"89ca3771a0ef3287568b4ac036120198":"7e83d2ffa8af8c554cfd71a0db56ef5b":"1bd7a9d6262882bd12c62bd50942965b3cdcadf5e0fab2dc4d0daf0ee4b16e92c6e2464c0caa423cdce88e4d843490609716ec5e44c41672c656ac0e444d3622557ea8420c94deae3ad190ddaf859f6f8c23e4e2e32a46d28df23de4f99bd6c34f69e06eddfdfa5f263dbe8baf9d4296b2c543e4c4847271e7590374edf46234":"":"06b2bf62591dc7ec1b814705":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a41a297bd96e224942998fe2192934a1":"6827f2c5a0b7ecd6bbc696abb0adf556":"f32041abd8543415cbac423d945dda5378a16a7e94d9ab5dbd2d32eb1c5048cc7c8e4df3ca84ec725f18c34cfdeaa7595392aabfd66d9e2f37c1165369cd806cd9d2110def6f5fad4345e5a6e2326c9300199438fcc078cd9fcf4d76872cac77fc9a0a8ac7e4d63995078a9addecf798460ff5910861b76c71bccfb6b629d722":"":"49a4917eef61f78e":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a9372c058f42e0a1d019bdb528313919":"8d03f423230c8f00a5b6b712d426a2af":"cfef4e70fcc1821eeccf7c7b5eb3c0c3b5f72dc762426e0bd26242f8aa68c5b716ab97eded5e5720caccc1965da603d556d8214d5828f2cf276d95bf552d47313876796221f62ccb818a6d801088755d58cfb751bfed0d5a19718d4e0f94b850e0279b3a69295d1837cba958a6cc56e7594080b9e5b954a199fdc9e54ddc8583":"":"b82cd11cd3575c8d":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6302b7338f8fa84195ad9abbacd89b4e":"e1bed5c53547cbc85f3411fbb43bb08b":"bcd329c076e8da2797d50dcdcf271cecf3ce12f3c136ed746edc722f907be6133276ee099038fdc5d73eec812739c7489d4bcc275f95451b44890416e3ffe5a1b6fa3986b84eee3adad774c6feaecb1f785053eeda2cfc18953b8547866d98918dbe0a6abc168ac7d77467a367f11c284924d9d186ef64ef0fd54eacd75156d2":"":"5222d092e9e8bd6c":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78b5c28d62e4b2097873a1180bd5a3a5":"c93902c2819ee494f0fc4b259ee65dd8":"e6b1192674a02083a6cf36d4ba93ba40a5331fadf63fd1eb2efa2ee9c0d8818472aaaf2b4705746011753f30f447c8f58dd34d29606daf57eadc172529837058cb78a378b19da8d63c321f550dfa256b5fd9f30e93d8f377443bfcd125f86a079a1765d2010be73d060f24eebae8d05e644688b2149bc39e18bd527bc066f2ba":"":"eae48137":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d84130578070e036c9e3df5b5509473":"3b9b4950523a19c6866fd2b0cde541fd":"a764931e1b21a140c54a8619aacdb4358834987fb6e263cec525f888f9e9764c165aaa7db74f2c42273f912daeae6d72b232a872ac2c652d7cd3af3a5753f58331c11b6c866475697876dbc4c6ca0e52a00ba015ee3c3b7fb444c6e50a4b4b9bbe135fc0632d32a3f79f333d8f487771ed12522e664b9cf90e66da267f47a74d":"":"79987692":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08428605ab4742a3e8a55354d4764620":"128f5f4a817e4af04113847a223adeb0":"464b484ed79d93a48e0f804e04df69d7ca10ad04ba7188d69e6549ab50503baaec67e0acba5537d1163c868fd3e350e9d0ae9123046bc76815c201a947aa4a7e4ed239ce889d4ff9c8d043877de06df5fc27cf67442b729b02e9c30287c0821ef9fa15d4cccbc53a95fa9ec3ed432ca960ebbf5a169ccada95a5bf4c7c968830":"":"3eb3e3a2":"":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd358bc3f992f26e81e3a2f3aa2d517":"d8c750bb443ee1a169dfe97cfe4d855b":"":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"a81d13973baa22a751833d7d3f94b3b1":"":"77949b29f085bb3abb71a5386003811233056d3296eb093370f7777dadd306d93d59dcb9754d3857cf2758091ba661f845ef0582f6ae0e134328106f0d5d16b541cd74fdc756dc7b53f4f8a194daeea9369ebb1630c01ccb307b848e9527da20a39898d748fd59206f0b79d0ed946a8958033a45bd9ae673518b32606748eb65"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"43b5f18227e5c74288dbeff03801acd6":"08ee12246cf7edb81da3d610f3ebd167":"":"f58d630f10cfca61d4644d4f6505bab629e8e8faf1673e64417f9b79e622966a7011cfb3ff74db5cebf09ad3f41643d4437d213204a6c8397e7d59b8a5b1970aed2b6bb5ea1933c72c351f6ba96c0b0b98188f6e373f5db6c5ebece911ec7a1848abd3ae335515c774e0027dab7d1c07d047d3b8825ff94222dbaf6f9ab597ee":"82d83b2f7da218d1d1441a5b37bcb065":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a433c612d7e1bdff881e4d63ba8b141":"8b670cf31f470f79a6c0b79e73863ca1":"":"ce10758332f423228b5e4ae31efda7677586934a1d8f05d9b7a0dc4e2010ec3eaacb71a527a5fff8e787d75ebd24ad163394c891b33477ed9e2a2d853c364cb1c5d0bc317fcaf4010817dbe5f1fd1037c701b291b3a66b164bc818bf5c00a4c210a1671faa574d74c7f3543f6c09aaf117e12e2eb3dae55edb1cc5b4086b617d":"8526fd25daf890e79946a205b698f287":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8e9d75c781d63b29f1816859f7a0e0a0":"748a3b486b62a164cedcf1bab9325add":"":"a9f1883f58e4ef78377992101ab86da0dafcefa827904dd94dff6f6704b1e45517165a34c5555a55b04c6992fb6d0840a71bd262fe59815e5c7b80fe803b47d5ba44982a3f72cb42f591d8b62df38c9f56a5868af8f68242e3a15f97be8ef2399dbace1273f509623b6f9e4d27a97436aebf2d044e75f1c62694db77ceac05de":"131e0e4ce46d768674a7bcacdcef9c":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe6b8553002c69396d9976bb48d30779":"595b17d0d76b83780235f5e0c92bd21f":"":"786f4801b16de7a4931ab143b269c7acc68f1ed9b17a95e8929ccec7d53413059fd4267bedbf079d9d69e90314c1345bc9cb9132f1af69323157ddf7533ced42b4b7bd39004f14d326f5b03bc19084d231d93bcab328312d99b426c1e86e8e049d380bb492e2e32ad690af4cf86838d89a0dfdcbc30e8c9e9039e423a234e113":"8879de07815a88877b0623de9be411":"":"b15dc7cd44adcb0783f30f592e5e03ccd47851725af9fe45bfc5b01ae35779b9a8b3f26fec468b188ec3cad40785c608d6bfd867b0ccf07a836ec20d2d9b8451636df153a32b637e7dcdbd606603d9e53f6e4c4cc8396286ce64b0ea638c10e5a567c0bc8e808080b71be51381e051336e60bf1663f6d2d7640a575e0752553b"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14898c56009b459172fef9c17993b54f":"0862f8f87289988711a877d3231d44eb":"":"e7ba6ef722273238b975d551f95d3e77e9b75b24c547b86eafb457d409803bdf6e1443839d8604ee497020e1a3dbd687a819b17fdde0fcf240ce2129792792a58bfcd825773001ee959bf9ec8d228e27ce1cd93d7fb86769a3793361b6f82bf7daf284afc1ece657a1ee6346ea9294880755b9b623563ad2657ba2286488a2ef":"36938974301ae733760f83439437c4":"":"3fd56897a62743e0ab4a465bcc9777d5fd21ad2c9a59d7e4e1a60feccdc722b9820ec65cb47e1d1160d12ff2ea93abe11bc101b82514ead7d542007fee7b4e2dd6822849cd3e82d761ff7cf5ce4f40ad9fec54050a632a401451b426812cf03c2b16a8667a88bb3f7497e3308a91de6fd646d6a3562c92c24272411229a90802"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe5253d4b071793b081ebc122cc2a5f8":"49e82d86804e196421ec19ddc8541066":"":"b57a0bd7714ae95e77fa9452e11a7ed4a2bec60f81ad6ddb956d4b1cb5dfc277dcb4034d501801b26733b5e08c710c3cfdccc1b208dc7a92cd7ebe166320582bcaff64cc943c36fbe7008f004e5db70c40de05fa68b0c9d4c16c8f976130f20702b99674cd2f4c93aeaeb3abca4b1114dbc3a4b33e1226ad801aa0e21f7cc49b":"e8b8ae34f842277fe92729e891e3":"":"c4a31c7ec820469f895d57579f987733337ec6547d78d17c44a18fab91f0322cfe05f23f9afaf019cf9531dec2d420f3591d334f40d78643fd957b91ab588a7e392447bd702652017ede7fb0d61d444a3b3cc4136e1d4df13d9532eb71bcf3ff0ae65e847e1c572a2f90632362bc424da2249b36a84be2c2bb216ae7708f745c"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b3502d6f0d172246e16503cdf5793296":"6ce994689ff72f9df62f386a187c1a13":"":"09268b8046f1558794e35cdc4945b94227a176dd8cb77f92f883542b1c4be698c379541fd1d557c2a07c7206afdd49506d6a1559123de1783c7a60006df06d87f9119fb105e9b278eb93f81fd316b6fdc38ef702a2b9feaa878a0d1ea999db4c593438f32e0f849f3adabf277a161afb5c1c3460039156eec78944d5666c2563":"21cdf44ff4993eb54b55d58e5a8f":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5fb33dd73db309b9dfd3aee605cd94bf":"3f6486f9e9e645292e0e425bac232268":"":"f4e011f8c99038c46854b427475f23488077ebf051c4b705a1adfdd493a0a10af7a7e9453965b94f52f61ae62ce9243a82a2dbf9c5a285db3fe34ed34ed08b5926f34c48171195f7062d02a6e6e795322a0475017371cb8f645cdcac94afc66dc43e7583bdf1c25790f4235076a53de6c64f3bc5004e5a9ce4783fbf639fad97":"7ee5e0e2082b18d09abf141f902e":"":"0503cb531f1c967dae24f16dd651d544988a732020134896a0f109222e8639bf29ff69877c6ef4ac3df1b260842f909384e3d4409b99a47112681c4b17430041ca447a903a6c1b138f0efbb3b850d8290fceac9723a32edbf8e2d6e8143b1cbc7bf2d28d1b6c7f341a69918758cc82bbab5d898fa0f572d4ceaa11234cb511ec"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a958fe3b520081b638d9e4c7d5da7ac7":"c396109e96afde6f685d3c38aa3c2fae":"":"dfa9487378c7d8af9c8dbd9e533cd81503d9e4e7dab43133bad11fd3050a53a833df9cc3208af1a86110567d311d5fc54b0d627de433c381b10e113898203ac5225140f951cdb64c6494592b6453f9b6f952ec5ece732fb46c09a324f26b27cdad63588006bb5c6c00b9aa10d5d3b2f9eaab69beeddd6f93966654f964260018":"06ca91004be43cf46ed4599e23":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ec319fb143eac8215b51541daec268f2":"8a4684f42a1775b03806574f401cff78":"":"d298d988e74927736237eb8ab09d7a86b854fa2fd1f7f3be83b417ac10aa9291f4af5b3fbaf75a296ac32369ad57ded3984b84711953e477de3035ba430a30ffb84c941936e6c8d2cae8d80159876f87dd682747f2dccc36d7c32ab227032b8ac70b313fa4202ea236e3ec4d9e4d8b48cf3b90b378edc5b1dbeec929549344f8":"e91acb1bfda191630b560debc9":"":"27ce4a622959930f4059f247d29d1438257093cc973bf1bae4e0515da88b9a7e21ec59c7e4d062035cdf88b91254d856b11c8c1944865fa12922227ded3eecccaa36341ecf5405c708e9ea173f1e6cdf090499d3bb079910771080814607a1efe62ec6835dc0333d19dd39dd9ea9f31cd3632128536149a122050bb9365b521d"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14a3e69f351ac39b4297749a90c1365c":"eb1c6c04437aa5a32bcc208bb3c01724":"":"051224f7b208549dcfda5f9d56ce5f0a072ef1f23f3810c693516c92622be6ed4d7a9e0f9450980ba490b2e9e3468ea7eef10bc9ebd673d91f32b748c1bf2c50cc4ebb59fc409c6d780bba00700d563ce1dc9927a6c860095a42ed053f3d640debfbfa7a4e6d5de234af19755000d95e7f414f1f78285ee165410c020038286b":"e418815960559aefee8e0c3831":"":"797310a6ed9ce47cdc25f7f88f5dbbf6f8f4837701704d7afced250585922744598d6f95ba2eecf86e030cc5ee71b328fc1c4f2d4df945d1b91a2803d6ae8eba6881be5fe0f298dd0c0279e12720ede60b9e857ccca5abe9b4d7ee7f25108beebbfe33f05c0d9903bf613c2e7ed6a87b71b5e386d81b3ae53efd01055bbcccc2"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c34827771fc3918d1cee09ba9401b832":"2379bbd39a1c22bc93b9b9cc45f3840b":"":"ce79701b661066e53191c9acdaf677ad41622314898d7216e3f113e2e6e215d26d8bd139827f06ab3ea5c4105694e87db1dd6cec10e1f86a8744d4c541f08e40319e22ab42fc1a6c89edfd486b6f142c6bbbf84a73912e0b2e55b79db306ccabf839855afdd889e52ae981520c89e7dc29bb2adb1906cca8c93fcb21290a095b":"26e1f6cf0d9e0f36dfd669eb":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b1f9bd2006ec550b7b9913d383200b5d":"ca28fa6b64bb3b32ef7d211f1c8be759":"":"6d9fc8f586d50d6e0128172ae147844e80136905d3a297497a9566ca7c7445029028f14c9950acee92a5c12a9150f5e024e01c7505dd83937542b0b1288de9c292ae8ad918a09b2edf8493540b74c73d2794f2eb6eed18eba520ddea9567462c83330f33d7892fcde0b10c73a4e26ab1bef037cec7e0190b95188e9a752fee6f":"c87aac7ad0e85dbb103c0733":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b2cef1a92aa0af2b00fb2a99855d5bc":"08d87b7acee87d884667f6b1e32e34d0":"":"fd09525ef3c65ab5823e1b6c36b4a9449a3975c5d3a9e7e33c61fb32edcbb8e8c915b6202e3fbce87d73cc3b66d83d9ea7e1e353cc7468f08626932cf0235563e2a28953ee5a0afadb1c3cb513b1f1fc9a8a6cf326174b877448672f7731dd6430a51619da1a169ab302da5af5b38802f8bbf5890b5d9b45deda799679501dc4":"3bd7685318010b0c5fe3308b":"":"583e64631c218549923e8ad33b728d07f23b0f19d2aff1ad7e20d564c591db0e117caa8f21e3f3345e3d84f0ccbb27274cddf9274410fc342cb2a5d4aea4e925d0dd5350389ee0dea23a842ff3f5c1198374a96f41e055f999cfbc2f47ceaa883da8eb6ff729f583eff1f91bd3f3254d4e81e60d9993b3455e67f405708e4422"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"175c306f8644b0c4b894ae3d0971505e":"9860268ca2e10974f3726a0e5b9b310f":"":"fbe7ced7048f83e3a075661c4924eb77da1b4d6019d504afb942d728b31fd3b17557bd101c08453540a5e28d3505aeb8801a448afac2d9f68d20c0a31c7ef22bd95438851789eef1bebe8d96ac29607025b7e1366fecd3690ba90c315528dc435d9a786d36a16808d4b3e2c7c5175a1279792f1daccf51b2f91ac839465bb89a":"f809105e5fc5b13c":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08c0edcfe342a676ccdc04bdf854b4b0":"4a7b70753930fe659f8cc38e5833f0c7":"":"1fc8ef8480c32d908b4bcbfa7074a38e915c20ed7a1c608422087e89442d7c5af6fe9c9a716c55793248062d8e6c6e8e904e2804da3a43701e4c78ecdb67e0b25308afc6d9b463356439cd095cff1bdf0fd91ab301c79fd257046cba79a5d5cd99f2502ad968420e4d499110106072dc687f434db0955c756a174a9024373c48":"9ab1e2f3c4606376":"":"983458c3f198bc685d98cea2b23cf71f0eb126e90937cab3492a46d9dc85d76bbb8035c6e209c34b2a7187df007faabe9f3064dc63f1cb15bf5a10655e39b94732e0c6583d56327e9701344e048887a81b256181cdfa9ec42ebc990875e4852240ddcb3cbc4ea4e6307075fd314f7190f3553267bd68b19e954e310ec3f8dbab"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"241067a0301edf0f825d793e03383ea1":"a30994261f48a66bb6c1fc3d69659228":"":"6984bb9830843529fad7f5e7760db89c778d62c764fcd2136ffb35d7d869f62f61d7fef64f65b7136398c1b5a792844528a18a13fba40b186ae08d1153b538007fc460684e2add8a9ed8dd82acbb8d357240daaa0c4deb979e54715545db03fe22e6d3906e89bdc81d535dae53075a58f65099434bfeed943dbc6024a92aa06a":"36c3b4a732ba75ae":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03cccb5357bd2848332d1696f2ff90cb":"e0754022dfb1f813ccaf321558790806":"":"5e2f18cbc1e773df9f28be08abb3d0b64d545c870c5778ac8bb396bef857d2ac1342ae1afb3bf5d64e667bf837458415d48396204fe560e3b635eb10e560e437f2d0396952998fd36e116cd047c1d7f6fc9901094454d24165c557a8816e0d0a8e0ce41e040ba6f26ca567c74fc47d9738b8cd8dae5dfc831c65bc1ba9603a07":"c75f0246":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e5e53c84a05d5a5348bac7b2611cf62":"47e40543b7d16bc9122c40b106d31d43":"":"489c00c05dec06f282924c680f621ab99ac87f7d33ebbb4ca0eee187ec177d30d2b4afb4ee9f0dc019cf1a4da16d84b7f5f5c7fce72a32461db115b5a5a433024fd5ed3d47161836bb057a0189ed768f95e45fa967d0cc512fc91b555808c4033c945e8f2f7d36428dcb61f697e791b74e5c79b2bcb9cb81bec70d8119cd8d76":"81eec75d":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2c94008bf377f90b7a1c0d2ea38f730c":"abfe92931a8411a39986b74560a38211":"":"7b3d619d115de9970b2df4e1f25194940b3f3da04c653231e8e6946de9dc08ae5ba37e2a93c232e1f9445f31c01333045f22bd832e3b5f9833f37070fafb0ef1c44cc5637058ab64d9e07bb81b32852d4cf749a3ddbfdb494f8de8bb4e31f46033f8a16bc22e2595d023845505ea5db74dd69ab4ca940078b09efb4ff19bdb66":"47d42e78":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"69eedf3777e594c30e94e9c5e2bce467":"a3330638a809ba358d6c098e4342b81e":"df4e3f2b47cf0e8590228fcf9913fb8a5eb9751bba318fd2d57be68c7e788e04fabf303699b99f26313d1c4956105cd2817aad21b91c28f3b9251e9c0b354490fa5abfcea0065aa3cc9b96772eb8af06a1a9054bf12d3ae698dfb01a13f989f8b8a4bb61686cf3adf58f05873a24d403a62a092290c2481e4159588fea6b9a09":"5114e9983c96fecec3f7304ca42f52aa16cb7c6aadfb62ad537c93a3188835ca0703dad34c73cf96435b668b68a7a1d056931959316e8d3ab956bf64c4e07479c7767f9d488b0c0c351333ccf400b7e0be19a0fd173e3f2a1ae313f27e516952260fd2da9ab9daca478ebb93cd07d0b7503b32364d8e308d904d966c58f226bb":"5de3068e1e20eed469265000077b1db9":"":"208e6321238bf5c6e2ef55a4b8f531cbbfb0d77374fe32df6dd663486cf79beeed39bb6910c3c78dd0cc30707a0a12b226b2d06024db25dcd8a4e620f009cafa5242121e864c7f3f4360aaf1e9d4e548d99615156f156008418c1c41ff2bbc007cecf8f209c73203e6df89b32871de637b3d6af2e277d146ae03f3404d387b77"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"45cc35311eedf0ba093bf901931a7036":"fed5084de3c348f5a0adf4c2fd4e848a":"6e210914e4aed188d576f5ad7fc7e4cf7dd8d82f34ea3bcbdb7267cfd9045f806978dbff3460c4e8ff8c4edb6ad2edba405a8d915729d89aab2116b36a70b54f5920a97f5a571977e0329eda6c696749be940eabfc6d8b0bbd6fbdb87657b3a7695da9f5d3a7384257f20e0becd8512d3705cc246ee6ca1e610921cf92603d79":"5dc8d7525eaad035c19714ae1b1e538cb66a4089027245351e0ad9297410fb3a0c1155407c10a8bb95a9ca624a9c9925dac003ee78926c6e90ff4ccdba10e8a78bda1c4478162a0e302de5ff05fb0f94c89c3c7429fb94828bdcd97d21333c2ee72963ee6f056ce272b8bab007e653a42b01d1d2041ba627f169c8c0d32e6dae":"266a895fc21da5176b44b446d7d1921d":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9edb5231ca4a136b4df4ae22b8588f9f":"c342e9bdabe7be922b2695f5894e032c":"a45c7f8032ac5144deef8d5380f033aea2786b0592720a867f4831eaccc6b85d3fd568aedc6e472e017455b0b5b30cf7a08ea43ca587f35e1646ecd9b4dc774d11e350c82c65692be1e9541cbd72a283bdcf93dc7115545f373747b4f8d5915ed0c42fbeefd3e9bd86003d65efc2361fde5b874ddabcf8265e6b884615102eff":"493df801c57f8bb591955712d92d3fc34518f0599fec8533b2b4473364e1df4f560c12444cf50eeb584676b7e955c742189de6b50b8e012dfa6642f3679fb02bc6d8e08d1db88c8ae955a7946263e06494e17f8df246b672942661e5563302252208f2e00a0d77068a020e26082c291a75a06f63c41e2830292a418b2b5fd9dd":"5ed3ea75c8172fa0e8755fef7b4c90f1":"":"56696e501fac1e8d5b83ef911ed11337d5d51ff5342a82993dd5340bb9632e6606eef68ec5fe8cec6b34ebbc596c279e6cbc9221c4cde933f6d93ae014e3c4ca49593f35eaa638606d059519bac3a3373519e6184e7227d2aa62170c36479fe239cb698bfca863925a4c9fb1338685a55a6dfd3bd9c52d8ae12be8551fce6e1a"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d5fdcb8f5225090e63fae9b68f92c7cb":"581c818282a0905df5ffff652e5604e9":"f1ae6cd7b07f261105f555cf812a1d5bf8dd9aac07666318acffa11abb77d0238156663acbf7543825b45c6e9cddb481a40995ecd78bb5f4cba5df7c7efb00fc19c7f45e94d37697aca8ef368b99165393b6107f900194c797cd3289cb097eb5915f2abfd6aa52dd1effffdde448e30075a1c053246db54b0ec16eadca1c0071":"d39b9cba95e3a3aab9bc1d03ff475c04faeb5b7f0510777f39e5a05756606eb7ddd154aac035d9ddaf3535629821dd8f014dedd52cd184f52fc706e3c89a3a271398c9125d9a624dafb297a56022ca2ea331ea7359ab5e65f8e14814788e64e0a886a9b1a0144bf268fdcf9d94c3d10a0452f40111da9df108252e9039eacea3":"827e66b5b70dce56215cfb86c9a642":"":"cec11a12e47fd443f878e8e9fe23c65f29dd2d53cec59b799bcb0928de8e2f92fe85c27cec5c842ef30967b919accafe0c0d731b57f0bb5685d90a3061cb473e50e8aeca1346d1f47f7db06941f83f21ba5976d97c28cab547d8c1f38387a04b8a0b212da55b75fbaf9562eeeabd78eadcbab66457f0cd4e0d28133a64cb063f"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"036198cd3a3ab9319684d0f811cf2992":"47dffc6b3b80ffef4b943bde87b9cf3c":"ec4de476cd337f564a3facb544d0ff31cd89af4c3d9a28543e45156189f8eff8f804494dda83a1fb2c30ce858884a01ec63db59268452b1eea0f0d48280bb7340eaacc84509469dd94d303774d053d7ab4fb5f6c26581efeb19165f8cb09d58ec314d09ab8356731e87fd081f661e7b2d1a7c3aa4af5448a12b742e7b210b0b0":"6b95b9e82a695fb7b466ce3adb536f525d8314f95eada39efb49baf121093ce7d5439f0d8223e03530b85accd388a70650ca9f7e63eb32afecb7b1916ed9b762128cc641caf3e08e027c3d88481d653b6b15172e977dfb9b3f88465911aee162501cbf8501ce2b66ee151bbfdc23225f638f18750c239d62471663e5ee2a5856":"6cf68a374bea08a977ec8a04b92e8b":"":"5c2f7c408167be3d266ff634e1993fe291aef7efae245fa0b6b5bde886a810c866ae6a078286684d1b66116e636e285f03646e09f3c4ed7b184e7c171ba84f3bfd9500c6f35964a404892b4cdcdd3f697fc5b01934a86019810987a9fea7efca016049873f1072f62df3c17f57ea1d88ccd8757f7e3c5d96e8a18d5366a39ea9"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c9fbbff8f25f951ba874dfc5ff38584e":"1c1fc752673be6d4ff4cc749fc11e0fe":"abfde0b60acfe265b62ed68ebebc1f5f725f155c4b8a8aeec8d704701c51ff7817060c1b0ce6b80d6efc9836c9ea2bc022ec67db4cd34e945e3a1b153fd2e0f7ac84bb4b07e04cbb529ee24014b16067f9f082b940c9d5e54024d3e5e910310457478560721587da7b5343d89eec5a8fce389c01185db15e7faa9a3fa32e8ab9":"ca401071396da00376add467490abc6e6a7d8a85852026979f7013a09cf689113c8d833560cd6c5b8fdaa8fdd818e773ac13954839a0a2c91efeaf4e0e14de43308419a8b86fa2ae600a88a6bd39dfaabc16a3c7c1b77a5c2aab7f7caceb2f8595324125efbb7c96ba16c47d0bd10568b24bf445d72d683268466e68e46df500":"ff0b2c384e03b50e7e829c7a9f95aa":"":"239637fac6e180e71b2c9fa63ce8805f453d81499623ec2deba9b033350250662897867bffaf0c314244baf9e1fe3e1bb7c626d616bfbf3e0ac09a32aaf718b432337c9dc57c2d6fc4a0a09bdc05b9184d1b90c7193b7869f91e2caa8b3b35c10c6621ffae4c609bdf4e4e3f06e930541c381451ef58f4f30a559d2b79b0e6b6"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3a314ec178da96311e42334a616fb38b":"d7ea27c819e3eb2666611bb1c7fc068d":"db8dcc31a5681f13d56abd51bd2dcb0d2b171628186e215a68bf16167b4acd00c3441973c3fa62fa2698ee5c6749fc20e542364d63c40756d8bcff780269e5201bafdced3cdc97931d8203873431882c84522c151b775285d0a3c5d7667254c74724ff0ea9d417aa6c62835865dfded34edd331c0c235a089427672c5a9211c9":"518b3f5384ab54f80497d55be7a5d6902bc7718386212c2ec7537db331514b3838f104bf9054e03039a4cfb73f41e5d0a9648e569ed738cea8d33917430dff6afa8f07a75e324b9262fa196a4439dcd66b0535ee5bea0d292600227c2a79ed03be0671740e5cb7b306d855612bd3abcbf02cf7e7cecbb6cdbb33d57b4e3234a2":"1e774647b1ca406e0ed7141a8e1e":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e818372a63b7e2c23b524e29ba752bdb":"36e617e787cb25e154f73af1da68cb06":"71801d69796c2ce36b043c157aec9fd2e06fd1ec596126d10c26b6d44e3dc36c4fa30a030d65c382b6ddfd958e71fe9c16732e595137a3d6764c15480fc3358e9a113ba492b31274663f5842df5d1cc6bad70e83b34675a4411e2e70755aede0ff5035601be130562e27a20283d6f144ff1bdb5276dec05fad80d51b28d50688":"c1bf1b702a95ceaa6b48a1cdd888ae51f58a9fc3232bd6c784529a83301c6d0cdda6e605ad9a2563f54a8d59f624ae7c589e48b85041a010dcb6fb8739d43e79a456fc0e8574af086df78680460c3cdc4e00dc3b9d4e76b0de26e9aec546705249fa7e7466c01001c2667eaf2813be1f0f116916f34843a06b201d653aa1b27e":"3744262bc76f283964c1c15dc069":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a04f16882ff45816739d1b6697ce8b7":"66f504d9a9128ad7fb7f1430d37c4784":"f641c53c83c4fb1ff8044bfa97cdf63fe75d8159d65b3e5ad585b89c083a53cf4a2f7a58eaeaf45fa71f2c07bc5725a6b03307d7f32884a133a4c803700bf1e12564b98b71f63b434ddf13ad2c467dda25ffa6effcafa72452b20c34cfae71e47096f8745b487e9f1945f5bec83f7ec2709a13b504d92315b1b727a78902be84":"6a4f3dbb3371f64258fd1f831349e745a4e19a33aad794b1de3788729618beed619586092120e9e5dc3ac6e0d52f991f7be61afbfaa4399ac716ad79a2734827254b1627791dc92a128a6f43426b8085dee94242e83176a3d762658f18ecc1e37e3e1531648c9caed212ea2cf3b3843cb92cb07730f30fe2dca3925470fadd06":"fbb37084396394fecd9581741f3c":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"38cf029a4b20607030586cd2d82146e6":"6330084319e2bf32cd5240f4826944bc":"80746cfb0127c592f8164d751b0e14a5b379056a884cece7ee4e9b80538d7ff6be56a3b19c135786722aaf315123b47672b0251e87ea45f0fd3601cf93f9efa6cbd9ad537f54d57f1e187f821faac24096ecec19d137c9f4cf145c278af4cd8de01c7758784fda06f1cc62d92ae1977786f3d0645714ab4ab6f48c8794b12f73":"f4c9f4476561c9ebdac71b282ae6e2f9f03547da98e66d4d857720db2fcc9ed1f363858db34c9dcaca0109d7c81db24150493115f2bb6985efa8686e3d2ab719d33b230aa4c5c70696bf42f225fb3c6704711c054a882d89b320884a78cb59cd2100496edf4010487597fb9135d8ca79693a43843e9626fd6c64a8722b3a27dc":"7b021de5cda915ba58f90ceef4":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cf4d81fc5997c744a572bed71f4ae609":"bc4e20c56931c967ce8e3b8f5f1c392f":"b6b8294abf7da5703f864721f7904d3821f5568bf4b269e44edef4f1c95ddc172d83a06c0ad9f7f1fd2e292c17a876392bc5bb705d370b2f16ff721bef7648f423346fd3a4d762676e6fcf2d690553a47224af29afed0f452d263be90eb8150a13d720f1db6f1abc1c2ec18cfbf93b8ed3c5aa7cfc1dcb514d69f90409687a4d":"f3d65d70326e641fbe7fd945fe9cf66c74f17d0d1020ae8ac488f39b7285c99d8632bc2201960f3d77daccfecc04428abe0853aa8d82b90a93127c72b2d2af53f7f1bd0afb99d50f0b3b24e934ec98eddb278b2c65866442cebf10208c7ce1b7ecf764858480b2a269b106fa6d2428d5ad17612e53e62ccc7ad1184663aeb9a7":"0a86142a0af81c8df64ba689f4":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d88ad40b42ead744f1b7a36685658be1":"52c3158f5bd65a0a7ce1c5b57b9b295e":"dde2663335c40e5550ae192b843fa9fb4ef357b5c09d9f39dafda3296a4d14031817ee4dc1a201d677597d81e37050cd3dc86c25adbd551e947a080b6c47ec7be8a927ef7920bd1bb81f2c59801a2b9d745d33344cbe4838bcf2eb8dce53ab82c75c9bbab8e406597f6908aaa81fbbdef25aa69116c8f7a8cdc9958435aa32ac":"e99d2566fe6bcb2a04d167605db7c0f1e5567ff2d8d3292c15bbccc5d1e872bcb15a30b3bb8b1eb45e02fba15946e6bca310583a6740845a0f74f4ebfd5c59ced46875823e369e0447cc3e5d03dae530adf3c9846362c94e7f9d17207bf92d4d59981d8fd904eb8b96a0a23eb0f8d7e7a87e8e8892a2451524da6841ce575c27":"7643b3534eb5cb38331ed2e572":"":"6f87f6be2f4e7421aa26fe321045d1e23066a02158634bef35890581c92367d0bc232940de30974c70a66c60137a9f3924d12db1e5bc1b0e7131ea3620a25eb805b7d670263b82c8bbfcd6839305025390fc17d42d82daebe1b24f73ff9aa4617e3866785dded88f8b55ef89b2798ea2641a592a46428d9020f9bf853c194576"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c3ce86a212a30e724b4c624057db4e79":"9e03f0dd4cb2b3d830a6925e4400ed89":"92c48a39d93ea3308f55f6650d33fdf17a902076d582a94a82ac99496de9f62312292b844bbca5a683ef0f0710bbc1c7f89cbcca8f9c0299f154590d32059bd99fca5d78c450ede0d11d55075947caf2151218ce7a06c1e81985a7781a3444054170b457fd7ba816026310112abb47c8eddfd3ab7f679a0f60efc6c6dd3b759e":"3582ef7a9565c9a8e4496750ee5ca3e3a80df6238f7b7608e3394ec56d1360777921da039ede34abcedd01081babd496ba4de74a7de501181d6bb2022a6cc7f79d89a4c6a97676fb0f2b42f70e2d0bc1eaac364c3646df4f611c1d6b09737451b81b5a4da73c05fb58391c74e44498b80b26f1c29562d23c39b5d3f086b280cb":"3230fe94b6ccd63e605f87d0":"":"052347a4273cddba65b2a0b961477f07edee440a9117ab204359d2dd45ad2a6dad3b60ead891e7da6d79f3017ac90f95725a0089f04d25ce537bf53b7ea8e1ea58692d34c221db141e2a9fd7211adcee03ef8b5bf3c5d36311d20bb3d81f70f7e7272d0e2b6d12293b1a2c31b70f140a8f08d98c6231a3c429c3d0a10b2e1c1c"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a0155360b84420b5bf4fb410ea02f31e":"46f0386be7363887e7e357376305eab5":"611bc290f91798ad84f0a5ecb5a7cb8fa35e9ab6a5a51c9869a68a076e96f92c9c117595f92cbac5d33343fa2accd2541473907cbc54792c5e215ae857424c921b04ca4b81376bbedbfcc0e565c118f2aced08f247698eed5e2d202c48245161cabeac9fa195219f9799fa253e339561e13012167f1d02b4012b7791b7c863ba":"ecdb51522fc440f7471ea6a31f7c1ef1ec2153e5bcf6303297dbf8ddb3830b45ed9866157375ce4bdeb5e32fcbc6607984fccd7e6552628736608ab13072856d432ceccd3e90d1bb52ca9ada9cee90eb89ac10e887a1978fd0fb3d7bb20caaf35539e150be8044b725b8427c4c4a910f79980865d36344a8784bcc3d58460acb":"ac5addcc10cae6c1345520f1":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"694f621f594d96b16c32254ff06f3f9c":"542db4e107485a3cd24c7ad337a4f1b5":"27b7bfa5eb34ba376e515e58ab8b6556c396820d0074a1fe3b984945dcf5251ca450456ccb4bb66ec739b03fdc5f72d24553e843255adc012d1f1c95aa3cdac5d12926465354217203052cbd4869a8b5be2e01d0fe66b5a6a8da0a2ce351557e2991ce77baa812b9c67b8e1c5a1fc348710e1a73a0fd49acfd538b7db6bef8b3":"e61476b8b7f101ca6005f25af2b9bee795d62720bbbf59357057ca7cd473e00f0d465255fce8d6164657603323549fb4e3d33fa51054b1a70cc7e492916dea85453e9107fe781bfeb4a622c5b2306a8dddef99386dc50745003aa7220cd7f32fb0a060fa7682576769a48f9169c7d11fe0a8a61b95f5d6dfcf216f7d0c652a84":"0bdef4d771a1740381e7db97":"":"8b27a338fd2153d304f04655e09bd9bdf4468890ecce1e3b51de2c9a25a8d9336a9acd753ce270b1fe8d50196feac68145e0fd59c9cb3aa7c1e8af03494bc4279c6e287c849f3c775ada584ae173100946ae6921ef7c96bbc6f216093548702cf1867bb1bf1f4c9e90a34230a2b2aeb584622dd615023a43a406e64428bd9170"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78826a5215a1d5e1b39cad5a06861f8f":"feb9d740fd1e221e328b5ef5ed19eff5":"ca9411b368d8295210d7a04da05a351d287f2f67d978ef1bb936de9f8065473f6fa11495da2eab13a1002231c86411d5409bbc718e2042ee99e013b1df1ef786e9fc1f2d43293c854128184efb9317c4ef82a002eac8b28fcd91d8a714a3aa25fc3c0ae4af9f4bcf5ad19a30cd8ec4b1785df70aa92074da419abe433dd4c435":"0fe2c798d7015d3e2f8725648d95729c45d357dc0c89fc63b9df5a68d3e65419540f663e9190793a29c58c495d5c6a731782acf119e2df8a96fb180ad772c301d098dbc5e3560ac45b6631a01cef7eed6db51f223775d601d2e11b9baa55e2f0651344777e5a03f6738a2013626a891b5f134f07b16598b8cbe3aeaefa1c2a26":"a724bbb295a02883":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d450f5253251121606e56687952bf2f1":"fe7ff90b020fc77d7fcd90bc583850ac":"a3bca9ff25a60006eb18f993dcdc99681e414e27605264dfd25652195d7fe1489550afd07fc7346b88d93b59eb6642913646e93bf50ee1db5dd30106cf181124d8ad01c72ed99038c9798620abdf5c78c419b08c97f982b34d9e9105d9aa4538afcd37f62e2412f14f7a248fcd60abaf2b66cd4554767f99030f1a495d56a5ae":"479b4f421bd8ac7f615c4a507da187cb5d4b1f1e2c6113d1f9678c1ba92dc5e17c5b525d7f3208733223eb82af0820b8476e9b08ca714ce044417b24d2238720cb8ffdc69db558cbaff52e3651b400e16c9d5ac8ed8949a19c35516f80394a04bd1cfdced7b204f779d792086e00b2ebca2f55a1140e85f5ee9ac7cfc5a31747":"6446398aff73ed23":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90a59f6b0abf932311f0b65623c17740":"20778bea82a6717038e7064f48a31981":"4022d04f1454a72d2efe57533bd32757595220b20f3a37d166cec0412fb1eb2588f939ecd906c805f4827338669888e9f730905001eb1b136b95e306edf70d9ba1e5cd0aa13a25a1f28ab55cff36f9cd7036c735e3b285d26002ad2ed1074b566e252ea3ec8a9ce10882375dc3f1d9676e301dcb179eaae991120b796cc35648":"be5a948a771a8df12adaf74d702f064a75f6483c03203365fbde7d184844fe6dee0b84cf344be05b1d163817ba1516fcb87b9167ed81f884ada73b0058e2b38cba515bbbe462f4c21f8de1d41bca2cf4340aa659f9f07886c2bb620d9c3295318c07fa3c17fe8242409359c08bcb337e5cf268880839b6a20f4ee4b3f04e7024":"dc77c1d7e0902d48":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6be4ef629f0b38194c74f7b66418922d":"fb77a4b9b246271abfc656433f87628c":"e5d5227725a19a3050fbf2a97a6e854bc1218b94a4a3403b721ace3447daff68fff5553a26edd41219e68fb61fb9e964d0a3c29796251ae4eb942187cdc55d13a09dfb487e93d9e2072d7271456a77c6ccb81154443eea176314d6e3a08619b52cd880f1c28ae5214ac0090a3855dbd74f87389fe8afebd464330fb683dff81a":"b67ea20a320f4ec0e4185c62a4ad79a3c97a8189a5e4d1deff9d3edff0f9a9323532853c1a2a2c1e62e4d1afebfcdf1d8461921ea601750380e63b912d8b7389198f976851d88a19f1aa32c97143668ad00838d98da1c4f2be0e6e2dc964d170d7f7ad2e2997982e5ca110e744b6e10c24ca18eadff6b129b1f290c8a7e0a593":"3d8fc6fb":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c50e37244931e8debc12b3d561c83ba2":"6c0b1fd7ab424a6883c36457d1b5521f":"516dc25f6452ae169ce293c5cee440de47353ca5ba770dca0f04175950e87a2d4c3f84fbc6eeacaac436853492929680066f959e74de4b736ab924d8367b90aaa6e9492561ad4b5aa78b6737d562e960edc3b983e2e01a186e9f22896f48d8dfcfb6a42cfe2c6006c687a27772820a1e8875bdf09e8104248ce4db883376bc04":"b9abf0796f2d2f774735546cf809030f65ed0c7f6bd469ef2fe0ef32aa0225b57fbce07c36017bbc1806a81ff1a429278160a07643f864485b4e0e35d57553dc1a131e32aa10f1f91d663b10f0a418f472ed7b4bca54fd7ffdbb22c4d7764d94a7ffd04730614459431eb64335b9b65363de292c04275d40a7b968c0f5c486e9":"7d4393f0":"":"962509e494f10269b70ebad02b0cd799d1d41191a734863ef502aff3d3ba48dc2acf9da9a3fc3f40be4d210dc5e128bc00499aec57aa0a4669863165428687b88d46fad41e36af8ea6605586eaa5c0736d0d53b9d523e0cb5a0b285048e060a73cbf4b587d2cd787debdb2b4c8cda731a61a15b19fe8b561fbdd3a7373853ae1"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8531ddb03977383405baf2ee9ca7d64b":"baf623867d6a25fd85d1f08e599c0566":"18f92cdd37dcd7f99b06838f3f68748aba367baabaebd0da9ee787d70e752fa07dea553a43b643b8d8f460175c0746675205e20a7a98acfcac864d7c4cf5ab4c41c031738c76882acda003c5af47b1c4df8894a827a317935d970d4afaee17715c9cfd1883e8c345f19d1f89e229b8edba6b4f53b86d8da1c0f159afb83b6b33":"d90c9e26509bdba9b1dea8d2b94f2b1881d22c2bd756ad23cd61944710a1c1f2807170ed47a6870ae654e44757fcb3822ef28b37946cafc07284f8a0c22ae3552954f0d87b8d8c825bd546935b494cacb4262d9e2a88f254f200ad31367d8b3715afbabea5f34214ffedb14d7c84806022aba2dc8f88a314ffbb24017d1a9b9f":"2fc9de46":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"862dd5b362cfa556ca37e73cff7f4a0e":"81530a243655a60d22d9ab40d2520447":"":"":"3b9b2af54e610ed0b3dda96961dd8783":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3452b7bc100c334292e08343f139b9d0":"8f92739a30fe4ba24079f5d42753d6ac":"":"":"0eeca69f8b95e1a902cc3ab1aaa8e2af":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"31a0cbaf21b943f8badc939e94eac7eb":"d5bb2c4eaec47088230972ae34fcda9c":"":"":"580e728512c8e44fbb3fe2c498e05323":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9e8fca537746e7cbff97f1dcd40a3392":"43e9f2bf186b2af8cc022e7c7412d641":"":"":"4465a3f9d9751789bcef5c7c58cbc5":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"35b5854ca83792ad691dbda1a66790fb":"cff61cf9b32ea30cf7e3692aa6e74bed":"":"":"726793199df533dd9055b0ac7c939d":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"07259267c1c6a015437a5d8cfa92f9e6":"18b9cf2ad7ace6ec1c8366b72878cf20":"":"":"4340f6263f0ba2d82c2eb79cb0cc7e":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fa1df8955aa3ef191900b06e7c1b7d46":"6928c138c98a4350c318fbdccd3f44ba":"":"":"7c89d9e77515d271b6ed54c9c4e3":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c04200ce41ce77d772babb206315ec7d":"a885d58f0f38f9ff26d906fa1bfb12f4":"":"":"9ee0d025421f2bf18caf563953fb":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"650df049461be341c3099bd1613dcead":"8a4ff6327b49d297248ce2d5bd38afa8":"":"":"13f067ef0d7b448d56e70d282fed":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ee61b5bf5060fcc637dc833926898508":"b2dcf21f9ffa4a883044d29f087f9b85":"":"":"9ab1d66666d4dea3cbb5982238":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"01cc56ca7e64db7fbef66236a5c49493":"8ea5b63004189792cc040ef18b37e550":"":"":"d685aeb54aa129a21bed17766e":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"134dd72ac8e28ab46720c2f42284a303":"c6368e4c0ba0ec90fa7488af9997a4c7":"":"":"4ad9cdf19ff7d7fd7e273efced":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"180c04b2bde6901edcda66085f73ecd9":"9193b206beade4cb036f01a9db187cb8":"":"":"530f5e9ed0879ccef3a7b360":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aaac85742a55ffa07e98106d6d6b1004":"630cd8ab849253c4da95ac80324ecc28":"":"":"37911820c810e3700c3a9321":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ab663c4f8f2fdc7d5eabf6ef26169b4e":"86e6100669929e329a1d258cd3552dc9":"":"":"958d6141f7fb2b2dc7d851a6":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd756d49fd25380c4026ea03cafc2da":"6a6f7e39b0d730ea1670e13d16c12c28":"":"":"872ef05a28da5ea1":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"bd8a834b288bdc7578b6c6ab36f5d068":"aa77de0af5fa4dd1ed2ada5cb94813a0":"":"":"c5c094e83755f2b6":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"020d280dbd06939bbb5e6edc6f6d39c6":"09aea6f0e57598452719d6f63b6fe5a0":"":"":"05d6c56ba601e85b":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e47f41a27a2722df293c1431badc0f90":"227c036fca03171a890806b9fa0c250d":"":"":"86c22189":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9d3e112114b94e26e93d3855d4be26bd":"99b98525160c4bb2029da5553ff82b59":"":"":"33bee715":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,0,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5b4b7688588125349fbb66004a30d5d4":"b4ae363edb529d8b927c051cf21a2d9d":"":"":"6a920617":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4b6c5b8e21c32f36b0ae4ef3b75d5cd":"3d1036bf0000e6f1b77a799f2ef32dec":"1cf2b6cbe86a87b4b5bb3cc50024aeb27c48143658d47b41f2f20b87ed67bd6fc3b85a3a803f66d3576608f5d6ce6cad11e02fe12de5390722dccb8242e1dd140051bef51aa9716c860d45d45bca6effbb1a4797e6e7406a04db5d823766c0f011ebc28e9a8cd4446ec8a75ea8bdc1b2fdbb5cc364fa9877886e30404593df34":"":"a49725014c214ef7cc2d28b9b2b53da7":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"":"c53d01e53ee4a6ea106ea4a66538265e":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0c88b191ce6e8e4a3941f7960b7eae5":"e2a899961c332c815685c553351fa519":"308bf10570af48d632911f3641dea60d78046211c01a63bb8e4e5cbddfff8841d2f2b11e18ccb2170805ef4cacf7804d64e0feef40731a1704907f33b77788c18ccf35b224ec3046a67664ac9a3481d2385b6ddeec6da4f32423f94ea9663a5c51cc388cef33744a8159b4fb654dfdb5092718bf926c824be31197f07f276b5f":"":"92604d37407aff33f8b677326cbb94fc":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c818dfa0885a09f65ef78712f5ce6609":"ca279284723530fdd68ae880e0ce775c":"2a562abdbb483ca5f355f9cc1c5e607bdd624a078a76b717ce0f8f35d0d4c54b629f372f15d20c848d01420c6af5a7040d42063704a17b46259dcc53723caf2d4bf556143ff9117c752fa4f22c9c155c99b7bf5949d089cdafd562165b9cbf53ff51cec21f49128c8a599718bbcdb4a5d705d20509c44c8945e2a133164b9942":"":"20e9a3a98d71d460743e1efaab13c6":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2354c6b6afaa883e7ce91faca4981f8b":"604f2730c756c8c39a0527093bc2feb5":"959b4b0b9ce2e9120b327d2d090117553999ee10bdd384a546fc6de0957ef4b447daf07b3d07ef7dbc811f36b0fc09a175d26e4d1263cb5e21eda5ecab85d763807bb20b3cb6ac3f31d548dff00aae058d434ebcf6f7e3a37f11324134f453dd0ea7f51094863486426ff1706129a5a93c53d8c5ccb56cafa5881981fe233cb0":"":"3588c9aa769897dfa328549fbbd10a":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0af48e6aebbb6ff5b7c92bd140b085f":"d210d6502a5221ac1274a9c7f5a81725":"d725311ca10eb4b4aa24e6dd19c5e72dc34fc1ff53feb25d924a9b7d8d72205790ca4b1275bd93ad60c27a5587a45659bca07c111e9748fb683a03465153ffd735b7d134b479674ab8596f0596496fe2090f623fd1e4dd730c5283d8b172db8a25df42d9b34f388ed32676a56b8ba03347e47379702654508ccd0a21ff03516e":"":"e6222f068a1e18f09ba6c771eabd86":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a05fe482fe164b2eca7f6c3e377b39d8":"145327bcc10335fccb93afbf4b17e6e7":"ea6f2e93b5e1bf127d40440b8d6397405246b1b48eebe16964f18928f6b4b8ee2c36322d7126905c1a5b816996e340404b586edc2d77afac11a6c1266511f9eff1a320b035442d4078f8e42ca63cf26d12a971a7adf4645d1bd9a8e4d0a20722f7c2d529beaecc4033f7738075e1cdc6d8a929da5582540678935b82e7b7ba68":"":"3900bde9fa9ae2cbeee54d04f224":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dacbadf819eb16a63f6f091d13ed04d4":"b9ebce724b0dcb0989ac2d8e7ff8aaec":"7dc6e2189d8a96f3507e352e05e8fd1b4bab988c2f1c706115887119f63b78084f015d85f6b460901a02880103e4d36e8f6527dfd74e4a3acd3f578c0cc726b528875f701ff8b66e5c11b4689c346a098e123bebfa253362cb86829be73c2b85a6881fa976aa730fabb76775027feec7fd920a6c8965a4a509ea812d7c413a95":"":"8988fca83c8cfb1f8feefac46f04":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"969244c7444f3f3bf193b28f8e8e96dc":"49b2845a1a1c87fa66eb8f78c05ac029":"1414a07e86d8b61d1eff43e1ff4ab42c1c95e159058b74c731e3007d21a5eb78bc17b7e920363a3974aeb8608813dc9a4655199b6703ed337450702d8ab16a89776831b2c7c811fec3acc23598a0aa01680a7bf42a4e258145beb08c9f0eacf2bb5f56d26bea3ad11e1a956a630b80f3d22bf35592b4704f7c464b08b06dd7f8":"":"a291c7527385f037f62e60fd8a96":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"525abe490c8434802b69439c590a5290":"141f79f0501316e66451c41c7af0f0cd":"be440db66d3f81be467605a7b2805ec1df5e71e1b1b04bd7a4d05e912f5aa1912ba08de72df18613b32b7edf78963c48c80c25178b3b19262b85bb829f5377e0b368b500d6d3b442f54172d4ca4500eb5b4d478b602e5dc11d090539455087ce1e5b9ea74355fc06e9b60cbf25a9804d3f8c623fff130abc48bc2d8d116b8366":"":"038c7e95f790e6ca5ce73f9551":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"51644e025659de983f5c8156516b812e":"614837c743d0974e9cca497f13038c02":"60c5d062ade2c5c2dec68b734dd3e58ec474a586d1c4797fdfa2337800510134cb27a10d501927632af3c1febc275010c0d2e5abee630cd2bc792963fa82a42286ab047b934a261927311b40f5f953bfd661427921147cac7613d95ee86e16326ef67c1ed097e8fb87a78753d785de34e03a182232786079cb6be00182e41c9e":"":"77e3deba2c7f9386f85bc4a801":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08566ca7310302dfb84d76ea0525ba20":"5f20ec9c35c08aa7f1c0e8a20fdbd2b3":"5d84e32768b8d1e7e3c426b3118d48e35491bf1bb454b359c8429220216efd8826be94fe1919409a128ccd8125a594f1691c9421fc3dbbb3f757bf2355bb0d074ceec165eb70e26eb53fa2cb5d84dfae06babb557805ef7b8c61c1bc76137571bcc5e84bf5987dc49013831d78bd497ccc49cde7dca2cb75e7ab967da8c6ce81":"":"873f037fc05252a44dc76f8155":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfb54db96383fa911bf5b4fa1218ef9a":"7e849e24983f63f1194b396bbd2d55e0":"d3fb689c5818810dd104693f3306a10b27178444af26798a194f7c2ab31ff3a172904b951942b1a26c8ae5b5b1ee2d86dc78bb72a335fde350766d7d9aef6f549871dd46b04b2cc319fcdd47be437d431ad18cab82d51ca9fa57f4108a8de622a92f87d28c0349fab27757fd773413f559a8c00d30e258c1f6cd96f9759bd957":"":"dada7fc7fed58db462854ef6":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"389cf888474e9403e5f4d0e22ffec439":"ef57794cf6fac9f9cea3e8499b53b1d6":"7ea7f7f4763ad208eb6199285b6b2819756c4e3caf2d0ac6f5076ae6785fecdcc4b138a51860ff8b87aaac3a18c2df778a4818308d458dba28f5017513e1454f60be20dae68736ea6d48b1f9deadb517df63140acbd329fbfbc9b82f3ca1862c9e998f0faff1d3ae60b005bf66829f5cf0c5fa03efbdd92d39351e3954be0257":"":"92726d90ad26130e65f2beb4":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e55abb2ca36c822bf2a030ac703cb8b4":"d86f7177e8ec90f9e9edf10175d5012d":"777a9d93091de56324c10712243f5541722e0b27e1f303fef6faa387a8666161ab354dbea6c43c82a24e8623bfec39aab13164add6be0dfd55d23204c0975b4ba6fbda51363befde482a9ccc1eb9f151e6ad59c77a1e24dd268389e4686f198a936dd603044a3fb653d63cff80597f5a2913c8a2ec1b7d9dce5728dd56c78c2c":"":"65025250343ed8c09b3fceed":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"586114f3b1dc087e1b2739b28c592dfe":"ae5a38ddd455505284434a4bcfe81ef2":"531ff8c285e532d961f49bd210a5523cd9b19a697a3a3fb26db940a496f253862405b1e825daeda7eb0445c98022b8342c8f8ea20301618483f8ab04b6ebccd7e7fc57878fb544a5bf78fa896f50ac30126ff8afca8a86388666b64c643d16812729bfd7e5c03ba52f7e6ea4c6a685404f7bcbd956964417fa0ea9a6d7290c41":"":"467a815610faeb82":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cbfe806bddb7f06b3826b097550c68f5":"04c1b6c9fd2ab76fc2adfe15d3421bbb":"cfa86d02599652cb4ffff027b9c6ef2336dc9fe946f64fa5ce83f624e144563d4738381bc5371c3cb55cf41ceda07e62cb635ff37246bfa428785229c6e869d5df69d7949a8577889a29e3d05b788ddd43608d9c14e3f1b51ce2085b9a976fe843e3396a74922babe6797d5f01c37ead623b5b582505bcd29edf8a6ea36b0fc7":"":"0697ac372a9acafd":"":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"96ce3a095a91effdd91d616f1f02ddcd":"579d6633ec6687afa24ef874899b58e0":"3ff3c0038148ed391b6a10aad623a82fe9209c5ba74482f11506d597b5fc7af977235d8ee9e28cf2160346ddd0e33a5bd1fb67b87dad7167fdd4b2b4000d8460ef7b3e1b59b9d61d06cfbe7945379ed6b650de86f396a38cc70d47b8a349f067d00144c903c276b323be6a929a7d7dd8ae7d254d640cdc1176f98e01a1d8c82f":"":"55a0f61032e048f3":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"24ece168c2971cf2b404ea206dc9e29d":"e9db62a42491664a6c46cbb0b2bafc92":"3579f6c0cb3d2a5d0c4548855c7c052d36b6a8dfc60f4ca1b4bbe28ed87306119e71982dd84c4205ceba918d675472753df1b5192d3693dbf6a061c6056e312135ffc5ff426895a7e30f7f675d2cb21de06eea5e3761b94deef7537b985d324864c9ff6ab6e230a1006720f98c958912b604a6d03e3979887c07be3ceaafc78f":"":"d2b15a23":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d3c3cf993f6740a019e61ce13c29955c":"af900ac348082ff32d2e0ab886079516":"2ddd0e8c99661f0757f04aa79a1ffa24ad48fbe5da68b9e71f7a0cf1b4f2ca9b757695900b7549d48847ae49950dc9b270b1569d29dcbef412216737bd83509c17ae41c34ccda318939cb37a0a380762993a7568c0b07794e78746173dd5c0d921cd50de4b548c1589e142c3dadbad42161aaeda2310f3c6d5c722d9ac69e96d":"":"f2d3a6ff":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,0,1024,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5f1e5bd45ee8bb207ebbd730510ff218":"8846424a194f5de858556e6be5b65d7f":"e968947fc0e49136e730b97f6b16e393d5e4fdf3e4803a23af79211ef59f29167c60ead72fd489da32d2ffa43b2bca2074f9d1b4f5396ca65004b0806cb7c6dfa751fb6afbee3e443f3c9b0e3df6722e0d1320441400c5ca508afb657c2b7f1669b0de21761dccab9a40fc513768bd1f552692626ce35078a2e0e12f5d930647":"":"0d6c15da":"":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3997050377cfbb802cc438d973661688":"c95c84c263bdfd5f1de66e7e616cf3fb":"":"b02f0dd373e42c65e8e1db2dd76a432e0b2bf6e630c8aaf0d48af51b3709b175de9a19b3245ae75818274c771c06fae225c4f8b002236712336e805ab006449eb29cc5e29abd82b06c32d4c36ee99acb9a6d7d9eae6ec6ec263c002a22c4a898c74f6abd6d92112367ca7ffe82787c5b39e7012ba22825d3612af3d41e8008a8":"b35b3cf6ed59ccb69dbc9b47a3f284ae":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0bc2bde877e881aea512068105694968":"05f0c34ab2e8e8026b0a23719344b71f":"":"1a6369a45e8ef2846c42d54f92d0d140a94f9633432782dcbf094f1444a1d006acd07ef6076cd0faee226f9ff14adc1fb23e3c63ed818c9a743efbe16624981663e5a64f03f411dcd326e0c259bcadca3b3dd7660ed985c1b77f13a3b232a5934f8b54e46f8368c6e6eb75f933196fa973e7413e4b1442b9dee5e265b44255ed":"46bab9fc2dbe87b8f6ca0ed4d73e5368":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e14f45ba5d1eb52e0412240da5d7b5f9":"d7f8ef12f66f8b7c60aea02ef6ff688f":"":"9a85fda19ce923f093a0c25b0c52f5d9534828af7c7687d22307004ae2d10c4592242c0f2704070307ab55b137780d1e2013a19396ab43ff6a295b63fdcf323456d149758f9a2bb37f1418d62ea6368b24d5067b9c63d2968e06d6586c7e3275faffa005f7c7bfef51303e4c2b2ed4564acd17d50efac9f5e3e7f16ce589c39b":"beede05e4928c808bc660f3de95634":"":"4ad5b9ace0c0c7c07df2900faf37a902899471e7aa4a0a1ad5387f8f56d73f78f619be79a4e253f95b15d52895a05bae9ecffa916d35efacd8baf1c704d2aa4a38c234efc4dcfb191ec0fa0b522328fa5b5dff55e8c443fee660ebe3d8ad85de157a889aefc823720030a4cd6ba94a6309dd61806f0abb27772432018bc61701"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a64579f3601b0022d357b601cd876ab":"515efc6d036f95db7df56b1bbec0aff2":"":"88be1f4bc8c81b8a9d7abc073cb2751e209ab6b912c15dc094002f95a57a660b9f08b1b34f5947223205b579e704d70a9ecb54520ce3491e52965be643f729516f5cb018beeedc68a7d66c0d40a3f392ec7729c566ce1e9f964c4c0bd61b291ccb96e3d1fac18a401a302f3775697c71edb8ff5a8275a815eba9dd3b912e3759":"13ea92ba35fced366d1e47c97ca5c9":"":"7fc8565760c168d640f24896c69758355b17310dbc359f38b73fc7b57fe3f4b6ecad3f298be931c96a639df3c5744f7e932b32d222f5534efb8eb5d5b98d218dce3efef5c8c7ce65738bf63412d0a8ed209071218a6fa2f7be79b38d0b2f5b571ec73f1a91721bd409b1722b313683e97d53df19ded95fd471124fa5f294a4bb"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1bda4acfd10ab635f357935bb0ab7020":"48b77c587616ffaa449533a91230b449":"":"c9ac8d4ef7d83848fdc03664957c28b9b76710797d5db1c21e713e85eb0898892223e52be1644fc7362c95026ebb9c9ca74d7d3739eff10cab1eda00c36628dae0b98d119a14635800e37cd340faa6fbba9c3d41d52722cc3969612b1a8c5ca9a68773f5ee654506cb88ea65fb1eddf5ab6312d0170dc03324e483342448b854":"8325e4394c91719691145e68e56439":"":"1287ad3719508a9be70c19e3b134a2eaa4415d736c55922e9abcfd7f621ea07ffb9b78d8a9668c74bbd548b5e6519ea12609d2d6197c8bd3da9c13c46628f218e7ff81884ff7eb34664ab00f86e09cd623bec248d8898ef054fce8f718a0e0978e8b5d037709c524114ec37809ac3fd1604e223e08f594e7aa12097f7dc1850b"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d21cf24bc5bd176b4b0fd4c8477bb70d":"208cb9dced20b18edddb91596e902124":"":"2e7108fd25c88b799263791940594ec80b26ccd53455c837b2e6cf4e27fcf9707af3f0fe311355e1b03ac3b5ee0af09fb6fb9f0311f8545d40a658119e6a87ba8ba72cc5fdb1386bc455c8fec51a7c0fec957bed4d6441180741197962d51b17c393b57553e53602f2a343a0871ea2dc4b1506663b2768ce271b89c4ed99eec6":"7edfb9daf8ca2babcc02537463e9":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d02e2b02170986944487cba8448f998":"6336077bb83eff1c9ea715de99b372cd":"":"bc1d7553f4a28754cf59ed6f7a901901f04ce62a449db2b45ad60329d0341bb9ba421c783c28a9200b41da8ab6328d826293134a7d0c9a5775dd2735e7767efda4ad183566e0847d6d978abd1a8ab13b16b8323acef05ced3b571631e1e24ad44d65e6ffa64e03c9970e94bacb9f721aba06cda6a08806a3be63dddd8029301d":"0466bb2957281f64b59eafed3509":"":"5f395958f2f7acafb1bca6d3a6ec48b717f2ceeac1b77e1b0edc09a09e4a299d2ec722cc7daf34c8f4121a93c80b2adb20a2fc95afd09320f91085c93c8b082dd703814c9777501d23bf9b328f07f04652592dc5a3f4321626a695b8db8e65c8617c809eb2978d8c9a882ffa82a4bb707c1a8f9a965bdacce5c041bafc94a1c6"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cd1ad1de0521d41645d13c97a18f4a20":"413873a0b063ad039da5513896233286":"":"588c2617517329f3e1e7ba6206a183dc9232e6a4fa8c8b89532d46235af1e542acaa7eae4d034f139b00449076ba2ef9a692cae422998878dabdac60993dce9880d280bec1419803ba937366e5285c4a7f31a5f232f8d3ef73efe7267b3ef82a02f97d320ebc9db6219fbdf1c7f611e8e5164e9ecf25b32f9c07dfa12aa705af":"d4dbe9cae116553b0cbe1984d176":"":"bd519b7e6921e6026784cd7b836c89bc1fa98e4013b41d2bf091ef0d602e44a70df89816c068d37f0c6377af46c8bfa73ec0d5bc0b61966f23e55a15a83cea49f37cc02213b4996f9353ee2b73a798b626e524b9c15937ecf98a4eded83fb62e6deea1de31e0a7f1d210f6d964bc3e69b269da834720fd33487874489b8932a8"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1cb120e9cd718b5119b4a58af0644eff":"5a7087989bfe2f6eddcb56fde4d72529":"":"4c8e8fb8c87ff6b994ae71bfbf0fa4529f03bad86edf9d27cf899ea93a32972640697e00546136c1dbc7e63662200951b6479c58ae26b1bd8c3b4f507c0d945d615183196868ec4f4865d1d00bb919a00184e9663f6cb9a7a0ddfc73ee2901f7a56ef2074d554f48cef254be558fca35651be405f91c39e0367762b4715d05fa":"95d8bd12af8a5ab677309df0fb":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"315b206778c28ed0bfdd6e66088a5c39":"7ec6f47ec56dda5b52bbdaa6ad2eb6da":"":"6186f57a85b65f54efbf9974a193012b1396fc0ca887227e1865f1c915ac2af9bbd55969f7de57ce9fb87604cf11c7bc822b542f745be8a101877a810ed72bf4544d0acb91f0f9d3c30b6a18c48b82557433d0db930e03bcecc6fb53530bfd99ee89f9e154aa1a3e2a2c2a7a9e08c9aed1deab7fae8ea5a31158b50bca2f5e79":"930750c53effc7b84aa10b2276":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e886de1c907c97e7db8ec80a79df90f8":"612cacbf33266353d0a29a24532f3c0c":"":"c64cc9596d7c738746ab800f688eec190a4c802c55b2528931d74d294496892b81f53d3073d48f9bef1d58ce3be26547474cdda2868abeab71aff566fff613b4e5bfed1be1d2fff35d8ffa33302d3da1c82e421aa3a23848f31e26d90c0cb2ac2ae136ada73404ed3e0e1d3e7cb355a11cd2a4f9393b4d5eac988104fe1cf959":"76634e58d8f3a48f15875ac1d6":"":"7001d7395efb432e2804cc65c0ba5d4719ce84177ce46292c4fd62a5596bd2bab1d5c44217ac43235bd94489c43d01618a11f047d2e247062c3b88d6e59adaa1f46514fb33b7843483920bee60a41f3cb312322c305d25251b4704fb66da58637c95a9d539731434f60ef44fe3cd6d37e2c8e7089880a563938dcc98b43f08fd"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3b936e09a6477f3bd52030a29df5001d":"f93105be83fa5e315d73acfdcf578de7":"":"65cf11d1afad19b34f282f98f140315992392f5d4eed4265085b29e1e5553f4783fec681ba2d368486ba6a54c00e71c82c08ca3d097904f021ce4b0acba2d2a7005e28e5f8750ea3d18a4f78363c37583e85104234498942c639a0564b0d80055c21cb7735dd44348298291ab602f345b1d74d624750c0177fbd5cca6f99223b":"91b55bb5e3f3f1abcf335db5":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dc9e2095de7b1b48481b56bf6a3604cd":"9e5268db19a1b51c0496a160ca76f8f7":"":"ed61ff94a3f84c72147faefa615e2df00324fb01790cf9764c72c1b8ba47f17866a1fd64ee5c2f53865d1bc24ec93165a6774466a59603199ee476c1f2da7d932c8943d126aa172d532d8475a484d42bb45fcf92766feafd7f3e2e3d42d22f6f84a90e7e688232f799d80cd2cc152ddd21ecfb137701ecafcb2b65abe2e4e6f4":"0fa9588536fca71bb44260f7":"":"ef562e301fcf923ff1a1acd3aff9b1c963058228655fe8a66cab01396547dbd2aa1f79a22eefc62944b86d1a31ebe2d17130175b8c003d6755b0eb8b79895b0f7f8046c5ae888a067ba17bc8e11a8f6e5023a9cd42f6461966c28e505b371c0f72a2606bff430a58016e99713d25ce11f10391fb4a922e27989422c6a64f9107"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3f93901fd7cc88db3ba76a158d658c7b":"7e98de461e6d96c0ce6c8d8b3854cf49":"":"16402fded879fcbfe9405902aa63ca2a520889e0045f687455469b7bb867829a01208b8dc5dcc852d8ee478993c30e6d9ec6408773b367821310a0ae171d38d71e06981ff6e845acffbc794142b87c748e12484c0636419d79be3d798cde59e9dae0a4a4a4346596427e6b235ad52e6a1b02d6f4df0c7de35fc390cae36aef14":"86c9a70e4bab304ae46e6542":"":"1b4c09569b42c469b3ab6b39312c214502ec09f5fe2fed1d1933d13cdc6a7b77a5d135123fa69d9207d6844b0357b26b7a2f53b33a5cd218dacda87b78b09cf259e48e74076812c432e2d0833fb269721f9347c96e158500f9b2283342a35c8de0a022edce711118d72d8fbaa354bfb0ffee465844ef2d37e24ec2cea8556648"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"42289f3d3cd5838e250ef54b128e60d1":"e557389a216ad724aafdab0180e1892e":"":"3edae1d554b67d2036f5fdbdb2945cc112f100adc1b47009c2e23f6a2eaee78d1f39ce8a98f715853cc29fc793fb6981ec3036834188dea7d668185ccc8642071b15de1332f6a59c8a9b4399733eb4b3d8f224af57ba6b4a8e64494bb6630b9d28e7ec3349064350febcef6a3ad1d6cca1b1da74f3d2921c2b28a2dd399c3416":"6f78bc809f31393e":"":"25c476659cc7b343a69088baf868a811ba37daca85c4093105bf98235a90aeca015ab034da008af0982f9b2e80df804c186a9b2e97f74cffd70ebb7771d874fcaf12f6d01c44a8b0ec2898cf4493cf09a16a88a65cd77909bbf0430c9603869bd5f20d56cb51d8a3f0a032fc30d925c96599d296b1ec41c2912bda426adea4fb"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d772eabb7f19475665ca2a7e693bcfc":"0747cbb486a013453fde1ca6abb11dbe":"":"e9fc4d86f5b857fa6057b73f967351e06f87288c40a95b9e378c84f1a4c0f4b80ed0a0b44ff90a8973be4199c0c4006fc4f5ea19d5f1fe8b9c8c01f4675ab85afab0592bb3daba36bb4fc7ed9eea867e9d8cc50c19fb62a5a57956e9efacebac5e9f849649d35a329bd68de97bb6e5ff7bef477a86765c2c9ec15e24cbba5c6e":"8e761ffaea68f967":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fb7fd753ee6eaaf283a42a121dab4e43":"8164929fb54485377ecccc9b9621af5e":"":"fd5cecb2c0287cb8229e97d9cc4b9885f428710528884ce663ed1728cd44cb2df93e56ef17ace0678d1e341366c652f4ba7ee45797d39be4a05c1151e5cde499e13e5d45549b5d95a174d03616d06ef96e9d7b2b6bb0d79a726b253dd64223a5f09611671b234ccf9b383952f8888814b2c167e774cfbf54e9c6b99a753f4fa9":"40a2fa7f4370afb2":"":"6208d068be60f7b04b80fc611062e6caaef9a5cf59f850d174b7446c78c039ea9aefe4885e19c2b33911d32ce1fe3c48ddffa4b03e450fd35da03f40c4e7c5bb3b1c3f3049dbfad3ac81ca1b79cafbaa172f4900e3829d38edea3b64000f93924a801259bc4b2523445c64bc23bfee190b952468507fa4baf6dc2bec66fcf0d8"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30d757fd73a0fd5fa49159ad0653296d":"b35b8df0aebd0608517f2830e0e70cd0":"":"17d485b258f80d8924e35291118cfdcffd86c47851b65f0b06a7c1f5202de82f3f460fc61b1aa38fdba7c8ded375c92cf005afe63e59d362c0960044af39241b81ca24e85c5faa43903229355b7313fee21b992ef3931d9d2407b32b3cf72dd7acbc7948395eb513cb2fd428b215ba2bd1e29c62f45d0ce231884f62480c6d8f":"954c0e99":"":"022618d2598f79104e918a09c937a82b3db59243b5e13de731fcb912e4366105797ce47f6dce7f08073f2f41e5c15fd6b1ec4b5861469a4880c3b0bd769b78c696ff29c28c9349d5a46a6e5ad9211bd4b708a8c0b6928ebbb0dac1c0a5f5ce6b05de6a50073128566a23f09cc1b826aa5803f9f750aa4debf59f24ae9f98c9b5"
+
+AES-GCM NIST Validation (AES-128,128,1024,0,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d9d3cfd5900de5d5e2109e7721cfeef6":"b4b9dfb013de6f7c44779e5a9daaf5e5":"":"e4243cc37cc32dfcedf9bb76890e706af6ab1e06b290b8ccfe2a55e5dabe68cb390f7636dc9676b431d4dc8ad3f6d989e510194294ab7ab0556789046743cf374d8b6462f5f95a17f3f44337d6c69ee47b0e1ad7e5ce6f9b224c54099a104e70d2d06af869b921ea47febe08f90c591ed49c1f12003afceabd2c7bba458a0111":"2b81e8ce":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,0,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"68dc138f19354d73eaa1cf0e79231d74":"e7147749560f491420a2d893c075bb76":"":"ce345567a76bc30d8b4fd2239788221cfa75e1a310aeeeb8c355f8eea57d80967f3047fbd4e6173fac5caeb22151fa607065953c4c35e0537b9e3788cc80de9eedf2a340698bde99a6a1bdc81265319da3e52f7a53883b7f21749237fcfd3cd4f149bb2be7a4ddd9ef0544cfe0789040d1dc951b6447304942f03ab0beae8866":"70a83f6f":"":"64b021612c78b3e192e8349d48b77d02927e7fd70c7160d37cb8ef472f6bcd9df9d93431627c1c80875e208724ae05f94fdd2e005e9707b78a1bf3bbca7beec4b03ddd4d9de6235ffd6d84a8b9a1842e104c1e22df4566f6c4d3d4e3d96a56b9b8a5cdce9da70aa236109b289266036f285564060b204dfd7ac915eea0dd0b1e"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"7362c86344e0aefb0cf0d04768f9c05d":"7e8d12c2f0dcf4f792247134234ac94b":"86d2b5debc3b10495da353d6821f6cad380776d805bd8660b08dcdb1acd87026e4f344b547a4db47b5f44cded314bec4ce9a417ce40a2acd5a21460c42dfcd27483abf3f38dd8cc5fa523b6768a26513df5896435baa97781cff1966e2e3d6ec6d0a9cdc013de5a50e4d46831667055bad04f784024a82f9cd087ae4cd37dd64":"8baffc7836004deb87c0111d47c182512bf861874021ddfcd559acf2c4a51cf5bc4bfdee2d039b9c005b6af95a2607643dcf4d9cd9d62412f709334556db22fc91d7b40438505d6806ccb2f2c21ae731bc1f1c825d28a71ab27095a39985e96ccd07cfb2e75243ccafd474494a2338c324ef533ca5f17d2ac1b1883140342ced":"9594da428fd8c1b13ecb23afa2c1af2e":"":"e2c424f42aedd56f0e17a39d43ad19c8e2731efc7a25f077aef51d55280b10e667e338bd981b82a975ef62bf53bc52496b6995d33c90c7ae14767c126826e3f32bd23f444ddcfd7a0dd323b0ae2c22defad04ce63892b45c176bd0b86f5fa057a3dc371359744cb80bbfb4a195755136a0ea90b4044a45bc1b069f3cb3695c04"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"58748bb204ccb7bdafdbf739b6c19a3e":"93ac298c73c88e127a4d9dd81bf24e3d":"8f168fc4d1da13bdbefae3f9d6ac1d8cb19fcec1f43f727951af0a466d8826649a46c3cb50c045ea83849fce0eedbc042a1a435e6d9d59017997a2d5459b940078b8a7f3b6b0ff279ff8c560248296a17240ff1b0643d1f436b6e3f2079363fc49fb45f410debbdde083b92057916368cb807d603cb82e2c0dc01658bff7f1ab":"b72902c9ebb72a86be539b19a52fd9af00aa4de081d90c0d8ad580ebb5900177a036f40a1e9b43e3a07d715466526d6d7544e5a5551805b62463f956cd519fc99182c2d54bd62fc7ffc6e5ebf1503859b706da11a1b6c707a67a70789dbfc10ef726bd360f9f2347326e068e757c8443ddc9308a171e682359ae1bfe87194ab5":"efba4589d4a03555766bbc3b421dd60f":"":"d5c97a659f016904ff76286f810e8e92da6f8db2c63d8a42e617760780637e32105503440cdf04d1fe67813312f1479fda8d746c8b0b080591eba83850382f600e9d8680516c6579669f0b3d0a30323510f9de1c92512790b8347751994d022156cae64da0808a649d163a0e99e869fdf224b7c1a6a8fbc613d5917eca8ee08c"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6cc13cbd62428bb8658dd3954fe9181f":"86740da7ce4efbed70af55e1d6c10fdf":"be561ac15e3cfda624b422af97c26719c140bb50e4a993d636efe9c7f1963fb9047a0762169b571a698ff310bc417e34d4039b7562a95af710ccc1b197964a376c986fd2ed8ac4b0c7b4e843c37a41366f2f483c821a1823f317416c7e4f32eed9b9dc2ae1a2f3ed32c4b3187358a2329aa42191b7c2fe87b6e27ff20303cb29":"2c9ec982d1cfb644ddbc53c0759b10493206d5186affc6882fbb2ba3aa430f9bae1209db2d78dcc125f3c909a54dd84fdff96c71e678216a58390ef4308bdd90f94f7109c4edefa76a74fda64b201b7a435bbabc27298f3eaa4c2d1393bd584f811fff52638f6ad2f6d86a8c3c9c030d9d4264c8c079592a36178d25991cff09":"76b990a1e010e5f088f6ae90bec40b32":"":"0b9a5f5d2e6852b75b9cf26c1b310b2200e56dafcf3c941478862cdf9737ac8e2cb9b38d41bd4a1872ea1b4cfd51a1a0b9b743aca439eefa10de8459a0a7a221c5429b3dee393f17031ca6c399df8e05657c3db55be9c9dd29e690042a4ed8db732efce7c58d6b20a2a0f7c79e42e5ada43b87ab00f481c20cac1b35514dcdc9"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"286d3f5080cfe88538571188fbeb2dd5":"da6140bd4dc6456ddab19069e86efb35":"5d350a04562a605e9082ebd8faec6c27e561425849e7f0f05f5049859c2c1bd2c4682ebf9773fab6177d2601fd5a086cefc3adef5a2f8f6b5dc9e649e98dd0a3d1a2524419f01305bd0fcfff52d84a20d1b14dea2138dcc54eea2bf263c6fe27c3e7255f1f359d0d00fb1b350d7a04965af30027632520197e85eb41de6bb286":"55135928997711360622eda1820c815aa22115204b1e9bb567e231ac6ea2594b4d652627b6816bdc6c40a4411fd6b12fab9a1f169d81c476dbf77151bff13f98ca0d1dc0a68ea681652be089fadbc66c604284eebfc8ce4cf10f4ca6bda0e0f6634023db6e3f0f1de626c3249a28a642ecc9ec5ff401e941fa8a3c691566c0ae":"d90d34094d740214dd3de685010ce3":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"726ae113a096769b657f973ea6d2d5dd":"2f9900226c97585d200dd20a279c154a":"761663c3fcbf1db12bc25546b2425b8229b3153e75f79fa63958819caee3febff74603d99264b5a82ef5980439bef89301ae3206a1d01a3bbd7a6c99d27d1e934cc725daeb483f826c2c9d788fd1f67a627864cf8b5f94df777bb59ef90cb6781a2000e6f0baa4f1ea4754b47bb7cbd2699f83634e4d8ab16b325b2c49f13499":"90636012ba8c51d16f8f6df3d3bcabc3f09aeffbe2a762f62e677913188045b861b2e7d9a7bd93dcee46e9e4832e497a6f79db52b4e45c8dab20fa568ff9c4ace55be3216f514a3284768a25d86b1c7da5377622f3e90ed4c7bd4571715af4d0a2ab5181d0475f699202e4406bb9cfdbd4fa7f22d0dd744d36b3223134658496":"d095bfb8990d4fd64752ee24f3de1e":"":"9f7759c6d24fd9aa0df02a7c0cc5f17e61622c63195f85dfafa5d820d3ad218c7288ec017821100f1fade10f9bb447a4a01e3698b045548c7619a08f2304e2818a9bf55e70b40f8b994b7dcf0cb243848cf3f6fdfec3ebbb147d01df84a3ec62cd8fa5d78ad9f2f28cd288a35eb49a5172339e9872e8e7e3350b0d69f59acd07"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"73a9eeda721c6f292e6b399e2647f8a6":"c1e80eb723960049cc4448b66433f1cf":"fb2a0b1f817404e74aee0a6ec8f2cd86f0c9114ed367b2690c44ad80f9d3377d7fd5066beaf1daa739d27ed3fba98379188016b1fe901204a174f9ffca370c181aece5e5d40939a0d460913b40b895e78a3b80ddf3d613c05e4e27bfd161ea2ef42271a2679f2cdca5b728ffb2319781c946a4f3ecacf486b754b30bb04ea60b":"215fc7e52abe4c751ca2f7f9a5cbde9ab8b44b8d4054bb62dcea6df5b936145ca6ec83a2b78b070638fd6e5ea3bad5d0caf1b8f755f391c3e0962a92337e3eba575585eb83680075fc818860388c587746af78d5fc75ccd0a63f1612abb1ba0f04a2228ca27fbddba4878f9b2683683f516b6d6fe4f6622e603bd3c5ad45e332":"e08161262234d0d5be22f09e5646bf":"":"b5e286183f16dd9403bec6786bd4836cc6add47947ef111fb1d5503c18c333c8fe60959502f58390d0e0f69fbe5fee13c72aed65fe6e32f6ea45877fe44f8a556aa5157b112e572197c1c350b7943c6cf2e9146018599524d27599f09c86027f2c5927e4a20c63833870e8369baa36ecc07cdb3ced520b5ae46869ff357ca089"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90dbda7397d8fc46215a1218a6ffd0d8":"7be477d14df5dc15877ae537b62e1a56":"7358ddf1310a58871a2f76705f1cf64223c015c4d1574104d2e38783bb866205042f05c86e76c47a2516ce284911f1d2cbee079982dd77167e328b8324eec47c9244cc5668cf908c679bb586d4dd32c6c99ed99a6b571cf18b00689463e7a88cea6ea32d288301a10a9139ed6092ffe298e25b8cfb6b4be8217f16076dcd0a90":"4f82a1eca6c9184240f50f7e0cfec07ec772cad5276d93043c462d8364addd9a652eed385ccc6b0faa6ca679ab3a4c3d0be6a759425fd38316ee6a1b1b0c52c1bb3b57a9bd7c8a3be95c82f37800c2e3b42dde031851937398811f8f8dc2a15bfd2d6be99a572d56f536e62bc5b041d3944da666081cd755ec347f464214bf33":"776d871944159c51b2f5ec1980a6":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0c85174d428fc1c7c89ca5d1b8aaba25":"b3c9dfa4c55388a128fbf62aa5927361":"3f552d45b61cf05ae2aa92668e89f3338a15ec7c5b7113b6571cfcd9e4c4a962043ccd9323f828dd645e8a91b007ce2112b7f978ad22ee9821698a4f2559d987ae4421452ad2e8d180953297156426d4540aff2104d8637b56b034a3a1823cf962bffbc465fe6148097975a8821ca7487e6e6c7ff4ee4de899fe67345676bb1c":"3735cbfb8000260021d1938d2a18e7737f378ecddb11a46ce387bf04e20bbfcc902457637fd152ab87017185601f32a7f906057123b6c2da31a1069c93e3cacc59a359aebd3e31b302e1a1f7d5d8f1b2917a8fe79181fa633b925ce03a1198dac48f4c959076b55bc6b3d50188af2c6aa33d83698aa8db22649f39825ba54775":"1e7dec83830183d56f443a16471d":"":"3d98cabca4afb7c1f6b8eeed521f4666ae252ac12d17ebf4a710b9a22d839b69458387ba4bbec2f6400e0cff80fbe4682c24efcd3b8c594d9b515ca7842c9d5988c42b59b6526c29a99256451e2927f5b956ef262f97c733dfa8bff73644473b9a8562bdfca748f4733ddce94a60024dfbfcde62fb3cbd7c3d955012d5338b91"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d89f06eb07744d43d44734faf9751d07":"185f8d033713ee629e93561cf8d5acb8":"743bcb671d0aa1c547b5448d64d7c6b290777625ba28f25ca0fbf1fc66495a2fde0648a8db51039b0e7340d993aef8afb48269e660cb599837d1e46f72727762d887ee84c073d6136d1b0bc7d4c78f5673a4a6b73375937e8d54a47304845f38ca6b4f51cf14136a0826016535dc5ed003e38c3ac362b9d58ba8b555a05a1412":"36cc3b2f563305208a03378f7dc036119f7de3fee77cefac06515853d36609a622382ed026c59783fbc0d9910767874c516e10c7bf3e3d104f73b3463c8d93a63418c76cb0d05e62e9c8642cb4f32caced2620912cb6c79e5110a27d5fba1ef3b4d0578077858526c5e4254365f2b2ab47a45df4af08980b3b7a9b66dff5b38c":"fcad48076eb03ebe85c6d64f6357":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6150f14dc53f391e815acfabed9f9e20":"7e92dd558bd2662c3a539dfe21a352cf":"9b4624e9118e6aa5dc65b69856638f77fd3f9f562046f50ba92a64e988258637932af7979f000505b84a71ff5dd7b60bad62586b1a8837a61c15a1a1ba7f06668272c28169915d7f06297b6c2a96c8c44203a422bfd25500c82e11274ffe07706365bfd3da34af4c4dd8ad7b620de7284a5af729bea9c4ed2631bdcba2ebdb7d":"fd8f337017e1b60d6618e6e4ad37c1f230cdeb78891579c2c63d4e6a4f7d2cb7252e99de333c73db45958808c08e91359c885a7385ab6f9ed98a27927a5b83c3a456ce2e01869712675e527155ba1e339ac14a3ccd7a4b87360902f2b8381308fe5a4eac5c90d0b84da4bf5b907de6ff3139cffd23b49a78750006100183032a":"922a7b48ad5bf61e6d70751cfe":"":"f272a3ee9b981f97785cc6fad350e516d72d402dae0d8a531c064ec64598b2a5760f9b279c10aa1ff71bec07300ab0373187138e7a103fc4130105afa6b6346f3d368b40d6f542375de97878ad4d976d64c5c4968a17be2b1757a17c03100231c34721250cd37cc596678764083ade89ae3b1a2151ff9151edcd7ba0eb8a4649"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3e8216072ed6fcde0fe0f636b27ed718":"23a122cf363c3117b8c663388c760ee4":"28ce0b4a44fa83323e060f3ff6436b8829d4f842090296bdc952b6d4a6b1b1a66be06168c63c4643e6ac186f7ffd8d144f603b2d4bc0d65be48121676f9fa1f359029c512bebfd75075ff357bc55f20fc76d9f2477c9930f16408f9f09c5ae86efa2529d2f1449ceeb635b83ca13662860ef9ac04a3d8ab4605eccd2d9ae5a71":"3b50f2a8dca9f70178503d861d9e37f5edfafc80ee023bfed390a477372986e4794175ec22ac038c3461aba50c9b2379cab48512946efdfe2cb9c12a858b373a5309324f410e6a05e88ba892759dbee6e486dc9665f66cb5950ea7e71317fa94abbebd67a3948746a998173fbbb4f14f9effbdf66d3b6e346053496a4b1934ce":"531a65cc5dfeca671cc64078d1":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1af434b73a1210b08595ffa686079832":"ae318f3cb881d1680f6afbf6713a9a2f":"3763c9241be0d9d9a9e46e64b12e107d16cca267ff87844c2325af910cc9a485c7015d95bbe62398864d079fb2b577ba0cfad923c24fa30691ad7d767d651eed4a33d0be8f06fed43f58b2e0bb04959f10b9e8e73bd80d3a6a8c8ce637bfbdb9d02c2b0a3dd8317c4997822031a35d34b3b61819b425c10c64e839b29874ddfb":"13f6c1c2d4edcf1438a7b4e85bcd1c84a989831a64d205e7854fce8817ddfceab67d10506ccf6ed9ce50080ef809e28e46cba7b0c96be6a811f59cd09cb3b7b3fe5073ee6763f40aee61e3e65356093f97deef5a8721d995e71db27a51f60a50e34ac3348852c445188cfc64337455f317f87535d465c6f96006f4079396eba3":"2ae7350dd3d1909a73f8d64255":"":"3cd2a770300ce4c85740666640936a0fe48888788702fc37e7a8296adb40b862ec799f257a16821adaa7315bd31e8dec60e4a8faeb8ba2ee606340f0219a6440e9c1d3168425e58fac02e8a88865f30649913d988353ab81f42a5ad43f960055f0877acda20f493208c2c40754fbf4ccee040975aa358ea3fe62cbd028c1611a"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"04036d2f5273c6ff5b8364aa595359c9":"edc433c381140dff929d9df9f62f4cb6":"404acfeeea342aeea8c8b7449af9e20ddf5b85dc7770d2144a4dd05959613d04d0cfece5a21cbb1a9175ddc9443ffacd2085332eb4c337a12a7bb294c95960e7c0bde4b8ab30a91e50267bbd0b8d2a4ed381409ea2e4c84f9a2070a793ce3c90ea8a4b140651b452674f85d5b76d0055df115608bf3a3c60996108023ebabe65":"acf79b6099490af938fb5fd8913255b3daa22786b03356cdf3e0ffaf570f9f866047b8e15c9953f893d97e7098265297396868ebc383be8547e8ec9d974b6a65b5dc5147cdadef2e2ad96696e84e44f364c2ba18c8aabe21f99489957b2b5484bf3fb4fecaf5ddaa1d373e910059c978918a3d01b955de2adb475914bf2c2067":"71f818f1a2b789fabbda8ec1":"":"4729cb642304de928b9dca32bb3d7b7836dd3973bbccf3f013c8ff4b59eca56f5d34d1b8f030a7b581b2f8fdc1e22b76a4cbc10095559876736d318d6c96c5c64cbd9fbd1d8eb4df38a2d56640d67d490d03acc1cd32d3f377eb1907bbd600f21d740b578080ba9c6ddc7dc6c50cdcee41fec51499cb944713c0961fc64f5a70"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"59fe44c6e28d025b2ad05e6e867051ab":"eb0c30320029433f66d29b3fd5c6563b":"49b7418b87374b462d25309b1c06e3132a3c8f4a4fcf29fed58e0902509426be712639db21c076df7b83dcfcc2c2c8fcc88576f4622a4366eb42f84ebf760e3eb22b14f8b5ff83f06a6f04a924eaab05b912e126e80da22461abf7f1925fd72ebdf2aea335a044726e7c2ebbb2b8aeebab4f7de5e186b50f275b700794d895d8":"20e66bae1215de9a87a0b878d39015d17e0d4542a1aaba2000cefbd5f892c26a410f55f0d7dc2f6b66690f2997032985e5516e068bfc6ec8a3669f566e280b0cefded519023b735ee3bcbfc5b6ce8203b727933a750f9bd515ec448c1f3a030aa0f40e607727a3239ebbe655d46b38a3d867e481ccf0fadbf0d59b665d2ed6b5":"296c4cdaeb94beb2847dc53d":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c314264cee0e6db30ebe9b2f6d4991b2":"4cd4431bb6dea8eb18ae74e4c35a6698":"0eeafbfd04f9a0ea18e5bdc688c7df27183f346187e9574b61222006f2b3e12e8d9d9bf1f0f15949ee1a7ee8e5c80ee903b8ba2860e15ccb999929f280200b159c2adca481748d0632a7b40601c45055f8cb5126148e6cbab2c76f543537ab54eb276188343cea3c4ab0d7b65b8754e55cfe3f6a5c41b6ea3c08b81fcecc968a":"d436ff9abfb044a332c4e009b591719a67b12a5366da0a66edf19605c34daa37588e15dd3da0d1a097215e469439de79cca74e04cd4904e5b4a6cb4e0ea54e6ba4e624ed6bd48be32d1ef68ffea1639a14e91a5914c2346ea526df95cbd4ad1b8ee842da210b35b6315c3075ecc267d51643c4b39202d0ad793cbb0045ebdc19":"fda18d2f795d900f057fe872":"":"cb9e0fb0ac13ca730b79e34745584b362d0716c344e4de90d8352b21117471ba12c97f193150b33774baee5e4a0f11b10428eaf0106c958e16aa46c5f6f3d99eed93d1b9ba3957bed05a8b9cc8c5511cf813a66dc7d773cb735b0523d8d6b0b80639b031ddc375f714c6dd50055320cd7ed44a471c8d5645c938a9005d0b5050"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"26072018bd0bda524b5beb66a622c63e":"c783d6d3b8392160e3b68038b43cf1f4":"8ae7c809a9dc40a6732a7384e3c64abb359c1b09dcb752e5a6b584873e3890230c6fc572b9ad24d849766f849c73f060fc48f664c1af9e6707e223691b77e170966ed164e0cc25ede3fbc3541c480f75b71e7be88fe730d8b361ea2733c6f37e6a59621de6004e020894b51dfb525973d641efe8d5fd9077a0bbc9dc7933a5de":"91c524b359dae3bc49117eebfa610672af1e7754054607317d4c417e7b1a68453f72d355468f825aeb7fde044b20049aed196ec6646cce1eeeccf06cb394286272b573220cdb846613ebc4683442dccc7a19ec86ef1ec971c115726584ae1f4008f94e47d1290d8b6b7a932cfe07165fd2b94e8f96d15f73bf72939c73f4bd11":"edffe55c60235556":"FAIL":""
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"201751d3da98bd39ff4e5990a56cfea7":"6172468634bf4e5dda96f67d433062d7":"ae2d770f40706e1eaa36e087b0093ec11ed58afbde4695794745e7523be0a1e4e54daade393f68ba770956d1cfb267b083431851d713249ffe4b61227f1784769ce8c9127f54271526d54181513aca69dc013b2dfb4a5277f4798b1ff674bca79b3dec4a7a27fcf2905ae0ce03f727c315662cd906e57aa557d1023cce2acd84":"2965af0bde3565a00e61cebbfe0b51b5b5ee98dbbfff7b1b5bf61da5ba537e6f4cf5fa07d2b20e518232c4961e6bc3ae247b797429da5d7eee2fc675b07066ac2e670261c6e9a91d920c7076101d86d5ef422b58e74bdc1e0b1d58298d3ee0f510ee3a3f63a3bbc24a55be556e465c20525dd100e33815c2a128ac89574884c1":"66c247e5ad4e1d6a":"":"efd064d4b4ef4c37b48ddf2fa6f5facc5e9cc4c3255b23a1e3765fabb5a339fa0eda754a5381b72989fc1323ff9a6bbaecd904eb4835e5a511b922927574673061ed8de23299ea1456054e7ebb62869878c34fb95e48c8385b5ebceecb962654cf1586b3f54e7887ce31850363e9a22be9e6fbc22e694db81aa055490495dbf2"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3bc0dcb5261a641a08e6cb00d23e4deb":"16fa19f69fceed9e97173207158755a5":"92ddd3b98f08fc8538f6106f6434a1efa0a7441cc7f6fd0841103c2e4dd181ea0c9a4811b3cb1bad1986a44d8addabc02dd6980daf7d60405b38dadc836bb1d0620ceab84e0134aca7c30f9f9490436b27acfd7052f9d7f0379b8e7116571017add46b9976f4b41431d47bae6f5f34dc42410793bc26c84bfe84fb53ae138c85":"d533ad89a1a578db330c01b4e04d08238b020e36aebe87cf2b0bf0b01f1ce4197be8b0596e475a95946918152e8b334ba89f60486c31f0bd8773ca4ff1319fe92197088b131e728d64405441c4fb5466641f0b8682e6cb371f8a8936140b16677f6def8b3dd9cbf47a73f553f1dca4320ad76f387e92f910f9434543f0df0626":"f5289e1204ace3b2":"":"be0c30deeffbe51706247928132002b24d29272eee6b9d618483868e67280236632fa1ae06f3ef793f67bd01b1b01f70a827367c1cd28f778910457c7cbd977dfefff1f84a522247e19b2fd01fa22ce67cef9503d45c80a5084741f04108f2462b7cdd06a8f1f044fea2b05e920bcc061fbc6910175d732f45102a63c76ae48c"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"239c15492d6deec979e79236baca4635":"916b8b5417578fa83d2e9e9b8e2e7f6b":"b39eb732bc296c555cc9f00cf4caaf37d012329f344a6b74a873baf0d8dde9631f5e57b45b957d6aec0f7978e573dd78b43d459b77756037cd64d10d49966eb3a2a08d0f4d5e4f5dcb8713f4e4756acdf9925c5fc6120c477f6dffc59b0b47a3d5efd32b8c9052b321bb9b5129e5c6a095d8de563601b34608456f58d7221f2d":"d64886ce5f5b4adb7fe8f95904bc1461749c931655b02819ffdd0ae31bad4175125aa68962f8e36ec834a7d53a191a74c937e81ec93ad9ce0d3b286d3c11ff1733c0b7780130768c120b1833933561cf07399ca49b912370ae34f0e49b9c8cb9920eddc6816ab2ae261c6d7f70058a9b83a494026f249e58c4c613eefafe6974":"fc08cbbe":"":"95c169721ea007c3f292e4ec7562a426d9baa7d374fd82e1e48d1eaca93d891d5ffa9acf5e3bd82e713ac627141e26a8b654920baffab948401cc3c390d6eea9d7b78c4fcb080b0aa9222e4d51bf201ccfd9328995831435e065d92ad37ee41c7c4366cc1efe15c07fc0470608866aeea96997772ecf926934c5d02efe05f250"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"db68a96e216b0dd9945f14b878487e03":"8a1a72e7bb740ec37ea4619c3007f8ae":"1b4f37190a59a4fff41d348798d1829031204fd7ac2a1be7b5ea385567e95e2ace25bf9e324488dd3ab8ce7f29d4c9a4f4b1a8a97f774871ee825e2c17700128d3c55908d3b684a1f550fdb8b38149ff759c21debdd54e49d64d3e8aac803dfd81600464ed484749bb993f89d4224b3d7d55c756b454466ff9fd609019ed5e83":"5634196a32d4cbfa7a2f874a1e0f86287d2942090e0cc6a82bd5caf40136a27ddf524a17713ce4af04ca6cb640a7205cce4ac9cb2d0ab380d533e1e968089ea5740c0fcbfa51f2424008e0b89dc7b3396b224cfaed53b3ac0604879983d3e6e6d36053de4866f52976890f72b8f4b9505e4ebdd04c0497048c3ce19336133ea4":"9251d3e3":"":"0c6bb3ee5de5cbb4b39d85d509bcacb3dda63fa50897936531339882962e8dc54c285c8944768d12096d4a3c2b42ffa92603cee2da9b435ec52908fca6d38ed74f898fe0ffa761f96038ff7dfeccc65bb841c3457b8de1e97d9bee82e2911602ee2dc555b33a227424dea86d610d37c447776295b412b412903ad2cede5170b6"
+
+AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"659b9e729d12f68b73fdc2f7260ab114":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"8e5a6a79":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"4f801c772395c4519ec830980c8ca5a4":"":"":"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"335ca01a07081fea4e605eb5f23a778e":"":"":"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"d9172c3344d37ff93d2dcb2170ea5d01":"":"":"017fef05260a496654896d4703db3888":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"f47e915163fa3df7f6c15b9d69f53907":"":"":"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"a35b397b34a14a8e24d05a37be4d1822":"":"":"e045ecba220d22c80826b77a21b013":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"169a449ccb3eb29805b15304d603b132":"":"":"3a807251f3d6242849a69972b14f6d":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"538641f7d1cc5c68715971cee607da73":"":"":"07d68fffe417adc3397706d73b95":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"0d8eb78032d83c676820b2ef5ccc2cc8":"":"":"7da181563b26c7aefeb29e71cc69":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"646a91d83ae72b9b9e9fce64135cbf73":"":"":"169e717e2bae42e3eb61d0a1a29b":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"55e10d5e9b438b02505d30f211b16fea":"":"":"95c0a4ea9e80f91a4acce500f7":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"e25ef162a4295d7d24de75a673172346":"":"":"89ea4d1f34edb716b322ea7f6f":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"08ea464baac54469b0498419d83820e6":"":"":"ab064a8d380fe2cda38e61f9e1":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"766996fb67ace9e6a22d7f802455d4ef":"":"":"9a641be173dc3557ea015372":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"75cdb8b83017f3dc5ac8733016ab47c7":"":"":"81e3a5580234d8e0b2204bc3":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"cfbefe265583ab3a2285e8080141ba48":"":"":"355a43bcebbe7f72b6cd27ea":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":"":"34b8e037084b3f2d":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"118d0283294d4084127cce4b0cd5b5fa":"":"":"507a361d8ac59882":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"b78d518b6c41a9e031a00b10fb178327":"":"":"f401d546c8b739ff":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"14eb280288740d464e3b8f296c642daa":"":"":"39e64d7a":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"f54bf4aac8fb631c8b6ff5e96465fae6":"":"":"1ec1c1a1":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"75532d15e582e6c477b411e727d4171e":"":"":"76a0e017":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":"":"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":"":"04b80f25ae9d07f5fd8220263ac3f2f7":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":"":"d22407fd3ae1921d1b380461d2e60210":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":"":"fcbb932ddb0128df78a71971c52838":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":"":"18fd1feec5e3bbf0985312dd6100d1":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":"":"fd78b9956e4e4522605db410f97e84":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":"":"b11f5c0e8cb6fea1a170c9342437":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":"":"6cdf60e62c91a6a944fa80da1854":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cc9922299b47725952f06272168b728218d2443028d81597":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":"":"dd515e5a8b41ecc441443a749b31":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":"":"f33e8f42b58f45a0456f83a13e":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":"":"380128ad7f35be87a17c9590fa":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":"":"e9e5beea7d39c9250347a2a33d":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":"":"24483a57c20826a709b7d10a":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":"":"23012503febbf26dc2d872dc":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":"":"e8e80bf6e5c4a55e7964f455":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":"":"74264163131d16ac":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":"":"8f4877806daff10e":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":"":"4eff7227b42f9a7d":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":"":"ff355f10":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":"":"cb4d8c1d":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":"":"4a28ec97":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"eb16ed8de81efde2915a901f557fba95":"":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"804056dca9f102c4a13a930c81d77eca":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77"
+
+AES-GCM NIST Validation (AES-192,128,1024,0,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"70835abab9f945c84ef4e97cdcf2a694":"":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"7f770140df5b8678bc9c4b962b8c9034":"":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f"
+
+AES-GCM NIST Validation (AES-192,128,1024,0,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"151fd3ba32f5bde72adce6291bcf63ea":"":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"f0626cc07f2ed1a7570386a4110fc1":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"743699d3759781e82a3d21c7cd7991c8":"":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"1da347f9b6341049e63140395ad445":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"85b241d516b94759c9ef975f557bccea":"":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d"
+
+AES-GCM NIST Validation (AES-192,128,1024,0,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"9769f71c76b5b6c60462a845d2c123ad":"":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868"
+
+AES-GCM NIST Validation (AES-192,128,1024,0,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"4b12c6701534098e23e1b4659f684d6f":"":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"729b31c65d8699c93d741caac8e3":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"fe1e427bcb15ce026413a0da87":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"927ce8a596ed28c85d9cb8e688a829e6":"":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a"
+
+AES-GCM NIST Validation (AES-192,128,1024,0,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"508c55f1726896f5b9f0a7024fe2fad0":"":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10"
+
+AES-GCM NIST Validation (AES-192,128,1024,0,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"b2a7c0d52fc60bacc3d1a94f33087095":"":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc"
+
+AES-GCM NIST Validation (AES-192,128,1024,0,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"1bd17f04d1dc2e447b41665952ad9031":"":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"01b0a815dc6da3e32851e1fb":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"5ea9198b860679759357befdbb106b62":"":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e"
+
+AES-GCM NIST Validation (AES-192,128,1024,0,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7474d9b07739001b25baf6867254994e06e54c578508232f":"3ade6c92fe2dc575c136e3fbbba5c484":"":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"67c25240b8e39b63":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"41b37c04ab8a80f5a8d9d82a3a444772":"":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"4ee54d280829e6ef":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"9af53cf6891a749ab286f5c34238088a":"":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"6f6f344dd43b0d20":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"623df5a0922d1e8c883debb2e0e5e0b1":"":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42"
+
+AES-GCM NIST Validation (AES-192,128,1024,0,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"9265abe966cb83838d7fd9302938f49d":"":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"6f6c38bc":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9b3781165e7ff113ecd1d83d1df2366d":"":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"62f32d4e":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"0943abb85adee47741540900cc833f":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"a5100c5e9a16aedf0e1bd8604335":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"4da85b8ec861dd8be54787bb83f1":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"8781b045a509c4239b9f44624e":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"2ad4520ddc3b907414d934cc1d":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4382507dddccf1385fc831da8924147563416d0656e168ec":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"b124eea927e2a62a875494a1":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e"
+
+AES-GCM NIST Validation (AES-192,128,0,0,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"f1a23ce6e2bc9088a62c887abecd30ae":"":"":"d4d5c22f993c8c610145fcbe4e021687":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"ef221a1c66fda17906190b7c99ab60b8":"":"":"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"7c29b3196d44df78fa514a1967fcd3a6":"":"":"fc123944bbea6c5075a5f987aed9cf99":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"783f9a3c36b6d0c9fd57c15105316535":"":"":"23e21a803cac5237777014686564f2":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"2acc2073089a34d4651eee39a262e8ae":"":"":"7ac742c859a02a543b50464c66dcf5":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"c937615675738f4b3227c799833d1e61":"":"":"88300bd65b12dcb341f1f6d8a15584":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"1f939226feab012dabfc2193637d15b1":"":"":"eed5fcb7607c038b354746d91c5b":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"e2076e1050070d468659885ea77e88d0":"":"":"b4586bdbd4b6b899648f2333eee0":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"2d07bb8616fc0bbb71755a1bd256e7fb":"":"":"6b60d645220cfde42d88296ac193":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"6c31194df99d08881fa5b1dd33b45a92":"":"":"69431593c376c9f8052bf10747":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"73599275f8237f14c4a52b283c07275d":"":"":"6f7249d25c9f273434c4720275":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"d0871bfc3693245be478e6a257c79efb":"":"":"5a99d59631d0e12f58b7b95ccd":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"c72bb300b624c27cded863eba56e7587":"":"":"ea2528e7439be2ed0a0d6b2a":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"28899601fa95f532b030f11bbeb87011":"":"":"35625638589bb7f6ccdb0222":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"375d4134e8649367f4db9bdb07aa8594":"":"":"70610bf329683e15ecf8c79f":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"9f502fb5ac90ff5f5616dd1fa837387d":"":"":"a4b5138122e1209d":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"2ee96384dd29f8a4c4a6102549a026ab":"":"":"3b33a10189338c3b":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"8d97f354564d8185b57f7727626850a0":"":"":"813d2f98a760130c":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"daf13501a47ee73c0197d8b774eec399":"":"":"a6d108c0":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":"":"a47cdadd":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,0,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"817199254a912880405c9729d75ed391":"":"":"d81d9b41":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":"":"dd153cfd7aa946280660c445f586fa28":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":"":"c59231ddaae98e0e8db6b3fe8f4d3427":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":"":"2c84bf7a8947ab93b10ae408243b4993":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":"":"e8aac14b53cdbc2028d330fc8d92a7":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":"":"dc034564d4be7de243ff059b5f9160":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":"":"942b52277e9dc0a30d737d00f5e597":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":"":"87737873b82586bb29b406946cae":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":"":"06f95ca69c222a8985887925b15e":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":"":"c68842cafc50070799f7c8acd62a":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":"":"ec9a79a88a164e1a6253d8312e":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":"":"9779b7c3ece6c23d5813e243ec":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":"":"ca82448429106009094c21d70b":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":"":"9d1603799e2485a03e7b05a0":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":"":"05ee6ce13711535864674a5b":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":"":"0c9c17388d0610f99d0a093f":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":"":"1c3bd1e0d4918e36":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":"":"dab612351f75e2cb":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":"":"f1d743b7e1b73af5":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":"":"4dc74971":"":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":"":"fb845ab7":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,0,1024,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":"":"c840d994":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"cff291d2364fc06a3a89e867b0e67e56":"":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"81f1eb568d0af29680518df7378ba3e8":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"1c8f41424acaf009996ceaa815b24ad4":"":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca"
+
+AES-GCM NIST Validation (AES-192,128,1024,0,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"a950ab0dd84115e3829ab0ad3bbb1193":"":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6"
+
+AES-GCM NIST Validation (AES-192,128,1024,0,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"3a2acf69bba19f5d1d1947af2cfda781":"":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0"
+
+AES-GCM NIST Validation (AES-192,128,1024,0,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"3cd95429c6de1d327b9eb3c45424a87c":"":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93"
+
+AES-GCM NIST Validation (AES-192,128,1024,0,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"bd505fcba464e6e2c58fdf29f5695fb9":"":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"8510fff71bb879f56ea2fe43f6ff50":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"776248381941e16908f52d19207881f5":"":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"603977845d82faccb401817ecce6e2fe":"":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"c955a3bc316841be07e406d289c8":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"4cd56de54e5140a587be7dfd02d3a39e":"":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"1a29527a41330259f918d99d7509":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"afe986ead799727063958e2ce13ca846f76c51605439f839":"f85a95ed10b69623162ab68d1098de94":"":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c"
+
+AES-GCM NIST Validation (AES-192,128,1024,0,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"537a4ee307af3072e745570aaaadce34":"":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"df01cffbd3978850e07328e6b8":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"5124b410c43d875eca6ce298c45994a7":"":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795"
+
+AES-GCM NIST Validation (AES-192,128,1024,0,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"ff10234524433b871202c2cca6acb194":"":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b"
+
+AES-GCM NIST Validation (AES-192,128,1024,0,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"49da91e926091a448d57d521cc90f3c0":"":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"99198f55f9fa763651bba58e":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"b5efb9feae3de41b5ce9aa75583b8d21":"":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"9604d031fa43dcd0853e641c":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"aef257dd44d14d0bc75f9311ef24e85a":"":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403"
+
+AES-GCM NIST Validation (AES-192,128,1024,0,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"c15c9c0b0b70c7321df044bfde2b15fb":"":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c5c9851a6bf686d0":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"0bd64d222532dae8ab63dc299355bf2a":"":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"3477cad1fd4098b2":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,0,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"37e3a300542d9caf3975c6429cb8a2e8":"":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128"
+
+AES-GCM NIST Validation (AES-192,128,1024,0,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"6cba4efc8d4840aa044a92d03d6b4d69":"":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e"
+
+AES-GCM NIST Validation (AES-192,128,1024,0,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"4f4636d1b283bfa72c82809eb4f12519":"":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"16c80a62":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"87b5372571fb244648053c99405999130f87a7c178052297":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"010195091d4e1684029e58439039d91e":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"28a43253d8b37795433140641e9ffd":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"d4356cb417953b01f7b1110c8aa3eb":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"3269922affb9d767f5abe041cc8e":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"22c2efeddfd5d9cb528861c4eb":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"673afea592b2ce16bd058469f1":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"079e8db9c3e6eddb0335b1cf64":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"974bd0c4a8cac1563a0e0ce0":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"84f1efd34ff84e83":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"15d456da7645abf2":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112"
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"613ba486":"FAIL":""
+
+AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45"
+
+AES-GCM NIST Validation (AES-256,128,0,0,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"3a0324d63a70400490c92e7604a3ba97":"":"":"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"7156358b203a44ef173706fdc81900f8":"":"":"9687fb231c4742a74d6bf78c62b8ac53":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"4fe6ace582c4e26ce71ee7f756fb7a88":"":"":"d5bdf8ec2896acafb7022708d74646c7":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"404efd26b665c97ea75437892cf676b6":"":"":"e491075851eec28c723159cc1b2c76":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"4037eadb11249884b6b38b5525ba2df4":"":"":"360c6ef41cbd9cd4a4e649712d2930":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"cebbce06a88852d3bb2978dbe2b5995a":"":"":"bd7ca9f6bd1099cde87c0f0d7cc887":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"008d040fbd7342464209f330cf56722c":"":"":"c87107585751e666bedae2b1b7e8":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"947c5f0432723f2d7b560eca90842df1":"":"":"7d331fedcea0fd1e9e6a84385467":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"51f639467083377795111d44f7d16592":"":"":"02d31f29e15f60ae3bee1ad7ea65":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"aea6f8690f865bca9f77a5ff843d2365":"":"":"7f2280776d6cd6802b3c85083c":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":"":"ea01723a22838ed65ceb80b1cf":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"ae07f8c7ac82c4f4c086e04a20db12bc":"":"":"1132e4fff06db51ff135ed9ced":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"929b006eb30d69b49a7f52392d7d3f11":"":"":"33940d330f7c019a57b74f2d":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"e34b19381f05693f7606ce043626664d":"":"":"2adc2c45947bfa7faa5c464a":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"a56f27709e670b85e5917d5c1d5b0cc2":"":"":"177b9a5e6d9731419dd33c5c":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":"":"fe82300adffd8c17":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"1bd9ea6186450f9cd253ccfed2812b1c":"":"":"35214bbc510430e3":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"728cb9608b67a489a382aa677b1f4f5b":"":"":"e2ef5d9cc5791c01":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":"":"0fe57572":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"7b722fdd43cff20832812f9baf2d6791":"":"":"72dea6cc":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"729baa4c0ef75ed8aae746376b39fe3c":"":"":"2a0d607c":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":"":"c595b9d99414891228c9fa5edb5fcce3":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":"":"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":"":"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":"":"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":"":"a8e29e08623a3efdbbe8b111de30a4":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":"":"e3645db0c600dba52044efcecfc331":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":"":"c25fc157c3f2474885e2eea48aea":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":"":"4ed91af6340e70b0c2b94ab6f82e":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":"":"3bcb5c2a4261d75bfa106fb25ee1":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":"":"0e463806ff34e206f703dd96b3":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":"":"3f0ccc134091e0c0425887b1b9":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":"":"888b836c9111073924a9b43069":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":"":"b6044c4d7f59491f68b2c61e":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":"":"5c5683e587baf2bd32de3df5":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":"":"52e10495105799ead991547b":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":"":"6ff8fd87e5a31eb6":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":"":"49aaa806cb2eeadd":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":"":"a5b71ecf845b25d0":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":"":"e9cdbc52":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":"":"e35dbac8":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":"":"e7a37f15":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,0,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"2fc1afc1395d8409919248709f468496":"":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"c571ce0e911de5d883dc4a0787483235":"":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"275393276745bc43bae4af1e5d43a31e":"":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"47f5264f7a5b65b671892a05fa556f63":"":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,0,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"4e022d8d86efbd347e8cbab7e979771f":"":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"7c0f49fb54f5e68c84e81add009284e6":"":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"5cea906737518c2cb901016e30206276":"":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"3a3a771dd5f31c977e154ef5c73a":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,0,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"387ee8c1e7f047e94d06d0322eec02fc":"":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"d2b277f78e98f1fa16f977ce72ee22a7":"":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"4c81c044101f458fdfac9ca3b9":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,0,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"94886a1845aebba5ed6b86f580be47f9":"":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"4be34ff42085ef4443c8b6042d":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,0,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"e5ca84b907ac761a5e68a9080da0a88a":"":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"fa549b33b5a43d85f012929a4816297a":"":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"afa61e843cee615c97de42a7":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,0,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"2f8512bb7e214db774a217a4615139e1":"":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"f1da1cebe00d80eb4e025feb":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,0,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"3da9af3567d70553ca3a9636f0b26470":"":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"b957f05921d21f2192f587768dc12b4f":"":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"322374fbb192abbc":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,0,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"31bd7c971a6d330b566567ab19590545":"":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"efc5a1acf433aaa3":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,0,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"2f9c0647a4af7f61ced45f28d45c43f1":"":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"69d81c73008a6827a692fa636fbab8bb":"":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"be2dda5c":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,0,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"e119e166471ecf44bc3a070639619931":"":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"b2f54b3a":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,0,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"cf296aa43cb7b328e09c8975e067404e":"":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"56015c1e":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"ba61edeb7b8966188854fc7926aad2":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"993fc8e7176557ee9eb8dd944691":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"92282b022e393924ab9c65b258c2":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"6154c6799ad7cdc2d89801943a":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"1d6cd4ab3914e109f22668867f":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"d8bd7d8773893519":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"74110471ccd75912":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"30298885":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"1997daa9":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"7f8368254955e1b6d55b5c64458f3e66":"":"":"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"274367f31ec16601fe87a8e35b7a22dd":"":"":"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"796efaff4f172bef78453d36a237cd36":"":"":"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"45e6b23f8b3feefd4b0ea06880b2c324":"":"":"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"548c9c8fcc16416a9d2b35c29f0dacb3":"":"":"3aa21f221266e7773eeba4440d1d01":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"a5129e2530f47bcad42fc5774ee09fe7":"":"":"6bb09ed183527c5d5ed46f568af35f":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":"":"55952a01eee29d8a1734bbdf3f8f":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"6404b111c6289eefa0d88ed6117bb730":"":"":"637f82e592831531a8e877adfc2c":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"3b87b08337a82272b192bd067e3245ec":"":"":"1f2dda372f20ffddd9dd4810e05f":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"58e70095c6f3a0cda2cdc7775e2f383d":"":"":"1763573f7dab8b46bc177e6147":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"d565c9cdfb5d0a25c4083b51729626bd":"":"":"78738d3e9f5e00b49635ac9a2d":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":"":"ea7b52490943380ccc902ca5ae":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"c993c1802df0f075ce92963eb9bff9bd":"":"":"edfab013213591beb53e6419":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"8f7e1621c2227839da4ea60548290ffa":"":"":"f9da62f59c080160ec30b43d":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"05d363b2452beff4b47afb052ac3c973":"":"":"6b4a16d1ea1c21b22bdcb235":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"774f4e70a7577b5101c0c3d019655d3e":"":"":"98ff89a8e28c03fd":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"99f25cebd6cfa7f41390b42df6a65f48":"":"":"8e14a0a4853a156a":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"c1beff1ff6cdd62339aa21149c4da1e6":"":"":"f998d7c08d609b3a":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"88126c350dfc079c569210ee44a0e31a":"":"":"f2ebe5e4":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"af29fdb96f726c76f76c473c873b9e08":"":"":"13fd6dfd":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,0,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"1552604763453b48a57cea1aed8113f4":"":"":"660c5175":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":"":"6b4b1a84f49befe3897d59ce85598a9f":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":"":"8faa0ffb91311a1a2827b86fec01788d":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":"":"2211ca91a809adb8cf55f001745c0563":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":"":"2e080ba16011e22a779da1922345c2":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":"":"83de3f521fcfdaff902386f359e683":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":"":"cd4542b26094a1c8e058648874f06f":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":"":"96ca402b16b0f2cd0cdff77935d3":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":"":"8233588fca3ad1698d07b25fa3c4":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":"":"477b0a884d788d1905646bd66084":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":"":"0cb67cec1820339fa0552702dd":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":"":"08d7cc52d1637db2a43c399310":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":"":"fbb477dd4b9898a9abc5a45c63":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":"":"99230019630647aedebbb24b":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":"":"9553b583d4f9a1a8946fe053":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":"":"44b95a37fab232c2efb11231":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":"":"072d4118e70cd5ab":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":"":"1bcea0ac2c1a0c73":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":"":"faa5c13d899f17ea":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":"":"a3958500":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":"":"50fd1798":"":""
+
+AES-GCM NIST Validation (AES-256,128,0,1024,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":"":"07764143":"":""
+
+AES-GCM NIST Validation (AES-256,128,1024,0,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"5714732145470da1c42452e10cd274b5":"":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"a714e51e43aecfe2fda8f824ea1dc4b7":"":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"91d55cfdcdcd7d735d48100ff82227c3":"":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,0,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"19788b2e0bd757947596676436e22df1":"":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"f26a20bea561004267a0bfbf01674e":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,0,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"c6b26117d9dbd80c1c242ad41abe2acc":"":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0db3ade15cb0dea98a47d1377e034d63":"":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"83f98eec51ee4cae4cb7fe28b64d1355":"":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"df47eef69ba2faab887aa8f48e4b":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,0,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"2bc0847d46f3d1064bbf8fe8567f54a2":"":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"b9194a4d42b139f04c29178467955f1d":"":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"05949d591793ca52e679bfdf64f3":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,0,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"6a5335901284dd3b64dc4a7f810bab96":"":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"fcb962c39e4850efc8ffd43d9cd960a6":"":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"1d8cdadcf1872fb2b697e82ef6":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,0,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"b4d9248bb500e40de99ca2a13e743f1c":"":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"160c50c0621c03fd1572df6ba49f0d1e":"":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"04885a5846f5f75a760193de7f07853c":"":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"0c13506ed9f082dd08434342":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,0,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"0a93b883cbd42998ae2e39aab342cb28":"":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"e20957a49a27e247d00379850f934d6c":"":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"d533c2170c5dc203512c81c34eff4077":"":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"2e2b31214d61276a54daf2ccb98baa36":"":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"5266e9c67c252164":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,0,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"a8339ba505a14786ad05edfe8cebb8d0":"":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"4f23f04904de76d6decd4bd380ff56b1":"":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf"
+
+AES-GCM NIST Validation (AES-256,128,1024,0,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"531248afdaaf1b86cf34d2394900afd9":"":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"0bae9403888efb4d8ec97df604cd5d":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"7b334d7af54b916821f6136e977a1f":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"e3ede170386e76321a575c095966":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"5c43fc4dc959fabeebb188dbf3a5":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"2eb6eb6d516ed4cf1778b4e378":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"bea660e963b08fc657741bc8":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"7859f047f32b51833333accf":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"2111d55d96a4d84d":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359"
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"b1ece9fb":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"cb3f5338":"FAIL":""
+
+AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2
+depends_on:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":""

From f79aa9e3ca91c497531fb44be260d68b08b2553f Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 15 Nov 2018 17:51:24 +0000
Subject: [PATCH 693/889] Adapt ChangeLog

---
 ChangeLog | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 8f0e8c1c7..f4bb41613 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,11 @@
 mbed TLS ChangeLog (Sorted per branch, date)
 
+= mbed TLS 2.xx.x branch released xxxx-xx-xx
+
+Changes
+   * Add unit tests for AES-GCM when called through mbedtls_cipher_auth_xxx()
+     from the cipher abstraction layer. Fixes #2198.
+
 = mbed TLS 2.14.0 branch released 2018-11-19
 
 Security

From c0c882cd6791d75135e77f6d321cbd3e04d20977 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Sat, 17 Nov 2018 22:40:51 +0000
Subject: [PATCH 694/889] Add missing dependencies in test_suite_cipher.gcm

---
 tests/suites/test_suite_cipher.gcm.data | 1008 +++++++++++------------
 1 file changed, 504 insertions(+), 504 deletions(-)

diff --git a/tests/suites/test_suite_cipher.gcm.data b/tests/suites/test_suite_cipher.gcm.data
index 62cc42b8c..5e7911838 100644
--- a/tests/suites/test_suite_cipher.gcm.data
+++ b/tests/suites/test_suite_cipher.gcm.data
@@ -703,2017 +703,2017 @@ depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_GCM_C
 decrypt_test_vec:MBEDTLS_CIPHER_CAMELLIA_256_GCM:-1:"feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308":"cafebabefacedbad":"6ca95fbb7d16577a9ef2fded94dc85b5d40c629f6bef2c649888e3cbb0ededc7810c04b12c2983bbbbc482e16e45c9215ae12c15c55f2f4809d06652":"":"feedfacedeadbeeffeedfacedeadbeefabaddad2":"e6472b8ebd331bfcc7c0fa63ce094462":0:MBEDTLS_ERR_CIPHER_AUTH_FAILED
 
 AES-GCM NIST Validation (AES-128,128,0,0,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d785dafea3e966731ef6fc6202262584":"d91a46205ee94058b3b8403997592dd2":"":"":"3b92a17c1b9c3578a68cffea5a5b6245":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aec963833b9098de1ababc853ab74d96":"4e0ffd93beffd732c6f7d6ad606a2d24":"":"":"e9fcedc176dfe587dc61b2011010cdf1":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4fb9e3393681da9cec5ec96f87c5c31":"845e910bc055d895879f62101d08b4c7":"":"":"99fb783c497416e4b6e2a5de7c782057":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2a930f2e09beceacd9919cb76f2ac8d3":"340d9af44f6370eff534c653033a785a":"":"":"0c1e5e9c8fe5edfd11f114f3503d63":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe71177e02073b1c407b5724e2263a5e":"83c23d20d2a9d4b8f92da96587c96b18":"":"":"43b2ca795420f35f6cb39f5dfa47a2":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b02392fd7f228888c281e59d1eaa15fb":"2726344ba8912c737e195424e1e6679e":"":"":"a10b601ca8053536a2af2cc255d2b6":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"21895cbafc16b7b8bf5867e88e0853d4":"f987ce1005d9bbd31d2452fb80957753":"":"":"952a7e265830d58a6778d68b9450":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9bb9742bf47f68caf64963d7c10a97b0":"34a85669de64e1cd44731905fddbcbc5":"":"":"e9b6be928aa77b2de28b480ae74c":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e9708e4b37e2e1b5feaf4f5ab54e2a6":"1c53a9fdd23919b036d99560619a9939":"":"":"6611b50d6fbca83047f9f5fe1768":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"82fede79db25f00be96eb050a22cea87":"e9c50b517ab26c89b83c1f0cac50162c":"":"":"d0c0ce9db60b77b0e31d05e048":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1d98566fca5201abb12914311a8bd532":"590aef4b46a9023405d075edab7e6849":"":"":"a1cfd1a27b341f49eda2ca8305":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3038771820c2e1319f02a74b8a7a0c08":"e556d9f07fb69d7e9a644261c80fac92":"":"":"4d2f005d662b6a8787f231c5e1":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0fb7eef50de598d7d8b508d019a30d5a":"a2a2617040116c2c7e4236d2d8278213":"":"":"68413c58df7bb5f067197ca0":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8cc58b609204215c8ab4908286e56e5c":"fb83ea637279332677b5f68081173e99":"":"":"a2a9160d82739a55d8cd419f":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"81a5fd184742a478432963f6477e8f92":"da297cbb53b11d7c379e0566299b4d5a":"":"":"200bee49466fdda2f21f0062":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"f604ac66d626959e595cbb7b4128e096":"269d2a49d533c6bb38008711f38e0b39":"":"":"468200fa4683e8be":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2e308ba7903e925f768c1d00ff3eb623":"335acd2aa48a47a37cfe21e491f1b141":"":"":"4872bfd5e2ff55f6":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1304e2a5a3520454a5109df61a67da7a":"dbe8b452acf4fa1444c3668e9ee72d26":"":"":"83a0d3440200ca95":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ecf1ec2c9a8f2e9cc799f9b9fddb3232":"ddf0b695aef5df2b594fcaae72b7e41c":"":"":"2819aedf":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9ab5c8ca905b5fe50461f4a68941144b":"96dd3927a96e16123f2e9d6b367d303f":"":"":"6e0c53ef":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b5fc7af605721a9cfe61c1ee6a4b3e22":"6b757d4055823d1035d01077666037d6":"":"":"e8c09ddd":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03c0b4a6e508a8490db0d086a82c9db7":"ac52f6c1a05030321fa39f87e89fdb5e":"33316ca79d10a79f4fd038593e8eef09625089dc4e0ffe4bc1f2871554fa6666ab3e7fe7885edef694b410456f3ec0e513bb25f1b48d95e4820c5972c1aabb25c84c08566002dadc36df334c1ce86847964a122016d389ac873bca8c335a7a99bcef91e1b985ae5d488a2d7f78b4bf14e0c2dc715e814f4e24276057cf668172":"":"756292d8b4653887edef51679b161812":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b228d3d15219ea9ad5651fce02c8374d":"5c7eafaead029c3fe3cf3835fe758d0e":"8c35dd805c08686b9b4d460f81b4dcb8c46c6d57842dc3e72ba90952e2bebf17fe7184445b02f801800a944486d662a127d01d3b7f42679052cdc73ce533129af8d13957415c5495142157d6ce8a68aa977e56f562fed98e468e42522767656ce50369471060381bb752dd5e77c79677a4cadffa39e518e30a789e793b07ea21":"":"a4dde1ab93c84937c3bbc3ad5237818d":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"776afcbabedd5577fe660a60f920b536":"5bbb7f1b14084e520408dd87b97705e9":"44631fc9d4a07416b0dfb4e2b42071e3e2be45502c9ddf72b3e61810eeda31a7d685ebb2ee43a2c06af374569f439ee1668c550067de2dece9ec46ee72b260858d6033f814e85275c5ae669b60803a8c516de32804fa34d3a213ccfaf6689046e25eeb30b9e1608e689f4d31cc664b83a468a51165f5625f12f098a6bf7ddab2":"":"a5347d41d93b587240651bcd5230264f":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"20abeafa25fc4ea7d0592cb3e9b4d5fe":"3aba79a58c5aa664856b41d552c7a8d3":"98cfecaae9eb9a7c3b17e6bc5f80d8a4bf7a9f4fa5e01b74cae15ee6af14633205aafe3b28fb7b7918e12322ea27352056a603746d728a61361134a561619400ff2bf679045bac2e0fbc2c1d41f8faba4b27c7827bceda4e9bf505df4185515dd3a5e26f7639c8ad5a38bc5906a44be062f02cc53862678ae36fa3de3c02c982":"":"2a67ad1471a520fe09a304f0975f31":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2bc73fba942ff105823b5dccf6befb1c":"902c3e3b69b1ef8395d7281ff74cce38":"4adec0b4ac00325a860044d9f9519daa4f7c163229a75819b0fd7d8e23319f030e61dfa8eadabff42ea27bc36bdb6cad249e801ca631b656836448b7172c11126bad2781e6a1aa4f62c4eda53409408b008c057e0b81215cc13ddabbb8f1915f4bbab854f8b00763a530ad5055d265778cd3080d0bd35b76a329bdd5b5a2d268":"":"ebdd7c8e87fe733138a433543542d1":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"356a4c245868243d61756cabe86da887":"b442f2ec6d45a17144c258fd59fe5b3b":"12cccc3c60474b0a1579c5006c2134850724fa6c9da3a7022d4f65fd238b052bdf34ea34aa7dbadad64996065acee588ab6bd29726d07ed24ffae2d33aadf3e66ebb87f57e689fd85128be1c9e3d8362fad1f8096ee391f75b576fb213d394cef6f091fc5488d9aa152be69475b9167abd6dd4fd93bbbc7b8ca316c952eb19c6":"":"ed26080dcb670590613d97d7c47cf4":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfa7e93aff73600fc552324253066e2c":"c20001e93f1cd05253c277a9445d61e4":"a64d1e20058a1f7e698622a02f7ff8dc11886717ede17bbdc3c4645a66a71d8b04346fb389a251ffb0a7f445a25faf642bb7e4697d2cacf925e78c4be98457996afb25b0516b50f179441d1923312364947f8f1e0f5715b43bd537727bf943d7b4679b0b0b28b94e56e7bbf554d9cf79fcee4387f32bb6f91efdd23620035be6":"":"6ba5e4dace9a54b50b901d9b73ad":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2ecea80b48d2ecd194a7699aa7d8ccfc":"8b4db08bafc23b65ae50a2d20661d270":"efc2ca1a3b41b90f8ddf74291d68f072a6e025d0c91c3ce2b133525943c73ebadc71f150be20afeb097442fa51be31a641df65d90ebd81dcbaf32711ed31f5e0271421377ffe14ddafea3ca60a600588d484856a98de73f56a766ae60bae384a4ae01a1a06821cf0c7a6b4ee4c8f413748457b3777283d3310218fb55c107293":"":"246a9d37553088b6411ebb62aa16":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d38fee3fd3d6d08224c3c83529a25d08":"a942ccb11cf9468186fabfc18c899801":"1c92a4ce0a1dae27e720d6f9b1e460276538de437f3812ab1177cf0273b05908f296f33ba0f4c790abe2ce958b1d92b930a0d81243e6ad09ef86ee8e3270243095096537cb1054fcfcf537d828b65af9b6cf7c50f5b8470f7908f314d0859107eed772ee1732c78e8a2e35b2493f3e8c1e601b08aeab8d9729e0294dca168c62":"":"803a08700ec86fdeb88f7a388921":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1899b0cbae41d705c6eed3226afb5bc0":"82d0910aa53e300a487d880d018d0dea":"6bf5583cc1007d74f3529db63b8d4e085400ccf3725eab8e19cb145f3910c61465a21486740a26f74691866a9f632af9fae81f5f0bffedf0c28a6ce0fd520bb4db04a3cd1a7d29d8801e05e4b9c9374fd89bcb539489c2f7f1f801c253a1cc737408669bcd133b62da357f7399a52179125aa59fae6707d340846886d730a835":"":"c5d58870fee9ce157f5ec1fa8f":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b95323d86d02754f4c2874b42ec6eb0":"4f76084acbdef9999c71dcc794238d7c":"ebc75788377c0b264818a6f97c19cf92c29f1c7cdeb6b5f0a92d238fa4614bc35d0cfe4ec9d045cd628ff6262c460679ac15b0c6366d9289bbd217e5012279e0af0fb2cfcbdf51fe16935968cbb727f725fe5bcd4428905849746c8493600ce8b2cfc1b61b04c8b752b915fed611d6b54ef73ec4e3950d6db1807b1ce7ed1dcc":"":"c4724ff1d2c57295eb733e9cad":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30da555559eb11cf7e0eff9d99e9607d":"7799275bf12335f281ec94a870f90a0b":"e735d556e15aec78d9736016c8c99db753ed14d4e4adaaa1dd7eaad702ea5dc337433f8c2b45afdf2f385fdf6c55574425571e079ca759b6235f877ed11618ff212bafd865a22b80b76b3b5cf1acfd24d92fd41607bbb7382f26cd703757088d497b16b32de80e1256c734a9b83356b6fced207177de75458481eaef59a431d7":"":"3c82272130e17c4a0a007a908e":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ed2ac74af896c5190c271cfa6af02fd2":"e0226e2d8da47badad1fb78b9a797f27":"8f11353ae476ff923013e6e736ffc9d23101a1c471ccc07ad372a8430d6559c376075efce2e318cdf4c9443dbf132e7e6da5524045028c97e904633b44c4d189a4b64237ac7692dd03c0e751ce9f04d0fdbd8a96074cd7dfa2fd441a52328b4ac3974b4902db45663f7b6f24947dba618f8b9769e927faf84c9f49ad8239b9fb":"":"db8af7a0d548fc54d9457c73":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0225b73fe5fbbe52f838d873173959d8":"02a048764f48d9aed1147ee922395bbf":"9b46a57b06e156c877e94c089814493ead879397dab3dfcab2db349ef387efcd0cc339a7e79131a2c580188fc7429044a465b8329d74cd8f47272a4ed32582b1c5c7e3d32341ae902ea4923dc33df8062bc24bb51a11d2ecc82f464f615041387f9c82bd2135d4e240fe56fa8a68e6a9a417e6702430a434b14d70cf02db3181":"":"e2c2ce4022c49a95c9ac9026":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"89ca3771a0ef3287568b4ac036120198":"7e83d2ffa8af8c554cfd71a0db56ef5b":"1bd7a9d6262882bd12c62bd50942965b3cdcadf5e0fab2dc4d0daf0ee4b16e92c6e2464c0caa423cdce88e4d843490609716ec5e44c41672c656ac0e444d3622557ea8420c94deae3ad190ddaf859f6f8c23e4e2e32a46d28df23de4f99bd6c34f69e06eddfdfa5f263dbe8baf9d4296b2c543e4c4847271e7590374edf46234":"":"06b2bf62591dc7ec1b814705":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a41a297bd96e224942998fe2192934a1":"6827f2c5a0b7ecd6bbc696abb0adf556":"f32041abd8543415cbac423d945dda5378a16a7e94d9ab5dbd2d32eb1c5048cc7c8e4df3ca84ec725f18c34cfdeaa7595392aabfd66d9e2f37c1165369cd806cd9d2110def6f5fad4345e5a6e2326c9300199438fcc078cd9fcf4d76872cac77fc9a0a8ac7e4d63995078a9addecf798460ff5910861b76c71bccfb6b629d722":"":"49a4917eef61f78e":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a9372c058f42e0a1d019bdb528313919":"8d03f423230c8f00a5b6b712d426a2af":"cfef4e70fcc1821eeccf7c7b5eb3c0c3b5f72dc762426e0bd26242f8aa68c5b716ab97eded5e5720caccc1965da603d556d8214d5828f2cf276d95bf552d47313876796221f62ccb818a6d801088755d58cfb751bfed0d5a19718d4e0f94b850e0279b3a69295d1837cba958a6cc56e7594080b9e5b954a199fdc9e54ddc8583":"":"b82cd11cd3575c8d":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6302b7338f8fa84195ad9abbacd89b4e":"e1bed5c53547cbc85f3411fbb43bb08b":"bcd329c076e8da2797d50dcdcf271cecf3ce12f3c136ed746edc722f907be6133276ee099038fdc5d73eec812739c7489d4bcc275f95451b44890416e3ffe5a1b6fa3986b84eee3adad774c6feaecb1f785053eeda2cfc18953b8547866d98918dbe0a6abc168ac7d77467a367f11c284924d9d186ef64ef0fd54eacd75156d2":"":"5222d092e9e8bd6c":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78b5c28d62e4b2097873a1180bd5a3a5":"c93902c2819ee494f0fc4b259ee65dd8":"e6b1192674a02083a6cf36d4ba93ba40a5331fadf63fd1eb2efa2ee9c0d8818472aaaf2b4705746011753f30f447c8f58dd34d29606daf57eadc172529837058cb78a378b19da8d63c321f550dfa256b5fd9f30e93d8f377443bfcd125f86a079a1765d2010be73d060f24eebae8d05e644688b2149bc39e18bd527bc066f2ba":"":"eae48137":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d84130578070e036c9e3df5b5509473":"3b9b4950523a19c6866fd2b0cde541fd":"a764931e1b21a140c54a8619aacdb4358834987fb6e263cec525f888f9e9764c165aaa7db74f2c42273f912daeae6d72b232a872ac2c652d7cd3af3a5753f58331c11b6c866475697876dbc4c6ca0e52a00ba015ee3c3b7fb444c6e50a4b4b9bbe135fc0632d32a3f79f333d8f487771ed12522e664b9cf90e66da267f47a74d":"":"79987692":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08428605ab4742a3e8a55354d4764620":"128f5f4a817e4af04113847a223adeb0":"464b484ed79d93a48e0f804e04df69d7ca10ad04ba7188d69e6549ab50503baaec67e0acba5537d1163c868fd3e350e9d0ae9123046bc76815c201a947aa4a7e4ed239ce889d4ff9c8d043877de06df5fc27cf67442b729b02e9c30287c0821ef9fa15d4cccbc53a95fa9ec3ed432ca960ebbf5a169ccada95a5bf4c7c968830":"":"3eb3e3a2":"":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd358bc3f992f26e81e3a2f3aa2d517":"d8c750bb443ee1a169dfe97cfe4d855b":"":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"a81d13973baa22a751833d7d3f94b3b1":"":"77949b29f085bb3abb71a5386003811233056d3296eb093370f7777dadd306d93d59dcb9754d3857cf2758091ba661f845ef0582f6ae0e134328106f0d5d16b541cd74fdc756dc7b53f4f8a194daeea9369ebb1630c01ccb307b848e9527da20a39898d748fd59206f0b79d0ed946a8958033a45bd9ae673518b32606748eb65"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"43b5f18227e5c74288dbeff03801acd6":"08ee12246cf7edb81da3d610f3ebd167":"":"f58d630f10cfca61d4644d4f6505bab629e8e8faf1673e64417f9b79e622966a7011cfb3ff74db5cebf09ad3f41643d4437d213204a6c8397e7d59b8a5b1970aed2b6bb5ea1933c72c351f6ba96c0b0b98188f6e373f5db6c5ebece911ec7a1848abd3ae335515c774e0027dab7d1c07d047d3b8825ff94222dbaf6f9ab597ee":"82d83b2f7da218d1d1441a5b37bcb065":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a433c612d7e1bdff881e4d63ba8b141":"8b670cf31f470f79a6c0b79e73863ca1":"":"ce10758332f423228b5e4ae31efda7677586934a1d8f05d9b7a0dc4e2010ec3eaacb71a527a5fff8e787d75ebd24ad163394c891b33477ed9e2a2d853c364cb1c5d0bc317fcaf4010817dbe5f1fd1037c701b291b3a66b164bc818bf5c00a4c210a1671faa574d74c7f3543f6c09aaf117e12e2eb3dae55edb1cc5b4086b617d":"8526fd25daf890e79946a205b698f287":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8e9d75c781d63b29f1816859f7a0e0a0":"748a3b486b62a164cedcf1bab9325add":"":"a9f1883f58e4ef78377992101ab86da0dafcefa827904dd94dff6f6704b1e45517165a34c5555a55b04c6992fb6d0840a71bd262fe59815e5c7b80fe803b47d5ba44982a3f72cb42f591d8b62df38c9f56a5868af8f68242e3a15f97be8ef2399dbace1273f509623b6f9e4d27a97436aebf2d044e75f1c62694db77ceac05de":"131e0e4ce46d768674a7bcacdcef9c":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe6b8553002c69396d9976bb48d30779":"595b17d0d76b83780235f5e0c92bd21f":"":"786f4801b16de7a4931ab143b269c7acc68f1ed9b17a95e8929ccec7d53413059fd4267bedbf079d9d69e90314c1345bc9cb9132f1af69323157ddf7533ced42b4b7bd39004f14d326f5b03bc19084d231d93bcab328312d99b426c1e86e8e049d380bb492e2e32ad690af4cf86838d89a0dfdcbc30e8c9e9039e423a234e113":"8879de07815a88877b0623de9be411":"":"b15dc7cd44adcb0783f30f592e5e03ccd47851725af9fe45bfc5b01ae35779b9a8b3f26fec468b188ec3cad40785c608d6bfd867b0ccf07a836ec20d2d9b8451636df153a32b637e7dcdbd606603d9e53f6e4c4cc8396286ce64b0ea638c10e5a567c0bc8e808080b71be51381e051336e60bf1663f6d2d7640a575e0752553b"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14898c56009b459172fef9c17993b54f":"0862f8f87289988711a877d3231d44eb":"":"e7ba6ef722273238b975d551f95d3e77e9b75b24c547b86eafb457d409803bdf6e1443839d8604ee497020e1a3dbd687a819b17fdde0fcf240ce2129792792a58bfcd825773001ee959bf9ec8d228e27ce1cd93d7fb86769a3793361b6f82bf7daf284afc1ece657a1ee6346ea9294880755b9b623563ad2657ba2286488a2ef":"36938974301ae733760f83439437c4":"":"3fd56897a62743e0ab4a465bcc9777d5fd21ad2c9a59d7e4e1a60feccdc722b9820ec65cb47e1d1160d12ff2ea93abe11bc101b82514ead7d542007fee7b4e2dd6822849cd3e82d761ff7cf5ce4f40ad9fec54050a632a401451b426812cf03c2b16a8667a88bb3f7497e3308a91de6fd646d6a3562c92c24272411229a90802"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe5253d4b071793b081ebc122cc2a5f8":"49e82d86804e196421ec19ddc8541066":"":"b57a0bd7714ae95e77fa9452e11a7ed4a2bec60f81ad6ddb956d4b1cb5dfc277dcb4034d501801b26733b5e08c710c3cfdccc1b208dc7a92cd7ebe166320582bcaff64cc943c36fbe7008f004e5db70c40de05fa68b0c9d4c16c8f976130f20702b99674cd2f4c93aeaeb3abca4b1114dbc3a4b33e1226ad801aa0e21f7cc49b":"e8b8ae34f842277fe92729e891e3":"":"c4a31c7ec820469f895d57579f987733337ec6547d78d17c44a18fab91f0322cfe05f23f9afaf019cf9531dec2d420f3591d334f40d78643fd957b91ab588a7e392447bd702652017ede7fb0d61d444a3b3cc4136e1d4df13d9532eb71bcf3ff0ae65e847e1c572a2f90632362bc424da2249b36a84be2c2bb216ae7708f745c"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b3502d6f0d172246e16503cdf5793296":"6ce994689ff72f9df62f386a187c1a13":"":"09268b8046f1558794e35cdc4945b94227a176dd8cb77f92f883542b1c4be698c379541fd1d557c2a07c7206afdd49506d6a1559123de1783c7a60006df06d87f9119fb105e9b278eb93f81fd316b6fdc38ef702a2b9feaa878a0d1ea999db4c593438f32e0f849f3adabf277a161afb5c1c3460039156eec78944d5666c2563":"21cdf44ff4993eb54b55d58e5a8f":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5fb33dd73db309b9dfd3aee605cd94bf":"3f6486f9e9e645292e0e425bac232268":"":"f4e011f8c99038c46854b427475f23488077ebf051c4b705a1adfdd493a0a10af7a7e9453965b94f52f61ae62ce9243a82a2dbf9c5a285db3fe34ed34ed08b5926f34c48171195f7062d02a6e6e795322a0475017371cb8f645cdcac94afc66dc43e7583bdf1c25790f4235076a53de6c64f3bc5004e5a9ce4783fbf639fad97":"7ee5e0e2082b18d09abf141f902e":"":"0503cb531f1c967dae24f16dd651d544988a732020134896a0f109222e8639bf29ff69877c6ef4ac3df1b260842f909384e3d4409b99a47112681c4b17430041ca447a903a6c1b138f0efbb3b850d8290fceac9723a32edbf8e2d6e8143b1cbc7bf2d28d1b6c7f341a69918758cc82bbab5d898fa0f572d4ceaa11234cb511ec"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a958fe3b520081b638d9e4c7d5da7ac7":"c396109e96afde6f685d3c38aa3c2fae":"":"dfa9487378c7d8af9c8dbd9e533cd81503d9e4e7dab43133bad11fd3050a53a833df9cc3208af1a86110567d311d5fc54b0d627de433c381b10e113898203ac5225140f951cdb64c6494592b6453f9b6f952ec5ece732fb46c09a324f26b27cdad63588006bb5c6c00b9aa10d5d3b2f9eaab69beeddd6f93966654f964260018":"06ca91004be43cf46ed4599e23":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ec319fb143eac8215b51541daec268f2":"8a4684f42a1775b03806574f401cff78":"":"d298d988e74927736237eb8ab09d7a86b854fa2fd1f7f3be83b417ac10aa9291f4af5b3fbaf75a296ac32369ad57ded3984b84711953e477de3035ba430a30ffb84c941936e6c8d2cae8d80159876f87dd682747f2dccc36d7c32ab227032b8ac70b313fa4202ea236e3ec4d9e4d8b48cf3b90b378edc5b1dbeec929549344f8":"e91acb1bfda191630b560debc9":"":"27ce4a622959930f4059f247d29d1438257093cc973bf1bae4e0515da88b9a7e21ec59c7e4d062035cdf88b91254d856b11c8c1944865fa12922227ded3eecccaa36341ecf5405c708e9ea173f1e6cdf090499d3bb079910771080814607a1efe62ec6835dc0333d19dd39dd9ea9f31cd3632128536149a122050bb9365b521d"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14a3e69f351ac39b4297749a90c1365c":"eb1c6c04437aa5a32bcc208bb3c01724":"":"051224f7b208549dcfda5f9d56ce5f0a072ef1f23f3810c693516c92622be6ed4d7a9e0f9450980ba490b2e9e3468ea7eef10bc9ebd673d91f32b748c1bf2c50cc4ebb59fc409c6d780bba00700d563ce1dc9927a6c860095a42ed053f3d640debfbfa7a4e6d5de234af19755000d95e7f414f1f78285ee165410c020038286b":"e418815960559aefee8e0c3831":"":"797310a6ed9ce47cdc25f7f88f5dbbf6f8f4837701704d7afced250585922744598d6f95ba2eecf86e030cc5ee71b328fc1c4f2d4df945d1b91a2803d6ae8eba6881be5fe0f298dd0c0279e12720ede60b9e857ccca5abe9b4d7ee7f25108beebbfe33f05c0d9903bf613c2e7ed6a87b71b5e386d81b3ae53efd01055bbcccc2"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c34827771fc3918d1cee09ba9401b832":"2379bbd39a1c22bc93b9b9cc45f3840b":"":"ce79701b661066e53191c9acdaf677ad41622314898d7216e3f113e2e6e215d26d8bd139827f06ab3ea5c4105694e87db1dd6cec10e1f86a8744d4c541f08e40319e22ab42fc1a6c89edfd486b6f142c6bbbf84a73912e0b2e55b79db306ccabf839855afdd889e52ae981520c89e7dc29bb2adb1906cca8c93fcb21290a095b":"26e1f6cf0d9e0f36dfd669eb":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b1f9bd2006ec550b7b9913d383200b5d":"ca28fa6b64bb3b32ef7d211f1c8be759":"":"6d9fc8f586d50d6e0128172ae147844e80136905d3a297497a9566ca7c7445029028f14c9950acee92a5c12a9150f5e024e01c7505dd83937542b0b1288de9c292ae8ad918a09b2edf8493540b74c73d2794f2eb6eed18eba520ddea9567462c83330f33d7892fcde0b10c73a4e26ab1bef037cec7e0190b95188e9a752fee6f":"c87aac7ad0e85dbb103c0733":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b2cef1a92aa0af2b00fb2a99855d5bc":"08d87b7acee87d884667f6b1e32e34d0":"":"fd09525ef3c65ab5823e1b6c36b4a9449a3975c5d3a9e7e33c61fb32edcbb8e8c915b6202e3fbce87d73cc3b66d83d9ea7e1e353cc7468f08626932cf0235563e2a28953ee5a0afadb1c3cb513b1f1fc9a8a6cf326174b877448672f7731dd6430a51619da1a169ab302da5af5b38802f8bbf5890b5d9b45deda799679501dc4":"3bd7685318010b0c5fe3308b":"":"583e64631c218549923e8ad33b728d07f23b0f19d2aff1ad7e20d564c591db0e117caa8f21e3f3345e3d84f0ccbb27274cddf9274410fc342cb2a5d4aea4e925d0dd5350389ee0dea23a842ff3f5c1198374a96f41e055f999cfbc2f47ceaa883da8eb6ff729f583eff1f91bd3f3254d4e81e60d9993b3455e67f405708e4422"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"175c306f8644b0c4b894ae3d0971505e":"9860268ca2e10974f3726a0e5b9b310f":"":"fbe7ced7048f83e3a075661c4924eb77da1b4d6019d504afb942d728b31fd3b17557bd101c08453540a5e28d3505aeb8801a448afac2d9f68d20c0a31c7ef22bd95438851789eef1bebe8d96ac29607025b7e1366fecd3690ba90c315528dc435d9a786d36a16808d4b3e2c7c5175a1279792f1daccf51b2f91ac839465bb89a":"f809105e5fc5b13c":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08c0edcfe342a676ccdc04bdf854b4b0":"4a7b70753930fe659f8cc38e5833f0c7":"":"1fc8ef8480c32d908b4bcbfa7074a38e915c20ed7a1c608422087e89442d7c5af6fe9c9a716c55793248062d8e6c6e8e904e2804da3a43701e4c78ecdb67e0b25308afc6d9b463356439cd095cff1bdf0fd91ab301c79fd257046cba79a5d5cd99f2502ad968420e4d499110106072dc687f434db0955c756a174a9024373c48":"9ab1e2f3c4606376":"":"983458c3f198bc685d98cea2b23cf71f0eb126e90937cab3492a46d9dc85d76bbb8035c6e209c34b2a7187df007faabe9f3064dc63f1cb15bf5a10655e39b94732e0c6583d56327e9701344e048887a81b256181cdfa9ec42ebc990875e4852240ddcb3cbc4ea4e6307075fd314f7190f3553267bd68b19e954e310ec3f8dbab"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"241067a0301edf0f825d793e03383ea1":"a30994261f48a66bb6c1fc3d69659228":"":"6984bb9830843529fad7f5e7760db89c778d62c764fcd2136ffb35d7d869f62f61d7fef64f65b7136398c1b5a792844528a18a13fba40b186ae08d1153b538007fc460684e2add8a9ed8dd82acbb8d357240daaa0c4deb979e54715545db03fe22e6d3906e89bdc81d535dae53075a58f65099434bfeed943dbc6024a92aa06a":"36c3b4a732ba75ae":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03cccb5357bd2848332d1696f2ff90cb":"e0754022dfb1f813ccaf321558790806":"":"5e2f18cbc1e773df9f28be08abb3d0b64d545c870c5778ac8bb396bef857d2ac1342ae1afb3bf5d64e667bf837458415d48396204fe560e3b635eb10e560e437f2d0396952998fd36e116cd047c1d7f6fc9901094454d24165c557a8816e0d0a8e0ce41e040ba6f26ca567c74fc47d9738b8cd8dae5dfc831c65bc1ba9603a07":"c75f0246":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e5e53c84a05d5a5348bac7b2611cf62":"47e40543b7d16bc9122c40b106d31d43":"":"489c00c05dec06f282924c680f621ab99ac87f7d33ebbb4ca0eee187ec177d30d2b4afb4ee9f0dc019cf1a4da16d84b7f5f5c7fce72a32461db115b5a5a433024fd5ed3d47161836bb057a0189ed768f95e45fa967d0cc512fc91b555808c4033c945e8f2f7d36428dcb61f697e791b74e5c79b2bcb9cb81bec70d8119cd8d76":"81eec75d":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2c94008bf377f90b7a1c0d2ea38f730c":"abfe92931a8411a39986b74560a38211":"":"7b3d619d115de9970b2df4e1f25194940b3f3da04c653231e8e6946de9dc08ae5ba37e2a93c232e1f9445f31c01333045f22bd832e3b5f9833f37070fafb0ef1c44cc5637058ab64d9e07bb81b32852d4cf749a3ddbfdb494f8de8bb4e31f46033f8a16bc22e2595d023845505ea5db74dd69ab4ca940078b09efb4ff19bdb66":"47d42e78":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"69eedf3777e594c30e94e9c5e2bce467":"a3330638a809ba358d6c098e4342b81e":"df4e3f2b47cf0e8590228fcf9913fb8a5eb9751bba318fd2d57be68c7e788e04fabf303699b99f26313d1c4956105cd2817aad21b91c28f3b9251e9c0b354490fa5abfcea0065aa3cc9b96772eb8af06a1a9054bf12d3ae698dfb01a13f989f8b8a4bb61686cf3adf58f05873a24d403a62a092290c2481e4159588fea6b9a09":"5114e9983c96fecec3f7304ca42f52aa16cb7c6aadfb62ad537c93a3188835ca0703dad34c73cf96435b668b68a7a1d056931959316e8d3ab956bf64c4e07479c7767f9d488b0c0c351333ccf400b7e0be19a0fd173e3f2a1ae313f27e516952260fd2da9ab9daca478ebb93cd07d0b7503b32364d8e308d904d966c58f226bb":"5de3068e1e20eed469265000077b1db9":"":"208e6321238bf5c6e2ef55a4b8f531cbbfb0d77374fe32df6dd663486cf79beeed39bb6910c3c78dd0cc30707a0a12b226b2d06024db25dcd8a4e620f009cafa5242121e864c7f3f4360aaf1e9d4e548d99615156f156008418c1c41ff2bbc007cecf8f209c73203e6df89b32871de637b3d6af2e277d146ae03f3404d387b77"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"45cc35311eedf0ba093bf901931a7036":"fed5084de3c348f5a0adf4c2fd4e848a":"6e210914e4aed188d576f5ad7fc7e4cf7dd8d82f34ea3bcbdb7267cfd9045f806978dbff3460c4e8ff8c4edb6ad2edba405a8d915729d89aab2116b36a70b54f5920a97f5a571977e0329eda6c696749be940eabfc6d8b0bbd6fbdb87657b3a7695da9f5d3a7384257f20e0becd8512d3705cc246ee6ca1e610921cf92603d79":"5dc8d7525eaad035c19714ae1b1e538cb66a4089027245351e0ad9297410fb3a0c1155407c10a8bb95a9ca624a9c9925dac003ee78926c6e90ff4ccdba10e8a78bda1c4478162a0e302de5ff05fb0f94c89c3c7429fb94828bdcd97d21333c2ee72963ee6f056ce272b8bab007e653a42b01d1d2041ba627f169c8c0d32e6dae":"266a895fc21da5176b44b446d7d1921d":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9edb5231ca4a136b4df4ae22b8588f9f":"c342e9bdabe7be922b2695f5894e032c":"a45c7f8032ac5144deef8d5380f033aea2786b0592720a867f4831eaccc6b85d3fd568aedc6e472e017455b0b5b30cf7a08ea43ca587f35e1646ecd9b4dc774d11e350c82c65692be1e9541cbd72a283bdcf93dc7115545f373747b4f8d5915ed0c42fbeefd3e9bd86003d65efc2361fde5b874ddabcf8265e6b884615102eff":"493df801c57f8bb591955712d92d3fc34518f0599fec8533b2b4473364e1df4f560c12444cf50eeb584676b7e955c742189de6b50b8e012dfa6642f3679fb02bc6d8e08d1db88c8ae955a7946263e06494e17f8df246b672942661e5563302252208f2e00a0d77068a020e26082c291a75a06f63c41e2830292a418b2b5fd9dd":"5ed3ea75c8172fa0e8755fef7b4c90f1":"":"56696e501fac1e8d5b83ef911ed11337d5d51ff5342a82993dd5340bb9632e6606eef68ec5fe8cec6b34ebbc596c279e6cbc9221c4cde933f6d93ae014e3c4ca49593f35eaa638606d059519bac3a3373519e6184e7227d2aa62170c36479fe239cb698bfca863925a4c9fb1338685a55a6dfd3bd9c52d8ae12be8551fce6e1a"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d5fdcb8f5225090e63fae9b68f92c7cb":"581c818282a0905df5ffff652e5604e9":"f1ae6cd7b07f261105f555cf812a1d5bf8dd9aac07666318acffa11abb77d0238156663acbf7543825b45c6e9cddb481a40995ecd78bb5f4cba5df7c7efb00fc19c7f45e94d37697aca8ef368b99165393b6107f900194c797cd3289cb097eb5915f2abfd6aa52dd1effffdde448e30075a1c053246db54b0ec16eadca1c0071":"d39b9cba95e3a3aab9bc1d03ff475c04faeb5b7f0510777f39e5a05756606eb7ddd154aac035d9ddaf3535629821dd8f014dedd52cd184f52fc706e3c89a3a271398c9125d9a624dafb297a56022ca2ea331ea7359ab5e65f8e14814788e64e0a886a9b1a0144bf268fdcf9d94c3d10a0452f40111da9df108252e9039eacea3":"827e66b5b70dce56215cfb86c9a642":"":"cec11a12e47fd443f878e8e9fe23c65f29dd2d53cec59b799bcb0928de8e2f92fe85c27cec5c842ef30967b919accafe0c0d731b57f0bb5685d90a3061cb473e50e8aeca1346d1f47f7db06941f83f21ba5976d97c28cab547d8c1f38387a04b8a0b212da55b75fbaf9562eeeabd78eadcbab66457f0cd4e0d28133a64cb063f"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"036198cd3a3ab9319684d0f811cf2992":"47dffc6b3b80ffef4b943bde87b9cf3c":"ec4de476cd337f564a3facb544d0ff31cd89af4c3d9a28543e45156189f8eff8f804494dda83a1fb2c30ce858884a01ec63db59268452b1eea0f0d48280bb7340eaacc84509469dd94d303774d053d7ab4fb5f6c26581efeb19165f8cb09d58ec314d09ab8356731e87fd081f661e7b2d1a7c3aa4af5448a12b742e7b210b0b0":"6b95b9e82a695fb7b466ce3adb536f525d8314f95eada39efb49baf121093ce7d5439f0d8223e03530b85accd388a70650ca9f7e63eb32afecb7b1916ed9b762128cc641caf3e08e027c3d88481d653b6b15172e977dfb9b3f88465911aee162501cbf8501ce2b66ee151bbfdc23225f638f18750c239d62471663e5ee2a5856":"6cf68a374bea08a977ec8a04b92e8b":"":"5c2f7c408167be3d266ff634e1993fe291aef7efae245fa0b6b5bde886a810c866ae6a078286684d1b66116e636e285f03646e09f3c4ed7b184e7c171ba84f3bfd9500c6f35964a404892b4cdcdd3f697fc5b01934a86019810987a9fea7efca016049873f1072f62df3c17f57ea1d88ccd8757f7e3c5d96e8a18d5366a39ea9"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c9fbbff8f25f951ba874dfc5ff38584e":"1c1fc752673be6d4ff4cc749fc11e0fe":"abfde0b60acfe265b62ed68ebebc1f5f725f155c4b8a8aeec8d704701c51ff7817060c1b0ce6b80d6efc9836c9ea2bc022ec67db4cd34e945e3a1b153fd2e0f7ac84bb4b07e04cbb529ee24014b16067f9f082b940c9d5e54024d3e5e910310457478560721587da7b5343d89eec5a8fce389c01185db15e7faa9a3fa32e8ab9":"ca401071396da00376add467490abc6e6a7d8a85852026979f7013a09cf689113c8d833560cd6c5b8fdaa8fdd818e773ac13954839a0a2c91efeaf4e0e14de43308419a8b86fa2ae600a88a6bd39dfaabc16a3c7c1b77a5c2aab7f7caceb2f8595324125efbb7c96ba16c47d0bd10568b24bf445d72d683268466e68e46df500":"ff0b2c384e03b50e7e829c7a9f95aa":"":"239637fac6e180e71b2c9fa63ce8805f453d81499623ec2deba9b033350250662897867bffaf0c314244baf9e1fe3e1bb7c626d616bfbf3e0ac09a32aaf718b432337c9dc57c2d6fc4a0a09bdc05b9184d1b90c7193b7869f91e2caa8b3b35c10c6621ffae4c609bdf4e4e3f06e930541c381451ef58f4f30a559d2b79b0e6b6"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3a314ec178da96311e42334a616fb38b":"d7ea27c819e3eb2666611bb1c7fc068d":"db8dcc31a5681f13d56abd51bd2dcb0d2b171628186e215a68bf16167b4acd00c3441973c3fa62fa2698ee5c6749fc20e542364d63c40756d8bcff780269e5201bafdced3cdc97931d8203873431882c84522c151b775285d0a3c5d7667254c74724ff0ea9d417aa6c62835865dfded34edd331c0c235a089427672c5a9211c9":"518b3f5384ab54f80497d55be7a5d6902bc7718386212c2ec7537db331514b3838f104bf9054e03039a4cfb73f41e5d0a9648e569ed738cea8d33917430dff6afa8f07a75e324b9262fa196a4439dcd66b0535ee5bea0d292600227c2a79ed03be0671740e5cb7b306d855612bd3abcbf02cf7e7cecbb6cdbb33d57b4e3234a2":"1e774647b1ca406e0ed7141a8e1e":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e818372a63b7e2c23b524e29ba752bdb":"36e617e787cb25e154f73af1da68cb06":"71801d69796c2ce36b043c157aec9fd2e06fd1ec596126d10c26b6d44e3dc36c4fa30a030d65c382b6ddfd958e71fe9c16732e595137a3d6764c15480fc3358e9a113ba492b31274663f5842df5d1cc6bad70e83b34675a4411e2e70755aede0ff5035601be130562e27a20283d6f144ff1bdb5276dec05fad80d51b28d50688":"c1bf1b702a95ceaa6b48a1cdd888ae51f58a9fc3232bd6c784529a83301c6d0cdda6e605ad9a2563f54a8d59f624ae7c589e48b85041a010dcb6fb8739d43e79a456fc0e8574af086df78680460c3cdc4e00dc3b9d4e76b0de26e9aec546705249fa7e7466c01001c2667eaf2813be1f0f116916f34843a06b201d653aa1b27e":"3744262bc76f283964c1c15dc069":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a04f16882ff45816739d1b6697ce8b7":"66f504d9a9128ad7fb7f1430d37c4784":"f641c53c83c4fb1ff8044bfa97cdf63fe75d8159d65b3e5ad585b89c083a53cf4a2f7a58eaeaf45fa71f2c07bc5725a6b03307d7f32884a133a4c803700bf1e12564b98b71f63b434ddf13ad2c467dda25ffa6effcafa72452b20c34cfae71e47096f8745b487e9f1945f5bec83f7ec2709a13b504d92315b1b727a78902be84":"6a4f3dbb3371f64258fd1f831349e745a4e19a33aad794b1de3788729618beed619586092120e9e5dc3ac6e0d52f991f7be61afbfaa4399ac716ad79a2734827254b1627791dc92a128a6f43426b8085dee94242e83176a3d762658f18ecc1e37e3e1531648c9caed212ea2cf3b3843cb92cb07730f30fe2dca3925470fadd06":"fbb37084396394fecd9581741f3c":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"38cf029a4b20607030586cd2d82146e6":"6330084319e2bf32cd5240f4826944bc":"80746cfb0127c592f8164d751b0e14a5b379056a884cece7ee4e9b80538d7ff6be56a3b19c135786722aaf315123b47672b0251e87ea45f0fd3601cf93f9efa6cbd9ad537f54d57f1e187f821faac24096ecec19d137c9f4cf145c278af4cd8de01c7758784fda06f1cc62d92ae1977786f3d0645714ab4ab6f48c8794b12f73":"f4c9f4476561c9ebdac71b282ae6e2f9f03547da98e66d4d857720db2fcc9ed1f363858db34c9dcaca0109d7c81db24150493115f2bb6985efa8686e3d2ab719d33b230aa4c5c70696bf42f225fb3c6704711c054a882d89b320884a78cb59cd2100496edf4010487597fb9135d8ca79693a43843e9626fd6c64a8722b3a27dc":"7b021de5cda915ba58f90ceef4":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cf4d81fc5997c744a572bed71f4ae609":"bc4e20c56931c967ce8e3b8f5f1c392f":"b6b8294abf7da5703f864721f7904d3821f5568bf4b269e44edef4f1c95ddc172d83a06c0ad9f7f1fd2e292c17a876392bc5bb705d370b2f16ff721bef7648f423346fd3a4d762676e6fcf2d690553a47224af29afed0f452d263be90eb8150a13d720f1db6f1abc1c2ec18cfbf93b8ed3c5aa7cfc1dcb514d69f90409687a4d":"f3d65d70326e641fbe7fd945fe9cf66c74f17d0d1020ae8ac488f39b7285c99d8632bc2201960f3d77daccfecc04428abe0853aa8d82b90a93127c72b2d2af53f7f1bd0afb99d50f0b3b24e934ec98eddb278b2c65866442cebf10208c7ce1b7ecf764858480b2a269b106fa6d2428d5ad17612e53e62ccc7ad1184663aeb9a7":"0a86142a0af81c8df64ba689f4":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d88ad40b42ead744f1b7a36685658be1":"52c3158f5bd65a0a7ce1c5b57b9b295e":"dde2663335c40e5550ae192b843fa9fb4ef357b5c09d9f39dafda3296a4d14031817ee4dc1a201d677597d81e37050cd3dc86c25adbd551e947a080b6c47ec7be8a927ef7920bd1bb81f2c59801a2b9d745d33344cbe4838bcf2eb8dce53ab82c75c9bbab8e406597f6908aaa81fbbdef25aa69116c8f7a8cdc9958435aa32ac":"e99d2566fe6bcb2a04d167605db7c0f1e5567ff2d8d3292c15bbccc5d1e872bcb15a30b3bb8b1eb45e02fba15946e6bca310583a6740845a0f74f4ebfd5c59ced46875823e369e0447cc3e5d03dae530adf3c9846362c94e7f9d17207bf92d4d59981d8fd904eb8b96a0a23eb0f8d7e7a87e8e8892a2451524da6841ce575c27":"7643b3534eb5cb38331ed2e572":"":"6f87f6be2f4e7421aa26fe321045d1e23066a02158634bef35890581c92367d0bc232940de30974c70a66c60137a9f3924d12db1e5bc1b0e7131ea3620a25eb805b7d670263b82c8bbfcd6839305025390fc17d42d82daebe1b24f73ff9aa4617e3866785dded88f8b55ef89b2798ea2641a592a46428d9020f9bf853c194576"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c3ce86a212a30e724b4c624057db4e79":"9e03f0dd4cb2b3d830a6925e4400ed89":"92c48a39d93ea3308f55f6650d33fdf17a902076d582a94a82ac99496de9f62312292b844bbca5a683ef0f0710bbc1c7f89cbcca8f9c0299f154590d32059bd99fca5d78c450ede0d11d55075947caf2151218ce7a06c1e81985a7781a3444054170b457fd7ba816026310112abb47c8eddfd3ab7f679a0f60efc6c6dd3b759e":"3582ef7a9565c9a8e4496750ee5ca3e3a80df6238f7b7608e3394ec56d1360777921da039ede34abcedd01081babd496ba4de74a7de501181d6bb2022a6cc7f79d89a4c6a97676fb0f2b42f70e2d0bc1eaac364c3646df4f611c1d6b09737451b81b5a4da73c05fb58391c74e44498b80b26f1c29562d23c39b5d3f086b280cb":"3230fe94b6ccd63e605f87d0":"":"052347a4273cddba65b2a0b961477f07edee440a9117ab204359d2dd45ad2a6dad3b60ead891e7da6d79f3017ac90f95725a0089f04d25ce537bf53b7ea8e1ea58692d34c221db141e2a9fd7211adcee03ef8b5bf3c5d36311d20bb3d81f70f7e7272d0e2b6d12293b1a2c31b70f140a8f08d98c6231a3c429c3d0a10b2e1c1c"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a0155360b84420b5bf4fb410ea02f31e":"46f0386be7363887e7e357376305eab5":"611bc290f91798ad84f0a5ecb5a7cb8fa35e9ab6a5a51c9869a68a076e96f92c9c117595f92cbac5d33343fa2accd2541473907cbc54792c5e215ae857424c921b04ca4b81376bbedbfcc0e565c118f2aced08f247698eed5e2d202c48245161cabeac9fa195219f9799fa253e339561e13012167f1d02b4012b7791b7c863ba":"ecdb51522fc440f7471ea6a31f7c1ef1ec2153e5bcf6303297dbf8ddb3830b45ed9866157375ce4bdeb5e32fcbc6607984fccd7e6552628736608ab13072856d432ceccd3e90d1bb52ca9ada9cee90eb89ac10e887a1978fd0fb3d7bb20caaf35539e150be8044b725b8427c4c4a910f79980865d36344a8784bcc3d58460acb":"ac5addcc10cae6c1345520f1":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"694f621f594d96b16c32254ff06f3f9c":"542db4e107485a3cd24c7ad337a4f1b5":"27b7bfa5eb34ba376e515e58ab8b6556c396820d0074a1fe3b984945dcf5251ca450456ccb4bb66ec739b03fdc5f72d24553e843255adc012d1f1c95aa3cdac5d12926465354217203052cbd4869a8b5be2e01d0fe66b5a6a8da0a2ce351557e2991ce77baa812b9c67b8e1c5a1fc348710e1a73a0fd49acfd538b7db6bef8b3":"e61476b8b7f101ca6005f25af2b9bee795d62720bbbf59357057ca7cd473e00f0d465255fce8d6164657603323549fb4e3d33fa51054b1a70cc7e492916dea85453e9107fe781bfeb4a622c5b2306a8dddef99386dc50745003aa7220cd7f32fb0a060fa7682576769a48f9169c7d11fe0a8a61b95f5d6dfcf216f7d0c652a84":"0bdef4d771a1740381e7db97":"":"8b27a338fd2153d304f04655e09bd9bdf4468890ecce1e3b51de2c9a25a8d9336a9acd753ce270b1fe8d50196feac68145e0fd59c9cb3aa7c1e8af03494bc4279c6e287c849f3c775ada584ae173100946ae6921ef7c96bbc6f216093548702cf1867bb1bf1f4c9e90a34230a2b2aeb584622dd615023a43a406e64428bd9170"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78826a5215a1d5e1b39cad5a06861f8f":"feb9d740fd1e221e328b5ef5ed19eff5":"ca9411b368d8295210d7a04da05a351d287f2f67d978ef1bb936de9f8065473f6fa11495da2eab13a1002231c86411d5409bbc718e2042ee99e013b1df1ef786e9fc1f2d43293c854128184efb9317c4ef82a002eac8b28fcd91d8a714a3aa25fc3c0ae4af9f4bcf5ad19a30cd8ec4b1785df70aa92074da419abe433dd4c435":"0fe2c798d7015d3e2f8725648d95729c45d357dc0c89fc63b9df5a68d3e65419540f663e9190793a29c58c495d5c6a731782acf119e2df8a96fb180ad772c301d098dbc5e3560ac45b6631a01cef7eed6db51f223775d601d2e11b9baa55e2f0651344777e5a03f6738a2013626a891b5f134f07b16598b8cbe3aeaefa1c2a26":"a724bbb295a02883":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d450f5253251121606e56687952bf2f1":"fe7ff90b020fc77d7fcd90bc583850ac":"a3bca9ff25a60006eb18f993dcdc99681e414e27605264dfd25652195d7fe1489550afd07fc7346b88d93b59eb6642913646e93bf50ee1db5dd30106cf181124d8ad01c72ed99038c9798620abdf5c78c419b08c97f982b34d9e9105d9aa4538afcd37f62e2412f14f7a248fcd60abaf2b66cd4554767f99030f1a495d56a5ae":"479b4f421bd8ac7f615c4a507da187cb5d4b1f1e2c6113d1f9678c1ba92dc5e17c5b525d7f3208733223eb82af0820b8476e9b08ca714ce044417b24d2238720cb8ffdc69db558cbaff52e3651b400e16c9d5ac8ed8949a19c35516f80394a04bd1cfdced7b204f779d792086e00b2ebca2f55a1140e85f5ee9ac7cfc5a31747":"6446398aff73ed23":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90a59f6b0abf932311f0b65623c17740":"20778bea82a6717038e7064f48a31981":"4022d04f1454a72d2efe57533bd32757595220b20f3a37d166cec0412fb1eb2588f939ecd906c805f4827338669888e9f730905001eb1b136b95e306edf70d9ba1e5cd0aa13a25a1f28ab55cff36f9cd7036c735e3b285d26002ad2ed1074b566e252ea3ec8a9ce10882375dc3f1d9676e301dcb179eaae991120b796cc35648":"be5a948a771a8df12adaf74d702f064a75f6483c03203365fbde7d184844fe6dee0b84cf344be05b1d163817ba1516fcb87b9167ed81f884ada73b0058e2b38cba515bbbe462f4c21f8de1d41bca2cf4340aa659f9f07886c2bb620d9c3295318c07fa3c17fe8242409359c08bcb337e5cf268880839b6a20f4ee4b3f04e7024":"dc77c1d7e0902d48":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6be4ef629f0b38194c74f7b66418922d":"fb77a4b9b246271abfc656433f87628c":"e5d5227725a19a3050fbf2a97a6e854bc1218b94a4a3403b721ace3447daff68fff5553a26edd41219e68fb61fb9e964d0a3c29796251ae4eb942187cdc55d13a09dfb487e93d9e2072d7271456a77c6ccb81154443eea176314d6e3a08619b52cd880f1c28ae5214ac0090a3855dbd74f87389fe8afebd464330fb683dff81a":"b67ea20a320f4ec0e4185c62a4ad79a3c97a8189a5e4d1deff9d3edff0f9a9323532853c1a2a2c1e62e4d1afebfcdf1d8461921ea601750380e63b912d8b7389198f976851d88a19f1aa32c97143668ad00838d98da1c4f2be0e6e2dc964d170d7f7ad2e2997982e5ca110e744b6e10c24ca18eadff6b129b1f290c8a7e0a593":"3d8fc6fb":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c50e37244931e8debc12b3d561c83ba2":"6c0b1fd7ab424a6883c36457d1b5521f":"516dc25f6452ae169ce293c5cee440de47353ca5ba770dca0f04175950e87a2d4c3f84fbc6eeacaac436853492929680066f959e74de4b736ab924d8367b90aaa6e9492561ad4b5aa78b6737d562e960edc3b983e2e01a186e9f22896f48d8dfcfb6a42cfe2c6006c687a27772820a1e8875bdf09e8104248ce4db883376bc04":"b9abf0796f2d2f774735546cf809030f65ed0c7f6bd469ef2fe0ef32aa0225b57fbce07c36017bbc1806a81ff1a429278160a07643f864485b4e0e35d57553dc1a131e32aa10f1f91d663b10f0a418f472ed7b4bca54fd7ffdbb22c4d7764d94a7ffd04730614459431eb64335b9b65363de292c04275d40a7b968c0f5c486e9":"7d4393f0":"":"962509e494f10269b70ebad02b0cd799d1d41191a734863ef502aff3d3ba48dc2acf9da9a3fc3f40be4d210dc5e128bc00499aec57aa0a4669863165428687b88d46fad41e36af8ea6605586eaa5c0736d0d53b9d523e0cb5a0b285048e060a73cbf4b587d2cd787debdb2b4c8cda731a61a15b19fe8b561fbdd3a7373853ae1"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8531ddb03977383405baf2ee9ca7d64b":"baf623867d6a25fd85d1f08e599c0566":"18f92cdd37dcd7f99b06838f3f68748aba367baabaebd0da9ee787d70e752fa07dea553a43b643b8d8f460175c0746675205e20a7a98acfcac864d7c4cf5ab4c41c031738c76882acda003c5af47b1c4df8894a827a317935d970d4afaee17715c9cfd1883e8c345f19d1f89e229b8edba6b4f53b86d8da1c0f159afb83b6b33":"d90c9e26509bdba9b1dea8d2b94f2b1881d22c2bd756ad23cd61944710a1c1f2807170ed47a6870ae654e44757fcb3822ef28b37946cafc07284f8a0c22ae3552954f0d87b8d8c825bd546935b494cacb4262d9e2a88f254f200ad31367d8b3715afbabea5f34214ffedb14d7c84806022aba2dc8f88a314ffbb24017d1a9b9f":"2fc9de46":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"862dd5b362cfa556ca37e73cff7f4a0e":"81530a243655a60d22d9ab40d2520447":"":"":"3b9b2af54e610ed0b3dda96961dd8783":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3452b7bc100c334292e08343f139b9d0":"8f92739a30fe4ba24079f5d42753d6ac":"":"":"0eeca69f8b95e1a902cc3ab1aaa8e2af":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"31a0cbaf21b943f8badc939e94eac7eb":"d5bb2c4eaec47088230972ae34fcda9c":"":"":"580e728512c8e44fbb3fe2c498e05323":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9e8fca537746e7cbff97f1dcd40a3392":"43e9f2bf186b2af8cc022e7c7412d641":"":"":"4465a3f9d9751789bcef5c7c58cbc5":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"35b5854ca83792ad691dbda1a66790fb":"cff61cf9b32ea30cf7e3692aa6e74bed":"":"":"726793199df533dd9055b0ac7c939d":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"07259267c1c6a015437a5d8cfa92f9e6":"18b9cf2ad7ace6ec1c8366b72878cf20":"":"":"4340f6263f0ba2d82c2eb79cb0cc7e":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fa1df8955aa3ef191900b06e7c1b7d46":"6928c138c98a4350c318fbdccd3f44ba":"":"":"7c89d9e77515d271b6ed54c9c4e3":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c04200ce41ce77d772babb206315ec7d":"a885d58f0f38f9ff26d906fa1bfb12f4":"":"":"9ee0d025421f2bf18caf563953fb":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"650df049461be341c3099bd1613dcead":"8a4ff6327b49d297248ce2d5bd38afa8":"":"":"13f067ef0d7b448d56e70d282fed":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ee61b5bf5060fcc637dc833926898508":"b2dcf21f9ffa4a883044d29f087f9b85":"":"":"9ab1d66666d4dea3cbb5982238":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"01cc56ca7e64db7fbef66236a5c49493":"8ea5b63004189792cc040ef18b37e550":"":"":"d685aeb54aa129a21bed17766e":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"134dd72ac8e28ab46720c2f42284a303":"c6368e4c0ba0ec90fa7488af9997a4c7":"":"":"4ad9cdf19ff7d7fd7e273efced":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"180c04b2bde6901edcda66085f73ecd9":"9193b206beade4cb036f01a9db187cb8":"":"":"530f5e9ed0879ccef3a7b360":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aaac85742a55ffa07e98106d6d6b1004":"630cd8ab849253c4da95ac80324ecc28":"":"":"37911820c810e3700c3a9321":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ab663c4f8f2fdc7d5eabf6ef26169b4e":"86e6100669929e329a1d258cd3552dc9":"":"":"958d6141f7fb2b2dc7d851a6":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd756d49fd25380c4026ea03cafc2da":"6a6f7e39b0d730ea1670e13d16c12c28":"":"":"872ef05a28da5ea1":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"bd8a834b288bdc7578b6c6ab36f5d068":"aa77de0af5fa4dd1ed2ada5cb94813a0":"":"":"c5c094e83755f2b6":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"020d280dbd06939bbb5e6edc6f6d39c6":"09aea6f0e57598452719d6f63b6fe5a0":"":"":"05d6c56ba601e85b":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e47f41a27a2722df293c1431badc0f90":"227c036fca03171a890806b9fa0c250d":"":"":"86c22189":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9d3e112114b94e26e93d3855d4be26bd":"99b98525160c4bb2029da5553ff82b59":"":"":"33bee715":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,0,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5b4b7688588125349fbb66004a30d5d4":"b4ae363edb529d8b927c051cf21a2d9d":"":"":"6a920617":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4b6c5b8e21c32f36b0ae4ef3b75d5cd":"3d1036bf0000e6f1b77a799f2ef32dec":"1cf2b6cbe86a87b4b5bb3cc50024aeb27c48143658d47b41f2f20b87ed67bd6fc3b85a3a803f66d3576608f5d6ce6cad11e02fe12de5390722dccb8242e1dd140051bef51aa9716c860d45d45bca6effbb1a4797e6e7406a04db5d823766c0f011ebc28e9a8cd4446ec8a75ea8bdc1b2fdbb5cc364fa9877886e30404593df34":"":"a49725014c214ef7cc2d28b9b2b53da7":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"":"c53d01e53ee4a6ea106ea4a66538265e":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0c88b191ce6e8e4a3941f7960b7eae5":"e2a899961c332c815685c553351fa519":"308bf10570af48d632911f3641dea60d78046211c01a63bb8e4e5cbddfff8841d2f2b11e18ccb2170805ef4cacf7804d64e0feef40731a1704907f33b77788c18ccf35b224ec3046a67664ac9a3481d2385b6ddeec6da4f32423f94ea9663a5c51cc388cef33744a8159b4fb654dfdb5092718bf926c824be31197f07f276b5f":"":"92604d37407aff33f8b677326cbb94fc":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c818dfa0885a09f65ef78712f5ce6609":"ca279284723530fdd68ae880e0ce775c":"2a562abdbb483ca5f355f9cc1c5e607bdd624a078a76b717ce0f8f35d0d4c54b629f372f15d20c848d01420c6af5a7040d42063704a17b46259dcc53723caf2d4bf556143ff9117c752fa4f22c9c155c99b7bf5949d089cdafd562165b9cbf53ff51cec21f49128c8a599718bbcdb4a5d705d20509c44c8945e2a133164b9942":"":"20e9a3a98d71d460743e1efaab13c6":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2354c6b6afaa883e7ce91faca4981f8b":"604f2730c756c8c39a0527093bc2feb5":"959b4b0b9ce2e9120b327d2d090117553999ee10bdd384a546fc6de0957ef4b447daf07b3d07ef7dbc811f36b0fc09a175d26e4d1263cb5e21eda5ecab85d763807bb20b3cb6ac3f31d548dff00aae058d434ebcf6f7e3a37f11324134f453dd0ea7f51094863486426ff1706129a5a93c53d8c5ccb56cafa5881981fe233cb0":"":"3588c9aa769897dfa328549fbbd10a":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0af48e6aebbb6ff5b7c92bd140b085f":"d210d6502a5221ac1274a9c7f5a81725":"d725311ca10eb4b4aa24e6dd19c5e72dc34fc1ff53feb25d924a9b7d8d72205790ca4b1275bd93ad60c27a5587a45659bca07c111e9748fb683a03465153ffd735b7d134b479674ab8596f0596496fe2090f623fd1e4dd730c5283d8b172db8a25df42d9b34f388ed32676a56b8ba03347e47379702654508ccd0a21ff03516e":"":"e6222f068a1e18f09ba6c771eabd86":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a05fe482fe164b2eca7f6c3e377b39d8":"145327bcc10335fccb93afbf4b17e6e7":"ea6f2e93b5e1bf127d40440b8d6397405246b1b48eebe16964f18928f6b4b8ee2c36322d7126905c1a5b816996e340404b586edc2d77afac11a6c1266511f9eff1a320b035442d4078f8e42ca63cf26d12a971a7adf4645d1bd9a8e4d0a20722f7c2d529beaecc4033f7738075e1cdc6d8a929da5582540678935b82e7b7ba68":"":"3900bde9fa9ae2cbeee54d04f224":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dacbadf819eb16a63f6f091d13ed04d4":"b9ebce724b0dcb0989ac2d8e7ff8aaec":"7dc6e2189d8a96f3507e352e05e8fd1b4bab988c2f1c706115887119f63b78084f015d85f6b460901a02880103e4d36e8f6527dfd74e4a3acd3f578c0cc726b528875f701ff8b66e5c11b4689c346a098e123bebfa253362cb86829be73c2b85a6881fa976aa730fabb76775027feec7fd920a6c8965a4a509ea812d7c413a95":"":"8988fca83c8cfb1f8feefac46f04":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"969244c7444f3f3bf193b28f8e8e96dc":"49b2845a1a1c87fa66eb8f78c05ac029":"1414a07e86d8b61d1eff43e1ff4ab42c1c95e159058b74c731e3007d21a5eb78bc17b7e920363a3974aeb8608813dc9a4655199b6703ed337450702d8ab16a89776831b2c7c811fec3acc23598a0aa01680a7bf42a4e258145beb08c9f0eacf2bb5f56d26bea3ad11e1a956a630b80f3d22bf35592b4704f7c464b08b06dd7f8":"":"a291c7527385f037f62e60fd8a96":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"525abe490c8434802b69439c590a5290":"141f79f0501316e66451c41c7af0f0cd":"be440db66d3f81be467605a7b2805ec1df5e71e1b1b04bd7a4d05e912f5aa1912ba08de72df18613b32b7edf78963c48c80c25178b3b19262b85bb829f5377e0b368b500d6d3b442f54172d4ca4500eb5b4d478b602e5dc11d090539455087ce1e5b9ea74355fc06e9b60cbf25a9804d3f8c623fff130abc48bc2d8d116b8366":"":"038c7e95f790e6ca5ce73f9551":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"51644e025659de983f5c8156516b812e":"614837c743d0974e9cca497f13038c02":"60c5d062ade2c5c2dec68b734dd3e58ec474a586d1c4797fdfa2337800510134cb27a10d501927632af3c1febc275010c0d2e5abee630cd2bc792963fa82a42286ab047b934a261927311b40f5f953bfd661427921147cac7613d95ee86e16326ef67c1ed097e8fb87a78753d785de34e03a182232786079cb6be00182e41c9e":"":"77e3deba2c7f9386f85bc4a801":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08566ca7310302dfb84d76ea0525ba20":"5f20ec9c35c08aa7f1c0e8a20fdbd2b3":"5d84e32768b8d1e7e3c426b3118d48e35491bf1bb454b359c8429220216efd8826be94fe1919409a128ccd8125a594f1691c9421fc3dbbb3f757bf2355bb0d074ceec165eb70e26eb53fa2cb5d84dfae06babb557805ef7b8c61c1bc76137571bcc5e84bf5987dc49013831d78bd497ccc49cde7dca2cb75e7ab967da8c6ce81":"":"873f037fc05252a44dc76f8155":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfb54db96383fa911bf5b4fa1218ef9a":"7e849e24983f63f1194b396bbd2d55e0":"d3fb689c5818810dd104693f3306a10b27178444af26798a194f7c2ab31ff3a172904b951942b1a26c8ae5b5b1ee2d86dc78bb72a335fde350766d7d9aef6f549871dd46b04b2cc319fcdd47be437d431ad18cab82d51ca9fa57f4108a8de622a92f87d28c0349fab27757fd773413f559a8c00d30e258c1f6cd96f9759bd957":"":"dada7fc7fed58db462854ef6":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"389cf888474e9403e5f4d0e22ffec439":"ef57794cf6fac9f9cea3e8499b53b1d6":"7ea7f7f4763ad208eb6199285b6b2819756c4e3caf2d0ac6f5076ae6785fecdcc4b138a51860ff8b87aaac3a18c2df778a4818308d458dba28f5017513e1454f60be20dae68736ea6d48b1f9deadb517df63140acbd329fbfbc9b82f3ca1862c9e998f0faff1d3ae60b005bf66829f5cf0c5fa03efbdd92d39351e3954be0257":"":"92726d90ad26130e65f2beb4":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e55abb2ca36c822bf2a030ac703cb8b4":"d86f7177e8ec90f9e9edf10175d5012d":"777a9d93091de56324c10712243f5541722e0b27e1f303fef6faa387a8666161ab354dbea6c43c82a24e8623bfec39aab13164add6be0dfd55d23204c0975b4ba6fbda51363befde482a9ccc1eb9f151e6ad59c77a1e24dd268389e4686f198a936dd603044a3fb653d63cff80597f5a2913c8a2ec1b7d9dce5728dd56c78c2c":"":"65025250343ed8c09b3fceed":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"586114f3b1dc087e1b2739b28c592dfe":"ae5a38ddd455505284434a4bcfe81ef2":"531ff8c285e532d961f49bd210a5523cd9b19a697a3a3fb26db940a496f253862405b1e825daeda7eb0445c98022b8342c8f8ea20301618483f8ab04b6ebccd7e7fc57878fb544a5bf78fa896f50ac30126ff8afca8a86388666b64c643d16812729bfd7e5c03ba52f7e6ea4c6a685404f7bcbd956964417fa0ea9a6d7290c41":"":"467a815610faeb82":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cbfe806bddb7f06b3826b097550c68f5":"04c1b6c9fd2ab76fc2adfe15d3421bbb":"cfa86d02599652cb4ffff027b9c6ef2336dc9fe946f64fa5ce83f624e144563d4738381bc5371c3cb55cf41ceda07e62cb635ff37246bfa428785229c6e869d5df69d7949a8577889a29e3d05b788ddd43608d9c14e3f1b51ce2085b9a976fe843e3396a74922babe6797d5f01c37ead623b5b582505bcd29edf8a6ea36b0fc7":"":"0697ac372a9acafd":"":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"96ce3a095a91effdd91d616f1f02ddcd":"579d6633ec6687afa24ef874899b58e0":"3ff3c0038148ed391b6a10aad623a82fe9209c5ba74482f11506d597b5fc7af977235d8ee9e28cf2160346ddd0e33a5bd1fb67b87dad7167fdd4b2b4000d8460ef7b3e1b59b9d61d06cfbe7945379ed6b650de86f396a38cc70d47b8a349f067d00144c903c276b323be6a929a7d7dd8ae7d254d640cdc1176f98e01a1d8c82f":"":"55a0f61032e048f3":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"24ece168c2971cf2b404ea206dc9e29d":"e9db62a42491664a6c46cbb0b2bafc92":"3579f6c0cb3d2a5d0c4548855c7c052d36b6a8dfc60f4ca1b4bbe28ed87306119e71982dd84c4205ceba918d675472753df1b5192d3693dbf6a061c6056e312135ffc5ff426895a7e30f7f675d2cb21de06eea5e3761b94deef7537b985d324864c9ff6ab6e230a1006720f98c958912b604a6d03e3979887c07be3ceaafc78f":"":"d2b15a23":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d3c3cf993f6740a019e61ce13c29955c":"af900ac348082ff32d2e0ab886079516":"2ddd0e8c99661f0757f04aa79a1ffa24ad48fbe5da68b9e71f7a0cf1b4f2ca9b757695900b7549d48847ae49950dc9b270b1569d29dcbef412216737bd83509c17ae41c34ccda318939cb37a0a380762993a7568c0b07794e78746173dd5c0d921cd50de4b548c1589e142c3dadbad42161aaeda2310f3c6d5c722d9ac69e96d":"":"f2d3a6ff":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,0,1024,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5f1e5bd45ee8bb207ebbd730510ff218":"8846424a194f5de858556e6be5b65d7f":"e968947fc0e49136e730b97f6b16e393d5e4fdf3e4803a23af79211ef59f29167c60ead72fd489da32d2ffa43b2bca2074f9d1b4f5396ca65004b0806cb7c6dfa751fb6afbee3e443f3c9b0e3df6722e0d1320441400c5ca508afb657c2b7f1669b0de21761dccab9a40fc513768bd1f552692626ce35078a2e0e12f5d930647":"":"0d6c15da":"":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3997050377cfbb802cc438d973661688":"c95c84c263bdfd5f1de66e7e616cf3fb":"":"b02f0dd373e42c65e8e1db2dd76a432e0b2bf6e630c8aaf0d48af51b3709b175de9a19b3245ae75818274c771c06fae225c4f8b002236712336e805ab006449eb29cc5e29abd82b06c32d4c36ee99acb9a6d7d9eae6ec6ec263c002a22c4a898c74f6abd6d92112367ca7ffe82787c5b39e7012ba22825d3612af3d41e8008a8":"b35b3cf6ed59ccb69dbc9b47a3f284ae":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0bc2bde877e881aea512068105694968":"05f0c34ab2e8e8026b0a23719344b71f":"":"1a6369a45e8ef2846c42d54f92d0d140a94f9633432782dcbf094f1444a1d006acd07ef6076cd0faee226f9ff14adc1fb23e3c63ed818c9a743efbe16624981663e5a64f03f411dcd326e0c259bcadca3b3dd7660ed985c1b77f13a3b232a5934f8b54e46f8368c6e6eb75f933196fa973e7413e4b1442b9dee5e265b44255ed":"46bab9fc2dbe87b8f6ca0ed4d73e5368":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e14f45ba5d1eb52e0412240da5d7b5f9":"d7f8ef12f66f8b7c60aea02ef6ff688f":"":"9a85fda19ce923f093a0c25b0c52f5d9534828af7c7687d22307004ae2d10c4592242c0f2704070307ab55b137780d1e2013a19396ab43ff6a295b63fdcf323456d149758f9a2bb37f1418d62ea6368b24d5067b9c63d2968e06d6586c7e3275faffa005f7c7bfef51303e4c2b2ed4564acd17d50efac9f5e3e7f16ce589c39b":"beede05e4928c808bc660f3de95634":"":"4ad5b9ace0c0c7c07df2900faf37a902899471e7aa4a0a1ad5387f8f56d73f78f619be79a4e253f95b15d52895a05bae9ecffa916d35efacd8baf1c704d2aa4a38c234efc4dcfb191ec0fa0b522328fa5b5dff55e8c443fee660ebe3d8ad85de157a889aefc823720030a4cd6ba94a6309dd61806f0abb27772432018bc61701"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a64579f3601b0022d357b601cd876ab":"515efc6d036f95db7df56b1bbec0aff2":"":"88be1f4bc8c81b8a9d7abc073cb2751e209ab6b912c15dc094002f95a57a660b9f08b1b34f5947223205b579e704d70a9ecb54520ce3491e52965be643f729516f5cb018beeedc68a7d66c0d40a3f392ec7729c566ce1e9f964c4c0bd61b291ccb96e3d1fac18a401a302f3775697c71edb8ff5a8275a815eba9dd3b912e3759":"13ea92ba35fced366d1e47c97ca5c9":"":"7fc8565760c168d640f24896c69758355b17310dbc359f38b73fc7b57fe3f4b6ecad3f298be931c96a639df3c5744f7e932b32d222f5534efb8eb5d5b98d218dce3efef5c8c7ce65738bf63412d0a8ed209071218a6fa2f7be79b38d0b2f5b571ec73f1a91721bd409b1722b313683e97d53df19ded95fd471124fa5f294a4bb"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1bda4acfd10ab635f357935bb0ab7020":"48b77c587616ffaa449533a91230b449":"":"c9ac8d4ef7d83848fdc03664957c28b9b76710797d5db1c21e713e85eb0898892223e52be1644fc7362c95026ebb9c9ca74d7d3739eff10cab1eda00c36628dae0b98d119a14635800e37cd340faa6fbba9c3d41d52722cc3969612b1a8c5ca9a68773f5ee654506cb88ea65fb1eddf5ab6312d0170dc03324e483342448b854":"8325e4394c91719691145e68e56439":"":"1287ad3719508a9be70c19e3b134a2eaa4415d736c55922e9abcfd7f621ea07ffb9b78d8a9668c74bbd548b5e6519ea12609d2d6197c8bd3da9c13c46628f218e7ff81884ff7eb34664ab00f86e09cd623bec248d8898ef054fce8f718a0e0978e8b5d037709c524114ec37809ac3fd1604e223e08f594e7aa12097f7dc1850b"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d21cf24bc5bd176b4b0fd4c8477bb70d":"208cb9dced20b18edddb91596e902124":"":"2e7108fd25c88b799263791940594ec80b26ccd53455c837b2e6cf4e27fcf9707af3f0fe311355e1b03ac3b5ee0af09fb6fb9f0311f8545d40a658119e6a87ba8ba72cc5fdb1386bc455c8fec51a7c0fec957bed4d6441180741197962d51b17c393b57553e53602f2a343a0871ea2dc4b1506663b2768ce271b89c4ed99eec6":"7edfb9daf8ca2babcc02537463e9":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d02e2b02170986944487cba8448f998":"6336077bb83eff1c9ea715de99b372cd":"":"bc1d7553f4a28754cf59ed6f7a901901f04ce62a449db2b45ad60329d0341bb9ba421c783c28a9200b41da8ab6328d826293134a7d0c9a5775dd2735e7767efda4ad183566e0847d6d978abd1a8ab13b16b8323acef05ced3b571631e1e24ad44d65e6ffa64e03c9970e94bacb9f721aba06cda6a08806a3be63dddd8029301d":"0466bb2957281f64b59eafed3509":"":"5f395958f2f7acafb1bca6d3a6ec48b717f2ceeac1b77e1b0edc09a09e4a299d2ec722cc7daf34c8f4121a93c80b2adb20a2fc95afd09320f91085c93c8b082dd703814c9777501d23bf9b328f07f04652592dc5a3f4321626a695b8db8e65c8617c809eb2978d8c9a882ffa82a4bb707c1a8f9a965bdacce5c041bafc94a1c6"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cd1ad1de0521d41645d13c97a18f4a20":"413873a0b063ad039da5513896233286":"":"588c2617517329f3e1e7ba6206a183dc9232e6a4fa8c8b89532d46235af1e542acaa7eae4d034f139b00449076ba2ef9a692cae422998878dabdac60993dce9880d280bec1419803ba937366e5285c4a7f31a5f232f8d3ef73efe7267b3ef82a02f97d320ebc9db6219fbdf1c7f611e8e5164e9ecf25b32f9c07dfa12aa705af":"d4dbe9cae116553b0cbe1984d176":"":"bd519b7e6921e6026784cd7b836c89bc1fa98e4013b41d2bf091ef0d602e44a70df89816c068d37f0c6377af46c8bfa73ec0d5bc0b61966f23e55a15a83cea49f37cc02213b4996f9353ee2b73a798b626e524b9c15937ecf98a4eded83fb62e6deea1de31e0a7f1d210f6d964bc3e69b269da834720fd33487874489b8932a8"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1cb120e9cd718b5119b4a58af0644eff":"5a7087989bfe2f6eddcb56fde4d72529":"":"4c8e8fb8c87ff6b994ae71bfbf0fa4529f03bad86edf9d27cf899ea93a32972640697e00546136c1dbc7e63662200951b6479c58ae26b1bd8c3b4f507c0d945d615183196868ec4f4865d1d00bb919a00184e9663f6cb9a7a0ddfc73ee2901f7a56ef2074d554f48cef254be558fca35651be405f91c39e0367762b4715d05fa":"95d8bd12af8a5ab677309df0fb":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"315b206778c28ed0bfdd6e66088a5c39":"7ec6f47ec56dda5b52bbdaa6ad2eb6da":"":"6186f57a85b65f54efbf9974a193012b1396fc0ca887227e1865f1c915ac2af9bbd55969f7de57ce9fb87604cf11c7bc822b542f745be8a101877a810ed72bf4544d0acb91f0f9d3c30b6a18c48b82557433d0db930e03bcecc6fb53530bfd99ee89f9e154aa1a3e2a2c2a7a9e08c9aed1deab7fae8ea5a31158b50bca2f5e79":"930750c53effc7b84aa10b2276":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e886de1c907c97e7db8ec80a79df90f8":"612cacbf33266353d0a29a24532f3c0c":"":"c64cc9596d7c738746ab800f688eec190a4c802c55b2528931d74d294496892b81f53d3073d48f9bef1d58ce3be26547474cdda2868abeab71aff566fff613b4e5bfed1be1d2fff35d8ffa33302d3da1c82e421aa3a23848f31e26d90c0cb2ac2ae136ada73404ed3e0e1d3e7cb355a11cd2a4f9393b4d5eac988104fe1cf959":"76634e58d8f3a48f15875ac1d6":"":"7001d7395efb432e2804cc65c0ba5d4719ce84177ce46292c4fd62a5596bd2bab1d5c44217ac43235bd94489c43d01618a11f047d2e247062c3b88d6e59adaa1f46514fb33b7843483920bee60a41f3cb312322c305d25251b4704fb66da58637c95a9d539731434f60ef44fe3cd6d37e2c8e7089880a563938dcc98b43f08fd"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3b936e09a6477f3bd52030a29df5001d":"f93105be83fa5e315d73acfdcf578de7":"":"65cf11d1afad19b34f282f98f140315992392f5d4eed4265085b29e1e5553f4783fec681ba2d368486ba6a54c00e71c82c08ca3d097904f021ce4b0acba2d2a7005e28e5f8750ea3d18a4f78363c37583e85104234498942c639a0564b0d80055c21cb7735dd44348298291ab602f345b1d74d624750c0177fbd5cca6f99223b":"91b55bb5e3f3f1abcf335db5":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dc9e2095de7b1b48481b56bf6a3604cd":"9e5268db19a1b51c0496a160ca76f8f7":"":"ed61ff94a3f84c72147faefa615e2df00324fb01790cf9764c72c1b8ba47f17866a1fd64ee5c2f53865d1bc24ec93165a6774466a59603199ee476c1f2da7d932c8943d126aa172d532d8475a484d42bb45fcf92766feafd7f3e2e3d42d22f6f84a90e7e688232f799d80cd2cc152ddd21ecfb137701ecafcb2b65abe2e4e6f4":"0fa9588536fca71bb44260f7":"":"ef562e301fcf923ff1a1acd3aff9b1c963058228655fe8a66cab01396547dbd2aa1f79a22eefc62944b86d1a31ebe2d17130175b8c003d6755b0eb8b79895b0f7f8046c5ae888a067ba17bc8e11a8f6e5023a9cd42f6461966c28e505b371c0f72a2606bff430a58016e99713d25ce11f10391fb4a922e27989422c6a64f9107"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3f93901fd7cc88db3ba76a158d658c7b":"7e98de461e6d96c0ce6c8d8b3854cf49":"":"16402fded879fcbfe9405902aa63ca2a520889e0045f687455469b7bb867829a01208b8dc5dcc852d8ee478993c30e6d9ec6408773b367821310a0ae171d38d71e06981ff6e845acffbc794142b87c748e12484c0636419d79be3d798cde59e9dae0a4a4a4346596427e6b235ad52e6a1b02d6f4df0c7de35fc390cae36aef14":"86c9a70e4bab304ae46e6542":"":"1b4c09569b42c469b3ab6b39312c214502ec09f5fe2fed1d1933d13cdc6a7b77a5d135123fa69d9207d6844b0357b26b7a2f53b33a5cd218dacda87b78b09cf259e48e74076812c432e2d0833fb269721f9347c96e158500f9b2283342a35c8de0a022edce711118d72d8fbaa354bfb0ffee465844ef2d37e24ec2cea8556648"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"42289f3d3cd5838e250ef54b128e60d1":"e557389a216ad724aafdab0180e1892e":"":"3edae1d554b67d2036f5fdbdb2945cc112f100adc1b47009c2e23f6a2eaee78d1f39ce8a98f715853cc29fc793fb6981ec3036834188dea7d668185ccc8642071b15de1332f6a59c8a9b4399733eb4b3d8f224af57ba6b4a8e64494bb6630b9d28e7ec3349064350febcef6a3ad1d6cca1b1da74f3d2921c2b28a2dd399c3416":"6f78bc809f31393e":"":"25c476659cc7b343a69088baf868a811ba37daca85c4093105bf98235a90aeca015ab034da008af0982f9b2e80df804c186a9b2e97f74cffd70ebb7771d874fcaf12f6d01c44a8b0ec2898cf4493cf09a16a88a65cd77909bbf0430c9603869bd5f20d56cb51d8a3f0a032fc30d925c96599d296b1ec41c2912bda426adea4fb"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d772eabb7f19475665ca2a7e693bcfc":"0747cbb486a013453fde1ca6abb11dbe":"":"e9fc4d86f5b857fa6057b73f967351e06f87288c40a95b9e378c84f1a4c0f4b80ed0a0b44ff90a8973be4199c0c4006fc4f5ea19d5f1fe8b9c8c01f4675ab85afab0592bb3daba36bb4fc7ed9eea867e9d8cc50c19fb62a5a57956e9efacebac5e9f849649d35a329bd68de97bb6e5ff7bef477a86765c2c9ec15e24cbba5c6e":"8e761ffaea68f967":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fb7fd753ee6eaaf283a42a121dab4e43":"8164929fb54485377ecccc9b9621af5e":"":"fd5cecb2c0287cb8229e97d9cc4b9885f428710528884ce663ed1728cd44cb2df93e56ef17ace0678d1e341366c652f4ba7ee45797d39be4a05c1151e5cde499e13e5d45549b5d95a174d03616d06ef96e9d7b2b6bb0d79a726b253dd64223a5f09611671b234ccf9b383952f8888814b2c167e774cfbf54e9c6b99a753f4fa9":"40a2fa7f4370afb2":"":"6208d068be60f7b04b80fc611062e6caaef9a5cf59f850d174b7446c78c039ea9aefe4885e19c2b33911d32ce1fe3c48ddffa4b03e450fd35da03f40c4e7c5bb3b1c3f3049dbfad3ac81ca1b79cafbaa172f4900e3829d38edea3b64000f93924a801259bc4b2523445c64bc23bfee190b952468507fa4baf6dc2bec66fcf0d8"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30d757fd73a0fd5fa49159ad0653296d":"b35b8df0aebd0608517f2830e0e70cd0":"":"17d485b258f80d8924e35291118cfdcffd86c47851b65f0b06a7c1f5202de82f3f460fc61b1aa38fdba7c8ded375c92cf005afe63e59d362c0960044af39241b81ca24e85c5faa43903229355b7313fee21b992ef3931d9d2407b32b3cf72dd7acbc7948395eb513cb2fd428b215ba2bd1e29c62f45d0ce231884f62480c6d8f":"954c0e99":"":"022618d2598f79104e918a09c937a82b3db59243b5e13de731fcb912e4366105797ce47f6dce7f08073f2f41e5c15fd6b1ec4b5861469a4880c3b0bd769b78c696ff29c28c9349d5a46a6e5ad9211bd4b708a8c0b6928ebbb0dac1c0a5f5ce6b05de6a50073128566a23f09cc1b826aa5803f9f750aa4debf59f24ae9f98c9b5"
 
 AES-GCM NIST Validation (AES-128,128,1024,0,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d9d3cfd5900de5d5e2109e7721cfeef6":"b4b9dfb013de6f7c44779e5a9daaf5e5":"":"e4243cc37cc32dfcedf9bb76890e706af6ab1e06b290b8ccfe2a55e5dabe68cb390f7636dc9676b431d4dc8ad3f6d989e510194294ab7ab0556789046743cf374d8b6462f5f95a17f3f44337d6c69ee47b0e1ad7e5ce6f9b224c54099a104e70d2d06af869b921ea47febe08f90c591ed49c1f12003afceabd2c7bba458a0111":"2b81e8ce":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,0,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"68dc138f19354d73eaa1cf0e79231d74":"e7147749560f491420a2d893c075bb76":"":"ce345567a76bc30d8b4fd2239788221cfa75e1a310aeeeb8c355f8eea57d80967f3047fbd4e6173fac5caeb22151fa607065953c4c35e0537b9e3788cc80de9eedf2a340698bde99a6a1bdc81265319da3e52f7a53883b7f21749237fcfd3cd4f149bb2be7a4ddd9ef0544cfe0789040d1dc951b6447304942f03ab0beae8866":"70a83f6f":"":"64b021612c78b3e192e8349d48b77d02927e7fd70c7160d37cb8ef472f6bcd9df9d93431627c1c80875e208724ae05f94fdd2e005e9707b78a1bf3bbca7beec4b03ddd4d9de6235ffd6d84a8b9a1842e104c1e22df4566f6c4d3d4e3d96a56b9b8a5cdce9da70aa236109b289266036f285564060b204dfd7ac915eea0dd0b1e"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"7362c86344e0aefb0cf0d04768f9c05d":"7e8d12c2f0dcf4f792247134234ac94b":"86d2b5debc3b10495da353d6821f6cad380776d805bd8660b08dcdb1acd87026e4f344b547a4db47b5f44cded314bec4ce9a417ce40a2acd5a21460c42dfcd27483abf3f38dd8cc5fa523b6768a26513df5896435baa97781cff1966e2e3d6ec6d0a9cdc013de5a50e4d46831667055bad04f784024a82f9cd087ae4cd37dd64":"8baffc7836004deb87c0111d47c182512bf861874021ddfcd559acf2c4a51cf5bc4bfdee2d039b9c005b6af95a2607643dcf4d9cd9d62412f709334556db22fc91d7b40438505d6806ccb2f2c21ae731bc1f1c825d28a71ab27095a39985e96ccd07cfb2e75243ccafd474494a2338c324ef533ca5f17d2ac1b1883140342ced":"9594da428fd8c1b13ecb23afa2c1af2e":"":"e2c424f42aedd56f0e17a39d43ad19c8e2731efc7a25f077aef51d55280b10e667e338bd981b82a975ef62bf53bc52496b6995d33c90c7ae14767c126826e3f32bd23f444ddcfd7a0dd323b0ae2c22defad04ce63892b45c176bd0b86f5fa057a3dc371359744cb80bbfb4a195755136a0ea90b4044a45bc1b069f3cb3695c04"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"58748bb204ccb7bdafdbf739b6c19a3e":"93ac298c73c88e127a4d9dd81bf24e3d":"8f168fc4d1da13bdbefae3f9d6ac1d8cb19fcec1f43f727951af0a466d8826649a46c3cb50c045ea83849fce0eedbc042a1a435e6d9d59017997a2d5459b940078b8a7f3b6b0ff279ff8c560248296a17240ff1b0643d1f436b6e3f2079363fc49fb45f410debbdde083b92057916368cb807d603cb82e2c0dc01658bff7f1ab":"b72902c9ebb72a86be539b19a52fd9af00aa4de081d90c0d8ad580ebb5900177a036f40a1e9b43e3a07d715466526d6d7544e5a5551805b62463f956cd519fc99182c2d54bd62fc7ffc6e5ebf1503859b706da11a1b6c707a67a70789dbfc10ef726bd360f9f2347326e068e757c8443ddc9308a171e682359ae1bfe87194ab5":"efba4589d4a03555766bbc3b421dd60f":"":"d5c97a659f016904ff76286f810e8e92da6f8db2c63d8a42e617760780637e32105503440cdf04d1fe67813312f1479fda8d746c8b0b080591eba83850382f600e9d8680516c6579669f0b3d0a30323510f9de1c92512790b8347751994d022156cae64da0808a649d163a0e99e869fdf224b7c1a6a8fbc613d5917eca8ee08c"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6cc13cbd62428bb8658dd3954fe9181f":"86740da7ce4efbed70af55e1d6c10fdf":"be561ac15e3cfda624b422af97c26719c140bb50e4a993d636efe9c7f1963fb9047a0762169b571a698ff310bc417e34d4039b7562a95af710ccc1b197964a376c986fd2ed8ac4b0c7b4e843c37a41366f2f483c821a1823f317416c7e4f32eed9b9dc2ae1a2f3ed32c4b3187358a2329aa42191b7c2fe87b6e27ff20303cb29":"2c9ec982d1cfb644ddbc53c0759b10493206d5186affc6882fbb2ba3aa430f9bae1209db2d78dcc125f3c909a54dd84fdff96c71e678216a58390ef4308bdd90f94f7109c4edefa76a74fda64b201b7a435bbabc27298f3eaa4c2d1393bd584f811fff52638f6ad2f6d86a8c3c9c030d9d4264c8c079592a36178d25991cff09":"76b990a1e010e5f088f6ae90bec40b32":"":"0b9a5f5d2e6852b75b9cf26c1b310b2200e56dafcf3c941478862cdf9737ac8e2cb9b38d41bd4a1872ea1b4cfd51a1a0b9b743aca439eefa10de8459a0a7a221c5429b3dee393f17031ca6c399df8e05657c3db55be9c9dd29e690042a4ed8db732efce7c58d6b20a2a0f7c79e42e5ada43b87ab00f481c20cac1b35514dcdc9"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"286d3f5080cfe88538571188fbeb2dd5":"da6140bd4dc6456ddab19069e86efb35":"5d350a04562a605e9082ebd8faec6c27e561425849e7f0f05f5049859c2c1bd2c4682ebf9773fab6177d2601fd5a086cefc3adef5a2f8f6b5dc9e649e98dd0a3d1a2524419f01305bd0fcfff52d84a20d1b14dea2138dcc54eea2bf263c6fe27c3e7255f1f359d0d00fb1b350d7a04965af30027632520197e85eb41de6bb286":"55135928997711360622eda1820c815aa22115204b1e9bb567e231ac6ea2594b4d652627b6816bdc6c40a4411fd6b12fab9a1f169d81c476dbf77151bff13f98ca0d1dc0a68ea681652be089fadbc66c604284eebfc8ce4cf10f4ca6bda0e0f6634023db6e3f0f1de626c3249a28a642ecc9ec5ff401e941fa8a3c691566c0ae":"d90d34094d740214dd3de685010ce3":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"726ae113a096769b657f973ea6d2d5dd":"2f9900226c97585d200dd20a279c154a":"761663c3fcbf1db12bc25546b2425b8229b3153e75f79fa63958819caee3febff74603d99264b5a82ef5980439bef89301ae3206a1d01a3bbd7a6c99d27d1e934cc725daeb483f826c2c9d788fd1f67a627864cf8b5f94df777bb59ef90cb6781a2000e6f0baa4f1ea4754b47bb7cbd2699f83634e4d8ab16b325b2c49f13499":"90636012ba8c51d16f8f6df3d3bcabc3f09aeffbe2a762f62e677913188045b861b2e7d9a7bd93dcee46e9e4832e497a6f79db52b4e45c8dab20fa568ff9c4ace55be3216f514a3284768a25d86b1c7da5377622f3e90ed4c7bd4571715af4d0a2ab5181d0475f699202e4406bb9cfdbd4fa7f22d0dd744d36b3223134658496":"d095bfb8990d4fd64752ee24f3de1e":"":"9f7759c6d24fd9aa0df02a7c0cc5f17e61622c63195f85dfafa5d820d3ad218c7288ec017821100f1fade10f9bb447a4a01e3698b045548c7619a08f2304e2818a9bf55e70b40f8b994b7dcf0cb243848cf3f6fdfec3ebbb147d01df84a3ec62cd8fa5d78ad9f2f28cd288a35eb49a5172339e9872e8e7e3350b0d69f59acd07"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"73a9eeda721c6f292e6b399e2647f8a6":"c1e80eb723960049cc4448b66433f1cf":"fb2a0b1f817404e74aee0a6ec8f2cd86f0c9114ed367b2690c44ad80f9d3377d7fd5066beaf1daa739d27ed3fba98379188016b1fe901204a174f9ffca370c181aece5e5d40939a0d460913b40b895e78a3b80ddf3d613c05e4e27bfd161ea2ef42271a2679f2cdca5b728ffb2319781c946a4f3ecacf486b754b30bb04ea60b":"215fc7e52abe4c751ca2f7f9a5cbde9ab8b44b8d4054bb62dcea6df5b936145ca6ec83a2b78b070638fd6e5ea3bad5d0caf1b8f755f391c3e0962a92337e3eba575585eb83680075fc818860388c587746af78d5fc75ccd0a63f1612abb1ba0f04a2228ca27fbddba4878f9b2683683f516b6d6fe4f6622e603bd3c5ad45e332":"e08161262234d0d5be22f09e5646bf":"":"b5e286183f16dd9403bec6786bd4836cc6add47947ef111fb1d5503c18c333c8fe60959502f58390d0e0f69fbe5fee13c72aed65fe6e32f6ea45877fe44f8a556aa5157b112e572197c1c350b7943c6cf2e9146018599524d27599f09c86027f2c5927e4a20c63833870e8369baa36ecc07cdb3ced520b5ae46869ff357ca089"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90dbda7397d8fc46215a1218a6ffd0d8":"7be477d14df5dc15877ae537b62e1a56":"7358ddf1310a58871a2f76705f1cf64223c015c4d1574104d2e38783bb866205042f05c86e76c47a2516ce284911f1d2cbee079982dd77167e328b8324eec47c9244cc5668cf908c679bb586d4dd32c6c99ed99a6b571cf18b00689463e7a88cea6ea32d288301a10a9139ed6092ffe298e25b8cfb6b4be8217f16076dcd0a90":"4f82a1eca6c9184240f50f7e0cfec07ec772cad5276d93043c462d8364addd9a652eed385ccc6b0faa6ca679ab3a4c3d0be6a759425fd38316ee6a1b1b0c52c1bb3b57a9bd7c8a3be95c82f37800c2e3b42dde031851937398811f8f8dc2a15bfd2d6be99a572d56f536e62bc5b041d3944da666081cd755ec347f464214bf33":"776d871944159c51b2f5ec1980a6":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0c85174d428fc1c7c89ca5d1b8aaba25":"b3c9dfa4c55388a128fbf62aa5927361":"3f552d45b61cf05ae2aa92668e89f3338a15ec7c5b7113b6571cfcd9e4c4a962043ccd9323f828dd645e8a91b007ce2112b7f978ad22ee9821698a4f2559d987ae4421452ad2e8d180953297156426d4540aff2104d8637b56b034a3a1823cf962bffbc465fe6148097975a8821ca7487e6e6c7ff4ee4de899fe67345676bb1c":"3735cbfb8000260021d1938d2a18e7737f378ecddb11a46ce387bf04e20bbfcc902457637fd152ab87017185601f32a7f906057123b6c2da31a1069c93e3cacc59a359aebd3e31b302e1a1f7d5d8f1b2917a8fe79181fa633b925ce03a1198dac48f4c959076b55bc6b3d50188af2c6aa33d83698aa8db22649f39825ba54775":"1e7dec83830183d56f443a16471d":"":"3d98cabca4afb7c1f6b8eeed521f4666ae252ac12d17ebf4a710b9a22d839b69458387ba4bbec2f6400e0cff80fbe4682c24efcd3b8c594d9b515ca7842c9d5988c42b59b6526c29a99256451e2927f5b956ef262f97c733dfa8bff73644473b9a8562bdfca748f4733ddce94a60024dfbfcde62fb3cbd7c3d955012d5338b91"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d89f06eb07744d43d44734faf9751d07":"185f8d033713ee629e93561cf8d5acb8":"743bcb671d0aa1c547b5448d64d7c6b290777625ba28f25ca0fbf1fc66495a2fde0648a8db51039b0e7340d993aef8afb48269e660cb599837d1e46f72727762d887ee84c073d6136d1b0bc7d4c78f5673a4a6b73375937e8d54a47304845f38ca6b4f51cf14136a0826016535dc5ed003e38c3ac362b9d58ba8b555a05a1412":"36cc3b2f563305208a03378f7dc036119f7de3fee77cefac06515853d36609a622382ed026c59783fbc0d9910767874c516e10c7bf3e3d104f73b3463c8d93a63418c76cb0d05e62e9c8642cb4f32caced2620912cb6c79e5110a27d5fba1ef3b4d0578077858526c5e4254365f2b2ab47a45df4af08980b3b7a9b66dff5b38c":"fcad48076eb03ebe85c6d64f6357":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6150f14dc53f391e815acfabed9f9e20":"7e92dd558bd2662c3a539dfe21a352cf":"9b4624e9118e6aa5dc65b69856638f77fd3f9f562046f50ba92a64e988258637932af7979f000505b84a71ff5dd7b60bad62586b1a8837a61c15a1a1ba7f06668272c28169915d7f06297b6c2a96c8c44203a422bfd25500c82e11274ffe07706365bfd3da34af4c4dd8ad7b620de7284a5af729bea9c4ed2631bdcba2ebdb7d":"fd8f337017e1b60d6618e6e4ad37c1f230cdeb78891579c2c63d4e6a4f7d2cb7252e99de333c73db45958808c08e91359c885a7385ab6f9ed98a27927a5b83c3a456ce2e01869712675e527155ba1e339ac14a3ccd7a4b87360902f2b8381308fe5a4eac5c90d0b84da4bf5b907de6ff3139cffd23b49a78750006100183032a":"922a7b48ad5bf61e6d70751cfe":"":"f272a3ee9b981f97785cc6fad350e516d72d402dae0d8a531c064ec64598b2a5760f9b279c10aa1ff71bec07300ab0373187138e7a103fc4130105afa6b6346f3d368b40d6f542375de97878ad4d976d64c5c4968a17be2b1757a17c03100231c34721250cd37cc596678764083ade89ae3b1a2151ff9151edcd7ba0eb8a4649"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3e8216072ed6fcde0fe0f636b27ed718":"23a122cf363c3117b8c663388c760ee4":"28ce0b4a44fa83323e060f3ff6436b8829d4f842090296bdc952b6d4a6b1b1a66be06168c63c4643e6ac186f7ffd8d144f603b2d4bc0d65be48121676f9fa1f359029c512bebfd75075ff357bc55f20fc76d9f2477c9930f16408f9f09c5ae86efa2529d2f1449ceeb635b83ca13662860ef9ac04a3d8ab4605eccd2d9ae5a71":"3b50f2a8dca9f70178503d861d9e37f5edfafc80ee023bfed390a477372986e4794175ec22ac038c3461aba50c9b2379cab48512946efdfe2cb9c12a858b373a5309324f410e6a05e88ba892759dbee6e486dc9665f66cb5950ea7e71317fa94abbebd67a3948746a998173fbbb4f14f9effbdf66d3b6e346053496a4b1934ce":"531a65cc5dfeca671cc64078d1":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1af434b73a1210b08595ffa686079832":"ae318f3cb881d1680f6afbf6713a9a2f":"3763c9241be0d9d9a9e46e64b12e107d16cca267ff87844c2325af910cc9a485c7015d95bbe62398864d079fb2b577ba0cfad923c24fa30691ad7d767d651eed4a33d0be8f06fed43f58b2e0bb04959f10b9e8e73bd80d3a6a8c8ce637bfbdb9d02c2b0a3dd8317c4997822031a35d34b3b61819b425c10c64e839b29874ddfb":"13f6c1c2d4edcf1438a7b4e85bcd1c84a989831a64d205e7854fce8817ddfceab67d10506ccf6ed9ce50080ef809e28e46cba7b0c96be6a811f59cd09cb3b7b3fe5073ee6763f40aee61e3e65356093f97deef5a8721d995e71db27a51f60a50e34ac3348852c445188cfc64337455f317f87535d465c6f96006f4079396eba3":"2ae7350dd3d1909a73f8d64255":"":"3cd2a770300ce4c85740666640936a0fe48888788702fc37e7a8296adb40b862ec799f257a16821adaa7315bd31e8dec60e4a8faeb8ba2ee606340f0219a6440e9c1d3168425e58fac02e8a88865f30649913d988353ab81f42a5ad43f960055f0877acda20f493208c2c40754fbf4ccee040975aa358ea3fe62cbd028c1611a"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"04036d2f5273c6ff5b8364aa595359c9":"edc433c381140dff929d9df9f62f4cb6":"404acfeeea342aeea8c8b7449af9e20ddf5b85dc7770d2144a4dd05959613d04d0cfece5a21cbb1a9175ddc9443ffacd2085332eb4c337a12a7bb294c95960e7c0bde4b8ab30a91e50267bbd0b8d2a4ed381409ea2e4c84f9a2070a793ce3c90ea8a4b140651b452674f85d5b76d0055df115608bf3a3c60996108023ebabe65":"acf79b6099490af938fb5fd8913255b3daa22786b03356cdf3e0ffaf570f9f866047b8e15c9953f893d97e7098265297396868ebc383be8547e8ec9d974b6a65b5dc5147cdadef2e2ad96696e84e44f364c2ba18c8aabe21f99489957b2b5484bf3fb4fecaf5ddaa1d373e910059c978918a3d01b955de2adb475914bf2c2067":"71f818f1a2b789fabbda8ec1":"":"4729cb642304de928b9dca32bb3d7b7836dd3973bbccf3f013c8ff4b59eca56f5d34d1b8f030a7b581b2f8fdc1e22b76a4cbc10095559876736d318d6c96c5c64cbd9fbd1d8eb4df38a2d56640d67d490d03acc1cd32d3f377eb1907bbd600f21d740b578080ba9c6ddc7dc6c50cdcee41fec51499cb944713c0961fc64f5a70"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"59fe44c6e28d025b2ad05e6e867051ab":"eb0c30320029433f66d29b3fd5c6563b":"49b7418b87374b462d25309b1c06e3132a3c8f4a4fcf29fed58e0902509426be712639db21c076df7b83dcfcc2c2c8fcc88576f4622a4366eb42f84ebf760e3eb22b14f8b5ff83f06a6f04a924eaab05b912e126e80da22461abf7f1925fd72ebdf2aea335a044726e7c2ebbb2b8aeebab4f7de5e186b50f275b700794d895d8":"20e66bae1215de9a87a0b878d39015d17e0d4542a1aaba2000cefbd5f892c26a410f55f0d7dc2f6b66690f2997032985e5516e068bfc6ec8a3669f566e280b0cefded519023b735ee3bcbfc5b6ce8203b727933a750f9bd515ec448c1f3a030aa0f40e607727a3239ebbe655d46b38a3d867e481ccf0fadbf0d59b665d2ed6b5":"296c4cdaeb94beb2847dc53d":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c314264cee0e6db30ebe9b2f6d4991b2":"4cd4431bb6dea8eb18ae74e4c35a6698":"0eeafbfd04f9a0ea18e5bdc688c7df27183f346187e9574b61222006f2b3e12e8d9d9bf1f0f15949ee1a7ee8e5c80ee903b8ba2860e15ccb999929f280200b159c2adca481748d0632a7b40601c45055f8cb5126148e6cbab2c76f543537ab54eb276188343cea3c4ab0d7b65b8754e55cfe3f6a5c41b6ea3c08b81fcecc968a":"d436ff9abfb044a332c4e009b591719a67b12a5366da0a66edf19605c34daa37588e15dd3da0d1a097215e469439de79cca74e04cd4904e5b4a6cb4e0ea54e6ba4e624ed6bd48be32d1ef68ffea1639a14e91a5914c2346ea526df95cbd4ad1b8ee842da210b35b6315c3075ecc267d51643c4b39202d0ad793cbb0045ebdc19":"fda18d2f795d900f057fe872":"":"cb9e0fb0ac13ca730b79e34745584b362d0716c344e4de90d8352b21117471ba12c97f193150b33774baee5e4a0f11b10428eaf0106c958e16aa46c5f6f3d99eed93d1b9ba3957bed05a8b9cc8c5511cf813a66dc7d773cb735b0523d8d6b0b80639b031ddc375f714c6dd50055320cd7ed44a471c8d5645c938a9005d0b5050"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"26072018bd0bda524b5beb66a622c63e":"c783d6d3b8392160e3b68038b43cf1f4":"8ae7c809a9dc40a6732a7384e3c64abb359c1b09dcb752e5a6b584873e3890230c6fc572b9ad24d849766f849c73f060fc48f664c1af9e6707e223691b77e170966ed164e0cc25ede3fbc3541c480f75b71e7be88fe730d8b361ea2733c6f37e6a59621de6004e020894b51dfb525973d641efe8d5fd9077a0bbc9dc7933a5de":"91c524b359dae3bc49117eebfa610672af1e7754054607317d4c417e7b1a68453f72d355468f825aeb7fde044b20049aed196ec6646cce1eeeccf06cb394286272b573220cdb846613ebc4683442dccc7a19ec86ef1ec971c115726584ae1f4008f94e47d1290d8b6b7a932cfe07165fd2b94e8f96d15f73bf72939c73f4bd11":"edffe55c60235556":"FAIL":""
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"201751d3da98bd39ff4e5990a56cfea7":"6172468634bf4e5dda96f67d433062d7":"ae2d770f40706e1eaa36e087b0093ec11ed58afbde4695794745e7523be0a1e4e54daade393f68ba770956d1cfb267b083431851d713249ffe4b61227f1784769ce8c9127f54271526d54181513aca69dc013b2dfb4a5277f4798b1ff674bca79b3dec4a7a27fcf2905ae0ce03f727c315662cd906e57aa557d1023cce2acd84":"2965af0bde3565a00e61cebbfe0b51b5b5ee98dbbfff7b1b5bf61da5ba537e6f4cf5fa07d2b20e518232c4961e6bc3ae247b797429da5d7eee2fc675b07066ac2e670261c6e9a91d920c7076101d86d5ef422b58e74bdc1e0b1d58298d3ee0f510ee3a3f63a3bbc24a55be556e465c20525dd100e33815c2a128ac89574884c1":"66c247e5ad4e1d6a":"":"efd064d4b4ef4c37b48ddf2fa6f5facc5e9cc4c3255b23a1e3765fabb5a339fa0eda754a5381b72989fc1323ff9a6bbaecd904eb4835e5a511b922927574673061ed8de23299ea1456054e7ebb62869878c34fb95e48c8385b5ebceecb962654cf1586b3f54e7887ce31850363e9a22be9e6fbc22e694db81aa055490495dbf2"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3bc0dcb5261a641a08e6cb00d23e4deb":"16fa19f69fceed9e97173207158755a5":"92ddd3b98f08fc8538f6106f6434a1efa0a7441cc7f6fd0841103c2e4dd181ea0c9a4811b3cb1bad1986a44d8addabc02dd6980daf7d60405b38dadc836bb1d0620ceab84e0134aca7c30f9f9490436b27acfd7052f9d7f0379b8e7116571017add46b9976f4b41431d47bae6f5f34dc42410793bc26c84bfe84fb53ae138c85":"d533ad89a1a578db330c01b4e04d08238b020e36aebe87cf2b0bf0b01f1ce4197be8b0596e475a95946918152e8b334ba89f60486c31f0bd8773ca4ff1319fe92197088b131e728d64405441c4fb5466641f0b8682e6cb371f8a8936140b16677f6def8b3dd9cbf47a73f553f1dca4320ad76f387e92f910f9434543f0df0626":"f5289e1204ace3b2":"":"be0c30deeffbe51706247928132002b24d29272eee6b9d618483868e67280236632fa1ae06f3ef793f67bd01b1b01f70a827367c1cd28f778910457c7cbd977dfefff1f84a522247e19b2fd01fa22ce67cef9503d45c80a5084741f04108f2462b7cdd06a8f1f044fea2b05e920bcc061fbc6910175d732f45102a63c76ae48c"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"239c15492d6deec979e79236baca4635":"916b8b5417578fa83d2e9e9b8e2e7f6b":"b39eb732bc296c555cc9f00cf4caaf37d012329f344a6b74a873baf0d8dde9631f5e57b45b957d6aec0f7978e573dd78b43d459b77756037cd64d10d49966eb3a2a08d0f4d5e4f5dcb8713f4e4756acdf9925c5fc6120c477f6dffc59b0b47a3d5efd32b8c9052b321bb9b5129e5c6a095d8de563601b34608456f58d7221f2d":"d64886ce5f5b4adb7fe8f95904bc1461749c931655b02819ffdd0ae31bad4175125aa68962f8e36ec834a7d53a191a74c937e81ec93ad9ce0d3b286d3c11ff1733c0b7780130768c120b1833933561cf07399ca49b912370ae34f0e49b9c8cb9920eddc6816ab2ae261c6d7f70058a9b83a494026f249e58c4c613eefafe6974":"fc08cbbe":"":"95c169721ea007c3f292e4ec7562a426d9baa7d374fd82e1e48d1eaca93d891d5ffa9acf5e3bd82e713ac627141e26a8b654920baffab948401cc3c390d6eea9d7b78c4fcb080b0aa9222e4d51bf201ccfd9328995831435e065d92ad37ee41c7c4366cc1efe15c07fc0470608866aeea96997772ecf926934c5d02efe05f250"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"db68a96e216b0dd9945f14b878487e03":"8a1a72e7bb740ec37ea4619c3007f8ae":"1b4f37190a59a4fff41d348798d1829031204fd7ac2a1be7b5ea385567e95e2ace25bf9e324488dd3ab8ce7f29d4c9a4f4b1a8a97f774871ee825e2c17700128d3c55908d3b684a1f550fdb8b38149ff759c21debdd54e49d64d3e8aac803dfd81600464ed484749bb993f89d4224b3d7d55c756b454466ff9fd609019ed5e83":"5634196a32d4cbfa7a2f874a1e0f86287d2942090e0cc6a82bd5caf40136a27ddf524a17713ce4af04ca6cb640a7205cce4ac9cb2d0ab380d533e1e968089ea5740c0fcbfa51f2424008e0b89dc7b3396b224cfaed53b3ac0604879983d3e6e6d36053de4866f52976890f72b8f4b9505e4ebdd04c0497048c3ce19336133ea4":"9251d3e3":"":"0c6bb3ee5de5cbb4b39d85d509bcacb3dda63fa50897936531339882962e8dc54c285c8944768d12096d4a3c2b42ffa92603cee2da9b435ec52908fca6d38ed74f898fe0ffa761f96038ff7dfeccc65bb841c3457b8de1e97d9bee82e2911602ee2dc555b33a227424dea86d610d37c447776295b412b412903ad2cede5170b6"
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"659b9e729d12f68b73fdc2f7260ab114":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"8e5a6a79":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"4f801c772395c4519ec830980c8ca5a4":"":"":"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"335ca01a07081fea4e605eb5f23a778e":"":"":"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"d9172c3344d37ff93d2dcb2170ea5d01":"":"":"017fef05260a496654896d4703db3888":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"f47e915163fa3df7f6c15b9d69f53907":"":"":"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"a35b397b34a14a8e24d05a37be4d1822":"":"":"e045ecba220d22c80826b77a21b013":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"169a449ccb3eb29805b15304d603b132":"":"":"3a807251f3d6242849a69972b14f6d":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"538641f7d1cc5c68715971cee607da73":"":"":"07d68fffe417adc3397706d73b95":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"0d8eb78032d83c676820b2ef5ccc2cc8":"":"":"7da181563b26c7aefeb29e71cc69":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"646a91d83ae72b9b9e9fce64135cbf73":"":"":"169e717e2bae42e3eb61d0a1a29b":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"55e10d5e9b438b02505d30f211b16fea":"":"":"95c0a4ea9e80f91a4acce500f7":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"e25ef162a4295d7d24de75a673172346":"":"":"89ea4d1f34edb716b322ea7f6f":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"08ea464baac54469b0498419d83820e6":"":"":"ab064a8d380fe2cda38e61f9e1":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"766996fb67ace9e6a22d7f802455d4ef":"":"":"9a641be173dc3557ea015372":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"75cdb8b83017f3dc5ac8733016ab47c7":"":"":"81e3a5580234d8e0b2204bc3":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"cfbefe265583ab3a2285e8080141ba48":"":"":"355a43bcebbe7f72b6cd27ea":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":"":"34b8e037084b3f2d":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"118d0283294d4084127cce4b0cd5b5fa":"":"":"507a361d8ac59882":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"b78d518b6c41a9e031a00b10fb178327":"":"":"f401d546c8b739ff":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"14eb280288740d464e3b8f296c642daa":"":"":"39e64d7a":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"f54bf4aac8fb631c8b6ff5e96465fae6":"":"":"1ec1c1a1":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"75532d15e582e6c477b411e727d4171e":"":"":"76a0e017":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":"":"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":"":"04b80f25ae9d07f5fd8220263ac3f2f7":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":"":"d22407fd3ae1921d1b380461d2e60210":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":"":"fcbb932ddb0128df78a71971c52838":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":"":"18fd1feec5e3bbf0985312dd6100d1":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":"":"fd78b9956e4e4522605db410f97e84":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":"":"b11f5c0e8cb6fea1a170c9342437":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":"":"6cdf60e62c91a6a944fa80da1854":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cc9922299b47725952f06272168b728218d2443028d81597":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":"":"dd515e5a8b41ecc441443a749b31":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":"":"f33e8f42b58f45a0456f83a13e":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":"":"380128ad7f35be87a17c9590fa":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":"":"e9e5beea7d39c9250347a2a33d":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":"":"24483a57c20826a709b7d10a":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":"":"23012503febbf26dc2d872dc":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":"":"e8e80bf6e5c4a55e7964f455":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":"":"74264163131d16ac":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":"":"8f4877806daff10e":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":"":"4eff7227b42f9a7d":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":"":"ff355f10":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":"":"cb4d8c1d":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":"":"4a28ec97":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"eb16ed8de81efde2915a901f557fba95":"":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"804056dca9f102c4a13a930c81d77eca":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77"
 
 AES-GCM NIST Validation (AES-192,128,1024,0,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"70835abab9f945c84ef4e97cdcf2a694":"":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"7f770140df5b8678bc9c4b962b8c9034":"":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f"
 
 AES-GCM NIST Validation (AES-192,128,1024,0,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"151fd3ba32f5bde72adce6291bcf63ea":"":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"f0626cc07f2ed1a7570386a4110fc1":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"743699d3759781e82a3d21c7cd7991c8":"":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"1da347f9b6341049e63140395ad445":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"85b241d516b94759c9ef975f557bccea":"":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d"
 
 AES-GCM NIST Validation (AES-192,128,1024,0,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"9769f71c76b5b6c60462a845d2c123ad":"":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868"
 
 AES-GCM NIST Validation (AES-192,128,1024,0,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"4b12c6701534098e23e1b4659f684d6f":"":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"729b31c65d8699c93d741caac8e3":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"fe1e427bcb15ce026413a0da87":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"927ce8a596ed28c85d9cb8e688a829e6":"":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a"
 
 AES-GCM NIST Validation (AES-192,128,1024,0,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"508c55f1726896f5b9f0a7024fe2fad0":"":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10"
 
 AES-GCM NIST Validation (AES-192,128,1024,0,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"b2a7c0d52fc60bacc3d1a94f33087095":"":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc"
 
 AES-GCM NIST Validation (AES-192,128,1024,0,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"1bd17f04d1dc2e447b41665952ad9031":"":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"01b0a815dc6da3e32851e1fb":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"5ea9198b860679759357befdbb106b62":"":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e"
 
 AES-GCM NIST Validation (AES-192,128,1024,0,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7474d9b07739001b25baf6867254994e06e54c578508232f":"3ade6c92fe2dc575c136e3fbbba5c484":"":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"67c25240b8e39b63":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"41b37c04ab8a80f5a8d9d82a3a444772":"":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"4ee54d280829e6ef":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"9af53cf6891a749ab286f5c34238088a":"":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"6f6f344dd43b0d20":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"623df5a0922d1e8c883debb2e0e5e0b1":"":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42"
 
 AES-GCM NIST Validation (AES-192,128,1024,0,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"9265abe966cb83838d7fd9302938f49d":"":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"6f6c38bc":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9b3781165e7ff113ecd1d83d1df2366d":"":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"62f32d4e":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"0943abb85adee47741540900cc833f":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"a5100c5e9a16aedf0e1bd8604335":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"4da85b8ec861dd8be54787bb83f1":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"8781b045a509c4239b9f44624e":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"2ad4520ddc3b907414d934cc1d":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4382507dddccf1385fc831da8924147563416d0656e168ec":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"b124eea927e2a62a875494a1":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e"
 
 AES-GCM NIST Validation (AES-192,128,0,0,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"f1a23ce6e2bc9088a62c887abecd30ae":"":"":"d4d5c22f993c8c610145fcbe4e021687":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"ef221a1c66fda17906190b7c99ab60b8":"":"":"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"7c29b3196d44df78fa514a1967fcd3a6":"":"":"fc123944bbea6c5075a5f987aed9cf99":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"783f9a3c36b6d0c9fd57c15105316535":"":"":"23e21a803cac5237777014686564f2":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"2acc2073089a34d4651eee39a262e8ae":"":"":"7ac742c859a02a543b50464c66dcf5":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"c937615675738f4b3227c799833d1e61":"":"":"88300bd65b12dcb341f1f6d8a15584":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"1f939226feab012dabfc2193637d15b1":"":"":"eed5fcb7607c038b354746d91c5b":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"e2076e1050070d468659885ea77e88d0":"":"":"b4586bdbd4b6b899648f2333eee0":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"2d07bb8616fc0bbb71755a1bd256e7fb":"":"":"6b60d645220cfde42d88296ac193":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"6c31194df99d08881fa5b1dd33b45a92":"":"":"69431593c376c9f8052bf10747":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"73599275f8237f14c4a52b283c07275d":"":"":"6f7249d25c9f273434c4720275":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"d0871bfc3693245be478e6a257c79efb":"":"":"5a99d59631d0e12f58b7b95ccd":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"c72bb300b624c27cded863eba56e7587":"":"":"ea2528e7439be2ed0a0d6b2a":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"28899601fa95f532b030f11bbeb87011":"":"":"35625638589bb7f6ccdb0222":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"375d4134e8649367f4db9bdb07aa8594":"":"":"70610bf329683e15ecf8c79f":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"9f502fb5ac90ff5f5616dd1fa837387d":"":"":"a4b5138122e1209d":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"2ee96384dd29f8a4c4a6102549a026ab":"":"":"3b33a10189338c3b":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"8d97f354564d8185b57f7727626850a0":"":"":"813d2f98a760130c":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"daf13501a47ee73c0197d8b774eec399":"":"":"a6d108c0":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":"":"a47cdadd":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,0,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"817199254a912880405c9729d75ed391":"":"":"d81d9b41":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":"":"dd153cfd7aa946280660c445f586fa28":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":"":"c59231ddaae98e0e8db6b3fe8f4d3427":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":"":"2c84bf7a8947ab93b10ae408243b4993":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":"":"e8aac14b53cdbc2028d330fc8d92a7":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":"":"dc034564d4be7de243ff059b5f9160":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":"":"942b52277e9dc0a30d737d00f5e597":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":"":"87737873b82586bb29b406946cae":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":"":"06f95ca69c222a8985887925b15e":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":"":"c68842cafc50070799f7c8acd62a":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":"":"ec9a79a88a164e1a6253d8312e":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":"":"9779b7c3ece6c23d5813e243ec":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":"":"ca82448429106009094c21d70b":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":"":"9d1603799e2485a03e7b05a0":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":"":"05ee6ce13711535864674a5b":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":"":"0c9c17388d0610f99d0a093f":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":"":"1c3bd1e0d4918e36":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":"":"dab612351f75e2cb":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":"":"f1d743b7e1b73af5":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":"":"4dc74971":"":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":"":"fb845ab7":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,0,1024,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":"":"c840d994":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"cff291d2364fc06a3a89e867b0e67e56":"":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"81f1eb568d0af29680518df7378ba3e8":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"1c8f41424acaf009996ceaa815b24ad4":"":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca"
 
 AES-GCM NIST Validation (AES-192,128,1024,0,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"a950ab0dd84115e3829ab0ad3bbb1193":"":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6"
 
 AES-GCM NIST Validation (AES-192,128,1024,0,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"3a2acf69bba19f5d1d1947af2cfda781":"":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0"
 
 AES-GCM NIST Validation (AES-192,128,1024,0,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"3cd95429c6de1d327b9eb3c45424a87c":"":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93"
 
 AES-GCM NIST Validation (AES-192,128,1024,0,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"bd505fcba464e6e2c58fdf29f5695fb9":"":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"8510fff71bb879f56ea2fe43f6ff50":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"776248381941e16908f52d19207881f5":"":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"603977845d82faccb401817ecce6e2fe":"":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"c955a3bc316841be07e406d289c8":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"4cd56de54e5140a587be7dfd02d3a39e":"":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"1a29527a41330259f918d99d7509":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"afe986ead799727063958e2ce13ca846f76c51605439f839":"f85a95ed10b69623162ab68d1098de94":"":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c"
 
 AES-GCM NIST Validation (AES-192,128,1024,0,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"537a4ee307af3072e745570aaaadce34":"":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"df01cffbd3978850e07328e6b8":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"5124b410c43d875eca6ce298c45994a7":"":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795"
 
 AES-GCM NIST Validation (AES-192,128,1024,0,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"ff10234524433b871202c2cca6acb194":"":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b"
 
 AES-GCM NIST Validation (AES-192,128,1024,0,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"49da91e926091a448d57d521cc90f3c0":"":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"99198f55f9fa763651bba58e":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"b5efb9feae3de41b5ce9aa75583b8d21":"":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"9604d031fa43dcd0853e641c":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"aef257dd44d14d0bc75f9311ef24e85a":"":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403"
 
 AES-GCM NIST Validation (AES-192,128,1024,0,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"c15c9c0b0b70c7321df044bfde2b15fb":"":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c5c9851a6bf686d0":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"0bd64d222532dae8ab63dc299355bf2a":"":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"3477cad1fd4098b2":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,0,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"37e3a300542d9caf3975c6429cb8a2e8":"":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128"
 
 AES-GCM NIST Validation (AES-192,128,1024,0,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"6cba4efc8d4840aa044a92d03d6b4d69":"":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e"
 
 AES-GCM NIST Validation (AES-192,128,1024,0,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"4f4636d1b283bfa72c82809eb4f12519":"":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"16c80a62":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"87b5372571fb244648053c99405999130f87a7c178052297":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"010195091d4e1684029e58439039d91e":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"28a43253d8b37795433140641e9ffd":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"d4356cb417953b01f7b1110c8aa3eb":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"3269922affb9d767f5abe041cc8e":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"22c2efeddfd5d9cb528861c4eb":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"673afea592b2ce16bd058469f1":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"079e8db9c3e6eddb0335b1cf64":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"974bd0c4a8cac1563a0e0ce0":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"84f1efd34ff84e83":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"15d456da7645abf2":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112"
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"613ba486":"FAIL":""
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45"
 
 AES-GCM NIST Validation (AES-256,128,0,0,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"3a0324d63a70400490c92e7604a3ba97":"":"":"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"7156358b203a44ef173706fdc81900f8":"":"":"9687fb231c4742a74d6bf78c62b8ac53":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"4fe6ace582c4e26ce71ee7f756fb7a88":"":"":"d5bdf8ec2896acafb7022708d74646c7":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"404efd26b665c97ea75437892cf676b6":"":"":"e491075851eec28c723159cc1b2c76":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"4037eadb11249884b6b38b5525ba2df4":"":"":"360c6ef41cbd9cd4a4e649712d2930":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"cebbce06a88852d3bb2978dbe2b5995a":"":"":"bd7ca9f6bd1099cde87c0f0d7cc887":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"008d040fbd7342464209f330cf56722c":"":"":"c87107585751e666bedae2b1b7e8":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"947c5f0432723f2d7b560eca90842df1":"":"":"7d331fedcea0fd1e9e6a84385467":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"51f639467083377795111d44f7d16592":"":"":"02d31f29e15f60ae3bee1ad7ea65":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"aea6f8690f865bca9f77a5ff843d2365":"":"":"7f2280776d6cd6802b3c85083c":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":"":"ea01723a22838ed65ceb80b1cf":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"ae07f8c7ac82c4f4c086e04a20db12bc":"":"":"1132e4fff06db51ff135ed9ced":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"929b006eb30d69b49a7f52392d7d3f11":"":"":"33940d330f7c019a57b74f2d":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"e34b19381f05693f7606ce043626664d":"":"":"2adc2c45947bfa7faa5c464a":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"a56f27709e670b85e5917d5c1d5b0cc2":"":"":"177b9a5e6d9731419dd33c5c":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":"":"fe82300adffd8c17":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"1bd9ea6186450f9cd253ccfed2812b1c":"":"":"35214bbc510430e3":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"728cb9608b67a489a382aa677b1f4f5b":"":"":"e2ef5d9cc5791c01":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":"":"0fe57572":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"7b722fdd43cff20832812f9baf2d6791":"":"":"72dea6cc":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"729baa4c0ef75ed8aae746376b39fe3c":"":"":"2a0d607c":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":"":"c595b9d99414891228c9fa5edb5fcce3":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":"":"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":"":"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":"":"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":"":"a8e29e08623a3efdbbe8b111de30a4":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":"":"e3645db0c600dba52044efcecfc331":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":"":"c25fc157c3f2474885e2eea48aea":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":"":"4ed91af6340e70b0c2b94ab6f82e":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":"":"3bcb5c2a4261d75bfa106fb25ee1":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":"":"0e463806ff34e206f703dd96b3":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":"":"3f0ccc134091e0c0425887b1b9":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":"":"888b836c9111073924a9b43069":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":"":"b6044c4d7f59491f68b2c61e":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":"":"5c5683e587baf2bd32de3df5":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":"":"52e10495105799ead991547b":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":"":"6ff8fd87e5a31eb6":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":"":"49aaa806cb2eeadd":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":"":"a5b71ecf845b25d0":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":"":"e9cdbc52":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":"":"e35dbac8":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":"":"e7a37f15":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,0,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"2fc1afc1395d8409919248709f468496":"":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"c571ce0e911de5d883dc4a0787483235":"":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"275393276745bc43bae4af1e5d43a31e":"":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"47f5264f7a5b65b671892a05fa556f63":"":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,0,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"4e022d8d86efbd347e8cbab7e979771f":"":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"7c0f49fb54f5e68c84e81add009284e6":"":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"5cea906737518c2cb901016e30206276":"":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"3a3a771dd5f31c977e154ef5c73a":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,0,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"387ee8c1e7f047e94d06d0322eec02fc":"":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"d2b277f78e98f1fa16f977ce72ee22a7":"":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"4c81c044101f458fdfac9ca3b9":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,0,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"94886a1845aebba5ed6b86f580be47f9":"":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"4be34ff42085ef4443c8b6042d":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,0,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"e5ca84b907ac761a5e68a9080da0a88a":"":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"fa549b33b5a43d85f012929a4816297a":"":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"afa61e843cee615c97de42a7":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,0,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"2f8512bb7e214db774a217a4615139e1":"":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"f1da1cebe00d80eb4e025feb":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,0,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"3da9af3567d70553ca3a9636f0b26470":"":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"b957f05921d21f2192f587768dc12b4f":"":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"322374fbb192abbc":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,0,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"31bd7c971a6d330b566567ab19590545":"":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"efc5a1acf433aaa3":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,0,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"2f9c0647a4af7f61ced45f28d45c43f1":"":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"69d81c73008a6827a692fa636fbab8bb":"":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"be2dda5c":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,0,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"e119e166471ecf44bc3a070639619931":"":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"b2f54b3a":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,0,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"cf296aa43cb7b328e09c8975e067404e":"":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"56015c1e":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"ba61edeb7b8966188854fc7926aad2":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"993fc8e7176557ee9eb8dd944691":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"92282b022e393924ab9c65b258c2":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"6154c6799ad7cdc2d89801943a":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"1d6cd4ab3914e109f22668867f":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"d8bd7d8773893519":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"74110471ccd75912":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"30298885":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"1997daa9":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"7f8368254955e1b6d55b5c64458f3e66":"":"":"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"274367f31ec16601fe87a8e35b7a22dd":"":"":"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"796efaff4f172bef78453d36a237cd36":"":"":"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"45e6b23f8b3feefd4b0ea06880b2c324":"":"":"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"548c9c8fcc16416a9d2b35c29f0dacb3":"":"":"3aa21f221266e7773eeba4440d1d01":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"a5129e2530f47bcad42fc5774ee09fe7":"":"":"6bb09ed183527c5d5ed46f568af35f":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":"":"55952a01eee29d8a1734bbdf3f8f":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"6404b111c6289eefa0d88ed6117bb730":"":"":"637f82e592831531a8e877adfc2c":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"3b87b08337a82272b192bd067e3245ec":"":"":"1f2dda372f20ffddd9dd4810e05f":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"58e70095c6f3a0cda2cdc7775e2f383d":"":"":"1763573f7dab8b46bc177e6147":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"d565c9cdfb5d0a25c4083b51729626bd":"":"":"78738d3e9f5e00b49635ac9a2d":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":"":"ea7b52490943380ccc902ca5ae":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"c993c1802df0f075ce92963eb9bff9bd":"":"":"edfab013213591beb53e6419":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"8f7e1621c2227839da4ea60548290ffa":"":"":"f9da62f59c080160ec30b43d":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"05d363b2452beff4b47afb052ac3c973":"":"":"6b4a16d1ea1c21b22bdcb235":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"774f4e70a7577b5101c0c3d019655d3e":"":"":"98ff89a8e28c03fd":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"99f25cebd6cfa7f41390b42df6a65f48":"":"":"8e14a0a4853a156a":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"c1beff1ff6cdd62339aa21149c4da1e6":"":"":"f998d7c08d609b3a":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"88126c350dfc079c569210ee44a0e31a":"":"":"f2ebe5e4":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"af29fdb96f726c76f76c473c873b9e08":"":"":"13fd6dfd":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,0,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"1552604763453b48a57cea1aed8113f4":"":"":"660c5175":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":"":"6b4b1a84f49befe3897d59ce85598a9f":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":"":"8faa0ffb91311a1a2827b86fec01788d":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":"":"2211ca91a809adb8cf55f001745c0563":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":"":"2e080ba16011e22a779da1922345c2":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":"":"83de3f521fcfdaff902386f359e683":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":"":"cd4542b26094a1c8e058648874f06f":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":"":"96ca402b16b0f2cd0cdff77935d3":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":"":"8233588fca3ad1698d07b25fa3c4":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":"":"477b0a884d788d1905646bd66084":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":"":"0cb67cec1820339fa0552702dd":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":"":"08d7cc52d1637db2a43c399310":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":"":"fbb477dd4b9898a9abc5a45c63":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":"":"99230019630647aedebbb24b":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":"":"9553b583d4f9a1a8946fe053":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":"":"44b95a37fab232c2efb11231":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":"":"072d4118e70cd5ab":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":"":"1bcea0ac2c1a0c73":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":"":"faa5c13d899f17ea":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":"":"a3958500":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":"":"50fd1798":"":""
 
 AES-GCM NIST Validation (AES-256,128,0,1024,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":"":"07764143":"":""
 
 AES-GCM NIST Validation (AES-256,128,1024,0,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"5714732145470da1c42452e10cd274b5":"":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"a714e51e43aecfe2fda8f824ea1dc4b7":"":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"91d55cfdcdcd7d735d48100ff82227c3":"":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,0,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"19788b2e0bd757947596676436e22df1":"":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"f26a20bea561004267a0bfbf01674e":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,0,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"c6b26117d9dbd80c1c242ad41abe2acc":"":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0db3ade15cb0dea98a47d1377e034d63":"":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"83f98eec51ee4cae4cb7fe28b64d1355":"":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"df47eef69ba2faab887aa8f48e4b":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,0,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"2bc0847d46f3d1064bbf8fe8567f54a2":"":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"b9194a4d42b139f04c29178467955f1d":"":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"05949d591793ca52e679bfdf64f3":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,0,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"6a5335901284dd3b64dc4a7f810bab96":"":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"fcb962c39e4850efc8ffd43d9cd960a6":"":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"1d8cdadcf1872fb2b697e82ef6":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,0,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"b4d9248bb500e40de99ca2a13e743f1c":"":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"160c50c0621c03fd1572df6ba49f0d1e":"":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"04885a5846f5f75a760193de7f07853c":"":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"0c13506ed9f082dd08434342":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,0,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"0a93b883cbd42998ae2e39aab342cb28":"":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"e20957a49a27e247d00379850f934d6c":"":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"d533c2170c5dc203512c81c34eff4077":"":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"2e2b31214d61276a54daf2ccb98baa36":"":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"5266e9c67c252164":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,0,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"a8339ba505a14786ad05edfe8cebb8d0":"":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"4f23f04904de76d6decd4bd380ff56b1":"":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf"
 
 AES-GCM NIST Validation (AES-256,128,1024,0,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"531248afdaaf1b86cf34d2394900afd9":"":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"0bae9403888efb4d8ec97df604cd5d":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"7b334d7af54b916821f6136e977a1f":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"e3ede170386e76321a575c095966":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"5c43fc4dc959fabeebb188dbf3a5":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"2eb6eb6d516ed4cf1778b4e378":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"bea660e963b08fc657741bc8":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"7859f047f32b51833333accf":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"2111d55d96a4d84d":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359"
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"b1ece9fb":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"cb3f5338":"FAIL":""
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":""

From 1d7195f71506d9b54e5abab768c005ff7d5bd0fa Mon Sep 17 00:00:00 2001
From: Netanel Gonen <netanel.gonen@arm.com>
Date: Thu, 22 Nov 2018 16:24:48 +0200
Subject: [PATCH 695/889] always compile mbedtls_psa_inject_entropy

In case of dual core this function header must be enable for calling the
SPM entropy inject function without any use of NV_SEED
---
 include/psa/crypto_extra.h | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index b6f5adc89..b0ca76e73 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -48,7 +48,6 @@ extern "C" {
 void mbedtls_psa_crypto_free( void );
 
 
-#if ( defined(MBEDTLS_ENTROPY_NV_SEED) && defined(MBEDTLS_PSA_HAS_ITS_IO) )
 /**
  * \brief Inject an initial entropy seed for the random generator into
  *        secure storage.
@@ -89,6 +88,13 @@ void mbedtls_psa_crypto_free( void );
  *
  * This is an Mbed TLS extension.
  *
+ * \note This function is only available on the following platforms:
+ * * If the compile-time options MBEDTLS_ENTROPY_NV_SEED and 
+ *   MBEDTLS_PSA_HAS_ITS_IO are both enabled. Note that you 
+ *   must provide compatible implementations of mbedtls_nv_seed_read 
+ *   and mbedtls_nv_seed_write.
+ * * In a client-server integration of PSA Cryptography, on the client side, 
+ *   if the server supports this feature.
  * \param seed[in]      Buffer containing the seed value to inject.
  * \param seed_size     Size of the \p seed buffer.
  *                      The size of the seed in bytes must be greater
@@ -114,7 +120,6 @@ void mbedtls_psa_crypto_free( void );
 psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed,
                                         size_t seed_size);
 
-#endif
 
 #ifdef __cplusplus
 }

From 0cfaed18582d15103a6b267d65a66f826b0cd15d Mon Sep 17 00:00:00 2001
From: Gilles Peskine <gilles.peskine@arm.com>
Date: Thu, 22 Nov 2018 17:11:45 +0200
Subject: [PATCH 696/889] fix doxigen issue

Co-Authored-By: netanelgonen <netanel.gonen@arm.com>
---
 include/psa/crypto_extra.h | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index b0ca76e73..9e8f97c9d 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -89,14 +89,14 @@ void mbedtls_psa_crypto_free( void );
  * This is an Mbed TLS extension.
  *
  * \note This function is only available on the following platforms:
- * * If the compile-time options MBEDTLS_ENTROPY_NV_SEED and 
- *   MBEDTLS_PSA_HAS_ITS_IO are both enabled. Note that you 
- *   must provide compatible implementations of mbedtls_nv_seed_read 
+ * * If the compile-time options MBEDTLS_ENTROPY_NV_SEED and
+ *   MBEDTLS_PSA_HAS_ITS_IO are both enabled. Note that you
+ *   must provide compatible implementations of mbedtls_nv_seed_read
  *   and mbedtls_nv_seed_write.
- * * In a client-server integration of PSA Cryptography, on the client side, 
+ * * In a client-server integration of PSA Cryptography, on the client side,
  *   if the server supports this feature.
- * \param seed[in]      Buffer containing the seed value to inject.
- * \param seed_size     Size of the \p seed buffer.
+ * \param[in] seed      Buffer containing the seed value to inject.
+ * \param[in] seed_size     Size of the \p seed buffer.
  *                      The size of the seed in bytes must be greater
  *                      or equal to both #MBEDTLS_ENTROPY_MIN_PLATFORM
  *                      and #MBEDTLS_ENTROPY_BLOCK_SIZE.

From 26fd730876bf83169d7d02de08101c7c5fba5c5e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Mon, 22 Oct 2018 12:14:52 +0200
Subject: [PATCH 697/889] Add config option for X.509/TLS to use PSA

---
 include/mbedtls/check_config.h |  4 ++++
 include/mbedtls/config.h       | 14 ++++++++++++++
 library/version_features.c     |  3 +++
 scripts/config.pl              |  3 +++
 4 files changed, 24 insertions(+)

diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 21bede707..508c00a8a 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -670,6 +670,10 @@
 #endif
 #undef MBEDTLS_THREADING_IMPL
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_PSA_CRYPTO_C)
+#error "MBEDTLS_USE_PSA_CRYPTO defined, but not all prerequisites"
+#endif
+
 #if defined(MBEDTLS_VERSION_FEATURES) && !defined(MBEDTLS_VERSION_C)
 #error "MBEDTLS_VERSION_FEATURES defined, but not all prerequisites"
 #endif
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index c1619fbad..2341ef50f 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1616,6 +1616,20 @@
  */
 //#define MBEDTLS_THREADING_PTHREAD
 
+/**
+ * \def MBEDTLS_USE_PSA_CRYPTO
+ *
+ * Make the X.509 and TLS library use PSA for cryptographic operations, see
+ * #MBEDTLS_PSA_CRYPTO_C.
+ *
+ * Note: this option is still in progress, the full X.509 and TLS modules are
+ * not covered yet, but parts that are not ported to PSA yet will still work
+ * as usual, so enabling this option should not break backwards compatibility.
+ *
+ * Requires: MBEDTLS_PSA_CRYPTO_C.
+ */
+//#define MBEDTLS_USE_PSA_CRYPTO
+
 /**
  * \def MBEDTLS_VERSION_FEATURES
  *
diff --git a/library/version_features.c b/library/version_features.c
index 590f949f4..2bfcfc015 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -522,6 +522,9 @@ static const char *features[] = {
 #if defined(MBEDTLS_THREADING_PTHREAD)
     "MBEDTLS_THREADING_PTHREAD",
 #endif /* MBEDTLS_THREADING_PTHREAD */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    "MBEDTLS_USE_PSA_CRYPTO",
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
 #if defined(MBEDTLS_VERSION_FEATURES)
     "MBEDTLS_VERSION_FEATURES",
 #endif /* MBEDTLS_VERSION_FEATURES */
diff --git a/scripts/config.pl b/scripts/config.pl
index 6d02ec05c..55f4b6e1c 100755
--- a/scripts/config.pl
+++ b/scripts/config.pl
@@ -36,6 +36,8 @@
 #       - this could be enabled if the respective tests were adapted
 #   MBEDTLS_ZLIB_SUPPORT
 #   MBEDTLS_PKCS11_C
+#   MBEDTLS_USE_PSA_CRYPTO
+#       - experimental, and more an alternative implementation than a feature
 #   and any symbol beginning _ALT
 #
 
@@ -99,6 +101,7 @@ MBEDTLS_NO_64BIT_MULTIPLICATION
 MBEDTLS_PSA_CRYPTO_SPM
 MBEDTLS_PSA_HAS_ITS_IO
 MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C
+MBEDTLS_USE_PSA_CRYPTO
 _ALT\s*$
 );
 

From dde444258192af79b3732c6dd8568633a0ba6601 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Tue, 30 Oct 2018 11:20:45 +0100
Subject: [PATCH 698/889] Add build using PSA to all.sh

---
 tests/scripts/all.sh | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 43f1db600..b9e1e37bb 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -573,6 +573,35 @@ if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_
 msg "test: compat.sh ARIA + ChachaPoly"
 if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
 
+# USE_PSA: run the same set of tests as basic-build-test.sh
+msg "build: cmake, full config + USE_PSA, ASan"
+cleanup
+cp "$CONFIG_H" "$CONFIG_BAK"
+scripts/config.pl full
+scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
+scripts/config.pl set MBEDTLS_PSA_CRYPTO_C
+scripts/config.pl set MBEDTLS_USE_PSA_CRYPTO
+CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
+make
+
+msg "test: main suites (USE_PSA)"
+make test
+
+msg "test: ssl-opt.sh (USE_PSA)"
+if_build_succeeded tests/ssl-opt.sh
+
+msg "test: compat.sh default (USE_PSA)"
+if_build_succeeded tests/compat.sh
+
+msg "test: compat.sh ssl3 (USE_PSA)"
+if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3'
+
+msg "test: compat.sh RC4, DES & NULL (USE_PSA)"
+if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR'
+
+msg "test: compat.sh ARIA + ChachaPoly (USE_PSA)"
+if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
+
 msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s
 cleanup
 cp "$CONFIG_H" "$CONFIG_BAK"

From 560aeaf26bd7a702fe43acf827cbe5f87c87e55b Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 8 Nov 2018 13:32:02 +0000
Subject: [PATCH 699/889] Add internal header for PSA utility functions

This commit adds the header file mbedtls/psa_util.h which contains
static utility functions `mbedtls_psa_xxx()` used in the integration
of PSA Crypto into Mbed TLS.

Warning: These functions are internal only and may change at any time.
---
 include/mbedtls/psa_util.h | 162 +++++++++++++++++++++++++++++++++++++
 1 file changed, 162 insertions(+)
 create mode 100644 include/mbedtls/psa_util.h

diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
new file mode 100644
index 000000000..03c55e166
--- /dev/null
+++ b/include/mbedtls/psa_util.h
@@ -0,0 +1,162 @@
+/**
+ * \file psa_compat.h
+ *
+ * \brief Utility functions for the use of the PSA Crypto library.
+ *
+ * \warning This function is not part of the public API and may
+ *          change at any time.
+ */
+/*
+ *  Copyright (C) 2006-2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_PSA_COMPAT_H)
+#define MBEDTLS_PSA_COMPAT_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+
+#include "psa/crypto.h"
+
+#include "ecp.h"
+#include "md.h"
+
+static psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key )
+{
+    for( psa_key_slot_t slot = 1; slot <= 32; slot++ )
+    {
+        if( psa_get_key_information( slot, NULL, NULL )  == PSA_ERROR_EMPTY_SLOT )
+        {
+            *key = slot;
+            return( PSA_SUCCESS );
+        }
+    }
+    return( PSA_ERROR_INSUFFICIENT_MEMORY );
+}
+
+static psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
+{
+    switch( md_alg )
+    {
+#if defined(MBEDTLS_MD2_C)
+    case MBEDTLS_MD_MD2:
+        return( PSA_ALG_MD2 );
+#endif
+#if defined(MBEDTLS_MD4_C)
+    case MBEDTLS_MD_MD4:
+        return( PSA_ALG_MD4 );
+#endif
+#if defined(MBEDTLS_MD5_C)
+    case MBEDTLS_MD_MD5:
+        return( PSA_ALG_MD5 );
+#endif
+#if defined(MBEDTLS_SHA1_C)
+    case MBEDTLS_MD_SHA1:
+        return( PSA_ALG_SHA_1 );
+#endif
+#if defined(MBEDTLS_SHA256_C)
+    case MBEDTLS_MD_SHA224:
+        return( PSA_ALG_SHA_224 );
+    case MBEDTLS_MD_SHA256:
+        return( PSA_ALG_SHA_256 );
+#endif
+#if defined(MBEDTLS_SHA512_C)
+    case MBEDTLS_MD_SHA384:
+        return( PSA_ALG_SHA_384 );
+    case MBEDTLS_MD_SHA512:
+        return( PSA_ALG_SHA_512 );
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+    case MBEDTLS_MD_RIPEMD160:
+        return( PSA_ALG_RIPEMD160 );
+#endif
+    case MBEDTLS_MD_NONE:  /* Intentional fallthrough */
+    default:
+        return( 0 );
+    }
+}
+
+static psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group_id grpid )
+{
+    switch( grpid )
+    {
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP192R1:
+            return( PSA_ECC_CURVE_SECP192R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP224R1:
+            return( PSA_ECC_CURVE_SECP224R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP256R1:
+            return( PSA_ECC_CURVE_SECP256R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP384R1:
+            return( PSA_ECC_CURVE_SECP384R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP521R1:
+            return( PSA_ECC_CURVE_SECP521R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+        case MBEDTLS_ECP_DP_BP256R1:
+            return( PSA_ECC_CURVE_BRAINPOOL_P256R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+        case MBEDTLS_ECP_DP_BP384R1:
+            return( PSA_ECC_CURVE_BRAINPOOL_P384R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+        case MBEDTLS_ECP_DP_BP512R1:
+            return( PSA_ECC_CURVE_BRAINPOOL_P512R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+        case MBEDTLS_ECP_DP_CURVE25519:
+            return( PSA_ECC_CURVE_CURVE25519 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP192K1:
+            return( PSA_ECC_CURVE_SECP192K1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP224K1:
+            return( PSA_ECC_CURVE_SECP224K1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP256K1:
+            return( PSA_ECC_CURVE_SECP256K1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+        case MBEDTLS_ECP_DP_CURVE448:
+            return( PSA_ECC_CURVE_CURVE448 );
+#endif
+        default:
+            return( 0 );
+    }
+}
+
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+#endif /* MBEDTLS_PSA_COMPAT_H */

From 28b9d3590480ddd1680c6d88cfb4ac551c5c5e84 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 12 Nov 2018 09:29:12 +0000
Subject: [PATCH 700/889] Add PSA-to-Mbed TLS translations for cipher module

---
 include/mbedtls/psa_util.h | 73 +++++++++++++++++++++++++++++++++++++-
 1 file changed, 72 insertions(+), 1 deletion(-)

diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index 03c55e166..f92f95087 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -41,6 +41,8 @@
 #include "ecp.h"
 #include "md.h"
 
+/* Slot allocation */
+
 static psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key )
 {
     for( psa_key_slot_t slot = 1; slot <= 32; slot++ )
@@ -54,7 +56,74 @@ static psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key )
     return( PSA_ERROR_INSUFFICIENT_MEMORY );
 }
 
-static psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
+/* Translations for symmetric crypto. */
+
+static psa_key_type_t mbedtls_psa_translate_cipher_type(
+    mbedtls_cipher_type_t cipher )
+{
+    switch( cipher )
+    {
+        case MBEDTLS_CIPHER_AES_128_CCM:
+        case MBEDTLS_CIPHER_AES_192_CCM:
+        case MBEDTLS_CIPHER_AES_256_CCM:
+        case MBEDTLS_CIPHER_AES_128_GCM:
+        case MBEDTLS_CIPHER_AES_192_GCM:
+        case MBEDTLS_CIPHER_AES_256_GCM:
+        case MBEDTLS_CIPHER_AES_128_CBC:
+        case MBEDTLS_CIPHER_AES_192_CBC:
+        case MBEDTLS_CIPHER_AES_256_CBC:
+            return( PSA_KEY_TYPE_AES );
+
+        /* ARIA not yet supported in PSA. */
+        /* case MBEDTLS_CIPHER_ARIA_128_CCM:
+           case MBEDTLS_CIPHER_ARIA_192_CCM:
+           case MBEDTLS_CIPHER_ARIA_256_CCM:
+           case MBEDTLS_CIPHER_ARIA_128_GCM:
+           case MBEDTLS_CIPHER_ARIA_192_GCM:
+           case MBEDTLS_CIPHER_ARIA_256_GCM:
+           case MBEDTLS_CIPHER_ARIA_128_CBC:
+           case MBEDTLS_CIPHER_ARIA_192_CBC:
+           case MBEDTLS_CIPHER_ARIA_256_CBC:
+               return( PSA_KEY_TYPE_ARIA ); */
+
+        default:
+            return( 0 );
+    }
+}
+
+static psa_algorithm_t mbedtls_psa_translate_cipher_mode(
+    mbedtls_cipher_mode_t mode )
+{
+    switch( mode )
+    {
+        case MBEDTLS_MODE_GCM:
+            return( PSA_ALG_GCM );
+        case MBEDTLS_MODE_CCM:
+            return( PSA_ALG_CCM );
+        case MBEDTLS_MODE_CBC:
+            return( PSA_ALG_CBC_NO_PADDING );
+        default:
+            return( 0 );
+    }
+}
+
+static psa_key_usage_t mbedtls_psa_translate_cipher_operation(
+    mbedtls_cipher_operation_t op )
+{
+    switch( op )
+    {
+        case MBEDTLS_ENCRYPT:
+            return( PSA_KEY_USAGE_ENCRYPT );
+        case MBEDTLS_DECRYPT:
+            return( PSA_KEY_USAGE_DECRYPT );
+        default:
+            return( 0 );
+    }
+}
+
+/* Translations for hashing. */
+
+psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
 {
     switch( md_alg )
     {
@@ -96,6 +165,8 @@ static psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
     }
 }
 
+/* Translations for ECC. */
+
 static psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group_id grpid )
 {
     switch( grpid )

From 5f48818712054f2f5f018e04ca5d2906abfb150a Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 12 Nov 2018 10:18:57 +0000
Subject: [PATCH 701/889] Make PSA utility functions static inline

Compilers warn about unused static functions.
---
 include/mbedtls/psa_util.h | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index f92f95087..017c48e2a 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -43,7 +43,7 @@
 
 /* Slot allocation */
 
-static psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key )
+static inline psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key )
 {
     for( psa_key_slot_t slot = 1; slot <= 32; slot++ )
     {
@@ -58,7 +58,7 @@ static psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key )
 
 /* Translations for symmetric crypto. */
 
-static psa_key_type_t mbedtls_psa_translate_cipher_type(
+static inline psa_key_type_t mbedtls_psa_translate_cipher_type(
     mbedtls_cipher_type_t cipher )
 {
     switch( cipher )
@@ -91,7 +91,7 @@ static psa_key_type_t mbedtls_psa_translate_cipher_type(
     }
 }
 
-static psa_algorithm_t mbedtls_psa_translate_cipher_mode(
+static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode(
     mbedtls_cipher_mode_t mode )
 {
     switch( mode )
@@ -107,8 +107,8 @@ static psa_algorithm_t mbedtls_psa_translate_cipher_mode(
     }
 }
 
-static psa_key_usage_t mbedtls_psa_translate_cipher_operation(
-    mbedtls_cipher_operation_t op )
+static inline psa_key_usage_t mbedtls_psa_translate_cipher_operation(
+    mbedtls_operation_t op )
 {
     switch( op )
     {
@@ -123,7 +123,7 @@ static psa_key_usage_t mbedtls_psa_translate_cipher_operation(
 
 /* Translations for hashing. */
 
-psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
+static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
 {
     switch( md_alg )
     {
@@ -167,7 +167,7 @@ psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg )
 
 /* Translations for ECC. */
 
-static psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group_id grpid )
+static inline psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group_id grpid )
 {
     switch( grpid )
     {

From eba99931710083543a842827609ae59c011a6761 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 12 Nov 2018 13:18:45 +0000
Subject: [PATCH 702/889] Initialize PSA Crypto implementation at the start of
 each test suite

---
 tests/suites/main_test.function | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/tests/suites/main_test.function b/tests/suites/main_test.function
index 2ba919ce0..8bd408ca9 100644
--- a/tests/suites/main_test.function
+++ b/tests/suites/main_test.function
@@ -25,6 +25,9 @@
 #include MBEDTLS_CONFIG_FILE
 #endif
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
 
 /*----------------------------------------------------------------------------*/
 /* Common helper code */
@@ -221,8 +224,22 @@ int main( int argc, const char *argv[] )
                          ret );
         return( -1 );
     }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    {
+        psa_status_t status;
+        status = psa_crypto_init();
+        if( status != PSA_SUCCESS )
+        {
+            mbedtls_fprintf( stderr,
+                          "FATAL: Failed to initialize PSA Crypto - error %d\n",
+                          status );
+            return( -1 );
+        }
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
     ret = execute_tests( argc, argv );
     platform_teardown();
     return( ret );
 }
-

From 50955d1c18e79b0234e5f0192a76aeac2902c0d6 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 12 Nov 2018 17:46:59 +0000
Subject: [PATCH 703/889] Initialize PSA Crypto implementation in ssl_client2.c

---
 programs/ssl/ssl_client2.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 15c778d31..87b9ab1bd 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -59,6 +59,10 @@ int main( void )
 #include "mbedtls/debug.h"
 #include "mbedtls/timing.h"
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif
+
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -555,6 +559,9 @@ int main( int argc, char *argv[] )
 #endif
     char *p, *q;
     const int *list;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status;
+#endif
 
     /*
      * Make sure memory references are valid.
@@ -573,6 +580,17 @@ int main( int argc, char *argv[] )
     memset( (void * ) alpn_list, 0, sizeof( alpn_list ) );
 #endif
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    status = psa_crypto_init();
+    if( status != PSA_SUCCESS )
+    {
+        mbedtls_fprintf( stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                         (int) status );
+        ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        goto exit;
+    }
+#endif
+
     if( argc == 0 )
     {
     usage:

From 06b6f34e9f668e34e01e4c75bc90e6ee445cb0db Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 12 Nov 2018 17:47:48 +0000
Subject: [PATCH 704/889] Initialize PSA Crypto implementation in ssl_server2

---
 programs/ssl/ssl_server2.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index efda65d23..1c6ccaef1 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -60,6 +60,10 @@ int main( void )
 #include "mbedtls/debug.h"
 #include "mbedtls/timing.h"
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif
+
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -1238,6 +1242,9 @@ int main( int argc, char *argv[] )
     int i;
     char *p, *q;
     const int *list;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_status_t status;
+#endif
 
 #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
     mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
@@ -1277,6 +1284,17 @@ int main( int argc, char *argv[] )
     mbedtls_ssl_cookie_init( &cookie_ctx );
 #endif
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    status = psa_crypto_init();
+    if( status != PSA_SUCCESS )
+    {
+        mbedtls_fprintf( stderr, "Failed to initialize PSA Crypto implementation: %d\n",
+                         (int) status );
+        ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        goto exit;
+    }
+#endif
+
 #if !defined(_WIN32)
     /* Abort cleanly on SIGTERM and SIGINT */
     signal( SIGTERM, term_handler );

From 639a4320ca6d46acdce14c6069b4bd29460bb35c Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 13 Nov 2018 21:01:41 +0000
Subject: [PATCH 705/889] Fix Doxygen annotation in psa_util.h

---
 include/mbedtls/psa_util.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index 017c48e2a..224432ea1 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -1,5 +1,5 @@
 /**
- * \file psa_compat.h
+ * \file psa_util.h
  *
  * \brief Utility functions for the use of the PSA Crypto library.
  *

From 14f78b03bb6460d1ef3735b4b9b29a939c7de8d2 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 15 Nov 2018 09:37:19 +0000
Subject: [PATCH 706/889] Add function to translate PSA errors to PK module
 errors

---
 include/mbedtls/psa_util.h | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index 224432ea1..d9f1be49d 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -40,6 +40,7 @@
 
 #include "ecp.h"
 #include "md.h"
+#include "pk.h"
 
 /* Slot allocation */
 
@@ -228,6 +229,31 @@ static inline psa_ecc_curve_t mbedtls_psa_translate_ecc_group( mbedtls_ecp_group
     }
 }
 
+/* Translations for PK layer */
+
+static inline int mbedtls_psa_err_translate_pk( psa_status_t status )
+{
+    switch( status )
+    {
+        case PSA_SUCCESS:
+            return( 0 );
+        case PSA_ERROR_NOT_SUPPORTED:
+            return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
+        case PSA_ERROR_INSUFFICIENT_MEMORY:
+            return( MBEDTLS_ERR_PK_ALLOC_FAILED );
+        case PSA_ERROR_COMMUNICATION_FAILURE:
+        case PSA_ERROR_HARDWARE_FAILURE:
+        case PSA_ERROR_TAMPERING_DETECTED:
+            return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
+        case PSA_ERROR_INSUFFICIENT_ENTROPY:
+            return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
+        case PSA_ERROR_BAD_STATE:
+            return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+        default: /* should never happen */
+            return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
+    }
+}
+
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
 #endif /* MBEDTLS_PSA_COMPAT_H */

From dec64735e2924ff581b0341cf24d350e9fbdcfaf Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 15 Nov 2018 15:48:57 +0000
Subject: [PATCH 707/889] Add AEAD tag length parameter to
 mbedtls_psa_translate_cipher_mode()

In case of AEAD ciphers, the cipher mode (and not even the entire content
of mbedtls_cipher_info_t) doesn't uniquely determine a psa_algorithm_t
because it doesn't specify the AEAD tag length, which however is included
in psa_algorithm_t identifiers.

This commit adds a tag length value to mbedtls_psa_translate_cipher_mode()
to account for that ambiguity.
---
 include/mbedtls/psa_util.h | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index d9f1be49d..f66635cc4 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -93,16 +93,18 @@ static inline psa_key_type_t mbedtls_psa_translate_cipher_type(
 }
 
 static inline psa_algorithm_t mbedtls_psa_translate_cipher_mode(
-    mbedtls_cipher_mode_t mode )
+    mbedtls_cipher_mode_t mode, size_t taglen )
 {
     switch( mode )
     {
         case MBEDTLS_MODE_GCM:
-            return( PSA_ALG_GCM );
+            return( PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_GCM, taglen ) );
         case MBEDTLS_MODE_CCM:
-            return( PSA_ALG_CCM );
+            return( PSA_ALG_AEAD_WITH_TAG_LENGTH( PSA_ALG_CCM, taglen ) );
         case MBEDTLS_MODE_CBC:
-            return( PSA_ALG_CBC_NO_PADDING );
+            if( taglen == 0 )
+                return( PSA_ALG_CBC_NO_PADDING );
+            /* Intentional fallthrough for taglen != 0 */
         default:
             return( 0 );
     }

From 4d9e1e0ac4217a5a5288f98effa0438b71b95b75 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 16 Nov 2018 15:01:22 +0000
Subject: [PATCH 708/889] Improve documentation of
 mbedtls_psa_err_translate_pk()

---
 include/mbedtls/psa_util.h | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index f66635cc4..41c0e2b30 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -243,15 +243,18 @@ static inline int mbedtls_psa_err_translate_pk( psa_status_t status )
             return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
         case PSA_ERROR_INSUFFICIENT_MEMORY:
             return( MBEDTLS_ERR_PK_ALLOC_FAILED );
-        case PSA_ERROR_COMMUNICATION_FAILURE:
-        case PSA_ERROR_HARDWARE_FAILURE:
-        case PSA_ERROR_TAMPERING_DETECTED:
-            return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
         case PSA_ERROR_INSUFFICIENT_ENTROPY:
             return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
         case PSA_ERROR_BAD_STATE:
             return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-        default: /* should never happen */
+        /* All other failures */
+        case PSA_ERROR_COMMUNICATION_FAILURE:
+        case PSA_ERROR_HARDWARE_FAILURE:
+        case PSA_ERROR_TAMPERING_DETECTED:
+            return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
+        default: /* We return the same as for the 'other failures',
+                  * but list them separately nonetheless to indicate
+                  * which failure conditions we have considered. */
             return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
     }
 }

From 77030426a0600297342f29d7f7fea9e11fff23bc Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Sun, 18 Nov 2018 07:16:46 +0000
Subject: [PATCH 709/889] Update VisualC files

---
 visualc/VS2010/mbedTLS.vcxproj | 1 +
 1 file changed, 1 insertion(+)

diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 5d57a7504..6535d483a 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -204,6 +204,7 @@
     <ClInclude Include="..\..\include\mbedtls\platform_time.h" />
     <ClInclude Include="..\..\include\mbedtls\platform_util.h" />
     <ClInclude Include="..\..\include\mbedtls\poly1305.h" />
+    <ClInclude Include="..\..\include\mbedtls\psa_util.h" />
     <ClInclude Include="..\..\include\mbedtls\ripemd160.h" />
     <ClInclude Include="..\..\include\mbedtls\rsa.h" />
     <ClInclude Include="..\..\include\mbedtls\rsa_internal.h" />

From 56a78dd4adb8aafb4c0ab0d99dd71942016f079a Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 19 Nov 2018 09:46:26 +0000
Subject: [PATCH 710/889] State explicitly that any API depending on PSA is
 unstable

---
 include/mbedtls/config.h | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 2341ef50f..1f37d0843 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1626,6 +1626,10 @@
  * not covered yet, but parts that are not ported to PSA yet will still work
  * as usual, so enabling this option should not break backwards compatibility.
  *
+ * \warning  Support for PSA is still an experimental feature.
+ *           Any public API that depends on this option may change
+ *           at any time until this warning is removed.
+ *
  * Requires: MBEDTLS_PSA_CRYPTO_C.
  */
 //#define MBEDTLS_USE_PSA_CRYPTO

From 47a6291445f0c38fbaac5bf0455a88c3c273f045 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 19 Nov 2018 15:14:21 +0000
Subject: [PATCH 711/889] Use MBEDTLS_PSA_UTIL_H instead of
 MBEDTLS_PSA_COMPAT_H in psa_util.h

This is still an artifact from when psa_util.h was called psa_compat.h.
---
 include/mbedtls/psa_util.h | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index 41c0e2b30..4a0c87ccf 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -25,8 +25,8 @@
  *  This file is part of mbed TLS (https://tls.mbed.org)
  */
 
-#if !defined(MBEDTLS_PSA_COMPAT_H)
-#define MBEDTLS_PSA_COMPAT_H
+#ifndef MBEDTLS_PSA_UTIL_H
+#define MBEDTLS_PSA_UTIL_H
 
 #if !defined(MBEDTLS_CONFIG_FILE)
 #include "config.h"
@@ -261,4 +261,4 @@ static inline int mbedtls_psa_err_translate_pk( psa_status_t status )
 
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
-#endif /* MBEDTLS_PSA_COMPAT_H */
+#endif /* MBEDTLS_PSA_UTIL_H */

From fc359fd837db38ad6039afac96d78c0c94a21010 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 19 Nov 2018 15:15:01 +0000
Subject: [PATCH 712/889] Remove double white space

---
 include/mbedtls/psa_util.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index 4a0c87ccf..576613309 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -48,7 +48,7 @@ static inline psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key )
 {
     for( psa_key_slot_t slot = 1; slot <= 32; slot++ )
     {
-        if( psa_get_key_information( slot, NULL, NULL )  == PSA_ERROR_EMPTY_SLOT )
+        if( psa_get_key_information( slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT )
         {
             *key = slot;
             return( PSA_SUCCESS );

From 12bd57b8c8868db16ce4d2872629a79e9078aaf3 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 19 Nov 2018 15:16:12 +0000
Subject: [PATCH 713/889] Refer to PSA through MBEDTLS_USE_PSA_CRYPTO, not
 USE_PSA, in all.sh

---
 tests/scripts/all.sh | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index b9e1e37bb..6af13e660 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -573,8 +573,8 @@ if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_
 msg "test: compat.sh ARIA + ChachaPoly"
 if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
 
-# USE_PSA: run the same set of tests as basic-build-test.sh
-msg "build: cmake, full config + USE_PSA, ASan"
+# MBEDTLS_USE_PSA_CRYPTO: run the same set of tests as basic-build-test.sh
+msg "build: cmake, full config + MBEDTLS_USE_PSA_CRYPTO, ASan"
 cleanup
 cp "$CONFIG_H" "$CONFIG_BAK"
 scripts/config.pl full
@@ -584,22 +584,22 @@ scripts/config.pl set MBEDTLS_USE_PSA_CRYPTO
 CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
 make
 
-msg "test: main suites (USE_PSA)"
+msg "test: main suites (MBEDTLS_USE_PSA_CRYPTO)"
 make test
 
-msg "test: ssl-opt.sh (USE_PSA)"
+msg "test: ssl-opt.sh (MBEDTLS_USE_PSA_CRYPTO)"
 if_build_succeeded tests/ssl-opt.sh
 
-msg "test: compat.sh default (USE_PSA)"
+msg "test: compat.sh default (MBEDTLS_USE_PSA_CRYPTO)"
 if_build_succeeded tests/compat.sh
 
-msg "test: compat.sh ssl3 (USE_PSA)"
+msg "test: compat.sh ssl3 (MBEDTLS_USE_PSA_CRYPTO)"
 if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3'
 
-msg "test: compat.sh RC4, DES & NULL (USE_PSA)"
+msg "test: compat.sh RC4, DES & NULL (MBEDTLS_USE_PSA_CRYPTO)"
 if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR'
 
-msg "test: compat.sh ARIA + ChachaPoly (USE_PSA)"
+msg "test: compat.sh ARIA + ChachaPoly (MBEDTLS_USE_PSA_CRYPTO)"
 if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
 
 msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s

From 866fc7e3a7bbf201bb3111e1233480425d7a2e68 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 22 Oct 2018 15:28:02 +0100
Subject: [PATCH 714/889] Add API for configuration of opaque PSK

This commit adds two public API functions

mbedtls_ssl_conf_psk_opaque()
mbedtls_ssl_set_hs_psk_opaque()

which allow to configure the use of opaque, PSA-maintained PSKs
at configuration time or run time.
---
 include/mbedtls/ssl.h | 130 +++++++++++++++++++++++++++++++++---------
 1 file changed, 104 insertions(+), 26 deletions(-)

diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 55b206fae..5008950a0 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -2057,68 +2057,146 @@ int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf,
 
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
 /**
- * \brief          Set the Pre Shared Key (PSK) and the expected identity name
+ * \brief          Configure a pre-shared key (PSK) and identity
+ *                 to be used in PSK-based ciphersuites.
  *
  * \note           This is mainly useful for clients. Servers will usually
  *                 want to use \c mbedtls_ssl_conf_psk_cb() instead.
  *
- * \note           Currently clients can only register one pre-shared key.
- *                 In other words, the servers' identity hint is ignored.
+ * \warning        Currently, clients can only register a single pre-shared key.
+ *                 Calling this function or mbedtls_ssl_conf_opaque_psk() more
+ *                 than once will overwrite values configured in previous calls.
  *                 Support for setting multiple PSKs on clients and selecting
- *                 one based on the identity hint is not a planned feature but
- *                 feedback is welcomed.
+ *                 one based on the identity hint is not a planned feature,
+ *                 but feedback is welcomed.
  *
- * \param conf     SSL configuration
- * \param psk      pointer to the pre-shared key
- * \param psk_len  pre-shared key length
- * \param psk_identity      pointer to the pre-shared key identity
- * \param psk_identity_len  identity key length
+ * \param conf     The SSL configuration to register the PSK with.
+ * \param psk      The pointer to the pre-shared key to use.
+ * \param psk_len  The length of the pre-shared key in bytes.
+ * \param psk_identity      The pointer to the pre-shared key identity.
+ * \param psk_identity_len  The length of the pre-shared key identity
+ *                          in bytes.
  *
- * \return         0 if successful or MBEDTLS_ERR_SSL_ALLOC_FAILED
+ * \note           The PSK and its identity are copied internally and
+ *                 hence need not be preserved by the caller for the lifetime
+ *                 of the SSL configuration.
+ *
+ * \return         \c 0 if successful.
+ * \return         An \c MBEDTLS_ERR_SSL_XXX error code on failure.
  */
 int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
                 const unsigned char *psk, size_t psk_len,
                 const unsigned char *psk_identity, size_t psk_identity_len );
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/**
+ * \brief          Configure an opaque pre-shared key (PSK) and identity
+ *                 to be used in PSK-based ciphersuites.
+ *
+ * \note           This is mainly useful for clients. Servers will usually
+ *                 want to use \c mbedtls_ssl_conf_psk_cb() instead.
+ *
+ * \warning        Currently, clients can only register a single pre-shared key.
+ *                 Calling this function or mbedtls_ssl_conf_psk() more than
+ *                 once will overwrite values configured in previous calls.
+ *                 Support for setting multiple PSKs on clients and selecting
+ *                 one based on the identity hint is not a planned feature,
+ *                 but feedback is welcomed.
+ *
+ * \param conf     The SSL configuration to register the PSK with.
+ * \param psk      The identifier of the key slot holding the PSK.
+ *                 Until \p conf is destroyed or this function is successfully
+ *                 again, the key slot \p psk must be populated with a key of
+ *                 type #PSA_ALG_CATEGORY_KEY_DERIVATION whose policy allows
+ *                 its use for the key derivation algorithm applied in the
+ *                 handshake.
+ * \param psk_identity      The pointer to the pre-shared key identity.
+ * \param psk_identity_len  The length of the pre-shared key identity
+ *                          in bytes.
+ *
+ * \note           The PSK identity hint is copied internally and hence need
+ *                 not be preserved by the caller for the lifetime of the
+ *                 SSL configuration.
+ *
+ * \return         \c 0 if successful.
+ * \return         An \c MBEDTLS_ERR_SSL_XXX error code on failure.
+ */
+int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf,
+                                 psa_key_slot_t psk,
+                                 const unsigned char *psk_identity,
+                                 size_t psk_identity_len );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
 
 /**
- * \brief          Set the Pre Shared Key (PSK) for the current handshake
+ * \brief          Set the pre-shared Key (PSK) for the current handshake.
  *
  * \note           This should only be called inside the PSK callback,
- *                 ie the function passed to \c mbedtls_ssl_conf_psk_cb().
+ *                 i.e. the function passed to \c mbedtls_ssl_conf_psk_cb().
  *
- * \param ssl      SSL context
- * \param psk      pointer to the pre-shared key
- * \param psk_len  pre-shared key length
+ * \param ssl      The SSL context to configure a PSK for.
+ * \param psk      The pointer to the pre-shared key.
+ * \param psk_len  The length of the pre-shared key in bytes.
  *
- * \return         0 if successful or MBEDTLS_ERR_SSL_ALLOC_FAILED
+ * \return         \c 0 if successful.
+ * \return         An \c MBEDTLS_ERR_SSL_XXX error code on failure.
  */
 int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl,
                             const unsigned char *psk, size_t psk_len );
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/**
+ * \brief          Set an opaque pre-shared Key (PSK) for the current handshake.
+ *
+ * \note           This should only be called inside the PSK callback,
+ *                 i.e. the function passed to \c mbedtls_ssl_conf_psk_cb().
+ *
+ * \param ssl      The SSL context to configure a PSK for.
+ * \param psk      The identifier of the key slot holding the PSK.
+ *                 For the duration of the current handshake, the key slot
+ *                 must be populated with a key of type
+ *                 #PSA_ALG_CATEGORY_KEY_DERIVATION whose policy allows its
+ *                 use for the key derivation algorithm
+ *                 applied in the handshake.
+  *
+ * \return         \c 0 if successful.
+ * \return         An \c MBEDTLS_ERR_SSL_XXX error code on failure.
+ */
+int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl,
+                                   psa_key_slot_t psk );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 /**
  * \brief          Set the PSK callback (server-side only).
  *
  *                 If set, the PSK callback is called for each
- *                 handshake where a PSK ciphersuite was negotiated.
+ *                 handshake where a PSK-based ciphersuite was negotiated.
  *                 The caller provides the identity received and wants to
  *                 receive the actual PSK data and length.
  *
- *                 The callback has the following parameters: (void *parameter,
- *                 mbedtls_ssl_context *ssl, const unsigned char *psk_identity,
- *                 size_t identity_len)
+ *                 The callback has the following parameters:
+ *                 - \c void*: The opaque pointer \p p_psk.
+ *                 - \c mbedtls_ssl_context*: The SSL context to which
+ *                                            the operation applies.
+ *                 - \c const unsigned char*: The PSK identity
+ *                                            selected by the client.
+ *                 - \c size_t: The length of the PSK identity
+ *                              selected by the client.
+ *
  *                 If a valid PSK identity is found, the callback should use
- *                 \c mbedtls_ssl_set_hs_psk() on the ssl context to set the
- *                 correct PSK and return 0.
+ *                 \c mbedtls_ssl_set_hs_psk() or
+ *                 \c mbedtls_ssl_set_hs_psk_opaque()
+ *                 on the SSL context to set the correct PSK and return \c 0.
  *                 Any other return value will result in a denied PSK identity.
  *
  * \note           If you set a PSK callback using this function, then you
  *                 don't need to set a PSK key and identity using
  *                 \c mbedtls_ssl_conf_psk().
  *
- * \param conf     SSL configuration
- * \param f_psk    PSK identity function
- * \param p_psk    PSK identity parameter
+ * \param conf     The SSL configuration to register the callback with.
+ * \param f_psk    The callback for selecting and setting the PSK based
+ *                 in the PSK identity chosen by the client.
+ * \param p_psk    A pointer to an opaque structure to be passed to
+ *                 the callback, for example a PSK store.
  */
 void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf,
                      int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *,

From ce620dd8b0deb7092ff9287cc87e91c882e15fd0 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 22 Oct 2018 15:29:46 +0100
Subject: [PATCH 715/889] Add opaque PSK identifier to
 mbedtls_ssl_handshake_params

This commit adds a field `psk_opaque` to the handshake parameter
struct `mbedtls_ssl_handshake_params` which indicates if the user
has configured the use of an opaque PSK.
---
 include/mbedtls/ssl_internal.h | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 97abb9f90..318d13fd8 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -283,9 +283,12 @@ struct mbedtls_ssl_handshake_params
     const mbedtls_ecp_curve_info **curves;      /*!<  Supported elliptic curves */
 #endif
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_key_slot_t psk_opaque;          /*!< Opaque PSK from the callback   */
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
     unsigned char *psk;                 /*!<  PSK from the callback         */
     size_t psk_len;                     /*!<  Length of PSK from callback   */
-#endif
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
     mbedtls_ssl_key_cert *key_cert;     /*!< chosen key/cert pair (server)  */
 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)

From b94493cbc5c8f70003483cf5f3502067761ff347 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 22 Oct 2018 15:31:03 +0100
Subject: [PATCH 716/889] Add opaque PSK identifier to SSL configuration

---
 include/mbedtls/ssl.h | 48 +++++++++++++++++++++++++++++++------------
 1 file changed, 35 insertions(+), 13 deletions(-)

diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 5008950a0..171803f75 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -65,6 +65,10 @@
 #include "platform_time.h"
 #endif
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 /*
  * SSL Error codes
  */
@@ -923,19 +927,37 @@ struct mbedtls_ssl_config
 #endif
 
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
-    unsigned char *psk;             /*!< pre-shared key. This field should
-                                         only be set via
-                                         mbedtls_ssl_conf_psk() */
-    size_t         psk_len;         /*!< length of the pre-shared key. This
-                                         field should only be set via
-                                         mbedtls_ssl_conf_psk() */
-    unsigned char *psk_identity;    /*!< identity for PSK negotiation. This
-                                         field should only be set via
-                                         mbedtls_ssl_conf_psk() */
-    size_t         psk_identity_len;/*!< length of identity. This field should
-                                         only be set via
-                                         mbedtls_ssl_conf_psk() */
-#endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_key_slot_t psk_opaque; /*!< PSA key slot holding opaque PSK.
+                                *   This field should only be set via
+                                *   mbedtls_ssl_conf_psk_opaque().
+                                *   If either no PSK or a raw PSK have
+                                *   been configured, this has value \c 0. */
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    unsigned char *psk;      /*!< The raw pre-shared key. This field should
+                              *   only be set via mbedtls_ssl_conf_psk().
+                              *   If either no PSK or an opaque PSK
+                              *   have been configured, this has value NULL. */
+    size_t         psk_len;  /*!< The length of the raw pre-shared key.
+                              *   This field should only be set via
+                              *   mbedtls_ssl_conf_psk().
+                              *   Its value is non-zero if and only if
+                              *   \c psk is not \c NULL. */
+
+    unsigned char *psk_identity;    /*!< The PSK identity for PSK negotiation.
+                                     *   This field should only be set via
+                                     *   mbedtls_ssl_conf_psk().
+                                     *   This is set if and only if either
+                                     *   \c psk or \c psk_opaque are set. */
+    size_t         psk_identity_len;/*!< The length of PSK identity.
+                                     *   This field should only be set via
+                                     *   mbedtls_ssl_conf_psk().
+                                     *   Its value is non-zero if and only if
+                                     *   \c psk is not \c NULL or \c psk_opaque
+                                     *   is not \c 0. */
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
 
 #if defined(MBEDTLS_SSL_ALPN)
     const char **alpn_list;         /*!< ordered list of protocols          */

From c6b8d400a0ba6516bee41a79130c568bfa46346d Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 22 Oct 2018 15:31:26 +0100
Subject: [PATCH 717/889] Implement API for configuration of opaque PSKs

This commit adds implementations of the two new API functions

mbedtls_ssl_conf_psk_opaque()
mbedtls_ssl_set_hs_psk_opaque().
---
 library/ssl_tls.c | 116 +++++++++++++++++++++++++++++++++++++---------
 1 file changed, 95 insertions(+), 21 deletions(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 82e65251f..2150c03d1 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -7326,6 +7326,37 @@ int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl,
 #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
 
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+
+static void ssl_conf_remove_psk( mbedtls_ssl_config *conf )
+{
+    /* Remove reference to existing PSK, if any. */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( conf->psk_opaque != 0 )
+    {
+        /* The maintenance of the PSK key slot is the
+         * user's responsibility. */
+        conf->psk_opaque = 0;
+    }
+    else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    if( conf->psk != NULL )
+    {
+        mbedtls_platform_zeroize( conf->psk, conf->psk_len );
+
+        mbedtls_free( conf->psk );
+        conf->psk = NULL;
+        conf->psk_len = 0;
+    }
+
+    /* Remove reference to PSK identity, if any. */
+    if( conf->psk_identity != NULL )
+    {
+        mbedtls_free( conf->psk_identity );
+        conf->psk_identity = NULL;
+        conf->psk_identity_len = 0;
+    }
+}
+
 int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
                 const unsigned char *psk, size_t psk_len,
                 const unsigned char *psk_identity, size_t psk_identity_len )
@@ -7343,20 +7374,7 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
     }
 
-    if( conf->psk != NULL )
-    {
-        mbedtls_platform_zeroize( conf->psk, conf->psk_len );
-
-        mbedtls_free( conf->psk );
-        conf->psk = NULL;
-        conf->psk_len = 0;
-    }
-    if( conf->psk_identity != NULL )
-    {
-        mbedtls_free( conf->psk_identity );
-        conf->psk_identity = NULL;
-        conf->psk_identity_len = 0;
-    }
+    ssl_conf_remove_psk( conf );
 
     if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ||
         ( conf->psk_identity = mbedtls_calloc( 1, psk_identity_len ) ) == NULL )
@@ -7377,6 +7395,24 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
     return( 0 );
 }
 
+static void ssl_remove_psk( mbedtls_ssl_context *ssl )
+{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( ssl->handshake->psk_opaque != 0 )
+    {
+        ssl->handshake->psk_opaque = 0;
+    }
+    else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    if( ssl->handshake->psk != NULL )
+    {
+        mbedtls_platform_zeroize( ssl->handshake->psk,
+                                  ssl->handshake->psk_len );
+        mbedtls_free( ssl->handshake->psk );
+        ssl->handshake->psk_len = 0;
+    }
+}
+
 int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl,
                             const unsigned char *psk, size_t psk_len )
 {
@@ -7386,13 +7422,7 @@ int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl,
     if( psk_len > MBEDTLS_PSK_MAX_LEN )
         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
 
-    if( ssl->handshake->psk != NULL )
-    {
-        mbedtls_platform_zeroize( ssl->handshake->psk,
-                                  ssl->handshake->psk_len );
-        mbedtls_free( ssl->handshake->psk );
-        ssl->handshake->psk_len = 0;
-    }
+    ssl_remove_psk( ssl );
 
     if( ( ssl->handshake->psk = mbedtls_calloc( 1, psk_len ) ) == NULL )
         return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
@@ -7403,6 +7433,50 @@ int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl,
     return( 0 );
 }
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf,
+                                 psa_key_slot_t psk_slot,
+                                 const unsigned char *psk_identity,
+                                 size_t psk_identity_len )
+{
+    if( psk_slot == 0 || psk_identity == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    /* Identity len will be encoded on two bytes */
+    if( ( psk_identity_len >> 16 ) != 0 ||
+        psk_identity_len > MBEDTLS_SSL_OUT_CONTENT_LEN )
+    {
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    }
+
+    ssl_conf_remove_psk( conf );
+
+    if( ( conf->psk_identity = mbedtls_calloc( 1, psk_identity_len ) ) == NULL )
+    {
+        mbedtls_free( conf->psk_identity );
+        conf->psk_identity = NULL;
+        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+    }
+
+    conf->psk_identity_len = psk_identity_len;
+    memcpy( conf->psk_identity, psk_identity, conf->psk_identity_len );
+
+    conf->psk_opaque = psk_slot;
+    return( 0 );
+}
+
+int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl,
+                                   psa_key_slot_t psk_slot )
+{
+    if( psk_slot == 0 || ssl->handshake == NULL )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+
+    ssl_remove_psk( ssl );
+    ssl->handshake->psk_opaque = psk_slot;
+    return( 0 );
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 void mbedtls_ssl_conf_psk_cb( mbedtls_ssl_config *conf,
                      int (*f_psk)(void *, mbedtls_ssl_context *, const unsigned char *,
                      size_t),

From fac92db771c73f4d2f9c354fc05e80868dcf60a4 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 23 Oct 2018 11:37:50 +0100
Subject: [PATCH 718/889] Add support for opaque PSKs in ssl_client2 example
 program

This commit adds support for the use of PSA-based opaque PSKs
in the TLS client example application programs/ssl/ssl_client2.

Specifically, a numerical command line option `psk_slot` with
the following constraints and semantics is added:
- It can only be used alongside the provisioning of a raw PSK
  through the preexisting `psk` command line option.
- It can only be used if both TLS 1.2 and a PSK-only ciphersuite
  are enforced through the appropriate use of the `min_version`
  and `force_ciphersuite` command line options.
- If the previous conditions are met, setting `psk_slot=d` will
  result in the PSA key slot with identifier `d` being populated
  with the raw PSK data specified through the `psk` parameter
  and passed to Mbed TLS via `mbedtls_ssl_conf_psk_opaque()`
  prior to the handshake.

Enforcing the TLS version and ciphersuite is necessary to determine
the exact KDF algorithm the PSK will be used for. This is required
as it is currently not possible to set up a key without specifying
exactly one algorithm the key may be used with.
---
 programs/ssl/ssl_client2.c | 219 +++++++++++++++++++++++++++----------
 1 file changed, 163 insertions(+), 56 deletions(-)

diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 87b9ab1bd..51a0c3f5b 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -85,6 +85,7 @@ int main( void )
 #define DFL_CRT_FILE            ""
 #define DFL_KEY_FILE            ""
 #define DFL_PSK                 ""
+#define DFL_PSK_SLOT            0
 #define DFL_PSK_IDENTITY        "Client_identity"
 #define DFL_ECJPAKE_PW          NULL
 #define DFL_EC_MAX_OPS          -1
@@ -139,9 +140,23 @@ int main( void )
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
 
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
-#define USAGE_PSK                                                   \
+#define USAGE_PSK_RAW                                               \
     "    psk=%%s              default: \"\" (in hex, without 0x)\n" \
     "    psk_identity=%%s     default: \"Client_identity\"\n"
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#define USAGE_PSK_SLOT                          \
+    "    psk_slot=%%d         default: 0\n"     \
+    "                          An empty key slot identifier to be used to hold the PSK.\n"            \
+    "                          Note: Currently only supported in conjunction with\n"                  \
+    "                          the use of min_version to force TLS 1.2 and force_ciphersuite \n"      \
+    "                          to force a particular PSK-only ciphersuite.\n"                         \
+    "                          Note: This is to test integration of PSA-based opaque PSKs with\n"     \
+    "                          Mbed TLS only. Production systems are likely to configure Mbed TLS\n"  \
+    "                          with prepopulated key slots instead of importing raw key material.\n"
+#else
+#define USAGE_PSK_SLOT ""
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#define USAGE_PSK USAGE_PSK_RAW USAGE_PSK_SLOT
 #else
 #define USAGE_PSK ""
 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
@@ -337,6 +352,9 @@ struct options
     const char *ca_path;        /* the path with the CA certificate(s) reside */
     const char *crt_file;       /* the file with the client certificate     */
     const char *key_file;       /* the file with the client key             */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    int psk_slot;
+#endif
     const char *psk;            /* the pre-shared key                       */
     const char *psk_identity;   /* the pre-shared key identity              */
     const char *ecjpake_pw;     /* the EC J-PAKE password                   */
@@ -540,6 +558,13 @@ int main( int argc, char *argv[] )
 
     const char *pers = "ssl_client2";
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_key_slot_t slot;
+    psa_algorithm_t alg = 0;
+    psa_key_policy_t policy;
+    psa_status_t status;
+#endif
+
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
     mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
 #endif
@@ -559,9 +584,6 @@ int main( int argc, char *argv[] )
 #endif
     char *p, *q;
     const int *list;
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_status_t status;
-#endif
 
     /*
      * Make sure memory references are valid.
@@ -628,6 +650,9 @@ int main( int argc, char *argv[] )
     opt.crt_file            = DFL_CRT_FILE;
     opt.key_file            = DFL_KEY_FILE;
     opt.psk                 = DFL_PSK;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    opt.psk_slot            = DFL_PSK_SLOT;
+#endif
     opt.psk_identity        = DFL_PSK_IDENTITY;
     opt.ecjpake_pw          = DFL_ECJPAKE_PW;
     opt.ec_max_ops          = DFL_EC_MAX_OPS;
@@ -728,6 +753,10 @@ int main( int argc, char *argv[] )
             opt.key_file = q;
         else if( strcmp( p, "psk" ) == 0 )
             opt.psk = q;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        else if( strcmp( p, "psk_slot" ) == 0 )
+            opt.psk_slot = atoi( q );
+#endif
         else if( strcmp( p, "psk_identity" ) == 0 )
             opt.psk_identity = q;
         else if( strcmp( p, "ecjpake_pw" ) == 0 )
@@ -1012,57 +1041,6 @@ int main( int argc, char *argv[] )
     mbedtls_debug_set_threshold( opt.debug_level );
 #endif
 
-    if( opt.force_ciphersuite[0] > 0 )
-    {
-        const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
-        ciphersuite_info =
-            mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] );
-
-        if( opt.max_version != -1 &&
-            ciphersuite_info->min_minor_ver > opt.max_version )
-        {
-            mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
-            ret = 2;
-            goto usage;
-        }
-        if( opt.min_version != -1 &&
-            ciphersuite_info->max_minor_ver < opt.min_version )
-        {
-            mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
-            ret = 2;
-            goto usage;
-        }
-
-        /* If the server selects a version that's not supported by
-         * this suite, then there will be no common ciphersuite... */
-        if( opt.max_version == -1 ||
-            opt.max_version > ciphersuite_info->max_minor_ver )
-        {
-            opt.max_version = ciphersuite_info->max_minor_ver;
-        }
-        if( opt.min_version < ciphersuite_info->min_minor_ver )
-        {
-            opt.min_version = ciphersuite_info->min_minor_ver;
-            /* DTLS starts with TLS 1.1 */
-            if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
-                opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 )
-                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
-        }
-
-        /* Enable RC4 if needed and not explicitly disabled */
-        if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
-        {
-            if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED )
-            {
-                mbedtls_printf( "forced RC4 ciphersuite with RC4 disabled\n" );
-                ret = 2;
-                goto usage;
-            }
-
-            opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED;
-        }
-    }
-
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
     /*
      * Unhexify the pre-shared key if any is given
@@ -1113,6 +1091,101 @@ int main( int argc, char *argv[] )
     }
 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
 
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( opt.psk_slot != 0 )
+    {
+        if( opt.psk == NULL )
+        {
+            mbedtls_printf( "psk_slot set but no psk to be imported specified.\n" );
+            ret = 2;
+            goto usage;
+        }
+
+        if( opt.force_ciphersuite[0] <= 0 )
+        {
+            mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
+            ret = 2;
+            goto usage;
+        }
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    if( opt.force_ciphersuite[0] > 0 )
+    {
+        const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
+        ciphersuite_info =
+            mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] );
+
+        if( opt.max_version != -1 &&
+            ciphersuite_info->min_minor_ver > opt.max_version )
+        {
+            mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
+            ret = 2;
+            goto usage;
+        }
+        if( opt.min_version != -1 &&
+            ciphersuite_info->max_minor_ver < opt.min_version )
+        {
+            mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
+            ret = 2;
+            goto usage;
+        }
+
+        /* If the server selects a version that's not supported by
+         * this suite, then there will be no common ciphersuite... */
+        if( opt.max_version == -1 ||
+            opt.max_version > ciphersuite_info->max_minor_ver )
+        {
+            opt.max_version = ciphersuite_info->max_minor_ver;
+        }
+        if( opt.min_version < ciphersuite_info->min_minor_ver )
+        {
+            opt.min_version = ciphersuite_info->min_minor_ver;
+            /* DTLS starts with TLS 1.1 */
+            if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
+                opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 )
+                opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2;
+        }
+
+        /* Enable RC4 if needed and not explicitly disabled */
+        if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 )
+        {
+            if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED )
+            {
+                mbedtls_printf( "forced RC4 ciphersuite with RC4 disabled\n" );
+                ret = 2;
+                goto usage;
+            }
+
+            opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED;
+        }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        if( opt.psk_slot != 0 )
+        {
+            /* Ensure that the chosen ciphersuite is PSK-only; we must know
+             * the ciphersuite in advance to set the correct policy for the
+             * PSK key slot. This limitation might go away in the future. */
+            if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK ||
+                opt.min_version != MBEDTLS_SSL_MINOR_VERSION_3 )
+            {
+                mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
+                ret = 2;
+                goto usage;
+            }
+
+            /* Determine KDF algorithm the opaque PSK will be used in. */
+#if defined(MBEDTLS_SHA512_C)
+            if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
+                alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384);
+            else
+#endif /* MBEDTLS_SHA512_C */
+                alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
+        }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    }
+
 #if defined(MBEDTLS_ECP_C)
     if( opt.curves != NULL )
     {
@@ -1484,6 +1557,40 @@ int main( int argc, char *argv[] )
 #endif
 
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( opt.psk_slot != 0 )
+    {
+        /* The algorithm has already been determined earlier. */
+        slot = (psa_key_slot_t) opt.psk_slot;
+
+        psa_key_policy_init( &policy );
+        psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+
+        status = psa_set_key_policy( slot, &policy );
+        if( status != PSA_SUCCESS )
+        {
+            ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+            goto exit;
+        }
+
+        status = psa_import_key( slot, PSA_KEY_TYPE_DERIVE, psk, psk_len );
+        if( status != PSA_SUCCESS )
+        {
+            ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+            goto exit;
+        }
+
+        if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, slot,
+                                  (const unsigned char *) opt.psk_identity,
+                                                 strlen( opt.psk_identity ) ) ) != 0 )
+        {
+            mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_psk_opaque returned %d\n\n",
+                            ret );
+            goto exit;
+        }
+    }
+    else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
     if( ( ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len,
                              (const unsigned char *) opt.psk_identity,
                              strlen( opt.psk_identity ) ) ) != 0 )
@@ -1492,7 +1599,7 @@ int main( int argc, char *argv[] )
                         ret );
         goto exit;
     }
-#endif
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
 
     if( opt.min_version != DFL_MIN_VERSION )
         mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3,

From a5ce0fd77f51651f8bd1a7fe4c423ee7f87edaa3 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 23 Oct 2018 11:54:44 +0100
Subject: [PATCH 719/889] Don't suggest the use of a PSK suite if no PSK
 configured on client

---
 library/ssl_cli.c | 38 +++++++++++++++++++++++++++++++++++---
 1 file changed, 35 insertions(+), 3 deletions(-)

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index ff576f3a8..70ce90f75 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -51,6 +51,27 @@
 #include "mbedtls/platform_util.h"
 #endif
 
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+static int ssl_conf_has_psk( mbedtls_ssl_config const *conf )
+{
+    if( conf->psk_identity     == NULL ||
+        conf->psk_identity_len == 0     )
+    {
+        return( 0 );
+    }
+
+    if( conf->psk != NULL && conf->psk_len != 0 )
+        return( 1 );
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( conf->psk_opaque != 0 )
+        return( 1 );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    return( 0 );
+}
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+
 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
 static void ssl_write_hostname_ext( mbedtls_ssl_context *ssl,
                                     unsigned char *buf,
@@ -754,6 +775,15 @@ static int ssl_validate_ciphersuite( const mbedtls_ssl_ciphersuite_t * suite_inf
         return( 1 );
 #endif
 
+    /* Don't suggest PSK-based ciphersuite if no PSK is available. */
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+    if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) &&
+        ssl_conf_has_psk( ssl ) == 0 )
+    {
+        return( 1 );
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+
     return( 0 );
 }
 
@@ -3007,10 +3037,12 @@ ecdh_calc_secret:
         /*
          * opaque psk_identity<0..2^16-1>;
          */
-        if( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL )
+        if( ssl_conf_has_psk( ssl ) == 0 )
         {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no private key for PSK" ) );
-            return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED );
+            /* We don't offer PSK suites if we don't have a PSK,
+             * and we check that the server's choice is among the
+             * ciphersuites we offered, so this should never happen. */
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
         }
 
         i = 4;

From a32400bc6b991ee64b6ae56b0a539b3a9e5288b0 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 23 Oct 2018 11:59:34 +0100
Subject: [PATCH 720/889] Allow opaque PSKs in pure-PSK ciphersuites only

In contrast, RSA-PSK, ECDHE-PSK and DHE-PSK are explicitly excluded
for the moment.
---
 library/ssl_cli.c | 39 +++++++++++++++++++++++++++++++++++++--
 1 file changed, 37 insertions(+), 2 deletions(-)

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 70ce90f75..90cafebe8 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -70,6 +70,23 @@ static int ssl_conf_has_psk( mbedtls_ssl_config const *conf )
 
     return( 0 );
 }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+static int ssl_conf_has_raw_psk( mbedtls_ssl_config const *conf )
+{
+    if( conf->psk_identity     == NULL ||
+        conf->psk_identity_len == 0     )
+    {
+        return( 0 );
+    }
+
+    if( conf->psk != NULL && conf->psk_len != 0 )
+        return( 1 );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
 
 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
@@ -778,7 +795,7 @@ static int ssl_validate_ciphersuite( const mbedtls_ssl_ciphersuite_t * suite_inf
     /* Don't suggest PSK-based ciphersuite if no PSK is available. */
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
     if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) &&
-        ssl_conf_has_psk( ssl ) == 0 )
+        ssl_conf_has_psk( ssl->conf ) == 0 )
     {
         return( 1 );
     }
@@ -3037,7 +3054,7 @@ ecdh_calc_secret:
         /*
          * opaque psk_identity<0..2^16-1>;
          */
-        if( ssl_conf_has_psk( ssl ) == 0 )
+        if( ssl_conf_has_psk( ssl->conf ) == 0 )
         {
             /* We don't offer PSK suites if we don't have a PSK,
              * and we check that the server's choice is among the
@@ -3071,6 +3088,12 @@ ecdh_calc_secret:
 #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
         if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK )
         {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+            /* Opaque PSKs are currently only supported for PSK-only suites. */
+            if( ssl_conf_has_raw_psk( ssl->conf ) == 0 )
+                return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
             if( ( ret = ssl_write_encrypted_pms( ssl, i, &n, 2 ) ) != 0 )
                 return( ret );
         }
@@ -3079,6 +3102,12 @@ ecdh_calc_secret:
 #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
         if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK )
         {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+            /* Opaque PSKs are currently only supported for PSK-only suites. */
+            if( ssl_conf_has_raw_psk( ssl->conf ) == 0 )
+                return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
             /*
              * ClientDiffieHellmanPublic public (DHM send G^X mod P)
              */
@@ -3109,6 +3138,12 @@ ecdh_calc_secret:
 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
         if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
         {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+            /* Opaque PSKs are currently only supported for PSK-only suites. */
+            if( ssl_conf_has_raw_psk( ssl->conf ) == 0 )
+                return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
             /*
              * ClientECDiffieHellmanPublic public;
              */

From 1e414e5d1d597c806dbde125a187df9af49a4d36 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 23 Oct 2018 12:10:41 +0100
Subject: [PATCH 721/889] Simplify master secret derivation in
 mbedtls_ssl_derive_keys()

---
 library/ssl_tls.c | 78 +++++++++++++++++++++++++++--------------------
 1 file changed, 45 insertions(+), 33 deletions(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 2150c03d1..4c0d0c17e 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -621,6 +621,10 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
     const mbedtls_cipher_info_t *cipher_info;
     const mbedtls_md_info_t *md_info;
 
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+    unsigned char session_hash[48];
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
+
     mbedtls_ssl_session *session = ssl->session_negotiate;
     mbedtls_ssl_transform *transform = ssl->transform_negotiate;
     mbedtls_ssl_handshake_params *handshake = ssl->handshake;
@@ -700,56 +704,62 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
      * TLSv1+:
      *   master = PRF( premaster, "master secret", randbytes )[0..47]
      */
-    if( handshake->resume == 0 )
+    if( handshake->resume != 0 )
     {
-        MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret", handshake->premaster,
-                       handshake->pmslen );
+        MBEDTLS_SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) );
+    }
+    else
+    {
+        /* The label for the KDF used for key expansion.
+         * This is either "master secret" or "extended master secret"
+         * depending on whether the Extended Master Secret extension
+         * is used. */
+        char const *lbl = "master secret";
+
+        /* The salt for the KDF used for key expansion.
+         * - If the Extended Master Secret extension is not used,
+         *   this is ClientHello.Random + ServerHello.Random
+         *   (see Sect. 8.1 in RFC 5246).
+         * - If the Extended Master Secret extension is used,
+         *   this is the transcript of the handshake so far.
+         *   (see Sect. 4 in RFC 7627). */
+        unsigned char const *salt = handshake->randbytes;
+        size_t salt_len = 64;
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+        const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
+            ssl->transform_negotiate->ciphersuite_info;
+        mbedtls_md_type_t const md_type = ciphersuite_info->mac;
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
 
 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
         if( ssl->handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED )
         {
-            unsigned char session_hash[48];
-            size_t hash_len;
-
             MBEDTLS_SSL_DEBUG_MSG( 3, ( "using extended master secret" ) );
 
+            lbl  = "extended master secret";
+            salt = session_hash;
             ssl->handshake->calc_verify( ssl, session_hash );
-
 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
             if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
             {
 #if defined(MBEDTLS_SHA512_C)
-                if( ssl->transform_negotiate->ciphersuite_info->mac ==
-                    MBEDTLS_MD_SHA384 )
-                {
-                    hash_len = 48;
-                }
+                if( md_type == MBEDTLS_MD_SHA384 )
+                    salt_len = 48;
                 else
-#endif
-                    hash_len = 32;
+#endif /* MBEDTLS_SHA512_C */
+                    salt_len = 32;
             }
             else
 #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-                hash_len = 36;
-
-            MBEDTLS_SSL_DEBUG_BUF( 3, "session hash", session_hash, hash_len );
-
-            ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
-                                      "extended master secret",
-                                      session_hash, hash_len,
-                                      session->master, 48 );
-            if( ret != 0 )
-            {
-                MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret );
-                return( ret );
-            }
+                salt_len = 36;
 
+            MBEDTLS_SSL_DEBUG_BUF( 3, "session hash", session_hash, salt_len );
         }
-        else
-#endif
+#endif /* MBEDTLS_SSL_EXTENDED_MS_ENABLED */
+
         ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
-                                  "master secret",
-                                  handshake->randbytes, 64,
+                                  lbl, salt, salt_len,
                                   session->master, 48 );
         if( ret != 0 )
         {
@@ -757,11 +767,13 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
             return( ret );
         }
 
+        MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret",
+                               handshake->premaster,
+                               handshake->pmslen );
+
         mbedtls_platform_zeroize( handshake->premaster,
                                   sizeof(handshake->premaster) );
     }
-    else
-        MBEDTLS_SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) );
 
     /*
      * Swap the client and server random values.

From b7aaf1e641795be55f9e74d61b5c1d48d0c3f4cd Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 23 Oct 2018 15:26:22 +0100
Subject: [PATCH 722/889] Implement PSA-based PSK-to-MS derivation in
 mbedtls_ssl_derive_keys

---
 library/ssl_tls.c | 93 +++++++++++++++++++++++++++++++++++++++++------
 1 file changed, 82 insertions(+), 11 deletions(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 4c0d0c17e..7e861a5fb 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -607,6 +607,28 @@ static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *, unsigned char *
 #endif
 #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
 
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \
+    defined(MBEDTLS_USE_PSA_CRYPTO)
+static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl )
+{
+    if( ssl->conf->f_psk != NULL )
+    {
+        /* If we've used a callback to select the PSK,
+         * the static configuration is irrelevant. */
+        if( ssl->handshake->psk_opaque != 0 )
+            return( 1 );
+
+        return( 0 );
+    }
+
+    if( ssl->conf->psk_opaque != 0 )
+        return( 1 );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO &&
+          MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+
 int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
 {
     int ret = 0;
@@ -758,21 +780,70 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
         }
 #endif /* MBEDTLS_SSL_EXTENDED_MS_ENABLED */
 
-        ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
-                                  lbl, salt, salt_len,
-                                  session->master, 48 );
-        if( ret != 0 )
+#if defined(MBEDTLS_USE_PSA_CRYPTO) &&          \
+    defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+        if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK &&
+            ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 &&
+            ssl_use_opaque_psk( ssl ) == 1 )
         {
-            MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret );
-            return( ret );
+            /* Perform PSK-to-MS expansion in a single step. */
+            psa_status_t status;
+            psa_algorithm_t alg;
+            psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+            psa_key_slot_t psk;
+
+            MBEDTLS_SSL_DEBUG_MSG( 2, ( "perform PSA-based PSK-to-MS expansion" ) );
+
+            psk = ssl->conf->psk_opaque;
+            if( ssl->handshake->psk_opaque != 0 )
+                psk = ssl->handshake->psk_opaque;
+
+            if( md_type == MBEDTLS_MD_SHA384 )
+                alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384);
+            else
+                alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
+
+            status = psa_key_derivation( &generator, psk, alg,
+                                         salt, salt_len,
+                                         (unsigned char const *) lbl,
+                                         (size_t) strlen( lbl ),
+                                         48 );
+            if( status != PSA_SUCCESS )
+            {
+                psa_generator_abort( &generator );
+                return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+            }
+
+            status = psa_generator_read( &generator, session->master, 48 );
+            if( status != PSA_SUCCESS )
+            {
+                psa_generator_abort( &generator );
+                return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
+            }
+
+            status = psa_generator_abort( &generator );
+            if( status != PSA_SUCCESS )
+                return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
         }
+        else
+#endif
+        {
+            ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
+                                      lbl, salt, salt_len,
+                                      session->master, 48 );
+            if( ret != 0 )
+            {
+                MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret );
+                return( ret );
+            }
 
-        MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret",
-                               handshake->premaster,
-                               handshake->pmslen );
+            MBEDTLS_SSL_DEBUG_BUF( 3, "premaster secret",
+                                   handshake->premaster,
+                                   handshake->pmslen );
 
-        mbedtls_platform_zeroize( handshake->premaster,
-                                  sizeof(handshake->premaster) );
+            mbedtls_platform_zeroize( handshake->premaster,
+                                      sizeof(handshake->premaster) );
+        }
     }
 
     /*

From 21e98b411483008af877d2e85f20ee4d8bcb8393 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 23 Oct 2018 15:26:40 +0100
Subject: [PATCH 723/889] Skip PMS generation on client if opaque PSK is used

For opaque PSKs, the PSK-to-MS expansion is performed atomatically
on the PSA-side.
---
 library/ssl_cli.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 90cafebe8..3f91d4f5b 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -3165,6 +3165,17 @@ ecdh_calc_secret:
             return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
         }
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO) &&          \
+    defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
+        if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK &&
+            ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 &&
+            ssl_conf_has_raw_psk( ssl->conf ) == 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "skip PMS generation for opaque PSK" ) );
+        }
+        else
+#endif /* MBEDTLS_USE_PSA_CRYPTO &&
+          MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
         if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
                         ciphersuite_info->key_exchange ) ) != 0 )
         {

From f5e56299eafcc0d518e695331f6fe47099c2e2ce Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 23 Oct 2018 15:27:39 +0100
Subject: [PATCH 724/889] Add tests to ssl-opt.sh exercising client-side opaque
 PSK

---
 tests/ssl-opt.sh | 56 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 56 insertions(+)

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index ce9aee28a..41fbf7c28 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -3830,6 +3830,62 @@ run_test    "PSK callback: psk, no callback" \
             -S "SSL - Unknown identity received" \
             -S "SSL - Verification of the message MAC failed"
 
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "PSK callback: opaque psk on client, no callback" \
+            "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
+            "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            psk_identity=foo psk=abc123 psk_slot=1" \
+            0 \
+            -c "skip PMS generation for opaque PSK"\
+            -S "skip PMS generation for opaque PSK"\
+            -C "using extended master secret"\
+            -S "using extended master secret"\
+            -S "SSL - None of the common ciphersuites is usable" \
+            -S "SSL - Unknown identity received" \
+            -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "PSK callback: opaque psk on client, no callback, SHA-384" \
+            "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
+            "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+            psk_identity=foo psk=abc123 psk_slot=1" \
+            0 \
+            -c "skip PMS generation for opaque PSK"\
+            -S "skip PMS generation for opaque PSK"\
+            -C "using extended master secret"\
+            -S "using extended master secret"\
+            -S "SSL - None of the common ciphersuites is usable" \
+            -S "SSL - Unknown identity received" \
+            -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "PSK callback: opaque psk on client, no callback, EMS" \
+            "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
+            "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            psk_identity=foo psk=abc123 psk_slot=1" \
+            0 \
+            -c "skip PMS generation for opaque PSK"\
+            -S "skip PMS generation for opaque PSK"\
+            -c "using extended master secret"\
+            -s "using extended master secret"\
+            -S "SSL - None of the common ciphersuites is usable" \
+            -S "SSL - Unknown identity received" \
+            -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \
+            "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
+            "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+            psk_identity=foo psk=abc123 psk_slot=1" \
+            0 \
+            -c "skip PMS generation for opaque PSK"\
+            -S "skip PMS generation for opaque PSK"\
+            -c "using extended master secret"\
+            -s "using extended master secret"\
+            -S "SSL - None of the common ciphersuites is usable" \
+            -S "SSL - Unknown identity received" \
+            -S "SSL - Verification of the message MAC failed"
+
 run_test    "PSK callback: no psk, no callback" \
             "$P_SRV" \
             "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \

From ef29b2c3c9f04c52590fbc7ff84ae4eeb51f8b73 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 26 Oct 2018 11:28:08 +0100
Subject: [PATCH 725/889] Add support for opaque PSKs to ssl_server2 example
 application

This commit adds command line parameters `psk_slot` and `psk_list_slot`
to the example application `programs/ssl/ssl_server2`. These have the
following semantics:

- `psk_slot`: The same semantics as for the `ssl_client2` example
   application. That is, if a PSK is configured through the use
   of the command line parameters `psk` and `psk_identity`, then
   `psk_slot=X` can be used to import the PSK into PSA key slot X
   and registering it statically with the SSL configuration through
   the new API call mbedtls_ssl_conf_hs_opaque().
- `psk_list_slot`: In addition to the static PSK registered in the
   the SSL configuration, servers can register a callback for picking
   the PSK corresponding to the PSK identity that the client chose.
   The `ssl_server2` example application uses such a callback to select
   the PSK from a list of PSKs + Identities provided through the
   command line parameter `psk_list`, and to register the selected
   PSK via `mbedtls_ssl_set_hs_psk()`. In this case, the new parameter
   `psk_list_slot=X` has the effect of registering all PSKs provided in
   in `psk_list` as PSA keys in the key slots starting from slot `X`,
   and having the PSK selection callback register the chosen PSK
   through the new API function `mbedtls_ssl_set_hs_psk_opaque()`.
---
 programs/ssl/ssl_server2.c | 201 +++++++++++++++++++++++++++++++++++--
 1 file changed, 195 insertions(+), 6 deletions(-)

diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 1c6ccaef1..1169763d7 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -123,6 +123,8 @@ int main( void )
 #define DFL_ASYNC_PRIVATE_DELAY2 ( -1 )
 #define DFL_ASYNC_PRIVATE_ERROR  ( 0 )
 #define DFL_PSK                 ""
+#define DFL_PSK_SLOT            0
+#define DFL_PSK_LIST_SLOT       0
 #define DFL_PSK_IDENTITY        "Client_identity"
 #define DFL_ECJPAKE_PW          NULL
 #define DFL_PSK_LIST            NULL
@@ -224,9 +226,38 @@ int main( void )
 #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
 
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
-#define USAGE_PSK                                                   \
+#define USAGE_PSK_RAW                                               \
     "    psk=%%s              default: \"\" (in hex, without 0x)\n" \
-    "    psk_identity=%%s     default: \"Client_identity\"\n"
+    "    psk_identity=%%s     default: \"Client_identity\"\n"       \
+    "    psk_list=%%s         default: \"\"\n"                          \
+    "                          A list of (PSK identity, PSK value) pairs in (hex format, without 0x)\n" \
+    "                          id1,psk1[,id2,psk2[,...]]\n"
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#define USAGE_PSK_SLOT                          \
+    "    psk_slot=%%d         default: 0 (don't use key slots)\n"     \
+    "                          An empty key slot identifier to be used to hold the static PSK\n" \
+    "                          configured through the psk parameter.\n"\
+    "                          Note: Currently only supported in conjunction with\n"                  \
+    "                          the use of min_version to force TLS 1.2 and force_ciphersuite \n"      \
+    "                          to force a particular PSK-only ciphersuite.\n"                         \
+    "                          Note: This is to test integration of PSA-based opaque PSKs with\n"     \
+    "                          Mbed TLS only. Production systems are likely to configure Mbed TLS\n"  \
+    "                          with prepopulated key slots instead of importing raw key material.\n" \
+    "    psk_list_slot=%%d    default: 0 (don't use key slots)\n"     \
+    "                          The base of a consecutive list of empty key slot identifiers to be used\n" \
+    "                          to hold the dynamic PSKs configured through the psk_list parameter;\n" \
+    "                          for example, if you specify a list of 3 dynamic PSKs through the psk_list\n"\
+    "                          parameter, then the slots psk_slot, .., psk_slot+3 must be empty.\n" \
+    "                          Note: Currently only supported in conjunction with\n" \
+    "                          the use of min_version to force TLS 1.2 and force_ciphersuite \n" \
+    "                          to force a particular PSK-only ciphersuite.\n" \
+    "                          Note: This is to test integration of PSA-based opaque PSKs with\n" \
+    "                          Mbed TLS only. Production systems are likely to configure Mbed TLS\n" \
+    "                          with prepopulated key slots instead of importing raw key material.\n"
+#else
+#define USAGE_PSK_SLOT ""
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#define USAGE_PSK USAGE_PSK_RAW USAGE_PSK_SLOT
 #else
 #define USAGE_PSK ""
 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
@@ -453,6 +484,10 @@ struct options
     int async_private_delay1;   /* number of times f_async_resume needs to be called for key 1, or -1 for no async */
     int async_private_delay2;   /* number of times f_async_resume needs to be called for key 2, or -1 for no async */
     int async_private_error;    /* inject error in async private callback */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    int psk_slot;
+    int psk_list_slot;
+#endif
     const char *psk;            /* the pre-shared key                       */
     const char *psk_identity;   /* the pre-shared key identity              */
     char *psk_list;             /* list of PSK id/key pairs for callback    */
@@ -771,6 +806,9 @@ struct _psk_entry
     const char *name;
     size_t key_len;
     unsigned char key[MBEDTLS_PSK_MAX_LEN];
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_key_slot_t slot;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
     psk_entry *next;
 };
 
@@ -819,6 +857,11 @@ psk_entry *psk_parse( char *psk_string )
         if( unhexify( new->key, key_hex, &new->key_len ) != 0 )
             goto error;
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        if( opt.psk_list_slot != 0 )
+            new->slot = opt.psk_list_slot++;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
         new->next = cur;
         cur = new;
     }
@@ -844,6 +887,11 @@ int psk_callback( void *p_info, mbedtls_ssl_context *ssl,
         if( name_len == strlen( cur->name ) &&
             memcmp( name, cur->name, name_len ) == 0 )
         {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+            if( cur->slot != 0 )
+                return( mbedtls_ssl_set_hs_psk_opaque( ssl, cur->slot ) );
+            else
+#endif
             return( mbedtls_ssl_set_hs_psk( ssl, cur->key, cur->key_len ) );
         }
 
@@ -1174,12 +1222,39 @@ int idle( mbedtls_net_context *fd,
     return( 0 );
 }
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+static psa_status_t psa_setup_psk_key_slot( psa_key_slot_t slot,
+                                            psa_algorithm_t alg,
+                                            unsigned char *psk,
+                                            size_t psk_len )
+{
+    psa_status_t status;
+    psa_key_policy_t policy;
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
+
+    status = psa_set_key_policy( slot, &policy );
+    if( status != PSA_SUCCESS )
+        return( status );
+
+    status = psa_import_key( slot, PSA_KEY_TYPE_DERIVE, psk, psk_len );
+    if( status != PSA_SUCCESS )
+        return( status );
+
+    return( PSA_SUCCESS );
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 int main( int argc, char *argv[] )
 {
     int ret = 0, len, written, frags, exchanges_left;
     int version_suites[4][2];
     unsigned char* buf = 0;
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_algorithm_t alg = 0;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
     unsigned char psk[MBEDTLS_PSK_MAX_LEN];
     size_t psk_len = 0;
     psk_entry *psk_info = NULL;
@@ -1342,6 +1417,10 @@ int main( int argc, char *argv[] )
     opt.async_private_delay2 = DFL_ASYNC_PRIVATE_DELAY2;
     opt.async_private_error = DFL_ASYNC_PRIVATE_ERROR;
     opt.psk                 = DFL_PSK;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    opt.psk_slot            = DFL_PSK_SLOT;
+    opt.psk_list_slot       = DFL_PSK_LIST_SLOT;
+#endif
     opt.psk_identity        = DFL_PSK_IDENTITY;
     opt.psk_list            = DFL_PSK_LIST;
     opt.ecjpake_pw          = DFL_ECJPAKE_PW;
@@ -1470,6 +1549,12 @@ int main( int argc, char *argv[] )
 #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
         else if( strcmp( p, "psk" ) == 0 )
             opt.psk = q;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        else if( strcmp( p, "psk_slot" ) == 0 )
+            opt.psk_slot = atoi( q );
+        else if( strcmp( p, "psk_list_slot" ) == 0 )
+            opt.psk_list_slot = atoi( q );
+#endif
         else if( strcmp( p, "psk_identity" ) == 0 )
             opt.psk_identity = q;
         else if( strcmp( p, "psk_list" ) == 0 )
@@ -1779,6 +1864,42 @@ int main( int argc, char *argv[] )
         goto exit;
     }
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( opt.psk_slot != 0 )
+    {
+        if( strlen( opt.psk ) == 0 )
+        {
+            mbedtls_printf( "psk_slot set but no psk to be imported specified.\n" );
+            ret = 2;
+            goto usage;
+        }
+
+        if( opt.force_ciphersuite[0] <= 0 )
+        {
+            mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
+            ret = 2;
+            goto usage;
+        }
+    }
+
+    if( opt.psk_list_slot != 0 )
+    {
+        if( opt.psk_list == NULL )
+        {
+            mbedtls_printf( "psk_slot set but no psk to be imported specified.\n" );
+            ret = 2;
+            goto usage;
+        }
+
+        if( opt.force_ciphersuite[0] <= 0 )
+        {
+            mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
+            ret = 2;
+            goto usage;
+        }
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
     if( opt.force_ciphersuite[0] > 0 )
     {
         const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
@@ -1828,6 +1949,30 @@ int main( int argc, char *argv[] )
 
             opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED;
         }
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        if( opt.psk_slot != 0 || opt.psk_list_slot != 0 )
+        {
+            /* Ensure that the chosen ciphersuite is PSK-only; we must know
+             * the ciphersuite in advance to set the correct policy for the
+             * PSK key slot. This limitation might go away in the future. */
+            if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK ||
+                opt.min_version != MBEDTLS_SSL_MINOR_VERSION_3 )
+            {
+                mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
+                ret = 2;
+                goto usage;
+            }
+
+            /* Determine KDF algorithm the opaque PSK will be used in. */
+#if defined(MBEDTLS_SHA512_C)
+            if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
+                alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384);
+            else
+#endif /* MBEDTLS_SHA512_C */
+                alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
+        }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
     }
 
     if( opt.version_suites != NULL )
@@ -2501,12 +2646,35 @@ int main( int argc, char *argv[] )
 #endif
 
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+
     if( strlen( opt.psk ) != 0 && strlen( opt.psk_identity ) != 0 )
     {
-        ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len,
-                           (const unsigned char *) opt.psk_identity,
-                           strlen( opt.psk_identity ) );
-        if( ret != 0 )
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        if( opt.psk_slot != 0 )
+        {
+            /* The algorithm has already been determined earlier. */
+            status = psa_setup_psk_key_slot( opt.psk_slot, alg,
+                                             psk, psk_len );
+            if( status != PSA_SUCCESS )
+            {
+                ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+                goto exit;
+            }
+
+            if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, opt.psk_slot,
+                                                     (const unsigned char *) opt.psk_identity,
+                                                     strlen( opt.psk_identity ) ) ) != 0 )
+            {
+                mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_psk_opaque returned %d\n\n",
+                                ret );
+                goto exit;
+            }
+        }
+        else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+        if( ( ret = mbedtls_ssl_conf_psk( &conf, psk, psk_len,
+                                     (const unsigned char *) opt.psk_identity,
+                                     strlen( opt.psk_identity ) ) ) != 0 )
         {
             mbedtls_printf( "  failed\n  mbedtls_ssl_conf_psk returned -0x%04X\n\n", - ret );
             goto exit;
@@ -2514,7 +2682,28 @@ int main( int argc, char *argv[] )
     }
 
     if( opt.psk_list != NULL )
+    {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        if( opt.psk_list_slot != 0 )
+        {
+            psk_entry *cur_psk;
+            for( cur_psk = psk_info; cur_psk != NULL; cur_psk = cur_psk->next )
+            {
+                fprintf( stderr, "REGISTER KEY SLOT %d\n", (int) cur_psk->slot );
+                status = psa_setup_psk_key_slot( cur_psk->slot, alg,
+                                                 cur_psk->key,
+                                                 cur_psk->key_len );
+                if( status != PSA_SUCCESS )
+                {
+                    fprintf( stderr, "REGISTER KEY SLOT\n" );
+                    ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+                    goto exit;
+                }
+            }
+        }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
         mbedtls_ssl_conf_psk_cb( &conf, psk_callback, psk_info );
+    }
 #endif
 
 #if defined(MBEDTLS_DHM_C)

From 8bb28b947026d7d785b50d2a7ddb5223250ee491 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 26 Oct 2018 11:38:07 +0100
Subject: [PATCH 726/889] Rename ssl_conf_has_[raw_]_psk to
 ssl_conf_has_static_[raw_]psk

This is to differentiate the function from the functions relevant
on the server-side, which also need to take into the PSK callback.
---
 library/ssl_cli.c | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 3f91d4f5b..cd25dca91 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -52,7 +52,7 @@
 #endif
 
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
-static int ssl_conf_has_psk( mbedtls_ssl_config const *conf )
+static int ssl_conf_has_static_psk( mbedtls_ssl_config const *conf )
 {
     if( conf->psk_identity     == NULL ||
         conf->psk_identity_len == 0     )
@@ -72,7 +72,7 @@ static int ssl_conf_has_psk( mbedtls_ssl_config const *conf )
 }
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-static int ssl_conf_has_raw_psk( mbedtls_ssl_config const *conf )
+static int ssl_conf_has_static_raw_psk( mbedtls_ssl_config const *conf )
 {
     if( conf->psk_identity     == NULL ||
         conf->psk_identity_len == 0     )
@@ -795,7 +795,7 @@ static int ssl_validate_ciphersuite( const mbedtls_ssl_ciphersuite_t * suite_inf
     /* Don't suggest PSK-based ciphersuite if no PSK is available. */
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
     if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) &&
-        ssl_conf_has_psk( ssl->conf ) == 0 )
+        ssl_conf_has_static_psk( ssl->conf ) == 0 )
     {
         return( 1 );
     }
@@ -3054,7 +3054,7 @@ ecdh_calc_secret:
         /*
          * opaque psk_identity<0..2^16-1>;
          */
-        if( ssl_conf_has_psk( ssl->conf ) == 0 )
+        if( ssl_conf_has_static_psk( ssl->conf ) == 0 )
         {
             /* We don't offer PSK suites if we don't have a PSK,
              * and we check that the server's choice is among the
@@ -3090,7 +3090,7 @@ ecdh_calc_secret:
         {
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
             /* Opaque PSKs are currently only supported for PSK-only suites. */
-            if( ssl_conf_has_raw_psk( ssl->conf ) == 0 )
+            if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 )
                 return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
@@ -3104,7 +3104,7 @@ ecdh_calc_secret:
         {
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
             /* Opaque PSKs are currently only supported for PSK-only suites. */
-            if( ssl_conf_has_raw_psk( ssl->conf ) == 0 )
+            if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 )
                 return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
@@ -3140,7 +3140,7 @@ ecdh_calc_secret:
         {
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
             /* Opaque PSKs are currently only supported for PSK-only suites. */
-            if( ssl_conf_has_raw_psk( ssl->conf ) == 0 )
+            if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 )
                 return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
@@ -3169,7 +3169,7 @@ ecdh_calc_secret:
     defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
         if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK &&
             ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 &&
-            ssl_conf_has_raw_psk( ssl->conf ) == 0 )
+            ssl_conf_has_static_raw_psk( ssl->conf ) == 0 )
         {
             MBEDTLS_SSL_DEBUG_MSG( 1, ( "skip PMS generation for opaque PSK" ) );
         }

From 4855c2d4c2049ffde03140b468a4949a1c1ee1ba Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 26 Oct 2018 12:07:29 +0100
Subject: [PATCH 727/889] Add server-support for opaque PSKs

---
 library/ssl_srv.c | 75 +++++++++++++++++++++++++++++++++++++++++++----
 1 file changed, 69 insertions(+), 6 deletions(-)

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 36ca0d69f..54cce0ad6 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -149,6 +149,48 @@ static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl,
 }
 #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
 
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
+static int ssl_conf_has_psk_or_cb( mbedtls_ssl_config const *conf )
+{
+    if( conf->f_psk != NULL )
+        return( 1 );
+
+    if( conf->psk_identity_len == 0 || conf->psk_identity == NULL )
+        return( 0 );
+
+    if( conf->psk != NULL && conf->psk_len != 0 )
+        return( 1 );
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( conf->psk_opaque != 0 )
+        return( 1 );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
+    return( 0 );
+}
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl )
+{
+    if( ssl->conf->f_psk != NULL )
+    {
+        /* If we've used a callback to select the PSK,
+         * the static configuration is irrelevant. */
+
+        if( ssl->handshake->psk_opaque != 0 )
+            return( 1 );
+
+        return( 0 );
+    }
+
+    if( ssl->conf->psk_opaque != 0 )
+        return( 1 );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
+
 static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl,
                                          const unsigned char *buf,
                                          size_t len )
@@ -867,9 +909,7 @@ static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id,
     /* If the ciphersuite requires a pre-shared key and we don't
      * have one, skip it now rather than failing later */
     if( mbedtls_ssl_ciphersuite_uses_psk( suite_info ) &&
-        ssl->conf->f_psk == NULL &&
-        ( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL ||
-          ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 ) )
+        ssl_conf_has_psk_or_cb( ssl->conf ) == 0 )
     {
         MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: no pre-shared key" ) );
         return( 0 );
@@ -3648,9 +3688,7 @@ static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned cha
     int ret = 0;
     size_t n;
 
-    if( ssl->conf->f_psk == NULL &&
-        ( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL ||
-          ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 ) )
+    if( ssl_conf_has_psk_or_cb( ssl->conf ) == 0 )
     {
         MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no pre-shared key" ) );
         return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED );
@@ -3828,6 +3866,13 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
             return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
         }
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        /* For opaque PSKs, we perform the PSK-to-MS derivation atomatically
+         * and skip the intermediate PMS. */
+        if( ssl_use_opaque_psk( ssl ) )
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "skip PMS generation for opaque PSK" ) );
+        else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
         if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
                         ciphersuite_info->key_exchange ) ) != 0 )
         {
@@ -3859,6 +3904,12 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
             return( ret );
         }
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        /* Opaque PSKs are currently only supported for PSK-only. */
+        if( ssl_use_opaque_psk( ssl ) == 1 )
+            return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+#endif
+
         if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 2 ) ) != 0 )
         {
             MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_encrypted_pms" ), ret );
@@ -3888,6 +3939,12 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
             return( ret );
         }
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        /* Opaque PSKs are currently only supported for PSK-only. */
+        if( ssl_use_opaque_psk( ssl ) == 1 )
+            return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+#endif
+
         if( p != end )
         {
             MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) );
@@ -3919,6 +3976,12 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
             return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP );
         }
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        /* Opaque PSKs are currently only supported for PSK-only. */
+        if( ssl_use_opaque_psk( ssl ) == 1 )
+            return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+#endif
+
         MBEDTLS_SSL_DEBUG_ECP( 3, "ECDH: Qp ", &ssl->handshake->ecdh_ctx.Qp );
 
         if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,

From 5a1d6da8f8c70e2c4f2bd0b9a591cd0070a7caf2 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 26 Oct 2018 13:15:08 +0100
Subject: [PATCH 728/889] Add tests to ssl-opt.sh exercising server-side opaque
 PSK

---
 tests/ssl-opt.sh | 178 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 178 insertions(+)

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 41fbf7c28..45b2e207f 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -3886,6 +3886,184 @@ run_test    "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \
             -S "SSL - Unknown identity received" \
             -S "SSL - Verification of the message MAC failed"
 
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "PSK callback: raw psk on client, static opaque on server, no callback" \
+            "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_slot=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            psk_identity=foo psk=abc123" \
+            0 \
+            -C "skip PMS generation for opaque PSK"\
+            -s "skip PMS generation for opaque PSK"\
+            -C "using extended master secret"\
+            -S "using extended master secret"\
+            -S "SSL - None of the common ciphersuites is usable" \
+            -S "SSL - Unknown identity received" \
+            -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "PSK callback: raw psk on client, static opaque on server, no callback, SHA-384" \
+            "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_slot=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
+            "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+            psk_identity=foo psk=abc123" \
+            0 \
+            -C "skip PMS generation for opaque PSK"\
+            -s "skip PMS generation for opaque PSK"\
+            -C "using extended master secret"\
+            -S "using extended master secret"\
+            -S "SSL - None of the common ciphersuites is usable" \
+            -S "SSL - Unknown identity received" \
+            -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "PSK callback: raw psk on client, static opaque on server, no callback, EMS" \
+            "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_slot=1 min_version=tls1_2 \
+            force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
+            "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            psk_identity=foo psk=abc123 extended_ms=1" \
+            0 \
+            -c "using extended master secret"\
+            -s "using extended master secret"\
+            -C "skip PMS generation for opaque PSK"\
+            -s "skip PMS generation for opaque PSK"\
+            -S "SSL - None of the common ciphersuites is usable" \
+            -S "SSL - Unknown identity received" \
+            -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "PSK callback: raw psk on client, static opaque on server, no callback, EMS, SHA384" \
+            "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_slot=1 min_version=tls1_2 \
+            force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
+            "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+            psk_identity=foo psk=abc123 extended_ms=1" \
+            0 \
+            -c "using extended master secret"\
+            -s "using extended master secret"\
+            -C "skip PMS generation for opaque PSK"\
+            -s "skip PMS generation for opaque PSK"\
+            -S "SSL - None of the common ciphersuites is usable" \
+            -S "SSL - Unknown identity received" \
+            -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback" \
+            "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            psk_identity=def psk=beef" \
+            0 \
+            -C "skip PMS generation for opaque PSK"\
+            -s "skip PMS generation for opaque PSK"\
+            -C "using extended master secret"\
+            -S "using extended master secret"\
+            -S "SSL - None of the common ciphersuites is usable" \
+            -S "SSL - Unknown identity received" \
+            -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, SHA-384" \
+            "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
+            "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+            psk_identity=def psk=beef" \
+            0 \
+            -C "skip PMS generation for opaque PSK"\
+            -s "skip PMS generation for opaque PSK"\
+            -C "using extended master secret"\
+            -S "using extended master secret"\
+            -S "SSL - None of the common ciphersuites is usable" \
+            -S "SSL - Unknown identity received" \
+            -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS" \
+            "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=1 min_version=tls1_2 \
+            force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
+            "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            psk_identity=abc psk=dead extended_ms=1" \
+            0 \
+            -c "using extended master secret"\
+            -s "using extended master secret"\
+            -C "skip PMS generation for opaque PSK"\
+            -s "skip PMS generation for opaque PSK"\
+            -S "SSL - None of the common ciphersuites is usable" \
+            -S "SSL - Unknown identity received" \
+            -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS, SHA384" \
+            "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=1 min_version=tls1_2 \
+            force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
+            "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
+            psk_identity=abc psk=dead extended_ms=1" \
+            0 \
+            -c "using extended master secret"\
+            -s "using extended master secret"\
+            -C "skip PMS generation for opaque PSK"\
+            -s "skip PMS generation for opaque PSK"\
+            -S "SSL - None of the common ciphersuites is usable" \
+            -S "SSL - Unknown identity received" \
+            -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "PSK callback: raw psk on client, mismatching static raw PSK on server, opaque PSK from callback" \
+            "$P_SRV extended_ms=0 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            psk_identity=def psk=beef" \
+            0 \
+            -C "skip PMS generation for opaque PSK"\
+            -s "skip PMS generation for opaque PSK"\
+            -C "using extended master secret"\
+            -S "using extended master secret"\
+            -S "SSL - None of the common ciphersuites is usable" \
+            -S "SSL - Unknown identity received" \
+            -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "PSK callback: raw psk on client, mismatching static opaque PSK on server, opaque PSK from callback" \
+            "$P_SRV extended_ms=0 psk_slot=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=2 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            psk_identity=def psk=beef" \
+            0 \
+            -C "skip PMS generation for opaque PSK"\
+            -s "skip PMS generation for opaque PSK"\
+            -C "using extended master secret"\
+            -S "using extended master secret"\
+            -S "SSL - None of the common ciphersuites is usable" \
+            -S "SSL - Unknown identity received" \
+            -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "PSK callback: raw psk on client, mismatching static opaque PSK on server, raw PSK from callback" \
+            "$P_SRV extended_ms=0 psk_slot=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            psk_identity=def psk=beef" \
+            0 \
+            -C "skip PMS generation for opaque PSK"\
+            -C "using extended master secret"\
+            -S "using extended master secret"\
+            -S "SSL - None of the common ciphersuites is usable" \
+            -S "SSL - Unknown identity received" \
+            -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "PSK callback: raw psk on client, id-matching but wrong raw PSK on server, opaque PSK from callback" \
+            "$P_SRV extended_ms=0 psk_slot=1 psk_identity=def psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            psk_identity=def psk=beef" \
+            0 \
+            -C "skip PMS generation for opaque PSK"\
+            -C "using extended master secret"\
+            -S "using extended master secret"\
+            -S "SSL - None of the common ciphersuites is usable" \
+            -S "SSL - Unknown identity received" \
+            -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+run_test    "PSK callback: raw psk on client, matching opaque PSK on server, wrong opaque PSK from callback" \
+            "$P_SRV extended_ms=0 psk_slot=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,abc123 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
+            psk_identity=def psk=beef" \
+            1 \
+            -s "SSL - Verification of the message MAC failed"
+
 run_test    "PSK callback: no psk, no callback" \
             "$P_SRV" \
             "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \

From 3d4261bb218ad45f2986e9484feec3384e07ac02 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 5 Nov 2018 12:44:15 +0000
Subject: [PATCH 729/889] Fix typo in documentation of
 mbedtls_ssl_conf_opaque_psk()

---
 include/mbedtls/ssl.h | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 171803f75..678660659 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -2128,10 +2128,10 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
  * \param conf     The SSL configuration to register the PSK with.
  * \param psk      The identifier of the key slot holding the PSK.
  *                 Until \p conf is destroyed or this function is successfully
- *                 again, the key slot \p psk must be populated with a key of
- *                 type #PSA_ALG_CATEGORY_KEY_DERIVATION whose policy allows
- *                 its use for the key derivation algorithm applied in the
- *                 handshake.
+ *                 called again, the key slot \p psk must be populated with a
+ *                 key of type #PSA_ALG_CATEGORY_KEY_DERIVATION whose policy
+ *                 allows its use for the key derivation algorithm applied
+ *                 in the handshake.
  * \param psk_identity      The pointer to the pre-shared key identity.
  * \param psk_identity_len  The length of the pre-shared key identity
  *                          in bytes.

From 5916c99cc323c675370050cb6f3ebbd62f54da91 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 5 Nov 2018 12:44:27 +0000
Subject: [PATCH 730/889] Don't use idiom `if( func() )` but always add
 explicit value check

---
 library/ssl_srv.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 54cce0ad6..4d99f884d 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -3869,7 +3869,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
         /* For opaque PSKs, we perform the PSK-to-MS derivation atomatically
          * and skip the intermediate PMS. */
-        if( ssl_use_opaque_psk( ssl ) )
+        if( ssl_use_opaque_psk( ssl ) == 1 )
             MBEDTLS_SSL_DEBUG_MSG( 1, ( "skip PMS generation for opaque PSK" ) );
         else
 #endif /* MBEDTLS_USE_PSA_CRYPTO */

From 4d057f61a77f536ab16d26c893523b2406fe7261 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 5 Nov 2018 12:45:16 +0000
Subject: [PATCH 731/889] Don't use 48 as a magic number in ssl_derive_keys()

In multiple places, it occurrs as the fixed length of
the master secret, so use a constant with a descriptive
name instead. This is reinforced by the fact the some
further occurrences of '48' are semantically different.
---
 library/ssl_tls.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 7e861a5fb..8f3d203de 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -643,6 +643,10 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
     const mbedtls_cipher_info_t *cipher_info;
     const mbedtls_md_info_t *md_info;
 
+    /* cf. RFC 5246, Section 8.1:
+     * "The master secret is always exactly 48 bytes in length." */
+    size_t const master_secret_len = 48;
+
 #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
     unsigned char session_hash[48];
 #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
@@ -807,14 +811,15 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
                                          salt, salt_len,
                                          (unsigned char const *) lbl,
                                          (size_t) strlen( lbl ),
-                                         48 );
+                                         master_secret_len );
             if( status != PSA_SUCCESS )
             {
                 psa_generator_abort( &generator );
                 return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
             }
 
-            status = psa_generator_read( &generator, session->master, 48 );
+            status = psa_generator_read( &generator, session->master,
+                                         master_secret_len );
             if( status != PSA_SUCCESS )
             {
                 psa_generator_abort( &generator );
@@ -830,7 +835,8 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
         {
             ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
                                       lbl, salt, salt_len,
-                                      session->master, 48 );
+                                      session->master,
+                                      master_secret_len );
             if( ret != 0 )
             {
                 MBEDTLS_SSL_DEBUG_RET( 1, "prf", ret );

From bffefae305adfe899984c558111cd02b8cfdb31d Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 5 Nov 2018 12:47:16 +0000
Subject: [PATCH 732/889] Safe-guard `ssl_conf_remove_psk()` for simultaneous
 raw-opaque PSKs

The code maintains the invariant that raw and opaque PSKs are never
configured simultaneously, so strictly speaking `ssl_conf_remove_psk()`
need not consider clearing the raw PSK if it has already cleared an
opaque one - and previously, it didn't. However, it doesn't come at
any cost to keep this check as a safe-guard to future unforeseen
situations where opaque and raw PSKs _are_ both present.
---
 library/ssl_tls.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 8f3d203de..6fa2e3a76 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -7426,7 +7426,11 @@ static void ssl_conf_remove_psk( mbedtls_ssl_config *conf )
          * user's responsibility. */
         conf->psk_opaque = 0;
     }
-    else
+    /* This and the following branch should never
+     * be taken simultaenously as we maintain the
+     * invariant that raw and opaque PSKs are never
+     * configured simultaneously. As a safeguard,
+     * though, `else` is omitted here. */
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
     if( conf->psk != NULL )
     {

From 39eb4274bbe2182d865d58ca90b8297eb060f146 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 5 Nov 2018 12:52:42 +0000
Subject: [PATCH 733/889] Remove overly long line in ssl_client2.c

---
 programs/ssl/ssl_client2.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 51a0c3f5b..598ec43fe 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -1582,7 +1582,7 @@ int main( int argc, char *argv[] )
 
         if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, slot,
                                   (const unsigned char *) opt.psk_identity,
-                                                 strlen( opt.psk_identity ) ) ) != 0 )
+                                  strlen( opt.psk_identity ) ) ) != 0 )
         {
             mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_psk_opaque returned %d\n\n",
                             ret );

From 923cd655e02560be7ddd7fb3ff5723b759c73c26 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 5 Nov 2018 13:25:17 +0000
Subject: [PATCH 734/889] Destroy PSA-based temporary opaque PSK key at the end
 of ssl_client2

---
 programs/ssl/ssl_client2.c | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 598ec43fe..61dd50ebf 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -2230,6 +2230,26 @@ exit:
     mbedtls_ctr_drbg_free( &ctr_drbg );
     mbedtls_entropy_free( &entropy );
 
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \
+    defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( opt.psk_slot != 0 )
+    {
+        /* This is ok even if the slot hasn't been
+         * initialized (we might have jumed here
+         * immediately because of bad cmd line params,
+         * for example). */
+        status = psa_destroy_key( opt.psk_slot );
+        if( status != PSA_SUCCESS )
+        {
+            mbedtls_printf( "Failed to destroy key slot %u - error was %d",
+                            (unsigned) opt.psk_slot, (int) status );
+            if( ret == 0 )
+                ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+        }
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED &&
+          MBEDTLS_USE_PSA_CRYPTO */
+
 #if defined(_WIN32)
     mbedtls_printf( "  + Press Enter to exit this program.\n" );
     fflush( stdout ); getchar();

From 01612e28867f60a67a6ed08ba61c898d03e95e4b Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 5 Nov 2018 13:48:43 +0000
Subject: [PATCH 735/889] Destroy PSA-based temporary opaque PSKs at the end of
 ssl_server2

---
 programs/ssl/ssl_server2.c | 37 +++++++++++++++++++++++++++++++++++--
 1 file changed, 35 insertions(+), 2 deletions(-)

diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 1169763d7..f4b737faf 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -815,16 +815,30 @@ struct _psk_entry
 /*
  * Free a list of psk_entry's
  */
-void psk_free( psk_entry *head )
+int psk_free( psk_entry *head )
 {
     psk_entry *next;
 
     while( head != NULL )
     {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+        psa_status_t status;
+        psa_key_slot_t const slot = head->slot;
+
+        if( slot != 0 )
+        {
+            status = psa_destroy_key( slot );
+            if( status != PSA_SUCCESS )
+                return( status );
+        }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
         next = head->next;
         mbedtls_free( head );
         head = next;
     }
+
+    return( 0 );
 }
 
 /*
@@ -3332,12 +3346,31 @@ exit:
     sni_free( sni_info );
 #endif
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
-    psk_free( psk_info );
+    if( ( ret = psk_free( psk_info ) ) != 0 )
+        mbedtls_printf( "Failed to list of opaque PSKs - error was %d\n", ret );
 #endif
 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
     mbedtls_dhm_free( &dhm );
 #endif
 
+#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \
+    defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( opt.psk_slot != 0 )
+    {
+        /* This is ok even if the slot hasn't been
+         * initialized (we might have jumed here
+         * immediately because of bad cmd line params,
+         * for example). */
+        status = psa_destroy_key( opt.psk_slot );
+        if( status != PSA_SUCCESS )
+        {
+            mbedtls_printf( "Failed to destroy key slot %u - error was %d",
+                            (unsigned) opt.psk_slot, (int) status );
+        }
+    }
+#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED &&
+          MBEDTLS_USE_PSA_CRYPTO */
+
     mbedtls_ssl_free( &ssl );
     mbedtls_ssl_config_free( &conf );
     mbedtls_ctr_drbg_free( &ctr_drbg );

From a6f1d18afe621cfed0694249e226fd365fcf36f9 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 15 Nov 2018 13:06:09 +0000
Subject: [PATCH 736/889] Automatically allocate opaque PSK key slots in
 ssl_{client/server}2

Previously, command line arguments `psk_slot` and `psk_list_slot`
could be used to indicate the PSA key slots that the example
applications should use to store the PSK(s) provided.

This commit changes this approach to use the utility function
`mbedtls_psa_get_free_key_slot()` to obtain free key slots from
the PSA Crypto implementation automatically, so that users only
need to pass boolean flags `psk_opaque` and `psk_list_opaque`
on the command line to enable / disable PSA-based opaque PSKs.
---
 programs/ssl/ssl_client2.c | 37 +++++++++------
 programs/ssl/ssl_server2.c | 94 ++++++++++++++++++++++----------------
 tests/ssl-opt.sh           | 34 +++++++-------
 3 files changed, 93 insertions(+), 72 deletions(-)

diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 61dd50ebf..1bf6e2f0c 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -61,6 +61,7 @@ int main( void )
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 #include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
 #endif
 
 #include <stdio.h>
@@ -85,7 +86,7 @@ int main( void )
 #define DFL_CRT_FILE            ""
 #define DFL_KEY_FILE            ""
 #define DFL_PSK                 ""
-#define DFL_PSK_SLOT            0
+#define DFL_PSK_OPAQUE          0
 #define DFL_PSK_IDENTITY        "Client_identity"
 #define DFL_ECJPAKE_PW          NULL
 #define DFL_EC_MAX_OPS          -1
@@ -145,8 +146,9 @@ int main( void )
     "    psk_identity=%%s     default: \"Client_identity\"\n"
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 #define USAGE_PSK_SLOT                          \
-    "    psk_slot=%%d         default: 0\n"     \
-    "                          An empty key slot identifier to be used to hold the PSK.\n"            \
+    "    psk_opaque=%%d       default: 0 (don't use opaque static PSK)\n"     \
+    "                          Enable this to store the PSK configured through command line\n" \
+    "                          parameter `psk` in a PSA-based key slot.\n" \
     "                          Note: Currently only supported in conjunction with\n"                  \
     "                          the use of min_version to force TLS 1.2 and force_ciphersuite \n"      \
     "                          to force a particular PSK-only ciphersuite.\n"                         \
@@ -353,7 +355,7 @@ struct options
     const char *crt_file;       /* the file with the client certificate     */
     const char *key_file;       /* the file with the client key             */
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    int psk_slot;
+    int psk_opaque;
 #endif
     const char *psk;            /* the pre-shared key                       */
     const char *psk_identity;   /* the pre-shared key identity              */
@@ -651,7 +653,7 @@ int main( int argc, char *argv[] )
     opt.key_file            = DFL_KEY_FILE;
     opt.psk                 = DFL_PSK;
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    opt.psk_slot            = DFL_PSK_SLOT;
+    opt.psk_opaque          = DFL_PSK_OPAQUE;
 #endif
     opt.psk_identity        = DFL_PSK_IDENTITY;
     opt.ecjpake_pw          = DFL_ECJPAKE_PW;
@@ -754,8 +756,8 @@ int main( int argc, char *argv[] )
         else if( strcmp( p, "psk" ) == 0 )
             opt.psk = q;
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-        else if( strcmp( p, "psk_slot" ) == 0 )
-            opt.psk_slot = atoi( q );
+        else if( strcmp( p, "psk_opaque" ) == 0 )
+            opt.psk_opaque = atoi( q );
 #endif
         else if( strcmp( p, "psk_identity" ) == 0 )
             opt.psk_identity = q;
@@ -1093,11 +1095,11 @@ int main( int argc, char *argv[] )
 
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( opt.psk_slot != 0 )
+    if( opt.psk_opaque != 0 )
     {
         if( opt.psk == NULL )
         {
-            mbedtls_printf( "psk_slot set but no psk to be imported specified.\n" );
+            mbedtls_printf( "psk_opaque set but no psk to be imported specified.\n" );
             ret = 2;
             goto usage;
         }
@@ -1162,7 +1164,7 @@ int main( int argc, char *argv[] )
         }
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-        if( opt.psk_slot != 0 )
+        if( opt.psk_opaque != 0 )
         {
             /* Ensure that the chosen ciphersuite is PSK-only; we must know
              * the ciphersuite in advance to set the correct policy for the
@@ -1558,10 +1560,15 @@ int main( int argc, char *argv[] )
 
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( opt.psk_slot != 0 )
+    if( opt.psk_opaque != 0 )
     {
         /* The algorithm has already been determined earlier. */
-        slot = (psa_key_slot_t) opt.psk_slot;
+        status = mbedtls_psa_get_free_key_slot( &slot );
+        if( status != PSA_SUCCESS )
+        {
+            ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+            goto exit;
+        }
 
         psa_key_policy_init( &policy );
         psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
@@ -2232,17 +2239,17 @@ exit:
 
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \
     defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( opt.psk_slot != 0 )
+    if( opt.psk_opaque != 0 )
     {
         /* This is ok even if the slot hasn't been
          * initialized (we might have jumed here
          * immediately because of bad cmd line params,
          * for example). */
-        status = psa_destroy_key( opt.psk_slot );
+        status = psa_destroy_key( slot );
         if( status != PSA_SUCCESS )
         {
             mbedtls_printf( "Failed to destroy key slot %u - error was %d",
-                            (unsigned) opt.psk_slot, (int) status );
+                            (unsigned) slot, (int) status );
             if( ret == 0 )
                 ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
         }
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index f4b737faf..534a3f373 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -62,6 +62,7 @@ int main( void )
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 #include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
 #endif
 
 #include <stdio.h>
@@ -123,8 +124,8 @@ int main( void )
 #define DFL_ASYNC_PRIVATE_DELAY2 ( -1 )
 #define DFL_ASYNC_PRIVATE_ERROR  ( 0 )
 #define DFL_PSK                 ""
-#define DFL_PSK_SLOT            0
-#define DFL_PSK_LIST_SLOT       0
+#define DFL_PSK_OPAQUE          0
+#define DFL_PSK_LIST_OPAQUE     0
 #define DFL_PSK_IDENTITY        "Client_identity"
 #define DFL_ECJPAKE_PW          NULL
 #define DFL_PSK_LIST            NULL
@@ -234,20 +235,18 @@ int main( void )
     "                          id1,psk1[,id2,psk2[,...]]\n"
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 #define USAGE_PSK_SLOT                          \
-    "    psk_slot=%%d         default: 0 (don't use key slots)\n"     \
-    "                          An empty key slot identifier to be used to hold the static PSK\n" \
-    "                          configured through the psk parameter.\n"\
+    "    psk_opaque=%%d       default: 0 (don't use opaque static PSK)\n"     \
+    "                          Enable this to store the PSK configured through command line\n" \
+    "                          parameter `psk` in a PSA-based key slot.\n" \
     "                          Note: Currently only supported in conjunction with\n"                  \
     "                          the use of min_version to force TLS 1.2 and force_ciphersuite \n"      \
     "                          to force a particular PSK-only ciphersuite.\n"                         \
     "                          Note: This is to test integration of PSA-based opaque PSKs with\n"     \
     "                          Mbed TLS only. Production systems are likely to configure Mbed TLS\n"  \
     "                          with prepopulated key slots instead of importing raw key material.\n" \
-    "    psk_list_slot=%%d    default: 0 (don't use key slots)\n"     \
-    "                          The base of a consecutive list of empty key slot identifiers to be used\n" \
-    "                          to hold the dynamic PSKs configured through the psk_list parameter;\n" \
-    "                          for example, if you specify a list of 3 dynamic PSKs through the psk_list\n"\
-    "                          parameter, then the slots psk_slot, .., psk_slot+3 must be empty.\n" \
+    "    psk_list_opaque=%%d  default: 0 (don't use opaque dynamic PSKs)\n"     \
+    "                          Enable this to store the list of dynamically chosen PSKs configured\n" \
+    "                          through the command line parameter `psk_list` in PSA-based key slots.\n" \
     "                          Note: Currently only supported in conjunction with\n" \
     "                          the use of min_version to force TLS 1.2 and force_ciphersuite \n" \
     "                          to force a particular PSK-only ciphersuite.\n" \
@@ -485,8 +484,8 @@ struct options
     int async_private_delay2;   /* number of times f_async_resume needs to be called for key 2, or -1 for no async */
     int async_private_error;    /* inject error in async private callback */
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    int psk_slot;
-    int psk_list_slot;
+    int psk_opaque;
+    int psk_list_opaque;
 #endif
     const char *psk;            /* the pre-shared key                       */
     const char *psk_identity;   /* the pre-shared key identity              */
@@ -871,11 +870,6 @@ psk_entry *psk_parse( char *psk_string )
         if( unhexify( new->key, key_hex, &new->key_len ) != 0 )
             goto error;
 
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
-        if( opt.psk_list_slot != 0 )
-            new->slot = opt.psk_list_slot++;
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
         new->next = cur;
         cur = new;
     }
@@ -1250,11 +1244,17 @@ static psa_status_t psa_setup_psk_key_slot( psa_key_slot_t slot,
 
     status = psa_set_key_policy( slot, &policy );
     if( status != PSA_SUCCESS )
+    {
+        fprintf( stderr, "POLICY\n" );
         return( status );
+    }
 
     status = psa_import_key( slot, PSA_KEY_TYPE_DERIVE, psk, psk_len );
     if( status != PSA_SUCCESS )
+    {
+        fprintf( stderr, "IMPORT\n" );
         return( status );
+    }
 
     return( PSA_SUCCESS );
 }
@@ -1268,6 +1268,7 @@ int main( int argc, char *argv[] )
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
     psa_algorithm_t alg = 0;
+    psa_key_slot_t psk_slot = 0;
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
     unsigned char psk[MBEDTLS_PSK_MAX_LEN];
     size_t psk_len = 0;
@@ -1432,8 +1433,8 @@ int main( int argc, char *argv[] )
     opt.async_private_error = DFL_ASYNC_PRIVATE_ERROR;
     opt.psk                 = DFL_PSK;
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    opt.psk_slot            = DFL_PSK_SLOT;
-    opt.psk_list_slot       = DFL_PSK_LIST_SLOT;
+    opt.psk_opaque          = DFL_PSK_OPAQUE;
+    opt.psk_list_opaque     = DFL_PSK_LIST_OPAQUE;
 #endif
     opt.psk_identity        = DFL_PSK_IDENTITY;
     opt.psk_list            = DFL_PSK_LIST;
@@ -1564,10 +1565,10 @@ int main( int argc, char *argv[] )
         else if( strcmp( p, "psk" ) == 0 )
             opt.psk = q;
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-        else if( strcmp( p, "psk_slot" ) == 0 )
-            opt.psk_slot = atoi( q );
-        else if( strcmp( p, "psk_list_slot" ) == 0 )
-            opt.psk_list_slot = atoi( q );
+        else if( strcmp( p, "psk_opaque" ) == 0 )
+            opt.psk_opaque = atoi( q );
+        else if( strcmp( p, "psk_list_opaque" ) == 0 )
+            opt.psk_list_opaque = atoi( q );
 #endif
         else if( strcmp( p, "psk_identity" ) == 0 )
             opt.psk_identity = q;
@@ -1879,11 +1880,11 @@ int main( int argc, char *argv[] )
     }
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( opt.psk_slot != 0 )
+    if( opt.psk_opaque != 0 )
     {
         if( strlen( opt.psk ) == 0 )
         {
-            mbedtls_printf( "psk_slot set but no psk to be imported specified.\n" );
+            mbedtls_printf( "psk_opaque set but no psk to be imported specified.\n" );
             ret = 2;
             goto usage;
         }
@@ -1896,7 +1897,7 @@ int main( int argc, char *argv[] )
         }
     }
 
-    if( opt.psk_list_slot != 0 )
+    if( opt.psk_list_opaque != 0 )
     {
         if( opt.psk_list == NULL )
         {
@@ -1965,7 +1966,7 @@ int main( int argc, char *argv[] )
         }
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-        if( opt.psk_slot != 0 || opt.psk_list_slot != 0 )
+        if( opt.psk_opaque != 0 || opt.psk_list_opaque != 0 )
         {
             /* Ensure that the chosen ciphersuite is PSK-only; we must know
              * the ciphersuite in advance to set the correct policy for the
@@ -2664,20 +2665,27 @@ int main( int argc, char *argv[] )
     if( strlen( opt.psk ) != 0 && strlen( opt.psk_identity ) != 0 )
     {
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-        if( opt.psk_slot != 0 )
+        if( opt.psk_opaque != 0 )
         {
-            /* The algorithm has already been determined earlier. */
-            status = psa_setup_psk_key_slot( opt.psk_slot, alg,
-                                             psk, psk_len );
+            status = mbedtls_psa_get_free_key_slot( &psk_slot );
             if( status != PSA_SUCCESS )
             {
+                fprintf( stderr, "ALLOC FAIL\n" );
                 ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
                 goto exit;
             }
 
-            if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, opt.psk_slot,
-                                                     (const unsigned char *) opt.psk_identity,
-                                                     strlen( opt.psk_identity ) ) ) != 0 )
+            /* The algorithm has already been determined earlier. */
+            status = psa_setup_psk_key_slot( psk_slot, alg, psk, psk_len );
+            if( status != PSA_SUCCESS )
+            {
+                fprintf( stderr, "SETUP FAIL\n" );
+                ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+                goto exit;
+            }
+            if( ( ret = mbedtls_ssl_conf_psk_opaque( &conf, psk_slot,
+                             (const unsigned char *) opt.psk_identity,
+                             strlen( opt.psk_identity ) ) ) != 0 )
             {
                 mbedtls_printf( " failed\n  ! mbedtls_ssl_conf_psk_opaque returned %d\n\n",
                                 ret );
@@ -2698,24 +2706,30 @@ int main( int argc, char *argv[] )
     if( opt.psk_list != NULL )
     {
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-        if( opt.psk_list_slot != 0 )
+        if( opt.psk_list_opaque != 0 )
         {
             psk_entry *cur_psk;
             for( cur_psk = psk_info; cur_psk != NULL; cur_psk = cur_psk->next )
             {
-                fprintf( stderr, "REGISTER KEY SLOT %d\n", (int) cur_psk->slot );
+                status = mbedtls_psa_get_free_key_slot( &cur_psk->slot );
+                if( status != PSA_SUCCESS )
+                {
+                    ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
+                    goto exit;
+                }
+
                 status = psa_setup_psk_key_slot( cur_psk->slot, alg,
                                                  cur_psk->key,
                                                  cur_psk->key_len );
                 if( status != PSA_SUCCESS )
                 {
-                    fprintf( stderr, "REGISTER KEY SLOT\n" );
                     ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
                     goto exit;
                 }
             }
         }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
+
         mbedtls_ssl_conf_psk_cb( &conf, psk_callback, psk_info );
     }
 #endif
@@ -3355,17 +3369,17 @@ exit:
 
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \
     defined(MBEDTLS_USE_PSA_CRYPTO)
-    if( opt.psk_slot != 0 )
+    if( opt.psk_opaque != 0 )
     {
         /* This is ok even if the slot hasn't been
          * initialized (we might have jumed here
          * immediately because of bad cmd line params,
          * for example). */
-        status = psa_destroy_key( opt.psk_slot );
+        status = psa_destroy_key( psk_slot );
         if( status != PSA_SUCCESS )
         {
             mbedtls_printf( "Failed to destroy key slot %u - error was %d",
-                            (unsigned) opt.psk_slot, (int) status );
+                            (unsigned) psk_slot, (int) status );
         }
     }
 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED &&
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 45b2e207f..129b91c08 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -3834,7 +3834,7 @@ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: opaque psk on client, no callback" \
             "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
             "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
-            psk_identity=foo psk=abc123 psk_slot=1" \
+            psk_identity=foo psk=abc123 psk_opaque=1" \
             0 \
             -c "skip PMS generation for opaque PSK"\
             -S "skip PMS generation for opaque PSK"\
@@ -3848,7 +3848,7 @@ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: opaque psk on client, no callback, SHA-384" \
             "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
             "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
-            psk_identity=foo psk=abc123 psk_slot=1" \
+            psk_identity=foo psk=abc123 psk_opaque=1" \
             0 \
             -c "skip PMS generation for opaque PSK"\
             -S "skip PMS generation for opaque PSK"\
@@ -3862,7 +3862,7 @@ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: opaque psk on client, no callback, EMS" \
             "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
             "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
-            psk_identity=foo psk=abc123 psk_slot=1" \
+            psk_identity=foo psk=abc123 psk_opaque=1" \
             0 \
             -c "skip PMS generation for opaque PSK"\
             -S "skip PMS generation for opaque PSK"\
@@ -3876,7 +3876,7 @@ requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \
             "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
             "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
-            psk_identity=foo psk=abc123 psk_slot=1" \
+            psk_identity=foo psk=abc123 psk_opaque=1" \
             0 \
             -c "skip PMS generation for opaque PSK"\
             -S "skip PMS generation for opaque PSK"\
@@ -3888,7 +3888,7 @@ run_test    "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, static opaque on server, no callback" \
-            "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_slot=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
             "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
             psk_identity=foo psk=abc123" \
             0 \
@@ -3902,7 +3902,7 @@ run_test    "PSK callback: raw psk on client, static opaque on server, no callba
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, static opaque on server, no callback, SHA-384" \
-            "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_slot=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
+            "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
             "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
             psk_identity=foo psk=abc123" \
             0 \
@@ -3916,7 +3916,7 @@ run_test    "PSK callback: raw psk on client, static opaque on server, no callba
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, static opaque on server, no callback, EMS" \
-            "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_slot=1 min_version=tls1_2 \
+            "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 \
             force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
             "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
             psk_identity=foo psk=abc123 extended_ms=1" \
@@ -3931,7 +3931,7 @@ run_test    "PSK callback: raw psk on client, static opaque on server, no callba
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, static opaque on server, no callback, EMS, SHA384" \
-            "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_slot=1 min_version=tls1_2 \
+            "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 \
             force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
             "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
             psk_identity=foo psk=abc123 extended_ms=1" \
@@ -3946,7 +3946,7 @@ run_test    "PSK callback: raw psk on client, static opaque on server, no callba
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback" \
-            "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
             "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
             psk_identity=def psk=beef" \
             0 \
@@ -3960,7 +3960,7 @@ run_test    "PSK callback: raw psk on client, no static PSK on server, opaque PS
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, SHA-384" \
-            "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
+            "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
             "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
             psk_identity=def psk=beef" \
             0 \
@@ -3974,7 +3974,7 @@ run_test    "PSK callback: raw psk on client, no static PSK on server, opaque PS
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS" \
-            "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=1 min_version=tls1_2 \
+            "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 \
             force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
             "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
             psk_identity=abc psk=dead extended_ms=1" \
@@ -3989,7 +3989,7 @@ run_test    "PSK callback: raw psk on client, no static PSK on server, opaque PS
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS, SHA384" \
-            "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=1 min_version=tls1_2 \
+            "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 \
             force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
             "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
             psk_identity=abc psk=dead extended_ms=1" \
@@ -4004,7 +4004,7 @@ run_test    "PSK callback: raw psk on client, no static PSK on server, opaque PS
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, mismatching static raw PSK on server, opaque PSK from callback" \
-            "$P_SRV extended_ms=0 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_SRV extended_ms=0 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
             "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
             psk_identity=def psk=beef" \
             0 \
@@ -4018,7 +4018,7 @@ run_test    "PSK callback: raw psk on client, mismatching static raw PSK on serv
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, mismatching static opaque PSK on server, opaque PSK from callback" \
-            "$P_SRV extended_ms=0 psk_slot=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_slot=2 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
             "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
             psk_identity=def psk=beef" \
             0 \
@@ -4032,7 +4032,7 @@ run_test    "PSK callback: raw psk on client, mismatching static opaque PSK on s
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, mismatching static opaque PSK on server, raw PSK from callback" \
-            "$P_SRV extended_ms=0 psk_slot=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
             "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
             psk_identity=def psk=beef" \
             0 \
@@ -4045,7 +4045,7 @@ run_test    "PSK callback: raw psk on client, mismatching static opaque PSK on s
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, id-matching but wrong raw PSK on server, opaque PSK from callback" \
-            "$P_SRV extended_ms=0 psk_slot=1 psk_identity=def psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
             "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
             psk_identity=def psk=beef" \
             0 \
@@ -4058,7 +4058,7 @@ run_test    "PSK callback: raw psk on client, id-matching but wrong raw PSK on s
 
 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
 run_test    "PSK callback: raw psk on client, matching opaque PSK on server, wrong opaque PSK from callback" \
-            "$P_SRV extended_ms=0 psk_slot=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,abc123 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
+            "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,abc123 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
             "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
             psk_identity=def psk=beef" \
             1 \

From ed437a674e71098a4ab8c91ef861438ace9bf7b9 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 15 Nov 2018 13:18:25 +0000
Subject: [PATCH 737/889] Fix typo in documentation of mbedtls_ssl_conf_psk()

---
 include/mbedtls/ssl.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 678660659..f7c9d936a 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -2086,7 +2086,7 @@ int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf,
  *                 want to use \c mbedtls_ssl_conf_psk_cb() instead.
  *
  * \warning        Currently, clients can only register a single pre-shared key.
- *                 Calling this function or mbedtls_ssl_conf_opaque_psk() more
+ *                 Calling this function or mbedtls_ssl_conf_psk_opaque() more
  *                 than once will overwrite values configured in previous calls.
  *                 Support for setting multiple PSKs on clients and selecting
  *                 one based on the identity hint is not a planned feature,

From e9bf0f4c32ea07d6fee9c6ce6b5c75fbac084894 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 15 Nov 2018 13:33:04 +0000
Subject: [PATCH 738/889] Share code for PSK identity configuration

This commit shares the code for setting the PSK identity hint between
the functions mbedtls_ssl_conf_psk() and mbedtls_ssl_conf_psk_opaque().
---
 library/ssl_tls.c | 92 ++++++++++++++++++++++++-----------------------
 1 file changed, 48 insertions(+), 44 deletions(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 6fa2e3a76..93439697e 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -7450,44 +7450,56 @@ static void ssl_conf_remove_psk( mbedtls_ssl_config *conf )
     }
 }
 
-int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
-                const unsigned char *psk, size_t psk_len,
-                const unsigned char *psk_identity, size_t psk_identity_len )
+/* This function assumes that PSK identity in the SSL config is unset.
+ * It checks that the provided identity is well-formed and attempts
+ * to make a copy of it in the SSL config.
+ * On failure, the PSK identity in the config remains unset. */
+static int ssl_conf_set_psk_identity( mbedtls_ssl_config *conf,
+                                      unsigned char const *psk_identity,
+                                      size_t psk_identity_len )
 {
-    if( psk == NULL || psk_identity == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    if( psk_len > MBEDTLS_PSK_MAX_LEN )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
     /* Identity len will be encoded on two bytes */
-    if( ( psk_identity_len >> 16 ) != 0 ||
+    if( psk_identity               == NULL ||
+        ( psk_identity_len >> 16 ) != 0    ||
         psk_identity_len > MBEDTLS_SSL_OUT_CONTENT_LEN )
     {
         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
     }
 
-    ssl_conf_remove_psk( conf );
-
-    if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL ||
-        ( conf->psk_identity = mbedtls_calloc( 1, psk_identity_len ) ) == NULL )
-    {
-        mbedtls_free( conf->psk );
-        mbedtls_free( conf->psk_identity );
-        conf->psk = NULL;
-        conf->psk_identity = NULL;
+    conf->psk_identity = mbedtls_calloc( 1, psk_identity_len );
+    if( conf->psk_identity == NULL )
         return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-    }
 
-    conf->psk_len = psk_len;
     conf->psk_identity_len = psk_identity_len;
-
-    memcpy( conf->psk, psk, conf->psk_len );
     memcpy( conf->psk_identity, psk_identity, conf->psk_identity_len );
 
     return( 0 );
 }
 
+int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf,
+                const unsigned char *psk, size_t psk_len,
+                const unsigned char *psk_identity, size_t psk_identity_len )
+{
+    int ret;
+    /* Remove opaque/raw PSK + PSK Identity */
+    ssl_conf_remove_psk( conf );
+
+    /* Check and set raw PSK */
+    if( psk == NULL || psk_len > MBEDTLS_PSK_MAX_LEN )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+    if( ( conf->psk = mbedtls_calloc( 1, psk_len ) ) == NULL )
+        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+    conf->psk_len = psk_len;
+    memcpy( conf->psk, psk, conf->psk_len );
+
+    /* Check and set PSK Identity */
+    ret = ssl_conf_set_psk_identity( conf, psk_identity, psk_identity_len );
+    if( ret != 0 )
+        ssl_conf_remove_psk( conf );
+
+    return( ret );
+}
+
 static void ssl_remove_psk( mbedtls_ssl_context *ssl )
 {
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
@@ -7532,30 +7544,22 @@ int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf,
                                  const unsigned char *psk_identity,
                                  size_t psk_identity_len )
 {
-    if( psk_slot == 0 || psk_identity == NULL )
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
-    /* Identity len will be encoded on two bytes */
-    if( ( psk_identity_len >> 16 ) != 0 ||
-        psk_identity_len > MBEDTLS_SSL_OUT_CONTENT_LEN )
-    {
-        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-    }
-
+    int ret;
+    /* Clear opaque/raw PSK + PSK Identity, if present. */
     ssl_conf_remove_psk( conf );
 
-    if( ( conf->psk_identity = mbedtls_calloc( 1, psk_identity_len ) ) == NULL )
-    {
-        mbedtls_free( conf->psk_identity );
-        conf->psk_identity = NULL;
-        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
-    }
-
-    conf->psk_identity_len = psk_identity_len;
-    memcpy( conf->psk_identity, psk_identity, conf->psk_identity_len );
-
+    /* Check and set opaque PSK */
+    if( psk_slot == 0 )
+        return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
     conf->psk_opaque = psk_slot;
-    return( 0 );
+
+    /* Check and set PSK Identity */
+    ret = ssl_conf_set_psk_identity( conf, psk_identity,
+                                     psk_identity_len );
+    if( ret != 0 )
+        ssl_conf_remove_psk( conf );
+
+    return( ret );
 }
 
 int mbedtls_ssl_set_hs_psk_opaque( mbedtls_ssl_context *ssl,

From 40975782077e83821531cc7e7999b505e6549393 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 19 Nov 2018 11:44:14 +0000
Subject: [PATCH 739/889] Initialize PSA key slot as invalid in ssl_client2.c

Otherwise, if `mbedtls_psa_get_free_key_slot()` fails to find a fresh
key slot, the slot value will be undefined, and the call to
`psa_destroy_key()` at the end of `main()` is undefined behavior.
---
 programs/ssl/ssl_client2.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 1bf6e2f0c..ff625fbd2 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -561,7 +561,7 @@ int main( int argc, char *argv[] )
     const char *pers = "ssl_client2";
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_key_slot_t slot;
+    psa_key_slot_t slot = 0;
     psa_algorithm_t alg = 0;
     psa_key_policy_t policy;
     psa_status_t status;

From 2e009fe0131eb9b84121dbd8956bb94080bf6f75 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 8 Nov 2018 16:57:42 +0000
Subject: [PATCH 740/889] Fix style in definition of `mbedtls_cipher_mode_t`

---
 include/mbedtls/cipher.h | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index 58a5d63dd..d112eb032 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -179,16 +179,16 @@ typedef enum {
 
 /** Supported cipher modes. */
 typedef enum {
-    MBEDTLS_MODE_NONE = 0,               /**< None. */
-    MBEDTLS_MODE_ECB,                    /**< The ECB cipher mode. */
-    MBEDTLS_MODE_CBC,                    /**< The CBC cipher mode. */
-    MBEDTLS_MODE_CFB,                    /**< The CFB cipher mode. */
-    MBEDTLS_MODE_OFB,                    /**< The OFB cipher mode. */
-    MBEDTLS_MODE_CTR,                    /**< The CTR cipher mode. */
-    MBEDTLS_MODE_GCM,                    /**< The GCM cipher mode. */
-    MBEDTLS_MODE_STREAM,                 /**< The stream cipher mode. */
-    MBEDTLS_MODE_CCM,                    /**< The CCM cipher mode. */
-    MBEDTLS_MODE_XTS,                    /**< The XTS cipher mode. */
+    MBEDTLS_MODE_NONE = 0,               /**< None.                        */
+    MBEDTLS_MODE_ECB,                    /**< The ECB cipher mode.         */
+    MBEDTLS_MODE_CBC,                    /**< The CBC cipher mode.         */
+    MBEDTLS_MODE_CFB,                    /**< The CFB cipher mode.         */
+    MBEDTLS_MODE_OFB,                    /**< The OFB cipher mode.         */
+    MBEDTLS_MODE_CTR,                    /**< The CTR cipher mode.         */
+    MBEDTLS_MODE_GCM,                    /**< The GCM cipher mode.         */
+    MBEDTLS_MODE_STREAM,                 /**< The stream cipher mode.      */
+    MBEDTLS_MODE_CCM,                    /**< The CCM cipher mode.         */
+    MBEDTLS_MODE_XTS,                    /**< The XTS cipher mode.         */
     MBEDTLS_MODE_CHACHAPOLY,             /**< The ChaCha-Poly cipher mode. */
 } mbedtls_cipher_mode_t;
 

From 0953ba18993999a7e772b7fa2e71fdb902dfdcea Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 8 Nov 2018 16:01:22 +0000
Subject: [PATCH 741/889] Fix style in NUM_CIPHERS definition in cipher_wrap.c

Use brackets around `sizeof()` arguments as well as the entire macro.
---
 library/cipher_wrap.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index 6dd8c5d3a..d4538ed7b 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c
@@ -2266,7 +2266,8 @@ const mbedtls_cipher_definition_t mbedtls_cipher_definitions[] =
     { MBEDTLS_CIPHER_NONE, NULL }
 };
 
-#define NUM_CIPHERS sizeof mbedtls_cipher_definitions / sizeof mbedtls_cipher_definitions[0]
+#define NUM_CIPHERS ( sizeof(mbedtls_cipher_definitions) /      \
+                      sizeof(mbedtls_cipher_definitions[0]) )
 int mbedtls_cipher_supported[NUM_CIPHERS];
 
 #endif /* MBEDTLS_CIPHER_C */

From c8b699dfa4d61a31a67653fc8424b0521b3c41bb Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 8 Nov 2018 15:57:42 +0000
Subject: [PATCH 742/889] Fix style in cipher.h

---
 include/mbedtls/cipher.h | 141 +++++++++++++++++++++------------------
 1 file changed, 77 insertions(+), 64 deletions(-)

diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index d112eb032..47709a932 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -405,7 +405,8 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );
  * In future versions, the caller will be required to call
  * mbedtls_cipher_init() on the structure first.
  */
-int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info );
+int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
+                          const mbedtls_cipher_info_t *cipher_info );
 
 /**
  * \brief        This function returns the block size of the given cipher.
@@ -415,7 +416,8 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_in
  * \return       The size of the blocks of the cipher.
  * \return       0 if \p ctx has not been initialized.
  */
-static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx )
+static inline unsigned int mbedtls_cipher_get_block_size(
+    const mbedtls_cipher_context_t *ctx )
 {
     if( NULL == ctx || NULL == ctx->cipher_info )
         return 0;
@@ -432,7 +434,8 @@ static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_c
  * \return       The mode of operation.
  * \return       #MBEDTLS_MODE_NONE if \p ctx has not been initialized.
  */
-static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtls_cipher_context_t *ctx )
+static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(
+    const mbedtls_cipher_context_t *ctx )
 {
     if( NULL == ctx || NULL == ctx->cipher_info )
         return MBEDTLS_MODE_NONE;
@@ -450,7 +453,8 @@ static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtl
  * \return      \c 0 for ciphers not using an IV or a nonce.
  * \return      The actual size if an IV has been set.
  */
-static inline int mbedtls_cipher_get_iv_size( const mbedtls_cipher_context_t *ctx )
+static inline int mbedtls_cipher_get_iv_size(
+    const mbedtls_cipher_context_t *ctx )
 {
     if( NULL == ctx || NULL == ctx->cipher_info )
         return 0;
@@ -469,7 +473,8 @@ static inline int mbedtls_cipher_get_iv_size( const mbedtls_cipher_context_t *ct
  * \return              The type of the cipher.
  * \return              #MBEDTLS_CIPHER_NONE if \p ctx has not been initialized.
  */
-static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( const mbedtls_cipher_context_t *ctx )
+static inline mbedtls_cipher_type_t mbedtls_cipher_get_type(
+    const mbedtls_cipher_context_t *ctx )
 {
     if( NULL == ctx || NULL == ctx->cipher_info )
         return MBEDTLS_CIPHER_NONE;
@@ -486,7 +491,8 @@ static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( const mbedtls_ciphe
  * \return              The name of the cipher.
  * \return              NULL if \p ctx has not been not initialized.
  */
-static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx )
+static inline const char *mbedtls_cipher_get_name(
+    const mbedtls_cipher_context_t *ctx )
 {
     if( NULL == ctx || NULL == ctx->cipher_info )
         return 0;
@@ -503,7 +509,8 @@ static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_
  * \return              #MBEDTLS_KEY_LENGTH_NONE if ctx \p has not been
  *                      initialized.
  */
-static inline int mbedtls_cipher_get_key_bitlen( const mbedtls_cipher_context_t *ctx )
+static inline int mbedtls_cipher_get_key_bitlen(
+    const mbedtls_cipher_context_t *ctx )
 {
     if( NULL == ctx || NULL == ctx->cipher_info )
         return MBEDTLS_KEY_LENGTH_NONE;
@@ -519,7 +526,8 @@ static inline int mbedtls_cipher_get_key_bitlen( const mbedtls_cipher_context_t
  * \return         The type of operation: #MBEDTLS_ENCRYPT or #MBEDTLS_DECRYPT.
  * \return         #MBEDTLS_OPERATION_NONE if \p ctx has not been initialized.
  */
-static inline mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_cipher_context_t *ctx )
+static inline mbedtls_operation_t mbedtls_cipher_get_operation(
+    const mbedtls_cipher_context_t *ctx )
 {
     if( NULL == ctx || NULL == ctx->cipher_info )
         return MBEDTLS_OPERATION_NONE;
@@ -543,8 +551,10 @@ static inline mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_ci
  *                      parameter-verification failure.
  * \return              A cipher-specific error code on failure.
  */
-int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key,
-                   int key_bitlen, const mbedtls_operation_t operation );
+int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
+                           const unsigned char *key,
+                           int key_bitlen,
+                           const mbedtls_operation_t operation );
 
 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
 /**
@@ -562,7 +572,8 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *k
  * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode
  *                      does not support padding.
  */
-int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode );
+int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx,
+                                     mbedtls_cipher_padding_t mode );
 #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
 
 /**
@@ -582,7 +593,7 @@ int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_ciph
  *                  parameter-verification failure.
  */
 int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
-                   const unsigned char *iv, size_t iv_len );
+                           const unsigned char *iv, size_t iv_len );
 
 /**
  * \brief         This function resets the cipher state.
@@ -597,16 +608,16 @@ int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx );
 
 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
 /**
- * \brief               This function adds additional data for AEAD ciphers.
- *                      Currently supported with GCM and ChaCha20+Poly1305.
- *                      Must be called exactly once, after mbedtls_cipher_reset().
+ * \brief             This function adds additional data for AEAD ciphers.
+ *                    Currently supported with GCM and ChaCha20+Poly1305.
+ *                    Must be called exactly once, after mbedtls_cipher_reset().
  *
- * \param ctx           The generic cipher context.
- * \param ad            The additional data to use.
- * \param ad_len        the Length of \p ad.
+ * \param ctx         The generic cipher context.
+ * \param ad          The additional data to use.
+ * \param ad_len      the Length of \p ad.
  *
- * \return              \c 0 on success.
- * \return              A specific error code on failure.
+ * \return            \c 0 on success.
+ * \return            A specific error code on failure.
  */
 int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
                       const unsigned char *ad, size_t ad_len );
@@ -643,8 +654,10 @@ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
  *                      unsupported mode for a cipher.
  * \return              A cipher-specific error code on failure.
  */
-int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
-                   size_t ilen, unsigned char *output, size_t *olen );
+int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx,
+                           const unsigned char *input,
+                           size_t ilen, unsigned char *output,
+                           size_t *olen );
 
 /**
  * \brief               The generic cipher finalization function. If data still
@@ -736,27 +749,27 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
 
 #if defined(MBEDTLS_CIPHER_MODE_AEAD)
 /**
- * \brief               The generic autenticated encryption (AEAD) function.
+ * \brief             The generic autenticated encryption (AEAD) function.
  *
- * \param ctx           The generic cipher context.
- * \param iv            The IV to use, or NONCE_COUNTER for CTR-mode ciphers.
- * \param iv_len        The IV length for ciphers with variable-size IV.
- *                      This parameter is discarded by ciphers with fixed-size IV.
- * \param ad            The additional data to authenticate.
- * \param ad_len        The length of \p ad.
- * \param input         The buffer holding the input data.
- * \param ilen          The length of the input data.
- * \param output        The buffer for the output data.
- *                      Must be able to hold at least \p ilen.
- * \param olen          The length of the output data, to be updated with the
- *                      actual number of Bytes written.
- * \param tag           The buffer for the authentication tag.
- * \param tag_len       The desired length of the authentication tag.
+ * \param ctx         The generic cipher context.
+ * \param iv          The IV to use, or NONCE_COUNTER for CTR-mode ciphers.
+ * \param iv_len      The IV length for ciphers with variable-size IV.
+ *                    This parameter is discarded by ciphers with fixed-size IV.
+ * \param ad          The additional data to authenticate.
+ * \param ad_len      The length of \p ad.
+ * \param input       The buffer holding the input data.
+ * \param ilen        The length of the input data.
+ * \param output      The buffer for the output data.
+ *                    Must be able to hold at least \p ilen.
+ * \param olen        The length of the output data, to be updated with the
+ *                    actual number of Bytes written.
+ * \param tag         The buffer for the authentication tag.
+ * \param tag_len     The desired length of the authentication tag.
  *
- * \return              \c 0 on success.
- * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
- *                      parameter-verification failure.
- * \return              A cipher-specific error code on failure.
+ * \return            \c 0 on success.
+ * \return            #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
+ *                    parameter-verification failure.
+ * \return            A cipher-specific error code on failure.
  */
 int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
                          const unsigned char *iv, size_t iv_len,
@@ -766,32 +779,32 @@ int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
                          unsigned char *tag, size_t tag_len );
 
 /**
- * \brief               The generic autenticated decryption (AEAD) function.
+ * \brief             The generic autenticated decryption (AEAD) function.
  *
- * \note                If the data is not authentic, then the output buffer
- *                      is zeroed out to prevent the unauthentic plaintext being
- *                      used, making this interface safer.
+ * \note              If the data is not authentic, then the output buffer
+ *                    is zeroed out to prevent the unauthentic plaintext being
+ *                    used, making this interface safer.
  *
- * \param ctx           The generic cipher context.
- * \param iv            The IV to use, or NONCE_COUNTER for CTR-mode ciphers.
- * \param iv_len        The IV length for ciphers with variable-size IV.
- *                      This parameter is discarded by ciphers with fixed-size IV.
- * \param ad            The additional data to be authenticated.
- * \param ad_len        The length of \p ad.
- * \param input         The buffer holding the input data.
- * \param ilen          The length of the input data.
- * \param output        The buffer for the output data.
- *                      Must be able to hold at least \p ilen.
- * \param olen          The length of the output data, to be updated with the
- *                      actual number of Bytes written.
- * \param tag           The buffer holding the authentication tag.
- * \param tag_len       The length of the authentication tag.
+ * \param ctx         The generic cipher context.
+ * \param iv          The IV to use, or NONCE_COUNTER for CTR-mode ciphers.
+ * \param iv_len      The IV length for ciphers with variable-size IV.
+ *                    This parameter is discarded by ciphers with fixed-size IV.
+ * \param ad          The additional data to be authenticated.
+ * \param ad_len      The length of \p ad.
+ * \param input       The buffer holding the input data.
+ * \param ilen        The length of the input data.
+ * \param output      The buffer for the output data.
+ *                    Must be able to hold at least \p ilen.
+ * \param olen        The length of the output data, to be updated with the
+ *                    actual number of Bytes written.
+ * \param tag         The buffer holding the authentication tag.
+ * \param tag_len     The length of the authentication tag.
  *
- * \return              \c 0 on success.
- * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
- *                      parameter-verification failure.
- * \return              #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic.
- * \return              A cipher-specific error code on failure.
+ * \return            \c 0 on success.
+ * \return            #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
+ *                    parameter-verification failure.
+ * \return            #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic.
+ * \return            A cipher-specific error code on failure.
  */
 int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
                          const unsigned char *iv, size_t iv_len,

From 18597cd3c459b9a6dc312f969afeea519b9c74d1 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 9 Nov 2018 16:36:33 +0000
Subject: [PATCH 743/889] Fix style in cipher.c

---
 library/cipher.c | 61 +++++++++++++++++++++++++++++-------------------
 1 file changed, 37 insertions(+), 24 deletions(-)

diff --git a/library/cipher.c b/library/cipher.c
index d7acf34ee..7a012f9eb 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -71,7 +71,8 @@
  * a non-zero value.
  * This is currently only used by GCM and ChaCha20+Poly1305.
  */
-static int mbedtls_constant_time_memcmp( const void *v1, const void *v2, size_t len )
+static int mbedtls_constant_time_memcmp( const void *v1, const void *v2,
+                                         size_t len )
 {
     const unsigned char *p1 = (const unsigned char*) v1;
     const unsigned char *p2 = (const unsigned char*) v2;
@@ -108,7 +109,8 @@ const int *mbedtls_cipher_list( void )
     return( mbedtls_cipher_supported );
 }
 
-const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type )
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type(
+    const mbedtls_cipher_type_t cipher_type )
 {
     const mbedtls_cipher_definition_t *def;
 
@@ -119,7 +121,8 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher
     return( NULL );
 }
 
-const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name )
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string(
+    const char *cipher_name )
 {
     const mbedtls_cipher_definition_t *def;
 
@@ -133,9 +136,10 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher
     return( NULL );
 }
 
-const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
-                                              int key_bitlen,
-                                              const mbedtls_cipher_mode_t mode )
+const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values(
+    const mbedtls_cipher_id_t cipher_id,
+    int key_bitlen,
+    const mbedtls_cipher_mode_t mode )
 {
     const mbedtls_cipher_definition_t *def;
 
@@ -173,7 +177,8 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx )
     mbedtls_platform_zeroize( ctx, sizeof(mbedtls_cipher_context_t) );
 }
 
-int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info )
+int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
+                          const mbedtls_cipher_info_t *cipher_info )
 {
     if( NULL == cipher_info || NULL == ctx )
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
@@ -199,8 +204,10 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_in
     return( 0 );
 }
 
-int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key,
-        int key_bitlen, const mbedtls_operation_t operation )
+int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
+                           const unsigned char *key,
+                           int key_bitlen,
+                           const mbedtls_operation_t operation )
 {
     if( NULL == ctx || NULL == ctx->cipher_info )
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
@@ -223,12 +230,13 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *k
         MBEDTLS_MODE_CTR == ctx->cipher_info->mode )
     {
         return ctx->cipher_info->base->setkey_enc_func( ctx->cipher_ctx, key,
-                ctx->key_bitlen );
+                                                        ctx->key_bitlen );
     }
 
     if( MBEDTLS_DECRYPT == operation )
         return ctx->cipher_info->base->setkey_dec_func( ctx->cipher_ctx, key,
-                ctx->key_bitlen );
+                                                        ctx->key_bitlen );
+
 
     return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 }
@@ -830,7 +838,8 @@ int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
 }
 
 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
-int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode )
+int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx,
+                                     mbedtls_cipher_padding_t mode )
 {
     if( NULL == ctx ||
         MBEDTLS_MODE_CBC != ctx->cipher_info->mode )
@@ -889,7 +898,8 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
 
 #if defined(MBEDTLS_GCM_C)
     if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
-        return mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, tag, tag_len );
+        return( mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx,
+                                    tag, tag_len ) );
 #endif
 
 #if defined(MBEDTLS_CHACHAPOLY_C)
@@ -899,8 +909,8 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
         if ( tag_len != 16U )
             return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 
-        return mbedtls_chachapoly_finish( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
-                                                      tag );
+        return( mbedtls_chachapoly_finish(
+                    (mbedtls_chachapoly_context*) ctx->cipher_ctx, tag ) );
     }
 #endif
 
@@ -925,8 +935,9 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
         if( tag_len > sizeof( check_tag ) )
             return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 
-        if( 0 != ( ret = mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx,
-                                     check_tag, tag_len ) ) )
+        if( 0 != ( ret = mbedtls_gcm_finish(
+                       (mbedtls_gcm_context *) ctx->cipher_ctx,
+                       check_tag, tag_len ) ) )
         {
             return( ret );
         }
@@ -946,8 +957,8 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
         if ( tag_len != sizeof( check_tag ) )
             return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 
-        ret = mbedtls_chachapoly_finish( (mbedtls_chachapoly_context*) ctx->cipher_ctx,
-                                                     check_tag );
+        ret = mbedtls_chachapoly_finish(
+            (mbedtls_chachapoly_context*) ctx->cipher_ctx, check_tag );
         if ( ret != 0 )
         {
             return( ret );
@@ -982,10 +993,12 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
     if( ( ret = mbedtls_cipher_reset( ctx ) ) != 0 )
         return( ret );
 
-    if( ( ret = mbedtls_cipher_update( ctx, input, ilen, output, olen ) ) != 0 )
+    if( ( ret = mbedtls_cipher_update( ctx, input, ilen,
+                                       output, olen ) ) != 0 )
         return( ret );
 
-    if( ( ret = mbedtls_cipher_finish( ctx, output + *olen, &finish_olen ) ) != 0 )
+    if( ( ret = mbedtls_cipher_finish( ctx, output + *olen,
+                                       &finish_olen ) ) != 0 )
         return( ret );
 
     *olen += finish_olen;
@@ -1008,9 +1021,9 @@ int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
     if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
     {
         *olen = ilen;
-        return( mbedtls_gcm_crypt_and_tag( ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT, ilen,
-                                   iv, iv_len, ad, ad_len, input, output,
-                                   tag_len, tag ) );
+        return( mbedtls_gcm_crypt_and_tag( ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT,
+                                           ilen, iv, iv_len, ad, ad_len,
+                                           input, output, tag_len, tag ) );
     }
 #endif /* MBEDTLS_GCM_C */
 #if defined(MBEDTLS_CCM_C)

From f28d344832e6eb6d693e6641108533e2852f7616 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 8 Nov 2018 15:55:24 +0000
Subject: [PATCH 744/889] Expand documentation of mbedtls_cipher_list()

---
 include/mbedtls/cipher.h | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index 47709a932..8dc55f922 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -324,11 +324,17 @@ typedef struct mbedtls_cipher_context_t
 } mbedtls_cipher_context_t;
 
 /**
- * \brief This function retrieves the list of ciphers supported by the generic
- * cipher module.
+ * \brief This function retrieves the list of ciphers supported
+ *        by the generic cipher module.
  *
- * \return      A statically-allocated array of ciphers. The last entry
- *              is zero.
+ *        For any cipher identifier in the returned list, you can
+ *        obtain the corresponding generic cipher information structure
+ *        via mbedtls_cipher_info_from_type(), which can then be used
+ *        to prepare a cipher context via mbedtls_cipher_setup().
+ *
+ *
+ * \return      A statically-allocated array of cipher identifiers
+ *              of type cipher_type_t. The last entry is zero.
  */
 const int *mbedtls_cipher_list( void );
 

From 73907f842ba1a8a72d837bcd4c757ac6235f9a61 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 9 Nov 2018 16:09:19 +0000
Subject: [PATCH 745/889] Improve wording in documentation of
 mbedtls_cipher_setup()

---
 include/mbedtls/cipher.h | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index 8dc55f922..5051c1241 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -394,9 +394,8 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );
 
 
 /**
- * \brief               This function initializes and fills the cipher-context
- *                      structure with the appropriate values. It also clears
- *                      the structure.
+ * \brief               This function initializes a cipher context for
+ *                      use with the given cipher primitive.
  *
  * \param ctx           The context to initialize. May not be NULL.
  * \param cipher_info   The cipher to use.

From 4ccfc40aefb9a8ff9ad415140eb1d82a0a99f0d0 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 9 Nov 2018 16:10:57 +0000
Subject: [PATCH 746/889] Add declaration and dummy-definition of
 mbedtls_cipher_setup_psa()

---
 include/mbedtls/cipher.h | 20 ++++++++++++++++++++
 library/cipher.c         | 12 ++++++++++++
 2 files changed, 32 insertions(+)

diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index 5051c1241..e7e222c4e 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -413,6 +413,26 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );
 int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
                           const mbedtls_cipher_info_t *cipher_info );
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/**
+ * \brief               This function initializes a cipher context for
+ *                      PSA-based use with the given cipher primitive.
+ *
+ * \note                See #MBEDTLS_USE_PSA_CRYPTO for information on PSA.
+ *
+ * \param ctx           The context to initialize. May not be \c NULL.
+ * \param cipher_info   The cipher to use.
+ *
+ * \return              \c 0 on success.
+ * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
+ *                      parameter-verification failure.
+ * \return              #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the
+ *                      cipher-specific context fails.
+ */
+int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
+                              const mbedtls_cipher_info_t *cipher_info );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 /**
  * \brief        This function returns the block size of the given cipher.
  *
diff --git a/library/cipher.c b/library/cipher.c
index 7a012f9eb..34a8170bc 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -58,6 +58,10 @@
 #include "mbedtls/cmac.h"
 #endif
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 #if defined(MBEDTLS_PLATFORM_C)
 #include "mbedtls/platform.h"
 #else
@@ -204,6 +208,14 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
     return( 0 );
 }
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
+                              const mbedtls_cipher_info_t *cipher_info )
+{
+    return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
                            const unsigned char *key,
                            int key_bitlen,

From ce1ddee13a171867687ec0ac6b04d2a9a732c2df Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 9 Nov 2018 16:20:29 +0000
Subject: [PATCH 747/889] Add `psa_enabled` field to cipher ctx and add dummy
 implementations

This field determines whether a cipher context should
use an external implementation of the PSA Crypto API for
cryptographic operations, or Mbed TLS' own crypto library.

The commit also adds dummy implementations for the cipher API.
---
 include/mbedtls/cipher.h |  12 ++++
 library/cipher.c         | 135 ++++++++++++++++++++++++++++++++++++++-
 2 files changed, 146 insertions(+), 1 deletion(-)

diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index e7e222c4e..c2745e82f 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -321,6 +321,18 @@ typedef struct mbedtls_cipher_context_t
     /** CMAC-specific context. */
     mbedtls_cmac_context_t *cmac_ctx;
 #endif
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    /** Indicates whether the cipher operations should be performed
+     *  by Mbed TLS' own crypto library or an external implementation
+     *  of the PSA Crypto API.
+     *  This is unset if the cipher context is setup through
+     *  mbedtls_cipher_setup(), and set if it is setup through
+     *  mbedtls_cipher_setup_psa().
+     */
+    unsigned char psa_enabled;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 } mbedtls_cipher_context_t;
 
 /**
diff --git a/library/cipher.c b/library/cipher.c
index 34a8170bc..e6baa2cfe 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -166,6 +166,16 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx )
     if( ctx == NULL )
         return;
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( ctx->psa_enabled == 1 )
+    {
+        /* TODO: Add free'ing of PSA-specific context. */
+
+        mbedtls_platform_zeroize( ctx, sizeof(mbedtls_cipher_context_t) );
+        return;
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 #if defined(MBEDTLS_CMAC_C)
     if( ctx->cmac_ctx )
     {
@@ -212,7 +222,14 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
 int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
                               const mbedtls_cipher_info_t *cipher_info )
 {
-    return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+    if( NULL == cipher_info || NULL == ctx )
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+    memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
+
+    ctx->cipher_info = cipher_info;
+    ctx->psa_enabled = 1;
+    return( 0 );
 }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
@@ -224,6 +241,14 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
     if( NULL == ctx || NULL == ctx->cipher_info )
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( ctx->psa_enabled == 1 )
+    {
+        /* TODO */
+        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
     if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN ) == 0 &&
         (int) ctx->cipher_info->key_bitlen != key_bitlen )
     {
@@ -262,6 +287,16 @@ int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
     else if( NULL == iv && iv_len != 0  )
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( ctx->psa_enabled == 1 )
+    {
+        /* While PSA Crypto has an API for multipart
+         * operations, we currently don't make it
+         * accessible through the cipher layer. */
+        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
     if( NULL == iv && iv_len == 0 )
         ctx->iv_size = 0;
 
@@ -306,6 +341,15 @@ int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx )
     if( NULL == ctx || NULL == ctx->cipher_info )
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( ctx->psa_enabled == 1 )
+    {
+        /* We don't support resetting PSA-based
+         * cipher contexts, yet. */
+        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
     ctx->unprocessed_len = 0;
 
     return( 0 );
@@ -318,6 +362,16 @@ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
     if( NULL == ctx || NULL == ctx->cipher_info )
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( ctx->psa_enabled == 1 )
+    {
+        /* While PSA Crypto has an API for multipart
+         * operations, we currently don't make it
+         * accessible through the cipher layer. */
+        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 #if defined(MBEDTLS_GCM_C)
     if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
     {
@@ -362,6 +416,16 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
     }
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( ctx->psa_enabled == 1 )
+    {
+        /* While PSA Crypto has an API for multipart
+         * operations, we currently don't make it
+         * accessible through the cipher layer. */
+        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
     *olen = 0;
     block_size = mbedtls_cipher_get_block_size( ctx );
 
@@ -768,6 +832,16 @@ int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
     if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen )
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( ctx->psa_enabled == 1 )
+    {
+        /* While PSA Crypto has an API for multipart
+         * operations, we currently don't make it
+         * accessible through the cipher layer. */
+        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
     *olen = 0;
 
     if( MBEDTLS_MODE_CFB == ctx->cipher_info->mode ||
@@ -859,6 +933,19 @@ int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx,
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
     }
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( ctx->psa_enabled == 1 )
+    {
+        /* While PSA Crypto knows about CBC padding
+         * schemes, we currently don't make them
+         * accessible through the cipher layer. */
+        if( mode != MBEDTLS_PADDING_NONE )
+            return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+
+        return( 0 );
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
     switch( mode )
     {
 #if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
@@ -908,6 +995,18 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
     if( MBEDTLS_ENCRYPT != ctx->operation )
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( ctx->psa_enabled == 1 )
+    {
+        /* While PSA Crypto has an API for multipart
+         * operations, we currently don't make it
+         * accessible through the cipher layer. */
+        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+
+        return( 0 );
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 #if defined(MBEDTLS_GCM_C)
     if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
         return( mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx,
@@ -941,6 +1040,16 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
     }
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( ctx->psa_enabled == 1 )
+    {
+        /* While PSA Crypto has an API for multipart
+         * operations, we currently don't make it
+         * accessible through the cipher layer. */
+        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 #if defined(MBEDTLS_GCM_C)
     if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
     {
@@ -999,6 +1108,14 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
     int ret;
     size_t finish_olen;
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( ctx->psa_enabled == 1 )
+    {
+        /* TODO */
+        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
     if( ( ret = mbedtls_cipher_set_iv( ctx, iv, iv_len ) ) != 0 )
         return( ret );
 
@@ -1029,6 +1146,14 @@ int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
                          unsigned char *output, size_t *olen,
                          unsigned char *tag, size_t tag_len )
 {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( ctx->psa_enabled == 1 )
+    {
+        /* TODO */
+        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 #if defined(MBEDTLS_GCM_C)
     if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
     {
@@ -1076,6 +1201,14 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
                          unsigned char *output, size_t *olen,
                          const unsigned char *tag, size_t tag_len )
 {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( ctx->psa_enabled == 1 )
+    {
+        /* TODO */
+        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 #if defined(MBEDTLS_GCM_C)
     if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
     {

From 6118e43d1566dfc41af7c88b8d21b77db9e66e0f Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 9 Nov 2018 16:47:20 +0000
Subject: [PATCH 748/889] Add PSA-specific cipher context

---
 include/mbedtls/cipher_internal.h | 15 +++++++++++++++
 library/cipher.c                  | 20 ++++++++++++++++++--
 2 files changed, 33 insertions(+), 2 deletions(-)

diff --git a/include/mbedtls/cipher_internal.h b/include/mbedtls/cipher_internal.h
index c6def0bef..f69645233 100644
--- a/include/mbedtls/cipher_internal.h
+++ b/include/mbedtls/cipher_internal.h
@@ -34,6 +34,10 @@
 
 #include "cipher.h"
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 #ifdef __cplusplus
 extern "C" {
 #endif
@@ -114,6 +118,17 @@ typedef struct
     const mbedtls_cipher_info_t *info;
 } mbedtls_cipher_definition_t;
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+typedef struct
+{
+    psa_key_slot_t slot;
+    unsigned char slot_state; /*!< 0: The slot is unset.
+                               *   1: The slot is set and we own it.
+                               *   2: The slot is set but we don't own it. */
+
+} mbedtls_cipher_context_psa;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 extern const mbedtls_cipher_definition_t mbedtls_cipher_definitions[];
 
 extern int mbedtls_cipher_supported[];
diff --git a/library/cipher.c b/library/cipher.c
index e6baa2cfe..0bff79ee7 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -169,7 +169,19 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx )
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
     if( ctx->psa_enabled == 1 )
     {
-        /* TODO: Add free'ing of PSA-specific context. */
+        if( ctx->cipher_ctx != NULL )
+        {
+            mbedtls_cipher_context_psa * const cipher_psa =
+                (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
+
+            if( cipher_psa->slot_state == 1 )
+            {
+                /* TODO: Destroy PSA key */
+            }
+
+            mbedtls_platform_zeroize( cipher_psa, sizeof( *cipher_psa ) );
+            mbedtls_free( cipher_psa );
+        }
 
         mbedtls_platform_zeroize( ctx, sizeof(mbedtls_cipher_context_t) );
         return;
@@ -225,6 +237,10 @@ int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
     if( NULL == cipher_info || NULL == ctx )
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 
+    ctx->cipher_ctx = mbedtls_calloc( 1, sizeof(mbedtls_cipher_context_psa ) );
+    if( ctx->cipher_ctx == NULL )
+        return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED );
+
     memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
 
     ctx->cipher_info = cipher_info;
@@ -244,7 +260,7 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
     if( ctx->psa_enabled == 1 )
     {
-        /* TODO */
+        /* TODO: Allocate and setup PSA key slot from raw key material. */
         return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
     }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */

From edda8b8830905044203375c0a1bf552818ede802 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 12 Nov 2018 11:59:30 +0000
Subject: [PATCH 749/889] Implement mbedtls_cipher_setkey() for PSA-based
 cipher contexts

This commit implements the internal key slot management performed
by PSA-based cipher contexts. Specifically, `mbedtls_cipher_setkey()`
wraps the provided raw key material into a key slot, and
`mbedtls_cipher_free()` destroys that key slot.
---
 include/mbedtls/cipher_internal.h |  1 +
 library/cipher.c                  | 81 ++++++++++++++++++++++++++++---
 2 files changed, 75 insertions(+), 7 deletions(-)

diff --git a/include/mbedtls/cipher_internal.h b/include/mbedtls/cipher_internal.h
index f69645233..f1f0e2bde 100644
--- a/include/mbedtls/cipher_internal.h
+++ b/include/mbedtls/cipher_internal.h
@@ -121,6 +121,7 @@ typedef struct
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 typedef struct
 {
+    psa_algorithm_t alg;
     psa_key_slot_t slot;
     unsigned char slot_state; /*!< 0: The slot is unset.
                                *   1: The slot is set and we own it.
diff --git a/library/cipher.c b/library/cipher.c
index 0bff79ee7..dccf43de4 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -60,6 +60,7 @@
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 #include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
 #if defined(MBEDTLS_PLATFORM_C)
@@ -176,7 +177,8 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx )
 
             if( cipher_psa->slot_state == 1 )
             {
-                /* TODO: Destroy PSA key */
+                /* xxx_free() doesn't allow to return failures. */
+                (void) psa_destroy_key( cipher_psa->slot );
             }
 
             mbedtls_platform_zeroize( cipher_psa, sizeof( *cipher_psa ) );
@@ -234,15 +236,23 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
 int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
                               const mbedtls_cipher_info_t *cipher_info )
 {
+    psa_algorithm_t alg;
+    mbedtls_cipher_context_psa *cipher_psa;
+
     if( NULL == cipher_info || NULL == ctx )
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 
-    ctx->cipher_ctx = mbedtls_calloc( 1, sizeof(mbedtls_cipher_context_psa ) );
-    if( ctx->cipher_ctx == NULL )
-        return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED );
+    alg = mbedtls_psa_translate_cipher_mode( cipher_info->mode );
+    if( alg == 0)
+        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
 
     memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
 
+    cipher_psa = mbedtls_calloc( 1, sizeof(mbedtls_cipher_context_psa ) );
+    if( cipher_psa == NULL )
+        return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED );
+    cipher_psa->alg  = alg;
+    ctx->cipher_ctx  = cipher_psa;
     ctx->cipher_info = cipher_info;
     ctx->psa_enabled = 1;
     return( 0 );
@@ -254,14 +264,71 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
                            int key_bitlen,
                            const mbedtls_operation_t operation )
 {
-    if( NULL == ctx || NULL == ctx->cipher_info )
+    if( NULL == ctx || NULL == ctx->cipher_info ||
+        NULL == ctx->cipher_ctx )
+    {
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+    }
+
+    if( operation != MBEDTLS_DECRYPT &&
+        operation != MBEDTLS_ENCRYPT )
+    {
+        return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+    }
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
     if( ctx->psa_enabled == 1 )
     {
-        /* TODO: Allocate and setup PSA key slot from raw key material. */
-        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+        mbedtls_cipher_context_psa * const cipher_psa =
+            (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
+
+        size_t const key_bytelen = ( (size_t) key_bitlen + 7 ) / 8;
+
+        psa_status_t status;
+        psa_key_type_t key_type;
+        psa_key_usage_t key_usage;
+        psa_key_policy_t key_policy;
+
+        /* PSA Crypto API only accepts byte-aligned keys. */
+        if( key_bitlen % 8 != 0 )
+            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+        /* Don't allow keys to be set multiple times. */
+        if( cipher_psa->slot_state != 0 )
+            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+        /* Find a fresh key slot to use. */
+        status = mbedtls_psa_get_free_key_slot( &cipher_psa->slot );
+        if( status != PSA_SUCCESS )
+            return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+        cipher_psa->slot_state = 1; /* Indicate that we own the key slot. */
+
+        /* From that point on, the responsibility for destroying the
+         * key slot is on mbedtls_cipher_free(). This includes the case
+         * where the policy setup or key import below fail, as
+         * mbedtls_cipher_free() needs to be called in any case. */
+
+        /* Setup policy for the new key slot. */
+        psa_key_policy_init( &key_policy );
+        key_usage = mbedtls_psa_translate_cipher_operation( operation );
+        psa_key_policy_set_usage( &key_policy, key_usage, cipher_psa->alg );
+        status = psa_set_key_policy( cipher_psa->slot, &key_policy );
+        if( status != PSA_SUCCESS )
+            return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+
+        /* Populate new key slot. */
+        key_type = mbedtls_psa_translate_cipher_type(
+            ctx->cipher_info->type );
+        if( key_type == 0 )
+            return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+        status = psa_import_key( cipher_psa->slot,
+                                 key_type, key, key_bytelen );
+        if( status != PSA_SUCCESS )
+            return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+
+        ctx->key_bitlen = key_bitlen;
+        ctx->operation = operation;
+        return( 0 );
     }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 

From 55e2e3d5cc6f94156d77cf65a588e3efb49651c9 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 12 Nov 2018 12:36:17 +0000
Subject: [PATCH 750/889] Implement PSA-based version of mbedtls_cipher_crypt()

---
 library/cipher.c | 54 ++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 52 insertions(+), 2 deletions(-)

diff --git a/library/cipher.c b/library/cipher.c
index dccf43de4..a83d3c6a6 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -1194,8 +1194,58 @@ int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
     if( ctx->psa_enabled == 1 )
     {
-        /* TODO */
-        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+        /* As in the non-PSA case, we don't check that
+         * a key has been set. If not, the key slot will
+         * still be in its default state of 0, which is
+         * guaranteed to be invalid, hence the PSA-call
+         * below will gracefully fail. */
+        mbedtls_cipher_context_psa * const cipher_psa =
+            (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
+
+        psa_status_t status;
+        psa_cipher_operation_t cipher_op;
+        size_t part_len;
+
+        if( ctx->operation == MBEDTLS_DECRYPT )
+        {
+            status = psa_cipher_decrypt_setup( &cipher_op,
+                                               cipher_psa->slot,
+                                               cipher_psa->alg );
+        }
+        else if( ctx->operation == MBEDTLS_ENCRYPT )
+        {
+            status = psa_cipher_encrypt_setup( &cipher_op,
+                                               cipher_psa->slot,
+                                               cipher_psa->alg );
+        }
+        else
+            return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
+
+        /* In the following, we can immediately return on an error,
+         * because the PSA Crypto API guarantees that cipher operations
+         * are terminated by unsuccessful calls to psa_cipher_update(),
+         * and by any call to psa_cipher_finish(). */
+        if( status != PSA_SUCCESS )
+            return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+
+        status = psa_cipher_set_iv( &cipher_op, iv, iv_len );
+        if( status != PSA_SUCCESS )
+            return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+
+        status = psa_cipher_update( &cipher_op,
+                                    input, ilen,
+                                    output, ilen, olen );
+        if( status != PSA_SUCCESS )
+            return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+
+        status = psa_cipher_finish( &cipher_op,
+                                    output + *olen, ilen - *olen,
+                                    &part_len );
+        if( status != PSA_SUCCESS )
+            return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+
+        *olen += part_len;
+        return( 0 );
     }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 

From 58fc9aab549bdb995cc150c3113e601a5cccb82d Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 12 Nov 2018 12:46:35 +0000
Subject: [PATCH 751/889] Add AES-*-CBC test vectors for PSA-based cipher
 contexts

---
 tests/suites/test_suite_cipher.aes.data | 188 ++++++++++++++++++------
 tests/suites/test_suite_cipher.function |  16 +-
 2 files changed, 155 insertions(+), 49 deletions(-)

diff --git a/tests/suites/test_suite_cipher.aes.data b/tests/suites/test_suite_cipher.aes.data
index e81086360..1a8ff1e4b 100644
--- a/tests/suites/test_suite_cipher.aes.data
+++ b/tests/suites/test_suite_cipher.aes.data
@@ -1512,187 +1512,283 @@ test_vec_ecb:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"00000000000000000000000
 
 AES-128-ECB crypt Encrypt NIST KAT #1
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0:0
 
 AES-128-ECB crypt Encrypt NIST KAT #2
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"f0000000000000000000000000000000":"":"00000000000000000000000000000000":"970014d634e2b7650777e8e84d03ccd8":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"f0000000000000000000000000000000":"":"00000000000000000000000000000000":"970014d634e2b7650777e8e84d03ccd8":0:0
 
 AES-128-ECB crypt Encrypt NIST KAT #3
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"ffffffffffffffc00000000000000000":"3a4d354f02bb5a5e47d39666867f246a":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"":"ffffffffffffffc00000000000000000":"3a4d354f02bb5a5e47d39666867f246a":0:0
 
 AES-128-ECB crypt Decrypt NIST KAT #1
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"":"db4f1aa530967d6732ce4715eb0ee24b":"ff000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"":"db4f1aa530967d6732ce4715eb0ee24b":"ff000000000000000000000000000000":0:0
 
 AES-128-ECB crypt Decrypt NIST KAT #2
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"b69418a85332240dc82492353956ae0c":"":"a303d940ded8f0baff6f75414cac5243":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"b69418a85332240dc82492353956ae0c":"":"a303d940ded8f0baff6f75414cac5243":"00000000000000000000000000000000":0:0
 
 AES-128-ECB crypt Decrypt NIST KAT #3
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffffffffffffff8000000000000000":"":"32cd652842926aea4aa6137bb2be2b5e":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_ECB:MBEDTLS_DECRYPT:"ffffffffffffffff8000000000000000":"":"32cd652842926aea4aa6137bb2be2b5e":"00000000000000000000000000000000":0:0
 
 AES-192-ECB crypt Encrypt NIST KAT #1
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"fffffffffffffffffffff80000000000":"156f07767a85a4312321f63968338a01":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"fffffffffffffffffffff80000000000":"156f07767a85a4312321f63968338a01":0:0
 
 AES-192-ECB crypt Encrypt NIST KAT #2
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"51719783d3185a535bd75adc65071ce1":"4f354592ff7c8847d2d0870ca9481b7c":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"":"51719783d3185a535bd75adc65071ce1":"4f354592ff7c8847d2d0870ca9481b7c":0:0
 
 AES-192-ECB crypt Encrypt NIST KAT #3
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"d2926527e0aa9f37b45e2ec2ade5853ef807576104c7ace3":"":"00000000000000000000000000000000":"dd619e1cf204446112e0af2b9afa8f8c":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"d2926527e0aa9f37b45e2ec2ade5853ef807576104c7ace3":"":"00000000000000000000000000000000":"dd619e1cf204446112e0af2b9afa8f8c":0:0
 
 AES-192-ECB crypt Encrypt NIST KAT #4
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"fffffffffffffffffffffffffff800000000000000000000":"":"00000000000000000000000000000000":"8dd274bd0f1b58ae345d9e7233f9b8f3":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_ENCRYPT:"fffffffffffffffffffffffffff800000000000000000000":"":"00000000000000000000000000000000":"8dd274bd0f1b58ae345d9e7233f9b8f3":0:0
 
 AES-192-ECB crypt Decrypt NIST KAT #1
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffff000000000000000":"":"bb2852c891c5947d2ed44032c421b85f":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffff000000000000000":"":"bb2852c891c5947d2ed44032c421b85f":"00000000000000000000000000000000":0:0
 
 AES-192-ECB crypt Decrypt NIST KAT #2
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"61257134a518a0d57d9d244d45f6498cbc32f2bafc522d79":"":"cfe4d74002696ccf7d87b14a2f9cafc9":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"61257134a518a0d57d9d244d45f6498cbc32f2bafc522d79":"":"cfe4d74002696ccf7d87b14a2f9cafc9":"00000000000000000000000000000000":0:0
 
 AES-192-ECB crypt Decrypt NIST KAT #3
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:0
 
 AES-192-ECB crypt Decrypt NIST KAT #4
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"b2099795e88cc158fd75ea133d7e7fbe":"ffffffffffffffffffffc00000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_ECB:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"":"b2099795e88cc158fd75ea133d7e7fbe":"ffffffffffffffffffffc00000000000":0:0
 
 AES-256-ECB crypt Encrypt NIST KAT #1
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"c1cc358b449909a19436cfbb3f852ef8bcb5ed12ac7058325f56e6099aab1a1c":"":"00000000000000000000000000000000":"352065272169abf9856843927d0674fd":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"c1cc358b449909a19436cfbb3f852ef8bcb5ed12ac7058325f56e6099aab1a1c":"":"00000000000000000000000000000000":"352065272169abf9856843927d0674fd":0:0
 
 AES-256-ECB crypt Encrypt NIST KAT #2
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"0b24af36193ce4665f2825d7b4749c98":"a9ff75bd7cf6613d3731c77c3b6d0c04":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"0b24af36193ce4665f2825d7b4749c98":"a9ff75bd7cf6613d3731c77c3b6d0c04":0:0
 
 AES-256-ECB crypt Encrypt NIST KAT #3
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ffffff80000000000000000000000000":"36aff0ef7bf3280772cf4cac80a0d2b2":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ffffff80000000000000000000000000":"36aff0ef7bf3280772cf4cac80a0d2b2":0:0
 
 AES-256-ECB crypt Encrypt NIST KAT #4
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffffffffff8000000000000000000000000000":"":"00000000000000000000000000000000":"45d089c36d5c5a4efc689e3b0de10dd5":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffffffffff8000000000000000000000000000":"":"00000000000000000000000000000000":"45d089c36d5c5a4efc689e3b0de10dd5":0:0
 
 AES-256-ECB crypt Decrypt NIST KAT #1
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffff00000000000000000":"":"edf61ae362e882ddc0167474a7a77f3a":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"fffffffffffffffffffffffffffffffffffffffffffffff00000000000000000":"":"edf61ae362e882ddc0167474a7a77f3a":"00000000000000000000000000000000":0:0
 
 AES-256-ECB crypt Decrypt NIST KAT #2
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"f8be9ba615c5a952cabbca24f68f8593039624d524c816acda2c9183bd917cb9":"":"a3944b95ca0b52043584ef02151926a8":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"f8be9ba615c5a952cabbca24f68f8593039624d524c816acda2c9183bd917cb9":"":"a3944b95ca0b52043584ef02151926a8":"00000000000000000000000000000000":0:0
 
 AES-256-ECB crypt Decrypt NIST KAT #3
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"623a52fcea5d443e48d9181ab32c7421":"761c1fe41a18acf20d241650611d90f1":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"623a52fcea5d443e48d9181ab32c7421":"761c1fe41a18acf20d241650611d90f1":0:0
 
 AES-256-ECB crypt Decrypt NIST KAT #4
 depends_on:MBEDTLS_AES_C
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_ECB:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:0
 
 AES-128-CBC crypt Encrypt NIST KAT #1
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":0:0
 
 AES-128-CBC crypt Encrypt NIST KAT #2
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffe000":"00000000000000000000000000000000":"00000000000000000000000000000000":"323994cfb9da285a5d9642e1759b224a":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffe000":"00000000000000000000000000000000":"00000000000000000000000000000000":"323994cfb9da285a5d9642e1759b224a":0:0
 
 AES-128-CBC crypt Encrypt NIST KAT #3
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":0:0
 
 AES-128-CBC crypt Encrypt NIST KAT #4
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0:0
 
 AES-128-CBC crypt Decrypt NIST KAT #1
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":"80000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":"80000000000000000000000000000000":0:0
 
 AES-128-CBC crypt Decrypt NIST KAT #2
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"ffffc000000000000000000000000000":"00000000000000000000000000000000":"df556a33438db87bc41b1752c55e5e49":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"ffffc000000000000000000000000000":"00000000000000000000000000000000":"df556a33438db87bc41b1752c55e5e49":"00000000000000000000000000000000":0:0
 
 AES-128-CBC crypt Decrypt NIST KAT #3
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":"00000000000000000000000000000000":0:0
 
 AES-128-CBC crypt Decrypt NIST KAT #4
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"0336763e966d92595a567cc9ce537f5e":"f34481ec3cc627bacd5dc3fb08f273e6":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"0336763e966d92595a567cc9ce537f5e":"f34481ec3cc627bacd5dc3fb08f273e6":0:0
 
 AES-192-CBC crypt Encrypt NIST KAT #1
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":0:0
 
 AES-192-CBC crypt Encrypt NIST KAT #2
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"ff0000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"833f71258d53036b02952c76c744f5a1":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"ff0000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"833f71258d53036b02952c76c744f5a1":0:0
 
 AES-192-CBC crypt Encrypt NIST KAT #3
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":0:0
 
 AES-192-CBC crypt Encrypt NIST KAT #4
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"1b077a6af4b7f98229de786d7516b639":"275cfc0413d8ccb70513c3859b1d0f72":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"1b077a6af4b7f98229de786d7516b639":"275cfc0413d8ccb70513c3859b1d0f72":0:0
 
 AES-192-CBC crypt Decrypt NIST KAT #1
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":"80000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":"80000000000000000000000000000000":0:0
 
 AES-192-CBC crypt Decrypt NIST KAT #2
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"ffe000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"7ababc4b3f516c9aafb35f4140b548f9":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"ffe000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"7ababc4b3f516c9aafb35f4140b548f9":"00000000000000000000000000000000":0:0
 
 AES-192-CBC crypt Decrypt NIST KAT #3
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":"00000000000000000000000000000000":0:0
 
 AES-192-CBC crypt Decrypt NIST KAT #4
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:0
 
 AES-256-CBC crypt Encrypt NIST KAT #1
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":0:0
 
 AES-256-CBC crypt Encrypt NIST KAT #2
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"ff00000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"ec52a212f80a09df6317021bc2a9819e":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"ff00000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"ec52a212f80a09df6317021bc2a9819e":0:0
 
 AES-256-CBC crypt Encrypt NIST KAT #3
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":0:0
 
 AES-256-CBC crypt Encrypt NIST KAT #4
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"014730f80ac625fe84f026c60bfd547d":"5c9d844ed46f9885085e5d6a4f94c7d7":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"014730f80ac625fe84f026c60bfd547d":"5c9d844ed46f9885085e5d6a4f94c7d7":0:0
 
 AES-256-CBC crypt Decrypt NIST KAT #1
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:0
 
 AES-256-CBC crypt Decrypt NIST KAT #2
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"ffe0000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"d1ccb9b1337002cbac42c520b5d67722":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"ffe0000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"d1ccb9b1337002cbac42c520b5d67722":"00000000000000000000000000000000":0:0
 
 AES-256-CBC crypt Decrypt NIST KAT #3
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":"00000000000000000000000000000000":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":"00000000000000000000000000000000":0:0
 
 AES-256-CBC crypt Decrypt NIST KAT #4
 depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
-test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0:0
+
+AES-128-CBC crypt Encrypt NIST KAT #1 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":0:1
+
+AES-128-CBC crypt Encrypt NIST KAT #2 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffe000":"00000000000000000000000000000000":"00000000000000000000000000000000":"323994cfb9da285a5d9642e1759b224a":0:1
+
+AES-128-CBC crypt Encrypt NIST KAT #3 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":0:1
+
+AES-128-CBC crypt Encrypt NIST KAT #4 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"f34481ec3cc627bacd5dc3fb08f273e6":"0336763e966d92595a567cc9ce537f5e":0:1
+
+AES-128-CBC crypt Decrypt NIST KAT #1 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"3ad78e726c1ec02b7ebfe92b23d9ec34":"80000000000000000000000000000000":0:1
+
+AES-128-CBC crypt Decrypt NIST KAT #2 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"ffffc000000000000000000000000000":"00000000000000000000000000000000":"df556a33438db87bc41b1752c55e5e49":"00000000000000000000000000000000":0:1
+
+AES-128-CBC crypt Decrypt NIST KAT #3 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"10a58869d74be5a374cf867cfb473859":"00000000000000000000000000000000":"6d251e6944b051e04eaa6fb4dbf78465":"00000000000000000000000000000000":0:1
+
+AES-128-CBC crypt Decrypt NIST KAT #4 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"00000000000000000000000000000000":"0336763e966d92595a567cc9ce537f5e":"f34481ec3cc627bacd5dc3fb08f273e6":0:1
+
+AES-192-CBC crypt Encrypt NIST KAT #1 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":0:1
+
+AES-192-CBC crypt Encrypt NIST KAT #2 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"ff0000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"833f71258d53036b02952c76c744f5a1":0:1
+
+AES-192-CBC crypt Encrypt NIST KAT #3 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":0:1
+
+AES-192-CBC crypt Encrypt NIST KAT #4 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_ENCRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"1b077a6af4b7f98229de786d7516b639":"275cfc0413d8ccb70513c3859b1d0f72":0:1
+
+AES-192-CBC crypt Decrypt NIST KAT #1 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"6cd02513e8d4dc986b4afe087a60bd0c":"80000000000000000000000000000000":0:1
+
+AES-192-CBC crypt Decrypt NIST KAT #2 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"ffe000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"7ababc4b3f516c9aafb35f4140b548f9":"00000000000000000000000000000000":0:1
+
+AES-192-CBC crypt Decrypt NIST KAT #3 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"e9f065d7c13573587f7875357dfbb16c53489f6a4bd0f7cd":"00000000000000000000000000000000":"0956259c9cd5cfd0181cca53380cde06":"00000000000000000000000000000000":0:1
+
+AES-192-CBC crypt Decrypt NIST KAT #4 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_DECRYPT:"000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"275cfc0413d8ccb70513c3859b1d0f72":"1b077a6af4b7f98229de786d7516b639":0:1
+
+AES-256-CBC crypt Encrypt NIST KAT #1 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"80000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":0:1
+
+AES-256-CBC crypt Encrypt NIST KAT #2 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"ff00000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"00000000000000000000000000000000":"ec52a212f80a09df6317021bc2a9819e":0:1
+
+AES-256-CBC crypt Encrypt NIST KAT #3 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":0:1
+
+AES-256-CBC crypt Encrypt NIST KAT #4 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_ENCRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"014730f80ac625fe84f026c60bfd547d":"5c9d844ed46f9885085e5d6a4f94c7d7":0:1
+
+AES-256-CBC crypt Decrypt NIST KAT #1 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"ddc6bf790c15760d8d9aeb6f9a75fd4e":"80000000000000000000000000000000":0:1
+
+AES-256-CBC crypt Decrypt NIST KAT #2 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"ffe0000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"d1ccb9b1337002cbac42c520b5d67722":"00000000000000000000000000000000":0:1
+
+AES-256-CBC crypt Decrypt NIST KAT #3 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"c47b0294dbbbee0fec4757f22ffeee3587ca4730c3d33b691df38bab076bc558":"00000000000000000000000000000000":"46f2fb342d6f0ab477476fc501242c5f":"00000000000000000000000000000000":0:1
+
+AES-256-CBC crypt Decrypt NIST KAT #4 PSA
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
+test_vec_crypt:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_DECRYPT:"0000000000000000000000000000000000000000000000000000000000000000":"00000000000000000000000000000000":"5c9d844ed46f9885085e5d6a4f94c7d7":"014730f80ac625fe84f026c60bfd547d":0:1
 
 Cipher Corner Case behaviours
 depends_on:MBEDTLS_AES_C
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index c5bce7e50..da9dfa138 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -648,8 +648,8 @@ exit:
 
 /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */
 void test_vec_crypt( int cipher_id, int operation, char *hex_key,
-                   char *hex_iv, char *hex_input, char *hex_result,
-                   int finish_result )
+                     char *hex_iv, char *hex_input, char *hex_result,
+                     int finish_result, int use_psa )
 {
     unsigned char key[50];
     unsigned char input[16];
@@ -669,8 +669,18 @@ void test_vec_crypt( int cipher_id, int operation, char *hex_key,
     memset( iv, 0x00, sizeof( iv ) );
 
     /* Prepare context */
+#if !defined(MBEDTLS_USE_PSA_CRYPTO)
+    (void) use_psa;
+#else
+    if( use_psa == 1 )
+    {
+        TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx,
+                               mbedtls_cipher_info_from_type( cipher_id ) ) );
+    }
+    else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
     TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
-                                       mbedtls_cipher_info_from_type( cipher_id ) ) );
+                               mbedtls_cipher_info_from_type( cipher_id ) ) );
 
     key_len = unhexify( key, hex_key );
     inputlen =  unhexify( input, hex_input );

From a395d8f1e998e7b472973f1cf9df3279fc3f622b Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 12 Nov 2018 13:33:16 +0000
Subject: [PATCH 752/889] Always configure PSA-based keys for encryption and
 decryption

Mbed TLS cipher layer allows usage of keys for other purposes
than indicated in the `operation` parameter of `mbedtls_cipher_setkey()`.
The semantics of the PSA Crypto API, in contrast, checks key
usage against the key policy.

As a remedy, this commit modifies the PSA key slot setup to
always allow both encryption and decryption.
---
 library/cipher.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/library/cipher.c b/library/cipher.c
index a83d3c6a6..243c73918 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -310,7 +310,13 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
 
         /* Setup policy for the new key slot. */
         psa_key_policy_init( &key_policy );
-        key_usage = mbedtls_psa_translate_cipher_operation( operation );
+
+        /* Mbed TLS' cipher layer doesn't enforce the mode of operation
+         * (encrypt vs. decrypt): it is possible to setup a key for encryption
+         * and use it for AEAD decryption. Until tests relying on this
+         * are changed, allow any usage in PSA. */
+        /* key_usage = mbedtls_psa_translate_cipher_operation( operation ); */
+        key_usage = PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT;
         psa_key_policy_set_usage( &key_policy, key_usage, cipher_psa->alg );
         status = psa_set_key_policy( cipher_psa->slot, &key_policy );
         if( status != PSA_SUCCESS )

From 20120b373e27f423ade5cb185c4815d1e5685852 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 12 Nov 2018 16:26:27 +0000
Subject: [PATCH 753/889] Add AEAD tag length to new mbedtls_cipher_setup_psa()

For AEAD ciphers, the information contained in mbedtls_cipher_info
is not enough to deduce a PSA algorithm value of type psa_algorithm_t.
This is because mbedtls_cipher_info doesn't contain the AEAD tag
length, while values of type psa_algorithm_t do.

This commit adds the AEAD tag length as a separate parameter
to mbedtls_cipher_setup_psa(). For Non-AEAD ciphers, the value
must be 0.

This approach is preferred over passing psa_algorithm_t directly
in order to keep the changes in existing code using the cipher layer
small.
---
 include/mbedtls/cipher.h | 9 ++++++++-
 library/cipher.c         | 5 +++--
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index c2745e82f..eff12f687 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -434,6 +434,12 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
  *
  * \param ctx           The context to initialize. May not be \c NULL.
  * \param cipher_info   The cipher to use.
+ * \param taglen        For AEAD ciphers, the length in bytes of the
+ *                      authentication tag to use. Subsequent uses of
+ *                      mbedtls_cipher_auth_encrypt() or
+ *                      mbedtls_cipher_auth_decrypt() must provide
+ *                      the same tag length.
+ *                      For non-AEAD ciphers, the value must be \c 0.
  *
  * \return              \c 0 on success.
  * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
@@ -442,7 +448,8 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
  *                      cipher-specific context fails.
  */
 int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
-                              const mbedtls_cipher_info_t *cipher_info );
+                              const mbedtls_cipher_info_t *cipher_info,
+                              size_t taglen );
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
 /**
diff --git a/library/cipher.c b/library/cipher.c
index 243c73918..0b7c887f0 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -234,7 +234,8 @@ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
-                              const mbedtls_cipher_info_t *cipher_info )
+                              const mbedtls_cipher_info_t *cipher_info,
+                              size_t taglen )
 {
     psa_algorithm_t alg;
     mbedtls_cipher_context_psa *cipher_psa;
@@ -242,7 +243,7 @@ int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
     if( NULL == cipher_info || NULL == ctx )
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 
-    alg = mbedtls_psa_translate_cipher_mode( cipher_info->mode );
+    alg = mbedtls_psa_translate_cipher_mode( cipher_info->mode, taglen );
     if( alg == 0)
         return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
 

From fe73adee5ae72d5d0b4de8fcab8e2efa3b7f4bc4 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 12 Nov 2018 16:26:46 +0000
Subject: [PATCH 754/889] Implement PSA-based AEAD enc/dec cipher operations

---
 library/cipher.c | 57 ++++++++++++++++++++++++++++++++++++++++++++----
 1 file changed, 53 insertions(+), 4 deletions(-)

diff --git a/library/cipher.c b/library/cipher.c
index 0b7c887f0..c03b0528c 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -1289,8 +1289,32 @@ int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
     if( ctx->psa_enabled == 1 )
     {
-        /* TODO */
-        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+        /* As in the non-PSA case, we don't check that
+         * a key has been set. If not, the key slot will
+         * still be in its default state of 0, which is
+         * guaranteed to be invalid, hence the PSA-call
+         * below will gracefully fail. */
+        mbedtls_cipher_context_psa * const cipher_psa =
+            (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
+
+        psa_status_t status;
+
+        /* PSA Crypto API always writes the authentication tag
+         * at the end of the encrypted message. */
+        if( tag != output + ilen )
+            return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+
+        status = psa_aead_encrypt( cipher_psa->slot,
+                                   cipher_psa->alg,
+                                   iv, iv_len,
+                                   ad, ad_len,
+                                   input, ilen,
+                                   output, ilen + tag_len, olen );
+        if( status != PSA_SUCCESS )
+            return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+
+        *olen -= tag_len;
+        return( 0 );
     }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
@@ -1344,8 +1368,33 @@ int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
     if( ctx->psa_enabled == 1 )
     {
-        /* TODO */
-        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+        /* As in the non-PSA case, we don't check that
+         * a key has been set. If not, the key slot will
+         * still be in its default state of 0, which is
+         * guaranteed to be invalid, hence the PSA-call
+         * below will gracefully fail. */
+        mbedtls_cipher_context_psa * const cipher_psa =
+            (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
+
+        psa_status_t status;
+
+        /* PSA Crypto API always writes the authentication tag
+         * at the end of the encrypted message. */
+        if( tag != input + ilen )
+            return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+
+        status = psa_aead_decrypt( cipher_psa->slot,
+                                   cipher_psa->alg,
+                                   iv, iv_len,
+                                   ad, ad_len,
+                                   input, ilen + tag_len,
+                                   output, ilen, olen );
+        if( status == PSA_ERROR_INVALID_SIGNATURE )
+            return( MBEDTLS_ERR_CIPHER_AUTH_FAILED );
+        else if( status != PSA_SUCCESS )
+            return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+
+        return( 0 );
     }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 

From 1ccb1d614db77b2c00ff1f339c77d08413b28ee3 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 12 Nov 2018 16:27:30 +0000
Subject: [PATCH 755/889] Test PSA-based CCM cipher operations

---
 tests/suites/test_suite_cipher.ccm.data       | 623 ++++++++++++++----
 .../suites/test_suite_cipher.chachapoly.data  |   4 +-
 tests/suites/test_suite_cipher.function       |  92 ++-
 3 files changed, 570 insertions(+), 149 deletions(-)

diff --git a/tests/suites/test_suite_cipher.ccm.data b/tests/suites/test_suite_cipher.ccm.data
index 264ce9925..79725008f 100644
--- a/tests/suites/test_suite_cipher.ccm.data
+++ b/tests/suites/test_suite_cipher.ccm.data
@@ -1,480 +1,863 @@
 AES-128-CCM test vector NIST #1 (P=0, N=7, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"5a8aa485c316e9":"":"":"02209f55":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"5a8aa485c316e9":"":"":"02209f55":"":"":0
 
 AES-128-CCM test vector NIST #2 (P=0, N=7, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"3796cf51b87266":"":"":"9a04c241":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"3796cf51b87266":"":"":"9a04c241":"FAIL":"":0
 
 AES-128-CCM test vector NIST #3 (P=0, N=7, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9":"":"":"75d582db43ce9b13ab4b6f7f14341330":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9":"":"":"75d582db43ce9b13ab4b6f7f14341330":"":"":0
 
 AES-128-CCM test vector NIST #4 (P=0, N=7, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"3796cf51b87266":"":"":"3a65e03af37b81d05acc7ec1bc39deb0":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"3796cf51b87266":"":"":"3a65e03af37b81d05acc7ec1bc39deb0":"FAIL":"":0
 
 AES-128-CCM test vector NIST #5 (P=0, N=13, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9403aff859fbb":"":"":"90156f3f":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9403aff859fbb":"":"":"90156f3f":"":"":0
 
 AES-128-CCM test vector NIST #6 (P=0, N=13, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"a16a2e741f1cd9717285b6d882":"":"":"88909016":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"a16a2e741f1cd9717285b6d882":"":"":"88909016":"FAIL":"":0
 
 AES-128-CCM test vector NIST #7 (P=0, N=13, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9403aff859fbb":"":"":"fb04dc5a44c6bb000f2440f5154364b4":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9403aff859fbb":"":"":"fb04dc5a44c6bb000f2440f5154364b4":"":"":0
 
 AES-128-CCM test vector NIST #8 (P=0, N=13, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"a16a2e741f1cd9717285b6d882":"":"":"5447075bf42a59b91f08064738b015ab":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"a16a2e741f1cd9717285b6d882":"":"":"5447075bf42a59b91f08064738b015ab":"FAIL":"":0
 
 AES-128-CCM test vector NIST #9 (P=24, N=7, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9":"":"a90e8ea44085ced791b2fdb7fd44b5cf0bd7d27718029bb7":"03e1fa6b":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9":"":"a90e8ea44085ced791b2fdb7fd44b5cf0bd7d27718029bb7":"03e1fa6b":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":0
 
 AES-128-CCM test vector NIST #10 (P=24, N=7, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"31f8fa25827d48":"":"50aafe0578c115c4a8e126ff7b3ccb64dce8ccaa8ceda69f":"23e5d81c":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"31f8fa25827d48":"":"50aafe0578c115c4a8e126ff7b3ccb64dce8ccaa8ceda69f":"23e5d81c":"FAIL":"":0
 
 AES-128-CCM test vector NIST #11 (P=24, N=7, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9":"":"24ab9eeb0e5508cae80074f1070ee188a637171860881f1f":"2d9a3fbc210595b7b8b1b41523111a8e":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9":"":"24ab9eeb0e5508cae80074f1070ee188a637171860881f1f":"2d9a3fbc210595b7b8b1b41523111a8e":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":0
 
 AES-128-CCM test vector NIST #12 (P=24, N=7, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"31f8fa25827d48":"":"7ebfda6fa5da1dbffd82dc29b875798fbcef8ba0084fbd24":"63af747cc88a001fa94e060290f209c4":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"31f8fa25827d48":"":"7ebfda6fa5da1dbffd82dc29b875798fbcef8ba0084fbd24":"63af747cc88a001fa94e060290f209c4":"FAIL":"":0
 
 AES-128-CCM test vector NIST #13 (P=24, N=13, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9403aff859fbb":"":"4a550134f94455979ec4bf89ad2bd80d25a77ae94e456134":"a3e138b9":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9403aff859fbb":"":"4a550134f94455979ec4bf89ad2bd80d25a77ae94e456134":"a3e138b9":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":0
 
 AES-128-CCM test vector NIST #14 (P=24, N=13, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"49004912fdd7269279b1f06a89":"":"118ec53dd1bfbe52d5b9fe5dfebecf2ee674ec983eada654":"091a5ae9":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"49004912fdd7269279b1f06a89":"":"118ec53dd1bfbe52d5b9fe5dfebecf2ee674ec983eada654":"091a5ae9":"FAIL":"":0
 
 AES-128-CCM test vector NIST #15 (P=24, N=13, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9403aff859fbb":"":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb":"6a9a970b9beb2ac1bd4fd62168f8378a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9403aff859fbb":"":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb":"6a9a970b9beb2ac1bd4fd62168f8378a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":0
 
 AES-128-CCM test vector NIST #16 (P=24, N=13, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"49004912fdd7269279b1f06a89":"":"0c56a503aa2c12e87450d45a7b714db980fd348f327c0065":"a65666144994bad0c8195bcb4ade1337":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"49004912fdd7269279b1f06a89":"":"0c56a503aa2c12e87450d45a7b714db980fd348f327c0065":"a65666144994bad0c8195bcb4ade1337":"FAIL":"":0
 
 AES-128-CCM test vector NIST #17 (P=0, N=7, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"782e4318":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"782e4318":"":"":0
 
 AES-128-CCM test vector NIST #18 (P=0, N=7, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"a04f270a":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"a04f270a":"FAIL":"":0
 
 AES-128-CCM test vector NIST #19 (P=0, N=7, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"41b476013f45e4a781f253a6f3b1e530":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"41b476013f45e4a781f253a6f3b1e530":"":"":0
 
 AES-128-CCM test vector NIST #20 (P=0, N=7, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"f9f018fcd125822616083fffebc4c8e6":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"f9f018fcd125822616083fffebc4c8e6":"FAIL":"":0
 
 AES-128-CCM test vector NIST #21 (P=0, N=13, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"9f69f24f":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"9f69f24f":"":"":0
 
 AES-128-CCM test vector NIST #22 (P=0, N=13, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"e17afaa4":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"e17afaa4":"FAIL":"":0
 
 AES-128-CCM test vector NIST #23 (P=0, N=13, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"1859ac36a40a6b28b34266253627797a":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"1859ac36a40a6b28b34266253627797a":"":"":0
 
 AES-128-CCM test vector NIST #24 (P=0, N=13, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"edf8b46eb69ac0044116019dec183072":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"edf8b46eb69ac0044116019dec183072":"FAIL":"":0
 
 AES-128-CCM test vector NIST #25 (P=24, N=7, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6be31860ca271ef448de8f8d8b39346daf4b81d7e92d65b3":"38f125fa":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6be31860ca271ef448de8f8d8b39346daf4b81d7e92d65b3":"38f125fa":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":0
 
 AES-128-CCM test vector NIST #26 (P=24, N=7, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4cc57a9927a6bc401441870d3193bf89ebd163f5c01501c7":"28a66b69":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4cc57a9927a6bc401441870d3193bf89ebd163f5c01501c7":"28a66b69":"FAIL":"":0
 
 AES-128-CCM test vector NIST #27 (P=24, N=7, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"b351ab96b2e45515254558d5212673ee6c776d42dbca3b51":"2cf3a20b7fd7c49e6e79bef475c2906f":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"b351ab96b2e45515254558d5212673ee6c776d42dbca3b51":"2cf3a20b7fd7c49e6e79bef475c2906f":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":0
 
 AES-128-CCM test vector NIST #28 (P=24, N=7, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"df1a5285caa41b4bb47f6e5ceceba4e82721828d68427a30":"81d18ca149d6766bfaccec88f194eb5b":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"df1a5285caa41b4bb47f6e5ceceba4e82721828d68427a30":"81d18ca149d6766bfaccec88f194eb5b":"FAIL":"":0
 
 AES-128-CCM test vector NIST #29 (P=24, N=13, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"934f893824e880f743d196b22d1f340a52608155087bd28a":"c25e5329":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"934f893824e880f743d196b22d1f340a52608155087bd28a":"c25e5329":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":0
 
 AES-128-CCM test vector NIST #30 (P=24, N=13, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"f43ba9d834ad85dfab3f1c0c27c3441fe4e411a38a261a65":"59b3b3ee":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"f43ba9d834ad85dfab3f1c0c27c3441fe4e411a38a261a65":"59b3b3ee":"FAIL":"":0
 
 AES-128-CCM test vector NIST #31 (P=24, N=13, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"50038b5fdd364ee747b70d00bd36840ece4ea19998123375":"c0a458bfcafa3b2609afe0f825cbf503":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"50038b5fdd364ee747b70d00bd36840ece4ea19998123375":"c0a458bfcafa3b2609afe0f825cbf503":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":0
 
 AES-128-CCM test vector NIST #32 (P=24, N=13, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"78ed8ff6b5a1255d0fbd0a719a9c27b059ff5f83d0c4962c":"390042ba8bb5f6798dab01c5afad7306":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"78ed8ff6b5a1255d0fbd0a719a9c27b059ff5f83d0c4962c":"390042ba8bb5f6798dab01c5afad7306":"FAIL":"":0
 
 AES-192-CCM test vector NIST #1 (P=0, N=7, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"5a8aa485c316e9":"":"":"9d4b7f3b":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"5a8aa485c316e9":"":"":"9d4b7f3b":"":"":0
 
 AES-192-CCM test vector NIST #2 (P=0, N=7, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"3796cf51b87266":"":"":"80745de9":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"3796cf51b87266":"":"":"80745de9":"FAIL":"":0
 
 AES-192-CCM test vector NIST #3 (P=0, N=7, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9":"":"":"17223038fa99d53681ca1beabe78d1b4":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9":"":"":"17223038fa99d53681ca1beabe78d1b4":"":"":0
 
 AES-192-CCM test vector NIST #4 (P=0, N=7, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"3796cf51b87266":"":"":"d0e1eeef4d2a264536bb1c2c1bde7c35":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"3796cf51b87266":"":"":"d0e1eeef4d2a264536bb1c2c1bde7c35":"FAIL":"":0
 
 AES-192-CCM test vector NIST #5 (P=0, N=13, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9403aff859fbb":"":"":"fe69ed84":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9403aff859fbb":"":"":"fe69ed84":"":"":0
 
 AES-192-CCM test vector NIST #6 (P=0, N=13, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"a16a2e741f1cd9717285b6d882":"":"":"db7ffc82":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"a16a2e741f1cd9717285b6d882":"":"":"db7ffc82":"FAIL":"":0
 
 AES-192-CCM test vector NIST #7 (P=0, N=13, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9403aff859fbb":"":"":"0c66a8e547ed4f8c2c9a9a1eb5d455b9":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9403aff859fbb":"":"":"0c66a8e547ed4f8c2c9a9a1eb5d455b9":"":"":0
 
 AES-192-CCM test vector NIST #8 (P=0, N=13, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"a16a2e741f1cd9717285b6d882":"":"":"38757b3a61a4dc97ca3ab88bf1240695":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"a16a2e741f1cd9717285b6d882":"":"":"38757b3a61a4dc97ca3ab88bf1240695":"FAIL":"":0
 
 AES-192-CCM test vector NIST #9 (P=24, N=7, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9":"":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"ddc93a54":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9":"":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"ddc93a54":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":0
 
 AES-192-CCM test vector NIST #10 (P=24, N=7, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"31f8fa25827d48":"":"32b649ab56162e55d4148a1292d6a225a988eb1308298273":"b6889036":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"31f8fa25827d48":"":"32b649ab56162e55d4148a1292d6a225a988eb1308298273":"b6889036":"FAIL":"":0
 
 AES-192-CCM test vector NIST #11 (P=24, N=7, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9":"":"cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8":"c5a5ebecf7ac8607fe412189e83d9d20":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9":"":"cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8":"c5a5ebecf7ac8607fe412189e83d9d20":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":0
 
 AES-192-CCM test vector NIST #12 (P=24, N=7, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"31f8fa25827d48":"":"ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6":"e699f15f14d34dcaf9ba8ed4b877c97d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"31f8fa25827d48":"":"ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6":"e699f15f14d34dcaf9ba8ed4b877c97d":"FAIL":"":0
 
 AES-192-CCM test vector NIST #13 (P=24, N=13, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9403aff859fbb":"":"042653c674ef2a90f7fb11d30848e530ae59478f1051633a":"34fad277":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9403aff859fbb":"":"042653c674ef2a90f7fb11d30848e530ae59478f1051633a":"34fad277":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":0
 
 AES-192-CCM test vector NIST #14 (P=24, N=13, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"49004912fdd7269279b1f06a89":"":"1902d9769a7ba3d3268e1257395c8c2e5f98eef295dcbfa5":"a35df775":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"49004912fdd7269279b1f06a89":"":"1902d9769a7ba3d3268e1257395c8c2e5f98eef295dcbfa5":"a35df775":"FAIL":"":0
 
 AES-192-CCM test vector NIST #15 (P=24, N=13, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9403aff859fbb":"":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671e":"a7ade30a07d185692ab0ebdf4c78cf7a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9403aff859fbb":"":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671e":"a7ade30a07d185692ab0ebdf4c78cf7a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":0
 
 AES-192-CCM test vector NIST #16 (P=24, N=13, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"49004912fdd7269279b1f06a89":"":"9a98617fb97a0dfe466be692272dcdaec1c5443a3b51312e":"f042c86363cc05afb98c66e16be8a445":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"49004912fdd7269279b1f06a89":"":"9a98617fb97a0dfe466be692272dcdaec1c5443a3b51312e":"f042c86363cc05afb98c66e16be8a445":"FAIL":"":0
 
 AES-192-CCM test vector NIST #17 (P=0, N=7, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"1d089a5f":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"1d089a5f":"":"":0
 
 AES-192-CCM test vector NIST #18 (P=0, N=7, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"2f46022a":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"2f46022a":"FAIL":"":0
 
 AES-192-CCM test vector NIST #19 (P=0, N=7, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"5280a2137fee3deefcfe9b63a1199fb3":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"5280a2137fee3deefcfe9b63a1199fb3":"":"":0
 
 AES-192-CCM test vector NIST #20 (P=0, N=7, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"d40a7318c5f2d82f838c0beeefe0d598":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"d40a7318c5f2d82f838c0beeefe0d598":"FAIL":"":0
 
 AES-192-CCM test vector NIST #21 (P=0, N=13, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"5e0eaebd":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"5e0eaebd":"":"":0
 
 AES-192-CCM test vector NIST #22 (P=0, N=13, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"71b7fc33":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"71b7fc33":"FAIL":"":0
 
 AES-192-CCM test vector NIST #23 (P=0, N=13, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"d07ccf9fdc3d33aa94cda3d230da707c":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"d07ccf9fdc3d33aa94cda3d230da707c":"":"":0
 
 AES-192-CCM test vector NIST #24 (P=0, N=13, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"65fe32b649dc328c9f531584897e85b3":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"65fe32b649dc328c9f531584897e85b3":"FAIL":"":0
 
 AES-192-CCM test vector NIST #25 (P=24, N=7, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"9f6ca4af9b159148c889a6584d1183ea26e2614874b05045":"75dea8d1":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"9f6ca4af9b159148c889a6584d1183ea26e2614874b05045":"75dea8d1":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":0
 
 AES-192-CCM test vector NIST #26 (P=24, N=7, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"84d8212e9cfc2121252baa3b065b1edcf50497b9594db1eb":"d7965825":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"84d8212e9cfc2121252baa3b065b1edcf50497b9594db1eb":"d7965825":"FAIL":"":0
 
 AES-192-CCM test vector NIST #27 (P=24, N=7, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6aab64c4787599d8f213446beadb16e08dba60e97f56dbd1":"4d1d980d6fe0fb44b421992662b97975":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6aab64c4787599d8f213446beadb16e08dba60e97f56dbd1":"4d1d980d6fe0fb44b421992662b97975":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":0
 
 AES-192-CCM test vector NIST #28 (P=24, N=7, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa20660":"3c51d36c826f01384100886198a7f6a3":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa20660":"3c51d36c826f01384100886198a7f6a3":"FAIL":"":0
 
 AES-192-CCM test vector NIST #29 (P=24, N=13, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"16e543d0e20615ff0df15acd9927ddfe40668a54bb854ccc":"c25e9fce":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"16e543d0e20615ff0df15acd9927ddfe40668a54bb854ccc":"c25e9fce":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":0
 
 AES-192-CCM test vector NIST #30 (P=24, N=13, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"df35b109caf690656ae278bbd8f8bba687a2ce11b105dae9":"8ecedb3e":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"df35b109caf690656ae278bbd8f8bba687a2ce11b105dae9":"8ecedb3e":"FAIL":"":0
 
 AES-192-CCM test vector NIST #31 (P=24, N=13, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"c5b0b2ef17498c5570eb335df4588032958ba3d69bf6f317":"8464a6f7fa2b76744e8e8d95691cecb8":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"c5b0b2ef17498c5570eb335df4588032958ba3d69bf6f317":"8464a6f7fa2b76744e8e8d95691cecb8":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":0
 
 AES-192-CCM test vector NIST #32 (P=24, N=13, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"d1f0518929f4ae2f0543de2a7dfe4bb0110bb3057e524a1c":"06bd6dc2e6bcc3436cffb969ae900388":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"d1f0518929f4ae2f0543de2a7dfe4bb0110bb3057e524a1c":"06bd6dc2e6bcc3436cffb969ae900388":"FAIL":"":0
 
 AES-256-CCM test vector NIST #1 (P=0, N=7, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"a544218dadd3c1":"":"":"469c90bb":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"a544218dadd3c1":"":"":"469c90bb":"":"":0
 
 AES-256-CCM test vector NIST #2 (P=0, N=7, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"d3d5424e20fbec":"":"":"46a908ed":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"d3d5424e20fbec":"":"":"46a908ed":"FAIL":"":0
 
 AES-256-CCM test vector NIST #3 (P=0, N=7, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c1":"":"":"8207eb14d33855a52acceed17dbcbf6e":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c1":"":"":"8207eb14d33855a52acceed17dbcbf6e":"":"":0
 
 AES-256-CCM test vector NIST #4 (P=0, N=7, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"d3d5424e20fbec":"":"":"60f8e127cb4d30db6df0622158cd931d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"d3d5424e20fbec":"":"":"60f8e127cb4d30db6df0622158cd931d":"FAIL":"":0
 
 AES-256-CCM test vector NIST #5 (P=0, N=13, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c10583db49cf39":"":"":"8a19a133":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c10583db49cf39":"":"":"8a19a133":"":"":0
 
 AES-256-CCM test vector NIST #6 (P=0, N=13, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"3c0e2815d37d844f7ac240ba9d":"":"":"2e317f1b":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"3c0e2815d37d844f7ac240ba9d":"":"":"2e317f1b":"FAIL":"":0
 
 AES-256-CCM test vector NIST #7 (P=0, N=13, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c10583db49cf39":"":"":"97e1a8dd4259ccd2e431e057b0397fcf":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c10583db49cf39":"":"":"97e1a8dd4259ccd2e431e057b0397fcf":"":"":0
 
 AES-256-CCM test vector NIST #8 (P=0, N=13, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"3c0e2815d37d844f7ac240ba9d":"":"":"5a9596c511ea6a8671adefc4f2157d8b":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"3c0e2815d37d844f7ac240ba9d":"":"":"5a9596c511ea6a8671adefc4f2157d8b":"FAIL":"":0
 
 AES-256-CCM test vector NIST #9 (P=24, N=7, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c1":"":"64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b7":"22aa8d59":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c1":"":"64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b7":"22aa8d59":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98":0
 
 AES-256-CCM test vector NIST #10 (P=24, N=7, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"bfcda8b5a2d0d2":"":"c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a202":"77d00a75":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"bfcda8b5a2d0d2":"":"c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a202":"77d00a75":"FAIL":"":0
 
 AES-256-CCM test vector NIST #11 (P=24, N=7, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c1":"":"bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd":"374f3bb6db8377ebfc79674858c4f305":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c1":"":"bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd":"374f3bb6db8377ebfc79674858c4f305":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98":0
 
 AES-256-CCM test vector NIST #12 (P=24, N=7, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bfcda8b5a2d0d2":"":"afa1fa8e8a70e26b02161150556d604101fdf423f332c336":"3275f2a4907d51b734fe7238cebbd48f":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bfcda8b5a2d0d2":"":"afa1fa8e8a70e26b02161150556d604101fdf423f332c336":"3275f2a4907d51b734fe7238cebbd48f":"FAIL":"":0
 
 AES-256-CCM test vector NIST #13 (P=24, N=13, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c10583db49cf39":"":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f412":"3d14fb3f":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c10583db49cf39":"":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f412":"3d14fb3f":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":0
 
 AES-256-CCM test vector NIST #14 (P=24, N=13, A=0, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"894dcaa61008eb8fb052c60d41":"":"bb5425b3869b76856ec58e39886fb6f6f2ac13fe44cb132d":"8d0c0099":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"894dcaa61008eb8fb052c60d41":"":"bb5425b3869b76856ec58e39886fb6f6f2ac13fe44cb132d":"8d0c0099":"FAIL":"":0
 
 AES-256-CCM test vector NIST #15 (P=24, N=13, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c10583db49cf39":"":"f0050ad16392021a3f40207bed3521fb1e9f808f49830c42":"3a578d179902f912f9ea1afbce1120b3":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c10583db49cf39":"":"f0050ad16392021a3f40207bed3521fb1e9f808f49830c42":"3a578d179902f912f9ea1afbce1120b3":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":0
 
 AES-256-CCM test vector NIST #16 (P=24, N=13, A=0, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"894dcaa61008eb8fb052c60d41":"":"c408190d0fbf5034f83b24a8ed9657331a7ce141de4fae76":"9084607b83bd06e6442eac8dacf583cc":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"894dcaa61008eb8fb052c60d41":"":"c408190d0fbf5034f83b24a8ed9657331a7ce141de4fae76":"9084607b83bd06e6442eac8dacf583cc":"FAIL":"":0
 
 AES-256-CCM test vector NIST #17 (P=0, N=7, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"92d00fbe":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"92d00fbe":"":"":0
 
 AES-256-CCM test vector NIST #18 (P=0, N=7, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"9143e5c4":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"9143e5c4":"FAIL":"":0
 
 AES-256-CCM test vector NIST #19 (P=0, N=7, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"93af11a08379eb37a16aa2837f09d69d":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"93af11a08379eb37a16aa2837f09d69d":"":"":0
 
 AES-256-CCM test vector NIST #20 (P=0, N=7, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"d19b0c14ec686a7961ca7c386d125a65":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"d19b0c14ec686a7961ca7c386d125a65":"FAIL":"":0
 
 AES-256-CCM test vector NIST #21 (P=0, N=13, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"866d4227":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"866d4227":"":"":0
 
 AES-256-CCM test vector NIST #22 (P=0, N=13, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"94cb1127":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"94cb1127":"FAIL":"":0
 
 AES-256-CCM test vector NIST #23 (P=0, N=13, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"867b0d87cf6e0f718200a97b4f6d5ad5":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"867b0d87cf6e0f718200a97b4f6d5ad5":"":"":0
 
 AES-256-CCM test vector NIST #24 (P=0, N=13, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"677a040d46ee3f2b7838273bdad14f16":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"677a040d46ee3f2b7838273bdad14f16":"FAIL":"":0
 
 AES-256-CCM test vector NIST #25 (P=24, N=7, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"c2fe12658139f5d0dd22cadf2e901695b579302a72fc5608":"3ebc7720":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"c2fe12658139f5d0dd22cadf2e901695b579302a72fc5608":"3ebc7720":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3":0
 
 AES-256-CCM test vector NIST #26 (P=24, N=7, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81":"c44db2c9":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81":"c44db2c9":"FAIL":"":0
 
 AES-256-CCM test vector NIST #27 (P=24, N=7, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce":"1ac68bd42f5ec7fa7e068cc0ecd79c2a":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce":"1ac68bd42f5ec7fa7e068cc0ecd79c2a":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3":0
 
 AES-256-CCM test vector NIST #28 (P=24, N=7, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"d543acda712b898cbb27b8f598b2e4438ce587a836e27851":"47c3338a2400809e739b63ba8227d2f9":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"d543acda712b898cbb27b8f598b2e4438ce587a836e27851":"47c3338a2400809e739b63ba8227d2f9":"FAIL":"":0
 
 AES-256-CCM test vector NIST #29 (P=24, N=13, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69":"ef891339":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69":"ef891339":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3":0
 
 AES-256-CCM test vector NIST #30 (P=24, N=13, A=32, T=4)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f6":"3d488623":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f6":"3d488623":"FAIL":"":0
 
 AES-256-CCM test vector NIST #31 (P=24, N=13, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"8d34cdca37ce77be68f65baf3382e31efa693e63f914a781":"367f30f2eaad8c063ca50795acd90203":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"8d34cdca37ce77be68f65baf3382e31efa693e63f914a781":"367f30f2eaad8c063ca50795acd90203":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3":0
 
 AES-256-CCM test vector NIST #32 (P=24, N=13, A=32, T=16)
 depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"516c0095cc3d85fd55e48da17c592e0c7014b9daafb82bdc":"4b41096dfdbe9cc1ab610f8f3e038d16":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"516c0095cc3d85fd55e48da17c592e0c7014b9daafb82bdc":"4b41096dfdbe9cc1ab610f8f3e038d16":"FAIL":"":0
 
 Camellia-CCM test vector RFC 5528 #1
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000003020100A0A1A2A3A4A5":"0001020304050607":"BA737185E719310492F38A5F1251DA55FAFBC949848A0D":"FCAECE746B3DB9AD":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000003020100A0A1A2A3A4A5":"0001020304050607":"BA737185E719310492F38A5F1251DA55FAFBC949848A0D":"FCAECE746B3DB9AD":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E":0
 
 Camellia-CCM test vector RFC 5528 #2
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000004030201A0A1A2A3A4A5":"0001020304050607":"5D2564BF8EAFE1D99526EC016D1BF0424CFBD2CD62848F33":"60B2295DF24283E8":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000004030201A0A1A2A3A4A5":"0001020304050607":"5D2564BF8EAFE1D99526EC016D1BF0424CFBD2CD62848F33":"60B2295DF24283E8":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":0
 
 Camellia-CCM test vector RFC 5528 #3
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000005040302A0A1A2A3A4A5":"0001020304050607":"81F663D6C7787817F9203608B982AD15DC2BBD87D756F79204":"F551D6682F23AA46":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000005040302A0A1A2A3A4A5":"0001020304050607":"81F663D6C7787817F9203608B982AD15DC2BBD87D756F79204":"F551D6682F23AA46":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20":0
 
 Camellia-CCM test vector RFC 5528 #4
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000006050403A0A1A2A3A4A5":"000102030405060708090A0B":"CAEF1E827211B08F7BD90F08C77288C070A4A0":"8B3A933A63E497A0":"":"0C0D0E0F101112131415161718191A1B1C1D1E"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000006050403A0A1A2A3A4A5":"000102030405060708090A0B":"CAEF1E827211B08F7BD90F08C77288C070A4A0":"8B3A933A63E497A0":"":"0C0D0E0F101112131415161718191A1B1C1D1E":0
 
 Camellia-CCM test vector RFC 5528 #5
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000007060504A0A1A2A3A4A5":"000102030405060708090A0B":"2AD3BAD94FC52E92BE438E827C1023B96A8A7725":"8FA17BA7F331DB09":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000007060504A0A1A2A3A4A5":"000102030405060708090A0B":"2AD3BAD94FC52E92BE438E827C1023B96A8A7725":"8FA17BA7F331DB09":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F":0
 
 Camellia-CCM test vector RFC 5528 #6
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000008070605A0A1A2A3A4A5":"000102030405060708090A0B":"FEA5480BA53FA8D3C34422AACE4DE67FFA3BB73BAB":"AB36A1EE4FE0FE28":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F20"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000008070605A0A1A2A3A4A5":"000102030405060708090A0B":"FEA5480BA53FA8D3C34422AACE4DE67FFA3BB73BAB":"AB36A1EE4FE0FE28":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F20":0
 
 Camellia-CCM test vector RFC 5528 #7
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000009080706A0A1A2A3A4A5":"0001020304050607":"54532026E54C119A8D36D9EC6E1ED97416C8708C4B5C2C":"ACAFA3BCCF7A4EBF9573":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"00000009080706A0A1A2A3A4A5":"0001020304050607":"54532026E54C119A8D36D9EC6E1ED97416C8708C4B5C2C":"ACAFA3BCCF7A4EBF9573":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E":0
 
 Camellia-CCM test vector RFC 5528 #8
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000A090807A0A1A2A3A4A5":"0001020304050607":"8AD19B001A87D148F4D92BEF34525CCCE3A63C6512A6F575":"7388E4913EF14701F441":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000A090807A0A1A2A3A4A5":"0001020304050607":"8AD19B001A87D148F4D92BEF34525CCCE3A63C6512A6F575":"7388E4913EF14701F441":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":0
 
 Camellia-CCM test vector RFC 5528 #9
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000B0A0908A0A1A2A3A4A5":"0001020304050607":"5DB08D62407E6E31D60F9CA2C60474219AC0BE50C0D4A57787":"94D6E230CD25C9FEBF87":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000B0A0908A0A1A2A3A4A5":"0001020304050607":"5DB08D62407E6E31D60F9CA2C60474219AC0BE50C0D4A57787":"94D6E230CD25C9FEBF87":"":"08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20":0
 
 Camellia-CCM test vector RFC 5528 #10
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000C0B0A09A0A1A2A3A4A5":"000102030405060708090A0B":"DB118CCEC1B8761C877CD8963A67D6F3BBBC5C":"D09299EB11F312F23237":"":"0C0D0E0F101112131415161718191A1B1C1D1E"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000C0B0A09A0A1A2A3A4A5":"000102030405060708090A0B":"DB118CCEC1B8761C877CD8963A67D6F3BBBC5C":"D09299EB11F312F23237":"":"0C0D0E0F101112131415161718191A1B1C1D1E":0
 
 Camellia-CCM test vector RFC 5528 #11
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000D0C0B0AA0A1A2A3A4A5":"000102030405060708090A0B":"7CC83D8DC49103525B483DC5CA7EA9AB812B7056":"079DAFFADA16CCCF2C4E":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000D0C0B0AA0A1A2A3A4A5":"000102030405060708090A0B":"7CC83D8DC49103525B483DC5CA7EA9AB812B7056":"079DAFFADA16CCCF2C4E":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F":0
 
 Camellia-CCM test vector RFC 5528 #12
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000E0D0C0BA0A1A2A3A4A5":"000102030405060708090A0B":"2CD35B8820D23E7AA351B0E92FC79367238B2CC748":"CBB94C2947793D64AF75":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F20"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":"0000000E0D0C0BA0A1A2A3A4A5":"000102030405060708090A0B":"2CD35B8820D23E7AA351B0E92FC79367238B2CC748":"CBB94C2947793D64AF75":"":"0C0D0E0F101112131415161718191A1B1C1D1E1F20":0
 
 Camellia-CCM test vector RFC 5528 #13
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00A970110E1927B160B6A31C1C":"6B7F464507FAE496":"A435D727348DDD22907F7EB8F5FDBB4D939DA6524DB4F6":"4558C02D25B127EE":"":"C6B5F3E6CA2311AEF7472B203E735EA561ADB17D56C5A3"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00A970110E1927B160B6A31C1C":"6B7F464507FAE496":"A435D727348DDD22907F7EB8F5FDBB4D939DA6524DB4F6":"4558C02D25B127EE":"":"C6B5F3E6CA2311AEF7472B203E735EA561ADB17D56C5A3":0
 
 Camellia-CCM test vector RFC 5528 #14
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"0083CD8CE0CB42B160B6A31C1C":"986605B43DF15DE7":"8AE052508FBECA932E346F05E0DC0DFBCF939EAFFA3E587C":"867D6E1C48703806":"":"01F6CE6764C574483BB02E6BBF1E0ABD26A22572B4D80EE7"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"0083CD8CE0CB42B160B6A31C1C":"986605B43DF15DE7":"8AE052508FBECA932E346F05E0DC0DFBCF939EAFFA3E587C":"867D6E1C48703806":"":"01F6CE6764C574483BB02E6BBF1E0ABD26A22572B4D80EE7":0
 
 Camellia-CCM test vector RFC 5528 #15
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"005F54950B18F2B160B6A31C1C":"48F2E7E1A7671A51":"08B67EE21C8BF26E473E408599E9C0836D6AF0BB18DF55466C":"A80878A790476DE5":"":"CDF1D8406FC2E9014953897005FBFB8BA57276F92404608E08"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"005F54950B18F2B160B6A31C1C":"48F2E7E1A7671A51":"08B67EE21C8BF26E473E408599E9C0836D6AF0BB18DF55466C":"A80878A790476DE5":"":"CDF1D8406FC2E9014953897005FBFB8BA57276F92404608E08":0
 
 Camellia-CCM test vector RFC 5528 #16
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00EC600863319AB160B6A31C1C":"DE97DF3B8CBD6D8E5030DA4C":"63B78B4967B19EDBB733CD1114F64EB2260893":"68C354828D950CC5":"":"B005DCFA0B59181426A961685A993D8C43185B"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00EC600863319AB160B6A31C1C":"DE97DF3B8CBD6D8E5030DA4C":"63B78B4967B19EDBB733CD1114F64EB2260893":"68C354828D950CC5":"":"B005DCFA0B59181426A961685A993D8C43185B":0
 
 Camellia-CCM test vector RFC 5528 #17
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"0060CFF1A31EA1B160B6A31C1C":"A5EE93E457DF05466E782DCF":"0BC6BBE2A8B909F4629EE6DC148DA44410E18AF4":"3147383276F66A9F":"":"2E20211298105F129D5ED95B93F72D30B2FACCD7"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"0060CFF1A31EA1B160B6A31C1C":"A5EE93E457DF05466E782DCF":"0BC6BBE2A8B909F4629EE6DC148DA44410E18AF4":"3147383276F66A9F":"":"2E20211298105F129D5ED95B93F72D30B2FACCD7":0
 
 Camellia-CCM test vector RFC 5528 #18
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"000F85CD995C97B160B6A31C1C":"24AA1BF9A5CD876182A25074":"222AD632FA31D6AF970C345F7E77CA3BD0DC25B340":"A1A3D31F8D4B44B7":"":"2645941E75632D3491AF0FC0C9876C3BE4AA7468C9"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"000F85CD995C97B160B6A31C1C":"24AA1BF9A5CD876182A25074":"222AD632FA31D6AF970C345F7E77CA3BD0DC25B340":"A1A3D31F8D4B44B7":"":"2645941E75632D3491AF0FC0C9876C3BE4AA7468C9":0
 
 Camellia-CCM test vector RFC 5528 #19
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00C29B2CAAC4CDB160B6A31C1C":"691946B9CA07BE87":"05B8E1B9C49CFD56CF130AA6251DC2ECC06CCC508FE697":"A0066D57C84BEC182768":"":"070135A6437C9DB120CD61D8F6C39C3EA125FD95A0D23D"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00C29B2CAAC4CDB160B6A31C1C":"691946B9CA07BE87":"05B8E1B9C49CFD56CF130AA6251DC2ECC06CCC508FE697":"A0066D57C84BEC182768":"":"070135A6437C9DB120CD61D8F6C39C3EA125FD95A0D23D":0
 
 Camellia-CCM test vector RFC 5528 #20
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"002C6B7595EE62B160B6A31C1C":"D0C54ECB84627DC4":"54CEB968DEE23611575EC003DFAA1CD48849BDF5AE2EDB6B":"7FA775B150ED4383C5A9":"":"C8C0880E6C636E20093DD6594217D2E18877DB264E71A5CC"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"002C6B7595EE62B160B6A31C1C":"D0C54ECB84627DC4":"54CEB968DEE23611575EC003DFAA1CD48849BDF5AE2EDB6B":"7FA775B150ED4383C5A9":"":"C8C0880E6C636E20093DD6594217D2E18877DB264E71A5CC":0
 
 Camellia-CCM test vector RFC 5528 #21
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00C53CD4C2AA24B160B6A31C1C":"E285E0E4808CDA3D":"B1404546BF667210CA28E309B39BD6CA7E9FC8285FE698D43C":"D20A02E0BDCAED2010D3":"":"F75DAA0710C4E64297794DC2B7D2A20757B1AA4E448002FFAB"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00C53CD4C2AA24B160B6A31C1C":"E285E0E4808CDA3D":"B1404546BF667210CA28E309B39BD6CA7E9FC8285FE698D43C":"D20A02E0BDCAED2010D3":"":"F75DAA0710C4E64297794DC2B7D2A20757B1AA4E448002FFAB":0
 
 Camellia-CCM test vector RFC 5528 #22
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00BEE9267FBADCB160B6A31C1C":"6CAEF9941141570D7C813405":"94C8959C11569A297831A721005857AB61B87A":"2DEA0936B6EB5F625F5D":"":"C238822FAC5F98FF929405B0AD127A4E41854E"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00BEE9267FBADCB160B6A31C1C":"6CAEF9941141570D7C813405":"94C8959C11569A297831A721005857AB61B87A":"2DEA0936B6EB5F625F5D":"":"C238822FAC5F98FF929405B0AD127A4E41854E":0
 
 Camellia-CCM test vector RFC 5528 #23
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00DFA8B1245007B160B6A31C1C":"36A52CF16B19A2037AB7011E":"5869E3AAD2447C74E0FC05F9A4EA74577F4DE8CA":"8924764296AD04119CE7":"":"4DBF3E774AD245E5D5891F9D1C32A0AE022C85D7"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"00DFA8B1245007B160B6A31C1C":"36A52CF16B19A2037AB7011E":"5869E3AAD2447C74E0FC05F9A4EA74577F4DE8CA":"8924764296AD04119CE7":"":"4DBF3E774AD245E5D5891F9D1C32A0AE022C85D7":0
 
 Camellia-CCM test vector RFC 5528 #24
 depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_CCM_C
-auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"003B8FD8D3A937B160B6A31C1C":"A4D499F78419728C19178B0C":"4B198156393B0F7796086AAFB454F8C3F034CCA966":"945F1FCEA7E11BEE6A2F":"":"9DC9EDAE2FF5DF8636E8C6DE0EED55F7867E33337D"
+auth_crypt_tv:MBEDTLS_CIPHER_CAMELLIA_128_CCM:"D75C2778078CA93D971F96FDE720F4CD":"003B8FD8D3A937B160B6A31C1C":"A4D499F78419728C19178B0C":"4B198156393B0F7796086AAFB454F8C3F034CCA966":"945F1FCEA7E11BEE6A2F":"":"9DC9EDAE2FF5DF8636E8C6DE0EED55F7867E33337D":0
 
+AES-128-CCM test vector NIST #1 PSA (P=0, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"5a8aa485c316e9":"":"":"02209f55":"":"":1
+
+AES-128-CCM test vector NIST #2 PSA (P=0, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4ae701103c63deca5b5a3939d7d05992":"3796cf51b87266":"":"":"9a04c241":"FAIL":"":1
+
+AES-128-CCM test vector NIST #3 PSA (P=0, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9":"":"":"75d582db43ce9b13ab4b6f7f14341330":"":"":1
+
+AES-128-CCM test vector NIST #4 PSA (P=0, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"3796cf51b87266":"":"":"3a65e03af37b81d05acc7ec1bc39deb0":"FAIL":"":1
+
+AES-128-CCM test vector NIST #5 PSA (P=0, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"5a8aa485c316e9403aff859fbb":"":"":"90156f3f":"":"":1
+
+AES-128-CCM test vector NIST #6 PSA (P=0, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3":"a16a2e741f1cd9717285b6d882":"":"":"88909016":"FAIL":"":1
+
+AES-128-CCM test vector NIST #7 PSA (P=0, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9403aff859fbb":"":"":"fb04dc5a44c6bb000f2440f5154364b4":"":"":1
+
+AES-128-CCM test vector NIST #8 PSA (P=0, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"a16a2e741f1cd9717285b6d882":"":"":"5447075bf42a59b91f08064738b015ab":"FAIL":"":1
+
+AES-128-CCM test vector NIST #9 PSA (P=24, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"5a8aa485c316e9":"":"a90e8ea44085ced791b2fdb7fd44b5cf0bd7d27718029bb7":"03e1fa6b":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1
+
+AES-128-CCM test vector NIST #10 PSA (P=24, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"19ebfde2d5468ba0a3031bde629b11fd":"31f8fa25827d48":"":"50aafe0578c115c4a8e126ff7b3ccb64dce8ccaa8ceda69f":"23e5d81c":"FAIL":"":1
+
+AES-128-CCM test vector NIST #11 PSA (P=24, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9":"":"24ab9eeb0e5508cae80074f1070ee188a637171860881f1f":"2d9a3fbc210595b7b8b1b41523111a8e":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1
+
+AES-128-CCM test vector NIST #12 PSA (P=24, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"31f8fa25827d48":"":"7ebfda6fa5da1dbffd82dc29b875798fbcef8ba0084fbd24":"63af747cc88a001fa94e060290f209c4":"FAIL":"":1
+
+AES-128-CCM test vector NIST #13 PSA (P=24, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"5a8aa485c316e9403aff859fbb":"":"4a550134f94455979ec4bf89ad2bd80d25a77ae94e456134":"a3e138b9":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1
+
+AES-128-CCM test vector NIST #14 PSA (P=24, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"197afb02ffbd8f699dacae87094d5243":"49004912fdd7269279b1f06a89":"":"118ec53dd1bfbe52d5b9fe5dfebecf2ee674ec983eada654":"091a5ae9":"FAIL":"":1
+
+AES-128-CCM test vector NIST #15 PSA (P=24, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9403aff859fbb":"":"4bfe4e35784f0a65b545477e5e2f4bae0e1e6fa717eaf2cb":"6a9a970b9beb2ac1bd4fd62168f8378a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1
+
+AES-128-CCM test vector NIST #16 PSA (P=24, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"49004912fdd7269279b1f06a89":"":"0c56a503aa2c12e87450d45a7b714db980fd348f327c0065":"a65666144994bad0c8195bcb4ade1337":"FAIL":"":1
+
+AES-128-CCM test vector NIST #17 PSA (P=0, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"782e4318":"":"":1
+
+AES-128-CCM test vector NIST #18 PSA (P=0, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"90929a4b0ac65b350ad1591611fe4829":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"a04f270a":"FAIL":"":1
+
+AES-128-CCM test vector NIST #19 PSA (P=0, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"41b476013f45e4a781f253a6f3b1e530":"":"":1
+
+AES-128-CCM test vector NIST #20 PSA (P=0, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"f9f018fcd125822616083fffebc4c8e6":"FAIL":"":1
+
+AES-128-CCM test vector NIST #21 PSA (P=0, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"9f69f24f":"":"":1
+
+AES-128-CCM test vector NIST #22 PSA (P=0, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"e17afaa4":"FAIL":"":1
+
+AES-128-CCM test vector NIST #23 PSA (P=0, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"1859ac36a40a6b28b34266253627797a":"":"":1
+
+AES-128-CCM test vector NIST #24 PSA (P=0, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"edf8b46eb69ac0044116019dec183072":"FAIL":"":1
+
+AES-128-CCM test vector NIST #25 PSA (P=24, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6be31860ca271ef448de8f8d8b39346daf4b81d7e92d65b3":"38f125fa":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1
+
+AES-128-CCM test vector NIST #26 PSA (P=24, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"f9fdca4ac64fe7f014de0f43039c7571":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4cc57a9927a6bc401441870d3193bf89ebd163f5c01501c7":"28a66b69":"FAIL":"":1
+
+AES-128-CCM test vector NIST #27 PSA (P=24, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"b351ab96b2e45515254558d5212673ee6c776d42dbca3b51":"2cf3a20b7fd7c49e6e79bef475c2906f":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1
+
+AES-128-CCM test vector NIST #28 PSA (P=24, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"df1a5285caa41b4bb47f6e5ceceba4e82721828d68427a30":"81d18ca149d6766bfaccec88f194eb5b":"FAIL":"":1
+
+AES-128-CCM test vector NIST #29 PSA (P=24, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"934f893824e880f743d196b22d1f340a52608155087bd28a":"c25e5329":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1
+
+AES-128-CCM test vector NIST #30 PSA (P=24, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"a7aa635ea51b0bb20a092bd5573e728c":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"f43ba9d834ad85dfab3f1c0c27c3441fe4e411a38a261a65":"59b3b3ee":"FAIL":"":1
+
+AES-128-CCM test vector NIST #31 PSA (P=24, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"50038b5fdd364ee747b70d00bd36840ece4ea19998123375":"c0a458bfcafa3b2609afe0f825cbf503":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1
+
+AES-128-CCM test vector NIST #32 PSA (P=24, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_CCM:"26511fb51fcfa75cb4b44da75a6e5a0e":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"78ed8ff6b5a1255d0fbd0a719a9c27b059ff5f83d0c4962c":"390042ba8bb5f6798dab01c5afad7306":"FAIL":"":1
+
+AES-192-CCM test vector NIST #1 PSA (P=0, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"5a8aa485c316e9":"":"":"9d4b7f3b":"":"":1
+
+AES-192-CCM test vector NIST #2 PSA (P=0, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"c98ad7f38b2c7e970c9b965ec87a08208384718f78206c6c":"3796cf51b87266":"":"":"80745de9":"FAIL":"":1
+
+AES-192-CCM test vector NIST #3 PSA (P=0, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9":"":"":"17223038fa99d53681ca1beabe78d1b4":"":"":1
+
+AES-192-CCM test vector NIST #4 PSA (P=0, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"3796cf51b87266":"":"":"d0e1eeef4d2a264536bb1c2c1bde7c35":"FAIL":"":1
+
+AES-192-CCM test vector NIST #5 PSA (P=0, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"5a8aa485c316e9403aff859fbb":"":"":"fe69ed84":"":"":1
+
+AES-192-CCM test vector NIST #6 PSA (P=0, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"4bb3c4a4f893ad8c9bdc833c325d62b3d3ad1bccf9282a65":"a16a2e741f1cd9717285b6d882":"":"":"db7ffc82":"FAIL":"":1
+
+AES-192-CCM test vector NIST #7 PSA (P=0, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9403aff859fbb":"":"":"0c66a8e547ed4f8c2c9a9a1eb5d455b9":"":"":1
+
+AES-192-CCM test vector NIST #8 PSA (P=0, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"a16a2e741f1cd9717285b6d882":"":"":"38757b3a61a4dc97ca3ab88bf1240695":"FAIL":"":1
+
+AES-192-CCM test vector NIST #9 PSA (P=24, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"5a8aa485c316e9":"":"411986d04d6463100bff03f7d0bde7ea2c3488784378138c":"ddc93a54":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1
+
+AES-192-CCM test vector NIST #10 PSA (P=24, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"19ebfde2d5468ba0a3031bde629b11fd4094afcb205393fa":"31f8fa25827d48":"":"32b649ab56162e55d4148a1292d6a225a988eb1308298273":"b6889036":"FAIL":"":1
+
+AES-192-CCM test vector NIST #11 PSA (P=24, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9":"":"cba4b4aeb85f0492fd8d905c4a6d8233139833373ef188a8":"c5a5ebecf7ac8607fe412189e83d9d20":"":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22":1
+
+AES-192-CCM test vector NIST #12 PSA (P=24, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"31f8fa25827d48":"":"ca62713728b5c9d652504b0ae8fd4fee5d297ee6a8d19cb6":"e699f15f14d34dcaf9ba8ed4b877c97d":"FAIL":"":1
+
+AES-192-CCM test vector NIST #13 PSA (P=24, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"5a8aa485c316e9403aff859fbb":"":"042653c674ef2a90f7fb11d30848e530ae59478f1051633a":"34fad277":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1
+
+AES-192-CCM test vector NIST #14 PSA (P=24, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"197afb02ffbd8f699dacae87094d524324576b99844f75e1":"49004912fdd7269279b1f06a89":"":"1902d9769a7ba3d3268e1257395c8c2e5f98eef295dcbfa5":"a35df775":"FAIL":"":1
+
+AES-192-CCM test vector NIST #15 PSA (P=24, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9403aff859fbb":"":"a5b7d8cca2069908d1ed88e6a9fe2c9bede3131dad54671e":"a7ade30a07d185692ab0ebdf4c78cf7a":"":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697":1
+
+AES-192-CCM test vector NIST #16 PSA (P=24, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"49004912fdd7269279b1f06a89":"":"9a98617fb97a0dfe466be692272dcdaec1c5443a3b51312e":"f042c86363cc05afb98c66e16be8a445":"FAIL":"":1
+
+AES-192-CCM test vector NIST #17 PSA (P=0, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"1d089a5f":"":"":1
+
+AES-192-CCM test vector NIST #18 PSA (P=0, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"90929a4b0ac65b350ad1591611fe48297e03956f6083e451":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"2f46022a":"FAIL":"":1
+
+AES-192-CCM test vector NIST #19 PSA (P=0, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"":"5280a2137fee3deefcfe9b63a1199fb3":"":"":1
+
+AES-192-CCM test vector NIST #20 PSA (P=0, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"a265480ca88d5f":"a2248a882ecbf850daf91933a389e78e81623d233dfd47bf8321361a38f138fe":"":"d40a7318c5f2d82f838c0beeefe0d598":"FAIL":"":1
+
+AES-192-CCM test vector NIST #21 PSA (P=0, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"5e0eaebd":"":"":1
+
+AES-192-CCM test vector NIST #22 PSA (P=0, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"6a798d7c5e1a72b43e20ad5c7b08567b12ab744b61c070e2":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"71b7fc33":"FAIL":"":1
+
+AES-192-CCM test vector NIST #23 PSA (P=0, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"":"d07ccf9fdc3d33aa94cda3d230da707c":"":"":1
+
+AES-192-CCM test vector NIST #24 PSA (P=0, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"8739b4bea1a099fe547499cbc6":"f6107696edb332b2ea059d8860fee26be42e5e12e1a4f79a8d0eafce1b2278a7":"":"65fe32b649dc328c9f531584897e85b3":"FAIL":"":1
+
+AES-192-CCM test vector NIST #25 PSA (P=24, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"9f6ca4af9b159148c889a6584d1183ea26e2614874b05045":"75dea8d1":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1
+
+AES-192-CCM test vector NIST #26 PSA (P=24, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"f9fdca4ac64fe7f014de0f43039c757194d544ce5d15eed4":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"84d8212e9cfc2121252baa3b065b1edcf50497b9594db1eb":"d7965825":"FAIL":"":1
+
+AES-192-CCM test vector NIST #27 PSA (P=24, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9":"3796cf51b8726652a4204733b8fbb047cf00fb91a9837e22ec22b1a268f88e2c":"6aab64c4787599d8f213446beadb16e08dba60e97f56dbd1":"4d1d980d6fe0fb44b421992662b97975":"":"a265480ca88d5f536db0dc6abc40faf0d05be7a966977768":1
+
+AES-192-CCM test vector NIST #28 PSA (P=24, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"fdd2d6f503c915":"5b92394f21ddc3ad49d9b0881b829a5935cb3a4d23e292a62fb66b5e7ab7020e":"4980b2ee49b1aaf393175f5ab9bae95ec7904557dfa20660":"3c51d36c826f01384100886198a7f6a3":"FAIL":"":1
+
+AES-192-CCM test vector NIST #29 PSA (P=24, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"16e543d0e20615ff0df15acd9927ddfe40668a54bb854ccc":"c25e9fce":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1
+
+AES-192-CCM test vector NIST #30 PSA (P=24, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"a7aa635ea51b0bb20a092bd5573e728ccd4b3e8cdd2ab33d":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"df35b109caf690656ae278bbd8f8bba687a2ce11b105dae9":"8ecedb3e":"FAIL":"":1
+
+AES-192-CCM test vector NIST #31 PSA (P=24, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"5a8aa485c316e9403aff859fbb":"a16a2e741f1cd9717285b6d882c1fc53655e9773761ad697a7ee6410184c7982":"c5b0b2ef17498c5570eb335df4588032958ba3d69bf6f317":"8464a6f7fa2b76744e8e8d95691cecb8":"":"8739b4bea1a099fe547499cbc6d1b13d849b8084c9b6acc5":1
+
+AES-192-CCM test vector NIST #32 PSA (P=24, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_CCM:"26511fb51fcfa75cb4b44da75a6e5a0eb8d9c8f3b906f886":"0812757ad0cc4d17c4cfe7a642":"ec6c44a7e94e51a3ca6dee229098391575ec7213c85267fbf7492fdbeee61b10":"d1f0518929f4ae2f0543de2a7dfe4bb0110bb3057e524a1c":"06bd6dc2e6bcc3436cffb969ae900388":"FAIL":"":1
+
+AES-256-CCM test vector NIST #1 PSA (P=0, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"a544218dadd3c1":"":"":"469c90bb":"":"":1
+
+AES-256-CCM test vector NIST #2 PSA (P=0, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"eda32f751456e33195f1f499cf2dc7c97ea127b6d488f211ccc5126fbb24afa6":"d3d5424e20fbec":"":"":"46a908ed":"FAIL":"":1
+
+AES-256-CCM test vector NIST #3 PSA (P=0, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c1":"":"":"8207eb14d33855a52acceed17dbcbf6e":"":"":1
+
+AES-256-CCM test vector NIST #4 PSA (P=0, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"d3d5424e20fbec":"":"":"60f8e127cb4d30db6df0622158cd931d":"FAIL":"":1
+
+AES-256-CCM test vector NIST #5 PSA (P=0, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"a544218dadd3c10583db49cf39":"":"":"8a19a133":"":"":1
+
+AES-256-CCM test vector NIST #6 PSA (P=0, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"e1b8a927a95efe94656677b692662000278b441c79e879dd5c0ddc758bdc9ee8":"3c0e2815d37d844f7ac240ba9d":"":"":"2e317f1b":"FAIL":"":1
+
+AES-256-CCM test vector NIST #7 PSA (P=0, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c10583db49cf39":"":"":"97e1a8dd4259ccd2e431e057b0397fcf":"":"":1
+
+AES-256-CCM test vector NIST #8 PSA (P=0, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"3c0e2815d37d844f7ac240ba9d":"":"":"5a9596c511ea6a8671adefc4f2157d8b":"FAIL":"":1
+
+AES-256-CCM test vector NIST #9 PSA (P=24, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"a544218dadd3c1":"":"64a1341679972dc5869fcf69b19d5c5ea50aa0b5e985f5b7":"22aa8d59":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98":1
+
+AES-256-CCM test vector NIST #10 PSA (P=24, N=7, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"af063639e66c284083c5cf72b70d8bc277f5978e80d9322d99f2fdc718cda569":"bfcda8b5a2d0d2":"":"c5b7f802bffc498c1626e3774f1d9f94045dfd8e1a10a202":"77d00a75":"FAIL":"":1
+
+AES-256-CCM test vector NIST #11 PSA (P=24, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c1":"":"bc51c3925a960e7732533e4ef3a4f69ee6826de952bcb0fd":"374f3bb6db8377ebfc79674858c4f305":"":"d3d5424e20fbec43ae495353ed830271515ab104f8860c98":1
+
+AES-256-CCM test vector NIST #12 PSA (P=24, N=7, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"bfcda8b5a2d0d2":"":"afa1fa8e8a70e26b02161150556d604101fdf423f332c336":"3275f2a4907d51b734fe7238cebbd48f":"FAIL":"":1
+
+AES-256-CCM test vector NIST #13 PSA (P=24, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"a544218dadd3c10583db49cf39":"":"63e00d30e4b08fd2a1cc8d70fab327b2368e77a93be4f412":"3d14fb3f":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":1
+
+AES-256-CCM test vector NIST #14 PSA (P=24, N=13, A=0, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"f7079dfa3b5c7b056347d7e437bcded683abd6e2c9e069d333284082cbb5d453":"894dcaa61008eb8fb052c60d41":"":"bb5425b3869b76856ec58e39886fb6f6f2ac13fe44cb132d":"8d0c0099":"FAIL":"":1
+
+AES-256-CCM test vector NIST #15 PSA (P=24, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c10583db49cf39":"":"f0050ad16392021a3f40207bed3521fb1e9f808f49830c42":"3a578d179902f912f9ea1afbce1120b3":"":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e":1
+
+AES-256-CCM test vector NIST #16 PSA (P=24, N=13, A=0, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"894dcaa61008eb8fb052c60d41":"":"c408190d0fbf5034f83b24a8ed9657331a7ce141de4fae76":"9084607b83bd06e6442eac8dacf583cc":"FAIL":"":1
+
+AES-256-CCM test vector NIST #17 PSA (P=0, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"92d00fbe":"":"":1
+
+AES-256-CCM test vector NIST #18 PSA (P=0, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"1b0e8df63c57f05d9ac457575ea764524b8610ae5164e6215f426f5a7ae6ede4":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"9143e5c4":"FAIL":"":1
+
+AES-256-CCM test vector NIST #19 PSA (P=0, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"":"93af11a08379eb37a16aa2837f09d69d":"":"":1
+
+AES-256-CCM test vector NIST #20 PSA (P=0, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"78c46e3249ca28":"232e957c65ffa11988e830d4617d500f1c4a35c1221f396c41ab214f074ca2dc":"":"d19b0c14ec686a7961ca7c386d125a65":"FAIL":"":1
+
+AES-256-CCM test vector NIST #21 PSA (P=0, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"866d4227":"":"":1
+
+AES-256-CCM test vector NIST #22 PSA (P=0, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"a4bc10b1a62c96d459fbaf3a5aa3face7313bb9e1253e696f96a7a8e36801088":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"94cb1127":"FAIL":"":1
+
+AES-256-CCM test vector NIST #23 PSA (P=0, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"":"867b0d87cf6e0f718200a97b4f6d5ad5":"":"":1
+
+AES-256-CCM test vector NIST #24 PSA (P=0, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"e8de970f6ee8e80ede933581b5":"89f8b068d34f56bc49d839d8e47b347e6dae737b903b278632447e6c0485d26a":"":"677a040d46ee3f2b7838273bdad14f16":"FAIL":"":1
+
+AES-256-CCM test vector NIST #25 PSA (P=24, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"c2fe12658139f5d0dd22cadf2e901695b579302a72fc5608":"3ebc7720":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3":1
+
+AES-256-CCM test vector NIST #26 PSA (P=24, N=7, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"8c5cf3457ff22228c39c051c4e05ed4093657eb303f859a9d4b0f8be0127d88a":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"94748ba81229e53c38583a8564b23ebbafc6f6efdf4c2a81":"c44db2c9":"FAIL":"":1
+
+AES-256-CCM test vector NIST #27 PSA (P=24, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c1":"d3d5424e20fbec43ae495353ed830271515ab104f8860c988d15b6d36c038eab":"3341168eb8c48468c414347fb08f71d2086f7c2d1bd581ce":"1ac68bd42f5ec7fa7e068cc0ecd79c2a":"":"78c46e3249ca28e1ef0531d80fd37c124d9aecb7be6668e3":1
+
+AES-256-CCM test vector NIST #28 PSA (P=24, N=7, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"6ba004fd176791":"5a053b2a1bb87e85d56527bfcdcd3ecafb991bb10e4c862bb0751c700a29f54b":"d543acda712b898cbb27b8f598b2e4438ce587a836e27851":"47c3338a2400809e739b63ba8227d2f9":"FAIL":"":1
+
+AES-256-CCM test vector NIST #29 PSA (P=24, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"c0ea400b599561e7905b99262b4565d5c3dc49fad84d7c69":"ef891339":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3":1
+
+AES-256-CCM test vector NIST #30 PSA (P=24, N=13, A=32, T=4)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"705334e30f53dd2f92d190d2c1437c8772f940c55aa35e562214ed45bd458ffe":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"60871e03ea0eb968536c99f926ea24ef43d41272ad9fb7f6":"3d488623":"FAIL":"":1
+
+AES-256-CCM test vector NIST #31 PSA (P=24, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"a544218dadd3c10583db49cf39":"3c0e2815d37d844f7ac240ba9d6e3a0b2a86f706e885959e09a1005e024f6907":"8d34cdca37ce77be68f65baf3382e31efa693e63f914a781":"367f30f2eaad8c063ca50795acd90203":"":"e8de970f6ee8e80ede933581b5bcf4d837e2b72baa8b00c3":1
+
+AES-256-CCM test vector NIST #32 PSA (P=24, N=13, A=32, T=16)
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C:MBEDTLS_CCM_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_CCM:"314a202f836f9f257e22d8c11757832ae5131d357a72df88f3eff0ffcee0da4e":"8fa501c5dd9ac9b868144c9fa5":"5bb40e3bb72b4509324a7edc852f72535f1f6283156e63f6959ffaf39dcde800":"516c0095cc3d85fd55e48da17c592e0c7014b9daafb82bdc":"4b41096dfdbe9cc1ab610f8f3e038d16":"FAIL":"":1
diff --git a/tests/suites/test_suite_cipher.chachapoly.data b/tests/suites/test_suite_cipher.chachapoly.data
index 9d74d5663..7310a84d7 100644
--- a/tests/suites/test_suite_cipher.chachapoly.data
+++ b/tests/suites/test_suite_cipher.chachapoly.data
@@ -112,11 +112,11 @@ enc_dec_buf_multipart:MBEDTLS_CIPHER_CHACHA20_POLY1305:256:16:16:-1:16:16:16:16
 
 ChaCha20+Poly1305 RFC 7539 Test Vector #1
 depends_on:MBEDTLS_CHACHAPOLY_C
-auth_crypt_tv:MBEDTLS_CIPHER_CHACHA20_POLY1305:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000102030405060708":"f33388860000000000004e91":"64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b":"eead9d67890cbb22392336fea1851f38":"":"496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67726573732e2fe2809d"
+auth_crypt_tv:MBEDTLS_CIPHER_CHACHA20_POLY1305:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000102030405060708":"f33388860000000000004e91":"64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b":"eead9d67890cbb22392336fea1851f38":"":"496e7465726e65742d4472616674732061726520647261667420646f63756d656e74732076616c696420666f722061206d6178696d756d206f6620736978206d6f6e74687320616e64206d617920626520757064617465642c207265706c616365642c206f72206f62736f6c65746564206279206f7468657220646f63756d656e747320617420616e792074696d652e20497420697320696e617070726f70726961746520746f2075736520496e7465726e65742d447261667473206173207265666572656e6365206d6174657269616c206f7220746f2063697465207468656d206f74686572207468616e206173202fe2809c776f726b20696e2070726f67726573732e2fe2809d":0
 
 ChaCha20+Poly1305 RFC 7539 Test Vector #1 Unauthentic (1st bit flipped)
 depends_on:MBEDTLS_CHACHAPOLY_C
-auth_crypt_tv:MBEDTLS_CIPHER_CHACHA20_POLY1305:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000102030405060708":"f33388860000000000004e91":"64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b":"6ead9d67890cbb22392336fea1851f38":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_CHACHA20_POLY1305:"1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0":"000000000102030405060708":"f33388860000000000004e91":"64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6cfc18755d43eea09ee94e382d26b0bdb7b73c321b0100d4f03b7f355894cf332f830e710b97ce98c8a84abd0b948114ad176e008d33bd60f982b1ff37c8559797a06ef4f0ef61c186324e2b3506383606907b6a7c02b0f9f6157b53c867e4b9166c767b804d46a59b5216cde7a4e99040c5a40433225ee282a1b0a06c523eaf4534d7f83fa1155b0047718cbc546a0d072b04b3564eea1b422273f548271a0bb2316053fa76991955ebd63159434ecebb4e466dae5a1073a6727627097a1049e617d91d361094fa68f0ff77987130305beaba2eda04df997b714d6c6f2c29a6ad5cb4022b02709b":"6ead9d67890cbb22392336fea1851f38":"FAIL":"":0
 
 Chacha20+Poly1305 RFC 7539 Test Vector #1 (streaming)
 depends_on:MBEDTLS_CHACHAPOLY_C
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index da9dfa138..ada7347c8 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -542,33 +542,66 @@ exit:
 /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_AEAD */
 void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
                     data_t * ad, data_t * cipher, data_t * tag,
-                    char * result, data_t * clear )
+                    char * result, data_t * clear, int use_psa )
 {
+    /* Takes an AEAD ciphertext + tag and performs a pair
+     * of AEAD decryption and AEAD encryption. It checks that
+     * this results in the expected plaintext, and that
+     * decryption and encryption are inverse to one another. */
+
     int ret;
-    unsigned char output[267]; /* above + 2 (overwrite check) */
-    unsigned char my_tag[20];
+    unsigned char output[300];        /* Temporary buffer for results of
+                                       * encryption and decryption. */
+    unsigned char *output_tag = NULL; /* Temporary buffer for tag in the
+                                       * encryption step. */
+
     mbedtls_cipher_context_t ctx;
     size_t outlen;
 
+    unsigned char *tmp_tag    = NULL;
+    unsigned char *tmp_cipher = NULL;
+
     mbedtls_cipher_init( &ctx );
-
     memset( output, 0xFF, sizeof( output ) );
-    memset( my_tag, 0xFF, sizeof( my_tag ) );
-
 
     /* Prepare context */
-    TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
-                                       mbedtls_cipher_info_from_type( cipher_id ) ) );
-    TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, MBEDTLS_DECRYPT ) );
+#if !defined(MBEDTLS_USE_PSA_CRYPTO)
+    (void) use_psa;
+#else
+    if( use_psa == 1 )
+    {
+        /* PSA requires that the tag immediately follows the ciphertext. */
+        tmp_cipher = mbedtls_calloc( 1, cipher->len + tag->len );
+        TEST_ASSERT( tmp_cipher != NULL );
+        tmp_tag = tmp_cipher + cipher->len;
+
+        memcpy( tmp_cipher, cipher->x, cipher->len );
+        memcpy( tmp_tag, tag->x, tag->len );
+
+        TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx,
+                              mbedtls_cipher_info_from_type( cipher_id ),
+                              tag->len ) );
+    }
+    else
+#endif
+    {
+        tmp_tag = tag->x;
+        tmp_cipher = cipher->x;
+        TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
+                              mbedtls_cipher_info_from_type( cipher_id ) ) );
+    }
+
+    TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len,
+                                             MBEDTLS_DECRYPT ) );
 
     /* decode buffer and check tag->x */
-    ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
-                               cipher->x, cipher->len, output, &outlen,
-                               tag->x, tag->len );
 
-    /* make sure we didn't overwrite */
-    TEST_ASSERT( output[outlen + 0] == 0xFF );
-    TEST_ASSERT( output[outlen + 1] == 0xFF );
+    /* Sanity check that we don't use overly long inputs. */
+    TEST_ASSERT( sizeof( output ) >= cipher->len );
+
+    ret = mbedtls_cipher_auth_decrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
+                               tmp_cipher, cipher->len, output, &outlen,
+                               tmp_tag, tag->len );
 
     /* make sure the message is rejected if it should be */
     if( strcmp( result, "FAIL" ) == 0 )
@@ -587,23 +620,28 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
     memset( output, 0xFF, sizeof( output ) );
     outlen = 0;
 
+    /* Sanity check that we don't use overly long inputs. */
+    TEST_ASSERT( sizeof( output ) >= clear->len + tag->len );
+
+    output_tag = output + clear->len;
     ret = mbedtls_cipher_auth_encrypt( &ctx, iv->x, iv->len, ad->x, ad->len,
                                clear->x, clear->len, output, &outlen,
-                               my_tag, tag->len );
+                               output_tag, tag->len );
     TEST_ASSERT( ret == 0 );
 
     TEST_ASSERT( outlen == clear->len );
-    TEST_ASSERT( memcmp( output, cipher->x, clear->len ) == 0 );
-    TEST_ASSERT( memcmp( my_tag, tag->x, tag->len ) == 0 );
-
-    /* make sure we didn't overwrite */
-    TEST_ASSERT( output[outlen + 0] == 0xFF );
-    TEST_ASSERT( output[outlen + 1] == 0xFF );
-    TEST_ASSERT( my_tag[tag->len + 0] == 0xFF );
-    TEST_ASSERT( my_tag[tag->len + 1] == 0xFF );
-
+    TEST_ASSERT( memcmp( output, cipher->x, cipher->len ) == 0 );
+    TEST_ASSERT( memcmp( output_tag, tag->x, tag->len ) == 0 );
 
 exit:
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( use_psa == 1 )
+    {
+        mbedtls_free( tmp_cipher );
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
     mbedtls_cipher_free( &ctx );
 }
 /* END_CASE */
@@ -675,12 +713,12 @@ void test_vec_crypt( int cipher_id, int operation, char *hex_key,
     if( use_psa == 1 )
     {
         TEST_ASSERT( 0 == mbedtls_cipher_setup_psa( &ctx,
-                               mbedtls_cipher_info_from_type( cipher_id ) ) );
+                              mbedtls_cipher_info_from_type( cipher_id ), 0 ) );
     }
     else
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
     TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
-                               mbedtls_cipher_info_from_type( cipher_id ) ) );
+                              mbedtls_cipher_info_from_type( cipher_id ) ) );
 
     key_len = unhexify( key, hex_key );
     inputlen =  unhexify( input, hex_input );

From 78115ac4784e1c70511a83e75f9743b032b0765f Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 15 Nov 2018 18:04:13 +0000
Subject: [PATCH 756/889] Adapt existing Cipher-GCM test cases to new param for
 auth_crypt_tv

---
 tests/suites/test_suite_cipher.gcm.data | 1008 +++++++++++------------
 1 file changed, 504 insertions(+), 504 deletions(-)

diff --git a/tests/suites/test_suite_cipher.gcm.data b/tests/suites/test_suite_cipher.gcm.data
index 5e7911838..0a0bd069c 100644
--- a/tests/suites/test_suite_cipher.gcm.data
+++ b/tests/suites/test_suite_cipher.gcm.data
@@ -704,2016 +704,2016 @@ decrypt_test_vec:MBEDTLS_CIPHER_CAMELLIA_256_GCM:-1:"feffe9928665731c6d6a8f94673
 
 AES-GCM NIST Validation (AES-128,128,0,0,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d785dafea3e966731ef6fc6202262584":"d91a46205ee94058b3b8403997592dd2":"":"":"3b92a17c1b9c3578a68cffea5a5b6245":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d785dafea3e966731ef6fc6202262584":"d91a46205ee94058b3b8403997592dd2":"":"":"3b92a17c1b9c3578a68cffea5a5b6245":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aec963833b9098de1ababc853ab74d96":"4e0ffd93beffd732c6f7d6ad606a2d24":"":"":"e9fcedc176dfe587dc61b2011010cdf1":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aec963833b9098de1ababc853ab74d96":"4e0ffd93beffd732c6f7d6ad606a2d24":"":"":"e9fcedc176dfe587dc61b2011010cdf1":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4fb9e3393681da9cec5ec96f87c5c31":"845e910bc055d895879f62101d08b4c7":"":"":"99fb783c497416e4b6e2a5de7c782057":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4fb9e3393681da9cec5ec96f87c5c31":"845e910bc055d895879f62101d08b4c7":"":"":"99fb783c497416e4b6e2a5de7c782057":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2a930f2e09beceacd9919cb76f2ac8d3":"340d9af44f6370eff534c653033a785a":"":"":"0c1e5e9c8fe5edfd11f114f3503d63":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2a930f2e09beceacd9919cb76f2ac8d3":"340d9af44f6370eff534c653033a785a":"":"":"0c1e5e9c8fe5edfd11f114f3503d63":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe71177e02073b1c407b5724e2263a5e":"83c23d20d2a9d4b8f92da96587c96b18":"":"":"43b2ca795420f35f6cb39f5dfa47a2":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe71177e02073b1c407b5724e2263a5e":"83c23d20d2a9d4b8f92da96587c96b18":"":"":"43b2ca795420f35f6cb39f5dfa47a2":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b02392fd7f228888c281e59d1eaa15fb":"2726344ba8912c737e195424e1e6679e":"":"":"a10b601ca8053536a2af2cc255d2b6":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b02392fd7f228888c281e59d1eaa15fb":"2726344ba8912c737e195424e1e6679e":"":"":"a10b601ca8053536a2af2cc255d2b6":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"21895cbafc16b7b8bf5867e88e0853d4":"f987ce1005d9bbd31d2452fb80957753":"":"":"952a7e265830d58a6778d68b9450":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"21895cbafc16b7b8bf5867e88e0853d4":"f987ce1005d9bbd31d2452fb80957753":"":"":"952a7e265830d58a6778d68b9450":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9bb9742bf47f68caf64963d7c10a97b0":"34a85669de64e1cd44731905fddbcbc5":"":"":"e9b6be928aa77b2de28b480ae74c":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9bb9742bf47f68caf64963d7c10a97b0":"34a85669de64e1cd44731905fddbcbc5":"":"":"e9b6be928aa77b2de28b480ae74c":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e9708e4b37e2e1b5feaf4f5ab54e2a6":"1c53a9fdd23919b036d99560619a9939":"":"":"6611b50d6fbca83047f9f5fe1768":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e9708e4b37e2e1b5feaf4f5ab54e2a6":"1c53a9fdd23919b036d99560619a9939":"":"":"6611b50d6fbca83047f9f5fe1768":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"82fede79db25f00be96eb050a22cea87":"e9c50b517ab26c89b83c1f0cac50162c":"":"":"d0c0ce9db60b77b0e31d05e048":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"82fede79db25f00be96eb050a22cea87":"e9c50b517ab26c89b83c1f0cac50162c":"":"":"d0c0ce9db60b77b0e31d05e048":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1d98566fca5201abb12914311a8bd532":"590aef4b46a9023405d075edab7e6849":"":"":"a1cfd1a27b341f49eda2ca8305":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1d98566fca5201abb12914311a8bd532":"590aef4b46a9023405d075edab7e6849":"":"":"a1cfd1a27b341f49eda2ca8305":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3038771820c2e1319f02a74b8a7a0c08":"e556d9f07fb69d7e9a644261c80fac92":"":"":"4d2f005d662b6a8787f231c5e1":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3038771820c2e1319f02a74b8a7a0c08":"e556d9f07fb69d7e9a644261c80fac92":"":"":"4d2f005d662b6a8787f231c5e1":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0fb7eef50de598d7d8b508d019a30d5a":"a2a2617040116c2c7e4236d2d8278213":"":"":"68413c58df7bb5f067197ca0":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0fb7eef50de598d7d8b508d019a30d5a":"a2a2617040116c2c7e4236d2d8278213":"":"":"68413c58df7bb5f067197ca0":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8cc58b609204215c8ab4908286e56e5c":"fb83ea637279332677b5f68081173e99":"":"":"a2a9160d82739a55d8cd419f":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8cc58b609204215c8ab4908286e56e5c":"fb83ea637279332677b5f68081173e99":"":"":"a2a9160d82739a55d8cd419f":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"81a5fd184742a478432963f6477e8f92":"da297cbb53b11d7c379e0566299b4d5a":"":"":"200bee49466fdda2f21f0062":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"81a5fd184742a478432963f6477e8f92":"da297cbb53b11d7c379e0566299b4d5a":"":"":"200bee49466fdda2f21f0062":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"f604ac66d626959e595cbb7b4128e096":"269d2a49d533c6bb38008711f38e0b39":"":"":"468200fa4683e8be":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"f604ac66d626959e595cbb7b4128e096":"269d2a49d533c6bb38008711f38e0b39":"":"":"468200fa4683e8be":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2e308ba7903e925f768c1d00ff3eb623":"335acd2aa48a47a37cfe21e491f1b141":"":"":"4872bfd5e2ff55f6":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2e308ba7903e925f768c1d00ff3eb623":"335acd2aa48a47a37cfe21e491f1b141":"":"":"4872bfd5e2ff55f6":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1304e2a5a3520454a5109df61a67da7a":"dbe8b452acf4fa1444c3668e9ee72d26":"":"":"83a0d3440200ca95":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1304e2a5a3520454a5109df61a67da7a":"dbe8b452acf4fa1444c3668e9ee72d26":"":"":"83a0d3440200ca95":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ecf1ec2c9a8f2e9cc799f9b9fddb3232":"ddf0b695aef5df2b594fcaae72b7e41c":"":"":"2819aedf":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ecf1ec2c9a8f2e9cc799f9b9fddb3232":"ddf0b695aef5df2b594fcaae72b7e41c":"":"":"2819aedf":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9ab5c8ca905b5fe50461f4a68941144b":"96dd3927a96e16123f2e9d6b367d303f":"":"":"6e0c53ef":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9ab5c8ca905b5fe50461f4a68941144b":"96dd3927a96e16123f2e9d6b367d303f":"":"":"6e0c53ef":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b5fc7af605721a9cfe61c1ee6a4b3e22":"6b757d4055823d1035d01077666037d6":"":"":"e8c09ddd":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b5fc7af605721a9cfe61c1ee6a4b3e22":"6b757d4055823d1035d01077666037d6":"":"":"e8c09ddd":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03c0b4a6e508a8490db0d086a82c9db7":"ac52f6c1a05030321fa39f87e89fdb5e":"33316ca79d10a79f4fd038593e8eef09625089dc4e0ffe4bc1f2871554fa6666ab3e7fe7885edef694b410456f3ec0e513bb25f1b48d95e4820c5972c1aabb25c84c08566002dadc36df334c1ce86847964a122016d389ac873bca8c335a7a99bcef91e1b985ae5d488a2d7f78b4bf14e0c2dc715e814f4e24276057cf668172":"":"756292d8b4653887edef51679b161812":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03c0b4a6e508a8490db0d086a82c9db7":"ac52f6c1a05030321fa39f87e89fdb5e":"33316ca79d10a79f4fd038593e8eef09625089dc4e0ffe4bc1f2871554fa6666ab3e7fe7885edef694b410456f3ec0e513bb25f1b48d95e4820c5972c1aabb25c84c08566002dadc36df334c1ce86847964a122016d389ac873bca8c335a7a99bcef91e1b985ae5d488a2d7f78b4bf14e0c2dc715e814f4e24276057cf668172":"":"756292d8b4653887edef51679b161812":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b228d3d15219ea9ad5651fce02c8374d":"5c7eafaead029c3fe3cf3835fe758d0e":"8c35dd805c08686b9b4d460f81b4dcb8c46c6d57842dc3e72ba90952e2bebf17fe7184445b02f801800a944486d662a127d01d3b7f42679052cdc73ce533129af8d13957415c5495142157d6ce8a68aa977e56f562fed98e468e42522767656ce50369471060381bb752dd5e77c79677a4cadffa39e518e30a789e793b07ea21":"":"a4dde1ab93c84937c3bbc3ad5237818d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b228d3d15219ea9ad5651fce02c8374d":"5c7eafaead029c3fe3cf3835fe758d0e":"8c35dd805c08686b9b4d460f81b4dcb8c46c6d57842dc3e72ba90952e2bebf17fe7184445b02f801800a944486d662a127d01d3b7f42679052cdc73ce533129af8d13957415c5495142157d6ce8a68aa977e56f562fed98e468e42522767656ce50369471060381bb752dd5e77c79677a4cadffa39e518e30a789e793b07ea21":"":"a4dde1ab93c84937c3bbc3ad5237818d":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"776afcbabedd5577fe660a60f920b536":"5bbb7f1b14084e520408dd87b97705e9":"44631fc9d4a07416b0dfb4e2b42071e3e2be45502c9ddf72b3e61810eeda31a7d685ebb2ee43a2c06af374569f439ee1668c550067de2dece9ec46ee72b260858d6033f814e85275c5ae669b60803a8c516de32804fa34d3a213ccfaf6689046e25eeb30b9e1608e689f4d31cc664b83a468a51165f5625f12f098a6bf7ddab2":"":"a5347d41d93b587240651bcd5230264f":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"776afcbabedd5577fe660a60f920b536":"5bbb7f1b14084e520408dd87b97705e9":"44631fc9d4a07416b0dfb4e2b42071e3e2be45502c9ddf72b3e61810eeda31a7d685ebb2ee43a2c06af374569f439ee1668c550067de2dece9ec46ee72b260858d6033f814e85275c5ae669b60803a8c516de32804fa34d3a213ccfaf6689046e25eeb30b9e1608e689f4d31cc664b83a468a51165f5625f12f098a6bf7ddab2":"":"a5347d41d93b587240651bcd5230264f":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"20abeafa25fc4ea7d0592cb3e9b4d5fe":"3aba79a58c5aa664856b41d552c7a8d3":"98cfecaae9eb9a7c3b17e6bc5f80d8a4bf7a9f4fa5e01b74cae15ee6af14633205aafe3b28fb7b7918e12322ea27352056a603746d728a61361134a561619400ff2bf679045bac2e0fbc2c1d41f8faba4b27c7827bceda4e9bf505df4185515dd3a5e26f7639c8ad5a38bc5906a44be062f02cc53862678ae36fa3de3c02c982":"":"2a67ad1471a520fe09a304f0975f31":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"20abeafa25fc4ea7d0592cb3e9b4d5fe":"3aba79a58c5aa664856b41d552c7a8d3":"98cfecaae9eb9a7c3b17e6bc5f80d8a4bf7a9f4fa5e01b74cae15ee6af14633205aafe3b28fb7b7918e12322ea27352056a603746d728a61361134a561619400ff2bf679045bac2e0fbc2c1d41f8faba4b27c7827bceda4e9bf505df4185515dd3a5e26f7639c8ad5a38bc5906a44be062f02cc53862678ae36fa3de3c02c982":"":"2a67ad1471a520fe09a304f0975f31":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2bc73fba942ff105823b5dccf6befb1c":"902c3e3b69b1ef8395d7281ff74cce38":"4adec0b4ac00325a860044d9f9519daa4f7c163229a75819b0fd7d8e23319f030e61dfa8eadabff42ea27bc36bdb6cad249e801ca631b656836448b7172c11126bad2781e6a1aa4f62c4eda53409408b008c057e0b81215cc13ddabbb8f1915f4bbab854f8b00763a530ad5055d265778cd3080d0bd35b76a329bdd5b5a2d268":"":"ebdd7c8e87fe733138a433543542d1":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2bc73fba942ff105823b5dccf6befb1c":"902c3e3b69b1ef8395d7281ff74cce38":"4adec0b4ac00325a860044d9f9519daa4f7c163229a75819b0fd7d8e23319f030e61dfa8eadabff42ea27bc36bdb6cad249e801ca631b656836448b7172c11126bad2781e6a1aa4f62c4eda53409408b008c057e0b81215cc13ddabbb8f1915f4bbab854f8b00763a530ad5055d265778cd3080d0bd35b76a329bdd5b5a2d268":"":"ebdd7c8e87fe733138a433543542d1":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"356a4c245868243d61756cabe86da887":"b442f2ec6d45a17144c258fd59fe5b3b":"12cccc3c60474b0a1579c5006c2134850724fa6c9da3a7022d4f65fd238b052bdf34ea34aa7dbadad64996065acee588ab6bd29726d07ed24ffae2d33aadf3e66ebb87f57e689fd85128be1c9e3d8362fad1f8096ee391f75b576fb213d394cef6f091fc5488d9aa152be69475b9167abd6dd4fd93bbbc7b8ca316c952eb19c6":"":"ed26080dcb670590613d97d7c47cf4":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"356a4c245868243d61756cabe86da887":"b442f2ec6d45a17144c258fd59fe5b3b":"12cccc3c60474b0a1579c5006c2134850724fa6c9da3a7022d4f65fd238b052bdf34ea34aa7dbadad64996065acee588ab6bd29726d07ed24ffae2d33aadf3e66ebb87f57e689fd85128be1c9e3d8362fad1f8096ee391f75b576fb213d394cef6f091fc5488d9aa152be69475b9167abd6dd4fd93bbbc7b8ca316c952eb19c6":"":"ed26080dcb670590613d97d7c47cf4":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfa7e93aff73600fc552324253066e2c":"c20001e93f1cd05253c277a9445d61e4":"a64d1e20058a1f7e698622a02f7ff8dc11886717ede17bbdc3c4645a66a71d8b04346fb389a251ffb0a7f445a25faf642bb7e4697d2cacf925e78c4be98457996afb25b0516b50f179441d1923312364947f8f1e0f5715b43bd537727bf943d7b4679b0b0b28b94e56e7bbf554d9cf79fcee4387f32bb6f91efdd23620035be6":"":"6ba5e4dace9a54b50b901d9b73ad":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfa7e93aff73600fc552324253066e2c":"c20001e93f1cd05253c277a9445d61e4":"a64d1e20058a1f7e698622a02f7ff8dc11886717ede17bbdc3c4645a66a71d8b04346fb389a251ffb0a7f445a25faf642bb7e4697d2cacf925e78c4be98457996afb25b0516b50f179441d1923312364947f8f1e0f5715b43bd537727bf943d7b4679b0b0b28b94e56e7bbf554d9cf79fcee4387f32bb6f91efdd23620035be6":"":"6ba5e4dace9a54b50b901d9b73ad":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2ecea80b48d2ecd194a7699aa7d8ccfc":"8b4db08bafc23b65ae50a2d20661d270":"efc2ca1a3b41b90f8ddf74291d68f072a6e025d0c91c3ce2b133525943c73ebadc71f150be20afeb097442fa51be31a641df65d90ebd81dcbaf32711ed31f5e0271421377ffe14ddafea3ca60a600588d484856a98de73f56a766ae60bae384a4ae01a1a06821cf0c7a6b4ee4c8f413748457b3777283d3310218fb55c107293":"":"246a9d37553088b6411ebb62aa16":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2ecea80b48d2ecd194a7699aa7d8ccfc":"8b4db08bafc23b65ae50a2d20661d270":"efc2ca1a3b41b90f8ddf74291d68f072a6e025d0c91c3ce2b133525943c73ebadc71f150be20afeb097442fa51be31a641df65d90ebd81dcbaf32711ed31f5e0271421377ffe14ddafea3ca60a600588d484856a98de73f56a766ae60bae384a4ae01a1a06821cf0c7a6b4ee4c8f413748457b3777283d3310218fb55c107293":"":"246a9d37553088b6411ebb62aa16":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d38fee3fd3d6d08224c3c83529a25d08":"a942ccb11cf9468186fabfc18c899801":"1c92a4ce0a1dae27e720d6f9b1e460276538de437f3812ab1177cf0273b05908f296f33ba0f4c790abe2ce958b1d92b930a0d81243e6ad09ef86ee8e3270243095096537cb1054fcfcf537d828b65af9b6cf7c50f5b8470f7908f314d0859107eed772ee1732c78e8a2e35b2493f3e8c1e601b08aeab8d9729e0294dca168c62":"":"803a08700ec86fdeb88f7a388921":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d38fee3fd3d6d08224c3c83529a25d08":"a942ccb11cf9468186fabfc18c899801":"1c92a4ce0a1dae27e720d6f9b1e460276538de437f3812ab1177cf0273b05908f296f33ba0f4c790abe2ce958b1d92b930a0d81243e6ad09ef86ee8e3270243095096537cb1054fcfcf537d828b65af9b6cf7c50f5b8470f7908f314d0859107eed772ee1732c78e8a2e35b2493f3e8c1e601b08aeab8d9729e0294dca168c62":"":"803a08700ec86fdeb88f7a388921":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1899b0cbae41d705c6eed3226afb5bc0":"82d0910aa53e300a487d880d018d0dea":"6bf5583cc1007d74f3529db63b8d4e085400ccf3725eab8e19cb145f3910c61465a21486740a26f74691866a9f632af9fae81f5f0bffedf0c28a6ce0fd520bb4db04a3cd1a7d29d8801e05e4b9c9374fd89bcb539489c2f7f1f801c253a1cc737408669bcd133b62da357f7399a52179125aa59fae6707d340846886d730a835":"":"c5d58870fee9ce157f5ec1fa8f":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1899b0cbae41d705c6eed3226afb5bc0":"82d0910aa53e300a487d880d018d0dea":"6bf5583cc1007d74f3529db63b8d4e085400ccf3725eab8e19cb145f3910c61465a21486740a26f74691866a9f632af9fae81f5f0bffedf0c28a6ce0fd520bb4db04a3cd1a7d29d8801e05e4b9c9374fd89bcb539489c2f7f1f801c253a1cc737408669bcd133b62da357f7399a52179125aa59fae6707d340846886d730a835":"":"c5d58870fee9ce157f5ec1fa8f":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b95323d86d02754f4c2874b42ec6eb0":"4f76084acbdef9999c71dcc794238d7c":"ebc75788377c0b264818a6f97c19cf92c29f1c7cdeb6b5f0a92d238fa4614bc35d0cfe4ec9d045cd628ff6262c460679ac15b0c6366d9289bbd217e5012279e0af0fb2cfcbdf51fe16935968cbb727f725fe5bcd4428905849746c8493600ce8b2cfc1b61b04c8b752b915fed611d6b54ef73ec4e3950d6db1807b1ce7ed1dcc":"":"c4724ff1d2c57295eb733e9cad":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b95323d86d02754f4c2874b42ec6eb0":"4f76084acbdef9999c71dcc794238d7c":"ebc75788377c0b264818a6f97c19cf92c29f1c7cdeb6b5f0a92d238fa4614bc35d0cfe4ec9d045cd628ff6262c460679ac15b0c6366d9289bbd217e5012279e0af0fb2cfcbdf51fe16935968cbb727f725fe5bcd4428905849746c8493600ce8b2cfc1b61b04c8b752b915fed611d6b54ef73ec4e3950d6db1807b1ce7ed1dcc":"":"c4724ff1d2c57295eb733e9cad":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30da555559eb11cf7e0eff9d99e9607d":"7799275bf12335f281ec94a870f90a0b":"e735d556e15aec78d9736016c8c99db753ed14d4e4adaaa1dd7eaad702ea5dc337433f8c2b45afdf2f385fdf6c55574425571e079ca759b6235f877ed11618ff212bafd865a22b80b76b3b5cf1acfd24d92fd41607bbb7382f26cd703757088d497b16b32de80e1256c734a9b83356b6fced207177de75458481eaef59a431d7":"":"3c82272130e17c4a0a007a908e":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30da555559eb11cf7e0eff9d99e9607d":"7799275bf12335f281ec94a870f90a0b":"e735d556e15aec78d9736016c8c99db753ed14d4e4adaaa1dd7eaad702ea5dc337433f8c2b45afdf2f385fdf6c55574425571e079ca759b6235f877ed11618ff212bafd865a22b80b76b3b5cf1acfd24d92fd41607bbb7382f26cd703757088d497b16b32de80e1256c734a9b83356b6fced207177de75458481eaef59a431d7":"":"3c82272130e17c4a0a007a908e":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ed2ac74af896c5190c271cfa6af02fd2":"e0226e2d8da47badad1fb78b9a797f27":"8f11353ae476ff923013e6e736ffc9d23101a1c471ccc07ad372a8430d6559c376075efce2e318cdf4c9443dbf132e7e6da5524045028c97e904633b44c4d189a4b64237ac7692dd03c0e751ce9f04d0fdbd8a96074cd7dfa2fd441a52328b4ac3974b4902db45663f7b6f24947dba618f8b9769e927faf84c9f49ad8239b9fb":"":"db8af7a0d548fc54d9457c73":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ed2ac74af896c5190c271cfa6af02fd2":"e0226e2d8da47badad1fb78b9a797f27":"8f11353ae476ff923013e6e736ffc9d23101a1c471ccc07ad372a8430d6559c376075efce2e318cdf4c9443dbf132e7e6da5524045028c97e904633b44c4d189a4b64237ac7692dd03c0e751ce9f04d0fdbd8a96074cd7dfa2fd441a52328b4ac3974b4902db45663f7b6f24947dba618f8b9769e927faf84c9f49ad8239b9fb":"":"db8af7a0d548fc54d9457c73":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0225b73fe5fbbe52f838d873173959d8":"02a048764f48d9aed1147ee922395bbf":"9b46a57b06e156c877e94c089814493ead879397dab3dfcab2db349ef387efcd0cc339a7e79131a2c580188fc7429044a465b8329d74cd8f47272a4ed32582b1c5c7e3d32341ae902ea4923dc33df8062bc24bb51a11d2ecc82f464f615041387f9c82bd2135d4e240fe56fa8a68e6a9a417e6702430a434b14d70cf02db3181":"":"e2c2ce4022c49a95c9ac9026":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0225b73fe5fbbe52f838d873173959d8":"02a048764f48d9aed1147ee922395bbf":"9b46a57b06e156c877e94c089814493ead879397dab3dfcab2db349ef387efcd0cc339a7e79131a2c580188fc7429044a465b8329d74cd8f47272a4ed32582b1c5c7e3d32341ae902ea4923dc33df8062bc24bb51a11d2ecc82f464f615041387f9c82bd2135d4e240fe56fa8a68e6a9a417e6702430a434b14d70cf02db3181":"":"e2c2ce4022c49a95c9ac9026":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"89ca3771a0ef3287568b4ac036120198":"7e83d2ffa8af8c554cfd71a0db56ef5b":"1bd7a9d6262882bd12c62bd50942965b3cdcadf5e0fab2dc4d0daf0ee4b16e92c6e2464c0caa423cdce88e4d843490609716ec5e44c41672c656ac0e444d3622557ea8420c94deae3ad190ddaf859f6f8c23e4e2e32a46d28df23de4f99bd6c34f69e06eddfdfa5f263dbe8baf9d4296b2c543e4c4847271e7590374edf46234":"":"06b2bf62591dc7ec1b814705":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"89ca3771a0ef3287568b4ac036120198":"7e83d2ffa8af8c554cfd71a0db56ef5b":"1bd7a9d6262882bd12c62bd50942965b3cdcadf5e0fab2dc4d0daf0ee4b16e92c6e2464c0caa423cdce88e4d843490609716ec5e44c41672c656ac0e444d3622557ea8420c94deae3ad190ddaf859f6f8c23e4e2e32a46d28df23de4f99bd6c34f69e06eddfdfa5f263dbe8baf9d4296b2c543e4c4847271e7590374edf46234":"":"06b2bf62591dc7ec1b814705":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a41a297bd96e224942998fe2192934a1":"6827f2c5a0b7ecd6bbc696abb0adf556":"f32041abd8543415cbac423d945dda5378a16a7e94d9ab5dbd2d32eb1c5048cc7c8e4df3ca84ec725f18c34cfdeaa7595392aabfd66d9e2f37c1165369cd806cd9d2110def6f5fad4345e5a6e2326c9300199438fcc078cd9fcf4d76872cac77fc9a0a8ac7e4d63995078a9addecf798460ff5910861b76c71bccfb6b629d722":"":"49a4917eef61f78e":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a41a297bd96e224942998fe2192934a1":"6827f2c5a0b7ecd6bbc696abb0adf556":"f32041abd8543415cbac423d945dda5378a16a7e94d9ab5dbd2d32eb1c5048cc7c8e4df3ca84ec725f18c34cfdeaa7595392aabfd66d9e2f37c1165369cd806cd9d2110def6f5fad4345e5a6e2326c9300199438fcc078cd9fcf4d76872cac77fc9a0a8ac7e4d63995078a9addecf798460ff5910861b76c71bccfb6b629d722":"":"49a4917eef61f78e":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a9372c058f42e0a1d019bdb528313919":"8d03f423230c8f00a5b6b712d426a2af":"cfef4e70fcc1821eeccf7c7b5eb3c0c3b5f72dc762426e0bd26242f8aa68c5b716ab97eded5e5720caccc1965da603d556d8214d5828f2cf276d95bf552d47313876796221f62ccb818a6d801088755d58cfb751bfed0d5a19718d4e0f94b850e0279b3a69295d1837cba958a6cc56e7594080b9e5b954a199fdc9e54ddc8583":"":"b82cd11cd3575c8d":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a9372c058f42e0a1d019bdb528313919":"8d03f423230c8f00a5b6b712d426a2af":"cfef4e70fcc1821eeccf7c7b5eb3c0c3b5f72dc762426e0bd26242f8aa68c5b716ab97eded5e5720caccc1965da603d556d8214d5828f2cf276d95bf552d47313876796221f62ccb818a6d801088755d58cfb751bfed0d5a19718d4e0f94b850e0279b3a69295d1837cba958a6cc56e7594080b9e5b954a199fdc9e54ddc8583":"":"b82cd11cd3575c8d":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6302b7338f8fa84195ad9abbacd89b4e":"e1bed5c53547cbc85f3411fbb43bb08b":"bcd329c076e8da2797d50dcdcf271cecf3ce12f3c136ed746edc722f907be6133276ee099038fdc5d73eec812739c7489d4bcc275f95451b44890416e3ffe5a1b6fa3986b84eee3adad774c6feaecb1f785053eeda2cfc18953b8547866d98918dbe0a6abc168ac7d77467a367f11c284924d9d186ef64ef0fd54eacd75156d2":"":"5222d092e9e8bd6c":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6302b7338f8fa84195ad9abbacd89b4e":"e1bed5c53547cbc85f3411fbb43bb08b":"bcd329c076e8da2797d50dcdcf271cecf3ce12f3c136ed746edc722f907be6133276ee099038fdc5d73eec812739c7489d4bcc275f95451b44890416e3ffe5a1b6fa3986b84eee3adad774c6feaecb1f785053eeda2cfc18953b8547866d98918dbe0a6abc168ac7d77467a367f11c284924d9d186ef64ef0fd54eacd75156d2":"":"5222d092e9e8bd6c":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78b5c28d62e4b2097873a1180bd5a3a5":"c93902c2819ee494f0fc4b259ee65dd8":"e6b1192674a02083a6cf36d4ba93ba40a5331fadf63fd1eb2efa2ee9c0d8818472aaaf2b4705746011753f30f447c8f58dd34d29606daf57eadc172529837058cb78a378b19da8d63c321f550dfa256b5fd9f30e93d8f377443bfcd125f86a079a1765d2010be73d060f24eebae8d05e644688b2149bc39e18bd527bc066f2ba":"":"eae48137":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78b5c28d62e4b2097873a1180bd5a3a5":"c93902c2819ee494f0fc4b259ee65dd8":"e6b1192674a02083a6cf36d4ba93ba40a5331fadf63fd1eb2efa2ee9c0d8818472aaaf2b4705746011753f30f447c8f58dd34d29606daf57eadc172529837058cb78a378b19da8d63c321f550dfa256b5fd9f30e93d8f377443bfcd125f86a079a1765d2010be73d060f24eebae8d05e644688b2149bc39e18bd527bc066f2ba":"":"eae48137":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d84130578070e036c9e3df5b5509473":"3b9b4950523a19c6866fd2b0cde541fd":"a764931e1b21a140c54a8619aacdb4358834987fb6e263cec525f888f9e9764c165aaa7db74f2c42273f912daeae6d72b232a872ac2c652d7cd3af3a5753f58331c11b6c866475697876dbc4c6ca0e52a00ba015ee3c3b7fb444c6e50a4b4b9bbe135fc0632d32a3f79f333d8f487771ed12522e664b9cf90e66da267f47a74d":"":"79987692":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d84130578070e036c9e3df5b5509473":"3b9b4950523a19c6866fd2b0cde541fd":"a764931e1b21a140c54a8619aacdb4358834987fb6e263cec525f888f9e9764c165aaa7db74f2c42273f912daeae6d72b232a872ac2c652d7cd3af3a5753f58331c11b6c866475697876dbc4c6ca0e52a00ba015ee3c3b7fb444c6e50a4b4b9bbe135fc0632d32a3f79f333d8f487771ed12522e664b9cf90e66da267f47a74d":"":"79987692":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08428605ab4742a3e8a55354d4764620":"128f5f4a817e4af04113847a223adeb0":"464b484ed79d93a48e0f804e04df69d7ca10ad04ba7188d69e6549ab50503baaec67e0acba5537d1163c868fd3e350e9d0ae9123046bc76815c201a947aa4a7e4ed239ce889d4ff9c8d043877de06df5fc27cf67442b729b02e9c30287c0821ef9fa15d4cccbc53a95fa9ec3ed432ca960ebbf5a169ccada95a5bf4c7c968830":"":"3eb3e3a2":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08428605ab4742a3e8a55354d4764620":"128f5f4a817e4af04113847a223adeb0":"464b484ed79d93a48e0f804e04df69d7ca10ad04ba7188d69e6549ab50503baaec67e0acba5537d1163c868fd3e350e9d0ae9123046bc76815c201a947aa4a7e4ed239ce889d4ff9c8d043877de06df5fc27cf67442b729b02e9c30287c0821ef9fa15d4cccbc53a95fa9ec3ed432ca960ebbf5a169ccada95a5bf4c7c968830":"":"3eb3e3a2":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd358bc3f992f26e81e3a2f3aa2d517":"d8c750bb443ee1a169dfe97cfe4d855b":"":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"a81d13973baa22a751833d7d3f94b3b1":"":"77949b29f085bb3abb71a5386003811233056d3296eb093370f7777dadd306d93d59dcb9754d3857cf2758091ba661f845ef0582f6ae0e134328106f0d5d16b541cd74fdc756dc7b53f4f8a194daeea9369ebb1630c01ccb307b848e9527da20a39898d748fd59206f0b79d0ed946a8958033a45bd9ae673518b32606748eb65"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd358bc3f992f26e81e3a2f3aa2d517":"d8c750bb443ee1a169dfe97cfe4d855b":"":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"a81d13973baa22a751833d7d3f94b3b1":"":"77949b29f085bb3abb71a5386003811233056d3296eb093370f7777dadd306d93d59dcb9754d3857cf2758091ba661f845ef0582f6ae0e134328106f0d5d16b541cd74fdc756dc7b53f4f8a194daeea9369ebb1630c01ccb307b848e9527da20a39898d748fd59206f0b79d0ed946a8958033a45bd9ae673518b32606748eb65":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"43b5f18227e5c74288dbeff03801acd6":"08ee12246cf7edb81da3d610f3ebd167":"":"f58d630f10cfca61d4644d4f6505bab629e8e8faf1673e64417f9b79e622966a7011cfb3ff74db5cebf09ad3f41643d4437d213204a6c8397e7d59b8a5b1970aed2b6bb5ea1933c72c351f6ba96c0b0b98188f6e373f5db6c5ebece911ec7a1848abd3ae335515c774e0027dab7d1c07d047d3b8825ff94222dbaf6f9ab597ee":"82d83b2f7da218d1d1441a5b37bcb065":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"43b5f18227e5c74288dbeff03801acd6":"08ee12246cf7edb81da3d610f3ebd167":"":"f58d630f10cfca61d4644d4f6505bab629e8e8faf1673e64417f9b79e622966a7011cfb3ff74db5cebf09ad3f41643d4437d213204a6c8397e7d59b8a5b1970aed2b6bb5ea1933c72c351f6ba96c0b0b98188f6e373f5db6c5ebece911ec7a1848abd3ae335515c774e0027dab7d1c07d047d3b8825ff94222dbaf6f9ab597ee":"82d83b2f7da218d1d1441a5b37bcb065":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a433c612d7e1bdff881e4d63ba8b141":"8b670cf31f470f79a6c0b79e73863ca1":"":"ce10758332f423228b5e4ae31efda7677586934a1d8f05d9b7a0dc4e2010ec3eaacb71a527a5fff8e787d75ebd24ad163394c891b33477ed9e2a2d853c364cb1c5d0bc317fcaf4010817dbe5f1fd1037c701b291b3a66b164bc818bf5c00a4c210a1671faa574d74c7f3543f6c09aaf117e12e2eb3dae55edb1cc5b4086b617d":"8526fd25daf890e79946a205b698f287":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a433c612d7e1bdff881e4d63ba8b141":"8b670cf31f470f79a6c0b79e73863ca1":"":"ce10758332f423228b5e4ae31efda7677586934a1d8f05d9b7a0dc4e2010ec3eaacb71a527a5fff8e787d75ebd24ad163394c891b33477ed9e2a2d853c364cb1c5d0bc317fcaf4010817dbe5f1fd1037c701b291b3a66b164bc818bf5c00a4c210a1671faa574d74c7f3543f6c09aaf117e12e2eb3dae55edb1cc5b4086b617d":"8526fd25daf890e79946a205b698f287":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8e9d75c781d63b29f1816859f7a0e0a0":"748a3b486b62a164cedcf1bab9325add":"":"a9f1883f58e4ef78377992101ab86da0dafcefa827904dd94dff6f6704b1e45517165a34c5555a55b04c6992fb6d0840a71bd262fe59815e5c7b80fe803b47d5ba44982a3f72cb42f591d8b62df38c9f56a5868af8f68242e3a15f97be8ef2399dbace1273f509623b6f9e4d27a97436aebf2d044e75f1c62694db77ceac05de":"131e0e4ce46d768674a7bcacdcef9c":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8e9d75c781d63b29f1816859f7a0e0a0":"748a3b486b62a164cedcf1bab9325add":"":"a9f1883f58e4ef78377992101ab86da0dafcefa827904dd94dff6f6704b1e45517165a34c5555a55b04c6992fb6d0840a71bd262fe59815e5c7b80fe803b47d5ba44982a3f72cb42f591d8b62df38c9f56a5868af8f68242e3a15f97be8ef2399dbace1273f509623b6f9e4d27a97436aebf2d044e75f1c62694db77ceac05de":"131e0e4ce46d768674a7bcacdcef9c":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe6b8553002c69396d9976bb48d30779":"595b17d0d76b83780235f5e0c92bd21f":"":"786f4801b16de7a4931ab143b269c7acc68f1ed9b17a95e8929ccec7d53413059fd4267bedbf079d9d69e90314c1345bc9cb9132f1af69323157ddf7533ced42b4b7bd39004f14d326f5b03bc19084d231d93bcab328312d99b426c1e86e8e049d380bb492e2e32ad690af4cf86838d89a0dfdcbc30e8c9e9039e423a234e113":"8879de07815a88877b0623de9be411":"":"b15dc7cd44adcb0783f30f592e5e03ccd47851725af9fe45bfc5b01ae35779b9a8b3f26fec468b188ec3cad40785c608d6bfd867b0ccf07a836ec20d2d9b8451636df153a32b637e7dcdbd606603d9e53f6e4c4cc8396286ce64b0ea638c10e5a567c0bc8e808080b71be51381e051336e60bf1663f6d2d7640a575e0752553b"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe6b8553002c69396d9976bb48d30779":"595b17d0d76b83780235f5e0c92bd21f":"":"786f4801b16de7a4931ab143b269c7acc68f1ed9b17a95e8929ccec7d53413059fd4267bedbf079d9d69e90314c1345bc9cb9132f1af69323157ddf7533ced42b4b7bd39004f14d326f5b03bc19084d231d93bcab328312d99b426c1e86e8e049d380bb492e2e32ad690af4cf86838d89a0dfdcbc30e8c9e9039e423a234e113":"8879de07815a88877b0623de9be411":"":"b15dc7cd44adcb0783f30f592e5e03ccd47851725af9fe45bfc5b01ae35779b9a8b3f26fec468b188ec3cad40785c608d6bfd867b0ccf07a836ec20d2d9b8451636df153a32b637e7dcdbd606603d9e53f6e4c4cc8396286ce64b0ea638c10e5a567c0bc8e808080b71be51381e051336e60bf1663f6d2d7640a575e0752553b":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14898c56009b459172fef9c17993b54f":"0862f8f87289988711a877d3231d44eb":"":"e7ba6ef722273238b975d551f95d3e77e9b75b24c547b86eafb457d409803bdf6e1443839d8604ee497020e1a3dbd687a819b17fdde0fcf240ce2129792792a58bfcd825773001ee959bf9ec8d228e27ce1cd93d7fb86769a3793361b6f82bf7daf284afc1ece657a1ee6346ea9294880755b9b623563ad2657ba2286488a2ef":"36938974301ae733760f83439437c4":"":"3fd56897a62743e0ab4a465bcc9777d5fd21ad2c9a59d7e4e1a60feccdc722b9820ec65cb47e1d1160d12ff2ea93abe11bc101b82514ead7d542007fee7b4e2dd6822849cd3e82d761ff7cf5ce4f40ad9fec54050a632a401451b426812cf03c2b16a8667a88bb3f7497e3308a91de6fd646d6a3562c92c24272411229a90802"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14898c56009b459172fef9c17993b54f":"0862f8f87289988711a877d3231d44eb":"":"e7ba6ef722273238b975d551f95d3e77e9b75b24c547b86eafb457d409803bdf6e1443839d8604ee497020e1a3dbd687a819b17fdde0fcf240ce2129792792a58bfcd825773001ee959bf9ec8d228e27ce1cd93d7fb86769a3793361b6f82bf7daf284afc1ece657a1ee6346ea9294880755b9b623563ad2657ba2286488a2ef":"36938974301ae733760f83439437c4":"":"3fd56897a62743e0ab4a465bcc9777d5fd21ad2c9a59d7e4e1a60feccdc722b9820ec65cb47e1d1160d12ff2ea93abe11bc101b82514ead7d542007fee7b4e2dd6822849cd3e82d761ff7cf5ce4f40ad9fec54050a632a401451b426812cf03c2b16a8667a88bb3f7497e3308a91de6fd646d6a3562c92c24272411229a90802":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe5253d4b071793b081ebc122cc2a5f8":"49e82d86804e196421ec19ddc8541066":"":"b57a0bd7714ae95e77fa9452e11a7ed4a2bec60f81ad6ddb956d4b1cb5dfc277dcb4034d501801b26733b5e08c710c3cfdccc1b208dc7a92cd7ebe166320582bcaff64cc943c36fbe7008f004e5db70c40de05fa68b0c9d4c16c8f976130f20702b99674cd2f4c93aeaeb3abca4b1114dbc3a4b33e1226ad801aa0e21f7cc49b":"e8b8ae34f842277fe92729e891e3":"":"c4a31c7ec820469f895d57579f987733337ec6547d78d17c44a18fab91f0322cfe05f23f9afaf019cf9531dec2d420f3591d334f40d78643fd957b91ab588a7e392447bd702652017ede7fb0d61d444a3b3cc4136e1d4df13d9532eb71bcf3ff0ae65e847e1c572a2f90632362bc424da2249b36a84be2c2bb216ae7708f745c"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe5253d4b071793b081ebc122cc2a5f8":"49e82d86804e196421ec19ddc8541066":"":"b57a0bd7714ae95e77fa9452e11a7ed4a2bec60f81ad6ddb956d4b1cb5dfc277dcb4034d501801b26733b5e08c710c3cfdccc1b208dc7a92cd7ebe166320582bcaff64cc943c36fbe7008f004e5db70c40de05fa68b0c9d4c16c8f976130f20702b99674cd2f4c93aeaeb3abca4b1114dbc3a4b33e1226ad801aa0e21f7cc49b":"e8b8ae34f842277fe92729e891e3":"":"c4a31c7ec820469f895d57579f987733337ec6547d78d17c44a18fab91f0322cfe05f23f9afaf019cf9531dec2d420f3591d334f40d78643fd957b91ab588a7e392447bd702652017ede7fb0d61d444a3b3cc4136e1d4df13d9532eb71bcf3ff0ae65e847e1c572a2f90632362bc424da2249b36a84be2c2bb216ae7708f745c":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b3502d6f0d172246e16503cdf5793296":"6ce994689ff72f9df62f386a187c1a13":"":"09268b8046f1558794e35cdc4945b94227a176dd8cb77f92f883542b1c4be698c379541fd1d557c2a07c7206afdd49506d6a1559123de1783c7a60006df06d87f9119fb105e9b278eb93f81fd316b6fdc38ef702a2b9feaa878a0d1ea999db4c593438f32e0f849f3adabf277a161afb5c1c3460039156eec78944d5666c2563":"21cdf44ff4993eb54b55d58e5a8f":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b3502d6f0d172246e16503cdf5793296":"6ce994689ff72f9df62f386a187c1a13":"":"09268b8046f1558794e35cdc4945b94227a176dd8cb77f92f883542b1c4be698c379541fd1d557c2a07c7206afdd49506d6a1559123de1783c7a60006df06d87f9119fb105e9b278eb93f81fd316b6fdc38ef702a2b9feaa878a0d1ea999db4c593438f32e0f849f3adabf277a161afb5c1c3460039156eec78944d5666c2563":"21cdf44ff4993eb54b55d58e5a8f":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5fb33dd73db309b9dfd3aee605cd94bf":"3f6486f9e9e645292e0e425bac232268":"":"f4e011f8c99038c46854b427475f23488077ebf051c4b705a1adfdd493a0a10af7a7e9453965b94f52f61ae62ce9243a82a2dbf9c5a285db3fe34ed34ed08b5926f34c48171195f7062d02a6e6e795322a0475017371cb8f645cdcac94afc66dc43e7583bdf1c25790f4235076a53de6c64f3bc5004e5a9ce4783fbf639fad97":"7ee5e0e2082b18d09abf141f902e":"":"0503cb531f1c967dae24f16dd651d544988a732020134896a0f109222e8639bf29ff69877c6ef4ac3df1b260842f909384e3d4409b99a47112681c4b17430041ca447a903a6c1b138f0efbb3b850d8290fceac9723a32edbf8e2d6e8143b1cbc7bf2d28d1b6c7f341a69918758cc82bbab5d898fa0f572d4ceaa11234cb511ec"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5fb33dd73db309b9dfd3aee605cd94bf":"3f6486f9e9e645292e0e425bac232268":"":"f4e011f8c99038c46854b427475f23488077ebf051c4b705a1adfdd493a0a10af7a7e9453965b94f52f61ae62ce9243a82a2dbf9c5a285db3fe34ed34ed08b5926f34c48171195f7062d02a6e6e795322a0475017371cb8f645cdcac94afc66dc43e7583bdf1c25790f4235076a53de6c64f3bc5004e5a9ce4783fbf639fad97":"7ee5e0e2082b18d09abf141f902e":"":"0503cb531f1c967dae24f16dd651d544988a732020134896a0f109222e8639bf29ff69877c6ef4ac3df1b260842f909384e3d4409b99a47112681c4b17430041ca447a903a6c1b138f0efbb3b850d8290fceac9723a32edbf8e2d6e8143b1cbc7bf2d28d1b6c7f341a69918758cc82bbab5d898fa0f572d4ceaa11234cb511ec":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a958fe3b520081b638d9e4c7d5da7ac7":"c396109e96afde6f685d3c38aa3c2fae":"":"dfa9487378c7d8af9c8dbd9e533cd81503d9e4e7dab43133bad11fd3050a53a833df9cc3208af1a86110567d311d5fc54b0d627de433c381b10e113898203ac5225140f951cdb64c6494592b6453f9b6f952ec5ece732fb46c09a324f26b27cdad63588006bb5c6c00b9aa10d5d3b2f9eaab69beeddd6f93966654f964260018":"06ca91004be43cf46ed4599e23":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a958fe3b520081b638d9e4c7d5da7ac7":"c396109e96afde6f685d3c38aa3c2fae":"":"dfa9487378c7d8af9c8dbd9e533cd81503d9e4e7dab43133bad11fd3050a53a833df9cc3208af1a86110567d311d5fc54b0d627de433c381b10e113898203ac5225140f951cdb64c6494592b6453f9b6f952ec5ece732fb46c09a324f26b27cdad63588006bb5c6c00b9aa10d5d3b2f9eaab69beeddd6f93966654f964260018":"06ca91004be43cf46ed4599e23":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ec319fb143eac8215b51541daec268f2":"8a4684f42a1775b03806574f401cff78":"":"d298d988e74927736237eb8ab09d7a86b854fa2fd1f7f3be83b417ac10aa9291f4af5b3fbaf75a296ac32369ad57ded3984b84711953e477de3035ba430a30ffb84c941936e6c8d2cae8d80159876f87dd682747f2dccc36d7c32ab227032b8ac70b313fa4202ea236e3ec4d9e4d8b48cf3b90b378edc5b1dbeec929549344f8":"e91acb1bfda191630b560debc9":"":"27ce4a622959930f4059f247d29d1438257093cc973bf1bae4e0515da88b9a7e21ec59c7e4d062035cdf88b91254d856b11c8c1944865fa12922227ded3eecccaa36341ecf5405c708e9ea173f1e6cdf090499d3bb079910771080814607a1efe62ec6835dc0333d19dd39dd9ea9f31cd3632128536149a122050bb9365b521d"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ec319fb143eac8215b51541daec268f2":"8a4684f42a1775b03806574f401cff78":"":"d298d988e74927736237eb8ab09d7a86b854fa2fd1f7f3be83b417ac10aa9291f4af5b3fbaf75a296ac32369ad57ded3984b84711953e477de3035ba430a30ffb84c941936e6c8d2cae8d80159876f87dd682747f2dccc36d7c32ab227032b8ac70b313fa4202ea236e3ec4d9e4d8b48cf3b90b378edc5b1dbeec929549344f8":"e91acb1bfda191630b560debc9":"":"27ce4a622959930f4059f247d29d1438257093cc973bf1bae4e0515da88b9a7e21ec59c7e4d062035cdf88b91254d856b11c8c1944865fa12922227ded3eecccaa36341ecf5405c708e9ea173f1e6cdf090499d3bb079910771080814607a1efe62ec6835dc0333d19dd39dd9ea9f31cd3632128536149a122050bb9365b521d":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14a3e69f351ac39b4297749a90c1365c":"eb1c6c04437aa5a32bcc208bb3c01724":"":"051224f7b208549dcfda5f9d56ce5f0a072ef1f23f3810c693516c92622be6ed4d7a9e0f9450980ba490b2e9e3468ea7eef10bc9ebd673d91f32b748c1bf2c50cc4ebb59fc409c6d780bba00700d563ce1dc9927a6c860095a42ed053f3d640debfbfa7a4e6d5de234af19755000d95e7f414f1f78285ee165410c020038286b":"e418815960559aefee8e0c3831":"":"797310a6ed9ce47cdc25f7f88f5dbbf6f8f4837701704d7afced250585922744598d6f95ba2eecf86e030cc5ee71b328fc1c4f2d4df945d1b91a2803d6ae8eba6881be5fe0f298dd0c0279e12720ede60b9e857ccca5abe9b4d7ee7f25108beebbfe33f05c0d9903bf613c2e7ed6a87b71b5e386d81b3ae53efd01055bbcccc2"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14a3e69f351ac39b4297749a90c1365c":"eb1c6c04437aa5a32bcc208bb3c01724":"":"051224f7b208549dcfda5f9d56ce5f0a072ef1f23f3810c693516c92622be6ed4d7a9e0f9450980ba490b2e9e3468ea7eef10bc9ebd673d91f32b748c1bf2c50cc4ebb59fc409c6d780bba00700d563ce1dc9927a6c860095a42ed053f3d640debfbfa7a4e6d5de234af19755000d95e7f414f1f78285ee165410c020038286b":"e418815960559aefee8e0c3831":"":"797310a6ed9ce47cdc25f7f88f5dbbf6f8f4837701704d7afced250585922744598d6f95ba2eecf86e030cc5ee71b328fc1c4f2d4df945d1b91a2803d6ae8eba6881be5fe0f298dd0c0279e12720ede60b9e857ccca5abe9b4d7ee7f25108beebbfe33f05c0d9903bf613c2e7ed6a87b71b5e386d81b3ae53efd01055bbcccc2":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c34827771fc3918d1cee09ba9401b832":"2379bbd39a1c22bc93b9b9cc45f3840b":"":"ce79701b661066e53191c9acdaf677ad41622314898d7216e3f113e2e6e215d26d8bd139827f06ab3ea5c4105694e87db1dd6cec10e1f86a8744d4c541f08e40319e22ab42fc1a6c89edfd486b6f142c6bbbf84a73912e0b2e55b79db306ccabf839855afdd889e52ae981520c89e7dc29bb2adb1906cca8c93fcb21290a095b":"26e1f6cf0d9e0f36dfd669eb":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c34827771fc3918d1cee09ba9401b832":"2379bbd39a1c22bc93b9b9cc45f3840b":"":"ce79701b661066e53191c9acdaf677ad41622314898d7216e3f113e2e6e215d26d8bd139827f06ab3ea5c4105694e87db1dd6cec10e1f86a8744d4c541f08e40319e22ab42fc1a6c89edfd486b6f142c6bbbf84a73912e0b2e55b79db306ccabf839855afdd889e52ae981520c89e7dc29bb2adb1906cca8c93fcb21290a095b":"26e1f6cf0d9e0f36dfd669eb":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b1f9bd2006ec550b7b9913d383200b5d":"ca28fa6b64bb3b32ef7d211f1c8be759":"":"6d9fc8f586d50d6e0128172ae147844e80136905d3a297497a9566ca7c7445029028f14c9950acee92a5c12a9150f5e024e01c7505dd83937542b0b1288de9c292ae8ad918a09b2edf8493540b74c73d2794f2eb6eed18eba520ddea9567462c83330f33d7892fcde0b10c73a4e26ab1bef037cec7e0190b95188e9a752fee6f":"c87aac7ad0e85dbb103c0733":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b1f9bd2006ec550b7b9913d383200b5d":"ca28fa6b64bb3b32ef7d211f1c8be759":"":"6d9fc8f586d50d6e0128172ae147844e80136905d3a297497a9566ca7c7445029028f14c9950acee92a5c12a9150f5e024e01c7505dd83937542b0b1288de9c292ae8ad918a09b2edf8493540b74c73d2794f2eb6eed18eba520ddea9567462c83330f33d7892fcde0b10c73a4e26ab1bef037cec7e0190b95188e9a752fee6f":"c87aac7ad0e85dbb103c0733":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b2cef1a92aa0af2b00fb2a99855d5bc":"08d87b7acee87d884667f6b1e32e34d0":"":"fd09525ef3c65ab5823e1b6c36b4a9449a3975c5d3a9e7e33c61fb32edcbb8e8c915b6202e3fbce87d73cc3b66d83d9ea7e1e353cc7468f08626932cf0235563e2a28953ee5a0afadb1c3cb513b1f1fc9a8a6cf326174b877448672f7731dd6430a51619da1a169ab302da5af5b38802f8bbf5890b5d9b45deda799679501dc4":"3bd7685318010b0c5fe3308b":"":"583e64631c218549923e8ad33b728d07f23b0f19d2aff1ad7e20d564c591db0e117caa8f21e3f3345e3d84f0ccbb27274cddf9274410fc342cb2a5d4aea4e925d0dd5350389ee0dea23a842ff3f5c1198374a96f41e055f999cfbc2f47ceaa883da8eb6ff729f583eff1f91bd3f3254d4e81e60d9993b3455e67f405708e4422"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b2cef1a92aa0af2b00fb2a99855d5bc":"08d87b7acee87d884667f6b1e32e34d0":"":"fd09525ef3c65ab5823e1b6c36b4a9449a3975c5d3a9e7e33c61fb32edcbb8e8c915b6202e3fbce87d73cc3b66d83d9ea7e1e353cc7468f08626932cf0235563e2a28953ee5a0afadb1c3cb513b1f1fc9a8a6cf326174b877448672f7731dd6430a51619da1a169ab302da5af5b38802f8bbf5890b5d9b45deda799679501dc4":"3bd7685318010b0c5fe3308b":"":"583e64631c218549923e8ad33b728d07f23b0f19d2aff1ad7e20d564c591db0e117caa8f21e3f3345e3d84f0ccbb27274cddf9274410fc342cb2a5d4aea4e925d0dd5350389ee0dea23a842ff3f5c1198374a96f41e055f999cfbc2f47ceaa883da8eb6ff729f583eff1f91bd3f3254d4e81e60d9993b3455e67f405708e4422":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"175c306f8644b0c4b894ae3d0971505e":"9860268ca2e10974f3726a0e5b9b310f":"":"fbe7ced7048f83e3a075661c4924eb77da1b4d6019d504afb942d728b31fd3b17557bd101c08453540a5e28d3505aeb8801a448afac2d9f68d20c0a31c7ef22bd95438851789eef1bebe8d96ac29607025b7e1366fecd3690ba90c315528dc435d9a786d36a16808d4b3e2c7c5175a1279792f1daccf51b2f91ac839465bb89a":"f809105e5fc5b13c":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"175c306f8644b0c4b894ae3d0971505e":"9860268ca2e10974f3726a0e5b9b310f":"":"fbe7ced7048f83e3a075661c4924eb77da1b4d6019d504afb942d728b31fd3b17557bd101c08453540a5e28d3505aeb8801a448afac2d9f68d20c0a31c7ef22bd95438851789eef1bebe8d96ac29607025b7e1366fecd3690ba90c315528dc435d9a786d36a16808d4b3e2c7c5175a1279792f1daccf51b2f91ac839465bb89a":"f809105e5fc5b13c":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08c0edcfe342a676ccdc04bdf854b4b0":"4a7b70753930fe659f8cc38e5833f0c7":"":"1fc8ef8480c32d908b4bcbfa7074a38e915c20ed7a1c608422087e89442d7c5af6fe9c9a716c55793248062d8e6c6e8e904e2804da3a43701e4c78ecdb67e0b25308afc6d9b463356439cd095cff1bdf0fd91ab301c79fd257046cba79a5d5cd99f2502ad968420e4d499110106072dc687f434db0955c756a174a9024373c48":"9ab1e2f3c4606376":"":"983458c3f198bc685d98cea2b23cf71f0eb126e90937cab3492a46d9dc85d76bbb8035c6e209c34b2a7187df007faabe9f3064dc63f1cb15bf5a10655e39b94732e0c6583d56327e9701344e048887a81b256181cdfa9ec42ebc990875e4852240ddcb3cbc4ea4e6307075fd314f7190f3553267bd68b19e954e310ec3f8dbab"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08c0edcfe342a676ccdc04bdf854b4b0":"4a7b70753930fe659f8cc38e5833f0c7":"":"1fc8ef8480c32d908b4bcbfa7074a38e915c20ed7a1c608422087e89442d7c5af6fe9c9a716c55793248062d8e6c6e8e904e2804da3a43701e4c78ecdb67e0b25308afc6d9b463356439cd095cff1bdf0fd91ab301c79fd257046cba79a5d5cd99f2502ad968420e4d499110106072dc687f434db0955c756a174a9024373c48":"9ab1e2f3c4606376":"":"983458c3f198bc685d98cea2b23cf71f0eb126e90937cab3492a46d9dc85d76bbb8035c6e209c34b2a7187df007faabe9f3064dc63f1cb15bf5a10655e39b94732e0c6583d56327e9701344e048887a81b256181cdfa9ec42ebc990875e4852240ddcb3cbc4ea4e6307075fd314f7190f3553267bd68b19e954e310ec3f8dbab":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"241067a0301edf0f825d793e03383ea1":"a30994261f48a66bb6c1fc3d69659228":"":"6984bb9830843529fad7f5e7760db89c778d62c764fcd2136ffb35d7d869f62f61d7fef64f65b7136398c1b5a792844528a18a13fba40b186ae08d1153b538007fc460684e2add8a9ed8dd82acbb8d357240daaa0c4deb979e54715545db03fe22e6d3906e89bdc81d535dae53075a58f65099434bfeed943dbc6024a92aa06a":"36c3b4a732ba75ae":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"241067a0301edf0f825d793e03383ea1":"a30994261f48a66bb6c1fc3d69659228":"":"6984bb9830843529fad7f5e7760db89c778d62c764fcd2136ffb35d7d869f62f61d7fef64f65b7136398c1b5a792844528a18a13fba40b186ae08d1153b538007fc460684e2add8a9ed8dd82acbb8d357240daaa0c4deb979e54715545db03fe22e6d3906e89bdc81d535dae53075a58f65099434bfeed943dbc6024a92aa06a":"36c3b4a732ba75ae":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03cccb5357bd2848332d1696f2ff90cb":"e0754022dfb1f813ccaf321558790806":"":"5e2f18cbc1e773df9f28be08abb3d0b64d545c870c5778ac8bb396bef857d2ac1342ae1afb3bf5d64e667bf837458415d48396204fe560e3b635eb10e560e437f2d0396952998fd36e116cd047c1d7f6fc9901094454d24165c557a8816e0d0a8e0ce41e040ba6f26ca567c74fc47d9738b8cd8dae5dfc831c65bc1ba9603a07":"c75f0246":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03cccb5357bd2848332d1696f2ff90cb":"e0754022dfb1f813ccaf321558790806":"":"5e2f18cbc1e773df9f28be08abb3d0b64d545c870c5778ac8bb396bef857d2ac1342ae1afb3bf5d64e667bf837458415d48396204fe560e3b635eb10e560e437f2d0396952998fd36e116cd047c1d7f6fc9901094454d24165c557a8816e0d0a8e0ce41e040ba6f26ca567c74fc47d9738b8cd8dae5dfc831c65bc1ba9603a07":"c75f0246":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e5e53c84a05d5a5348bac7b2611cf62":"47e40543b7d16bc9122c40b106d31d43":"":"489c00c05dec06f282924c680f621ab99ac87f7d33ebbb4ca0eee187ec177d30d2b4afb4ee9f0dc019cf1a4da16d84b7f5f5c7fce72a32461db115b5a5a433024fd5ed3d47161836bb057a0189ed768f95e45fa967d0cc512fc91b555808c4033c945e8f2f7d36428dcb61f697e791b74e5c79b2bcb9cb81bec70d8119cd8d76":"81eec75d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e5e53c84a05d5a5348bac7b2611cf62":"47e40543b7d16bc9122c40b106d31d43":"":"489c00c05dec06f282924c680f621ab99ac87f7d33ebbb4ca0eee187ec177d30d2b4afb4ee9f0dc019cf1a4da16d84b7f5f5c7fce72a32461db115b5a5a433024fd5ed3d47161836bb057a0189ed768f95e45fa967d0cc512fc91b555808c4033c945e8f2f7d36428dcb61f697e791b74e5c79b2bcb9cb81bec70d8119cd8d76":"81eec75d":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2c94008bf377f90b7a1c0d2ea38f730c":"abfe92931a8411a39986b74560a38211":"":"7b3d619d115de9970b2df4e1f25194940b3f3da04c653231e8e6946de9dc08ae5ba37e2a93c232e1f9445f31c01333045f22bd832e3b5f9833f37070fafb0ef1c44cc5637058ab64d9e07bb81b32852d4cf749a3ddbfdb494f8de8bb4e31f46033f8a16bc22e2595d023845505ea5db74dd69ab4ca940078b09efb4ff19bdb66":"47d42e78":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2c94008bf377f90b7a1c0d2ea38f730c":"abfe92931a8411a39986b74560a38211":"":"7b3d619d115de9970b2df4e1f25194940b3f3da04c653231e8e6946de9dc08ae5ba37e2a93c232e1f9445f31c01333045f22bd832e3b5f9833f37070fafb0ef1c44cc5637058ab64d9e07bb81b32852d4cf749a3ddbfdb494f8de8bb4e31f46033f8a16bc22e2595d023845505ea5db74dd69ab4ca940078b09efb4ff19bdb66":"47d42e78":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"69eedf3777e594c30e94e9c5e2bce467":"a3330638a809ba358d6c098e4342b81e":"df4e3f2b47cf0e8590228fcf9913fb8a5eb9751bba318fd2d57be68c7e788e04fabf303699b99f26313d1c4956105cd2817aad21b91c28f3b9251e9c0b354490fa5abfcea0065aa3cc9b96772eb8af06a1a9054bf12d3ae698dfb01a13f989f8b8a4bb61686cf3adf58f05873a24d403a62a092290c2481e4159588fea6b9a09":"5114e9983c96fecec3f7304ca42f52aa16cb7c6aadfb62ad537c93a3188835ca0703dad34c73cf96435b668b68a7a1d056931959316e8d3ab956bf64c4e07479c7767f9d488b0c0c351333ccf400b7e0be19a0fd173e3f2a1ae313f27e516952260fd2da9ab9daca478ebb93cd07d0b7503b32364d8e308d904d966c58f226bb":"5de3068e1e20eed469265000077b1db9":"":"208e6321238bf5c6e2ef55a4b8f531cbbfb0d77374fe32df6dd663486cf79beeed39bb6910c3c78dd0cc30707a0a12b226b2d06024db25dcd8a4e620f009cafa5242121e864c7f3f4360aaf1e9d4e548d99615156f156008418c1c41ff2bbc007cecf8f209c73203e6df89b32871de637b3d6af2e277d146ae03f3404d387b77"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"69eedf3777e594c30e94e9c5e2bce467":"a3330638a809ba358d6c098e4342b81e":"df4e3f2b47cf0e8590228fcf9913fb8a5eb9751bba318fd2d57be68c7e788e04fabf303699b99f26313d1c4956105cd2817aad21b91c28f3b9251e9c0b354490fa5abfcea0065aa3cc9b96772eb8af06a1a9054bf12d3ae698dfb01a13f989f8b8a4bb61686cf3adf58f05873a24d403a62a092290c2481e4159588fea6b9a09":"5114e9983c96fecec3f7304ca42f52aa16cb7c6aadfb62ad537c93a3188835ca0703dad34c73cf96435b668b68a7a1d056931959316e8d3ab956bf64c4e07479c7767f9d488b0c0c351333ccf400b7e0be19a0fd173e3f2a1ae313f27e516952260fd2da9ab9daca478ebb93cd07d0b7503b32364d8e308d904d966c58f226bb":"5de3068e1e20eed469265000077b1db9":"":"208e6321238bf5c6e2ef55a4b8f531cbbfb0d77374fe32df6dd663486cf79beeed39bb6910c3c78dd0cc30707a0a12b226b2d06024db25dcd8a4e620f009cafa5242121e864c7f3f4360aaf1e9d4e548d99615156f156008418c1c41ff2bbc007cecf8f209c73203e6df89b32871de637b3d6af2e277d146ae03f3404d387b77":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"45cc35311eedf0ba093bf901931a7036":"fed5084de3c348f5a0adf4c2fd4e848a":"6e210914e4aed188d576f5ad7fc7e4cf7dd8d82f34ea3bcbdb7267cfd9045f806978dbff3460c4e8ff8c4edb6ad2edba405a8d915729d89aab2116b36a70b54f5920a97f5a571977e0329eda6c696749be940eabfc6d8b0bbd6fbdb87657b3a7695da9f5d3a7384257f20e0becd8512d3705cc246ee6ca1e610921cf92603d79":"5dc8d7525eaad035c19714ae1b1e538cb66a4089027245351e0ad9297410fb3a0c1155407c10a8bb95a9ca624a9c9925dac003ee78926c6e90ff4ccdba10e8a78bda1c4478162a0e302de5ff05fb0f94c89c3c7429fb94828bdcd97d21333c2ee72963ee6f056ce272b8bab007e653a42b01d1d2041ba627f169c8c0d32e6dae":"266a895fc21da5176b44b446d7d1921d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"45cc35311eedf0ba093bf901931a7036":"fed5084de3c348f5a0adf4c2fd4e848a":"6e210914e4aed188d576f5ad7fc7e4cf7dd8d82f34ea3bcbdb7267cfd9045f806978dbff3460c4e8ff8c4edb6ad2edba405a8d915729d89aab2116b36a70b54f5920a97f5a571977e0329eda6c696749be940eabfc6d8b0bbd6fbdb87657b3a7695da9f5d3a7384257f20e0becd8512d3705cc246ee6ca1e610921cf92603d79":"5dc8d7525eaad035c19714ae1b1e538cb66a4089027245351e0ad9297410fb3a0c1155407c10a8bb95a9ca624a9c9925dac003ee78926c6e90ff4ccdba10e8a78bda1c4478162a0e302de5ff05fb0f94c89c3c7429fb94828bdcd97d21333c2ee72963ee6f056ce272b8bab007e653a42b01d1d2041ba627f169c8c0d32e6dae":"266a895fc21da5176b44b446d7d1921d":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9edb5231ca4a136b4df4ae22b8588f9f":"c342e9bdabe7be922b2695f5894e032c":"a45c7f8032ac5144deef8d5380f033aea2786b0592720a867f4831eaccc6b85d3fd568aedc6e472e017455b0b5b30cf7a08ea43ca587f35e1646ecd9b4dc774d11e350c82c65692be1e9541cbd72a283bdcf93dc7115545f373747b4f8d5915ed0c42fbeefd3e9bd86003d65efc2361fde5b874ddabcf8265e6b884615102eff":"493df801c57f8bb591955712d92d3fc34518f0599fec8533b2b4473364e1df4f560c12444cf50eeb584676b7e955c742189de6b50b8e012dfa6642f3679fb02bc6d8e08d1db88c8ae955a7946263e06494e17f8df246b672942661e5563302252208f2e00a0d77068a020e26082c291a75a06f63c41e2830292a418b2b5fd9dd":"5ed3ea75c8172fa0e8755fef7b4c90f1":"":"56696e501fac1e8d5b83ef911ed11337d5d51ff5342a82993dd5340bb9632e6606eef68ec5fe8cec6b34ebbc596c279e6cbc9221c4cde933f6d93ae014e3c4ca49593f35eaa638606d059519bac3a3373519e6184e7227d2aa62170c36479fe239cb698bfca863925a4c9fb1338685a55a6dfd3bd9c52d8ae12be8551fce6e1a"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9edb5231ca4a136b4df4ae22b8588f9f":"c342e9bdabe7be922b2695f5894e032c":"a45c7f8032ac5144deef8d5380f033aea2786b0592720a867f4831eaccc6b85d3fd568aedc6e472e017455b0b5b30cf7a08ea43ca587f35e1646ecd9b4dc774d11e350c82c65692be1e9541cbd72a283bdcf93dc7115545f373747b4f8d5915ed0c42fbeefd3e9bd86003d65efc2361fde5b874ddabcf8265e6b884615102eff":"493df801c57f8bb591955712d92d3fc34518f0599fec8533b2b4473364e1df4f560c12444cf50eeb584676b7e955c742189de6b50b8e012dfa6642f3679fb02bc6d8e08d1db88c8ae955a7946263e06494e17f8df246b672942661e5563302252208f2e00a0d77068a020e26082c291a75a06f63c41e2830292a418b2b5fd9dd":"5ed3ea75c8172fa0e8755fef7b4c90f1":"":"56696e501fac1e8d5b83ef911ed11337d5d51ff5342a82993dd5340bb9632e6606eef68ec5fe8cec6b34ebbc596c279e6cbc9221c4cde933f6d93ae014e3c4ca49593f35eaa638606d059519bac3a3373519e6184e7227d2aa62170c36479fe239cb698bfca863925a4c9fb1338685a55a6dfd3bd9c52d8ae12be8551fce6e1a":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d5fdcb8f5225090e63fae9b68f92c7cb":"581c818282a0905df5ffff652e5604e9":"f1ae6cd7b07f261105f555cf812a1d5bf8dd9aac07666318acffa11abb77d0238156663acbf7543825b45c6e9cddb481a40995ecd78bb5f4cba5df7c7efb00fc19c7f45e94d37697aca8ef368b99165393b6107f900194c797cd3289cb097eb5915f2abfd6aa52dd1effffdde448e30075a1c053246db54b0ec16eadca1c0071":"d39b9cba95e3a3aab9bc1d03ff475c04faeb5b7f0510777f39e5a05756606eb7ddd154aac035d9ddaf3535629821dd8f014dedd52cd184f52fc706e3c89a3a271398c9125d9a624dafb297a56022ca2ea331ea7359ab5e65f8e14814788e64e0a886a9b1a0144bf268fdcf9d94c3d10a0452f40111da9df108252e9039eacea3":"827e66b5b70dce56215cfb86c9a642":"":"cec11a12e47fd443f878e8e9fe23c65f29dd2d53cec59b799bcb0928de8e2f92fe85c27cec5c842ef30967b919accafe0c0d731b57f0bb5685d90a3061cb473e50e8aeca1346d1f47f7db06941f83f21ba5976d97c28cab547d8c1f38387a04b8a0b212da55b75fbaf9562eeeabd78eadcbab66457f0cd4e0d28133a64cb063f"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d5fdcb8f5225090e63fae9b68f92c7cb":"581c818282a0905df5ffff652e5604e9":"f1ae6cd7b07f261105f555cf812a1d5bf8dd9aac07666318acffa11abb77d0238156663acbf7543825b45c6e9cddb481a40995ecd78bb5f4cba5df7c7efb00fc19c7f45e94d37697aca8ef368b99165393b6107f900194c797cd3289cb097eb5915f2abfd6aa52dd1effffdde448e30075a1c053246db54b0ec16eadca1c0071":"d39b9cba95e3a3aab9bc1d03ff475c04faeb5b7f0510777f39e5a05756606eb7ddd154aac035d9ddaf3535629821dd8f014dedd52cd184f52fc706e3c89a3a271398c9125d9a624dafb297a56022ca2ea331ea7359ab5e65f8e14814788e64e0a886a9b1a0144bf268fdcf9d94c3d10a0452f40111da9df108252e9039eacea3":"827e66b5b70dce56215cfb86c9a642":"":"cec11a12e47fd443f878e8e9fe23c65f29dd2d53cec59b799bcb0928de8e2f92fe85c27cec5c842ef30967b919accafe0c0d731b57f0bb5685d90a3061cb473e50e8aeca1346d1f47f7db06941f83f21ba5976d97c28cab547d8c1f38387a04b8a0b212da55b75fbaf9562eeeabd78eadcbab66457f0cd4e0d28133a64cb063f":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"036198cd3a3ab9319684d0f811cf2992":"47dffc6b3b80ffef4b943bde87b9cf3c":"ec4de476cd337f564a3facb544d0ff31cd89af4c3d9a28543e45156189f8eff8f804494dda83a1fb2c30ce858884a01ec63db59268452b1eea0f0d48280bb7340eaacc84509469dd94d303774d053d7ab4fb5f6c26581efeb19165f8cb09d58ec314d09ab8356731e87fd081f661e7b2d1a7c3aa4af5448a12b742e7b210b0b0":"6b95b9e82a695fb7b466ce3adb536f525d8314f95eada39efb49baf121093ce7d5439f0d8223e03530b85accd388a70650ca9f7e63eb32afecb7b1916ed9b762128cc641caf3e08e027c3d88481d653b6b15172e977dfb9b3f88465911aee162501cbf8501ce2b66ee151bbfdc23225f638f18750c239d62471663e5ee2a5856":"6cf68a374bea08a977ec8a04b92e8b":"":"5c2f7c408167be3d266ff634e1993fe291aef7efae245fa0b6b5bde886a810c866ae6a078286684d1b66116e636e285f03646e09f3c4ed7b184e7c171ba84f3bfd9500c6f35964a404892b4cdcdd3f697fc5b01934a86019810987a9fea7efca016049873f1072f62df3c17f57ea1d88ccd8757f7e3c5d96e8a18d5366a39ea9"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"036198cd3a3ab9319684d0f811cf2992":"47dffc6b3b80ffef4b943bde87b9cf3c":"ec4de476cd337f564a3facb544d0ff31cd89af4c3d9a28543e45156189f8eff8f804494dda83a1fb2c30ce858884a01ec63db59268452b1eea0f0d48280bb7340eaacc84509469dd94d303774d053d7ab4fb5f6c26581efeb19165f8cb09d58ec314d09ab8356731e87fd081f661e7b2d1a7c3aa4af5448a12b742e7b210b0b0":"6b95b9e82a695fb7b466ce3adb536f525d8314f95eada39efb49baf121093ce7d5439f0d8223e03530b85accd388a70650ca9f7e63eb32afecb7b1916ed9b762128cc641caf3e08e027c3d88481d653b6b15172e977dfb9b3f88465911aee162501cbf8501ce2b66ee151bbfdc23225f638f18750c239d62471663e5ee2a5856":"6cf68a374bea08a977ec8a04b92e8b":"":"5c2f7c408167be3d266ff634e1993fe291aef7efae245fa0b6b5bde886a810c866ae6a078286684d1b66116e636e285f03646e09f3c4ed7b184e7c171ba84f3bfd9500c6f35964a404892b4cdcdd3f697fc5b01934a86019810987a9fea7efca016049873f1072f62df3c17f57ea1d88ccd8757f7e3c5d96e8a18d5366a39ea9":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c9fbbff8f25f951ba874dfc5ff38584e":"1c1fc752673be6d4ff4cc749fc11e0fe":"abfde0b60acfe265b62ed68ebebc1f5f725f155c4b8a8aeec8d704701c51ff7817060c1b0ce6b80d6efc9836c9ea2bc022ec67db4cd34e945e3a1b153fd2e0f7ac84bb4b07e04cbb529ee24014b16067f9f082b940c9d5e54024d3e5e910310457478560721587da7b5343d89eec5a8fce389c01185db15e7faa9a3fa32e8ab9":"ca401071396da00376add467490abc6e6a7d8a85852026979f7013a09cf689113c8d833560cd6c5b8fdaa8fdd818e773ac13954839a0a2c91efeaf4e0e14de43308419a8b86fa2ae600a88a6bd39dfaabc16a3c7c1b77a5c2aab7f7caceb2f8595324125efbb7c96ba16c47d0bd10568b24bf445d72d683268466e68e46df500":"ff0b2c384e03b50e7e829c7a9f95aa":"":"239637fac6e180e71b2c9fa63ce8805f453d81499623ec2deba9b033350250662897867bffaf0c314244baf9e1fe3e1bb7c626d616bfbf3e0ac09a32aaf718b432337c9dc57c2d6fc4a0a09bdc05b9184d1b90c7193b7869f91e2caa8b3b35c10c6621ffae4c609bdf4e4e3f06e930541c381451ef58f4f30a559d2b79b0e6b6"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c9fbbff8f25f951ba874dfc5ff38584e":"1c1fc752673be6d4ff4cc749fc11e0fe":"abfde0b60acfe265b62ed68ebebc1f5f725f155c4b8a8aeec8d704701c51ff7817060c1b0ce6b80d6efc9836c9ea2bc022ec67db4cd34e945e3a1b153fd2e0f7ac84bb4b07e04cbb529ee24014b16067f9f082b940c9d5e54024d3e5e910310457478560721587da7b5343d89eec5a8fce389c01185db15e7faa9a3fa32e8ab9":"ca401071396da00376add467490abc6e6a7d8a85852026979f7013a09cf689113c8d833560cd6c5b8fdaa8fdd818e773ac13954839a0a2c91efeaf4e0e14de43308419a8b86fa2ae600a88a6bd39dfaabc16a3c7c1b77a5c2aab7f7caceb2f8595324125efbb7c96ba16c47d0bd10568b24bf445d72d683268466e68e46df500":"ff0b2c384e03b50e7e829c7a9f95aa":"":"239637fac6e180e71b2c9fa63ce8805f453d81499623ec2deba9b033350250662897867bffaf0c314244baf9e1fe3e1bb7c626d616bfbf3e0ac09a32aaf718b432337c9dc57c2d6fc4a0a09bdc05b9184d1b90c7193b7869f91e2caa8b3b35c10c6621ffae4c609bdf4e4e3f06e930541c381451ef58f4f30a559d2b79b0e6b6":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3a314ec178da96311e42334a616fb38b":"d7ea27c819e3eb2666611bb1c7fc068d":"db8dcc31a5681f13d56abd51bd2dcb0d2b171628186e215a68bf16167b4acd00c3441973c3fa62fa2698ee5c6749fc20e542364d63c40756d8bcff780269e5201bafdced3cdc97931d8203873431882c84522c151b775285d0a3c5d7667254c74724ff0ea9d417aa6c62835865dfded34edd331c0c235a089427672c5a9211c9":"518b3f5384ab54f80497d55be7a5d6902bc7718386212c2ec7537db331514b3838f104bf9054e03039a4cfb73f41e5d0a9648e569ed738cea8d33917430dff6afa8f07a75e324b9262fa196a4439dcd66b0535ee5bea0d292600227c2a79ed03be0671740e5cb7b306d855612bd3abcbf02cf7e7cecbb6cdbb33d57b4e3234a2":"1e774647b1ca406e0ed7141a8e1e":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3a314ec178da96311e42334a616fb38b":"d7ea27c819e3eb2666611bb1c7fc068d":"db8dcc31a5681f13d56abd51bd2dcb0d2b171628186e215a68bf16167b4acd00c3441973c3fa62fa2698ee5c6749fc20e542364d63c40756d8bcff780269e5201bafdced3cdc97931d8203873431882c84522c151b775285d0a3c5d7667254c74724ff0ea9d417aa6c62835865dfded34edd331c0c235a089427672c5a9211c9":"518b3f5384ab54f80497d55be7a5d6902bc7718386212c2ec7537db331514b3838f104bf9054e03039a4cfb73f41e5d0a9648e569ed738cea8d33917430dff6afa8f07a75e324b9262fa196a4439dcd66b0535ee5bea0d292600227c2a79ed03be0671740e5cb7b306d855612bd3abcbf02cf7e7cecbb6cdbb33d57b4e3234a2":"1e774647b1ca406e0ed7141a8e1e":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e818372a63b7e2c23b524e29ba752bdb":"36e617e787cb25e154f73af1da68cb06":"71801d69796c2ce36b043c157aec9fd2e06fd1ec596126d10c26b6d44e3dc36c4fa30a030d65c382b6ddfd958e71fe9c16732e595137a3d6764c15480fc3358e9a113ba492b31274663f5842df5d1cc6bad70e83b34675a4411e2e70755aede0ff5035601be130562e27a20283d6f144ff1bdb5276dec05fad80d51b28d50688":"c1bf1b702a95ceaa6b48a1cdd888ae51f58a9fc3232bd6c784529a83301c6d0cdda6e605ad9a2563f54a8d59f624ae7c589e48b85041a010dcb6fb8739d43e79a456fc0e8574af086df78680460c3cdc4e00dc3b9d4e76b0de26e9aec546705249fa7e7466c01001c2667eaf2813be1f0f116916f34843a06b201d653aa1b27e":"3744262bc76f283964c1c15dc069":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e818372a63b7e2c23b524e29ba752bdb":"36e617e787cb25e154f73af1da68cb06":"71801d69796c2ce36b043c157aec9fd2e06fd1ec596126d10c26b6d44e3dc36c4fa30a030d65c382b6ddfd958e71fe9c16732e595137a3d6764c15480fc3358e9a113ba492b31274663f5842df5d1cc6bad70e83b34675a4411e2e70755aede0ff5035601be130562e27a20283d6f144ff1bdb5276dec05fad80d51b28d50688":"c1bf1b702a95ceaa6b48a1cdd888ae51f58a9fc3232bd6c784529a83301c6d0cdda6e605ad9a2563f54a8d59f624ae7c589e48b85041a010dcb6fb8739d43e79a456fc0e8574af086df78680460c3cdc4e00dc3b9d4e76b0de26e9aec546705249fa7e7466c01001c2667eaf2813be1f0f116916f34843a06b201d653aa1b27e":"3744262bc76f283964c1c15dc069":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a04f16882ff45816739d1b6697ce8b7":"66f504d9a9128ad7fb7f1430d37c4784":"f641c53c83c4fb1ff8044bfa97cdf63fe75d8159d65b3e5ad585b89c083a53cf4a2f7a58eaeaf45fa71f2c07bc5725a6b03307d7f32884a133a4c803700bf1e12564b98b71f63b434ddf13ad2c467dda25ffa6effcafa72452b20c34cfae71e47096f8745b487e9f1945f5bec83f7ec2709a13b504d92315b1b727a78902be84":"6a4f3dbb3371f64258fd1f831349e745a4e19a33aad794b1de3788729618beed619586092120e9e5dc3ac6e0d52f991f7be61afbfaa4399ac716ad79a2734827254b1627791dc92a128a6f43426b8085dee94242e83176a3d762658f18ecc1e37e3e1531648c9caed212ea2cf3b3843cb92cb07730f30fe2dca3925470fadd06":"fbb37084396394fecd9581741f3c":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a04f16882ff45816739d1b6697ce8b7":"66f504d9a9128ad7fb7f1430d37c4784":"f641c53c83c4fb1ff8044bfa97cdf63fe75d8159d65b3e5ad585b89c083a53cf4a2f7a58eaeaf45fa71f2c07bc5725a6b03307d7f32884a133a4c803700bf1e12564b98b71f63b434ddf13ad2c467dda25ffa6effcafa72452b20c34cfae71e47096f8745b487e9f1945f5bec83f7ec2709a13b504d92315b1b727a78902be84":"6a4f3dbb3371f64258fd1f831349e745a4e19a33aad794b1de3788729618beed619586092120e9e5dc3ac6e0d52f991f7be61afbfaa4399ac716ad79a2734827254b1627791dc92a128a6f43426b8085dee94242e83176a3d762658f18ecc1e37e3e1531648c9caed212ea2cf3b3843cb92cb07730f30fe2dca3925470fadd06":"fbb37084396394fecd9581741f3c":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"38cf029a4b20607030586cd2d82146e6":"6330084319e2bf32cd5240f4826944bc":"80746cfb0127c592f8164d751b0e14a5b379056a884cece7ee4e9b80538d7ff6be56a3b19c135786722aaf315123b47672b0251e87ea45f0fd3601cf93f9efa6cbd9ad537f54d57f1e187f821faac24096ecec19d137c9f4cf145c278af4cd8de01c7758784fda06f1cc62d92ae1977786f3d0645714ab4ab6f48c8794b12f73":"f4c9f4476561c9ebdac71b282ae6e2f9f03547da98e66d4d857720db2fcc9ed1f363858db34c9dcaca0109d7c81db24150493115f2bb6985efa8686e3d2ab719d33b230aa4c5c70696bf42f225fb3c6704711c054a882d89b320884a78cb59cd2100496edf4010487597fb9135d8ca79693a43843e9626fd6c64a8722b3a27dc":"7b021de5cda915ba58f90ceef4":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"38cf029a4b20607030586cd2d82146e6":"6330084319e2bf32cd5240f4826944bc":"80746cfb0127c592f8164d751b0e14a5b379056a884cece7ee4e9b80538d7ff6be56a3b19c135786722aaf315123b47672b0251e87ea45f0fd3601cf93f9efa6cbd9ad537f54d57f1e187f821faac24096ecec19d137c9f4cf145c278af4cd8de01c7758784fda06f1cc62d92ae1977786f3d0645714ab4ab6f48c8794b12f73":"f4c9f4476561c9ebdac71b282ae6e2f9f03547da98e66d4d857720db2fcc9ed1f363858db34c9dcaca0109d7c81db24150493115f2bb6985efa8686e3d2ab719d33b230aa4c5c70696bf42f225fb3c6704711c054a882d89b320884a78cb59cd2100496edf4010487597fb9135d8ca79693a43843e9626fd6c64a8722b3a27dc":"7b021de5cda915ba58f90ceef4":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cf4d81fc5997c744a572bed71f4ae609":"bc4e20c56931c967ce8e3b8f5f1c392f":"b6b8294abf7da5703f864721f7904d3821f5568bf4b269e44edef4f1c95ddc172d83a06c0ad9f7f1fd2e292c17a876392bc5bb705d370b2f16ff721bef7648f423346fd3a4d762676e6fcf2d690553a47224af29afed0f452d263be90eb8150a13d720f1db6f1abc1c2ec18cfbf93b8ed3c5aa7cfc1dcb514d69f90409687a4d":"f3d65d70326e641fbe7fd945fe9cf66c74f17d0d1020ae8ac488f39b7285c99d8632bc2201960f3d77daccfecc04428abe0853aa8d82b90a93127c72b2d2af53f7f1bd0afb99d50f0b3b24e934ec98eddb278b2c65866442cebf10208c7ce1b7ecf764858480b2a269b106fa6d2428d5ad17612e53e62ccc7ad1184663aeb9a7":"0a86142a0af81c8df64ba689f4":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cf4d81fc5997c744a572bed71f4ae609":"bc4e20c56931c967ce8e3b8f5f1c392f":"b6b8294abf7da5703f864721f7904d3821f5568bf4b269e44edef4f1c95ddc172d83a06c0ad9f7f1fd2e292c17a876392bc5bb705d370b2f16ff721bef7648f423346fd3a4d762676e6fcf2d690553a47224af29afed0f452d263be90eb8150a13d720f1db6f1abc1c2ec18cfbf93b8ed3c5aa7cfc1dcb514d69f90409687a4d":"f3d65d70326e641fbe7fd945fe9cf66c74f17d0d1020ae8ac488f39b7285c99d8632bc2201960f3d77daccfecc04428abe0853aa8d82b90a93127c72b2d2af53f7f1bd0afb99d50f0b3b24e934ec98eddb278b2c65866442cebf10208c7ce1b7ecf764858480b2a269b106fa6d2428d5ad17612e53e62ccc7ad1184663aeb9a7":"0a86142a0af81c8df64ba689f4":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d88ad40b42ead744f1b7a36685658be1":"52c3158f5bd65a0a7ce1c5b57b9b295e":"dde2663335c40e5550ae192b843fa9fb4ef357b5c09d9f39dafda3296a4d14031817ee4dc1a201d677597d81e37050cd3dc86c25adbd551e947a080b6c47ec7be8a927ef7920bd1bb81f2c59801a2b9d745d33344cbe4838bcf2eb8dce53ab82c75c9bbab8e406597f6908aaa81fbbdef25aa69116c8f7a8cdc9958435aa32ac":"e99d2566fe6bcb2a04d167605db7c0f1e5567ff2d8d3292c15bbccc5d1e872bcb15a30b3bb8b1eb45e02fba15946e6bca310583a6740845a0f74f4ebfd5c59ced46875823e369e0447cc3e5d03dae530adf3c9846362c94e7f9d17207bf92d4d59981d8fd904eb8b96a0a23eb0f8d7e7a87e8e8892a2451524da6841ce575c27":"7643b3534eb5cb38331ed2e572":"":"6f87f6be2f4e7421aa26fe321045d1e23066a02158634bef35890581c92367d0bc232940de30974c70a66c60137a9f3924d12db1e5bc1b0e7131ea3620a25eb805b7d670263b82c8bbfcd6839305025390fc17d42d82daebe1b24f73ff9aa4617e3866785dded88f8b55ef89b2798ea2641a592a46428d9020f9bf853c194576"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d88ad40b42ead744f1b7a36685658be1":"52c3158f5bd65a0a7ce1c5b57b9b295e":"dde2663335c40e5550ae192b843fa9fb4ef357b5c09d9f39dafda3296a4d14031817ee4dc1a201d677597d81e37050cd3dc86c25adbd551e947a080b6c47ec7be8a927ef7920bd1bb81f2c59801a2b9d745d33344cbe4838bcf2eb8dce53ab82c75c9bbab8e406597f6908aaa81fbbdef25aa69116c8f7a8cdc9958435aa32ac":"e99d2566fe6bcb2a04d167605db7c0f1e5567ff2d8d3292c15bbccc5d1e872bcb15a30b3bb8b1eb45e02fba15946e6bca310583a6740845a0f74f4ebfd5c59ced46875823e369e0447cc3e5d03dae530adf3c9846362c94e7f9d17207bf92d4d59981d8fd904eb8b96a0a23eb0f8d7e7a87e8e8892a2451524da6841ce575c27":"7643b3534eb5cb38331ed2e572":"":"6f87f6be2f4e7421aa26fe321045d1e23066a02158634bef35890581c92367d0bc232940de30974c70a66c60137a9f3924d12db1e5bc1b0e7131ea3620a25eb805b7d670263b82c8bbfcd6839305025390fc17d42d82daebe1b24f73ff9aa4617e3866785dded88f8b55ef89b2798ea2641a592a46428d9020f9bf853c194576":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c3ce86a212a30e724b4c624057db4e79":"9e03f0dd4cb2b3d830a6925e4400ed89":"92c48a39d93ea3308f55f6650d33fdf17a902076d582a94a82ac99496de9f62312292b844bbca5a683ef0f0710bbc1c7f89cbcca8f9c0299f154590d32059bd99fca5d78c450ede0d11d55075947caf2151218ce7a06c1e81985a7781a3444054170b457fd7ba816026310112abb47c8eddfd3ab7f679a0f60efc6c6dd3b759e":"3582ef7a9565c9a8e4496750ee5ca3e3a80df6238f7b7608e3394ec56d1360777921da039ede34abcedd01081babd496ba4de74a7de501181d6bb2022a6cc7f79d89a4c6a97676fb0f2b42f70e2d0bc1eaac364c3646df4f611c1d6b09737451b81b5a4da73c05fb58391c74e44498b80b26f1c29562d23c39b5d3f086b280cb":"3230fe94b6ccd63e605f87d0":"":"052347a4273cddba65b2a0b961477f07edee440a9117ab204359d2dd45ad2a6dad3b60ead891e7da6d79f3017ac90f95725a0089f04d25ce537bf53b7ea8e1ea58692d34c221db141e2a9fd7211adcee03ef8b5bf3c5d36311d20bb3d81f70f7e7272d0e2b6d12293b1a2c31b70f140a8f08d98c6231a3c429c3d0a10b2e1c1c"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c3ce86a212a30e724b4c624057db4e79":"9e03f0dd4cb2b3d830a6925e4400ed89":"92c48a39d93ea3308f55f6650d33fdf17a902076d582a94a82ac99496de9f62312292b844bbca5a683ef0f0710bbc1c7f89cbcca8f9c0299f154590d32059bd99fca5d78c450ede0d11d55075947caf2151218ce7a06c1e81985a7781a3444054170b457fd7ba816026310112abb47c8eddfd3ab7f679a0f60efc6c6dd3b759e":"3582ef7a9565c9a8e4496750ee5ca3e3a80df6238f7b7608e3394ec56d1360777921da039ede34abcedd01081babd496ba4de74a7de501181d6bb2022a6cc7f79d89a4c6a97676fb0f2b42f70e2d0bc1eaac364c3646df4f611c1d6b09737451b81b5a4da73c05fb58391c74e44498b80b26f1c29562d23c39b5d3f086b280cb":"3230fe94b6ccd63e605f87d0":"":"052347a4273cddba65b2a0b961477f07edee440a9117ab204359d2dd45ad2a6dad3b60ead891e7da6d79f3017ac90f95725a0089f04d25ce537bf53b7ea8e1ea58692d34c221db141e2a9fd7211adcee03ef8b5bf3c5d36311d20bb3d81f70f7e7272d0e2b6d12293b1a2c31b70f140a8f08d98c6231a3c429c3d0a10b2e1c1c":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a0155360b84420b5bf4fb410ea02f31e":"46f0386be7363887e7e357376305eab5":"611bc290f91798ad84f0a5ecb5a7cb8fa35e9ab6a5a51c9869a68a076e96f92c9c117595f92cbac5d33343fa2accd2541473907cbc54792c5e215ae857424c921b04ca4b81376bbedbfcc0e565c118f2aced08f247698eed5e2d202c48245161cabeac9fa195219f9799fa253e339561e13012167f1d02b4012b7791b7c863ba":"ecdb51522fc440f7471ea6a31f7c1ef1ec2153e5bcf6303297dbf8ddb3830b45ed9866157375ce4bdeb5e32fcbc6607984fccd7e6552628736608ab13072856d432ceccd3e90d1bb52ca9ada9cee90eb89ac10e887a1978fd0fb3d7bb20caaf35539e150be8044b725b8427c4c4a910f79980865d36344a8784bcc3d58460acb":"ac5addcc10cae6c1345520f1":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a0155360b84420b5bf4fb410ea02f31e":"46f0386be7363887e7e357376305eab5":"611bc290f91798ad84f0a5ecb5a7cb8fa35e9ab6a5a51c9869a68a076e96f92c9c117595f92cbac5d33343fa2accd2541473907cbc54792c5e215ae857424c921b04ca4b81376bbedbfcc0e565c118f2aced08f247698eed5e2d202c48245161cabeac9fa195219f9799fa253e339561e13012167f1d02b4012b7791b7c863ba":"ecdb51522fc440f7471ea6a31f7c1ef1ec2153e5bcf6303297dbf8ddb3830b45ed9866157375ce4bdeb5e32fcbc6607984fccd7e6552628736608ab13072856d432ceccd3e90d1bb52ca9ada9cee90eb89ac10e887a1978fd0fb3d7bb20caaf35539e150be8044b725b8427c4c4a910f79980865d36344a8784bcc3d58460acb":"ac5addcc10cae6c1345520f1":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"694f621f594d96b16c32254ff06f3f9c":"542db4e107485a3cd24c7ad337a4f1b5":"27b7bfa5eb34ba376e515e58ab8b6556c396820d0074a1fe3b984945dcf5251ca450456ccb4bb66ec739b03fdc5f72d24553e843255adc012d1f1c95aa3cdac5d12926465354217203052cbd4869a8b5be2e01d0fe66b5a6a8da0a2ce351557e2991ce77baa812b9c67b8e1c5a1fc348710e1a73a0fd49acfd538b7db6bef8b3":"e61476b8b7f101ca6005f25af2b9bee795d62720bbbf59357057ca7cd473e00f0d465255fce8d6164657603323549fb4e3d33fa51054b1a70cc7e492916dea85453e9107fe781bfeb4a622c5b2306a8dddef99386dc50745003aa7220cd7f32fb0a060fa7682576769a48f9169c7d11fe0a8a61b95f5d6dfcf216f7d0c652a84":"0bdef4d771a1740381e7db97":"":"8b27a338fd2153d304f04655e09bd9bdf4468890ecce1e3b51de2c9a25a8d9336a9acd753ce270b1fe8d50196feac68145e0fd59c9cb3aa7c1e8af03494bc4279c6e287c849f3c775ada584ae173100946ae6921ef7c96bbc6f216093548702cf1867bb1bf1f4c9e90a34230a2b2aeb584622dd615023a43a406e64428bd9170"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"694f621f594d96b16c32254ff06f3f9c":"542db4e107485a3cd24c7ad337a4f1b5":"27b7bfa5eb34ba376e515e58ab8b6556c396820d0074a1fe3b984945dcf5251ca450456ccb4bb66ec739b03fdc5f72d24553e843255adc012d1f1c95aa3cdac5d12926465354217203052cbd4869a8b5be2e01d0fe66b5a6a8da0a2ce351557e2991ce77baa812b9c67b8e1c5a1fc348710e1a73a0fd49acfd538b7db6bef8b3":"e61476b8b7f101ca6005f25af2b9bee795d62720bbbf59357057ca7cd473e00f0d465255fce8d6164657603323549fb4e3d33fa51054b1a70cc7e492916dea85453e9107fe781bfeb4a622c5b2306a8dddef99386dc50745003aa7220cd7f32fb0a060fa7682576769a48f9169c7d11fe0a8a61b95f5d6dfcf216f7d0c652a84":"0bdef4d771a1740381e7db97":"":"8b27a338fd2153d304f04655e09bd9bdf4468890ecce1e3b51de2c9a25a8d9336a9acd753ce270b1fe8d50196feac68145e0fd59c9cb3aa7c1e8af03494bc4279c6e287c849f3c775ada584ae173100946ae6921ef7c96bbc6f216093548702cf1867bb1bf1f4c9e90a34230a2b2aeb584622dd615023a43a406e64428bd9170":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78826a5215a1d5e1b39cad5a06861f8f":"feb9d740fd1e221e328b5ef5ed19eff5":"ca9411b368d8295210d7a04da05a351d287f2f67d978ef1bb936de9f8065473f6fa11495da2eab13a1002231c86411d5409bbc718e2042ee99e013b1df1ef786e9fc1f2d43293c854128184efb9317c4ef82a002eac8b28fcd91d8a714a3aa25fc3c0ae4af9f4bcf5ad19a30cd8ec4b1785df70aa92074da419abe433dd4c435":"0fe2c798d7015d3e2f8725648d95729c45d357dc0c89fc63b9df5a68d3e65419540f663e9190793a29c58c495d5c6a731782acf119e2df8a96fb180ad772c301d098dbc5e3560ac45b6631a01cef7eed6db51f223775d601d2e11b9baa55e2f0651344777e5a03f6738a2013626a891b5f134f07b16598b8cbe3aeaefa1c2a26":"a724bbb295a02883":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78826a5215a1d5e1b39cad5a06861f8f":"feb9d740fd1e221e328b5ef5ed19eff5":"ca9411b368d8295210d7a04da05a351d287f2f67d978ef1bb936de9f8065473f6fa11495da2eab13a1002231c86411d5409bbc718e2042ee99e013b1df1ef786e9fc1f2d43293c854128184efb9317c4ef82a002eac8b28fcd91d8a714a3aa25fc3c0ae4af9f4bcf5ad19a30cd8ec4b1785df70aa92074da419abe433dd4c435":"0fe2c798d7015d3e2f8725648d95729c45d357dc0c89fc63b9df5a68d3e65419540f663e9190793a29c58c495d5c6a731782acf119e2df8a96fb180ad772c301d098dbc5e3560ac45b6631a01cef7eed6db51f223775d601d2e11b9baa55e2f0651344777e5a03f6738a2013626a891b5f134f07b16598b8cbe3aeaefa1c2a26":"a724bbb295a02883":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d450f5253251121606e56687952bf2f1":"fe7ff90b020fc77d7fcd90bc583850ac":"a3bca9ff25a60006eb18f993dcdc99681e414e27605264dfd25652195d7fe1489550afd07fc7346b88d93b59eb6642913646e93bf50ee1db5dd30106cf181124d8ad01c72ed99038c9798620abdf5c78c419b08c97f982b34d9e9105d9aa4538afcd37f62e2412f14f7a248fcd60abaf2b66cd4554767f99030f1a495d56a5ae":"479b4f421bd8ac7f615c4a507da187cb5d4b1f1e2c6113d1f9678c1ba92dc5e17c5b525d7f3208733223eb82af0820b8476e9b08ca714ce044417b24d2238720cb8ffdc69db558cbaff52e3651b400e16c9d5ac8ed8949a19c35516f80394a04bd1cfdced7b204f779d792086e00b2ebca2f55a1140e85f5ee9ac7cfc5a31747":"6446398aff73ed23":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d450f5253251121606e56687952bf2f1":"fe7ff90b020fc77d7fcd90bc583850ac":"a3bca9ff25a60006eb18f993dcdc99681e414e27605264dfd25652195d7fe1489550afd07fc7346b88d93b59eb6642913646e93bf50ee1db5dd30106cf181124d8ad01c72ed99038c9798620abdf5c78c419b08c97f982b34d9e9105d9aa4538afcd37f62e2412f14f7a248fcd60abaf2b66cd4554767f99030f1a495d56a5ae":"479b4f421bd8ac7f615c4a507da187cb5d4b1f1e2c6113d1f9678c1ba92dc5e17c5b525d7f3208733223eb82af0820b8476e9b08ca714ce044417b24d2238720cb8ffdc69db558cbaff52e3651b400e16c9d5ac8ed8949a19c35516f80394a04bd1cfdced7b204f779d792086e00b2ebca2f55a1140e85f5ee9ac7cfc5a31747":"6446398aff73ed23":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90a59f6b0abf932311f0b65623c17740":"20778bea82a6717038e7064f48a31981":"4022d04f1454a72d2efe57533bd32757595220b20f3a37d166cec0412fb1eb2588f939ecd906c805f4827338669888e9f730905001eb1b136b95e306edf70d9ba1e5cd0aa13a25a1f28ab55cff36f9cd7036c735e3b285d26002ad2ed1074b566e252ea3ec8a9ce10882375dc3f1d9676e301dcb179eaae991120b796cc35648":"be5a948a771a8df12adaf74d702f064a75f6483c03203365fbde7d184844fe6dee0b84cf344be05b1d163817ba1516fcb87b9167ed81f884ada73b0058e2b38cba515bbbe462f4c21f8de1d41bca2cf4340aa659f9f07886c2bb620d9c3295318c07fa3c17fe8242409359c08bcb337e5cf268880839b6a20f4ee4b3f04e7024":"dc77c1d7e0902d48":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90a59f6b0abf932311f0b65623c17740":"20778bea82a6717038e7064f48a31981":"4022d04f1454a72d2efe57533bd32757595220b20f3a37d166cec0412fb1eb2588f939ecd906c805f4827338669888e9f730905001eb1b136b95e306edf70d9ba1e5cd0aa13a25a1f28ab55cff36f9cd7036c735e3b285d26002ad2ed1074b566e252ea3ec8a9ce10882375dc3f1d9676e301dcb179eaae991120b796cc35648":"be5a948a771a8df12adaf74d702f064a75f6483c03203365fbde7d184844fe6dee0b84cf344be05b1d163817ba1516fcb87b9167ed81f884ada73b0058e2b38cba515bbbe462f4c21f8de1d41bca2cf4340aa659f9f07886c2bb620d9c3295318c07fa3c17fe8242409359c08bcb337e5cf268880839b6a20f4ee4b3f04e7024":"dc77c1d7e0902d48":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6be4ef629f0b38194c74f7b66418922d":"fb77a4b9b246271abfc656433f87628c":"e5d5227725a19a3050fbf2a97a6e854bc1218b94a4a3403b721ace3447daff68fff5553a26edd41219e68fb61fb9e964d0a3c29796251ae4eb942187cdc55d13a09dfb487e93d9e2072d7271456a77c6ccb81154443eea176314d6e3a08619b52cd880f1c28ae5214ac0090a3855dbd74f87389fe8afebd464330fb683dff81a":"b67ea20a320f4ec0e4185c62a4ad79a3c97a8189a5e4d1deff9d3edff0f9a9323532853c1a2a2c1e62e4d1afebfcdf1d8461921ea601750380e63b912d8b7389198f976851d88a19f1aa32c97143668ad00838d98da1c4f2be0e6e2dc964d170d7f7ad2e2997982e5ca110e744b6e10c24ca18eadff6b129b1f290c8a7e0a593":"3d8fc6fb":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6be4ef629f0b38194c74f7b66418922d":"fb77a4b9b246271abfc656433f87628c":"e5d5227725a19a3050fbf2a97a6e854bc1218b94a4a3403b721ace3447daff68fff5553a26edd41219e68fb61fb9e964d0a3c29796251ae4eb942187cdc55d13a09dfb487e93d9e2072d7271456a77c6ccb81154443eea176314d6e3a08619b52cd880f1c28ae5214ac0090a3855dbd74f87389fe8afebd464330fb683dff81a":"b67ea20a320f4ec0e4185c62a4ad79a3c97a8189a5e4d1deff9d3edff0f9a9323532853c1a2a2c1e62e4d1afebfcdf1d8461921ea601750380e63b912d8b7389198f976851d88a19f1aa32c97143668ad00838d98da1c4f2be0e6e2dc964d170d7f7ad2e2997982e5ca110e744b6e10c24ca18eadff6b129b1f290c8a7e0a593":"3d8fc6fb":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c50e37244931e8debc12b3d561c83ba2":"6c0b1fd7ab424a6883c36457d1b5521f":"516dc25f6452ae169ce293c5cee440de47353ca5ba770dca0f04175950e87a2d4c3f84fbc6eeacaac436853492929680066f959e74de4b736ab924d8367b90aaa6e9492561ad4b5aa78b6737d562e960edc3b983e2e01a186e9f22896f48d8dfcfb6a42cfe2c6006c687a27772820a1e8875bdf09e8104248ce4db883376bc04":"b9abf0796f2d2f774735546cf809030f65ed0c7f6bd469ef2fe0ef32aa0225b57fbce07c36017bbc1806a81ff1a429278160a07643f864485b4e0e35d57553dc1a131e32aa10f1f91d663b10f0a418f472ed7b4bca54fd7ffdbb22c4d7764d94a7ffd04730614459431eb64335b9b65363de292c04275d40a7b968c0f5c486e9":"7d4393f0":"":"962509e494f10269b70ebad02b0cd799d1d41191a734863ef502aff3d3ba48dc2acf9da9a3fc3f40be4d210dc5e128bc00499aec57aa0a4669863165428687b88d46fad41e36af8ea6605586eaa5c0736d0d53b9d523e0cb5a0b285048e060a73cbf4b587d2cd787debdb2b4c8cda731a61a15b19fe8b561fbdd3a7373853ae1"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c50e37244931e8debc12b3d561c83ba2":"6c0b1fd7ab424a6883c36457d1b5521f":"516dc25f6452ae169ce293c5cee440de47353ca5ba770dca0f04175950e87a2d4c3f84fbc6eeacaac436853492929680066f959e74de4b736ab924d8367b90aaa6e9492561ad4b5aa78b6737d562e960edc3b983e2e01a186e9f22896f48d8dfcfb6a42cfe2c6006c687a27772820a1e8875bdf09e8104248ce4db883376bc04":"b9abf0796f2d2f774735546cf809030f65ed0c7f6bd469ef2fe0ef32aa0225b57fbce07c36017bbc1806a81ff1a429278160a07643f864485b4e0e35d57553dc1a131e32aa10f1f91d663b10f0a418f472ed7b4bca54fd7ffdbb22c4d7764d94a7ffd04730614459431eb64335b9b65363de292c04275d40a7b968c0f5c486e9":"7d4393f0":"":"962509e494f10269b70ebad02b0cd799d1d41191a734863ef502aff3d3ba48dc2acf9da9a3fc3f40be4d210dc5e128bc00499aec57aa0a4669863165428687b88d46fad41e36af8ea6605586eaa5c0736d0d53b9d523e0cb5a0b285048e060a73cbf4b587d2cd787debdb2b4c8cda731a61a15b19fe8b561fbdd3a7373853ae1":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8531ddb03977383405baf2ee9ca7d64b":"baf623867d6a25fd85d1f08e599c0566":"18f92cdd37dcd7f99b06838f3f68748aba367baabaebd0da9ee787d70e752fa07dea553a43b643b8d8f460175c0746675205e20a7a98acfcac864d7c4cf5ab4c41c031738c76882acda003c5af47b1c4df8894a827a317935d970d4afaee17715c9cfd1883e8c345f19d1f89e229b8edba6b4f53b86d8da1c0f159afb83b6b33":"d90c9e26509bdba9b1dea8d2b94f2b1881d22c2bd756ad23cd61944710a1c1f2807170ed47a6870ae654e44757fcb3822ef28b37946cafc07284f8a0c22ae3552954f0d87b8d8c825bd546935b494cacb4262d9e2a88f254f200ad31367d8b3715afbabea5f34214ffedb14d7c84806022aba2dc8f88a314ffbb24017d1a9b9f":"2fc9de46":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8531ddb03977383405baf2ee9ca7d64b":"baf623867d6a25fd85d1f08e599c0566":"18f92cdd37dcd7f99b06838f3f68748aba367baabaebd0da9ee787d70e752fa07dea553a43b643b8d8f460175c0746675205e20a7a98acfcac864d7c4cf5ab4c41c031738c76882acda003c5af47b1c4df8894a827a317935d970d4afaee17715c9cfd1883e8c345f19d1f89e229b8edba6b4f53b86d8da1c0f159afb83b6b33":"d90c9e26509bdba9b1dea8d2b94f2b1881d22c2bd756ad23cd61944710a1c1f2807170ed47a6870ae654e44757fcb3822ef28b37946cafc07284f8a0c22ae3552954f0d87b8d8c825bd546935b494cacb4262d9e2a88f254f200ad31367d8b3715afbabea5f34214ffedb14d7c84806022aba2dc8f88a314ffbb24017d1a9b9f":"2fc9de46":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"862dd5b362cfa556ca37e73cff7f4a0e":"81530a243655a60d22d9ab40d2520447":"":"":"3b9b2af54e610ed0b3dda96961dd8783":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"862dd5b362cfa556ca37e73cff7f4a0e":"81530a243655a60d22d9ab40d2520447":"":"":"3b9b2af54e610ed0b3dda96961dd8783":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3452b7bc100c334292e08343f139b9d0":"8f92739a30fe4ba24079f5d42753d6ac":"":"":"0eeca69f8b95e1a902cc3ab1aaa8e2af":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3452b7bc100c334292e08343f139b9d0":"8f92739a30fe4ba24079f5d42753d6ac":"":"":"0eeca69f8b95e1a902cc3ab1aaa8e2af":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"31a0cbaf21b943f8badc939e94eac7eb":"d5bb2c4eaec47088230972ae34fcda9c":"":"":"580e728512c8e44fbb3fe2c498e05323":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"31a0cbaf21b943f8badc939e94eac7eb":"d5bb2c4eaec47088230972ae34fcda9c":"":"":"580e728512c8e44fbb3fe2c498e05323":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9e8fca537746e7cbff97f1dcd40a3392":"43e9f2bf186b2af8cc022e7c7412d641":"":"":"4465a3f9d9751789bcef5c7c58cbc5":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9e8fca537746e7cbff97f1dcd40a3392":"43e9f2bf186b2af8cc022e7c7412d641":"":"":"4465a3f9d9751789bcef5c7c58cbc5":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"35b5854ca83792ad691dbda1a66790fb":"cff61cf9b32ea30cf7e3692aa6e74bed":"":"":"726793199df533dd9055b0ac7c939d":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"35b5854ca83792ad691dbda1a66790fb":"cff61cf9b32ea30cf7e3692aa6e74bed":"":"":"726793199df533dd9055b0ac7c939d":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"07259267c1c6a015437a5d8cfa92f9e6":"18b9cf2ad7ace6ec1c8366b72878cf20":"":"":"4340f6263f0ba2d82c2eb79cb0cc7e":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"07259267c1c6a015437a5d8cfa92f9e6":"18b9cf2ad7ace6ec1c8366b72878cf20":"":"":"4340f6263f0ba2d82c2eb79cb0cc7e":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fa1df8955aa3ef191900b06e7c1b7d46":"6928c138c98a4350c318fbdccd3f44ba":"":"":"7c89d9e77515d271b6ed54c9c4e3":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fa1df8955aa3ef191900b06e7c1b7d46":"6928c138c98a4350c318fbdccd3f44ba":"":"":"7c89d9e77515d271b6ed54c9c4e3":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c04200ce41ce77d772babb206315ec7d":"a885d58f0f38f9ff26d906fa1bfb12f4":"":"":"9ee0d025421f2bf18caf563953fb":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c04200ce41ce77d772babb206315ec7d":"a885d58f0f38f9ff26d906fa1bfb12f4":"":"":"9ee0d025421f2bf18caf563953fb":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"650df049461be341c3099bd1613dcead":"8a4ff6327b49d297248ce2d5bd38afa8":"":"":"13f067ef0d7b448d56e70d282fed":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"650df049461be341c3099bd1613dcead":"8a4ff6327b49d297248ce2d5bd38afa8":"":"":"13f067ef0d7b448d56e70d282fed":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ee61b5bf5060fcc637dc833926898508":"b2dcf21f9ffa4a883044d29f087f9b85":"":"":"9ab1d66666d4dea3cbb5982238":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ee61b5bf5060fcc637dc833926898508":"b2dcf21f9ffa4a883044d29f087f9b85":"":"":"9ab1d66666d4dea3cbb5982238":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"01cc56ca7e64db7fbef66236a5c49493":"8ea5b63004189792cc040ef18b37e550":"":"":"d685aeb54aa129a21bed17766e":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"01cc56ca7e64db7fbef66236a5c49493":"8ea5b63004189792cc040ef18b37e550":"":"":"d685aeb54aa129a21bed17766e":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"134dd72ac8e28ab46720c2f42284a303":"c6368e4c0ba0ec90fa7488af9997a4c7":"":"":"4ad9cdf19ff7d7fd7e273efced":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"134dd72ac8e28ab46720c2f42284a303":"c6368e4c0ba0ec90fa7488af9997a4c7":"":"":"4ad9cdf19ff7d7fd7e273efced":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"180c04b2bde6901edcda66085f73ecd9":"9193b206beade4cb036f01a9db187cb8":"":"":"530f5e9ed0879ccef3a7b360":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"180c04b2bde6901edcda66085f73ecd9":"9193b206beade4cb036f01a9db187cb8":"":"":"530f5e9ed0879ccef3a7b360":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aaac85742a55ffa07e98106d6d6b1004":"630cd8ab849253c4da95ac80324ecc28":"":"":"37911820c810e3700c3a9321":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aaac85742a55ffa07e98106d6d6b1004":"630cd8ab849253c4da95ac80324ecc28":"":"":"37911820c810e3700c3a9321":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ab663c4f8f2fdc7d5eabf6ef26169b4e":"86e6100669929e329a1d258cd3552dc9":"":"":"958d6141f7fb2b2dc7d851a6":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ab663c4f8f2fdc7d5eabf6ef26169b4e":"86e6100669929e329a1d258cd3552dc9":"":"":"958d6141f7fb2b2dc7d851a6":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd756d49fd25380c4026ea03cafc2da":"6a6f7e39b0d730ea1670e13d16c12c28":"":"":"872ef05a28da5ea1":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd756d49fd25380c4026ea03cafc2da":"6a6f7e39b0d730ea1670e13d16c12c28":"":"":"872ef05a28da5ea1":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"bd8a834b288bdc7578b6c6ab36f5d068":"aa77de0af5fa4dd1ed2ada5cb94813a0":"":"":"c5c094e83755f2b6":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"bd8a834b288bdc7578b6c6ab36f5d068":"aa77de0af5fa4dd1ed2ada5cb94813a0":"":"":"c5c094e83755f2b6":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"020d280dbd06939bbb5e6edc6f6d39c6":"09aea6f0e57598452719d6f63b6fe5a0":"":"":"05d6c56ba601e85b":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"020d280dbd06939bbb5e6edc6f6d39c6":"09aea6f0e57598452719d6f63b6fe5a0":"":"":"05d6c56ba601e85b":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e47f41a27a2722df293c1431badc0f90":"227c036fca03171a890806b9fa0c250d":"":"":"86c22189":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e47f41a27a2722df293c1431badc0f90":"227c036fca03171a890806b9fa0c250d":"":"":"86c22189":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9d3e112114b94e26e93d3855d4be26bd":"99b98525160c4bb2029da5553ff82b59":"":"":"33bee715":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9d3e112114b94e26e93d3855d4be26bd":"99b98525160c4bb2029da5553ff82b59":"":"":"33bee715":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,0,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5b4b7688588125349fbb66004a30d5d4":"b4ae363edb529d8b927c051cf21a2d9d":"":"":"6a920617":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5b4b7688588125349fbb66004a30d5d4":"b4ae363edb529d8b927c051cf21a2d9d":"":"":"6a920617":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4b6c5b8e21c32f36b0ae4ef3b75d5cd":"3d1036bf0000e6f1b77a799f2ef32dec":"1cf2b6cbe86a87b4b5bb3cc50024aeb27c48143658d47b41f2f20b87ed67bd6fc3b85a3a803f66d3576608f5d6ce6cad11e02fe12de5390722dccb8242e1dd140051bef51aa9716c860d45d45bca6effbb1a4797e6e7406a04db5d823766c0f011ebc28e9a8cd4446ec8a75ea8bdc1b2fdbb5cc364fa9877886e30404593df34":"":"a49725014c214ef7cc2d28b9b2b53da7":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4b6c5b8e21c32f36b0ae4ef3b75d5cd":"3d1036bf0000e6f1b77a799f2ef32dec":"1cf2b6cbe86a87b4b5bb3cc50024aeb27c48143658d47b41f2f20b87ed67bd6fc3b85a3a803f66d3576608f5d6ce6cad11e02fe12de5390722dccb8242e1dd140051bef51aa9716c860d45d45bca6effbb1a4797e6e7406a04db5d823766c0f011ebc28e9a8cd4446ec8a75ea8bdc1b2fdbb5cc364fa9877886e30404593df34":"":"a49725014c214ef7cc2d28b9b2b53da7":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"":"c53d01e53ee4a6ea106ea4a66538265e":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"":"c53d01e53ee4a6ea106ea4a66538265e":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0c88b191ce6e8e4a3941f7960b7eae5":"e2a899961c332c815685c553351fa519":"308bf10570af48d632911f3641dea60d78046211c01a63bb8e4e5cbddfff8841d2f2b11e18ccb2170805ef4cacf7804d64e0feef40731a1704907f33b77788c18ccf35b224ec3046a67664ac9a3481d2385b6ddeec6da4f32423f94ea9663a5c51cc388cef33744a8159b4fb654dfdb5092718bf926c824be31197f07f276b5f":"":"92604d37407aff33f8b677326cbb94fc":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0c88b191ce6e8e4a3941f7960b7eae5":"e2a899961c332c815685c553351fa519":"308bf10570af48d632911f3641dea60d78046211c01a63bb8e4e5cbddfff8841d2f2b11e18ccb2170805ef4cacf7804d64e0feef40731a1704907f33b77788c18ccf35b224ec3046a67664ac9a3481d2385b6ddeec6da4f32423f94ea9663a5c51cc388cef33744a8159b4fb654dfdb5092718bf926c824be31197f07f276b5f":"":"92604d37407aff33f8b677326cbb94fc":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c818dfa0885a09f65ef78712f5ce6609":"ca279284723530fdd68ae880e0ce775c":"2a562abdbb483ca5f355f9cc1c5e607bdd624a078a76b717ce0f8f35d0d4c54b629f372f15d20c848d01420c6af5a7040d42063704a17b46259dcc53723caf2d4bf556143ff9117c752fa4f22c9c155c99b7bf5949d089cdafd562165b9cbf53ff51cec21f49128c8a599718bbcdb4a5d705d20509c44c8945e2a133164b9942":"":"20e9a3a98d71d460743e1efaab13c6":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c818dfa0885a09f65ef78712f5ce6609":"ca279284723530fdd68ae880e0ce775c":"2a562abdbb483ca5f355f9cc1c5e607bdd624a078a76b717ce0f8f35d0d4c54b629f372f15d20c848d01420c6af5a7040d42063704a17b46259dcc53723caf2d4bf556143ff9117c752fa4f22c9c155c99b7bf5949d089cdafd562165b9cbf53ff51cec21f49128c8a599718bbcdb4a5d705d20509c44c8945e2a133164b9942":"":"20e9a3a98d71d460743e1efaab13c6":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2354c6b6afaa883e7ce91faca4981f8b":"604f2730c756c8c39a0527093bc2feb5":"959b4b0b9ce2e9120b327d2d090117553999ee10bdd384a546fc6de0957ef4b447daf07b3d07ef7dbc811f36b0fc09a175d26e4d1263cb5e21eda5ecab85d763807bb20b3cb6ac3f31d548dff00aae058d434ebcf6f7e3a37f11324134f453dd0ea7f51094863486426ff1706129a5a93c53d8c5ccb56cafa5881981fe233cb0":"":"3588c9aa769897dfa328549fbbd10a":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2354c6b6afaa883e7ce91faca4981f8b":"604f2730c756c8c39a0527093bc2feb5":"959b4b0b9ce2e9120b327d2d090117553999ee10bdd384a546fc6de0957ef4b447daf07b3d07ef7dbc811f36b0fc09a175d26e4d1263cb5e21eda5ecab85d763807bb20b3cb6ac3f31d548dff00aae058d434ebcf6f7e3a37f11324134f453dd0ea7f51094863486426ff1706129a5a93c53d8c5ccb56cafa5881981fe233cb0":"":"3588c9aa769897dfa328549fbbd10a":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0af48e6aebbb6ff5b7c92bd140b085f":"d210d6502a5221ac1274a9c7f5a81725":"d725311ca10eb4b4aa24e6dd19c5e72dc34fc1ff53feb25d924a9b7d8d72205790ca4b1275bd93ad60c27a5587a45659bca07c111e9748fb683a03465153ffd735b7d134b479674ab8596f0596496fe2090f623fd1e4dd730c5283d8b172db8a25df42d9b34f388ed32676a56b8ba03347e47379702654508ccd0a21ff03516e":"":"e6222f068a1e18f09ba6c771eabd86":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0af48e6aebbb6ff5b7c92bd140b085f":"d210d6502a5221ac1274a9c7f5a81725":"d725311ca10eb4b4aa24e6dd19c5e72dc34fc1ff53feb25d924a9b7d8d72205790ca4b1275bd93ad60c27a5587a45659bca07c111e9748fb683a03465153ffd735b7d134b479674ab8596f0596496fe2090f623fd1e4dd730c5283d8b172db8a25df42d9b34f388ed32676a56b8ba03347e47379702654508ccd0a21ff03516e":"":"e6222f068a1e18f09ba6c771eabd86":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a05fe482fe164b2eca7f6c3e377b39d8":"145327bcc10335fccb93afbf4b17e6e7":"ea6f2e93b5e1bf127d40440b8d6397405246b1b48eebe16964f18928f6b4b8ee2c36322d7126905c1a5b816996e340404b586edc2d77afac11a6c1266511f9eff1a320b035442d4078f8e42ca63cf26d12a971a7adf4645d1bd9a8e4d0a20722f7c2d529beaecc4033f7738075e1cdc6d8a929da5582540678935b82e7b7ba68":"":"3900bde9fa9ae2cbeee54d04f224":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a05fe482fe164b2eca7f6c3e377b39d8":"145327bcc10335fccb93afbf4b17e6e7":"ea6f2e93b5e1bf127d40440b8d6397405246b1b48eebe16964f18928f6b4b8ee2c36322d7126905c1a5b816996e340404b586edc2d77afac11a6c1266511f9eff1a320b035442d4078f8e42ca63cf26d12a971a7adf4645d1bd9a8e4d0a20722f7c2d529beaecc4033f7738075e1cdc6d8a929da5582540678935b82e7b7ba68":"":"3900bde9fa9ae2cbeee54d04f224":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dacbadf819eb16a63f6f091d13ed04d4":"b9ebce724b0dcb0989ac2d8e7ff8aaec":"7dc6e2189d8a96f3507e352e05e8fd1b4bab988c2f1c706115887119f63b78084f015d85f6b460901a02880103e4d36e8f6527dfd74e4a3acd3f578c0cc726b528875f701ff8b66e5c11b4689c346a098e123bebfa253362cb86829be73c2b85a6881fa976aa730fabb76775027feec7fd920a6c8965a4a509ea812d7c413a95":"":"8988fca83c8cfb1f8feefac46f04":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dacbadf819eb16a63f6f091d13ed04d4":"b9ebce724b0dcb0989ac2d8e7ff8aaec":"7dc6e2189d8a96f3507e352e05e8fd1b4bab988c2f1c706115887119f63b78084f015d85f6b460901a02880103e4d36e8f6527dfd74e4a3acd3f578c0cc726b528875f701ff8b66e5c11b4689c346a098e123bebfa253362cb86829be73c2b85a6881fa976aa730fabb76775027feec7fd920a6c8965a4a509ea812d7c413a95":"":"8988fca83c8cfb1f8feefac46f04":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"969244c7444f3f3bf193b28f8e8e96dc":"49b2845a1a1c87fa66eb8f78c05ac029":"1414a07e86d8b61d1eff43e1ff4ab42c1c95e159058b74c731e3007d21a5eb78bc17b7e920363a3974aeb8608813dc9a4655199b6703ed337450702d8ab16a89776831b2c7c811fec3acc23598a0aa01680a7bf42a4e258145beb08c9f0eacf2bb5f56d26bea3ad11e1a956a630b80f3d22bf35592b4704f7c464b08b06dd7f8":"":"a291c7527385f037f62e60fd8a96":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"969244c7444f3f3bf193b28f8e8e96dc":"49b2845a1a1c87fa66eb8f78c05ac029":"1414a07e86d8b61d1eff43e1ff4ab42c1c95e159058b74c731e3007d21a5eb78bc17b7e920363a3974aeb8608813dc9a4655199b6703ed337450702d8ab16a89776831b2c7c811fec3acc23598a0aa01680a7bf42a4e258145beb08c9f0eacf2bb5f56d26bea3ad11e1a956a630b80f3d22bf35592b4704f7c464b08b06dd7f8":"":"a291c7527385f037f62e60fd8a96":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"525abe490c8434802b69439c590a5290":"141f79f0501316e66451c41c7af0f0cd":"be440db66d3f81be467605a7b2805ec1df5e71e1b1b04bd7a4d05e912f5aa1912ba08de72df18613b32b7edf78963c48c80c25178b3b19262b85bb829f5377e0b368b500d6d3b442f54172d4ca4500eb5b4d478b602e5dc11d090539455087ce1e5b9ea74355fc06e9b60cbf25a9804d3f8c623fff130abc48bc2d8d116b8366":"":"038c7e95f790e6ca5ce73f9551":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"525abe490c8434802b69439c590a5290":"141f79f0501316e66451c41c7af0f0cd":"be440db66d3f81be467605a7b2805ec1df5e71e1b1b04bd7a4d05e912f5aa1912ba08de72df18613b32b7edf78963c48c80c25178b3b19262b85bb829f5377e0b368b500d6d3b442f54172d4ca4500eb5b4d478b602e5dc11d090539455087ce1e5b9ea74355fc06e9b60cbf25a9804d3f8c623fff130abc48bc2d8d116b8366":"":"038c7e95f790e6ca5ce73f9551":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"51644e025659de983f5c8156516b812e":"614837c743d0974e9cca497f13038c02":"60c5d062ade2c5c2dec68b734dd3e58ec474a586d1c4797fdfa2337800510134cb27a10d501927632af3c1febc275010c0d2e5abee630cd2bc792963fa82a42286ab047b934a261927311b40f5f953bfd661427921147cac7613d95ee86e16326ef67c1ed097e8fb87a78753d785de34e03a182232786079cb6be00182e41c9e":"":"77e3deba2c7f9386f85bc4a801":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"51644e025659de983f5c8156516b812e":"614837c743d0974e9cca497f13038c02":"60c5d062ade2c5c2dec68b734dd3e58ec474a586d1c4797fdfa2337800510134cb27a10d501927632af3c1febc275010c0d2e5abee630cd2bc792963fa82a42286ab047b934a261927311b40f5f953bfd661427921147cac7613d95ee86e16326ef67c1ed097e8fb87a78753d785de34e03a182232786079cb6be00182e41c9e":"":"77e3deba2c7f9386f85bc4a801":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08566ca7310302dfb84d76ea0525ba20":"5f20ec9c35c08aa7f1c0e8a20fdbd2b3":"5d84e32768b8d1e7e3c426b3118d48e35491bf1bb454b359c8429220216efd8826be94fe1919409a128ccd8125a594f1691c9421fc3dbbb3f757bf2355bb0d074ceec165eb70e26eb53fa2cb5d84dfae06babb557805ef7b8c61c1bc76137571bcc5e84bf5987dc49013831d78bd497ccc49cde7dca2cb75e7ab967da8c6ce81":"":"873f037fc05252a44dc76f8155":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08566ca7310302dfb84d76ea0525ba20":"5f20ec9c35c08aa7f1c0e8a20fdbd2b3":"5d84e32768b8d1e7e3c426b3118d48e35491bf1bb454b359c8429220216efd8826be94fe1919409a128ccd8125a594f1691c9421fc3dbbb3f757bf2355bb0d074ceec165eb70e26eb53fa2cb5d84dfae06babb557805ef7b8c61c1bc76137571bcc5e84bf5987dc49013831d78bd497ccc49cde7dca2cb75e7ab967da8c6ce81":"":"873f037fc05252a44dc76f8155":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfb54db96383fa911bf5b4fa1218ef9a":"7e849e24983f63f1194b396bbd2d55e0":"d3fb689c5818810dd104693f3306a10b27178444af26798a194f7c2ab31ff3a172904b951942b1a26c8ae5b5b1ee2d86dc78bb72a335fde350766d7d9aef6f549871dd46b04b2cc319fcdd47be437d431ad18cab82d51ca9fa57f4108a8de622a92f87d28c0349fab27757fd773413f559a8c00d30e258c1f6cd96f9759bd957":"":"dada7fc7fed58db462854ef6":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfb54db96383fa911bf5b4fa1218ef9a":"7e849e24983f63f1194b396bbd2d55e0":"d3fb689c5818810dd104693f3306a10b27178444af26798a194f7c2ab31ff3a172904b951942b1a26c8ae5b5b1ee2d86dc78bb72a335fde350766d7d9aef6f549871dd46b04b2cc319fcdd47be437d431ad18cab82d51ca9fa57f4108a8de622a92f87d28c0349fab27757fd773413f559a8c00d30e258c1f6cd96f9759bd957":"":"dada7fc7fed58db462854ef6":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"389cf888474e9403e5f4d0e22ffec439":"ef57794cf6fac9f9cea3e8499b53b1d6":"7ea7f7f4763ad208eb6199285b6b2819756c4e3caf2d0ac6f5076ae6785fecdcc4b138a51860ff8b87aaac3a18c2df778a4818308d458dba28f5017513e1454f60be20dae68736ea6d48b1f9deadb517df63140acbd329fbfbc9b82f3ca1862c9e998f0faff1d3ae60b005bf66829f5cf0c5fa03efbdd92d39351e3954be0257":"":"92726d90ad26130e65f2beb4":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"389cf888474e9403e5f4d0e22ffec439":"ef57794cf6fac9f9cea3e8499b53b1d6":"7ea7f7f4763ad208eb6199285b6b2819756c4e3caf2d0ac6f5076ae6785fecdcc4b138a51860ff8b87aaac3a18c2df778a4818308d458dba28f5017513e1454f60be20dae68736ea6d48b1f9deadb517df63140acbd329fbfbc9b82f3ca1862c9e998f0faff1d3ae60b005bf66829f5cf0c5fa03efbdd92d39351e3954be0257":"":"92726d90ad26130e65f2beb4":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e55abb2ca36c822bf2a030ac703cb8b4":"d86f7177e8ec90f9e9edf10175d5012d":"777a9d93091de56324c10712243f5541722e0b27e1f303fef6faa387a8666161ab354dbea6c43c82a24e8623bfec39aab13164add6be0dfd55d23204c0975b4ba6fbda51363befde482a9ccc1eb9f151e6ad59c77a1e24dd268389e4686f198a936dd603044a3fb653d63cff80597f5a2913c8a2ec1b7d9dce5728dd56c78c2c":"":"65025250343ed8c09b3fceed":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e55abb2ca36c822bf2a030ac703cb8b4":"d86f7177e8ec90f9e9edf10175d5012d":"777a9d93091de56324c10712243f5541722e0b27e1f303fef6faa387a8666161ab354dbea6c43c82a24e8623bfec39aab13164add6be0dfd55d23204c0975b4ba6fbda51363befde482a9ccc1eb9f151e6ad59c77a1e24dd268389e4686f198a936dd603044a3fb653d63cff80597f5a2913c8a2ec1b7d9dce5728dd56c78c2c":"":"65025250343ed8c09b3fceed":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"586114f3b1dc087e1b2739b28c592dfe":"ae5a38ddd455505284434a4bcfe81ef2":"531ff8c285e532d961f49bd210a5523cd9b19a697a3a3fb26db940a496f253862405b1e825daeda7eb0445c98022b8342c8f8ea20301618483f8ab04b6ebccd7e7fc57878fb544a5bf78fa896f50ac30126ff8afca8a86388666b64c643d16812729bfd7e5c03ba52f7e6ea4c6a685404f7bcbd956964417fa0ea9a6d7290c41":"":"467a815610faeb82":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"586114f3b1dc087e1b2739b28c592dfe":"ae5a38ddd455505284434a4bcfe81ef2":"531ff8c285e532d961f49bd210a5523cd9b19a697a3a3fb26db940a496f253862405b1e825daeda7eb0445c98022b8342c8f8ea20301618483f8ab04b6ebccd7e7fc57878fb544a5bf78fa896f50ac30126ff8afca8a86388666b64c643d16812729bfd7e5c03ba52f7e6ea4c6a685404f7bcbd956964417fa0ea9a6d7290c41":"":"467a815610faeb82":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cbfe806bddb7f06b3826b097550c68f5":"04c1b6c9fd2ab76fc2adfe15d3421bbb":"cfa86d02599652cb4ffff027b9c6ef2336dc9fe946f64fa5ce83f624e144563d4738381bc5371c3cb55cf41ceda07e62cb635ff37246bfa428785229c6e869d5df69d7949a8577889a29e3d05b788ddd43608d9c14e3f1b51ce2085b9a976fe843e3396a74922babe6797d5f01c37ead623b5b582505bcd29edf8a6ea36b0fc7":"":"0697ac372a9acafd":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cbfe806bddb7f06b3826b097550c68f5":"04c1b6c9fd2ab76fc2adfe15d3421bbb":"cfa86d02599652cb4ffff027b9c6ef2336dc9fe946f64fa5ce83f624e144563d4738381bc5371c3cb55cf41ceda07e62cb635ff37246bfa428785229c6e869d5df69d7949a8577889a29e3d05b788ddd43608d9c14e3f1b51ce2085b9a976fe843e3396a74922babe6797d5f01c37ead623b5b582505bcd29edf8a6ea36b0fc7":"":"0697ac372a9acafd":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"96ce3a095a91effdd91d616f1f02ddcd":"579d6633ec6687afa24ef874899b58e0":"3ff3c0038148ed391b6a10aad623a82fe9209c5ba74482f11506d597b5fc7af977235d8ee9e28cf2160346ddd0e33a5bd1fb67b87dad7167fdd4b2b4000d8460ef7b3e1b59b9d61d06cfbe7945379ed6b650de86f396a38cc70d47b8a349f067d00144c903c276b323be6a929a7d7dd8ae7d254d640cdc1176f98e01a1d8c82f":"":"55a0f61032e048f3":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"96ce3a095a91effdd91d616f1f02ddcd":"579d6633ec6687afa24ef874899b58e0":"3ff3c0038148ed391b6a10aad623a82fe9209c5ba74482f11506d597b5fc7af977235d8ee9e28cf2160346ddd0e33a5bd1fb67b87dad7167fdd4b2b4000d8460ef7b3e1b59b9d61d06cfbe7945379ed6b650de86f396a38cc70d47b8a349f067d00144c903c276b323be6a929a7d7dd8ae7d254d640cdc1176f98e01a1d8c82f":"":"55a0f61032e048f3":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"24ece168c2971cf2b404ea206dc9e29d":"e9db62a42491664a6c46cbb0b2bafc92":"3579f6c0cb3d2a5d0c4548855c7c052d36b6a8dfc60f4ca1b4bbe28ed87306119e71982dd84c4205ceba918d675472753df1b5192d3693dbf6a061c6056e312135ffc5ff426895a7e30f7f675d2cb21de06eea5e3761b94deef7537b985d324864c9ff6ab6e230a1006720f98c958912b604a6d03e3979887c07be3ceaafc78f":"":"d2b15a23":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"24ece168c2971cf2b404ea206dc9e29d":"e9db62a42491664a6c46cbb0b2bafc92":"3579f6c0cb3d2a5d0c4548855c7c052d36b6a8dfc60f4ca1b4bbe28ed87306119e71982dd84c4205ceba918d675472753df1b5192d3693dbf6a061c6056e312135ffc5ff426895a7e30f7f675d2cb21de06eea5e3761b94deef7537b985d324864c9ff6ab6e230a1006720f98c958912b604a6d03e3979887c07be3ceaafc78f":"":"d2b15a23":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d3c3cf993f6740a019e61ce13c29955c":"af900ac348082ff32d2e0ab886079516":"2ddd0e8c99661f0757f04aa79a1ffa24ad48fbe5da68b9e71f7a0cf1b4f2ca9b757695900b7549d48847ae49950dc9b270b1569d29dcbef412216737bd83509c17ae41c34ccda318939cb37a0a380762993a7568c0b07794e78746173dd5c0d921cd50de4b548c1589e142c3dadbad42161aaeda2310f3c6d5c722d9ac69e96d":"":"f2d3a6ff":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d3c3cf993f6740a019e61ce13c29955c":"af900ac348082ff32d2e0ab886079516":"2ddd0e8c99661f0757f04aa79a1ffa24ad48fbe5da68b9e71f7a0cf1b4f2ca9b757695900b7549d48847ae49950dc9b270b1569d29dcbef412216737bd83509c17ae41c34ccda318939cb37a0a380762993a7568c0b07794e78746173dd5c0d921cd50de4b548c1589e142c3dadbad42161aaeda2310f3c6d5c722d9ac69e96d":"":"f2d3a6ff":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,0,1024,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5f1e5bd45ee8bb207ebbd730510ff218":"8846424a194f5de858556e6be5b65d7f":"e968947fc0e49136e730b97f6b16e393d5e4fdf3e4803a23af79211ef59f29167c60ead72fd489da32d2ffa43b2bca2074f9d1b4f5396ca65004b0806cb7c6dfa751fb6afbee3e443f3c9b0e3df6722e0d1320441400c5ca508afb657c2b7f1669b0de21761dccab9a40fc513768bd1f552692626ce35078a2e0e12f5d930647":"":"0d6c15da":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5f1e5bd45ee8bb207ebbd730510ff218":"8846424a194f5de858556e6be5b65d7f":"e968947fc0e49136e730b97f6b16e393d5e4fdf3e4803a23af79211ef59f29167c60ead72fd489da32d2ffa43b2bca2074f9d1b4f5396ca65004b0806cb7c6dfa751fb6afbee3e443f3c9b0e3df6722e0d1320441400c5ca508afb657c2b7f1669b0de21761dccab9a40fc513768bd1f552692626ce35078a2e0e12f5d930647":"":"0d6c15da":"":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3997050377cfbb802cc438d973661688":"c95c84c263bdfd5f1de66e7e616cf3fb":"":"b02f0dd373e42c65e8e1db2dd76a432e0b2bf6e630c8aaf0d48af51b3709b175de9a19b3245ae75818274c771c06fae225c4f8b002236712336e805ab006449eb29cc5e29abd82b06c32d4c36ee99acb9a6d7d9eae6ec6ec263c002a22c4a898c74f6abd6d92112367ca7ffe82787c5b39e7012ba22825d3612af3d41e8008a8":"b35b3cf6ed59ccb69dbc9b47a3f284ae":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3997050377cfbb802cc438d973661688":"c95c84c263bdfd5f1de66e7e616cf3fb":"":"b02f0dd373e42c65e8e1db2dd76a432e0b2bf6e630c8aaf0d48af51b3709b175de9a19b3245ae75818274c771c06fae225c4f8b002236712336e805ab006449eb29cc5e29abd82b06c32d4c36ee99acb9a6d7d9eae6ec6ec263c002a22c4a898c74f6abd6d92112367ca7ffe82787c5b39e7012ba22825d3612af3d41e8008a8":"b35b3cf6ed59ccb69dbc9b47a3f284ae":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0bc2bde877e881aea512068105694968":"05f0c34ab2e8e8026b0a23719344b71f":"":"1a6369a45e8ef2846c42d54f92d0d140a94f9633432782dcbf094f1444a1d006acd07ef6076cd0faee226f9ff14adc1fb23e3c63ed818c9a743efbe16624981663e5a64f03f411dcd326e0c259bcadca3b3dd7660ed985c1b77f13a3b232a5934f8b54e46f8368c6e6eb75f933196fa973e7413e4b1442b9dee5e265b44255ed":"46bab9fc2dbe87b8f6ca0ed4d73e5368":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0bc2bde877e881aea512068105694968":"05f0c34ab2e8e8026b0a23719344b71f":"":"1a6369a45e8ef2846c42d54f92d0d140a94f9633432782dcbf094f1444a1d006acd07ef6076cd0faee226f9ff14adc1fb23e3c63ed818c9a743efbe16624981663e5a64f03f411dcd326e0c259bcadca3b3dd7660ed985c1b77f13a3b232a5934f8b54e46f8368c6e6eb75f933196fa973e7413e4b1442b9dee5e265b44255ed":"46bab9fc2dbe87b8f6ca0ed4d73e5368":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e14f45ba5d1eb52e0412240da5d7b5f9":"d7f8ef12f66f8b7c60aea02ef6ff688f":"":"9a85fda19ce923f093a0c25b0c52f5d9534828af7c7687d22307004ae2d10c4592242c0f2704070307ab55b137780d1e2013a19396ab43ff6a295b63fdcf323456d149758f9a2bb37f1418d62ea6368b24d5067b9c63d2968e06d6586c7e3275faffa005f7c7bfef51303e4c2b2ed4564acd17d50efac9f5e3e7f16ce589c39b":"beede05e4928c808bc660f3de95634":"":"4ad5b9ace0c0c7c07df2900faf37a902899471e7aa4a0a1ad5387f8f56d73f78f619be79a4e253f95b15d52895a05bae9ecffa916d35efacd8baf1c704d2aa4a38c234efc4dcfb191ec0fa0b522328fa5b5dff55e8c443fee660ebe3d8ad85de157a889aefc823720030a4cd6ba94a6309dd61806f0abb27772432018bc61701"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e14f45ba5d1eb52e0412240da5d7b5f9":"d7f8ef12f66f8b7c60aea02ef6ff688f":"":"9a85fda19ce923f093a0c25b0c52f5d9534828af7c7687d22307004ae2d10c4592242c0f2704070307ab55b137780d1e2013a19396ab43ff6a295b63fdcf323456d149758f9a2bb37f1418d62ea6368b24d5067b9c63d2968e06d6586c7e3275faffa005f7c7bfef51303e4c2b2ed4564acd17d50efac9f5e3e7f16ce589c39b":"beede05e4928c808bc660f3de95634":"":"4ad5b9ace0c0c7c07df2900faf37a902899471e7aa4a0a1ad5387f8f56d73f78f619be79a4e253f95b15d52895a05bae9ecffa916d35efacd8baf1c704d2aa4a38c234efc4dcfb191ec0fa0b522328fa5b5dff55e8c443fee660ebe3d8ad85de157a889aefc823720030a4cd6ba94a6309dd61806f0abb27772432018bc61701":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a64579f3601b0022d357b601cd876ab":"515efc6d036f95db7df56b1bbec0aff2":"":"88be1f4bc8c81b8a9d7abc073cb2751e209ab6b912c15dc094002f95a57a660b9f08b1b34f5947223205b579e704d70a9ecb54520ce3491e52965be643f729516f5cb018beeedc68a7d66c0d40a3f392ec7729c566ce1e9f964c4c0bd61b291ccb96e3d1fac18a401a302f3775697c71edb8ff5a8275a815eba9dd3b912e3759":"13ea92ba35fced366d1e47c97ca5c9":"":"7fc8565760c168d640f24896c69758355b17310dbc359f38b73fc7b57fe3f4b6ecad3f298be931c96a639df3c5744f7e932b32d222f5534efb8eb5d5b98d218dce3efef5c8c7ce65738bf63412d0a8ed209071218a6fa2f7be79b38d0b2f5b571ec73f1a91721bd409b1722b313683e97d53df19ded95fd471124fa5f294a4bb"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a64579f3601b0022d357b601cd876ab":"515efc6d036f95db7df56b1bbec0aff2":"":"88be1f4bc8c81b8a9d7abc073cb2751e209ab6b912c15dc094002f95a57a660b9f08b1b34f5947223205b579e704d70a9ecb54520ce3491e52965be643f729516f5cb018beeedc68a7d66c0d40a3f392ec7729c566ce1e9f964c4c0bd61b291ccb96e3d1fac18a401a302f3775697c71edb8ff5a8275a815eba9dd3b912e3759":"13ea92ba35fced366d1e47c97ca5c9":"":"7fc8565760c168d640f24896c69758355b17310dbc359f38b73fc7b57fe3f4b6ecad3f298be931c96a639df3c5744f7e932b32d222f5534efb8eb5d5b98d218dce3efef5c8c7ce65738bf63412d0a8ed209071218a6fa2f7be79b38d0b2f5b571ec73f1a91721bd409b1722b313683e97d53df19ded95fd471124fa5f294a4bb":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1bda4acfd10ab635f357935bb0ab7020":"48b77c587616ffaa449533a91230b449":"":"c9ac8d4ef7d83848fdc03664957c28b9b76710797d5db1c21e713e85eb0898892223e52be1644fc7362c95026ebb9c9ca74d7d3739eff10cab1eda00c36628dae0b98d119a14635800e37cd340faa6fbba9c3d41d52722cc3969612b1a8c5ca9a68773f5ee654506cb88ea65fb1eddf5ab6312d0170dc03324e483342448b854":"8325e4394c91719691145e68e56439":"":"1287ad3719508a9be70c19e3b134a2eaa4415d736c55922e9abcfd7f621ea07ffb9b78d8a9668c74bbd548b5e6519ea12609d2d6197c8bd3da9c13c46628f218e7ff81884ff7eb34664ab00f86e09cd623bec248d8898ef054fce8f718a0e0978e8b5d037709c524114ec37809ac3fd1604e223e08f594e7aa12097f7dc1850b"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1bda4acfd10ab635f357935bb0ab7020":"48b77c587616ffaa449533a91230b449":"":"c9ac8d4ef7d83848fdc03664957c28b9b76710797d5db1c21e713e85eb0898892223e52be1644fc7362c95026ebb9c9ca74d7d3739eff10cab1eda00c36628dae0b98d119a14635800e37cd340faa6fbba9c3d41d52722cc3969612b1a8c5ca9a68773f5ee654506cb88ea65fb1eddf5ab6312d0170dc03324e483342448b854":"8325e4394c91719691145e68e56439":"":"1287ad3719508a9be70c19e3b134a2eaa4415d736c55922e9abcfd7f621ea07ffb9b78d8a9668c74bbd548b5e6519ea12609d2d6197c8bd3da9c13c46628f218e7ff81884ff7eb34664ab00f86e09cd623bec248d8898ef054fce8f718a0e0978e8b5d037709c524114ec37809ac3fd1604e223e08f594e7aa12097f7dc1850b":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d21cf24bc5bd176b4b0fd4c8477bb70d":"208cb9dced20b18edddb91596e902124":"":"2e7108fd25c88b799263791940594ec80b26ccd53455c837b2e6cf4e27fcf9707af3f0fe311355e1b03ac3b5ee0af09fb6fb9f0311f8545d40a658119e6a87ba8ba72cc5fdb1386bc455c8fec51a7c0fec957bed4d6441180741197962d51b17c393b57553e53602f2a343a0871ea2dc4b1506663b2768ce271b89c4ed99eec6":"7edfb9daf8ca2babcc02537463e9":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d21cf24bc5bd176b4b0fd4c8477bb70d":"208cb9dced20b18edddb91596e902124":"":"2e7108fd25c88b799263791940594ec80b26ccd53455c837b2e6cf4e27fcf9707af3f0fe311355e1b03ac3b5ee0af09fb6fb9f0311f8545d40a658119e6a87ba8ba72cc5fdb1386bc455c8fec51a7c0fec957bed4d6441180741197962d51b17c393b57553e53602f2a343a0871ea2dc4b1506663b2768ce271b89c4ed99eec6":"7edfb9daf8ca2babcc02537463e9":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d02e2b02170986944487cba8448f998":"6336077bb83eff1c9ea715de99b372cd":"":"bc1d7553f4a28754cf59ed6f7a901901f04ce62a449db2b45ad60329d0341bb9ba421c783c28a9200b41da8ab6328d826293134a7d0c9a5775dd2735e7767efda4ad183566e0847d6d978abd1a8ab13b16b8323acef05ced3b571631e1e24ad44d65e6ffa64e03c9970e94bacb9f721aba06cda6a08806a3be63dddd8029301d":"0466bb2957281f64b59eafed3509":"":"5f395958f2f7acafb1bca6d3a6ec48b717f2ceeac1b77e1b0edc09a09e4a299d2ec722cc7daf34c8f4121a93c80b2adb20a2fc95afd09320f91085c93c8b082dd703814c9777501d23bf9b328f07f04652592dc5a3f4321626a695b8db8e65c8617c809eb2978d8c9a882ffa82a4bb707c1a8f9a965bdacce5c041bafc94a1c6"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d02e2b02170986944487cba8448f998":"6336077bb83eff1c9ea715de99b372cd":"":"bc1d7553f4a28754cf59ed6f7a901901f04ce62a449db2b45ad60329d0341bb9ba421c783c28a9200b41da8ab6328d826293134a7d0c9a5775dd2735e7767efda4ad183566e0847d6d978abd1a8ab13b16b8323acef05ced3b571631e1e24ad44d65e6ffa64e03c9970e94bacb9f721aba06cda6a08806a3be63dddd8029301d":"0466bb2957281f64b59eafed3509":"":"5f395958f2f7acafb1bca6d3a6ec48b717f2ceeac1b77e1b0edc09a09e4a299d2ec722cc7daf34c8f4121a93c80b2adb20a2fc95afd09320f91085c93c8b082dd703814c9777501d23bf9b328f07f04652592dc5a3f4321626a695b8db8e65c8617c809eb2978d8c9a882ffa82a4bb707c1a8f9a965bdacce5c041bafc94a1c6":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cd1ad1de0521d41645d13c97a18f4a20":"413873a0b063ad039da5513896233286":"":"588c2617517329f3e1e7ba6206a183dc9232e6a4fa8c8b89532d46235af1e542acaa7eae4d034f139b00449076ba2ef9a692cae422998878dabdac60993dce9880d280bec1419803ba937366e5285c4a7f31a5f232f8d3ef73efe7267b3ef82a02f97d320ebc9db6219fbdf1c7f611e8e5164e9ecf25b32f9c07dfa12aa705af":"d4dbe9cae116553b0cbe1984d176":"":"bd519b7e6921e6026784cd7b836c89bc1fa98e4013b41d2bf091ef0d602e44a70df89816c068d37f0c6377af46c8bfa73ec0d5bc0b61966f23e55a15a83cea49f37cc02213b4996f9353ee2b73a798b626e524b9c15937ecf98a4eded83fb62e6deea1de31e0a7f1d210f6d964bc3e69b269da834720fd33487874489b8932a8"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cd1ad1de0521d41645d13c97a18f4a20":"413873a0b063ad039da5513896233286":"":"588c2617517329f3e1e7ba6206a183dc9232e6a4fa8c8b89532d46235af1e542acaa7eae4d034f139b00449076ba2ef9a692cae422998878dabdac60993dce9880d280bec1419803ba937366e5285c4a7f31a5f232f8d3ef73efe7267b3ef82a02f97d320ebc9db6219fbdf1c7f611e8e5164e9ecf25b32f9c07dfa12aa705af":"d4dbe9cae116553b0cbe1984d176":"":"bd519b7e6921e6026784cd7b836c89bc1fa98e4013b41d2bf091ef0d602e44a70df89816c068d37f0c6377af46c8bfa73ec0d5bc0b61966f23e55a15a83cea49f37cc02213b4996f9353ee2b73a798b626e524b9c15937ecf98a4eded83fb62e6deea1de31e0a7f1d210f6d964bc3e69b269da834720fd33487874489b8932a8":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1cb120e9cd718b5119b4a58af0644eff":"5a7087989bfe2f6eddcb56fde4d72529":"":"4c8e8fb8c87ff6b994ae71bfbf0fa4529f03bad86edf9d27cf899ea93a32972640697e00546136c1dbc7e63662200951b6479c58ae26b1bd8c3b4f507c0d945d615183196868ec4f4865d1d00bb919a00184e9663f6cb9a7a0ddfc73ee2901f7a56ef2074d554f48cef254be558fca35651be405f91c39e0367762b4715d05fa":"95d8bd12af8a5ab677309df0fb":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1cb120e9cd718b5119b4a58af0644eff":"5a7087989bfe2f6eddcb56fde4d72529":"":"4c8e8fb8c87ff6b994ae71bfbf0fa4529f03bad86edf9d27cf899ea93a32972640697e00546136c1dbc7e63662200951b6479c58ae26b1bd8c3b4f507c0d945d615183196868ec4f4865d1d00bb919a00184e9663f6cb9a7a0ddfc73ee2901f7a56ef2074d554f48cef254be558fca35651be405f91c39e0367762b4715d05fa":"95d8bd12af8a5ab677309df0fb":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"315b206778c28ed0bfdd6e66088a5c39":"7ec6f47ec56dda5b52bbdaa6ad2eb6da":"":"6186f57a85b65f54efbf9974a193012b1396fc0ca887227e1865f1c915ac2af9bbd55969f7de57ce9fb87604cf11c7bc822b542f745be8a101877a810ed72bf4544d0acb91f0f9d3c30b6a18c48b82557433d0db930e03bcecc6fb53530bfd99ee89f9e154aa1a3e2a2c2a7a9e08c9aed1deab7fae8ea5a31158b50bca2f5e79":"930750c53effc7b84aa10b2276":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"315b206778c28ed0bfdd6e66088a5c39":"7ec6f47ec56dda5b52bbdaa6ad2eb6da":"":"6186f57a85b65f54efbf9974a193012b1396fc0ca887227e1865f1c915ac2af9bbd55969f7de57ce9fb87604cf11c7bc822b542f745be8a101877a810ed72bf4544d0acb91f0f9d3c30b6a18c48b82557433d0db930e03bcecc6fb53530bfd99ee89f9e154aa1a3e2a2c2a7a9e08c9aed1deab7fae8ea5a31158b50bca2f5e79":"930750c53effc7b84aa10b2276":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e886de1c907c97e7db8ec80a79df90f8":"612cacbf33266353d0a29a24532f3c0c":"":"c64cc9596d7c738746ab800f688eec190a4c802c55b2528931d74d294496892b81f53d3073d48f9bef1d58ce3be26547474cdda2868abeab71aff566fff613b4e5bfed1be1d2fff35d8ffa33302d3da1c82e421aa3a23848f31e26d90c0cb2ac2ae136ada73404ed3e0e1d3e7cb355a11cd2a4f9393b4d5eac988104fe1cf959":"76634e58d8f3a48f15875ac1d6":"":"7001d7395efb432e2804cc65c0ba5d4719ce84177ce46292c4fd62a5596bd2bab1d5c44217ac43235bd94489c43d01618a11f047d2e247062c3b88d6e59adaa1f46514fb33b7843483920bee60a41f3cb312322c305d25251b4704fb66da58637c95a9d539731434f60ef44fe3cd6d37e2c8e7089880a563938dcc98b43f08fd"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e886de1c907c97e7db8ec80a79df90f8":"612cacbf33266353d0a29a24532f3c0c":"":"c64cc9596d7c738746ab800f688eec190a4c802c55b2528931d74d294496892b81f53d3073d48f9bef1d58ce3be26547474cdda2868abeab71aff566fff613b4e5bfed1be1d2fff35d8ffa33302d3da1c82e421aa3a23848f31e26d90c0cb2ac2ae136ada73404ed3e0e1d3e7cb355a11cd2a4f9393b4d5eac988104fe1cf959":"76634e58d8f3a48f15875ac1d6":"":"7001d7395efb432e2804cc65c0ba5d4719ce84177ce46292c4fd62a5596bd2bab1d5c44217ac43235bd94489c43d01618a11f047d2e247062c3b88d6e59adaa1f46514fb33b7843483920bee60a41f3cb312322c305d25251b4704fb66da58637c95a9d539731434f60ef44fe3cd6d37e2c8e7089880a563938dcc98b43f08fd":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3b936e09a6477f3bd52030a29df5001d":"f93105be83fa5e315d73acfdcf578de7":"":"65cf11d1afad19b34f282f98f140315992392f5d4eed4265085b29e1e5553f4783fec681ba2d368486ba6a54c00e71c82c08ca3d097904f021ce4b0acba2d2a7005e28e5f8750ea3d18a4f78363c37583e85104234498942c639a0564b0d80055c21cb7735dd44348298291ab602f345b1d74d624750c0177fbd5cca6f99223b":"91b55bb5e3f3f1abcf335db5":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3b936e09a6477f3bd52030a29df5001d":"f93105be83fa5e315d73acfdcf578de7":"":"65cf11d1afad19b34f282f98f140315992392f5d4eed4265085b29e1e5553f4783fec681ba2d368486ba6a54c00e71c82c08ca3d097904f021ce4b0acba2d2a7005e28e5f8750ea3d18a4f78363c37583e85104234498942c639a0564b0d80055c21cb7735dd44348298291ab602f345b1d74d624750c0177fbd5cca6f99223b":"91b55bb5e3f3f1abcf335db5":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dc9e2095de7b1b48481b56bf6a3604cd":"9e5268db19a1b51c0496a160ca76f8f7":"":"ed61ff94a3f84c72147faefa615e2df00324fb01790cf9764c72c1b8ba47f17866a1fd64ee5c2f53865d1bc24ec93165a6774466a59603199ee476c1f2da7d932c8943d126aa172d532d8475a484d42bb45fcf92766feafd7f3e2e3d42d22f6f84a90e7e688232f799d80cd2cc152ddd21ecfb137701ecafcb2b65abe2e4e6f4":"0fa9588536fca71bb44260f7":"":"ef562e301fcf923ff1a1acd3aff9b1c963058228655fe8a66cab01396547dbd2aa1f79a22eefc62944b86d1a31ebe2d17130175b8c003d6755b0eb8b79895b0f7f8046c5ae888a067ba17bc8e11a8f6e5023a9cd42f6461966c28e505b371c0f72a2606bff430a58016e99713d25ce11f10391fb4a922e27989422c6a64f9107"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dc9e2095de7b1b48481b56bf6a3604cd":"9e5268db19a1b51c0496a160ca76f8f7":"":"ed61ff94a3f84c72147faefa615e2df00324fb01790cf9764c72c1b8ba47f17866a1fd64ee5c2f53865d1bc24ec93165a6774466a59603199ee476c1f2da7d932c8943d126aa172d532d8475a484d42bb45fcf92766feafd7f3e2e3d42d22f6f84a90e7e688232f799d80cd2cc152ddd21ecfb137701ecafcb2b65abe2e4e6f4":"0fa9588536fca71bb44260f7":"":"ef562e301fcf923ff1a1acd3aff9b1c963058228655fe8a66cab01396547dbd2aa1f79a22eefc62944b86d1a31ebe2d17130175b8c003d6755b0eb8b79895b0f7f8046c5ae888a067ba17bc8e11a8f6e5023a9cd42f6461966c28e505b371c0f72a2606bff430a58016e99713d25ce11f10391fb4a922e27989422c6a64f9107":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3f93901fd7cc88db3ba76a158d658c7b":"7e98de461e6d96c0ce6c8d8b3854cf49":"":"16402fded879fcbfe9405902aa63ca2a520889e0045f687455469b7bb867829a01208b8dc5dcc852d8ee478993c30e6d9ec6408773b367821310a0ae171d38d71e06981ff6e845acffbc794142b87c748e12484c0636419d79be3d798cde59e9dae0a4a4a4346596427e6b235ad52e6a1b02d6f4df0c7de35fc390cae36aef14":"86c9a70e4bab304ae46e6542":"":"1b4c09569b42c469b3ab6b39312c214502ec09f5fe2fed1d1933d13cdc6a7b77a5d135123fa69d9207d6844b0357b26b7a2f53b33a5cd218dacda87b78b09cf259e48e74076812c432e2d0833fb269721f9347c96e158500f9b2283342a35c8de0a022edce711118d72d8fbaa354bfb0ffee465844ef2d37e24ec2cea8556648"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3f93901fd7cc88db3ba76a158d658c7b":"7e98de461e6d96c0ce6c8d8b3854cf49":"":"16402fded879fcbfe9405902aa63ca2a520889e0045f687455469b7bb867829a01208b8dc5dcc852d8ee478993c30e6d9ec6408773b367821310a0ae171d38d71e06981ff6e845acffbc794142b87c748e12484c0636419d79be3d798cde59e9dae0a4a4a4346596427e6b235ad52e6a1b02d6f4df0c7de35fc390cae36aef14":"86c9a70e4bab304ae46e6542":"":"1b4c09569b42c469b3ab6b39312c214502ec09f5fe2fed1d1933d13cdc6a7b77a5d135123fa69d9207d6844b0357b26b7a2f53b33a5cd218dacda87b78b09cf259e48e74076812c432e2d0833fb269721f9347c96e158500f9b2283342a35c8de0a022edce711118d72d8fbaa354bfb0ffee465844ef2d37e24ec2cea8556648":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"42289f3d3cd5838e250ef54b128e60d1":"e557389a216ad724aafdab0180e1892e":"":"3edae1d554b67d2036f5fdbdb2945cc112f100adc1b47009c2e23f6a2eaee78d1f39ce8a98f715853cc29fc793fb6981ec3036834188dea7d668185ccc8642071b15de1332f6a59c8a9b4399733eb4b3d8f224af57ba6b4a8e64494bb6630b9d28e7ec3349064350febcef6a3ad1d6cca1b1da74f3d2921c2b28a2dd399c3416":"6f78bc809f31393e":"":"25c476659cc7b343a69088baf868a811ba37daca85c4093105bf98235a90aeca015ab034da008af0982f9b2e80df804c186a9b2e97f74cffd70ebb7771d874fcaf12f6d01c44a8b0ec2898cf4493cf09a16a88a65cd77909bbf0430c9603869bd5f20d56cb51d8a3f0a032fc30d925c96599d296b1ec41c2912bda426adea4fb"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"42289f3d3cd5838e250ef54b128e60d1":"e557389a216ad724aafdab0180e1892e":"":"3edae1d554b67d2036f5fdbdb2945cc112f100adc1b47009c2e23f6a2eaee78d1f39ce8a98f715853cc29fc793fb6981ec3036834188dea7d668185ccc8642071b15de1332f6a59c8a9b4399733eb4b3d8f224af57ba6b4a8e64494bb6630b9d28e7ec3349064350febcef6a3ad1d6cca1b1da74f3d2921c2b28a2dd399c3416":"6f78bc809f31393e":"":"25c476659cc7b343a69088baf868a811ba37daca85c4093105bf98235a90aeca015ab034da008af0982f9b2e80df804c186a9b2e97f74cffd70ebb7771d874fcaf12f6d01c44a8b0ec2898cf4493cf09a16a88a65cd77909bbf0430c9603869bd5f20d56cb51d8a3f0a032fc30d925c96599d296b1ec41c2912bda426adea4fb":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d772eabb7f19475665ca2a7e693bcfc":"0747cbb486a013453fde1ca6abb11dbe":"":"e9fc4d86f5b857fa6057b73f967351e06f87288c40a95b9e378c84f1a4c0f4b80ed0a0b44ff90a8973be4199c0c4006fc4f5ea19d5f1fe8b9c8c01f4675ab85afab0592bb3daba36bb4fc7ed9eea867e9d8cc50c19fb62a5a57956e9efacebac5e9f849649d35a329bd68de97bb6e5ff7bef477a86765c2c9ec15e24cbba5c6e":"8e761ffaea68f967":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d772eabb7f19475665ca2a7e693bcfc":"0747cbb486a013453fde1ca6abb11dbe":"":"e9fc4d86f5b857fa6057b73f967351e06f87288c40a95b9e378c84f1a4c0f4b80ed0a0b44ff90a8973be4199c0c4006fc4f5ea19d5f1fe8b9c8c01f4675ab85afab0592bb3daba36bb4fc7ed9eea867e9d8cc50c19fb62a5a57956e9efacebac5e9f849649d35a329bd68de97bb6e5ff7bef477a86765c2c9ec15e24cbba5c6e":"8e761ffaea68f967":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fb7fd753ee6eaaf283a42a121dab4e43":"8164929fb54485377ecccc9b9621af5e":"":"fd5cecb2c0287cb8229e97d9cc4b9885f428710528884ce663ed1728cd44cb2df93e56ef17ace0678d1e341366c652f4ba7ee45797d39be4a05c1151e5cde499e13e5d45549b5d95a174d03616d06ef96e9d7b2b6bb0d79a726b253dd64223a5f09611671b234ccf9b383952f8888814b2c167e774cfbf54e9c6b99a753f4fa9":"40a2fa7f4370afb2":"":"6208d068be60f7b04b80fc611062e6caaef9a5cf59f850d174b7446c78c039ea9aefe4885e19c2b33911d32ce1fe3c48ddffa4b03e450fd35da03f40c4e7c5bb3b1c3f3049dbfad3ac81ca1b79cafbaa172f4900e3829d38edea3b64000f93924a801259bc4b2523445c64bc23bfee190b952468507fa4baf6dc2bec66fcf0d8"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fb7fd753ee6eaaf283a42a121dab4e43":"8164929fb54485377ecccc9b9621af5e":"":"fd5cecb2c0287cb8229e97d9cc4b9885f428710528884ce663ed1728cd44cb2df93e56ef17ace0678d1e341366c652f4ba7ee45797d39be4a05c1151e5cde499e13e5d45549b5d95a174d03616d06ef96e9d7b2b6bb0d79a726b253dd64223a5f09611671b234ccf9b383952f8888814b2c167e774cfbf54e9c6b99a753f4fa9":"40a2fa7f4370afb2":"":"6208d068be60f7b04b80fc611062e6caaef9a5cf59f850d174b7446c78c039ea9aefe4885e19c2b33911d32ce1fe3c48ddffa4b03e450fd35da03f40c4e7c5bb3b1c3f3049dbfad3ac81ca1b79cafbaa172f4900e3829d38edea3b64000f93924a801259bc4b2523445c64bc23bfee190b952468507fa4baf6dc2bec66fcf0d8":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30d757fd73a0fd5fa49159ad0653296d":"b35b8df0aebd0608517f2830e0e70cd0":"":"17d485b258f80d8924e35291118cfdcffd86c47851b65f0b06a7c1f5202de82f3f460fc61b1aa38fdba7c8ded375c92cf005afe63e59d362c0960044af39241b81ca24e85c5faa43903229355b7313fee21b992ef3931d9d2407b32b3cf72dd7acbc7948395eb513cb2fd428b215ba2bd1e29c62f45d0ce231884f62480c6d8f":"954c0e99":"":"022618d2598f79104e918a09c937a82b3db59243b5e13de731fcb912e4366105797ce47f6dce7f08073f2f41e5c15fd6b1ec4b5861469a4880c3b0bd769b78c696ff29c28c9349d5a46a6e5ad9211bd4b708a8c0b6928ebbb0dac1c0a5f5ce6b05de6a50073128566a23f09cc1b826aa5803f9f750aa4debf59f24ae9f98c9b5"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30d757fd73a0fd5fa49159ad0653296d":"b35b8df0aebd0608517f2830e0e70cd0":"":"17d485b258f80d8924e35291118cfdcffd86c47851b65f0b06a7c1f5202de82f3f460fc61b1aa38fdba7c8ded375c92cf005afe63e59d362c0960044af39241b81ca24e85c5faa43903229355b7313fee21b992ef3931d9d2407b32b3cf72dd7acbc7948395eb513cb2fd428b215ba2bd1e29c62f45d0ce231884f62480c6d8f":"954c0e99":"":"022618d2598f79104e918a09c937a82b3db59243b5e13de731fcb912e4366105797ce47f6dce7f08073f2f41e5c15fd6b1ec4b5861469a4880c3b0bd769b78c696ff29c28c9349d5a46a6e5ad9211bd4b708a8c0b6928ebbb0dac1c0a5f5ce6b05de6a50073128566a23f09cc1b826aa5803f9f750aa4debf59f24ae9f98c9b5":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d9d3cfd5900de5d5e2109e7721cfeef6":"b4b9dfb013de6f7c44779e5a9daaf5e5":"":"e4243cc37cc32dfcedf9bb76890e706af6ab1e06b290b8ccfe2a55e5dabe68cb390f7636dc9676b431d4dc8ad3f6d989e510194294ab7ab0556789046743cf374d8b6462f5f95a17f3f44337d6c69ee47b0e1ad7e5ce6f9b224c54099a104e70d2d06af869b921ea47febe08f90c591ed49c1f12003afceabd2c7bba458a0111":"2b81e8ce":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d9d3cfd5900de5d5e2109e7721cfeef6":"b4b9dfb013de6f7c44779e5a9daaf5e5":"":"e4243cc37cc32dfcedf9bb76890e706af6ab1e06b290b8ccfe2a55e5dabe68cb390f7636dc9676b431d4dc8ad3f6d989e510194294ab7ab0556789046743cf374d8b6462f5f95a17f3f44337d6c69ee47b0e1ad7e5ce6f9b224c54099a104e70d2d06af869b921ea47febe08f90c591ed49c1f12003afceabd2c7bba458a0111":"2b81e8ce":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,0,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"68dc138f19354d73eaa1cf0e79231d74":"e7147749560f491420a2d893c075bb76":"":"ce345567a76bc30d8b4fd2239788221cfa75e1a310aeeeb8c355f8eea57d80967f3047fbd4e6173fac5caeb22151fa607065953c4c35e0537b9e3788cc80de9eedf2a340698bde99a6a1bdc81265319da3e52f7a53883b7f21749237fcfd3cd4f149bb2be7a4ddd9ef0544cfe0789040d1dc951b6447304942f03ab0beae8866":"70a83f6f":"":"64b021612c78b3e192e8349d48b77d02927e7fd70c7160d37cb8ef472f6bcd9df9d93431627c1c80875e208724ae05f94fdd2e005e9707b78a1bf3bbca7beec4b03ddd4d9de6235ffd6d84a8b9a1842e104c1e22df4566f6c4d3d4e3d96a56b9b8a5cdce9da70aa236109b289266036f285564060b204dfd7ac915eea0dd0b1e"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"68dc138f19354d73eaa1cf0e79231d74":"e7147749560f491420a2d893c075bb76":"":"ce345567a76bc30d8b4fd2239788221cfa75e1a310aeeeb8c355f8eea57d80967f3047fbd4e6173fac5caeb22151fa607065953c4c35e0537b9e3788cc80de9eedf2a340698bde99a6a1bdc81265319da3e52f7a53883b7f21749237fcfd3cd4f149bb2be7a4ddd9ef0544cfe0789040d1dc951b6447304942f03ab0beae8866":"70a83f6f":"":"64b021612c78b3e192e8349d48b77d02927e7fd70c7160d37cb8ef472f6bcd9df9d93431627c1c80875e208724ae05f94fdd2e005e9707b78a1bf3bbca7beec4b03ddd4d9de6235ffd6d84a8b9a1842e104c1e22df4566f6c4d3d4e3d96a56b9b8a5cdce9da70aa236109b289266036f285564060b204dfd7ac915eea0dd0b1e":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"7362c86344e0aefb0cf0d04768f9c05d":"7e8d12c2f0dcf4f792247134234ac94b":"86d2b5debc3b10495da353d6821f6cad380776d805bd8660b08dcdb1acd87026e4f344b547a4db47b5f44cded314bec4ce9a417ce40a2acd5a21460c42dfcd27483abf3f38dd8cc5fa523b6768a26513df5896435baa97781cff1966e2e3d6ec6d0a9cdc013de5a50e4d46831667055bad04f784024a82f9cd087ae4cd37dd64":"8baffc7836004deb87c0111d47c182512bf861874021ddfcd559acf2c4a51cf5bc4bfdee2d039b9c005b6af95a2607643dcf4d9cd9d62412f709334556db22fc91d7b40438505d6806ccb2f2c21ae731bc1f1c825d28a71ab27095a39985e96ccd07cfb2e75243ccafd474494a2338c324ef533ca5f17d2ac1b1883140342ced":"9594da428fd8c1b13ecb23afa2c1af2e":"":"e2c424f42aedd56f0e17a39d43ad19c8e2731efc7a25f077aef51d55280b10e667e338bd981b82a975ef62bf53bc52496b6995d33c90c7ae14767c126826e3f32bd23f444ddcfd7a0dd323b0ae2c22defad04ce63892b45c176bd0b86f5fa057a3dc371359744cb80bbfb4a195755136a0ea90b4044a45bc1b069f3cb3695c04"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"7362c86344e0aefb0cf0d04768f9c05d":"7e8d12c2f0dcf4f792247134234ac94b":"86d2b5debc3b10495da353d6821f6cad380776d805bd8660b08dcdb1acd87026e4f344b547a4db47b5f44cded314bec4ce9a417ce40a2acd5a21460c42dfcd27483abf3f38dd8cc5fa523b6768a26513df5896435baa97781cff1966e2e3d6ec6d0a9cdc013de5a50e4d46831667055bad04f784024a82f9cd087ae4cd37dd64":"8baffc7836004deb87c0111d47c182512bf861874021ddfcd559acf2c4a51cf5bc4bfdee2d039b9c005b6af95a2607643dcf4d9cd9d62412f709334556db22fc91d7b40438505d6806ccb2f2c21ae731bc1f1c825d28a71ab27095a39985e96ccd07cfb2e75243ccafd474494a2338c324ef533ca5f17d2ac1b1883140342ced":"9594da428fd8c1b13ecb23afa2c1af2e":"":"e2c424f42aedd56f0e17a39d43ad19c8e2731efc7a25f077aef51d55280b10e667e338bd981b82a975ef62bf53bc52496b6995d33c90c7ae14767c126826e3f32bd23f444ddcfd7a0dd323b0ae2c22defad04ce63892b45c176bd0b86f5fa057a3dc371359744cb80bbfb4a195755136a0ea90b4044a45bc1b069f3cb3695c04":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"58748bb204ccb7bdafdbf739b6c19a3e":"93ac298c73c88e127a4d9dd81bf24e3d":"8f168fc4d1da13bdbefae3f9d6ac1d8cb19fcec1f43f727951af0a466d8826649a46c3cb50c045ea83849fce0eedbc042a1a435e6d9d59017997a2d5459b940078b8a7f3b6b0ff279ff8c560248296a17240ff1b0643d1f436b6e3f2079363fc49fb45f410debbdde083b92057916368cb807d603cb82e2c0dc01658bff7f1ab":"b72902c9ebb72a86be539b19a52fd9af00aa4de081d90c0d8ad580ebb5900177a036f40a1e9b43e3a07d715466526d6d7544e5a5551805b62463f956cd519fc99182c2d54bd62fc7ffc6e5ebf1503859b706da11a1b6c707a67a70789dbfc10ef726bd360f9f2347326e068e757c8443ddc9308a171e682359ae1bfe87194ab5":"efba4589d4a03555766bbc3b421dd60f":"":"d5c97a659f016904ff76286f810e8e92da6f8db2c63d8a42e617760780637e32105503440cdf04d1fe67813312f1479fda8d746c8b0b080591eba83850382f600e9d8680516c6579669f0b3d0a30323510f9de1c92512790b8347751994d022156cae64da0808a649d163a0e99e869fdf224b7c1a6a8fbc613d5917eca8ee08c"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"58748bb204ccb7bdafdbf739b6c19a3e":"93ac298c73c88e127a4d9dd81bf24e3d":"8f168fc4d1da13bdbefae3f9d6ac1d8cb19fcec1f43f727951af0a466d8826649a46c3cb50c045ea83849fce0eedbc042a1a435e6d9d59017997a2d5459b940078b8a7f3b6b0ff279ff8c560248296a17240ff1b0643d1f436b6e3f2079363fc49fb45f410debbdde083b92057916368cb807d603cb82e2c0dc01658bff7f1ab":"b72902c9ebb72a86be539b19a52fd9af00aa4de081d90c0d8ad580ebb5900177a036f40a1e9b43e3a07d715466526d6d7544e5a5551805b62463f956cd519fc99182c2d54bd62fc7ffc6e5ebf1503859b706da11a1b6c707a67a70789dbfc10ef726bd360f9f2347326e068e757c8443ddc9308a171e682359ae1bfe87194ab5":"efba4589d4a03555766bbc3b421dd60f":"":"d5c97a659f016904ff76286f810e8e92da6f8db2c63d8a42e617760780637e32105503440cdf04d1fe67813312f1479fda8d746c8b0b080591eba83850382f600e9d8680516c6579669f0b3d0a30323510f9de1c92512790b8347751994d022156cae64da0808a649d163a0e99e869fdf224b7c1a6a8fbc613d5917eca8ee08c":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6cc13cbd62428bb8658dd3954fe9181f":"86740da7ce4efbed70af55e1d6c10fdf":"be561ac15e3cfda624b422af97c26719c140bb50e4a993d636efe9c7f1963fb9047a0762169b571a698ff310bc417e34d4039b7562a95af710ccc1b197964a376c986fd2ed8ac4b0c7b4e843c37a41366f2f483c821a1823f317416c7e4f32eed9b9dc2ae1a2f3ed32c4b3187358a2329aa42191b7c2fe87b6e27ff20303cb29":"2c9ec982d1cfb644ddbc53c0759b10493206d5186affc6882fbb2ba3aa430f9bae1209db2d78dcc125f3c909a54dd84fdff96c71e678216a58390ef4308bdd90f94f7109c4edefa76a74fda64b201b7a435bbabc27298f3eaa4c2d1393bd584f811fff52638f6ad2f6d86a8c3c9c030d9d4264c8c079592a36178d25991cff09":"76b990a1e010e5f088f6ae90bec40b32":"":"0b9a5f5d2e6852b75b9cf26c1b310b2200e56dafcf3c941478862cdf9737ac8e2cb9b38d41bd4a1872ea1b4cfd51a1a0b9b743aca439eefa10de8459a0a7a221c5429b3dee393f17031ca6c399df8e05657c3db55be9c9dd29e690042a4ed8db732efce7c58d6b20a2a0f7c79e42e5ada43b87ab00f481c20cac1b35514dcdc9"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6cc13cbd62428bb8658dd3954fe9181f":"86740da7ce4efbed70af55e1d6c10fdf":"be561ac15e3cfda624b422af97c26719c140bb50e4a993d636efe9c7f1963fb9047a0762169b571a698ff310bc417e34d4039b7562a95af710ccc1b197964a376c986fd2ed8ac4b0c7b4e843c37a41366f2f483c821a1823f317416c7e4f32eed9b9dc2ae1a2f3ed32c4b3187358a2329aa42191b7c2fe87b6e27ff20303cb29":"2c9ec982d1cfb644ddbc53c0759b10493206d5186affc6882fbb2ba3aa430f9bae1209db2d78dcc125f3c909a54dd84fdff96c71e678216a58390ef4308bdd90f94f7109c4edefa76a74fda64b201b7a435bbabc27298f3eaa4c2d1393bd584f811fff52638f6ad2f6d86a8c3c9c030d9d4264c8c079592a36178d25991cff09":"76b990a1e010e5f088f6ae90bec40b32":"":"0b9a5f5d2e6852b75b9cf26c1b310b2200e56dafcf3c941478862cdf9737ac8e2cb9b38d41bd4a1872ea1b4cfd51a1a0b9b743aca439eefa10de8459a0a7a221c5429b3dee393f17031ca6c399df8e05657c3db55be9c9dd29e690042a4ed8db732efce7c58d6b20a2a0f7c79e42e5ada43b87ab00f481c20cac1b35514dcdc9":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"286d3f5080cfe88538571188fbeb2dd5":"da6140bd4dc6456ddab19069e86efb35":"5d350a04562a605e9082ebd8faec6c27e561425849e7f0f05f5049859c2c1bd2c4682ebf9773fab6177d2601fd5a086cefc3adef5a2f8f6b5dc9e649e98dd0a3d1a2524419f01305bd0fcfff52d84a20d1b14dea2138dcc54eea2bf263c6fe27c3e7255f1f359d0d00fb1b350d7a04965af30027632520197e85eb41de6bb286":"55135928997711360622eda1820c815aa22115204b1e9bb567e231ac6ea2594b4d652627b6816bdc6c40a4411fd6b12fab9a1f169d81c476dbf77151bff13f98ca0d1dc0a68ea681652be089fadbc66c604284eebfc8ce4cf10f4ca6bda0e0f6634023db6e3f0f1de626c3249a28a642ecc9ec5ff401e941fa8a3c691566c0ae":"d90d34094d740214dd3de685010ce3":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"286d3f5080cfe88538571188fbeb2dd5":"da6140bd4dc6456ddab19069e86efb35":"5d350a04562a605e9082ebd8faec6c27e561425849e7f0f05f5049859c2c1bd2c4682ebf9773fab6177d2601fd5a086cefc3adef5a2f8f6b5dc9e649e98dd0a3d1a2524419f01305bd0fcfff52d84a20d1b14dea2138dcc54eea2bf263c6fe27c3e7255f1f359d0d00fb1b350d7a04965af30027632520197e85eb41de6bb286":"55135928997711360622eda1820c815aa22115204b1e9bb567e231ac6ea2594b4d652627b6816bdc6c40a4411fd6b12fab9a1f169d81c476dbf77151bff13f98ca0d1dc0a68ea681652be089fadbc66c604284eebfc8ce4cf10f4ca6bda0e0f6634023db6e3f0f1de626c3249a28a642ecc9ec5ff401e941fa8a3c691566c0ae":"d90d34094d740214dd3de685010ce3":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"726ae113a096769b657f973ea6d2d5dd":"2f9900226c97585d200dd20a279c154a":"761663c3fcbf1db12bc25546b2425b8229b3153e75f79fa63958819caee3febff74603d99264b5a82ef5980439bef89301ae3206a1d01a3bbd7a6c99d27d1e934cc725daeb483f826c2c9d788fd1f67a627864cf8b5f94df777bb59ef90cb6781a2000e6f0baa4f1ea4754b47bb7cbd2699f83634e4d8ab16b325b2c49f13499":"90636012ba8c51d16f8f6df3d3bcabc3f09aeffbe2a762f62e677913188045b861b2e7d9a7bd93dcee46e9e4832e497a6f79db52b4e45c8dab20fa568ff9c4ace55be3216f514a3284768a25d86b1c7da5377622f3e90ed4c7bd4571715af4d0a2ab5181d0475f699202e4406bb9cfdbd4fa7f22d0dd744d36b3223134658496":"d095bfb8990d4fd64752ee24f3de1e":"":"9f7759c6d24fd9aa0df02a7c0cc5f17e61622c63195f85dfafa5d820d3ad218c7288ec017821100f1fade10f9bb447a4a01e3698b045548c7619a08f2304e2818a9bf55e70b40f8b994b7dcf0cb243848cf3f6fdfec3ebbb147d01df84a3ec62cd8fa5d78ad9f2f28cd288a35eb49a5172339e9872e8e7e3350b0d69f59acd07"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"726ae113a096769b657f973ea6d2d5dd":"2f9900226c97585d200dd20a279c154a":"761663c3fcbf1db12bc25546b2425b8229b3153e75f79fa63958819caee3febff74603d99264b5a82ef5980439bef89301ae3206a1d01a3bbd7a6c99d27d1e934cc725daeb483f826c2c9d788fd1f67a627864cf8b5f94df777bb59ef90cb6781a2000e6f0baa4f1ea4754b47bb7cbd2699f83634e4d8ab16b325b2c49f13499":"90636012ba8c51d16f8f6df3d3bcabc3f09aeffbe2a762f62e677913188045b861b2e7d9a7bd93dcee46e9e4832e497a6f79db52b4e45c8dab20fa568ff9c4ace55be3216f514a3284768a25d86b1c7da5377622f3e90ed4c7bd4571715af4d0a2ab5181d0475f699202e4406bb9cfdbd4fa7f22d0dd744d36b3223134658496":"d095bfb8990d4fd64752ee24f3de1e":"":"9f7759c6d24fd9aa0df02a7c0cc5f17e61622c63195f85dfafa5d820d3ad218c7288ec017821100f1fade10f9bb447a4a01e3698b045548c7619a08f2304e2818a9bf55e70b40f8b994b7dcf0cb243848cf3f6fdfec3ebbb147d01df84a3ec62cd8fa5d78ad9f2f28cd288a35eb49a5172339e9872e8e7e3350b0d69f59acd07":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"73a9eeda721c6f292e6b399e2647f8a6":"c1e80eb723960049cc4448b66433f1cf":"fb2a0b1f817404e74aee0a6ec8f2cd86f0c9114ed367b2690c44ad80f9d3377d7fd5066beaf1daa739d27ed3fba98379188016b1fe901204a174f9ffca370c181aece5e5d40939a0d460913b40b895e78a3b80ddf3d613c05e4e27bfd161ea2ef42271a2679f2cdca5b728ffb2319781c946a4f3ecacf486b754b30bb04ea60b":"215fc7e52abe4c751ca2f7f9a5cbde9ab8b44b8d4054bb62dcea6df5b936145ca6ec83a2b78b070638fd6e5ea3bad5d0caf1b8f755f391c3e0962a92337e3eba575585eb83680075fc818860388c587746af78d5fc75ccd0a63f1612abb1ba0f04a2228ca27fbddba4878f9b2683683f516b6d6fe4f6622e603bd3c5ad45e332":"e08161262234d0d5be22f09e5646bf":"":"b5e286183f16dd9403bec6786bd4836cc6add47947ef111fb1d5503c18c333c8fe60959502f58390d0e0f69fbe5fee13c72aed65fe6e32f6ea45877fe44f8a556aa5157b112e572197c1c350b7943c6cf2e9146018599524d27599f09c86027f2c5927e4a20c63833870e8369baa36ecc07cdb3ced520b5ae46869ff357ca089"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"73a9eeda721c6f292e6b399e2647f8a6":"c1e80eb723960049cc4448b66433f1cf":"fb2a0b1f817404e74aee0a6ec8f2cd86f0c9114ed367b2690c44ad80f9d3377d7fd5066beaf1daa739d27ed3fba98379188016b1fe901204a174f9ffca370c181aece5e5d40939a0d460913b40b895e78a3b80ddf3d613c05e4e27bfd161ea2ef42271a2679f2cdca5b728ffb2319781c946a4f3ecacf486b754b30bb04ea60b":"215fc7e52abe4c751ca2f7f9a5cbde9ab8b44b8d4054bb62dcea6df5b936145ca6ec83a2b78b070638fd6e5ea3bad5d0caf1b8f755f391c3e0962a92337e3eba575585eb83680075fc818860388c587746af78d5fc75ccd0a63f1612abb1ba0f04a2228ca27fbddba4878f9b2683683f516b6d6fe4f6622e603bd3c5ad45e332":"e08161262234d0d5be22f09e5646bf":"":"b5e286183f16dd9403bec6786bd4836cc6add47947ef111fb1d5503c18c333c8fe60959502f58390d0e0f69fbe5fee13c72aed65fe6e32f6ea45877fe44f8a556aa5157b112e572197c1c350b7943c6cf2e9146018599524d27599f09c86027f2c5927e4a20c63833870e8369baa36ecc07cdb3ced520b5ae46869ff357ca089":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90dbda7397d8fc46215a1218a6ffd0d8":"7be477d14df5dc15877ae537b62e1a56":"7358ddf1310a58871a2f76705f1cf64223c015c4d1574104d2e38783bb866205042f05c86e76c47a2516ce284911f1d2cbee079982dd77167e328b8324eec47c9244cc5668cf908c679bb586d4dd32c6c99ed99a6b571cf18b00689463e7a88cea6ea32d288301a10a9139ed6092ffe298e25b8cfb6b4be8217f16076dcd0a90":"4f82a1eca6c9184240f50f7e0cfec07ec772cad5276d93043c462d8364addd9a652eed385ccc6b0faa6ca679ab3a4c3d0be6a759425fd38316ee6a1b1b0c52c1bb3b57a9bd7c8a3be95c82f37800c2e3b42dde031851937398811f8f8dc2a15bfd2d6be99a572d56f536e62bc5b041d3944da666081cd755ec347f464214bf33":"776d871944159c51b2f5ec1980a6":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90dbda7397d8fc46215a1218a6ffd0d8":"7be477d14df5dc15877ae537b62e1a56":"7358ddf1310a58871a2f76705f1cf64223c015c4d1574104d2e38783bb866205042f05c86e76c47a2516ce284911f1d2cbee079982dd77167e328b8324eec47c9244cc5668cf908c679bb586d4dd32c6c99ed99a6b571cf18b00689463e7a88cea6ea32d288301a10a9139ed6092ffe298e25b8cfb6b4be8217f16076dcd0a90":"4f82a1eca6c9184240f50f7e0cfec07ec772cad5276d93043c462d8364addd9a652eed385ccc6b0faa6ca679ab3a4c3d0be6a759425fd38316ee6a1b1b0c52c1bb3b57a9bd7c8a3be95c82f37800c2e3b42dde031851937398811f8f8dc2a15bfd2d6be99a572d56f536e62bc5b041d3944da666081cd755ec347f464214bf33":"776d871944159c51b2f5ec1980a6":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0c85174d428fc1c7c89ca5d1b8aaba25":"b3c9dfa4c55388a128fbf62aa5927361":"3f552d45b61cf05ae2aa92668e89f3338a15ec7c5b7113b6571cfcd9e4c4a962043ccd9323f828dd645e8a91b007ce2112b7f978ad22ee9821698a4f2559d987ae4421452ad2e8d180953297156426d4540aff2104d8637b56b034a3a1823cf962bffbc465fe6148097975a8821ca7487e6e6c7ff4ee4de899fe67345676bb1c":"3735cbfb8000260021d1938d2a18e7737f378ecddb11a46ce387bf04e20bbfcc902457637fd152ab87017185601f32a7f906057123b6c2da31a1069c93e3cacc59a359aebd3e31b302e1a1f7d5d8f1b2917a8fe79181fa633b925ce03a1198dac48f4c959076b55bc6b3d50188af2c6aa33d83698aa8db22649f39825ba54775":"1e7dec83830183d56f443a16471d":"":"3d98cabca4afb7c1f6b8eeed521f4666ae252ac12d17ebf4a710b9a22d839b69458387ba4bbec2f6400e0cff80fbe4682c24efcd3b8c594d9b515ca7842c9d5988c42b59b6526c29a99256451e2927f5b956ef262f97c733dfa8bff73644473b9a8562bdfca748f4733ddce94a60024dfbfcde62fb3cbd7c3d955012d5338b91"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0c85174d428fc1c7c89ca5d1b8aaba25":"b3c9dfa4c55388a128fbf62aa5927361":"3f552d45b61cf05ae2aa92668e89f3338a15ec7c5b7113b6571cfcd9e4c4a962043ccd9323f828dd645e8a91b007ce2112b7f978ad22ee9821698a4f2559d987ae4421452ad2e8d180953297156426d4540aff2104d8637b56b034a3a1823cf962bffbc465fe6148097975a8821ca7487e6e6c7ff4ee4de899fe67345676bb1c":"3735cbfb8000260021d1938d2a18e7737f378ecddb11a46ce387bf04e20bbfcc902457637fd152ab87017185601f32a7f906057123b6c2da31a1069c93e3cacc59a359aebd3e31b302e1a1f7d5d8f1b2917a8fe79181fa633b925ce03a1198dac48f4c959076b55bc6b3d50188af2c6aa33d83698aa8db22649f39825ba54775":"1e7dec83830183d56f443a16471d":"":"3d98cabca4afb7c1f6b8eeed521f4666ae252ac12d17ebf4a710b9a22d839b69458387ba4bbec2f6400e0cff80fbe4682c24efcd3b8c594d9b515ca7842c9d5988c42b59b6526c29a99256451e2927f5b956ef262f97c733dfa8bff73644473b9a8562bdfca748f4733ddce94a60024dfbfcde62fb3cbd7c3d955012d5338b91":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d89f06eb07744d43d44734faf9751d07":"185f8d033713ee629e93561cf8d5acb8":"743bcb671d0aa1c547b5448d64d7c6b290777625ba28f25ca0fbf1fc66495a2fde0648a8db51039b0e7340d993aef8afb48269e660cb599837d1e46f72727762d887ee84c073d6136d1b0bc7d4c78f5673a4a6b73375937e8d54a47304845f38ca6b4f51cf14136a0826016535dc5ed003e38c3ac362b9d58ba8b555a05a1412":"36cc3b2f563305208a03378f7dc036119f7de3fee77cefac06515853d36609a622382ed026c59783fbc0d9910767874c516e10c7bf3e3d104f73b3463c8d93a63418c76cb0d05e62e9c8642cb4f32caced2620912cb6c79e5110a27d5fba1ef3b4d0578077858526c5e4254365f2b2ab47a45df4af08980b3b7a9b66dff5b38c":"fcad48076eb03ebe85c6d64f6357":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d89f06eb07744d43d44734faf9751d07":"185f8d033713ee629e93561cf8d5acb8":"743bcb671d0aa1c547b5448d64d7c6b290777625ba28f25ca0fbf1fc66495a2fde0648a8db51039b0e7340d993aef8afb48269e660cb599837d1e46f72727762d887ee84c073d6136d1b0bc7d4c78f5673a4a6b73375937e8d54a47304845f38ca6b4f51cf14136a0826016535dc5ed003e38c3ac362b9d58ba8b555a05a1412":"36cc3b2f563305208a03378f7dc036119f7de3fee77cefac06515853d36609a622382ed026c59783fbc0d9910767874c516e10c7bf3e3d104f73b3463c8d93a63418c76cb0d05e62e9c8642cb4f32caced2620912cb6c79e5110a27d5fba1ef3b4d0578077858526c5e4254365f2b2ab47a45df4af08980b3b7a9b66dff5b38c":"fcad48076eb03ebe85c6d64f6357":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6150f14dc53f391e815acfabed9f9e20":"7e92dd558bd2662c3a539dfe21a352cf":"9b4624e9118e6aa5dc65b69856638f77fd3f9f562046f50ba92a64e988258637932af7979f000505b84a71ff5dd7b60bad62586b1a8837a61c15a1a1ba7f06668272c28169915d7f06297b6c2a96c8c44203a422bfd25500c82e11274ffe07706365bfd3da34af4c4dd8ad7b620de7284a5af729bea9c4ed2631bdcba2ebdb7d":"fd8f337017e1b60d6618e6e4ad37c1f230cdeb78891579c2c63d4e6a4f7d2cb7252e99de333c73db45958808c08e91359c885a7385ab6f9ed98a27927a5b83c3a456ce2e01869712675e527155ba1e339ac14a3ccd7a4b87360902f2b8381308fe5a4eac5c90d0b84da4bf5b907de6ff3139cffd23b49a78750006100183032a":"922a7b48ad5bf61e6d70751cfe":"":"f272a3ee9b981f97785cc6fad350e516d72d402dae0d8a531c064ec64598b2a5760f9b279c10aa1ff71bec07300ab0373187138e7a103fc4130105afa6b6346f3d368b40d6f542375de97878ad4d976d64c5c4968a17be2b1757a17c03100231c34721250cd37cc596678764083ade89ae3b1a2151ff9151edcd7ba0eb8a4649"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6150f14dc53f391e815acfabed9f9e20":"7e92dd558bd2662c3a539dfe21a352cf":"9b4624e9118e6aa5dc65b69856638f77fd3f9f562046f50ba92a64e988258637932af7979f000505b84a71ff5dd7b60bad62586b1a8837a61c15a1a1ba7f06668272c28169915d7f06297b6c2a96c8c44203a422bfd25500c82e11274ffe07706365bfd3da34af4c4dd8ad7b620de7284a5af729bea9c4ed2631bdcba2ebdb7d":"fd8f337017e1b60d6618e6e4ad37c1f230cdeb78891579c2c63d4e6a4f7d2cb7252e99de333c73db45958808c08e91359c885a7385ab6f9ed98a27927a5b83c3a456ce2e01869712675e527155ba1e339ac14a3ccd7a4b87360902f2b8381308fe5a4eac5c90d0b84da4bf5b907de6ff3139cffd23b49a78750006100183032a":"922a7b48ad5bf61e6d70751cfe":"":"f272a3ee9b981f97785cc6fad350e516d72d402dae0d8a531c064ec64598b2a5760f9b279c10aa1ff71bec07300ab0373187138e7a103fc4130105afa6b6346f3d368b40d6f542375de97878ad4d976d64c5c4968a17be2b1757a17c03100231c34721250cd37cc596678764083ade89ae3b1a2151ff9151edcd7ba0eb8a4649":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3e8216072ed6fcde0fe0f636b27ed718":"23a122cf363c3117b8c663388c760ee4":"28ce0b4a44fa83323e060f3ff6436b8829d4f842090296bdc952b6d4a6b1b1a66be06168c63c4643e6ac186f7ffd8d144f603b2d4bc0d65be48121676f9fa1f359029c512bebfd75075ff357bc55f20fc76d9f2477c9930f16408f9f09c5ae86efa2529d2f1449ceeb635b83ca13662860ef9ac04a3d8ab4605eccd2d9ae5a71":"3b50f2a8dca9f70178503d861d9e37f5edfafc80ee023bfed390a477372986e4794175ec22ac038c3461aba50c9b2379cab48512946efdfe2cb9c12a858b373a5309324f410e6a05e88ba892759dbee6e486dc9665f66cb5950ea7e71317fa94abbebd67a3948746a998173fbbb4f14f9effbdf66d3b6e346053496a4b1934ce":"531a65cc5dfeca671cc64078d1":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3e8216072ed6fcde0fe0f636b27ed718":"23a122cf363c3117b8c663388c760ee4":"28ce0b4a44fa83323e060f3ff6436b8829d4f842090296bdc952b6d4a6b1b1a66be06168c63c4643e6ac186f7ffd8d144f603b2d4bc0d65be48121676f9fa1f359029c512bebfd75075ff357bc55f20fc76d9f2477c9930f16408f9f09c5ae86efa2529d2f1449ceeb635b83ca13662860ef9ac04a3d8ab4605eccd2d9ae5a71":"3b50f2a8dca9f70178503d861d9e37f5edfafc80ee023bfed390a477372986e4794175ec22ac038c3461aba50c9b2379cab48512946efdfe2cb9c12a858b373a5309324f410e6a05e88ba892759dbee6e486dc9665f66cb5950ea7e71317fa94abbebd67a3948746a998173fbbb4f14f9effbdf66d3b6e346053496a4b1934ce":"531a65cc5dfeca671cc64078d1":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1af434b73a1210b08595ffa686079832":"ae318f3cb881d1680f6afbf6713a9a2f":"3763c9241be0d9d9a9e46e64b12e107d16cca267ff87844c2325af910cc9a485c7015d95bbe62398864d079fb2b577ba0cfad923c24fa30691ad7d767d651eed4a33d0be8f06fed43f58b2e0bb04959f10b9e8e73bd80d3a6a8c8ce637bfbdb9d02c2b0a3dd8317c4997822031a35d34b3b61819b425c10c64e839b29874ddfb":"13f6c1c2d4edcf1438a7b4e85bcd1c84a989831a64d205e7854fce8817ddfceab67d10506ccf6ed9ce50080ef809e28e46cba7b0c96be6a811f59cd09cb3b7b3fe5073ee6763f40aee61e3e65356093f97deef5a8721d995e71db27a51f60a50e34ac3348852c445188cfc64337455f317f87535d465c6f96006f4079396eba3":"2ae7350dd3d1909a73f8d64255":"":"3cd2a770300ce4c85740666640936a0fe48888788702fc37e7a8296adb40b862ec799f257a16821adaa7315bd31e8dec60e4a8faeb8ba2ee606340f0219a6440e9c1d3168425e58fac02e8a88865f30649913d988353ab81f42a5ad43f960055f0877acda20f493208c2c40754fbf4ccee040975aa358ea3fe62cbd028c1611a"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1af434b73a1210b08595ffa686079832":"ae318f3cb881d1680f6afbf6713a9a2f":"3763c9241be0d9d9a9e46e64b12e107d16cca267ff87844c2325af910cc9a485c7015d95bbe62398864d079fb2b577ba0cfad923c24fa30691ad7d767d651eed4a33d0be8f06fed43f58b2e0bb04959f10b9e8e73bd80d3a6a8c8ce637bfbdb9d02c2b0a3dd8317c4997822031a35d34b3b61819b425c10c64e839b29874ddfb":"13f6c1c2d4edcf1438a7b4e85bcd1c84a989831a64d205e7854fce8817ddfceab67d10506ccf6ed9ce50080ef809e28e46cba7b0c96be6a811f59cd09cb3b7b3fe5073ee6763f40aee61e3e65356093f97deef5a8721d995e71db27a51f60a50e34ac3348852c445188cfc64337455f317f87535d465c6f96006f4079396eba3":"2ae7350dd3d1909a73f8d64255":"":"3cd2a770300ce4c85740666640936a0fe48888788702fc37e7a8296adb40b862ec799f257a16821adaa7315bd31e8dec60e4a8faeb8ba2ee606340f0219a6440e9c1d3168425e58fac02e8a88865f30649913d988353ab81f42a5ad43f960055f0877acda20f493208c2c40754fbf4ccee040975aa358ea3fe62cbd028c1611a":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"04036d2f5273c6ff5b8364aa595359c9":"edc433c381140dff929d9df9f62f4cb6":"404acfeeea342aeea8c8b7449af9e20ddf5b85dc7770d2144a4dd05959613d04d0cfece5a21cbb1a9175ddc9443ffacd2085332eb4c337a12a7bb294c95960e7c0bde4b8ab30a91e50267bbd0b8d2a4ed381409ea2e4c84f9a2070a793ce3c90ea8a4b140651b452674f85d5b76d0055df115608bf3a3c60996108023ebabe65":"acf79b6099490af938fb5fd8913255b3daa22786b03356cdf3e0ffaf570f9f866047b8e15c9953f893d97e7098265297396868ebc383be8547e8ec9d974b6a65b5dc5147cdadef2e2ad96696e84e44f364c2ba18c8aabe21f99489957b2b5484bf3fb4fecaf5ddaa1d373e910059c978918a3d01b955de2adb475914bf2c2067":"71f818f1a2b789fabbda8ec1":"":"4729cb642304de928b9dca32bb3d7b7836dd3973bbccf3f013c8ff4b59eca56f5d34d1b8f030a7b581b2f8fdc1e22b76a4cbc10095559876736d318d6c96c5c64cbd9fbd1d8eb4df38a2d56640d67d490d03acc1cd32d3f377eb1907bbd600f21d740b578080ba9c6ddc7dc6c50cdcee41fec51499cb944713c0961fc64f5a70"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"04036d2f5273c6ff5b8364aa595359c9":"edc433c381140dff929d9df9f62f4cb6":"404acfeeea342aeea8c8b7449af9e20ddf5b85dc7770d2144a4dd05959613d04d0cfece5a21cbb1a9175ddc9443ffacd2085332eb4c337a12a7bb294c95960e7c0bde4b8ab30a91e50267bbd0b8d2a4ed381409ea2e4c84f9a2070a793ce3c90ea8a4b140651b452674f85d5b76d0055df115608bf3a3c60996108023ebabe65":"acf79b6099490af938fb5fd8913255b3daa22786b03356cdf3e0ffaf570f9f866047b8e15c9953f893d97e7098265297396868ebc383be8547e8ec9d974b6a65b5dc5147cdadef2e2ad96696e84e44f364c2ba18c8aabe21f99489957b2b5484bf3fb4fecaf5ddaa1d373e910059c978918a3d01b955de2adb475914bf2c2067":"71f818f1a2b789fabbda8ec1":"":"4729cb642304de928b9dca32bb3d7b7836dd3973bbccf3f013c8ff4b59eca56f5d34d1b8f030a7b581b2f8fdc1e22b76a4cbc10095559876736d318d6c96c5c64cbd9fbd1d8eb4df38a2d56640d67d490d03acc1cd32d3f377eb1907bbd600f21d740b578080ba9c6ddc7dc6c50cdcee41fec51499cb944713c0961fc64f5a70":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"59fe44c6e28d025b2ad05e6e867051ab":"eb0c30320029433f66d29b3fd5c6563b":"49b7418b87374b462d25309b1c06e3132a3c8f4a4fcf29fed58e0902509426be712639db21c076df7b83dcfcc2c2c8fcc88576f4622a4366eb42f84ebf760e3eb22b14f8b5ff83f06a6f04a924eaab05b912e126e80da22461abf7f1925fd72ebdf2aea335a044726e7c2ebbb2b8aeebab4f7de5e186b50f275b700794d895d8":"20e66bae1215de9a87a0b878d39015d17e0d4542a1aaba2000cefbd5f892c26a410f55f0d7dc2f6b66690f2997032985e5516e068bfc6ec8a3669f566e280b0cefded519023b735ee3bcbfc5b6ce8203b727933a750f9bd515ec448c1f3a030aa0f40e607727a3239ebbe655d46b38a3d867e481ccf0fadbf0d59b665d2ed6b5":"296c4cdaeb94beb2847dc53d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"59fe44c6e28d025b2ad05e6e867051ab":"eb0c30320029433f66d29b3fd5c6563b":"49b7418b87374b462d25309b1c06e3132a3c8f4a4fcf29fed58e0902509426be712639db21c076df7b83dcfcc2c2c8fcc88576f4622a4366eb42f84ebf760e3eb22b14f8b5ff83f06a6f04a924eaab05b912e126e80da22461abf7f1925fd72ebdf2aea335a044726e7c2ebbb2b8aeebab4f7de5e186b50f275b700794d895d8":"20e66bae1215de9a87a0b878d39015d17e0d4542a1aaba2000cefbd5f892c26a410f55f0d7dc2f6b66690f2997032985e5516e068bfc6ec8a3669f566e280b0cefded519023b735ee3bcbfc5b6ce8203b727933a750f9bd515ec448c1f3a030aa0f40e607727a3239ebbe655d46b38a3d867e481ccf0fadbf0d59b665d2ed6b5":"296c4cdaeb94beb2847dc53d":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c314264cee0e6db30ebe9b2f6d4991b2":"4cd4431bb6dea8eb18ae74e4c35a6698":"0eeafbfd04f9a0ea18e5bdc688c7df27183f346187e9574b61222006f2b3e12e8d9d9bf1f0f15949ee1a7ee8e5c80ee903b8ba2860e15ccb999929f280200b159c2adca481748d0632a7b40601c45055f8cb5126148e6cbab2c76f543537ab54eb276188343cea3c4ab0d7b65b8754e55cfe3f6a5c41b6ea3c08b81fcecc968a":"d436ff9abfb044a332c4e009b591719a67b12a5366da0a66edf19605c34daa37588e15dd3da0d1a097215e469439de79cca74e04cd4904e5b4a6cb4e0ea54e6ba4e624ed6bd48be32d1ef68ffea1639a14e91a5914c2346ea526df95cbd4ad1b8ee842da210b35b6315c3075ecc267d51643c4b39202d0ad793cbb0045ebdc19":"fda18d2f795d900f057fe872":"":"cb9e0fb0ac13ca730b79e34745584b362d0716c344e4de90d8352b21117471ba12c97f193150b33774baee5e4a0f11b10428eaf0106c958e16aa46c5f6f3d99eed93d1b9ba3957bed05a8b9cc8c5511cf813a66dc7d773cb735b0523d8d6b0b80639b031ddc375f714c6dd50055320cd7ed44a471c8d5645c938a9005d0b5050"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c314264cee0e6db30ebe9b2f6d4991b2":"4cd4431bb6dea8eb18ae74e4c35a6698":"0eeafbfd04f9a0ea18e5bdc688c7df27183f346187e9574b61222006f2b3e12e8d9d9bf1f0f15949ee1a7ee8e5c80ee903b8ba2860e15ccb999929f280200b159c2adca481748d0632a7b40601c45055f8cb5126148e6cbab2c76f543537ab54eb276188343cea3c4ab0d7b65b8754e55cfe3f6a5c41b6ea3c08b81fcecc968a":"d436ff9abfb044a332c4e009b591719a67b12a5366da0a66edf19605c34daa37588e15dd3da0d1a097215e469439de79cca74e04cd4904e5b4a6cb4e0ea54e6ba4e624ed6bd48be32d1ef68ffea1639a14e91a5914c2346ea526df95cbd4ad1b8ee842da210b35b6315c3075ecc267d51643c4b39202d0ad793cbb0045ebdc19":"fda18d2f795d900f057fe872":"":"cb9e0fb0ac13ca730b79e34745584b362d0716c344e4de90d8352b21117471ba12c97f193150b33774baee5e4a0f11b10428eaf0106c958e16aa46c5f6f3d99eed93d1b9ba3957bed05a8b9cc8c5511cf813a66dc7d773cb735b0523d8d6b0b80639b031ddc375f714c6dd50055320cd7ed44a471c8d5645c938a9005d0b5050":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"26072018bd0bda524b5beb66a622c63e":"c783d6d3b8392160e3b68038b43cf1f4":"8ae7c809a9dc40a6732a7384e3c64abb359c1b09dcb752e5a6b584873e3890230c6fc572b9ad24d849766f849c73f060fc48f664c1af9e6707e223691b77e170966ed164e0cc25ede3fbc3541c480f75b71e7be88fe730d8b361ea2733c6f37e6a59621de6004e020894b51dfb525973d641efe8d5fd9077a0bbc9dc7933a5de":"91c524b359dae3bc49117eebfa610672af1e7754054607317d4c417e7b1a68453f72d355468f825aeb7fde044b20049aed196ec6646cce1eeeccf06cb394286272b573220cdb846613ebc4683442dccc7a19ec86ef1ec971c115726584ae1f4008f94e47d1290d8b6b7a932cfe07165fd2b94e8f96d15f73bf72939c73f4bd11":"edffe55c60235556":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"26072018bd0bda524b5beb66a622c63e":"c783d6d3b8392160e3b68038b43cf1f4":"8ae7c809a9dc40a6732a7384e3c64abb359c1b09dcb752e5a6b584873e3890230c6fc572b9ad24d849766f849c73f060fc48f664c1af9e6707e223691b77e170966ed164e0cc25ede3fbc3541c480f75b71e7be88fe730d8b361ea2733c6f37e6a59621de6004e020894b51dfb525973d641efe8d5fd9077a0bbc9dc7933a5de":"91c524b359dae3bc49117eebfa610672af1e7754054607317d4c417e7b1a68453f72d355468f825aeb7fde044b20049aed196ec6646cce1eeeccf06cb394286272b573220cdb846613ebc4683442dccc7a19ec86ef1ec971c115726584ae1f4008f94e47d1290d8b6b7a932cfe07165fd2b94e8f96d15f73bf72939c73f4bd11":"edffe55c60235556":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"201751d3da98bd39ff4e5990a56cfea7":"6172468634bf4e5dda96f67d433062d7":"ae2d770f40706e1eaa36e087b0093ec11ed58afbde4695794745e7523be0a1e4e54daade393f68ba770956d1cfb267b083431851d713249ffe4b61227f1784769ce8c9127f54271526d54181513aca69dc013b2dfb4a5277f4798b1ff674bca79b3dec4a7a27fcf2905ae0ce03f727c315662cd906e57aa557d1023cce2acd84":"2965af0bde3565a00e61cebbfe0b51b5b5ee98dbbfff7b1b5bf61da5ba537e6f4cf5fa07d2b20e518232c4961e6bc3ae247b797429da5d7eee2fc675b07066ac2e670261c6e9a91d920c7076101d86d5ef422b58e74bdc1e0b1d58298d3ee0f510ee3a3f63a3bbc24a55be556e465c20525dd100e33815c2a128ac89574884c1":"66c247e5ad4e1d6a":"":"efd064d4b4ef4c37b48ddf2fa6f5facc5e9cc4c3255b23a1e3765fabb5a339fa0eda754a5381b72989fc1323ff9a6bbaecd904eb4835e5a511b922927574673061ed8de23299ea1456054e7ebb62869878c34fb95e48c8385b5ebceecb962654cf1586b3f54e7887ce31850363e9a22be9e6fbc22e694db81aa055490495dbf2"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"201751d3da98bd39ff4e5990a56cfea7":"6172468634bf4e5dda96f67d433062d7":"ae2d770f40706e1eaa36e087b0093ec11ed58afbde4695794745e7523be0a1e4e54daade393f68ba770956d1cfb267b083431851d713249ffe4b61227f1784769ce8c9127f54271526d54181513aca69dc013b2dfb4a5277f4798b1ff674bca79b3dec4a7a27fcf2905ae0ce03f727c315662cd906e57aa557d1023cce2acd84":"2965af0bde3565a00e61cebbfe0b51b5b5ee98dbbfff7b1b5bf61da5ba537e6f4cf5fa07d2b20e518232c4961e6bc3ae247b797429da5d7eee2fc675b07066ac2e670261c6e9a91d920c7076101d86d5ef422b58e74bdc1e0b1d58298d3ee0f510ee3a3f63a3bbc24a55be556e465c20525dd100e33815c2a128ac89574884c1":"66c247e5ad4e1d6a":"":"efd064d4b4ef4c37b48ddf2fa6f5facc5e9cc4c3255b23a1e3765fabb5a339fa0eda754a5381b72989fc1323ff9a6bbaecd904eb4835e5a511b922927574673061ed8de23299ea1456054e7ebb62869878c34fb95e48c8385b5ebceecb962654cf1586b3f54e7887ce31850363e9a22be9e6fbc22e694db81aa055490495dbf2":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3bc0dcb5261a641a08e6cb00d23e4deb":"16fa19f69fceed9e97173207158755a5":"92ddd3b98f08fc8538f6106f6434a1efa0a7441cc7f6fd0841103c2e4dd181ea0c9a4811b3cb1bad1986a44d8addabc02dd6980daf7d60405b38dadc836bb1d0620ceab84e0134aca7c30f9f9490436b27acfd7052f9d7f0379b8e7116571017add46b9976f4b41431d47bae6f5f34dc42410793bc26c84bfe84fb53ae138c85":"d533ad89a1a578db330c01b4e04d08238b020e36aebe87cf2b0bf0b01f1ce4197be8b0596e475a95946918152e8b334ba89f60486c31f0bd8773ca4ff1319fe92197088b131e728d64405441c4fb5466641f0b8682e6cb371f8a8936140b16677f6def8b3dd9cbf47a73f553f1dca4320ad76f387e92f910f9434543f0df0626":"f5289e1204ace3b2":"":"be0c30deeffbe51706247928132002b24d29272eee6b9d618483868e67280236632fa1ae06f3ef793f67bd01b1b01f70a827367c1cd28f778910457c7cbd977dfefff1f84a522247e19b2fd01fa22ce67cef9503d45c80a5084741f04108f2462b7cdd06a8f1f044fea2b05e920bcc061fbc6910175d732f45102a63c76ae48c"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3bc0dcb5261a641a08e6cb00d23e4deb":"16fa19f69fceed9e97173207158755a5":"92ddd3b98f08fc8538f6106f6434a1efa0a7441cc7f6fd0841103c2e4dd181ea0c9a4811b3cb1bad1986a44d8addabc02dd6980daf7d60405b38dadc836bb1d0620ceab84e0134aca7c30f9f9490436b27acfd7052f9d7f0379b8e7116571017add46b9976f4b41431d47bae6f5f34dc42410793bc26c84bfe84fb53ae138c85":"d533ad89a1a578db330c01b4e04d08238b020e36aebe87cf2b0bf0b01f1ce4197be8b0596e475a95946918152e8b334ba89f60486c31f0bd8773ca4ff1319fe92197088b131e728d64405441c4fb5466641f0b8682e6cb371f8a8936140b16677f6def8b3dd9cbf47a73f553f1dca4320ad76f387e92f910f9434543f0df0626":"f5289e1204ace3b2":"":"be0c30deeffbe51706247928132002b24d29272eee6b9d618483868e67280236632fa1ae06f3ef793f67bd01b1b01f70a827367c1cd28f778910457c7cbd977dfefff1f84a522247e19b2fd01fa22ce67cef9503d45c80a5084741f04108f2462b7cdd06a8f1f044fea2b05e920bcc061fbc6910175d732f45102a63c76ae48c":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"239c15492d6deec979e79236baca4635":"916b8b5417578fa83d2e9e9b8e2e7f6b":"b39eb732bc296c555cc9f00cf4caaf37d012329f344a6b74a873baf0d8dde9631f5e57b45b957d6aec0f7978e573dd78b43d459b77756037cd64d10d49966eb3a2a08d0f4d5e4f5dcb8713f4e4756acdf9925c5fc6120c477f6dffc59b0b47a3d5efd32b8c9052b321bb9b5129e5c6a095d8de563601b34608456f58d7221f2d":"d64886ce5f5b4adb7fe8f95904bc1461749c931655b02819ffdd0ae31bad4175125aa68962f8e36ec834a7d53a191a74c937e81ec93ad9ce0d3b286d3c11ff1733c0b7780130768c120b1833933561cf07399ca49b912370ae34f0e49b9c8cb9920eddc6816ab2ae261c6d7f70058a9b83a494026f249e58c4c613eefafe6974":"fc08cbbe":"":"95c169721ea007c3f292e4ec7562a426d9baa7d374fd82e1e48d1eaca93d891d5ffa9acf5e3bd82e713ac627141e26a8b654920baffab948401cc3c390d6eea9d7b78c4fcb080b0aa9222e4d51bf201ccfd9328995831435e065d92ad37ee41c7c4366cc1efe15c07fc0470608866aeea96997772ecf926934c5d02efe05f250"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"239c15492d6deec979e79236baca4635":"916b8b5417578fa83d2e9e9b8e2e7f6b":"b39eb732bc296c555cc9f00cf4caaf37d012329f344a6b74a873baf0d8dde9631f5e57b45b957d6aec0f7978e573dd78b43d459b77756037cd64d10d49966eb3a2a08d0f4d5e4f5dcb8713f4e4756acdf9925c5fc6120c477f6dffc59b0b47a3d5efd32b8c9052b321bb9b5129e5c6a095d8de563601b34608456f58d7221f2d":"d64886ce5f5b4adb7fe8f95904bc1461749c931655b02819ffdd0ae31bad4175125aa68962f8e36ec834a7d53a191a74c937e81ec93ad9ce0d3b286d3c11ff1733c0b7780130768c120b1833933561cf07399ca49b912370ae34f0e49b9c8cb9920eddc6816ab2ae261c6d7f70058a9b83a494026f249e58c4c613eefafe6974":"fc08cbbe":"":"95c169721ea007c3f292e4ec7562a426d9baa7d374fd82e1e48d1eaca93d891d5ffa9acf5e3bd82e713ac627141e26a8b654920baffab948401cc3c390d6eea9d7b78c4fcb080b0aa9222e4d51bf201ccfd9328995831435e065d92ad37ee41c7c4366cc1efe15c07fc0470608866aeea96997772ecf926934c5d02efe05f250":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"db68a96e216b0dd9945f14b878487e03":"8a1a72e7bb740ec37ea4619c3007f8ae":"1b4f37190a59a4fff41d348798d1829031204fd7ac2a1be7b5ea385567e95e2ace25bf9e324488dd3ab8ce7f29d4c9a4f4b1a8a97f774871ee825e2c17700128d3c55908d3b684a1f550fdb8b38149ff759c21debdd54e49d64d3e8aac803dfd81600464ed484749bb993f89d4224b3d7d55c756b454466ff9fd609019ed5e83":"5634196a32d4cbfa7a2f874a1e0f86287d2942090e0cc6a82bd5caf40136a27ddf524a17713ce4af04ca6cb640a7205cce4ac9cb2d0ab380d533e1e968089ea5740c0fcbfa51f2424008e0b89dc7b3396b224cfaed53b3ac0604879983d3e6e6d36053de4866f52976890f72b8f4b9505e4ebdd04c0497048c3ce19336133ea4":"9251d3e3":"":"0c6bb3ee5de5cbb4b39d85d509bcacb3dda63fa50897936531339882962e8dc54c285c8944768d12096d4a3c2b42ffa92603cee2da9b435ec52908fca6d38ed74f898fe0ffa761f96038ff7dfeccc65bb841c3457b8de1e97d9bee82e2911602ee2dc555b33a227424dea86d610d37c447776295b412b412903ad2cede5170b6"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"db68a96e216b0dd9945f14b878487e03":"8a1a72e7bb740ec37ea4619c3007f8ae":"1b4f37190a59a4fff41d348798d1829031204fd7ac2a1be7b5ea385567e95e2ace25bf9e324488dd3ab8ce7f29d4c9a4f4b1a8a97f774871ee825e2c17700128d3c55908d3b684a1f550fdb8b38149ff759c21debdd54e49d64d3e8aac803dfd81600464ed484749bb993f89d4224b3d7d55c756b454466ff9fd609019ed5e83":"5634196a32d4cbfa7a2f874a1e0f86287d2942090e0cc6a82bd5caf40136a27ddf524a17713ce4af04ca6cb640a7205cce4ac9cb2d0ab380d533e1e968089ea5740c0fcbfa51f2424008e0b89dc7b3396b224cfaed53b3ac0604879983d3e6e6d36053de4866f52976890f72b8f4b9505e4ebdd04c0497048c3ce19336133ea4":"9251d3e3":"":"0c6bb3ee5de5cbb4b39d85d509bcacb3dda63fa50897936531339882962e8dc54c285c8944768d12096d4a3c2b42ffa92603cee2da9b435ec52908fca6d38ed74f898fe0ffa761f96038ff7dfeccc65bb841c3457b8de1e97d9bee82e2911602ee2dc555b33a227424dea86d610d37c447776295b412b412903ad2cede5170b6":0
 
 AES-GCM NIST Validation (AES-128,128,1024,1024,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"659b9e729d12f68b73fdc2f7260ab114":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"8e5a6a79":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"659b9e729d12f68b73fdc2f7260ab114":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"8e5a6a79":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"4f801c772395c4519ec830980c8ca5a4":"":"":"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"4f801c772395c4519ec830980c8ca5a4":"":"":"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"335ca01a07081fea4e605eb5f23a778e":"":"":"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"335ca01a07081fea4e605eb5f23a778e":"":"":"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"d9172c3344d37ff93d2dcb2170ea5d01":"":"":"017fef05260a496654896d4703db3888":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"d9172c3344d37ff93d2dcb2170ea5d01":"":"":"017fef05260a496654896d4703db3888":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"f47e915163fa3df7f6c15b9d69f53907":"":"":"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"f47e915163fa3df7f6c15b9d69f53907":"":"":"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"a35b397b34a14a8e24d05a37be4d1822":"":"":"e045ecba220d22c80826b77a21b013":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"a35b397b34a14a8e24d05a37be4d1822":"":"":"e045ecba220d22c80826b77a21b013":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"169a449ccb3eb29805b15304d603b132":"":"":"3a807251f3d6242849a69972b14f6d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"169a449ccb3eb29805b15304d603b132":"":"":"3a807251f3d6242849a69972b14f6d":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"538641f7d1cc5c68715971cee607da73":"":"":"07d68fffe417adc3397706d73b95":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"538641f7d1cc5c68715971cee607da73":"":"":"07d68fffe417adc3397706d73b95":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"0d8eb78032d83c676820b2ef5ccc2cc8":"":"":"7da181563b26c7aefeb29e71cc69":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"0d8eb78032d83c676820b2ef5ccc2cc8":"":"":"7da181563b26c7aefeb29e71cc69":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"646a91d83ae72b9b9e9fce64135cbf73":"":"":"169e717e2bae42e3eb61d0a1a29b":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"646a91d83ae72b9b9e9fce64135cbf73":"":"":"169e717e2bae42e3eb61d0a1a29b":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"55e10d5e9b438b02505d30f211b16fea":"":"":"95c0a4ea9e80f91a4acce500f7":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"55e10d5e9b438b02505d30f211b16fea":"":"":"95c0a4ea9e80f91a4acce500f7":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"e25ef162a4295d7d24de75a673172346":"":"":"89ea4d1f34edb716b322ea7f6f":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"e25ef162a4295d7d24de75a673172346":"":"":"89ea4d1f34edb716b322ea7f6f":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"08ea464baac54469b0498419d83820e6":"":"":"ab064a8d380fe2cda38e61f9e1":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"08ea464baac54469b0498419d83820e6":"":"":"ab064a8d380fe2cda38e61f9e1":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"766996fb67ace9e6a22d7f802455d4ef":"":"":"9a641be173dc3557ea015372":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"766996fb67ace9e6a22d7f802455d4ef":"":"":"9a641be173dc3557ea015372":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"75cdb8b83017f3dc5ac8733016ab47c7":"":"":"81e3a5580234d8e0b2204bc3":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"75cdb8b83017f3dc5ac8733016ab47c7":"":"":"81e3a5580234d8e0b2204bc3":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"cfbefe265583ab3a2285e8080141ba48":"":"":"355a43bcebbe7f72b6cd27ea":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"cfbefe265583ab3a2285e8080141ba48":"":"":"355a43bcebbe7f72b6cd27ea":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":"":"34b8e037084b3f2d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":"":"34b8e037084b3f2d":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"118d0283294d4084127cce4b0cd5b5fa":"":"":"507a361d8ac59882":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"118d0283294d4084127cce4b0cd5b5fa":"":"":"507a361d8ac59882":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"b78d518b6c41a9e031a00b10fb178327":"":"":"f401d546c8b739ff":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"b78d518b6c41a9e031a00b10fb178327":"":"":"f401d546c8b739ff":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"14eb280288740d464e3b8f296c642daa":"":"":"39e64d7a":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"14eb280288740d464e3b8f296c642daa":"":"":"39e64d7a":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"f54bf4aac8fb631c8b6ff5e96465fae6":"":"":"1ec1c1a1":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"f54bf4aac8fb631c8b6ff5e96465fae6":"":"":"1ec1c1a1":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"75532d15e582e6c477b411e727d4171e":"":"":"76a0e017":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"75532d15e582e6c477b411e727d4171e":"":"":"76a0e017":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":"":"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":"":"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":"":"04b80f25ae9d07f5fd8220263ac3f2f7":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":"":"04b80f25ae9d07f5fd8220263ac3f2f7":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":"":"d22407fd3ae1921d1b380461d2e60210":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":"":"d22407fd3ae1921d1b380461d2e60210":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":"":"fcbb932ddb0128df78a71971c52838":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":"":"fcbb932ddb0128df78a71971c52838":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":"":"18fd1feec5e3bbf0985312dd6100d1":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":"":"18fd1feec5e3bbf0985312dd6100d1":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":"":"fd78b9956e4e4522605db410f97e84":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":"":"fd78b9956e4e4522605db410f97e84":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":"":"b11f5c0e8cb6fea1a170c9342437":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":"":"b11f5c0e8cb6fea1a170c9342437":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":"":"6cdf60e62c91a6a944fa80da1854":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":"":"6cdf60e62c91a6a944fa80da1854":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cc9922299b47725952f06272168b728218d2443028d81597":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":"":"dd515e5a8b41ecc441443a749b31":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cc9922299b47725952f06272168b728218d2443028d81597":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":"":"dd515e5a8b41ecc441443a749b31":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":"":"f33e8f42b58f45a0456f83a13e":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":"":"f33e8f42b58f45a0456f83a13e":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":"":"380128ad7f35be87a17c9590fa":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":"":"380128ad7f35be87a17c9590fa":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":"":"e9e5beea7d39c9250347a2a33d":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":"":"e9e5beea7d39c9250347a2a33d":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":"":"24483a57c20826a709b7d10a":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":"":"24483a57c20826a709b7d10a":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":"":"23012503febbf26dc2d872dc":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":"":"23012503febbf26dc2d872dc":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":"":"e8e80bf6e5c4a55e7964f455":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":"":"e8e80bf6e5c4a55e7964f455":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":"":"74264163131d16ac":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":"":"74264163131d16ac":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":"":"8f4877806daff10e":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":"":"8f4877806daff10e":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":"":"4eff7227b42f9a7d":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":"":"4eff7227b42f9a7d":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":"":"ff355f10":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":"":"ff355f10":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":"":"cb4d8c1d":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":"":"cb4d8c1d":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":"":"4a28ec97":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":"":"4a28ec97":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"eb16ed8de81efde2915a901f557fba95":"":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"804056dca9f102c4a13a930c81d77eca":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"eb16ed8de81efde2915a901f557fba95":"":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"804056dca9f102c4a13a930c81d77eca":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"70835abab9f945c84ef4e97cdcf2a694":"":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"70835abab9f945c84ef4e97cdcf2a694":"":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"7f770140df5b8678bc9c4b962b8c9034":"":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"7f770140df5b8678bc9c4b962b8c9034":"":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"151fd3ba32f5bde72adce6291bcf63ea":"":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"f0626cc07f2ed1a7570386a4110fc1":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"151fd3ba32f5bde72adce6291bcf63ea":"":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"f0626cc07f2ed1a7570386a4110fc1":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"743699d3759781e82a3d21c7cd7991c8":"":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"1da347f9b6341049e63140395ad445":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"743699d3759781e82a3d21c7cd7991c8":"":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"1da347f9b6341049e63140395ad445":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"85b241d516b94759c9ef975f557bccea":"":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"85b241d516b94759c9ef975f557bccea":"":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"9769f71c76b5b6c60462a845d2c123ad":"":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"9769f71c76b5b6c60462a845d2c123ad":"":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"4b12c6701534098e23e1b4659f684d6f":"":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"729b31c65d8699c93d741caac8e3":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"4b12c6701534098e23e1b4659f684d6f":"":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"729b31c65d8699c93d741caac8e3":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"fe1e427bcb15ce026413a0da87":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"fe1e427bcb15ce026413a0da87":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"927ce8a596ed28c85d9cb8e688a829e6":"":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"927ce8a596ed28c85d9cb8e688a829e6":"":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"508c55f1726896f5b9f0a7024fe2fad0":"":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"508c55f1726896f5b9f0a7024fe2fad0":"":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"b2a7c0d52fc60bacc3d1a94f33087095":"":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"b2a7c0d52fc60bacc3d1a94f33087095":"":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"1bd17f04d1dc2e447b41665952ad9031":"":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"01b0a815dc6da3e32851e1fb":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"1bd17f04d1dc2e447b41665952ad9031":"":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"01b0a815dc6da3e32851e1fb":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"5ea9198b860679759357befdbb106b62":"":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"5ea9198b860679759357befdbb106b62":"":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7474d9b07739001b25baf6867254994e06e54c578508232f":"3ade6c92fe2dc575c136e3fbbba5c484":"":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"67c25240b8e39b63":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7474d9b07739001b25baf6867254994e06e54c578508232f":"3ade6c92fe2dc575c136e3fbbba5c484":"":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"67c25240b8e39b63":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"41b37c04ab8a80f5a8d9d82a3a444772":"":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"4ee54d280829e6ef":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"41b37c04ab8a80f5a8d9d82a3a444772":"":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"4ee54d280829e6ef":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"9af53cf6891a749ab286f5c34238088a":"":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"6f6f344dd43b0d20":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"9af53cf6891a749ab286f5c34238088a":"":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"6f6f344dd43b0d20":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"623df5a0922d1e8c883debb2e0e5e0b1":"":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"623df5a0922d1e8c883debb2e0e5e0b1":"":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"9265abe966cb83838d7fd9302938f49d":"":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"6f6c38bc":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"9265abe966cb83838d7fd9302938f49d":"":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"6f6c38bc":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9b3781165e7ff113ecd1d83d1df2366d":"":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"62f32d4e":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9b3781165e7ff113ecd1d83d1df2366d":"":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"62f32d4e":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"0943abb85adee47741540900cc833f":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"0943abb85adee47741540900cc833f":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"a5100c5e9a16aedf0e1bd8604335":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"a5100c5e9a16aedf0e1bd8604335":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"4da85b8ec861dd8be54787bb83f1":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"4da85b8ec861dd8be54787bb83f1":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"8781b045a509c4239b9f44624e":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"8781b045a509c4239b9f44624e":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"2ad4520ddc3b907414d934cc1d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"2ad4520ddc3b907414d934cc1d":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4382507dddccf1385fc831da8924147563416d0656e168ec":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4382507dddccf1385fc831da8924147563416d0656e168ec":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"b124eea927e2a62a875494a1":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"b124eea927e2a62a875494a1":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"f1a23ce6e2bc9088a62c887abecd30ae":"":"":"d4d5c22f993c8c610145fcbe4e021687":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"f1a23ce6e2bc9088a62c887abecd30ae":"":"":"d4d5c22f993c8c610145fcbe4e021687":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"ef221a1c66fda17906190b7c99ab60b8":"":"":"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"ef221a1c66fda17906190b7c99ab60b8":"":"":"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"7c29b3196d44df78fa514a1967fcd3a6":"":"":"fc123944bbea6c5075a5f987aed9cf99":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"7c29b3196d44df78fa514a1967fcd3a6":"":"":"fc123944bbea6c5075a5f987aed9cf99":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"783f9a3c36b6d0c9fd57c15105316535":"":"":"23e21a803cac5237777014686564f2":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"783f9a3c36b6d0c9fd57c15105316535":"":"":"23e21a803cac5237777014686564f2":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"2acc2073089a34d4651eee39a262e8ae":"":"":"7ac742c859a02a543b50464c66dcf5":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"2acc2073089a34d4651eee39a262e8ae":"":"":"7ac742c859a02a543b50464c66dcf5":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"c937615675738f4b3227c799833d1e61":"":"":"88300bd65b12dcb341f1f6d8a15584":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"c937615675738f4b3227c799833d1e61":"":"":"88300bd65b12dcb341f1f6d8a15584":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"1f939226feab012dabfc2193637d15b1":"":"":"eed5fcb7607c038b354746d91c5b":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"1f939226feab012dabfc2193637d15b1":"":"":"eed5fcb7607c038b354746d91c5b":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"e2076e1050070d468659885ea77e88d0":"":"":"b4586bdbd4b6b899648f2333eee0":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"e2076e1050070d468659885ea77e88d0":"":"":"b4586bdbd4b6b899648f2333eee0":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"2d07bb8616fc0bbb71755a1bd256e7fb":"":"":"6b60d645220cfde42d88296ac193":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"2d07bb8616fc0bbb71755a1bd256e7fb":"":"":"6b60d645220cfde42d88296ac193":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"6c31194df99d08881fa5b1dd33b45a92":"":"":"69431593c376c9f8052bf10747":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"6c31194df99d08881fa5b1dd33b45a92":"":"":"69431593c376c9f8052bf10747":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"73599275f8237f14c4a52b283c07275d":"":"":"6f7249d25c9f273434c4720275":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"73599275f8237f14c4a52b283c07275d":"":"":"6f7249d25c9f273434c4720275":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"d0871bfc3693245be478e6a257c79efb":"":"":"5a99d59631d0e12f58b7b95ccd":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"d0871bfc3693245be478e6a257c79efb":"":"":"5a99d59631d0e12f58b7b95ccd":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"c72bb300b624c27cded863eba56e7587":"":"":"ea2528e7439be2ed0a0d6b2a":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"c72bb300b624c27cded863eba56e7587":"":"":"ea2528e7439be2ed0a0d6b2a":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"28899601fa95f532b030f11bbeb87011":"":"":"35625638589bb7f6ccdb0222":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"28899601fa95f532b030f11bbeb87011":"":"":"35625638589bb7f6ccdb0222":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"375d4134e8649367f4db9bdb07aa8594":"":"":"70610bf329683e15ecf8c79f":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"375d4134e8649367f4db9bdb07aa8594":"":"":"70610bf329683e15ecf8c79f":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"9f502fb5ac90ff5f5616dd1fa837387d":"":"":"a4b5138122e1209d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"9f502fb5ac90ff5f5616dd1fa837387d":"":"":"a4b5138122e1209d":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"2ee96384dd29f8a4c4a6102549a026ab":"":"":"3b33a10189338c3b":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"2ee96384dd29f8a4c4a6102549a026ab":"":"":"3b33a10189338c3b":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"8d97f354564d8185b57f7727626850a0":"":"":"813d2f98a760130c":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"8d97f354564d8185b57f7727626850a0":"":"":"813d2f98a760130c":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"daf13501a47ee73c0197d8b774eec399":"":"":"a6d108c0":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"daf13501a47ee73c0197d8b774eec399":"":"":"a6d108c0":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":"":"a47cdadd":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":"":"a47cdadd":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,0,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"817199254a912880405c9729d75ed391":"":"":"d81d9b41":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"817199254a912880405c9729d75ed391":"":"":"d81d9b41":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":"":"dd153cfd7aa946280660c445f586fa28":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":"":"dd153cfd7aa946280660c445f586fa28":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":"":"c59231ddaae98e0e8db6b3fe8f4d3427":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":"":"c59231ddaae98e0e8db6b3fe8f4d3427":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":"":"2c84bf7a8947ab93b10ae408243b4993":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":"":"2c84bf7a8947ab93b10ae408243b4993":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":"":"e8aac14b53cdbc2028d330fc8d92a7":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":"":"e8aac14b53cdbc2028d330fc8d92a7":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":"":"dc034564d4be7de243ff059b5f9160":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":"":"dc034564d4be7de243ff059b5f9160":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":"":"942b52277e9dc0a30d737d00f5e597":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":"":"942b52277e9dc0a30d737d00f5e597":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":"":"87737873b82586bb29b406946cae":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":"":"87737873b82586bb29b406946cae":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":"":"06f95ca69c222a8985887925b15e":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":"":"06f95ca69c222a8985887925b15e":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":"":"c68842cafc50070799f7c8acd62a":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":"":"c68842cafc50070799f7c8acd62a":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":"":"ec9a79a88a164e1a6253d8312e":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":"":"ec9a79a88a164e1a6253d8312e":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":"":"9779b7c3ece6c23d5813e243ec":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":"":"9779b7c3ece6c23d5813e243ec":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":"":"ca82448429106009094c21d70b":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":"":"ca82448429106009094c21d70b":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":"":"9d1603799e2485a03e7b05a0":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":"":"9d1603799e2485a03e7b05a0":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":"":"05ee6ce13711535864674a5b":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":"":"05ee6ce13711535864674a5b":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":"":"0c9c17388d0610f99d0a093f":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":"":"0c9c17388d0610f99d0a093f":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":"":"1c3bd1e0d4918e36":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":"":"1c3bd1e0d4918e36":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":"":"dab612351f75e2cb":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":"":"dab612351f75e2cb":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":"":"f1d743b7e1b73af5":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":"":"f1d743b7e1b73af5":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":"":"4dc74971":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":"":"4dc74971":"":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":"":"fb845ab7":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":"":"fb845ab7":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,0,1024,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":"":"c840d994":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":"":"c840d994":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"cff291d2364fc06a3a89e867b0e67e56":"":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"81f1eb568d0af29680518df7378ba3e8":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"cff291d2364fc06a3a89e867b0e67e56":"":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"81f1eb568d0af29680518df7378ba3e8":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"1c8f41424acaf009996ceaa815b24ad4":"":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"1c8f41424acaf009996ceaa815b24ad4":"":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"a950ab0dd84115e3829ab0ad3bbb1193":"":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"a950ab0dd84115e3829ab0ad3bbb1193":"":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"3a2acf69bba19f5d1d1947af2cfda781":"":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"3a2acf69bba19f5d1d1947af2cfda781":"":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"3cd95429c6de1d327b9eb3c45424a87c":"":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"3cd95429c6de1d327b9eb3c45424a87c":"":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"bd505fcba464e6e2c58fdf29f5695fb9":"":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"8510fff71bb879f56ea2fe43f6ff50":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"bd505fcba464e6e2c58fdf29f5695fb9":"":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"8510fff71bb879f56ea2fe43f6ff50":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"776248381941e16908f52d19207881f5":"":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"776248381941e16908f52d19207881f5":"":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"603977845d82faccb401817ecce6e2fe":"":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"c955a3bc316841be07e406d289c8":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"603977845d82faccb401817ecce6e2fe":"":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"c955a3bc316841be07e406d289c8":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"4cd56de54e5140a587be7dfd02d3a39e":"":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"1a29527a41330259f918d99d7509":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"4cd56de54e5140a587be7dfd02d3a39e":"":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"1a29527a41330259f918d99d7509":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"afe986ead799727063958e2ce13ca846f76c51605439f839":"f85a95ed10b69623162ab68d1098de94":"":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"afe986ead799727063958e2ce13ca846f76c51605439f839":"f85a95ed10b69623162ab68d1098de94":"":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"537a4ee307af3072e745570aaaadce34":"":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"df01cffbd3978850e07328e6b8":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"537a4ee307af3072e745570aaaadce34":"":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"df01cffbd3978850e07328e6b8":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"5124b410c43d875eca6ce298c45994a7":"":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"5124b410c43d875eca6ce298c45994a7":"":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"ff10234524433b871202c2cca6acb194":"":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"ff10234524433b871202c2cca6acb194":"":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"49da91e926091a448d57d521cc90f3c0":"":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"99198f55f9fa763651bba58e":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"49da91e926091a448d57d521cc90f3c0":"":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"99198f55f9fa763651bba58e":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"b5efb9feae3de41b5ce9aa75583b8d21":"":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"9604d031fa43dcd0853e641c":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"b5efb9feae3de41b5ce9aa75583b8d21":"":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"9604d031fa43dcd0853e641c":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"aef257dd44d14d0bc75f9311ef24e85a":"":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"aef257dd44d14d0bc75f9311ef24e85a":"":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"c15c9c0b0b70c7321df044bfde2b15fb":"":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c5c9851a6bf686d0":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"c15c9c0b0b70c7321df044bfde2b15fb":"":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c5c9851a6bf686d0":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"0bd64d222532dae8ab63dc299355bf2a":"":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"3477cad1fd4098b2":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"0bd64d222532dae8ab63dc299355bf2a":"":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"3477cad1fd4098b2":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"37e3a300542d9caf3975c6429cb8a2e8":"":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"37e3a300542d9caf3975c6429cb8a2e8":"":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"6cba4efc8d4840aa044a92d03d6b4d69":"":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"6cba4efc8d4840aa044a92d03d6b4d69":"":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e":0
 
 AES-GCM NIST Validation (AES-192,128,1024,0,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"4f4636d1b283bfa72c82809eb4f12519":"":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"16c80a62":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"4f4636d1b283bfa72c82809eb4f12519":"":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"16c80a62":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"87b5372571fb244648053c99405999130f87a7c178052297":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"87b5372571fb244648053c99405999130f87a7c178052297":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"010195091d4e1684029e58439039d91e":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"010195091d4e1684029e58439039d91e":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"28a43253d8b37795433140641e9ffd":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"28a43253d8b37795433140641e9ffd":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"d4356cb417953b01f7b1110c8aa3eb":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"d4356cb417953b01f7b1110c8aa3eb":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"3269922affb9d767f5abe041cc8e":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"3269922affb9d767f5abe041cc8e":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"22c2efeddfd5d9cb528861c4eb":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"22c2efeddfd5d9cb528861c4eb":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"673afea592b2ce16bd058469f1":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"673afea592b2ce16bd058469f1":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"079e8db9c3e6eddb0335b1cf64":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"079e8db9c3e6eddb0335b1cf64":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"974bd0c4a8cac1563a0e0ce0":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"974bd0c4a8cac1563a0e0ce0":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"84f1efd34ff84e83":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"84f1efd34ff84e83":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"15d456da7645abf2":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"15d456da7645abf2":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"613ba486":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"613ba486":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-192,128,1024,1024,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"3a0324d63a70400490c92e7604a3ba97":"":"":"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"3a0324d63a70400490c92e7604a3ba97":"":"":"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"7156358b203a44ef173706fdc81900f8":"":"":"9687fb231c4742a74d6bf78c62b8ac53":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"7156358b203a44ef173706fdc81900f8":"":"":"9687fb231c4742a74d6bf78c62b8ac53":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"4fe6ace582c4e26ce71ee7f756fb7a88":"":"":"d5bdf8ec2896acafb7022708d74646c7":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"4fe6ace582c4e26ce71ee7f756fb7a88":"":"":"d5bdf8ec2896acafb7022708d74646c7":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"404efd26b665c97ea75437892cf676b6":"":"":"e491075851eec28c723159cc1b2c76":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"404efd26b665c97ea75437892cf676b6":"":"":"e491075851eec28c723159cc1b2c76":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"4037eadb11249884b6b38b5525ba2df4":"":"":"360c6ef41cbd9cd4a4e649712d2930":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"4037eadb11249884b6b38b5525ba2df4":"":"":"360c6ef41cbd9cd4a4e649712d2930":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"cebbce06a88852d3bb2978dbe2b5995a":"":"":"bd7ca9f6bd1099cde87c0f0d7cc887":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"cebbce06a88852d3bb2978dbe2b5995a":"":"":"bd7ca9f6bd1099cde87c0f0d7cc887":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"008d040fbd7342464209f330cf56722c":"":"":"c87107585751e666bedae2b1b7e8":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"008d040fbd7342464209f330cf56722c":"":"":"c87107585751e666bedae2b1b7e8":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"947c5f0432723f2d7b560eca90842df1":"":"":"7d331fedcea0fd1e9e6a84385467":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"947c5f0432723f2d7b560eca90842df1":"":"":"7d331fedcea0fd1e9e6a84385467":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"51f639467083377795111d44f7d16592":"":"":"02d31f29e15f60ae3bee1ad7ea65":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"51f639467083377795111d44f7d16592":"":"":"02d31f29e15f60ae3bee1ad7ea65":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"aea6f8690f865bca9f77a5ff843d2365":"":"":"7f2280776d6cd6802b3c85083c":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"aea6f8690f865bca9f77a5ff843d2365":"":"":"7f2280776d6cd6802b3c85083c":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":"":"ea01723a22838ed65ceb80b1cf":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":"":"ea01723a22838ed65ceb80b1cf":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"ae07f8c7ac82c4f4c086e04a20db12bc":"":"":"1132e4fff06db51ff135ed9ced":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"ae07f8c7ac82c4f4c086e04a20db12bc":"":"":"1132e4fff06db51ff135ed9ced":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"929b006eb30d69b49a7f52392d7d3f11":"":"":"33940d330f7c019a57b74f2d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"929b006eb30d69b49a7f52392d7d3f11":"":"":"33940d330f7c019a57b74f2d":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"e34b19381f05693f7606ce043626664d":"":"":"2adc2c45947bfa7faa5c464a":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"e34b19381f05693f7606ce043626664d":"":"":"2adc2c45947bfa7faa5c464a":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"a56f27709e670b85e5917d5c1d5b0cc2":"":"":"177b9a5e6d9731419dd33c5c":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"a56f27709e670b85e5917d5c1d5b0cc2":"":"":"177b9a5e6d9731419dd33c5c":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":"":"fe82300adffd8c17":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":"":"fe82300adffd8c17":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"1bd9ea6186450f9cd253ccfed2812b1c":"":"":"35214bbc510430e3":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"1bd9ea6186450f9cd253ccfed2812b1c":"":"":"35214bbc510430e3":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"728cb9608b67a489a382aa677b1f4f5b":"":"":"e2ef5d9cc5791c01":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"728cb9608b67a489a382aa677b1f4f5b":"":"":"e2ef5d9cc5791c01":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":"":"0fe57572":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":"":"0fe57572":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"7b722fdd43cff20832812f9baf2d6791":"":"":"72dea6cc":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"7b722fdd43cff20832812f9baf2d6791":"":"":"72dea6cc":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"729baa4c0ef75ed8aae746376b39fe3c":"":"":"2a0d607c":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"729baa4c0ef75ed8aae746376b39fe3c":"":"":"2a0d607c":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":"":"c595b9d99414891228c9fa5edb5fcce3":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":"":"c595b9d99414891228c9fa5edb5fcce3":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":"":"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":"":"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":"":"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":"":"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":"":"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":"":"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":"":"a8e29e08623a3efdbbe8b111de30a4":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":"":"a8e29e08623a3efdbbe8b111de30a4":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":"":"e3645db0c600dba52044efcecfc331":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":"":"e3645db0c600dba52044efcecfc331":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":"":"c25fc157c3f2474885e2eea48aea":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":"":"c25fc157c3f2474885e2eea48aea":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":"":"4ed91af6340e70b0c2b94ab6f82e":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":"":"4ed91af6340e70b0c2b94ab6f82e":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":"":"3bcb5c2a4261d75bfa106fb25ee1":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":"":"3bcb5c2a4261d75bfa106fb25ee1":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":"":"0e463806ff34e206f703dd96b3":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":"":"0e463806ff34e206f703dd96b3":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":"":"3f0ccc134091e0c0425887b1b9":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":"":"3f0ccc134091e0c0425887b1b9":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":"":"888b836c9111073924a9b43069":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":"":"888b836c9111073924a9b43069":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":"":"b6044c4d7f59491f68b2c61e":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":"":"b6044c4d7f59491f68b2c61e":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":"":"5c5683e587baf2bd32de3df5":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":"":"5c5683e587baf2bd32de3df5":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":"":"52e10495105799ead991547b":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":"":"52e10495105799ead991547b":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":"":"6ff8fd87e5a31eb6":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":"":"6ff8fd87e5a31eb6":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":"":"49aaa806cb2eeadd":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":"":"49aaa806cb2eeadd":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":"":"a5b71ecf845b25d0":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":"":"a5b71ecf845b25d0":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":"":"e9cdbc52":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":"":"e9cdbc52":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":"":"e35dbac8":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":"":"e35dbac8":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":"":"e7a37f15":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":"":"e7a37f15":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"2fc1afc1395d8409919248709f468496":"":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"2fc1afc1395d8409919248709f468496":"":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"c571ce0e911de5d883dc4a0787483235":"":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"c571ce0e911de5d883dc4a0787483235":"":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"275393276745bc43bae4af1e5d43a31e":"":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"275393276745bc43bae4af1e5d43a31e":"":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"47f5264f7a5b65b671892a05fa556f63":"":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"47f5264f7a5b65b671892a05fa556f63":"":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"4e022d8d86efbd347e8cbab7e979771f":"":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"4e022d8d86efbd347e8cbab7e979771f":"":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"7c0f49fb54f5e68c84e81add009284e6":"":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"7c0f49fb54f5e68c84e81add009284e6":"":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"5cea906737518c2cb901016e30206276":"":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"3a3a771dd5f31c977e154ef5c73a":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"5cea906737518c2cb901016e30206276":"":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"3a3a771dd5f31c977e154ef5c73a":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"387ee8c1e7f047e94d06d0322eec02fc":"":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"387ee8c1e7f047e94d06d0322eec02fc":"":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"d2b277f78e98f1fa16f977ce72ee22a7":"":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"4c81c044101f458fdfac9ca3b9":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"d2b277f78e98f1fa16f977ce72ee22a7":"":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"4c81c044101f458fdfac9ca3b9":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"94886a1845aebba5ed6b86f580be47f9":"":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"4be34ff42085ef4443c8b6042d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"94886a1845aebba5ed6b86f580be47f9":"":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"4be34ff42085ef4443c8b6042d":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"e5ca84b907ac761a5e68a9080da0a88a":"":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"e5ca84b907ac761a5e68a9080da0a88a":"":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"fa549b33b5a43d85f012929a4816297a":"":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"afa61e843cee615c97de42a7":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"fa549b33b5a43d85f012929a4816297a":"":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"afa61e843cee615c97de42a7":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"2f8512bb7e214db774a217a4615139e1":"":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"f1da1cebe00d80eb4e025feb":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"2f8512bb7e214db774a217a4615139e1":"":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"f1da1cebe00d80eb4e025feb":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"3da9af3567d70553ca3a9636f0b26470":"":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"3da9af3567d70553ca3a9636f0b26470":"":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"b957f05921d21f2192f587768dc12b4f":"":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"322374fbb192abbc":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"b957f05921d21f2192f587768dc12b4f":"":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"322374fbb192abbc":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"31bd7c971a6d330b566567ab19590545":"":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"efc5a1acf433aaa3":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"31bd7c971a6d330b566567ab19590545":"":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"efc5a1acf433aaa3":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"2f9c0647a4af7f61ced45f28d45c43f1":"":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"2f9c0647a4af7f61ced45f28d45c43f1":"":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"69d81c73008a6827a692fa636fbab8bb":"":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"be2dda5c":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"69d81c73008a6827a692fa636fbab8bb":"":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"be2dda5c":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"e119e166471ecf44bc3a070639619931":"":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"b2f54b3a":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"e119e166471ecf44bc3a070639619931":"":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"b2f54b3a":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"cf296aa43cb7b328e09c8975e067404e":"":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"56015c1e":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"cf296aa43cb7b328e09c8975e067404e":"":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"56015c1e":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"ba61edeb7b8966188854fc7926aad2":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"ba61edeb7b8966188854fc7926aad2":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"993fc8e7176557ee9eb8dd944691":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"993fc8e7176557ee9eb8dd944691":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"92282b022e393924ab9c65b258c2":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"92282b022e393924ab9c65b258c2":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"6154c6799ad7cdc2d89801943a":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"6154c6799ad7cdc2d89801943a":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"1d6cd4ab3914e109f22668867f":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"1d6cd4ab3914e109f22668867f":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"d8bd7d8773893519":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"d8bd7d8773893519":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"74110471ccd75912":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"74110471ccd75912":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"30298885":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"30298885":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"1997daa9":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"1997daa9":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"7f8368254955e1b6d55b5c64458f3e66":"":"":"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"7f8368254955e1b6d55b5c64458f3e66":"":"":"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"274367f31ec16601fe87a8e35b7a22dd":"":"":"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"274367f31ec16601fe87a8e35b7a22dd":"":"":"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"796efaff4f172bef78453d36a237cd36":"":"":"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"796efaff4f172bef78453d36a237cd36":"":"":"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"45e6b23f8b3feefd4b0ea06880b2c324":"":"":"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"45e6b23f8b3feefd4b0ea06880b2c324":"":"":"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"548c9c8fcc16416a9d2b35c29f0dacb3":"":"":"3aa21f221266e7773eeba4440d1d01":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"548c9c8fcc16416a9d2b35c29f0dacb3":"":"":"3aa21f221266e7773eeba4440d1d01":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"a5129e2530f47bcad42fc5774ee09fe7":"":"":"6bb09ed183527c5d5ed46f568af35f":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"a5129e2530f47bcad42fc5774ee09fe7":"":"":"6bb09ed183527c5d5ed46f568af35f":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":"":"55952a01eee29d8a1734bbdf3f8f":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":"":"55952a01eee29d8a1734bbdf3f8f":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"6404b111c6289eefa0d88ed6117bb730":"":"":"637f82e592831531a8e877adfc2c":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"6404b111c6289eefa0d88ed6117bb730":"":"":"637f82e592831531a8e877adfc2c":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"3b87b08337a82272b192bd067e3245ec":"":"":"1f2dda372f20ffddd9dd4810e05f":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"3b87b08337a82272b192bd067e3245ec":"":"":"1f2dda372f20ffddd9dd4810e05f":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"58e70095c6f3a0cda2cdc7775e2f383d":"":"":"1763573f7dab8b46bc177e6147":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"58e70095c6f3a0cda2cdc7775e2f383d":"":"":"1763573f7dab8b46bc177e6147":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"d565c9cdfb5d0a25c4083b51729626bd":"":"":"78738d3e9f5e00b49635ac9a2d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"d565c9cdfb5d0a25c4083b51729626bd":"":"":"78738d3e9f5e00b49635ac9a2d":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":"":"ea7b52490943380ccc902ca5ae":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":"":"ea7b52490943380ccc902ca5ae":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"c993c1802df0f075ce92963eb9bff9bd":"":"":"edfab013213591beb53e6419":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"c993c1802df0f075ce92963eb9bff9bd":"":"":"edfab013213591beb53e6419":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"8f7e1621c2227839da4ea60548290ffa":"":"":"f9da62f59c080160ec30b43d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"8f7e1621c2227839da4ea60548290ffa":"":"":"f9da62f59c080160ec30b43d":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"05d363b2452beff4b47afb052ac3c973":"":"":"6b4a16d1ea1c21b22bdcb235":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"05d363b2452beff4b47afb052ac3c973":"":"":"6b4a16d1ea1c21b22bdcb235":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"774f4e70a7577b5101c0c3d019655d3e":"":"":"98ff89a8e28c03fd":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"774f4e70a7577b5101c0c3d019655d3e":"":"":"98ff89a8e28c03fd":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"99f25cebd6cfa7f41390b42df6a65f48":"":"":"8e14a0a4853a156a":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"99f25cebd6cfa7f41390b42df6a65f48":"":"":"8e14a0a4853a156a":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"c1beff1ff6cdd62339aa21149c4da1e6":"":"":"f998d7c08d609b3a":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"c1beff1ff6cdd62339aa21149c4da1e6":"":"":"f998d7c08d609b3a":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"88126c350dfc079c569210ee44a0e31a":"":"":"f2ebe5e4":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"88126c350dfc079c569210ee44a0e31a":"":"":"f2ebe5e4":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"af29fdb96f726c76f76c473c873b9e08":"":"":"13fd6dfd":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"af29fdb96f726c76f76c473c873b9e08":"":"":"13fd6dfd":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,0,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"1552604763453b48a57cea1aed8113f4":"":"":"660c5175":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"1552604763453b48a57cea1aed8113f4":"":"":"660c5175":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":"":"6b4b1a84f49befe3897d59ce85598a9f":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":"":"6b4b1a84f49befe3897d59ce85598a9f":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":"":"8faa0ffb91311a1a2827b86fec01788d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":"":"8faa0ffb91311a1a2827b86fec01788d":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":"":"2211ca91a809adb8cf55f001745c0563":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":"":"2211ca91a809adb8cf55f001745c0563":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":"":"2e080ba16011e22a779da1922345c2":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":"":"2e080ba16011e22a779da1922345c2":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":"":"83de3f521fcfdaff902386f359e683":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":"":"83de3f521fcfdaff902386f359e683":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":"":"cd4542b26094a1c8e058648874f06f":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":"":"cd4542b26094a1c8e058648874f06f":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":"":"96ca402b16b0f2cd0cdff77935d3":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":"":"96ca402b16b0f2cd0cdff77935d3":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":"":"8233588fca3ad1698d07b25fa3c4":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":"":"8233588fca3ad1698d07b25fa3c4":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":"":"477b0a884d788d1905646bd66084":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":"":"477b0a884d788d1905646bd66084":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":"":"0cb67cec1820339fa0552702dd":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":"":"0cb67cec1820339fa0552702dd":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":"":"08d7cc52d1637db2a43c399310":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":"":"08d7cc52d1637db2a43c399310":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":"":"fbb477dd4b9898a9abc5a45c63":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":"":"fbb477dd4b9898a9abc5a45c63":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":"":"99230019630647aedebbb24b":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":"":"99230019630647aedebbb24b":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":"":"9553b583d4f9a1a8946fe053":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":"":"9553b583d4f9a1a8946fe053":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":"":"44b95a37fab232c2efb11231":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":"":"44b95a37fab232c2efb11231":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":"":"072d4118e70cd5ab":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":"":"072d4118e70cd5ab":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":"":"1bcea0ac2c1a0c73":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":"":"1bcea0ac2c1a0c73":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":"":"faa5c13d899f17ea":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":"":"faa5c13d899f17ea":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":"":"a3958500":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":"":"a3958500":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":"":"50fd1798":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":"":"50fd1798":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,0,1024,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":"":"07764143":"":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":"":"07764143":"":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"5714732145470da1c42452e10cd274b5":"":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"5714732145470da1c42452e10cd274b5":"":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"a714e51e43aecfe2fda8f824ea1dc4b7":"":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"a714e51e43aecfe2fda8f824ea1dc4b7":"":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"91d55cfdcdcd7d735d48100ff82227c3":"":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"91d55cfdcdcd7d735d48100ff82227c3":"":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"19788b2e0bd757947596676436e22df1":"":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"f26a20bea561004267a0bfbf01674e":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"19788b2e0bd757947596676436e22df1":"":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"f26a20bea561004267a0bfbf01674e":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"c6b26117d9dbd80c1c242ad41abe2acc":"":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"c6b26117d9dbd80c1c242ad41abe2acc":"":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0db3ade15cb0dea98a47d1377e034d63":"":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0db3ade15cb0dea98a47d1377e034d63":"":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"83f98eec51ee4cae4cb7fe28b64d1355":"":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"df47eef69ba2faab887aa8f48e4b":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"83f98eec51ee4cae4cb7fe28b64d1355":"":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"df47eef69ba2faab887aa8f48e4b":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"2bc0847d46f3d1064bbf8fe8567f54a2":"":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"2bc0847d46f3d1064bbf8fe8567f54a2":"":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"b9194a4d42b139f04c29178467955f1d":"":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"05949d591793ca52e679bfdf64f3":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"b9194a4d42b139f04c29178467955f1d":"":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"05949d591793ca52e679bfdf64f3":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"6a5335901284dd3b64dc4a7f810bab96":"":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"6a5335901284dd3b64dc4a7f810bab96":"":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"fcb962c39e4850efc8ffd43d9cd960a6":"":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"1d8cdadcf1872fb2b697e82ef6":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"fcb962c39e4850efc8ffd43d9cd960a6":"":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"1d8cdadcf1872fb2b697e82ef6":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"b4d9248bb500e40de99ca2a13e743f1c":"":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"b4d9248bb500e40de99ca2a13e743f1c":"":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"160c50c0621c03fd1572df6ba49f0d1e":"":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"160c50c0621c03fd1572df6ba49f0d1e":"":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"04885a5846f5f75a760193de7f07853c":"":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"0c13506ed9f082dd08434342":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"04885a5846f5f75a760193de7f07853c":"":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"0c13506ed9f082dd08434342":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"0a93b883cbd42998ae2e39aab342cb28":"":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"0a93b883cbd42998ae2e39aab342cb28":"":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"e20957a49a27e247d00379850f934d6c":"":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"e20957a49a27e247d00379850f934d6c":"":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"d533c2170c5dc203512c81c34eff4077":"":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"d533c2170c5dc203512c81c34eff4077":"":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"2e2b31214d61276a54daf2ccb98baa36":"":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"5266e9c67c252164":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"2e2b31214d61276a54daf2ccb98baa36":"":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"5266e9c67c252164":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"a8339ba505a14786ad05edfe8cebb8d0":"":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"a8339ba505a14786ad05edfe8cebb8d0":"":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"4f23f04904de76d6decd4bd380ff56b1":"":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"4f23f04904de76d6decd4bd380ff56b1":"":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf":0
 
 AES-GCM NIST Validation (AES-256,128,1024,0,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"531248afdaaf1b86cf34d2394900afd9":"":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"531248afdaaf1b86cf34d2394900afd9":"":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,128) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"0bae9403888efb4d8ec97df604cd5d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"0bae9403888efb4d8ec97df604cd5d":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"7b334d7af54b916821f6136e977a1f":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"7b334d7af54b916821f6136e977a1f":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,120) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"e3ede170386e76321a575c095966":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"e3ede170386e76321a575c095966":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,112) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"5c43fc4dc959fabeebb188dbf3a5":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"5c43fc4dc959fabeebb188dbf3a5":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"2eb6eb6d516ed4cf1778b4e378":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"2eb6eb6d516ed4cf1778b4e378":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,104) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"bea660e963b08fc657741bc8":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"bea660e963b08fc657741bc8":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,96) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"7859f047f32b51833333accf":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"7859f047f32b51833333accf":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"2111d55d96a4d84d":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"2111d55d96a4d84d":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,64) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359"
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #0
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"b1ece9fb":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"b1ece9fb":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #1
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"cb3f5338":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"cb3f5338":"FAIL":"":0
 
 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":""
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"":0

From e15c71ca722320d25301cd17d130df74afbfb6ac Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Thu, 15 Nov 2018 18:04:56 +0000
Subject: [PATCH 757/889] Test PSA-based GCM cipher operations

---
 tests/suites/test_suite_cipher.gcm.data | 2016 +++++++++++++++++++++++
 1 file changed, 2016 insertions(+)

diff --git a/tests/suites/test_suite_cipher.gcm.data b/tests/suites/test_suite_cipher.gcm.data
index 0a0bd069c..cf90336a5 100644
--- a/tests/suites/test_suite_cipher.gcm.data
+++ b/tests/suites/test_suite_cipher.gcm.data
@@ -2717,3 +2717,2019 @@ auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9bb36fe25e966a075ae2c3bb43b5877679ebc3
 AES-GCM NIST Validation (AES-256,128,1024,1024,32) #2
 depends_on:MBEDTLS_GCM_C:MBEDTLS_AES_C
 auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"":0
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d785dafea3e966731ef6fc6202262584":"d91a46205ee94058b3b8403997592dd2":"":"":"3b92a17c1b9c3578a68cffea5a5b6245":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aec963833b9098de1ababc853ab74d96":"4e0ffd93beffd732c6f7d6ad606a2d24":"":"":"e9fcedc176dfe587dc61b2011010cdf1":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4fb9e3393681da9cec5ec96f87c5c31":"845e910bc055d895879f62101d08b4c7":"":"":"99fb783c497416e4b6e2a5de7c782057":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2a930f2e09beceacd9919cb76f2ac8d3":"340d9af44f6370eff534c653033a785a":"":"":"0c1e5e9c8fe5edfd11f114f3503d63":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe71177e02073b1c407b5724e2263a5e":"83c23d20d2a9d4b8f92da96587c96b18":"":"":"43b2ca795420f35f6cb39f5dfa47a2":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b02392fd7f228888c281e59d1eaa15fb":"2726344ba8912c737e195424e1e6679e":"":"":"a10b601ca8053536a2af2cc255d2b6":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"21895cbafc16b7b8bf5867e88e0853d4":"f987ce1005d9bbd31d2452fb80957753":"":"":"952a7e265830d58a6778d68b9450":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9bb9742bf47f68caf64963d7c10a97b0":"34a85669de64e1cd44731905fddbcbc5":"":"":"e9b6be928aa77b2de28b480ae74c":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e9708e4b37e2e1b5feaf4f5ab54e2a6":"1c53a9fdd23919b036d99560619a9939":"":"":"6611b50d6fbca83047f9f5fe1768":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"82fede79db25f00be96eb050a22cea87":"e9c50b517ab26c89b83c1f0cac50162c":"":"":"d0c0ce9db60b77b0e31d05e048":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1d98566fca5201abb12914311a8bd532":"590aef4b46a9023405d075edab7e6849":"":"":"a1cfd1a27b341f49eda2ca8305":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3038771820c2e1319f02a74b8a7a0c08":"e556d9f07fb69d7e9a644261c80fac92":"":"":"4d2f005d662b6a8787f231c5e1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0fb7eef50de598d7d8b508d019a30d5a":"a2a2617040116c2c7e4236d2d8278213":"":"":"68413c58df7bb5f067197ca0":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8cc58b609204215c8ab4908286e56e5c":"fb83ea637279332677b5f68081173e99":"":"":"a2a9160d82739a55d8cd419f":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"81a5fd184742a478432963f6477e8f92":"da297cbb53b11d7c379e0566299b4d5a":"":"":"200bee49466fdda2f21f0062":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"f604ac66d626959e595cbb7b4128e096":"269d2a49d533c6bb38008711f38e0b39":"":"":"468200fa4683e8be":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2e308ba7903e925f768c1d00ff3eb623":"335acd2aa48a47a37cfe21e491f1b141":"":"":"4872bfd5e2ff55f6":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1304e2a5a3520454a5109df61a67da7a":"dbe8b452acf4fa1444c3668e9ee72d26":"":"":"83a0d3440200ca95":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ecf1ec2c9a8f2e9cc799f9b9fddb3232":"ddf0b695aef5df2b594fcaae72b7e41c":"":"":"2819aedf":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9ab5c8ca905b5fe50461f4a68941144b":"96dd3927a96e16123f2e9d6b367d303f":"":"":"6e0c53ef":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b5fc7af605721a9cfe61c1ee6a4b3e22":"6b757d4055823d1035d01077666037d6":"":"":"e8c09ddd":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03c0b4a6e508a8490db0d086a82c9db7":"ac52f6c1a05030321fa39f87e89fdb5e":"33316ca79d10a79f4fd038593e8eef09625089dc4e0ffe4bc1f2871554fa6666ab3e7fe7885edef694b410456f3ec0e513bb25f1b48d95e4820c5972c1aabb25c84c08566002dadc36df334c1ce86847964a122016d389ac873bca8c335a7a99bcef91e1b985ae5d488a2d7f78b4bf14e0c2dc715e814f4e24276057cf668172":"":"756292d8b4653887edef51679b161812":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b228d3d15219ea9ad5651fce02c8374d":"5c7eafaead029c3fe3cf3835fe758d0e":"8c35dd805c08686b9b4d460f81b4dcb8c46c6d57842dc3e72ba90952e2bebf17fe7184445b02f801800a944486d662a127d01d3b7f42679052cdc73ce533129af8d13957415c5495142157d6ce8a68aa977e56f562fed98e468e42522767656ce50369471060381bb752dd5e77c79677a4cadffa39e518e30a789e793b07ea21":"":"a4dde1ab93c84937c3bbc3ad5237818d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"776afcbabedd5577fe660a60f920b536":"5bbb7f1b14084e520408dd87b97705e9":"44631fc9d4a07416b0dfb4e2b42071e3e2be45502c9ddf72b3e61810eeda31a7d685ebb2ee43a2c06af374569f439ee1668c550067de2dece9ec46ee72b260858d6033f814e85275c5ae669b60803a8c516de32804fa34d3a213ccfaf6689046e25eeb30b9e1608e689f4d31cc664b83a468a51165f5625f12f098a6bf7ddab2":"":"a5347d41d93b587240651bcd5230264f":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"20abeafa25fc4ea7d0592cb3e9b4d5fe":"3aba79a58c5aa664856b41d552c7a8d3":"98cfecaae9eb9a7c3b17e6bc5f80d8a4bf7a9f4fa5e01b74cae15ee6af14633205aafe3b28fb7b7918e12322ea27352056a603746d728a61361134a561619400ff2bf679045bac2e0fbc2c1d41f8faba4b27c7827bceda4e9bf505df4185515dd3a5e26f7639c8ad5a38bc5906a44be062f02cc53862678ae36fa3de3c02c982":"":"2a67ad1471a520fe09a304f0975f31":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2bc73fba942ff105823b5dccf6befb1c":"902c3e3b69b1ef8395d7281ff74cce38":"4adec0b4ac00325a860044d9f9519daa4f7c163229a75819b0fd7d8e23319f030e61dfa8eadabff42ea27bc36bdb6cad249e801ca631b656836448b7172c11126bad2781e6a1aa4f62c4eda53409408b008c057e0b81215cc13ddabbb8f1915f4bbab854f8b00763a530ad5055d265778cd3080d0bd35b76a329bdd5b5a2d268":"":"ebdd7c8e87fe733138a433543542d1":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"356a4c245868243d61756cabe86da887":"b442f2ec6d45a17144c258fd59fe5b3b":"12cccc3c60474b0a1579c5006c2134850724fa6c9da3a7022d4f65fd238b052bdf34ea34aa7dbadad64996065acee588ab6bd29726d07ed24ffae2d33aadf3e66ebb87f57e689fd85128be1c9e3d8362fad1f8096ee391f75b576fb213d394cef6f091fc5488d9aa152be69475b9167abd6dd4fd93bbbc7b8ca316c952eb19c6":"":"ed26080dcb670590613d97d7c47cf4":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfa7e93aff73600fc552324253066e2c":"c20001e93f1cd05253c277a9445d61e4":"a64d1e20058a1f7e698622a02f7ff8dc11886717ede17bbdc3c4645a66a71d8b04346fb389a251ffb0a7f445a25faf642bb7e4697d2cacf925e78c4be98457996afb25b0516b50f179441d1923312364947f8f1e0f5715b43bd537727bf943d7b4679b0b0b28b94e56e7bbf554d9cf79fcee4387f32bb6f91efdd23620035be6":"":"6ba5e4dace9a54b50b901d9b73ad":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2ecea80b48d2ecd194a7699aa7d8ccfc":"8b4db08bafc23b65ae50a2d20661d270":"efc2ca1a3b41b90f8ddf74291d68f072a6e025d0c91c3ce2b133525943c73ebadc71f150be20afeb097442fa51be31a641df65d90ebd81dcbaf32711ed31f5e0271421377ffe14ddafea3ca60a600588d484856a98de73f56a766ae60bae384a4ae01a1a06821cf0c7a6b4ee4c8f413748457b3777283d3310218fb55c107293":"":"246a9d37553088b6411ebb62aa16":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d38fee3fd3d6d08224c3c83529a25d08":"a942ccb11cf9468186fabfc18c899801":"1c92a4ce0a1dae27e720d6f9b1e460276538de437f3812ab1177cf0273b05908f296f33ba0f4c790abe2ce958b1d92b930a0d81243e6ad09ef86ee8e3270243095096537cb1054fcfcf537d828b65af9b6cf7c50f5b8470f7908f314d0859107eed772ee1732c78e8a2e35b2493f3e8c1e601b08aeab8d9729e0294dca168c62":"":"803a08700ec86fdeb88f7a388921":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1899b0cbae41d705c6eed3226afb5bc0":"82d0910aa53e300a487d880d018d0dea":"6bf5583cc1007d74f3529db63b8d4e085400ccf3725eab8e19cb145f3910c61465a21486740a26f74691866a9f632af9fae81f5f0bffedf0c28a6ce0fd520bb4db04a3cd1a7d29d8801e05e4b9c9374fd89bcb539489c2f7f1f801c253a1cc737408669bcd133b62da357f7399a52179125aa59fae6707d340846886d730a835":"":"c5d58870fee9ce157f5ec1fa8f":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b95323d86d02754f4c2874b42ec6eb0":"4f76084acbdef9999c71dcc794238d7c":"ebc75788377c0b264818a6f97c19cf92c29f1c7cdeb6b5f0a92d238fa4614bc35d0cfe4ec9d045cd628ff6262c460679ac15b0c6366d9289bbd217e5012279e0af0fb2cfcbdf51fe16935968cbb727f725fe5bcd4428905849746c8493600ce8b2cfc1b61b04c8b752b915fed611d6b54ef73ec4e3950d6db1807b1ce7ed1dcc":"":"c4724ff1d2c57295eb733e9cad":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30da555559eb11cf7e0eff9d99e9607d":"7799275bf12335f281ec94a870f90a0b":"e735d556e15aec78d9736016c8c99db753ed14d4e4adaaa1dd7eaad702ea5dc337433f8c2b45afdf2f385fdf6c55574425571e079ca759b6235f877ed11618ff212bafd865a22b80b76b3b5cf1acfd24d92fd41607bbb7382f26cd703757088d497b16b32de80e1256c734a9b83356b6fced207177de75458481eaef59a431d7":"":"3c82272130e17c4a0a007a908e":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ed2ac74af896c5190c271cfa6af02fd2":"e0226e2d8da47badad1fb78b9a797f27":"8f11353ae476ff923013e6e736ffc9d23101a1c471ccc07ad372a8430d6559c376075efce2e318cdf4c9443dbf132e7e6da5524045028c97e904633b44c4d189a4b64237ac7692dd03c0e751ce9f04d0fdbd8a96074cd7dfa2fd441a52328b4ac3974b4902db45663f7b6f24947dba618f8b9769e927faf84c9f49ad8239b9fb":"":"db8af7a0d548fc54d9457c73":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0225b73fe5fbbe52f838d873173959d8":"02a048764f48d9aed1147ee922395bbf":"9b46a57b06e156c877e94c089814493ead879397dab3dfcab2db349ef387efcd0cc339a7e79131a2c580188fc7429044a465b8329d74cd8f47272a4ed32582b1c5c7e3d32341ae902ea4923dc33df8062bc24bb51a11d2ecc82f464f615041387f9c82bd2135d4e240fe56fa8a68e6a9a417e6702430a434b14d70cf02db3181":"":"e2c2ce4022c49a95c9ac9026":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"89ca3771a0ef3287568b4ac036120198":"7e83d2ffa8af8c554cfd71a0db56ef5b":"1bd7a9d6262882bd12c62bd50942965b3cdcadf5e0fab2dc4d0daf0ee4b16e92c6e2464c0caa423cdce88e4d843490609716ec5e44c41672c656ac0e444d3622557ea8420c94deae3ad190ddaf859f6f8c23e4e2e32a46d28df23de4f99bd6c34f69e06eddfdfa5f263dbe8baf9d4296b2c543e4c4847271e7590374edf46234":"":"06b2bf62591dc7ec1b814705":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a41a297bd96e224942998fe2192934a1":"6827f2c5a0b7ecd6bbc696abb0adf556":"f32041abd8543415cbac423d945dda5378a16a7e94d9ab5dbd2d32eb1c5048cc7c8e4df3ca84ec725f18c34cfdeaa7595392aabfd66d9e2f37c1165369cd806cd9d2110def6f5fad4345e5a6e2326c9300199438fcc078cd9fcf4d76872cac77fc9a0a8ac7e4d63995078a9addecf798460ff5910861b76c71bccfb6b629d722":"":"49a4917eef61f78e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a9372c058f42e0a1d019bdb528313919":"8d03f423230c8f00a5b6b712d426a2af":"cfef4e70fcc1821eeccf7c7b5eb3c0c3b5f72dc762426e0bd26242f8aa68c5b716ab97eded5e5720caccc1965da603d556d8214d5828f2cf276d95bf552d47313876796221f62ccb818a6d801088755d58cfb751bfed0d5a19718d4e0f94b850e0279b3a69295d1837cba958a6cc56e7594080b9e5b954a199fdc9e54ddc8583":"":"b82cd11cd3575c8d":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6302b7338f8fa84195ad9abbacd89b4e":"e1bed5c53547cbc85f3411fbb43bb08b":"bcd329c076e8da2797d50dcdcf271cecf3ce12f3c136ed746edc722f907be6133276ee099038fdc5d73eec812739c7489d4bcc275f95451b44890416e3ffe5a1b6fa3986b84eee3adad774c6feaecb1f785053eeda2cfc18953b8547866d98918dbe0a6abc168ac7d77467a367f11c284924d9d186ef64ef0fd54eacd75156d2":"":"5222d092e9e8bd6c":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78b5c28d62e4b2097873a1180bd5a3a5":"c93902c2819ee494f0fc4b259ee65dd8":"e6b1192674a02083a6cf36d4ba93ba40a5331fadf63fd1eb2efa2ee9c0d8818472aaaf2b4705746011753f30f447c8f58dd34d29606daf57eadc172529837058cb78a378b19da8d63c321f550dfa256b5fd9f30e93d8f377443bfcd125f86a079a1765d2010be73d060f24eebae8d05e644688b2149bc39e18bd527bc066f2ba":"":"eae48137":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d84130578070e036c9e3df5b5509473":"3b9b4950523a19c6866fd2b0cde541fd":"a764931e1b21a140c54a8619aacdb4358834987fb6e263cec525f888f9e9764c165aaa7db74f2c42273f912daeae6d72b232a872ac2c652d7cd3af3a5753f58331c11b6c866475697876dbc4c6ca0e52a00ba015ee3c3b7fb444c6e50a4b4b9bbe135fc0632d32a3f79f333d8f487771ed12522e664b9cf90e66da267f47a74d":"":"79987692":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08428605ab4742a3e8a55354d4764620":"128f5f4a817e4af04113847a223adeb0":"464b484ed79d93a48e0f804e04df69d7ca10ad04ba7188d69e6549ab50503baaec67e0acba5537d1163c868fd3e350e9d0ae9123046bc76815c201a947aa4a7e4ed239ce889d4ff9c8d043877de06df5fc27cf67442b729b02e9c30287c0821ef9fa15d4cccbc53a95fa9ec3ed432ca960ebbf5a169ccada95a5bf4c7c968830":"":"3eb3e3a2":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd358bc3f992f26e81e3a2f3aa2d517":"d8c750bb443ee1a169dfe97cfe4d855b":"":"87cc4fd75788c9d5cc83bae5d764dd249d178ab23224049795d4288b5ed9ea3f317068a39a7574b300c8544226e87b08e008fbe241d094545c211d56ac44437d41491a438272738968c8d371aa7787b5f606c8549a9d868d8a71380e9657d3c0337979feb01de5991fc1470dfc59eb02511efbbff3fcb479a862ba3844a25aaa":"a81d13973baa22a751833d7d3f94b3b1":"":"77949b29f085bb3abb71a5386003811233056d3296eb093370f7777dadd306d93d59dcb9754d3857cf2758091ba661f845ef0582f6ae0e134328106f0d5d16b541cd74fdc756dc7b53f4f8a194daeea9369ebb1630c01ccb307b848e9527da20a39898d748fd59206f0b79d0ed946a8958033a45bd9ae673518b32606748eb65":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"43b5f18227e5c74288dbeff03801acd6":"08ee12246cf7edb81da3d610f3ebd167":"":"f58d630f10cfca61d4644d4f6505bab629e8e8faf1673e64417f9b79e622966a7011cfb3ff74db5cebf09ad3f41643d4437d213204a6c8397e7d59b8a5b1970aed2b6bb5ea1933c72c351f6ba96c0b0b98188f6e373f5db6c5ebece911ec7a1848abd3ae335515c774e0027dab7d1c07d047d3b8825ff94222dbaf6f9ab597ee":"82d83b2f7da218d1d1441a5b37bcb065":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a433c612d7e1bdff881e4d63ba8b141":"8b670cf31f470f79a6c0b79e73863ca1":"":"ce10758332f423228b5e4ae31efda7677586934a1d8f05d9b7a0dc4e2010ec3eaacb71a527a5fff8e787d75ebd24ad163394c891b33477ed9e2a2d853c364cb1c5d0bc317fcaf4010817dbe5f1fd1037c701b291b3a66b164bc818bf5c00a4c210a1671faa574d74c7f3543f6c09aaf117e12e2eb3dae55edb1cc5b4086b617d":"8526fd25daf890e79946a205b698f287":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8e9d75c781d63b29f1816859f7a0e0a0":"748a3b486b62a164cedcf1bab9325add":"":"a9f1883f58e4ef78377992101ab86da0dafcefa827904dd94dff6f6704b1e45517165a34c5555a55b04c6992fb6d0840a71bd262fe59815e5c7b80fe803b47d5ba44982a3f72cb42f591d8b62df38c9f56a5868af8f68242e3a15f97be8ef2399dbace1273f509623b6f9e4d27a97436aebf2d044e75f1c62694db77ceac05de":"131e0e4ce46d768674a7bcacdcef9c":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe6b8553002c69396d9976bb48d30779":"595b17d0d76b83780235f5e0c92bd21f":"":"786f4801b16de7a4931ab143b269c7acc68f1ed9b17a95e8929ccec7d53413059fd4267bedbf079d9d69e90314c1345bc9cb9132f1af69323157ddf7533ced42b4b7bd39004f14d326f5b03bc19084d231d93bcab328312d99b426c1e86e8e049d380bb492e2e32ad690af4cf86838d89a0dfdcbc30e8c9e9039e423a234e113":"8879de07815a88877b0623de9be411":"":"b15dc7cd44adcb0783f30f592e5e03ccd47851725af9fe45bfc5b01ae35779b9a8b3f26fec468b188ec3cad40785c608d6bfd867b0ccf07a836ec20d2d9b8451636df153a32b637e7dcdbd606603d9e53f6e4c4cc8396286ce64b0ea638c10e5a567c0bc8e808080b71be51381e051336e60bf1663f6d2d7640a575e0752553b":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14898c56009b459172fef9c17993b54f":"0862f8f87289988711a877d3231d44eb":"":"e7ba6ef722273238b975d551f95d3e77e9b75b24c547b86eafb457d409803bdf6e1443839d8604ee497020e1a3dbd687a819b17fdde0fcf240ce2129792792a58bfcd825773001ee959bf9ec8d228e27ce1cd93d7fb86769a3793361b6f82bf7daf284afc1ece657a1ee6346ea9294880755b9b623563ad2657ba2286488a2ef":"36938974301ae733760f83439437c4":"":"3fd56897a62743e0ab4a465bcc9777d5fd21ad2c9a59d7e4e1a60feccdc722b9820ec65cb47e1d1160d12ff2ea93abe11bc101b82514ead7d542007fee7b4e2dd6822849cd3e82d761ff7cf5ce4f40ad9fec54050a632a401451b426812cf03c2b16a8667a88bb3f7497e3308a91de6fd646d6a3562c92c24272411229a90802":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fe5253d4b071793b081ebc122cc2a5f8":"49e82d86804e196421ec19ddc8541066":"":"b57a0bd7714ae95e77fa9452e11a7ed4a2bec60f81ad6ddb956d4b1cb5dfc277dcb4034d501801b26733b5e08c710c3cfdccc1b208dc7a92cd7ebe166320582bcaff64cc943c36fbe7008f004e5db70c40de05fa68b0c9d4c16c8f976130f20702b99674cd2f4c93aeaeb3abca4b1114dbc3a4b33e1226ad801aa0e21f7cc49b":"e8b8ae34f842277fe92729e891e3":"":"c4a31c7ec820469f895d57579f987733337ec6547d78d17c44a18fab91f0322cfe05f23f9afaf019cf9531dec2d420f3591d334f40d78643fd957b91ab588a7e392447bd702652017ede7fb0d61d444a3b3cc4136e1d4df13d9532eb71bcf3ff0ae65e847e1c572a2f90632362bc424da2249b36a84be2c2bb216ae7708f745c":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b3502d6f0d172246e16503cdf5793296":"6ce994689ff72f9df62f386a187c1a13":"":"09268b8046f1558794e35cdc4945b94227a176dd8cb77f92f883542b1c4be698c379541fd1d557c2a07c7206afdd49506d6a1559123de1783c7a60006df06d87f9119fb105e9b278eb93f81fd316b6fdc38ef702a2b9feaa878a0d1ea999db4c593438f32e0f849f3adabf277a161afb5c1c3460039156eec78944d5666c2563":"21cdf44ff4993eb54b55d58e5a8f":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5fb33dd73db309b9dfd3aee605cd94bf":"3f6486f9e9e645292e0e425bac232268":"":"f4e011f8c99038c46854b427475f23488077ebf051c4b705a1adfdd493a0a10af7a7e9453965b94f52f61ae62ce9243a82a2dbf9c5a285db3fe34ed34ed08b5926f34c48171195f7062d02a6e6e795322a0475017371cb8f645cdcac94afc66dc43e7583bdf1c25790f4235076a53de6c64f3bc5004e5a9ce4783fbf639fad97":"7ee5e0e2082b18d09abf141f902e":"":"0503cb531f1c967dae24f16dd651d544988a732020134896a0f109222e8639bf29ff69877c6ef4ac3df1b260842f909384e3d4409b99a47112681c4b17430041ca447a903a6c1b138f0efbb3b850d8290fceac9723a32edbf8e2d6e8143b1cbc7bf2d28d1b6c7f341a69918758cc82bbab5d898fa0f572d4ceaa11234cb511ec":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a958fe3b520081b638d9e4c7d5da7ac7":"c396109e96afde6f685d3c38aa3c2fae":"":"dfa9487378c7d8af9c8dbd9e533cd81503d9e4e7dab43133bad11fd3050a53a833df9cc3208af1a86110567d311d5fc54b0d627de433c381b10e113898203ac5225140f951cdb64c6494592b6453f9b6f952ec5ece732fb46c09a324f26b27cdad63588006bb5c6c00b9aa10d5d3b2f9eaab69beeddd6f93966654f964260018":"06ca91004be43cf46ed4599e23":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ec319fb143eac8215b51541daec268f2":"8a4684f42a1775b03806574f401cff78":"":"d298d988e74927736237eb8ab09d7a86b854fa2fd1f7f3be83b417ac10aa9291f4af5b3fbaf75a296ac32369ad57ded3984b84711953e477de3035ba430a30ffb84c941936e6c8d2cae8d80159876f87dd682747f2dccc36d7c32ab227032b8ac70b313fa4202ea236e3ec4d9e4d8b48cf3b90b378edc5b1dbeec929549344f8":"e91acb1bfda191630b560debc9":"":"27ce4a622959930f4059f247d29d1438257093cc973bf1bae4e0515da88b9a7e21ec59c7e4d062035cdf88b91254d856b11c8c1944865fa12922227ded3eecccaa36341ecf5405c708e9ea173f1e6cdf090499d3bb079910771080814607a1efe62ec6835dc0333d19dd39dd9ea9f31cd3632128536149a122050bb9365b521d":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"14a3e69f351ac39b4297749a90c1365c":"eb1c6c04437aa5a32bcc208bb3c01724":"":"051224f7b208549dcfda5f9d56ce5f0a072ef1f23f3810c693516c92622be6ed4d7a9e0f9450980ba490b2e9e3468ea7eef10bc9ebd673d91f32b748c1bf2c50cc4ebb59fc409c6d780bba00700d563ce1dc9927a6c860095a42ed053f3d640debfbfa7a4e6d5de234af19755000d95e7f414f1f78285ee165410c020038286b":"e418815960559aefee8e0c3831":"":"797310a6ed9ce47cdc25f7f88f5dbbf6f8f4837701704d7afced250585922744598d6f95ba2eecf86e030cc5ee71b328fc1c4f2d4df945d1b91a2803d6ae8eba6881be5fe0f298dd0c0279e12720ede60b9e857ccca5abe9b4d7ee7f25108beebbfe33f05c0d9903bf613c2e7ed6a87b71b5e386d81b3ae53efd01055bbcccc2":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c34827771fc3918d1cee09ba9401b832":"2379bbd39a1c22bc93b9b9cc45f3840b":"":"ce79701b661066e53191c9acdaf677ad41622314898d7216e3f113e2e6e215d26d8bd139827f06ab3ea5c4105694e87db1dd6cec10e1f86a8744d4c541f08e40319e22ab42fc1a6c89edfd486b6f142c6bbbf84a73912e0b2e55b79db306ccabf839855afdd889e52ae981520c89e7dc29bb2adb1906cca8c93fcb21290a095b":"26e1f6cf0d9e0f36dfd669eb":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b1f9bd2006ec550b7b9913d383200b5d":"ca28fa6b64bb3b32ef7d211f1c8be759":"":"6d9fc8f586d50d6e0128172ae147844e80136905d3a297497a9566ca7c7445029028f14c9950acee92a5c12a9150f5e024e01c7505dd83937542b0b1288de9c292ae8ad918a09b2edf8493540b74c73d2794f2eb6eed18eba520ddea9567462c83330f33d7892fcde0b10c73a4e26ab1bef037cec7e0190b95188e9a752fee6f":"c87aac7ad0e85dbb103c0733":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8b2cef1a92aa0af2b00fb2a99855d5bc":"08d87b7acee87d884667f6b1e32e34d0":"":"fd09525ef3c65ab5823e1b6c36b4a9449a3975c5d3a9e7e33c61fb32edcbb8e8c915b6202e3fbce87d73cc3b66d83d9ea7e1e353cc7468f08626932cf0235563e2a28953ee5a0afadb1c3cb513b1f1fc9a8a6cf326174b877448672f7731dd6430a51619da1a169ab302da5af5b38802f8bbf5890b5d9b45deda799679501dc4":"3bd7685318010b0c5fe3308b":"":"583e64631c218549923e8ad33b728d07f23b0f19d2aff1ad7e20d564c591db0e117caa8f21e3f3345e3d84f0ccbb27274cddf9274410fc342cb2a5d4aea4e925d0dd5350389ee0dea23a842ff3f5c1198374a96f41e055f999cfbc2f47ceaa883da8eb6ff729f583eff1f91bd3f3254d4e81e60d9993b3455e67f405708e4422":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"175c306f8644b0c4b894ae3d0971505e":"9860268ca2e10974f3726a0e5b9b310f":"":"fbe7ced7048f83e3a075661c4924eb77da1b4d6019d504afb942d728b31fd3b17557bd101c08453540a5e28d3505aeb8801a448afac2d9f68d20c0a31c7ef22bd95438851789eef1bebe8d96ac29607025b7e1366fecd3690ba90c315528dc435d9a786d36a16808d4b3e2c7c5175a1279792f1daccf51b2f91ac839465bb89a":"f809105e5fc5b13c":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08c0edcfe342a676ccdc04bdf854b4b0":"4a7b70753930fe659f8cc38e5833f0c7":"":"1fc8ef8480c32d908b4bcbfa7074a38e915c20ed7a1c608422087e89442d7c5af6fe9c9a716c55793248062d8e6c6e8e904e2804da3a43701e4c78ecdb67e0b25308afc6d9b463356439cd095cff1bdf0fd91ab301c79fd257046cba79a5d5cd99f2502ad968420e4d499110106072dc687f434db0955c756a174a9024373c48":"9ab1e2f3c4606376":"":"983458c3f198bc685d98cea2b23cf71f0eb126e90937cab3492a46d9dc85d76bbb8035c6e209c34b2a7187df007faabe9f3064dc63f1cb15bf5a10655e39b94732e0c6583d56327e9701344e048887a81b256181cdfa9ec42ebc990875e4852240ddcb3cbc4ea4e6307075fd314f7190f3553267bd68b19e954e310ec3f8dbab":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"241067a0301edf0f825d793e03383ea1":"a30994261f48a66bb6c1fc3d69659228":"":"6984bb9830843529fad7f5e7760db89c778d62c764fcd2136ffb35d7d869f62f61d7fef64f65b7136398c1b5a792844528a18a13fba40b186ae08d1153b538007fc460684e2add8a9ed8dd82acbb8d357240daaa0c4deb979e54715545db03fe22e6d3906e89bdc81d535dae53075a58f65099434bfeed943dbc6024a92aa06a":"36c3b4a732ba75ae":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"03cccb5357bd2848332d1696f2ff90cb":"e0754022dfb1f813ccaf321558790806":"":"5e2f18cbc1e773df9f28be08abb3d0b64d545c870c5778ac8bb396bef857d2ac1342ae1afb3bf5d64e667bf837458415d48396204fe560e3b635eb10e560e437f2d0396952998fd36e116cd047c1d7f6fc9901094454d24165c557a8816e0d0a8e0ce41e040ba6f26ca567c74fc47d9738b8cd8dae5dfc831c65bc1ba9603a07":"c75f0246":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"4e5e53c84a05d5a5348bac7b2611cf62":"47e40543b7d16bc9122c40b106d31d43":"":"489c00c05dec06f282924c680f621ab99ac87f7d33ebbb4ca0eee187ec177d30d2b4afb4ee9f0dc019cf1a4da16d84b7f5f5c7fce72a32461db115b5a5a433024fd5ed3d47161836bb057a0189ed768f95e45fa967d0cc512fc91b555808c4033c945e8f2f7d36428dcb61f697e791b74e5c79b2bcb9cb81bec70d8119cd8d76":"81eec75d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2c94008bf377f90b7a1c0d2ea38f730c":"abfe92931a8411a39986b74560a38211":"":"7b3d619d115de9970b2df4e1f25194940b3f3da04c653231e8e6946de9dc08ae5ba37e2a93c232e1f9445f31c01333045f22bd832e3b5f9833f37070fafb0ef1c44cc5637058ab64d9e07bb81b32852d4cf749a3ddbfdb494f8de8bb4e31f46033f8a16bc22e2595d023845505ea5db74dd69ab4ca940078b09efb4ff19bdb66":"47d42e78":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"69eedf3777e594c30e94e9c5e2bce467":"a3330638a809ba358d6c098e4342b81e":"df4e3f2b47cf0e8590228fcf9913fb8a5eb9751bba318fd2d57be68c7e788e04fabf303699b99f26313d1c4956105cd2817aad21b91c28f3b9251e9c0b354490fa5abfcea0065aa3cc9b96772eb8af06a1a9054bf12d3ae698dfb01a13f989f8b8a4bb61686cf3adf58f05873a24d403a62a092290c2481e4159588fea6b9a09":"5114e9983c96fecec3f7304ca42f52aa16cb7c6aadfb62ad537c93a3188835ca0703dad34c73cf96435b668b68a7a1d056931959316e8d3ab956bf64c4e07479c7767f9d488b0c0c351333ccf400b7e0be19a0fd173e3f2a1ae313f27e516952260fd2da9ab9daca478ebb93cd07d0b7503b32364d8e308d904d966c58f226bb":"5de3068e1e20eed469265000077b1db9":"":"208e6321238bf5c6e2ef55a4b8f531cbbfb0d77374fe32df6dd663486cf79beeed39bb6910c3c78dd0cc30707a0a12b226b2d06024db25dcd8a4e620f009cafa5242121e864c7f3f4360aaf1e9d4e548d99615156f156008418c1c41ff2bbc007cecf8f209c73203e6df89b32871de637b3d6af2e277d146ae03f3404d387b77":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"45cc35311eedf0ba093bf901931a7036":"fed5084de3c348f5a0adf4c2fd4e848a":"6e210914e4aed188d576f5ad7fc7e4cf7dd8d82f34ea3bcbdb7267cfd9045f806978dbff3460c4e8ff8c4edb6ad2edba405a8d915729d89aab2116b36a70b54f5920a97f5a571977e0329eda6c696749be940eabfc6d8b0bbd6fbdb87657b3a7695da9f5d3a7384257f20e0becd8512d3705cc246ee6ca1e610921cf92603d79":"5dc8d7525eaad035c19714ae1b1e538cb66a4089027245351e0ad9297410fb3a0c1155407c10a8bb95a9ca624a9c9925dac003ee78926c6e90ff4ccdba10e8a78bda1c4478162a0e302de5ff05fb0f94c89c3c7429fb94828bdcd97d21333c2ee72963ee6f056ce272b8bab007e653a42b01d1d2041ba627f169c8c0d32e6dae":"266a895fc21da5176b44b446d7d1921d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9edb5231ca4a136b4df4ae22b8588f9f":"c342e9bdabe7be922b2695f5894e032c":"a45c7f8032ac5144deef8d5380f033aea2786b0592720a867f4831eaccc6b85d3fd568aedc6e472e017455b0b5b30cf7a08ea43ca587f35e1646ecd9b4dc774d11e350c82c65692be1e9541cbd72a283bdcf93dc7115545f373747b4f8d5915ed0c42fbeefd3e9bd86003d65efc2361fde5b874ddabcf8265e6b884615102eff":"493df801c57f8bb591955712d92d3fc34518f0599fec8533b2b4473364e1df4f560c12444cf50eeb584676b7e955c742189de6b50b8e012dfa6642f3679fb02bc6d8e08d1db88c8ae955a7946263e06494e17f8df246b672942661e5563302252208f2e00a0d77068a020e26082c291a75a06f63c41e2830292a418b2b5fd9dd":"5ed3ea75c8172fa0e8755fef7b4c90f1":"":"56696e501fac1e8d5b83ef911ed11337d5d51ff5342a82993dd5340bb9632e6606eef68ec5fe8cec6b34ebbc596c279e6cbc9221c4cde933f6d93ae014e3c4ca49593f35eaa638606d059519bac3a3373519e6184e7227d2aa62170c36479fe239cb698bfca863925a4c9fb1338685a55a6dfd3bd9c52d8ae12be8551fce6e1a":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d5fdcb8f5225090e63fae9b68f92c7cb":"581c818282a0905df5ffff652e5604e9":"f1ae6cd7b07f261105f555cf812a1d5bf8dd9aac07666318acffa11abb77d0238156663acbf7543825b45c6e9cddb481a40995ecd78bb5f4cba5df7c7efb00fc19c7f45e94d37697aca8ef368b99165393b6107f900194c797cd3289cb097eb5915f2abfd6aa52dd1effffdde448e30075a1c053246db54b0ec16eadca1c0071":"d39b9cba95e3a3aab9bc1d03ff475c04faeb5b7f0510777f39e5a05756606eb7ddd154aac035d9ddaf3535629821dd8f014dedd52cd184f52fc706e3c89a3a271398c9125d9a624dafb297a56022ca2ea331ea7359ab5e65f8e14814788e64e0a886a9b1a0144bf268fdcf9d94c3d10a0452f40111da9df108252e9039eacea3":"827e66b5b70dce56215cfb86c9a642":"":"cec11a12e47fd443f878e8e9fe23c65f29dd2d53cec59b799bcb0928de8e2f92fe85c27cec5c842ef30967b919accafe0c0d731b57f0bb5685d90a3061cb473e50e8aeca1346d1f47f7db06941f83f21ba5976d97c28cab547d8c1f38387a04b8a0b212da55b75fbaf9562eeeabd78eadcbab66457f0cd4e0d28133a64cb063f":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"036198cd3a3ab9319684d0f811cf2992":"47dffc6b3b80ffef4b943bde87b9cf3c":"ec4de476cd337f564a3facb544d0ff31cd89af4c3d9a28543e45156189f8eff8f804494dda83a1fb2c30ce858884a01ec63db59268452b1eea0f0d48280bb7340eaacc84509469dd94d303774d053d7ab4fb5f6c26581efeb19165f8cb09d58ec314d09ab8356731e87fd081f661e7b2d1a7c3aa4af5448a12b742e7b210b0b0":"6b95b9e82a695fb7b466ce3adb536f525d8314f95eada39efb49baf121093ce7d5439f0d8223e03530b85accd388a70650ca9f7e63eb32afecb7b1916ed9b762128cc641caf3e08e027c3d88481d653b6b15172e977dfb9b3f88465911aee162501cbf8501ce2b66ee151bbfdc23225f638f18750c239d62471663e5ee2a5856":"6cf68a374bea08a977ec8a04b92e8b":"":"5c2f7c408167be3d266ff634e1993fe291aef7efae245fa0b6b5bde886a810c866ae6a078286684d1b66116e636e285f03646e09f3c4ed7b184e7c171ba84f3bfd9500c6f35964a404892b4cdcdd3f697fc5b01934a86019810987a9fea7efca016049873f1072f62df3c17f57ea1d88ccd8757f7e3c5d96e8a18d5366a39ea9":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c9fbbff8f25f951ba874dfc5ff38584e":"1c1fc752673be6d4ff4cc749fc11e0fe":"abfde0b60acfe265b62ed68ebebc1f5f725f155c4b8a8aeec8d704701c51ff7817060c1b0ce6b80d6efc9836c9ea2bc022ec67db4cd34e945e3a1b153fd2e0f7ac84bb4b07e04cbb529ee24014b16067f9f082b940c9d5e54024d3e5e910310457478560721587da7b5343d89eec5a8fce389c01185db15e7faa9a3fa32e8ab9":"ca401071396da00376add467490abc6e6a7d8a85852026979f7013a09cf689113c8d833560cd6c5b8fdaa8fdd818e773ac13954839a0a2c91efeaf4e0e14de43308419a8b86fa2ae600a88a6bd39dfaabc16a3c7c1b77a5c2aab7f7caceb2f8595324125efbb7c96ba16c47d0bd10568b24bf445d72d683268466e68e46df500":"ff0b2c384e03b50e7e829c7a9f95aa":"":"239637fac6e180e71b2c9fa63ce8805f453d81499623ec2deba9b033350250662897867bffaf0c314244baf9e1fe3e1bb7c626d616bfbf3e0ac09a32aaf718b432337c9dc57c2d6fc4a0a09bdc05b9184d1b90c7193b7869f91e2caa8b3b35c10c6621ffae4c609bdf4e4e3f06e930541c381451ef58f4f30a559d2b79b0e6b6":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3a314ec178da96311e42334a616fb38b":"d7ea27c819e3eb2666611bb1c7fc068d":"db8dcc31a5681f13d56abd51bd2dcb0d2b171628186e215a68bf16167b4acd00c3441973c3fa62fa2698ee5c6749fc20e542364d63c40756d8bcff780269e5201bafdced3cdc97931d8203873431882c84522c151b775285d0a3c5d7667254c74724ff0ea9d417aa6c62835865dfded34edd331c0c235a089427672c5a9211c9":"518b3f5384ab54f80497d55be7a5d6902bc7718386212c2ec7537db331514b3838f104bf9054e03039a4cfb73f41e5d0a9648e569ed738cea8d33917430dff6afa8f07a75e324b9262fa196a4439dcd66b0535ee5bea0d292600227c2a79ed03be0671740e5cb7b306d855612bd3abcbf02cf7e7cecbb6cdbb33d57b4e3234a2":"1e774647b1ca406e0ed7141a8e1e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e818372a63b7e2c23b524e29ba752bdb":"36e617e787cb25e154f73af1da68cb06":"71801d69796c2ce36b043c157aec9fd2e06fd1ec596126d10c26b6d44e3dc36c4fa30a030d65c382b6ddfd958e71fe9c16732e595137a3d6764c15480fc3358e9a113ba492b31274663f5842df5d1cc6bad70e83b34675a4411e2e70755aede0ff5035601be130562e27a20283d6f144ff1bdb5276dec05fad80d51b28d50688":"c1bf1b702a95ceaa6b48a1cdd888ae51f58a9fc3232bd6c784529a83301c6d0cdda6e605ad9a2563f54a8d59f624ae7c589e48b85041a010dcb6fb8739d43e79a456fc0e8574af086df78680460c3cdc4e00dc3b9d4e76b0de26e9aec546705249fa7e7466c01001c2667eaf2813be1f0f116916f34843a06b201d653aa1b27e":"3744262bc76f283964c1c15dc069":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a04f16882ff45816739d1b6697ce8b7":"66f504d9a9128ad7fb7f1430d37c4784":"f641c53c83c4fb1ff8044bfa97cdf63fe75d8159d65b3e5ad585b89c083a53cf4a2f7a58eaeaf45fa71f2c07bc5725a6b03307d7f32884a133a4c803700bf1e12564b98b71f63b434ddf13ad2c467dda25ffa6effcafa72452b20c34cfae71e47096f8745b487e9f1945f5bec83f7ec2709a13b504d92315b1b727a78902be84":"6a4f3dbb3371f64258fd1f831349e745a4e19a33aad794b1de3788729618beed619586092120e9e5dc3ac6e0d52f991f7be61afbfaa4399ac716ad79a2734827254b1627791dc92a128a6f43426b8085dee94242e83176a3d762658f18ecc1e37e3e1531648c9caed212ea2cf3b3843cb92cb07730f30fe2dca3925470fadd06":"fbb37084396394fecd9581741f3c":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"38cf029a4b20607030586cd2d82146e6":"6330084319e2bf32cd5240f4826944bc":"80746cfb0127c592f8164d751b0e14a5b379056a884cece7ee4e9b80538d7ff6be56a3b19c135786722aaf315123b47672b0251e87ea45f0fd3601cf93f9efa6cbd9ad537f54d57f1e187f821faac24096ecec19d137c9f4cf145c278af4cd8de01c7758784fda06f1cc62d92ae1977786f3d0645714ab4ab6f48c8794b12f73":"f4c9f4476561c9ebdac71b282ae6e2f9f03547da98e66d4d857720db2fcc9ed1f363858db34c9dcaca0109d7c81db24150493115f2bb6985efa8686e3d2ab719d33b230aa4c5c70696bf42f225fb3c6704711c054a882d89b320884a78cb59cd2100496edf4010487597fb9135d8ca79693a43843e9626fd6c64a8722b3a27dc":"7b021de5cda915ba58f90ceef4":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cf4d81fc5997c744a572bed71f4ae609":"bc4e20c56931c967ce8e3b8f5f1c392f":"b6b8294abf7da5703f864721f7904d3821f5568bf4b269e44edef4f1c95ddc172d83a06c0ad9f7f1fd2e292c17a876392bc5bb705d370b2f16ff721bef7648f423346fd3a4d762676e6fcf2d690553a47224af29afed0f452d263be90eb8150a13d720f1db6f1abc1c2ec18cfbf93b8ed3c5aa7cfc1dcb514d69f90409687a4d":"f3d65d70326e641fbe7fd945fe9cf66c74f17d0d1020ae8ac488f39b7285c99d8632bc2201960f3d77daccfecc04428abe0853aa8d82b90a93127c72b2d2af53f7f1bd0afb99d50f0b3b24e934ec98eddb278b2c65866442cebf10208c7ce1b7ecf764858480b2a269b106fa6d2428d5ad17612e53e62ccc7ad1184663aeb9a7":"0a86142a0af81c8df64ba689f4":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d88ad40b42ead744f1b7a36685658be1":"52c3158f5bd65a0a7ce1c5b57b9b295e":"dde2663335c40e5550ae192b843fa9fb4ef357b5c09d9f39dafda3296a4d14031817ee4dc1a201d677597d81e37050cd3dc86c25adbd551e947a080b6c47ec7be8a927ef7920bd1bb81f2c59801a2b9d745d33344cbe4838bcf2eb8dce53ab82c75c9bbab8e406597f6908aaa81fbbdef25aa69116c8f7a8cdc9958435aa32ac":"e99d2566fe6bcb2a04d167605db7c0f1e5567ff2d8d3292c15bbccc5d1e872bcb15a30b3bb8b1eb45e02fba15946e6bca310583a6740845a0f74f4ebfd5c59ced46875823e369e0447cc3e5d03dae530adf3c9846362c94e7f9d17207bf92d4d59981d8fd904eb8b96a0a23eb0f8d7e7a87e8e8892a2451524da6841ce575c27":"7643b3534eb5cb38331ed2e572":"":"6f87f6be2f4e7421aa26fe321045d1e23066a02158634bef35890581c92367d0bc232940de30974c70a66c60137a9f3924d12db1e5bc1b0e7131ea3620a25eb805b7d670263b82c8bbfcd6839305025390fc17d42d82daebe1b24f73ff9aa4617e3866785dded88f8b55ef89b2798ea2641a592a46428d9020f9bf853c194576":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c3ce86a212a30e724b4c624057db4e79":"9e03f0dd4cb2b3d830a6925e4400ed89":"92c48a39d93ea3308f55f6650d33fdf17a902076d582a94a82ac99496de9f62312292b844bbca5a683ef0f0710bbc1c7f89cbcca8f9c0299f154590d32059bd99fca5d78c450ede0d11d55075947caf2151218ce7a06c1e81985a7781a3444054170b457fd7ba816026310112abb47c8eddfd3ab7f679a0f60efc6c6dd3b759e":"3582ef7a9565c9a8e4496750ee5ca3e3a80df6238f7b7608e3394ec56d1360777921da039ede34abcedd01081babd496ba4de74a7de501181d6bb2022a6cc7f79d89a4c6a97676fb0f2b42f70e2d0bc1eaac364c3646df4f611c1d6b09737451b81b5a4da73c05fb58391c74e44498b80b26f1c29562d23c39b5d3f086b280cb":"3230fe94b6ccd63e605f87d0":"":"052347a4273cddba65b2a0b961477f07edee440a9117ab204359d2dd45ad2a6dad3b60ead891e7da6d79f3017ac90f95725a0089f04d25ce537bf53b7ea8e1ea58692d34c221db141e2a9fd7211adcee03ef8b5bf3c5d36311d20bb3d81f70f7e7272d0e2b6d12293b1a2c31b70f140a8f08d98c6231a3c429c3d0a10b2e1c1c":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a0155360b84420b5bf4fb410ea02f31e":"46f0386be7363887e7e357376305eab5":"611bc290f91798ad84f0a5ecb5a7cb8fa35e9ab6a5a51c9869a68a076e96f92c9c117595f92cbac5d33343fa2accd2541473907cbc54792c5e215ae857424c921b04ca4b81376bbedbfcc0e565c118f2aced08f247698eed5e2d202c48245161cabeac9fa195219f9799fa253e339561e13012167f1d02b4012b7791b7c863ba":"ecdb51522fc440f7471ea6a31f7c1ef1ec2153e5bcf6303297dbf8ddb3830b45ed9866157375ce4bdeb5e32fcbc6607984fccd7e6552628736608ab13072856d432ceccd3e90d1bb52ca9ada9cee90eb89ac10e887a1978fd0fb3d7bb20caaf35539e150be8044b725b8427c4c4a910f79980865d36344a8784bcc3d58460acb":"ac5addcc10cae6c1345520f1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"694f621f594d96b16c32254ff06f3f9c":"542db4e107485a3cd24c7ad337a4f1b5":"27b7bfa5eb34ba376e515e58ab8b6556c396820d0074a1fe3b984945dcf5251ca450456ccb4bb66ec739b03fdc5f72d24553e843255adc012d1f1c95aa3cdac5d12926465354217203052cbd4869a8b5be2e01d0fe66b5a6a8da0a2ce351557e2991ce77baa812b9c67b8e1c5a1fc348710e1a73a0fd49acfd538b7db6bef8b3":"e61476b8b7f101ca6005f25af2b9bee795d62720bbbf59357057ca7cd473e00f0d465255fce8d6164657603323549fb4e3d33fa51054b1a70cc7e492916dea85453e9107fe781bfeb4a622c5b2306a8dddef99386dc50745003aa7220cd7f32fb0a060fa7682576769a48f9169c7d11fe0a8a61b95f5d6dfcf216f7d0c652a84":"0bdef4d771a1740381e7db97":"":"8b27a338fd2153d304f04655e09bd9bdf4468890ecce1e3b51de2c9a25a8d9336a9acd753ce270b1fe8d50196feac68145e0fd59c9cb3aa7c1e8af03494bc4279c6e287c849f3c775ada584ae173100946ae6921ef7c96bbc6f216093548702cf1867bb1bf1f4c9e90a34230a2b2aeb584622dd615023a43a406e64428bd9170":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"78826a5215a1d5e1b39cad5a06861f8f":"feb9d740fd1e221e328b5ef5ed19eff5":"ca9411b368d8295210d7a04da05a351d287f2f67d978ef1bb936de9f8065473f6fa11495da2eab13a1002231c86411d5409bbc718e2042ee99e013b1df1ef786e9fc1f2d43293c854128184efb9317c4ef82a002eac8b28fcd91d8a714a3aa25fc3c0ae4af9f4bcf5ad19a30cd8ec4b1785df70aa92074da419abe433dd4c435":"0fe2c798d7015d3e2f8725648d95729c45d357dc0c89fc63b9df5a68d3e65419540f663e9190793a29c58c495d5c6a731782acf119e2df8a96fb180ad772c301d098dbc5e3560ac45b6631a01cef7eed6db51f223775d601d2e11b9baa55e2f0651344777e5a03f6738a2013626a891b5f134f07b16598b8cbe3aeaefa1c2a26":"a724bbb295a02883":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d450f5253251121606e56687952bf2f1":"fe7ff90b020fc77d7fcd90bc583850ac":"a3bca9ff25a60006eb18f993dcdc99681e414e27605264dfd25652195d7fe1489550afd07fc7346b88d93b59eb6642913646e93bf50ee1db5dd30106cf181124d8ad01c72ed99038c9798620abdf5c78c419b08c97f982b34d9e9105d9aa4538afcd37f62e2412f14f7a248fcd60abaf2b66cd4554767f99030f1a495d56a5ae":"479b4f421bd8ac7f615c4a507da187cb5d4b1f1e2c6113d1f9678c1ba92dc5e17c5b525d7f3208733223eb82af0820b8476e9b08ca714ce044417b24d2238720cb8ffdc69db558cbaff52e3651b400e16c9d5ac8ed8949a19c35516f80394a04bd1cfdced7b204f779d792086e00b2ebca2f55a1140e85f5ee9ac7cfc5a31747":"6446398aff73ed23":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90a59f6b0abf932311f0b65623c17740":"20778bea82a6717038e7064f48a31981":"4022d04f1454a72d2efe57533bd32757595220b20f3a37d166cec0412fb1eb2588f939ecd906c805f4827338669888e9f730905001eb1b136b95e306edf70d9ba1e5cd0aa13a25a1f28ab55cff36f9cd7036c735e3b285d26002ad2ed1074b566e252ea3ec8a9ce10882375dc3f1d9676e301dcb179eaae991120b796cc35648":"be5a948a771a8df12adaf74d702f064a75f6483c03203365fbde7d184844fe6dee0b84cf344be05b1d163817ba1516fcb87b9167ed81f884ada73b0058e2b38cba515bbbe462f4c21f8de1d41bca2cf4340aa659f9f07886c2bb620d9c3295318c07fa3c17fe8242409359c08bcb337e5cf268880839b6a20f4ee4b3f04e7024":"dc77c1d7e0902d48":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6be4ef629f0b38194c74f7b66418922d":"fb77a4b9b246271abfc656433f87628c":"e5d5227725a19a3050fbf2a97a6e854bc1218b94a4a3403b721ace3447daff68fff5553a26edd41219e68fb61fb9e964d0a3c29796251ae4eb942187cdc55d13a09dfb487e93d9e2072d7271456a77c6ccb81154443eea176314d6e3a08619b52cd880f1c28ae5214ac0090a3855dbd74f87389fe8afebd464330fb683dff81a":"b67ea20a320f4ec0e4185c62a4ad79a3c97a8189a5e4d1deff9d3edff0f9a9323532853c1a2a2c1e62e4d1afebfcdf1d8461921ea601750380e63b912d8b7389198f976851d88a19f1aa32c97143668ad00838d98da1c4f2be0e6e2dc964d170d7f7ad2e2997982e5ca110e744b6e10c24ca18eadff6b129b1f290c8a7e0a593":"3d8fc6fb":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c50e37244931e8debc12b3d561c83ba2":"6c0b1fd7ab424a6883c36457d1b5521f":"516dc25f6452ae169ce293c5cee440de47353ca5ba770dca0f04175950e87a2d4c3f84fbc6eeacaac436853492929680066f959e74de4b736ab924d8367b90aaa6e9492561ad4b5aa78b6737d562e960edc3b983e2e01a186e9f22896f48d8dfcfb6a42cfe2c6006c687a27772820a1e8875bdf09e8104248ce4db883376bc04":"b9abf0796f2d2f774735546cf809030f65ed0c7f6bd469ef2fe0ef32aa0225b57fbce07c36017bbc1806a81ff1a429278160a07643f864485b4e0e35d57553dc1a131e32aa10f1f91d663b10f0a418f472ed7b4bca54fd7ffdbb22c4d7764d94a7ffd04730614459431eb64335b9b65363de292c04275d40a7b968c0f5c486e9":"7d4393f0":"":"962509e494f10269b70ebad02b0cd799d1d41191a734863ef502aff3d3ba48dc2acf9da9a3fc3f40be4d210dc5e128bc00499aec57aa0a4669863165428687b88d46fad41e36af8ea6605586eaa5c0736d0d53b9d523e0cb5a0b285048e060a73cbf4b587d2cd787debdb2b4c8cda731a61a15b19fe8b561fbdd3a7373853ae1":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"8531ddb03977383405baf2ee9ca7d64b":"baf623867d6a25fd85d1f08e599c0566":"18f92cdd37dcd7f99b06838f3f68748aba367baabaebd0da9ee787d70e752fa07dea553a43b643b8d8f460175c0746675205e20a7a98acfcac864d7c4cf5ab4c41c031738c76882acda003c5af47b1c4df8894a827a317935d970d4afaee17715c9cfd1883e8c345f19d1f89e229b8edba6b4f53b86d8da1c0f159afb83b6b33":"d90c9e26509bdba9b1dea8d2b94f2b1881d22c2bd756ad23cd61944710a1c1f2807170ed47a6870ae654e44757fcb3822ef28b37946cafc07284f8a0c22ae3552954f0d87b8d8c825bd546935b494cacb4262d9e2a88f254f200ad31367d8b3715afbabea5f34214ffedb14d7c84806022aba2dc8f88a314ffbb24017d1a9b9f":"2fc9de46":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"862dd5b362cfa556ca37e73cff7f4a0e":"81530a243655a60d22d9ab40d2520447":"":"":"3b9b2af54e610ed0b3dda96961dd8783":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3452b7bc100c334292e08343f139b9d0":"8f92739a30fe4ba24079f5d42753d6ac":"":"":"0eeca69f8b95e1a902cc3ab1aaa8e2af":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"31a0cbaf21b943f8badc939e94eac7eb":"d5bb2c4eaec47088230972ae34fcda9c":"":"":"580e728512c8e44fbb3fe2c498e05323":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9e8fca537746e7cbff97f1dcd40a3392":"43e9f2bf186b2af8cc022e7c7412d641":"":"":"4465a3f9d9751789bcef5c7c58cbc5":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"35b5854ca83792ad691dbda1a66790fb":"cff61cf9b32ea30cf7e3692aa6e74bed":"":"":"726793199df533dd9055b0ac7c939d":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"07259267c1c6a015437a5d8cfa92f9e6":"18b9cf2ad7ace6ec1c8366b72878cf20":"":"":"4340f6263f0ba2d82c2eb79cb0cc7e":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fa1df8955aa3ef191900b06e7c1b7d46":"6928c138c98a4350c318fbdccd3f44ba":"":"":"7c89d9e77515d271b6ed54c9c4e3":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c04200ce41ce77d772babb206315ec7d":"a885d58f0f38f9ff26d906fa1bfb12f4":"":"":"9ee0d025421f2bf18caf563953fb":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"650df049461be341c3099bd1613dcead":"8a4ff6327b49d297248ce2d5bd38afa8":"":"":"13f067ef0d7b448d56e70d282fed":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ee61b5bf5060fcc637dc833926898508":"b2dcf21f9ffa4a883044d29f087f9b85":"":"":"9ab1d66666d4dea3cbb5982238":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"01cc56ca7e64db7fbef66236a5c49493":"8ea5b63004189792cc040ef18b37e550":"":"":"d685aeb54aa129a21bed17766e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"134dd72ac8e28ab46720c2f42284a303":"c6368e4c0ba0ec90fa7488af9997a4c7":"":"":"4ad9cdf19ff7d7fd7e273efced":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"180c04b2bde6901edcda66085f73ecd9":"9193b206beade4cb036f01a9db187cb8":"":"":"530f5e9ed0879ccef3a7b360":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"aaac85742a55ffa07e98106d6d6b1004":"630cd8ab849253c4da95ac80324ecc28":"":"":"37911820c810e3700c3a9321":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"ab663c4f8f2fdc7d5eabf6ef26169b4e":"86e6100669929e329a1d258cd3552dc9":"":"":"958d6141f7fb2b2dc7d851a6":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0dd756d49fd25380c4026ea03cafc2da":"6a6f7e39b0d730ea1670e13d16c12c28":"":"":"872ef05a28da5ea1":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"bd8a834b288bdc7578b6c6ab36f5d068":"aa77de0af5fa4dd1ed2ada5cb94813a0":"":"":"c5c094e83755f2b6":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"020d280dbd06939bbb5e6edc6f6d39c6":"09aea6f0e57598452719d6f63b6fe5a0":"":"":"05d6c56ba601e85b":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e47f41a27a2722df293c1431badc0f90":"227c036fca03171a890806b9fa0c250d":"":"":"86c22189":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9d3e112114b94e26e93d3855d4be26bd":"99b98525160c4bb2029da5553ff82b59":"":"":"33bee715":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5b4b7688588125349fbb66004a30d5d4":"b4ae363edb529d8b927c051cf21a2d9d":"":"":"6a920617":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c4b6c5b8e21c32f36b0ae4ef3b75d5cd":"3d1036bf0000e6f1b77a799f2ef32dec":"1cf2b6cbe86a87b4b5bb3cc50024aeb27c48143658d47b41f2f20b87ed67bd6fc3b85a3a803f66d3576608f5d6ce6cad11e02fe12de5390722dccb8242e1dd140051bef51aa9716c860d45d45bca6effbb1a4797e6e7406a04db5d823766c0f011ebc28e9a8cd4446ec8a75ea8bdc1b2fdbb5cc364fa9877886e30404593df34":"":"a49725014c214ef7cc2d28b9b2b53da7":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"":"c53d01e53ee4a6ea106ea4a66538265e":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0c88b191ce6e8e4a3941f7960b7eae5":"e2a899961c332c815685c553351fa519":"308bf10570af48d632911f3641dea60d78046211c01a63bb8e4e5cbddfff8841d2f2b11e18ccb2170805ef4cacf7804d64e0feef40731a1704907f33b77788c18ccf35b224ec3046a67664ac9a3481d2385b6ddeec6da4f32423f94ea9663a5c51cc388cef33744a8159b4fb654dfdb5092718bf926c824be31197f07f276b5f":"":"92604d37407aff33f8b677326cbb94fc":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c818dfa0885a09f65ef78712f5ce6609":"ca279284723530fdd68ae880e0ce775c":"2a562abdbb483ca5f355f9cc1c5e607bdd624a078a76b717ce0f8f35d0d4c54b629f372f15d20c848d01420c6af5a7040d42063704a17b46259dcc53723caf2d4bf556143ff9117c752fa4f22c9c155c99b7bf5949d089cdafd562165b9cbf53ff51cec21f49128c8a599718bbcdb4a5d705d20509c44c8945e2a133164b9942":"":"20e9a3a98d71d460743e1efaab13c6":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"2354c6b6afaa883e7ce91faca4981f8b":"604f2730c756c8c39a0527093bc2feb5":"959b4b0b9ce2e9120b327d2d090117553999ee10bdd384a546fc6de0957ef4b447daf07b3d07ef7dbc811f36b0fc09a175d26e4d1263cb5e21eda5ecab85d763807bb20b3cb6ac3f31d548dff00aae058d434ebcf6f7e3a37f11324134f453dd0ea7f51094863486426ff1706129a5a93c53d8c5ccb56cafa5881981fe233cb0":"":"3588c9aa769897dfa328549fbbd10a":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"b0af48e6aebbb6ff5b7c92bd140b085f":"d210d6502a5221ac1274a9c7f5a81725":"d725311ca10eb4b4aa24e6dd19c5e72dc34fc1ff53feb25d924a9b7d8d72205790ca4b1275bd93ad60c27a5587a45659bca07c111e9748fb683a03465153ffd735b7d134b479674ab8596f0596496fe2090f623fd1e4dd730c5283d8b172db8a25df42d9b34f388ed32676a56b8ba03347e47379702654508ccd0a21ff03516e":"":"e6222f068a1e18f09ba6c771eabd86":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"a05fe482fe164b2eca7f6c3e377b39d8":"145327bcc10335fccb93afbf4b17e6e7":"ea6f2e93b5e1bf127d40440b8d6397405246b1b48eebe16964f18928f6b4b8ee2c36322d7126905c1a5b816996e340404b586edc2d77afac11a6c1266511f9eff1a320b035442d4078f8e42ca63cf26d12a971a7adf4645d1bd9a8e4d0a20722f7c2d529beaecc4033f7738075e1cdc6d8a929da5582540678935b82e7b7ba68":"":"3900bde9fa9ae2cbeee54d04f224":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dacbadf819eb16a63f6f091d13ed04d4":"b9ebce724b0dcb0989ac2d8e7ff8aaec":"7dc6e2189d8a96f3507e352e05e8fd1b4bab988c2f1c706115887119f63b78084f015d85f6b460901a02880103e4d36e8f6527dfd74e4a3acd3f578c0cc726b528875f701ff8b66e5c11b4689c346a098e123bebfa253362cb86829be73c2b85a6881fa976aa730fabb76775027feec7fd920a6c8965a4a509ea812d7c413a95":"":"8988fca83c8cfb1f8feefac46f04":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"969244c7444f3f3bf193b28f8e8e96dc":"49b2845a1a1c87fa66eb8f78c05ac029":"1414a07e86d8b61d1eff43e1ff4ab42c1c95e159058b74c731e3007d21a5eb78bc17b7e920363a3974aeb8608813dc9a4655199b6703ed337450702d8ab16a89776831b2c7c811fec3acc23598a0aa01680a7bf42a4e258145beb08c9f0eacf2bb5f56d26bea3ad11e1a956a630b80f3d22bf35592b4704f7c464b08b06dd7f8":"":"a291c7527385f037f62e60fd8a96":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"525abe490c8434802b69439c590a5290":"141f79f0501316e66451c41c7af0f0cd":"be440db66d3f81be467605a7b2805ec1df5e71e1b1b04bd7a4d05e912f5aa1912ba08de72df18613b32b7edf78963c48c80c25178b3b19262b85bb829f5377e0b368b500d6d3b442f54172d4ca4500eb5b4d478b602e5dc11d090539455087ce1e5b9ea74355fc06e9b60cbf25a9804d3f8c623fff130abc48bc2d8d116b8366":"":"038c7e95f790e6ca5ce73f9551":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"51644e025659de983f5c8156516b812e":"614837c743d0974e9cca497f13038c02":"60c5d062ade2c5c2dec68b734dd3e58ec474a586d1c4797fdfa2337800510134cb27a10d501927632af3c1febc275010c0d2e5abee630cd2bc792963fa82a42286ab047b934a261927311b40f5f953bfd661427921147cac7613d95ee86e16326ef67c1ed097e8fb87a78753d785de34e03a182232786079cb6be00182e41c9e":"":"77e3deba2c7f9386f85bc4a801":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"08566ca7310302dfb84d76ea0525ba20":"5f20ec9c35c08aa7f1c0e8a20fdbd2b3":"5d84e32768b8d1e7e3c426b3118d48e35491bf1bb454b359c8429220216efd8826be94fe1919409a128ccd8125a594f1691c9421fc3dbbb3f757bf2355bb0d074ceec165eb70e26eb53fa2cb5d84dfae06babb557805ef7b8c61c1bc76137571bcc5e84bf5987dc49013831d78bd497ccc49cde7dca2cb75e7ab967da8c6ce81":"":"873f037fc05252a44dc76f8155":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dfb54db96383fa911bf5b4fa1218ef9a":"7e849e24983f63f1194b396bbd2d55e0":"d3fb689c5818810dd104693f3306a10b27178444af26798a194f7c2ab31ff3a172904b951942b1a26c8ae5b5b1ee2d86dc78bb72a335fde350766d7d9aef6f549871dd46b04b2cc319fcdd47be437d431ad18cab82d51ca9fa57f4108a8de622a92f87d28c0349fab27757fd773413f559a8c00d30e258c1f6cd96f9759bd957":"":"dada7fc7fed58db462854ef6":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"389cf888474e9403e5f4d0e22ffec439":"ef57794cf6fac9f9cea3e8499b53b1d6":"7ea7f7f4763ad208eb6199285b6b2819756c4e3caf2d0ac6f5076ae6785fecdcc4b138a51860ff8b87aaac3a18c2df778a4818308d458dba28f5017513e1454f60be20dae68736ea6d48b1f9deadb517df63140acbd329fbfbc9b82f3ca1862c9e998f0faff1d3ae60b005bf66829f5cf0c5fa03efbdd92d39351e3954be0257":"":"92726d90ad26130e65f2beb4":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e55abb2ca36c822bf2a030ac703cb8b4":"d86f7177e8ec90f9e9edf10175d5012d":"777a9d93091de56324c10712243f5541722e0b27e1f303fef6faa387a8666161ab354dbea6c43c82a24e8623bfec39aab13164add6be0dfd55d23204c0975b4ba6fbda51363befde482a9ccc1eb9f151e6ad59c77a1e24dd268389e4686f198a936dd603044a3fb653d63cff80597f5a2913c8a2ec1b7d9dce5728dd56c78c2c":"":"65025250343ed8c09b3fceed":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"586114f3b1dc087e1b2739b28c592dfe":"ae5a38ddd455505284434a4bcfe81ef2":"531ff8c285e532d961f49bd210a5523cd9b19a697a3a3fb26db940a496f253862405b1e825daeda7eb0445c98022b8342c8f8ea20301618483f8ab04b6ebccd7e7fc57878fb544a5bf78fa896f50ac30126ff8afca8a86388666b64c643d16812729bfd7e5c03ba52f7e6ea4c6a685404f7bcbd956964417fa0ea9a6d7290c41":"":"467a815610faeb82":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cbfe806bddb7f06b3826b097550c68f5":"04c1b6c9fd2ab76fc2adfe15d3421bbb":"cfa86d02599652cb4ffff027b9c6ef2336dc9fe946f64fa5ce83f624e144563d4738381bc5371c3cb55cf41ceda07e62cb635ff37246bfa428785229c6e869d5df69d7949a8577889a29e3d05b788ddd43608d9c14e3f1b51ce2085b9a976fe843e3396a74922babe6797d5f01c37ead623b5b582505bcd29edf8a6ea36b0fc7":"":"0697ac372a9acafd":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"96ce3a095a91effdd91d616f1f02ddcd":"579d6633ec6687afa24ef874899b58e0":"3ff3c0038148ed391b6a10aad623a82fe9209c5ba74482f11506d597b5fc7af977235d8ee9e28cf2160346ddd0e33a5bd1fb67b87dad7167fdd4b2b4000d8460ef7b3e1b59b9d61d06cfbe7945379ed6b650de86f396a38cc70d47b8a349f067d00144c903c276b323be6a929a7d7dd8ae7d254d640cdc1176f98e01a1d8c82f":"":"55a0f61032e048f3":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"24ece168c2971cf2b404ea206dc9e29d":"e9db62a42491664a6c46cbb0b2bafc92":"3579f6c0cb3d2a5d0c4548855c7c052d36b6a8dfc60f4ca1b4bbe28ed87306119e71982dd84c4205ceba918d675472753df1b5192d3693dbf6a061c6056e312135ffc5ff426895a7e30f7f675d2cb21de06eea5e3761b94deef7537b985d324864c9ff6ab6e230a1006720f98c958912b604a6d03e3979887c07be3ceaafc78f":"":"d2b15a23":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d3c3cf993f6740a019e61ce13c29955c":"af900ac348082ff32d2e0ab886079516":"2ddd0e8c99661f0757f04aa79a1ffa24ad48fbe5da68b9e71f7a0cf1b4f2ca9b757695900b7549d48847ae49950dc9b270b1569d29dcbef412216737bd83509c17ae41c34ccda318939cb37a0a380762993a7568c0b07794e78746173dd5c0d921cd50de4b548c1589e142c3dadbad42161aaeda2310f3c6d5c722d9ac69e96d":"":"f2d3a6ff":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,0,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"5f1e5bd45ee8bb207ebbd730510ff218":"8846424a194f5de858556e6be5b65d7f":"e968947fc0e49136e730b97f6b16e393d5e4fdf3e4803a23af79211ef59f29167c60ead72fd489da32d2ffa43b2bca2074f9d1b4f5396ca65004b0806cb7c6dfa751fb6afbee3e443f3c9b0e3df6722e0d1320441400c5ca508afb657c2b7f1669b0de21761dccab9a40fc513768bd1f552692626ce35078a2e0e12f5d930647":"":"0d6c15da":"":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3997050377cfbb802cc438d973661688":"c95c84c263bdfd5f1de66e7e616cf3fb":"":"b02f0dd373e42c65e8e1db2dd76a432e0b2bf6e630c8aaf0d48af51b3709b175de9a19b3245ae75818274c771c06fae225c4f8b002236712336e805ab006449eb29cc5e29abd82b06c32d4c36ee99acb9a6d7d9eae6ec6ec263c002a22c4a898c74f6abd6d92112367ca7ffe82787c5b39e7012ba22825d3612af3d41e8008a8":"b35b3cf6ed59ccb69dbc9b47a3f284ae":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0bc2bde877e881aea512068105694968":"05f0c34ab2e8e8026b0a23719344b71f":"":"1a6369a45e8ef2846c42d54f92d0d140a94f9633432782dcbf094f1444a1d006acd07ef6076cd0faee226f9ff14adc1fb23e3c63ed818c9a743efbe16624981663e5a64f03f411dcd326e0c259bcadca3b3dd7660ed985c1b77f13a3b232a5934f8b54e46f8368c6e6eb75f933196fa973e7413e4b1442b9dee5e265b44255ed":"46bab9fc2dbe87b8f6ca0ed4d73e5368":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e14f45ba5d1eb52e0412240da5d7b5f9":"d7f8ef12f66f8b7c60aea02ef6ff688f":"":"9a85fda19ce923f093a0c25b0c52f5d9534828af7c7687d22307004ae2d10c4592242c0f2704070307ab55b137780d1e2013a19396ab43ff6a295b63fdcf323456d149758f9a2bb37f1418d62ea6368b24d5067b9c63d2968e06d6586c7e3275faffa005f7c7bfef51303e4c2b2ed4564acd17d50efac9f5e3e7f16ce589c39b":"beede05e4928c808bc660f3de95634":"":"4ad5b9ace0c0c7c07df2900faf37a902899471e7aa4a0a1ad5387f8f56d73f78f619be79a4e253f95b15d52895a05bae9ecffa916d35efacd8baf1c704d2aa4a38c234efc4dcfb191ec0fa0b522328fa5b5dff55e8c443fee660ebe3d8ad85de157a889aefc823720030a4cd6ba94a6309dd61806f0abb27772432018bc61701":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"9a64579f3601b0022d357b601cd876ab":"515efc6d036f95db7df56b1bbec0aff2":"":"88be1f4bc8c81b8a9d7abc073cb2751e209ab6b912c15dc094002f95a57a660b9f08b1b34f5947223205b579e704d70a9ecb54520ce3491e52965be643f729516f5cb018beeedc68a7d66c0d40a3f392ec7729c566ce1e9f964c4c0bd61b291ccb96e3d1fac18a401a302f3775697c71edb8ff5a8275a815eba9dd3b912e3759":"13ea92ba35fced366d1e47c97ca5c9":"":"7fc8565760c168d640f24896c69758355b17310dbc359f38b73fc7b57fe3f4b6ecad3f298be931c96a639df3c5744f7e932b32d222f5534efb8eb5d5b98d218dce3efef5c8c7ce65738bf63412d0a8ed209071218a6fa2f7be79b38d0b2f5b571ec73f1a91721bd409b1722b313683e97d53df19ded95fd471124fa5f294a4bb":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1bda4acfd10ab635f357935bb0ab7020":"48b77c587616ffaa449533a91230b449":"":"c9ac8d4ef7d83848fdc03664957c28b9b76710797d5db1c21e713e85eb0898892223e52be1644fc7362c95026ebb9c9ca74d7d3739eff10cab1eda00c36628dae0b98d119a14635800e37cd340faa6fbba9c3d41d52722cc3969612b1a8c5ca9a68773f5ee654506cb88ea65fb1eddf5ab6312d0170dc03324e483342448b854":"8325e4394c91719691145e68e56439":"":"1287ad3719508a9be70c19e3b134a2eaa4415d736c55922e9abcfd7f621ea07ffb9b78d8a9668c74bbd548b5e6519ea12609d2d6197c8bd3da9c13c46628f218e7ff81884ff7eb34664ab00f86e09cd623bec248d8898ef054fce8f718a0e0978e8b5d037709c524114ec37809ac3fd1604e223e08f594e7aa12097f7dc1850b":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d21cf24bc5bd176b4b0fd4c8477bb70d":"208cb9dced20b18edddb91596e902124":"":"2e7108fd25c88b799263791940594ec80b26ccd53455c837b2e6cf4e27fcf9707af3f0fe311355e1b03ac3b5ee0af09fb6fb9f0311f8545d40a658119e6a87ba8ba72cc5fdb1386bc455c8fec51a7c0fec957bed4d6441180741197962d51b17c393b57553e53602f2a343a0871ea2dc4b1506663b2768ce271b89c4ed99eec6":"7edfb9daf8ca2babcc02537463e9":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d02e2b02170986944487cba8448f998":"6336077bb83eff1c9ea715de99b372cd":"":"bc1d7553f4a28754cf59ed6f7a901901f04ce62a449db2b45ad60329d0341bb9ba421c783c28a9200b41da8ab6328d826293134a7d0c9a5775dd2735e7767efda4ad183566e0847d6d978abd1a8ab13b16b8323acef05ced3b571631e1e24ad44d65e6ffa64e03c9970e94bacb9f721aba06cda6a08806a3be63dddd8029301d":"0466bb2957281f64b59eafed3509":"":"5f395958f2f7acafb1bca6d3a6ec48b717f2ceeac1b77e1b0edc09a09e4a299d2ec722cc7daf34c8f4121a93c80b2adb20a2fc95afd09320f91085c93c8b082dd703814c9777501d23bf9b328f07f04652592dc5a3f4321626a695b8db8e65c8617c809eb2978d8c9a882ffa82a4bb707c1a8f9a965bdacce5c041bafc94a1c6":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"cd1ad1de0521d41645d13c97a18f4a20":"413873a0b063ad039da5513896233286":"":"588c2617517329f3e1e7ba6206a183dc9232e6a4fa8c8b89532d46235af1e542acaa7eae4d034f139b00449076ba2ef9a692cae422998878dabdac60993dce9880d280bec1419803ba937366e5285c4a7f31a5f232f8d3ef73efe7267b3ef82a02f97d320ebc9db6219fbdf1c7f611e8e5164e9ecf25b32f9c07dfa12aa705af":"d4dbe9cae116553b0cbe1984d176":"":"bd519b7e6921e6026784cd7b836c89bc1fa98e4013b41d2bf091ef0d602e44a70df89816c068d37f0c6377af46c8bfa73ec0d5bc0b61966f23e55a15a83cea49f37cc02213b4996f9353ee2b73a798b626e524b9c15937ecf98a4eded83fb62e6deea1de31e0a7f1d210f6d964bc3e69b269da834720fd33487874489b8932a8":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1cb120e9cd718b5119b4a58af0644eff":"5a7087989bfe2f6eddcb56fde4d72529":"":"4c8e8fb8c87ff6b994ae71bfbf0fa4529f03bad86edf9d27cf899ea93a32972640697e00546136c1dbc7e63662200951b6479c58ae26b1bd8c3b4f507c0d945d615183196868ec4f4865d1d00bb919a00184e9663f6cb9a7a0ddfc73ee2901f7a56ef2074d554f48cef254be558fca35651be405f91c39e0367762b4715d05fa":"95d8bd12af8a5ab677309df0fb":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"315b206778c28ed0bfdd6e66088a5c39":"7ec6f47ec56dda5b52bbdaa6ad2eb6da":"":"6186f57a85b65f54efbf9974a193012b1396fc0ca887227e1865f1c915ac2af9bbd55969f7de57ce9fb87604cf11c7bc822b542f745be8a101877a810ed72bf4544d0acb91f0f9d3c30b6a18c48b82557433d0db930e03bcecc6fb53530bfd99ee89f9e154aa1a3e2a2c2a7a9e08c9aed1deab7fae8ea5a31158b50bca2f5e79":"930750c53effc7b84aa10b2276":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"e886de1c907c97e7db8ec80a79df90f8":"612cacbf33266353d0a29a24532f3c0c":"":"c64cc9596d7c738746ab800f688eec190a4c802c55b2528931d74d294496892b81f53d3073d48f9bef1d58ce3be26547474cdda2868abeab71aff566fff613b4e5bfed1be1d2fff35d8ffa33302d3da1c82e421aa3a23848f31e26d90c0cb2ac2ae136ada73404ed3e0e1d3e7cb355a11cd2a4f9393b4d5eac988104fe1cf959":"76634e58d8f3a48f15875ac1d6":"":"7001d7395efb432e2804cc65c0ba5d4719ce84177ce46292c4fd62a5596bd2bab1d5c44217ac43235bd94489c43d01618a11f047d2e247062c3b88d6e59adaa1f46514fb33b7843483920bee60a41f3cb312322c305d25251b4704fb66da58637c95a9d539731434f60ef44fe3cd6d37e2c8e7089880a563938dcc98b43f08fd":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3b936e09a6477f3bd52030a29df5001d":"f93105be83fa5e315d73acfdcf578de7":"":"65cf11d1afad19b34f282f98f140315992392f5d4eed4265085b29e1e5553f4783fec681ba2d368486ba6a54c00e71c82c08ca3d097904f021ce4b0acba2d2a7005e28e5f8750ea3d18a4f78363c37583e85104234498942c639a0564b0d80055c21cb7735dd44348298291ab602f345b1d74d624750c0177fbd5cca6f99223b":"91b55bb5e3f3f1abcf335db5":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"dc9e2095de7b1b48481b56bf6a3604cd":"9e5268db19a1b51c0496a160ca76f8f7":"":"ed61ff94a3f84c72147faefa615e2df00324fb01790cf9764c72c1b8ba47f17866a1fd64ee5c2f53865d1bc24ec93165a6774466a59603199ee476c1f2da7d932c8943d126aa172d532d8475a484d42bb45fcf92766feafd7f3e2e3d42d22f6f84a90e7e688232f799d80cd2cc152ddd21ecfb137701ecafcb2b65abe2e4e6f4":"0fa9588536fca71bb44260f7":"":"ef562e301fcf923ff1a1acd3aff9b1c963058228655fe8a66cab01396547dbd2aa1f79a22eefc62944b86d1a31ebe2d17130175b8c003d6755b0eb8b79895b0f7f8046c5ae888a067ba17bc8e11a8f6e5023a9cd42f6461966c28e505b371c0f72a2606bff430a58016e99713d25ce11f10391fb4a922e27989422c6a64f9107":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3f93901fd7cc88db3ba76a158d658c7b":"7e98de461e6d96c0ce6c8d8b3854cf49":"":"16402fded879fcbfe9405902aa63ca2a520889e0045f687455469b7bb867829a01208b8dc5dcc852d8ee478993c30e6d9ec6408773b367821310a0ae171d38d71e06981ff6e845acffbc794142b87c748e12484c0636419d79be3d798cde59e9dae0a4a4a4346596427e6b235ad52e6a1b02d6f4df0c7de35fc390cae36aef14":"86c9a70e4bab304ae46e6542":"":"1b4c09569b42c469b3ab6b39312c214502ec09f5fe2fed1d1933d13cdc6a7b77a5d135123fa69d9207d6844b0357b26b7a2f53b33a5cd218dacda87b78b09cf259e48e74076812c432e2d0833fb269721f9347c96e158500f9b2283342a35c8de0a022edce711118d72d8fbaa354bfb0ffee465844ef2d37e24ec2cea8556648":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"42289f3d3cd5838e250ef54b128e60d1":"e557389a216ad724aafdab0180e1892e":"":"3edae1d554b67d2036f5fdbdb2945cc112f100adc1b47009c2e23f6a2eaee78d1f39ce8a98f715853cc29fc793fb6981ec3036834188dea7d668185ccc8642071b15de1332f6a59c8a9b4399733eb4b3d8f224af57ba6b4a8e64494bb6630b9d28e7ec3349064350febcef6a3ad1d6cca1b1da74f3d2921c2b28a2dd399c3416":"6f78bc809f31393e":"":"25c476659cc7b343a69088baf868a811ba37daca85c4093105bf98235a90aeca015ab034da008af0982f9b2e80df804c186a9b2e97f74cffd70ebb7771d874fcaf12f6d01c44a8b0ec2898cf4493cf09a16a88a65cd77909bbf0430c9603869bd5f20d56cb51d8a3f0a032fc30d925c96599d296b1ec41c2912bda426adea4fb":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3d772eabb7f19475665ca2a7e693bcfc":"0747cbb486a013453fde1ca6abb11dbe":"":"e9fc4d86f5b857fa6057b73f967351e06f87288c40a95b9e378c84f1a4c0f4b80ed0a0b44ff90a8973be4199c0c4006fc4f5ea19d5f1fe8b9c8c01f4675ab85afab0592bb3daba36bb4fc7ed9eea867e9d8cc50c19fb62a5a57956e9efacebac5e9f849649d35a329bd68de97bb6e5ff7bef477a86765c2c9ec15e24cbba5c6e":"8e761ffaea68f967":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"fb7fd753ee6eaaf283a42a121dab4e43":"8164929fb54485377ecccc9b9621af5e":"":"fd5cecb2c0287cb8229e97d9cc4b9885f428710528884ce663ed1728cd44cb2df93e56ef17ace0678d1e341366c652f4ba7ee45797d39be4a05c1151e5cde499e13e5d45549b5d95a174d03616d06ef96e9d7b2b6bb0d79a726b253dd64223a5f09611671b234ccf9b383952f8888814b2c167e774cfbf54e9c6b99a753f4fa9":"40a2fa7f4370afb2":"":"6208d068be60f7b04b80fc611062e6caaef9a5cf59f850d174b7446c78c039ea9aefe4885e19c2b33911d32ce1fe3c48ddffa4b03e450fd35da03f40c4e7c5bb3b1c3f3049dbfad3ac81ca1b79cafbaa172f4900e3829d38edea3b64000f93924a801259bc4b2523445c64bc23bfee190b952468507fa4baf6dc2bec66fcf0d8":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"30d757fd73a0fd5fa49159ad0653296d":"b35b8df0aebd0608517f2830e0e70cd0":"":"17d485b258f80d8924e35291118cfdcffd86c47851b65f0b06a7c1f5202de82f3f460fc61b1aa38fdba7c8ded375c92cf005afe63e59d362c0960044af39241b81ca24e85c5faa43903229355b7313fee21b992ef3931d9d2407b32b3cf72dd7acbc7948395eb513cb2fd428b215ba2bd1e29c62f45d0ce231884f62480c6d8f":"954c0e99":"":"022618d2598f79104e918a09c937a82b3db59243b5e13de731fcb912e4366105797ce47f6dce7f08073f2f41e5c15fd6b1ec4b5861469a4880c3b0bd769b78c696ff29c28c9349d5a46a6e5ad9211bd4b708a8c0b6928ebbb0dac1c0a5f5ce6b05de6a50073128566a23f09cc1b826aa5803f9f750aa4debf59f24ae9f98c9b5":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d9d3cfd5900de5d5e2109e7721cfeef6":"b4b9dfb013de6f7c44779e5a9daaf5e5":"":"e4243cc37cc32dfcedf9bb76890e706af6ab1e06b290b8ccfe2a55e5dabe68cb390f7636dc9676b431d4dc8ad3f6d989e510194294ab7ab0556789046743cf374d8b6462f5f95a17f3f44337d6c69ee47b0e1ad7e5ce6f9b224c54099a104e70d2d06af869b921ea47febe08f90c591ed49c1f12003afceabd2c7bba458a0111":"2b81e8ce":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"68dc138f19354d73eaa1cf0e79231d74":"e7147749560f491420a2d893c075bb76":"":"ce345567a76bc30d8b4fd2239788221cfa75e1a310aeeeb8c355f8eea57d80967f3047fbd4e6173fac5caeb22151fa607065953c4c35e0537b9e3788cc80de9eedf2a340698bde99a6a1bdc81265319da3e52f7a53883b7f21749237fcfd3cd4f149bb2be7a4ddd9ef0544cfe0789040d1dc951b6447304942f03ab0beae8866":"70a83f6f":"":"64b021612c78b3e192e8349d48b77d02927e7fd70c7160d37cb8ef472f6bcd9df9d93431627c1c80875e208724ae05f94fdd2e005e9707b78a1bf3bbca7beec4b03ddd4d9de6235ffd6d84a8b9a1842e104c1e22df4566f6c4d3d4e3d96a56b9b8a5cdce9da70aa236109b289266036f285564060b204dfd7ac915eea0dd0b1e":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"7362c86344e0aefb0cf0d04768f9c05d":"7e8d12c2f0dcf4f792247134234ac94b":"86d2b5debc3b10495da353d6821f6cad380776d805bd8660b08dcdb1acd87026e4f344b547a4db47b5f44cded314bec4ce9a417ce40a2acd5a21460c42dfcd27483abf3f38dd8cc5fa523b6768a26513df5896435baa97781cff1966e2e3d6ec6d0a9cdc013de5a50e4d46831667055bad04f784024a82f9cd087ae4cd37dd64":"8baffc7836004deb87c0111d47c182512bf861874021ddfcd559acf2c4a51cf5bc4bfdee2d039b9c005b6af95a2607643dcf4d9cd9d62412f709334556db22fc91d7b40438505d6806ccb2f2c21ae731bc1f1c825d28a71ab27095a39985e96ccd07cfb2e75243ccafd474494a2338c324ef533ca5f17d2ac1b1883140342ced":"9594da428fd8c1b13ecb23afa2c1af2e":"":"e2c424f42aedd56f0e17a39d43ad19c8e2731efc7a25f077aef51d55280b10e667e338bd981b82a975ef62bf53bc52496b6995d33c90c7ae14767c126826e3f32bd23f444ddcfd7a0dd323b0ae2c22defad04ce63892b45c176bd0b86f5fa057a3dc371359744cb80bbfb4a195755136a0ea90b4044a45bc1b069f3cb3695c04":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"58748bb204ccb7bdafdbf739b6c19a3e":"93ac298c73c88e127a4d9dd81bf24e3d":"8f168fc4d1da13bdbefae3f9d6ac1d8cb19fcec1f43f727951af0a466d8826649a46c3cb50c045ea83849fce0eedbc042a1a435e6d9d59017997a2d5459b940078b8a7f3b6b0ff279ff8c560248296a17240ff1b0643d1f436b6e3f2079363fc49fb45f410debbdde083b92057916368cb807d603cb82e2c0dc01658bff7f1ab":"b72902c9ebb72a86be539b19a52fd9af00aa4de081d90c0d8ad580ebb5900177a036f40a1e9b43e3a07d715466526d6d7544e5a5551805b62463f956cd519fc99182c2d54bd62fc7ffc6e5ebf1503859b706da11a1b6c707a67a70789dbfc10ef726bd360f9f2347326e068e757c8443ddc9308a171e682359ae1bfe87194ab5":"efba4589d4a03555766bbc3b421dd60f":"":"d5c97a659f016904ff76286f810e8e92da6f8db2c63d8a42e617760780637e32105503440cdf04d1fe67813312f1479fda8d746c8b0b080591eba83850382f600e9d8680516c6579669f0b3d0a30323510f9de1c92512790b8347751994d022156cae64da0808a649d163a0e99e869fdf224b7c1a6a8fbc613d5917eca8ee08c":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6cc13cbd62428bb8658dd3954fe9181f":"86740da7ce4efbed70af55e1d6c10fdf":"be561ac15e3cfda624b422af97c26719c140bb50e4a993d636efe9c7f1963fb9047a0762169b571a698ff310bc417e34d4039b7562a95af710ccc1b197964a376c986fd2ed8ac4b0c7b4e843c37a41366f2f483c821a1823f317416c7e4f32eed9b9dc2ae1a2f3ed32c4b3187358a2329aa42191b7c2fe87b6e27ff20303cb29":"2c9ec982d1cfb644ddbc53c0759b10493206d5186affc6882fbb2ba3aa430f9bae1209db2d78dcc125f3c909a54dd84fdff96c71e678216a58390ef4308bdd90f94f7109c4edefa76a74fda64b201b7a435bbabc27298f3eaa4c2d1393bd584f811fff52638f6ad2f6d86a8c3c9c030d9d4264c8c079592a36178d25991cff09":"76b990a1e010e5f088f6ae90bec40b32":"":"0b9a5f5d2e6852b75b9cf26c1b310b2200e56dafcf3c941478862cdf9737ac8e2cb9b38d41bd4a1872ea1b4cfd51a1a0b9b743aca439eefa10de8459a0a7a221c5429b3dee393f17031ca6c399df8e05657c3db55be9c9dd29e690042a4ed8db732efce7c58d6b20a2a0f7c79e42e5ada43b87ab00f481c20cac1b35514dcdc9":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"286d3f5080cfe88538571188fbeb2dd5":"da6140bd4dc6456ddab19069e86efb35":"5d350a04562a605e9082ebd8faec6c27e561425849e7f0f05f5049859c2c1bd2c4682ebf9773fab6177d2601fd5a086cefc3adef5a2f8f6b5dc9e649e98dd0a3d1a2524419f01305bd0fcfff52d84a20d1b14dea2138dcc54eea2bf263c6fe27c3e7255f1f359d0d00fb1b350d7a04965af30027632520197e85eb41de6bb286":"55135928997711360622eda1820c815aa22115204b1e9bb567e231ac6ea2594b4d652627b6816bdc6c40a4411fd6b12fab9a1f169d81c476dbf77151bff13f98ca0d1dc0a68ea681652be089fadbc66c604284eebfc8ce4cf10f4ca6bda0e0f6634023db6e3f0f1de626c3249a28a642ecc9ec5ff401e941fa8a3c691566c0ae":"d90d34094d740214dd3de685010ce3":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"726ae113a096769b657f973ea6d2d5dd":"2f9900226c97585d200dd20a279c154a":"761663c3fcbf1db12bc25546b2425b8229b3153e75f79fa63958819caee3febff74603d99264b5a82ef5980439bef89301ae3206a1d01a3bbd7a6c99d27d1e934cc725daeb483f826c2c9d788fd1f67a627864cf8b5f94df777bb59ef90cb6781a2000e6f0baa4f1ea4754b47bb7cbd2699f83634e4d8ab16b325b2c49f13499":"90636012ba8c51d16f8f6df3d3bcabc3f09aeffbe2a762f62e677913188045b861b2e7d9a7bd93dcee46e9e4832e497a6f79db52b4e45c8dab20fa568ff9c4ace55be3216f514a3284768a25d86b1c7da5377622f3e90ed4c7bd4571715af4d0a2ab5181d0475f699202e4406bb9cfdbd4fa7f22d0dd744d36b3223134658496":"d095bfb8990d4fd64752ee24f3de1e":"":"9f7759c6d24fd9aa0df02a7c0cc5f17e61622c63195f85dfafa5d820d3ad218c7288ec017821100f1fade10f9bb447a4a01e3698b045548c7619a08f2304e2818a9bf55e70b40f8b994b7dcf0cb243848cf3f6fdfec3ebbb147d01df84a3ec62cd8fa5d78ad9f2f28cd288a35eb49a5172339e9872e8e7e3350b0d69f59acd07":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"73a9eeda721c6f292e6b399e2647f8a6":"c1e80eb723960049cc4448b66433f1cf":"fb2a0b1f817404e74aee0a6ec8f2cd86f0c9114ed367b2690c44ad80f9d3377d7fd5066beaf1daa739d27ed3fba98379188016b1fe901204a174f9ffca370c181aece5e5d40939a0d460913b40b895e78a3b80ddf3d613c05e4e27bfd161ea2ef42271a2679f2cdca5b728ffb2319781c946a4f3ecacf486b754b30bb04ea60b":"215fc7e52abe4c751ca2f7f9a5cbde9ab8b44b8d4054bb62dcea6df5b936145ca6ec83a2b78b070638fd6e5ea3bad5d0caf1b8f755f391c3e0962a92337e3eba575585eb83680075fc818860388c587746af78d5fc75ccd0a63f1612abb1ba0f04a2228ca27fbddba4878f9b2683683f516b6d6fe4f6622e603bd3c5ad45e332":"e08161262234d0d5be22f09e5646bf":"":"b5e286183f16dd9403bec6786bd4836cc6add47947ef111fb1d5503c18c333c8fe60959502f58390d0e0f69fbe5fee13c72aed65fe6e32f6ea45877fe44f8a556aa5157b112e572197c1c350b7943c6cf2e9146018599524d27599f09c86027f2c5927e4a20c63833870e8369baa36ecc07cdb3ced520b5ae46869ff357ca089":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"90dbda7397d8fc46215a1218a6ffd0d8":"7be477d14df5dc15877ae537b62e1a56":"7358ddf1310a58871a2f76705f1cf64223c015c4d1574104d2e38783bb866205042f05c86e76c47a2516ce284911f1d2cbee079982dd77167e328b8324eec47c9244cc5668cf908c679bb586d4dd32c6c99ed99a6b571cf18b00689463e7a88cea6ea32d288301a10a9139ed6092ffe298e25b8cfb6b4be8217f16076dcd0a90":"4f82a1eca6c9184240f50f7e0cfec07ec772cad5276d93043c462d8364addd9a652eed385ccc6b0faa6ca679ab3a4c3d0be6a759425fd38316ee6a1b1b0c52c1bb3b57a9bd7c8a3be95c82f37800c2e3b42dde031851937398811f8f8dc2a15bfd2d6be99a572d56f536e62bc5b041d3944da666081cd755ec347f464214bf33":"776d871944159c51b2f5ec1980a6":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"0c85174d428fc1c7c89ca5d1b8aaba25":"b3c9dfa4c55388a128fbf62aa5927361":"3f552d45b61cf05ae2aa92668e89f3338a15ec7c5b7113b6571cfcd9e4c4a962043ccd9323f828dd645e8a91b007ce2112b7f978ad22ee9821698a4f2559d987ae4421452ad2e8d180953297156426d4540aff2104d8637b56b034a3a1823cf962bffbc465fe6148097975a8821ca7487e6e6c7ff4ee4de899fe67345676bb1c":"3735cbfb8000260021d1938d2a18e7737f378ecddb11a46ce387bf04e20bbfcc902457637fd152ab87017185601f32a7f906057123b6c2da31a1069c93e3cacc59a359aebd3e31b302e1a1f7d5d8f1b2917a8fe79181fa633b925ce03a1198dac48f4c959076b55bc6b3d50188af2c6aa33d83698aa8db22649f39825ba54775":"1e7dec83830183d56f443a16471d":"":"3d98cabca4afb7c1f6b8eeed521f4666ae252ac12d17ebf4a710b9a22d839b69458387ba4bbec2f6400e0cff80fbe4682c24efcd3b8c594d9b515ca7842c9d5988c42b59b6526c29a99256451e2927f5b956ef262f97c733dfa8bff73644473b9a8562bdfca748f4733ddce94a60024dfbfcde62fb3cbd7c3d955012d5338b91":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"d89f06eb07744d43d44734faf9751d07":"185f8d033713ee629e93561cf8d5acb8":"743bcb671d0aa1c547b5448d64d7c6b290777625ba28f25ca0fbf1fc66495a2fde0648a8db51039b0e7340d993aef8afb48269e660cb599837d1e46f72727762d887ee84c073d6136d1b0bc7d4c78f5673a4a6b73375937e8d54a47304845f38ca6b4f51cf14136a0826016535dc5ed003e38c3ac362b9d58ba8b555a05a1412":"36cc3b2f563305208a03378f7dc036119f7de3fee77cefac06515853d36609a622382ed026c59783fbc0d9910767874c516e10c7bf3e3d104f73b3463c8d93a63418c76cb0d05e62e9c8642cb4f32caced2620912cb6c79e5110a27d5fba1ef3b4d0578077858526c5e4254365f2b2ab47a45df4af08980b3b7a9b66dff5b38c":"fcad48076eb03ebe85c6d64f6357":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"6150f14dc53f391e815acfabed9f9e20":"7e92dd558bd2662c3a539dfe21a352cf":"9b4624e9118e6aa5dc65b69856638f77fd3f9f562046f50ba92a64e988258637932af7979f000505b84a71ff5dd7b60bad62586b1a8837a61c15a1a1ba7f06668272c28169915d7f06297b6c2a96c8c44203a422bfd25500c82e11274ffe07706365bfd3da34af4c4dd8ad7b620de7284a5af729bea9c4ed2631bdcba2ebdb7d":"fd8f337017e1b60d6618e6e4ad37c1f230cdeb78891579c2c63d4e6a4f7d2cb7252e99de333c73db45958808c08e91359c885a7385ab6f9ed98a27927a5b83c3a456ce2e01869712675e527155ba1e339ac14a3ccd7a4b87360902f2b8381308fe5a4eac5c90d0b84da4bf5b907de6ff3139cffd23b49a78750006100183032a":"922a7b48ad5bf61e6d70751cfe":"":"f272a3ee9b981f97785cc6fad350e516d72d402dae0d8a531c064ec64598b2a5760f9b279c10aa1ff71bec07300ab0373187138e7a103fc4130105afa6b6346f3d368b40d6f542375de97878ad4d976d64c5c4968a17be2b1757a17c03100231c34721250cd37cc596678764083ade89ae3b1a2151ff9151edcd7ba0eb8a4649":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3e8216072ed6fcde0fe0f636b27ed718":"23a122cf363c3117b8c663388c760ee4":"28ce0b4a44fa83323e060f3ff6436b8829d4f842090296bdc952b6d4a6b1b1a66be06168c63c4643e6ac186f7ffd8d144f603b2d4bc0d65be48121676f9fa1f359029c512bebfd75075ff357bc55f20fc76d9f2477c9930f16408f9f09c5ae86efa2529d2f1449ceeb635b83ca13662860ef9ac04a3d8ab4605eccd2d9ae5a71":"3b50f2a8dca9f70178503d861d9e37f5edfafc80ee023bfed390a477372986e4794175ec22ac038c3461aba50c9b2379cab48512946efdfe2cb9c12a858b373a5309324f410e6a05e88ba892759dbee6e486dc9665f66cb5950ea7e71317fa94abbebd67a3948746a998173fbbb4f14f9effbdf66d3b6e346053496a4b1934ce":"531a65cc5dfeca671cc64078d1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"1af434b73a1210b08595ffa686079832":"ae318f3cb881d1680f6afbf6713a9a2f":"3763c9241be0d9d9a9e46e64b12e107d16cca267ff87844c2325af910cc9a485c7015d95bbe62398864d079fb2b577ba0cfad923c24fa30691ad7d767d651eed4a33d0be8f06fed43f58b2e0bb04959f10b9e8e73bd80d3a6a8c8ce637bfbdb9d02c2b0a3dd8317c4997822031a35d34b3b61819b425c10c64e839b29874ddfb":"13f6c1c2d4edcf1438a7b4e85bcd1c84a989831a64d205e7854fce8817ddfceab67d10506ccf6ed9ce50080ef809e28e46cba7b0c96be6a811f59cd09cb3b7b3fe5073ee6763f40aee61e3e65356093f97deef5a8721d995e71db27a51f60a50e34ac3348852c445188cfc64337455f317f87535d465c6f96006f4079396eba3":"2ae7350dd3d1909a73f8d64255":"":"3cd2a770300ce4c85740666640936a0fe48888788702fc37e7a8296adb40b862ec799f257a16821adaa7315bd31e8dec60e4a8faeb8ba2ee606340f0219a6440e9c1d3168425e58fac02e8a88865f30649913d988353ab81f42a5ad43f960055f0877acda20f493208c2c40754fbf4ccee040975aa358ea3fe62cbd028c1611a":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"04036d2f5273c6ff5b8364aa595359c9":"edc433c381140dff929d9df9f62f4cb6":"404acfeeea342aeea8c8b7449af9e20ddf5b85dc7770d2144a4dd05959613d04d0cfece5a21cbb1a9175ddc9443ffacd2085332eb4c337a12a7bb294c95960e7c0bde4b8ab30a91e50267bbd0b8d2a4ed381409ea2e4c84f9a2070a793ce3c90ea8a4b140651b452674f85d5b76d0055df115608bf3a3c60996108023ebabe65":"acf79b6099490af938fb5fd8913255b3daa22786b03356cdf3e0ffaf570f9f866047b8e15c9953f893d97e7098265297396868ebc383be8547e8ec9d974b6a65b5dc5147cdadef2e2ad96696e84e44f364c2ba18c8aabe21f99489957b2b5484bf3fb4fecaf5ddaa1d373e910059c978918a3d01b955de2adb475914bf2c2067":"71f818f1a2b789fabbda8ec1":"":"4729cb642304de928b9dca32bb3d7b7836dd3973bbccf3f013c8ff4b59eca56f5d34d1b8f030a7b581b2f8fdc1e22b76a4cbc10095559876736d318d6c96c5c64cbd9fbd1d8eb4df38a2d56640d67d490d03acc1cd32d3f377eb1907bbd600f21d740b578080ba9c6ddc7dc6c50cdcee41fec51499cb944713c0961fc64f5a70":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"59fe44c6e28d025b2ad05e6e867051ab":"eb0c30320029433f66d29b3fd5c6563b":"49b7418b87374b462d25309b1c06e3132a3c8f4a4fcf29fed58e0902509426be712639db21c076df7b83dcfcc2c2c8fcc88576f4622a4366eb42f84ebf760e3eb22b14f8b5ff83f06a6f04a924eaab05b912e126e80da22461abf7f1925fd72ebdf2aea335a044726e7c2ebbb2b8aeebab4f7de5e186b50f275b700794d895d8":"20e66bae1215de9a87a0b878d39015d17e0d4542a1aaba2000cefbd5f892c26a410f55f0d7dc2f6b66690f2997032985e5516e068bfc6ec8a3669f566e280b0cefded519023b735ee3bcbfc5b6ce8203b727933a750f9bd515ec448c1f3a030aa0f40e607727a3239ebbe655d46b38a3d867e481ccf0fadbf0d59b665d2ed6b5":"296c4cdaeb94beb2847dc53d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"c314264cee0e6db30ebe9b2f6d4991b2":"4cd4431bb6dea8eb18ae74e4c35a6698":"0eeafbfd04f9a0ea18e5bdc688c7df27183f346187e9574b61222006f2b3e12e8d9d9bf1f0f15949ee1a7ee8e5c80ee903b8ba2860e15ccb999929f280200b159c2adca481748d0632a7b40601c45055f8cb5126148e6cbab2c76f543537ab54eb276188343cea3c4ab0d7b65b8754e55cfe3f6a5c41b6ea3c08b81fcecc968a":"d436ff9abfb044a332c4e009b591719a67b12a5366da0a66edf19605c34daa37588e15dd3da0d1a097215e469439de79cca74e04cd4904e5b4a6cb4e0ea54e6ba4e624ed6bd48be32d1ef68ffea1639a14e91a5914c2346ea526df95cbd4ad1b8ee842da210b35b6315c3075ecc267d51643c4b39202d0ad793cbb0045ebdc19":"fda18d2f795d900f057fe872":"":"cb9e0fb0ac13ca730b79e34745584b362d0716c344e4de90d8352b21117471ba12c97f193150b33774baee5e4a0f11b10428eaf0106c958e16aa46c5f6f3d99eed93d1b9ba3957bed05a8b9cc8c5511cf813a66dc7d773cb735b0523d8d6b0b80639b031ddc375f714c6dd50055320cd7ed44a471c8d5645c938a9005d0b5050":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"26072018bd0bda524b5beb66a622c63e":"c783d6d3b8392160e3b68038b43cf1f4":"8ae7c809a9dc40a6732a7384e3c64abb359c1b09dcb752e5a6b584873e3890230c6fc572b9ad24d849766f849c73f060fc48f664c1af9e6707e223691b77e170966ed164e0cc25ede3fbc3541c480f75b71e7be88fe730d8b361ea2733c6f37e6a59621de6004e020894b51dfb525973d641efe8d5fd9077a0bbc9dc7933a5de":"91c524b359dae3bc49117eebfa610672af1e7754054607317d4c417e7b1a68453f72d355468f825aeb7fde044b20049aed196ec6646cce1eeeccf06cb394286272b573220cdb846613ebc4683442dccc7a19ec86ef1ec971c115726584ae1f4008f94e47d1290d8b6b7a932cfe07165fd2b94e8f96d15f73bf72939c73f4bd11":"edffe55c60235556":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"201751d3da98bd39ff4e5990a56cfea7":"6172468634bf4e5dda96f67d433062d7":"ae2d770f40706e1eaa36e087b0093ec11ed58afbde4695794745e7523be0a1e4e54daade393f68ba770956d1cfb267b083431851d713249ffe4b61227f1784769ce8c9127f54271526d54181513aca69dc013b2dfb4a5277f4798b1ff674bca79b3dec4a7a27fcf2905ae0ce03f727c315662cd906e57aa557d1023cce2acd84":"2965af0bde3565a00e61cebbfe0b51b5b5ee98dbbfff7b1b5bf61da5ba537e6f4cf5fa07d2b20e518232c4961e6bc3ae247b797429da5d7eee2fc675b07066ac2e670261c6e9a91d920c7076101d86d5ef422b58e74bdc1e0b1d58298d3ee0f510ee3a3f63a3bbc24a55be556e465c20525dd100e33815c2a128ac89574884c1":"66c247e5ad4e1d6a":"":"efd064d4b4ef4c37b48ddf2fa6f5facc5e9cc4c3255b23a1e3765fabb5a339fa0eda754a5381b72989fc1323ff9a6bbaecd904eb4835e5a511b922927574673061ed8de23299ea1456054e7ebb62869878c34fb95e48c8385b5ebceecb962654cf1586b3f54e7887ce31850363e9a22be9e6fbc22e694db81aa055490495dbf2":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"3bc0dcb5261a641a08e6cb00d23e4deb":"16fa19f69fceed9e97173207158755a5":"92ddd3b98f08fc8538f6106f6434a1efa0a7441cc7f6fd0841103c2e4dd181ea0c9a4811b3cb1bad1986a44d8addabc02dd6980daf7d60405b38dadc836bb1d0620ceab84e0134aca7c30f9f9490436b27acfd7052f9d7f0379b8e7116571017add46b9976f4b41431d47bae6f5f34dc42410793bc26c84bfe84fb53ae138c85":"d533ad89a1a578db330c01b4e04d08238b020e36aebe87cf2b0bf0b01f1ce4197be8b0596e475a95946918152e8b334ba89f60486c31f0bd8773ca4ff1319fe92197088b131e728d64405441c4fb5466641f0b8682e6cb371f8a8936140b16677f6def8b3dd9cbf47a73f553f1dca4320ad76f387e92f910f9434543f0df0626":"f5289e1204ace3b2":"":"be0c30deeffbe51706247928132002b24d29272eee6b9d618483868e67280236632fa1ae06f3ef793f67bd01b1b01f70a827367c1cd28f778910457c7cbd977dfefff1f84a522247e19b2fd01fa22ce67cef9503d45c80a5084741f04108f2462b7cdd06a8f1f044fea2b05e920bcc061fbc6910175d732f45102a63c76ae48c":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"239c15492d6deec979e79236baca4635":"916b8b5417578fa83d2e9e9b8e2e7f6b":"b39eb732bc296c555cc9f00cf4caaf37d012329f344a6b74a873baf0d8dde9631f5e57b45b957d6aec0f7978e573dd78b43d459b77756037cd64d10d49966eb3a2a08d0f4d5e4f5dcb8713f4e4756acdf9925c5fc6120c477f6dffc59b0b47a3d5efd32b8c9052b321bb9b5129e5c6a095d8de563601b34608456f58d7221f2d":"d64886ce5f5b4adb7fe8f95904bc1461749c931655b02819ffdd0ae31bad4175125aa68962f8e36ec834a7d53a191a74c937e81ec93ad9ce0d3b286d3c11ff1733c0b7780130768c120b1833933561cf07399ca49b912370ae34f0e49b9c8cb9920eddc6816ab2ae261c6d7f70058a9b83a494026f249e58c4c613eefafe6974":"fc08cbbe":"":"95c169721ea007c3f292e4ec7562a426d9baa7d374fd82e1e48d1eaca93d891d5ffa9acf5e3bd82e713ac627141e26a8b654920baffab948401cc3c390d6eea9d7b78c4fcb080b0aa9222e4d51bf201ccfd9328995831435e065d92ad37ee41c7c4366cc1efe15c07fc0470608866aeea96997772ecf926934c5d02efe05f250":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"db68a96e216b0dd9945f14b878487e03":"8a1a72e7bb740ec37ea4619c3007f8ae":"1b4f37190a59a4fff41d348798d1829031204fd7ac2a1be7b5ea385567e95e2ace25bf9e324488dd3ab8ce7f29d4c9a4f4b1a8a97f774871ee825e2c17700128d3c55908d3b684a1f550fdb8b38149ff759c21debdd54e49d64d3e8aac803dfd81600464ed484749bb993f89d4224b3d7d55c756b454466ff9fd609019ed5e83":"5634196a32d4cbfa7a2f874a1e0f86287d2942090e0cc6a82bd5caf40136a27ddf524a17713ce4af04ca6cb640a7205cce4ac9cb2d0ab380d533e1e968089ea5740c0fcbfa51f2424008e0b89dc7b3396b224cfaed53b3ac0604879983d3e6e6d36053de4866f52976890f72b8f4b9505e4ebdd04c0497048c3ce19336133ea4":"9251d3e3":"":"0c6bb3ee5de5cbb4b39d85d509bcacb3dda63fa50897936531339882962e8dc54c285c8944768d12096d4a3c2b42ffa92603cee2da9b435ec52908fca6d38ed74f898fe0ffa761f96038ff7dfeccc65bb841c3457b8de1e97d9bee82e2911602ee2dc555b33a227424dea86d610d37c447776295b412b412903ad2cede5170b6":1
+
+AES-GCM NIST Validation PSA (AES-128,128,1024,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_128_GCM:"659b9e729d12f68b73fdc2f7260ab114":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"8e5a6a79":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"806766a4d2b6507cc4113bc0e46eebe120eacd948c24dc7f":"4f801c772395c4519ec830980c8ca5a4":"":"":"8fa16452b132bebc6aa521e92cb3b0ea":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0c2abdcd2e4ae4137509761a38e6ca436b99c21b141f28f5":"335ca01a07081fea4e605eb5f23a778e":"":"":"d7f475dfcb92a75bc8521c12bb2e8b86":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"eef490a0c2ecb32472e1654184340cc7433c34da981c062d":"d9172c3344d37ff93d2dcb2170ea5d01":"":"":"017fef05260a496654896d4703db3888":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fe0c3490f1f0dba23cf5c64e6e1740d06f85e0afec6772f3":"f47e915163fa3df7f6c15b9d69f53907":"":"":"14e1a057a2e7ffbd2208e9c25dbba1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4356b3b1f308df3573509945afe5268984f9d953f01096de":"a35b397b34a14a8e24d05a37be4d1822":"":"":"e045ecba220d22c80826b77a21b013":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e2898937cc575c8bb7444413884deafe8eaf326be8849e42":"169a449ccb3eb29805b15304d603b132":"":"":"3a807251f3d6242849a69972b14f6d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75683c7df0442e10b5368fcd6bb481f0bff8d95aae90487e":"538641f7d1cc5c68715971cee607da73":"":"":"07d68fffe417adc3397706d73b95":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0724ee1f317997ce77bb659446fcb5a557490f40597341c7":"0d8eb78032d83c676820b2ef5ccc2cc8":"":"":"7da181563b26c7aefeb29e71cc69":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"be2f0f4ae4ab851b258ec5602628df261b6a69e309ff9043":"646a91d83ae72b9b9e9fce64135cbf73":"":"":"169e717e2bae42e3eb61d0a1a29b":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"583c328daecd18c2ac5c83a0c263de194a4c73aa4700fe76":"55e10d5e9b438b02505d30f211b16fea":"":"":"95c0a4ea9e80f91a4acce500f7":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b40857e7e6f26050f1e9a6cbe05e15a0ba07c2055634ad47":"e25ef162a4295d7d24de75a673172346":"":"":"89ea4d1f34edb716b322ea7f6f":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"627008956e31fea497fb120b438a2a043c23b1b38dc6bc10":"08ea464baac54469b0498419d83820e6":"":"":"ab064a8d380fe2cda38e61f9e1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c386d67d7c2bfd46b8571d8685b35741e87a3ed4a46c9db":"766996fb67ace9e6a22d7f802455d4ef":"":"":"9a641be173dc3557ea015372":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"711bc5aa6b94fa3287fad0167ac1a9ef5e8e01c16a79e95a":"75cdb8b83017f3dc5ac8733016ab47c7":"":"":"81e3a5580234d8e0b2204bc3":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c74620828402e0bdf3f7a5353668505dc1550a31debce59a":"cfbefe265583ab3a2285e8080141ba48":"":"":"355a43bcebbe7f72b6cd27ea":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1eb53aa548b41bfdc85c657ebdebdae0c7e525a6432bc012":"37ffc64d4b2d9c82dd17d1ad3076d82b":"":"":"34b8e037084b3f2d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"50d077575f6db91024a8e564db83324539e9b7add7bb98e4":"118d0283294d4084127cce4b0cd5b5fa":"":"":"507a361d8ac59882":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d9ddca0807305025d61919ed7893d7d5c5a3c9f012f4842f":"b78d518b6c41a9e031a00b10fb178327":"":"":"f401d546c8b739ff":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6ed8d8afde4dc3872cbc274d7c47b719205518496dd7951d":"14eb280288740d464e3b8f296c642daa":"":"":"39e64d7a":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"80aace5ab74f261bc09ac6f66898f69e7f348f805d52404d":"f54bf4aac8fb631c8b6ff5e96465fae6":"":"":"1ec1c1a1":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23b76efd0dbc8d501885ab7d43a7dacde91edd9cde1e1048":"75532d15e582e6c477b411e727d4171e":"":"":"76a0e017":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94c50453dd3ef7f7ea763ae13fa34debb9c1198abbf32326":"1afe962bc46e36099165552ddb329ac6":"b2920dd9b0325a87e8edda8db560bfe287e44df79cf61edba3b2c95e34629638ecb86584f05a303603065e63323523f6ccc5b605679d1722cde5561f89d268d5f8db8e6bdffda4839c4a04982e8314da78e89f8f8ad9c0fee86332906bf78d2f20afcaabdc282008c6d09df2bfe9be2c9027bb49268b8be8936be39fa8b1ae03":"":"51e1f19a7dea5cfe9b9ca9d09096c3e7":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c6a98102af3d875bcdebe594661d3a6b376970c02b11d019":"bea8cd85a28a2c05bf7406b8eef1efcc":"f2f80e2c042092cc7240b598ab30fad055bce85408aa0f8cefaf8a7204f0e2acb87c78f46a5867b1f1c19461cbf5ed5d2ca21c96a63fb1f42f10f394952e63520795c56df77d6a04cb5ad006ee865a47dc2349a814a630b3d4c4e0fd149f51e8fa846656ea569fd29a1ebafc061446eb80ec182f833f1f6d9083545abf52fa4c":"":"04b80f25ae9d07f5fd8220263ac3f2f7":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec3cc45a22fdc7cc79ed658d9e9dbc138dcc7d6e795cba1a":"b10d9c70205e142704f9d1f74caee0f6":"714994017c169c574aaff2f8bad15f8fa6a385117f5405f74846eca873ca4a8f4876adf704f2fcaff2dfa75c17afefd08a4707292debc6d9fafda6244ca509bc52b0c6b70f09b14c0d7c667583c091d4064e241ba1f82dd43dc3ea4b8922be65faf5583f6b21ff5b22d3632eb4a426675648250e4b3e37c688d6129b954ef6a8":"":"d22407fd3ae1921d1b380461d2e60210":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a32ebc7a2338038ced36d2b85cbc6c45cca9845a7c5aa99":"9afe0882e418c9af205eeb90e131d212":"61ff8a8bc22803f17e8e9f01aff865bc7d3083ff413ce392a989e46ebed5114894de906f7d36439024d8f2e69cc815ac043fff2f75169f6c9aa9761ff32d10a1353213ac756cb84bd3613f8261ef390e1d00c3a8fb82764b0cda4e0049219e87d2e92c38f78ffac242391f838a248f608bb2b56b31bbb453d1098e99d079ea1b":"":"fcbb932ddb0128df78a71971c52838":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bf22885e7f13bcc63bb0a2ca90c20e5c86001f05edf85d8":"99dec21f4781284722b5074ea567c171":"9f4176dacf26e27aa0e669cd4d44bca41f83468c70b54c745a601408a214bf876941ae2ae4d26929113f5de2e7d15a7bb656541292137bf2129fdc31f06f070e3cfaf0a7b30d93d8d3c76a981d75cd0ffa0bcacb34597d5be1a055c35eefeddc07ee098603e48ad88eb7a2ec19c1aefc5c7be9a237797397aa27590d5261f67a":"":"18fd1feec5e3bbf0985312dd6100d1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cfd75a9d3788d965895553ab5fb7a8ff0aa383b7594850a6":"a6df69e5f77f4d99d5318c45c87451b2":"041aeb2fa0f7df027cd7709a992e041179d499f5dbccd389035bf7e514a38b5f8368379d2d7b5015d4fa6fadfd7c75abd2d855f5ea4220315fad2c2d435d910253bf76f252a21c57fe74f7247dac32f4276d793d30d48dd61d0e14a4b7f07a56c94d3799d04324dfb2b27a22a5077e280422d4f014f253d138e74c9ac3428a7b":"":"fd78b9956e4e4522605db410f97e84":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b0b21ae138485591c6bef7b3d5a0aa0e9762c30a50e4bba2":"56dc980e1cba1bc2e3b4a0733d7897ca":"a38458e5cc71f22f6f5880dc018c5777c0e6c8a1301e7d0300c02c976423c2b65f522db4a90401035346d855c892cbf27092c81b969e99cb2b6198e450a95c547bb0145652c9720aaf72a975e4cb5124b483a42f84b5cd022367802c5f167a7dfc885c1f983bb4525a88c8257df3067b6d36d2dbf6323df80c3eaeffc2d176a5":"":"b11f5c0e8cb6fea1a170c9342437":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8775665aba345b1c3e626128b5afa3d0da8f4d36b8cf1ca6":"cd17f761670e1f104f8ea4fb0cec7166":"2ee08a51ceaca1dbbb3ee09b72f57427fd34bd95da5b4c0933cbb0fc2f7270cffd3476aa05deeb892a7e6a8a3407e61f8631d1a00e47d46efb918393ee5099df7d65c12ab8c9640bfcb3a6cce00c3243d0b3f316f0822cfeae05ee67b419393cc81846b60c42aeb5c53f0ede1280dc36aa8ef59addd10668dd61557ce760c544":"":"6cdf60e62c91a6a944fa80da1854":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cc9922299b47725952f06272168b728218d2443028d81597":"9b2f1a40717afcdbb6a95d6e335c9e4d":"bcfca8420bc7b9df0290d8c1bcf4e3e66d3a4be1c947af82dd541336e44e2c4fa7c6b456980b174948de30b694232b03f8eb990f849b5f57762886b449671e4f0b5e7a173f12910393bdf5c162163584c774ad3bba39794767a4cc45f4a582d307503960454631cdf551e528a863f2e014b1fca4955a78bd545dec831e4d71c7":"":"dd515e5a8b41ecc441443a749b31":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5a27d718f21c5cbdc52a745b931bc77bd1afa8b1231f8815":"59661051912fba45023aef4e6f9380a5":"2b7ce5cea81300ed23501493310f1316581ef8a50e37eaadd4bb5f527add6deb09e7dcc67652e44ac889b48726d8c0ae80e2b3a89dd34232eb1da32f7f4fcd5bf8e920d286db8604f23ab06eab3e6f99beb55fe3725107e9d67a491cdada1580717bbf64c28799c9ab67922da9194747f32fd84197070a86838d1c9ebae379b7":"":"f33e8f42b58f45a0456f83a13e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b83e933cf54ac58f8c7e5ed18e4ed2213059158ed9cb2c30":"8710af55dd79da45a4b24f6e972bc60a":"b7a428bc68696cee06f2f8b43f63b47914e29f04a4a40c0eec6193a9a24bbe012d68bea5573382dd579beeb0565b0e0334cce6724997138b198fce8325f07069d6890ac4c052e127aa6e70a6248e6536d1d3c6ac60d8cd14d9a45200f6540305f882df5fca2cac48278f94fe502b5abe2992fa2719b0ce98b7ef1b5582e0151c":"":"380128ad7f35be87a17c9590fa":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d2f85f92092385f15da43a086cff64c7448b4ee5a83ed72e":"9026dfd09e4553cd51c4c13ce70830de":"3c8de64c14df73c1b470a9d8aa693af96e487d548d03a92ce59c0baec8576129945c722586a66f03deb5029cbda029fb22d355952c3dadfdede20b63f4221f27c8e5d710e2b335c2d9a9b7ca899597a03c41ee6508e40a6d74814441ac3acb64a20f48a61e8a18f4bbcbd3e7e59bb3cd2be405afd6ac80d47ce6496c4b9b294c":"":"e9e5beea7d39c9250347a2a33d":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"de7df44ce007c99f7baad6a6955195f14e60999ed9818707":"4d209e414965fe99636c1c6493bba3a3":"da3bc6bdd414a1e07e00981cf9199371192a1fb2eaae20f7091e5fe5368e26d61b981f7f1d29f1a9085ad2789d101155a980de98d961c093941502268adb70537ad9783e6c7d5157c939f59b8ad474c3d7fc1fcc91165cdf8dd9d6ec70d6400086d564b68ebead0d03ebd3aa66ded555692b8de0baf43bc0ddef42e3a9eb34ab":"":"24483a57c20826a709b7d10a":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1dfa5ff20046c775b5e768c2bd9775066ae766345b7befc3":"2d49409b869b8b9fc5b67767979ca8cd":"e35d34478b228bc903ea2423697e603cc077967d7cfb062e95bc11d89fbe0a1f1d4569f89b2a7047300c1f5131d91564ec9bce014d18ba605a1c1e4e15e3e5c18413b8b59cbb25ab8f088885225de1235c16c7d9a8d06a23cb0b38fd1d5c6c19617fe08fd6bf01c965ed593149a1c6295435e98463e4f03a511d1a7e82c11f01":"":"23012503febbf26dc2d872dc":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2df3ee3a6484c48fdd0d37bab443228c7d873c984529dfb4":"dc6aeb41415c115d66443fbd7acdfc8f":"eafc6007fafb461d3b151bdff459e56dd09b7b48b93ea730c85e5424f762b4a9080de44497a7c56dd7855628ffc61c7b4faeb7d6f413d464fe5ec6401f3028427ae3e62db3ff39cd0f5333a664d3505ff42caa8899b96a92ec01934d4b59556feb9055e8dfb81f55e60135345bfce3e4199bfcdb3ce42523e7d24be2a04cdb67":"":"e8e80bf6e5c4a55e7964f455":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce0787f65e6c24a1c444c35dcd38195197530aa20f1f6f3b":"55300431b1eaac0375681d7821e1eb7a":"84a699a34a1e597061ef95e8ec3c21b592e9236ddb98c68d7e05f1e709937b48ec34a4b88d99708d133a2cc33f5cf6819d5e7b82888e49faa5d54147d36c9e486630aa68fef88d55537119db1d57df0402f56e219f7ece7b4bb5f996dbe1c664a75174c880a00b0f2a56e35d17b69c550921961505afabf4bfd66cf04dc596d1":"":"74264163131d16ac":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a15541b5857a668dc9899b2e198d2416e83bac13282ca46":"89bf8ab0cea6f59616eeb9b314d7c333":"4d2843f34f9ea13a1ac521479457005178bcf8b2ebeaeb09097ea4471da9f6cc60a532bcda1c18cab822af541de3b87de606999e994ace3951f58a02de0d6620c9ae04549326da449a3e90364a17b90b6b17debc0f454bb0e7e98aef56a1caccf8c91614d1616db30fc8223dbcd8e77bf55d8253efe034fd66f7191e0303c52f":"":"8f4877806daff10e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b61cdfd19c136ee2acbe09b7993a4683a713427518f8e559":"4066118061c904ed1e866d4f31d11234":"153c075ecdd184fd8a0fca25cae8f720201361ef84f3c638b148ca32c51d091a0e394236d0b51c1d2ee601914120c56dfea1289af470dbc9ef462ec5f974e455e6a83e215a2c8e27c0c5b5b45b662b7f58635a29866e8f76ab41ee628c12a24ab4d5f7954665c3e4a3a346739f20393fc5700ec79d2e3c2722c3fb3c77305337":"":"4eff7227b42f9a7d":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce175a7df7e429fcc233540e6b8524323e91f40f592ba144":"c34484b4857b93e309df8e1a0e1ec9a3":"ce8d8775f047b543a6cc0d9ef9bc0db5ac5d610dc3ff6e12e0ad7cd3a399ebb762331e3c1101a189b3433a7ff4cd880a0639d2581b71e398dd982f55a11bf0f4e6ee95bacd897e8ec34649e1c256ee6ccecb33e36c76927cc5124bc2962713ad44cbd435ae3c1143796d3037fa1d659e5dad7ebf3c8cbdb5b619113d7ce8c483":"":"ff355f10":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5f659ed236ba60494e9bf1ee2cb40edcf3f25a2bac2e5bc5":"ad49f12f202320255406c2f40e55b034":"6da62892f436dfe9790e72d26f4858ca156d1d655c9cc4336fcf282b0f3f0b201e47f799c3019109af89ef5fd48a4811980930e82cd95f86b1995d977c847bbb06ecdcc98b1aae100b23c9c2f0dcf317a1fb36f14e90e396e6c0c594bcc0dc5f3ebf86ce7ecd4b06d1c43202734d53f55751a6e6bbda982104102af240def4eb":"":"cb4d8c1d":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a73f318b1e298ba4ac0ab2aed74f73543b1017cccbd1b240":"abe33b7e8d88bd30deb96d1e90c4e951":"6de616b000047b14b6759015183dd753c61499c0e665d06a89e4fb0cd0dd3064ff8651582e901ef5d0cdf3344c29c70c3aabc2aaf83cb3f284c6fe4104906d389b027e7d9ca60d010f06ef8cd9e55db2483d06552ddbe3fc43b24c55085cd998eae3edec36673445bf626e933c15b6af08ea21cbace4720b0b68fe1a374877d5":"":"4a28ec97":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"73d5be74615bc5b627eedfb95746fb5f17cbf25b500a597f":"eb16ed8de81efde2915a901f557fba95":"":"fc40993eb8559e6b127315c03103ce31b70fc0e07a766d9eecf2e4e8d973faa4afd3053c9ebef0282c9e3d2289d21b6c339748273fa1edf6d6ef5c8f1e1e9301b250297092d9ac4f4843125ea7299d5370f7f49c258eac2a58cc9df14c162604ba0801728994dc82cb625981130c3ca8cdb3391658d4e034691e62ece0a6e407":"804056dca9f102c4a13a930c81d77eca":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a249135c9f2f5a8b1af66442a4d4e101771a918ef8acee05":"80b6e48fe4a3b08d40c1636b25dfd2c4":"":"c62b39b937edbdc9b644321d5d284e62eaa4154010c7a3208c1ef4706fba90223da04b2f686a28b975eff17386598ba77e212855692f384782c1f3c00be011e466e145f6f8b65c458e41409e01a019b290773992e19334ffaca544e28fc9044a5e86bcd2fa5ad2e76f2be3f014d8c387456a8fcfded3ae4d1194d0e3e53a2031":"951c1c89b6d95661630d739dd9120a73":"":"b865f8dd64a6f51a500bcfc8cadbc9e9f5d54d2d27d815ecfe3d5731e1b230c587b46958c6187e41b52ff187a14d26aa41c5f9909a3b77859429232e5bd6c6dc22cf5590402476d033a32682e8ab8dc7ed0b089c5ab20ab9a8c5d6a3be9ea7aa56c9d3ab08de4a4a019abb447db448062f16a533d416951a8ff6f13ed5608f77":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa832a4b37dcb3c0879a771bb8ae734f0d88b9be497797a8":"70835abab9f945c84ef4e97cdcf2a694":"":"0f1105f9ec24121232b60b6ef3c3e8ca9eec1a3d7625004b857d1d77f292b6ec065d92f5bb97e0dc2fdfdf823a5db275109a9472690caea04730e4bd732c33548718e9f7658bbf3e30b8d07790cd540c5754486ed8e4d6920cefaeb1c182c4d67ebed0d205ba0bd9441a599d55e45094b380f3478bcfca9646a0d7aa18d08e52":"a459be0b349f6e8392c2a86edd8a9da5":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"dda216287910d1f5c0a312f63c243612388bc510cb76c5ba":"7f770140df5b8678bc9c4b962b8c9034":"":"d6617d583344d4fe472099d2a688297857215a3e31b47d1bf355ccfe9cf2398a3eba362c670c88f8c7162903275dfd4761d095900bd97eba72200d4045d72bd239bda156829c36b38b1ff5e4230125e5695f623e129829721e889da235bb7d4b9da07cce8c3ceb96964fd2f9dd1ff0997e1a3e253a688ceb1bfec76a7c567266":"9823e3242b3f890c6a456f1837e039":"":"b4910277224025f58a5d0f37385b03fcd488dfef7580eb5c270c10bd7a6f6d9c7ddc2d1368d68d4e04f90e3df029ed028432a09f710be1610b2a75bd05f31bae83920573929573affd0eb03c63e0cec7a027deab792f43ee6307fd3c5078d43d5b1407ac023824d41c9437d66eeec172488f28d700aa4b54931aad7cd458456f":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c5afa1e61d4594b1c2fa637f64f18dd557e4df3255b47f24":"151fd3ba32f5bde72adce6291bcf63ea":"":"5c772cdf19571cd51d71fc166d33a0b892fbca4eae36ab0ac94e6164d51acb2d4e60d4f3a19c3757a93960e7fd90b9a6cdf98bdf259b370ed6c7ef8cb96dba7e3a875e6e7fe6abc76aabad30c8743b3e47c8de5d604c748eeb16806c2e75180a96af7741904eca61769d39e943eb4c4c25f2afd68e9472043de2bb03e9edae20":"f0626cc07f2ed1a7570386a4110fc1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"febd4ff0fedd9f16bccb62380d59cd41b8eff1834347d8fa":"743699d3759781e82a3d21c7cd7991c8":"":"dc971c8f65ece2ea4130afd4db38fc657c085ea19c76fef50f5bd0f8dd364cc22471c2fa36be8cde78529f58a78888e9de10961760a01af005e42fc5b03e6f64962e6b18eaedea979d33d1b06e2038b1aad8993e5b20cae6cc93f3f7cf2ad658fbba633d74f21a2003dded5f5dda3b46ed7424845c11bab439fbb987f0be09f8":"1da347f9b6341049e63140395ad445":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d280d079110c1c826cc77f490d807dd8d508eb579a160c49":"85b241d516b94759c9ef975f557bccea":"":"a286d19610a990d64f3accd329fc005d468465a98cfa2f3606c6d0fbeb9732879bad3ca8094322a334a43155baed02d8e13a2fbf259d80066c6f418a1a74b23e0f6238f505b2b3dc906ffcb4910ce6c878b595bb4e5f8f3e2ede912b38dbafdf4659a93b056a1a67cb0ec1dbf00d93223f3b20b3f64a157105c5445b61628abf":"bbf289df539f78c3a912b141da3a":"":"b9286ab91645c20de040a805020fed53c612d493a8ce9c71649ae16bd50eab6fb7f3a9180e1651d5413aa542608d7ecbf9fc7378c0bef4d439bc35434b6cf803976b8783aecc83a91e95cea72c2a26a883b710252e0c2a6baa115739a0692c85f6d34ff06234fbdc79b8c4a8ea0a7056fb48c18f73aaf5084868abb0dfaa287d":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5e80f87fa2156c62df7be2ad16c4890de5ee5868a684fcf9":"9769f71c76b5b6c60462a845d2c123ad":"":"c829073efd5c5150d2b7e2cdaeff979830d1aa983c747724ade6472c647a6e8e5033046e0359ea62fc26b4c95bccb3ac416fdf54e95815c35bf86d3fdd7856abbb618fe8fcd35a9295114926a0c9df92317d44ba1885a0c67c10b9ba24b8b2f3a464308c5578932247bf9c79d939aa3576376d2d6b4f14a378ab775531fe8abf":"394b6c631a69be3ed8c90770f3d4":"":"f886bd92ca9d73a52e626b0c63a3daa138faaacf7809086d04f5c0c899362aa22e25d8659653b59c3103668461d9785bb425c6c1026ad9c924271cec9f27a9b341f708ca86f1d82a77aae88b25da9061b78b97276f3216720352629bd1a27ebf890da6f42d8c63d68342a93c382442d49dd4b62219504785cee89dffdc36f868":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d8a7b99e53f5e5b197364d4516cace4b928de50e571315e3":"4b12c6701534098e23e1b4659f684d6f":"":"d0db0ac5e14bf03729125f3137d4854b4d8ce2d264f8646da17402bdad7034c0d84d7a80f107eb202aeadbfdf063904ae9793c6ae91ee8bcc0fc0674d8111f6aea6607633f92e4be3cfbb64418101db8b0a9225c83e60ffcf7a7f71f77149a13f8c5227cd92855241e11ee363062a893a76ac282fb47b523b306cd8235cd81c2":"729b31c65d8699c93d741caac8e3":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c874b427b7181b0c90b887147c36f242827149324fd5c945":"4b8dda046a5b7c46abeeca2f2f9bcaf8":"":"bdd90190d587a564af022f06c8bd1a68735b6f18f04113fdcec24c6027aaf0271b183336fb713d247a173d9e095dae6e9badb0ab069712302875406f14320151fd43b90a3d6f35cc856636b1a6f98afc797cb5259567e2e9b7ce62d7b3370b5ee852722faf740edf815b3af460cdd7de90ca6ab6cd173844216c064b16ea3696":"fe1e427bcb15ce026413a0da87":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"56543cd6e2ebb1e3dc136a826bfc37eddb12f7a26430a1b4":"927ce8a596ed28c85d9cb8e688a829e6":"":"d541dd3acec2da042e6ea26fb90ff9a3861191926423b6dc99c5110b3bf150b362017159d0b85ffea397106a0d8299ec22791cb06103cd44036eed0d6d9f953724fb003068b3c3d97da129c28d97f09e6300cbea06ba66f410ca61c3311ce334c55f077c37acb3b7129c481748f79c958bc3bbeb2d3ff445ad361ed4bbc79f0a":"3a98f471112a8a646460e8efd0":"":"a602d61e7a35cbe0e463119bb66fd4bb6c75d1fe0b211b9d6a0a6e9e84b0794282318f0d33ec053f2cfba1623e865681affeaf29f3da3113995e87d51a5ab4872bb05b5be8ef2b14dfc3df5a48cbc9b10853a708ee4886a7390e8e4d286740a0dd41c025c8d72eda3f73f3cec5c33d5e50b643afd7691213cccccc2c41b9bd7a":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"caaf81cd380f3af7885ef0d6196a1688c9372c5850dc5b0b":"508c55f1726896f5b9f0a7024fe2fad0":"":"6f269929b92c6281e00672eaec183f187b2ddecc11c9045319521d245b595ab154dd50f045a660c4d53ae07d1b7a7fd6b21da10976eb5ffcddda08c1e9075a3b4d785faa003b4dd243f379e0654740b466704d9173bc43292ae0e279a903a955ce33b299bf2842b3461f7c9a2bd311f3e87254b5413d372ec543d6efa237b95a":"3b8026268caf599ee677ecfd70":"":"c4a96fb08d7c2eebd17046172b98569bc2441929fc0d6876aa1f389b80c05e2ede74dc6f8c3896a2ccf518e1b375ee75e4967f7cca21fa81ee176f8fb8753381ce03b2df873897131adc62a0cbebf718c8e0bb8eeed3104535f17a9c706d178d95a1b232e9dac31f2d1bdb3a1b098f3056f0e3d18be36bd746675779c0f80a10":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2fc9d9ac8469cfc718add2b03a4d8c8dcc2eeca08e5ff7bc":"b2a7c0d52fc60bacc3d1a94f33087095":"":"bc84d8a962a9cfd179d242788473d980d177abd0af9edccb14c6dc41535439a1768978158eeed99466574ea820dbedea68c819ffd9f9915ca8392c2e03049d7198baeca1d3491fe2345e64c1012aff03985b86c831ad516d4f5eb538109fff25383c7b0fa6b940ae19b0987d8c3e4a37ccbbd2034633c1eb0df1e9ddf3a8239e":"0a7a36ec128d0deb60869893":"":"fc3cd6486dfe944f7cb035787573a554f4fe010c15bd08d6b09f73066f6f272ff84474f3845337b6e429c947d419c511c2945ffb181492c5465940cef85077e8a6a272a07e310a2f3808f11be03d96162913c613d9c3f25c3893c2bd2a58a619a9757fd16cc20c1308f2140557330379f07dbfd8979b26b075977805f1885acc":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81ff729efa4a9aa2eccc37c5f846235b53d3b93c79c709c8":"1bd17f04d1dc2e447b41665952ad9031":"":"3992ad29eeb97d17bd5c0f04d8589903ee23ccb2b1adc2992a48a2eb62c2644c0df53b4afe4ace60dc5ec249c0c083473ebac3323539a575c14fa74c8381d1ac90cb501240f96d1779b287f7d8ba8775281d453aae37c803185f2711d21f5c00eb45cad37587ed196d1633f1eb0b33abef337447d03ec09c0e3f7fd32e8c69f0":"01b0a815dc6da3e32851e1fb":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"068500e8d4f8d4af9035cdaa8e005a648352e8f28bdafc8a":"5ea9198b860679759357befdbb106b62":"":"98e32428d9d21c4b60e690a2ce1cf70bee90df31302d1819b7d27fd577dd990f7ffe6ba5ef117caac718cc1880b4ca98f72db281c9609e189307302dc2866f20be3a545a565521368a6881e2642cba63b3cf4c8b5e5a8eabeb3e8b004618b8f77667c111e5402c5d7c66afd297c575ce5092e898d5831031d225cee668c186a1":"d58752f66b2cb9bb2bc388eb":"":"2ef3a17fcdb154f60d5e80263b7301a8526d2de451ea49adb441aa2541986b868dab24027178f48759dbe874ae7aa7b27fb19461c6678a0ba84bbcd8567ba2412a55179e15e7c1a1392730ac392b59c51d48f8366d45b933880095800e1f36ff1ac00753f6363b0e854f494552f1f2efe028d969e6b1a8080149dd853aa6751e":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7474d9b07739001b25baf6867254994e06e54c578508232f":"3ade6c92fe2dc575c136e3fbbba5c484":"":"1cbab2b6e4274caa80987072914f667b887198f7aaf4574608b91b5274f5afc3eb05a457554ff5d346d460f92c068bc626fd301d0bb15cb3726504b3d88ecd46a15077728ddc2b698a2e8c5ea5885fc534ac227b8f103d193f1977badf4f853a0931398da01f8019a9b1ff271b3a783ff0fae6f54db425af6e3a345ba7512cbf":"67c25240b8e39b63":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d50d4c7d442d8a92d0489a96e897d50dda6fbe47ca7713ee":"41b37c04ab8a80f5a8d9d82a3a444772":"":"b36b4caf1d47b0d10652824bd57b603ec1c16f4720ce7d43edde8af1b9737f61b68b882566e04da50136f27d9af4c4c57fff4c8465c8a85f0aeadc17e02709cc9ba818d9a272709e5fb65dd5612a5c5d700da399b3668a00041a51c23de616ea3f72093d85ecbfd9dd0b5d02b541fb605dcffe81e9f45a5c0c191cc0b92ac56d":"4ee54d280829e6ef":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"38f3ec3ec775dac76ae484d5b6ca61c695c7beafba4606ca":"9af53cf6891a749ab286f5c34238088a":"":"49726b8cefc842a02f2d7bef099871f38257cc8ea096c9ac50baced6d940acb4e8baf932bec379a973a2c3a3bc49f60f7e9eef45eafdd15bda1dd1557f068e81226af503934eb96564d14c03f0f351974c8a54fb104fb07417fe79272e4b0c0072b9f89b770326562e4e1b14cad784a2cd1b4ae1dc43623ec451a1cae55f6f84":"6f6f344dd43b0d20":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6db4ef061513ef6690d57aef50d8011e0dd7eb4432d82374":"623df5a0922d1e8c883debb2e0e5e0b1":"":"b7f9206995bc97311855ee832e2b40c41ab2d1a40d9263683c95b14dcc51c74d2de7b6198f9d4766c659e7619fe2693a5b188fac464ccbd5e632c5fd248cedba4028a92de12ed91415077e94cfe7a60f117052dea8916dfe0a51d92c1c03927e93012dbacd29bbbc50ce537a8173348ca904ac86df55940e9394c2895a9fe563":"14f690d7":"":"a6414daa9be693e7ebb32480a783c54292e57feef4abbb3636bebbc3074bfc608ad55896fe9bd5ab875e52a43f715b98f52c07fc9fa6194ea0cd8ed78404f251639069c5a313ccfc6b94fb1657153ff48f16f6e22b3c4a0b7f88e188c90176447fe27fa7ddc2bac3d2b7edecad5f7605093ac4280b38ae6a4c040d2d4d491b42":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8901bec4d3c64071d8c30c720c093221e05efed71da280bf":"9265abe966cb83838d7fd9302938f49d":"":"7c447e700db7367260dffa42050e612eff062eb0c8a6b4fe34858800bcb8ec2f622cb5213767b5771433783e9b0fa617c9ffb7fde09845dafc16dfc0df61215c0ca1191eabf43293db6603d5285859de7ef3329f5e71201586fb0188f0840ed5b877043ca06039768c77ff8687c5cfc2fd013a0b8da48344c568fce6b39e2b19":"6f6c38bc":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c57eb763f886154d3846cc333fc8ae8b3c7c9c3705f9872":"9b3781165e7ff113ecd1d83d1df2366d":"":"9fe7d210221773ba4a163850bab290ba9b7bf5e825760ac940c290a1b40cd6dd5b9fb6385ae1a79d35ee7b355b34275857d5b847bef4ac7a58f6f0e9de68687807009f5dc26244935d7bcafc7aed18316ce6c375192d2a7bf0bee8a632fe4f412440292e39339b94b28281622842f88048be4640486f2b21a119658c294ce32e":"62f32d4e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"307d31a594e54f673bea2f977835670aca4f3d45c9c376cc":"0bdaa353c4904d32432926f27534c73c":"aa39f04559ccc2cae3d563dda831fb238b2582cb2c2bb28cff20cc20200724c8771b9805ef7464b8fc06c7b8060c6920fd2779fbc807c2292c8c1f88f8088755609a1732ff8c0b06606452b970c79997b985889404fd907c4668a0bcc11ba617175f4525523494a244da60b238468c863055f04db20ea489adf545d56c0a71d8":"d7385a7bd0cb76e1e242fa547c474370bcc7cc7cf3e3fa37b00fe08a56383ca31d023d8c493f6d42e482b0f32e4f244dd100ea08eee6535e5bb8d27f76dbb7eead6ba8e031ccd0eaeb649edee92aeaf0f027d59efd4e39b1f34b15ceb8b592ee0f171b1773b308c0e747790b0e6ace90fc661caa5f942bdc197067f28fbe87d1":"2ddda790aae2ca427f5fb032c29673e6":"":"0b92262759897f4bd5624a891187eba6040d79322a2a5a60fb75c6c6a5badd117abe40c6d963931bbc72dca1a1bf1f5388030fe323b3b24bd408334b95908177fb59af57c5cc6b31825bc7097eec7fec19f9cdb41c0264fd22f71893bcf881c1510feb8057e64880f1ea2df8dc60bb300fd06b0a582f7be534e522caadc4a2c7":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"23c201968def551817f20e49b09dbb5aae0033305bef68a0":"bd2952d215aed5e915d863e7f7696b3e":"23f35fac583897519b94998084ad6d77666e13595109e874625bc6ccc6d0c7816a62d64b02e670fa664e3bb52c276b1bafbeb44e5f9cc3ae028daf1d787344482f31fce5d2800020732b381a8b11c6837f428204b7ed2f4c4810067f2d4da99987b66e6525fc6b9217a8f6933f1681b7cfa857e102f616a7c84adc2f676e3a8f":"77bc8af42d1b64ee39012df5fc33c554af32bfef6d9182804dcfe370dfc4b9d059bdbc55f6ba4eacb8e3a491d96a65360d790864ba60acf1a605f6b28a6591513ea3cfd768ff47aee242a8e9bdfac399b452231bfd59d81c9b91f8dc589ad751d8f9fdad01dd00631f0cb51cb0248332f24194b577e5571ceb5c037a6d0bcfe8":"bb9ba3a9ac7d63e67bd78d71dc3133b3":"":"17d93c921009c6b0b3ecf243d08b701422983f2dcaec9c8d7604a2d5565ed96ce5cddcb183cd5882f8d61d3202c9015d207fed16a4c1195ba712428c727601135315fc504e80c253c3a2e4a5593fc6c4a206edce1fd7104e8a888385bbb396d3cdf1eb2b2aa4d0c9e45451e99550d9cfa05aafe6e7b5319c73c33fd6f98db3c5":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6baec0669add30acb8f678ce477a2b171f89d1f41935c491":"b1472f92f552ca0d62496b8fa622c569":"5ae64edf11b4dbc7294d3d01bc9faf310dc08a92b28e664e0a7525f938d32ef033033f1de8931f39a58df0eabc8784423f0a6355efcff008cae62c1d8e5b7baefd360a5a2aa1b7068522faf8e437e6419be305ada05715bf21d73bd227531fea4bc31a6ce1662aec49f1961ee28e33ae00eb20013fd84b51cfe0d5adbdaff592":"5712b84c4c97d75f84edd50561bc1d3f1ba451cc3b358b2403b5e528290954348cf7a235b4dc11a72ddbc503191204e98a9744d85419508c8ca76438c13305f716f1e239a6d9f6423c27217a0057aa75f6d7e2fb356e7194f271459ab5482589ea311b33e3d3845952ff4067dd2b9bcc2e8f83630b0a219e904040abd643d839":"29a2d607b2d2d9c96d093000b401a94f":"":"beb687f062ae7f5159d07609dd58d7b81c478d180bc0b4c07ae799626ff1da2be2e0d78b2a2a1f563257f161491a5ac500cd719da6379e30d0f6d0a7a33203381e058f487fc60989923afbee76e703c03abc73bb01bd262ff6f0ac931f771e9b4f2980e7d8c0a9e939fa6e1094796894f2c78f453e4abe64cb285016435ef0e8":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7b882a2df81fdb9275fb05d120f32417e8ffedd07457e938":"5c064d3418b89388fb21c61d8c74d2c5":"5bfa7113d34e00f34713cf07c386d055e889bb42d7f6c8631ffce5668e98cb19bed8820b90ecb2b35df7134f975700347e5514287cfef7ffa2b0ff48b1de0769b03dca6610995d67cb80052cb2e5914eb4ed43ef5861f4b9364314fde6ad2b82fbba7fd849dfa6e46ecc12edc8cabfff28d9bd23c2bcc8ab3661c9ba4d5fee06":"0aae7213da279b34d6dcf2a691b2d0333112ea22de0c3c68d47cf9f9f4ed8ad4e03d4a60ec18c3a04ac9c2abb73e1023051029b5e8705bb69c4c50afc84deb0379db5077be1f663652f8bd8958271af2c1ac4a87e08cb526bab8a030652f2a29af8055d0f31e35475caee27f84c156ef8642e5bfef89192f5bde3c54279ffe06":"0943abb85adee47741540900cc833f":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51d94d21482c00bb5bc7e7e03aa017ba58f5a23494b72c2a":"fb21cd763e6f25540f8ad455deaccdf0":"019d1db5569eeff83306f65d653b01064854c1be8446cd2516336667c6557e7844fc349adea64a12dc19ac7e8e40b0520a48fac64571a93d669045607085ac9fa78fed99bbf644908d7763fe5f7f503947a9fe8661b7c6aef8da101acca0aed758ca1580eeb2f26ae3bf2de06ce8827a91a694179991a993cdf814efbcc61ca5":"3a9c69c1ed2340bfde1495658dbf4f54731a19b3922a1d535df8d0b2582f5e803b5891e8ad1aa256c923956dcda2430d0c0696bce63295fb61183e040566e459338f908d23ae51f64020c1ef3d192428f23312b285fc4111d50d1add58f4a49008a22c90d3365230e9158cd56f9d84f079bdd673555d4dc76c74b02fa9920e7d":"a93bd682b57e1d1bf4af97e93b8927":"":"7093f44703f2cbb3d12d9872b07a8cd44deb62dae48bc573b11a1ee1c9f3105223423fac3181c312a8a61757a432d92719f486c21e311b840aa63cf530710c873df27fecda0956075923f1ecc39bffb862706f48bde2de15612930fc8630d2036e9e4cfc1c69779171bd23d9e1d5de50a9e0a0de4bd82ed3efc45299980bb4cc":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e6756470937f5d9af76f2abe6df2d0bc15ff8e39b5154071":"4500193711a5d817a9f48deafda39772":"92fa22dba0eee6b1de1ddd24713b1be44c7105df90e6e7a54dcbf19025e560eb4986ee080cf613898a1a69d5ab460a3b8aa2723a95ac4a4af48224b011b55fb7582ae18f6746591eab2bd33d82a8dbbae3f7877e28afef9857a623530b31d8198b2df43f903d6e48ddae0848741f9eaae7b5504c67ad13791818f3c55c9b3d1e":"afae92bd56c426c095d76633701aa9bea5ce05490482c6c64ac24468c3e1af6e6030a6bb6649745b011c6729bde985b9242e22105322fbb8853dcabbd00165d0b07d7b499e0238b6513bf6351eb40635a798f7e6e2d31125dda45ffe8964596fdbff55df22d4e9025bd4f39e7c9b90e74b3ee58d6901f113900ee47a4df5afd7":"7d9f97c97c3424c79966f5b45af090":"":"62258d60f0138c0405df4b2ec1e308b374603a9eace45932fdc2999e9e2261de8b1099473d1fc741c46c334023aa5d9359f7ef966240aaf7e310d874b5956fd180fb1124cbeb91cf86020c78a1a0335f5f029bd34677dd2d5076482f3b3e85808f54998f4bac8b8fa968febceec3458fb882fc0530271f144fb3e2ab8c1a6289":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30db73d46b518669c45b81bc67b93bed3d0864f7e9e8e789":"5069e2d2f82b36de8c2eb171f301135d":"ef781dce556b84188adee2b6e1d64dac2751dd8592abc6c72af7b998dfae40cbe692a4cae0b4aa2c95910e270600550fca1e83640c64efb1eb0e0a90a6fc475ae1db863a64ce9cc272f00abac8a63d48dd9f1c0a5f4586224befed05be4afae5bd92249833d565cc6b65fd8955cb8a7d7bd9f4b6a229e3881212871a52c15d1c":"750bc1d2f91d786bb1e621192a376f552538ba8c07d50d9e10b9345f31b3e5f9d8ad7c719c03d8548a3b184b741cd06c49d7fb6fe80258d60c01c2987c337c823211cee7c1cf82077266889bc7767475e0eeabb2ef6b5a1de2089aaef77565d40a1c2c470a880c911e77a186eacca173b25970574f05c0bdcd5428b39b52af7f":"a5100c5e9a16aedf0e1bd8604335":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"209f0478f1a62cb54c551181cbd4d24b796e95f3a06b6cb9":"7be1768f6ffb31599eb6def7d1daa41c":"9cb49357536ebe087e1475a5387907a9e51ad1550697f13c6cc04384ec8a67dea13376bdd5e26b815c84a78f921b506b9e2086de50f849185f05ba7c3041e49e42c0673df856da109a78b8e0ce918c25836f7e781e6b16168e4e5976d27ebc83f20b7bf4beadecb9b4f17a7a0d3a3db27fc65288a754b5031a2f5a1394801e6e":"66db7cc97b4a8266c0a2228e8028e38d8986e79fcbcc3caff3050fdd2de87b7ff7a6895b988b0bdb7fcc4d6e2d538dcfaad43ce2f98b6d32500f5a6e6183d84cb19157a699cdde1266d6d75a251ee1a2eb97bfe6405d50be2b17a58ba6eafaee0a023a28d568fd1c914f06041a49c79b9df9efe63d56883cbbbeaba809273d2e":"4d2ac05bfd4b59b15a6f70ea7cd0":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1bfa30b315e7b908263330140fa2d66ed57104784a43cc70":"b7081a3010b524218390ba6dd460a1ec":"8c1f42b5931d69ae351fcde7d2b4136d4898a4fa8ba62d55cef721dadf19beaabf9d1900bdf2e58ee568b808684eecbf7aa3c890f65c54b967b94484be082193b2d8393007389abaa9debbb49d727a2ac16b4dab2c8f276840e9c65a47974d9b04f2e63adf38b6aad763f0d7cdb2c3d58691adde6e51e0a85093a4c4944f5bf2":"8eeee9865e23fa51dbbf197fa41776b7edbdb9381a22c935299cd959a46190788ae82f4e645b0362df89bfc00241964784bc7ef70f6f97e81687d52e552a33af20ae34a3005e0a7b85d094368d707c3c4cd3ef31c0daf3ccaa1676609ed199327f4139d0c120977e6babceed28896d2cb3129630f3ee135572dc39433057e26a":"4da85b8ec861dd8be54787bb83f1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc47156a693e59a1dea0618c41441fe669fc65dcfb7d0726":"ea1935ed014883cc427983d7962d9992":"0d85b8513becfe8c91d0f6ffb65ec31f2cf406c51c0da88893c43d1327fd8ad1f4bab2d7b5e27438d643397034a72f8666bf641b6781bc90f764db387eae6720b5723d510194570ccd773e1b3bebfc333cc099d078583e8dac60d174d332925a24a45110c8d2abe8924ea677ac74db66ea789e2838efc96c78bceaa6236c0a67":"3e4f0a586bad532a08c8863ebba01fd25014baa907e6032ee43d4a7dfc7c3171916dcdf9faee0531f27527872ae4e127b6b9aaee93f5e74d0ab23f3874aa0e291564bc97f17085dd7d5eb9a85d9f44574e5952929eda08863b64c85dd395c91b01fe5bef66e3fa8f9ee5bf62c25d80dc84fbe002ecfd218430b26f3549f734a1":"8781b045a509c4239b9f44624e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b5fcd780a03ba80341081ef96b440c0e4348afde4d60c1d5":"ad20cce056e74ec5d0a76d6280998f15":"28f8fcf23b9c1ba40c19ffc1092632e35f234c1e8b82bcd5309d37bf849a2ce401413d1f242cf255ed597f9a93a1d6e50676997f95aa612e580d88234a86ddc404292746f0b2f5cf15abebcea6659f998ec6a1cb5a9914fee5aa1aa5d04b3c20914e45095e4141ce9c173653dd91c3ebe4ed4a9a28f3915d7b2edba34c2a58d8":"6316f3beb32f6f3bf8f2ff6a2c160b432bafd3036d3eefa1e4ec204f24892e37dc4d75c7ce9a24b5c49fb4df901f35ef9d5955f7dc289c56cb74753f4d6b2982267d5269d12237e21202a65061849c65e90e6702dda03a35ace3a3a098d16b4bfbb85b7232404baee37776a9b51af6b3059a5f170f4ebe4ecf11061ca3c1f1f3":"2ad4520ddc3b907414d934cc1d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4382507dddccf1385fc831da8924147563416d0656e168ec":"a37687c9cd4bdc1ead4e6b8f78bee7f5":"fa9ae30509cbb6fe104c21480ae7b8ec9f12f1afb17320d77b77cdf32ce8c5a3f7f927e501118c7ccd6975b79225059cef530a4fcb0a9719f5e2d3bebe7bb6ec0855e495a31e5075eb50aa6c1227e48b03e3fdf780084ac4912eb3a5674cca9dd6ac037366b230ae631a8580d2d117942dee5d5ddbbb2233afeca53289cc4f68":"e5c5430b960aa35dc8540215c2772d66811270859e33dd4477904759e7e5eb2986a52a4ccc9f592e614147b5ea2ead6636a15c6426336b2995d9a31ab36d76578c3540bc6693842a4bc0491c7963ee9cda2317951cf93244bd30bcdfec69a4767004636fe7d1be7300c35e80627bab9236a075a803e9e1080b9159060c643a78":"4221818d4be45306e205813789":"":"b5b36719bc4d13a5fbf37188ea814cdf3c97a430784330540325c899570e15482300bc82c5b8163074e0544c5132e3ce93bba68bd7a8d2db81d1431b424b697c1158c4d70625666d5ff99145ca34856815c905b5a0fd95806df56b9cd5b384bda3e394b409048eb1037144cc071539c02397e931da28a43cc354d584643afd4f":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7a66db3450dac9a1e63d2639f34c5c6a3fbfb3c8e8230199":"21f8341529b210ade7f2c6055e13007a":"1699bc8c198ab03e22d9bc4f3682aad335c6e35f3f616bb69769a9d5a202511797e770ae0d8d8528ef7b2bb25b4294d47427b43f0580fa71d93fdef667f4f4196f84e41c0b1978796d0de74a94420fb8571bff39137fa231c572b31be9ae72338288bef5f8c992121dc918538551f346e279a9047df14ec9fc0fd399cd3bd8d8":"6463a7eb2496379bc8a5635541525926a6f9fa718e338221952118ae4cf03a85f2074b4ebaf108b9c725809be1e6309c3a444b66f12286f6ea9d80c3413706b234b26372e8f00783819314a994c9e3ecf6abdd255cbfe01b3865e1390a35dcd2853a3d99ed992e82ec67ba245f088cb090adade74bdbc8a1bad0f06cbea766a6":"4af02b81b26104d1d31e295a":"":"53fe6a34d280f2c96d1ae2b2e8baf6abd67cedf7d214312f75dd4a1bec28a641dda3e71aa398726b2b0b1f515e1f4259ee97acaf17f122db9ec7814c2de6a88d36c3ac106396ad03d337c2cd2d2b9b4b7170e23a5848ca7ea129838f967dfdfe83b45ff2a9be699bfb2346115465d59f074f09e24d8fcbd9ece0018c92776c43":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1f5c818f24d201f9fb23fcca211b0545eee5c5c9b440810d":"3a163067bdd90fce0406d1c198a88771":"a5e94e233d04fe0c4b6c4684b386902fe05096702237dfbe76f73befa69b6f30394cf9fe3358997942df65842748fb4f075a3dc06e147bd8d67fc4371113a4d75c70219257c650a6f38a136659e20a1cf3a119397835c304e0fb2a33aa3c3019175c86463043d5edc6992874f61e81cd0d26af8b62cf8c8626901d4f16d84236":"9a7566817a06f792e96a6a2ba8e0a01f8837e2de06796e68b0782cc54ed0b04fc5e24a1ad37d5ffb035548b882d88150e89915b89f57cde2bf3c43ab9dae356927daef6bd61cc9edd5e1b7a4abea2f71313677f1b2fdf3d8d4a7e9814ea820fbc3e5c83947db961839a985a57ced7f5e4a1efffcfd17a2c806d4cdc1e79162da":"b124eea927e2a62a875494a1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9a301f7edf83da63bcf37216a3a33d7613331c3210281dd7":"d73a546b0fa307633ac89506fa86138b":"f57fe548cf4a551a216ffb24a1dcf1b79c95f9abf06443fd58af042d287c2165db373c82a94172db517840f22e45e966e3ead91ce1ddad132bcb844e406e84b76a0b5b0ee23064b66a229f32a2d3b9c71103f020c4ba57fc0f0608b7114914cf2ada0c5a9bc4afbfa9ce5da320f34beb2211d569a142f53bfd262f6d149c4350":"e09cc8543db7804870004706a26e94b457c125bd648b581a196f962f2ae8fa55d9bc66530ba5020e22d282080b4720dc9a2096a11c0fcc3d9a67cd1cf95cd7cd2417ba308c761e64be24347a14c9423447094a5c72a0043c288b35e753ba0aa748f208381249fb1c8d195a472192404b6c8172663ee4b4d4ecfa426e1fb003f2":"f536a3b8c333b1aa520d6440":"":"124a327a8c22b7652886dac2c84b8997ca8a6f61c9ba9c094b5aea41eaa050a6df6cbf280259e5466071bcfa53b4ebc76c3cc4afc8c0385189a5382933aa57c89aab78dca84331e0fe8f0aab3a7857d3e13f08dcd90ec5f0684f82088ef8eb7fd67e75de43b67afc3a0beb458f5ebd61b2c779e6c539d795c667bb7dcc2b762e":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd40e8226fd13cb95ba50b7cdf0f07f7ab7037cf8705ca50":"3406e70cbe16b047fedaa537eb892279":"390b18d22d5ecc0b5a524ae9afac6fd948ac72d1360775a88b385aa862cce8a27f3e4b420e539bec6e8958f8c1b5416c313fa0a16f921149a2bfeae29ad2348949b29a73970e5be925ec0c35218b82a020cf21bb68c6931f86b29e01b85500a73f3ee7eb78da60078f42550da83b2e301d151d69b273a050f89e57dfc4787cbf":"75aa7df5c3c443d48ee998064b6fd112c20d2d90c98e00d025ef08d1ad3595385be99de47fa627549b827c48bc79eb1dcaf2f1be95a45f7e55755b952aee5ae0748e68bee1b014a628f3f7dc88e0ebac1d1d00e268355f5101838ce125c57003aebc02a1c9d6ae2cd6e2592f52c0be38cef21a680ae35c909cab99dce9837aef":"69e06c72ead69501":"":"6e8d661cd320b1b39f8494836fcf738b0ab82873d3903c9ee34d74f618aea36099926b54c1589225ec9a9d48ca53657f10d9289c31f199c37c48fb9cbe1cda1e790aaeedf73871f66a3761625cca3c4f642bc4f254868f6b903e80ceeeb015569ace23376567d3712ad16d1289dc504f15d9b2751b23e7722b9e6d8e0827859f":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a85ab87563b809b01725764d64ba4cc6a143e2e0362f0c52":"9f991ff16a3e3eb164a4f819c9f1821a":"df289511f78d8fa2505afc4c71ab1d7c31a8d15d1e5fcbb29d70f0e56f89c4d7b30f1b3b4745b5d2cc7af34fb4c95461372bf516ec192b400dc8fdb0ca9fe1f30f5320d0fadf20155cfcddcf09233c6f591c1c89917e38a003f56b94a1e2429d1f2b6297db790d7dce84d9fa13d2d86a0e4d100e154050b07178bee4cdf18126":"ef43629721b50bd3656b7ae31b6e4b4ba1cf2c72ed0460ee7d9fb416631ddc597e5f9aebbcf4442b95cc46e28476a464dd87caf9c1c1d6c99d3e3e059dc23f8d2fe155ff5e59c50d640bc052c62adee3aa1295b38732e3458f379e98a8dbdfed04c22a5761792e87fa67ecbcbf3b90eb1bcd1d3f49e60132452f28afece83e90":"dc4c97fe8cc53350":"":"ff0e531c7344f0425d62d5fbedf4bc8d3d5cc80647e67b852c1a58ad1516d376d954cb8dda739f6a4df3cf1507e59696610bcb6b34340d6313028e00d7197845d392e73331aaf168b474a67364d8f9dab740509fabf92af75045f0afabc1b5829264d138820952bbc484d1100d058a4de32b4ece82746b2b4a85fb2993d4add8":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f4f1e03abb927ffd0b081b9dce83a56a6dd419a6313ac34f":"d1e29bb51a3c4e871d15bb0cd86257e2":"ae2911cdaaad1194c5d7868b6d8f30287105df132eb0cecca14b6e23ec7ac39cc01da1c567a0219cca7b902cc2e825e30f9524a473eb6e1d4d1beff5ab4f29103b2c7522a33dd33182fa955c4f09a75196b1072a6f0340fc55a802d29c7067f05219c21857ebff89ada11f648c1f28dfbfdaab56028f05509de17e2381457ebc":"0e70421499bc4bcb3851afa34cdf5be374722815abdd9bcee5f332dbe890bdc1c0210ab10667e5bb924bf3c1120e25a0c074da620076f143940989e222086d1b34a1200d09aea1f810ef6de7d8520c65eef9539fde5a6422606c588fce6264e5f91f934ede6397c4b307d2d7e07a518fce577a427fa92923cbba637ae495afad":"44f760787f7bc3c0":"":"2199fa5051461b67581429ab19de2ccb50b8b02e12c0e1d81a8a14929f84e09d9715b7d198e77e632de4af1c08c5041276204a7ed76646385e288e96e1a4b0b0f2b1a9df7f0892beaea3cb58d9632720158f6daa4cbbfc0ebdc56ff6a5175768ff2abd24cb7669bc3fe40f8aba7869d2dd7dac86b6ebc4e4ce261edbec88db17":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"33efe20433c6a1ad261a1fed494961749e5bf9d35809b59d":"dc94673b0c49c6d3b4611e278212c748":"919f7397a6d03836423b7cac53177fcfbe457d4aa4348646f646aae1bc5a15568cdb8c96fabef278ace248aca531110a4f4f9e8ab0c32525ad816ae3facf03175232dc84addcd6065f9cc1f513966b63fd27e91a09f1921b95d6bd8f08f1dbce073bcf827847f774514b478b9d7fb5426847dd4dee6f39b5768c1fb729b32d03":"cfbeb61be50def25f513346498f75984bfe797a8ad56be34f2461e2d673f6ce14e7479a59777267b75dadc6b9522599ebe5d7b079495a58ca187ec47796f6ee8c322278ad7451b038c938928adcff6105a8ea3780aedc45b6a3323d3ae6fbce5da4fb59ca5ec0a16a70494c3c4859672348532505e44f915e0b9b8a296ef5225":"c5098340":"":"c5e47d8c60b04df1974b68a14095d9bc8429a413d21960b15bae4fd7356bf7872e0da0a1a385ca2982d3aa3182e63ea4bb8ca01410cd4e71ddad34aa1f12c1387902b3d56634f89c619a2e6756648ab3bf90e9bc945afc9140eb935b633bae96bb067e9ee421697bcf80b14b1b88dbf13e010b472a7ca5411db36848b9c7a37f":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3ed5dadefa0f6d14fedd1a3cdbab109f6660896a952ac5ab":"553a14f1e1619f9d7bd07cd823961f25":"eb8ea81d3e328a1113942cd5efd0f2b5e7f088791c8fc05690a34584101c4d493628ee7d0099a2865ac194b9124c3fb924de0c4428d0a1c26ea3ad9a0bc89187a16673e3b6f7e370dfb2dc26e8a56a9cf91f9c2088c020a766efe0d0c91689743a603f2cd1e300a6a84828b3b515a4b9a06e6bb20457bf124cd6ce4ac8b83d51":"aef617f69724e020309ec39d9587520efda68a8e303686c3a41ef700cba05b7c6e43e95aadb1a566f61650c87845835e789eb2366941e3bfef6d9846af0e0dbc43249117ad6f299bbc40669ac383cdf79289ada6ccd8ccfe329a0dc6a38eea1a99550457102d10f641cda50c21f533b1f981663f74a0a7c657c04d9fc6696ff4":"dc413c4c":"":"bc1f34991a48aabb0fea513f790f0d223e9feac4c99fa1e8427f01ab8b4b2827cfaf239342de36051a846af0306a3f82e7aed98dd0416fb078bc7f3b617b00ceb2cea4ddafc22dd022efa8303e9804510e0e888065d8427345156d823f796f74130c06db9f9934435552b4fefd051953e20ecba3a4514ac121d7d2097d597439":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6d97e8bff3923a778504fb917dbc1428a1328587047697d9":"0c28dc4cd53725091c2fb68a476c2e40":"f3932f5e82d75a1e3eba1591c17769e1a45819ccf057c31e76fa810b93678766d25905e859775c244e96bcafbc75c4a2d95e7d02868ccb2f65e49276f0b645ac8cf6e3758402304a3c25ce2de0a49f401b1acadaff8b57589b45cc79130ddc8387f41cc383e33ef38eec019152051c756198d6f782ccf56297b9fe944269a65a":"dc1a81efd51e967767f5bdd7e2e425732c1d28451f2bf5bdf3f5a6492279330594d360dd8a193e5dbde1be49bf143a35c38bcd059f762ada65c5119e097f0976891347f4d829b087bd72daa3494b344cbd3370c4459ca243bd57aeda4cb86cdd0bf274f07830cdbf5e5be4eb9b742ddffef8aa35626d2b9ea0a29d3c3d058b28":"e6d6df7a":"":"39327836e9d8cfb59397adcf045a85644c52c3563290795811f26350c8bce8f55ca779cbcd15479efd8144b8a39ef611153955c70bf3a7da9d4d944c2407a0d735784fcb68de1083eebf6940ebc9cf92f9f139c01404b503ff64e61126a94e881351473507884357040fd32714b872c254349071069644e2bd642905521b944e":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2c78e29971e90a01bb65973f81260b9344fa835751f5f142":"f1a23ce6e2bc9088a62c887abecd30ae":"":"":"d4d5c22f993c8c610145fcbe4e021687":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8c582d5b6a40ef0e4048ec20f0263572d7cc82704e380851":"ef221a1c66fda17906190b7c99ab60b8":"":"":"6327dcb46ffb3d0fd8fbf3d2848a8f01":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3a58abadd29e946e23ca9eb09af059913d5394971bda6a4f":"7c29b3196d44df78fa514a1967fcd3a6":"":"":"fc123944bbea6c5075a5f987aed9cf99":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"04bdde4c35c385783715d8a883640851b860ce0e8436ec19":"783f9a3c36b6d0c9fd57c15105316535":"":"":"23e21a803cac5237777014686564f2":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4ba5fba0c22fbe10c2d1690c5d99938522de9c5186721bac":"2acc2073089a34d4651eee39a262e8ae":"":"":"7ac742c859a02a543b50464c66dcf5":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f12890b0a8819faa5a8e0e487f7f064af42fa6d5519d009f":"c937615675738f4b3227c799833d1e61":"":"":"88300bd65b12dcb341f1f6d8a15584":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"51878f3630298a81297f4a21514fea637faa3815d4f26fae":"1f939226feab012dabfc2193637d15b1":"":"":"eed5fcb7607c038b354746d91c5b":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ae596e74840a600556a06f97b13b89e38f67c152f1a1b930":"e2076e1050070d468659885ea77e88d0":"":"":"b4586bdbd4b6b899648f2333eee0":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fd33b7a0efae34339ca987b5eb8075385fd1276e63cc8530":"2d07bb8616fc0bbb71755a1bd256e7fb":"":"":"6b60d645220cfde42d88296ac193":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5685b12a6617d554c36b62af5b8ff2239cb3ffb1d2c40e14":"6c31194df99d08881fa5b1dd33b45a92":"":"":"69431593c376c9f8052bf10747":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"036ae037410dae9f0741608516d03b855c9c1851df8c54a4":"73599275f8237f14c4a52b283c07275d":"":"":"6f7249d25c9f273434c4720275":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ac144f39ebd6124bad85c9c7fb4f75bff389ece2e8085d83":"d0871bfc3693245be478e6a257c79efb":"":"":"5a99d59631d0e12f58b7b95ccd":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a8a541ff11a1b8548e832d9e015edeccc94b87dadc156065":"c72bb300b624c27cded863eba56e7587":"":"":"ea2528e7439be2ed0a0d6b2a":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"30dd8f400335e9c688e13cc0b1007bd21736a6d395d152e2":"28899601fa95f532b030f11bbeb87011":"":"":"35625638589bb7f6ccdb0222":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"cb8f672b04d706d7d4125d6830fff5d2ec069569bea050ce":"375d4134e8649367f4db9bdb07aa8594":"":"":"70610bf329683e15ecf8c79f":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"bf71e5b1cd6eb363ecd89a4958675a1166c10749e1ff1f44":"9f502fb5ac90ff5f5616dd1fa837387d":"":"":"a4b5138122e1209d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5b9d1dfb2303b66848e363793bdca0e5ada8599cb2c09e24":"2ee96384dd29f8a4c4a6102549a026ab":"":"":"3b33a10189338c3b":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a35ae271f70ebacb28173b37b921f5abcad1712a1cf5d5db":"8d97f354564d8185b57f7727626850a0":"":"":"813d2f98a760130c":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bdd0cb826d5d28c2ab9777d5a0c1558e7c8227c53ed4c4f":"daf13501a47ee73c0197d8b774eec399":"":"":"a6d108c0":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"81b4d5ee4e1cbee1d8966fb3946409e6e64319a4b83231f5":"bc2f9320d6b62eea29ebc9cf7fc9f04a":"":"":"a47cdadd":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"5813627d26d568dfe5a0f8184cf561fe455eb98b98841fe0":"817199254a912880405c9729d75ed391":"":"":"d81d9b41":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"94f160e2325da2330fbe4e15910d33c2014f01ace58e5b24":"80a1b99750980bf2be84a17032fc2721":"066fdd980cf043a732403ee5f65c82ca81e3fc858ad3cfa343014a8426fd3806770f127e2041efb42e31506ce83390ac5d76de2fe1806df24ce6e4bb894972a107ef99e51e4acfb0e325ab053f9824514b5941ab1ec598fbb57a5d18ed34d72992a19215d914e34ad1a22326e493d1ff2da7bc271c96ad3ab66d0c32bd711293":"":"dd153cfd7aa946280660c445f586fa28":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4785846f7c0524e78f3eb137fd433e1808af64549af69183":"5334476a5fa3fa50dcc4b12f8ac00b51":"e70f82d1e3361ac5a5c9a087e47984d5533ba296f9b7e4a192a4ab28a833cdbbd5cece3415cf6fbb2f8055560b5c31c98d83d139954e1c03a464739f1eb5ad982c4371cf20b8984bbd97d5f40b336f5e96df3d272b95f7547be15c3bc05b3caac7d08c5eb5de8bdd246e74f6caa6bff76ea0417730ce72b911867f88fdcf73a0":"":"c59231ddaae98e0e8db6b3fe8f4d3427":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"49b085fe1a8e1ae769ed09fc585d29eb24d589689992e6c5":"899878b0684fb865d30190821817b88c":"f789eafe3d02826b619ca4fbca7bb1919e5c6f7c33824a2f7f815dc50e329979705f7ef61e9adf7899d34f1b8840384ff62ef6d29eea38c45d12be9249aca69a02222cd744d81958c6816304ff0d81d6714a2023b3dd9d940db5c50afd89c52774d28d6afde2b6c68425b6acbe34682531a2e57e2b9a7729b3e8d96a729b15cc":"":"2c84bf7a8947ab93b10ae408243b4993":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"75847588760ecb6ca548747b743914c89fea367a5ccb81b6":"7d8a9fd254e2061c01e39eb574951924":"b03c57dfd49152401a225357f1d6e533f3a423e5cfce07b8ae7ca9daf68645e5bd67b3ca2421eac447530b27c6dc6bd9c7f1b22441b8cc8c4ac26cec2c9c0d665a35b66d779a3772d714f802d6b6272984808d0740344b6abdb63e626ef4e1ab0469da521c7908b2c95a0fd07437c0e9d4d2451ae189ad61ff19f4efb405127c":"":"e8aac14b53cdbc2028d330fc8d92a7":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e3a18a96d2e45d2f60780dc39cee7160e28cb810bf09858c":"26a4d659665ded39b7a1583de756d0ad":"83f8d9c58169b4c68032321197077ff5c8ee4ebb732b040748e1b55dcf53375ae86fb9646a672b5c5bc805a92c475cbb6d0ed689a58abdf2230250a7d3fbd8cfab07835fa85e738a7f74bc3e93616d844b1ec61b79f23dfea62e1815f295d43f61d7b5956103b31ca88afb0b3d37eb42cf77232dbf2258065232971c397dcbcb":"":"dc034564d4be7de243ff059b5f9160":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7be3909170ea7a2ff76f9f28241d8cc48ddeafa8517c6f8c":"8dee7e29350c60c5bcfec89da6617d2e":"f6e9e7a7f9716760eb43060d5c80236a0f118b0f750ebd5df01fd2dba95c556ecd2e54a3f337767321abf569c8137a8e48c5b44037ba62951e9f9f709e6e4540a36d769f3945d01a20a2ed1891c415a16d95cab7ddf9bcebf18842c830067509a2a5d49a9684324c433d53824d2f8fd326b149af17f40e5bf5e49185738fba60":"":"942b52277e9dc0a30d737d00f5e597":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1fe413bafc4753e1511b580c830449bee56e0e5b9acb852c":"e30829f64f3eda13bfb2ac572aceb3de":"6c772d08b4d7507e35804572fa697c646c77301954cc5c160941e49e230697ed8c23338b9f30c3ead69b1c1a2329ff025dcd3c0d0a9cc83fee4979448aa71ddb9d569bedc8c497a2a4ac3b60d087d7872f0a110bf90493ae7da03b0953734223156cd2d6c562e4a978a6dd5cdb229dd58dd4d0f50ac015f2f5e89dac4aa29a19":"":"87737873b82586bb29b406946cae":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4bc4378d423931f9b320bb57df584c641406c1daa7448ad":"eca70e10c0358838a3f4a45c4b016ccd":"68d1c045c1604e3c3dd4f7c7543240aca8dbc5266dc18c5a8071e8b09e3700b7cf819044b2722d8db92021f42a0afb295d7b16ecf4e4704a50a527a2e72d7f53617c358e3b7be3d7fecda612ce6842fcfaa68f2d1b8a59d8b8391779f2fab99f820862c94029f444abe62367c5de0a4becc359660e4a5366f7d482bdc362b866":"":"06f95ca69c222a8985887925b15e":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1cd4414ffd24e830e2dc49727efa592e430a6a75391cf111":"a08e32ad7d63f975de314ad2c0fa13fc":"20a271f1f4c6bea8f1584ab39a7179ec448650e2ff67a7338d1bc9fab7f73b2ce5222cd07ded947d135d9d0670dc368f0a4b50ece85cbf641877f9fe0ac6a7e6afb32fdb1b3cd35360bb80cfffc34cfb94dbcbee9ca5be98a0ca846394a135860fba57c6f0125dcb9fb8b61be681ada31a997638ee172525c03dd13171534a91":"":"c68842cafc50070799f7c8acd62a":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9e0ef9ed5e6f00a721a9893e1f0d9079c5aa667a4cdd2a52":"5f015fd556e87ff0d0df586fb452306d":"b82986135e49e03f6f8f3ce4048ded2e63ee0c31ddc84929e022ee8561159179b3bb4403ebdafdf6beae51ac5bf4abed4dbc251433417ece3228b260eca5134e5390cba49a0b6fcbbbabb085378374e4e671d9ba265298e9864bfce256884247c36f9bddceb79b6a3e700cb3dd40088ba7bb6ab6aa11b6be261a7e5348f4a7d1":"":"ec9a79a88a164e1a6253d8312e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"9bc8f15d98e089d60d4db00808700053f78b33c31652c3e4":"5cc0ff9bb7d5b9b2aa06f6ecf669d5bb":"24ac95a6ed2f78853f9ab20f53de47e7f662f72aea454141e2131aace7ed2daeb395bbccdbf004e23ce04ad85909f30151b6526c1ce7934726f99997bbab27055b379e5e43b80ad546e2d1655d1adad4cbe51282643bb4df086deb1b48c1bd3ac3b53c4a406be2687174028ecf7e7976e5c7a11c9a3827813ade32baef9f15ec":"":"9779b7c3ece6c23d5813e243ec":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"19afc43a4481f796d77561f80b5b2e1514c96c5d1d86e64c":"d4c06595fefd4a81bbbd4b40c2e1989d":"98fcca51352998d0126b5539e3fb9a238ac31c05954fc206d381909aee70983b6ab99d3f3efe8530a1c3cfe3b62756321b1d0771a5940055eba1e71fa64f29291aa5e5b0af0fcc8e6f5a02688d9e93417225eded791a35217822ffb346d3fa2809b65abe729448316be30cf661137d3c0e49846cb0df598d90eda545afb64a5e":"":"ca82448429106009094c21d70b":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b4fc31dcfef6203fdb296cc928c13b7df56bfe6f32583057":"6308a78dc8f3c90442dc52196649c38e":"2567d80c253b080c0158102558551445d8ce4d5ddee2014a2be5cbad62e1717a0fd4d2059447c3151192951eb11a4a7b19a952f6ba261c87f10f4c9032028de3cc5a2a573a4e993a690fc8954daa3ec92743e7343e75b646c4fa9cbc3fceb4f5d59bb439c23754c4d9666fbc16c90c0cac91679b6ad1bfe5dcf6bd1a8a67c6b5":"":"9d1603799e2485a03e7b05a0":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"1c2d9412486c381440213e1588b6bb58b0da53300b9d3089":"727ed8846daab874d5a9918b47d016f4":"656430f0c1423018b5e2efbb1e32a5385c1a9a1779c4dbd585dea91edc39ea8752ebfc2d8064251a8a5ae71e1845f24a7e42c6371c2ecb31e2229d5f4923bffc21d4804575a84836f3cf90ec6047bb360b558a41a975ece111b5284dfa2441705a6df54fc66ca6cc1af9163ecc46902fac337d5f67f563fde8e8e7e64b8588b7":"":"05ee6ce13711535864674a5b":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"abf7a97569427225a4bd5143c716a22e62f84c145bb51511":"e255088cdfe8ae5c9fea86d74d2f1b7d":"b850993300f54d078f83ceb9aef7345bbf758f92365b6625c210f61dad4f2a2319f51d883a383a706392d3dfca1706eba585a6fac8bd4294c0bb2cb3f6b454d5c97819e8e5c926754840261b07ec4ef1f87cf281d75c187839689944230306e1903047915e086043990745864819ad713d34a244aa4e9d755fdb137105d7eed8":"":"0c9c17388d0610f99d0a093f":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"45a6df655e88bc880acff41520aafd0cc8aa8aeb8952fd06":"1125e1de94970c9e7be70e58e7626ef4":"fe9838a445b8edef19b3e9f33c8c0c265b3a12c97b8ec57ceb94f65ae5227177de38f1e338dccb2b24e5bd0f0eb8127f83eba0f1ddfa55198789df0cdd1d977fcb985ad9c7d51b96e749d2cf3cc7a1ec4dfcbc641a1a022d55def328e081af890a7e699f2dbafdf506389e045aa1219239d5868ba675a3925602b6fb6f6e6d37":"":"1c3bd1e0d4918e36":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"279f4f2ab4b70778fdb9ca7800cd20e323601d7aa2c75366":"0f7b402560735cf03d5da58de5b6c685":"7dd9a8c848bbcf5127161c8a419a436a0dad559f7c1613cdf41594e177016acb1ccf44be852185c42e7120902a42efe83855995ab52cf5c190d499fcfd698c671fd72949dc3ea7ddb874e586a3aa455a021cec7b5f8608462ca66f926aba76e60a5846d4eb204155cd3c1328da51ba35c3007b8bb394f34e3a8b81ddd2ea1115":"":"dab612351f75e2cb":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6716ab937755684af7403e6fba5452c1b11568a9047bb50f":"2fd5a446dd564619ef75b6e00905ffe0":"20d261d3192996c21da69e979c26f5f937e6ea4cb7b05c6ef556ce4d86ca0fe85ec2425d274c43b5212fe9d27bb48b04e887461a9f45f524059b87eaea2e287a8d4537f338b0212012a9d4b6610e8c97dd554e0b3c3133e05c14d0ddab3524c93fd527e223b1996b4cff0a4a7438f1d54890bf573cd803941b69e5fc6212c5d2":"":"f1d743b7e1b73af5":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"7dc94b5bbd6315ad8d2b67f0c683d10cf456f822a3ebb024":"6f3eedeb57dcf12bfb3cd80849893c90":"ee1ff367f4b23c156e3dccff84ae4bf2b8ecec1fb5ffd25ccaa93b6c6834389bd79655bd4bac75238eb0f65d3603ecc57c8774798309e85b6677e78ed2077b712cf28795d0dc8fee994f97373a82338ef67c62378136a79a990ecbcd6367445e805efa98f9168826e57cb8dd7e7b1d5c89ad98358646fa56dd2a71c40e0275a1":"":"4dc74971":"":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3bbe223e253bf272599e28af6861013ecd0c88710947ed41":"4fbf09ffaffb600f0de38fb12315cab5":"5388146f6479f7b3b280f45655a95b847ee27c734fb2fd91f6c009b1ab1810c772c7435d3221069f9490d251b76e740147906ac1db1c209c175b21aa10881c44fb307d4d2900aa3b1d56fb0edb9f2a58505653a17fee350e12755b9656bc65c78c1593d5cb7178e29f82209caf53e60fddf725f6957cc9718bf410c4a0229ed4":"":"fb845ab7":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,0,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"461877813acfe6e9979eab729b52e3d192b3236758bb6563":"6985cf77b75a47a3978dd6412d59200b":"385551854a89ab37063ba0ed911501b3d632153c5c2992e154c0a334bc36620476f11495437b842409e0954f7352cbf288d158bdbbaf72621ea2ce75b708bc276f796c5aa7fd0071e522c5f175a9e7787deef79f6362101aa3607b4588f2e1df7127f617c6073593a1c792b959e201e4a7a43ea8b1c3af026376439ef629266c":"":"c840d994":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"09770f9114120a2c1c3cc416fe0eb8699e07141158a5bdff":"cff291d2364fc06a3a89e867b0e67e56":"":"875e2e5b5c02e0a33e71b678aa29c15ce18ec259cf4b41874893ed3112daa56ff2a7475681b8b3d9028ef184d30658e881c908f3588f69899962074db4ddfc0597f8debb66c8388a1bccf0ffe2cf9f078dc1c93f8191f920754442ad4a325985c62de1a57a25de4e9ed5c2fd0f2c8af33f3b140bac12bf60fdb33e0ec557955b":"81f1eb568d0af29680518df7378ba3e8":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4fbf1c785c087ad06b43d4163cf9b9396deffd3712856379":"1c8f41424acaf009996ceaa815b24ad4":"":"96a690e5319c94d94923988025307e543f16fd970aec24524cf9808dc62b093359287251503f4231bf52cd1a16a80bfa82d8f585d96855dc1932f4919a92da2618d6448fc18a234f9acb386ab4ab4a9e38ea341e7c54faceff38c162d74e7fabbca13aadb71e9c8ae6072e7bef4073cf08aa7faaa6d639f98d15bad4ed183ced":"9f3c0349c5a4a740a82d6d63bf00fb17":"":"6100b091e52366fb422251d9b68974b6c666a62a8bb77a1ffd7c7d1ae586a6ee763b84dc11aace02a25af91d194b70b3265ec46872fded54275b7ddb26ee1f20c857328f46a694fb1dce68bcaecbd587ece5b505d658d57d50333e30b639eea1f6537b37c175f62497c6c84e3cfddae214285d2d68d90dd5cd8ce2273d25c8ca":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3e0ce4fb4fe4bb2fdf97b23084ff5671b9b899624184acef":"a950ab0dd84115e3829ab0ad3bbb1193":"":"df89974b1534f0ba262bbea5efe39d8b72820cc8a720cc99520fedbf667515c3f6d8c3e25c72c48c1cff042171df58421741aacb2a49f23167257be7d7004d56b14901b2075eaca85946e9fbf1bbf4ae98227efc62bf255a25dd0402d37c67ba553531c699dd89ff797e7a5b5b9a9aa51e73ca2dacfda0f814152aa8ed8c79f9":"25cfde73e7a29115828dfe1617f8b53e":"":"847b54e176ccc83081cb966efc4b4a3bf7809ce0b4885009f620f61fafcaa78feee91a835ae6c1a942571811108b1e81b4c4ddac46aaff599c14988c9a1fb9f387ab7f1357b581568b7b34e167ac2c8c2b2b8a4df3fd7ad8947a363c1c0cb782ec54b1901e928821cf319669dd77eb37b15c67f13ad787ff74312812731ca3e6":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6be3c66b20e5e66ababbfba1b38e5a716eafce23a1767b69":"3a2acf69bba19f5d1d1947af2cfda781":"":"de1cd978354a499415176f260021abe0a8c5bc34d166f53d20e02e413e1377ce4ef5d7f58337c62251a3b4ddea0dea23c40e5de037fd5dd8a558eb53bffa4e8ce94899afa8284afab503c1a485999a154d23777f9d8a031b7ad5c6d23d6abbe3b775c77876ad50f6bed14ac0b2b88fb19c438e4b7eb03f7d4d3fcca90dd01260":"f826d212f7c1212fb8a8bf23996826":"":"fd1f7b56e5664cf4c91e58f7c50f6c5e98e42ca2e4adcc00348cee6f662b382ad4022da54a47d8faeb9b76a24dfc4f493c27fc0bc421a4648fad7b14b0df95d8752013feb033b1fd971daa2c9a5df898bece6a3b8fa078dd130071df20a68cd0f394be25dcbb3e85bdfa0df4797fa6f01f5f0da7a6e86320207ddb5b3be53ae0":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"d16abb9f5b38d7f5abba9dc36995ce6ce928ed822a07b7c4":"3cd95429c6de1d327b9eb3c45424a87c":"":"e72f29b1fc1dbfc2d93a0f3b79ea4b9806ce9b2c4d490ac5c0c3c793df9dc7df5471e834b84d18afa5a7516f9a6a813a9b65ae2f083a854730547e28a1f60fe97d8dba1d2d433e11847b9bffd8873ec634e64365530c905dd6f274e45c9795ac127a6f356f63cc6c116c5dd8c628e7e17e1fadc58f8452bf21f53c4133198118":"13521236f190f78e75c0897c5fb237":"":"cd8bb97c28df092b6783ef653fd26f2bdc27c442bab0a4c7bee2789f389dcd1b280c0231672721bfbbc939a0449557678ec61ba0afb2e5817e6f7d94387f84ecafbfa1216d65e7f5025f47b0d2905cff7c99adf8306a3d9850c5908be05f87cb1d36a4837dba428aac97d7fbc18e3778f8d81a319259504c87fc94bd0766ed93":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"0bc344b1a4078807e5f53a6e7e1e36fa83108473ae2fb4c2":"bd505fcba464e6e2c58fdf29f5695fb9":"":"8bd73f94c71e3765bc7d17fdc90a9ba6aff9648b46300e4048985fbbd7c60c39c3766f7c524780bfc2296dc11e1132134921760a373104edc376eab6e91e9a60a5c4a5972935df12eadae074722bdc0147c3caf6a62fd449ef37d76b65f6d210283c94ac524cf13186e444d80a70b01e4373cc0462546f1caee6b49e738a742c":"8510fff71bb879f56ea2fe43f6ff50":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c8097398fc21f93eea6a95aa93a3231096817b65520bc549":"776248381941e16908f52d19207881f5":"":"80b0abbaebbd537a0810ed75cd172d29d50f5982e4d01f8664ddb2dfda8f57fa0ed87e64a779a1d7f5e568b6acfdc739572a7176752307b430fb1fa1c3c2c346477cebe7d01b16745ca6c8929a7f446c03ad9a9e8a5a935de78ca6c701e8c1c5e6d2550c42949cf5342fb5ef4c6ab9bb02ace8388b16edf72a1237e5d1d0e820":"7fc4388b2f8eab0f0c2d6a08527e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"76d4bb5694faaf344db83bc6d6c47d56bb6ab52700826f2d":"603977845d82faccb401817ecce6e2fe":"":"9e31fda6a171f0d4a5f2af2c4f827b1312d9dda5d78fa329b8f1b6373b9b29be358601e5bb0d0c615aef4b9e441c811219f1f2ff2d0ab23e0cd829a88b5b615ee72e5e3ea604fa26cc6438ec4c30e90f7348e9116adf8e8efb7498320d2da16679fa546b1aa9afc7720b074c4e48e06862d41428c9e71a4772c2e195a6f36978":"c955a3bc316841be07e406d289c8":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a3e5020695587984074d78d9c98b8e1a5719e5f88372740e":"4cd56de54e5140a587be7dfd02d3a39e":"":"c0bfe3b2dc4dad17ec5a7662d86847fb67e582cc0baf469bc9baa7a075d48a8b97521a1072c2798bfbdae5ca3752eda1cb96fe5cf24af989eb77a2948aae3d8b70d83d93f84c49347f788480f34051621c358c03cf8159a70fc72cb8bc02876234ffe76b181da8b22b8796c87b0904da1af46de519c20d8d1b1dc7cc24e39ba5":"1a29527a41330259f918d99d7509":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"afe986ead799727063958e2ce13ca846f76c51605439f839":"f85a95ed10b69623162ab68d1098de94":"":"7c1b354a5bb214bd95147e32d81e658705089c38035d0ea423eb1a5c82f97443c6903d2cf1ba7a007eec7c8ff98b8f82b073d9636a79bd47c7f2f639a8eb4e92076f9ed615766f43ac3a4f1687301ed7d507766605e0e332880ae740ab72e861a2cb6dce1df1ff8be1873d25845ee7c665e712c5bbe029a1788634bce122836c":"3cf1cdb4a4fdc48da78a8b4e81":"":"a7f252ad7983e7083260598051bffd83f40f4d4a8b580cc2388d720a0979dde71549ddcb86b0a62c4964fca591d0982f3a203f2f8884ff4991f17e20f759ea7125ba2bb4d993722f23938994eb2709c850f33ed9889e5a3966f9d7b76add46aedf230e8f417425f9db79ccd46b5660361de7c5d87f71a9d82c491c0c3daaf56c":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2cfaa215841826a977ae6adfdd993346210c49dd04d5d493":"537a4ee307af3072e745570aaaadce34":"":"e8eb3b6edd0ca4201b49a6a83036445aba1a1db040f3e74511363bce769760a9914e05a067f555ca15a57c6e02e66fbe4e04dd8c8db8d6d14ebc01cc7d84a20ff0aacb69bb3679d6b7d9d2e07deda7c2d4fe4c584fe1166e78d21dc56b9cdad93709c03b9145b887f87b4f605f24f989d5e0534fc71a58e8a8619ee99f69e5f5":"df01cffbd3978850e07328e6b8":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"128ddc83d2170c403a517615056dceec0d19d6fd7632e738":"5124b410c43d875eca6ce298c45994a7":"":"cfe9f7797ee37bfc4f564419bf2268c964479efa7435970874154432930f3b2736438da4dc9c76200009651340e23044bc9d200a32acfd4df2e1b98b0bae3e9ff9d6e8181d926d2d03f89768edc35b963d341931ac57d2739b270ce254f042b64ceac4b75223b233602c9a4bdc925967b051440c28805d816abe76fc9d593f5a":"56ad9c1653f11a41fd649cccd8":"":"cf91f087fd7faf362caacf4a68cff51ec57b3075563e4ad0955df20b366e92bd75c3762cf4a6f0eb859872667a5c55aa5d94f5ac9479b1b9c9345b50f82379d551506a2ab02b0441b14b28b78a12b38500d703a8c19888fe612d4710eec7cd18c16d6a4b55d3c69760e2bed99efc8b551dbe2ac9b9b64715f87180b8e14d1795":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"98581c28983c4da321ce0c419cc0d476d539e77da513c894":"ff10234524433b871202c2cca6acb194":"":"bdef5b65b5111b29e781a6b71a0160179c52b5bccb1ac5c0377b26cf3f61432f3ccd67633a836357c24b5099db0510a7f8110f59e8227cacd11f17ea1798b5d4d68902ca6c6eccd319fef14545edd135078b38d43b61c9af269fc72f7a209ba7897e4c6dbd21bb71d7e93d2d2426ffa1557cae28e74059d3baf06ba419a47b39":"984943355a7aef15c4fb8033":"":"808e28bfd441cb8890416a757d252c986daa8d607ac9cadd2f4fd29eddbcf3b859ba298e14a4ccefe2c2752b123f87b98d6708fde48faca4bc7dd818a7ea76cfa4357932e59cb6be0e9283bdfb49454b86b9fd04aa8cdef503c65d13fcff42e9cd8f142f8c06cf7daa6d8ef8b9c9d69c39e8afd980048fecf731fd674b2a814b":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"167b8b6df8014c8f3de912b77f5a0c113580aa42d785298f":"49da91e926091a448d57d521cc90f3c0":"":"4f787de12ba907a589edf74c8e7a6cdaaabebddd465a86e170e1efc289240298b516fddc43c7fd9bb1c51720a4455db4dd630b59aebaa82bd578eb3cb19f8b23ee6897c1fefaef820430efa6eb7d6ff04de4d8b079605fb520b0d33e96c28f0cd71983c4ce76c0ea62fd7209d21ec7b416881d545824a73d1f9f8d3323fdb90c":"99198f55f9fa763651bba58e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"71f5f8505fba62f08fa0557dd5407fc83a852c6007ccecc8":"b5efb9feae3de41b5ce9aa75583b8d21":"":"3e19ec02365e450e946123a3362f9859352eb52902a6bcb8a782285dfac9d2b282f56302b60d6e9f53fddd16bbf04976cf4eb84ef3b6583e9dc2f805276a7b7340dec7abde4916fb94b0ed9c9af6d4917b27e44d25f3952d0444cd32a4a574e165a23fa8c93229ceb48345171a4f20d610b5be7d9e40dcf7209128f029fed6bf":"9604d031fa43dcd0853e641c":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4cdb38f8185a4186fc983e58a776a6454b92ecf0bffefe98":"aef257dd44d14d0bc75f9311ef24e85a":"":"1ca72c50a093076e9a9dfa09888b9c89eb36a942072fc536a81713f05a2669b39fdb2871b82ca47dcaf18393ca81dcb499aafcc4ed57ea79f8d4f9bd63540610215b2c65481b294638cec41264a7fdca4230df5fe1e7e3d8d26dcd0c435fec8e9bf778f9e6f13482157a9722761601e08425f6160d3bb626ae39ee1117b0353c":"d951becb0d55f9fb":"":"2eaa7e922dbd8963e2078aae216636276f3f7cb5d7f35fa759e91bddb6e247a93c388241ba1d0d37040c0b9e447c67d35b4991c1acce97914f3bc22ee50171bc5922299983ee70af79303265bc1ae1e7334202460618b4a8891d1a7eaaac5cac1e4dce024ce662d14849993f89e771fb873644b552120fd346250df39aaaa403":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ee8d3aced3aa3cb2166aa66c4a252c12dc0978830d0bc75b":"c15c9c0b0b70c7321df044bfde2b15fb":"":"ee69b2421d43a9f383d99f9802ba4d6cf1c537b42041c86cce681049bb475e5098d4181f1902b0a49c202bf34ef70ea7b787fa685ab8f824fcc27282146d8158925bfef47ccba89aa81c0565eacb087b46b8706c9f886b7edf863701003051d6fb57e45e61d33412591ec818d016eec7dee4254636615a43dacb4f1e6ec35702":"c5c9851a6bf686d0":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a8538d609444e3197ab740cd33b66db1cf53600096b94e0":"0bd64d222532dae8ab63dc299355bf2a":"":"8c2b8fb775d1b21c41a3dcf48ad6d68ab05be3879f9b94b305a6ce4d799e3a992c1c3a65a3e4eab563edb57424927c90c76e49386e29dd5e7de2800fcc0eefbc8b4f977f71be3754c006ee93dc09b1cfa59c424b6b3987aeb56feefc21004c63e8284b6845e395bc8843cca0917267fb4a8f2db1f7daafe7a9da95083a44de70":"3477cad1fd4098b2":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"447f0f065771b6129952e52206a64fe0844658ed685e39cd":"37e3a300542d9caf3975c6429cb8a2e8":"":"fea5d227869e527882c63a68a6623f4a699df82b3dc715c7260a5554336df8376744c05ae89ec27d40da02d9f1c5e9e29405579fd4132143cb21cdbe3edfaaab62128ecc28018725c8dd309d2376223d2e2edfea9765699b2630ff5d9fe9bec416c0ca6418b938d195d31a08e4034c49d79e3a249edd65f985230b33c444dd02":"06bfca29":"":"e1bdd1c212b159b87e41a5f64dcba6b27aa0f5c8871fabfb588df0e06bd7730ec1beb0e3388f96c992a573ff69b34870f83c53fb65b420c1c6f92e2aa6f03917e8203d77c7f5ee08baf9fab12f9d38fc0ffb83807ba781c3dd7b62edca2121f68ef230b42b8adbd4cea072209d02713789ed559b83739a54cfde69e68bdc4128":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f465e95f6fc19fe6968b98319b547104d0c01c17105f8fc0":"6cba4efc8d4840aa044a92d03d6b4d69":"":"2426f108368a00d2a49670a3b64b4f0569c6da9660163e7b209ec3f8d058ee11f7818a8c5030c5f4ce6e1e5a93faa3e5ae3d0bd5d712fbc891cfeb20845707edcf5e29719a5246a3b024fb12d37bd1b81df3812fd50b1dfb3e948ce546dd165cc77f903c07fe32bc7da7fbc25036679017317ce94cd8a00c1bce7379774f1714":"92750ac9":"":"2e59b104c1a6f6d651000396adbfa009bf4cf8cbf714da8e4d3b4a62bd7f522d614decf090c7552a4b9e8d7ee457ba642d5100c0c81c14cbba8c8ff49b12827f6ebd41504ccb6dfc97cdf8532d1f7f7e603c609efa72d2ae0dce036ec4ab36849a0c06f8737d9710075a1daaed3867ca0a7e22111c0e7afae91f553b6fd66c6e":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f08e3e9f7b3a20ccdc4d98b56f2b567399a28a6b3908deab":"4f4636d1b283bfa72c82809eb4f12519":"":"a986e816f1eafb532c716a555cca1839a1b0523410134ea0426ab309520b339fc1fdeb40478ae76823cee4e03b8d3450e6be92d5ff17b2f78400f0176e6d6a3930bd076a7a3c87c3397dcc0520c6b7b4ff9059ea21e71c91912a74aac2ca70eec422b507cc5c60860bb8baca01eec2a3003970ba84011efe576804b2820e306c":"16c80a62":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"87b5372571fb244648053c99405999130f87a7c178052297":"a1cc81b87bd36affe3af50546e361c9e":"684ce23f59632308d7db14f7f6eddaf4d83271fb0c27401b09518a775b36252540f14305f0dae13ff6c0dc565c9e570759e070c8ac73dfb97abd3285689a7cdcfc941f6271be3b418740b42ba4a114421065a785be3dfa944c86af56da8209779e8736e62529c418b507c6d8ae002cbc0431747722afd64521734f99273de455":"ae078d1554fc6a14447a28c3dd753e790f7ef9b53e35c3e0fe63a7b1b326bc56034847f8a31c2d6358049aae990bfe7575b439db370aa515e225e0ec730488c700a7b0a96a7b8e4e8e4c6afec20decd16fe3c0f3f8d7a6cf7a8711d170829d14c706cceb00e133b8c65c8e08cd984b884662eddd2258ce629abf6b9dd28688c9":"98177b3428e64bc98631375905c0100f":"":"8be7df33a86b1162464af738de582a357d0ce8e213bba1b7913c0d13ad759d62c3bf4366f5130b3af2b255b7ad530b4977627f9e76b07e360c079d0f763dabbd22e976b98cd5495c6182f95bc963aad4b719446f49d3a448d11cac5bfcba4b675b8e4d88a389e2580e8f383f95bf85c72e698680d2a2bc993c9ee1ce0d1f1ac3":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a2d069b826455d5e79e65db4f1d2b6a29ae9f401bc623917":"6d40a0c7813bc0410ff73f19bb5d89c9":"9960376b1898618d98c327c1761959d045488cc6198238bbe72662f276d47b41e8aebc06dbce63da5adcb302a61ade140c72b9cf9f6dfad6ecedd7401c9509fae349d3c7debe35117776227ba167f2b75921d7321d79f4ebca13d20af1638a1567043365f179f4162795fe4fd80b5d832e4ca70e7bf9830bc272b82182f70d2e":"acd6225dc5b9109d56ea565ab38dd4db432a7ec08f0db04f1c6b691c96d2eaaa6be62da7cc7fd75f931716c7f39705ea7cf828f1a5a325955e9b2c77e7fb2d562be6a89b3351b1b3d1355b43b73ed425049430314c16bf0836ed580e9390a3b8e2a652fddbfa939ca4c3c99765b09db7f30bf2ef88e1aa030e68958722cb0da3":"010195091d4e1684029e58439039d91e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f3252351fe8e7c628c418c1a49709bf1f8e20add82539948":"eacd2b1c3cf01bf4ea7582d8ee2675d5":"141cb39a2fb8e735e0c97207f1b618a4b98f6b9bf8c44a1c8e9ea575a7759cc2a02301274553e7744408b2c577b4c8c2a00e18f8717fd8a6d2f46a44eeb05d685fbef7edeb4229e7ea9b8e419ffcb504d33583b3ae421c84caeca9f9789047dd7b1810318d3765307233567bc40e003401c9f4e1b07a2a7162889e1a092aedc1":"7e8d2816d280c91d232bad43b6610e2d0532a9f670f221a3a975fb16472c2e83b168115e87a487bcd14b37f075e1faa59c42515c353cdefc728ac617b7d273fa96778e3fb5f7a1132f8e2add4a57015b15d1984338b7862356243d1c5aa628406f4a507498eda12d2f652c55e8e58113ed828783b82505790654f036b610f89a":"63a310b4f43b421a863fb00fafd7eac4":"":"699c146927ae29025e5b20088b20af27bc75449e4725ee6b7d5dc60b44ba8a06f7d265330c16060fbd6def244630d056c82676be2dc85d891c63d005804085c93ce88f3f57c2d2c0371c31027d0a4a0031e3f473cb373db63d4ff8f65be9ebe74045de813a4e6c688110d000f6b12406881c08085c9348e1f0315038907e33f7":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"e462957f2c500bf2d6bfa9af97938fdd8930e360ea4175e7":"b380584a3f4e0e59add4753c282f2cf7":"682b0af6592eef173e559407e7f56574c069251b92092570cbb7f5a2f05e88bed0af48dcda45b2930b1ee7d5da78dc43ec3598a38593df7c548058eda3c9275c1304489aff95f33a6cd79e724e8d12ca0ae92b20273eb3736efcd50dc49e803ad631dcbf64376a45a687eb4e417aef08a3f5f8230d3f0b266ea732c21ed2eed7":"82a7a6dd82a5ea3d9a8e9541d854978487eda298b483df02b45c76b8b38bac98ffd969dd160a2765595b19d4ea3e64351ce95764a903f595dd673d13facf5a5594e01be1d60a0c6d28b866a1f93a63a74fecb6d73ac6fb26b20c008b93db53e9dc1d3e3902359fd47734fe22a5c6958f97e9001cc4e8b6484d9542dbbdfcfcdc":"28a43253d8b37795433140641e9ffd":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"4a62ddd87f41c6df756e8da0985dcd8c91e73ba395b3d79b":"1d1843e2118772d76a0244a2c33c60bd":"028b92727b75b14cb8dfeb7a86a7fec50cd5de46aa4a34645754918b8606819d4bf8a2e7531a05ae5505492ca6cbc8c0e6d6ab2dea23bff1fdf581bb780b4a3312aa39639383fd10bcf92489801954733f16b021c2e84809345216f8f28a99773341e40c4a64305a2098eaa39f26a93bd556c97f02090e1a6c181a4e13e17d3a":"37a83ee6dbdece212446739ea353cb957b9aa409c88bee042bbc3a6e5199aeb28f2b4b00ff433c0c68d6db5a197566019db8a4c7a792e2839a19a302ee02bee046adce04c1fbbd5b0c457d7cbe277992ce2c153d132269e2d1f12b084cf3026a202b4664bc9d11832e9b99c7cc5035dcfde5991dd41aeb4fbf8bec5126a9f524":"ab738073228bdf1e8fd4430b5c7d79":"":"e702f1bb9a1f395c74fca0ce9cdf29e7332c14acaca45200cd432a5767be38929ef8de43d0e1a5e7300c1eb669ac1ab997b31cb1403af8451e77e63505920af0f8c3abf5a9450ea47371039ba1cf2d65a14fa5f013b7ce1d175859404dcf6461a36e8bc260e7abf739d8951ddf1a3754e2d65e0aa31320a5ffca822023bc0906":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fc46976d38a581a7042a94ea4b5bfe3587ddc65d1162d71e":"b5e92563dd0339df00b7ffa2239d21bc":"7b6f6e104acbcd7188161477d8e425ff99add22df4d22de7f28d0a0075ca4ef848f68d07ed22d3165c08e40890ce04d1bd05b1a6ccb2fec8193d5f7dffc93d97a0c036b3748f708b011b68247a0249b9e1a60b652164e5c2fd7210377de804ac010c8aa08a11f40af97e8370a59f936cd14c22ea7a236d904145adc04a241fc0":"4b9e858fc8f01903e426112192d4ae4686b1ae4d683b75afb2b8c63590275943d0d6d6a23b6d35796a2f101203acba107474ca6f4ff6dd87d6b77785ad1d160ef2755d84092dc70c86db5e639b689943b15efa646aff44b3f51f5d3f4cf6c8f7fc5adfe7bf2d72f75b93b8ee94ef3fa69ea0fc0bb77b3983901fdcd30bcd36f5":"d4356cb417953b01f7b1110c8aa3eb":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"403e49feadd4db763652ed5c4b1e12680cfe0abc30f4696d":"1a60258a56e15f92814b4d372255a80d":"a4ffa9e3c612103224c86515dad4343cbca7a7daf277f5828670834f4d9af67b9a935c71b2130dfbc929c4409bffb7974ffa87523b58890770439c33342880b33319c626bf776c1c0aeb9c2a348a7681572f4ff711d94c192f3450e8b1275f9d02c742a2c9f1da316e9918bf787f22699172986cb9b10fc56d5f6b8392ff92b8":"221c61d769febce3913bfead9a201a805f11005ddcac185cbae00ce749de9c4362889b1b0d9546e91598e0ddedb88b673a90acca65d7e71a85636be052f361839a646dc8b834c02f3e2261d370e6bac9636b7536225b5ea77881200c8a3450d21bfd1e11afb3a470e178ecfe944a25a7cd0254e04a42b67723aac8afffd56fee":"62646fc8bfe38b3ba6d62f9011e3":"":"5c76c90dea7d659804ad873960906259fbdda3614277ec575d9eec730e747a2e7b9df6716b4c38d3451e319eeecee74d1f4918266fc9239de87080f1ad437b47c6904ed2d5514161ad25e3e237655e00e53fe18d452576580e89b2f1f0f6aa7e40a337fd8c48d690fe013a67264a80e9b5dfd009a9152d559aa02a68f401a09b":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"c3471259512d1f03ce44c1ddac186e9a56c1434a6ac567c6":"50164c63d466148ab371376d5c2b6b72":"11d1f523888bea1fbc680d34bc9b66957d651efa59e788db3d3f6f50e72184b9d14e9ff9bc05fb687520cf423d681812e007025eedf0e78e7e8191e6b62404e8eb400cf837d762a31aa248553367263d6de091fcf7abedc3e69fc118b7efb0594c89b96c387b7c28ed9a7b75db60b6b5133949b891ff81eca5790a265f12a58c":"dd5b98b3b3cf03fb92be579068a885afd984630692eb5f155fa6b49f2b1690b803d34b90e8de3cc39c2e61650ffffb51e7ef36d35ad17dc4d91f336363b0734996b162b509c9954cab3dd959bde7e437e9100d84c44104c61e29dbe12492a0272ce6eea2906d390de7808d337e8c650b3301af04a9ed52ab9ea208f3c7439d6c":"6c5f38232e8a43871ab72a3419ad":"":"50438ee712720abf2089331e4c058b30c30c3d17834c507c0010ac3f974a256d01b14a45e9ce5193c5cede41330cf31e1a07a1f5e3ceca515cc971bfda0fbe0b823450efc30563e8ed941b0350f146ec75cd31a2c7e1e469c2dd860c0fd5b286219018d4fbacda164a40d2980aa3a27aa95f8b8e2cd8e2f5f20d79a22c3ff028":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ec326a1e0fe6a99421398df4fc7d8fea67b67e5f5fcd50ad":"c94aa4baa840a044dbd5942787a0c951":"f8401c578f20d9c250ea86eb945184e007a0190462c7abddf238ce1ceddcc230756aa222386d8ba66ebbba13de008ced140896ac55bc47c231cc81370ca9feadc225e017d59890e6291cc4cca27db3078c0cd6cbb51afb62210226a76837c5454728cb5ce3afe7352e7fe75421f94986e6b7b26321bbca15c75ac7c13dc15f50":"6d5016c434a0f4b4a5d9e0b6b8e2d848a94f132f055d2d847e54601a4c9cfc5966a654d696f8a3529a48a90b491ea0d31c08eae8ef364f71f8ec7ae7f7e39bb9c331137b2578362ff165628099944ba8deb0d99ac660d5ed2215b9a7626ff1fa6173cd8dd676c988d16c9cf750a0d793f584c3c8f5fd5d167bc278f4d77a629c":"3269922affb9d767f5abe041cc8e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"a7ef81652f604e88a72416924c53979dc73cadd3575eda1c":"0cc9ae54c9a85f3e9325c5f3658ab3b2":"d0195b744351aa25a57a99df9573dfa3cebe9850139149b64f7e4af37756a430dda8af98e4ed480e913aa82821c01c1f75b187e105a8f39621757d522c083a8d81d7d8bfe6cf15c439d0692b6affd655a11bcd2457046fae996a1075c66029867b88cd23c503ae04037dd41f27bafd5000d1f516002f9fcc0f2500e8c1b27de0":"9ecd19a8eba9fba843486e1bbfb8d9053c5e04b24e30174d4aa89d8307439d653f8630edddafd51719c744bcb4bce3e444847567bd2cdde2995870d0634cc0ba2bde4b6bc2bc583062fb83874a1c25b50aeb945bd109a151772c077438c4d1caaeb5b0c56390ac23c6d117f3a00fd616306fc2ffc4c1e76f934b30fbbc52eec2":"22c2efeddfd5d9cb528861c4eb":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"605271a41e263c92dc14fe9df5203e79d58cc2d1289dc361":"7f128092a777fc503adc7f6b85eb2006":"aef9f984fb645e08d5f0aa07a31c114d2f8e9eca047e4a8d5471378cfc2ced1159dc093d174788e58447a854be58942ed9a3fd45f3f4a1af7351e087369a267797c525f134e79709097e733b9003b9be0c569fc70ee3462b815b6410e19954ce2efac121300c06fd9e00542a9c6a5a682fe1010c145acbbb8b82333bdb5ddfd9":"2bda3448a283ecba31e0299c0a9e44628cb2b41fa7b1a41107e107cabc381083bdbe048f2804568fdd5fe016f4d607f694042a459ba03a2deda4cccc8cbe4612d8ed0d4575e48bc9f59843369dbe2af6d048e65ff4250e1eef61d7b1b378fe2f3305b133ddc7e37d95ca6de89a971730fc80da943a767ff137707a8d8a24329c":"673afea592b2ce16bd058469f1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"fa076f36cb678e2275561e9553ebdf397360e5a5e44791c4":"1ecd53d94fe287047ff184e8b9b71a26":"5ff25f7bac5f76f533f9edffdfd2b2991d7fc4cd5a0452a1031da6094cd498297fb2a05ae8db71cb3451e4ac33a01172619035a9621d2d54f812ef5343e14b9dedc93838e4cf30e223d215b4d2476ea961a17ac7295069f25b2a12d6e2efe76d91f45632c6d4e61ff19a95d5ae36af960d95050ce98b5791df0b7e322411c884":"513305e86c0cb046c5d3720b25a406392766bd1fb7de2758de370ff2e68281e211922890c61f3659460f22c45a57895b424441262a3ba0606df4e2701f38281fd3436a4d0e0f8efecd231808a9ea063dfb725015a91f27cadfe7909a0ee109eac391ac807afed1767ae0515b9c1b51ae9a48b38fe7fec7fe0ddee562c945e5ae":"079e8db9c3e6eddb0335b1cf64":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"ce9dafa0e7e53a8766fc0bc38fba807d04e14e5ed61bc234":"fd0751af49814ee98b2b0cdf730adaa6":"1cba488a0fc8a012f9a336cc7b01cbcc504178eeb08237dbedbc6c7ac68fdf3a6742751a207e43d43068abf6ef4e12a5e3c17e5a2f9398fc04ced67377cbb858fd6020fad675a880adb249e4aba94b96efa515d1cdf5c0c3071a27a3245968867ea94b2bfc2028a67be34c84c3f475944497aa8ca1ab009f8e4b11c8308c1996":"b585b8bf634757dac015f2f69f2ae674372a664f2115ad2d03bd3e0c335306b02d0947d3cda5991f5c0c25f12ead2c3cc2d65d575fd67091c70bc93ddb4b1e21f7b0fc6e6ae652dea93a6564ff13489f927942e64dd94bf8f821c7ffdef16df58bd8306a957821ac256da6f19c9d96e48eee87f88acb83bae05d693b70b9337b":"e5dc92f4ad4000e9b62fb637":"":"95f4324b0656bef19eca5570548fc6a7a9923f4e2a7e42066891bc132fd73bc1c9089755d996756de0072824e69c43f2db8ba2bf6f90d3c4eafc0721ceaccce1af896f9fb15fb19c4746979b6d945f593fad61d550f81d12b5945ed728c02931d7f8d917285c22a3af748d75a6bf163fddd84b941d8564c1a63192c816ad6d6d":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"8a328554fed68dc4838fbc89fd162c99ec105b36651abbc9":"e4f7c69a1d026eeebfc45e77bd7b3538":"e349dcedb0bfcc771c820f0d510b80cef32ae3326484e25aa183015941e7844bc46f617d5e61fd64fa71759e90fcb72ae220bcd507f0fb389b689dd3fa29b3b937eded85f26ada9e0f3f5109f82fef47c7eba7313049750ad17969e7550c0d4093ed18ee27843d082bcee8bf3fc7833d569b7723998595a5a1d871089fd238da":"75986f56972c045c850ed68aeb229f203b228fdfc36cad6b16d9bd12037c48700d20d8062a983ffeca76b8d36a67ef51bc8853706e83a34e4e23ff4f4a4eb943f19dbe85e454043d7906be6587a85079f9ccd27962d2905117d2dbeaf725d6ffe87bef52b2138da153ef29b18065b3342b3f9d07837d57b8bc5f2597de06c54f":"8e8320912fff628f47e92430":"":"a1ed65cfc7e1aeccd0531bce1dc749c7aa84451ec0f29856f12f22c4105888c7d62e2e2fc8ad7a62748610b16e57490f061ad063c88800037d7244ee59e109d445205280473390336d7b6089f3a78218447b1b2398c4d0b3aac8b57a35891ad60dc1b69ad75e2e86248ceac7bb4cf3caade4a896e5ee8c76893ef990f6f65266":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"6e7f6feb4022312de5c804ed1d7a37580d74499107f8cc8b":"6ce13485ffbc80567b02dd542344d7ef":"c6804a2bd8c34de14fe485c8b7caa2564adaf9fcbb754bd2cc1d88ba9183f13d110c762a3c5d2afc0fbc80aedcb91e45efe43d9320075420ee85ab22505f20e77fa4624b0387346c1bd944e9cd54055b5135c7fc92e85390ecf45a7091136b47e3d68d9076594cfad36c36047538e652178c375a2fe59a246a79784577860189":"4f5bbdf575ab8f778549f749f2265e17dc7225713e73ee6d7be163ff7071557dcc2240b0705c079008605f81396414ac64f06b1b637876e04c3fca8d0fa576cef4dd3dc553fd6808eaf120f837f9bb1d9dbbd5cf67ed497167fc7db89d3a84151b81aeab0e921057f121583df5ed7f976b206ece17a913f23485385f64c462a8":"974bd0c4a8cac1563a0e0ce0":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"46d6e982feff0e7d04a84384c56739b69626dde500e4b7fb":"71a6d1e022a6bdff6460c674fb0cf048":"67a8455c7d3fbfdba3c5ec5f40e0be935fbb9417e805771832ffad06ba38a61b8377997af1f586dc0fa1e3da0b39facd520db1f0ec2bdf1904a3a897f0b507c901fab30a85de51effa9f7d4703ceeb2ca72abe0bd146ba0bd3ffdee11628310db7d65ea1343b018084ea2414995f86fefb45ba91a9dc2236d92078b4305671b5":"a5160fb2d397b55a7eba02df33a042404188f02f4492d46f4edc03fc67723d64f5f7fed3a60728438703c60454a30f473ac918ffc8f98be5c5e9779ee984415e415ce3c71f9acc3f808d215be58535d3144cebe7982b9b527edbe41446161094d6fc74dec2e0a1c644bbc2cf5779a22bd4117a7edb11d13e35e95feeb418d3f0":"84f1efd34ff84e83":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"991dcaa2e8fdad2b4e6e462a3c06c96067ef5e9fb133496a":"978913d2c822ba7cc758041d5ee46759":"5a94dc81af011a8af263318b60215b9752292b194b89f6fc013b0fe8e29133de631d981862f2c131ee34905bd93caffc3b8f91aeb0264b27a509e5c6a41ae781209f8c5895d0d35b3c5e1ae34a1a92a2b979e0e62132051394940ea4d9bfffb8d89ba1e8331b15bdf05c41db83a57745a4a651a757cc8648acdcf850a2f25367":"9cd0c27f0c2011c1ab947400d28516c7f46d22a409a18fd35c1babf693b8030dfd7822d9ba03bb8fd56a00f9c7149c056640dde690889d2f23978eeeb28ccc26e2fc251220a3682c963f5580c654c1a6736cccb1b8ed104ec7390021d244bd9f92abde89e39a4b83eff8211c8a6259bd6ac2af1da7dfb8cf1355238056c60381":"15d456da7645abf2":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"f29cff00781f5916930f125489c87d21f6593324d1506f65":"50db7ee25a9f815c784236f908bfd7f2":"ec1482e18692bcd6894a364c4a6abb9c3b9818bb17e5e1fc9ec0b41702c423f3a60907e94c888fad8e78f51e1f724b39969ba7b11d31b503504b304d5c4b4cbd42634f4ec5080a9fe51c82e121ae191270dd2c307af84c82d892d982413a50ccce33698054f761a3fa93da9a1fca321296b378a50d458ba78e57a70da4676150":"a3e8595747b7147d471ac4fe38014bf4a409931e3f419ff88ae249ba7a7f51bd0ede371bf153bab4b28020b7a82a8ca30b75f1e3bcfee3c13db813cbc85138ef05874dedb14a6e5b6d06d7589a83bd5e052dc64433a8e24c1188b9470ddb2536d13b4b7bff0c5afcfaa9aa0157c3aae3b1774df2df14f965d6dee4332edba67e":"a1e19ef2f0d4b9f1":"":"eea18261a4de31d8619e77005ebbb3998c5dcfac2bc120ae465e29d6b4c46de7e6c044c8b148ffe4eda7629c243df8af4e7ceb512d5751a3ee58defb0690b6f26b51086dedfde38748f6f0bbe6b495f4304373188e5d2dc93461bd51bf720149a7d3aa543623b122b9af0123b2cdc9020136b041a49498ec4aa696c2d3c46d06":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"2087e14092dad6df8996715cb1cfca90094f030328080ffd":"d30504afb6f8b6ac444b4a76115d79d1":"d95845d268c8d8f9135d310c39e30f55f83ef7ffee69e6ba1f80d08e92ed473b5ac12cc8f7a872bfc8b325e6b8e374609c90beaf52d975f71caeef5ee4c13de08dce80d358ee1cd091faea209a24e3392adcfe01aeb2b2e1738bc75d4a9b7cd31df7f878141cf278d150f6faa83fb3a2fd1225542a39c900606c602f15c06a4f":"6d039513061980fb195bdf2f7c7079ca4b7e0fdd50d948cbfab5ba10b99e3aea27f08abd000c428851de82cacb0d64c146cd9567e9d55b89819876d6a635bd68bcaf47ffa41e02d9ee97f5a2363bfe6131ae7a21ea5130ae953a64d57d6cbfd45260c5f1946388d445ce97d23ab7ba31a5069a4896bc940a71de32bde02bc18d":"5412f25c":"":"1e81a4c10a3440d0002ddc1bfa42ebb08e504fcc8f0497915c51b6f5f75fee3f0cd3e9c5a81ff6528e0fecd68a36192114f17fa1a4cfe21918dac46e3ba1383c2678c7a6889a980024ee2a21bcf737f7723b5735e1ebe78996f7c7eace2802ebb8284216867d73b53a370a57d5b587d070a96db34b5b4f5afe7f39830498c112":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"3fc76d627c775de2f789279dc7b67979a9f1cc23c8dcabc9":"8f6fd53eb97e12dcd4d40f2843e25365":"e56995df73e52606a11de9df6c7bfb0ef93b86bf6766e319aea59372060294b0e1b13c6288c2310a4bef725a2dddb174f3e1228649861757903c4497a0eec9c141454fc75f101439a2150e368857c4f0f6e5161c42c77f632bf1c229a52595cbf16e9018de9a8f6a1e6b8b18bd244f93f001eb2eb315405d223c0d27ece9d4d9":"92a60d38fc687b92d44635aafee416a142d11a025680e5aa42e9ba5aa010462991ad3dd7328ca4a693673410f9bba37f05a551b949ab0d43fc61ef3b8996dd3fc1b325e66eec6cc61ea667500f82a83e699756a139d14be6ca9747ed38cd9b1d9da032ece311331bdcd698666ddc970b8be2b746ec55fe60e65d7ae47c6f853c":"613ba486":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-192,128,1024,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_192_GCM:"b10979797fb8f418a126120d45106e1779b4538751a19bf6":"ca362e615024a1fe11286668646cc1de":"237d95d86a5ad46035870f576a1757eded636c7234d5ed0f8039f6f59f1333cc31cb893170d1baa98bd4e79576de920120ead0fdecfb343edbc2fcc556540a91607388a05d43bdb8b55f1327552feed3b620614dfcccb2b342083896cbc81dc9670b761add998913ca813163708a45974e6d7b56dfd0511a72eb879f239d6a6d":"e3dc64e3c02731fe6e6ec0e899183018da347bf8bd476aa7746d7a7729d83a95f64bb732ba987468d0cede154e28169f7bafa36559200795037ee38279e0e4ca40f9cfa85aa0c8035df9649345c8fdffd1c31528b485dfe443c1923180cc8fae5196d16f822be4ad07e3f1234e1d218e7c8fb37a0e4480dc6717c9c09ff5c45f":"28d730ea":"":"dafde27aa8b3076bfa16ab1d89207d339c4997f8a756cc3eb62c0b023976de808ab640ba4467f2b2ea83d238861229c73387594cd43770386512ea595a70888b4c38863472279e06b923e7cf32438199b3e054ac4bc21baa8df39ddaa207ebb17fa4cad6e83ea58c3a92ec74e6e01b0a8979af145dd31d5df29750bb91b42d45":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c186654406b2b92c9639a7189d4ab5ab0b9bb87c43005027f3fa832fd3507b1":"3a0324d63a70400490c92e7604a3ba97":"":"":"4c61cd2e28a13d78a4e87ea7374dd01a":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"747d01d82d7382b4263e7cbf25bd198a8a92faabf8d7367584c7e2fa506e9c5f":"7156358b203a44ef173706fdc81900f8":"":"":"9687fb231c4742a74d6bf78c62b8ac53":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cbe30216136b7eaf223e6a7b46c06625176d9a08182fa806a63d8b143aa768b":"4fe6ace582c4e26ce71ee7f756fb7a88":"":"":"d5bdf8ec2896acafb7022708d74646c7":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f31194c83bb8da979a1eabb3337ceb3d38a663790da74380d8f94142ab8b8797":"404efd26b665c97ea75437892cf676b6":"":"":"e491075851eec28c723159cc1b2c76":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"daeed52ae4bf5cbe1ad58ae4ccb3da81fb9c0b6f7619ca21979313ad9d3e83c1":"4037eadb11249884b6b38b5525ba2df4":"":"":"360c6ef41cbd9cd4a4e649712d2930":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ad81c34389406a965c60edb3214663ac4a6bd5cfd154ae8d9dc86dae93def64":"cebbce06a88852d3bb2978dbe2b5995a":"":"":"bd7ca9f6bd1099cde87c0f0d7cc887":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c152ba30aefa5b2a08b0b4d9bf3f16fc208bb0bc4c4eca9411dc262d9276bad":"008d040fbd7342464209f330cf56722c":"":"":"c87107585751e666bedae2b1b7e8":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9aed4ae6b1d857fdcbe5aec6db38440613dcc49f24aa31fba1f300b2585723f1":"947c5f0432723f2d7b560eca90842df1":"":"":"7d331fedcea0fd1e9e6a84385467":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cc80bc031676eff5f34dd076388a5130e985f9e06df4b4bf8490ff9ff20aae73":"51f639467083377795111d44f7d16592":"":"":"02d31f29e15f60ae3bee1ad7ea65":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"db7a40213b5b4b07e9900dc28f599403b0579cbce13fcd44dff090062f952686":"aea6f8690f865bca9f77a5ff843d2365":"":"":"7f2280776d6cd6802b3c85083c":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"299b874eaa8b7baf769f81f4988a41e2708ae928e69a5ba7b893e8e6b2db5c3b":"2aa04d85d2c0dc6f5294cb71c0d89ac1":"":"":"ea01723a22838ed65ceb80b1cf":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6c7b4c8175db4cf23d0593ed8ea949043880fc02e2725f0ab90ae638f9dcfce":"ae07f8c7ac82c4f4c086e04a20db12bc":"":"":"1132e4fff06db51ff135ed9ced":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b98e1bf76828b65a81005449971fdc8b11be546d31de6616cd73c5813050c326":"929b006eb30d69b49a7f52392d7d3f11":"":"":"33940d330f7c019a57b74f2d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"09ccef64ae761a70fe16772cba462b058a69477c91595de26a5f1bd637c3816f":"e34b19381f05693f7606ce043626664d":"":"":"2adc2c45947bfa7faa5c464a":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"654cf46598e5ad3e243472a459bcd80f1e026a65429352dbd56e73fcc5895d1c":"a56f27709e670b85e5917d5c1d5b0cc2":"":"":"177b9a5e6d9731419dd33c5c":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84bca1b2768b9202bf194f2d5e5a0a5f51fd8bb725f2bab8a3fccbdb64a4ea70":"c45b2708c5bdf65ec6cc66b6dfb3623b":"":"":"fe82300adffd8c17":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c8ae011795c9a60ad7660a31fe354fa6f7e9c2724d7a126436291680cd95c007":"1bd9ea6186450f9cd253ccfed2812b1c":"":"":"35214bbc510430e3":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df2f0a8a3849f497d12bda44e12ce30a6957f3febcd5ec9bc134171326ca66d3":"728cb9608b67a489a382aa677b1f4f5b":"":"":"e2ef5d9cc5791c01":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"78e8a8ad1ecd17446cf9cd9c56facfd4e10faf5762da0fd0da177f6a9b9c3a71":"f169ce6f3ccc58f6434ae2b8ad1a63a1":"":"":"0fe57572":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"02ca6d8a862e25db9d68e4404abc107e700135df4157cfb135ce98eaa33151c9":"7b722fdd43cff20832812f9baf2d6791":"":"":"72dea6cc":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9a2b709dbcc3a4fb15b3ad541fb008c381b7e985b57df52f07ca7cd26ab1ecc4":"729baa4c0ef75ed8aae746376b39fe3c":"":"":"2a0d607c":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"449d39f863e4909984b37f2e5c09ea4d4b3e9fac67bd57c299e4e1d1f084aaa3":"d8e9118f331bb5a359f0aa8882861b72":"4ddcae0bc24d622e12bdeaac73e8d1ab7957af051d27dfaafce53aeed4cdd3f989ea25989a2f41cfb3c38dbd841c5560b0b5ab1861b1fbcd236865d13da55b50219462e021f8a21848a64a85326031fcec8fe47a6ef4a435dd2b2fff637644ffcf3914ef2dfa5dd556421bfd297be150b31db039f0f2cc422b282e659e70cceb":"":"c595b9d99414891228c9fa5edb5fcce3":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3e70e66813fc48f984dcda4d1c9c24f1d5d1b71ecfc8bb9581782e7cca5a5cc6":"d804f1051e72c9b7117002b862eb45ff":"0b1ab2b7a87cebac668c7a532fa8fa56a22cabf0c41fc1e6744ffe07c857c6865d623f508351f98f3f0c577d1eb94300a30a445472218c8ac626b0bee7d4c122d33f8130436a89add341e8ef7e00694afb4ad80d314d87ad3f921c7105eed05431b8151df7cff2c8e3790efd4acd3f60332dc7f34fdd90beef70f9093361d65b":"":"c09c2e3fdfefa222f7345ae4efb978fc":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8e534041090b45b80f287dc5fa20ebda017ad81b0530e680f62c6280fd8881af":"ead675b019ef5c6bbf4985f2a382d6c1":"b1db220052c4bebcef27eed6db0dc91be481179d71160c5a2ddb2fe497a05484840b04cce48980057d770fbbd0d5f3d5c633b55470617ad2cab5767188283310337825c4b0eafe13b5b11293dec230dad43b220885105767938c7ec4600fe063f98aa14bc6afb886fc874c10546749da295f571e696305bd9165486e29f43f52":"":"9aa0cdad5686ca515cd58aed94938ef4":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2de18874470c09db683cf45cd752bdfa8bf33e7967220b1a69f41f2a02da1d80":"af30eb2d0a0c2a50ea413f3285aa88d4":"22889b868d8ccc9f488406813caed199b23091ddd796c8632f564e7cf5a39dfb725266a931fec958659b6fc5b6b9343b8217edb0acb010afc9416601155262b57bd398d62f555953f0e15958e19ae004fbc9cb25e0269a9eaa38a4635a27bfa719fb249fa49337796bcf5f416bba87fbf3b19f0d8c11290c25ca50bbdc822f01":"":"646bbc9b14681af65b0d1c4c9f1d0d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1a1bb9122e762ecd7ff861a1d65e52607d98e7ae5bd1c3a944e443710f3b0599":"32f99ea4cbf52c2701c2252e5e6c863d":"91b7a70c3a06c1f7f2ea584acb5dd76177ba07323c94f2e8f7cbe93fc0bb7c389c3c88e16aa53174f0fc373bc778a6ccf91bf61b6e92c2969d3441eb17a0a835d30dcf882472a6d3cb036533b04d79f05ebfaadf221ae1c14af3f02fa41867acfdfa35f81e8a9d11d42b9a63288c759063c0c3040c3e6ee69cf7c75f9c33fea1":"":"a8e29e08623a3efdbbe8b111de30a4":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3bfad1e8f9850577f9ba3f290e9a5e91b494c2d99534220362e171a7543177ac":"8410886b70c57d7ded8596443bd1b157":"ca801c83596795515ea931edba00e06e332bf84246b7036e10b317e2d09a51b2981fcb664ee3bf4180bb0b12ed1cda221abc6790b27c26914f5ef9cea9536e2453cd5b247cb054e295c2687b725a97cbc484b8eb86c6ceee03bd07a54a9301a3ac0ddb23aecb825a238252e7575329058b40e75575a7f16439edf5be163ce5f5":"":"e3645db0c600dba52044efcecfc331":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"65debdf2f2191a6cd8de8ad4d5d4d0d8f731f67744e2545df6b2a7cba89c1ee0":"fdab2ee547dd8b6f5a4ea2dd19697b3e":"d2b0a0438ee0f145aec9a7ca452b788ecb473152b78fb75f6ace721afc7b0ae1942049b790f3a5b6221a8760295659756d35347cc04029be03459f3e23a71209b4e0bbe13a253a888c83db23376d3a6d9a539f7c9fa4a12dc64297e7c93dfa0ab53ef76b6e1d95bf6f3d5e6ee8f08662fc03ec9d40eff0a43f23ac313671bfd9":"":"c25fc157c3f2474885e2eea48aea":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"496ae810380460d40cd2fdae8c0739f16b87205cc7f57db0a71a473eb361d570":"77233de96f5e1744337778212b411bd5":"85f5b54b4c4af5c808120bd28d98e44e96f4126623e57684957e9fc4fd1a2d0583940b8fc8314a249325476e8d05247831b04709580ae714e8187cd38f9559419e14c9fc4f8c454ec191b8ef2a3610988fe3339d0dc6b72f5978f9eff9d596dfabf27056e3a908c6497267461386e860f6b9d65526294bcb92908b5661b06b5a":"":"4ed91af6340e70b0c2b94ab6f82e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aca188183b46139cc7cffc82a6aaaeb2fd73cecad14e75c663bd62daf1ec711d":"7bbf7fb55eb70cce94cc6a2b67de55ba":"015cfba90f069545fed60f31992ff3d3c3592eb91e7a53df5978ded64291954cb99a57de82d5398ce782b68d14ac04a8b425395bd076ead59eb445721bdb2f45e19fa089117800cbbac7b8313fb165ccb1122acb654e1242dc7fe6885ea1cbb7281b1270cfa1549cdfe9b47caf47b4ac3807e562e48c066566f5e606b5023b47":"":"3bcb5c2a4261d75bfa106fb25ee1":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8cd6815f6ec15f03b7a53f159e877a5981e0ab7f6e6c261ddde4b47cbb2f2366":"c431c07d9adf5f61204a017259cddd75":"4e1a835402bde4f5227e64b46a1f8d0f23a9434e189377fcdf1b9621ba1987eb86a7f3b97ed0babfd674e74c5604a03dd016d71000a72bbbd00a7f7fe56ad0fcb36a3e24dd0fdb63bd66d4db415f35012416ed599796ca3f678df7eb5a1b17f75abb348ddd3b366369a7b362c9488aedab836b61f9a158f0b129c8ca0a53a81e":"":"0e463806ff34e206f703dd96b3":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8f0a72abcda104aa7fae501f9a3b686d00d3f6fe984731db8a2865bfec587073":"ab8acd063775d1b1314f14e90fddd1be":"02c6d426e7f20b725d8cde0a6382e49b029b52126889013ef45251f27b2fadb95ca4a9a3b16ad06999eeca4a473e813045db4942e9b9ff2e5a5e429d9bac298372344d1b781d5facabf6d779643f31ada6124eb50aad599044b54279ec9b25714ac8a3b9ad2487cec7f4b1ee245d7be3d496d6af1d4cbee1c8201312541f3064":"":"3f0ccc134091e0c0425887b1b9":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"417135cad74280e6f8597dc791431c95cb8fa63bbf7197e3ab37c4b1d6d9438a":"0fe22d9ba1d0e32656e3a9f07a517a27":"a0b2712e81d329d5b076a4be2ad6823cee6dbd17d9a592d065bdebb92b1ff37a56bf2f5e5341f39c574246ccda19e5f35fede49c9ba958f3920cc5440fb404fab7846884ca0c2a3af5b51f4fe97a1395571319cc5b40f8aac986d77de280db82343983982638326ef003e0c013af19c34672975dc99ccc0853a1acf7c617d965":"":"888b836c9111073924a9b43069":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"304824914e32ea0efd61be6972586093349bd2cc2cf0cff44be943682b2dbff5":"b6d927a71929029f6766be42746f7cb1":"7281c81c7514f4b17cb125c4649006ef8959a400a1e4d609d277e363e433725fa32346a10bcbd826b6afc8222158920d0a2db1e6fc915e81231c34c3941ecf3c6f94ffe2136190cae3dc39a4277acbc247f36291b5614a8433b1a0780434a6c50521b72ec25145bbd3b192647155d5dd9df9e66762d39592602ea99bf9bfff49":"":"b6044c4d7f59491f68b2c61e":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"8a10e9abe9389738e12a4bb6f553ae81e8bd320e0dfbc05fbae2128c1fde7a23":"6da44354e198e3beb54792718becbcc1":"199d754630135b669bf2ec581d3027a569412ab39a78dd9d482e87b778ec65c6473656260c27827e00e566f1e3728fd7bc1853a39d00e43752c6f62c6f9b542a302eea4fd314473674f6926a878ec1e4b475d889126ce6317115aea7660b86ab7f7595695787f6954903f72361c917523615a86d6ce724bd4a20c9257984c0c6":"":"5c5683e587baf2bd32de3df5":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d164ffde5dd684becaf73e9667e3e6acb316682c41aea247899e104a54dd7a7f":"1d388e19e9d7a9750e2fc1187d4b075a":"f166a5b6f91261cda56f1a537f42ffb8aed10af5e0248f8910034b92dbc58d25953f1497f571d31fbf5ec30d92234b440161703851f0e43530418147ce6270fbcb5db33ab819ba8973051908704b6bea8aaca0718947e6aa82498a6e26a813981783ed9bf9d02eb1ea60927530c4700ff21f00179002b27903dd4103bbc5c645":"":"52e10495105799ead991547b":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2854188c28b15af4b8e528ab25c0950fc1384976f242716c91bddeec06f2fdea":"075af9c31f5252b8920092cbd999e7a0":"e9452f71093843a025bb5f655eb6a4e8316ab5946484b11818f22b62f4df75d5891fa3397537093a261dc9a7648b7477ea1f5fc761716e302763364bcab7992595edd0fc1c7f7ac719c879e6616e2007948eb8530065a6cccf73d0fe4a0598819b471b0856e6d90ea0fc0e5d36a30ee925b6b8e5dbf40e77f01efe782c0bb4f7":"":"6ff8fd87e5a31eb6":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2bfc445ac0365ae6c3c3815fd18bbd0c60ea224f6620d9b6ac442a500221f104":"43c5f3367a9955aaee1a0c4d4a330059":"db0bae8ce7c66a8ba2fedec22f236212e9a7ad72b371de285c7dc6d2f6c22df0ce4920e0f03f91eb1653c4490050b9f18a2a047115796f0adc41707d1ffcbf148aed5c82013f557e6c28f49434fc4eb20112f43566f212c48cec9894ac40772fcd9b611ee9444df7b73e35b8a38428ccb064c9c50491d2535e0b539f424db83e":"":"49aaa806cb2eeadd":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b828f99aaf751bf22d993ed682e488595617a607ed74aaacbb6b60457453080":"d48dac1d8d77e245420feb2598812418":"f50f785f4e7c848a55a616ecf4b6b1e1ca85e16de7100c7e4273d411bd95c1380ee157ba501ba9616980195f34e39f43e335f33253342feb8ed64443483c721b85241a0320b3cac83104de2db47188c61a373fba592ea16feeefdee1f2bb43927396f58151418672ebb74afff5c029503a0d0be81430e81ed443e08b74c03183":"":"a5b71ecf845b25d0":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b6da11d69fca3e4c907628d3eb63d95c7e502fc901372fd097e064e70831432":"6fe2148f250ea178d4c8ca8423ead87d":"a8097bb74ded776f578eb7588f5ef8915db9bfa7262af700c8e76ee114e07557b6786dd5a60a66b2703e7c9de5d6b42aca92568aec5d1ecc298dbd0edb150b8cc13c9a78698f7674caa94da6cacd1f3ef4ca4238c59830ea725ab3a6284e28966c8c32d9bccfb0cfd6583a5ca309debe86549a6f317d15c5f928cbc7f473310c":"":"e9cdbc52":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c5ae9328be49e761064080fc213e53e373fd86359a09d0355e2d438d9b8e68f1":"a7e3f8660ff925d5c88c5aceffbd7026":"2ddddba7a56cc808aec4602f09ae9bd78887827bf0315d8dbe16821606ef9d117746dd138bf1f23565d1ab8f4cee36d53fe3730632c5df9f12109b16edbeae285bb49dfdd155f5dc97b319a85362d53cc86817b7c1c31e5e87c9f37422f133d00dd0776bd92ab05ce6860573cd911645cfe3fbe515e85f744899a447fe443653":"":"e35dbac8":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e4f8ca13ba86c658cc7f42d4f029422209efbd101bc10a1df81a42cfb3a0f79f":"1a362fa0e4054ba11e4b06d59c8bc9cf":"e7ad5c75aa13659f8ce4b1650c46382645ec67418199b84ea445b8ceef619ef3fbde59ed3d313c459e36fcf87d26ef2b453409b32f1086934c3072c1ef0aac83762d28b1193b9afff2c083ce4300b768b0ae23ff9d3dcf65bc1693f1350da65180620aab205aceacfc683c8be53a332e2d0337a7518d2a5204f9c8d7325a4799":"":"e7a37f15":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"00050a21ca1e72cd0924be31b943c60854be6744577de3dd9d1f4fada4a19ea6":"2fc1afc1395d8409919248709f468496":"":"693ffd3d92294857a99c702a0799eeca28ab066dd90917b9ea5ef8f6547f1d90b106cbec8ef2c22af9f8efa6c652f2f97c2baf33af14fe9def230d49524bd65909c3df1490f637f99e788dcc042b40e00bd524c91e2427ef991bf77e7b2f770cda6e90076c5dac4cac7ee3958b53ff8ce846c3a96281f53c2c52f5f3e523536f":"e39b6a7fd5ac67a2a1cc24d5eb9d9c74":"":"cfcd6b9ff7641829cbadeaa2e56f1f150a099eccf3e378fa4da59794dcc4490aa4f9c5db0ab245bec36a7d4557a572008e42f03bc1baff3c946f23f54a4dc9828f106cf4264e4ab40165839d1085e7795b1ae0950f0ee4a08e46ada501b6b51dee0e518129c9426e5bd44c66674a9f99cfe676f002cfd344c5bbd22d3d91e600":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f10965a66255f0c3515af497ccbb257a09f22ec2d57c5edae322a3e6d2d188ef":"c571ce0e911de5d883dc4a0787483235":"":"91598690edf2de8b27f9bc7461a84e80811cee544f0542923898328cf157590251f0342cb81d359b5dccc5391a12320d1444c26f24178977dd6705c2b365dc1ece0152c42e2f0ee3162cf886ef5529f4f16a77f3bdd2aeccd405b59addf098521d0d38cc25f1991e11be7ecf24caedb48a2a286d2e560a38fa9001c5a228c4d1":"6d9d3a5dbc8dce385f092fff14bfffda":"":"2867996e389e09ec0da94d42e77b1e436b50065b09ca4adf1cd03240444ee699dbb7b3fc081a1869ca607d77d5ff9754fc3c997ff0a4ee17543a2ba77886b88a7128bcc51d3450df58ff3a26671b02c1d213df6adb6f7e853080eb46b504517cbaea162710a9bbc2da8b552eb6b0e0cb98e44fcab0a157312be67974678d143e":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4437ee7d16d8c3ca1aa01e20b66749efa901614d4bb4bee786ad5a5f1bfde2e6":"275393276745bc43bae4af1e5d43a31e":"":"ff80727a3485cdbc7fab4ee9fadfdc621c538e2055706629046078f1aa3fb687fc728d3a7ffa52ae457b7b5649613eab7bafa464bb435314c49e5900750f7ad39ca9b75df6b2eaa755439e101f67b7ae4cd80dc4a9dea0027048253f2d0a6014056ca69b8c85605b00cf75fa7634a0ddf464270a8c79ce1a1324c4a4c513b24b":"a82ff1e87d26e4d6e417b60fb2d3ce23":"":"88f994d276ed20be3932d16f551c4b7e2ed80411f2e72ce098fa0b70c22157a59edab30649fec447dd63f0c87dceca7238ef0d9561b58489ba7bd86f2892743099f40af63c432f78ac0ad0b5c2be47b9e3045e7237b096ee400f430af63a6f309de785caf190f3f4aabbe79f727a741590de542bd343df68d13db55a5f8bab41":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe4ec037ce563dadee435cfcb2bf090f1f7ccc7d1b5b4fab2f1b738348f8ed2f":"47f5264f7a5b65b671892a05fa556f63":"":"64eb8a4bda9804c09b04cfcd89094928c21480908b81ee19d6c29c2a3631b1a5bdc8e7f8ea56f7b8b8e14a5208296026785cac3a6afa54be8af4d5faedcd12b6621bde0f8ec5a2635fe72a89468ca7704c73aa40cd2ba97aef08886b27a694d339b00e7d12a31308672f87c06a7388a1432f869eb4cc1da864140b1b33931925":"660462b4088f6628a630f2e4170b21":"":"4a310e035361f98b8c54fb4cef70b1a9c910552ece056ca8fdab54c52308ec0ad7fe9dd1dae92badab5010577de522088768fa6466fbccce22e14c51ca7986c4063d0f06bf578dab16a91856713198a7138395c49c78b6314b57ab72fd079028c8dc351952d90b04a7cd2b245df0c0522447cdb7d3329fd9425fe5cb40a8e7c9":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6e1ada628ca76eb9832cc6b5efc5c9d2686bb587366a6de2d734233fa95279e":"5a100b451e3a63a3e6d4b8a9e59c6bce":"":"a0ac738e0fb35246b84a6fbe319f827039515df25d0c0fc6de7c048253ae63d3c561e44a12672ffeae1cb925610b482aa422bbee0e1784fc69baac3a97d69f51e6d2a17957b44b318624ea7ec680a559f4d3f2761d09bee66efb3a312ae6b3ecb673e756b2a0f654671e82500e7ace91f2be2a74bc3bc1ec1a4b6877a53c27c8":"88df9a1ea54e5bd2ef24da6880b79d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd5c1e90d78213155c51767c52c290b3d657db8414ee0a7604a2ec7b48105667":"4e022d8d86efbd347e8cbab7e979771f":"":"8e987693da0fb77b6d1282eebd3a03e05d9955ff81929b1a2c721574862a067ddee392c7ece52ca1451f3e6e321d7208882d97b4149af6d78d65c054e1bfcdfa62bd2202de32dea8363f8d7f041891ce281840f3cd906ab46ca748e5b3b11890b4014bf0271c9427c874097782d1c13dbb40e78fc8276fc134f3c29923a43a01":"e7df79af0aef011299c3b882e3a45b":"":"3b20473d9b5018d089e7f74d3fef22ec2805948a9e07689831973c704a6d8db4d090af88d696ab8c3aae9740a2bbd7f03e0b18b2b591e59c335c1043a2578a89b1a9f20fd0dd53f12e00e9bfdb27de8caac772bbfc4de9e4a255a5d1b04e59625a87b8279babe613def58d890d5502abf2f709aab625dcc20c58772832c7bbab":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6e3dfc07003bb6a2d82bd5263b2832f47db4e73279266c7a9ea21f4f18eddf83":"7c0f49fb54f5e68c84e81add009284e6":"":"a960da222af9d4da5797e6957d59b00f6d3893599c70e95c0984b56eb3329b191703c2532f3288b15ebf655b9b5ee4617484e5ac9c39bb06731d03ebe4fef9495d003b0ed694cf540b4dc759d32629e55512680badd81234bd71ffd55fcb5e6a85031c1dc31ee1ed198939582d8336c905717cc87101dcfcf9d833fac815c8ea":"b2ec0f3da02a9eb3132fb4ebe3b8":"":"a40b6f70f0572fe0bc70d83368e7c154f7dbd501f52501630a2e523d18e216e07368521f6040d806299397722b99bcf7f85d36b8bed934b49aa1fa76d38783e6a2e392d6d0786d467f7bc894a739ecf94f0fe884a9c391154f8326bf31ea5242a18aa263d04da4b63b11de23b42d3e10a2d5460cb32700cdf50a0d89165ba22a":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4103b1ddff87a508a219c808a04ad4750668688f4c2ee75b92d28d70b98a2c94":"5cea906737518c2cb901016e30206276":"":"a00a196193ff07006b7df524824bd0971d63f447a3a7bb1b75c1e2d11789482c115cff677b54948d36dc4de34200bce97be0101d88cee39b177857dd5da3cb0d2f9d6e1150f72a3bd655e0bace1d25a657ba9a7f8dff082b4460432075afb20173da22b49beeb6a030d72ba07869ff4389fc1c28d87018d7c1a9829c21932197":"3a3a771dd5f31c977e154ef5c73a":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cd8c2f0c330d5db316dae7a16b57d681ca058864f7bd60f3d0de174442283f77":"387ee8c1e7f047e94d06d0322eec02fc":"":"e2a5ad295d35031535bf13c2993bd0b292e8a9465b9dab738e59ba03670248a1ecc92b38a55bae34729162271cc1572c35fcccb27417b48dfcbff852a7a8845cc829a4461061b558ac8b5930a5c6491ffba04a9d0dff220b3cd5e4fc2e0f3db3b2ddd90328f2cad819573a7856299620b02f5ee0267f3b56981afbf1b7d9e3e1":"62356850d12b54e39872357cfa03":"":"17b7f6bdfc1993c56dd9bd674cc276a55a46fdd9fd5fe435b9e4b7ebc7052a9dc76a99e4e43aba7d486603189c90d10a21ad3722c86bf5bc856a0f930ff5bca65be708b76bb8a29105da67f31eebcec81f28aaf526d2f8f0feac393a24959dcd612e2b93b4463f61957d2b3046bcdf855e346601e4c7760c0ca618ee7bf55381":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7e19e400872eed721d560202cd757d3eb99729496b6e3a6d38dd8afe1066045a":"d2b277f78e98f1fa16f977ce72ee22a7":"":"3fb9abc7aba654dfb174e8899c17db222ffbb387b7260fc6f015b54f1cd74284c516e21aae3b72338e5e8dc643cfafca0678f5bda3a7539f1612dddb04366031b5a3eda55f3232c1b176cc9be7cc07e0ebca674a272224929c401a2530efc6d4eed0087b544b12d172a01bc8340d9c2a2ebcb5af8b07d96073a879fda140c196":"4c81c044101f458fdfac9ca3b9":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0653934a16fd36c27d54488a1829302b931bed6e26ca26047242b85b50bfb61":"94886a1845aebba5ed6b86f580be47f9":"":"c02347e1add9178d830d8baaad9aeee37e958bedf2cc846e2561fe8c83481d0a8a85911e7f1f6e444b28f30bd96c13c390e80f616feb6844ee6fa486543a2e3f38c138f45b4405e3fb331b64648219aaf1d574be948ccfca6afc18d12488db19c35b05601e47c0af5d49a93a5dd4420f38585c1eb033e173376fa390d3f948df":"4be34ff42085ef4443c8b6042d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d0f0ccb88c7cec9496f26a59ddc67dc59ebe49ae3dd89ef3be008598727e214c":"e5ca84b907ac761a5e68a9080da0a88a":"":"7845e155f4f28021291e7c814a1ace8f42b239990831aa82758fc1e376cace0b6f668f7f2f224dede1ef5b1df7ae74b2c01483701044acbbb72a9216eec6b7ef0190f114b3c73c6985c4653f11601c774d10b7f9df1f1e1f3ff4fafa20d6525edb37d9e5acfafe6d3468ee068d407fdb56dc718c98425926831253978d727854":"c8f78e4139dd3eaf2baef8aafb":"":"0cc3ede50b0d3fb9ada11300a3239a383c98f968ad65266d57a195bb18d3e568fe6cabba258da4bee9e923c7c838e06dc887a6c49cc1453ea6a227c6a83e651a8742e0316cad5efc93739393e3603446b5c920a206db1434adbb8ebde4d1a7a8699c7f6c61b2d57c9709b564338423b4f526d6c157647a6c45da9dd521061f05":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e35dcea17cbf391491ae5ba6056d0dd13b348183474dd4b614742751bdebfc32":"fa549b33b5a43d85f012929a4816297a":"":"5213542beb044910d7fdeec8bb89de93f350760e493286eaef1140485380d429f74a4279c1842a5c64f3ca3381cb5dbb0621de48821bded650cb59703e0ca88f4e9c3d15875f9dc87d85ba7e4bae9986ef8c203fce6f0ce52c28e3a93befb4cc4ba3d963d2283cd30f9bf6ab99d92f2f4f3aff0b022f1751b89d43ea10bbb28a":"afa61e843cee615c97de42a7":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"844c50ddc0ac1d9364b21003287d6ae6360d12bbb17a85351362420ee4ca588e":"2f8512bb7e214db774a217a4615139e1":"":"3a3bf4ccaf05f7c02f5e158dd2c5cb08c6aed4b1ba404a6d8ef9a0737fe2f350b3e22188fc330ea63e35df82f996e3cf94d331c4246cdb25bb2c409762e05ddc21f337edee51b64f1766ad18f520b3f34735b24278d9d647c533a743e0c1e9c81e9dee975cdc47e8582113fd250ef59353605b64acb7c025a97854c1a5c03237":"f1da1cebe00d80eb4e025feb":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2aae1aa047a20ed2d6d8336d923864cee9404f924031ae327fbfe2d293e1d93c":"3da9af3567d70553ca3a9636f0b26470":"":"8e5b6b9e4e7d01de9a919dd33c0c1eb94dcfebf28847c754c62c1c00642d9e96f15b5d28ad103ff6969be750aadfd02fc146935562c83ec459a932a2fd5fda32eb851e6cff33335abd5c2434ae4f5524d6bc74a38094ced360f4606a1a17096ff06604952c8ca94a9a6dc4a251e13b0e0c54bd8a6dff5f397a1eb1cf186fa518":"e1026b3d15d261b2fb47632e":"":"58c52ea9f3b162511160eed1a68b6f52b3c4f5834af728de97a3d9e4ba337b29aad12636003cf5be9ffbeae0f383f7cf32f645a8f6fc5cdc1cde91c625c69a92bc434ed671e52a0044a48f3fce55cae49a7d065c2a72603a7efe58b5a7b18ac500d1a51420e820357e7a439b1c02198ebe3d4e62d5573a3aa5f40900a21e3b41":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f3d69208cb0d27474e9a231cd46eac7c1574fff950c48bbd1ba03fad16f563df":"b957f05921d21f2192f587768dc12b4f":"":"0d1f06eef5e8f2c81d1a73bb1dca93c22cfb6e40e9948bc75b0d84830fb9216330424f580b89050c3fb3f620eca8f9fd09fb86d2e8b3a0869c6022d8a705fc280d66fd16d3aba7395d6be4bed44145d51d42d56285f3675726d62d94c081364a6d440511de83a613c598b03078e2ec7648c6302defbbea66aafd33e1a4b1686c":"322374fbb192abbc":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cb2cdeb17fa6bcb006c7fc60858a12a411804464458db351957e8caf42f1ee6c":"31bd7c971a6d330b566567ab19590545":"":"296504131354b2c1928982f12d408ba2377f2d4bbe87e4c69f92a15bf6003910a43bda6c8929df66b3ab1d202a5258cad199f32f36cc30d2dc06199c2a52f7ccadad1fce50123c5f8434dec57cc60cc780263d7aace8f59cc8a6c54bddbaded3adb12ae2ee0bacf6a8da635ff85b51a4e8a1b3dc404863b90059de4ad0f158dd":"efc5a1acf433aaa3":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f94170790fadab3240df568197f9d6f6855afaed8d07eceeaa2380121872529f":"2f9c0647a4af7f61ced45f28d45c43f1":"":"ed231b78db082f652bc6310c396993b52de804a82464fa3fac602a1286535f59c67fc2b1b420c7321eb42b971edde24cd4cb9e75c843f2ac6fb8ecdad612d2e5049cf39327aa7a8d43ec821161c385f3fdc92284a764a5d1cbae886f07f93017f83a105bb7c3cc4fc51e2781516a2471b65c940ddae6b550ad37b35f53d7cc64":"ab74877a0b223e1c":"":"1cb5ed0c10cee98ff8ecfa5a1b6592391bbd9f9b1dc1ff351e0af23920d546b5e27d62b94daabd32f7f96a2632dc9fd7c19bf55f3b9b7cd492e76f4d6b0f5b437c155c14a75e65bfc4120bef186da05e06a2fd3696f210292ee422ddbce6e63d99ee766b68363139438733c5e567177f72e52ef2df6a7dd33fc0376d12ec3005":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"797c0091ff8787fe7cd0427c02922620e7f6fb71c52ddcc03a9f25c89ba33490":"69d81c73008a6827a692fa636fbab8bb":"":"2d3efc8900315c3691a8e3c9de3319d4deaf538fcf41aa0e295b861d0ac85baf56d149a6437747dd6976f44016e012b88de542fb8e5b9e4ad10c19deec4b7c0b69bc1b2e33d44a981ded66127dea354b072010b8dc24b85ed2ffeea3b9c0e931619dbbf22677691f0d54fc03eaa162e0ab0d760ad41021f67057c0d6ac19ca8f":"be2dda5c":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90ce1afb5500489b9edbad987f4009509c847b3e55cdf0c764ef2fb085e3d033":"e119e166471ecf44bc3a070639619931":"":"98482b54edce2bac1cd64d44917dcf117ebfbfe26ad17a9b263447028304f1cf5a69559c05b5d833420f4fddb6e308277d01eb4b3235f1c4b47d33d3899325b55e7be19d43187a5b1b1354ce02a529b3df1c13b4883902ae9fc565079dee825e705f3e580371e4fd86c3b0d31bae98adb529901f346ca07127314152b4370edd":"b2f54b3a":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29264a90f114a800c0fc3247b3bda00981a12a8f85cf3a19ea4c7ffdd005f4bb":"cf296aa43cb7b328e09c8975e067404e":"":"587c8e53ab5ae8c31e16160b4a41d88798e27f4ad61c573c023c62d4dbb3952eef5026ad7b453fa9e0694347ab8fe50a6cf20da566202b81e325cee9c07ab2d4d53ed45b3ec2d2135936515f8a24f2a8116807dce9df3c44edf64c32647145152ff241d9e018e4101e400af070192dc3b498b5a213d265b4cfc8c8d4d7deccb5":"56015c1e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84ff9a8772815b929d55f6052c0354cf3e02bcc8336fcfe5794952b4c45d5d96":"5c044a66e488b853baf479f7dee2aadb":"00304e3d40cbc6d2bee0778462884f4ec047a8c74bb3dd7e100f2b9d0e529fd24730063986117b56ca876b208a3691425ac63afc3d504ccb499c76622eade09717023fcb7d956b01ce24a3e53cb5da472be3fcf5b278b5d9e377de22fab75bc74afa9670f5fe9691aa0ed77e43f6abc67a61ec409ec39fd66ac0307bf195f36f":"a87de56d49725a1625baf12fd15931fe1a6783dce5d1e744eba108f45e0c105d8141dc027d0e33ad7efb6752b43729715e2f3e2c42ebdab4d5f72f886bd821c4372244699ddded99a63dbe7763a5a3bc21cbfc253cdc2514eba2a4f54e24dca7c207cb3f6ae80153d77fe0641f357d5a073dcd425c38deb77c45f27427345516":"72ddd9966ede9b684bc981cbb2113313":"":"aadb8537309940422f67ca393aa6182d67fe7c52092538a15e98a4254f0a9087c7f10903d5e78078c2e55de914dec8b6b35cb720e3e55963c0ac9901e44b83a0e7c5b2d3f002aec0a4a08354febe47b2abb955f2a21107626ef0b8e1e099650812a6fecf36908fce2d078c2735cf7c2b970a309e5c6d6ff29c26a05720c57105":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5ca3991d0160b1729ae1a622dcf4b03b1f4ba86150bd66bf35cbbee9258af10":"f8402184d1cc36df07b68ecb1ab42047":"d378cfd29758bcbd21e26a324239c42c992941b3ad68d9f2b3d2def3a051fd172ee882562970ef59798ff8d9eb5f724ff17626156f4cf5d93e41ffef6e525919af6194ea9bbb58c67563d3ffd90e5a6e2a3a33bd1fa3d55eff5dba7cd439d571f7e08014c4780e3d10904ef22b660897e78258da20b2600e88d71c35ecb6329a":"62aad5854a238f096bdde0711ac6f5763e7fea29db068ea8c911f17ba91e6d7807883e6fc5ba7db17af33da2b00973008a3425e65cc786ce1b97360019ee2cef74563d54752be436b905705b507c3d62689df4edf0356d26b693eb43d8a2a927a9f3866b7e0e19e84a90447bd6f47e31070fa7c2a71e3f78229ee19fa47e848f":"9e8b59b4971130557aa84ec3ac7e4133":"":"556dd32edc0af3c64186fe8c000ddad1516cd14721c93c228e379d4f87e32c79e734539cec930322048f34a2b34931c585d44f09966caf187ec4b9244c991a8a5f263e9da1d08d6086e52535afdb36c7662307521cbceb9ecb470a76970243723fbc1613b6ebbcae261ac2f1936e66ce29ec7350b2e6b2f73a910ade645154f7":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"df867d1dd8a287821a54479cab6f88636d2aca30e1bf01a5dffc735e17590356":"35019826c51dd1ef07ff915d9ac4ea96":"0375ed93f287eefe414ab2968844bd10148860c528dbf571a77aa74f98cc669a7fc317adc9f7cf2d80dda29b19db635b30a044399f3665b6176ed669146d28f5ada03b3d32d53fe46575a8afcd37f20386d9e36f7e090b4fefadfab7f008e02f1b5022c0eeb81d03443a276eae48c038ed173631687d2450b913b02c97243edb":"6517272cac85d7f38902bcb4b96a0c59c4bdc46bfefa6ebacd7f2fb1629b87ca91de2ffefc42ce3cfd34dcbf01b3f7cadcea3f99e6addf35d36c51f2ceb1f85c1f56a04ec9c9fff60cd7fc238674992183ea3de72ef778561b906202b7b83fe6562a0bca9c1e0a18638e8685b998b4192f5120435809ad6e93a0422d00725262":"e49beb083a9b008ae97a17e3825692f0":"":"723be39bc13adbc48c861b07753f64fac1ae28fc8933acba888b6538721df0a8b91c040a26522fe0dbb7335d8f63d209e89f7cde23afa9ca3c584b336d63a91e07fdd8808b14c3214c96a202e665bbaaa34248ff30348f3d79c9f16e66ad6c5903305acd887a89b6244eb7c2d96e18b13a686de935bf3821444ee20f48678be5":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e8e9ce6294b7fbc534a96bdd060120976a6e08315d2ea73ac61d085cd462a44":"4edc6be20f904b4789e5bee0a80a3fc8":"db28ce076b360816cd1e04b7729f8ab080e0a07f35204350f3bd056945aab8638c0e8311ab056f3e5debdbfbb03fae700770264faf73e0f3a05a5812aee84ab613c82f4a76da276250675f6a663f85e2c26d4f4a8666a7f4cedaffc1a7218dec11ca4e72b8b5d5b620d1efbd3d3b94a5ae0d118b9860dfd543b04c78d13a94c3":"9855f186b51358f0e2111c06bfaaeaec9bf95c55e246375c614fad9883d86c82a20c86538dc5f42a0ea69677d59a20c5112d15d2a8396f12096242ad5d7b838d16ee0679fc4017af75bc15e8ad2f77b0e802c864031cbfb0bacd95c828d1db4b7bab0713619e9e5e8fe6902aac7a9e6c42eb05f5b156f7e663ee43e6fdb62480":"03cfe6c36c3f54b3188a6ef3866b84":"":"e10142f852a0d680c983aad2b4609ccbd35ff61bb3eb66442aee6e01d4cc1cd70f45210acbd506395d6ca0cfebc195a196c94b94fc2afb9ffa3b1714653e07e048804746955e2070e1e96bff58f9bc56f3862aaa5fe23a6a57b5e764666ddec9e3e5a6af063f2c150889268619d0128b3b5562d27070e58e41aadd471d92d07e":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"886c77b80f5f3a21c01932685a540b23629f6d41d5574fc527227ed0bdf2e21b":"5ec506edb1890a5a63b464490450d419":"05b8d820c9f439d7aeae5c7da0ee25fb0dad47cc3e6f3a47e8b984e856201546975f8214531fc3c2e504d2ac10fa49cb948596b9a8fab01b95c49d6f04d1589f93b77b899e803dd20e1f00a51c0b5953e85be639109b14b100e35ca26d84ea629964b0db8260dfa5a150a66261bf37e79de2ec49e9f1b082a7c58ecd3d39b6c9":"53a17d7b69f607f08676d6f6dd4e8db08e01333a8355d8c87616e84cdf10ef5b041fc6ddc3f6a245c0f534c2b167064af82f45e4702a5e8dede59579fdecf6713353392433950c9b97c38d9ee515ac97d0970ccf03981954540088567a30941bb2cca08cbed680500f8342faa7aebbc6c143e2ea57ba6b4ac1fd975dcc5d0871":"ffdf56e1c1a7252b88422787536484":"":"79ee27adfa9698a97d217c5010ec807806feda37db811e398c3b82abf698aece08561fffc6c601d2691738e279eeb57e5804e1405a9913830e3ba0d7b979213ef40d733a19497d4bb1b8b2c609a8f904e29771fa230c39a48ebb8c3376f07c8013fff6e34f10fe53988a6ec87a9296c0a7cfba769adefe599ec6671012965973":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5231ca6d772edd9ea2d251e22d7d455928c22474b4b44130dad57e6511fed6ee":"048698a4a0feabc1f336112e2794795a":"3a81b6b0b722899ff931cb73c39222d555b83ae3f8880b982593cbc1ab8be90d1ee32fd7dfe697cf24c95b7309d82c3fed3aa6b3d5740cc86a28174ac8f17d860ebb251ac0d71751c2ff47b48bfb0b3beb4f51494464cda34feaecddb1dbbe5fa36c681ada0787d6ed728afc4008b95929a1905787917adc95f1034fedcd817a":"2767c808410ee132291585ea74a48ad3102f883f07d060c91c5f10abd37fe0996d2210dc490260238ae15f5d74c7be2a1e15d80db09079c520047f88488a7802857a3fc3b81d85a96949997430a880177880a31d4d0c9c9045247804f057a4f2756d6e40375a4a3187c4376d6bf573ce334cda1ed88d8a50db499e7cdb89d8db":"ba61edeb7b8966188854fc7926aad2":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a3f516a7898e04e5da4efd6c7c5989b77552d195464620c2b35b9a4fda29cce":"9310af6974890c0a0364231f9cc8103d":"2103af8356bcb9dfc2a4f1d4ed09cbcd8e1990d23865605e19f87feb50bf8d10d0257740e5557a9297f0499c01e29a1a513ca18e6f43f7406c865cbe3951a7771128f3110c8da3bd696368901944549552842a1f6fd96cc681b45da098f3c1acb3d237d2363285f520d0b6714b698790b7660c52ac84a42c9721ac7e9d38a2ef":"5cc28b61ae97557774bdcd7ff653f4aa349df68d53c7e5a65263883ef1fe224ad40e86bffc2d38f28a2ed9ae1fc08563e2a1e46246106546eb8e6064c06baa0046fa137421734b7f0f94656a4f459d9d981717557d843700d116b6e5e2dd3af5f67c34edf31b40b71fd3c6f2475f9310feb70bcb973be52d41e86792c49d54c0":"993fc8e7176557ee9eb8dd944691":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"59c9258554363d8a885fc0f5d112fee08eadfc7ce52a0e7e73e3d0d41d9a0290":"77e51e89dc47bbcac79cca21e81a61de":"25a6f8800a9b914c0ebf9a45d72355c03ee72a138eb81b2980f332645ce1d7aa4659805821866aee2b276e2c032776b4eaf36f93b5f9a72b791be24e31eff105ca6d0700e3069ee327983dd7fe1c7465d6c6d77837aff69055149988e7199847fad98605c377d997dbd40f3e2ff1a4f978a493684e401249e69540fbde96323c":"79c491411402ea7878e480519fd984dde44bce6459303bb76d4eaf97d4e345d1aafaa68ceb0590b41cfed0f411b675d9344c7e888cccfc9eb6fe6b229d198f94ba516ee850ee7f078a4f5f32a23f92f72264e3a76a31ebd042564315ac4f2ec0bb49ba6d08cfd2d3a6308688e39f28e3ecd669c588368cee8210edf5dbefb925":"ee6d85d3f3703b45adb4f9b2f155":"":"44ca68deed5478074adfddc97f06f44c08bf7bca4dee8707d621fc7396fe2efcdad0a167d1708a9ff59ce4cddb86920bf1dbdf41b2109a1815ffc4e596787319114cad8adab46cf7f080c9ef20bcf67a8441ba55eac449f979280319524c74cf247818a8c5478ea6f6770996026a43781285dd89c36212050afc88faa56135fb":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5e9eae594cb54c8089330e4404ff79abb1c0841b0be5347a14633ad1e1ff44fa":"0917b486da754f48bb43ecc8766a7ce3":"2aa1ef2f91aeba5da10b48a882dbd4574df4e9157a18abf8cecd03e4176712ba171b6ecb0e745841ff84e35063e47b08101afc44cfd9cededb913a82f00b9d4bac922f23a22f200642270399896405d00fa5271718eefb4cd5fe7e5f32097766ebff36ff1898a1c8a1a01cc18e6121e470805c37ff298fc65ef2fb1b336d09fd":"32abc1eb6077555a85a0a6fd1c78cccca6c8b375842e2eb8eee45ee6c38dc0837443d16c647252e8124639dd01c808ac5e857a25d927c2a75e2fa8955cad5beb5c206fc050cd933fc4621f5718936f01f39dd700ae1aee7537cc595df8789c5d1a6e1e87b1c7a60e3ce5d57c80dd65dee3801798e1481b1963bcc78cc69f8c50":"92282b022e393924ab9c65b258c2":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"aaf03c3055a35362212b9b059931e7a24fc71e32bc9a533428c9dc31077f2ebc":"7dfccd077b29e6ed5720244bb76bde9f":"21edd1c6056f51fd5f314e5c26728182edcd9df92877f30498949098dcde8089eed84e76d774ef8874d77125669a302d268b99dcd66b349d0271dde6f8cc94dc4f2df3787887b1173cad94d067e346846befb108005387102854d9387d2c0fbc9636cdf73a10d145f4b612c201b46e1ff4465f6a7654ce3da5792daf9a27fb35":"c0e12cdd8233878505e025d52427536be7b6bf1887d2dd20eac7092db80b22417a3a4ca83cdf5bc5e36161be1ff9b73f7ceb297c6d07c9cb2a75035a5dc079e48283daea60596f4b356ca28c243e628cbe459f069709fe193394c9b1a31d8ccc5a3a4eba30056c415e68571a2c34bb5c32efff12e9aa483c4a68be5e76aba4cd":"6154c6799ad7cdc2d89801943a":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"60c775971a9eac7950ed2bdd85bd60fe948ba04c419f6743fb67f37557e46c6e":"9b92ad7079b0de09c94091386577338b":"1f6a84b0df75bd99a2a64849e9686957c6a60932ebe898d033128be9b757e9890225925d856bfdc33ff514c63145f357730bb0435c65342bc5e025267b410af6fd388a5eca01b7efc87fd3b1b791df791bd47dfab736350d7b7f368b4100e04c939d5af957bab95ed502dac904e969876674602a0f0790da2d7351b686e46590":"8abb2e66a4d08074916056bb8e925551372f737f0e1b597c5d08ee102989743a273b29d7281013f8b3aee2934399cb427370d70370ee86eb41584b653660c633506a53cae747826bb7d93909f069d5aacf058b7f2bbdc58ea08653db857bda83a979fc22a4f126dfef7aac45177f4cdb802fab0c812fb35d12a8176ec21336d7":"1d6cd4ab3914e109f22668867f":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3b426e449337a14bc0663246ab61b671b523c9a3130c21ed59c93fa6a5aa5ae3":"e6efc96acd105fe4a48d1ac931eea096":"0902cf7a0685444126369712ac47962bc2f7a3a5837f1b6190d9ab1adb4cd35e7f0892eee628b8e07fcf2b598cebe1ec07d8c4823172ae66a135bb51cc71590707b691a66b56af1ffe38772911d11685da355728eaddd83752d21c119d7b59f4c17c2403629fa55cd70cd331aed7b0de673c85f25c2e9e0267f53f0b7480c8ca":"291bd5a00d71eb7d547b7c94e7030ba4a947418eaeb378a3bacd304b08c6f92f6958eaba968ac6aa23e0512a2a8ad7c1ca2f8fcf623bfc1281f5b7b598c08d2aebcd447668b23238c5e338b4c2ac7f8fd381714c596ea3e0c17aca4317a08563e58f0f52a8af08e078dc242ae54ee0fe3869f8c9687b004a4ded0aa27d8f4c5d":"ca4bfeedcd19d301d3f08cb729":"":"bcef3f2fd101b828d36cb38530cf9a0a7a285ac1c55ee1069cc78466327e85887534c98a8891d579effd832c0f7d6e7e822fb1eea85a39317a547591def4aeed6660872859fc9d1df9725d3c40e9ccaa900e0f1426a55d20ac4f2e8e07bd3bbc687f8e059ab93e7604c97e75ac94be1c8c24f4c4da0080a4d77953fb090cbb62":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ceaf204ff504ea8e7fade1a2097f2b527a44766860447322fa5ad346cd810217":"cfdb8183251f4b61c64e73243594fdc6":"a60f3969fd1b14793dd1425aa0b1f742a4861e0b50eaffd1525cd209ba6d1252176763bb5bee59aaa55f92341cdc0705899aba44cf0ec05cbf80274ebef65cd9507fd4224b25cac19610968d6a37e2daf9ddf046ef158ef512401f8fd0e4f95662eebdee09dd4a7894cc8c409be086d41280bd78d6bc04c35a4e8cd3a2e83be3":"1c8e4cf6018211518494d46c2e0607fa42e236abc28d58f8175c530f84b1f030572f5f6a74cb5517e1fb999a637d352afcbeadea9121e695675859b66b499a3a351ecba5226e58ebbb59fe12e359e4c89cd51c8703d4643c49921ae495801c73627df404b91e828e1d0e03ae09a39defb5aa5f2c8106953772ba0713d3261329":"9e45029f4f13a4767ee05cec":"":"5cdc66b587ed5eebb04f42b83a6ab7017093514881c598cce332d74fa3fab927493ac15bff26835296e080b5b45ef907c0529fc2f4ed2fc09db179ef598e5d193ea60c301d3f8d823404814e3e74de0e1d2417c963e9246c353201c7a42659d447376e7d05c579dd4c3ae51c2436407b8eff16ec31f592f04b8013efcfd0f367":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"15652abe38cd09777bba21d0db04637f5737d3cb3922181b9f2d07bfdafd327a":"3a5e0d223ae981efb405566264e3e776":"cd755437cb61b539908e0cfaaa36c0123f8f17d1e6539783cb61d4b56cac3bc1e971c1ea558b12669b025cb6b9ad55991c6e2f8ee8b0b7901790193e226a0fbbfff7ff0bee6a554660b9f32e061b6c04bf048484ff9ebd492f7e50e744edd72d02c8fd32f87f9421bf18a5a20ebb4d9dbe39a13c34b7296232470e8be587ba09":"1d6c153dec3b4738a09c9fbdfe31a093eb7ea79b8fa49f83e5e1f46893590f074fb171fb66e30ef887767014e3a10a3aa05da2bd50dd7b7936e1d7f6f31af9030e31e76bdf147f4396464db0f6a72511c4885c6c2305d339906e3c761a3249d7ebea3bf463e8b79c3706e684575550e964b8047979f7aed6ea05056c4b5840b1":"01a573d8e99c884563310954":"":"162430c23f7adcf98575a2d9249b4b5cec42efae33776360ebfa6a19c8eee4bd6b07cbd274deadc3292b7cdbb7803e99d9f67ccc5077f3ad5808f339a05b3213dbfd11377673d4f9b486a67a72a9ac8ea9ba699861dce0de7e2fd83d3ba2a2ec7fabf18b95a2bbe2184ff7bddd63111b560b3afe7f2c76807614ba36c1b011fb":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a43f6d07042a15cd49f6f52a2a3a67c6c2ff420d95bb94b9fe03b287c3abcaf8":"3b6fad21f0034bba8b1f7a344edf7a3c":"2e01c0523c8293fc51388281dccdb8d0a2d215d729289deb327b8142d716c2bb849e9476545b82f3882ba7961b70c5da2a925ba18b6b121e9215d52ac479c9129c9cd28f81584ff84509d5f9dcb7eaae66911b303cc388efa5020ac26a9cd9ea953f61992a306eb4b35bcd8447eea63cef37bb0c95c1e37811115cf26c53e8c5":"b67e58c8b608724fd20aa097ee483bc4c804490cc79de635170944af75c87ae0ad8261365c1dc80d852553bcba18da9fbc3fbe61d27550a03003ef0c60202054626655509a9e1ab54677e537a4e761df011d6c6dd041c795446b384161ae9eab441afd24d19b58eb4fe5116cd7b11b751ebbd0a2adba7afc380d9d775177099a":"43470bc3d7c573cb3a5230f5":"":"e1720d451fa7ab9db4988567187244b15b6fe795dd4fef579fb72e41b21aaa436d2e5d8735a4abd232a3fb9188c75c247f6034cdebb07fd7f260f8e54efefa4f2981cafa510dd5c482a27753a7c015b3cae1c18c7c99a6d6daa4781b80f18bbe6620bfc1518a32531017a1a52aadb96a7794887c11ad6bdd68187ba14f72a4b5":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1f0f0191e18db07c0501dbab4ed952c5603a4cd249d2d8d17e62e10b96ae713f":"ab8be16b4db809c81be4684b726c05ab":"a5a6e828352a44bd438ad58de80011be0408d410f6e762e3145f8b264a70c593476b41bb87875746c97de7d5fab120bd2f716b37c343608ee48d197a46c7546fafcdbe3e7688b7e9d2f5b6319c91d3881d804546b5f3dbe480996968dd046f406c11f0dc671be0421cbc8b4ea6811dd504281518bb96148dddf9f0dc4e2e2436":"aad40e7866c26e486b6f6e8eb14a130d5f88891bf0d09aa8fe32f447ab8dea7bee5d3eda4499c0103a010483f2b64fdf1155499d31decf528c77dd7627884f9995c213cf7402143dbb7561d69c86886734260ac94ffac7eb33598d25714228ef43f744ec1af2a87e789f1e5d6fff0fbd5082dcc49328f194e8f8a14a5bfc962d":"d8bd7d8773893519":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a6cf7d83137f57f2310ee6bf31e8883952bb07ccdc12f516233ed533ea967e5d":"f17e37e73a28c682366bfe619cc673bb":"0f4dd201b18e20230b6233e0d7add6f96537dd4e82d3d0704c047fab41af5faf6bd52bd14fa9a072f81d92a2ce04352f0b66f088c67102d2d127a9850b09ff6087f194a6e8ccaba24091feb303eebb65f1203b2d22af44e7be4de71f03e6f6cbadf28e15af58f58eb62e5bddfae06df773cc3f0942520de20078dda752e3270f":"83ab20698fd7573fd121976a72b45a7f03aad84702fc8ac73d6926eabd8a546895aeffe4ba81d117507e2cd37d58eeff71cc3afa8a4449be85f228ea52f6dc6395bb43c1c9f795343720841682d9b2f00602eafa4d4cbe297bfc62467e526b9d823cc8eeecd9e5f8dbc2f65610663c6f37b3d896651b254bd60215629ade3b2a":"74110471ccd75912":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b0c85ac6b3887639838ddca94c5c69f38115aa00122322c8114642d12ea1b8fe":"14f68e533ecf02bceb9a504d452e78c7":"796a46236fd0ff6572b1d6257c874038f870aa71cbb06b39046d0fb6489d6ae8622b5154292ae5c4e1d5ff706daedb2e812533ae3a635d339a7fbe53780e3e8204924a5deb4b6856618f4c7465d125a3edffe1ab8f88b31d49537791c0f3171f08dbb5ed1d9ed863dafbae4ecb46824a4922862fe0954ee2caa09ab0e77ed8fc":"0210fce418e7e2199cb8f899c81b9be74a630d00269755f882fc4db27632e99685cc12c426a7503473646df1288d0ede28408be9add5713628700f8e2b2e27d7522520ed00ac47239084651eb99e7d03e1520aae137b768f3144232c16b72158fd5da4a26a2525b9b27791bf06d1eb2e671c54daf64fddc1420bc2a30a324ba5":"6fb0b5c83b5212bf":"":"5e6c362f7587936bcb306673713a6f1fb080783a20e9bbb906456973e529cfa0298206184509c30e1d3793eaaa5d564edd4488f04311821eb652e0a1f4adaf6971505ca014788c8ce085ceb3523d70284ed2bb0aebeba7af83d484df69c87f55a93b3d87baa43bd301c4e55eb8c45dcf3e4612535ea1bd5fdb4c3b9056d0cae9":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e61b1a6b40e2ab1245ff65dcfb9948318ac4fe55e9ed600cec301dae32ae0e93":"c356244b3034d288e4d4fe901b8e27c1":"bdcfeb09d5b97bab05a7acd9849e7de2c5beb7a4dc573c7e1c1d0c0409245a6584023114fdcc6413c800ca16847bde750b27c4d590248e2ce457c19b0f614f6aff4d78d4a19b3251531e5e852fbb05d09412cc1ff8988d1955ca6f5fe2d820f20a7642e3ae69e8122b06ba0918e806400b9b615e1abe6fdd4f56a7d02d649083":"8d67fa9fcf078e421cb63abeb25dba739ab0e09a091dd06b0c616e1e888f350edb2d73a42f57f115266ea20c7f8fc143ac746649612df06a5e29b4a15934dc049be1ab49d018ab86c4f37d8c3d9c714f038029e74d8ee3dbe61d81adc63712ea413b37f7604da12107aa1695d9b0981e5a92cdfaa5fbda0e31b22c6fd6f3b499":"86acc02f":"":"7c73182eca97d9617abb478a6ce62e3491a7e9951981c89c3071b161a4c80440614c3f24d0155073e28dcccee96bc8303dab4901ef77318df522d16d9da47770ef022395d6104cd623d93d67090a27507fc8ca04157e7939e639c62cd0e7d8a472314833c0eaa9ba2fd54a25b02854e3bff25cccd638885c082374ae520ed392":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4f5a02e9843d28c8c226ed70d44b8fced8fb757ab6ece4d4f06e3c3cec79e44f":"099e5d9aae89fb6391a18adf844a758e":"ad93e8662c3196e48cfdb5aa3bc923cd204151aa980cbec78f0d592b701f779c1c49f9e8686d7e2385a4146b21a643a59c18c8b82214f42560bcd686fad7c7c8e8c1944ce6b20ec9537dd14b6cf2592740ca112f4cd582250d69f240d3e957040e1f7e19c60b3c8f2bd00cb666604c38946eb9b2f17336d281b4794f71e538a2":"3ec13950d329f24074714c583bdc35686b811f775b76b0a8fcfa66fc56426c9d022f8ab0af38f8d2f71a068548330cdbe891670181ed7491bf40c739ef4dd93689fd35929b225089d2b151f83d9b3cd767300611144586767354c0491112c205409f3168092d27f9b9f433afb79820a2811984d48e70c1fb2a13bbb3ddbc53fb":"30298885":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1cdb218e0bd0e02156e5b48182990f778889793ef6018a8928e61164ac047c8e":"d2ffbb176f86bee958e08e5c7c6357c7":"bc580c4223f34e4f867d97febf9b03629d1c00c73df94436852cafd1408c945c5474c554cb0faf2bae35d3160c823d339a64ebd607cf765fa91f416fc6db042bc2bd7445c129b4a0e04b6f92a7b7b669eb70be9f9b2569e774db7cb7ae83943e3a12d29221356e08e5bf1b09e65f193d00d9fe89f82b84b3b8b062e649163dc8":"4d039618a0eb640329f90fe97de18bc928fc3fc7a0db42c97774bec2e882e872fc1097c8319f7837a16516bf387b1bae321c565e8fc1cb8480f051158e4685f0adba310d2c6253bc1300403cbd3f7ddcb2796a69f8bf9e73d47aada9a02673c1a3d5ecdac838abf22b385906236529a1b7dd5b8af2611a04cf4f83b15ba41cfc":"1997daa9":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"dc1a145c18bdbca760f35eea0d4a5992de04a0615964ec8b419c8288ab1470f0":"7f8368254955e1b6d55b5c64458f3e66":"":"":"8ddaa2c3ed09d53731834fa932d9d3af":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7b4766d3a6615ee58b390daa228ae7a541c46ce80a1efe227cc43cb777df3232":"274367f31ec16601fe87a8e35b7a22dd":"":"":"5f3a757b596e06e9b246ed9bac9397f9":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d19b04055bf6e7ff82e89daef66c9d8319ab25f9197e559444c5729b92c4f338":"796efaff4f172bef78453d36a237cd36":"":"":"3b445f38bf4db94f1a9ec771173a29e8":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7ca68e300534a90a7a87ca9906e4ac614a6aa51f769b6e6129753a4f83d10317":"45e6b23f8b3feefd4b0ea06880b2c324":"":"":"6c0a1c9c2cf5a40407bfa1d5958612":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a2b7cd693239bbc93599d3d12c9876e7303b227b8ae718e2c62e689e1fd62903":"548c9c8fcc16416a9d2b35c29f0dacb3":"":"":"3aa21f221266e7773eeba4440d1d01":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"156b854beb0c276a5e724f5da72f0d1ca4ae7cbd5f93a2257d95c2e5bfd78ad4":"a5129e2530f47bcad42fc5774ee09fe7":"":"":"6bb09ed183527c5d5ed46f568af35f":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d824330c60141264e1f709d63227a9a731bcc42b4adec1d8f0161b10b4fdb2ab":"c5afaa45312c64ab3c3cf9d6c4e0cc47":"":"":"55952a01eee29d8a1734bbdf3f8f":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5517589948d8aea778df6fd66c17a170d327f69e504f0a4bd504c4286a9f578":"6404b111c6289eefa0d88ed6117bb730":"":"":"637f82e592831531a8e877adfc2c":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"f6137b2bcbd327fbcc7f313efa10f6ffaed30e4782e222e1225c87103fcae905":"3b87b08337a82272b192bd067e3245ec":"":"":"1f2dda372f20ffddd9dd4810e05f":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b5e70d1b78e931abf44bba3f937dbc344858516a8a8afe605818dc67d0c3e4c4":"58e70095c6f3a0cda2cdc7775e2f383d":"":"":"1763573f7dab8b46bc177e6147":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"90de0c047d1dd01d521f2dedec7eb81bc0ace7a5a693a7869eaafbb6e725ad7b":"d565c9cdfb5d0a25c4083b51729626bd":"":"":"78738d3e9f5e00b49635ac9a2d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c43e8dbeafb079692483a9fcbab964b76fccca6ca99e1388a1aa9bf78dfd2f02":"f2bd4fe0d30c0e8d429cac90c8a7b1c8":"":"":"ea7b52490943380ccc902ca5ae":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13540919fdb95559e37b535a427efeee334309e34c4608459e204d931b8087e7":"c993c1802df0f075ce92963eb9bff9bd":"":"":"edfab013213591beb53e6419":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2a7b2e07c148ff0f627ae28c241a395876bbed0c20f3fd637330e986db025714":"8f7e1621c2227839da4ea60548290ffa":"":"":"f9da62f59c080160ec30b43d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b3e7837a75b38ae6d4299a1ae4af3c2460dfca558708de0874d6b1a5689b8360":"05d363b2452beff4b47afb052ac3c973":"":"":"6b4a16d1ea1c21b22bdcb235":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9df3ccd95f7570f6ecf5e5329dcb79bcd46cbcf083fe03aa8f5bd0f645c6a607":"774f4e70a7577b5101c0c3d019655d3e":"":"":"98ff89a8e28c03fd":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c7123e2e8d3774c8f1bdbb2272f19129e04f29b4351ae19c3b9d24e6ea1fe87":"99f25cebd6cfa7f41390b42df6a65f48":"":"":"8e14a0a4853a156a":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"490090323e9257517e2453469caa3414045cacb4d05d5cebc6b9c06fa6d19291":"c1beff1ff6cdd62339aa21149c4da1e6":"":"":"f998d7c08d609b3a":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"360e48dd38d9e7f5bf29a2994ab5b3c9c70247102d94049ae791850807a4c845":"88126c350dfc079c569210ee44a0e31a":"":"":"f2ebe5e4":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1562b32e4dd843edaf4474b62cadd8f46d50461f5b22c9f1a8eae7367d35d71b":"af29fdb96f726c76f76c473c873b9e08":"":"":"13fd6dfd":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d5160d0c98ffcb1c26aad755f67589000e2bb25fa940e6b1d81d780f421353d9":"1552604763453b48a57cea1aed8113f4":"":"":"660c5175":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c3a3ea3a097c0c2b3a4cb78462d87fd5a8f348687c4150e9d3354b388ab13d17":"f77945979241fb3a454d8e3da193e169":"a69bac31241a2c07d3f7e331b77f662b1e67ccb81c07f52578b01f5785de9437f02eb7627ca7b9af09c1cb428fe93d6deb31f4d6dd2f0729f87480bdeb92d985de1aaad4bcebc6fbad83bede9a5dd1ca6a15bf5d8a96d4edb5bee1f7d195e9b2e5fb2221a596d69f257c18a143eda870e22d3f2ed20c9b3b0d8c8a229c462fff":"":"6b4b1a84f49befe3897d59ce85598a9f":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e1626327d987342cba5c8c63b75b4ed65463a2b9c831f4f9f80325fa867d1d73":"4e25800deab7ecec2a2311f8fb44eb7d":"ebaffd558f24dae03117c69ac4b2b4aaeaffe7e0e7599eaba678bfce23a9914dc9f80b69f4a1c837a5544cba08064a8f924064cba4d783623600d8b61837a08b4e0d4eb9218c29bc3edb8dd0e78c1534ab52331f949b09b25fbf73bece7054179817bc15b4e869c5df1af569c2b19cb6d060855be9a15f2cf497c168c4e683f2":"":"8faa0ffb91311a1a2827b86fec01788d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"938da64b837275b0c80c442bdf2301aa75e387fe65a775d10a8ec840f62ff429":"dec6adeb60216cbb8a6c3afba49fa201":"4ac144bd95f405649444f01ab67ef3e4c0a54fdbd933b6ba00518c79db45c22c90030c45aadcfdb53ec8199be0cbb22dbb9ab938a871f4b3b0c98ed32590a051abb946c42726b3e9701f183b2092985e3457943a6350fbcaece2e6b111b179ea3fd10ac080a577a1481785111d5f294bc28519c470ff94392a51a2c40a42d8b5":"":"2211ca91a809adb8cf55f001745c0563":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e2436484ea1f454d6451ad8dbd1574b208d7a3ab4fa34869299b85c24348b43d":"97040d2ec094fe1c64fa35b35b7451a7":"bc198677513ce0e66697dfe52b22315fa5d8f92042f34cc9f373a01f94607df1a599132f60af010ed9b5e52162dd7b162912b68b11700e08f5fdafd84d10f760fc05ec97c05b83e55155194f399594015b90a19c04fb992e228940fe1b54ba59c4bb8318b33cc0df1cb1d71c389473dfb3eefabfe269ca95db59a7bc0201c253":"":"2e080ba16011e22a779da1922345c2":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7fb3fc72eb8a3aa5b102f90039f852cc3fd64f46915f5e49f1d9e02fe9cc13b1":"f6120fea313362524917c53d90bafb4f":"60c2be7fbd15faf895fd19a9ce775fe2b183b45cffafe4fcbf50d421bea97347e41a9418cfa129b2dda63b889a70063010215dbe38c37feae18bc31b34f31b726f22177f2b4b9d648dd4aa80edfd12dafaee10baa83224354432d1cb62ccabe38bb8448d162cd0d30e988d2e1a2458ffdafaacbdff928756390f66dc60d7ea45":"":"83de3f521fcfdaff902386f359e683":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"697c96d80d0a3fa9af35b86f31fb71a17aed30ce841c79896bbc8863b3b3ee04":"3a5163ec7e007061838d755ac219855e":"de50c12da63232768d5eb9920d49683b5b7114cb77448fa10b9d63552ec5d9c2eac94b375d11f944959f903bb20c696639b6e7f108ec1e873870098c631ddacb2c25268cfc26d2a4cacfb7dda7383374c5456bcf4daa887a887f4293f8caa14419472a8bf7ffd214dfb2743091238b6d1142b116c2b9f4360c6fe0015cd7de81":"":"cd4542b26094a1c8e058648874f06f":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"66c1d9ce3feb0e966c33e3fd542ec11cc32f18c2514b953103d32abcdc72633a":"46fdb88fdde9b7d74e893802a0303256":"55d2f263d2e3cf0b390fce1dd1ebd5f666086f26e1ce2f08002bedbb810ada3922c6bfcf6a6adaa556e9e326c9766f02b3eb6e278da2fa3baa7dbdb6373be3c6ecfbe646b1a39e27c5a449db9b559e7ea3496366b8cdbca00ee7a3dea7fdfbea1665bbf58bd69bb961c33a0fd7d37b580b6a82804f394f9d5d4366772cee3115":"":"96ca402b16b0f2cd0cdff77935d3":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d7c949420dc9497232cd5810f316d11f9e85d36c430b5943ba79836d88c1eb92":"7ef9788ff09cbeedd9569d49083a4097":"ca1de5cc3fcde2638eb72210e551e9c0e0a3f5570d5be83a9a4406b545d854bf17e75b9cd0f4c45722fbd71319a317b72a8798485e9316a1c8102432b83bc95af42f6d50700ba68f6f2e19b6af609b73ad643dfa43da94be32cc09b024e087c120e4d2c20f96f8e9ddfe7eae186a540a22131cedfe556d1ebd9306684e345fd1":"":"8233588fca3ad1698d07b25fa3c4":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe7c70815aa12326cdcbb2d2d3e088bbaaef98b730f87fe8510b33d30e12afe":"e0253bd1f19e99a7f8848206fb8ac4a4":"397897eca4856f90d14c3cdfe1ad3cba47e23174ae2dab7d2a6320898584e03bffa3ffd526f416d7b3c579b0f3628744e36eebb5df519240c81d8bbbf5c5966519c5da083ab30a7aa42deae6180e517cdd764b7f77d19cc1a84141817758887a8d7265e7e62279b9d33cd2f1ba10fd54c6c96d4b8a5dbe2318fef629c8e2af0f":"":"477b0a884d788d1905646bd66084":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"cbeefb3817cb02d617f385cf2371d52c8bcbc29e5e7a55cd2da131ca184c6e89":"f74156d6400ae46b612531848bffe18f":"1abe2ab05ceccf2391273126fe4a4426b94d2c3b97a7f1cd2ee6bb952bf4a546e972b5a1701d5ddb0e5bb7a248fcb47107a9fc77e4b9806b68a11850119aa239fa8be1370e3a2e1a8b168f7323afdfc4b8917d92570167848a56132d68876abc386c258a9233dc8a9eb73443b052e842c3d63e8b5369acdd038404e4e9a4b038":"":"0cb67cec1820339fa0552702dd":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e6f5f65ce2fc8ec3f602f5df90eb7d506dd771337913680ac16bdcd15c56583d":"9212a548c597677d1747e98ce6fb18a4":"55ca486c0183d0134925880d2e21dde0af51c4c77c6038a5a9c0497884e0aa4715bdb5b4bb864acc708ac00b511a24fa08496df6a0ca83259110e97a011b876e748a1d0eae2951ce7c22661a3e2ecf50633c50e3d26fa33c2319c139b288825b7aa5efbd133a5ce7483feecb11167099565e3131d5f0cb360f2174f46cb6b37c":"":"08d7cc52d1637db2a43c399310":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0e9a0391435acb57eae2e6217e0941c79a3ff938ec6a19b8a7db2ea972e49f54":"27cd1d7af7e491e30c8110cc01392529":"79140d32bb32dace0779e2d37a0f744d6d973e99a279962b43a6c0af63772e8a0a21d5d9dd3c33d4b218cb2f6f24dd8d93bb4e1e6a788cb93135321ecfed455e747fa919b85b63b9e98b4980a8ccb3b19d50d735742cb5853720c2ad37fa5b0e655149583585830f8d799c0d2e67c0dc24fc9273d9730f3bb367c487a5f89a25":"":"fbb477dd4b9898a9abc5a45c63":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55a12eeca637654252e3e40b371667e3f308b00f2fd2af696223e4cd89e3fd4e":"8a3793b6441258360f7f4801b03d0b26":"f5810dc5f25e49bd6d94bc63c2494aa7a579a4056a25f1dd9b2734d0b8731ee52523edd54ff475651d45c213e1bf254327fb0e2c41a7d85345b02bcc9d27b08915d332e1659671991a4bb74055967bebbba6ecceb182f57977130623d5a7b2175fa5a84b334868661c1f450b95562928b4791759796a177d59ed18bbf141e2ad":"":"99230019630647aedebbb24b":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3d353f870a9c088de5674efd97646b9c5420b2bcdfcffefcadd81682847e5331":"f267fa982af5c85359b6447f9b7715ea":"7cf55630867af5dff747c8dd25bcc531d94a7730a20b6c03d46059ea93fcaa00d07ee17dad0e0dff814b02dfef0cbe00b37fd2f5f95ead7c72be60016f2934d7683fc1e47185c7211c49cb03e209b088edb14e533dbcb792ab7033728904f7ff12381a236dba97894ec1fafcf853ab15fff343f9265d0283acef10168ffd1271":"":"9553b583d4f9a1a8946fe053":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d227c9ff5d17a984983056fb96f3991932ae8132377529c29238cf7db94a359d":"b8f6536f376a7efe0e684acf350bae70":"1cc25da31f90de7fa47ebce92754d3faa99f88d4e25ccab45645c1acdf850d55d7f02f61a0bfdc3125f29259d7da8abef532fe0966c63d3486753c8a2cb63a39349a0641b2f2b9526a03b97d58ca60fbb054c6c164ff2836688b0cad54df2b165bc082eeae660e768dde5130e30f8edc863446661c74da69b9e56de8ae388da0":"":"44b95a37fab232c2efb11231":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b2a57ef85ffcf0548c3d087012b336c46f6574cf1d97ca087bfad042ee83eec2":"3d580402d2a8dc4d7466e5dcb456be7a":"c2b9e95c16e55028794a63ef82d11fb83a2a75dc34a81f238e472c33264534bdd54cd07d02a0ecf9019ad1a6d6c779f339dd479e37940486950f183bade24fca2f24f06d4037b3555b09fc80279ea311769473eb0630b694a29823324cdf780d7d1a50d89f7a23b05f7a8c3ad04b7949aa9e6a55978ba48d8078b5a2fd3c1bbb":"":"072d4118e70cd5ab":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"63889ed5bf2c27d518a696b71c0f85592e3337aae95b5bf07289e4c5dfdc088d":"1ad534280a0fac7dce31f2ae4fb73f5a":"be1b9dabea33bb9443e27f674b27931c0fba699a33dc86fab29e50b76a9441030444b465317bbf2949faf908bc1b501d11a5ea2042e4b460a85f3be5836729e523d99b56ef39231d5c6d8ae2c2ab36ef44e2aa02a1f2c559c6e333216c7f9ed5f9b880a88e920219204c99a3ae8f90afd1396563bc59a691a93e0070b0b5fd90":"":"1bcea0ac2c1a0c73":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"94e3e2c17cfb6f52d4fdba3ba6d18bba891b6662e85df14d7e61f04adb69e0e5":"8a80efb3bfe220526997543409fddb4d":"05da1b0f7ac6eef488d3f087ecae7f35abe3ef36d339709dc3fcb5b471979268ee894c3b6c7f984300d70bc5ea5fba923bfb41d88652bdaecc710964c51f3e2ae2c280b7d6c8e3b9a8a8991d19d92d46c8a158123187f19397ad1ad9080b4ffd04b82b5d68d89dacd3e76439013728c1395263e722b28e45dabf1ef46b8e70b5":"":"faa5c13d899f17ea":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"fe5e479ad0d79dbf717a1f51f5250d467819e444b79cb3def1e0033c80ddadd8":"47ce838083fd070d8544c0ad5337cdc6":"98476bf05a18c4ff1b6024dd779c1ac06d838705a0a83fe42bee5fc6ebf3b2a1a5049b67f4aabc8239cd6ff56504bcbad1e2498c159bbec2a6635933945f6ea49e5bc763dcf94f4b3643d3888f16105abb0965e24f51cb4949406124145e9ae31cc76535b4178492f38b311099df2751f674363ae7a58f6f93019653b7e6a6f0":"":"a3958500":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"27d4dedb71a8f68ca5ce2b9e56da772bf5a09b7981d41cd29f485bd2d1adb8d4":"7e6f0343c54539717a97b6c8b9f7dec4":"d386db78043f719b7e137cbf79a7f53dda2fe3baccbebb57d499f6eb168e5151f10081d76b72ae0f30165efbdda469e826f9246e59dbcad5c0b27691c00d6c192c24073e99c19cf8c142087c0b83c4ce2fc7ba1e696394e5620ab2d117d5dcd2ac2298997407fd5de07d008de8f9941a4a5f8074736a59404118afac0700be6c":"":"50fd1798":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,0,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"5a7aa836a469d28542d0d24d3232fad266da8fc889c6b6038b726d3da25f7b20":"9faf7cd805803e143ec8f3f13475efd2":"1006c707f608728b2bf64734062b12a5625062bcdcb80a3ce2058352a2922d5e6fbe19681b4f0d79ad3c837f81e72f2fbf8df669894e802a39072b26c286f4b05188c708f7c6edd5f5bb90b87ffa95b86d84d6c1c4591b11d22c772a8ad7f2fe6bd8b46be0e93672df2e8bff8ba80629e1846cfd4603e75f2d98874665c1a089":"":"07764143":"":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a9444fd176acbe061d0221fde3ddfcc4ff74e995d981a831297c4cbda51c22a1":"5714732145470da1c42452e10cd274b5":"":"c146ff5a988496cad7eced7a2ea471e0117d5d6bd2562c23ce9db4bf36d83ba3fc22e90486ec288a627d208e0b2fd3b65f8301cf7fc41d97959981a95cd1cf37effc46db99b94b21c941c3613c26a10b1a6b7793f467d58ff5134612230f1c49d7e1fcf664fe52fc6eca46273982f6fe729b009d90eb8d8e4a0b0dbe907b76da":"db85b830a03357f408587410ebafd10d":"":"a3cad9a57fa28e6f6aaa37150a803bf8b77e765f0702e492c4e5ebb31ae6b12d791149153e469a92bb625784a699fd7ca517500ee3f2851840ba67063b28b481e24ba441314e8b7128f5aaccaf4c4e2c92258eb27310bf031422b7fc2f220f621d4c64837c9377222aced2411628018a409a744902c9e95c14b77d5bb7f5846b":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"686d3bd071e3f46f180611bc4ec8d7726fe72b6c617e7d42b3339f53918c9e36":"a714e51e43aecfe2fda8f824ea1dc4b7":"":"21983ad66449c557263aef299da6eef8f31d576fc17ed2dac3e836f7c2ceaff3094b2695452680e188df10c174810efd1fbaa6c832baedce0b92e4c7121447f6461ac909b4302cdf658095b1de532b536faa4fb38cfdf4192eb5c3fe090d979a343492f841b1edc6eb24b24bdcb90bbbe36d5f8409ce7d27194a7bb995ecc387":"cd30c3618c10d57e9a4477b4a44c5c36":"":"9610908a0eb2ee885981c9e512e1a55075a212d311073bbb2fb9248cce07af16ee4c58bdc8dbe806d28480f9065838146f3e1eb3ae97012cfe53863a13d487f061a49a6c78ca22a321fa25157dbe68c47d78f2359540cc9031ee42d78855ed90e6b8ea3d67725bfffcb6db3d438c982b5f88d9b660f7d82cb300c1fa1edebb6b":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6fe81f15a02e2ecf46e61199c057102d160e6b5d447d4a275972323fff908c3e":"91d55cfdcdcd7d735d48100ff82227c3":"":"0b4ee0385e6665da8fd2ae47f2d0cf1c5bd395a3bb447047ab5a3ae0b95355bf83d0381119a8d4c01acbe60cd7885da650502f73498a682fdc94f7b14f4c753226064fa15e3a90a6083e053f52f404b0d22394e243b187f913ee2c6bb16c3033f79d794852071970523a67467ce63c35390c163775de2be68b505a63f60245e8":"cd7da82e890b6d7480c7186b2ea7e6f1":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"4c2095e1379389dc3810e8819314f5a2f87d1494213c5b1de1a402f7f4f746c4":"19788b2e0bd757947596676436e22df1":"":"26ec8ebac0560538a948afbc18fb730e9a91f21392bde24b88b200f96114b229a5b57fa9d02cf10e6592d4dfb28bf0f00740c61157ce28784e9066ea3afd44ecf3a494723610cb593c0feffc6897e3435c6f448697ad3e241685c4e133eff53bdd0fe44dd8a033cfb1e1ea37a493934eb5303ae6ef47ce6478f767ef9e3301ab":"f26a20bea561004267a0bfbf01674e":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"be5351efc0277afc9759ec2464a22cb4401f7a17efd1a205e7af023c7ed30ee1":"c6b26117d9dbd80c1c242ad41abe2acc":"":"1eca91406f338fc09c2988b1d7dc8c409d719300c03840a497d7b680cdd5e09b144903477f7116a934e1d931cf368af1fc2a0a0e7caa95475a3cd7bf585a16fda31eb3f8201db0216b37a1635c1c030836b3dd05ca5b0194388fa198e717822131d5d4318690ef82d35ac80b27fff19aec8f020dc6c6ce28f0813bbbf8230ad9":"61051d6c0801b4a6b6ca0124c019f3":"":"95447aded336d6c20d483a6f062d533efed0261ad321d37bf8b7321b98f55c0f0082ce7f3d341b18fea29a72fc909d30cd8c84a1640227227287674a9b2f16a81b191ecf3b6232d656c32d7b38bea82a1b27d5897694a2be56d7e39aa1e725f326b91bad20455f58a94a545170cb43d13d4b91e1cee82abb6a6e0d95d4de0567":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"814c2cdfdeecf39d43bb141fbfc62dac44f7552c5e5dac2d4913303fc860119b":"0db3ade15cb0dea98a47d1377e034d63":"":"0d3013a1d7132f685d001420daa6c7b643bc36b887511acc4588237d3b412c79e4ebba29c08248ad46c7239e8daa232b7483c9c4e3d1c0bbebc696401efe21f7fd6fc0525a4ab81bd9a893d5f7ab23b70ed07c00f33649b8a996a006de6c94f7793f72848793f4d5b31311c68aae1e715b37409fbe506dac038a0950f05fe82b":"e62f910b6046ba4e934d3cfc6e024c":"":"374d03cfe4dacf668df5e703902cc784f011f418b43887702972dcc3f021bcb9bdd61ed5425f2975b6da7052c4859501eb2f295eb95d10ba6b2d74e7decc1acacebf8568e93a70a7f40be41ac38db6f751518c2f44a69c01c44745c51ad9a333eda9c89d001aa644f1e4063a8eb2a3592e21c6abc515b5aacaec8c32bcf1d3c4":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1ae4541110f2bc4f83cd720b5c40c8315413d896e034b75007f172baa13d29ec":"83f98eec51ee4cae4cb7fe28b64d1355":"":"5ea811e7fbfc0e00bf2a6abfac50cad9efd90041c5f7fb8f046a0fecbd193b70a2de8a774d01dd3cd54f848cb3e9f5152ee1b052ba698bebfba1fbbdae44a260447d6e6482640ae4d01c9cac3d37d4ffe9a0de0b6001de504a33ef7620efe3ce48ecd6f5b1b3a89185c86d4d662a843ff730e040e3668d6170be4cced8a18a1c":"df47eef69ba2faab887aa8f48e4b":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"20c9b662ec4bd13bf58d64cb0a7159b0e7fee4703af66292bf75c8bd6e42e8dc":"2bc0847d46f3d1064bbf8fe8567f54a2":"":"45b64f2ed5ac707890c0c1726adf338770ce6a728fe86bb372c4c49409a32705f881bc4d31a27c455c7c7df9dd2c541743523e7d32f88930d988857847f011be5f5f31a31e8812745147cbff5c1294d0fd4a7285db4833f22bf1975250da99c4d0dd2c9688d7f8001bb6ef2bc898ce4d42c5b78e74645b56ce992338f49d4183":"5a1bf25aa8d5c3fe5cf1be8e54a1":"":"9079d6275db076625e8474c2914fe483d413d5339202f98f06c3b0ef063d8f3d31029deaf7f9349bfec57e5cf11f46f02d5a6520c7992efc951adbbea6d08e53faeb10dfe8b67ee4685da9ea4fe932551a65821147d06d4c462338e6ddda52017c2bc187fd6d02b7d5193f77da809d4e59a9061efad2f9cadbc4cd9b29728d32":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0a1554db37f2e275732a77e521cbd8170729d8677a85db73feacf3c66a89d689":"b9194a4d42b139f04c29178467955f1d":"":"5421d93b7e6e0091978c673df4f3a406aef5f13eb5e6f95da19b0783308cbe26d4fd6c669cc4a9f069d7e62e4c6fad14b80e918fe91556a9a941a28b3dbf776a68ac7c42df7059b5ed713e78120aec84e7b68e96226c2b5e11a994864ed61b122e7e42ef6cfdae278fadbae1b3ea3362f4e6dc68eef6a70477b8a3ffcfba0df9":"05949d591793ca52e679bfdf64f3":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"3ab1d9bb571c4bdc9f3ef340914bddcfe0c8e7718d4a2530334372cec86e5fcb":"6a5335901284dd3b64dc4a7f810bab96":"":"80bcea307e009745724d5f15d21f3b61a5d5a8401530346b34a2adfa13e3e8c9c9327d6fad914b081e554fbe6c1c6fe070b566620e559555c702c0ab5becf61ea1d9de64351ce43b2276ef4e20b5af7ce43db6d21286af4e740ef00c6d790705afcf0ee4850fffc12c662f2bd8212feb21db31065ab8f717a7509c213352b869":"04b8e5423aee8c06539f435edd":"":"36b9602eee20b8f18dce0783cd1e01a799f81ae0a1ce6d293a26c62f47e7dad85c8446697cc09c81d3d9ead6f9e55c4147211660c8aea9536cc5516e9883c7d6854be580af8cd47ba38fa8451f0dad9c904e0e7f9997eff7e29bf880cd7cedd79493a0e299efe644046e4a46bf6645dfb2397b3a482a346b215deb778c9b7636":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7dddbd5657e22750bfe6baa70a1f4ac46c1ef8bee573a57cfcef50b66f85e593":"fcb962c39e4850efc8ffd43d9cd960a6":"":"2bf5aba83a8161b9d21ff29251fb0efa697b1ea9c1b3de8481d5fd4d6b57afda0b098decdc8278cc855f25da4116ed558fc4e665a49a8fff3aef11115757a99c10b5a73b1f794f9502186c13dc79442f9226bbf4df19a6440281f76184933aeae438a25f85dbd0781e020a9f7e29fb8e517f597719e639cbd6061ea3b4b67fb0":"1d8cdadcf1872fb2b697e82ef6":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6916b93b2712421f1f4582de7ec4237c4e42e2b32c7dced2f8bb5bd2e0598312":"b4d9248bb500e40de99ca2a13e743f1c":"":"3739cca20279a36ddb857ac22beae901a49529b3182463ab81a7c46e437eb0b0571e8c16f7b626ecd9f2ca0cd83debe3f83e5d58ed3738899f4b616755eb57fb965208f261736bdf7648b1f8595c6b6a779768115e3077dfee7a42d44b555a51675fb1ce9961d0e21b2b9b477c0541184350e70decf7c14a4c24b8a6cd5fed8e":"090d03446d65adcc0a42387e8e":"":"0255be7ac7ac6feb3a21f572f6a593cc8a97f17af7064c80e478f4a6c469cf94d604bc014b003bf284d216161a9c8a493af43c6a0d8caf813a9e6f83c7ed56dd57543876b11f76aa2be80dcd79d19ac61f00fa423ac2f52fae7a8327cd91494ca4116feb735980ad0a4b1445cb7f38cc712b8aee72179e65b97fca38694e3670":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b751c8b724165009a8bd97a9d2a0e22cae5a95c4743c55eeeef0a6fe7d946bec":"160c50c0621c03fd1572df6ba49f0d1e":"":"e8546a5af1e38114822e60e75563a9399c88796f303c99c69d1f3c50379da81e1cd5b5a4a721e23c59da58ea4361b7ff58408e506a27fea24f9a235c6af7f7a5bd93fa31e90edfc322821c08d6324134830b7fe160b4a3e6d27866a10e6e60762a31618ef92f5c67ccb1deb1f1b188f0e687165e7c366c7418920df4f4fcdcae":"9fef9becf21901496772996f":"":"175fa6b7cd781ec057ff78ba410f2897a920739b5fc4f04bc9b998fbc7cc18e327ad44d59b167e4627256aaecd97dc3e4a7c9baaf51d177787a7f4a0a2d207a855753c4754d41348982d9418b6b24b590632d5115dc186b0ba3bec16b41fa47c0077c5d091ec705e554475024814c5167121dd224c544686398df3f33c210e82":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0faf32c22c2a4ee38fe4b5ce08f98fdf6f83b5038dcba5ec8332b3eeb5c710c7":"04885a5846f5f75a760193de7f07853c":"":"8a556cc30075753c6e94c2f669bca2058ff6abcbffffc82da7cfca0a45af82dfb4cf487ceb4ede72be87ee4c8b72db1e96459de1dc96721464c544c001d785f2188b9fccaec4b1a37970d38b326f30163d2fdfdf8a2ce74aec55abcd823772b54f8081d086a2e7b17b4086d6c4a5ea67828ef0b593ea1387b2c61f5dfe8f2bb0":"0c13506ed9f082dd08434342":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0dddc3d2f82bdcdbc37648a6b9b416af28753740f8e998cd1a52a0b665369f1c":"0a93b883cbd42998ae2e39aab342cb28":"":"07bf84b15b21951fd22049be6991a672503ae243b8d285fb1e515e1d2c36bfd5b0d0bcce85791f2cea8f616aed68a7d9cf4eaf76418e8b1ec27751de67cbfd9d9f7905b2667904f10d598503f04c04ea00a681ff89a9c446d5763898430bd7a9dfebfe544e3ed3e639b362683a651e087626ffa63c0c2b3e0dd088b81b07f75e":"5c37918edb7aa65b246fd5a6":"":"ff7b7b2f88b8c6f9f9bad7152874e995eea0ff1ce1ecd9b8d563642a37a31499f14d70f0dd835b7adf80928497f845fd8c2786cd53af25f8c9fe1bba24e3c3860162635bbed58f06cf6c9966bb9b570987a48329279bb84afb9e464bb4ad19ae6600175086e28929569027c5285d2ed97615e5a7dada40ba03c440861f524475":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"a0b1a62e46e7712277fc711e19d0c0c865ee77b42ac964b7202dbcaf428086c2":"e20957a49a27e247d00379850f934d6c":"":"7dd7c0787fdbea4aacf929341659dcf4b75cbca8f92001e8b62a4d7b40272c5755fa9c445857db05328dc11ce5221f044f4b3dafbf0e2d72a1ad0d3e4c804148db578218690ccc620d8b97b4450ff83400a6caaa959617611446a6627138a4067be9ea410d4b0581022ab621928205b4a4480560fc4c2c3b39a2805684006f35":"c99751516620bf89":"":"9307620479f076c39f53965c87d20c2aff11c736c040dba74cd690d275591a5defc57a02f6806de82eb7051548589484364f6c9b91f233a87258ede1ee276cb2c93b4fc76f4d7e60cbd29ba2c54cb479c178fa462c1c2fb6eeb3f1df0edfb894c9222b994c4931dedf7c6e8ddecbde385ddf4481807f52322a47bf5ff7272991":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ffcc1c88fba1723b3ab57b458d9bffb98b878c967fb43b9db2ae0753d32a3bb1":"d533c2170c5dc203512c81c34eff4077":"":"19b6dec86d93c466307de3a36c0791ed1010b1b9cf8d30347ae46e0f9283c9fda43da8cb491dd17cc4298b1f0b876d6a0f4bcbc9667fe34564bc08f8f7b67045057d19f4bf027bc839e590822fa09a5cef1af18e64a0116aa2a01a3f246c2b5272c18c9aa23efe674ba53d533ae8f0695cb78c1155cdc7a9d7fae2c4567dc07c":"167ec8675e7f9e12":"":"0539287ac546fe5342e4c3c0ec07127dcd22899abfe8cdd6e89d08f1374d76e877bec4844d06e0a9f32d181c8d945ba16a54ce3725fae21d8245c070a4da0c646203d6b91325b665ab98c30295851c59265b4ab567b968b6e98536b7850738d92e9627b4c9c6f5d9ae2520944783d8f788a1aa11f3f5245660d41f388e26e0a1":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"55e94b339c3bafe068ef9cc30787cc6705850114976843777c92b4b331801650":"2e2b31214d61276a54daf2ccb98baa36":"":"147cc7bc4008dadf1956520b5998d961499bdf3d8b168591adbfd99411ad7b34eb4b2a5c1bb0522b810fec12dd7c775784d7ecdc741e6dec8191361e6abf473b219221801951b4d5ffe955ab50eef9cffdfee65ba29ddfa943fb52d722825338c307870a48a35f51db340aa946c71904d03174b1e4a498238b9d631a6982c68d":"5266e9c67c252164":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"13c9572bdef62510d84f2d415cc481cd1e71b9c1132b43e63b21ba4e16de9b39":"a8339ba505a14786ad05edfe8cebb8d0":"":"7c78e634dec811173ff3c4a9a48ae3ae794fbd2aefd4b31701777ff6fcb670744c592a1d298d319717870dca364b2a3562a4ffa422bf7173c4f7ea9b0edf675e948f8370ffd0fd0d5703a9d33e8f9f375b8b641a1b1eecd1692ad1d461a68d97f91f9087f213aff23db1246ee16f403969c238f99eed894658277da23ced11ee":"df3cab08":"":"91f9780daefd2c1010c458054ac6e35baa885cdd2c95e28e13f84451064e31e0739f27bf259cb376ab951e1c7048e1252f0849ccb5453fc97b319666ebbfbc7ef3055212a61582d1b69158f3b1629950a41bc756bded20498492ebc49a1535d1bd915e59c49b87ffebea2f4ad4516ecdd63fa5afda9cce9dc730d6ab2757384a":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"30a14ca53913acbb215b4e4159083106db3fff83cbedd1e5425f65af1e94f5dd":"4f23f04904de76d6decd4bd380ff56b1":"":"8c5f73ee1544553b712ad7a14f31379c8d54a4e432fb6c5112436988d83c4e94954b0249b470538fb977b756fbee70b811d4dc047a869e207bb0b495f1e271d0034e912000e97594033e0dedde0591b297f8a84bafcc93a46268a5bba117b558f1c73513e971c80a7083e1718fc12d0cc0d996a8e09603d564f0b8e81eea28bc":"18e92b96":"":"bb4b3f8061edd6fa418dd71fe22eb0528547050b3bfbaa1c74e82148470d557499ce856de3e988384c0a73671bf370e560d8fda96dabe4728b5f72a6f9efd5023b07a96a631cafdf2c878b2567104c466f82b89f429915cf3331845febcff008558f836b4c12d53e94d363eae43a50fc6cb36f4ca183be92ca5f299704e2c8cf":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,0,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"e69f419140289ac25fb0e2ef9cc4f7e06777ac20f7d631918d1af0c8883b7d6a":"531248afdaaf1b86cf34d2394900afd9":"":"ff8dfa4e70490ea9c84cb894dc5d7e1b935ebcdea80a39c4161d4db42cbb269cc86abd381af15ec9a4a42ed18c1eed540decec19722df46f22aa06883297cb393fb23e4bb31a817e88357aa923c7ecbcf24c28a09f622dd21fa70c0a02193024fdcefeaa96cc1b50f81a65dfa9e1bb5126f0c9766a861eed096ec15fb07b0f81":"c6885cdd":"":"f75299e0ead3834fc7ebd4b2051541b598ad57cc908fdcd4324cf4ccf7dcf7b3f0737ad6c026399a8b1b6d3d50011b3c48ea2c89833b4b44c437677f230b75d36848781d4af14546894eecd873a2b1c3d2fcdd676b10bd55112038c0fdaa7b5598fe4db273a1b6744cba47189b7e2a973651bfc2aaa9e9abea4494047b957a80":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"404a5d1ac9e32f9caabffbfa485ce9c27edc9e5cde0f2aab4f32ce3121449b88":"b6e6c078e6869df156faa9ac32f057c3":"6ebc75fc9304f2b139abc7d3f68b253228009c503a08b7be77852da9e1afbe72c9ab374740b0dc391fa4d7e17de6a0aa08c69e6f5c5f05411e71e70c69dfbcf693df84c30f7a8e6c7949ea1e734297c0ea3df9b7e905faa6bbdcaf1ff2625a39363308331d74892cf531cb3f6d7db31bbe9a039fca87100367747024f68c5b77":"b63ec4d28854b7fe2d4d13973f5bcb16f78494ce25cc2820de9d0dc1d8d91db1f19bc9e01cee8418c9e88a69b2f30cdbb0dbdbb50be71e1e666c111c126f2b7197c02f69a1b2ec5e1bf4062b2d0b22fb0fa1585b4e6286b29f6ac98d1b1319dd99851fa6921607077d2947140fdeeea145b56ea7b6af276c9f65393bc43ede33":"94c1b9b70f9c48e7efd40ecab320c2d3":"":"56a0ac94f3ec7be2608154f779c434ee96db5ed4f5a6e1acfb32361ce04e16e1337be5978df06d7c4f6012385fb9d45bb397dc00f165883714b4a5b2f72f69c018ffa6d4420ad1b772e94575f035ad203be3d34b5b789a99389f295b43f004de3daaef7fa918712d3a23ca44329595e08da190e3678bc6ad9b500b9f885abe23":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"b56f0c980acf7875cf7f27d53ad4a276adc126d0b93a5774ac4277eecad4309e":"b004c049decfb43d6f3ec13c56f839ef":"b2045b97fbb52a5fc6ff03d74e59dd696f3f442c0b555add8e6d111f835df420f45e970c4b32a84f0c45ba3710b5cd574001862b073efa5c9c4bd50127b2ce72d2c736c5e2723956da5a0acb82041a609386d07b50551c1d1fa4678886bac54b0bd080cc5ef607dca2a0d6a1e71f0e3833678bf8560bc059dae370ec94d43af6":"2c94299e36b7c4a825ecbc5a7809061e0a6761764a5a655ffdb0c20e5c3fcb10f4e93c68aa0a38c2acc5d06f2b7c4ff4fcf814b551bfefa248dbe06a09a0f153213538a31fa7cf7d646b5b53908d8978f514c9c4d6d66f2b3738024b5f9c3fd86b6da0c818203183f4205f186ea44a54edb911b1a17c424c95852c8d271b2e93":"fce7234f7f76b5d502fd2b96fc9b1ce7":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,128) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"1c5027c36e6caa1b3e5e45fead32b5e3126ac41f106c491b0b3a7c16502f4fe6":"3ee660f03858669e557e3effdd7df6bd":"93e803c79de6ad652def62cf3cd34f9addc9dd1774967a0f69e1d28361eb2cacc177c63c07657389ce23bbe65d73e0460946d31be495424655c7724eac044cafafe1540fcbd4218921367054e43e3d21e0fa6a0da9f8b20c5cdbd019c944a2d2ee6aa6760ee1131e58fec9da30790f5a873e792098a82ddf18c3813611d9242a":"58f0ceaa31c0025d2e6bb58720cce4b64f5f6c657c847ae42936eb1e343fea397c8a8cf2f5ef02ffaec25f431900dcb0910cf32cea9eca3b78aed1c451c7af51066489f87b2a5f8cf28d6fdb6ce49d898b6167b590a3907be7618be11fb0922a3cfd18e73efef19e5cdc250fa33f61e3940c6482ae35f339e8c0a85a17379a4e":"ac33f5ffca9df4efc09271ff7a4f58e2":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"34c3019810d72b5e584f0758f2f5888a42729a33610aafa9824badade4136bbd":"f315ea36c17fc57dab3a2737d687cd4f":"f33c5a3a9e546ad5b35e4febf2ae557ca767b55d93bb3c1cf62d862d112dbd26f8fe2a3f54d347c1bc30029e55118bab2662b99b984b8b8e2d76831f94e48587de2709e32f16c26695f07e654b703eba6428f30070e23ed40b61d04dd1430e33c629117d945d9c0e4d36c79a8b8ab555d85083a898e7e7fbeb64a45cc3511d99":"22deef66cbb7db240c399b6c83407f090d6999ba25e560b2087fed0467904bb5c40cbaa05b8bf0ff5a77c53fa229478d8e0736414daf9c420417c391c9a523fd85954533f1304d81359bdcc2c4ac90d9f5f8a67a517d7f05ba0409b718159baf11cd9154e815d5745179beb59954a45a8676a375d5af7fae4d0da05c4ea91a13":"0bae9403888efb4d8ec97df604cd5d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"29397d98fc5a7f04b5c8b6aa3a1dd975b6e4678457ae7f0691eee40b5397503a":"885543a45fd1163e34ef9276145b0f8c":"d88beaa0664bcef178cbdbfab17ff526b5c0f8ad9543c6a312d93c336707fbf87c0448b07a550580953279f552f368225cc6971f1eecc718d6aad1729c8d8873081357752bd09d77075fa680cb2dc4139171e4a0aaa50b28c262c14fd10b8d799ca1c6641bb7dfdfdf3dea69aa2b9e4e4726dc18b0784afa4228e5ccb1eb2422":"0bbf1079cb5569c32257bc7e52371db46f3961b457402b816588243b4523543430d5ca56b52de6632724c51e6c3af310b28822c749a12bdd58dee58bbc3266631562a998ec3acdc8a2567a9f07f7f9759c3f50b1d1dcdd529256b80c0d227fc1fe8b58c62d1c643f1ac2996809fd061afcf4a9af184c14db9e63ec885c49de61":"7b334d7af54b916821f6136e977a1f":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,120) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"7555dfcf354da07fd70f951d94ec1d86a635edfdb7929460207b2a39cc0cf4a3":"e1b30b6a47e8c21228e41a21b1a004f0":"bf986d3842378440f8924bb7f117d1a86888a666915a93ba65d486d14c580501e736d3418cebee572439318b21b6e4e504a7b075b8c2300c014e87e04fa842b6a2a3ebd9e6134b9ddd78e0a696223b1dc775f3288a6a9569c64b4d8fc5e04f2047c70115f692d2c2cefe7488de42ff862d7c0f542e58d69f0f8c9bf67ef48aea":"a1351cfffd1b0cbf80c3318cc432d3238cb647e996b7b53c527783594683f535950cd08788687c77226b2d3f095955884adc2e475ca1e1eab04e37d5e901ae8934a9d3a0cb37b80612ca25d989856dfa7607b03039b64d7dcd468204f03e0f2c55cb41c5367c56ca6c561425992b40e2d4f380b3d8419f681e88ebe2d4bdad36":"d8ef5438b7cf5dc11209a635ce1095":"":"95e8db7c8ecab8a60ceb49726153a7c5553cf571bc40515944d833485e19bf33cb954e2555943778040165a6cfffecef79eb7d82fef5a2f136f004bb5e7c35ae827fac3da292a185b5b8fc262012c05caeda5453ede3303cfeb0c890db1facadaa2895bdbb33265ada0bb46030607b6cf94f86961178e2e2deeb53c63900f1ec":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"bbeafe86c72ab0354b733b69b09e4d3462feb1658fe404004d81503f3a6e132f":"ee1caba93cb549054ca29715a536393e":"e44b0e0d275ae7c38a7dc2f768e899c1c11a4c4cb5b5bd25cd2132e3ecbaa5a63654312603e1c5b393c0ce6253c55986ee45bb1daac78a26749d88928f9b9908690fc148a656b78e3595319432763efbcf6957c9b2150ccabfd4833d0dcee01758c5efb47321a948b379a2ec0abcd6b6cbf41a8883f0f5d5bf7b240cb35f0777":"a033c2051e425d01d97d563572e42c5113860e5dedcd24c76e3e357559ba3250f1fc5d4a931a9d0900ac025400f0158621f0b1215b2907467bfc874bcabbb28e28de81fe1ee5b79985261c512afec2327c8c5957df90c9eb77950de4a4860b57a9e6e145ea15eb52da63f217f94a5c8e5fcb5d361b86e0e67637a450cdbcb06f":"a4809e072f93deb7b77c52427095":"":"e62adf9bbd92dd03cc5250251691f724c6ece1cb89d8c4daf31cc732a5420f6bedab71aab0238ba23bd7165ed1f692561ef457fd1d47413949405b6fc8e17922b17026d89d5830b383546ea516a56f3a1c45ec1251583ae880fa8985bd3dcc1d6a57b746971937bf370e76482238cc08c2c3b13258151e0a6475cc017f8a3d0e":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"6ad06c88dd4f3becf35eed95bb859be2406a1803a66e4332a74c5f75c09b9a01":"07d8b4a6e77aef9018828b61e0fdf2a4":"cca1fd0278045dda80b847f0975b6cbf31e1910d2c99b4eb78c360d89133a1c52e66c5c3801824afc1f079d2b2b1c827199e83f680e59b9a7de9b15fa7b6848b5bf4e16a12ac1af4cf2b4d7bb45673c5e1241e9996440860a9204fc27cae46a991607bc5e7120d6c115ddcbdd02c022b262602139081e61eee4aba7193f13992":"2219c11672884b93d0290b6a7140feafe416461f1cdaf0b3aa64693d7db2eb10feae46aac7af549fa1b0abc78c11f8df7ee803ef70310fc3e67769f8b4bc64f81143a6ebf8bee9d386a8ede5d2cc0ed17985a3b7bb95191ef55e684690ccdc5ca504bc6eb28442b353861a034a43532c025f666e80be967a6b05b9dd3a91ff58":"e3ede170386e76321a575c095966":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,112) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"87bbf7c15689e8c99a5a32a8ba0dfebcfe1989159807428cdd1f382c3ea95178":"2f19aa1f3a82a7398706953f01739da7":"590dbd230854aa2b5ac19fc3dc9453e5bb9637e47d97b92486a599bdafdfb27c3852e3d06a91429bb820eb12a5318ed8861ffe87d659c462ef167be22604facfa3afb601b2167989b9e3b2e5b59e7d07fda27ffccd450869d528410b0aff468f70cc10ef6723a74af6eebc1572c123a9b5a9aab748a31fa764716d3293ff5de7":"b77d3bf3b30b3e6e5c86cbfb7e5455f6480f423cc76834b4663d28d9f1eb5c40212634e3347668427f7848352ab789886f96682a568260bdaeb7de0aae2af36f5ae04f06c332b158d923706c1c6255c673feeadb6d30bfc901e60b92acd9ddd83ef98686c4d492f4a60e97af2541d470a6a6b21903441020ea7619cf28a06986":"5c43fc4dc959fabeebb188dbf3a5":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"24095a66b6eb0320ca75e2ab78e8496a45f4b000fc43436904c3e386fb852ed2":"0955c1f0e271edca279e016074886f60":"f5160c75c449e6bb971e73b7d04ab9b9a85879f6eb2d67354af94a4f0ca339c0a03a5b9ede87a4ff6823b698113a38ae5327e6878c3ccc0e36d74fe07aa51c027c3b334812862bc660178f5d0f3e764c0b828a5e3f2e7d7a1185b7e79828304a7ad3ddcd724305484177e66f4f81e66afdc5bbee0ec174bff5eb3719482bd2d8":"4690edc843e23d9d9b9a4dab8fa8193f8bf03897d3d29759e9dc9e0f8a970c0f5d4399b9f60461fe5cf439f9b0d54bbc075695e4d76b76298cc2b75bb3e0b516ee9ada93f77c4c002ba9fd163a1e4b377befb76c1e5ab8b3901f214c0a4c48bd2aa2f33560d46e2721a060d4671dc97633ff9bcd703bb0fbed9a4a2c259b53f3":"75a31347598f09fceeea6736fe":"":"0dd2dca260325967267667ff3ccdc6d6b35648821a42090abba46282869bac4bdc20a8bee024bea18a07396c38dbb45d9481fedcc423a3928cfa78a2f0ae8eedb062add810bdbee77ddc26c29e4f9fda1ab336d04ef42947b05fbdb9bc4df79e37af951d19d6bf5e5cb34eef898f23642a9c4a9111ed0b7a08abeeefbbd45c23":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"086b77b5731f971f0bf5b8227361b216746daf8b08c583ad38f114a64aa7877b":"164058e5e425f9da40d22c9098a16204":"6633eae08a1df85f2d36e162f2d7ddd92b0c56b7477f3c6cdb9919d0e4b1e54ea7635c202dcf52d1c688afbbb15552adda32b4cd30aa462b367f02ded02e0d64eeee2a6b95462b191784143c25607fd08a23a2fbc75cf6bee294daf2042587fdd8fe3d22c3a242c624cf0a51a7c14db4f0f766ec437de4c83b64f23706a24437":"629317212ff8bd8a7676e4c00b81a9577de6397c832f99ac974fa2bbbccb6e3b8aa776db6922eed0b014bf3923799da7d9d0854c8817470e1e2f7fc7a572f9d0316ee60cde7ef025d59b897d29a6fee721aeb2f7bb44f9afb471e8a7b0b43a39b5497a3b4d6beb4b511f0cefa12ce5e6d843609d3e06999acfbee50a22ca1eee":"2eb6eb6d516ed4cf1778b4e378":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,104) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"0f9e806b0d937268561c0eafbbdd14ec715b7e9cef4118d6eb28abbb91266745":"8657996634e74d4689f292645f103a2e":"2ca253355e893e58cb1a900fbb62d61595de5c4186dc8a9129da3657a92b4a631bbdc3d5f86395385a9aa8557b67f886e3bb807620e558c93aea8e65826eadeb21544418ee40f5420c2d2b8270491be6fc2dcbfd12847fa350910dd615e9a1881bc2ced3b0ac3bde445b735e43c0c84f9d120ca5edd655779fc13c6f88b484f7":"2ae4baef22ace26f464a9b0c75802303f2d7c0f9a1ed1d0180135189765bdd347fea0cc2b73ee7fbbf95ea1fda22597b8aad826f63e744069a9c349488b2cc1cf9372f423cc650302082125724730ae5a4d878e07385ddc99034c6b6b46748f02c80b179fe6406b1d33581950cb9bcd1d1ea1ec7b5becfd6c1f5b279412c433a":"83155ebb1a42112dd1c474f37b":"":"87d69fc3cbc757b2b57b180c6ba34db4e20dde19976bfb3d274d32e7cea13f0c7d9e840d59ce857718c985763b7639e448516ddbbda559457cd8cb364fa99addd5ba44ef45c11060d9be82b4ebe1f0711ac95433074649b6c08eeab539fdfc99c77498b420427e4d70e316111845793de1f67fb0d04e3389a8862f46f4582dc8":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c24c17911f6db4b3e37c46bcc6fa35efc1a55f7754f0bb99f2eea93398116447":"5098cc52a69ee044197e2c000c2d4ab8":"9ad4dee311d854925fc7f10eca4f5dd4e6990cb2d4325da2ef25a9a23690f5c5590be285d33aaeba76506c59edec64b8c3ff8e62716d1c385fbce2a42bc7bd5d8e8584de1944543ab6f340c20911f8b7b3be1a1db18a4bb94119333339de95815cae09365b016edc184e11f3c5b851f1fa92b1b63cfa3872a127109c1294b677":"0bd92cb106867e25ad427ff6e5f384d2d0f432fc389852187fcc7b0bf9f6d11a102a872b99ed1ad9a05dab0f79fa634745535efed804ff42b0af8dad20ba44709391fb263f245e5a2c52d9ce904179633282f57a1229b0a9c4557a5c0aeda29bbc5a7a871fa8b62d58100c3722c21e51e3b3e913185235526e7a5a91c559717d":"f7930e3fab74a91cb6543e72":"":"6124ede608d416baa5e653a898ca76e9f47f08403c1984feec112e670ded2226e0073f8881ab2161cfda541dccae19691285f7391a729f07aba18f340bb452c1da39cbe83cf476cfc105b64187e0d2227dd283dcba8b6a350f9956b18861fa131d3f00c034443e8f60e0fdfcfaabbed93381ae374a8bf66523d33646183e1379":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"d267a8379260036ff3d1ec07a7b086ff75706bad12d37d9656f04776f3d8b85c":"674dc34e8c74c51fa42aacd625a1bd5b":"6a9a8af732ae96d0b5a9730ad792e296150d59770a20a3fdbbc2a3a035a88ac445d64f37d684e22003c214b771c1995719da72f3ed24a96618284dd414f0cac364640b23c680dc80492a435c8ec10add53b0d9e3374f1cf5bfc663e3528fa2f6209846421ea6f481b7ecf57714f7bc2527edc4e0466b13e750dd4d4c0cc0cdfc":"80c68a330ef50e3e516681f1e535868b03466e7edbb86cb385d01db487da3dd3edad940fdc98d918b7db9b59f8d61369eee2928c88557306c4a13e366af0708d94cb90a15f1c3bc45544bdb05ff964da5e06c5ae965f20adb504620aed7bce2e82f4e408d00219c15ef85fae1ff13fea53deb78afa5f2a50edbd622446e4a894":"bea660e963b08fc657741bc8":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,96) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"c86cb637753010f639fa3aa3bff7c28b74f012ad6090f2a31b0801d086f183ad":"87ff6e0bb313502fedf3d2696bff99b5":"2816f1132724f42e40deabab25e325b282f8c615a79e0c98c00d488ee56237537240234966565e46bfb0c50f2b10366d1589620e6e78bd90ade24d38a272f3fff53c09466aa2d3ef793d7f814a064b713821850a6e6a058f5139a1088347a9fa0f54e38abd51ddfc7ef040bf41d188f3f86c973551ced019812c1fc668649621":"6b7858557e0fd0f957842fb30e8d54dedbc127eb4bbf9de319f731fa28a606df2c046a0bce8ecda4e75d3596e4e988efd6bc279aa005bc52fad92ba07f5b1dfda4cc417029f9778c88d6fe5341a0fd48893dcb7c68d0df310a060f2a5235aee422d380f7209bc0909b2aa7e876044056f0b915dab0bc13cbea5a3b86d40ca802":"7859f047f32b51833333accf":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2c31ca0cac3efe467168198f06beacf39565a6f57f82e1048a5c06a231315882":"95cae6e85f33f3043182460589be3639":"67523751a9b1b643d00de4511b55e4268cb2d18e79e01a55fc7b677d529bd6400940fb25ea6ae135c1a816e61b69e90b966981aeda685934b107066e1467db78973492ad791e20aef430db3a047447141def8be6e6a9a15089607c3af9368cdb11b7b5fbf90691505d0c33664766945d387904e7089b915a3c28886ba1763bb5":"65261d6e29b2369b1828a7cef2df9873d6e6057c499301afedd6cb65b5036ddb95f9e353fbf38e54c4f46f88164325b33620ce183beb2e411fbb89a0e0002e542fc161cad32a61ee6f1e1717e0b4dcd0340b116f795bc1009dbbc65bc31c9b549bf03c40bc204cd0d02ec884be907777ebeed8b527ec3af7cbb508193c0745de":"21309d0351cac45e":"":"1d5f2cb921f54aeb552b4304142facd49497837deb1f00d26fbeddbab922fd80b00dba782961f8fce84f1f7973e81eed6ee168b1760c575c891f40a1dae0fa1a08738025d13ef6e0b30be4f054d874f1b8a2427a19ebb071d98365c32316a88a68c2b40daf1ea831a64519ac3679acb4e04986ecc614ec673c498c6fee459e40":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca9fa36ca2159dff9723f6cfdb13280446eb6bc3688043c7e2e2504184791596":"d13ca73365e57114fc698ee60ba0ad84":"2aa510b7f1620bfce90080e0e25f5468dbc5314b50914e793b5278369c51ac017eace9fd15127fca5a726ad9e67bdee5af298988d9a57ec4bbc43d4eb849535eb10521ac7cd7ed647479a42876af2ebc9e2108b539febdaa9127c49bda1bda800f6034050b8576e944311dfbca59d64d259571b6d2ed5b2fc07127239b03f4b7":"ac04c4293554cd832aa400c811cb202d815d6178aa1343b4628592b7f3ae45dc5f12ea47be4b43e1865f40b06ab67b3a9fb3644248a9b3efe131a8addb7447978bb51ccf749e75574fea60e8781677200af023b2f8c415f4e6d8c575a9e374916d9ec3a612b16e37beb589444b588e0b770d9f8e818ad83f83aa4ecf386d17a7":"2111d55d96a4d84d":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,64) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"2f802e838250064c15fdee28d7bd4872850355870847701ad9742b2d6eb4b0c0":"2dd550cfd97f8e1d8d31ba5537ae4710":"72b9630dda40306e785b961934c56e20948f8eac0e981f49787eb3dbd6e4607f7d08d10ca643746bf1efa7e5066993683d527a90f2d45ec9cf73113f1f17bb67958be669acd4e2927f1dacfde902cd3048056d7f6dfdd8630ff054efce4526db7c9321d6d2be2236f4d60e27b89d8ec94f65a06dc0953c8c4533a51b6a29bd2c":"e2ca8c8d172ff90232879f510d1225af91bc323bdf636363c2903fcd1790692c8bcb03a1cccb18814678852c6b3a441552e541b843ee5e4f86a152fa73d05aea659fe08aa6428bb257eaa2a7b579fdc4022c1dec359a854253c1aefc983c5ede8c97517ea69fc4606e25f13ffb0f5f49160691454fbb74e704326738353525f7":"bd6c8823c9005c85":"":"f6dd0b5f3d1a393a1837112962dba175a13c2d1e525ef95734caf34949d8b2d63b4fe5603226b5f632f2d7f927361ba639dc0e3c63414f45462342695916d5792133b4a24c7c4cbe2b97c712bf27ab62d3d68b3875d58ffe4b7c30a8171bff1a9e2f3995768faacda2ea9213ff35798b9e4513f6a87bd3f5a9d93e847e768359":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #0
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"84dd53ce0146cb71c32776033bb243098d78a22ac17f52a62a122f5653fb4e33":"f0c90a1bca52f30fab3670df0d3beab0":"a3ea8032f36a5ca3d7a1088fd08ac50ae6bdc06ad3a534b773ac3e3d4a3d524499e56274a0062c58c3b0685cc850f4725e5c221af8f51c6df2bbd5fbcff4a93ba4c1054f7f9c67fd9285511a08d328d76a642f067227d378f95a1e67587b90251f9103ed3cacdb6bf69e0794e366d8b92d8de37b4e028de0778841f356ac044d":"68222bffa782dcfe4f328fc20eb520e75a9a5fedbe13ec7fcf0e82fba08bb87a8a8e02902638e32fe0e2294344b380797f8028426ffcc0531c739c884892394c48ff0779c5f5edf0a36a3fb8aa91213347774ec4bf0fe1049bd53746b13beef3c637169826c367056cb1aa0a3868e23f886a9c7b8015c26af9e40794662f6b21":"b1ece9fb":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #1
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9bb36fe25e966a075ae2c3bb43b5877679ebc379d5123c8eda3fa0e30b95cae0":"59869df4ef5754b406478a2fb608ee99":"ecd125682e8a8e26757c888b0c8b95dec5e7ed7ac991768f93e8af5bcf6f21ed4d4d38699ee7984ed13635fff72f938150157c9a27fcda121ffced7b492d2b18dad299cb6495ed5f68441aefc8219d2cf717d15d5cd2dbce4606fcf90fe45f3601127cf6acee210bd7df97309f773974a35bef1d33df984101c2fc9d4b55259e":"fb3a4be643c10343251c6f0745aaa54349463f622ca04a792e9b4780866844b30aeef3269fc60cac0ea031c5f3780b535e15154f7c76eb4a371b8ae368550f3fa2ce693c34511ec96b839cac567f1b0de0e7e3116d729b45d1b16e453703a43db73f5d0c3e430f16b142420b5f0d26d72ac3dba543d7d813603b0bfdca3dd63e":"cb3f5338":"FAIL":"":1
+
+AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #2
+depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"":1
\ No newline at end of file

From 4ee7e76378a7ee3e62f1bde1cdf868589926de17 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Sat, 17 Nov 2018 22:00:38 +0000
Subject: [PATCH 758/889] Check support for cipher in
 mbedtls_cipher_setup_psa()

mbedtls_cipher_setup_psa() should return
MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE when the requested
cipher is not supported by PSA, so that the caller can
try the original mbedtls_cipher_setup() instead.

The previous version of mbedtls_cipher_setup_psa(), however,
only attempted to translate the cipher mode (GCM, CCM, CBC,
ChaChaPoly, Stream), but didn't consider the underlying
cipher primitive. Hence, it wouldn't fail when attempting
to setup a cipher context for, say, 3DES-CBC, where CBC
is currently supported by PSA but 3DES isn't.

This commit adds a check to mbedtls_cipher_setup_psa()
for whether the requested cipher primitive is available
in the underlying PSA Crypto implementation, and fails
cleanly with MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE if
it is isn't.
---
 library/cipher.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/library/cipher.c b/library/cipher.c
index c03b0528c..e9a1a07a0 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -243,8 +243,12 @@ int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
     if( NULL == cipher_info || NULL == ctx )
         return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 
+    /* Check that the underlying cipher mode and cipher type are
+     * supported by the underlying PSA Crypto implementation. */
     alg = mbedtls_psa_translate_cipher_mode( cipher_info->mode, taglen );
-    if( alg == 0)
+    if( alg == 0 )
+        return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
+    if( mbedtls_psa_translate_cipher_type( cipher_info->type ) == 0 )
         return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
 
     memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );

From 190865523191330955cf12f6e47620a3a1033fbf Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Sat, 17 Nov 2018 22:11:16 +0000
Subject: [PATCH 759/889] Use enum for slot state in PSA-based cipher context

---
 include/mbedtls/cipher_internal.h | 20 ++++++++++++++++----
 library/cipher.c                  |  8 +++++---
 2 files changed, 21 insertions(+), 7 deletions(-)

diff --git a/include/mbedtls/cipher_internal.h b/include/mbedtls/cipher_internal.h
index f1f0e2bde..cecad9a8d 100644
--- a/include/mbedtls/cipher_internal.h
+++ b/include/mbedtls/cipher_internal.h
@@ -119,14 +119,26 @@ typedef struct
 } mbedtls_cipher_definition_t;
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
+typedef enum
+{
+    MBEDTLS_CIPHER_PSA_KEY_UNSET = 0,
+    MBEDTLS_CIPHER_PSA_KEY_OWNED, /* Used for PSA-based cipher contexts
+                                   * which use raw key material internally
+                                   * imported into a freshly allocated key slot,
+                                   * and which hence need to destroy that key
+                                   * slot when they are no longer needed. */
+    MBEDTLS_CIPHER_PSA_KEY_NOT_OWNED, /* Used for PSA-based cipher contexts
+                                       * which use a key from a key slot
+                                       * provided by the user, and which hence
+                                       * should not be destroyed when the
+                                       * context is no longer needed. */
+} mbedtls_cipher_psa_key_ownership;
+
 typedef struct
 {
     psa_algorithm_t alg;
     psa_key_slot_t slot;
-    unsigned char slot_state; /*!< 0: The slot is unset.
-                               *   1: The slot is set and we own it.
-                               *   2: The slot is set but we don't own it. */
-
+    mbedtls_cipher_psa_key_ownership slot_state;
 } mbedtls_cipher_context_psa;
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
diff --git a/library/cipher.c b/library/cipher.c
index e9a1a07a0..95146ac63 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -175,7 +175,7 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx )
             mbedtls_cipher_context_psa * const cipher_psa =
                 (mbedtls_cipher_context_psa *) ctx->cipher_ctx;
 
-            if( cipher_psa->slot_state == 1 )
+            if( cipher_psa->slot_state == MBEDTLS_CIPHER_PSA_KEY_OWNED )
             {
                 /* xxx_free() doesn't allow to return failures. */
                 (void) psa_destroy_key( cipher_psa->slot );
@@ -299,14 +299,16 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
             return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 
         /* Don't allow keys to be set multiple times. */
-        if( cipher_psa->slot_state != 0 )
+        if( cipher_psa->slot_state != MBEDTLS_CIPHER_PSA_KEY_UNSET )
             return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
 
         /* Find a fresh key slot to use. */
         status = mbedtls_psa_get_free_key_slot( &cipher_psa->slot );
         if( status != PSA_SUCCESS )
             return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
-        cipher_psa->slot_state = 1; /* Indicate that we own the key slot. */
+         /* Indicate that we own the key slot and need to
+          * destroy it in mbedtls_cipher_free(). */
+        cipher_psa->slot_state = MBEDTLS_CIPHER_PSA_KEY_OWNED;
 
         /* From that point on, the responsibility for destroying the
          * key slot is on mbedtls_cipher_free(). This includes the case

From fea491545922d2ff6a74977112102a9afc8c01ef Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Sat, 17 Nov 2018 22:15:20 +0000
Subject: [PATCH 760/889] Minor rewording in documentation of PSA-based cipher
 context

---
 include/mbedtls/cipher.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index eff12f687..1d68b12ef 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -326,8 +326,8 @@ typedef struct mbedtls_cipher_context_t
     /** Indicates whether the cipher operations should be performed
      *  by Mbed TLS' own crypto library or an external implementation
      *  of the PSA Crypto API.
-     *  This is unset if the cipher context is setup through
-     *  mbedtls_cipher_setup(), and set if it is setup through
+     *  This is unset if the cipher context is established through
+     *  mbedtls_cipher_setup(), and set if it is established through
      *  mbedtls_cipher_setup_psa().
      */
     unsigned char psa_enabled;

From 91cb605032f776266651e90920ea9d02fbc9a085 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 19 Nov 2018 13:47:15 +0000
Subject: [PATCH 761/889] Add missing newline at the end of
 test_suite_cipher.gcm.data

---
 tests/suites/test_suite_cipher.gcm.data | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_cipher.gcm.data b/tests/suites/test_suite_cipher.gcm.data
index cf90336a5..03d08ce32 100644
--- a/tests/suites/test_suite_cipher.gcm.data
+++ b/tests/suites/test_suite_cipher.gcm.data
@@ -4732,4 +4732,4 @@ auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"9bb36fe25e966a075ae2c3bb43b5877679ebc3
 
 AES-GCM NIST Validation PSA (AES-256,128,1024,1024,32) #2
 depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_AES_C
-auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"":1
\ No newline at end of file
+auth_crypt_tv:MBEDTLS_CIPHER_AES_256_GCM:"ca264e7caecad56ee31c8bf8dde9592f753a6299e76c60ac1e93cff3b3de8ce9":"4763a4e37b806a5f4510f69fd8c63571":"07daeba37a66ebe15f3d6451d1176f3a7107a302da6966680c425377e621fd71610d1fc9c95122da5bf85f83b24c4b783b1dcd6b508d41e22c09b5c43693d072869601fc7e3f5a51dbd3bc6508e8d095b9130fb6a7f2a043f3a432e7ce68b7de06c1379e6bab5a1a48823b76762051b4e707ddc3201eb36456e3862425cb011a":"8d03cf6fac31182ad3e6f32e4c823e3b421aef786d5651afafbf70ef14c00524ab814bc421b1d4181b4d3d82d6ae4e8032e43a6c4e0691184425b37320798f865c88b9b306466311d79e3e42076837474c37c9f6336ed777f05f70b0c7d72bd4348a4cd754d0f0c3e4587f9a18313ea2d2bace502a24ea417d3041b709a0471f":"3105dddb":"FAIL":"":1

From 9de97d7773d98fd57eab08c0b03a14fa9ee9b2c7 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Mon, 19 Nov 2018 14:05:48 +0000
Subject: [PATCH 762/889] Don't use multiline comments in enums to silence
 check-names.sh

The sanity checking script tests/scripts/check-names.sh uses a
simple state machine paired with a sequence of `sed` commands to
extract enumeration constants from the code. This code, however,
doesn't work properly when using multiline comments in enumerations
such as recently done in the constants MBEDTLS_CIPHER_PSA_KEY_XXX.

This commit doesn't attempt to make check-names.sh more robust
but instead uses /* ... */ comment indicators in each comment line,
while silences check-names.sh.

Increasing the robustness of check-names.sh is instead tracked
in #2210.
---
 include/mbedtls/cipher_internal.h | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/include/mbedtls/cipher_internal.h b/include/mbedtls/cipher_internal.h
index cecad9a8d..6687b362d 100644
--- a/include/mbedtls/cipher_internal.h
+++ b/include/mbedtls/cipher_internal.h
@@ -122,16 +122,16 @@ typedef struct
 typedef enum
 {
     MBEDTLS_CIPHER_PSA_KEY_UNSET = 0,
-    MBEDTLS_CIPHER_PSA_KEY_OWNED, /* Used for PSA-based cipher contexts
-                                   * which use raw key material internally
-                                   * imported into a freshly allocated key slot,
-                                   * and which hence need to destroy that key
-                                   * slot when they are no longer needed. */
-    MBEDTLS_CIPHER_PSA_KEY_NOT_OWNED, /* Used for PSA-based cipher contexts
-                                       * which use a key from a key slot
-                                       * provided by the user, and which hence
-                                       * should not be destroyed when the
-                                       * context is no longer needed. */
+    MBEDTLS_CIPHER_PSA_KEY_OWNED, /* Used for PSA-based cipher contexts which */
+                                  /* use raw key material internally imported */
+                                  /* into a allocated key slot, and which     */
+                                  /* hence need to destroy that key slot      */
+                                  /* when they are no longer needed.          */
+    MBEDTLS_CIPHER_PSA_KEY_NOT_OWNED, /* Used for PSA-based cipher contexts   */
+                                      /* which use a key from a key slot      */
+                                      /* provided by the user, and which      */
+                                      /* hence should not be destroyed when   */
+                                      /* the context is no longer needed.     */
 } mbedtls_cipher_psa_key_ownership;
 
 typedef struct

From 7b056296419d23fd5cc59c98d600615a54813466 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 20 Nov 2018 11:34:03 +0000
Subject: [PATCH 763/889] Return 'Feature unavailable' error for ciphers
 unsupported by PSA

---
 library/cipher.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/cipher.c b/library/cipher.c
index 95146ac63..1cc0beb28 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -333,7 +333,7 @@ int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
         key_type = mbedtls_psa_translate_cipher_type(
             ctx->cipher_info->type );
         if( key_type == 0 )
-            return( MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED );
+            return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
         status = psa_import_key( cipher_psa->slot,
                                  key_type, key, key_bytelen );
         if( status != PSA_SUCCESS )

From 432084d3f82118f6b77063327c4ba30e7b8143df Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 20 Nov 2018 11:34:34 +0000
Subject: [PATCH 764/889] Improve doc wording of PSA status field of
 mbedtls_cipher_context_t

---
 include/mbedtls/cipher.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index 1d68b12ef..d6ecac652 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -326,8 +326,8 @@ typedef struct mbedtls_cipher_context_t
     /** Indicates whether the cipher operations should be performed
      *  by Mbed TLS' own crypto library or an external implementation
      *  of the PSA Crypto API.
-     *  This is unset if the cipher context is established through
-     *  mbedtls_cipher_setup(), and set if it is established through
+     *  This is unset if the cipher context was established through
+     *  mbedtls_cipher_setup(), and set if it was established through
      *  mbedtls_cipher_setup_psa().
      */
     unsigned char psa_enabled;

From be3ffba33db8eec8e61d661bd2d33460455b8e41 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 16 Nov 2018 15:21:18 +0000
Subject: [PATCH 765/889] Setup PSA-based cipher context in
 mbedtls_ssl_derive_keys()

This commit changes the code path in mbedtls_ssl_derive_keys()
responsible for setting up record protection cipher contexts
to attempt to use the new API mbedtls_cipher_setup_psa() in
case MBEDTLS_USE_PSA_CRYPTO is set.

For that, the AEAD tag length must be provided, which is already
computed earlier in mbedtls_ssl_derive_keys() and only needs to be
stored a function scope to be available for mbedtls_cipher_setup_psa().

If mbedtls_cipher_setup_psa() fails cleanly indicating that the
requested cipher is not supported in PSA, we fall through to
the default setup using mbedtls_cipher_setup(). However, we print
a debug message in this case, to allow catching the fallthrough in
tests where we know we're using a cipher which should be supported
by PSA.
---
 library/ssl_tls.c | 36 +++++++++++++++++++++++++++++++++++-
 1 file changed, 35 insertions(+), 1 deletion(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 82e65251f..acfb3de82 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -618,6 +618,7 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
     unsigned char *mac_dec;
     size_t mac_key_len;
     size_t iv_copy_len;
+    size_t taglen = 0;
     const mbedtls_cipher_info_t *cipher_info;
     const mbedtls_md_info_t *md_info;
 
@@ -810,7 +811,7 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
         cipher_info->mode == MBEDTLS_MODE_CCM ||
         cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY )
     {
-        size_t taglen, explicit_ivlen;
+        size_t explicit_ivlen;
 
         transform->maclen = 0;
         mac_key_len = 0;
@@ -1030,6 +1031,22 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
     }
 #endif
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_enc,
+                                    cipher_info, taglen );
+    if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret );
+        return( ret );
+    }
+
+    if( ret == 0 )
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Successfully setup PSA-based encryption cipher context" ) );
+    else
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record encryption - fall through to default setup." ) );
+
+    if( ret != 0 )
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
     if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc,
                                  cipher_info ) ) != 0 )
     {
@@ -1037,6 +1054,23 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
         return( ret );
     }
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_dec,
+                                    cipher_info, taglen );
+
+    if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
+    {
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret );
+        return( ret );
+    }
+
+    if( ret == 0 )
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Successfully setup PSA-based decryption cipher context" ) );
+    else
+        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record decryption - fall through to default setup." ) );
+
+    if( ret != 0 )
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
     if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_dec,
                                  cipher_info ) ) != 0 )
     {

From 2dd04907e2dd6f4e403856b62eede1e7bc14efba Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 16 Nov 2018 17:27:29 +0000
Subject: [PATCH 766/889] Omit tests from ssl-opt.sh which force a disabled
 ciphersuite

---
 tests/ssl-opt.sh | 34 ++++++++++++++++++++++++++--------
 1 file changed, 26 insertions(+), 8 deletions(-)

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index ce9aee28a..2e2f4f1ab 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -185,6 +185,12 @@ requires_config_value_at_most() {
     fi
 }
 
+requires_ciphersuite_enabled() {
+    if [ -z "$($P_CLI --help | grep "$1")" ]; then
+        SKIP_NEXT="YES"
+    fi
+}
+
 # skip next test if OpenSSL doesn't support FALLBACK_SCSV
 requires_openssl_with_fallback_scsv() {
     if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then
@@ -519,14 +525,6 @@ run_test() {
         SKIP_NEXT="YES"
     fi
 
-    # should we skip?
-    if [ "X$SKIP_NEXT" = "XYES" ]; then
-        SKIP_NEXT="NO"
-        echo "SKIP"
-        SKIPS=$(( $SKIPS + 1 ))
-        return
-    fi
-
     # does this test use a proxy?
     if [ "X$1" = "X-p" ]; then
         PXY_CMD="$2"
@@ -541,6 +539,26 @@ run_test() {
     CLI_EXPECT="$3"
     shift 3
 
+    # Check if server forces ciphersuite
+    FORCE_CIPHERSUITE=$(echo "$SRV_CMD" | sed -n 's/^.*force_ciphersuite=\([a-zA-Z0-9\-]*\).*$/\1/p')
+    if [ ! -z "$FORCE_CIPHERSUITE" ]; then
+       requires_ciphersuite_enabled $FORCE_CIPHERSUITE
+    fi
+
+    # Check if client forces ciphersuite
+    FORCE_CIPHERSUITE=$(echo "$CLI_CMD" | sed -n 's/^.*force_ciphersuite=\([a-zA-Z0-9\-]*\).*$/\1/p')
+    if [ ! -z "$FORCE_CIPHERSUITE" ]; then
+       requires_ciphersuite_enabled $FORCE_CIPHERSUITE
+    fi
+
+    # should we skip?
+    if [ "X$SKIP_NEXT" = "XYES" ]; then
+        SKIP_NEXT="NO"
+        echo "SKIP"
+        SKIPS=$(( $SKIPS + 1 ))
+        return
+    fi
+
     # fix client port
     if [ -n "$PXY_CMD" ]; then
         CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$PXY_PORT/g )

From f43177d1d07e1cc013bb9583ef13a3be4f168bac Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 16 Nov 2018 17:28:40 +0000
Subject: [PATCH 767/889] Add runs for specific PSA-supported ciphersuites to
 ssl-opt.sh

So far, make sure we test the following ciphersuites
without any fallback to non-PSA ciphers:

TLS-ECDHE-ECDSA-WITH-AES-128-CCM
TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8
TLS-ECDHE-ECDSA-WITH-AES-256-CCM
TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8
TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
---
 tests/ssl-opt.sh | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 2e2f4f1ab..6b24a2978 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -752,6 +752,23 @@ run_test() {
     rm -f $SRV_OUT $CLI_OUT $PXY_OUT
 }
 
+run_test_psa() {
+    requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+    run_test    "Default, PSA ($1)" \
+                "$P_SRV debug_level=1 force_version=tls1_2" \
+                "$P_CLI debug_level=1 force_version=tls1_2 force_ciphersuite=$1" \
+                0 \
+                -c "Successfully setup PSA-based decryption cipher context" \
+                -c "Successfully setup PSA-based encryption cipher context" \
+                -s "Successfully setup PSA-based decryption cipher context" \
+                -s "Successfully setup PSA-based encryption cipher context" \
+                -C "Failed to setup PSA-based cipher context"\
+                -S "Failed to setup PSA-based cipher context"\
+                -s "Protocol is TLSv1.2" \
+                -S "error" \
+                -C "error"
+}
+
 cleanup() {
     rm -f $CLI_OUT $SRV_OUT $PXY_OUT $SESSION
     test -n "${SRV_PID:-}" && kill $SRV_PID >/dev/null 2>&1
@@ -883,6 +900,18 @@ run_test    "Default, DTLS" \
             -s "Protocol is DTLSv1.2" \
             -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256"
 
+# Test ciphersuites which we expect to be fully supported by PSA Crypto
+# and check that we don't fall back to Mbed TLS' internal crypto primitives.
+run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM
+run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8
+run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM
+run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8
+run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
+run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
+run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
+run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
+run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
+
 # Test current time in ServerHello
 requires_config_enabled MBEDTLS_HAVE_TIME
 run_test    "ServerHello contains gmt_unix_time" \

From 4724645e28edcf1dacaea515baddff8e71608420 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Sat, 17 Nov 2018 21:18:01 +0000
Subject: [PATCH 768/889] Introduce macros for constants in SSL ticket
 implementation

---
 library/ssl_ticket.c | 56 ++++++++++++++++++++++++++++++--------------
 1 file changed, 38 insertions(+), 18 deletions(-)

diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c
index 985b7cd50..6692187a0 100644
--- a/library/ssl_ticket.c
+++ b/library/ssl_ticket.c
@@ -54,6 +54,19 @@ void mbedtls_ssl_ticket_init( mbedtls_ssl_ticket_context *ctx )
 
 #define MAX_KEY_BYTES 32    /* 256 bits */
 
+#define TICKET_KEY_NAME_BYTES    4
+#define TICKET_IV_BYTES         12
+#define TICKET_CRYPT_LEN_BYTES   2
+#define TICKET_AUTH_TAG_BYTES   16
+
+#define TICKET_MIN_LEN ( TICKET_KEY_NAME_BYTES  +        \
+                         TICKET_IV_BYTES        +        \
+                         TICKET_CRYPT_LEN_BYTES +        \
+                         TICKET_AUTH_TAG_BYTES )
+#define TICKET_ADD_DATA_LEN ( TICKET_KEY_NAME_BYTES  +        \
+                              TICKET_IV_BYTES        +        \
+                              TICKET_CRYPT_LEN_BYTES )
+
 /*
  * Generate/update a key
  */
@@ -278,6 +291,7 @@ static int ssl_load_session( mbedtls_ssl_session *session,
  * The key_name, iv, and length of encrypted_state are the additional
  * authenticated data.
  */
+
 int mbedtls_ssl_ticket_write( void *p_ticket,
                               const mbedtls_ssl_session *session,
                               unsigned char *start,
@@ -289,9 +303,9 @@ int mbedtls_ssl_ticket_write( void *p_ticket,
     mbedtls_ssl_ticket_context *ctx = p_ticket;
     mbedtls_ssl_ticket_key *key;
     unsigned char *key_name = start;
-    unsigned char *iv = start + 4;
-    unsigned char *state_len_bytes = iv + 12;
-    unsigned char *state = state_len_bytes + 2;
+    unsigned char *iv = start + TICKET_KEY_NAME_BYTES;
+    unsigned char *state_len_bytes = iv + TICKET_IV_BYTES;
+    unsigned char *state = state_len_bytes + TICKET_CRYPT_LEN_BYTES;
     unsigned char *tag;
     size_t clear_len, ciph_len;
 
@@ -302,7 +316,7 @@ int mbedtls_ssl_ticket_write( void *p_ticket,
 
     /* We need at least 4 bytes for key_name, 12 for IV, 2 for len 16 for tag,
      * in addition to session itself, that will be checked when writing it. */
-    if( end - start < 4 + 12 + 2 + 16 )
+    if( end - start < TICKET_MIN_LEN )
         return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
 
 #if defined(MBEDTLS_THREADING_C)
@@ -317,9 +331,9 @@ int mbedtls_ssl_ticket_write( void *p_ticket,
 
     *ticket_lifetime = ctx->ticket_lifetime;
 
-    memcpy( key_name, key->name, 4 );
+    memcpy( key_name, key->name, TICKET_KEY_NAME_BYTES );
 
-    if( ( ret = ctx->f_rng( ctx->p_rng, iv, 12 ) ) != 0 )
+    if( ( ret = ctx->f_rng( ctx->p_rng, iv, TICKET_IV_BYTES ) ) != 0 )
         goto cleanup;
 
     /* Dump session state */
@@ -335,8 +349,11 @@ int mbedtls_ssl_ticket_write( void *p_ticket,
     /* Encrypt and authenticate */
     tag = state + clear_len;
     if( ( ret = mbedtls_cipher_auth_encrypt( &key->ctx,
-                    iv, 12, key_name, 4 + 12 + 2,
-                    state, clear_len, state, &ciph_len, tag, 16 ) ) != 0 )
+                    iv, TICKET_IV_BYTES,
+                    /* Additional data: key name, IV and length */
+                    key_name, TICKET_ADD_DATA_LEN,
+                    state, clear_len, state, &ciph_len,
+                    tag, TICKET_AUTH_TAG_BYTES ) ) != 0 )
     {
         goto cleanup;
     }
@@ -346,7 +363,7 @@ int mbedtls_ssl_ticket_write( void *p_ticket,
         goto cleanup;
     }
 
-    *tlen = 4 + 12 + 2 + 16 + ciph_len;
+    *tlen = TICKET_MIN_LEN + ciph_len;
 
 cleanup:
 #if defined(MBEDTLS_THREADING_C)
@@ -385,17 +402,16 @@ int mbedtls_ssl_ticket_parse( void *p_ticket,
     mbedtls_ssl_ticket_context *ctx = p_ticket;
     mbedtls_ssl_ticket_key *key;
     unsigned char *key_name = buf;
-    unsigned char *iv = buf + 4;
-    unsigned char *enc_len_p = iv + 12;
-    unsigned char *ticket = enc_len_p + 2;
+    unsigned char *iv = buf + TICKET_KEY_NAME_BYTES;
+    unsigned char *enc_len_p = iv + TICKET_IV_BYTES;
+    unsigned char *ticket = enc_len_p + TICKET_CRYPT_LEN_BYTES;
     unsigned char *tag;
     size_t enc_len, clear_len;
 
     if( ctx == NULL || ctx->f_rng == NULL )
         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
 
-    /* See mbedtls_ssl_ticket_write() */
-    if( len < 4 + 12 + 2 + 16 )
+    if( len < TICKET_MIN_LEN )
         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
 
 #if defined(MBEDTLS_THREADING_C)
@@ -409,7 +425,7 @@ int mbedtls_ssl_ticket_parse( void *p_ticket,
     enc_len = ( enc_len_p[0] << 8 ) | enc_len_p[1];
     tag = ticket + enc_len;
 
-    if( len != 4 + 12 + 2 + enc_len + 16 )
+    if( len != TICKET_MIN_LEN + enc_len )
     {
         ret = MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
         goto cleanup;
@@ -425,9 +441,13 @@ int mbedtls_ssl_ticket_parse( void *p_ticket,
     }
 
     /* Decrypt and authenticate */
-    if( ( ret = mbedtls_cipher_auth_decrypt( &key->ctx, iv, 12,
-                    key_name, 4 + 12 + 2, ticket, enc_len,
-                    ticket, &clear_len, tag, 16 ) ) != 0 )
+    if( ( ret = mbedtls_cipher_auth_decrypt( &key->ctx,
+                    iv, TICKET_IV_BYTES,
+                    /* Additional data: key name, IV and length */
+                    key_name, TICKET_ADD_DATA_LEN,
+                    ticket, enc_len,
+                    ticket, &clear_len,
+                    tag, TICKET_AUTH_TAG_BYTES ) ) != 0 )
     {
         if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED )
             ret = MBEDTLS_ERR_SSL_INVALID_MAC;

From 329919eadf05abc9c992d85d7e38aaf9ef9a0641 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Sat, 17 Nov 2018 21:25:59 +0000
Subject: [PATCH 769/889] Use PSA-based ciphers for SSL ticket protection

This commit modifies the default SSL ticket implementation
from `library/ssl_ticket.c` to use PSA-based cipher context
for ticket creation and parsing.

As in mbedtls_ssl_derive_keys() adapted in an earlier commit,
we allow fallback to the ordinary mbedtls_cipher_setup()
if the provided cipher is not known. We do this even though
we always call mbedtls_ssl_ticket_setup() with AES-GCM
in our own code since this function is public and might
be used with other ciphers by users.
---
 library/ssl_ticket.c | 24 ++++++++++++++++++++----
 1 file changed, 20 insertions(+), 4 deletions(-)

diff --git a/library/ssl_ticket.c b/library/ssl_ticket.c
index 6692187a0..9fc690f4c 100644
--- a/library/ssl_ticket.c
+++ b/library/ssl_ticket.c
@@ -154,11 +154,27 @@ int mbedtls_ssl_ticket_setup( mbedtls_ssl_ticket_context *ctx,
     if( cipher_info->key_bitlen > 8 * MAX_KEY_BYTES )
         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
 
-    if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) ) != 0 ||
-        ( ret = mbedtls_cipher_setup( &ctx->keys[1].ctx, cipher_info ) ) != 0 )
-    {
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    ret = mbedtls_cipher_setup_psa( &ctx->keys[0].ctx,
+                                    cipher_info, TICKET_AUTH_TAG_BYTES );
+    if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
+        return( ret );
+    /* We don't yet expect to support all ciphers through PSA,
+     * so allow fallback to ordinary mbedtls_cipher_setup(). */
+    if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    if( ( ret = mbedtls_cipher_setup( &ctx->keys[0].ctx, cipher_info ) ) != 0 )
+        return( ret );
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    ret = mbedtls_cipher_setup_psa( &ctx->keys[1].ctx,
+                                    cipher_info, TICKET_AUTH_TAG_BYTES );
+    if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
+        return( ret );
+    if( ret == MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+    if( ( ret = mbedtls_cipher_setup( &ctx->keys[1].ctx, cipher_info ) ) != 0 )
         return( ret );
-    }
 
     if( ( ret = ssl_ticket_gen_key( ctx, 0 ) ) != 0 ||
         ( ret = ssl_ticket_gen_key( ctx, 1 ) ) != 0 )

From fc20c14e76c32e6d6b10af650bdfb0b37c3d40a5 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Sat, 17 Nov 2018 22:27:38 +0000
Subject: [PATCH 770/889] Use PSA-based ciphers for record protections in
 TLS-1.2 only

Reasons:
- For the first release, we attempt to support TLS-1.2 only,
- At least TLS-1.0 is known to not work at the moment, as
  for CBC ciphersuites the code in mbedtls_ssl_decrypt_buf()
  and mbedtls_ssl_encrypt_buf() assumes that mbedtls_cipher_crypt()
  updates the structure field for the IV in the cipher context,
  which the PSA-based implementation currently doesn't.
---
 library/ssl_tls.c | 85 +++++++++++++++++++++++++++++++++++------------
 1 file changed, 64 insertions(+), 21 deletions(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index acfb3de82..e6a4222a2 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -610,6 +610,9 @@ static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *, unsigned char *
 int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
 {
     int ret = 0;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    int psa_fallthrough;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
     unsigned char tmp[64];
     unsigned char keyblk[256];
     unsigned char *key1;
@@ -1032,20 +1035,41 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
 #endif
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_enc,
-                                    cipher_info, taglen );
-    if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
+
+    /* Only use PSA-based ciphers for TLS-1.2.
+     * That's relevant at least for TLS-1.0, where
+     * we assume that mbedtls_cipher_crypt() updates
+     * the structure field for the IV, which the PSA-based
+     * implementation currently doesn't. */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
     {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret );
-        return( ret );
+        ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_enc,
+                                        cipher_info, taglen );
+        if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret );
+            return( ret );
+        }
+
+        if( ret == 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "Successfully setup PSA-based encryption cipher context" ) );
+            psa_fallthrough = 0;
+        }
+        else
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record encryption - fall through to default setup." ) );
+            psa_fallthrough = 1;
+        }
     }
-
-    if( ret == 0 )
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Successfully setup PSA-based encryption cipher context" ) );
     else
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record encryption - fall through to default setup." ) );
+        psa_fallthrough = 1;
+#else
+    psa_fallthrough = 1;
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
 
-    if( ret != 0 )
+    if( psa_fallthrough == 1 )
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
     if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_enc,
                                  cipher_info ) ) != 0 )
@@ -1055,21 +1079,40 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
     }
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_dec,
-                                    cipher_info, taglen );
-
-    if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
+    /* Only use PSA-based ciphers for TLS-1.2.
+     * That's relevant at least for TLS-1.0, where
+     * we assume that mbedtls_cipher_crypt() updates
+     * the structure field for the IV, which the PSA-based
+     * implementation currently doesn't. */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
+    if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
     {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret );
-        return( ret );
+        ret = mbedtls_cipher_setup_psa( &transform->cipher_ctx_dec,
+                                        cipher_info, taglen );
+        if( ret != 0 && ret != MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE )
+        {
+            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_setup_psa", ret );
+            return( ret );
+        }
+
+        if( ret == 0 )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "Successfully setup PSA-based decryption cipher context" ) );
+            psa_fallthrough = 0;
+        }
+        else
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record decryption - fall through to default setup." ) );
+            psa_fallthrough = 1;
+        }
     }
-
-    if( ret == 0 )
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Successfully setup PSA-based decryption cipher context" ) );
     else
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "Failed to setup PSA-based cipher context for record decryption - fall through to default setup." ) );
+        psa_fallthrough = 1;
+#else
+    psa_fallthrough = 1;
+#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
 
-    if( ret != 0 )
+    if( psa_fallthrough == 1 )
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
     if( ( ret = mbedtls_cipher_setup( &transform->cipher_ctx_dec,
                                  cipher_info ) ) != 0 )

From 5b6425a9313bdeb32380eb08fb1aec4a2e1213a9 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 20 Nov 2018 11:31:17 +0000
Subject: [PATCH 771/889] Remove superfluous quotes in ssl-opt.sh

---
 tests/ssl-opt.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 6b24a2978..5d8efc2eb 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -186,7 +186,7 @@ requires_config_value_at_most() {
 }
 
 requires_ciphersuite_enabled() {
-    if [ -z "$($P_CLI --help | grep "$1")" ]; then
+    if [ -z "$($P_CLI --help | grep $1)" ]; then
         SKIP_NEXT="YES"
     fi
 }

From 0110add3d6680003ed64311be8b5c5cd259cfc92 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Tue, 20 Nov 2018 11:37:34 +0000
Subject: [PATCH 772/889] Rename PSA test in ssl-opt.sh

---
 tests/ssl-opt.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 5d8efc2eb..bae70e8ec 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -754,7 +754,7 @@ run_test() {
 
 run_test_psa() {
     requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
-    run_test    "Default, PSA ($1)" \
+    run_test    "PSA-supported ciphersuite: $1" \
                 "$P_SRV debug_level=1 force_version=tls1_2" \
                 "$P_CLI debug_level=1 force_version=tls1_2 force_ciphersuite=$1" \
                 0 \

From 1ecf92c364d00abbaf3a52e887760f648949c600 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Mon, 22 Oct 2018 12:11:15 +0200
Subject: [PATCH 773/889] Skeleton for PK_OPAQUE_PSA

---
 include/mbedtls/pk.h          | 23 +++++++++++++++++++++++
 include/mbedtls/pk_internal.h |  4 ++++
 library/pk.c                  | 23 +++++++++++++++++++++++
 library/pk_wrap.c             | 27 +++++++++++++++++++++++++++
 4 files changed, 77 insertions(+)

diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index df3a03c7c..3a35afba7 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -45,6 +45,10 @@
 #include "ecdsa.h"
 #endif
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif
+
 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
     !defined(inline) && !defined(__cplusplus)
 #define inline __inline
@@ -83,6 +87,7 @@ typedef enum {
     MBEDTLS_PK_ECDSA,
     MBEDTLS_PK_RSA_ALT,
     MBEDTLS_PK_RSASSA_PSS,
+    MBEDTLS_PK_OPAQUE_PSA,
 } mbedtls_pk_type_t;
 
 /**
@@ -234,6 +239,24 @@ void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx );
  */
 int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/**
+ * \brief           Initialize a PK context to wrap a PSA key slot.
+ *
+ * \param ctx       Context to initialize. Must be empty (type NONE).
+ * \param key       PSA key slot to wrap.
+ *
+ * \return          0 on success,
+ *                  MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input,
+ *                  MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
+ *
+ * \note            This function replaces mbedtls_pk_setup() for contexts
+ *                  that wrap a (possibly opaque) PSA key slot instead of
+ *                  storing and manipulating the key material directly.
+ */
+int mbedtls_pk_setup_psa( mbedtls_pk_context *ctx, const psa_key_slot_t key );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
 /**
  * \brief           Initialize an RSA-alt context
diff --git a/include/mbedtls/pk_internal.h b/include/mbedtls/pk_internal.h
index 48b7a5f7b..7288e9b32 100644
--- a/include/mbedtls/pk_internal.h
+++ b/include/mbedtls/pk_internal.h
@@ -135,4 +135,8 @@ extern const mbedtls_pk_info_t mbedtls_ecdsa_info;
 extern const mbedtls_pk_info_t mbedtls_rsa_alt_info;
 #endif
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+extern const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info;
+#endif
+
 #endif /* MBEDTLS_PK_WRAP_H */
diff --git a/library/pk.c b/library/pk.c
index e0e8dbad2..cb6e1587a 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -139,6 +139,29 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info )
     return( 0 );
 }
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/*
+ * Initialise a PSA-wrapping context
+ */
+int mbedtls_pk_setup_psa( mbedtls_pk_context *ctx, const psa_key_slot_t key )
+{
+    const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_psa_info;
+
+    if( ctx == NULL || ctx->pk_info != NULL )
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+    if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
+        return( MBEDTLS_ERR_PK_ALLOC_FAILED );
+
+    /* coming soon: remember key */
+    (void) key;
+
+    ctx->pk_info = info;
+
+    return( 0 );
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
 /*
  * Initialize an RSA-alt context
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 87806be33..4885c49ac 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -716,4 +716,31 @@ const mbedtls_pk_info_t mbedtls_rsa_alt_info = {
 
 #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+
+const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info = {
+    MBEDTLS_PK_OPAQUE_PSA,
+    "Opaque (PSA)",
+    NULL, /* coming soon: bitlen */
+    NULL, /* coming soon: can_do */
+    NULL, /* verify - will be done later */
+    NULL, /* coming soon: sign */
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    NULL, /* restartable verify - not relevant */
+    NULL, /* restartable sign - not relevant */
+#endif
+    NULL, /* decrypt - will be done later */
+    NULL, /* encrypt - will be done later */
+    NULL, /* check_pair - could be done later or left NULL */
+    NULL, /* coming soon: alloc */
+    NULL, /* coming soon: free */
+#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
+    NULL, /* restart alloc - not relevant */
+    NULL, /* restart free - not relevant */
+#endif
+    NULL, /* debug - could be done later, or even left NULL */
+};
+
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 #endif /* MBEDTLS_PK_C */

From 3bc2029a337aafdb24e7fed24d6089668573c376 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Wed, 24 Oct 2018 12:37:44 +0200
Subject: [PATCH 774/889] Clarify return value of pk_check_pair()

---
 include/mbedtls/pk.h | 6 +++++-
 library/pk.c         | 6 ++++--
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index 3a35afba7..d70e54650 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -503,7 +503,11 @@ int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
  * \param pub       Context holding a public key.
  * \param prv       Context holding a private (and public) key.
  *
- * \return          0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA
+ * \return          \c 0 on success (keys were checked and match each other).
+ * \return          #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the keys could not
+ *                  be checked - in that case they may or may not match.
+ * \return          #MBEDTLS_ERR_PK_BAD_INPUT_DATA if a context is invalid.
+ * \return          Another non-zero value if the keys do not match.
  */
 int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv );
 
diff --git a/library/pk.c b/library/pk.c
index cb6e1587a..b2f681242 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -456,12 +456,14 @@ int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
 int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv )
 {
     if( pub == NULL || pub->pk_info == NULL ||
-        prv == NULL || prv->pk_info == NULL ||
-        prv->pk_info->check_pair_func == NULL )
+        prv == NULL || prv->pk_info == NULL )
     {
         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
     }
 
+    if( prv->pk_info->check_pair_func == NULL )
+        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
+
     if( prv->pk_info->type == MBEDTLS_PK_RSA_ALT )
     {
         if( pub->pk_info->type != MBEDTLS_PK_RSA )

From 274f521b9ab35278cfcb0d850aad4bb37276366b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Wed, 31 Oct 2018 09:57:45 +0100
Subject: [PATCH 775/889] Implement alloc/free wrappers for pk_opaque_psa

---
 library/pk.c                        |  7 ++++---
 library/pk_wrap.c                   | 19 +++++++++++++++++--
 tests/suites/test_suite_pk.data     |  3 +++
 tests/suites/test_suite_pk.function | 19 +++++++++++++++++++
 4 files changed, 43 insertions(+), 5 deletions(-)

diff --git a/library/pk.c b/library/pk.c
index b2f681242..331ed6c76 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -146,6 +146,7 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info )
 int mbedtls_pk_setup_psa( mbedtls_pk_context *ctx, const psa_key_slot_t key )
 {
     const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_psa_info;
+    psa_key_slot_t *pk_ctx;
 
     if( ctx == NULL || ctx->pk_info != NULL )
         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
@@ -153,11 +154,11 @@ int mbedtls_pk_setup_psa( mbedtls_pk_context *ctx, const psa_key_slot_t key )
     if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
         return( MBEDTLS_ERR_PK_ALLOC_FAILED );
 
-    /* coming soon: remember key */
-    (void) key;
-
     ctx->pk_info = info;
 
+    pk_ctx = (psa_key_slot_t *) ctx->pk_ctx;
+    *pk_ctx = key;
+
     return( 0 );
 }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 4885c49ac..0e12d05c2 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -718,6 +718,21 @@ const mbedtls_pk_info_t mbedtls_rsa_alt_info = {
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 
+static void *pk_psa_alloc_wrap( void )
+{
+    void *ctx = mbedtls_calloc( 1, sizeof( psa_key_slot_t ) );
+
+    /* no _init() function to call, an calloc() already zeroized */
+
+    return( ctx );
+}
+
+static void pk_psa_free_wrap( void *ctx )
+{
+    mbedtls_platform_zeroize( ctx, sizeof( psa_key_slot_t ) );
+    mbedtls_free( ctx );
+}
+
 const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info = {
     MBEDTLS_PK_OPAQUE_PSA,
     "Opaque (PSA)",
@@ -732,8 +747,8 @@ const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info = {
     NULL, /* decrypt - will be done later */
     NULL, /* encrypt - will be done later */
     NULL, /* check_pair - could be done later or left NULL */
-    NULL, /* coming soon: alloc */
-    NULL, /* coming soon: free */
+    pk_psa_alloc_wrap,
+    pk_psa_free_wrap,
 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
     NULL, /* restart alloc - not relevant */
     NULL, /* restart free - not relevant */
diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data
index 478cde7be..417670d80 100644
--- a/tests/suites/test_suite_pk.data
+++ b/tests/suites/test_suite_pk.data
@@ -14,6 +14,9 @@ PK utils: ECDSA
 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
 pk_utils:MBEDTLS_PK_ECDSA:192:24:"ECDSA"
 
+PK PSA utils
+pk_psa_utils:
+
 RSA verify test vector #1 (good)
 depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15
 pk_rsa_verify_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 4813f71f7..d95dbc9b3 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -69,6 +69,25 @@ size_t mbedtls_rsa_key_len_func( void *ctx )
  * END_DEPENDENCIES
  */
 
+/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO */
+void pk_psa_utils(  )
+{
+    mbedtls_pk_context pk;
+    const char * const name = "Opaque (PSA)";
+
+    mbedtls_pk_init( &pk );
+
+    TEST_ASSERT( mbedtls_pk_setup_psa( &pk, 0 ) == 0 );
+
+    TEST_ASSERT( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_OPAQUE_PSA );
+    TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 );
+
+exit:
+    mbedtls_pk_free( &pk );
+}
+/* END_CASE */
+
+
 /* BEGIN_CASE */
 void pk_utils( int type, int size, int len, char * name )
 {

From 06c631859cb5e567cae07c3e7ae4087494ea71f2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Wed, 31 Oct 2018 10:28:01 +0100
Subject: [PATCH 776/889] Add key generation to opaque test function

While at it, clarify who's responsible for destroying the underlying key. That
can't be us because some keys cannot be destroyed and we wouldn't know. So
let's leave that up to the caller.
---
 include/mbedtls/pk.h                | 11 ++++++++
 tests/suites/test_suite_pk.function | 42 ++++++++++++++++++++++++++---
 2 files changed, 50 insertions(+), 3 deletions(-)

diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index d70e54650..b481e437b 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -208,6 +208,11 @@ void mbedtls_pk_init( mbedtls_pk_context *ctx );
 
 /**
  * \brief           Free a mbedtls_pk_context
+ *
+ * \note            For contexts that have been set up with
+ *                  mbedtls_pk_setup_psa(), this does not free the underlying
+ *                  key slot and you still need to call psa_destroy_key()
+ *                  independently if you want to destroy that key.
  */
 void mbedtls_pk_free( mbedtls_pk_context *ctx );
 
@@ -246,6 +251,12 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
  * \param ctx       Context to initialize. Must be empty (type NONE).
  * \param key       PSA key slot to wrap.
  *
+ * \note            The wrapped key slot must remain valid as long as the
+ *                  wrapping PK context is in use, that is at least between
+ *                  the point this function is called and the point
+ *                  mbedtls_pk_free() is called on this context. The wrapped
+ *                  key slot might then be independently used or destroyed.
+ *
  * \return          0 on success,
  *                  MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input,
  *                  MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index d95dbc9b3..64f1fec42 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -62,6 +62,34 @@ size_t mbedtls_rsa_key_len_func( void *ctx )
     return( ((const mbedtls_rsa_context *) ctx)->len );
 }
 #endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+
+#include "mbedtls/psa_util.h"
+
+#define PK_PSA_INVALID_SLOT 0 /* guaranteed invalid */
+
+/*
+ * Generate a key in a free key slot and return this key slot,
+ * or PK_PSA_INVALID_SLOT if no slot was available.
+ */
+psa_key_slot_t pk_psa_genkey( void )
+{
+    psa_key_slot_t key;
+
+    const int curve = PSA_ECC_CURVE_SECP256R1;
+    const psa_key_type_t type = PSA_KEY_TYPE_ECC_KEYPAIR(curve);
+    const size_t bits = 256;
+
+    if( PSA_SUCCESS != mbedtls_psa_get_free_key_slot( &key ) )
+        return( PK_PSA_INVALID_SLOT );
+
+    if( PSA_SUCCESS != psa_generate_key( key, type, bits, NULL, 0 ) )
+        return( PK_PSA_INVALID_SLOT );
+
+    return( key );
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
@@ -69,21 +97,29 @@ size_t mbedtls_rsa_key_len_func( void *ctx )
  * END_DEPENDENCIES
  */
 
-/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO */
+/* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
 void pk_psa_utils(  )
 {
     mbedtls_pk_context pk;
     const char * const name = "Opaque (PSA)";
+    psa_key_slot_t key;
 
     mbedtls_pk_init( &pk );
 
-    TEST_ASSERT( mbedtls_pk_setup_psa( &pk, 0 ) == 0 );
+    key = pk_psa_genkey();
+    TEST_ASSERT( key != 0 );
+
+    TEST_ASSERT( mbedtls_pk_setup_psa( &pk, key ) == 0 );
 
     TEST_ASSERT( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_OPAQUE_PSA );
     TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 );
 
-exit:
+    /* test that freeing the context does not destroy the key */
     mbedtls_pk_free( &pk );
+    TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) );
+
+exit:
+    mbedtls_pk_free( &pk ); /* redundant except upon error */
 }
 /* END_CASE */
 

From 683632b78ec5c37408d33e778b31e61c03e043ab Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Wed, 31 Oct 2018 10:36:51 +0100
Subject: [PATCH 777/889] Add support for get_(bit)len on opaque keys

---
 library/pk_wrap.c                   | 13 ++++++++++++-
 tests/suites/test_suite_pk.function |  7 ++++++-
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 0e12d05c2..75a49a15c 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -733,10 +733,21 @@ static void pk_psa_free_wrap( void *ctx )
     mbedtls_free( ctx );
 }
 
+static size_t pk_psa_get_bitlen( const void *ctx )
+{
+    const psa_key_slot_t *key = (const psa_key_slot_t *) ctx;
+    size_t bits;
+
+    if( PSA_SUCCESS != psa_get_key_information( *key, NULL, &bits ) )
+        return( 0 );
+
+    return( bits );
+}
+
 const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info = {
     MBEDTLS_PK_OPAQUE_PSA,
     "Opaque (PSA)",
-    NULL, /* coming soon: bitlen */
+    pk_psa_get_bitlen,
     NULL, /* coming soon: can_do */
     NULL, /* verify - will be done later */
     NULL, /* coming soon: sign */
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 64f1fec42..8f6abf59e 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -101,9 +101,11 @@ psa_key_slot_t pk_psa_genkey( void )
 void pk_psa_utils(  )
 {
     mbedtls_pk_context pk;
-    const char * const name = "Opaque (PSA)";
     psa_key_slot_t key;
 
+    const char * const name = "Opaque (PSA)";
+    const size_t bitlen = 256; /* harcoded in genkey() */
+
     mbedtls_pk_init( &pk );
 
     key = pk_psa_genkey();
@@ -114,6 +116,9 @@ void pk_psa_utils(  )
     TEST_ASSERT( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_OPAQUE_PSA );
     TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 );
 
+    TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == bitlen );
+    TEST_ASSERT( mbedtls_pk_get_len( &pk ) == bitlen / 8 );
+
     /* test that freeing the context does not destroy the key */
     mbedtls_pk_free( &pk );
     TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) );

From 07b103fe07848ce77c7f8e8a16334eb1b5a88625 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Wed, 31 Oct 2018 10:57:29 +0100
Subject: [PATCH 778/889] Implement can_do for opaque ECC keypairs

Unfortunately the can_do wrapper does not receive the key context as an
argument, so it cannot check psa_get_key_information(). Later we might want to
change our internal structures to fix this, but for now we'll just restrict
opaque PSA keys to be ECDSA keypairs, as this is the only thing we need for
now. It also simplifies testing a bit (no need to test each key type).
---
 include/mbedtls/pk.h                | 14 ++++++++++----
 library/pk.c                        |  8 ++++++++
 library/pk_wrap.c                   | 11 ++++++++++-
 tests/suites/test_suite_pk.function | 10 ++++++++++
 4 files changed, 38 insertions(+), 5 deletions(-)

diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index b481e437b..3f640931f 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -249,7 +249,7 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
  * \brief           Initialize a PK context to wrap a PSA key slot.
  *
  * \param ctx       Context to initialize. Must be empty (type NONE).
- * \param key       PSA key slot to wrap.
+ * \param key       PSA key slot to wrap - must hold an ECC keypair.
  *
  * \note            The wrapped key slot must remain valid as long as the
  *                  wrapping PK context is in use, that is at least between
@@ -257,13 +257,19 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
  *                  mbedtls_pk_free() is called on this context. The wrapped
  *                  key slot might then be independently used or destroyed.
  *
- * \return          0 on success,
- *                  MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input,
- *                  MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
+ * \return          \c 0 on success,
+ * \return          #MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input
+ *                  (context already used, invalid key slot)
+ * \return          #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the key is not an
+ *                  ECC keypair,
+ * \return          #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
  *
  * \note            This function replaces mbedtls_pk_setup() for contexts
  *                  that wrap a (possibly opaque) PSA key slot instead of
  *                  storing and manipulating the key material directly.
+ *
+ * \note            This function is currently only available for ECC keypair.
+ *                  Support for other key types will be added later.
  */
 int mbedtls_pk_setup_psa( mbedtls_pk_context *ctx, const psa_key_slot_t key );
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
diff --git a/library/pk.c b/library/pk.c
index 331ed6c76..f65b2eed7 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -147,10 +147,18 @@ int mbedtls_pk_setup_psa( mbedtls_pk_context *ctx, const psa_key_slot_t key )
 {
     const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_psa_info;
     psa_key_slot_t *pk_ctx;
+    psa_key_type_t type;
 
     if( ctx == NULL || ctx->pk_info != NULL )
         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 
+    if( PSA_SUCCESS != psa_get_key_information( key, &type, NULL ) )
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+    /* Current implementation of can_do() relies on this. */
+    if( ! PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) )
+        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE) ;
+
     if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
         return( MBEDTLS_ERR_PK_ALLOC_FAILED );
 
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 75a49a15c..d01694c69 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -744,11 +744,20 @@ static size_t pk_psa_get_bitlen( const void *ctx )
     return( bits );
 }
 
+static int pk_psa_can_do( mbedtls_pk_type_t type )
+{
+    /* For now opaque PSA keys can only wrap ECC keypairs,
+     * as checked by setup_psa().
+     * Also, ECKEY_DH does not really make sense with the current API. */
+    return( type == MBEDTLS_PK_ECKEY ||
+            type == MBEDTLS_PK_ECDSA );
+}
+
 const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info = {
     MBEDTLS_PK_OPAQUE_PSA,
     "Opaque (PSA)",
     pk_psa_get_bitlen,
-    NULL, /* coming soon: can_do */
+    pk_psa_can_do,
     NULL, /* verify - will be done later */
     NULL, /* coming soon: sign */
 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 8f6abf59e..3beff380f 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -108,6 +108,12 @@ void pk_psa_utils(  )
 
     mbedtls_pk_init( &pk );
 
+    TEST_ASSERT( mbedtls_pk_setup_psa( &pk, 0 ) ==
+                 MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+    mbedtls_pk_free( &pk );
+    mbedtls_pk_init( &pk );
+
     key = pk_psa_genkey();
     TEST_ASSERT( key != 0 );
 
@@ -119,6 +125,10 @@ void pk_psa_utils(  )
     TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == bitlen );
     TEST_ASSERT( mbedtls_pk_get_len( &pk ) == bitlen / 8 );
 
+    TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECKEY ) == 1 );
+    TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECDSA ) == 1 );
+    TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) == 0 );
+
     /* test that freeing the context does not destroy the key */
     mbedtls_pk_free( &pk );
     TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) );

From 99af2f0dd1717b929e6d045dd6016fe12bb45481 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Wed, 31 Oct 2018 11:14:36 +0100
Subject: [PATCH 779/889] Add tests for unsupported operations/functions

---
 tests/suites/test_suite_pk.function | 30 ++++++++++++++++++++++++++++-
 1 file changed, 29 insertions(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 3beff380f..1edc04eb2 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -100,13 +100,19 @@ psa_key_slot_t pk_psa_genkey( void )
 /* BEGIN_CASE depends_on:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
 void pk_psa_utils(  )
 {
-    mbedtls_pk_context pk;
+    mbedtls_pk_context pk, pk2;
     psa_key_slot_t key;
 
     const char * const name = "Opaque (PSA)";
     const size_t bitlen = 256; /* harcoded in genkey() */
 
+    mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
+    unsigned char b1[1], b2[1];
+    size_t len;
+    mbedtls_pk_debug_item dbg;
+
     mbedtls_pk_init( &pk );
+    mbedtls_pk_init( &pk2 );
 
     TEST_ASSERT( mbedtls_pk_setup_psa( &pk, 0 ) ==
                  MBEDTLS_ERR_PK_BAD_INPUT_DATA );
@@ -129,12 +135,34 @@ void pk_psa_utils(  )
     TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_ECDSA ) == 1 );
     TEST_ASSERT( mbedtls_pk_can_do( &pk, MBEDTLS_PK_RSA ) == 0 );
 
+    /* unsupported operations: verify, decrypt, encrypt */
+    TEST_ASSERT( mbedtls_pk_verify( &pk, md_alg,
+                                    b1, sizeof( b1), b2, sizeof( b2 ) )
+                 == MBEDTLS_ERR_PK_TYPE_MISMATCH );
+    TEST_ASSERT( mbedtls_pk_decrypt( &pk, b1, sizeof( b1 ),
+                                     b2, &len, sizeof( b2 ),
+                                     NULL, NULL )
+                 == MBEDTLS_ERR_PK_TYPE_MISMATCH );
+    TEST_ASSERT( mbedtls_pk_encrypt( &pk, b1, sizeof( b1 ),
+                                     b2, &len, sizeof( b2 ),
+                                     NULL, NULL )
+                 == MBEDTLS_ERR_PK_TYPE_MISMATCH );
+
+    /* unsupported functions: check_pair, debug */
+    TEST_ASSERT( mbedtls_pk_setup( &pk2,
+                 mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 );
+    TEST_ASSERT( mbedtls_pk_check_pair( &pk, &pk2 )
+                 == MBEDTLS_ERR_PK_TYPE_MISMATCH );
+    TEST_ASSERT( mbedtls_pk_debug( &pk, &dbg )
+                 == MBEDTLS_ERR_PK_TYPE_MISMATCH );
+
     /* test that freeing the context does not destroy the key */
     mbedtls_pk_free( &pk );
     TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) );
 
 exit:
     mbedtls_pk_free( &pk ); /* redundant except upon error */
+    mbedtls_pk_free( &pk2 );
 }
 /* END_CASE */
 

From 7d51255ca755c014b636d2c8c8909891794af7fa Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Wed, 31 Oct 2018 16:22:49 +0100
Subject: [PATCH 780/889] Implement pk_sign() for opaque ECDSA keys

---
 library/pk_wrap.c                   | 113 +++++++++++++++++++++++++++-
 tests/suites/test_suite_pk.data     |   3 +
 tests/suites/test_suite_pk.function |  61 +++++++++++++++
 3 files changed, 176 insertions(+), 1 deletion(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index d01694c69..47f39d7e7 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -41,10 +41,18 @@
 #include "mbedtls/ecdsa.h"
 #endif
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "mbedtls/asn1write.h"
+#endif
+
 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
 #include "mbedtls/platform_util.h"
 #endif
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "mbedtls/psa_util.h"
+#endif
+
 #if defined(MBEDTLS_PLATFORM_C)
 #include "mbedtls/platform.h"
 #else
@@ -753,13 +761,116 @@ static int pk_psa_can_do( mbedtls_pk_type_t type )
             type == MBEDTLS_PK_ECDSA );
 }
 
+/* Like mbedtls_asn1_write_mpi, but from a buffer */
+static int asn1_write_mpibuf( unsigned char **p, unsigned char *start,
+                              const unsigned char *src, size_t slen )
+{
+    int ret;
+    size_t len = 0;
+
+    if( (size_t)( *p - start ) < slen )
+        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+    len = slen;
+    *p -= len;
+    memcpy( *p, src, len );
+
+    if( **p & 0x80 )
+    {
+        if( *p - start < 1 )
+            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+        *--(*p) = 0x00;
+        len += 1;
+    }
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) );
+
+    return( (int) len );
+}
+
+/* Transcode signature from PSA format to ASN.1 sequence.
+ * See ecdsa_signature_to_asn1 in ecdsa.c.
+ *
+ * [in] sig: the signature in PSA format
+ * [in/out] sig_len: signature length pre- and post-transcoding
+ * [out] dst: the signature in ASN.1 format
+ */
+static int pk_ecdsa_sig_asn1_from_psa( const unsigned char *sig, size_t *sig_len,
+                                       unsigned char *dst )
+{
+    int ret;
+    unsigned char buf[MBEDTLS_ECDSA_MAX_LEN];
+    unsigned char *p = buf + sizeof( buf );
+    size_t len = 0;
+    const size_t mpi_len = *sig_len / 2;
+
+    MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, buf, sig + mpi_len, mpi_len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, buf, sig, mpi_len ) );
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, buf, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, buf,
+                                       MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
+
+    memcpy( dst, p, len );
+    *sig_len = len;
+
+    return( 0 );
+}
+
+static int pk_psa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
+                   const unsigned char *hash, size_t hash_len,
+                   unsigned char *sig, size_t *sig_len,
+                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    const psa_key_slot_t *key = (const psa_key_slot_t *) ctx;
+    psa_status_t status;
+    psa_algorithm_t alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) );
+    /* PSA needs a buffer of know size */
+    unsigned char buf[2 * MBEDTLS_ECP_MAX_BYTES];
+    const size_t buf_len = sizeof( buf );
+
+    /* PSA has its own RNG */
+    (void) f_rng;
+    (void) p_rng;
+
+    status = psa_asymmetric_sign( *key, alg, hash, hash_len,
+                                        buf, buf_len, sig_len );
+
+    /* translate errors to best approximation */
+    switch( status )
+    {
+        case PSA_SUCCESS:
+            break; /* don't return now */
+        case PSA_ERROR_NOT_SUPPORTED:
+            return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
+        case PSA_ERROR_INSUFFICIENT_MEMORY:
+            return( MBEDTLS_ERR_PK_ALLOC_FAILED );
+        case PSA_ERROR_COMMUNICATION_FAILURE:
+        case PSA_ERROR_HARDWARE_FAILURE:
+        case PSA_ERROR_TAMPERING_DETECTED:
+            return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
+        case PSA_ERROR_INSUFFICIENT_ENTROPY:
+            return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
+        case PSA_ERROR_BAD_STATE:
+            return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+        default: /* should never happen */
+            return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
+    }
+
+    pk_ecdsa_sig_asn1_from_psa( buf, sig_len, sig );
+
+    return( 0 );
+}
+
 const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info = {
     MBEDTLS_PK_OPAQUE_PSA,
     "Opaque (PSA)",
     pk_psa_get_bitlen,
     pk_psa_can_do,
     NULL, /* verify - will be done later */
-    NULL, /* coming soon: sign */
+    pk_psa_sign_wrap,
 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
     NULL, /* restartable verify - not relevant */
     NULL, /* restartable sign - not relevant */
diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data
index 417670d80..011b1f5f6 100644
--- a/tests/suites/test_suite_pk.data
+++ b/tests/suites/test_suite_pk.data
@@ -188,3 +188,6 @@ pk_sign_verify_restart:MBEDTLS_PK_ECDSA:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75
 ECDSA restartable sign/verify: ECKEY, max_ops=250
 depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C
 pk_sign_verify_restart:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":"60FED4BA255A9D31C961EB74C6356D68C049B8923B61FA6CE669622E60F29FB6":"7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299":MBEDTLS_MD_SHA256:"test":"3045022100f1abb023518351cd71d881567b1ea663ed3efcf6c5132b354f28d3b0b7d383670220019f4113742a2b14bd25926b49c649155f267e60d3814b4c0cc84250e46f0083":250:2:64
+
+PSA wrapped sign
+pk_psa_sign:
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 1edc04eb2..563fa44f5 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -72,6 +72,7 @@ size_t mbedtls_rsa_key_len_func( void *ctx )
 /*
  * Generate a key in a free key slot and return this key slot,
  * or PK_PSA_INVALID_SLOT if no slot was available.
+ * The key uses NIST P-256 and is usable for signing with SHA-256.
  */
 psa_key_slot_t pk_psa_genkey( void )
 {
@@ -80,10 +81,20 @@ psa_key_slot_t pk_psa_genkey( void )
     const int curve = PSA_ECC_CURVE_SECP256R1;
     const psa_key_type_t type = PSA_KEY_TYPE_ECC_KEYPAIR(curve);
     const size_t bits = 256;
+    psa_key_policy_t policy;
 
+    /* find a free key slot */
     if( PSA_SUCCESS != mbedtls_psa_get_free_key_slot( &key ) )
         return( PK_PSA_INVALID_SLOT );
 
+    /* set up policy on key slot */
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN,
+                                      PSA_ALG_ECDSA(PSA_ALG_SHA_256) );
+    if( PSA_SUCCESS != psa_set_key_policy( key, &policy ) )
+        return( PK_PSA_INVALID_SLOT );
+
+    /* generate key */
     if( PSA_SUCCESS != psa_generate_key( key, type, bits, NULL, 0 ) )
         return( PK_PSA_INVALID_SLOT );
 
@@ -760,3 +771,53 @@ exit:
     mbedtls_pk_free( &rsa ); mbedtls_pk_free( &alt );
 }
 /* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+void pk_psa_sign(  )
+{
+    mbedtls_pk_context pk;
+    psa_key_slot_t key;
+    unsigned char hash[50], sig[100], pkey[100];
+    size_t sig_len, klen = 0;
+
+    /*
+     * This tests making signatures with a wrapped PSA key:
+     * - generate a fresh PSA key
+     * - wrap it in a PK context and make a signature this way
+     * - extract the public key
+     * - parse it to a PK context and verify the signature this way
+     */
+
+    mbedtls_pk_init( &pk );
+
+    memset( hash, 0x2a, sizeof hash );
+    memset( sig, 0, sizeof sig );
+    memset( pkey, 0, sizeof pkey );
+
+    key = pk_psa_genkey();
+    TEST_ASSERT( key != 0 );
+
+    TEST_ASSERT( mbedtls_pk_setup_psa( &pk, key ) == 0 );
+
+    TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256,
+                 hash, sizeof hash, sig, &sig_len,
+                 NULL, NULL ) == 0 );
+
+    mbedtls_pk_free( &pk );
+
+    TEST_ASSERT( PSA_SUCCESS == psa_export_public_key(
+                                key, pkey, sizeof( pkey ), &klen ) );
+    TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) );
+
+    mbedtls_pk_init( &pk );
+
+    TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, pkey, klen ) == 0 );
+
+
+    TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA256,
+                            hash, sizeof hash, sig, sig_len ) == 0 );
+
+exit:
+    mbedtls_pk_free( &pk );
+}
+/* END_CASE */

From 276cb64e6c141bb88b4315ba8b88b05d50a818f9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Tue, 6 Nov 2018 09:34:30 +0100
Subject: [PATCH 781/889] Align names to use "opaque" only everywhere

It's better for names in the API to describe the "what" (opaque keys) rather
than the "how" (using PSA), at least since we don't intend to have multiple
function doing the same "what" in different ways in the foreseeable future.
---
 include/mbedtls/pk.h                |  6 +++---
 include/mbedtls/pk_internal.h       |  2 +-
 library/pk.c                        |  4 ++--
 library/pk_wrap.c                   | 26 +++++++++++++-------------
 tests/suites/test_suite_pk.function | 10 +++++-----
 5 files changed, 24 insertions(+), 24 deletions(-)

diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index 3f640931f..001dcca6d 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -87,7 +87,7 @@ typedef enum {
     MBEDTLS_PK_ECDSA,
     MBEDTLS_PK_RSA_ALT,
     MBEDTLS_PK_RSASSA_PSS,
-    MBEDTLS_PK_OPAQUE_PSA,
+    MBEDTLS_PK_OPAQUE,
 } mbedtls_pk_type_t;
 
 /**
@@ -210,7 +210,7 @@ void mbedtls_pk_init( mbedtls_pk_context *ctx );
  * \brief           Free a mbedtls_pk_context
  *
  * \note            For contexts that have been set up with
- *                  mbedtls_pk_setup_psa(), this does not free the underlying
+ *                  mbedtls_pk_setup_opaque(), this does not free the underlying
  *                  key slot and you still need to call psa_destroy_key()
  *                  independently if you want to destroy that key.
  */
@@ -271,7 +271,7 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
  * \note            This function is currently only available for ECC keypair.
  *                  Support for other key types will be added later.
  */
-int mbedtls_pk_setup_psa( mbedtls_pk_context *ctx, const psa_key_slot_t key );
+int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_slot_t key );
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
diff --git a/include/mbedtls/pk_internal.h b/include/mbedtls/pk_internal.h
index 7288e9b32..fc9ba13fe 100644
--- a/include/mbedtls/pk_internal.h
+++ b/include/mbedtls/pk_internal.h
@@ -136,7 +136,7 @@ extern const mbedtls_pk_info_t mbedtls_rsa_alt_info;
 #endif
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-extern const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info;
+extern const mbedtls_pk_info_t mbedtls_pk_opaque_info;
 #endif
 
 #endif /* MBEDTLS_PK_WRAP_H */
diff --git a/library/pk.c b/library/pk.c
index f65b2eed7..c34ab7e02 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -143,9 +143,9 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info )
 /*
  * Initialise a PSA-wrapping context
  */
-int mbedtls_pk_setup_psa( mbedtls_pk_context *ctx, const psa_key_slot_t key )
+int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_slot_t key )
 {
-    const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_psa_info;
+    const mbedtls_pk_info_t * const info = &mbedtls_pk_opaque_info;
     psa_key_slot_t *pk_ctx;
     psa_key_type_t type;
 
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 47f39d7e7..e576f7334 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -726,7 +726,7 @@ const mbedtls_pk_info_t mbedtls_rsa_alt_info = {
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 
-static void *pk_psa_alloc_wrap( void )
+static void *pk_opaque_alloc_wrap( void )
 {
     void *ctx = mbedtls_calloc( 1, sizeof( psa_key_slot_t ) );
 
@@ -735,13 +735,13 @@ static void *pk_psa_alloc_wrap( void )
     return( ctx );
 }
 
-static void pk_psa_free_wrap( void *ctx )
+static void pk_opaque_free_wrap( void *ctx )
 {
     mbedtls_platform_zeroize( ctx, sizeof( psa_key_slot_t ) );
     mbedtls_free( ctx );
 }
 
-static size_t pk_psa_get_bitlen( const void *ctx )
+static size_t pk_opaque_get_bitlen( const void *ctx )
 {
     const psa_key_slot_t *key = (const psa_key_slot_t *) ctx;
     size_t bits;
@@ -752,7 +752,7 @@ static size_t pk_psa_get_bitlen( const void *ctx )
     return( bits );
 }
 
-static int pk_psa_can_do( mbedtls_pk_type_t type )
+static int pk_opaque_can_do( mbedtls_pk_type_t type )
 {
     /* For now opaque PSA keys can only wrap ECC keypairs,
      * as checked by setup_psa().
@@ -819,7 +819,7 @@ static int pk_ecdsa_sig_asn1_from_psa( const unsigned char *sig, size_t *sig_len
     return( 0 );
 }
 
-static int pk_psa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
+static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
                    const unsigned char *hash, size_t hash_len,
                    unsigned char *sig, size_t *sig_len,
                    int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
@@ -864,13 +864,13 @@ static int pk_psa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
     return( 0 );
 }
 
-const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info = {
-    MBEDTLS_PK_OPAQUE_PSA,
-    "Opaque (PSA)",
-    pk_psa_get_bitlen,
-    pk_psa_can_do,
+const mbedtls_pk_info_t mbedtls_pk_opaque_info = {
+    MBEDTLS_PK_OPAQUE,
+    "Opaque",
+    pk_opaque_get_bitlen,
+    pk_opaque_can_do,
     NULL, /* verify - will be done later */
-    pk_psa_sign_wrap,
+    pk_opaque_sign_wrap,
 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
     NULL, /* restartable verify - not relevant */
     NULL, /* restartable sign - not relevant */
@@ -878,8 +878,8 @@ const mbedtls_pk_info_t mbedtls_pk_opaque_psa_info = {
     NULL, /* decrypt - will be done later */
     NULL, /* encrypt - will be done later */
     NULL, /* check_pair - could be done later or left NULL */
-    pk_psa_alloc_wrap,
-    pk_psa_free_wrap,
+    pk_opaque_alloc_wrap,
+    pk_opaque_free_wrap,
 #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
     NULL, /* restart alloc - not relevant */
     NULL, /* restart free - not relevant */
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 563fa44f5..bf87b2b0d 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -114,7 +114,7 @@ void pk_psa_utils(  )
     mbedtls_pk_context pk, pk2;
     psa_key_slot_t key;
 
-    const char * const name = "Opaque (PSA)";
+    const char * const name = "Opaque";
     const size_t bitlen = 256; /* harcoded in genkey() */
 
     mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
@@ -125,7 +125,7 @@ void pk_psa_utils(  )
     mbedtls_pk_init( &pk );
     mbedtls_pk_init( &pk2 );
 
-    TEST_ASSERT( mbedtls_pk_setup_psa( &pk, 0 ) ==
+    TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, 0 ) ==
                  MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 
     mbedtls_pk_free( &pk );
@@ -134,9 +134,9 @@ void pk_psa_utils(  )
     key = pk_psa_genkey();
     TEST_ASSERT( key != 0 );
 
-    TEST_ASSERT( mbedtls_pk_setup_psa( &pk, key ) == 0 );
+    TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, key ) == 0 );
 
-    TEST_ASSERT( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_OPAQUE_PSA );
+    TEST_ASSERT( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_OPAQUE );
     TEST_ASSERT( strcmp( mbedtls_pk_get_name( &pk), name ) == 0 );
 
     TEST_ASSERT( mbedtls_pk_get_bitlen( &pk ) == bitlen );
@@ -797,7 +797,7 @@ void pk_psa_sign(  )
     key = pk_psa_genkey();
     TEST_ASSERT( key != 0 );
 
-    TEST_ASSERT( mbedtls_pk_setup_psa( &pk, key ) == 0 );
+    TEST_ASSERT( mbedtls_pk_setup_opaque( &pk, key ) == 0 );
 
     TEST_ASSERT( mbedtls_pk_sign( &pk, MBEDTLS_MD_SHA256,
                  hash, sizeof hash, sig, &sig_len,

From 35a7ff93664761644ea100c4f1c32ed037c97bbd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Tue, 13 Nov 2018 10:48:23 +0100
Subject: [PATCH 782/889] Improve documentation of mbedtls_pk_setup_opaque()

---
 include/mbedtls/pk.h | 26 ++++++++++++++------------
 1 file changed, 14 insertions(+), 12 deletions(-)

diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index 001dcca6d..57a7005a5 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -248,8 +248,13 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
 /**
  * \brief           Initialize a PK context to wrap a PSA key slot.
  *
- * \param ctx       Context to initialize. Must be empty (type NONE).
- * \param key       PSA key slot to wrap - must hold an ECC keypair.
+ * \note            This function replaces mbedtls_pk_setup() for contexts
+ *                  that wrap a (possibly opaque) PSA key slot instead of
+ *                  storing and manipulating the key material directly.
+ *
+ * \param ctx       The context to initialize. It must be empty (type NONE).
+ * \param key       The PSA key slot to wrap, which must hold an ECC key pair
+ *                  (see notes below).
  *
  * \note            The wrapped key slot must remain valid as long as the
  *                  wrapping PK context is in use, that is at least between
@@ -257,19 +262,16 @@ int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
  *                  mbedtls_pk_free() is called on this context. The wrapped
  *                  key slot might then be independently used or destroyed.
  *
- * \return          \c 0 on success,
+ * \note            This function is currently only available for ECC key
+ *                  pairs (that is, ECC keys containing private key material).
+ *                  Support for other key types may be added later.
+ *
+ * \return          \c 0 on success.
  * \return          #MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input
- *                  (context already used, invalid key slot)
+ *                  (context already used, invalid key slot).
  * \return          #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the key is not an
- *                  ECC keypair,
+ *                  ECC key pair.
  * \return          #MBEDTLS_ERR_PK_ALLOC_FAILED on allocation failure.
- *
- * \note            This function replaces mbedtls_pk_setup() for contexts
- *                  that wrap a (possibly opaque) PSA key slot instead of
- *                  storing and manipulating the key material directly.
- *
- * \note            This function is currently only available for ECC keypair.
- *                  Support for other key types will be added later.
  */
 int mbedtls_pk_setup_opaque( mbedtls_pk_context *ctx, const psa_key_slot_t key );
 #endif /* MBEDTLS_USE_PSA_CRYPTO */

From fe8607350c8c934140e0ccf7454fbb3684d9086c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Mon, 12 Nov 2018 15:06:57 +0100
Subject: [PATCH 783/889] Add new macro to detemine ECDSA signature length

Revived from a previous PR by Gilles, see:
https://github.com/ARMmbed/mbedtls/pull/1293/files#diff-568ef321d275f2035b8b26a70ee9af0bR71

This will be useful in eliminating temporary stack buffers for transcoding the
signature: in order to do that in place we need to be able to make assumptions
about the size of the output buffer, which this macro will provide. (See next
commit.)
---
 include/mbedtls/ecdsa.h | 27 ++++++++++++++++-----------
 1 file changed, 16 insertions(+), 11 deletions(-)

diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h
index 4057828d4..5245c6ee3 100644
--- a/include/mbedtls/ecdsa.h
+++ b/include/mbedtls/ecdsa.h
@@ -35,25 +35,30 @@
 #include "ecp.h"
 #include "md.h"
 
-/*
- * RFC-4492 page 20:
+/**
+ * \brief           Maximum ECDSA signature size for a given curve bit size
  *
+ * \param bits      Curve size in bits
+ * \return          Maximum signature size in bytes
+ *
+ * \note            This macro returns a compile-time constant if its argument
+ *                  is one. It may evaluate its argument multiple times.
+ */
+/*
  *     Ecdsa-Sig-Value ::= SEQUENCE {
  *         r       INTEGER,
  *         s       INTEGER
  *     }
  *
- * Size is at most
- *    1 (tag) + 1 (len) + 1 (initial 0) + ECP_MAX_BYTES for each of r and s,
- *    twice that + 1 (tag) + 2 (len) for the sequence
- * (assuming ECP_MAX_BYTES is less than 126 for r and s,
- * and less than 124 (total len <= 255) for the sequence)
+ * For each of r and s, the value (V) may include an extra initial "0" bit.
  */
-#if MBEDTLS_ECP_MAX_BYTES > 124
-#error "MBEDTLS_ECP_MAX_BYTES bigger than expected, please fix MBEDTLS_ECDSA_MAX_LEN"
-#endif
+#define MBEDTLS_ECDSA_MAX_SIG_LEN( bits )                               \
+    ( /*T,L of SEQUENCE*/ ( ( bits ) >= 61 * 8 ? 3 : 2 ) +              \
+      /*T,L of r,s*/        2 * ( ( ( bits ) >= 127 * 8 ? 3 : 2 ) +     \
+      /*V of r,s*/                ( ( bits ) + 8 ) / 8 ) )
+
 /** The maximal size of an ECDSA signature in Bytes. */
-#define MBEDTLS_ECDSA_MAX_LEN  ( 3 + 2 * ( 3 + MBEDTLS_ECP_MAX_BYTES ) )
+#define MBEDTLS_ECDSA_MAX_LEN  MBEDTLS_ECDSA_MAX_SIG_LEN( MBEDTLS_ECP_MAX_BITS )
 
 #ifdef __cplusplus
 extern "C" {

From f127e6080e907d0743edde8747e1530fe2b108ed Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Tue, 13 Nov 2018 10:32:00 +0100
Subject: [PATCH 784/889] Get rid of large stack buffers in PSA sign wrapper

---
 library/pk_wrap.c | 180 ++++++++++++++++++++++++++--------------------
 1 file changed, 101 insertions(+), 79 deletions(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index e576f7334..e8b26db56 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -761,88 +761,13 @@ static int pk_opaque_can_do( mbedtls_pk_type_t type )
             type == MBEDTLS_PK_ECDSA );
 }
 
-/* Like mbedtls_asn1_write_mpi, but from a buffer */
-static int asn1_write_mpibuf( unsigned char **p, unsigned char *start,
-                              const unsigned char *src, size_t slen )
+/* translate PSA errors to best PK approximation */
+static int pk_err_from_psa( psa_status_t status )
 {
-    int ret;
-    size_t len = 0;
-
-    if( (size_t)( *p - start ) < slen )
-        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-    len = slen;
-    *p -= len;
-    memcpy( *p, src, len );
-
-    if( **p & 0x80 )
-    {
-        if( *p - start < 1 )
-            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
-        *--(*p) = 0x00;
-        len += 1;
-    }
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) );
-
-    return( (int) len );
-}
-
-/* Transcode signature from PSA format to ASN.1 sequence.
- * See ecdsa_signature_to_asn1 in ecdsa.c.
- *
- * [in] sig: the signature in PSA format
- * [in/out] sig_len: signature length pre- and post-transcoding
- * [out] dst: the signature in ASN.1 format
- */
-static int pk_ecdsa_sig_asn1_from_psa( const unsigned char *sig, size_t *sig_len,
-                                       unsigned char *dst )
-{
-    int ret;
-    unsigned char buf[MBEDTLS_ECDSA_MAX_LEN];
-    unsigned char *p = buf + sizeof( buf );
-    size_t len = 0;
-    const size_t mpi_len = *sig_len / 2;
-
-    MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, buf, sig + mpi_len, mpi_len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, buf, sig, mpi_len ) );
-
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, buf, len ) );
-    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, buf,
-                                       MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
-
-    memcpy( dst, p, len );
-    *sig_len = len;
-
-    return( 0 );
-}
-
-static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
-                   const unsigned char *hash, size_t hash_len,
-                   unsigned char *sig, size_t *sig_len,
-                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
-{
-    const psa_key_slot_t *key = (const psa_key_slot_t *) ctx;
-    psa_status_t status;
-    psa_algorithm_t alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) );
-    /* PSA needs a buffer of know size */
-    unsigned char buf[2 * MBEDTLS_ECP_MAX_BYTES];
-    const size_t buf_len = sizeof( buf );
-
-    /* PSA has its own RNG */
-    (void) f_rng;
-    (void) p_rng;
-
-    status = psa_asymmetric_sign( *key, alg, hash, hash_len,
-                                        buf, buf_len, sig_len );
-
-    /* translate errors to best approximation */
     switch( status )
     {
         case PSA_SUCCESS:
-            break; /* don't return now */
+            return( 0 );
         case PSA_ERROR_NOT_SUPPORTED:
             return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
         case PSA_ERROR_INSUFFICIENT_MEMORY:
@@ -858,12 +783,109 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
         default: /* should never happen */
             return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
     }
+}
 
-    pk_ecdsa_sig_asn1_from_psa( buf, sig_len, sig );
+/*
+ * Like mbedtls_asn1_write_mpi(), but from a buffer.
+ *
+ * p: pointer to the end of the output buffer
+ * start: start of the output buffer, and also of the mpi to write at the end
+ * n_len: length ot the mpi to read from start
+ */
+static int asn1_write_mpibuf( unsigned char **p, unsigned char *start,
+                              size_t n_len )
+{
+    int ret;
+    size_t len = 0;
+
+    if( (size_t)( *p - start ) < n_len )
+        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+    len = n_len;
+    *p -= len;
+    memmove( *p, start, len );
+
+    /* if the msb is 1, ASN.1 requires that we prepend a 0.
+     * we're never called with n_len == 0, so we can always read back a byte */
+    if( **p & 0x80 )
+    {
+        if( *p - start < 1 )
+            return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
+
+        *--(*p) = 0x00;
+        len += 1;
+    }
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start,
+                                                MBEDTLS_ASN1_INTEGER ) );
+
+    return( (int) len );
+}
+
+/* Transcode signature from PSA format to ASN.1 sequence.
+ * See ecdsa_signature_to_asn1 in ecdsa.c, but with byte buffers instead of
+ * MPIs, and in-place.
+ *
+ * [in/out] sig: the signature pre- and post-transcoding
+ * [in/out] sig_len: signature length pre- and post-transcoding
+ * [int] buf_len: the available size the in/out buffer
+ */
+static int pk_ecdsa_sig_asn1_from_psa( unsigned char *sig, size_t *sig_len,
+                                       size_t buf_len )
+{
+    int ret;
+    size_t len = 0;
+    const size_t rs_len = *sig_len / 2;
+    unsigned char *p = sig + buf_len;
+
+    MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, sig + rs_len, rs_len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, asn1_write_mpibuf( &p, sig, rs_len ) );
+
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, sig, len ) );
+    MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, sig,
+                          MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
+
+    memmove( sig, p, len );
+    *sig_len = len;
 
     return( 0 );
 }
 
+static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
+                   const unsigned char *hash, size_t hash_len,
+                   unsigned char *sig, size_t *sig_len,
+                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
+{
+    const psa_key_slot_t *key = (const psa_key_slot_t *) ctx;
+    psa_algorithm_t alg = PSA_ALG_ECDSA( mbedtls_psa_translate_md( md_alg ) );
+    size_t bits, buf_len;
+    psa_status_t status;
+
+    /* PSA has its own RNG */
+    (void) f_rng;
+    (void) p_rng;
+
+    /* PSA needs an output buffer of known size, but our API doesn't provide
+     * that information. Assume that the buffer is large enough for a
+     * maximal-length signature with that key (otherwise the application is
+     * buggy anyway). */
+    status = psa_get_key_information( *key, NULL, &bits );
+    if( status != PSA_SUCCESS )
+        return( pk_err_from_psa( status ) );
+
+    buf_len = MBEDTLS_ECDSA_MAX_SIG_LEN( bits );
+
+    /* make the signature */
+    status = psa_asymmetric_sign( *key, alg, hash, hash_len,
+                                        sig, buf_len, sig_len );
+    if( status != PSA_SUCCESS )
+        return( pk_err_from_psa( status ) );
+
+    /* transcode it to ASN.1 sequence */
+    return( pk_ecdsa_sig_asn1_from_psa( sig, sig_len, buf_len ) );
+}
+
 const mbedtls_pk_info_t mbedtls_pk_opaque_info = {
     MBEDTLS_PK_OPAQUE,
     "Opaque",

From 615530728f9737faf3d2673a1ef68a9c59f9d148 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Thu, 15 Nov 2018 12:17:38 +0100
Subject: [PATCH 785/889] Improve documentation of an internal function

---
 library/pk_wrap.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index e8b26db56..762dbfb91 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -786,11 +786,13 @@ static int pk_err_from_psa( psa_status_t status )
 }
 
 /*
- * Like mbedtls_asn1_write_mpi(), but from a buffer.
+ * Simultaneously convert and move raw MPI from the beginning of a buffer
+ * to an ASN.1 MPI at the end of the buffer.
+ * See also mbedtls_asn1_write_mpi().
  *
  * p: pointer to the end of the output buffer
  * start: start of the output buffer, and also of the mpi to write at the end
- * n_len: length ot the mpi to read from start
+ * n_len: length of the mpi to read from start
  */
 static int asn1_write_mpibuf( unsigned char **p, unsigned char *start,
                               size_t n_len )

From 1e48ebd306c76a3e70aadc25b0ef05350faa6c21 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Fri, 16 Nov 2018 10:09:11 +0100
Subject: [PATCH 786/889] Fix a compliance issue in signature encoding

The issue is not present in the normal path because asn1write_mpi() does it
automatically, but we're not using that here...
---
 library/pk_wrap.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 762dbfb91..5e8360225 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -807,8 +807,16 @@ static int asn1_write_mpibuf( unsigned char **p, unsigned char *start,
     *p -= len;
     memmove( *p, start, len );
 
+    /* ASN.1 DER encoding requires minimal length, so skip leading 0s.
+     * Neither r nor s can be 0, so we can assume len > 0 at all times. */
+    while( **p == 0x00 )
+    {
+        ++(*p);
+        --len;
+    }
+
     /* if the msb is 1, ASN.1 requires that we prepend a 0.
-     * we're never called with n_len == 0, so we can always read back a byte */
+     * Neither r nor s can be 0, so we can assume len > 0 at all times. */
     if( **p & 0x80 )
     {
         if( *p - start < 1 )

From f4427678ae05b451604400db9834017fab570fd4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Fri, 16 Nov 2018 10:15:09 +0100
Subject: [PATCH 787/889] Use shared function for error translation

---
 library/pk_wrap.c | 28 ++--------------------------
 1 file changed, 2 insertions(+), 26 deletions(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 5e8360225..301d2266f 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -761,30 +761,6 @@ static int pk_opaque_can_do( mbedtls_pk_type_t type )
             type == MBEDTLS_PK_ECDSA );
 }
 
-/* translate PSA errors to best PK approximation */
-static int pk_err_from_psa( psa_status_t status )
-{
-    switch( status )
-    {
-        case PSA_SUCCESS:
-            return( 0 );
-        case PSA_ERROR_NOT_SUPPORTED:
-            return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
-        case PSA_ERROR_INSUFFICIENT_MEMORY:
-            return( MBEDTLS_ERR_PK_ALLOC_FAILED );
-        case PSA_ERROR_COMMUNICATION_FAILURE:
-        case PSA_ERROR_HARDWARE_FAILURE:
-        case PSA_ERROR_TAMPERING_DETECTED:
-            return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
-        case PSA_ERROR_INSUFFICIENT_ENTROPY:
-            return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
-        case PSA_ERROR_BAD_STATE:
-            return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-        default: /* should never happen */
-            return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
-    }
-}
-
 /*
  * Simultaneously convert and move raw MPI from the beginning of a buffer
  * to an ASN.1 MPI at the end of the buffer.
@@ -882,7 +858,7 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
      * buggy anyway). */
     status = psa_get_key_information( *key, NULL, &bits );
     if( status != PSA_SUCCESS )
-        return( pk_err_from_psa( status ) );
+        return( mbedtls_psa_err_translate_pk( status ) );
 
     buf_len = MBEDTLS_ECDSA_MAX_SIG_LEN( bits );
 
@@ -890,7 +866,7 @@ static int pk_opaque_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
     status = psa_asymmetric_sign( *key, alg, hash, hash_len,
                                         sig, buf_len, sig_len );
     if( status != PSA_SUCCESS )
-        return( pk_err_from_psa( status ) );
+        return( mbedtls_psa_err_translate_pk( status ) );
 
     /* transcode it to ASN.1 sequence */
     return( pk_ecdsa_sig_asn1_from_psa( sig, sig_len, buf_len ) );

From 29a1325b0d1ea24b3ed9ffd0576a1ed91b48f343 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Fri, 16 Nov 2018 10:54:54 +0100
Subject: [PATCH 788/889] Guard against PSA generating invalid signature

The goal is not to double-check everything PSA does, but to ensure that it
anything goes wrong, we fail cleanly rather than by overwriting a buffer.
---
 library/pk_wrap.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 301d2266f..3af17d398 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -784,13 +784,18 @@ static int asn1_write_mpibuf( unsigned char **p, unsigned char *start,
     memmove( *p, start, len );
 
     /* ASN.1 DER encoding requires minimal length, so skip leading 0s.
-     * Neither r nor s can be 0, so we can assume len > 0 at all times. */
-    while( **p == 0x00 )
+     * Neither r nor s should be 0, but as a failsafe measure, still detect
+     * that rather than overflowing the buffer in case of a PSA error. */
+    while( len > 0 && **p == 0x00 )
     {
         ++(*p);
         --len;
     }
 
+    /* this is only reached if the signature was invalid */
+    if( len == 0 )
+        return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
+
     /* if the msb is 1, ASN.1 requires that we prepend a 0.
      * Neither r nor s can be 0, so we can assume len > 0 at all times. */
     if( **p & 0x80 )

From 261456221224bc2ada3ce86363dc9523e4a75973 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Mon, 19 Nov 2018 12:25:37 +0100
Subject: [PATCH 789/889] Add test utility function: wrap_as_opaque()

The new function is not tested here, but will be in a subsequent PR.
---
 include/mbedtls/pk.h | 25 +++++++++++++++++
 library/pk.c         | 65 ++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 90 insertions(+)

diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index 57a7005a5..862065eed 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -740,6 +740,31 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
 int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n );
 #endif
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/**
+ * \brief           Turn an EC key into an Opaque one
+ *
+ * \warning         This is a temporary utility function for tests. It might
+ *                  change or be removed at any time without notice.
+ *
+ * \note            Only ECDSA keys are supported so far. Signing with the
+ *                  specified hash is the only allowed use of that key.
+ *
+ * \param pk        Input: the EC key to transfer to a PSA key slot.
+ *                  Output: a PK context wrapping that PSA key slot.
+ * \param slot      Output: the chosen slot for storing the key.
+ *                  It's the caller's responsibility to destroy that slot
+ *                  after calling mbedtls_pk_free() on the PK context.
+ * \param hash_alg  The hash algorithm to allow for use with that key.
+ *
+ * \return          \c 0 if successful.
+ * \return          An Mbed TLS error code otherwise.
+ */
+int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk,
+                               psa_key_slot_t *slot,
+                               psa_algorithm_t hash_alg );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/library/pk.c b/library/pk.c
index c34ab7e02..989ed095b 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -41,6 +41,10 @@
 #include "mbedtls/ecdsa.h"
 #endif
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "mbedtls/psa_util.h"
+#endif
+
 #include <limits.h>
 #include <stdint.h>
 
@@ -535,4 +539,65 @@ mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx )
     return( ctx->pk_info->type );
 }
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+/*
+ * Load the key to a PSA key slot,
+ * then turn the PK context into a wrapper for that key slot.
+ *
+ * Currently only works for EC private keys.
+ */
+int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk,
+                               psa_key_slot_t *slot,
+                               psa_algorithm_t hash_alg )
+{
+#if !defined(MBEDTLS_ECP_C)
+    return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
+#else
+    psa_key_slot_t key;
+    const mbedtls_ecp_keypair *ec;
+    unsigned char d[MBEDTLS_ECP_MAX_BYTES];
+    size_t d_len;
+    psa_ecc_curve_t curve_id;
+    psa_key_type_t key_type;
+    psa_key_policy_t policy;
+    int ret;
+
+    /* export the private key material in the format PSA wants */
+    if( mbedtls_pk_get_type( pk ) != MBEDTLS_PK_ECKEY )
+        return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
+
+    ec = mbedtls_pk_ec( *pk );
+    d_len = ( ec->grp.nbits + 7 ) / 8;
+    if( ( ret = mbedtls_mpi_write_binary( &ec->d, d, d_len ) ) != 0 )
+        return( ret );
+
+    curve_id = mbedtls_ecp_curve_info_from_grp_id( ec->grp.id )->tls_id;
+
+    /* find a free key slot */
+    if( PSA_SUCCESS != mbedtls_psa_get_free_key_slot( &key ) )
+        return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
+
+    /* set policy */
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN,
+                                       PSA_ALG_ECDSA(hash_alg) );
+    if( PSA_SUCCESS != psa_set_key_policy( key, &policy ) )
+        return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
+
+    /* import private key in slot */
+    key_type = PSA_KEY_TYPE_ECC_KEYPAIR(curve_id);
+    if( PSA_SUCCESS != psa_import_key( key, key_type, d, d_len ) )
+        return( MBEDTLS_ERR_PK_HW_ACCEL_FAILED );
+
+    /* remember slot number to be destroyed later by caller */
+    *slot = key;
+
+    /* make PK context wrap the key slot */
+    mbedtls_pk_free( pk );
+    mbedtls_pk_init( pk );
+
+    return( mbedtls_pk_setup_opaque( pk, key ) );
+#endif /* MBEDTLS_ECP_C */
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
 #endif /* MBEDTLS_PK_C */

From 72d94be0deb7ce363dd85cfb2379c6715ce5917d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Mon, 19 Nov 2018 12:39:27 +0100
Subject: [PATCH 790/889] Improve description of a test

---
 tests/suites/test_suite_pk.data | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data
index 011b1f5f6..049750268 100644
--- a/tests/suites/test_suite_pk.data
+++ b/tests/suites/test_suite_pk.data
@@ -14,7 +14,7 @@ PK utils: ECDSA
 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
 pk_utils:MBEDTLS_PK_ECDSA:192:24:"ECDSA"
 
-PK PSA utils
+PK PSA utilities: setup/free, info functions, unsupported operations
 pk_psa_utils:
 
 RSA verify test vector #1 (good)

From e31411a8149370291a47ff48b4991a77412c020c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Thu, 22 Nov 2018 12:21:20 +0100
Subject: [PATCH 791/889] Fix test that wasn't actually effective

psa_destroy_key() returns success even if the slot is empty.
---
 tests/suites/test_suite_pk.function | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index bf87b2b0d..37cf5c569 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -169,6 +169,7 @@ void pk_psa_utils(  )
 
     /* test that freeing the context does not destroy the key */
     mbedtls_pk_free( &pk );
+    TEST_ASSERT( PSA_SUCCESS == psa_get_key_information( key, NULL, NULL ) );
     TEST_ASSERT( PSA_SUCCESS == psa_destroy_key( key ) );
 
 exit:

From ca906fb8b936163eadf396c2b5780cfdb46aa2ec Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Wed, 7 Nov 2018 09:42:35 +0100
Subject: [PATCH 792/889] Add option key_opaque to ssl_client2 (skeleton)

This is just the plumbing for the option itself, implementation of the option
will be the next commit.
---
 programs/ssl/ssl_client2.c | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 87b9ab1bd..8d15b4f8f 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -84,6 +84,7 @@ int main( void )
 #define DFL_CA_PATH             ""
 #define DFL_CRT_FILE            ""
 #define DFL_KEY_FILE            ""
+#define DFL_KEY_OPAQUE          0
 #define DFL_PSK                 ""
 #define DFL_PSK_IDENTITY        "Client_identity"
 #define DFL_ECJPAKE_PW          NULL
@@ -134,9 +135,16 @@ int main( void )
 #define USAGE_IO \
     "    No file operations available (MBEDTLS_FS_IO not defined)\n"
 #endif /* MBEDTLS_FS_IO */
-#else
+#else /* MBEDTLS_X509_CRT_PARSE_C */
 #define USAGE_IO ""
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C)
+#define USAGE_KEY_OPAQUE \
+    "    key_opaque=%%d       Handle your private key as if it were opaque\n" \
+    "                        default: 0 (disabled)\n"
+#else
+#define USAGE_KEY_OPAQUE ""
+#endif
 
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
 #define USAGE_PSK                                                   \
@@ -283,6 +291,7 @@ int main( void )
     "    auth_mode=%%s        default: (library default: none)\n" \
     "                        options: none, optional, required\n" \
     USAGE_IO                                                \
+    USAGE_KEY_OPAQUE                                        \
     "\n"                                                    \
     USAGE_PSK                                               \
     USAGE_ECJPAKE                                           \
@@ -337,6 +346,7 @@ struct options
     const char *ca_path;        /* the path with the CA certificate(s) reside */
     const char *crt_file;       /* the file with the client certificate     */
     const char *key_file;       /* the file with the client key             */
+    int key_opaque;             /* handle private key as if it were opaque  */
     const char *psk;            /* the pre-shared key                       */
     const char *psk_identity;   /* the pre-shared key identity              */
     const char *ecjpake_pw;     /* the EC J-PAKE password                   */
@@ -627,6 +637,7 @@ int main( int argc, char *argv[] )
     opt.ca_path             = DFL_CA_PATH;
     opt.crt_file            = DFL_CRT_FILE;
     opt.key_file            = DFL_KEY_FILE;
+    opt.key_opaque          = DFL_KEY_OPAQUE;
     opt.psk                 = DFL_PSK;
     opt.psk_identity        = DFL_PSK_IDENTITY;
     opt.ecjpake_pw          = DFL_ECJPAKE_PW;
@@ -726,6 +737,10 @@ int main( int argc, char *argv[] )
             opt.crt_file = q;
         else if( strcmp( p, "key_file" ) == 0 )
             opt.key_file = q;
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_X509_CRT_PARSE_C)
+        else if( strcmp( p, "key_opaque" ) == 0 )
+            opt.key_opaque = atoi( q );
+#endif
         else if( strcmp( p, "psk" ) == 0 )
             opt.psk = q;
         else if( strcmp( p, "psk_identity" ) == 0 )
@@ -1309,6 +1324,13 @@ int main( int argc, char *argv[] )
         goto exit;
     }
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( opt.key_opaque != 0 )
+    {
+        /* coming soon: load key to key slot */
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
     mbedtls_printf( " ok\n" );
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
 

From f83d31260db0739308537f54237ff00f3759434b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Thu, 8 Nov 2018 09:52:25 +0100
Subject: [PATCH 793/889] Implement key_opaque option to ssl_client2

---
 programs/ssl/ssl_client2.c | 16 ++++++++++++++--
 tests/ssl-opt.sh           | 15 +++++++++++++++
 2 files changed, 29 insertions(+), 2 deletions(-)

diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 8d15b4f8f..f3bf495bb 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -566,6 +566,9 @@ int main( int argc, char *argv[] )
     mbedtls_x509_crt cacert;
     mbedtls_x509_crt clicert;
     mbedtls_pk_context pkey;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_key_slot_t key_slot = 0; /* invalid key slot */
+#endif
 #endif
     char *p, *q;
     const int *list;
@@ -1327,11 +1330,17 @@ int main( int argc, char *argv[] )
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
     if( opt.key_opaque != 0 )
     {
-        /* coming soon: load key to key slot */
+        if( ( ret = mbedtls_pk_wrap_as_opaque( &pkey, &key_slot,
+                                               PSA_ALG_SHA_256 ) ) != 0 )
+        {
+            mbedtls_printf( " failed\n  !  "
+                            "mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", -ret );
+            goto exit;
+        }
     }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
-    mbedtls_printf( " ok\n" );
+    mbedtls_printf( " ok (key type: %s)\n", mbedtls_pk_get_name( &pkey ) );
 #endif /* MBEDTLS_X509_CRT_PARSE_C */
 
     /*
@@ -2138,6 +2147,9 @@ exit:
     mbedtls_x509_crt_free( &clicert );
     mbedtls_x509_crt_free( &cacert );
     mbedtls_pk_free( &pkey );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_destroy_key( key_slot );
+#endif
 #endif
     mbedtls_ssl_session_free( &saved_session );
     mbedtls_ssl_free( &ssl );
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index ce9aee28a..5cded213e 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -865,6 +865,21 @@ run_test    "Default, DTLS" \
             -s "Protocol is DTLSv1.2" \
             -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256"
 
+# Test using an opaque private key for client authentication
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
+requires_config_enabled MBEDTLS_ECDSA_C
+requires_config_enabled MBEDTLS_SHA256_C
+run_test    "Opaque key for client authentication" \
+            "$P_SRV auth_mode=required" \
+            "$P_CLI key_opaque=1 crt_file=data_files/server5.crt \
+             key_file=data_files/server5.key" \
+            0 \
+            -c "key type: Opaque" \
+            -s "Verifying peer X.509 certificate... ok" \
+            -S "error" \
+            -C "error"
+
 # Test current time in ServerHello
 requires_config_enabled MBEDTLS_HAVE_TIME
 run_test    "ServerHello contains gmt_unix_time" \

From 596e65e1a58b1e6b665a98458aea71fb4c5933da Mon Sep 17 00:00:00 2001
From: Netanel Gonen <netanel.gonen@arm.com>
Date: Thu, 22 Nov 2018 18:41:43 +0200
Subject: [PATCH 794/889] Fix indentation

---
 include/psa/crypto_extra.h | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index 9e8f97c9d..7f0885794 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -95,13 +95,13 @@ void mbedtls_psa_crypto_free( void );
  *   and mbedtls_nv_seed_write.
  * * In a client-server integration of PSA Cryptography, on the client side,
  *   if the server supports this feature.
- * \param[in] seed      Buffer containing the seed value to inject.
+ * \param[in] seed          Buffer containing the seed value to inject.
  * \param[in] seed_size     Size of the \p seed buffer.
- *                      The size of the seed in bytes must be greater
- *                      or equal to both #MBEDTLS_ENTROPY_MIN_PLATFORM
- *                      and #MBEDTLS_ENTROPY_BLOCK_SIZE.
- *                      It must be less or equal to
- *                      #MBEDTLS_ENTROPY_MAX_SEED_SIZE.
+ *                          The size of the seed in bytes must be greater
+ *                          or equal to both #MBEDTLS_ENTROPY_MIN_PLATFORM
+ *                          and #MBEDTLS_ENTROPY_BLOCK_SIZE.
+ *                          It must be less or equal to
+ *                          #MBEDTLS_ENTROPY_MAX_SEED_SIZE.
  *
  * \retval #PSA_SUCCESS
  *         The seed value was injected successfully. The random generator

From 6f249de70608532bca7ef3e325fd556960e74399 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Mon, 19 Nov 2018 10:07:36 -0500
Subject: [PATCH 795/889] pkwrite: add opaque key handling for public key
 exporting

Return early from mbedtls_pk_write_pubkey_der - public opaque key
exporting is expected to contain all of the needed data, therefore it shouldn't
be written again.
---
 library/pkwrite.c | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/library/pkwrite.c b/library/pkwrite.c
index 8eabd889b..d135060e4 100644
--- a/library/pkwrite.c
+++ b/library/pkwrite.c
@@ -46,6 +46,9 @@
 #include "mbedtls/pem.h"
 #endif
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#endif
 #if defined(MBEDTLS_PLATFORM_C)
 #include "mbedtls/platform.h"
 #else
@@ -161,6 +164,23 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
         MBEDTLS_ASN1_CHK_ADD( len, pk_write_ec_pubkey( p, start, mbedtls_pk_ec( *key ) ) );
     else
 #endif
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_OPAQUE )
+    {
+        size_t buffer_size = *p - start;
+        psa_key_slot_t* key_slot = ( psa_key_slot_t* ) key->pk_ctx;
+        if ( psa_export_public_key( *key_slot, start, buffer_size, &len )
+             != PSA_SUCCESS )
+        {
+            return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+        }
+        else
+        {
+            memmove( *p - len, start, len );
+        }
+    }
+    else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
         return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
 
     return( (int) len );
@@ -177,6 +197,10 @@ int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, si
 
     MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, key ) );
 
+    if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_OPAQUE )
+    {
+        return( (int) len );
+    }
     if( c - buf < 1 )
         return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
 

From c3de438b8eec7a94931442eedcbb6b998247bea4 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Mon, 19 Nov 2018 10:12:37 -0500
Subject: [PATCH 796/889] Add CSR write testing using opaque keys

Parse and verify CSR programatically instead of using predetermined data,
to not tamper with randomness in tests.
---
 tests/suites/test_suite_x509write.data     |  4 ++
 tests/suites/test_suite_x509write.function | 75 ++++++++++++++++++++++
 2 files changed, 79 insertions(+)

diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data
index 5b54d8588..c932c6816 100644
--- a/tests/suites/test_suite_x509write.data
+++ b/tests/suites/test_suite_x509write.data
@@ -42,6 +42,10 @@ Certificate Request check Server5 ECDSA, key_usage
 depends_on:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0
 
+Certificate Request check opaque Server5 ECDSA, key_usage
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_USE_PSA_CRYPTO
+x509_csr_check_opaque:"data_files/server5.key":MBEDTLS_MD_SHA256:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0
+
 Certificate write check Server1 SHA1
 depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_MD5_C
 x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":MBEDTLS_MD_SHA1:0:0:1:-1:"data_files/server1.crt":0
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index c00b1aca8..f1aeaa0c6 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -5,6 +5,11 @@
 #include "mbedtls/pem.h"
 #include "mbedtls/oid.h"
 #include "mbedtls/rsa.h"
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#endif
+
 
 #if defined(MBEDTLS_RSA_C)
 int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen,
@@ -28,6 +33,29 @@ size_t mbedtls_rsa_key_len_func( void *ctx )
 }
 #endif /* MBEDTLS_RSA_C */
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+static int x509_crt_verifycsr( const unsigned char *buf, size_t buflen )
+{
+    unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+    const mbedtls_md_info_t *md_info;
+    mbedtls_x509_csr csr;
+
+    if( mbedtls_x509_csr_parse( &csr, buf, buflen ) != 0 )
+        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+
+    md_info = mbedtls_md_info_from_type( csr.sig_md );
+    if( mbedtls_md( md_info, csr.cri.p, csr.cri.len, hash ) != 0 )
+        return ( MBEDTLS_ERR_X509_BAD_INPUT_DATA );/* Note: this can't happen except after an internal error */
+
+    if( mbedtls_pk_verify_ext( csr.sig_pk, csr.sig_opts, &csr.pk,
+                       csr.sig_md, hash, mbedtls_md_get_size( md_info ),
+                       csr.sig.p, csr.sig.len ) != 0 )
+        return( MBEDTLS_ERR_X509_CERT_VERIFY_FAILED );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
@@ -95,6 +123,53 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C:MBEDTLS_USE_PSA_CRYPTO */
+void x509_csr_check_opaque( char *key_file, int md_type, int key_usage,
+                                 int cert_type )
+{
+    mbedtls_pk_context key;
+    psa_key_slot_t slot;
+    psa_algorithm_t md_alg_psa;
+    mbedtls_x509write_csr req;
+    unsigned char buf[4096];
+    int ret;
+    size_t pem_len = 0;
+    const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1";
+    rnd_pseudo_info rnd_info;
+
+    psa_crypto_init();
+    memset( &rnd_info, 0x2a, sizeof( rnd_pseudo_info ) );
+
+    md_alg_psa = mbedtls_psa_translate_md( (mbedtls_md_type_t) md_type );
+    TEST_ASSERT( md_alg_psa != MBEDTLS_MD_NONE );
+    
+    mbedtls_pk_init( &key );
+    TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 );
+    TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &key, &slot, md_alg_psa ) == 0 );
+
+    mbedtls_x509write_csr_init( &req );
+    mbedtls_x509write_csr_set_md_alg( &req, md_type );
+    mbedtls_x509write_csr_set_key( &req, &key );
+    TEST_ASSERT( mbedtls_x509write_csr_set_subject_name( &req, subject_name ) == 0 );
+    if( key_usage != 0 )
+        TEST_ASSERT( mbedtls_x509write_csr_set_key_usage( &req, key_usage ) == 0 );
+    if( cert_type != 0 )
+        TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 );
+
+    ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ),
+                             rnd_pseudo_rand, &rnd_info );
+    TEST_ASSERT( ret == 0 );
+
+    pem_len = strlen( (char *) buf );
+    buf[pem_len] = '\0';
+    TEST_ASSERT( x509_crt_verifycsr( buf, pem_len+1 ) == 0 );
+
+exit:
+    mbedtls_x509write_csr_free( &req );
+    mbedtls_pk_free( &key );
+}
+/* END_CASE */
+
 /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_SHA1_C */
 void x509_crt_check( char *subject_key_file, char *subject_pwd,
                      char *subject_name, char *issuer_key_file,

From 2f3112258587fb89a91ddf372372f9d2ef8876e0 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Mon, 19 Nov 2018 18:04:01 -0500
Subject: [PATCH 797/889] Cosmetic changes

Adjust whitespaces, reduce test dependencies and reduce buffer size passed by 1.
---
 library/pkwrite.c                          |  4 ++--
 tests/suites/test_suite_x509write.data     |  2 +-
 tests/suites/test_suite_x509write.function | 11 ++++++++---
 3 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/library/pkwrite.c b/library/pkwrite.c
index d135060e4..dcd3263b2 100644
--- a/library/pkwrite.c
+++ b/library/pkwrite.c
@@ -168,11 +168,11 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
     if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_OPAQUE )
     {
         size_t buffer_size = *p - start;
-        psa_key_slot_t* key_slot = ( psa_key_slot_t* ) key->pk_ctx;
+        psa_key_slot_t* key_slot = (psa_key_slot_t*) key->pk_ctx;
         if ( psa_export_public_key( *key_slot, start, buffer_size, &len )
              != PSA_SUCCESS )
         {
-            return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+            return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
         }
         else
         {
diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data
index c932c6816..40964258b 100644
--- a/tests/suites/test_suite_x509write.data
+++ b/tests/suites/test_suite_x509write.data
@@ -43,7 +43,7 @@ depends_on:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_EC
 x509_csr_check:"data_files/server5.key":"data_files/server5.req.ku.sha1":MBEDTLS_MD_SHA1:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0
 
 Certificate Request check opaque Server5 ECDSA, key_usage
-depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_USE_PSA_CRYPTO
+depends_on:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
 x509_csr_check_opaque:"data_files/server5.key":MBEDTLS_MD_SHA256:MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_NON_REPUDIATION:0
 
 Certificate write check Server1 SHA1
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index f1aeaa0c6..8fe3b841d 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -45,12 +45,17 @@ static int x509_crt_verifycsr( const unsigned char *buf, size_t buflen )
 
     md_info = mbedtls_md_info_from_type( csr.sig_md );
     if( mbedtls_md( md_info, csr.cri.p, csr.cri.len, hash ) != 0 )
-        return ( MBEDTLS_ERR_X509_BAD_INPUT_DATA );/* Note: this can't happen except after an internal error */
+    {
+        /* Note: this can't happen except after an internal error */
+        return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
+    }
 
     if( mbedtls_pk_verify_ext( csr.sig_pk, csr.sig_opts, &csr.pk,
                        csr.sig_md, hash, mbedtls_md_get_size( md_info ),
                        csr.sig.p, csr.sig.len ) != 0 )
+    {
         return( MBEDTLS_ERR_X509_CERT_VERIFY_FAILED );
+    }
 
     return( 0 );
 }
@@ -156,13 +161,13 @@ void x509_csr_check_opaque( char *key_file, int md_type, int key_usage,
     if( cert_type != 0 )
         TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 );
 
-    ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ),
+    ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ) - 1,
                              rnd_pseudo_rand, &rnd_info );
     TEST_ASSERT( ret == 0 );
 
     pem_len = strlen( (char *) buf );
     buf[pem_len] = '\0';
-    TEST_ASSERT( x509_crt_verifycsr( buf, pem_len+1 ) == 0 );
+    TEST_ASSERT( x509_crt_verifycsr( buf, pem_len + 1 ) == 0 );
 
 exit:
     mbedtls_x509write_csr_free( &req );

From 16d6000577a9abd3982bd86e37589b36351472b6 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Mon, 19 Nov 2018 18:09:59 -0500
Subject: [PATCH 798/889] pkwrite: add a safety check before calculating the
 buffer size

---
 library/pkwrite.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/library/pkwrite.c b/library/pkwrite.c
index dcd3263b2..3dfc590ad 100644
--- a/library/pkwrite.c
+++ b/library/pkwrite.c
@@ -167,8 +167,13 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
     if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_OPAQUE )
     {
-        size_t buffer_size = *p - start;
+        size_t buffer_size;
         psa_key_slot_t* key_slot = (psa_key_slot_t*) key->pk_ctx;
+
+        if ( *p < start )
+            return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+        buffer_size = *p - start;
         if ( psa_export_public_key( *key_slot, start, buffer_size, &len )
              != PSA_SUCCESS )
         {

From d6d07909f2997173041a9b55f67bcb0c1c191837 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Tue, 20 Nov 2018 02:53:17 -0500
Subject: [PATCH 799/889] Remove trailing whitespace

---
 tests/suites/test_suite_x509write.function | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index 8fe3b841d..bf43a8001 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -147,7 +147,7 @@ void x509_csr_check_opaque( char *key_file, int md_type, int key_usage,
 
     md_alg_psa = mbedtls_psa_translate_md( (mbedtls_md_type_t) md_type );
     TEST_ASSERT( md_alg_psa != MBEDTLS_MD_NONE );
-    
+
     mbedtls_pk_init( &key );
     TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 );
     TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &key, &slot, md_alg_psa ) == 0 );

From 3bd69dda1ab212ab3549be48283497f5856df9dd Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Tue, 20 Nov 2018 03:03:28 -0500
Subject: [PATCH 800/889] pkwrite: add an explicit cast to size_t

---
 library/pkwrite.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/pkwrite.c b/library/pkwrite.c
index 3dfc590ad..d34714b34 100644
--- a/library/pkwrite.c
+++ b/library/pkwrite.c
@@ -173,7 +173,7 @@ int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
         if ( *p < start )
             return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 
-        buffer_size = *p - start;
+        buffer_size = (size_t)( *p - start );
         if ( psa_export_public_key( *key_slot, start, buffer_size, &len )
              != PSA_SUCCESS )
         {

From 78276b1c73f9dbaa9fcc1000fd2eee4ef3635a40 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Wed, 31 Oct 2018 06:18:39 -0400
Subject: [PATCH 801/889] x509: use the PSA API to perform hashing operations
 So far limited only to certificate verification withour CRL and CSR
 generation.

---
 library/x509_crt.c      | 36 +++++++++++++++++++++++++++++++-----
 library/x509write_csr.c | 30 ++++++++++++++++++++++++++++--
 2 files changed, 59 insertions(+), 7 deletions(-)

diff --git a/library/x509_crt.c b/library/x509_crt.c
index 3e505e2f3..2e4a79658 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -49,6 +49,11 @@
 #include "mbedtls/pem.h"
 #endif
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#endif
+
 #if defined(MBEDTLS_PLATFORM_C)
 #include "mbedtls/platform.h"
 #else
@@ -1892,16 +1897,37 @@ static int x509_crt_check_signature( const mbedtls_x509_crt *child,
                                      mbedtls_x509_crt *parent,
                                      mbedtls_x509_crt_restart_ctx *rs_ctx )
 {
-    const mbedtls_md_info_t *md_info;
     unsigned char hash[MBEDTLS_MD_MAX_SIZE];
-
+    size_t hash_len;
+#if !defined(MBEDTLS_USE_PSA_CRYPTO)
+    const mbedtls_md_info_t *md_info;
     md_info = mbedtls_md_info_from_type( child->sig_md );
+    hash_len = mbedtls_md_get_size( md_info );
+    
+    /* Note: hash errors can happen only after an internal error */
     if( mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash ) != 0 )
+        return( -1 );
+#else
+    psa_hash_operation_t hash_operation;
+    psa_algorithm_t hash_alg = mbedtls_psa_translate_md( child->sig_md );
+
+    if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS )
+        return( -1 );
+
+    if( psa_hash_update( &hash_operation, child->tbs.p, child->tbs.len )
+        != PSA_SUCCESS )
     {
-        /* Note: this can't happen except after an internal error */
+        psa_hash_abort( &hash_operation );
         return( -1 );
     }
 
+    if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len )
+        != PSA_SUCCESS )
+    {
+        psa_hash_abort( &hash_operation );
+        return( -1 );
+    }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
     /* Skip expensive computation on obvious mismatch */
     if( ! mbedtls_pk_can_do( &parent->pk, child->sig_pk ) )
         return( -1 );
@@ -1910,7 +1936,7 @@ static int x509_crt_check_signature( const mbedtls_x509_crt *child,
     if( rs_ctx != NULL && child->sig_pk == MBEDTLS_PK_ECDSA )
     {
         return( mbedtls_pk_verify_restartable( &parent->pk,
-                    child->sig_md, hash, mbedtls_md_get_size( md_info ),
+                    child->sig_md, hash, hash_len,
                     child->sig.p, child->sig.len, &rs_ctx->pk ) );
     }
 #else
@@ -1918,7 +1944,7 @@ static int x509_crt_check_signature( const mbedtls_x509_crt *child,
 #endif
 
     return( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk,
-                child->sig_md, hash, mbedtls_md_get_size( md_info ),
+                child->sig_md, hash, hash_len,
                 child->sig.p, child->sig.len ) );
 }
 
diff --git a/library/x509write_csr.c b/library/x509write_csr.c
index 66cee5601..6270b6335 100644
--- a/library/x509write_csr.c
+++ b/library/x509write_csr.c
@@ -37,6 +37,11 @@
 #include "mbedtls/asn1write.h"
 #include "mbedtls/platform_util.h"
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "mbedtls/psa_util.h"
+#endif
+
 #include <string.h>
 #include <stdlib.h>
 
@@ -136,7 +141,11 @@ int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, s
     size_t pub_len = 0, sig_and_oid_len = 0, sig_len;
     size_t len = 0;
     mbedtls_pk_type_t pk_alg;
-
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    psa_hash_operation_t hash_operation;
+    size_t hash_len;
+    psa_algorithm_t hash_alg = mbedtls_psa_translate_md( ctx->md_alg );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
     /*
      * Prepare data to be signed in tmp_buf
      */
@@ -187,9 +196,26 @@ int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, s
 
     /*
      * Prepare signature
+     * Note: hash errors can happen only after an internal error
      */
-    mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash );
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+    if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS )
+        return( MBEDTLS_ERR_X509_FATAL_ERROR );
 
+    if( psa_hash_update( &hash_operation, c, len) != PSA_SUCCESS )
+    {
+        psa_hash_abort( &hash_operation );
+        return( MBEDTLS_ERR_X509_FATAL_ERROR );
+    }
+    if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len )
+        != PSA_SUCCESS )
+    {
+        psa_hash_abort( &hash_operation );
+        return( MBEDTLS_ERR_X509_FATAL_ERROR );
+    }
+#else /* MBEDTLS_USE_PSA_CRYPTO */
+    mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash );
+#endif
     if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len,
                                  f_rng, p_rng ) ) != 0 )
     {

From 593fccdf973f199265cd8c690358450fd3d148af Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Mon, 19 Nov 2018 13:57:58 -0500
Subject: [PATCH 802/889] x509: remove unnecessary calls to psa_hash_abort

According to the documentation, it does not need to be called after a failed
psa_hash call.
---
 library/x509_crt.c      | 2 --
 library/x509write_csr.c | 7 ++-----
 2 files changed, 2 insertions(+), 7 deletions(-)

diff --git a/library/x509_crt.c b/library/x509_crt.c
index 2e4a79658..92c052cc2 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -1917,14 +1917,12 @@ static int x509_crt_check_signature( const mbedtls_x509_crt *child,
     if( psa_hash_update( &hash_operation, child->tbs.p, child->tbs.len )
         != PSA_SUCCESS )
     {
-        psa_hash_abort( &hash_operation );
         return( -1 );
     }
 
     if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len )
         != PSA_SUCCESS )
     {
-        psa_hash_abort( &hash_operation );
         return( -1 );
     }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
diff --git a/library/x509write_csr.c b/library/x509write_csr.c
index 6270b6335..f2950ad2f 100644
--- a/library/x509write_csr.c
+++ b/library/x509write_csr.c
@@ -202,15 +202,12 @@ int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, s
     if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS )
         return( MBEDTLS_ERR_X509_FATAL_ERROR );
 
-    if( psa_hash_update( &hash_operation, c, len) != PSA_SUCCESS )
-    {
-        psa_hash_abort( &hash_operation );
+    if( psa_hash_update( &hash_operation, c, len ) != PSA_SUCCESS )
         return( MBEDTLS_ERR_X509_FATAL_ERROR );
-    }
+
     if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len )
         != PSA_SUCCESS )
     {
-        psa_hash_abort( &hash_operation );
         return( MBEDTLS_ERR_X509_FATAL_ERROR );
     }
 #else /* MBEDTLS_USE_PSA_CRYPTO */

From 60ea0fc185987f633131ea1684c112867599504e Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Tue, 20 Nov 2018 03:20:09 -0500
Subject: [PATCH 803/889] Remove trailing whitespace

---
 library/x509_crt.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/x509_crt.c b/library/x509_crt.c
index 92c052cc2..c5b6a1248 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -1903,7 +1903,7 @@ static int x509_crt_check_signature( const mbedtls_x509_crt *child,
     const mbedtls_md_info_t *md_info;
     md_info = mbedtls_md_info_from_type( child->sig_md );
     hash_len = mbedtls_md_get_size( md_info );
-    
+
     /* Note: hash errors can happen only after an internal error */
     if( mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash ) != 0 )
         return( -1 );

From 39d1f4b29f63a97f4e772c860d6c17e43586d84c Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Wed, 31 Oct 2018 05:16:46 -0400
Subject: [PATCH 804/889] pk_wrap.c: add support for ecdsa signature
 verification using PSA

Use PSA internally to verify signatures.
Add a conversion to a raw signature format.
---
 library/pk_wrap.c | 260 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 260 insertions(+)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 87806be33..f48b85039 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -45,6 +45,12 @@
 #include "mbedtls/platform_util.h"
 #endif
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#include "psa/crypto.h"
+#include "mbedtls/x509.h"
+#include "mbedtls/asn1.h"
+#endif
+
 #if defined(MBEDTLS_PLATFORM_C)
 #include "mbedtls/platform.h"
 #else
@@ -472,6 +478,259 @@ static int ecdsa_can_do( mbedtls_pk_type_t type )
     return( type == MBEDTLS_PK_ECDSA );
 }
 
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+static psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key )
+{
+    for( psa_key_slot_t slot = 1; slot <= 32; slot++ )
+    {
+        if( psa_get_key_information( slot, NULL, NULL )  == PSA_ERROR_EMPTY_SLOT )
+        {
+            *key = slot;
+            return( PSA_SUCCESS );
+        }
+    }
+    return( PSA_ERROR_INSUFFICIENT_MEMORY );
+}
+
+static psa_algorithm_t translate_md_to_psa( mbedtls_md_type_t md_alg )
+{
+    switch( md_alg )
+    {
+#if defined(MBEDTLS_MD2_C)
+    case MBEDTLS_MD_MD2:
+        return( PSA_ALG_MD2 );
+#endif
+#if defined(MBEDTLS_MD4_C)
+    case MBEDTLS_MD_MD4:
+        return( PSA_ALG_MD4 );
+#endif
+#if defined(MBEDTLS_MD5_C)
+    case MBEDTLS_MD_MD5:
+        return( PSA_ALG_MD5 );
+#endif
+#if defined(MBEDTLS_SHA1_C)
+    case MBEDTLS_MD_SHA1:
+        return( PSA_ALG_SHA_1 );
+#endif
+#if defined(MBEDTLS_SHA256_C)
+    case MBEDTLS_MD_SHA224:
+        return( PSA_ALG_SHA_224 );
+    case MBEDTLS_MD_SHA256:
+        return( PSA_ALG_SHA_256 );
+#endif
+#if defined(MBEDTLS_SHA512_C)
+    case MBEDTLS_MD_SHA384:
+        return( PSA_ALG_SHA_384 );
+    case MBEDTLS_MD_SHA512:
+        return( PSA_ALG_SHA_512 );
+#endif
+#if defined(MBEDTLS_RIPEMD160_C)
+    case MBEDTLS_MD_RIPEMD160:
+        return( PSA_ALG_RIPEMD160 );
+#endif
+    case MBEDTLS_MD_NONE:  // Intentional fallthrough
+    default:
+        return( 0 );
+    }
+}
+
+/*
+ * Convert a signature from an ASN.1 sequence of two integers
+ * to a raw {r,s} buffer. Note: upon a successful call, the caller
+ * takes ownership of the sig->p buffer.
+ */
+static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end,
+                              mbedtls_asn1_buf *sig )
+{
+    int ret;
+    size_t len_signature;
+    size_t len_partial;
+    int tag_type;
+    if( ( end - *p ) < 1 )
+        return( MBEDTLS_ERR_X509_INVALID_SIGNATURE +
+        MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+    tag_type = **p;
+
+    if( ( ret = mbedtls_asn1_get_tag(p, end, &len_partial,
+    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) {
+        return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + ret );
+    }
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &len_partial, MBEDTLS_ASN1_INTEGER ) )
+            != 0 )
+        return( ret );
+
+    if( **p == '\0' ) {
+        ( *p )++;
+        len_partial--;
+    }
+
+    sig->p = mbedtls_calloc( 2, len_partial );
+    if( sig->p == NULL ) {
+        return( MBEDTLS_ERR_ASN1_ALLOC_FAILED );
+    }
+
+    memcpy( sig->p, *p, len_partial );
+    len_signature = len_partial;
+    ( *p ) += len_partial;
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &len_partial, MBEDTLS_ASN1_INTEGER ) )
+         != 0 )
+    {
+        mbedtls_free( sig->p );
+        return( ret );
+    }
+
+    if( **p == '\0' ) {
+        ( *p )++;
+        len_partial--;
+    }
+
+    memcpy( sig->p + len_partial, *p, len_partial );
+    len_signature += len_partial;
+    sig->tag = tag_type;
+    sig->len = len_signature;
+    ( *p ) += len_partial;
+    return( 0 );
+}
+
+static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid )
+{
+    switch( grpid )
+    {
+#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP192R1:
+            return( PSA_ECC_CURVE_SECP192R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP224R1:
+            return( PSA_ECC_CURVE_SECP224R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP256R1:
+            return( PSA_ECC_CURVE_SECP256R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP384R1:
+            return( PSA_ECC_CURVE_SECP384R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP521R1:
+            return( PSA_ECC_CURVE_SECP521R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+        case MBEDTLS_ECP_DP_BP256R1:
+            return( PSA_ECC_CURVE_BRAINPOOL_P256R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+        case MBEDTLS_ECP_DP_BP384R1:
+            return( PSA_ECC_CURVE_BRAINPOOL_P384R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+        case MBEDTLS_ECP_DP_BP512R1:
+            return( PSA_ECC_CURVE_BRAINPOOL_P512R1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+        case MBEDTLS_ECP_DP_CURVE25519:
+            return( PSA_ECC_CURVE_CURVE25519 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP192K1:
+            return( PSA_ECC_CURVE_SECP192K1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP224K1:
+            return( PSA_ECC_CURVE_SECP224K1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+        case MBEDTLS_ECP_DP_SECP256K1:
+            return( PSA_ECC_CURVE_SECP256K1 );
+#endif
+#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+        case MBEDTLS_ECP_DP_CURVE448:
+            return( PSA_ECC_CURVE_CURVE448 );
+#endif
+        default:
+            return( 0 );
+    }
+}
+
+static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
+                       const unsigned char *hash, size_t hash_len,
+                       const unsigned char *sig, size_t sig_len )
+{
+    int ret;
+    psa_key_slot_t key_slot;
+    psa_key_policy_t policy;
+    psa_key_type_t psa_type;
+    mbedtls_pk_context key;
+    mbedtls_asn1_buf signature;
+    int key_len;
+    const int buff_len = 30 + 2 * MBEDTLS_ECP_MAX_BYTES; // Equivalent of ECP_PUB_DER_MAX_BYTES
+    unsigned char buf[buff_len];
+    unsigned char *p = ( unsigned char* ) sig;
+    mbedtls_pk_info_t pk_info = mbedtls_eckey_info;
+    psa_algorithm_t psa_sig_md = PSA_ALG_ECDSA( translate_md_to_psa( md_alg ) );
+    psa_ecc_curve_t curve = mbedtls_ecc_group_to_psa ( ( (mbedtls_ecdsa_context *) ctx )->grp.id );
+    ((void) md_alg);
+
+    memset( &signature, 0, sizeof( mbedtls_asn1_buf ) );
+    mbedtls_platform_zeroize( buf, buff_len );
+    key.pk_info = &pk_info;
+    key.pk_ctx = ctx;
+    psa_crypto_init();
+
+    psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve );
+
+    if( extract_ecdsa_sig( &p, p + sig_len, &signature ) != 0 )
+    {
+        ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    key_len = mbedtls_pk_write_pubkey_der( &key, buf, buff_len );
+    if( key_len <= 0 )
+    {
+        ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    if( mbedtls_psa_get_free_key_slot( &key_slot ) != PSA_SUCCESS )
+    {
+        ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+        goto cleanup;
+    }
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, psa_sig_md );
+    if( psa_set_key_policy( key_slot, &policy ) != PSA_SUCCESS )
+    {
+        ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+        goto cleanup;
+    }
+
+    if( psa_import_key( key_slot, psa_type, buf+buff_len-key_len, key_len )
+         != PSA_SUCCESS )
+    {
+        ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+
+    if( psa_asymmetric_verify( key_slot, psa_sig_md,
+                               hash, hash_len,
+                               signature.p, signature.len )
+         != PSA_SUCCESS )
+    {
+         psa_destroy_key( key_slot );
+         ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
+         goto cleanup;
+    }
+    ret = 0;
+    psa_destroy_key( key_slot );
+
+    cleanup:
+    mbedtls_free( signature.p );
+    return( ret );
+}
+#else /* MBEDTLS_USE_PSA_CRYPTO */
 static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
                        const unsigned char *hash, size_t hash_len,
                        const unsigned char *sig, size_t sig_len )
@@ -487,6 +746,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
 
     return( ret );
 }
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
 
 static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
                    const unsigned char *hash, size_t hash_len,

From 1e3b6865d7197e023735d364f6316963cb1b2686 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Tue, 6 Nov 2018 08:50:04 -0500
Subject: [PATCH 805/889] pk_wrap: cosmetic changes

Adjust whitespaces and variable names
---
 library/pk_wrap.c | 30 ++++++++++++++++--------------
 1 file changed, 16 insertions(+), 14 deletions(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index f48b85039..4a74621fc 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -547,12 +547,15 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end,
     size_t len_partial;
     int tag_type;
     if( ( end - *p ) < 1 )
+    {
         return( MBEDTLS_ERR_X509_INVALID_SIGNATURE +
-        MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+                MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+    }
     tag_type = **p;
 
-    if( ( ret = mbedtls_asn1_get_tag(p, end, &len_partial,
-    MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) {
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &len_partial,
+                MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
+    {
         return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + ret );
     }
 
@@ -560,15 +563,15 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end,
             != 0 )
         return( ret );
 
-    if( **p == '\0' ) {
+    if( **p == '\0' )
+    {
         ( *p )++;
         len_partial--;
     }
 
     sig->p = mbedtls_calloc( 2, len_partial );
-    if( sig->p == NULL ) {
+    if( sig->p == NULL )
         return( MBEDTLS_ERR_ASN1_ALLOC_FAILED );
-    }
 
     memcpy( sig->p, *p, len_partial );
     len_signature = len_partial;
@@ -580,7 +583,8 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end,
         return( ret );
     }
 
-    if( **p == '\0' ) {
+    if( **p == '\0' )
+    {
         ( *p )++;
         len_partial--;
     }
@@ -665,16 +669,14 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
     mbedtls_pk_context key;
     mbedtls_asn1_buf signature;
     int key_len;
-    const int buff_len = 30 + 2 * MBEDTLS_ECP_MAX_BYTES; // Equivalent of ECP_PUB_DER_MAX_BYTES
-    unsigned char buf[buff_len];
-    unsigned char *p = ( unsigned char* ) sig;
+    const int buf_len = 30 + 2 * MBEDTLS_ECP_MAX_BYTES; // Equivalent of ECP_PUB_DER_MAX_BYTES
+    unsigned char buf[buf_len];
+    unsigned char *p = (unsigned char*) sig;
     mbedtls_pk_info_t pk_info = mbedtls_eckey_info;
     psa_algorithm_t psa_sig_md = PSA_ALG_ECDSA( translate_md_to_psa( md_alg ) );
     psa_ecc_curve_t curve = mbedtls_ecc_group_to_psa ( ( (mbedtls_ecdsa_context *) ctx )->grp.id );
-    ((void) md_alg);
 
     memset( &signature, 0, sizeof( mbedtls_asn1_buf ) );
-    mbedtls_platform_zeroize( buf, buff_len );
     key.pk_info = &pk_info;
     key.pk_ctx = ctx;
     psa_crypto_init();
@@ -687,7 +689,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
         goto cleanup;
     }
 
-    key_len = mbedtls_pk_write_pubkey_der( &key, buf, buff_len );
+    key_len = mbedtls_pk_write_pubkey_der( &key, buf, buf_len );
     if( key_len <= 0 )
     {
         ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA;
@@ -707,7 +709,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
         goto cleanup;
     }
 
-    if( psa_import_key( key_slot, psa_type, buf+buff_len-key_len, key_len )
+    if( psa_import_key( key_slot, psa_type, buf+buf_len-key_len, key_len )
          != PSA_SUCCESS )
     {
         ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA;

From 6d49ae92233a6bd1442ecc5aff4ccec4c82719cc Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Wed, 7 Nov 2018 03:19:08 -0500
Subject: [PATCH 806/889] pk_wrap: nullify the signature pointer on error in
 extract_ecdsa_sig

Fix a double free error in ecdsa_verify_wrap
---
 library/pk_wrap.c | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 4a74621fc..3e150a20d 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -576,10 +576,11 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end,
     memcpy( sig->p, *p, len_partial );
     len_signature = len_partial;
     ( *p ) += len_partial;
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len_partial, MBEDTLS_ASN1_INTEGER ) )
-         != 0 )
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &len_partial,
+                                      MBEDTLS_ASN1_INTEGER ) ) != 0 )
     {
         mbedtls_free( sig->p );
+        sig->p = NULL;
         return( ret );
     }
 
@@ -684,10 +685,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
     psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve );
 
     if( extract_ecdsa_sig( &p, p + sig_len, &signature ) != 0 )
-    {
-        ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA;
-        goto cleanup;
-    }
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 
     key_len = mbedtls_pk_write_pubkey_der( &key, buf, buf_len );
     if( key_len <= 0 )

From f8c94a811a45d4e0291dbeba8aa622f1b115c064 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Wed, 7 Nov 2018 08:18:52 -0500
Subject: [PATCH 807/889] pk_wrap: check if curve conversion is successful

---
 library/pk_wrap.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 3e150a20d..6007a23c8 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -677,6 +677,9 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
     psa_algorithm_t psa_sig_md = PSA_ALG_ECDSA( translate_md_to_psa( md_alg ) );
     psa_ecc_curve_t curve = mbedtls_ecc_group_to_psa ( ( (mbedtls_ecdsa_context *) ctx )->grp.id );
 
+    if( curve == 0 )
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
     memset( &signature, 0, sizeof( mbedtls_asn1_buf ) );
     key.pk_info = &pk_info;
     key.pk_ctx = ctx;

From c097b0fdedd82e5a9369fa418c3c785bd81250b9 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Wed, 7 Nov 2018 09:30:50 -0500
Subject: [PATCH 808/889] pk_wrap: add a check for equal signature parts

---
 library/pk_wrap.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 6007a23c8..2e22ec9d3 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -542,10 +542,9 @@ static psa_algorithm_t translate_md_to_psa( mbedtls_md_type_t md_alg )
 static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end,
                               mbedtls_asn1_buf *sig )
 {
-    int ret;
-    size_t len_signature;
-    size_t len_partial;
-    int tag_type;
+    int ret, tag_type;
+    size_t len_signature, len_partial;
+
     if( ( end - *p ) < 1 )
     {
         return( MBEDTLS_ERR_X509_INVALID_SIGNATURE +
@@ -590,6 +589,10 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end,
         len_partial--;
     }
 
+    // Check if both parts are of the same size
+    if( len_partial != len_signature )
+    	return( MBEDTLS_ERR_X509_INVALID_SIGNATURE );
+
     memcpy( sig->p + len_partial, *p, len_partial );
     len_signature += len_partial;
     sig->tag = tag_type;

From 2f69b1a059a32deef1aa2886d290262a91656aa7 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Thu, 8 Nov 2018 04:33:06 -0500
Subject: [PATCH 809/889] pk_wrap: destroy key slot on errors with policy or
 key importing

---
 library/pk_wrap.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 2e22ec9d3..469dc253d 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -591,7 +591,7 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end,
 
     // Check if both parts are of the same size
     if( len_partial != len_signature )
-    	return( MBEDTLS_ERR_X509_INVALID_SIGNATURE );
+        return( MBEDTLS_ERR_X509_INVALID_SIGNATURE );
 
     memcpy( sig->p + len_partial, *p, len_partial );
     len_signature += len_partial;
@@ -696,15 +696,16 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
     key_len = mbedtls_pk_write_pubkey_der( &key, buf, buf_len );
     if( key_len <= 0 )
     {
-        ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA;
-        goto cleanup;
+        mbedtls_free( signature.p );
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
     }
 
     if( mbedtls_psa_get_free_key_slot( &key_slot ) != PSA_SUCCESS )
     {
-        ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
-        goto cleanup;
+        mbedtls_free( signature.p );
+        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
     }
+
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, psa_sig_md );
     if( psa_set_key_policy( key_slot, &policy ) != PSA_SUCCESS )
@@ -725,14 +726,13 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
                                signature.p, signature.len )
          != PSA_SUCCESS )
     {
-         psa_destroy_key( key_slot );
          ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
          goto cleanup;
     }
     ret = 0;
-    psa_destroy_key( key_slot );
 
     cleanup:
+    psa_destroy_key( key_slot );
     mbedtls_free( signature.p );
     return( ret );
 }

From 510ee70501d54c95f5a59aef4bed35a0aad6ae51 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Thu, 8 Nov 2018 05:04:53 -0500
Subject: [PATCH 810/889] pk_wrap: test if a valid md_alg is passed to
 ecdsa_verify_wrap

Adjust tests to pass a valid algorithm
---
 library/pk_wrap.c                   | 6 +++++-
 tests/suites/test_suite_pk.function | 3 ++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 469dc253d..4fc1a8552 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -677,12 +677,16 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
     unsigned char buf[buf_len];
     unsigned char *p = (unsigned char*) sig;
     mbedtls_pk_info_t pk_info = mbedtls_eckey_info;
-    psa_algorithm_t psa_sig_md = PSA_ALG_ECDSA( translate_md_to_psa( md_alg ) );
+    psa_algorithm_t psa_sig_md = translate_md_to_psa( md_alg );
     psa_ecc_curve_t curve = mbedtls_ecc_group_to_psa ( ( (mbedtls_ecdsa_context *) ctx )->grp.id );
 
     if( curve == 0 )
         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 
+    if( psa_sig_md == 0 )
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
+    psa_sig_md = PSA_ALG_ECDSA( psa_sig_md );
     memset( &signature, 0, sizeof( mbedtls_asn1_buf ) );
     key.pk_info = &pk_info;
     key.pk_ctx = ctx;
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 4813f71f7..c7c707558 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -246,7 +246,8 @@ void pk_ec_test_vec( int type, int id, data_t * key, data_t * hash,
     TEST_ASSERT( mbedtls_ecp_point_read_binary( &eckey->grp, &eckey->Q,
                                         key->x, key->len ) == 0 );
 
-    TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_NONE,
+    // MBEDTLS_MD_SHA1 is a dummy - it is ignored, but has to be other than MBEDTLS_MD_NONE.
+    TEST_ASSERT( mbedtls_pk_verify( &pk, MBEDTLS_MD_SHA1,
                             hash->x, hash->len, sig->x, sig->len ) == ret );
 
 exit:

From ca6330992e2f1f2c51239008612734de6fedd7fa Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Mon, 19 Nov 2018 14:33:01 -0500
Subject: [PATCH 811/889] pk_wrap: switch to helper functions defined in
 psa_util.h

Remove duplicated helper functions.
Remove an unnecessary call to psa_crypto_init().
---
 library/pk_wrap.c | 60 ++---------------------------------------------
 1 file changed, 2 insertions(+), 58 deletions(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 4fc1a8552..56ce69c54 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -47,7 +47,7 @@
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 #include "psa/crypto.h"
-#include "mbedtls/x509.h"
+#include "mbedtls/psa_util.h"
 #include "mbedtls/asn1.h"
 #endif
 
@@ -479,61 +479,6 @@ static int ecdsa_can_do( mbedtls_pk_type_t type )
 }
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-static psa_status_t mbedtls_psa_get_free_key_slot( psa_key_slot_t *key )
-{
-    for( psa_key_slot_t slot = 1; slot <= 32; slot++ )
-    {
-        if( psa_get_key_information( slot, NULL, NULL )  == PSA_ERROR_EMPTY_SLOT )
-        {
-            *key = slot;
-            return( PSA_SUCCESS );
-        }
-    }
-    return( PSA_ERROR_INSUFFICIENT_MEMORY );
-}
-
-static psa_algorithm_t translate_md_to_psa( mbedtls_md_type_t md_alg )
-{
-    switch( md_alg )
-    {
-#if defined(MBEDTLS_MD2_C)
-    case MBEDTLS_MD_MD2:
-        return( PSA_ALG_MD2 );
-#endif
-#if defined(MBEDTLS_MD4_C)
-    case MBEDTLS_MD_MD4:
-        return( PSA_ALG_MD4 );
-#endif
-#if defined(MBEDTLS_MD5_C)
-    case MBEDTLS_MD_MD5:
-        return( PSA_ALG_MD5 );
-#endif
-#if defined(MBEDTLS_SHA1_C)
-    case MBEDTLS_MD_SHA1:
-        return( PSA_ALG_SHA_1 );
-#endif
-#if defined(MBEDTLS_SHA256_C)
-    case MBEDTLS_MD_SHA224:
-        return( PSA_ALG_SHA_224 );
-    case MBEDTLS_MD_SHA256:
-        return( PSA_ALG_SHA_256 );
-#endif
-#if defined(MBEDTLS_SHA512_C)
-    case MBEDTLS_MD_SHA384:
-        return( PSA_ALG_SHA_384 );
-    case MBEDTLS_MD_SHA512:
-        return( PSA_ALG_SHA_512 );
-#endif
-#if defined(MBEDTLS_RIPEMD160_C)
-    case MBEDTLS_MD_RIPEMD160:
-        return( PSA_ALG_RIPEMD160 );
-#endif
-    case MBEDTLS_MD_NONE:  // Intentional fallthrough
-    default:
-        return( 0 );
-    }
-}
-
 /*
  * Convert a signature from an ASN.1 sequence of two integers
  * to a raw {r,s} buffer. Note: upon a successful call, the caller
@@ -677,7 +622,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
     unsigned char buf[buf_len];
     unsigned char *p = (unsigned char*) sig;
     mbedtls_pk_info_t pk_info = mbedtls_eckey_info;
-    psa_algorithm_t psa_sig_md = translate_md_to_psa( md_alg );
+    psa_algorithm_t psa_sig_md = mbedtls_psa_translate_md( md_alg );
     psa_ecc_curve_t curve = mbedtls_ecc_group_to_psa ( ( (mbedtls_ecdsa_context *) ctx )->grp.id );
 
     if( curve == 0 )
@@ -690,7 +635,6 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
     memset( &signature, 0, sizeof( mbedtls_asn1_buf ) );
     key.pk_info = &pk_info;
     key.pk_ctx = ctx;
-    psa_crypto_init();
 
     psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve );
 

From 45fc4641562daf97242b68f27286e51990292700 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Mon, 19 Nov 2018 14:53:35 -0500
Subject: [PATCH 812/889] pk_wrap: improve error codes returned from
 ecdsa_verify_wrap

Use the shared PSA utilities to translate errors.
---
 library/pk_wrap.c | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 56ce69c54..0d1d91b62 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -492,15 +492,14 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end,
 
     if( ( end - *p ) < 1 )
     {
-        return( MBEDTLS_ERR_X509_INVALID_SIGNATURE +
-                MBEDTLS_ERR_ASN1_OUT_OF_DATA );
+        return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
     }
     tag_type = **p;
 
     if( ( ret = mbedtls_asn1_get_tag( p, end, &len_partial,
                 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
     {
-        return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + ret );
+        return( ret );
     }
 
     if( ( ret = mbedtls_asn1_get_tag( p, end, &len_partial, MBEDTLS_ASN1_INTEGER ) )
@@ -536,7 +535,7 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end,
 
     // Check if both parts are of the same size
     if( len_partial != len_signature )
-        return( MBEDTLS_ERR_X509_INVALID_SIGNATURE );
+        return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
 
     memcpy( sig->p + len_partial, *p, len_partial );
     len_signature += len_partial;
@@ -638,8 +637,8 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
 
     psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve );
 
-    if( extract_ecdsa_sig( &p, p + sig_len, &signature ) != 0 )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+    if( ( ret = extract_ecdsa_sig( &p, p + sig_len, &signature ) ) != 0 )
+        return( ret );
 
     key_len = mbedtls_pk_write_pubkey_der( &key, buf, buf_len );
     if( key_len <= 0 )
@@ -648,17 +647,17 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
     }
 
-    if( mbedtls_psa_get_free_key_slot( &key_slot ) != PSA_SUCCESS )
+    if( ( ret = mbedtls_psa_get_free_key_slot( &key_slot ) ) != PSA_SUCCESS )
     {
         mbedtls_free( signature.p );
-        return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
+        return( mbedtls_psa_err_translate_pk( ret ) );
     }
 
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, psa_sig_md );
-    if( psa_set_key_policy( key_slot, &policy ) != PSA_SUCCESS )
+    if( ( ret = psa_set_key_policy( key_slot, &policy ) ) != PSA_SUCCESS )
     {
-        ret = MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
+        ret = mbedtls_psa_err_translate_pk( ret );
         goto cleanup;
     }
 

From 7b7808cc7654f524108ecda72eb2b337d60051c9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Thu, 15 Nov 2018 11:44:11 +0100
Subject: [PATCH 813/889] Add tests for ECDSA verify with short r, s values

This is intended to test transcoding the signature to the format expected by
PSA (fixed-length encoding of r, s) when r and s have respectively:
- full length with initial null byte
- full length without initial null byte
- non-full length with initial null byte
- non-full length without initial null byte

The signatures were generated using:

programs/pkey/pk_sign tests/data_files/server5.key foo

where foo is an empty file, and with a variant of one of the following patches
applied:

diff --git a/library/ecdsa.c b/library/ecdsa.c
index abac015cebc6..e4a27b044516 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -305,7 +305,9 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp,
                 ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
                 goto cleanup;
             }
+            printf("\ngenerating r...\n");

+gen:
             MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, pk, f_rng, p_rng ) );

 #if defined(MBEDTLS_ECP_RESTARTABLE)
@@ -317,6 +319,11 @@ mul:
             MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, &R, pk, &grp->G,
                                                   f_rng, p_rng, ECDSA_RS_ECP ) );
             MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( pr, &R.X, &grp->N ) );
+
+            size_t bits = mbedtls_mpi_bitlen( pr );
+            printf("%zu ", bits);
+            if( bits != 255 )
+                goto gen;
         }
         while( mbedtls_mpi_cmp_int( pr, 0 ) == 0 );

or:

diff --git a/library/ecdsa.c b/library/ecdsa.c
index abac015cebc6..d704376e0c42 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -305,7 +305,9 @@ static int ecdsa_sign_restartable( mbedtls_ecp_group *grp,
                 ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
                 goto cleanup;
             }
+            printf("\ngenerating r...\n");

+gen:
             MBEDTLS_MPI_CHK( mbedtls_ecp_gen_privkey( grp, pk, f_rng, p_rng ) );

 #if defined(MBEDTLS_ECP_RESTARTABLE)
@@ -353,6 +355,11 @@ modn:
         MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( s, pk, &grp->N ) );
         MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, s, &e ) );
         MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( s, s, &grp->N ) );
+
+            size_t bits = mbedtls_mpi_bitlen( s );
+            printf("%zu ", bits);
+            if( bits != 247 )
+                goto gen;
     }
     while( mbedtls_mpi_cmp_int( s, 0 ) == 0 );

with the value edited manually between each run to get the desired bit length.
---
 tests/suites/test_suite_pk.data | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/tests/suites/test_suite_pk.data b/tests/suites/test_suite_pk.data
index 478cde7be..11dff2675 100644
--- a/tests/suites/test_suite_pk.data
+++ b/tests/suites/test_suite_pk.data
@@ -38,6 +38,38 @@ EC(DSA) verify test vector #2 (bad)
 depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED
 pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP192R1:"046FDD3028FA94A863CD4F78DBFF8B3AA561FC6D9CCBBCA88E0AE6FA437F5415F957542D0717FF8B84562DAE99872EF841":"546869732073686F756C64206265207468652068617368206F662061206D6573736167652E00":"30350218185B2A7FB5CD9C9A8488B119B68B47D6EC833509CE9FA1FF021900FB7D259A744A2348BD45D241A39DC915B81CC2084100FA25":MBEDTLS_ERR_ECP_VERIFY_FAILED
 
+EC(DSA) verify test vector: good, bitlen(r) = 256
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"3046022100faecc085c6c5362b91ff1fd6dd77da80bc071bee9ff1ac0ef9509c017f13267c022100a7d0b908c938d3dd6c6a9cdc5b0a4a4ee455c519c1ff6cda959806b7e7461ba0":0
+
+EC(DSA) verify test vector: good, bitlen(r) = 255
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30450220639f36215b2ff09bb2beb871e122de74c8d5e29ce8a105aa2b95661f42803e72022100becd8f81b2c186f9d5d2c92378d7b9452ce6de231b0c8d17bac2d8537d2331fd":0
+
+EC(DSA) verify test vector: good, bitlen(r) = 248
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30450220009109f967f9082abc9c46e5ea07936529b82023a1a49b872c046f430983db2602210085f0b1960d61f8d75109b5b7ff991d3171320d2ab547104f864048455a965090":0
+
+EC(DSA) verify test vector: good, bitlen(r) = 247
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"3044021f461786833b50247b07194da6cedbd3caefbcd19c73b6283ccff5097cd0d73b022100d85d20b0b8c3b596eb1cdb0381e681fa0a8bccde4e89c139020af3b0f88e099c":0
+
+EC(DSA) verify test vector: good, bitlen(s) = 256
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30450220639f36215b2ff09bb2beb871e122de74c8d5e29ce8a105aa2b95661f42803e72022100becd8f81b2c186f9d5d2c92378d7b9452ce6de231b0c8d17bac2d8537d2331fd":0
+
+EC(DSA) verify test vector: good, bitlen(s) = 255
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"304402206ae26950c606d08fe5e1682efdccfb3a7213ca46bd523ffd20c4213fe1400d3402207612106ada7055926167650b257da7f4c42c190b8aa9e3b680f8751fe90c63a5":0
+
+EC(DSA) verify test vector: good, bitlen(s) = 248
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"3045022100fd4d718ab483827492e10b89745fad100d2dd257102b99aff179ee596a569f1f022000a1b777e32a8b4909763b615b805e59194e6196eb05719287a36eb5f17aa485":0
+
+EC(DSA) verify test vector: good, bitlen(s) = 247
+depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+pk_ec_test_vec:MBEDTLS_PK_ECKEY:MBEDTLS_ECP_DP_SECP256R1:"0437cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f768225962924ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855":"30430220685a6994daa6a14e4411b5267edc2a00beee907f2dddd956b2a5a1df791c15f8021f675db4538c000c734489ac737fddd5a739c5a23cd6c6eceea70c286ca4fac9":0
+
 ECDSA sign-verify
 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
 pk_sign_verify:MBEDTLS_PK_ECDSA:0:0

From 3016de3eebd5147d153f1059ca6b924f6a7a41ee Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Mon, 19 Nov 2018 17:01:16 -0500
Subject: [PATCH 814/889] pk_wrap: rework signature extraction to work with
 small r and s values

There is a probability that r will be encoded as 31 or less bytes in DER,
so additional padding is added in such case.
Added a signature-part extraction function to tidy up the code further.
---
 library/pk_wrap.c | 108 ++++++++++++++++++++++++++++------------------
 1 file changed, 66 insertions(+), 42 deletions(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 0d1d91b62..e33ea3fc5 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -479,70 +479,93 @@ static int ecdsa_can_do( mbedtls_pk_type_t type )
 }
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
+/*
+ * Extract one signature part of an ASN.1 integer type to a given buffer
+ * and adjust padding according to part_size.
+ */
+static int extract_ecdsa_sig_part( unsigned char **from, const unsigned char *end,
+                                   unsigned char *to, size_t part_size )
+{
+    int ret;
+    size_t len_total, len_partial, zero_padding;
+
+    if( ( ret = mbedtls_asn1_get_tag( from, end, &len_partial,
+                                      MBEDTLS_ASN1_INTEGER ) ) != 0 )
+    {
+        return( ret );
+    }
+
+    while( **from == '\0' && len_partial > 0 )
+    {
+        ( *from )++;
+        len_partial--;
+    }
+
+    if( len_partial > part_size || len_partial == 0 )
+        return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
+
+    zero_padding = part_size - len_partial;
+    memcpy( to + zero_padding, *from, len_partial );
+    len_total = len_partial + zero_padding;
+    while( zero_padding > 0 )
+    {
+        zero_padding--;
+        to[zero_padding] = 0;
+    }
+
+    ( *from ) += len_partial;
+    return len_total;
+}
+
 /*
  * Convert a signature from an ASN.1 sequence of two integers
  * to a raw {r,s} buffer. Note: upon a successful call, the caller
  * takes ownership of the sig->p buffer.
  */
 static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end,
-                              mbedtls_asn1_buf *sig )
+                              mbedtls_asn1_buf *sig, size_t int_size )
 {
-    int ret, tag_type;
-    size_t len_signature, len_partial;
+    int ret;
 
     if( ( end - *p ) < 1 )
     {
         return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
     }
-    tag_type = **p;
 
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len_partial,
-                MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        return( ret );
-    }
-
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len_partial, MBEDTLS_ASN1_INTEGER ) )
-            != 0 )
-        return( ret );
-
-    if( **p == '\0' )
-    {
-        ( *p )++;
-        len_partial--;
-    }
-
-    sig->p = mbedtls_calloc( 2, len_partial );
+    sig->p = mbedtls_calloc( 2, int_size );
     if( sig->p == NULL )
         return( MBEDTLS_ERR_ASN1_ALLOC_FAILED );
 
-    memcpy( sig->p, *p, len_partial );
-    len_signature = len_partial;
-    ( *p ) += len_partial;
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &len_partial,
-                                      MBEDTLS_ASN1_INTEGER ) ) != 0 )
+    sig->tag = **p;
+
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &sig->len,
+                MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
     {
-        mbedtls_free( sig->p );
-        sig->p = NULL;
-        return( ret );
+        goto cleanup;
     }
 
-    if( **p == '\0' )
+    /* Extract r */
+    if( ( ret = extract_ecdsa_sig_part( p, end, sig->p, int_size ) ) < 0)
     {
-        ( *p )++;
-        len_partial--;
+        goto cleanup;
     }
+    sig->len = ret;
 
-    // Check if both parts are of the same size
-    if( len_partial != len_signature )
-        return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
+    /* Extract s */
+    if( ( ret = extract_ecdsa_sig_part( p, end, sig->p + sig->len, int_size ) ) < 0)
+    {
+        goto cleanup;
+    }
+    sig->len += ret;
 
-    memcpy( sig->p + len_partial, *p, len_partial );
-    len_signature += len_partial;
-    sig->tag = tag_type;
-    sig->len = len_signature;
-    ( *p ) += len_partial;
     return( 0 );
+
+cleanup:
+    mbedtls_free( sig->p );
+    sig->p = NULL;
+    sig->len = 0;
+    sig->tag = 0;
+    return( ret );
 }
 
 static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid )
@@ -637,7 +660,8 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
 
     psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve );
 
-    if( ( ret = extract_ecdsa_sig( &p, p + sig_len, &signature ) ) != 0 )
+    if( ( ret = extract_ecdsa_sig( &p, p + sig_len, &signature,
+                   ( ( (mbedtls_ecdsa_context *) ctx )->grp.nbits + 7) / 8 ) ) != 0 )
         return( ret );
 
     key_len = mbedtls_pk_write_pubkey_der( &key, buf, buf_len );
@@ -678,7 +702,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
     }
     ret = 0;
 
-    cleanup:
+cleanup:
     psa_destroy_key( key_slot );
     mbedtls_free( signature.p );
     return( ret );

From 688ea8d10de20f46ed3e533992e4886c022c9721 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Mon, 19 Nov 2018 17:41:58 -0500
Subject: [PATCH 815/889] pk_wrap: reuse a static buffer for signature
 extraction

Use a buffer left over after importing a key to hold an extracted signature.
---
 library/pk_wrap.c | 37 +++++++++++++++++++------------------
 1 file changed, 19 insertions(+), 18 deletions(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index e33ea3fc5..46ffe4e27 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -519,8 +519,8 @@ static int extract_ecdsa_sig_part( unsigned char **from, const unsigned char *en
 
 /*
  * Convert a signature from an ASN.1 sequence of two integers
- * to a raw {r,s} buffer. Note: upon a successful call, the caller
- * takes ownership of the sig->p buffer.
+ * to a raw {r,s} buffer. Note: the provided sig buffer should be at least
+ * twice as big as int_size.
  */
 static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end,
                               mbedtls_asn1_buf *sig, size_t int_size )
@@ -532,9 +532,8 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end,
         return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
     }
 
-    sig->p = mbedtls_calloc( 2, int_size );
     if( sig->p == NULL )
-        return( MBEDTLS_ERR_ASN1_ALLOC_FAILED );
+        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
 
     sig->tag = **p;
 
@@ -561,8 +560,6 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end,
     return( 0 );
 
 cleanup:
-    mbedtls_free( sig->p );
-    sig->p = NULL;
     sig->len = 0;
     sig->tag = 0;
     return( ret );
@@ -640,12 +637,13 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
     mbedtls_pk_context key;
     mbedtls_asn1_buf signature;
     int key_len;
-    const int buf_len = 30 + 2 * MBEDTLS_ECP_MAX_BYTES; // Equivalent of ECP_PUB_DER_MAX_BYTES
+    const unsigned buf_len = 30 + 2 * MBEDTLS_ECP_MAX_BYTES; // Equivalent of ECP_PUB_DER_MAX_BYTES
     unsigned char buf[buf_len];
     unsigned char *p = (unsigned char*) sig;
     mbedtls_pk_info_t pk_info = mbedtls_eckey_info;
     psa_algorithm_t psa_sig_md = mbedtls_psa_translate_md( md_alg );
     psa_ecc_curve_t curve = mbedtls_ecc_group_to_psa ( ( (mbedtls_ecdsa_context *) ctx )->grp.id );
+    size_t signature_part_size = ( ( (mbedtls_ecdsa_context *) ctx ) ->grp.nbits + 7 ) / 8;
 
     if( curve == 0 )
         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
@@ -660,22 +658,12 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
 
     psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve );
 
-    if( ( ret = extract_ecdsa_sig( &p, p + sig_len, &signature,
-                   ( ( (mbedtls_ecdsa_context *) ctx )->grp.nbits + 7) / 8 ) ) != 0 )
-        return( ret );
-
     key_len = mbedtls_pk_write_pubkey_der( &key, buf, buf_len );
     if( key_len <= 0 )
-    {
-        mbedtls_free( signature.p );
         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-    }
 
     if( ( ret = mbedtls_psa_get_free_key_slot( &key_slot ) ) != PSA_SUCCESS )
-    {
-        mbedtls_free( signature.p );
         return( mbedtls_psa_err_translate_pk( ret ) );
-    }
 
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, psa_sig_md );
@@ -692,6 +680,20 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
         goto cleanup;
     }
 
+    /* Reuse the buffer of an already imported key */
+    if( 2 * signature_part_size > buf_len )
+    {
+        ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA;
+        goto cleanup;
+    }
+    signature.p = buf;
+
+    if( ( ret = extract_ecdsa_sig( &p, p + sig_len, &signature,
+                                   signature_part_size ) ) != 0 )
+    {
+        goto cleanup;
+    }
+
     if( psa_asymmetric_verify( key_slot, psa_sig_md,
                                hash, hash_len,
                                signature.p, signature.len )
@@ -704,7 +706,6 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
 
 cleanup:
     psa_destroy_key( key_slot );
-    mbedtls_free( signature.p );
     return( ret );
 }
 #else /* MBEDTLS_USE_PSA_CRYPTO */

From 73bf6b9e00e35e19c96042f359b495cc54e9d204 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Tue, 20 Nov 2018 05:04:35 -0500
Subject: [PATCH 816/889] pk_wrap: rework and tidy up signature extraction

Improve comments, use a normal buffer instead of mbedtls_asn1_buf,
remove unneeded variables and use shared utilities where possible.
---
 library/pk_wrap.c | 169 ++++++++++++----------------------------------
 1 file changed, 44 insertions(+), 125 deletions(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 46ffe4e27..8d6c0f263 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -480,150 +480,70 @@ static int ecdsa_can_do( mbedtls_pk_type_t type )
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 /*
- * Extract one signature part of an ASN.1 integer type to a given buffer
- * and adjust padding according to part_size.
+ * An ASN.1 encoded signature is a sequence of two ASN.1 integers. Parse one of
+ * those integers and convert it to the fixed-length encoding expected by PSA.
  */
-static int extract_ecdsa_sig_part( unsigned char **from, const unsigned char *end,
-                                   unsigned char *to, size_t part_size )
+static int extract_ecdsa_sig_int( unsigned char **from, const unsigned char *end,
+                                  unsigned char *to, size_t to_len )
 {
     int ret;
-    size_t len_total, len_partial, zero_padding;
+    size_t unpadded_len, padding_len;
 
-    if( ( ret = mbedtls_asn1_get_tag( from, end, &len_partial,
+    if( ( ret = mbedtls_asn1_get_tag( from, end, &unpadded_len,
                                       MBEDTLS_ASN1_INTEGER ) ) != 0 )
     {
         return( ret );
     }
 
-    while( **from == '\0' && len_partial > 0 )
+    while( unpadded_len > 0 && **from == 0x00 )
     {
         ( *from )++;
-        len_partial--;
+        unpadded_len--;
     }
 
-    if( len_partial > part_size || len_partial == 0 )
-        return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
+    if( unpadded_len > to_len || unpadded_len == 0 )
+        return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
 
-    zero_padding = part_size - len_partial;
-    memcpy( to + zero_padding, *from, len_partial );
-    len_total = len_partial + zero_padding;
-    while( zero_padding > 0 )
-    {
-        zero_padding--;
-        to[zero_padding] = 0;
-    }
+    padding_len = to_len - unpadded_len;
+    memcpy( to + padding_len, *from, unpadded_len );
+    ( *from ) += unpadded_len;
 
-    ( *from ) += len_partial;
-    return len_total;
+    memset( to, 0x00, padding_len );
+
+    return( 0 );
 }
 
 /*
  * Convert a signature from an ASN.1 sequence of two integers
- * to a raw {r,s} buffer. Note: the provided sig buffer should be at least
+ * to a raw {r,s} buffer. Note: the provided sig buffer must be at least
  * twice as big as int_size.
  */
 static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end,
-                              mbedtls_asn1_buf *sig, size_t int_size )
+                              unsigned char *sig, size_t int_size )
 {
     int ret;
+    size_t tmp_size;
 
     if( ( end - *p ) < 1 )
     {
         return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
     }
 
-    if( sig->p == NULL )
+    if( sig == NULL )
         return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
 
-    sig->tag = **p;
-
-    if( ( ret = mbedtls_asn1_get_tag( p, end, &sig->len,
+    if( ( ret = mbedtls_asn1_get_tag( p, end, &tmp_size,
                 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
-    {
-        goto cleanup;
-    }
+        return( ret );
 
     /* Extract r */
-    if( ( ret = extract_ecdsa_sig_part( p, end, sig->p, int_size ) ) < 0)
-    {
-        goto cleanup;
-    }
-    sig->len = ret;
-
+    if( ( ret = extract_ecdsa_sig_int( p, end, sig, int_size ) ) != 0 )
+        return( ret );
     /* Extract s */
-    if( ( ret = extract_ecdsa_sig_part( p, end, sig->p + sig->len, int_size ) ) < 0)
-    {
-        goto cleanup;
-    }
-    sig->len += ret;
+    if( ( ret = extract_ecdsa_sig_int( p, end, sig + int_size, int_size ) ) != 0 )
+        return( ret );
 
     return( 0 );
-
-cleanup:
-    sig->len = 0;
-    sig->tag = 0;
-    return( ret );
-}
-
-static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid )
-{
-    switch( grpid )
-    {
-#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
-        case MBEDTLS_ECP_DP_SECP192R1:
-            return( PSA_ECC_CURVE_SECP192R1 );
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
-        case MBEDTLS_ECP_DP_SECP224R1:
-            return( PSA_ECC_CURVE_SECP224R1 );
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
-        case MBEDTLS_ECP_DP_SECP256R1:
-            return( PSA_ECC_CURVE_SECP256R1 );
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
-        case MBEDTLS_ECP_DP_SECP384R1:
-            return( PSA_ECC_CURVE_SECP384R1 );
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
-        case MBEDTLS_ECP_DP_SECP521R1:
-            return( PSA_ECC_CURVE_SECP521R1 );
-#endif
-#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
-        case MBEDTLS_ECP_DP_BP256R1:
-            return( PSA_ECC_CURVE_BRAINPOOL_P256R1 );
-#endif
-#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
-        case MBEDTLS_ECP_DP_BP384R1:
-            return( PSA_ECC_CURVE_BRAINPOOL_P384R1 );
-#endif
-#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
-        case MBEDTLS_ECP_DP_BP512R1:
-            return( PSA_ECC_CURVE_BRAINPOOL_P512R1 );
-#endif
-#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
-        case MBEDTLS_ECP_DP_CURVE25519:
-            return( PSA_ECC_CURVE_CURVE25519 );
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
-        case MBEDTLS_ECP_DP_SECP192K1:
-            return( PSA_ECC_CURVE_SECP192K1 );
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
-        case MBEDTLS_ECP_DP_SECP224K1:
-            return( PSA_ECC_CURVE_SECP224K1 );
-#endif
-#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
-        case MBEDTLS_ECP_DP_SECP256K1:
-            return( PSA_ECC_CURVE_SECP256K1 );
-#endif
-#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
-        case MBEDTLS_ECP_DP_CURVE448:
-            return( PSA_ECC_CURVE_CURVE448 );
-#endif
-        default:
-            return( 0 );
-    }
 }
 
 static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
@@ -635,36 +555,36 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
     psa_key_policy_t policy;
     psa_key_type_t psa_type;
     mbedtls_pk_context key;
-    mbedtls_asn1_buf signature;
     int key_len;
-    const unsigned buf_len = 30 + 2 * MBEDTLS_ECP_MAX_BYTES; // Equivalent of ECP_PUB_DER_MAX_BYTES
-    unsigned char buf[buf_len];
+    /* see ECP_PUB_DER_MAX_BYTES in pkwrite.c */
+    unsigned char buf[30 + 2 * MBEDTLS_ECP_MAX_BYTES];
     unsigned char *p = (unsigned char*) sig;
     mbedtls_pk_info_t pk_info = mbedtls_eckey_info;
-    psa_algorithm_t psa_sig_md = mbedtls_psa_translate_md( md_alg );
-    psa_ecc_curve_t curve = mbedtls_ecc_group_to_psa ( ( (mbedtls_ecdsa_context *) ctx )->grp.id );
+    psa_algorithm_t psa_sig_md, psa_md;
+    psa_ecc_curve_t curve = mbedtls_psa_translate_ecc_group (
+                            ( (mbedtls_ecdsa_context *) ctx )->grp.id );
     size_t signature_part_size = ( ( (mbedtls_ecdsa_context *) ctx ) ->grp.nbits + 7 ) / 8;
 
     if( curve == 0 )
         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 
-    if( psa_sig_md == 0 )
-        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
-
-    psa_sig_md = PSA_ALG_ECDSA( psa_sig_md );
-    memset( &signature, 0, sizeof( mbedtls_asn1_buf ) );
+    /* mbedlts_pk_write_pubkey_der() expects a full PK context,
+     * re-construct one to make it happy */
     key.pk_info = &pk_info;
     key.pk_ctx = ctx;
-
-    psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve );
-
-    key_len = mbedtls_pk_write_pubkey_der( &key, buf, buf_len );
+    key_len = mbedtls_pk_write_pubkey_der( &key, buf, sizeof( buf ) );
     if( key_len <= 0 )
         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
 
     if( ( ret = mbedtls_psa_get_free_key_slot( &key_slot ) ) != PSA_SUCCESS )
         return( mbedtls_psa_err_translate_pk( ret ) );
 
+    psa_md = mbedtls_psa_translate_md( md_alg );
+    if( psa_md == 0 )
+        return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+    psa_sig_md = PSA_ALG_ECDSA( psa_md );
+    psa_type = PSA_KEY_TYPE_ECC_PUBLIC_KEY( curve );
+
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, psa_sig_md );
     if( ( ret = psa_set_key_policy( key_slot, &policy ) ) != PSA_SUCCESS )
@@ -673,7 +593,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
         goto cleanup;
     }
 
-    if( psa_import_key( key_slot, psa_type, buf+buf_len-key_len, key_len )
+    if( psa_import_key( key_slot, psa_type, buf + sizeof( buf ) - key_len, key_len )
          != PSA_SUCCESS )
     {
         ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA;
@@ -681,14 +601,13 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
     }
 
     /* Reuse the buffer of an already imported key */
-    if( 2 * signature_part_size > buf_len )
+    if( 2 * signature_part_size > sizeof( buf ) )
     {
         ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA;
         goto cleanup;
     }
-    signature.p = buf;
 
-    if( ( ret = extract_ecdsa_sig( &p, p + sig_len, &signature,
+    if( ( ret = extract_ecdsa_sig( &p, p + sig_len, buf,
                                    signature_part_size ) ) != 0 )
     {
         goto cleanup;
@@ -696,7 +615,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
 
     if( psa_asymmetric_verify( key_slot, psa_sig_md,
                                hash, hash_len,
-                               signature.p, signature.len )
+                               buf, 2 * signature_part_size )
          != PSA_SUCCESS )
     {
          ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;

From e30ad542a10d2c506e2948f6d445afaf44f82734 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Tue, 20 Nov 2018 05:14:46 -0500
Subject: [PATCH 817/889] Cosmetic changes

Move memset to a more relevant spot, fix one whitespace error
---
 library/pk_wrap.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 8d6c0f263..1b626c75a 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -505,11 +505,10 @@ static int extract_ecdsa_sig_int( unsigned char **from, const unsigned char *end
         return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
 
     padding_len = to_len - unpadded_len;
+    memset( to, 0x00, padding_len );
     memcpy( to + padding_len, *from, unpadded_len );
     ( *from ) += unpadded_len;
 
-    memset( to, 0x00, padding_len );
-
     return( 0 );
 }
 
@@ -561,7 +560,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
     unsigned char *p = (unsigned char*) sig;
     mbedtls_pk_info_t pk_info = mbedtls_eckey_info;
     psa_algorithm_t psa_sig_md, psa_md;
-    psa_ecc_curve_t curve = mbedtls_psa_translate_ecc_group (
+    psa_ecc_curve_t curve = mbedtls_psa_translate_ecc_group(
                             ( (mbedtls_ecdsa_context *) ctx )->grp.id );
     size_t signature_part_size = ( ( (mbedtls_ecdsa_context *) ctx ) ->grp.nbits + 7 ) / 8;
 

From 96cc1b3def98f62c3e5f87ca2155d7d52a8ad598 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Tue, 20 Nov 2018 06:39:06 -0500
Subject: [PATCH 818/889] pk_wrap.c: tidy up signature extraction

Add a sanity check for signature length, remove superfluous bounds check.
---
 library/pk_wrap.c | 21 ++++++++++-----------
 1 file changed, 10 insertions(+), 11 deletions(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 1b626c75a..9fc7e22b9 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -523,14 +523,6 @@ static int extract_ecdsa_sig( unsigned char **p, const unsigned char *end,
     int ret;
     size_t tmp_size;
 
-    if( ( end - *p ) < 1 )
-    {
-        return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
-    }
-
-    if( sig == NULL )
-        return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
-
     if( ( ret = mbedtls_asn1_get_tag( p, end, &tmp_size,
                 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
         return( ret );
@@ -562,7 +554,7 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
     psa_algorithm_t psa_sig_md, psa_md;
     psa_ecc_curve_t curve = mbedtls_psa_translate_ecc_group(
                             ( (mbedtls_ecdsa_context *) ctx )->grp.id );
-    size_t signature_part_size = ( ( (mbedtls_ecdsa_context *) ctx ) ->grp.nbits + 7 ) / 8;
+    const size_t signature_part_size = ( ( (mbedtls_ecdsa_context *) ctx )->grp.nbits + 7 ) / 8;
 
     if( curve == 0 )
         return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
@@ -599,19 +591,26 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
         goto cleanup;
     }
 
-    /* Reuse the buffer of an already imported key */
+    /* We don't need the exported key anymore and can
+     * reuse its buffer for signature extraction. */
     if( 2 * signature_part_size > sizeof( buf ) )
     {
         ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA;
         goto cleanup;
     }
 
-    if( ( ret = extract_ecdsa_sig( &p, p + sig_len, buf,
+    if( ( ret = extract_ecdsa_sig( &p, sig + sig_len, buf,
                                    signature_part_size ) ) != 0 )
     {
         goto cleanup;
     }
 
+    if( p != sig + sig_len )
+    {
+        ret = MBEDTLS_ERR_PK_SIG_LEN_MISMATCH;
+        goto cleanup;
+    }
+
     if( psa_asymmetric_verify( key_slot, psa_sig_md,
                                hash, hash_len,
                                buf, 2 * signature_part_size )

From 266d907c87ac43d5f518fad7134ba70d64bfb5df Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Tue, 20 Nov 2018 07:59:18 -0500
Subject: [PATCH 819/889] pk_wrap.c: fix length mismatch check placement

---
 library/pk_wrap.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 9fc7e22b9..3690fef5b 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -605,12 +605,6 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
         goto cleanup;
     }
 
-    if( p != sig + sig_len )
-    {
-        ret = MBEDTLS_ERR_PK_SIG_LEN_MISMATCH;
-        goto cleanup;
-    }
-
     if( psa_asymmetric_verify( key_slot, psa_sig_md,
                                hash, hash_len,
                                buf, 2 * signature_part_size )
@@ -619,6 +613,12 @@ static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
          ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
          goto cleanup;
     }
+
+    if( p != sig + sig_len )
+    {
+        ret = MBEDTLS_ERR_PK_SIG_LEN_MISMATCH;
+        goto cleanup;
+    }
     ret = 0;
 
 cleanup:

From 82df32e3fd99608de3df042d69f70bd278306079 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden@patater.com>
Date: Fri, 23 Nov 2018 15:11:20 +0000
Subject: [PATCH 820/889] psa: Unused key_bits is OK

When MD or CMAC are disabled, let the compiler know that it is OK that
`key_bits` is set but not used by casting `key_bits` to `(void)`.
---
 library/psa_crypto.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 291dcdb0d..d100eb1fc 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1869,6 +1869,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
     else
 #endif /* MBEDTLS_MD_C */
     {
+        (void) key_bits;
         status = PSA_ERROR_NOT_SUPPORTED;
     }
 

From 5e769522359e3b07167f9d1696c971cd5d19fc6e Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 20 Nov 2018 21:59:56 +0100
Subject: [PATCH 821/889] Add a facility to configure entropy sources

Add a function to configure entropy sources. For testing only.

Use it to test that the library initialization fails properly if there is no
entropy source.
---
 library/psa_crypto.c                          | 25 ++++-
 library/psa_crypto_invasive.h                 | 79 ++++++++++++++++
 tests/suites/test_suite_psa_crypto_init.data  |  6 ++
 .../test_suite_psa_crypto_init.function       | 93 +++++++++++++++++++
 4 files changed, 200 insertions(+), 3 deletions(-)
 create mode 100644 library/psa_crypto_invasive.h

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 4c0ac1213..f4c87d3e2 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -43,6 +43,7 @@
 
 #include "psa/crypto.h"
 
+#include "psa_crypto_invasive.h"
 /* Include internal declarations that are useful for implementing persistently
  * stored keys. */
 #include "psa_crypto_storage.h"
@@ -155,6 +156,8 @@ enum rng_state
 
 typedef struct
 {
+    void (* entropy_init )( mbedtls_entropy_context *ctx );
+    void (* entropy_free )( mbedtls_entropy_context *ctx );
     mbedtls_entropy_context entropy;
     mbedtls_ctr_drbg_context ctr_drbg;
     key_slot_t key_slots[PSA_KEY_SLOT_COUNT];
@@ -4437,6 +4440,17 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
 /* Module setup */
 /****************************************************************/
 
+psa_status_t mbedtls_psa_crypto_configure_entropy_sources(
+    void (* entropy_init )( mbedtls_entropy_context *ctx ),
+    void (* entropy_free )( mbedtls_entropy_context *ctx ) )
+{
+    if( global_data.rng_state != RNG_NOT_INITIALIZED )
+        return( PSA_ERROR_BAD_STATE );
+    global_data.entropy_init = entropy_init;
+    global_data.entropy_free = entropy_free;
+    return( PSA_SUCCESS );
+}
+
 void mbedtls_psa_crypto_free( void )
 {
     psa_key_slot_t key;
@@ -4457,7 +4471,7 @@ void mbedtls_psa_crypto_free( void )
     if( global_data.rng_state != RNG_NOT_INITIALIZED )
     {
         mbedtls_ctr_drbg_free( &global_data.ctr_drbg );
-        mbedtls_entropy_free( &global_data.entropy );
+        global_data.entropy_free( &global_data.entropy );
     }
     /* Wipe all remaining data, including configuration.
      * In particular, this sets all state indicator to the value
@@ -4474,10 +4488,15 @@ psa_status_t psa_crypto_init( void )
     if( global_data.initialized != 0 )
         return( PSA_SUCCESS );
 
-    mbedtls_zeroize( &global_data, sizeof( global_data ) );
+    /* Set default configuration if
+     * mbedtls_psa_crypto_configure_entropy_sources() hasn't been called. */
+    if( global_data.entropy_init == NULL )
+        global_data.entropy_init = mbedtls_entropy_init;
+    if( global_data.entropy_free == NULL )
+        global_data.entropy_free = mbedtls_entropy_free;
 
     /* Initialize the random generator. */
-    mbedtls_entropy_init( &global_data.entropy );
+    global_data.entropy_init( &global_data.entropy );
     mbedtls_ctr_drbg_init( &global_data.ctr_drbg );
     global_data.rng_state = RNG_INITIALIZED;
     ret = mbedtls_ctr_drbg_seed( &global_data.ctr_drbg,
diff --git a/library/psa_crypto_invasive.h b/library/psa_crypto_invasive.h
new file mode 100644
index 000000000..642652a47
--- /dev/null
+++ b/library/psa_crypto_invasive.h
@@ -0,0 +1,79 @@
+/**
+ * \file psa_crypto_invasive.h
+ *
+ * \brief PSA cryptography module: invasive interfaces for test only.
+ *
+ * The interfaces in this file are intended for testing purposes only.
+ * They MUST NOT be made available to clients over IPC in integrations
+ * with isolation, and they SHOULD NOT be made available in library
+ * integrations except when building the library for testing.
+ */
+/*
+ *  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_INVASIVE_H
+#define PSA_CRYPTO_INVASIVE_H
+
+#if defined(MBEDTLS_CONFIG_FILE)
+#include MBEDTLS_CONFIG_FILE
+#else
+#include "mbedtls/config.h"
+#endif
+
+#include "psa/crypto.h"
+
+#include "mbedtls/entropy.h"
+
+/** \brief Configure entropy sources.
+ *
+ * This function may only be called before a call to psa_crypto_init(),
+ * or after a call to mbedtls_psa_crypto_free() and before any
+ * subsequent call to psa_crypto_init().
+ *
+ * This function is only intended for test purposes. The functionality
+ * it provides is also useful for system integrators, but
+ * system integrators should configure entropy drivers instead of
+ * breaking through to the Mbed TLS API.
+ *
+ * \param entropy_init  Function to initialize the entropy context
+ *                      and set up the desired entropy sources.
+ *                      It is called by psa_crypto_init().
+ *                      By default this is mbedtls_entropy_init().
+ *                      This function cannot report failures directly.
+ *                      To indicate a failure, set the entropy context
+ *                      to a state where mbedtls_entropy_func() will
+ *                      return an error.
+ * \param entropy_free  Function to free the entropy context
+ *                      and associated resources.
+ *                      It is called by mbedtls_psa_crypto_free().
+ *                      By default this is mbedtls_entropy_free().
+ *
+ * \retval PSA_SUCCESS
+ *         Success.
+ * \retval PSA_ERROR_NOT_PERMITTED
+ *         The caller does not have the permission to configure
+ *         entropy sources.
+ * \retval PSA_ERROR_BAD_STATE
+ *         The library has already been initialized.
+ */
+psa_status_t mbedtls_psa_crypto_configure_entropy_sources(
+    void (* entropy_init )( mbedtls_entropy_context *ctx ),
+    void (* entropy_free )( mbedtls_entropy_context *ctx ) );
+
+#endif /* PSA_CRYPTO_INVASIVE_H */
diff --git a/tests/suites/test_suite_psa_crypto_init.data b/tests/suites/test_suite_psa_crypto_init.data
index e44111814..8ce044dc6 100644
--- a/tests/suites/test_suite_psa_crypto_init.data
+++ b/tests/suites/test_suite_psa_crypto_init.data
@@ -18,3 +18,9 @@ validate_module_init_generate_random:1
 
 No key slot access after deinit
 validate_module_init_key_based:1
+
+Custom entropy sources: all standard
+custom_entropy_sources:0x0000ffff:PSA_SUCCESS
+
+Custom entropy sources: none
+custom_entropy_sources:0:PSA_ERROR_INSUFFICIENT_ENTROPY
diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function
index 7cb10c0a1..0957969d5 100644
--- a/tests/suites/test_suite_psa_crypto_init.function
+++ b/tests/suites/test_suite_psa_crypto_init.function
@@ -6,6 +6,73 @@
 #endif
 #include "psa/crypto.h"
 
+/* Some tests in this module configure entropy sources. */
+#include "psa_crypto_invasive.h"
+
+#include "mbedtls/entropy.h"
+#include "mbedtls/entropy_poll.h"
+
+#define ENTROPY_SOURCE_PLATFORM                 0x00000001
+#define ENTROPY_SOURCE_TIMING                   0x00000002
+#define ENTROPY_SOURCE_HAVEGE                   0x00000004
+#define ENTROPY_SOURCE_HARDWARE                 0x00000008
+#define ENTROPY_SOURCE_NV_SEED                  0x00000010
+static uint32_t custom_entropy_sources_mask;
+
+/* This is a modified version of mbedtls_entropy_init() from entropy.c
+ * which chooses entropy sources dynamically. */
+static void custom_entropy_init( mbedtls_entropy_context *ctx )
+{
+    ctx->source_count = 0;
+    memset( ctx->source, 0, sizeof( ctx->source ) );
+
+#if defined(MBEDTLS_THREADING_C)
+    mbedtls_mutex_init( &ctx->mutex );
+#endif
+
+    ctx->accumulator_started = 0;
+#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
+    mbedtls_sha512_init( &ctx->accumulator );
+#else
+    mbedtls_sha256_init( &ctx->accumulator );
+#endif
+#if defined(MBEDTLS_HAVEGE_C)
+    mbedtls_havege_init( &ctx->havege_data );
+#endif
+
+#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
+    if( custom_entropy_sources_mask & ENTROPY_SOURCE_PLATFORM )
+        mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL,
+                                    MBEDTLS_ENTROPY_MIN_PLATFORM,
+                                    MBEDTLS_ENTROPY_SOURCE_STRONG );
+#endif
+#if defined(MBEDTLS_TIMING_C)
+    if( custom_entropy_sources_mask & ENTROPY_SOURCE_TIMING )
+        mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL,
+                                    MBEDTLS_ENTROPY_MIN_HARDCLOCK,
+                                    MBEDTLS_ENTROPY_SOURCE_WEAK );
+#endif
+#if defined(MBEDTLS_HAVEGE_C)
+    if( custom_entropy_sources_mask & ENTROPY_SOURCE_HAVEGE )
+        mbedtls_entropy_add_source( ctx, mbedtls_havege_poll, &ctx->havege_data,
+                                    MBEDTLS_ENTROPY_MIN_HAVEGE,
+                                    MBEDTLS_ENTROPY_SOURCE_STRONG );
+#endif
+#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
+    if( custom_entropy_sources_mask & ENTROPY_SOURCE_HARDWARE )
+        mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL,
+                                    MBEDTLS_ENTROPY_MIN_HARDWARE,
+                                    MBEDTLS_ENTROPY_SOURCE_STRONG );
+#endif
+#if defined(MBEDTLS_ENTROPY_NV_SEED)
+    if( custom_entropy_sources_mask & ENTROPY_SOURCE_NV_SEED )
+        mbedtls_entropy_add_source( ctx, mbedtls_nv_seed_poll, NULL,
+                                    MBEDTLS_ENTROPY_BLOCK_SIZE,
+                                    MBEDTLS_ENTROPY_SOURCE_STRONG );
+    ctx->initial_entropy_run = 0;
+#endif
+}
+
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
@@ -75,3 +142,29 @@ void validate_module_init_key_based( int count )
     TEST_ASSERT( status == PSA_ERROR_BAD_STATE );
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void custom_entropy_sources( int sources_arg, int expected_init_status_arg )
+{
+    psa_status_t expected_init_status = expected_init_status_arg;
+    int inited = 0;
+    uint8_t random[10] = { 0 };
+
+    custom_entropy_sources_mask = sources_arg;
+    TEST_ASSERT( mbedtls_psa_crypto_configure_entropy_sources(
+                     custom_entropy_init, mbedtls_entropy_free ) ==
+                 PSA_SUCCESS );
+
+    TEST_ASSERT( psa_crypto_init( ) == expected_init_status );
+    if( expected_init_status != PSA_SUCCESS )
+        goto exit;
+    inited = 1;
+
+    TEST_ASSERT( psa_generate_random( random, sizeof( random ) ) ==
+                 PSA_SUCCESS );
+
+exit:
+    if( inited )
+        mbedtls_psa_crypto_free( );
+}
+/* END_CASE */

From ebe770c693250dc2cc179b54361b81849fddd0a8 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 20 Nov 2018 22:41:50 +0100
Subject: [PATCH 822/889] Add tests with a fake entropy source

Add tests with a fake entropy source to check that the required amount
of entropy is one block, fed in one or more steps.
---
 tests/suites/test_suite_psa_crypto_init.data  | 15 ++++
 .../test_suite_psa_crypto_init.function       | 82 ++++++++++++++++++-
 2 files changed, 93 insertions(+), 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto_init.data b/tests/suites/test_suite_psa_crypto_init.data
index 8ce044dc6..58817d93b 100644
--- a/tests/suites/test_suite_psa_crypto_init.data
+++ b/tests/suites/test_suite_psa_crypto_init.data
@@ -24,3 +24,18 @@ custom_entropy_sources:0x0000ffff:PSA_SUCCESS
 
 Custom entropy sources: none
 custom_entropy_sources:0:PSA_ERROR_INSUFFICIENT_ENTROPY
+
+Fake entropy: never returns anything
+fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:0:0:0:0:PSA_ERROR_INSUFFICIENT_ENTROPY
+
+Fake entropy: less than the block size
+fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:-1:-1:-1:PSA_ERROR_INSUFFICIENT_ENTROPY
+
+Fake entropy: one block eventually
+fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:0:0:0:MBEDTLS_ENTROPY_BLOCK_SIZE:PSA_SUCCESS
+
+Fake entropy: one block in two steps
+fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:1:-1:-1:PSA_SUCCESS
+
+Fake entropy: more than one block in two steps
+fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:-1:-1:PSA_SUCCESS
diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function
index 0957969d5..5aa571d49 100644
--- a/tests/suites/test_suite_psa_crypto_init.function
+++ b/tests/suites/test_suite_psa_crypto_init.function
@@ -12,12 +12,41 @@
 #include "mbedtls/entropy.h"
 #include "mbedtls/entropy_poll.h"
 
+#define MIN( x, y ) ( ( x ) < ( y ) ? ( x ) : ( y ) )
+
+typedef struct
+{
+    size_t threshold; /* Minimum bytes to make mbedtls_entropy_func happy */
+    size_t max_steps;
+    size_t *length_sequence;
+    size_t step;
+} fake_entropy_state_t;
+static int fake_entropy_source( void *state_arg,
+                                unsigned char *output, size_t len,
+                                size_t *olen )
+{
+    fake_entropy_state_t *state = state_arg;
+    size_t i;
+
+    if( state->step >= state->max_steps )
+        return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
+
+    *olen = MIN( len, state->length_sequence[state->step] );
+    for( i = 0; i < *olen; i++ )
+        output[i] = i;
+    ++state->step;
+    return( 0 );
+};
+
 #define ENTROPY_SOURCE_PLATFORM                 0x00000001
 #define ENTROPY_SOURCE_TIMING                   0x00000002
 #define ENTROPY_SOURCE_HAVEGE                   0x00000004
 #define ENTROPY_SOURCE_HARDWARE                 0x00000008
 #define ENTROPY_SOURCE_NV_SEED                  0x00000010
+#define ENTROPY_SOURCE_FAKE                     0x40000000
+
 static uint32_t custom_entropy_sources_mask;
+static fake_entropy_state_t fake_entropy_state;
 
 /* This is a modified version of mbedtls_entropy_init() from entropy.c
  * which chooses entropy sources dynamically. */
@@ -71,6 +100,12 @@ static void custom_entropy_init( mbedtls_entropy_context *ctx )
                                     MBEDTLS_ENTROPY_SOURCE_STRONG );
     ctx->initial_entropy_run = 0;
 #endif
+
+    if( custom_entropy_sources_mask & ENTROPY_SOURCE_FAKE )
+        mbedtls_entropy_add_source( ctx,
+                                    fake_entropy_source, &fake_entropy_state,
+                                    fake_entropy_state.threshold,
+                                    MBEDTLS_ENTROPY_SOURCE_STRONG );
 }
 
 /* END_HEADER */
@@ -147,7 +182,6 @@ void validate_module_init_key_based( int count )
 void custom_entropy_sources( int sources_arg, int expected_init_status_arg )
 {
     psa_status_t expected_init_status = expected_init_status_arg;
-    int inited = 0;
     uint8_t random[10] = { 0 };
 
     custom_entropy_sources_mask = sources_arg;
@@ -158,13 +192,53 @@ void custom_entropy_sources( int sources_arg, int expected_init_status_arg )
     TEST_ASSERT( psa_crypto_init( ) == expected_init_status );
     if( expected_init_status != PSA_SUCCESS )
         goto exit;
-    inited = 1;
 
     TEST_ASSERT( psa_generate_random( random, sizeof( random ) ) ==
                  PSA_SUCCESS );
 
 exit:
-    if( inited )
-        mbedtls_psa_crypto_free( );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void fake_entropy_source( int threshold,
+                          int amount1,
+                          int amount2,
+                          int amount3,
+                          int amount4,
+                          int expected_init_status_arg )
+{
+    psa_status_t expected_init_status = expected_init_status_arg;
+    uint8_t random[10] = { 0 };
+    size_t lengths[4];
+
+    fake_entropy_state.threshold = threshold;
+    fake_entropy_state.step = 0;
+    fake_entropy_state.max_steps = 0;
+    if( amount1 >= 0 )
+        lengths[fake_entropy_state.max_steps++] = amount1;
+    if( amount2 >= 0 )
+        lengths[fake_entropy_state.max_steps++] = amount2;
+    if( amount3 >= 0 )
+        lengths[fake_entropy_state.max_steps++] = amount3;
+    if( amount4 >= 0 )
+        lengths[fake_entropy_state.max_steps++] = amount4;
+    fake_entropy_state.length_sequence = lengths;
+
+    custom_entropy_sources_mask = ENTROPY_SOURCE_FAKE;
+    TEST_ASSERT( mbedtls_psa_crypto_configure_entropy_sources(
+                     custom_entropy_init, mbedtls_entropy_free ) ==
+                 PSA_SUCCESS );
+
+    TEST_ASSERT( psa_crypto_init( ) == expected_init_status );
+    if( expected_init_status != PSA_SUCCESS )
+        goto exit;
+
+    TEST_ASSERT( psa_generate_random( random, sizeof( random ) ) ==
+                 PSA_SUCCESS );
+
+exit:
+    mbedtls_psa_crypto_free( );
 }
 /* END_CASE */

From 0b3b5733fcd27261de5cab1e35212e08339ca65e Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 20 Nov 2018 23:09:54 +0100
Subject: [PATCH 823/889] Support NV seed enabled at compile time but not at
 runtime

When testing with custom entropy sources, if MBEDTLS_ENTROPY_NV_SEED
is enabled at compile time but the NV seed source is not used at
runtime, mbedtls_entropy_func makes a second pass anyway. Cope with
this in the test code by telling the entropy module not to make this
second pass.
---
 tests/suites/test_suite_psa_crypto_init.function | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function
index 5aa571d49..13dfd3366 100644
--- a/tests/suites/test_suite_psa_crypto_init.function
+++ b/tests/suites/test_suite_psa_crypto_init.function
@@ -95,10 +95,17 @@ static void custom_entropy_init( mbedtls_entropy_context *ctx )
 #endif
 #if defined(MBEDTLS_ENTROPY_NV_SEED)
     if( custom_entropy_sources_mask & ENTROPY_SOURCE_NV_SEED )
+    {
         mbedtls_entropy_add_source( ctx, mbedtls_nv_seed_poll, NULL,
                                     MBEDTLS_ENTROPY_BLOCK_SIZE,
                                     MBEDTLS_ENTROPY_SOURCE_STRONG );
-    ctx->initial_entropy_run = 0;
+        ctx->initial_entropy_run = 0;
+    }
+    else
+    {
+        /* Skip the NV seed even though it's compiled in. */
+        ctx->initial_entropy_run = 1;
+    }
 #endif
 
     if( custom_entropy_sources_mask & ENTROPY_SOURCE_FAKE )

From 0fce4c58301df29664b904dae76d13d30f81128a Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 20 Nov 2018 23:21:01 +0100
Subject: [PATCH 824/889] Add init tests with entropy from NV seed

---
 tests/suites/test_suite_psa_crypto_init.data  |  9 +++++
 .../test_suite_psa_crypto_init.function       | 35 +++++++++++++++++++
 2 files changed, 44 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto_init.data b/tests/suites/test_suite_psa_crypto_init.data
index 58817d93b..6996c115b 100644
--- a/tests/suites/test_suite_psa_crypto_init.data
+++ b/tests/suites/test_suite_psa_crypto_init.data
@@ -39,3 +39,12 @@ fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:1:
 
 Fake entropy: more than one block in two steps
 fake_entropy_source:MBEDTLS_ENTROPY_BLOCK_SIZE:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:-1:-1:PSA_SUCCESS
+
+NV seed only: less than minimum
+entropy_from_nv_seed:MBEDTLS_ENTROPY_MIN_PLATFORM - 1:PSA_ERROR_INSUFFICIENT_ENTROPY
+
+NV seed only: less than one block
+entropy_from_nv_seed:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:PSA_ERROR_INSUFFICIENT_ENTROPY
+
+NV seed only: just enough
+entropy_from_nv_seed:ENTROPY_MIN_NV_SEED_SIZE:PSA_SUCCESS
diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function
index 13dfd3366..f4bb86f09 100644
--- a/tests/suites/test_suite_psa_crypto_init.function
+++ b/tests/suites/test_suite_psa_crypto_init.function
@@ -11,8 +11,13 @@
 
 #include "mbedtls/entropy.h"
 #include "mbedtls/entropy_poll.h"
+#include "mbedtls/platform.h"
 
 #define MIN( x, y ) ( ( x ) < ( y ) ? ( x ) : ( y ) )
+#define MAX( x, y ) ( ( x ) > ( y ) ? ( x ) : ( y ) )
+
+#define ENTROPY_MIN_NV_SEED_SIZE                                        \
+    MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)
 
 typedef struct
 {
@@ -249,3 +254,33 @@ exit:
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED */
+void entropy_from_nv_seed( int seed_size_arg,
+                           int expected_init_status_arg )
+{
+    psa_status_t expected_init_status = expected_init_status_arg;
+    uint8_t random[10] = { 0 };
+    uint8_t *seed = NULL;
+    size_t seed_size = seed_size_arg;
+
+    ASSERT_ALLOC( seed, seed_size );
+    TEST_ASSERT( mbedtls_nv_seed_write( seed, seed_size ) >= 0 );
+
+    custom_entropy_sources_mask = ENTROPY_SOURCE_NV_SEED;
+    TEST_ASSERT( mbedtls_psa_crypto_configure_entropy_sources(
+                     custom_entropy_init, mbedtls_entropy_free ) ==
+                 PSA_SUCCESS );
+
+    TEST_ASSERT( psa_crypto_init( ) == expected_init_status );
+    if( expected_init_status != PSA_SUCCESS )
+        goto exit;
+
+    TEST_ASSERT( psa_generate_random( random, sizeof( random ) ) ==
+                 PSA_SUCCESS );
+
+exit:
+    mbedtls_free( seed );
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */

From 9e1be6a246cffccbaec50ed9831d9e79b1dbb7c3 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 20 Nov 2018 23:21:37 +0100
Subject: [PATCH 825/889] Create the NV seed file for the tests if needed

Write an all-bits-zero NV seed file for the tests. Without this, if
the seed file is not present when this test suite is executed, the
PSA module initialization will fail, causing most test cases to fail.

Also write an all-bits-zero NV seed file at the end. The test cases in
this test suite mess with the file, but subsequent test suites may
need it.
---
 tests/suites/test_suite_psa_crypto_init.data     | 6 ++++++
 tests/suites/test_suite_psa_crypto_init.function | 8 ++++++++
 2 files changed, 14 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto_init.data b/tests/suites/test_suite_psa_crypto_init.data
index 6996c115b..c57a764ef 100644
--- a/tests/suites/test_suite_psa_crypto_init.data
+++ b/tests/suites/test_suite_psa_crypto_init.data
@@ -1,3 +1,6 @@
+Create NV seed file
+create_nv_seed:
+
 PSA init/deinit
 init_deinit:2
 
@@ -48,3 +51,6 @@ entropy_from_nv_seed:MBEDTLS_ENTROPY_BLOCK_SIZE - 1:PSA_ERROR_INSUFFICIENT_ENTRO
 
 NV seed only: just enough
 entropy_from_nv_seed:ENTROPY_MIN_NV_SEED_SIZE:PSA_SUCCESS
+
+Recreate NV seed file
+create_nv_seed:
diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function
index f4bb86f09..359650429 100644
--- a/tests/suites/test_suite_psa_crypto_init.function
+++ b/tests/suites/test_suite_psa_crypto_init.function
@@ -127,6 +127,14 @@ static void custom_entropy_init( mbedtls_entropy_context *ctx )
  * END_DEPENDENCIES
  */
 
+/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_NV_SEED */
+void create_nv_seed( )
+{
+    static unsigned char seed[ENTROPY_MIN_NV_SEED_SIZE];
+    TEST_ASSERT( mbedtls_nv_seed_write( seed, sizeof( seed ) ) >= 0 );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void init_deinit( int count )
 {

From 8fe3372de13a6016ea8ef68b8948e9a03843b492 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Mon, 26 Nov 2018 17:21:23 +0000
Subject: [PATCH 826/889] Add generated documentation for mbedcrypto-0.1.0b

---
 docs/PSACryptoDriverModelSpec.pdf | Bin 0 -> 565092 bytes
 docs/PSA_Crypto_API_Overview.pdf  | Bin 0 -> 200980 bytes
 docs/PSA_Crypto_API_Reference.pdf | Bin 0 -> 527887 bytes
 3 files changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 docs/PSACryptoDriverModelSpec.pdf
 create mode 100644 docs/PSA_Crypto_API_Overview.pdf
 create mode 100644 docs/PSA_Crypto_API_Reference.pdf

diff --git a/docs/PSACryptoDriverModelSpec.pdf b/docs/PSACryptoDriverModelSpec.pdf
new file mode 100644
index 0000000000000000000000000000000000000000..cf11380e840184071cdf3b55ae11d7f67b389e8e
GIT binary patch
literal 565092
zcmeFYWppL6vMy$3W@ct)W@ct)W@e9>Va&|T%*-A$Gc(&`d$yf9_ucz)lXF(yN&Y1(
zTK%J1t-V{SmOj;2r6N}nlb~m2V22_9wLH2G!$QPF<Y;08!^a21sOIftPQ<8aVx#J2
z55uTH#LUD5!zf|x;_61k#rjv2Gk36bvm#<<;btQGkMfVFc5db_M2r%4#%|_f=BAEj
z<}d;RFs^Pc=En9gUYjf0@`}e2NWJs*6-T$=UDY3|I<=`_)KkP$!Tc`4#u!RXpvFe6
z?{D7h%0Bn;&ReFq>!9|mJGWJD2Hpk>S}e!XaNtd=$`n_4+M;ynHAs+ylw?C@q|yWA
zNz-z6lg+wJs)<6^)L?obqp=Yz<hu?wab$e4wj+1z84p2Xdj1r0+QxR}Nk!URcDD~T
zPaP7n2-M;aP!YDV$Bl+#CJ6u+lt%>Z^RuK3dy4!-cR4h=M$=}YCa5DSuW)23R5=JK
z);b_Gc$E>Pa4={UFom(Qbrmk%=qw+mR5}&T9x17vGa+atkYq(*q##P_RG?cp?$G0b
zAl4035nhGge95RvDZneVT%dLWqv7mw3?P;4LYXy>Xh57HP@sGeGrCp>8%8iodBPD>
z$K+S=4ZP|QSzd&~DOD(TT0xfEM9N6;0b1CI$E+l}OmG?vh0%4sT2N?oV2w&t6B_A}
z*<gJSviCgTyP`}U#)T@8N=qQpQXgDyFxX_;Q0Q?*K`O|L2NF~)NLr=pL}+27@EMIt
zv^=#86X?AUu&}*C5M@MIBtn3Kmt$nu<WV>Rdo}LIHYO$0EE+Xg1zE@@a>y=wHEWcz
zMAc{$430{v0sBFzDJZK#eU2>Rk?E<%aGy+e(TRvw1zUI(n;%d)g*6)Z=7_0q1kLjv
z4+o(5`HK(r?fDKDzr%Lv>*wzXG~Og%`ThTNczIGV?^EVso7Ny$j$!wHl@04eK;qxJ
zcdQ(!L`dSNo4=OL)a?o4CcTk9E=BgYhy9j~Q1><XX@0vE@N3rQ-O06E;E<zWt3lE?
zu^V-rFG22AbYdw^(T$7IE>|#@*Iwlheq(~U2^{pIL`X{tlXe}xUnjtB`(B2Nx;ou_
z<!6)4PM8wo()Xl`y;-M6)7P(qI<WWd<HpU<Cqhc|^}7B|-4E3b<LrBP*qrQ;4)pb<
zodD~{4jW*A*8`X*;_*D%Ox5J8ylUh0>q~aXaUY-Cnre;3?l$Ay*xD>5{uecKezkVo
zvwlM#8~+o#>l$6iw8+4k%HUae=GGj{7F%cFHuE|n6e9Q#EAWPSz(&pW3J@C$THH+7
zscYq)d*@c_TPGzBCt92@I-B8i*N*I;&K@29#*acRfSgu)zJ99vTPcDs2()N$SZ0tO
zd#)+vFXMU*ylC3FFk7!qbi7<ckI&TxQ(OJTy;AqR!x_P>J<ZtIy{bJ|L~6<>-&@5c
zw196Xtqb~W@J8SMe)xBYqu}LuJ7|Ovp0bMro$P^>HfTr^yd8Mw+Q5D3&j?WCc!!jZ
zRi68j+F?2-$u~tkTVAilwj&{wF*Xf7TOqGSh-0BJ{@{{Ap+#9x>;)6|fYzz|l$0fu
zSJ@}Gv%<_>mwMPucFZ+-u51}s;vEM@$5!fOhqH9)Y?4ZLah5u29S<3<z0AmE93t#B
zAo<9vGP_OGpKzn(jG?w}&7`dsl4I<=rUP*f&Lyjd6CD_qa2?Ef46SwIWA5~(PPJ1I
znCjzKbbOo#g+ueB@*dxhznk-K)N_g-5fR@s@atWQjwsxFF0G@ommUmW)Czp|4^P=f
zHMz)~*xTJ)yH41GAX_2pP753qApL7aQ8b%1ILll6Rx_ijvFo#!ybKSY3xsaa)(E{!
z0#)wy*$I8lpVmt6IFP?JdRIMpgYuVc{by|fT=l&SsNI~FIMvVW)z3#YP4rI;<)4_V
zIJy8Ba|g5k1jWD7KLD47iS^%vUM}|k9eP>0S^iz<oz;<7B;`ixJ=6Tn<qF+4?Xj_F
zRkFg8HEh$mIEU8>hJw`s*FaWqvUgW~eHc&d*3DZ>hSIU~<yUW@-q}59Q{B?ULuKh~
zY+j_iS}=)HC!s9V?L1{2QLULrQm5=ahLwT_iEWEcnKzMh%rpm)W`-a0(lQRTSV2}J
zCV@?>f1FCZ5!%DDE2Ak!Zp1-u&Siuv1cJxkh;YOvq=l)JG}L$<;%?@i&9r_r#+?uy
z8>97WI*!fvLV+y237M=mF`7Z%jz~Of0X>8SG=QUl1O<gi3at?{2E8N(pQee`R~#-Q
zos@>oG`Wb(t%11|XeP;sl@@oX4aatUf~ko}4hMaE!z|Txh-7d;0g0mi7mz~1@v3iW
z30`r2L28T{MM<N}q7Y>jITkcrDklOH^Aheg98D2gml69NP@WiX0=V?Zld=wq8d=N0
zN8W~_7$RbG0eJyPFBA*}J+0_q0jZJDAkb%Yl2X*-i8@hGM5~$;8ND<(BNGq<80?G^
z6Idc?BqkOpw2}yjQ%J};Fuv5NPKJmu2M8QYQ@A%YOw&F&)da&>t8UZJv_c|N932oE
z5hNIwuni~}mt=P%K*eZgq0zEdUV)Kbb5Mw~8xa*&E);CFIF_>r5mI9>3S}hSEzqpV
zBT1`<l28c;4R$8N_M}dwSDMuh3Nl;+6|fA<U<_}?$fkmTzY68v^5k0go#*ATn!lDn
z-t_#TiMziiue+*XtLjIEKwzF97b(K;6V}?+6cd{8dG>5uve8Trow_#_y3!13=AVbc
z(UjBy$MNQU{xeIbou1^QCi<UR;F~YtHy)t=)T6Cv?VYR78X>R#!k;@r^^WtU9n+zj
zcL%dlqPSBHQRfM8w!KSx+B>7C6^1Momec{KCP@!`X4wXIbAQ<1_|I}RGUwE9b5C~J
zZ_aLP*ucumQVzQ;I0kdl6D_eH<!>__3HxV8aPr`PUdf%ep|;l!+jBbmG2Xlp7C8it
zTC`d;ZNabJ);I4OIImsWPxJkzk-VsiFT0UlB8Wd#tz%zeczR3=t7J6h!8;JwcslI0
zQ<~g-F~30=_sO&E)w1l{9!uLRiJ*wtwIG3Si%^MJQKs~CnAh>Enatf<LQ2Tm?xgK}
z>Pz{w$-qUJ`Pfc-@!r!8B>K)x0KMfw@Y)+66q1c~Rd8D49{d!bgvc^o10`$2Chp?~
z?mOPJ-hma7<cPhwpeC@zNVu^kkIx!4)x=03HG2@>=uU`eT~EtBg4*cBtk*B5Zf%rq
zU0~Z+t{v7_?fxz?g>PQICA3~<lGQg(A46;oB?zgc{aXC};8|cgcg~S#i~K^-$awOK
zXnyIni}%qQ)=dTd>gH9vrQaaz6MF#j+y?o<9HP;7ZQdkY*nRF1p}7}pYw8rYhcM(Q
zIU1<$Gw(fVwt;WFLxKkJO@F5;wsdE1lacl-;Fb3^HdCXBXUd8NJ>GaMjzSe(-lE;g
zCJ>@~PGryVJ!Z_XbgPDjdqX(KM{K<(^;<oI{|+b@LbyC{@*qD6{uZLp!?dt(Ucf!i
zw9R|1ZhyJq!UJD7X-%QsZ@}B<joR4NA_eZu(SWFK>a0|lyNP1|X5n-q>sQ;+sTA*x
zWs@-XV_M9dZ}+^ocQ=h`*~i0(0;E=l<KuSbb(7o3sUV^a^&(NU8xp^x%fqE1O;&q+
zw!rod(XB(m_Fit|`S23r;l<lTGeB-@=;?6$I-u2SU1GLhx~G{%x&PUpHeZuqnsG7V
z1X`8O>t}?31FzRd59oJ&>R!5*zxo#+>xeF!xApET{b6Z6!28*JxoX#nvG{8yMlZeZ
z{_<1)Q_}^jbcha;C-)ot_Be3vp8=kYiS7RZz_YM({<{GG*S2=V<%aA1)I49;Ly;yE
zhgW(=yWVa0ogp{0k2@{K<sI}11PCZ7Z=iPL$R~p=iJEznB_;SBHcJ>Q&hfrpN<Ad$
z|C)1#Vi*gWKc|8c7)>(bBO5oFXQoU!I?sg}Bjvt13?c1~XTn%<kM2Z%6`6>qE=bvr
zEP`DqODsq+j!A|s;aKi8BFOB8J#5T@#-D?=@E~r4r{<YDA8^6!ABNTk!H8n`0mKW0
z21?OHCYE#{%YzAxgat+73p5r2WeTfsUGyv(9Y3Tn#Xte8krcLU+&R=_Ay(Ls1I>V>
zdrb!|rE!gtZh1G+{A^8}Z_Lf=vW7_9UKnbgQ6MnDP%x~uOWeOm9E||25XSvm1V#{U
zJT;W(p&{o%YXHqX74s0eUy@`L*E~|FrxYtpx*<$P0@492DSClYDi_NWx}an{ZW((0
zC^lA_%?Sk)<ZFE>X`PqC&1f35>_iI0xRX0xi`YnsB$?hwX{Inp7<q);NGaJEB2<co
z9t=)KLJ!2Gq`70j=&{c*8levwOKz}W$O;Am9j**Y1q_a2D+&Yx6&H>vgR3;0=&R&!
zy@_pxrPka;SJ2=xF$HkwC8{5AFoc=xK!HRkFa-NhPmnPAFf2q`6CD^-YAa;Cef%G2
ztYtH8@X)LeB_r)w7OZ8vbmTURX)LT|1SRCs>0RB9u=wAjpKrIv#k}uNUw6KqE|<Ht
z1dJMMKd(*zJB@e|M_$JQep)@er1HO)SnqnZT<zqkdaY(NEgka%wVGQ_H?weU>pUoP
zbX*;0OW6}vx6|J}S8Hmy8GFsOoju)<9$A;ijX`d2nhAmW;Rm0o2x~S{7u<2<xzHuI
zhn>|2S`Mk8s&?P_Yh@Pai9$y`?;fn*9=tPqskiN+^?r&^hkT4reIC}dKPVo2`*^PU
zU~Y~V&W@Y7GF{c19IIaN;}tx7RP>!lw#_MW%v>=2enR;pkKMt;7syWL(MjHBy?3`C
zZ{K05Ue(CI*Q%nAKAum>6|ahar#Z9aR8K$swbdeAP>FPYV?O0{uZH(0oke{Xq*t$u
zAp-ryTx!*kR9cM@IjfpXxp&AaFImj=A6JWd@i)!0z#De?$Dhf&xAaE=*1gT1CAB-Y
z(_X~^)ojnaOMk-vf(Vfo@_uFj3wp@4@Nc!DKH6RZYQs&Ul1ijSf-r&Wn5G><oIsG7
zZiSb+h`{KNqMnLL|1|r6&TYZ!?})+<M~k9UJx$EK>MU3NLa#iVIa8ZCdB_<{^<D>8
zymFr1pU?B6yNqo}J`T3#8tQD`-kJXNi5$Mo`S{`a0aM#@(aM+EqNh5sr1h^X^Co!y
z-RZCGy%*y-3!Y}yRTI-F5AxO?3b^50UmNncbXhPlH1&q_Q+HkPAd2Aw5rJRd^oCcI
ziHAKtm(q?5s_o_g{R?~X*IyR-!E&WO8zr4nYE_teS><x2%$YJbmOr+}T)2RU6~dLe
zc?|HmFdR3XeyQO-^O$o11(%CtkSGjmPQ)~w^cfngl~jLBl`#IStCav4c%JDn;^tP%
zS@*8G<*}5S{^N4z=1ZuLaBm9O&`*z-{`oc4O^1(4XOB{|woP%7VPu_R)O*SyJ<ibb
zoQA1W57>){*Y~`r@3~!UykfBLy4_5=;K=u`n%8^c9vl2dRcSZ=XJqAI{_kFk|MW_*
zu(AIS;3WEAdnMu$<z+{N;C|cz(7D?pqEg;veD(A-k-*%~$_UaOG+{35N};}dmlUeI
ziKswRdWfHnbCImL!A2lzUyX7G2M{jTuK7h*YiKh<c+!Tu8>izcvte;$y?z|@O<5KF
zr3~@E&zO02m7!NnD?o&|qhKdz6Jk2TBmBJkwMGxA4J>_tU|(4RQUV|RDJ^gR(0&aY
z0l8S|Gff&r*$v{3Ep8p(dGu1HlFu=A&5QOczBkzl!k|8u$$m&&lC;mtE?$LN&1HA_
zFR!j-_wDq<2c`zYiD`KYBGm9T!4~9T_*&>lwQszHAm^zma=5k>GE$eA_5BMivM~L(
z{pr7aJFIN~wia2{n1Dn?!9`t3`AtDp!AVg``B`02!;kgqL>Ty8L0v&*!Kq4Prob;i
zt66|q<&8ifd@x`xV2BoTr;%*B7-qcm$)0jWI-Ymn=+R>3UuNiL;m}1EgX(~q;*jc~
zq?IFAouFOZU>9QH9}Zc7u;JKN*})uGFgzhah~>x`aDc2Gn7seRu-G~Nd03pB|GBIF
z8<XSa@3y)rgw*>)`)WnlvvZeVij!55R#a8#XdSNCOe_VB<QtV7xYycC0bvJOR270j
z+=!L#&3eb5FdhW#g7}wHC6XXOkt#_+EJh3-0m+ahK?FptBF5aMb!)vRuQ(D_41l4{
z{{+1*mURDJf&6XC_uDBLy#Nn}o+;8%ALEwYdzOSCG~39_-vc>9@Q4vq4a~z>aI|`Y
z-aF7W!RO2-oWUk3P1i$4wmVXZM!Sq$pIroqm@QRHLpyiglK3E)-2pjxb`7Ow$PzWd
z)n7a8SV)vUl8S@`Ng5`zxDoEhFcfK6$UH*^j2#CeX?y(7%3Pid3$uZY5IrT&{eEr#
zt|-VNA5$^vV?Fh)D9ElV<Xic34y6b_j`?1xF5F3CsKdla(ZxP8km({QYm?e$Fb9%3
zaiHPI?o@^8ZVXG~)na%HrDk_TrMqBblN6ahcO0%7x)%NhPQc66S3Y)<XlOMYqVSz8
zqOj-b)KtZk&U+YnTnD~kR?2zqxq#uzIJbABDuh%!PJ(jSBq{I=4`H7X3rr*0gMNnO
z@zRKH7VkW{DNu|Y`kP$I+%j~B&WmkIYmOzPtUsbSiv%Lj!Cf8q9E#-QR+H2gbXYjq
za(A=qG3QXD!g&@;;@LhR58sbu7o=GBuCjdX&Ic1e#V-bLFvuHuS_=U@>g7;qqU6>w
zD5djJNP{Gb5=Yn8&xs|)-W!q<osH9@6AqU{2>L%gv6@=UAmOK{3XVpy>{+;yA!k9h
zV!$_NhY-a!?6UUoYYBJFL^v~zc$ps1P_Q%Xd_J4xVZ^Vw=m)xC6$8>JhxnT5UkE-1
zl-Q;EFfog=W1=!MYg$PohqG(;RJ*V10F@nfp6>*Nqb-Y*;v+HnWD^vmBZ}+J6;_Gl
z&3;K{0R>;EM;zpmf<6-f2s;;?hPRfQ?e}N$a^TPUZa@2hRd{k8NV_d7VwQ$tHv@Or
zr)?K&^baonbskkmja}yiVs=4{6J6PI-c*BK&58I=n9|>ck#!sa9)<wHdtA^xRONrM
zvbfp*d1Y~Pv;NzFaicTsu*HS8^GVxLf^m2c(Bg2`EfCtWuGKGNLerKGi!zne;G5k;
zl%A}#myQn`By%x^YM{#M>N&ele#@W$UN-<k5=R~eQBp`!!y|iI06<aKGyt#AZ~MF5
zy=!b^zL$ZJ!q)|V{^24?dvP)q*lr5Mi2M32#AXB{O$r@ZSA*Fm7wC;VI{=Os82CmE
z6Cjo^v5wtlu_vjRj{E1!qF#O)0RhS=F-fiKE6rV3rXbc{bZWP`^$LfH)Seb{aV;+p
zfYSSoBHyFCn)_Lv$3f8|k@exg5MadAyyxFk!c;sc*mr{GG?=(QlkPZZHhs3J5TK9!
z=c{p0d59TB2b3Io2v?K4==D%osv^~?GrGLlk3V;OvSs3^dxd3gsXK^9OYVCpcF(*z
z+q!X>wgV~+840{_;P;DTm<mEvo!&O(=&tCLU533erhh{{Xq9o6rDlRVPDvRfe44O{
zk5C$Z!Prk>E7+JGD=aJVA8fz)7pf7?Z4+OR8a(1ZEzgz4>`;q%kzBa;R~m+b4>|r6
z?n_yB;iAp-{h$sv{P_S7#R-dL=JL*&Um}@Dd7C)!ZtIbLQnx2Taz#^q5LA-eq$)$h
z{`ugEB{9+`$rW+b64|`vrqRULW{27#^Ju4S7SpX`Wb9n@b{{f^RGSgE4d<`7slKJK
z{6lKRF=6VvC9(|>m{f{Z0~eC;XzR-A5Hs##h>><lU5AhEDu#0S50`dDDT*Ype|(5_
zn}Zb5@o&q*d6Ju7gi}%6F)=N~5OBB@0h^$Lf|30I&Ea2^LWBq-!U#PjtFy^jG_2=-
zBR&m8h)szUKiz-lB%4l5)%>hGPOFOrncYv%TWz2^ncuh>k`z0<{9?G8%O!aXThWka
z*z=M&#b-Oy5ILk=*<kJS9@m~zta=(X?U8nW^jPWq1{KgwrB(cBCjNvXkAUqV@U>@g
zC3KBBPS1i1Xu%a~o-4o=Z}VQ!&qAp?2ma|9dKKPkgS=Ybt-JyKq|j%hp18w#0ExEU
zG;THR(1Ca(BU|_*MDJxWs%SAPe`$rLua1Lge4}-?T%#N<c!lOu%ih;rCVL(}^tM@&
zTEV8VT<7}ZE{m&j6f@zTqLm6~`B2_2C35XYl{l`=Sb(69O{XSXh0MHs%n!Cd^zwUI
zug}YP+e;-Oc)Y@8kitDt1s-XyxM2w!f*Pv4<0NQJD&^zU7=aq$$V5rXa^1}|vAAZX
z@%B+At>@6+u8(sT7WDhxUmbK9=H5A$S3$@brzcN;C)vRa<(;nP_`%3nwQaJQgHiH&
z`P1di?<%U8)nR|5Z;*+Rw77pp3{DpAe}Nbr|2GgLOV@Fe32l7u9WB6(;P4%1E5Xh!
zjpAmr#~pQws5D7ON_1?bJ^v<*0UkKH67!s-WbDT}_gP^4d_4qe&}<A43AKq9&=fTc
z8Dz@V;0};9T_eQFXyAJ5(YF3J`}-+;ELsNe=bN9<)COSoIl%m@{a}CAw+IN8>K8EZ
zL0aQb%Y`BB5OqgbvE%St;T!26rU4HV)*EdvLD$e7!&zHbOIT2_Us8~44f8+8u8DwD
zvVEl<o;~vg!!7fNU~Pf+^@yuVG8g^ZTr{w4Z*K`(GKHy2DtxC-5aG&Bn-L{Y%g}${
z-1dO$F_Cex-rzbZGk0cCW~ZSB@H#f6IK_sk2tj}y#FgSfizVIriG%``O<VEJY8+iz
zdGp5y_z0*wC7m4o2~OT$TniIDeg`>1?Lm^^F6nx%WWc)zmsC+kb+>qIRHJ4ZW-7gR
z#n}Nw^XD@|L`=Wj*ymVIj=XaF{j6Q`W1cR0-eeuBy()6{A1cB}OHI-bQHgG$2S<Ds
z8;K>&8CK4boRsIIXT!(-%jp!F$YxVUdl-y^Mz2!ugL>=|dOGUp=+of!G0Gg!$EUke
zlPkUzrzoeKBodQnMulzkqr#>iZOr3tZO6P0WG1~bXHK`kHK=`_4IC-+WP1U(b$m3&
zIpmtQ2?G!fPA)RE@QtAe<4;j1BBGJuew_u22m+6x0t!bdkBv$9O=N!O)DX>9eR9Qg
zd0Qx1-?+Cg)xwC5!mlzrDg0Z6viqAhsr*~{Ra*BLcJ*V%gd0yX?}<!%!Cqf1k#{-H
zp9KbQZstpi3;tV%g9$Ws@bOKr@wX*BfeeS}&S?1CM>jiL(9f10j8>udFg|L~4+k4g
zYC`4P4QsGuW&SU=*q|HchV?$Lg6V%pZ8!f#X%col6tFV##g#>{eJ3rhC;;02jalK<
zhl*2v=6!^q>^N9zU9a_&+Za%LgAjDv*1XKGPw=;wo2&f#dC?4Au=>voT`jvoOycpo
zPdCT55VBYHlMh_8&Xi?Hc0X{-a?qbAFe+c%^ix}(ya+6nRmGP=UTp2EHy;!Pg;DG@
zb(BJ*ZeEBki0JD?H_v5Y^?g(MT<nSUl}wI|SoJijY_z5HGnosqDW6I%WC^GZYE?Rf
z$+`?nv~v;yDc+k7XlG3a6fEU$=SA&vg-}qih1|IUj}@?)K|o5#RnwM~^a=*_a;6L!
zev~!QD1Vt~v`A_<Jz@nrYdi~XzCq`VakkALh+lp@kiExa=cA#~NlIvXFR+cR_<w-@
zqTTrYFED|F`JXX?nd!gS+y9!p{WmKj74!736;bA{S|Glasny-Wq!#5I{!uvLqVo+%
zOupXq0aHl?ai+zJr20X^IM3hn7D)mz@x?TdEELT}6e~oG4W(K9iJU4$0zWl<{AZQ_
zXS<1a5<U%*ni25!UOTDYs{pr~Aos<0n&8J74y_P3nvT)_o;Iyr=AWjagn?Sl-p;Pq
zal=2Jq{lpMJADrc{G986d;q?V2U8Fzd@IpV9AoW<2vDUxu3qdHQg<Qn%21n2%8adH
z;KzCY`}w>}a}D>~coKp>6*&52L?<9b$n5)VE<~giMDQ`4c7Q89M_Jb(WFu-;T=1gk
z`u@~Dv@lvU{F(|x)U6>^ICdOWA@XhadK^`z@{L#v61JJ;iaE)^;|Fm^F4GX7Rlbl_
z2b&%f@v>=&SnVaM5Y)1RIuZ;vX1^X#Eh?Dl?y{M14_nexSohWs>m0KO3w`%cAwQsY
z5C$6OG|G--5Y0fj)ON)&RA1&Tnhccc;6DDG0Rm@`Q6=fk0jEPQhVc7jd!~fNh<6I;
zTTcsudYE>*MZ2$^&dKYu){0`VemO2BQj}x7s0q7fx1*t(K70`2Q9{|Qu{78VZkba{
z$RevrMtt(k1lbz=QnNRA?1%)V=mlA*-!<@w(3VOxDx`>&R9ThMM-j|t28rd1Jq%is
z;s-WKSsJaRXaHXn+Pg}fi2|KGV7=v_s{)+>MXQrswHUq^G4)nIPv;?srHV-EqDbne
zU&%W@)U1Nd5HCd+;?0d!nmSDDS$03!O3Z2*V&P|re#MJvF@(;P3^qkUGFsdgb)%8G
zCoQnN9j<~`e{7Q%GNynR5yE;=k}0Tb!NbJgPtPbfsarwAlQ)XQ=m<GU!^eP0ygpbb
zf`_MOnO`u>cvMoGuThK>ZJ%6DL5vqjqaw+txraL7;<8q3bkcUfPGM<Bc{+(2g`D4u
zWai?iN+sjETB<Z7$jc|{9bbtE>+ML_O_G{%TXm4E<#4sF>=JEUP78a+!XfCYnE2vn
zn=gw6ZiocRyzf<wx#jbh;2q}-jfC%Y>d#&XRF-RvL2wZ&UVtYbN1B;Iknxgu_Z>Ky
zQB+zK-vqR>XyZgEPD&>q{lvrIzHF8sm=@<f&b0*UXiJ<-^!#AF^YF`lLg1d}-STRz
z3(WmB{54fP!NL4S29C}c$3ReGdOhm-xk(Um@&IJd$*gm$4##t$ooE)SaG79s6oH-B
z{HR75?)*4gqPQp(t#4p34hTcV4_iV779jXtmD_NLqNDT5Wtf&<RD=apL9Tv_hHj2S
zLSipVC3aC0XsNl%8SPuIAGVHmQn`g(vd(Jl{5`lr$~d*t?&dy|P5x?=9rj=;rtS4x
zAX5;3+gyA>M=N*z+xP13{-05XgXzC>mH&%_E!@m3|1-ME!p_C<?>gT{b!8Lq+L8O_
z>-QJt3L{2M)RTgY1`w&36M=q|ilS&kYU_}R#OjOc0MGT$Yxc4u)_Yj`^vEAK4By_|
z9<Gg=@b^)$ucfA(rgs!vNb9OhMX?mtR+>r3R;r0^IsY_ttYpbUk#3b<6q%Ic(2==J
zED3+`3lCC3O`=91L+*Yqin6KYY7k>Fw26xSbDCEH-4$wexr6wNaivGuh_>{=!h*=S
zAIxeoD3}~Ql*wGa6q~G>d~THSpcD!#4c~K|pPjOfOEt*UI!I5}L{yN*tBRYTGOAl}
z*S2b7MG3q9$|a~<=0_flfnN3Wf?Dknbw#<yc10`sBz}goHVj%pa!SLYb0JxBZ%pz?
zAetlX=>XcBn`TUM0!Tnh2SK6SOS?OL^>k62^3M~+eaPVxuVp-jd!uJMUV@v+=%dD*
zSY8JXxMU$t8}dvJC{~44rZSk?19Gckiprz}F0_ScST@->UY?fpEHzEo^0EO_EG{ZI
ze{IEFJyWa%13cN{<!Vsd2B=E+;y6`JLSeV<>;xjQX9owT%T);21&HhkaG_TA_JZs0
zP<6B5q1JBoIhF##sag0oOg!N!i9&G_ngH~9mBDH2@#Y4?HR!x>Y9UN4C6d6opadw!
z2-0<0cPWk;2%6*9*uF|Msy!wXwIFj-Y=1Q5{%C>dH)#8#3Bw7$)qyD@@KrguC@v8~
zz2(+$%g)1S<71~|C@6qS^%vO3$?nwYMstgQQd?l3w|7e0UMZu1L2s{rpevv}YV+qs
zbv=jSpOLb^M-^P=_CDuZzk8nYX}{lZraxH>-u>n-##{WqzFu2ly<hE`{onTt>la@m
zIKR6#?fQE=`+B?j0Fjycf97Ui$Ey=K^96c(Ke!aX-VFo0ecrxiIXU}FH5uf)<VI^t
z7MDM+;K}@hptc>JZWgAU?*hNa1q<sc2hC=zrZRBX@&n#aUT$~Kgp%++U0n!=gEN^*
z$huMAM0oP|D{l}99d`RVy5#HcDfajkw|;8&@09fpL>M+6&l@)KAD|P40VD^b0w5GF
z34z-IA0HnOD2B7U8^oQSeYV`2IJIKc3py?In*nPs@f^p_6Gw^T#0jDV5qt>Vc#mAi
zD~Xz-2E8esilR@xc5RFT06*UR?-#&JAjg)YgFsLB2a_#H|L&LhC*XBUlP$mFc30$L
zld=O<6ZMlUEDLLZZ7oX8d2Q|DOU?K5j<bK)z(2z(&&oDLDQn*cc!(lQwBrw-bz2J2
zln;?k?tVh}*70CsmBOenu-qI#80o;RjOFi#2XZ#tc~oN}65&%XOzGNhbyr^Se%m+l
ze<V`HZGg^S2CuJ=i6$1Bp?qctpux&CP^>DdtBV#<ozD}!U^{cwqqy-=L3fu|S8AK&
zYrM8M0b3t}f_I{4f1`eTWlB^OBs9hj8M|bQ@Mx_ZHYNeiHiJ$_KchzhkwaHhdpe%P
zzzklIGI=4UO(^Pwv{HY$CPMdOu>v16$#ZB<(AST(3QJ~D1Zm!&jq(FBXC^ZsR0;OH
zfQqJTAnxc{G_FeM07MY204MI7U^!z`Uxejw5NqcjHxk_gkzoT_w-IY`&Lv6tdULuL
zjV8JQk#!J|9oLbeF;?)gx<DDkPOQEzR74+y0f9}*iT;q%KPWklO<=h46<3i%D~aMI
zl>bp7<+IC}jx2yvx^#`{DUe0;BViMT4HOTlbGY(89E4UVDpCZw0s~tf`>14Rry%Ss
z8g0FK{yMZBZvhCuvmF`HDltBJ&hO8qiBP}mf`L{vUv0xRRo&+8$b05j$!6`eWvlKP
z<*Ea_O*KxddfaA}guQxkTa~izN<}T14Q<q>Op!)PV!5;aQP-IJj()-y+sD$mVzFS{
zU!ghCl6YPuFPsn78{?7gSbL(m&ElrLnN#$by~2(YTn^Vn*3ixwl%#=q2v;HjzEiLT
z*vqMKnixKEKmt2n#FE~cVNwa@9y}33%*cL16%QqchL>~ufSV!643voYb+U#$w@Ni3
z(%%EPq|HO4z;$RjDX$>odiLzA7}zo)Yz=W(CPOctG#Mn<b^1v;L-H65t5SNZ&|!)D
zoF15!Xd7Cnp&TrBSt#et8mN83#7j<wNUF|UVwrNiiAb~YBuJtn@<V?$OzE7h#%Zi$
z!9)slsxA6_J3$h@OdL}P2Z^m}5T|NQishuHlH-RuV+0$K)pB%lKLmAf8_ZWAFqwY-
zL{&xG0sORFt+47VRt|q+S088<wsw19`}TsC7$y8ikU3l&I3gGuBu@2U`ZNlgXe3=<
zwNz>$ZoxuV2T5gdWDNrAt?P<LPIV==MGxL05{2x3F+NK2$~!7Y6#$kf&Zr4zQ1&g;
z`?-F)6f<MVMM^Y-PV0GL0R4uN{!^fYSWcst)ln!ULSeKzekg{x_7(*e#n&~f?1Vd;
zVKjwQ;0VneNHx^0?-M5;-!aT>SHbEu$Q;TM>`gS@WE__`<!<^{?0y{9k{(m(=CQ4{
zlu|4`8xHmnDl{}du=3SX4+-cyA7hENS*)y>%H6bI*AR1C=0q|q&;t{RZFv!FBwgnn
z0wHNRg5UCMXT9R3qRxwvC*ecFBsJ};n9EeiA8X;S7NS6%L_zwAe2im7*vE44_oaVS
zQ?w?oi5eh!^B=!-^p67ow*iLRu4^hS<T~+f60{38Eg1GO9LJ*}=*5YW=49L_63g0*
zB;{s1P#%~JvHbY9P^I??;)<%OzEoX(p&lYKcv4|8u3^i-(~(XGda3xTFqRz^q-^Fy
z@F#day|F(QnIA*|yfbi<nyNVzMFc`@BGPJiGG2sD-ocmBGM55Hz`&xX3Cxm_3QsC;
z$hCdf!<E#Wmy3Ag);2Z?BM|rQU#&miSOIXv?m{eKymT9w?ANF7+%%U^a@Z3h*fRAl
z$k67dW$$@mA(bs2*nj2Izp@R7`bmrw748T@IuB)~uT*(t1td{z{{Sr%HA^PWVr)v-
zGJy>4xcJTKhY3R!yz$t`8Z17u>3{Wnv>P#f+PZ=x5_@YwiB}5qmy-R?1%Vxe$ckRu
zFsnt|64~FM8}7M94_x6jVxLu%gQg?@xUNb0$BkAwDH|x<1~p~sW#4gas!Nu0mnEA&
zQg-mOK0@T2vf|${I*j?gPHw>Q4h!I~rkx;PmG8U#PV~zy&Wj&_D?EWhh(LT_<KDf%
zniHC<oU2Y|JjlVDPvoK1P#i>FtNWR#z*_VeXq1~OV47PZ80X#ubfsH%yJ_TZqMNAP
zz=KwU0A8&cvJ!Q}gt28z*EXzW7ty$mVA_a3X0jDC+J+fp&xo;QK-bo*W#`Mh%a6(R
zf3Bu`Y0|nhZ(P25sX|L=@lK+jy|VqVp1Uv-0JZ2&k?)hSn|~m(Q`bilyRhp0{sw|O
zO}G4KQ<RhYUlZPc+tj?t)_2|HLi=&|j^4$FY4t+?-ejLO=V8&^9o*e=<Q$vq1GCOd
zk$qiXZwAWTX00sCz_Q8|D%g-PI=sMrhl~O-(evLZuT=VfP~IXWJI<70QC~xM^lFcd
zTd)wAZQ#!@<FNKsO5UfGAAt7e1;U?Nz*B`#;1JEaOEArfdAiKmp;!Bdm$N5!f6QN<
z!)lC8UjcTGo#i{<S!=gbs5k?{P@=+N{(Wq-7$6hB^g^%7`#(RIt^ws6%N#&VuFc2G
z88rgFQcG3(W&CfSk~emLd2eN&D*!yW^ZmNG@NX>ftGZ4PWQ_WFMn^Zux_F^A_t3%i
z{!&y?mRUt9i&e!a(!>5FQG_MWXhzE^^K#UWuP_w?bHhtSEzvIBhn<3j>WF1l15#|T
zwKEygiSGak-YOK@7<gP4!~QzRq=Kw<7gTgP46d<PGtwyctA2|Ny=<8D9XC~((5MMK
zN77c`;gQ31D6RZbA&sL_;zAUc7SnEmuaZ`=?aW$l8Dhg*&*Ko-d{NXrXzEQ#kaSAp
z;-mTwV0i&BLFDMG>|v*!;?Rk`|5ccrFJw=W=3BzkdEw?a*$ZM77F=vZnIl{&wPk7V
zCLRX%&J%w+Dr$C84KqbDee+69Q`=`g*h0r4t!=wQ>t7AqE7Mg(cMKXV9chf^p{0?$
zq5*-~6}uF^iw?P&gRm-{bn34jEVS)=HE%-uq`t;IY!|pPileScP+HxR(nW>f-{C%C
z8ex|YTgR)4vt4r1HTx5p5LRJEuP3duZzHTUzo?TzZei402|Uy)yG2392<2dHJg$qJ
z`Zi^`6R4O$H@{@tl*(OJ<qwhcds4Nb$ktg`+;gf~jJVz<i9yT453zS3rxL9b$l^eE
z0v7zfY>TirS<HSv0^sF@_eNoKg|vuEvVsw0;MQ2phg<^(Nst@~Aga^)3PV=T6S5u`
z9!#TU^Q*KJ-vmpCDQUd)x9Q@>)E@@}rj;pY9AQg(_0uHHb05pf3MwC5PB8M9OMrL%
z7EMv{_fv}`3VcO%x5WMUbFz&^>1nR0CceJC^V@xt&xL-{#}$$z2N`Lf(qk;*_bBqR
zXP%3k+pYQ(Gf_%%?Km~TbmcuUwy4N)Z?-2X!RhPp3Kc=xOFZWnB$}t@B7-sA?xoox
zAFCEA$L?^HK~Ny79H0+tb4H*SZ<EZV=N;_R!n=!GIrWqaM4nE(AFK7vzm&sJkwv8C
zMy1Kry2&X5>rOu&5;0BDTv`p$hRuCz6)f%HI3c2@r!s5+u%ki)N-8T_mBU<U7OMQe
z^Dl5!U8o3pX!9Ofs^1u|zxB|v_c{f>rt`)J^%$?2VavSTYf_dWzDpPs+C0bF&3kQe
z*1i<>fQ3x;0{<1v{CCFt|Cw+;C-=VyAuw|>{oBW&bG39Gw>Z!O=Iigb%nDY?WYUj&
zOK*70gn}Jrx4IxDl1)jPj#bo}|9s}+x;rnMV1bAo9~>NX`u&mO*%iCTbUf4xmu}gs
zPz%@2bC`OXUCU-lcsy@Nns?Y3^)5+MVSNdqqT@)w{qwygPq*s1`^UlJ`vx#OPk3mO
zay@*VIGX)Q>IH1i?(J-7{{^%A?frQW@c9O~<3z@RXzt%lNZ0)H1^U%<`Wt?b#s@tA
z`%t5Zg9e868GL(+IE!w}Oq+l}ZP1{X_adhH#^a}$I8w83j5tvnXb1YKxI&|Nw!TJ~
zj5*(T-A<MNzFqsyU^|YCWtYcjYy!~C4QIrCVj*x7gaNfyNX^bB>m2xaN~VfmPyyO`
z@|<E#BUAAZ9tdhUf&OHuVw}e~0-Q)al)&1FQQTG)iPyn{uCB?QnVx>v;A+hq`KDyP
zz}^t01v}{}TcCn|Xfl^mnVGa9uY;T9S651HtEsEyj4XkgyJ*U;k>X%#DXVya?oN;0
zQBcdJ!L!1q#(YKTAb%tdOwAA*b-|&t*ZLi|!H&k3J`VZ5Z?Z^F0b+_vmY55GMkVzX
zQ>z5(a&f;$#q_}GKutVFdgrkn)%@ah$7tH8(}p0nE_r)(d~>x{ll4qiHGdH3oJ)sp
z`?kp+N2rau%?f)3oCv&XPflG_1trZG{N8lX^x+g<CVF4^&3!a9i2oz24adjQu;Xpu
zviInA)F#M!a;eck2f}UXSJ6Cw0^L;@PMxmSu>y1yYj4Urjxu=vtmzd#Yb_V7ZLQe!
zD~~5gDOsV?0qM(6l|>*72wdA%32)UvQRAJkfJ`!&6uH+m0JL%59reYsm!%;?oo~yB
z3yDzZc`v&iXrq<(tMdqR0CmS=79@&EBo!<DRTt_Fwv{@5xH>}LE#2#|4h0Y!m*3U1
zUj6kSp_nIE#_~7`*x4d&X&Ow9xFTAnLNL30<~{@t{9qo0c+u%=ahO^GU;PdEr1}r(
z=Ek|`p_arS=pE)G3gO_vWb8YmEeUkR*QQ4_pHy7{w|0!_tD8`1zLKUk9<o?qyX7v<
zND-TF(2kl4v0uI%kxX{<72#xnp!W{FiZUgb5n40xH<q+wD>M2eg{abfrLfFVGLtQ*
z4IAHOa<ivy_AU_K<*@x62)L29BDG?TsDi<yfDAoz=o@*ZN?pLO2@fnE=I4D*W~iOY
zEAu~F9*A5mWw;|>sh0P;j!9?KE6zxDgz@h`hLv4%N+Xy;hNDA#t7TiBo~^opnb-tB
z4f8{#2`E18+7y?>Uaeui3`xPqkf@hCL_A4&LCf(WYp|j}fY0-@I|A={2^8AQh2MRW
zV%RN@!jMLIa;mlyMMhl+u2*4VkI!p3X2PKDq4swP)&=F4_UEEnP~%S>wxYII4Izh*
zF`Tv5se&sn7L!NNW=#?wMUvzDn+%}`=oZMmelfO=y(^ad9?EToc*fc3IjA$H>(J4(
z9Yo-_2L)5{Trh+L-a|FN8$If&#fc4^n;-4D6{m4$OxARdXiUndul74$M&>;FJu(aK
z%zBB0i(cvU*RlB!oP9BM;QcdIT>J^rTB}_ymT9Vi)~mm8U^dr4dWtrg^xOnMS|=!j
zq3}lc6gJb2GWwG=qJXrjs5_PrHGY@W5qAC%cv0pAmXP?)0`Iw`xBpNib;jC~An9*V
zY8hUhoibJ&A<8r?c8nIBH25;wMFFNAyy1dpQgL-LX~S|k-D{tr9(FHu%`2%PM4r+U
zip$*lc+jIOE3Q}1f|oVvCS7h+TTd?NXD)sROLG3IueHx=#{I`MIyr+Qz}iddKt5&Q
z#_$Ah025tOut?eF-80CJqLcOo%z>R!mf%G%D3oAvO-$;E5BU^MDUm;4j#R@dX3b?x
zv0Fqwo3J!b!At;eye#**Kae@>NOZ}b<A8QLDO=^k3)t9L1FHY0GPTEyr^{7lhVrN+
zA2tCst-&?_;=#w99rlmPZH5WlMo#^B<0Rm_Q`+DMb+9Dib~|BH{)2wRz_57ypE!hK
zpH%Pt=Te7oKkukIxUzFOekD~yw~Ddl@%|!EL`Og;JE}yP7Bv=d=K(EX9Sk~sKfzoV
z3r2=)(OM}gr{7k{eH&@H;-sCbEK+%lNi&cn8f2<dW>E>zDHw50KuIN&8_1d$b}}3D
zxrAXSrLDN|cZtiI{DNbTRu&x&OF>8I+bn9qIVPMc&fUgP&Dw^)#j%`>Y~Fr)LC(9D
z(kbj|4)!bZlNRvoP)$o^D>dXNf=>ov2^+#@T=W%`hZQu10J)y&03wX!pAW>zH^6L!
z@<gDZ_1hz;_uG#Fk@^!X(q@oLdOQ()+4#D;3dnFIeX})m@Q$7%j-XWcb$^vhpzJH<
z{1ZB!d|)Z)2Y`)4W1;zHi-C)Y>t96TnE#&g`H%9yj>P3^$T}W#!1evjFgge3F_=y!
zyrj3!B7sHQ;c(r$6>j9mCJqp9<IM;(R4F-2k_);u2|^ZE_VXt*M;^IH4W3Am8naHU
zAe(YQPraGFl20A?t^qYz{i)k?R+>t=G89=%;)QVk{f0ZZxfb*BlKExG!I^(6jy%CO
z<wg-Qi_rtb!|mNz8B%|+v)BHXz0y8=mW_oTy1B<8Is120g$;-~{&pgQcPnWo6aD1w
z$Tb(P6P8GP0i%ahxuU|Tm}MpGQdbE}xze=Ns_x9O+w;a8Y+Wl}5!Y816F-y>0AN6(
z=lK5slhz0GW!!+ENmH&O`z3$xb^5*a5_ig`k)(lLT>2=63};y)xTt;2Ss9IaS{|VR
z=Gi;H$}C&s;a~PPOjbz}f5=rHwp|Z{{p!$~9)(b@FE1vTv6gvpv;9sNCpc&@Mp=j{
zXYOAhZ(Fvhy_6V>A7x9u<F2`ao_%iZ{|KaKg;REdvW-z#i(%R3*t3PLdGiqMJcE7Z
zVsPFyxaF>!a+A*pb1y^eq7lYGl1m{NDfLK9V(B9&CUy)H%|<LnV6SOH1;WDoz_VyW
zMW(w6yr_@tx{1xG5oSo>81+)k3n#E3v=`uQM1J!Nui1pJ$gQDWUR13gydvY`Np{FC
z0zLkT$?LwrX2fN^E}1VUdol#x1%gNz4+-OX7>k9N2$>pOJ6}(j(GBC(N~^rE@TM8C
zh6(N(F($XQ+o}{Q6RGMyv;dp+Y7Uic+L(+1O7PJo6jzr&>738ark>tgZTBXpOGpI8
zz!Momp7W%Q6Q2^A2`n79(AvNUqQoQ#miP)q<ctoSCR=5i8iaBex!L7&(3q7w=$ne(
z$FV3a%Z0x#!>Irv6N%X9tMxMRrXc)lp$Ky7T1HMEzDweWX;|flt{`2>p$Awzr$GDf
zdHtL70XOs*pEs^|Qv8p)A8Fa#XBH51FCyUVIYDSnt#RHqm#7dtA%$l<08~^evd(fa
zG9W6+9(=DbbTZUEor$4Uk;*#Dv2FrVa|;q~5iBjqu+fl)-vjP^1q7lSrlu#v)nxRK
z`lkAWLzM5!7UCi7aJ|Pf%iT#_zPvY)Ri}lG<YK~GrFHVAly#V9x^&MXOnC!X^3%&p
zcG)yKwW|0LxDzJu`)j}9tlY6}da>RrhIqJ_;;v$lu=0VO1me@=4BhDL#`Og`wK%Yk
zgQqWqB#(*id6!g{K$@?49b)**dMVA-`P1i$(sQx|meA_fPRnU3s?SXea{SqVU?p-)
zM$%vI!@#E4<P#)b-O#HKVC2R(mG}aaIt*~5A!zGJW$?5*XtS{ig|@MD{`#!_$Uy;$
zbn2l>6+Hz4q7J6rn0=3SP6&G2flax0CMCWV4fNT2jhR#0GR55(OTKTUJ?RYAkF_&k
z2@vP&(VJ<G{H(qg{;ChpqtuH_mlhy{ZF~qHOY5!~AOzHaaB6RX)`JeP0xPk6!S_3X
z`$fFIyS}rhIl%)JFzpgo?R``RbUz~sZYc@v^jv<>CMiWk=3kx}2GmwOLtlu;<HR9!
zB6Rg4;R&DudB*xWU>$6DiT(C%s7d<=TLWL9S3gip{~7x@x&Qkq;r|gI)cTwGZf@!Z
z!>H<R;`Se@@Y43imgX>wn$~9jk@n8@HwRwI+}hI0jfj)wuPkEi=Bi}wBI;=G<mh1T
z@Ha~yhEdef&e28H$=LL7CcT)shqbA>iloT@j4(2@a{NvE{73m;qwCEMVuRj_@!msj
zSD75N^$LZ@A=YIH!pgp~ic`oD7EI;NrmAQ(en>7?G&6O|!@3tAS?R<2kCIwjloU2*
zuJz0bRW!~fN_+GI4RDUaXgOh#HtHfi++Z^^q(E|FAt{hBpPAs4V&B_dUyr?|&*r<Q
z%ssPTOSgUgp9BZ~{&%+oJYYcofBAot1_oxhu0l1xk9ohFH<Gk|U+CC<ivWfq1g<_E
zEG#Slu>DLENExUHh6C+-&+N^ljrU8fP~YKQ7l@F5A6xM2hV_#Mf3X9q17~Mu<i0^Z
z)}HIX*jZUw0kG$WOZ^{fGcz;Kj0J)6-<O7eYnS?i{`bZqU+n+0#knEtfBnb*vHCw-
z$bE-=<yQB8BRcE_?(d)0`aUA|-8I$c0~T~G&k$x#&ldl_3*(Rj@IE=u-~ILgx#~-G
z$f4Kk22hvfL$D|d44ypSt6tm1yxX#@-{AQK_+Ffq50wktUk@67A-3aR%nM}a%YM&A
zd;zZJ@t$Uu5{`cce(g7Rx9$C&{q~RuXmr=ad-=6ImB{zN;_E5D<G&PM%h_?0E_-Bt
z`+gO3`JLVU06R_4Yw6wv09Cx9x*HbJ`z}^~+8>|B^K;mvr;We+rg$}!_$KJI@4LOe
z@6Dba-}|evkS~50->v>$@5?^QBY#`G^xWAmf2XrPY(6^N{)#gMf$v6i&olsU^FMm`
z{RO|#`uXL~+g=O3)o!Uvx}j1QP6v;<?!E`FFOSLMJs*mDxVJj496hpsv7<Y5C^)a9
zG}4Vv5XM`_Z#(ALcD7Ivc>i+e_uIfzpY!#uk6#xbgyZkGk`wwKBkKL^RuuR;W^Hyd
zYI*r{MvC@g{_XR1cX+)g!81xEPZ%3GV`_PXna<yLblMbXioySIU-p3)bAz<)`y~08
z5ctHXu=liI3)>YKA%Me<*!PwD4Y2)(>ZLFDydIza>it7=&&v%%A$Ya_!*lMF6Tbs4
zJp0@ABx&1eGNQk?>XhbU;!%oHmNE4U|HBH-|NiA4b7`r+Akgyr_{?j){c3w(tLEEw
zSoC1XaO;oO9~u#zy5EnUV|`k?{rcj5@0jg;Ev|t*xw*awdY(_A7xBG+=SZOW((r-K
zgJZkkAGh63=3`uwHBbM#>94DuH-US#E~k#cz27sZtM#`bivFbj?g`hsf_oo2-|<OC
z%zGZ&oke8`hw|!q$U5GQTDk`aVS!$kjl4(d1nYk~SAEf|Sp)d=nYY^|@3ip=6Mr$j
zH=h1pVLz_*S=&5O6!7u=sP649v&qZQd$Pjo{E|2H@-uPoIs43CC%E(eZRCd)s=wtp
zbEiH_y1LYV&?wW6SNAf2ui3i$yW-7;hcmC;=KIZOctsXh(WSn}VZM0bJ4MwsfA;T^
zI^WySv)f${)gPBL{n&B7%exO8-un@_{(Q6ZU<=L9wLALb)zNO<ix;=dV{|zV{<BfA
zm-dTU&E|LYdhPoT0&{j9N`1g|F0bi)TR`3Oqv6BQ7QuElrR$aE+K2bcoyf)BbI<Z`
zU$2>VmJl6N4h^A`q^7B+_{@gC^RH3<^=1R(_Wty07x`;Fa%${swjL|rB0H}qN5DEV
zHFs-uL^pnZ*#COhR<*q3jAFcB2EhIt<Uae41)*3TxP+N^>)kN}XgBmeFD-W&FULJg
zF#f9pb-#y38AZ#0i|iHeqn9_E9^8bROu=jZy(`{2?!TH=yR2Bd@n-u7bg{W@&dmG*
z2k>UYW@cjQ(GBuxs(y^hDM%VkW2z8bm;eB{^)C~*fcKOn(Uq|u@PVJR^a*F<mPb2t
zj)navx`zHd{e#o}9i^w$w1V|t`bYrWK==8h!@|n6_rihI;Z|acr@gJGqXqyYB6|zD
zDFxfD%GJu#<xD-6KysZ{pN`}A6;8P9X~a$6OWG5ndJl)@e+}-5kuQ+B&W#hNR{uLP
zZ4^^*@izp!!k@g;UYwUP-TbcIr(TDiM-PDev}ExkW%;8(cIJiQum0v{*1)Uu@q9lD
z!2@m$gCn%_Rm3vQxc`m4_l|2S?e@jT$|wTPSWr+HMF$lHl@gE=J1PPyN{0vtNDW1L
z$*7|!2#f_$TCAW_6(RH}2q*|qTIc~HL<kT<C<#gS{yjTXotbyubAIRCd+z66|L{YS
zy`N`2tA5woYbAO@N44{ead5=M@h`)x`?v(Ur?QqM{QfJ&uaU^nSzeBLUx^u(w8yJN
zEGlo=8d*LX*P`JF-xV>wyWeR=mXu7jLPNc>1*v8IM1N0(_T!$ncs)2<YQKx-akV}f
z!_^qNO-)W?<G5qLBvyo0K^wY@u?d0=p)aS~?GZ0N;iIA-Tpc-fH@BG;*JOOHx6cNX
z!n|1#o#s!m#lRytqEAU(T88hV(KY-QR<1-yu^BOM7`OKmk(G&KRZ9ChYE$n=g-6@!
zt%{Sbx*=3B9J#Ej<s_G&v9aN6QQETY>5Zz4yeudG{SIFr4onlMQZzJd8HLg5mTAZ_
zp6EOEzP!{k$)F<KCq2=V+6^!NOd(39S^AIbO25bAZa}H<hvx+(JG%+-5k^WpFYxPA
z`_GA`_QZw)tuwkC8q5K~Yoat6@9q$b3|((P103^k&)8AMrg+$#Q&GmrvX(BT=_Qt)
z8dSUO`Gf{%x9bJ(O?4mkB(0KMTO+YuGxFmn#nW=q;rIPrXeM7NP*``;u4ua#xbht4
z1XP7#$e|9y4e%Eb#A=Cec))UgZ!qMO8sl52MCRfHUWxYo5kXKUl{i6wQ+j!}iFt#2
zN#W7@N>W)kR?iOoJ@L1x#L>vI`F)faD)E5+wgf#m!iPG_mn6P%`!I5&?Ij84%_9S=
z&sfeSj6O}<hJUG^DK6Q|A*Pn@p_1TKUf&2~V=pC5YMuX8&ts*K!GnMaR2v*Fr@uY<
z;b>@WAjJ5j@B;d5yoIkm#=_Y@!6kW8qxdZoZ`a}=Y*ooKT$LcgmJs*@d&-*q`xp;P
zFcYdp`#m_#CQ;&a2E|uM!h&-h%^kxA+IjksO0=y@vWqUCl5y7d=hLA4RGjQ%TuJ)Z
zsnEztXZD^oVXrELhs?X57k3Lgy6}o$$x5}?v7p`I`pl8R9kz$Fii%tV*R~(Vyk4wB
zN@ja^e>f6ZRxm($7->wFlZqCrv~Y?ZUw1OKz{rN;>!fp+LLbh*8~k1pWz0HeK8jWY
z;9^8!r#@inl`xxzr)4+9+jD7qsi|18tit1l-K7&C!UVen!4%{2-W^wKO<GeKeX)Z_
zfgcSJk>11O<3gmY8;C1viM`J4AY@;=@3$o&ybFp>-a)BMTvj&Hb8MGQzSbclI5D8n
z>#Th1Kp8jr?vmT>mMWHs%!-l_QJgqALBalswoUsO<CAvE=vb}IDm*)`T{Q=Gv#%<Y
z;Fg)0y&4UOClcLqm?MgmQK@o{7gstw0ly9e#tHFzviugWVNd#PZ-WVoq375qPlC>k
zL%iR5*ND^gEB|<dDPZP5cR65)0kI79qY``6d(*SgypeKfB<<6~Zi7hTtKLrW{GO)E
zewESD1-vjbsped?rRp6lm49WFaSjg`Okt93ml*tEI6f<!AUEJAk{lzRo98qzTxYWD
zH49}kz@S_(b-2H*H?&jd2!RM+AK;wKeSN31^YeQd;3?H`lmwSvCv1UE|1$-Vc(eqI
z!=pjkDRlK3-<18y5Tza)4{=C9Mn*c>!RZ7DADJjU>_+u5_q5A#<tX1Jrv@rjOdVNO
z32zDe_4|<Ht4oi=)poF6Szdy4vvjpejX`Ra06`i7sK{3*(AD<8=ov}BFK~_%;7!VP
z6OxYeb2Y#^#L&~BdVnH!H^Batj(Tv6AR0J<>%d=vTM}`j;AZgWUN{C^3czY2ZXSR7
z3TV+tdM^f93as^sICJqQqTSRQAh<Yv^ELuy5hIxayA{jl-1yJCjHDm`8;m>m?MW1j
z1o(e~&wqop{}xIAui6FSX(Ddle}wCEm<R5gkqeOiwB){hd+Lh+o?Sqig2cU<L`Lqw
z9P<7h4cc8blLJkVk54B)4{&qep1K0Twttlx{f%trT>R~F|2uX8#)TlTf3m2*VcvJf
zHEFls+1!-*{pWTm<tO{_?bx4{70n(9!}>G1X);f_A1Aih&QAD(FcV#bcoIaN5<vnx
zlc);PmMKy9B0+t|M}T|;Sm@M8&?q+(I2c4(5CPNzCj*?vRQ`&%E}*>vIo%heF@Lkw
z0fKvPP5KU#S4WB(b!G8^ZjAPFa{71>=66cabQbOGJ>kRORj$E$FT;tPV3D-)xn+`A
zH1!70njW#I?_reOfrsxZ`{QGpJvs$>X$_K>=6-!NfpN#0W%qxsPp%!1ZhZN;Kup-S
z`+$T-p>5>?Ba1T_C7*;K@0^CWL0nfgh@Cs}vmGmwPT{cH$l%PA_NUUsmy8)_deObp
zOjcxLTe1(oNqit|A|anazbcux6m@QRg`~<mVk-9josTb9lz^PGnE^9hLxikYCiYdQ
zHG0H)Zxbj95aCLyH0Maryn&WHFFjF!b(%Pxy?KMJ!Q&v!n{u|`YuHqd$u4%7ILotX
z|CO-AESuI7TM31)V!cb$9UWbXs~3~7^5ym>F>*&6uCx%t70`j949j578tpRL(DH0h
zBLMz+s`TL8Fo9ZMCi3*|bc$(|`Xcw(o>v-#qpHIEShN-k&Pf0wnwFV$#cC_~D!S}m
zkXvbJ45o()(!Mt)elOQ(Po{m<Ano%G9P~^b-=<>6^Ubr)!A7Q8w)y|;!RwP4mcpAB
zX~e$?{Cb6^HICkuD=Ssmj^)=BuaeZfhdXJ3an2(!y}OK>eQVswNs<$rpU9QjJC?Ul
zh(Q5?TZ)BhW!r+N;i>qSG_y~&#3)SlOadrIDtoFUNs5_D03REB;%6DwOVPMgqi9S`
zuX=eZM9W9naywLG>325yRSM?gMK8MbvHq6q9j%?}6lTOw`C)aG7B;w){d?=km+q0H
z2MqenGk<OO2rL`4AzQ}2+Ng<AgU(buO<2&t7t)u+c+jH_$FMvbYM4u4Y)zrAzGg5}
zCDX|(D6az2jXdYSrPx*~XSm{kf+k8s%ddd0=p7`S7m9rXAW?vFdwBWSN9myi>4Yl#
zgtcg?ZC-WsF%1bmI#hYw1Q^RypoMne;aI|(19C<^+JmNI<g2gb%u<qE=%kbgVm(Tb
zb1f!K<y<+gaOHB4b7?mfc|n{Ie@tvL5htmi=*q9DnD1B^l8SMrZg7md);`+1jf=u<
zVv+agP`Y=2kRvX#WrmM*-|$I4T*z#o6_4|Vlq^dMpuFzKCpnLe{pRq~k56M;momp`
z!#=}hA0CC<yk&Y<l-O&=D}$WskO^c>iP@Q2evK98WqX92d5?>4(>M&@6_*!&#-pr|
z@OeCHnI)wyHSw-J4RX=^z1jbsM;&$_XS4yQX49Jd5?i1gCx<UF3l1OUn|;4CO!@jI
zV!b8<bfxzuB`vKs+b)H#K<`$<Y7bC`e=wA(-9u{Lk=CfXBv<)>e_kT|X>1MOti2?S
z`Vc6W|IS)C;wN!^6}<ri&TfOK$a5TB1?jj7>^?ekkXaP>5Gf~ELJSQ)KOeZ8eDu&o
z-dOop%7k=j1vdpZ3gCtSA8<&c#G5MZzijP39{9q>bbEI~v%~<0=t8(H4Lin(wR)Bw
zR(?HJ`YGCda3ZhF55gXTRUq1>GVxgaxLHgHzXkWQH&AVquU-~T9>+rdnA}|x1W5a&
zK;n~uk*`kWxA^Y2^>46BPLNCwL_bJytW?a<(7sT#9v<-D=%@>i;a*1Bcgm+wiPRu9
zQ2c5~7URt?*<7pWU9JT;F@evW#7EB12-ZkURI^0wiYL7FlV<(hLAY#%{&w64Y+;uY
z9#$U-lj!B+wEHNKLUxa4H0>xH!RJxd_ELIVeQn|FV7D?nY{uFNAm@x12YFZU<92oB
ztnOlA7A3FtW$KWm7ySA4!*oqa?2EvCsV#SR1X$N5CJ-(=1coLNoVO+?jdr_HlY1K8
z*^t5p$LbE!4@gj!j-6l@Tg!}M^YH5Al&!?ZG?YPtX;A@f`Ir6?#wYAPkmN)%yXypc
zk+r!}I$;<SI)c@uE_SlKp8P$}svupO3h>}Ec6ROV{B(J<1g4pkj2<>^rD8VS;KCWR
zybz1>&&6%71?wG6*7dfXrP@j;tPK1*gt8bwd#MyYF%HZru32F0`6L~tzPy|_cmVjL
z>y5qf-rPvB>iw`NfA#Bj$QPqGledJ(;&7dA)L#1sbj=7BeGDz3i4GO`$|wgUGWSv(
z65zm=SGK?j#%s4$XE{kS<eOO%hRO;a%2|Pa6_1P~H~~pxMrM12U-LxJ7P|tM^p1^V
zDGAaCb#&HBNre||MGTpn?V^JTpz2yUS)Niq+;CS|Vf%t}b&v?EeY7;Yy=BOc;Y&B8
zm2gOW%B3`Qm9l7qCL*;BNj9J%XZ~01TB34i84B+=C)tob1cLNFxIzi39*;2IrPF)k
zqH^uEU5ggYBmupY`=+D~&djF*05<K8;_r<Xyt~V;K{A3Vo6rS0$^<6JG_V&z<WoUW
z02gM$7QhII^$0+!q5wP~HzS)L2l>cM3IY<=85kk}3)7j$H>hF?a7+f@zuyM{FJw8y
zlL~Oszk(REsgHotDceD41L1F~A`kZacc9F@-G6buX}J9Tp=QecQ;W~?WM*Goc!J;b
z5y0Uo1TdGCbB<^?&B}jgD*za0Kpn!NDF}+x3;uZ@fJFbyO2KVF_d#wl`)K2P*&>Vo
z=l7jbmH)x#o2$Esc}!&^KpzBNLGUmK2zmzf0wji%|0nH8E^(4w-<(eXmVx1b%m~RP
zW|;R45(kS<r9(iyX7{Zn2IIh^iz%!7MpY0IS}e==9nz%vZJ8tU!VEfE*|+r8zUar1
z5-Ct*SRM|$W|^hhnmAMU4`(jFeObD|xA-jh-jl&6f=5$Rw%(AH4!!NL$Dr6uBe4c3
zfl9O)W5kWv@#B?d_7?=tS!>+U0~NBPi+om(M9T*;m3l`Ac<2))uA581sO0oLDoOhp
zJsf6#Awj!s!ied41$`BFzOcKD7Q{L0R^MsQlhRxh*n4HoN0Mey=hMi8(d&Yvd}U~f
z21P=biGjUX(vE6-Eo>`Pn3F>=S{H0T!8qC)e)%nFwND~l&+=s8%Wz?oE3rp(gcmjA
zd{pM~B{z=zPF>6hYOxyi?|W5}u&?!f;}*-!?asj$-9|^s(J;GXRJMS<ww87bB_)4f
z)@`Dolcr+mB4z!uLr+y>zs=nQe|Dy|f*LRK`C6N^Jp?s_a-7oyp(o)Bi0{#^8KZhC
zu0;1yUoOW&!e6Mm3R+XtNG4Sn#3GsRlyozji2Ih-G?d!Bl7{O`(r%4=1Yc~dOhv6p
zzel;4CS1<Ko2?kG>-xhM+IV^wy+*r2{JLXRnF*be5a8kJF3hK)#R~nYrhK0_TN|eI
z4(Nc(&2_L#-0!W;#I3$IWr^z|g#04;`625?T??y*L%Uy6U*Sk}*N+X3m60}<=5d?A
z$sLLymY>WRmaOS;j{6K0;zlPz9%)!Q^8+edw4{QMxpavaeV)$yKxq}y#W@Fcxlu#I
zZ$AZytl`)7>pnp7JxoekKn)HB9=4F{S(l3sNQaJ`ebG^o$Hdni8g{xoee4w!V(-zS
zqd~BW>xTGt^IBpzZGAIQbMys{&LuFFtZ4h`AYM$mVwWyZ9lz*TM<s?A=%VVqAkP9F
z4lTZ#LlP$70Q||N_sPUBZC_Q5`2Fb(ZZ{LVolfZ{;aDvS7$-T)UBR2+f+)UO(KV*|
zDE6^;t@>JvQ$hN6w9)i!+;MBbGu<h($~xr9L*W)YW}j=XfJ9(kC=u@RvZ+ZVHLA+w
zxj#^Y5iQVMKU&bfB}}|hEXY#h*oerEuN9EXx{I0wU&XG9B#KJ=o3FP9)tkOj8j?}%
znlEVJIazS2j`$#YjSH~fX&0<=lmv&jO>{XOU9Zfpc}n5h@R<~zS^+0X$B0*|2=$b)
zjEeU3vqTqT{5QO-mh?Wcd#w4v!1ZKhAx%~?X16P>VtIpJ5Doc$$QeJkvmYpX>)AbD
zTPGH_KlJJ7>d)&!On*w#RN}LWpflujtEH6!$1;QOKrHzt4hTvZf~*~UlH%b6SC3x-
zp>QV6U;i0X@-DiHlcqKJL=l}aMj<kJuP)J8jBVJ7ETS*xbGZ~ZbVcys0n8}K*aZ#=
z0tH8~Rw9myQ?FP$2wQaHabMFTw8o+o0yv-Hem<NDr2`_S>H~<UR3Y%q3^Twx(>hm0
z<5x4{81RyNx}Fa&p~stR1vgBE>veF}QB6p4%!y|Clh#)@veZl<*L8#whc$mD!I}f)
zbib;tl?PsnT4sEyhez&Upxe70aQ)%55S+0`>(S2L8?e+J1)LK4-J)(3)eCN@w1ggG
zeHkQPUqt~9*JpuS2lWYI0!)K1%R-fr7lL*M-tDC%XWS-n9<$&2mRklibH%MA>9a9*
zwLYv;;Zw#PPr~);TiaZH!@G%Rb8ze!)Vs4EZ4~eJi0uf{Dflu@9L7H}Q-wwu5z+eO
z@KfNS%YEO}vRz$6Z%6!+{L-zDg;a(RMT{cFjjx3~nG<ZntjK||Sai1;h4_#i!4ZPL
zG723{ik4sRr22(Jb@>oGL_d%&N#WXS3fbE@++DIZa-fIc-M0vq3GU<Fdg&cq$R|kp
zC@`AXZ+Xv{jpHvg=5ec}Ey+1z6LTU>_AiD_M2iVLEXjSjy=vHW*S6ZVl@^?)BV^+$
z^zaHa9zz&a>g{b!KHPWL2q~6K!>}ySXmHaK?t6_P_Q;Z;wogy2(*4_7%pzZ_bTPp`
z<CoE6iDhaZQu!_HBkw!iQpxxL+u%0@Wz+H^qt08*kF?jmql<i&zMj_OL}01ar{Sw-
zH3pw}R@l5#1ke38Q_&$rP3mQG2=3bWreL?lj5Fkm*jbhB#hAV3$6AJN(`?G7AE&+q
z>97lJ<WW`c<;r%brF($HE*yrm=MY`mN=(f%Hi_YrUJv-|zPR1a;r4FpwKMo}T&Z7)
z5j9u4dMO1;wK|*0ckBW`zZiaA)P29KcNtCEbV5M_ugP=&;4Z7I7o5-(5Y_&ZDsG>{
zH$<JLp=sDC?hA6EW`mQhL!xX;4+G`~p@$+5knVEUqEAxq+SK1o=V`<TL{XdrxgG2-
zqjvbnEC9%UkAXQ}Sg!BVkIQc)71$rjId1E4bzv}2a;n#XG>F|ReLUT*{ww9ec~u<o
ziEm1F*6}3I^kO}K8lxPg9^tdSwOH~lEKWnuQQ2Rg<6Le9yL_6pph>7dEmB~eb5#Qo
z$h1cj_>ymM^S^Q~00IF{&fq3wp;>4Hw)oSkGk{s})M2I~S^G_T0zm0EiOJu1JFq?i
zU#GntkP8C4X3J%OIF7}k|8g2aw*uHU&6K~PVb<v(^!zik+1OCPb8wv%a{U|#IL%-|
zsU0cmB9cOKI|N-%vkAEs<W&fpW-<c=x=q&<kVTMHzhn1|*rpGIgx@&~ttEQa5YayE
z*ekJF4~50<+^Ppsn${GH9KNKh=TNkL%O^E<8h9H~gh_{uEHWw34&qipNUtY;8?pc`
z0%{TLEFkn>ycWcWNj6X82>=q1a5Sr4lY}EWgJ`(;891S^^EOEfZZ#nUZwxwD&!<aD
ze-;owO{KaOXqc*d;f9iL=J}Ni$e-qr&nYg7=b0lWH^_a#!XpQp^U3&^SovmdD>NF}
zcE<9Tw!#rY@*sxD=uj-j;P#RH>ZS>uOsnIu{DA5*N=pWPFf~BhbhsO{m5NFbUB5t0
zYJD|2AvC8TPjHf%@J-W)%k<k+6C}OsvS`0=sgC>+vnOktWeU@%+<bgcdyHZ7RaTFV
zXo}z#AaTldG{j{<l!{@{Q1k|cejkhfvd&Z$*EO`T;M{Al`mD&}*^o%DY0<D}Kc!6b
zczi5gRCAsza2s=1J5)pLR)_DF<0>;B9~hJJ;S=xwb{i=t&T28EtCzx7Y9Be+@sQLP
zp0pQ}>s7Tdjt6RP0=ZAgKp#$wE;**Z&^2!5dPoILQd{hi^XAW&oq@Aeuz3Ntw6r`N
z|6vJU8Cho529TbRTJx`z;qco)4?sc&BrT|7s2}A^l5nmCPPe{gplk|`Mfd@<V<Gkd
zK0=;WFc#urjiX5MV$zWad=P@Grp^S#T2COl#81wcy-DyicFrRI`ZZz|K&dB5pR7g*
zRunvNor-(0jGE_XdPSYvxSwt*z@dWOXQa4<PFYTz)>yuKX%HqH4jj9x--AQSIg={5
z51xPtK)uhyQl4%3(oIBrzKu^7l=|&Tpf_zej`lcB)4n7vpQV0Rf-|MEBg`-roEG{{
z0nk=Pqnk;=-aQcoeb8v{aPQ@AjI#XlzI<LkV8mRvqTbFSz1(ZIAX5X9jD3Cc+186x
z)-_3^B?O8WXUOPbbR-eFG_2GQP)Lqs=d|c1&+k)5CLR;Ak`%fm$(IyciaMrdj<S#&
z!|FflNir+P>4{gv#=(z#&#B#gHCKdyfCxUM%~?XSNXOOtuTw#TuS>n!GHL=665c`1
z{rXJS@pFLHvkpg{$&b}OzpbhPs>*!re!l@4@Z082=8(dZ)@Xl!90O3O?HU+~gv;2v
zvPWp;I7tf)rPqZ})U0j+J@Hx0MPVCvCBQ9TDTjB{2+JWyQf7deSg(p+_*~TjQl~hK
zVYjsMyq;R8skHZPVSHjQH3}CGtcDxEQp&i(C`+fjK-S|lGtu$Pz}vq9y61T5(Q=@x
zO`4|*{5|_WX_&GqQI3RB4v}-)uOvLA#|0qoG{W9cyA8qLn%|>6uwR2=(bLc7ngfWE
zO&W#3nNws4yeru?2AAzSb-%qU9g4rbFroW)+&621KCv(V+wDT|ycOv1bbOjT(R7>v
zkyK!|h;v7xyWr{8jEer#YeCk79C_MvfMuo)li&PcDk3_XeWOr_a(%<rDG!ODqVIgi
z<fBn!#Y|3y0l@xO@uy<hSFqDqH`xW*96WEGjEu;-a~{4ThKq!;Nyvn_YS6Sa{UixE
zl-Xhv;#y{kc+-cTDsRpN$eGfJ;E1zjJ;Za)kRXWg2s0<K;4}%d2bnGW@&yiUw)%yL
zVore;5yfA<o<0qrVzyMAh_gS3_N>M&jZC=TG~a@av!113wu@TO;4)n}1w;d?C))x9
z?JhG402)`O`&I;OQRGjzGzj*bDZBylW(se7y7;y~ZzNYMfFGd4L(qC5P#4hmjWnwu
z1+W=<1RMqOn7j-*IdZt^jV3Rg246^pd%ChXMfWtX|LH&i?F8#0?UPf$Nzl(Dh+BWZ
z3!+9dT|bj-n?_<&Ee(Rj{sa7+)^nuCeO7tro>;)8Nd!5=m%nA--0cw?0IZ$jGB_~-
zhvuj0U!BC5m}k>n_l)9!KQ-7-<rd#}<Nu2ep+EKR*#0<~g8Yj%{<*tM7$qVGFx>$J
zPKc~HA^z(dNeb)!kivtR8H2)JP5f98N>MQrx`J7A?#KU=W+wh0t^cQSK)4weB2`9h
z`14ek>R){8<NuPWuH7n=L$m+RRF_Cbx9z@iruzMZKi7{vvfXcIr@oUsUs!R&mL2iG
z?cbc@yn+x{c5+=vsK@EAn#W(ATIo`Jy{b4ddet+RpbgD`oQ*zneRJBYjAXg(>G_rO
zD+lM(2ObI~NF~6Pe${F|3_4Ab;_l7Rq_uih7k2QOXocF^|I;M=e>=S&Zx~QKK8O`e
zke*yV3C6e_;k|`DsnWwi(VLF)frtHwOmRuSiN^ES_MTlCoOibaeZq*(`F+#TQ~EkX
zKASRdws14?)}{~8qJB&haV&k)(O0;6T%)mczTDAU{g^jU6yFIxc54$?e9om@qgS{A
z%+Xut;7feD>AT)SQT-UM(XCBQ#ItY(l!e=jERcbty+9R?Uk&1lIXAyjhdU&z;eH23
zj;nXt8|UC1TryO@-<e8T&us+rg+!{O&mm|2=F0S<^Y^*?Zt;b;NALqaG%J+T#~xN@
ze}o`ShKxa{4g)vxMgf9Gg}BM29`Y+3tpwte#MX_yFB$)m1ovIk_HoT0X2HIvf?s(t
z&|lJ?pRpQ#SKHsD=2dydKFhMB!HE=>lsk$hrNMBkh;)3xctd^f@HqN)q2Kz|*8K6q
zRq@jLo*gd>$(DiVVAM-kX^ipKsdiP;6-JwLJ1jVNz>t48)>3h_TZrl<Ct6tz9{qWi
zw<Ggg*g6}bqKWD-tm`1<KHqeV!J`nZya)1v+9Fb&_6PW2cl>G=<6w37>WY5eux!4H
z#k~*t40CC;89Jio$TF$+EVY%ehSTMZmIH3Gt-hS+ioq{6#}D)4v0zS(;YIeNLT&j0
zVF%s-?w<XrpQ3sM%c;0Lj%L5#zHW_65RbJ_Vzi1+=MZ%~;nlTUMQcXhvdMw{&g`#W
z_$}!UgA~;;shj{C{<^T14LJib1e!F=L&xQCtLdvpp!L4kx>k;WWN^y)VGeMa5E}RO
z)eacS4Y2Rr@Chh}I!!RcC5)PEu&c-?`Z`pZ)ZFZTD7C%t#2DjEfK3M=7N`}XAL?AO
z;E0f*d@0Fw;&fsvQ7(?H7&{n7*m%4$3?9{y!EdJ!EyCEBB3+7{%8Pu})V&$Rt{C;&
zRRJX&Jio3iza+QIp3ug3EApiNq43UvGMZHlx0t!+Qy*UFa=S=`F6yQd2E!Q~^E|Kd
z{$><qEQ_yRyfBRA!qpWgr(E_u85Q|ss)mWVS?AK<(Ha*hy3Fl9&J%9*tWac%D}I+b
zApmQ!p7BQpX4s~R*|2Ij)t}Y8N~}HLz(id_yn(X*@w8l&Xgj0}+TC96v1A2_Ifs!o
z0(Z8DzpZvL>LI`Ak)k&dJByA*udDVd4;Rm}WM_~a<Ah0qDK4PQVY0bK2?SdES1_)U
zTRq8?*wQM=@w4PzwW@sA0v8`PWvFQ=BplPa3ait2`Ek5+2NW);Vp%=$Jl?&pOoUra
z%u|DuQ|gAE=a{jQ*Oxi((b3>$p$4u6WRE&MjfO*I+x=+?fx8Lqc@61Ku>2i<Y(lgI
zPArm@s&>h=+}V6yly=3oXs@^>`K}mo!iV-YvyxTq7fO?hF<~c70^4{um=4*!A1Zsp
zuHJlQLyz(O!1T)*Z}awR-rAe{fob4?6VW(p;fd%5wV!gKq*hrhDVKj$I0+xP%_lI=
zJy^P-)y5)Bq1~vr_oIGr<{pIt$TZx$(><WaCxA3QQC6vUU0O`etC2O<D#=HyDU(eE
zzQI0ory^^Sc=TB<quP-$MYZ)8U5fq~J|Rm758KRvG^5dL)l!;stV-<BL=MDbI~O!_
zHjiLA4MzBCg(09bX`rlz9Qc}GkgL4Z!XSD0z{S)Mr;>YBI4mi$WQ?d$_h!dh`~B`w
zrlf@QYTk`bncf>!M)U!k#bdV$UPha^R+dLzS5~g$V0er=E{-2d8RC`Z)YNau_U3Cg
zm<KXtN>R^zJI3#k9UFzQL4E$D@jTz|feDrhBfJ71S3%!?bWEX<m|44(7&O2a)4GN3
zP)jT5+VCkAJd==!7riCw^$Oyv_bc9vjXpud<rf(;nG*qJP<#k@JhP;WE$qjN=5>8e
zDt+1Et5!vI*Nk+L0{yV4vz}XDyFO~LdB^#X=dDX-c?)Uf=MJ|&%Vm`}5mQ4>n28yP
z21F{0W9UJr;+(%YDGy&Eh$5q0Dp(snl*$9MQPavMhKzEl&>TsgcGUgH?WH;AO0~CP
z^7=$*xUnGkLJLr{hwQ!dpT@8x@;1>cK#O{Cdx7VsK~?%h_~AgQqFfjl<&slH$E+3e
z?Ur7viVbNaR>@eG4$@;TRw=HI%y(^5);!?Q0cN=Z9`{sB+rz6-1%9b9gr~z&a(Z`N
zEhL6tvKxDqx)0|YQq6r?=z}8+%4qa<V)qLaEgD@sIm<Oguaj7CLh!K3>*wr#att}?
zg~>H#SvjqrwQWi2ySmfUqa>~1vB1=>msMj7Yk!_+x11!67RueC<+FQLv<FE>EyN$f
z(!0M1)rAV7$Kzh!+mL$sDJ@|w`^Wl<0GmY17QfYFSop(m$Szb>9kjl)m_FIE2#(L!
zkKoIJSlB~?boI}>)WbL0a>3(Pg`FwYU>@tHG~CZl=eNMm1k+q;dr4PN`12b5;5(GD
ztbIwI9y|inZoHRE=wUP72(60D#A)XbP4FeLXH{+e%Ld;^f^jY*B&fXuBUq=5qQIzF
z(`}Ja9;IP&oU6cVjPWyg{21WYArn`7x*zxB1waQGSMuU<44CJ-VWS26bcDYkqE=Tx
z>p2{v;wxNv?oh?dJXhO!_}DAlTPS{No@?S0r8lW)#69rJmmVkkGYKg;xJ>Rue+8Ns
zs{l<1sVJxWv5&N7q%t0yUe@x^63&GkTZmyc@Kwy`@&35H?iZQE7;5d?S3`3CaA$5s
z$Wj#Mgj0#OtTYH8ByQzOOjoBxY^>so(NQmI<<M&GBd?5+f>113V{KpiJp$LKL$hHt
zw7e?6yC+M|KjN98W%5mh0xumEBDsoTI<Y}PKBFfprw`}Rj{z36Qy&OLSiIaMTE$L-
z8PUcKBNWBE2Ha1nxIGFcmDpLMd>nO;9(GrpRB78pT2XJzJJwhMd1%Cd0=Tllj_dQe
zpE7d3oiFARspz?9a-_?pC|cKZXClfd6tqj~To|BS5Xl$)cqQ4QfavI1{Dcr4p0w4{
z&v)WEqpR7|^J*TdX8?r2$Slj?y!5UW_*zM!ap}R7TtgX*Fa54F-;%~qSSPQ+|L9X#
z?jGC@1w5w7mP1h>P_oX!-kR*((WChe6NOAoyw2^h1Pku)f<&3P6rAbRCA^n%#9P@e
z_v($zJ?&%eOPjEsjy!kqLGuvL-v6n`AQGL$9F+C0dMq@&gQC&BNV+AE91+BPXT@2~
zP;iFj2g}h|5Wx!xX?kHDObkSPo$Z@nlR(aR;de7RmYjA(T~2g>S7po{$NC#Pc<z3p
zcs2G9c^qXy%kX25=Sn3dg*PMbC<Hoo1J_^cqR_tCyD|D|H6xtEW7D7jFx7Rc)yOIt
z8t*f@0kdg9PELZUE*@FEM$9i~NK!$4a~#1>GM1KFfQmt@0iehgzn7q&4r>hO(<3~0
zHxV;)apKw*B(VYMYKgw*4U>>@00R(Se2ag?AEut*9$;GFbrx=ba>xKob(wtoUg=4g
zzQb(#y(tVTz?k5ss7*jgW`HGMxRE%GLFbR9PXo{2_;S;iHWF`5BiDY+he<ff7amJL
zhoIRx5S8zAb<SP?w82?8#$kHje*^pew}b2d+6|5(Li-Qo0kfBW1OAUqXAc>;&9mZ|
zWZQrJ1|Z`=)M_SWQCv7n)<0)5<m0#hMop&DqUnYI>-F%zeS_~5{U1$cj`AaRGDF{A
zEBqwe=33Ifxxv#$ec~9ZI5KV1j!(tJcQZ+56!9v*{N3;1-PK(%r+GSy1S#drCBTI=
z5vR-*i5ltCe&7S*g`1~8;?u|N1s_fx;}vc*;sB;}RImnu*lr=YD}dvFv(w^iE6y-!
zyIJ-@*Zwk_NX-m;65j|jz%5!x<W75{r%g>nBWdqOneo=!@H5=#XKfz~zituP_&a##
zwhbYzS&nCnw=k6g5))PMUWW8Vu9}Pj-xxD6$ORd-(q&~C7KM8(AZVZ^mTdK~u0ZE<
z2nt(7eH7LwUZtB9zq;D%ETi2iQo|$7wb(h>i|YdgjsuShOcXg!R?axKv0yyij9^n0
z^Qk@6ENouvVvBoEI~S^>IUmxlNZJiApp(l<4cPli_o;fzN+(CO97EKtYM&=n*ZF>A
z)Cgg7Ht-2oc3^P<{Q1rKwv}<~7QV*W(?XKy1)khC0!Z^Gjkvz6omg6P{jyTfPDq*Z
zD_LJ}u&5`d2MU+#xfm`<CmZn2ptoG@6p>BH;pWj-4?;U!gV{f0ayu^l6mf&pxxtz1
zlZN=|se(dgHm=sHHKT4AZ6x(UB&mQ~qvKS4D`GooU{l-`0Kw77kQUIeX5yrzoQ^vz
z8Kex6RqYrB>@H+V>(Cjk-!g~Kxv#q-w;US!q>C!ebcTmQ%+k-a-eXdGZ*=Ch<@<Zl
zFaJSJmHQG9=vW#$@<UHA95Cn!uecphX5+~qw7+&Mvli<?y`YyRI!P+Xw%2qWEw{k9
zcIY0lzd@>th$e!uH(#UQ#S#_r=oNBiL~9b^fjw;49%q$auPUB^t%sx&L@J}j!IYK;
zmQ?r|22)z`vjVb(dt|m~URH*h*BSM_p{14GF2yv<i8-H<r_1)d$@6kQ*58(=Y~C4b
zIr?IVY^^SiL7{B|_q+NJdrUmCGUzwX{M8Z}(+Y~lB-kDDclF?%j?vK+O5utntVZRI
zCMtvJ7$<j|FswmdcJK3YeRDhSv@`{yTwJZ@{lQST7<Ksqw}}t5tL3thK0&2vVDzL*
zvae^ESL)&Xp&U(?dI2rOzIJQUyU38JJ^g+GgW-^LX$;+2U=RWy&Lwbolt5ubjf20W
zjk>uQdsppf$aJAgo2<trE2N#GH?c$#@Vf#x#lPfq<?$5`tkk<NZObjLh^j42uc{~F
z!ek8qn|r{V*40#0c1~ER&?BFq+zKG!+Z?C(rwk9zTSmdcF=5zev5L)E5@W??cwq{w
z#Gv4+AKx!_{BU=qb+=dcj21?baS;lJ;5Rv4Aw5eC<JYRI*C{0Vu~Y2rMe=d6VXru0
zLG<4pG!Mt&Q=G0|&<x9ko2q2`DLvO?g`aUKD?*b$`=^>l%7_J8W69H#T8-F!tg!}4
z+)rus@5S5qAd^}x1>vJy!m#$s;XN(W3J6zl;lo@4mf@GwEUBllE43pqtdwfN(Oz8L
zVl|Fs{b0DOc8_#ci>eLtmoE)#YcicC020l>#ga4VzURr|x;}Ojj5ROWXQ{7)wqfjE
z3@11T*T(wjbrT+p`i`GR*>_|~(28T>_#_<cYFxy-iz2EKc}Pz39Sh3QWcaXY!M;;5
zip=K`&vWhsG&H!8V3+(j9@~iN+mWESI{Bd&W?A4`T3U;81q%n-37B}{P{~;IAi+Uu
zkOJKf_w?)=XZ$E`NyM?p+=}oF938iEQg0P?k>JhsDI3Q!f3FxxDKXR(x8wxx)lA-j
zzgSg%t(rh3TIe54Z6fkf*~2Gugz0R?c~p`I9O2zL%0;!majTfkl%@iL1JqAR(^MV$
zsoFtx9KA5lKI<u+*!k>n4Dkyg!Tlo*7A-h=pb%!9;1b}nh638KMiWs64f`A(W2lN-
z=HkrIs>rup<Vwyptp)~VNOCmc`SU9K_$as`KEmY+<rz0JQ6zAn$@gTHcwJtw$1reB
z0qvrR?4QN3?XBjTsR|*I7-fQ;##q5uS5nORLLI8vTRoJevGX&2Y#J>>*(nB<O|QC>
zWSH_*ZK0YvNMQ&M=&K^Nb3nzy@ry9F?N*g^LJxXnFFvMg{^Y#YXF+69u0`Sq$j4fV
zy)UbPnnWss;yM`EY6*OYWvy}d_k5~qlV5a@?5G3uLDe*;xwPe>inz8vs?j&5>&m4h
z{6u0hUo2i%Ve4u}+KIdcP7x!cIE}#vY4ktRTmm<G`zN(Q)XSL}IH6!+Qw7}XSOd@0
z!$m_4JDMg+ZX@3`F*Kt13Hhc8KQ1FYLHZEDT>xqezzs+iSxge}*zLd}YIS+1SeO;$
zpC>sP*B896uM1t}u)4JS9?{1UcGQWS?*d)LSFds1pT`So$?g{Ve9GZ!NPrAwCB`_{
zgVB)Mn=Ov*GiBXsc0cE$MNjGZVXZfORhW_YGL@_n*d~c#hH{2LLIGUOD#^~C(}R@H
z@<=8DMz;LQ)oakooyDklk7KG>mWm3=%nz&dz1n>yk6x&*$W6K&jlDP%EXEke>pg#L
zVZRa-tIxudzRBlv9qVVavS<P12lx*`DNV$%$B+?TrAPn)1u@<U)S{y{3D_}p$yCS(
zt01`m2r>Z3BQO;JikaHC02oXq76SM%RUQX-Ap1;3F(eB@`244Z!GZ{CnU2)9f8Ga)
zs{-&2>g>~KV)K6l>P)lYulH#pmfaDY=bL>1T$;?4zB>}ANld0w-@>SG5LOcyytz9G
zmL~cCcN+s(HHE#9tn6Rx1X6(+9w2yT3akUx{}tzu#|$$k5~LM>-baA(5M25lPMj-N
zWbOa_wv*@iclH5Aff-%{+NV=jAmT}l`xob#bS2Z6b>=(>5<-*@2x%_s{#Jbu)tpR)
zrnGh{9h>3XxBK*CY$o~k%{~J4Mnb}W$RZ}U?Z*(&Itayoy)iAr^H(XKL<)>ZbBfZQ
z*LZb@jpIS2`^H>Z;Q-ij&n|cN!QMqHRyc`43<5sxo^QjucTB|arlc67&u`2BRTNkD
z?qSIB6zH<7)^P8*9`Ebt$jB@o{_rIV(eo9`Y<xCxs9!gBef+qFr%C1KcGZi-F^3i6
z@h-r5&tw^nZ+)s2E=bXWC}z@d9Ua4glWvq>qncdm*%M*kJK@~g{F!-MpQlXZb!}(X
z4AWOvd%Rb?`&7Ywa1D1n?)vp4{p03$g1+$e3qM}Cq?o|-2+=zp$a^mC(f#gSq@7q=
z1crX2>~b2(IiClgkITv7#mIePZJm>^Y!e;si3}W6Q(8CPD;(h)n3tHej25QMQx4je
zfFgeBswuu68Q4IL%ufSla`$G+NdE_3?`xXWM}BNNS=Ebmf34VXqU_2Lq89Cgu(Kv)
zW*+Q5=F8!nk?>tq{T`BV?GLl-eqJ?u;9a0}<+Z-Nq=<8!+Em-)q8S+1;I!**t(<E;
zgW@(ZR4<DgYva5mCy+B^Zt?@{#+Ou|H{TCa@j?lOsz&gtq2*3<5-cGvxF_=PAUZG(
z9k?gq6?;F^*R>ncHB-kyjJ1W4T+p*eQw(V((!7^}#!5{$*gIa6cu3jkfzxkJq5&K^
z%BtXFSzm=I=ch$%dJa^|d7iBM#b}>X^#He>(x`*NWnCq5aOE0Mi!z!kMigx&TG*4s
zmX2dC26mXeWet2yfORZ35>*<flEV6p0T5OqRhf$_R5IM1$t9>l>eY0#!X>_$hHj(H
zLnL@i<r?q{cod)C{^c2Gf|MGGix9dN%ZOGIj>ILf`0B${e15ehsF5XfZWq)B1U02*
zqT}6&WKj(uGHh@Kub@h%pfpg5Jz-RuY*8xr2l(<h(q~y1y3tRu9!T`r{i2naIW}Pw
z#T{RVM4nlX(APdchf`c#YOWjU5+OrS?J(=_9=Xt_gbjPRz8o8TsYi0tp;E4N5FdrM
zcTt&$koJOCYo8^ZFGzChuEmC-cJ3ii3qxbT*M;?SOeWIzvRR6F4R`qM`6hwum^8#Q
z%+nNe)-^X!J2y=%T@k_(UV@+CvZP?A7(%I&@s&vNNZjC_eb6=f&}LD;G8prjTCNJ2
z73>|kuMds3T8R?NI-3IBd%Fy1*#i{b15bL@TA*1Us-1WU2Aa0_`j1k-%3H#Yybwzo
zK-1)%!a4$vIF-JFp!l~hK`eg$Dho3%vH`GXCNiwA!<5`msPc<m=l*dk){+~bVA5p%
zmc{XjiiRrC8vIWsVz?gRU|uSI4CW%WfoTW)G=?t;6CdYZ;^K@r*9j2!VF;S;ppPCY
zZy!+@#Umuo3Duq;m5^%$+fK)MN3HREVtx&A;gem$a_kZk`t6(#k43<aFQs4+e#Kgb
znDhnS9D19GrYT(14$5UF_?C#^fmbvs!p0j7*Wt{5HMDQ50%Yr1qs7=PS0a6Pz58)h
z-FpP)&z57^UX>U~l39RZy-vcB!Z5H5v0xj8h#qMcyQ&|=W$C|H7<z{H4<HMb7_Eg(
zuS96_6}p6|s{)`USkr3(t<#?L9PHQ&w2f2EhWMQrc4f}4k~h3Gap)sKYrNEbXOE4d
zd=<kO8uqQg1~!Z*>8K7LLQCu8t0kZETl{Uiazkz2bzbhJNBE_7-4RU^!;9EQ$|5sa
z(@X)vySqO+i0Y#fjpaikVT=qcXAtW@cFuAQn91Tu@E?+chtwneOLZ(^6qw1P);R0E
z_jN`QUsEY;5>tnkbi>JK_zPugnq`qaRfzStOa_zOvmgTlI8f@9F~fYY&+3CwT!IeF
z!cl{r<*RyfyPh47G#-q>mtF`@=Hy$l6*+!p(!Xj}XKhP#W%bW33e|Tt5)TwY^-GA}
zO=59lgBeE;khCVgG{~fu`UW<&Gyr~Dnri%-3#>?biKl8D{gA!+J?SBr^{Iduw+i-q
z+G!2$rGOt_&jCn$bptMHS(!|PTA|+!-^GZ%vuQ(3x7&xW4~6*Zb_v-JnR=~fBT4HF
zOuX9<=_(wGN^ou&Jwm++9yc{t_a2I^6_V8lv!vZ5b`}`RngbDZ{NU`g(u$`|@bQ*3
z@{>J1^|+YoTk<L*oe3i9Jz0pp&Me(e33Nz|K9*(@!#tE6qd)4RRimm|%u&A!pJUdS
zV4{I)F*|7Y3k`eMUu22j`If9YDxO8C2pan=TRv)<t5kd2g*6WIuVT6F8TPR(#o&is
zx2P{%iiTOL<ZZ-8_SjoyX?g*CbCw(RKjZkc#~4nU(#{evspcgfQhQpyYUf3KKx?RP
z`%WVw;~n9NQO>q8>>i~!BIcBaVN2fe@?67*HkSM(W>o}rm2mV>*DBlqlQif2pzXkM
z7r*)JEQGQZbd<~>#K}xxrVu#k+-6xa$CU%{|6MLH`x3!4)7irm!~rj7(IEoSW{(;*
zdFeEw0t*ATJ%jNk37jc0o)ggfk1r>&-OR<aFK2;Uu+htJ#4R}6RHYV)Ki}Zlxd90v
z@4tO1VKC>@NtpiBDmHLnQD@R=#Tv1qLH?xsoJ5FE{Q`JCUDPCp!!aZxdrkqiiRhjD
zXD0l;l)$2bY-<wxB9P%5$1C_4sm21E2at8<rJ$K;GRfkSm(46+bAmhmdKAa|Y9y^b
znuk6vojWp?92R+_*3Te15quL&lPCEVj*o!LIkjIU(7aMzpNR@Omso~%?-a*zYAy0x
z1eDBV1y$9M2u>8<rnkcDqiB8?jnPEl_HkX)GzO8{*c^ClX9Y_I)Hel4wUFbI-B)V&
zW=6LMkG3y}T*tYN8tZS$!No@UX?+>4B{K>(!_m0BM&I={<*brVG+hgcqORlyytMuw
zhy8PY?HwugAfeC1Js3TVppY5yh6Te3MV<P^zq+{A=d7TLhEtXF-t(vq&MG7+@$>XI
z&V$`uUp<+dyB1`|>Yo|h6IApmEX2yEZObg8264chL1AM%x_n*toB#mPcezSj3j4H1
zT}$4^+I@}I>%~EtFDq1c{Wz9%qDtD;!W_>_*F+&qpJBD>NI4GFhzymbdFvv>dxZR0
zpJSv?58!rVq2Fj}WTK;{Xe{n}*BV!{(b^mw7kg)}R%Cs}!!3c`w63O{lQE$jYnPxQ
zPdc+H?L%waQ%%qOp6Bl@0Nx;;L{x4%!>K>z%cph4<IGSFFEva0HM>?2n@2ln4dtfg
z!s}o*HgCSW4;V}dvoOa!o@)WgPcv}T4b2xCU(-wqIa-Bol`$36Bu%mVY2ZtXm}f#i
z#9{Wc>jt&QUt2!C`286{Thk+5_1C^9F0h>;Ra(yGB*}D_D7`ph+G!?qtZG3~DcKPM
z&!MA+g){&}l7|!$>9@ipku-kB745jfZ`mVOOMIH&-uaB)`HtfU7HMBcJfUUEszs%r
zVQuk*&b7OBc2>Mb#?;Mz@%m0!%mK=-N{pQ&R2Qi8co%*Qse#X~-VM;|d_U+8@spvy
z<Is)%3y7d+>O4_*JD~OKgaS{ki`oHyWX=_WEiBJO7}bxNs_+SF7J|D4e<7}LPPrW^
znt;ovOb2`-FiD{Nb5PZ!WzFcw<oz?G{-sZzQS2GpMywnZO9T*1kZU4;{r@NC-w6=^
zDPjaMW13M2tsom0FlyFg3(odkV3^_3p9m9NJ@qJg^1066`owP;g)nX|qyCZ@V8v$0
zdNaOlG9*l!*`H$CzwpT4?k<QQvr?N&jNOkj%YVz6zYLk*ac24f``nWun)Qu7f@MME
zLxL07cLwE8>f@Y(*LU&zKSm7T+P|ld|0!bXYubqEepvR_`Wqv~wKPV&Un{AoWfr@G
zy5x*6ocm<+o08mAweFuPf&Y^Wa#csr9uv}6q%Dq`KDdIrK7%d3YxbBF_SA!ZMC)dH
zk8dGYPU;)-Ud)Cmt3EozK;-QyYeX79rX1AdZFVt;^d|d31fFQJWf{>VLBGlL!l2qT
ziTnPo_UPG5{|B{2OrhiNI=N>_owCC}F#s_>LI3wRT{M$y`=;;Wzhnczb)<uBy6Jod
z?frc(`s@kbf&oUvCw!+S#T$oik%NBWE!eXDMzKEm6j!M4X?g&jk-zC^p8~J=?A8C<
zX9)h^`TsjPknw=8Q2#_W`Y&dXb}9bFuj;ApRulZ})4%b%Pf^Au*jAP0!Q<&CSSQX4
zhpqOKJ0z?+w#Vy_Ck_pM$1W`@tQlO|a4b|*-4zbBSA8O%9`NS3L!uw<WA#L%B~^It
zmqSE7T_|oEA&VZ`JB!Lv^o-AkcsoCfRF3ab%dNb9K!1hv>b2?%V4_xMX#UeCGZ`q|
zRj)eD_gs#aaMy2=D6_ruZ0z^C-(G{Ss*I!=p~BKpSUu-+%bcT8nlzal_&0PR3;n}T
z_`TALD;@;m%RhQr%iOS9A<Il#DYB6`+PeRf{Es(wh8ll4Vu&X;AD-`o-Rq8uxFM9w
zI_q0h8A!U~?wWEq$9b{oqo@v+>AWS&26vH#*ByLxXklEF#D^-a9rW@m-NT=@6Gr%j
zrp9{b6SK}|zPe}ZkQnP?oL0Ht$YgX~b$%Mh>gi(fQSb#b`KG72&X+fpYrt;0PE8Lh
zY7dxh-+M~u(wD1tR_>k{Z@>Ml!Z+*3g=Kde?AdyLUqZiVj+?NrRc_*_$J?qMA{eDM
zms&fQBu>8F=JC5G7lm4S7MU3*(B@ruw=Ztdz?00?eUYIa)z%c*LwI}N(1RrB@umHV
zcPg(ZEcM#9)xpN(S=6b0uH#-YeO8A35~WN-C5K1Z+oVLAT@F;nzG7SFx2MS@6~_5i
zb%;_ooQtiz@3G3hc0GOvCA*4pFdqD5+@pq!P#$x0%zL4JzqE_b>z`B)itj#szGxt{
z>h`^xWnmjiqL^`yAECX^z3Km<AYOH`xW|f3?baGUuEC!8wBGunf|YyMwTzD6GES`N
zFt^#qZMt~h<@$Cv62DmN_|5Jv75!a5{4lW_dn&hH+pOaJFVWtiI5Wq^!?kx>R{Mzb
z?C(>0F)u57ao#T%9yzQL(IP*LXH@KQ8V|XDJp~$hA2E1RJ#ACk`*r!BC0oDVkKX)Y
zTZLiilWez$%T)P>rf%Jjp$_IsF57O&sA*DJ849e^vO@2&w9@wb?OlJY4qmyp{bVU6
z>8$GdYx;#UmrYU!w|+eN^Rv_wCW_)8Q#R308J%?4PG5cNr#8p%Q<dR1^L?|fEw<W2
ztvnV;U-^gneWl2-_lhBx9-g$TdRBdL!R{l@;)dmRE;ZifDh2mruO4^S^OBNN=H9M<
zaz2sL@>>32S`&89`aRD*9P08{x@){pztlVYHD~+M`lqjA4BOt|jVw0#zgScJ;sxbk
z(8(t?4QH*kR~Jc!_b;LM`dqX+ESuHzn|#&cP5baB-60|d%U(O_m<O=}b4@V?dEjT1
z{MGGnU*`W&yiu}v0dd_E+a0S{JkpDs=XuuPlUBI+wU{fvEq|O775M8jE6x(f2R}JB
zMm&oaPuIK7`@yP3c%96WfK62TkBP>sf9+fJ#PZbG+7~~sk$+HdM?PtfM)(FlVV@G^
zh?Dq_)hO+yD-NRaB(VL<gcKkCvUk%_u|v#}<@*;Nja!v*LFosDa?#(ClSzwXvb*%g
zSDaW*Y>a4oU$aOiVqCb6`KYgXar)JrD$&le+BbI>XzyE$msOeP9h=hZl>1?sQ17DH
zu_jk+_g2oYMnc*}7Yp<C>Mj)|BucO?Uu$!J%3J8d%D!DX-^FCb(+|+QTGi8pm8cIE
zez6}k_J{V}cT*jzSn|i~vGqGPqWr9y8`Wxxa^;Um_Fk&ZmER<EVeRF#`b(FVj5upw
ze!V5X&GHQYXtX-k{jGdLdGVVwSB^w4{py&$y5m?Ie)*!6@6;dNH<#64`1|7froz7w
z4t@Q7Q-?*fl6A<>ac?vj=N?rySUvWfXD7aL)6qREMn3xRer5)(Zn@a0x+~K!#qvZN
z^@>Ny&RfD0cQ(dZNSjk%1@;U)QZ<ul(5J|+OIXU5_w@Zye{uaDOWS<CBnA7p#g#?d
z4g?#98%w{l6A^Jtl@F&o<fpHYqNY7Kki0Uj-1@du)=jI@A>WJIVy!|q0u&jdSW*2#
zwQG%NmF&wD+t^Ewk~=NcYj%r?Ns&?WSBJPhX%!puu<i~%y)u6&&E#^zybBvv)Ds(v
zQkU31Z8vbLI4dQz{WsMtRnK)@W4FzR)<kO9JQx$wf8Kd*zX>hnkMNVNPb2BSDwu^Y
z=t;^ub=+r6B%*!k!XGLehQ*i6bBmB9Me3bNt<6pj8!deQGId{t!pJ;KiV<F3{%&$T
zX`6k}S|8=aRU+t9W~d>w`eX3ez|e2qhy713Je;@f$m5jXP6aO4rbxUuXj>qYe57{q
z$Ga9I#Crv%Vz=(--Po0?vvTW>CwutIlrJ5=qt?2XzK9WFk{Q~+bNA^tM@$;h4=lJ^
zCw-@J9N%7K@pXlbxTd{<)Xrt~GFMlPm^^O~E!Vj}|Jdik^9h*&8#{J*e*CzpvuW==
zx*gxtO1?v=`BR!i%8-mG_lUG!O6QJ-;)Pl0c-WHlrF@0-sS*wv9sfR*Hhl7uoL++1
zhvzXHw(YoyzO#BwrD#d_i<iSyK1XOLsLb6V*}-Q%_~pGFY@=fr_?>b#lbD~AtA|@~
zU{@F6ucGeGIZ^lTe$VkR*24vi=z{+RSL|A<aN_hKWBJ1l&bE41F1EjHkymi@w8FSp
z*<d^`Sb1E)c-p#q*}B@;%DbJj+d6gi3GkbcdR{KpwjRGsFL2b=4tvnS2K)fzZY4m*
zDe%*f`?0>im?1Q&q7;8o-lb%*RN<7ZC)Ufu#@6!}4GplC2iC^G_QEe_zbKqIc=#9a
z`61s6+6EV_F4zh_KZOFTDGOH90{>=yLQ-|7lIre%oHLHQQ&{<`TQz09YI=GjRcc)r
zwoh1Nod5f>7N0+q&yT+$Qi@}L$bK<=`0$q|;agjN?uh+V40CgXD`=N+ym2xG$0xuq
zwO}sHrB9dy+}VZZl*1efF3KyYIgOt*K%!h4#0TLj`p`k>jLy<m3Vc32y)g7G<%e?8
zvu#buru*lQd=?s09@@oL!}>;U`b=Y=?Hi(!F+-;8QLaL@*bnc2MPEgWw{nP(^p?IX
zMjM(VwAxFfX$xVc*NMc8XQ)+K?WgM=5;qW|_igVxbZGOEFJ>#OPaumXEhKVeSM9s?
zRlj|g7kl2Jr<fC`KTa(;zWGpmYWkA08|Vkm&ZlfN+<efm&H2o3?c72K`OCzYU(8Qu
zJHGsVVce=mjJFd0!ygTwZhCX@-kzqVmO5vCV=eeWS2wbglxn!1B@q-fEVg~ydEU>-
z8@HXSuQJ^1d8g&Roz(KM3d0@F^_4$cyTz}1L=kuT`eBP%)U6*@SoNJt_Rv|?!TVva
zL9Gp&WtgmmcDn2@iQ9YfvvIU>)N+$iyX0GHeci_uu~U@v*)Cb4DtC}51Qt;=iMl<x
zi2u>Ki;V4V*oNmV2%9(`*k*m^b^Rg3!loDJBKmX{Bb$FaWSe~J_i()>KXv%HU0Fje
zmGIx)ocruty=2OZ>=&ksRM9_#Y8tBUl6Ry(wHTL$eM3XbOi^Z0KS?~cM3}OpTFFzA
z7rvSH$Xou!=1m<b%c&A64`oTtXO7K3{`>RWsU2CTkwre$jjZAQ{x0X4SG8ZgK6LTW
zqHu;;=$<VG#;0Fxi+#Kr8)LgX?3khLlC|+GtTRYUcU2&iRD93dS04ax9~tf#FPLC|
zkv?&HXG62~nf>SLYY>wAbTgMhWw$&}Hoa*1`DZu7Yxc(WBAR}7$)|okyYYCu^P=>p
z+um^I{m}HKe8}D^`K}o6vR%{H=bB}#K9!S|Fb!9%sqYVuE5uz4gg{Zdkcs9+H7DHc
zj){9m{CN7oqxzabyx#%*-i%26#JPy%p36*+i~Yhs)UR7!cfdg8X1~dft&4S~gF0MU
zNoRKdSWKt&p47Tkopxa@My8{eL!XC(H~XzzvU=|=>t7-vu6g34+=QmPTNa!p8n1OO
zZZ}zbVBVdtyRTK`7_W`Lb8`FST7!q8=4FVST%4F`W@Y=^&9x79FMG86nfI%O!oM8-
z>1+4tGIX`~`{pxFi;K&YAG=kZH&?vm7kO+{((6D4_&egsn!3zW1Fp&o9@Z^8roBBh
zeHY96*OXI7r4H?1m84UpYRQsiZFuEfAG2@umza||c1me$>+k!tE<U-|Tv392qw<#Z
z3DU7qr88$1o1So7{8VOjDfyn?t`&yQH$`rI7+U+(Ze>6f{^Py(&4&O570Qo2s-BrE
z#wap!M4-cMf9&2ixkUA`tdRO;znd$nu7A0usO)3d{fuJ>E6&7iP=4I(1fA16)F5xF
zxZE&p?f*yFTZYBeH0#14c!0s(0t`-Ymx16G+}%C6yA19Y+=9CV2m~M8AvnR^9fIdf
zp7-6?-e-U3`t~`0mQ+{WUDdW)s#mAlO73P(XL}8DM~rM_e#ENbO~DCq)~G0TieSfx
zqZrB0WGk{bnQ2c)u2f5sN>u76RN<)T*h9C_w>y=C>Hy&?bQ-7A<M;vnMHfOqp}jOA
za5G9whOGsv!#=0^o0QCthY=E&TowjnV0DJ!Lg}(C`EtT>gKNZV_U5}{E?DEu%;^>j
zoEpN_EDu6)bH~46&D8xH{ETzowA9QuY()RR>A+EJ!Ra$jKDIKnyim;r8yny>exS#}
zTtnCk#dwbWL1C`<7epe^us79)rIHY-*g}clMA<hs1E0e<RrZPwtAba~M)LatxK%&n
z%h-|Px{A(c;ZGKpe>`7=JN3v|kA21l;<ukKEaUWR!-&<VjAX-?wu(*zZ?E+pvZg~1
zcnS_{K6!j@vF+7AKGX47$ZVTmX*#M=_o!~M?bmNxX*zD7KfBgxTWvb6`Rp-%Sj^YK
zS(>(Y^E2BZb4Jd^+ggF;|45uWEavY}D@{APQOPl=n2~eyE>~drpNQE8Q8RK*-t-DA
z{fEW89XO?FTQ@5I1F`4}WI_5vXzgc@&uzA&`nqS!t_vk?+$&9+HEtf&ZMNh3K00$$
zf8x7rSS&RMl}4l-A1h}JNnejHG~2qCU*`5|xdWOWE9VS9yxLr9vIN{ZYgQkd9@N?g
zxII-GXpSFOc<FQ1R_?jYwbx`Ws9*oE`9BdW3^eDCE4=m9Yb%f3)H`Y_7SwNl{7=L!
zH}&?Ks0H=Q9}EVX{l^ua`na`~{{ykXJ~{tR9qD`5kC(aKTIK+^|89*e`SQ8<T>)xw
zBV1`0|I6HFEg+!jsdClu^Q+CZW@VSo%iLBiUcl{@CX2`1qf*%G(Vgb^uA~2d^Ztv?
z|M%woC+GjYdH>1Dcr1o&;}GijRQbzL|Mlof^S@hDaZ^xv`VHNju9%wlW$qAarrSN#
z%+tSSX8kqu2x?~2ePvpgcWdQ*IQtFM%pWh%4Ei6k@;_|-f6B`Lu=W2XEC0h*ZE{&9
zA4c#m!_~iLrv1&d|J|Bm^q2kZqbRA<>)<8Em!gi1{?b#FEVP&V+l4}vSLg{N*O5Z^
z0X@wXf=q$A=~Lz`8a3Tl93xUH2ew=0^7`GiT}RwE@=Z&%aqw>1{LfkBPYYs)QE@n?
zMu~_PDN$pcI4&ZCABFSZ<OG-|E|J5wKjp3*_o5;Qv2_#LYtpkrxLSu!RKGLewxYu;
znTaWx-PKZk)c*o_S-YjX5+)T&Mn=@h@J~wR(e*M}u;xB~e&WH)i}v+fd=9A=<W;W0
zSM;A9fm<5Mscv5!dEwOTn0!?3pNxZ3gQp{X_0xIC1EddwNvmUoWiH*mrIHuUKGkV&
zuWOk#UlEXV|1o0pP)IqJF#N7VxM{)Y(R^jW_<ct2!l05on+j72H{bQ(_g{>-#J?Ew
z!owrqJtsCUthsIfQ;nSJ6~6yeBeuGIY2=hsvu)zBhYt%z9Y!`hAW!49wAX~)Sd4L7
zQN_1oX(V2G*=@1v%7KYpw>2I;tLs}TG406h*K@h*m@ue#Y_;#V)MM)!_ng}h7vS59
zw<!u8r?>%*KzSNFBlB08PECB>)@_^-JB^3m4oo2YhsU}HV%=7!uX-#$0Ds;tjimk?
zK;vIZXuv4^ONkIec4Ja4vqm(p`N-eDOj9%fS;PM*5erqKK9%twCBAA%de)~_-j6n<
zj#}6J7YP5fnUO!P?Q%3#R_2c~8h9)%VKY|Wv^Uqg>hJY-j(hiN?RG~ZojW|Q3N>hk
zG%UzHnlVc3_iS#f{wAgo?uP6AZ|mJB`VF*>FRzOWWIS$$QXRiM-)IJ$d5!j*+&`}e
z{MZ#<tVDNRSeRr+6BOpzIaN092&h3$+W#4>H~H{w#19F=(e>wXQVQYdZL%@ZWZiF6
z2?noRuOIcTJu{7Z!Usk7V{QIKC0~<nQ<{2&Hn`y5mg&ADlTgGtcu|Cf=_g5|!cV9y
zz25eiz2a~hW=eW#e+_GUEKGZlzvz@cv$V=+Ih%KFFhle9U~%PsT~YO)e*`|ORk`DL
zZ<hw9`Y;N=Kz`?wadZZ_pGW1<N<I|;55wMAzQEj!ArkSvzp;dFIS-+Fo<uo%Ds8&9
za71{5>q8c%X4oAYXbQ+RpcNhG-u#yDEY)3+S<05bUrB#%&0gupei!xvKS1_WN@D)_
zlptS)MYxb>&?Dr%Cj2}2w|n_<Jl5~z-iWNhNo=l_#0yoKQNi^BuYJ9ClcreNZm|O<
zAydD>>#J$KnvvIxmt@E5dnUeh%=#nQ^@8OcC>Q-;!0WAirf7&-Bv+RJ*N_0Wv>dHm
z(Z}Fl*Gq4(nd?8s9T6K1KyPO{M&MqaA+|}H`(SZxhHe^ysS7lfb-7b|2oZ4+uKXEN
zOCN&uNFhSHlYK(rAc8ek#S!5k0-tDzT+09gpKJ@&=HmMg=h@MkRn4uwu=0PoTl4o)
z9AnX(!8DnU@n}CAhg&`Sr9xIt!!0}%!ye&?SNYuwcfQNoWv7-l^yNNIc3C90l_kEu
zEO7X{$o{nZL`lD-s!ge=z5K;NX4u&X>q_I*PcW5Qsx!~}Q?VZR)XjSM4k5lndhA%1
zg=##Uu!_vRc1<k23*p6B2p(r1mu(Lr##}F0vufDoZm_QZEW%Upx*p-wyPzbOHf$_E
zH&gf5KB*iU>#(ZS(W4pDd4i5btLM??t9VPC&QbKI1u7h_pi;J#8t)>1plQ9h-&!<_
z(y-}BCI7Ff-zdn!ET3n|*OVlO%r^B@|D;`Tl-yVo+|YcEJdYsQ8~R=bf4zi<ZldV%
ze3O2z^|>&~65Mi3ySY!Qw{K*kkg*jNy{!m|cd9^BG|R3e<pDD7!KC8O-c94l{V_ZF
z1-N0W8<u-GX&=y1TyKJ&<#3>PbUCx|nMD6FKeHnfdRj2zd5aLC&RJyX9tfpB#yqBS
z(n$6^!70gm5!^OQd{|gumg3M!wN>hrVsMay-*^b^F;~baf(nXi@97`(&LSr&tIHG*
zzJ0kHnlvL(&;DU0M<-Y2B$PDF1t;k?)D^y6UhYCR6MWkqJN9V~w7KTRMvrFM#1I>Q
z7O^=0b}|Z6{qCS4c{BIBzX1i%we9Kfx)yx=NROZ5y&;Hk1q_+$E=jvcIO1!u&fJrB
zKDtu=xv0QSpBj-j@^M)&zFaAz;i}|SXmfDImIM}#Gs^`@=AIr=-OK8}%<q0S^sM`g
z!?b>ZW6I4pTsB|SxV4c&=z4DzM97kxE|?=(;M<(1yFdM#)_C#l{(4s(KxKbalghur
z+w>7dIP=+U_BK>~3(aIEkj(np0K$R3k#RV`3ZG%xy&!AaT#H4pV?^7RJA!o&8AHyE
zda1Ht_var&p`AEI^jLK7Xt|rV*BN-S+-OGJG?W@(P_&h&{Jfg0B7-@a1l*M3fu*f)
z?7wZ_|Jg&JX>m?~5&(MtsLjLjDM_TMYEnE>>)4}#{3g(+Z;8g2dCM}3MwvQh@za3o
zMC0dXditgIX(0ReMreVz$nr>>2qijQ4_Hl06K{7QBsGWsc5a&cyGm=Ve(Zz%&pPNK
zD~tOw#8S-9*}L=lY}u_6WyKp_<S`Y3hmd1T(4PfAnsu{~1on%#Vk8=``GHASI%B`V
z9e)UWPgE>#`c@jp<lZpK*h0mfl+u^LtVYiCF9po5Ul9-+CP{0xMoX~nMQZ%8<~;<D
z^l(RMTJxPajX#9P^ciirOy^w~2ok1voVdwr=jpYZR$DL>B+*ozW9Vx$OJ`w9`2@y}
zz+X!gu?1GAbfE_|9ytqb699;`*&P@8sj&r0SqKKo)veVSHG}XJy~4LA!7S-44E}bm
zEW~-_G6U_y*D<>IjkW~JUbMkPJ&gYRcon=1iO!<_tpzlZH;#8|UzoBVgT#5d92?Rv
zOzD=d7X>W?a4yP55YA%qNN}?dy0KZ2&bH$s@>&N%@3onKVw)U>3attZR9qg{{<%d|
zAafj%29d>frCDqN??p17t9IUZ>2F`0zX975Ka;%H@T{UKz_hfh>;rgD7%D4V5DltB
zR^Z_hT*BYGongT2sQe6CzlsueJqzU6>3Ue;)f3p5#f+Q%<u(lC-&WIG3ybl?_QK^k
zONb<JYB(yY6DD2C?MO>UO)H92f~!b@R4&@)aN~S8>d`@gG=clURqb^?gM_XdbjvN^
z_GtY|5;z3>&ReHsqlb88tbT!<uA=6SvN4+8kWsp3>9^4yk#8@D=yFp1=rBQYF|__{
zOHxCkB44jsn720=l<_th8ny1Rh)`7&Ihw7q42N9Qvch%#+cex%>&~LGFM!uOjTatT
zKpE0bukwR{xpR8L2&22r&CD~;o5cF>yj6eWT{c#4`KqxyI9GAXiQf6MYQzh(a_!4M
zeT{>5nDHlvS1!N;+F??kLaKk}I>I~+=N%S4f^6)uh(J};D~yiX*-KH`?SB#dSFEM6
z{D@C>f=hyW+})t+^qe8+;o1xNps$B6H$FC`2jS{HEF#q-AXu9@@66KFZy-kl@i(n0
zu2b5*y0`1uTu1GTnuQZiEjAk$s$&YzGtZoL-=&fx7>$c(`((E37(|+E%xkFWZTQA#
zMzqN@6L@8mKagH6IY~h6jg5)}$AZ)a^f;k0XXYHtH1`S@enmH)+dud{#m@?;+#37{
zP3H-v$}cm52ie9N=KHAiHubJkm3_LmhB+MfcPH7G=$c*k=4vZ=C*g*YOSgo*zc$mI
zq#>$X8Ol9MZDhHGlx&kR!MfGE7h}A@lMH1ev0a9fOsDq-@#Kni4g(Z?S5A)>g4Z>9
zQla4v2wJBDE77!)U(^=s+s}Hjx1-@`+Wkm732_xxjYdD1thrVx&g4f%w9w7UW{#y>
zbOq1Ri#i}-=+oJh-;=q0FN@D)VEWbtX(0Z_AF*M5*rJW|p2k3O(C^c@>|w0M4vh0W
zysq(ST%fiPJg;rtJ}&&*RXj3u>XTTXM@yq}9ieBAkxz4!ru<uQnbkf`y>c)(t;V$s
zTYL3hq6ehNGs>rzfMJ0hlMG==h+f<_@_W|m>txoh!m(gW^DmX`8!1J;SoUPP!?$q}
z+M0s`;#o=2JXO1_e^6~x80u*}OC`MqCFvFY60Hhx@ZVa4k<%9G`agXnQXi;SZlDFP
zVQgH)Cgm^{;rfTq(@At!vqCnBsk?NS)xccbvh>-jn2wRLDmZkptlKMe{j}Xg#j-7!
z79_;GNU_YDM8w6O!cZLtCCk0`CGVq}*ek)6J`ied+2K&ma<Hvk3Ki!J*vBrV;?r<H
zF^HI&+-UZ4Hn1K*j+U4n9~S%lO6|*{>Yfw@+T1f;)nOEzDx`!_(L7Sft*H88zL5)&
zAxK?4!%|k;c`s`+gORK;u2-tiz>yb(E*uyo-m;y{nrE-cJFfS8vnue`aU~DDpsa`p
z>N!LAmg+kZR%ZE`;-x1t9_n_&IPWh>tw`!M56Fu-B-I!N;wzyW;|p(^-@2|I)3vT8
zvL3#3uV8qji{>uo8BRY@-Vk)n$tBt?-`3>&02ZK*2O8hazM&kA3h&v<py)7yoRk~C
zlzCblkYau-MM!Zq6=v|qg9ljkP&zC!^<fb(Y*?`yuXTp&)JyxEWKxJJLv|{RsWMtD
z4$zQY%xiAL=jpdHVLoAHW3Yp=Fj`L{ZDDX?zmRTaQY3+w)C*6d8C$Xu(<E>=aVG~c
zDsvU(tu{`R+0fk-&k(vo!sX7auq`yvjw|}P#Lgqq^|>~376d2nDe|;_@;s;bs_>~%
zj@Fh<&Zuu&8%%z!C+Q@bSGSebemjnWUv-lGvGD0te5jL%Q>a_j`EI;B%Atnn?UHIp
z0iVs#?He~4M;{inA#$d7hL>=bi%uXIpNEA<;Fv#=x#D?=vON(owgnGbPxwbI=d#N%
z*c8>P8=Dl_zLOH=O|=u6Qhc4rQ9EkmtC_mPxO?+OG?;IB2&m$UKCkJ}yL!TS%&-pY
zVo!pVKhacX-WT_K>+WZ-!XK10!e|F<*;xo~^iRpGXKphNE;Cb=nBTG_B?kOBTgHT$
zYp__fhz1VJmD|P?)xUC}Il13cdf~il=7<ksqCbXUo+gZ;;ByluS4swTKHkiBZ)Zt`
z63)<98(q(0M4Hc)s63{~L^Xa&0*>Vpc{Yolx0<n*a4j?LL4IME<@d5t8N1@zhU*UC
z%cSk$jeGE`E~cpJ(E?y6cz07u8+NjtE96VFGn*C2)W2fO`!UGH(U)cmj?PYyaEW8p
z^V)2%hw*-N$U5n1*u_1b6{SutQ6@|-M2OMFCNA-`7@GZH%pCsdwGUnNTsmElKF*`A
zHgsnT*OpJsS@8r9YtKUsbyq1)uiTvqaL3!hWu{@aMnox-E=2EW(|p;%t{sAoo#tgJ
z?wj%nIH?2^-2%?KfsF^%2c+p;SP>OyNe`Gf1si<?pNJa|M`wkaZQ$y1>9U&^i_(mp
zvvSGMh$mu7sb<F!?Uv-2UeDG=#(C=dCa!QgX29(&gcpW=e1D_0_6gP*v=KcH9{wa&
z*J>RBG+o1gn`ht|$}1<bfkBXCc)2FXrW}c<lFi=G_o(T06ut9RJFnHco0(`OnYGQj
zn`r~G6{Q=7x<Z(o6^8b*^~KmjT;84tm*CssbLx0Z6;-_CTAf-<!0#Eln~ywXxx)_p
z2s5>9o4zq1qyef%?wEw_htFV=&m>@yw+F~lLlg<1Mbg{^SXCa;IMH<v6e_7{^!AL-
z5YUySJvu^w?1=I~uf3rB_PQ@qiJ@1o7op!?tdz}X0yac5wMf2voJZb}kBYn|fH3hg
z3VNg^gcAEcl6w==y##ssSVU41_CdrTVVZp-A3%dQ9|8A`?Rg~Ad^lQcJ}i3$9H}1Z
zqLU@TM?_uc$~p94fXv6L(DJOqi+;qA=xq9TIf&}-_8yHcN`a(ylL{Ivh%=Im12f7x
zLUvZ-qzTH@M;k}oae}=O{EJE7bza^dCE)bwr2ohO82YldI+mo&hcLjq_+#9gHUOF}
zX)6~(oC?*qkLjvOxj7+#p)xFYN4EnzH>wjOIR=VeUL*k^d_7)?eMv7qc?@$leev&n
z*`5{h@p_SGA24ErB^4CF3kq=h7obXZ1%^<43s3{dskZMUHIt#TAV72qFM2-@nH_h%
z-wIg@<tXMPSEEmdh3m;n_NWsg)_yVDuo}M?kQMlB1xE(e{sOA~33)G);82p}6f58@
zy39uzzAz5b&U+)zO?moNDS=jz<;zUr$Tg9>DzjU6R;NY_K{7=EfS4%pZ`upC@Ux;I
z1y$VkMF<kG!wg=Cll|NH4yf^Wg-s#Y;BN9{uR0+{?GEx7l4{~SDeLXJ0!(ia$<(Qk
zN?4yeRH~czatsCGBF#T&Z@T}b`6X2I8*(jrFfq6%FUcFnaV;^$CMR-!JFkYklS&$H
zFpt#EHJk><A8pEhjN7+(ImfIQGf1{`BP(wseo3wk(d(SKa~sX!m2w5hoA?Jhifoyt
zdP>`qjY?um6}za_a@YDUY|)*AQb=1r2xizBey5?72wb5M;uQyL`SKQ?;=mO3g1sRM
z{lxQIm1bLm<c6%BuwC@Oide?r{L3^RX-(@XHw`VUu%5YtygPU{5h9Y3d5Ukcglj&!
zxy1zE6BPHXNgs072w@eG-v_fi+P%_GexeR%S(&n%Ji1KYP<>^Chn&J{aJdV0`zLF@
zj*}A#V#%K;Hj+DX`SlYExANy{W$%LVy((B<-(3%b@AtOTW(kE)!JxfD^o%@FQ1Ku_
zFS#|y+v@~%o&Q3V+V}y-rdxrdh;1tR9ni7w!fWvJj8rX6`Ta)`Nc`%i!gEP9N^|S`
zn>ne0WX2p{o-3S=KP2R0mMhb__g-8z@p1uIQsfg5L@#6wd&E%TLvCcdcLhiJf%ieW
zv`^yC?O4(9jN7{GGV4AYJZpq<_3r{;<C>gfp}qZ0y<p*4DorQWjf#}<CE@dyp6ME&
zuT-`J_<99`_b_N(rcTiVwJg}#S8lM}3QRo5?(!xKp026^7jiX`A3)odhki~xeWdEU
zc+K}896UW9>qdaHG#vI>kLk9~igN<lAko@uD{TI*h<&9%n{FZGwrtjUf|EX)O7BZj
zwc)po002)30vV!z3_@iLLMcDFd53q&jtL{?y`{e@KP|cjVatLqfb)85;Oh&ExV&w@
z47UfVyq~(Gr2Rq0bc=%k%45U5c)YLCz{XAK#TyM{Q#~N5d&C7wUPHxAmQ`_#v2eJ6
zHxV5EX^!zi47nd1s^!?W#<L&{;@yJZ3g#t)uu?&uf0TP1O|s%=qHBZqB-1PVr#Uo8
zn9fH^H|}PL#9j`0G39T9tB1U$AYY3ZxRmF#oOF`w2}C=Mcw~CcF{U|JtRi<Pw;`%Q
zkaalWhpnTL4(GmW?Na%tWpvki&k<S=aY3&W&o%ve%))c=f{G<4p9lCXFLB6v8W38v
z>s54W8jES=cX=P*(H(+*B!QjE;aqO~)A!4RIPYjrbOG-8bwj;9<N_jA@{=cJVx9Or
zso*7p=q?XGApUy2NEYEa^^S7U3H3|-N`m7@cCPH8DaO70T=SnBf1>gZ;bO@crsLoM
zbNkN>i4O3m<xGjSh~&r!sCZY^F?kvDj|BLdo3T_cH!Pc3x)uI{Nc?2`XfSu=4{<3a
zu||c%^pLtQY}y-aeGE6<)@~;nJa=P`XNZROY2(;w9o7>GPKaniT2aW;hvCzCem!dP
z0~dX}z%F#?Kb=y61=`&dUJQTgd^$H|P?jvQWV4<VlEbhFJg}-#iO%|W-o%47U3ekE
z!w$L5)=hy;$Bu6=I4%8g1kIU!`hGO--=V@N9GZoWqa#;l%L1rBR5WWl1KVdtB`B+$
z%^eJ#u*2Mb`pxe=ZHfNGA2noU@!5^ud#gGYBE`JD7rFbcZbNN1$tUzmyICedfw^bz
zaQEaz5DUmeJykD0TIS(drGrI7I75Xw;@2}Vu!z<x-bTRoYdstsf!=9!G4w*<CfXY9
zR;cJVa_>yw?ENIbz89zU@2Ntr1lfomA56W%r<}E!BfROLqx=MXZJFJ;2no$cz#Pr~
z7A|p*UJteF6Tw`RbXDpcO0&$qX5<BUQB@nF#z^ztCY8nWkC9ipb#b@l4g`eoEk4HU
zj#i%W3yZN1TO=R>+6Tgm7Xl97A8sMo81So>5sG(x?CoZ>D8a=}_XdCAl56ytDgD})
zuKpFKpto9cf6b6r?r1I>xIMzCZjBQ!&MjSs*=|}cPeUP_z~cFuolTh@Sx!QYEK8Bz
zP-GxRGv_J<L7Tbdco??j^ZG;Fj1>W<lV$(nfn*+OE_y>y|GkgJlC*%yD>n&OK$bmM
z&pb4&&|s2fnOe&%mdDN<8#yru+A?GCV~)b3y(5(4Gt>HrLf$Jq5c-|+loX%E1&Hsk
zI6{F%Z{2qVm`U9cZ6vJ!j<{S_Rkx`$dO-|mTJi6t09|MO<l`YZ;t05cQs$vSo7hY|
z!?m~2SKMt!f+OSJf-iX7BzhoL(~IhTFQlHg0?uV_VPX+FX#%eI!MzmX@VUX;Q=6ot
z%<VD<Qxw~{016<!N=l3+FBr+3)~(SI$v8fvyjj3?=pGP`(X@63<<-4(@Hn`De-c9)
z24~Zo3HDNeiF5!IYDTx!p<)qbWNO-#%I4LH2I{6j-k;W7B_t{ZDd*|VU7{l|QS|Hd
zy8@-C#4U)*OhseI_p!DoaBk|$)&b?9`8oB2Z}u<2)<I>*YwrvZ;=G`<%V8wj0+I2i
zoc5Y13ry$fGA{D@q2Xz~VbsY;c}X%fXVC4&o?xx^f*WZqQt^nC%YL6Z(efL*1bT*t
zxEO6eNcoM{8y^ayuU&5nR7}ctLq6=!cgZ&PF>GSd2zq%K$gPx?<z5qCZq)b5u6%9{
z@&MXBiL@MQ_$2QlXf$}(NjMmjm)#NF1<8L+c8B(b&B)6j3;RE*KB~*LJo)9nL;NgP
z!my!Bb}2YarQC~Xsy2Yqd0l{@*$UE|<qiy{3M^&Q{5-~MA5Yj!r1q5<#Vw|8E+1=V
zEW*cvCb2q9YO5KK-N3lAAnvpouXCerPHBG^N@4b|EST^<`_L|$qfid_8xM=gzp`g-
zlH*526C6M7Ec+2DOl{qqk#|vbC=2grF2M&RT{N1_TiF395}->t;S!*W=2qn>1u?Gd
zxtf5^aNE33ouUM7<2Dm9;Wz#(TtlUm%4jaNQ>^Ll6nOL8#hAF~zJV71F$p`VMdznP
zl9$DlZ-40cwE2&1+EMu4l~yNB#9_LP-1SgwPDI7IcW$5!UbKj@m3a-*aDL#2)l;$2
zZh%;;e&@0QJF4`yAv6ZmGqA8T{P<wDq9vqm(ZxXTd4g7DH|Z-HEY^+6YRYfc>o7-`
zJn`|pX|Anxa&DFjb&g1%ZAfsu`C9g11K`ZFS3gWSRlW#zQVUOa((rk&5klMCs14CK
z?LJOo*5_YPZxtOPMP4T$LgFqN0Dg8U&YWe1p5L1;KIgBVi-WfFJ*)zm*ns!cNTmww
z1>dr$50QtE%0U*UX6TPH_r|aNJE=CueRLdmmSqCu|M1q^`}GKNqS7SXP#3zF?F0CG
z*5<~`sO+4AJKFM;EJ<h=eIAkB2B5ELc}iU-8Ag>N0u-K+c}A7urCAJ{hvpC}g}UDt
z*hgTWY@_o%+F8Ou<hz=|>_?O-?LGItQQU0t7dTyNjjb)(S!6>f42y6<96@{X3!Kkq
z;erWXg}Tj)t86Iphaa+yRkj1j&9bghWzZP{g}Q|+D5^)gQSZkizJfSUL;GMfA`lcM
zjkjm*HeD4lfp)R(asyE(^`Oq%&?!Iky4b~NoEOk|0AopI3+6&?tef_aslvSDomyK(
zuR@OJovIK=)VX;pfG{7^D-unvP6lfWfwEm3@YPASpYu*Z!UOlaAEVsz)sdn6>rhCH
zpZndJj<K*G?tf>)+73A7&&l?~9y5XvmfHq{@EA7u>MTeQb-0kxlaUvo(ey*bpqfB!
z{D-c|PGa?IPN=jQnd#L8C3~4B5%3GxSMUO#m%V&i5ho_Fjm6u<HsseDFMtIoTE-R1
zh>n%5)$*}TwOaQ*U(~G>f3kp9zsBzf!lj>q%a}Zl>3#K*(oMuC++@II!Ud6vm$Jn~
zE6Www^5%?8>Be<7MZ^3bCyrx`Sd9LR)FjuL;uCbxPxq#&0rph=8U9JU*Dtp=(^VE;
zl53sLo%98u#=^Pd*i-u=>9IvSgzcQlY4FE+dc4;sqoa&XXmABIdf5{t9wLmVK=zY_
z_~2eVz7a~90nzWwL0LozNHc8Aa|fDCL0R&mL7AOKYg38cpW?x~XrF1#R{Euqd4P3h
z&Uev&dop-bPyr=#qe1zg%(Z$rdw!s=9{#Ni|62P?H&i_TRu+2%3wh<nY%$bk#Pb4)
zuFa?#^$fwPYO>|G3v-~&-f;5@rc-JTH(>RqktjFLw5mjtF0PiQK<N`9EUnUm)&Wfw
z>f#rA4Ap@U#xk%y`>M=Ai5R3HOP-xCH6jQHDT^Z1-p1QgF2s3&%^kZrn`*^yAhr|>
ztL>0paB_!UV+NnemM?DA3@dWg>~o|EmtRjb_ZHAy6*ehSmqzzDttoyx^6_fD_Yi?~
z5J*3SN88U(jou(1!NI1fub|`$@9ZpDI8myVa5=Q-qH-~86i{!o&dwf%e~H;vDt!1^
zAW6Nva!a3#Bisn|?Jqz`7n~^A#T`{De5<Y)*^?!2V$->$)SF~lhK$f>Uk7-Qj4tG9
z;%}wamE|~DT~^gLna&coc!DG)onB<_sBjEHDNm5<)D7gh<y|21f`F$e7q5%3VBT8&
ziCY#}Ft*d^962<Db)gh4`Zw67I=4oV5J9nQKJ(hwdr;?XYQnzi0GFqzHjQ{KX4($2
zIr}A)iGQ**M)v}2BU0h-3F<Iq)b+?!B>cXCY~H$&$hnCnSTF?{q}LpP#?|yAdw)it
zS*JN0iUWPuX4cBWMD)pz^+sAVd;57-2*H6pl9{s&ef|c%E!5(7PbPa@PnJ&G3xs{U
zZpwG;1n<ka7G5UJbZ|57-<!X3-Uybq757VXCjJ*_#Vc6yYb=Q|y(y9E_czXPj9D`)
z*$dreeC<8>BwZ}FnRQXxXPlHky6}DtH);bs%Z$?_bKv`iViH|AvWuP_<FzqD2#NYC
zNsw7NgVj8G1AN|yp^!ux`x{Ps&Pa(s`*5<5mm(Ap>a>+78d4OLo!}5k$wyI)BH@fh
zL_RxHC#~?DRqi-3Bm_tOI(U(o&ARJ`_kg+!T+-Iqp`ybH7LMN&KUxu!4g@kMgRxr?
zFRLO}Ilm@P{WcQMG{($1_&v|BjLt}onX}_m4=AxKfq0Nnbn*%i{XuT1=qX@b4<MUE
zo|7@oxi6g}vo@mL(Zp=CHlr;#?eP@rr4+bysK&mnyTV+OA;Uj58nLJlbrOlAY+F=F
zQEzg7V3F{k#IB(z62>ZxJal9ASGBd^iM;^23K6`u(E`&xb~GxGVEPSUZpx5rGPWTp
z-c0n4%=LSIt*S^p4xk^w&T!Nhy`#F!OxHl%=7q_NTKq&Mg!~CTESL!IFfzb4hnMmx
zhU#ZBs7Av*G4~)RJQeC54%VK_S4MgjT*fYU0Z=?7wtSK=4Y|x-Hs*=F2i^!0VA(7t
zLsu1`vd=M8Tgieo%GqHYxSiKXFat}|_e!UzWOH!~&-87I=6gRZF0;}l5x4o9?A>RE
z6h%iv3JSs`{I}M1XdjJtsji^H)7fFs&){=G(I6*xP6ZsShqBbHjy*+fKL(C@x9IJ@
z8$N<{<aD<_dm<Rw15Z}***YYp8y~A2f^g`G9ZDm6g&OXd`4Qv$b<Q4a`4Qbx)hmDG
zl=CC1r6{{P>L1$mChb7opV|`NWWb9MqM)t}?77HB&`JRfStnkNtQ86r!O@6FgoknX
zdO-IG*^M{f&J+ip<0Pwc2KJ~VhSNtV?lqa7hWAV<s&ClPn5o72p!0Yc?nkP<#C}f0
zdV)=u-}V?S@W!_zqX~k$HljPp?c^;!w7vmd2N!+D{6<J<dnu9c3PR+vNoHkNb`Dz>
zZAQsAqWR$!9Iw4Bazwj#?iHrLr8}9vC}=EpRdijhxKPKuea$8h1_j4X51vJ&^ZIQt
zzM+)Hl_Xny_@SKRklxZ7Pa9<>V60c$v%n(0z(N928Z@3rWaBduIRQ`(<EfBugwgT`
zP+SJFSS17t7%x+V*t`(}E8ldd@h8M<qRJNgM!|7c6_`t`M9!9?G7`3`$izg)M7|7s
zHA9MwU&UlgeC#ghCZR1yha(8QkS3hD;}l2Azb9wN5NG_{4yw~t;Eqc7^kY4M@k^Z$
z1Yu~FPdp5#%W(ruA};P1Ninf&(XFn@<Rig8^9hO(AFiVkAItL;nW7qR;HhfS?JPzG
z@VGvk94k7qlQMIuY~R8J>qXg934(S@O7hq)A4S4}`go@dJ!`BTyYOjQgiq>_Q+88l
zDKM$+Sws3@sr%<rn8|`}Prnmq$ZRF(vj<i=Jodw^!bezk(BqHf<v~jNcTMsApK$E+
zRJZa}obyaqjQ@Qp<gswhQx)9-;R)7HC5^nFe#(x=K<uOEb9Vmu)E%+6=(lk!Oc{n}
zfKBkzu|+05!Z!cc{>Q}f&-rPRB_|OXBvN(LhfoWt{wRc=yB^{uZ&O}j+~bPIcK&wq
z(H1n0z)%f;V;6e#u8S;_e=65f9v;I^VqO4?hPvk?^MaHH6<lPuJWxKYu7#F?5a*?L
z(T|liDe;L87)}nL{X7ej|3gNBy+!BM&boJS`-T>sjP)QfDKZ(c0ytr|c43T{r1okD
z67_~vtLk^iXR=~cOpkKB!5-Tz^Z@Ez{3_4uX;;(xE-=+gxSM3Wpa+m8k3_Rb0X0cK
zNfT7Vd9ID2yG)bfs%NnIKhaLn`JIG;Q341)2p-8-soI+)1@zbb89h;Ds-Fl!_HF3%
z+}$l_!7|Upe@7m(U=;&;mpBz3%%dV!fG(8^1Q}D_@LBCe_UyM%hzMR)sqe?gZ@^-a
zOtMS9EHKQdIJi*X1c^CDT~NS*924S_Lt_%BO08mKDJ~KZ(hXT}KgPsP4Q^ROr)CY7
z2a)`sF6Z|VJ1Du0Pc3{^8Lao+-+%F{(8$-^l8mkr_`O4~mOOM(L-~5c2QPjITQ5pd
zIO&DL_Sh1xb)3wnn{nQ^l~A!Wg+&TBi<AH-mUc>W0?Jv(rB|k7A}a^B65eISf}8Jy
ztq&^;Sio%1I@R)^R3th~)g!fDCvl;KJV-v?@(@^*gqX8MD__iuhpacT4T#rPg(kNv
zJ%x0ak>!5!+@NSu1z0S>zvuoTJro6(nK-g8^>VlFa{qvo(8aLoJfYp?Bv-SlKu{gh
z1L7$0(0VU594cNemp*FjbXHX4F4b35xefhs$lql%(WH0uF`>IEk<FaO0}qtb@AV$l
zlC-p#QymFvSO~HmIT_OG?xka@S<)^2uu|o&%#~Z!zD}3il#7WnfhdR5wfvYE(h`oP
zacVTHlv~BWDz|`pX;G>;QY{<A3mqk%a*9BB>$1|m;z>@sbj(=mvUFZWXzeDa&1#Uu
z!p@Bcm#|zc=%1_<QrU2OA-c$xajS_JH10}1h?iGdGzJ&Ss9zj;E1}D3cx$rG#v?I{
zS=(lJ^%okD463A<NVmZ)Ze*5tad+=t%Ox$ybRm20N<Q#4WhZ!n0J$O5ER+(==Pe{c
zxx$xBD@!)ojRJ}i!D2M)yNOf%l!B~k*0+X3TOR+J3kiB*LaLmk*S4;NIdrwF{AlH8
zH_Xxq;*P}E$y0R>twz|n<ugXtMH4-7k^Qo6W5kUw5N{Ne145!6qt`xr-b4ZHV~UPa
z?W5OfO;V{r_R$Gz9myzK6TU)6>t5n?PckPi1af2oF-@xvVgnw$@fbQ}d;y;Q-ed(>
zpaAH+fERd2G!CCVcT-T5sd^uilD9$+Wgk;nnD*Ob0SDz3pPFPaRgQ+~2t{i0(!O*?
zgl}AmjAMyQY07yvJI9l>r<3^|jOBcom~~*g;0K=b56H>!Oh#Qsdi2Y0wbFf0;=q@^
zrk=DP8bZquoxLy~;H;GA)lAGSlX6+G(7I@`-Z=;f6XKJpm?_Fc_yWNO1L7y9AMe3K
zQs+bIjit)>3AIw9XMQk5zVZ2~@iN|>(p7y-(^xd}eITjGjG@6RVm8dDZ0fTgTloT5
z^Q-TdJ+Qq=>1gA89Pa77QQAI=ZYNW72c$r2gDa18gs<llZO@rU2zWrM(iw7%%FV<H
z8r%(xoG+E-L<C+1xjPl?33kWF6;tF@ftpwIu~zjk0C`M&c)X@zrwFMB?jd#KLwBMB
zjCMRog|P}k?0{crkj%gB&a->S)YZ@(gcxL@M!9(!8WX*4pCCA7@e!i;?w5UnGnofm
zJH$QYK&2VKbE9$fy*&G0_%#D)2Dpb@EI}Cu1fZaQ3!&qp{Z#v?$`RTzyFPV$!lY;D
zDZ+559iCY`lr?4c3@P2stzE2<zSXmL&^?6pN=wUf^RoWUI3*uHyFY{6MBRjF`P*+q
z3cA!=loVqi1(gH&^!-9Ys?9fcDlu8hz*EWN3J#OKJHGkqu{~4hde#kSP!eJ0VaizH
zkD0vT;N~U{muce0$9L|h^82vW6@l;^1FFqy4_byTCXL!OW7y1}7v%R%g+BI)pNH%+
z&3cTP23fj-kcIW1j2d!>QQCulZ4zF8J+^kpX=YBJ7<?QG%vjq$FwdA6Jd-BqYOSi{
z5YCW~bnj%bCuK=LqQo{~MFz-A<{tKcJXftfHv7%yIX%S$!ZyKJ)t0^|a#m;x4UPK3
z>MR8jKZ89F+<-`)!De*NX$)`*u5bcg-|d=wQ3D0@(kzMZ7k)cJ(#<yG$ck4$Wsgg?
zv$(Doz=GasjuW+SJv`+bBuri~uy1`67gLg{`TONP`((J29}d85n`E?0^3cQplF%--
zkzF65+Lc6J&>2Q1+a;1vGyALLT;Tr0@PL*+>=%bsdrCV;I4HxddU8<oh^9L&VPbC1
z04*mav(K~mk)Ike#-uFfFwa<rEf~nFM=)WVCYP|7h07IMz%twk4+ri1fr7&pvZ<!|
z>XCrTv6F3}|371R`Q5@^GYA);@t=HI*%ldf1@YI>2yTfmVi8+qOh_UA9m9|6vGFU=
z=s_P`LGEJR^5-t7jq($Pu*byBL0_n${Jw)hUk-g;)8$(R{yspfAQXv94sjm;1VM+U
zhYvxg<T^2ttA}^0;p4x#hM`;$wY*d88S#KB!oi^V)M(-F76|x+MKNoGKj;dMpzSlW
zF3{*SWOZ;Ow4-VJF0qE&bnC8uLZ{_#1YW5Xz1SQl2l+Q))!*<U-NwgulBuN@#-RQg
zT9)H_pav=8ddDY`06!<M$WbZ&l^8~WTbZ;EdLZZ*q3;y-g*||_-yPvwx5*vaubciM
zzmrBy>L1e-aD0Y9@8(KH>d2hC3b3L_myyRZqZ#NYPe9LRqvn-)X$QmfH+{dO1Uru(
zS(oohJ0SH`rERrZiaruw!`no6li_vFZ!(yszpYwzCI3SFvgE2kt@roa0U8Lc&+x`G
zMyHQ%RyDX>IT^9XA|mZHTK*YyPO?MV_@R&Z9ihkFRLTeB&8vC=N*a4|&wVaM+4SH7
z@27oS2d6ro$m}HvzuXnj)UT;he1>|Ey2?lrTmM)2J+WU}PswbFPg9Zvi4_<b=;Q@7
zi)|CI3KrxYWJbGw&A(<IMF0iyp8ZGH6-l2=ZJ{k5>~{V3ZO}GDSpy+<ZTv<r@Vkaj
zs_V(~r?)e2WT{QIZeil@k1f6w>CP+Fv7|v;yv2!Jj0X}AIA}9CRbpFA%RoLi{r(ny
zhX3qq<TuQxH!rB3+(h;0s5DtOxNKNYf!BrGx6_G~n@%-o;K4y=DfxELMbo%NvZ{Kx
zo@()ZT(ML3END=K3X51Hooqk4FAUd<K_)Ip63AX>c7jM$ay1=9z0Eu2*!h>nT{WZ{
zUUVNsy~zmR9IGpY9fg*>Flz1^)<i|T#X8DKvq&_~9)H@WxW&;$4+Rv3Uv1_eP><<y
z`f~Yy&ifgE()I9E|2g*VS?vqS69l4ea;5~?p-KX0EDf#{fYYSz4h-wbD$Bq^e+Tpc
zYBf-U#&`>y2OY%(v^E3Iltd>AGdz1WP!sE(pac3AF&Sq0R!kq4>>JP?fVz*5a<~N^
z%Dj)Mn9t+;rCQ)Obb#*|o}@SANo0HpjVhCBfoi3PRMyjr6V~Cr%zU&}*t|VNAjM1+
zm(Yo|fB3|OiCw}ZnY85afwEqLM$Sw<W21G*jEr2LlE$}Rg68@j+Sv)0D5*Oh`g(<X
zOsPt(A!~6toKzU_S%8UM{cE)R=H;}6ImAQHj6FU+ZUs55<*#%b)fOIphMlFpTBnh&
z*(-6qqAq@4n%Gachfgbr(Jih6@I^?KdN;=lhRKvaDV!io;^9G#pkxI<y*ENIJpuEO
zia)v(N@Tvk&`uhIfmwJ#_%M8w=a)1ySzx-UjO-iX$67ey$rlVW)M4y<9+&q_TeCq8
zBGZU3!NKycu@YTn2k2mxgKg;c2N)**XNd`iAY12Y7KX<PwHrPhqiHmgX$J;=8P>rh
zoDlu^uYa(o(SNxl%pLORcGS%U@fgqbh9w95k>qlmu0_`j@6j;KW?o3{Y}Uznuj|(^
zhp+3G3th|C4NZg&co_RFD)FJazc60wgan|6UvTKpFxa`hC)K^J+uT^!a&3MjAg=+0
zRD<~RYiRveZQQ_F)u5##=tW^>GrAfgT_O%iHTgCd4c)~S5wMt>Q>D<gbd*{RXxFbK
z<tBmdf2atG_V;Vyha&B`w&uFtzsg0$B~*hJ{~N}ZMWyCnJ>JwqJpxDrJes}DE2(7U
z1nd?cc<^$n*9OBY#Vjk)71EAn*3)!I(R{wmA?m(ZRQ{fEy*H_3O`=b9EN)pknuG3z
z6Bn_Yl+-9)x4RwCK$Oj$Lnj_NUoS&oe!Sg0np!*xnc4OJxtYvG&oA2SZCMFr^Unkr
z+TlvFQ)5-&WTynq9Q_eT>Vvu#xIM2f9>rG2t$cc^GluR4ac%Y{hNebr_1ZtFf#1Xr
ziLO?lk7#0bgL)?{GQ>dhSB;*R9$~lfQ5X}p9_n9^<Ns|=K$kTA%e=K%Ic=9R8no2(
z&J{GwQA5*HF?aR|Zs{l`SPMm!=RcBDG&MLG%Tebg4=H##`wRCEI`828fOdZjI3cf_
zM0af?C%0cZ6hG~Ce@V>01dA1|HrwNC|0b0y(@s`0TaEFEXk`4`pKKQ`T2*q_`(8^H
z+_r3rRo3JbPMrk)jZ1k7!urc^d#Ns(=+<RKZmr2q5#+*QK=HGNNQd&YLS$G}n^4<X
zviftKX}H~38MBBL4k~mLeqH+-LE$CJz>@HC;Fl{OWS6UNzRy7E6A{!+_eT+}TExYS
zcfav;mOsEe*`uah$MGb&LPyXO&JfXEhLsl|qzuNe<6$imj-FhiRBhg@(31d%z0TcG
zSqLOY$mkp4&lZ-ridb<_o(C!u->6U!c~1b=S|2Kyb3>06xnV%C2U)Skb%e7$9ECE4
zjSbeAfKrG2e4y$Do_>W2XZi6by<MV=kt&k<0`H^Bsaak`BwhrBd?iW71W9r|C8k(w
zt1b9no&k|~Na`}g%eq^E>QR`NQN+AKEwuaycrU?>p&TNm7$dmft$-(rj_*jB|K%58
z^vp4(Z>e)4BY%O+1GwcVbyXAP?)b+kpkzw}xoJ3NIM%5fndeq5%PKI}V1Js%)gN=a
z0{o@|<~I;J-q$j%!_KNY>i1BhMw#O0UCH=Cy)yWreZylr5KU1t@Yle1I4<>|fIXgK
zmmJvf>c*>;?{~+4-2%@241=~F)<o9;z`^%c+v4h!$%n9^x~(#Cz9Iug8fc~;07lYC
zz@)(_9%a$rD#h#KjOOxsJd4xY?-x-%=Nd1dR)$49%<5fS_esPEK)>D5qUk~}vn7Z$
z@NjFqMIAlEiNDpRoSqdER2@jtlnvrz+rKLg5Y6nDSS6~6cTgECtL$c4*%S@g6Gl@2
zk0NE>u`d)_gB{6#`*M6CFbZwu&-Hb3D>mTUJhnJ<KU^T+y+~1nZk)JUROU-D>Eiz$
z7{-zAVYi2goCvV|w?jZtv8DWOUFTc5AJvS*1U!mHack(;f?ODbuQ7h3524kECH9`i
zh)A)AU+6xss9`lP5+>XE8WJs3Z;`^BQ#&=wEbSuQ#_#~`l<62dM8$-*H~z#8N)(36
z6j2?T!~O6|Mrv&rN~IR%S&v3n&%L}-rt?`66v5W?9pL${W}GEO8h;)3hWZ9gk$74X
zYyXyTzS9Um@^te%l#I7JZq=qgmoV<7o3BGNx8+SGGB{w2U@7Qv-bBL$Hfid@kQFzX
zP0)#N_*~4{)JimEifJPOgE&F@uMdFsJ&C8>1d*)Kii{HE%s^gr-gbA6B(BcrDyvja
z=L5r_8~4ZUsgqRLp&Nb^{R)?-1a_zc0DPpq$aL*1_izC)E-8Up3c_X|EHl4xWca<d
z1$mw1TK3aQjq^bJeK7Ua+rjRGXNqsDm`;^Hd8PuV`4yLGiT2TC-=imUYE=V=hVf6{
zOg>*oC)A~g3}SsKT-&U-k@*^*L589b3Y`rwJqgowV_W|N0^-o`qwKX@VcC{`H(8~t
z>cs9O3Cmu4jf-ien)k3;<HN7jLMy_Gvd^n;hfUwj8pVaLlG7Tcpg6B8a+d1*%IFtv
zlk9RCRZL=3h#Tw@xnpJi@~)><o-(oc1iFl~p+}Q%q-R)%J~8*py{Dyf10#F%iW(aJ
z6}AXup0pe6WG*P?SR=I+?9^cjm@t2<I*If*)Mg&K<S*(Z0c#Tei+ZFGuJx#cPiBA%
zuGJgJTs9{#FIj-~j`9}%>Ahw;a<olqK2C6m-YsaNOoK4&y=I3Z{_GK{E^-NqP3k4m
z#~LQ=uY(aC)c$<O(g~IO^!T$3+l0Y-x1D-Ql^%BHy3A$j0~~Oz4SE;((9{wOPc_h2
zs*I6Ca-MtI4c39KDhxtz=1k|T`sz?oQwQ|MX(XQ;rtVENvEkc#&quSQUtuCz1`>iS
zxj|eRj1!P(!vp=!z+vJ+RIhj2LBMx4gpQ0|>J7PUyT9&s#I);S37r&Qz2x0p%__})
zhU-&8TR|3x4yGX|<ELEX5x}=-O}kw@nL=$z2+_Lo{GRIDVV8AMwluK|mJi2lWHIf#
zYnFN{6LsJ*US@hrEm0bhv=j~|3XV9r5yCGCwOY`(5A>EgDie)G+14_AGfB>2)MgMT
z8NOaD_Dv|wA1%Y^-||fKmIf*{jBuSNmEi6)8fDxg=qgPRi-biG3pF*0u{9R5i#2q0
z2p$^#W0$OG72@phN&D=w-qg^#zv--HMRz06B}MM-eP&Tu=w5QxhspuvmLi5j--J1j
z&BHZ{%>j8`Cqq_$-6#&(8@^Lr9#f|zjDl>{AskZ=`#xWx?x4I>vg`2=#vzPk9Og`z
zN{r+gnME6H@HjSh@1}IECOJ))ar$df=#tMwXib|d0iz-$zT#mM_mD~1cw?{CLDn%4
zo}tseRWwZo!Hs}1FMe7ihCdyc_MEe|*qC>d#!Yd4)yFY3K>%wned)q_;h)9lMhox$
z18D`ZKV-fe?5ts2YU4cxIZJI!rXWf!-*$7FO=}~_XR8IpN{#m=YcDNSTM%1}MauIc
zVX|SGQ&r2cHiQr=@y8@(fp%Sj`Ln(7`k3uHgqaNJL`_SW@hP)E!6+}l_V;dhy=GN!
zrfehrvIoh$+E@JyP%1Tl)kgur@OrQuRPYFT*Cl}h4AjFx0l4|0K)rQ))c{-={i)gF
zH;Jt{F_nDy!7RKj(1%<Q95UXy%EdFUAJW^t1>Ur`uB5zrNNe>iIO$+Lq|S{E71n!G
zb0><S7SFU`r@0N4i-Z1F46~IGxt^9V7Yfh8EfpgyXJ{~DS}-mCMCki%EWLMOxltpe
zWZTF^F7){$70@VZHlSSY^!Yz*nc)c6dx`@Afn)z-t<xZblD==K1R@Cj@9|#jY~4^u
z*TJQ|wQHOx-k6Scp&0T+Ona;LXH)bduD`hZucO>rPw|^t5@t9|;Q+<7;L??e&<zv-
zGyEcB2KvX~Rj8>yA*i!J{ihC6i~Q|n`+*1eaKeL@GnWxU<JM<X*A!<3KI|%E1b$gJ
zj)@rE^q@>}i~K@0p6%!07ij3#QwW$v7}jrg%OabwmKBzC!IfjegNZ{ac`Alu8`mOV
zk$EMCW79d5@PKY^oVRO(6}CxM0?J~?F{Nyi9u%jt8gq>T;85Z~9w+DMgrMG(XV?#9
zTmm?zq@a+7j_E;<Nz;9>!oMVNA^WdNTB(985Wwf|@A{mFeP^_$We)d!McWn1)c1Ur
zpe^Tc(?aFGLXEQsf;((twBLH^<^o%bvukxH`k6%qwGjNV^8_l=QTXqF-o%Rm4efs9
zzOO95ijlaL4tF<X)%|+K`x(pGj_<Qr%?HA0*a_-h`_vD7_RpA=E@AHE=1wg19^%iO
zw;y(k!uYG&0*&u*vp$Ep;d{K838tN$unemS{qpY<5A?kuyXCidwIhpP0@ac0NUt`_
zzzI1G)La^!!>m_rqZSyh_>_r%;VJ~wNNN9c`syWn^eL9f_^frqhp0kfM!~E*h-I_?
zNls#q-);1eWId7f{6{>wnJUq3M)S5=>1O1Z07CrcZtm3A=4gQero^TK=!Z5{xHW*C
zwiozY6nRvEz~eOjZAt9|=BPV(-uL2ry3{AdmTT<E#yaSxD?9d4fwNg;L9UVyUC68(
z@|RjS0X@dp8;LCv0RuA*Z)3PuzWzZ0WW6bL`+g8G*nn(=#bsh^jNJ{?AoN~@V~w<X
zD~R>|VAAvcQ{Z%o?u}(TgyzkWXEqNU0XIw->91|5^j+4Qo+Dno-(>rJ4AX>;ZQI!`
ztNws&r)=!sqo0DQn2Z%xDzo6E7Pqonc!UuZS_b**WnC3e6ICYp90&de=E2hHLH;Fl
z5$Cei{7iC>dz`IBEr_V#ImpN6`zc@|h$`&-`X!s7lSX*In-Gei!H^5vwPmWXq6>{?
z?_ab`aH%WQ35516Ee}=-RsGjwB!%=nAL0b>M5O+387ZjpZNM}CKvF+DxlE?Gg5N-y
zcbv~V&yaWIn>^G#BK_p?K$vl)OF~faIM%5e-ydyfvhp}W#kPT%QhiE3mCQ@vhY~UC
z^?F*>$UEI{gSmF@>n`RbJ`H?&3%Hx8LQ8rz$5D<@vi-UXweR5nqU){0qWYr7UulMB
z$f3I%6p$`yNeMwZL^`CKp}Rr4MUX~Dq+{rAq)R$PLh>H`zQ6am@!Y>=&ps>mo-?!0
zoV7lCom>^h#pIDApQ;!cHPnfBW4Y|>5bwGLzp+%OXt9OLwqM@8i^=6spDL)q;egeZ
zm~I#UrG@KlF8k(uvQ5cG?g0_C*uqjRbJou*LkM6^wd-E}pU5>}iOT1nCFjEdLttWD
znMhM_9~=`-MUky-K>L|~Ww<ZlrJqG!o)73{D_HC_RKVDOQ-T~<P`Afa;0|@OWqUu_
zQM*L10^Oy5{BC%u45w))OIBGbAJKa)NfOY>>u&my!wwBH)McqCqF=YaCBkQQ(FrB^
zIk2c_>Kyur9RufA34YrqNBgl&@&C|cCvTNoO6`A`_|sGQLd_VDzqxdXfWM_8`)~85
zWpk)iTAa*Bt!yZn&A^h>Bdf^&lygj^_I$Xc<kN11`sgWEcAA6dcA)F*ZnjvqR6oD~
zSb@<Kf?eg}2m5UQ?4#;41u$1E#E1WIYFV-ZOsR7fgT(2ynfH&qSsse51R{y!$3J5$
z5xV+7{`r=r_LO=AT+UCy!v>zE96-!8f4PZTk6;COo%#>@=}HG6p8utK01D`M4{a9e
zLGeEGxzR~Kzze-C_cZbA?UVF*f{3Q>{)31<fT@@WR-E&fhX5;M02|aa3ZOvF6z|^+
zIOXTeG5!kXk-hgrZwP7L4$0$~z%gJXXq^P|z1|1XRtrn$uxeG$vz_Y8*|kywV1FcZ
zJLMg`%t!A8t7wvacI7Rj&N$V7m`|TtmP%pkh1iw>%_5DO=W8<CZ=aOzRKK^YdJb8)
zO`3;TcP+@EiJJO(*zc!0TMw(WIyqm&dEFq+l!T9o%bNA(oj$L+J?v)qJrWEo8Fvfe
zpk4lW?)iXA-s*Mnb0Da0O`XR57Z5OW@)=}U_S;Ex#?12@uJ}GCy22Z9X^N<&hMnh^
z(KEf&Wlc?28!uW2)FOh=8@Gnz{ccoN*h`=*dlw=!w%7~c#Z&#)&uIIo0LtP()k8vJ
zqP38PfO;GgArdAUr+YxdC5SNG!#tjGEgP(#T8!6k`;Zb@y^@Z1)~RcchHLzTYvW}I
z^>7ucL@X2+&*k7O`7X<5mqwtP2x8J1!-ljvNhiTtUEhxy8|0{;$jOR0MD*7faveCG
z2)Yi8yIfmEa;5FdoVTA;qhCdmWoi!nm;l~-A}u6pR9N}MxMn+3MzpVASI{I;CYtCl
zvJN&i{ch(wnehXi87)f-duk<eZ@eJ*fqi3B>=QUHd&ltjkJCWXW}n(L%Tet76i=5&
zBwI%h9{lq5`#dms=jtk2sE?YJTALUTiOZ+RWz>6tIx$I$J5G*}6q>n6cRfhe=hVN>
zjlYFd<xWH^hZi*1b(Jxs&UGGiOIw?{XcsG#Sx^TCZ|S)BYYocsUe%#R#I!@L<A7mL
z;IIRZ&o@78`+tgB@zTqzFVd+>BSdiA4zQfBa7FJldMC{%{{i^uhkG3Erht80iIHhF
z7@EOdl^%K!QnHyrmDSHW$7SWGIY%{omSyFsS&VYS-YbKTgO$3O&xr#tN@yxB=-!Ie
z8WiQd`l6f2^X(uR*sLlmQHiDgm7^h6bIbh`#_9qNyO#T>x8L<OhrjPe-BrhUr!JVS
zmnHOqKfaTzn(uZnWR6j(rqietQ)~~PjdTWFpG*%97nkX{m(nq{cK>UNC(+SK0t2_6
z+`Ki;{9{yQ%_N3tKZb~D!A)UTX7NM)(%1>zo?FxtJorFl``#zjiRCuN1L*lLl=A*o
z{W4i`EV%r@oQ(9H!oF-0PyLeqd!O~rWcABxJ(-^sP??2*PTGdnEor(L>lW$vKD7;D
z-$;VaT<c%dZDA3_t7zdp1a7v{*nx*%!_IR}Ns8zKI(v$-<>Q%Cjr^L!K0?xSP3fix
z?CiXsqU>e5S*Wi~Ux-G?Iv2fM<w1c9<+3ClK{KV_ZEo`fP=z`i=EVq8Y&>U>MIqRi
zdQTiz(~ay+>W_`+z@P&4R>$UwL1uCDMCqdL^nJt*(PYh|3yS4_uaD1PU<A?O!?7FW
zz2IXS!-^hcMt<@q`x#Bjdq)U#LDPmSyE&TSn@%f<8;YSlP@I7SFGoAG?SF+&P)7BN
zl5WvsXFLRNWh~+bz$f7ILKi?PB2o*t!3(#PzSwDk;BEx|i)d32eD7<fp>V<t(_|<p
zJ<*$PVAXjY?5eaj^CCkzp}|LMUSo3_NnZN>4P+`&#7$w+(s?OTdF6NT5a+s!>=QeI
zLxh!Qte)OW;oWE}f=x<HvaGEtBIhn_y8p&B;9C-1glx5Y+<fxs#9U5;cY<|XUuT1N
z$4*0pbh_8Y>&O75$cs4V@W_kGG9t590HH8z)v6PwfXG2itXc^se`Wom?`d~aip$QP
z_U0)Rwi2W9Da^;}Vnvl98^NGwniSf-v{5H~E4*7myDQtJqQX4?`4E_B;%yb8JZft&
z?94>3SJXFDy@>VjD?0HA8n|cLH1TzT)%L~sH0_Q892{2dT5QEy2<+)(1>IX^uEk78
zNWC$*w*WYb8gqc7@EOXups|~isw_+JyzuNaYw)J<VU%Vnn(F85(kYum$`<uhxHDVt
z4q*fFXX^T9gfgVE+R_yZPQQ9H;ll7$)SNB&f}ks}%!2{T2a`vZmziPi2xnEJQ4L=8
zox;r<ug7BZp<w*i4BZjEDYou&#~rI53`uOC`8HLZyDHv)+B*k8is#4tM=t2)@4mA}
z4Y98fM&Ef#i{R3Z4S}Qg=$^LfrjQhjZAy-TxTvr6`_CC9mEk?UCbUKwVkZDVfgz}C
zIm)u-MH6&(hzS4`gHw|xu8dP5HEx9Ol>5(V8YoqW+e{dy*!5Hz@REN?$s-U<acA7n
zz+aUzgXyP2a1~#MSrYTL0%VI9-QQs5Bk|+BRsrkyAf=)Lrp-axyshp4t0{KT2C|$L
z4bF(yCxm!8RLJ`-cHX}@w-Ao0%)YAaSeaJwW?#R%>MZs65LraT7%69-4CIandwG|j
z+t}<}Kqb|U$O<cStE6O@rZEqv-}B>?nwbSk{HDQoNMHLxad1B%4wtUhgpO$r6wfHZ
zuQ5mm20v1JC9(R$wJ{7B6olhNM6Fac`qjR;7As?5EJ_&H)SnN04wvhu#7$ii*!&xu
z$cSUUgpY}P-mmC86vG`J`{Ol`3coe;3*XAw+-cqTN|~atqgo#c-J=|LNA)MC|DM28
z3vw0a7_S79!x0&7|0g;87RP+LJ|lyzHVt0sX3Ri_pp~Ztj*ct`#|8aG`H_*)mCuaN
z)xL&Dp!M65m-kI!BGpB?Or0UtaEx_CBx{d580nnIRz)T8J-W*J*bw4@$~KTmL(iD-
zXD-O?O(R4UOSCYQu~RJQo_cW__Vp(i6mEYP>}RKFI-cC00J*|5(7fIUQiFiVdQZJd
z%UTiXRBzI-Cv-k32~*3eXN7{f;>k|iOG*WBF73Bsrwv8DULa#*|6MN$G6tx-(AvhJ
z|A^;gwfN{Q)&VwC#-Pl#TtlIjgBfxR#3)B_vS#wgy*gBN#@k=e5yLcbD?+c5R`F1B
zphR%~NW|;9+Q~C|E|(9N2|(H%=94VEqZ8ccfQLk1?b}q3l3wtftVJaASQ?&k>&_3}
zIny7HU=l3X%6A!l1QLWr7aJeWw)!ekndBX>IfRs%#`wTHp9jqc+@f6z{5*OLaXR6j
zJz~(T_tMR$MRZd6E9v;-Dh44siJ-nW+gKI-F`Hjp!rp9=e|xj7QZbkbNPK0pe*0#$
z;Y+qZ1Y&CVX0#?sMd&MAnei(oQr&<0IDnjP>hK%u_0rJw;|z-0t<UN}jx2k<^iAn{
z>2rH*imza7uCHpA1NaVa^^Qh;1>c=Ge~VO8TTD9J%eh+mwq_23%}{KUiPB~CwEx|j
z3OVQDDp%U#QNI3@4gK`H7|XwNH!L=eOE59+45xA!7o4Vrkz>jep8G_*?Ne&KW|}Cn
zZ+aNW2#N20L3hza*U8CkC#q72HpIDm-Da|cdz6D~0xeLTvjqvhG@3@CPTpO>#wRGJ
zN~<^Vu}~5vi;9)yUN6hU*;mk)Mk_l?=1Ja{x|+%Kj1#AwC=gnQ6RD@KsuWs#FvPUY
z!@~J8yAr+}_70VjsC-PcfoFQ-e7oOo#L;Z^e#cyv+Zp{*LU<V*vP;3U{-XF~wd-CX
zd==OLFI$dwGJjt@9ip<<pUZnhzLbvjvC6PTO6KrGUx&M(M1my++KZj>DQDJoGSqKB
zu7fx>g=%=~b8svi=TToI&hx;ry!BnM%%3v#*mlDO%=G$DMl8GG{4yl1E>0Xf*#eIx
zJQIrf3@J6Vx|r^c9s8;n?;U+fbumn+w3;Xg$Vuwc5PENrBsha|QM!QHcycrV0yM>*
z8;U@%qF$2mQ1KK6Z49wsf<P@eM){Nj&q(Z?1CL7Vi~)$9j3Ju#0{yy`xhQO=z;Peo
zIF%R#fsd=R-ekAn^U`|l>3*hl5Z+!SvlN`&llZeN;8_Xq%-0rT9i+Y&X)Fn6^dv@4
z1x}kYW-f|!40A4WwVoKJinMY%w~!|>PkJs4%%B$x2p<5301d#92%y26>j`c#yWmg<
zH4Vjh0DjrT#C~IvmR}t9sDJ(gBo;dBC1HPhl4&-Jsznwq?8HBS4-h>v;xV#vhb4fB
z2Q|@4u}oE_;XCga)I_hufQ%;DPLXsu^Z6JMPl^8m@E8ByaL<p)hgPfp2m=Bt)I>^R
z2g-Ctrs8bKUVM+fy)UVWB8MgTpE^>!`La}ChW}dbzz!C1w&%(_d5+iF@fi3yBl4k|
z@yz*<u)m*4Wv!AS#=v2yH?Xl#WLQ2_U2P{1h^WNhxJ>wJD|E5JvB}W7sahg$o}1by
zgH+(Ms;FAi-)aPgIm^Ds!zjXKwf&i@>wz@>r3mTY5&`9={_>JmljULUffk$W0n$}d
zdC??H+eiGLwcslnL(Nut^J$_#G@>D<_JbNLBr%tP_!(L43LRr5*~HSiB=5&S^&+q5
zcwvLDD6gL3*U!Nx!g;Enene-7Qi^+PhI+sA$2xegu&Ig37Ogvu1K@uycpL<cRbAeU
zQPG$c3JKldG0jei@RcrN{VWdUEdC)sPi^hnKufimp@{u0<2$Zt<k2v?jZs>P9RHXM
z-`?FOX6b|N(mXf$1l2qOJUxcQQ5640A#egrDPHH&R`LfiO)RG>h6_}aen3|Z(03tB
zwYjM4c~LKr!vRSi6ARVDWoj%=fO<u%y!51<t^Y#J>!_hOV{P_y3P)dgdK;37_ukp1
z>9!P;tCx!XB*U{3TfhMBqGkhm4h9CrH}{%Qq55ME3PN_+=&L~4*cP*8GWAFYWb|sI
zwE0(oq8D<721s3%eLe^voc8B5E#7qv0JiiMfoWF60iDMV8%u1s>}w$RydySpR-UL&
z-=QAkOA@PGG3K-S^_b1WjK~W&3nf_30<Y`A)3sDc#L7i12b+0m^H7iB#eZ+CDXjX2
zmrB3#uY;}nRI17Z8Cn3v^51SR?!xTdhrxjOQ^&xCn_*POz-3%w>;Ujb5(;$Lrj3Rf
z*JM%hGcNN!*~-LWCbjOf!^`=}Xt)8G0K@__Kb&Mx@;By=hVjSMo9lArQu6cXP!40%
z=TZ)TkyV3c5OZUC&JDsY>X6+_B+qZuiBDU`VHa%*b{$(_ivh1CHV!X$Vx}c;_b-e|
zMN_$b!dc1L)~3>~?tiS=CRU;sF0*^Cj3GcyYVV>!P{|Yi5Cgdc{{DF!j%Aps-Bv?S
z=JO(ZZtB1LJ*GPEj%Bo~{wRW40}Zn=hX`2jLk#G=;nBN$Hm_C|5H|Ry<pW4OHO7t=
zgf6WO>j8nzDhYG5<{}C6D6zc`aLhe~T=svYOvV7<6L1f@Y<L_5#H$RK@_09ME00p0
ztBF5-W$Z7z+1|kwgPN-Sl7!SJM~)U`m;#1LAy;cTqH5-dV*T4vH6%2LKm}3_?Z^um
zmE0>i7vnp{N`?3K!V-}4y<J9XPxMYIJy6@=Kt{SiOstdI6TyduJK0R(`DYND!Q|o`
z<&aZL6{;i7G<Hi@3$B+{&fvj6rew4V78`Qxk%f7r!443Ej}`Pt2>;;6jIT%ui|lLw
zmwQKNsm?#Zn$1D26OD<HI1d!VzqCNXH^s%oD4m=7lFc)2uBU9`-MZ=0A={+;92Fn$
zQ0fOv-Ia>wXRg3jvi%9^`!|K%Z1qRNk<@zpaY&p~2YWo3r$B@MaDftme|v>@oUb<*
zrxJ*-jYstWc+~t<(DO~6alU}8xMa`?(CE!w#yg8Z;w0GF>$nNC&$o;Oq=Bf)lNuoL
zud$K{1WLYJ0Rq9xl0!XieUd|jK74gdq-bwnMEs9bC$LJK0nr_T!@d9FD&ODd6X`q$
zFe{gn-NFp<ljxpiyR^0AO5S5gOHGrzug~HPlZvm8y!FT(a97pkdso#>P`|SGA7?e7
zF-Rq1n?~{OoKnJHGxFo?a5eK17(%d0^=FPGJ-ziqNw=!!d0+dYC4YPFGH_ivl4>9J
zRkE|@!Q{YOtx+|OaT;sG(1<*a!?0N<iS$P*1V}4CqC)Tk#ulc#aVUCc?w=83r)xIZ
z-<HOqpJho3Zl-DXj@c7p41hk*lP&fH-Ad!o2w4e4eD79{aqlt!{qaWvA6=dJ0xSjQ
zYlWa81%CoY4f?m0&Ir01wj}pA7jsib=O?SDSu(QXPDm(mqFjNw&%9R}$3N~iNt@8!
zC}8-hw#1ZUdJ>{=6JOtQ52PpnOiIc#|3AiFSGl*HrbxoE*MeFE&kOs4|8ICpStkNb
ziZrz~&n{?9#c*r#&S346q1$gd=mIyf9}bG1TZrDDtf<%E;aY}XlewbZ$Da1SOA3pR
zHzPWZb{8O>lW=U{k<+ms)(VaPu_<jrPi%^P<4dV;FZ&p*Y)$vAUi#L)Aq9p5)3p2M
zT|ak+fJ^<eK6&Qs%A`W@+s(6ztM0In0P~53eRE&fORWDvQ>@T#IGyTem<{~uXZmdZ
zKPIUEnRtS10Q5x9kK#qj>i_Z_fL7Vi1+rLR$u9cBe#qChh5b!||AT}WvO0Y8ZUP3u
z4OmE=IrFft0Pq&Hiump@pxP-g2tQyD03Wjk@G+u(S^xiV%Q67B-1+_=xTRC)#N=Ws
zOjFIjhzzzn2k<fG70S(qYU5)DPlV0N!oHxvGEnp5|4Fv=O!YmHEp>zjel;`XdVW+d
z?C!{;M|B)G0W76<M&xN4?`pp9T2KOTjKo>=*OmVTeV)h^GxgUMj|9fRM3SC(BLF7?
zY)}F={ulJo{^tD)m`MIf8{s|OFISG2=a;qrZ$Jj2Z00et$q_NUv{*ZldHU?~e)A%v
z$#F7~<rUkaf;eYwKhxx+%s0mC&q`~e=txotTbNdC4ofr7R68I9-V;w{Gzh$|{vub6
zibIA(9O4jZfItny@HXBZdm5!~l6{zy+GPe**}E>7NSgsN7hTvO4(UL>QV>e&iRG9C
z0>Io!kwGbKCcbE|!WWCV<IDtkx}>^3$aS?3k274`BU)}-Sy~K0L_Wm1Kr7@e*7twG
z3_WkSg`gFA_u`vV%rHOL4M@v2S}ku4Yki+O5>xFlj?u7Hkwx^LgraLkBGYMokAFqn
z@LsDQuj*kU8dEK=7J8B7bm6K^lKViZ4D(J__q+j;&bp6VU7=-auoFOxwK=*d@eHtM
z4gA5lLH0q{bp+$+#;Xwm+E3lQTJnHSiC*2Cn8x4eYI!``wj@<l*q+d`fIe{53Ik#8
z118S;ex70W*&e|XE#Q3g$$9LPI{Ny)#yz0!!Lh!tDs9iViQhFdCjJhvcLf1FHvtns
z33s}fXV(Wje+}urFQT0oa<uz8zK4zTFiA_pD_|Un`W5jJ>tnVM_e7ADT_lVdX(S~-
zV)1d*<*yUj7>D|Xj*KM8bBdHX2_5&Q<9#pM{Kvl?F<*noUH{mF>?otRYByBZ1$Xu*
z9Sc+W975i96xop>>-J)69DXvr$aLydW$Qde##aFr`EK1Q^@4R=@n>AfAz>Q*-I&=F
zzDg+n6|abuNgg<;O}x4sfGOxjXCam<;vWIU2^8OaDEyKbOm4{$mcOggjx$Aw^&zA*
zQE#kYCDD1aTrx4AvZ8sd4?=<?T73V~H&DE?Y|Qf<AXPriBe#R>5Mr%(s^^F4!Eq=F
zH7%QPC7bV)X;i%Fo4f49&fW8r_?w!bo!xt$F)bvUL$&!PibF2<Guj;LAk6hUl<<U6
z0&x-vX(4OhzX_wRijUob78KGi#~2d}SfJ-3X$hlD6LA(_@fQ0S$i(G<eT1MR{yBHr
zZ2mSsns497c8{)@H^I^`i{kpcWCCf6`4@N50jswOqn-QnUmXrJxlQ)FK6Lz7m4Y|v
z^1{B?j?fq%7Dx+Mg+JA$ko}khR5yk18nQgqrLa+$WKQDtoRlWk>u%brEI@|mAdAT7
zwlH|(^5CkMy?LLF7&|2(^`&>`eG?NYMO~W`EVtF{-J(zUGx4&?35>gedgPJ&pA6wi
zyHk7IU}e3jfu!fKoAbG;x6TAy{jwg@7X5FUp4l7M$bR2==AcHx%o}|j7a^b87KDn0
zeeirj$gxIwMi=DEe506<%sr2g`*%H&#*{TEj`8iQR(g{Our@JU{ci2JwvhP~mr@`p
zl;jSoFG*57xQs~*Iqtl|_0}2wp)YtdT^3W(eJTs`U>K&XZI$`W1wiyxG>HN+nVA5b
zg4iaIULhSF53T679{5+E;u2?~bZY}!S-9hs2UaK?Y-@QiiC3ps=-dM2coNm$v#pI=
zLvGdIA2b{8)&sv~>3Uy97J=mcXEthk30|w>fAqUV!lZvR;rd-hF%o{lP!VGflh%s-
z==fVZg`!|Q7^p|_PBMT~gUxx%V9qHiMx<K1M1w;p687Uoum?x#00XulM%!9s{q3MD
z$8gV9V9sqa0IC#ys<Is@{!}F&A?j`YJ8RD6_k*AvBi;aVc&8ftcbwPM;36Nbcg(!O
zMtc3|PVeD)O69yp(%B9h=Bi^7mqQ#M2HLDsANjYs$l?uY7N9bRtXiYtcz!}{icA<$
z!zpi!#gZrc<cf2cc(`GUDSLRB_^+f_PxOi+muwck53uD`X}-uB0mqTD^m&DXoqFoD
znampf0PHtb<(Z)~!Vg|9{{q2VL?%ZH{$f^@XGtuupKD*`zM1nLfLz<`)x=YXL=wPP
zTe=gJlq(H-YdpbQv<w3<=PMjrxxu&TCfh>1-hDa_i8Onw%;sM5+l}A1q;HO)-zkCv
zZ1m&t3%5A0X1bDo<HH!YNGQ@$;(Iu0`Eis7-`s<LWB$)8<xtWj!`mCO^c1FvvvxRR
ziK2z#_b<lMR)BoPUq%bKvts1G;w@o}jElQ^(*B+Pijd0JL<NI3y~Vx5A7Z;7zVK-m
zvQ3xO$>!EIBu1ljM=C4P{q<Ae%G}s}Dhn*NxXgJ)bF`lBQ(^zavuy4=_cnTihFWKM
zSn5)32Wq}1Q4xPqb7-z4V{~d(WKg-;sJ_kaK~Z`PmRb8V^O2vJ8H7J59IC>5BT8Sw
z43l2_Bfo)IV$FeH@K4_9CYU~mUj2sT5UGsY3U5~9`T9E0dSICWZV19U_A1iNNy9`|
zYLH(Gf>4ykp1Rby4D<iQJg0k(JA_H`Gfr|3NI+yeq(&i@w3}mQKNN!z%eaNsMG;GY
zw1QJ}CbTRF6ptr#U!KXO?hWTeer<fp`x~F-9up^M$`8oA#^HxG^4{^JIaAESPrLQH
z#IS6O{+a^Ol*(8DJoz6og^Ur$mTjU+1z3V8XJ1_aVw`~3ttrPket0AAl2Dq-f7)<U
zy>p$usE$1TMbOVry?HfXh3`NHzF||sYV)&)>rnd<%GdL=hEI(>poe2qR#(W>U=xSg
zj*B{@R_+W=#o0kZksz2Vs){jYmQM9E!HmzLKRY;;x~Z26h(<Y-g8GiiQ9ASFMUEq`
zrQ@h7@2BnNEZH4NwT)`46168!Rkkp9Jo;x7w}W3bqsNc18r!u|(N>fv)ramSzCdd?
z`6g>gf|NXtuxLa6QhEq>Cbim2g%n?$E&l<c3p{)w-;iVsZ7VJ?sKZNHm^ZJZmJ^Ad
zL&2za@fBk~Ban-p-LCOZRhcnQQHH(V|MfB3@Mza`UX-fd&t&<H!tx79sFAq&oTpPZ
zR0eA`U%L?dgYIe|7^r~FyI1)l99lh{e>@&Yw^A;3G#<E8^ZYX<nR-{b)N&h&*XNQ1
z)RNw<1N<=567Mb46lXhiwh7ddF()M8jv2KVd0~+P+@=|_SRf_WVixjtN-$s7?ptOX
z0weHlu>b)D3x0<Efn+t1FYcdDzESLbE@#zZ@H>RFUteEu%t=D}p5q6Meo1BTpq!Px
z<E${cN@%we1DcE#RYBnYWC_mFE1OXVg(@SjWfUu-@K0)(Hn{bV!Xo4i3C=vqn^C=c
zo0&90)j?n?XVo6#y0^Vio_)_J{Qf>yhXc-1qvj;5uk{GdNb>tWMMzlA{MXHtm@B$L
zIrrrB>9)w0?jh~XzwsopLq-Tss60&93Rgo-2YA<8e3sThdy<Q{9|~f#WDWkbnv=IT
zIZi?PUQ}7zE-6ti&29g@ZW~<qOi)=6ds5N-BF7oieu-fco@Z^C^$_ew9^kUQ=myt)
zzj<|O|8kw^=e3w$mVfUe{ABN^TNnGcGoRZRl&5V~<M69D?*IiE@+KuY`x{CF@&HYc
zy|3|1;~uwAgEK#<aXhAa9)9w(X%FgQ_s`hoIQ;3?k~VbWbLjHjFOFO2&<DUu#u86I
z-ulJ+**A@yp@ahsPM{HIx!TPziFsrj=7*cy&lL{juIo-}*Z-W%|LXSyq|5Fc^5_A^
z$Pah=Ovn+P=MY$G;{cQMCqBp(T5`MY>QT2;KLl1fm=xiu@q<66t2HfK1M5#bmdO0j
zOu$%!H-Cc{9!u-YkGVFwWmc#mL%((J<biq={&7G(ii8-HRWH+RDa2{HzdcE9>!ZfZ
z6yOzvs2c`KZYr`MVUjm3U3xYkOAx1xB%h~|QO#?srSIf~WhL06j6y>@_;l;DV+aT{
zhF%lh9<r5j8ad**^V??e4;W}Q)#};ds*|-@BiH)MYl5gqKZ$lC!$*UNB+Sn)$QOBJ
zJwp7XaX@jUWfm@M_!2WAsHuHA#VS-{-?`QF;DmcWYqu$EuVO4ky>6zJfCtT54s?Ay
zAQ?tA5c2C{F4pacr}n3|x83wSMdALPwK&ZFd#hq%SjPKP#5z(>QC5<l`ge-6!<y5>
z)5ghC=HfQ)FNEB9S!i*+7Z^tRbi&Q=Bgzh2>Qv~s<bc}FHM(h_e#`^ROC$Xs#J@r>
zP|&J5hSEJPGi9@W06giCmnoy+@mgx5@M*KBX{-6=AYafIw9m~sx@n5qBRAS98MrzE
zH0~iEQK~E7wR)(-={+sQz<`}NOP?Nwt&2Y>KGht<(C?;<uom6fs#~}2K^{-bBX1Gz
zN)J0mSPqE}{5Q_oV4X??6}`~_`;f&(>c!*v<?;NdgO{K3176i0@r{C4r_m?J$fPR=
z+g?GnUaPf-3L+@{Dow2T+A49E(u1aeNP}+Yq$ku;1B8TiXHjwEx-k#PZGWanKfDGV
z2+GRUzCDdgIRz#!)D;dm6!WySS4eX6H1#tlFWLdLjyu_hKG3#8&XkPw4XTE|OphXT
zzfl?!QaYmGF$_J1S|=?2Jk|7uYkc^{v%*#qV3xX=S{O|oju}w2`=v<DG71pnH7xl9
zl}}g{wtzWUfvQ;=wT4fNBm*@*I1VZALD0&V<8K1^FV$Pap;RBzp{t!H&yL6lmrLGJ
zD1|>X*2o0%e8Q86e4NWtl6Wk<XnH?Pi(dRp|Jj!FT_aA^TlzqA98g1sjCALh!3w;7
z>xUn_;ro7y{j{fFU((@-9p!)KI>qfv3<}^}!lQ|y>rwmtNa2LW2Qo-TAg=rjCwsfN
z^=st7u1+fYc|+yEB^%<<^S`Tbvfu;@iVwTxhY%a|FwCOw{V>&=xh^b(LfU4=HgIc#
zS0PmqmZD;rKqgiCM5o|S^>x8msp6Oa2Jv~tKjqOrhBkulO#UHtO-b<i-$E8H;HKlD
z@l-m{DdJl3!T6uPy8Qo3yWq<{i{R~WfZ#XvcQVqLVyR;En4M0he~2N14|81@2!)-i
zV6{l2e$k0IjWA=kl)uiD+s-&de&?i?RdI1HO}e!2pIoaHG;@JiwbPNc3W1okoPDD6
z!Jq0-0z}!6c7{Tnr@>PeVFAvm=QNIgsZR*TYwYarvUvCqAxI29zDQHgk&y<?Fs{3O
zHkiwQ&&lU7OhEh!9S?gV>00rRbR?}?%x|QuI6kozx0GdI-amN<wR1{~d|RT-(En;Y
zH1R^&`ue&97(Kxr2XY8dizTvq+w~B(F!;d@!(+ARM7##-=OUGOLCS4+93uaE$|98+
zo0o&#M!gdyhRKiihxvofXHHe`the%`G|tju4T=Id?bLe{Jm2LNKZgJA5qbsDcBizA
zgA^AnjTRJUNcFL}4%1L>+f)}O$OE(Y8>ZoUgz)cfUQzI)FD(o9jxiu^Ar@^dg6((m
zodl=~T1+sQz2Cfc=f)4<$s|s@?g;(OOQF^wthNjUCk4q+d>b>QCR3o_DT4!gzvc0U
zaM*{6m)fv1P{gbAm3oR3ag9#4zK**_f`cNUe<Ot-_Ro6c_GpZF{E=J?)m;?I<)kD6
z&ys7f=*{ih@C4o`$fc*Q^b;On<B(ZEyg(mb8AXB_AfCoGWBu$J!3=p0a1o2GR7oiv
zx(x{5Z>1&bfsWf)M*3<^A*2&b9EcaAW`f1qh-Y|A3;1O}An=)Hpd-r}1ROYxw^+OH
z`IM;3njIv#3I2BsG@HZIH(%?t3TEq9k`<K!yb%H3_>XA;ivsl3vY1I&Es(K<MBPFZ
zMR8!mPJci9L~x~S2Zh*^@xv$Yk<aO?HCX=hE^L@kyr$~(<o%yO!;|+jbin)N|9ThY
z=BEP81Ey1&At(G#t-3sdr=c4@4gFg0VDy=E<3x7jGikgCe~lW+I2t$2J1sKl-FXio
z=y>gk$^g8if;SxRCF@p#0da5t4yiQrR{qQ-IvV~<R(aJ?8tIy%@1)X=?l`Pm6Iv$9
z-A7EO81YC$;*L=il4v?M=$W~^kYf~saVmCv9=X5ePBBV(`7Dw(U(G0uXq^PMr|`PW
zf@r0EeKM2m<iv5cC@1YL429Y}ei8Ca%Ch70egy9vZ#k+9ntcn?3E(RY%FiYsd>_f`
zgzNK-I+_-$sKyCRkdC6!ZZ?#%&a*Sj;`C3DZuajU-}uvig72^*%D@{X`+$%ptGENy
z>XS}U3Ks=Ul6;`oX&~F<h|kD!swALb1<nSR5;$U?;y%jjhYa3J%tMQL)pUBN1k2AU
zl2S>Dzfr=mQo$?=U==IhzyDg878HEiO4n2a3V$P?%amx^ovramWxDhP87IlpYY4~(
zA!BS{@qt#v3u2(4$v=po^n`+>O=L<GL@Wp!qe_BBv2Ulij3ucnHaRj5QG!%=7i#KY
zmo%L8#b*<KXQ+@0o+qYB@k5Lawwax22-M6pM5zRep7_OXv3dqgLCc!rY~KiLG~;V^
zn}!*SCE=_}WVTJ1RA`e9CWTuK3JT6k5TOt{SoH@?${N4f`xn)QQ62>(t>}xwjYKrL
z+a*{IG?+pk-{ZH?CstyZloPbMK(pDE!K4yLJp<1$-%-HHBvJWNZB>v669vBe8eTRg
zeuh)Ygh{0mHQVVrgADeJ=6A@=4+)54AJy?COh5D%FgS_CgAugUXuI*ooQ(?uaL~IT
zKb*zQ(M+fMH)vC`F0NvDsc>MRrRa@y0p%|7pK9<K)96WaM(|GKd|T(ocGiV0=9Oki
zkfr8Lb<7@lTJgIN2>NL>SL%SA?f2A(jGO&C)T`3j4J2C;4)^iI89A1hQw$HIn7uBr
zeyvCsi;wtG7S03nmLC)Kq>_rZQNk;^G`WZN3kgTo3)S>>NaBc!^$o!*ycL+?rxP4p
z#`AT}JiSRUr{a8-nqKYP0m7kuF#H6IlHqR=hg*U=-*NV1S<(6=BEkU0H4x5cwM@!f
zLs28#$254xpp(F$H<a<oly#ATFFsX)v{hl$aa{FHMGu<zr_PkD$sTK!)xfGnSeG(q
zB|rUTw=*0!$-a974a8_3b%f-opVc<>Jx%KFEipICM!mgCW-+p5i<h+6y*{fZ?o9B<
z7-TP~tW08!=#5Vx;p{Kp`^>J7555~kpro!hWDw`g`TJQ_ZO}n~#JxI2LCCQ781now
zi)9UTO_+tESe^x<l|nraS2XIOk<35eFiY!HWqtNNUx61v``b+N*HJSx)8&H)#SC_?
z>vUVY?dVy?#T~|-xCJ%_wx?wjCSJ^$n;7_kaeWsv58HZ>ft7v}u1`r4ZJ>#%|AS!1
z9sS$9R3DD>H~;VRQl)Q{DrqL@jGe~W7<Cd@LLq2hHO)|Lf?`5+Sn+*jqwjjYykV33
zs1Qk*!ukz&K#QAj1`x!nNCcsN)ucm-)X8w3W)s#P*P!Xhf1_0VWU6M4tve%c!cUg4
zZdW|qsV60*;JRF;wk*!W*5B2y$%;)ks?>h2jBmT&k?YK7)Ejr^3bsfntgw?Lhx2mK
zX)FJ{{MO~@Z3{hVZ@}Le3JXP(Sh{e1uyDVI;p7|%MN$W_OsD>XCQ^BX-X^3*c!o06
zfVmWs+N@e+z<MR`!FnJP21R4z8Z|`r+V`@?L!Q@90{s}WhQM*q1HGcLL@iSgQ51vU
z2rTTMZqo*ov9r`}1dvi<09;^LD^AXF`!WTk(ukxX>vW+w&(2{1$`HI%1Oh5rP$e>E
z9T>kU0a+&)1(19i)s4GzhGZ1ItDT+sbu7mwtk$`KW;q>vY-&zE;%EWsi;XqE-hFi$
zYHv;uWp7Tw&Y~4(ACu=@Fb{`M1Y0mi*MtHRD0}df(+F~M6wH?x$fSZVfbTrHKHSv&
z+}t0IQ`h}GlF~xn1}wT;+~5Wa)9}IROe{j945pU{VC<kGw44+O&K!^LIH=kQ#&i}k
znl2CkW1>}OTgfGtzoSvqaNzw=?8;Z#!QSy;zy8d1iz25SM9swZ>44%>pOUOftzY1y
z*N)2{YV~$!-M?L>EFcsLzMVU-&TDLbYDG@BYUOzq?G^(U<*%|`^SU(#Nf23YtzjrP
zX&=%Zs%HfOMs`7}EA*5U`?3nUN5*KEz9mef5#rXQoKc8QdCMq|T?a;RC8T}N3fX2v
z#XF4u{K?mpoVK*%AtEgls-MR#u*?yYaO@7!A}ug)->Lzw+NK*;>YW(z2}-3bJ{G>i
zv@bK$6<GROz)>UYII2bGEbHK3L}=p^`iZBhJ2R9!8a*N-6_h&@XyQ9FIKWYX>SLaG
z#2t5v^C*K4jNrKQC?Bm~8gOSLQ14EvDE<HF<4*pkk8{qpLG+6#9C6a?PiQ>;Cx0r&
zmdTbyQ!13<322;G??gzYY?rgq(LP|p%gC8DT}Dka>Vq7GYQIK{QHt|)vXF1WnQo8B
zz9NNGzY_8=P~}Z5QU<-;D8(t#J4szdZ39pG3yCGgABH$Jb1cXijyE_QuMQDE{xh?)
zB+X28Tg{%LibgBTI{pO%4z0x!(OKM+#3UFZFBU1Rd{Kyd_=f?f#dTMaLRx{a2)QV?
z2g%IV`=3L}r#~b>2Le=^dr)X!vFcqVvok|}_sj0H5S#-nEgbxmyup;Im-GdOcDdwo
z*3ab$T?i$r`Qy$FahBZDyg7J7?Q)d~Y1#3evCj>=&<9#ZVWD1CggL*!uM~DJFfY#y
z&8GVWMy@f=v%AsvT3&nhdikqKRJYfRocr8(<(x)6^)GN-=yhQ%h^F&M>(H(9jD^-)
z7zM1m<|?03W&wsGnBBunbB6-^IYzDl`H+8h`n*P^pl(Li6g%G?NmftGuKBER6IrCq
z9z8odspvGIJ=uvoazuPS5wiGoh#)kdh@MOQ+dgI;p9oDi#w1edOtV>Bul>-%OT0+B
z9@GTnrlxQOEZSOYhGE{&VX7`EXdEH}Dxif2zU{-jyiDNPu~wnQV;`WR<Ap+#c)j?#
z5JwJsHIxVGXzvKdMo5rjq?LOxnc698R{I6}o5EYA`K&DU?v)tAfR!f045L%9+AFM(
zHN)!rqwfai9B~Ytd%=7jVACnB43krdH!VfbaxkMSi9$BQH}O&pPN*HxlF5>RiGsfo
zvWILiH?kJPQrwQlGOF2x%Zxnp%yx!ZN6oCn?yU)bX`pls%MVX!CvucuK3#{1o<ED%
z9Dej_^swMHY!-JINjgSmY=An&LJoFzRbY-$u5aKiKR)}UA>+LSzHSBs_1UvZYJ_bG
zAI-%8Ch{4Hq8hO}x*Kc8De#h3pn6Zli%J;$yt9{}?hTU}?3*Wth6Pz;9(^g`G2G@n
zfuKU>Yb5JRtx6n!ae}ZdtDM>#1IHMq+`IZe<+8lioFz4`vzYFqZ^6<E44ott*^R|U
zJC!AbVq()}ID^~S_28WZ>77c(M86*41A>bBH1%mgWkht#;G^i@Dy5%obtu~T3jw=|
z$h4`kV5&}i<qd>L*I8yA@<`2j+<g=uYfcbtad1EvyO6D72NipwlhbTczNAhhuCKtR
z`=~zTWUZ31v1T-89=8vo)1TeQU=km-09pkM1tUi0O_GQ&G7(;eDrK~ru4rpwE~L|?
z6#d;X$JjeTxCAuM0xJ=zuSs)vvg?8SZhd7oQ%XoJbrgN!IBl&fFr;z*IIxI3o@S89
zI)uSJj>ZB740QBeXn^i9vwFA)3H*fo)k`TVa3n6Ic_VY^(IX?M*3kh8+{qD+bs|Q0
z3>r5=bRMNc3JC?qKQSRa$9>rwpb>d8&o3XPV#4HKv3UBlOShz~2=XoFwX<0@@Ar7L
zZ_g>yAiFBIJA^%6v_CMfURJk1Tp4fQ{0(^gq=r;X*y56nOL>Mw{L=a|5645(@y|Lw
z#!|CG%DqM5@?9t&6>%wS?j~2I^Wgh?1Me-Gh_`}P-Liq8kkRpHY9OLpEQfBeU|3)j
zOkLJEjA!PSU!{pCg0#@yy>fa-FXdiZMv>Z2Ms~*WE&`vh_AM*kWd0pP<!T`IMx}PZ
z3oyDL5pPrQ`h*=TUX4595+*!*a5mK>=|}<;Zdyu-K8hOk?Ql#AK`=27ne~|*+8lz8
zGl|jFv6CgSOb99#1{w~DsX)i6Cm!RbJWboq8Fq!R&IZBYE-8vA_P$!z4T|39riv+k
zqpH`?uSC!>ch|^>#<DH)*;MUlM~<WGIb%UNVX8F_)FOIMHylPUTSv7R<4>oZ2PCtI
z>5*o@!+F%0Ayuu{$$#qQoj#HycAVY$E2&Yo#Kqq9j7=A!JG|N>^%h!>oc)P&%-J9>
zt&ny$ER^y7_>o-gRUVFEf*C3qyRDo|S~!l6g=^tB4+<8Vm<iwBnr{dJzRD%#fmW^f
z>h;1l&--i*u43T9Y&j7m@3@w)_+@Bwt5hx{@>KV}92ip3;PuwS-$n*f$9*TRT*Irw
z_Q5VBk>u#|-_)}-+$I+sa+XFQE+zGpv5kv<-Bn*S@~1PzJZS@G#r`criv>_l4+V|?
zJi{Bb$`ZUO$cxWGaU`0AsGggbt9nl`wc#s{5QOCq)~3RXLvj_KEpYcW?^(ovVa1L3
zZ$)D`LKS1(*@Va!VM^~v2L;Rk=&>r~b~F0NBZNF(onPE}l_E})6^RwH8ow|8zJ7b)
zO2MkveGE#10&W`lsJ6k+ig(5-%3q>cqw!8q5v4(z5|3Em3mvC3Y!^GHkLcC4{$=y&
zGY!7B&lS!heI~WnzH%#%@Uc&^I@KY;(I4T1zs5mMQpbh|{B0WN0;OS0&k56DvOTVA
z&f@+xUHwbZbL+vFS0vMKl+dSX+qIa34bguQGZ;Q6{*!_j{j8KAk%SRZttp%*J(-;^
zO|Ztq1=oS1S{2m&^==_<2HT8hOol=UwtwlHXhUeWt~JHAblv7`y57e^H1`8a%QgeE
zk>2=%VAvr-fTP(Zqti}>mWVEI-9@B4_hW5g(Vs56PNcIU@nT0#tW(6P%f!KXV|KYj
z$B@p<Z5}R0aok`oLXJs?<VCa2R<T;tCAhC#AWHrW^=&vr7E8Qrm?iv;Np6cSJISe1
z(y6*?&>WrUCB?T(h8EOZED1fh40DIpx%I~zxT@Ti3rHeFqJ!T$<}?Neb+VP!2-uWF
z{g-kT!L^nUX8|)09=KZK<Z=@fRsrnnh)m#0Em5zbv~hx`3~KpQb_@){;t}z=v2+6S
zdUm@}#*AR$YZwpA4#SR06GX`Eh_vVYmI8+LYD!I?ykbn>I581^z>tgVQy05n-js?g
zftWk4r@jC#+nXZ}>LO&8+vK?PD?$|1q=llh=aEG@sT<nXgA*<V3d;0cqMsLCU`E>U
z-txnyU0=87R2N8#W#PEE8{}*hOdSMSkfP1se`6cZq-#r!-qU&(eGckaNoJMFYt{#S
zsnN86QENmK6BD-QT}~ZpmBw8!n5$*Ny*<OINDM7?YTjSQ{3%IhKukb!d%KCD$=VS<
zz+d9xu2I^urj^f{%3oFY>^xR3UznxA-D0>k22m9OX<h(f2Sw`(HqrYU)o|%-UU_oe
zpwd9|N!l)7^F*5%Iy#j@MMDKf?qH1PO1$u7LCdJ9=O}h?IxP;;5NL>@*4hU{cD7Ut
zLteVvf#)TYBa-a+XT90XE~*I0FTTZXWjJ!U#A+zS4Zuw16_affAn(8S)&iGi<xE5K
zR_5RlDboQs3&W7b5^HDl;0xUC$<P>2mNoY?g1R}$)4Jt&Fg}U?uHHA+wHoavE^f%d
z#z0-HhU~Y_f$6kCK8UUod4652OK>F%P%nktAepT!WEzZ*yMkL57decSWZ8B``?KNI
z-_U$}mY*y^Y1ONeHY%N|;+t%03g+vdc4<wl3@;<sBcmB9Srd6I6E&hu%A4%q>St;!
zX#z!rhFS!(+!2kV`%V+nDtd372exM2l_H_rAQ)b}nu75p-JjrX(DZe{!gWnzSfBjm
zJ3TybDQ3od^g_na>a+dAWT%4Av9z!7h4}{A4ku$@7iF|q++WM&D6tl+^RE<GI4&7{
zwcaYPMb?$*gl|i1(h=z9eHL9Pk?rE6oPYbJ6{L0B7GQKL9OU%+0{jPsF~a+_KT^t+
zC+a=c11D_aVmr1|3D4GPFWWfjYdd!aIIa9Stix}`wbYVgxU=MH3NhQH8>;>R*B?EF
zEBdH?RqwD9EmV)uoCp0eLkwmj>i7atp5}Kj$Lq0n0TVNPE*^9@U&$opF3b=DDi_d_
z`w^_jCAO_b4;m{?ycQ#eOArnC8qzP->&oWuW3tixE31UO)WP7Z2gO_(X`6YLZMw}J
zK}Jj1h_*?u?U)kDM?4^P*r``B#4td@p_#7m$+u`hiNV+W)$>L)5*R`3EiY%*zd>!k
zdOSf7MM~L3<>s__9MOB*dASxouAq$X<J74<<9Ql*xf;V-^?4zr_Ev*zN2f)G7nME8
zt{t*cIVF(eVRGBp%d<{p*ID8kC&!7;TZX1-z{91$5|V!=DAm-lZg#WFT>Qh{;<E&r
z+;e!Ru#ho}Q#mU0ckxtKA$VNiQjW7Jm*?)TyatVnp!2P4eB(3WMw(7z`L791+EWc+
zubq6u9#j>t&KA|+bBT*H&R`7C`#e%|fAM@jqyo&XX&&|bc$@tptxRe23z1l=V>5F(
zOHY;RJFCMK(|O_7+gAh?e0GGI{`~HPrx`|nM}*kA&Aqk-*C|s?VOsud?Rk2FlqH|}
zD7?Ww9!44v;=xW$5ACpv<u6#>5jlg7a19965PLgl>@$|D00OYc#1EeC8vVWR`GUnB
znz{;=*A5GUyawzMrJ5dzy$Oq@8?4dP`>X0HZ|P}QeaF;N$QQ%6TVTy73N*f~7u+!|
z74cOPz6sN~5lvZzT5E@e5?Ev@cmjid68Dw2)cb|N-kx`@9`<Xg%nH-hx-R2|LiRvL
z9RpH)zVfLIYeotI3#Kx1r8&*UF(Fqv7!=)MsF;$Ws#1&OC=jp#Csrt#hvsFMzSOcK
zn7Oiu`ebFDUO;DV2fuYZ+o4nR)J(vqY=&B2$P>GIAK1g~dh_T?UvD!{9`V26bW|_7
z>z`6;F4`&}JW6;|2)rx{UzDrh4|Jn5*f99Y516mKo<>igcgff)Xao<)puc$dJ=}@^
zQ<)3`9OL4)@ij{nO)>G~FWNFKVsr@u&N7=9bOK3Yba9AYzN1zhsj=nQ3h$1VQp&&m
z%l%3PzLEdqZvx8e`INrVrn^$(pRFj;gZ-x!qRRe-kFJilb9+c{(Rz>eO}39|(jX{f
zIec~*x=o|f{6BDJ@Ash<LpU`=-wGA;gUMc82;#ns**()#7dL&rRqfw7%JDws*DVkw
z(rZ^=IJO{Sft_1%q;j|L8~iMm?U{UjiM=OM-b<3^es|zymC%KYy8m%Akf$Vpk$dyC
z3!C9i(n(Uj!Rd?dNOt7x(Vw*6XKk#$mRyK>b{Ff>da#y?s5z$|?uB)UQc1i-_DjkF
z!y@QYf8=j0phkdKCj(CENc4>sD;EL*Su=-ei!(cExQ(-iQ)C3K+(_|TRY8^QFdtfp
zJW|I4EWsMQ)FSgCGFEQS5v+DF&vMprhNiWqm<<|GJp`yoI{5{%iJrhKrHqVqkNw)v
zsaaMn&{c?(WGx$C+1E5nL7LW-*ZeQs!gTUO?PuAp$+!|V1!Z6vThdLa&45XIyNZ4K
zsTNi@8q=Odofo>Y)gEt?$|^8nVp>_Bs7S%3{SlV#KsbCCI98kFq5fhAtJA0#lzA%4
zFPyEkp1SbT!QZwsGx4<LCHJe?@0P?^r8bOUIEz#R={nM6x!RS4OqO#u`-L9szC}p_
z?CjPPE%S_z%X6SsxAt*PAEw1!uG5j;B1QIM_aQh<!E;^pjoq$XG;xXTfm7BwQiH*)
zT|r>h_QQbZ*|^HAwR4S$l!g_SrzYt_NRD+uiKeowp-Any1@CCa2O1e)b2FJG602<l
zG{KbMN`1xj9(GlsE`;t$^rG{K*~aFHAk{gf7t8}Xep5jRN2550ijh3bUtsMKx7I~t
zU7@p3630sIGvjhrfpfi<@Pr<sCb5#;7!*afbX^RK6k~<NGCmX>FVRrFM-+1hVZ&vc
zmeSQdf>NLidu2Wm{h<CEy~^_6zf&}>v%^>+xH~H@i8C7oJc7ZBw-0~e)7R&qU7Dp7
zsj0*JR5MCWHA@VvdG}?u6l*<_gP#|0$X~1jvpKZVJ8>4IAJi;_udX=iJ*5ON91omm
z;&kKK!`G9J@K{VbJdp3F8F4|qg9@qqa^epHc2_Vh7P%{wQ6D!=hjxAo3J(m}qw6si
zP|Q#3aNi>=ru%hm)+z*i>|CZEbxe4Jb%F(&`|l7`d5LxQ$RiBuvBVlk@8;@>)~v-6
z`rmt#n$a9uGn{qzL&6_7IkfA<9vGHvD-iLsS}jQ`)^@GK9YD@@iPcTOWaKIzmV@Z>
zac^hsnOpcOYv9i@K!MUDYMk(smtY0!Ra&OJFs}%c63VP%#uuzlAXWu(N1vq9%?E1&
zi3)i<jOs)%RD~-+094H3U$04w-Ta;$GUZ#6FQu6t_7X3b&#Gl0LCG}y6f`LQlePhg
z6Yi5xJDz3@o6uN3{{EK*E%^jtoong-?Uq%1!Y1wNg3vR(#Sf>0?Q8xG8t&ooU0E+&
z5d}p|`-jn0=j+ColS!0$yv6th%<DAx!<fT3h79R8Mh`lTw#5FZXXLzixI?8e4P(bJ
z73v$qWSVj%!nAJv@t&55*|jS~#AZ+^c=M(EAgu9cf2KZ@6<joIZ8gvpgRW{_6YJHp
z-Ffb%hM!Q)_om8v$SYmqpfQsP-=xqNz?Pue60)4jlX}^X6bjrXq(#kRrfA{80Eq5i
zxayfyjC9%gxDVmQZMm>OH^Lw!&}@Rqojf$)6?+HfP7_Hjcqs!|2`?pk+T|Rkg&gK(
zh)AX#?>-xnVjt&Mst2ESUFUr+KNsT4#mj+qLzyArtOw|gnTNay<jLRcxA!$7+UXoZ
z+&d;ph6bAZuphg|==$p4vIwB@J8+OJ`If$2e?a3fT$>5a-k{B^!0Qo~<(Ce)ax!Ho
z!Ex}nfQ*OkCT<U^g*n)S95qPEb_Ji9ge;xoe*LEM*PbvH0$czl%GQ>B$8cV#c%E&P
zJOm*OOR=L-MSN491q<a@NUW0by=X>bt7?a63DGW5jH4k*tg6`gb{c-f7ya4T%K~Sl
zvszVN49rCv{HTGQyM2c3rt2_nKrya68tt2PSTt{oL*aKn^if>Vc>J+xp<FcK2lAWO
z{05zeJZh@By6yMXsn&OP#18>pMG6&noyu?B5zF^V{KUSmYtn6W-d41>W?kPRr07GR
z9i2%URV?RIrx``hd+@pY?n%uFMxj%E9nL=>mlN>uVbhYG6U1QU=AJ*e!7dD=YW9QE
z@80O}PF%#&eQFi6OgVPDjWHO%FtB;u^aw9}Qo7aoFn$qhM!6hZ<w!Vjc#oH)v^0p*
z?9c82bQca40++Z_2f>>Ei@3KAin9y)M1uzj4udE75ZoPt6I_D31&4tIcXuBM?(XjH
z5-hm8>)-_2dEf85d-qmt-KuZ*Zr#78&p9nqBj@RJy8G8R@f5zy>ctp-Xq*=sGUmh`
z%7~2agx9Y;^cmC~i%1TDOce@4p?q^RMGmbv=owKhiOQMB9y0-vFcOV$qZuO}FVfg{
zFE0%cj{c8I)vQvs6VTgaGjd(_5PjplknKI83t!;E<J-;Fe#-<kMewrWxYld^bfLrJ
zV1~w>WX@y^qYm(sxi8sL_t$hyZRGM@3i6(a_9Lhh=3$Q!WPURUSL@S#Dqw|6>MJ>N
zw+`eJ{^yHr$X{nz{~j(h;4rcd9K^i(R(Og{H~IG?jAD^T!UE<zu6Ex}Eb9i3;WK>{
z$;1m+dhF~VIlyfyBX%|w5H3`6>LFv81Kc7DqI!6y!!;ub%IE4(f@XY(s;q?Q-oUof
z4>`sm(W89*t9;6dB#9Xh&K6bSr!7O`NBMfj)pK~}Q}Jx;ANS-VMII*P`gKf!B{vp+
z#|cFOxd})mC>u5+aq*>07o%l306&Q8rTXW$e#-Y>-)=R6r1f_TAz5!QF8bbxfw6=;
zxmX@a;I}8Asi)oGp(n-HgSS`V2VJ-X9QUYlvqSE@h-vtG_^lsgM?c737T*58ZBb5`
z6*zPUH{!47!te(4iod7c39pGJi)8;e2akq%qr?Qtd>S;Aq(2V}lk5*9AD2TASj<Iu
zq#)NE5EC)zi=@L3HC!cPwaG~eB`8Oj{2snxiauoc@!NQoVl%iak!=%g)8$YOg;FYv
zWM#QH{!MumGT42w!<fRhC|JL>=zP=f{3iBXXFlV`k|9(tO0G@@dvDT@%Oc7`RNcH0
z8t+hWY)51*O(nDXPN-2h3sg&6t&Fez7pK#Vgxh1NQI^jk&)&HACky>02~uvlpzAeh
zT7bW|3!wpl{9ex~`3B2_XUJo)%O4yj+$&j@(sTkGaapQWmVMiRW()2m9pE9Vx0A0L
z`?miy%*WqNQD9gkByOz?;Fa{sPdb)u#7Ze*E9D1LMSj-pQ8AI2-oTasLLm%LG8SX(
z<)Bi>2iW!;4;=Ouj^_`Mz;0Uy)#k*;k(sAS1JYI$ejU%QMB^Fp%u!sgV*{Vti8?Zc
z06Whn6%;*`K*Pvk|FG`9%au&G9J#w10pRcmA+ubV_{j$}@q_nL&7*6Fa~BW-0UacE
zxvbt#;*VZR`G8G+oCVGTjuaE|ug%Awd-N|ecFwozJ0a4yaEeI^QMrQfuX=llxulF3
zX0TE77aZQ30VsYEpewuh53kQoiu#nvS5MjBZYVv0f0$EX&jv^G6+4ucx2rj>Zsn${
z#JY)P?(R6w{O8|TQRKe2;(7b!9c_m$l69N8YSSIwec1IT<d&yE<BDfFj`#O@aoUJz
ziw6>7XhH1$G+wkhx~vvwzQB>~UU?}I4cf^xvx^Cj;j>+SC^R$<N7ZEBE+Q?qq%4dO
zPgg_GaB-9^%v@f4!pfEjOha~4HP{Wlwc+O05BS@Ey&r)m*}`J~r5ChD_#M`zmtFnZ
zezl?n0VX~q!SEP%RXRETa$YSvR%>$|m+v^|8(IfGB=?gd4?hI72)y2RHAyqp%;kWC
zDZ^e*Za(bE5c_H*(3Lh{rR+oDtsP98>F-dS+}9x9uSpC>cLj+g?`n4!Y}k8Vf1oP>
zl^#UKIVi~`Xy?4i!c_r=+2dHrsI#XAZK8_Qq_YR$FYxfNwL$MF5U&yKtb!;bMFMxj
zjmN=2?Td%~N+p!xdqq{8K@%4+x1A$>^ECfQ7iZlmioxK99D+93HP2{l7{Dn<KY*Rv
zN(yMNbdPxYi#PmM;+MUR8xw$(Y6-Rk*Kn&fwpY<?w543M^usDT6Uq1Y4-%beq9X)<
zj6%@{a-ycJee=c8Zg2ct5~U?X-I7rPLaBdmygSRv+|=&=d3=3<pvq6shtr_?1oeHX
zxR+>w2yJTHs5<O{6d$6Jg^dIUoTfS>7h?vQxkdX`3F4#fY4&Rax1bo2X0at5U~;^?
z{?A#9sWiCF6Mwwf_U(N)sn!;f;Vg3$G$p0+&sB!Whh*T<V7es*yBuuyaViIB=beE;
zI;ku^&^n6Bpu6w=-U1epcFQwdx{(FdZlZoa%?S|mlITTZ;aOl?l6-Q?2LU{Zu*!#-
z8SFc-tiWpS(6vKE{L0ti8070*5rRGx-qDMI+%f4Et$Y>~UKnVcU1<Y`>FV?6pvtg#
zx9tNQm9fdIdH#e0pIlAA7&Ht`RJ38a3v^!Cbc)XmSk#MH&>`-`Ym@l*Z|B)mx%byj
zZ!A%T8GS4p`nlF5HIYe}<|KzcAEwgac})3-u9gDA*wHC!`x|Spk?RiWC>$-p@%rN1
zKHar}L<lK62rK)2(_tuomy4y-K~WTJ$&Kxya)JXY4)2u3zq7Z6_h)HJnC8Vo7cnRt
ztrcjZs}ZpX(>&Lt!a|SSQ^JN3BI%vVq|;eQDssP5P}C}mi!;g3|G*A2U_q}98|HB}
zZKQ(X-XfCNRqv2acfgG!4;iMz_A$YVOYEg^7*rMyE^!R+Cq%*`gmd8~Y`GLk9qwm-
z=r#GA7?*`bFw0Mc<6{yB<z;i|jgoLnjC1&%G}2AD0Hka>Hro!=0mtcFLze`{hA{!b
zzq1v!(8T7LQh!NHS2JN7WKMv2xDKbI;J)Nobb{hAzlf$pnCyr%;D{o&%s^V%%zL9~
zQ)*p`0v)BoeECxnzP|Rv3jM(dq6BztQ7Z@kUHZ{wqM;I7Wtq;wDiE&nvuWnu6h-%E
z_JffgRlDDbLT?oOJ~^?EeS7P*Xd(+WtUyw$!hISvb~?=AYSjZ1AP((W0&C{A<>b(g
zTwoJ96X#$gf)?-h2PY^fK*tJ;B`6=;6CG7~;=ElIX(Is}9?8PvXuRX=GtHC3VD2&A
zhf0aIw4~7HRo#oUJeQy0N1y$dP&<o*S0AbH3^4ufxue#dR=z1Vr?O0l{1*T0x0nBB
z`de^}08SjwoA#G<a$|wlQGRMIgJYR6ivosz>}F~);O5i&B*0A|tjTXk7QQWr#sXcY
z%teJp7Sg8bE)>b}XO#DLFr2N`+nUi$F@~aimRD7Q^+$Min=<ah52bmkv@6Pp>p?Fi
zM0s+wpW86Pg0%Lg3DmM$d)Ril%)@-VBjis&ERa2e6&jyQUnos3AAU4w`*PFCWF+$2
zXe?yLTrzJH2YI1upi(+~(xyG^+6r79?d#nzt7<!uEWk;;DzkGa+C(>yT>gw&7GDk~
zmZINs<4k%+s`AD0l5iRoAKs20=SA-^hI&Txmq-?_fdv+fPyXHh*uaoyqvc$xP#^SB
zdHk$MWpoLh?(HqhZw{G@$QngcpUSTM^QmF+ThQ4eK?@&LqV3}m*w4-Ry$h12sdN=q
zg67v9jx+)Ee5l-P*-B`eb#jzRf<QK>CvXvp?3$vF$oulZDiIy4GE*1mIqxm;+gRwq
z_%^eV#r8g-Ja_}CAmWmRd(tv5l-eK2+?;Uv1|r6|9RJZAP@6^`R_My7C=zamzq<GQ
z*;xR6&`ueGA5OR4M%vnl#0gw)bCuxVDR#XWqhBVJ8X#us%Lu>Y#^0I)=3AJP;9YpR
zN$_uB<6Y?GZp#Y}v^u|2hU`aVm0I{1tF=dohCBB%0@pzRh^8kcgEAzTCM(>zU*J>7
zcGQ|1a2ffc*p*%a@50IBUlVmW;PYR|zo53Z@y;Uiwm*y<C`ddJM{HN%s@JnehjYs%
zs!mVvd|p2^*}}CqeEg5Wr-Q8UJ6iPt9bm2ntta#y4xWCirwmSV8z4@28;2f+I6to&
z!VBV^1?s4`Z^0IGd(lfYfuCBjIr=KVJ~_olI&?P26FkYC<Rj~rP$ISSo>YEAM%lsj
z0;qnmC%*<gUi}TWZVjn;LM??d&+}8Jb_N;iF+iW*vp1xY=q_x{ko_3Ai~X24>`DmF
zW##L`1y0#>39gXk7!Mhe4C5{f^NuUY@Gk~vzQz{MWfBf^Nk5?R`(X(YH^(+vG+Y7t
z@-M6=Pm*E|LG<<z;a6GL!JTf8$DJ-k8+ja*kM-07I}X{iqRy>>Is)kJWl)CZ{+;fp
zt0AAP#bpO5U!d&&HD9pPJqln_)@k|l{Xi^^H-b-d@Ky<DiutBg)!eO*Y8z{eTT{J4
z1DP7T5|oCAz~%lW`i{!>8KBR=OenF?<sp^er}Xn^x=0@gK;isCSG$#?^z6^t=?#~H
z#VDnSw3%UX^Z;m|wDeVsB{QRjwaXRZjLt{wqq+zz#v+{gblM9mP2!IB6|~l4XpGAm
zGiwbWFe1iE{1v{(P^Ib!jf$|!ki`u+@g*LDj+o$XYyN5E0UZ%1FSMsWlN@dY6*^g@
z|IaEKlyFJ+quL=uqnS+Rg&W~cGV2GLei~^;3P7IkWuQWyFl6b;<bi73ST{6g2*Qt7
zw18@?Fl1pxA(Yk!u_O!NLbbahLhU;s#z#uAB)_}JLW~EHpwZNr@gR@2FFHo4-cO2P
zt$b&E)-61|DujNY-*e~;#$xj@1?F9Q+W(I6N-^ry^BMn%)LK{LVqRBy@VAvJe0Yx#
zRhhsQ0LWgIkCnTD`G!Y5!8Z(>3IfP~NiwwjmH1whT1&`mrZXVQR|fuc2#>cdlwpBR
z`szAX`c2xcCt=rJCC7&}K<3XnccVVeXjI4-!ZB_;Eu4CM?(-_bh<4zL{SgJHw4X1r
zb=zIojxI7iB&dQ=G%lFt_eOQ)F^z|bIgMvDB0A=3pA#7u-uaR{p$L#`dbdQ5H_|~e
zApqdfq+neTDjX%4NauW`OspeoJMt}j9@!Ij)hJTAv3&(tyx4A}Mx03&Jf>OS!LeAY
z&yt05(#$=7E7AEoc~bu4QuP%MMRRwFeej^=aQIm@u=fHh+^p)y>Wce{^1|)6N1TA*
zGqUO)eai<8T+Y1`07?bM)FUp7qDE{aEBsmwVpvRExeB3_a$Su;6*UEoIlZ9qH=%gj
zOVksZdyq*{^@rl_jo~O6KQW5P2Lu<xVQ3WT*?;<Brkh8c^9VP!*zX7}ncjq#3GcCF
zVXzR$6nBX*U3}?|Gg8(u%x{VMHfUqPHY$OZUPEFQ)5Y(V7oOvfUm3YX;yjnP*G#DA
zxvS6HhN*y){0q4ZconMF%qXT_81eE)1pB$4>L5!|u2Q3446QpNkF|%Ctd@0JJqsit
z-rtzD4Gp`j&|%{XkZXKET%g!=o=JgkR{p8|C9sxgkEPChUp|k>0gF+hf28tNFW`g_
zVk~wSo5bnRx`mB=-HYT8gh(7bMVHHanQ)Pkf<J6)4}LhvFTeQxwORL1V`>f0t4-X!
zk$9*gqTac?yX@$t2KM(K!;BXe+{i1{?*p1&gQj=AvJ}7ID(ITQo&&U*$%Sa@xX}n@
zhU>4XbeD)klaVaasVNXGVes?S=?GWEmYyd>RcVYhcT<@>aDR15;OWqnDv2R}tTMiT
zB5}dU4HsmpQlZs_zJ_a*;8ZFPkj<6NA~zKq(@Ut?cm=B+N9KipKt51N<lCZWq-}!o
ztSb+kkCn}4Y3?Z%RLf*sMt^qh%1|KPY=-J6g|6F)45%kjWc)=X`^=SZdHK0fMYCXn
zr*tv4`|Mi@PUnAElv=$ghTf4rtNy!`V}?upgslqv7(kD(F4k1mlPC^_Qml9B_vGr&
zYFT=VVAy0%{@`d#?nC8)F9f|5r;sQu7Xa5KZ*)~(6{_HW{XsZ(OwJcS>#s=6w(orC
zhR|5wicK~ttI)kTgqgR{WLqXN=t$EWjVMW2Yc|<8-qw^Ah?LHoQ>@IR!uEio7Xpl9
z2}%)CkLlr}V8nvp8U>y`<JG#5I=|T4P;#W}37fnIFF!WmQ{>RLOMvV~(`Ho|<5+GJ
zGpnrZuiTDNopC}bPa-sfV8=h^B}cPAT?zS1wkQew0K<Yc+U-+I`|G6Xs9Mjn>=${_
zIxsCfyn2Ye=#p+WPXDkG-AB5GO>4pH8&jeGsf=Sie{Hr_C77pc><QCfW!Ajg?a3t;
zZ;;CQDns>~|Gb^Luh+D|&<H=vzI_SxE8UQ*t-1mBK)s%qVqx)~gMu=G^z(SKha6+f
z4<3x;NQu4a$Fg$^6$&FQn5118OtSAI2RO|5C*)jjq2?CW5A1b;9s*);fW~Whh8@@7
zMr~jmh(}CkE-S^$SWrwg9DS!X*GLRFh+Zby7p!uF_TjTjW{Mff<W#rvxd8hZ4-uF8
zz4>?K7^rBlFm#-m6O>cbd`yk<0DU-mR{%GwoQ7{;#9^{thQV|=oq4{K<gYQ<WB~;|
zs1Hw9uwK3Ya>5v78TkqA05{9va1^HkU2rdZdX8}qaWa*=4f;@TvNW443aY<kT}Hyb
zYAfW%fTUo24D_=Vo8e&$w8E+WGP}Ni$kz6NF`#3ZGABWJcJlBO+9E}GZs>r@gu@Dz
zmlu7>a=^V58?(T+<7LIEdl`Q{k%OMsyB9+OBXlL$wmu8UU(m3*=lfPqFF($rnlW)X
zuOHuL0bA>3h}k4o-f6*abFR4$S+~m6aIZm7K%N*ubJ6#-krb#JZQCzlA;x7I@J4jj
zzq**?9NL8;N~?bop|8_SJ_Zy!u0FlMTJREk{m+igYOvs~qpZf@^v%+LuH~-3cJ_16
z7o6VRQ&SAuHy5B;8(C}kLtf$U`fGlgk(?_M$Zjp)BHPk=w6ZanN#+!sAcR2E)5kwT
z)j+uhGlY{WBX?eqH(!1nx%U{+MKI=prVi;nAbj&OH~^0;4!MUdpFev{(Zh&wO$)5w
zk*}S<n`rJo*1?@}ln#khRHsG!>;nwa++HK=c@UBC#5~F@dEz@OT?!l{C_JM)F;XI&
z;SwKQ3LAE6Sc8eX9{u;kQ!%i~WYp?7)qDGx%rlw-#m#Yop2@O#04~v&XgOoVSps)i
z+?xF@I^n-oZgUaYzT%!}<Ve%w?0dYMx6*>NtYhh$Cos3DeieouSe-I438bO8xDG=P
zy?+kr$vTbmJ&U40OK@U)9S1pD4uKw+k~J5xka5PKfZ?=Gk%5Z4Bk`9U89{}jiS!A&
z6h^$81J*?(;oeivZ9dqwiLijt<(=0G+_j1my!#7xQXS`a4sVqM7Yoo}gOAwk-j6PY
z=7E<st}X*8SkgayUAKhm(Co@5?)-TE`x9s=qU&Vu{v?#VFlwbsXUVSXb+FclI0(9O
z0hMP&CyT7^|4;G0*9ry+;yZxA-G%l)s{U2uQsE7?0A<04TJVHg()aF~;5pxb?s3i?
zh>9e6hbRcsZW*-E%KbP8*;A5l{yx8PiY&8nuiD*udT@#w#@yE1H#fs(mYrJHO%DYf
zv^x|R($E5E70OoJ);&#@(7@Sin&wkKz{av&0=J^m<Js#I*ZT-ais|!A2X5E?0X?N(
z4e=PU9BwmtMx}at3?44~Ep3Bjl_aP4o1SEpsxB=a0pYs-Y$$r}?me&AvtpoMnfjn+
z__@?B{M)DOMXK-`1nso*KdOU$2L8Qr@XjYkIHT0SJk5(65V8!N6d(qKJPLH&ql+e~
zWYp_@Q2wG#FrKDMKrLE<y{mnB4f!iGwb^_nO%rPQr7Ml@@7CMjlfNF(dRZMWf8FL;
z-VX-X+&l#bs1B3)^o&>!@jJiR;Z~-3BPdb?3%-p`8c#hp#XKMQJS%#``|ksWDU?`Y
z-vd0>TMiy)v9!9-o#WFd_1&2H<Y*Pr6R|OAerI}OW@cN&yC=i!H2%D-a<xVT<;eZk
zx$!?D2K7o0rRgGHB5B^zn%E5%r?VpINp-&)zy)n@Dplv1Aa(}w>wvcMexj||$A{-=
zbGr+B8rmkS*o~GavwFcfw)|MPtsE!^b8#ElAz@5aahO_Y2jtl;ntz()(w@%_&#oDl
z#g>=B;<+B|FHLqKJ)ud78=^u$iB_VsZ&cd6^ui3P!Zsa+e2ZY-M->=q(lQY|9x^LN
zzDv@gPOSBoX1Ad)*z!%6AI9~t8UnPfQ#M76lJF9dVz39c-8}rpMVA9><$v5Q0gMK@
zMaGJjviyWkzeX7D?Ud)T(3C>o{<(qmqn%>VmEfy!U{YwZV>}ngcJtf5&2VtveT{c#
zO(C!PXufzk@-_EhtX#25gx``H_O3eGL`Uv8c!M(Ejz~|%MMgL}+LF|uI_iRXL=pq%
zyYxJ9-m2z7B+|&)X8adBHqbY8|C#n!TDC%}6aN~mpS)_a;=h?DhPd;$RU(*eOek?j
zA8-91i38YEEg22#C$#DIomqsmE1}gUowfGT_A-o})n-`b5gLL1B_po{evV#OmW;PN
zW}EWOL{&36Bq2^<bj4&!mc`hLh^`R?ivCS}fv%j4rt)Y&!wFp9YHoY8WX~S^mQ$QK
z-(3=WJ1Y72OBCO;#%i&(pDcrRw<a@w+*#U@@^Fc)G_sz-esxsLN$**U=bs-3>-?!t
zJdHn5?+iXKvetY;M=7xvXrtWq{nW};exl33*518y<d-h&?5~ZS{D)d<7{)>JqvxM8
za1Spn1WR9l1=((Jcb!!-E<qPvnc|w<s58ZyT_zXBGAxjlozT0kdI8>a00!kNdX}q<
zkWn6*E<f9TPu8fV&27MRp$j6zS!}(mqU`+!!f^|g@<Ts7+m{p{N)III#%PGe=+Ch4
zwaK+5gdZ=@w=??No`M45?b}&`o=&z=@ax@1oRdN1I<2<F5kDp^!UDsLzHDdnF|G~P
z=;&XzR71#lCRe307=V8m(cg`OBYPxa*M3(5uJ-|k`n$|Lyck)^7GV>v$O$gItOjF@
zSIBh(7lu}M_zT!D_IF)@_Ug{(n<D~7J+Fbae1tGhyDrC4cOE$b0V3-NC~f(83k#+w
z@=Y82@5!+x`cINvLgi|C7#bPmU{tp6O|*0hvkWiXdE69(Lyb8$1JYPstDbswiTxtD
zRs(4>grX|O28`*vRsF95xtTqnnJ&r`-mB@A3qbCpUxYK!@WeDvdSAY*iAl@2*2SB7
za1~HBVng33X)#M0zUo|7ESx?IvnTg~x9TVZfIgiiV3}e|?>o4UfvWFwcN+V(ZzUCS
zopZKz96VYAHZq`<22sCSfTs71+e&{!)2`pvXg3^tKPv#XB_1TdktkQsjO%{v;vUl)
zsH?hHAdFP-<L~rmBW1RM!XoJ2Nq93%Ah2ZNO!HeGn@fk>?svg8YY#pyIBiX2_x>F(
zV%m}L{QwHGwKUY(buFmIPh#=uyWuGbWD)CSJP!XO1N8x&5{~lz#Fbam91a2=kM?(f
zGxgx!TA$vAEFG*yIVy%_9&9_dzqPlkr%ol*6l6blojk>Oq^%%9wt<1Yt(t?+ALjP+
z@oO=uSD|-bbO}jTVSz1Gr^J8Kp#Lq;UF)t?i&8vT((Dar6slUhmkZ1?6eu+wPFi?q
zC!~b$o+Hi>!DKCTXePSM{44Z<%{E!kaduYo@|R+}ox=`xcm=L!Y66{A)4!*6;kim#
zIc_jIpHZg?{Eq_)0BonhSRMV&sBum{OqZ*211!vsFV5ZDE7bh&_i86Kli<1B2Xo#S
zPeA}%q3VFtlzOp3IpD<3DieC9mDwn@UbZ45-`o6z&w8J6h4S;l$ecy6{0OiXAt$fj
zy=WL8cS9`Y;L-hLs{F1YLhVa@w^VzJ9z%B%-(O49F;{irdMD%%2S4bqQ5T;UP(`wi
zS<1T^d5>zZ&mWnqry~(K1|Hv6$y-%tkCEtaKD6qc;kj~61*Zv_)O^wJEp%epv4Y-t
z(iu%P%IYy%WLOJ-G}J)(V~lHU_JN{HxqMAD&Y6axETNIuPJJP79t(hvRk5bAa7zkJ
zPZ<exF2IY?+wGqR<$ZgLYPgk|Zp7ya(zgejl&(7rsD@X%?tNcN#czJcdf+U$(B}TQ
z_u1%j%q1Z=SPPoW9Ns(VZ(bZS5%>O6T;YTjpYgfKh+VAnu2Ly`Wl{W^HgChRA`j=1
zmxGMcASZB1p3S2=J>CIThKuVM%0ebG;tecPe?it75qe*)GUQEV9`E*f2{G~DhBJji
z=1%M%F+t!`#jR?YLbV%p+t(}NM<|#t*ye_V7kq60yP+jrCBp$(hRd-#=bQPef4pr6
zjm({h5%mf%|6A8)wkfxC&rjeSVN<qg9>x%PSSNHUZ)G^=-!*!P#8XM$Ikl3BW<+Wo
zw=ei{kpb~hy4;i4Sd-bN#7zk*FHr+a1!L1nSZ<QQcKw{4UapbTN8Le+manQFPRISI
z=twGuMh@vdroS`QO7#VvfgTq@@_+kt^$E=4(THli#lEptATSt76~L?WM-!RX-MV0;
z;U3&vEyuN=o0cEw1x##4!4|>GBT6}IZT^iM@xqBAZ=9`N)K17Q|M>^V%eJ{8Xv5v|
zU`%YO+em<WX}C|k()>OMAwAHZx9(RMd5^g%1(mK@>oHDZQFGG!hbgJ>$PZ)W!Y~hX
z0W%ihVtk-PqVIa1b~dgWYOe=KjJU7D{PJ9+*H11wke}{pDtg*Rd-L@r$cYCmdKVno
zmi~^>`Rm8lI!Z+<3oh)x-5iw2cK2jV?5&`nI|&1+!ePTlf9{U`X9Im?EQe(+gtMAZ
zudFx6oi7Y<J0O%eGLZCp*UZ&;Bng(DQ=x}@JZ;rv7Uui5Zbr$x2vSnWi2&`|+n-0a
zjF3>dXAj?~Jy;KihNFnA*IxBotC@vF%-<V4e}n0BIsi2nZX_QrfHU!Va<b8EjJ%`u
zyZ;WZGg*-(rBd)oOxU8K^E`v5B&25ApvcETK41?k&CVfkrrli5zel;yZ88}xAWsf8
znw5Ex|6g%`6S=`@<wAs^<jA~#7YL>P)zn!N73C5MbvXaWHD(^3(fUn->nM!tvr^@%
zpc~O5vb4*+n`JkCi96I%{W9En6H0xJS?h(p+r>cHS?e5SC<7?M{me=s?!`ZMfk@<L
zc`62oSblz^9aK7SY|SQds~tu`UdOOSbi1sUK|ySU?0(joPC@+1Rm8Oef0ar>@DAs?
zw59`UhxB&Y$xV=J3;S04jC0O9io(4@MKflc=eS{0?&on0^wM`hbTwA>KW1v2j%x^|
zI@E!MP&5L*+r`iYyj$%pn59a#X!i>Dp|4?~9<$boD_Sux{kaP=(wHlZ;NBCBUVf50
z&RhD}Ffs@!`qO3QSk3u&-CiSul>yRoFOxMW&(qhzt!hPU@<^PT`W?d#QccD!(4u+A
zNW(+_kX;TZEtbMn(1<qp5-)m`wI@C!O3EUdrIzdL+D4!UI(2lHPa5T8LP}gvO_Fqp
zBDJTDZ1xg*0c4b+FAyKxD%RzXmzam|Q*KfI_IcgYiCR^zb$<Fcxaa<vi`E>WN-#Y^
zlxLmaj4l+{H56=GAh-VzI6%Yt@Oc;iW1)zQ{UDbjEmMI<gg`$vMW;k>e1=U#+i8B#
z6%Mm=`nT|gTPDb^3b3){#DmQ&TjQgOW@uaq4g|jmFGI$gO?(*g{^w`gXhNzkqz49j
z(xyj7`NX)70l|l;%zwN47`UY-U}6l}N`PjNxm4#LY><FIkAFY>)PC2Cm*B6(35o!I
zpNIgZev%&e^?)&Rfi*fup5lCe-us$t%(S(#E6G=+BJ=TQ-(cnuPdy>?(UGWSPTC{T
zp+O-102_JWi7!1B$L6Qc>Tehqr8i+ne1#6(u0^Ipo`WAJWS?(joKSljJJW`E9y*%w
zgl6ZOX$-!c>{sshbXrP!Zb!|VZV!)Bc20NQVJJ(VCXl1MPOr%c5eWxNIsXYXH@o&f
z9k?$pe}UGeY|*?G+S?op>9Y-U@|tumPL4k$5+PbUb>-#-D9?Jk(MpBz^YQiHZ??(a
z-qV3U-P7@jyYZYWn(97#g@<fTpt9kk*4$WkonOOB1iuPNbTzgKL&9!_21I%oDR=l+
zi(G;4At*se*m&X>ssi9^p@A8Z^VfdVyL&o!ODMse^n@#!^MpgV0Lt1X41{X&|J9{9
z%}iTuc6g!sbJ%JCiF6W^y1Ca2C2!aZ#dEh=7~<dOg;GA_;6nk$v3bH(%v*a21CX4n
z3gEi<Y!i=pg$MYz9igJ%(}CPc?rGUNd%eQZndHu)miZ45!qK3@r#_~ZR)a|3CtT4@
zR9xh9P!?>_Kl+T4MJGa6sUISfq<L10y3G#%F}C9st}lye5=kK{%S;){s(1ClZx>qx
z)5Kk?Xf=NG&RCB5p03H1pg)<ZQiP$=RM(%t1Q*NXln`47+E9Uybw5YfuHrq&gLVHX
zQPu7%2%fc2j3`gc=5df>kRWLOK2i$P1eA|nL%l=VpInrvVDpurbv%r9P?oCE(*(yP
zvk9IRkuGF09@G**khhbwV%^Ul%8H@G2NgIPAlUsYW;5an&q~9ECJ{A?3~Sy;{Q|v!
zCoR)(4tLEFAYDgQ*)0*@lDNyCl7rsAqlt0wrs|MT6MxqUa>IhePQ6Q9QnDHZ=T(+s
zEUQW$wG-e_@6d!Wqvq=NxuiDpWycJ02hab4R$GM3j!`O?7wwhE<zPK!48{&Rd8qnh
zM+4S+z}dK*)C56tNX$IR*zRrVN1F&ps-pG-Dd=pKJ>V(o9^5qa&YEOwu(7SJ;6E=m
zITs_itkgH^8As6mZgR*Si8Iczn|t!eih!)f0C*P`>c!!NqfO#6x|}AbOgv&-Sv7n1
zbUgaK!%n=3@F)uN0gOEX5(Q95-8K`%)znXsNBhmaYjp`UNS%&%ufMi*$&F86s4U(6
zyE(AVxB>w~+n15RxFO}rBXFx+^GVr_$;d~2l{_JipPmb4DG%C7O$#FCVBUw^#Gj5Q
zjOSwBM_2_?x4}Em_B4iWO;eBEsOaVc+NjDr*qwb^HI3h7Oi3ofE4W+mvlh$WI)+ZX
zB(Z*oUO?QllxMrAu5UYqtX6LmbL(7gnosB@?&-ZgE88q+pj=!L4(a)P>l&k7-L7Qj
ztkd)9-!bqQ1<qYuK~p|YVzyl#70cURfes75bhVjrPmZu%yb2C0KSDq2#EV0V*<zu^
z_$raGznkwjNrn#*BFKi(<49|JLOlrX#sEnmS;-t<Ip*Z5C~0Zh3IrstQB4IZs#tKN
z8r)YWPyR?=gsf3l<-by4`g0-W3ApRW#5#R}qU81ZEMC2hEG6(E(AzM(VQ()f!GL$F
zpdCbZndhEoKad*Smi=pkoS)Z$!J}5B`<?Iu*L(ZB;dAwEMej|=uIS5}bDxaYg){Gr
zUr$czZ`Su+f3@We%J!@qJS&o_=B^sFJJnYfte&)O4a&}}8@wv)49Zp(j_(>;p`=Ec
z)SZxzt;TJa^V`WySF3izw$+@>e~$iYs~MCXTdR3hlvb(THduA4k1v!yYI7Qt?OV@z
zRkT*A-8WpVt_w7APo9nc@VNfpBiDX-+^?<+Hn~im{r^E;IKH|MzNLF^z&gfhj6(aT
ze+A8<7;7O6L*aL2TzOmPG46s8Vd}AIh*?cs{q5&0!$KcZ-|AFB59K50d4{`j@W1Q{
za>-*Hgp_-7L;?gvJJ<@;aC5ysZj68_6y-bTW0p2};qv=zj=lcsu+7w1BBIH~k_i~`
zRTvJJtj+VF!vBU^lKsnbb=&upw{w7S%_5wvdiCfxWWf+ob+8~6c}@^D0F1)9k(+Sx
zR(hy()&mZA8P-C9=hCEl2x+^VRzcqqS&LpxBSktwQ5(d2f9k3f4gT8gj{{AUsd^x`
z^UUJThO0^<2jTW_4DlbXvYK#(tF`<@@c+2HL7pTqM{kJE(N920`v)rwngH?R_?-pa
z2NDReI8sRaw=9C%kktbm%o~yejsDX(xa*iab96om<=_a{xFpx=(?UvY=pzs*H-xw$
zp)KtInWuI>OEL1d^nF8C(`9u)8w0}ky?1Sxb?L#po8!tYS)4(HSt0ON{x5itQh_Y$
z2}08{n-?G!B%2b4gI5(@Q(+OQp&1GSLLwQm0-<k+EZos`q;0`f`49?POHXmE86uT4
zmP>*L;B{w4mn>PW#p_yWf8T#Cza>diKot*tCA{n@Y$3LUtb^yyak!)Cq`@d;6KAwL
zlCOlA&6z3-mBH0wu)O!e8ydYca44e#ke{E7-|{`96G+&6E2?3T6H*SR3#hUv`IAN9
z(aR@kI}JbZWhG0GxQ_1kn}eMk{FPE}k$-e!>2UYY=*d#a*%4K9IoNfFM-x`N8qJTt
zdyMTsUs45&((l^4!_9l-GQ@szvz#5FWzsB)Sb#+QFys4;+(cj^9GfT#mDVS6!v9*r
zJv@}FpsV=`Gvii>^(o=><=Q_5CaIQ~R<;+D;f2=3a&R7$6_w6G_L8ppQ%r8S)>3V7
zHVSzr71qX8@yPqT?ej4GF2X?g4#MMIf+02chi0S6y7LsZ6U}U#{ZRVGezE9jcWH7$
z=5^e9g#-mm?SdD!ogaQX)xUmP!F%a&?Rhh_--pW4u%5FaWaj?<Et3L`>r#M!MsGAN
z^#L?L6gmyIgE50?c_69Ki#rL1<S)4G*4+Bb`0}la?Li$uj`eDH@#3r_>Kh4kbs+Vt
zHSuB58ipPBx@y(8{e8zDu0dau?I#wA8hAfsC%t!FqY##tj~(d~c4PD28rblC2&^>{
zQ!%UkF+E2?@yyjbO)9INDIFKWqNKO;iE;|g2i@OUkZ1q=O2!X<4_96;QwCSxQ30i*
zfjJpaK<D6eQR@a7NRuc0fejq&D*rCWdu-K_tw<R31A~>?MBT>_jZW@x{57!K3RC|a
zPITp7YyGcO`d<U!{3J9ncN6pyy>pM@Cd9=BuQ2!JNNZM3yz7X&xyaXI{DxRKWbphg
z1>l$A;q>&P2<*6fT)8tSId3}mPCIY%dUZB9uy=9lYH3}qWNIptZP7J@!jx96z45(N
zRf-lg6D6wr=crSCZlU!5-c?hp)UN;guIgk^cK+XYRiaMyz6GlX?GFZJTh^Rj6@^uE
zHw~$s>N5*gkJ^j|^pjfyb*>NreSrkP<laD?8^lvzAP+EkG*IUbY1bF115BRH{qVS5
z)fa5i_^*+8Xgzl)M*e|OWdRb%xdz6~5{svNp=25Zb)%6V=b-&g%kX99T*btZHIK<>
z&Jd_!5u;La!Hx{A9{}n`8^$t&F~hzap7}(x-?<j?=_+a0onCrlmPb2FB?-B;^zTzO
ztK@p7G7g6gFUFzUq9BT0&t(Qk@%eRx;3h^ySxdRSV|oVQo^7Pt9Y|M)PkE@k%zu0E
zZfFDHG{Tpah&pmQ_Fk}JQd6>}#@d0zW%2%8{<ae2g8&C0!9|yH7k0GL$rNqyQ~ior
zj}x4RLYj-k%oiI1Y`ggrHgtp>AbX-p-7|@kps6G){wy6+)}xf*4H2jbg?5@(^nlNU
z7XH#Ay6czw5t!A^WC@CWb{f2m%i^5^6}bDay@O-^AqYoyg&21HBhPFLh{Y;S(`;u&
zw;X#e^ILuE&q^Mv=T2G&Q=mUxixHpXs)a95nNuC5|9Rqh-Wyv|tqvG`&eSdm3Jc6C
zVW%yywVz#Mlj;WFetUvLW%jT1yI;Dj0PHQn!V2~UkZh`+`9}<!79K#llSB<9(8#Vh
z;vRc(R^e?v{e@O)lC!chp-1S7_`Vd)8oyF4#x=DdcNwP{5(%YYRUm@Sztj@qj8b5X
zNrCe~q}5cyWBaHyoG?ii?f%M@lKU`~_oy^K{2SZ5eRhDDpWspRG4yZzM77DjU1@2&
z!d#OXf=`}Py2aCWoFGSEdQ{gVRMI8BC`e8DBz~R<f1|!X{Brf8bB9>&*&oBDhF@XH
z!}t+}Xex^nt@IiNzv@gfMS3K8bqShy2lpl>lGh}66-gHq#)z|*OGOJ!`Xk@vs5b=V
zFZ)loT2{Ct0{dhPlG_6a%xe0Gg#2#{SCj}<t?+HktyN^T%0ta5ByH7LqVf3Vw8H}J
zt9iD$ODI33f5y$G*Lw4P<md+OuHX8*T{f}lh{<9{a(A#BTMmvF&clvr`&q4XgrS1m
zdL#(!KY#b!ntoRag~J2e6D|^ULC{evh{9RT^hI%#04<^B%i<>#V;F>WXPSF4MI-HC
znXu3$3iL5VwNOD;5u4O&T9c;2mtHeFd1xlw`G_d%QdzeXpY9?B0#crwR1S*>VPE!7
z<G2XdmqF=Oj9)#0LL%g}^6-ixotVR2Zq+55+X<;Ez;6uUf-D0<kn!^0fqAwCAEM7c
z0%>ZNt=Y^RdWT@SKhjRH$2PO|t19WDP628z8MXD~**Yyc>TfOV6?S`06npVvu#7?q
zkW8xqlda6{bKI?)L7avmHFW1*bf@Yg;0+nxHj~TKNL&w;^>K~*sve<w$?1tI&nigJ
z)o+fQ{>CB-iTPg%qO#V#n?(NfQ`<O^DkB##zviWa$C@vF<vPP@IC1{TlYN1vbWX0e
zqhakKXy{izZE%otUC7}y1lu!o){FA;hxSFbD@9&F&mn}T+aw{FjFH9juLnN91@Gmy
zEyR%WBFO6_)4SFV>=gl|U32^1#OF<W-ffc`+Pps2l}zJv1ud-{8o$nu|LEzpmdUy}
z9aS>*&6zc~qG|lvI%d<=D=ZuP>6B8*G&5(`+RC8uYwx&LS1+k-%+YD7l4)hmtgY2X
z<JZ}-W7~i1w`2d30y-rog=LQhA#YBP26{o6PD?LDnmm^vL*vPTfjS3>r>+1cU~*)j
z&JohCE5Htz93QCr0eRLH5Ccq357hmH2<Qo@0w(9o0*}tE_XyiuCzvuDA`Z^BQ`%h5
znKC;f4lcF{+sms_9<|-bm@`Kr4z9MB+Fga1Gp8dCZnm{LT=kh<G)Z2L4_i9i?W!_Y
z$`0<1{~u&9CqKio(H#1ivu4wOd0YN3@8<ubS6=xE(>1L7f9jw!hSDi3KpIfuWiZwL
zCw@G!i09S+mW%(t<je<{l8Ik`N<-QbkUq#<X*;+(Z|U%`yZGNBw_3bh?LKC%gdE)c
zFOpc`>Fg*;r`d(i!2JJZJw*q1M=f6Nc3GJ#|DTYAr_4R?a2Qy6;BjnN{tG${GFN^b
z-0ih^x!L_6Ao1j)d-e$;qo<D#t^eO`G#%WXwRm~hZDg+eA0gj144<DoeBq{p$6As%
zNGJVLRlJGK{H%%f%>r(iH|uUi>0Dj*JU^>$wtjqYJy~Fv=t6fvykuz+CG$mzi%DcD
z2!6`-(8kNEe<MHroZiFK9M`S!ab(Qij~PSvU37C!R@$b4;ispk%%()?WYV5Z;zME>
z7nWjXnnABeBu@yZR6)1f;Y$K*3(S@iZEGyDpWK+d%jBlEMSp_lX9)WIwso}bWXPZ5
znb%IHPVyiZX^QVd?Glf*(~nsO)5N+kkAoH0i9!XlFd;|C7v||q{eSRWt5M|{XJbQY
zJ=$3dE1N;@Bb<Z!GG5>`Qal00Vulr>_m!JM8vRkL<n;M1BFv0=95!@|y7cbOTWSo=
zr%9KuZ9Rmix#dGjiXf_%qfsgr^Zrd5%?~?z^C6Q@$`r=M>)G~~QObuIA`RImDF)3m
zg5;EP&7(<>K3rmZIIDv08T8U6yUu!ImUNh%Rn_xCc9&06KP7xhMO`4(Z<L5{g(CMl
zkoMMGomF`aw5`9(+)0^AD9yw#;)@0GU@}ryScQ-rdjOLq@($;A1p%M`vt+$*2&OUm
z>z80S<I}Vd4~I#_b~BJ=O5f%q;E{Lb7%hj!!RybhGF|sNH_`b&8KLTG?~$6#*0fR2
zqIZMnz=2tDoqze}E4ZBWh;X_7qTYW6P)A)|;+Sg6Yj#59>Vp(57(XQsJd9{Aix6CW
z|7j=uOPYX*jm)5%rG4P|GOPhlX3JUfx51S6A0m*VB+20RFXE5J!0PVNb#ZVg`SvHi
zHzDH^afx5<J<gZc$OU?mFv8nc3Dw>?RvTYQGY1;q#EWgeglavxCgyLzkxZu3U3+?I
z+;yXPnvfC|7!p&?GD`!r@S0UA(ffRr2|`YdxmRt!%#<qOBl<qb3*p1a%YA-+0%p+J
zPCIo4{Mlsl9EA34a!^z{Z5zx*GbQ{iOgJVg@&FJYa)742OC+H`pd(|;xTzlq*}8pw
z(6R!Y9R*b`x(uHL+Xr1bW9HnV1{~yjyyFYa#XQjl1E)qvki)V@aS4jITGfDWuw|bo
zC5f1-Eo8Wd-w{c)_CTvz+>TwFDmVYq=tZ2ZP1gDXrq1NU9LqPaQ5<Wq#hHSKzfz!P
zy_s-;XaO;2dz+DYx@aQkio85KKtRmi-lk7?yB$%`?!WVHxC*>HTcms2H37PjEnm_9
zWt!aH+l1n!)F?}%D?EfdLYg~B(l4VOA)5N=3a*kZu5!#sv;w)hHn?#SLpP3~L1m_3
z5rMtUKo@Yt(A|HG<)(^Ao-vYlw*!3Z`2Vr{AMZmzJvM^;%PAd_Imw>!`wg$ro;TkD
z+F+bON+_~YFof?vl{ou@0$pMwhM+>Bmde*qC%`SoV}HRb@9TX$Zx|R_gNTB{6iW|>
z-`;X0LyA6G*Z&Haxm)9<1ma+uZ|Q~;U^UWJ?UZ{+dZbPlT$<BB<!PR>H!#gI@L|-t
zC<!;H2K*f4Tm=@3A4)8$0J}aj#qcn{lHe}w-w1{&At4Y3xc^D7at+|vc1v*8#Yf=x
z^(?g!AiDABPP-U5TIPBr0w+m7q^J~2&PKrI%BgXDu5{jL{^0n;J(`y(bj`j+jZF~L
z;io;)DA<e-18u``8q#w%RY}=9{fpB1oU-fgiMGcCb>RDYuW>!9dATF*#g6K@0JJvS
z=|@4<-Ht8B`v^&OeryBwP75f446TT3wRmnCCbU~zQ}{-^kX)j;1<Y4Xel`40(ghx*
z)NDzN?{h;paYlD%_wCVU{O3OnpC426|HeF_;xFiaFt$M(ekWs(P3R!znd>GK)fT?F
z?r`ACMv*t1zQP#3cUPhRD5wF}YM4lI98PSK$s%of5vDCrs_*D{(7zDbI=j{qczL^G
z5a;b*S^X^gr#9)b;uwZG;z^%jRT??QzWFYY62+nZ5V7Gs_mr|Q7QPk}(NTe9@#=@W
z{yxSSP-;zT6Rjoh6Pd2<x9^nol|_o8@6*J%qhlQda%m!6A{tYDiO&r;G&zj&1gr;0
zgpn1E*sCFHx&=8iRG(T5%VyBr-`S(HQya06Wuvv3DuJUcZvPJUyRwYmF-pPb#S!ji
zXXB<q>Yyza%nLA+Fv+q>W_Y*G)BuLcTEY3^-Je>g*|h1Bsi-`t8C^H?$D7-npJf>P
zN){9f@V_aCvhM)Un#UDB%lBoV_O^y1R+`yusTUjuG6rR7Uwv;@ypanJ-D1K&&8gPQ
z3xcup-EvU^xfSa52k`o`u7>QF{047G`hgFDj7oR2jw-YJU%-)c`TYTas7pc9*WM1b
z<`mKzGR2%yWX1QwV~}sB9<4fFNTe&kT+^8jwE1$l#TWZ|Uw%Cg-Ji5cONR(EUZQ6G
zj`FQ?rBG~%_Sr%+VXzD=x8>ZMua+Dqisc+LK|oYWlHMobqtee!rtK`6RhCN_K_?^H
zTrRjJvsjT`V<iSVL86|?H%Imie;bsgvlNoq5>wq@(B__3sD8uK1(qUbFK(X*K_NcF
z=H*(vfyomR;G;;95;1(Uy=7po?oPwv_t6{FbrPodL~D{Z6Xx+`6^ljv2o3rZ9$E3o
zTlPI7dwYG|h<Wc<m;^^JOi-134<Hl0)G-RDpxSx<U=p=3Eu>Ue_``?g+Zo=UQCST~
z0MD1G@FI%^SBOt-VAsK<u;Cd>PBvf0=B9SIa}->ojm9_u_G?C)ogX+eL?{D-j^gYW
zSZ?|oy#8Ua%Hij)#%oV3)Fx$9CkD(dA(0vjokuw=;(HMhx&s6g7Ogr5VcgcGQT!8t
zoJQQ-px!9xpItZ5@OffA`j1i(j?CaBpZ_s+S~F@9I)1_(_jjBotp04hPYG7cRk*Ac
zE2=3Jh_=GcRDX8l*Tz@+x1YwYIP*>0l_vxnkrl!}hv;r-QYqz4i7cb;+Yc+J&-q6m
z>$5b8p+BMI-<QwHn4T&=U20#~;tbiBk1L^Yb8L-4J86?PGgG4HLB^tDN$wN1H3>FT
zGC&d%lM}U@+cauu7;Qp1oN_=@<x$N}rHboj^x^{OBgv4o2t59T^G24P9(QsQAx)&~
zr)a|f#rQG_bVu<ydU33TbusSsCIDG{YNN2D#`%RwK$O8y><L91zJ|Gd_Y_4@UWS=e
z<LSRQ0~^g;Dc+0AW+Yffh)@foh*rzQxgEp2Dj}m1Ug@#P5Rjfq*E)5gn!=_Gh8eBR
zKo1O#q^&r$j!ii{@)M=V2f6e<*_-dvC0>P)Qp0v?)#rd<x-1rVGonJqO~`_%9i<4|
zb!AsJ$*``6MT|_O{X$PnBU!_j#3?q52EM59w3LMFB6Bb4=4VE2vqLqUN5PA+#)9Xy
zzDPt!`;&mB(WoRb;lcz(5aR&4ZmfoIBdT=x%@%*9G=pw;6AH-6zWQra$Kpmdj>~6%
zee|<^X|rue-l5$Zbl{j3^-tvKuX|4~TQHhefw}<=$%^bhv*Lu+V5f+8)}%;hMw<=-
za7IK#v|bPt9g%QwM#L<?InC4KR4QDE)9fXx%EIeLbAq7Yuk|!sVeOmVjXN4vgbH2y
z%qkeP3d_Qh%EbGWcz=GR7^9|j(yAUCD%Sv}y)HMm5w2UAr3hnAskKRt{0Qqng{h`1
zgZD}lCQE_*5~U2LLzeXz?eF&N{Y}F#zUcGWqgNDU;Z2}v(pR=u$j@NIl--QdTFiUZ
zGn$`<;HR|Jfz<5LPV_#}m!^Mg%0i?4dX>-i#)p_V(56`4Q3&=6!H1UQ><_@?)??$i
z%tuOm0Y^0%(AcQL#H@^?hI!|%;R?!shJ@K(2K9az*ZgL2Ryr1Vc9*clipj$f;QwxU
zG13_~tawJI$RI#&pvi5?%fvQLrFooihPHktA91w|+40s%Q&Q09&X*d&!v*UoT=+Gp
z;;*PBhcI@MJx2|Cr2EarW7ml*5vp5CWq97z`s~9Q3{#SanPc>RQ(<J@JFZqhGd7LK
zR?RRP@BF6OA&yQFa*#%I;2v=+pB1C)i=5_i4t;gwH(7WFuY$7npEUMxSfiTXmgp0W
zJ;q59Y;zVfsiD{~F>L1{CZv+EvkJi|ofO#tI0M`1Ocu|~b+saWqZ~;a&^U5A3E`JZ
zVs~~@EK|=9qlPq6hzRXPhnRlwZ=pybXfu=nu&+X&@Q>sCRBn8;(V~f+mF&2-F!vB#
zYPCn>L|`yJ^NDv;`U8FkbMmqQ#nk0^*+RWyc4~OEfyo9m(IG0CDsT#ZsL6~YI~Y=T
z2s83=4NG%*zNE-fpae?>lkkiYf=r-*YQA{y!UmrGZRm1Mpe+7~$wu;rAfzDi(@03+
zbdC=*r{nbJEY|zKx>92UAN~5qo6?+XrD}CwXm^+#3qa)QD<&6c--bF_ORNuY5>N0P
z%ul=|gaT-J@Jq^xkO8y{4hHG9M!kRwdn!=34YsOn4ipvgQJ@5WwAmPJKG&D7eJ9ta
zS`r8ts)tWQ9S2j_wd?6lhPruCMVd&mQbHq00;3g<(zDb$MDzn2nhH{2Soi&x1PHqd
zaRv*&8IP#KF^#gRZn93>DQK7PDgg0qx#Yh2cXpNOZ~P+ii+3CBkOqXc6CCE07MZ2|
zuhgCikVpJ79&|!JPW#klEC81k);<i8IWz%+1)T6Y{La?<AfFD0mBCT|mmsc;dM#g-
zp_u}YR)$73n~yObp?Wo&IZ4F?y=Dq~wE6*Q`ENp`vTJnpeZ}(e#h%f0P(9y;p;@$R
zhh~OG?LXu{qD|cFJ|fnd)oirs<r6DuDR8>e$L;MYyuGGQ`aPr1VNnDBeUN?`G3WLp
zQumfwb#&R$w{ef)Ci_xG77UQf{k)XrW5n_WTj8*@N7&HWi#;4AeDll9I-UF9B50eG
z@NSQ4L@?dmw}ZR~xtgkf@X{)H=(xiw2~~ABog#wV>vZ5Tqz6~$B7F+T#UYoK5K}ce
zZ5?S)W_F{-n0a_+IZ;qxN94}PvEIv9t3inAt=&HyeBLfmv}K$4&YAf%o<Rw7Pgk@h
zS(*y!iP;CmPtmkxGSff4d3{#BF`bLbh%6!?|Mt>KYrV|p9r0qBx`=l%-e^Pr<KmhV
zl=o_k((=QEM?S8wK~CpY5RZL3-Fd=Y&mncK>6A)`z=C~Xl;o9O4)S3j?QsD;`T<Xu
zJDhjjTuw2K@>L9L36u2V4W_POJA2A$D{{bI((aQ%ghw>90<^3s^_R{BcFw8{yr+l3
zbE!V=w{iR5=MPAJYZoT=#u&dSm}pL8?Qw~>_+592C3LT9I>&V{+1J-;yZjX=ILxSa
zIFrqG$%LA}+&ca@;@&bUt|bT%4i?;HZ~}xd6I_B@aCdiicMT-CySoR6puuHu4;Gxk
z-5mludGGu7?B6}Rd)_(s%&qQ{u6r4}d#b9dk|YT=K3@&jENu8C`kr^y-EWfw`<}Dq
zv{#2KyoeYz+DJ0Mu9-{jxUckpUh|4DN=(uLw(=gcv*V<LO4O_=G}4>$LWrsLqF|K<
z{oB!+jpa|aHoiTjCITWCV>O3819#K7`f8jH{q+%UGM$$>wXRkA=}dql6<sQmTLaul
z-z|6h8(NOZXKi<`8h_xaufW#M<PpU;UOWFDNPA}r5j1c6#8Jf~<uqiTGv(?rgD=(E
zswc`4Zx!ddOg8??yK>b@;PqRd*Pj`<Q{NW^L>Fj0!!9JsgR5rHh-YHYz>%vaRwP#D
zyEpTY*PqXjnFkbdp40XmoU6JU%5RSP26N~koS{KB|Nr0w6Gs#yUP8HscY8PD---K6
ze_lNRpc+sTL7bqy7kf7f)RS<JNEDE%+y#xRw~5d-P3(jfC417sHx#N(5ZM&1X0I2&
zd#}@eyc1N&fOPx0zcFu(KM!lx0tMb>)i_tyf*_uUK&}(=-VJ8|U&i1o?~TVRsP>^(
zkH1;7zML2@CK&U5wxJy+#<`Y4CIDG4czhekOpu`JDNrBwU=tI3&M~<cd<`tD^WbSt
zK-xm1q$r^tI;&bd>mY{g+{MlgxNVrokn^rzX8Kn(cXwXZJk#%TzEJoscTJGyxv?kc
zZ5-PfjWHK1V$=g<VG1@dc*u_h&uFz^U{M<$6IqUUqM$h}=jj;Y9bZWp{gyemMdhq7
z!pq3^aLJS@#J(F?X0=ZqPBF*p5Bx&uwP-7b=AKi5=AM(O1|ueMJfl)SQ|Dqbi@!W`
zBO$1)o32P{lWEMw{+d1I^sooFw=;*(qF6nuQ*GEdmwJqRc~G>}ICflz<DE3QZ#zfN
zN|Oa`ZH~!4j<vjPez)1v;&NQ0R3!Qo9ssZZhD$lp0H%u@8s4qCb!!68eR?~|nL=tK
zZj~m2HN!r2$dl7Z?tdO<ufyk0LdOv}sVd&z9!ym4f^Kr`D9u|+13M5y0gk*D4fVNF
ze4U`_tQ~)suUJqWwL_9{F>LLm5*}1c)+|8Dkc@-uVz8QJ_lw8H#Cj4yUx8k_&o&Yb
zV)3U)1gbdZK+HK8?d;Ly2fP%yx)x^eU4Q#1{+5JYjksbla&`{TYO!oueV%VEqlB4^
zd`~@qRTYJ)4V~Cg!2;T0z^P1En?A4(5$BJP&lbv@bj8L?z0k;jk0r}v_Yc;4JLIuk
zlv_wOa>_LUOkYIeQ^MH-k|fjQ<foLw30pktRvS3{AS|Yf1S93MHP}q#`4aL!tsZ{2
zXCSG(<>UTZQg=h&AZ#5TW<%Sw7M)7AQx)uc5&e~f(+;ElvPD7m<~bC|)sqtC(j82%
zITdSaImH60;)FyN?V4PfyCmArWA}N1OC0FQ)qcIr4|T$f@w`x%Ik`{P7Qc#L4K~lm
z>z1z7LMyFkYggtl=l$cymkjFY5fucnlj)y>8~kcF6)?{B?_QvZ>GVJHTaJf0&o?^X
zYD1%a5_vNh9)cdeoA9BKTLD~{T{t8K9+2}-mXn)b4vJvA6f1Lg%0%-ak7R?Gp?D3k
zU(J}=&M69o_6cRp!%8ovdc%1d;mFVlTcW0vKX!6%P>T%`VJF(9u?&p8A6JKF)wAsR
zY9)ki)IW;A7dG^ChiY(MauqJoPm>!LhUk4JBt)0s-tS|iNIny##Ti%}(fhME9Qm@R
z*Tc9g9x+1pPt@>tHuJq5?~6ZM7U2&MZ}gtzfK@LH3nygc?V<v{lElF8FHf4!xYb4V
zOXhD(E?#eLcQrGPp@qd>)FIBuXO86Ran2S@l=2qI8~H`QmL2*eVVT>MbJVGx`xMx=
z-o(8@`c~v6gB&_sB)Ue+k4e=l*$+o><#^tSwojN{VwJDjsoy3!i+dPM_<7f{B-&Gx
z>*pT#EN;qsXEZN*1AKIsUh=#b+pl9d_*|Qq(NtF1iB%VvEBj4zBK!RWSS!qq=yQDJ
z(ir~Vl2rFa&s!2`OEB@j_O?D@tqN&*NBPT`!v?ZwTyFC=)vaG7yEyr7AnIq*=m6<M
zVNB@XF=}Mie^i+Ngs2BY;Zz($<SfQF;1D31g@eI4Jh-A&KYIY=yqrR?-R0D6pftJT
z8Qn2xhmB4q(-wj&nK*Jab4bq&_NTwB`vQ^J((31%KFtLwxc13385tEu2PBJ~QBy{y
zRn#o)e>BE&LXKTr3vy8OBe?XXR@+B#)p0!cL5oZMhU=4QEm`Ab`?MN^P-eEj%Do#7
zCwCn(!W)mu)FkeLBzTUYV3O7yQ5JgXJ!gAxq_yM&SJot-9J%VD-D?!%+p>o7`F(TF
zb2ugdIhcg7)_2P_ZdSN;%4GQu*ZU_Huv7TN@wuY#k}I!Ye$wX@VQD%QD*cAxHx)cN
znw~)RnQy0W>U#kLLl8efCw5XKhoP<Hf{X+Kd{Ft!=UORHP14mY&{p7W#1}nig%30d
zqVPpVL*;%%Q9=tV&U9wxcQDGXTz!IHo)t#}&v6S|P$7pcyZ9c(mVq~Al1lx0pvvzO
z$M|<AS?(|zH7z#ds!kda7<mG2!2XYiFcvi}XSVD&Oy48gl;vOF*R;^>T)W&xv?;1O
zHE&6XEG-@gEA*sA;QOuh@%m2Pc}jUK>Z}OrhMX?88yabZ@+spweAPGe{^5L|#G)5o
zW43y$n2<KpB58cnn<uyB_JlqT);+4ll^>-$TyuS;O{S6t7bd<0k0{6)Z?dyHy}(#F
zgUO`D`l&a2h_!cgwrw`iZn@S|bHny7KoH}wabbm&q;pRSOr;WsAxjQb`%Whd&ONc7
zm<ROiaI!31%rPNopjD)Ehzm*Rz8qygDae))j~$a*|1u`Zi41=;^RP~cD#!No@DCkI
zH1pYtpg}$JTXAhGxrObzJRF0xmEb$vju);eubvb3J1UC2G8V@us+{(<80HYspHEI`
z*i8Ads@4X~sN2-qk-Rw0^yTIFbuFJn@hfoN6w<(&PX}d9CYyenCpxF$Cq4h><&~9K
znIfVU>DvgDNX{Om(s&z7{gUaesTshY0-&#dXTz>m5ZVyb7dIXe<xhmWbGxU9dF8v+
zLl4W!W>yl~4<l+G5et*X+x^*RI&FyX0q2|Wl&r30SC=7CfbgT@_@8~CX7AR3JJWVn
z0c{3h!v4FLfw+pwOj^}3HXS=AJUz_oGD)pR)vd1udVyiQHGm&y=Zd!-Y}hPz+PU$Q
zCUq&)2&6gfYytA-q*TT<x<LI}`qg0FX8S3p)1V`Vv7CM}2w6l%>T-R6P01O51mO6V
z-a39K$+kVLe!2d;7+)(i_g=GwlFTO`JZ#Qp3n$<Y3#XiX{)n(hC>m?s<wQv|Yc)q~
zeEC>Ow0$L~pUrV#{&7HWFUaZ^NTqK-2|IYaREX4K`d0=ERE7prhG*n0u=8TE-g9m9
zmOjoIDnb{^NrbCU20LLtS&(9S3xo|>WAPyX!Yz=Cfk#iY?o;CVFx+V^NTu3SvcHi+
z15JS&Ba%an$tLOY>DnZjW{-G##%FAG<!D~Uj(#&`b-mL)nR&Uy1qO6GNsx~c5nrCI
zG@*HMx$)A~-$h1cTfP$;;ja@trp@3v2IHJx<I3r|8;Ac^V2_i7<Y@AxxDr_uC`HJ#
zKcXqn!!QX>&zjMu1eE4lS~ug$bdM{rcjMfFFT>pmlu)2}PAJ~~U;N<@D1KRieME<^
z&Ue$MpbQEN{e<FDb1hwEJu{FzAHz#9c<bO-{)ob{I{wSt0)4oMOhJu!iA4jc_d3`B
zjB&_*(Gsxqt;7So=67=952_>-`9>pW`9hZH!sg^5$=r~KLAaF7S&%k@V9cMCsaFCg
z6B6Dl48kUhT5$Y4VwukEiK_R<Z8EIrMA;uM#K0`En~(LP0M&>SyD$OzgT2?Cme$v2
z%#pmGZ_R3Qu&P4CyAJOk&R!8s-rliIU^)y6zC8K6Jj&@CZd4lboNE{oaKU^CzOM}2
z(?Wec^8fRC$AIgeW>ZQ-!>^ZdE@ZlMT@Fn&4Q6umv~bLzBj#z?Vi}(UOk{kE0J%6H
z(ub0)R;GPm5+ph$r3=QCeHN8OCH*{hFGgZ=*%lb6&dW6;DrNLB_i*Fm3!Hv}ku-3Y
zp(~#bR7IBkMw*1P?}Z%pH@)XO`E^_nmeS8~*gjMX^7&Y}v<D&u7_$i>3H_PbVp{$W
zPG(V{!Im?q3AcqG)?gd5J43mlH~O$gBJ$Sl3Cx&KHo4hbh^$fXc*uV^iZ-1eS2MaL
zPxp4qhA-{XN9AqqkP6DZ!UEJBsl_H(f?(zy_vt#G@*~8lFgcgSLIW-|JOwEYvp}d4
zhW10zFt?x!VF@;B+HOl0uEmHF3aM?LXjuDTO7833eR#_+YebO81DWq7R@LnzZr!z`
znS?_1vD_REOpU)oB|c&yO1;gD0p;l19h$AF=@r^N4$JmE=mA&}Zdhssu?PW#v)y_(
zqF?e;ZNb7Q`^k*^!NP$TKK%GV$BlTE6=X9ikuF1JKPT7%JdgHOICAcxOtNz-OhRbn
zDyJ{>VU*+r9m$U(Sv6<FaGdrYjB5+8^W&N^z$7-8!2kzU(9U7LI4>4c(#*`IYSC2K
zpAeRy9dgXM0xS<c6AX)BP6YzdhYn!UK71^u%A_dDJ+ahx=!swH8oq<k1!|}dRl=Ja
zjyvnFXhu2Q&bwrT(gcU=H)VH_xaSbz;IkqZ0bZ6V?wxygUG&UoKE0N}H7Mq;71$)8
zIw);l-S9B>sR`N3=;*Vh`ibEtWUKKO#G^lo_??X`>5q>RYpJgnkZ;vg_Tusz?qr{<
zWz|r-OgsfPYT)qKnX&ZrhM++y_{`X~tq~TEDnQw@ud(GvF=dchJb=^q@huwiY7%2(
z0D1toKNa-M?`{e}rPs(Dc}n#=QSxo1p)KW)_r}Dizftq9x}<x89{IR7dJ#j?PiQwS
z?gxuzD)H)4xZ#N=n^SVb*y!*@CNeFW@EU{q!V}>GQ6ziht)$M3#mgNkx2W+9%hjPH
zI0&`g{XEm|X_cbhXKoI>m~&>pX1-Bl%=)6@!v;Wk6Zty~GuvK9zbL7IN-Y6DKdeg9
zj#d~3F<x6fh%e`JQ3-B7rf>MHD;1t2R@si|&=#4fH7~Yv%X?a7=QuS{pfQuOG<N*A
zo))p8t@gmbyyP|SlxM<|2KypaPt}72E{JmN#ef^wqSidvm!1gmOY%Xmw^TG8AS%3z
zNJ%F~eaq!u6`D{g8)qxNDM0ZImxwVuVh|hmlMJZihgzFsG=^vGn)E$pcC+ZRwhR{^
z_raU~lRn%6S`<3(cF{>JMx_zcKihn4%nFOB1pJnl*d?r%>zZ72hVtM2JnPxL5L3@v
zB4&TNaTF)@MdStf8XJ!L3Bpt&5y`+3s1yuc!zb^LY5bw>?!+imu3sGePQ$0~8Al}0
zU081_UUaNuKuBDd&M>IXOQ1rehnJHBTjDaN<!mj0N5Ilb3)&RW`n>0pM2_Mmp@1Cf
zg-O)e6MDi;@m}^88FSQU<<$KdnPJOiY=yF*J#_>Wuj;2hqGYgBCiye@G^IU&A|lL%
zOuzf6#dHaVX~RwXD~6{ROwA~YYxgp$=c;-hzx^<3i?V9>4H3b9SVzEu83ND70YW<l
z-4u)m?Z!rL8^R-QMF6T8JkQ1{w3~XGTplV$=j$zDQ)W~^vnj$OssXHiD&Sm%@@vd*
zR8KwiJh&X_cnz>*=jX8cq4<BLwxz^l$twxd%qedn5$;oIX2Nw^3nTIpTlm3@bmNd~
z_<j3f*l;QhFY9H(T5J(O>-qHc=p`IN&L2^x9w9GWb#EmF%nOZkt3HcP8uQw%bqBk-
z+VUHZkR*b%NN%x?4l60epj&pbieb}A8q(cyK)0{F?+EYot$$C!0|Um1yGiWx)I;^o
z`|vC$6141#OiXO<m7#i};T}s@G2FGJr$bz(PVI|=I1u!>2xp*`hgAj~Jqrj@HK=!e
z2dWAVJYw&WLJmF9##OI^zz85FzBk=Qbr@D~1}60OxzV~g(VX#Ye_aY>m8$L1BT`w%
z1G&V#lG5ptR8hB(9I@<32a7>##)bEiv#)i!X|keci4}%3ex!jd!46hnEsf+KLT(Va
zNWf!|_8Q=-$qfUTaR#0iAc{)KC?iKwp1`!OB(RG-#(=sw5dbxry>uerW9>i}yD`P%
zzEBXchc16gxQk*6;|QE%GLq-8zUbc8wB0ZUk{M1ESNyZ{88v<2O~k-p&GgukAokT)
zQ}$V|Mers~20%5m(ZNmXG%HX~27b({B4Q-@yz6=fAfLr>@jBIG>0IfoydyFl?w$7v
z?xFX3+vuD3Uar&y*kS{C$3i794c3Sxt4%VzLCB3(+kC_I<gN6DX+%+8x539%X?MqR
zO%NMXmSW`2yw_sZIXg*x6O}2OB+c1PVY2lDZ^UgKbfeF%*k!cOWfH_SIK>uBM7?d}
z>pHb1jNIm!7#&lTvQ^Pr7({WuUn;HDKqW4_z7h5!SgOA16_K_odDuqWdNB@tgHjK^
z->$4IX*$oX-l{a@lXI>O%;aqHSQ>cSN^HdvQU2mI4EoJWMJ(AJ_+eyAi#U;PptF?8
z_mdp(cpW9J%ZbkvTF@~bR(<^^{oBAvTr1>QmmP4-W3*|9eeQh&wN{Nz_j7bbO@wU!
zN+$X8MK?>v+|g;hwjTe+rklr43?cTju#QuKdOGadg;j`iypG0euY`w2M7f}e*Qy@S
z;&l2>JmT<_O-GO4xTbBC#f>N&O3x^TD32Ukv9M~CW&aPNt!_}u?P7jrF-TFGK%?(t
z`$u6DhM|^`p7%lmm&u+d7P#!jId5jef}>7TwVuB5*7Uf-`bSFlXI+JxeNd4u7z@H4
zCGHMKyeJ9r0)>*-fb)r^+?CWfr9X`MmieUsi_74$?ehD}@=|Q?>{edy2V^|;K#9sY
zZ*|Y--G5J%%4-tUSfxIUh{)Hud}tpgkx-`EpjrDM#m&92`26OI&T!%rdK+!SF(|mn
zPiTs3S<sTlQ$wv=hTn?*I@8b3HqHx;8(rehPuW(Q`Q()IG<b~3(&-KJR#!6Xx(mY_
z!0wX@BZ{4xsO%|$W=*mBb`z`%;7fQ~32ArlJUc@vgE3EkZZm3Zz@V$0PXcc#vs9Jk
zIQrl|oW((;NPgB93{yHW&BEoj?*>miHyT3)qKSbcVQ7k@CO~-cqjqZ`-Jhe{>}??L
zSNLhW2H#im5iOMYji39$u#2V+u)6%$S8oA`AEqWgC_9$CtJ+32fmiFyHT1Ye)dwEQ
zJjK>i*WKMCxOhg|H#54U<!2I<lQI9v-F{2Yx46bljurI~wusny9})T^B?!+cJfMG%
z!Ts2HltBBf^*QZYq~3R7?ybiDPK=~NynP=kvr7g?Pv%_V#vuh9mb)|_`FZx3_^?o4
zwcQmOBj{^2ba#}yAOm5JuG|EN4}uVaTDZ#W{Fx#$40N(`zB=ESIC_7ik$E?LdYnm{
z&Cor3Sl)7d+oF4=NM%^Vabh)B6tH;qR+^1Qb6E$L)H3F&*TP2^<Vv9nenwY(0l~%2
z3X3yt)Y%7aSwDav%y)ATrc+rXA<Q!+^ErRan3u8d;?MoK_bB{vLfDJ$)6;U>#!tN(
zUC6<Ge6YI?hK?lB=6hl2n$q+et!ytMAZ%F}R9gGPERcQuy0+}Lf^Rufj=hy(cY}kg
zw`DE*xZZyLfghh(VnkxU2=;IVh+9iFLOMs_Mi^TQ%!eUyPv!bUQ-$rv-M4Id>rHqD
z$c5t%%^CI|cj0b|7{R7Yn-Ehao1O$bCzl`J8Te^PtK|ub*|hFq=|2<XdhlrZlJiW#
z(MDRhhT{uf%sKQA>4WEnsnovq4}aY?#m1#ggC%gMi^MlpWLkV0D1BTVT0?F60aTk}
zyk;ITo|x#+bm2G!hb6i&&GWWi6CEg2%IAteN+ga~BDGQ7F**(R^ecZ7dTgRLo%Ux`
zIMIIDnu)Sr3C9K;>CgV1K(YdTE~da8nv^4#8G%&xf8}wWf)#u}RgriYgU5dY8VOhp
z;Ip!Q>UK?6!eL5JRwC#6hrgKEg+?Yud-C2D%nSR>Y>}=+Hk$6~`vM2D37woz`$LVh
z0-1jQ1RMlBs8Jb1Rq!J6*rZjz+sqG34)79)@=*d=kj+D9jTS(idn)e*0`J}C4BSBW
z{kK0$Xc~1ZHcs7(KLJizj8MhhPsIdpvsn91ddMPfC5b@7i$Xj*aAJ2Gj3_PC)UG~`
zX*`f67oQ$`%<7cW+YJmc_my*Ab7;f*c7=-39kY7m4`=({ZL}GtJV@itv>DL@SQ;C-
z9LS5O#<n^IahyMH?+>L~+YEIk1!KHFVyHGFIXg#nUo(~+bMy)|I6r~*5S>9&P-&$l
z39mr_P;z`@2c|Pe@UmAVMZ^_>3uk=bZ@4{%>PEsd=wV5Ri~Kkbu1(vH{z;+LQzOh#
zs3_aZ9kLit9tWr3yuDFg(hJA6O%ZGdCx#i%P=nelf~^g`HAq<V6@eh$78$f8i_Wua
z$_2(NoPEL;C3NV&$|NO@@;-mdZoaoFyCN{LPx!ahA}n;jL-sPT$<PTjMTY0gZYCT&
zzQmAdhZ5!!o;h~Mo)~xZ<8Ma%RhQc{(&mcNKCO5g#R|3M5sPzNyO+{#T~m045hYp*
z%m}VhC;3I-2qnSn4{8uQ7G5F$hHUjTfV1hY#FaPhK})lEPH8XAjgry{QhpCcr}GW|
zpH%<KD=VOZb*Hq?kO~!9>Z}WDAw&6>!n%>t4u+Frv&65I(jFkDN?5EYxr_>>Y+Q_M
z0ze0<4XlZ43iAtF7Ga^ZW4gz1G67QBCq?Z3RYPQjJOUZ2@B>!!lI_22p|8cco#)6-
z6;*A81dVbYv%;X%F;|C{mb*MY;U%E-_pdygSEu@7^FywYn!4EG_<SviWx3-ifU%4r
zECmGxXV@6%W<X|{G$}5xY1QqMADqsvUr;yR(cm*f4g6@T^XD7Wm>Mx%a7etGB(b|R
z7yai?hX%<LxR|!xD}Oe6iqo}0<qaM;wcaTAVuP$n6Q7XN&OV(|G3Y(}M9<y^aGU%+
zSg2BN6&_%P$TJPWI5rYUQ&_<6GR$e%;TRGj@-0Wq{fx5mW9W=It<QDCkna>zy(J3$
z6ZEtq0n6ToVN@ZQo`D87rSUUg>_-l`@e&8Vejf;YbWqI-hD=<Cu*GG6Fp=Yc-iFE0
zMzl5GYM}dVaI7yWid8&zB-4-j(C;$dfnvml;A1V-c^r*2JS4*Aaa=LR6~Fp;nO7Ja
zI#KDOZ1Ne}>KL5T{Oh7YbD-lA+3-_@#E(v+*r(gh&CV)^dsGU{9Od8WBz1TAG7R9E
zzxP;MzdmeUgA3q1=W}@D-;AGcv$AV65A*zvoFY1ni_2;}@s3C^TD%P|ETJU9H6@?^
zZPv{SvkwL&-r<i18$wsz9lw4*?e%k7fh>+H2d;mbI_tHA_I!>}=9itD>6H$@O@1ov
zLzkngYw=^hev_X#Fg^wsX@6zL)_B4v+rTHw04+}b&LEEwgFiYUVI4J|wnro}zn>xo
zo1hP2@vj&z<1;#UlUJE%LvQ$d%3~YUo$IaZy^udX$8Bm#^Bxril}Sqn<l9%OMY<8J
zD^7NPE7IIIYan5_DeDIzZh=#g&!z4GYlG;3U+V%VVI8qPjAvUpqfadm-g#)}5VSL(
z?aFD=-ft;a({DxiXKSe!MYFOzg~!>Jdc<SP-|0p8H$DT{H$?*!+ON*$J}S4^`%xH1
z;j}QL-AMmhkxD&zQrJBnX%Vx8cctP-ZsguTn1XcuXUwpn_`r|G2Q%XFq4-qEM|xBn
ziD1TQT&)uEmXQ}!XZ^B@=YIJo919WdZ{;=7c<3HlzH@nLD%dJbO(t<w+EH7~#)3+W
zQhD!a_)0`$2EiKh#)&VuqZdb^WSqg@hLTz;Jjuf%VZX>$J1I-^Qv}ymEC&<Un)*z;
zpE$kR1{5LAez0>Vk--(HW0wL+xVv-ef6e@1#)pZpWo*Fm7C_@902h2~6esfn6B&4`
zXt@}XCI`GG*?>#Ht8t<sO{rFoU-JF44uaHG!iVeW=}^_<*v+>?+8y$hBO<2e!vcl4
z$>`f2e*F%hNls!HnAt^E?|5$CD0&k?>ok2a31cy0j+}^$v9V-v`zE&=Fp!e^6h0&0
z;v`e(hrUCP`nV=JePDWpjEu#0934Q@WTzN(J>wh0VjOA!-r6^M|2_Dp1k{yXQYkC)
z?z3;&I%O}LOSkH;gx|(V3s~m3!@8s47|HJzv2~<(lJmF;cH$-D7PY!a{>c`%P^faN
zmLni1c(7h80yTVJ1vv(wvDpOkf7QY+5nD7kSm1`A$MfH@V4=KPmUy`me4!PDO;2Mp
ztzcxxH9ntk7IZ7N8EAmRbTAK_DdnY0R=y}F<w};z9Ad(2QI4**fMyT|x(dOQni8Q-
zA!NW<=u)#W6N`<zYinGU*i7>keF}k4w4%OfmEU+El1%7M9_{>SmgfvG3mY!AQC+{_
z;aoyB`-R>MbH(|Nmy1k2Nt(XZn#I^2{HubnI9Z#@@UUcVXF}^hvgH%=crL(JJWalI
zW{k=1$p^@sYAEg+dw>#Q!Cs*|DgP1W7HDp9m)4H_t<EkwL{!>SR{iV`I)t*UAF*>l
z66i`Xg<9fJsde_TYFaKC&xM-MV0<12Mnz&6v8Z(C$>6>fn3$zVWY3;OrohVf)xI>i
zuqgeBhpF?&Gz7eobCDv;w-IR*a@#oQSI?C_t*wj7xIr0Ym**(52%=snQ_D>|)8$E;
zePCq@wF+hFYYf4ItO0t*0Mx67Th=evkPnS2&UmJpG8Zr3N<*ify@Bkq*jqR8M5h3~
zJFy!ghnt|la|6w4O5P-vgAXRL^^#P2GIwaO8B!lt$URWpf0l-teTV{N3GGwRYf$u&
zRg>&RQao{*!TNqoWJiQkDOmw6?xpkWlXJy7IV2GS=VYF6-o}DBwsA^7gTkQ|AUva4
zz9cY$gEI~2Pzcw$E-^K$d(=lpTp#4S`EC;&iHqTaJ<-3E_Ag=l{1H%{6X?zObCvuQ
zW*E4b?jUp3GGz^;;VAXWrm@8-u(7M+C_E&I<X9m8I%ER~50v4((!wHJvDDAn!CSep
z@QZf5yr!HZYW>30i7>q7qg?1^AF;CeDS>%9y2yqx%^T)Uo=RHg-ZE2PNTbbfOKJhA
zAN05-1ejm*<?y|>`fwY7m{HBil(_Jebe@J2nHMmfUP!sgd%&@!;A>7(Y#93-qF>}n
z<CBn5D^{T*o$G2d=%rE=S4mk+2%TF%XIOTovi60tR^*r~Jnbb7pPM(caL75e5*|=g
zr5L{6fagw873MuL%x20-9Q!QklEiY@_Twbp>KqYOgdM;aZ`hdrHLPyqm=tfz-krXc
zt-$$hk;LvG+irMOxlFE7Fl)2=cKyX#BRqg52Gs&ZyF)^!=x9euBOXCl^KNTY1!E^&
z@0>?3t~es-W-H+PoEU+H5lp%?pJ|&AZ9#u4`s?Y&fD8xQ?+QMQu>(b&G~_Pk(YG`o
zum!4pug>!Mb|r<i((p2G#mjvAtNbx(etyq<@|pg0jn<~WA{WY|50qesW`Q2T!bi-i
z23pf+!OVP8NUdd*W~eS8aJ=0`E}i0n+EjvwQjx(P!xiz@;cCHv2ts4%|5yx&w$U)>
zoS9cfDFf8yBf08|rgR|5qDC!1EqmOsIHqzX4XV8LX;+?UL?U?~fnP-mV?pGr<)g0E
zoR7m&EHaOYbT@R@RT~q*kswzSb^tf%nfP%CjLXcqDXaHO_OB7~*F(s4;p`^r`Yt|S
z^v#eb5d*1M2^)%~z*l_|=Hi`qE)n(-3V~$r!tHZ0TdbBP|7brEwkc9=xJ4N#gBEa1
z01k*RV8h;8Qly<RoJ2j&ug;{Opflv~<1Eh_vE%!<?M^DB!68xkjm_~NQ9Y>a6h)n{
zRLcc*Br&XlOe?yPh6`X$cf<N0x>H#nm0t1Xe{1PrWWCd;IYAZRiiw~!A6iMu-DLbx
zbRnI8U8~W2Hjr_g|2uXD{d&AgB($JnBIgU4azrK13xAjMw|HN8XCshpQ5+5?Vh6qE
z3f25Po$jO4iWQ7;feV>@yUEY9tNPGPJKPSZ4C5=O=z*t#F2~I>VbD_UeSG#h@LaVi
zsq%(3&Mmw&6zIv<{MlBFvqYR;exNrhJXE0`1aUOtMdhI1CrKZ}+IT>@Q}N$uyg9Ya
z&r11Fx=OcW-KN-5M}8TQ(<EY$TCt0<rDt<x&l?0+R8a*ZqUxXDG;?d1!CK7FY5IpO
zw~0<nCxiTt(>P~@^t_itk*S~ckFOEQs92`$y12S>M>&PC@G_ezVWtQJBJoI<2&!Dd
zA1)z1Dv)YpSww?KwxSEk9WyS8EPIjGT|2Zrhp~`rvG0NeN!w@#+6gRK)DshN1Gl;%
zF5o$$Uzq)b6YH922a&zz^=D!N!iQ)FB1-NvoMI7#|KP9z7Lr@(L!*u{T)ZN!DW+(9
z0axxJ>}v*Ji2mUdS>ywGwr5i^AeQvg|E1CPQ9y@E3%SlW{i(HL0_ApE_?MeF7G$ur
zhw2{U8th}r*!O_IEApuLJ5F2+XL<2kLKbBeeRrZ{z<iu|4#~n928V?tU1>e!Ih;wP
zRekju8$lejH{h~3L@jrWFpB$YDkEy={M)K}A}KDv$<76pLYp>@r)*M+UgZO=y3D2`
zfqWtM73a|QuaDjDn<k{x`+p$~Xw*Y(xb=LLcYHD$mtfpFTZ{Ob=Sd>+wYM9PgX0g~
zylrp;h7?Q2zm+F_<=C;WOg&0IE&}4pMz+GS(Pxzf#zFRQD}E0H7M|dEQIwcaT<Ujm
zl&z`<p2&Qa?J#-0@OGlpDeDaFW3ee_rlN2?%f0+f-}>&dd~Ae31y33+qvo9|v&4>P
z`Eaqp<2NCw6YG%$Jj%FVW0NG<Y1dI1&AUp^Pe<hPql*D!PfR9P$aY+L;?iLF_=uKY
zrsMaMWkf2~tvO~|xjad|KFrx?<ab=T9j-iuZzM3JtZC`ruBU1H^E=%r^5A9_;<fL*
z+<AXgwgi9aBmA|Py`4ppT>lu!M!nIL?NZpggP+Q_g}}Qf9!&q5%0|6;kVVocw>5ST
zK3w5SV)O3f=1g*SvYmR?nR<pOFOQ~UUpP-hquh~`I*11>b8%WP53oDN)zETJpp)j0
zreA!^cIk`dp~$}$|6DVVgw#S<m}g-F?`zD0f|38irP!|Y1~Jo~`rXE1^tZK2Y%Iq+
z@y}=TNcUiCJkkh4gla&UMJOjqQbE>thX}k+DBjKDLfzve2pwAgvgrS1xfTDc@GlE6
zI65Gpo)g8p4oWshg7C{{5Xgncf|ArLE(Bf!?vE40z-Tz&T^mOSgmowdgi<q6zcY5g
z1Byk##?dsw(F50jSOjs4{UR24ZzlEB148>q5PA=c;e8>?K*DSd(#y3!{7KYgg(JI3
zrKFfC%B&Y^;DT9?94W{ns@Bi%L4Ca*hkf6!{5te$_~d^qP`|Xr$4sI;yBXZy*Csjd
zhMZ{pIHjha^r05h_(3Vp&t-Xzn`d2&SAB&w*1BUv1UNEu$Os<o3rSCo(*QO{#qdTC
zauU=qW?4AbIY`I-ZsxJ8)By|Jp5$w8O>RL<)(@F`?6LLh96aUi*Q=l@1sTvujtJ^v
z{d|D5E8{Q}PaiA}<&T$VL_W-)Ahi9%zRa2OyICY(vpG!fc$p39!#u;rUpcjP_DsL~
zJNd~fF6?g|D4yJbI8PxvHJZ%;Ta)!#9*uv7MW1BV|CbJe+)X!sLQz}UFf-8FVF-8%
z`Q_B#iooX!9ZVVUbn6-u?&j0Oaf|-+3g6}@jKQG-i_nI!Z?djfAYZE!z<7%u8>c_u
z{}(9DgGxepf-3i9MEi>}nM&!_vvLXyofs=&E@x4LF;m=eEhsJ=o$lOXc&7xqtqMVh
zx*mCc0n7cX3(2xse`p1ANQ<#F5b4*a@^Gty<Qd5o*xYoZp}W4e7M~Nz>3M1lr#l5X
zy_F7S@HpYQGgJ`cUy0WfQ{1vye&E&qRSNP1ZQl(xaq0Xw2>{>0RU3TQ@+;5Q79YEk
z6r}r@HbH)d_19inX82fH?MSarHk63E(AeFG#yG(`&9P8Lf70)3#=C4yOB(^1&1n}%
z`(~7geC_>cIIcQFxtgDXMX)0mZ>Y#@a@LI1BdpsWOC*&dz0jdjRyz9ITN~rx?AMI-
z=d_1l01hlQwhY?}l?3(5zlAYcJR{RFWh;V79j^%Luh;6*FvaN2i)({P>zdQ@0rsfe
z8@mj<YE}QVDHV^K;;3(-j9}xpTFTUm-wqkfjbQZaU|k8=&X>%ne7HLL>9ZIKE&-hk
z=3MDE9W8BIHFn)|K29Eu`paP*01v=XBRZE4)9J*#%~NnJKm+t~hu3Ra11M4Y*I2&P
z$*TjU@Aq-~ioocz&}ZGzvYgRI&T-biI__;peXFm_dD!J?oAP6PLpH!i2tb2fbJl64
zt<js;dhUDm&CA1%U?LxOA#&S>iFLzmo*;wfj^GJu(}>y&p5_y7{6VwESSr-|=1MEl
z(G|li5BuDwBfn7lgyl;;{$^2cqwK(UG|%(^3r}IR&mf4?VB+a-d3oWf3Hj~r_ed0;
zqfzhhZjnS~58xF~fv==dnmjPB<czl#zzSt5sz0kj$4%jEh9OorlSXCeI<i}PxNNw;
zyzJM+VFyKWhtiBc(2#GC7}MY&`m?lM84d|!F;j4G%M6>>E6I31U(1*vzAL3BB(0Px
zF#%_<#$?)YuQTHGo{*+VPfJx4A3*O)h`af5eU}Klh~_dgT=dlB6JHmVIWb1VGF=Rt
zW~2HpaVy}i6y<d)GQr6OD!2cv+~up}qi@>W3^|6HJWGz>gt{3vv7d4CcJGj;S*%#`
zbzV3bHXU=$V~Q<j{~379A4)m*`l#q?@<-9~mv4`~NrzcmJbB%^=0e5+6uYl!(N(wh
zV^uQtw?k#KE$6SUI@?ORokPm5x-Y;V(O+^R@D|1IOu}4*hChUDo{7azMV4CVG7scS
z?g#s0c4l53Z$(AvpQ&ez$sB{{SZgb%YzvaU9ul_eV0gtT`6wyw7~H9}NfX_<m19%r
z!8bbh{47@IWeRFLC)8MM;KF;t>yX;C=VA0eFG&Vnm(&~m(!M2~+vbZ>e#gXi`TOHa
zbK_OHE0BRtjSZ0i)IX1S^!wvecSB5-Q};s|waP4^U39`?hmt(6^#w!ydhc0Zi59<+
zmOm2;k7VwkAyZlkjf9~Z36Kr}=`C3f$i{IcZ3W>zIt+2wUf2wUY23D>{+C3#0(fb;
zlCQB^d4h&--b6N1nX~Cbbz5-zUAU1Ad~}is$Wj+NO}ud<kyEciFje$^&tz<mXkyD<
zQ?A@=A`O=X!Re7(j}xIpZwvv9g)$M72!|@y$6#@%PMupqy=FY77n;OrtSE@^bZd^V
zVVY?zbse|t*$h@tn?V-;n=@E<kI8~0r<tx=j5tNZ8YD!1LnoIy*0M%J^Jq=6*bd67
zt>DDcfKZEJVs<`}V<OXbfGs>0;Bs2i-!2&gu~EtM@SQZ+kb>!u|GKa#zeCMmAmDa+
z>Pv6`7Q)PO{yKB!_b(J392$OjE~wCgczP*ljF5|s-xF8S!!Im<e*iC0;@OtKJl|IM
z-#;w{k}tE=ZVC4yZLwM=04~rxjSFa#NHe}$q9&8VIBc++yJ;H=y<yl$E%+m?_vw-h
zOk9T+I+0pPC=E{Yzjzc~IEepv5zJ&Ydl0|0$Kt<vm|@(?Y5X^aFitU<U3c0bsX%)`
zm#<;dS9N4seY>o18YtG7!@Vt9YAJqt)KXA>q}lkX_`5wv^TK>m!BU0~W~UEkP1V;b
z%f?S2m%}PNI}-b!#CCE(37r`SE5X(pmFT7!1Md-Azwnf4m7Nny)iH15^;b0^*flt@
z<kXy5l1)&zkPlVx1gx_m2iEq=L;id0t8Ji!LIQ`_NHMn?SE%LnY)<`*3a{xGHt%x(
zh&9!$oFx|*Z|lh~GX;AP_K7_kd4&^hUj9alnpOAq_dc0-NqMEWtYAh6bylb{TX}HD
z(5-zxK<pX#9!uqoUhIb>5hFy7gE!bR7U2ZbGP^VR%Dr1b9`D}G7|VVREtG7({(A0j
zlHQ!utAxmu)(JzWM&?nai5k{2atg4)UQ%YjKHt4Zjd}lT%@mGzlX3?C=@Qe-aMUxX
zdLuE6h5>zrw5}*86_eF?kuE8C$EuAE;+TSbWJP4|e&!e_qn-duBXCYcS&Zk3Dh4fx
zC`RhgJ*9pA3!9}`B$dFf3>xn<Dd)Zx$@{!Eg@9FuPpR4IU1eX#g{MWFv$tXljfG>s
zzsnm^kD;;X3Gv{ZmN(TdYiIINBDgwC0#!(n7Nl62EgjTqIDC1mF^SILJfXN*Qb-@q
zynO+ACvu+nT$T8ptu>tS%YK3ODMUXfEw)>&XL6qS`PIf)o74Ets7Ofq2Fp-$pXf6q
z7KGP7<qutAB-#e(P?4E_fd*UnrExs<SBexgQ8Iwj+Z0ZN_Zlak^qFne9IxI=8!oUZ
zus0*FOb$EoS**_`ENNrrXJvS$1}oPZ#Lqmn45R}Sw^YM$E;jujdp?QYZuLrf)5EvX
zs4|E70jPF=MB6#+Yy)_+y)C8I-k`Zh-0xyIZ`_)EDs+0iD|oMdCjW$Kb}7%Tq|a<x
zFi3{aE)@?m)jCN?av7~~6|BrsOJ)2bIyardqbNg_qR#Gaa^F-4Z$-tKe5sV>A`1$&
z5Wm&kUK2UPaG6H>=kiRC6i@qmng4VB3;+8$FsjSmk$FK>XZjJyQj^%|SDeL~0Y|G?
zZO*`Xa<>SMA!M(W{y75QlRK@kNNF?4Ool#>>AfN!eS6Vk#Fk>K>D~J<e@GgK58TW5
zWk-=|Ic)A=@CF)-+??1c6@O<aQ7G$h2O7`(ZN9pFpO#!B;Kx(@(9|r3DVBu%O76?K
zYUkg(ll%^H3Fod~eSRNSkD5wh5eg50I@zF*)%pcAIX~o*ngN&m6*H|*86&uNi+YVw
z_a#3I$qRM%GQsg7{x9LrwDWtwaqo^q^#{He5}B6gd__-RaDT`sW{bgLgl-tuPblH`
zEHrWY@8D6)A*Wu-%iFVq-W^P_-krK<eDc?Cb}fABdnmD(T(kg2L1zxg1rwAqHcQU)
zS<sLJ88g_O$e<QARpOups(?JB?w9UH#1GI<vr!GtXVfOhrAWezqVF^9cG_DSMPJ{5
z(csZS(d>IqOqU-}_4jxM1cU*Mu_{x4hw^KA9<pw_sD>_#<d1Q>@0suxF$EM5B2LRG
zP+0Cz-P;Z^`;QAG_*Sc1=Vd+SFvaG(u4ePm>LbaWJpRS`n=GnnjLeCQpOjNX9Ovgk
z6BOM}{UO|ZM35)Kb>^35p`6Fw<K6ZSpx8&Ldl?{g_QO7mg<A~PjZKgXa|8E7fi2Tb
zsL2W7{6|qX?1poGZdZ}3d+Ck}TKLtd80tK}OoY0fOci_rMt4x^Vl?Y1oQ7_uj%C}Y
z;B|F}ZUT-~HK1~ap>pV@bP;V>3^YldLWL>kVMM&iaGj%{9fLI`poERLIU%|Rc=PO-
z!NQf$_xJP5<7Ci3n476AX{hTOI)1}ikY*PY@B@-MNB?-QG>>5laEAVBmJto$*!KP|
zli}}C+ZJcD<BC!D0@fJ1;qr>$+J4MW!#aX~S)iw;KY$+*+TxCs5|QgLT5SKn2cn&i
zI}+hm?$m9_QJz>Tg9iCjD%jx~lQ9>uvr;Z#?!-)?GH1pe!ALpF2j~Yt-^Uh`9_2jr
zPp<o<G?-q`QDXxXdn&;Ad()8e`=}UGosT!qKy}+HZl~Ui)Z(KjV(spVUc7&Qq!Rk8
z(jMFKrd7O3z4;zoZi57k0o-(pW-~9)+E<A$XbmCh^KaQIb8R6hOI$uU>&p3w@a~|p
z>)9p~b~&Q!vfguW=5=FvgSFJciHqiC05RdAu`Tw~(@|{~<JFPm?t;>B&G?J8%_rNc
zlB&6e#*8NQnR)9aZ3dkRGn+=+s+6j^AB{^*>dW)i%i4B26?WEYiDhbX{Vz+$HGMDE
z)(BE+X9g~HT^xTUE@|WIR2bW+*;YkVsns=>H>uCfmoI6n=~P(T%-L3DRH@ZB{#emx
zXx11#nRE7O{67Q7oqg(8*65o#M^FA^kfGUQ^kmi9r+H=VzXki8pK4bG=$kP|PyS<&
zp;=+{WXAcaVMXA71N>ru&G%7jBMmc#F>z~En#+-SBZDXQVBi*!sgoZm2jLY*@dGqi
zhtDMHLg4dd5H$AbfocJ!)ax8(B7~E5H|k|z^3`TVfv@6?UX<?pBmJW8Xs75?{p34Q
z>G;yO>pf4hT#iZX#u&)tSV?ltSx%??Lsn@Q)rz533Q?4|K<++yn9zq!?Cx-;9%=`|
z?Gv59`Chp+1YmY0$j`>ok7oiSxi5s-D6cyXzS*_D+7U^Yj&%Fw`MkCp@?2n0$|XWe
zW#IBS#+n7<kSi>C8%5oLv2mfbB|y}lQ(Yv?9LY_>U^6}0vijp<(K#633CD>`fwp6w
zI@Z2EEx|C3NKVnja<83p#`hJeV<>oiZHlBWfX2;6v*H-?O1b|2v;ZK#cmaEsmU_WX
z5av62tyua74BzJr$}iuH*pn+b59^_|?ROWXoO`Nh!=~|Z+;P+s>;A?__3|?^6>C*a
zQZVg1RwSNK%XBY<yeJWyh5~kI0#x(HZus6SVjnZc(w+pch?~=_e@{7YQPKaVbWfP5
z?~F{QyQBd2eMw!uplygUbviE!@VI^E5Bdg&{=z;XA9%&!nm*{~EXV!(Isd%dX%%kw
zPx;KF)<dCgw@B2>S4@mYq4@B&&x8J3^fEp9hTAsaWY~ary>W~bnfOMqJ&pk;cZT9?
zs(zgts0HqKCGv#~TpM(@!rj|Rp%2lfuJSoH91GCQ^66*EtnoM(8;w@Z7;zTwTGK(W
zyT9+*Tx8cWpwZbX@K|H=*@JHjzZgD{IL;IVYMGO3DJKcDZ8LRzJ(MdK0yp3<9x!7q
zuwKZ@qir!eaIp>K<i)*#TI>;EA<?7JIe90NEwzv7&0QCpU`oJF*_lF6FU*Kjc9Vz^
z_#hfXhK|D^`43Q+5CL8zxsXp#Pee)35y5?M?JmtCc{Z4aHC%gBy}gfKB@7E?oQ0eK
z1&-L+8ga*3pUt&98usf1sUWXHHPl-^T=8u_{OV(GMBi27*E{$@4;$t046e3)yiY;S
zct4UoQ&92RcbBjTu&7M^Ozk@_+?^z0*DBB#KE0K#M>1)DNub(j3>vJ|g-E^WG)~<8
zltv@8CU8N}NiZ^}s3i%zv)}NTBl-1>7*&{eFp3s9i>_i6`zW+`95PH}*lBPes}N~o
z291nPoZ<dl0!v^*^dzNx55wsX!?>Q@=$&WyTHMA^HyQ>#rlH|+4qaXpE>7aVJ9!)j
zb^*kA{jbDkpl;85gj5pfnq}F<0-t4Jz&t6Ta$30V+l5w1yF)94K}31KHyeSZ@ks%&
z&lZ|sC2TAWw!P^d#&1>gaY_2<TOz{W$;|QWy>X2`z}2XMa?Qdh{0I$Z*ZdPQ-A883
z?)3_F!X{4}J0MJ`Jo`;4Uq97E-L}4j>^?qJrLTuP*sXTWxxT7L{%y(Xm6yq|xmlGk
zj?WgSx3a6G+8_Rs(`zl0;dDDFVeFeVOKU|_Ni{lTmDMXL8)bJ(FJYXSHOpwFS4lNH
z{2{BCQZ~x!wphZrJZqNOYO9j!w@_Tv#z=#IrNh>RezmNZnsC;dq&wy?{>(AvP{J7E
z5eZo}_G~6xWB7j$R)u&}Kvu0in~B%{W6<2QnP|-}#3K{3`rm>lAs%gzReR57lC}RB
zH1hNyTq6td2!*Wvw_tXNM=500%F}~*?LP+1JUxik^g=vRA*=tFz&~BD$*2~BcH1Nf
zOh%;)m?h8TC`Eh&rg%Tk^#qylq$fQE@j;Fw)>Oe=<e<l!*Q*-(y~>ZrzZA*5YH~pP
z<3-tITsb26#0|(ENSVeo#6NF(64R}^_6yGKD+N@!uWl)Sw;KK#De1<Se}k^CB+xpF
z=NZH4dRS0h8>`6n0B>1b?*O&4nJon@I7a02SO&h|wD6?ZO7G3e(U@K{+gV)+1JR<J
zcp5tg76%Px8N-(c@hVLkG~la1-q=4q40OEsq#<%`$$+1cTUQRN@pQkp`ctKtW9^3g
zbGqd%-zRbObyrs6w*>8X*jJhj&kkP#kYkyR3NT2~xQfbUw^)jFg;MD8{1WNb?_ltb
z>0)Wc7+D4;3JGx;AS|UJ)s9H<ojrGsYMt+PagXkizSd-+Y6`F*+DByZ&=U!T7UKt<
zxyytH{452Yt>jiXP*yA|1c|#ERxmU}`lUc0<?S>t!heUU9I5+K-EPii;O7QZ07})X
z?tP7k7-?$nMUVTX=z4mgo~O;(RwyzQP|8sW?FCCAf0Sn?Y`%wI>ELR#@2B0^?JrZK
z6Mz9Q$;aKF6XYsXZY5UT!|P^oS&^ln<@Jq6CN`-+t5f$&Jtb_@b_3-*SV-cpUps(u
z1V)m@VV~N7*#j+o_O%Gl?DR!LFxfSM)tGQ1=0^eCXV@m51&a3rP*-s={CXS`Zs0rT
zJ-XIlbhup|v<+7lr!eJ+?;?+A7RzCpc)8MLhHNVlF`q1|QMg<TfCjhk&o*!{ni;4v
zfhI!sN9UAi5Jc5#-B8rgm+&;q1vrggV0g9t&{Dqb<EBthKFMXLwCD4fM4~{q3H3Ak
zJ~XC<E3PHs?0cna@$dCaVHFiH+_xW!qurwe<S3(nEGG#@XD*dIG?Q&r6#Bm*2bzxa
zrnOhV9r&@U2ijiu=1m1lz+q_iO+jJ#UB60L`Ju3qpBgzzkWLSI-)NJvY644$i`EFu
z1cv8g%8*_BSU_f~9TIh?8TZDinU5>oC=4dkvb56TyoF{8_3aP-jO3kwiqsRON_xbs
z4qK7DJ(@8CMN=JQ`cW7Qre(!onKb@N{ib{pdo2u4u0{1P##%4nRNL5HvnNH#|3!cu
z7mm}Yb9etJ$9s~FAZ{V1<!U|P*ZPP}ZU`NgkaGV<@8{d|a)f~b{-pf3#AxndwcKvk
zN-uK_s*P_K_J+Aemd-g@nQ=BR(V(%*FTy3cbt}F_K{Vnm0=S@h<tD{S5?0cnrJGy;
zA2WPguNdAef8`8os5m_ZK6x%Hf(>%$1NoZtLc^bY$}Nu<&+hClQ*ReIdD(8{Pjq6E
zFa2p$KSH_8Sq(e?V1F<xZ?OCl`@UQDIT{tgiyS3XS6p_ukWOzQLcx~tGn-R)f$X8K
zKq!}75p+wlOQM_)f$7A|u6V%oRC>RjuQ>S}vQ|XCmINSV#9YSp(FFF!J{Aal-&qGo
z`;Jmq5;Geh%6{&xHFYf~p>U2v7BGy-5|ja}7AMNUXKgqleMwl9N`XhYdI7tJg8#rP
ztio{efEC-)TvcvZ%7Xd=SFEDWK2wgYruW@3GQnfJ81(#vJC!r%%!#8Wm`s*EsE?%h
zCgVBgp%$o=6W-sCdGGt_D;9i~q$}^8Y(d%E6LmuRYm_*a9U}{SB^|Wtg0qE9qT1`D
z^bGY~4d?Ixz=619{(F8(TSmE;-gkty7gZlHW<&w<pq;U?mgo(LtYDXh5u#3^t}6iH
zCJQh|inIsg^he8AkhX>ByyPjs3x^g>!Bqr$AdqVPJiXCgxPyNXrr_-Pb0mIuu{mgO
z=cQL}7p@qKvxm0++%`{WUAb|)Ob7z=h%OT1vWBxx_%q9pu-R9xI>qhYh=P4CRQAD!
zj26%R8bE-rihS~t{HCitTtZB6a-t~gC(L2YQdY7&G}#<m?HA*#RWr>%k9VImU^y8K
zzck-QfAJmJsUT>3c{Ldbf+sL`?O&uU>*oJr{^IKs{w|bsF7o~X*QPJXQ4i0));B*#
ze~ah5e5<ZWc%iD%6ts;)E{LMbbjLYgds?qhnf0miiQe!b$TeyHvvRqQ?I7%+g+oou
zsNZI#zfVg$PiLxH3H9yaeNMG#w?5f=U-^2j=A2XUkZyCP%3yMyODptyS{`#|HFp-4
z{g=4wFR{M*9}G_)H{UZEIFIg%E&J{ZJ~{15Tayny!G~NRtF{j5Vo8r24|rjQ>-+>&
zi0I7)0$WA6fYvs-RZ2Nv47F^?Olq8qQvW>OZ$vEaV|DwGw?jaGJhpZF?V0;79S=>}
zdJ#;drZt1em!)DF(s?~uj{m{kTL<;=ERUkW`QRGd-8HzoB@o;-xVu|$3+`@#;7)MY
z;4Z=4-R&;lb56Z;>)oo~eg8g++RyAvcTe}sZtqBUkI9#{uS}9&h%{LPGG(RHL6gkG
zO3H8rt@<(;xh*t%ndNU@A5Q2=5HO-ccXn#<oCE~F29oVQ$|s$N*v&c6uG^XFjXj77
zTJQpnN|tnie%5t<dOkd+8TI%rOzSOg_EOtCwzFz*+Fq^)RH$l2l?mEWK9^C2pC7E!
zUfkBN6R+H-ICQI~)nra31l_w-_59h`O7gruls_;(O82fD((P?cc@j3}RN|-Y(?P`*
z>7hIIP9M_Qo$t-bw^wsm;k=M<9$Y6X!DP*X+kDY;ho0Z3Ld62Av1)t*%6n|?#I?)X
z9S({45A5L|WoTBo&ymId-ay4!;lcQH&D<Q<-gR=H%hL245ZOB;J%ghPC-(?!?&9Bz
zGp3q`0K3oc@c8$8I1URP`g@&Bg}6XwAAm9Rj^TjxT*PY|{X(UjwFunXNsswQt8fuM
zeTZ;e#~Mnjq~JT9^Y^_EduCm`=Q_{Mazc8J5JA`L9rM?d`GoWo3V;Fj`Bl+eyf8ko
zUgz7@(G%R~-Yp6mW#a6JKRCD(NLs^C1I{({ec^>T%!kFzOT%=8wD&?a9>0_}9)w{1
zUBrv$R+Csf)*yS@1h)I}L%yf&!++!`cj~wk#VK$`PC^K=G+g_$UcZ}b$4@g5cB?5F
zeD3$+*7kMyO!2`YL<Wbe-5%W=nEzKq|JH9#(JVkG4tb?GBD`!mwX9k940LihcN>CK
z;R2J^pc*rVfbifGU%`42p($|P0Mjt>fcxXsB}=u|jX(~@!^h97jlQhL(=|{2!=7e?
z#aJi6_I%w0Nikoi(N?ad>ki#65tz?{toWVEr8C7K#1|1`Oq*QP)2IS|!o%tzfc}u*
zv=4-l!ftSIY2xl(WQq)UcapT_U^L59ZBjVeZz3o#YhGoI69l`=22>OM3`}<bg|Jx?
zYz8sfd5X=V<a{`}4xaXmFH|XVEex$+7E1%qHEp&$%v*<9JCCNW^<CF)@WSZn)n#^#
zTH>^0Vi;BYy#PJv$z<fX8G{}jgz)w~x-!W@tB&50E*X}qR729yb~;LFs!5O~2xd)Q
zN?x@w)&q94h#T-}7X7Nd!1p6XafSe*CDHJn+HkMYy+4{lPR8x8+rd^_M~_&mgSVkZ
zv_EEBbPM~@G+;&kTeeo<#Fk!Dv*qs+p<8;jM)ocIEr(H~zzNo|RliSDy`bMrt5&v4
z@7RF1z*yU!eFR`Eu9RN=uPmMB8*^VH>y#UF$z$)oMM$mqo_|}TpK!D-$)JIZLVy~l
z>R1h6Ql1(8G$R~1ytTi@7{fDUbp|MEEbk&%d%-gd7lnp9MmSAjrUmOWevI18yYDNv
zx|4RCi>q`3ACLqcZO?>PqbvoPI&B*72){3mJ@wbLxl-4ps(J9r2Imi&tiEq>vyCI;
z;1U|S_lVM1xUGL>tNuivGIx&MgNuvm*<<8nX(o1zhz$F&1u@E&etJANCKt7ulaIJ(
z$Jz{%uXO_~wXSSKn4qsA7-IDtdl?ruTOAR(uqqez+#z@%rGM(&&aFq3HOB%Joep4e
zopP{)SFD~ZgyRzCYlxB=+PZbFuLMhU_TUj3ssD4Ye>?wY0x(B%!-x9<59ZNhgkWS2
zxsMn<*|w4EpKtXKH&UW*8n}82|EkFDDi|hm?%&+pMXtdabWQ`*aAkXXFcG6^R%3#B
zzX5v#j4DdcBC)Jg+M8z7P}G%f)z-qxI8wsZl$G<Gr&f5>L9G=`Zn-I(2SUUOTT*gl
zCVTOx)n>$`?&uKoG3DqQneio;CmF<q>&H>*`1JvdgMHs}7g&JZ0Q(UW=~fyN6~xg}
zTZGBrX+C>sIq(+X@C9IV0L94@^E9#OCbL0_Z1;5PWLD!dmu|1P0IkwVf>9ZO%pKCZ
z5guaTKK$6*yP3eN7zx;O0j6lU-56xdigj3O%<##d;FH~=hu{$GYHVmEHfZPE@vAxE
z)IO!(p*s4U)q1w_Jk6MUKEQ`VmqV`BA*l=G;H_#x5!U(@qVgOr$uVqHIVCtGU6a>l
zg}8W`kH8aI{yfpbzVga}!QafOK=vlH-SIIz;UHlrgo)lk|EvmI0(Q2mNvx9GrZd82
z38$`Z{zrJPo`Pgbzo#9dyir2Qu?PI8YjzgRUAueW&v|ol)tL63LR&;8ZyD~IhVR!5
zbl%J1=^?t0E;UmhtCQO^%j=-DTdz+ndQaeo?Wp|=8P+!oZCh~I*0&4g(|=K9T%QoX
zV+7F25b5gM7TT^^843d=3r^tau$ZW<3D1bVpFZZ`na!#^lG}ZSS5L{jKJfzm<(=3V
zQ(Yo;nW9?Tt$=5iS<71OYAkZzhvI7uuth$ac<NoMuz$G5KSvUH;cM9=y+vwoD-&fh
z+*=QT<-9p)gD8J!Kx*?#c04~AD7@p#n(QiKcRoL{Ch$NKoX&GTpG}AoJ;QVCLGsr&
zMWs4hpXM3l+qk$!YUc;2te+BiE&o)$@8=QVC=>xcD))6rQ?-QS>+7ZF&BSvhV2;1<
zP}l8*%RV8Ze}DY0gJSu4B@uQ3s(Ox`<!O8Dtskw|gSzZ`UinyckYo_oGb;=OWZ2iN
zBV5X~09~yLYtr&vRj*3RohV$xoGgnm6mvjoQ<Wc}=hNB658Gr@o~%YwM8{kj7qUOc
zA4Gt`bS5rbc?$2MyBcEH+RU`z?ru3Y_Q#W&b(33z$@cS;%MtYNvSchY$Ti&+TYBA9
zQPk{H)FLV13TS|tqN9+=VEdMQf8;)Vs7SX(Akl>n^$atTwv#)Nv;yxU2|*Oj4TpX4
zpM;(Ct=YOLvm_W0DzMy}+5u(aj`G%y=G1IG7gqit0^C0u+R(Z(-w$lhIvQF4(h-As
zbLR*29N*~IPAscv=()0%&---`{SNHs3TEJuZq5Ix8DOF4XxnUE{Gv^^eFp3J2ed#o
zizJv{6)$e+OZpkG`t8boo|}^I$8;}%I~WrUy{VsB>j!pNLGUE;4~Ny)r4`H+=>Wh2
z0V1E(*yq>YJu`iV(Zal9@tVa!4cJ0_b9>Xz&squymWfxWzwtM$&q$q%3n8hC$e>U4
zRbU4X56L3Wk)-_RY^6bg9WaBmon&-weUn!zb3>e=u8=yxKh}lxY9THaWByvxk_2p5
z&1r^cqyuBGBpX!Dt^-a7axr=WL1PQR@C;go6-x{*Xyb3f$R`kX{jN6pxO~+H6sEsK
zPb3j@QI9@?yq$7#6727oHNuY*as(qSD4?Dny3De=n~1%lL--6)<0w!BgJ70+8Yamu
zL6mu9{L@nyRlQI<Y*Ktyfb!5qVojeije(<ufAbR;cSVy>Otyu`4`g)o5y=zFFk2Qu
z7!0v9aeICtC~>2P;v6K!c;boAg<UI3ba_oLH6ngu4J>5m%JjKKiKO+qBm608hPQ>6
zy)^G=SM&xsNW_&%h8eSZwcsQ;Ry8Zh&X2LR9=agOK5Idi(q64Te*<TD*~!f}wl|~$
z7@hWPxzBKM=~g+r@j*Cw;S&j2tXe@T^)luicx8BwZ{d=qA$`Ut95*csAk)X1R8Ei5
zf9zjk#_PhUjyB_Q)(@K4IwVW8s7IAUeG2`lX$?93{`CXyT0(y+!DvkI{XqR(|De=T
zpK8<$_Ndf?+}BJ8ywcGeI$?foJ^71D&1>oegrk;<@Bi6L{NrNbJbY>Vg--xy@1?+T
z!|%6v)q?dAMg;;$Fs(iLeE^wJCn#<CcyBeQGl7W^aDz;7MKj5R#5?>#wY666_J>v)
z1)KUt<g=d#JuT+U&b1-i$&=kkCF#2ggAC}^uG7~BE3BxVoKf)OPi@pw<=$MJpU?W4
zwhSC?(pJl~cF{}IC1?&44rW`-6Y{>`yl=^-_aovUZJm=`gpe{2GLpZdkdwdW<=~tL
zI~zYisL`jQ02Tovn@7wn=cvsw_dHgx&wvx;h4aF{^Q%bC0dLGrWbxFYpkBI-!6H6%
znz|>=5JZ39E=KZpBs}o9?=J;hR<K^Z0C8s2^zH2Xz+OQ?=d>epv>9enxXSSRSYjDe
zx}?)G$~ij2#o7s%Q6IpY3v#h!-T>)`%@(DXq4`wq;J(PrB+H4d$Qcspc$>lBpi_L}
z5DaY_9)|%z{o7x(2G>N$y&pvKiT*fDU_=OYPIb_Vxv4xf0~6CLaD3(7KJ>glwD6;W
zXiQvZTA>MfnJGUBW9kEomd)CghlPgWO&aISTgai4(qJ-1j;o{P5ltif*jDxAsn|FC
zohjj~_5?3d`Lr|K2pAiVQJfI5UH5|v<qp!TxshCBd6^AOcqV>v+#oL3kkWxgYYly;
zVs-qH0DC|3b><~w9KE$>5DIBnu1jeEZ7a;i*l*D&?ty%som%+R#cfq(733fqD6k1K
zrA<1M2=}?~c)hXvpiQl^Ve{8FIpZ$B>21%qQ{!hy5Sn<IP>uvY3S%=f<g2%6^F+<Q
z>+eueSf-8+@7s<y&XsdellOh~6NA^=-WRwHIOMk@w0k`u9@3@t8_Z$k9gGo!do+Vu
z6Rsw8Ots1MWb0>Hhl0*5xjfrJz(4-t^GYU@MsRsnDiApa3iDQfzcYD%WW8KZ5UeIU
zjyUTgS6s)(wQ4dFhF9LHoHJwJuO3GG!EWz~$_Jx_V+1|Nry)CZ2hRcV`4=$x9}`5C
zC4*gyN<ss3<iu=B)#bgMRNde>3LV9s#v%H#zSr>5MvZ<%$U@Z{)D|lIq9&c~Pq=bU
z5WSe%hrKM(j`6<qH_+Zr;+(AMwZSGK0ybOp(yIRoogv7aSTd?AQ^g)|zG6p%%Iuox
zBl4(tcpg-UY3CK9?MsXZA{z;;!j;_^oLX};_Ux7B@`-JH%AH6fdpWV+I~lj^{pgzj
z?-nZgRjT(QBPmiZ-^JTtg5d;x+)ZG~xHn>CobT6tcL%z3I#?O#8&|Se?SM%ajzj$8
z;J1>l1_};A{pJip)}0vU@RvAVl|A%;{@)|$m^7%SsQqHDN_+uAs)?|_2Qo2(EW_1J
zrrf$fANydC1yI0YcGvTBZeHBjDLZ@}WsnQ&5S(B6Va^@;r1zkvZKxX*OHytr&<L+o
z=TS>y2hn2CPzB$x()#YrW@~TNFlr%TuwTKpj=coIRs$d3&t~+%v=`>~kx17ytL6ab
z5K0xC?_g8DtcLiQ&6-h_!pE0rK(EW(#B`NUiZ19h>=m?pbF_!fh!lg_Eh6Gq3wC9?
zfNT;5F|RG~CoiDYwk+aMzcAhxIfmO<);YLhbAgKKK5NeGXF6#!ltj`g<9wp)SaxVv
z;E2vghoST=-peP>U^0_iP)07qaY)NS6;g&ytLeSpqNR8B6}hN{tXu1#7z9qfXoW)#
z$O7~@K_yTduUMt!BdRvVt>6-R#dm*~$9L7U>zKnD00|d{rx^Z~4m|4;>8l)cw#;nm
z=$5c&h^Yx)M!UAG+uv{2V-8uh4qCKK9(up4FCD2fKd$*@9~dIWNo8@|>(as6YK#y;
zBWJysV9VzHeR&wkC?KYTa$vv9#u_P|Hfo(r<&}bQFqZ|ZCE6}qwUh39cj}_Cfj5ch
zr{c#lCxyq^fV#qfMb&dMQ=?{f)NjF+FYyewT2WBmWjLyH0F$R73{NCRpE6_!@pZMM
zV%F(Gh|fha@pZyXK^45<TB_d09S7BqbcDoZxtC7)*NEw+N^KPR^mr=Z7t!N>quDTE
zFrli?Ovu|T2Eu3YIk(}FI-0bsjV2teP~?L<v>gPI%5Sh>seXgLe0ThC*35{#4Pv#c
zX{U+rWiV9rl`;*iMQG*xpe;**|IuDMuakakxPpSOBK@KL5)ygu`(T9-<9&bUk5NAR
zCC%Tuu?`Xq9=sYfve|K<1C~g-tgjBgtA%Sc7B!>NMOoKL)~0jN>h9y99#*=-@N96v
zk>H8cHtbCpUeO^;2dfdnMu&c5Kl3L{UzVT1VT2;}#s3DjE@Q@Al%#aLyUJ$$Pok8@
z#v-up{n6bzy%4ds1l54}rt_E*=@v}#1aNw9y$PYSicHLgUTz@Fl5nrvsN9=AzFhvg
z+v*mAo$ES2OlmH}pL&Vlk}#~sivfM8rv0M+^-x6lqs0-O8b$6PpRVnPz>B;YT+d5h
zI)*1Ormu}+_AzzKfTQT8SNHwooU}~qt%@=n*_fm-o(Clq4W`P)+7SU%qE_@pY54@O
zOT-{xO9uD3Q+73nLFp<I_y};e3CTXB$QV^v6j=Cdl2{ff4l+jnzJl$d<R<{fvl^c)
z*w{cj-J~(Kh4YD7L+rIlFGeTl3G+#@Adv;)A^zadA0?kgSt9ifQ(REbBjLa<jfMOC
z%{_I)0E$L`(p{x*$*@Bj6ut2cfyp!qCc#;gb%XS@=3C9@9j#kBQ#YwWd&A#j=YFhe
zfRRDQGx&<I6J^Nvtg4Fo*H-<n$cs8kN`gqd^c(iPNPOIVWbicMot!@H;w+UivBq^j
z4?oU{#vUB;VFEpBF|hS_BPVhov&jM(^}&a!5Ui$rRQtz($CwQ6`nI`kZQ6G-ayrLl
zL8jj&J-k=BL~Msn;04@$#|m{F4))=TxuJ$G)CHk!`b8=H82O>%8JUKvj;!J8o#woK
z$GO<z$9NF{K!}#=dN$_0Da`Alzi-3WUhuIYS`*~1^N5f|T9Z#$J<NovMJbu~KT#k0
zC0Tj`!1@;zNxW}&w8Pw1$CA=Q>?^#C>>IQ(&MP3fGJ)XT6NGy*y??m1s=g*WQmn^i
z)QU$(RypqAMbz%(Ray4AQV@I`9$R#v9`*u!BT!A@2@RSu=)nF6Q#d!QvsC_RLIYfk
zKJuYBajTIMjx8#7O}cZdwO4a#Ar;nkdh%t|LOpCaREV`^)b3noacMEa@oFIjWzaD#
z@MvY7vW+E%CObClhY>TNRyj5(tB*774a2*PC5alC!oy8p{KMjo9oRSxp{8j>R>9^P
z{|LZKN@fNfu%@O}@(o+9NStAXn<2p=OwJJr^^K6HT_J-^lIF0%ef0#NTjpzHl<#;Y
zr1!K7o&_U{a+w6?m=ze~EF+ruui-Cb&P5>@k-0{bGtNSSp1&6-vvUP=yz;j+%2s@~
zNbt)rPNr48JLtr3pbO>7ll@1?#?@&0t1xwM-A0j9DzUjVA$pHZfgo`LWDa$~!}BMh
zN#|iImI~nwb&P`cbmGeu7#3E3c?7b{Bnze)4dQ&_n}sJgQ(Z6v19%9$pM#dZkm^27
z#+(QCV+mNF=^Ax!eY#4_dyIV#=F0N5pIfDhA3xFMkMdfDs_`v~$Ualp#Oq2!3skt+
z`PdR$zYbJyKnPRwFzcAC!`<y<!cs%p*Ump?GS-@-`{<=Vov7K3xPG_(oJpFE1Ygxv
zIvlc)03x{3+*p0emoH13$_@Rw-5dwL95J7ekSA9JIB?A-c)XJsvXtT17#%bUwW&!{
z)KX=GbMyH83$YZ(+i*4^p&J00wv=($6=To$Yn)H0yHi%;!I=D~p!bW?ce*3n(ZQ{T
zwtuQ6y-ib0S7i%du#}NO{R|2`P>kZ!)>TquT)&wWEdn@ECPRL&eo=$%u{ZfA`%F8A
zwFC{jZP&T<47@w6ZWSL1Vq)(gj}KT2a|Ij=yxM|7Z*x$Ofp)#ChHv%mnmTw6Qei9;
zx&8z6fO@8ka*{=KA<ib70OBkflB}9=gL)cw0h{?PNIfJ!j7*6JL%RoJhWimZX)E;L
zmJDHa5pWkA<v@*~En`4;ElW68e{Pykd<=dJWvM#A%LZ%q>OG<o`cfJ>m!^CG`2+H|
zm}cR<Ay_itD0s`ZkKcH^NeMM>M8!k?#Rr&R4`5*b^TUO0pWHZRk$;y!Jn8AIie8Ro
zZ$IgYo#`E+(aEC}ku&BLawKk+cXzlzsd<Jcd%Y@7!g%5Klh@<SpGtq+|2XfCFg#+l
zM-)-5ZWZ1IAi;rNeiudIai&16$z;gVOzwefxP6A05n2mCRlU$@o<X(jw-sqsy75OR
zMXd5-gst{aRhYG5S>@kdX9SxCftg~p-LWr=9RZ$TZE7SMr<mn;$m-Vwg%e|E@a_3`
z3VZ<cJGD}jPJ_HVTF4OXNe`w4@iT+7Y`ZpjYAs%o9J{s;jS;J&VLTfiU?zBNcXba)
z^AQu`XB*^B;s9NuHnlw`-WM6};ElgFMQ;k<q8|ZuSTpTQ-MhrJaB?k(QCmxN;lTS+
zWb&R_Q|X(<lVI+0OGXGl=cZ)7*wXX9ggAH<w`9JGa`W^5{nDZ6q__5iq*5Q3Eq}N2
zuPf88O=n+92c4GV9eU}5C$-s`hkENnOZX>Oh>F$cAc+;Ad?mdDh2Jr~C0kuBQxx@T
z-kHMr?0mOUab{r_@QO|ADAjW0T;CmCn=Na?v%A?nqn-N;cvM}vQdpk)7=H3i>;`Bo
zrgxMA0gKiTNA*tlKlvhykLVRvHQ`mW`Kr|d#k2n^Hne@Muo_(nZF?xiVDS}BdH1;5
z9M#(a*Q5n^+C4k$U%jz&yHZQd99@z3O6`cDUkc_swh+Y!XB5~rz{1-^sYZ5RSPbTZ
z%<vlQ`NGk=fo?e%p!g%lw!^sXIkg3d9#Rb9LIuFt-I5^3=sztL+*U2bgjnAd^Ope>
z)c!@mF8@dT-l^^$%J3}K^bx+y<g8*g@Dg(;bn{5`>h3M99AbkZS2~)FD(@+TTVOxV
z<T{laLH=zWt4^O~5vV@Im*M7DZX2`jm-B3P&lIJW++#L^O}ImEeFKah>a*NkF}R=L
zT#V+Y%g(jt^D7+h*S5L&#GeGONV$Y~mmgj#>0YQq=57D@6sD}DJy@r#&AlvtxwCCa
z0c@fge*NKa9vV`nEHd=9zMVJl{e%f_I`Cr2csp<6OK_|9-zK`W|81hHV*M`@U5f_Q
z(YcaEO=qoA8_QYi^5$}t#(LZa)t)(v1x-Y)QUl9R)_}Ee;?B912A>w;c+ybq&ZX5N
zpO(OQ(j@SuvC`nz(j8A)tlhaaY-&@tVM<z#`2UuiQf&5VV}%ql^YWA{0Bb2uX@c!O
zSgy?y>JFE@09EnJO22~1OZTX6AmVsur4nWY(9~!9vCvk~zFt*AxmRTY0cB7H(*%4j
zzY;QE9d}<hp1_=~c>+fiki>ZXMeh7;x_+n;qlaX%14=Q5a5Nrbiv`aVMegcKm6S~f
z8D1aC_pTd!Prfz%6`W>^fKw^B?rBl`3K^*e2Kv6*Ykc*5ygt1unGLR8or@QMaNvzh
zB800WHzRUmzlC_TqN{AlrIW%@!774ty<%GEPH#4t;G|T{XxB!}Y}1(|1Xjd1EYTgP
z(sH4-JWWl%!MyNY9vEC@VUKtLPBahdf1|%Znm%fFy{3#<+xgD1nSe13N~%<=@`;ED
zLm>z2WczE4Wxa-CD?VXvQ>+UVQ@I6YH>mz9>d^rPb)rEBv>O-sGdp#^3R6^Eur@z&
zWpWX+J);LOq3y`gL{Lm_4U^Rgi}$pf#jrOM_+0&#FWc#>L<!33r$Ie`y~8K|Gt=UW
zWP1{L_SicTrH^+yw1t#v#N4y>^D~Z9@D?-g{S0r9TEux<<lwaGF+=o53e+{C(LVe_
zj(L$-XG{bv^ZiGmbZ8K^Hhi&hZ`6Id7GO3CU%=9HgHC*jqOAP&lPI{CslLP}g8xat
z&+TUgU1m)<W=XZW2*<qAmx5C!Z2p0wo9Ig^qC{|{@2b)9gAyErVTN6~am*~<n-me9
zxqNT_Ux`>KbMcQ16y+4IXGmT;8Dj5CAMgmmCc>COMvjx;x-wg4fBl(g{SNgVcinzm
zf4A#e0zB;j8vXZu(&3eVi`<Qjxmeim++0}n&qOnM!F%#z`(%{Juc;h_aELQB8|Sqm
zeA9h?S{QEoUH<-#m<TF?LG8rw;fikGp9?vK+VCtsfKC1E&B^>$K{~EI!b6z9LW>;&
zzoG;*0iH|pdITc!A|C<NpGjnVfnbdtbXS2yM_4?nM68i5-``O+t(}v;9)$ycBU#j?
z-Knw9pe56!Q?lFraqeJ{W8^XLLTG~E36F@Do(Q<p1uo%|M~Flg#6nR-xAn=?gKYe?
zw1ALzLu&53cSVa_wOMF{@jKC;<Jv{R?T8BbJkI4kCO%IAN`xyRA8MeqpVeq2u{;r!
zGqy>gB*;&kl{~h--njLIhgg00nF;YDsqQo<pFz5cMF!4aPvxrw1c=D;W5c0FPQ{;R
z{+cuBy^;HOG@<lYs?Bi}#;obhC;y4!HUGGaL1b-e1l&b<i8Jbb?sQraZdPZPFzmLS
zyXU$IQMcWEKNf~dzrJ{i_<{B?avxx7<#tb@q$}~e^P^*dkv`ZpHmXme-3>H98tfx%
zYtm_sf7I^hO5^T>+kqT(lLicw=IVpx>lt_`({vMRP-3{BY~I6uY-UuEKcP&aITi;c
zUtSKsi0_w76g}s_epjnDK6~oaiccuR@Qm!%RLV{Mywqr5=oS+Pqpl<6?OA?V8ohA|
zG+c_sAw!w$=D`<`*gx4TR{0X%9_Qa~D&LTQp-;KO8QXkwbaF5@uzpY38d|_{u`v@f
z6TheU_~4l2jBQMv%!pZ-x!8#R`GaGUFt>6tb|7YwurhEm7Be=o{bmd&AOQDoDsD@e
zs@As494N1+dcyidln|Jr;RU*?R(^QAObpF#4UL6T@WL^P3&mD6aT&zek87Ufed-N6
z$q3M8(+6%$$V7zEq~L<##e4b^kPg2CbfWX!Cf$$qqut1bZhBU|5|0uv)krzvzI$K$
zZNC|Z%&l5)t=inbF&|{;C=jvuuXGlgIUsBJ9hcRn$W3O>65TLTuGq#$6Oa-FEO%|s
zI?As4c8#lN#rO$<A!!dJUhqpTJI7-AA<j-VMMkQl=!+C`7PjiT5UiDims$2WHiwtG
zHz?DHSVUKTjpAJ!XwMf}^(HfeTN3~mqCcOkt<ffC#QvD!pOI%z=9@^0KG^3!;FU^B
z24<2Kz?W=j7&p?xI!gN#t)VQJolgqtpkk7_`C=>|bK(zSjaP`QvrN(ZC<EzT*}nWk
zw0aNvb1f0B{qa*w$p@^UCFLuQ=HndR9ZKmx-;7)>UVQ5za%GfD>#36!vHp1AUW|=7
zscs#&$5HGzYA9Rerp@9O%fU|<hjVP6g2b2d5~NRTd@8fYZ#?lC>Z@oiqrQsSXB0@I
zs%TVe*bwBbhLiqM?PK){pHewlcYVSB;klvD-i#CEyDHaxvDULOYR0<Xq1O|bDwYiX
z_8DXuRn}{Q;3&_2^w0+wnBPgh1*)~#yWKRo68@<4aDvZ*&}uru!EdypwF}<&YckQk
ziA!h2bN0dY0#WG&2T0IXCLC2P=9;f}9bj;+OP>GvL!I$aeuFf;rzAAV7>Qm(b-3k+
zlIqv5LkKMWhz{w*Eq`CLQ>gwNeB_~OBBip;Ap86I+*Q^O&9yYY1w^>y<lxoeTGP_j
zwzAMfhSSE7+gMu_#1Im_{1F2Ama4McF+~D(C(ZYlx#Z&I{4jetl~Dna+S}ZyNo>&&
z_($=}cDKe^Gnwg!rRG1N5Hd#Hf(ScGc_~oR!;oq2>w3opxY?1H_0z1}(|&H?G$};a
zmZI)BVIBsI2-oFhfM14THcQ*L=Nff#6_)504oB@HQQ9-3@$i=OJDsDkJ)LyT2YQ;}
zQS_F*MSKQGCyGtdejFF?BEm52tqNcfDDUyx+-!L55tQVM)i{^pQv=?Z>i{Y(^+!7f
zHt6|U<)J*LU1U0Ue%5~aZ~_K|2zs?zDOF0PUz_1*LugX5YH5f|m(9C5xcV5#^$%R`
z+WzhiXfiMpc_Rb8xzG$>5Y#1>0us4?sPs7Vs*VWH*c;GW1ceg>(q_rV1)@>vk1N+u
z9x9f~)JgMNA?U{^Me8>yP6<H9o}iCFNpdJ}&0I$nD4AE7v^q0H_WT9b`A=;MG^;iE
zH@NiuHCWe%ZW~X)JWORU3Fr9uoF!&!X{^V7;{W_M03myv#_uP9AobAAlMMAu^Azi<
zh%sMPasO^y5t(0EI7Nm4MG@_z+~$K?x0@BST50~1Ohn9vi-8~*=mEa#|DcOlIsQu*
zDZASl6EmsH8(J6}Il(b0IU73tlOtj4U=64x;Q9{)3mlVzvbZ`Upr?$#7+4z<Q!_Hz
zIU490+ZZ{x+d1hu8ap}L0atrxAjg=|?wbkCzcCaHOpU)dTN?t}?LS1MZA@&%%#ECg
zx!67dtSG`UiHO*`5o^8cNG^6xVs@@iI&e&i#*Vhm4o1d~#P2#&!NJx@$=Hcli<n74
zOoA9F7k6`#RB{5;<v-<$oB*|V!4v_#324s$C|OPpZf4g1QNLy+w8_S;2$d0V&C{O#
zhB4mF*7o1?kyTjm37E=Rfw1ie^93g^^vH#s<tI)ZfsA?E?s|LTZXe$B^L@U%%hr24
z@huyFdwugE&^y969+7{&@O{0jtob32SMFPXbtO4*<E)!q^Qb0hyKrI1jr{WRG`|?q
zW$U+PshpVMttkS2J&AYwsYA0+5|vPI53Es<$9u}yE6Q)JgBbaHyRSX8_y_l7r~O90
z+m2Tvg>HLY)3<G+;y`=TD&4$5;YD!@?Sep;ShV2R;5es%;=q6eAvEep%HEvAe9mLj
zuM{7&MHBoEu2s}Q-qar`u)!(x|3&cpPQ!&_#KjT{pZN6yMUH=|8#u{jU_8ISoI0cJ
zn9Vt!bGMAXJa$ry-%8k{d6u67pZ^pp-KOP8K@7|l$yg5T#Ahyo#}ht-5u@vyAwdO@
zej#a=UvV5&#xdwyw}ZPQM?f*;ZQyX$1Oo}Qv1^`BD%A(RK6Gk=YSQ+8IXHJ_qD_SG
z4=aJwU2Dl#fj$KF!VIB;LLjqs(k!7+z70cpV)VJ5^je%}iOedr1@vYLa{YgZ5M#*a
zIQ53#<Fe6gcX@@fQG+|7e+lv7mESimQxSN8p#>{*3Z){Z-3DQKf~Qsyu4c><)B5x0
zR#CCbhIUo+PI8T)cP=Emfftgg_RgnBlOXSkW(cF^q}%bFYw32$n6=eC$-LUr`6GB$
zQ89}^%mutRNd%|qr~4=#1B!PtQk|z_Tg>u8)LB9Yp_mt+OcVzL9#BjbAY)vm-#ICE
z9Lx8)L{{#$F7(m)S07bT#egg?cK^P!vY{_uoP+}A1H(H>y$kw)d;uvVSr%H!5<ge-
z^lvIKzF2#powR|K$8Dk<NM^f^UUb-4DvVo5R)g}@jJ|cw!@$JOECmJ<uom<v!~a9)
z5TC^%y{z)(daV;Fzl|b}!+l<_9;?(c1$Mi-z3<>(&zSISy<Z1>-;PG#Vk_rd8bb%R
z3tm|SAWYk2720h~pY!c}qF!l^w;D$;9Q-$7e`C5?YHV-{&7?|=aWK$;J?<lpH?;3&
zM%en_l-AwEI*rLBUwi^T{Q_boIe$vt{z|U?K|0)@@A1qYm&=;Lx`Y+lI4!|Gmi6(Q
zF#?oAo()Q(eGID<c+gY<HoNzAaO2Z2)(@+xCdT?a3Z#k>L~sf?&|h&<BxCi#$Z5da
zPKWQ0+@i`>X4qhBOfhaF$Fjb*xwmxL&LGkS@EfTsg1Z#)w75fyTp-9u(uY^FTp3c1
z{34GgB^fx_#Oc$$inqtpXeluzwmQZM;?J)(RkmF<K}qb&np|LOrs&H#{o;&th2W>d
z7chky0X*WZDIiDMp?qLnx!Fykdj9#_v&3A*Ar9ms8?C2=(YV=aE8erjN)_unHif=x
ziDQZ>F~&IXSmptbC6h^ahRh{3nnMOj*4L9yf;a=Q^${M>-NRX5|G~f7EeAw9#!2MQ
z*HA<lK2_dhAOFDB%Lcp|)b0Hv5vj~YaeU!{_@<$z%ATXh{f<^Ad0E0S|FC@<slPh<
ztNkly8NzKO&<!n0nbUj_xo*&fWFPzHQ`}k5ca`HLV`H}DE+T=dvFEGnk#7)ch~K%U
zKE_!|Z^RZeu6l1l3uzWEpwW`up*0o$-(vrClc=44*7q8i6Zogeoo*w$vshZ)BmUjw
z`I`SUIe`6tXmX8BoE2U4es^O{R(K)vdhbs-nJ+hwzI@t*SA@MxI8-0;saDm-J=nFg
zT4o&*k@EXN=u<v|o_Y^G#l(-4Gk@!MD^y&|n=Siv=uVe50BetWmy`LWor=uUrGp9v
zSL-IrX`S@bCA<0Hmfh>A4BfP8Sw|1^FHEBch1_lIMalnUmQ2e!d;I#sG<#6U)23XM
ze0Z&xsrx@=a<yR;C2w9UX6S}b%i4R;d|~Q4DEuEXr5J)LV>RLQcvtGDb+k^G9Oi$v
zaIDmCR3N&Rw^**|Se`EFl)AM)6Lrwa6_uMCQX7*mJkRb{s`}PHmiFl}ydG{;5}uZP
zQbc%}oz~-jncb;m^mTqLoz^3GJv>)yt4NzyxoWo1RU17jao71&S-R^y+xnh)(_Esf
zHhWa!p`%h+dg!duR#EalW@1*BZaS;9R)o*1Tr|__s`VX}xas^4nTen5AnR3x-5yJe
zI+~vW_P)Hc*8{L;ai`YOvGhFKR)4g&pv4=kX!w0p&-&HkMy<3%^Lci&k`NHCLep|!
z;$5z3J)PIXOSPg7o|oB;N+e%^_5V$t|3}FGdwKo~^8Z?%|B_t8Qc__VGq9+`<FWM5
zJA2pf>^%eQx%k#Um5%DIXtf0KZkCw;|5LOM+X_`aN|(1gNuQ}<3L<(fb!Vi<izhXj
z0AJr8TY)UG$A%E73H0-p>@t1-9m|C1pLT2T$u!Q;9ljf$I4h#+W2o@VwHZiny92LH
zL7EqS3;62W{y2rCS1dJJsuzBXFA#7O51b!UqYGD194e97Qm!GNPt_7h$@r+SQWf`2
z3rX*CKZIMshRbmqf|(>u=dP)(gg-Y%DY9;e(M`+O)ZpW4O?cUG96dkbMU0CJEC@YU
zeYlG7`IQK&N#urVKq;))?Y=AVmHMGB#3*!dezr2~yNpDEj#S6`n(@t8fE4;?$-GHz
ze@FG8)ebj+%^YCh!-7=LihF5D=Lly-BBL`Jbf)qagJ12Z?Kjo6_8d-R<q-#h(M<J;
zOJw54h1J=AM+eTV)!q(3>_vuW?!XSwOeNMzRnmw5dT7DuRrwgQ9SW7A@g>CfO!akn
zjxx0>Kk<Sp+kAaXPrt;)ilg)yFJeTM@Ex0Ne-|siI1!Z)7)Sdvi2W*UI&V89iX;1|
zZ^BLRsN+KSW(^T92ON0(96yGBVNe+q-#==S=<92A(KHBy7fSR|-zS%#UZ{b!sPkjq
z%&hjk?hW$Lzq??y{JGIuhSdO1{aYPkCK>O-uw7c66-WG<`nLuLA}eB_6k)awY?boJ
zs;d9AoQ3h-JNh6LHBh-LP&r$i+``20b$ppNfbCLe!$J4IxBJ)GVaUbd3~;SbMK#9_
z&sjloNqS<e9H;v`o1G)Zb*S>BSFUJB?HMm?AJ@%~z?sFn6w9GoSH5p9e|*n1*e7)K
z^i0j|FkS;&S7^)T=UHrr@Q*BoEB2l>ca|VGQqT0>9!d?SVJLgpPoeEI#VPLCT-i9}
zxqN(E2Ek6}##(-g&{8%Hz^DayKJt@8fZZp3*P29!@(?_RUwd32*J31AvpbDmogAL;
z1yxA(J9i+Q9>Sb>2ukg))XQa1Sn_B%AbGel)x~?RDYef%l6!H&+~H%M-_z>vc>a8L
zmbVxF?lE%z$m6NzCCIXbMIp@z$#sO4<H<L{_}ep)Nf{g8>8&-#-lx7{%}ed!5fqBv
z&Yz#akGB&T^#J>6Iq>fLFacPp#p$qL5%*{Jdf)Qfp#{8KPV6T}nZ@C2(|CHPu*f5|
zN`-dMYc~crTP(efM7J^d?$NEMFx*qAdzUHJJ6E$+Zmddm>wGk>`l{rt>UIdEjZev?
z9zLV5(!bqXlQYgj)tw8^6s#Q>b*mG$1bw^g4fRM=3}??|FfYR~r>2I`e#N*sc$E5q
zlGRCa8CL1^`>REMoLcAy_NWcA+|k~D7t^5aq{W^%$5dRCy`kyGr7OUcJB9t-3uiu@
z50_$J5tBavXO8A@6KNELpW98LZ4?y964*kvp-#eZmJy*=*1+urCHD^AlyjJ17lr8%
zNSkICjX6~})a2Hu6~u=(G?(cw&?S+4yF&fI5q4YqsGPK~^!8x+u_=P~AY0G%ZInj3
z{!>`NH+kbQzWT!Qhq(lH7)ly0`V~cw7^{bNOWQ(ij*08+&kjkRq2S{>>}kyu_tFyG
zjkQrw-mG3)ke|%5Zc5i-L!X&9F!|lbeDE3;2vB?6%7ohlzAD|Ji%KXo?#<o04{U-_
zHhC9R$oF3&U9kS?I|<pN>aKVH#l)c#tuQl_qw~~ukhl~Z*@t!l#8?)hsGp1#@eKY+
z1`_p@JK2CT4wU;i_Nm?%RB6u}Vla_DL(xuVh)t%K_i==ZNV~()M>yi)$1DeJQ=-SL
zeD@vi!k)hVmsG=nzE`S^rzVRPbeui2WkgVfdxe%URDIiQ-;^NEQ!|A12yWbXmt&-J
zqfSv>aU=Q0^5U0coqpo+c2mR6rhS;R`_rdk2l>BYE9iZZh0&I-rZQ(SK5?20fi3q@
zb(0FL!<=iV7dqTBOxI%&hwNqkaa1c0fpP7dE!&PwRM6uMc>=kknoFePw?VXDKG#ts
zP$)Oq41GiP*Cn_-+xX4zJZ7z4b($-fn*LW{W7VCN2Gew9$!1xf+#ntPFPnt&qIYim
z#%ZIE?#78I*D&i)dAFtjXs!0xLFgCN4+s+ZDbVLK4-m5b_>jspyJVbB^40fX^JID%
zip^zisdRl><)0(1zr5w|Pdnxpcwmb;Jh9@=b&wn$TF^_1Up%R$rq9vS$0Pf6UEvol
z2x$G&e(X$zL+XV!$oEIUP`c)SrOrM%nzFyXk;Zl{KDe{J7Pjzuu;?vaD<>-O-3;;T
z;M5bGq*x_ZMKp{3q9OZXtuywQj8mk2_q<Lmzl@DDqdKU%sHR|TY!^~L@+$sfMW2w%
z&PHM0=Z)v6YjuFghuq5tQTvwo+4GP3mO+$sLB+BXEsdc@9J$wD`E}x?kE~~R_)9oj
zBgX_r8+R~bf=8Rbq|u6#Zc@n&EWN3ogyG$Oa4qqf;#;SQB{Cbb;Y{0`ADJmBP1)y5
zf3q?N9_c8KO42BJl_kNBiXK@~0j2{2V`xX+Wv;WV>Q*Bht&{?zzVZ8p@l1|eZFJhj
z!cs#nhX@7PuC4Z#;NcwjN=dgjy>b2rO8CG8e^+{O<{?^Ud>Qq%>ff1Fa#e<8NI&mS
zMjS8Jcbb<+N={G{DAp-IAqE>4!xI#D1s{74(9PBSf)rRX&knpHa3xXetC40bCi<-Y
zhlHOc#Vz}q%8QW@VVHM29eb#cSCvx<l*n%29kM^{AiNaGwFF_MjD*cZ+6Yfy_`C?I
zSo+8Q&S=5>+fc8KWiq{01|jpc5_3S8eE1LWPk=2Mo)L(MSy$O>8J4Ga`gAY_%l*{n
z$j`$&vl&e|aUF9_2ao%QOhLx{RCpTsRQIBihQsCrGI{fTP(WYcnWXvX)+WnSxu2HG
zoV}@6V?<vt*tuBH#g>a?udAdZaeGn3b)foVZ_+72zUA}lO^1)&U_L86WagEhbufCn
zsZlT)33QIAnn;CWurTjA2^!xY5)esoGJkk>nD?jR39sWV8y{T!t_i1g+VjD6OYDhi
zWMPkE(f27jjL#oBAGhOtR-!>7iTFez{Es52U<sVVl>T^6pAX2lKZHn~JB5(<b`l2R
zI;Nq0P#tL_gydEMof~ZZgcS8a*;b}d=ed7!lDVH3j`1j=nyBVh1kY?mL7)4RUW->J
zN<u0OFCzl^Wlzlc3X+eRPG<eYv_0~Des6jAzHoAAexT3YO7(nXCdEICj#5oEp@G0c
zay)XjYXyCh5-K(EJq`upA7sBnP%DXdINFlUe^wY$TrUErbuW5)NS%LCO%!<+K=Ndg
zPzJU=u4Ihn5a6SNxQA)7CQb;B#jLL&TWMw1oo3Jh?2!O>a8m`ojT)yI_g>HLjvvu8
zg;{=~{QhH>p&)}hA7FLEOj24*<VQ^}dRkjRX0dhF2L*oNDO8G?m4XBqB>*`=|6twr
z4D`mMpjhMvo+l2yjgD{Ft=h_6D$J`*idM6ZCU16&#BEsP4t`Gbi;7t(&O>D7^V0C?
z`|66&Dg^<b;U@ovo}}C%eMzAIA_YZE-eTbW;*-f3;*vdjYz$P9n@GLuU~c><`iGK#
zp)dXieO)-7R;Ehr`Fui};1G1Jfk)#%q`VM#4+5|aCy;VN1M!W+sgyl|6_o`(F!|z8
zw0rDu50S;s;R6aI=s?;{q}ply?mX*!+=$xCQy};<xfGd7!LJnTbqR#Aevt3j;s9wJ
zA6T@FAk+34b{dK|fE0~40GwRF`ovU$1C%XH!z@t|fShX;sz%sAb&oMjxp-NfEkaXe
z6A`FRO9TJ5lp0U}i&?raH;V6u7|f)iK3n7$b4UQl5IBln(_p~$xJbcI9EwU6G|i<~
zMff&>2j1I5dPC^x*LSTi&0j*l$S1^1U(FDz|7A%P4h20#*xq*8KLwmGj~NRTQ_Hvj
zXXy$#a!AwYSspN^8v`B-ZMh_k(X;ydNg9JDF;k2Nt4X}SE>-L7LByHrtKV&Lr-xhb
zs1abH=1MM?KDEqCeij$OX*GvBr1M!HidM)+w5i;Q6ICl~c)!jE)&6Q>xZG82ByDMx
zq<LGeRfr)VQ=}U17h0*0T1kvrS<K~3fEZl?a5xTJid`6{B9f6*&@h*(l)zaoFhueS
z+Ri6egvieQB@3wyL5ANha@kTSAg*o{l+e9M00xXh#Qhb)*v2pwzX+%YDT7)(-iIU#
z8)y~PBEvYyZSO;iPyb?%TN^R5suzyNJ?6iM7K+Y8sc!zBLE8*z9-ipei!N~D<SuZ1
zj~ec@vd1*MG^B|$U&7VvF~bVU0sYJW&yb?-6AZ0?Q1R+rLd~~v&a(oD+2#5r7q~*g
zyS2&2c%+HH%3N!xEN5%;4n>}2CtT2v>*jkb7?q=v2Y<nd&L?<DchO1L`>aoj6gn*p
z&<`<7VTvK!QJV4kA`b|5jpE?V+=U!LOc#pXst#>r22(0HGc}7E80ONfl%5Ih>n=Yt
z#c5u;=l;+``am{(Ng2;uKSV-m-Z>7d^8;OJU|5O*$yHRAY;pg%IU_+0@N%xY)XD|=
z-nb`svsbe16VQ2BfYX4ad;z*l%8xvCB1%d5>)^n}M7j*R#ppbtAjqI^tt!M;!^hNc
z7?G5C4%cGjpsTM54j)}?7ta_Y{;p&82>ZRfN+<Ffoo?D-W?Bk{l76=8_Co2yHRpEA
z1Ns`~>v|?4FBNyxho)YK_Kn(8*KF36@U*|kxd}&EH1n3cK_a93^_k&rF+$<qzzzT7
zv)Evff|-=x9_RfGi2M0LIz>Jgwn2&7L$a3@*)JG2U6@-OyeY$VQTHNnw5CB2Oi#Dr
zLONwU_ixk$KU#sdJ*U&gWHRgn23*f5HTeR&yKAD_B4lR?JPqU^j6#e_gJHPWrkDgZ
zXc~lpw>cPw-a?`;;15nPfqf5|&Gl=?kB?F+sRYIf#!v@kNGD=ovhj*aVf@cCxm1yS
zPUikMZUJi%hM{Nj$Zt5;%U`nhXG0&Zr5Vs$)Oo$Z-6iDRx)kYdA*h8!r63d&_s>Pf
z?D(WkH@f|0xgV9|5>%@2mdO?FY~O}bzT_k<F9h7`KlFl}f+kMC$+e7sKY<LFqOaue
zn<|o1EYOW3Hvky>l)dJtjuq+d+oSE_`JLTqDJ-7;1OMGi=TJa_qlzPR#%W9_BKwZi
zAYk7PlXj_`bPVx1@jysvdX6Mt#!3B`yzvmnL;`^`&cq@ZMywb;jDpoB>44<7yvuNB
zq1-s}fTGBQ4>GBUMa(WA#G$P~j@(v*RC~PFKLQT|2XB!CL`i`Gw<c0zr<su#={9H1
z&tV^Eac4aHs(#?NU&IAk9C#)kP~>(x?}kxM2&?_YSI<>hWBv42rlSJW>%gnl^aKDP
zkIBG3ktO6m2S~BxBYUF91P<TD94^8~r<0;oCb7tNT~jK^vGPVk^Z9StsG(HD?2hx%
z2o47Q<6wqflu1l9lY~xl+&wyB#y&hP3cA2TY1TUGWJeyLgzNJLlEy{4^TP^gc5C)Z
z3LpCGT*C*tv2xLV_5Y|imi{g5Q&pNp5(e(=A_yag$=?%g7oEB)VeVrlQZ72xl)I@M
zl|tE5GCCD7Bya+UYJLm*iN%)xd3X;hT<iJigG?^dY^;fx&(+wQff!kki*<~70iqFZ
zlP})16dvAm=m(E(mMGW)rq~cu+}xQ&^FZA)WwJDy4GNN5a7qS)bESq@5xp|971%eE
zVU!my0u#gQ7oM?%CFXwA!D7}QLNwR*(D7Mzkz@#AG-68nA5mp=a3uHpWVrKE(R|QG
zs$-H-?pcmtmmT9~|40zzWmj*ZW;HKPq(~Cy5A$`OGA|zX^K~b+&K%-hh5qcE1Lo^a
z*M|8&W92~dAa1Dm6y|%HCjdKU_JUI>w9XKc97+%x3lA3p^i3H@YJq@KYXw_szmZk0
z%7Ce%*_1f<U--oUzTP{2DoS5hw1(6|RzR69CvB{1RA@n615mvbP`y|;U<z@QF#FvH
zZ@PCOMT#A&;bURN&wMOAm8fqrZnB{(e$t=Q@*D46bD(NWsY<tOe`1)=!b;0nrXwDq
zNT31o$5ru~akY^gf4pACrt0sP%A={Or*{5C(6&HrNv_nbH&sH>w?0rtZZ-Zzb?uk9
zCYxd0lnWj%8^C?4^a25UXjYB(gso8)HXd8pPhu;wp41<@Rx_XC0LOB3-XZB_U`d`B
z?%TM8DwS;YY&vQ}!W<_auIRh$G61&IDoQX~!#9=Ec;|(~tlU6Fwdu)-sBQ^X3NOlS
z3^^B(^#OVcD**cpZ&vC^LRoQX!OBdIBIc_xt%2)=pZl<KcT$<fP1G+jC6wFPjTD*v
zJ_%#8R5V?52RKUp_r8x)EGpDFlJlbQZD}XKY`Xg0e(xEMKJH%oLBP?BE6e7Hu*jLp
zpD8^}hVZ;k{#@;`5R9m^fUMVT0I&UC$u+SIf-Q-q!-&9b=DBevJR*)IIpE?<-6iGs
znn{kWX@YAXAv#h5FWr6)sq}Brk0hliR><<!cb@72ddv83AD=O`E>vpHOOs&a&itZx
zzD!{mgSU6my~J0m$5tg~L9J0vY(3{i(l5dq$aLJ7k|<-5EU@+c!iqMr0bSDa>GOEE
zn^mL9v@c<?ZgfH~QwcASXM=Ctf;r;05bAfFJ3{2lcJ(|r22Qt7`C{4Z^BHkDMAHpY
za&!LyG4Xu&z1%BwrQFVkcoyR`3dIUomDe-F3Qdd1&Z2*Ptm{m{>TuWzlj**Unh#90
zkuqA(rHR3hiE>3q@B70)c`h3gXmGBv?pas@#oI)D%`Mv>pZP@~v?*e>qoJ~u?ev@c
zy$$|eb77+v%smd0mwAf*j)%g7mUBG&d8e(6pBWp^BGu+oqB{M($X%S=R0#e3g-5?)
z*)UOKzFI}~3Mz|wQio7$G03m-iq_cicAU4p?H9*guMkfRjCL;Hy)jCM5pYP%xD0y6
z<s!7|7kbX4+xG7m2#q#}SU!0TRsE(2L^_Uay@)D>xWRgVv$9>ioF5J4D72~AY_30_
z(#C6*czy}YE-Uk}L|3Z;&k_YI@ox{C`~z}4^5is(S82OPa;W)G?%!kl%b(YuXzPv^
z#THkv*pR2vQ;M+x&EI!7eQFWZKAdu09`DS4wLYA8!gPLDw@FULNicGtVkc$;duZc`
zj8U-z3=#ct0$#Ga2^LO9edSmyBLsA4bL1>ICuMNfMDvFc`JKN<bgXFpwg)D=9LWQP
z_dei)OU(_uq`_A!=iyJt{GDZ*SU2uWD7ed(9o`ckNJL}^_WjLNWOR`eTN~y3wLkQ0
z#qRtF)R68>7RsWw2$WAHK?jab-k$b~SAOn9``nY5w7|>C$cIt<T<r*!pWEV4iqGQZ
zB5=YcG10e4lKmI;V!M5dQKL^LQj!v`i84}Ow>njl9H<j?#oO7Zy5>mniQj-Rq#jdY
z%F$8=t^XIAIQHL>TDY4R&{JB#XkT+N4&_I@Vma4W-u>O}k~rq&qitk&+o3L3`U#W%
zJv3E%#oM@BNgFBbt&U09KwTE|b#^T0*UEdsFA8V5Xx38tyxwDyVP25$6KAiF?y}4X
zwN>H9UdZ3)2Bi8=FCAe<*Vrk&>_5*|k_rzPb&zzvQV<PJRiRq3bBpiKu~NeS^;OM<
zaVa&b^)UQ{fJacptMi5McVt9A0*>p10+HqjI>&L;{0W#63r-JuNW542H$pqEByv7D
zW@+=8nAmMFc~Z&Nfss8LZc+HIuzLCL=dswVDa=P*3>y!Gw^jO=5h2=#ANRU&RlxA+
zO*gT&xvBR;+nvUym58_s<1xSZNbO%L*U*^9E}IM`{V&GeI;^VTTl|*h&>UJy;s8?8
zA|>73CDPr}AQFc@bVx`Yx;eCzc<2&PN=jO!k(AKiM!)xY@BQ8PeV+FpW|+O!n!Wez
zGqY#bXVyN>GUEmpj&?v+JV?4%RmTp8=RQUhYar-(G-|eV4m|Y~lHPip!u+>(MU_@K
z(vHT}!o>VRLK8W5N8j@vSv(HCfEden^;*rOXl`cG#XLSj5v8``$GaJz-dM_4lZFux
zQYNeg!${z!{n=BC`Fs*Ik?+iYC&1n_%>HNH5Wg6_UOZ~J!VqMYfxE7&49xqhRrR&s
zGg(fhcgr;2uh0#=GpLoTsq`Ewmvu4%BIpN6C_^9g=Z%23lXy`)2E<lL9E>BROHIF@
zK$;wRu7@%e-bgc8{Q~1qrP^avXk=M?e3MCm9kI9;Y?ttMu_RJN^KH}eN5DX;;!N&C
znX)-gU$ZNv@v%H4dbkwe<$4zZE1?@#;;R+YNmuqzu?|J&_$W$l#|QGr6<ht)oLXYe
zQkqi7%obtJoe_XXrTgU^TZ6LpXjmg}bol05eYzxbUsnpEQ>M+3lLS5(-3192-NU9B
zy-ORL*Gf6DeoGdd9MHr2!W3d?9sktXh6IFoXU%y;lt(&>;f+J3@~qfI3fFB}aiB@K
z`@_bnL&D}dzR5FLMo7HjibZ>hX|xd2#f2pGM_&8ZRn5_3T!LoP;ExOvr)od;aS6`p
zp8vv#!cpK`3X_SDDRxbId6G2JvZ~436J1D0PQ&KerQ$V#Wn1m@0mOj1>{;#|sTOVg
zcG1hP$ASbt`^811)5<8q0OTfO-HBv@ZimICoZ#gU748=&kP9*F^YYL95TfPlMzY98
zXk4_aMHzIG{qf8pAe?uTwrBCvVA!A%Vwj$602QL1wgL+908N`3`SfP_0KIrb&*x;j
zhQ5-Z{<IrnZQG9-pVGCvJxA(8I(S#5N5m38xF_Tmd{P#zc{1ZcBZAxYy@oK8C0gXD
zrfpfcRTM12FnIMz`pDk2PW@eDr<E-lUnn`9*?M`ADx<6xi%}bSuE!eP`X)w+33B&Q
zX&H>rtctw097jQUw_cRb_8eq1?SkSQQ63lk07=}hIf|w7sph$IQy=>pm_^LrtQK;p
zqdV~{-p~D|CFD?OxknV-;{C|ftEy|*3oUn_)?~`W5Ua8)()&^BPQi=(5wH<f<uT%Y
zlj5o)$oB(*u0@f{uqH-AhJu){zUuU`d_?+5m_|@JQtu)vd>50)3*FsdyE2{X=76_X
zJ6zezqA-Ct<Dsr)HkHTt7<0q4yUNmM=>ZN-!D)~7k_arCjEC&im(D7<R1_bkH7y2Q
zop9?kqjcCmHb<bxy>zU<JdNhI<O)pyHNyfFdH}UdItPa}l(LdYQF@DtkIZ5(hlK%K
zYZN$q6200ov>Z#x?uL%_ov(le_=k!RftU%uh!V_E3@%dZpvV$Tj*2DX`d#I3g$tXe
zot7q!<vJI45y4HL7<w&Oz<M#wR=_;K`K-wMgn$L+$mWucCqb!I#!2rCcCEH|`i_!c
zkDtgv8eaL9Q~FCWe-ET2<1xp+katdzyx-HQbOU_*J4?MhYXPyABoC`|0jj&o;`NrN
znuE(RD$}@>D7LCO&Rg(<TbzxVgAmC9vDwe;_=7w`vE#7NhuN$@1;)dLGev5u@_ogM
zsr81X^MJmn0Yk6m$p{&tL9qiKrN+?ymrfIseIic<B*lOj>eHS?p0NsYJ(z)*$5*;#
zx}`Mrh({hz+iYn&(~#)Kpi{i#%?+?E*wqj$5qYSt^#z*qXBqHhYzlG}yE5JJ)@@0D
z3+P!ARJ9#AgA@gn-w=rONK{d4Da@}wxY-Yu%=Mr#&;LSL&Yys`|LPaYIY$Oc3r-Vp
z*xM_V7G<xt3NW1+ix?nE1BkjOqU|^SLh&B(2zfp0qI&nhE6ra-{zpKDaF2dWdfOF>
zH&Owx7DcbA&{-?oV^&75X-9)KU+@2(u>2*0`~}2#R&e8i2}DG8x~xGKYu*X4g|wqI
z@0H(`C`h;xTY5k(&`DTM!u`)att6fKOD3Nt_9@qM5laQ!8<oJpY>$2Wy7horY^NRj
zx@{m01pYr1orNmw+v~w;4`yBiB0KgcjUzQyYHg9gul(>LL2&&PAP$2t+kC6*3`LF8
z-3POe$wU|Sj%l5cf<8?Km$Xg;h$6kR^@MXWH^7FKLZJ6Ige{Gzu^`Ad6*M<LW!CRo
z4WdUBbrJk4H{jd1Uz`#*Y6EfBTjN@<u_R+IGRqSD4)JX`_R&=!$nyYMui<BWA8lSv
zb~neZo3p7ol{A~BsIF;NZgT1VG;drbyJ-8GU8SkHn>#CMLzjPD^fLAOp#|;-!PWVX
z{I#K6xB3Vxtcf<P7I%I@MED0Qy6%vUcNRGY5aU~Y<@s&Fn0>7U9V6soCrg3LGS+^p
z|DwlxAVbsQ&-Jol+zEVo&f$Ez^2BGcovN;WJWyq+<xq6n#f&5~!1i9d(kNdUygVI`
z*(X$hx42nU-YVD9pqPR<9#WC5#Kh}sidUh#i-j<zE3u)@plxH&#wdELw9QU>N)NpF
zWdAb^Jwx>(_#`2kHPMopQ4h@(%{lWi>WpYcv~CWxbq_9~G|2koxw|YoN%>0$X(LAB
z3gZ*raz45xv=R1st~J|`>uXrxw?Wi$TRP`aT4Dnu2dmxOj@e^(nsCi7>1S7t;8>}2
z-XxUt#QtJwyPkGc;!-}k{Q_|6h!-nwg%D`4m~VJpml0F_QFSC~YUPh@F7FYl!2(^w
zS1rPkR8Q%Y6*Vh6j>S^S9_bPqZhO+CjWC1LMs~p%g#kTr<m=3AGr4v0;p&H6U>~iD
z$)lF9G6RZu=vkX21lvcf&-!tv%XMoq=4Yb&7Frjq42r-mtmhS+$+hwrOU>3a?b*h!
z=TbcO9R*%4%#_Pkbx7ExtaoHU6X$0hy!x@y+-dp4QMX|CF)w?%lIpm^zN4(=3pJic
zLgC&+PmO6ZD)oN*SgJTgHk$;pt8j9rk9fT>)cH(imP#rZE|v~y;a)NZu@)MOzGJq)
zJ3!<^9qYe$=LQ7~Hq5$!MI6pT?v&WZptP@*>#tHZYi90tbRyT7b)ClVMT}9?Cx^>m
zPQoCYETS%X)6Yt5sl!U;vz4O1(mZfk3m>|dyRqi4Aku3(QZ=Yr-N7TCAH^MzkatjN
zT(=HWs(ipw)#$yYZ5tpNxx!;D<fNz`j}8}~loyvR;S1H@r7P0Tl4Z?iUyHFBaD{(;
zO<D=F(yg53evTLuRuypL?}*tF&4?*gYASGvxKCa<pUk%_S;N1c-MHi#vIO<V*j`!y
zvwMpQSF)QJ8ze7hdR8`TM%`7EMMaYG;JP-$w4XM3K_*PiVwDhIEkf)GdA9P^YuT{P
z=P9J9aW>FNBo0Gbl6E$Mf-!u~UYBJA8fo)cOc{@rEkyo3>hVi#jfhPV^8DB}Qkynx
zJ;h;5hRUR0{nEOijYP#H0>u<d^Tc){J#>iQ&@n^hvEcVwn7DlU=81rf^HeR-t(Ynq
z`@*^|aoUwOI8HW9!-6Meypvlu-TgrfIv2YVv2d==%s79Grd~>dA?Zu2?S56~lTX5l
z59e`k3bg9#1)dWcM8vlE>EZSB$Ho~(G;wwKzZhb-zyO1cbyF-?-&MNiAtI_%{)<zy
zj0+s_pMGFq_~0D&^Cgan+^pF)m3Q3Jep88uuu4HUGm3U)zc7JMGxO30#D<?LTIyx2
za9@=CD7R~y)JuyQ=dZ*y>)#@_nf{}F#olniH&Je~^w{=tsz6urpdqLAkf9p-OmX8y
zJQtJ<?YpkYRUsmxzQIeD%KPaPJ4>BNT+0ZINqa-=V7h@=Qt@&Aiz}V6%c74J#yoYn
zHV{+khnJ4dO2nB!y*#p3K*<k#zsfa$kDFgF^q><w)>|yHYz82=E#?M4ec+0-<Lo2Q
zrGP6|<glRld}Uy-6%#Ml^GxrX7+OI<B%wn@okNbD7X?N9X*o)LQl_GKQT!ieLym?E
zo{1e3G4^fr&*plPR82W^5iQ_uhWK#7mPvi|$XAsJ{{iv^W&gNoep7pnb*=@mqK;Ml
zu_oq`oj)bV`h6<Qg{Lciab~r4EAW6od#MIH@&`(s?kd!7Q``*lkCMgAX}+UAVe9uM
zo@D@B@}g$$$vtfB6=?|AFWUHdrTA9G*c9G$nd2kFi`>>BOYa|64+T}&LS<8UUg78o
zZ!|=AMHogsYV5(hj?Loo3S2K&6#5-Pc&)9C9RZ=h@by|`wGv{o;_AjuYa80hlcP3j
z7$lN0OI*M@-6eqv{!FFvix#cYqRGQjtuDd8GL9~VmdCOug*N>h&TNZAr}j?<rrc8$
zQnEsfD`Y<l11?{w4*r305GT87kPiDIg#~LOeg$M!URYP2ME`gPN_s-bjpjjtf+B&z
zMN|t9AWcvu<>f+09Sk0vakQXoSG)GV#ecPW*X_Zp=G`-9sJqjlXv><CNlQgilPGsb
z<ips(WNFC}=Jt+z9mh6+ab5sU=|lXbT@+JXcqoiBOBW4Rk8PQkB*(~tWW=_WN?VZD
zgeJr4eh+7=2r;9^5|MtTB_^>T?j*S#+KDp1TwmCU0(X-<M8aiK8hN&Ykcx)r`MJZQ
z<TKW>GD)k}c`qwd<qgp}hDmD_uwz$GpRTfg%EXRyfARhZDo0cpy7Dv3Y0Vs+-Jwk<
z{ZVd1HBqC3M|`i2x_1coAnV36Qpy*}FVr)$HH9bnGb7_Foy+X8sod}vKN(t|Jc>XJ
z!Jp&UOmUxRJhq#f9p?G3KWBV)K-+&}#6^iImJ?;3h2IgwTjn7q>OQlKJKY1`uGMm6
z>XGWD18dtUuykJHpOQ?^DM<Q=zCNvw3zd-@D}Ejp&oXovP3a$Do>Mx>!4l=WNpM7*
zfeYt#ZtcCyrHmY7Ql-9_5_ymFfoAua=6gHUuN2N0v!Y-Yvh>2kA!X<)MN$;@FgAIg
z93&hyo6?H7-%sQ@)fZlt*ki9?7(!9;fW)?xzNnvq`%wqex>0dDZJ+F5kj&~^VITkA
z90x^I7p#Osl2YGkc>;&`pGWd|(yf4RP8TX3DN=509GfYyVT?;14H#O_&t=CW6dCiV
ztcaoS3LR5;7H~J-5EYUVlZHM>%Q|^49KyJl4T{~5gyOz#s-ZbirPk$UCI|{wEY!WY
z;nIANN@5ekyFIEy2;Q2c2w=o{?jOu2-_95-uS6Cp5vPZG3yrC@FPdZxh95*e@Q`U8
z(ZaD{MMb%Apn4Mg+uT*i&clWytdW=WgY0|^kC;%?G8L1F)>LK=Qk{89f}TfE4i;ZC
zv>skr%$-of=q%R(osW_I8N$jHNk>zuwiC0eh;#84^u-sggu=l!v##8o&<QG+V?|^!
z#r+7$h!=t6lx7MbAt8TXW_V=qYac2{Zlnjv$+ORARpDH}_w-E-RZ15#CF}CDu+zm=
zvs;UUTQ^X?1Q~1uU^65w1CF(idJ!Iq$ck<YTn#ulp*-8;ltCXtC^D&$sf<t~YkRjy
zOV?P+IaIl$9abq}ZudR6X(+6^5?b^?-27JL(>gXtFR_ns^vZpHC-f`<*34U*(4_e4
zBywDqu@Jiy^qHDdxMWibegqjSslR%ytq%OSK2Ki|OhN3{F<hneBaQ|v6Dnk#vXXv_
zDGDGnCDNJ6U#UW9toBiQe=*`dW5JUHOYWnb&TB{~C=GCKW-2=`acQ`KE!n_I1AT_p
z41-W%MQK=<CH^xOa2yW{x*Q?cNo5Oo8=<uN6n6WIMW^2In495VIvs6VF@mU_q2fWE
zVXhJoNM#RYqE5UvgNIaUvj$c{N#3Dy6|$cI)v%Ok_9gnBWV4Rp)^85N*i%kgF-LST
z6PAudck%jsVvJjcI7>1PXI?=$>C$-!l=>>4cD{u{XvjD=Ds&#lRzcn;J(eGEX2>nZ
zrUq^?Zxq4&iWE#HBaWgoJ)BwpbM!O&o>GpH2nT*kx5V7Wp$r;m;}AI|w8{Q$b<<{u
zvsBCGqiQ*!bBb9;r(|fe{aYG~VHAfrpZVUD@MH3Wl&!ZknbiYA42I?=1W3O|m5hHA
zdTGNb>o03$dn{08zb_0MWI_zg6xwMpyLl+K%{TuzA**4l9E5u7kE9de5Y$^yh!*&m
zt8_W^DJ`A*JT%F4C{KET-&s1k#G6DKJ!iDJ9z=ZJNJ8Nv!juPB1CZd)4uYjL+FxVh
zTGC?5>{YVR14Rs!e~mom_ee%pGgxPYt@;oWk)-|l@i9(ST9=uB9t-wLE(ZlyD|tDY
zC)fc0sMx6Gm`IA-BIG!d3-(UgOG?r(nvR*G)-@{x>2s+u5Ftu#WB`UU#t>xk5>prj
zNind07Ug3(cL<T%WLkF*`_Vc;#%yh4g$c)s$;iMkZimJ+*>iBEk{X#Yv3!PiHNBV%
z-bsM^Uo-5vO4Fi8^r;_VxM8?i@G4TqHuPa8W;<u>SSGoX4zFtrEI+{nDI|+{B3~tz
zaMH*vZiU1&V(&hz`Oct5tQ!~Ee)`~fMMgm9EAp?7zzp6+3b0_EvjL;hr`Cm6;Ui0!
zs&Ijc!@{E=agm=x!qr09tVt`$?k83F(jv@NxNd&bnlVrV3O?@OW~rZ#oG?JI9y>Qn
zjl5qbKE|oShpQO9@au7Cmh$riN+EnM!}k_U606C88Tt&S1$u)hn4k(j+jqF1T8JbD
zTKW@I3)JPG)Eowz05V%mqNuiNE=NQ!JXy?ETNWOf%8(<BDPuV=niN~;-sO*^h+8%%
z^{2g3T3}CRB1Rf*GDiqS__Jm6YCldh;z4$JkpFncZ)wZ5U|Tb$W9=)e+9$Wjhe<*<
zrJq1dK~;M6+dWFT+)I(q{$?>cu0Y<q{^da17fe<Z0%dqxBP!LYp~{{B37HWG5ztO+
zrin@s+d{23ogW)5m_0i32fDUWc_&&5PC9%R7@cU*Y!~1)uWhn{Vb$U`gVga<={)xi
zhX7_i?)Py$M%0Cv1|x)J#y*Zczu`>}7Cy@6B$QItfE+C0r=z0(5LycK=$ZC$tF#dn
zCDEnW0<bTounMQPa>CnO<(5-&mklRI_RlEZP_Bf!tTIIf464Bs!Bb!e1_9|8q91<O
z7;YO*$@7$PO2D%wvThxkz(Ydk5i~9)Ct{}B_WuZ<8@Z^`zFFiUnbL0o56&?nK9fJs
zQ@@JdaN1^T=)@d*Cuia?_hazOy?uVHd%Gqd<;)>AVQ|i`@?TP%Gv=?dAIEx$<sMTF
z%&BS>C(!U}k{_I}9&h}Bs?fYdQ%NSMKpO(A#eTguO1G~YNt07wznOtqJs+i!TTo#!
z1u_D1fFn`-qH#>8_|6f@bkWF&2+r`2ZF)H_eAcKMR<vx56g&ftT0cb}>y$HjK3XmF
z8PP4dXJ-Tl<PG-ivPu*KhoMgQnV~~P;fuz7gN3?o^SKGW)`{5(K9%H)DyqTY419PO
zU<s&48)*BWzTga_zja(R7FvtCB%f&xm{`}Oxf6*i){b!GGlt4vOR{7@3CDs4`HPS`
z%m*$5eJ0jiEywqF`IJWQhSioZ#q|f3aUd6}Q*IWVO{HblNP8UYRF_q(sBgza{+ZFf
zo|+;<F}ApWyzOU&ghOLQG4Sq?sTk+p32j!|hsi(Ar?6+D*x+o)HA~;Yi8=<x0<V__
zz!ZG(haTu?U&8#u7Y=5*&jQa^>%VYNHQq}JXyq?3mo0uB_lw9iTO&xxT{fr|?P5f{
zezC?DkW{|$L&u1by5m!r>QE1jD9>=I8vEM)AaIt<>oq=IkIjLzZ@Okz=|*{Fd2z$)
zO+c8L;b~sxbpVrVNK5kgPLka~$$)p?9DRmR0&ikg{N!0l?uvI$uBvaA%bdT+sU14Y
zVPvXT_>;v5mZoTDz#tjc0gT4&+4-=T+Gz3*(K}H)G1iL$8!Il@lIRNYQQMvhed#r*
z=xk@`Q}|L6g~@*X0f%}J)~o9)YgMS6@7t(gSE$@^N#DDCbil%zZH9`e8OFvQd(MM_
z2bt0#eY)rhYk?)C4ioyb>wGMgj3(nGj_`wokeJGHOKgJx_)l!Qn^HW7pFW&R9sF>(
z@lH=SF`3lXlhag&&!jUrOD4toaLDK13~LAt5Hw?mTR~MoZn8_aMc~&n>+GO4DwXm1
ztk@O;dFI(%p2dmqzIGCScBT9OKNnilh)|ZYd?tWw%ztzr_$M=@lT&;}09j-5;TfYW
zrX8VfA&7*S_#($-3Bh~nn-!c>1h%b@e0j!DnKAi=3YVe$)$=1dMwS{b4ttLEr8Rr)
z><+dV!R#t6Gv;e%2qsOWDsu`nt71t1M}(cC{?<!Gt$P(zgF@W=4Z3o9jCE|b2S}j+
zihciF(}aQ>7{>dkTP&lYpTr=By~J$8;T1ybDG8Dls)>>y{3Jy_*EQ@kP5j}H`M}s*
z-NAG}okv&pEWEQvLICxLj{vBLAIMZPjQ3No(73z@B=P~3P3dMTkNQD%{U)_1a+XE3
zwsZkW^Jgg#k=(I)wI^A*imXu}dXIqNec1qo0gHgg@1(@?gF=D*JE7?*F)<C+PUeeL
zrEl4%ew1jE{P5yi<4}K+m8}?f1XX!w#wQ5OWIW=&sI)YWvE~=5J^9nGJ54@WS?3)>
zc;W{4F_cA_o&#CqACo=5y}omz%e~*@aJ@jkDi$fu9g-LF?Kb(e71=SzNw0<?G1>V<
zXBY2qeLapU_|Iom1k`g(3AC#4XIRDS8==;h?E*OA7&pZo9Nya&f^6FGazL_jT~Wsc
zYfiaE2jTq`4p-9XIa2?Y`vw=->5!|v<HZQmwhNJa8ZB4$&lqppuKw8v1Q9}<)hIW(
zaR%4qb?D5VZ7;CbKnvgWEF6Cz5trxrkGICTk4$oP%$<O}1|k6n5twZ(WS^A6q-)+O
zxaV2l1&y`$t@zj7h#HBHyWWk3w*&CTneXP|CmVQ?zlMdUckSonYCip!>)w!7p1&XL
z6B}1!wlDbHoYFFoph4u$w#uMIB+0V6<!k-VBR5?%io1J#)G>{LLVeaD{qLmn#%b-@
z31-y<MOl`ht;|$#y~&+hko3LhfAE_sq=nstw(WG*Rpx|*Q^e#oo)G2pPX#&oFu1;g
zU;PZQN#h@SP}OT+YAF3|yO=U<dH0PKp=F@Y-^!o1h-iMS>Hb=O{68v}*Qz41t^&4b
za4Ek~Q+T2uHT9oHn6LT$wDwVp9aGiD(I<U3XYbW*qt}gVA3q>=oX;iZ&2NRnZG-tL
zjcF|`{%`eMc>PRH*EZIe<UKl2_RZP5bP2`6#OhxAzu$E#y&CnT|9#s=^p7sG>5m^Y
zKjS)Bkl#eP-aC)SD$m`)-C~yTlEzX9aELQ5Az1bdRb^3SPK_haDHtjv`nA%yrV)nw
z>p3OxLGwTAwOB*Em20XxR`H$zSOYHp{qF3s84vV4Ju^tiZM6zhUh1^T@dl_4AVD~3
z^t!f%MC6D5@voSB$3iqfP1sS=?z-djrz>FL)<6D(ch=j%=>p6G<5xXyTgmC!xGcpL
zswO$d>-N3MK^@H2?SOmtQJ}OgO?E}~C+44IRQ*h84~m<0NNH0abfD>h2{65$Cfnyn
z4;EVrCj1P`Vni<BUd-`lSQ6W^zOVwOg}B3}z^ABRnt){xT0>z5OQGXK;=DYcw$N((
zY7@nX(l`jVV7DhAZVS8qk(e#pWp%tkjP_K&^SJ0?l8hmKC+%uA-RHZzo2{J|!tcEg
zG~9E?GKVkcmW!>TcSR{kn{YBoYJUx9u8S~93KE^yn5k#>y7r!U>YuNR4h@SfJrp+8
z3)#To-cDCyM(T+|il<mScx&n0qy1-AO}ueE(^t=U>lWT$JTd^~F>LFJYEW#jZ*cT=
z^2PLZw&&lA)+Yj@4;IY+kmN}K0v&N4=^nVebq{IA7cEV@tYZ9az_I^|4o%xA4XB(t
z&22w*3$9t3imwu#j=YP#mx}ZEE(2Sd30_qP#(A8F$c%CDgZP_S#bm~+Fb8j10JTe^
z)7=a}pHR53^CzST;(5FDP;Xw6;f)YTuKWfwX7ZEOX)5m(wFK|8Nt~ekPK66aKWP1j
zgI)3>qNC_5pZuBfjxwYvc+g5qFR)+vur?*Z<C>1=gN*b~WA5_b3T!1wvodkRb4=EP
zf^>*-y2r)iXtpW>Kg#s9li{|l_$1*hVp-E&imicauKe$RvWm?MHvejS*qQ<iijrL%
zTg5@-PTU1KulsFtEXOg>Wfa?#O(*26^oL}ZcY~4PMJNt?9%^)<L$sjA*GZt5X_sWd
z0?4O%Jvw`F5gJRlyCzmM9Sd>obuj5g5hs=K<PrqGNJ`Ay^}RV5*LHW1ykY&&h|iS<
z()rV{jQ*id1n^2J0v4A3dJ-Bquf7(?W8E)GNAq=rS$}#sUNZxG?Sptaq(<{mhUlx$
zYChVENbp*C&V>oetIIRk-g_*wC|2gHc;MOnsG*x+Xg$Ev*tsDU-*doQlAKW?c!!4i
zgJyD^u0EpT;~^%wd6Q^`pF$4}M(QIm&1#eZYH&+PUAh@VVIGCL^U8^sy|pu#f1Qj`
zG*dQL3UD>X?7OQ72Z&?%jkjHe)cO8utqgw6=PKru+Cxyjf%ryLAe*&*f$PG|kbcB)
zgSJgM?t7}Y6S}-RNpTqf<wYo2qc5%PBv6xF@-0zbp+xa|L~+ScqqDZ%X11Z}h2n>i
zbRvPA|5qVQ^)@;SRcA02iSNAa%0Lg{d}55KYuo~*@W$3)-;3V#VSM6C9v1mH7pqlY
zPAkjQN#F?G0B~eWD?jZ7$7<b-`zdB{4`4%G4iIs+S|^~Pa8+G85y*%SrFW+!$x*Ub
zeEV0hlp4)W45+u)qQM34Hl#Om{w-{e0Wq?^bP<B_ekEHqL+fXk60@#;U6XbadXr>C
zqGG`bTW0yyK{9hvK@=_9vIAuj^Fq1u??&0vH*Xupi5RO}$)uqbecCBy4c55Cvw<*s
z7qClf0L=ciO3-M!hx2edu0^hSwEc3&eF_88MDtvazf!~PiRO19GAgsL(f437vU@8)
z3N-;la)9!LW{3``)f6-sJ==AIJxc|ott|g6PFJ*T1@xP!%v$}^!J;wY69l!&+{?Bm
zzaC9@2W$vlkhYpq4Q7m`!*<t_czMRR{)9jW8HANp+=tpqWkQ-nr+5iz2YZHCtz2Jw
zZKBhkC%(U*ABV*p6;FL_v#!<XZ8aEUK&TeP6Lt1sX!6HERrrUI=?k#8s=OSDDT67;
za6>}AjF>oC)ef?uM)mhh7W(<Js(VCWMP!jU3Mg%0a)dS6zOhf46a3hsFMY1Irf(+W
z1<wa!iWO-Dm|o}=WvBN(Vw{<~QrzVDgdp!WvU!Jns^NkXw!|#rHVOD1?Z9{I@q~HL
zWW^GAQbP{bxZ0csyc6-`9<Ho^v{@3~`8ng@Un--^Tut5fW)CGe>Tx=i3BUc1AcZRM
zfxcZlE!Ua&KVPKXD{&{NxL4Dwwmd;3m8dbcOef$etec;zlod6m6gU7pi-kqGy+GOJ
z<kY8Kz)`8PZ~uKwbk?Anwnn)P@KN?9_~?H_uq;_A;Od-pS&a+(H0|mxA-dOVigNjV
znvR{04EYmiYqFso!%)E4X_0GlWJpqrD9WAjt)?1Gm`#U?EC{}q)gZA)YnG4RaR9s2
z>q!%f(I3-Ikt7Z}6N~Y?GQhu!EBXRu?$JA6L(8n=R(~ZlH|xicokjokN6rFw#KcLs
zutn~8tSvG+uNBi2eF7E;2+z3#`gsiSvaD=Iziz+>xpe4B$B@^mTz%Ekaj@>6BO9i*
z2zVh+I@KgkI_T>Yzb{X$ulqh<C7M|L2?0vsm~&;So^4mlpgNAe)5EceCnp`>cn42~
zLMs&}D6M0D<%*><KkO2HNVFJo3LC}zE~kRp?${Hi2C{os8Kui(Ge3ROd*$@rBM@pw
zGw|{)eTyAU<jH0IIQ}B=0~|;!YPYx%-3~BEeJs}9*PP9gEcBUKAbR`?yZ6duJ@SC~
zTSQ{-)!td}1#E-oxAEf89g6*)pZ}{~mNfc-D%n7c^y7N*HR7m~x#QjoXdqC-IN>6H
zLhn`8wZ#ob3w&;#*A(J|$38Vu2GCJHcn0Tym<i>;%Vpp@WOS~SZ}6WxYxoUV+%~r)
z2R?A1d^5q<CfihbImk@pgZ+G)x;`Hxdl)<eD@lcXPkJc0WUDmrYLZzpO)x?4B59k@
zu-$^rB4Hy%KK%&0jYjXH=wXXc{WmBX9y}u0tk9Vvr?}VHG3;GXe{V!!uzhhJB29AO
zT3^14$$Sb-;|Ax8qvN3C3henbV0{_KsvbUw!eTUk`+QZIKT34)Ds){~-8X}AgY1(r
z%qmh8yxs14l+>xhy;2V_6SOAbuq|58S)`|yhkEjfr{9zJOT>tskrjr8G}BIt$Ad0K
zpOGTJ*u<+-tNO0F0Ls6``=^#uW_OM(%N|+<sm2qJFXvb^rAI~YZi2)=j%s{U5Wn~p
z5C&2Gh85J;tv1JBYjN!g&gv$-G7QYAeQy5zHT}8!mviXoR@qUj@sgML2Cxc)W<=!N
z{yV`2kj$>N6YD*DowilFNA=R;TEg)^_P2EfUc4C;dQE>!TaW`-;|T(+t@6Bnn(E#Q
z_IQsxd;REC{@Y=+U&N0awo$b?diTukn-nea%_B3Hkk={~#NJ_oc=ZZSu99~l8xK10
zpBH=*Ca7OLL)$grL~|yyXF`8+g65pQ17Hba1?p{sC_a0^A-V3jX!|Ci_d2}~0wtpZ
zsdS#BP}%S`{iL-BaRGCjtYJ=r<~Z=`-D0RU?SdjvF3Lyo%Yg^dJW*sh<eJuLN)K*R
z!-Q9_2A7cqy!_U{nJk5fY;0l8x1!!>oaoJqB3l9a;Q$+Le{oExG~p3pePANcB{Z41
z7yxX+mgp?ZN@0<3u2J4lTA_+MB1pW4Ty$Y2Xb{-wc`sHJp;&j{1?|`eo&y*I#H;Dx
zCy?3!x<6_6IA#;{Axj9Bpn(MPmhwx0fG`69ikE#y|ATaJaYGaxjQ{OM^wp5S+6%;|
z=?;J*`VIhGLRR40-*ebgmZv?i56)deUyzJ{I6JHc$8S-#e{qX)w6|$R+RB}GLOeUH
z@L{R_3XNcIvnb#7#VxIqQw^BQ{v`tFV_L?6y{Gn0%NqBRWV6GA!b|Ob1CZ*}Z|pvM
z>r}1v>aL}w-Y34*fVJv+^;$5;Z!x6EdnN1SIRJ<=V||KJ6ZhQwgSy1PkJ)~DcSF|J
zpkd(f*xW?Dy2RNeiV|O*Mec1z8(?B=Z<B@R90phf>oo$)?CtDy_|YysX(t;!wr4`S
z&SJMLz#6%@RrH5X?DW1#3Ln-#VNI!hE)NIx&3UaBKlu>ug#Uz<nX|*G{Soh$SQ+sC
zv#NzBuRg%aLO*>NuY4Ve^+uvy>56}@T;nq$sKUKfsCb=hj!B@9Gr2LsH`3qG4B;?r
zm|*>bozj{n2jy^&BqQ~Uh;hi>>};zjBX`5+0rXHSy0TzgcV98LBus~!JG8)g*eE<v
zl9j-gS7S*^)oT&9Wjd2~&ONhCI`<SrQ0#M0Ind<}lC;(+X1)DXRG_2YcH%DGasG8F
zN}tMrPWj#KM`TZ8<da?Tg8UJHbP)C&V72}k_p&V5&3g}CC^-Po4z>N_e8FEh!fW<Y
zJ$%1}KYnREycNyrN#S$#?zWh<@0*5aEJgGTT1PfntF@lx!D6gQ1Iv_;XFr!ws-i*T
zE%`ng!He;qCiR5EK7t&s!`ZS`H-L!MFRpp0-BL;yq}$2A|MSdP8${H0DMc{me8)pY
zA2K^r-3bZwO~3d^eo)2vtiXwd#^XRAc>nWvR9T#jfIv(r^p&*uhjfe@YH;%vX1<Op
zIlNR)IT?OYT>F)p9u>dN3{m^Fs#s@c!te9ili&N;{Jj2*zQK&s(nHP^a7k04F16$0
zQ=#nJ$BmT1e>i5r<<@JL_Ee*y8BHYFpjj*A3iv~=H#b#}<j%RVUW&(7WhCeM)yhDw
zP<`A-TDSQT7H}pBfbjk#$klV=Zevw594UN#l48Tr&1A7Iy|{wd7Sj3f3fP4)DvN}u
z8Lkwze>SZbVj=)o#TSCA0(u4M53hdR$?8BvrgT9Xocul{<9o*>qtR=(QTg`LNfECt
zvpn9}=Z$J`zC@@C=)p0>?cUi}$}Y+Q9fB9!AK)cauV5tOr#}H52K(rId$WEGPLf&=
zctz=U%ofLX%ywclZYX=>j7}RawL$_>c8|}b&1N)7&zKi#e4i%skOrF)L(&{i`r3<G
zp`<^QYs;8|1*FqntB#^Ecp49MsBi?>W&XzQLI0VZuT7;Nt;jG!ndzWEAUDDWhZTmr
z-$j2|Q>d7vp?r@-_(Y#rj65(zU@N=&Rq`Fqz3bq^d-#6MVWhqo`<*(~ALggf=3p(%
z9u+Ylrc^(Ch^aNFl}Z3ElUyJNd5l{2s<PdG0Dly0qbXvk6%?OE!Ed1s@h1h5OQyg-
z`%PT2E;Cf0R`FrlW~T!Yi2C>|pB`bxUu!bkYXKpO?v*hm&;PH$L4~O0cBFyh8XzKz
zM1?ezW73I7?NSIf&+!8wdQUu_7W1ZX*?o+hdY$HR{^Lrv@Gn{u<sJTyNpkGm>1OyV
zArS@sK*bP7XZMP~6-(uL#M+^sx~kipMFU}pfEYQ8PV*HD+f)x`_?c<7BKhx;2+Z$V
z=@v@F$9X3jDSaa2{FCzQRI*BJ<Z=@2%booN#4NE;&UWDZyX5Ujo=!Z#t+dk=Q4=rP
z2SAXfaelT$AaA5Co3kUnk>3>KoqZpa=uwI^aN3lI+v0c+BjAcda2>Itc_*l%2N3UQ
zmnuzNXF}Kqh?WGLNZMd&-W2C!)D`~UO2vjz{+K<F^Q4+0EVZl!m&OAr1+?Y<#TBxw
zvnYF*WA|te&K6!lHp8E=+$mer=8vhvQEBI;g7XnLdpAe9?my|qCtCr<`qi%$kIA8G
z(w{+ZEnP@wuTV%he9+{dvGXf@45^vZm!Kl)fSVT?G>I~@g!M0^eSNLuhlay*8OtHp
zKA*>yas<u7%ca7|!pW6hvKiyt9!zs5=_G%^>L;w9AZsng7A=PytHri34S;C#uFG?l
z@jh<<#uNJWsAC2dfR}~IaJA}r-@wt4qnXiITxog7tP21?kk2T;C;I-g4lJjeC%|W*
zFFzXidSt^R6&5*b9_4=2xNiI8=ooEcVSHg*G#xf+*n>)S;#b3z)Fp7h;i$!q6x~zu
z*?KThAJR_D%+mQVVBn%piJ^_&z2xe-%(qZx%$_2`WLL217?XzgXErj101)~+0cE*W
z#|OV}V9&^RrD$&Cldz>icDSBUcKcdZ4%s%l2ZJ|>q<j}wDCUH5Dq^G_4YFFnhShqo
z$qqb`q&(O=D3~M>+UW;0uB_`_7K_iwxY){+n!2pi<ybwWgz4R}M;<fBK6GJTqYCrH
zNd!*w<UW%OM_(Je!jXEW2bX#lp{Nz+E@4ierek>B#GvSRUGPr2*#4>PlC-9Jq1-0h
zJ2%a6&sf<ociX=uTGN?ypb4Th9edJ)1gMOr`UwXJ`781g(2}qRtjXV7TLq5e!Fg@K
zc?@i2lWf4fz5J^I!Tyd$Aoa{@*vCvxI1cxq{DfVZ^2Nqsc<MMA6)qEtw1}|VIPqGh
zmgcMc<5kKb<KR-x`zPR&%+8PZ0%Nh*QAk8-mqnZm6F6E4rAu|-ilDrT717|y-SnGP
zb!*<3h`R!q*X`mMCoyckekhGQ=g%h}DEV?|<|VT)#PxM6QJ?QeUNvN2Ew&o=WzSe?
zIhQ2z?D6evBu~zL8zMNQmG%&?Akq(>?t6SYwk?DwhiV$3e5Tl-EP;8?wYX0mr1IvX
z%`XtK=rjRX#mm~Bw6;_ZBqh1Y2CN2CZFdbSUROQr60OKtoJj<+RWcGqFh;)Ql&@~H
zaO_wu@`K|ytr|}vtW`T>!{QC54izbHh~4qUrXKA_PJTyP{=qdR4b(X{lfGsYSK++M
zE=_^(toMQ5xwA2<=<}-g<G*^x;V>5=qtz*B1#HQ=eIX1qLUc?pUS<a-FHQ8!Fr%Bh
z(zt=LoP%P#HgUE#Ww*F_T<M^-8>vo%08BIAqvWXof%y}>SRWZAO@bMc160RA)U<{_
zLG+AnH24E%4)~&v6Jf4%zp=Mh1M~(in?KQZWq*duXG0Y6u}H|pN%W(~F5;tT^Qb;s
zXF7{{6tZ@WW_Ei!mF76X+5P45g8Mu(-xZk%@c8w9!=j1o1vFo14RGK^MMzH_MqlCd
zTC8cNt+^q`3ha9=(s$eqg-LC$ZbI(d4Y9AAY*{*Q?@JCMqXQ`kaG4kr-+U_|h>~OM
z{RX=)2!{idSRD@yIi?&Cc?3v5q^uoLuSE4CMFDFTfZ-!Ff?f;WXuNGcGYer(;5rrh
zn1H&av?4zc3gblq51z7I=CZWCbdfG;j264Gs)p_JF;ue*KAe8eP#f0CE{QY@F(Lt+
zeykYp4AU@91eme{F2_%XBNwN_p27tITqhUyrAXV>W;^z&**GP#+`iVARD%~VBhqF;
z<+gzfSj>Hk1UgS-Drqg&K^2@QWGxS<_#Zpoq<h#;WR_~=6hWPUjM9`Vc4ih?>jli8
zxCA9IbT$tm3&_{a=kX@OTjT-2_dWxVy3P~xbxn5xA8W;}E<V<XThYn6eBetsprV#F
z0W1OaDBR!I=z}cuk+chrjrqKYl!LxlzAOVvIanSD%ZQ0atmhd|W)(5VE)m;CTq&;z
z)RGaneHORoq$|U{0^3Tm_`Sl17$(>n>GRPkMqqkoio5_m6gAcx){TB*e+??m)2Ddg
zY(cBM343<~2JQRj{@lUcU{hsNvlgHOydX{K@sxm?zA@PF2P2Die^*oboGEi1F-gU`
z*@6r!p_c+uEGtA2L)V)-{sk_<MP$t?V|@x=xMha(D=Z};6=$K3G_fLq(LlG{`W5{Z
zTQ-w|DWL)3ZVM&vb1ITD#_8tJslg<9;z~K0W&e<GvC85r&&XPX^&tyYd}Z*|t6;&6
z`3b%l_(cln63G1R=3sZ6B##|GWFN=gRV!BK+c3%<81NI^aW<YgJk4?^yg#~tPy7}T
z=Yo4xKbgEX%CP^C?H+T-`Gw8#NtS!!eP#i0Xa{H9Dc{Uc>|YzP&@WvZm1<4@t*$|;
z=`G;N4$g46Z|{5Oue{b@$1*kGAZIr|_DDD6=x2^01mjC^gFyhAce%PDU0i<Pg5*M{
zr?_u`HKHKX9sClLfXG?1ICG9I;zg$n=bFaiY{;w`e;gd0dZI0Ibpr`6=W<1g13Kh@
z&N@|CVqEUCg)7{q<hW$^S@qEs`N}q~I6mIBaCH6O_Qbk*%HRU<no+4D3vG{I&oPLw
z`VF2~FE?i_;Kwx=>-r$L{Ej!-P`}jyF4nBHlS&J0?yZjHar%DA^PWL9n0L=D6W2{6
zDNHja=+mlH!!x?)=@43jyY4Owf9Y|r=tU%o2b=32CiA?v`#?p2q7AFwQsi+Tyxi&n
zdqNm$2bS|*hxHPfDU!<l3;|MMu+7l#$Qs6S*&GZD#h|320)2G8`=t;WKL)KdOm0gC
zy`^kL7A@eJN|3p7`dTmkyCvhq*cE$XKbjCsi)@sP+6N^9hEe54o%+NH*0LmlK2sP-
zXEmetpZIb3#lJvpWVIdE-(&vDiQo?XMdCe_=Z*^m3D*#qOZ01F5IbdceT$aoflWvn
zE8<A_2!AcYMV<T%rhy=JoPmk+s#L#9Dx+gAabIK<dsCbP@PwJDK(Cz-$HSxN@$M06
zBJGy$U@~VE>zi`=`is<}2?J|-rQU_O%KEdi<G>XTW!PoQE3uJB;#TYt_@^ZRxP_8h
z>h61DPA)YKIn%FiybH<A^;MU9obADm4905uO-SjFYC-&7L|u+%Wd&b-VAR6u32^zd
z2haVnzQ1^N5(Y3_Mr|iqkGejp8!6I_6#S3{WH?%Z(aFK_4c4AE-w9qb-T=S?Z6fpR
z<CYl_bf$SDDX(KpqxYS6f#r>I+<bUyTg5dRfsQYOW?GEzfI((EZWJ6KWk5iQR$4{C
zfS~HK9{k@w*Ju|yz7{)Q*r`0;-%h_!yzhMN00ju+#LTw>^<_CmopacIK?J-xf%v7x
zE;niHy%%<uI~byK{<KqLIl^zU^iaBxP3L~`<<OES%a3&|Emp{z0_XmTCHrs35Z0n)
z@c6ncSuJ3#VwR_yoIsA2){bUyZmiJWml;S^lL3Z+qBFh@@B%xq01wR0RW^o59<T;-
zBKV4J_ex}qd|(dwS9oAfF@4Bt_sk?J3)<2^YY|if<~Udz_yXe3U)ML@)|l>O35q;v
zzJIX;MV&O)KOFJ9#{Wl;`~=3hsV0^jh)6g2wJeo}UFYqU@eavMGD-KvN%JJ|z=+$5
z$Wgy!3WwuWFx}%Lh{b>Sh*#`?;Ul*(_xOnA^HCEhFvf5JSVv(wfP(-W$vr;ujI{Y5
zJ~CN$zk~tcBZcKpnS%y`GpLA5tX_xCPBh5g%s?lA?k61RwumpmH%7La_rHQW&YScL
z;QO!Vja~hK^j|v{jm|^|5E5=gzRmr>XKt$tbVRnA|2m?`l!LU`7TH>`Q%NTMi4<IA
zlQ9``g4OvX8EEsCRuH{KjHxi`c>=5#{GNwex%CXMri&c#oBtqbw06pc%y1$uvO%Oa
zN@5!voXNPM@Rl~v+j?1U^!uTci!(Vc*I(@x<4|Q&deBZ~lN~`uu+0oKOIRDQm~mgL
z8Td_4aEvK7X^8{im54Frv%Q!4+q-0#fG7MSA)af3X^<0xYT(2W7#?dHK}ne#!vH73
zu?}z|<o&mAglnI;Z0L|G4akO|zTkh#IW`~3U*Z#Nc2dl=6Z!tt5CDlBs-LAjo%BrN
zgfOd`I4)YEH~xKJ&tViH^(I#>$9iAv*}ZxntKz4U)AZ)2V(h3VKX5J64T~5b+YB38
zDwV1ims9~hMRkj*b&6ynus5Uk$#>R`SpXB+j7$HEiA2<(ZaSZ#YcZ_9Yd6a`z>{fO
zxL{p9)}jX35>>=IfiyurIpL6J-&v)87q4pjDCjRkxa-1D#=Al8yQ0rQ;5f#hA7432
z6r*sxxwtLhT1)z;nL-{wYr(YucC-WXhccc~b^at08-PW6*di*?RB&D=Ix@#<{u;ft
zjwX#gzEidPLTm%SAO!h7g_w`XcF^!@u}NQQfBk$b^@*YT7*=At&lzii)woVq%|k4q
zSS@PgL8#9R6x`<Rp%KuI{S2%HRzr9=4nJ1*wWpF@nnws}iKa!{ErpW_$sA~|)O+*r
zAAZDfS_d$bRH{pJU~kfxa$r4DlMR!<w09ZGR6GCkA1kuxSYPZ?^^x%(D{?Voz8#TD
z+=gJ=%@kWpjnZsap6JACXa5uFl5WNv*Ub^s(*rlOO|8KE!m>*$XvsYwG;EUs^qLmM
z&z4p`%0_3$Jaz6T8jko@08w<4luOT5)Y8kUe>$LE%=YCullC;o0x9bmT|slUGQeRM
zkM}d|G6jKdhrCPm*s^^fyf-o!P1;PamdRx;&Z|SZOA8_yUb`SDm6|r~TpOP%4enQ}
zrR43h`a<^oKNv}I+kY?;xuE}!kv!94jUwhxT^H)I-j)T%U*Rrm37ISn37H(T*dFEK
z;uxa_!TJ=(41hdwAn_K-I;JXntC~~Z<=dxP)OP+yHOJmp)^y`6<$&{a*v|gT=o<vv
ziVUMUn(^R)%unj!2o~+W9)`}-tEJw&@Zh`O-m}OLAJ(4o5~GMYH4pxam$`HG4d=+L
zF-Ran{X9(D?)ZkHD|7Ag$vCMB+u*yj2f=6g?_w_R+|L{d*spu`J*S?qUoXq7Jfl3r
z#bE?U22y{DM`_aZc04~oSIc$mateN;1Z26|A!y5nXI5-IaOys|&VOhMQ*VyzZ<OG#
zc_cNTJ`C@kn^!%l5BTcr_djup>yrN$mO~T+2wvQJ{q2hAYo3+n6jrWhF@TS-8oq8U
zyatiy)<|Gc!|0z2zBnN<G+l=mL7udTl=aMtbp0sxr39{IJ8ydF<tf^QOw0F2RbSj%
z0xYUD>H`F+wc~iEc6nxs;PlQs!KNX<K%D%_Q-s$%sIlDtlSCQeW&K-!8^PDS-0Fl6
zSSDTdGgyXQ+4!Twe{l}#2GPk4y!KziY?j_(gPU-j|Am9_vUSY-8E_uD*thn+9@npP
zK1b1av+ec#pCpUCk?~o$1m#Eg{|8S(C-YxC31EOg-z^89;?F%vbMu#^$^JE5?&uAT
z_}@ebQojx$Lh8vI#Hs&6Jk%y#;WIb3z5W0Ha1u8_*`4$gALl{rQdL6HG4N^n1f<b3
z&K;3Vt>2#nqpm6UoGiK_Z8bQz{5%_7HiP7Ef@dKpAmNN#=LpbA#8qI+#_{IrrM<fS
zpHMn#^w<04N~)r-3&>+nZBn@CGZ8J!dGyC0Bv*8$wXPqrs+3<^Tpp$JY7LneV2kbh
zs+fAE!XT>ANtY9|T<T0fI3g`F3sQMz&iopqdFX<~ks<b>+Gk$<HMDJCMMKL`40&lq
zP34asq}7>0;?nvgNpkB4a0Q&b(~z&=8lAr9sk+57UtMIH-cxC?v_xf{z*Rk~WpQYe
zPF9n=z(M9M15?CXz#JAkW<=>1C%LnEDA!8;S9xZluZ_WcwctfkM=CqzuiFzE17Kn$
zOTvO@2`#`3e-X>JK4RKsN>2HYn7M(!xv|7eG?_BQxbXUzjBSmML-(i~6|!U*u{&c>
z09C2h?7G4^i=DA&U&BfBsMgHJtppRdXcjgBXN=S=)J-%E<xBXhenwR*3A!`{_PYRP
z$T`v?snbOnCA1^jr7;3}^$Tk?Ls4x5P^&bPV!Hm?M}4(V#<pSjx7rQULU|aG6F3G-
zG!RB4+L4HT6Cwkhe`cyUkN#h&6?EQYoe^nE!_=28%h<Ov(H31#IIj?$Thtz1PZfoY
zXuJW^!GGzIA!A=Q^q=&nLnb7Pm?dB?NOm5J1~{OjB|GoyOl<i*n%L4UChl)#hWwz`
zQ4pZsYIh;d=!_JXkIr3IfWGcwkgk406;C>dW6^xr!UCPqj=>jJz;mPg^08@c)cfV2
z9$YXW!*I~<#9L&;aL^*quWA~&L4&_uId##kMtcVlyeuQhLnKtm?g=-o2IhVep7z*r
zz7zqRQr<!2z%dC+TKczjU+N6^uG)ff6DTE4FTH6JSoghwH@3Yinr?MFn!Pp=vbi4y
zoiiTu3BW-b_c{RU6{%%edzkGW=S^ejcnAoC_pUhq33E`*^!9g4Z%jUal=MyuD;FV$
zU))gZV{gR1LhQa}@Cb?(i~r&T*gz6dDe??9Z5o9>i<C4zqP!w24U{%1^pB7<VM(qx
zzR=B3EU0-OolK18wEQW9mrua*9oJH4R+VdbG2nXGc-GPPRhl;OF7g3nrwn$RQH|Eq
zs{Z{uN-D-7`+FSmdXroliwMmg-+u4HH~e%Aq{q<nsZr@a-ButBXE4qk(86r1AmWED
zlOL!ih;S%XS|WarU*Q#ou)3eR6~6g~fTFH2ccPM>$B0A<<JsV1IHR5`sj;arlOCIv
z;ojw(;1q_q#oTA^btbO?9sWb0mIIx@{ci?rg&}Iv|0$V1E+CzMx<Mw5l5+@Xv#e?M
zuo%5l?kgk2fbA|z|FPwK9ouri!5Ik=lV)4(IOaYB)<OV%#=?*qZmk_)F-98Y+b>VR
znpq&5`B?|oncIK?Hiq->1jL({g^{S;-gMF^RejkzuOb1<$-*tbopWb1C(#5{_hnEt
z623hu`gm`|q??(vUa6^lPlv^U8!#dWMeT+FwTW&6dOYW8L^$)zrM3XZDsb#30BkTd
zz^f3|pqGBSL8<MVCjkXEMsFp5iJE-fBT>w4Yw3u$jNMGc=iO$Cw~QyFxEy%ACcV>b
z#TBZ|26Y|aEv~f*JI{0{sBq!~RRliYlHReUk=gw;3g{2&3;nY?2kaNsM)DSO8~foF
z=6L+8?vgg=?JuHss==i84BT1UzK?X~MHn<ZH|4Ksqo_*&Z>{48h-(_%NoOsPQ-7{J
zA)K&Kx25o-&QRfieQMw+cFjW#UXvh^4iRzukU?L<8WgE@<NZr3pa-|@aJih;TkL`w
z6|cyrX-Y^LcmtlMtNtCIAW2_4FTWwe!;^4u6(dPjK4CrFqSmJTwiM-(=XVJ7G<;Us
zUGbNQZoFtmguSjF8r91tvVw=4WoMf~3dpN*;qJysQSPrBlKkCP2~V6+xq=vCr&(kA
z@`ON~C4g6mZ$4^OiS}D#I|0s73=m(ZY#kgNK=!peMHFm%u5|Td5w$HPbh)1-sr(CG
zO;G&cPa{hRc}yD5`bd#C$4SdF^jCbFdxtGVq8j5P5PX4r3(oFi6mqaQymG%0etX}}
zUQ3nnAPT^+KEs#5bSXNxDeljL;u>N(^<$qZm|ji^I{M+(=6Y;6?9Dis><XPqd2c+}
z@(-a;P_Y@1DAwmD9_RRzX>BU3+Bs?%)37ULnLXvzut`&GA-vhp+(Pv<Ppz`S@k!v5
zs}M-%v&+~jb*lWIw8VAnv=7xK4buG%i5kyOaY~$?Dn*SCqCfl9VO`R8JGsMX^*9u!
zQGFkW0S?KU%b~N_{w6^<|21=8!hbyQ7}!QF;1k@F&JxRaZ8np?J=7L8{zK2Cjme^R
z?}A{s0|@Pr6Ds?;LQoM1fRghi1J@X5q)oK*t?6O3p_k1Ok&7~bAEa%xXo(^}jXFa1
zJInhP5ab4_mLl_rR*wD7OxX(~{XL8CTN!P+|A(u$4u~r1zJ?t_QgSHi7?`2ELAtxU
z8>G7gB!;dbM7mMBrKFLT2Bo`GN#nad&+q--_=|J**=OxDmpgM}ue(kr8ilW!9{H1=
za>U$4S9R-cO(x28{f(#cs+#h!{&E0U>}glEZwKIa>SuOt@+mJfp<*N8)55l|5x1-5
zfo;pNuhDt~fEoEe2Ckt*{zQy_5YGK)&7zz2H&$x0B5W7SzGmk-K!4agMA&czfd-20
zmWuw-d0F3i)__oAr(LTAZF9gL%TzoE*@Cp->;>BLZ*Tfz^g6*_DnRVupT>cIyC=W|
z01CaEJ^#cGu<LdILvO;Z*DW4U&A7be-XcI-F8LpcgaOcF$bXa<?!3sgUp=F=C78bk
zHAPWde3VhHCSbSh=fSCe0w@ZRfSkhJIodoKKud57mG~W3bI68MAC&lyuz;rt<Weau
z?)K5<G442f&j$eEgnZYq7cbWV1JJYc1O9RxfK^~0`yW;TCBP-JeoO*(?`F7hqr5Zl
z^NUI-vrY_=a{=Xqe}tre#3W#q!bZWl4CMW#<+1wI0p)}(9`FA&+rkI9O;}C;hkyc{
z@+`Z@TJ=7G@=O$9B>=h%3svpbAw$OUBFW1$Qvl@&U?=^TRsfI^!q@)Mmhu})DChn+
zZOP|yALOg~hCiHN!(iy7M26fYgLM@@pck!WF=~Pit)#t1)&EMorFGGZeT`@kV6gN%
z{pF2mnfl7oZS}fF*9!IQ|6mx1*;4=Mud*BV(lYm|sv;&&|NcEv{g=D1bAzRums=6N
z8Cs}dd<{3d<ohc19Nr$Qe|ic(>h~%E!hw<H_zXj%xt+Q#hMQ1MSSu-Y{f4KBb35BG
zAg4e9$SLeO5b(7FFZrLhlJdA(j(Z$6(0sEB9_iX^zx9%-&VSiTp=#v>RA@pv`bhtA
z4h;K`GJUAdd6oN5Fe{7~J60Vt{a7oERir8m0r8_X;2CzzjGU&=b?r-gU17*wyX8GD
z{9a`8I%&^)oN=p(RkNUU=UlxlTjIA8;TVC?ny3A8p517B<Q&@xD}XvIFSyniwqz|b
znRZ2{*0$PW_iE}IbI&_o@eruA7hH>&s?W1iyl36=jz3aUYjYtGU$aUZs**AJeMGEt
z;hO{5`4>B<32^c^1%jLU`{nF`V&>QwQ|H+9vJQF2k#Q=Fi77Z%)S7HeR)0ME<ys)d
zu-bn_eB&nyg!&2eSO1@`!P$48!CE=UH??D6m%%g<v)y@A(3|hzs53JGkWF})1?u$H
zrk59T$Nkta{{5ZvW2-ahcuABUD0k|lQ|z=@kv7<oV<F-4Jbbbw8^f){EW^3+UHx#2
zF_0$Ttzvs^Op=LkF*Sh5PSOBsjjim#HSWyzrgMtiR9iYzY#tTv>;Gs1k!szd7H^pC
zSHhp=*2%U1s>=1rd*aH)9;nLg{Ot43DPz;K!X40$siGK<JmlKWP}|E^QQKQp|D-KQ
zW)46FP@IFOL^2!SMNW0fxLkZSY}t<pnvK*K%y>(@?)Qn{9PsJL5sA7<nv|Q&>mO~8
z(H6?Ynz0*X$r}?&9#`j8rO9|a7afq9W8j|Q#ZYCXz7(J7l8<z?dUu5lr1?o*tscS#
zWNxS=KK+kCLUkdV3a=_1TP`pNaL;r>{&}JkP8uWsD_{bJp??J;#vD7R9D^R~e1|{q
z;;MDrmOxBpZR;c#S{WxaQ#pPL&_o~o*TWo{2o)7TA0gmHI{#XTH2Iew@JrXXFH@Kt
zh22~7WS;256yKw~bWB&MfA-I7QeE*qv%6dT|4PWmL9L+{dQ{<Zn+ycIc4?)g%O#{i
zeF#v!6+UA4NXK@yPRP%el=o%D90Ev=3+8eEQQScRgR8M4NrIlIGseoMa@h-9Sbl}(
z$#~AL{X6exKuuR*y4}*S`2Wf3_aP~0>AbuE2nD_o>7*YL!hr*aOiHn@u-(?zsuFe;
z84mL2KYfnQ19TEV8e;zr1Il0TniI(Yjx+L7cRH_ofGrTBY~a}zq7L!E4HQ}9s)gSN
zG<*_T;K^=Q{0}8y*b>N&JH5Bx)YXeFozo%v-;{v3|Dgmt5Xw+#+G0=evb+`D0Z&&>
zbx9o1e}xwU;>!byT<&TM6Fhi&y3Z@<#{~UuJQ@GIS+AuW_gt4d=#C>7Ii&9yB@(=2
zEt>Kdu2jmMxRv)$dsey;J1wJ2%?`N&MbJnf$=kbAw(#73L^qhaZ`&&L+{gvFquXm-
zLdY}|y1cMCQ10>DrKK^V<Phevh2-TQ_6`$*P%?N9#bkx7^9SNHplJ3Ql<}T&>vhG?
zG&6brybh~e6#%FNQ-$s-+{L6dM-=M~TR6lJ@XHzYT&_EN2AlalvS<GTko$iD&{+uW
zY(ytSNUO|}J?nITj_QzxKXk8paGCVN?;cu&x8uE)@affn$^y<*@4eP68HJ3Jkag~W
zvScaF)FzGA7@6&7Ov$F)tBbb^9uG@2S{$EWp`=E1X!4q3(4lf!b0oZD(=1hs3sD+S
zI7{dxkaM!1&fwG%X>E#36^2sCVW!1MjwvS5`$$dsy%CiPFI5}UOy@}ff2rad!&gwc
zCOor{#k1hEhBGF^kZ^OE%QT({q!c3v<yU?A<&zLvLXsJX%j^hI$uJwG1{%vknh5S)
zqQIe-oBA-kQ^Iyut6#%Y!_bx#iLdwqQwPwZ(z3Enncii6clIvDX1YYxBq!TJK`Qsl
z{4`3~-u|%GG=4;Q^!*zC+$}x<;}y#8rDoa%)C!ZSg@;k`zS6Yc8j}f?ZE}f>0#kkT
zj#8X?(>gLO+GKdjGbKV1q;9h6xA$d0R~&!t>WMPUuvq>KIGmKj9&Y0$mmU!|aHn^5
z6LyDv3~n_?+NNkyf(Ge%MAGHSg7jZ~6iiB+iVce|(50w!%(@hOFdS+q^d|1!60?&^
zH3T;l=$c^V5rRlweQf{t0YddW+>Tk}mZzDEP7NW`Usy5Q9}S1NO1;%kOnz0TB{&=P
z@32gK*t46#61Q7uockh`1ofF<#-T0qqTAfICyGh=20^-Qij!72VvQ4=`mo=$`#NrS
zFg-;p+NyC|%pwb-ZlwV8Lp^QURV1wfK6U{_eOp0MuL~ZMDO%=`DH=-;F}$LxpG;$t
zj6-}v@-@6>NSfc5O9rZAF^3$l)(h=M3FB;r;+O45)1g}L+bCScmGfm%fv|vYWE}&`
zI=MIiep;3XQ7`_7jCR_%I~rCQjPu_Xosk0z|7n^=bOGvQ4d}78H>k?9mx%x#BU&k;
z`Dx$sKw+4DK7Q<h*MwKuVfB7J(DwtM!O(m!3RqqlaI2<;5cBL?9yd3+)`~}6IPFgX
z><F=Gp-jZo34BfTKtfhn6`9>N-;1@%w0CEG`lfYaFf=?Uzs>fbWrV`;IQxJ?QOVx1
zcWBxxiJ?Uq<@7-4CS&S^#ARP-#9Vk^NIq>gfU=?BK$J#U8JQgj%K+S{o!x`~zoOPw
z-T|hm<mUj>P(Fbcpmh<#G{IouY9tf|H42Y%4)ByIYig-)c$g4jgUw>fy_!Yg2-38>
zmepxV*FIS)R4cXdCgF=VE_hOu&ZCs!%6)K@kuFnED~+GQDvqUvFxj1^swC`f?$03k
zAC76e<OC&Rn|;&fQC2+f@Lvrmoh85t<dmTJ0$KQ)NJ|RO2lXe&@CEEZ_zmN5sAMTa
zf#u+utqg)jt21(B4k)xsrGc)9rh_vVf5r4LO^0cT&=+g*3yi&|ljWgPLV=BjkzToz
z;X@)2HkxtmodCL|Q`TjB2T;IQ;-=}bnuJ$^r@}}*d;q6taD^bY`*H&On@<|P2caN+
zF`gi*RoK5chni{AoZIKzbV@%eOCkp*|6|HU;*tXT3CqFPEXS*mNcaj^zi1k_`irvD
zXP5sA?Ma3oH4Q=DCKm^K!&;p8&-uAJ61SKJ@82SEBIv)~3L<YKw*t`v5r=PZmjQ@4
z;3g=o2seuQXv6^^9=<?jWx9<-@DLCPD)P4oB{{J06r!0Q2UZMokV~ogI&M#l*wp;6
zfpW@&r38hJGTg_tnc93)iNIa9BL@2Z;XJ4-*iJHbp&580xUrN(p*4f#>yvnxWdzt?
zfwsa9`p+qNu$WbW=B13fwaB;cP$4f7yK_MU_Tw&$eee)F$*QPYdC=2D1VNP|00KDj
zLTiS|#Yrda2ojb73?m1(z|-L!I8%$RPb@X$!vk{bhmOc(0@d%<I7~j3#}wjDB<RZ@
zk16IAy>Cd`b$yClhU_00!li_4rmhu{G8%P#aHz^Y1oX~T9aD%ZE%C%avggh4g#za_
zdnG@9P(FofPEyzFF08=|8cJK+Ql;fzS5On)I?+wbj2*!c23p&FUk$Xfw=SuwpOFh(
z^gA|KD>|adB<Qat<LoYL0>3~03zR*IZyAb;-0NN(d@;XNYpMkAF=1f;lrXGhevP#9
z^@M4=ukrP@PAZ@QDb8aR2WcU6S30dUrL#B|SM80ZEf!p}yEngaB@q6mXAp&pSTmwK
zT?|n1D4kl2D^WZ?<{C;BHV&#fEF=ImK|xVb<>RxzihC{G`~^(VJIg3|nYCJXzb?te
zjS*mwLmKHVFzH)tV<Qv4C7gQnOo)DoK`VblSI()$x%ARCmeUig5+4y_4_f!k3J8u)
zCAe6|q0b;ViV<<pDRtp9&JQdsWoV2VAlKZOS04n^#0sBa(?jCdkjsD6c91G%mjl0l
z2{)0$!`{)UNIRst<^BUfs`^SyS=NL17#ieGLej>us(e;XL#<;<BFO|e+UhgW`EQvl
z&1W;;#H0z=lO6CN5WKHr(g-FWK-T`HH9^YHAS;0U){Aw?_r9@Vx?U-6?rSZ?9QUMj
z<=A-W1<#JKzH_ko;N7SXE^Mxy1L2RWZpc@&v|{ZmUoTshwpPeS$h|Iz)kq@hGMSp&
z-tdY}{g$7pivKw-GL;*=V;ImoHAm-BV)LEQ!!Ms0gR({0Uo@{m)=ECs9<seB%BG~L
z9zU2wFg=Fc3RJ6<YIAS8im?%hIFVeo3#tRMR#r=6<T~o{8iP#)9v=C`u@q&qT$|^j
zYy?71S?J3FMv--cP1n)t0E+Rqf7Ouu475{GHg1~6cZuyH07B9?h-fX)iPRFnF)XiQ
zsO=OR;&ZqJ7EvN{!p&N$6Y@qlq2dSq&XN8%NCJQ9rK`k$N8tW8f*Ox(w`<^n7X;rG
zzO?HdJz1g<R{A*<#!+YPbqHm{Z&<3Ml|mfO|M^>ENB8aZPB!5CnvJm82jmBMELWQ9
zC%<2+b8dO`9yI&BZ=v=<{qttY)(`;0!>on#+Q^I?X8d`-QuBj4nn_;hq-F^s75QB5
zpJikk2e-~#dK0Q!MG1f8i@6Y5G%P#(Fs50GJyiP<|H&tFK<<c{?DEG6t32=lDfTtA
zMuf+UO1w>92tN4eL4)%4zG`;V%AGD6CMlPW+w{)WG*JluyQvR8naGl({f|g@!sB35
zePq|ryuDt{4yEU!zlF!cOPXZ{L-TBVW_^C5z6XM^QJ%1(CC&QqS$&?m4m<pBM6`dm
z^!&f=fDlWDON~5fh-wWH#5`@8AnQD`?Mxd#Y9#MiA)KQ+xD09l+_k;ey<nx|lx3h3
zS?Jk!l^x<95=@4f`CFMwQi4W?-CcHLw0V0qsf~MlBZ*_NxpVm16fnHyC~{?w5}obm
zz}FGy-K0l}FGh?|68Kn|_q~6vhsNvys_Ud}OzO8OxiS|lv>2<v!b)e&0!+l2iw>p;
z33a^>ztSoce-d|Dh`h||`${FETNP1(qr^8g1dsRPR}y6MVDGW=;ZM4m#~Xqk)NA4*
zCjGB<O5tuZ2{h!5LZ>t0lXR9Pkp!GTj0!^rjl^8DfT7?VTWd24I$yxxfXE>b-KWut
z;fi=GcSb;E@0TOHjXrvmp)Y!4Xf$1WpD&86a5l%Pv?3+D4u%Eh$kNFHweWP2Njm(J
zK`)Z4J+&r<LEurk^akLN5dZK2FIaFOWcvuHnt+PuZ_~=B%+9fX^YP5FCA{a2$Gg8*
z3R}suOLfq6ipRS51R5I6YxY|uQMITyDKtaHdkBg|CW`@)G&*f~a-GZ}fKv)JrAAV-
zQ|?VIzMZBb0lIl_qE^?nb;BD!NF_{6T6DS>iOeacaqCH^jyl%Ri!MuyfUhA9%oKY|
z#x8SknlxC4<BypEVghfuPa_E2@364ZJZ4e%UR<C?!$v&&`--WcK|-k&bh0GbUMLWB
z?b%M&Q`IeZwF5jmw}!n6I@?!1T|vfg_tw6@WJNT}hZn>l=3Y*0x!=MlFo?^91A2j#
zYU)>Yr;IlP-<3GP;+xlDXE2Ib;xgm;uo#gj`i6JF&(j)U`P<BL6_IRLeY30@HV3p3
zKCS)XAE_;<G^Z^{@J>-662#$$DPR0*bR}J&%eWjYzOmg9Y+aC&YIG?4^3uJ+oq>A}
zn2G@_ZHC9W+951)xyo#90epR+kyAs^+z!6lmO?^dcehTQlL!I!ad`1}<)SaX*Pw#$
z${3`O_XF_G?`BH9|AvpYZUm=V7a%#%(XG=zGq&BDCAEU2xA79z(T#A>Y|Kk&|8!O+
z6Q8yqvc1)sMZgA3QTzc*0?!4L`R2Nr)Me#5<LYr2O|xtV9|YSXg-2#p0qfJ%fj&Dr
zdB58O9|r5**3!^r!J8-bp0nw?zmGmFihrLzZv3Jt+srr%K146#bg!x_!0c{z;ORx6
zRMbFc-A34^ks--_TX;XkQfDvz91szq?wOWr2nr^nsm)?as{8k1KJL4XMfjJ3ypDaM
z@fa$Ke=H(V?KF^9&zEMuasNYtox?X!+Yz$vp$hhUqkS&>Yn=q8dgIyqf-10#jZr~Z
z84=2~ofjy^Pd<EGsZp<kfPHO2z1KBc6K5MEqm=DQ2)e29grdMD$lN{wGov*56VqGr
ziQXCon-J?nm2}C%Raldby*=>4?KH<4VpfzeRlX~$8B4jyVN<{TUU+TC_E^ThE#h*;
zm3^z>77=Xi2U*yrR2KR3%LuVdAeE{^O4-*v%aE%a)H%R|Pu&%2$+q8%wJR(R;-MdN
zpX@6rEnq`J!$$GieF(`q7xpJ2{~7naROdZfnH2a8?&cb`%2J53<Cu*h>2zK5reB8V
zFUP9<Dy1Nl=SwcPBXgsuw}CWUcfZ;*qfJhi$lfGV9+dV-Mb9NvqGZeltMkXMouHFg
zNjw1v?a<CAZ#px?nN7csKl%%{^fhb2fLwuS@%EUiTVOJoQfApJKx0O6`_e={$|BK!
z;x2y-WdAT+{C4;~63B@&!DcR}<SRzI{^}<kxH(+pMdeb<aXv8!7hj9Jp%--~xr*dc
z>eb6oo+3S9o8Gp!-I_FFT7+>cSlmOs`vF5EKtk|5pMm#XU+&jeAZHd=+YH9ZZnyDE
zx%Qw4k1UCdchEBSgq<TUm$-%#8pQSHc^y`Cvlfq;$9qJpgSN01T~9{O#~G{f^tz3|
zrwcrrlAu?2+n8+&Dbwv?Bg+1E3S|~W9mI~P3`IETNQoa5=y0OU<^pmpBi$PGqtM_4
zSF)yw;}88M*vk)Jo-PD&G11>>Xc)*>2jk?`_kQ>M@(3ppjuFt7PRC?cHtDw(?bJSe
zOD1RcB6ENY^^RNz20=Max%e7eNWw1Ksii~lhXM>|LuP*81I2UbSc?=-FvD-?3MWcm
zDD_}?kJRIgEPlkcM!YH}JYN*n#6C^(+FCC&n!)6L-NSCrUK?|)Gi*Gn0^}i8JpYV+
zGXnz+w#hhK_aMp8Kl6^0NA=<sYk6aU{Uaf|o{gAb0&oO7=&j*!rSV6ln)b*M(pi+H
z%OJb$N7V2mP5h%T$RPXFP`rrjM=hv367rAWY{|jRlJNv?1ET#t=b!sXX$&BNHCR0>
z(r}662t>3;7Bljs8jmMsSbF7m?E_ohx`!^2km<zq;j2#v6O6t4l=g$gVYjJa$-z&4
zy(TKL{d$Gl;dQ!FhVwBP2|$7#t<3V?W`7$_%gMvsAxQN3oQe1|-_``iJ>##;1)>A9
zwA~qC5gk;Fop0DK-3ddqA<3W!1|jVSdsWN#5=wn?hdqg}gQ64EBN4|$&F@BAO22+*
z#i#4pMV+mUZyHmM4WpfCYv$P^%!Ob8ulK41jAT4GYb$gn`d{C#VqI@v6|LTWY1$#Y
z{EhhmVtM*nNw*q;R9?!)`I+R7KUpZ(G-5q?pvAKz;RzyoNR)L&U7T{5CV87pK+&(`
zG>MImkpt(5i>fU?b`>2`&mzEQ!j_1QxpvfGvW>E!JOpV+KXV<?cOaV@Vr4ZWfuOB`
z4WAPVZ!gl96>ocJy=14wz2By)EVZf_Y#1ww(x9_YOCKlACq+2wD5Iz-ik*x1Z|BWE
z?|pa2_v(Ul@HM}>gES#ifqx;q%>ES-%(P%z;*a|gk|Cpo(kgPtCY{-V2`}pmy&2-C
z%u*yu=28REGMq3fJ%+Dn2bp`8m+_*VeUvQk8WGocs)xjoORE=F!(<Gcr$Job+;a1n
zB>{W2xCeg{<r1AS;8%zZi&|SwN#m9swizE~0V5BV+t^&e_pq#Xmwh%D=qwzgY6ZTj
z!SL%vXF_-IW7e`t)5I+Tko2?atb-lg#&_sVaMa4e&>#(wL=}Ej2SqJ%6GA9=amY>^
zElC7a`erZAGx=W@H0o#LumubRMMlnMe-_){-RdP2mCoVHmYay>Nfwd?$pd4bt#Ey+
z<J~?@H^a6U(pGK+^3w>)11N3+7&JsJl-i<~Jlx@%=&uyjja-r0tHIv<;$>+t`?yT>
z_WECw?G5UX*k3ZLyOc{(oinPMM~3Vi>KVne+68goj0(t&fi%U+bwF=dEpDsI8l}aa
zeQ(BDBKMCnqbo8lmO|;piikiFE@U_yF3^;czbQwhzbh3^&uk(jk70ax>>8zf&?^bT
z%?WY;k@YTICF8Uny?$<Xf^^I)U-hTE%NV$-&m-bR)GoO;73a~C|Elf@s*<WvlmV-S
z(taG89gCPG%v*xY&aASU*yTLM^sXGPGZEXkRvOsgS!yeoR26W1>Q51GlzlZQR*G2D
zz1y6z4)+YM_RrLdYmXs_Ng(q3icD3_{be6nDsAy~aa_B|UyTT7B*Brg$Pu2V#nI<w
zI<Ur+`?u>2akgbCqg+-G&!1v^A^xw?+eOf3Tq_Zm1|3SLoSi(Q8iWm$4&d>OZALe=
znevobJQ~RIH(~j+iSFtQl+`XX?T_e|?D&_&W4~Th3F&X6o^Rn}elnxW<ft?&@u7KZ
zI{5m8Zxz$A0zeFOdL!MT<#ZL@_7=*gCX}~S2=;$pJXftd(}avVYsg;uMLRW3k$?ha
zbyyyoY`91gub;59aIY8}m1%&YwD%nQbCMD5R&_Z$;&Gy!VV#~}4}_IovEk3k#<!xy
zq%~yD#s4c<;_3NzOPukfW??e9o{HajxRmuzN;%viHu>PyTSf>x;OLyh-u)Z6L2#w*
zYkZ6kBeP^zY}Ls;14M9}jZAUo#C06M!HcQfOdZ!MjP#@P6Ct6^sL6=$DN+2ZtHP8i
z3NAtLtM3K=OO_(|Vw;mK{@{z}4G5xSs|bbq-O%y?%F9hh+SbQN#nTz;KEA+#ZOv8i
zHH{o=(CaJcI%0fz0BN5$I7sYh0pKQ*xWhtQ<+&ttB=lTF%phJGr_RMMnPq>)-lH$P
z*Le(6hWt&xCv4DLx_vHgu^v@Lah~`S2E)JX-)%fr?|Q;aSfE~c)nk3dM1_c|pb-P(
zXe2pzjnMtI9Gu0xWnxtEPGnbXHG(ME<hgT60M>VVg#g^sjO<{IfAqGB4$=b-y$Pq(
z_YC-r6P(gBl&*FvD?9MS?tskQK9tO;Lfji-{opM{zv&(j8N@w2R*TY7l{{{|LThpA
zsEaEY!1AQ9_<_p(R_|7`T32lIxaPFP=wo2-r145dv7T>8^u#eJkVPc2NUTh*cg1)`
zzESUI7>Aqf#kkRed4thPM!%j<^2lDzDQUue{Rgz%?u-x}XWiswpn22shd*&`z_pt#
z+L+^iY(5J9s4oPA{u{HQtuYxup}*DhUE-d9wMm+(tD8|AS7l@Nrm*runYwIT<%jnY
z9~^tfKYnm$JpHOlnVY4p+oD(efmxDBJ46oV9($;xN`L#|m{gB1WC$=@-l^Vw_@Jf3
zwE)c6b#(;-1&iIk?{8ak60spGt?Z0EyrG6h`RGDyR%-()^=4%iW8E;D%;`d4o2_hL
zD4#TEW1VBeJ}Gk-Fe$i4*f-!j|2DzGUd#uz74QxWir3=L0v>LpIRXq*V%%@#@+P`*
zb8>IS>=03|gZ(*lt+aCIf{1Q-fTMyHVm4K+a;K}W-@N^kEyPWpV663J&G`3JJ<h~h
zi<hROK&jQY1l~=Fp(d2;TN3uMjlM4+dCnE=e&<`tSG{&f^sz_^<|2UEE+Ueq7lFpU
zd3>huO#`;&aqG))refC{rrk_mvwx<bL`$z4ww~1dp@kgPq>Iwg)>$BK`Fm>fzDX=e
zdkm9dr)KX8aEa6Pgx>BilGduN<iFZQso44N8(c>D_m|J#pb$(2f-cM~`xQKPEYgTy
zIEL7}cR2!ETX${B;1|^7*UJx?ZhwgA`0*m2vH#Hz&1Bd7b+CSW&_$Cfbf#_if@Hto
zt>>M>ql`hJH5SEzl&+}2x8-$k7qWlEVDk3ssntVKoWFLGQ9}>@u-$-;0QsKB=j6_W
z?~(dLLXZ|Y!29v0;Ry%RbeUuJ;sveW86l#XwJRGbJ?TbWmX0F@Ph{63B-!THTVd!?
zzgqCMBNMpwmoADqI#oU_VjT91B0;miE--w~+mvD>dG?yulfJC37Y3Yw<x%FmjXFh&
zOEox5#0IukDlo+BDGQ-;FY#mNuU^gAt_yR0Zc5BqI~?JW{oD^N>ymW#ukQ!lwgHr_
z(cuG1d&iaXgpF(!E`c$rx3=7&LzcoFIuZ%RgdEaNY{Bvo=n@5R!t-R59rVI7n=E(I
zM{;iAfuF{KNOY|b((r!B`enX?R1tkT{<y$%>Z;Y2Y#m@w9hqk;Ez_d2IA>Atk~E>|
z#)z2^$B)Z({2WhN5G(xkjw_Zfit#1-F!u8W6m8P^Q&74(jOgU~v}X2sx>S*6y}pOk
z^HoVAj(VD6OPaPJw@E=Br1RzzaPTXToLhFX5uJsKr(!=kb&6V)wB?-!n#!k*dae0U
zrJ}r@yDOYVO}Sjo;l9KNg#3QB1FD;!bqht$?u*&_=r(U)AV!O>=#4gGXg=f}TkCcY
z`Gr3Z;Wmc4KY54JQHk=t<&&Ub#e<F|;7E&dR~IyTRaol)yV~Flq)cIA!7&|5vTaI2
z^6ieVJh+0nuF79>gk}bhx%+XLx+0A>)7+=*ye(#0!nSP>wNyP6{C)VJT|ZL^bld|C
zLZj{t(e3dsH={C`{}AO!@gzs!FJZY|Ti?JvCzjQ!NDH9#71RpA5*&42U72?AO)sSi
z6cFp_>M%V*rfPP1Z7RtkhiLjhQ(bj^Jzws9?pQ3dnjLf_yZC_p@F#`ba;{nYBKzeV
zaS&x>JU8j4b4clFQf7r{)N>cAwGP-_Jr1Ug_nf=j`T!=zmq5+2Hm#H=c{$AQgvs1s
zzMrL+jW{G2ms-C2^LmXGNT^+e(S-#ayR=28+&X&-E7YIKhZ}T~GNfP~>=G(uomvtJ
z*<QBr<vMU~xWZm=?`R#E=X(aNRhyRkIh83HQf+9NMqDlU5xWi>WdB)f!bLwiEZrP7
z+{hx`J68v`ridTl`3j(QaifU-Rsy~Csl}$6-qnwLcQ%ISe#H{SO;m?ncW(f*yJA7r
zn988tJk`gfe39}%%+RDIQ3x@mzz#dFXBjf^wMF-T%;@KfvRf~HJ=Re^Au7DAyE)7<
zQ4FsdyJzq@33JG6p5ywP{#&zEzKO6voj?fFktrO}=cYGSD4De;Hz;aOD`=6?VNqdv
zD3$1MR(iUA^0TxL(6knijpWLX$}%L|>agbjcu@Mb3f1*Z5oZL6Fa4aR3~Ahn3&k_^
z@>zrHjq5-1FjT84o4`98wM{#;;JOgPoO+qBAo;g-1Zm3>CWY`L8+L2|;#h-yV9J<@
z=A80^wQlUR`SO5?lYDsmd!%ttI1K~-zzf#i;1t?A=FXIabfL}RJYE|L{e#qV<<1wl
zzfT4evPbaNqr99nnNyGwN0LGYbURg{?@)|;i!bfO-BXJaZ}28T+QOUCIy;H2KAG;M
z5xNi~90$d413`uf&A;)2;{x?{n;1o3XOIuYl(O8HC~_<%YHV;i7K#;5<*u?l8V<jR
zQr&!SGQc?Z5D9ISnEwnKVe4_AXo$hYoc9anC?!oiD#X^0xavi@ZPz~VC@ncgJ<l~W
zz={c?g|xt)1X@RU4O=rl2GRYwZs#=uaV2@1Ij!wPf8H{*)x(O~w-`kI8G%_<iOCng
z*00~+-5rxRB}X_YBqL}0d#ykGiqOr!!8QyP|Jd`0un7NkeQsvF=`($+w<e$Nmx;7{
zG8%p40+_XKwJ%*eB9pKfyZq}bV>BBJ1=1)E`&qKS5VV&EdY!SjlEgKsLZNTy&q-DA
zNYF$rA__Q+UkCS^_-Klb^9@0VA)@7?`d!b~a7#~$U#@OnVeo3#&KYBW)lZ7YaXm}6
zsv~p%@iXfvc($kT?^3I_VM=Xx&ET9TL=vi4Ir{s!;&01!g4=oP-*IwT<2_tP#}$my
za>b_(uK{4Pnz*#|`?h0YgQReR4#goE_1fs{`S1E4IU}v<4LjOCK_NhPrKI%y_VGQP
z$kT6~(l2Ijv>k4Moiek(jM?2GgOg`J{f2DnKEoQDHq>7$@dZ7><G-JfC<OYRo^3Ro
z{uGe)y@lAeEo~syW`@pwMm74~`l353o6LF#{YJvKm^3qo#u)5Y(Cw|dlC%Q{V}gPk
zq(acyqkjHWaC9lzK&VM^Sea4FGnz|<W7)K0;=;DvZ9lz=7S)uY^T0@Mf;0F!X66Ru
zF-i}MxF&i>sjj@XU7AFeMbiX!`-;?U-}$uvkvEAnyuVi*b#knDpyFIh{dV(tQ?pgN
z`8oDgNd12GoAa4+kARUxNKnzK_efd|0*eCfr;H_=D}v!2myHfG^R_3rCHBv{FTYGM
zJEVESnqaaPkVPxpmD?{+n0crI=0am>T?XBW;1FhQ|7oT%J9OZmuGfg@WOA+bwP;9m
z)jGwlhUK#FdB6n|wIPp~^f6wac}o~Fd=F)bbxIieGQMcT0*4yUVc{9YVITF=Hg77l
zzzzCoN^MG-y#p{sTdKerWQTH!6Io*HI))?ph9ztVHASrmX2reSYGRc-hP6qpp~Is$
zHNU>ar9Qj~gv5$xm)bHpm?<(ZFw25S>KHPD4`rt%KIY<fe~H-6VEA3{jTo7PDgOPH
zK|2AVoVy>{*djhd6TQCsajyc84LH%wCOt9#o5-X=+*KU9{p#-{b#QC*D3ko~^5J_;
zt9g*F<bAH}W3KGqU*G=@$WJt6^y4Qg<@u|kd%uV)VL-rno+Ed0O@*#9TcC8m_w0Lj
z=_e|jHzf{rP{1bjOz0=>@@;im3nY;9>VWy1v07nfLP)dZ6JlzBosB&tl*1u6?ksCw
z)(`s!L~45;WxSWj!JSj3f*;F@G{IV3mh*UhFY081soi1`Q{ictNo;xN{C}mxGz|Qm
z=y6d@|JF)uhW^N=W5$r9C%z-sq?^)NQ?$;ja7UJT|Jc>v*Jj3VTio($6SC7TsHXF&
zl#qlf6+1hx347YZK>0BqcDAi7gNB;?RW8`Fy@C8jXd)s;n`J_v3qk2#oShxv@jX_u
zsadACEe(CP(UigyDM?Yfo%xp&@_6|O#=t=)<5CqrD*b55UaXW?hTImlXmlkA&){+R
zS5jvlY1(P|Cg>{c(_6B2Tz3j~HoVK4$}J`WY7Z;Mtms#?`FQQTYH{*<FJ(oa9(0R7
z);B?(=V;yX{@dj)c)Y=y8||xhBXU#yO@UC6AD0}a!IDFIF>rUKQrH_}EXw^xBPE^w
zxtpbJ05Y<s5DJZw5Zvw1!&%f=ghyqMGf?V596F12nV00L3X|O@)kK<NhTQA8?DaMa
z)^J^KlT%d}G27nZ?e?ingO40SfNinno`L%{=Ut9^!LPeDmDIm}727<Qg>9fkO%bev
zkFpfPeRphTE2yBH!K7`fJyftqA2_<cgBu8~k~rU153`!Ue{{PzcS?|t_EdHdbx=S2
ztzSljIizuDAXYJ9kC=1akN{h~-bY0lCAjFROcNSiXYTw{OzDp9hUC8ZME1Ss_+W4*
z9xL6E9)wd-B4W*4cFXXxTxQUl5yWnHk-2l&=gX~lQ8fQaBRoEPx|I(eqmsIGNaYaz
zqtHDMNas&+g(JAz&8SE`iF7>8`w8Fm7(L0(tcvy=in3XsW9>=-=j?7v%nMBYc(JTA
zn-iaL>Hfv#xjxCzZ}3=6$7aax5WeAs?<S}(OdmhQMIk|AOd_5|WMS6YvyW>Szr+g-
znAg3uz8|KmO(~<qCdSJ?BhvSbq()%m*bZW(`+(7FB(tX2#kKWFYzMHjt&obvxj!c0
zdMMHhwKCrDtRBQ<=Yvk9rZ0M5U@MNG^1T^}Jvb}ZaJ>nWOg4g}c?cwuUA`I8yd{-~
zGdSX}q&VD_LPV$hN9%e&Idm9?*lNs&r#TG!V{_M5&X;h8#|lyDD8^aAz&ZAuSw||}
zMY+gspjToBR%P+U%bV4a<Zd8sDOjI5Smu)19wWZ5LL*xrOSWrA`z%9EQ;s#5*Vc@s
z?B+v#!O{IKnhLQ=_7RDEXepnx?b{I^g>>4BcHWNCzF-;L>uqk5<_~OrWS7y7(G==o
z*9j%(Tp}ux>sgSNepxgonJ~n-9_KB;(C<>2-g?YSGzb6evO-L}n+q~JETu1tviz{@
zX73dRsQ(Zs2j3m-XQc!j2P0Q$L{y@sJ0+1K-#aCVtC3lV2}r%61&nWzr+2Dla+!ou
zyNi9lA~KRowR!l;!13)B8tV1vHk&YdJY>U_RAFW(UO)lN=lS(2T5g7bnv)X60$ZK)
z!Vx3+eL~Kqs@4?UdC0(ffedcV@t|HhF=BHqgpmX<gmgdb6J^4uy%mIew&&8ElKfdV
z>xPUGiptx*lZz!Ps+1RCX$I99J`JWge+!%=B+Wvo7ER2<{3mM8JZ#}od8ff%qke1O
zx!yl-T?fh<%TO1$UtHibb4RcGCO?o@vL!X?2|kT8ZL<e@X|9)MI>m-n)xC6FHt+P4
z6hW&ZX?Q0A-oBwrX3Pn?Z0yk3tcpv=q<95IqJtEL+CgKj#Kkv1IeZ|PjuXM)U3v(J
z$)I}+4bNOc!^ZcqN!mo7<$iewHyk`<9h3bbX~ai2yiic>n3!+Thf3Sd<ytn<$SAP5
z#(hK!uok+uBR=N#NM6Y(Si1m+&UzhG9uSWBHyFOsve@4X2M4H^CNRv%d^|-__?ws=
zggtctIi~e289T)i9M`w~W2H4|-6O|JVBxOwa?f%x*zC%tn+l18*pT$HnMKBIcc+Xq
z#<CfCYNSz)mgZs5mHy2pa;BR~Y;3kkY}nPKkki_aURnEJ{*=KZ=@|>ED+867nH4U+
zz$@=ijCWMXUX4iUP>|gqsrv_uVBWY7?*bldQi&RZbs1l8DSlEGoX~F6yxrq?$sb@}
zP=Ge^HbvIMS6baeFiZb3qxkq&x3oKEsAG)UMVS7javNqy?*PlatwEId<`K~^?iwlT
z%WKRYEuFq4dxN6n<^QQVC;By8Ek*7A6EhU1SM+A6Lnh0L=n)uyFN=s{<Ss1lFhk$z
z72)~|p_&`S@ja6GGvC|#qnbmDzsjEisQ;P*E=Pb%djRTZ-jDyx!Asnjz2A<Iuum6Y
zp42}mzmb20L(0NxaM3enpS{A<+IGYw{xp*h&1jV#(Z)q^EibO5sq{){&M?1*gI^=d
zG_i{Qu==f9(*OlOebl;rzgwjsRMXn+uUQTzGI<@KxwuH%O>tRVZLa5yn%f0E8I7wA
zYa+1~GoB%G2i|9cF^~NqBR0hk(p*d@G6kWHGp)vm%If#d#W(U-9|jIFk44fIvuqy8
z8XC*_3N3SRj0Ls=*V{7h>cQi+B>r)Y`CU-LICw3*`@h(L$D^%m)(8;V_ofH`AM(DD
z99OT_6MXM)%=SK?UIr(7)<|JB_P2K)3~iz-Ba-xZ^{n>7(Ixq>$a@cpC5%#;tS&Kh
zj-mw;R6iUL8sADVd|sr6eRTIPR;?oS=jcx|cXTl&3sy&lZi)qtygi84(6G)gKr>k>
zndPISJ!|iEP0Xm*cqF66L2)bI^Ftd|L0Xmk&X>d;v!C}E5aF#u<3Yni>%ei#r^751
zcl%MJGy}hhQrUR&%A#}~WG0{fWJ50e_mI|j-cd^8q0f0qmSvcHQI5q@pyA=HQsXvB
z#+)3cC}KD3VViBRj1M9l@1uhF9g_+%_ZG8n_S~`Z60z@-zB2>O<r!s9q-P_N9<94F
z)Fq6yf;H=fK8Lc%>Ys4^eiYjWGzB)7+|VEWYL}?IWIkK}&d)NfLskp@oj+Q;1S}~5
z&n35z=%o`l;LXu#79^T!{&}SN#HV+lZlmP;&qtz@M>eow9Wqtu?`Wf3q}9H?CAUv8
zED)qA*WbjM+o(^d`6qW>zy9Mye|yrls-I;$Y~4Qidg-F!G>{S?X53}_b|)>@ZPePf
zhjMs0J340+6JRzjW&Tj0)vqb~D)l$)mG@wLbd<n%nvuRBvW9B4eppH|kvds@2D4RT
zTX+=ghS2Jdga=ijLAO6wcF7f{{O2GA0j!rpmEqSRSbv>E%o^CAD=n`X{1%so8vi(P
zrk5poI~qD5NA&}ZHA2_}TlkX-+kQE`yU!^O2?n7sbI-cc>5fc}e7jM9&GekehOLBE
z*rXNqEx0T4c#99BR*Jv{b7oslO{tQ3S2J!$-gd|N?H0jm>hoH>y2O$LY%m50*ED)?
z<C1=EJM*EHnYq|9zLM*;(Ed{>nVlJ~YXedyoxVg><I=*~JIu?S=RARS#_v@r6nQ-2
z(8uWS*KOI1mn)>-EabVYfK%DfP;EyE#ch;(a#A6<%cGg^t!ze-eH-`6bNd;jSd6cA
z)h!8%(%BxE<ubdhQrX_ucXA1>6oXreP64*nm&{I2xlB<DCgbx(azlXE<MIjZ>z6cm
zOa|MSJgc(V6|FJ%L7NON61Vl3OP`cfSnM{mcf}qPJ!O!ZXXfos5`#b~n0MlD&<(!_
z@3poRjVgQiqupQ^i+1AAa+TXKWsDdsN=)imzbb`S7JPq^n!X<uvSM4Db`Ts0oBS-b
z)@{GI7lMw3J?1Nr#j3rv_PKI+DfEqQ%A3ycmn#|f=<OL(vLM+j3Q>>PKa&t7xjL@=
zQDxrFOotxQPmh!Xh7q>;?NQ5OO-O1a99;40l)K)scFZmAg5!V8zW3#gATH9kMY4aa
zp$FKRrAtq{=a}Uw;E%7Urvk4O9<gp+L72o=rh~L?-X|(gA@@{9&p)6z#y_Z*_%$q1
z*?9HF64?u}xoZzjCkI6WX)@caRPBuPPbPGmiWNJ$G#E|JAI&+{aD`J-c&6#Z_M2c?
zUv_d0JHxA7B<bGyU(q6}N67Be@v}Bsa*CQdQ_#AyU`AQ4dlF>j&&WSp5jiOJVLXM|
z#%JH>%Myr0a`p_|2@ijSQ0tDRtV^9EEEs~0VfA@y-??z%Vl3~FHjn5YX{nO^N8XA}
zqoGy=4bqe<+GsLaOeM2fi0&@O#Y9?t%v54XUeJAaDCH?WO|mt%eT7HPSP=gWEKG#N
z6QA6sdtEKIIog^$MwvR;N#~q6U^q=V?u4p&<t3u*pU~1rl!_)$G>PmCYP_Z7NYW@r
zC=$?G*-+@jm+9Hqhov)G2UBqxl3A3Iv@*Uxh4O08*<elVwuo(Fx&76PV~e7%x0UMW
z3LNHq$9{ui!V>vp0E)NH<Q3bEAIO=q_P25{Tp@k3B7M!a8QJaoMPIN@>-Oj)ye3zA
z1ug6Qgq)kUO?v9pZEj4X>dGFntU%y<De_J<7lA;sT762ObjlxSsOEbJ`00$pMqmGM
z4Y%a?1s&K51PW}eu5?SS9Kvkx)bd?R+F;*?9)V?j>r^rY^BdcT#C$DZAm?)k`(K#B
zu0O`=$vfe{<&p{Oj)&Q;KF_cWoSq_ilXuTfPO(b>my@oi>-DZb;`}lXw)6IsR=#&^
z=bgVV1{}`*<NsEst-=Am?Dk`<nY=SB>-!-Fb*$2L^mL*b<y2igY+LqAi{R&e)s<Ql
z++1_oC8uBL_yPy|Us}jsNe!+&5P6;rC*xhYheiPuzy8qZ^*>>GfR`QMrGKE`9yD@~
zPd7DHm*UJF8tKOxidt4rO}l;i3)3L}OaZ-K__NghlM%2TI`Bw@DD!9fiG=%Es&?{$
z2+<!Ji3YfR;@^>nw*zjq3jh%NRNb?#H;?#K^*1c{nOkXiIDdBCFYUE!<7@Yvz-Qgh
ze0~aHmNgJ!1fRU6GmigLM^LZ&dHa~QL}*t`GA-I#zK4jS>3cj$StV!q=7C<<j~&-s
zG_$TBRzr%t3-Kgse*zHh?EzP_?}?Z|ejH|q;%(UiOAmqu5{_;o4+8hAZCh&7Z2~GL
z4nWT$44$rEy)6r+Q$tcS>(V$^$-to^<}eFv+Gf~1AB+cv>~vtrCYf>xf|C@%1!I@v
zv&?D)G1~pFX5#^Pd%(4Io5701%w*hwz-Wz#uG-wp8@tEtMf9W^?IczK?l)WJ6T<g&
z+HF1o%s1?<+hpl*ZTcWuJMn1vbZpCmRC!LAt%xFN4ir;Vvj<m+aNHrwIa!I!1;cU-
zxwiS8Yp~^Z`6Wd(;d%l3Lz>%;^)G=afqu`SbwAOlPV?X}1pCT>h5IV{C!ac$kZIC~
z)IyR!d#MUve@gd|!ydQZ^gupzK&(p?d`Ys`&+`a-KWd;8JQA^IaZz09hY}-$#6otd
z-~3e%ML_~V;7KyE-R;Z2ry8azRMJ?)8+9efhf=oEPAb8e)fAl6hvCbDis=_&hb&8K
zUN@09vlEO`WTeSgpg93<#+Ju#84=2YDKT^wuFp*>iz@rvQSn{;RkpB|IU!t=caJD0
z56tYr2&5~0@!u#5M%l85sLlhCNU9t+H(^KQva_v@Y&5)!FALzGC`BdAEx#zF8v#dk
zJyDe^_#_bPE2TaAX0*E<c9pIE{DhH=+K7pe&VUz64cFLAQqiWwi1aC?P$&9p)nnrs
z+?l#6cFbg3k1=8#$4Hol>$s0srbCg^gpt}<kn?A#{LbNQbFIJIKvRk=n(PJ|qP<AF
z+ba<sua>JCRRAz`Cp51_M&#cnNh}OWtwYa77grvP7!qSgz(huz&K`y64j9Qoi^4LS
zR%>Z)3|UzA{VY==GszmyQL}NgKZ6`o?ZurlxSUMFR^ukP_L|>acgD=C3QQ|d(Vma2
za+>@^Uf+3w82VcD+r;iyfGu`LKe=O<|2QLkmabBlm$!^(S<|dO=z?UCFj-8K1}uB@
z5|iA}(G=OtF1h%niVVtev+cdJL_M^yNNbw(;(&Ekawd?qtEx+KQ+T7ywtktE6#UVS
z*Q1HS28=YsDZi&0n9GfYk}FWBU7n^AN_2D?CM5fvid!S>n`W=H_sQiixf<2d9oe(M
zfvmx&4KTO>gzJlSFjSP|iYb+#a{LVKSvXOgClOAon*CzseG1O9d&3`)Hr^rY3bi2Q
zQFZfMm*to9nMp!Q7(U7VNHi$jL*q;TSkrfDHL8+EOOuLv_+`ZVGt$EB>mf<=XXU(j
zRGw*kaQ}%X%_8r~_bod97VdxHqj@157+o6_r(u~7c%0OlYdo0zcu>hQnO?95pPwoc
zN?-YNS&ZkCTST~{>GiM|w(^6b_tHXa>1C*L@7Is&o28``XV0G<3qe3i<_H0<fukGs
z$Y!C)UVj_Yi)NFzoya^VVp7@Sh+k6Z7#JXSr8-T9IzhFH)LTzdce?4nW*TTC470$y
zGy@jA@-J0PhZ~HkE@8_Gi&v95qFgMD=ps|T0|>Z>Gp8*+b;uPK=f(gz1%<i4wt|ej
zXyho%#R-~-90DSiZ$l@PofGoesNYi1+1wwt?V`;64z0W`<Sktuzon;{?ou*>2{wb8
zn&7d@?~=wYYfcC=C1_P!FN~Ml;$jFW_JgZ&-?ulRGolF<O%gj>U#Qpnv7L4?woQp(
zEI+Dcer#Xt-qKXLQp9rYwdo&-{jweL+X!!gfS?XV)bO;1Gf+n8$wP5WvdF?@{4t=n
znXWHFaj^)LdW{Q#S=@f0cIK}z`bq$rdndBouR>7X@upZu8{b~<4})^L*7Xp%TDGKZ
z$~8OBn1$xYCibZbWM)OA{k8Bhy3LMI1iGLmuLRt6%({OShi^JN{*25X=Psjy(^K-r
z%|W5YqB*IIxW>IiQAN){5Y&=*!`Uk2=%BEfp{niqiZh+9x_ZEIc>htb(axw`6OTpf
z)!7PWY$|(RGKjcM(lD1*D%6kj>cIPN6Z?9~CC(AiM=B2RN)+nE#`2S3RV1f$@6ZKN
zSq88hbX?v|osqQr!a2+?IJJP7nrmHzt*ri>n)7|o-MOXhOufSvI&coIvu}y;w3zZ>
zVlc{xK;+v}VmJTfl;+GkEBrZuTURwF+6d?--EXF16{8OTFRDklr?0!J#lLSv4XcS?
zQ;gdNy>CLTwB;>4(iXa@64U5zFYD+7eFoF&ohNKSH(h@Kqw6blnzL_RwfGHCRGO$J
zV!R0$2=L?{S6xYqAbgOG`}X=ah#qpKy_fc&Aem0T|FpvC$2qU}>3)-cx)#p!F)D3+
z*Q%%kOVDK50O~m9k?nw5L?MPBuV7J9LH+1v8I#fc(2L__H;Z$`UBvs7gsEZGb{1k<
zsD2fIa`p>}L_niv4gBOYRyns;+ze|(S=;c7pDq7Fu)85m=F_acyQVbbA|^Dwrc9HA
zlxeox@_X@Yaz3<oN>FEaq5?<-C9QAwL$$jZrubvEMSx|8+D}!o+<{T+KhbfrHK^!Q
zC0a;x{4ZLXRvtT}8dZF8%<Cve<9r8Y^Brt(HxT78Gr@MUdc0apP<jQqDw4L-JDpES
z8ahFvCd2lxAN+71jQCnphi$)XC&{Jxb&UXpDY9zOe5+R^D=C?V6UfnWDWM-m(+EzQ
zjrzB`Y^Bp0EMfN^y=r78(%esVZC}H<cnJ+*L5<_ush(<Y%2L(*dpaG3sfxf8WxhQy
ztzDS^ov`X(^0*@Ewy(oK>JTNC;~b<)_;at$<63Jr20Vr4-lWplaEpVODyA~h602Tq
zZ>#)GfgbYy{JcF`r9?Z#_s?L2mCsJa_|edrXU`8e@5uZqRrd+aMfGnP*#1!;^P>X3
zz5Qc_*qYuv9nLHzo8AL-%iV11$7dn9^HucSGBiqO5$*IJie5au+SHFawgm!^$lTv^
zx7r~Vaq#SzUtI60zIy_qIHK6BF$N0(c|eOo@&r#mp-nhDZ8OXZL>>615fEn$Suw^=
z>E3H~XI}b$X|+g&)F5c-F^2M=mA|gCUs+QU;-Y{VlO8M6%Muv~9wrbRn4xi^y&KVv
z6n)>K{7%pEh5ygF(C}_YzQr)YvUcPk)b;tV9{czKLlb0Q*b;xLTw0|(uRx5BfG~5l
zWWVo}^NMqGUh>9+8jHQIjYWGhTfgmWEoZ7Tiw_-0ehz|;P|C~?e3ET7yNtq%|85B_
z>yFeiD$xc#y^~X1L(0##AZ;m>H5IEHm?78{WTVmON*ur^q&Xms;nz}XH)>scYhST(
zX=9wBwJb#JQRWf;)7c|$@cZ<yT`s1)SAw3iI5NuqD)I^*x9sOm>q8pMyZQ;MSq7nO
zTUtLbe&I!(=E`3DA{D)AL|4N2_HNYw3nu=hg{|CD_E-aEOXNt6^$)t$C5^kQ%*0g~
z{t}x8Pe?z10=JEio0!9z5f+l`df+oO88v6g!S%qeA6ke}OuBv+5;?Q^4}1?S1QWHm
z&-G!N7r88`Z;->7gN+*&BLD^pRkKsn>)uI2T%)E&{>}3mG)|R@78)xzF?Z?Y)2~e%
zA6aDm_O-Im;?5V=f)3Z#vOjOGxxB)o!fj6_z-Y<PE;%)NGh|$%g?YjZ67U$u>F|u-
z;4of9Yk!gTBfNnv>$3B$m$B3*DLfvu9vu4nXXP;T7tYjApB<R8c5M)DPRRi-Prt?!
zkgo_521E_UBZln0J_RUQW5t+~!z?eu?c3kep_mC!AeJtoD%981m;aXC*vg(zyweT!
zt8bKd`Mg|XQRkm5weob|6lwKm_?)~d@-}~@^}vJohXU$rOQPdwADhonl#)(~G%a#h
z#><)$`3nQbZS^JJ*qnPO-7MwXj2FXVHu{wkSXLT)w%!($uQfgw{r`A-3!q4wCQNW}
zhrwZRrw4bJ!QFju9o(UDcXxLm+;yOF*TDyO26u<+@B8oeb|W@6_IB?sqC4K~%FHL<
zhVH8BswcBvaWt%Yv$u_$ziU~RzMdC=^+IE*9LB97Fq&2CeTd?mVG!;;Auw<U?Pe%#
zPYkE!ZsT7ZuD)ySlU9IP_(P@34Auj_NOaBdC_ny*Qc?o$z<WX#-cxnDwoQ=uqWET&
z%{ghf$rWhtgX^i-35d3VAx?!Rs@xG?pwXNoTDA;KLUarFLMQ^)?5*&&4oo7heg3{H
z#3!-gZ(BD6-6YB=>1X`2_26xl=S-;tuzK(xySD$>p&Pc)@FH^WKA^{bVsbAmiZ)Yl
z=-LI3pQCa|mtAWSsC)jq(2@fyIY-OCsA+gn5%Z3e5c9TxpmVX|b;pDMsAxaGUC(?Y
zuH&0^Y~9HIkFs<m0yX>FFhVRi>0`ElpLAS(;9LyONl!=?xCVyZcN6Trirg2I%=qoG
z#TBxz2^#m<vX8uKgX>~E3}B+ekMkN>@z@$48`^!3b#49}Sw(}+ht{<yf=9CjwrnmL
zvw{G>zAv5MLCLEOX^By5OPTceC&Q%2NmapF-ak!M`G6O#3YvTUDTQ?*M4WeyZm~YY
zguq@H4GGwBL#Kma<`Y(e?sY9i*DMA)e~ombtgM0nE3yi8SfC9FZz39+t%)Y3j!)fm
z1g_Kxj;`|Lxi|R4uz-mCVp*mo$On)9gUKsL-3Hp;d0&QbWF)!{EhUvZQjbJ+`*u9_
z3XQI0H1_vkvk`k<u80%`C#$e*t$#J}Ddc16%|CdNmlQ2v0;&dP=C9h6+`hA=oSI(7
z#}WKh(;=kN27h3qR$Nt7A4VP|L~lcBe72@*GrI!3R0p#4nC!P|mW+PigYer<%;;Ak
zc%j^XMT_%^SZvj#ar}VG{?`ojD~~M5ZD0fBqpA?)=063}V=|dVogo0bw0>M@A+O08
z{i}|laK&q)xQ9LOOc}~2s^@Z`W2*o5f=vQ@{=zT?ib?MOxA6pcDf0!a+_bSoUPb4F
z;&OU3nu%Q|X!Gf3hWoV_rWOTWZF{>ur?i+|!>TuUe%R`4?A$AcZr@XD{56kN-?`_4
zIni4X{zg@nIayr_e+IsumXx~Fr)8reGT;+i_>CTyk`8#uqdv+iaAbj>e`Mv+mi3)}
zuIO8N4m*unsvfDR4!kF-P9A8e`k#ZZ5=K!o`c54$H(d)@`8|700H;v|5*|hl0Ympu
zgcBECtH@;orw#(!|Fl$?dsQ40jZ>8c1y&wIxus=0coL>%lHaFgTmAE7ZOtTiNz1PL
zNGPempH^bx0R-4_z#K90Y`gF>a)_TY@hsRd{Ret*#<AiU;zd>g+qc0gT1CxrbiI<L
zF8k-fj=!dfQo)*MRM>b0%hnU$ZR)3AUsMy-ze7&x$0$esWO+ueWPmWxkAWcb7(s-)
zak7#lmaxC7^Wvc9s%+^pRyPSIw~_^c(LA)8skZhP(w(%y*S!V2Z7SvO8<!PB!gvyu
zL!b85zC(6*eWBPT8!s82;jA3mvs_5^4^uU{uKSOBjZwK3R(qV1a`6Wt*1E|tS-w;|
zUl%o)b{o(qa$h_n2L#cFk`W<KRu7fAk<H;uK*e<qoQzC_s<4$3x~{)`^RZI>f@D%C
zraSn=N;=5wT{f0s!GHP|TX1*my>mn+U`|5YS@zHBCi)AiiPUaK72q4fi};;WDRfCW
zz({q(<<dU~P_Sq!2Zy$tfnhbd=mMrDl|my((3A#gR+T~*5Zc;qB$Fmj;(*r>l~qL;
z7Lz|axRnO$O#Z6-l*B=`rsuti%1=L@fpI^Qbi74muPTyLRtprZS6krCuGIoaKFA-^
zZD3ttFYziKI{1%2MbZUd^H%vlaM{0AGT?7I46HmwTGI`2y+$rXwgZX{C9-pBwXA!C
z4hq-?tk}#(1YEj}&m{NT{i|!+T28$OWsJOB21da!#XtDG`_T=iG<CP}*0%{_fxHG+
z2c$LN!&yy=u&&Yg4G-xSbw)z_cingl>RZ4peXw(9PdiR6@cW1LE@jG>)XKhXdMs^>
zy9&-lZyuF-D4d*J`}Vcu5=kFJGq3(H(^jgqI}1=XT?l(nhB`>GKe1U_MJZe@zjLT)
zF5szRt<xDJhG|gpFUx;M!S;#20CH7Dg+}JQ`yXR|C$y{rL<ZgaPsaQF3QGxs*LT3j
zQf(9s*9=D3=K4Ua7=T~I_uIE%sao^9wEZl^xYRBCIsnIbW9>{*dB0@mmvgY>n_=M9
z(xdTGS*_mM{G~;sf6;1L2jzREku`^Hb!qiNQ*&mE#_vU|6&;4}m1fq>Hr1&W3k=s&
z2IDDbwF~d7XSJmoR2e$!<Bf04s|KBK3yWX>=$L)4w6RXHt!}7RuW$a^qA|Gmb6E%b
zd!?1Nx^4B(>XiL^<Mv-#c1)>%qW<^9+SEUl`}bDuzjW;W{}qKyN@dE=kmL#x(kM_v
z9oAPN2R@wQMJYZd$9ubEY(xI0g(gBumjgy`BcO)lQ}LT~J*0Gmwo&gt$N-U^P!3(~
znQ0ATR6v_m0W24u;xg?r2hqaM8&ad!YKKbjpJzTf%|K5Spp*JSNM;-;!8<(o83S#@
z0PK*Wrz%c0XOO7QKcGQ`9ND5|pGumip$?2fPr?bkek1b_a!?!m2vvo0RgSkTz={Y^
z$bC!_nR@WbkX(O-P~9nn0snx@H#=;-4{^+bqK@m@Vv6bOl7)_5w23b5XW<!j%HE!U
zhy8E^#v>71Q`Hw{h-h?P>=NzaM5bq7=U>e1184R@{E@RN<@%^-zM{WV6DWMsF4OsM
z=2gCM@3nUB$eJVz?JQ72^6>4D{eYWdid$hpyNRQSZJ^M{pE7ZqAfX?R1u|^2@EwpT
z$sC>^ct9Q^-yEV~vQ44EaGHJG!Ia?x(i!-6YAO3qnfVTw!r_$S$O_{bo-n~K_!OOq
z=<2e-iCB+EiIPt*HUU98Ro4;e0yk^1wKJ@lu{ryFFoc(l2$qh2sd&~<lJKCaz1Cot
z*q!IPW`TQc=MXnfi|d}Thh;GQVh=pt@f772=o^?f*j>AYj(8c6a7y3}aglT9@Ndq_
z6o`F@6%Z32DcOfJ5y@ZV?Pzp0cdCRQenwu^T$y6IWeor5>|xp57&ob_%FxZz^nN>V
za1p_mif9|(8DK2-!pls+gh;A>jVA~~b-2KQD8eN&!!+~3bBIq1#-*&hWUgO3ZYZS<
zq1@y81#u#vgbV)}JfRxfD2c@#cQnQcJ67s2JcVQDKLxvDzP-Z^YqbN8AbS9`TJMla
zotBv9B{r}SY*2D$t)YU>gbto1{d3VJWGYC{Gxjp6KR)nt4ro(u9{CNE0VAQwI2avy
z+5|$^$Vu>@$xIWOiOsJIMdPV*T_38xg!!YkC34tAJ<e)1$$&Y%Oo%!(3a!uqnTyZ-
zTdE+(@)<FD)`S?pWTzuj3|wZV%Zd(UGtzyCC>0f+1F}s+VT~Y5B9=&u-b?5wcQ=GM
z>A^k(F^Fku4?QK0K<S6bv^p-;sg^OF9YC0Q<wZntfL<Jya)S~>RQjs`*Hlk?`x;>?
zGelDVVZ3sZE<d=!h)Klzycy^CC0cH@J@A@~w6utR8O5ACv*zdk4!t|Y!EN~S=q~N^
zXV?b{H0-?_Myx+^2&;FM$OlKl0WJwx0rI)mSm-=7A*N?g<^}AOI9G+m-NjdZ261e0
zL-9&Qx@-mBBv@xK;6V)oiMmkCyS`(EFHA!Zw^p62vUjUn_{R(X7|9!j#V&YM%L9*U
zz1z?CyJ79h4x2A=Js&bK^rQH{9o}ALY>O@oEYmj^pS~*`+P9}~W<J^e`%3!IesI1d
zy#q@%&G@g1yxz|WSq|5VQpSb(l8g>^)im?Jb8>o_6|!8e$EA$x^CejwE~;rpe_7@9
zLMz6ZUGYm9f6tp`cF3uwS^i~}*GsJ!XLZ#sWgMS3%jhT`SEJS&d|y4S?SHrWnw(gn
z>_mSGTxO}?-!Wa`))rJqO-S0`Gu7tN)>lZ)NZLOzUE$I8RY)yJ+CMVY=GD$sNUccP
z|2x0t(%Re*okMRyGrl@{?ba}nL+?&AzA<|3-hiANnk3Sqkvg1Yc5T|uug$5LI-O*8
zYsw>_t)ZB@^xLU#Rz`CCY{ki|Wi6MX)#ASuM{Q`Da^~HP|BTxHw~GJ1`Tt%k?)cfD
zlUMzkK7DK2H~?CMqV6B@ziR!D=x7zWq-s;0UAm)&{eOG>7qd*&Je%tOj@!Su|HbNm
zV6foi)x4(9(5g9p_CGI{W$-Pm9Umz0xUaVVzchwv+u5i7$=bg+Z~yhbD7H_Q|A~1%
zE3Z!Z6R-2XiguCur*r?_uKm|{yZ?8@#vX2{=tdAXW^`k(*8e=FkCq)t>YuRvd!zRM
zFGMyT-mD@vUeC&+e`YlQgBW?Kf6DgnE!%x`?EW8$G{nO51|KK5R9L;bK0qhr3GuC2
zdYPvUtO?REMywIm&1Z@bUGqcL1QCVCi?=(e*;<n?4Vy@f9m<~Pc|oky7FD51NI^HZ
zy%}x(;}=M4=Rt+VMRX4jQt8boH+MOo_?=Qd5pxzs2Vg4Z5PgUiGtsB6kSyFX;OYwc
z3_l#whCP*HwOJ9f0O|L;U`RM#^_UdUBk+|4QUmgXh302MFOKw3hx+S7Wwa5u#X^SN
zA2j3w;M{q69x&Yzh_Hae9L{)lC8mOSrYviBBW$w?QF7;2PgZ@Nu*k~%zlY{==UKtD
zX}TWVdlbTyKKmK%{4C)VhdTfM`ng#cLQkrBq-T`KUFps_2Y!LjnUs;#k{KBHE}94f
z+6b#7mTYtIQ0$Es$DIbRHH16IsGQg<7URFmy5;B>dbg9LD+8kVNxXq+bx=`O8txO`
z`&TUWwhbw2k?PPQg$IMCpjM@HRuhu3hk#nz_Bxi;muYM)9QSeKs%~&QT=orG_m2SR
z$d+kfmR%zmbZr6wZQqRp@g*MiQ2UY#YHNTxvIIcEa?BA#ZU+->T=|o<Xyzs;gdCVP
zt5%Nr1)g|=P}-@ACiWO5jPPKu|Eoj6DavnPjv^Ln>p{JD5j$!^Sqd#~E)ufVmv4Ce
zc{ir}7!dtD8M{bCvGk>SVVYIdN{Fq$P2L0VlNSAX=f3eFyO|E{a7XJMa4AEELg6m)
z7Q1Gs08nS{BAc~kwtr6$pKvv}<;+7C>pwwPosmXM8)^M@029&WB;O=da0+y~jBUeI
z+DgD?O|?xpYgxpdSNZ;*lNw(d?#Y9{u@Ll9A|5W%i&K6D(~?KH9o{qhu=T2J<dVz%
z0@w_)G{-<3crlf8slvx8_J$|mbWLirfuDGI<^n2v6@m3Ua}?q|HHzYh%{#@yPFc4R
zcvCM|88jVqh-tP)wmaMKTArC#X(U3(ai5Ij9MUz5228UGQ(%ae$j;aqhydbRhN`Q>
z5ZoEx!|NRj%E1TDr5#1%214aF99hIJvNP<z<R8`bS}K~Vl?eN%b%${patnD~;V(on
z@*#QceZ%eDWNzwAr#bH~;QrLn0fb~n>PKiw%3y$z_>uXJH3lxK)Oanv3teiEsl{r?
zV4-XVd#6g*AUea^%FnY2$*EERLbfvfgGHr1HnF|QW{N1~*LpysS=kXtzmu&ITxdp0
zw!lttyoz9Z;qBzHW+gfL!?Dws#^x*dKhfAoyI@WBw4(l1U2SHA#kK!wV6x*4GyfD4
zkttk2wsrlZ=^3G|JhYp(T^)D(D-3-VdshgTmR_>;&n<%D0f40A-vs;3h~?T}_0MZc
zQg4J<_-H<gq)PM_q$7Qa$|b06@dv^Qr1>j-Wlh!acqaWN(;Mlxl)S8I@Q)o{(bG~z
zN2h7@arh=3J-c(qE*GV0T{$=o7}9Rm+n97zFJ(h14sB{1Fr1d5x4OGAyVQ@}Atp0V
znE5VPYlxt4jD03VW!?i{<6sd~k90Eux_!IFUP}^X9ehIsYbOQ+xC`;T#Ir|DuOQ*s
zMKePrsHrdor&;<$269U(2<zI&#knk-xHd7+O)jYo6ewIGYqWi`wyhra`ViL+t%Al8
zU4-E0EyGy4e<S=N!S2d_!izqUoicvCFVxkWm=l;l)<b8<_H6)?AWk-Q=sQ`@_m5b*
ziwsV2i$}F_;rwu=4MlO8ydFNCMm9S3y79`qaK7pCUPLrR<Y#15y@B60pSKX|fzk+J
zQF!on(GOWiI8Z%}zw5NCPSBz(g>FfCh7(aMW|s4k;sM48F5DRtoZ_eO?t>E_*EUAu
zOEUs+)i4lf>hi^jcn6F`RD_{NG2BS!_dEO0O4F{>j!gIvOxw+UFWK^=Rr==^7#mN~
zS~00f$yF=^^HN?#{xRx^J*y2X_At6Dq3~IB*^v9oa@zym{SED_$zH)ruh6>Uk|owU
zY85T*6NQZ5Dfj0pvK6WL^>I%MMPVgZBE&xUB;G|4ID+piOTp_hGKe^iJsc1lqNrbT
z`qXKp@f<W8(Q9dnqM*|-P+LV28UOOui@G)KNa)J*b&HG}LK^>g;fY(ci<GK%jrc+Y
zXllq!4sBV5dqu|_Sz?m%1w}jh5E|}RvxQBRgqrMigo}?uD956er+<TCFxE5pvJNhn
z4rvDNJ2}N?8npoHy1m#f({xoq=Ti2Ow_7&8wn~w9ymu8+MwQR<%A?E<ujHX8t0_2e
z^TUT2XJORx1HO)0OKXL%rO?RAFre7*Oo-@<1G1eBcls_5XJhv)%r-?2I|)cTU+0F*
z_2@2>m25(+<rwHAE}F`fNh#2}y@Cc;Cpuc#dUlnO8-=|RCruW}3w<eqyFYC++a_}A
zaGR4xCVmoOgI|D?0>ZtMC!o{j(42DX01U7?DK!Abjr<R;4Wg|CWR0D3!_W0-=(V>4
zF)sx$*w#yGYW}CU15?*d{D@_Hg?#5}aM%TK*ygN+@aahevXyL*a86c&f7WJpl{ptU
zMh{Pbbrv{=aSzXm+?1{FpqFzZV}{@!{2LE#j<`eL$hR4Whg;WA?CO8j<VsR&WVm3S
zlF-u6UH^ipM)v#@)nuTfBg~HoB69OjTDp>+kS54&RKH9uz{xGC8a3;`LO(HNlu^{|
zO_c7V5lk&~;iL7BJ4q_fYomREWq}aVJ9}i$Jd+Av@9Em@`(7(Q$~{W~TQAoT`SQv7
zYax|zEJS_-!gufLqTu0E0pjFm)ZF~XXj+wmDO74XM^u)>k+*h0iL!CK%ayq6@+8(#
zxj)SyW_}m6mMo#Owk~;%i;p&LnM(z_j0`aPTet&6ae{4|d%uj!j}baMtnI!0e0CrR
zm)m*f3w=svk9513_&vn$6l1N0kdou6yK-LHCr<|Yl;t<nxn4N6nIAt(CG>t@u3xmt
zO2P*i|B%dXPkb1nS8ZfvdZTP0ui>uwend5b{rg3`Z(D=*F&uso+WqHXrf|+l9kv7Q
zt;+5wd2Eb4dKR>v)2$LAey4YFxb<%S8n*kVqF9@yA^8Fa+|zO(2#Zu0yp`iB3eFHI
zoZE7r=%%LP^(IXQpVvEJ;l;T{O<Rxd!Mafo<m3z?!Uvc|Dq$e(3@=ZMMLx2e<|kNC
z?DvUCwK!!J%7^OW4{g=~8dCmXt#$}(Pj8H`-yO!SsjNe_W^@83dYe4FKv*&2oX%VU
zkcgKWrx3F4*XE4-)=UXn<c8)@D-$J6>FN&Hz>tQFKgp9)CbNJP;o0geL2N)rM(0VW
z5ufSJy+2%7`}Ujc7=R$*GmD>Sh|Cl{9XOROqzP|j+?LvyXb=11m+sdHzTinuxPTZS
z!c<kVCE!o$A%qY^=&xj&N`)>Zm@ZTEv7eCblC@5$b$G07Sg6y1Ek)2Cm~}>`BT?M0
zI|3}Hwvl-E_iUykULgKH<7HWoD;06`_VBXHOmA%C<r57=aJqJm8PmQ-GZpvQMxE9@
zX9&Fqx^q5N^QjR-?80RKsCCCR)$M>$Q7pF}ZFCrFTpgBe_C|f?{dxC*@O)V?7GlOV
zu|wI6s`08U9*XBhH+imvnWVnipu8+MKM*$35-mLshn#g^V9T>*m#ztUDahFDb11|m
zYdK*bDy9r2_qtKnV#OS?03brL)5xbz&iO=U(zkuVezxVX_>}cqA`X-EhcFg8jXvkM
zVCggcu6bW6EVwRUMSo<He;F>5E0}S1dA(D@NT<MWmxjwEqkL63UH31Kj2Fx!0|Kv9
zI>9_LE+&1e=AAw4N}w`gRFZ!dE|XG}XfBW&3^X2z8TV&@AgTc?DoL|zP&P-ui#B9X
zdH@{C5=?mOk4odM0u$1_{slt!y4ul^NV-(hrJL&eD=ukm1E393u>S`C`FW9%EyIFK
z{J?Guye`LOz&rubB2ll2n}?)Gs6i5B)OU)M-Wng>!|Z@C1y$;8Ki0Mk>!}J<u#eOd
z48QiLJIez^P<WSJ6NU~%gCrmtC9;>@b24rG_WJ@aJP2d-Y2N_`+MuJarr^3*$RaZj
zE`nfwgp-d5$yM+#{}FczaiQ1jxh)dE!x2J<gVRE(M>Ekj7-RTrKEmsi&8t;-Ok&@U
zaXCb@F_XjZl${V8NXzYLueC`9<|>bIU1xC!c<YEEAwfxIxcULgV<7)wG(1JAwe-gD
zwF{aklPs(W=B)wybPW2I`am$5qoxiZ&<$aY3NKPINN1N_WTyHR26Us<qf9wbxmc*w
zw%}hv6g-_Oix5{*d(TzORf1!$wR#0d(M?(#R8@}Gt^hy~b@kM;^a{l{eypUlCJRHp
zuN_Xtmtf{kkQzG0Ky6G_x`=@qlnHIN-Ij7W7l=A3)N@a1s*th7g}YCZ+}d|ABHI~i
zbCjA(EfyQ3Vl-wgU>zbOSmOcDN<_Y5bpig61*tV1-^6m@m8l@Y<_zKqHa+$(;rI@2
zN7Lw^_oVb?aw0b75}1udq+jnK4!tws6|2c|Bmc_zaz!l=aGahGo@CntrvU{HuS5R(
z1Xu`HRSSg}5VCx!f@BOS7!b~y3=zszIXo=1w@^4w6cBnT4b1V^4=hFGA?8H-Lnq*j
zqkFvA?W$zzdJ-};<&02PKp^jgEbU*TL!K3BukI7jMKF992^!yiuthjm?2m%fO#w=4
zRAfHAh?BVjn0^)s-4P5p>_SuxnW3YW&0#*LQrahC8blbxiQ(1-F)_z#`mV>T0b8rC
z`t3~tLM$;N?Eq+&eW|{H!71<l>Zl`}vHX!G2sGl<QOmE6`AVtu$gcPfhf3+u^|O?e
z;4S`k47%x|28k6*Qns$$Zj)0tjd@ZgHS3Y&<j)VjG7`(%^X)OJJHN((mym?af23on
zvag{psQ&D(RHVVeb-=Y;gnXS{1(yh|WZ>APV~;i`&C2kci@%avVQW>440;yMz(aX?
z0e)2hLHq!)qZ2cWJBCCw{;+cGe23!)La3sMSc9|bYqX8CPgJw!+8ec7;MUSJoYOkf
zV=@{IX?NV^s)h3WiTmOjD0nd3gvQwd`gXx3TH-}^xmKTCBgsFUl^7%J_-G#hW08Fd
zY(dsV^U!G{$`0|#(f|Qi{o|YTwUTI-QeJJMrr_ZSXtZMVgz~==MNvUvJ;n-)EdWeR
zUj8juyBq>%M6agCcvywr8mOsxO;Q{>Nh^{8v?9w3BUp572=t_cs(=ergW1u=#V=ul
ze*NlvinJll2*5Qh{SCQx?rfpl^Uw9?WG~1r%3EwaFYZW~Lt?``pmroieGW>ij{dqN
zgRUw^E0h8(`B8^aTPxK0a~7)3Q3tOwjHOv^s(Auhtghi}l$bq(+Fc7IF?}^WhS=3u
zAGJ~mTfYHy69=Rc?C&C%0{$rVsHP<zv%Jzt{zxmMt5Xc|+DR9Mq_mn3(y#kh3qPv&
zn*g#c(esy@T^NdX1(#~bKqV_D-BBElDD_E&c2RQ1c@{nAD9~|$&NK#Ukbvi`=U4`$
z7%dgzEm1wX3)UsSav_X9j~}g@0HAKb6vCj3>wxrx|Bdh93vjrOR_#X2Z1(uFi<SW@
zv+!}F>xV!06679ExXjny18_cz#{)ub8KRLd-6QYNbzJ^RV2-}?J5w!T_Jfa~>hpxj
zpA$FAAC&<^xxcs^^CKa9kHv3_gZ5+C)Vo0ISk!f)e+#<w)pegecMga@WJ|>5`i`2b
z>G|NhUstAa<1AhGHM^cH?DSTWKhtk6`%t9BZ`>^3^T)zwe;V57iCPf_9PeOJC%skD
zgs^Ltit!%{W13R+dsliiI2RiH7y}O4O6w%aqjOm3xpbcfkgp~RV!{7hoa~K~E<O^?
zSu;(@H(0bFrtMdL9z4aVgVwU#`vh7Q@dC1wmqyJ5_Vhg}vuB+yxPz%<n!lcFu+$g9
zGhO97JwR2B<mtl0{)9U?JGt9>Qq4y*GPXdl8L;y61cIivTQoCNRnKqmXE&WVo|&G4
zk7nQb;T{;q=59TPbePsS2uUCeVA2lrBCk51-+N4$s^!}T4`V23Xf6sTq+HWLZz8H>
z&WFz8C&t5<H3!rlqsp?<C9QWdnhC9M^$C*@=^y8)WUR*a9{7x#DT7Y66C3sEL?Au4
zxE{vcsUuNR7YVLNN#<J)g|Q$-fSVkm!Td^J2JU{y4bUbCqb7Knp4~_qA#SPVvtu|V
z{zRnbB%ht>CO>>oY~D(D@w%@xZk%jcGB|w%&KY0yNE(pNh6>O=#5A2k1&;A?FM!Wv
zFU8p@#NXPQ#AIrZUre{bf9(vCAMi|iRQk%vTC(ZgpOScIBO;2zurowwXK@_m?f)k_
z)&%Qn3%fOpg>q~q$!Fvi1Cgr11H?~uC|>q>Q4>UQ`O`w2eh6i@|2*@{<SE3>e0Da=
zo1H*4dyI;jprJm+a4`xv6($srEg3R7##)Pf&icl)e{cXfr%hZpBD`oBfAI{SL%Qg7
z-KDW8`;w$1+z~lz(4@18?(s9CFk6Od;l=-=ICpvf!i)7L&K2UmgV}nH*7lRtM_D}N
zpR!je?!QcC)(^A#0<8>(=G^I@$~eW#Ja-uWK#6NY`+QX?6;$^qA2IptxQi|7jml+~
zqaP7|{Bw@@Wx&0`4I&KA3kJvQr$c&h-Z?4|)ZptZ!zFY}E8^_R7$uJmCmsL_8Zv{B
zhDRk451ukpzIJ`4g_K(~Q+5*c!9wRv6A#!e42vS)`KybQMa~%YhTKj|KDB5D!Ly4-
zBJMxhL4U5m<AVjEaM;iWH*V9o;iziF91XTV*2Upg0y}PHXOHjLl{hMk>1K}`H)6Ka
zZd|!(uh}~?A{7%dMus;!YoA_inUQVn>Eghk@{%w{`WLt>q`@@2Z5M_EdDBAd@g{`@
z$6z%ILjecd#b!+ZtR5aU1@ex+Ii0rXm0qS)>{g6suH{Gna7Vx1wf6wJ_uCgS9jEbH
zFUTy5xAi3y=7qvLrs2}dD6^>i#HBC6m&V8kUkIdkwjBaX<S3*eZv#u{>7@8;{x#|a
zPt`~ffV{mbr3sY8s5DwKY>5N?e_><+8u4Am*z__+-!L5R0!!HGq#%j)>yj;Dq(S3I
zIA%0Bl(mna>CHTPRZ_7jArzUkT==!<q4~QE0qcl~{#lsxCEEXb4st}B=WAW7CgIZ(
zCnJ@q`l~r|2Z(y=m;6xlE~gRhwl6OWl-ZZ%l>@&~LBSv_^IUnr1hN?T6B$Joagywb
zEr<(?jK{oL5a=wMQd*MjF;=**-aXKG*PZ!mut1{)C7$Y;z!`g1>XcR0MW|%iH>@%2
z>G|~{A(r)9JOZi&|0hcLCm>S1-y2shp6)~VW>)UwbkBPj@s#D2a!>HA2EH%S1SA|t
zmQ3(u%XhKQ@BQrK;`_mj(bt$%%;gWP4mKrAbmK87>eP1XLsf+kAC@Hsy({xcx+$jz
zQCg@Kp`FOG2K$MqY54;A30FngHamP427B;EvcfI648eKRMlaWKpZT`QjP7&~h<=kR
z<oST_mS%lCojc7)w*9i33KPT`kN^dy6TzsAnHPfa+~t0rep(mp;bkguw}`LD;@q6i
zA^x3hhOB6ME(kz(DE*>|@7(>4$ajWl@*3K^xIBT0qzR_l#?ZQ861gyiJhSS>Fg^n1
zEE`}*c6-6uSgemzIVzVjX)u(+zxCLDvNDwbAT|k<EcX@Lh`OyM+|ZvVAv+qp6#F*k
z9qE&{DIARXjT3(yFJ`cD$j~~pe6nxBa?9^U<*QX32*GK8f%A~0LdZt^Vnv=>LvJ$@
z5L`Gyp+mlfz{PQ{b5)^g=4^A{|AFh}_hBfg(!}1YA+Y@m;obyu+Y9qPI^Kd@oH!5{
zEpyM|0hb985O6EkEfVC717L^V999j0<Yen`=mOvx^k1g4>&7#=s5Upyz!mF!Ky#1&
z6#r~r_u1m}_6zALF<#RNH*L;7xiYyOJt8lGus!0+rs07IhyIq0(_1h=a#QV^hF{5z
z1Wc<96umneMoqnLS}x3;p@`B})`lhpW5i4K^Z%TuNq|h-wuBr7=g?|sCyuvLhzq_S
z;*Lo&6X`XQ_N+%SAJ2*T2V;3}UHnZX-|5hLwnHTOD~Ek?XCksB!)mHpN{{}GmAAo5
zTgs`{E0X%t`l=+y`)c89DafR%uD9A5nS3v=kBdsdGFQqFTx)^y>h2qNzSedTH@d+9
zwF{1*8G40FB8{;T{b*A>w^wKC<zr&SL;|E8qGeOvCoC+{>BqtwiD67bVaW(wW*?|h
z=pmn39guOFAcPYgyi?=NQ)kEoa=vT)1E-@F8lHxY4Tv3eX|GN)OXMqi9P;vZZ=hd2
z9vAoYW=;mHGlS&~lHk`<+BnQg_?(N<O(N01?WqorIs+(M7Ww@$p!wzIBn;m!V<N(W
zQ$e@%o`fwi9bRjgH<|uJ=GLIAStkZ`<~#L5`IV*f^#Qmsa!zNsX|=uaX_}HFZ^+#<
z9zXJy8_V`5Oow#E-;*S9lIe>5lX<w_6J^^6iXbCFdA<NbU0*>4z5x1(v^>S9h8r4V
zp}ge68w81+Y$0ONDmbpZ)GQ(5Y397pEJb2>p*)qwn?vl2UQ4%k=(T?DFLv)h{(f&A
zyLa#*5=pnE6M5kz2bjasZBkh;Jb*5o!!f8|2r;4fx7KjM04il9YKw~E&E9U7t*K{#
z5wH+#0{~8pgj=_Vl+e2kE)NDpX!UIaRzohsRbZ(_9|boYZ~mqTqG`G0ji$vp*;i>}
z8o;czF(tD(r?`U`=8>kCdzA~ErqsU&QapyHu!TToFAG78g_1=Xj$u6rC>y7J`m?4h
zQ*HjI0L*UQfpOIO<>62|BJ$;tD;ilV9q=-T0vOU+O%|IQ740C&-Q#qavN2aA<e@Q)
zT&2dtPm#+7@1&o8gxIs6cMQprX>(H4SkQq_YFGM3U+7iekSj}F8GAG?v;3u!9}^Ik
zsK+GK$Q454bZlpy<|}6o_d3DYKegvymbYTInn8GZ&DKfJmn2Y=mbW4^n^8S|DHppu
zead<!hYEbm(Cf$<h2Roulx=2v!akY6K~ywD%gS3R$*MTrzWl!&vsUgJ*q%`G*gEBe
z8dF46d4z=;$D7!Awze(Y@ZG54*4`!<*QfTv-zMD73K6))&i29^fRa7e8gRY{kL3vK
zK^4E85ge?wNbPC5?GNp7Om8=++R&mWG0Pw{@3H$=XnEhNu&}webn3~aX!GM{4!(nV
z$`Mc-MrZNktT{t5Z6?c|$vid7>kjpa@x)l*<r$8Oug03-41Pw;HPN}j^ZHHg>qCer
zG9}Y20vpp$4sZoB)fr6Ng4{aOX=_lec(&@&4<?uTv+hgX-S6QvVPpcdiPh64hy@6l
zK65kBYJpa}j+hL3R34oJrsPzFrSSMw!u?RvZn&qLe*LmeOm>l!q^|4IdU6o#j$WC#
z;(mru?X0C>PW}*S5El$_d6Uh|0(2PDy?|7x=%v)X3CT`<Fzm9m7<P`T47B$)hsq<R
zbBE0nE&V=UF5#ZJD(!oCSdxfTsqDRrdUCz&Uqcpd?%8}dX}aQ*^lKj#?}ssw&n(}k
zRCc2pj&RPtQ%ceYss!`u&kM;w^AG0CJn8u6>@@vg4}<Fd@$7U+(N%(KiJo#HGp_&D
zuv-ARA-0SxBii-JMXOT-*N|J^F$bLP5k>MtYa4_*@ir%K|F|=A;dg|?rY#RJ*{3c~
zKHuYLW_B#U)e}@=oTTXjc(c<O?udQ<>_Pz-Ygg#w+Cad+b%wG(f<F$<njXtN$`*Re
zM>dg&Z8Kq3b#b37AAwEji|*d7C=38d!f_aF3eV~<g6p?Q{{4eSH0=C&7gr~jIXB2V
zs`0O9Hp>vc6K}*vZY#sjhiSTvpGT!LPIxRnP`0YK&`W{UvJjES;kK%Juk){+VU*Di
ze|Y9Xd_S<Qk<troZ`&GZ6!;=4^Vg5+iNcxKxQi`7TXlD$>~a2lt5K+($|Sn=Vtlz=
z-t6+UHop+ld+N^&RFJeIAXB$zo2zboNEo&q$v@7nV#ZhJ^{?!PU6<#dX~4|!SxsG}
zGx@kP;1*uYPRgxvl?u2#rVQ_}B8}@Gh@#>+mv{33%{i9dg@WXs?doDW@esW{eQDgW
zR8}zSOPR`tvNBonG{vQzjZu%JUUQBL7R0#ia3#~RH;+@oZ(Lj4*(-s-yAsz#geW6z
z<DZd%EBvDp24OnBn3DR!<Lc`)ox=eCwt7Os>6{Ar&d|8+;U^`NisxGoDDswMr|rMD
z{^E<Oz#(Mq)}aCj&k2ZAJNl{k(S)Mkg9-KRQOg2bpR6sH1|c#^AJ1^8jQj>wmvsR_
zi9vALEK$82#c1YzO)%tH{CoLa-`h~`KftAcpJv#30p)3jZYD}!+`{1O+hJ?%Wk?TE
z<XB?ekX9!?n(z0QQ>$cBp9uz2WP#(yM$iDwgU`m*c?RK1R_`K44Cxs!N!?iWXB{ME
zEB>yZh;{KV)i&|a9;mKx8`}AEr~BK*L_Pqp$%5M~wnZMLx)wqJ{}6pZ9d~#A8kZj>
zyR3xV10MfLawNYp8cn!_ToTHKM}OvT`+#EQ-TELqbvwVfWAY$Lh3<hDSSdCMpAP~W
zOT-iha}m(ZM1%_^y35MvGy?bSm;&Q{Lz~C~0L*Q0f5)Emh=mLur|b={jRhAkrSSDC
zj_=2GLN>=IC!r-^T7J)2szc!iL2lF{d!$k!Wr9E;9KD}$ccm!RUO}wGj*`Kuzqc;>
zOOOGxMcI!T7gT(zCU&uGM>GL*wrhgKX(=|Nft`f|>xP@`M3ezVXnK8{dUcxbwal>j
zpA8)9Rn;iVI#ab~zBwgByyej1dw*s)Pb_==N^U){rvDc|qaP?petxZ<;ZU}RJc<d?
z2xlGcECrxvTf(J|{B4Q6(_h^2)=p_`$lz$@*}D+gTjoKT2-kE(iJXp*Uja#Y3iuqi
z{x_|RC>MU2PS#p$pVn|g3ML6N$E_u`n05yGAtdg-8e;~Ne#;;Xi;wqBqMJzo$04s(
z+;QQFf19~=ZX27c=<~GbpU(N+oZoDio2oG1x3E1)rHL_wW__uaHsQKfWvSNSh`FRe
z@i34`pOS>_giswu@jnW0;3uGPP@^ZaEp6-hbm+J2s|Io5IG3hH5#O^Hk8MbuZ#;hJ
z5WBbVuf+6FY;SAi4#x^%AN~04zCp?VehDAKwngr;TRS2z&F`sSN8sma9w4~w=)PNf
zxkj~nhG`u}IBFw=>caJY`@-)@USs!aNi>a#ip%w0jPC)0N$-E8Q*_<6?{Ue8vwO|)
z6^Hfht^C!1Z;uYPDF4JCOjvIBy6pjT0D+W6<Oee+UVC+qrWLh$4uM-h<frn<RuFCX
z5h`e|4KXU1O&jBCS2tu|0c!o%YlLF+Ir~hapMIS)wiRGx1-HNzJ2lyU(=d2ZT}y?f
zrq>Uo6J)F#gl=*2b)NhOn`d@l<>ko0e{|uM&e*B*(bkuk2I|&B9N_brYD5@9<S-#<
z4!_bLgPr}qrEt~s?aXQST;cQmZiA)JpHeR`nOVH$hS4-ikZqn<Z=(YH{c}6tow9w2
z*J?yo#~A#aLG6gLnL`|p5ew=-%EG5z^e;o|<%x}Re=j5=+7Rnq(yT9G_%w|IvW6I!
zwvg^CFKWWIZJ`vV)WeCK+hGmB@8x;wAc@xI=oG%`o0A`Ta{07}pcK1{oAgZ2WuV>>
z@-$7Gh#Avz$drs7ql+8m>RWrqjP~eY@EG|Nr%Nc@7u|ved-?*l6kU{L-J??}1v(2{
zUOo(EO4}tP`_w(c9?8DgO$P36eK_KiM+Ogk$qOX6*iCXS!(&VczG3^(n@7(ce|nLx
zWMD;0>?S0jKCOsrXP>Z#is|ripPJmD7H;b5y9{UShCO}kCIy+K{lF-%uRG0pu0C3;
zqdifN*8cb`!IcBpwSD9tS39B}Nz&NO#4yL(Zo|XJ!J1COU+7@0{}LN=X-qG6!w;l~
zss@ZMdVt{@W<pIEpM43;*=^mkB<ca)4(}iN^n#<3%Dy<=`kFYt5+m?<QV>sFMd`VL
z1%0q;D|HYYmU*q?2VoBkhA$KNwgB9|vUg8EfH)&5emD+SPd_|4;SckCOhzR;Dd%a>
zJH4A!Y~Hm&3x`Fv5u-v;%lk#P0i!}MLy2*2(%df-Tr@d9wr^(DoEDYeN@x?j+37FA
zIQ8R_e;||oPdwiULG-$D$>04}+#ja|vVyA#hLAe`f+W>gSzrrr>{XXcFqrp^)B6gN
z+tZJd)z?Pc)9cwfpW4^Pa38_d)O2uz_hAuBvNt>LotfV5x=C7`M&zUrQrk25_H6&-
z7WOtLXYjaJl(KsI9;Onu{*fPO-NkNSwQSH^0KarPD~(-_eQsbU9*Un~f!<j8twxdF
zq1&8~B?))ps}!zklRyJWOdfnXZZpf#Cw~>`tl`4004h~Mku96ALO3IFeTnQBDkIP6
z%xN!G!r(c2aDO69k-n;>z*Qye#2K2ec4kSO*zGN~?{89%ONA~dK3obz_A6GxFzMam
zh?APcQetM3k8!+>EntZtI&<jz44u4%IA`p*pbP&j(!ok5(=Yx&1p?bk6pZ{~D&wiT
z?X2VaWI~PN99i@m58UYbp!BJ0F;D|#xT<m(@*2|34T9x2m))o#-R|{x<~>&12;5;)
z5CTQpu$|@c#ASY*&o&!<Z1DV0_+UTx^3(4<hX83_gMm|aHHC;YSz`FM4}oJOm+Q0^
z6x)tBxT@y(da}FQbU{as<VUCyDgjQt099MRF1R+K#oZGY(|H{<hwqEKFClTx=Taj}
z81)aIWC6=z1o=0g9!zz+A$ZXororl%5?JyCUfAqxIIYP1$-h^a0-&#||EdTau86nv
ztA`(u4Ad(ZcmH{52nZ>UfDqb%qQ|uc4-|?Q5O)2Z-a=PoD|N)1{$>9}a0zf;zJt4;
z1$My!`N20*zc%d54|==b=QZR9`E2+#g1r1+z}8IO{2&2Zb?}3nr?T<gF1Z}8P4VO^
zW*Mw*Al?lB1=q%Oa&-sf-+<yL{!hD}#RoNHIt~P6F!1*BkLz7E?QHA$CXP6;Ee0g1
z#H&Z{y%CXE1RuA(w)mCXOkXkhuj9gD&|X`0T=3dFx>xHR-l9BFz5DmL<Ml;~0hTSk
zMcc`=@Jd)>2WPvJ*{ZB(%*sDHl$ucL7cCm2miq_mi(k=Oo6mSp<)vZ^Vba`Ze(tGx
zXqcp~B~po@Bfyz%*3~$4MmAnr09vjC%MRG$S$U9N>VRLPwG@yly)Am@Z*8sx#l63{
z&T=`an(tsjjMqDO8~9{Mn-8HLM*A2G_8)uh8qXu{dgv9!e&N>(T9RQ`G`rsSHf9l*
zvnU|SvQD*m4Mcy*a2l(Jxegw7LENd|PBE})^fO+0>EdbMGo{GH)J$+uDO3S9Uyf24
zLy6YRpOK+xO=-@0R{MUeeByCZtZZ7QqgQ_%P@zi6Cf1+SdQXEE`7)o^3cdUg%0hR9
zzR4;@I|A8w$AxuKDT7h1gWlLI77O9Mo6RR_=AfmcGd#aDem#XrJZ=@goYYKN^tV8G
zf<WPfSoJGUbwvb}zEg88wSt2!RBBLG)4hw$rxYR`_AN;W{&zxL!gro6F&Z&y$Ip|l
zrD%1pJ<J-v*6nqjZyX}pzw*!py`M*kWrex3f^GvQ(d#Hn&W?k1Bx7qS!}JH<j*Qq9
z8nY!w6rsJ%t0baR_W1a}ll8GVg5*?4Sh|lMh12C8=QVj0m0+CUjeK%nzs?jP@2Aij
zQb`LDKtHeey)`ejbKcm^99mSacg`Rv@)0|bsbsor+~xI1h&<Bsa;3cUc7Oy1gL|$!
zfw@<IB;Q|p-jhfIf}$}A@3T+dC5eMJCmy~pSq`^-_)Tvju(tB$nSc@l-N!-iKO#T6
zq%=Gp1=&1K#1nCdnqvsgwuP5cj=M+wF>4YK>^O_mmLyL8zN>dg(;Kcrl0D+;<#ubH
z+yoC}AJ)F1v{O~jE@&f2N<BXf+~`6wC4R%bfSuU%Cqil7EXj0{H5$;3t7yfOk-r01
zlBhOMi_$6Kuo(VctzUO+xyr0?(=&fIolpfgPRydW^Jy>T&!n_sFOJ?NQQT+*Dc*@j
zh2kDU9H7J5Pqgh8c{TklpjHrEB);e-@R*>kKd5Cx8ek4)b49ijN7rVaU_z*V*V~N0
zPgU{WJ}H&H7T(SWQroecL#&@55(r_o0t@NVpnQXGfa8?sJ%jtA-`93qfVw$?S-Ob6
zAW^C5_yW{8wBtSn?3V#2k_MUlIw1%ZZkFD`6f}~r{><aQka4xz8th-=5x<7Poto>p
zuzk|&io*E&GyLj#FlOJ}ru)Lj9UJEeNrczmgV0Xp8G(6JYmaaJQgE7O`tiO^Sz=s3
zRF2J}YYQ%QBW8cdunhzuIF@GWC1r7S#!4kX96%*{UT+gLE^u_P8_t3exlr6#_hpcA
zI{h*oL%2qH;h5Rbhupa91NV@nBloFyd<MhjFp#gMr+$sBIx!;c@|WSc56=!h96ahi
z&m$MZqSXlYCt$gFpfO`R1+g8jEO*;gVhe7z<%+*vpE$37L=1^X*zxwdHTeiFyu%ju
z9)catJ{cU~+p!LTfc_6h-AcN)liIs`7)%pkq%GNTSNXD+T#9ZBuFT6HzljtA*|+Z`
zHMgEH4WZ_kw5PoEZaLRu@6jH&gPhbve!C2u#b@8UK5$NmkvK>u-BaHQ>)r5gvk-j*
zh{kY!cEz7cs)2nUun1K_Xd1WQjCUy=`BKbDul%4kx2NF&p4j)2g$3HUMEQqxk*-RU
z=zh!C<Uhyb?>cBzSenYF;jd{BywNLkf`!JxT>8btuLZ@MD1KrO!oKNtkh-4#=Ea4v
zrpWiAIM4*8a=E}j|KuaP$7z^C+4XP;^ZOcFgN4Xs32p=213JVV56oG^z{P!3Enz~K
zoa0R4x_p+(DSoEf>qVNXLUe1t*QfM~?4^5mpilYMuQ!z1TWEu;T^Rz;TLL{H(Vvk_
zUC9UT&ybjE<Q#aI-4UF9ZU2yz4lzv>1*2l3%iwm)KS+^khH^fuTCHXUZ#)zEhD}w_
zMrG#SmI<X5AD1jQ`R$534OMjAkslX6`CH?_5u+{m15mEMbR?m^EC%2@Tn{1T1v}<C
zq)-29L#FI5){`$+tU~OT8jwRu?{NeZNJ1{jxAtPBD=NSPd-DQ|Rtd*oam?~9JBxKa
zOSwe4%rgCDI#YQMGE&{yA&UaJLLZcNf_ZK$4<-wdmN)pDMOpILw<@Xgos*cN)SggO
zQHCr@1*99tRxSO{w|3>rjJ=d~<ke${J%tU`flS|vzELO36M|z0^a7V5uS3v0Q%7vh
zYp51$*N(u}Pge>U+Zq$ReoTmI6WXLjo-({4Aj|~~EMJ&ph}2Xz%knxV<#2mZ4*`|*
zX6Ep(-<Pz|VYnSmmbWtqeAX*h`<I?l+Vc<{Ku-a1y?f@JsC1hzN7UL1q?V*RYyi{l
z$_<w{`vNFV@Hd?5Mny519sUAcvblb)<l5zZ;B8`$nj3?6<Id_;U3*;s<Hfb(^jF9J
zv6KsoPCt|4*Mz~54^%xDMuzzPR`tSGpHhpB>f6A5E?@x@AxnI~b70P9xv<USwThTr
znR0ePY^!q;-KVg7n#BTNO17)XJ=7a67oB+(ka6fzkyqD%{lIw9;w`^XeG|6UELLOU
zA|(vJ@Hq-6&@boR=zH#qWT?k}ULD@_p@jXnQI#>5+cVq=UccX-C@p9E2yvG7e2Z+q
zxmL9gt_mOBfu3bK;=cNdwC8vW!V(kYW*s<p;kcDm;+tAk2Y)ef=#r4Uem60Es~D{G
z6lmEE<Ah0@u&UBk%KAyL@O3t!)?R#60Jl6^ZSbX4+=D+clDPaOtx#-Z2Wd^dYfFlf
zS4qYF3Nl64mB0>y2O|P^1beQKUz}gBOZdJjxBD8%gN^o(rhgR>o)m?<r7=P$co~6a
ztu8WVGcY=c)P%+A#GmS!T~EWYKm+M^1!*g<@oL}@j=MFbjme~hQ0am$#HjC&``zFw
zz+W}};Ws-NC@cz>knxKDBSev;A~<;k_jCtF2T>!PLZ4ATpCg5a-0dpx_l9nyqPN<D
z3bBS5iA|1>q?36J|H=pw2C!0FddD7yzOq_3I?F;OBsJFoc$uA))HSQklSadDXUxd4
zzCkY_?R<g@yO1!Ys61L>?TT0<Gxb{j@8`<ul+*tT**RobFMVR;5;84V7twaW#cfMK
zNWN%RqHA&u?vIvzPwIP_@6!+{ZZz9S0P9t^c$-L?TvK5iNy#2zUo}$b4CcmD2+_i-
zk1FeUE(X$Whdafi+65u|65LH_K*DGo5d^Jc7Q0J&x9b3?w5f>h$~Kqm*>6=O*RB>_
z=2IULPv6(BGQ+bRGhYk6CTqhL2Jj!)4dnq#mWm=(#IxR45t<2q`hL&G$$Ug`tD<cK
zi$oH}sBaP5>c^^~8C)C(J^FS7G|S3T#Cfo-0`Q@bCUGTLIjN66&lwwTqe-)d36*CN
zowpUiS?2v-7jLkEUej8i4S{2HV@#9AU|#<kwOPJaVY8#GL~VS9CqPJg#Zi<~y5K<|
zQ$5uA+0k($l!0X<1oyNHrPJx32B!_!uEE!9MsMRgPQnO<Uw2nY^-{4`|NKFD@t4@`
zE=0g(1qd!-pS-S7+O+KZahBV;w*GdZEX$|4Z^Q7}2VHosdfWm3=u;VwT5Ic5TK(zV
zEZD@s)fFWNueYo&%P%(52G|xgWhibSVxa!qz{vD4U=Guh++oAhF`{#wKF4hF1nL6D
zdLNen__8$(#DT}(B~`d@WfH?1kB08-H_WLe-UG?~Ov=4GH`~6@5{WNKD~OJNR~8|<
z=W`)*vwnCVW2k470Bsm(cibs<8wv%npX5a^ztG7xzK<$;o5vr#rIdL1mB`d++`Nxb
z%;Fbof0zzz7_?Kl4PCbJ`R(H@<5L)3)DGBnSVV`vA<q@{Gzi;VpjPba*I|mH)vb};
z%{3wvd_Wz<KPSXfVLCd38=?>jBz5(qh)!HWW+=`Xi@T|)gWqGQihZSN1JA!CuDZ2>
zjcLj5+zW$6|CYF8io~_G$9o3&KVpNWj`(LgHE<JmXFRW+Uzf<yrk2QGNfEN!@J6Hx
z3jCVSo&yUZ^UYW6U^wn#UrH<yzh1^-eNr4BaIhM1Fj*^Od8Xyic_iIjr;r(gI;0Ac
zh+yz`q8=C`3aNq)-6a)aIb=S;`^~p+cU$D|m<MWs-ws`|zQjW=VnVhf>(2+Z@IByH
zwZ7bl@Ly%d;lJ|s!94K?wP+gw@EXfS1>UG9b@%0!T68{P+<*Nr1*<K<Y6X1MHlX5Q
zxf=sgn}=e^y^t5R;MIOb`ign~PvHh5$FhZ#w=a%PD|IjzENwed5JHRuEzz!JJrX|}
zjU4HAJLv8s#FJDIN_$}2bU9B`v!S(+*xwme>dXWg3Ea36MtyyH83{C6P8^?4X!dND
zDL}VNpBl$Q*98n43@ChcIc@M4Dc%G1IBf!=_!XY5{rk=Oi6cz=cjz?lPmtVJ>OyJ>
zl!*pSy3uy$oVFBV=w9w%{@5%Bwu)t+F8P5P-hT!oH{+gyZ`5CRr54<Y5ww7siKz)%
z47;cP6B~zbtGLJa+i0jdL`e@Uw;m@w>QA~Cj;*IQn`J%Qq_<~q@TybDl+z{L(?%nt
zBV*33QVf*Z$pa`ma-OI_@Sr~H|L3$HdKr>faEmhxr4EMQ2V~1gV0Z%*5Zr>5{Yzx{
z(nphCgn?QI^ZMwYl`KMo7gvVX_V38+1CrNKWq%Gg0oj6$sWA}hJowYl+9u7QY#<a#
z9H7|Fz+P)$tM&ni7AEg!DJsIT$Yr>-Vl3V}4{#iLtDlO{r%-mQ|Ms&mYZ~rD9Nhm0
zac>=0*Yf0x1_Hq$SO`vljXS|DSa5f@;I?s>AVGq=69^LA-9314cX!`xg58yK&dj~@
z-n)PN=G{BP2Uy+J^{wjewV``eSJg6RvR>@5ia1g$Wqpk7Yg9)foPyD?*R8OMJn&EF
zD%WV}ckb*VoU_(60UjaI9Vl&dm%fN?5pX(bZ)t;yv5wBf!ruOA<y}9GJenzEB?e#h
zb8K6#0I)v7xfl#b!l`V{NbAH(pyi_frg%05z0qS!o8av2oCJA)o%DPPkN{(@L<bPC
z8+oJ#2&iH&-=GOt`ioAdv_;TAX)BAM+vdP1_Une;&|dfDogKh@5NW;9`gY0y%2s|f
zm4V<c6EVQGdC1?HINpl=e1hUivi=)q>mrhy592)PZS)znI>veIPxlH1N3&{a)g_+4
z)&(FZ3Za7o$vPvenM3c4r~i>j*=A_^)e93YJ(4xNWB$(eBO~%M@4BV1a|5g>Ac>{R
zd(5ZbsMr(0-(9yswk7#*OlG`|iUU^6N4#V52VD8YCV*s)w;_ZTcAo7<lS_KB1(3&z
z8*P61XYY_d+~8B?k~+9yK6zr1Iix=JV{KHpy`n^CiEfEJ*N_@g?e=KZ4eBTu5WA+3
zXX>t)-VA-BZYO`>0O4&&4B}2iLme=EPq6gKVUrTn^gbQ3%ZUkXZje84!<C2n_O6IS
zeMZ6DX4!f9almWRfeV(44+&BeFJPYZu?ur>`FI>(YgH|!g?Ud|#>iSerchcwPQl}H
zBc)Bp!`=v(DfTn6Y?Re|1*J-;(i3p26ef!YsZ7NIl>D<whxgXj@6v^k!)URi3R(*#
za;4oX^%#pEPm&hMz+a_m2Z-uDX%)td_27F|Kgz{Dfb;e&?U#2i&;(EQ{y7q)S`k<B
z*&6`Ji{2|f#!4Ely1kQ!2elkWQN-#-A!{^7xP@&yLV;BxYgVTm_9Dst^F@>de@271
zOoSW%=4tCrUG0(pNzP5uoN}bw18Jp2CY|uDyZ@-iaKkqDPvZSCop#Wej{flb)eB%9
z+o>yE5_m#d(D8-aC&2*o+TWeRY!OE{^4Z^&*EpEB8SXJw#1wffZ^69TV-&)=NZO)L
zc6$I;E}o>r%P5KE%m(kdW%mJt%A3DB^8C^)@VBHzxp&u?PSnfoe>gOzJ%-)3-kw2G
zTvr{B{kKS-12!2oV44PAmI7>n{|IWe3Mk;mth`Fv(slL#B;F>?@wTQqQ5sKAZ;xiA
zm1$vDaXDF4naOp|r1R8i)leDR?@rr|rum0(IjQEFMYZ<;O{0G|tsnl40AHHP`;=;3
zh0Tm$hNW=8P@C_5NM8A$BGykwiE@%sI1HeiPFA;O@+Y&UNR1xs63t@jzx+%7QMZuJ
z!vbelL$$s=N~FOKycuqqv81|KtS&F9ZKxP)rvAE&jEAm7T2nl7zNGY|iq5KYu%wjH
zD^U$p{OwRj;!+cLW~(`4NIO|gNvNv0l$-}mwNOJ#Ef=lKUOcS0v>c^K$2vFIeG~E7
ziBf}_^TNs#skKj!D(-U}9>bMgK{^{m)3DG}VurS}Cicz1d!ni!8OG-oVWhWcke?b-
zioszW>)533)lc8>%e04|8s%2$nh@U!VS|YGOcQ=0i^NNHipo2$$A|~_G?pWN>eUOS
zWp}gY7Xxer^cCopDO)I$7l8?x3jBB2=?rN{v@pjMv0#_rtqIu|Iv@@9H}=ORVzBdd
zc-WOujm<AyPiEjsDeRd1^}M)XjzU9F4Ce&pI)7tZD_%%So<z7ezNk+UX=YmAg`L+{
z@gX<F>ztj%LH<YtJKvJW<X?t`t|_ss_oBrL@~%Q1h6}H=+>sMFh;wj&Iqm@=Yx-@L
zM2913b^x&Qz20Iw>HNl~7xlBM*@*M-l?q-mwC(3ehI13G2qK_E`~4{|GSyrX#9O{b
z)sb16tXPy5vM-GsGvAWTKRi-26i7pQYrq!)gmAAAz8<xL2om|%=q@Afd6O(IC>!W}
zPsTyCtygVKqoMh@yz7t5^RXq!TS*z7+N_nh4h1iGP29I~u5hlALUMfQlB7|kSP-Pf
zdkFltBud}Mh8E!ihr+vw?Wf9JBe3jpomyBhy=3~HhqOY#(<E*R<F;_zEY2u{q1G45
zQy)rV>wW=e4<hoUJVfp_aw#7B8cIVn`XSUNlG~sjl@wGnykaAjUDNZ4W34R|1A)8}
z_~vekHzB^bxRTN^m`;e&uNaKvx-~|D2TMGyTe)kp9WT)xR%5;|;5S-vM6<sv0v*I}
z14FlOV~P4CR>QG;j@JC@s4tk+oZTLpD96cE+>VOE#-6yb#ySlLQTqAb-O|M<>DgeI
zA69x@6RI4q`@Up*yi(}B4C|IJQ$Z}2?o~$X?hx525+<3O-xIK`hk%nXWXSD^2p2Qw
zFGTg^$%K6l39}EsQs$InS9x!4+(@Coa5@wVVLEZVHJC9UJd+{MnAi=)>dD0?u;uwe
zf&`+mk;1a(mA)<u^0C>V{mM@Y`o;7%M`#T#u0)=F+Oc1|Kyg_2YUQGXIV|I5GR|8_
z8mpp<aZX}f!x4+o1^MQ67^MkEV~=kwSC?hB;?%YB)Fn#}>9mlW+}AuGMa>)d8guWe
z)mBh$q+uIHlA6(F^9u5rH@7MMLUKJN=bhO*Tg&9cNM`7Y02}$PH(Mk4?d(iaAARMy
z21S;m>r8G5J>hc9O7!+EXd-UsbeJygEAg-bNL=1wqlm%~;;~K_ksspv{VMpEC$v9R
zBZfliJs(1=ms#b^^Z{Y>tM}l{k2ZHOB?<LEwWL%pD+N6dE8;G}f`n4~EX(Y{Q9`X2
z@JJu%5nd^_UljTB(hoc!#Rw_pRn)<?+PIgx{4(vG$@uuoG3_}vG^^vj%koKr+_U|e
z_~9h&fnRmlDZbco{dGigv)$m$$hNy~3=yox;CI0|hA*9Y#l_p6RCk}(ks}f<)TUkE
z&$xlo+#57@Zqta|Tqq%ozd;V-7EZOhAzD{WWo2jvIyam9)033xyOPT8M@9o9vGbRP
z_+G#0rqRBe9w!EZ<1?A$q8!_^Hi~Ga$8KAwL_Ls-n`t@;b)fILJH@YUF)2^YeJJki
zPKDX`nbW!ub%}c_Qt2je9Y1xL6^m&|Htvj;|EVjlA!F&0&pe>PmdzmskuV35$nYQ7
zM3YLz8gV0Vm1xe=8C7(hUA@uXUy<w$x33u#E@q2vt}qEpx)me}8{?kxB8?K;`-a<w
z@p!QsQr~(joIT-48s<*Ac)5y@XhE21A9ma2mnpqnSCd7;)$2KA7iz2B@@`heO;i@N
z_)M&vnWYhinvxZcZ!7@f>-}AG{92{!ZsJ?gZ)xK`r;SQ=TjzD7aYqppDe^D$+Eg4g
zya)ASL?jmS-X^RSYOu}=y&hfHkvvp_Ow=?k(>&z6(kx%NiowCz=ZzOlX%8?wyZY_V
zpDPGL#SZsb{noAW>Gb+f_Nz|93<}(Sf?l*uap#K0g*Fu3z9)Z0U?qTo-XEQv{G5%f
zG>@LT@#2{hszM;RIO*eW(K|`JS-n7PMhR0Wa6Ehy{60GHRrq<Z!iAa$&pPH5Ub&f6
zfh9$~T=WXeVb+AQTDO-dgp59wa7*&j021)=viuce5%e1zA{L*YDrxYVE?W99R#C*e
z_W?fRrGq!l(Q0Ulb&h9o1)m(r@OYXyWa;QZ!>VJZD3s8vsW*Q19cGB=1a{gUan?}$
z3;u(n2R);BJxy6g=#we+M+S*%uGxdSBy)0?oBn#597Zdr=Aqb7v&o|^=R^w3(L8Gs
z;e=2#N8sU9Ne&{TuE7Iarh&x4$jnjJb3i9S-YjiDdO$~~q$j?nthXcSJUU0Xpvnw3
zcn-0KbsAo(v;;e{>7y!P7D$y_{kA5CJ&N$#al1(Cd|t2U^6_tiT=ix{yG@=Jmj{X;
zts8)(QWcM^ekTi0b&DN~$}T#^Mlu{WMPC?aD)R~IRi~1y7M106iY;Y0Y>Sc@XR7nH
z>s5!7tWuS2tskGPJ*pqA>-<h26$PrGROQ5k6N8dJGJ({7^{NX=bW6&nI>k0JYBojT
zjA~W+boHuzNyUrGYC6SMGNudq3`<{4y{c@OlTP}o+cfL(h9SoPGO^C4BI#tNx=p)Y
zV;Ew!pwGBeV(Rr@OB}6k)2inhhL|m^GAyN=dezw2C!PG)65WO&b_=VFOD(2e4K`;<
zCo9!$I`#jxL_vn75Yzig8`7kco@yV>dW>O+(Zb(EpKPzfNWSz?!`3IBfQWRbuFK5_
z25v95uE<0Zb4QD=rnvo{!OUCMO@|z4P>;6*iAgJUl1vwddnn%%1i=sLXm<Wi7zt&0
z=P``5>9-aolF1HCPg!l{28Mih{@1?Wfh@wF`7ep+0=J^s^^8+#Fy4&qGCDt6=FHPA
z4@T@@q`1EMkbAo=V`0fGrlXt7j2cyMx%!qSETu+f!@|UBQ?>~8HAV)QuyDXT^qq+f
z+#waP$6CCeBWrrEB)Y}a@rBEE?KvCgqeUFll@dGCy5m5P?mVd9v#WLmgPx|(>m0^T
zEgE}ggr%SA+uJ6<^nC&eR8VhEOy@l6k{iHh`u)(`im@xH9zb@4QqUf9h(^qa0?PE8
zGAbH~<E#E`S-FCdmWO7=zqlGA+kccVP(V!i>!aRcwpQl&%`wd8nL)HU4qT%}g8}p2
zZ|lVsggvo_>=)Q4HxxgUv$uje{cgeM*YEm1(^_mIR7vTd3lv>|Cblz=&<?Km;&4Vz
zo_)$ad}5E&&<U0<)nmXIYgpvBC}!xWO%GnoX0i~N8kyes0BA%7y``38B5wJ`sj8>P
zktB2ooFq0<gbA+WUNac+`n<u1eWv%+sd|4DSrW{x@F)(;D90uC$Lb{j;k$mfTFPBK
zG63Jt(0Gd+X_X`vF}>)dk?UoIeYauM*rj;a>$G83BBSU_^pnl>V)mLbCxSfH2$rc<
zYHvg-P(}C}$Twe&qMMtZ3HnNcteMkE3N7W72w=SAt0k|qF+ZJZhU`hAXI}&AoM@!0
z9S=W4ZX1W}Wu?Es`Z3PL;-&ec1iv3w=5TMw0XDw5nb?&ClN^;>u@|D+Bh*>(_9%Er
zwG{jKFx0#<XuF!)D6h=(x=>dS6?(lNxVBo%B`@!jaI)f6tIY=|eDztZ2~%(V%(%x1
z#^kYm=+;H9dM5_fuXnX7s9_7_+61mXGqgaQ-3er8S>nZHO9)D<yvxcZA#;T45#zBZ
zEE3wCc<WurAEc8N{gXpqSQ1RZn}NM$o=y!5Urrn1Z}`4G?I~L6oM3)n;d_#s6JNsp
z2x`t6Io5caxWD|v9)3{ENVS_@y4N>2HCj&zR^B%_HZBw3;a$8bqwqKm-@MTD4aOfX
zr^(jTcpIDXhG43Kg>K?TY%Ls1&q$Ya()6fR0@L{-l@?Jft^_YwQ5bd@@itYGN?M=A
zRv&%^E1EE9A8XV&u+%?v@X`>~{``xYPq&F(BIgaS&8lScUQ;$kr5NFx!J?hbvSKAi
zRuNxn=~u<pG_fu*vqAnISBF{@RQBqL_=4+9BMBVFj;dPO=P6tjo1B`(71s}xE05UB
zPp_7*moo(zVe1Mt8X!)cqf1jITK7D_8?F!3B4CKuZ51kPPWJ2>Ahpu-zJTG*%QJB}
zsQ#O$m-cCwAmsXR);DT?Y06sj{tmlDpbV=%`{n6amj3ACIA9=Bs4za+3vClXD}pl?
zO@F4gS11uXIY=yfB&w<@)Tjcq%`8nhDpmomHVuUv*YiuhPyM-~ML~aqzHb4-%2%_#
z)Y@As^zbw_`~|yMUo`pPC(LRn-ubFFWMOHFC70>tV$b2R<-DsK{x29$FHaY1Aqkt4
z1HY=57ah+>6+u}a1-o~~zg%^$`GKxWvO97O9)JJ67EV3X@$XiEmVh*k8al<sGHSL(
z#f)lo`Nj3BGfBk@${aeyW->E2MQMy`4f%)lsw+vwOaH>cyEBkLC-m2H?Ru}FQk)@M
z<TwNYay!;70qeI`z4<W2W+97lsm9c+-ex@MWT9F>=l?wMKf7H2|6J|=1N^^dwf_%$
zjsKq2{y*$B{(DyY|FGBikE{Lv=N91qI?-}Lka4Nd^uE?6JLzPq+DE%yVHoniAwCKD
z<&O-K;To5`rj>1qrAP#IM8nB{=vw(gdo_B)9GB5$>eqn_I>^CBzdlmRHF&-?xUX<V
z7s+7<;_l+d%FK{>^#=`f$w<q;<;9yn$1w~I`mba(E;&52dE_u74Y-c!fIp72bQ})_
zng-Qakfn9V+3;={35j>1Bz1aWh>xyc26cnj?3HYJsF6=UbZ%)z!Raol4vA~wgCTz9
zLd;N@n0=_s16h!`A>Y{#A?6f$OCwZ!Fc3An!AjbO%q3yC&edfEef`9c2|4uJR6n?W
zq9~Hg#RI%u_#9+&kcsO_DpdnnH2Bl0iOfDGu+h5KfD&5Zd{A0iDR$d`q>hE~Vex**
z_CmOnlrErmfX%{|cN6)zBfFEgjI&O_nKTd>b!8qADS@!Lk4?g52A9ck`!z*w^j;A#
z6&;YpI+wQ$Tt>3e4sRqFOXKk}+>m+C>1H9OEFm*_<O(LvW@wJ#+4N(GHL9HW$`*+Y
zsGhi@ire(7+5(s30o5{BRCwKol;Xaq9EDQ70xS|y%of)C;B`z)@Rdn1C*K#?Q(xH`
zy8*@CztA|>{Q_Tryfm^iW&?_yGtsn7>mu3b-1n?%@x-FpP-n$z6PoqofrO+#ebIeP
znM@nPhPh|WFB>$W+2k(JHl?fkxaUSBm8jMvusoHVrzD|(Xs**~FB*#HF$I01<&Jz!
zz5ruBR0J%AF=kEz8{mzFD%2rC>B#XVET&hwT2nu|u@XN`L|<phHfV}5q$%cOhq^V<
zOi85Rf;a0G?dm0b1GB-6O!y69W7zVESFzuy=0gmiU?&nL5e6Z{)zufvc}U386X;d^
zvR7tw^_)Abz_j*grJuu`0B?FAI)j~g>J}3rH#5txrsj=$jQfRy%S!i&dj{{6jO3F}
z-@YVe2sWsQ^<%ZNCvX(IVSea1*?2)CiX*KwJdRTCCg2;KmeV}1DZ`7*pZ7fLNq<hx
zLs#003u@S8L^#fVSB^#eOW^+9>J>*Z@wq5b{ll^-@A_egdxfhc!t%rGvr+T|{}$3s
zx`}t?XXi0d^B5QUCo$-a(08jf#FH@8LcRAUA=lKifE<#)syR4wDUeE_IUQ(r<LXUR
z=Fbzl;OO<b5q*%fkd!$7TeL19x(^UtL%J!j^p3cSbhF%y8&$$6^MzexAbSATb`*s$
zpNn&+h7`+JTbYzeozL*y9~nF)a^uq`B~Qcr*>|%p^+M14d!|qm9|?O>lc!p9rd|`}
zT2fOb%2rJPev0^!V^iIem?v2BD41>|w{VfK&iEG?JJXo3IgIa$6@7j>mnv}U(o{6Y
zG;HGCq(7K#_|~L&84Wq_{mz1RHYjZ7NAFwvue>NKq1^0;*y-_OqD~;)UL&boaWN&h
z_(=UE2~Qb&f^8F0vAvtrO-+0GhEaw3cA~F_T!CA5FSg1PjTzMrnQm8TUA*XCLPYM0
z?>#jKE9pKObr!CT5he}uO-ODYPO~${@K<)Re%ldDl{oUZtnPQSZz{ir?mhVPm;mWq
zMQ4<J$qh3i&f{gBtB`Ixem1#jqEx(~`|K407!MPb3pc*;vq8UDSt`E@x!V-$cdLlm
zwi_WyOUC;W+EfOCoB2_3r*4w^jbhhQr4ZVMP;!7xas{8|&O#EaOZ4Tw<X0W0(0fm6
zu2Io=;C(ZJ3IuON>DT*%lvHfrFT#C~j~JM&H&06o^NY_$bg!N|fVr#qdaQiJ9P$07
z#<o^pL)yW<N@9i<LECQ<5q6{7!z(3a!pvkhDJ;FTH!Lbun-8}rtA@b^>koGU9_rMn
z_U|d~e59Q76xs{!<8ZcYqqw&=c0tUu7=;8C`@bLi)plPczOGsSPJ0k{O!;eQUvaJ>
zAgJZgZJ$2_rm%71Cm%d<^S1SN1+shYSm>uhc*C)+ithfW?&9p?pqaYRJ3=*G7Hwo#
zA@PwLMT9p*M=8-VNAOd5rP==XWDb)%BHqSjU!)szVXmla^J`I;lSo=tp{Aap{j8Kk
zUju_ATswJcwsbROD*XbHsY23x*Ht)TE5Fhk-hJd59mrqD9W*HmDYpdgnKWgeyZ;(;
zYG-Y6Y4zFcskI}vhZ*LoEvv;@PJ>x`>J-!-E;+T<QWID|P`l+Q+a#{iSeXL@XPj!c
zGiAk3VQMZKVe+3#JZJPkyn9DFO1Z^+38(5a6p-TkG<CJ;c>t^pfOphx>q?7B0I=TL
zR{w~3wXxuNnUF-TZ}I~J9;{ke{qbEU4Q+6H5~-S^gO6X=2>*oO)s$9np#vnqqbV^q
zE!(Q~EwiRs;D|XMfAHR{TrU^d%LF5dvKg4W308NFWZ$G_W@FmM*Xycs*<eiq^Xf;Z
zG<z!FZlk5T#+pl`N8bttcaC#kscDRa)^+)C_yO~=ib?IONQIWLye+slRo)`qvW2f-
zBDnSHe(f^xLm3-Vz~Ek<r*{^di0Y3HhISVckjI7tZkE524$U_P3Q(b^D92f<nNc;M
zkA-24+{ETG5%O1&b!J6xGk4+ni1!i#-Y4K4J7;91O<3wz&Nvvx|0<jE-cpIQa|S$A
zW*p@4^B4ung$H=pCLAE<5%Sm<U|w_^_hy$gd+%b-$iM1iwD99zFdBth+o}MAgDbDR
zJZB>`QbE85%(@B4RzbFui?;sd;AqDr4W`7x{&_D>2%3+>etX_2j^sE-MF%*YC<UM%
zNNT8(Z64;r=@{q2VshbuxUs^pGTdnBfUt=K!{lKxc=9nO=}Mgepx~>UV8~S%hU~r7
zlWv*|3)90ToA5%$p&J&)3=h<q)c8jLA&5JH+<cr%P$^&~1<)*IK@c%7j#S_Kk08(=
z#g0m_hR?*f?p;jM>(*b2K`{(9+7UcV5|hE-Ql1dhUqry5V0k_pp7!BH2;|LI^!7!i
z46GMH+2nvT7e05k>=!RIghB_<2L|wFIkqJg&3(GMr=^qUY>@O~yR!QHQ4Hi%c`JDF
znf5vz?W9Nw7kC}JUqUdtlYG6KDhn1qFx~~JsnRCmI5&LExL8I>G5G;69l(45zKvlX
zYTNzVN7CngXn&r-Q#_f9?2$E+CJ;wXVvG}7or9&?2R2|)At^@)nIJl!UT9!-qXdQS
znTMc|PB@xDFGFkevd-PRcHTqLPBpk0t0!AEd<Bh0^GNlvGVly4DaSI|!sMl2av5js
z9B!~Hyi%KcE%>6MHY9y*3n8kkYavZz;N7YwTeP4<a+2a8*$nr(2g9k<V~<Ac!NW1j
zbSY7UE$jP*#4Ip3km@Dt1U0!YA>J9MDsvqiUQykBh*N=87g2&*L}U5GVHr!&_*UdR
zz)!5^5&nK+rzRyE642x^{URX4I_-zWL}bcKzO9X^0C}pnU-I?O9iApVv^Y3!zHI@n
z<f>fmu;m0fAlwIR72nIpFPvr<m`fCx)Z-rX(y#VJ%$w4bj}Jl-mfbzIwmHm2i$XJ(
z%-yzBsnGzdL%tf=(fgt@Y_3v)L53YX={45Ss~rpDHSSS9tMU}7W?lkZ0@~EH$_gLg
zy-KRJ6z))5)lF-%F6~QaEM`?ms;)A!*}yuUy5IL6eohzL{2|?D?3oGdtU*;rJ%=bD
zSyw8^`XvJ8t4{4+3;&C3jH%K>e&aJ9q5K%5U5D$8Jx<*ZN+5GA%cC&G?vTAZnppo$
zkg)Xue2c%aT@T!Az(I$`Y_vVz-x&SQ9ZHO?7!)sg`og$(^c7A+C*13fDma{IvF?zj
znNKgnCCE2={+zc%f4Pw?Qu}z`i-D}N*CFhzQVeg$1P@jgDKNe6^SG>|#g0$nS4#yh
z!(2Fdv8pA=ArLA1SrQ;^*L|LweYT=ZmDHwxjlyrXSA%$}fDoH#IQ~qZ00i-Dq=BB(
zzo1xP7YNe!!3spOvu}x-4)Z=w<1ew;`wdI~2>QFuJ^!0cvi;j4wS)+}NbjoPXI4kx
zF8%3-eYOP&{a<CcsGydUScOtZnDjgV_PmGlJg%33Jq5T;dhAVE*Ede$1xp36&Lbd$
zuPdZ>ycnXylFQyP<<a2(#H1)9^XQ95d(FGVeHFL(QwS2tr-MQF4(|jdi+i%9mJE@=
zJUsE~Dqukhgh?<O@@c@Nm;2}!OP<O%6t8w<^)vXdI(V$DN(b9wfGN>o%S_Nri>;aN
zpfdZddWh*N_an%|R4MnUsT~(YP!%j%ZW&pKXxqDN2vkfeE4({HYrNHVb$A~2vJo}w
zr5JgRHQx@i&rwrFU3E?7Uf~RRabu}reMt#Z%01x@-1zg|w;=0k>>ubN$4Y2k-@Y5#
zw!r;$5IwYUlJzGw86(1t^iRNvM!gIx>I(wH+AqoGqyR4_!=eyK8*mN`)?Adn14RzP
zUH^ix-S8U(byckkxv$rYU~q?stWf^`N`&{+Teu>o+{DbEWUs14{{xW-xBkNr6RR=5
z;4;6VQ4US8ELbJ3ZlU$Dx9~b`b@T=$r5#K_vsMK~l-p7X8DYUGBn_{*&-oF@es1<Q
zoE^2#bRa9lm!^CGy)E=nQFjo%4cI4!gB`C0t_7=H!=>H#;WGfb9Tpn&LR87RSfMee
zv0G8s^_YiyOHo(hZTJz@S9l{Dd9LgB^LJOyqT^e*UpAX1rqF7Sd2vAI%A}Pn3pt2V
zUv7Wh_ZH5@6MJH|<j{cD-=MOf_i?nED@Gl^u~+L{@p`4vkkzT+O*dOc&0>6pKdoG8
zzzke<r#xXPT(g8FD_aCUXG2v@v=j_Gr#xQOp-v`|MDOFPrh2}5_w@_{$E%w);PGlW
zK7#t3P-Z47$lDH6XqEj(e#}A7)`mbJSP*i8gxcsazFv(W=Djr~4)G5SO}|C8qRn#=
zAn9V)Boi0~LWbpLzZ**TuIx-FNw~VlQSZUGWGr63zZL6bDy-+PuJbp3xu)r86)k2H
z)JD>>J{0?t%^Nt79xUpc)Z?jTp5K{%BbnXeXkk#Plh)A7(1(eUtn&5IdFNNVVY156
zJqgiQFn{F@PRVvHVpjil4m5cDN{KvcQzjs518_C!(=q1nVV?I0mysS*@upmSK5)p|
zykywIk8;;mU?r;X_WIIM<sKd__Rwt}Djo))b%b+$jn+J-bB0gsm$7QHSvL<LTy|j#
z<4}wgmkF7Gs8YP+zX@+I9PbGmdXLRfxrJQ)w%(*XMm+m3XbWL2jP9pnr*oUPbX*`N
zsQ(sKBEKiBYMt}#_n)c;5S_>75$?^8k)Xj<cn@;JhK?%A345^U7Ing7q=ZO`N^j4<
zY2JZwWfjCfMkZ6fXU?x}16UpW29C|WyX^cZ>g}6>ZCvAHq>eF!y?x!wk3w_-2!V1r
z`CIrO>c`gQr~bHjpz8rEPyM2<<u}x`fLaZ=k&lBb#5Fl_*1b?h)+aYGi^v$B?Mmkj
z(pX5cYO*Y{Y;U!Ti6VFD2NF#_^Z`7ZIKyw4Nf~}(3SuL4u$l?b?rq8yTl==pRC<yz
zn}p~;?E|!v<!JM2h-MwF-K<9e4~Tr*-eItI^uue+<Qk{IUCYED{fgVVUubB5yjYFv
z1tGl+bVQo$wkQs8tD?jxGJ+Y7B@Nm@lcJ3WjL_fJSuiV=QJf3|pDqJD5Cw_i_~Uv9
z7oq4<WUcEt1$7|TSUgFHNQZZ>DV^b<m~>%u<J@+bzlV{ejc>MKZf%&ou2`_!Rz$yk
zbD8T~&#>rElv2GI!NR>G48QEy78KrE8fXrLNYflc0{Y09ZIngcS?pw9r^D2+i-qOm
zUp{>3{N)4<Zk1h9MeX+4Qu*o#!QD{s9LeTJ1DVDoU2`wke*DEJm}n&v5lCsAEv*(V
zm-)NjDhe;1_a-2-XFDNanV5N=M;4-LNJPmz&npY@iwN8%wB{(5%M72-SI+!v6*Q)s
zi4E)d<k!zD2@5Gw&0m}@0``DrDuv`gtq`Y_(^J=*Zsyc<i!5xuP&v_9rLg_NDD97g
zLgh^5pH_PgviWo~_99F(cDzyZ_9ClTN2j6le6ojs_UXh_0QIT=kflg?t5|qTIjns7
zw|c^lp1ei50cL=yc*Xf4pzW_J=Dpm{d4&dGBxfu|4%nATsc$}~`^DMEz9GT@Fe5ct
z;m7-fmogFxvupYpzCOORl6C@3E@%6eD}0{k49*xcW#7jo!gxKSf{6Gqy(AQlW~;EP
z+^!obyVjD$bQ=C}j`F&~mXA$L6}udJ8@pWp5L@9bbC-ygo-X?i90)jEH;(n7p9p$&
zIA^yRG>@+eVGRO5L$iK8&Bu=c>7}yuPk@u@eg2XS;0{=Q+tB;zsKYQBU>%(W90mbc
zdKusb=k+X!Ug!;JmmYIZY{(U(==e8&nTCbm%=6=b6W5Uh0LMt5FMsZ(_VPR8jGTo@
z!{;cn#7cyHb>yztRv9M23IvVH$cmM4EIyjQq}<aGzzeJhO(O6%E}Dq7KoCWq-XUlN
z$u(aky|`Ot`O-<acbo&4oco3H4uOG5JJDIYmHdq;awY=w6}8hv45H?uHUh3QMzi4!
zQnYEo+vBr<+J^4kC6b2<?lLdMqV3u}cIWJh_zx%=6bCdOUB|S6i(6n)$CT;>f%SnA
z>Lcz$@DrlDO3)tm<+~e?U5vN#q~{}4f{|^`*$`LC=J(fp(Y?}N-plXloEky=`$JO>
zB($kH(RF&+oMBHJIA7UQQbqG)o~Kr67ewtkzq#g?put8Mr&Kv+Y+i<?iWh#9yzH6-
z+eH2yb@1>Uw#h=&;39yXXV~q#n9xH-N4*)+tu<~Vwnw_3<q0Na?HRtMk~54%I_q;#
ztmFDw$I}2Z^sK~g8hQpsh(gqVdV(xG-*!0D)5D$L)!l1A$J8Y&3=uW<pdIp`pMMKI
z4;tKaCE%Y$_A5KWG2^yIKa7Js&S#I;YD<ul4)6xmE$MBeV;XWlZJx}~<Y<8yTNU|?
z^$p(ziFwV4m5pKOv6Ha02;gr;QEDFo^GQGI^V;tF{kqW{QmG`E{Nw#ykXJd;Fh54&
z`{?Y@9TZ2ohNO30Fm*T7#^vx^C9A*1I+vBTPSNM;8SrN}@oavlLMSdcUzRUr%dk}*
zV_v~@zm?3JrO(^^p!@1n6C*{yIHJmKJ79vEe^;fi!d`MAAIAWC4Y*eljzc}V9wPNR
z^ks{r8}hOKr-ks)TU1*``XV@=q_QuRKlHT=L&_Odz=8)ufOhy=@Z)gI&e?_2TZOrK
zw^b!(##4u_{lgja_`lAA3C-NUZGB-o=>7;q#bKDgFaG3a`HTdP^FjXHEMky?$R5f4
zQj=QJE3qJ=wch>QIZu!iKh?2FMMHe~S)O|z8$+_nR=Ee(r;B&A$MlIi<`a%t^Q1|G
zK&lp7wSZkIm9A6I`<gx!-*4|YNm_N_Ay-`z><|V2Oj!IPes7jAX*&Duc#*A7R{^x0
zY5wQp;m}fR8ut;_8upamqGq4@F)wD@*?i(%%lVJa0>0D3s64@Jm3nu;%yrae<Bepl
z27O{-0>cFc$N0j|T6GFDzMndK7xOIztjS?Zx$G(4&6=6RrO(2{H)ZE!EcRWrjYTZm
zw|(84TR{U31s(=H!hZv6m;%k){XqM*z^>u7mNMT_=A~G#Sn`8pYBSUJJPR{4YuX}<
zkj>_3tu{UmO&kjjkrPzQR<_~T%TMx4&99wxJ7J#7!ZoUqIF5OBhHK=3goUq}SsA0+
z3^;wI*0MU6TMVPWFEbQ>5xI|@9VP`hlXdurPI9Wbe!GH$?!|pjMzL2()S{FG|I8sH
zOe9}_C-hEQYEPhsx5;Cf_O%C9!|G3=QU!NiQ?0S;g<7y0GP9dOWA&yJWoFWf|Da2#
zXj~zBJ1zs-@ed#|yg!9ArPS%}@}o+8?1xs9r&dG##Cq>Z$skcVCN)|^*NBW@LZ+LP
z8&7h>A;ds_<`tJv-k)M5t%g}IZ<WXR!o{oWz67DXiU4J3%}rOCR$7e6Bw4%*kf()-
z=k$`3j;|&1>E056F`Krml?l3vA%#<W?tZlR=}6+`sW|oEM2V3{w2q45)z@DVv<8I2
zAxMCTmgLf^9_poC!>FRVv@~5{++a_~E;LtTk`joOC%Z7ce26$dtSlOI=EnXI6oekD
zPjm=X9d6NCa+@HOt|{ti$tYQ@BX}Qdy?3#Yy8#yXGDA1Elc2cSUVNqx2WXQtzIu<M
zX;`-kCVEyQ*?6+%m!FwFPR(pPZG95?nnJCXiAC-8XJdfC7xgVG^0#^QiG~v2V?d#s
z7@OrW+{oTn7z*WBwiUV$ovFJ)?D{!bEYTU%M7ygnpa9^-l*7SWfb*iSg~{79h#50n
z1npS4pf6J5zH}kr5ZmhV$Vn7^8*$&D<p`ACq>M7RNp3SP&u+J|(7PL%op+C{2Wxeq
z)CAy}@l?ok0;P;O&^kaHJHi5=cQYKh-USRT?6fk$ATW<O>L>dL{>9k4`WNHo{$Jq#
z1(I@;eANs`)XFmKp(l88K(Xf%Ht%JW^zSrsh<*wnEgR}?G}LopRN2k;yG@PU>7xgh
z_^LkTR?f|XB$e+G{IK@Y&o^sW_*<7jJ<%if#%;_F{tV^O0~wPT0xcGwWDlg$w1gb8
z6L_5{c}<uEPpGBGj%n=0k*t$xj2LZ_J-4$%lUcMf(7v+wy4Y2@Hz;<vNZF`NjsqX~
zJ6QE!#DphaajOM?Vy`gdua|K065DEg0o$hK(2ivSfwvSijh<6OpQQrAF+7{x)gkRE
z-+MKmpK$cd;2?DY#Q3Hln$d>y7KV%l1wfp7r5Lrmbq$4Q4sLH=;tRZh>7ll!61P;2
zztWe?vZ2VjMA2q+&=~}*vyn!Mazi0rhZ7NOb_VyInUSFs@5W7gBU=#OaIT7cJWPul
z-b!8Y%DvW2P%BX2Mz!U7B{zdZt7<Gq*~fKSOt(=$pUdEB`xFzzpnCA>YYveD)#MUW
zE(e9N!|R{LHBE!7Odj1P^EE%O*4E`s5nk}LlG~X_$<-bVsz=ltpjE|#Uj+`K<99W>
zN{pD}=TJlvG`VGZ<djgDi7>fZ;qjp90}gpv97&V#Dv7ChAzfUjkz9m7#59QCI-5}m
zVoe~A>nO3^Fy?S_!x@oA4n#`TS%h1-E~2Fn#fR(`EopJB3$v4I!qvVJA>~MtUG4jH
zQT6Tzk8Q&gXVs>xXW|c-3h^*3j`hd0U-n$)z6r~jcMg<`0>D;^=t|Vo%6Fgnz|oV^
z*e0VPcRPhNU$tWOhuCm0t-C#zn!RfGp=_^y+h+mH23~Bi<00B9L*sO+|CQt6XwqAk
zUBa)PPLzcb1*EEUJOV8b-;~49i(4aju`7v$%Max~i)NoW;D9d=<py2J;B{L)zqgGZ
zj!?Hx6H1PE8_01RJ@Le;Jm=PZjYC)t={N%{)3EFfa1C*qox+5TSaGh{kwsMM-5IVS
zcjuP<9p!AX+f1Nq&P1J6UM#I<Nh}AvsfwTIxlBw9+Y4L;o@@3WmJHuu+N_t}=;hj$
z+It{D)H-xjK{0#$t=*oKxmmN@xU*?x0R&YVn$}gwR-H5SrFB~H9L5!uvv#=C{vk@5
zxW(PY%#{HI;45TnTXkWyM$cee^pSR;F<wLS$OLy9h`t4U<b~0=J%Vw0kJS}lmg^gp
zjne&qajU4LtI`yH>`m_0Zqd*bcBKCS!&O*mm0a13557URW(1^hdj;b{{eTAQipu8j
ziFW@@+*$QfKpO;^J`Z;V*{WCHNT7)OA!s04LsNkco%TnzCaya0AEkKklTt3brX(}H
zn<svo%jBRWAPhga4%8C!DkHOdahVr*J2Eo;^+egXkH<Lbb0@Xm*Dr=rrE9wuuYrpy
zj|vjK38vRhsa#0}Jb$a>Y_nQFterlO^(dW5wq_!GVn(yN0$CzabM1$3ZxE+T+1`L}
zhqR8O*hw%dGU^T_w=OP+QX!o5CfQKsF|txGa}^x!Zb+U2oaU(w@-n}pse-r3U_m40
zzG-A*qfI!h@a?byp@Yi;j`$e$EH(crQ+n>tyWR|ei%3xVW}M<>khLU1bdRYDQP`z|
zAGI_$(A?EaL=f881b~}fYe2+$XG~Sr3v%ea$TyFxX~7D^iGPD7Y5u0fp#H;@(I0OU
zF4Mh$BO$VY%{*_af+Hykq%b2dXG%9tp8llJYM3tfnb5cVI1JdQ(?*E_!Wi@xurcwH
z<#NPgctFO<a-X-4Zm~%)lI0w@6&A49pr2F{F5L0@C0B#r#j!hXm(euoy*2S{h?0!L
zHm5wB#T;}vYFz7D%bM9;FaF>NZs^=z{-~>qewviR@HG@fP_&(XAm1GMYj-{AE+u2h
zuQT_t2rl04r7ROd!#Yn*hU?J>SDr@kcveb;h7l`AJA=yMt`#b1rt>}0(R+-Z`Gybt
znQ?(FORIp`3_bMI^0F{o;MpRuMdwPs`3B689Oy-v68Lr8fTsblM64UfmS-%5)(m$s
zf?3WIo$do{(d|A@rB?jW%yv@}q)YUNYqPP@(T-w_3BgTcdT0H#pY<Q`QFh)EGYwB8
z-M2g)jJ+*KFc3k=(|~CXs4KDkyKjB8`$J7WU4jS=rJKYbB*;&*cv@dt$RC}D&GY&1
zR-=<f&utNZpw|jf=v{@Wt#*OJ=|;Si%;ELFhIfU+WdOXOqjMza1^PFhvL5R74dM?q
zIw9lK>IgB?^BdUb=YP=$wr<=Jeo4=6V1ps(WS}>E-as(n3+)9yfAxCwZ2x$t7naHA
z#rWrdCMQ5s=M<m6|8v9N;>wMGIF+8R9Fg<9IUbA*#d0XfZU_)t0p6G%-TZR3t-aZ$
z5P`qdOK&*u)Ftr;yWSdaoZZR+4A+^y!D#c8P*wAsTJG4jTASCSWNl=+TgBJy#yPpO
zSg$rgjLZ!LdJXuN3(4)|Lkh2k+`KA5PfA=6v*zxSScvGfgl-J{`+P)&ESrG=kZJhy
z>9>Nu>QPNnBohr)vvvoHwhcsiMo=*+DEB5C0Iw%RU}^Dy3Bno~GJ7X}tj0O+U5jS~
zr}A5#L3Uus72F@ryA|m)G@6^J4!<!kL$N=+2_upg*^ia{ZSGSbgD4O;6(L9kBrSWb
z-9^-l_2H#_v<zaI;|TNk876h|Yi$)yq;J3n8z{7~e-O%{JRnA*P5(nEHjRlwnWwwa
zXaiy|^hEY8W!@QfzI#_&u!$uS9i+?%d@$ZQ%gDl7^bUf8X0KD={)Dh$i6|^I;bd#x
zOM()t?g9W9E&Kx6A4Q&4bie~W&~EKWD_AwX_4wm6@Q~#<TKKrm!`mq3XEW`*B=Asn
zko7R}xV9~@eEOVy_ip|`=<x2I^!7UCcCFx1n$xdj*M8-}cGXX3{IMZ%bWK((iFTOH
zR4STwghb;X_o_75lY@x|4%7QNtLMcN1KXl%Mz#8XcXh`7%h&54SLeTdz5a1^{@d59
zCf}-Fb@U%!FFTnT+oI-woUD^J29^1>qNrsqKWSw#jK=SHREsGj9SkZ9Xq8jTKtBEF
z+_^kTWabPizRQB$KBfv)Mq?Z{nZIQbZD^jmt*-Xlr8aJ~WO+wo(GzH3bXr%^6FaIi
zi263ZB7D=pPYzsojH^e9ncRWr%l_QPwm*lh@LVobxl(h2AV>zs`OB?1uFby;iTddC
zU{pRb*1QMQuu%iBNOD_*t_3_E-TS@F2xEK{L(O^*ohiG+py6v`8A>Yc*o*gt?H`_o
z6ZXor^L{!uy!RR>4>b~j1`EtWZ@)n>RY+gTtCG(hRUVc}?R+_@;@Hxrh?6&1JwhYO
z6e<mp4!mz}kSAavNoriEJ{br|>nVOH(V3A2e1>DvTV)vCJ0?;;0|_v|s3)_^e2b3X
zFv`0k0@D#S?vdV-OWe!R;NHec{xS>6nse)nTROpHCDKWYRcH(ZkE?rqI4*ueThJrt
z`+@$8l<*wjp3!E!^z(DL;M)W3)Ss^~XKhEGy^ZHT28ham;t{?N1oI(sCg*;~Z9eW2
z?hLwWL}S<y*OYwe_uGSf{pNPxzsSLl*veL*$;K3d&5keJXAs!pGtyxmGEDcz_VpK&
zo*&7?%RBNcVX8T8*FVeY>yrl7Nj}#bq1wVg6a*CDP|XX~9$saQAU~YxBGP>7O`IQ1
zgyI&%o3M7(@xKq|XUy^Z0t-d;ely(=p5ynn%SA??rP&vp)XyT~`E!X;+^=gNfj@B#
znbJp<1kBO}vwz+dz#xes{w^nmh1F-1cDOV4eWM_m2){O-U6L=$Q-jR;L+7h!m@#Jr
z7B^UeDh@idJ4&*=#fd$1<ny&wNkw@6)f!;}q1W~K7pYJ?YVLP0P_EI_Wv}UqD8m|a
z*D$D3!&3Qm0@_vaFECYHw^G^bgPITcH_r7*T|;_m6PmW(QH5Q-aaIjVZ6_NJlXiD}
zkn8Z@p~5BG49da#Vcx^f%78njJ6R9&U5febJ&GR29uSoUH%W#nv=7g{<0SOULiw&A
zjn=UZrZ9IKIClwq@%TDw+5OknbvlU?$8SRcQyFBq$@P!61fxj0kzoa&_G3a1e$b{I
z2I08hV}R2IFVRh5F}uixgWNq{l3>w(FBe^xHQNh4C|_sqIJ4Rs@yt3;sn!v;jbl^0
zR_`%N`kFRt#NPGT%@bW7^tm3M{8?#mqQ5>dyhb;nQ|DJmavsO2S~OnPT141~ME9!m
zG(1f+2VI>M3pbdaNB7*9<Tqy|xn3wA6+Yg$KW7%y^;4XpxEXPxlxtHpL;0nnI7@(7
z!bAdM$^;3NCPsMTJ{Xf)H1z4w_h$1tg;O%UDWAa#iU}ERRC)dvt!~^f!3b<_-tk7z
z&n@1@@gOD2mlaL@*I3eVl5}@vaV^68Wi&kYUG`I^y6)pV&zv&ySN1(o&|^>~zu>g!
zwKC4Svk4{l)NZ!_#01LpCd=a+93Y-)M+8BbTh_c9>B%L$FRtX<JR&aWVK$bsd0w27
znS1IwQz;)lOA+TyO&-m}C9%^^1=lwptg84i!DuX-U18#n_HDrN$l*+>#AQXt)0x3D
z>H5>4J+i6YCnsk|QzP3yC3|BlWNtPtG8VEwC4PQnW>pWcDH*e-g0YpUi8C^@ii@%H
zUzCsbj<(3me}4bP!HUeRs4A|>^wHABRNlzel#GUn8SG?aU}6cjFm*I=0e>=bHZ^cE
zb#O7YGcjcXe=?)}2cc+WZYu9$Yi#OB_HRO@?9A-NEKQurxY_@7MH!h{M8w{mOos)i
zaI>?Ky?@WHhs>;O>SXWYXkzL__NSkUj`k)hrp{zKWXy_UAIX4rad&446=y*0U+v0V
z0F?VLX@bBPGPA6yow>6G85ai^D+@3XOB-jP2h1OB0DzdOiTx*2WPt0RnQ_lZ@R5q!
z;VoThRd*O5$rD$$sf8VXHV_F;7jFN2^0~o2hx$bkoq?*@tU!!dESzLOB>L0s9+WQo
z<<rG;$MfBd!Ly0))86x=i}&b^3~Bbm*7L)-frgM^S;G^D&@&77utr&SNw&crEaF_b
z!_V=x4s|{ppO=RQZQ+J>#$hZLm&=j6ng(;c7s5d&M?{YlMI-Xb7sRl>&jGh6zn}U%
zuwg#wOy;az&Obw$6(3AshJ-4i#FuX13rtkHr@lU*rsuob_am8{;i>CSEd)fq9%FTs
z&6ECybUjmzNw5I6uXD495AMSSn(zgyJ-NS)3@_BHz76_4)5(8w3xh_mxUL$4`F`@r
z@Z|epd6RXOet3Ho+Ye}Dt)C`2>Y*8jQyK)b8p4A+LDb$ejd;e@ve6p$LN0JBXHEXz
zhv+dQ`{CtRjKiW*AK1Ldu0@F%J*PQiz3@tCsSi%2r6M^jXGy9|T{M`9R?yNf95Pq_
z(Y<2<ZBGu)f*=F^Nniec&t>`*C#m0u3#GE)y6A6l5Nc~uHMcUouQR{6)L-F}!rKre
zAO==zjp`1E`x&YiK@-9)(ASKtT4(LJGPp3mS%P`5mn@$de8w&Zff@Lg)xAjlVKKYZ
zM|Gtx<4qwsgP?Us93&Y;ZdjA%kqUufnh?w<PwR0@A*iTZ`uC2sXF!&;79D&pff=E@
zG(4f8$$RYkGaCJ`W^8Mk_^J;gi)&a$U>kLI<|#puf0w~*{-+bVI=pibWF}u?6QY}V
zKf?=Q0R-#p7nXii5G9wnomy@jqYJJ3;94O@OqleU(w^GrG^`U9x?CRbkRr@gd)FS|
zKBv7ZeA%&stNY;S7GnOqO{(avc;o@#2M{cuje%P;<iO2=4&?qJRDBAZ7GlJOO%O~U
z<&}Lz6n{(z{{c*hXD@2X4)|2;1%7hS{%yhY<!3*|S!1aYS89Vj0)s2gz-RQ^nXRj5
z-<-4SyXa@gK>G95#^J=_oK41bwojSk@|e`gZKc4sS$O>h?bC3o>;gzw@-R#oyFURx
zst8(K17)1rR}km}Y1@XC`W<5aC2eMlu;b2J1?G!HAynVzIR0=r6f!ARXw{y}+S-}!
zDpQ8)t4=SA!lA|=Z2g-<`^cwQiNj>-{lbaDSTqS#eczbN23n>I>%{!!w8`^dg1U$N
z=MX!GSV9v&d*C3w`4C4AewxQHv309M4Y0uvWHhNXl`UL##DC~--WW0*=4POUX;CVh
zVtDyZ=T#vELEl`8Co8s@YMexD%tnSWevkgu%Zi9PpJG$8<3I54HGkmMsK%z1rZGWi
zA#ujw(~ot{+ON8uq)cN>0fe;%vsrh9^d$`zTZRgQ$-K4i`uD1Og}>Ct|G_f=_%8cW
z!t#jzMBs%n^O05u-d}SxU*-Qlv^!TtSXSJ99_U}Rv%*JIsE-&-a;P?Cs93dpO&`d(
z^=Vi$2`8|gaE8DP|3%CH7XJJf9BzT_jZXhy66SOZ{tVYFn#L=g{-gx|l^;o?8%W`%
zioCf>-jPLk>_#6!z^vhqy&j$i25ui!r#HhU8EAw5mGOI(sjhxo51INaosTBNDS+x`
z!kKD(0g==Rr~fxv6Ou*>buB$9P7;n`+%g^}i%fEKzd;XN)8x{{x51x^!>R<(cLKsy
zsL~Se!z);CjHyO`P)3u#>q#}nPj2hK_t>FH8VS-!@Mzd~sB(i096jHG?_6o^qw^28
z)~S6XeK8Wyk{7LLHF&zLkM}NkqMdwKG@gW~%TXq{DBNtDtcUf|PZyo%zO-;I*PWKT
zxScr9$-9*`S&!<KoNBwwg}10L*Y)T*-6-p|scJCK%*eR>Yen5Q91Z5a85xHg<$s|l
zGNTM7P?OmJx~KD}dj)^Gw*hpoti`&p#kCpep7oP<x?2P5srB<+N%zBSGjh<Z2FtZZ
za!2#S%t3{`p9{34$Kd42>Q+O+@8((~y<_oV=CDHDuMS$$XCUyPW}q=Mr*`9_=A-v7
z7W?MZE?m^S^>7U|{*~hF`0MFc5#YO$VS~)4!)uL@4&H~E(+bx=om23uyDMSTUGdCx
zBJrvS{N+jf<>~Me7z^(sFc$PbV_5;la(GaY^<;Ggj79qq7|WYKV+rXvJSzU(T-;t>
zTv75b7NN~_?d9PWC7VaZ|3Y!dlQ>{80F%kj<*sDv&sffZu`E6UW6Ao{Lr%ZC;1Zn*
zr}0dPK0?k7FY4pWP6fdH8(=2>!`$+RdCEZGac1`q^Y4-w1I8z-3k?jv|Ktq;VE>sL
z(l?iQ!wXjjPoeu~t_%On^#(B4b@#wr1D%^Puzj*Z(P+@$V@?O(0A`;p-#EX`p=rIA
z%57)PYaWc>T}#nW!lZnQnuycSedInVFaj_g(OomlmEJd(6F5;($+Rx7ZoiNIdZgTw
zJT24VozcIDFRNcXTh1i@y3G1rb^B}h^1a@+ypY8JzMpXz1|93NqxotU2<%$?{r;A<
zB;oDGTU}%6jkoUj*n4Y=hN6mwLl`J5C2_KKTo0f4&~V*zqYkKximIacYQ<*W+7N9i
z%<G$>^$_QI`X+o{=w(&wfm33SdqIy7uP(m9H_FD%#Xz>BLigY`cSg!JqUeEk^HoS;
zQpx0TRhzD`7zG`9U4e$F<n}lZ-#5;etL}?QRXF0Pu(;`HoHmP=8fN>rY=BcYtTJD|
zNXK0Hf{<NE&LV+Tl5d=+{44{LX;HztB;r$0Ja(y;u5vZ?UBhBmRRInzrez|jS)yTe
zF^PA!*2}#h_&i7HV81i%$1NaPMQN`3g*io8R_RR3rZks;+!K<xX&EOkF1f<wSurPA
zH&;#UYwZw5jWnPiqg^3V*b&gr1L&{NEAd+%5=m5>rhB9;bDgD&YAz@o6xw)?V~zW<
z%2eUfz7B>M4L?@>&PW}Js^qZiwun_yUh@N8p(^yYd`8GlHD?If3fE74(#pJS_3(2f
z`9%CfP;Rw4edcu>^?{obAx(${uA1Aw3!pXOdNqiIBDs@*{Iq-RSB(}-NB=|Zx0E(<
z=?rpK(t+i<0{6yG?KVu>^sMbQtCu^k%dp7HE_+I`WYuQ^&s0oeGAduN4;G!D>6Of7
zPQ$mwK4}gd;<?JCM>2BDxXewMF3CS$JwJg5{4N(LepKCmQCr+A1?Sld_l+JMy(Me<
zA7uS?TvXrp2aHNHATdLCcStjY<Pbx*q;v=<-66;jLpKN_t#mg?cL|7ew=~iy`W!#s
z-|OD{y3apz_UygZ+I#JD_S&)D>l_+t;JqTYffMfU>7_0okKR6VE|i8A(Bnb31z%{7
z<X|8BSGMoCZtXrfD)S+m<|9d4+4B-^`5gbOf~STJ!-t1}JoWm|%ov&880(@tO6$9@
zmsjyRotV73Nc0<(XX8fI2Sd-551(5+H9eZ~tlRk`+e$b8qVMTC)8U6)#97mN6>7^{
zk}0<@5<ddCF+p?IgY)y^ngd;L8w-Q9li8zcW}nI29<1@UP-zUj%ah0J%xmg2UUunB
z(~?GU>m9n*A5D*QudHrQ0BO}v_;Qu3folvVR*5NzXF1QHn-wO5FKfG8Y@4lv(kj*d
zIw!}oCb>Pf#bDn(v{@*%zO*{>VX3-+`}ze+^Y_t!))kEh|KLwZ>~7J-yir5Ne|YIX
z_z>S-db8*5Mdk;zH)AMZ<UT&6vTBFMAUie2hkLihYt}kU4=K{+J&0Kfc^#atkq*q*
ztD@ZqCFjJ~515&5j)@sAp|l?(T@vjVvo~;)M|Ds{dP3r-=%20AqkX8Ab?mu{4*`e`
z0937DutVYt$HW&7A)q15MY%9l-$Bep#TKT`1$v&d4>2z)a%^w$_%^{*MZ52^b^8TH
zhDoy=djH2!y+FBhGL&3FvwcKeQ{;cR5SQ$dasVyYv_(pJeSW^f>sVA{%EbY%7e;;(
z(ph4l$!OXQ_!Q{0B;>N9tCGyK?kZEQ!%H=LC7r!vaIEkdb2z(=Wq-a+3bfv-le;mt
z5<N&dYx2l>fRaSRYFfy0>%JDv<E_-+To0x4R6=t)4BjFnIBZ&3k~%Zw?q+U|o4p?~
zTw^e>Yi&7k4PvawPJ6KWc8y(}g>&W9)$Cs!%xpc4-a%%bm%NN8R`w0A5}hTmt3ms%
zuPg;aO1S&Pqj~Qw^%?d2T$ne-%1(TUrLCKp4o~7&4|Ur9QH<w%5_4b~mRoGM@0z{0
z5(|5*!B<b-Tl5WFuvy-zj7PBPOinjZK}fI1+edNcZsthG?nf4yX%4Ih8Sb4WhYoz!
z8;g{}Z()JAUbspbbBlEu#=MI?Tva|1p8~d;Rs#GpYh&FuR%aw^d_U8QY{r}@{&HZa
z*v)4C_mE7=ok`}YCj|UfRDBn?#u7B-Gjfr*&APd0P@#EHA8|9>ESDFpbXdTX&z(Q$
zrHW&M9ebGgmcZpL+ML7$54lgayjT6AQlO^6D}h&d_WG{^J(c=J$Xe`U7w~%D>*=gK
z&H-N|PwU`LS<yEfW7}L#A44gYnkGO<j>x!KeT(s>w))5>s$MRZeC*}-a*F>XS)&vd
zNQL#CHCEQ}y};$CKhL*<=ckT;J#h<XVBTt{w)u%B4Q|hEF_X=TAUKv1l-f<hh>-V{
zWA+K-)#7zhZZ0$UWh1%B9~%8Bu&G-0@gTtUsc*Nt$lpJ4BFggE=5cql?|Ie!ekA4%
zlzSZ%0`HJ>rd(k9Vca|Lu@v4vL|(HXvQ&uvLDUdb`?+q1R-lY16~F#{>>2*0%us94
zCeBJGmWg@KCg=9`cell`^D`dn@Kwqb2b1~FdIGR|X84`Rw|EWi*9@y?Kg7wm$B${O
zH*c{Tf;B!eu!PRlNu{u42sPzNAE4}mzf2evG{1tBq6cuQjxPhy(d?|`hq&~nyYzIO
zWaqU#>X}xp!Y|)WUnZY(6c&zK?6uze-Nx?H#JE@{N8?Fvn@IaCLEZ5jY;<1?OnJm;
zsrCe~e>n8qyv9E3@;VuLW<<a9w8M($or*t-54&ZM(tdESKo1Fpo7RBK=Z_<kV;#T7
z%O1h0EE_C5cq;-GxL&gs)?Pttwdv|C%^tp*tB^ULmG5F)>2V%C+YY@t_%uk_fnP<^
zn<9%8vp%yEw&A9L^hlMKBJhz!LlrZbPBs`TC?r0;EryM|_;)?1NWVIOoQcJD1lc#o
z`(r`O_G#bjV=(pXT;ffzJx%AA*p`@P<-6dm4<eG=^I70aN`eYn!nfhPFbgW*As@Er
z>(>w-yYJpv%riZUx<&$1muSeUp#190bF=G)9sWgIbF&UGWiwHyePwYrnX5GavWR&r
zFu*?!%6>}<Xo}J-DZujfJR|4XzODXy5mry>ijBz`74Ou2=>1+k-l-vsmsC<hq02Aq
zWnRwmRQ9HF1S`7CTF+-u98a_Qu^(|qBK!wI*H@Tk#X)Z$ChSG8_@&x<MCW+o97q11
z?<jsLGkB6WKqAA9p|p#0@Q^KXg0aYf|Ah?S!9g6oOn)_Jb8M90{G&)*v69#wW5;&g
z4A+zgbw=u%PD%O=fu`GR@zM~QYlV=wID;eCewExp3t17H_|@F@Lb7blhs9a-TVG!i
zkIB-gy$zC21McD}`5nkSA$4@s4X?k=x-?#;r{LPj18BGdp2)I#Sk3!q%9_4WPf}S+
zr_NSw%E}0*M-)EeIcon}^1`lOs|f$ef;ukX)M<1mExC(wNx~~0j629#xJ^<Zv=AtY
z(Yx14|NMdhRR~uD<L%c~i=|fzSZMhL9ykTpjYkCLuZ{Nuk#m~rMIX{12sDFcOO2KK
zjX!Ub76>fFuFs0%{Qwby^Wd(WR{^5wcE(u!#{0yuBaeBy&ZUOQdq`z&7WSVj<G;%s
zgyey(2O+FZIj#JLws&!5r7n~+L=22FIc}VH0mp;xS#zP45si~YA_dp2N7b>b22gXx
z5N;1fU(SA~N0-lX7Ky0^XjYYiM407IyYxk_Un^@yMLqEv{HL>_#y4^LIdP(;sJWr4
zE&*?o%|PUngov8C_ToQ%x{Mod-KQ`5xaPz!U)GGCJ6Y?l^A)iv!a`VkN;l3rsZ>QP
z!w5!<_pO-<u4|7765=xF?iZpQf*cra4S_Bb?)BN%WjZ6H!;hWCJo*wO!H3F>_qySv
zKMKC3>u!TiI%W~j6CWGZA0OMzzm5ECzcW0{y2-?ZA*FxjZf7Ikp=F^toS&p#w`(me
zgnDDJ?`>B^Y&d(e3`*kOd`%=lpNvtgvUjhAHu>@Jj(J=)zorhPZ;i#Vq4u<b%U(^R
z)#7;>!#nH?3#<wl4cjSVrj}p<9{Lavk*EIvd5O+vayri@r`FNE0-ATbUu}Nq8l2T-
zLS;F6S6Sn&)NT5lkCM7YjDf_^zc^ae_uFya{g)3qi8_m=-~}4g?BPt2mt4@>7ArP;
z7DvmkU;B3RXeJYnz%y$X=^ZxNg6Glt{G6fRs=vjjvhVrGbm_SIs0g4OwmqNM>>ab_
zY5<lgdMRJzxsp9Dq8q8bEnrlIH~^;PM<Vxh6B~hTsEDH26n)$?V5Tpm&YBubb#;u*
za0#NF$;Wq!4cw78UKea=gP=5bVkb<IKU*gU))D+Fo5%mw5wSX<Gj{^P4zVvBV_!G~
zf`$ec0zG0}BL>;A_;>sfwfv4vENCtZ{v)SU=DkcJiX#Y-;wXFPSRSFTi0WDL>Z!Z6
z^EvX}L@aLU9{emCQZSN+wDv;(<0vFx6yMX8sPU3|$xflBSWstFiX@}P*8h`QOi}1%
zTQ06&qVxOo)l>h3z!UamI2fAseLk2nwCVi`EX-=nIuZ>Ji?$*|5aJLvpb^bpl^vJ<
zSQNDe=Fi=FBKUDA_!MoNbdsaPO213RuIHpV_6LofRWdGL@8xM7q{^;{Er(|_`H%*r
zYqsj~;`sY<N7NM~MT*pD2pXRue$o|M0Pi;~G59>_(l5y!pSv`NENShTrPMR4$Il-K
zrX^6*FB!FF;(<Rm?7sdrfiG+0o^Xfect|#a|DC7m3zdD5KhB8AL;UEDinDN+fw?GW
z#!=ijU~woL+w|cT$5w*0&F!!hN0Y@Os0qRF-i}EV0}?cItB=mu)py-y1t&;ZJV|TX
zt-(-<CT|P$RLlu!ODR6a1^n13W+0(+I%zleScD=Z$o_-t<w?1vm>Q!;rD5)`&?NU&
zG{4+sB=}H$-}~LBtlViPEqT7|m$!^NXiPgK8+#&jgbeL;0K~LA%0hy#zz4?t?TN4b
zB0(&1o?m;+O*GqaRO%yA;zamZ3uz@KphGGa=52!x<*II!0*@tud$NrU>-6_tv))4M
z;T8h1rLb`&MT@Q=Z}CuAip$Ll)Ey$G!{cET@Rwr-I<n9dY$vPj-E9Uw16h1Q*4NXr
zHqH>nR*z2O)%chxl+V{Anej0)8MP~J;6uF!wyn?|@YQmB%)$4l`xa#$q9GFrUesS%
z76dMaS%bk==pwiyg8HBqN^9pxURvhnwY*qwcLvq&i+B95Q=a4=u2R^jDJkYLwH@eD
z(1B5KBf(tOOT47cN{TQmKVf^7T!E3qIe0SSepva3`r0>J$(O0OqT|KQY$Xv9G~f|b
zx1U!@%+SV4u}2=CGT^0uV!io4qPiVrK8_?$?CK@8eaNa4PvF$X(#;(OGEyI1-qd>=
zBQU@}jlfym8w^q3B%hzpzpQ;A;e5X%Z>wgnV3CLTxHuUdwVuvL)+;G37M<_ItQINO
z<a6#uFfl;Y<Q}!d%K_y8T}tFtm3&S#Rkp=E(67xUO`06ii1~M;M^KO-4y;Fv2p;Ns
zH6meZ7|UNXLY#an9^k(4%dRi6a5hVJGJz;oZk!oQ!%52n8t^4N{)FZ`wZZs5@p>MH
zwMF1diKezKQ-{}z)K`FP4!(-K{X)pK$Iih}7<$WJ<eOBMM2Uk80Yy}BU>6NpXvaF{
z4Lma;2D@pS(O;>zgT7%wKUJRUI&b<O53Ny1zeS}YQ{UUS5cW${T?B;V7vyb-PWtum
zH*8o*!IdK}dQ?dsrVhH)2J045<4sF2?iDif9hy6E7T9Qk$iGpM*5CCQfgjvIL_NO~
zeZ6#KzoQHiO<gX`89Z_OEAl46`^^e1>H%ozgn_V&e2zG?I!s6O4Z%a6>B#e|7<aqd
zysyLW*TQ-d?w=p1x-b3BUmu^z&rL&nixu=DJ~G!>FqvSuBsoxq<H`-Q#Ok3k7XK+S
zM_$)r4_{@~Q0f59qxgR6+4%eYFe!ff0s>TN`v>|U$ak#2c9mnmt5SDm*Wah$XHN&o
zD5jl-O>Ej!Qmtb-xtGm}b`q$EHY$`-ZDR$wR;AKC42XFICu;NkzzU<Q4^EUq-h>4U
zo+(jKU0?+_O^7=yKB7?QpAv{*`G1fVl+Yf;is)a-=cs97_p*M{Lq>%WWupR>8D`H!
zM|6KRl8M%m`CZs$bmYN=$}#4-5Q~E@P-aT+jDOYgq@Kt&gmBpS7D1od#{Vw0kt)_s
z1u6@05*I<2kX^Y13_%7n;z_|ZbNh-<b>=?F7h;CSa*ASS%Uf4cNnktu)Twm&O`nD8
z6r&>=kyz&)HmwFy!luATK@i@FsVajF65d{kIt9IkG1$)MYlj1Rb0H@3>*nHk5W;??
zfZl}v)7x6v4YTk)WHPaig=J%?f}u#W01xPUDxEn+YMm<eNJSb{Kw(0W$Wdd_8^VXm
zD~5`Nn8s5O4A7Vm&^Y{`#xS7WF!Y`-3ot_vBn}(sbaSdC<>w+alxf&DdabYpYG1)p
zifrsh195O@g_kC~Tq#u{cIN`S0<&%}$2&1n9WbV}EeS`l;nH~cag@Rz&md`*cOL8y
zKP`pD;i{;n6#Y!uHESN?@UTaeG|7#a+>NszxZ`^l;};teYv(%&GwOAG))ZqBq_jAH
zzw90+1BTq4@DI&cypkEt+obBJ91odwX)8vuXe98#=9mWh^5)LkY@TyVv|!?z^MxCU
zrmdKw?OQg2%yqY!7t~pxJA<kZxv|Aph~}A;jb(I|8OF3E7Ah}QlxHYiXFZ3Eh<)Vw
z0^20I?7OGf1a~0_EiAJ1jvk-<k|rG4K}JM%cBG7?37!XK`>AC(LF6WG!@#;2G0<*`
zkj1`z8qME_PH(NW(gi=7Ux`8AV*A_6brN(Zv<i0an_oR=2vRl68yiS~iN9s@pC7BV
zXUEdigQQp2zImiu=%@UcfjSb}Bk|JB>}s_VjuV`k$Zv=lXyob8LrH>=mK<qGoc{5d
z%V(NDDq<DPN3AG}lVqap+muKD0vybTwvNsU1&(rl>$k#j3^znsWYEdjez0x*N;BlX
zOTS50D@db;o=jxM3}nW6-kiioxztzvuG~=gyg{WH-RB&Cc^S`j%-_OB3GtEKz}f9_
z0RmamOoW1;WNoZ^o|nfHQL&|GACcauzPGCl-W;-_F$o;>iS%+6?Wg&^Ln?B>Q|<fl
z>U9RZMBT3A?r70TS<|a$j_FF==k?Yt9&K0(<CF4ytFYNIP|CoD5`pRWlrtHom??3n
zVLB(<DMqjeYgLnl=)QHoi9LxKvRnF6{l~GM>281cUQnLculwCjv}gN%TDNw|gJzL6
zF8NAt4o(MG_KPtzYwuvqffj=n`=8IBL>!&4wt9t|Q;<aQDnGJ1a%{JYR;)~mN>SkB
z+RqC6NRm>YgJN={H<5!zX%dW8ySPsuKJxPThul}Q#`!&~2~%oZUmKQ<O4RN8wKrqx
zjsH7}*P7$W=9gi2rG6c_0=IT~t>-ALzX1C_YK<8y7zbIlsi-PRMM2<=f&Yj5ev<5c
z`PC>Wmk5jdXg+{tU*#;S<$M8!Dsds|VgttTO>$_Trrcjo;2t+S<eCOI&V4Mc;R?}8
zJ@-NeK0lYn9IMN6KCSurW6a<mM9^5zDQZ-_+xZYa;biSP%{l0vc2-ZoE(q_>&P_UX
z;1FVIyhVMpx?q%c=I<~bh>TfUmH_cmd%^8c=&sA^AT%OCP6D!^O1G`exX!htYs6^I
zx0ZYq<BOAc%U~VL{@T;R=iV>m(^mpPsn+6AtXRXLpe}~)OI0abmS(W05OknUiXc;n
z@9a<K6k7XStqBdZJsgeyN(@bc*LMm-CG8v}>`BVCcjD%4Z4uC|r#5(J7LgL@0)ZB(
ziy!V_I41`jpL%~qqlG4g7jiqnCn;4dR^Ws;u}Myd+x0h~uY0bDfiu>HU4i-o(?ZUW
zW<dp90mw>tbd%87PiBm&8ExG93wb%`&yeyWqY>wNn*e>)XJkmi<yDAF3n+}s`y^db
zf-G4oE4W+oBrTx~7d>FT<XGV4$K_Lz>YT|_lF^J!R$0Y%^bGr!Z?|L0iF_H|g8))x
z6<jl$oVaNC9P)V;&0Bo%4Y^31=$n?eA|SVCk`~aIU;H-_0+C*YxKa|)EfP;PKWxS$
zTA7-Bl-F3uTo#C#Ayx@vz?s&#MLMpP^k|DjM~3NXl;Pp%8bc#Tt8d?++Y5u;m--7Y
z)e0(|uYc}JMT;V}(iU`$dYzxK(tBrMb#&H9s@=HXdJSa|=7ruS@dvz>yRo{5)RCne
zJSo+DU-WZ9J~{S`x5|1#)xHhq7cT7dXZ-u)0d#}sN)`e9Nd0=rG#0s22uT#pX<Nzd
zi>1`M^b{LOzfWaxR_aFd`HJV!joKv$LpbgE-O?*{J|g*7I*?R3J|~q{e7CX-|97}6
z*F5*-=ce)Nf1?}GIT_MZfy0sBEUWh${;^Ppt>$m>HJ?^AM`Cj@6A`%C6?~y9g-1L3
zs5>}*Lk1#Agmm!1pZJzS)273Dgte)C5hPRRQnAdEz8pI1C`u9$wM8A)^#Vz*aH4b{
z2QxTtkqFVv!xNhCg%KE$?a$6}@o&5L$*8vk*Hh#7|Gcs6$(NIP)4ZXT04AkAeKYh7
zsu%ks9~WOHa)XSziiDKfREpg?V;!Lt>MXW`=C^<-DQ;7b#G)2qIIUWFE#6^m6fO#S
zEpB7l$BNk90_Fx@OCrY9oHFZhb?l&VJ^id@&*8hL*@PsM-Y(hrXA9A9|FIv7G6)fM
zd`@%&WfL0vF9Omj#&EI;YyE3RN7eM3`0^_U4U~<5CFJv6|G`uz0*-o%?ICIFQ3et<
z3Q||ms-?Fwy&kk5tl3KHXHw=eIH?CIM7{=f3(3y<xrBd35#`JU?lOKbo7;Nx0I6gY
z&0i8hw*(M(NcUqhp^gl*+z*@Nc&BL!0$K*lXY8wxDtt!U(Uwc&#wqbtl40)m?n=F;
zLA^(Mo7{**=yQ~O4=ab=u-(>6Z7UX1WGdfQZ~3Lc7Nh>x`?$M}T9|6=`h!6`leGy}
zuR?RQiBI?_DE7MAFs2G3ctbH4s#ai0aaGEl<duhm8!*EZTFMf5|1a&OYf4hH7d19%
zjubYX4;Hh?D-kR0(Qk?jTf*dH!f+McD~qETI;lq#W2PBm$6R8o;&IkyiEU@ShYOVq
z{FomWsIn~GG{`eC_U#4|B4*7Ei5KUpc-J3(E%kEEo`X1h8pF{e%^jz1RXw8-CWekv
z0!uU~^EI;;*TWaw0vf7#K2p6pVQ{EBY|yea|6_1I{WfVj<)IO92p?IDIo7_jg_r#<
z+QfLcB?9=1p;WHi5?+kSRk{LpBT&UN$WD$Cbq4C&F$-kDseB~#$>fmMw|dM3MhBI)
z!%1D3A1T~~IgUVamUj#*8zI59wB*-~+qCHxjw;>V+HP~v*z;FKOJzcL4yRpxzu^d_
zcb~k&QRbK|=qEFpG~+Luju!uD-!4wsQ#9_`Rbk~oobxAwgX$u`>%s(o;A7jUb*2md
zSYv<TFW>Jai?J+p_EFm9n|RAMo+yQ){yVzXK!Nm;xz*W3NI~yyV}qfbnRTyOo97SH
zUp8Th5|GY3Ch5>-(0%lHiMVj=i@>eA=UG9y$HY0xwRoRESY}fv^ad%hewfg^7DO3L
zJRK1*zshl#^)M3L1?aymT=|QpKjs}>s(C7Irl{?>eBTIjdZ*1SzU_Js^)Y{r63u2b
z{!L4Ve2$xEjr|3_*Wh%|$L|ue)rQp0Bo1uo&o1zrRAyK8K<ybII-n@hr-X_2g=fvs
z&;LkiJuXY>Lj2$Nef>Nb1yDBhb8bRdR|><PxA~M1Ndea^pAx}%d=clDr})=gO$GA@
z76}j<=QP8WddeKdw34vrWdPxuo}P%f+0}fF76~jWM_(X^cDm=EY_wtg8}TifatMuq
zeF7TK@v{>&r$M*8oW8gU@Fd^V<gVfzb~SWra*Ut?T+M{vz&Rc2{W92M0{XP!PJ36R
zhE=jp2A9f5iqy2*p4wqkusg^iXh3|b41qO=_zLiy0#~45e-~>mc3Y-gaRBXzYYlVB
zZ{YvL;5QUN;<U&vV$n{hgDuoshC)d@?^gdKK2lLcJ89c-V3_vLmXRoF+)=Ylc8IKm
z6kG&%OH})qrBI>VHi8JGUKf86=Kh-D)Xuaib8I&M>Wg5kO0{8tQ<|Zy$#JEAK~TL^
z8q1PNwJz%p^!qqDX~*GE)R!|#3tRWM+2^U&K{M9X-%SZ}&Ik4z!xxtI)M0C9nX4Jg
zrd6a(e(D7SU5X2P!pLK7VBYRs?qJP(y^3|*?04kV1|+DP{CLdkCY&JpEmF40dre+~
zRhHSe=`F8UeZ~RWnnMoD?0IH`31R2UESQK_A!=9B$BP<usimSe8?G2;if2tvku>_D
z#+glSBL(KQ{qX{zfoT8kjy$H?!Z)C1N>DDv1&h59OXoU+y$?&bU4Qr&awN_7_|g4K
zc7s`o^abr~MDvkVkPeOL%ixU#ZC1keIz%1JN@<nCd%8eC$`^e$FL_9IH3T#H`mU<M
z;})YPYh-awg7IVB%;0q4sX^Z<G$O`7-2MDJGcgaR^#&>@T?}pbV94wDR<a6#8PRxp
z1xiM%@T(H_-swWM8L_meP+aV6289I2Hoq}9UbIdwK}14t`u4k3#g2uv#B*(*&Bc_@
zuG$2Kd+yXyqs$Pg(IrTDjDL3u=@xU~Y)-YJ23rCtN^{>pf?WHu9RURs6QNDACN%Sl
zb$7{&l8eG6{$4F>2%d5b-OG3-<W<UzUi!I~H7cbsZ4I5{694Md&yYSX>-*&VLFTy?
zdveE9vi5wIZQ6(|ldXt!pK<v(P=&wMZ}t>J;ak4h%$=DVk)K++`1gu2Xv&Sf>l%hC
zoYRg|pX>Tjl}pv;!-ZMQHX9pQOjC<fnU~vKxtKm69E&C3gZ5C+cZ;t<68Bf}!st~h
z2Sw9pH*EQQMBY~%J)4?xjRLoYniLT!T9w>BKY!4efYK%IQ!k#f<#QA1B!Ck<A)_|#
zkg~KN8dA0$z3>vur*6w5pM9Kd+gC<D$G(7qidz$Fp_^b0x%`M`v#MAVpf(jRw%oPa
zw8FL&O^Rk$h>AykBgKU>TfVVbaKS6o*Rw6@dUPxT(?TG1Zn|@+X=kq%r0w8yH6fGd
ztNlMwB9V6G6YAXSwQ54@Rv49*1+O3{WY@r4gS7kRQvS;7{RIVUR;9OS?YJ)jApNG!
zE%*{3D*J@omH6`to#QE!6+;mpED{l%d`<%)!wCy;Am-Tdt7X^eJ!66}|4k|)G{j~^
zkV3HYVIevn>DyGC1t=X*#VmxT5Q*q+d7$AA%w*Ja7e=`DRJtQc?LbJf1ucXgM?T0w
zh{GnR)>WtXh6z%Hnp{M#SKjwrhENuVh;igxA#kMedmpV<^rg?M=Z4B0zaO7jsaS@9
zaXG`adS&6=U?fR6SV^sP0wW!=N0*ex$ijg-_FiZ8xQ9^{E>NHnI7VuM^RoscV~g9-
zlVi9Gk<nZCJLXP@Ty+pt4NM$EF4a%0)#&W_ns+#r4+V+t#R2Dc9kl5Q!~Up4!aGac
zX&WOP-UAaUB$rwu-ZQVT`rYoUYa7GRpDIV`7QGlCw4-OF(KvyT1F@q|N}P7pLH{Jk
zj?3DAGoZgIuQ_cZQf}D({1xeU&QIaFoR{kZxpL|zPdMLMk$j8HL*>jcYxE$HV^Nc3
zWGH-ZMZ$|u(%WPdu23*zGt2oYMj_m9p~C9HLC@A0$_XgGrJcrOL9C1a3dU)7JDsS<
zQZk284A}$f75{7)9;2#|Dxa-yXu}ErRH}cspf|9XVxwKCOQMRri~OSy$XQ{FtEHe-
zVRcWaFN4`oK8H~XVPyb#BMk>uw)Mam({?0J1~>ytIDtMZ|JP^bK%X^m?$ATZ4Ij-1
z%7K=5b0Q$M(Ti_|Y)BH(PRhJw%MnJ(%r-*u6}<zMatos6HN*NUT15t%)-M=j0eKk-
zFT+2;tVrg&qRkb4%Lo4DlAa#B9@m7$<bA#%%8v=y%1{}1u2+q^S7Ii(D_~=O7gK}V
z^MJW}5y65Ut-@)`Z5^z{M5?pRmRw*nzH9MYB0XrIt<Kf-Aro^Da!8kCqqZX3d}pmD
zpGb9gc!xo1DFyCvV@$e3lR8*tVtAT9-v{%i*-hamk*P^HK_69XP(bB^V6v&)+*v5E
zpwy!jOtASLp|PvSWnnYsFkA->LeWAG&(w(IOksDR-_O~;W)36KsU(ts9sDIx5Am^8
z&Nn}~l?!OqSFS1;f9G>;=sLyr3XxF|-)YD>m|>rX@F$yEBs@|3-Iy%8!gbyOSW!!l
zfRXTPropd`l(P{_iwi;eDNdVhlD;hg`xF*ePt2#xmRoG7_#PbOIXEeXG!#Th2@1am
zr5M|pEcVz?<(;m=MTj7><6!KwRQ}3_zA}mde(jMwR!d?93=QA>Xhzm(#>{2H$R;fa
z$}2(F9s6;XBgj3B9eErdg)G2c6U&s1p5&F4V(1^>Qe@4olLkiYESh38V;)MP4?UZ9
zEBk@WJD4{5>w9(y1#qkyaj_CR(jw<66e$QuK1ggCD!Ar97`tF`X)$0WdI4wZJc|8c
z!SY7XH9;X3RzojVL-v%MJQ|%`KFLfYQ~Z1Tv&xtsg(cuz;(Pk-%JOA+bkjkCnoh%j
z|4#ivd%twCkixQW-~auX*pCY-v?Cm%n?e$xVaxPjlGh1*+S4D0(^GOvunoRdiHj64
zT1+!WIORKp#?wV+BamTOlk_xLNgY$}w4O6E>pA?d_i#n*=-ZjBiXdgp1`=KGw#9xD
z-eFsMd4Hg)*6s<Px`q?#K5MCIyJSt%_<cg5i-K;F1e~apCi4~GcZHRK<;=8L8Cew!
z4@lFd+}O4`3hp$vQ}}6K7941d&Y@wB>D^EebtNQi;-V$4g55Y~zVR|@Tc<M|>`vwT
z^?jmApUOwK7SI_#dxGn9g+CeIbc-mZHc9B|fB{&Gu)th7ntJkk<k2GN!LGiR7+xW0
z&CyFPXpu@$*c75)4JHEBLqgFH1-2Edp~YqI(}v$DlM{S>M<+LX-b;f1QSzq$8TkjC
z2W(UH(d1{TFrxyY`z%KYyGy4Q1U@wqn^X{GrKMx^L)S3>%hycy=vZj37_x~9wO`$I
zA@oaTSfte7C!lyI3hV0^hsSS~(zq0~8LC{Y**U%PawIoW4pb{s`<0o&QgnRRFa;`t
zOR$leR+=7;zRgqMzK|nfKSPr84`_YP=A9<#iB$^oP$<4NqwYG-Eb=L7Z!*j&M~k!{
z=oLo;PudGB{wMKT#EU%RS`E^L`kj|Vuc-A&4Dt9Ww9}odUtN4rSI<<^Wu4GYQ3oPL
zxZ}$RFO{FRVySt&jFV&Akp?<zEK-NWn*sFkA%e#sRs|aDI5>u-mnK;flgpQ8mCfub
z)+~YgDXT8AOeX^(ca4&rELK!TxMirUpXS<~ixq3$Yc#H#zq=_T3c8`8BuIRjpw(^;
z|5#s1;oFn#ZP?qRBKXP2kXvO0fexE!k#G)gl3@JgxU}9wQrha<W1_5|-&EUT#W~Gx
z)q8eH4_qGfk_}Dy(_E=*v7Ra+xhpag!SKWytZ~|01W8J)ks*ItW*3j<YX~C~1U?AU
zu(2FKFe&#&eX+vhVui#ovYNsOASY`(`OH&%Rxd-xJx86nC<|3fqKZH;<$f4xp{hf8
z14f6X6PR)H;01wi;K^n^0;!DZY^!ElLul6ftI)?LcHg$ihp#!&ZVS(ZAJ)szDgdYu
z#XAx{Ya8;CNJ2O%`~WgT=k*T4x<rpF!O|}W$vng}ao|dGJui>N6=ebCvb0W#DfAc6
zXQ%P~NLU5)4~5kF@YN>n0RqJg3s}@M*J{6$?8`X`T2?3IWDTcNAhL!@Nf6l%8M6)J
zAw@Dx<McZ)kySEx#-ljI2ZxNSn(>fh*s=iHH=@^Ol;4O>ka}I?-5-RSuozHR-3YC+
z&2&~j_Mzbi5X$i~2jHI>24be2f0Q2-K9+Uh%~}Jyf&vKhk0qW@f8zEVPaPPSW*oU&
zxuHiGMv2m_<sHkGgxpfox-Ntz&X1+b4YC}|y0*S1kVDUYUr~bv=CWgBUE;#^i@Iqu
zX4n+~Hu-5enGUM&eWRLE;Wfp5Uu}@8?~zDmp*9Fn4=M>1fij}j@Y6AQiV&`J5#nax
zK!cnjT%-YQzxYPT9B-G^D}Yd2@(Nt5!9eOFHGYR%AIQ2-bEd=D*JK`TBz<L)Fqk(P
zk`LZe5Isv8ARwj%jIw2!G#-7Fr#ys*4=sjD*_De9`1Z4M6C|Zyg`EEaa>Bw&%Q)uJ
z->=$`mgyID6(8$&$Z&+-i?2seS0~y5L>3wt*fESkyr_g1nWu{BEE$sh+y^tvAHbxH
zg1`=ca|yMU@O1_ns{vzFpGLWlG7O=P#<h(0+rilQ=cGyz?o-aGUG#kVQAl})U`0}?
z3>i6sQ;CaplaiDi5wDbvMeAy4K{!g+&a|}&6zM9H60g<xwQ+7@gvUmjTO>*j|CAZz
z;pS8RH<+p{LuC(jNQr4(jV%Z%sZA`jKwl016CgnA{f)>uI8=5a_{tvvkp15%iZ;;#
zcK8^WBM5E+o0VSFu+*8;sFp|!%u3~n0o*m94e((rZQQ?!3TdPxBEgrsMs-64q@3i?
zBj#5zut|Arrlb_&rE^;XA!}xp5L=KAogm=|OwgLQNkcyzF?<@8X^3>*lrxNS82S__
z@G0TJfhoGh#&G7<=Ve2r#Vay=HED|#Z3#A)P27PvkzvH*^bF|)H_ThUzh4C=*pXw6
zZSPrfMb;rcnA*%Xb@IGQb5L@u%>-uoNQj$s6A$t^oo#$;OZx9V{?;SL&z4cPwPtx&
z$hZJ~S(CXnse%xCd|Wa_a?%yN?Z(3U>n<m!_by14-+-|%=e8P~iVIi>@Yg~%H}3g0
z7>Cg`(gi++ZWe&geK_YeR2szQ`{kHVJ!QDW=hbA3PGttCTkUWdzc6hdn0`IX`9anp
zHqXdEAAKKA%e?1U2QwQ(BpjFuVkL=3g9X{9_Z$VVl2(&kJ*$RRe*ZuhA@ES!Hx=xf
z3hP%HhwxbTJ{O-Km$d<okzyyW9oF7YLV^EJizcsd*J554dQ3cp8CmfbFlVFhnF^vM
zJw$<;H~uBwzwKWYn;(~HFvItS?Ncg8&F13MOU$cb)Z+mgb;~pg<cEHO3W~_kbc!g?
zOf}!Z&~$hduyg=6^a8j^_!VG5tZ9*{=zdINJBFE1;cdPtfq}UA6wp^7ft$2SctL?>
zyhl6}dX2X%GX|kCB$C>e8RLeDtFcP{m+)5Vb<4Bu0|+qML(^LWnnKf!qCA1a0sMvv
z2n{RIN1*iI?btd6<k0`C0Xh}oeo_PzP^RFTo>SoOn+n@;?AYLdOo@2QQqaws6Dd&E
z6TWiE=BtIgeiW|%H=Hkt^_AH7FlXF;V7NRsDmT4rS}?EgZ?lJsfGWD|@EKobt0$5p
zYufkfAZST9%^*#wuFua!1OZks5fk`o)Kgh`_Nn;$3GygLk+T7Iq_fWpmbMJ81}Or_
z>e%<s$^G6w`n~O~1Pf=UI9N$n69mxXQ<cGgR3e(GpGDvv?X48^HSJupGIiO%qP=`x
zFgImz5d+r0QNoWM<oRr#OY6WLe{JR41ji?OV6M2r<EOUR`xp+_JZJjFFLideVSU6&
zAt`R779-}GuCpeKE0=?BY#(^>O08EB&YT>JOvYA=ZhLB3%t4M@|MulYa^Dqel6sqA
zt^|vAE6!WHe8`ERP%(GDuyP@D!FBnckxX`^14itEZqz&F8#N|U6~<*R5*(nLtqPcX
zebRH1vBxR=qhC}+n(CwOV@6DqQn2bU{ywO1uNr>UHtY(lxEXu0t$6vpQq+$Bs-rH)
zq^k78RM4|y>IKKXvj}qhezz>U$y}HA{1biM5iNuPOiP+Gd&(y9QxayYM${UnaZbSi
zPVDNtS72ghB(1#m>sD4q&=HHtG173OD#|fZIUz!Zd6m=<Fuu8|d`y0C^6VbQwHl#>
zoRr}~%Cv)F#txwGX^gH)nQLnmStOezEu`nLK}oUH1khOFWPU0qy#l5fsYZANm5IQq
zWd-;RJ%!23+IV5c+9U;N6fLtr!+|{9)!2i|ufnpEE_mD_jGKnk*{d6vAfy^tD#m)V
z>Uht~ib`>IO1T%)!^5o<5~M+Y6FpJEA2;t(TtOobzq#hT-lUz66kr_#MURPUdV;h-
zQR3qQaN@bGDaUT}9#}N+r%Rjy+xnqgW-{Xplz89Ya0UP0@XX)_2^HV)ZOvX*=E&f+
z8X77c5FPjEzno-Tnkb@wg7^SI;AYp~@C5`n*)v}*C9k0zfj2<GPOqcjR#Ln)Xg_v>
zU*D<|KLz)>vS&O8<h`!cMo>HlI!r)*yd_fX6XCx{AGl7Tj(qruw@j_eVj}C5X&v3~
zKR}6JRxY!jDJR{ZGK&6{Z;1FOgT84m(>Q;4AYfyC!^J+8811FHEbL{zwPtdpDfzbi
zxKH<}ZYFR435Y}L^12J53x53beSV;;Yg07nfS|@a@;UF5-0pQOn%}<+d<o`u3puE1
zp6MPwJw@G)p$PsvqgIP>ABTfBl>UxNd#)2CO_wATu0L)RnCp3Nj2CDf4_AMm-&!}k
z3X2YwXAhT}+$dt(xaH>}%h@0|^#np2(xN-tP`TS=xy5axSyHVvqI)V#rvLVf^*>0$
zkFK&Cr3{a{Rla}zK?tweycIP-BYU(6zt~0{*N7KuJis<O`tZ*I|Kj^}%y$bRU2e<5
z%!+Hv>U)$S!lU}6xr^HoW4a122mhcq;;HL~o^ub2MwY*!VRqi`34}VHh?K_3|DXf<
zG+zwy6a@z$BGCW?5R>JKQ!7RFDkr#pj?L*2y|P+8GUe@CYhl-E0t0es-tOZa!!oaT
z6<!+ukPGF92Lq0LSsdv#+T3#w4fDT4<fE>Q;751uwE*{*&^aHP=p2h_qod0D-a9wU
z@5ehWdPmq~PC2?3ueA@$#Qke2W9_0@oQY!^JHPB<eUPpAs$%?kz2bVn*d_1U>D%VU
z`nn;W=~WoXU;-|mL}+0d(DMIx-KG`Swt(VFfZ~aB7e2O?&*uCwD$TR;CH@W;)XzED
z1KsvCdJ!(BcT@rZ2>xG+1GOIuOK+fC1(D8(KiX9aF5^3#(l&|Gc>j5f``)b}ZD{!$
zKux5$m&}3c=EN}ONQ<k=3dzcQ96lM!iR~4k9~=KA!qPe#n5lv$is9!;zg&lgEFI)v
zha{z?O>H^w;&oanSWSmpqR{aX!QT}|cP<lVIV?y&FdJg=b21^8Sq5p$3A75VpIOS$
z^kQ`IiHu2n9LD`3%?}*|;RcjU4J0uB&L?MJwcdP0DA;k<Pod*>bqoqvi3(bRPJOGM
ztw=flzBmOnV4_9;i8x~P4o)Fv=9y^O&bSzsoWQWQ(#!v(-l7AuWNM}v7^ob%qYvtx
zrPh>Nvm1w9VAVw^vCAr6C}YNfxKV;J9hs@mu?!Z+*erc*!Gn*g0`Q^+p;z$#uUlTT
z$fc*OKa8<N#zylQary?y3quxfO`%xZ`w%YvgJzbqji`P$_kK3R@KBQfT=F;li6$1_
zkd#iMd*6Pug0U;v3!&PF+A7R1yCh7{;sV|+*$m3n5C}=IHOk<qVH8!)-`SY9qgG%R
zG=Kl+ji)Ezd~v-aF*VHCfRCR+vN6@WvTgjn=v9|bc#A=E|3IyOH$#<vSoJraME!RI
zLyeC0r=b-PXCN<oVxV^P?x|a)8lzj~sl6$6Io9#Eu`m?b)ch9_li>7yaCghlwnNUe
z98>A432Ja=xMlnv@qbwoWW4eEy}H(@f)Y1oM7;6e(eT|W$4l7bze_Z=82E7ht5dVB
z8EQZP?Qhgc!=?)8W$ABpbRBnzu}<U5Y>IL6QvFvW^_KB{^7I2V*gj4ldznScFinfN
z%_R}LQPNwQBJ9g1QCL`M_vaB4VBMTRxYRr`wnb=l!PGfnFG6|R$_FVg^w16HQ`xA3
z7$XC^f8&GNomw|;&hpdc{0Vqi%@Y#KOKX7h3S~<tT0W<OVJPr=fJ-P4s_;#R&6E|Z
zILXq7<WR8qf-NxdmGLb<vVGzqBkJr^XVHgQtw=92zVS}0Zxc1AsHn8ek}Tf)%()~2
z+P6(~eC(f%cizka@d*+TyGJ#P-onGC1Bxjk`(sLi8(P;?q?{DZN<azh{$SohVl+7-
zevg-fOt=owy5AcoHGV>xj@ogKAXAc-?w>cJG!8#g&ip{PA{&Cm3(bw-iRjho*czNJ
zS1VBXg5x7+R8aKiK`%YEx5pqo;_c2$c1z?|kJ&FXls*&xevgx$@0%d}2>?{MVgv%-
z+9zO}V!Y;7sIk$M>7>o0>+(Q=ZR1KWIJO`+J>`lvgl+>Z^;PPo#>k|X<f}j%q=Gc%
zRW%U!!=d{cMA<I_X^$z&`%`@f5AZnot*2_H;RVxFRg>UDjwq+WJ}j><V_m}6M=2Lu
zM%kDyEs47J?F=$VW|l{?1La=Uu(6N)LzbQG)p7*K#*wvmlK$sNbw=8AKk6Pf;CtX$
z!QDM<QVDeuJs^WKqTFs>3k}zI_UA|!<YlPfX%CwS@~;0@@E_S4Tc^iv;6`luEm9K%
z|0L?WvH?xJMao*Y6a0?;&Sn7m)eSNSWC=6V#=$A(H;C4SHv>1Yr~|D8Ie&((*WUND
z5t>4C@6w@kcPLo7hWfp{W`n|a{rlP<2tHhZ1Gk9clV3}nqv1={KBH*tlas82Hb1wJ
zJ>^zq9b>;2K}Ph6<5m+hqws2NGC|ZNaWpFKPLh}tyCc}B%b7&!;YGUNf7>JX{_?VL
zm$&d)kROeQqv#@wnKf-kNHLF{`5hbK4eMq6j>4GjO954})|v)pnTP1|vyP@Zt8G=-
z*0YE85A5GT&E$<s%u6Zybj1%Sksm97EQ-jI@8m?zXCsh!0I3qW<X`2({ro+=WPcQ@
zSUFf?81OaCHP$$e$NsEUApZG#N|IaCYTu&~$5`VagMU(nKC0<4K5F#>RpVWn{6`$*
z7|3z@kJ?CGyZkGw6yL;dK24pf^t5WsxnzH}7z6fF&VdpBwe_2?`zRh~Odr32%x`XM
zSCjaHV~}UuSMj=g4+ouJtnmYEQBM#XEWFBDaAxK#xOmm9ovCfK(THj%3q+21S$0ss
zEvdx82jgdj?x}KSxn@B@jw`CNT;6jOP{g3t*gSOUI1Hv*0pYdmO_{H1?0>yfhx<lT
zQPLMzL3O2Vg8INhwO=HqWlCm=)Z({uu8*@q0?N==QndJN*d89>&>2?SN<SaOnxGaq
z4Q6#iwY??n7T#_hdOJY5X4Pri0j>FI!+T4#MQ^zrA_9359Lo_$5g>RsyhiYEQ*-^n
zEe|6&A?Uwd#=bj~6XFHA!>>)iO{q%l5O9I!)GPd-m$HdWy2g$gb1C>PRCwzW2kk`c
zu{-NL3hiX^vHKy~D^DLpPytGSPJR3aT+Q9`P6mLT(om>DTr}3)iw?YoFa4qa6M<!{
zjeME{mS6lW6TmACI6Svy0yO@~#xi~ZI6;&yv?bK@Xl9{uvl=P?+>_BW_aV0>Ird$q
zsgtoUqL%zjQeuEC`PoUL1C=KBoU?zfNe9`0gfERM4K8z^>tF#+(EKKaALG6eB{@EL
zE$lfI<_wPeV)$gmg4>V+@2oNom3;}jTa5AI$jnvN=`FNxO)-nFAt2~$O<T~=u?Wh*
zL2$Q}-K|(e%=BZ3{P>%(jQ(R0<l+N1f4ioI--4B=ePBf9D%<6SYV4`cIDfmk#djwA
zr*-{hMgWi;IYmPf71ZtQwrIil_`Aum8?_v<xTW{J=p9Gjr+A<37hb^u2%ff!qpLRo
zgVS;5eeEX{N}|E)XH8vJZrl2K;gK14FLha#l*$k}3y1*E?H9Li0($L%>*fC#ye?Ph
zLT=*GD+5{DE;wr;WM@rmfiTfvnzh#n<iqG4RMHtf%YyN5et%ed{dU0EGcB_=0m@eb
zqsj&Rw&Hx_z*iFxFI>0xcUNzs<~LXFynLIVZ$eh@^hLiu4>=w*$I6H@xc<Wr3iJ)I
zTu1q3q$Ox%C0zK!X5_%MuY0xQb-InIcxBToTeHSv%Q3o|r+r(NFF$*h1uFG_84cF!
z!-)XkX+l$?9de7jBJl9WS#&YK-!tA{6MPRr9-#60jDKJWRi2&;R?hlarr@{0en(@d
z=r)B-L;d%YG*5S0fvN`BeD$-UQ;F)mNgV(HV-$1A2|$%%c$t4nFrWPcN8mu<#cTAI
zevuy<YfPzyJ}b9~|NnuNbnvI9qmOpxN#;is{s)~{7Wb33%k0dCu^!QMI{AFNHQD-f
zL;zJ=|22Jc@Bi*|Zs%>`+2u95QfB8mMAYo7Z^VywxXr`brr^ozwm%_{SC5lv*;V#|
z4?ljH@w{pK=mz?Bi{I|D?D<GDcD2eZWcIZM@gqRG>>o`8kch~xlHTA85-lwF@gULk
zBOvnYmzAq8eWIHH2TJ6R_A-P-dhA!eptBmb7WH|+(ftsty7Ipw!1T)hIsZ<5jK98`
zrIfSr6yN*VnAj`<6uLn3G{B>T&egRhfM+s4c<9(7TSlBA5b05)&UpF>KKw<k#k8mA
zbk`jKJ8(f4d@#f#A5gHc+U2zZE=qGleBVE93>@}ym->f$NP;K^Vq*PDhenETlTshQ
zEc-vf9RCCxTtR@W_zjC}m?;bhN9*qa=BfP27Jsbvj6LeZ*srTSgOqDPBEYrAML1iN
zM%KM1;LHDj4@VSOOa2f4oleZ10)|A1+`+3bu^OvoOU5LF&XB0{KQf0+qR@X<=V^l%
zK)VUX{Eugo6l=-&|Hq;<L#KL4ucZJpu_c4M-hcKVnnJ&DEA*Pg1?{z&TV5rAr1)oN
z^ceeWdI3Pi6!I9bSpY<Wq2ylb|6^5_e;)0yPT`kL)M&hcoYd&c9c>Z#nzNm~Zt=Q^
z4KQRoJMjc^pcN^%b1Q9k5_4<DECy4Q{|w7|1rTC-GgsLP5Pq%E2%ZlyA^Yl!@cP*v
zz1rqG$W@V&UG~cCH_Z|7csUuei6Tk=9$V(DFxL$`0oJ5CB|BtpfUX9p%HHFDHJEhT
z0L5jlL8HvyD`V_Ud&Td0+>W-+GUrDCJK}-xatEC48UNa8M3R8hFSSAZ7tF+)uS3?p
z&OG8<XDd`Y?=d<=V>4ad@>A9`g_x3FU=M@lDXFTaYkB@IBG%SNos{{3V_$3+h${V6
zcP^0>Q_+{s<~^=_e&aV3Cr!7?{QJFAg=WPzuQ{j86Q2?*k`l95az>2yxMxr6O@b}v
zf#^b|IvbJ-d54HL=L*eCO^xj4C%-CBR)F2`u*x#ry!od7*(2!&t?wGW*sEWUcuEVg
zLq!QPnx1z2nvyaf9GWP`TFX-Akrk&J{6Q&sOpU7I#mVPxb<%D}(VUkve#B2lLC?I|
zJPoBYeob+1k5u(<5Rjhs*0V`Fd>93g4hLe}L<08%)w*5HO~NB2!@e_e)W;$oQdD9&
zlE%z|tv_Tlo>ktt_hJ~~YTkVaoF=k5LyOzOv%2ig|1`v7l;ZGrZacjK-jI9jraH$g
zFzeZc@e6=Ce0wB4MvIqMPcW%tt=*$-wh6d3si7F+Sv1*-On<@sU%{7u{D#8+eh;+1
zU8XyqWdzlP|KgOH?33y!DuR?pa9yWK0nx=(xK1i<y-u&p%P`>_@Efnq>GH{!q{Ttv
z@WHr9WuyAD!AP0Y?_BAPZ&LIeA1DYU+05?hna2A!kSh<&?BR)vys&pI&i>gO1!0xx
z9phFzk1h);^vUt-g|^&h2Q!)utVOg;H(7Tl4T1xqp;||cWz5?n>Uf<mi`on&9njjz
zS1uwdof$*L+<w_`pG_Gx?#L<50DxN&Qi7LFGXMg39Qe!+`?4C1J3vRxn3Sx@eOA+!
zJRnp$5%on%OUWYw`3a{%8%?Pz*P#r?mc_XV03hBJh_&Y$vIY(!S<#Ib*wQJ6kb4!u
zR`=0f1*H%!2PBbtnnPC!Fd#I9?5~N&5GEfSCckNN6P>yhh(!X7lG`v{{RyJ67vn?|
zbYQZ%<uTeIY#+<*1F#&?0)AU8wHs>YdyTv#zy*2_V&OplN%=_t{Sz7etrchAQ597b
zXMtXXXBzg|K{Fx6sK=<aGU|8-b6DO%m~<gO;;T&qW1`ke&aHyz5*@G^%H=FbNJT!0
z-Xx!Spqus!JtV>ay*GeSIQ=K(OC5q+)v8KbVv5qu;_Eyh8gNX%&zuAANFd;eFY-BI
zDBx>e+!iUeVvid;w&c&gOLeR%!sfPDxn3#T3{le+))G)Su{`k~kW8ImWRFo$w{lR?
zBXt44Eruez94m2R%^CFFwDqGD)T-z3C|C29wK9^4(d^Z{>ajztz^Q85DVgnW_z7$U
zaYn7Q%gM7Kk2eMvFGl4vH<k6Dm|Bs*_}G_V-mPYh-}0vEq7kunNPX@AJSx5A3e=OB
z@^>lP<p4hiLAJi@KQP26L|1lmbe9gj)rL_iP6)sb1=yPa_H0=SngZov;51?2hEk-Y
z$p}NH7Dq#|viC>&&l)2Pd+o|zor3i>&Oa(h?66in3`fn1ci7kp*~3!J<=*5%{;>bh
z5CaYK*zheol04~J92Ec#5o^|*841X;tu58(R!6c!zUco>V+0RcRQ^}FGEjMEuUX@2
z-ZV=zVpgo5GvbS)GLdNc6LtgH5uwKD&Lh&xDUtF#Zjr|5VvcDS7m~NdYUq(K%1}25
z%jw_AO|$+aJ1slGjFZy-4-R3q;IxqUU`MjS7NvhKO72J!G|%J4{>Gq(I@*yW1JJ%5
z&|a7Q=VLW-^s{-Ua7JHG>Ou_5lsk{!_l8she8JuQZ}G;?#_b2)csC?&f`bHDNfmk&
z3mtr5YOv^<<6-Jw@>b+p(AF2G9O(l$u%tk?@rr%Qod_fm$C}l>&3GX2rQ|$_<QbL@
z5%##9S~Ri1L?$tw$8Y-uXVw4)O4ywWZQVt*WoTmk2n714W>RwyR)jq*P-M}7#pZS{
zz&a=!Q^eMf1iZ39zRhVR-)l~cW|Rly8@1>NB((Nwbn{V9fSowZje`_gEI7z!xu=6r
zmZh!;Z6(5Wr~9rsXeux`Sp2WKrqSn<J$f0`n|`j6#iFsPVYY9rw4a<}nR1+eo${d%
zKsn!+_svExhYZu%?&~17<q6-+v=DC&gSFP##!aJZL}iW*)DYN533th&rsc3oLiqOo
z!`54XMG<|C|4J_@OQ*2Z(j|?6uyigB0@5L!QYxJb3M?fcu(TpwA`(k?3P?8+BB6kQ
z`k&SB_kG|0^ZcHNhq*iVoOAEonK?6a&u7lGJOKGxu$c15wUFq;v<a}x7P#!3t%wmC
zlLA~?-VsOHo|YrN>PeSdcVs}Gmdj(M&cagKw)fYlY<&nrP(5p*opPLIHC&IgQld2D
z2Dxz(fX(FZ*`mZ#j_(3EC|jR5FgqW@$p1=CoVlpJ^g0oiiheK|oE&EYsD#FWBhRQ@
zwRBR{h%vYDgWSXkV7RD_qhUi<F1o<^2|J^$PlAm)@t8zg{}$!SgT%iQk!QDKvvN`3
z`0{LT&|iB;1X*-c9GqpxTpGk<_<&NM&)2Ag&N#eZ<>WjXcP!by7QJ(1`z@-a<>wWe
zrqm^zUa)h2T?v~-b5D>2rB(7GYk<^dK68pM$qmN;758BrOUj615rFrTB8Uch!jMF+
ze{TCqH8DqNK7PWE@b@3T-}}@IT$r*!BWFFMN+<1@SbTRrSX*hrt{^f^Xp%?q787%L
zwhBBXENYM8@*SBCz4C!QgwtFZ>cS<b$f?YC`C02{+lIE1(ls&h0#fKHAE|Md4&NEn
zoa~O!8IQ+Pf-~p>6DUng$^Ly8y?!(G^(LZ`<Wpj-B<C2fuf|<;Dt{QGFS{eC=M7f1
zcUtF_G_enz!5>`L-n2kA{uXNKZ4gB@%6ikNK?dBnzQv5T7Pse%ckpt1C(*`^Q>NC0
z5=pepaO;|5&*Ka4g(uYX%O<Q%=|{7VbX65c(l9HF{)pQ<ix~Z$tvU%r6QKj0pLap!
z<@ujZ6UzLsH7cPW-;nd#j;I`ai_SU+CrK)0tC6!4nP5X+e@{rW`%ILAT7D^{S~@4G
zspU!VQ22{yyLFZ{Id=&G-xg&()G@v{H`Oq$GeS=|5ru;q54`OBjz*OW7lS#Cd-(~e
zCZQe@I0NfKVm);A&<LE57l_&`n@5j@NH(iZ^Nc1#?b717_$m{0HbU3&51-oEz>(hE
zoAjY}tojWy5V=TCKCOfeBB!ND&r0x*q-b^cKe58Sw5DwDAMLe5+zTYkMD-gx45EUl
zE41f)s9i?6VD2$hsGW^I68_he4PXjP+FnbWaf$W}yhw_EK7pwPK2CBQf7R3w(vF!N
z=|dL-r)H?+s%ao)FAXqNBaytl5KpxZW9%8bXRDk-TZ@YRVNcq_w}#8hrazME10Ow5
zGV8P|B<Ge>^J_tZ?c>us%c=MaD(-NbJL{*oai0K@Ui^DhIv?K27{muyX}$Zx-hMqK
z>F1<XQl1A#iv~E2lwz9fJwohJHeM%W4N^8AX|d1d3Fn~#9?``fA>Lm#Jkbb@!PI|^
zi5s8D14*I$9#xxu5KU3LNI#+bAX;iLGX`D%TL88(d6|wOBjAzXyuXu{VhixEtbEy|
zuU5t`-Ps9wj98|d=3ZbTf3ljV-lnzJE|R=#2AvzLf>MMym_&Kq^V;ua+cC!Z1Hx*h
zZ$@3p1N7M*;!+n4xGZ+WDngM`_jEFfhy0X4XNjQ+`kDvsq#p;q%T5!`Apwe}e3Osh
zjotn@Z$K@g96$a_c--k8`t3`gJ&?gKmnf4hEu>c!ovF1+gs~i_M(9h^crz4-R@MMj
zGgvemwIg8zF<H_Wu?O4^S~e%_8_^f0vc8)8LcmS9;1yjdg<?q-hjhq<eVRfUP=-#&
zB0l8n5Tv8%ebK%z>;(-I7PrIV%~KR9?pX32)=~2q;#>}vH*DpZdows2p}Khtc%|d-
znu?NQ^BZvQ3uPZu;hQ@e%*cQRfLN=vG7zJ!@-Co?Cusmi40!giDR8KgW8z}t4DNNu
z)PG>zAjdc7RGs<Xm@e}_MNZ6P&ahuXuquFm|4&R;ouD~9V~^7Re`309j{mj9wy_6T
zGMM>qRQE7}I?{pz2<jSbM8fP|Cc<o!<=5`xy`SKI?3r^+C_E6YGkK&Y*~3DUs>GCO
zbv*khv4?QTKEcd(xgLmY&pr~(hTt>ldd1LgDVCJ~az~rQJrFPi`U6Zhv(SiXj+{ui
ztt5K$qUk(LaU?vHAJS1hL*s*DTt3HB)NdUbI=tdeeXt9BCn$6<(uwvsM4r_E+5YqP
zChPBa-*yo3J$0?46x$WrijR)s*zK-T@u^L>?{if@796`G+CeW;7(OtJ_uF54fC}Iu
z<LFXPe75=^d?ak3GH!9`Hk{jo2%mj^KP-O`EMem0(K{N?C8F%Ti2Zmn-icFLYy(k5
zF|LK#<G^ne%zxq0@lH=-Pb*HTdg#k6&0(;=4aE^q#iRUn4J-%98vc`g<bSqEF(0fF
z_3)>L--dEsdP`v0{dG3!6Ri^GpCnlom_sTZg~0|kve)$T&T0N3CY<^sVAtSOH}HHx
zCoEyVfvYWoVjPz6c!V6gc4LK_^jia$1&V^qB4NK7|7BiaX<oP3$M+{Z8H(xde86!3
zK$AH<sF-RLTFf`rLif<9i7Dqs^+3x#Z2Ioq%CQ@)j0UclY9Ryx{&&PAry<~r#1p8B
z+jTDwT|??C;dU&GW2wFjF8?WtQhhfMxlCVxWqiXu|45cTJ!c<mmTlddTFV`T7$2*I
zDvLTQOOD;j`-830q+kkT-ntUaw=VJ80?jhfhZh0}m&9-Ops^;$HC)dHo55o3aUjn?
zz>1>CZNlzs82Xb9Zv#MN7)}2st-=5(vp%#H8%>I1lnIN3QkqRCIlznLPopj758XCA
zz}cll6{xh9_$%yliYKgaq|1{&r>qvD7pP_O69Qn3J~BSIPgHBk2=(vBUpbq-G`#GS
zJ+33gVrL1M1-i%5ncM;OJHdZL0GwS8JnHsX#!;3$8M!3JC}CVL#S>w^?DCHFryBy_
zBgMUGAj;Y0z^sWkP5MBC%qCzzS`D}|wY0{6n1Bw!fO(Vn5Wcywx6Wf?6x?+(Oq0Z8
zjWy5&nd7iXUw%H!xz_cbIu+(!x>_SO#{-|!fC6r4|8WA$VmK<>c+x_<5KgHoyh)Yo
zS_sE9KPFbkkszNJ9+U;lrfH>Ivebg>0W|4^?yta&%2I?c|2@pH1(@|w0?Zy;eFx{d
zvcgBe{^S6Yq_=CXM%k-6(h`g*jNY)xJ;4;3hi_l3S+Ko8T~3p;@0!maHia8=NLPvg
zBMQu(Vz7{S6loe}w)7OQ5E#$|Y<>#vePB8ja6T#X3d67jY0O-!x#Qlnw+JvZV$P}G
zzyR?8{D?V>$#k`bq=9b|m@=UT{DuCE4IqIjV7xpwKSKs-rQkeCgMV*$M*RQrGZYxN
z1W^Xqk!i99ts;ys^DZFSUI?OckN)dr)B!JJGN26M#Y~K_0z2ZXI|c9_utgl@*W{>f
z!uJyl`z_xintz+K1A+6y>i_jJNf5z!uD}>7A6EFxZ}D|<<AG=xu+IXcseIt|m2tqn
zjkZwx=?1jY$}BJvMFzGcn*%5j;{hWy(AIqQOQIwch7zfKso95-lGdF8C=q|&4Z6%4
zMS;VZItXw8MO&~pF$?e|{Ff5Bzr_2J?oSr(olr#~Dmx=e04a>bTK(odj&5^zm{J^)
z$*}wKUr6N6sp(%xq+N6*OZ*cK!&~4O7OLloQ1{O4>Ipt(BFy+sBKR|7hTTwNwL<QR
zajy^6?;%r;*;+LXGey^zeQ(qbOn#*S8dHR{a5%s!l6>DxJCPnGFL1o~Sw2$+!fC7=
z>h#%+sw=m!EU<T=&hnhAvnobdke<^@nHD)d^d3^S2k9OK_{WwloEGDilD_KH_+K6B
zVd<m>>REwQ>kJd0v&+v?vnll(@zfd;TI;y@5(1W$HVk{J2{;?CyOL$e;B?b4(#>hT
zx7O+<<AzBFDRByOySLfOAbu3X-aPx(DaYH6_#=honG~El%CxRuG|e!a$RxxH!-*Js
zGq?sXB~d*_<HslQ-9PF}uxD^>U48nr)24Fo*~O3B{k5h2%ckk`15=wGmB-Ni`BX1J
zJXne8;Yv-C7@$Cy1RNf*8O#B8M%H%P;~#1j%?4i3ofVdJM|>o$stI7w_XZu*)s$8e
zweh%=Vm;&0Ja@2hjNdeNMJ7xk*xU})x`OY+am9ZzgJ*Xi)mHhwwV%q2A)_UrvZ>kH
z!xM$>!^CWOy2U>^v?~I*nZ4}NYFEA1Xb;g!LRV^HyUK9Z%59_G`?$M`2O<h(@p<}i
z>AOXSGe=MxluQ&%$0s`bPRfQmU9@eFVNG5Xxl?z|_q5}!bFwp+(!@4r(%x=obR`Qz
zTz2IIaG(2y^x_F+PLZ8})v<9h%GZy_rRRI{$ErY9ZC6oS0PNKF&H=!XP^KN#(3kU!
zX&lmJBlDxe*-CJyI8eTK@*pF|BLK^h80oUmE`TKgP6^FiySkoWWdNdbOCBUn5UD`a
z^h$A_alP399|58_n1@5rF=4Y&jEZ>w4MX9EB+C_%*H0kTLakuSZE~VzgH488_~bWN
zzg(FjpFi*RT+qjDNp^WbRDgj$CQdu3RwDg>Iuok)4<n@`S3AD+5_ddz`42~MT=cv|
z4~7So<kwdImSrh$rL6poDPd)gh7$J7ZjzfoP~m?#k_V6Mo)IxdChBl^I<irJe1dE0
z7isD@M5zhw&!vnsYexNv7f<;Slsda7;hM+I^T0Rq-l+89%{9Z@@Wf{|0F80mk*nYE
z9fkcnU&2a$4ND_cL1Q3~Lv2)&ZQbk#0LHi%UpcN~-oFZP9QCuh6IWGAwG@2PuD=c|
zg`S1FwAylA5U?t%O8&)AT!TK5cw#sZ#Qloejvf4lIE*d^<mfV&e{kSCy*}8{QA^+Q
z1)mpjm&Q84hwqd0gIVda&IQzrk^gsFG1^f|&3P!b>r)^XvO?s*Rb{dN&9do1WaEkg
zpl!2>0a$_$fR=L~h{;F^e3C}@0=cM6A0k`dBwJMiNhEAR486AR$U;WRoXO1c(;IYv
z%ok}GZC8x;|Aj~}+W(KX1^)3XJ1>8jsR8^-9fn_tn4K%_9_pz5Qu$-yFFa!#fEAK#
z;b(aG|7g9}JRhKECg|(ri2l+uG#Gt=o=N}z(KE%2{||abFIfsmF+KYSW+$24JyrFR
zTi5Qg|9~NB9SUak6Mld5izoTY`$O%TSTe-h!)Pr(eD8=~rb+L6kzu@cr_DCL7O0>3
zx6Q3TNt>X%+em_2ok$X+fFDf!AWtr`&db1m`3D}SPduyP!wxb4;T~S&#n&8TyZ3R~
zp^#l!<g`y5XEw0%?D@!*qWYgBhZV)qOdyINay)zB)oyr(vR=zB$v4xMBW*?IKiE4@
z)S_&Maq*Pn^fbFzsVcKV?<-c7`dEJ_d8?Xmd=_R#v0c3OoKuQ^L^fcVapo<D){Gjh
z!X2rfDjYoQ@sO9oPdgpG2~=2l*gvw_pj1#kwsONYE!Y%(Co$R*kO#><x_t)dTt(hZ
zE$)+>D|QPG$<!!T1%F0&z@f~J<Dk{wco5yw9~;LGNW$OQE@G;EPyu5wlnKR7pd}bk
zifmQHP6+J9Gb-~`0KJ$m5Srba4YR7{(dJkR6G<k~@a@uubW$<QY(LbCDtzE_-v@h0
zQXHD@969CGa$A{Lkc4EPkOaCx#ejq{f0BV5)jsIrPX2iNBLGS4G3cT1--8ZBxhjxX
z&lFTmgn^Su-Y~V_cDR`+u&psoQ*)l5w5^$+4E37FXN>4g-a&P9(*AcD*}DR!VHDq_
z<(p*(^PNBI!;O8~DQ9}<EGOyK$NHb8@ZaU3OonwWXW<$!scl_b<6Mg$J1U8n$TW%%
zXt0`A(oq4b{nUH`4YYjc87*ryWRf_EM(JuDxn9K7ArDK5NOQb_f~Lj4Zd|3Nlm*V-
zv2o4iht2E9OXWHt{Aj1U8rIMJSNn`m{8x;%N%`H)dk8y**wOWOaMcz?hF!s`AFZ*!
z;@sQrwrg`)*fN;JH=R7Y6wmW^1_F+YerVo?6JOw`*9-R>*{3<rdKdb}r<?bpLfkgJ
zWNkdBLDlnp*Fc1<uQur|+#9HW$Pk+pxY`%K4ph?hiwp3iP`^4(aKFg~%*)y`$jAO&
z4FINJU%EyA(u2O;LEwEs@Q1OaH&!bR>z^ctadlv^$_kD6_cDM5C;`d_Rx$aZXC9qp
z{*AW$GmuFlq_Ar8Bozj615ye?gqu~k%vBJz{tOTM)TZOu)uYXCmU4?RT!++$s3o-Y
z(KX3!jT_yQo7PI~Tio+kver|b@8Zn9gj*gs6BNaiciK_X;7V??!EoC-1PG61GRiwS
z3!$B4k}zE6J3TguSh?OHczCV-L&`P8!#G0Ouy@ZBv2Kz%c#b*OsR~T<4f~f>amB+I
ziaC)SV5&gG4(gVZg_7ag!wpP9(a_pdYq{ta7qJDS0MD_zK?v=d2^1c#tq2bjZC5m0
zE1Z<&?(^&ugW)!{rj>W*L=|D>6#Md!OWdWReftDxy%xc}(EOr?Hlqf?1*W<bXaiag
zQ!=zpQ!})7)uhC|yd7KK`J~+f=-vS{7427#*{?o5PH}{8=gBr<j|x?AnU#V?;tAcr
zUr|oLhG;`r-M?1wtpi&Lr3I9)%R3{nrQ;+nF*b)YVYuS)Vi&x?U_3em`Y-#R4e78;
zCUnDk`<fhul>>Wg20V9YF6Nl91VoCe%rQ-?PLE3dTR!b?l@)n<4|qYi=)jhfFV`c2
zwe=`VAlD-Xvy^*vB+~@GbZ({V|I(TPs_2jN^|MS<_glW^rqPzzq_upabyxd>>EY+l
zd&>wrKg-c*gc=ACEnnw<<<TenUkg6}vG9uM-6&vT`8G^w%=OW7$R3?)^;7?EC0wC+
z)lbE~l{hheJU9B7`8(m0t4VyoGhUS;vG{Xo06!|9YkzYw1-ugO`lt+89!&z;@Ap6|
zf3=+$+XAZn4>bg@f*lr}+k_0qn#KpP-YNufYM#5J4^pdcUkI^mC!R$v5PC7kBELnI
zo?Oq##_1S6Uc3G1(MNYN$rqe#QmX)SBAfh|IXRcqOZt|jM3SRG_(IS-yh0mdQ?8Ar
zx%V}#R`R-&#d{-Uzd~pIzV~3uv7rS7zDhM<)wYx(WRed<wTp%E(%rL=y#-PjotV+q
zs?Y^<*Q%FC(dnMgmh?3DH07)jSfV4Z#kfyeT7R$vs-kC$EarQvrfuDo{#+-#`{Hy6
zuc8j2On3fMhzW{9=LQ9&E?7Vp6Gawvri1qt(bGY5b4vksz>5TlW$)7Ls+S+jmAi+T
z(B67>Um%ID?`4pd0Qo5IAAl{e_2X{{K~)C7bRIR8HWO)WDBlZSM9_?Lmeg@F{{F1e
zh0m8V7G&6V-{nMiFFDFJ{Wb|#LA{#u6UnPzLD3=&ImPH5yNF!bX9f+su^$toN^th`
zo$0<Nhm~a5TY3J7;~JGGo8P1TVMSOSB=K55J1TS+-@*k2UAf@<eNPqb^=!~xXWTAY
z2E5Z$^=+cfR{(JJY8+G{kwC_fIw|+}1tkRt!Ptw`GbWIx<(^D~xD-vb>CkQIeVbi}
z4DtXgL)%T`__yl9OtkY(_q)du)$Q{gGI$T$Mtt7qW#BUgSUKK5f0u!ixEhq*c=V7T
z)Kqikqq(G`+2=GLBpeUOEiCB_W1q_i)*ClZr+S|N1q+Wdj!h~+GuxwVn`s!Z>HKd6
zr@^x69IY3>&F*#;sCgQAV|y%-j_PYeo82N{JvuMbEN9UrsMBUw*$Bd<iRJ*T2e;&9
zL=9t%y~ngeDkF$Vp%6a3EHz&*whLDcRKaJEyFbsgk0^><F8!DBpr+*;knw;T{~_)I
zs7tdg@*UW}#t2R7k7kpecMpt}UT0=<V~NA)L`L3U-)g>`(N$>EiZO1dXLL(5jeqM~
zE-KLV4->c~AU&_l{KpeGSz>qs07G#$6Xv-IM3yIF0*I3H^#Z$kPN6~g*HyQGf<*v6
zgKHpQqN=OwwHKpR=srPR<kMuyi8rv=PxU?F=X{tX38W1pDy&KlQT)UWyL$jx5W?s@
zj>(9i$_UKmVe>Nz%>$VZfCLH;^v*HQ$9N0%!1MMxKn2`ka=dH$s1_iZ)-m`JfGwHb
zbiVRR{EIKW@@91YR2~Q<T3A#FIR_A?<^O{e@RK$uoYVnKQzlUHk7=4sN8l~21fAWA
zEq^W^9-#M2)<s!Hv!UBqy`L!sKUB{%DZ~Z%t|9cum7=Om_uWT-L4zl_CqS;98fm#7
z-N8<@=~lJpvpka#uTB0>K7}WrWAlN03N6I+uBGK~OpG}%nn4mbegOxy*PnrO3SRxX
zPPHag-=oTdCyGy~>aVeOe4_bP)0|IKNge`;zki7Ult$q2Bu+!`W!SHbO~%+o+t5y%
z;mK1Dpc)>1VBq*GbJ2DrFq*%=qCdhp@r3CtV{>Vo-22B!&9*bR{sUDLqc(&A0S}+Y
zN093@k4!GR0Dy{Dt3&d1o?}qIPirr`->dE0vD5s`J$a6UEkMDv?(03xKG9r{Y`gc<
zeBVrUn%%&1!{CFo{mav`hg#MdP3S%9w1K@0neHP%kPRc)GR;SK0a(SV?hkmyu}Q7d
zy!6gde(aQR+b>c53n0ax>+!&DUZ>t(7EpdGBeh(oehE}bmw`{dmp!ZrZvJNg_u&{u
zA87nN(KnrX*)=bqgFq)2z(8+1*Zqd0HaQl7Er`uw4qN_O9~)&NxomqbHvqLNc<qs0
z-&d%@vCuKf97~_>EMEZ}k;Gy=Ye4D)p_!4L*bKy`UeV7fjL6at?leRB26l@LJ<-Iw
z=2o?UT+P1JhF%f)?G6~w{-Q@g8Mn-G97Jir3ibEVY(hF(eE0-lXs;Khn*43l2WO+j
zzG{AA;pP}@7ifDdnJ#MLor-wj#j~5yVj%g=bnehdvCN9OMm}BitHP}@6Sm6VhGQ1)
z@-b;Pfb86!&U%|2Zx^rtULmVs9FCf?>k-Qv63)&YdY|u8<|QK6U6K2~RVMl@`JLNx
z9(wSSxXkAsjYuk|MRx_`%yIiL)kzz=B3CLCBhtvov!2Qs8f_r;_j2bdoi17}s&&t(
zAnEF{HxT2`bAA&Ag#ACn?->2+5m^Uwy_#G9hXJ(S^qf*1zzjIdCmJ_^#e(3zff<To
z)c<F^L(d#J*DI3~00?l+b+#G>fB?Dw3j)CJb?qXH$ZT95kEHQOseLUN9*AKJlM2M4
zw@g!e8LytI$Wm=HRqAu`$Q4Z2M^gR4BTU{>J?9G#{CeWs>IfJ6IJX@INa!q;I08lX
z8&Lyl7yXoQtECts@FtFjYLZHb?S%rHCm3`pqOMPT2uHMAQ-x2`96|UTyjqKyk1{PD
z-iL}@m1-V5FeqHjd>hk|D)GtT{MIozgyjwUB-`oMp#~6)9#CgbJfaSv1p?_Mt)II|
zhI>CL3{p16wjWTP>4_&6@KKA!S8>D5+LUk7M?i`M&PKN=6Iu4zC%57rFCzxy@?dr6
z#k0TZ#Y<bwa1?3@G)l|WC6`G(HB)<0#x~qZzc}PMo<z_k|BJ$xBVjoMMfGpb?>WPC
zfrJKTwp7bj-FTnG-zr>hyjcTM8jM*sBV$K-BoiM~DH)(wM<4b+8hq_lr2Yo0z!VqG
z3p}KoIGMPMI`?4IfqV#MA7e<~xEtTrtHkgF&i~5~#FWB1FcJJ45S}l94;WNNlxF~q
z*Vn&oqPquy{zCv<s>!9xM|rG!z;6reUzsZ}`X>fC=NRcx=a~1-AmfOKFwGZO6VJZE
zMEPelQQG#73q}t~=!KDLYI#bPsL!rZ%#Z6afB;g<;B7eue{in{@CSppS^vQwe4t)|
zB|NuCYY9=dV0VbYbk)M+i8vHYQAM<e=M|>+p2oMw-kRdpD_0oJST^@i10OlYly9D|
ztT1YaSgKNdALl^}Y|3tEy<_=R$&p)DS4G}opyS>Voqel#Q77ObxuBfJ#w{@R1FwUe
z<3H=~H~!o=qs;uHMg8OCTC)xscLdGVPsIvlk#ftSRUiJ0(n)x(F|GXhYip{&kjGHE
zA3USOY)Ux~IrcMY@0t1-jlW|1(hBo>6ns}R`Bg5cXzdkb;KCDBv?T)3)PN<sX}Z~G
ziF{R{r`D(ttVrFm%0LKyXs-nX8(?VU2xy9B`YB=R5vVDBow`uBvLYkBt}~!oUXZrK
zrdd#fpMBjIy+o=>$Issg2H8DIua#_W`Ce*K^E1L*b}bp&x}e5=hrD5oJYw-Bi~5s3
zd(I5G+LAxc3()t=P&*9<hYL3KS5W>Gp^~JC3{nlUZuNXZyzPv9-B85D%+k=y8)-l&
zn$>M4B$rFWLqa3#Oy%=0wN$Pl4R)=in=kwqTjU!S`y}691$RluetE4s%-}!5TR7jg
zVF8nV0ojR?*==j>mQ4uk59;O4u7m;8SG;3a#b;lL7Ry1(JMcblD{p=`V_4fXModF;
zjQ2=8PnE7eh=Vf6<P<Sd6ekrjBUODQ^a8TtZ8b>ZY7W^T-=*4pHWl<e`UUy^GiDCi
zjkXOxxHvCl#l>pbhM9wLm#QprDhPQp+?Fu6L8mOxmG&K;yiwH^()HV1R-LBgFx{(-
zT31BHEIw|tF)&p`qpE9I(kiix@*}mbzRI9jpy2$YM6RE4$PeJx7!5iHTuAcVhB_AX
zJ>EBpgT_F`6xU-B%$gynLsisY8^CZdR`pW!rMe!s9|!TjW;d^MJz;l1T0~w%bT<Zy
zu(!gv7^{2JkZ@y&?Q@_W0Z3YTwNMK-9gMIzT*RxjLqE{Lps{!h<C=LoLqYj*#Ya-5
z@Adukeet+ePo||eg+`_9kUCRQPjYv1?+t0-jF=TCyNsC?`I&QBY}}(s(DogpFZn0O
zkunCzW$omO4H3d*H|~8~);$n(n{Im|{|=bKf8{$1%_|0dlN^<DMP>|0>i9bH<;~um
z2Mjd&Y5m8F<Y<tZUn*zY=DpoYpwAn7Wm3C{DVIF&+?_&8RWLVPgFl|qYS2GDpQbXC
zLrmwZvNyLv_=h-AtMBn+CRCbJP~Mk9k7W7goYi=^=ATDs!rFzh@R5QF1i?jd_J|?M
zkNU9HR|LWRz>n0B7}3|iS8N7pIZUGLwdjfuQ^|Gc{3!`uddj3RxUt(&>aG2*r$H<~
z8jL;BWjqy)L@tLx>58IKPpCW;kc?tJo9hx840qDe63p#uUf3wW<Ta6~z&ajmkk)|%
z;sF%YA?y;&&ul;5o`h~tCj1I=d|3x5*z$3E4pF|p4Hr=vOp2wO`={%gCh}ihtQ}(g
z0Ki~aDg&8(?MhfVW&4THrp!_pRH|r8t{dUnavLtA>#1-r0a!)(9;l-RdQ=P##W#uQ
zUBz_r@CjKpV0J4Ju<*zW5a$lYMvbt)KRL#YWw^uf2w5cxnmYq}O5-4}y3|b)hdu;0
zhepm*0Z9x4n%4i`uB6`mU2*c7^hX7(_CH%`{Twif09*bwQeumd)3VGcBOMBmV0LUn
zlf<PCse8!Y^Z;$?9RddEekj8Cpky41&3gf)EKXcz>mm<;;TDCU1G5Y4pQjFE%hyV&
zWpv0M<6aNraM&RCe}Vde!u_;#HAxFjD0e|6`0k~1Ooyz{CZI8+crDWDmtBzh9WXOm
zEGn}OtlWB@%KN>&#u8nIRG<6qz$i$8G%tr~NLq11-(ybw6F~NledA@Ps?5!HI2~ZV
zgnBlIe0LZ}Ds!T+&bJS0G%1?QBjbe7Pm)<@HVhb}b-)ED^ITV1DgWs#tt0C4%V(;_
zrA*+LI-P|HrRPm6S0udlBI1z&&Uaz8Kv;U-sWKBT7J}!R*-Cj_vi$Jb!1#A~e;=De
zqVzdayjL9f8K=QgDQnq_)OW<%cX5O6vdq0wN|hzNB6E!9c#(SEVJ*Ap@r!E^RS81}
zHZe7T=-CEwas8tn+@J%hQToVic8VFIZBDU4=ogLEA6%P5u8X6h%5}<vN!fG;=g<$n
z26f72@lh3jzK>~Z5pvMDIa-^zgB$j`vkR=C3$}%7M53jK@LAhIYK|YHS#_#ri5w4+
z>1tUf6nds#7%V-hdK)jW^R>TuORZbLvu)qTwuzIwValzc?6PPd^m~+_lv<$F=qq1k
zCV70V_eIu=Tbv&Vrj*xbI;+lZy=WTNlJixqec)12#F9CBh&+u4D?22dC(0s0C8tvm
zP*Sm-NGVcn#vt%nd>UuG#5dgOq^f-~WRI3P#Af6WC)D5jit>F&#s*J&4Y#F6cEgV>
z;b&MgG0Od;Eu<R{wX+`DteCm%!XeiC+#-7wW#xi{Uj*d^=kbD0g>iI@*|qDp;3&xs
zYppog8;R|=QV^Ma-Kbn2^&jekgT)=H<<i(4R&V&JF45xBinps5>PGZq_86L^_|wB~
zW8-`EHFwWC16Lyd=@XJYwTfPv*#OfO=%Qx|AH2yILYcODYFL_k&7WG+fBp~w`M{eh
zF$7=wJw$X4tmD#fdyUYX_e?RwI4kP&hwLWE!)p7b?q`YmejUm_%7gzAj8o&XNB4ef
zR;z+O#D=WcbSR6+19e=pzo-iberxo}9R96h!robe_g@XY#~ccP5Uu99N&E5pRR~>%
z+kefGUh|8v*F8-21_2%5#dzfRMfQNbzik1PwU$o%P=hKd6J+`H?H}b9z9^_sl4$af
z7*|3a7^J%W>P(?R<X1S^wmGy^!<V|8CV_iS3+^DjPM7XFMp^R48_mWum&=X0v>;uz
z2sp0%@JemKvI{1WKJSo4y`Q+J=`sr}G)tjxJ$p>_syGZV&Kx?I+M$lz6AZm)37s__
zqe$m2g$%h;JV<vPq$rWLMK_yNap)q2eS5Zjd<!KVq&MjS+f;yU9JBX3QTJmDj1m%z
z#u&DtRzUC=hkrL-UpU(<F(ShNII!bXDI0QmHE><gqJ-v!Sq0k`a2^19iO8TJugKME
z!F@0c43|QW2_W@T9ru7n{J}6KRVBIaQMuBDPZg9Z4b%*E28IK0DTL;Zd{mWp=RxLU
zHGTx<V^k#(Vw+IsAT>iR&LtGaGO!yraQU4Q^t)bpQ#KT0#*$n=LuTI;B}oRHgr%Nz
zxGD^p!2F7NHFpZrZo<?jaho9~|H`>sU{|n@aK6!i0<S##>|x(MXw<7L%;n}Wa0|+q
z<BWI*j49#lZtF8}aT~nF!uKJ!F0!f_WUx|h*SjN&xjqju;Jy`+dhL*9qh(w#3n$Mx
zw~a4yD}r;kzJm^CT0vXimFsdOxZmT6mY{xAv+4|>x^?0mYc-Qls`@0AlB_(aE?snU
zN_6T8DMM0fr@A<`e67d5Dz@ObCMpj23{mf;$90kl$CoD5T?O^W_muP!*%QDTefM!1
z)gIG>Y=8EFXHb-+wn1I2<;q}Xbv2DXHlPXx<t0BMe88V7qZVN*SBuw3tE^~h`}}o$
z5ns77cT>$kj)-!EIXfJQQ)@5#*JkS14+vF)$0@MC=LAr9l7>?oY72b6g%H2ieo0X;
zu{a_1PCCMg;PK?xbOCjdnqHzFdmJ!-1jw2oFLxk}a+n@`{>FTMX9nVeVvpO#jV+)q
zan?&5VF&%|;1sN)MlDeKAZ!};d7S(kAU7iLfbY>I@#B;prPxaH1a<1M_V0?qgAiSg
zAy(HYNFB!}i>ss&awr2)RJoqORHp*vG~23()c@$F-U2i0rpq;K3bjcS(~@E*a!Lp;
zEO$<c1$WseF(_n+<)+8qt>4n=4>A6}d<uYFWK4qM%{6VGm(YqX;y5>efAFx;i7HBw
zOy$rh^^P)$>q$ZA?&tqO?^M$e;=gaRz8lY`j+)WaZi!K2R3EhG0Fwf;=Yu>a;V&Hh
zXoAwbiBcr>iM|fsaz*sOQ&l$9<Tx#p!AGoMRUbL^n?af;0_qYkgl6A;*oGRvA%fFF
zi9LDCt`2<LSEX!|A@@w(^(6Wolh$MgXK1V%V@322#~v}|4K>Gt?mo(dJ?UJm{b*Zp
zfX^x&ng5)X%c;TN6Q$Vzpt6{AVj(NHP2GKnEOb6gu{OphwOp&#2yT@_;ArQQ3KizT
z-a^7-lLom_erw>W$-XU0%wA=7*J5^T<d(1bob^(aQ1R#8*B@Ahm4ghiMx2fZPzPoA
zH6?2{^E+NA-<rSk`?UJZxaF++=1|aH{?apavE%nu{`2&M-9Nv@SOf_(BTTGzm7G*?
zDNld>JbCTK(Ul*GRmLu~@?}q7ZRA)nJiT<<Tj$w+^r_!L50pxB>fG<xpmcp10TRsR
zBYW+Wej&O@pV6{s`!#H@0il4nt!$D*9Y?!qTce-zjquryV!j^MK2ah4qf6nwC%(F}
z2|w*<*!fliY4<%%Dsbt<j`E}4QxU&#)C`X+De?;M>Ab%;gv)^b#kDRpLMcw@@g2o~
z?W<?rFJp*ZjASHHI`|UdJS2Up=h50KwWc~+v<^XVRR+qoz|bV=3!4l>Du(fb<wZr5
zlG7&7!Lx$0Z+DlR@~qp&q(K?RLUIfI9FW=9Q=ZNyKKydE4cIpi?-Wf52_UCX6i0b!
zg#ll`st^8TlMDQX8m*45g-$Kfo%yA%o2SdG%ZK265HgwmnFN;*3Ct6Cc!eI%s@!-T
zwxslnYcrl)j^v);(0xlm1sbh;fBqz?p5&8S_^}Q=t}`~Y4_f*h_)L*7zy|#Sgp=@O
zvBp>Vb+u|<=N09faW1@Y@i8uIl+Dh0*aw}SL_w+Ww38QRf@v}~1oBk}rp(lg?cdIz
z<U%kV{>#21bCTrzpsPkK+<u--p4FCZ582XNL}z&s=Drqw;Fxk-^K(3>vUhiU7X8ib
z+w4>JeX7R`N(?pFL+$kOZyeY2l2lju6oQ_i^OBy7B%Yn%Xnp*ZR&W~TwIr(UERvb*
zi7+*<eGpzm5YeF-ErBL}U__40PI@~Ny(h!gPCafoP|((LeNBQes-VknasPNLotuf9
zZuR-N>&u$$L5ck5TEUzaa3|4qLYt!jCw-O;0a?*veU|d7oCYlOLLJHCgod6j6n;_X
zSqqvVGC&S?i;ZJ5vGrAIk)0NH!0)x2uDi5#Z}~28_-E;O^F60Fm(BBq?FnSE>0iz0
zJ%wnXX*;LCL{h2XMcu0ErV&_rq-V^{p%;5os)O^<%Z@;Edi(eV+?u@e!^<t@Y=!Bs
ztjO)}35acy%B;gghJIIro*KU7&tsoRbnY_k>!CG!&w8KW^0^FXM|>md=Fy(>;4WE0
zo=L7fEtDtZVt+^fvL}+Af>gifdgIfJ6JZ|M<$Z$md-fci>%Hd`HspKXEA^Z!-3bQe
zw|voS8Q%NUj|+;iUXCQwPUjR5$99^Y64yYcQt-i6byp8|Z1yz^!!ik<x_<!Pyk{O4
z9kMaXiXC{oj%B8fwUTL0*hYPOGo`MZ0}_+ou)fc+Sx9k9ob9ghuO1_#t%vh;9=D#C
zB5Vn0`hQMLQv6ix<a*Z4U=3M$*%497+hGXWE+xg$#q!UBGs`g=m`Sdyx`it>-X`NS
z4gNOf87=%x53=T6X&`wbwDIQ^;69vE!y@mLQN41yussj|v2LbCvC=;jv!9|LcIJ_V
zb3THX{nA=lUh0iV&SNQ|Q;UqqsMvOeg=ntuWH7lrHra~NW3HMZ%jjhRi^2|XhaC~Z
ziYAZ*UA_~o2mM{+m@FF#W>gN*@ao%|x<L+byYMR}t_$st{JFT&+XmlsEo2_0cneNC
z^9~)$s}(vV_Dgm~+=fdg3N5}TC8!n#kxgdWr?-A6m$!hdN61Os;9XIN|8m)818%%^
zMn>OVay1e;+P?pSAmT9!WQx-_#G)Q3LeM*-I&+%J?je~4X)o-0NUwH-A}qA$75T`8
zaV3aixF$NKG}sX#!V{{dZ3V;4T`3)^o<IA>Z6)@9_Dt$6NCy^{r}eL-aa-m?xZENs
z0&4E&3LiD2=;LC#r$ar6y#xA~B;LAt$XaS0RAs~kq9pG0cJ<)fAG&C@dw<-{_@e*H
z5NYhe)=4EgKZ|9|CG*jmm(Rw<)oJoVuNdbUbhA#ESl8l9e?1sP^r4n)+iY1{m`GY%
zuJDo>;lrB9Rr%=7pP1Qj2j#vc!gTQk9sZOWS>fM(YT92lXH_26$cEQ#-(|Qf?iv&t
zHEbi#y`E4Q3-#PV1~U`7_EG+HINfoPVHRry-|ki~9OP%ZC&%z{8T#n;qxRaQmwNPP
zPkQ_gv4c=<6`$65N3+mOFQkm1+i~e?rlr`|nGF&TCO>@3rwP?zd1Y`R$3>v^=Ak2G
z;f^5froA4LnjZDxct0L3Za1{SMf=*cWz~TL?9ujnw!>vi+e{u#_Oq`sh4l^P!~4T=
z2Nim5KV~lM6ROH;de!B=61ol$^(ojM`p>k!COtlILQ8z0_y6MA5$Y)WTi^yORTtMN
zz!uK}0v30qGvt;(g{HV}3Ybg0t4U8jlDiW1)<dT|-91Fwb(oy$pIRwLMECxD`Kdua
zwAkH))?w&P7hNP%^qd5$Z7rw$?2D@QLG;3z;-6unzB@~?GCc2_YTSKOc}Cj2>dgz5
z;E5x)C2>9P370($c$f_3hqc!4gzO&%(kG4*^T{Zw)K;0_n4%b~S5ivSAu>wQ2K_@i
z6GT>(A~kz(7GW0&f2mDyQw$*^MW>ViFtKotrB%$3-hnFhU4duiaGn0ZVwUi8rKXq$
zFa!VvY&_K%-f&=LRO!<o0ywXoMb5F4hJA`|2Ad@8DfQ{WmF)Kocb$<cN{y*e)#Y<D
z52<ZlzXdI#v{v<0fIPYnn3zi}WHs3`1k0`1{H-5ZqNfOdoV&<0!g{6*u1LOWRP}N-
zeJq^%QlPNtI$82WWzuEVW3rwCSD>aX1)}RPq|Dp(K!HupjzHD&%iUig`ZSfL#JE4m
zUh21r-t<3Kjw*V^3H?D=G@>jT4;3`cYP(6gtyDq+S68R{gPu9w3@`F*J$6GW+$Ad>
zFvwQ4`;ntUmbobRv3ihT<6-a>M_>*DeN=Kx9ejfJrEYmN>CI%4AfmD=D<xVokQ42-
zzLlWozmOx4#G4oKA?4cx0Ku>*{kA#U>Yz9A8hGfvzOwE2q%+##B~10S2>dVrUC@&}
zST8BkLww$<pdqwpP>mo6wK5dtOdrnJX4S+OT%scyAD$ws@XQ27(jc4`7!K9-d>x8y
zOocl4s6?FB&?1h=D-AfEybAJ)jk^x`vs0;%&&WKbQ>~D1$~*<F!uQ9AHGf8FBCqO$
zx&Oo)RYIdnLeU&*Pb;E`EqbPi8G>EPfs<OfLNKp_nD%5u|G5=>pEnxzI0C-^ViC}M
zg1oW|;?DO*UJa>XZZEovC^O1H)zBX$q>y@w75Kg;uy;Ba{=0YNihomnNGhGkkE~1i
z^jckvoAnn_ud!gzezcEo4J;dpWBHR~og*2(E-ClS+9J<uYyb1F)XdsY15O=^euD8z
zK{sCms7MIgjxOWbBW3C8JLLTZqVDDC1X&-3W`*~(%=SbAu(cysgSP7ixhZY3qdu#;
zX{nlhN#bXFjmAUI`!=S1dQ{^Qc|%h1VP=D9krotfl74HOsP&c_lYP8epvJdB2;0{g
zFuA7gXNh9L_u#w7S-F}ktSLkelNIKLZEK=_g`M7np|_)XLhV47lF<2|f~K>9jM>WB
z^?rvU)OpG(cNhGk+8wmsH}U%wR_;Ymwb#M~X_X_WY;{r8nh(FrQ@0mTKJ3X55Q>M~
zCe}^Lq==-8C5Wk${ty`m*Jw#88_p1ubG7Aw2tagTDVDujEM7{_ZIY~o2$lKliB)U7
zGQ4rHMX(d32-OB!&T^ey_&B203%rOU;n2sdcG5W>aAGoCG_~6ihZa{)^5+k)^520>
zPQLk2Dw%D(;Vg6M+c?aC;uWb;V(XMPJ!5~&y4h#`8YT?o8feY;qWNXaj_<W9s|k~3
zMXdLuXx*6gX3!E%&=@S=aTy{cYC$SmzD<8-{!^KVaxSh4%dP^NLz*bSdnKH})r(r~
z-HcfQPTuz`1YF=7<A9_z(PeqOG=6)HG!e4kX?=hnHB{LW`^vDiyq*QYTorTCOKOqK
zDjWerP+Hp)<4Hpg8_JZ~H`T@4`d-RX2ERQV<Y?2fo|tNu@GQ`bk7NCVeZf|tc<soa
zVygmf7o-qw$YG^SVy$%&a%NW&PvnRx4)bW^do8!Qeb3}DUSm@bxM!$un9|8D|FFo+
z%%`7kYO97&6lMcHq;WT%wTt|N+k?SCP{?3JJ-23Ix*F}c+e6}bZ|Yt|s9h3kkQF3k
zmr*GK$@X{)*DjbX5i-e|A||)4?6X+h<49JJq1LkYsfu1%zsU`uH#0!gr1nCC>FDA4
z_1yDcM(Zskd1XJx|6Cpj%#l^Pdu<(?{a!z{(lAn^$(D;ik+gD%-JCuDEg`qK26-9n
zky-e~M9*gCM9x{|G7I|@iT&q?{BQZ+ogHJo$|V*Je3ALb=x>&Xx9o?AO1VEZOX3Jx
z33gTEI(?H9UNYLuH*I0cI_Y*IX|J`9kDS1p=w&(6c`GlNb<e7=B}FF}$^jM#H2nHg
zCH)SW#vkP$Juj2V+8j=Vh9aWBNPORA=hhRd)mIwdFAk)H5Ub@S=njU6Y)|sxkz4!O
zT>ZKHW0Qx)PV_@LlTns(Z#Yi<t}U@H-;oS=idV`0ipW};neB#ZhcL|dCzp6tJe?r(
zn3L(CAV~^%B4y2rNuFH85U0zIJ?=OJd>j^5#3!qpD@=ERO&iGu8#p0k_TVEw?$x+u
zS1E?O=^7u!u;P;x6#E5a#UlKX3>L+%C9~(%F=P1!RNBeR-t@y(N|Hy#(Sdl1DSzV0
zF)6*h*22Wc+pd3%;h%_PG#g>)npapm*rI3vz^{JEh1;7ov0dg)Z1K|u<u)afed>y|
zD?K*IM(K75NHJ}?W9w5+3B1?i5#c}dcv5#^1-(bx(QgnxMdMK+Nhoqg)Te1_(^zzQ
zdur@T@%2E~GC5*BUPl&<T#ZEKvA{w2CC7|x8htc^lm;WqLo0e&bEav6ZT1rC(AoRB
z^XEyn%Y3>Hgd}sG^a^+O94xoOXlH`G#Qm%|<4!~L=pRoy3+a#B6Mh?F(*3B%@{%ID
zI`qE5_k%x>9K4Q4-m|}@pvVMfZT#0yLnUm0Ml`pgTO8<6hO>0O_!Kc*;$P(-$H!$J
z|J(}SI?(m{**0PIwEvfx<j&7qOCRwS+3c=hWo}ZcC2Kna{(tO8My*Fks;i><b36!P
z;o4)AGaKIf-c<!rG>HfOD<$|@x0(x#>2ec-u}kP*1j0*q@Jw(#syKg&g-1N4I-$12
z6%Js=<pmn#62|$Wbck=0*PJ%@gW=$km`-8rEv4{ttka>d^*Sst=Udo2m}kj%9N^N|
zSY4k6M%LS-+!ubP73N6W*AthL@1p(a?dd^+TuZ{Zf~Vp^O_GHK6?j6ZyQbGVpzE9T
zTOS!)T5D?+^G#lBWzlK957xDcErFrgxxZ2*qJt~&suf(vaNNy%z8@8NUT!XgkYE44
zuv6S5wnM*uM)xyHB71$v?K&g)r0u42R*02vu!m0Qd6y$%=E063T0}^iSAs*h9!xHw
zzmx1~C{H9`D_(SEmgPn96fT``P;j5F_AU`)e#pwrRARp>v?ityrwzY4H~yFpZ5Kpn
z8G9U&Ufp?ja=WPIWxKUcX7<2)nPCUD*EeZ}+*Vu19Um%9vmCB)hZVhQ$<9h=YK$Q^
z(~aB~=R5N*EgZD-e~6w8DF?{f+z+Z<OT;nVrXG6!)U}i{;!u_eX|;`;rUK%YSNH$0
zr!Tghh`5kqTL%r@b>o1%c6L6^YyZROX5`HOvuBQ@(p0dvwv!i^J_la>^+&|lCW5<(
z7Z=b&R@$wikRe=)^9Z8LVK2pvm^CGv$c;%lp}Rrooi>HBDj(7q?hgFuSX%k|3-y-y
zFDi;*+kGR8TiFG*EuTxxayO2M47y)%g{2FAS6yA4m)9%sjHlYJ&?>xrrLA<H*gdeG
zo;T7bkB{r&Q@lH0`&1v##T>hyL%LH}=~+@lo@|hROyVoyGoMb);NrA!bHM<Vd3+e_
zuO0R>oL1reMo-H;Vd2o8LuDNKS!G=Uhq?&Qajl`5+*(?2QeP9ApQl+p1yNQ>bM*<X
zJBakA>HP^=HHnTiodR1olMU#rfof)EuemnI90S)I>E8<ZxvRarxa;R#;d7*{2_xRf
zk?XYcO;oPq-rK}?BrWcBSl-80lzO74mmb_j@e2`HdxM&^;m@Q7NKM_h)?0=do#qg0
zGgX(*{bOvA%spB^2W#^GK0!HIyU2d<xVdg<q)Y+T`Jii=>G4YZeo~$?>KQ(o5b@)h
zRi|r^CtO827>})gxiW4^QCSo8*U*S*wCSj&=5|}<E}R_WZw4)zrFE98TN?@r?XwEK
zp`jH6A?R^neQ@g;78a3YtRl{Ecu{9L93z0m_rQ8)1Gh(lI=qmQicI%oWT#L<9DWFo
zfuZ#bP59*F;|N;iHWsqpp!-(Gd$<+vB&++0NUdHj2<-k)Ygy?cI@Qaa+oU+qc!P5q
z+_tucJE>9AnCT6&y5r{T&w*9dMWp}G-|7X;;YSvgJAwqHed|94T5tr_+yR3k?GZG^
zvx`6hu%mzAbN)$U_QY(geJC(QFmCn%j#1APA%*`G@Z9Bf9O3*Zb&;)m3%9}@S5Pf_
znkjaUZIiBzrBQqL$7RpL6OH-ZYMclfn0&QtHXuFIlsC7D8v?Y`EF~uwHhU9b^#aj+
z5%HzJ@d9EsNMw8OB*IYghxfcG=wdkJ0ne&c(b8pfqm733Gu=x<t2^%^$Ix*mfF1EX
zpdE6c9e>Ozo2+|LFSNe?k;NSU>*qL=(}<b&NE#S7k6$flJBh{WWuzjFN4xblFKxkI
z8?&Hf-~*m4>Yeiep}+@^^T!TOA|h#u&)5IeJpKl(i2p=nOZjz>{+<eJ)=H`8C{oeu
zzvEkW_IEfdI*Tw{`t>7ApK;~U^NnsI5p%=G=_vOyg%`Kf6F;GuU+KG2>f4GYYkYOK
ziXWBaX)IDL3Fr~N%MWcVlI9mjgOTRe0|xQGdfv<s_8OWxPD&)aslnU`=`+L-r!Ul+
zowRyybP9PSbF*sn6{i;JM!jk=<qo#OO@8Ug$M=rXc7$f6Zvkv0E=jMz$O`f_-kwPp
zx$Jxe-1wf}ISwWz8&F{^EBM`)gQbX2ynmJxOc4@DO-fNXeD4n<<u-Q^5TKeN1jDTP
zDNRB3j>74Q<+H#CnykR;>>@r|Cq&-yQPmxjtI>=6$6+3G@HbbwZA8PkCC8&#Al=u~
z&Cb8<5~SGD2?7lQ#W(HrvQ9(v6~86i<+QW1$)_`XFCj%6P1A#Lh)I};`pxeYA6JI+
ziIOlg6nZFHX!bh-&Lf{Ue&06*sW6R)M?|7J)y!srGLLJOqwZCYQ&Tg&GKwDB8WGWl
z*bO;G>PNq}7SH5-Zj(#vMme&>&ZCt<&hbXiuW3LjzF<7pGeeRnq#h<sTN3}KSl1z;
zSJhBz#P)HvUW3M4yhbh1n+&?>nHrkVHx6$D#rQVMGu~}{ufZuYkKs-wE8)TX9)4>>
zr`qVYVnuR|F3sRpR+W)Hjq<7)$;<i@@c46U8-0ei;jr<^W79r3f0~jIKvz)Dh&b@R
z7RtZW8$R!K&6ch}`hao_prkz__XWLgjhmmKqQusUsjhmXKGV<mlNtC`6~WMG@@Oe*
z{-c&ekI<_=6frGs$ubf3^jmn%XQgb$PGwuRb^cK9XHAXoU;Bwz1(WP-G(LmSR<im_
z^O-aUT663CVECpe(M0bs`Ktk>^zfO`<0P5eI$~LV$zF*?=35&Z*q7!I+hv_<Bwclt
z%aQQJ5STjiit<ma{(vaKnFg_Ydx-4jI|lP~I<=eN;xdjl!Q^2oZO{0r5)Meaa6FC5
z>D1cFykjM<Gf#e&et52~8)Z32zfWFoqeQ161V`HI=itkL<XeQAXDi(q>V*BZ148pl
z*W^Xu7es9C5>+;*l&^k~_LqEQK`Lg}a>zP7KR`u-CCv}!*)#(;+2!YCb(U>7u-ZTK
zqFxQQ_R<Yn9$1^McnwA_x(`fr4SwG((2FT5llTUyE(~!O@z^r2th-#H5hPDK97UM@
zajCO;FZCb+IdF-_4mc*Eul-o2obo$V$>S}YP~#9sncIOZjj<*CHZF;X9W!Fe)FD!Z
zbXH$IC?*+#n}d8A_4cq&OuU=*7A{Rjj<}V)@YjlbUA{La=>4))q{8<K+;1Z%8&oIl
zo4-XHo{rSRIyW-&lR9cMX&qQNn6kk3ZBWZ%c+;WS7wi_Ml(h`CTc7KfoB3Q54`@!N
zqSMU%9@*YAh(}1V(CR4al~KLJp5I<Io%JnRf&wYHCN3b-e4=;glfF<V>5&fqcsPqM
zi-;Z(=B{fU3X;52b)19<>TUVX)S8#XyCG2}Z4f=B#;qP$NaJ+Rn}0pfM(^I<EXWsf
zuTNHb6Pn^xNMY;s@ZO8D9TV|aoaEiFX8qEO(mh|gI{GzbEcg$a4<uB<_e)#82W#Hg
zmm*bc1jY^O-qCXBQ73Hz69(LCmq?r%_5|mHsW{k#_{~9(2ARn^!7nN3#>iuOzf|a(
z^8*7xq~h@o^v)Zlh(r<>acuMV7Iy}SNF5b;quE%CVLeovs$O*c(=jBrEYz;Y<N0Jz
z8FH01ih9r)e&^Q?%k)6uk;{c$yx~bV-t}5Pq;zpH*Jqpbg1e8_j!Ji*5Dx#?WsM{s
z0Fj6XxLdq;d}R7zROe<=lAW*cCg&6Dn+LlST=>QNh}!Of2W7aje6-TVGW%rVy^}HI
z&v2!eY}0+aMM`Vfzta6~^0SPnnsZ^_Fm~sC<|@9~VzijB`s!ED|3}<g$JF_3|H8$J
z7AWq;H|}o5p|}()?i6<^?rz21iaW)fjk~+MyBE7pzvrCf_vXI2f86BeBqX!unYBLi
zY}m}KnPqbohAtd_RVt-f`;l|l1oh^cmzuvB7i?zh?N7$M-jz44r;c)2&K~{Ua>g|4
z#N*1BRG;T8!R(f^^+ydRfC4B3pH2zdY*Z<Ans6fBYE*ebs#peOtY_=D8caH>qoV(X
zU`|+TN(La5&ut7^vY&mR5fjZ4h=&UXO`B~E)^di+Pf=|()E2Vz@}-o|ZVY}6Q!U0k
zA7t}$WkEsE&|p+I?VfHswa*;JCg4j!*>%)5!2uYx#~dF0{6W{>>#nuhHvnKK-tk?K
zs(gW>W34H{>#xq4U!7koJ7<>N7<6qfj07TG{sO4rz`b$vCE=<8`1PcW8=M^SCKj}o
zO!#8UYiG0~D~k1CqNDfMLQNsVXvp{@vOkBfoG%dps@zKAk)MjkJ#k&n+A5QG2p+kk
z>lt+==!!G(gGv5@v%LlXUzGZ|(_$G#PhKS43M$V=;{DICVtz+i(Sc0vk`OsT-=RrH
z+Ha4*N37N)Bd<A)RevJf;ePjDS4*gS_K^iF;){V#PH`uV(UA4;<lD4>hwP2qnQM0X
zx40HYl*{1pbnfk=&p88Q&S_;HK{WagK8U~jX_Docy70g!)%bFVG@F~<Cka`uPj~2_
z00{XYrYC=41iilh%w_@i+nb7^Okf)ge8P+w);nv813ocqv3)P~s#k?Q==?s~fRTog
zjL+P+*t5ElSD6x}qF*+vlK^eYxE>8&Ig@;$rmKhIfQa0VdXw_JaosWrM@)5$hyyY~
z4=uMpQZP>e-|J1O8-9xB{PNllgb?IA&#!kc$?|S-JDLk&;-lqj0PS~NpUY-+0y3|C
zdFY>a!ifz`8$Hl*Do#8=ogqQ2sPtzwzh8*1iI;z*CVoL(Nm3S((yWhSyj<+h?t2Ql
z%#Rg{5Tyijy#G{|t=q*!9+G4qsQaifB6)Kc`}Q3DHWqylc~B>8`ySih<?gze%t;Y5
z^wDu;9mjK)vKT6|M#XsK(ic^4wCmnqRcj)3`1P?z1+5SlhH+ycrd<KF9$(^A1T~#&
zJQC>>&OhLSEQLsu7J05&oK2U#_RM#!z;Z^uv{6dnE*~`}(a~!}x4y8{i&2X`G>%wc
z!#A62t+(4DbW{)B1kc9u){_Hnj9wdb|Da~I!sSur*R3j+x9sd4&4OKcS&~uH=QHYi
z7@ZYtMq6+9>P|89<Tv&XA>)%<&VdNQJL^iT)_gmUl>4eO=WjvZY+DQLXg)tFWW=XT
zQ$a~=Sqc>_DATtu+!NhWmCiUhH&c#NB`7x;vN6@@=GM{>4xktdA3B!Gou=o({mB*S
zvF-6Vn54vmebtZiF-G5Gs-e7JQAynXM!G4iqr~?jtf<|Z@t*P|D5McZ>z-cUP*@|G
zlHKrCJR`kG*8)P>rXedJpD-di5x8e4t~@$$#8165$$x6rslqo6qhhEX?YDX|#Hf-)
z6nzr&hz){~COrL)Qm>sO@o7!6@%LLObA6<T6|n2Br8L-3G1}3$S4GAuVeP&1?BZ+L
zr=L913g-zgO)#*A-Ok$ul$j&ir=UB|`7Ly5UM8(%O1s`;j5nMdjLdK}GX&NTJ@Q~_
zSDhY2QIOwlz9H7-j$6JV$9wO1MA48O7QR{Tk+j4iVL(N})-`Zeuw@=~jj_od!X!sA
zj<JE+PlqDthbJPJp;3jEI8ht2e353Jr+Tp_DhmJ=)Ra3q5eGGesf7YnyRc0OIfg`~
z`qC51kjKQ!nZeBpq9dVSta5x>xTEs7VRW;v`IE0PRTp+zzV9~bi6O;&xZYPrlV^+{
zOtHTFs3CRsc<o1R0I{r*pGc)+Y%V(D%h<p3Z6{z74gT|b$&Kuk7_nfRKKu-2J2Cx~
z>0_PQcj;tqJ?ehN<XhIQ1f9d2S|JuKf${)+S6>$Ohdj9`bb{Yf9eOPCU4a7xLM*Lo
zGhv+2Kh00_Z1du;;QgivcP(PS+%pZ*1Up8!D#=`t=&Es3oFP)0xIIW5{Zb-q*@ekE
z#t$TS$?SM4;Ef~_Z~hARIX>cxEM|(pVxxbouk}k$_;ewD;M`F}Y1P9<)$rirdH@Of
zo+Vu0R9qPr?MLRqKHpIBNnK^iYjDC7{xPX>JiZ^Hmx$@r<pcNk`+%hG&#=ZDo`D_x
zX)J*S1WF~-%xGs<$dgJt!pIt#Xx13yMu;nACiQxuA>5zzDV)>NUl3{F!RP2exORl_
zA(+*xVBDlZpqwDC{N=~Cpz(_9OUtw%+V06nntds4&g2UUV>0wt+5~iAJ`RS0Ic(~5
zrY8p3uyHBOX<%^@L@&ch9=`d`r>O?hv;i}X2lphKY(Gy`S4D#0P)whC$<jc871<Kj
zh{X`2LSa}<V5AK>mIkQYATdaAJ3I=!1K$jRYCofv&2&=Ig~PVAV1&}8IW|(@e#WBA
zcaKdmk8#Gp*!7kB1zK<9p^al4nw@r7Ct_vG#34WvpdK3E6M<xrCksNIaLc+@{dqN5
zChaPLXkwSkM*s10$EGBKJjp49@HSLs7&~mi9R8YfWGU_&oGy85o)|U#EbswzQ)X$}
zsGY6)tbc|6c3qyNW6rO#in%x{3;@@ME{R={19~qp+V^UZsx)+~+c~&Br?sc<p@&C&
z>0A9QOMy*t9jGowg?f|z1$3NR`&F7;#?#5e-(A`KGEiPxMp#n+blG*!?3#oPXApne
z7fJ^MHX3gMMWQix`B(PpwO<QI<X5)AUquw8L?(1`b4|1Op)Nrl233w+RNtuTjT|pI
z#l!x%+|-3C+@$Cu6J30w<a6t;4ePCaw5Ctdf@f64DhxuJUNVP)+{>%=8BF(OM$=Fl
z9!E^X6k5sEU-1qE;vdRkRTb1QT>7<*7%pY4qKWlg3bAmfyhy$-{jRp|K%{NvKs_7A
zDADj!X9+_f`I7!1{E-A>y<0zfitvy1DRMjK!KA|7q7b8crXIw4#bLn>BC=fG`zA0l
zwpd^Kfnwo9_Zg@BkFrP59JO_PU|9@cKT8rRhoMVGP0YApEBq+NCMjJm+DS^eJLGUG
ztJ=c4cGdGIO@Jhzi*sj#%zu|VISqIE?5W#Wso#L+4iSr8S95kTGYPo$LhuPxU1Q@>
z3E=%94;Vn@FgK%=dAIv2?!e(tb6co;xbliBx1rQ&@Jgf`#^EA1EIc(x^>=aAS)U0^
zG~Eb)^@>1A8q3iN6}Ab)QTGdHlTV?HbB6bs#rI(&FDj>y%6GN6FMycBP7wI6`A^WP
zdcV!JEin0=p!2;odiq94EP%|6{}QGXN2$MZr_ny1SIJKhyDe2SUW7*KCkX$s0K5&+
z&FGDm$oc#e%m03%f;}NmW#?{nZI=L9pp!pfka~ge1dY;rifELc_{_4>F4zamg~RxT
zUf_aReDxHub)!l?yH1agdmHx-zBV7&9;)Q^Ug+x{zy%pw;Lzso(T09Jv7`u|o(k#s
zG|mqRki#^C0U;U_KWRVt(Qsd*L`b8jUG${ur!ezPs(%80acYwnj8WUgD&jvAXBm+~
z=MDk_mCDK~sOqGuXBF4esKv6jX3VRIgif5mvWXtf-k;yN*g3WZ<lo-k6;B(oX5thG
z+hsR8513sydKm1XAUqhs)UM^OP#ZhoK=2ezNEgTVT?(BDyLXYEa0UYf1rtQ*r5aN!
z<DovMSti(q22dCY8@)4nBR$5tJ&iy)rxB~BHJ+e9zZ(#ockCONaHn`*g0Zkz;owcV
zeY8SOAmMqkL9Rvp5s@RF)a{sK)a**9i+1f~NeSV+!q{W_U5;&DMI)WF-VBgI%wl;c
zyF9iymxA=nmF4a6y+uA)BeEjwrRSDI?2CbcKAFu%stE)o%Mb)75^{fn;rc#m=!|4z
zO+}u4;bq_%a6Aq_6Z1<^aaEuwB0Ns9#q?epZ6U2T#%R#=^WMzi@)qt(x@WBQ;`Rn3
zBEP~!Q1U;+<DPHmnpyFBgF&iqeu|Ep38*JBifszIX>iS`4X42PdRNDV!ZR4(uA|jE
z=XSWV1wLs*x09LY8J>~r0eh<vow3YpidGECwR{*+O!m(O5rPce81H-E&=X@+WcddJ
zSncgj#p+*!s=yK7ggOv2IfR+2?k7S39cx(GTrHi6WxMP*bqV%!%EXYyl#X~B_CI3m
zopBPlmTIVY!RL0_DTdWizwwrwK0b}T^?!h4#zd0jbsd2kTZ$UrhNTYWLC|)6qvcxy
zLt_zrbhdj4yXlG!x4jY!5;R`kK%WQh6}bZ1_aE<wj21y0ay&+h8p6!p-G72<a|m&&
z&pq&B2(7g9i;Q`V;H5FNtHrgz@!9of3v2bV4^j1Jjcr!=m#w+wyx|R2=oOQ58KcYf
zx(h*K)RxPXT6yKPb*Oui4`KBcwO<!$H_eWvY{IP4?CPCNBkL;^dctHHMKxWpY?diK
z#57%207zE}O*OYrzy~k7xT6i=taZxAGAI_OJ7v;T`&L4M7FA#IkCO7K{%nOr@Ym=r
zq%cdSsgGn@H%tIv;Y4LdP~qFgg%n*%ALiuW!h{s9(vT38>~n!bb)#Y+-ocml84%jE
zMO{xR3#*`o4#5#)=kQc6kn|Z4v4bGNJ+7~oS!~h<1b{KNg{98`I?-SB)qkT8nM6gn
z2E6-d6huZ$z74>a9g_?0WGncDpm7oJzy!aGEj-uympC7$)6yU!G6d-dG%g|t5=O4S
zvq6g5G7th2jiVChYGsqsZK4wUrE`v>K~w@0QuR9s4uAxJmp9kPU#DtKr&#Icconf*
zzQc{Kid>&_1c=JNg#Gf}x_V%+f@rG|LH%VN7MK?vV5t0O{ju^ml`Zdu6$lKjmrdXu
zjG-!30<#8m^I`1I54wu(8arXX{<K5fWU@Mp!YNkBTIiE>>5-I`ZVa@=DGwa;3z7Ir
zng4eULPgGNqo%RyBO&Oc%H?E~+mD4S@Hj3q2@BxoH|#(p^zltTjWlG$@Vu?4VS<J{
zcyIKT*7#$RF&*+mFRYr2VG7%z@YsUMN#ya-SuT}bXh?984%ZFZdq^e3#1Z*cZmn<B
zb7Q;R=<#}xI_p2F(Y1d`>emH<<iRhhg*37SgayK2f_}5O?`k>|z_DJ8pst}-^}QDZ
zUM^$nBR<OSl|f!F(D{Sh+9j`RH*3^C4f_Ay`_X^C@j;%;?SC}Uu7Dgek-vP|+9hG@
zCOpvlAC1I6J>7?!sC8flSQ}UH|6kL?3m~2lo~wNzQp_uQyC#|>E5W$*?z^98aYsdz
zitVk^?GA^bC{kxa2=&D#=n?KHK!;-F3JLV02fb%mD^x$2cQ)9-4_8+RtN*Q~Lq{bP
z=+j1_EK0|R0gUSi(cKKgBAN2}tGn_ng!)DRm>d`6@7t?G19iUHBIAiUM(dc{BGdFX
zSG(<Jf9&CYP)KKG+9pc(Z*$y78sR!}Xp;e2SD1Z0#$|3GFyts-oMe<8NO<P|4H35~
zAkXWcy$W_e`>w!NuWyk1VTO$hHUW$!(Z|XK>z*=(n|uj3)`h${g>0(VN6!Ttne+?m
z(*sW4Ub-(M7Z+?DmZh-?pPz$*Ch#ALJSKE(1Ni!LJXOpSAu9o{13W)6Hi-k3EI*W%
z6j6q$W1#eEgyA;maXZ5~aXV&4SnQm9du~p;z@+Qfu{NdlGQ@vb)(C?i=Cs5t`pY@r
zI3@YlHri!Bvlf5Lu<aPLRs8*;6DQD(aubb@39u??u~c+HUC*on#90@VVJkVXSN_$=
zGP`kMQ6lDq=RyN4E;`Nr0fEYED+VG~_K~b88qeKZ(pv;Je`K9KA@6i+zeV<X+F;=M
zM4WH5pWiy4{Rtqs8fiMO)(CD9*v4DAZ&TT?c<bA0|4emKcAqiW%mPirecz_&$UMzy
z9M*W=($hC!pJ)qz_Qc=@GPaX?KsbBSvDvQ}cLnfuk{sr}4ei$Pjju<-Tw(9|S-LkX
z<Z&9;o6gIRdpx}r20SaFo##6?fT=f(KCj&3>UMdqUmET^%5pWH^CtHOx4go@0<-ma
zMmrqZ&YOAw9eZE87hC|#ehu(=Sn+$(;m%yW&3dq1zo(QtiF$tC&kjjkvxdKmfNmUt
zmnHP1ROG7b{6gYAjJUT0rMIJyHJI{Y!3>%*!d055kdohac*YDIe_xG2EJUOPxvnW5
z09{x-5I)EEMUt7>`4C@uI2u&tq7Z6cazPp9T*DU+$E4JK+pLgz86S~;)WsV1aQuU@
z%YWY8iKqp*CUVujLalkD-zMU7CA602=W_;Z85cjY#tf4HyE$K873??>Nwjt!nd=3Q
zi5D9{@dMN^Jw85X+@y`J;}?6P78^PuzWl0whHW%HS1zMqfB?X>e})2<+`{_}YSZfe
zGxSeHtqct(C9stad!H{CjQRXv<%31%9s=AiHuzT#0kHXvu5Mgg*Ao_oE`MxI@!yww
zMZ#mP^TCaYTpgO9&}2j5H(BB>$<?U`HwK#a1gcF+SrK-ByLV;WdLWO^;MtC~MgWm3
z@ivXIslk;Z&BJLb#5-d?n?#=?h7wP_Jr9uHt!|=!Yl(kT?Dy)rf%#qb3psuJ0wzo3
zcH9LlIWT$e539l03R^<@t2D#wQLXWFkp6JT)$e4ctBy;n7~C4+IS1-X&}XLS%1y(D
zr#kF=3!B&ZO>gbj`Q;ZLkMf|(*^4^7cGd2A^FQBYbxRK|*geY&Drc|izO}0k&znDf
zqt`7xwW#wfudkfFt6OSUZK#|*wQzd+whEA?vw4P@9rdM;y1{QwkGk6B8-CH(^Ha~2
z-EYm$mF=pt^Cf@2spys-S*UoH^EGgepN=}XU$3nFKOyf|*7zG-#!pur-2WeuPbnXo
zuDv#4QtFuV6!!@zv9;bpQpBP5(kazWQ!V0<aUozB<VKStp!+VMLClkAA0569-l|{6
z3syPU$Cm0r`Z7M3J#wzE6k#-Si~n9fdl7as653u?zHLiUx}}ygv{&JCPhl=(Zz5_-
zt-w1;@7pmya2ZUVN@eO{$hWefMP({vhmdhWcLrGNq9R9<Ve#b3Z0)r<Z<6PXY?Hfg
z59;va6qt7p7rN$u4ec(7Zw6f67Od1GXH(os?hPh+2!|<qtQ)3BWkFNV1d^Dr{gN);
zy@#8W^2#<@qVT`TVQUR#(hoCtV><7`59Fio=;x*KH15MVxYCm|fuJE+&_W3;-PKRn
z&sW5l&FyespzecNUf{-M(oJc;<htSX$}GEe-AW<i%OTyv!A`d2oDZcl*sKcR?(21R
zw3P`@3`sWBsu*IR+ph3ixrp?AI#>$f;lkKy=Fw#zo@W-2A4G*65n{krcR9u(D*N*L
zl6l11s&63Q2+abxPZ)q{?`rZHL=8Z$*amHmF*B@0cq?^NF&b_<Wp|D|8wUKCtb<e;
zQ||l~n3jm%j-^&R?YVWmWw)Iw!N(Q$Z1%KgWA6*cJj>`|W51-LQ<}x2lgx1ol~nQl
zYoPsR<P5xx)UCU=CfcEO0D2MviuKZqPYcW8ni)6djY3iPKshpB;Hf+gVR>V!osPVY
zfpy6!D9GKkz}<j^Vw?1*nV$_ItZ_P`sE=*b;2e~tKve825sAq|?`{bCvaq-=hC@}N
zIG1tV$H^RwZ|L5KAJn&jP%^_6HCLv73jGWQokslmNqwFN5}YR=29qQ--0fI}XUbI`
zUPge0sxjMRd(^AcpG7deO^@iAKK=dlwhr6Uja+mcVM77OTJp|)&IMl|K_d(dIf2kf
zOcGk-?PcPtL}G!7M`tb~EILgk8w7*YmAlI5w^r)n%8KES>pQnK37%Jh@k*rIy)}YI
zY>!i93TfY7+`9I`eP6r~?FK$*Jxjm`A5nbaLx=gaG^=<gCX!lZMl6CBuM|Vbf+u$n
zU<dILN&bT37P$AD`lT?O6A%zr84)Z7Nx2GYPiW#c7+Y!<4G<m5={$00F=lVacDJ4@
zru?!PKz)TgoAzbe#LnH-4IyUh%+f6t!=$hSc0o*YY3eKPWAE<^#Pu5p$!Kb{A6qlx
zZ-4=sWmk<_LKpB)GLY9ll3n8RGwb?tjum$MtTQz3do|J$75aEnEE&7I_iIAw$<Iyb
z+fNaXN&bB*8Jb`Ck*=3!bYBoh*wKg1g{r+`3L}KEEfFZTyLk3~uQ(Fiv8&7Quj9r{
z+#-q`4`22yifCKLh*oDN7P172pKwN!tl0)|oO!?Y>mGbvbo8Fi>X;}5AKWuK7BAQg
zzc^=gB$TFqPW;azXmf92$4-;~?<LW*yrfd)wyxygYazRC>7K=`M|o<c%5~jQyXxwE
z$<sF{-O@7)_Wzr;ICDDO^mfaw&DDf4bGdZ??x?BlhjrzDopiId$y`p`zuRkS`|px1
z`*&weZSL0RnalrO($m%YQ|5B;{@rHNf0-=YzdLO5{9&Dyx%^)y-K=#pmy`DIcAGr^
zyJW-u-D#7jyY+hJ^8bN+@qTrZ59tijbRl-LeT2|G4Ahhmeq<k-PI8RCZJS?r7*Uhb
za3rkfPoSR9K0*C+D>GU7cI*~q?N^G39JQ)0kuySbUVvnSIYqL1x(}m!vKsu7V?X&)
z2qf~3=tt~hKtqzBIFtkK;EkKXG@AlyO$U%e%^Ou~508B>1ufzz2+qfddp3f<`cKVa
z<~^RtsmcWhMl1HuiR8k1G#r1t9~zfSLy;Hz^X%5ehio;;EuY877bH<@M^3}1Yz-$d
z_;45nugPev%r-8P<4TyVCn2^%{Vt5znLv#BduRx)1Jvp{v^>Vy(p)i??!tQss<>sM
zY7aw|1xp@_I^ze(L}ye1O$G|Iy>`D&GJ|)Aqk*>`UDjuvCOXt&CMY!wCw2-t4#s-{
zj3*LC)*izm%qG^?`}h`bxcP#v6TpkJ;gXfZRGa#N-A7jPoihn<+yknhyxKGTdv2bx
z)HR7Qz8m&D!yl6u`#Bo+co9EuOvG&8VOYH(ppzrPMi6W#bYU9KJ@?G9<uE;g=+=wo
zJhc!r4dA7D9e;xJ#ZLiGSs01V(zIW^GDD1(agM=XaH~DK|45mWv;lsLC<J6&4e}!b
zZV~ZH*3Dpej`!c0N8{TMBoh_;d=8(35?V4#z=~exNEPLbuD>PGK7M87V~rjSo+aMy
zieRR?*~kf5>8Xmurlalt_2CM#0dQdw?Zdc5tZP09m4zUx%8#7hK)g@Om5R*G7=-`6
zMuoULbbdL5n6D6)Rp?w6SN5elgGsEhqK>+D=MVzH_T&3O*Q{yuOyWTkzze%{$m`;#
zOsns5<M%1>RcJq3rq&4W{d1bS65P^{S}W4@ICtS;Q>l)F=NiRK6%1|${Rn~{_-4B)
zwJ0s93?Qc=(><2Hs{!xd-L1GbxiEr-`bQ)+Zg=^Ys`_lmYZU8IL+C!k%NOmwan6Fi
zEO~WUr!*vAgSNjOxKT4U1Uz5emi0`$3OXZ6m#7HG&9TO;?a-?B?d(DYZ~EkzX<+0@
z4M4iKGJM;8PUJ}PYzRuVXb|_}^IP>&ikc|9bF<Bcp+1MA=l){CRQX|tIpdw|!@K)1
z;jwntjT};{#Yz;LG>E}obu-FJ#vav5AJifyYJQ{<2=Dy?(<H@1BHYLaT)?DbNMl(S
zbys1Mf}7>V(4JCB%WFk@h{q41__)AwG4*+G9)<>jS_XL9{ca)r`7$%rXgw+r`NO^b
z-FQrlM(}C~Cx#IbLtE<7&~z4u*O5cooMwCSUo~`WKWkpfn`6s%rkTzQ%Hoq*i?R%e
z?j2hpOLgpM!d$7n6Ptmhovt@OkfC;c!tn~9TU^U^Jf4!v8)#T6z;KcGq}muB>dY4y
zZi8K}tJPkZBNCI4&&_k6oNPNd_~Lj&&hrBm6IWt#(!XecD=aEg^zSI>Z&woN5{dSL
zR3|6n{=<q!$Pe&{^=IdO$=!Zt4s&ySul;r{Tx~shZzQ$4(q>o<m9sTjk3C{lGKFr)
zQhB|VT3s|+!xw#qb%JeK0H4W6Ybz}msI^Q?qT^FB1Pw}sh9KZjxt`s?WY;fltQcGZ
zj8RpNQ6-5>o@E}CC&5_Q#t5G!Xt7!M;&Y~<sTp0TpcOzr+Y{;6ZORBi7>$<M&w!0v
zL0Z&;c@jUFnbV*6F0+ZaNU+o2INQ@ekDyIu3sI9b9{fQzxkF!@eH7L=Bjth{k4w-)
zvv<=fWz}5`&3bZ~CGEb#!@z3Ea;@d3-A%n2{ebRIy^H#ba-u)(0bR>1g}|_(RoBg0
zLV(0Yy&2{&e6q8}<y^Mg`jNvnTKLKXD_?vix$_}VeSy`v_7_(%oA5b5?6v^+oBEMG
zfMNc?Dy0kNPiQ$|7fh;c<Qi6a;EhQSzq_VtO`vM+-=Defuh6JgIhdAN0de%Tey4G^
zz(|!Rnq2*aRQ&`(y?oy!*0-*^FI<blv<m|8AWgIP%lqi~^RC;V&IHSx-N-Dsf6D=I
zRh|Nu`iSL5i1aqk<T(F3Doa%T#E<GgXH0g{yY+aMKyH_|gYM2ZB8)3**+tT&d6P-`
z*|FsPEcRz-?MuJj-NuF9Mr-FGS*7RpYDtv5?2<ozVmoWevBf?^k@c81`(mw(9Be_B
zBxm8Jk2mxh!83|b8l-+*c(X9UC2w8+@RmwBELV|fMG8`GT!$%AxZP7%{-!lWC>-g%
zb%R8k6nps<Se)mnSjUjT4X(YMgvy>&^^dU2HSmmcv9zVQQpA`@iCv>wZzD<YthAfu
z;f%N4Xqq~S`#zkXj(@{=>DDmQP>_m`vw8XV*Jrz=A$N6|d2D@2-4r5WW!*;Pf+&|P
z#$<FdN^jNEIcR2PuY}VM95DGf!HXi;Ghov=SM93h|HCxq`%P%!O`sAMbuYY41t@|(
za$+w7Q6m>BD3QH;0ejeO6`i5%$AR1-L+f($FK?*3Qi6)Bh7fh_-Gp4#%hfIMXeGxy
z3F_ABYd`O($V|<bm)hz$yOo2c()EQwF6*0>S(_6h0?r?2Tb#};QTY7#yPVDf)z&vu
zV!RIL2MEex&0;sj*kP78E4}|_Jo*=-%QZeP{C(AA-bxQ(Zu<mC5}pn|-Q5|2d6(ku
z@9wris`;Z-MwP|{r(eopGy>p%xYroqA+r;+-rSL=NAsTcd;2%Ri05#ac(}Pwl?bll
z*b%^e<}#319SF0x{nE$25NA7gUi+z|n!TL+iFq6E<Vz{cm!pt!LYm|A)6@O{wOY{m
z;c36Tr3^>gOY%h+kh4wLM7_tQ2DDlG%fSU-C=rE62sg*oyxgN8q-B|^?B0}MW%c&z
z>=gTN8+K-$H((IDZg+O}!|mR=uWR)~u&n(39VeDcgJPL~E+8>CJh^Ixac3Qz(|rPA
z9K0czCuzGOV%O!v_<)35X56ILiA~@KWs$;w!?gX;59(7G;``@5p20|AM2S8Ut_gD?
z3$uV>SXcwr<Hwd@UT9bW3~ZzaKM~t(MRG1wi7mMIKn}-^&fqOS2-ZvzuByaMfH?b0
z?5UR6So%+|NF~^zbor`=(|2QEAa(i9DFG2MaLBc5<e2v`g&UpUG!+<$!jwTQ6+&%A
zbv#a6e>H=^9+y6$wyJNa?vyw);Y%3;v3d%OM;AvuoO4)6m2%`O{y%b5Vyq(?DQ>}L
zB|0;kv!MZ|Um1y)cD{lHs@bjFoJcouXA#R`<f{V!{7eYvBhfyJBJ4UHFC{Mni~e1Z
zF&OBoA|8&0XsR-PtHq7XWoZ;ko1`*e#S66T;e0maFtl0|_vq>}DH~l5VdPqfsB^==
zgn><~=CC1a-_T>7+q3Giq2tI?tYx+ME8Z*?&ao|||Nj}sCa~-?#mR_FwyVO8OdAk?
z?lWN(1|wBo(Fkcq_s5ZbwUQk+4J&Dt(#Pc7F1o5;E^Wk>NNCVi+&%q%vrMS6R^Ju|
z6xX4#(bVY$e4wvrdU?#m6V#~t>}dg^j|uZAge9$QzfI=s(1ft!7<g~k%F!q>k=i_J
zvF`eYL@F0{vl`(o@B`!bB6^i+(U5bKi=clnv7VJhg{<G^T#)8dKoZs7PaCl~@^|^o
zKKHdvuPVXr9^y6AWy2ykUT*HRPL?Qy*(bD9D`#p%xyb7UD(Wc+%Jh|CN_xlyE(`DF
zj8U$*Dyj}H(%N81g$7)%J`4&Cem735&((azZ|KbxrY01jW~tz-3&w%fuEz?VA>FX<
z!d*c=<jYN8<yL~79$P_7luZjBBk1MpFE#9Akrs;)MoIcD+LK^!!_XWKzdY1p#x||X
zRFS{*0yj???Xg>G`;}T=y<s3rESzTG$(W7=EwMrc7b>Ys%QQ5=ZCErg!k+iJ#;cuq
z6a|AN#^64tI)=Dd6t@&3jnyT7c9XwjzvVVLxBZLA!pW-US1M2CT!MbY<HkI20Y>@s
zf}*~17>%WrKFlf18vz3Tjx9fCZA2dUeW;8)4E=UdmHyG9$m$Rmjiup_fBHf(GsVDW
zsIm}mkb%3c9cfU;ipCmQR26ynj~qv$+5}4!!t#QSkn{sGLYh7Lc#XUVm1UKpy!kup
zJs?=gRt?Q4+`EkF5|x;-L+>ZEg|uverJ_y5nrl}LgRLX1iE4f%7eg$Q&QtJuQF_bQ
zH4SF^b5IaL#TkTT(;))f9;Rk_O_NwOsUe?X3ikcvMVAHFV4~9?jlk>KXLzaf9x^vc
z6__MU=h1ASdUR1)Rxdu_CIT)&2|*ZQrP*Aet0&9k?K#r>9X+uaVO%3Z<UH0&`v>0T
zYmYz0U>=R-4`Hh4WXl1kKS-tV@Qk6EcoPO?g_f0^6{bDXoEJ^T4MmAsr20e~`}pzD
zKNN$E!mj-Ocx{fo5|bfKML}jpA6DZto;O^e+T%W=v#gC2il`#spc?%Ab1&-&5_=$n
z{|#kuL>na9>~r@9pERbHV~Z*Zj-$)alwl%Zh=68f%ONwtCNU&Rw@ZY>`B7ujnS?yn
z=fcp~xCIhYUr1$es(lW9u@9$#AQ7k~9y+RwUp<tQN17FSOrqY9$qxoX3E=Z4sS(^M
zm6u}j?-PAGL>1u+tOnwjG1BO-0u7GdaE!xX8W*dx;3(m5=@~I%Bi-XpdvckCG6QIE
z?@z&dI=1l<_r2AIz=v$cn({lMg(jp!Y<cTD>Q+V&yD_C(kC}d_il~D{Hs^c*E&)uR
z5YoEEvy>Tws@efw5wYF(qsOBd5FHI&a7G<p*n~XE0_(jEPdW204#eoz%?RSURk8)|
z-u*g5+kI6StGb6f4~JxMGCWEY={=Es>*F~Q-h6K&lT}63Jbn$0+q~BQvB`Ahp|NoN
zK+?4*GTQwiGD_a^1HM-t*>>ZloqWS|tlq+dkIY`boP?kL_V$`r-Zs7kV*OwCz(|zx
zzb7bG8xJa3PJy#iP9C)O?mpNxE_+Ky55w=Nig@e4wyQn!zTH1YMg{zxCK!-w?2nA*
zJrVaZz|XD1PqB^0|Mczes%g6P(Anae{<2<y)$>zPlxhjMf4l3Lnt7e)ET*tI$Ff*o
zi>C^HS(k#p>rkwf+eHAHo>xwU#V4DG{*yQ7)v-12uC7;as(-aMF=ty<_qw)KZ_9NV
zZEt@5FY9a!fhR9Ebby@YfP{fx(e{EeBgULv<`TF28w~8z+aZMMdB;ZfF57^z!@?6T
zw#^$pXKdSB<mju7@t+U)WM;?IW)y;p7FAa%r1%`-IUiDix&@Ya0Wk#lY>Zr%3$<H$
ziC!pSviZ0imc+96O+s;Y_xKzrT~<KRy~Qf#Fee2>K&)ElOuxI2sw@N8KQRlOU3_-N
zzvMtkf4IvXN0&hn8c}OJTlKf~E1unwqchg(hA#;IORRwZLv+Ja<_*A8x(CV8wQbn?
z9Tq3?R>uP&MzN}lE(X+__QB{f<pdgmF-`4NM=-ksG&5dkt$<9KzgQ(m9Sjes>D@C!
zjZf$@eR8!ZSCOaC%KqdmXV7tq7XwN`o6yrDcA!Kc$>6_<c0gj|`MPHc5gC+h&|(WI
zz?!nYJTPP}%bGq(4Dy(PwvqioH8SQHZ~(*UX+V-Tvz#>0xHT%Xq1#womkJ-cGYdMi
zY^aULFPu%r9i(bD`=>$YhNd#Otq_tH2FLyCUaGCWy?M7BGg5#np|R8&OuP-Q5bk^s
ztX2aP#^GKQTWTDFC(wB%EwS=5M4gGr#I6)*gnp{k&mHj!Dd`=N#p>aecyKD;biduI
zwRycVt~%FdY1o~={w9ir?8mW7c>Mf^c!uKDR}>j+diD8j-}_qSi|z5I)@S?Q$lba@
zd5ArZ)!HNi_}To&o8B+cZ*T3lmDfu<q@{nTTtl}$Nr?ohk)iFvOdqm0eu;NjV;+tU
z9wh2}?ZaM`aYMbhs)?{!YC6ttng&_3SZy}XBUH*H*IVKkIx|mg0wI%u9wD|J)ET=)
z9zk&>kMPn7J!(?8-rJZN?W~7N^^mbvP}U~9yo&)7ocv(M(2G4<FqISG$`AMQtal7E
z(N6`4N?8Kg^g-?U*kqKemBZyf^Xbmm{|5b*FyMY?3CTR_;_TRHY~JC(kV>g?HX0!c
zCrPRjDC^XQyVQ<hWZoEBMvNHOCmxy%wdJ+O&twst=+IMQm)I_S$vjuM=sdtqfNQKu
zOJ$x*cWwvry6)h2e$YsLZ*l3_jX2_mEpzmoomP1XUx3v95hWPOSzx1Yv*pdG_0nrS
z443<W(6Two*X5C-j9&)l_rb?)v(Ny2x4=Ye0S0;*#*BMpTHWaf#vvZqBPyLkZrfB#
zrPt&u3yc(+XGx!LME3G_8x&d;VQLKc#_#&=b=Y<~MYDw-_%jDFxM<zn5m>GeDcx~Z
z@mqzPCDp0lE7|g}2jd@_MliGER>LZLp&&T<_GBQ?wThqJp?6ZycJGNqMA`(OI^G|H
z_OL$5t5?pXeGS15bFKg^yrt4<&&j^T{mNi2ZS12MTkA|^Hm2SC?1_w9SIYEeGG!hs
zh)+NOFcy*TTV17Tm>1#LoqQrF+`;d&@aa~f?UZf)O`-041{EOH-+{6%j`hY#EcSY9
z5?|(~jjaLQR%k8}V?f~}oLVB${ZG@@feSn|=evQZYg1VDh=_g~?XQWPsQO-<T;PX5
z>h7M)0QRT7?ZXtvnoZ>RLeI}Os8AMcZ409isQyatp7H7W3lpX;(ioFT!GhKbED()k
z@daH4Qm#}l5vZ_!V9cBQcVb9Rw)KLKLcB&$3_`DN{*L+l-*2V3e#Al@v%)+%@k)sd
zA(||jmRs)_#r}|R&5*4iwK(jD`yPj%>M@C9dxKkRxAFaekuK5%%p7cu=9j`k9Lrk)
z^Cwm2aEUoVW!2PR)x&nt(4>h(WATg<90!sHk0@|VHq(Uy8&@L1w!!R9!Gd-Xv`mGM
zQU1nDW@(stq{C&jBF`ly!F!|6>ID&9;W2F>WuEczAM6zfP5Nj?YlPUav)bwML1};d
zcGJ+15XUTyh^RkSL(hMCKuv%71ur>ugFX*#sgv5|gM+^Y@$}XaB!IP|h#WUZjx8DA
zoFUKBywsXQQ=cmQbvs|qgX4l4S)&zyeL}Kh#qk|Dkh5P|TaY~SFgPa3!8p4K*~Q0x
zVr@h?nY$D`lEdK*jTfQcAjv1d+j-YDW_nsTQTy1V>X{=6g<c@9j$()T3z5vRO`Z%)
zVp38$117?s#fi_gh!;qp4$f2zpP)&F^hTCS`NhmX_o1>M7KZnu+63Igp|t$z6)x+9
z_9oVKfY@~V4cwlQp(Nl@I{=RyMDpo+2WPdby(5701qK`3E1?s5B?EQXMS;h9%4V#k
za>Fj5O=k|<&c01TmaU6vr647`V&>#Cn?0qdC}0auk89g=i%2U%ldoUq*%wKl!$1IE
z$CUGv7^GQijQ(RwOC5c!=jun1m_~{IRxYC?T?n1-Ub!mQszoKnS#HGO2jo3S7(r~M
z88MrYWWx&_veKW+%TmxQoa0v92Ji57Jd4{e{hk)1yp@J+(dOJ}c2FD<T>EILcIp@k
zeN0>Zg>{ZSUp@SsVFI6XxL}^~Eyw~5EaX>(NYuh;c3@%HE;tV`?0*p;JalxS@#bSF
zb?VwG415|Y_60Sz3P*_;;<*M1k$4B)&2+AB6vxnR9`q7n*yk4sTmPH&a>Rl6h;Y-1
zqbcJb)_$_>V8~aSDz;|v$@jeF^B#Fcf2=A8<0}ZK(;;8|fcLR*L3lt!MsO?drru!W
zqS|q_)Ks|$@DpBBjbE2i{J#1ve!ZNKl-Gx<V-wO>SqH?I`)u7kd>mjJzi#!zE#o5W
zN|TDRV;47e9#`UVH7IEw{+_Bs^ZJTs6K~grR!7I%AYolf-z~#7@+!@x)e!=vO5*VY
zzunMrfLhG@kP>-S#|BBqa>$h?HC-iZ)K$v|#!B=vMX&Btgu+(2MzKeFYsG({3BQRK
zZoCKbkE>GE3wKSftFBS`kNKv@OZmORyiIUG6RPhpeK-LBcx%;*l><}TuHkqlW5_=H
zjdJooI94aKHl~9lTdrx4eh@Za`<k*q#S_8_WT-!FMs}6w%8!7vCC+86TxuNx48{U=
za$9ne4y+Fn_}lq(S?U8*36L}VY#rB(2ndn2F(j!!G81azk&C@@bA@w1pd)&No4!QZ
z5bStAIw;gWLX9<xFJQR@CXQpsT)Cq$XdUV>^%iyUNc3NGc{81Ob6_xiT&`fKZb-*B
z9<uv66ZFHDW!_MAu%29zWeq3y{Zl<T%pa^r7`i+7oXy?@oAB9?b|WnEFq%(5L~SRN
z?0liHZ`V%T%!DJ`i-x?OuwRCpyKfQ54ziTXTpUKe_648LvOGSV0dXMt_DUL=_Jcqx
zJ*2>9mw8nQoULg5ik=dw-rNs{6gWev&k8$(oQbxUd4l85eHFjfR$F~#HZ8m(?5l7(
zK+5kmq&(Ua2&}h3?}maZGaI`=o0IbULP;TzH)oNQ2xGVC5ERJoW(%irN|k*yj?mZX
z;Nq21JV~wjJZWJQiv7)FIA5VfA_|6YpP<Ia%!{8SJtbqXCxbweRl~_?uA{@rptK{1
ziG*Fck9ON_Hw6+|v*!94r23Y1&Rlg*2D1(WQGMC$l=_n*K?GHhIV{KtwEBn2n1ofn
zE*XFsLwVS|p4LISw1bK1jd+n+GoDaNQD3N91ft~E1fWaSh``g)vLM$Oaxl`eMAaDH
zQSq8Y*FXtu8~2y#sFG{>oh0|dhcgz{h)~l|?_nATD}7Zu0J3M)bblbIw07X)hkNfJ
z#xF@F0g5P+54?YHDV6`WUM}$cDV3`6u0WLAV=4wV;~BjO`ZdRJd6fz%YnYxx9g+A=
zw&x^E{gffUs`RtrYac}lX)TuRBN(vhtRRCgM7Q5jP{%Ua$RB`sZ2m}7v{$i<P)$vQ
zJfhDjE5QQkM_$aHx5Y!SKH-pDB1ks(guoIGLK^#xy$&C0$694Aq*BI*vwjpES$}t|
z*<3jog}by5Kku}3J^(}7+9cY89jLv?xs!=h+zXm>rV7-=tM=GFC?$myRWf>i((f-<
zQ*RcJ&}(v60c0)>!_Ak{C%b{6b?Jf_--?`w$Wv?%=M-j*5<g@ZLy%>{$+z$De<spr
zlbSz`oUj=YFGelHpAQQ!Qm{Onoi_@@%YV8OH|v|E3Oq)TBV*e(i$6PxoCwfll1lik
z9{bP}toQ?jJ(!_I?qVOiGAL#bn>2tZ&~%B+5F0_pxz<JT({874`AHNFX~oq&OVTeE
z|9k`Ov2P@j+9&^PhxB6@yoIN10o8vvc^gGpqE=jClO(~D|6qYQtS#qv%gy<OEKMAJ
zFl!RrOaHXDVZKDxfvj!BObN=5p6*l~JLM_-RbCX*F*EEgRc}RXRc|`FELA>Xu;hxU
zP33H0m6_*LK>@xEV&&##6*yB6T4N<%Rk%~gGf&Q{w{0jQJU(VB78qojlk4gLYZYe3
zMbtmf|3H7RW@jp0`T<*h1XXY*!phUFr_yk2uX=+BFnGGt@@x{8n>R*m)#kD~tFjB#
zmFT<50S|e<&EB7uANZ8Z8`phTa{}0rRqL1=Zl<w0N}DlL$OxxZf%w%(HBFwtsOquX
ze*bW^B%y{aWOM&z=sr&m7X7(4<AbHT71cpR4w3++{T#UN?1v{#^)X_67)s-y+-<C|
z&)!ru_sA<}@3M?d;a$?bKK)8Hb5U8L4f9#78DbtM?Pr$E_S_CPtcagFJn`<sUYnS;
zv3iaiqy6SR_QrWiHGSnj+G_nc3b9%q&l-#kd+jWhmUbBvg0Ld!4+;uFwZx`FI0=L1
zgsa$xw^<D>AE9nlqa!6VkVA8Z%b-85j}J*c+rdjBKnVW*j6J_~_WAAo^)941HP@{!
z)9N6MN%c&a3qPXuPMhA^HC<mvnHfgPPwajN-<!OTe<g)S!@qG@Ub#FBVOuX@3+IHx
zu_U%FG8A$%ezMHEEZ}X55{tS%(+Kskspm8%=}pJxIuiLazg?9*N$LWdfq)!B_%{IL
z;H#_F(?rhe2a}8;s$U{)8`;WrHEqZV7lckF_U?o<1_Er>JSuIi$hVPVg(X6P2-;tY
z5zJ?b0}SxuTS3Y)g?>jRc)Nm4ZE`ASB869aSv)GV!!t#2esZ%zjyy9RU1iF+fsREH
zY7@oZG=lMVyG|WxP6?-qkqXYpC}_HhloOVZ6>x#~X{kx4Ak`5nG`H=$oXF9+C{||1
z$S4_1;O2=XTLT^&12415d-S!=l@N&ESEhDwDE)kyqg+SJg%NLG^+rg5Af*`Wr#Rqy
z5#&9RGjZgM9Dq$gfPm7=jjCg7OI6z}k0Knj1`P1<!{NRU7A~FUMt%LT*Zm^Q)eKbf
z^HZ8hF|HiMu%qHjaQK(#2S_IQ#RNNBDn6(K0yy}FVP1@g-^ot`mzxS^iVy6Jr=&9A
zN*Mk7$b8T@RA*d?&3V5nX)gE<tN`sEeuNI9fK^Vc&H20w3yp_c^5-9DUi|PKnE|?=
zcQc^q;X0g$cu`s}EDBo@i4g#ie|Y~T|F4l_oxf7eNzU-%e}RX&{&H!9zdY0tpRhQC
zE8YIbbimVF;As@N5?22{6lHV%@sFqj6;+_~x!&^*u~*(Lv0>EKURbzGVEv;`6~Qf9
zUhDBDC&R}}j5Bn_g+goatH--Va#pF$C~0-bgvXOa&o^)ft~4S8b8<^+39t)J!Z4)h
zykI%tnEpXbqzAGR!ND|ltg$c|3{?J!yDWIx+BlA<ExewJIu3*VY2dG#HzuKVzzO@H
zo_eNPzqTr{%UMryXr0Ak$o+@%De)W3?rTWWLIRJsXxNv~0M0DWSZ<nC&~Gk7PBq)t
z2;6<ZI`Z1d{pQeabh3vcnv`)(vCZY(+4Ff{8caX-={34wgm<D#31K`bV*7dWob?{W
zxAi<3!bAV@BI4Rq=CdwK)U^Z^hj-u2HO1z~eH2mU!}!bWmPghlW@El0yVr=V{b5i&
z3AI-{xz_e`EDhW}Xa#8JzJ~??%~{;zPrJ;|zguG7fPm+*<XX2tWe`d)a;hk*Tt=<N
z3UyqB1((y6!e2u3KZHA%Q!WO-Q||Z$bsRQ<Tn68*eW46+jWIJg&3hLA1-y-1D7UoG
z7tR%=yWr}8&p7uOcS$Ihp+}G0U>HD=&eN62C6{8f@=}a$NIk{Xk)6Tg*36R5!;Fx@
z;?@PAh}iub?jNEZT#UZ)avcwZK@`dv3<HM))_{$=rf#Bkr4gE+g)F;pT^1I7@D&&t
zW9hrIic#Ezg6SJEu6OAZ@b_F@Bu!h~Ip{=oewCXbM=-0LZO#I;ZnykF#5Qzrsni&J
zhHW^yhsx(1bOwNBSpGo13|)(w@1L#+eH1RCemFWo_jwe2#sw0(mPVM#4K^Po*Up#Q
zf4EqI$WDWI<NpF-2S6$SkRy;|pPgTD;wJeD-WN8i#UYW8>z_V2fK6qqqB+-jsGjO^
zIX(UC=g!c8+9`{Q!7HG}dV<xQX76p%r&3;%QZrhUQiZTblw1CksaOdgC8LfAj&Y!1
zK#@O-njy*;Rc3?fh&&0qVS_RXNb6P!o`)@Rg2G;2OU~%D{-12}SS?I<Jt(YPxa>{X
zZkS{QlR$AT7aA`^I~JP2j4)gY&^FOpaq>lkTpxd%GV>;8dW5@M;T9(rC{J-=u+h|>
z<&2jHsC~>weLjfcz#{B4TY1oR12Cg><id7y<GOr)4ucQ{ZDa99XN0Y*r$<QX7aD;1
zdHxw7lG!(!St9}Eb<KFz?tySJBHVuz8uU#L!fCtlU;@<)2OC>lXiQGhBcNyhAu0KC
z<Lpq*zsk6ZgSOXz_p)<jq4}%4U2Gc7Onl=;G{VsKId?Or0(qBt6kKQ!lT9pUVV{gc
zvbUncJYr+_VH1o&*0~4#7L=;~?s0F6RkS*q@iN%>=eHorCg1Zl{4QOL;?9nIi!>Ji
z#r<dqWKT(dzJ%&8UG@xSWk>1F$Qg76h*Q<HnB+b5(y3w$o{B5K?i9RIn2ZqM%P1q;
z!Qc|K2lK?r{z7wxG|HK1f)j|BdbvA3qfS`FNEVfM8I4cEt$gj#2S7Cj0c_@f+3E|}
zU4kgL@y2G%=oh#`)tB}6M%z|#QzO*4l&{Ok){^c*Bc}`Q^C?=vDR||9bgA&`hrnEC
z*|GP>&UmhUyk<KuOLAFWT|#8%^9VqE1fE+*!E|Rwwb_o;ButgAU9>KB^V%|?qOjSQ
zt>*XwSE;f07Q7#xVPGR$MIttHd;wqoNP_;u3E-qSF|fVRU9yBYjy1L${w&CoNq(>5
zX9RtgKcnWihnXnBB1FLUXH{kr<!xS9KCZt)&41@P`p?%hzXsHi79>frz?IkiN+%NX
zxVt28`UY^U_pa$>rf);^^S<}9ix)Hl4wdb_aCx@2ZS`mQY9|4w6=9zg13{2aDKpn2
z68Z+#XFiD;^$k-gck%SIqxeD{s_cXn(VPga7~{g#&$teAIq!pKsLMZ$$J}`|0UjqB
zuqH_IRTO1F(iUn9b@w@rcJ)lcu+wT%P8>|#MmpqKHG~D`Q;`1S`v8dq`?(S@!;8G%
z3WA@+Z@}rfIE|?TZ+|f-DgeW3{sC}$#ZjIjS$o|6t3Z9Q$hf4`mG=)Q{wf;<@@o&6
z(S^TeABw2fCtn7#srr+5UVhjl{abNjQW4>#xHb!0X1%jT_w2VSPL}hG6mx_B<)l4O
znc{X9s7xUX@FhA6mXO!@UV32?kdoA<?dxYvZDVftp%Z~mKbYW94(1TMA6^FVj#Cl-
zmJ80V6AZvv9gidUjW>w8<`_EwI<s9KeH3j|Y@`^WMrP_4C^Qk~GP~pMyaSQH<~l}a
zSf#7dt|qQ<2b<Hfsp5XVV>89igYiS35v0SP+egP1*rUUc1f$d&gFSW$0$A;jsGJQh
zFrurbi4P$smzxZXT=j)3njgIq3Z*}}Awd)5LnB%t3yMpOU6Wx{EnN60R@Mis04{5B
z7VlEkZHl*@meVDZe={wY9eIdk0*M~qJk|b~6h;xDC~xxNyMoTJ_YxjmA#1F2D>9j)
zU-L)$zQAn~fqs~Fu0&BLUFk8DLdHSX!@s{>1Jg=q;xdskCf^*sZ(z2;h1j!r9^kc%
zbf8Db;k37V`CRVFTff^Fm7kT@=#1M${>trF)3SzYP<~`8%Ej-U2eTz&Ehu%Y@eyBb
zYST0h8UodkiJlWIH3c$^iYU3)!GdD2lvqTxD86r+Y1b<lNwsd0sZXyA0{+@JeTR)b
zbMn9SHZkPxjZ1AlI?!&^wXfDEk5hkYY}D_#_`TV-@gb!IYHmgIFeRJ9FzOeX+PC*~
zIS6SBKZBe;Z&s6&=dAD4uBwQ$C9sz6AAUF{uY-|qv7M{_P5-EhwI;E`gZsJ&nTqg`
z>-sVg9uU0xlYD{^Qtr=(S%ngE;TYT@5uVhUsK-d8D*E#dGCJk?{UOfgGK-(8>;+}+
zpOVk`2KNzXyew3%Tq_W_=6rTSMW(a&XIvdlE=SR`H-1a2Up>V;D*lue2JQY0!R{^A
z`WYBo7ImtS0@+^LnuExtQ7OTl377nW!KP`eI=jnD*jmy6r0g(87_tAdkjTd>qcJ29
zna5r|x7;@yT1qpjqGoRFJ4W?!*tu)(7Y%6V6h1mjRa&~KT3{05B0l}x;-PbpZMVS4
zT6+80K{B&Mi*JscVmUlu{SRS#cZx50iPlWv=U^kcEyY~KrYc^kJJi_*9dhNFOv-*?
zr-=7-)GPPNRvB(2d1Kvs9Q5UT4oO@3v01<Q6^ExXYApWr6fCBRI-5WY+nlszU<t#2
zw7q_kD9`8r$iz9lmS-+<#K2*2V7M2r9(;E;OkVQ|t})R;<4^BmcHdfp=t?|#Gt&1c
zYIpE<R}Ol=joD%yhOX;<tdx;AR`su{I>O9E;lezhwE8SLvv11oKyJIoI~y|#bL#es
z>ZjacjwS-mRSsddv>tu&7TPH{sEYqZ+*=35wRCTz!9oZD4nqhbSa62`!7U-UyA7^E
z2X{#b2~6<8J&@q8gANb|2u^T!cO4w=&N=V-ec!#ezQ69RdaI_^+H^nbSxwEJ-Llu}
z_Ve+y^j|lSj3?4o?Jhk%2?`sFAm(YH*6>8`;6$CwQ&-haRqcmDTyFeVtUoTRWx+(j
zZrwjX^fMXe3s9IDWX<8XH^W&deL%2ulvR4lD+GFJHr@7vJ?@HqZ1QJaVy5$bs{C6*
z67rr%A!dunk7tJW;H_7XBC+3X;VR=VVX>iZ9qvTi@(;$2FZ+H?V=}}b=VVq?<}Q*j
z1O4OQE4I8!MkY`{{<V1k0w>LSj>Ge6paC;<-p6C*a-yGx<vDf1YC2wL{M&CLCdtCB
zq)#MUT`cD)w@;qo8Gk`B)-w0fk(^MQTt<kp+cLjjCKpFbaNu}hU9)%a$UQ3!o_kgx
z|6MZ07pb(6@Av6A;Sk?QD6hvw*;O4${y>%weLO3Vjsb=x{6_7_y*>}OuC)Gsf3Y8q
zRxEUUk~m4n2v$NI{^n%q7OBKQ2ogMW{<!fa*+ei(m*Zl(3TMp4rWO_4?mmcT|7PUN
zkC>!Dbfk0pRui57&kVtJx9?MQzQ`T0n#%whgZbLwO>IFKgH7+WTL82CDZ9K<+z?MW
z);9L9i9Hbvh6;&kFem8ji3sQrQ!*{xdNJk$<ICmc*NuK!K*4O9wTY#Vpa|N6E^{M&
zal157&??`y!q6HdU#q2Yzn^vTMEBj-g!`ao>sFV%B*zANk<Zcw|DiDx|1B<st?~xh
z?fsB1toqLlrHro9itCYq#`^jFFG7+H((;sPA~fN_R!1fF4wCr>8w7oXt8$V1ojp{E
z<Z_@P>jdPpBQ3YS@KrZ)f;mPQPKTZwu*687@LaF$^ozlTy^5FL7QX5G><|TCnCvCa
zNI(2Rip9ifigG3|RLSXDSWUgSgM$lO<YY)nPF)1y-at}xPK$QSyF9A=z0+1r)r6LV
zHO`5YOQ1dKOzgaeUzxjsiScV;y4=$S_Ilh@`^x#Z0kU71Mo9RZLn?m_GE_9if!6ty
zezm(fv@<b6>f)<!JP8D|(3qt~wtz46(RdlH*ls>KxjC#tGiRZTzq3+8Msa-@Il9F5
z4Ae^JS{yQAL!8C%{Pu7Rb5d|1sqhzCgXfHoDp=2O-Wk#HrG|d@ZJ4g(N)B2A9VZT}
zb(lJAX9F3R{@LLiw@kj*QsOGO%jWY#(H3f!&0LN3_%$NNk?@Q%Cbh)DMFItw7hhcn
zML>@;eFob_Q#LAu<0+bP_SB?0ZN*a*aQ{NCr?;F=x)~zp*a?f2n4mlDI^k6yC2N&m
zHbJ*9mzQ>Nk`wmY0}g}IMXB@fQJ+Fns~AN<<y3y=HH=9XgSFLj$V(l1FmCmMB(%T9
zCnR-}fM$OnBibe{{luXaV-F`G*h+ly&<zzlrWA6!h$ZYBbZ{jVVlcPwui#eZXz3lZ
zX*3rY(o!N_iwHg4h}JbHG3?0>9^gKKpOr9~dTvq22%ckAy^Ejz5PN207CPp*#b{Qa
zWpG$#$Q?s&Ifq#VuayjXDg|<0Xn2+RI~Ubp(Lowlxs0K(7saoQTSDb9v-uI-&f1qz
zzOE%8gmSfyWB%o(tkcg&lVo(RZ!uPJQADzDF)WbtFOzX!ylkmZdf5R~96gkaCHFgf
z*v(#n^Wz&Dw;3ebk50f8bN2}>>H%Z;hvv5~?jwSxlDmx2AUs&T(ST0I*%d>Kq=>Td
zr96}KMQ2OJRgV%)YGP=}N&E(PD?jCt8{(L)fO8L6CfQ&ebjj8BUs=%gTMKz3vND-a
zX*3axa3Qi+-VQOM+h!d+d${0*OgxFVZl0Fcl*aCrH1-D4Xd|&F)5}B>A0m!aiV?@`
zCIDvcvWJ8KAGjE~?D0&@FT05jE%Q^D<i867kY%GKA%tx!+<%PFN`H{-`mL$#wf$Y^
zr!cBBP+(XK5m{dHTkAwmwLtek9CtLf^HVyzAdW>J02C4ZIvF#2d!Rj(2UMupP=bDj
z!xU8UPI7k-<ep7Iv$(Ves`(D+bwGclUdBx^%zoHh_rHB~Pr~zo`u#o7*j5`F0VFY>
zXo4$hW^E5Ner*;4tVbGVyN5gTe(bChLl3oysH=ZIA%m`*9a<FT++ULRwuI0u+|H5I
zO#dFO=$R!b5<t`eh{|?-ihPdFvlx@`oe}B3My`UmI(gw}TqXA(v{clg$ZF|XL!buF
zTGj3YvAKcHU6R9f<WNUlX&Nv0<okisSAZM#-_IwCb#mkscW^zpN{duw6zz~>9d%+g
zUy{a2cFhcQdSYmE&xpX`JJfnJaeqoC9toQ1)0T2{@{SNY|Fx2$^LilC#=niD)BUU!
z-}W}>#fmLDzAfIX#^)2fxsgfZfBp&oLOiY#P9RLRw0koY0E=~w!9tS2{g~^LJBgk}
z1s0r-ug1fWv$nU={Q9lkjblC%fSv;MTR@Ki`W^o?BVSj995UjW)0rbL`{%xAlvW$s
zBevTMqNk3$4zgOywD^uSM$O=Uy5;i6bzX3N&P{1t0blqFdKJOB_h<|AC01<1>V8Xe
z!YqU#TFCj5+?*jf&c)q1+rRtl1MRBuQJ}iLgwL@hhmyoGOLU*8cGQ3I*%i@Df<Ar2
zXMC?KcK6J>&nPd000pHnA@~p)BY?z#4`u3}g|H8?^H%5B7sz;kZHevuz35tU_@E92
zGC$efTHy=oQDmqgN+U;wImX>AQStzVIbp}FmU4#zrI+B%4<QTc=TPwbsIE2m=s10C
z&OB&NJyo)Hi13=7*YK5>V-^PDCZR!PRzhYM{-;GkX8(}ekf#IIc?;^SxNb{dCm{t;
z&y8n7ivWo4fd%d@^gO}GXntFmv-;Ra@q8?6ERp6$nH7QriXQ5FW9$Q3NZ(t$LeF33
ze8#*-_S1}cyghptf{4CWl#-&P3Aj<uC@|pdXe!oc6psA6M@>y*o<{H2A|}E9h7+!i
zu>IQ$2CgzuEMO1mKnAB-?9JN?o=+?D?aMb8RY5CaZw|Whf{F4L#1{VsiX)n71Fk<5
zovaK#j`Sr612iU}AqQRJE2K91*FR^X0y}wzlOA870{rkQH97rSJFbtcrCR)3`>&58
zl$YW6$PlVPzJsnzyjv8S&Oz72-H;{q;xgd%JK$vX=7J{+&@<OZh8^0JVZB{O$;jLi
zm&-}k*rW(og~{B@p!A57m=8)kW>mgf9N{%zC%cT|af3?4vZe);D)V+p&B`>*G*EZS
zaZl~I{;3uPB~{a+Ds<L<>K29i?~d*J@5e)$9MV`7@ak6J$n8L1&zpq&6aN-s`t3-5
zsA4+jWc^C-=l%20X5o2xtNjc1DZlgm3zw{GQL}?c<0%OK`86XSU=w=YY%oC4f|cq$
zPtiiZ?RPHv>(agfcX1MgH{mtif#qZm{bF}<a0q8)ETBEv(aqHUNURPS^@*9ivWYcN
zI1X}ODoZ=8`2nsK8f@UBYLILi<miic+R`KR-Y8M=N;^0GTm$x@%N90LAinQ}C%u7N
zOw=^E@-j>Xj{qZQ*R4ki*@b=jb2Q2$)n9Ak{pdF8J0Gl_mJ|}I5cOWfw$T3YUDcJ_
zQrFshZ_BZr&DqzdJEHL7z3MDFFV(Z=Nf!CYhvWgue9#w9apO;3y_6P7e_Qbb=OOaL
z$=Z{z^b00$!UY6BnRSys30=@t5(WQ!hzyP8VbW**u_Dqm^zHrFsN?w%>C+PG2v0QM
zPiA`inIqro=<N%`E<7G~z#ssjpWvru4YxncX>XmYWaW>bC7y~ua~nu@pM2GRT=5>O
z`0Q0`(%5Lmqe;@Io_6xgVn=*T&zdK?2RtEA>GVXG#*;aQDWXKg8BNT|+~?(m$dg$@
z0#8KaCjI*!Q*1-^!t9UsSDx5K!V88jA5Uf%yrSgeH|x&o8cyacu_wA`7b^w{tZJ$m
z(LFXAOQ_u=!vxX}0_3;<&{uY>tPgmKg9HXCoIN)h6)2rDgqODlJP#`EfI<KMcbtuS
z<8t8zhn#Z3j+OlZPp}fu+s$3>&!y;p<@5{hA5N=id5@ruku*>?5A@#ld2!xS@#0#E
zhT<=0=gvDB^v>JRA|6zkEd_AV$b%9Gz1j~n=R#4TbM2Xfd&H*H3qvawFnvKI1kJLe
zlg9GcD*?!U(rX2qJa_Tdubp>!aw<CkAEtm3Ig{CYr0wnkI^VubT6#s`(c-IpnPMCQ
z_04y@C@K&a3W7s+Zd?xdP{RJlYofYSzVvSR?dRnXf|Wa5kIp-GHS_xyG9k|5%gf=n
zo#^Q(TA;9_(L-$M$f@%V=ppNXh`CAQO>Nfdr%A|a7X>vUdMlE0cs7y^i$$&X4RT)n
z4XLwA@0->s@ME^-IK9UbKMQWh6X>d+VEXwgpkeW3Bz)v-V#i`oYk$+6meY#am=1w3
zzk=#LHXtZXRxOj_PQ6XY|BO(rrk>oTdYB=7^(eg`G3xwc3nT4)RiIVJh%8lB)l{O#
zrwFm-ReKaToA3G-e`b>wF=TcBNSU@d#67$J&L$3knYi*@TVJ7*-7@k4oaF$1-5yo+
z9iPk}IWo1IsUHNC%uMa_r%y`XN5K0LyC#YiQ=HwV-=i*E_<VN=(&t2T8$R~mnbJ>g
z((b>nGOiZ4KPBY1t~w`PA>7o+v4`rdr>MkN(pwd|F6b@n``wOhM-u<k-$du+h~4c!
zC0r&ZyI10F(9J%bXHipAftD<yG{!On0}XOhvsk>qEvSuX&F*v6FE1Qls1%@yzx(p@
zuL=5|qK(slm|1No?K4r0SIyL<lDokCS<L8#d;BXTcjdA5*aaCQ^k@czuj$uzOy(Av
zosp9r!Q$`^L)+iGkS~|Fh7mmjRLP9?YdobP?qTt57EAWy_qGi%k0HXc7ZsGv-VcWw
zZd{3XlJ-PKb=}fgW!hSVnVu>at4D$D9W6GpORs-6nro_iW8v#|$!d&LCA>Ue`w^x4
zeUX%kw-(?g2Tf~v@~52VkVu8UvsQ{bd6sHr9M;N{mOIPM4qE_Mx<B`4mEUE*@`&fG
zA*Q|Fh+b8A);}dUb4Oiq(xrGDx+8BT8wMiV%FDo9$-jd1A!<${rpJT-D!-G~I7p2T
z+5uIJe>y5t^>vH^>4O($O4vhwNrEae@Uy^2?}sK7V%=+Ns4qJ8@7cTU8V`={B7W39
zW$kE|jt<ce19xU>1>gig+S-yp0-ER{+wlfrTF2xV;&8fN7Y$CO3nKdK65`p=p&qkA
z8JwE#uR2pLWOQBN?y=#C_hZNSHBG!TO~gZVDdYL`-aLJB#q(|{#u}l5(D*C-GgT-l
zO9tHS{wbYymGJ0UK!F{Imf&_;s!*?H<YZSXpshz*?T`}MS9V_LjTA~Xsx+7wof1a$
zCZuqd)X$Z63Jq&$bD?c|VkAWH8d4@s9BdNKRwG_i%>KocG+$S9RzeQ9R%?*Z<D94*
z<g8D&s5#}PFQ+r(b$UI;UF@-vY`%AZaE>8fjV_)NT+Xvj5Xz*tHNRz<@YGA9l@7Sk
zPphAkucS||88Y-I`c+fG7V2a;E#({9nKR65mdt;T2JY8VPrQ9?cKO+gqJ(}?UNUVC
zv|QBuMP)#FY5}CRXJ`A5zV*DA8B=*zZ_N1ps~)AK6o2<oxYas7tbaax$($jJg+r^w
z&_FAed{9&TvB5_j`pv&si?(~qjy1D4+Y%bPeYFVEl90_E#>1`hcKG$WcllreKEs_o
zJ20>9<a+$DMK5qJOSKx|!bO6Kw>D|f1d}Zg6=f)`6zUq5ckLY<L2^yntSuyuI^b`V
zYg2en%R5o1IuW0cb{>tD;_a<a=;7`R``+E;vdG%NvVd-Uy_cvIJ4quabK*4h8p;m4
zMfK*&*~e7FgDf~<4ZZ#`yV6gp9XYG_^&&DV2^T<foH~znjM<BPx7mOD!<#LAPuPFo
z`sTbut*OG;5%))0-=e?Oe8DW?rF&mO{kG_S;0krB9TKAb-o0GLqaY71G`dxS4>n_e
z-8_aCm{x+%o}abH;+RxZRBt-IS;_U>Dq^^;?G+F7Ea1B^qErVOk>ue{ZnanFn8Z6Q
zWtx<{dQm<x=_jSLcEFKaIWE{?-8lB@7c4Y0y_0-4zc=I(c+6LLJYCQ|p9H&b?l+lS
z;x&k6mGJkq*1JW8=1>N0MP$*z7)3JDWIXPrhwD6;f#bM*k|b@nD{ea-i?T!+OSZUB
zU7VY=wfL%3Hf+QS=(#2(?#;61UDgWcDT?D+ANkAesuyb>Er0Nf4VU6She~^~_bPmt
zrZt1xc#2}7!8ULa8MQfI0`7?*+BpsdS%p}A;-(SV^yS*8&u9G4uxtXpm83{E<qrxd
zDA6t`W)~>w9tTOqA{@uV$T|$2-!Hv5SrC8@G|)>4ELPk-H1w>JmX#2eL8=pI==<+Y
zJb_haip3f{L@@qbJD6_JLTc<9+G^M(mnp=Z^cWAZlm*%Cv4|>q@I=B`@g}*Y4XEw6
zCQ8>clnpy{%vXn=dkd9VDrm~s)C>Hrz2{x@dlT{_D;FMvM%1S9b8tXKdid`BobK%K
z5&c@pi5cx&K(E$XJLc8cLrd=?j(gJd!|sm)>u`8}i*01MdGopd;#v5MjX$+$tt_$a
z=6HhoFz|jy{F1lf7}j@-LS|k_bhI>3r5;YWv>PjQwrJnjb+ss8*mbCDv1$EB@Um&O
ztN$yy)ZN*%{v+_%##+_?6-ad@wz0oOu)1i~{pEz8<&9lOi^mOX+_swDVwvZE$ju5s
z2`r}nipNtKF?*!{zYC-2J*=t!nuysWo-+C`iTUU~ys7`1h}ol<x+`npn2sqeVakck
z`88|(;KpzQq2NL=ytIQNGTHEBawEoFV3UeDut+vatm?}o>HC-yG-253_oOxBP?sa#
zm<099zkAmt&;0guPepOR!l%huBVTFV?t5?LHyOEx>94)F{x`~Tn!XBsO*)2MleEvQ
zXT~`A$VEZ5vqR1{l{}bz-g}s(43=db0j;L>LaVke_Z+ESoR7Kk#W{5wF52Q1Fw+O%
zq&m!e-iqUU1>nj6t+FhNydUyb2|Gsonaw8nOU<P}#qO=CS`b%m?YeisQOsXUw3|3`
z4WG=aVD>GIP2|9{v<06#8=l+3Kd=hRmnzu%veYwnZQR#FW@Aq@q|<<fWzjwL+MXp?
zlw|Lk6O8jo(NqmN`!!C8&a!C%vvHC(UFUv-b|e&%R%qaC52N|iyTUB0x#zPLMxoGC
z`+?|sk>7YLdyQ9SlZcW8zY<ZH7BD%>5=OF+H2JII)1Zz8Lk~1JOq`9{PC&4$E|X$_
z+`?b&@wCh7Zx);yomSYb;^8tYw$=<0r7=)Ld=xo}H8c8?`4-cF?!Iz#MJJzh!Kx2F
z5c|F4P^z1TsVJ|To4(ZQ1#;!mu~jD#Ca<|e8<P=R>1)uz?=u=8%e;z4pu=H&)z&Gw
zDdZ~7evIZu{7TNKO_7jbVA<DF5aUSp8C&3j_{Dv9+mpDTmdBVcWsqe}xmjbn<hK&R
z`dS1@1e-&nou8_@Yj{Yo!M7NQe8NHgQhMmcIIr9Q51stApE4n3ulE<%p65kjC?d2n
zO@y6(;f-|OY_r`It%uj7MNdoxX9X)a&)xdO1iDwrnRu%^-JZ9hx-K2`Zc&i+R<f__
z`O`9K-55obBr>fdF#vXO>UVnNPUp}OlaLwM>UU_0`%6+h(5U?MuEgMb7MJijUm!62
z>a2qW?}`zx(IHlcmF+$D)2h$2KhSNbez0Vb1L-%W1RkaA9HE8vlhNdJ{}z}OgdXI`
zppQpyZ#3;5t<oWUt@2_Ow}wP$o*`bdYsCKA4Kq(RJ`^nL#+v8ne09EjnEB4kM>n?U
z-iYp8U01oAw@wE`+mh~Nt4k8+dnyx^og#MAI$_67&>rz<UFM-KZ&5GDWCAAcYZX-+
zF=uX{BINe8JI)d8U1~f$+X62Q$^Kfie%X@GL`)13N4_68;NQZ?6gBgeSD1mRffzwW
zq~0oZnrmGWvu$f_%>BIOkiF$CiR_M$65OX^<1@xvy~7zy8P{LJYG$0>{i6zF4B{(S
z<&Ql^deufqaOS{vI*R94EKAHAafb%iL6+(buzBVAFN%mARcB;6?LFqbkbEc1aJ-7R
z;dCjXnwP79&TRg8_GyFWg}#%VfJ#dhrB{gNIojX>in)Ov2R1iwr5#tif3<fFxip#3
zJ`cRRF7w@k0tqt{nb_-if#T)M#=>{*KaCH_?tHBO=`nVKTNv21eyY>|M|7%NvT6NC
z5VL8ussAhfzx7h|7QPa-jQ=HJZQ(0j``;2I7QSz5|64-G!dI&Hza{uBeBS|w#r}7M
zr-iRf?SD%USX{rU{eO#=yN0sbNUAy7g|zYQ%h}_R{MB>ndPb_SdQRo`W16ivv63`M
zv#iUyMm=gr&8+3_U_%t4yFuxunpezyoU9msGY@L0EOjYZD`BdD-ziB?T#0a>wZ}m-
zMXFZxLuhH0FAv6X_)(*xFk+bNh?c2}h9t15C-Df`+6~VG<+Z~_BnfyP#<Id}3jT5q
z9AY0}NUyyYH*s0PkK;YfD9=#;+{hW+;_CdM2X-n68&kXgKxC}wBRgJ(SX^`S+xEC;
z=Va5_QSwZ7rY29webyvoZiy?NahUYocXPjfZNg8;t3!I$jo%=T(dd=8z$Qoi^*Db*
zaEdE0<s5&jA_2(GBv#gv*6N^6>n?+p3zJ0jwrR2VfvDKyD7stMR(`3x;uPZ|jLb|U
z%BBIqJOtO6NE=yWhTqd8DT(uj?q6~6>>nz2>1|7Ruluy^F#Arwo5F)gH!<fPd+NRm
zktcf<tMKZKOn83}8me<Tc@>d*30Jl)mG~hA>?YcGWT!;`u273CC+*TzR(*-+i>K{Q
z@nV<-e-wh4zOijMuJUPyfQSW%0KdVvP(tu%Ulh05<W?y?hw0OJO6VC*RIEpL#}b+6
zx&>a?&$UYw<G!I4W^A>hwIFT6!lqlElc>U2@8iv{7wTU*{6_u6KkCjDCbmt<)^PbY
zub~B7b1Dp4<A14RhFC1STR3jE^;c1*N3Y>XwFtZzOf#OG?x#~4$BR1SXZk2m_PFTL
z;AGk*_Q&}2Bio8QevuE+$1#U_6LT#5b6QGw?#FLObZ?Q3Gg>sn;Yoo%^<~3eDm{N$
zEp{#&qh@KVl<+9BWIW%ZEDY!l(za!P=WY6^sei|pTeb*_;-jfLqt-*N*N>rjH`05I
zFMQ@)@|pH4Cgw6hywT)pZX?;EP!UMe3)~`~kboR^yx-ALxP#Ue5A~-85qQxh|FFfK
z79O0;I(p$;`Pq35$G<0M8Yc?z0kVg7t))S`h7+<De33$%gaGwO5L1us5uMjqr9=A0
z^axKJ+UyF=CDf@SJ38Ba>BU9IDQzF6I_{_-Ex7^=#)W&BzH&4MBDka|xYiV41<_h<
z;&~R9I$mvdSq)p`GYSnM=H-b#a&(7D2N1QU{2oGTV1&nsFP*(0JM6*gAYw<evVoOY
zMcE?JKmM{9=hQ<k#nH#7b!umi_j?AV(-Dv^xsi$Xx(q(?#pjB#Rz3x}o}u3~?+DUh
zg$JLV@`w8f%PEWAk`>J(=tZ(*c27Ozlijz0jNdZ2#(A2L57G!yhVwVBQBF~(BynO!
zsgmqMLR8c&4?cl=b{hH?!bt?E=6R!s+gq8FryjAoqHBxYVHT|E^!Zu9$1*#EvSMOp
z=kwoWc>>oODp8X=drun!nYPh{nwu?KG9b{>dH1WcrU7#t&(^Yyy`N{oi!)^#u*H3^
zpG&I~Ckals_yX5wvvjo?Gs2YtGP@He9xGQAhieljLe97NUUg@FQk+yf=Zv)grZNCq
z<i^K{k!=ybwzq79ed&tA$z!LUOMd)7r3o;+KJ!!Xx{aI!{B#0-0Lat%fYJrZiLJlc
z{#2A&*@+&&Rr_u2K;S#3QNe{Wn9-$n5IZUN8=5;kGQ5KQ(afAvFyXdDj--u7Uz%%4
zBxll~gX+oafVU{VN|;oi^(0DvQaZjy8HoOg;w(k2@#FX6_2W?uY5#n-D^Nm7Misp~
z)q*9gjO&rchg4_#5*m7L(EkP6iIb-o|8<g#q2Ybpm1L_M+Gs%-X^iCg6;fU`o7NcO
zPEb2?BS@!xE0gy)`YJtDA~P_iy3M-~znjJ7!_MqT%4TPZuy9_YQJ@|@f$rV|{uzb@
z8duo>D$vgMe6T8*#^ZgAWRv=ng{Q9ly>B=hKCq{+kn!_YCRy;SjK?g}%aHW~u^c@4
z^`+pd-nvUC&5hVsf!g^TzSz2;qYg$6n>K6SB!MQk+<;rdj!D$lR2N?b5c4xm-8lCi
z(b)^U-@WgX6N#}8*?qXoeO3~fdorAo;;F9WDDi0JG+wLqBb-#ohXZ9FZ@f9_?^f!Y
znjIH2s~tnKRBTNnp3>JGVJQ{0hV`03a4)P@qLOzWW_rBFqA?Mahim=y;$lrzkY=4S
zC(~deuB5<JiO{XO@z!re+cN8woOP;ptHwiqhsHWpZY%<J%w^|Z4!iff#e2Fgwd+GM
z_MqQ9Gzp#Av7r)7S!sQdggdW@uQzNLul;_S7UCQb6xq)=IJkJF{&jTr-D<`7h2`M(
zEo2{Icl=igcT}cVXb<-$liLQUkoUt_)rTAhc#sSVvExUxSTPE1?s+~_LyUM86;;y{
zzNJGNJBit)Y#r?Tb#%j+uC~V>hcle=O3O;oK#K-d)Yo*wVh#dpY<fDylVa$^e`o|-
zN_T0k5zVle!{$W#%eYyl9EyS7&_3ST5T4uW{b@jwk*jhdS+g>))!X-b)ir*=%#&%9
z1JC=^Rc(jK`LD3{Z=!2-&+&$u_*z}xv$D$}qd?A3vp&{|QPFXehCs8KoMg!xOu}Bs
z;h0)Wr25euKBw+>Thja@S<yKW+KE}Vc*Q_LNk<UwQAEuP@K55i$pABWT*BL#Ve{Px
zV`~Cvq{4<9GWaDd6q3AHAYd>=hm~q)df(Y-%VN4lZFU(^qm{Vcn|Iy6V#p5;vrb$y
z%sfoeoOQeD6y2G>_q1K)Y)aNXzsppl2Exj8!FtSYDul04T|!VFCHSW~5XIEi3rFlm
z`Uc>7z5=n7+5AaKM;u;E*g&yM`;lS?w-eAG0PP_>>Bc)*fiQss08w~xrmAN-I6JIc
z{sE@2ZtNtREkp{sXCkOI0I>Xx3Hiq;58Jfs#SxNXmti<ga2@x6!d^bn{(YToU@bED
zF3yp}-V&yydaWGil!lRhnp)VwNpXvXE2U|pa<01YP~|D%&YKu0%^V&Zl+#N^I_+|+
zR5)%CFJD~$Wl<`AwP=_X(-)Lh>pNnBJ%^I%fS*eRS0UW;sVagS6+6>obLRrhr#p2y
z?;Y5@+aj>DgpSXxElaME<4z2wUH+{oGQMkF=1Co@BLTzfqO;odHUfd!5Z%{%j92qa
zB@)0(_<NR^uhMKSrb_NqDP6XG9|q?ak0#S#@#+{kEX&(*#WLvfWBj%BvvkuTXu|Y%
zi4q(`UniOMnB7$ijmkADhu`FE6CKz-(X2$@&$rm)eh>DU4T4!#mRRI`l-Ft<Vb!~o
z01)6YMH>0|t}8Nd_pthAABmHz{P;-kH%%!6z}0KpG5Mp<o+Os4g)|(>-IeOPc0RM&
zu=vK4F$&O8-%&gSgMLPI<KxL#Noo(lf&p^ua{FTVtDo4ClPjXZ{b+6}HLOn9crGEo
z%(0~%Q4d6wxbI{vxAT)YJ0lw6crMmylsAjO=fzZrdPvh&ASC6-9T5;y(x4T(mxfy|
zU_56V`UfmyJZJSZstIC`XvkwuFWZma>}Q|^cpJo55Bq_ZmhH!UfN(4W?8w^@{&OIn
zWnjWSr!(u#t8p2Y1vhKZaB5OUPH4KV2-e%^sm7zerXBT3O*(CvFp7%sH$`>0?|j-C
zmKL9Wvn9+ZzVkOX6jS6*_<04qK;HBFK0^EZ+jGhnXpB=Q;f18+u}_a}rjk8V@en<~
z(6|bYJsfj*$NX1@<q*yqN<DP$Q~9(UaqW;xpC5$B-(T&u?Nc)bidf+m9`i;qiXhy+
z*urQ^4VDL(?Dz--ROX2DOHD!A9r?dU-zuFOCS;O`*rVdV)LHtQkjNpSJhsWP^u#CX
zz$#7HPKDug{a~@195aJ^7b6GE-c=z%|0-xIU0EKMAU`@h@QL3H>b9Rc&Q0w`mYZ0N
zCMrkZ)ue4V?{g9?3a4l+7Q1TIm@!k(6-3qPvibZjt|mb)OQj{qT})c2HSN@I;R_U@
zxai8LIttaxILq2>jYFJaE6DHtsa}d^jpj-(uW7i5qU4Z2fZf6HiB#B4MsS8wy=>pc
zDkBGw8n`KLG$@9Ql;1yyD)^67CD%<yE`zL=xuB$O+iOZ9EK?6DfVW$<&^)WxTavp<
zB2QbrDw)k7%LT+rLTLQf%Um>2xeX#J2Fk~e+u1D}opDJI*Wht+8Yi<70cInUiZqQi
zp|=Uc^3-HM0bNNyD<QpG8^^x#>=?MmEoLPirp+b{_k45MI--EbvCM#b5&#OPBXEzl
zGwvnSbBx828iON1p&(}{M`&>d!pzR0nCVof+>%p_0guj{+*ZQ|02u)aQyc)7Ul+UO
ziSi_Sh1`!%L<w2mf9+k8K!r>RaPV#(r4#Y-x-}q7HiDJrgiYZ{hQ9Um@`9`pUbBth
zoKv&Bku$O)A`b<R6EDVMIS(@agWx%kd;L`@I5l<&0|$=OUj18*zmNTuauYPj+wgAH
zBsd^q|GB_L(A<kTE~i7RYu*O)#YJ3{om<GSHkJ2wZlUxFbJ(C1i|gm7B}`LxZe6Wy
zB)b!vksm*CPL}<~z`&;U_!yijTgec(Y#u?`FO?w*3Vj_`*YK-K20g}VL6>$AAE)Su
zu<@V23HeF9QL-<G*_I<?tfL;#^dl;yGblh%9-vpI4FHVTr&byPEc@?YRa%R*0Pf2_
zIGR$9W3~u@k#kZiBPYvBGxGIy=L_#zdUBg*&TYS{UO$#hk(xDFopKb85D}&m+E=2{
zt_n3=ojMWz%LWw$T>RbXt}N3GQsPLaG%xZThi6G;l<W)9^#9@Bjd}A!4+%6shwJ6=
zE*8*)evgtflKB{Gn|U~SRg5ZqPdzX!)<ZrUs=lj|n~u2c`z!M}K{Ka1vbw;xoxROC
zPc4lzun-j;N+E81r@2Qv)#*o&W+`s$^_9;ou#oTnp*<8vD_a&!6@WMR3AcVr%+sN_
z1=E1mj~a2yv(1c@R=5LBviGN)7ScP$K;_x$P}eexzX>e#;6<8tM@^;|&V?@vZjz+}
z4ghD=dcMC&cG<2ke`-_{UTf6+tAQsH>^>;na$&+A@29Y^!)Mrh#<U!=+lDm?vpN=1
zJl#XB2OJ&aG2KIpwnw+TTOBWh4%B1S#LGOG?&jBaSc?vITuzNmtrK*xRB#KJHU0`3
z)7Jh-0D!{*qX&Rqt&aCw_?F&el2@{NjlQ=^R#aO_Uz{%K_r3P`(Hmi?fUtulJl&Qx
zM6x=bJtq03Szd`q3&uZQ|M^a4{%H=0pDin_Our_6%rL|Q<m~dl8s(=mq-<0^qRlr`
zGj8l<$0|q+&szYIQ8PD+-X?4UzZ@@u`!9j046!^n$7NbK-zyn(-wTp(-z&wff=JOD
zTo2!?G{?#I787{h;Fb{oQKstoDOla!{s}yfAG!rWX~#_hwq&S7&dI&4%&T_FJ1l^C
z<WqS_RNZ1m0Fm70IrKb3Y@=M>3eNJ7T)TT$yF<mk$ikz@3>gsL=cx5Wpcpn)@)ekq
zaW`rm0fVaKc9vvg?QQ`2KOey6!!1klT;X#kUHU38F)iv3!7^j*9~&-{mVdebF#yn^
z|DY?3|DZAO|8WO2!Qg-UyVdlM`|!!KKkhRxbm<keH@*a~B?W7LiVxyREM|S8@`6yo
z1C*i6JhTKmoK+0O*Nshv4zg+#78(J4!ni|yNy^%x0Ekz-qI1U)Cr{Y7t>G-uYtHa7
zib}fpOqIZ5o|^J1xV=#5HL0`IcYMn{s)|#o*t$G+<{v7u8}Ba^IK>IYCGFC!6WTI|
zc;Bq2e1PEFPF4|ro}9e|CQ-$XSZ6b9;Q<X0``g&xDkK#*UoQ8GpEf9B``I~lzP5VS
ztwXDVDMGgti|MCpC;y=f_sde%mpH5Isdqic_mk0uB=}jO&az7U!RYw!Z0o33oeAC*
zHd3E{K9AmZe1t{*Wz^~2uNBfSqi*khE&0?_TNcDxJd)ZC86DW9dsk>A5G=yM^Q2(w
zOLQ0QlY;#(ab5ic1wk_7h@*Wfk;-SzxPQo2j~>0VZJ>TyPNhDbA{0y$K&sw8;|-TA
zX^2yMve#5Yo@<ERl%7}`F1FWz#t+#TYlNH=;d??hN+^H=0>}n0bjo{=qGCsScdtoU
zhMb3WaeJ@nX@T3cH^#vGjeeh<hDrC9ifM0n@LmI<HDHJJq>)k^vXS#e;17ZI2Cp>K
z=n4u?hx0);=0M3A=qQi*>7i0Gr!$Xv{ojB-@-X^3Ck$Bo3YQg4O&i(ha|kPCfL)Zm
zV|Vw)l-JkjyKIhUImKJyk|C~k0UzKV;WpSe4<;I|-Mt=)+&su@dbjZbh>%2cO#Wu^
z#`h0W$qZw5J_e1Vf@(2tXN!CY%~QM;+>S=!<c`rqOg@x3`LIsT;tjUJ?SniCa@y(k
zeQd8(fp4O@bVjdQBh<LRi62oeI$WRuv-fYbD2%jyH!*Ct);WU1apyPKvw+92xWT{4
zORYp6?M0*d>wmez&8O|dpIk6?_ead8NZHh!1$Rx&zgJM$8WSaS($^956gyOeJmr<C
z#5*MN6znXg=fgQ$&7+UEx3l1!7qeMNwo9Rr(;6@N#KKv}PK!H*KN<HXrI5bp$MD15
zz1Zfr&(1=HGevcwnF-^Hx1;nf>BXdkMeBLeA`|Cf1h8||E4@fur8r8B#&6w~DzDW7
z%y{%1aUh?8!GprrRAHbdsyCIb>oY^o2Z(iL^{SRx_6^di^2t`IpQ{UzHKg)2lyC%?
zEm~EQ^QSOjAkw;F#nO4uVRKyiYN_u8uhpb?l@bikKmB9&8k)p}K{;SCg`L7A%D|77
z!d9}^XHidY3(yolA@q&SSu-Hg03+uum~&-)fhc9A1pjYPZnIZ<^0{w$^-8ZOfp+Ba
z>%oZDU#s~PJ2WP)#tcc4R`Bb+05(uV9GX^=w|5vpph}}B4d~UaroMMl*%cEZ!EWCk
z8Sb9Ze$?Fo!hy@G6rg9<(McorPe^=~;K+=MaYFv^=7H~Ti_iES`S@Rx_@>LaS4=Sc
zGy8izJncD`f^O}BtxkzU{st;gkHH*;iT};dd_+a*r?se2xo~u)0(C-O=-kIR5nS>&
z-fdnlKRX_Y5&&mZ7)CtCR;A(adTE&mOyX9^@qZ-s;r|d3#{fzl_uo98ll7x~a|z7f
zDDb~Y&dz>(%KEuf7R}o8<=U2|zz5LL9suUS(Vr7LD((8L4gUb~eAyvyTC(MgkFDMl
zpT2)5`$i{9Kya>E^{?qH?-rB1#>5>D70g|?a~H#JMS<pHb8zHnreM>)n7{qUW@7r>
z#<F3GhAUi;hU*dZZ$*C$Nbr(ofaSLIeZ<w)(3o-g$ejPey^-J0@1KdQz#)m6-{9-X
zZ_1`wb(G4`8_QLUq3FD8lLyk!+r#_2GtK%)x3$cj4Ihv4b3ZYZ_`OoMW~uuGS_xs`
zI2Y}wmisG`$EOEz(6{%9{o$u=y$cHgsQX*vo;j!A6m(b9m+=e76KQzs7dqbO1=E4I
zj4db#3lDLE0`s$2dFxR@aPXt|x}~qS4RpbwpdQ{pXMG~?9VwTEz`Sk{;w(rRQFBRD
zF&Xw^4Yd+ZP-&CH`tZu<rzy@Vi6Z1zbPc0O0&6YPwcnCG4k%rogc``%BjWt-Ex7Q~
z&PqibZ3hyK(==;c@awJ9Jtk9)iI*n$exI73i1a<thIGuA;u@F-DrgW$7Nm~lFH<i9
zQn^aiWke>wjWW^MI+b{}NH_>G*N1nR;Sx8oblQFtU8*2g5({`2R+@A1b6l9gJD_<D
zc-`Idmha^CpnA!t-!cVH6htwpc;Srb>$O4w@4y-gN1tmb<7R>hE{B}zv`GpUUvT3q
zj67@EDhVyB6#e}OoXjtv^`+LU6(n7CU3_R@PvBL@?f&a!qT*k(pUt&)$*kqf^I+~e
za<@={liYl<R5&v!JIlgaxir-SXTf4HPu+zXxG1)+WjY*A;O=BBb+hX*;l(NPB21UD
zo3Xa%1j=c9a}rTYN2pMGBY%k|co0rL2&3LNT~e;Z$zFBs3_Z*iyvWtWhr9KRfa!Fb
zpMEpglo;r?l5<E1mhi0`gDF$n4SToQ>wIH5mV3)G%6p#ls18`6b<-r4+k>cJ8r)?-
z^SJs&c)AOnG#-DN4!lDvOTP5`<T5e~yqx!GA)8`ZIC?kNzu>03^VZjME4{+yjgAnL
ze*Kw{@q1nt(d!^RVn*w4e+6mumf<Q~4PyVGUHeWMH6lQD#@MQP(GcmonMAvHFyCv|
z>Jl|>q^r<8n1jONu^ev}F<<}>=(IO2y85jAV37NAz=MlwfThePmLQ_&%%+t_=!Gi(
z&24;jDfY0bO~bwQsmwRYL_b=ckZv&(xnI>#r7;?k@4)wp>Ga!ah4x%a#?6@MoPS)-
z7FWCR2H&ARGEW^9pChEGhEjZ!yqYj=MfDX#=>e-*9sM`4(ZGX^CoW`g`)#df>H>@J
z#O}eP-qEvq+fLT*kBU+TJM$#_#Sa|X7T5R}>$4^Q&T4#DuqmGv6F`%otJ-FrSiWlC
zE%UbNo5Rd^2_s++`IBYI0SB>%`Wl9b6<g@!<+DCDBu+hwJUvH}t-Cl`Q$ZSE)!p!z
zX?HkYr8oll7>|4Y0?D5HvngdhB<wGIJ?gHSURM~I?v||mc+(A3u}f?(Q3%3wQ1LS0
zsLU?2YyI&qc-L*@sZyA6k_<NEswzWXj^mvmJ&E%z|Hi}?73^&M;4pn5ZTH=n`E{-Q
zuiREWdSsKr)tFMZAo@7u{kv@`+37|?-<&jq<-Etw%b94w%n+${S+$?y70hc4TXwmT
zy2O+kNi|Qap$&oPuj37@o|NR?Qe?dzX&`sC5txqVE|3yAi}(r0a>TKd8y3_$WlFK6
zNx&7)EQs4+#^aBMvb{-`c7I{7rO9yF_~|pGThBdiRIu{Et~fbhd5)8Y+M#JMGjuIL
zX*nqOK@htq(vSgzEMK#i*LRW#pEV@bQN5blrs2If+H#%VN_AL-QXj#f?zWlM>_eRR
z-FT&iuOQ!@8xK9Zwo8Wu@&!k4o70WNY{`Xei0_U9!FVENF{h}mu}?YT)Wm;lU>f99
zj&QSfz!A_jZm6ooBroP{*8?LCb9bG_pGElsb+6%Gn<bnS{p@HyI|`oT38A0Pa<Kot
z`T$%B+bOh~W*__y&n0qPcuo&YgBnlVFJ?#k2N>G?2iVIfR?PYCIA6o6th+l^(`=+8
zTG5LWmTZZmgTvJTJZXx1ccSOcqlKCCjW2LQiWK?a`xCtGp?@Ar?lekya#qihsY+8v
zKKq#rf8O^)IFD)_|B~*`c)r)D<}w3b_R3CXDr4iqCoz0ETKlG3lVj|xQw0grkUfl{
z{*`f9S5|lH4q@J49G};2A0v4d;KV`%t;})2C~^bCr1&#Pup6mB^#@U&jD$Vh3xz*K
zQ(;wa<A9?g9mOrhQl)Hq1J9#X8eq1_k-IodrRtTOb%MIRIhL75MfJqW)9VZAwdR1<
z!LkG(vrZ^}r`pRqY0W+Td)|xu)dT#V&rnUNZqREjqGje~B7!-#e97H7G!-$@rZ2i{
zEWd0-b2MA^PHkz|;`~@q!Cf`KEE_&=-q?*mQ6X_E8@RY=$#GiH1~#5RT^KR|DY{!e
zmn1@`69c5v5u=4+nQ-!L8`d(4Fl3f0`lh8OdMzAB>DSO8+-$XQV~a>P_T?^TsY~dX
zxt$Jb%w+l;yFLs43=*jpT3QE&Y7OSk$WZb&*$P`e=*}swoF(>jqj5ZY*}&l&-Aw&o
zVRH7B>Fp{lEK|1M{Q2bVuhLyvgW`Q2IwMvekSn#=HI?~EPt4oOu&v9C;p!mLj0UmE
zl||MF6HWze4(=81z1ybT)FRDYDF!W`J6;FKT2ui^cd@^$fTX+FJOjtxn1dMyK}9n|
z3y4&A#o8qIoXaj`N2r0mp=}Z<nRl^hUg<hbVV|<xRxX<YjoB&E`1Ij=`1I4Fi83s&
zpQZqlNONEzvCNz9TbG~Nh+VD41aIR<OW1eoFfv^*a9d!VCWRJ_*iqtaauM?9O{_M4
zq9i(U@`*UBJq2#a)0Frp7XCHG%qN4?6<3TUhH=G9b;fU*G7>d@e(k`0w(w*vFzyGr
znRC{+y;CA*EA#wC<3>dqLHT;$nfYnZ*<d-{G8pcs6ltw0L5TXsp5bp^dVBPRZ_sjv
z|3jnu*(KAG(G|s2#E2eU-gipSZ&_DcWtskhOnIANK-;9r+k7B$A5AOMV2&8t%4aS6
znH4LYmKNDSU-*6BQ<pK~LV|*K$6dDA(kF>wJ3pBtXd1BS-^v%%8j@?N*v@AlOn<$+
z?lwB67NY#($W3TlLt#jc7Lgul>jp|cC884AmVbdRv<)K{vOy+}sFjFIwm%V2%KI)>
zj0qU-yNz~SzhjK36QmfM2oG626tbnvk9|1X94Y_yU7qrbiV3wrlT_d)8QaRAlBi2i
zzrs?InFFN?u)DFzqN<4{x@wUL!#tYdZo?l^C)8ZurN3STIA_%u@w~h!;)S+G<!Dht
zg*z8gU(}n$tUz|vus>>~OEddQ2WdpbN_tlIA$FpxC*n${H4)ICuO>+5uae~WEUjMt
zKBcP!25B+*2Kj+le!l+2vw%)(64U11Hbx^Ui?V?f-JN|_@h>*wP^L-5aV8{;;!!qR
z8xmNiK~!|g+2fFD(NY3cu`0K(dZk4S(}L;8h8WQihQQX^AL~LPY|fyNH`z3P;8HF<
zA^`tUZAk1X{R_q;*_RwN%e@_Py7Po;Ao3p~4AyDLkssD3k{{+e<W`4Yax9Z6q#>U@
zAzh^OBw?)ZazaW;0`y2n{)kusIuN5N2pZ<q26)y8Z6hQhd?n@eCJosm;ewQEG9h6+
z8l_yOF*+n=tjOw=D}L+t$Jih(SnZ8YPAEV^GY6PByEucSJ)mJ1NMU6&`mi^jq#Wi=
zvS8*&O~@1Hg(XbFDKh6;NhQ7-Z`y%`e8MjOkQVl-L8hcAarU6*$k!1Ccpx7+u@YD<
z9jETOOb7l-uWCsz?|qQxgLg2D`{l7=Mv>Z3EQ&p)@W|IGP^C;SS&<w$55vY6rk^Z4
zQ~Vj_r>EuFp~@(cGc1u@dxRTHbrN1ipU7^d%tS#sFW0kQ3lzl-iFW#0dzadEVF;%U
zs&A4HZJ9yVx6ktJ#Ljoq&KLw=yh@5x%pSN>w2sE#@I#IX?zomMrbX2WTHk(u@X1wd
zc`5B|=he|t+C6ezdJg0<AS04iH7`$1v0?hoy7})+Zr5?}JC*|)6hK1i-KN(<zxyz%
zPT1OipCavqkbk3i(2eiV3D|)tttx=T5EzMi9^?nlEpko@?vy+&jKP`(_-t)~sYKdY
zBk!Nh1B7>~j0kCIH-Vq}ne{Jd1=Bx?N;ZB0FGo5k?Pbk6F%8_xa?@xbH?>c&k|=Uy
zf|3W?!GX#$Ptv7EnaViiNR2Aa8s*()AF{Pn$RM6cY<&4pm1$U=0HiWkiq?=SlBsXh
zg=R(7FVH9MQl>Hx)?yZ${_ccl$&ducpjod4yZCG-gZzK46n?S0#<Pq`SjIgNQ-_An
zhjvuktr#n0@kqA5z%+9W9|sbwbZgJA`K$jl{Nj1)2=>_q^z9AdJJmqS=g9jAhbp00
zq2h~MpRP`jFYiMARqqSO>jm*9vCqUovuOclbH&P3qX#oE9*VkeckJbI_E&(a=->Vi
znD*mbK?p~FW~F6XqXu>e!S*1=r;C;fM{VqfM>4ygu1E+5`fXap@&n<i4%&GH+x$>R
zWm;6~*q<g`f4dXm3cbg=?%!^Gc}Majb!_R=)x=97{ya(*s!_<(AwhAo7QOW6NU93J
zuySYp6qhP>Ot6W6gsu>lxZ^V4$8H*u)*R&I%cDdy-y7P@?}~qF^iU+7f279(sGOqp
z_kpaFZ#F-v^M$PMZZ_W_*ZVc0d@2}_+_y96QzvR>^NJIYv}h9n$T~IQ!kT>KgZaLA
zO4CM8TDSQ=m-rEXQWGhNRsHl9B7Df3r+2K)m-NU9U{-^y2ZS^y67ru~i3R<GT9@xG
zpG!nz*yv}Qz?<)d6wfQhhMsdTuQnwE`AG+s$T4poAU_Ex*>6ggW;`+qSZ+_f^y~2E
zNnAZN0yZDuAGvzRa2i^4Vg)=>0sNFV54%FB7bmUqK<bvAv>v}ebLUv5BLyo@$7D22
z%;0b$?XV2%e)_Ns<4&LB!cOjDA}FxqPk`Y6AvTa{tVPu%undI?BE9#?3^a89@_p0T
z+B!e5<YFQ_FrJQ)<(pC3#sZO{rt?kwaah`)^2osS{}mt4nowv`z>-jC_CLb3;6*~=
zAJGF}6Q>W(;x$a2<RxmeYbU=KdTJ|?bl*2&An}~5dbmSggo*yyQm(x*YtGkpP-;1P
zmw@OOBu%u1e9ALqQ{5vmb*D)pN(FoL&sAEoPb5r3+~Ri`a|OtNYm!r5S#u)#t%g;6
zHQ+r>{>N2zsC3<i%eFMzZybJ`zT}-=-y=8nGZC{$<-h7u;^s)N(L(5jKEApS!laE}
z<PhgfY7{ht8)S!5v_$5`vtR{2+Y8%Ji!EL-Y)`EzVrPaS&emO{IFm?@QxzrBA{P_N
z#Pp?%FY(9|Ui$>me{7@45+i)Ys^>;bnTgJ7_Mst@1F@}wjMrjeA@+pHxvckTU8gtE
zVA2c}TM%YBb_ccf^35rAues>%KPGId#I3Nh1lAPjNjb)<<pyZ8z<O#xD6;|CMQ8NV
z+EE;3iqEfztKF2J@GBx`GcASk)%$Oh6^tSr#kO;9DEVoyk3XA{pScz7#;=$Wwx<dP
zL_283`f7%M0-piM;9VFL;?JGP%d{M4Az=47l*Zc$*qnt^yJr8l;O+Da40cy$+bbLa
z1u>6;t}<1gfrZwOXXjNt=cyy+<tA?RaR$weuLT!aYl7N=*ynja=T6$CjFC#;Vx8~g
zHB{=4y<6Mk2}7-7n5UfF_5%X0HpsU1O+d#_(o~od=n9^ia9nzH1|^T`V>8V3<`Z7(
z>cm*&d$tJ71rAT5=`(9%VD^!@r!0DfY74$~(c$>b$RV_lO2;XOgcmdGsSv3({S;L5
zGN4mGNfKC%4g&Ub$-~M{eI0Vz*MlKhHD+M*^{<|OS~o$~C?ev+Czq+><zEeTi9?f0
z)HVAxYoZhTR{NfX(93F+ucA{|!Ndr;tg*5eR;zB~7K5H>JdMeuTj~%V|1QJeZIxtg
z<=rOnu`uqt8h4__FMdL>sE62(HocD-x6h+C^4tY*|4R3LUUVy(p!ZpQQ+p51^!zHu
zQ^5W)VOyMF*IVW1i0Y@L-k+)-6sQv(t`@%mvlo!4lwL_94HK}~HR4nG<TA7Ad6r$j
zt`xudY<Tp#N!!XQ);=e^c(|llE?=e;4aWT^__;aQX4K;A0CyoqLUJ%yGc`id_ow+-
z`PVfoQf@dgrEBISNGIPyr@C7mL=P^jIgpgA7nrdrd>7AV<cP695|`fAE*)t#L%voq
zi&MRk&tk+1*b9>QY!sf24RCTlZE=cU(A5Kb9sYKXj=#Q~8murirfY#)z(awsI@B|N
zFuH<z!-ae@`_vw1WC&AM#RL-ck~a#J;iinEQpc&Ao0DD8wTVw)B$HrAZHALdc(cPq
zsxVNw?=b|g{n0&&goV0e$Azt`*qViXUmz9FjNS<lQ`u{;cUpb!6-T~jpoNDA+Amwk
z!fxU267yX`^)-yyGsF*-q*`5pxlZI8Zx>FRYxM31{X$V&?)xqGM=I7AWOwo*E&V5u
zTe16bo|}@N3qm(|J>1{eF#bmn^>Amg{YSVMt0rCdTugio+`G_W8uEV!eQy=?Pxj9L
zJ;8>>yns95U-9_Qv+G~+KM%0S$^Nu8kX2N~Dk5f%fB0HDU_thfj5L6@1G0J%LDv$q
z#y@-`ov|Q$N|qczI|f<3im+&j*~6L2i2gr|Ej7HT7Rrae;vtMtneH3lyb-mX$~>8q
z_i?K?YLhg%bO+}uz&5o)k`kWAsyne3q92?-4_ka5TycY}R2gh7i2A+$eCE3L+d<A@
zCs}*!_+5<L%G5@nS%aNRy{o2#kU64Tep~}=`4yHxUpy&BgxNixwfcR<hE3>rZbJoG
zz4d=l_KiWB{7aY9nzn7*Hm7adwmoedPusR_+qOMzTRV66Zp0gL{}Fq)KK&x<Lq$|p
zoIEG%WM-}%AJx@({aT9Ab=gM&Gf%>}T<>`Ri^yW4Rnw-gYwef!N{J0rTTI*OskpQ*
zQu*(}`L04Y$8hb?1tIqO#P@uTlqTuaAm7)r_kx`HNmt2Mmdx?zFUVAu&=Wn$$@S!Z
z;gp$KHOeh34LO41kJn2JxuKq~e5v1IUVkNL?DQ(WN~!C*a@-j+(n9pZN%oywZ`%GQ
z-p2)8YpnD<sn@!$M)>Bq+@Ld|&|BVwP`ID6G!r_HijAgpDE()EY9)POzYo!F$y|1m
zg9=N{fj-K(gmHm>A<NkedU9?5XF%rsy}kW)V^dFQg?Qlxx`Ec`t$XFxkxlCQ+i{s-
z4#bPa{YeYfQDXPHrPUs)NzQMmzs0?99N*D2<F7nn-h>PLK%)W*V%+E2K)E`*bb)et
z-QR%`g0!d%V8+!3ld0(e7p_Aji2SIyCZD2ug7(5+%~btGQLU9wmb5;>o^t}3E9r3A
zu+~?N8;F^$q4=hJN9HU*Jb^7rV<57M)92S#U`kPhS;a1}?r8|FOJXNPqdADYPT;4P
z4^B2yY6Yj(IxA5R(I$87eavy^IQ)nUF1Rytn~kTMAnkhmC~7Xe*9YH}<2PlHLxxrE
zWbIWJGB)UP0*ktGjLAV-vj-9hYYj&E644{1q*$8BlZSU+`$-(@^88<SAHLEWet(h|
zOl<L;MV=dsnlbx~xN5TB7=OVq<tMxH>@jS4Z%w2JQ$4d@>QpzPah_#|A%Bam91V~#
zVSefE>;mpB@$HEVQ1-r_rDeuFs>lnYL5}B&Qs2tHbk_fN0P*D5l{{vwXy2a~4uvKI
zSVesMyHg!_<kaF9qHr0WxlLZslILFWs0Or0>UbBqCMhMya;2J(>*U0)b1S0EWpf!b
zENVHlP2fCCvG+iAA~?g}wWHxvt%v0$OeF?q?mXt~tGHIPH6FI#e)U>2Y@dzfHWfC0
z`i&&K3Y`TdhSTl09nYsPum53~($^NvUN9FeSzR8A8<YMrLR#qh<66jC=K<99i`QNJ
zrxY+<xlbHWV7d`nc0#zB70qvLk1zR;&fAAQ6w_*QU{e#zG7c&9?5q=J#Q^h3@BOk(
z)v@YwI$Yh_B(-<RL}%M)v3cb*!$<0ULrobS=RCh873?$vqVDC3wv*Dald4M~coDh$
zAE4D0PanGuFX1I${XO69^nCPlSg}_ocIwN@Ngr%uw(x&B%ahi_WxeDkRZCwE?c8t=
zeRtHSh&}It2TgeQ0V&rG4pN#0aq&cf1sNF#<CJ);ahscX6KNBdVYlS3TYBm=Nmq?F
z)H}eaR%js&d6A^<P5s33(P78RwLJ&XC*0IVj{CTT7^*#pgVPPEmK~rid2VM!OR&D3
zI!DG1@cnuI{qgt>WGG+z0cB!q?BwidVqo*HlbxX@6gwLe0RzFmPCPtN^vWLgCIs|y
zhL%dsHc<4k1dI#}Q1qe}j!w=5oJ@a@(k8ZM&gKM6%p42^|NHvaU2A6(M*@0LYXfH!
zVG|=eV-qMoKB#{`<?kpA&7D{jb|jyio_;$*@~pp}LaGgN6iWZVUr^&v?xVQ-1{$L1
zR{)(xZt+cDU%kgv4SkS<S|bs|)9fq9#}miTW@roXyg0D&04vDN4>wp1sA^jCC3%b)
z(CajzrVwgy$-&mY-VE7z5D9>a0T?wY50IP<K{86Iu{|=BveqyxxU4o>w)9Uv0EkpS
z#au7vJ2G_TQYZ+rPgTTXZxe?MbS_wCW&n-e42m&kOgzA8C>m7ZTXkCS!+Q*?5G`sR
z?T!hDd8+J4WelzU4ac7;;{Yg9JK-M4;a<)hN)nPKHKSfmjI;EGTsgq<NsY5q#kVL9
z`@Xys%;p%MwvU3-0d|-UpNG|gpczMcD94<^Daf>sO0^h6ly$_&PiQP$=M8FdXzwji
zhY0F5Y2W!Pr=j#v?q+4uf<^i6^zU>IZ?2-C^aSJ;`K6V1mP#9o3Pq(-RBBkfJhpGg
zquEhRRmf;qy=u<J3-?@HgxH??*@%O_53NViQr5<094W0vuyG&@1w(X@Y$bqkYlRPZ
zBI<l_7y-I($*yj~d0KhTef+u~4pD)zd`SAoG?-?BZ=R;6ihbdtfKFaE=y0pk774)Q
ztksC7C=%R_Pvy?6pRfM|4!OD(WD*^RiU!E-?9R$(WxQNSDfeNPG6m_1An*(gNG1ek
zEa#O;^$Af{X{cvTp9Ym84Ea#!HkA9G+beLa=n}18y0QJYTa(XI4|_)K*Vo5~VTUHa
z_q$`q$Jg!StFPKQJ{_H&4P6d7hMi~K*T~!4+qRRYPvx>4o7u(<4j|mNCzzssW=_%>
z^lu3h;D7aQ|7@$y4|^VpK10|4=F{r*_;iH&v!|OQmh-LEZoqA)>gF24zEH#lw2Mw5
zH@Ke`N!X@JbZI946-B-fGESNRlY=h?49ZNz$dU=pA|%l<0@KIeDiT=CLUOJ!$_N0N
zS}NcGr7G(O#usT7G#_I$J~E)}6x3!u(C+~;hP6ejHIC^2=NVDQi1XOfg?J(0F+j>B
zFBM^{(Xd|?JnEtq>l06QSh3CSjIBnKfF3J=Sug_?3xxkqJSS8pX}(ILLcs~AXpUB7
zc14)EauChnle!l62#cU>8%E>Lv1r5b?4n*ZB6O?~mcFxibU_ycKv6$3p`4?ch7FEV
zwjX5OuQ(0JP7<ctxRi4a5?(wKE5vbP2*W5aqbCGFyb4-t=Z={3)5K}U<?&rAf$O$B
zR8TaijA8^NXMysI1+Csg2-m>7xGmz?+;2UKWFmY=-XBb0Py@FHI>PxY97Jde2vL4%
z`r82g<xy@-e`H90Np$wA_}uOv>3d*p9Et6rhp#^Yvj*Z`)}*2~ND5e<tmuR_y{6*m
zkA6sUVSi{4I99sQoQ_vZ@l>-YfwB;@XqLK&nEM8!#Ac=CjqjQq)8Zyb<nJG({+c@!
zS;z~D%JoC82a<N7Sz8RmnS)47%Bb2+6o!*Vf>{U?2cCs%s-NT3!6PGZ3ky!Jqg}y7
z0@R)W_~i=l>g_l?%{*dHMETfUJo{!=Veq6x_~*BQk@uHOyFhuRBK?W|$lrOTTbkeg
zXWQwt{0x@fjvfwA&LAWP-j3gb>iip>8zJcUa#x2BI~hxFc&T>NEoylzIRnT!{Yyg|
z6Ae>K^Ew)MyxX0g-fsg#9ktS$28kD2+0tQtsncVpr0RYk*Q4llI(rA(pN`_&AL}|+
zJy-U>PpsUEe2#pQe5O9jKi6L^PD-+JTs+SomQSk|v`Si@A3ooUe0v_QQ@%duUz4V5
zoPCP!sk8J>KO|4oxO>)Lm!@l6eVXnovh*%LEKk(jK6G)^U?V-&i+`iTGxoMMBZ_41
zc0u*y8sz<52-2CCMzm}-sxpd$u9s>!F`5nG=pYU;n>@i#h$$q=S$qM9Duo8MX~m5B
zlchjJiB|C`x1i3m0JDOerQ6y=)CsmIUJb;1t<v2gE|l;TR9xP4$4&rl=*Bx_Q_#X|
z%Nm&Ik7Ke<ddjXYO@T8pUWjrGZW?TRW%rIElOpInE;I)z7eeNJkgV#x>@pvR7M7)P
znc5q2uX3({^Y80?)Fnl1VCI6d5cj=zC@G5{APYjH{WjuecR1)(y2P9$rA|6egG5DK
zQGfmn6$)8-gNWDqbR&kI<t*fdgvrigfAgKXxM6h5!`b!y$$XL)UBA?_{7oxMd0a?r
zUi`qL&^G4cHJao-6_O}Q-V~yeFXnO$^X|i-tq(8|U^YG!U)_jgaBx4!oN_A<A)GRY
zRubgYN?9y<#pAS;#I(jajnY(1_Th_=5Oxs?2JE4204cRV!itsBm$+_yeDsU%v&K+X
z$pyAdtULzMY^2+OPDO2#E3?(nrIm%{OfmeKQa819n$-6C26W*@l6b5^3h}Lu|9$a_
z0rUO&PpYIaq^8&*EPb=yYTBuvG_uBzrm&et*m|u6*zF~SX}B1QeHUT@y9%0o`e!CW
za?2_&ft!i2bPj`?6NzvRA?2gsxce}^tL~svpdwFvmH0$P8h4K(qGU#8`e}_z@yT1s
z-uZnb5ak15WKDA!^eQ#WWqo4J2Exo-gYtWa;g%_gsQmkka27(}ez_wP#c4>@un2oZ
z=dEO?QPbTyrR}x^2;+EVCK!Mz^GhidfJm9s-GMPCw8cQ&_$?tTip$`{8qSWDI9k&g
zL$2rFnJ`=5wY5k32YE(9zW(dqm|Namb6a+ItXrS-eP5RLmt?Ju(Du&*PW<m}5Z5QZ
zUsf7~1Es=sNodnMUvKA;Gjqv}vuG%>kd&JcRa7qp7r1$-B)r!62|l7=2rvFGU3`uD
z-Yo}8M+kA3OT#n3JCaHt=6B?gd*pg{O&C6zuI7y0{TM!9r$@e<7~YEoJEL->*AV!h
z$9D_#6Tr%;UtPbL2-^se^R-4n)pfggH?%{z;pKc_;C<U#*LAaWx_ug8Z{FW%`MldW
zUF;mbojV}iuD+v@RrnXBD<_{;3U>-0VE^Fhb#e*Z&2@f#*}mVLqJgNM=g8uLzu8BJ
zg~A>auXpvi>(BgZ?DmkC88PQosAW`C4hWQ9%cmZPsA`FyCs>Vop$(Jx)i|ay_|*y|
zfF<g=uxo(jqp2-=A^b7>RkayZh)ve_IKu=f0WPx-0w7Fi#l_=|68mlqcjUIt{|3jD
z9Nzd(^2WjPKgrv_$r&RvGvj|t&Mr01Z8z9ZzOGAV8T1=M!x77V2cX*9kn5z7rWLwE
z&I`$#aG_aBm6MQ9gmk@&$Jdi;bhC-B=RqLo3TL0Y!Np2Yh#$g3$%_djD+5tNn70$X
zEG(Cx&64Ucfo+E^5pJc_DBe{oN{ja*T!FrQSAuc6)Dh4p|LJko6f2oUFh(^m{t0F#
zTu9*E7}t*p)pFUr#OuO!owY(6jzne*KAq_pxak|$V|auHTp9o=4Qr9u10|D7pfoE}
z55e?gIh|hn!BSF;e90m+3k!llLGJRdixhIWVU^!%jn)6F+mVW*97b7$>@!?H<*>Y^
zjiR2)ym!$gFhcQWmLLvFVSmwSVRFK>EW<@u25^Uo^EPIb*+w~Sddn@5^rsMi&?vK2
zAqtruIzP^uz!CzYtXJ8@5Z(`g_)Y0c5NK9DXz0T0VCK~fQ4*;RW~~$%5`ErlFxHkU
zydJ<~9jL5#Dsz=jGCI6qNSQ{^FU0l|>f|40J%9eYf{R>uhQ#^0YYe6#O;6p)#7*a2
zriQ)t5;+7t_t;0A0#9Rw%Sy$Bo69gmF3^6|b1gN2bi593Def`A9))yalL1v2jis$X
z(sV4k0tgZ_BO0#*T2`C<hd^GWfjzCG%Q10ze5vFQLFHv?3>C1>sWAn2d%2^|LG+gz
z81g)JgN7Z4W^}vh8SbH&`dHO96iYwgmcCk@<<-?3(#_gH$n5<%YObew6<2)Ev=wvH
zVFOZxv-WU$Lp+2=_E_ZR7x4A00q?r8#{vdo5X&DS7N9P<SW6hYnZvqFUN=aY;KB^n
zVL-soAsT;YoVYk0X}5cyue5+n;A$Tp1mDW3n-gdNF$Ek=ecS&0dC!$y*a`{z+w(#0
z<A9g_MF(hwHnW8f%OEK<nv*x+pwoNTXa`!uEcq_Yu>anhC(kwt;4Sb=hq1O&YND&v
zSsbsey}dD0&^Pi=!c%z11tZ-{3h0ZC{Q(!d8b}Lwt=iBImV{%D%DmYdg7KGolK2E?
zst4p~A{7a_!(QdkWQ5nf_Z~&L=#J-k_u0BKbjx$ST3{a*7>nZ%D$}&;YgVI_`qS(j
zg}V`tAe!@TF8(-XlhjT0P~&8G1FVEUu&;z?o*XWp@LwU5y$$`2`qfcq#SQTX{$y}i
zOi84*9?=;;eGfcrSM6C?MxP1$wnx$xHpsbKcjEj_%~78Z?9~Z!!}g}cR|8TSaYu2^
za|xU(LHuc?vT=>&q8VR03AFz1+w{M9dwYu`AU;&{k5cyM#``s6{5iuihY;JjMp7~1
z-MKN=g6J1OF(E+64}3m^LOGXGp8Z)-N&Cd3&@{W#qsh>nX_@z(qzXM?x73eZ0?3N5
z6@ly)?%|;54p20BsZ!<u?T1sMdcdCU`$=%itb>rk@36P>!O^2rv5M{h^^Ff_uwU?o
zYofuXet)RzXy@^JHjZamPuuHhNC$&gxkk4>Nbk~E;S$Q!=RHBRAZk1Cwj;x0()LYN
zFV!|4^YbtsFy%`>b$!KFELcj_>v!BxB=~mt!@vBj;zoy7)eQ`)K^<9ryqQPiSj|xF
z_Xoj)2`qt%iIjD$XKYo%#JM;yJIfmiQ%}yx$ubR@X)kPIUf~ZVwn$nq8m>`uW^)|1
zU&$>^=!l5pWCY?#hyrix=<yLep&p2oJtDNcFlAf}vve~;7q8%S{NEH*v*Jp<EyUv?
z>sNCp*<p|G681as2H51*AKY1?B*Aij)Gam~_=bIMWC5r-U_?8o(M-#v{Yx%y@YCxc
z$Nz-E?EgbR|6hU3z|Q*LV(^lNjorp5;@6d4U%uWSqILV%YG}>gI`3}ng~22j5x6n`
z+_5C#AR<ghixstp9ye1n%6O#9(QatZ5FjU4SGVo#G!4r!Sm>|TK9CH~WV6-ksgGV(
zz~fvBF`BwRE9-+16V5(g)3{3E1|tm`mK4ah9*zU8_k4KH!(mT0e%D8KXvhJh@0pWP
z_YZ2n<`&gSrGo+wHtts+pO1-;5n^btz}5R#(Yvs%@1P#rBcPw|!-+E98)Bb8sh97f
z48g3Kjqjyv_Qgu34vEF7b`eJ0EG9a5a=U5G;gjP+X%NNUYvz}O!GzE@MRy1E$?^T0
zu?PfaSXeEVN9*>yp&r#B&bHc*7oi%*Kq?1uqibN8SMDJ*#s0|od(B`8d5ABW8d*mY
z8Z3?o><0&fEi?^NP?(~Y<2OQ^?0b{V7Atxv8zwx?(X{N;<*MBT1~AH+F!J>nq2K1~
zaM02$WZhH1JFH|t7!pG17ix&nnuUX6Z4}9lMUB12c1An;BL;N6B{ateWLB<g<6_vC
zppzr+IEE}^vG#ohiRyaDc5-RFyqmvpTjY{QVv`KM6)MO#AJfhq=8N6D(A*RfQWU|F
zRn?z>ZqzK1CBCV7F^p;&R}5As<}by;7C}zh{&w1FMS&q#wum#FrhmwMXhpP#IqiQ*
zRCqrxY_yDQ#rXGZnyJI^$~48<=m@hrY)ANCW<}IT^fU&LYBV9SR^&HJ8c{YECnl8|
z(Og!sA}S{Z0hv(dyiGobUfEEYK(G|OkZFV@bSdLzxVvWz`(h`l1@%njDZfp8zq@oo
zz{Il~!W4cA+#3}B?fRKdQ6rywwSMwJ>-x<fTkX@{>BXOslY<+_xop6>AV_&#F6$)s
zxHID$bIh-oEk^!VdA#1$x*i!ZP%LgplU2M=hTR`^d(}{X%P?cuUzNr32R2}XPn&*6
z_;9ody%#L3lz=?KbL|eS?aID8Cb;7$D?8mi0T21M46$=m#-(#eo@aznQ2<=DSyZ$m
zh0Zi14CjQ$Tml#aV(P}G#q@o3B46%f_KqvWf;gO0@!tXwB8e{ZKkkn5=J*6sTrlG9
z*B1N^!HGC?ys1e{K4IcFp`Wiq4nyJbyG<klUf%scA+p6Da&U;UF3QvgZMxrqO?{pd
z@qBzCcBkZe)UI$+ZfqOLk55nj0R4vZ=6xIYcXRb&eM^7njOl7P@w_PN*;_sMZt?VX
zZiRQ3*htuMIoQD*wsSl#nz^0ies?w7UK9U?4<v;zJ8WE-V|C6B^hZeiuo-^)WX+Dp
z@f%}A;su;T)>(-E1KBh1FkzDKhJ91qpYP+|;bC%3uFyN9qmXJ`i^#S~NMpw$ztC*M
znVDLK<w$5-$Sqf)x!SQVL>1Al`im`Fqo5~RY(q|QCvUSF%!Z!e?ecj05C84a;QDop
z(d+}P?<1?rtWdJ^oQr=-xqlyLhG%wkN<!{TQ`#k0<54F^Ge{>-)eWSBoApj7LU6Yg
zW@^0?KQsU*gVR<Va2ytm>o|!_BpXY<2};wZA>qPll|i0jXI>pBt+NH7+DC`H8rS;s
zG#GvgbRwu(9j*)THjx>SZ8f!GUKUuw)YaH4wLn&G%1^3G{>1dyuU=3t+-iaYtL&f|
zCm9{{xtx5!xfivO?hOjTmDB#KpGl@FjWXK{1T)!56{v!3W{Ocnr-uo1-{Jbwqx$o&
zS{-R6lLL!1v5d{7Ke7W$Tk~G?3*Di3yGMr3c>)7-)qy`$A*MaL!^4ZcoV@M}br+;*
z0gkYxMX=FFRLSCCpj`FkJjs#uy6l7CJWeb>Zb(EmAT-0KiHvlX(}~+7KV<0oot2th
zh|<v+_G2`b41uonPTU$v@$OAgS59do6k+=vv>W)yocrRCMp+$_+Fhf+YnEC-{K+^$
zIP7to{qRk%>2zml{3DcsZ^9DMrVM}__%)hI&sAqj12HXBtl+7Fx^T2$&p+yU(Hwi!
z3}koD^uc4&me*j%l^yjvmv;n&WuY10lqEPK`X2K$W-*(?kZGOsHo@}Y1ILYxEiu?S
zlDOK|uXK<rw4K|{^J)J$!BnZWs_GM`M&XsilW)ZAucLM9d2EH^UW_$HaDUEF!)4g=
zeR<VuOV!kQT6rA@ySA7z<y-Cx#d#pWFoWv}>|p?{T;~_X&AE_aw`c8~dT;JcHU!9m
zEQW)xg_jDPB2Z!JV30cq3ag}y_KYbr{s@fdgD%DJ%ZmgmrE`RZ-AmbtplBOsk)!gW
z8Yi&<K7x=gPaH?`RyKD6pYGpaMWcV91H<Am@|5=ka?so<n~rWg+k|`0b27rbbhFb2
z)u|?gQUu|~1H8Wu2I}(d8CDe_mZvu-lZ^YB;Hp*7<mrl^1DeqS=bt+g5p6VWEn`BT
zQ8=X^B5{lj<8yR%&X__ybdJqM)Q)?3GrGD7Eaxtz!4~JRWWz;;I+r$={d$9N))hD?
zZup2mb<Hh6{W!MpayUp3{932(GAUT#Dy+&Y5Y^8>1IVt@9Fl+4EM9oy2uU3X023S`
ztjnweQQKH?q1l%O1zAwT%qX`g8QZ~iX0sA@l}ER(%2{0$O{lXXo9A+7uM7_9ai3AT
z>;!e1n<p(+wV-inEHd$~@w2;i)L79G0)TNZ>`%xxJ^@|NZL822EC4Ytn&O$h&Xq_U
zw{aS7zof}$muySFE}L*5?-1{Sy~I3*FYr5BW);zj+V*3W;4#n|yfyL(hlJ{<#VdEh
za8PJB+;@D34N$Lt;2NwP|H(BN*_fFATdq;0er~tHhVY%;BQ)SAsB5H(^0>JSWO0B(
z`<8y`gE8MPZ{3b&Dpf7aIuY`D-Ep9>JW!rt4S|3c+qrUmB|g6CxErg*<D6#iHSws8
z7L?tzndQxAl!we!XA<Jz7UAfbQX)}f%0W}lr}6Uripjn{()8va^}X=Ac0i4%(QhV*
zV{g^{litr2oBo*keEqM<Q+rAb|Ac-9M;XSF{66p)sK+<3$Mb|2=cX!k$R9h`J7;9l
z$%s120Ga$gj}4ZLAHOjeK?gzI0Htnpsl1w>YZ+=;S7?_grc$fR$;_i$znk1|TeBfq
zZ=~2N3&>2?=FO1hN!!2|U`f*ukG)nt`b^B;cx`T=V<MGwj5&438ZCLf8avD&?)-I|
zWUjTJJz$t6U}LOD7O8S;Ldd-6)AGYAGDA5DTBIJAzU`VhHniyieB{K~IU!Np-8KD^
zTBOrkk%YU<SOLrJJ|HZpd0QDDhtSyHm4MNq7gQb7Y1(jy97LiSD;n%)Q@nU%5KD*j
zH{eA4=hQMuL6%2RBXz#32(dT-k8@#;Mk?tFiPVa<qmyVhx}EhFx-Ib(T{}06V0Byu
zv@JYnia;oK!!DYdNn?LLgoP&I@<|)~(z$?C?c)!{L8%Ho3nsb`#0|7v2dxF9kn-Si
zJP`OKLY_`&aNrkOSZ}w?QpgLKU+Q(3E-4kJ1NIy&PavIbyt)P=)?PDHGwUJ4G6EL=
z@}Nk=r8!81>WJE9t)^Y6dLKSJft$l1)rBKM!VQMSN|RnHE|)M#<9oVfG}4_GnpK<f
z2KW9F5cXVUv1J-rZZnw?$@0<4qkZp}O*|D?IXIG!Qb{tl1PR4R0b`4kA4dF99b0r{
zSU8<KoP_e=#!*oo3?IQV4$3I~eYv`10TE?X9u2#pw{e`B31#DGb#loq+Y%|*BAMXh
z;!jap*bN+y7UBfC%Os$9SV4vrzoGroNEWB01S<%y3&6<e3<(>)B2`Hd_PY7tydo;)
z58)1Nt>tXsT(0L{Ddqxy9{apT6&2&A{dO?~n@}qVd*o)Qmgqt9v@s$bzz<e}dKX5P
z^x#ihS4NcghJD-EFKEJxNH_Yp8*6WA6|REbVjQ44sju18d781a@jeL+)!$B3egQ%4
zlq*L-PE<6jEu;)75?v`*FgR0q@K^zsF(3~e(#fP%B^q`+d-kZXilHCvc$<--)G#fH
zr?x#Zx1IB$WE2$0yBH%ebnM1LY!N7T#{+ZSth%{+6wS;?RpN_ej8}(T1Lg%(CK~rq
zlxLutvQvNehNQE;qzynoV@?m}aM8z_I;X-b`zsNZ%*;H9VApb>AnGRj1=*`(jDU)S
zU(t1(VO%(4bh_gV@9~$P*9la)@WSDMJLYorheSU=E27U6v92P}y^*oEaA_~X=`2&+
zv7ZXIjIH;%h6WaU^a>$r9w6lBGj!{XxkT9K7qegM(QiwWr6f!Y9Zq?@J#Ae_me3zF
zYd*AXfY?E>1eMLfd27+C=)r7jlYkC3B73|a%?E~Z<3VRaXvVY^WBD$ko-yKis19tg
zV*xU%!Y?3UnK_W3kTtuRQtZObnT8Q&b53vjvmlTzf%h6#JGH3A)j?$~c$<PVEW472
zSS>liw}`R&$t+?m!uY<d`#-Q!Y0<yn(<gY8?&Ms8%EMBT+k&XB2hOx;pSo)*0<Ga6
zZ);rCy`P7*A<+5?+EvKjMbe8tU2ESx`t0IMgO!*UJc-EyTB}%f;8`&&FFQ72|43}X
z)aXWA#_LvO-TZ1v4WA|uW1ov-PB?wIY@};XCK&rv%ISrLu8?na!7SG%-2me?I66as
z>uS^-bGY)?8=1T$+ZwOQdzPu_$>fpoG}jz)a0~3TbKiof{kjdS9@m7Q`qG*+3}4n$
z{AJ>)EP3+lWbn02mA_igE9Ur|&`GBWqO|ULfI$8EA{U%R9(&>%CiR9&b8?&iH(S~i
z-Zn!P_bJdPk}H-?u7T-IV`nCxw-3z5m~~uRsBvx^AJ<dQ8cl3=CdK`N*Z>ID+j(4i
zBCOwf-QtI;)5AbG{{H(75P!y>94Sz{uBs@q88gAZ$ax#jix$7bQ{mrDv#X_J|AyxO
zYV}EKR71i?Nj#H%`KV3zc<^w;vJ4p0M1-7vG<rk#vb!Prhcv~;_Md5rnUUrHWGRCG
z_dnyL_zBqo1_Y7k*9Z-+NQ@r*2_edSB&4_tNpzL@d~urvQJ}#cW><hB9&{Y(jJu=v
zam;}K-hOXYF2DjoQr-wPvEwjReuCznA?V_qaWj$%Rf!c1!{r9Xphx0GU`Eu-b-0HH
z5Q*tVz{<L9Pr>#F*y;8(zf@naI5t5eo-Wd(9~h%<Whne3@)}&b;12#Li~CtLLtc-_
z#<1UG>7KV6I#=LBHWQwCoqLB|FtN@?A?EN|(Z!i5K5c%}LD_kjQw$fP7F{w7)d$-M
zIAFU^OZiH`LZS(fYDdU_&p(VWZG-rVZ-}Gn$grq&+Fz@<C*7Y9z#<v$ySkT1mna!i
zdH4B~&X?2tXhp@T(en99w}@G`Y%x5>wumwYkD;KrEGJ#=h>CCA+O_WN9Rb(#JpzB4
z7Vh~Eq2Tz33Nahoe;<lVwF$>{29&LPRLybd3Qwu47*GIT@q)#fPBAn*#V#erh%498
z_3vO|U|O4BLhNND%-zjmT+e?tLybcyv|$(r!gHY<#=_Z<WRe3nfEX8NVMG$Hdfq%T
z6ddm<TJS0A%tJmt9eas9+k@rYZf5TKDxgi{<%P}C^FDs6_cHtH$IH#J;_1NB-yKSQ
z*$VJ7^v2x(J_PCH?`y*Ku!GF?RMp4(C1pQIIhPGR%T$Y170(tRUI0>Y@1fvUEukn#
zd+fiRjjXQqvoWmBw1F)`@iNQU;44%G;22!u27SVa;-e+A^$fxhn)2fh7NbPaB2PYu
z6s?WGNf4<;vAcZ%yX`tJERaB6lyUkwhn{%8&EiM26%Q?;{hBAW1EMav$wqL=l1%N8
zA)+Wv7d5ilp#8h&%+9js{3HZDXC06GyE=M{+uRQLO7qYp*yx@PyPHZs?bW!%Tv7!U
z4A*ltO?E$n3>cY2IfZvTnfRZCrnI5TE?~qOC9=d}X`ICuU8^uEBN8P>v-?4)O%xR^
zbeY6Qi+pA%iSIiww$!u{$VwlX!<qA=c^4T@$nxxz$4ypw>2x!CP6N3j9y2k@?~O%1
zt)RxN7dt&8viGmXaBzDdJ#P-Y4f|FeDk^SokzEDOKwgN%>)q^d-KPc7VZJsc*o_=b
zm4@n$rAo@PHu`iIfFwuG1DBmM8u^)&FZveK6aN`?EZ02D$bbTZbH-fyZMWV>Agl(C
z8;U2yWFL}#;+pQGS+b<7vhc9ryQ#{^&x4KWq6%$f_*d0P-KP`Oa2{JX_v__b@XFHN
z%*KZ!gMK)|-)(Xl)Bt{32I7^(9i*b0=~#OOnFBmNt4-NiWiroO_=uV>iZ2fQj~}0E
zNc;cvq5mW1u>F5vj)Yx5148iiE2@(-oP$m53NdXFm10rzp(rN-uu5TVgza~?QRojH
zxGEZx;puz!Yf>aoTF80In0~+c2(1!>=E-JExBl=Sp^9Ex!@nhplqxzv`gnPMd2Jit
z3D9%>b=LOKG(`G8_=RlflO{qt3U+a|QBY$vd>PrvA164bhC`5DxOk9!@4x%2mV5*P
zf%t=0SZ7|3HaG18TNrceL~vj+5U5cV%a*vEcgkn0&`<HuBgAi2m%sjIk~nT2X~UiU
zeWilMl?_q)XDf~m@h7~UL>s709Cq{~I|G;0>=M580mNU_iHJm^frs;sisZ7-!=Y>=
zHI#JaKT{yGTV1*`YS3%(_EqaSrdab@xia!Xsm#9tu--~H%!N=%m_8;5@Mc_{KbCj!
z>RfCj<M@0h<Vfv@>;GpkI2l;}GXXF%u>AM`rBb9~|LPRK>n~I;N$|4#!O+DGwzWdq
z*<VUK0sZ=<>uBxCI2y7Y-`&hOn(#F^9RAU{z5Tt897Lha`z2`_$3r(pcuEq9!~Ih3
zND@O`hAl6RVak>Jn@+ztviA8pBDCUjP#h9Hu;IVE^%%@}dD7s;o_saweB4Kv=uzV*
zN$-=bZh#MsZwxg&@jqMe@wRCL`BQr63|U}I@l(2vFnfGMcPvc!MfFj;0`{<4<_D$r
z#q;TRlLO2P9||Rjt4TZ_O)H+WECLy#nfXbd$wCFJIa^W7q}Nsr=@Z?>ukz=!hNm{a
z3#?*A+^k_`gTJM8(tXV?rb2;B#A9zMj+h)u{8|8J&XQPl1d}3;Trp*PtpkTy0fc);
z3UtV)7lk~4w2r`>Xcu}JZyDg{j;e)3W30jf{dKz6lC$QA!<uF$tCmfih~{-S6(xM1
z%vOddch1Y<t@+Sr=%~0dlxxayBu5M1*^2tl&Uw+43ey^X+^O=6)q6!$6P#WXn(^R{
zmQaGjOl~y^x^ymark({Aoh9t~(-Lx|bk=A#ZItDac7YR%W_Y31b!FqeMsUTI;lyHR
zZfvZIt*^0*UZ{Hu)-wDU{d5$SJnmI6#@+W8UFf^FI=b}}Uff9f+Xqtv?kk!JsGL)B
z&$s5D_>d3gs^;sA#1W7;{a;0_FIVDU*i~s}>IA_z1q3J#Ug!SRe}+(fVKk@;XYQe;
zwT+20wHr7J4sJR((yFT>tS}IHi76*MMdh2LO8pTRHALkFMC}XZfP?%IGp85=&XE7!
zr6n$PipqScEqOrXkoys29}{1_*67*ObWW$&)#2*1x2`eyl6CbNGmsLGbSo22RsOl$
zsF&h6FAT%s@0IN+FUCO%um=X)1MP<(Po3HWJ;Nj4T$|<CE&Ny*TmB88B^qy`EL#G)
z4^PBw_Ou;74Tx<Wb9((AIOfhBwT;M^LZQ_riJDnCZf3#M2lW6ZuCFEJ1%eC!LlRZH
zOJIy+$N)iF<c(`>$g6XtU;^L5BGJh;FNSVv@J7pX>gH??Zu=;2pt%)sTwuQx*Gnp{
z;sck*wo&bBPc2nojHmDMaleWPe}5C)iwMs|L1xvHUMx)&SCdZcvDH-MIFUFfibL_|
z?sV09EM_&;)X_%5jzE$M^88%Bj>nnrAm~_V+I~>c54QNCvh<h?VZ+?yxAT`5vtgoX
zv|)-`BpXOj$bdO(W5ZnZ&WPg1Zb2*)5s{;n6%~{}f#IT(WL`QGvPvlZKpn6%RC*2A
zNu0`}>#p}l0*RvN5zoslK%p{}%<Jz9>!%2Y3Q$0dI!hEXK<_uFR*-PY5H)!9kb^7V
zx$xDoGk4rJ?`f8Mo`~CzMB$@D{{~_SQ(gZDgkfa;PlRD+`nN0bzoM99|Du>7*B%j^
z?V%VO2aoC$BFaL*0IgF(NloQ4tHk<F-h)C)6HY%GljM)D;~e3DTw+14Aq5P1O^0)q
z#B<{ud-6;OdzjM|rfn;gb{Ur)gv|lw!4nyx*oVfE60?s9o;D0Ac=J|RRiSPI^u!7|
zbPq5kHcy<G`#zc+5~2Xe-&r}MJug1F3)J8Gy#l*^RM;on^)|Gv0$6J@DO52(8v~>;
z9kNRDDSuKD)mN6mn>dx8)Gc1PDoyQZHW)klrtbuHo#-|VlrRIKc4f?#^zZI9sZ<MM
zABqwmQIAfuogTm!I|O~e*XdxBs^j6jwX&V{20IoWCWl>yJg>#E-G%5ZU3Zvn92I!J
zG6{?wyQu99b?c+j(yviHu}rw4NGQ_ffS%QxCvV93cBr%HNd6_7bMUl*QD*-X5YGP$
z2qP=UznSL$oAXbp+t_7tAbe%(^@*uc@nJ{VTxrp@sk$jT({I_yG!gAi<=599k#>E&
zXVk$$V*?r`oVi3Iru2`~F!{4F>F+5%7-Prcgjt@1@Q?`GQZ8q@vk@goWq8;@@5Mf*
zEB8&u!GTD}J05SoLz#~o!2{p)^S@Ib*W|9#?($Q^gc<C*z^L`{@T$~Lw#mQmuJ51E
zmrfq9%}`JS*Y#Ekj=?&<19}XOIFM!|RQqmtO-1t16^Uli7^DK&h1`WigQN_q+E<H0
zW!WnT^2bk>J24?%lKnJ<sVuw-bO{hh>UQ*&DhQ%JJLy@^!ak*_N8h@tRT)m_t4k}u
zh9>xcGH)=*5z+GkK^nl+&|>};B>)@`-yDT{zk`hDd**F2w%bGRyEh2yZ#sw?Rz-dM
zT_O2b8fe{r(D4q7BaMK#lk}=F24K6Vy`;2DMJk@;VkhdJu~|h7%qf)MJ`Cv!At6Qx
z;)0Nfg~7MaM>jA?3-MPuvOCa?hC@@-w7BAY4u$sVxzxWHqB7unC+|90nXIrBt5NXx
zm>W!2Hrhp=Efcnu?teg^Ek0i@(71To>Hlc+9z7o)MAm6=XsA8~jsjM6Kzy}`Bz89e
z|M3gjR&A2rA-~FfLoJOJuV-w&zR{88wc36sKv5V(S8iY&g*bChf^9XFZR>Dq%QVLn
z`+VkjSya=G>;2VQEj3ZU6^E}TgA{^;QIeLBBRHO1oQT*Y29ub{aA4nRyi7}&JQ6fq
zg`*M@jQ|7>WTP+>e3{d^B*XA`&mUPNfbgy0J%Vb(*0o=iLJ(g6sP`s>7hj>w%6eG=
zuq@-U=~^@01XkOPjn|4LL;m=~47qh|ei?`&B9>rxv=EbV<aylOf}QE`!9{qqwaW^A
z<wk73CN5AQBZ?i!2L4?<?@loG_qF|6L2FRlH&^yXKGpixodt@#rNG^x1&oCF+WlJ&
z2PqH*0acXg#Ru#ibtYFrnc*2embcoXx7N0n!$zNAUt%nM=vyFt_4KW~_G;*xKJsDQ
znu9};%l7(;j*W;B7OT+KMI=-+S19o~>SN@z;MH08BziYP_)6Hux}@#wPqS0UY@V?>
zXa^~~vtq67WR4IVZZe5_DA1#?_oRKk#lG%7?YzQUIz@Stt<`pi97EQQ7Win}_xc8>
zguvYa6epPFavD}bQOwGUcd~)~V5y4shCA#A`3-B(nT?<QR^{>xshl%u(Nmhgx+`QX
zjk=MaRjO+&2B`y~fzkiyL?D9wWHD}|<+4HLAZ0QgQ6+4w>R)g5sTFOJbHkU~5@MMP
zy96&te9Kz15o^-6oBO-e8AW~l@v?ZJ|C9|dLzPCt6A`-<E(*O-mHX|<2fKj=>@Slf
zns7#>2b>hZ@CZW|+U~-$m{Hj*6a7`f>>}k)*lI<|0+&ILq2%53cj5Cbs%)bo!nb?(
zb9Fc)w9acrsl>!ayT7VQ&#844HrQ~}scN4o#f|?I`_X1O4;y`H;YLwbMZ#8HW3g+m
zHX)-L23htYRDo4)#ry6|?1}27h?6hF33O13j6r`DxaBo`(Kfc~MyU*ntfl7}4bD1G
zVjD!2@*({#js=G3Y-Q`u4>|2@wo~0-^OkZo%z7i-;T={C;x&Y^H$r!(%#V)l;8R55
zNJrkx)X#V&laG2u&xlt%c9nsMRE8X7fZ9U|T$CDIDp#zFM~iVebL2fwup#g(P3?7a
zl%<aLmLrd2-at#t@|6B*W;+N<*y<$a&9z%~KX5I|heA7`8lqfprci$TKU)tPW(nU>
z&pS}oI}WCkLG3?EXlaM<_exu&GCnen65ur5(CUE`986PUl3W%aQzvk$dx^aKC*V(q
zbEV{7&MDrhaAWFQ{YLBrHK3fu0si%JvyUQi6V6$NvJE%L*4`iw{#8m3kG<?5cF4P~
zu4A00f>N`d%MdUY&VS&W2f&~-x}4lrgPp%P#C#X$LO+0E0g)>X4=P+VVyHow?I$NV
zdqR98b3u6>GfWRAevvR)1TiMxf2XK|)e@h8x)&bL1za2CdQZumuO~i}YiE<l@a>Vr
zHBn#03aygzj8Ee~JpeT%63o(dhGg(p?mdLg`vR#7ihch>0%H0n9|qHZ?}h8q)UvA>
zM)R4e*+rDvSZHJBIlkCZEmuBml*oCirZG$aU8?H>BA4;?UeWIT)vFJ4LZLWm(%EhB
zvYc*LWrC#tLJSm6VW<w8s6;}HSE*;)y^{+e#sRlEQtwgTV<zh0G+F_TQMOAt`|aCJ
zIQ>@7)bnuhee!i2niB?<D!`OX(&`(e(aXp?weN%M1>5uC^S<!8Kl83<TgwJx>f2dE
z>o)n${!$^T%K(HpNRg~;`2kT(Yl1Mu5Tfqf&&nc=R3IKe>vX&FX(*x6%4xeW1Ykt-
zsY72LNpWuR3uK~f_?(u;B75)376Z#gQCyVXKhNP<?d{UjA5*UkU}wG~-3=h@!^E)*
z<h~AP2zZ=3hsNiB<_RDPQ!puc|E-C4pOtlbE)>SFhPSYP0BAOYRLTu_oB}XJpp-n)
zm^BL`Bol?D3ZXn#qeUHyLz?9osSttE^M!Hzl5SObz23S!yNaF3@$Kxe>Y*SaA&Qvs
zmm!gd|Fig`hr4>kLLrxpY3OFZuSb-)Wd)B$fA^#CnSFaW7$zx#0GNH!(Owuq#JP?H
z<Dhnt?!kwFF3EOYOrNe~FHc+*jAOY@J!z-5*YmWO<vAr?B&?#;alsCQnSDIRFW_{+
zGOD?KOizt|%(ID~WGD9Y%sif5A`Oeg@Rs$sB72Q*!`Xm31R@1w6=x`7akb)cJ0$Yq
z`Yu5fkx-jb654%o*Ayk$QpI(b)`Es0OhB9%bVw-5f66tq04T^$-uPPpfq2hSPzZL?
z-Q2dO`ShyHi*4pwEJ7cW=cg>VlxUO{c1Fwc>VZQGTl~x_WlqApZcR2bGd|Z#Do}XW
z@6m-7YhRk?Yg<VZK+5TG%<H47?@>cngInQf0#tDD2+;=b+Q1;t2D(MfXHidfH$4h;
zRSWAY<V<7Xu0weQl&3p@oZcescz{vS5HemQD*TXn<FEZxnDHXBl3!CkoFnQM81)<i
zK$IMIyGke4{NBi)jC&hD7*<~4kO2gM8YC28^TY0*^RF>PsdLBkvM)>>CF>@Ba01wE
zH=>hyw9~M>=QHS-?JyizO*G|C##*iF;cnqQxA9WsC~@x&UYS5m`mCA`HITAbj8&2T
zwDojEUz+Ip^r~&)*@^f&l+2<gITuI4amcW#wOr=L2RYCy$8_LU$8j*f?%k1m%Opy;
zD6w7#eyJwl!n8g1wBG@K#Oy~k#T5v51V4`d6wMT^7IlqOy$-G_Zj#1}p=(6Gc=kM=
z5E;1G)>iR;8}5i)@>~9!##@X|DBFE6@FB*+D)(535q&J8KRYwXZ!nrE(!(yOx{OZP
z(FDamgf}p|sQ$b+?-A0f{pv@Gw+hsw_4AnTBk;n_cq>z<>-f`m_7?|@oP($l@3b)Y
z_MOqtNt~e%=nbQ4#}}PU<c#L#T|wchamVKBg-V>IbKy~*EbZHVZng2tz*+l({&@bn
zriZ}(vNKT5<CRouC(4{8PeSDm5<hsB$qRlY!#EO!Cm{pR!_8jksu%~OmV$Pa>~NO|
zF%;UOPX)6bJL<k518MuAT2uH|?NL4^@slRqg`S^(P8eip$^~KDI{&&Ic$K&vNL|?e
z;ikz1@sr2A>)tljNok{23l*jX&$b$U#70BUZncu>CvT2U%ai2^d_xHw4s;lqu_8jM
z>42@Mw81PW$Q}$4zM7*syCFgmW_(H!oZ7zYl?3c=-XdX4)D-89OP#3X^5C^3Zuu++
zW1#ub2rTIkuie~QC$bW2$JPgzh!(2+@A=SM=;i$iwmx%~@cRX8j%lfz42pC?KgLv4
zvugFtndb_Ij?=5a^xUmq_oub26W*)S7kihSRp#1ORVB_P1#V`%C$t;3mq*~|7%?{+
z##>^8b+L=b2<pA@>B9pOY&h_3U%(lpPf-40h6822NvT`H4}w+>j@gmS0xQN3dE|w_
zeEu3b^@j-Ek)o;6SzX2*E>qcsF@4c-HY}<KunO)QfF(z?{Gf?vexCJutW^Z!z}L|i
z6&oi^>9|z6`%nqCOnwA|bbO~55Rf#q3Mt@wm)tG5y@EH#_7O@`znZN6&>n9ZYE5ob
zxPaXR=ta64rk>sVJW-?baQe5Ndmyu^Hw3$Ow2FM!f%j>SpnWp`UVPWuWd2qM;!lHz
zfaW$BGWDKt178fggMQE~A+n0#)x=}Eq+UKja#rw?wOTwmFcF*v%=8XrVR2=w=ltU<
zm{k?079hUOP2A{B-QTqWw~faisBCn`6pXJ3_fp~?UXT)_QW+fpKwp1+E;?$AbP>f=
z!^m@c2<SaVDWO7TT-0D8SxsT}n3WV?VrsTD@!;c1sy=Qif!bo~hi82FeAg0Q)@2{H
zb(4p~A^Pv#NeeQLyGUO9^wn6=H>i`62UKc$TtDtALwN0mjL9({z{Y+wknE+u-i5!?
zOfggfc^35fCxqfneZ~4g`>gNf)0>r@Eq0JPl?+W)`{a6Ws4Vk&DaxtAHT2Lo`j)BA
z{DGzBI@44L?0N)Yu-TZV;mt~_t|~)2T$57qYi(ebDFUkcbO7D}I)TaU+{O@*eg)y&
zcatfKhBR!pJOA#g+pAQCZ6Yj6j3~WMWTU>|zJ<<-1R2dGX(v0Q*bJv3ML)XpWi{{x
zNoTBkwf<okA4usz8@wg6v*9^^{2rdgPYsS>^{h*4=rLXQ-_y(K<ugx<^%-HJz2rVJ
z;frOkQCv%jVfMd6Z~d^!c%;_qB4@u8VgqD6_pbwrQ|+Toe^QRpc$==W9R6+Qv$|>T
zm?ZDrCRvYn{i!de3GXhXQkIA3+`4_Da?^DFY>@VNov>6U>^v+|@$+Fc)aE$`lgM2Y
z)u%IDa@F|*4}y|w7+^xlK^Z|@97S@>*q{5}CZL$DD4=dn+CTI9-uJ+>`y!RyMTb#W
z1jDh?b7;!3nYtwx3X5Rt298U72HUa@Kh=^jGLP2}!$02S3q(TO4f_u~i1{CcI1>}|
ze=WqDG_{=eIsV0iZVJjQ8<%x_jOTfEc$;_|GK`N+JR=+fCA2|OpGem(YIX`D`-X@0
zCsoS>Xb$gjC32=kz%RgVLV0N*^MRfrh{eT^Y1!QPui{{g5j?Mq*1Z<5(-bCIG?owv
zj(C5+eV=e&6v|QGE~J0tWM6&VGOOYpi3b7ymZP2pUO&toT9|)d_<mt{f3>(<S)h0G
zM}sls=e;C#`}1k{FB+8l<5>s=iio8fv?=(;7{aJl#0)~NI8pJtMdzU)%I5vtIO3CI
zroe24kvcNPotto+9w4Gja;o~w{LPmo9sZEQ5Ct(=6x)^tIk`Kc+XkgVSr|5VG1CKV
z2f6bJd@la$s4FcVJJunBqhMC|cWjfzPY5)bzlD6StF)BfFeDT5Cj@kp=BBeAS&rud
z7tE89^UY->Wr9q&xx3-N&9b1+Bnn~BOXS2qR0)cMkmq#KV5nmp{z!--9@*-AJ#u95
zfBE=+pWfDWsR)Y;^gwdN*Fq?>_2uZ|<jvzUh`u^BlOsQ(pPIJBus%k(TXftx*8RY%
z9)En>dJ^6!D$-R5f8*+4-+-c$VH71iL9;?eg`QeXS?xj;ds?&j0bKtCWuJ=Hr&cMD
z0Y(rIVULp_I%Y2o#Q>1bPKywTnoY={Bn2J-MnW|N;DtS$?(MaNzNYAXr+(f~jJzJC
z%=AoW`}n>%r>nEin#fhQGZlmtm45fR`qD#h%wC-BE)r?dkGnLY-@C8@-MiW0Cx@SJ
z6$hJaW(R=h71vEDer{XUS3)Zi{2{>yr`OJqA_!n+jfovF(Khb@GZI%e1<phw3LA(4
z6Wm4jwAkM2raMT|8sJGk5m8Qj?R-JI5unEnGj(|vBP}HpKqY?ELXc-Kul|u)`$NsB
zana<7YezWJ!;)v8=gl^5p^`yhTE}u!tx6rLV;hJTOr6*3XL_DIZth9sV*Ba~KU(Qk
zMJFYxeGtSTB?|Vnp>Dc{jp~uB!_D}R)S<c8EUz0bD$v0S39Sw}jghLd>io3lTgx(u
zk6rx&ECb(87K3q<wRJroE2w%dRZ785OuacWx`XRBm{U<3-!xckf&nb~N$svS++#rF
zfW0F^+3rjFk$5w{Vl8u30bDf}q6@3-!Xt7F#-Kaw?#}_P8^N_73md!C5w%bmFEN$$
z3e8>%PxRya7FVl{;@x10v@}C^MAYaA-JDKsk_{n1CcnQ_6$GREbgX&rz(v+gHZB#y
zW8q~xc`On`>6J4|v<ZerFpsE>wapVXN;|MbH6Acbe99C|Uw{jw&0`gOVp=?<4gw{P
zhe<&CoQ&Rs^vIIWEp?qs1shRK_P~Co<G?uAZzT<ZQ}fAv{oS;oA5S=()cf=^XL9$I
zYnu<9{tXv1HC%n5JTU$l^6BJNlU>O?;J3d*z}xggzgihk!fGc*Rn7tpr7oK*j(^bc
z+8C=+Qc1C-gx{b6R*DSj@;aoQG|FTI!Ue~y?&Ko@`Y*wS!q}{KzwkXKoMW^muZ}2O
zUBrPyk^!3<ihy>tLxUsKydEY<eKoeWPp0}E9BFW#MrrUUsphK=8*6TY=Ea7s)lOk4
zCRhwW8YoLmuhGUv7(p!J1kW0unqj-OvZmBLH9YLx`F9^AbJzocFOEs-@K~*EDwRJ2
zZ$g;C&!0D$@Wq4-BqU3F7dO7SbVrAOXLr6s`<)<Eurg$Q{&DOi+|S$sRd)d8Q~+^P
zJ!0E6u*lTtQ5OMLsBg-wI3dS2%CUUr-({?dYL5*X>=@yM%a)GhLpes8cYu80z>Epd
zRCR~`DWr(N;0gp%BX~ikk9@Zq@2Sp#w;5j>(<L|CR8or~-Hcl1O!2=cd&d}0zUXhT
zZQGu<ZQC}!ZQHhOW17>pZF}0b&1r7$v&kk;_LtrNR;pgqn@Vm{=bm%V`9Nu?J$hAr
z`4_9YqL3g_Jl>t<Ied;#Hrp+gFmIe^kqPIqqeCm)PLLPKrpXvX!M0k$)@G&ga&Q*G
z^%l@pVl9Fn(N0H4mXwABdu`fngPpg=vG1|npJUsB05Aw0wkVgMPb@HLa*fZ<gg|?y
zxyFE|bp^Pt7`iRiAiyv=A#T_Oo}a2iZY|mpHsl+tO^-A8Zqgsv<PJ%I*>18C43|=9
zae0K<N(VyG4|8hACGA;2mqSwAW3(ik`;0C1cGw$HYwL%uO;2$D8MpNE@C4PAnB=xH
z$9sK7F&~w!OtN+-)$COG{iV~Ozj1x@yg#BhR#haH?~2D=#2zXbRC5(uxJQW{7lw6D
z<C$!M6kJ`Jen_ez<knahr*(A2C)x$vKx%~Vp-8LAFp5V<hQL~BaZp-tz#XV83ZfRf
zzW7b15iZ{`&60pLmKZrniJevnwwxDsiGjJw3PqG^j=4HTBh-1OEm3U%mRou$w~KFn
zaoVVcZ2sg__}odD1MkY7xZHSNMBRMG!131W{4JkV!fDN%uMW}d$l0L)tR$#2L+v+s
z+_rgYp}uGZcvyblbj0c@prf}&<~%H#8ANBM?>Zz$>R^%;|FjA@l_tG<vd=&%#yZRV
zS=RLsYET4@Yw#fgFY$s2%85TqP&?!3A;hXCk|?-ckifb!-}$SO5D+dw$YA1zH6lvT
z7ftZPJBRMiv3FS5S)eN2@bHWoPUVY!<;6X*oFOBhFQ<C!wy^{$6l*nR5gl6vF22#^
zsi$_lu1+aAaFm4&8;^wiU)_0M5BZ>Fqbjg<^_GXd+(>HGc{*xo2gv8B8WxL7Z`HIB
z+>sg+g!VfMngEO5L_kuKo?1Ha-ZY3R)FsAM$JBTSw3>qj&jdNv$|U*i;RN{{H+{CC
z#vug0GMI<Ol3W3UV}6Sr2)sjKjhWF9?MrtjWi*Y+%GiFFF6MLAdf+$=trvtrHV=GJ
zP1g9%hAPd=F)y>Gt6`N_s$b`Yy%~kE(?t)7%nl+ZnR4*8zD-*wU!bs*TK8?mq>Yii
zj}YeY=li9v`88C*CzFgm1=<EBNM7%`-z9@Fegx&Q!1a`~ntH9<Ko@p3%m&y|+{vRr
z%huX|(Ifx2Qt1Ch+k%sw<NwySVB%u^A8T7oYs=Z=jw5$JXgo5tvvyYWRsb0Xeg>d`
zLO0a;u8J~3Md5Kx)JTRF#ys`zXbd9DMZ0jKghwC>JDXKh8g$px`0<fOUIry&=}BAM
zQpjuK?e&m3(RySRMjNg4|Dv~up0s%xMsImPm!=|>T2mYN)ZO4uS}UhqKaJRxbz&Yh
zOT<4)xD&xgZ{`_RYQBRdzy_gON*rNK3ewkx$GHV_NhOJEUqy7y0U`Rk%PA3~W~f3f
zs1D%)5`}|rJ%Z$b91Ns0P0w7G*hfDC0%-2YKnqrPtQWngp;vc77rK=`1pJ1`o}-2U
zVWQGZNzx;EKwODri5Erjvv9-_r0LpCY*P)wu9QI+f;Ex{!BuhsfQZm^%0?BicHs4A
zS~ziGbG2p56ehZkE#X<YYQa+orUN(w%N@wzaPUZwK8Q4!B|gS72;qb*XjVxwmQ7x<
z1XyEIl4y=q%G-?gs4^-s@{$0`TwKFlYIWDU^~|s85LC!~?S-M<aQe2)Bnw0(%mXf}
z!L`ezq{C=-)VG6F9cYgluazi3;4BDag43rZV|X!oOOi1^Adn}tuV0clzlId*G$xe>
zcxilKlh;UO+Q5(^O%Q<KX~(R71~15HH0Cn$jp#Cx1wr<Qngrz~lok$YMoYKkleB{y
zGc333Q(9pa)fn)*RBIuojm_ggp~Fz&6yUOKZ9iDS5rK9YAwYk(<AK4~KL*8%5&%7_
zXZFkRpnY#Qq3_Gqchj%?7MQoy26FotKSS?&-Kwoh4LhGeD!PoFmX*+7V%NI5SbAN)
zK>$Ik7qIc-Y}i-a@B8@5Z`Q`x-j!Cm3*5n#*5g7ucz=C5bNlS(PM3px{|<)(_vst!
z*5SwNMZI9iMZ{@~57Jw<=qJ9?QLBaQ`BypTULVcrtoN43rq-|RDf?0ZT7UO+H&W|o
zo9OPNJ3jI3nq82Ua<&~qXqE=ka*N3%Fk@8(lQU>0hN#x-(QJj-*2n0V@+)HqvAa;0
zF}McpoWX<8R3Dr;;gtL`wBvgen9&^u3>l9un^uNklZ};9IlYaUX%$i1-uc(7!KIGw
zuZ`*bmHF53BdhJI^~AyVJA={MQ2~8rZ$r)c0Q$&=)&-q8^%NVFCt$e34DVx@&KsSX
zosK($w3{>pmglnfr*p%Wp3Z!E@`t6-aWLSjH1~Y+<fr`Dej!KG$ZcstmiNDQJcq{I
zF&BeY{~XLS?D*L$$4#1F8UHcLH9F)DO?0z6x$05Ro;-OiAC5WamHl%_s6JQQAP&SE
z7Zb!&WTFGP9GEq6Vy3f{b|$7yVVwbmu|jom+nOqGuNZ6F3vi|)aLK5+UxgzDx99OV
zK5tAh2hA@_DP5uUtk597O*yO}rVKci7G5sB1ZjQBzi8FLm08nS{gtbUD?`Azy(p6M
zc_lv(*<3kRs-6ljzc`wm*3nXF+x)+7Hh0^z_4Vf5-U^ZB9@%+{loi#bbQ9=&-vJOw
z5`IzsoYzy&M%~v#%Qo;faODby(q6*Azd<O<@j!blK;x_M`v|1qclS)<``7`+r<IqC
zNoy)xBa+;p2@%C7_~Od9vMykf{Gdp}<9~Q!>O5wSpc0%Qh<^WgYuW}X-Z9}B7b75o
zK^oVF3V=dO4!gu4bAcjB@rTUD?Dm~FdI*4s&H@z+dmYZkh(Z&D&lrQ#<p4_s7SG{J
zN4=7b2ITy1+DE&lx>8K~?a4_fGN3RVrT85@U1RHBSDs2#tHQ7mvmAHlD;n4x4HXZG
z<K5rDmAER#WZPSduTP8ljGmZN5pkHUEQ+(Rh;*g4#3KAxF^`($3@yebN|HycIG1EW
z9@(-iqDe(`ovM(Yj0eSbeJ0=TW6io%PDX^9jK*RdO!+Bs$q}jt%?ex@Ve`U-(YEwq
z+{BaP^G1Z_6#5RWIw@S$KAwyinz7{|!Zg~Fv0T}x*LmmhYw^mqQGaV{MrH}NNrXVz
zfL|HCVRj6Fkln?67BI0IU9mR3)qCaQFP^2}5Pw3vWG|s2O4o$hugV0?xwg(8w{Y+8
zP2oIHniu}}F#fR^PHJY1#OCVHcS}j-bJ58P#9u&0cD%}<J3$tfIg5>iP8JCa$Pp>;
z(Vi#FIh)3)<|iAfLt@!#e(A;;2<{;r^EoXm6MM3SQ&~|Y`Y_QMa@NEytD{)-RR-Ex
zj$#g2WzC^J@0R?mP8+tj)YlZ!GNI@Sa@aZQnN>dMyYvc!O}ylaNXt&Ki`s;Dhh6Y~
zdxsr`hxAU0%daiO`aGP%$JuPX4P#H|zGuKToZ;jWh2q92hV{0}>}m%3ukLgzDNBw!
z{T6IoS|^jSqle+vx>|qc_csk@UT7VbccNJeQ|cRE*CzXeGE?f8@AKEtt9n^J6IkfV
z@Y06>TcPe_&G$87R<QFE4iWZ^m1O=F==w~_bJNL7wLj^$oifZXjYmLx^YI1)b~fJ>
z^OI@yP4}>0I{=DU$ZwZo$6mBi6&Xh#ajLjk%3(+w*pD*mPn#nAerJY_s`H1%^=CF6
z+A!)*qegp*zo;T4fh5<MxaKyHzw_y+&e>mBh7J2vZ<e1CHLmR0|Dzwm#`GV+1m>S<
z(f_*szkvzW8G6ozl4xN!4>WB<70s=^xb%9-Ql?fcJe4!sQ?gpLC?a%zaKg%&2EAp!
ziHRtS6xB(L-h0Xr6$s@;XyF))kj0P(2MTjY%G-|Y?ff>0Lebsm9@uOA|MpIb-(4nP
zQZPDIHJ5zv>>w5K(;tqae+po5^!gLU4TB}skS*^+7X}!=5eyrd`Zn8}CnHABzYLG!
zR)q>Z+bL1E4t;WTMJ4tk1=Q&tN>exY2Gx}`rNA0XUdtD^gb^_*qck-n$9K+Wa6ePW
z2F+(Mne7}?e7K<6NH`>TNVRR435nDROmM=0jtU`62fe=G>(IPjlNQIc$311mZffc>
zl5qwfjAdz<g&-eFoM3KW&&mp+4E;$Cf7c2>9Ns3E40?6QnJ{w!$bs|V;;S%*q|d`w
z{S1Nzl&6Hy@~2T^j>nM2i6<c{O+jfno6*c8pp#?kjyl>vm;&~>N43A8$t9tbTQ?a7
zulVJ%dPHG>`tgUbphh*9V=1`uzDsu)jfJWN95;5b#RqNM^iD{V%th|WIb%kK_&uzh
zN!GAqV;r3C9hu?Pr_Z3O5@g1Y7A@~VVX&6186dnZu^_0#Y7#^kCGkZI?A(|=QjK|n
zU1f+Iu)#N6?|mSKfHz^0DzBr1YDHdI#+X9zu<8OTTScAA6mIfdTqL+cyvB=lQg%?I
z%ZqOoxLC)5!Cm!#XZPsigz;w}f4~b7{zgJSE4`r}b$hEw`#y`t>!L%Pzt+XZ>+3G4
zJ^zx=Z((4p#N<ac{Ia#4mq9eQ-Y%)<hy(@?%=P>Gv@lklJom+!<1!N>vlN=^g6^W+
zgxX0%r_)~P={5hxY8Tvwvu#!L%O21hJ$UH37^-%pK6&NR3A0ZL7YF5=V<B1=w&Poa
zoPWv+OUsaN985(=yl3>h*N`8!hf;t-k6VBv4Qa)qv8Abhv?_19<kY+A@r6wfSw~k_
zwN76_R-Qv<)*BN7rl{hq^SnHVNs#o>xpFeMGRKGO2OG%AS*)b&7SG0PFi2_Dzqw=k
zte;bq*B&Fe3?f+Td93f}NS$>U2;%&HW%g!?<@M`Q@E=kqHWm85-HY8Z_o$m!Wm=z|
zIU!ewd!WOT_Z)wND{|VQ9(OP~TY;cQFW(e8PVZ}ops@c$al7Gk5Ls-iDIby+->IK6
zk>S^0rF7m=EKO1aodL(hp~sKrLWgAML(9zoc;Nuusl9M=hWwM{qmM}!FOGZ;soy~4
zw_G7yYH&)W=f}S;BwpSca?Z;XhUBB3_Y&Ux95{JPlpf92<FC&DI1G;PbyguQWFW1Q
zM;cL)dH!aAaoO$0^osxj+fQo-Sqv(1@`S)avw)7%Vo3T~R}!F`s;o$_5XEsqUSC$F
zG}Nh4y$kHjj{V)b#pm^L_HZ_Q<LG1WYtiJ+)Xg2I3fPFMuL67#mNtB?7hNGW=>?%V
zlxipXgY{lIQ+uTzW_r!Go|Fce*UJ0lPX7D)m#$i<OQ&PfXf*1I2{c)V$ori~ySS1~
zwl<7jX^K0d1FlGoQJi?7Bc@>mfGnv%697%+8p0R5^St&98fSlSYdRE>%f}Eh`)0{8
z_)Hxv-0FtVdLkG{upj<2tn=$vc(%Tw8b>4^IM5mU=AqC`{ja_8zh>r)KlF|N;odl{
zrDK1<{(tt0=ZfHBw3NFfwb8&gWzE-(8aJ-6IuUaR6iv90tz-!Fn5Vzq_`)$W8%!0L
zq3c2eZ%OVqUvpuxF%)0x1BQ|JR3Q>0BBI0+Zff}T5;I0v;cZw55gqgOf4OM1K}#p?
z()ab=)Mk|MyC0qqeBPvM>~tAR_5D&RH|lo+RTdQBmaNx>><zW|*Xz=m@iX}H5lduD
z_%!5F%u9GTxOJw<CklX5PO6Y3{>B<or;bq39E5WhDqPEPCZIQmM$E3VdeKr*ZKQ<e
z`5+p|F0^gz9H`QM-0J?+KGxD$PStYJn>|*-t1-lu?6Vv*sz&*9Z<(-AukeF4(jMCJ
zE9=MU`GkWwvPAJ&rg0BU$dT;--3!m}@um#2EOH_8uuc63gd7T!`kqZSW-c+RJVtPs
zbBTIJ)1vvOSB2rNJ<w-a?n7s&Z(Xh^^W8Qg94PA8hb2|=7iAtWgN_%86G99(1T3|U
zp{H&a%{B*7XdlgPKhbS=tRlcI{8NRYavW}Bs?BpklVY1Kt-F;Xz#Lz|w|G=Ea>3@#
zFz&g;#k0dvY-HU@P@hfjcZ8;8X7<ok@+@A-1A!&`1A0B0-XEq=dcZpv<0lH$*G-ls
zFFJ(F7dUC96Ds=sP|T_`CuM_mTiw=5Yn^DAX{Q>mmZys95KFdzQWDlUZrbeUB9sfs
zgjE~2Ti2|%c&psBdblkXtFL2zN2{4z)G@_o)TwgexU%$zi;?X`&W@n$2a;IA<tHFf
zoDoe(Q2)^r>1K->BXhDoM$I`EW**r8K@@9e%TqonvK}2fD*uAWD^|XK<pjMj_BS>X
z+QQmlpkaY1)U)nDK$#P(yfDr7>a0eF$q%=;y(?#^=z85i-sgH*GE`2|Bm?@07%Fd;
z8#=usH}KhdU&w3`Te*pSHqXQrc80Jm)=zZrH9)lRLUI1LVlp$sOcC;7kg}1Ywzi#r
zw+OZ%>oTuEDz%WpmpC2*+bDW2`(Z>8hZec-sN1z$o8TrTeUO;^5mKL5#tjf|w2umJ
zxZb!b!fwUqtdbYt<x2lryfq8t+FOS^@0N!MPXTpSQ>xNgys}#Cn6o2~Hq%fKXk{CL
z7aCkpw!69T>&#m<92AgTGD@nD`^Gr(VEsH(lpjUD*<3SibzPK$?7mw|T+=Nk@d+;t
zl-=T>Of43dvsh`dwe6govx_&IL$mF@k~NT!v|xz|_+ycWJ(%t4x^u|gJy2J1MPQ8_
zlbS(%BHw~c#4cxuaLbCb!tQ9qTC+SXF(GEU3?qjtf5$J93_^}W8Bx{fSDuEPGIXyv
zAzGTEb>3LNYr&u)fmwkqhdfCtPL-jh<7|IfN6*e~?jo1(&VC@9S65@G?rE#2`vD#J
zb$>rZ7e9UPsLPAt<Y{lc_g<ytKO!e+x~+ZmfI=L-JY)NX%aXNWHRjXRKMb4G&W@V*
z_xMjt2N2&r%r6HQD12ijh_h+CO8ag{sy3VWKbeS`7b%^eEvsiqbBb6W*&;_jwy=sW
zP;i@RS%NMFK@l|U&A2#}gF(&owsfbL<htD8T((zWjA^e45i`QVtInZ-<)^EP!KhiU
zmRr8;c#>}k>3<>LWn|I^lfQQghSd>DAutLM8k%uSC%A8alc_6=L0?i*#2E9&8)1z(
zW_aV|C|o9@r1^{!Bq$?TKljK8QDR1gwMWiI;B?8kj9~d%W>73vX$fbbC;)uN253&$
zkRs_WT0Uy40e!zz;p&<2N5wl$o9QY#uk{I+#;TFc;5=k`THT9)VxQ%<mPl{c)LdCA
zoa&3gO)}(~_0~OR4t1G%;1K|IT$=ZYm+*J}@$kl8DtChB)EebH{SDVK@q|*>E<<Fn
zF9*R{1CxI@XaDZ*ugx6gFJxI2a46mAsPdmC*QYOb;AngoE!^zlVPOzG6^|cneqHU~
z+<gDrI@f9YUGvrb`cyV7khX(upWBDEfJP>Nx%LfdydbLe`;Li|fjNVkZZA#%fHP=|
zrlSLZyfX2E0=h~5JKny=Z-u)T?yGV=QNzma6+EKO{a1dIQbn}$;LMVjI8Qo4@>T1f
zw)du|B@3oJ|5S0vuD%%pea}axC7xh2uG6gzLCL`_>k&8>-3I??^$UBrX4}^(v3|%*
zXU)}Rf24vFga<I{GQ3~^uoftL_<AFspEi$Yypcm+(tY%e5{M&7_{$%S(!h8%6p$hk
zVSOLWqSs|`Rygp_FSa02ykw}VJ`!=X<{D*n`|}<i-&kXZhp41lQ=Xday#+Ef+z0%l
zXy|9?VAei^P+yR}{4(Qb*k0Wx^!VF>y%S{t6whH52*Vq)s5KG>E;P@c?9-Qd=ckRx
ziKM{Hf+W9|i82RJ7-Wyt=pVyr9E=7uBhu7bV66(M^zz_K@HRj6Nz1l3UPQJL&p$mN
z){tuX&7tSEh=2A&yGOamOif)s(jXW&jBps3yV_j2OTHud8l7DRSNr8qh1)_q+6xdd
z1zAov91&i&FE@P&xrl0QJo54&o}J-cV5AEK%e}Dc3`7TkaOpS7V+?>-5{j^m4Z@x@
zm~up$XB~Ax^Cg~X99sLH+YyIZm(LGYB6aj++(Wz53G6D|!ov+6`);*%`82*zr+|RF
zoO;0AW-0cfl2DbIN0Pp<zX@4xjrF^2sGy}%8ZZkD_yGk{CLUY7*REs%UmFn8atQUs
zOb56*<_@N#5s4AEgZlA$6V75e+nKi9i{N{4l~v!s2P)i9|50N67Z;R?i~WCm{JPTC
zvfmI#@_VV>B?TAF*1PUEMFw-oErQQtkKKAEh6d9vq$TMX7>s+r;PIX>mcnNZ<p&3u
zLT~3`;d!5);$V&p-xJ|Qfrv1=2B#GyG1+!;eZGPV<s3>hXE-?4XqKNf@*3NOk12LP
zDDSnOjY#Ep+aG27Ct#4v=Pyz$!G)4Yw7rB^72tRa7+#usKkR+;_&T<FJUZXPRu2-o
zyr`6R3g7Y{7@g)F0J;{VL<v-U6JgYWVu%4CFs(<bR`g582m?1fPQPT&b0&OM>5>;Q
zmHhQLwUeDxYar+^h=_J+Tow<m-=XHo0ijBSYeLTN0oX&#ZU;_UkahF$IUg~}Bb%d*
z$lNrvkjC^0O!PW<cACQm5#dN0Uyl}3Ha6Ekx(&4xGE9>BUoNzy0)+d{_-UZw6HJ6m
zk0MQxLcm{ysg(j=ykN~($l6oq_EM4h`@M;aBAhN#5z|kSCwuAX^$qk}5ThIdBTUNX
z<iG?GcmFE-X~~yK<rTFY0}b|z_&hCdKJ!WT1^g2_Suq$%ghEdu0zquz!GhTpkuVNo
zdWJ<8e$l~K9;eNWAEDj-Vvncb0#naah?>nXKH^52KCgkWrZS|L6)={)s_Fnnh5_La
zgU&T=O;+R0Mbqk<X>~Lc@leKrHFHd~h!tHU_NmT(y-j#EYhDuK3nX#KSU^UK1dAu2
zHJs7c&Hjayo=SCqph9edy^kCWCaySC-O62^E8GJu+$-6GnOwNYfjnU7(#HWOmZUnv
zBwT{=2In?QG;F)<`5UkQgP9G{w3Q!4I4=3~vE;(mk~P#X?<*T?JfS%hXiij)<8(aP
zw4sLz<IUq78eW%zIEeU3rH~~-->JC{+FQS-j9ZKb@qNQa#Rlh3V<USeHkzFtJnHet
z2>sYTq$6&?=q8+TXOE}mLG5|cW;WN&>{4qqy(hOopI?DZAd9V(7fTW#qF%uLc{mii
zr1FYc>laLp_(~CcTXoo1H*oz1-NVChsqV~F(?tjF@*Q>ki%RFP^tMl<u3buDr;D$#
zofg^lIUf#b-$Fjl=t0fwj-oy+)GAe|Fz&eTyq2tf&iC_ke0nnG%`5}Cf4=|6)5l9?
zI#SJ>>N=K+Fg8rdaGyXlS>vLGFHUiNLI^^%v`BarkYFfHUuk<3m{HenhzS)l6Q(&2
z?HY5bmadgJ<(-40X>yt9VQJDl5Y4~8`^Trbr(hXPV0DL8Y%lQ5V6d257N<7z-dR6m
zsIq?uWX!>|vG{h6?3V;asNpHX#PHdMn!yY#xA56}1t@0v@=HIR3(1^pieA>=_Q6-e
zTkxOJ;Td+SXt)R=YYwjkqC?moJ(3NBRbgU%F+_;ZyZRJqhMMrG0a66lwKsu+v<0qK
zLOd4m!O9b4&RTbCrL^2w@PQo^`Bkk_mLPFhidkX%;?1XX45Vlar>t+JaU>*JZ?o`T
z7>?|nDzAa6Ofz(NGzAyD8YV|*Sa)$`wG%>4*>)2?o&xd#j=BtsK0l{tk*ev*CqavJ
zkc9TLv9cP~>^Cj)#+Fu2BD{NFfAi*g7!uC886gisvcdgav8<J6<Aq#@6F6ug{LL4^
zPbuooMEw;@&k2H<e8Ku)554-(S666@QYo{!^Fn(06*cIZiAF;ZPl6pXZy;>@9~B_M
z>GKDxP(MVOHTaz#KMPVsGDT*%E)h}9OA!A6V=iEqzz~*!xPWUFRyWet^7}yMo4^}~
zBZO|(BlLgjQ`-eJdOWPu*Lq}Wm^R1p0Gs`4+<7(DOHsqwt0rVHkUFf0fiLDbn_?<J
zbV%{GWaCyW>*y%^0`(rDRdHs)sLMjdYt8Qnbz4@=->j8v_|q(r!lGQ*+q|ez0}1Sv
zkMy{DN)QM&$j|r?JlvL?Ws-P{YY;p<XN-(j&TW;x>Tsx#pB?6_X{lSMxm*&!zK7sP
zf#0ppZdiYwpyS(;qTk~3us2!59$qWNOKnR>Tc-s&j`{Q+c$dN(I<3uqUI_JA6oZkN
zs3B7O44L6jRRl`IbMP!8uv|j-kuXUejwINp6;wB*#?HMEpQjXO>p5fJpfDuY6?g11
z^`2DL*foL!;hTQ>h~=Qi^PEE5r&5=6VF1kqy0EUrqFq=`<RNtQUaYr)Bj+F%`45_C
zUb1j<?Sc(%APs<$wbcpeT!MckySN?n)Tkz>@&yP4YKOmctj|Ea$)~rN_4i6GQ{&=J
z@xMiW(d*IcJP`=?#+1DWth&qC!UcjwoiXAeBpEtFu?g&6qH%@{j5&C;;rnGx*kLWZ
z^3Uz^Y4Qfzg%5Yw4gQIAxMGZ9RS3CgHp?o-539|>8f<o;v3gx<Ws41+Cz;6wf}a|i
zh(_P|%Rs3qImnmXT>TeeAIv0T@6Wuhiz2x+aw+;J&uY}mvng&L5wJ5mE!5j2X9H$D
zz`F+Be_sbPfcw-R@^jHI0SfiN;Voo5xyuRoU)ZC^fl=FWI3_)TDxu#_VeNL>N@&Qn
z5CV7G7YSaHc46DwjW=OPHkq82?Jra0fw@-3xDcczWRSvNFANRu)nBn#Bee~WZlZx)
zX2+dgd{IXJrCPbvsY(CRby97A8ucD|`uMZ3EMTyNqoe-X6W2-qk^edVgO~mPXU2M^
z^}pr+?snQBpbFG7_;Z5#b$+ryL75aWRSbLrw=IL6wP=zbAu-xk!RWq#W-|Aab$hqC
zU%+7kC<zfHVPb+@V$A#fk8g*Q&`}N{2YsJ#o$+3|nZwfw@0dTZeCoOHom?ad-_vnK
zoyT7M{4QQnY5>T%W)grGk_sTZq8wx1KYBYIKELL1>-q5oW<4PIeAV`Qlk|n*_Qd>}
zH~`8BO@^B78)_(xIl?GIgw{Ro6flMbI|@2HK%$k(A(dDIp&FX{)i?OiM4MdscLrx^
zX~1{7R4Vm|hUbix5Y7^927n{k=OAfR^wVD`NnB{ufT6My{dmQOWO;oifSWKv-^|Qh
z0mg)bo&j{h(QCgMfh{jChv&QVprwHArG?#6K!^k}L6itSzvCjQgr3pnB8KVyxh<6?
zH%(P_<tpbl3~as>%xaZHEloH?8)8%yFr3<~Y5`)3sQ$o{b5-AzuSq^DKF@Nyhi2)S
zm>52E19Fpzw(+yqM3qB(P6mXqQ9=vVBjuI#by~<9as+6merd^7@S_)EInom-1r}*0
zii69jViz(1Y7aO=I7&vsk_>a#;w$nA6D1{^A%9{WGK!1e^jX8|3__%jJ&JU#IlQHx
zSx-+5*1ipbvQC&7#0w4^xQ?+C(B;6Gw^DhA)5RgCe}oTc)ABTgO#RVpo34>jXL)~9
zuVwSL$aj_~wcrKYp57vnXy|kw6o8BLK5-)bbXk{x!}bPTo$iVv?3=H<=Sr7ga+P0F
zcJ^qMt`q=4uh?xZj9U|izJQ{%!1WC}C9cSn9hhz~R~~Y^-msVtg>Ca1&^u3`((CB0
zX&_`Q%U(Z@Y3#VTO?~(98j~c{t;t%t0J>i&gBlIPWz>>2iU_wqAHD9+eO$Qz**@;Q
z&&MCEBzv0iO<hls-?Q4rksQt4y_3)>^TalnF-4J}c!pSs^EFZS!E@Lp_tQH_S1COT
z;!edmG2ValuXwS^L?3n6r~ApLX?P~8MO)v3&0qt>Z}4q)t0Z`%`X?O@OzB`BBd83=
z{;4y`w0<tilKNH{7_G7s4-}7~AQBdZEfPC^jgyEL)p)lkPSHgbwa7R)=cPWW&T4BG
zkd=Ji>#cz1;O3pTDtUA~Kg)AE=nJ(yMCG$Z76VOcSSs<y)ZrRRiGnc^xd>`{nc;9-
zL<%}U2by6*!<_-`OLN1J!?_V5_nQg+K|z9O2X$}pN?cholO-n;SLI8!hSUl9VHBLV
zthwz=Ai9IkV^5mz5e$Mj9I?M74o{O%nYrU|Ndd>1$PW<1N%J|>*#Ozcbyxf;Q`577
z2IU46w`%F9%eZfgoGYq+30{VFo0Vj?&KVqiQQGs!on$;YicOl0w+6+<i=Ejl)_}x-
z_wNB3?LcrS9UT4?<?K`9%uo@<G-h0@hYCuf#dCuPA0)}#p!4wVOVPgb6;3Y}bMol!
zVXt~=STwr!IB0>|X=-aSdY;G<DZc@>z?|II`KKtZ8;%xgdLCDo5na#l3+~d{ee~+<
z(96TEx+9qj1l?3T@X96T9VA1G)B8fq1*t>-vc)|Mo+oQQlQvH~=NjAuT(I0eJJ>$h
zDZA={YlfK8<VT*%c1!Ek08lS5?98Q7ZH`N`BT<nP%&51i_`H<KM+E1|yRAOVX_64x
z#>inJ8Ku^hB>8hj@|xM=1qBRr{3VHHYr0x5SRJ*>;>)yksY8fQFB9U*v4px?)%uGh
zH5Ha1`e?Z!I%ZVb11<%gEl-9mobE2p&NiZ>30i@t0xx(W?MbMN>X7k|V>cdC3l??L
zgVd~OpfB{ET(Z)Ry7b?4M~*P7gX9^4AA287YLX|8FD+G)Tv88FND-F$`laoz8ww<a
zh&|vG5y<PyNb58^Gpsl=50}YNjeo?53i-HMVVH!TEt!9@XHP{>Jf+3pb*@V)o#Jv;
zsf8?NxZ`qd!p7?~60K=+#D(!WA#$k$EVidTHqeFbaivaia(UaWmlkoONLRU*S8z#+
zw{S_CdO3>CGs(i+*0m6qM_Oia30Cz}SM%kGfj5^!LrS}v#lQ$>n{U`sM<6<DZ3{m)
zM8`|E8^3M5BeF=}tqo4|&ta87yeXEH&Q={+Z90UFAX2$~<3^AU8|!FXdS~WP|2?N+
z;*Z2Xg$ZiH8J=pr(m+^hY##Nl;Y)`f_0A)DC8S-=Lurqu;cw*)!Z!!1$OTcmp)KbN
z8qdZ=J8)WQZO*h6USX#fznkeQi^ZGil9;`l=<-h|P30JURlu1rX_(HpR5C|3n-h4j
zrB~ZoIa6WoU7KPLm%?uKCud$xcs7c&VtO)rU6LRUq^n-mMf2v@2+r)ia$&=Zyfo7!
zwAi3-e#m<4@!w!LNfs!lEAw`-Y>g&eFU&XNl3yQtpL~*pqlzg<&?2iEoVUG;t<;QZ
zH~`VzTX~y2cE{zWM{tLB?r?gy7?25XlMR1Uh+Ot=2%Q(S<iY0_ry8;!kpX1cQ+s+K
zF!wAS{XxsxuzRT*Hh@WgTh<RewEH2NI#pzsMulT?9Ir`W^|qUtGS^-rg?Rs2-0|pC
zRsN48&-ouoo|&2Tf2@Igm96u0$j2Dn`J{T41fEZECZvx7(JzzId2Fd~d7ncAp;2N&
z-je<q@hkM2+p$t9rBE@irH2AX7l)nrn;mncJCBSAfeCQ-B@yA=1uzDMnDiStKditf
zCC2Rc`O0RuzVWF<Wy%~Aib{eLf_%PT!MiP&ZGSYGedjl3*KPyQ72`x{9T;^2F&*Uc
zx-;m4cLrB(>~^Ne{ipoeBAW~u-><3~Huqn8cSqBG0zr8rlxQR7-cU9%ND`P*`qgtq
zwQ+J{63_sXydRbvnJDP=h!-x*B`IOGSHZ)E$#xVDO5~<38#rbCYrWJ0T>;9H$Ol6=
z{-XUTJ@3F-F(cHkCen5wBUJk_15ey-wM(b3i>g8Qf(4q&YPBJKl=sc6nBzW~0y7-r
zM*7F&Evpos9dsuKJ72HQ>GsD4-!9%9-&fCDFRcQzJ@fj6%`#}RR3ges)>i_EmU-(&
zP5Ln?Wc81+#d58yBrtnW@4{M4nan|h_r%SZ8zu)eZm4)QaXoxC>6Sfy6D@?7z71b>
zla2R=4=~r*@TeZ<Jem6rYx@L|VEc&`+;{CWbapUpCYM#&!`m(%9b?-PDRhs6ls-8Q
z1mvD+nh?5dy7(xA$a5sfi9lrHOefo@dSCKILj$=jw1cdzP?_d8qy*^Uq4ZCHKpB|#
zY4>J#%eKj@lUzUQK^_mpjl^Jp>X{NWp}oC}KS~%Qsrt8uEy?)rqe<2uzruCsZeiq8
z;WeoruTIvQQ~b3sa@+(=6fs@bwSWaUs%zTUdS%?(IqW$Y5HrXiJ!=!X1B?i<lw_J;
zxB#JQWC}+WXMx$4cab#`I9Ihfd1ELMQ{&+u=S_?Z0mJ|%IcL}<qZ9Ia8*A|_dc(05
z%*kR|n|h}c{T7k_?Y=+K>19s<rtp6nkF}#zT*7^=cZ_ckYYvZ&TP$~2kB%8#;J(1V
z8d5EbD}TYBk1t%_fBT#YI)J&x1N3~4$DI(cS{ka&VduQ47YF1VXu`KeHr|4n`bsLm
z|FHjw`vBk>3i)!0JbD_vtG}nP*8#!a5dp$89J-V>KRax@QZ&L0b59s{pQy*(^e?jB
z|4GD(z5NBgfLb6}?r{13cVDC**{|l@C<O?ePHLuEWDg{O$q<NLOEs9G(XrEVH}1C;
zx@Ym8hS}|rbCf33EC_-l^+<pZX9TWc#0NDbK?1F%C-q4+;Tdq1gS<VGatHIBb=3Q2
zk?$b9YU92C;qB+WY-5&g_N4Ncz|-#9!KO#zn+zhu5<?o_8_8uPU?zq}1PZqKV6R=U
zZe&(R3)d|HpJP?z{q3+4vqHacz2yH)fl@gsb;e!a*ihl^12Y6IDiC6)HR6SkJzy#%
zB7g-=uzc3DX5B~Xly6L}3p>@Ppqyc0533TXBGw^Z)?F6JWR-9RpIO|mqu-*Q9T0!~
zq|&LqIuNjhvbTS}FfmMb(cGjf;Nh4TmhF{{-sdgrw)P3aiYG-I9ULezWXCH_D$0l#
zDi0!$Ts`u<r5<(@zewT^b+cR|5L$QEPXCIDZozfWjdo+>o;g@=+%78)1Rf9XU*8aA
z;c{cAnW_&`NLMtC=!?&ibwm?0v|Qh&<DXRJ=<Xvw(@v4{q&zN}*=>g~d-5wlfz}c$
zyeW!kaS0aI9Z@rAE_IUoVDisdEkO$Z2Nu3|J`QDkg}@{w8lf7s;N?DcDPyJI!YOVM
zL)j$JY7B=pEV1`YlYVjtrgVmyYqz3h;$P-mJu6Cjb_+vrNBOwj-@3JJSW^J$?R8=-
zE+$evx*x_vFI&k42JWJxv4LQKLeN%=*-;WZTRNes2(=)_(z>CCeCjvh*y|-Y+UqnK
z{z5qN@1f~2=h2mG6Hq}iWJtkNQdhe_YMH)d*y$n9cJrXuZhd<x{SUzE_%O+yi-FjA
z@3XKzBe(=B@iW>|uj1!}Y+cfR%f2RuO4U%X?Wbpkw`*LTpxd{9#I2zYHE90fxSD2v
za&KX=<!9UfxF#&4<n$X>@6(1z6D&`rb(iv&JIpp-J(yf*TX%0;{#H;E?jwUXu?YX;
z3c~v-QB?MEG9MYo?-!X6qxL<R^RLKu=sW++r<?`<PJn;0UnBQS5rtH?BVA7OJA~*&
zW80AZl09+YnJCF9#Fu24i3DHDwc9lDQo6s$mP8!S?5<<~A1Hpm;Y5_gd@7h&-9^QP
zU;P7K$qS^0>Ol&QY~p!~LuS{{&*(|EY<}+qcTZxaekpURSGF3buhQ_qISR}f)&W^p
z!|#?*D9%0O*!NuX3~jR>L}Z0jH)z8NKxcF8cK}2xOD;@0AGt<V_py_8&N%Z{lS=Yv
z<1QE+@{Zc+XKkF)%)0On`(_`c2-XQg3iA$y7;93Bj&jZsCy|t{nugRO+fcOCc-(Q0
z8uRLItLUbG$2eaHEaJ^t&2r~EK|nAL4{H8|T>r%Had6xN#&8F49d<|Tl?$?sz-sH3
z{38$PQN^d6WwlYh$vdB?=jRjzMxmj)Q}YaX39QhO0b@~tkp4|th6mSF0FOS~u=5FL
zUM;dJpFZ1?)<x3!K{m^euhpKML)$zick)80w!x?Z6)-Gv+Mpz^$zY;5RMQdGJi`1q
z;eC+B$xrb7Jx|I#VIpWlZsK!ry_#*iM&M1j>wB(#rLqACMFrvxf3fR(kO!mxRcKdz
z?`+~dthuvYxAT=`DC?;+p&ZH80fm{i{CfMA1&7S614VgQ&7p@E{0lD$?|b;If3@<y
z@$a+u=DMf5*B+Zdmk7>#47sVEDB?!}uQqH{N%P=-kDJ0^IhfQPuZO#8g}z6+WwL0h
z!;fyfaUeSoYU)^Vky^}$6-_h*3+$tt#&dlVAms85y&<OPm3@2IlH+_{6i@IiWMuB3
z%cD_1D~`+xf3TbKCm=9Pjkjwu|JiIf<YLA1ne#U%D=_os#kc=&r8ZXEnqY(B0q;{|
zy&=<CUxn<S_O&HL|KP#hs{#GVD8_$OMO^=(g2v3m^*>f?9{xdB6pf+$Uy1}GgjqfP
zJ*F&~OI0rN4Uw~pGZQ2bqZW)FKor^ko^+PB0Jq>2j>T%lK)&S{D{4!o=dZUC_!S@n
zK6_xiM9PllJsq!(LMgQ$WA%vkuaWPM)HMd4JiEzro-ViF_LzT_U$pP_<G*SbqrZKA
z{~iQOOe~&p0aotwu1ht_;`HyxzoGAyrSO;Y@4fwjR&?jNr67)dLVh&U7!U_Ikf4kU
zlK6ug$(;RxT2>s)MP<LkGQOVX{;HRne*YXQx}FT_s6_86kxQMPo>FVkFI9sl^rQ6Q
zDA0C5dX=D%nIwag!m<$h`j~V_$#}<~8Y!IfT&B@Lz>I;K+2wP;_SXIfW)s35Hfpa9
zf2N3(I$2N~UOYrdi4qB@gi^cyoU~e!M$E5%^fgAz1g1DrlqMl&rP#U401KXogZ|wo
zE_Qv=6xqlt7vMy+SDB}=)-gU|B<MQ|EExwvVK%0R`EWjL6XbY30-jU^G6qk<ej3J2
zLojXr1GV40NhWexOkbZe3B~pun~cPybmtHB-<jTo2^Z#&vTiK3>BBOs&>C?&VDtEd
zY5%n1ApR$}rP+`rY*m`nP{(W{=I^*|a=|OcQqZ%WvFvlvW_7LrA%$CsAaaf29?cBd
z9yrpNYkbX-ABmFc@nt$%7xM%MyBopTmk%x~7Pi(J@YbpG)-z|%Xh>Fhpry<=eT+lQ
zV!W%B%bxvIg>8I^%}fwVL39erHQPWj=mjal8nQU4*7=>y@S!a7YbJI)$;Eb4l`I#V
z!%Xr3nzjcLQFEamlyX5Sm1+brCPUlupP{t<veafVp^?2;3LEjE!R-kNO@o)`Ts~5R
z)FDl@9`1AxJvl*m1p0wU#|5?T#DrXKZ^m9nU~))3q=4P-Sk2wo$Zg>P$c<61Cj%W(
z#cBu|nO3o-a`ss%>nvm}bZ4(rrJ8zx019VaPN>~-M(k6==Ha-TgoT?VE@G1hzEDOp
z$pP`oL}PA%Md4M(-F|q36+%AvFw~s29?xA$;dQ#ym~O;$Hq7u|;C%dGKjpN$ZGL52
zDk6DhQ`nd(Ib+@)%Z#%#<#ByIdrW_algczx#C}U*lXn%>?U3Q&LzM;S6NXv^Dnw38
z12ctExco;;Kh~^Opn1aGK-E#TK^jw@dY=%uAGxg$_+yArG!7X#xJi^*k)B@mjd?+C
z)(RHkW_Ncl>yAc-`NSx-K7(so$nVLG+T&k3LU;xx;M(Q&bMpsjHn;<U`ZnSO+TMF<
zH)d7QG-kiBrYbpbYOSj^EEB3)as3}z!kcrXkP|HCIn}<5upkHYM%3<O+#;L97z^oO
zX_BeE7uxFwVnAt-`Z$?Z+7S%;1m&7DIn0bljTK<AbTR`nSAS`#l>Hk(@zWP3o?Do4
zrpe|7@x+iSOj(V^#MqijBvYmxO4SXtZgtFicZ=Q8A&p$ExkIRXXe$VzW@|dR4JdgC
z9~_OAMiKA&)w_!391RjsK24b!C}DNiMM)RcS<K%WC|Tr#6k&xMDM7<ni#~9`uVkbX
z4ql3oUHD)Cm$HCbvL#7XN@Zj#;k)CG3olAzlXMP{ZLTD`XV3Op2CO$@9Qa1pBgN3Q
z%0H|DcZv@o8fbW(>cUNd=AN+SP114=ai+AS5g5Z|mX3NrK=yIo+#DxIYEQioH$(E6
z;!0XfPHE+)V@375A*bb4;4exL&&eEo)K@i_wOg&Yf_96QQ~8>kvdPHSZ`8;)P%klV
zREh}l*4ash=XEwU8zbg)!P7y>F9o48VRK+~rPi?IGpoSAM9=Z-H)GP)LGIoF>^6_I
z9x_Tw#15b)To1!G6tHl9**W^_4m;?qbr;}u=rVDl!oh6SPo~xu<m_%8od;X)PRnpk
zm4Qu^A*1l89sjNad(^W-%1a?}Fa;M*x}DpOXxvw6w|urwLyKx4@}XEU1i*srIXL6h
z;pc>dZVIUq?ms{}Ansvci~q#@2s!cD!f-)@*rjvY#+$wj^q(+lqM0cC$910wfOPk|
zc%5h1)6gdE)j?+&<Jw9_<(&4JEzXSyJd~pNZ19B^E1WJUR1%iw?5H)85SUTn@P%Vl
zPyCTk9fHU6!JT83ADBDrGVqHfEXVXVSog5}HerY;ZNH<#hTt4sKnsq3(-C8kSGl)*
zI84|9l5b<7_bZ5bqC?JrR7{@4pb=Uga4H4co^mc&IZDFK5{=*+e_puKy7{{47jlFj
z*bPRJ?>4@8t8f=YlsEE|$0s+)C<je*{I8)w&d5a%-srI5q6CllPbg05h}|nSSG2er
zBTuYY-#k52uAmV_z*bQG?3;C>$*SldTjo)uR@qkfF9h4pY8-f}PMVgvre^2f!~i`3
z77x5+do^1^dBMP_2c&;yDB*r^oVVHH0ZUa)65j|D&l5N|mLy;y0dig)6$l>*VDlEg
zMM#lE#YkcD#0K%WaQgL99vT~3Vj|E2E+|8MmuXvH(i`8u4fOPOc5VjAc8QUdZrzUg
zP!=eV(@zrW)J0*wI75^3IOD^fz(PVPQBFJtAO!HyJ(^sHp0>88w=VrTR2;^yuBNvh
z-yR}Vwy8&f%ewMKtrbHlRPs(zS{FS`f%@1Jp;UXbQSq*h8Oilmrj<e#Rpih)4QoHx
zMqQi}{*Bwoi>e}Z6=sXXyEq3#+dANc;ck?{c8VM1=a2d@rXvmZ%wDXTDLi9#bH8WK
zT-pLPO)u`(YY|xNJ8(k3qQV-B{@afsN62t(^-M<BN*?xnZcOKw!}Qp0a))d3HM6G?
z<5sxfuF=<CdDP~y?V$7SjUi-!7$1Kmap8G^?+wqEj(YCsPD8;Im0lZ0L87qX`FH%u
z^4x>HSxEixX@FOzND6=@KD_?a_HT_1T-Nk5@3NSpfoiQ>6aZtteEEMCI6v;tEdNhz
z{g2eZ|5$6_NN2~sNb;w`G3YNMjrBg=*?LdQUBkYTcF)Q_yf!sAWn!0_<K6}4UAr{!
zUvl|TUBcbmJX0@|WC}cfugI>gsGI<UB>vb1k_oaH108@uNdmtptF+gU3}gNq_^#>p
z&HAENr0F_#j!LZDF9PuM?;1ex)f!~bc@@~!>;4Q-6XZhC-rc<>s0uK?w;J9ee|5e4
zdYBIHyx6(+Ylnen?E7+AAwpdJM0_omh+_<Z#IY0#*-HnsAO-$qgwSylhGWCRCZPhV
z<o?%s=_U2osBvdxMMnB;zniaqTVVK%4KGD0)5Ox073;mazKC2AhDsUx?!w-%F3`HS
zFG;C7=)~$!rH@lAM~QPAqO}?upF<mfwyf@7^IBy4G5C}e?CTz1&vbkR>E%#X(3bbN
zCPMwf<OS=5h6kf@S+hU!u!-RP7hE~+UkFvn2D7P8em#xKx?*Lzq;nPeiP6=(R~K*N
z*{(?gH`C_?iOx|I+uALkw>5q57#QzT*2*^<Khx)-+3$vYHkm!Mtde@ti3-Tpp%_wG
zGCV*rS8EHpBXm)U(=jEyhy7(H<<=@_w8@Bx+t?tRejinr<N+`B*6<MUujlqruBx}^
zBkg(c4*e)a4H<)2kBG(dYhI9?h4~hY@c^`EmT5dIE4zplM<vmJ(R{A?NBE0EVV?I}
z38S8dLR)_auXB>iw%BW)EKMdcmd*zXwJ1635W#C!!;KW&>|%179sKZ1+-}Kv0+>{$
zvlDIV8Im6R15@K39(DxQqhB0VuOHe3mq(Fbdm{;N@9rk10s}}XO;2veSCNk9Rdln~
z2*5&n@<Z{M+Fnxfp`i<xV)LhC41JOyg~KD1d|^PvS&G|4{&aO+RH6u-f{?|vm0m}d
z+Bf*F#WQ1Bi~cQX!jB&TGecA=8SK=lW}$cy2s`axMq1Q5MHkaNqyLOWS5!KFZ&r#+
zRr-gODxW^nMk&?#W)`hS;IGi&Tkq?LRo`je+XzZf<nv%7hQSc6hrV>+djG4~=4!4I
z=`1eR+iZ76kTSjsq6~(KwzO7UArfM5s?<?_N*_snvQEM{_GGRhXhRb}cL9~VC&Ec{
z)OKbI2IR!?-%OwOWb5?#;kzqhVWGNIRrMOVD*GPVOsZ6q+!w2pH8=qGY30`?)Tk+k
zD~9j1WZ0u+$V11&fWyE6j-k-()DT(1Th%>Sa0a~u<qh+U;hC#sZ*7a?n<9VS+z#Gm
zGtkDSdvi_Hp#mmmZwRk!PDKxnT6c;gFhzZL&Q>pVL%z6?EHas<;Yv9IEpgqwoYktu
zcbg4`LQgGMO~4k5zWnGZIitj)D=^F;edRyALH6ZW){|(9&iGk#4v+>OyeO3s%gB@=
zisKVd!>uIiKw)~{0h6m#VsWre7zpP1r7MA*?)S52w?479fMMgsb{!;PVx(-u5FHVO
z_Q?H-6DHYkta9c9d2P;2CNRG!N*fYGto5k#VN=fRRgX3kHDpb}q+SN~5@;CERH9OV
zwB$^B&~K~swCoRWJ$<vz(+z(8E4qIWR^?G}I;e2A&5fqxW)a(HC%SpR!>`1<)myH7
znyDW$WVRLxo76}`X$_)-sU2^kxSOdV;Q~z)lH?jmrQE%(0~zOAE3Vba!Bc&d^mH;a
zbm0@sPnkko_)-ZcLgRqdgtT!13@vnw;lYP8LC{I7bm<v(K^vbHW!rJi{Ym|Czo2-L
zp&+`l?^>gd`a^bV(xG!(I+``Sx%{z@OuHO;a3zuNUwoU9WH{fpOz!Vw1XgBqDpxz6
z1r)28<&nY|Ie$~JvV_5(!ri0G%R`EiAO&B2$Yu>=1uAgWXm-cAF)p6p=259jLA^Ur
zo)l0d#3PAyKFW90)TGq9mR$Z#t<srMUODE{>g+jhQ#u#iD68BEjEQDkbuF9it>qIe
z0DC`MfgL=<%%fa1iQ^8;j3tc!gGzshr*5D9*A|<?g$LA`bd&wzkr|!+ek}C3ivAb%
z*_yz<i)~ia-SHK<o5bi6r>D9v6)@QRUxhe*EcH0m!5FOU-v+|XHFi9eBa@Vn!ybKF
zCy=90oS^P>qX;j8^XoL4@55FK0|^MKSyShJpT~;z5Y~Uj*jxv!!M*=7<OWbMh$whN
z5Swhu^!j1R_o7HcO`puw8YSddw9@5HfYTq~VK`(r&G0LXt>m{S+Gn>X-f*wm9r!@^
zZfS%mHHQ0dWs@~kFPX0{9)PlSVyjm8%C~F;N_K9DU!eB8-s8P@fPj^U=CgM*=CFf{
zC5>}6Q32$Hc}ZIIMY(9F+083oxqr+1-;3wk{yZWLv@z6rb0x+>*MheuC^kmnV!ML%
zV@$7b1oIRw%6T0`zSuBDOh*)^3~)bWI^qX4bJW{}oK$8-XvrgqkhN&e@a9c&KFWKA
z)3u!d@mX6?yX(ngnvN+SZ(Henj&P>N)Tw2Ba0;gl2@mF8JwSCf(2JXi#HU=}mC3Kc
zJO{;`=~HNx^oCj^!9LM<&jFX1#9Y}zLqAy$wy8*vEt$*3@~5D>Jb5x+Mqx9H3{+_7
z1~gQh<K*^tcxS{2FL>bo;sySAL*^mPOhY8blB+N-o^3`<FPlN1sZN!ki$!?nMLOx^
z{ra;s(C>D;c4qq(s#?2t)fRNR_~ycNQ4!|A&fm6HBI~JcH0kREtVIU32(AO@g;Dwo
z&;r|G<eEeX?(!ER8s2i<G@_($ZqMWN{<S^h_8l|i2mc3U?-*oRx2@}@ZQHhO+qP}n
zR;6uL+P0lpX`7X{adPc-BksO;e{s$_GsfQ;b4H9YI$Ce<^Ssf!<<?tjK=rCc;)lh?
zth%^h<Q6@~PztKV*zoF)ai>GLMu<P<p6u4%=fi#Lm%Q@$0=~TgLma<e{(ND<!NQJ!
zIk}kQP=HkI@HWj6Zn9O@t4EjV-;d<CQm4tkZ{@{W)YD+ydWa6d?0h7fJz|`th`tEN
z?@6|U-)fQkuC!BZkNPc&Os<?>Z_4rfo^D0m1e=p$P?7`Y7KsvZ1B%tB(HP*Qo258g
zgtuk2rkkbT{1?AubjQB9wJIvWeQ*r8L~@#+3kc+7q*SWNcLfM&3!>Ps=^0@cQW%gR
zZ`Xea!(TTm-`@cT&&S`=6fN+WUu@r>B7?)FUgl=j`ehxg*Ruy?l~wvmHCJ(0(%ukg
zc*{iJU@k+J{~#S@WcabEFc8=qSwZpe{5Ny~GxL9%+-cU@NZfBh^S%BT<p~RA%Qml7
zQl30Tg_OB0>podh5w9xO4V1w+>q@4FPn+Gi4<m+iNi~+?PD^`!-C7##|3|x|QFGt9
zQV1c=2Dvir_*UC7_i|h~`~nhlykY$p?UESI_iV3>_5<JCo&Q5*KLC;hSu$viSp?9w
zBibkx)IS6tZ|9pO>x1+C5zg8mz&D+B4A=1+{mW+-8VEr!2uZT!_!of<WiUk`-%x||
z5Sj9b#*1T;-v-r&U#5)Yi?7hYl2ogT?lJWHxNncAqA94o1C4`31|$y9*YeQ5<UYpm
zBFNon9>>^jqrTy~1`@b^=?T?;(Jq_P`jxF!F#2)+a)zbld4~}~8nLt-c&I$K=xh+^
zlM99Xb*iiwwB(IL68eE%ie`vV#7Q6@+7dzxD1jhGBMx^vgLZR9g$kdhCqeYjgCqVV
z9NEe9a<^ymzTEx4ZysE_WJDxHjQFxUK?#jXG<d)UW(f%l;;++9F<=}Erc7iI0^xl+
z2%<ntKu0*L$XVce?a7oq6f?Y9?lx5Zc2z8RX-}WeY8dc7159iG2@yre2vLAJGmptQ
zUxFhDOD602B{n^=@;YF$+r{vgOTHK5uCNLgy&lnGSshn9!Cd#EULbjn`2vU3alxEf
zAH_OWqq3J)k-HJd0F{E!KqMyJgn_-gb&kh=C7O#~#_6ukPtw}k7v1}auI-h2$y(2*
z^2q%i@3^5#)y%&2Aor`pSg|HJ2Wf+D(<-^VRD^A+J2Wh!3?+vANwctEo=LY{i+h7}
zG#+GV``n5F6=!lm3OCr`Q^+VR0>c8mYLJd(8Ou48Lcf=~#Wh^{XW#ZBwahDt2n8HG
z(J0<YUJd64fr{(~{e*$AZ<4oV`9MnB*a{gd0AZzN2`gHlb(qI^08QOhLDvfXo3TcO
z4_(gTF}eZQ%VZ;!LIMNoJXh)$IBlH>2NvI{akXI-lHkZ+SB{a;WhxGs#%5$d>y)x;
zR-`m7Ynd5sYmr%vN-ZBt9@fMWWmoYNo_j0JfRpvQ^_6W)w$*sc1V~6&pd@lPk-vA=
zipP(W6Pr{0j~}7#Z{4^>Kjf?HEHAy}dzrP;zp{fg^eK+YE7(qDP68X7rHVYY+{dAk
z@kqymGW`1XEq)>}6})lqVk$@9zuWJf7d+wAr*dy|x>xa03NT;-brBZr>W>YS$f&YR
zWdY(fj)8Fl&nOf@$OP<r!jmcTO5-mpt>||&UmU)RY<=bqbkRnb(bk2(8dlUp+qt=2
zVv<N@4scQ!8KSvX@+>wq&c#eCGAWJY-xlExp9|H#Gh{ed_D;yuI@oEj)aZxZGS=Mc
zTi8T}v_n$5yQ-7VZ@{9Os(qR@D^eOJEj}g+-YtO?(Vkp&+n}=={%q;rPXU(I1PAH3
z!O*{|kG1?&%E*b*dK1L-l;p1X_GUdv4gz?uij|BL8Is>Ppn%Yx<%~lhKLi8KL0-*~
z+Jp8I=NxvhKzfjx`1FE82qJsWwxzx>NJEOV8JAt%8=^Mo?H%R2AGbWMrsTmtw57f#
zP>&)D_eHBCgU-x8>g<eWPSI8uni#)9#5;#VpeXnOb3zS9C6O}pe|(UIOrB<QVP^MX
zB%CaHlA4$CJWKo_z_qg2_uTe35A258q4$wskI#W2bNQ~aQx9$gaV;f<>k{-h;RgRA
z4v`ccl6n2q3+WjqsVO^;R`+e#oO!LfK%3Q#qu<h8Q|afm+I6S1wl%tbcOWiP4mKt}
zfV+{)w(7dFbAYruUd|ov7T}&k5_s^)B^ncC6OjrkW#4;!p0aaRN@zThbPN&J9$ciF
z{49{(yiq)%&1%Qk8aJZ-*9OY7UI!ce+2W7SeLf!rvNW~Ic=66m${X;r(Nvd<M*0W2
zQjr847;B7v4LW#*7_*LEfNe;UK_KlTaq5Y#Rgd_}`4^re9>TVD<85qqP8XN5Gfl4O
znZ5lDah{FiHPasaLeXqXs`F25PpTSe7~Sq>C5RMBZwOxS_!SgBGg$uu5cou#jebJ`
zLvFxPh}>^aXaI)Qe`T}!>9RomLN#Lt+A8^ZABFe19k6!ZI=y-7o<Nu8Fdz2)6d6+U
zo`GIL_hDP#(~l;Adj)s_5o5D+choRw%|7WeXI(1{?ny%vHtk%dxQ`RMHv}n4(0_-v
zUyOAN<lG%quboLdv3$^g=eQlP5#2bv#RZKU-7uf&k~>Lvy9sxFh!`>ikB{ZXqXRNZ
z-sRb`it%ho2%i&gj0hwYB92!aW~}oflPku+HzDR*DMvcRcfGZi1OgP9xIl~(Zm66B
z6}7K8pAxx-qJ$V|e*@j4R>mVnR3Kcg4S+-g6*s01{PG(7e$<AF5x9Gt7kCcg6uiTF
zn%Df(XpOeJcYAwq@bUbMStCk5kB@H#kMDtI<PQf|>VX#of6g2C_gBv6D=B8&-u(jv
zGzsnkA^&W>YYfQS*vNjWsRIY9<XRQ%swmBXx9={M&AV_$uN(&CG#>EwcWG@BgR&Pn
z;{A=K@%B5t&Sw&sv-z9O1{sLE1<yB-lTw`TKNVJ({y}fS$j-?5pHA<?8vm_pHhDw$
z>W(T1pryE&a+j?c^nnl(LaUgF2&w$W;q2pW<^ql~s`OVeB^2;6USp%Pk8@SX@SeN|
zkweB|?h#emYhc6jd*iG*%`V_Cnm3LzWuCI~WV{Nyz{Wps7JJ_-=0R=TxZdV{-$t%a
z_tc15^TvLM(ALd>lm-`gB^o8m+}@6^UskN|b#Iq3#Ks1lI*-}phhNBFTodLHyPAm6
zJ}aZ|zz7@9)dWCThIa0#day!HXfJ)z^m?hxqp+7vTc*t7QkL{n107rD!!Tg7^M|Gd
zp<ssm&rUArA%xJnv_qZnn^K0?><k$(Lg&$?o7xjeQ_4sq+~;2Th~@_PP4qr`Nl-nc
zC`l9U;ao34w{nofi&K$2D|*vGV>O9|xsdPiDil@r?D@eE7ty#>h^yzAAMYm1$FGK2
zs^la5r~r2GG=v(5o^Nh;ob%wo@1MgmeM=7KMAnHuX(fFaS2`w-9TV`~DO^{?;RM`(
z?2?0anpKtD&SQ#FYmy0>{Y2bb7Ux|r7Gbaz(j8&Hsp<R%9NpBjej+w@Ziix<pC-#s
zhi5SslVGq$9QMduZQ1$=thqMU9Y<pL(^Dk0(N(>0grFUkg9+tRbGk|RFuzf_ewX_*
z0T72eKmetG%C-Xs?k%SIUGt{pYQCA8s8NEOfwqZ21qpW0L`*$i>-LX|hvoh$g8L5V
zid;Bj)3f#%5=Ult%wfGGw8QJ%V(h{J)CZXR)x$SqKmAEe(>`E|$3RMU-99P}n_*%e
zlV%2fP)BqLyPiopgqrzbhC?hcPYl8lCI0B9n^sOiF#U;N>FF(zMD|XYiVnX$i}Bve
z(>Wg9wJqm`mdF+DA>dJ({cHw&wHHr3b)sO}>bbVu$<17g9YL29+XimQsPaT055h$b
zgnGo!O9zRYGJfe*J=V~~HdxBC!*}{<q;`1^^pR+U18sLQ)V7^^8E4l!7e6sIR17IQ
z&kW*6!aCBktRL4<EZHxQ#n?_+X~xCXW>N#=Ek2vw=X$B$sIVU2vH|6cz8r<rOHrD!
z@~}ltLMm5L6((Xf!qqy!zUDg4I%l@xq7WKT3qWVvyo`yaf!?Mxkcx(!EuENiDxr3D
z;G%50p20vvja=y|=$usV%7TtjqJ$cz=32T#cIw<GE_&lvF+zC?)@AHyT2t;wZQ|_C
zAag!Cc}#37=RDLw$#G%;)<hFXKaH@g2k=t8&Kfihjqmoa^ZpK&;0yb)U$b0-FY&3f
zg#a?}L{t%sSD~X9<s6E)fGM+Gb?|29R4SwoY7^0N-JHocEP?%j@sSGISQgDCJ=R$&
zf6-aE#;z7kUR>iKg!pUAjdCka6du{LoJp<*aE^gBr-JHPL;%hw*wTTTcv3|0gS!OX
z7el&b)f?~E32IKv*b?pHuM4iOU0Gnb#~cmMIx&3P2r!;?5YE<0FG@w%FoINCwL{#v
zLW-3gRxDruclHosuLdn(cw))Ne#>f)!lJ3&bzwc>Fc}nJB<s_W-vB;$?2lU+C`eU@
z(RC7p)=IyfPJtxq;x}=oW?zdtAuu4u#`9o$2MW5S&5wlb;W>x;3@|9{#oghAF~+70
ztFLQh{QY&%5T(3;IGRi}-!-uuK~WfX&uZJ;ZiqUfJRj(Wv-lvl<Rdax^lTK>h=G+9
z^0ulqdb~nI1_3X*&-Lxq8yRFmozYjbuLq_8gygSXRel}52H0+_Nr@fsMSyw0<~Eg5
zVBK+mC2Yn~bM0j-{P4^yk<Scax9!c=x1Px~;XA^btcJf1tE(mX;&mnnFdKbL!u}9D
zev1fzr7pH){6joy?TE=F13qRSoF-axUt%hoX)))xtsp?yvC_wc&i_*;ACvTSg(03U
zldmDR$E*)We{8?~)zKB@&)=)l6Qi&5Rj<*LEr8XaN&^82=MS5>hAf}kUv6(D3+^O4
zb|4-D?hAABcv>C?hOZ8yW#Kv@-)QB&g6$JSaTy{QJ0OzAtbnndl<V8mh3CdMuSZjx
z=MxP=Q1|d9S{av{aYhVmv5eO=Sae+`30#gmeEqmfY%DP9$H+d)Wjv*>u0jZgw(cTJ
zlzc$522cCJqrojEKN=c<x)XY7snChnWfGR3Yw=77A2#v+%OT@I7Jf~XH-g7hpU~~(
z3~#m6@BR+RCbMS`o&Iwp6$Q9R8g#u4P=RTujOO*}4Tl7p*E{a0hUGvsWoL$jhmMN5
zcTt`ameKIQ8vpM45m4V`mG(@o9ypmV#|DcT1adU$6ZqKB{2xSej10{G;ICw2Wd4ui
zqt!q0(Sw$M6DojIx;7<sQ9zk8WY7)P+mZDj3Y0OTs!0YoTBs*8N_%_4i71s@Xy}=M
zh8je3V)1A1)<_0!#EA-jtPUbSRtMByWc2F(x`d&qa>UPxO*@$<XR2L2hhM-kE)OUf
z-~4)r<h-~0NdjM;b4&hw2)K-aCRCCvULe%FnRZnevPJy+&w2KIF*V;fpH88%1_<8l
zRwVALpZqWP)V~-6L@1?5Q^b0K8cSkSpsXX7W)OcC5yrQtT8(W}$CajP$M@D12NRpS
zx1H8VvuG=jK1_`G{>}J1Xp<*hA=X48F_bh&&Bz8H`mwrt1<Mi(>%aNGhUQSNK7j~L
z%Hw*LsP&2HFn$`b9%(w@d4?eNP4{8x`JdWIAdOVC^Y}2C8=1VvE4y@T!`)W66l6iq
zo8<<)N3hT7Xo3l7M2pkKP@csg)trk%lN7{*n+ppN00@+_3CVO=qF&vjU7I`ELy9BL
zoR?bI0u=%|2r5e4Idf@f;_iAo7t4?+h3E@%jiQ>CZ6DdumMbfC<SSe=v=`N8HBIe(
zsLhzYRkO<Xseob7oqOq8+4CBm-lq2{<<%zNFb<RUq0M}Z(&Rn_ZwjA0X)rFB$;!OD
zqS@jD_L|^@E(kE;>QR7Z9t7pvRKN+PS&8D^a80~-y>e&ly27N&L^I?oj2N%`&p=(+
z4PafrdGgSbswULY#D)*hpwQtwOx3V0(A$SIf^GQnlI^9#uR?)M%=Am!yIb*-$h}*j
zDG&rTxL}flO*j;c0NlJHX`~3sgeAFP#+_N*fSFX<ar{}wN&K<pnI+`j6*)D0gU1!R
zrSsvf$6Tk#IJQaJs?yQ#$vX=L|AHV<Mc!A1h-e)hzu7yR=DGB&rqBmGHjL>2)u6eJ
z0|)2~(<#@gzb*p$ZqE;1TK+~)Ts@uWkhcxKL_TPYma2-!gSa3hqNySMDXJzx18A2*
zm6UV9T->X;5p|X@4?TLQek5IkKZDBLoZ4kD+~rp<t<>Fdcrz?_x0}FNcy9)I2AK2+
z-s!#MT=c_v#DGA)vw;Mdk8w0SrUHE+*TnnI6s$No`gEfa&6u5kI6%{Jic3AWh}3y%
zCE$UFM>vqjlu9r%f>?irFlv<O%J6ON#9V*-dwaY4?*uv%A_6wbFXKkUV?qAj0v36}
z2m<Lp%(vyx97<q7o&eBbQ>G3IM27+x!Jvxatg8{tJa*9IoV#@bZ7-Rqc(l^-?FY(Q
z4Yt4|BVULVKCDZ512sNY3k55VaJX8*C||g9wdwqFT*^%!t?a@=uWc4Gnr5ij5|(3&
zCXp)mtZ_yz77sfb0lK;z>ZghfDfN?`H#8dH5WoOPLkLpZbK2x1{_F!*o@hIRf({QF
zhZ6}cQb{7C+N*lT<)ACJL{(FG=PbJIsAG3+<pMeb;TOW+I;Gaj!Ak0_UWLd6ieyl~
zr08>-x_ecA)VY>Sk0h}96C8{VS!~7J4W1Hs|KiA-*XD-3O*<*t{99&oJM*bXPqlS@
zljYp?*?0#4?gI2d5;Zw|KhK8vteK7=X@b9fVar+FHD=M^+F%mN!o4T6vg51oGu+lH
z3>?`~+AS9QrV|yX=+87FJ`CWYj^1lxTKiSChvv*(S^zrKIwO9@G^R_+qi22YkNXkU
zZmJP|W8?O6J5G?pd>66m)66d6rJPk`V@#8}Z|b|HWubRjcJ}xtU=)Tp<qR0Sjk9ZK
z=j-EdS?BD5zCGXeC&Sm*f&KNh-zh+Gg0-|9?X!D)YEi170faR!b+Xf5u9LyL5ahOB
zX^!{qL=j(I<se=LQB|h0c2$epILOv?*aqzMI*1qF^yHfM!s7MrgpE+2OL~(Ufdj{$
z&Jer%^JV+}=ho+p;|7#?VV{8mTc8<p$$pGSdd^=6kWj2Hez;{uQyk^(di3-2CT;=S
zs4{C5_~8D74foa>XO~}_aeVeca}{oiK-0*E6=0zKA2eTyj$oJ4{^sDINu}?VPXvf9
zo<=AQ9PL9MK!m~~cL%GJ_ls_E6tvyptI~C-!lb<+Ua(dLF0G6BM)bj)KFvvS_bW#A
zdefU#u$s2rHVGM4!e$+mTm&qd>;>%^$J}7JfcMQjyl9;aAw`w%q&Q)BKcmcK2odRD
z(mEM~W0Jd@-@dsMb~xc&vSo|FJJ1%7H?YmQGq|k2iGW)1TDrAOzbEi^bIyk8EChn$
zZ7^=Y#_Rfu7_cFoB5MOM!W<>f2K%_>P1$d>xO_K$(4c7wmviV9czu^FuQM$hm8FEg
zH)7QCrw`>MIT9|!Psekw@+Tz>K9S&v9$+xV;Z9Tn{9|DD11RJX(XAj}86-lu1OG%g
zR?+tXDy9nY<&!%Ike_cK1%O4|FoHlf=@0b(`$Z&{A|4kR1HA3VK}b5|fRi8u#r5ES
z2k_$LP6XD{rY_Y?@g|BGM?*Z!yC4dg!Wg9&fDklVbcu%gOC025--?Sz12Am`foYQM
zZi0|BlqhJ$k4X}*w9n!@?9={~iG#0FS;60`&mf?_hxU-92x*EDa__bq#|#XHY93z6
zYdo5}irq|j*@^o#C>YkwJ?&5KPd_aR2>_PMA_76~QYi(-qYj^Se_FN%Yg^a<+B1it
z1FrLG-?(uqt+fNe=khUR@x9tDlsi=j0~boX?u|inj9Ha=wrX0hF?Jm|9(eu%K@@%Y
z<v>ExkgLVd!kIKwsIYNph-BSeg*?lLRM`q5jJooWtZ%vYlmrsSC8;C8O_sF|{$-80
zlet4cbMg3&^hPSS@8!SuDSpoxS=Rn4r*Z${r`h|=-+UWUkvD}$?F~6%`~E<`NzK*r
zKlkjMEFAx>BLBaE4RbOu{=XG_Cbs_=HoT=VZimB;(EY4_1I<wtI!r|H5|7aV%7BBP
z2*Cw0LjYkQ5l8|&vvZ<K4JDR~7af}$oG_RlJv_Sp(k7dhDs|ROLItZYr^D5gh|#OZ
z>KLx)jYQf+Tdv~6s|x8OzeK4iJ>qH=Usa~2Oe{%DVo*gwpRAKe9fl<m4t=mlsw1!h
zq=uXzCN4dcQfdcRuyUvnAtE0Rz}-!#V+up$Gk1C;lY#;yEa1{DNkn~P2qg%M#bHq`
zzZbhnoF$So$cqzt8yDYB@Nfkx1Og9A_yWhF9CG~|L99rJ0udU=17g|$eHclMMGx6J
z89u=|7KAZ?Iz}{Mjitk2jfbaC6}e4-X;Uk}a1?USMdJ!)GC~E4xY7=RNW73l1PoAD
z0tKiv0y@z&Fdxtkfs5!OR|JGq0E9>)QGr`AHByQ)o@RfSBqa#^cP7SNNU>z5wuHk$
z1QL?a4H&N0yr){fRx9SQB=mF#T=}|4ezX|mEp<GLfdIuLCRn8DGUV^j34sBKB??9)
z6;V`(#$Q1*6=37$7(STqA{ZesM0$$?*a#{Nu<JA~5enT?co<5swN;YAgYh&=Muu>t
zf^T>sK>=&P1q3b}eK2Zqe}b+q8b37v(tQUsszNkF<&M@!T@;laK*(f_wgn&8RfLr!
z_|6ShM9ZS1E!{oc-_z;n=C6=EF{2dc-z^qRZr<#HLBfN}z`(fq2X{yNVlBEnnJ>4u
zc6>iPztd~xueLTOo8Ifb@6v0?T|z72{lA;VN2l@MEuV=uuk7*h>o6$7<U60=!#ii6
z@t@)EEAmwNFa5vokHb6Z|5gYndQb0it1+8iuiUsf!y}icaR!*v+b^ivP&@nde!OAt
zPr}6+P><Em*zx<nx%fhDOvKp6I!!G>EQdJvC-?Nlp*&u=+K9V?_%AQc9sZ7MDg4)k
zU4Nz-4R6?NNk;QPSmjZ}7C}o39Xm`Ag~6~wtnoBvO9O_Zoi3?4%X?uj_ShaMoNN=B
zf^jjM+&e^fCU4DZa7x+G#%p8Vu!flAm~Lm>u;fUFZ=`R0g4D9OsW^&Q6*wM4Y!9L>
zJ<DRIM%>J2#x_Q|FRZaC%S4~x3@D8V3|I7c$Wy$)PT_I<*@)X%V{59b-QUp?<SMNJ
zmb4mPx8zN?6;{{QZc=LtGfB#hJt?a-Z8}9GP4l~c(Sd%VIVL5hF8^)CX4?(_4NSL{
zdGQzKnKtGbHO3kAyZUJQvG8g|BJ6brVpYe{fU(<cj6kX@M6~;gBTS{e^$Fii2cE3W
zNi6b)sgDtSeXT98c70im9khn3PCeLxYU1W%SY1#p3*KN99bN~tf|<jz2}E?Oag8mF
z&QyCt&SRpxhd1_S@642ESKpEK{A}%=Y*pU3Fh<Fz^o{@MZ<Cr}gTah*=*BjP5pN#$
zXF-R08EE%0(K@0zIUX>yF6}6|AWYO>-}_;Gi?AiwF&R~dFZTPL>k*EoOU6p`71ikz
z$^!II0u4baEIosC!SY@FX#L9^$|r&jIz#IiEh8)7u<94v(rGKAbynlhzy6BS96VVq
z&Uy}WgHN~NEyS2IPiv_Exj^`!nq~`@$9a!77#0&^iC~>sUnfXM`=aLrO^rI}f(@eq
zRfj72-Xf&+kx`+{ilk}^`W?Qj-rfqprcjKREBy_SE`HecKL^(zclbYan*Cp41hj1J
zvn2klm!(O$>}kxdkg`mCs!_W3l9YQcC`V{^3_4q-8yP?H`<!lo1`Mue<SQ?$B*KhI
z^E3-H56f6X03XD6jFA6fxfWy-{dG3?@xQwSd0ib1G=|svtn8uJAHG-C)9I7oY>oT!
zaTls`sYSR}J?w4g^L$OE2!|vAmdrk<v;aJL(2PEhydUT7<?;3Aee?PJK?(E|JneTR
zZx%jZ->6q@3IpzeP{gZP`QR_6&ffxS2*YrtU|}T>jinJ#_r4f1-u-qWKiA~B`{}T6
zZ)eck8NEl$Hc?EaIc}fNzi3tZ1tdUOY*8~*HoKb9XMf#qN~17i+;g|R_b<C&_D|zT
zl;}oED#)JDIsf%OOU>)Wk@g4`J7OFV+?4^!Yhd@^Fr+R|c~lC1Y8{8C$<aJ|x<P$;
zew|ZqHkU-e0Y2(wGU|hp3p#gn_mjD9*G(g>_sI711o6#R5;=4E@sDMlcc#XxrJ7Hx
zn%E@LRf`$>x<1ILxv>MCwlZ{ewU*D<k9{b$csh3vJ_?u-FOV8Q!1woqLHiTixO~3C
zjZXuZ`({Hw!`1F1wa#FV>6>9DeeAL@J6Lmv=Zoo#_G*Wbwa24IW`y(#V^p|nIUIQf
zk@UQzAOz{CU+X7|Q1CR-3rl7gZ0WQmLLwl(>AohITu>pzoPt5+beO9JNRA#{Vj_4N
z%_rxBjR%VfLWESdOj5`6Xy;X!s~{1=OZ{!EGYC`&;Sx1~^n<qp#i=i~Xg*QEB6a>K
zK2jj717|N~VSMh2T%L<IvGc3iw9Zc>2ZvzHd~71xrhmP%tCc5rECss~`zBfZB+$;6
zF2+CVCJI@i$(!qzDba;lkWe77W3hGYJp>fuC^-87WxoO;mT8UH!@<YvaKKp0p*my(
zMc|q?L=D9dz$v8n;NI{+)@HV;j+tbRCtcC)!-3P9s)4lE{WO7vGbFR(g=|Sg$Gdz+
zlj-v%lSR!mTk6=c_cQ2keX{vzrF-bA#w2xgwxy<e(AYRZk#71HxkN%tNkK@D4>77p
zkP-wg`X_=3HZ(OyLFB?J53k#T(+BINjnwLEp?i*QIKvY?``Pn1l+kK0vO1Lj4?)GI
z(?Fm}a;0OW@@*~pL5Ui4)WL?-I-Z(4$60|!?I1f}xg^2}s~|uY+a54NhA}G4EO*3p
zP5TVfFJr2M=!63<Ws1cG=w7u%TOwU>rp+AB`pam?i<nTCoiB{H0~eLgZFyE|?VW+$
zt0`aQe~sHLC)%bpT5KjLdt+}9q^A-9u|*XBKwJ{3V4z<RC8(0G%9gIGyf93t#jVqi
z>#rm##R2Fow1B@?=FglrZGRI&5M^KFsC#2?7h_8p{19M%>IJC{LBs@oGg8<KImw{a
z9Pm%$mEeXg&Mi<{JUb3(v-XXhaNBU|`G>ZufeV&uERP4npH67!WGA7rC8l;&C^ao2
zw5PfH`a9?HSpo}Z9|0?C`ee&m0ZrlqV%Tm&5~t@AWYK|zfClhUAzw^q#!1z{oPdfl
zQGAC?VX3QcuZAQc*wf3mSB_DA2E7+H#K8EJc`g_nA|a73czp>lRx>um_W)7`J8y>v
zOO_swqibu!ORCaC&>H0){ufaY<#&pG0Eo-sJORYGcPL)ct4Su=fWFoIoI!0uMu&(o
z^;t)N_Tgkn8fAd`ZIh}fH4PNnwF5HpP_`KNRzW8DkOpfUJ^ks;Ae};dw8py9ImPe=
z8QUS6Skvm06wQq{3i9E{<7af?BwC0WzbM)58YvV!3j4x;f}1795q$8P_6+naBPps#
zkg7GeTFIay_*%93xf5(lQ;n5*@T&uej*V<P0-AlFx;=Xo3bQ@sa91v3@ILN2>C{v<
zz={qN!G0KIl-jo)Pmr#L)gH}QmEY?_j}#iC$yMIv@IAi1Y^9fRqnIvvD0m=%LXELn
zwjH^@q5)fS;prMgW4kYtM0n3;JWJeRu3F%SCWUIh+PZ7s5cqBLhV1j2Y84m@Lew(~
z-BiBZiqoxSDak(*Y#oq3l~y|OhPo;nVYQ(ueV-xQeu#OUm7T+0Y?goH9@wI~w<#cg
za`}b*>!VIXrmvsz8@9;+vi=pk<?Cvr&LM#%Fv683ZbRN^a!EY%`l?Uidf~MXS7YaB
zXqN3buTi)SwvWau6)o1J{uf%f9oC{iTgWih<zeFtp{X?*C}pFo%|w4tq065(nz;~K
zn`<iouiLF%VLl40EB3zC-KyWX^T+uS2w&?Yml-fq2fYNJS!`w{(GV4W1n<A<|MluT
zR0mz*wc-J`lh~oYcH*=?v9(At#P<aSM!LnrNGp{h9PDF|gifS__g^`l8^&MaR2yBf
z+VKK;NG?#lxbxdx+Il3}5d_{C3YQu((U?A3mv}2QpR}bYghqWkp2<~$3$`e?1hqfc
zJwm*YT2sG#4{BQ5%d=6!Ao-lZLkE8`MOAcjE<d<WEwGVhI1r?iraD^W3E<MjCpTnE
zp0!6h%s%uw(@ed3X7a>fFwSE3ocn*9aM-&=a5FonQd2xUAZe?jRm=LhvrJD>TC}Z2
ze*m+QpGExBEdP(JcE<l)B44epYrnyU;`?7bVi}rVNmNn5QO6F{vD6W~r#~oRR+F&`
z8&0I0nqQxEl5?p>q;V$%0<wyWd+p&TdfSNrgZPjUg%O5`3UUc5Jn3|^emOtI-nig5
zax4DK>kBHo@J)Gx;$Zy1*XISy@;PF7eAb)UQS)oMNVxwJ_+rckg2w!f8}>l+fu*;5
zOFP(Zy***J2>^8C*d}tn`2zCyJEDe&AP}oBp1-IKXh{x?GK6*PbRP0XG^W9MW`T}2
zQLRZL(tZ35M|~d@e!`1Hcc%x!tjzqmAPe8{sH@eN4nZgk6`c$VH1@rIcZY2i%hFuj
z<2Tq3v+WB8saX{a-syzt&>z1GGZJmE7=b|iXYv%5KTi)r@`u{)#<*3yRI1TlcjYY<
zGH#TVDo?s?4vF&HfWAHkbw0{QvWFH#P$No!F_ywlky>Lq0gY8CoD3=u7HAmLsBrnv
zYcVh83lAo&Xzq&<kq~k2<E0xLL5aBkff7MaSfJ0~NI7oLB0_y##wrM+>!v)IAi)c<
zA49lBz>cTJHn+IZWjneJZLj0Ma70;7N?S&Ou}=Wg*ndFAMg-8f7qw$FyDKCK#4-_j
zNAhQ)-p3b@cZ;pcE=gYPG!I2h*-63Rq(J%|ga%*~XhL>mcY!SyaKNaleuU69(Y;`l
z@OLK^%iLdZD%uLO4p~_WLl|N3ssO{orAeO_K4~4vx%O%cRFmp8aMjUW6WaSLm3ITM
zRNq^2XwTUz=g~t&{hONwe29c^mVWc%t*74NoY`+qZQwdYmHceYm=y-P?)0+l)xeaz
zbH!$<v@6jrkWG?pl|!)-$FD#XeFZ!wmH2jNoR|}xK8@*1U0L*MV7!41-7LXPdWqF=
z_NsYX-6=z!z(F26T*BY)S4cSIiZGa#Isim{a}^r+H}$u5_1EG3_$$5e_GJD~wPE<=
z_%&Z07=9NFX@N%)f7dC$0W{VNfmt*b8g|9tGWsYS%59|~{oW+GzYPvQHw>2g#YP~g
zk5|l0r4{jN5>3}xw1qEXd2cnfXz*ICuCrpBr_7i*geil(21Qr#<E$>;9)}&8(hTGm
zBTx`pLIIDb7U#Uuo&O>P4e&m6!O=080x9#=l|;KP)BcgxY@r8hqBsG5&OkS2=vj-L
zt9TJ4p&*jclt)k^|JyvrL%G{m(ZsPS;LxAo^Llmg2iA!uueU>P(18}joDpe%6)niM
z2_c`TY0$OBta9g0c4>|`!2b7F??wxbFhvMhwWamWvh7?wufuRi_xMw$AU;ZK>oxcF
zCh71+zXs}=vPw<0>w=|QG-e)GT8e6YhS16D6sSo}#RK0Y`%z(!cs?TqmA<F@GFY#W
zrd_8uy;WdIHIuk__ce!rfl&7G`T?Wfnqxi2zVbuyNbWF*W4@D+xF=G`q*N)%zD}>8
z@oYYHN;=-$Dt`B~pRqqs$O-}i#V>iTup+`P`lo!5s-n@4UyG=c^QUGlq}Y;_t!02u
zAtU|@JT;Y@vGh?FJ)`;KRGarH8RQO=v{TIR;@0mMm65%(7ir^NPQnDwi>Kd!9_4#c
z|2X3PgRPU1?T4rGU!VW8ouXUghn&KO@^1pW3QjE&D-3W$DXdzR#)`+Purf#m>F9vX
z_!8;Qh&Mx6o>k2utqcQ5q(n4(bl^_Ma!>KW_)9b!qJoEx6O#CEwVS#Atb_<LmiHB+
zOj+A(RiYV1Cwj8Q_443%n)#F@JlAc%#25W!BmOqiC8X#8hsm}RtXf|>yc&)2b&~(>
z?Z>6lt>^1iOrZh7yV;s_Zv8v_%emSYIB+t062~Fo*{{9}hKE9oWroTeYZX{AC8SV-
z$u1v#I-r`*rY*B*0f;^QRrE@?G*oB|7RjWvP)4kn&-INt%0HPFb}=sx8D5k=-r(_(
z8s5)lM>9!M2&AAft=mgu#8LqGL+E&EGogQs6Cp6~>fs5Ao1BG^njwsaKc6*q$y+U0
zqCcWP*ebKUfG$;d#^QKJB&w1VWV;1I0Q6U*Nnt?5>-`g0C3~io;-`eumnx}to-thJ
z;djLxVOSukub8MCCV;>Vr1&Y7a47gKvtkEX^<&YJt=~av(E#tO&0h-dr(|l%3&(e$
zL7gt5WtHq3u=JR@cM1-dBP=em=#N=)>Y8XaDcrrDB~3%AS5whjpJ-Ptz|WmJY0-J^
zu5Ym$z;Re9xHiu&tg}!nFGhhKLNEe>#j&Ibs&+}DE_<wJPWOI-s%DFhF8bu`magu>
z+uMtp3s?4;%5OlO+y*xxgZ>2rZh2&~PcX52MObS^SdfI@dE)0?V|#`?Tntc&P?460
zGZVv`wE}Vxk|el%PpWQdX|~<IeeHMWU=k+#pnPzKkjT<{+;q>Wk-8eYokWxK>u_1~
zQ0K2!dS**>^oe?H?`?FIQ#E3RSmb26(F`P7;*CArd7<cu97yZM84;^g28Jbx9ilEx
z6eLoOcCrjbEb&o@Xrgp{n}j(5So023Z#+IA@I`)cs|?4r6I*^+tZUTSRQ&cA=U&P!
z8;fz^s|NZ;<|W*y_n61<Zalv*PvV<WvWID2feOuh4Fn`gymZEh;)(8d=$dW_!&_3A
z$8hL=%Sk5*10f2Vo!CIB>aGJdNi*#6tV*UVUAEL4Piel$Fpy_p9i<ztq}VnO425H&
z=%bcwoYXO{!JeE`owuZ*@|n_ifH+Wb+eEW;mI|S{RZkZq3QZAQ66GR*q(rZmNyUaF
zR)$Fp+LmZyi9f4dArGI6)H5R0dofA@T01Ys$y&CwY%j_#)!^VIHR=Mc3HT;`E^IFT
z@?Cj)X92~_tlw;dGfGnV%L^r2LGwGu``E$>#AT_vg58Zp$uOa11jt)L-HCvjP`}j6
zYvIz(-1je!9UGa?$Ucs5hhUsyGjlSgJJ+#xCMQTB=u^>#4hP$VQaq!s7?uWj^D+xu
z9E%+?T@GQ4pc1g~!;8S{IPkD=(9lNHqinEkAhaAOoE)McJ{nwPY*Yrq@*kN7<&<SN
z^xw#jJW{!4BS3IyA~aqDK)*SJt+sw)nybijfO7=)*L#I{owsPXhC@uts<It{@U>P{
zy)~W>086EBsc;QEMQV)YDvuMoA|~WWLh3FFU!_;D_p!-dD$8lV%MQ4duH;xsGMAPs
zGMO3Kd!LXV%N+m0Nf8dkXvjCVY&cgkxbnF;YR{G5$hF6@bcaSpZ1JXzwwz`ED-_ld
zxfphcevTRR>GHL4bj`1wJADJxDura}KIZQ_=d5vwIrm4G>nnc@Q<H~C=YeGM95QTv
z*D;;1p#YBH2{oY8*CBok5!`EL8pJK%NN6t((V-2<GQ1xggrQu3^nv|x&-LasY`7rV
zz>33hFo-ch=8?VXng+O5f5O-i!gpR06Ghv%Ivd2fC<_PGMa#kRkt38C8u$5rUv-Ub
z^jX@5c30~z)~ZYwN?l|C)Tz)t(ZXyoxEf`B=(<1;dccK8)t|3svW9J3adGEl<FaWA
z@H?@{z_nQoz8Q_kg>_N$RU(J?PCcwoWlVhb={drhLQs(Z6RF29IHp}6*~|~Y5bEQ+
z#sZ)4UZrM#C&T)&WjZ%bf{Ycipq1MYH~2j%^&=#lK5>so2?9y!3(2k{!ld-m;kQp4
zS8w~<{o^^ix;nEX;0q&dZ@3+r6A=Lo`9$sd5>!q6p$2o=fW!V;=C68i$i%3$oSl19
z8O(LW3yFrPI(m<hYfHA-2E{p4q@WD(y2Ow@hYA6g>W`JB!EK!}10TgBcW6LZ2h)=m
z>-_wlYL9gPria=m56|;PsTH)0t?`a};W~%Xum0Ch=zJOW@_(A=*#7(Jh>WS7xr+q>
zBM19`oD{v(+OYe<fcyTOekcMJPV2Q#7E<gUgMrYlkI=ovg8&gLq5*0udDNf#`I^%g
zOWqPGs=O(HfYC&0&1B^8GIN`g#{9my;;GW#)<uLL#J`OwjxgL)luMv*Z*A*+^9m(N
z<+$0Ltol;pHy3ks9*@SxpfuJ~t(t|pZ;blPv#-_bA)PP=dJUBC+CcRHTzOcF-Y9u?
zyn7pb+}QYgvhl3mcKnvL!FT-~z+VNPcN}&Dgz~buq9@_7{mhHmhhgNqD<NYZQ$Jp-
zm>K4t;5SHKd(cTSt#p|+$|)?w*vAO}r_Te1&yRKwx>Jf!6!vL!c2#@8{Mt~CMq#@M
z)AQO9aHNf`<<{;&#0vTPX_Xv8T}O;z<8O>X4Eb7e#rT3BS8$pIX0-uOw)~SNhrHpB
zAE4}po_*#10vS!C6P}_gNGM%opsEY-C4|wrsG^5rXs;W)2rzYg&<D5l+|zC^%@7R}
zrZ5KqIaVzOn0|R3{4&nbj934nW&N4vjXTSnR!?yzVc-j~mIDffvbzGy*D%$71Vknd
zP!s|xr0&2#C3DSn*4RTpj%n#Ec-CP40tEfE5&G6G54f#9cjQ|@f~I`x^ObCU+teDF
zWYA~S<Ocp-LINL$tPjkrdaH)m+9JgsT@xmWx%4L-w6UbN9lK8YL`0oiNfX;$?+j0}
z*Vv9rGclnT=9a9d=3Rn*+mnecorG<df(@1c$+a8_(Y}lE?pD!<%pKU|z~BOnuyf5m
z=UdEan093VHmq}W2)S7$lO{j^NVh|CSx3LbVKewXw)JZZN7}n`%dBxh;MeWb%r;YT
zLK3(ydxKm+8UG^MZx7$sRLEKJKohB2-l=3m62jpu%iDuT`fI;;$c90Y-f`?t8gZre
z<}YhpQag-FIAA^sJ+j=EHKS-L5zP#6M=fX~c0k9;W-gO4H_M<r0T*_8Ix>Nf=`Fg*
z#z$Z2z$Y^z0S)Jrv-Q*CuTD6fbO0qZQcGG7+a)Cspkq9k@>KMe0_%#K5PX9DNj~h=
zBEJ1(PUKRVl~f6#2hPV3BnePE_vlu7H_zqGpDr>4Rr7;owVa>+n+s^xT`feLes#b^
znl>1|A$|fs-0uzw!tp!BGSzgEMwOH5Y?0^}WHX<=d3NbL(NuEWVd=E?Q^M_|zsHtf
zq~sqBkqfQ~E2Tp1TE<eH_H$W}urOCzRw2@FG;H+~{dUAEKv5Wrb$ba`NK5JnEUa-C
zMK&A_g8=~`pUQ*^9m9$>Sx5rVHP1I6G-Ga=>Wo`r8^Slx0O%hzK-_-*<AD=2QZ%a3
z$<PP3?bXSo%U5<sc<X{=4%fe-K|M8b)z`XmpO1iZ-JRSm5Hg#9p%Y`O7Jh!<j43pZ
zbkA}sG)%Ac?`VcMoDsL<dHk%e0lfEUF#2J2P#SE>l}vO`6G71xc_W3Z?4Dtf!9sP;
zA5$imJBMADOcWqsokT|#9J>RNz!B6yvEO8WJX!^i7onPHKuniwCzAbjQb3zjQ~u_-
zL35i?jsq-9F%b_nk!YjE=J^gqh<LRAK_6Yj96|zj>f##wBOTqrGkKZ2SujpOBNK1f
z_b0MBn(4h?XQ#q{y#cT8n`w9k@Jh`${~<oHLHO~}BCm9jdbv~j1hxCyJ>eNvWSfeu
z;G6F53^ffApOL4=6T^Iv4Iaf!RbN-+kP&8ZERyJ2W^<XW5X?v9P!T2(bTWEZ8E6CZ
zrZw!FRwTEwS2Nuthe{qs#d94wDKqSA3(MXkAB$&+tPQK|c4W;#Ck@BZ4Kh~TG(cpR
zN}YdpcEF~@6Siqpz#D@PubsdHwq5mzH}g!FzS@0GZQ&17%PQxk_^(^Dg@N%;GMxt;
zc9>knBvAvy)n|k>);*80f*&6OGgKH(QNb+Y0XalVBf^HHMrhST1TPOxtnPeW6t7UN
zYWe$Sw4<)Fb#Y8~w?eDT+YAxSxqY<`duM8Jh0gSH@Hk`;1if}zk&~mvPvYxnzNxgx
z$sidv4J3w$@-Jx=<7sZdTN%nhBg4jhK9pC!nU|Ac7qBUl3NA%bzsucgw;X`@e)0AT
z-eFi}Td0}^QU(LQ<hMeL>unnbdQAfm$22-Lg2Gk^9#$e5c7M=mt3&qOpl!AXfDn*X
zPb8z`D}vzQNyWsV3IqkMr;82^0;mvV%(I8M0Z`P!6=qzcp>yiXALyWJ#2-4EbTQhP
z9OstKto@hI<Jt7Itn?Wae&Bgp02!a?6gle!_N3fmYQvPzBR@tPre|H>J1vfW_a2+v
z5xJto68x#iGhoghZP(WDWZWR<=P)tvS2Sdp<oTM8#pE*G_;HGI>KQ!QR9z8&!k?u%
z{%>+5T5zS9b7y$S3Ve!94pzQrbBNjdPkQ;Xhm7g(Q<sWIZI`V=nDUdBUV@Z`>U{|9
zbRdOADhKJv@ybI>dly!nUb+2nN@BO#(C6N>_xy6=YDbj3&5P-Gp)Yi5>)eo>dA%U#
zaOXGlxC5xzf10D&|6wo6#_|8)stEqid(mnYYwHaLl+RrKf?rHincInmFdeS6$+5gx
ztKl^u>~2=VNM#LMHQ#>fiCagC9nHxCKD7Ed-Y!>jrV#_b2+cSURS4-g=fnzMt(=$%
z!>}?7_7bjo-h2tA!xZA6lQmpoKfeElz@Gkv$g|t?PnX-yWrz+T;#z=_MehSL`brya
z5<q`>8J!zvY0u7;{S6MbD!%}JDDL4OzLWln4}vlwQQH3W2>WLlD+9(!ql)e~JuC?&
zBUatOej1r%`><#)O_B;k;ID&$F8!2qkRZD2Gc#NX;I%ApJYzuX$fLlaVNy|0A8z1r
z5wkhnF&)Bk5Je?{E|C*$@^$|(VTe$c@tC@e@INtsZc(z>@=&kb)Q)Ufz1<&PAI{%3
z{g&EhlsAzB3soeHsv@-g)k>(1Ggsx1V>HUeM0pO0H8v6GR?}5l6{~BY8YH`B)Pn=2
zjZTvKK05*;4AU68x@uQe9L0OO>~ywND=i>^%x=wsNB@G9P!XeaBs=|?S=V^Tx)#66
zS5ohA+Ytw^p34Z?K0j$XPGR)f$j`%40r{KTm%r;pRE<X<MsBl)xtNAy34M7e483fh
z*~863W{kP_G;HdgInzdjl-;W9&YZ=5YnI%LPYtg^iCn9^4K-lXqWlH1IS5+gq`pbI
z8Gt|0v=zdwJ#((FGUhpD!M!rux$TMW6p0=ieLk0lV58%y&F<UT^$XKBt+R$k?4u=W
zG8UYjLyH3(KHL+5&sA2YC+cX>BanL(V>~&^<^H7_atz#v5+R@w-NMyEC4fO*_+#T@
zb`;}!2QZb10WB{Wg?F~4G%ub3xGhko5Rfr0z<I~N@<!af7xGTn=i+Qbgh8j{<;uJx
zpF=LEL_g^Tr{h!^Ec#FwdGN|-ZWsaMN<M|(fuL;QpPv1n8uS0i(=su!{l|IQrA%G>
zA~E#Q>wC(!p?R~3F8H*+cG~4jMNgLVm3F3xSwp}5wEM72@_Nkm`hxpcF{qlOP=N7f
zzNc;urlvT5=(Ya;UwZBH5!|?hnBy+rRaV&>-$GP|u$pc}Jd_^r=XW^wMb(b_@ip)J
z4&RpVJ+B(zk;D)XxIFzXC{9uly8Pts^UXpn{0{&0m&e;J-F#U8g}Z$75nS&#yua!s
zHO{VJjFDi-a@y_>#w4Zyw&e^aa*ely<-;@2hqL(U#nA27;J$C8<Rp*wsx|)ovv0fi
zbke7ln92)ZCwZbVo|26ZcwX<~l?vC-N;QVQ_ZtyZ`sGR-gA=QAce-g4Bu04%GxXqR
zqvc8?#3199zIOn=f{bVoMu9wZ9o0u+_3(52xQb3Q2;PhDuzeaH;P*njlME`0X%J&H
z6KjUDsSH>|ZN(WPs4%iu)+E#5+5rMt_ex2N=Gj8uxYc6#d1z_jjFJ4C^*P-Zecc={
z{AdD~Bx}pCGQ6|tq!azUU1p-#DzohxZCnli_l@&Vk**y*TIH5ucL?=rF8`phazSIR
z9l94o%*MKhtNc?(bq#Km&HI_pEjZH5_o83Pbtv!T<_Xt^$vV-4w)>x$T<lu&(b&@Q
zr}&16sBSG2{}TL*$3u`_vCge+H)8n*4D=_Wwu*Yzt4ucWTwe7(8)jl8t+b~L4kCw!
zP1`NSmS(@xuiCBVv_UsRyb4Zjl5^Jr)CAwLv_FQ3i60Vh^@lu`=G(6RCh2IO3{QQ=
zG*(zYgi(QLJWF<oNfqHikv957Pern$g7maZL|QPl40BZF$iBTXtWO-#Mb^6#R3nGo
zb&I0OkMob0u4A{u6D(rlkm|0~#p<oWbo6swPWnstuV(l#+|vjVC5LbX{tD9b72VvF
z%GmY{V5)O<*w}~x&^`mYyPNp6XEDLbI6o+eG!>mw3gP;JpI~fdu?8n0tQ9GI8Y^h!
zE7w*}YH6sSV^a@LEq+nNB=y6%qCPwYPdAS%u?VIZieAkK#8Pg?%J>#Q>sN_y6Fqu0
zmMgD+zU-~xfm3olu>oE?d_!(7g^>(fhOb4hYE_i^jQ8^h*^@9oz{W%f)s|WFr0%_}
z7Rq>KG?jgy_`$Mou5S(?n&cV`B(o^@j{c_~VtQtBL(f-X7P%)-M46`}mv*ZepIiX_
z>2*Mcy%DyT)*)bcT0|c#FB=hW<p6Oj+LVkmwl!E?pF|&{pv))}FV<QM@5zD0f`nbN
z%}t5EuiSoVDL&Eq8OUNuworCJBt}>_;g>S6u%&DCZZz<eEI2N5Y882vZ{m?{8K+^y
z?w(w$A|SLP&aXk+WY}oz;84<{LnHb0_%sh=Mjx>YCVO@(H=q@SP|G74bL9xNd{z;B
zIigl=7*%DxW{(OZlVhMmqt>-Sty9mfD1W;G(Z|f)wm-iS+4{Q~ze1dcEO|jcGJ5hr
z-Cro0elL(gloXBOnhz#GuNn@MK_tukEeY)a+RP&9Y=30E6guMRI54$#@?9%~YC53N
zy^3SW3%B^qe|bU=N+Yq#5hk|g0MoC>0!Bh+AR$1bc8dzLMY1*>Ut6A6pgo-fZrSAq
zn^^k^5v|-B>RrAZVkw?)1T}nT;<;U~QNp;ZTKkX(pGPdU(A7TP$h|Os*~>+VyS~O|
zXdpO{YK&6yvm}?w5D*%tq&UK$Ja(e*6kZGdE1S8M{#LlXeZW(C&}=Q^dufkN(p^1o
z)lg%;IYOd0y)^oJRf4Ch|3R;mSJBCWe*Gc<v~-c<>*ue2^rOYkQMQo8Kn)#Gw~(|-
zx*eQYvpucwg2biOLOvYX!zRbNAB#wwkdk2I(uO~^$!5x-{Bh*YbY#P+Mug$$t>X%m
zV@@}s+mi|q8>xXzYmIaRKCf(XW<4p$=?l-)+6m9w@@wayK`S56M#YzFp(6XqX<4qD
zcj}L4d0!C+#(p9|vq#Dzx5eD_yls>8UP$H&J=^+qA{KpyG*6cJ<~Ra+*9v>#J@gkX
zmZHcg%#0@RZHlP}mK3RofVwDjP+qGuySVMzu)&TTJ2AyLg&HJnoZ#97ra&s1b8$?B
z_$E;<P>v}ou6B>1098cjAbcI&8h*WOjQ-l;<#X%$qm$k}ZD2baqELscZY-l>41op_
zEzTR(PgXM&Ljmh>vBEU=suiZRvdm<JrB7o<F+z{d+>=?CXik6aDk)s<ObV;s`zQI2
znTX{w=M~|qdooLUg%s9}tLl6}^d~9ok9K+Jqa_gxVks0@;jYDBc&m;4k3Nxn1rjhc
zq+W)Q_|+>+xT$Jfr-n6vSUo|_VqXmvtBO3j8utZ9c`<n+`x21>8k4h*+7jvPQS@{8
zNwb}&*3E}G6beTiVb#O&6h+sB(AfQ)K{hOQ3L)3PA&2NTY$ZlyPnY%-Vra>w?f+uz
zoq|Ny!ZpCQZQHhObGPl?yKURHZQHhO+jjSEPoKK?;a1J5nNyXgR8}g<N>+Y+2q(9o
zhH2olmU><xuO$jKVhU^b@6F#YcGvUUA5}B6%HMCno=kx9av==pBLS5Sd8wX4QJ)1J
zRn(5I-)jwwitYUqE(MkhGuLgb3wmr7zh(TEo)r{{HA?x5n#gPETa2`T%;lD$u?`p+
zX5?TN*JL1XVvkZLZf5{zpF1z5uS>KRTTAaw8~5k1PRpSx`VGYqSFNjXY<u@8m7)5O
zE<apzWni#c9Pn)n<Y?|J^AO%UkX=TI-6fl%x84rPx(pt@`j$7v19m^xp&a_J8!Dg0
zNVqGj3<fATWTxnO#UGvN+CQrCa(<LyiXww1GB!$=!;2}GRo;uKas;{t=Mn4^__e$&
zJ<ihgR$X(PYT$Ks@j)ZBPVmmcT{gtPXn{CwbC@Or1|<uC#_>^b#S-JxY+US=&PFHF
zx^jdom$JKpL)kZdJ+-%rz}$@!R;xsx@9S~gxqEEo#)9uI21t}lBn_5*Lw>$}D;o=3
zV<Q|C;apbb%D*>1adz;0=K1FfSBu~GK78J|;8M;sa~f{#Y^E22G?ZwOQpOow$molB
zK~Cfv@O^-(A$2zYEl~PbQCsF8Ig<a_u)5Ovu?!wY{qgf7m_>)IEp|A$ox3wdmu$Xr
zzCxj>|1tDwr2U1|l#ep-`NZpx5JDsxM}%D1+us{bRQ8a?`7qTsnMsQHW9k!^`eW)N
z@?+|AJZI_j^aM4;F)Vq=M|M>6=5kDHP1n}r7Z;vQ^m!9Py<aHb`B#$QyW_p0r<<J0
z5NJ#!{`3p6(bwXwc<7Vo&E)a=Ve0+;uI7bb*MJsd(A&o+R=ePZe{ZH|O$ZQ?lp^le
zpAU@1WTtRr*AR6_F;*6eFhv@{<hIuqPoBI#EIafKcY%y-?q)WV&lQ%u!4W#`T89<|
zEEMlgxgp>`qHli^{~oE~Ozo}3=rbjko(^@kg}3TU*n+K0oYG++is|E9>HYmX%K##Y
zP%vKp&be{bVo`BsV?-!+W}kyPLRR$$l1ia3y^$nLATT~48F+#KLK<;MhA<qv3e?7-
zFfc*EC<&u)P@M5ceZ(wD-i3XkBge+3r>CPr4h0bjaVVsh45<{{k;-p}pZgdkqQnVm
z;Rg^nm(L-S5NNJBsi?wE1quY_v{J>zO#nDhe#$zqWzu+9`wIloRUc+JPDFp?E>J&G
zoV#mOm)&&E<lz!A60KscSfT`!rpt?Q>xaE#vEcU`PYx_14v4HZ=;MdIvkir+Kyf_Y
zQ&2SB(j&XD@6<HzyfI{%ZZlu=Zkb+Xwy`ob?Tc99AH2l>H%67gBMWT;CmS0bD4lw+
ziTDSg)*nUfd52|8G6_&TQR3OL%3HHLf?Nz?yEn$0eRR>kwMk#uqKLNtyAtKrHa-)R
zT0D$v)reWAlHH?5qVBKF@!izt8Iu<ORkn0^YMx?0f@&d8qv_S72*S1y=Y6qu99@;Q
zF~|i-qW#;@m;^u6Qi0j-51K~CiCM0D$L#{a3b$%N5cu7;JnERm_PN4eo<a_$sjABu
z9h(D#`<HO%Y>YVaEz_=DJ|yw*UAo?uddYpO-i(YkQ?=<!=Jlo5h|!6=(n)Ie!_{<m
z+juyUmp$ACsQQ_%qyIKqa97V7Kg}oWEH{{Y3@W~cysGYd?n9tZuJShd1*UWhW#~ln
z32~yrE|Pi)2Ujf&c3xoM-+Yk~ioQQYiM~8R4TG9SiV1=UFrBE6LZkNj{ftN~lt#f{
zrC_{(DKKjb2&a-Tz=S4`IlffMURc}OM={YRO@}}_PehJA<1K{DYlzHk_?Zcbbj?eM
zP~(V!<<r2G_fRDIr0;eODKI0l)+Vgcfl`5I8rI<$acqm75Ovw<fFvTlU_x-dXONis
z+nEIM52@2B^>c*U8#Ol7OUDj4hDU#ZS^Ea+_eEW1=$@#LSir9{Touw`Jre~0a^&k<
zD^$v1Kp>TdKh-y-gN+!2#u37Y0C{Kvr09xie|sVt^F|5Fq!_W<x&i3V93lKwZ~(c(
z`JIvy@4KLVUapb^PT)5%em+#B%Y>5x@gYDaY#RoVs<-SfjV`$CP!{=`49$k{2f$Ij
z6yX!@e#1U?dAjnvu2o1<Ci+igyA1lc$k>Mm{5ySW-DJ>XkTe^9WXfjSRfJ}~Gp<#V
zF@fLXqnnqAdb)j_K)fdz=-h_VA&)%c;YJ<D%mOsyMHrU<`uY`%C^+CV4y>Qfnb9n)
z-#sIy)zuM`SM8j$+m*!g>GrmbB~CCBMaG6lva1aXe3q#fUavSmPqLxsU+t7B@i<Rw
zc0}eZrrwiv<6ag@b0hqs=Yf;~7-1$Y6jtgOg{~u8b$6fd*MpICCva4CdslFcH8CfE
zmU4?p{omqJoI$e7urc;Vv5sfXydaBehrca)<wN9_PL@?`*1KP~x3fBO8=qBrBdUp&
zwPv|9j`@CI2}(h>wNTvVNg$O%3Dv5Aem5iIzc8H_0?x-7DbeqI<~G9F@%d%=2Tn?I
ztZznpLQ}WBzg|k-Eh>(==#}Gf**<%V+f(P9qiCOICFxhZ`hIyPqWOvTKo#Y{oSbrq
zV~hX~8cidI5)=mIbU@TEPbDz~=#+x#u>-U^IFa5;57fO(ietct1VGUi)U|yI>vSPW
zD=0PvaA(%i{8^zDOATe4cxGt7Fe3NEPX4vxR#pu*9ot{N6MjxQP(@+;UWY+6a3qtl
zfQsN|wX~nID4O~tO$GAAoeg_o4q)7qEp&JzmFVL({XsZo_xFWTsI2;4Zfm40q_)<_
zPojNdxuk5>NkRq74}|ayRqNB3g9^#j52jBfKQ^&5$fgIRE<1$KxVCFYVCZW#JB;wT
zDErgu2qzChA?1a(u^p~?oE{-pc|aHEigdspMOW<CJfTE5=Kj}c{hW?&u!j5s!sDs$
zDT_*oLazhsuU&kLoXKfZ4TI>j>X>qZgy9=Ct|A|XHtS=k`VYp+COGq;9l4_dmGhU6
zC$B8JlxBsN;<>(#17*8`xt0b%s?7x?+lIh~k1heRi30~ReNVgj3Q&=juG!-OuU+48
z>^ETdFx!g+NRdFCT);rPznF4dEWVDza3T^AIWkX(dsd^ZWeo2!!e)rH=3+*&yBwGE
zyFTS~QEtlx(!$;s^M99%6zf-RR*LSXkyuarcWrbqD!ZWrayTx)ysgof=Wgn68$VQT
z^grRMFi7MOuG}`a<b$J7MTBh4?0vPPM?sp-23uk3*b<-#H&_i}0I%y?5jxA@4?uRP
zrZA#DQL~<^<3UOEmv0h_b6~_d4v3ZjK2b$%OUE@cW%R%_W?B&%>IMuU6lNL`9=|(>
z@*6bDNkAa$PwHIxF{4Kli5N%gIPw_7H*g|;j+Q?}c(9BZLg>w&B(!yi2$~R)cPOh+
zRlz$YF3aYti-8y+NktY5S$!l1DGy@<Ur7;MW-g0dGo?3yaFj1W_?%hOpL1(eiS`58
z)!@&5j^BHCM&xzbU8o)aGL2DME4F$;8q~}Vjy+kY4)%2dfi>u1Rr9o{{ww_R@4?^D
zo^xwkbhIYkyh2z(Ur|wv)pxdcSeA^F5K_<|zudnCL7G*6_n|y8cu~H=44bRcHE!$j
zE@6kosKdU$)%g||R|jxVUZH*B<!fK)xV{~?1l$XlQECyGs#zGx>H>j{X@U6ypWBv>
z`Ip%0hvo49E<$m#{x3u9KNMi6)W)ng7!bPNsa+F&(~soNQ;VTB9VIPZ7SV$D8R``1
z!%5gBdb))b>uI&Ny(nO`5@otxI37$X6h(H05tm>bh!BxssA*?y=iM&#Wm&=$oKD%~
zx4e#M6yZd@{PY9xV&A=1@=)Ddf^VvKd(K^SyNkf=!c+<=&UXT!FdB-&zi{6WJHMQt
zn(@EReNGX;VQOvOpbycu^!Aizcm#Y!5Tj9)qxAwTi(;eo;hrvmDrzS<;kyg(4mRKJ
zR91@wzj)GCiKK(S)}5X+(HcT%<irV?`y5tHG?g%Ib^m}*#Xxhi#xSndDow=bfo%2p
z;1k&MFrAiVataFB(}0HDVLYj#i7^C@1!2P7I9G}&PNv;Sx7oGt(||3pO{@^Nm%){$
z9gdW~!!uHlNfAxKni`uG8Z`HcsX~~DxDn@L1-Qhb;W%iBvZPrbCnG_$8Ivoq#Y=<@
z$BW8N^WdQe)MfFZ6rkOQ8bV!ngSZv?C9;iqjO~<zn7&+7_!}B$MK<X}1`uC~B)Jp;
zldsEL*xo`Y$12EnWPOulZcHKzSW5eE)TcvbyieTRXq`6p|4JJ;{l!Z=rWH%k7f6TV
z_4RdU1Pyn<ksq<tb=yDBG1Fz}&yGx-)*FeJlQQ)O00b!NvND_tx}cn5*p_68lqwuk
z#z2@dfHMP~Tk4!-`Z->cR2EzyqnT;t$r13lJzF(RkCo<|r9Mq3S;g&Y8g6UY@aE%e
z@YwA`K~}0fox=3X71|>jvK%|7zL4V5u>&<mXTCTJK=4Lv)n=%Hfr?s4ZqEafS_!QD
z6maU3WZap&+TI->&VI$TCF2h0unALbOy25xVqe23E>{g_eXHf|adpYseNr?%^}*8}
zE%>F(e?*F~0Q&DQ!8a5W@W#mn4y~wlf~tn@7s*2;AgTs75YIGs;-iPX+4iiIW$e3r
zC%LSa<Am6=dgk-q4EbL_PD(LoLlkr$fs!BG+RpQC>i}qirV(yzRa*DWT?O|ybAYS2
z*~0oAh|g~?Ad$d&jER9y=0^?pRgsY~6FCaw1b8!7Uuv+VAZUSCO5knmCJSrLy$%HB
zZ^np!BXf+F+WFditrdq3i(Obxy?VO67cQC-!ve+Ch@($*{S?5Yt*8A;jUXT#+55Ly
za9|bR4S}Wld7L8+ygCBI1Fj(V>l#aA)yquSdb7n;Z!Ww)xTL=VGvB}fPjWV$pk{Q9
zT<H9DHM2JifILz$hDDh&mR*Klg7E!YoeI8zW%(vn|8*VsmqrW|6FbL$&9RO&wQMff
z{xJ@jEr7vsa7+1x0$oVX3r^uYXMHfl_lOd_PtmNfLp26DueXC4A5W=OZ!}>O0e~o}
z=x{KC2{%HMdpiPzW=B*C)p{r*&Xihp{nbf~81);eb)<D`=w_0}JiQ(-mjvz@@ax-s
z1n0?4*86hq+ra)MhMorQrzJB-liKNvGJEVnNjB4Gvo}!lqDNM+L(adYNCIQ*lgX0E
zefS0cvBb<z;0uKm|GPTQ2gJ|<R|Im>Ah{!U6f3ZhWL{tb=F5W_>w&{_o3>$29RiVW
z)o;x@sY-mdbe?LbGHRCKGA9a$HGqSRkzMHHnHx5HZ%baEDQ>VYBdrap5J^N5@XF-&
z)LaB|75oZ1rbZ4Fmq9XcadSnGS;&HvBuwl;<j$5UJib<9<tQ|0qfx-XN!<^Q2I^+w
zWr?aH+|%?uC*sAbDGmM1*{@++OL`U!*f<nuSRy|$&JWBeuWz#5Kpq1EpcB8IYAR)o
zxfUQDUW1eR-pZ&V{jIN_fD<e;kn|<B#_YFCQs7cQ>->_b8LiEG2Ku|FTt#Dcdb>-5
zV^kE!hZyP>igT^DrSpUthC%bUG1{Wy%rY}eFd}x?%Ff|~6K^y1!_(&2J~q;uPp<Zw
zhq*_a2i=28Gzy|lZf;$6!wRzZZS-iqobYcBs%GV5ACsKgvGq;36RT#`sQz6<P6rex
z7SlXb^mf$!K0iXH=M7~_E1RG$owMyL*&k1asr9D&rXn@NfFK9oRV3^*T<^6iGt<1O
zLydOr<UzVOP729Y_dhWt)^RL?<~xc#6qDl%yF7qo!iaNY6rdK^6Wj&7W)MV_{Z?sm
z(yQ|w_L_vIv6u=;cq(K>L<a9%;CE3<d#10QMnq+$Cj?6;`%dk8y=6Tp07sNSleHoW
zQsw~M0Zx^b+8vv88a!28BKw+1SQX4flJSF;h~}CF<Y;^3z*BXhEMbOM2<OXyckE6|
zAAU^6Hw#z^O4v*DN1n=uONJ^l0e~-W2UNM}h$-f^5)(lO2hwc<6ve)hz+Xd-X;mjG
zymJzWFOq<a0fIdGR>+<*SlWUBat1CH3`BVV%CUo%<d|&ASkUcmS^c#fgn#hE<RtpI
z3vK^ki@b7!If4L)cXqK~SJ8Y;CpF=-GEGNG`<ed1*Y_~e*<iLtI-z9?dN)o=GU1w`
zDPk88zj%O?CxQFGwj3t%!KE}=uD4I*S&U!Lvxg*H9_pe0J8Zs3vRx5Z(>!5mqFNM2
zU@D}_y!k6*+!Z@A-Q$E@XSQ~Mr-q{6seOFYb$fNH%VUiu1>5-1REGhkFIeEMMhuo3
zMB+_nql~pqu~Z;|1j+7dx|iSo;>>|+XXpFkV&<C#<5U338=jBBS^BF-RMpry{k8;<
z#&GQ~QsJs#L;y7^?B9oa6AAOk{n$HueIt}=IBe%7i<>z_BL6xmh#+2oTv96M^lyJt
zY3N-=6Hzx;T^=rf$ytiHw|L^!DD&M{8PIrhB=R{*ER-0R-BDUlheL}hSrF3{p4d#}
z^GxM!yJzD>L_onOuIQ>DQx>9da@yqgRlC77;1h~=P$RfVWXvWEZu+Ojcd?*Rs0h}E
zf?J&Inhc%etKTO=RP4K1X~wPodqnanBkmNpl)FlF%Lf=70)jckws@Wazd3IE`hR2Y
z0C}QV3cZ5Qx}Z*2Kfdy8A*Exi$Mo(^VuQR*l6&w!r#Lt-UqQPh*VNC$y=UL7PB4`V
zFz?}xTsm{b3PSXoJ1nzM%F(ORFa5<Z6A&CX#!v;Ht5rv3%ocvtkS&a!_ERB=q#&IM
zc#_J_`fbG+bh`{auf<TMxNhj)6Vr6e@Efr$rZMCszn(9%vN@KIk2WUSDoVKOL%S02
zjj_88$P?Nr@J8-b*E)oFlMoVAJcDo*S8TulJzHuN`>)32u%p)@C*)Rzx-;?0i8*qm
z_br^+hW?7#hO7F(7EvX~I3++>hL_S(Or>-X4;ZKdf)E_=G65Exx)d^;;WmIemUg2A
zA3){Lc;JbXFzAc<1#d^#ldar|lh4zB=d85R?7uWdqaAS9Snc}`Lh74^r(b=JIdIoA
zpj{MQzt)Tb0YS0gC+vdfY$=j%QCddr0v7{G=_+<E%aIwn!p+!ayo$F?r1)h*9<24x
zAHMQ}3fU9NTW-)a>$>3f=G}$@xWm~)-&CCYrFF}P7@bLYM0sF*ekSL`4wO7htB_Mj
zK|LA1kaMN(GB{_Z!AoQHXKpTk=H{}-DY1&zp;zL-BpT<E_MgXZE+9BGfRtsxf}=@^
zk(tez<vWkmdC%F(R9Q71(>igH>I}Sm;_msn3BQg#I-9$kvS*eOk<zh7!_2;TR1yF)
zyoq+DnmWR>#!~#7{IZJ2JBMt~DXz=C_MpS+vzyLKuw+!=)5(i)a~)dtY(~elD>^Ya
z(K6);_|uRYw*W;#<QJ^)+Yw8<)C%sBOSNF%+wqs05tjvrhZ%S?r%%TODtR3bW=DMJ
z;IQZu1xIM$)>v_IJj{K+HSs|W8q!hbEq%<(!pOJx*T=zu(MWLc16IV*Q711FSMVbR
zo=|=>p@M=W({D^VvOB?4#!jrf`5K^yFREGv{A!?v2NnIkBT$uHHD!I;d-O_v)+7Bq
zts{NA>hLkdL>X;Wj!O#gk=im9Jx&a^Qv*)*g=qU)J9~#0chhkDW;`g6=~6&4G)a3M
zS@nkGQr+>hZA}X-QM-vgvfpQJnk<PjbrU2P<?!+`Py<~m8>vX37U4s3dpZwyt6$sw
z>Px?@?FNTwESEz43z7#zO?QME_aUDgAaLZbO1oV806Se6A1pP{L(-`+a9nx<`%KRz
zS^%%M-JEnX8@G6AWx4aRp0vUIvcCBf9W;dYH5b0@uPdA&vOsm{dI`_9P#x)OPNdXk
zuBwl+AvU0RIC~By4CK2fnR8=f<!&KNk*b`K83g0i+j1J$o`KN-K^wq%PY-O~ZeL`;
zIHhqC_K35O^~WbK6E)7gK@Ga)^r$vKAmLHpvEQxBivKNcV*D47DHA)>e<o8@X<5Y_
zG$Vd__Xr8}toEj(>WQL>`c09!NVr>7x5z~hp<{4qbyy5G<7jjbJ+HV>#Mf`rXwa+c
zlS)7G4D1c;O~wvq!~3ib017Ui;2D5~`MO<vcJOcK^}>4|txe>ADEiP_4ApBL<NcLz
zpUM9E-otI4N0<A^|EWzMb@2C$%opH5lGe6(0@3bfYd5M}cj}q#_;ma9WPUe)oMqL3
z2CU*Iw;h6YeS`W`AHhP|$`g`?&i(}~r42-<_#FVtCEVvJNSQ@@5<eY(Ys(cZ>6nVl
zDg6Y^*1_L(^`e+=xl+6*eD5rCa6-b<eX45n0J^6=j(Ma(F7V24--VN#C=oAHrswm}
z1>5-!DI<~esN0b25n~t5QDEEifCtU{h`1`fflY_6*-pZcFOtsZHSZoI385)IR`zGT
z-5EfZ!)hVA8~_sWa9x%Lm{`x2J{JkGXGv-{op7uwa1yK0I0^s|u+vvjq^)WASpgq?
z2oW?MMwn&|{~g0FdLnjY>Bb!*zlDn_8N^P8%nwWzvTS_zCAd&;M$c2KU{Jvo7h5P~
zW8nGLQnQdgu8lLhXByqL+2O;v+zkJjP~kWB^*OGA5K-(_53$p=F9`neHN{s{yuqtD
zgp#&QA3qTy82<WLk6`H32er^Tp>|gDcZ4Pd2Vi@FKBCuIYEqvW2naTYrYRnCl-#l1
zhvObmsRkq2Gv~fYhX{MwWMKKJK;OgP`KI+i^HrhcZk=jmSQ3ycr1mi`sbJCy_&~KR
zTmyoFh{{x7)z*y40ECP&%|IBJ8CskyfJM7T2=^O|H&2KK2SanH^1(4SuQhJX;Ig)j
z>`5own;3)k&-MmA*Pvn49|Vphg9o?JFNDeb%ws2K;aOh}p1RJ@F7vuk^NkfKr}0<7
z_&+!nBcTk1s0gl-!Q{8KK)H$gS%tX4s}k!-hjvd$*}Bya&QRJD8%WmITFkBk)q`|P
zb7v@g8!I*RcVqQ6gLlwL3#*-9n#SiXmU|M-2t2jF9kOD(I@F93k_q$)Mi}ffVWcGq
zP}Cfur21#UX-<m|2?kB2&<I(HRXa{^Gn?=1fow-6i2fGnoR{e=tR=B#NfrWmYRqrZ
zlvkfY8Bl6B7&1s((ey#p4LYSiUs+`t68M$dwasy0CKm(UYq5!1gD`}aU2p!zFl3gE
z_?h`3LY<N`klpBF(c2p-neqAjT`A39b{W$;T=1`p_1Z7X-Ex?*zH6<CzkjZb8%<!B
zQB;bAV~#XZZW$KH(o_eK5r5JeoYM~|+6@#m_-$lfyKEOC=)*V4CEm+J+YAdC0Tb+C
zbzN^bs)!NLj(T`e{mcPmxN+>Xh4TdAKBwRs2~$nqVjb(lP@jS9uRHw67{f!HG*sO#
zhW+~4C~0Nwq^dqY?{*EIkDKe?y}LRCLt8)##tZ-~ixvn-bx4o3QyUGu;(h{1jKV9h
zB^6@-0)g@E@}&?k5D=&s?CmcmYZ3->Aj)s08ZrIhSD^Rqngm(%cv<yCwm4^6p{eK+
zTPLZ$)Do4qp_A?>+)55K76HL*PwzXg^<DkmsJqT6w06nvs{T%#ZmEf*dlg6Zi*;A9
z@F*%QyyP|IKYZCO#bw$>uu_6KBt(IIuwvm4sz(?~^}7^0OG@)=S*FpW<?<Dao9NJn
z&rR3z**6`|x4qrYKdhFHd5}$pqw;}7RI8Sd15T@1W)JI?Qf}JefJ2x=WJ@ceNRSd-
za@=)Df+FM3MDCyt8FoBvM___a4mH?pM@%qi{8y&a5ZoMPi!>;Ao{@%zYUPWUSC0El
zPgqN$L?X#E1U5`oOB-f3bTtT@J_;b4V_J%7XWnqqqLK%LEbD^+ts@=CF*&%4Wuc2l
z-Tgsp=A?y}&T14*&ZjI&SGDyt!}fT+iv0o4Q66%NZh~FlFvaICZv$4|rE;D31G;q!
zqm*4bZZOHr;o@n~0>iEtTDH!?ldWM?j|X%|XNZ@%Vw{Y_`|SNKx@CbHHw<fG2V^U3
zQh|k@#Na-i1_UT=V}T+(sZ)xlKGcZ{?~9rjeEyFQ_LFL?)m%~Ef+T0-?*}AO**>hu
zZsWFqMImfs#M>2?5>;I<w>q!|XG*YOQ04${cNnBv#?mz9bEU$`NJUNIPS6#>yxBu>
zZMY5iLU*g)`Wfq^K_;16VMsq$dD&P`1q=|$)2B<}6PR5SFd^0X7y!Hc@l-2pe<)%Y
zgAbHh1OnwzPpR1eHV~KTqRm#!(Y_{x%^rBCZC?<y$bxMQ#AG*y;7A$8l46Ycao?TZ
zPQlozNoqr9OHi(RS>NkXHIW==>R6dN)YH=SmJz3HKahF4yo`zhV~lzvNVS~C7Z4?g
z-}8d1`602P*7a}!mLwLC4Q|x4_Kr{r6LUzXpLv|=^?QCgF6Jx81QnKW^KZul)F&3N
z^?D~AdT^T9?BKL<9vMYqLPUG#3yLCm<O4_=B@dqASnPmRiTIlWhd<XNLT9)RQxi0a
z48YBV?&lDqB|)A_t9!yZ>O}Xn^wV>S?d8NCDN<yjNokF7eRs>%Y8&K4(%$MV`WdTD
zWu&V#hbHuMFAyp}8UwA<uX?hLoW|3RwsY%<O*S?cB*2i1=m()cD=#6HDpdC@VhDho
zZ%5j==ODwi>AAq9X*rsp?A0lkBsrin4J}Z|0T0$zV1h#yhgnO<EE<usOR_23B2QL~
zDQR>9%Q{NIyp&fyE0TT#enprErSQy(J+`%_VL=ov2+n?EwQSkr!MGh4Gqik3@oDNQ
zEIE70*XzVc%*r`JwXEpT`dCRmQ?;Q9H@;aggCxNtjAu~)(eI%s|F7xcP@e_UsF~w4
zvTDaql@#}Wr7}u7$5jef%sn_G3P``M^LntQKO1bL5R-ol?F=WXV?~w9$9dlqwkg}b
z{~A1DR_A<u-G+Wgy`Jwq`0&%-SaOonG2hv5gUOUva31Tc4|6y!bv@;fv+fj%>WhlK
zw%9RM`Xs;@unoOp(V+VGeuBNQLDbK6Br!mP-lCzi1GYZdlHT@Vk1i9k<JRuA&<(5|
z;AbEu3G~|2*#sa55&c#UkMW$eNo#hyxh|LMw@Fj-8Y$w#exxJDP9cj*FfdDul_;m2
zC)uUGPoqT|i8>3<PzqqkDEWoBc-7cASppfm<w-@9A`jGMiuyIIvLgys6j<&VT3^3(
z2L)}8g<Gv$XOnWy0t6{^XZH(-bU+Ca3xaLvj$pEnjJ@?)(07WblVE+T`x)sBWi~n#
z{WQ<|lgWw-1E<l%XrW@;tEvH-q&6<-!;XnYxGaz!M42IR?oxdXcG@1nlvy$&H_7S@
ztz0hGx8RSWUk*H7qD~EQ*Rf&C52k?`dVj_PcXlJ-NV2V450Xk7HEHTOZ>^kR#;I0Y
zN+JGoH`!r$MHO~rryH#Fhi@W4#u(l6X|m}`BvHbV8pAbLED-k${Lu@5*@)wcMcnrl
z9471;LC!Hn=4Ff0IbzV<Jqik0YiUm<E-~uE81eDES#AN~E^X^snxnJuKIG;4r;~&(
zv%NMRLtH4-lf*YUenU?t<NYS#s)ciCn7;SK=k&z2In4QuIfECkVP=l&9d?|nQ6=Rv
zV^8^ywO|`n-#0v{7U9gl#JvnG4F9KZ@c$(}$IAMDr03ZGJGfO{$3}}C<{w!F`dCq^
z4+Mlq1L}LW+|##O+Ed{<tN~vl%y^X3uTMBs@`$|)(U$32T3;jGZQ^huc*?QDWT|{5
zR@N{ZX)hj+{B<PEy#?VpWC!RxlI2+zxhO*!3rP;JKL658!P!DkjD$j@fOOI;qgZka
zVc{_z7A2(`12K+8197Uaw#^wCr&0#6V|}gM6UHnG5?nk0HS^P57i?mb@1Oj=QV=Hw
zu47!GO_1TYI}JVBoDmysZH?`KbgBNLNoqgG%>c^g>A*;8%YZl?Y>o#$Z2ZtZ!Y>eM
zVWHJ>{bc{MR_7s@P)hd7oCx7tUrh33E`8K^SX>xtU@_M+u3xD$6#A~l33&mCD~ODf
zvrCKt%H=^qW?+>5O0|Ebh=*_64WnaOmNfOVg?{fj`OUf=wl`y8h3p#PSVC&8hRFG2
zfl^k6&uL={iM0FjFG;lqpQ>U<jQsuMb-F8dBEbW+E@fM}D@u(P=P$6yAj~ciV7jGj
zgjEYC2_Os<d!R1@Nm(x+MDPR%OivhG?Y|fYc1XqwE04e_5eL@ap3#&yfP(kSFLiyC
z{)<4=J76o|F}FGrh9Fc30)_ZXh-+AIh-Fws!k-jDRHN4n47mvG3{ocHe1KJY{(M#t
z2?0z={M8o{Wf*aLmhf9&7y)3p69)Czey`!-p<(L6F-!$X>aW%M$KwP2n3S`vaQhKh
zftntlkGIeB`O;2+#SC0eNw3NsZ<tBbB+nTr`gC}ztY4X=Gl?y{r=6Em%Jj^_u|E$b
z8jF~Y0!v=Ehd^=`{!Zf};?$O~tm0Kih(EYHMgaSf0nCq_%`kBBR%ct=*WZI@I-TOF
zj1_eA2kZAII$rn3>zJJu*So!ytF>bf*OspKjwol=$SkXEYnz&$P0!8k?U#YPcZ2t{
z7Wf?<AK8?>2*<HV>)ojOmzUI=0oX_YpPLumOssEI@+)FFT?&_9%LWQL{w{(lDVrBK
zs;&ND3Behz(R>Wx!4ryK%KF9WZOt~jeY$czK`8XSz<Ho}j|pzKySFIt**}9=g~3{7
z{iS2Yj(fw8`<9M-r#RFy91D`NHN1EcpXa;81JUU{&O*-6xOum_$^O|&{4-8eJ>ep=
zSW--gaQ*EF{7kYzpiSZ>b1Jm1na&(gr|gQ;ftX)tc+As&IUGn%bksa;ii-->dGsP?
zJ-$A>HWFW}%|kCnycu+rR#%`e1h`|eXRo=tL3tZHjWxQ0XaW%5YZ%Yhqww~hgW3wy
zH!+=o!M(Ii(lN*xPMN^TaPSQ0Il)EJc`0a<JD;Hwq|>sPHY9|ZT3|KMCbAj;JM!Me
zz9RwNJ7W->Bmf^eiTY;y=WIpFf#Gkpq4k!>Ul^{@`B9rJje+i;r(6_HAX$Zx=~OdJ
zM!XD=G8lYkPC-Ir;a!lV(u|0Hfx1-tG%G&_37wXp3+X9Cc)_-$^oq-0dWBW%@9v{|
zLuw23F`2hf!D+HV4<{e;oq?%oLrtCZF4B(BhkaMkLca6@=MTZFk|RZpL*-xj;cMX*
zpx*ZMkP@aq1J*A9A6fu4?t43O{asCN1mSBZrS*@ol9b*x(wawVZpw~wgq!@US}(}}
z7a#R=<NF->^WUZ^VLBha8;#fd!ZhHU#i-~xytfUGMMV)Yrt}HPpzMxD>A)jfIoV&@
zpX3!4*Ej#N)G{*tTWjW@z5fyZR;6iSbHIl7!;vA>?^zX?jNcbtG^`UyKZ9AHwl*U_
zqeIK;pIwzQTuj!M%qDohc)2H4uK$Q71qn3{?>@P|-$Xb0AMY(85k`0+G$O=0{kpc-
z2QX2Nemi~ohGX$3Ufzf^tz$5T_&$f+FP~OI)wjv89Jl)(pU&57-nf6L0{$Q|^0}a!
zAs)1NDSb8xE;%>b{Bk}%A7^0HKT32VBbxRh+u#2D><>Vot_TI{fkJ!Yxy=ZIC<8c#
zvt<gixg=t702=PM_^*y=<74(MawW`CXNOss>X&ThY(W`RWvXt)Nnj@5l~1++N<^4{
zNWI^2!KGcFky9gwnOv8c*#Qqw?8NrGad}*+`ynn1E}>K4$&(2n`mJGML@7ipxri|i
zB#TfyH~s`In7n~dBitElkv$+SZYMpQLm#W3!R4osr_Vx&Zm#V@4=>8y-;pA9W)}p~
zMc6zPdTv<Gm#fnrtHc=}u~AlL9Zxtac3M%xN<~sZdB>TVnDAYznwDp(;Y#(TlR)()
zGYcue%$6h?Q6v|tT7QMaXLQSwW^I;xp(NNp^*HLLdAvJT4__KJWgCBHqF0=o931!g
zdR-<4Z!AcK5Q!y@n8~coJ11GWsDxy@dv?n;oSYx2CODyq5%819W^i1&x{7fNDw1gM
zAB`JVIUUUDvI8g$H2q<)pJouz4>VbX=iX6SW}<!clp^ES{}kb^d5K#&zR*{epo~w{
zoCy2+v%2($?VXW2l`%XNA^?+gw_|abZNM8@1j)%D;hvQKa+HjA;&5#^RgEAkEiTnB
znOcLesUody!|=%pN?MMJ8tgZ&`FsQ9yk#F1g%Af5R+rj#?F1T?cM{qOX<ffs#ue8V
zMFbl|1v<5d)}e|nr7t@}7cApbx${L)+OyNQuUx%x!n$2<aJJTj$N0*HHegqEy%{qI
zjp}`m`3Z}ZZ?TWn>bg#khrAns0*+$YGc=kMVYqNCFIwi8^UK`;y^jlHnbAZNL}>B6
z^^TA3JQ3?cDL-tpdOa5uRUU4=5X5-n@l3hpYP@+zYTieg$uWyoDKACuaBi^_OE4N8
z6Q&Uhk|@IgV}ER)?_Q|1g}?l`w<Ms1ie};!jz?^>E67FoKA*XTF(y^nov#C+Cod(i
zDR4<!QtpDWQ3w$OA2cwWIg@io+quLl2y*D+UQ%q-CmDwjjtC3Gi{vQ+7g?x45fhjr
zP9K#7^4m1m!8LR-3oT4Yqet1BNzxMCNn1-eX(ys|<29K&r5stW<kMoULsBLD$`IkY
zfc1G-r7)Erh+s&aT_}XKm{@P#D2A~ykZ7Wwz;FdY$JnXS8|n-sU$pP_-_rtqu5@$P
zDX|2EU;PTC7D>sbtMH*AeJT2I($HN@Gp=gV;1Z97$=1tEW$_2Ut~&OGf3h|xN@oPM
zA7wyeQf+iXay2BVz<~ziAe@oHR^LiBLFa^}kw8lq{{muPuIRU17Y&yrP|UW~62tSN
zeP>XWc8-oUp_so;TU6JbK)G`zOG&+iJ9Z6|-v!hu97Hdy6NHd{$9J>2+&_|iOc8wm
zfl-J~gxdOqGsv%8qt-<4sm%@Ca>tCmxM^OyT)Xa8V6$}W0lJ8rV@2DVxVHk5p#oEc
z+E`=*_L58_AozaLGQ$$_e}U+9K-b2K(2l!7c?C-mXKC}WPT|??I+BBM$7W@O<d^x@
zPXE-ZH0E1p>y=)640)N`CYE}sc}OtD_U>|pmIfHB=L=2szov1C;Qoq#kcq<ZSG@!(
z)(u&cRl#4(#LOZ%!|07J;;X&#U}>i$FDciWYq=QAmaVj*ow6*`xNasxJ`qi#`z&vC
zGPbKn(oewO=<+Nuw>h~l;#6IBqStQFHpdx;wVEs#)ZS#o8A`BHO4eDjqd**JdiZ=;
ziNWufCZia1W(UVy({uu0FQ=BVF{dr6?3XmfJ6b0w#tcNgM^K#S%5vNQL>o&UR<#-L
zew{8R&Pa}g{WVk=?H51Hn3$EXc8#C7q?#vQg%qID-&&(0kjqCu0qt>()j$4wlZW?X
zq9ml_b!!CvVaE3J@!=Erm3{Bwedhb~(bXcx{ho}}+zShYO{J@`-om)dg=O;TIb{F?
zlqhiqKHMR|c$Gt(BtJDeF4kZIBZdyb;pasV=fq#&2H;0L7XxsKn+ES;!|&+byiPR|
zA?abkz1YL=z)F@7&`e3`gS_!<tXL9Hy_N24*4?t=7TZ0*TXNBY%K{`pm<;AzB*0wG
zV-QV^QQ9kSv07zAa5G!k=Q*dEw2rwK+=@s>zGeZccOb`qeFr<xds_2he%;6(LxqUy
zF6Y~w;nwx<6vC^TzvMuDr#p)k;|MGP&ZrV(f<Y~dj2$!tp_=Ci%zMcD<QkMCdW(H_
z+Bs{OXRM_~^}4hGe&2S`B*0lT5yr0Cj^HIojVG{W`5&c6F~UV9dzkosR-!|HS2tW!
zc3H34<%lz6ZCpXX5fwc@JtnmYI<&I!_CeA;F6(nD?-oVWPc@zM_7%nJ!X6dX)`wqg
zYb3`-L6~Yw_6IOc5*0deZLXd)b{t>Nti6OUi#3sQ(i}58Urcl#vIs@B-J{Q1IZY;!
zI+M~}KN06QRH}a&2j7|r0C*uB*9h8=P~($4j&Kq-TweKud@5;eQ`nzHJnyca@4dae
z0a=d3s`#goXAy`njwE3b4s8Fx+s43#jajY01JMy~uf?0LM97rEcPlUx#(sms=#M~z
zCuabD(wxnTd@A;rn?>&5QZj+QGv_6)D8ffY`{SBXbz=cgzzimJ{vyL@VZ2duJ961n
z4$xT5YhOMj$|`LC7NRh-{hw^`f2B5<SQ-D9$NT?J<NXIca?pzUgC0ScMaN9FbweE*
zab#j%72Q~?Ubq6_h8C_%8dTpAizm<cddnV&pjo?D@upA!36%`zLBHol*HstUixHJ^
zASw-SJtUc9!kV$^-a?RNWsUo8vr@Cmydt$y3<i^$KjrNI&aqA{@x~tAVLSbP+B*)3
zp@|A43X@cSyaiDbNV6$)O%>@Gdg<Bp^2GS~x?O-3?H70+5SDEdzV_+YJ9YC1pkf*%
z;Sv188kCEdz&;(oagm(wt3n{^ez$drA;t93HQ529(LJH~MN&jSh1xs(jJ_TYMdV%4
z23~J2rDUz~{mdOjc6&vhN?|a6y7ZhWt^~*!HfTCmn+HzHK+REc`!EKbEh2+Nh`gQ1
zV-VOZ!X6Gjm)4xm-S!d-*3M-ZiBUwOgS8b7LPk?2i3BFn6n67Kl`(w}iEs?LIBv(N
zqq1<6FY0CCABO`h*B{rRrAGg1*t^i09^C*HCYd&fk9M#>HRs<Ru2-@Y@opdDMV>(E
zJz-jX#aF?!azm|x;uNHJteITVM;kdB0VAGhEkF>GbLF_Y%pdFcrP@ya0Jw73Ua5UG
zr)ZZnX1}M3msrPqbYdDlPla}1rsb+hKdcK`8r85C31i(PdEnF2J7_>1Q;}kR)`QMD
z>04ubePX90W6%F(uF=}>*qwglkjaLt=7uQtS1)z8{~@P9Ob)zI<pLnd{xd1un5Pxg
z-W%{EM1{@Tq6BN*9Czm7wcgdigd7RQw~X4gtXLG!J;mfXvj=;VifrHfNK;MpYiqjs
zLZ^LM(pqiHAE3foBTlw1vm<`RpxyQPup!JWk+ACqxX2K|<e6ha3s_**lh{1OSpz%N
zd2V)**4wc+#$o_eID|oWU+7m`g-Jx%yX6UxRwj@-6!DijjpE))P=%`Wi&jl!(E(|n
z1`e{B^a#x_rTnE~fi~t@aFY9DR0{Zw4?yfDl(|#PA{2d~{BF03^h0?9$NmGAw5V~a
zishqHAz~3z0Ts4VraZ}dy97N-)NZu|7pQ6$Sg+Xg!oPgu_m)id#a!cA7PXeCM$s^J
z73{l;oLc=ZFI8*L({wzgaY&J-vI|3dYnN^szGkT#bx^8AES&@GeowlIUkmQ%suV%p
zxaC-4NNG5VDo6?SnoDzrZ5Sun%AB9_c!jlB1sdJ1)w<6R@z=<Q$(XlW+AVe7={y=&
zCgKpr`n2Z4OvDFOc-WYAMzM1^88p@~24#FU^{Ne%)Y;#d%PI;4B(hp71T}@`n^=pn
zXt<w!<{;&R5Kh^l2WL<`bqO=~tD*TuC$7RFh~D*G@v{{cw5YbexjucG*2Z^#v<}R<
zKyC^B86-$Gi@zP}8iV=3=<zzWLsIPhurnUSc8A@$KiZp}%(vLv$1AUo`)i-#rVYW%
zLOVL~-O1@HQ*4P0Un)nB+hBvVH1_47$eKu?VD=+XF2`9I_?2h-5Fo@uek;h_C>>F*
zCdxP3tH=_hL>UuF5~<@By2Q(iVIm?>(HX7zqZVMXuv=xzqIXPWF$2>avbH)@ht5|{
zd4+0waX7nz5WfH*XQ<;S91%S-5ipW>AW_pnnw>y*Mj+?*I<3Q7bp3X%^plh(hPUW9
zFp&qykO_l(uMg1gh%{qgPnWsK^#u5%wyR@QHTF)JYu<pm8M-ij%D}4KF{v<|5m?Gv
zw46iE<a(A9;!@Dj<Avq*dS5h<M;@%8^Ag0v4!CSFldBzrxJ?iEpm9V*1WuwH*GxRD
z2ULI`LfoTvo)}FT3hp!s%*$P9h_!D>T-1Q6k#*yrhkDTo$C@SP{H%1P2?0h^@TQ?b
zkF`Cn4n!8OJy76~nusiONff+=*1UI$JO{kIlw)P3jotiRE2G1tz;XNW*J7i%SL<eE
zu1)Al2!KLijhXRObYLJ<$#7By2{;|0SWXg#&TtL3kZk67`UoKV&7tOQ@sKZ2WF7e2
zyn%7Y$#Hi#YI{4xsc7*O-a_vs^n{#<zO(0n95}|=LHl*enOtFJ$r;^PKrka)LzEs1
zu9QecWWc$CUm?hkGjE?mf!=5hauIDNYwFs&QCBd~cR3ki<0L(_c<MC{_N@7lD{JZ*
z7i%xO-Yfafd)4P`kaVKSYN23=7X`1@1a2T9=n_4}3(+1URN*2kLih^Od0?t1<bbs&
z8>cgVBMyMM9_61<wxZvhi#q&Jl)uIww;u|sFXM!OXk;*$bU^eE>W&D>-HW|DM*Z~!
zHTWH$^Y`}3Q1*P&sR3B>K=OAW0lGp>*hMmUTA~l(^c#8rSh+HQHeEQSJ;s}N46M1O
zG2!lpDEaQSMV$#jP)d<L^;aW;L-Gm(mE2%44C4zQAsIS<P5_g^(-G|ouV2@L!itum
zlzB#3HQV<G?)rU$&c1hl9PAS~`(7K?1&|Czvg{IkUY7+&!Yv%!KzveGFaSYZaXc>!
zi@j*VsR_Rro#|@WJi+2Y!keG3rmq|9cf#k1QxlZAfde`5R+RO{;iIFxhMqf;i~LvZ
zNqJM;u|4v&TV3FY*k&P}@=&mf>R+Vmz1tO?lnt~B;Ci5HeDJbHaPYrHd<hSSx?54L
z*xQs!A#hrn&hp?`_#oI2OzN6&4ByULQ<L}tW}>Yy(+25B`PqCvIZDU5#FKwkJb+3J
z!cx5b!6E-XFGcjI8TgUEl-SJL9oguiA&(@#Hzb19B_D6rZ1dUJ^WnK@1IFjJ>rGyW
z4|E{YLLRMzx@lwgKSDCzFePVo7Y;dWc8l}u%Dq7&bV^G5O3Q1m)7ie0q8+nV-q=m7
zQQi2<MmX$P>ZApOSN2DQT3DL85ryuN2lYg_IukdKH694P0sMJ~RxD_y95l<3PP(|m
z(9;pbda|BaNx@s4Z+|YSI^mrVLx2sv1mgp?*xP&*{?ZN2;pXqS1%Z+x|0M9{i>fA%
z!nI-K1pbWVCwnKYSq{?Ucv-b*o{rgha}WzN1)t$gGY<4~x?HJ6hcz3Vq=+Z!l7kOG
zRE`ag7*5*0)w|j8!GPng<ct$3zQ>xxoD_|(WqZkE&5d_VW4LrAIN`~7m_8&98bGHO
zU%Bx_A_q$BTb3Vhd{vMBj^Rmupr@*NQkVPW=S`M=<4v}ZcHXVimKJk+tji4k{Gd!2
zdg&Cg7(LRPB4x0)2y*Ffh=~+ejdvhY?@95z<`qt5*I(nCyMsT%%HkT7U^OU?!Fb0X
zg9LRh10do7+~|2s%4DCg=#1w^dllGD%t21lSsx`52tqR-n38<lll)W#9h6Y{z<W|}
zzxQJN<n#3^otn@4a<MearOEE;fA(yxfAZuR%ChZpXd-SX8AlatwaWT}9#Gv>__qj=
z<=@<8+1UPbgjkhs5tAW?65MlBBXEwcRbJv?5*)K(iA4G*gT=W*Ledy9L#JSU7h{#>
zhr<aBd~9k-r)iF!aObvzneA{a6dJS_qAsE|SX)a`GMc=(j&t3;MHoivO!Hu-_*vSM
z(!760I%A_>SV=DZ?d>Hl^C*hvtr-4&aekemCZZujuu&J*<PL&vD?3A{s&%n&xi|1x
zvGg%<euca2M|e4*g4j0nl5?BT(%I)*i*vZTxcr7>xzS9D`&*dFsko6Pbx>j*fx7F}
zgF{b&b%V^qrdvO93a=hJ<8T+$p*3`C6+U2*CG}JF?<i=ZP<SyJpI6^9+Se5=45mZk
z6R(w9?f-B$JuEcN5r5o>-97haE~4pHK^V)KI&PXsUk>p)SGh%>@+{kd&8gJ!U64lz
zAU68rfB2f*;*gp@e9f@fXt0XNV3FHi+A&PS{>b2+du@o|JtW6m<0C)>nz&p!l?VJ!
zkWT!I-}u9_PEt6ryUL}?RI#yz<=u<rlqJ}{@lw4D@E^OB9q2bOgTsYiy=Hc)TQWp7
z=ITGT0%tcZVUQxdKQ3Mh*r)@!Vgz});#s_TxB52vvg`wgV9UYg%>$}vPA~F%V=*ov
zaPwrdbPCiKHTJ33dfWWQBw1I+twEgOAx20Z8W}&{^H<Gmg(9}C$8Kw0J)L?x-_P!!
zcLyVtc0(~&1T+!NGY$p;j)oxl#sz2FN249)SpALwBu2&h{sg0lMDN$~ZL=9inlA_O
z+(Za~uC|PqwAG;^a7J#}p(0Gs-p2QriLPf`5t7UAimc2aLi$o8CTpb_8p&&LJaUpH
z6sH)(`8V3q^#<`*KlwXPbpXSvYYMX^&>m6Wc)w3!J*ChdrSR$0&eG&L)moPotH3N`
zAx;Yy2KqoR2`<SQN(Hc%Ahp}TxqhlKwG8SMO3~9cboRauxZ=T*Lq65H^mh+Vskm~2
zv#xa80n{j=8!0uZfNbDJx%#ipnlZD<R2L={`cahbbHfkf=lqG>A0!JhQz*e{Ytv9G
z2H39*VmOZwNP!^AX)xF704|Ao+{OB1yDRIK?(Ox~_owBkEjY~)EsEc?TCFRGC}d3O
zO5`VDyj|;Uiq3beTWM~(v0jeIqjjKZX<q3)c1AW9nq<cvg3a2;v%ekQ>=t2vTIekq
zvV#ObSJAe(3yO>|#hZRk!I?nH>P?JJ15mE1#@xjwQ&@#7)EBP!pcN+gN#pA@rI7@p
zhi$pdhpGiF3?9tn-{JU&p##~~9X~i617yZf-!iO_vr-Jq;(o<YZZ#yiURZTUy@N!~
zPzLv`1;6yG++@+1izuH>x02QOmIHNts8|1)`j3I5_OXp~(*o1}V>*VR28yKL-Mg7H
zx>G9MLMA7)`cf3FRhBK?0}!rB4Waf&vNt)@ors4gMiJ@EUf0P(_BoLwJa1^unvvid
zoHZSzClRCE?d0q`sc(RmN(DI<<fKQUusOJm&PYiy>c89vm6+F;OVEg8_Pp`W5q1_H
zFnBerB6vbnl&uQ6+GFUJ1HL3!<26EZr(4}Dv|*GHPy#Ho4Y!e?z>bm=G7RFYj&k$e
z=)lxUDj{hON%IWzP7+mU^_~iT`!PhSI@Gt<Ki+J$kf|X6KG-EJwPFOzY7vdt73(WA
ziGWN5Gs*13ae)7PA{uDC)iEAA3yyhb+110?6tgtgt|@~fo<X{_y)mym%8Bb$E1G{c
z>@F@^!k|QAw-Boj*r<a0WEDt;P#PgIkS1+P1BFpGG^nLjCA7rb$#jOT8iV|s>x1%2
zh{~RzLF?Rwcpr@mZ9+0i1px?0Ikd%x7+RS=_w~aM^z-!2q280vIV2jgR_lLPap~st
zjJ#9S(!RTznXXZ+S^5&HbF-n<#1Ur9^mC^1E~Awhl#M5=)za4R7j7$a@y^=dLFpQI
z-rTYP20_5Yc$_d23`f<Rv;lt-A4^;Wpp%n7Y-XPb71mT$_Y|Lu3ud~Y0rf)?W$Iq<
zwPI*sIgIT=7s$QIU^#fLYkGsXd|V7gq)eDdb6ps*50%W4F`zWdQteN$cn~cn_tXLn
z%lYgb&kBRg<L<p3T;LOvmqT`ll%t<(u#zRiA`>W|T@&!`#J$1#T5Sw*YY}LLtwDDY
zKsQ{3Bz*Ij87Iqm-)emOU<Dg26+<WUEvk4n^YrWeuD^RK?pj?d-f_l1xJ1HPemL||
z8>V9ZxBuC{*#<DN|98I3Ke*40R>ZHLrcAD$C4s4EI7(SQMeUTeKaP8f)$&<U7Y@wO
zvT0NUt$2LH*4Nwgt!S~OhId?@fQ;f|=Uv*K?dU8)AU~GEm;_3=ubr6TSisr+(u<nN
z&&ve#&isdO-^CqeMfRFYDBs@(@az2=wP{g2`eU@<`{k~Jzo&>Q6eKJm73@Gf7HHj)
z`o})tgRS+`^}(6v!|P+A0s#_ut;0^XP4uVek%RqH^dORuKx)8vl}6x>22Sh6_|xhT
z4<oLK0&9J3ZCy76evr2xK%|p&(KxCqOa_h`j&6&Gm`9{v+7pRH%kuwF_KwY>09&`-
zvTfV8ZQHhO+qU+yZCiWUwrv~PZ*r@Ws(UIq`2+o-yQ+Kim~%b@;<G1hh*2SmqBQjF
z`jsJLpewK6M6oc)ocCXF0N^kOk~Ro@t{5TUXTI<LX^tu(90fUId}f`njO3aE5#ki3
zASneQa?Nl8+{(Fw2smi7Le5&ba{zIDGGGY_qEHibup&yZ=wTLeK|gfFu9+&Az6tXl
zIE#Iglh)MgGLJrM`Rx=yQc*u8(~%w9GV(+**s@QSnnX;6g+p5w8hscVPtySN1b<!b
z)FNzL-t@^EpKb=d-69pMeP0NX2y;I@>+J*U4_qVBUwSF&g`{Y(RQ6?p@bfR=&Gl&9
zZV?2Vi3uKG)}yI@&E5$XE&*m+HtTZEh#64aJ?m|ct?E)SVxO$iXi&^JlR~gQzChH5
zblA!=Ps`nZKGzUm@yY3BX@=>`=V&)W?7LIXSQ=WX=6-K|pTYLvgMOiy7P#!>c>w(J
zi8RJvW!s|-sE@x~IczP+xo%2uY3oe%dNP|4Ag~5jSZbA?i5>H%nSPUc@Zv#Y40)yQ
zx+eV1Ez@TUPcuxgfFdD&OOI9SDDMl+)o_o??9zNWnqrg-pNuF*01&c$bd4k61QxBS
z&7xh+ky5;t7#J)G#lT7DLy$vvjMI)pl~X(=RhgbOwt>82fHocUKN`p7caIZ1Y8~%2
z=3<KtN%^Q{!yGG&?#G0QMwc~H9+w!A-5Q`1Hvn_{^;tw>09av!{U9Q~4L7Wlc!Cy*
zFe|29lvT|eDalYhh?#(@H;N^RBn=95DSnVcV{s3j)I>%%BLvHu_r^(P=QfRpP03Rr
zFw^iM(FY2nft2murXd?sv6#!nR*B(}2!-d2o&uhKtvt!t#9#=ax>p#0dJ!R!H)24J
zzx>xhO7<2)Q^$$4eXDZyiYy9NXmouhp&=xt*^#)etjj=LtVovxN!y8Z>bA(K8z$5j
zrylN)m%e2wV==U31%Rtfo6lLc8wY$IMY4&tw8Y;aKjPAYtOyz9WDOV>8!NX1dzWmi
zd0eMFpj?#72m)3hG>X$qUUnxQn#5QvA`B`{92aF`<9Rd*)m)$@Do6~6XBhWgdc)ps
zi-R4M<QW|{d$SGPokgI%|3a!C;Cy=E#N=*pevbjO9Y97B##(}8eiE$`nnGQMMwijv
z&mBRp<#@gW@v*D>EVfZT3k6n|J=Z^dj)-Z^W=3iwV}#SpL_DGCuc2;DsPLAg#-5qM
zis^JNFT&I}uZrp&r^5AT#M%P$;HSvHn=x8PepR`gH~*<~TS*%AX&6hKZ&HO!$G1)O
zBK%uIt^Zwud3u>bgCr<}gh`3MZ#W*X<-$Mn^L&DT%l9=Mx|#+#8qb+HF|$?2wL3RN
z<c~2`d%)_EU;#}_1{rPjG&LE9+R+-3(>96=Z14Qa71vswIv_zp5+dU^%#hgju~XEr
z02FcgWND7yn7$z{DI?@6XXdYql<^!*pmYb_dXbNKPzs2%qA-UYIg%n#&t@(_Nv2}E
z*x5r13riU|=0-R<0<x%pG>}9#d(G83nl%q{_Gn#iCWAm|nfx5<Du3<X0X-S|-0A~v
zA}90h202icF?3@rZvm(nJpX9A6CN3)5AoKMzY-nxSBs`OSRc@uKo#jPxxqD2+O@``
zC);8jT>tZ_KJd&bzncb=Wy}tLwa(qBikAKRliFbe{>O}}0Y0aIpo=m`T(2Gr%?E*V
zisV8KWHrtK$QvZ!K0ha*U;4exXx=P}S{dA&ZlHB6SKej2b*9Y~uOo6-1r1Z1c3T)@
zMF5F?7j2h+duG2E-}~3Q^JEg<VUTuwD6S_=H9Otwx(woyydIZnD|)~_f>W~C&KLRU
z+4s<Jn!8p>QP5ob3`_NZ`>9xvwAiMKnmy)a4rj=ZQSx$!Rh4%Ruj*%SAorf%&T??j
zGwocMk}HXn2*`_=xG!{b>OQ6Auqn@`@1%KUTQ%;ED`;<v`@4_-ypOD&m2&v&uT|%A
z=@gvsxlPAQAi%keP_m!Fh3L>ArHaV7^${ckmB|+fgYIAht`whi-^YAl`OcIz&-)a<
zjn!T&=awp^yUkzJt38XNghiwaA^|xKb=F>^0(K_M8#nz9SzfrHCmGe(eNYf1$xp#%
zbXZ`;G!YWB)iw485kyLP2#@pz8&J#OQ@Qm^2Dv(d0AMTOfNf)pkcHNXo|-tGS@h^M
zpwU@&4SLVRC>(uuw>PS~i^4eW)<$r^r4%zQLa){|?>8Z+?B`AU=ORN!D%8j$))#G!
zMHHFbfca>RR^z49b-k?X04sk^tMU&g79%Tf*Qg2L(9^X1EQX|VuBvA@heqz0+?pM}
z-T<J~ZhSHC`Ff04LjeyT(Y*#9s09r~gmaJty^$u|623(-$zI@W^*#Nf#Z&)HG?r(>
ztH6Fu@ad0?c{GbAP4NI8?JwUWfXH(5`zCzYXudJu429K*g#IXHH=wtFhFTnNp82Mu
z0yxO0v?B3b`a$(uxu{!hqp+^T+7!ukBBK0NXV76s=e002MM&W;UpYQ3uzZ$8&y$N4
zQ9dzOXN?)+@Wt8<%!8~eMm{=|t$6vYt9O(;M*6CO9`K_1kD+pnuF;vjUVDe_LU}^z
zr+eg-q5fmS++R7J&2fj}jycfAR%?PE+@j%a!2vY1C<1i04l1|m#lcpG#jw5;s`#6E
zE&}Sk5478~g0r{M+CfdH*^}0|_ioi<G+ei48+Pzovij!!q@Ws~2=G)h`^*jC;bsSP
zRVD^z{pFLUQ3q2nt{~OT8!k*(Y2T2kY!I8*`jy;arP1VdFKif{P3HOKse02^mjgs=
zi<zq{+$hr1Lq~c9g2;$x?aPn(`T>yuZW3`7z;sC>FPaPmQpk8YjVrpNbu4Kt8TT6;
z7myTci9H}G;h@P%>S>I2?ZXjn{`(42v~6BLr;?NFn(pr|{Z{A1lA8nA5*Pu(O{zn8
z_O|3M{T-jL*Kd!9{l&MRMURKOAAWc6i6fej9Esss%H%#fLS`cxG8^@LF2TEp%x&Bh
z0>&~w(B7fU*^$9sVj;aG65gB+blA%&9Je^04xs}nz<idN|1n4p)^8^H7JD{%ad)=#
zLpCyf|BVrUHEzk2ooTr!^zLYawt?5QpYh)46p!~j4fdHXI@OXO4{A7h2_Sd_?i2LR
zw#@Lc1O}me&-t=Nwnksjx?fvDZ2V<Ye9KV%GboqUk=wOqGJ3m3lJB#isZwMpQy#Yp
z{&Xoi$U#paaIe=wdD#^uOpvH|=lAw>GQB+{91TC}asE%)Y!nd~7ZNQ83w`^O5g0w{
zIXmz{f=BTxAw(~0s;VJNRJdPHD;?A$ae55u0I;QEbPuR7vtMr-{TM@NR_QJ5znfo`
zC6F20f+f9&xA@JJI#2z%<Wcv}<Wnn!9K0_4`h9me*8GoJ`9C!<F|+>n-jCM*rImaC
z*NhZ-Z={kUii115AY6|bz1v1}dT_zo##*^8r`P&F`-i<)BGaqEMpG<6gL;v97ADVg
zUt-O1AK$H>Afj`NFor;$!MvmE(=9xNdaHjPKlvi>!QBc~Ielu&A@SD7_2}3BwmyxI
z@qj$-t8e<&&nwtB-027u&+UXh0H}5x@vqPE7n|1?gD*4wFW>L`Olpwe)na$bR?w&V
zo4J}EKma!&6wiU=H;{pME-{csF!c3QY9(NCbO?Ck(zO1;eaKspYH#cavefxmLwm!N
z`@A0vx@Ly$K@SkDL0>9I4A8DPpCW<Z=eDcb-S+Gr6V}^|dyCU4gB+qcN^RTBRO6WF
z9{#!ho5!YMP<W#DMgWiq0;YWZWoMBL(3hh^K#}Sb5ZaxAi^Py9RQ;n%qOV&=BbErW
zG)pOv=N7x%+f}DZT_fOIg!fc+qLTXfB~i@aGLiJ4uNMUJb>UwsEi!(%%!P2k(9^i$
z6Vq<_CLopGz!IaB_vmU+_&{FA9%qk!kGvEQwBOXuB7Eb#xSQpfAibz90Vj~6fJY<4
z&UgRj1d0rd^E{f?`5)`n-t;*gQ_c2oEb>1#J<Qbm|417cfb6M=Ka#{5@flEM(Xnfz
zpQgpnYaGkpR1-j9OvwNR7TZ&HHubwPdO)y$Sof`35~twXqE$0OkwA^nBns645CcO!
zis_8n*CwM8==RJ{n4r;_I`^b);UK7bq-H#q!+Ci}E=l!t?cgpc#tVN<RhK};%cC>y
zS{}PU=xNG?na<2;$r2*#&kmP|*p^nTT$UavDXM+?5_VP4TLKVJK!F7;f>rl6GS?Gx
zg;gNh`x6Q+?l(_GPDd$Zp~v?1{7=@osJ2=(!!(<z>@JrGoXbDBSI(&*<6j?Kntrv`
zFw-Un?K|Yg)$)m3B5P%S65OCA?2pjj{V0zuW!AZt;I^;eHZ91<%bZg+^G)%SIHH*&
zKfoDOjTh<kN8i=7?~mU=aj%DR8tj_rSJEEz4zAhKqI#{9%Zocxek-df1OOKJ)w^x^
z{Jn%b4hsYn^zE=Qpj=QDWU@Hl=okC?e1FxGy|iC+eliI6FLOT88F;AD6umL8YG>Q`
z!%#Meq9H^qB=cpp?unG~=09JQobR42Kg!!yj@AYrq@JD0coYoz2o-32ZEu@g)G`9@
zXrvar4(H1M>I6^{ohe7#(+I0s-8kF;a&nvYTM;m<BB@;0*+c>OGaopVe+RDj%SxjM
z>Bdlyt5;UrFuH*r5EK?ZYM5eILc$5~b%k09aR7~~tIE3uRE|Z<4obOn|7Fd>%(&RZ
zEzUDRw)>OMc?28uX>9iZLgL|qu^bjLCu59J2)Y|&IVBwQ0G;8MI^kBj&Q(>T3BDb6
zNq=s3nTJg_E~PzZ(ZoKk-@2}ug4TvjSxf%<fi*`0Cy}r44VGx105i=81HA{HlO}My
zhdu{Ckxl;vedeAs<My*IRlwz%a08|#y|S)#s%zS4plQ<?u}wJ3!W=)^8O6*P&Ufo!
z;{C5ws4$D3$LDKBd7ewte!Q{D_$uIP=auI}DcRGyQE_kvh~s8i<NcGY_+;0b;Fc{E
z&N-;JZfOy|`YM(muwcwy6_?yNzc7$a>Z$TlS+l?FU6s`kc>Hc<fX^r)hNw>ip<=z8
zLrD=tys-Y}B$)0kNbFcL^YYf1T1k9;4$&35!!&5q^Q+($y`#bofBT~eTf-A8w@|@f
z3x-+@F;9CylM^;R=kkF0!1D_>4fF_Xkv9fv(<x<2ok_)Y{VoAs7G}+!QfZNQ4mXhP
z7Imo4ywCWLtJ2PNX*uqJGIp3&R7d}Ap1x2x&5K7Lk2@xr`_j@P$(YdJZK!FV0VAtS
zArrF|R1!3>(*UjE6+7aVv_WN!+zgisx1ztWw8EcSOv#8Mq9kBNoaCCJ7KW2(=k1@U
zoO~XP>FP87{NY<oPsDnqO=jhkQ~|kr!6N95wSI&KK`@lHBS^%;UGR7C0F9h(#PD?-
zl)Uy*rS)-fMf33V-GvKBd|Vk@oHVC(wk+;(IxWBQ90CIBtFf+S#^FE)?Alr{Sx+EW
z0H*ki05hv-?w4W379t$`$!2p5qxn-vr+>amrPX<9#S>@B{m!ZVCMmu3W^}P5iPh<t
zQ9kTbwSi=#YP`CmZe*!}?&_FOzHH~#jDxzY^<}*hhe@S)JyPeg=>*XVsV=t-W$2`Y
z)oNCVHx&-qcS(D|Gpf-SlE0>(0e-$vI3q;UWCMvKs`RyG-o3?jeLP@taVjftGQ5He
zZ*tyoTAHl<5+Kg`*^x0Ky=5e8W~n$U9Fg{<Xc04?J~3+^8VO=(h^e0dQxq(}H{QV^
zno1OyW3&;va><oSn^{2A{BVBjT*Ltwf(%iG;E76MIYu?FW9)QM?{{Nqvk|PSoL&I|
zrb>3m#KH`!lIoXJI)i*hN%?J0HmCZK=W_4FRcdqG(z=F6@|xfT_9=a;`MGblDcExI
z`e~9tpRA=aA0K4}*_M0P3)n6RRKy^FFTx?%#A0yZoeQGdPMIQmiIPv61492D<;jPx
zTh5$&*QR886_`uH9T<W1+y-GamLKH_*)kD2#L?j#LS#F)Zd&-vsz}jO!M?NA7A4Ew
zy#A8#9V~lW8|Cq`?ELWH{(OI^FYh$^75{V=|1^5N>z5}7!wh*<TxO1M=;{-V5m|_5
zSm$=?lEStz&>9c!O7i`Drj#E&s{w*Ygn=O!e0=Uc#+M|cUDR5*pOUV(*iWaVi8tG}
z#FqZR1?0&A<=@YSV&{^LWIA0MQ_mx1XVq%-KC|3s^s;2-ZBz}_svAL>HgQ?XHL2E@
z)|LsD#Nh<q*xDZxy>~$}KMY#lJP%$mjob@bZ#28A%;8kujqq-r*YYn6@zj_lFnA<I
zVWLAE4_o>1%De>6dtq`;qB%Z3UanbFTK!Z0<J~%Kit#xRyn4&53PEu>ElR;^_`|%m
z^WrN(pzEyg?5(~(W|$)FEpLIJJur$Tsy2O<A{s$Dga#zt^Mv?ZzfE2|p2;mH`fB|6
ziL1=LM5@P|c5kq(u7!f>O=7TBUaT4TTL|f7Y_?pAxX1J59Vs;(pdqi^55QMoUGRTW
zU~K=XKa27IN93QTru|kc+CPHoKe~^JMlI2E#&AU<5UA7Pxw10M5oR2%ORI%r*5{=+
zoTMd*G~TQc3K$QHXm0H8It7~In=#_zzra5tI!?*vn3Kz@TXhj-*+q&knUDDP*_tFf
zia(H2GEWHmznj!(<?>h$$#CEBi&gr5resJ_B$k7P=Sal?jJwi|x+4A~?Ek7kTs=S5
zADgKE)0wr{T*5>2`ny-B=@|k*B_)}42l8%>z%5CXGl+H4Aw78ZECPY(zoFxdtp3-{
zecJVFQGRD5mbQ^<*G^$jLP{_Nv47FtOwKOh)tg#sXb8ioJ^669&!RcNy)STC#HtYA
z?wBhH>R)<YYt#*wlp+wB5c1Hh?Ho~L28j?^ca_*6#Pww&)y>nKVEpj;z!NjCo&l(j
z%P@vys*{fe3nHWj^Li5jOvV{YZ-Z)D-4#$da5A>`OtjA{l&82n0$tZrdl|bc+pezs
z-e_95=~XU8lF6Nzi)3L!j1rc*M`2uL<n<t(;6}>dE~Y=Js%p!})gNN0qILpmZevUW
zij^A9GrJV1hN|hD+4U>`sxqAvxn?hzF&aFR?4HLOjPw9ZpamLNZF@-3@i{pJFE+i;
z$S?S7yhJ2t77|Go812m56jdY@me1?1mfRhkVDV%N2=xNH&3S^6Jle;<Z9B}3us;)P
zFC{PZ=%PO%7n?yI3%~>pE+mJN{sTFhi8Z#S(GQ*!814T!wF-9;$U2v?mifCC5|qH$
zaGe~n9zrDOfgz8k^U)GmUxDIKK*WbTSnns>t+io+p$#bx&TN}_SQzReLT6_W*MUYM
zyb)5F9@sBp2xbd-pRahF@tO^9fpg<f+?2us8K=AD3C{5CjZ_z&s_1~>v2&On>n8*B
z<7~JzZY@sskJC=t)xHca)O+*rmExC!Jl9<+y*o8mTmZiKBHky8I!H4!^)m=r0zoAY
zOdff1#x$2PM{<8*5@|?s>d<BgG49W`Dmb*4Um(E42xvq2NOUU+TN{C)^n?bx>SR#g
zk~w`;5?lw4^#&aeds2`ngJpZSdh)iv@9z)Gy1Ed_l^_B1b7#7Qi5Nv7ogpI)go_2>
zl|8O8<j5UKriujs%6h72^k*(4oov)r>rPy7aK_FvGVyI#yJoA9lG%#Q(&sbLhmK!n
z*nF*o%mHNaeUq4xKe+KvF1BVf6!kQ6h0aRq9`?NPURgs74Wr$64sn6!<nJ_(&9gw8
zkS0QIsF2lSvmuLthSm{-TvBMSwu}M;Px<Sa@TMeWi9txQzDm`Xwl)Yn(VV2|_xJ8Q
zk<igNNH17_`d-JNIgPuXw0ZG#xF}mMefb=N6CY;!DB4^Z+lt4z5=3Oi!t(@~?t<Fu
zRS{iidrZARLxz18fnIv`=z`zHt08*-YHW6IaWhioU%chxy>*RM!iaO71v<;Y<G@7m
zX4|-ASd<hbfXjY6;kJnb(=E8Da@@MVZSy}YPsBGa!>dDZEeKNafO*890G0)eg~wX4
zvx6g7d4TH#3@P{CiI-}z94I5HYx85rN&cP0!aS@(tC9R_7rl{#b2r<$6ZPoYNlV?e
z37;;6vPun1T0EpwaC$h>wA7t~IBK*80p$S?)YfGxw{IlSY28`L&GZ-3rW>tHF(j<@
zT25q!mN~}$z3iZzZ$WO3|KZu{9_`4}<8)3b@vp>dI#n6L6#)eg<b9RpSMgK=z!3H1
zv4x<)$_V%M7KB<mdI_-_f<$lwRd&5bJTRk9a09Xw*O&-!sqluI%f!Q>mAg?}$AOK2
zo)6$S?E!*ZrqD4K$sT7XuAKlSmx?|$oC;+y0WX-8WOmUZ10C4mzY<Yr#-cVm0tF4n
z_Yt9-Q{#6Ba64rZA`gLD2A}w(&ocx@&*@ZScdhvYPX}3~`qO58sK)>OxWGkx=WvrW
ziQ$#1tNSi#F7(PoKNRN0>`uOl1b=RDna3o5MCLzMMZ@r&Ws64l(Elc^_l~*`1Wfge
zcxJrN^Zv1qHpKUl7Dmx1*lxY80{zaTU4Zs>!$>_u)Mo-)6Fel@^McHqw}^-J#_hrw
zJHS}=)yhM&8<2|A%{n3s>;`F)LwTaj;H}38cHgf;(I^RAYRI2^7LkSz?Ov~7cGi$K
zJe?lD>D6*~7~u6=UvK)eXAHo@YBEP*ID(6*#_&&F2h9{*s-|{9N2fkpSNdEZ;Lt#X
zO#tJX1HV19g$c5&vsa6CRS){rJr<6)?L)ZexGq*>blD{oVX_zFIfU<o>XGmFUe|!A
zFQ77|H`}Jq-`T>RhTXNbC+{Iu(&gf~Q#zup&QnL?ZK~gpIMgWE59Clo=`J(h{Env%
zulWuQKtuV5JAS1OSBzj5CjFUI@O}9Su$X`d`O7}Ql9CVu#*7d4<S8>sxP9DdUj(=J
z4x7;yal-^3F;Z_I4f(a(sbrh0D!X-!Htht!v%iVh6@N;<4e;rt-70ATaw01mI{66v
z#=DLo3<3mMx;Uxeg9saMVul0+yJpEQXUt(n$<iRkwtrxXk@wdTWtcauN9@-WM}MYA
z&@ukA8SoGzKsR{VuVjr*9O_;LVM69r54h_D9nhl^4fu?qNP>!v8kVjIaj#4X0`x#t
zUdrQx3V<~~=#m)dJX2<raqZY^m~{@&q&HB7maR+ay1`Qfa8s>ht^bH{z3o*!H|Ek_
zy<pBY9mmXnoN$DD`ZVxGH6+g_mXI%%kh15h>MtfsT(_JU0~>zU%$LPLf1wIl`c|60
z$Y7TPlp?{h{oQnsA(wKQPZLM#^Ih`aca$K&zyLY=4+BT0P%xw+dIhXHEBS!R_!1f^
ziKy4P9DCd-63K;J5IwMR-zNA&>~2itsoj`?$6Jos{F2e!&9OJT)7(F~#g;f*Gd7y<
zgb=SdhrdAWInG1>N!$FZx&DV39nSxr!1F)u5*yObKX<9$H!)CyJPL)>SEk8w?gZ+{
z2%k<=8AB&?2bD@XPLHkapSdKg#AG_@)Xjz#K^m29&fycrj1$Je_k|cP5-9#X2dS}l
zAHjM4a<iF({+^h}abnKr^VhKwT{*tm`mSfq)8%d#-hEgi&;8&u?JF<M{r4+#7!H;<
z*WrMMJ^$Zb<xQJreG32j^SGIp-o&5YxARVcG2E;Fk|h50!~XRz)<ht1PO>`$9Os@`
z;g2)9R6hLt8I6F2!on*NT%*dN{jm++@J;9Rv5g$1>#eKshMg&6aJU$YrY1#+;JSSe
z9<Bh6w_|?F+oAlf=1`mdfC)=v&TZxCiXq{%kk~$_JK9Q&5Byc|OK2Xv8PpcxR8b80
z3l7Kqmmd-yVUs5k*p2u*5LWWow=BwmB9&{$Cd?Ff2*7)ya721YLDDU^^Ta@i5B-Ml
zzT&~oq?k#E4loczPr9p?Y1a-y&KvNbA|4<Gl}YbawbTZ~AExMvPq5<mrEhCA5jrY-
zlCABV)NsE}+Nx*!T-zov*Z%ZU7W_8u76H>`lfOlFpU~iw=*%?KQxW79_zOBwQi06w
zw3nq+4ZoA~4vV5w5zs^t)(OYI2#i?bB4PvGsj9KKi1?Ysca)}ByMLxJjc@$(NSf6<
z!{>Hm8Ma$dr8vJI@=L9THN4701Ie0EUbH90)HbW<t~ua7dSI6F*<hSw%Xy@kHL(rF
zZguIDn2Twi$`~=1Y91T!SqNwDV*+PG(WZf9n@SdxFNrQKFXR|xqeX6zc3%U<ECgkd
zJJPV{(wyDZqg7#dwpOZ6s_;J|z>G3U)B59(-kUeEdq4PCdu;A7*jn2!gOyg7A1k*a
z|E1PxUg=<JQ?eAg3h3a>`wBtVVtvcD5#H(r1XN+=?LA_PGG=I81*)>n5AwRf8_jA)
znt+E1xG@)kMSe9@H=bBlaV-pAV^_=N9I06b$=#PXYY!wR?yl^0nMr7&xvpkg+Q+F+
zM<jmllgMFYdP>T85!bC0BHF`THugP(1g5WbPnh1X@lX<Pf&eW9j%zR!PtbpYHu@yM
zRo7v0*?WvZDQ33HYTAaD^2iYz)Ib06^?Wb(VKlobrB!NCu542&2UqCYULU)YM9C=|
zl3r))YMs|*SM6A?X@}dm22T;f+V?S(hcsmVpkcQX4=iYxJ`lLBzpJN9buQs(3Qj0>
zWcMN<$~4V~drgWMvBJc793<KD2D$tiY4dWVj|r}w^)X>Rg-Icu2lOX5TiN_HpkAhS
zxKoWn5$BJ+Dg}ne*sPl3LNZ&qM}|X4T|0==!at!B-_QG7a4LM_Ecn*f05b(EbcQe#
zU?CND3$kSl$V#NrD+o@hd?YA!%rLekA@Hf;mhw(gAWnGgMS2u~K1{BMkwjS9!--df
zTq}GnyT^HjkOH@l4pBAshzrz`4HdB4#Iw4K?*g$%@2ae(OTzXE1m+gwYP*di`r-%g
zl^aTE^LO0~Uk^TmFO7i$o{i7QoOoos**c}=O6Yx#SVieUda(+l%c~DxxrtWBF1xi$
zrncwsFXTX~fq1u%ZCnnJNP;EeDeff|=12npX+BS8F4RDioYP8!2FPd;zC-n@U>tW^
zET_f?<ZLIX->D|s&*;3aCj0&fy~`2C8Xd?Vg_XZ)^3iQo@wfi^wEn+Oe$U5~>4^%-
z!+3at(*O>XaCFO+V>@LKMcF+bE2BQZh$dRYo-=x+Lk?&<&`OPe9MGJ|XNDfLeQ}RC
z%x$Omm~-|nY3sRrH`aLdU!`Q6Sc7!wA#7`VzgNSNS&k!5#jhet7g2gV3P+!S{?E0d
z{;j2eB7`Ec&8%#QcQ~&Zg#_34#UrW@&MBvet(+4?cIFAa6_?9)(>N(9lAE5P<D+gF
zIF7f`$-SEHV6d4jVJxR~ZB!C(8D#$OZ!ap`Qek9SvjV33V@^wv!p$?ms^Y<OnMJ&D
z_c&&0M0_Fmrkk|;-B_9o{H^*vQru9fIgT%pP1MS@*3P#)bTozQqFs57z@+YiFCT_3
zO)%X4^5Fy@V%JBH)YmNR@$~40a!Azy7OP5U60F1a!;XXPMPJ!l;+t!@XLHu024B%#
zG<C%pgF^sfG}9mO!o2-K-S&iKo*P-h5vTMzmx(_IMJhb&+~}t^iP5Ew*@{sBdz6+b
zebi*LRfUl&sNvE7&S$wxGGIau5D`S(mz%x&ceId_M}HL^V5zyuVJK`M$@+hQmD~UN
z@AP>0X~cAZg!E->17!!$a^Przokg?Bn(D@9Hv&gQHRS2U`Pld*^p}xl>-SHZei4WQ
z!yUzkv;OS4#O5vF*W53DfA5ZC@js6n#_o1<b5Y$4<vKOC_rb>!i&`NKZWx;`)hg}Y
zCd#4vi5M#NNL5BH3bO2^$Ezq}(0gS4bXpK^Z25?Kk4I*)LHksdPD>c=7G&N+q42xD
z1EOUS(-0XF+nv8vc?-V!VXaj@t58(l#M*XVsR)rM)y*=ys*`5Xuybg4&{7ivT-||P
zY79@aX(g;(KhU7Ucd+0`HD<)4j^-*R>M@XtEZ-31j1FSN-n9~>2UmL9cJe~1eh~L|
zp>A&j`XPLr7IZBzm9U(VGs2x8@Vh8j2i1sftC`t6lE~;Qx}ba9HC7!ttF?lyw>n&5
zSyEY0K`O<cTa|?)-$W(aDvqn*Vx>TugpOo&uJuzL{TKm{kvw#=9KT9sG=a6Cj5-zC
zgh0(_nb+u+pqmAB0M5N81Ur#9Q**SJ55j_#eeAI{vGwMe8K{%NTa`{F<i;iCY8K;n
z!3P9jjn;L-6Buwwks)g%2|HakEn;7|GP#J5_#J@qbP8%o-KDH18WPd^;vQINaRu-=
zWA_WikIu`^2}e|B!_KF#tdn8s_-txd-3K-(zzQ)M_Gt7Os|A4Mjjl3YI$`3j$D4#E
zc!Q)Lm1G$Xcd`}JD4x>m2+w?0V(LkR-E>`;mf154zxGb#nxn7<OZ6T4Zxrx(G<OoO
zqGv|q-uP_$CA_F-b7<LMeM4a3b>95~PIn~;|0gBI@t>3w3j_Oq3mWM8H^p}__CE~h
zdKP%-g}F_2{g+rm6FE1se|K?>7&rA%K=K=n!ASbFng4f1Zy+olvO{weij8|$<wsQ=
z-L?P@jQ=npo+u1-xKor)Jon@B-&g1(LwNAG_cK-dV{a=o_4F;i{xNqv-1px@P{svs
zHJ>_?-=U|2Q|be583J~PNM>IE>b<O+>I}N<UGDV5pXKJy(Wg~t8qnaieHZGEk(=Ma
zyqtF^;E;b)JSDYDw}I=mmmYvqgj(F<AuirA4KrnDqWW7Qmv@X>uHMDSHC;=$M+;ox
z&S4?50(pLklz#?RZnc@Keg4(xRN20Mz}?UoUZ@F1fOb9AnAPFX31XxTrOlPJ5X1oD
zL(uv7*sA+UBNX+unc^OZbgegkFQDcj(?wIRiM=dHGXy}b8<W65AP3vjdK+MZ>Zx(!
z-y;shnhn^*dl`_d6z&n;w(t9eWiV8BV#&VOkL(yQ<jBHviRi?)PVEb_0nq5?Dhho+
zP%OhuCPn5?PpL<w=o!%sJC7ISy~IRmMDYM@$V{}>cmVmla<=9kdi=2X&t?^1dtH2Y
z6p6bZQL@l)yLdeaqhO>9S*8j>xk5raP!RL7;U)>01%Sc=Z2s0Rnszh!>EsD)Me9Nd
zB=8aJF^(Wy11wL95w}K=v~OM8G&-am8|s-fePN@mdBmhg0#t|_?0#Hfk5rG;@g2l$
zaw=UA{gZd!HP57$e4ok}@p>s(g{jh^P8WF#0}LdRtdq|fnLE#!51suvL@Q5s=AN;s
zDgYpX-osLHKzVjG*|dW^K6Q--@f|Q7Kog(=Xb`}LXursm!2vo>H!^$-BrL|P9{T{E
zOZ?kO>r7hwC-P8vPHDh@Lc)FEF93<D=qu90xE*Bk&)}o88=2S&9P#UhmQaGiNpwRy
zppX;bOF$dB)}wEW$Jj+{O-aZQ9?RB-w}l&WPaPXq4j&zKA;o>0AekY=9?c5PrOZdE
zEnCew332H?4Kx~ZU^EG12YEJ507wZw^oA9nb;?0o!z_`zM6ALCe?=dAO3qVtCq)wk
z0!4g)ld41MKLWL|VytVReIId7<;f;hm556nrYCH|RVzSK(VWj70WQebl~{DJY2TBj
z3=Bjl^{B`)EH}jbq5DjTN^&?>k+1H!7~%1v8DLpu5XY2x$}$LMHxE63P)?K@o*YT&
zJ;*^tQ28_)rVgKr@X}b8)s-?obVRs3M;{&DrQ1fIgQoVZnqt(<gvv3A^Xi0BW1gmU
z;`m6jP%;(mn`sX0Ga4wixwQFYie#}&Cpf;_Ni>~Wn&HT#VE`?Qi?H!0V;(M~0gbER
zR)O5+jW}u`b88Q_M1*wk#nqYYNh>N+Ior8p&{_92B`4OsvCUZpA<Wi9$Cfk7*a&O|
zeI(K*MGoGxzm>)by<M@abovWwOmIAV$H{jo2E1=o)~V}gJgcC6G;0cZVoy_1%{D|Z
z;qSeAY0#oXE0M1!F@bsQ%qKI}!41N{?J710R1(iL<9DbD9>-*)UV1dB$jc!!a`jB(
z`^iyl13Pf!UeZmJc4|v)wDW0Z9;&k(egCLWA0P~)qj%BtKrV8y7Zf*jr`9LQN7K|v
zPCb&y+9vs+!q{nJls=Hf5~4p@Ay9&AWM99-I%Ep->4mp$Exoa=@+5dJ_NQy1TB6wU
zDh}{}rfUcY9(ydTqHoTXO}IN|ol9d9-I|!h6Eu=P6!L$vd~yBp!-X}!YwgB-t{Wv2
zDHn}Tn=1nASs)0Ps=pDv^!#X4d=8-^7;)vCJ6e+BOI4sFlIZubg?{&qv?-DYHofFl
zZabzLQQsT`doem#Z=CtZ?brz=ja5<}eLP$2!%pK{hD${MbKqCeh^CX?h_*$U9z*8s
zhq3MZ=EIvXYttH3krnRHK+2>us%fflSepy5(BlQ44b~U3(WC%<acD)Ffzst?QJe<J
zp<joO6zps&To9!mz)Jy9?~h&@5nIf5MnKReetsXzjtqFExixYKD3?Eu#=nErl3c*P
z6C+G`GB7WT=ic*hlD>S^jR~J%jU{nb4BxgnC&MT>tE#zeZwwEKrQ)&?;#iKs=7r*h
zYhSqbx)&O?GtR^a`Tj21Vp2IRFGJm7-7O8tT~Wc3>ZZ0#2iHQ)r&nmxRrhD`y?bq#
z3&f*EGZ}j%>$;bq{<`F}{Wu|kU=a11V_PhwfCY5d!0EtIj<(2jlza-2^eG)Sn@`%D
zw`5Z4S+6Z{!9IVLp|ko$xWFALZKb~KO)y&Hd`imK9Cs+M;5R71;$W|0lJf{&Vs9EL
z&bdAnMp&p`3F#140>V_s;1$*LnI`oahvsrC_n2kw4ps#lD~(mYcp;eW<t`%dlj2U|
z*{A$OBoH*>Z4){46KeGEd1s|OvZSo`CBcwEDl2{}zNtACW?BggfP_5HXSET<`7Ewm
zy?El$Wo5Csy4i{5&A75R)Ju4|@kP67cOvSYM`@G-92}(*nL@1*u}8f`3wNT}G^pvj
zrh{juGTX3P$Qy$^JbJpJc}w6hIgulu0G8k`ixj8i9+OGWvsb==m+U3xeCl?zJV0Py
z@30LXh&X;e47D}M5GWNAr5~DBLz+^M4?q@B*2tZ9T0emiC*auJf<6+Uh6Z9IqMjiL
zq)v0tQN20IP)E>kkox1O6a<J1NInWkfq}Zihy!mo&V1<4{L`h)!@JwYUb6CZ`Th7i
z5lt?EV1yf;CGnsK2=p1|2I~M!W8{}2&;Zr)mG{x)wF?_ooPBNC;=XCHvRq5?2<2&X
zeMAt*3eA4Iy4Lud9bw?q+;x`F*{~*oDCF7LwpN?Wjabp9W0AI8>(Lx7tq6uh35d^;
zInwCXf?SwmG&zD_a-J3fzA))Md^b~jPe;e66YrUPoqgX_?MGv1$Bz#?9-GIRN|6<h
zOD{xp?Wk&~&2fPmQ%rci<9(L%fi>3=Km?Kh0n*-Hzv%CIJiY&AeE43DaW3a_2G(pg
z{a_)LJXh%E40DYM#;gO}_`3CBCcsPFQm|y;$G}{#ap^a9IrFMM-wa*&;(k77O^%gp
zto01Kp&=+FOq=!OOoHMz@EY2WK;suB1n)7shgYyP4muXgNxB=dPC%awDAswMh=@5s
zAC1)0bIDgySYjNPV!$W%d$tSOywc9&j7iZ=QO8$W?(Fp|+Qsx8;cB{p&NMsR-uExC
zbg0$xe-dv0%&z~<0%K(T?}zJpG-RDO+5Uz2s5_LRTagI?01*uA;Edjo*p}56<1jgj
z2}>(XsUe~I4ZHgLx&tPVk%q<5%8G*r65PEQ-n*d_kOn^WdZ7IJaT?==;y-GjAjp-V
zM+Af<-l6?zsxv1kM2zKqWxwG&;9-`^C@trvPz2L!nHy#OY7hN2b9?!SqKubD8X<f%
zqc#A%-b?&zbME`FD>qYTRy5o6YThjT?Zh_xBmbs|^JUCZjGoK^BV>XI_|EWDh%v%2
zDF{IVph6ib)X$XDXI|u(|7F^;Qp9+=<!{Z6wk&2ZK1Y$vG~F7;mGHfBR}M=ds$wAF
z^C8ni+U*S=ec14DGd&hdPC~BaU{TjYSzCS>c&iMLSpe%khyfXa5sO)}M4z}mG{dkg
z-2-&N^x!VaL?2+UIyH$+MVSO<Ge2l{#yoPlysI#=UCss!>T^j5(K*#O{mj3jla~Id
z>)IuU{@9lo>c=pWQ4(P0DE3{cVSe1*e49@n)SHO(LwyF>p<kkXMU4u>c?2aLD}e((
zXF!tXl+Z}fU<7;m&P184?j{`lq;E^%uy6c|!`*rN@l_lFk@uh+KmV>}-<RS(LM(P8
z*Gr&25usAReo~*Dv?-Y$uh$ZT^l8p(Bgw75fv#!yJIP(9o-zAn#==9+s?usDcr$R7
zv;;VSmhroZ64)xqXY>=C(=hQMtAvEiigE~>a`VK&e4@E$uG&#0wJH`2(@_$7t*N>h
z3W@*NETMC_0=3F_l~gz<y-CL$9e^aoewH-`F(V1SeB8VO1Gc6^UIJW2YhoZ2_M`8$
z-=69oX}!Glv`Y2Omb4(hLbrge(YDumh4;PP#2odhOTW&k{#Lld05NsVG@kxa(Slis
zJ^i<;2iA_q#vP>9JeWIGVCXpubziLOSG85o{H)>g;4}_GU*B;DkuwsMM2SwKIGey8
zNbL2*g~VQ~<p>{r%*daKH(X5MvIVsj`}L~q^8Ed4bu#{Oee`njeV9)tukX(qB<tW0
zgU-qO*T)dH#)bXc-OOKtS0N;EolFc9M#xmJ7!}1+-VH2Np)=OzQQiU`G(m}=F<UPS
za6JNS6r3wb1gI|ZwfaQE&9m<n>2iW}<jv$u-CAf{=WJSHGk_6E@Y)rWR&3L~A*Edf
zx>gLlHxKI&qs?UMke>PoCWR$8^0?_{E7AVnBUW^(RWsJUi*WZ%RWYxqUdW`3K^C~w
zhTKqV=?9Y{=^S)i$d_eZO47){V})(hm=FN{)oo;B1J|@%lz@^0LYSz)(qdtT=Un#-
zUy(fuU<ty4!BE2u=K});fp!=@i^e8<4NX%7ciUELw|G}jQ)sIr%IYeJ5%*a6`SNkS
zS9i?<TO(}~Hb(vva~h4%$*fFj9a+Y}@D)l?`f&@IkN_=J`E>#r)f8T2+5G^*%nHtE
z(H3c0#SQxGGaRQg-0?jHtZoB)I8jIlL!a#0_&|q7xIF~=HA<7|{dU|gf^aRi{7dxp
zt5w&{a^4JBiVqOCoWf1BU6q8cju~s!%dLveiYr`0%(xt<9qPMJ9$G@YFp{^eW1I_c
zgkgrkMJyhup~!^&kUbP46Qo*}efXml^vtVOgH1E%dyIsANEvR-R$BRai%UL(XLBjf
zQDuky$f6S_W$~%pK!C0BKZ0$zp=ETz8^Tf*(S)&l?ls{bKp<$3hb&$wVaw$aq=rJ-
zLPaQX;tbd4BJWIpzKLwHueS{P=$Di;+=Xnle}{BMqOBU{K=EGTYlTiQ6m0MIysa;q
zM+`k*J2%hja=YENH%QoSH&&N#DvEgs4$Zv}1cHcK-Rq4_zJOxzzd%U$0;VqH6_9n+
zIyQ;j?Q5SF!CeW7gj89E<K`0>lD&J|28$SU@*e``_J@9yD_sMrJU}dmw(qBNTtD^?
z4xG5IAu|;a3WgtJ+XxE(wN`q8h+K=#08sMTk>|!MMjtYKi@lW`VdBf#UYOKCQ=u~!
zIQ*hG96{<1bg}IcraaL<gy(Py3x3+>`e8es{4oNZeOpggZr3+<(lEx?$z(+BPY{ht
zzX|QC-&`NBY?d`>r+@zi(8|{^`VVi-zozd0{jFhQ`tQSddoVTQH%H#L`-0>_K{b$P
z2C96W8r`x$0JA+l6@~-*QO!vQQzV=vHaGQmZ!wgL(;C?6lxXU|PCjm|#h4=Y<iVI!
zg~T26V~`}Rg1*n!Kh23^7bxJr%)4+7I5$ioSPn%<8ut+PesA+6<9)dccW3VWy+5!1
zs53#k&?NCB4qWp(0M>UpIBJ9Sg|hecdboDIf4_{HBNBl%)7z6zQTzM?`5(@ZGa!I>
zj3K8Ie50(%B@s*;#+zJ-Nwln6)ePlb0RywQR`J;!aL{~Iaz5%f(qVcyo>lX%PpgHU
z#!d|SHK}T1ofbq&g6(~O53fkjPl}XAl<oS(2O+KafxuqyK=UokC>t2j8WjQ72D38*
z5(8ccxelFr(<>rL5I0LM=@g4ZSx_qDQPU^Oh-W^LAWt>O0C;2y<boV!Y8y%7S(F8)
z5XBo8;(}^3*i}A-RwoE>Ob6=etF(v$1w4&(`l`2xc*Xrp@I=5b4X#DFB4^fjGl9>j
z{-X=eGtIfdVi9d=pQdMde~s)9<l2IZ&w}UjZ^pxP3qLX@a`2$?CQw@GVQn?{+@V~T
zO~gtZylW15k>t}*A32IFqG_X`9~;#)nCLn-3QY5Y9~WC{JR|#a0fuwAO*?Qr<oC<t
z?V#3fJWlm`TYR3(p<X*?cjC`@lU&|+7{+hmzFX{@Wf-(Nh&QZ{kiGT>N}KpSS#Wo<
z$f-{z+s;47AhC22Eu$J!DO#lL{3)rxoqZlHG%qi|1RM9oQMag9v|M{T6liEXtjr@Z
z!xS+$Nbws)C5M-N835##=haY1kV?L@yTfV6qs%{WblGJk51Y8KEpE9MbFG%xbXhJS
z61GOx9osi>AysISl<|n(+UMDe!A5}x9f>S_q^{*sb)7Hxj(IYKT>Lj0@caiI#z&mX
z><z34XxxqGCzDlIYj$z3x@&OgL(swnvyE)ichRx7i#SHs|A<fw#Sb%&tw_W|h>=JM
z>p^iOLcj$HaS;v}o!Z>ORHs9YO?EKF@Om&2x~X~O>hI2t-|N_@^U>iSb+24C6cSX^
z`T#`r8frJwSHssCzAK701wF&LhkH@ABugNo@q3P}Q%2a#XpR{(5*{L45+ZrmkqD96
z=k`-u6QVxKEL$m&Y}w{k>XcTpG@;V-1v6`;b$Q#xXKSRt4Gakryr>OAq{t)1`gIK|
zBJ0JlQY4l!c#*lVh;R26vpl10GUk}5;N*E6^Xh_PEh(-OOOY_!4VV{6hHmOK5RxdZ
zt_^K|1zeA9cjgzR=H>U$I%0cE4QEnPf=6{6L*uwF*`vbwYH`r)2cro(`Rl@VP1{*|
ztWT7hjTh0>c*#<UR_`G3ivBysxknU<h-CB5!j&+vl79=25V4g_BjtzJr!qLaDQntU
zuwc~Z3@j}?=hpqsW{8z)v6)j+fE`b|s<?oy>Ggj5Z<rps5SqDKSl!tZ^d$C78>M`)
zKRDp0FCyZO*CI%i;X$26eFK!{@a5y+U0%Kw9BYaFi=3@9Ao1khc0X-LyC^3|&YG|1
zxM_$y@qQfKdT1w(<BS8#_#I9Ij%H%8mIaYjtkscx^y_sjW_U``1dkz=k0{ZQtKHPK
zb1OQId7rQ&Yd~-4JL5P!^5w`D_8^zny!H}#nL_$eGB^TC0TOcismFW*!fkSlm-3>6
zcbDIa+-eINNnQhp5w>}k0+E$Zlo-%i?n}vW2NT!SwLvxp6_1EyijDP&5Gl-6QAhDB
z2mkd%maJ-30Y*kFrC-1_3$coUfDB9ZA6Ed38Tb2<N{*&MmaFTbP0*LfCw8DwF-t=y
zuY`5hX*FZ(unhKcDe@->|0*hqhL5L;oobPl=P>;->161unn3*_ynozIbSru#;|k>q
zSQ9kHw9F3(hIgG39H7xXfa&OrW8MOH3@c+;>J}(Q<+(DhJ@TBkQdFdB{Gvh?5Z6qw
z^19T<p@C%*q4(^yuse|jW#`^%Qn(pB&f2Uw!G+fa=KW3-Mr2z>m413XwzcYf35cVI
z#6ec1Q=#L(WQTh&{$z_PazFmIlj81oMG`b$h1uRYK;&1{T15s^{~o=$!SlM@tNt3r
zAf1aUmUmecXK{z7UlT=vb|6>X>pTZ~_9@$K&F9r8lcVRcTfO_PtDZnrJBF%zc<i3|
z1+TlXv{KD8SM}ws+S(!fvv{BS$wiX4WWFhla2Py(=#G@#ng>NQ>MyDjK!h(E{3czv
zf09S<UibTaEl>Y@4cXe|*4_nz4`0jji^8-OK^Td4<OFvLLF*Y5C0hN!nYE5r*m?(A
z*V;GDzKllo=4f;QeapQWSv*5nH>;N(a$ugTeU*x@b#u6NniuzTR}zkRFqs%5;O!#p
zW8pjA_Oo#QVYlW@p4Hs8-zpRauYfI(2;l~x2B9MbkrD4Z=Xc?Lg9vA^t!?-{{2*yF
z{&}rIcfuZC^N6*MOze@l{a7m+kwSeN!`#W-fe6i}H$*`o*|{+y2ZKmvf#+lEzUuDL
znJQRe^cOCNUo9rU{trDM&tYTp4$tYrOwndvQWkU?ULHWc@}qF4$bMLo9>_OnKYrnA
z(5Rjy)M>BL4c!I&c4+QSe>a>4-d5bfxH&zuy=_dGwv|tZuBaF3=rK`JJQr8%ft{tm
zjEIOF6Eez}y1AO2r<Cwm$-BDFBU<*LDJLpfyn3ytx?j%B*M}6PXV@OPi;;+*XOYEe
zLlAE6!CvQ5%T8aWQ^OxyOk;TZqbXRu{pPW0)m=6+mlZ-v55y#Gh7y@09)?|w+hpNO
z-G@lTH4pU*GiUcBV?KiKkKRuIjE|lQ>+Is*k97ktW@AM)4@X)0T7OW_Cut!V*_sdL
zKH@ogFs+$g6pZ9Z(WJM*>Dy?B#M~Wpz|vPy+IKxDV;}vcg+6*SGM~i-j3<G2+a<Id
znj3Ghzz*xoALzw*l7|1Fdl>&kI{n{&?EhEbJ>&lac+d2|l63#S5s1qg+g7;j2)+FB
z1>|#yEPX)9(QI$E2n#yRtQ`#J1t>wfHsA|wx9m<fard1oZpe!|YvwE;ELp!f+gjKq
zNmjPm8h6^P&kZjsU4i*Y<;_b=$oB?IB0Zq<NQ-+4M(}b?B-3tt5=sYajV4RMcP29x
zn$kO5eykma*QC!;tS_B$$O7p|;uu~ika+3}J-1oj)nL>&kA#?$V5oNN608(o##MrX
zf)&BxO@+bW^=W&Mwe?6ZP)DAKXLM_>Hq8tRT>${i&ToKYH$XsH=vb#gjd$4qnwxu+
z6tH+hjcVYt%EV-2>JerX!k{!a1su&*LWX|^7Y~BP?>t2cq5>NShEPuk<p!MNsS(mw
zh$T?PyT;=TXo<k&zEHCXLDDZ2gt;jqo!I~eg7X3(FjB0DKO&G2VKD-+)QPl)X?cnT
z*Y`AuXbZ9g>r)lb4VWU05sYw|AfY(3<@SYNB}gRBh|TcUO%8DuDw@IG>+_&#NIW7F
zRU0CoV8jEGhHFGH5{0&i7M5ul(L1Ig(hMoD3<66+#v0*-y+QvP3c~Nyqx_f`1qg1`
z*y|GK5RW7H+z@XoKq+x7z=BDh2d^f_xWKYYl|$ea0cq_9t|lpvhzU1Bgdc&Sie~*Q
z9*KbLNgbIu5U8>0ggdK^aDtK!Ko!EHEjiG2B`0tHxN-@1U{$`_Zu~x6+W({7oA5`P
zgyGZi`F_3my<RN$1zF$6#D?!JPDcN6aY}kATTWK%<aLE&RsBc@)j7HL1OL0Zu`MSX
z6%`43biJ#i>-YBVkUX>SGkv+(?C<{OlYCR>_4=w0Zj=4%xOVM7+!7xB=hA}YFl+ng
zdjI2LaXEbG+144eI}fh!*YjuS_|!$MKY`AZ1-W+p(|gO^50o%4J&@lG0O@N7a3dVJ
zduhvdTzhnneut^5gMj&@U$p>pI`FTzTCNJPDa80Mp#}WmKf-YxBFn<4ps@1}7E2PU
zAU7C4cJs8s%hZ{tvO#Fg{Z=+G`XpI0nA9VUE7BBhN3b0ms9i$$mK0jQ2bXCcEEL{7
zCjTWfMsI~v8w1UgsMDWgM>}TQ8QT-o4qq5QHeK}opkgbBomRbH)^1AIfj_=Y>?PHA
zCyZ~J_I6<W>y&8y^6pWjcgZ<MfHXQxo5eFalwC`l3<rT;rMG4IriOzF*T`YjnG7b=
zA%xasFq+JUGy(qyW$zpvS@(DQ#%3iQ+qRRAZQJbFwr$(#*d5#M*tTunJnwzaJ?D=5
zjB|dsMvYN_SM9w&wbq*RJLio}yvCO+N(h}aMw>%l?XbWcD@sT;CKg*@?m4#9HWlY4
z#_yg}+QeoFh6ioah3VP))+v7@m$Jdbp2{StY&aOT@%dAn7LD;)@=pJF9?y@M5cIoY
z6Qj0Ps|nSl=#>b`WjLRDE3}@7R@N@NN&m84PImLWG}8=a4bcT@7_#2`?^=Ks&Q-yD
ziCThduFxtsc-qg4Q=o6%W1gdm^yOmtnU-n*oob+2Ev%*tNiXqUYMZDval&6k%Es7H
zpQ(d`#&i&*#oS3ObHV++(wA7k0@Wk_a0T5orpx>A*z)^>1v3c;U-Ea4VN#W}q^Zfo
zN0alTCsICo#lGsXLd&k@&5+&T()x+rPar<E(Y0Q=pJypOH#GX+-#7>S=D`zT{q**1
z5YSTaR(ni>;Vlzu*5C^i#d3l4FVtjWWc**K`9FeT894sq8juZ5t=PgLfKRSoFLBDE
z_v_~5o+*2{Y!NYOI;UKFyoi-))b1L{rp)b`l6SxUHF&=g%PgHuM)~P!&Dkw*IKz8<
z7)1mI8u9_E#9-mU<H<ORqWTWW?bqZQ-=w1pT5~E7oPJSZ^T_+#9?H$^k-&Qg;a7X=
z@2_`$rvb2paFUsEYIWeHd*i`zs#jFs_lFNe`i3oCACEp!hOm#%;*@oxC;Dr2(@g`v
zFhG(xRkRPdsT5`z*dfyIY^g%5r~z?_I1|XP=G@7$7`0&;woK-s-B=ra_jS{DOl@WJ
z<SW<3Ukr~@)?)H`th4i2Hz({kRok0#+e|6P$C=r!(f@bsSLShR9Z^&d-%$7UR;*eI
z0kokqx1%o`S+Pjl<o7h-U!9dd2+B&mA?ob^$jGSi1po=r>d_wLiJc^O<VD=d1B77x
zVdBB>+^=@xt<E+4ipxW!1cGw>#kExkLGWF_{FL2(!&cYpk<arv#33f$cpvzwVzbvR
z?%L|P?^JiuAN)j_sgV5D5e+7vn9N-)%x>DMgZ3J@u(6l=&KXy?8=0BkU9;V*C=>PP
z8(vRs^i7vY%b3@5I?87gcocAE33<X$-Q;WiWbO8DU<V^K=Cz(}$1Kg5xS`hyOgw$P
z;L;6eQiM3b6t=)w;v{J>K;0mhp~{a&?PYhd3ui<d9XbLJU=g6DnGt%6c*S|%dix6=
zX9VgO8`oECOmCdSOj>_{MrjEyM(`m#)5Y$osBdeS33sv8aoS4hqWD2(yl_y(M(yN-
zP@|ysl=zWR_%piT2Zxm(h3d*0*6~wUh^&r8_+|5Xf$GaXi-9RrKu@V~2(zZdwR3<0
ziwZO!tOJVt#%=aWnltw}9Xx(&n?P6kkWPN&DE@$+9*k>Vg1sp$aTxX7JR3EiNrK!L
z<9&q3!?ca+V3H*$YVXN5VZy4BWbhc|9Yk^?D5ake<)3zvC4|aux$p1qJ~!`Qi1=N;
zK9`(iL!L;=5N9@Faag;Jc*I1{aS9Y^i3)2B>I2yfC}ThzHy0p8r~(y?nJ7{A+ABmS
z+f(mUo~+M_H~G@&q{^Jb4hr5wAlOHNR+~{Y(<OGtYF_;}m_~<YthCc%jDSOovWi_x
zD6dEtn7~=b21Wsr4fW!Ibi;W)w_0Rge%eS9NmMJc(qd@ipDmTqdj`-gjIa(YK$Cyd
zpVaw6!HIIhTu7HI<Iz=OEra~FMQq$c3Wald=8|3z(5h9uCJZ7C*~gCi=Bp%!;K>iD
z`A~9bFRbt4Jo%rnL@5OXXYy0Pqjh!Czp^=RrYkMNQTZI@`$d_TE=`!D{Pi%2;!uyG
zmhmRC9}I1!zcRkV95y2ubtwp5g60i@6`mr1DQGrL{I>2^DLZvISL))bH8rTbsq5SJ
zpYGlzD9;-xSYYC+1xGxlT**ikDG5nK(1Ij)L^2ni{h3kM#7+TqPL2`h<BaqHJj6RK
zWw-r9v03leQ!Ek^S!$Q99Zo3qe4V{gdsvRYHGe0!t5rGH96YpW<ybA3z*h*dPM?Pr
zZ5=u_KqG8rNEWb7l6`t*CZ|%Z04gsXkGa{?ilvBcFMPZ~eV;*AZSzjRG*r{F6%5QQ
z{<elF<YI|NUaR7c5LnI>#pqNqAH=P~R30f1^6>tSdw4KHg+QMdEoBTI<-nw~cPy35
z*GdoQ+a@EnbHNY3$=lpqZ7Y683y$wm7_<U>pc;*kN@#T#GuY)Z+=ur~%fJMZm86l`
z2M+n=lSLZ@er00Y%40rfjrEu*Lr6az!OQWRz_}`+7ZV5~u_Bxl8oL#t!2Oy*xsT1l
z0HkeR;^Ql=#NL!l+4P(aKf67!4rHEgy%oJ|#inL-Ci++9%sM*K@TO_kSXJxk3~kEa
zwbueeE0gWzu}g*o;z>!1q)7w+Tt+Newm$w@QjhN;lRfEi&2&pPtxH@}wsF_rjjsc|
zy}d;0+b+&SPo!p^tP8fOf5x512)O2WbV-6j<OaV~HU?Q{q|LKNb?vz%Ozy0;JmImV
ztR}GS00wra1+|!(D1WL!60~C;Z5`v`Zu0#O#iA#&DP7QM@dNwrg0pFf;>Ls;(x*@!
zLj>r+Wef&gGs2BiAb(0DLl+Ey38NRH8YI9Gv_YI*0(6Ll!SDmXC=W`lF=%#W(-aJV
zXtadUyQQ7%UD#)epJfUnw<H`}a}QNz9Q_H^e$g4UK8?A6y`|>|Z5z%EdkFLxI<cG#
zCV)xI?l@ID>S`1IvcA+$ITo23pAR-Q-wxjPcW9_VQ^~U)qgp@CPa@C(6i-o*a<?;F
zC{UAO1Hx}~N@f2p6KYX6reR_~Rh%Q~(s<79)k^fQ#d0loo3ty{?VQG_#HJjs0S=iZ
zCRNi_3i0szm}Fv=5Re4r1BN?cG0FRb<%wA4VXR=rdc9%-N4=x^11&r)6H7L^yV85?
zq{$U(Fi8T6ia)n*MhEP!obsWGu1B8c_l(`#93k@MrRAMbsxMr&D%<|K@aH8{rX!sJ
z=g^Ii`s{ylC2hh&5dyXrHD=K5VWED1{(MMg(5ikKj?P{57`Fy}F(ER%25D~zz!GHU
zM9AznS=V4ghC9Q4!NOXtF<#d?W(2$sOV%=FNXusk;Rdr}%cmnQtkX{5r^@>RB2cmS
zzVbmpu($$(zDH9adgj6TXDJjh<&a8XOjkt-t%BUYD0UGC^&sEsV6=T%g0YC}4g$8D
zUoMjk^aj$6YTVzgPT3UA`r~@e=T0mS=z9AcqrN~ly|HfpZPCH>FGtjj3~U_#sgJEH
zb<Jjt11aR{1GO#5KW+SOhe>7?M2BX&YNMhF2{ltT=%I|OG1L1MHz9#oBL+oG)GsXI
z#McLbFJ_3O?^=wgfWlB+I7x}*N9^I*%wJ?hbpw=zREeiW@4tU{eMT}NF;0$o9lrQt
z#H)DC_sMBLTpMQa@xx-$_-DldlPTLEL-(VDR><Cww%yvkY0<tDywSBN5Gzj&owvwa
zzWsX4cRwJ6jpO2#+n!;pq%bK#9mT_@kn{JTjc7jSctd)tCL8pO2zMJNnli6xHfZ{`
zUwNBdtcOtmwnNIp2X2CY0Az<_HNYKT>uVOf=Fuz<Ib9z;Ga$TgV3@|DV%;AT&I8~=
z0n8XR1?HCi7y@nDZ9BI&0}&(wEuAF7@j$T{Ms`qa_^wlCR_HF!XGk2IKg<=A%r$;U
zyx_u~PXw~rnxlvpZ^L-Gtz2O=c&M)Vi)zo9#wh9RcPIF2OTVSjaFt1)cTa^xG`pV^
z0*-<Q=zNlcolc8*41*2B8)xa&cSe5IHz!zCIH)D7(S?LXp7UWB6+#n3P!{-M1w<hk
z_@rgGxT_gd7#ugP;5iq;6Ag9rA^l`YsysjJ^12?kRYG)06O2+aLwd{%uJL{>n@C;r
z!nI09T!iNUGx18SwrD8c2%d4l<dyBW?)<?z<gY9K$6?=PWV33v^(U0QEjyc>RQs{{
zjT`*myUOrfR!CCqODelztC&6jH)_8HIjY@K+n+ubxg|8P$bQLbZW%=>@t>SWEIR7_
z*{sMCEdU=yP*cYuk*aMu`m-$E;5=Rb1mSre`(=6(Fq8o>Z=(r>L@;WS(h~^lWgfr^
zzi{dA)G#X`TY<Ltt%W=%%GV2oO(8Z{W1e|w8$^Z!_>yyu64`<wpI8f9_W%ds(U*!d
z6mT_APtLG00W8*JK?3V#(o&}@REjU3OnsxA&|4Y8SfQ1emGTktmJa^wka3r5js6tG
zD|^fBjywAKS+pI-c`dycZq6Wf-o(S&d%nM0trf=&#M+sIp*QT}g@>_Nzo4E^lI6o0
zyyN-k;+S4pRc>S$V?mb@Jg$d$fp@^+Sdg0Fz2J4U=7P``ylf(OsqEOdLSiT<*+h>1
zOd5Xq)GS`^wNF1CTx|9bSLSgfw8+?Z>-_58buaCR^v=H&ifzYT7@yD0Y~roU<4?vA
z{dmEuIUfUO316R%i>7a?y!9X!lIkcwAK!?X2D3j_k!t~UXe9beZx<)bu^=c}YUUxH
zTqXAhNJQW)%PU8he6EI_{p$A|ai|o3Y{|<@ofbfmxc43@oGdhtKQ9k)C8U8Ai|$pC
z;i{625LJW2euQFV7^OhonnXKe1BmBOnC<Owwr#V%*O^ZbBY+BO{p%nn(ak_dVVWoB
z^1U<L?DA-&<7M=`JDqNv0n9Np?+a0&z8&u0=)?RkTOQ_bB>kuKNmdw_?PoyhIHG<$
z#xb<2$sHD?R3s%KXidf|FA_<9RfXBT(%_b%j0GJ@aP7eRJ5@~zr3olf!U+a0{?RNe
z)H(Ht>Dm_#^jqHR=a6f7G0MERpdBJT(o?&1&U~b9SIcyFb$vzry<f<hKB+RSgMhks
zTPapr?arLO^1+-%Ryc)pee;6G3;I@UqsJjW90nARx`~muSW^`^dKhv0>FV&Tv7()s
z1U2bZvwJ>|WlV*;E&&m?OZaO`j;#a8MWv1n`zTBLMy~fgc*l`0DN16QU&!SU3lkjP
zCcqJXm4F=!x+bsVxHOiJC7O8ji=yOFA>g1lKlY*!L7PHM+D3x$&#OE_sfg|J<c{}}
z4L1)Djh<tY)wdpCk4K>{G#6*}!!aY7J3_cD^)HC?2K@fLN7FBE@$Zw1bI8QsF`WN)
zQCR-vqA)UW{KwYj4K*p-HBqFlH#MZ=V6d@;t`?H$Zy2qJMC6I%9?YXc$W+r5ppIT6
z6MuCz(1#bC4Ci0wBN4#6njK}PXTNX|;e{aHh)W~)$BS`_5FP6Jv^;zG8{+KEH}LJe
z6mtFk(}LEj)kAS}`Sao947_ep$c#5@`OCz!u8k~wn21DCpyL9e11LSGV;OBT_w&%y
zyA%F%_0z>a*?__G&reO=>o>$_j>$cGkcu(tXZL8WC=XQPd@tZ;!!S`OIX_nkk|?#S
zM-A=~Iw(xp_mLJ?2#~tsZM29)_2H0C`5x7b<<fdWrO?(d^Wz~e4DK>KV&6G1!svG|
zo)In}gOQN>GIXF6BT)4n<QNR}`ChWHi1{ATFfaowh3<=nwSqU7%+bmg>(%o!3R}o)
zzkx+U;;oVFbK~ss23VlD5h(?#(pn5@(ge&XXC#N5*G|^LeH@}Z=mEt=6K~ta`f^3V
zU3TsUhVx=%7o+U6yay%N7og%<^*9~d6iZ52jpfAXI%T|oxMyop=S%)Is~Rx|YqT*Q
z?Det=uB)zQ^1M)o<q8HBo}j#Wod?Zqng~U6(`{y>bsc;oAEWog?5^LNG%=kBbLSQ7
zST9$8LtXEi#NePRY*IwUVQU3n`IUDTG(`#|#swIRs6sys3ZLf!$}k3boME_zATHb9
z$+#Q!7}AR5Pu5SqI<&{@ek%b^3ScCJk-&)wrI7qh(^FV}d^%HB6!1}}E1fW~^@d2w
zxI3Y}qDx+%ms%`dZn|7d7QW6U-1(N(7Pp#HTx<NeE2CBj0OLE{fgPGC?*_`{KS?C+
z0QHo)=jR70=712mk-ImArr7sQ1A=wI>w|qr0_3S$oQ31IN;aruy<$VpE0hhX9Q=v*
z-b}s-N6#%H&B!D9?4D7)|IQjGE{M%t6g|m4L<Vj6eBPu<36)SLC%JrjGp&RvG-h6i
z`2lABci|(hS8MRKSg}g>M7biEu)U%(O(Rlc%|(VkiFMbNAW3qBpFy;hPcv^72Q0`2
zW34!E^NPmCI+o34=h&~^@=V`6yEM~)&`#t1SCdpbcl77fdf<jUuT+Ie{pkA^pYOAu
zZg1POy{G&fUWTo;ZRri6%bt)I8!yj7<X@I(2n8K+h9P>#vn&P05Tdji)2Le-Z<<Nc
z)YS1tm@Y#C1e(gZM-eAn68W=gjmb{a{zeRwX3I7qUzZd4MYXeN4F`SLszy77S5q(|
zuMFl_>8YvXXL!e^fq}cMI$vrtg!AyMNlm*muBu;+hei4-Qd;yah-nCQ=Q>7fFQ`rU
z%Alq$d%BA-@~cy8&XWd1)a@nZSkC*s0K!l(X5G>8l}KZEafyfS;DgkA$C~|xUZg=P
zJ@3mMl{zY8R|;xrRXgYW^l4SdA0OG5x*BjQ-2uq*Gr?G($(t5Tqu^Z4rWu|r#ywkw
zzCik%;n4pEq<>4~U}R$dk2BE@)HVJA(sv>U!8AHdsj6qZ6qX2Zb9o?`dHm{_5&(mx
zH7Q(?q`yDp%i9c5l7v=666LL!K_5P~!O@GEn^|gC|Cty88I|#zGf8P5_Hy7Kqn^0F
zztHgK#Bi)d?%{66{s)Mte}l{X7rWVjWbV`M5$H>I)f8GPiCtRg`!x9!6*#qD2{*NB
z_}!?Eu8wxKsh;Z9R4o9`@JrpA^s4U7_W6ucj-kg<5cPFl?G-%j;w=WsKNRBvFJ}@H
z0pyadkPRe*@u{t<z2(Bf953~IW)+nElC3@sct+G(6>Zh9_Wo=!OxFV`&(8w(I}l$M
z<Z2UGmj*5ia<bLFWjJmabGp^>ryV3QkeEL#pKawwmk@{H`fnjfuYl`CP+_yX=|Y<Y
zVRi{`Uli8Z%xJ4Knl8$UV@q;dO}ikdv()?=V=7CH0f(S>F#7WeLXRLV8FW9;WAjQ3
zk>TQC66$(G>%{^dcH#7Lz1=3)S(+jpWXtn=rD6kGW@3TGXbrj|X=B6VCYJ7%k}(s+
z?uGh?SxrSgRqNL3!qaL!s%Qv}Ge6cbr2_yV#XZlS;?l1Ml{9$Oh{H=h$#^fTxYdRh
zV-$G`{i({J+<Ky^c3~`8L5M6Q6JUkmkek$>^<V&=bId46q`q_A#bcY;9s=R6zn-6Z
zGRLBvpx8l1IP=iV<ah$8K@*$;R-XIP<w{$f6UI3#g*eLxAV#1YalwR7LtVZlU~-S;
zf$}vM;Vm8s3K^%k99gw8O>_j7<Yl9whfpOba}lpmj1A{vG*Ef6=QPt9vi82Rf&ne%
z3_*kwf#?w1y5#!V#j#@gP<i$GHyaG+_t{XQemnxY&~Ow=r@wH7K*nr(zOVttp+PDx
z060`walso&29nz!2DM{DF+6$}6va@X^C?(O7qVgezJUDpq-in-l~t7kjWM$728%Vx
zTyp`i@Gn=$)kmDI^A|gB1DE$|l?+^T{LPHP_%hYH!(W$UbaHTs&Yh>XrGFe{RavaT
zPy~#sBqr&ivo(JeuB|7;Cu69n=uCwrh^}LWNh2d8RXr3oM8Gs4v&>toMR(SVcgR%j
z_Fd9m^eqPPdMx%$XeuOK;QckZZE(+CX%>32mC-(jHEC?rhLAn{e7O1WbP^05l)KB$
z@LK9zAZs5Znu(1w<PgN;(GHdKU(A>N(TkBgFG4O7unV-K^KunA&_KI;ZRhUO^*dVd
zS2!Zb^T_SEM$h^MGD}_bs)6Vj7wwr0GYk(tE-Nl$@l;Ow4)hudeY8%PIs-^79=PqQ
z|8FD!M%2ePq@Y_KctzV-oCOn%SWDW6JOQL+H>9i!>XZUvt|2r6Od4&hk%a7kgB}Vb
z0VWH@Ww*HKBUU%^AYs@$MOY#9_MpHzJ4gpjSmzKZf$Z9L`4#NwaY*%8#VP+H#$~{%
zuKnV@_lR!r&O;y<XuNk_O7JX&b*}iC1G9OcdHPZD>a9LDJ7g{9--8$9m=#ZNL+R9@
zkHlR^#~nkX)m0*0FDrdz4U+mzV@@(ysJ-<GyvXR=Pt_-^^hWmvzwt5)o6~^uXS6`>
z63&;y9M1Rq+x@^0a(Vvl1ILh0yWX(9LitiuIou(kpfVuYmY$f9w4OD1Mt=Ha1GqMO
z>zps;GYo)`XZ~V~r%st1Ms*Z(uqVz6|JjDZDi(kyi|dhoY3k(h-$=^N{{NL27@1lB
z<9gf;buGEQZ|~0c)Y?3{n1$)lX`Px1X&dT*#hMM_1#D%UJ=uVTcoe<WNzK*wK;0U2
z_&5mS4?s?O7H6vM6zAQ_K>xKE4-uuIx?7SGs`w?TYvCJmg8J@=W2}U0`4c9kO-P4s
z55>LB&yO!B;jBlADxcZeuQ{jt%b*}U6pApAU74e8@Tila$difo``Ev+vL$=;bFsvg
zKLS^Ce@7qU`g|ey{@DkD3_{PR$n$Ta@4X<nHU?uF&_oZ5CXZs|quxE!__WI|S`j>0
z`i5N1ymOiF{-;Q~nuIy{-v#Xhi{#RqAf`S+J*2&#Zr)oQ%33f&sET`&2k7UM+s(0l
zxRHWa74aQ+|0Oo;6}!&Bz!L*Wg2Kltp-XLlFZd9Dai{qatcQ~Uoa9)9Z3_Hv$TA+G
z@9p~WgkvaRtCESsv?aSS<ihk0jds;Midat%j61RBrs?;blB;bVG>?bJi$CmtHp3nW
zt^~XPksL#9N;`nV%kP%0f=EVJ{Z*XQ#Gu5?O~0hd(>b1UDyv~`rURRimn~4Ccu?20
zd#@t0mo73y_r+Q=s}>7BtKPwF@DqwcNE!yV*Y$)-LzUTt6xv*(&s~y3&kEdkIbVus
zv`~{^6u-d%J~WxP6o=M@0*)9JtRv-X22YusTR-p~N+2GIjFn6nNmyVsNCc{WXi-CZ
z$nKEkT2Ap#){kt^EgT*r+POFzWb}>c8j9Yxguy5a+sJ$TY!_8+bWxu(s{MDTeVvSe
zStg;ZboEIT!Fae8lqoB%m7~o|CQ4-uljtRxxDNOzKUuN>&A&f}&cg{j4~2dy6*1b%
zz{BK-hY$f;uV2nWe6x9R!ub5?$O=-!@U7s%2!h7<Xs5dCe;T2so+81ZLQ`~_<=5I5
zSleNs5<)<YVDI<+F!f4Ci)=0nSzTp@*=4;W?5bN*)Wr)S1OePuF<70$g9QjBB5o02
zD?2y>0ps;-kac4MGt4`G_BfLh|2)xl<qt*zW+EZ}QU}J=u(-{$?KV;&anHb<t;@Ze
zh6+~a9dw7Ad-k=@;T?bRvNz_uf)rAuLFaw-GDYXknJ;M+u2WYVPcK|xYpc{eJv4o)
zieQ2m(pWAF5xZi#J`QH;(r7a{XBpB+sR6#17Av2Tdmsq$R~hqO5@an6QA)B$V7Fwa
zQo}M^%|j)qSnr`#N7R?cmpAxb=2^X%!7`qQ-8xGB`~U;1&9B<C+E+a=h;S=LSiyj=
z`Kz;tg#S@v{*)oW3$aPiuB?#_``n;%4GO2a_xolgo+3ewq{C4ovHRef*x31e9sVu%
z3#flU>yM~)6{gJz%%pK;t}+DWiG#7P&Q%$|k#H(YFUHb<!&b%G+mqHreT}2$QC2()
zR1saE&Ak9`%9u&sq+-+PtVq`1E{k*ywZuLZ?SxZmnmR2XP`=Yt;^vdU3dNt*o*}Pm
zoyKT~e=5fo5Z>XpXB%J8Fy{U3<AxsBSoZr6HtU<o`GRlg5MU+HdL!vO-d(48F+(S8
zJ#s~u>DIgj5AK|O)SU7TyIA!zMSlN*hls!hDJSgE5{DK(0m?gO$a^(L2kN{2tTDfk
zFXES)IZHG1UHxq%P-gj?8XUJN>`rWh1OjyM3FMDRRP%Jgv}r$jz!{}#B_n9pi{Pk9
zrMT~6w|q{zxgouu4%bJyN^7DNUm-){pRV%^-sSyuIxn`ZtER3X=y1VTy{^D?dfg~D
z;E1Bn>v^y1UAsqtX)=oZWh7J#{3Cf|I1d|}qwZtp$)XgGsgKBsi8E8&_R`5IH{Df2
zj-}WWJx@7R-G2czGsC~_y_q=~|I-7J3w15qO!0pJ&A*CHL%WA*+9FbsoWN10>8!Rf
z;B7$_*|RLr$FILm@!efMG3j@)tntTNql#!SkTYxCwac-0p!Zq~2k<>x+jEm1+ZV>U
z@_K#(_uXC|Zp7PhQ|u)x!RT!K2peT+b};gFH5E2<sqwJM|8?+g<soDk3PB+)xI2-$
z4W9L}8R>rMWpCDu&VDz#^b*QU^G)cp7u7r9?ymqo>K6z|5OM*D<Iq_jFq_bP6jB1A
z#)qC<H`HN9N3$~V9qBSp@>Ll!Hrl1s29MpBZv)g~M@El8Q9&v70i)Y%qjR4{tP$$l
zSRlP#U1EPHq93}9;gN<!H7=SwDg(^XY%6w9AhI8EZ*Z)u*gGP0-x?5-2-4I5F@{m|
z$*jnxkCw5>-N>5AMv)wLmpHyMm@_wFwK~)Z*Dq7hNs?X)kOg(>&fzqyviuJW1~S#d
zT1tDL&HKjziki3*65zkYkOX4DC7LsnBqf(6W2ogY_BUxT-lwe2k11m?j%N^;!gRK8
zR#7{kiFncSf**wPGYWZbk9HV2X?aM)d{B6`^^sC=n#S;Wy`(WTbaob~G#xsN7n(#U
z!<VciPcQ|J^nXS)=h%*30VGv`I~lUzWY^bMJV>_`RqD+gxekKsjk5}=D$TNpsPg3t
zyfc~fv(WO@Z@tQdgbkPd>8{`)okFh?snk8bcl;bFAc0`I*VM$Iyn^{fCk7z9A?J$z
znir6y>|-um6<pIKXBi(UcSVS02>$}NBfgfd<@{1w4xFNl7Mf4MY)APPoUi+PHK6N*
zCc5}=C_*hEgvz)@yXiqw%Gz6R(L`fhEGN>U_-eywOwxy!sP8^xmhcQi662l)W?u>}
z^2$5FH3!pPKAQ&ew<Y`-OQz4I+nS8yW_2VWk+ODfToZcRiMG&pdN3)nJ`*k3P_%Wl
zH7V1Alfd!Dx<EV>4>1Y*8Cf!x67+354D2WH{7;D7oA1zq0VzMtCN8)~TIB}(HhNfS
z`fzE;#Urh*ecBo(9~vu-GgOO>q^Uulq54&ps{$rYze~lG*St|S>E%-V6N?JiDqz3)
z*&j!(GHs?r&Q(#n#{i0CDux$zD%Ob5o#D&Ko3_nHOtH4!>1+x}<xg+`X`(R~GA2}?
zS9pST`|E{YIg|)Z9Y`SD+W93#&?joh#MqY)$5(tIwdPSS7}!hRKw;hxyNOK*&Hii2
zw#jC+gGT`zME;eEe@@TE*tZE|&zaF!Z@s@8$Rh2AV}IorQXJ5Wo2_h46TO*`t)7O5
z)HxooCUYs#ZvQc&kHtMT9U5Zru`B@)b23@4E3tl6G$^M4rMjQs#86T|P5_isGKIYv
z&RDxLDKuQ>4V`6Vi5{Y^Ew01q>sQrcoi&=N-1)HC+FzNp#G%JF%9mf=tT8rb-uO}t
zluEr-f3wB&*<EY=2xmiQag+)ftuvZJj<L9hVBO{CmMUGajY{jw#I@?or~S=8H))`q
z2lZC4tk|Lgg9p3OAVH2^YF=FoE)fc^&~e;_OhluU?v9RP@n^6#i8sk>YoIGL3JhvC
zTOr;?@#3E<aq|B#5uF(~espaDxmNJ@SlIJ*0_9pUTYzt#`8w$K>>1oXx(06Gs?XFR
ziD;tv{)S}d+)RympukF<%G@L-N%({&8J=`PmvPg22)qu>cdtzyYlh)x3hRcQxp-S#
z458zo&Uo~2@i)DUX=vyF>dyFTT<G{BHMx2UClIWS`HIvdpT9y%;vkeH!WtK+2wZaG
z1CdyU>EH1R5A^BkaVNtqoTk+B{s?`?t3a0s6Z9EgZx_9Mq5BIH?r92LoFkhmh~L}4
z(enw6hd0#sF92s^_+N7&{<qdg*8j))$i(uUCh=dd|FiXRLsKRery05Ps^-|p;e=2F
zp9UlV*tbW*4~)SIKMSg_AahbRXt{mtm&x)MZ|wTXf+SWn$Kr89|D~#<<#G*P<e=Kd
zUf^9Iw%7GDX&IIQ)Yw9vzc%)c|Mv+Sgrqe;glTyQf|Y7C2UPFYcRh(3M(wvJO(M|3
z8QLbSD@K2c!kPpw#f#NVT;j$&ipz!=WV})H`JgOXL|uW={a5M(IxuT67iMrT^TG=#
zfkUN{wvmOvg0HYJ1Z@7sR<beF)M^?+i_wD-*k3EPr1JP*;&ccCBS@TC1E=t5y+}4=
zQ@vqeph_ZoVgNX6Sq!F7!T}uVRV33|V>Rf0LRJvy&ru|GdCU<@9q0&9WcK-%D&-!3
zMl{P>e`-`3pvs_8E$LkdgtB^4JnBRcjs%9<AvVVWB9Rd0sQt46btGAJV~FrwpbUW)
zjxu6sQ7x0;17u4Rl^)EH0&FliT}B4UFl#7gB(%6ztksY{f~X>iH1!r*)=Sb|sxt*h
zg(@@-WGPm_x|+^7F>+CKNrWDxiS>+#vAhwiQkg;|3g^C8B!c-u0=xdKxV6a*qp|t{
zycDw0xG9a2^eheD1TmC48wO!7Mx+TUb_WZ_Qsbe8z9fV+N+^(je^C`ITYy9#(x<JY
zb*ZLmD1!<dD@akw;25_!qh$xN_XO1yzfqYro!1aT%k^kd4+vpR?LabOktmU#zkiNX
z_fjnYTEq2We{|t;Z7s8XXEf2^$$G<1oR!^6kDi~Hf=k;^0uG0cpA6!Xz7~{*$E#$p
zRc9XR!^OXNK=-HD5Mst9`SWgM#fIzK+PhFIb`C=ORo9El@`t)lJ9duFj^2;W*zRtc
z=i&Pf?Tapmc?ZX*^2H#wyM@cQ+tbGf-c+?GmHg<BLK^y#8XI5i995bG<4VdvR!rKT
z{U0Si$;yKBL>f1aGk46X4dD0WzTVLpVoIK~?u_~}Hak9Fj?D0#VyZcZkHtcjFCA2q
zXKFFuva+#}MN(@RqBotnm_I$1F!3YC)EyhgF~d0}PlNm=gAYzfh+7ye=&>p6jP_kY
z&PQLH9pCIBd^u+5<JX>^yttbK`KX&gr&3%UJ%zTC*J88zGS-H(Fg1cT7mm(<NmB&r
zOeFwJo9<HYF0k(1tm*51ITaBE-;YL$W`mbe=h7pQ;X@~Ws;9Nn+uGPLp3HgLs~E6a
zJ2MzFUm|ydR(d~LJoTTwRO@_w3{Lu1yXb9Prq<gwyZ&|Y-T1J6dQjS;quPy9M~OvF
zfH=Ctzy-?)nh_|p4=WV$UrUW1#1Glfv+?b~t%dUS=<4?VxPA4Ynse~>esg%eI&=8&
zlJt>0onNeEn#-t{%|R&|+qXU(@vX+u17lJi#fWdgHl;Xa6oAU<dq1`L;@ax;V%5>3
zf79Cn{+>JjDT8v8RX@&Hjig?NswDmg?qQoy;K1RUeF(SEV}L!%vuGI8D>TU{gIrFT
zgHE4YF!k+RZG?s${R{J%m%wNHEijC4%thmf#uBwTL+UO<Maoj6On5wzHqsNW%i5Dy
zEcBX_Yd@?(Sio@b@AgCiG5!xCu`I$4vD3k*l%kId$B-uR`Ebq_s8#~+sbi>N<HeH+
zB%)tT?OE|byFzO5!%2sDNo*M=b%kvo{i`J|kkVogKa*m(3;aK?feT(gfeYSGAjQ{X
zV7W0mqObeKxiBD47Cklsk$L+G3-J<~9v{l5dpW#>%DJDFXVxr+?oXfed?;Pt&@qeu
zu0`OYXB7j`NIqGLoqw3*!a1+gqtkdRh|yd_WMvuD<U)MvUU&w++k=zXpZ?Nd(p>Cm
zZDEp-<tpYRSHIjnisqW9v;uRwc-DIIFMxP%7?o=*s2a*otJ){^m|zskph0ILaBPB2
zuw_XY1$BU7;X3bD8sT1PW@=TZnJ9LHC)36VrI>P;tltLf<akSvKjq=-VNiqz2HA?5
zBHL1sHuyudOJ;Rk*|4PTR)RWt@DM;nx_vEy#kM`an(78{BYy%(7^PHYK^?L-<&#oh
zB+W=Mkx2dP6@EN}JSN&jl0`vcmdMwtO(C~j7R>xZjt=WUc`v?$${XSqafJO*j_}IZ
zH$5P?fX)!E8XYnE@>fQcK6qcj=g)&;hmc#3^LK><=K&4-vBWc{6ptvkQ%BRji4yOr
zpcKu(D<{=nb2P4Op`Wi@jF2RD-hFFFG=4iCW}=iPTbvE-c&({su`VH8qw?$tU!Z?!
z@giH~7OYd<VUYITh%T>L9+ZT$tmJ@=Jz)selz?U?myNTn>Sft9erHzB$t;>LM_C^}
z>tB=pz?Y9wS*7BFFGJiWe1O+UaOlhVQw@`%_r2#^>GpQXvpG5CxzDA`GR*{?`bjFn
z&oOv+pn|gNw^&ABEs6*prnT@{a&*qo<I5YL3F@R6lVer4vgq9RP(QSL3Y+>6a1_Fy
z3+NWeCK@y62yY8~_!VAgaoaOK*C-!y{^+PXPs<!S&WGJQ6gqqNK)a)^_iVn+$iW-=
zU_wb~>{6X{t|ACyx{^YH>Nt9tAQMoKHj6!v#C{Bzm6-q8YU5s<lv+P9DmP|DN~;`^
zdD}K|;^+irQ>kP4Q$q2q<zu8bcerh0S{N>#@UHQB-+NbhMJ^-<V)rbea>+;yPd>4R
zOGvihQr~-*h^4HOl(B|`6iRDeBQ6>3&jMYIENx7sEfrk(K`H8Aqm9YB>8OTghSnrY
z%kv0|S8Po)Ejm2|Jb8So3Celg${J=1;<JGfyn<J4hSsd?D#h*&I|=iTX_V{IMe&-g
zek7sZq&t`>D6Z|n+agikDbCbm_xL>fWcQp~6A3v{#Jt|t?4b3;qvJ*AWKxm)Ug@!T
zvu*&bi6qnT_>$8Mm7Bbd1%2YFqmuIY-7HUg{S;R!iSqPC2@~WW(jsskB&`;Ly%E@o
zt*vGLLS&;vr95s9*M`3+;Ei$AWtQ}kc7Q6I{C(B?uB!)Kg}=w0c-+2?Ph7i|VRc>F
zrw%EaRj=BZouWLis$XG_-iO(3*~Qh0<WX<G#j<w<XroHSvZo3P=VUSRB^#Dc&f!nf
zOXoCB(IL1P3pX%2uYweoNP@mXMWff_m;Rj0=`F1;2Ce+poAilOcS%q)Kq%|3uz=JU
zWN|JQCG{gx&ysU>i>HPj@lLSOGy}E<nCtgMk$ZYaCSc&kYgF>ox>9ds6{#UQD!>Eg
zrac+8^2%24b5pYPb|3vt_owl}F2O16Jwn89dPkPl4j!YC(MMXLKHbu-_5LA)+}E-k
zW`WTOxQj~?eOT%34N{p#tfW<;r>B3)M=t(lrO3?4`fq2k|M_t6hPt)wcM!!tt(f|H
z#`*;k@qjXYj5u1UnF8##fsc9A5Tdzo1`P*NPK~dR82Wn3m6(N+k<ea#L5X2c_e;)A
ziSNT$V!R!~0*+fjw1PBddaZ14P9Yq}EVoC!>2Bq>M$|c}#f=_ux2K%fx5Fs)3xVIf
zcK2Uw+?l$_J2Oy&64D(jfDS+BmOI0yYu=aCC3Llh(W8}i=1SDSRX$U#Nyzt4Y@h6X
zC`clD0STO;F<!{#z2!aV5hSCZf-@v}Nv~&Q+4QHwFMNse&$nk@glF&e01=<nLlsWj
z=y@3}Tc-A|6e*2yro==7u(djTnJ_tL5~SYLD#!2Q%Q&b%X1TmZw!nWkfn!*ZHxpB|
z-D$qPWT=b5u6se@$bKdKp}w|O+I3<W1vCg7J%#~x^z|e#8zU_!m=ALj{O@R4Q`CQ`
z3|QHlK_pvZe%PGYh1>NxJF@a)cmhZF%4Dv=1}Zm*M89aLPz9~A(BIu|^2kN@(Ucb>
zTi_S9)~zR{_iY_Q#i98mW5d_mL^)9&2+~D~Ypq19SfjC7I2s7W$|z1=Ha2R_y=jgm
zvy8<@ICzLa_68&2?2)zP-ZD|M!J3mm+mjH+;@n0=Z_`6M*$-&ULK{CUIco_d+=^)w
zhJwO;3nyvLx7``2_v*mdEn-lT1>#CX1jqt}6wrA@!iEy|=}mFYSVNyGbde%+;|FxV
zlen7v&7dQ#&ijsA;i2))Rg`P4Xpd^1((=`GfXE}N;xA0$N!bao9J3<~2ZYxtI|kD<
zZ%}-oILJp95sfV1VC)7MvK##5QDI)OIE+;kihAxEIe;O4Ly7Ia^(=GlEn|m@3nIby
zF9{E5my7*Aj?Y6n-7UUfUcnwkMyN!s2@iW$%Z^yDIei2pna08J=9GvM$cK9@<g&*h
zg&VYUdW<1HRtV!y-3|Ap%qK;C#R#1{QDoD|u6dyJF4*wn+TQ-k->|}t`f1F!zU=3-
z^wE3X{d~Q+KB0DI*sh0N`^k#9P@;Y>sBWvQv*v9wS28`6NsQ5WqGOO+wvbl6<P2We
zqbURV2Mc4KC^%SQ>^+)Q*#%SFl0ywq^ufg(KGnt6#P-~z*CWlfMeV|WM1?HutHIll
zR2%BD(M;93Fvw(0Zc`6`t6Pj%ld5Td!=9aGeW7z6&^)`4X5Hw!ZhH74$T{%q6hnbj
zkYQ*zCcv%R8o^R8dtTlvaMkzmoSP9bHy7U`r+msl*<bsquO$QO^vR;aTU;x(pgshk
z$@-IwVGHX@MX9lZY~*Mv5U-p|jRBS1re3*iXq&^T9h5<6LP0PASwCb8<S_mac2FqK
zLy!qi0jL-g^+AFlbP=(TQk&(3gT)&5KxcfjkW9$UH_nriHI~JOA0_Z8;0wcN({OC8
z5hL7wZtUTg(+Y=Ewv88<E`i)_|LCbS?sw5&?(ly5wY4gJU-MaS`_!1XrSY0GZbyc|
z+KJ|qe-7)JF<SEG1<qADv`yxl3*0aKTT@>QcSYo)$KFnw{Pk6v1og!Q3yx@h8C8q%
zL|h#>f?yu}31LXRB?=*AshFs|zwlXe$tRU_R<CvbWo9tyHMby%lnlfSSLJib5udV-
z{B)}Y>3!q1r&XuH>Z3B*uA15GZ@Onb`zvq40Q<a&W-o%7TtSK(!z4QlYgau%b+D`P
zI&RVMU+kj2uZk}s256;|54oqjz?zix(1%-<4}T^cz}*+?q_3n?t26=}`_n!_p&X8%
z|BbmU4FAg9|2Y48Lw(I=oejzRNe${a60NkQNIX30yIt*!OFRy(tkYdGAehG9I=`*b
zIef4C>bgKj!gI8(PA>vnHHighDvL7<GlB!dXMk{B3>7lwuNSJrA<5uMKjv=Q-bfv~
ztyjgNIb}&`rLSMS-6hV$*FVVBt=Ysr{<5}b>n7^U2Zkw(<B0sB4s7IWIY{Kp+xic3
zBUe%f{~Nhz*pr^;-^lIUhlT)?4Jw#MTzJL#Zlw$rBM_Q61<rIwh3#D*Z;3YeK3<($
z)R}ep!_u6(FmV^0=@d+3#_(&8twPe8QT?@+v0#Y~4A9lIJ%@f?bbX1tEkeA*V=>xi
z04xGr$S{?i>CcS;%mJg_(oy#qieL~{KaJ0Y1PEfs%d<Na@xQ9hbW2~<OZ}Sgx*Yp$
z!gv>koqCf!AL7`o)3lAevnasal|ucE_4q<0X}|s$F`?SAkn=vExqAx=$HXzi#AFS3
zv&~_58;FH5s6S6=vnpz2Si;`Ti_fa*GX!Tt;;D)yOsquKCgiGrFxAN?W$GRPsA*<8
zh3i|(idB1|vNne>X=?-rx9<_MJP*A}L(#waOiU77%UBYE;7ABVa18&!t>-_uorfiP
zm}{#d;9pVGD17?~BNEgX_wbEdw<ru?lolbVhyeb%USePYUWyyP2cr6*TH!~bC#ppE
z)hLj5c!uJ@KmJC@u$5PR$1mq7Jn0p`bhk9R^sc6bV?7`}xUlw9H4OT-o29UU^7eup
zt$r!``R{kAJz*MI40am@`$_Y&sluW2f<wm!<@xm`6X{K(2NNaNnou3Q&xK?7eg9DD
zM+UVzJ}uYg81f+DWNtr@_M49Y{y-lF&xOJmG+tOxUHsC*H3)re?UN1r!Za8{z{Pyh
zVH*#_vfktucFC*n_N)F}K~Ty>-^+HuDSx#iyK%nM3W;;mCh8<HE5!WE=U2^;Re8i@
zCB99iYxh}!zI5w1Y<Yr$lE)Ql45F<sE9m6JJ}cXKY%UTsRvH;mZx4Y8ti3YV46Im(
zm<w2X@r@z5D-Gf_iYG441x@f{T5Q@MzHiy;^S<J2trbXa!a6ilZ=`aU*dwNom5!<N
zwfwi{RjLYAF@dH%ivKnczz?PjY60Ft2HM;-Au15!o^T29UHl+jCwML9dWkG*kfLsS
zxu6XgFcWO+`&clcN>{tm$N~#B?AC}+jg_Qd`|s|$^l!6ypx<}{q>sgnY^zN{T>9*4
z{yf=p8<$lYNd1@$gR9&k%p9?GXxNZ)IR!dJ9^kT@MiA>CDO--_|EX^8dP}wcYMsFg
zQtS(oR1nIvFtM)Zsq%zIgn+v>-p^V2WJ;Y8mjm=0qfdg|E~CEpZPhz1orYiiI@R=0
z{{@$VvOur{B&ol8Cw&4(U^Ir`oSMPzfJ4F^Y*_qpmL%C?$Cm5^-v%1UsCPl)lh0rs
z6(!0u74pxmamVjqvzet-CnrTUcdU+6TBEhT%}ujO8_%24iLi@EZjJIEZ=3omYJ-j4
zrMKF)bz*Bk3}H|vtvtC-oSul9sIMGoxW|;S&T)5r12#Dmd~DOh6G|HB8Zo0dh8O8d
zhaK{pTN$*uP43L0MwJouTw_$NFWW5Tz0KsaJLGBEh}giPwR}enA)kH%;V1=RO8Gqb
zG=j@V1khp|cFS<#`fG5#&x)9$gszK+pK=d4Lb`LhrDhYI8Wr>y)zVDCo`5y}vz422
zR-szE)8+04r9tt3rS89US~9Y7{Kw<olmD-kZl0+~JfPSRBaT&SCV!)C=xrX=-(s$g
zVOa4Yf$i;~eNUmDWV|kQu^)+mEBm`;@H)m7)s^RY4?&F=MR)so)+|3^>izQk4pS-T
z)^M1&<U>u{tf+|4r2krdf1T_3YXP%)^>_5Ex!Bj=hK8e59tYu`K92n<D`;Jy3){{#
z+APG&!MD5dmHoZ*C1%8LSxe8f>JYj6%dcDX7V2BpGPOSr{iWx>W^i1JVa%a{n3f?O
zjAWxr#vZx*c}SPOW$b?2y2$?H!+|y3p*h2@x%5aF>(R4wK6rED0W8X+&oQt^7<kjy
z2G^2C6gkpsZy_``r@?Q_2OLfWhf^<VKbsh|7lhJJms>3x=_iCA;r6wgi4hDgU3y&p
z7ChDd#F@ws$j`3Q7Ka)tsNvZ)`L;C%pudg;R%in*Yg2^h91c<y5GU?U>Cf?6q$gw>
z>i~L<n)t8{D~TwJ;&AoFO!wqIz+Fl|u|q==%W(n8qv%<%?s78b&$)K5sw)<8swGVy
z&zN!DSt-#rr}#XNic&hQR4B-TuRiD3d}EB4J1It}Wpruih^J5|X1yg?nSd-;FoPr1
z^CGbTzL-))>CqPCG;~Dw<ld&Dr#Afx<Y0w~K6$oVzM1O#TOc%wP)9UKe~AD}M2<Uw
zQRRV&YiV;*6%g+8&`Xo@rO5i`&NXYa0wZiD>J$O`d&^wUSd)-^EZgyW+X+U%Fo43w
znzqB&`Ou4@*a!g5Cg)paBmarfU1Dr9=3QE(A8XW(hVSTH#38A(;C|+VU3CtO%2d3%
z(fY_!N51NR0VP{nWzFQQyw3xdMqZ#atgEy^lOT!D4+P*v-I+t$)&k>#i0v1!M;p8;
zvu}9}S}!^{?Uo1}T18<J$ieaVbmT!hx!nQ6fO*xz@nL7+3W@C}RfTKY4M!n<5tb=0
zMJNt2%%ShXjIQb|Oze-HFH>k)z_zLioeG-<g_~#3Mb>{FX&^NG9E}YrJOgGTfa&@P
zI(^@z$iaXp{9U!+g0~zK9M!L1YWO7BpVl-q12Y^5t1}hJ!oIick31bHh$4prY!IRg
zc;U+dS!?|p@OXKe1@W0`Y9plCc66nS@-0q^TFc}Mw~n1Y^lj2oRCeeZRWQ?l`Vl6`
zS;|NyB&bW|plj$BRn=N2g#o%!R1|y8r=L=?yy2fCmLV0iu^gFQhy%}o3xPXGd@OP^
zD+{(fTQc5(4*#ILk*@prH517y#zeL98jE4zd%M8ZM^g9l>u50p`?94=(mTyXcs0fu
z&iABFB*q=3-4W8}@68%Q>?MOQ+pO67cDXY{tbkAKC>!cWBLerJ3fnYfi=WA8pl2Lg
zBrC%g<A-1oEq(s70D@jeq?Qpj<9mI*1V~C*;zzMj*B30rqsa&>zoX7lQKISD*()BK
zxeZ2c7zb*Nf?D$1nd6G$6=6$m{f3o^3c?%5+7K<DSY%D6tR8S;(A}1MwG6n?<UVmI
z?Wnx#SR01mBo^*5E)_l874Q(p_%!w`(sYbYm+j1dJ7X$jL6&6fefv&xqcB#O$5qUH
zaoR@IZfUXN{;?A|sHM<W<*c|0S7az`$Z1HQAU!5KtW`3}!C_h(KOTXsGX4H;^G2Y;
z{$%}x;ey>^7GX13XLOm-_nY=?gSD>td0uP6WR4Aurz)AdCNn_N#bY9-PK+ytF@QG8
zGiOPg^~tBp{ieWNtPp)N|5n411Y4pZyzHkvUw%rc<XXc9PWgsVhnC&ktV@o2#NK&U
z$~ywDz+1%)XhIIi16o;$LHc9;!-5OaoZ3y%$_C0_JIMVW9YYuR;Z5X)ovOct!9Ls5
zu{s;f<8m?@B(gk_GXCkf1ei|M$vc>dqH|_3-L_vVwI_#EDx5s+!|U4&Quqhb#k#Mn
zUqo8e!V{3i)+D+uQ~pcZz0Nk1X;OQSvJ}A))wnN_ivyp_2lw3xlhu9Gdk{&c*>b~b
zfDNoWT>6FDN%mD6aMa6Z_e;5D*Os6Vj7H@)UiXI=H7G|!|K$KC_*yv1FXj>`n;}#$
z-$<`ZIu@5>@iw(qcU#%)fp7CG*?5GwoejnuUn4WL>%aZ`d`El!&oGkz9;@g0A6X*=
z|7XSRPqK{M9>YHqZa;WSLb*OAckPT$(4e8sT~Bg=R8|IxXATQV=)!!vjkqbz&GW@8
zsaTCXd3-)5mP^8VVu`RACnWsR^f{uyB*$m=pu|Xs7*BZ<H%ijYI)hk6wghU05l7zj
zVt%1}&xYp0?fPcMzGEhbL2^V1MI1`W1G9OmF#escV*haF&5XS|QX@755n8^wv)%`7
z^X;p7;t}BYGsFp{VL1~c;D%E`{mv(<fZTEG3s36HB;x|kbi5K}&s4U>I>?yw;4zq$
zVlOTq(mxhHayI!9I6GVw#@m*p&Q!7en3D%LRPBczOX|^-Lka*M_TSb=KQ^t!4FHbu
zhs_;#y$?lAynwI^!bJEkV}`m}w5}h?_$`uN6zP%8V>7=SW2bO%VR2(TP(h~GMboH&
z*gHtTQHUcZ048X)&MoM6#F|6^%zWmJP+9VKYB4lrU4o$~oKYHtf=kw*VLdoAn)HcH
z#o|Wu-Xr;!S+R2~U6N|LIZVy?{6nk8cHhH-<%km4IH@<#&d(!{1MPN9P?1GK){Er&
z+-})@Spff4kQ5McXiNWIOCq1D$i{JCQdyDu*f!YMJ@J?esk!QEpp;QS8Jt|`8&(-^
z4`8!RLC(F?-1%nrRV$lC2ccz;wz)&j1RdAxDUS+82A2#SmVmswfH%KWFE+^NHQeF6
zxvMg>{sJ<&kd0!DJ<dvR^M{#^GrM#K>fq@6zP%5AmK~Kp??=Ka^F?83=8zrV%r)P%
zbou4`72e(x!yR73vLTx`CMt^K*kJ`7{K}LFey<2$$>y03$f<|5`&usKouZRkbbOK%
zs5hyrn90g~@!jl);dmQ`1@i%C4c>ZMD;unHlh9nQJ+E|rPo1Axj1bx0C3uTb()r|y
zMCqT`px0v0{`dK>jq;KQ=7l78fl|b>oTABb%_Sdmm#a(0<dcGjJF4LFy9k+*sNAdf
zJf>SZWVb(G0p0HCfg?y?0~Nov_+%Br_QIqZQ0NS$)xmN&g2G&c_-v;9bKp8)D@Iq8
zh@+H{4p)~-a^2GF+Znw3+Wiw4>CA0fetYjMuZ${kqo7{ep5qfF=<NL4Q^>&bzdVKi
zJ6)WG?SJaxtp7ipshTpjIP8GVGqrpBr`dk01Q9fSuo1|P_8vNY63+8#WGJfyYYYjJ
z8XCya?kzRiKQvm*igHYCVBr@QQ`jyyb>+|Ho?#2{HUw90c{D=e=K6A=_A#L3aK>0X
z{}*fT7%NH`YzuDNwr$(CZJce}wym>m+qP}nwl(Lyxo_@!nVZS|F-a%Ay7HxyPIsy+
z^{usv9+=5JfiMai2$3&bINV78S=gB^PZ-7#4P`Z*)f{U`+&ch#+_s;j#frb^2#l2d
zPh`5L%a|e~a!3G9IqW*FE*o^L$Fo`8mjEL<HZUD28}zQaJE$~R$=Or`DTtjK9*1K?
z#=V7+laZ!c6Ja0Idi+56JxwCM0Jzu{F)TC$GX)y5ARt-?3?+>={K`Ru4Fs|=7q$|y
z6(-ZhkQ(G*r+X;9r$+zEIbh>vAomoZJu=$av`75{f=-J`kbj>=y)(rAhz$cZW4cLJ
zn2AfYs(U{#P(S31@Y5QI96>+0xA|o_-#+|U9M}Nvoq7{L^jPR}Xk7#&jW8e@P9%WH
z{f;TPULvev#SpZVf#e96L#7Pd5#ZST7nBErxG5ktO^Xp+P_X$WhzrpUQ8*~#zzIJa
zHK$pl0b)ezG<f+qIkeJkD2hovf;0w8R9KO9qrv!^yzxjFA-&)M?T-*qBaQR$KHi(w
z%npx0TN!gpumO#=Xaj9yKE&W!;HqUl#(n$4fZ8985wr%;G=)bD^{ZV>4h)tz6N)}5
zXw0CIkZSYPwd#61sy~yBUiAIeUWJ&-Vt*2;HW83yR2lyC-{Rb_N1>Z_-uij1hHa;z
zqo=L@yWo>qoqXos)%$X9`Mh|jc&=PcUA_t1-gWz3^ZEXp8r8Vn+N}p)%h|?gz&Li0
zQ12&E&!}C&92bDnMjwVwAG+-}cw?8gs}I*{7uws^+w-ANyW35FdU}14_W0=Q;N$Xs
z)B5;$`M4kiVIl^Fnw@nh<Z(fQ^qH)?MCXUw^L7C9n|ZnmQ;Rrtvei0xv-|sgOTcAX
zNfj$5%cbM}c3z4P7nr2oM>&6nAimj`ATFJ2V*q6wiQS*b>%Ms=Hf7jk*$kWYM@7Y7
z)<7kQkpPT6p!)<dzZY_HJ*EhIbyQGX`ozW{k#TV(gYtZ=0TrjNr`mx8F7tamwX3VE
zO|RgWG}1pWhgRP+;xAoz)Fw0uTf^hYKt*h4kfD-*9lzl9ey9AE0JNJr2UbA$Fk-{r
z36R{Cp04i7E!TtdTKC7vaouOnuP5);yIayn?L?+;%O_S35#sJ9WZl*h)7STLSmj0<
zqaX82?aoeW?Z0PEEkIz6b*(!UFmCzdr&_}hv8>tCPw#Tfd((?Ec(URMwTtD;I$$}p
z9KS44nSg%CeClVnt#m|IK|GU?uq8W0$$^$zm-lUQIlX)w=BC!L^RrNUXBVbev#Y0<
z)k~?GXr)|jQIO+R<&mS1^2ibrec15wX>tjVwpC^<0<!B7O9HYT=lSE&|6Tw467j3%
z?zJB+Og<x{Y{9#iN6p)u<0wr?k!uS|{T!SGL^w@kJd{9jC5|I6uFU_Asl1+$KoOEd
ziM~p{ETkMxx`eD0Cnfb$c!~g*_vJ9#s&H#omvh0wdIoH}KFvkhe3Y4-$da4&Q5K$W
z;OL5y#VJ&#dlYA?S2{rH0-jr3PA_-5;1faTe6sQlnSsvj_I<%IrKkXc@8k`Azh#x}
z7+N5U{F=z^hAcM*4Bn2jaUL<t#I!^+%5Y+hoiJk0bFXYxogqwH?0O0WT6V?Ncnhf{
zxj-2KZ%oqegwqr~!+-IHcEIWkfyYk{^aui|8xM%-QKdX;I|rO1z7LV&hW}MGu?dW}
zC1_t^3smTWIegE?FhqMGz!o?Tw;W^ZzElGKaY(Rc%>FHQL9?E<E0IlVS=5C%#iiBR
z4jD~>xv0iQF~TThXT535-Z7i<N_PCx`Ls?Bb&GuM26T+JC47AHh_7n<VqiFL@S?N7
z^6!nR3){guRti@3&sJ=GDdop1*h-6jwCnhH=hmB|sK6Dgg+lG`d~5*+YiH`xZ&+3{
z<vx%^`HHmvi1f7QjZU_D{b-Adc3b-9C?W2a@+~7Z&+wg0kiKhOJdU%ciJ_lkyuZZ%
zatb}x!P_W_BMy7cBoO+?iz+|vCw~=cCwt3#6M4piiA%T5p2@@Msaqm1!B59$)6Edh
z25^J0u>M*j%_J*Cj!LwJU5TII{mmpPn`-~K(NcP#k{YVcRuW7Ki-pDqrO<MV9ldOu
zU2`L3sllsGmG5>`-91hG8zVu1k|RG#XvO+T?7SuX!d>JfS4<50QH8l)iK8?vi%YIA
zcg9nKYvR%5Nqw@0_kvS>%m@Fy0(8VY!P~siWc9kF=;a8bJkG~A=cpGq=lI$$Z`sbf
zH>hO`|5lf}3Cve@{1O2FA0hm=ywpu_zOv&Ne|W2QpS_^}SoJ?cHm|u7ljp*;=nMEO
zj;+wzJK0-Ul^utw+xHbW?y7EG72Li5^O&uypSfDi_~vTVH+wlxR*F~X)39yApP?Q?
zeOTQ=1`V&U345O{&dJs9q5l1xv&$K-8{(8RI<~G+FeOsiz5+3!E4hQ=iX1f8jp&vz
z^vXR}Om_0UqS4%D-Q7i@uoLH?E6KQw_G98!F?PT!eOpqI_wdcr691hyDRMCITskg&
zqci^@uj+J~W=-D0nbqQEOujstc!KFj5i3f~4x!706CVrTm3!rxMZ#uD#29sYv8jN-
zc)-QPmZM6|i$w}qHonEk7It4cEM3dVWb(|4V46O%T#i<rdZj=<oy*xLv=i|nM&cK1
z6^3{xF7R@dEA!vb++v{~JB`R!F?)i(kd(vUcB8AE{|=v&zt4Vr2(C}zo7HS@Qqw6`
zO0OeuJjV>Sz;UX}C6Atjc9q~37Z+jw$R{ul4^;L_$IdW^G6%AxUEC^Fj-0nnq_4vB
z@<OAH^ZG*BM3&A5R%z_!L3?7TvLS0SH8&a<^7L#$K0?_RY3&ASeQj`-xfbh|$S7vq
zKy%1<N#!e*tVBg|PAsJ%vn7$(<W57}mij20lwYw;9dO9G)KL^!^9@vJiYS1mbDEgF
z+Y!1VeK43+5MpYVBgX2wc2;)PGE<+c5KmP(JqbbW@^a4AoS@9j^qRxH<x$g=%N*tL
zjl9;9sgTukgraq#s<sN?f#gfgk;kN_-sB+qeqhV7)$1AJ5v$!imur-hwWKyAn@`q_
zK|PhDOX?t_%x3FA6>@gL1PA`e8rAiUv=h2l_yRYnX6jUca>+^{ZHK(JIRy8y854hM
z{`cX&G<)?WUNzV5g2nPhJ5aBUI_K?ffS<5zz?ZNEXu^ND{lUl34#U}o2*r+I|B$&5
z`)uA|vtLqlIfO&n<x$-NQ4?EC{Xwa&xEoYc-MY0@y-gx>77^M8=g(01>;w1PXoi=;
zdp_Bj`UR)SXs7xw3Qm^)TE+g~pYyP+p&gebfZ}^wyN8G*crtQa-*G7x!)Up?gpeAW
z+*S<X-1xl8t&?VJaVkS=E0YxBy8qeZbh2d{ZyE)^5FbTr#0;x!%}KXh@O-s8<!H0|
z()?m{<5#^?nOpEod+l3CD<9Q-aXSsud}a!62Y07WYf8UMAWuBy=nZZWg)bD+HX28T
zCVgG$`|R;!YUr)smAQ^u=ijaOG)COPA0hvG)W3{$mcr!#IQ|IQaO`PIJBzBu8QZ1+
zt+-X@l}YzLnA34XwPX6%?j6pxBF$#HsOOk)p^LpYM<0`nP~<l~q_^cuG)nP&{7`M}
zpYZ-gl}E(o;KspR0stCYCYV-xZYf?95p42{55l7jhK<#-?ntp`aw3l>LLTnUhLc5p
zHi&JsiNC|x&|PG9uxV@{s}$_zN$CXpH`p!<5qQGKJuj(D&ZaFX$FZ-=#a!l=Hkx+V
zCZj+$XaavCPr~={A|;8i9<I=K{m<kuhCrXoV6I)mMF+FxIXlm>hXz@uijW{8Px?Eb
zGQuNMo9x5@Ljqm%F=Ybmp~M0R0?b)*?na&0tedQg{yk4SJI12bFH3L8c|&`~DCg;=
zR7j<?tdafhch%HBH{!1F1Hs1Dc1W>C1$R3zZai=t5^rdEg|4N{^y-B^a^?^|(;&)Z
z(>NgF!4Ir*|D;XHRm=RrhWLIM1FW%qk)eALtq0*k>3GfzUbz<o4X0I{SM#XhoDi2{
z=uAtio20WvXv+!NC9`#(Ki5|PdWgn+%LoZ$?WK{XL|r|&{)VbXRp4FAD*a-NPrR9>
zhI>FB_+R;b-$qDTWCth7`nq71gm#+(Bg)8nrW^B43$gK*a+J>JziA#wtlRG{tiIL<
zJX2~eITIypA$YhiDig-!RbV(s{$aCDkdY*E$7g3UPbKQd<8j$cqvj#_bYFR73O+rw
z>euc`B0=ki&n1w&bcW&}cwj+<%K3T(8i)A)L5<k+jrsl1BC`e&nSvSed)OKYLL#W@
z#VY08B80dI$}(Z}@)HJ$)$VjQ@leb36^OIp-Z0uBKHhlSa=<XR8SYPQg=T{wnsmfi
zkKv-Y-jT{8R`FYtnBo&O4c;RpYw@l=a7{|Pd|V@hQSG#o1ePzY4@#5^+dNZzDUX1s
z8bELk;F&VzqT*}<N`xRJMYy7HsvM(nEk%v(@DCS;yJ;JLfNd^XI%jXTe0RxR>`VW2
zw?e|gknrvqqmYOtk4T%rha#4W3q^ms5uQA;@!rJzsz$Gu&X-1I1{nj?4JTP#bkws{
z=5*sSka~d?<}8h;sn6r%O_t^6KuD{j1|?eB!##Zws%1O=8jC+|8Ceu3_`GKn31w0I
z7y$kCa63S}<!DXU&MnT8*~F*QC#z`0_h8PoY{R~y6Jys}jatWV#z7+eFY*p6<Nr<o
z|BrSPBNOX?TfsB^SJ$qP110qKk=i>$0vpYkZ_1?PT!p*xW=77bUdat*evix?NhrXX
z{PS{^4IePk046_zsyX=JaI`jVmebW=pqL*)Kw3H85<qqpWpSb3h}j*RBGs~-P2x9t
z5?_=1CwYec`6{%+pbq5fbr7IrWi;d6q5r3JeQ$LZ0r(F^iH#70S24<y7PrEb&K*yd
zZ>D!nOwVi&jEZUc-|pPwRC)VfQNIRqYygZtHEU&N&0n-(Hd%x9C(QIGTZ0wWIo6aN
zqrww6zfWV&e{%Q&8aoemO|NLws(Zei-pan>-%lY_K{l}82Xb}+_IRVSaJ|}oWx%)e
zaW&M*k`mdnGE5Z&PA7KnT>35p(Sdh1`yJOmc)y7iLka^X6HnKM06C)&`T2m-R15mX
zWt8zVCgW!#nk+5m$+WSA$0d(xYs2N+@1GKb!bqOAUNt7?`BJBHO}o|-IG)p(OI)E9
z9tUk1hG{edJ_xgi#%0Ogj{F(1?&N+CWX&WW2%5B#;eM$@Hvu5I<cJZ~n<j(g;^~ys
z7L^yV88nHeL&h<}qj5mwBz%vPZ8M0mN4YT!SgD)PCqij2vsAg!USp4hl;5$br5asB
z#>icgJHA8Qy~Z}JlXH-2(Ju7qRz>6H9z$BhBt5JvW7;41Bve;N01fx;(qm;CmY7U4
z8RN)k$i37Pgy*^}0l4RWXQx45SS^DoaUJAF>n36bEl%$5ZCjfV(UVjC?F2zyBdhd5
z^18cHmr@*EBP?e~u_`so*=h6XFLkh)rZc5bl&xrx0IVd0&Y1BudNtx|)Z6@23qJH(
z&yl6gXmmvPTV8e;QJek!boQNj>iY(l9x2;BIdmj&(3OX_>D2%Ukg^Kme`+>RN$<;{
zHP%6CV~&J3Ky~z2BP7{##y;g&0)q?D8N75OX%9qLqgbUt&6L+lpHtcO>%90Az1#{J
zaUNzw-j1CDFZA;S%M4(F7u8VBv139T*FI=yM~_ZXM;3_))!(s;(sK5uZ+b{%_;~ZN
z(FJQ|Wm_*912v3yqaWxZ4(unXH{aoVY^pYyf8<^urwR|br5gyxJJ4`P$3=!z!tAk0
z6r?YD==E@x$K3U86G1M)50d60x~t7sYbKM)Rk>zg52zC$osqNeRiRTBN1rl2Xe)EN
zW(>F_H_Gs@X9;HGS#7P{9JMpPB@ijrx~tAtp15>S^VQ&FwV#hgxDv&YL{W$U|9VOz
z)%z1?c}}Mm?=J(OsRG+L)D0CmWPy!;4;FD|-r2_$WC2;E_VO9UHmDvY&UxWuj>L=0
zU5H$=hCpY#Bt5gzvdZ0X_GIR~(FiZNUyq~wF`Kvg#(y2LbvBddYw+8SznbPDi<nC_
zP+kV^T-J3})M=A7Lp1eXI(j;(TOggr%~r<AQdhwyoadY)+-wa_<PH#|B{Oy^qg;y>
z(SW~@z33ls6<p9mhb5IM9#)r*dgtht)o$Bpr|c3Z_Sw*vX!)>jh*CeF@{AhL>Xm+p
zsX4=d#X<sX7NGT*^VK{_l{%eTt`&`<kHhV*Gtq!r`J=abP-{U5Av4^9VEPYitEo&E
z$WxIukG=Qs$)1(fC-~MT>&R>B2*o#$=HjpWq)-h^l(Tl0!snI=H;AL*VawOx+g*2!
zjFXa9!Cm=@xRdw)7fF+u?Z4R_WMp9cPsea3PR9SXH*UAKtQ~GUV%MemUAoTOm?`@@
zNHpjRupAIcpV752Qa|`8HAoaqQ3${Pbgw+>Zd20?5i&96Y(Ep}wABhr=Jv2@IU9C4
zNhWc5@y665O?lb`<L|Uex51n=Qop>4w59ADvbVbQDTIEJY%Ew0Ond*Ba<dRJZtvOj
zJ2VDXP|3Rqnl3y!rHxM&X}Nb1tn32RDMqRYdi;D62Dzm%$@wDV=pD(<3b|?G`a7h*
zjmd+Vo-(op4kQ6~wY#)zwuX-KWkXJ5u*ZrMFYD_w&Xyw8Y2Tn$%HxL&RgfLzV@1j>
zBlT8^cO0eU=blp|>2pKQVv%x$rB(xzxyQ>NrEmbc))G`F8Tk@p&5Uu+0QM#WMKJFe
zMcEU3II+N#{L$v7C2HOpdn0rXL}KY|eTIv2Y~C7%Wv^Uz437)F)b5NAYk}J4BE=3z
zmBq58M>Wa9`BE)ytPM`PWfp74SWAm&RIujK{T4pPh4dND3i8?pn%N_xFA$w8XGSsB
zc2!>?5)by7faCl9OHNt7OV1gEK&hvN#VR>3CL{v%DMAPZT{}AFf1FRaHm54~Q7c(}
zyI6$mr2R73T7?On-jPnUglA=MeT*B7fkIL8Q$qr@U{JDy4#ROOotfP@$zG>}gGlk!
z%w$R{UyX7f-n{gx4g~zcf*HBSEiI)~a7?L&>!N-e<C$>-!5RdV+!Q(;)DDReM<#m}
zhf>`R)Xt#UnzHK2*^xU$eSG6AhX95@0)K1b9O7KkGR<af>2`~>y_M@9d!^I(e~)X!
zgRa(e-+a)555L3k{k&ZshtWUbttOGF-z?zOHAY%Kio$IAn27Ed@zgX%W<JmMPvKv0
z7aPsaA8-UCsvW<VoIo_hr8ax!hn_oqgDCEi;s~SLvcAAx=yrR2+#e5ad^%*)?0P+N
z=;&{KeRJ_jJ>O?@Z|<U2{dzmwy<;qHZ+3eRx#)`6({68ec)i^}Pj0qZy;o*`oL|4;
zYkNK4IJZ+%yluJx4yZo8L*DgzLlA39b#i|netrPO>}oaB>eLpt!HB`|g4$ulA_QXs
zhVq65j1f}BHSi2Qf{zhXd1<^fUh1w4*9RNIOyDQ+{%0V^&?EF1Gu2Gve+Ray8A`4H
z>kbBtXN(w(cNoFPSgBSTHHPh>|0hVTqcPMRXb3ieoJ2|`rIFV7AA$CeW3*Il4cq?*
zs89a3K&$2L=;(RBZGJv~<NLM!j!qv}hPCeQcI(#b>FN6Vy$>E=Zg%wSzqkj*fa<gp
zBzG)NHCL6i8@%k0s^7ZbOg3lg7fs&c>G6?}1nqtW<ECxC(YBru5`ZK@TbVubAo49}
z*NmZ2sJ6#?GC`bU7GFVv2&i(8BR2zsusPSJVoSq6Fj6f8h3stsGQvNBJa~!2or^w*
z6a(jNVN*w#s*L@@2u<D-Sf}!2@&^EvY0W-}IH;KTGfX0@2p0VT^s3|Ai@-%N6(0%y
zBOchW@<6mG%skF>MsH+f$9WNu6Ca_0Q8ahyCpa#WT^G7+{!9X6aulFtrGeVuRn81w
zWM%{e%L6Gg9Q8PNf?F974qym0y%-TbhYJA?7VJF9;YitzMNt-=(7)+FhLGG6l#ic5
zEAFabDLU}i1{da0pr5>~d)uQ7KfWFuK00zu#Km+3tel7>i)-cqn9Q1ZRtSG>B5g?7
z+w6z9675vT6bKYBq!|A0Ay0Eir6ao$fdj(C-XdqUvCd(hbrY=O$}pZd37Co`c4;r2
zBa4BPBMFFs72)rq00hwjvIMIuI1vyWCPy5CN&+s-wE&Ec2LmS#QA3cXSTKU}x^4`y
zpud_cgI?BOh0Z;QIVodybAO#_Cp6$@L`6;IK?_ayD)w1xOjf0>jzfrhVqzds?BfE~
ztPBUPc+o3=3v#SKcse!lrPwV&hw($6$772z&s*}&LM9MKaShqR<SHcPY6%>plCf(H
z{xgPAE95XClAko<OM$!`=oz@Uu?SUgNy{Wr9FV|jzN~)S@ai4uI)g6+`#C<~BHW3h
z9@AH20Wv|8FUJ5c&_fc}u1F$Dvj7E{YK43O0te}`@<0JFoKo7@P6#jyuIzzI2v;5p
zjxackTst`HMl9|FsOwOSL>z#rjYdM8m}K;8Bv(KL^4w>r>@lCQ<QMtNP6Z0jD!2iX
z414L7h5QNpqp{=_xX=al#C!rz-Sh|pXe={0wq7}N#Ku6KK{lRs7kn7Vw6&e+IQ+WL
zBnW>}y`9_*t|NzONUNFar;^fuf8DC(Ck-K{x`lW110sro368o!(pB{{8XAO`vcPMT
zQiY}UUa={1vaNw88|iRBL$>8Na9tYEM><JSWOqc+^n?Gog}&m-kL8a~IK<*u5b?&#
z=B3woQ7^e{QXherR)8@v#@BzOlJt?93PR<Q3;Lr6zw!`gF2^V>u^=QioQ42jmKLbE
z%we$ANe}O1&(E8Dy@I_Y%;#wYMWEkmBnD=cLqt(_V68Q*;&G#ZR06|!yL&Ncdjd`F
zwP39=eMn9Qgr^^j_Z7orDsxA%-#XTF+SD3*7Lmu7Ky5Y=xa;mgA_E}h@VWv#5d+F}
z(RLXaAi_+*>4kV(;L;e;Q&i(Z3dJL+ZLUQr&;{6ARod{3>fsyUwKFR8mKXL3hQT7<
zsOjY(FX;&nP25NIqtR-o#6>Bd*j7HwHTPw8%__#128tSHHl<k2y3WFSe$A**ua2y>
zFuUk-UZcPy4H_%;qr0!7F^=1sU_Wl9cezqu8p||jmwTC9I)Ru7x7&VTBw3?q*_?uz
z2zQsL5CkS>3o-Lk(g1@9369bW+$9QsZ*}+6W!Fb^UB{I0z<;)@Mpbvf>5Wzlvu)dR
zo)$0y)QPT~g5_b%bejQ|{b5*DL)ko|>Y;OAE6dQ8lTy?cc<4L+!|*>&s;-#PzF_io
zfQx?n5hb5o{>J~RNW2S@N?dBZwdi$|rqP8m*gl4?XH)<$0@<0rzkkuzeBy_3YAgb_
z!FgjQZ87>TGI>&Laz3wVAXc@8mH9z!6sz1X*qa;IuF#;1tI>ucLngF~J(L_b%z@)J
zi|DYe1io*)rjCsl1Sm;Ew&Ii~_|lRW6kku%dslRQpX@2PxWgx_a!WdkA}9Q42fp-|
zQ(XUfmK4=ARp#9MDyl1ud!@8mNbIqY*kd7az(Qt)w#ni1qaJWUJ7kBn%?Rn38LkgB
zgqT22qNUQ(XlvXUwuc?#rF#7XoI?dzMvAcYWuY1>!Za0xXv+vumf@nT|G$PqG?s*D
zED6z?5u&uhMQMi$(2NwJ>&yOM;g$$deO#AacBV*mtSexOWg!knqKvqk&opkeIP`iz
zft%zDYoZpzJq&V-wKWdBwQ6C@l9ALHV*>M~m?kGV9h!|0zf?x>$WU5~<DnZod-=`F
zFr3QUErEEIhd2^81l;AK8{Bp{(15?9jAG;|d&gG&ObUM@q12y>lsQ61%XT5nx_HhY
zE12&1p;U6bjxHMg&3PM{_yQH;tGj_m^9iyBjP?D>_Ls`1QmI|WXkU3VCK4<+`wV6p
z&ER3cPIg~Vu)-p31ertpGC@5Dd!_P{Woa<Sdvl#J@ez{IF&`lMCw|@^8x6`(O3sME
z^y;q@u7zt4imN{Th}Xe75lJorxI!N!5MLxAy*9JDWHdWYZJe+cQ{Ki21U^MSi6I#B
zeex%e!~Fp9Q8tqQi<+L5?Z5JxV))0v|8FYYmo;tvS(zaG-00Wi*Q>Po93LBRG^u)B
zJlEWZB`rWXq;r(j%la2Re}81^_VxcuMiPrTG{gR8W;tf2uC8PV!TZ7p_ho~10?Epw
z&m57fjhh*VhVbBJKMnA9$6Tbt%cORA2BYHCB)>h`30j@oWv$vD`gEqf-GqEb0}jAx
zdBdoA{#GCUM)e|TEAOR^>{0J&!=IR`k%HHk!+K8OH@$m{5?BBT6!t)A9Sc3+b-L&t
zfMf9!AD#R&`oFZ*#4{Ph-e4a~@I(sf0F&1{GL1X0xVco=Y5ELW19rFl#58yF?4<2t
zI{r*_DcgBbXnV>sfUaEtDxE|9uw`+Y&R%I#HY4fJgp`ry#kOrOuIhT^nViqnOfiK_
z+qP8s>YMGb@M+^w8wp4@Jr#z2p4`G|Qn7cy;z7Fr5FkTjAOOpN<B=3PC$IbewrHw_
zkZKZT6U9xCQYTcwD~IAnXz;??B_=wnpc#JW{nrr;=Aqk`&QQf;&xla%sQ1QSnP?XL
z!tx)GQ{KiZ4WHr;x~7}=wrpi#x9^xuy_3*Zi6wIgET4j36U`G#)jP{c2*H%s#~HAI
zE>>H>i<I0d3U3;ybPYFSRZKbtwa|Q}4Bh`QdWA2_m%|zTaiMrLSN@}@hizjs4)_+;
zK3g>y0+1AmhOXt1u{p%G58R7+pPwTdn4rjUQYe+Go>KKg!$h7eA*KxBfed*~y`&s$
z#)R!>)X{udUAoOSD`9Q9^ZWw-+Z+A)d}tVN{&(>ReUlSRk&(+RCk}p?7)S*_<(z91
zpG_Y%n~<)Tyz`?knhn4wTO~x-iNJ9qC`t+3OR!k$rJ<X<84$O0-6avbb#bWA*3I4E
zS+icdHi=38u!7b-<+j1GbE5D{OX^%pVC1>mTbOzylS{JR1WCG62|YRmrd@82Q9ot_
z(21jXn&lJINk@7=H5nTDR&S&RbYrnx)*EK$j{46)HA!=iiEWzQ_WW1k^y33^$=A^0
z9rePpX`hC+)uGo&?#R=i10Q)RCD?pW0B9_IxTFd2X?IsSl^RX1Pj#o6=GM~7vU?7k
zP1cPk!;-*dmB*m)N?m@?j4Mg4Ln@w@+%%00YtU64rg_G|lb)T3%)ZjA2^V(Km&=^h
z8Idtl-80$e;!JGLdwD)Ku1g6J@vkL#heLF1FQUoNJqXGV05=H+bIlpjSzGsDn2GC?
z1WSd#EBmCl5ZGW;tg+iW6Jwq#E|1o8`t&L~so{q2q!VcvGF=L~x_$j(8roJylCB+4
z@Tq_w;{mV#$1gu|HCpk?P{?72%gwik1DH!cx{I==Ztm&%cNU^V>%~uyw_Kj-)|i*A
z?w<?32<42N&x-;zF?ACc$i3LzrY~@w+)C^JD#QFE@%<;W@Bf2S^sj61zmbaA82{UL
zcmKKu|6#VV$JlN^_CW**0cH&?1w`U+aK0xpCzya9fGBKr25kT1vvUYzb`|91b7mtj
z=jggVygF>OTxlfBdRty($)}_`OdyqL4`;bB&k=t#!I@8a2M8=}GsT$`>I_G;97xVE
zK<sjcEA|#7b?0{25Xd@qFNg`7l!+n!wwC>f1rW`5s+mZYyvh^tmW3|agsf;K*#%cM
z&owXSK`eQhwR#U$h@>}4jdF;ro47KQcJ^0=dKV>WIr`F7{vzgfp4g&N2OZjieGsc#
z8BuvcLJj&pCQ&B(GWM?w_Uf=z2Ko&4-#p?PHX1<MV?lj)%bBPn(bKNfu9iSnvC`Pm
zu7oX=v+m?0Ia1H^aqOQ#2(S5Nj)kM330H_1t+KTP%HYm3QYCX4N?OpNUBjh%AFk6F
z6k3kjRFrJ(bN6$#wlqD`=810SvT{hbNov=vHf;qj%bUjt3EGp6e#Kf1V9Q%23e3z^
z)gWR?AFQCL61+!Vf{NC6yg>2~5h&&JAhgqkg)(GH0N4zTKSlY#pMu&rS%HeO#DR}0
z3+Bj_dVVnZJdyOn?F`SFRJ4<j<z-W01ce5Z978lR*}_v)b%0evv^3e9S70zEa{}49
zR>x{ag$&8>siCu~7U#AaHnymtZ^|+61x<q+Ml-{f0>Xbn!Sfi_{E@?#+G%5#MZiuM
z+6*m{FW-{hmcZbHhw^l8LY~Uu@rW?_P7fMW8Bb@ND1x2%j%(azbGEbfes51doj*PX
z!@_3WO4ap$zCC<@KI8Czyxcxc_7CA-@pn<)LLXk9Ru^~Wc6-Vn2e;2VKVNefv1xK0
zR1D5&)h(60)biV3b-E09R?pWPojp_J{5;&h<K<=-bA5eZb3d<+XU{8ZZ|>~C5h^k^
z&2K!gYCS^5_G24RIKhI}#()}GtJ{sl4Qeo7%+wywUOq9JZo&yYOW^B~Jm%zI5@E&u
zG#{g3XXe-QLtH0f)7S*e1;{?Y!u)_>beZ8TQHNq^x(pI6<p2b4@F1xp)X8y#1_>;U
zf$FJSjo+C;6mX>3PuTll)||cyhTp&ob)3Szb_(=0A9G*<&zSgI=`ga4=doZD96<`0
z2T{Jk20zoZ7$Pa<0*I)ZznLNtiQRg@gmYnS7bYiS7Zjqn%Oil5+o!o$w_WivQt+T;
zXx(y>AvaF-@rd0t;{^-up<;e(|4GcO$RRg7vtQ4wmwr(NVfM#LCC?m&Z`cK+5suq{
zK?r9a7M96U!PG;VA~P>`%o3Fm)yOz;Uk*;=k-`B55{z_)A9YmXMt~#}e`~e|z1L;j
z!wDRZZw|x}AY@R!PO`x(4L>dm{X?;TQEHjMQ-ya_zn>1J!GCrwAV&z137iS!8dc>2
zEVKz9*pGp|%2EdGk+vVqQiM1S>}v@e#0v;k-j3dG*cY(wjEM9Z1Th3B-rx(W81K|n
zeReJnP_Qo|(is?TTeskQ<qDF0B#XFzn2=OoN)*{Y#R~eb^bXx`imcn)<G{uyGvvmT
zue6_&h!5fk{Oj+>6ujvF`#{TY;^K!8i@~>83k@L-leQBFm>-mb8ATL|9*;Gce^#|l
z7{2NY6Q@A-eKL;N@F4?e7*}OW7@DRA5411Agwq+|z8-JA7e8R);$IMf6J(eTTbmQM
z`E1QWQ)qMVz4$G-R@Pq6)gVCN`++vQiyRF1Z_2r;&sd1d;uIFjq;SV^*$A=#gZtG3
zHB4+$17_z3vVYkga<ndVFu}UHLlv1bhPQBU07Z^5vny`^SraOa=Wrfw^gq48bvPiT
zU+jsbV0m;sv>a1W{TDm~cGt`Sq(C@9^9wdaNb6R#ZVx{MU@6wWyMYXVcb(S%^=}<0
zc!m<{EBBr>)Aj;F*i(VfU`J4F=)i5lbq1eej)z4j@u9(Q#fw7^_m<DyMx;!*swZF>
z*rWUBlDcZ!kM%1^0OUR5@f~I!D;((0s6pUaCDBX|HfNPSP@yz0PDq@iN`=r>C_oV1
z2<A|(M5$pqTvI1g><R<+H~*gPTB(>xoZ?vayik>DGf6kF^-k+Xr+7hbh1M@m%H&gf
zs6vT0${?jeg&Qmwb^7t(>)-mismW>@SJK#xn8Z_)lVX|SOT1jsio+)c3_N%FDC7eP
zAE>IN6y~!+>$i!EPh<Z{8iol_LzIqtScqQ5!N(^suT_G#PUnxG++V4>20XxgR(Oct
zyW`T_otklaJU;InA^oLT9`#xIZh!!R55M<3R3anaKIPIheEgl>4)6_U&-X7;uI`@S
zV<*o~ZO|@|s?Nn$1mEBNNAjH$c^>asd3b%kp5ENv$H&_rhu^`t+a8ZMQrYD<dlD>v
zE1A!`1^Qi|V1ya`(|6_0+`1oYSc0l`Onb~RtTU`NEFJPutR~hoD+W4XTB|yee_j^S
z4Rqrj{|Pn|t)&}i$6HALPe4E3L-Lt;CEf6UfYC%8X-AszdXiDiht2LAZp4au#c8il
zb%4yqErV{_kC$w@?dOGOAR$^}p&bE?wkeJgaves7W{c-gK}))NL9@$P!c6A?9}1dO
zxE;Qr!Lqtea6C`zgf?8(`Ww0eFT7I<N{+=lS&vG(7V6+hQvAziW7o=QX+ENgdeMEO
zU#nt&LzJBgotl(z$w=HHh&eJNdl4$O=w_!PsF!jaP{F#}CdrVnJyLRC*S22)*Tq(%
zmzqq#R~E2j`YF>sL%}~_UF>bFl-vDiiu)y|n|s4V@jFkhOXocLEMkZn`)ztGfy#fb
zJz+wRsd3+R8J0WVq;7$s8jOR$glLg;djlYf&>RtxP>PUZu5&q{BpAa^06+nb1zZ~q
z5nQg|0C8FxTU`aqV6_|fYpgc016}m)W2r#~XIo5QeB3}{87SES?j_{Mel`svX-vPM
z0_#1b;I>1xW}o9g0YOZy@g}yL^SXqAt@IHzc<D059o>}Y_PYD8B`goS`_;yMXIIqF
zcu6RASu<xfpUnIGDfC)rimo@BR}6G!$ULq2u^C55-n0+}+1m$mrU~{SV%gK+W{%h<
z8>ZkvA>HePIw&hy%v1Hb0mAN_<YOC3?faO%(tkFn!9KuU-}M>#cv)hMKdh(|Azl;$
zDc7u3jpRwA8d3F_;5MR|L!k=#>?mkptZA;a0iD!ge6l9}x~R((B+46&%U{OSp3+Sb
z4DFD5t^2O1#`M5g0Tk{~H{vXm64yWN%LUQiAc}GywORAjT2MP)S3oZH9wqJufc`>c
z>SqVU;4Bsm`5NJVae*&D<{-LTKReYNx+)|ss3KOur1>g?IO6eFm_^fg`T~X=TN?jz
zqnSw)BHeAoDg{r;I4!Ni2up<QCJRm=`=X=~rGP|PI;-&H+#%j!79Oop1zt@Qo5R~D
zS`QcikfXRqj&@+YE(PxUXe!(8tN}Tl3%vsm_fzM7@-qgFZ~s@->c0UR|5>g6-^2h$
z0!EhqEKQjR*ce!u{ulfG-(05u1qs+0{`)m+j2pO0(&hr&LU5jvD3@Y@Frvg+_bU}{
zaVP>oG6_inQY1mQ<gIEsRd<j?0u_M-VsQ`(C6yFCkiNof_v_ZL{^h6IiquYqhw01I
z&TQi<_DrT*%p2-;f-3_n3D6`w8h|8Vii-<tKLG&*2@L=cBp?T8%)W;D+O97^DJ4uy
z05PJ{Z-9c>Ac01gJZRuBuuB3&-U_fffd&QyS`tu{bbx>WA%et%9RU(8s7io)-*rF-
zkN_<SP$-~16|v%ud0QbeTJOJ29RXVkcmx_sO5am;E`@p6&`@DQh&(!wOAx2QT8NM~
zpqO|C4w%dDIHWBmISm>qDTTSkMP-14P(*<O+++6}0N#BK@;pKqU}3Mms{nLj;AaBc
zI{rdP0FHnWIs2(wf5ZjAOGv>%fA=tI94KLfJ4$$j7X}uDUamO_W$?1NKtkUj7hm8T
zfM07k1R8)J^>+Ss^pL%9{c!{el=IL)g06iC@jT!yRInxWMZ`W&!&?ACh)-yOA=IFu
zQ(+zgd-ZT!yt_&l2nE@B0EmA1H#0sM6j*UXMj(u~%i-uibd$Tys>nKZv5xkB1Pz$I
z0)A8uEU@9*&epx$K^H*+UPL}WZ8-bj?!jS<7kGt0GKjWM;PjFSe3%{3x7Jz2P|(Og
zlA#b%kpKoaf+^?=68C!ldUmK6YKR{DL$kX_K|)0V@GlGo{x)EkU*Nlb0UiSZnh(IK
z*;9Vt-zES9hB-XAVW4Y+SbLDY-Q|1R^g%mpzaR59^f{p5QhW@Ej<>JNaj01aFOq@f
z&)qwHaT;@H`RkfQ%H7<AUsM$(Ax}V`w~!G3FQEbg0t^x&K$KDbx9`RoU5GDv{NIGi
z2zvn_`bgcUsNJ$&ua`Grpc{UueZZf_bUY+^U5xn8U71#ph`_uz`n%tZ+g_y~KbC(I
z=U%4oUT!6?y^9a(nQ!d7-yuR<d-Yp>2p$)FgL|eq(Su?CH@h;-t5#PR!<Rd7+h5$}
zA)z}*1rd$|%4v8sM1Y8|mqA8Ld;0WmT@JL1r%blqZ!+{irx0QTw*-v0Vbq{mpnxCh
zP<6~DP`?<1yR9$WK!dx)!5^+MXzWn*W&TeEQGtXP^b2GpRA8Yw^Kf<mzc+Vjlr!Lw
z$tAp#=csJ~K|m0sD0#pGvln14f_eX_AT(qkC@#G%lQ)|_aNkb>0m0QMGCG`J4cHHW
zn32}UD6%)TpB6tze6YtrLBJ$ri8ALpCl~uk!(yUF^52Pgm~pj@{C0$2g#cE}7HyX$
zQ^tM@ZY!zJ_KiR28q*u?vhw5K3}!cjv9pe_Ue&E*eEgjoe~CMFw}#$-itj~ofm5}S
zlVd>Sr<9V{iX!K?LEJP8%QnW3uW>tLI4FI7|EZAD&&Ea73&?6v7YbH4^fVKTg=dK@
zK8}+JTgGc<-9??#_G`D~ZR-W4=Ti~OJuzFGOtj(vAahVvpu4|)n3r^`a1{fz@Z!{Z
zoPv$YRf|70R7B|1(`R_PUzl6hjG2Q*M&+{A3>SMohk4{D44Zda79U<pmSt~>Tph?a
zNy5zU(6<n&SuI25C}FeHda*3{vyn&SmgcC_-2EA^Wx}kwa;QItE(%c53a)uscQ_mF
z9s^t}N`~#_8D4R>LDm}=j_G|}vTBWZaD*T;e=B72_0*0FXAjozoFF_m2KWE+HqPQQ
z*^>PsOgLFGqETld#@xa&kfWvXUIxxlvvriMyK%Zb9`O3)<49;M<*u%l(ow!aRSd`Y
zYrZ8k9c?GppL9rDx0k79?y1_uG_z>qu-iIdH7`}V3afdh9%|)){M~UE@ZrFs1T~iP
zXkAFl#1Sf($9bT({-mV-hNn$wn8hm?p|=xtxGnI}$~%SzWauw0Y4CJUcH^AH09*zx
zuzVnqv)fH)!?kfjvGUoJ8K_|UF!K)IexmXXK#RyOI=5GzZ~rZVOs|_OPra-Babkic
zc`=Oe7L;PRU1Z_|Dn-ukyJ2xNs*XR8`2<=`J|xykL3hP=EOsBQ${6R@y`V&dEkQ=`
ze&w`sQd39FyeOA?#p)WRhW+By=~OiRd@Ds$0{S@08wW<WYL~ff^gAKZrjwif?g`k?
z9otnKIv;lmDMz)p)quWX`w+e2rO8%8*jjqf`kHOc#ohC%_t2bL+pKDE`gtrEOS&qt
z+2>j<tEn|h*wa!i$2jZ?@4>}$3u+@s+a@q0xm!66In)i03)o~K7cB-$DBmuD_c5P0
z^Cr%YLsk_Kp9G05z}{F1G2`rG25Z>XI5%R646IyMwof|rUNS_U*$;|E0`7tLT4F{O
zg2nrf>jghL(s8t1AKM~5_7;n6P86g76CA!qkw9nj&%=8v>j?%osP#>(q->N<(U-BZ
z6752quu(;>K~Dss*>n7v+k38zv&Ep5Np1Vqeum*H>IwabJ6}VuWEa4+NO8JDiso?2
z3`t?Rvpr)Si(MAp6zKZWZUtOoGm2-LovtVgC8eX$`AX0Yy8?HTo0)Jr47<m7ou?xZ
z%xxLey|B-~dZ$qv?qJ85yagzBp2rqzq2vH6A*|cW4}l)LXMawG{&8FL^YoArE=_Fp
zn^P`RmmQ9}!g-wZrzWo}1)B~bJ0MJkS=?e|(5;{E7RVyw48a32ZuhiI_I(Yr7t7j#
z0QUQdwRVbJ$jmv3x~m)a9}AzheM!H`-utfFR!@#E-qo^wh2z#3{~<HqY-Ftfg&>+1
zd8G*yVT&xzT+i6#+#v6j?|s94nx2CmrjyI$ho$U2)xEEUo6Ws{f2}s#)P*FXlu0FU
zZOnd(XZ;f_Mh2}!ZH!ZMx5I?7EF-e<TdGRZ)oCm+Zp%H|K+j^B*@XS*3(7paap@M)
z@+0)y44>Q+v0dWt*yKtMmFO<20a)kDYDYL5f&Hf!@d`AQjmyKIGHQE6i_{B&;u|ti
zwY70b?SHfd)Pe+Ula0A&RcrtQ^_$bo+>tTFbs#;ojS+U>(H&60q*leIBAjzFVVd{?
z{|kR>Md19;0VSAq*eM^T*Clc9zOYjTW!VuaB1T*6rkm<P2<vbk0fD(Ir|xM5LTU<}
zhBo>JC%Vqz547x`g+Z^5f$_hs!opq+6RVD|huskJ8(d`D)86~sT`sx_cm=*dv(Thb
zwkjt(NI^|YO8P<D+Ov02#7JIbN2RzRAEw4ylKf9h9}iD?2K5@9zXBlUo1&D2U8hse
znOSB7S?{4!<S|~1DZE2^cr3N%-$1F$Z=6haCL8nHM>T`(Wf&M6hQ(H%wbk6{EUqS<
z3N)9DH&Mwk36VI(w==6#S=`hQrW;(bp_n|i6=bJ$A2hrO8W#4;!MqxnCao`Of**Ct
z83ITxGsUL;xS;MI%tsVAWfH#OgkZ7=@2u6u>!z(dM@-LUL3|nOTigT1iCc-_;(6;q
zZy4zP!HzXh^WD^TV$!h}JANeaRR_7N?Pi|8?c3;xk2q0+b3uY;o}9}LX&3$%nJ3%V
zTn^RGVe+1bvP#si%xV4|hBc!jSTsK2^USwXbm@}vv+wdU;Y9Z`Y9ve|={{qtk+>R$
zDLq{i(N<7d%hab*rcz3Nc0g)n(5MK>B*{0p^Ic7hRiV-c6qc|I?-XUS5=S5Xf>V<|
zgmEcb*b3L@>dz9w!gZl(kM0|E>!kGur`=R`MXQ~jrw?}Jdhg3(wF}`i-IwkN>_?eS
zGOKtN%ghb92@mzJjGY2P4>V^E%t3G#s(>uz_&6*cX0$jMCXg-`XCb5R9NNA-)TL6+
zetLSfv$6}O<9@%UEX3L~C2HgXL1Caab@=L|mINKSzjNvRa-;GJwh~JrC(wfdRRO2U
z-^>o4^SS%28O4eGTOO81!nIE7d_6U-zo9vf?-dC*KVEMupOwmv<Ev#}q3{FhHC0~-
zC*OPCn^nx(Cc;Lvk;YzAZrrD)L0U)NzXpE}F&96Q<qDdnh5fq)BU8!5eVn9DyZLV7
zV4iG4Z>*ZY-?h+SAb;SHRYVfql=Q-vy*mtn`DXARUqO_*w!BA-oWn%$aH#P`#Oj&z
zId*t&uP46EB~O(W8D32AxaU(Pai&}8t&Xmv>9<hCJkI40qR&YVOH?x<pr@a3-%FLq
zxC$t#SyvP*VO9ySimY45XdFOGYs*2zN7n*Xvt=c{8~PEs_xcGAEB+{FFDfe9G27_t
z^qtKpUAXO*dtMy_nUQ`z|08lZZWZ0BblwN2`b}1dx>#+mdl_yj$8|BI0O9^|6kT1q
z@;K?~Gu!a`T5Eo4dY)*oB-DBN#J}$k0Wk!?Bxa;(n`yRMc`4Q%u_O_+WezwY`-Z55
zm4Equ%67oUNV#AozFHPSE;~zWorr=`jEmncQ0dm=qO#jWStPo|&vCs(t?ywb0lpCN
znRYz8*Fsg=m-Ao=AFIsyJN7qpc8CWb&jT%{eS>oy3Hj+<1AtdtO>(HE(DFVyx9q8D
ze{!d}IWJLQt1>x7!<iHEcw~S=Jb%Fn3RkFqtZh~)M(W9{FQOe@2k>Hwvru>s+=zfW
z+J=C@kbRxKkTan(Qjf%~C*AA2Q|XzKzgc>6vLq`9C2e4MJ1K3$`q);n5z2`TG}5oy
z*SvR^XGKofHEa+;?1rtzNKgfB5ijTg|4r|QH!yI?n@sUuWk42@z5SIlYOP0A{$s_l
zgCF=@LP(O@vd4t~*^{`i!E?UZU!>cuJteO5#HTo5Bds?=v6*@XKl*iJgRYfJ8d3>i
zhoDU#8Qb31RB343i)O_7-Jw*^!iCX+O0UGv_}G>OJaVj^Ca>FUyAc_C0GvJ}C=K15
z7k}2`jT6q>L}`up4!6;@mUEMH=$5kYfmKb|<M2W47g4)|K)}QS^sOOx3mooJt0PfP
zh3c^=u-(P@ZRxeyU!JOoY3do_iGx3@Gu`(hpGgyIx3!ffh9>D1dsYEQpax$h-e^J#
zZuu0_5{uCmgy)g{1S(iks{S#Q`c6h24xuz{a$5P=xg22pd6rH1i~d{Z%S8-@&yUu}
z$3;N5W%46raTFFWEpm#Cqdj<A<0~I%<YOd1?W0}5n*#HgEa*qjeB`^#ZU$A_(s_iL
z_O@nc-`^UP5mQbb&lo4s@)4R(s{>R(w{MK9XF2STVNm7c5Fl;^wxO%GqFeIhwi{Qw
zko>d-JL@B}*T`b{d@W7sr9Qu>)6e-3LTJ;ogod@)=B~iFA0{4s?U<u`Est|{)5W?-
z66QD`m9zI~$dkpKLaq@WH|lFq$_>*YxTTaMRmXP*$7Nqb!t2MlYE9$dZI_9rt8|q^
zLB)JPG)HWsIPhGpQyw6Cp@hm6_3&-5+^{)}=vbw_Hd1wKgc+S8t!&Umh1{Wz)x&C#
zkpFuV^zl^7__{Pyq9XfZd@2-I1j3;TwJ^;vx|ELgu)a(eE;!jj{#OOD3^ifISlWnd
zuIZ*o8a392Zx51`Ws29m=;owuTciDc3~Wn!GmR7PP4;d0I{1ve!cX2+g=LqJs8eEJ
zYWy=$M~MPeTBfRS4N41}i<^CmsZPhip7CuMdB3l%spjPu|AjL;YM4ESc67GBj@;9c
z1$l{LzziAUB9TP;-^L=e9W<Hp+`Nwu(TdB~GEQ=77wt~zPXxAzz-TbIoAzryD`dkB
zsMqL?`|j#uT$4m?`WfDh0<71p*)m9@qeaI!GcXj*Q7ko4P$>qbYPIgE1uUUs!rF>s
z-A&8Nd}o$PGY~gucvriDv4>LjxB9(Ne9#OKufyv<LP^MGa=LOL>fR@ktKy0A8Nwb-
z{q=TU;i)|+Qe{p`;(4K3JJv5OXFu^+(tKiBJtzKHpw>)LJKj0*i!f5LUo6E4j?Be7
zewrcPS1rL$DPi(0R<mvlLsji7*eMOM6T7)1t6(z|_|-PPeY&Z!_4QKLf}e-KfR-d`
zA`nJ?O3pV`5tRJM>Tcd!$*xbKnvo9@l4^;@w-0eUvS6_?J7D#1-G_YSEXO<31dgs6
z<xd-Z&HjpwwgE_9zrfGT@s=A02%LibSwQaXJq#nzdYBd;Ti;S&2FAltMNActOJ<`$
z-O@QbYLCdNn#>r4Zmo7^51c^w(9M@|uf;wuFVUGIc#0t{r#-Q>D_$L}a?Ju87Y*%m
zCcS&h`R7Gco7gHidgdtxAz)bKO`p0pKPB&HM^+_sG{*1Ol_7>h=VsX3Xh$jK{;!a8
z;H5jVWT63c&>{|R?1>#e5GUw%z?(urKH5{av8Ne57bkk7(=pa<@9tfmTjgQL)3{#=
zfW<@#lC@ZWr1I(#MmnNr@6Al@!s{H-&{vbnQgCdFne{lczO|;EBP100(>i%j9!K&c
zle|tqSc{md9i+pfNMi6&CG)$F^)U@wo2b2&Uji;-`#qJYFked|qn%@%Ow|1b@4t#p
zCK3=rW1lU)zaosPjmta_w0R46B+TRH-eynW&9MUJ)=BSQC*rD8QXbF>SE$ba5$PR>
zTPQc3HEV86wuICgZO%Ra38k-_Nfcl&(ccdgQ8<qGz(ZVQHeOgeE|*%|zGG(AO`6SS
zk5%K;nlqT0+b!Q*i5})tafFU=(C`aDyU7#=szEYyZ!&l&UEqnz4@v+1zJYUbDU^~)
z|4KYPxe_0`E2dM^h^wnYzv}8nUZWs@d2<IXgx=4GX9YtL-tNyqee8{U^0%Z}ZCv6v
z%f<xR_Qo4%MbAizl}j~yzL=dx&s7RpP#`&ROLLpBzOE2QHhbFi_DV9HGCpnmmDY$O
zzIY%)$3;wcq-vL4sVeAiOW=mQAP!!6cVn5iLe<lRve|;7Np>VJxjlD!Sjnm8RZdE6
zcgy*tJ1X@ny?u!a^>}cw+|V@^bl$W;^cqezO4}Bbw)4FnZ?K{)rM5*+2D~5jmQ!i3
ztRgS4(d6&!rmFS)3?nppB6wdJDVV%o-`WNNE$lMZr-jOS)P<EcGF9U0<(4eOBYU7?
z;sFGv)K&w{C<Wb3)c2LA_-1LX`Kd|kAWjJWzbHGW?o6Xb%f7Mgid9j?wrwXB+qTV$
zZKGn_wrx9kW2>t#PLI>0zl+ls`wu)fd+cYfxmF(WK$?-PvYX!=cO;Q;pst8Q>QYO6
z{*`NWWfitE5)82<&lB}kT(C4h?#J1WvZyUZM>X38@?Ir6VGhE~#>*uc!^g8QBnMQL
zeKB)%b#qqn;EC-!tq}71_JT&ra9e?wizHm<miG#SZVHPISB%`%d8%rCmwqy_a)GkX
zz3u@c+^RQgo_pZ6+TX>5x<jhBw&2%#-KCJJEiy%Ab$-mXO4o@T3Z?A3VzsDq>FQwW
zHv}f0x+0B-=8{g*3lp@h+y3A~6YKX6G)A9#2D9Qaa+p`-*WDQ!YBG8w=zYy!1lOJw
zWU|dVuFN#`ZQ1%*5S;S2kB9lojXHV1E`o)Ly5k5YX?#Jdtc@0F_xMC1s#Wbm)b-Bz
zqj^!u$PtLG<pp7ZBZlH>l%13bZci`&+SrCJT3AAD5D|=Bae4``KmALH4y0KZ=&nVT
zucjDBsD8v&1YYV)D(uq$w?hk=x~%``qStqPXcFuV@-Ky*eNbPs`V0szjJVN+zIyBi
z^KZ&f9JfikFe#->;uYrTa0w%g!Kx`XI|M96eX3OXHbV2K)3fax@6Fph#EkWnYR8G#
zx-~9ppbv;wpL*zU6WZUvjw)g1issZ%H&32hh9V{sV{mdWUbPt1Ga<@9f747A20n^x
z_u}q$BHz)K>NB1hK#6A1`;n`JMRK^eET^S$J>yRI#AakLTx4mUq*1AOch<^eU;q0(
zR;}c`<ZZkWYE6nmzoMU4_W}p=9cJLrvLJ@#xvrh4Cta&oV^#z7T{<mtnO9hhAGu4~
z;5^>64N28q#=@QQhT_VAE;xg1W3yIW?j9OVWAj2ydI}UzM9itZuOBIAgtRHWOLdl8
z!BgZPBo+;NgEiA#Tunt)EaQ{mIXgKo@_LAGEN$Jr$(Kv?=lScJ^8GoV6km0R5h%V7
zWH^WdeKW-A5Q0UA)!JfU{~f`~w$OrLg7Zm7l6O6{m%RI!{x)(Td@nZKIS(QZW8=b=
zX_uFg8GtsbqaCj~``ic8szP6;3Ae-MQ0^)#y)gr0WH>W3!vHiGF0PV`9h_Ch-QbGQ
zRx*7i>G(Z=5Fi~h19$Fxc~n5!58Xs>rmM<<;%oOhB_S`hFUj|*7c+PvdT;#m&WUH@
zAk;OBltOv*G}OP5wN0X~LRzQmi^t;d4aOg9#&e2SbO(0(hsJ}8B>i3}qa!raq(zsx
zYN@%lgz?4J#i#+u8IahHJ6|kng|nkso$eO**kJ<W4iP^wHpTl44Hd!7Qgg%dX$c+K
zXV$>Vp8Z>YA0_rG)~pN?vg`3;lb@b2oGg-wY()bLY6^nCU?ICkAhaPNqWpe+yoXg~
zfwrxE7RUa{ch=$T7P5THz%mC}&{=GjdL68!k)GB(^1FPiNzy1E?8eraqDIxS=Hyi6
z<qu=0p7m$R+A*j;B~ath(<jz+A!T(h8%_2AF{U=Hf%tlItky0fl|@P6rew)U`LA*e
zMi9-)!v|W^v}Re!ipm?r1zyWL$(U`qL^867B3iKh9kOmo5W_E%b5HV|r^oI3IZ56W
zGY=d20k2;eY#{5X^{CJLU-Q2L3n+VN=K3c{1TKlkGlFnx6W6@7jf#zsVb}M0D_6cU
zJ_2e41rdMt@`rfyVRpEdOlnL^NM_v?QS>(DT2`11&gag>U2}zrQ!t4ZGx&@%I_F$Y
za^IMf+9C84_#QPx5`cCMcd)kV#Z1t+alvQsG(sOzpC7|o@$2D#pV280EcuPDv%Oa{
zT#BtI?3vbBC6uM!<TyOt)4XSKxpMqe;wIhHsDf9b26oNS1pD0}w3c4$fNVWeD6S-@
z6PcuI+wHj!id78o&|SQ~SUbwyYKhPv-IU%QvCTmfVQ7>{XC)bwD-yPWR_p0(k0#h(
zI0y(Fx?mNCs$zsz;upo$TZONZMv<j21?!h;Ja@j7ffz~Kqd0qdoJA!;q@WzVzz9kT
zy-zngGqdeOg5eOgde@7dX?-@_0B5rK@?C*PS#_VR;v%#Fer=U;m*!5`-(=}yB)MA-
zj+yIVC$YcYI4orbC-AC*@2ZDFq;a^VP#T%+vmCctI>O3YwQ-z$tBO}AP|M&Ae23=h
z$+*gl<Yc5klj2hb;4B+rUHshBW%x>(V5a^w?B{wQUro)>@+HMvmYog-c-Z276(RN(
z8S(AmdnkooYUC+MSiBe$Bw>18pdE_;fhW%$YR7x2oVrrPiF5ZPf_ik2#v1Q>ss1c>
z3rl$)$pv5LR^x;4ZV-!)-+f#21jEr6FRK2AHpr<7X>E<wZa8(X{(GF<ZxeA^eLEq^
zMt9@*-v0uKcRhWC39<4VU|)+m*rJpid;Nl1r_B6M^L?xw|8LXjKgP$*$^Ks`kBNwt
zllea~J~j?cmj7uqHrg3NCF%N!jw&3KM2Bf`mQmO($hq{80iIzHo{=S-Xe$sEltjW!
zN+OH}nxrZ?IH^eDp70>+{yW=irQL1n_l~#Mwb`}XwHyBol=0%+NqmFodT&xZG&)im
z78#<#?4k+=h`#`6ClN9~2(mdqoO9r-9mZdb!3~K6mH4X%01IS*hP_e_&YR_sB?HYn
zK7$9q0ebuQ^-&y<p?i@)BR=86ow1-Og*tbe0kXRO{}jV}A^<g!j?dQK6C&jU<F_Y7
ztuQA*pOFy-xN`>J#7g7FgB1j@5K}^>!M%x44&vm+2KO6K?)W9?r#cJdYY)A?bar)l
z5YrKKO1ODhAlmw~;~fEJgFJdSyY!p=^}xUyiRfzi6K_!gAdramvHZS1Mfl^m`-ot9
z_|x{3@OuH%HzKS3n;@qHAaCVA05<B_`$!rGNdCAt&$a-4-J70?&#5m}=$Mym_yD1J
zx@zQLdOQQ9+92)$!20-)PD(;_c0ge5CqyuZ7t!1+GClMrj$shw2M`ZbA!PwVU>58P
ze+KLv(M{Cj#<MruFM9O30{$%}8Mzr&0t*Wp^hofgf?u?i8$PnzRj->r(?y7=3+2lX
zft#a$8MuPnoKx)`3f-DXA)|Ur4}L}R5<5c>3JM({A_^|@3c|n+n1nj-eXi&XsG+%Z
zL;jeE&LNuJ!8n7h6-EMq3*P9P^#lJRK&HnA906hA9=>-1{C<P$GxTC2ih@|{KiPx#
z`IQ%LF?8^=dA<Ve3H@=Pr+66v4;RnZ>~Jhy*74A0JKw#2*QqlS>U{z`X%{nt-!Wqo
zq&|Qz9(@2(4>B|W@{d0V$!Th@pW0kN@3$++n|wKSKOzhu=*#&}cZr|N<zp(~(r>5_
z<i(7UmMo)*0r2i8VT*_gDmaI9^Uc2GSNgGo{Z%pk{pav|E3Uq@;r^Q8{rcq_CA76S
z+vgi}w&+nLA0jV8WCC!zqhPd3IA_^!y_ZAxjjt*yI4cw<yjnOm35IzH0rPb`z?-zk
z$DoDJ0egNE#^m=A+Ea84FW&1MM{uLJgXxS3{h-I#*qtYLdL0Ipk?JRejMTWQ(6jO~
z5t@JWFvFLGtWb1CzjX@-14aY{BI|)ZoX@2o_Yy{7{-vEfVQ&EO?t~_T%?1^i!Go?9
zZb$q0-H?aukCYwq;3`0p{q+kOpW<Z%M?v1r%^9tyEWmbG@5wHIK%b9+vhNZdl^W$-
z18v>$H@W!5R0A7zL`SNtW&aFwhFL`HxoSr3Z@KxI@hoL}#hfb;8ZEA7tFeyk?l&f%
z!=B$03MVw~{R4R)Q#pM<9nO!zotW0XDexE29Z1Du93nr!ZiSw8;ql+nyzpC0tgpNt
z0|r5?S+|(SwkwTA$4M*=Xn))M`&#Kg(47s%xM@89{>=0ZV$C<AZob4w4KCF)nkrOk
z(q$@>Zq7y_^HAT`I>)`#BRb2!j)GCUht=FLgAtFXlzdpAg56jBL3@a*V~X|fLDG3`
zcOR#s8!})WNZLl}KwG%tj!QvV;5ci-YrAzHEwX|(a+NS4(>9au^3Xq6oxa>YaJ|yK
zqDBZo{}-Qm6JE&xYR6LYFY;=t&!axYwL&q3i2B*4vJ^Ojc7EbKzqtQUtloBx=?(K?
ztl6(jf=V(CT-$={fyo_W6x~&$Emng@A6vCMj*<<&SEr>xO<(8o&!<8wFfFO{b^*C^
z%2(;qSkX^`Gl~OP;n`Y)9Emn<*{Sqno;fWw2V+@pLqo1sO-}@Pw=AT~ZIyexjo-n@
zTXY@2f2lKF7I&T3{V4UeeoiO0%DmsarO<p`WA0y3jIGLC%g*r_^)(vtOE)jSd(v|7
zG0yxpt#b|=Ih0Y<ZPvI-%{3}(x1I^m@kpt28;-mvTphozG3e-GBI@BSyA}SzVW@<q
zNA=ael<8if?)&7E|K~!FzzQ%@iQ;|cF?k<eVo1Ofpv-E0R4s@E3yRarXI&W~oguaz
z8mg-#s7P_g*H3}WIi~Bg`G%_H_MAgNqU#%rF}~=`d{h$^TUdvj3&E?iY6A91{PBMg
z7FLWz{<4BcsHdf2l=u7Hb6T@{x(C(kohbbRk>T|YM566btJ)mEeCmv27dCvkSWU%a
z8}^kUNR5pdq<$Ag)$}{x?;<ZX7;4ugyf5JHI&6?S9=YquLre2g>g0ZCBc{#@POaMD
zf}#4sDD>jo@;RI(e5e2F>nsq_n@<wcx*Itss@lRn(W#Xp*9_H|Z{@^HQ^0`xS4G8A
zz7+pvD|Y9TxeK^>F8*qJ+UBz!yjW3$Yq?f){Csdl3&LLLEEOn@jWqOk`BiV)fR1V0
zCyTo*sH{Xk9NW+nj&l~l0q3_B?YuTRA(<4P{e7;ckKfZ_Ed!r>Dm{4ukndj|73CV-
z<DUwfIf9+ODx8wG=TOd-mNuq0-N}g5mQcu}jQBBq?F3^;_*MxCI?KB$*)`#ut4kCT
zd?uLrq3EvA3rNf~+i}ZqPP_%jpUzrr2XucZx-RsN8TvB{49P5SO_N+kgH<hAZuhkb
z_?X&I79RWST{^ar6&YwSFK4_>toxFz65(T}gDrK$Ds*o_Ji2=dv<6$_ewN#e>*I5I
zY|Lj_uqAj0R4KYg>X>mc&GxOzRrYO&6*a;)jH|jYT_f@;nPeDYI=Ud55nF0rMd`D3
zUzUWgc5~$bt43M($%@As4?T+Z_2b=LG0N6#xQBlq*@Stw|Nj2FJWlah<!bvmvJfUw
zcxXc8{d;ld4I|xH&t00M><iUor<=dy0K29=$Ko>fN!rnL=H{9{qrIDtUPAOV+Bd_K
zV670u>!M-n%YyX%2S3Y64kMTiO^@12c8C~OB(DGWxU#bEbCrR*$!CmIM}LO~zZ1n;
z1T4*;U~BLJvX@LSO~g~mvUUmRT8z;x%28VW-$vg3tmXH0`<l>wnldh|*Vz+25r6oR
z-fQhBHowQpP{Ljcm0YrJ?>5=g44B;)%}%f#LM8Zn+0MKUutiCfA(C_HwS2Rm3O$fA
zE%g*8xO2))G{MP75AL<Kc>PmLq-Du5I1=b4FJ72sAYzmqn{r97tiQ7#J(oMm_34?c
znTWI{`qENJ+1Xgh_+LI49F2c-Y|-4LRSLxE@hN3MSG1TLzKmAEyWhN27<;tMgy%ix
z;njPwjI`B%hHOVISDpQmI=6e=qE^>N&lboDJiJ+SqY%?X1Bx&XaSmrSbA%hJ9GBi5
zx%{9O9bvdZ<#iRiXntp1@{UIjtZnDPzYRz&(r9RdK>HRYm+s8)^>ipm5eD9wkneeI
ztaYbqlu>;Cgxys1{#6765C1NwQsp)>m=q%B<=^ONg)dF4N3tFy0-Fhy@)NgQCt}&y
zDMgx8f!(e3=K<V7p%h^YA&O5EI+^!~Y&zRG`gm5Tex==KJiqa7$$Cj|zb35|nd6b~
zIK!gIf&j4$hG`PT2KHZ%Gth+1lAU?TzXQvwuzN=Vj9x6351?G@RO>Z|5OIf^*DX;t
zo3^dN;of{kuRoL~JtZdMX)W&!*E(&Y63iNx$gXWw)pLiZ4JsEhxtM3VMx02RW#fqj
z3Dy3!?MMq;ZlR-=fjCztX*Un#*bC0tm&!`dUQL9ZN+4kJ;N_qvf%y<epepzz*-Auy
zo~f9g>;=*mV?E({L1j-Bc?~9J+;dHE%$wIOh-ri$BZ`yVKPm~mepWAy4bWCAVa2-K
zCOj(qnw1t7mbzT-X5iW`DLVD{;G8f87sW0?E_hl~h!y_}YdrVhLlS^wu8e9X!)r%U
z=@zDn4<^WEyu{$Hs>*}avo3@qw6jFiv~kd%$6BEmL$PfhMYG0BMIiethDRQB2Q@lp
zUdGD@#4Pcfc$PZKGZpQA&a-T9K0<j|X-BLag(iZ;jr<!I#^$TTiozCgZu1?U@Ewu@
zXuIg4Ma8nKWJMk>Uzy1l1G)~%uzDyTE)NWusWM3jw919O##haXM7U7(NgCUHJv=)0
z2>T^aZO}ee(<X1FQx_={p0%7%dAe^b(nJM*v3HS*>r@Lu{Q+z*E?uTdUa&Ay(Y)Sc
zpCjIXeHf{__w8Su6S|sNG5T{WF2%<pL14g%Vk&=u@_ha0x?B1SQqd{N5*l|ZLy^b<
zr?hDbTWzi{*ZTt0=ePdDz0~uCU^qBl130jE>%bQ&d5x)u(t>Ebjx#|iQqyCf_|uc6
z?Y`)gF^SI91^2<+Ec7*7)^oDWs)@U)OW^MTSk)qwb)Rv<6)F{^rV|bCSfjk&ZB!<D
zUUgte5{}WpI>Rxvu`SY3#w~Lv(&7GG+kpM8k(0QQu8hZLpVuV@cj3$}|NT1n4iX+L
zs7&BGS_OwCKc4;G+Wjv4loG;}nv+=DFQ|G798~gcOI+qF4^#7ho9D8<OYt>N0&8sP
zmhh`;xH?k&oy2rY-&4Ah%%&KH>-S>pV@s52{mH6>GLtqrB3NZ_pXc@4ln@kxi94Y4
ziT04E#v}TaJ=(sG7z#G*6D<W<ySk2{-&q<nqZfDSN4F@`zC$*XiF^JzhB+tI%zQ|0
zHBYtD5eM}*fyS#hY=)N`pQe;qR*?y$a?dTTdNp$~%S`N;oz@9n6?xh@IfmzV)RTA9
zG1kB6E&8HHRGjv6SgP;~A+{zPe~ev3#KJxk=&E`svD*307l-HGs7jcZF+8Oezeug>
zH1+>bMXR(FkS^f46R~MQU~?Avpp8i`g&a0~@SKE^&~)lB3ov9Knn-^QmVF^Qkdvu8
zwQz*bA2-a@9*vS1#{EP6;!G9+m_+xRHZym3p-q@cU7t40)t7!lUzl>7;yPn^=`4W@
zGX7-LvQZ;yevI#Bl{-1!BYS_NZgsZI*>hMa*(u5?%z7>}gAhr=DQ49;N@)n=mQ%q_
z7;!|ppZHU1JoC`R%x|7}Vmro1V;5WIC*E-`Ep&~vtqP>YAC^Az9Y?V#t0ed!Q;2?k
z2>SJzmq&QJkJozjsxAtG`HR95s6Xoq;$bG%MQtpFPVsM;?5#2(2B_IuF>R*v>={Dm
zuIc$5l^BxwVFbDSQED8Ip<a`d$$pBBoe5RX3Ww6Q(++i-sXY2LA>}U#tYi22dEHxl
zZ$Ccu9?H{Ofo25HoBeNI5e8pgN3q;b*RN)?62HNV{A@|GFoWd+RXNFfw9kgx=XB!i
z)aV>4C_qpsvd@YxGL(uIF){O8P+u0Y^!c6n1&@p3MSy_MECH~{W^1(0+V~jAMCq}%
zTb(RCQXtHFESR-mU@77?(a-$Wf&vEnxHRp5Kn{%;wiJP|*q*AE+wR0}P%}Qkf_g?a
z%*8=!uOzKTJjib}PjT+ciP~sE+zE25QZOjh=Zj{rkM8-r=AC;*Yej%`P~$RF$?h;o
zVYs@jXNP#z%v4Re;`2kkr2;eAE~`Eh;X;$r_@wu5m5kYZv=-=k)P&Mwy92rAIScfJ
zkH(`h<r$22Kg<$}-)KzG#f!6Ch%zm5zi|~iyG63jzsC7f8{cpTnN&^xo~xQR%JIBW
z&B76%cGyFzu4<yW%r_<sW7d?4gOv*I%f{yL16M1h!~tk>So4O>ywx{J4I^M>P8@!i
zDnTHsL9@ozG;P~;;iJ&BgyIMaM!pukda{5a0}U6<TC6u`q`U@+d@;)sdb24+RqxWD
zp47hUVwdl(hPzaFVaVoT)gAvwLGmbeilPS4#?*(UlJU`%WgX0F0`R$DMS6eQ5il#?
z`^aFM{xlR1!U@QE*OVOo{&R-s8jEeULx&}TxF|w9M7Vdnv@gMIV2NJp(v9u5r62zg
zZFh%kE}8eeZfDy$PT1TFl~vIzXfC1Mpyg%un!5RvN!LVar@*dK`~iAnxpFpxT~l%n
zzPx7BpF}ZK-p0z~UY$9LHv07)rkC)xR=MebLQm<0l78<<rclqV4+N`u?Z|HR`!Uuy
zHC|OW8qW}f+OMB~e_Th3Dg25lepJS5gYDi2j4rMO1o_wt@At}(6jN4}S$;Ss7!Ras
zS)A=!pC!(TUWfTM<xv*I=XQy^pH!^#z-im7ooM}qvR46}keNDlS+)6Hju$Bj9PND!
z`Y~4Q)KI62srS}>*=AUcjrc^SO~@Yi7Q3`Nl~WONd#0x1v1p|t=4dDgx4_G%LYZr7
z@A$g-Nqp_*#6JzK5B5N!-OS-U3?J*{w^|Dq`zSg-DO4qf?=%DR>sTwAk5l6IFtk?h
z_oHUYAXB*3d+aFs=4cD9?yl@X-7$;N_HQi?zVyy+UYe5m1JhAI_u+;J5V;Uc9*epy
zb#E_<*xv?K!q+OJ(mpz8c(xBAx1A0Lm1Whx`>!Az=D`d<TvYap*%Ss>>0c>bR&E_!
zR&w&Y%Cw|U*MVX}oxT)0Qd|4ox6tWDTcrrCt`j%a&fO87ox=qD$~BD|<kBjbT`wn}
zjuAD2E%PAD5pv*CLc!yz*=f!ycQMmAWFV1!3nvNWIW9KmPK{oR+%ih3X$1w^|Mr&D
zuQO=PB-~pd_&<sor;Bv`s&`W#+<7dIFlGM%>$Oe+tY-cRK$*e)!Jh)>mvstV!Q=Rw
zuI{;(N+lM$h?Ws}OW$dy1KZ1y80lzdjDI1fnmAE|^p1TA_qy()PD4GX*;6|%_hW6O
z%)9-2UFR!==kGfHb{pO&x*Hv_j64C}AV)LV7Qj0hBKrenx>~YDqsq_sXmn#eSK`j;
zr_Vf89euGZxg@$$0*Z+Tvc}7LC)<>`B578`V>)?5`QgMZ((GG<pW5ikrH9T>a7{mV
zuyC(EXjvDarz=lrVku0}y6yXH?kp`fw})0aUkg~MU9EX!$|IZv4AeZR51~G_Z;?>T
zfF)S0$j=~StcKm-S^V}+Pt!AqJ@I)Q4~Kh@G2WxY#r7p8^P-O6PAl2Y3@OP+ettpm
zoPL>yz~u3Xm;4e^om+OWn$t0$FPN;4ox%sGuBIZ^_0T~=yD@)G#3n53t4C~YWA*Rd
z3;0-0?eMX-ymBa}Y(hA*`-RK#xV0gEr*l>)5A$uLJaPAtNkm!dvC*vMKW`Mq_P&T0
zF>J(@W7I^_KHYL)h<my!7hJz$7Wq~xXt*P-M(wD;Fyg$C`HM&kxX>vqy%1`rH#(2P
zEy!+IPpZl$KpH5Vlp8}Ig@V{j^R*)$7-h2jeMP3v#H<wJ9G`9KmZ69ER2$G#Hm+Dw
zsJKLun&Xm%U2JJ2*~%_mtoZ`qI#lA*^YXNW<2DMRa)PXg@M*fu8bUUhoMdvwWIGJ(
zwC>4_jV=Jmg}J874TZ`DY1YAOP5XABHqjb;6pa%s0&;l@RBO1l+fC7VX$8cEWJOz&
z*h%UnHTMJ0!>8QNam?LmQtJBOVsTD$7n!dcSvfK)83TxB{T7=QsSu5d#{FG-cP_>F
zS22$guzs`H&b}+Ft5>vHq~)a94<pY+hNnZ+&N99F*V^=SvL)UVNSm8rkD)h8{0(Bu
zZ&o3@_E`!8PrO%>JHCYy5-Da{`8+KK@JDenFwy!+S10ITStnDDrKrgF(Am=as&8R$
zZEl^bwFR&yW>;>#-ut|u!^zsssah}F>U<3JZ`0!vWNlG~$ir<z-rhILW;;!rq2lCg
z)NHFK_J6CdGGtiD9CI@{2R?2LhHl_B!ifxR1S8YK%nM11GK2h{43L1Pr1_knl`jud
zGboZ39{d>+=0PJ;LW6%&SMX#s4<MFMQ4g&sipD@dSID{YJ7eU}m;C}id-Te?LF2Lp
zJD3*8(S(clxbD|EN`6q0rBt)lMt0U~;ok9~xzu-W1{PvZW@XWGm3*{FtJTlbyyZsa
zyi~8wU`wPD<kn|pB$sZoOFpTC+ZBvHn=I0FRs)uVzgF57rqE*am=<c-$4Jv4!2`Zv
zH@-B)pSsAoRAg_cBHkf6Gi1~fG&-q&hmKn?kD)*r#q;vU(_;$!KKr5VJuUm(bB=hG
z)X|h4CyTatY2r>88>{id&g)qln0iY6TfxMcKLx{Q@+<4?ZEi5x0JBZuMB3%&B+Ngk
zctHy4Zka(5&27}$z|?ZkZEO+;lU$u0+rN^6^>g1XhADtBJGT?t{e*3i!;7~&XtXU=
zMxbM9c@>c}snO=T4sXN3sITy+t*vt&+eNgzG@1vBzh8{t95xcm)F<1!F{j_gGcf+i
zWCx8@sd8=rIWt1(2KcKvL}NGe5A<eG9{1h{1$ts}1f*lpk=>n^7}N}qZ**AjWz4*2
z_e?5m$LE2iURck`sTlw6^FgLDwK{c-YD-tph$&$AU=l)kPUG$(7|Lkccrsn9&D{`v
z>`tBqUrRQSJFpr2=lDtan|w2h)Z&!jGUNt<sOh7fr1)_?|Loq1xhkEnR0wDF4Ye<B
z`?aQodzhXUyED2_w$CN>l6->+T{*XKhUO)c3(yYg=Mt0~{{Y4g;>N*dF;T@c1d447
zl&}28c9)AzrFmcUwDoIyl4TiLcg2}u0lm;lSb)LkZ$a_)ry>S0FY(rGgU7}RpoQV0
zCQWpuv|Sa&WMz3KB`n^cm6AmdCRN9`=YdvyV)b}1W|`td4A8^t*P#Ba7`l^eL!CD5
zZ1Ohi-|OuT8#=mnZ>g7(FUyYZgSN_5mG)ONuX@t>SCyvGd)_mu@znW7jlEcC`cR_C
z2n#RfrN_kEdS7M^9NWYXLeuGTBjt4p<)M#gUoMwBt@|wa<@TrisP~>UA#b^QCGG4B
ztPu_8RUnIo$r|GvT9n+!s=9eQtF9afymWPZdu0bfVa)V(WXBdpdlFNr>p_X027ehg
z>!}(VR_W5-0y+_LscN>Agwx8@*p11Z1>@04e<FQojYKIy`$>!0-k|;>VzVquiwwM$
zZ}fYPnygAyA<Rf`w|vXg**tgc`3<S!{{Bbni->9T_lfd&OeFp5A(rbt2lfN3KwdOn
zYt>~R;&_3065HZa(3vYty!Ht5fYw?v`(Z7;lqoqHq>lpAm%NjN-I%YO^1OXTQ-hKn
z&N9nJEb0-!<R`oymHN$mLUZBY`mWCvgI(f6!9s%jE}jEATv1@r!_W{^A_UWz(sfdU
zp`9&(PuzFgxCUArOQCv`_VB{os_|#KT=<g9cT-54>nkbhr<&bV!!%N`>&jKb<yA$X
zfd<%^2s-?vGdJTxoL!djIBGO&Lk(vx?V-kH)W;37PwDc|v0Xsh2Y*efHtl~>>HfV9
z|AR`$%<+F(9{#sV$ISU((CxpgbZnfQ|KkRlXm=<T<&Ab$(D@=#33j5cpF~}5aod8H
z5}@Ehfn?5cy2b2g&{9w!XF6q|^AI2yMU*<8ih{Zi?!c~-uW#(@=&1P1N1uButEskU
zf<0qq227Q}0zCb5N-{BIGVmnGzo$R60{sC*3M$ah=)`-6ECEKywLMp4S*8p~EO;SF
zUr51`Q1DTG>neTNzZ9@Sz&Gzj00ISoxK<Vkp&!uT;eY@oKQKjtd4Osy79Q*@2I!_R
zv4J_N97a+{4b<isPEghTGr2!hKO8_(QWE+D5sI>{k7pN|0W}Y9m}6kG7K2zHycZiH
zV1S|fTcVHjBC4-d8V=6O%L^`GYgUL7iNZq{<R54|fM*EIHz3eupxj*<1@PA5Ue1^c
zk!1nU%sAfY!x+a=4iKLFL24nv@j!(O>WFhBC?~=Es}LEM=Rr<82IBkzT)se|0bkaL
z05b45^>+Tb9@M`0o}fNt=<zB1sD}{JY`{MY4L+}?nl$*f4;s)baY|2w9Ux|K(5I`<
z0ea~V@nMS(ub|EZ?q7%Ym5zjP>)&BCD`d{GzY^8oGq2yGi2$Q2*w)q;hs`op^QE#!
zzyR&K;}i0YS51R@6#ek+bp$Oggzpy(^5~4kCfZNv-ruP5tzY{y!EYl=AKM>WK}uU2
z9^9W7(CbY!-QNS7_R>D!%k7t0#|-|~QMd^bv&yI+U@wmS6gEhR@DvEbK#)@_@cr%l
z;Uo$Q3X*3J4Y><&3M7^M%Eq?}<@{<I&gp^Lgwlr?oJRr&e7${Kj6+T^P{Kyse6oK$
zqrhdBTWqzkoP0Ci^<<5YQxf|3<b|UPC`jQ!|1-Py0WdI(0=xY8*#3KdZ!fVLv_+(_
zM33qnt3GcXCN=zcyRW3ky1o2PXZf|0At3Hwvd&g{*vNsOpr5&CU)+b^BX@e5U+M+l
zZsO-T(1UjTGkX5tBS@}6q~6~|wUdv7`l@+<`Yl0TcNCmf_2!pC1ov`mzps}1{p&0h
zgt!cFXrbF_z&qbl@nh7&-h1;P?coPs>6brD*guQe!SP_21@iZLfDEgYL^nO&8u5bK
zb#5puDH%OF43(i@n(7EJf`Wb#vLZ5gfTtV4dxHMVj}BC@m!R76;C^r4L>!`D!6F8=
z#DL4F0DyQB)L2ar1_X4_+-mxsx%wq1$G2m`M<HNvVF0Y6c}J#K?c3{9Yn>qt30{ba
z|4-m(a7QQfHAjuA;T`4&k5p~rCPt$18X;}yp6B!6j%FBxmeF}YJ#S-%?_ph^w#VV2
zH2`gA<(`r7LcNXn4^9RIHeS=0>XA=hf4-e~O_qM80(#*>>)=6}YI&EjFea=QjW-QY
z<$moCbOgcN<B495j%)tPwX_Y`CV;#&$r?u{&As@e+GbNc#TsuS%|O~}9NZGALPj2q
zcHvffQ~V~F`6z}X)ULZi4MuZ-kiUBx|J3i7r$*717O5`2<beIcHG$Tb#5fU{jU%wj
zlm#)hezi=>!xNQTxK4{~g(RnIa6k5}AmHgxP;o|#f;Tx1_YG->#bdc}(Ddle3lk~*
zYS~ey8zynCrD%`?ZjtX;;kYtjKMT<exD-wT>v?;o0RsN0b6w+Hs#t7dmcrEvC+iT5
zG$3NrBQu-3F=9p$Bw{^(gq#qRn?wBvmq=qv9B&GX&UgWYB`S*r^0&LEHQhuGsT+8(
zT+Y(~4Xte{Ni6$sT{rk=k*h+E?)q7|5Hd|?Q@dvya(1hT?CxTw17)<4MT;I`myO$>
z#}sl<I2eZqxQ%WWqnqkU8JYU>ENI1)Ecu>h1r0HYW#ZOU`1$BOvXXKKZ%tW8uR_T$
znG}xsw2o&9eZ67V6i+o}KY(OP%T?P9m#?l{Y-4>!dK$r_Y8`nO-3>lv1kb#aTV(DF
zuJc2o^+zhB-Gi5g0eA8XMBEwmVapIPxBRGb%dxo6|3Z=Hh1aBp^X;X9YF9bk24|i8
zalKiuj)tWziQGP0;tjX&R9}421GS+KL|*QU1@%;lm9j?%0Gp_?C4ffhL2Jlp;Yqa7
z!Y#W}+*11FRui(@MzmNL?=v9=Qj#jjBKoEiic&$vQhT4a($`DToT*^BF-5|n@ovPh
zLcC@Xa!i8}+Sm^vL9c*n^Nq*@Md@FvpKb`xp9{Lju`D(&ll{+-pG5!WDf7=0_&ec6
z_`Ok^XR-XQDuU0e-{0)LwuV1I5-tDQ(g-#lZ57WKj$)RRObn*8i(*1rzH_CLRJf8<
zv6pL2C}x~}k>zReDZ{geHMe$f^WcE4D;l4a?o2(}Hej1n6yv8{nl}BEJ0SSpmC~9L
z*;MN(Xh59L?`L&{<TX>BapRyYBS1Qg6^bj%+5kvJ?mXWhhcJ6_PUrQ%;E$X+xwN?1
ztw7}vqo)yj|CzhgtFQ@*D(_xZX%($j><&o{wNgJtk|nRT*b4Vz{M;Ym`iwwXlINam
zY?D!Y&J3Cqlo!q6#=!1oFJ@U_m&rYRgR0EQ!iEeK<*!I3zM1ccA@jMZNQ2ImHBe%i
zN*?ztS2sRi!<@vV@J%RdMA(667GC1_y<SS`Ni3LE&UMxLN!uc4dl=Ly@X~8(VUo(~
zb<|SwaH*9j*0ItRr80jKdFzCrnk|VvT8eQ6eg}0X=19e*Q+BqGkB4$0_4@>}xfSD4
zbNhacg<PSESe9R%U^Lx4Z6=m%c{M){|G+>Qtjbf|@2c)jk;Mr7Y(;S*Bc@+x55Gn|
z;y^8=ivL(c%bDX54x^=kWq?Gv%mfRe6%ELX??HH&%tOl1JJ$=e{#{;SuiaBsn{__T
zj!U;E`UOnc^a4ZXvR4fvQN2yqjZC}hHusDgJMokpX_f#K))+{tXjJgoxr1q9C>Xv?
zpi_8&JG4TcHC$7P`N~_w#Ne@i7XGv@Q_1GXo2bTkH8ZKAERD6Eg7o#{WXO%hbU0Mw
zywlMxYr^&B`_!I;?59ru9cG;5-itqcbCluwFr=gI)27wIPlI753qoZ=hzv@IpkNt`
zY3JiG<dZohPAB*Pn6V6q)<3!Qx?kNKZe%UzU3|h9XI9@lDHO(~mK5>a|IOT<OvCe$
zY(GC9No&WJId;;m&#;C9bX;0_jd(L@kCQWc5=tM8et?tL!aKl5C9fO!<zT{D{w%6H
z`mFi0LS#uZ!sP(}5+%{>h=r{myf9EO;A<`sOgIu^0p}w&tzqwQg>Hg)m(lHT_I)Yz
zOrH4*!`SmEpTlc9>(mY-^ZgZ&wd^+GIddws!l#~2TN#ZI>Jl{3U=zcRZVE2p;D&_H
z5E8y9V<vTbNb_l4L(riFS~$i2s3bWI(BcWwVH194-dC5DF{>ijH^Z+nj=Z=wvvx+R
z^q8uXYD;)iBA;coEO}|4U?@lI(t;>zXSfV>q$qlh?zbuDJLY(?_)A&q6bjkPhw0T|
zvuF|(ITDMGi(_r?ZDE_-eeONMy_lZoYGzxAJ+8C#-j*p@+Z6H81RcYm%<q3sM9g5>
zok?X29H3Qdi4V_s$BOb1<vL6_ppQK{ASM-$KKPq?->O>2$(1o=x6#OtN630~Z<>S5
zH+tgtOkjAHxy`?>s~zVQ9Xu@eEW26Um1oFH9Jd~|n-KBN;nr!p--u_V&GrxlT7FYE
z9f+A5N-@dwtKfQ4b*6Lf?x^}L>oU|)-)FeQ>hoQ<pS(~fCnViLE1pwMil};i=qN_Z
zom*}bd*~-gFD*Rlr)TL0UC`bM+xq#9&<;<A|KcD-&BmhF2U21VM(tB^8LJTLc6Zu{
z^c?=GFNL<xxKK-U`k&s8*<cg#Y23do)}CiRI%X@#NMy8Y#P3oXadr#P)GF=C4@`8?
z{Q6xfW>rhp$NE%ig_W?xDCJk9#=Z-7bA`RO>cB9_4t}?xt#}DI9RV15b{{)WokN14
z+?%ks5|19L?CtkGkSfOV6%8mLtdh4DWcgJ)`w-JM``5N(5lbtcswle7w`aORwWtMc
z)uSo}<eVydiHD|nh!N_35WxbiVFW|?o|QXjP%=ddM~d^Fdk3A!TtkjkpgVc^IO^Wz
zEn1gXKAu2ITP`s|a+fLWjjiQ5c2A+pSiqM*(9q*F`A?0ctG9$*Vfw~y>c|8<lGF}I
z89Xx?A^G)Gm-R&V&m*_4&j!iHal<%!!eaw1M?cfUM<sN)9iUNJD@g1uPL+5FW$KRw
zoh#)ZgsJ^(#D*Y&b56cc3RjnZz~*(U@Pf;ybM}0A=HeQDf(eqHw;t3cYPt5;J4FC~
zwt}JZQN+^3K}Y<%WIOJ$f4JPhC&%sC6)F+W+@i^6ug*l+kYrp_l_QwFwM$=W33d?@
zcN7j4F8viA8}zlY6E2Ot1-5w;Y5llU$X{DM?X1hW;!?tINDCXOsiB+R8nq?qH8N()
zVs{H(mA*_|pSa4wWgAEj!d}_b%Xy-xMMOg_P_`fP4*AuOdYe`%mU~a&{V$(EwK+t^
z84}nC7pYA{voqN44PX9?#83$I(^l1-$4s;Plc<E#0ax4Bwsq_bi%-_?TJ$1oh<Uhx
zKrt$XzP9F~4EgIJJI%LZk$Xm?U*-C57lN#VTaDsL#V_tMt;vV=``O&k7-I4`_8djo
zJx-~R+a-o84T)UmstF`lW9j>7y7O9&{g~l}C#hol0A+3C7tIfgjR3{LPBb_vD!Hzv
zb#E<V%yr(@>#2;^&*N*tE=5DlU2-vBUi==#e_$qFY$-GOLD$SW;$!=1d#|L5y7O|r
z+*t1iZRT^nXi?bJ?s0*|;<G<qRunh*&fsK!3qFOcQ40ZfFnErR48*9;kcrWbndjgG
z7`!J8+w7VWRB<ItfK{&YtAxf&_GWS*ge8RT7(}Z|WVm7(e2COx)?{4CrO6@-Uye};
zJnA~S8oiO>4@-OyOcVVm$J7l&hmh6uE`y@!DEO^I$Ub>}s|H(OnBKK${ttAk3pFO8
z>dU8=q>?}pX?1uD_KsxDsTe}XOX)I<raAJq(RiMEMSzO!;j5QkO<f@}8ZV97_c_a!
zjvu=`r<D<{nRr=cf@j-(-=Eu0l*kQfdMt`-Hq_yIF<$A67g$f*U5W3M)^iE{<<=g7
z5BH`6u6wjtvtqR|LOqW)Kawl+%6AmMi&pN@6Pcica(}8$cPnkm+FF;(;mpS4dM(1?
zjz#f?d7>tlwXuB1hou_4HCvsIDfW3yViBTFpzJJ`5!u>sAqW3A<wh+0{CwGJ#Ypkd
z6UX;~vIkuAitSl#kiifmIDXqJ#(PqF<ngda&Y{+d7W3GOiO-DFBhOf`MX=V8N%p4@
zIha=~c30?rw|Vd=+&HE>Ic+B8wpRNIx}fZ^s9yCi=HvM2sQg=SaLov2Z4>Wim|sC-
zn^?%Ac##-yaMj28fVJYfFSFR0b`1&~H><Lm=3|<d1){^HKH2&ZB%ih|*V%f_l1ySH
zptY+`YjG$(9EH^;xhLlj1h0t|=A$u(_X#n*_Ei=I(pVAN!)uH;s>uo<<iuIFxb}s!
zKtkQ%JAdnu{ut>DAN^R%?O!YN#imL12fQX!ub6ufWN-Aswsql@zvo@^p0@YD(i#(~
zB3yCb2K8t|Tw7b8<K0Gi1{^Vyk)f*A?%J72e?BkHBo8bl4;%ws5oo{o2J4D%ybw$}
zV7om+_xDEUkmfoUMu06Sp{(*s2tCF_yWGE0=U_Vsb*y+i`>hk+@}zx~P<MbQQK+g?
z?2ehkH?(`I@tLlH{HeK7mojdAg5eu`<rv!gQye-2uD}H_TfX)QD9pZ}D{*1inkDHR
zE5ZgOA&w~QklP>e4kHK48CwrW$pub3+&mSmPg!tZ7&1x4*7%{7ZT$jt4+-)YbqDQ^
z<bF$0BZa(8#k@3=hk=RRY)+kf$}!h?^oO=gzOX*26}1qm=pi>s>)~n)rg3&t3^Tj-
zcW026OwUZFHkc<9e+6>s%ybFw?5~agLTov={Zc43EV_&d70J_NIP3VaX+}f6jAH}r
zd|B!&1?P9VvNco2xLuyQY4n|;vhB>T*btl7Ae4L3@BLFzX8Iyya@O#dKrV6G$GNK|
zBB0cd3BSG2rt@i&=o_U+U)RMW|EzGt<(#7A1oHA~-6%f(BN<;gMTY_A2ZTPk{2LVt
z-uPfr)dJDMp%mp~WX6b+Gy@f)!S}~uMbsz!)f-kZ42kSn=!tv^EvqJ;Kv^`+RYuSk
z?Y2RXSaV9^8vG$BnLNkh#I~t<`7~h$BXuhw>YE&&ZI?yuXc^rK!8$WX9-gQ@m*4Nd
z`MhSk+TRK_edQ2(R;#u&TpA(fJHgX-4&(9e*&41~q_jYi!;DXzOJz+27O&Wj1IJg=
zFrPdWMi5cTJ)t-kO@^h&obU=Glo#kD4|yRL`f$gJy;&=digyl)_pUa-YT!e`-~Nul
z7soB(OuPAGcqaC;PFo651ykJ?jrcZ#YH#ikj*`W|pNgaUn$lwV{!@pVECQ!u%o(;&
z*Ncm$R~{OXn?<6RGq|Z#h6waVLA-%3jCb9RtnuCz#E8`HI!HEST#TPGQUop`(7=-W
zuY`v`g;vWWW=;^olU&5D8wMeeW!k9N@DRYV($L(f=7p`0!ZCNXbW?fVrzy|$Yr?1n
zX3tJ8@h5sY6@q0N=N&jJEICCpEOv}?i18Y<U4nbRS+*=hD5hE@d3CvQn=rgQb}Y96
zZ-r;;lpWRDuG?<pm2XP)7fOEYhJR|6Sd*S{Gn10;jGn0Krnc(mU7#pQ^ENtu#;13)
zcdy&$y}cfFzNBDQ<Z4K0*g_<gAYt(;Zp`4{5eIFMrikdRIuWD=eoK|gDam90Z4#PF
z;@QWy&cOpmIOQMB?chY**z`gKm&gBV*B@~AyBSMkXLF@Zqg+X`BE2#cy5y~mmt3q!
z(26N898cip<bkt~-G~aTQ+Th^>Af51?<mXdf*x_21ZSKYhS~iVB8SvdpOqbz>vM97
zFGruaGoIrsROaXhj<V(R0OrkIW!GttD}a~qRj<5gjXDyqDyfsQ(I{AKYasnQS#dC(
zne@gAK6Y0U@rR)0)(32nup#-JHguWMA2qO7n4$&7x|Fx}Mj@o1Hgplat15o*OaefX
zf_+ofk1{1aA-=(-j}9vbMGp#KxF~|#>Ytil<j!sAjlA_G#q`@}U8#$Lf;!uUJMn*%
z#Ksa$w+sw<M$-oEwTgr-ieHw<&YvEap~LI*91^}h*}@!bt33J@;n^V(DepIS$Y(Ky
zak{VxH21|&HB7U<{#D>RmU3=S8crx(FpnlGs0+-+KDS{jNL1meHJo%hN~y+7{lUG+
zWq--A|5a#hmG)OJhx)B5Q~ov7+$W8q9zV9wL(<CM`=Y#8E*J2$@I^azB@>e>{gfXN
zsMHwR?=zI^a$(T-3hPt@8P;54iCa^r1mvjMTN_N_xO79)vu(ChUAKuCmCK1Wg}*sa
z2I{AIQCn6GJ6#mu05QIPt*Cnsmt|IBw6{uzQdwl(lR*E;sx!65aMj4Z<XvP{F2#q8
z)QP_Bu=K%XOigf`g#Kj*sUVm2%!>cVupooFW*t_Cnnc<YY*iY!8_!QRgPaN*uf8CA
zIl_gmSGKmOr0OJFI6|^@p6*koYXC>&Z@OVLslpL6rhQbk;QJ+})$v66ztQ4q(J39m
zEf>13IZr+BKt9kBS$&83HI3O1J{J<s?Nwe+;PHBcL0f$j(za*r{dr$F>=|~9lTRIa
zP?P<&Zbt+*tNyRdrvmfILFkUFlQBCvBws0z3%n&rcjL{qBVR;rp>3F>R?9p$GZnFB
zVKt+O#~ys^4P_*><n~hIx0YYY77;s2W3$~VeP~bBQ%)U{8m|VcFSH|01B8`{)LbK?
z;$yVVeCgYRx$ROKB#T;@PSsBFyv9g+%F@Y%(eUO8bt9#x6pwFx9==}r!-JMsOw#%d
zSg-@pCM)jN<EN-SDw4=R+>Y4WyY%>{;2%F1Jhq>kI$rz1$8&z)E(Z90Ci@mm;S~&@
zptZC<@0GU>!C{Qss@kae2!*OE#&Gh;MQ*djkeh0f@~UYGBDEX{obRw{+E68lbd`rg
zsXsV%mRP1`id1{VC%pK4ThG_O_<(bK-<AwyFJxJ%ar$;2P%-1ZFeof}t>Dy+D3BK8
zd*ysVi++=}U34GcZN1M~-R&e=E&E{fJm@uL(D_lkeWnW4luQ!+i}L6#tFH+b;Pnk3
zC9XF6>D2L@U+Hqi6Ez}#`;?xnr?AS+Py(@@Ci9qWXKDsO8m;fHMg0J{`*x46JWbgi
zIbt*1iR7m{mAR|GEBN1ag6IEMmIm~nJPxzXU6~K~78u!?ltvsT$4DPcJbmCjxnYFk
zg?%dX|BKPf(C*+^HMy<mMOzQGdL^};C$Q0=Qa<&z>hht;&WJo9j_60tbU!%M2VdUV
zLU-UI<j_y|RO**vSv-)9sRR{=XWu_htrSRK6FM@ZZdF>*@{WBp0+DTA0&m@WmazqO
zcIW+IB@Fc+NFNM)^R?l1Jw~ZS3a`wn+!`3zygv;eqvUM<DClFD{$vs*FZF^G9q>|S
zI3zHhy<A{EqY_*2h#$jzC02OoSSh<i-wHjpk?((?m;ae~eRuZ$X^s}yh}R}CPfgoK
zm%=wW6}><Pv>vmORw&h+H)GAp>Dk^vRX`O+w4yB=DS<no*6xg$`u(#3q%h>i!^^T>
zTH_Mf&*Fq?u}t(s8I4kG{yMu>S`dwjtZLrdzZ?&NzKi#L4^_7uaDVBJk2WvsXfD=n
zNN^r`^-DCT8&7t!*wqF0giQiza+%p3jt)AjRmK<2o7{@ax%tK3Jl_u)yb&(0kuQLM
z=+iO1xg+xWDjuia(_gb6Hq+j?20raFso;X3MV!81crT@C9}Tw88vkk!nW^6fi|!F%
z!SO6jY|Yt$vBXf!3A$Vez~)Y3sJdwt6vvP&)h$pTv~UgIn!+2D;D#0YV{O(6u#CS-
zR4f-isXjIRB~6iU$Xs(}rG_dio<>jPM<$y#Uv}=IenTy&|1gRu$nTslc|izY)&geB
zYuzSZ$sW{j({rta2hhi?M#7>aeNIFNfYKN=o+sjnCC`mVLw?wBBwTc|x^e7cBI4Z`
zEB8QK$eOA=UFi_7NY-Qrpq*&2WoDfZOP%&FxRZWBVIX#3iM)-gi)UHd$*?IqIboTS
zDwCukwZfL6#>B%YMSF3H6gX%;8h<3~6)d3rn5W$MU;tIWP`O-W3qDd=c1;&7Ydv3u
zGHAUdjh19x7I~UwgeH*aEYh<XkAX@Rj2aHxt<AOC3BYqZ3y#+4`yn!5rt`o*BK;@!
zKVrOpV2;Sn&=Qu1=f6<h|F-4W{~N|*<>dH3gKz&g#$#ss|Fz||D5D?p{Dc2la?TQN
zr1*#f0O84A24^=?VjU6_|01G5|HglFIz(IefzYrYBOE6meka>aK%ItV_MMLBhUbpl
zXP=zdM4g#9y=_DbIAuYS*$*NRK}r9D=KOSQ0R;t(e<wURaREBUHQ*B=(f-GP0)ai5
z(48L$x*`Mg4>aY#JVp+if4<z_87Ke-OrRivh*45d&_6COZ?MN-B8f}@W*?#j%p4BD
z5(k|I1yf2gKZOP1W-nsY{JKKpk2?+qkdz4Dde=dWa|_AeRe%P~LlETd*Jk7vBBlcf
zlc6IDzkd}%v^0|bxcUhL?)eYn325_z$5BFQ=6C_@IMz}00r&p-o%*i+dch!E$m*+v
zrl9{Y9;tZiNNy|fJi!%$U>_jOAMRfrrn^2h4~i=TI-r5GS3w6Z?*dZz1H|eRWE1Rz
z7Z)G_c(``;tMFqDB=yA-&QmC=zy;rf6XyV2?$I&$S4XA*)}efm0D`NZphDU_acQ36
zSl~d=x*>qCJR->7(F-sl>_ERW4*^Ac_Qo)OsLdlR(cK!hG-WlhRVor49Rujbe_-e}
zX_pck-RZKsm!JJ2O2Cu!<D2es51RX3kL;3X%O45Z-c3HOeO?dxr^sDy8W=nR08T1A
zGBO-Y9|%Z8T10uN=!&nwy>vr;poua-KD`cg23s|f=mp(-Vwfb1=z$u9gA^#_F$nnj
z=DwZ5fPn_D4HBLMXr+PS3Et%b(-<bdW_~!mQnn)X3LzKrA`9HCT<_SaVSB6*qtJDK
z2Yh$y<)t@A9D^Zr^GAJWD=P@R0X|*@^#MKL*x&#d0|LW+A^%>#=DDEW?-=5j+}|$2
zyr@LCX1^yHKdlUFdO&x-tPlx$`Mu7F7|TOITE9shr3Gt=(C-1Ce$t<AW8boSJ?$So
zB40aTW$x{*A97CL)8B*^;WV2=&-4J&-|{TOfOUx|1mtf7)__mODz-^P;Mv=brV9(W
z5x7S%nAqe85emrvV(XlObKwDXU3b;CZQHBuSKGF2+qP}nwr$(1wzdC#F3#1S$whLT
z%w#5cUI-=#IJAdBZ$p}vL5d0E{feK;eGM>Fb@U@K@)bjVt+jzGkx{<saYgs#&!+$9
zmlI9vQ(}zv`RS-*28nF`JYgZKrvwTV67-e;V{$|W2?G8hj3&C)=kH5_1%f7wH<yM2
z8e&4!j{_upb*dT=0U;{=XOj!qDDo>2|5?Dlh!8Tce$fI?@A+-{xwgQZhJ+x?$OQ<M
z5NBJGX!fd2v3NYz!6DJowv3Wzxs3TQXe-Hm;kEp6QXbnz!{1cd#U5Y&{NlBAX7-P8
z`~9qsJNfLMe}`=mVoh~?jT|KMTL^osyT#M5b`=*5Lu!~_N1F^n^-0Y_pu3~JDb0}n
ziAKFd+;wl!b=<gUFraS$wFgi3Dbk<Q7owQNXujDW&T4R?E%=<FrAjQ9N7u*|y+9D9
zcQ`zdFoULpf<5b{L6_M0c5?FZ;M>U<9Ft??sRGaxm1CKIv97~FD0*R;D?PAc^VPSb
z_V1zQl~L@OQo6((W{$bk<Nz_TIFY(A{pkdm%*cT_K44m}pxnvACV8HrD+&_Q_F23V
z`1Xd%wV#CDF&D%txfHS|^fA1XwEdTA=iw)L>3OM8ZTY=9sNA_`KMp?}O(HN`|9ZFD
zuM62`c+hRp{aLUHhqn{eJ`(e~F=0Eyd}lzz{;j58qVR|{q*0^U2;{TCr7ko<F;;h(
z8VMU$UT#aZ>&nHflQ*frx4F>|pQC&SEYDAFyvsB(Qr8(((rwUCY~xf=>VwNNPxX<F
zAlYNgbEI0YZ@ZQMmC#7XN${)RkNqxU+~RB1{tKlMXxVa5xQ{VKW3``FM-Zoyj+tk9
z0!|bVte_|)J>S;IWC(KU1>IT$0maGo^Jv8&l-yt?0cX((c0u;<KCt5B%s(P{*Df~0
zP+6=5>z36T4Tx^ENrayxjpx1R(Mb>2q(`hwHePp=5s_U<`m9aoq{&$%+9qq{S6J*C
z3C#yv=l4Icg?6lBLK|zYAwA~h*)a>J?6>hpPgU2}O0LFO$C~5GHqS_}@-mg(1^Vb*
z0IqFU!aM$so;(SYb!g<7cr8cs5ufl1^eJdHp9Gjg6gC}=^k_*LhsQGivX6jESTT#q
zM9Yz@xC~Mg8Ce=v&p?Hb<^(-{mdwV2d)gKP8BI96VRUa?5h1&)hP>VevDQx9sGrB1
zW&g62X(N{(;!GAendOyX3GaoDE^)bCkLQKET>&$**Dyy(*kkGS(j)n8$t{6R0g=!E
z>BBz~`}@txu1h=}2{?+tj^(d^^#3Z}#}4*GGf?1>TG09G42ge)jbLm;Wx~~OdDrn%
z3)m7kwU%g&kB;hrV;X%+pQ-eBL)E2$J3r}Bm7C{X)}DFKR{`p;6o+cG<fI}l;(x<y
zN_Dp$H9mb+J$4wV5Kes3?}EQZA+^VM{g8Yf$Ob9?Q@6?34a`pKLo81j4sl;lD(=6r
z&%UFf&cS?y8vWP1>vD4(pbQ_JDExM~W8v|aI7Pg4?(lq&r|}ZF8iVu%DS57A3b_ei
z_(u2@7Qzgv&^9*DX&US5`z!Y3ko7Y|+@chVp3`u87Kb&ypY!$TM=-K=3{t@z>QWdm
z_6edV_#$RwW=AsqsKjQDN;%eZ8`<rFN9`toRPGEreF{w;^^YZuX?9wiK?~orfq1nX
zmlp03q23+lzi4!zk5pl2vFEh2DP67J@CagYn%PPv&?x7baO(#JP~`6_iZYg+eNF#G
zLg3V^q{3TzG%kqZ%=yNPA!{9^8=;5Y8b~{x`=l)X`&~p5$2Bn59`R&izG0gDW7&hU
z2xN@ZVf2(#2vKJfxAX?IY`xy3>XNalEd`<M%6zih{Z}y;Db^FG77S+UXi48YauOzL
z+ej9PO{1#;KVR8$So9@LXU*9LJTF7MdXTgxf}KO}X<aC6z3*Oq*H`(9;8?m4L0iLj
zQP8&*MS;dMBh-U9D+F5%gYWiz6`?#)B`>Do=|ao(KU?uQGl<k6V3};C<!E`aPBVJu
z80l?)lKHiex=8aZWR;2cS28hRnCb5+X{}Simw79G;?w2PFq!xA#D1@v7H8HGyh8Ta
z?-tCY*QyG77+g&wh}$|hA>1}7WXJ$1w~}@ZrFL%Z$PV{c6c){juvnf;5%n+#YqvKl
zv~WEpz8&iF9MK${iWpca7Te7=2@R*d47}%pB_3wO*&?;0Wo{ptu)|Q`-I^JPDpLtA
zM<cMW;3!orALf4AGt=CN5Kk&q%e<_bnoj)UWxmNo$teP<Tf8ajC_d^Q6tOn(Y`;UP
zaW=0*_D%Dj!wdqbgz-P%C`ZnGRq-r!1f_S!nc`-#U;LGpoJ75_2Rb8TQUZ5R$*;V&
zr%p%{yBc!~_^fC(%J{}*(h5AlC^imMf8Tpy7`^=A+xJSDSBEjh<Igh$ShVHkFjL})
zMyyne`1T`SUVAt?HM5*9r($X#BC6G9DyBP*=5pg~_@SmYd55v(pqVm@ifW%Ihm-69
zoh)Z%Si(27zy9<6RHdF=iFJ$T4qOuYH`i|N8sr-xwWk1GLoCy}o!a~tre%J5CA@kg
zYJMoMISiH+$D?~39?<}RpmJ^NJzWTvm``6^4X2`E*`=3y=@4vJd!3Dnk(aPO@i<K0
zlCT_nl}C4QS4#Z^B$7UJU0R5JBV@REK{n=;?B)eK)`IZTo#01_aSGq;J{C{w%yuU<
z+DpPG3}ke0K)~GLcFMUeJX49<+h!_2P#S&X0K*r*CUegd)nA3z^GR)H+K0&5W4m5=
zri?@-C{06{7OT|!=dV$$%z-G~ULsalquf#H$XWaCsD;QWxtM(ACHg%JB#mB>bnFMk
zIA%l0bukZ>t_Tg<(D_0tyTVGzn&5#=|5=CwRgj6qCkOPDV_*p3c1SSfs1OSsH$Y#b
z1f}NI^$9eWi`y{4Jy9^bCk_NqYa9;ipNB4e=D}Idu_9nX|CmI4KBJTq^uU!ep+xEj
zJE0`MGe)I_cVK+BNrziA87_^{iouZW+_ByW^IKsPKh@_Vch@n=1rip*j&NDK!J%@y
zfH(Io3xcydY_+Ab%B}RJwwuEIV0zP-mZ}Inva}O~`aE&mP2!1<lW4Xze9MBZrT4*2
zVaLnlqaM4Kgk?6lsHin~ly`1>Y2g+--9zq-SOSMtq;(N{%!HGQ_C4NfB-v|;roVmr
z5reqbI*4IRMe4-j(R64MrsX~<Hk$S-M{ZX`Ls(>-thK%!z0t47iDo73xXCTB%UQ_i
z85>^lJ9#NfPP$k<l7g+C2*-{OrtP@z@A;oBU-`a4!$PjwZJL7lre-zmliVw}rPx;B
zO_jT#yimCl-KPlaA`lO;=txXEpRHpG`*wIzZ;k7GhrFxc^X_HmCVk8Hj5(w@Vwt8&
zrq}mMZZxWX!k8z6BVl$gJ4XLOIQ8oj5}`ctA5@^g{O&`sGU`mDOr4FUA&)(lbssp_
z&}f{i*Oa`-Zfm;4<e;t<np>s{=ogfo<F4zid%Oo-vnID<^J{6%)VB<QinL1iMN_@?
ziYg;`Z?pH(`E2rs6yDl9VbW$weOc;3n><9D#&MLcPK{Q=l8X8dV44kPfO4ZF_LIHB
z&=uQ|OF(llC6ht8ca#9md+M1$%%PeBf3G?_W)3uLbR16Fmf14hg!ov>{v;g#KES8r
z&m~Ig-7-MXj_XhQckZYj&^KvL)?43BB~cklN(%>Yc^x!XAPlj{9+MtMJWpG2aW!=V
zUX-tICW&yEBE&?2fU~t6RPLrZ((o?o#Mo)cewX1wT<Y519=b8|AYA&4xTUG*f_{mt
zStly{r{j?l?}j%%!~Kyh4sTG%x*>~fwkO_Q*opbVjziYYD)XoFcBFYScu-aW_P;6k
zy}NzNh6b^fsrcH&m!?S>ZXf+NhG{x);!rzW{U0){Y)bRpc1%~|)_(`m@}g1K2$kS+
zqtnHS8^!Gg&&wDecqn}ZZrl8ZzN;m|sv7a4J*<+u=ez~!Y-5@Q4l~+KB9g5YC;i>!
zEX7_GJvLOzYl(AzyRZ7W`zdm;*U8!rQRPKRTe8b8$40kx?Y`F=y39KG_`6t5#NV7)
z!pu|MvnAt$vf*mp+F*W@l;p<d__K|OsiuI5Y=Wzyoh}zBz@#4TUS;h@xt>SpIvEaY
zaYBd3u@7-wqrb-bp=<@?vKJ~@n|4u{mdAuT8A2lBup~LI?MgD4yM1eXI_vL(2t_p7
zz`BTona?%wES|grcWHe$r|R9=thFk-^i$=+%2e#eDqhLQ`|%z&)!eu-_z#tRSclo2
zuhb{0Yh`MH+($UN9%+a~(`TYeRxeDkg;aavy61m_$FLV4hL=wh3srrZTb0-7%22m;
z!8}CqOX`O<9yJa(;tZ>7oL)RO=U5bh>ZbN7z?0oq3Nr7BVLfYuTa7pg&N<DdI=`XZ
z)x-HNSkiW~mhshc4@WU1LU{OIuzQ{d{C=(72K-!;1U56|WYP|S`aBO7jmxjNZ`9r7
z6;;A-`Z)w&QoO)9ezv~~z>59=|6szjInneEu0?TPiWU#7xAnXW!syGxH5t~=<7!<0
zm+_8Y#?s&_{8s3v7^L-PR;@LSgq9b`(f?|&8v`}%ct%TS*0IzHY-d@bDy+q_=~aa8
zqhjjTCK$#rj^N_2Bs~^uQYve}Lm#_q5iPn2Hx+}o+D!Yt@x9uk7pG&uX(_kaWY69}
zl#qAZ#oNv|X#3MK*TEu`nkO3?aToCcX&LihNri`Q&u7e4u1!N2oEPtRQ%;huyJ~&&
z;aXZ6uCIVKanoj^o<znMt%%C8j>wvXUm2b}Imu1xa^ijQmKw3H+JBdowM-q<cSp(i
zYEs(;$I@2oyQ8A@F(;=%snWdFi2uT&ffAq9;9OINZ7!hKbizMMYz}F<0L#2klRS=e
z4@q0zBc4LS-#}2IT7v-T>tMB+K(b_MPeNs56F~P9qE6`+A*|o{vi<~?!{ld!cKhnY
z<Cb}V9d+F<dx`XrUV$08f=;{N%)sZP2K|1eQ?!ij-qO6m0ygg%dVU}e+N3!Ah}YX2
z3+j^hFKUj)qN1S&YP%B>2De?}L7^0zSQN*!gTdAbiZQGy{oT(=OoXea3R@++Bk0i5
zNV``7|6LWPqeypPxv)6L4a9i<rS;fPIFQc|TJ2tH)w|CeF5s_RuP|-(_JU^T0aSz{
zE1_xO^_3cPA_yw2nf4~+AKWK^7T^k%_$xzQ+tBJuE}$vPq?%XV*_XW|q0P5D&F7_7
z_MyzK5}nK&r}QV&LH1;GOy-yMTNhMY>uh6T6zxd@e&!x1DM(@my2Z4T^%8Alp{s0d
z3!#(RMS(WU>dWD44<WZu0y>{BJ5ET(9`1Pf>8WB+YZXA>q=&OVhGLZ$6`InWWtww0
z6xofY%V7{RM)&Ib-U1&4k-f=tv2Uibh<Vp?@Nqs^$>+<zaF06Dq(<76EO<#(<_2Q{
zf{wG~(%)8r5IFt;Bm~=BQ5Ux&RAlZ^HW#IuxEk(nEZA?gg`WYhk5z;s&K@56cfugq
zi|}Q&Ki}nCc)cJE5{m{8@<UwIgZB6Qd^-b`*3eZbf9!$6Pe3*1Vjd~OiHC=Qem%<Y
z(Fz!8X6u~YGA9wa$M#WE<}7b@w|y`Ft-pgT<XiM5>d|7;!yKPE&X{^kLqSNntLVYV
z=lD}tew;=CA|N(4>Mg7+5+g(nZ*%tL0~r=orZqrQyOGS`EdUC#fd621ozA78btS$S
zA<sdq3EVBlWrg$zrv@dPHF9?>p(TPV&a=!IfE9K<PdOo-o7R+Il;={8(EaBhe(b+O
z^DjoUf_XH1U)1jxF%H*rqe#|=*`&rw>Gjspv>0;!k1srkhGE7u<45A_hPo0K7sChQ
z+nB|thwaKo=;p9I0Y>w>*?+{a4SO*}*(X-AauzZ`H6?A&5A0qDeXuxpJxs@ZCVr50
z-L9OGW)ZaWe-fT6{e`ETOVk)JyH;r7+WuzKY0s}*koe)^riJ07+fXL^)6Us2J9%VY
zS|HgABhF1UK1Vs5T*Q50T107jS6}UX9`BCv>Kx`2gpGH%G9(iXv)F9&dRg+qGiTj?
zWAw)L(pxtsD#0^D+m`S1_i$&j#}ssG5xma-E41;b5O~zMzm`4ZfB%F<yhjv<ABrLS
zNr5Dz%gH9?X|R7;d5JRYu{YY2cEZM<r1OrGxKNgp3@UkP@1F{Kw6L{AcYe?cy=Lx+
z#%!NC#rPwvqw-f9Kz2?s2Jtbj@taYqR))>dyZYc)yXBL9s$^9C)D#Fq@ma71OvSRN
z*1v|M!!{Ky+xf-4AL-<6eT0p+vYPVcc5c(9c5?2}J&@TX&>2}o=ar)dUim6Jk*2OK
zDSZiBKm%M}C5EnwDy;D-@YGRAbGTtfDEBF?S3vV9yN9Qd@5q_~CzNFkz%K2A8x{YK
zT3X-WcZ61&S%8`kgQSm_zNdM56oGY}HPfr({aFCb>wq<ZyMg^c-6gG|d*L?buADn@
z7~35VFRUM<P7OQO*B9LHqCXJC*8>|MDZ)4;o>^{3s}daC5iLZWo1C)i^q#`$BMP=Q
zH)J@jB0g_$klQc3vR*E+AIH1!73eI%(2?^VnFat<$1C-<6JB)<7pPKhMnyFLXh+|_
z<EN|e29sly)NiKP^3z;v>Fsr+<;ap{`JQls{n=gP-QDkbh5M(jR(96Bd(rn1&y?LP
zBXK{x6}p-5a|~C%DT7%Gp*)x5cOL-hyMEw(HkJihtlEx1(-GeW-vOBuvNwVJmt0#D
z`L0RbtuJnJIMm{>heQMD24>GL{ufg|tZ0(Mt{AZ|#jf6$6HS)Bn#Y5*ukdcP#Aw-X
zXXu3e`3~uyG;BTd)waN>c@l^g-bq>Kf8y!I3i*XOxc6cI9H|F)fg{EQjNMJLrj>A%
z9}yAnw6@l8(*z~auEYs6iprfr@A7eIv1$c6THJQFU9r1Fte1A=^xZ!)5=y#)2kMde
zDJEs+D<PR9XBW}q*8+0BF{{LUO43~{7wN)>HFqihOkbtCte3~n{BNIs-qn3Xt@eq1
zj<e-2buVRmvvuD?X=qQ400Y%Pzy0DPnJH2>a$8|XlJ|vH3AnVHnKb7HaM^giD-R2`
zpS}PaF}fj8w6L;OB60J9?-NF2%#wEpAD?fGVH>^W)lZo)gY_px2eFWA&N0YbN9uyW
zNX2ir!>0FYi0FGONWIVGD^!^=M~MrS&bF1W(A=fuD+XjZv^qpl$h^(5W%~<@e@d#;
zp)6&5hPP~aBe8rGW~jzjFQ3GAL+-HSgfBmlE{~uj5l|&xImBHNG1yZoRvXCW#%5BH
z2NPflA;9pjt1C#myQ+iyXky6RcjB2T0JvWeL?w3V{Vj8HD~5Q7b*Ti;r|o<<uExMq
zx~wIq!+wlrZ`29Ty4dVw@JQjwi%E*!tX>0mMW%hi+6qadCI<B}eC`O|dm0v~-w7JS
zlcj;it!G2fPanMd+2;Do1)ha6Goa;CC50vV)zGpv7!3?Mlv_npKD^g2wv~5)Tmi~q
z)!65nt)kO}?|-ekF0mzK%v~4P*e=Diq)vKpzNal`HCcyCk8F$!1}A-o(#6W>nXEuL
zZz}PKh%r>p5{L5)Jj<g5pK4inkkDZ|N)x(QQTWp~@d+>HruY{;xt;MTemA|cG)6OR
zly*0fhT%K3sP(O(5R1$(?#X?$CK}DT(@H5lsXSF3n*@vtnA%)yAvy7}rqKsvZ;$x5
zgr45!V_z?M9xZ0`Yp`_!Xy=bPJ`t;s^!R$8yxVq8=pM}hEIM}sQ#wngTz%i#nSKq9
ztM4&>>z?8b%71=kF>E)SJ~OV)6Y(2L#&20gCC!@iR?){5mJj7hcRvd1PnLuy@_2`C
zvmL4EOHN?b??Owj@&>qTu&a$v;Z%bt-qg@+ADV9)Q-sXWn;Q(D5nd0ek!#a?k|I55
zR!u9pfry8#g}__{&1${5N9&Xd&#J+m%7;XTNU{Cs!_7y_#09AO6B|p!mdU$Y%3JOl
zti56J92prK&+au(lABYp&8d=03bMUb{1(O$E=@gaN^Hp9UtAtv`v=^6iSR0Hwx$Cw
zk~p7{!OnlAtN0B@Htz)`0!#!YTNlh!Z7%+{NS#{3Y1RKEW~bHCfvHUT!{MmWr0Ubo
zC1;~{VmTK4yy!2fOwpwcMDLQ7uMPdeXPwYDaA(SM?fU^)f7plrpD>Q?|A28E%>SRh
zF%vQ~vi#rCmCTG>Oq~CZ#z8ZPT39=qI1)05S{pc<08EVRj7^~V`JtVh9Zd{upxrmE
zJ&mGkXIgEx{&)0j-uV9SWYp5B<-g_i%FSm^&+RS;MTf_abaV!`)3WqQMe%q9+10i7
zGA|y`^wTt~G%uhMnfgIGTUr_*4O`84d|W6CM1mpZ#lu8`0fdkM(Vr}iw*Pl{T4;E1
zco<e#melfg|J>NZ_CN?=BJ^EHn9v!MP*GA-f|AhL6VsDb5&@2smz9+jpVdSYlvD*Y
zBp^}=1e6d3?ms@g2=SM+vb>nAhEM`PR&f_4j;s%9&)i6)=*ZUEz)F<Z#0tF51zH|4
zeU%e#{d0|&vA&g|`GY`V7V3vo?*z)(@g+PxJ+YfAuB$DhE~FqBBd(pSAd@^kKAS8q
zdy(hJgJG8IHxGnDvGsc%8#{i|mm0I+M|bqA`8&hy@wH{>Z}1;|Z((&HVunc9+8ki~
ziL+gFHGKi#{&%9C++P&W2t;RoZ%7K?MMP`~RQ*>3%~dfmfeCc};gZX{s{<?G`v6iq
zJ81hx62*o#w#H9{$??_2(Z}DY&;LL%Mv<R0Vk^t97+0xZ7;O$2Egw*+WGelyxQ(gt
zV;tZ&(hBIOhv5N8NlI<YZw>Tk;V2J}t);E${;N;wXKAz#-550~9!(*!`1=;<>p!!Q
znW3Gfg_&&e#Y0@GsBGyk+!sxavGM!u`8z_!uQUqM<L~21jCM9HU$}ER=8qX~`p?;C
zT*>RNJTdVL{_Yd4bT#0qnpPSxjZ3Qy*tVwa{f(-Ps7gZVpFPnF{9T&z`|^WB2HFQ^
z4A9VP;5dM5khFuUx<g^etpY2{$zu8v=^BLX=H79t3bN)hHn6mJj(N-vRoaIS6TmT_
z?sIFQ`JR_HL`CrD$;gf*ik;UQ@Sr2BVSTOI@l~VuwhEu`16CSqWm5p^is^Qn*j7hS
zEX**Rn(Zo2aiBdCOEr#VqP_hGDYhx0uI1gBRJ>XQm{|M?1;w3TC7jU+M&H4N>Ak57
z3dR7t9oR`U!cj+60prFEvEpk~YH_%wZ~5;vlt31?7-5s~4~9_wm)PHU+S9-Dh9AnC
zQjyrg4URB}tHH^7vKypk&(et_P93kW0+VJ1O|jN077DK1_eP+F8l?_h<oUU71G^pD
z+1J6=PX@HL_9(CXo_IWeVv-GU?y}?o!VRhd0u3}&8P6Uoni<lo1r}Z2mswo<Q!(pV
zt^98%tqekK^Es8wk;*&<{6NIHQ)-6vV>b|*D!f~{M#(zeUTJykE{;@cbPrT{vb`4<
z`k1p}6u&oV(e1O_L+i%S^#!20H6!fh)zPj&Be7#F1mQLF8zwoJt*>dJ(jhYMwq;)8
znF}!Ov{<Swl-7+dSZjh9X=>%NX9a9$R8syW=E@^4(-<m93wZzL_ZemV(hw{GH^$qt
zd~*<Jb)TRusGS{gZT?L77|pgVGhr|{Bj)r9{-`J8No*-)X^3!?7%)0EOHn276Wber
zZ<iC+UV#(nhl2AZL!Un3Db`nm(q1ihi6bJRccs9RRJ#^V^1FeNI}aXn6mUGkdu;=6
zKa5d)YntpXB1gk!)_4Z;{CDiqyXuK4$UR9hCwQ?^5)9j;E`IQ&-pcG<3?$$Rws|Hc
zvbkHFed=qtX(oSqR1IR`b@t?5S`FE9Q5UpOE@A=B?0;2?x?ALMb4=Nf^*$8Q0@m2t
zz-^{Q^(_0h-J->@DoL-Q9of~dz}!xJJLzj-Sq&x_RRhK=Xw&L8<Alme)o5g7p-$_&
zUPru4%6gM&Ga#cBi)ZVwspvE?2`8S*Wn>w4z!9BZk@fW?IP)^Nr3E~FU-${CSwy{A
z@A$_($jtR1InQf#0uShDQ+fy~8S1O}dfq!coxAFz=DzEcCtTM&t~t8XwA>|YC0dyl
z=`3nGB<3eLKzdE!3(%VAuWL-(fjNl`JM26%4tGNa2v<tuSVZ!;ZOBw(voRGOPG`3S
zV-IGNs0vI-vyk;gC$b0xNfvcjY+1)HREH+=+=Yxplzi_!9G3&1J;bh_yrGNAF=u?m
z-w>Fi9rrhhdrgjnhHKf->}hwbUU%=nak@*cfM=2~4`gSs_SG#o>lJRy$&^*LxSxwu
zHssySIO3Z}m8(??wlpM=j>T&0)9Km0vX0cCY`@-N<FNE2A-k5IWo}Nj+rETPt{4>+
zU94~Cc6&`vv+?Qcv=?Ah#I)6JDV}n6QC2xjV-37^E2DePEd>oo6fU>F>luiQQ?qD@
zv(y>rDr<hr({B8`1j>Bs@X2U(?VDS#^^@gj4IK;g20XZZ3x?K{`gUcq&>nQQU$EFV
zY1hGZBdgH3Ot=Oa?}|qM6Ra7sOJ6c|ot0HZ8SLT;w7Xr4QX#1;cSM=`@SobI2>FBO
z#SYCfh;)2Cx2pSl-yUKOIOL3s^^&BRzdfY@yco|e#>1doR#KxX*56_zO6g1bl=@hz
zfQRW@qp)hDG1lQ<(JMWmAH{8D77v_Lj4mRV*@KHBt2KTGDm*Fo5JG>Wbr+5rG6&rR
z>(ru8fvYcRl`o>+gljnYdVy*rf<YW|SNy@n9<TEaKVJP)pAVN(-WP3cc3`3XQ4<45
znN-EP)th@!Bvvu&QQy>(>8RO^E_h_&!e`l++@}u^1c4b}rzJTyS#Oc8D9qQ(<l25*
z1?7s0z%_ZYMmM(O@4<|lde`5Q<vd>`1L%GqsJK3|Z+RK8>}ArJ8QGT|oQ<7sZ16cM
zyn=N5tB%H^5R}fg9a!C}M=9#WgnLgjXDtpR05LKnWqS6^I6?k0$8DQ{!Z}@Awx_a_
zX&p?)(|YY(vXK33H5J;{SPlr5{Kw=jHo+_=;ch~j8zd!n|7S8NX>S7wV(3_o!Ah^~
zb}(6KL8Fq=undW;RON!jOfDinWz<&Xx_+_+-}kw_kz~ph671^yk~Ff^y|{-^UBwy+
z=i8F0{fLZvW$EI|<h&05+RSyxvIrs!W|S?6hCA}q`+E4JDO-MS)h+uTgq|^?4j6sr
zuge<$P-O5R60iUz&22Y$0LR0#j^^JQKwS*k&f9g~Gm|@*A_rTEAV8J)+0qdvJWtUC
zmuk`sw!NqacY4td&`&)jt5&q-%a9DRz&X)Vn;O?Uv>CnxQ^!r<dS#FU8cP(>gx%P9
zYRt4#nyFd{tqu75yl;8g|AQH2+GvQGMp`~w2I?@*N5_G>FJUArC}GSk(dv13Itk5e
zY+`qzVoe`huyS*;L9~PE=28AzetIyQ#k|%Q7zxAnfuflPpU<VqA0Nori6RV3U5;9E
z@uQD9A`v*1gC34Fg>q}Jv>egms$rgLrcyDI19o4}Z~Ts#M5udb_dKB^z?>gL@NQT(
zk)9}Nb$SU~f*BLs>oj`KSqT1X&+}~iPKSeammc~hE})q-d^i_TE4Ti4X_16MRnT|)
z_8?O9u^5M(ci7sc@Z#2%Z(g?m{t26E{~-&rtF}m{L}_CC^xpCaYcv@$%J0>T&~qMD
zG~}!Nwk%0EVQf%!^_e=?rduu4ku?7eHe=P>-N~3O0J2D~>#SzM_JJ355bOQt%o9li
zQ)i|1FQLAF1)@Zt>A&clq&+F5p=w0g=#e)Fq?nCB6=w0{nmG>-T&-w5`VHwC`tzU-
z`_8dLO|_rS5a;##q^r&j@5JH{@MO^2>BSBi6V^Xc7Zs0AB2?A7+#nPmf5bsm^8%DI
zet7s_WL$K9%>OE7seiiJYnQH(1}9ve*s8$_2VunYye6*Z_20l)mrAg5|H-?~a=?<&
z>N@}yHHyvZQ?XV1TDUbwKwI&+#jKU?FQ|{=Tp+$ffT|FlzXp!V%qpQw#;7k8Y6-!c
zWJNJfp9@W~@~a~A8eS)-p3m9g3ZwbkbKFq&Pn$k}xcXj?2E8sqa1FZTF#v?vG~@E?
zwvP8)JZY0;LP(n+=(jt|&pPx5Bv!3>gA2iRw973gmd==ux$0`T8h|;_OrS#GUvn%F
zOXE}IuD`HVrGtS|M%xa8a-fJe5J8{wZt5PLo{b^2U`E?u%FTG<qTtaU@HcI#zUv8?
zd%-&ZFtXdYTLHr8i`6P$RY?V!h~d?ZrErgvDOIX>1c_i0CV?i*Mt|;?MW7oS3Tmk;
zBqkdo0e~yEk$?Cgss1Q=k~X`e{0ku+HFw-~q#OF2;69>)29~qV%A_3b&N*%n`D7HZ
zE+j3$?S9AZv@opO$zLw)=`DtV3GlAO3$#XSq2-f5TFtUWHk5WrBG)))V1VSgDMM%C
zXK1(E!ChihG)qhX%)7iCz;{8J#TO=NwrE4ei^>$h@OR6V#?FXSyx6j+XB=m)I|uFA
zr98B*wAu$rk`BDZq5{QH|GVE426iv-dFOegyaw@$bK?T)3pX9RyyhbN_XauAs!`V8
z<$t1>b3L;A+n$JDvOm;4T<@)o|DV4)>MU!wDH6;0>(Jh!?o2l_fykkIq6I+6WUtNN
zdpdjIYBYOcEtTC?dS%emwD>ho+++m=eUhWCDf^Hy^@yUceUP7#&^kYY%*}8`mm`l&
z^90PcYtlw7u9k?mW~NIK&Ceo1FkOGm+a)h2q?2ISQclSBfQ-phi|YNMMb}-46f-Uw
zYh_*|`OkUW+>oa6enhjzo4ZF-%?g$vYmKwRg=cUqw|<%u9tDx$uHxn<8SotXN}eqo
z9l^CkG=NMJIP+#vf3Svm{1+_aYHXlgVo_KoUC00Akt25cf)8`Shwxqc?{By(O$*`q
z=CZDR_-i|(PCk{mv9Y5oi*NRtEvLlGC1r>&&I&iP#Sg5w1%CEEZ!*q$?hLswPsMnV
zRW}+DYicW@=a+=1JIoVp3o>rhb}|Vp+WK~mLt$0$s_xsN)j5h&e$=ap=SLg##Uyay
zNFM8$=2Hu3bXoRvbLJ%pu*9uD@~2263xRUayPkJ~z#ow&WoV;w@c2%;CqXjD5gh8N
zNC&PMmMJl)GOIAFLz>4mHyxk294j^!eDJ<a?Ef}UbXA?NK|QGXW)SfcXp5NPI|(Is
z+CwI$-NsvYc;hC<y12udbfO~;?_rhbj4xo0(4MPRA$KKF=Nl`=amejxux@R6L*?b$
zdGR$y7l>7?ZTlTaq2{#<{<m3ZwCK-k2?V?y>D#TdBUr85CvO>WZKEw%P{`xRsi0b{
z{DTWD;*iZYH*xwGlpF7|i%onc7>gSx1k_MvpV-2KoZ>-Te6(+?XeGnHfD`mHxo?$_
zQ`#lFXLUO?5{mRIQ6Caoff!~U88tWmK?ll?Xqbo`LC%ZGAFQyIOeW^<RY|^(yPTme
zuHriqH2o~xiT7b4K=BR=nHrtDIXhCCXJk`A;HQuilL$O}U>LI`N_34DTd-QFUX?tO
zn=4e2v7V)2!kq3TPq=5-S$8dzR)E8nMwZThO@n|ZDB+~koH`pEiscMZh%1L5V2-DI
zQ5G=tb1ng=T}!W;uyu3jZ+pG3DaMwt3(SBlZFE<;j|>t_c{t|raVp6)LU1Y1!gK=O
zZvw{|)8)h|ArP$6Mzw&}F`T>Ul3aOd<^M7)rhKeVOT#XSi{lP?`p?He7<DYojjQ6n
z-Kl;^DkXX31rv_Dccp;^8N?oB6`t_zjl~kM-E-mgo+c47CjToRT{OF^9xi7X&L2fq
zQydymtrm?Efxr{%p-=MaPL6@h&T1Oc4|2ra7^$)o0YUL7$CJ7)qao4pff1p$j^Cyg
zvBS;tl5WCag9b-wAtz$ic2{BTi6E_kL}bn`^=HvJIhQmVlbOHT5z_*@BaeuIQU%J>
zYVGn5DJrHW7FjLd?82f-eSun3mm~`0qr;$pC~wiIklC6@zmws9c+9c<ij$o8YS74@
z<YS?kRTGr<6Ne!bM*4>~R?=D;Odvs^iYR(|nm=Z8mbSa0ho};`xOcZUV?^+foz68_
zzD_X!Z2mBHIs9np5!koMdCvsvM}r{GAXIeA1_t-iOsNEdpB)STdCnYPQ`u?6?gN{|
zZszS+D*~XpkHXyt(&zMqwdRsRJuFV?c|SQdwK~g@(Tt0I_=1U;dxTl8&`Z;sNz3>+
zmGXarix30GsAv1~NZ@8^hJt>(jWBM8Z3Fou?I(%3aY6sEv!&Spw&o*+R6wts*d!Xm
z)lKNmu))><=LV(sYb=km<%A0H6u=<9&N3&!)g^}5BN*$6NAOH|c|E!<=n*2_SU~2U
zyu)Ea#<U`{lIpk07Ev!1G_7%hf`RV6+!75Txo|DDwj@ydN6Qcni)nUyo#=`jf_t`L
zn9OC>D9G=?#foxkb9l!tlap0*$wk9-(tN$DEGHw6@+8<uQi+vn*V_tRkj&WwM_##!
z4L+b-XAfFL%Q&kcxlpG+LVFHlN}>2%Rh8wA$SfuOvZivHS#Gh9zkQ*#C{q0CP5I{=
zj={#MR4kMBW|c-aH0Qv3B$MEqZisLZ+JZg%RB2s9y{*YDTjq7`ClQUbxy7&DSJkz!
zIoth3%GXfPAH9}A^sC@WmJ5t7U2H(Xv@g=y9(`|CJVQ_-kHMvq*qAS4JI`a;L+qvr
zCW)3{s_08Mx2+u5H3qK}nLNfp(Tv<g;H}bSr?13neW!E66ZhG6fWxDyk(EwTKhe2Y
z_s)v3%^mGZrDrnXNZ4VdHu$sO$AkH#BF0`+uHax4OX>jz_tf^NLUM)_%c>(Tp<~`W
zqpE>&`Qpo;vMxXPW;Rqju>?z8J}&>NhZW#OBB0OeGW1HK^{EqI?=c#p(mpFRHyA4P
zh?{90KK?gV59MqeG1LW3v}`r?p9bBt9k^{DIMYyIHL+Dyp21v^bo`J|)(c|VS{uux
ztkj09re$AAs`1UAcZiZHV{zgjFvdq7go8(hV2A1JB%LIXXcXQiYVQ;JxwB|6Xd>hL
z%+~^M_>pGjC$~9Vl*Ta8s;;&3!h(P)>}jNo!*F#!%!M7wbF?7DQEqWUypZ)7Eoflt
zb0sU&%I7+lywRPJhm3QM7L=BO6`J&C7d!Xt7w!{W8L!KV0N!_v)1G3wrW3ZRGM@cI
z&N0|k_BK<TqMH}4*UyzSjZXwfyHpD!H12LFMUvs2Dbu!Mc0{t!Q1w}AvEaX1Njb(p
zaVCbSA-e;iWdwN1m~3gvwKac78N|Z97-ixb9(p<M&h6-`X&#|u$aR>uw{wbH)>ZV1
z5F;fiwjC@b?+@S&2Yuei0e`NT|6q1V_a^Hc7{^LBy$K42y*@GE5Q~cgwRr6EJt*2N
z7ocQQU_hiw7%8I+i%t3zoby1#v7*vLsRoQaPXPhhwm+2^_&VZTVYqMSky%_+M30jG
z6ZU~Be7~}YQ5Esv!a-#z5mONK^i^6&nJMd4FvI_Zxdu|{URi$-(wjT~ApUIB|2ihh
zgZP&9#d{OHHON)W-I(Xcv>iK;3}enqmMso`#G#?Q+Ae9#F=x=-9P8wMg;<%`@7or$
zL*OYDMIen!u)+29Ar+s74sM|9-K}qcGIfYT-C4f)r&XUh<a{o=;^=EeyBFq6y8F$}
zsx_JJcFa-RR{Z6+@PvS-Hb6&&w>JD@ye}9nI53AR*R|qrlq)JL8AA%h-YNWItrk$#
z`T;7P%_rI5gT~Dpdr{Z`ytRE~ucGBf3%`)D&;MKsd0d<ywH29{SE1NFlT@;Gn9)PV
z*9oQ{5Q@o2T(;`99Mq8sMau9ahQ{-$x%x8S6g1RgKo&)iq{>t=r(^g;v7^GcA~M;l
zVd7Gc4mef+x6Fc#05d2mx0-3&t*3N~FJa?v1IHgKZv!Sg!F^QCPT2zx5i)|)ZekJz
zetvOXqKM|ih1Pg2F+vRq6&k3_7RJe0fj9-}JE;v!Kz*em<3h|uytWwQ(R_k-KYl8S
zCJo54?w8IJ$AUnzzBARpX#yA(YG<6@As{V1Fg3Ddc>H@mvy;~7(rq!usC4%opg>A3
z<X(H#%6v_P<z3tYzDnVaN`ahN_uBL@PJ|6qRXE^Vc7nmxA^?4j=Y!;vH_xXLuhq_U
zt$B2~ALN{7rYwU*7FJ%yc8gX-t8Zcquae2^Yv9iu4!zoXns+FZ{%~X{iwJK{tC%2;
zlqp%Lm{!_<g9SENYV7No-I9#y|L^A@1?`^>#jt}4(>jeARnW%zzKmxgN^#+T;nVWH
zFm-19TfDnTsZC?FcEnFi?3jPn0?BjZP?z1TU`;qBY}5V_2(YP&bIpq{g9+T`2)>gz
zXBP$!FF<zQUj)eufe;(FuC*@*Nko{(ij~{@6U__;_LwBXR9WKWkN41r<`TV7o)}<X
z{h2CfR{!M<w<AD{t#0Y<RPa42B8dLbrQ!;`Oajzjt4wP(rW@x{<uS5EQoYgl_6*=Y
z8r`~Nn_P!EH=Pw#8Q}R>v#4<FpA<LUayA<qINGV)Ae|b8UBQI}G)Y?*=>K@y$BwS^
zV!nYYyByFLB2uSGK-TfV!jZ(mm;ksC&GQctBJ_c291rRKBLsyn3x2&m2V@FSu7Qpm
z2IPaFqp>M--Ac268G4Ip;ORF1;NW?Ig_>?cc)CaUIg+AMkZ=P{=u(A8`{_j<ke+J0
zt(#c*7&TWOOFYt6AI<Gza>YK9<<)z7(f&wW#374Q1f{{oR8@ahborW-(>?vT#Is-1
zu=+4EigPg4n?dyBp^7B=MI}t|pVKRyFz$WA_I&gtVne2E`S??h(>KdWUKRohDg9Zb
zU>AHx7{NAO<rfZck3s3J!LFSJ47dFj;HD9WhpPF}RQ$yg`jFP4Nr~Bn9EkZD*5=hs
zXxiko>H4R*-~IvxBm+;mSb2eD$|(d|+Vcn{-Hc_O!L9Ju?)-;iW8K|XQ^bvj@rZO7
z<fNUYTf7dY1~@|8467hj^G86xmF_^WU(J>f0)hA1uBs!mi8zsIGcQs`4X!wT48W^c
z>JI=KT|@aEZ-CbSIPy(Bi`6AsFfsBX>Q6$u1J(3vSih?CDcOD!{4Sg&(=Ea^luQ);
zgtt|@uQzm$MbbUB$NErAB7HS1!4Ss*7an(N3muok*#7GXCkoWgIBJnUHUGQdH+RR0
zk}KdpL6`@kv3B!inZol|t}z^NO<^cX9nrdC^n(WI4+39I-n@pdqAs6Sjp%=Zrdj8`
zf*mV=ymG$6$f29yHDN-w{^pLzMyD@lm&8|LB`7^(6_*|mN+|7gvDCJ)>1!8n<Kn3T
z^KPd-_V|JUarMP|T&;L4R4q`>KgX5KnwUfAc8!8G(x`?#lXll8d{B`^--ODeLL(0<
zZ_3ppOq2=E7?c1%C_zz+Tz*?qqF6oB!Vx0Rnv{}5?*_$G8d*G3bH%*E(vC`|F3A&S
zStCq-53;eyB>M&O{U(a`5Z}tWO0@Go1P%Zc)D7eo;g3R2=sAh=bYYaFzm&ZuqK4F}
z9CK$LvX5_yk6+y128+^M{Cu|RWnGylYU=EDCA3?V*YXnFxmrqJIaH#m0(@zraISU;
zAXX5O57pYh*0})2MDW<YrbfEspQ^Nv9iU^ydh4sK<!8v@j^t+NzaZ(uEAVdZKf8Y1
z2)-NLY`*?uFAg`$90Ll2mK^W-b8^~uVxK68$xgx@OJE9~;)-A_t;Uaq74zS(rr+RJ
zNESe~(pNE<93<5YtcuQA=ZVV1vf%B7ZOq3<Ve=nb!9gSBWb+lArETgT`fs;i85s_B
zP{~O%L<YE+u$@CVzIMF%j6eJW_T%+>^RXhlmQKiPUqLGVfd%wmb@PMxnPOlC8>y>1
zZ7IN1sE)+kc=j9gK@;Zh`+8j$Ed@@B-9<*n4tyFY5$2r7Rs(cD%SiRWQNoPh4wK!E
z{w5Y%OS$7;+b=p2x^?_ismJ8DSDtzn2roRyw!>V<maQ=7R8gfu-HT}p*O?$Kf1Dq@
z`|-|uA;9}_AJf(v!6E|?9ypYaVi3Ab&2^QSE#=x(?2`Id=}m+WZ$)<0o@-qBn8E+p
zLbN`C{!)(146S<4<$`t~-OOHQz-Mt5am-Cyo=25CF-q<qfWwaa&Ppy->Z%AQO9cL>
zq{)30ZI%)+H(peQ!3n3V+DfF0l0UCo3EzVG1yFw%v1v-0AGeea>$pXOHRX|*%Fx-^
zJ-E+PT*;axBPI~>^jQ?M*#-|U-qn2Nr{bG$U<Wibii8&4&DlOmd(7Zk{_AU(o~Yx_
z5N(}e64J79M%*?i-i>kd^(xsf7eY%`y}i&Ski6m<Ud7MRaW1Bvk|4IAk7GZlx9+uu
zZ@jr(bmk$ycQxjz6jC)Et=;f<RNmqILb72nFRiDh<0}419Vo{}E@?7&ZQ9IT6KKm2
zIoSHUMM8xcsbnEX$5Br3q2(>RpgE9_k{*RWLRe_TB!ewg1hwO7rqYOzT=_&jv(g0w
zPqxM4p!b!LzFYkl_k}#pm|mqj3iouZo#5!nBvYt|oSwJubXZQyG(i(Fr_%9i9*h)j
zQNcP%Oe$4ZY`~;kiS`8aP~2SpK7AII3T&Oe`(wjK;g;vqoQAz1JzV5HaWfpNS+Co`
zxo0yTd1v>0WA9#M%vuoJr3rtAEx&?j?*~sAx}AnCB$MUC`ub0GLSHY@Xki=4Jm^}p
z1=Ty*ONx)zArAJg^gWyk9;Zz5Q`sw3(X{z$qvVRx{;4}`?yj*ox3+bdRB*;j5^vLX
zxb@V9b)w(iF6C4x7s#Pht})^tspA!LiAS_P4HXbxXK~CYS<57ei`zCl8l1^<jR<JQ
zD>-hYj@5>Cv<Pxu<7=Y_{hXg+3HfoqE#YIcq3xEhz^u4JJvhUV4@uU2rNNqEFK0^=
zzqJd++hv?oyn)?H+Fcz;8iwj4t?fc9aLuUVVy}1->U07lqg<)@p-g$E6wnwdK8&lP
zoQppjSu0pDdDv=*fN2JPAUMmH`IfpFM@6Z<X;CcT#fk2(NRbdEfg(p%A>j}I)Gvqb
zsQSH}aN}5HQ=8YbTL)iTm)v)&qe-GJ&BXHkrqSehrudAqzvsHLS#T^g0`nO3Q#bRs
zfcEV<{^Hv`7k0`eY~ZNXiw2v9NAOfg!}=+WWM>cr$66T^e0rSCgibj}XmDoIaxA3-
z@srN+J#n52;Ay<%0g<V@IRwde;30U7tX#$4F;k&qZWCmU*%kg|##-Kzzn=@zCEYcy
zEUiUfe_=~`=XTl=`C*1ksR<*uTV@2(BSruENVD4gs(E1HXH=<xw7f8U2~O0Oc80$X
zB)d8!i$w=U<VBFuGZ|>Ofd77TAYz6(VsQDC$l}Wy>KG|UX5aPwtpZo8jPOol_0HDZ
zWd*j)-OK>C-xcR2ur+bbdkaQytTaJ4_R9J283z9Lj}B)SgLkPKKPCq=^UNKc2fNM$
zj5WEft@mN9D<u&*K599$Py5v~#)0pWtUy@7uWy?t9n6--2%lgL3mB6PWHNRsjyrfP
zP>vEL;kPaadOKS7;v)f|+?n@V0{Pyz;w%)==+W#K%0w8{H|JFqlE7!+<TPq_Q2#Tz
ze2|QTpR#ZM#*UpY@pV!x_z2Pz@Gj!z`^RzQP-K+5c#5xWLlWgg>oT1cVZ0L%(7Ogz
zCmXH}lv$9}CLyy@ElF&oCC4F=_R&mgK)R`B^m>uK%TCSSKsGQD+?$Hq&Eo^P-n0e}
z4t7(r+(M$6cp;07f=}QP(~_X5jxvg%CVAElFHgs_iAetVXS2r~Ckvw%zl192PEm4B
zk-A@_?~Ywvy``-kk`^88L5HKL6e6xJybOxeI5jI|2<#{t@}V0PQIdg|{2+l`iiUiU
z)o^jhReAo5H#Cn>58kRG@jhKc!_7iR4(Av!<xV*R!NxT;L{0Pm8NE4p*T-Z*7AI`f
zU6$&WR6b&7BazY4G!6l?JGEoVNAKcRVGKWS5iEGba1~V(AM~2fc0?AbrW;L#fmka>
zUX*jXBwDeiz7pO{LDV8IdL^VfiOb5N7Hy}PB%V$c3J);QXYpGM{9WxrkX`iGpV3+6
zD8Zks+V~goUz$b%JW_F*SkyK3qqh|J>rYrbejPLowpet!u|#=$6qc{${Jq-HOPxYZ
zrTi(%e(G)paGt3^eO8Bc#k<8-F?KPEL}`vr#St1Q&kd0E;PixcgOp#^S~WnO7VOhH
z9~Q*Q!GM2+cur{sl5lJY`35bf<JZSq^;6<j5E|(Y1jSBH_}s&ON@CcLJ}_FoVQ=Y+
zP484zn6c#e0hmBUA*b+&HM5Mr0O~MN;oLW&TKBCxVMGxz6}u4<3wR5SM<K4uO}_pe
zF7DhBRnMq~7Og7ZZj2fjj73#DDN4jQVhQ8Dr@tvs%5KT9X_4k^daymgrbB<F9iW}J
z^AaGHb=CH%sCg$6_N)_zbzc0**Cb(2Lq0-G0KZALU72aa`}1c5^9_dT{gtdp#+Aa4
zk${oM>D}`!F_+|$D&};z%`7i&j~L(;&2jrw)mQMj8UIIM(Q3h&I|c*Kp$!-^7qIS?
zQYOTK1_%>SG^GB?As8o>xS$m|V8jm&`6G33i$upycj9q}*21lRcpVY$2|TU6KOm4#
zQec{I9oB6T{&}536GM)4nB2jyil`5#9N2oIZPcM37ajL6)X~fWutoO-B%XApRpV5C
zZ|0V&6LAGY0>ebNw2+9yFn~7oJ|xYY`8q>+g;Zo#E8piN=lF!eM3z=QHL~1SkQ9ys
zEotT2WAdiZfOWl~hU84!C+&&lnT{`$`lemMJ96npdbY>9h^f$igSTGsC$Fw<F(J>k
z@^ynVTD1+y=T_-)qfvqTBq3Mq@1((AC~-4*s{_-N++>xoa15Ok*tJJ59QZ&}Kz-{8
z+`qaNPEsiU0YYq9{=tZW5BXi~M$Jaz`hPjlFyJ^O)E}<A`%ytfXFWdo_kgVuc#Fr4
zsfj`S_TPtz=e6-$XgCN&@FAwi+(9?g(xGKE@oKZomUh);LQG_SH;sZvSOP`h;z=Fm
zOA}Q-YPoXK58rya!pbViY9{G=%%YkPxdf{iRfcR%hsuKTR0%_IMc@_eD1`(^Qi3rt
zp)cC+=*V4{3D6c#jWre_VnU69KlI-g{S`kPxwf;{+jdhC*q3_1Zr-XKWM=6BV+fxk
z2qNY+Ba&SA9B(~S$ERs4+Rd&&bwGYj?k6j2^W+vaKBCoG3zWflC7s!EKh9DC-ICK(
z9EZj72?#$S+#p>?40W8Yv8iREi0dn=@93ElxhKN2GEhtscugS2XlW1oMXCMzn-oDA
z2J2&JdaYl!kof9|hji!t1z?2v0fW;cxSe!sCv^#_c8SlUju1iC$)<)fMt~EW3VP<y
zvq<WMf;5S6_I+4dsjq6H+Y?X`)tstpf#`uCGm05!C^<%;z|-_+#lQ@SV(oviDcTXI
zp7xLSw{GjGE4gHdsLf%uR$iGVzgq#d-o#6&t`aN2{3!Dmh<i8ypxOyy5eWRX<ttO=
zktaKoOTj59=N(uobrKD_A}HyH>NDFCbMt8BRGKfT9el6zzjwj~fOO;m#JnGLHrA>*
z0~wuDxSOubGd*(`cXBhn=~p>%IGLP-sCH}Z?#$tg(9qkj1+ot-poJu=)M8k4_*Yoo
zH`&FLG_DSx-GGqgbo?7!M%}X4E_^G*>|;_4j_0HwqbkFuI`o&+o$pv&^#PaSmspBi
zX?V27{KWMnEySQ0oSGm0)o%nLjNZM?o_x-nbDa1BWbH+XaE<t{v?P%GmB#;J?4Ftg
zftmvhk8RtwZQHgzvt!$~ZDYr_ZQHh;{Vr0Ki&P~)qtEGnpZXi*E{krOiLVdPWwcP>
ztQo`F4g=F2<t9{$2S(D;r?X~J80){TA*PO+>voDudDfQ~T>eDM#$O~^ik+p(ri87F
zP?-RVmJ%7OZtnB4J9+VX)};7$)6XX4oM#!*HNE-t9^O;m{PuhzL=>$TdI<KNFy$?4
zd3oj2FYo>=_{UjphiWBI@=shf_7h?Taj>F$PShfUY^Z326Y!WDuwklu-r-Y|3Nz0E
zXhX<M(e1-TUEJ-;mkohI7+TEWJ0Wd67P-JAz)pA_YYCB}JyfH>(q(}Ur~5qOwC%*J
zf*|ZD&FJr!c@G8fm9IQ#!?553E?*#aRE^HMRhD<$mP%<=f@{n9(}7jE#3KA4*|Qt$
zvCe$YX3dW0Zj?qXB1vyb3dEIVv5R!3IfrfJz17PffXEK%$7bs1mX4aL7R|;NGk8ew
zRu@Q(2}Z?*>%6A#_nVHY1Dog<7?PEiZDEjQAExiXA&vfn(q|V?l;$Nqb#oi23G}9{
znz$?Hnw0`?vzeqQU|k4b8;UE!qP>D-pi$o-x_HZyt1$7<+Eb^&!&XRF0f=E;dt8<0
zZNvs5zQIq%^X3It#h~TjL<m<O6vkf%7bRceIJydm!}Y=aQXBi*bw7xU>v+FyDYFd^
z{7)!sBpMG!5>&6Oo<iV^B@Z>alRuOqBZ)&>`|x|xw+@?`&42<w@TgMBBIw!9W3GV%
zk(miF-YUvo4c_`Za!H$EDGy7ZWaE3FkB;IDSgzP<y;JIzuQ9w>$=g@<j3r~akMwr>
zl%cY=HLl*TkxBOfmf&XZp#|*p#mk{>*5KY{7_SRprBR%?M*%BGJzhpPQ`L&IiQ5iA
z_P!ZoW^&dXKS)NA%$$+uH;&Y<?+=f`Uu+flqVG2^3+h@*j_NlwGh^dRdsGV^RfI^8
zl}@t~_|5`klIHIvkjMi5&9_`X59i8)t@XOsc_L4~VH-=z$Pb^V*B)HtbYCZBp6701
zUcMGcC)G>vIw6c7{iLK8Jxk(?5Zy9(D8MY`@<}Ypo`k~x{@l-~l6oE@=gK+gR6(CE
zHRuk*ZKdt}VYjWH8Th(6xCapzU^v{V-qyax-z(Ph)j0J&;60+Wwh^%qrU&4yVHtR2
z7qQ}_?wyKV0T*TZLxD-c+V-(A82+xi9|A;3erRu1Y`UE8WiM08trW?9BcR{sSWrcu
zvp6Hqc|HQ((a^f<Tdj}cx$wVi13y_&fg4AS9WRd?e`id4LTquiX{Zr}*1Nw8QjHcY
zBR1HZ<vtnbb=vxqwSC6L+#~lKN=YRm{OI}M>~?u+;EZ|L(VXR)^(zS<S)U%~W3yE0
zpXWt~NeME}=doAs8{@5PnG-3zkUg>)7sSI-s-#`pm=hT|Vp%055H<%;g9Yfx8H6JB
z&@XP+fiD34#;LI+37b&+bLAo1<a>n;gLkFpqc|D7D6^PkU!yj(TtT$o;!wf(O)-Nr
z_N`Soh;Fz{I?AwWj9+5Q(>z?t4&1R8vk--?b`OZBwxHmuboLzcS__X1T+5SrQ*clZ
zcioS47t9EIGEBOGMncL#MrS@QzPxU5KhthF$F(|^sS7lDpu;+9yJ;^#IMW4^L*E^-
zq8B@{-jb+0!#$OX)M|3Z&OitrSnFdY-+`f~sz{j6JMq}E`$YkiKWv60V+p5u_{*KZ
z%c|tWo5WAAbxFNyGo3cXFm3O4AQ+ELZ0hf5u8By+v+~k_M>02-LA4Ylu|Trd%mO|J
zH58pd^pgnn4ThAeNuoLuH_Vrra6BT9f6`2<D~aADs2pIu%h4Pt;ypRVUgxj^>Vp%^
z=4=GH_lmmIG32=t=nnEsewt~4A08iaGHA;tQ4l_WOu1?3<ZRRH8P)NtRgPcxl70N!
zeL6U1l7@vGqIO`rb4Sx6uf+QUr=)&LdRY~e93bqbgOUowwvkFQc+iN|27hgL(#Tx~
z#fIv;SRBilv;|2^^SpEn=A-l!bx;qjaw<n+UY~lGJuR?Zh^)qA5=&^eHAyPoP;B{c
zn|=nZMkgXXpwjb5KkZ3t<xO0uT)Soi`E(IV2unItdPMz^)7rO8lg~<hQGONu^%Ftj
zQ8uSMXFiEcJ(qZC)(Y)PI+9Sc+imxAO)or6dOY2ng89c#8}F_S`WX0ytEZ|OJ<#2A
z@s{F|KJn)>sd2y<hy!Poh$g!_DMVe_UbG=Wb6M_EUFM&m0rn1b-txztb+~M1Wz9|<
zm0;Q@`pa4r{ZS@KAy8g^SwoMmZy?gJhw^$4(Pn^8614k1RHT*$H|i=#FFPfuF4^x@
zEC_(A|At(~i2aQ%wQ=c<YuFT~ADp}Fm>)6_)Y+l4RHW4N1GM7ANt!%ZojRjO)1w|S
zz<zopM{r+hHR+ezDBEsm7AGKwMM}UBHi)3W))^Nf>lSMTj`$E)G^!~hU>?Iga@tgG
zgV$q2-9nCNRxz(|1twCBMMlhWp8nuEx2*s0>tHydD60jL=YwtF^AcU?9$J0UOy$C*
z5UcixHoX2xo}q)dVYZ1}6kIx=52N_B2uR18zTd|jBH0P+2Mma!g0HAgAFJjQpJ88H
zY~k=O!to*%DUxl*IJcYsLuIau(G8l*p2h1z<-S)TPyn-&^XeYrw7=lwiqghP(v&0<
z(%87|x%UQZ*D&$^<U0_z%S_NZIzEn}_A4hr>{t(YM=drWc<p+**Bd)*?Om`@7VICK
z$%`u8UCJs=@UmJNL^drMz=1zgLB)V8l|h~=92sM=O3lgs#6|;3xyzNDsj?7~O3%aR
z`+QyoO?_%1D=6<#E^N$}s(AL$iW6*OjWp*mEU6QG=*HXBYz?BKDxQX^N-j1t&q~0Y
z>G)`QyC>zOBU=0{5D6MlZEsNK6x_@gALssV409>q4w(?CEPHe}2%e6k$?&LDGGIyz
zYRSz8UG%!@C>{P-VG>1VBgO#M?^~{A-J)@G0rm)X`wnz^oHV(#lksbt&K;xT@g5oD
zjh@xL|H=@Kgt0r})xKK?>Bvn*OUhrQ#ND1&(v+dM%`ZZ8-mO*AJEJnAuIxQm4c}gT
zUs~&G@G*^7GljcpFQUVNg26#20bdO#_-(CAm-xhv%k?DH!vL{)_HtW)Cq~{4fvXzr
zvLO&r(!@wtZ#2UdIn~;q3T8(hfgci<J#R*LIxm?WJr=WiAbvt!#EJ+1)PXIbL%d7U
z(TIaqzVFD0<bbcSx$6fqHlrXaT3Y|)?r&#rb~6e}|Ej$yDPdnud`ZE-Mhe^&L$8h|
zTMY{tfhb#KkhDyIv!z!ADh8=$<JL-EhXy^n>jU&ho367+4~l8~Zl$>th^YwVhfO7g
z(@25peAV{+XB!4(k6{m!kwofRV{>HF*jC1xPxQ@y&Z&A``3i!3Z4Pjz%yC4#ZoX$U
zgz0Z4)cv|WeTRcuNGl>KV}cIQyRihFgCR`wy{^*$iuN%~mlV{(3z^Xb&Td(MxRw@1
zQ;+f6rf9&MD1^Ob`9mxld<Lse0vuy2aurbWuD4h21~Rh#0>1pdRRIM?>>iOyap2!s
zS#{|cH^<7tcD)Q!qN+w}<Utj!oa@t|=B;;KKEx}n)xYmFn>tU}Fu+xfQ@_eSuS&5W
zv6Gd(RU4D+FYX35yVnn{Ay}@dPMjq<Gs_q&nmrbFw_gg5s%7A_S{UWi^bh16cxf|w
zV}%+cZ&Q}mWWTf&)VRT7=~Tl!=ku{!eq)eQkPt6m`T%G1RWdwf{3Y2)z|T=&cx9k&
zULW><#Rrh<;@BG=EaPi<S$J?XqL)YdF*Si<fdn_VaE$wi=d=J3)y+gG%!CA?Bdi7x
z@*Z2<fYnptCTLOlzX<%bHak+WEs-!R!3t=4b8sT{3t6lmC@&B{96{rDmmj0O>Gx1x
zpgGOJQ4=00k9GHd?zK`7A%{Q3p89hk=k3ZuMLZa#i$c=1(yt#wrO~0^X^+Y|?+d1N
zmCdti7vz9RW#*6mg#|qwodG_T2j#G$pK7*xqhW5tAcDIs5WjB~2N)M@FaqDk2>gr~
z#1GSV9r`91Z?W0C)0dQDwiI^BNm}FZ!otfzHf?3*w2p2=5Z|J!dFU<yXPX|vRaGqr
zBuv4FruXPR_1oru1T+dKf2^?(Z(sVllc$fh2#ReSz|JMzk7P`;a^(dkopr%b3B0)H
zYE}lxjLC+nX`AMO$4!G~%gPe+$D-!>mupU#A(!TO)>(lLReE#qE(1i~w~-0xWW#Ec
z5`y5^;(@o{l*B!4s1T@XeqO6cvDlj>;2lEP5R~CL%Aq`*g620_@mi)PX&t%E@N8|A
zezc-76Ds^a^p|e8!V5F1chzhYh~zpZV&Mjh!LfMBj^t)y3LnGMfgGJv3<F_@@DQGP
z9&iz2&_$Vi$Ld-?`;>c=88~LK*(|VKFYnuv&v6=yo#IKtQ1e5&Bf%W7U`n{CzA_ig
zwfz$Fwz^iS7|UO<Y&bu*h<mY@>sLeUdCJy5*9m)g;6T=>C46!-=b+G@OhJ_7I2ZsR
zKSA~=7p+0FBg%14y!}4KB7pHjh9a0>r@Hk9{AU6tT&)(`5Mxzi{JaXLUKg!?6S24r
z#zF@P5e5{}`-Q6-uwAs%3ZeBxXF*}H&F6Bd@;FDB<SJP^@A0F1LGvgj$hcNBO~373
z?-T#H9@#_eS!$t%RgF`;+oX^*+9IFyaHw*D5TAjfUyi<8<V5n1>aB>Yu8d*hb^SXK
zw&AzzsLBV{nhx9)s@Dk#uuBz`w|p|>awEX^8{@v1a3fg76G^=3G*3ObYLc>d11##m
z{LIGr{aa0$yDC6g5Dl0ra#MT%j0+N1KDK(Oq5#_0OpECz9uOL80BW%R40!mY$hV#N
z#1Y7w>adR~a4H$$fVtv39cIf$64D&l4tE<zulY6^jno8dFUU_;pe;qpZt3|`|D1}S
zQ2377e`McMbs5kWMY={=85%vp1%~L7jJ~)(1m@-3CME*(+ed)}3<XyLDjLvR_XM;w
zhLtSMb&pkHWn*yoiN_<YDb5MHbiWTay&qEA`?8QLafVp2+X^_+|0{QX9q0XShS~aN
zX9V`aEa*E#{d4rEiqx<e9A1!;^;k0}9jDBg6(2mY1}W>;pYXZ8N&q{PcHXNM*HDWA
zr<^I%!l6gy%*bnhzxBB_ojEm~sIp}mGl{dg=%8Em$xAthJCmB&;En9hU1S$qK)_Id
z<Hsk`P-JugX!ZN`-0r&7t72h6A!~@*>|oTgUyfB=%hU&ximSt)Csaw6LOJu(xcTu0
zo0P%2Q}G`$?lM>i$O3sLz9lNu-ENs_nH+)Tit4Mm8E=<B3IhRuz+KmDP$Vcn;qCx0
ztI|X-guZ1nLyiO{Zf~lxXo`&T;J<?D)|`PTJ{`Hw`uFHy_h6&)8nLl|y*OQNddRke
zPtTjffkJ*!t@H>oy-mJ0o5jS#N5`xXI^=n}JSImvFzWD|y1jc9n;npby5#)f)Y_%U
z6h2iO0j=X#jH5H+%0$BFb6ma%2m6uiBZC#)SZH-aPYFnF9_%~|9;1Y@w!&+vZHQLJ
z8SE(>sON-_lv^}0)2q~meb%`nv<<alvT(Rb!R{q+!QE>xQJ~?)_Ow*uK={pQg+GJ#
zSQ;1*-TAigdb_^2VPj05>71L_&9cFUGPz&I{yA4c*H3h3GI>+Z<u97SE;!=%$2~e{
zU~0%IZYl^GcYkiRmV_-d|F9^CGN=>JVUkV1Ob1T|pG1bQvx!O+HKw6P&EzzM3ALu`
z=EraPoF>DDOjI@T(_S8CUY(hmQcqvpL=YeZ-8>^bMQNejFCLEsq2{juZfHP3^;EU)
zw?O2&;`~FT#*Va1tvc~Ha9z=*OEvwQm{C>riE{1N$b|TikG<oz1{_^H5(VyeG8yDD
zYR2fLu*cc17@AKom<;=NvJ-^fUp++M;qQy;9ocEIJ9q%K2J&#YRjR0P848})dUTp1
zV;j!r!d2*&T<C3ORhh6NSx`raZDmZb!YTaZfd5Kt6&&P7^}#c!+g2^V8I^~*W-_&e
z4rw1S)+-!Z=YN9`CezuF-SDR*zb(?nkqa$Lr=|OcL-$fk(xh=ey)1>OdB^Jk+lr*|
zB~Le^{e8sE5*J)fwgNO6mm_@#8rUKNTO>mkUPb^G3_WWK;YdiPJ{#f(xnG)FPC*!j
z{9#<TklIEUKBj#x`{seMVM;c|ct*n%#5MoySv5ic+q1-F6|m%#q;{p)&<wpFdDO71
z$J-;7N=P``%-+%0LI&5}$J}mA#UTs&CetVvn*vU8hZg+e{CihSbK%$fBD7Z<2u0>Y
zx|2V?(Hr~#s_C;PJRIzLq5=A|=P^z~IpE3Te(m~7n_QTLfxV7r`oT{Xr>aX_@N36a
zI}-nnf_N(VPn3@H_cG!x%j;H&OH1$S(S@MYhC>;#5XX%4lOOG_+jjq%sfCuf7XNAw
zv*;Fsf>^6AdD;yyLWY^9nAiIN{T>g}f7Zz3caiN!P_eql67lW$SWq~fPDuavtSo4z
zI>c?OzY5_7VoUgMB#@iaf(DK6{=wkrs;ZC9`vu;T)JmWSiNP8l&%VZvEAxS%wKWHR
zKj@==6?uEa_Mld9bYzu`(TzVmKjYH5RI`4aZPZP4=42yG$VTJX9!&joyOJKtf%@|T
zLA`GGC9iUrN0Xn^6~+gvC%4_pWs^g#sPS|)n=`851Jo2s-y>ffcEON$6K(F2vy`b>
z_vUu7ZP>+q6eA92$2q;iUkKLN&%5{HC#XhAp?o4QKUR2+W^kMrS(6QNbFN8rI>Z^!
z&KVk?hT6C#eE-}byq1rd!WpfSuG}8zODi=^Fq^{3al8uznsOhccg5VJT~+^N(YAVh
zlnD3Yj_4nRfK2nC@9@zBxj1jvq4w&n(pAOvT(%N<^znop$ST^Ph#td6R6P*1igpb{
zIn^p5qjk9vqL+<go^j&M_O#t4Fut0-)S3F_`cRFg#V1jdGnGrn5W*p(2!3LwCLj=?
z)gbo9LYD^-lq0^uN+G6#u@`};9}ZL3KD1wtSb8&e@{aHb(sGIg3bpl6ZHxaDIEKf7
zP!?H)x^(u4Uh|!CeGj$W2JYxlAmCxXv-pc0&^{IJ<9v3+^EV5CINF$$?y_+B*<8{g
zL_$o{=2uY-DkgHdgZ8SvnXcv`<2D@7c(HnPO%)S1?5T8qYJ%<_0dp2MJ9#m-^_a_G
z=PTt)-b=!e(R+d^bV@0Et+9xTPAC(r$mfXj0*5vjVyFmTe1xqY^kqLirRIu7jM0e2
zCU?0)wCWryVY6+9T$;TdZ~Bioraz(W1&ys{^^p^KwWNRN84`o+r$32n?bS(EK(Qgj
zZ726i$JD^0eGtCp5B(mk;8;Fa)N0P-ha>UL0vqSHcsy^*m<r~`PDJ+_L82)3xM9ST
zOcE#x@mHjAhSbXUC5zz8Jyw@3u5L`x<s{}R74c8m(#KsMj~*B9L3+b$Kp=HOKn_lP
zLk8nz9Eh!zvB`ZO%2eqdaCNtlFS1`X=I}|?-}eIN0q*l5(&4n&Z(fLf0nJ!9C(_<r
zv6k{o3?*zacG{MN0CFPH2mXpQyq$F6D=a_g3hYHKa%1#Am(g+QX}q=a(L`81ifaTz
zEHhV1p~|Tb)T$_E8IDqc-nBL{=}?-U&Lg-(gU?g1nIA*+LLlGd#=X!O;*{a_^SeVv
zLn{xOk+my4q-1wl%au7Wg(toD20MH@4BUQ66p+o^C;)H_nc=;-OqOuEBv5jxSbnra
zGkN_aY)1$aS&94mhy~N3B%~SnLC2K*G2{+GkkgWv)v-Kj+VmW@x|v-e7!M|EnJ82p
zGq<9#Z~7LnUg~jwhu<w-VtEu*gx%A8J&m6@zP>8RHfUtX_kI?5G3P3FGcRF~(C`WJ
zMR1VzQUG=pLPe(~sWr7>0%QW`xHZpAB4PqluHc|}OW}vG*Uy?mx-~D-QtRMF^&8qm
z<2GNe{Qlx2atY@H0HER$#tr)Ss3gMsj0K_)p_uCQX34@#959=&9^W|gi4#7(S?+sD
zH57oll~tjKUl9#dTuph8ds#@&zjsEnO$8nD!Qq|iYr?Hi$5T!DtVd>-xP13V*K+S7
zGF7=7o>1Efc)sTtV9fyP&*<YQlpK-V5BpkF(^?wt-W!|%90{1OR@@LSxG>Ko#w~n&
z7PeX51brWDkhNt0gAQ&nGaH<g?NT$6h860N>)$Omy*KY?X-!Rds|!~l&<_MjK(r&r
zg@ql}XsD;=U6`iieSVChWubI2$pIZ?1y%z8RK%ZFqa<U#Bt`;yfJiUUk^j?6ak7Fm
zFs^wO#QC3tkQe)C{^mSWggX<4KRH}rpu++!%W!Y&VK=FBPqppxyM?v<BBLN)-W<Lb
z?Gcfh`<WiWk(WBn{;r0gkppyPV#$udceh7;d{Eje)8tLKUMQ!)v^|93E!wD7u&}Z+
zTdd(|BfZ8co->_0Qn(1#5G9EqaKIK88b}Qhjyb3QNx)h|%5cBL%4x%G6G~q4dA`-b
zhE5$LWLiNK@L>TM*@}*aW5+yLi9z-G!5FxqM(1Eetk-lGq-s$X@3Bf9g3vR>wS~Uk
z?wAVW)$UHN^uUf-+a7PkG42XH{xj^ZOK7qkPmlY(+4!raz~;DP_&{(Itv|MkUxegs
zFq=BTy;9nz!(yi#07OU`cwCK<@H0B8bYUVjf&G+4!D+`0%p8L~2Gz?&z`M2IZc3-c
z(T-zi-};wb1SmdM5pWIH{EJr4m4jh=Z&bOmLP;}72%+0Kbln)sAv{J2!0{k)87Q)I
z@t)#kIJAE7{;M9h_JeJdW>U)5j!`o&g;KE<YZBqT;-KFnv3C5=tora959VZF>SV(D
z;EoV-&NQM;o;;O;OCJ2jE#QSt(f5sti`!*_;`41Wj7t?-3KaSHChu!eWvej9HtLg~
z-wPksO=KvbKK5jGDv>YPLn4n)Sh4Jf^2&jO$9*p9F%`UqwqRH1Tuhosv9pVqdU~(=
z>c<R125s-b)cYOLX&BPs^_`kMIQ$+bWDWJ=D%w!x8XcgD7q8+6Fi>8sIh&1DayRY)
z2xes2UeV)fDg-S?6MNt}&?$m<bfcnsO@+5nW*B9-AT6ndFFHRv4da>#u)9~jnv0}0
zc!g@E5>PP4+#Pb9@zL8iEZ#D4>`yVj!k39ULG1~N!6K>?tExfmUr~<2)}d}{l2Uzj
zW!vz#<}maNv8@t6Ma=l);MVYqZVK)daV_Tg`3O1OJrvS}f87;5E_Gb=py~7#`4;l9
zuixKfb-?3*p*S+V_rv>AB7s;W(-Fu(b>sIR@^#vG=5-oqnjbR6WWwp@C6*^7AWUq^
zXt04B?MpL^XKS!L{xL@XkFHXrl^$v&d}2z6e!7PVbx8DN7BPmQ8y7Bt*q2t~fGC}h
z_)%dVAW?<e)uEc6QCGf=E^^@Pz)GpG(oS7@P*imfscj|*DCez4r@Ov%IQ*8BsxgGL
z{18Ec!}>jz)gmrSbqv6uk&#XqK~w0|z!cA`Y*4L#`*t2c+X$HT^B#OQ#DzHDD-8ri
z=2(wATxis@c(;+<fJ^4Fv&O%<6R9Zhk2NCi09H`@lhge>!nGQm!Df6Zy77Lau%gYl
zfqsg@*cR4#x5+R+eJQ1n=Us{pS=GOXVkMwOat=BJ6<O3$(Xa!pvw575g8|wSQkhPt
z^4@1Mrq2FLGEDeIxErbWgE1%$#)DG%zN$uE{n!Y-SYoMUX#4UMiMKAtcwDaEO#Io}
z-t3a+gX_#mo&}<f#Uxc3r4aUaL@spBKelo!BJ3>l3B%cZJ#292oXm)%Iyam7WLZzj
z{o$b`PqrP%w7TKk%oBMQs2RI0k>ZQ9EW2d6b!%kG*Y)2fj6qK}^uJ3a9$0bQc9Q+Y
zIHYsJ)tf0HswC1+5FSoGt#p}mYj2q1|3F44ue;z>vfQwgE+%}4b0j=+jkq)srkhj6
zZCW3URTk&@=CHD_(3KV7_Do_5;GTI1r7?!*&+WQAcc-w{N#?DX;Eq<t1R^NRn1cl|
z{k49>ABQP0zYi@*wb2(}${UU3wYk@A%%Ni1l7`dC?KWn{SeApLzqAh7fO_~Z3-Kl(
z9?vOT<nsC<+FX*GD{W<-Y_B2u{Ux$UHb6(kzfTJOyHf`6;joxxn-pwTojgc<jdd4!
zILpkLKXGUTmNI!5IF_?#_0R%1gxl^C6J%4`mZrA@3{IYdOO@?d-xYrh7k~Hjncl{s
z&Chi0N}C^l1pSjduv#A^N~e8N((6*`^eaD7btJW_)vI{9!E0;zy+W2Yl$mBpAXH6|
z^79r23a(jeT+1r=J`~quKr^Sm#B~$Dc%iLPkJ|JgA959F5t?V5y=y-X61K%rHytV9
zT{q=n)iJg2o5gm<nBW9RSfff@^V-3?Js9F_u{?(fTwPR>8VbFjt%oN+b*(8%s5nR_
zor``ZWp!?#BRhUfYtaV))r@~pUWRBQ<cG`^d+Y*))K<!oB>+<ACJX+aJ@u6Duv0E|
zIsMEkQot1S{6(bs>K_waU=uwXw_k#^WO`wO9Myysd+n#9p}lj-UDhEpD_G-rJe#g`
z0^o&K?VUnteiGW>QXDti^P;B`1K*cD1f3PLu@QmBmVsRKWkM03Vn$3d=1;6b+K+sY
zFFzT@1v#rt|Kg|t-t^!7ca>h9_!%FJ`-c8_k7`A|W)Yz2_cRlwdejjG(YxPb3LQn!
zZ{Hgs5wo}TtTYafX=y^#7C}|(l(H~?|I`sB>6#WM?-{B?EoQU=wg+;&apA@voX8lQ
zv#N2jf#I0P=#IqR+29s)Q{B(NfpV<AkqL!Io~E@~AkB=OR<!Aud4&=%8@i|F{_6L3
z3Df}c$XR{tcMQ13!!b;L6g(!YVNF0hT=r~bX516$M>wzHVoz*>Ar_z>NvCD8=bryz
z_-i9cqBGW?xP2X120BL`O{npiiJFR~_L^js!CZf?OLUC<i|5XNWVM|}WQJu54B<K9
z>Y?~-YcDYptBY1z!?K<W2F$*%#=^mJH#IE?7>xq}hf=|Ls}MAl$e(eR1tv3*yGXOx
zw=NK;UtTg&zTK3-hKx`o3U_i!{4<~g+3vaBIPhRBoF^rlJ<n^x{4P3Lp_XTpHa6(@
zZO4CdTDNk5dUy1Vmn=IkwWtFgR)pxBids&ezI=gfJD3ofg+9|_%a?7Ici;bY8T&VO
z^7Zq3{MKffbu7$RC{S`Dqs^m%99FV&7Zcw08I*}{owJnr5Rff{)^4JvRpir9oRv;R
zlnlp7O6cDeKWr17o7<A&+rmp!tjgTx2@>2)FH!#bAPa~V1mRt02z0b?lel8Pip$pM
zZ*ZtE<;YeJgmuVJ^eVk#3ZJDzvu+7c^n(8g4m~)7>x?|$7GJ)nMw@FXKTT@eSM@)6
zK2KeQNk~Na%b@C*NFQ94270~d8D1kCr}IF*B}*sves<MC`eV^AHe$Y4BaT%-ZmsfW
z?ywfE{R~ne$F%DtBWcv^^pi1#KJ+FI|8wo>sZMx)gbnPP=K+<~+x<-~cYN-CK*7E2
z*2v^Uzn@Ma#c7<v7aYE(E>}8+MkV-ud`x+y7(QI~Fm`U3U(OivEO}=N$)l>kX#l-g
zqN(+<DV#+C2>pJIT_p)DU(i|GWnFiP_55^XXA!Gy1V+Hv_C?lHOJ*pQ5EeE2Mmg(B
zp}4VD&SWh?XFF0%8d&2`@|xg=5xk0#n4*?AhFOt5oAe2{>(zwK@t{(UvUqvW#zxOD
z(XqV<BB+Nz;XV4|xV9?pt5w9*pg}k;oXZKcL{hwb8)q$JnxBXMKmj>}?5*@+!6cjz
zc$Y=S>O&il-%bhn`8QT)x^Fc|Tv%<?pV$GvFUO^45gqa6rD=h#exK`nC(n>QMcir+
zISvIgFn+T$YhjDqOnC{Qz|~!IC<7*%j^SPSazFRkimmm5)ku4AByxR{Sp^JXpglPv
zdgRj@a;JmQ)GCN^Q>*tBCjx;~xFBguFLRzuFpw&P#Ts#Z4yh(PqcL!zB5RM2%eMyQ
z$#IbqKiSah2(q?u#Xc^(z0`dEbxqG%Xs!f*c9O?)UW{=DC{$p^ptDDMxAl~*O)Ojw
z{!Y^KUmaUy+KMd_OQ}FA5>aUfpKDPa8A?dumoVbp#@vcF_t&pM?dF4&nw;iGd-f}k
zGK%EaPED<)+)93Rjv3fF|LNs}G7k6^YrE!=V*>H|2mhBq);!cRj44U>tbqs#b-Iy~
zwdub#C}y|QufN}wdNW6_?9?rws25;Kb7Yi0tBme%S2I=toU58<3xiY?a{~8N0kp!x
zUt;pgQ2!bRql4iNjL6wDbZc#$9IO74o3MGLyE;{&T{~IfXzLVtXI|tqtFj=KAJ|~8
zv|@`_gvCoryOKEF7PKhN^#NlX{U0Ci6?-bHvT@k9eE$kydAQu0d${+E9dm1v+?TH1
z%L2UezrAobn~QJ~UkB4uBur?&Z@cda%at}N{L4+ZcKBpFf|&N39+3`QFDeb7A(=eP
zf5!77Lz!JXWKQ3>jS5^o_nW*<mDNU6ejvj3+LEPeOdvm7dw5eKfW%bj_8MJ=0=28b
zRa3<C%of|Zz%0;xAGa5s&;Byc{5dFNLoKr&Cl8B$Ou;2_a3wFrZESvcblE1i7LX;v
zxEul~AS}Nar=THu#>lCdVnPJB<4zS=sb6J_Y$0-QF{z`x8~PkrP_8OK{F6I?Anux<
zOi$284D42++hxv4S*2dAzo5Qd(+R4GBI;*yu#AnwC??xbsoF;*W%v^s|GDTpGMh)w
zN+fjy*;pW-yvw0j@mIa^uOilA)rP_PR(XiPNXfnG42s4?ovQR?ij6~#F!|DSFMhxa
z<A>V#hJL3$>myOB8G^iyu&Nps%}R494M?U7)|;#~<J59unK9xuKmDqM&1&3=H3%V<
z253mV6^G}q(pMA=oO>8^XdTL3Le9euNLbg_tq_e3<T)qxGHfoXpQn(q>MXkRD+(ut
zaM(wG4zBHrymSU{FQ-_+aur6X!w+efXwujyMidgb7|>b$t{lHeue;lO3MkLWTIWKU
z;K89gM_&(#RLO?VI>ooUO1r(mvsuB2{&i7<S!WYwY#LnpE_Fj-c!ZV)IZWq0Ho2H_
zk8@wRzS@ot-q#78(-i~7=uCXvg(QPyN$a6LDdA2;#u{$%_2+x965N0=A#7n;bGTYm
z{@LC=dy)ROA(h?Qg(^9foCdW>6|v6E-gd{nIA8)j1>cD*^kH`KBqazkJJpH^h<D=3
zkD!m((@q+>g`MP+^2=x8@4}c6j{db_PoUhaxmlj{A*p&Fp?EXehIwfHm735zEvhSx
zJ&nAV$Z%uk>v`ocR4TXNf)zn_Um@Z=3Z^0#e7P9UOImR;vz7un)psi9{(`#v&6#g8
z?q3luB`kh8ypx=i%&4;q7E{xfW>#6H?KOZ8jL=I}Tm18vPL&G?34JQrNni73JHOLp
znG#6dN~`*P=T4S?v@<~x`7$&`bb{`k<C;{33aAMX+#YM*CB6wipf}Mnp$hGC61(c?
zlu&IC!Og2IlGOFCkkx_K;48tMVv&b?fu3H+-<o_~c{C89f)w~K?t^_t&1+F}(-~E}
z#29)G4ekoL&Oc$u?(Y#5&Qt3>vTz&QEmWQV@_%fgiS=ooIz@ar$slRAPTUr@QnxG)
zVVu&PL?6dm98^K|HR3&f(62rqHU-mNcufKacoW_+eC&Q~AB`wnb)fue-MKlj^V&BX
zkP_aR+tfr*F6{9<Q!+Nj7SG5~_gQ~!9~7=HIC|q{u6x;?^hTVz_S_~WmbTp#bwo;n
z3_Yrh1Z29G?5A{y%D$HmUpS_s<#$(}WZT!s2bV83L0bzv3v<miP-^A*oNwY<FBD4K
zqUEE2wuxW1c3Ai+eTj_Q*oloR_dV8I$v)oItiF3-Q|kFKK1B7I;M9;vb-n!>dt0;P
z={WXh`8V2@)y@aAVOF4z*z+EtI_e8|MokKN*Nz+I&L7;AoNvxUOH$zCbscwg$2ZHD
z@)su?2US`@YL(?l1VFBwI}q8<avPe##20m(N@Rl`ex0^jycZf9gz7PhZ|Iig6(uca
ziw80}c+o~>i42#H@9)~3poB5&J9q3Vea7T^oDLI~krvpU4-TdH<8BVUfF*YK@%9pW
ztQ12CVOPR7|JPh3`~R7XWMSsu{BPIof7)$KES&8B?_6ZNlYQwd8ZC~T&1Xyud-ht3
zEjRMNQlyN{f4Y$~BuTe!Gwr8a9jf}gzc$sn-7goq^6D;0$WiN?oK@}|=|JZJFfuv-
zri`ST1jxw9{t*G7so6Sf^GkE<3p;W{bL+{_`F2)73T!R_02zQ&GBN@hj{bkUgTjhR
z+C!NAC(=K51^qK)3L^dmBZ&p3cSd%W7uJCK4lgdK_AZVF_Ra=I@8lC2Dk%Hb2T%;m
zERCTMQq|{@laav{A|@+<hGeg0aA9o$py<TdQbzzVrHz%j$(61AGrEcUPWa*a)^=uw
z9`v)bF@9wGW|o)c-|>yiVqaPSG!;<=89g{r{mU7OA{qMTW<Ust@8#Qb8j)A|EtHML
zH~n11!R>$YOpV|8C(ry=ej8$Me(Ny|0tEacO6r;W#+J4g;8O4PJ0v$U)`8c4k=Yy^
z-u_(R3(5W70W16`7uh$o^e-0~6%&(PP($f2we~L;IlR7vNMQZP=)wYAp`n$v>63n9
z?q4qQ@E85n4<T_T^!JRw!u%)BQRbfj#TB91k(EiI!SzeroKY~%kMzx5Yxj}olfcSa
z?_B>a-+j*S`PEoN_TtKh_iH}xxAFEG7(I~bsCCiM^o#B9S0;KLeJx9KJq0*1^J`&w
zX7SM5*SiQ6n);iO`<wWF%L3^CyPC%8?AqiEZo$m>W&JM~`TV`Q@ZC#6Na*E8@3|*0
z_itEYMgTA|H3qkDuz&mFcaG7;!Iizv{-u56@BUi-eI>}q?8w3ztgTzab^_NfX%0^P
zj6|DO6<C;=#wcH?1rSs(^RjDJqzR*ud5Wubz*n(<+}?vU1CDlot#u{E&y<8Yl-ZXj
zD=Ul`bWyk8jg+LG^098=M}gkC9DKGTShBZ?IVP|pzR6)`TLDJ3DAj0mq_-;eO?fB`
z2QGr0;QAm;a64E<%exw?aG_LWZvGj_!kbegp4ALS*}=H)y{-!iIR?M(-%UI`(?&@J
z=fDZE<V*iG4N%@?ZMbyNvY$+DKr7<p9N~nE+WW%&xkKk{UrO}Ov@w><v35v(4j&-=
zn3-vPZ9LUf2E|&B<v4)!+Ht~s*V>e#WCN-Wl*T{LII%B7ihQ5hcq6E!jrWwlI_FND
z?(ibFPXil`3orsQ(NxavA}FUx(j90u>V=X>OYe4p5q&T$vJ@7ixa?t4dcP=R4x$Ke
zqe4mj1&EAANxIO{Dk+#;Jmy#yd+Fg{gw<^vf5uiR`#4{<KK9(!tx?7-`ARfEmve_y
z6ARC20}gH2i!7WT5||cSZuyG($Jt4G2LYFMctdAD9^Jez8p7E>Fyf0<sLY>J?pi}a
z83dX^bQIN#B=J~@0Bu6N&S@xG_?!m?IE1I#$gD01luLaSgsmwz*Fb`A{#h?7>!OBj
z*myNlOEMpVjV3fSamAnP+k=bywP?vh@L#uy4j*WgHJCe@I=X%%X6QA=7r~W!V?!GL
z!NoiEbHKCG^v8GODd@3}vrIvq&Po~ttBKj|MRCx?6$5_0%qb{sce}F^(hHe~2_y%!
zoK3I<ywaKB+_0<tG3lcAh6UcF8T~XR{g8i2o`|QVs=0>vCgsmJj~vNn513)5>e~^H
zD}p-cB-Tn;C@Q7U==@>oLkkSgK7avZxj4mOT{Fc%>_4^XPp`3p`D{u+(rxh~7%_JR
zA+SaX(?fg`o&(AxsAw6>f%-84gh+*1XmoEMK<$feQBVxRD02F!(qUCimI@B%Tw}&!
z8a-TdxctlBSD2=>M?G5xWIS3OS0$5tM|oi8a{q@FDKi3)$LV3$US;Al%sb|)1>idN
zZyJwNT}Z{z0y{%}Sp~x?i+_Or+N6m(rHpED5J5gAsB)ZQ^!Z=%$gQUAtOg1fmig;9
z|JL?nO^o8>B{QbX4J)EqmEp$&otx(RazjF@<+YT<O!7Y}j8c+g?s&`~!*L>D8I24L
zG2oHSpvR@;qMgy<&bQy!_n&Knl=xs`t=Hj=&da7)NgD&C2{b=$abjo;IUhrU%B6HY
z9&Yhl)bPXHOUnwS96GgNFM|$co6o@0uG@g`q%9B6!Tkw6sh1XrObcW1;nVsB_B7^C
z%+pOkimq*0&d2Rxx<vAkZY}^{=1^I;RI}3BVdJ_X)tTL~Or-h?xz8eWQ}Kst2t>$e
zW)Qm2*))g?)kh|B%3aG&TLSyrI7i|=-B6-Y)OMDERiLvRMrJ`we3l=7Ul+rK&_4e}
z$?Y^4iz<?Jud~$#X(`*t3%P>5tjD%!(=*NRebQF!&^i^;xq9NBesvArNL|X3HH!PD
zY7}p}_r}!HxVgU;!`c<Jl0p2{u!rNvAFvlK{ovSqa(CLzU}#S3qA*@!;_;Rdc`67_
zu2$$sk_gDWfIq&Y{S230rB_p)zp$xPhLP--b|dbk670-jfO5j)(Q0V8^rhUhrLt`_
zV}bjGTOH^`T?lLFMK5C{4jhY<AZ{!$t#?hr*8`6yka;NA0pNr67Y@D=mGfcZIMA|-
zwFMko%H)YD_Gz-=gX<{MpYmO3X$aM^Fy{;w&v!nzr@;84u^aFQ-eF7Xsr+oS_`<;K
z%`7plL1{hOr-#L2?(#wiFYr2tVG?wtw|C7f61xcvn%zx6HCIJj=irz}54C=)FU&bP
zxsXMUQp0kNaA*RuzMVwYj``EL9gG(>`(UzfTK~$Y7S7sZoLk_>_iFU{jw*9RHvECy
zRHK8nf2;3PyeKrHqmQq|Kcm>Qtn+SV33Np`B)`)!RLNZbcTBUHWQJFb=YHiErovVX
z#W3yRBiuYT9T+v2l!*5nvHpxG3}71~1V~@@8IzNpMUfoW#$<O0%Y@!x=`5_h$kav?
z6^t6>d{(48@y=(?qb_ynzSp69TiRe<*W5W!*toZym?{@cb5nR=KwwxDSvz5w1Uxwj
z#Ludb)78c|X(SJ&6mo&R-N4sC0pKE<{W2GrZ$fBd;FWYu39C@=Nj`p0;&<!R`C-)l
z>9nv*CdURH48Hh#o4he=GfyKup|d--@~}I3w>3Wf7+<ef_X@R369JGGJw}l3CWvHp
zkRon>H!o|c1YYi#J~c9bB36z?NC6`e7Xy0Vj_0g^7>rtN$_$pO+ZM@w!Ysoce|&wA
z?V9M_*he~)*(~8#fw178{y?8(FjguQLWcl!4Ye>xx!>vPXhW+$^`?YFa=}mu(lmh?
zpw>4otGcmQ`20bqtH+(G;oE7uwAE{Uyb{<16EotVYxO$v2|!^^KfuWeZs8~sSa%Z6
zneH)tT9-AsVDXqi$d`EN0O4aFNd0=LzUBpq$$M?>q97x#9zWLC2`(TGU%?S+1MPJx
zv-eOSKU^nedi>-svlZ)ic1ha$2ZHf-KMAND^YWuZVK6LAMViCd`^j+W8Ea5oqK*IQ
zL*6G{S^<*DnJ;GFaUMo0$lCBXdQ8H@D3e`^Km@bkP}tVzEkEpF2*_dE)pMua(E4$B
zg;{3z!}k?22jcFq5-G#gFQX~ZY7L9^4$FLIBr_8v_^;z_YAjbKA}q@^ixY^O{&pDk
znYLVhT-HR0*kw6m`W<vl!RbpD_IJF`9DU)EMZ4HI)V}&7dM-DW`y8qGtPx3PkJf?(
z1y^i9BaP~Hf7IbIUDybwXZfA~yzLm7Fd%b%_q0(j7^-v>CQN06OWPU9SMjQ~6zgI~
zvCjI>c>D80jj;TRh=c}-Gg`P~a?Jd?#5i8Iun&I-j}RC7FQ>J2GpG-c{Vvg)<1t}o
zLOElXS~<(m^DaojIKqdtpJ6-p*fSX?+=1#c@);bVex%fn!YHn3hT=fT9?#x7!;q{8
z0?2$@7gh-mVz;8kWybiqGcD`i$}%?~CCYd%gj{B1CAm|X9`0DY6K>dz^ffE%nPN)#
zn<AZ0N*jCEWDzTXDlG2?i;9T9dVZxRExBAT%EjSDsYHi9e@k)~6_Ff%Iw5f47K7MW
z8c|yx?C0VQUn}2_C0H}KHd&Un?+eSiA6?sZbhi~2;7rw?G@BEDDY8sNVEg6+q!tV&
z>7xT|ec2YQZo9~km8uPJC4V;jVdj+3W09qG#ahRdQx(|v&-GVG*PlBh<8_vhi30~?
zV~xpiuh=_A3D~c^=40NTx@^NVg^LlxxT=NiXw3YKm8s0Rel}LwPa-wcJpf54`BUC<
z=NH-$#Nl}1YR8p4fV(2~m_NG3@bPJnegk&|j-OIbM~rU?rW{@YM|$v!BhY+<kR^|d
z!xrwYJS@E^@f)%HTP|%yxCw~9K`(h8{;c~_5&^La0;Nym+L_+PvQft>?9A6DFVs2F
zJ!98<TsBT*gkc=0NKEj#GJtTCeTn!$2_}te+O~`LEAVo`8z{y@Q*;woTQgjv5N;gu
zHzCMr4G>DTo&%n6&UT^W64Gm?f=Q!SG0^KL6IdS(CE%Ka5qOc(4@ryp$ha-P{!wd9
z|CstJuvef#+_z-KG_;uX>j-8sXSd28@j&IH44kuicnjRK2h3KdL=Pprug_8KP-Uf&
zf{jKwg3+538dcKbSYdd8+X<q)tKRef5<#C94#ZVh_=Zh2>kP9ryp*}E^4#4dAGrB+
z@j=E;W&~C99B-Q}S`J?qY$=dC%|kAbo5`VmeT)~BD#!C#1A&qP;4_Al7njQC7}BR&
zz+P6Gg#{R{aU3;g9&@DS(<xO;0N)htvvCnN=3aFQzo89YMn(yh{Z^I(&)uhKK2PBJ
z_-rUA23ZfP7<Q#-GWcbEne(pvgqj#Xhd1}TPQL*?5J$cl_pulDZ@-~`CnNf_T#BpH
zN90M&grIKLb6<!3_(*u?mS->@G&L#`e&FsX?8ZvHX+E(}CnLFE8sXx9?|32awk#;7
zV$5^o&`rHon!wcLxe+hWi&kQ{WlaK#5{z|^Z>S+eM^?D5*zHpz3pZ~^x<R+qW2#o_
zec$&jr|Ta{bTZw9Y0OJ%xwG)Qo(;Q{E$Vaoj+bGUN&Vyy7<?`JCx`pxJ*wm9B~Q%k
zm+~B7Md9AQk?yjwtetCvJ6ak#)ubND5TGf|F)=F8YZv2on!D~`XwC|UM^$WMoct34
zvziNbc+M?%&w{2_=kHkdhpsvogollGP40r^&wS~C9#XOvuFXaY=wnY#>Qp9nVmNX{
za9R{y&(#+x2f<u3;i-J<TBb~&P-UpLoi5T$uysX?308L0l-gsfHIN(dknbVPye5%i
zu^X1SW40}oNIvaDlBag^w;x8!hA=e@Q3KS=&s~m|ySsF`1R?Z1-z5Le7LoCSubb!L
zF(?!E2YVxU#@ac-dRqyiqH$9s0pxJ!^?|GX`;Udo<2&j?=aG;4wNcM1jKE_Df9=su
z&G)>e+#GfGo}|Ll&+s~{j#CuW*LG3wv?9&HwMi;7fD7h1yndC2#6uyxQ#UTTr2C*Z
z^vkTIsF>m64ADyXOqHHLwt4p~i(2Z1?=Oi#Fon+sfz5Me9}O8+Xl5M-0`6bLxU@JV
zZja@NZ9LcABsVX2=sQE-mc~08J1*TD(7;m81uIsGnaa#|@5wWQ<b*N=V)J9*@U<dN
zx^ds2Rw2*L-wfxid`9zZv>h7#r@_qmP>z+nLSKJ<VZx@wskO;gYeDFlhpW5ZU5#Gx
z{O0r0yz&4Zu(nG^Th||lf|WS!pqY2$74`q!&maPgbJn&boU!8LqIb2d7KWmh6zwVQ
zUd(U{rg>zY2am@{8v|C?c~7?<Qd3X?n=1RWLNeq>!JkV%%WVI#x51OcHC)%<zdJ<X
zl8sbieom;F7gBn89sc@pmoMLD#$r(V$na%I)9io9pb2_OsG--B&ox^r76&(Avmnac
zpYGKoC-n#24hffo<$(mTg#N3(OPr}^(Mq_$?Zky0i}hA^0^1MRRVHKN6A&L6Ua-EO
zIWovbVMxpMJzQLDtujh!5+VG~t5>ky5NWC_H4aX$UWrOT+~K18E||hv5^Re`;~G_j
z3NU_pP$5%xH>De}JAU7t3=crBc~~vJ;*{YM7Z)k*rvU48WI$><MQ>N6VTNBTFQT!7
zpFb)4_x+JB;L%FbPFjrZ7}twgm782kUxLNM>PWx@g#LK;C`FnVe}AR_J=35tkxmYC
z<9sOq5J3<Dx+6W!yUJX>ro4bVm`1*5r=a2(lT(cm<emCFOWYD!7;AAnAGq2p2!~d9
zYa$isMLd*^ckE4CGrlbUsFb6$1kC#clH6R+x7p7wfxGU7Q!NM1=}i3xnW9Z){t2v!
zOq@TgZ%r6|1f9vP`~*a&JD7m{T<$JB_c<02W;wg^XUZr6H|#Q3d$ZHU+lHjvo;0u*
zFl!!`?*SK-rsqdOl_Xe+3s<RtnbOmj!lD%8<VPbnLA_7^j}6FY_;w_XM(B@FF?fXb
z4;2@~Iqo;^SgtQJ3SHKTbaUIy+wd0=lm|G3bpjQEPj(N{ZdCrnY|`j^lFubh`ki`V
zQ=K>Vm9!z2>|>d@JaA<f$F6yhReQ@k&(CNj%>Z&nF<r-z6g?2m3dDM6&*RNtg)#F&
zME9mM8d(OJ8m=EVjoxzYOPBR}2#7}wmiA`qlC`(Wn-~Q^gjx~S^@2ZYN&CEn478gs
zoJr{WR(}>uQja412NYZYk(|N(#&I*Y=rsGf^)X3KNWs9xHsPBG2w+hly-q}HG{PwM
zIxVx0haE5cjsw7vG0fFm7?>e);W*#sZ5r`(V!TE+?rPfVxe9UYeDF#LQ@=RgnAr=v
z<SnF{y3=s!(UQx-ea)l9=cl$~AgAYZ`#K-I6DPb-#DV+e=D|ry?fJKxXD=)wetLSD
za-GECpq}~bKzOt*XhlsgJQOIams~X#(Rg^S)OrCsbOmzYiH@NxAAy$fw>%^RsW>E|
za71r9`9#Ta#lX3a!2NWGgTy%Qt)5m<9=W*ai80GFF^7%2W{N7E$ma8SlyKwR$-jLZ
zl~828bpUv_momvsK1xhmi;gZYaj4bCcPXvF^oi*}9_FV=ca5E`B@>zFHq`x<iYRl(
zco^(ZWpoo_I#jyCq*N@}VWO|)mu^KOmO;n2Kv#~tMmn?iSF`QZDN2=<yAIxlo*fq1
zX&=3ho{aVEGNzG*$XPZ-5eXxrcxz7nUxO`L;9>;|{a|%WE9|GFsVdon{#_E()(dH>
zBO+=Db*_Q}=oHxT7mK9BKMfZrE1Mz|H_E>LfefKRSpv7xe9w1o)Mb_&KT_?LuA2(#
zeh+0Z<tNIDgpWLYmc_-Y;FcK2MRejmDJ`KX_5ru16p9*PbZ}K{y#e?_i?xJ&IVQ~A
zVVSdLzh7Eoc?%pf?r4QIa99P+P`4xW7gR_!G3}DJdp<woCR_NF-2$Kks4Gg2pQo>M
zQMjBAJyPrs2kvLe+#b6Ii4iYC=aRO>-onD5Fn2#e!Rm=`Ht$j^48Ztz7*{92C*RT$
zu6n(=EVAzvL3vYg2*j^QxF1mrcAUS7zFLXiy?mQLB?Jw{rR9w=<k`x=KEq1g8;5y=
zq4B{Q9mD#>p?Ik?n7&3UmF~MI?Deb3d6FYf>3RPm;o_wks46K^-6|%T^xNyZipv>w
zl?isHpn&YqdUOl#AIfhUGd5XyEJZm<2fKL<fHV!YO(ch4$sXNU{vD~UDPMQRa*ERl
zRI)u4M|dT?Mnmuv6Q*SWMQDDcyPu|NmJ(V-bCohMjwN9+4O&uvlvDo;H$ce0b$Hw5
z$Pe-2jN8rxixP|CkyEY9{+>7n3JBH>e$FvWu$cDstr~U@j059Q4OMF7>AOWN`|+vr
zpV0fpm<T~dW+@<DLTwhsv81XjD9h`yg=+0<+lbtHl6p)Ie|H?a!6n8LjU9-ENqGnE
zQX>9V3wagnAySic^m`ElF`3z8U@E9O9uKg|$V#1qX1>l>%kp>A+3w#w!Z}7TFHAcS
zK8Q5M!kD=+Q45Dz9#M5wu~Q#<*9XpE6QVt93I6>0=2vS5H5g9{_m{X$3J56>2FML(
zY3AvPC$M^?Xm+9BB*Edr#04W=Q$W6f!7ml!p;5Nx`1ceW8Ni0<5ZQJe+8Lt_(#SYQ
zjmc9My>3y2uzV}%&#ErLu;~Oz`Q)LJaxb3>-y|$ErUlUu<5>;9qsP&>W16Ro0T^U?
zstYiQ2$^n9Hp3|WYgBxS6Rkj1K5z?w1<w=4@cFfoHN%*2H^rnOXZg#BlD4leHyaCT
zOkY75Buh{#`}+#o9rRd6O@8_@xf#Y=?~r+pxzYTZsJ-pQguk3XtKC4Na6q!SB1aV#
zvnyJ!j$PN^5{?XhBhuD0&OaN71O-Au+_`#**3nA0z=teSOo9)$w#2R<`m}$l&TF9n
z_fwxedy=HQ@tXncoZ#zjL^;@?Mq>3jR(4qK!FM-6hTWwR6sx8&d>l5yv7YgzgZzon
zN4+gxa2cV+`;us@1-1S^@Gm^u`X>$nFD*jKP9{1W+6zI|OS0Y(?hH$I(`RTl@|yVE
zN-<z<F1QIy2vj)w1v_z`_rRDxA2zAiWnNsVoFs+0AU#2>mHU>o`yf4JYT+)`DA_EZ
z$GxsDJRj_ZpAD(LP;wugWCTyJ60=oDF6~WcHof;6p&14q{6J)JNb&9x@QVp*onRx!
z`#)a`)($$k>bw2o1}$L9y0~GlsWs(b;#hnSks`EfZ6Zz$^VOYgu;^zILd_-X{ZkE4
zsa>rgEjkChXyvY9Ggj7hOb)3Sw%~t0dfvwfvb*ti>KX-p-|B-;LJ1g?P3?lf@O8Nw
zQw!V?R2vQC_&Cp5575&v>?j);lHzemgvRPE+9mN3-`&0c<vDr{5s(^QK#D*mu~o;L
zpb~VmxFN@dzw=b#tDF<0ZwvA<NopOb&U=9{_aAiS&7lL0cLWh0TX%EKcGs=OrN$B>
z7SkE$^{%FAmNHT_@A$p?7%V#CWYLiFLmO6Jn7I<VEo%31b#aqv7Q6H^T^)-C_A0<D
z6Ax|6K}BO6ADl*kf32$i;AraN#Lvyya_IYkFqt`l<hcHzT(+qt2)l88spqJVZC+va
zN`us4#Y}+kJn#|S@R$WkE!h<)uA{13zf`H@Wc^1uAYth6ZbYHZTepDvZ-9XcBd+UV
z4U!+wD*0lS5-4L7Gq2}8k6izOt>j|-pZl8V*0U{v3v~FM{*-VrH;KsV0ZCF0%EG&8
zWCI*^f>|CfG20wfHVxPJHukgM5rY^yDp(Rwu(J50ZzzMlrt|Xb@CJ1?*YG+F7-w?o
z$qmur+hSGog$!8%7!TbrY4PR|N7*UNFK{eMY*~ip^xsZlRh(Oo8o;+>{Bh$P8b;g(
zlJ!Jk(9Nb1E7RZl`LzJBMG_dKw)2^2S`9sO)-!A3Sh$r~)fLN-qB-`jb|PByW2dn*
zkDJRDn2X-HQ0k`GKY7?YM6Y#uZlul2=xTw-TrAQse(T%;Et^q412X%an~!jcT}U?!
z&b8GWy>Htn-e+dDu1x)&1RFPdoVu1`s$C^OS(BVJN0TJImF=q!tYm1?lAuWhORMm<
z!}GdkK|ZkI$U2+I9(hH4Hr$YYWPe1yGKEE^MK%Qy5#GfG=$3y5Y%;~V-|2SnDhI;!
zUC~F%(8%j`LSZLfmbeo2tk$j#vWEG#6KLtnXmT}BpWzOen8($KrKB~F<U~=nL%3D-
zQKUPI$*K3?dHun>DaQisFy5<A^4zX4`EgCZ4St{ws2k=B&L1!oDOp!$VNa$?9!JtT
z;Ij_{35(P23QT~W@_EO7w7qXWSSDgzD8G4F%lxYwD}F4|ABBUpx^6BSJRyU%;czc{
zxx-amKdNTvm8U}1w896;`+#RVds2Ge7B#2T-e7KEXDg|G7k7DCTl52)ZNxB^DAxay
z>QfxQLVBYAuKdO}SI2PnV@o+mMbPFYg3Q~&TGmXdJDGd)#Re`0dxNcLAbmX91tND5
zYLuxM^_Wc4{$2c~l_`zMSb{${#4v7`2WH)rnWD}gfO!kqN>-MEdmFaS=17f$g*c}y
zSW=%SAc6Ijbf#{JN<i4$)IEg}$YXHDHF?rTq-q^^FL>-fK2$c1@W<o68Qbf}^ElAe
zzbM6|lM$(K)M}mEVdJeOG!*YAlfr`u801bi?}sLBz}xhtDWUBm#e77e4VDs24ZW{I
zOyC0T_uJ10OpxU&N*&7dDhaE~`s?k2@bP;ts`!RjX41c}Xt%D7E18!|ba{`c_cukK
zi;9oJ6mNG%vUMfaVK(vS!?KDUJ4B8<3Pk8I9>sN?p^h0?Dx&nIkjdQ{jpV;;_-PiI
z672yX4w_xiu+3zCd(iNVcKlp)1}lTDtrsmQtbN(hbv|L+roWLHz_0|xFv$|4l3^>P
zi|qMF?8);iOAwM%B!Rl~x*iroi<r}Qfng16tW(@BC^6o-x;3Sx6PT+&SDY;!o6UPG
z2SUmI4m$Xwej~#b+GnZEDeoan#i`EmDa!xz8+gw`uNv2Es1MRn1$Qf9eX#<m8imJ<
zqXJpD2xHUjK2c@NmqRQu7dEZ5`f9q=c)1*`2d7tQ>GYTo@`kw`k6V>Y<7W<v{T}92
z*6NL;Eb#81%Q4XXT8f$eyys);vpU@Odw@eZrk<!zuRxl9{@U{evM|}FmoC_)tEjnZ
zF>r=@duuyef+D`PRgvBur|98^wOSBWv)3-0FUI#~I=EFDGaiSc#)@db1$i~nxf;En
zK9!^K*CBY>98NtFuw4~0<eneku05Ah2v{HS2U{6pL3F_utmvaIPJS6vc{QVOQ{@IU
z+Fi@uta^<?2@k?O=Wgg3{rKZV$KWK1lNWABd6O0Wf=hHr^s!c~oxzM`JE-BG9;2J#
zxAIH+eJrNI7%!><(ZysFH2DBoGU`372kk<q4*ZlVc_~YltHX$TPG;4N8sA65gy1Iu
zhwd?FX6q#)chjgjRM??Ve+?c+X%Y&`#(n0<HPi6ZCwE8mZdyUscZcxZ)ht>whelBk
zPCLoGmASeUKcofaLN!`WC`T&V-H2M;w`BWlUg&ivdV2wDdNf~%-$WThirp)?0)J3q
z%95(~iFuqY^^;Jyi;JHWj(4%3E<P2juT*3tXqE)#O#%=0?ArogmR7eht7Q5)?s&f&
zW*mgCCX;Pb5e1^EJP5R>wuBgB2MUYS^)c9^V^gMOmUU(~7I%u^<GqwJVz&W5Wws{e
z5}^(*Q{k!{mL~B-x%bh@omMMpLF4^$T9ZnYYrR|=O-Cc1w~6P*ptnh=j7>17x6BfY
zudUe^NMOX<O_a0=w}0NO6cP)6gV2;Py6fQObr>T?{ty}8gxG*fX<5MjUc4Y0&j@90
zVv;%>Z|hBzddNq<L3YYF(@f*G*?^3)P=(es@?Ri}=i4KjZxtE3p+1A3k}8W1Iy_nw
zIX9$)0f-HgeoiVHQU@+1YT#>2_6vf~OQW&*?<hx^XAyk~&Q_Rc$WXU_EOWg;5y_{R
zYYqzvZMRNrp(Q^iF>QgSd~x{$&RI7eO?YZZB4u%j%t6b`8i&BKpKybL^jm^^q^lx}
z<n!XEXyp~Q6TeQ>uh*P9s{0nPC7{C`x>w`k(Jxpab)(uN4lVpPq&wWv-ebDg1%U8B
z{5uPu<6hc3!$pQ5iidv~4nZ(_!4|oFPI2u%$=<TTY5>blri68Bq8Aha-#|&x_?fY<
zUTQ-B8UY8Uwfvew^r^v(Ar9Fn=uFLe#_0{)sg3&>&0b7V;a`pVnqI{~2E~+0&Wo5@
z8rS4dX>+_^z>?P_Xg<DY48ZPQz`GtiX3`u34>KmrG+2oh``*nDIbLj7hIorMI%!vw
zfdndkt`gzRR{wn`Rx;cn1js;rrHRWhN!-tnP6S_%g7+g{ws!fgo%tARpXuw?A38KM
z7d-*ugh+xg=r^%zK;d>#rMvw0g~DJbC7jvSGtHE3@)w$H*&mSK9NwD6q4O?Ia!YJK
zUh{AA_iWS?kTSsY!*nO(z={An_@wj)1Q30(75BjoPGKN}mY^ugd=DQiHE#Y23%=dj
z)??*?O7T0IHT8wTkw2;rOwWJ*TpXwMRTSE9-QYb<QhQNNN-a&;Rpj236_*NzlL&Uc
zICVz7;UQk)tm~tFdoa+#ut&~zZi(3Hm=l3m>{TZ_hxyjKl#2jE$k^Mk^%rVwJ`|&k
z7MmK-yt(QcWZ(RGglJ;Drt5`oXNh;kP(r53iyGy3tCGQK@g?Xuo)aPMaoY+_NK9CN
zOSE2iVL%9FEDRLvqugCBWJFytag;!*5myQO>f<6-ZaOTQ_x3-h-_k=+LRS}t0C&mk
zrW9|V>D8R``FdSj@GP}%3%QCL!t4|#a0U5<OG22HNL%}ZCPl0)Kd${el(3smHGV&7
z&bBzP(H#$|h;*=Uf3S5kWY_om%O~v#BNe-4X4>3Nr^kjSVVDYi{|8w&RwenB6E0#n
z|60D7L2s=NrZZ~KYGgT%K5v8KAphuZj9EudQk;4f2l)ik`dbu{dJ_5zO>0$6{~*Tg
z%d$eztm}*b68uB>tsc>=nd=z;!a+L?;Orlkg^Tx$JLWg-$B?3-UFk$^DXVzXAM03z
zY=_*-;5>&uW|PyvN&kzi%CH*}WO@L9M^}kd4};oMSOyw^V7X?UO+O@>hr;Z%2oz6w
zGIZ5kQGeHQY`p(r5u^Y5(O+?;W~Ke4g>shxB8OCJEj`m36xFWDA@vTcG9S=0PIp2z
zsiM?zGS|}|LnalSCo0Q<P<H3X+iuQx*5eH>g9$j_aS`ymJotOcBc<G*RJ8AyK|C6d
z<%h4h5|&VAq7m22X^^MS^!IeF<^R2X!+4k6psQL1QDfkiOTxL(a4d0U@Zm#^n5EOw
zd1)z8-Rg-zdda0}i+?`>)}Wn~4K@WY%v@Ir*j6KfNWF1fc>fqa5qOl6c*E$#AV)lY
zulp1v@swnI7@1x!ALRy14<C!y=}Sk<a{t!gW*fUpTie>O!)j|(NzeLl5L@%tq@zKo
zRLB%Ys^DHbHWD^FQ9(LO-NUy#YxQw%n38dz&7W#DWxfw_lQ{Rk{VOS<@bf$6PY6as
zl1>s9x4djUVc`|)fH+(_O8zreFi?Tm@U3qE72<;TYIrun*aoh!8exLlv-0<GD74~*
z=#xu+l)*)~2YymDF~N3y0;JD%e<(y0A5L$;3xjyYRwDxxhgR&Rm{x%s>?hYWWA!Y?
z;)Q(SfHC5h#^bB~A(7uH7P4H4J=J6Z!b8WQ$**7Evbdjf5eR)MF?fPap~Ff3`<$Fu
z87UDja&u#tX09V1ML&PB{_$l-RGHB+_5-dgT|b{xk4~~20&Qt?e)(<L6%h6=IByqy
z)^Ox?Z2yqlSTgc8niFvxW54#>=RVFdj5q2#q;3|vHw~bqS|#X2(PMqg;bv?yUzK4i
zPX#o%AjS@BdK;L)WN+jseLpWXDgI#Wtq(2~e0RTx#7e;8TvxhQbY<qS02@8w^TV>_
zF)|5s&SVwt%ycN>^88auD=0u5jjUw+ZtmGDWmnF~8buPpOGCFZdTg>X&C7fwCI^-?
zK?qj$d0m!rh?GBzwfE&uDnlD0K-m&V4@*`#@sSafN~c!eQ0Z!`_qyq<^WaDdkI#<I
zJlslT4Eu~1%tG#b-OIpWZRhKqC0T#1E)tR|S|HrMn%$oy0UgDYTqns(=(l~9SZz9l
z9m~=|Ajz^it?{tkQf4DTHi^O0@r&&{0wwjm*m$v=8iGc~a}z&TEF83{_31EE{lP@|
zGD#Pra{?=g&p#%egQM~GSIY-cT>h=i5S#lb!o|FxL-eA$7=bI}WWK^RlFfl{8H8Xh
z$)8B<;$MxA9;5KFf;?7zZ^_E#qL1rJc{@S}*yX}n+TQ!S(xyneRdcWa$wV2tSYNs<
zzi|dHp*mO!hfaRMP6>`5uHRaYsI@g24V>|!rB(`=Mgbb~U<wm0-f{6p1EoSgJ`>w|
z(JlaKdsfm6f|vtm1a7xSmmHne89DbQ@w)?JyW4^=P|V1ii7S{f`|E>1w(PznaY*v7
zR{LXoD`e|<iit&6WPqAX7Wqg(=p-Dzj1Qsrbe`=^ouB+QzJe=<48D*Ir`9hk3l2(*
zi`6w19h5sm5nYVhlh-H+FAp_XmKn8f2AyC`ffEf#0h3116{&Pw`505F!RevQvUZ|;
zCNAyIrOsU)?jnWK5x6KRdr^pwyr|jSrugJ~m=Yg&$}myY=g&9JhD*2b?IV8p@g0qY
z+uK;)fDkSw=2NQM79o?a^FqMx-OIQ>yFbZ|{&*sp_3P7pR;Zp?OLjL+;VZHwDnshq
z>+dyx@4V#D%%>)_X}K+$>5>HPau9Q(jWvKIUr@jauwGv_bvpk?|N5gdt^I?g?uN^0
z!Yyx<KofUt=C+#Veu{D`n}m~&#N=f@bRLIA^Ubd!$A!)a5iwMN{Cjxp%*Y~(Zs(xp
zp#%w&`1)UdIMu&;vaqnGVa>D~#B?bNNj6)4=pvx}E+u}SN%rT>hfNO&a5)Mbl_POm
z9s;M5wA6Wm>P^ZwvX+uz>t)|ZWo$oN9U}FCS@W3~Y{!Pg^`|6LPC(qwShCD`!{Oz~
z7*H>BmX~U9`{T=X)$<t|3gToIq{x|_U(g#+u*2`=<td874c_i{qQcb&)EiU$FWYVO
zCJd?)u}Tl$X*H5t8HH4;w@$t7_kIKv!tlK&5KOlbMCN?XjP`MpGL~&{*|xaU4q8L#
zny`x75?y2r&*hauLobs*+Q1#)pax8(Y0Q2R#r2fB5uxU$nv1=#6R)M9&JUC$y;MRU
zi4^x?KTjtAzP?$f{Iis3h3G{l9DZrozwh;C=V%9IL8l>kO!^q44=c{^HmRoC>Q@pB
zZf9`zI8PSs5>*?WGB_8qK`8$~f9VHJ!N2@x`nDk=huzbv`%aSVEKlJlZZz>9eK_07
z0!z?L!>U=Sn^n9Fj)D-yvRPCZ-y&DyIsf?@E@%{ls}OY#ia5<I#dth7cU(Elk3g!E
zGdC^t7504H*V_KcUjuPLs+%;-5(dD9W})23m(xm*__}r2EE*Aym?~}0Hr4{1X596x
z$Fw-GaSAGqE#11v?XHrg%{3+Sj?QmqV7fylD~=uoOC6Ovm<B;{@@U9;zvEJCz1oj!
zU?$7GiKDCAQ+l|R|46+hGtbbpV16oAF~nx8cu4&dz{feurb@W(jUP_jClEN)sK2;a
z*MA8)P@lpVb}CL)Ajm?VjV*)&duu7gLc)Bqq%&^vM2nA3qKkB^)>y1{gzmD${wx{h
z2W^*)+S)*f$n>CT_Q)~Wxy(ly2tOY5UcEh7EF9H)R;}z=Ta-+C4~F8&k+zTBCVhFR
zTLoX6yN!~7q<?)Ih+^OxnJK`_+{cwb3wDXiC)hnmRS{Q#ObKuByJ~rYDaJ3oVURe=
z2{hf`oJTdOXk;CXWQtDmJ9uhwhA2Rybeo#swXm|7-1TyqetYAiG{&88CXxJORg({^
ziu}B9RhCjlG{(*zt!%XINfvMF*;88G4u_fWLQ<@`Yxt<afyuzAXr&{-UU>5CXb2Y)
zPptieG4WaG^1as4U?9*J7Dc6OO=uRnFq(?fj}#!);xrT|B*l5(Byx>$gNCxZHa`@_
zK7?zV<zV^c^dr)vFGEWkZ(%iWg}hSquR;6vlV!|I9jiUCp()KQTr@PUIBC`2X?};A
zJm<p#!~|sK>xHxX+WbzG3jv>8imn=G6)2+1V;ll{Q1r5T={?^yv;&6CDLKcN)-CdQ
zAp<&Eu#jSQ8wUhxeMacN7nmRMuIL{X&?*d%zQ6vBZG7y~328BgZqL@*{uBN(5ZpQB
zCiiwoCKIMrT{y&4IpgHFukzP<Y5}siGDG0mmXT}DBtFWbigaka9N=;OBO?TUv^*yF
zp5tJ&1}#N!VhMS5ZsWFo%M&}VgFrJAQhZ9JZgAAb_fPsy&r@g7@pOJ$`ydwkXR@Pz
zj^)@#3~Pw@784g4h0Rriu8E){1#;!}zdA490nLW5hK+rGR6eW)79^0tTnkWIBbGbg
zg@Db8PKB;Eh32iwuP#?|qfQJq@Rh?Og}8kf(dAj0wH(8h>gOZ9*7Qk)!4TqKrM9Mh
zXp>nEPQigLn`QWjg;&Q8`O1HqPte&Ro@b>y?_BKPh=AgtnA-$1zT~B2^~0oB9l0F%
zG)izPOFwO=%m1c0I!H)+r<WGZMjcT@4pcIA)=a=*oN!<cQ1Bs!21IxG<Z3KmTxDh`
zm$kb4m~ee$mGTw>J*zY2#61?3HX;KA`_`Q|1O`WEt`%2u43)-=fm|1(&&sJXNP6K6
zfOvNzsz!P_%&Js?kH*J_S5k2BXsoWW+jsN~|DaFEJC^U~Y1%W&x5E)N@x53O@xe9=
zl?)P`VAQxO8Dnp<CuI&=vo*WW$_)-cS8FjqPEqlo5~NOw5K;FOn%8zBePeq56p*Qy
z%0(JG1|$LWc2Hd_u^^}aU4qLtPIrZwN>dzWzJc_1h8age1@#t%Fn14^E)ecV9n&64
z->+@IhnRDO6UzzQ&<MS25~fRNoLzWK-^G@Xn;2wrMnuscn=P;R7q=DzV^*Pq&yYwL
zRh8o#mdGx2Qz@`PqY`Htf;FXzKR{ny)#OH}GpF`NA%#H<cu4f~t@Ky6*k`<TTz*r)
zzLZ0)e|h{l6dHo4J*D23_0tE3d17dv`7hj;sv*pq%~DA*X>D-bK5IWVzTZ>wMkcPZ
zWryrgEe!c>QQ6!&3VPoFP^6T@#q%gWJP-vk6R!`|e>O?M$g|{AA1!rdzC5!{F=Qo9
z0UfI1NwnD`2Q0@<!t0m3-$9Z*>|=Oa!t;ye(~AmQ#N^7b;s`!7wlddxVBZ!!hONQ(
zl}b_-Q3u*qVRLH)=+<|dA*LBqM&GGp80qDA;u9K|XDI}HbOe^?_bk!%x?w0)%_r5u
z@rl-tNMkVbf)kQt^3(M{wh{cb<;+K>5JT7Q1B#5bvq~VxwI0fVvQ!%GrpWW{^FV3;
z)5U#*eJqk?z}2sw2<iSL@?E@#clRxB%dCq)-s}7KM--$f-^RCv^Cb>NI6ARYfjJ3g
zBm8EZKebLu#3X{J`&-q3BJ`K{pw^j69jhk->la<l%M5beCD!pCs6|FTfyB;!cDtcI
zihQd*Z%xk(TWuxWl$lOMX1f06!j+!ULyg2<HYUyU=?23owd89s5Buo1t^E`OcR3+M
zJtFzYyDkSGmh$MBaF-}T*P@w7Vu&^l#)nWc^5W(LnX@+N>ow{cY;Mni6JD&b3yNmq
zs@<&*je%$p@%W;wRb+N!4z!Fy#`AjP&Fw{Ho7v}4q2(u+!ztryt{pqBePaiDITZum
z>9E-?y1_cELT@JQ1GFfP@EA-vm4MkA=j^|wPTDsa%F`VU5mMN*sikLVTpPc}k?)76
z)2ujJrMW%6B6J(;v;Rtne(oqz2$Ei!59<y-CVp+)q0gxy{&H*MddK=!@K~GrHXU0)
zGofp+DPib`HEwBjDWehKO;yobw<mqQC}?9-RD`#5m!E+{K!vR;Q%`a-G-sU0Qeri$
zYJkwFLT9KoxVR%Iol7Zm&C}4v@A8-kdlq}Rh|zinX%>Zf<~dHdH)G*o*lo;2c`G4H
zbvEHsT9@l<%+E1k=3l!JWzmuY4u1v4;iwTCU{&vl{Fcs3H_AI!iwIIbgcLmxO75T(
z(`ao0TyoUzJ}S{p`*_KdVGfWR(s2f6PTMe)*|^uagMT$!n6qL#w}TT~FN-K4MJg;1
zVY$scy-?<JG^TA_zf=Z}6KXpOoc?g-U0jM3?1yRx0Sm-c1V3gp2NAk6eNZVq`C@jh
z$2h9WevUI^Q0k~Tu=tB7VnN>O^gfU+^zhwPzF~Vu_^=Q6u*7np3wiAQGv3v#Os2aW
zd;&k_>|WAmbD4KZGKVp;C8i~jYq_faDA@~!;P@bJUO#*W=bbW~z;huM(|<jxNwf8w
z+x*vaZu-M}=TX%Pp;OxgaPiZ3;bZ$b68sgd&BL|^`wz6nhucGU-g`5X<^d7=q36Pm
zar&QOP5nbV5OC(n+agB=p<5%Aiu)DgtIi7XkS}ky@N6vWb!<^)X~(Modo+Q}#w{{_
zV`qPtY5t=VDqZT!9FQ~)u=q;0V1`xV)eo-|^Q<d)@=kRFJQShlXx5)(?;g1;^7Jqz
z2eYqFtW_E~777qrVk#C_<LDSMuN*!3Rx|PL6c0#~kX0TMGTsLT4ttdL+uhH<kQ6EW
zIw-u+hZEw5@qy6Mq#o|3a1|Yeu96Zxt^D{A^0PX(e`*tRr-qWK)kLdptH`i5OjG*c
z9i+J$RdOywzRBvd#2z1lwa;gp?-I>aKHtuMUp_~91Vc3-<X*B<bKdEgxAJ@m1e8cx
zbzHldXh2J~&2AI#YG}+&LK2CF)kbZ4G^S+uPA*Kb)6k*EbdUwWQi)*2p#^b+HPps^
z@~{-6b%X`Cfq8-X67&a>QVPT*gv2ryndL7@*Q=TD%*)(qMj)tb@!Q=S97O$Y?u-AR
zkUg5sHz_>Df^I%Kiqr{w3D=#qPfmj}3|aE=oS#5U`mF+t_zI07mIFVi%V!oOd~mUk
z{f&wN?4w$Yi!T%|gVirnb6Hp)@Z#nSEO>*YUR-k0)X6)S8t$q(r0ZkE_JHl)-lFs)
zM8D!YzvIfJO6%2b*S#b?$P@^g60#j+Uyw%+xUg2rvfsG+RHaPgD}u^Qbx%`w>`4?1
ze=|466tCVyCmBYL<r+F=s^Xnda^{k&-K#*w_=ELe_!1kaM(GBVT;%*sQpGk_ckw{9
zuw9b)3Jub6)uh0RD_o&fL(mXqyk@BOl0QM4n>Z{g5G_*~n2~^U)UeV7W&1l8p2sV!
zk+UhvvFZ~s+UOTJdkNFl<a2;Qog+$$B`RVl2T_XmIHM(3U~iGn=7j;9U4p**&e!Hf
z=nJMNw20EVW3jF(`P#md+X!(Uk1N{z02TjOOplPcpQGd3o$g#EtUbed<zkrD08E4_
zO)V{6mE(-x8xgzOkp=eZMa~kwz3u3j`&3I=rE2L_XmX`8$L)RM8PvGxG(ibX_+t@v
zqw@n1ZLTiRt^{=JDQt!E@vE+Bio;5<8;jKPMSy8!3#jY`#(69oc<wQHyd}>#vm^%W
z*~tFwanBMZvvzPK5v(6_nvC%MP^G<hABUR}^wv-4VcZ6%{HhEva!@XI?iKR6Su<s7
z)z3SDwiUtmgj2)X*(*YPiQAwV&?m*Y?M>mY1>RBPW24)QR@a;W##J^xF_C3ViA?NS
zeIrXei`*i!$BqJ4M1mPdUyH@)K}vR?>&R2<DmVi62E&FnGjFEim<7*xb3p^t`tPrm
zrDyQMVpZo&R^Fp9Z_c9zXX=u@Xq*x1q_J<*kPU<T2tX5UFHpZ@0`8-fB~8JRlW%Ew
z??niL8i<siy@~}^G@;Mp(IiM0Qgzy!2|MX`)p*tqxXTk54B43s-z10MuPDfmJmT{k
z@E)zWu;9<BhZ(i0Tq`#EFW7grorcox^M+S~bXT<p!}xbxx3LA<6<<SNG`5F*6;SUP
z#9N&ktM~v?_$JpI`MqEoMk*GaT~IhrlSa2LL$$H!)I({0r=ZoM4pOa*WAplFHvP`F
zzg@*&tH1#5#7)9By71A!g~Nv4Moc3@B`4qY6Maw33XXIjUU$-mj9b3@ACn!$CprTs
zVcIRCD06*AQ?F3uc{?fHj8I&JL=*n;uHofy?IGaQ0v|G^5;?DLti<+i)Q?i47)l_n
z8tWCExK;Gj37OQXWY%sp$uDE{mI9yQUOi*Si(#v(;Kq2Vcr;y+s@BYYN>qBC`Os(P
z3?vr*xM{Sx=-hYTK$8I__&U+^a4)RgRiq3eyA0=k1K|xG*_Xa^kpceD=0;n})GuRx
zQX%lfMr;CE$Mx{#Oi1LE$@*Ve0jb%#b05iR&daA6#9~v~vyIvzkX=u@WGDa_h5P-V
zZGvDE4FOLF(dgh<NT*uF37CTT!c6O1DQ%mxc1s;cfKfyXM?JYi>4zU}&!RaOA!Zu>
z{6VQ5c?F%4%_{4P22Peoj&8En)p;+14A6(qc7>f{l;X1T5Qu*B_|o{q*j;sKjAA|4
z52iIMDZg=;oMpASILz^mV=;?q7p3z7BRVu>_(YZ^T0cuHguU|EsFDzUV3Ybjg4$X;
zHCdl`Q{LnEIaascmHI4PWU#Bwdo3OO*$zB4cQysKjg{FM#;A6c{CQu#9Ay$)G`hPH
z00_PD6^KdU7ik{reSPR$VJ1D<f2{GZ)X7I`)Ootqg&=JpwlMXamCMIUCu(WiqLT_H
zNb|5@6fi^Y{G*B*+^Ri*6jv^*$V}^s0ru;Ma$t(q_{h$|{3yA)R1^@d_y-7Fo!P|q
zjW=OUR8<qak0HNy-QAK7Fb<m8E>H*>v_F@}doXr|BuxCP{W}?m-pH<DAhb2Fso?xW
zCOx)(&FSY7Jx?4Gn}CUNe|2N!zj6t;vMxnI)5vX|^67uqiQn})Y!(`C>-?>-*rRHm
z$0V7=Q^UmGed2~={8ROyUTFx-T}9}@x2xpZl8p{zPsHeVa?HAL`i5a|VOI;ZT~L48
zj?aXIiR15eCjxf7DJV3)g2!8aM$}q?t-5EEvmVdTXNeFYqC~35&h8a?QBeAmpW^MU
z@m@HN+jU~lOryn5`M~9bcQP-=qn!CnlmEVI`{`o{bC|xEsH(($h(_@w`5SQ{p0D}Y
z+M?{d<|Q41x2{O6(1CX7#1hI8WSBYB?A7m8usW#~0)Z|c@qu_DgP<-3Js~|!IqlVQ
z+|6_ASk`hRF}zHuStyIvJq|O#hG#yDeM`g!WZt;Gd$+61tFlJNsQKlHC?o9)yx93C
zijn_gx#Uot?B$Yi&jh$ncUEx`o5#;St=PE$1&Pi|6vTFm7MvLr=&Xe^sW@d7h*WH&
zAobs7KW?VyWba$DmJq-O*|dI?{wB*9WH`sh<3OL|BK0-_@B4ys5o*(gmGJ2Y$s+@e
z@UqcW7<(b1zSMdJnyYwVf}R`FhbJ|ilOBFhSQMGm`qllEhGTH<;3<q0BXTCXIy4N+
zd!E`J_#M8<O!dGntS6d!y}6i@i2_lDB|qc&z_<ilLgonKA+^_;?V5Q%XL^UA*L!D(
z##$`DC5;!Xc4Hl$nNFN;m!#9ru20$_Q>qA(TmY|w@Ei=G1vb=mC<o={l4a0+tRq;m
zbD{;9aR9aT)0!6WpBu{v5({MzB6g#HeZm?}Cc%!?Q{KIjQniBR>t%{Xq9X;Sl(lX*
zAT2a&v4l^C^2bmm!;U0AQQ5oy0#WA!)3Dzo66$ICwd%6$6OC6q=c7cpMW0O>b?=g_
z7YBM;q2b2wd>#u2sK*rOAdf{ZVBbY7JM+h(LO7EROpnDGyaRjM8QXQSS{TB6&06yM
z+Y@)8*lo}U2aIcscLSRxQwxF`%AD?MK0CP3a=^-6bZecht`-W2<XeV5#ZI52tv_O|
zwx9N5xaoQ-lag#J1Tat4U4`1%4xFrQJrzuaQpGNiZKgIK&8<1yox2Bi8m?6wQR>W;
zx_>LTM+sM#TdI1u>7-<*4ihm<|LaK~Rn{ce5O%V%@AB`bz*v+{_i~T4?jVG=ytF+E
zq%33+b#SwGvLcPp)9O)N_Q=PeOWyocAzrr+i;m2UaZGnRu#<xNt@R$6{IVY>HQ#jl
z&uPKREM<%@`2>QJ*jYN(i*#ocbD+>qg4W^z=}mJn-MI^0GBy;0n5JPxLAY|x(B__e
zBc~m3<X`daPMHnu3qmxPn`H?kbEgZ(X7T%TJ1c*5uSaEONNKO!RP#z}$zC*n%NSXD
zkG7w4LpkRT{H<S0hWI54)4oAJtWzu=MLcR16n1SsM$>;p&H_nR+@J3EJ3yGgH(oQ+
zVC9xSJ5GQ2Jb9*#x^6VKD5$`5E+HwJ48VgX9hLcA$gC+viSdRXIa1by+s|{*ueug<
zkYzzlQu+?>i3~@GQkLCnD+S$Y;C19mZ1|TiYTb_SYr9Z3EB=W`9YgE?3+x~h-+$(6
z&K0E#B)BYS@%VwXvnoM0M~qpTy>1l-blyN3RvsuDNtd4zn5d*|HfK{>_l_9_(VO;-
zp<M8f0+MwBiV=P1(?LDOato{m@INN}Zycr^kDaOHroB8~TNs9oeo!CT=%BimKCR9Q
zo9~Li-h>4xgRhGYQE_I)?WE=a@Obv*vc$&E42dOie;}kdv#EpS?KZ_2gB=mX&X`2^
zH)|TAC_ZgB8`Pb5wcA?#Q2q(mT}E2|xu)tT|0M>XqoUazy}Mak{e>E0pN2zBG;8<~
zQn<a8(o;3*$NFz++^De%nE>BrZ|cPWamafX4+SM01a*!=<-pm^Na8J*e8CZ+G%3=9
zm`$Se>UU8@EtC9`z#R$$ahb5o9^WHwXB*gpJN85b=cRPu?FUQko>`_Py7;?fpJY}w
zww9NeUFK+_)66OU(+Dosx(g6e*54Z|4uFPwd!BCnAvJ+!tr`-TtWnORtbMBUQ3qXv
zJWPgj4XDwpsfFM6^LmSrxaX_-_;nyPN_*@xSWhjqY$78khoHB^mzCVN$WA$=3-7Yx
zdMor|bQ0!mY)&$0FP2bHNBG!_nA-u-ZN*IVFsf66tlaK>181s>!rBJuGmsq3TNC00
zD!xP#wEZDd(s)m*DahisyY?vjv1SiFC;*iKfEIoAK)6(7$v~0=i7uTSSdO)$sYXjb
z26XGjC+uRYH1{qzZEY4!cTQ_}$YTp)@0o&UptqxdlK@IGOM_xf89m<8!VQbl<Y$_$
z9IWkFAtUcD=}}AUWogwPvvjlejkfa|G%cdu0qMAb*`z(|N&n@+uJIam_{RH__W8%S
z61E@0iz-J!?tjY*P@e*mvo}@b9c~Uuo#vY2CXeYUux2%`-w82`!Ub5nrp&S%WgrNr
zI0<)Jmpw5S<A2+K1TzNU*uI3_B=xXs;RJSiqSdS@Dlj(j(h}Xui7|@okZ9Jx!7)%4
z#N?HVYbs@eI8|Z`Vo{87X#zC(ZQ!Gn@feD3Xi#wIAv3CtLSwR#l7e)0`3%!2dH+BS
zF@xKJ9|G?QGi%MHKLECs6Tf(04+XyX){KP{ePk8j?}J@6CbBR)BjGFU-JO<P*bbTB
zQRDvvKot2|bF`E?S`oa@QfpdwY<ZcB0iTihOrEkYFi#+bq{WIVj<;fgZ3lUicUX4U
zr(^b!KIqDm)jU%=L{L$tbI8rhzO#4~f#F5Vbsj$PW7%zF=MA&~yy4r3&aM9}jD{?0
z{-W)_Tu9PUn!~!HW3v;bZr$Gf722l#AZ0Kn;xqn96vZ&U;Uq^In&*)$4&UE<<UEd+
zMoEsJciElQu3NJ@CE@UAclR}c@wf1;-ZM;o7NMTq3oDueSswwgL_x7yMc(a>QHWJY
z6b?dq=8>NdgG-9omTvA-6H5d`D}f*f7s|h!UdgXybvytooCc^HtfxJ7m94h29P++6
zA}QNCfLT$8EXu}BwPxszh!PgVVD4HkRcT8bZS}iz1Vr)Ett*5b8GLGpE4CtG-seC?
zWr&QYmxw{cbx`>3{|K|=X#|ac-=M`M*Bc{a)cq4Qq1@VxJ*qmxzlh~zvXO*<(D&Gu
zUuY;bS}F&PFD(9wpkDYCCj%4LABX3!7EGdLv`xv4urIas>uzqrJc~UEz_@RAe?yTl
z6-o5YW2Kuqqovj#Il2datWdv$wNakh+x1g^K8uVbRx?e^Sl1z$qI^J%^78&FsfzE;
zmN)u}-?9W7e{(%J9=c>n=)4cv6?CC|XRBAH8TuoF=gL;t?F8&<=+7v1yUl;O6tVc-
z=GQqTyLRqGhmpb4YS82Vhj<A^tEqx0Y#~GJwW7S+#p#3(vY>+g>Jw9ZZ#Nm>*+Spg
z${hfg8gm_)nF}#gMssY56JD~?ZWNN|F2<GI#C0_owB{kgksfr=c?Y2yuBX8j^HG8&
zI_PHzgZuf#VUkI1D(<70nn1bCL*f})e+S0-xj$W`F6n&RP&(jcbO!1$T|#|qi4_HT
z(A;d1RnO_+#1pAC4V6wePZ8Q~DQb>iYe;f}kRRSUsDSKHWK=1v7ipk~#p=teC>78M
zZCm2xVIe9}3|?jW!gcZhzme}>zUzL;vx)pdN%@d=&R2NYh9N9VatCJU2=hr;S4Byq
z$Ss|d54KABO?X#uN!{2Mv&K};_aDZoQVDfv--rasM%U@)Vp5o8`tl=)G$#tyIzbw}
zb#gPzQyq}Bwc2q>nfPd`zudJb&mGo~Mgy5}Te4{4fpF*9+E69%Qr|4#T%ihzzmpIy
z6x^6su3+EAc}V9S6T^i}XPb;FPIJi?>&NN_rAd^{jt(+Do6V5@F&1Cb&pn1yNhvKF
zDT5{>y?DTEC`e=zpDpHL!rE0*R!_RNoS3k}YfFQ-4yIW9Gp%!0eJLUg&h4NDTnNTr
z0-YqsEYZ=(8uk$hwBv7h82S=h>waXLx(|K)40+*m!D|{QzhNY;qaa}NvKdoUQHr+3
z>KD^xLV~>HfE)p3hEr6HCJU?0`V>n$FAq25(*Hg2E3lD}OJzn)AclgQOCip)EJH;;
zJczg+wFEQ~ZV&Ju<l!GoC1OCY(o+kicFT!aP}k3tLWCAmUTNP5uO#OXnN+KYn*u()
z7FHe&90IC3v_Obw1*9yA!X6m%XCG5(2shPC;O>d`D<^m*CR-&^G4xu~&A4-c64W`h
zou#0En}wN@YRL?4t1r@>+DeIMYDXn=q_=i#Yt6i`jX>C=eX$Jd!n!_{`wh|GN%8&F
zf05m<{{@{41D^o(R`oX+`kw)0NtBt?>Ef)3Yj0x*S=VONv=*HH)V<WG=V%(BlZ6E<
zbnb_DC!3Ddo2nZ?d{jzY;shkS_rqC6k;$L#l?@&qO<-9Wgh@bdWGbRf&y-i?x((=#
z{>p*S*^gFFok8diEiCEHIJH;Y*Ivzw7w_1+{!3mmEtH0c^v&&&I(n$WhvbkN%POga
zoyDrY+=NB;@m|g}Fj$KXjX{H>8uAUQHj9Ui=p5X?S<nv?RMDp=0o8jN-4B(BEHB<S
z-->o7AnZmIg3e-vGApCENi(pPAEq_9iwbaE1LeXk-P+w5t;NC5N7fb=NQwiM<AoXS
zj^f~>%DhadoKb#>N3;BEMujEfRo^VqrKbHtu(E&c?~(=fKRE&GDtGY7!iq8+_`*vX
z<C!=RTZ00yAjpdz%qFb^GXYUS-+LzIUu>H|uSrj^bLT`&(w}gOKJAxInMmx<_m+20
z@g)1;^C;wYX>0I0UL@EUcUt82AlI6|h&1vPDlC;`39ye!4#&k|opvcC8<aTog`#9l
zBA-+4XCL>f_rf*Dgt?)h@iWJ6Oq~5j>Mg7=d<D5T{YCxaaO#5IOfsrxgy!xWj9+%y
zZ0G9cY5w*;daEktEpu5Ls|xK+uj)a}?7CVTJ_Re8dCi$?B+KOt?=JumP_|g;tB0&b
zHa4iDcSfqK*-W8=(sy~>`HL3Ug|9J54jibJbrXM@2Tt^l9(^51-pZ|s0C1&ftTlh(
zu}<8&;toI_I{`^jM<%0~hB?^mVqh&~evwv~Ud)KVkE{krz8gJm5&f~voaVuL{7eig
za^OB0w(e_n44o^d*B60hBajg$Cd=`mb;!oF>Y;I((%gG@_8pdys>y4Zln*=*z{XHN
z*lL)Y{QpIBFk8wP#6}ZqOX^8O=N?ROgCg@91gDYHlNbzFM%U#Y=foq?bid?sUhFUn
z<yxIp>ZyrC@eygc%`d`JNx4<;rVX*{(mZZ&r99t}>%>;Ut@yZNpNeAN8MP>*s&R!n
zTq6!&itEZOn%#vv32$0O#lfY|O7NpCDz!sC#y&*j<7NHkc;U{=S)k~B5==~ExLma_
zYTwe4MjO7tAXC~ttpxxSzb0<3CC<UdZR9La#qd1V<-fX+qQgYtx(N#6XeRUjoIW3F
zP^P~>`<2)=1($O~H`-9*@vF}^I_oKSq4a+b=&zI)aNf3VI$295&Mn=-8|^w9WhYaa
zFlpEi;})=zvZ=nH6)^?>1Y)M8IS-Afm5JDJ{s=uaO}u;$k{__YLpw?85D$MO(Zqvo
zR5}&Gr)a8+XfB(#`u~m-1M)FjCS23nv0N8sVZ9tr5jANoP6YGwT1dFb*f95q_e!3d
zPVg5*OLP`%Tn@W#`lx&tPF!LSeQ}PuhZrgZ{?sO=wOdWM^ck%Quz91W7dBr@{PFOc
zcGES{2kcDKrF(-5sg&ejcn?DRH~>rx>gJ@>xss=kI9b9@j}KF>DXE<%#roX7gm;vL
zCkBn@e5Ve=_*1<<#@+ZD|D8D>V4$ROCRCGG%hN^bJXIe?<_ph&zaN!$89oWa#3m}z
zr=@scyno;v#)6sx?9N9i{3@63Gu~>z{55ce`(JpIdE`@f|4c4kB&*RjV%E^;UbY5X
z7~EawZ89F)W&<KQ7A=FTH0uKQS6Bj;Xr{DhPb|OIV>jJ|?Tp%w<Y*tYbryH5q|vd4
zjrY<GYb@)Axrs#nqU-Uc9X2Q2LoG9EY;NbYDg`50^FlQgHw0eH@+Cye;J-~`!`sy{
z;)DNcdgtS74HGY|)aX>y9!<JyaY*Q9PHE~9j!&n(&YCvXq{dqHx(ZJ-8<D?K0id%R
znJ`IP==b2vrY#yvhq$Gc-fDoBo_|;dIbv)b?#M8H5$;ZetJzVVSwy>FB*<B*DB_(&
z9-RchHdW3vDGwz>dhZG^Uw#j^AKmzCn_Gw7F;iNNbsy6UKbn2<dJ*&vXa})6uq*y3
z0lrq?g!C$nQL*K3eibxgf!o5bunSHef&;kgtu|^Uw(t3`Br8jnK5=TMP+*C+rIVvO
z<7)Pp8C{e%I<k^LIo@u*^ghO$N?&YnvwG2g(vi}l=*gz%TzwYw6OZXKEF6n`z+Uv1
zOs(kgZyQ#HY&o$@Ti2;F^Ga#Vgo30y&`WblFR7{P7f$<lLjCHcU_#^wi8AWKrSg5`
z1|KYZ?1u%qh|TnX{MY_0q$ngqHJ)PBzWqHZTQvB}upS20Q!>GNx;jwp{<qPhJ0-T2
z`I=~Ex|lckf8VUhZ_|B!K#8yDIwj?{=CtWmNy<5m69V`5Fn~B7GZv^>IxSF@^uT@@
zVNZ@Tw77A;t81Ole6WKqbL>Fw%m6T@ap(EIivErOm_ftPfS*@QRB&op?B7vfX%TlY
zIR3x&nUbh=+?+34i2RLmS^d-e8_dJLLZVJ4rf5r$pKgc$@AYYB`Wi6?(Usk{Z04A&
zd{;X&jofr{ner_pdZ*^>_1WI<WAjzhA2tTq8f*UA<J65ytmJN*j_vA_v}DB{BhyW0
zcDch*AIHcZ=-k>_BX-vWuPi%S63gUO1Z@eEe+gg|_lOD8P$TFT)FGYHt6$Z%2kWFE
z`@|PAZ{eSp3w1OD6rBHOc#6)kac}&DL`Cc+R7m(9AufkornwxINKy!T#;nq_JP#}j
zp;0_Dz|sxyeNs!nA5@`i-Gq3xRjnRqH8muEhnue8S$BBPyT(M6>QP@UuJy)`h&aNo
zhFZ=iuuWu|`OFYCWNzogf9<gw@5T8WmKyA0#`ZC8Dp4#j3$^22W)|tkaq5N)qstv5
znklvQLf6@z?X{BcR9JOo=?lk0IOcYyNK_s{Wp?$0MS9IeLiI>qR{^Mq$o3ecKCuQS
zKO^t5iX%do7>4ck4hPzC$HOHmvJ&102P}*;exVi*`l;jcM&F$33eqXyh?_9;?4(8d
z1`{oei1tW)FT6pJCKrS+T0Ar{wTmG@`NF)${Io768)yrYz%gH0I?m$yy8X3@q@gN3
zB7}d<G<CtkV)(UI&zH#8;QeuK@jgQpQ02upZCYDBKg@QQ-H<gH5B&a)O(y{8&L_t^
zQ=$hhR+l3RH(Xd_`UMAohtx9s^zRFjQ7M*&s~L9=HR(fgHg}=7Vo=<j#}S&gIAkJ#
z7c~m(3f2b&*37AH0Ark|cueiJCtjv=PgzS&E)E=^+(pmm^&=8js&bv;Nr=vKGlhWj
z!F38+B{~;d5;EsD;YclS;^t43@%u1-b1H$KQm%(bE~3VOn`nc7Vq>7GK{7Z4Cua|9
z1PJ>XCv6quvo1kztQ~*Glv#n(Qa-4i6R<c<*IAab;i99LBMIen;0D^JTQ*ec%M?+w
z@;JX^o$&BaPVi@oB@)(@I%_ADI&=*cOw|+$FT%IF!BuaAkLJUulk^@=4(x3OYNqdm
z=08MuU3np0XxrOVZe46co8Z41E@$M>v1Mz!*^m?QuB%HDbBBlS6H^;r^9<p+4gzVs
z@)6Afy7pbZd?frK;$yogLCk6(6u7<MSu%`Q27vNy040WqQTD<9bK$kl)aw_josJ7Y
zoa}(eo~uA!p=C@`>Udgw8j_P55k&rR9|&(O!02S=bMIilyHW_%8~F=I`_xzvMb=Am
z(J`GFMoTD<p&df4HYF+ocNU-lWpFgo^%?>okQKP>4dR>`FYcG1IxE)InFnc%PBwFv
zJukPoZ+}9M9(PyEdm3sdPUh9ofyfW~1h0b>!k++dsEyU%B!S&m5~ENgOwU`?*C-+f
zk@te3|8;{>vZT(;XZq&*r0~8ELYFsJK{pK$dz*$9hc*CBD|T;z5A=l!Nahxn?)yq1
z`ZzMj@T2v?sV+X{i^{<!IML%V`uwO@e?~+`jrtC?c(XP~3F2@hMI?J;UtZtT0!=~g
zM7|{<7cI5@Rs`QDk&}0xY1imwKI%ZH_`p3}YphhBE>1rlF{+EuR@qJjh7}N8M^fwH
z{eGRgV|^$t>beUINO+J|%{5(8rlg^@7EM#3qA{w85ooWL<p|29{8z$U&e&F9H$Td#
zvi#3%XK8tKR#nMc%Ec#2ctoq%cG6tFxBzHvdNNdE&;@RL43ZL=55+spgg}~mbQ7v@
zPbZ!4Mz-qRie=Px<^6-q90%kvQq2TqAwAfIeR9bO?!T#ie4+W+Z((R8!(R9`2vy-&
zqw|!wM4lhQ=5Gs;mcAJd34_akO<8>!=Gv!$(gj(<cHTsI8Y?=ps*wn@3(|aq@Z5r6
z=)D0%jLF!uKRIo~T{U|S8k~2vk68LKvhn_}*Mvasvwo@q1tfBRzt1Y{z`w|cM4p%~
zM}HzN7PDVbOgOH1@PeM}X>mPr-ku>XE&P4^(Ntj3?ZHew2|V38=Qq#!goi(*TZpw1
znue!hJH!mxdxR#xLHK-Bz-MRy6+eas%<F4x^6G4UY5Q|aI`Uj#BVoB|Q(oFn7p-5!
z<Q9&hWC_r_<Eu$vSvO4H(PVzg8@a)-s7i6B!vfi^S!gRl*qbuAOo1xUiLTn;vU(S4
za*8?BC)+B&h7;&Up@!_CJ4(XEUBJn_bk@(49q$ip@{njT^jx>^09U@LA<JDZL(px#
zf0FU-NucdmIb5SdrCJdJf|qD!#ufiePCxhIC@roe(MNXl7OJo5ajuU`M{$QDB&+Lx
zVn@EUlZ7v!7Yn((w;_Vc8c-A6*2Na+gV};xa<9OS^4RB^hD^ddE#-&1jNij29dvu5
zPTn|#-BXh;Ivb$jwr#JrZQJ&0+qP}n)@r<M+qP}n_U!Lq&ZcVeBT|**$$eE||99jn
z4*gP@CZosh)_slR)>rxAvaFI;))KHWlonm%bUR)KNJpVlcDw)R(JI-cn&}}Ec%I(k
zTw&OdlNTw@KN@;eRvB&1#<gt!S4Qs&^s6uNDNgP)9-bf6%$daQ(`2<Dl(A6!ZKPG@
zov&7+Frp1PnINw|>il779o60IuFOMPRGH8vIBE6?7)g&hpG<f?h6@@$8O|0skZ#hx
z7n(l7+2c`=k@LHkni=ZJKiHQ?uCaJ9v$|kxUk#tOmT#7aFck&AA80Am!ovj|%c{y<
z>$pT<<<yjFR3p?{QIa~#J#LT?-6X&J3E~O)H=YX4{TDc}Jkl}NfJ+rUpZQS~JvqTn
z<9QA(Nip=W9p{l{JZmMah_#>qAdg{TubsLJ{9VJ4&;RR25qLkd5?61Lgy(^MyVNF)
zs(+q${cZm1))n}l9Jm^>KFe3@@T=6dBBH{0mgNdZEMp_gtZ4M^E$uI7YqSP-Ev8&B
zR^8LNr-m1!$n~`1rX5btpDNY*=i&LPN_N)HWUK=H+b1rR`@rekB!-?}@_18-M$xbc
z7#|Cx(6&H2`nTBv|GF^HLy%*kZ<=sC*2^{;i?M$A!!Xd!)n#Fa0_3Pt3s$!P$z<LA
z!~-b(-k-znA3f)wfG8hx=LES??r6c6I;>iF?vUg+9Ykn<cNV6ibU0~icr_hztZgDU
z!^oLpP}a|Kom2C57VRB`u*dRRNX)6BFfFeiSBUq=Vr~COFsDZPWnG7074^_BG(?E>
zg*Wf4n8dr*&ve((^?A(FKaOhF62$=KwTka}OI;LE9Gb#OpXku<Q<Lg4I=yu>-OM($
zKA@73QY70Ew49VB#uCp`3CzdaZ^(^X@;`m0ggR7QAZeL2A;MY^_djkzQxg?Z^n~$w
zO`k8R1!~4QEiFThIT<M2m}sN=HZ&puBr$dDz^)c1mjd8+hW5+HCKV}E1Sj!&MaIS_
z<xr^VZ{`{cqG;yXG^+tfr0p--bL^#stoYn}Ux-n1F+^~k#qGp8&sTxoulJFaxZGX+
z(W<sXJ{z)<Ht#7OulSN2>2fgWEij5VPlk3ND)^3KG@UOnvQ&BJ(joQ)(j@bx6Xo$U
zggbqLs)w`aIlGCp4duarz38o&qq}m0#c&o;+ZFcv+G*kGlbfdc?jZ~`VbIpT<Wm$D
zwRzKx%w(cM7#(MIO<cbEvbeXy;nd-hrC4tQb)T214D>V@#sJ~IjEBuOy4mo0p#>3d
zYrK@;&eKkP*|Ry|k=m}o>S|i_u`>uJ?<{&&lD98^)^b|o23UzKqU?H?x*o~=I~`at
z-!JkAvbGb=HK_Jdek=$1EHp(d(3nd_1YS#{d%1fX(#t=48U`L^E=@COtJqW!L$$zE
z^lD+DyyviyYu$WAEDV@h=0)+#sgSIH;KwT^p1mhH6=O_+Eq{pO*iX`8Adf~N>R8T!
zJfOWu;4<A}CuJWG?!YIEEfgLmFDdfxDwng(Kh`jdb4vFizj{hN@(aw*1sn#&!+sTI
z31Hxg&$J>dJB5fe>fpVD=TNZcHzh!5P(Fl4^ZaRn#)HtHrpZ<}jUcW#^79pv1G_Rk
z_*AO|WL8QOJ;9d7Y}=noG5MM7$E^u8wl9~5V>$|3!7R}DW--tQd8f9h-kUCdIJq8{
zaI&hT+VJ^P71fJQU85vfA%ls*1D!a4%^H^P`fplwmf9v8Q)O8GRyM>?Lk4i>{#HN7
zZu6gu4u3b1R92nQn=CnwAkW0=?Lmt+g~M?V<Gah3ge?h}IgFhvitC>DKVJeGaSAaO
zR^2pfm$li82;Cz=1PD{8v({pO0%^(7=#)qoy!VQWJi1xKqNxT(xF$V2$Y_3f4whAm
zd(+Q^m53#?vMc{B^8BJZSKct$?7iL{ER>~b2p#0Q5q;z5spj75&!Y8<ogNGHzZ!Ip
z6T;-S3RFY#FYKv6^l{Y0XpN9hUkXfAb+%qUCNU!pr?!Rs3hGmfB$jBW5#W`QNu&K0
zKXnYyt{xtsvXA$dbaCl|LsgXT5kA@hi5}Hdo2BN2y{XxtESY69Dj%t3vDgR<5~^<M
z&s^Xk^(+@)iop8!8tRA#R-4=Mmqwtq?kDC~&iQc@cnZ7L{ZbP01!i(ex6-y#%IpRA
zFsvJMMAev!&`#EwNdLb$f`$j@c)-hmK6tkoPy1EIZ*mKM)0Kj=OzTVK!C8lw69rLW
zO5Tt4Mly4tAVU^aAMx*3AQ@fq0K31K%-=IVHD9WMN*Z@a&l_P|zi(0Ha+P<b5{T>G
z*hRtP-H0s8&-ur9PSd|@Xe)`0qr?eLX>MN{TruwN^Wfl6k*<gG+ta%^J~2QHVR@NF
z2Z1Cp?cWOpcnO~4lj2DZfcFx#Al>4yrM??DvCd7jS7fX(k&-cUJ$Rxs44-Qm#Lo6u
zbO{G0M+}UCp`j%Eb{0wpYj%kXDd?O&YFTZi5S3GWPt6kCF@bmXNy(-nFOJ02o(;DL
zHWp5hf2OlI_!V*`q)2A&bCY_1A=_`>Ot9T1(Kn@OP+yDTBmb7v_(c@1yAxVm_@dvO
z*R_S;h4Z;%=0pc4M~q=SX)=QcX`q&jGIta&#OgdI@;5ioXyys@seJxULFiuBj~SQX
zV|yj4J%hxnNw6`}_I=YHIxxTFXle7;pOrB4svpm4KqR@lK;6pbE2yA|RLe=#(F;o*
zW?_er{#+`^1r4GH^fio!x|l3YV%<Z|FI(Dia)A0&=5-5U6@GY_<xm?vU-9w}mN2-X
z&s4uUwuOH|*Fx+wBq@Ez^q+zP*PsdKW9HD8%JU2g9;z!N!8&xVo}?ITzBY|G>{jUA
zHbZW(dK4Lme(j_#?U`}l|Ai(-|K`oY%7aqA5F}SVfFv^s>J)R#*`fqHe<8|I)ofl4
zcP@a}z}WH+drLTH-3Rd->X~3Rxp;UK;)>xTWJWM2UT9wK6aAAwszpXd<g!HDh&}Mm
z4%IuOJtOxc$Kz13Aq3zk=uuW6Sss0prpoZ)jz={+gx6YkOE)fM3B9}esxrb|>SaZL
z4(pJ{fJ<57{8fh#p51HHaoq&wN@*>ToM_?`Id;=`zZg5T4_g&)i3F?-$>K<{{E-&k
zKYPS@Fe$RpJD#Y!LrwCle>%PD4&$83f8=>@sn()7I6FS}!09{%Z{C=T>B{&)_?xwT
z$+lvQN_0FvaE1oIXvZu{-vMUmOUDFQuK6okHSQ;e-L8xy2IZCz3|AZ-pSWUr{#+d2
zQeP32NmL{>Oea=1g{}eTk&h`V|9EB|T1~~MOoeZU0p_k(q(|1BS+RywXUxlaF1s`(
zCQMIHLko9FGmhsRGD-Hs^Kf^L5^_W){5Cl~0cx1BV~B&`L<vqgiT%jv=vmR3&&SRi
zg7ob#n>|@$4UD<b%2=klC%9)}jVJSqVeMv`*zmBomia(Mv}Fq42~&EyGbmxNiXeGM
zc}Qf0vbEU}EO=j)(t|>n%na_iAOpsETrbB<TieaFC;6EH*Up-Mkbp3jbf5w6&=NPm
zip*C$I!F-pDYT{CdJi;8)Y9pFxtmQQx}%Makod=7oF0in7nonIOzJmdg!QX)-|(e2
zlV+}X7oK@0tK})fQQ6`~@Xfp;M)%#Y(;Ne;HTU0C7o8AKOJZ<LuIl!0hO|f6yx08y
zlY-#-|4|T3>}*_||1S!HiGzuYiSU05hC$rY#>Lc$kU`wW(8W~L)Y#s{6o#K4#@WTm
z)X)~jW5cEm)PX@CgDwYm^Ms+r(fEG=#QzM4SlivTmg}R>*{N*LXF$&dpeDBYvZ{Ng
zhJRa5n$pVrvg*pven4_ka<mUx5k)P<(8S09h;fcdBsmF&D+`NLdu<&CmowV|WJxv#
zSepC=NSwS+07=|JIUpgoJG?kFvz;YiAmZUa2LjL>SRWc2N+P&CvoW(gFoxH6eQ_~y
zdvPRudNv^Qs*soz3Ej881!iDnXbXarl)RddfDWn{F%AG4lC_b;gRcU9pbuNY5C^h^
zB|+7uK$Q-t$R+9f_|JhDn^{>q_|Jhj`_F+`SswbI15q01#twvyYznNzrD+-vfz;iA
z)YrFyMM(Ff&|ck$dMaRnN+OZ{p92B<KL^70PGIux|2hz71=!fYBN*Z{Kq9Ctu-X<M
z{^#U|)>e=Pp9*Vh!#}+h{!m=sgNTCn@nI=I#;A+_bMz}K4G`?)Krlo+xZarNs1gA&
zx%H97bb|9UBYiKul%Tk<*73jkTfah*oVZ`b!2#9l0uxMM6ejzmR{M5FwD$X7@k^x;
zE5DLYw{2PD{x4!9Lu&)WCj!spzi0QeaX6dnTHaszWWSb&yRZwBR5X;5lPbUVKtH({
z^=u6+Ep=?5lw7~X{{oBee?flbCvi2t%)NeOPI?!?48D4MVgehBLwN+F18?*X`|oNm
zd(&oq#h_s}+P&wQ8yZ0@GBdG&VrYN2I5jeSe*Scb)5pb;x6J%veC6x?T>g3|$jWZX
z#T2ZjUB|Qq(Jg9;(D;Z&oly6epPD_Xm8WC-SIfR`SrBQ$W#V4q>lyCS7@v0bA524F
zJzVMCNN%+vVGm{Y5h%!up@v=38uz9l{mpt`vFoNm>tYMJ)C&d}tz(S`?TBu1nOD_<
zPpHV%n;hq@N^_^&6Gk$LU#7c11ryng*3$ECL@8Y)keFNf4Q5@btP;*-hNJ1>K6Kwy
z1Bd_TKn(087@cQgs)Mcl3A5y_Q~ugt)3hn;PHk&FckqU6qP|nKzz-dja9-9p*djrC
z0DKm5c8v4yWwQU&%)1vX-+Cb`|2KXY+l1n3+I&@%dyx=<>Vnot=%%oo0cGC#3rH}e
zprFi&aMBKx23;)cMG9DAakZ-q!A1B}n{^>CxJZ%llkpOB{1Y?a9-+pf>esPcNxV&Z
zY{%4Q0_rM{2GDhijliGX=$os}cgU<b=J{!FlwkCOIhSIsyjc-hG$wT-R@iE!=r|=t
z`u+h@;KQ+qUPqq{wo(JCYe5VRR>m!*ktSH$(BP0FD{?tJ-|v}dSj#)iuN_e{U(Dgn
z0o89X8#A^DYbQkx1cchyh&y*U<Z@|=bO9nSed!%TuG&4{@*IV`_(y3u9$?5_tXQ!0
z7Cygok$X_C@a#7LQl46)CSyXDFK&QT`ROl$xR9-OMuzxTF@(aVh~$>yBgUY^`Xaan
zNoBGo*{7L*Ew|$ySTpNs*AzX?TA&Qd+<U}_U_zfx*$_oT?^*n<d&)1j<rsj04zfKy
z(32As;YCd?DRY|)8$>A++xoL?Qa`<dl|g$8ptfYK&|Ntu;?H)8D7(^$<M;axAZIeM
zml-bgCRU@Tct2Q8gu|#J)49J(O^_bkuYQd(eliW8sihh#RK9Kfx&LT&=W70tboIGO
zT=Cs}7+Q4<DxMQ7YGdq=h)48$RHEO;{Pr_b+MP052L$G(5wfmdiny*nv1J9Y^5P)C
z<<)I{wV0%W`1?T{@6e9@$fb@<rR|xV$%Vy6QHV-EBtM5;V?`YRj?}R5%%j~cC$hGB
zTPu}L)Qoe@Cy;GIw4IIxt}QZ41OlnaeZabR5;A^eR(d%YZi9Rb)S&m}&7m+OV6R|E
zCtOUzx(CYajz=Q9)KFmw#<y2c6^de0?iB}p@;7T}pxx&0^RAje(VtB1y?z>`>~4fJ
zr9h^IzT6SBT2}(nd;z2hr0aaFCE?69QGIx3l(yFmI;D2jh1XB01hU&zue&r|O4TwN
zryw2Xw-f^lnWMW?Kal=9v*rN5JNOdx*=;r|&$m<3MAf;k1bi5J`fxI0TBb1=B`Z};
z4)AA|LTVebyya<Le?vTDadal7iTQA~7EVJw^bNx?%%7Qa;NJ(Y{t;4buV|kCD0>+V
zA1rB?=A_Ki(XFSRqYV5EvCld0A@3{q7=CYxkloc~<DKlwX$x8|5E8?@jjLAWw%`w*
zn1A(|PRjb=1!2wB*XnvzLW%zNE_IvLz9)ZLE8P$P3ONbtlVAM()-=$XKW)YST#1P^
z$e_)SYU8DY4}TImYAInm&WWBZI=z(HqF<X1tjA5YPc#~6s|+#U(0`DlgAx}52j>=)
zP)E)Y6Neq$vr@z_<<U1rZ&_#a*lvM=8r7fYwzoiua_Fo~d%T~ae))p@>=uAu<qL?&
z7u|=q5;*5SxjV&~J7KsN(a-3lU04*kmt!fL+1c=kO45th*bCnqFVq>Xh+aZv-b=}S
zQ!Zhby$3q!b_G4C(qpHO7uelkVz&7$I3?%hcxv3mn*Cq`2`?uyBE{l`cw%R6`PswG
z#a8;P4)6T_v!?<;KFBeQvdDH~jM=}@U0G52Z%L*jL?R6Epp#4B>~24BhIyg}ce79j
z8Ig>)XWq)Ua_^&A%NYCW<`vk{`B%K~e1~9gN#mKJ=2Z?6F-;Z5zT&8-_&sBui7_vS
z^*}2NEF%%~As*TU6>1{v3KNJ|rS>*?li0|>vcp6uW)h8XJJb}$!n3x)26BS0A!iTv
z)^C>{AMM4)AZD03?;U#J;01$<-1~covruXSU0kP`1a6BA;$st?S-Zn7PXGgDur739
zk!;rmmCRubgpjkQkhCWKQle6=420JruvV;doSImO^tba7>HV-gR-sR8vo+IbB93n9
zoSS^SM#laqK{{kAf<@z(D8yulunxe+?T5c7d0>2)W9eIz%Y}xQm^zs&2wb2&cICV(
ztBV8hzx@;UuA}RFer`WkV=HpoP#CV~L<Z!Agb!*f?q}3jFH>m9^EyZn$IursBVG^}
z*-9#C6=pSFYd83x+Jf7&lo7^(`qfFFS%(-y#woTlELXPkyh-4jodBbAXlf6jKfuka
z`ZwvL&F(@%It95gDdw`BaoiLNl%5y9Y;VGBl*`!2Guj(6Wnrc8%@kfoVmNNwJm>q%
z#6|7ZD_)Bfl$~8A*?Ic~P#Q0|OU=JfZ7*x7k~q8L=VVFZ^9}E8Bt%f)6~gBHOX|kv
zSYxLLFN0<s6`Z>>xIs5JDGnAMJ}kBu0XdLIf9}83-MSKbSzptiMq@4*zp=!L7LtxN
zFiNtXtr{zszVg}mE=EL1ju9$Z3$yEmPCY2@MSP62A$SRKBD(EQ149X~?IF}=1))XY
zR&3pV(6~mUaJGx8h#D&P@`vt6LoGp?rs>aaEldJN=06X`jDc!4_Qte5VGGg2v3O-M
z?Y^(l5>~5qQ^=z4R4>B4Bi&9!<XH^glffCZmJh=~^_&!V9G@t8O39VF;IL=xLu#rJ
zHMkOt^d}G#ba=O3OUMqie<>1@F_@y`lG=+?$%iP~`+|yk%bSlLm})G6e0%Fo$7`6&
zFQB~dffgVRP@D!5NdGuyxaZ`=OdQ>wB#wol!u1|$VMjLw(Q>mj3vXBOyj(O|sK{U!
zK7e5(_~pAR0o%*4WU)lwQ#Qc&j~Ht52*r}ebnP@8q;71b<UN0j^=1oPtDY&W`xkpk
zEJ6SRO<AC{le2=X(}aWebisB5nRLuIS-)Xrr|rPY+y!_e?#y<1s~O82IRTPe6MsK1
zU0))n>;`<|3BY=4r%GF}gjG0$!gsxf5SF3FL+5GMr#yJDcTX&AFWvQ!{91HH7)P4S
zJOPSZW!c>k_*QJM>@<tyO0^Af_fgu-A@dNE6}?$v5|s4m_XWykQ(RUUDw+vzn^=M-
z)Fr(`9|dt`H=jgTk!1!-XZi~BF`AV9B$SEP&re0UgN3<D^0BOhr!#-A@W`)|8~390
z6nlMo(FQ)QmU+kxdIyT}ne?%qYFW1SxnZ1Sc^g2aO5os2lwFpuUu#~JaKr|FQ<h1I
zm+Oo0+KYB%pCEpv{LW^fiA=83nZUKL?RJV{9o{rqrv!435*&Tzap0Fr_x65!(uhqA
z(z|Oa&yN?~`9D>WmfHVD5fcC7$G6+{WPlytM>I0xhdiZ6`!2<=f)cUtfoTGiA+Iqe
zNm&GE;&>e=pIn%j;_w)l<&LDd$Jym;7ad*rkGjYqIf2^$nb{dCK%2@8v61|3Y2*+t
z%>pH~TxINfdvtD{)HVYl4rceT`~pPC?J#|8s`-Fw*@S6SvVKMXU=07(KuN@#x`Z`+
zX<G5BgZmTYT<B0?LUwv*Zuj^XmHgKS)*3Sa<>E)wzVThdG8Z$Ca~vMsI})j-GQJfU
z-h;8OIR`#mY8*k;qrwQwns1NrzJu?5rH8;!40?3UbMN#mk14Zsdeip6UwIdEdUq$c
z9D#grNf_f3i<n;t)uB*EAQ9U=f)kpqpy!Ak)2ov@VNHpi>r>5Ag^w?xlYBeg2usND
z+czNN6gB<!Mh>+M7<cgE7Q?~}IWrVi1Mvl23Fohw)3l@zT7%5rN*OFl>4=!CIUYGQ
z!#Ik8=&4JHO+x~%9a2}?dHTLM<HsWoB^5dIAxBG^x;4|9umxq=T!e{|^)dFlOPPFJ
zmTw`20wh5KCyOQTcd*Kw=3+=z`6si-1X%`6HUi!#(UkXd1dM3c$L|~Ft^2%_HzmeR
zPN0>9)MP;fbk+xyK82Q3f6|TR!ls5qicN&GXAjWkkw5O%M%nz-lZtK4e6XQt%9sb5
zk$<$cKwEJ7GyE~$><W}%26iMvXKer&`SXv*O66qeV9C7BW$3z}i}agEgq{7hge(~Q
z^hFYW^VlDSyfh*ZWq|N4iiTIYhgTQv?S6<j|D8_Km_}9q-sjMuMR@K7;~+NtqFm@W
z*>Xb4{@E?RQ?nqs2^PW_qndtRw*Gi~qXdpgVG$h>=+&xhZ;Fyne`WOdsG9qR)I{xE
zvhy02b<6-PiIUu`3KgOmLtY9{S48#%<Ft~&nJx-9So;mA2B!55xRdA~py~lfvaHl|
zsWn<x`Xg$-!w@V4+Xvafm7`LK9x1&Or&cP~+0a@`AJtv^C?8Ye{=C}g5_WaH?Cqq}
zfmF9}kV<Y{3L(nV;Q%9+gpqS5x4n0L?%H|7vros-SOio&j}g&{d|M0U)RjY<5Bllu
zw-NWQi%J}Fz+~&6-~c|gJt3(yh3JnHE1!2)5jx0HPOgwLDc{$P)e<Q5WtT@GM&34q
zkYfiyrnP_MVH~oo1ZTZL_+W-X@Ir%D3^l1><4au5(vlv2*DN?1_l;6Fesx71)77nZ
z$3O7DxqQk+w@>Z!g~SEyXK?jIk&T)vi7h^2-=t*W7<o+4ma)pr6Ur=E&0$T_w_BI@
zXWv|%^dW&?*+3K?U#I8X{$kgncE1S$9HIJL=?rNTo%o4yNB`cgDqS3{-oXQ3q8mO;
z^P5fTk?TuoFsfqcc}R2mlvBAk0+$30x7((Mrt(Sgx#93C9%qr>J%WS3#DO1!{ZMwy
zL!-9g!AnoQg8mV^L!~?H?Ol*&kxNF_s9VH0D2?boz`igPw?-VG3;3YC4&bxsoQlJ?
zQhFQy#f%H|`6bO0&n1ZR^hKi-gMbl@ojY*W(1jy*W5b6E)JCG`PKVBpL6}#fZ7wfd
z^GKekTa-7yp;QqB?-|h#+8_O=|6gnT%;=cRlDDNFK5RaaO-}5|Ad*EpG^=vx^v`h%
z)?+VslwYU@lrHIcfSbGl>HWuO$*<YP)78wGtyY83{_2XI(kSQ#xafxr(&^yM;GJ%*
z%b@Me<g=|L@aMm>C19zv>GznSkZ0So=yrgIM(>;7$I^TXy6FvcWCIcYn6zqm8I7zU
zSRPo#UJXKp50n4c2R5OWMfOGHTAfaJJlt;)pQkI%%8amKrPw8Ej&j%Q8$aUTi4=63
z!zq{}KhsqLQ7Am1s}`-KKwheTh+P)L1gX5K-V~VZ!ac)7VEUD|&IcI&Qb=DNK}+>g
zO{}e&th+a@FE<&H`KCiw5{;sNhPtX<V?wS;lm7Xq8Zgcm?NCD|#ikvJ3|N|-ewx=L
zMj?D}M-b_f_-)N&Ej6x(z+QsgH)X|$mnE*qxp+`iw+DOS*c#;?$O(zcCk)3I)GP)B
z6}Z(FV8?BWywg9-HBZN;Tu@Q^8FFq^&qPmL53_>A$d(zq3juU6D}LMZ&g3B*Dw!%9
zW@m-#k-#$M(B6DwF=RGn*KMZ~Cj0R{X+->92M|>Kp^v~8&5DkgHh|3@&p;ars<SOd
zRLkV)@g{D3t;e2}lHVG}D(40h9h;;LW+y8n<i{oAQBp)tjx)Chi+*@7c;_^S8Hl0%
z+^o%d&){a;zzK5B5cW!;+f=JAd&}cX;7`#CP!Z74ehm7&G6nL-{qjG(S3^YiS4cP+
zeTTh4YF1%EwutE+O4ulfXw-6UEhKnkuCEq)r#+$XrBHAK5U~9iPuzbCqQFGsYlo;9
zFGn`*Q&%F7;#r!nFjoWqU~H!z5ORGmAG8ajmTVyEr}Y>tIh8qQbX&AMwJ{e%6S^|{
zzx4+vMMMwZ)u`r8@^}l^AQgFqm7CGN!Paaz*m~cAFzsMCuq%cl6^a_^Aa~7CHLW;{
zhE-V4j{R^?86>^}pLZ5xO!IgC!71hn9A@nISe0vZws!f_>lWm@&&)W%E96-2_b{1r
zj1#WY|FHzL0!xM%{uWB2byf`oi3Hx30^A6?XmR&H-)L&HF8N_9wIf$!sh-E>$*UD$
z!{b>_&Yy9~Hc{dn*iMjzSYlsT-Qg|wHCuc_8#=0hzNV-D<nwt}D0w{}4#GrHjQf~*
zYy4)-rxASIEvB^M`ddl*-5O}E;I?ZQmyB)aYUa7;A@?Q^`08Z=XLsHkQ~ovfq7ngd
zlg2qfgc{RRiBGtk*B44GDyM1RP;Y<~b_H^R&CiBrKCW*L)3_6NTnFN&t|0WyizN~S
zD-E8%ntVb-r~;r29eC=Gp==lh@w<)-IcRY^@RWO(AZZ3;F=yobvX8U2Hu4-7r}%@B
zm_of%q{^S|cdvlm7=TR^yD5fiD)@tB4RjAQbt4UxABmW&it-+gGvAuK|AfvpVx2*i
zR;K*AHAwg4<X%xfPh8888C8(gMm@+!|JtWq*+UJrABf)E@KGBIISa+n@Y|b%(pb0l
z>6K`n<cE@TMhvUs{VrOPV=d61DQ?g_ED}Gd>cV<@?TX^ieb?J#-AuR&jhomK-ZQ8!
z%fEnM*MK<n&YHy?I{K3*lft?!9roR6{xn&bOJ6^FZ(pfjnPLbT3lUupp;Xf^5ODLN
z4X7AdhB}10p8x65_ok7tgPPmBPJk=i9fX?kjivVYM7e=lcBZ8oNE@O~<lK%J#0B!L
z%^N*503#bw%uNL(1|*Px|3mm;mkzS}@GWT_vQqeCq4VG7`qitbYv~7!k{RiC+;UJl
zagQxUtYAtI9{ngi)G<*LuaGb}yf0b%I!2|3nt2^n51f8ZlQ1jfOH)riz<AIVCi)Sc
z^$11*$j~=<c(&TCvubMH+$Zg)M--B~HT#20#6vEjJ%n8(^#fJb-2v84arD9QDoP&P
zYHQ)Q?u~)6iw3LxpRjF5v44IlGvDi`%CJ`)rZ}~$RJOx{UGYGhV3h7iU~yQ2WT*dW
zJJ*6Xy0GKS4O{d{eKvPIqRdVvN{}f#r*imWs&`7M-+{bd#613jQT99}+=LB;3~e29
zm~Ecu=FU;#;oM~9ob1S~E_UEf_cQ4a;3Zwcvx3W!sOKkiVx@<GS@(7EiGhM>M}FQk
znT*w81|7w`;hilNasqt#zES^-k>meuKyT$*OpF~17n<O6y$;9lfB5B&Lp;055x<TI
zMqA+BuGrQL2f|Fb(ve^)h`ri4TA8CQDxq8imSyE9Mz9v)8MxA(&;9FSte2#c!pb}P
zv8a<-&%ruKwJlg;-t6letY(M3-V&W+4TTxmdhA+<Lfl*Ukl^fK(=OCrEp|!}1$R2P
zjvP|UpJ`2lhTl+DCcjIkR5k2Q?=o@{2<U&9ey6jNv%VRxSBEbpC7tJOj;R52ik?I6
zRH=`X05tooMf?CWIq-!c*juN(Wap)EQ<?!{4SGA$<WWbw{uq`AfEZoO^5TpRgf?o@
zrjqSZ?1*1UvADSC1(_{X7*s`kSRkK2PcV9a*_vFsW04~C%||Mj=+rjRPu3EM{^IlE
zm%0JZ@t)?6+d#ulpQD2sbIaq2x>V||c@K_07KBE+x^<E+Y0KO5==A~Y%h~00vO#)f
z*0Ctu)N}Z>{=0^a&V?cEI7v|WqAz#W$&T8+5YGVHA<uzK^OU|5yy#qF7ZHr&F>Z->
zYG9LndymBVUEoD9eemEbJ}37UTo=^Se`gK~pOe;ttSf@nri5mlARn89u?I_2r3%Bl
z9nmJ}HXf%Myt>VxBpL&UZ;*9s;qO#;b5L<SxceFpT|+NXNZmmJlA%c4541cO1?<B^
zbp-Hwyav^R!RrBq6(D{_XR!~v3dp49DTM@gzGEzRu-sp|!`=$SyP}s^MMi(W-s82Z
zcQNjWJXQ6sB6ZNBuM0n(puDyRWoGIr8maKreD3^>=Vp4La~Eag1aN(X)qtR0TEd`G
z3*(+j^U;!zQmSQmH*&||a(04nTC4O15ijq5Wa{ptO8^h{8Sja2XO$;NNe3a2cAR%*
zN`|pgF~@^bo%bpND(}jF&}7XdhUsJ@x-O3EI9m)rqaxsuW3DJR!SyAV#&0eX;Nz2&
zAPgo$cA*>>L_URyLt3zE$OZ%3CzSW({dg|Ga1k1vRjxu<Bx^Q&CkMCYf*Xv|FaAED
ztFVBYqZBW{4ZdFe_cBu(4J~XhJc9UEoRY8W6(kqfZnHxdJ4AuDW){TPS>@b;{9}ny
zlI`aM&&UXgi(=0|R;lL-6{VIsMa7JXU&wScDmo3-unO&|d@^v!_s<Wx{8I0eMp{`s
z_Vi*avD5kwjiDfNq%w7hZ{&U3w@lj*M-oab*0tqGnw&Ufqwn4whB)vl)`$TQwbI69
z=q$TMulf<*INM9f8WY>u(E@D%+vJM5P(eoFm&k&F^Sr(YL~g{-p+vC=`=;V7y=s}0
zC>JMjN&~KIOi`2?+LOiL<81@bS_+cqQyJXghr+2IzTbpVRPsE;&o0XCVCdhgv+6X5
zHH29QHky!7$VVmLg0?w$Eyk142GfN))50Ql8Jlt%NI2V6lQm~(WV(N?2)^DoXI5hF
z?imi)u$3XC)Nj5gljA3G2)w4+4$s6!oG4_D?zZ-K$Ddd+L-X+ZK`Zt|iqNb`Pq1zJ
z5{C~*H3JEDe<>v<%=cirAQ`VA@_l)r<+wP?E!p`6Ke#@#ow6;sKe@9wgm^)J@c#=b
zY(xtn&90Zm+?eU8Of9g#*bz|n5*i9e{yKE`(R+y1^aU<s*v)R>5WXcQS1#J3kkxSu
z^zf-dNd6#9yQmPP+W%d2u}|`LPTZO|Bs{QLD=O!}E)WT~M?Jur=0vQs*OJZ{8?8v_
zAd=9>*1D$$QEG!WM6W6!4V=w45;d3ot7M!!SsrN7n0Ba_g6TfH5svUJlu+e>|HvW3
z7jRV~JPGuv>UH&$4wiNHsY*>)=fBGK)E&y5E3zZ+S+F=9j+K6z#5MF6qO>rD9NU+f
zIEjkuIp?1aI$lIL7`YRX&daP{vQL@EIhT7^*PPkaS;7Ios3yG04=(PZO-;X`;Q{c+
z$4!JvU-3n4Qa<P8PboqNKc)R0DW|tU5!JJ*IhvV`xf<Ns^<VEev9t$6Z<}bTfYF7l
zYK2%RWSE2b?rxxQOqf<QxGBx^CCq)hP!};{?;<NLiq@xn<9E(ieF0-Emv|pyW%<9n
zuqr>XUt{XcXJdu?y?UVmfhn?E`t8Naq_6GwWMph{<C6V)t9L#j;@g~a+Lr3IS!~0(
zpN6XA$lUJRS~c?SAx1&fpyZy;oe_FdC5uWqOafcblN!TiMvH9@<BSeLoPl__sor1=
zU^yPd(h|lbL%ok=AJ&1N@rjNp^4V)6jbL|Ydzxu&lmzD)dc9NjcbvAWNeja|kw=gm
z+svk8q|l<G*BQ3tcsX{-#W}p%J;=4Tdq;0Vr2j+`z77ytdxPP;z)mOULOjS`uwKMY
z;$N*{Ol7N^B6~&GL1dnN_D0W1ZxsS1C(CU=@48(~X_0*B>Pi*wwuP13ZEME<s>9*s
zPXFVj<x;EZ0{sc_<%$LhXGa4N7m22%Hz@qgCT;&y+`5&<k!VbM>t>NT4-E!|?M5-c
z$-5H@Mh^|gnY?W4VPP6<NOf4``(`*4x78@9e)5~qUeWuQUOK=hF(_RBe6X=Uht3#W
zS;!pcqQb~zsAw)uZey12_4FqJB3Z`j^zz)x-+p9YyX^-b^Uz*Yt8Q9?KfyVN7BE8Q
zfMEqe-qZT-3x|?y*6qT)G8<sS5*A<``54WL&zA1H&88iD7ghElfdju;M7C<=sS#|_
zkJ4(3;S(8P2y&M`@z>#PV*^!G0*U#GDs)=-mJ_UdSSSrp<L=-U`vt+kj%G}|9^YF(
zfxdb^y~}|>nlVJqot-&ufYkc;3DGWj|4*$z4^`9`Yt@%bk`@se)dr?7E}Nd!^-rg_
z#1CQPbX~(2VfB7qh>R4BR1Nj`=AitSOq5YKbhA8nlt}`XsGb|o>RYf2XmHF?)s4dD
z?MO3ZYzYgTY<rA}+h)kMq<~^e;sy5OT)nQfn=jbIAUFS97TcArM__IZXT!`ob(0#X
z*8|uEn8)%u1!cZab9GA6!byqS0Np=aNgF0X=d~;+nldOzcItMgWrDu3%SrGY9L5q}
z<@U|=dzf)gWd<=erWo~d7)WF!I;Jy3!*_o{!mo-?KO8z0aOmad$6+WIw`tydk-(XN
zi56>RPp}vvOcD3kJ<kw9fgBtNw-kPwPxz}ih8bo8PjH+L;kue)OPt-nWjw68{nDFr
zX9mw1b0bh&*VZ=Wm62vM#o)ej152a+xBbugUHAwC&7QecC9M@><I__{>0-XeC73!m
zMDp#y+1_uZqv8*f+KZ=p!_o9%vS~Bl)a>>jadq#xxyU|~Z6_5)!VtkuY5La>>_rlK
z5$40jaw3>`^BYGmd@$`lq1Qh8ARNm~x%B$ravx>qAgn#Z;G6QrykzR~C9k>WxWaTc
zS#RG%(u?*=t8^qrEZ~=Mu$dcp$EJsaIl@Q*3Mzv9rcI!xz1}Mp70iW2HK!mt0tEws
z@C4uLZ8aX40I!EJlRSRIL#&!CnRPzY+J0>~4>L{kF6)VHXgpo?qxrBz$$dX7|0j`Q
z=qFxet6AOEG__>|L9<~eR@5X%(!W7li}k!Ld{<v|<BS7`jhCoI%;`HvCZh8;&U2w~
zaXV;S*)x?Zl^4MTQvnr|8P-S()qnereZMs^d&f)(U}t-pZ*OrCLV7RZ+FqWbT%|1x
z((Yx!=deoHg=l(noRh0S4P=6E4}|vlRnc|+c&W_~`YXY$x{2e+z0yZuYh)KDeynS7
zM_pcRMNrtw-pzw6OvC@fwWX5+h0Jra8~z)rH(mA`IPtI1J7JK455r{Zo(@94pb@nf
z(^_*b#GPZEzlD&~wIdDxkcfo*!Wpz|sF>$SzG}me$sZ@e!-ZnB)Fob1RX<pwLp}%9
z3%wX<x(a3_LDZ1(*)v;;Wu?&PH59r(;?Po#g-+GL{N<`C2mY7XI4{Zq^Lzg~3@3#p
z3YyfV*i7Mo5b}Hi7Z&Zrgypgs4<?y3n>VvcxV(P6-h)?+G~1rTj$z^()S{Wk-<zDx
z#OTA84#4&EE{L!nmLSHB|45_gt$fsj;~J(ky`VthAldsqW}?E-2OfaoQ+M^brzShq
z-zs1Vs#xIKly(&8m|wD-GlkgiUK5413G9xEirq6b14loBcy@uXl_<58)s{H<1E{cS
zf{EjVlPxc4{}h}}-Liu=F2Putk$T%nV2<)~5@%^*;c=y(_b5nKk{Ys5hE;pi)mR81
z95z)S5`0V6k~HAc+I!G#Ms=-b(on*_W!u^aTj;;XFFEX$Z(1fZij5eo5i|d2gA*7;
zdzrBA?;4bn^k}%qs~fwCPlC-?!3>~B&BRHC18=ViM}zxB=Zb*Q%I;s$X^;7*0dL-)
zqn*bI=3M4Z@x#M`VANxI;M=jbtR7s>-&>M$+R5Ux)#V3neEQPa=~JWH;czP!;P7V<
zWKw~FqZc)rSXJdz5H-b$9}4?B`1Qolh?15}gmFN!TCXCe+<wLGH^;>c(v`&F?PXKy
zMFI4f#-|6)ijMYOE3H{XA-!M43?3(hl1ffvHQXQaD<Yob6xL`+;hOY$TbPSo?o9*j
zzd|L!QXJxYnr3|E)cqev)W=w4MXZba2?1j*3YoCV9dA-(^TAYs9|<S}FI0Y`Y)su7
z!0bnuju-l9AL~vpKh8AUMf`G-<C}kjT$O_EGjC{rHHPLs0}pHEVYT~5M(@CPLXT~h
zrw&gt-VPMDUtf9>I`m-RSb1!`h<2Ak?3eTSjL_(v)r8=*HP!BxTIdo4bVEH!?C2rD
z#fkiPH=gZl?-0)qB7qfTrpST)2f$79S%*Ei+gEHjncr|69>+7mJ>=epZNW;^s|`xB
zU*lVjw$Jp!8IXZQG8d$a9RLe-WD`0knt9b<pR8;g;tYGbGo=?!NxL8m6x!g)yK+Ms
zBK<(W5WImKQY?xYEu{zVBxX=H#YTHVv`d4B@;9;aBRlhG!RoSV@x5kDL_*Z@^S=a;
z?x#<A7{q8ou{{j=(+OQ2>X4XA(1o{o8z*bozKNUjLs!%}I$-^be6?AT>|F`gPNxH<
zTK-9fQ|PrUlmiySnyP6sRL4f0L@c4G>+k3b&PAqIUU<Fj3Iz$7Bm-)jZb?}?EJ}|k
zYRW{A$^O_Ay)6@tSJYs6==K*X(T@SO#Ao3=&HY(2RI?*r1sqZt-|h9|V9QcKE$a_G
zZgs-Gh!!`<E(%WtQRH()oE~|^>j+Xjdz`F40}X)l>If#tU0p<NVJd;sn`V-@<R6P6
zy_{N-9MhSuM%%v*qFe{Y3JVk$^)+_PaECI9`e{!s^W)Z<D<2yzK2FAd-aQs9=P}>?
zpAfy^LO}Lz3G3Scz6(1N>uA)ie%OAO3O>HAuiAdJ;Ba#{%jWdFE**Ti_j1c{L=THg
zKIW_e92FC2Un&4wZO;DUJcmSTR4gJZ5rmJLw|6Xca)E$LzUMqIn`N3Yyd}8DKL|_h
zOhg9ntNnxr?Ht3`n5n`;t@oGpwvoW*#N3|3wK|zG^MGDgeu~12Y&ZTf5u0*I^{->e
zDO4OqdYe~3!sFwrs`{UYDT&*WR4BcV6Z^m-Q_cY0CmP3zBL7<v$@^msD#L$iUgI>R
zylnzfkZK&4%H>G^K5s7uv%`~O8^RYHamZ1aDTvetzc1r)r`^%L+k_M)h#03ndc><(
z8e*Iz;(t~gy;PD4QF-v_X4(^|tU!ep7{#CPSEC#OQ&wMsFhnmI^ni!#E|Fd3KNU^h
zGX-jVYwfR?voym@rD~fsnq3nvpobv)+;Pn6VO4B!7TBy7mdoJ0LNkB<CNq-6C<2i~
zo%5qfdtZaI@=*VGa-7@Qf~2er=7d59r|_CPl8K)X3f;ii*a!5N29EV5)>=RYwmgxh
z&d^W13Nv|m&`nPArkl5GM0GM=l%+^xO1?z$L`};OR5}%Qc*OuSI1cMh2yLHmqm77P
zE|D7_aXl;Rm}+DQb4cyg8X_mizi}La#@9&c+ph%F({#dmDYtcaj(gC*!jtuC*crYU
z3lzkY<3A15*;rB@vOg~-T^-F(%0vjKs@sInz`kPbaCwP}$XC5HrgAZ9|7st~LKWYg
zz<6qxGt%)=eooA%c`3S;=z-^{{a97W@c`zxF+;KemV|cbK)Q0y8prQuPGHC5oti-y
zSIrSvjMm{I+y#*himrA8MK?dNm8|66LDXy|6~nWqIBe3)ZQ$`FVDWh}uJgV&93Pfr
zmEkMo;g+v&I=X9~?j?gZ+I<7}V6ohS8v%0_4`<}mE<VfOE964xCNWV4FuP7lVvR3h
z`WWb&m*q=}z2^OJg8bV1w%zGu_DrVlc6b&sT4LrXR=dvW`Zu#DOba%tOjD$V{~6}s
zI*~8fhDQmok*+wEDs?we=MVDMk&HxJmSMKf7Fu{KZlP4Dw+>R)if93?icL3(SCQSo
z6X~B8=l7kHZ|&B(5}u!a79z_>Cp~-Sa5R$La~gS}jQl1bPa!p{$*`gc)_oJZPhZdU
z7bz>d%wnV_vKKPYran&<qu=ybjKGEDeI1M)iFAw^y51roZL~c4VGN)p91NuF_O?hR
zm@TZrrA`mxPGVq|kuz73zV}6$8yH*Dl5vV7dq7fipJaJXHefu@RJ}Ce4JmX2>7YAY
zR^kR;cm$n4SmNthAhASWQ|0Dt3mG7dNN#jX=-~JS+;J#Xku!wnwqP69#}?{F7PsSF
zw5j7x9?h7A$nNDYP(x=D!x~|$R1^AFPf+GiuK2tC>bY{?iUx<BZbgfxYkCh2qxc+n
z333Nzm`20zR&;euvh32h9pk|h2GB3M=ZF;@1MVC~#PY`R1Qr_s|IO;>No94~)|yey
zf4xGd+`n^~uXa{;2;)++jlaIU7|?xvZov0r=0Em0v04<`v!z(q)c4ksxaAu)tlz0T
zh6laPzT6q@DB6UNuWHnOTR8g+q&c|;q>zf2qk2>&Jg&Bh*IOjkDVX@%%TeANW4Lcv
z`niEN|4U899>%Xvt2*w9KWq&!y5nR<K|4<slxXac=qd;GP6!5y)mXi<zoba3tuil(
zf-@f_K<H@YG4`imv*(kOA&#A2)L!(#ekdre>SDr3y(eoLbqh4XOQW(;c!QVoh5)UL
z?Ru}ZFQxH{53=Wd>(&VleQTv&WPjbWDz0C!&_C)BlE^sa4*$S17<vXqa}*H6+(kMw
z{!Fp#A-*z0Gy(le>IDcR>nFTNn-IVX)Wdxad|2#qQm<P9z8CkyKr`@v-q=`pA;_Z}
zl5HRF+7eL&lXNN|?xgw<CkrDi%4V5f4uE5v$!hiI`64|ysNGV1w|%Sjs7Tw3P%k4q
zSRi}3L%d5_QNfxG$Wf}PbKl*us$83M&$18+4i}6jK%?2IG`YnHCC!?L!!(9PU&%O+
z=F5`Swu!kku+&B7mw)G^Y|Eg~z7e`k`#(W8YZV1=RWvNkIv6;w5m^R)(beYza?z1N
zaQ2iT%?P(Ty|A6j@_0`A1CtOypQfBSAR(rRQ|o*Sb2?_I#GapZ5N(~KI4%JNq3%*3
z^JrP}dN^0&ks`5n6t7d0u!Uoij3`3>b;cu&9TkpCjy8F?th6E>vouy&l}6_JE23tW
z5d+D*x+{m+C>BHEy1{jSc8W~y`Dm<UGUs}6*J1eidVfH{$r;h8ujuimWM;+qI<L9U
zBgrF0=TZ$wJA8Ry7zh9{CwXdq2FP^5pfe{|VyPZYBCDH{wNe!eeQ!ghM)}ovka`|2
zdNGv$xQw0t0sg{W0z`AJmW{OZ2W0$+sV10kY_~|;5rVb@F>^hOFfSEDLEZ%E;_CEe
z$rSStbBt3yu0siCqF2yGP*BZZsH_C*Y+K=mz&*^v6x3WU|Gi$x(k-d20diuXvd)@`
zXi`MuLc14T`M}NV4%!yed38*fp*;42Aw+%*IY>D4zZPlS#|U$|Lp|H-eu{Pzg`-<6
z4Y5-On?}1^I6aHb!A^Kx3p)y^A3?I74>-1A@dqlg;Yp!Yr|NYd7A9}9tP#uW>6K!o
zBPO7Mj|qbmsx|Hmw<5;JMKNS^ktRprWtC=LXG!_In~Z-!gd57Jy-v<qudMQX1!0`$
z4b=KR+`6`;gH!zExID0(AYYanGD63Mvu%QV`sQv^1<b@fVp7HJU+Qgg5=5d`E5srp
z56eVOp0RXm@0Ico=gv><r3WXDszKZ~^+EbYz*f1ZzD}~O(x)RF4M0W`QV+1uz4UGy
z+SX^!5htMF;Fohfibv6JhdTH}R2~J^>kY&7o7oR$y-aP`ZIf1DjX%&`;ynxo$#5y+
zit<2OVt7&%7CS5yt%{YU%O7;S;RM%-vAKXKO@g*q#ju=~<RRT{*t8eMwDn8=yllBw
z>s@WIlPhiz#0{k3n`lt{Ljf`T?+4FG7MlpOtDo>}AnU*=**{5m_w9d1u^>Yn=5u_3
zWTprEHrH{@kx@+WPSw&|;bP}L(VYvoX3|=-8vhzWD==CW{*4K~4XCaxlTW_^WVRXC
z6G^$*E_*FVhH1SF3sq*86CU(Zfc^leopl+}P*s(ADOH;fZtKsAt4i7-dYb$LgBTyH
zZ3*4hvrZSo%+%}1XjGCpN-wpW1}d_`ra6V55mBqNN_3lX^oP!x#^<Yy(3WK0R|RDb
z@nU#m`z{A0f0j6L=J+?H>XPEyIK4Cr|HW|E4;_Y4;6vz}WhC06o^}_$XFyVNBe)ll
zxl<pal0lSPCJD`TWkN*g-xWszC}Yayx}<i@t~`#I1Tr^IpRAGtAh8ezcL3y^w)7RR
zF{TJUiA9VKJuGrjjNLb;dwj}`dTKXUDlgH{Q!deoX*oUXiqVY@cG1AhHv_hRgS-dS
zAmX!?-PRut1nct6$NDTO)`JBWY7f=qgcee{bYfD_ReP_y-ko9SN9q3K4ioRf9=4AP
zd}T}m`H(|O$qeOReW~R^Se7{aGKhlIi0q7x^~TM@-4(f2*!HRwRMw8E=5tq}j=vAz
z9g;S5?z(8-o?LZ@j^ICZlsxMEEBY9e8q}|w;uVeY7N(>XYWKHOHyI+%m70}UhF(8m
zLHPLlsXir^mXspDU$DQxi2aq3$1J0_3SnDgk_+JT1q6k0E6~!N`NRk)%+uAIL8!tw
z8^aeTmnm-2dT${vg^WDM?f=V@IUJW?+@<yeku-ova0-}oYd*hQqU!s4OACk;63@e)
ztBJyKQ=Hv<_<DOn+8d7c&DCQ&EB++w^|uc_u6{gzFu49BI1S{{+$gb#Pqg{~J3%*!
zscOwPTdz>ZsC>taJ%~fvwRfQUo|ZSU?(ME}@N_^bD(W{r1e9TLtjG{fwz%T-gzWlx
zJ}thpNngmHxJusW1`puKY+k4+dP{c5->PfPX&Rduha33*pm{WO-MJ+w-U9m6%lsRa
zgNllNoKCgrxwz&?HU|jtYmFRvz(v;NAy5%KXQhNMS4dLnJl6L0{g8r^6)a|AoPM6I
z*P7?a4yB}gs9W&&!~wbAI_d+UC5OheIE?{qb8F_m6QR=YX)lQEOuWeT58M}BZC{bp
zd-+XVL;b8&-AylE%`>9Hlw4W$-VAxo@+K9<?Ewhd^$^6%g33oQzFqQGB}r?3&%vg`
z+%1ZkM#p1*S=z1$Ym{9t!*<b~Xzj$?#c)J~c4Gth!pg|A>MUAZ+chqgPd7z?y?V+z
zfcu{adPN5=U`_F~6D>QMZpqTz6DSso<-A?&C`Wv>hJ!r`hBrg~k{EO~lES4;c;I~K
zd2lR!`4PPbB&E(KmQ6M+`ak+ypJ4SFM!q;Z^XSsPZ`A<tI89BeMGC!#>TpF+e*o2!
zu!K=<>qB=(j(Dj^QCJ*QH^pZAOvYVyq>^lavGj%{)2ew(<S5id`!3t>5P2)pdnU5y
zX%|Wl7=VgGVByc&?|TgpANH05U)qxkHh;5Zc}ig*&XvD88ait}^ptfJCnqughN(JO
z#%|y4?VhFdFs8mB!AE?oF;HjsexmKrDViN^ra44~Djd`<T|Ie_FlwRCq|gcYKbgcL
z7EelN*{n><U=H2YvTK{%v}6I9!HJ-*mLlD^9}kl_2bY2sjf;w!4vrdjYrt7EL<*y!
z494tS3E7$~`f*^KgWnf)a6<U3@Ij|uX)x?P2BDVTc>j~p7CBh^t;Fu!_zIE?%M*K@
z(ZP|GiZ1xV`ImMSd3#3TrgkMO6s%offhorKKxup3dK!<<52nU$YcF<eoufBN`WO+H
zu_g!RQ~@*FnOG4rfP($w#)5>4)jVP8t&rexAr|m|7(0h8QJ5%Mmu=g&ZQHhO+qP}n
zr)=A{ZM*t^fO}W>IA?p1D>HV)7wN{4!h>#2(VR85)1^V;-ZpE)7gl3{<VUZ}Bql6u
z9bqA7;8X&yS@{hJc+-U(QLb}gcC1_m|3bHc4tfo}<RC6n3YpMlk%F&sGvI4)B67o6
z<MX4>1`@vN^uKlV*jpt+xfz!0x9#_2`})}rtK{=q#<HsgVKE+#k(i3Xo~)`%6bnN0
zAAV&Mj2rJ_68wkv+`);1J9Mgx41(IQ9iWNj{GU>JNs3r&KPk6bCpboBe_C;c@$s~g
z@(m>smA0ZaJFlSkEOTM7NBt&{`Q2bl0|4xp(Zk3RRy<COk)6rIol8hr1uJkQQCK^7
zy+#+*{jY;<vhh!*yAUW<bb4m0BxZe&RxR*35rIK#_#S2qhVWU%0S~Gy$p2Q4bOJgS
zbA4kPs<L|E7~@W$Ii@6PG7hFqbNprJw#5og2@1-7cP`5!aVpyvUVS%V!rYTLGk#5J
z3Y)DXBI=gWkw09P3JxTE1jaPsfOnTsflRx9rJ1^}=2jWHJqk<U^&(jGn-2TW$GF`}
zmPkAfD-Q6nlSvv|2d~szwkS}YJ9&zf4b-&fp~$Ue;>acYfD#QTA*m8q)P}1wUbK#{
zJ5qPzb-p6%x|gEb1ov%LE4Bh0CXmSnCbv<<p5J`$HOhiH_Gs{!B1#Dzq^KfACAgsw
z>7sdte&OCjL1R|w?XQhO6$k9=uiz%r-IjdY+u(MWhu08d*mv+V^K>=O1Ct%X>+QG2
zf7l|1GX$0_0Sb!qGqO32)0FC_9I@V}j#-U;WdXXdW^hW@sl2abN=EnEQ;qJ0AH1@!
zaVt?sFj>T4jbt*|=R!d#TtHX<`KoG%UDh6=d3=^w(}s7T*xDUs8Zm#n+Y7H$H4epr
z%5Db8WdZMd6PIv{bs)nj<67Td-{c+48t3Q5g%OxC2b<Xopa6uM@ix<H_GXg@xs_<}
z`GW=AUp?M~Ixjo7eBzSAF$(ePtVK+7fu1s9$B_t=7XzlYJ*^<$<n4`PvIySl<y*M+
zbePgzCR~X71(F46cZ^CO%4o6?<dN$yT%GKKja`+9{Nl+#Tb_3UsRE?U51G2vThIb~
zDwi@TmQ8~uSJo3^1Mjk(=e~hQe`3|ashq_giybz-7jeESQRT<7h~_4<jCf^(pf%>Z
zl_8mj5k4DpZebx*J{Zc3AjMKySZ7U=PhXiKCS;6YW+;}G95{m&fspc+*|f+1S__nb
zzFi`d{Jo!m7}7@C!z=5*tJ=3gnr^wuEp$ZhDYD8o&668n?kKH1I?N$*;izZIN@)+O
zqzG(s9<&+H)V{J355=qv-LraJ!<wynQWgXo)64j14PpC%rrDpn^FE{3AK`A|-JRI!
z?$&zN*z-cQm7>4b1L|MpTc;vML&1M?0XYa3%DYrx;S%ZT-t(x>U<Y9LzV5|Nk;YyG
zG{NlaP`&LMfm|L+(I?oRF=Eiviz9mFkJNh1&`E?e#8io;&z)~uH<2(khv&GBp`V9p
z-$D#P^^A0Q)gC)r=)UoXR5(XpXp-OZK}i8=UlKYX?v{cI9HU1$T>jy>WEl!!{2Sdd
zaa=k>M>^NY#c)nEalwp)t<b-bc37ebIgdBZnYFzzs<e~PF3pgS>L#6uas1B;&v_t>
z7Ee1=A%6~wObf-|XaFj0DI1dHw48zQAKT9<A@AV@M)<xbL8-<GeWy-Zt0?y+V@H7B
z4H6}E`a6*4pe&OK+2V=w?r@KzBgn<&A$r~jjqs^&zH*Da=7IkA*YcmilecI<7$lTX
zj4|}@X$VeK*)giRA^uv3cZ=aA05%k?=+H=LSJDJ0W?dQQ;46O*^5|Te`6T4Ms6a)b
z5U@00bP*pGCNFD~y>_*Tk`Du~R86|2N+}B9^j$lPR1I%t7IuLYM8gTKp1!i(fLRU$
zw%!INP-;mxr-$GDmN;L#-iko<i7J78oWg11#upiC{)qLM?4LvtxocFO=i%RszZ9H2
zo`}B3>pZj>Id!Vnh%guVVs_Wr><{*TP^ISK{c?@HlV{SUPT!>Hiw-u#$~>Gx<~pmY
zy}%={dFN3|nKU0VK3ZdBQl>_!j}z#EP&U;ZB7uaimrnZ_B-uZ^j~S|(DxbP~E)dT^
z66dsLpBW*F<RtpC_eH?k+D9YK(C3ch*r?<1+Z~GyXv%;kRSonF6vv!Mbq|e^yIgfq
z3V@aRTEok87i=yAgqITz%E`eCmCRUGH6uCJX0|Ju27&V|0*(+j<VB7zKcocC=-83=
z5iAw(ukYW?p~sJ5*E+hdPb8<>+47qeuJmY-aJU$|oU3!utXqlJwd`lN(64eVh!cfu
zc|98y%JVX9QjB;HhlOa<`#|Y+Pt1}%(+qRRci-KvJ%0D2CLCVRt7atul4X==a6#)>
zm-29!3&rYIRL10^>EDiT9d7O4*ZU@OQob+MT(rlGryd^x2gp$$wK=>>KeVo$tg@Zm
zRdFtrp;N1Iz6phMYf3}Dmf#|(THU7-+w6uF`Y8Mfwt!XHL>eFBrz?;U%RzGXk^7DS
zUU83c1DQy<okW^U$qy4{1Q6oVP;jiL?9y|>Cqsp34ZwBQFg$nahZwq59$=RtMb2^E
z;y~%eAmhXz%ZLm6K*bSSqfoaOHvBEZaOwFEJcqpyMA7w1Y>hVedOg6Hyrt%kJXZkm
z?a+og`4xH@*>5Llt$(1iBRuf7PiT!<@aE4kCnS`FhNrrb6hWU{8LhGvl?)Z07uNh+
zJzU~sb%ueaXYKG?z*<Q6R(~u5cWSn8&nR(>z2{P$p|g^~fFrk1iAFoMrW=zm%M@iX
zC`hK@nBY{oWaq41=XQa6rd}o{ci8_qz*&!s&W;NDJYTx{&>VQU!ZgDw;%r>^@2_pN
zD4ddS{^@G+)6E`(3GJE@&`hekN)Q^Ba36Coa{kA=8aGI{|Ie3~f|Z@J)7R!Y|AVUx
zg|<ZoK6o6iao6gS?xR=7Ihx0WnIdQ3;%K&eg4~em#2Uj9EVifCAlvvEw52iL@EKkJ
z?~s%gmk;!POl$|P6LuNZhX8Sx)V7?6i2HRTKVz<+THQM(xu@xldX%Td(7jp|=O|j<
zt#!c7=vPZ36Mmh~)o&NcmiU<T)?;*$K|VL+wo$x3&B8WyG!kge`O2bfA)iPP+I@h~
z#pb&O!RKg__dHnZc&FXNE3qRRmVY74!!4L#Kw)Ky)POO-E4KhY!y$$s#$TT(BHCC;
z&J0HBpoNf@D@X{LGFEVp7bl)1HSxhI&47284iufpu4))eLI<a+MqRI{V0mpT<h!o;
z`ma}&Dd>!fY01D{Pt`Z7u)q@JN{oc|0jAXv@!{bZ^5Wi(QC@RfyOaqiOtkylITzgl
zzG_oq!f_sNB-0{&3R4`v5#yE&C2P*0L@e4<-J^=WN5oIMEUqNbKBumtoShs+c`i)N
zd)TRn2OLv35*h&vFT*FUhvC?`I;O&>2JPspv$`Yd%0Y+Y&w`llrE8>jcs{Md?Dud7
z(48}~;?Ue5H4X(!vd3LmaS)ud=_>Du<$RfEH`#gu8`3EU7m@eVi;#RMLbMX0fXSQI
zA>_N#BhgN`O5@zg4btc|;H0llm_r8<Q9v^62iPU=UE~S<f#%)F0S;>;%VHz#qR9k-
za-0#p4rcf2{XciS8Roa><>>fR9c%g^a~FK42e%d6uL@q9w_+Zj<nMx}ZM$q!!OpvQ
z)9CwJKtOHE@gTR-DwXH)8Z0S%32+-#bX%!gpcdJcU^v`2NLf9tIoCKE8mABCt~@9O
z(}mNQiT4ppcPZ_?QtAQOXn4VU|Imx^=^Viqin>sJ_85Nnh?7%oC+r7@3asw=AAJyz
z?~meCvYye$@5^30YI%Rya%KDwa=JRh=pez<0FW=9DJYrhKM9&`x~q(^huSW<H^4U4
z`@)IOY_c~pj6ftbI?${szC4hv8ntCzwRM|?a>RPX)}PMBHDlHnY2f1udt?gfF7!fI
z<@{ifFXA*S&uMc(*Xfe^DivAp1?J}sgrYh0C4b@&5wFG8U%E(YzvTF%80!kM;Ho$!
z4YjFUe7O`Xq-e7OBk6+Fs1r*<J8GVBoA+(QI8YstxiqCc{exNJ7FOx&vs>-|h$tNz
zp8IW`c47Sg?w1HsoJQcx6X=;Co?dd7Y*$dt2=KSizD(?)p=)lf3UySvK1&dvrSm!n
z7)8H#HF<NsK!m<1urT;&00{>YU|p4oIKD4o*$Qt}n2U6wAuS<!!6W5wHw)CR0Kv|P
zEnennxWo+b74VGIP7f!TzzB&Chplv<iih6{Xe$)^<SKXH^EiCKyfd+;@EOb0?-bb#
zTze}2sj-+s9Nok!K*|&0=@aNIO-?Z2^mP3wVGri)wt{Ba@^M*$Rd*WE+agy@i)dJO
zkYiTPr11U%)wVda=B&gJYn`QWFtlWnEB~tkh!!ouizE>`2qrA1UzH}0bM8qL!b&T0
z`_I6DvtSR;WvbQeN^3wnO%}b)&_y(q_Qnag=+IVx>qgj2&(uj)oA6z5k8T8nPzG`b
zuO-je%LBR8&31B2q2DoAg_ZF&r*|=5^6&hP4;TMXRN?{S`a4O&MPWTgsFJE`S@&2N
zquMQZAOPiD<@TTxO*#P}=Jp*yf_`q$b12K$s>ZHEixD56$84+>=5M!@@Mi@VN#~qA
zk}N7ymaN1SVUE681hKE}ZE2WA7QyyL{Qtq{U}IqX-}xMz|35wl8w1P#mCw;>>`*p?
zMu)S7{3OZL_#d1jm%P<hmZ8xW8(Gd~tM%sTwr6g)ytk_UmOpxBt<%f3wyrBHMq_(-
zR&-@)ASN;{GA|LkfT)gUY<O}K!l1-FkeC?Rk%`#}aC0jXt0Th^m}Oc9kje}WfXobl
z`M)z9Oo8Fufh9-_!waASmcq|A!~#2G6Q~wYF2Lm*+v}YGvNQlac6N3_c5`(va&^B?
z|0I>^X#l!3GXUp;SWE#CK}BgPJs<%}!g{a-hGu4GrY1m&POL2eS%4-1WM*!2W~zXW
z9_0R0eyIN8-C2}(dYRehKQMzcv(w{8cm`*3Z|#7bjH-n8pl&JwnGiu$5Cao)sD#vS
z@}1d{%&&Y4W@Pd$e^qg4hmU*{<7fVfcmKt|ZaKWa#PfrU41h8LWb}Z>Owf6_xC8xe
z$&Jh{;PpRaHdoj8`YU{a*}r{Yh2J4U)c)n^?|ch&Y-~?rZDxSdh@RTu>gY^lf!W>V
z=?S<38+&V$w>=7C?Sj~|Kl|;!*aRoW&v0-;?r8rE<L`LLa~im324+=|&Trv=9f>pi
zC_h_uhOha)iOkHPotwYpd)N4UzZ;6m-rU%8e_hA?rr+LzV6vwFbsWiN{jv7<?HIX{
zy_N}ZLkC1n@#|o5X8z9I+qV@V-t+G~=`;M@kO3_HEuF;Z<OJXW;EH|v{{uhj>;04R
z`lFZ9Sl=DWj*ARN78n~G1~o7`FaU9AZ2J85-_L62;>_IW_|CrfxB966y%S?%eqvw_
z)YffcKY(nMvW296L#EED3@FLWWKt>CGy>AiyY5{T1clSc!otxx+^sx3?I1>w`S0y?
zqhlkz!<vjSl1YdYD?f}NeolMPi;}FS@xEfyOL@|_Dt@jnSaGzTH7=|pzS~(+UkgU5
zB;R0mnzJIoo%UEL#V~@A=K3sHWHVAf&A%?GaG_XWYT-|qakHROJgpIirh^IHeO(t6
zdIow&pp$%np@EhH&V>_Vo!*iSDqqFyUX%AkiP+sF*A(r=NDHu=;lUE|g)4;5gZ1sV
zzi*+!+`0nlir2gx7NC0nt_J|z%{@6^X<yC&v4|hdY&Nu{M+#J5P1+?MW<dyEt6_sn
z&5CMcKMy`5p*UEu+lr((Q4&Ksn7Ft<O{M7-j&`Lpc$~mG_NH0)1lay&b9Z(3PW+;h
zbm@<JC*if(`4Wc;L`0ZJE0lWY2h$<(0e(^fve-E2#Ov(9fviv#ScR9y%P-_9Yt}Uq
zDb0#pMFq*=;ZcALdxY_o;D_;TiO5jiG>jndQ(ShFzUG5;5N++3>AMH3DvvvwaWM?S
zCz!mCBoj+D;-5!O+>|sNPt&L+1|7;F8{h=NrsSo<EV1D$q%Dmgu%d4<;M9VvE~{W3
zUDnL)Vwq}``f*``;zy)?cDctZ@ILVX!`-mf%FO(GE2CdI0scT;`MhC;2<g=ue8ne6
zflKQlmKZMVbSAE*xQTwpN<R8^e;N$bu^;aI*b*p`&aWC%t#hIC#s1P!d}y@B&g<@H
zRMbZRVM4q(*uI(1x0|0B9p1mZlX#w$yu<w!rEJFAWIt;NBHFtkGlFqzcnpLW8YZyW
z7z13(rHC(ibdWkOv*aRL7G%XN*^*5NA!918EjICK=@w}uQ37JVPEfHo{{`%%a?eiA
z1@)Xrj49{^M6sVpYA0hghEGDUBKSEVH}bOGvSAFPB``O>aXkKP-^M+JW2AyxnsnNY
z1tXc?PCE<PXc$@f9&ARnmZi^&8Q5+kix-(g^=_^yBcDLAGZ3hD%|+y?ZSP($wKq!V
zr*_MU)<3-$o(|rz(!R+0u%NVNvX(R!&bIRS%>hF=-`9EiYL!wR>6h}Fwd0<4F`?h-
z4gmze3YETBQlEn*rf9Gt$e&V0vsTcB0Np-i?1FtS_mVlIIIT{*Nn$~5ToHd|Ra?HH
zyD8JeW>`7z_r{~U=BEb)=3(Tke=w45G+tsM-v9Dws|NB|TOmp`n46r(tB%c>2?Wy6
z*zl4p{b!XTxRVUCtrjO^82z1juheScedJE4VXkv7=bRklHT8mFQOFyy{lG;{aATw%
zmRX#WUAp#6Yx{57Z9|gLVRxhaCUMXw7j3B5o@8!<*Od|f*>6dc=!j_t1#^cgg99wm
z<}l+|`aXL`5>&E6b%)w=o5^KyX7>rmqS{L^>AP50sn7oX)^GaREXqe;MuVEzYbBs)
z4ml&TY=8<u_S0IGq8;Y-9q|vv(hKUW>(C<vhKJqsrWC=)9$&c3E7{ZudM2A)*QM1Z
ztVJJ!rY7Rw!5SoU&V{(i>xtwIUHT<@ukZVyt6uuXevG(#d;Twn!acOSp_ZVOVTT<c
z#l(UvJRs{)oWjGS^411gV(fjs<HrIuSzKM@DYBe1)3En80A6KvvWW-*OF$%QE#2{Q
zQn0o%+tLjlp$;CwZL5Mm+-BZbq1l3Ivx$j0;kY1Sc%TIS{4{DUWy$8E7ZxVr;<0mr
z|D}(2XU2F+14`dFR`kUKb7tCX>k08vXChk6iVN6RXQ)bJgu!1>F*aW;mG8C3e`=4N
z0qQ8gVC(E>_K3)1Q6C`#nLE{I^{hOrSOv$&_KkgjBt)=MwiqTMdjsh=&#b9Wkua}5
zJ8SD>gzo?aH&KmC5S1yr51O9-8F5qlqd24)%Y(0nygo9UYr_EpNLq?xcltj8XSgq<
zwIWqP)^ZTb!FDI!N@@zCjxi&Os^6??en!=K!wIi{Ko4)&NdwB>yngUFBX6jAH+K6_
zADAv{Vp_8D@+Y^NeXql1hkTG1bjM#)&AHt0R~SjbfTpSff-0>V;te}3{PlnxrU;|W
zgI3p2R!R$17wD4be6#h;`B_^OYRW-#n(Mo)LTFMm<?ESE>QTwPbkk{fWp1wNSTU)*
z)8RGGDVI~gevp4R0dDmeXer$#PFg)?-o6gFj`zPg4%6I@=5CVuE0!8K4OLp7c04-C
z^#6g7YOd-$GS#J2$)<=rgpOUho)M>)!P$>`?7`d#&l;xg{;l$wyQlw(Sn>0`gOSTj
zOGIq##b%X=ut*0f8jmrJec3p=wa-yqoxd*i!pR6Z;^W;dll0=;^(Ok*vsoR&w;(3@
zb;V(|6@c9j*Yi|(6>Wl}xSI05<|2S7II;k*#(4Vtr;nrnwVLJ-Zy>zEykU&GJjV`s
zTr?G~MG!T<V;oAfhj|7q48X%dRs^9cSF7gCMXSX_pWY`!Ut0=7ha)<S0qbbn3c?P*
z&DQ9{sUZ&>F`>nj=ASyo=R>oP7YAY=jSkIJp>j@hgFVc!v_9*9V4B=68T$EQdQa=d
zyr9QsaTFEn#^<!+{6jGbcDzJ%#-+QaD~WKZ1Om#_y?pRe&+WcavGN)3nS^a&%30}-
zHGN&p994@}0vkV*r<mcbRhKzrA_8o;xjUk4c_iH>!@SkRXFpwI9X`5ICN{Iq?mh10
z`>p~YR(GI78}E9C_W(@xpY_s6S_rJ#oE~X>k>=C`RweynNUDUthTjeczR96*^_jv1
z`L`wym}0Jz3Tz)C&Jy>|S{srOE`aE(mAKP_R@pie0Hv3BRt8xZ$f+srNi&izUnh$L
z9D{m~aKOXHM7yMb8C~h~DDA!qUA!2cws&;JczlS3WH<?pLCJyR6|U2Nx8D-QQz=FC
zZbKq(Hvb?kXK_ZA=Q!K&h@zZP>z<WHM_u2-zwFWARtxY{jFL1)4=yyt3R))t!Pv{J
zX7S$Rz9gLWMfrjm%*_UfqiZ~7dmFD8ekHtt<X9f#HSTP)5;mPD-6x++C#_@DBJd-+
z{zeE{L}j9Lrfu;tDhzTD-D=5H%Lv^~@4=V#I1A4`09ywXn(57wZ35bL73C=Y4XTqv
zBQfBTvq?5ODKW`+aPDb4mqtqTVAps$;c3&c1L6m}1DwV$Hgonhg-{T+t|SNW3L3=5
zCW=(Y1+Bp6)QyMMS}|$BVx=<s1)cMK8t@@u3<hG{eWp!Tj*bI~o-fDW#fd(Hbn}q9
zkBz;@i8Ia<1TM-?A|dQtVG^fw3KM$i*qckfgx$r;aBr+2mRKmPDaigpjYiZly97+O
zkgpix^?D$jkbqH4f(DfQB}i4v{X}laGc0!6gkpozLJiTfRrxalJODxem7wd1_6d<0
z+Fr=*4b`;1ss_#DSTrZEJgP+c!{k#Cq~nufhZcGJeB*3V{1#LP2dML~68hg@hjqr+
z1xa%cY{SKssG(YgWQ3`sf;PCzBM}Z>S=)+BF{z|khLfqSsF?i^1wIw~_hu^rw(lzf
z$}!PM-fJP$b&#8CP~#I379aIxSqSEp_MeV;NwSC`NY4xXDeC63FJN0)X5g3^<uV80
zkvSAoc|imsoMB(&C^%2vuudi?VO4F%6?IUTL*f&a<l22}du9vfU`ag~q*ol7gE3)&
zz+#(>Y*b8d4P7AZL$az`BR4=e_BViX{xX|kaJqCo`Iq6y(U)~=N1@s}A-#ci&qDYL
zkG=W{5k_!ZBCpdpeQ+kK+4%akzOMJT*=?DKkdu2I`+bXP+M`3_GZm2fKK9$cP}+ZT
z<hA!B#Y66{`Mw#|Q7fkXYd@7jJeL?_MB8iS4H8q}iazG(-{ay9Sn0w}-GqP22ulO8
z4?MeoWuWAvGq)gjv~Pd<H{iY0aL)Jd_&u|(_k}|xb4HU`4m-{rQwJCOe~Ap^uFRVk
z$QZ)qnuiE@P&dGJdnT;mB$1Yrso7ehuiJB`7xv2ljTOTt^KNdHq{Q2t4ARbi+{DKN
z1~|A^cqZRYZzfc9w_O1+k%h>mA6-0P@yPW4ESZ@AWrH_0yi4k{MQ~Iu#!b^hNXx3<
z9D2zz?bU`!Gp-vxvc|YE17hb3ko$vN59ZputN9Czv;G`d5^TO4g0W^IBFv%RZ;0X7
zGB3HC5=@I$`7}N9;|~DoeKE^3^hB+E_@?Q`!B4V%?l@_^{toHZr5Ofr<08r?7{xZK
zyy~kjl;99de<$qq@UC}K;V6E|24-Pi3it;X{5y{uO=>(;gzHDxIWNpQeFZA*FEJBN
z+yix(E1407KxyS|7)SPcR&13Avh->aXuLN}hTyaUCI1nro0vR&vYx*t*tgn7DdJ2F
ztLdhLiQVBgah<F`HAY+O0iJJ%kIROm`CbY#Uo!S%0VQ<Aym4e1I!C_sSERN_%@aPR
zeBZYcpc$2jkB>uidLE7cGMPj=g&m*<X{H9uH55gk-(H8qi)x*TunrVjx)q*~@t9^l
zpA^4*cCG)DBjX&7_*R&fQ(kzDsL)6JNzI;iX0`>Ingg-ad7R1t<g`*xLNP5K4pNID
z%(lgG)f?m$j(vvg#5Cft$9~RyY$ah)(TW_v?)?D-lnV*a2{0iuJY8sboISG-IqVl%
zCg@`C(l!4+?~T?fkWy_3XjqKJ5p#<S_3$w0^I^BD?xUA*)p|{4KK2Q8>Q|+HCfkW6
z-%0RqU@O)RNdErTzyf3ShX2|oRvX7Tb?G#+aA~x;2w_<*#sP^pGjL~Z5;!>BMR1i1
zZL>>d>1jwFecZ#61{N>l(p;QujQHruM~-MhO3n|PhI><9SHOT^*#lMsi^K7fbCF-!
z2`!J0ut9GHIrLG=QW4AtKNG#Y0QcX9AumEIu9E<zp8xe&xA|QAv`<W&Z<}qs0C>k?
z2cnqK7m8DbdhCsop(m6JE8h{3YjS<f1vf&b96WEHcGL#4redNY7}Bezw~c?8et&=|
zks}ui#f3|%6mWF@oT)C=ZK)l5JAZ^n58z@>mvU0}?TH<VPJA(rps=1cuLN%Koz}Oy
zL-*VjZ<}n(PKCQ?6VAl+AXB}p;lAvd<5b^(oCiVR$K$hdE52>tWfI|tLP6ja{b_nW
zV*ycX(|LkVyDAgS!VX%-!8~_;NuV{qDi#^B^UoG1ly3WZ>Dtjs;|KCyk|4q5nGU4w
z482;fa0#j~jDFd{L!utIKtXfh$Iw#`+B5iFw@<O(yv?6_6G`D>7yYtEF@{nP8jh#0
zP&`X|3`rKZPg8|iT7q(c^3?U2Sdfr@!)F&4#w}Al@+B{R`7#phWYdHq@s;cwQK=xI
z{MPk1aC#A@=cdjBtHx}DDiq|rJan;kT%-gwqpC{NcFI^iLZL8_{5L1ru6UZ;BLSkN
zJwg>RYiO{|%={ycw(4%4b;cKcEgo<Y7~9)QWRFwy<w;#(G*EEew0A(g{^nNVD@>gT
zU;=$ulSKSO!k0rFvEQgKV!n&20B8TcaN%y+yTEMQUc|#)ocoVsX*kd-H85iP%L&?|
ze^U`dX$^U3;3-{NwJ-$GQ`?|81p1jE@!Qs7MjKYW+*SI`{dELx2UxX2{?qhmD{R4}
zO`J<(`-K-<;{~ceQi4l85FTE{3p@9);;k{vFu#g3(tddWnm3KpuX#s8x>0gVqBi~}
zCS3r$v1*Q(Ys^DPb?6Cgfi&JGmVp3%x*W9@o@j;;7p<A>L|(BUUy<C2BP4)>bwc=%
z9qW=<yJ5k+-mW$512`-2Y`xpGUEJ8|Ey_+LVJcxJra02R3a;Bw8w~uR5@h}wkAF9=
zY`&tseJJBnY$VwhN<wo6auOjQZ|&~NxxEMA5#Y^=z;UQUL{z)TE)nd6GL+_sB$-9X
zx7&2a+I=!>IOQ0~RRi7GDG3QbevxzS_P#KPR+rK`GB!S5#Y?aC70A@V4B1yewF*yX
z1Wfp2WEP<zeW_jVF>lEI#P1zo{k+**?tbW1V(Mj(&>j4*HJEU%xF`d}lJw@SAcISN
zEh61kH@{N>f8Atr9b`1C$1RO-+YIiNTs1x6rrj8lMrLR{Ln*3TLJJ4$1W~*tyHNkX
z3nPy``<d_N!UWDKwH7Mf2Q@n?V%#qQoV&;2-VYr7cS8r4e-@H!CPF2t;`BQ9bye%Z
zVKE3I!A5xHKdc^mJHU5f$MI_6`%;_#4>;I+53+-VFOO|oCKG>fT?FEz4DqjZhF=YS
z;0-c00YHOTt(~1St~4y)rwO4tSrL#>Yw19?S~+SBSL#l)_E4{*x;gM&4ab(Wpic&Y
zK!Ba>h;$KZKUVaM;sDWYutrM!MoSo_@8^aH3t?M}!VXTvAklK~GWSCQOE8|FO2$@p
z)W~M5BPde+-RUGnT>xu0{><Q2bElWS-i8jWr6MXGH^EH^A-?P)4H4Gr(wQsd=qRz}
zbs_`JqXo*~jpEc!7**v-s6;=(>VRSZ-vOO%7In6REX0$N>@zN(brUpRWviaCZ6wFX
z7CO%s>bK=B0lo47h)<aFO|Y9LAJrzS{3dPyxUZSIu&_-xFpb_O8W`xdPyz4@eW*Kz
zkCv>YW9I-AoIWT7ONtVj(tm9WzKO<2bU}+!d*7P8v8p95$cGluyARq%`mp8>s_tDH
zz{>hKtO^47**hMoxoCehhK4?1@<u>dq%)Tf#+L4P%g?Fs8?22GphsF|!{mM!r|+kG
z*%aD%R51#}sx(QEnkWcqTvJeeC2E0d*;Y;-I6HUr(W38O_f`u(SXX=0+wHmcB9Q~k
z8ejrDRcALXPdj4aeLv@t7O-dI{MVAwyatoXn)8k&W{wJWa$DY6MJEOXj_i?L8CnN~
z1U)4gLR6HbQF1(I>XXB<uMO8v78D%ii0Kd>)UxT<VY3n$h6ooH;B`3AH4(A}Nf-kP
zH9aQruV1<|UXWn<*?IyuP>-r?BsmUIYR%%H=AvQXZQ@ZUeYA{g4zusyGhBx%Th-pa
zax&fwXk+B}3|#V;YE~%TJwlcBpD^2t#L-Pfox7_s3cauqvy#nq*xt;uoc~PJ^{Uf{
zFonpcI_qbiJ;g*tUv4E=-c>?)k>P33f5-sBTPuFKdO*V8_n-9uPY5gWEo)x$$B5r_
zp*~d+-lVZPe&VvTlGK6VxAjCve~0=9kR%O{oxZ#F-ov=Nz953MI#Me|@Fb%=<?t&T
zefa8~kO#<ZuuQHB^MR@zkzN|e=bOTX?wQxxfQ+ZQ)BhUZ)a-j8n8xl7BKi9wUNnJP
zzn_W}|7q>&V1i|aKGR@^WlGh?^L%FZbFie-5tsKb%@;DLxnbbS+0TDQr9y=sc7M+v
z5m|3PO>DX9D`KlcAFyWaVwSZ_79XyH^W~}AqG^pu?ee4`bnp$TlndVGQ@c#qH?P=c
zdS=xdoygNcT4rLd{-BFPP7)+F^?0z}u|X>zg(!6Dewx%!#b|gwRp<o8Uwk8KyC(M1
z-7D@PuNOuNjlL)Kslp@GP;=&avP9ThaC17d4qRXe&Hu~MnHrGDCbbdsfb$XqW;sGv
z8nu^DWksL#w!`yKko)>|U8X~iTd&XCF{6wP^Ay$7IY~hwrPabpZc%TPm6{j49bP?_
zr#J%0BbN*uHXsVx)FYx2CA<mRj7`NxR7U=VEo{S2sJ?ah0<4__hd@+Ty2@3yx;j5C
z^;)l}iDDS<xpF22gO8Q4tAq}DGDXUeu>JiKYx-0OmBCxcQV$e9-Kzt3%&AtRp2+!4
z@xx+lE>~aBAss-E=`{lVm5y^M3DTRaa3V=M__x9^Tk38=O~5Eq97C{eQG5GrJh)KL
zTMx34$jB1$#+;DsM6L(^q#lRYUMPNgR(48V?w{3ii+l2ZiiBrw-g8}1(d38iFeKs~
z^Hq*llhTNjC_kqS)TfLXCJAakK2ooZ*N_@kO&2$`jA{`uiL?zS_^^dj>B)~t+ZGjb
z3l`~up9>XIkD7a+;6e11`p?Gv9Xu$v!G#+M%%aAxDT_lo>?o(!<kSFD?$3f@Utvo=
z>8G^Z53lZ3*bEy}Se-BAo4|iplsp8XCD2ahY#iRWP3;xdftz2T5g!zq$WT_IYf*L4
z)9y$>&Lsf<N@N^JL~wp$MD^X&DY9@OCDNp98_-ObCbc!F_oi`ajQvg3m4oW`V$8IJ
z5wl7UJt+BzdCkx~C;51tK_{zRM#*Z@%w?{`?SM--!AHBu^>0;B;~aUZ9{V;;691<L
z-0`z4DaU?gJq}NQ{8IS8|E4t2`D&#%%3|#@2n~Q39)Q=EaAIg?DTvs^;r+Tz0v5i1
zR-Z;aPAzpCTObKi^^cQ<TE6vyglu7KN06C*PKXMsNp~y>(UTFxxg`pP+SLaeSI9f`
zG2c>^`pU}}XZjaj`@z)J_JH8LH;N|&aU&M2T_OR1&C_>eY^1KWbQy5rIixlFco{W&
zb5V?wn+CO|V7}9u35F`|nmWPmy)hHBdx%<?XEBVUvmsew$R3c9i)^-4+%n+q(`O4U
zB1PkEofU@rN2AcYRstf}2&D3gYuE9%X9shOe1}gk|NX_&+8EL@h)AoYDXLE09^-dW
zD2n}G5BLTa*1yQlYVYbJSQM?cW(IULSCtQFUP7~EB;E2G*C!cE#xBAjQXdUq?I)zS
z33HfUvj*r9-R2k=FSA|0OVD48ukrH;qzb0N$w2a+@-=2frm_L-IDp~i%acvsjdw#1
zrV+DLgLYlXlhzzuB6=T#_92n6YEiM^OtX@xBO%|Q1aJ&Bv!9j)gh8P;ehULuo~7&!
zju!uoNhiLuGM2{+XzqjVL&wmgaN7RHmmlP?3mR|pJUI<a_#<U7{%N66k5ub6^mqc@
zzzaQ>Fy2%R6Tq;XU66l6JEJ{Hxzbs=X{o`$&<WyCiqOR?FJY2x+bOLocK5DD%6}$?
zzp*1Yx1D<=lmQouvPF7%-G6UoN#UdEDNEZKcZkSAp*5Plna%C}!=?i~qSqv1fO`sy
z25yBSOBM2?Xl8_RzV`zwMm$o#<MZVDzWF1wvbU{LqImaYjRlipnGV0$8eNkUo?1eF
zvp^3yXA$Z4q-eqPL9M^sMGVD0R<wg74@*FOCfH46#s8$sO|l2<QO3_3uF6L_!5%Lf
z?Z_MPwT#7P_N%!@RZX%l<JMz3bN?xx^ew#6{bsUBjl9hwb!3t-V+!Qv0H9VV)y8wn
zDygCJ0`PsI=Qv|~;vC6@Hz{ZE`+bgyBB+#wO7oihNm==OE*Ys0Ma0iouiq4fJ(Tww
z+vd#}+(4)9vUN3J<GQG$Aop<ph2qnWd`oclGT+>-PE));p^cU)I>rh{c_f0}T5pk=
zMM*$Jw;UGG)w3fhYLtUr<|}0t>5EQD%Nd0;Cr{g7XeD4e{Pguoea9>ndx70xT^^6=
zYF~2TQoyKjfYL1uqDSPSqsOB<SSF%_)$3myAf_;UFX*qCZ{&fNfgUL=x%<muMK(7o
zeYmW<SW_yzAraV-&(`#`&LDWDBQx8ulvwLv@zZ7Px*l!7FkLBDD&~Ft1b|RfC|o>+
zK_$F<Bf?;7;IwI0gwlJj=P~cWoGZ)|)^L&Jk1=SH+HG%<eoJM$eG%6O3DCuZlJ9nW
zw6W-vHH;5si~e3fV)oq4`GNY+$__3FD~76#m=5*E)l8-5bm4=XZfTbm{ookJ+~M^+
z-}qJ+EUn|PWnR21(DQKBS(8{_$hR%#FFo;c_BoPS?%k&2ORK<lxkLTFWG`n>VtqYi
zH}!BND;>#N$rdHuDawd1=>ig_vJ#7zS)u(m_EtfKFYo*=f;*{m5<1$5l^bKe2<h6s
z(|Vynyr|o0`_9V@&WN8#$>06^k&91Na6p|JU-vKGr-%<D*92THe(y<HA>(UTqM|Fc
z3x>eUrhaegbvUXHR%d*%3|EYA*Uzn<2O8G3Ut2luJvUFnM7<4D2_gnaYZaqjL&-@;
z_Shr38@F=-zK~qfxfKzN2e}$>&FpVJeH_<%+~aZ!vD1;c)`#T_<J)Drujygcfj+#0
z#VFmFD@nGg*q^hk|2E_Yziim)5yg$^t^T>_j}4`6USDqa|2U;W!h1l?fj4&(16k_@
zXZ0h%k>3U*3Bs$c%!dynr8I{x3+a+%P{B&?7WwdZHMl6Fru^C8sk#pe|FR|&vbm8)
zT+=&|3%R=$?u8g&fw1i>Mc~c5XRrK<Ej5MutekXdm~kFKpNE|L$EW9G`iizD8#4G<
zCk0oEHD=t!>gRXrWg}PrEv(y3#uD_5I1qnt@b1!12!>q!W$-M<%<K#b*r7APIaGX_
z(|PtyVnJ!%cN!x!ZD_0Z-BgN;3|ccY?_t|9x+d*m)Y#bz?^0e2rvzX@Gm;ibn=jN~
z4eh|)6VULPXc8DnqAZT}ci{UoEj1A8F46UP1X^SZY;>x!a-!=;2%+y@%_2$!ZH890
zvbUD=&^OZT5$0+-c^E-_d!34Gs(;2Q>GjFe66`_FaX}dGZok&|zVDW==kn9eXFy7Z
zs(Bbwk_F(e-ab-vnW1SO-Zv9)Uf*PpK;Djy8L~RO_)u+q?gLrp6G;Wny88Lurt5DA
zv$Dd{;4=0BN5H~bzNh9u+pS5^X5qY}^P%KTIO!R%O)u+JHCRB<9}@3C5+f3>p|0u{
zqZy;~b0q5qpNRAIX_4pgIr~iO@X!3#ERIbevraqIR)`HcepE5;JyNtV-_R?yXQc|z
z6yeqS*9E`07>va83)!GHN|%Z9ax2j8DZ_1+0uBj7VMOp((Pfb~SO|TlSvV`FV#@v4
zSmQ-8{c!%)RlyamaP9J(uX}C~Yez9Dnb;DWRp1T2>y28rL`438G@*EvbOfMnM;M`r
z`g|ZTQJQ;iQGI-<;^i*o6#Pi@kcFG^{q`okKH^TBuNh9fz5S@_zS_%O*0(>JfRV0a
zC;lL+2(il(J490+AZL@X*@a_%GJUx1GW|#>R&2@u0?bKA{1ba=XQT8X!7*-w<VA|8
z!<FX!v8bhTw1Ed$!%1s{y50muj<|$rrbB@anL5L)cT}9_hVcGNQ<JhkJp}><WzAd_
zJ;WENIku&Ak9c_taO@y$dEyXnH{L42PT*mB^8D9X2KkVv%Rq3!b!)ggv{X9iF-&!J
zlQCLo-OZ;1YvWz7jPXE&IOe^87Anuoi*}7q3S&FS-Utn7w=2rs?lcVhE>)B0mF;AC
zo<#O^AySy6z9y-`zin;rHpYF0{0?g5_TO6O{u=ls?ESkG*q{hLq%jo3q0vuTli=rm
z-{z`c`B2j{65#HOdlP#se5Mzw-7uv9L{Ww01qa&C%88g(0x{e!tK|g=#533+&MQmR
zr;^DLP%2dk_NLP@IY~BlZqelY>P53;5hEj7g~791zSSYaw@*LOt+cE3)OE1KCJin7
zW6YPiZz++5n<s~NiE#x;&;Yaz(2`$o#zrEt$11`~=-&^rW-a`kp_1`x=IrP~Hiy|A
z{@#K(NZ*lPOtAA0&4JWn0Q<7Lu8{zb2VR9fc1Qer5x=?;5IBGBCq?}a9rmV~u!~12
z$?bMW97A1*jy--q<M>lpxgD7`2(J1N<M=S;ef**O(4hwOP&TIqyzm>AiZ>X=7vup&
zW;|Op?(jE-g(q^o#F0Tt*1b*^^eM^Ctg43eRTp1`<mR*-Wq%E(>mY;U#i{*XVPmtT
z`l{atB;rhv7tzzvT1Y>-F}Fe5UuGvKdnx8Lb=~Jt3O4TdSV`Mz3wFlRlQ-C&IrMgz
z?fXE{C?4TLQVTj7ju+rM#%aG|4?JAr2nQqO_3fLTzFLrbkD4#D`Ny-gO@fuwXu~wS
zV^k1w5<9HKiQr-Wa1vwALMg+1_WV2HiMm=ElG;HQG<k(gIf>1i3v4FbHTX=l&9vT;
zQmjux$fJ?2iyRFhN~9h8kIHq$9+aWreGn94=e@=n+^3EpY4Lt@rw!ob(7d%(UMSxd
zr1(P;WC~oItcKJxPu4XZrpe6grrfr*A49Y#Hj85jMd+w%_Cw;8{k9#hME;RnAx6xk
z*%rvgajGAq3IwjQw7;GLk8WyFB?CF+XH`h}bIScyFa9}nqZ3DPIM)K}DE&~b6qoO4
z`(}Rwks7_h4-C7--np@#FZEC9zDl;+t<+q*iax~0P$SW7^ivIjmhJZMQ41whqjW^7
z#_(b(MZ$D2G0H$f6Cllh?j^i;N=rC?>>;&5+$V3$qOsnoJBw#3gDMSwQ}#b+nDCiJ
z49uy7(@Gx9!CS$Flr94QE5i71iR(G~Xb)IXV<xl$uo1K&guhrv6M>UWFPO(@hbsv5
zU4-W1&E@9Q)%YG3gle#za9<Ih-nwmSNrBh#*U8<~S%Cm48Ogi&k1)3}OSt{vH~Zoe
zo=`S*kT>3iu#B#qYryl8zOn8cdvr&8pa0U^b8X2fv5|1V)OjaXCri#<ZbtTIID5b~
zcg7G7#|@lj<Ox}mha;3^NxFy&J1wGZG=~J?wAmU(ATqvOYhtLn<if=meGJpUm46k#
z&fDO2Mleb}Iqh*w;&BJ<wcI8Q1|a)<2q|EQo3b-)y5D|d{%Bzt9#1QC0vX0+cN{8%
zeb-WRc&%55BtUwXRQ!jv+$Ye+N3(;OC6<2;W(WKV41YHI(%d{x_FGa;n+jw0uNE%R
zZYH2aO_ow@#bxIB7XPV&nY;<hKzUnf;A_z030E-sYaKaaO@xxl*5yO$XG2(<3U{k0
zrBVENR@GLTig8&LW$%<QM1Mvd51?~L1;%|2`K5ZK2Cb(15f->z9!>;&4mb2L-dk|^
zf~aUJ4jMt0PkTtgKT3X$LCvH1%V8z#8>ihl<)f<mumm41oi*>e_FMg!j5Bjzn?3Ru
zUN@HEFvtLZY~AbxI#C;B^`&jb(5JwKKRY*<q?OSNK1TS=+X=xIPV-fe%%20?<@Y6f
zs+&Y7mW7Zpn#6JoIdT3eNa62lLw7n+sRveu>fD}-YaCl0d?JJ8F-&E{J>#|dx;C4U
zs~VE}HJAiPF&0hijkSpcS{(i(49fhVS5#M=?mafv-#4kEbE~=6VADY5o#pUM?ch+{
zRY#v@%W<1XL!5hfy`P)*nuL}1805Eq`)+$b1StaFpH9^pwHKrNga5X#NqBYlGZ<xm
zEGM`UIXmWItlpPYW-at_&6}Z6rB<($A6-6LR2&6E`&<s6pNVJ;++qR!u+G7RH*1n0
zx)k&p9uO{sRk_@!Zw9W$Axh3%!ihsS548if#1mpVSKYr;usR028rcPkB`1V5g)kYG
z?O7#w!}!4dtEliV_b?0{)%+U`c{*UJ&26|O=j7i)2dnPTV|PnpE1vrxDOwi+`+|6}
z@Mc+Q3u~GwTAi()ihv%0;@w_oSsTu`2zD=+&ONh>uDGP@=n=@S@w}bf!mx&8h?|RN
z==OiHQx6JS2=2!{#Yzrs<y0yPx0XlpWGMnX1=$;OSK3)e+SG7-glySy-6cFI0}Jgl
z_6#wo+7A3L9j^j#kMuj~W&xae*i5)(z8gTq2T#blt$+XJqL|OUzI*-AC(64$YFVeR
zK9XaEUNtedIN6Qfot^TwU$(<{EFQg4?Eql*`@0Zl4~_*2>wW52OS8_#9M;jYb>>-g
zMkNM}%b2Yy25$mnbcRsEoVcl=^<spqc-|pH3>B+s)-T4}xVTb2J063yZD%Qo0tQ1~
z-1GzmaV!yi#B|927^xDy6}l&>XN6(Lf(tDeer!o557odfSGA4<`MP`vk|+|+&%$`+
zMP*KRz$JYuKbdLG9Z#c32FZu2Z_R1A7Jr7(2fGs%okeN)gb<sn*N&N!P<vz-xAa<O
zM1e05t~0rtSRRcok?D7;Aos}In~N);9bwZA&AN1Io6=5I19lnR_zkH;!1832C)T_M
zokYP`Yn!{|uTKO8md{y9roYz+cl@KV|0<VPGF+<x#>oA*gQlOK61H<$D;0b-Bryg_
zw(xT<3<|ZlHgP9Fi#XN;#|Cp1naN}QbL3-Mj#*0f9q8Zr**+hcks+5cDJCjkzApYl
zuGcRA!>UF(NVN|P!$Sx&xWWajmg*yx`#M`_EmZT!y2rjkS9LLTL@}TL+3fV&L2cP(
zL*Ps`wjDQit1-8CrW{Nz<gdQfsVAC<^uTC~4kKUQ2f@}GSNytu<ypyec@wX0C&tfa
z&ik1X^db!V%b1ZV8;oS^&FR90vZYJKb7n72Pqle7(%)6Sc>0FKzAx}2ZxOr5V&ZAh
zEo;>|Z6Y&fLggMlAmmd6`LAzw7EPey<p6j*oSyL(cBCwC5x|j-g2~;UxegxILtN~4
zUFc%5qUvcfnTivA1a*gKnyqi7*52Zn*K;RJBp7%SI}eV(7uAA>)onrvf(unp4?XI?
zIHSNce<hXG_aO6=vAHTpz&+5jhfP<0xWGmw=@Z*L&{^?W&6HtWh!+%1cf56!7FnDW
z$r7~Ht%<fT(fCVq?rX+np|}(~*42<4q<tD=^0W`?U(yg%1{sqb&vBMWz85u2qr<rM
zjVW?>U3vEDgdlP9xSCrVUdmRD4Cy3F)Q^jcf%RG|%8*VSACbtEEfXeTTnK5a<oXJc
z3ICHm<#@I^!q5If?JUEgt!chba=$mwR4z@@Ua`6yaJGnv+7^S*KQ9PiwHrjBDQT8v
z@$ScG<<&Zw72(8TXFv?#*`c7#E}vzJ;wPrWp>Zf;N#YN(zC7s2{)QQI&)@?|Oz{X8
z{)aDzl6g=%UT{?Le{%W}fQuVZ->gcKtWk+Yn-o$Eb^paNRjC>VlDutwwV#!5h1$GT
z91M|Nd{Bq==3q(ocy3cgDd63Te_!!&imBT^+v{(i*|aZl*%(|>##!ZDO*hJFu%21a
zoGuq8QW$C-G?`*A?g=G}y38AkWMWBV*DPrzS^i?KmV<FnH2aO|hS^?<qT-P0An|Fl
z;XqeeK`HdT^>1jrO}UJl?Fl00xAt>cvg}(%Y8}Qwb<`yJKK9P_U!taa>f6_?<HY2<
zzEOVKaSe*lQt9JA^krd^c=H9i)ARG$mSFHXnUS3Q4+dBzEBgOQnx`*pROf#<ewezR
zO90|<U)PUO=ig(2t{uh%&vt^cNA^@%OWytfJc5~;FP=JjM2!4L|4d+_`L3g!nb$1L
zjFp$ahJdZ2V#Q(Xr}P@W!V2ew#{&KSdTbpSDT?3`eM`<4?yqL@nmnt{T0fZc&eK{C
zk#+!yZO#HdqoaU2uLh{Z0n>u)6eorx;bWWU<Ok_Jnbgif$W(JV#!uHOgShR9ti^}P
z5y?5Z-U`a`E}x&7;oM2ZHgD-$lJQBRJv!!5_8!>_c47U`>qz{tZ8RD!xr1mGWXlQ6
zTtLH027dS|%MX^>YEdG;U6NyPtuUdI?k8%1sw{D}dYcL3g{vu&*O%H2=#_V&cQHmR
zz2BcxiCEJY!yh$>q_7R--v+({Z@FM7+vbDs!j^atd=n?AX1GPPwpw@|c69}V2m~;>
zBS7q*qb5=f+Wx_>>`;RhdK!(KhP<`q-_ggp1$qRqqDErN%{p|x381jC-|H?BkB0aS
zssfwC?&K!(6`5ZwC%hD8HU$M^?ni_M1%eXxny};#*@Lc3z;L8~d^zW^r`DV}IgI^Z
zRormL6rC_}2rq*r`F`MsHyA2WUA2`#eYsfe^zY>?KUi;;T5+itv`$F!)Eht4S^7@`
zxEqA#_Xbw*`-G=?K~eS=p_5y+Pqazw<v1@epF~B;KBd|K`@OUUSNg~Ni4@08rTMi*
z@y9O`7hmaOE}FwoGnn`%5+3%QHO;M9cxANfgmC1*a%=K;Eu8!F2*q}gSNXvPQXKlG
zFX5XVgibWWUuMDL=|X{(bLlpyxs}QD2RZY)sz*m<6q;9zUZo)9Hz~TYL`E-ihu~c~
zE1WYZ>y8PmrQ}Mpp8DRqU*89)wo4DJ^qX!6fL$&oyT!0&ewT$ARZY169`4R!BRm^f
zdL6k0wvUMnMA*3NjbJGOXXtdP{I0;KZ>1R+oZ<3+)rebS5Ps^7C?6)BY?9yPZ}>m$
z-(}*#?fB)3PJp9a)&dc_EF6Xmy|8o<$5m=$u(Q;ja5o8G=mc51taWz*87{WIX_1%x
zj=7KRa9S@cpMD7i+@rrRJ`miQ&97zRY(JNae1N~p<fzRFdn1G;@eo_`5S7y=`Cjl$
zE;G2LVY#A!@4n8I+$CjwY9199qs|M!K$<wRcGHA?s_oAh=sq~0JeL!XeSN7WM%R9Y
zW16|O>uwH-StC(UD7S~OS}uvZ!7l}0PogSBfLX0sQeQnJ4b0HMza?L}Xn~ZaYFc8!
zaJ8@!(=aElistq?C@`J3v&rAF?LRkRztj}U;ooBC;tTMP>DaS~!DuSS{|VY^e4KZB
zsao2uYZowhguNU8!`L|l3Bv<`b#2?WZQHhO+cv+oZQHhO+qQT6w=<pTp)+kxIV9H{
zl9%^vzEcgA^JcoOnpTcfo#hN%j{y%uhVv-#zEg%0Ky&DlbFaM%u6aMC(6jg&Sbz3~
zrjrP40Bhiw!qW8TkP5Wr@rdv&aL2;|X(n>u82@7t1A;!7lXj`g;fu36hYE?t(?V1C
z3KAr;@zO-JQ-UU@?=Yydpf=!XyHJs^W4!p_P8EX=c;1y31j*%E<yj+~lx~}diRz%p
z*GfnkSyz9JDmJ^4>z-VS9?DQ2<8c#f3I&ODkB4z80LA!dUQ><@upNMmk6(sh&}-hh
z-l!5?EvR2GIuc1H>2XNW)ZoGH>ywagkTGn+Mq9^;Lad!C^6<~Ec*z454J_h9ok`+w
zp!^yP-}K00;fw3tO?#Hm$Y_eB3QAO+3}HWYXK6)ng}vb6my*io>>)M$uf&&jiI66(
zI&09#=*;c7MJNa{73tl9Szx<lVw9QzZ0(!BP$(T|Jr}E4MV(xjCL{tQxZIijQJ#wp
z_!gC;RXi9oCgpo2To3DD>`!-{?ql{JEE>K4YG(s$7)-n?&HD^>BhlapZ*e>>S|`;<
zw%C$wzY~v=THtm3z#TQ|)xf?1_sk2|D)nL;CbyOx7?MaNE%2RN+C6JueUOK%?w9d4
zx*0#7Q}H?}$>aCF){bKPO`%ANe`bmiz%C=kOXC)h2q!$M^tFpdlg;;LJ#jY->|z{S
zv_|?4Q!zZa$5On;sK|(_(Ecv_`50Yp82%~o{?)T9EwxSin1&l;rABaxNgLmxP1i;}
zAC9{4QeHhnHKil|C+$JCX9Ou3eg<UhL>&=|^jvDGYyBbQjO*g}#`R*c&43|YR_5_l
z8AQe}<sbA8<JJUOl$Owkd^ssf;3aG%N%ub?pMP#zQxJMK+vx$T?Nhj(g7SVrL<!a$
zIt%XC+IL|)n-H>_$n#@PsNq-(YOQ8}+K~1--@vGPUm3{&DxM_Oo%Yp&NH%9t+1b#3
z$>v}5BD+SD=YLx>*2@aE=+KAWvF>_0bnwFj2HIj)*0`aJVc;?ilu-JzjX=zRuIV+?
zDB9l3q@yDw*t#eDiMWvzca~TK{9Xxc(x$ue{sRzS=A-`IXfTCqPSYb}GoomLJqaxj
z5AolU(0F!2<{Bb?1_HiCQm?NxW`E!Fx-U-n>;~4HE$oWB9H`lhNGtp|YiWI=eieEL
z=a^e%?=*%_ER7W6G|A4e6K?Atl#EOF#98X`T8>2Q=*JEj+>$Z%5bS6rvC^5T4eJ(E
zHNHugbVXm22<MMG7)e#}ucK$raNj$s!hdqn0wqsJbjVjM|FZluiDZT~e*U{K6NXx_
zQLv?i;FiFbF=;gHu@e1_0gjON04Cr}6rP=MPTno%H@4Ywz?1l3a5>**S3Cl0wRt2j
zmqT_Wau1hI09DJ>G%uzbqxy+5nt~BvDC-qH%!hn?q_!?rM3~Vn+~d`l;z8F62jnj-
zi7$f<Fc`g(jX}z&l8^srdm2ITw4nZ>>2T&fU)l{f%YXhhG)8B`CjL1>KLI1c{<Y)X
zQ&eE8cun1{vP*WTrF9glGn5(8&Pmbfr(9TgGLjaZ&wLptRh6}Oq8m4jDkQM`pdD%D
zK06FE^>vmbHQ3p<pfr^$Etu`^)?)!lxT8GCl6aAS{!o$-$Ce>)Kd!zt=`lR_zW^EG
zQaS~x;yM(`sjFi6B*O^XCs4KcM$Zja2&hSph*2ryUQx+!<NKnUd4v@uSkbzm%5QDk
zP>$qLzW>0(QUv;5x%G;&@LA>KRv4?iI|7Anc<`Z-S$!(h!P*XsHD$73lvO9uvchcW
zEDbQf1t3#Olo!mtC68@P3k_i<1`zfaAR@ajpG>vCmbPGPhj0VsIM%R0MCi`)Q?$y7
z&6D*7do(A#aH1>n0$s)jr<Ei<=<X^meZ+beE}6)3ouWDeKj0C7A6@l-9=nNkcf)!;
zg^k{+hZl$4M==G9k24dz=JwncC)vV}0{!=lC%pSIqJPzwR43si`uE$j4?J8(Yi(L`
z?L^b)##DSg#z!+vTgG9Hc#OV1U*`C&Y8hPXp{mC>Es@?`$)ac^UEjo(uTEesMewho
z9IK5d<>NJ3Q_gUc7SrCxs9XyhU)Ow8$IrS9|AD&_hcjpVBI$U_fDOQXs_CsV-}Ndn
zSfZETn3=RYd0V7KkugX@gja!vC}(osUSy*UO8T*N4WEKnd<O8X8~B<GMRitrS$j#8
z14%&5_-Jar9+U%CKi_V8Pg<2T7eVN+HA?~T*IF=ua%x4PFB^8un09>jXIo1v6mX-7
z9nthFd3jGQq@=`@sz#5w$YTMAjwVrN{I}PgRTYW&cqg0C<1wY<Yl%7TktgjEP>QVF
zPANy8&cKZdB-C1ObRz;8EOsvyr-=R*(l;VjI0|L1`qbv7bM7PnH8zBG)UYxl$G+XD
zkP~?~Vaju(y|R*PNM{`3^HlWC%g@JpT9F5Q9<^yFDFR~Z6co+IeVR{4adskrl9F{O
zti?0xrMtE3SBiPJ4n~epKy|ssy-mifYc42vi&kZfo4-5%^TcidoQfy_VU#E^U)!+}
zpS?12E>{y@UdofB(LP9b>Z+*pkcDnHN@Hc~@`A2wf|yJ{N+C?kDyq9<jhq5L)>k%O
z@CwG*V5)j6_3mvo*dWF+NTIAi0z<}~oSl09E=);W!jDc7i=uZL!16Z;y9vFWYNKpt
z#`bkK>`gdj4wH>OF0*Z0GmsH8X<Fza3mRxXO6NE=G$^mX>h==()X1<q5`zpkNY5u*
z+~!qH*gE(cVBp9+SvmM#eH26=TYBLW;@wmG>Kb$)Ud?S|+d{%>wp<}lm#9)ow-U&C
zcXG_QLFkjy;B02I`f8G&)pezr*+{?TLQ>FwEiLV8ESx>T<TZ+Ka#}<>QTIn)^eTJ7
z3uov?h2ZF!tyx}M<k8fL?_Nkx3PFP)wAr(Ob1~IET4Wc%<e+K91ZJdU`lC_q?BdFl
z9#WRvL%?pBK>HT*fUic$&C*(8hd{Dfp*v8qso(z~yu>NWc&V0XqtEbJRmcPx+c!bm
z_$ZIwTN|6|crf2;WlFV$6*+X?6vhW4rzXZUnT94{(>T%Vg14f<d#OuveuP*8*XEI;
z@rZ6mw>9(IW~^*~t@QIx8-(#WdKEaeAzl*F&ACxo*A~HfyR8@bdc$iSD#hkPZ!9U9
zc6Bj7>$Rvm1YLB7ou=ib<p)laR^-oEX~>>ikGqBkc(A*J_k`gKXR~S|@U`M;Y0BQj
z06M~ND61`Zr5dTK!k=lko-T#*n(z-jQ9#1aVe(hZT&DuKX&E^hpdiQ$GdS}_e)zH#
zw+ql%DMSB;)p^p<ix&gz;7RqnmG!D=Z!68vPbz|3K9@PiT!L#U+jD2ofJnb=SXKI7
zFT+~mu6#rciN}=jMM;8YWZ!Dinu9EH5L-PXgqW}iU^iP`A8aa_RPV6@Hk4bb5X1};
zstt$PyI3aUG8Ke9%ird#AU6w;x$A6-8B|Ov)}(&HH$wqx0JK=+#(XN=6q0l0R=q10
zp&uhq3m2aY(dG0o{3Ye;IC-46k+|v1_54I@_QsZFderr3g$eao$>_lWNgb}d(JQca
zou_YO-&4J$PIl$f_aJp_uvde(eaW!+gv{C`!PNisJaLU^Q5?_xnndu(Kz4KwBWpY@
zT_3yRtZ`PyTenHdA#^bt*=2p+0&5ay!A`;Jz2-5h7jj54=;d1FHZ+MZH>d|^7o>wO
z4aO!umM|jAuTHf@Ub89R_Zc~TF#>MQb{%Mihzg*D(F@5=Su$6p9R_j%;VN3DS92KT
zo5;bUj5vm7f0Y{87#0X$&&%(;vDC^C`~V_2qKr494CMs0h8*xhfoq#L)u*JBKEwqC
z%E_-jSSV{iEk22I)@JvCtn50s`46=cF}9s)ODC#}5bz>gy>1TV$M%cl$>k11WjT+N
zNvA}2kFR0S<W(_w-eF&0^}rU?=U+=l!CW`k%4e)a8Co+fr?B3cCtFe2bP9*QDoKuu
zPIorr!mD4DI#55rPQKs0-u`z|sT?yO6eQX;1p;QoziApl0Tj4|woH%ZO-w6IA;}w&
zlAhyUL0ss_zRv0ICFP3&{R4t}hW2>)2j%&9;w#XXfDvenB;w?a25mazZW?CSAqV!c
z6Anzs(%fupu6dfD?uY((Tu<o4=<E2cv(yAQ6XniP{%2kPAWv4`+CQ^`{~G);BBW3{
zf>fjmKUzS=K7>zc+O-pU9KiA;QQpXSKR!7oT0q;5D3`hh@aB`n?PMw#qUw_3+b9aL
zS~!s^$L0e5RMpp}Pr=3)BKch8rRvsvZ3=1Z!||5Ya^xw*Ku(MdVp~l7O&d*frRe0@
zkmZiIny85Ja31}WL8R5`OW!rQ7Z_n1$)=XSZuhwBLlbIoiU4-iCT6{QEYgl&Am(z%
z6D$*AX>z9bD_bbZQCjw4<Z>`@L>|f1pt9Q=(X21ajC$cC9>P+-W*zINS7ruuB9uMs
zsP9hf^JNgd0jr)?2;Q8H&_(Iy9{544dIs+m5$425JCL(IaM0%=R^bx=OG7In`>*FD
z(_8;;VYI9XVi~LPw~K_F99x5#jNOrLtR<A{NMXxJ^L(`%85aIRHJbbZ)q<P{+UEX8
zYSuyNlE8m)eR|fJ8wi+W?2J}<34X)tF%BO&Ho;qMb!*4G7~Hz%xq!bYtC&O~VkEM^
zvDnY@u4NbsG~aR5Wzn|(EGF(yu8imq9b9t=SvE9aI)<AxYv=a5Up>gKacld`$d@^v
zig27e@q010xNF6P%4>*jnwGyT%U+_pF1HeY-sx(ehMl|M<<xMBzc$$dngV0$-%83S
zsph*s5Gu&!SJ^*7N11Cvthu{;NWiq&-#nheB5WD*SZgM5$a~;47bG}9mY=C@K*~41
zso<d(%(n*PHKd9<xU$hB;1poD#Bn5hp_H{Sj8x`f2VC*0Tt5wD5$vMBOZQviV7J%P
zRqsq>RScWmrF(R~^+M!@5k~;u<QG83FlK#XMw(p#AE;9~-44zEoajz9Wt0`-wa%aN
zyn%lC<qr^l_k>!#uA{L!3ROAw!IcO)RwCZyysbU(8I4!upDO$k^m#!$^b4iVM7&~#
zX_D8ABr$v+2?G2ps6sgBGkDf4I@+B+Mr;gzRask#u1DgPR(n#{8|ONE?$=4v=vfF(
z-YH10X+JAOl3guwfzvYhJ#;nfmq|2Z9UwMVy?BnEz<0PEtaMMTjiZceO{SO~@>ZoX
z^!)<^1hEyo1(a)2mOC25UBCF*BmEAD$*w?}09yC&?~&NV7JD;pWJ~`|)G|Gj%?)*h
zFP&2jxd0h$lfF{N5xXwfUi;MOO6@0ZaG_}xyIY^nv&K>jC}(kFZ&NGa4}Hc$W*d>T
zlFGYYXM2ENU4+^5s=GSXw!huhA@<b6a(HAh6#VoUxaiUwCXBeXL1Ngvh5QBxjG$gH
zRJo^~9;XV{c&g<<YQk5a!CZ4=Al-rdHZ}qx;)JqouFoH&j?+|G=^diiF784epivm2
zO66z-Plx&_PsFv4=B+S9xnr<;nvlvENtyn!wxJG&FhPI`)C)BwlI$BJ`2#pZkvpWZ
z!~h?MlSGJdv&mE6!H)5(|ANr1_z*-tyTaP9{VfJWM`><7ZA2^KE9tf+vS07*m$7!>
zF!1hjZ#Rt_sjm->8?fIGDbs?)Y`^QAXz!#6FcRN_7Px@9@JtZijzlWUDN#h*&?J{I
zg9Anky*rG(W~fPtnNTW_EG7me!@s$XtG!Y8(!O(h$|Iedc@yqYsEof1iNX0Z@)Fj^
z|7m6{r3-?-#$l-jGu3&|f*c&sYuXLI(LDTy?<wNf+l$^1T%fWd(MmkAU7FFiE5N_5
zheBwqsrHdiaMKUnN5laHD(&8~XV=Q;jPpf$(}aXcD5)e)ZJ}(nwQw_F!4}-Cp_}&^
z#FU0tQDIVxGSF%E>uEYG7<^?N>-*6A=erDM-$=a+Z%kzsE^R!_Zajx(g06Lg4*U&X
zgRp!p4+@i(UFhDh=jgZ&6xHqoD15|F%e_LHA$*x}npXJ!`ocW>%G*J(LC}0lGn_Qv
zaqz#rQYFm#4`=)3{SI{$YB6T^9HBD8>0UH{)`)a@Rj*m;!LTW1;`W64?Ey7A<+wN1
zxvUkrKa^zn$%Hq`;OH}HUtQvX>>@cS{pndS?9g|^uv`Uyewjt-dLE4wd$+djpbyxu
zGaTOlR6?MT@H}Puims)C0bKvD@)YL(mpp}&k(C*WUdGhU+{NO*#s7Osz{$?a^uN?8
z1W@#1mNqV?P6YH~Hij;yBBsXnCZ<q)d{E9VPNs&oP#&AM?xqU5JB_q(1G>OA+dDY`
z1FY>=U~G+!khlM9U~TW{1_{>#ba3u<oNarl)~)8<E)-eE;Wb&S(NZx<a@RL)x_c8~
zBV#jD^9!gxW&v?i!;=T3WB?~bNo^xqT*EX1OJi^Ye*k6*Fb7c0<Mofi8JL@z3Ks)K
zY;E|vgJ^1S0b9sk`~m`Ev5lG$X#XP?7@8fOMK!U4L~wC+MRj#`GIVo6H2d8uh5`Y~
zrVRve{s)UdP+MG0TSNhxpQ5A!E&(_oAa0Bu&=?&FJB~sC&jcEj6W{{i%q<=;(}x^T
zfx8a#OfM@p{RaWi1%#XP2gU5(+yqMDqxwZuQCtr8PBmLd2FC!F1$bQY-*=OoocF)R
zz|y$Zzsxwq{qMc;(f7WD3IC!$HQb#)Tt?!?2Eb{7(pdoHd{Bs(@kjbSlm1gTfLs3|
zGrHG5${*C@XLbC5*Sc^Q0OtG;{nqH%*un-{1OaM0bL+c97#9$V^$bAVfdG5A*3tdH
z`WRb5w!Oc;?myFU4(z{|1L*a`I_K)YFafzl0{8q3rty!umD5o+f7(y*HIUygJ(K`5
z0`x8aH{id|hc~gA>;C_Czm4}9e>)RIkE(N`l9Gn~(e?A6)EOvqGb5}6<zIfUNgInd
z{Q><Yr^E{W?dJYPe9W-{uK&`jGq|~dbO5_(X8g6_RsVhdB47OBOUq2p?j%LVhNJcm
z4~#+^92uB{-#a#V|M5G?>f+!A8l3sV{BckDKl-CVLb!lu64lafWk7*wmb8W>fBDd6
z*94fR=ddZ6YnTP=WL$QvjsU=FW@6&$A?;Qmo^}u-&%I|s+~{48Z?h(0j{zmblam#V
z4?d?s=0#Id(fC-k>Zv~JUk<_48n8gv$f6q74%z1{t*rqiUyyS$JI`91;7Wxu6t5S?
zOmcl1F0>t~q2u){xqPyuV{+k-_xpxfJ!?+w2T>y@ob|Al&v*Ch9$QlZ2~Pz%`F{;5
z<N)b+TaTS{)Rh>3Z2lVZ=7?ITBM2^|`u8Q_eD`qZV-a{2^jq@}0WtWx*!mTxwmVYz
zRwU<!AlW;)zn%@MNYJi~M8{ZRCA^pzAtPrZd!Gl*_fE7?ojpdUx@$<|$sX)pXz1>j
zB}G4In!sXI<i4qK1Mh)Bt{%YpybfY3Lzw^xGLx~L6x5l`Al2j&)}`6zWxjIzD~&Tw
zVpKNC{|g!6YZM&v(~KXY*;g~Y@wB|`A@<ROc7Y>;5ae`NqblLP>%|@I${IZ`ygGc_
zmwrWngX0rPeAg)qzfAV6K5w5A-Px#dDV(2DdnfkfMr^3t@#l$aqdM7ArUzuXkH!x|
z<A}p%O=uZQIQ)=G^W6Q#G~ejchAK=eXvxi=h-<c##`?z<1BncfgS;vAExd4MeC`vN
z4BjJhiJV^W!4!z@TXRcEMp!Xfzk#?QJz-c-)K;)G6fOSWb<3am<3mLDD#y8|(t^!n
z=4zuG-Wi4!)IBch?>Y(|vNzFN!WlOX%q~=cQz-x3q8dAx>sNGX1-iJ1dD8OmiR@e`
z_iwf31%M556fbfa(kyN`g3g=m$GO5{;XzuMPO5eZ@=a7@XxuMm1}v*N>$6;1y#pd)
z(bS7<vq76>Ev9T7FHdts=s_6ZLzS>9JtSm&Wl$`}M`b1KEs}`-*pa%6Frm#026j41
z@}Bl1zsMw<<y{W`KNl+b@3yz3VVg2McKmU5A7bZ{;yC<#ydSGmD{!(7|F2(}l{1dw
z5R{LM>eLd&b}i&0I}_zYGqOd#il&a($+m%J=3Ty<Mp})oG3tBZJ32!r3-_$$c>|Qj
zb`42%h9P=UXJL5FnPV3v!58HxYR8o^&C$DaR~0MG_NL?Z$q<<7--DEsGY&}6G}Em)
zx~i*?G;}+mFu>@vJ?s1yp~A8QzRaY{L0~75_s_?-nG86D_7L<PqJBMR2_Y2%GA`TU
z&txwTZaWcfq$QwWtJVzOi^9f&8*A1YcfpcE1jpa$2E~ybx(kC)@e6A&lP=--@ykaT
z@XeX&X#M#!rx=sp>=jpj)7v!ZmBwaDoOP^pw9SsTu&OnGb})LfB*WnXOA*#IPMBd;
z<y68KC3uZz3@Z7-sj`=Fcqh0nUeR|QhzM-51<E2@YGkcG#`TqGFC{lWT&BAP;z{KD
z5X0xtcLZxZ-AKM{-OKXGf2cXqk#w6;3~-sv$}bzuo(T2<g%nckxnMccHZ2H@6Q*rW
zCrl9>mMXWx7A$s=klFSc+y^k&_P7B81AXqRwjIUabDamPlhK}EWcqdG*|Dq~_0^lP
z51x04<8sece?A%m)$gmk^rfVloTL=61jcqcZ3p(0(a^JtSse(jJSIE>9Q;bgy^S|m
zJfR1)4F-cYwWAfPaz9iFS&$g1nPj9qf5bs7vr9>@liXHEWs*hc=9P}~1+zbLdR<M3
ze7L5ufLD&lj9PNl9iLdJ!NX2(!g*3|Z9fcT{iC;QNmJ6jI88ry0~Xr9hYI{aEHt*`
z3}k5?zk7vEs}r3h7zevv&;c&KAZ6n32kelx=8D_!B!pp)we0ohWcq=N*Sr^&9Y_UH
zw^E+kKvfSYcG9G|&hQ;#o{t0lvLyh)?4jcVX!IYgzuQ_7m?e#1q6nO>!<|MQRI?PX
z+bDhd`lgMLsRDvEUX^UX^tZ`bX<h??IS(z?DK*yN(tD_G;6~jVIdsAd)R6C+4-}Mv
z+=!MCSv@|dX<Au6VeLz}Qclo@aq`(6VB#6|_Njo;kW~=qV=`-^V92XPu3dze^b}IJ
zCq_I-phLhCDwi3{t$8x#+ROq}9k=slyN$PugbVV(X&p`X6|Caz8LawVhC|A@@am-{
zmNs*KgOsTLu%Fcu(EmAtAuZsMr?$w_>c(Kw^5o&HYhk>UxY~VqVx}#yf)(2`!7U|J
zLW};ZHk|d0Zy}P4inE3O=5uLQJ&HkEva<B!8|jwN-n2c2=krq{rkTA<wSg6VY&Ma4
zWJQJM8zIyQrJ^!Du)Yjbj$R2+NG1!XD<kL%eUxy3Q|&y#lw32UH)33&nk~2VwxWM@
zVhri+gi85!kVC4YCf{IDmuaqgJ*G}|)LX6iU7*7J6CG=;)8VLY5ujMIHr7k1m#r?p
zcG)l7VwF>YbDG$oioMn?qMucNwle#8(6SpGsa=WeTxAKYn$c-A4_x1{QEZkDVA+4r
zeUhp|rbD%}ofP8@<CXar^xegV##Zc5lW6fWH{F{LZ!a{%f3`Nzi}<0pL3>f04_07V
zJy~LO+rpL=C%~reMwkes2-d$F5u*6I-i3F}^0xCEkXn|QF#3@7oD@rscqoH2;+JOv
zI?tPF9CYCO(<$L<1w@6E<3J4vqaB0pC2{0gt=~jQgwEu=gLg#_Y^!qzbNbE-2F;qA
z(ri4TWX$HTi#o$GlW2K(_Wk86b8(+W9Q#g3T7y>wv4914x-{>S*Y_{tN)~k`sgPit
zXDq4#pD_oGe(RlrTz_#-mBkDT%`FP5ZM`Z|JcFK$>JtI%y$qR%q3`gdvnGlaZHqmM
zxX`7TZ+J7~$6KZ8mKkrFBaQBz2#hZ}juE1i<W!!W=_08fpzvs>gU(;~uxz%m)W>0=
zOECNUee)8hnMxu4NwB;qktqbU^{7jMxIxg0?oKA1)iN(4k=w&%f!S3*R$n~V;LI_f
zjHG7$-Hm;mS{=P8dhE7}$Ei<?In|DaHsn6N2iy(Ddt0rmq17oVPW3w>5LvDG@@#s(
zYA-|==54iwlxZk5YnJ_9<a1cDk`cZY41!v`M;#Q)daK|oh(<{Jr;g0@-P0(jkUMIg
zx%7$Qi_9Q2a^s!(hW1cJ9az(t6lDVn_fRC5&G#4B)%i3`pz#<Wjl2BSzFWwVHL6Fq
zvOI;FL^^(dfQ)D2WE&xwD1D|$TQ$q6-Q6L1ew@wv+jk<+KCDd5!*#$a!gblA<O)@f
z6mEvjS{Hwv=SjJlD{@N15Qv7cEJzQJ%apjQ0s4S3gTSxcLSq5$n=wlT%Th1I0t5M9
z!f#1Vd>k1Xlrex>PhPDz=NWD-YlQD#bj;)99ob@8D=H~IKfG3Y_Xec*9POb|xpLY5
zQHrDmCzPMuk5#FQFn}0FNl_Gk6miMF8lbU`T@DJ+AILO_13uLw5MCbHL~Xwp8Bv^7
zn};ODJ1Kqu?}gwj@HR)<vU!aZDGtdX7e_4l(P)`{(hcP`CwB@Fd2>$`1i!*J@{R4&
z1F<;*US!peq>e%bk}0@mdBUGF=)Jnp7-55V1>H+OVU`5kOzq14n;bqsszU}ed&Bc4
z8%Azw(aVwMD~aE1vqJ|EGBzZ6$1R3RbHz92I%4G_#L9$RLyZoGUgf?~T)m<9gi)dY
z+U^i8JI;;r4q0O4+i(zS#2?_`DMd;gj+UI#-+qa^9@z!Wka9j+s+xD*nE3p=Xp<q`
z)h}^CKXrk>#HLgZ@{6phXh4`jzIta5R5?LrPwhQn)zpe0#aO!UF|sH6Tgg{@{HiR-
z=^+!9ww^TP9Kd=1A}8weF|0<;_#Z=15|UCcBF5gf=AsT=IO<MoJ{FK{(Bk;SgOgIf
zq*&rBsFG4Z#ksfjkyDxc18N6h9M&=<*%?X@=T_Et@tQBy#>cMWyRniJznIgf-;Can
zuebWj2T4{r&MZaiDSKvEqQNDqBb!fWP+8d3c{CK3G2*Mlg$tU};l9p%Z0|l!`2qbw
zM<kVJ6J0B<`5Equ??v%sg&rfIBVV0ETex7E5KW#MYGJHCqY6H2(}7+1CqRnRiUu=Y
zAm36BeJUUhDv9u5#5XHdxVN<G(*RywgchXy=wd^Vu1nWKX%%~94zWL_)bi!08;lMv
z{hVa`(43dhWsQ2b=eIP<nCjqD8IXV~rEj#jgD9!9Xn@$3*@5ABM5SrGg43}vaS~{S
z;C5Uv6XtLVDlT)AOO*(F(lSCT$zs10_-WU$?kWn1XjcVaC{A?L(+EWOeu`L`$BW;U
z?1j_bfOy_Bg`u-`;B?83S+eK&|Mi1|^L5&%W;`&sj;p<*;bv)NNxsFKr1)9_g?{D1
zIMUHe1H2-MY4vw!UkWHy?*8Lu6Cq!0P=)0#2g%y%6v23+g{xLFU9LsGR9_`12XLTm
z2?tQmgPL|xk~}<})V}Cg+NJynO9sLWmi8`18@Tay$u-0_!&4^QdGc$k!bp7Ah9It{
zSGODNZ}@`yK3Z6sdR;AB9|ScpIQ6v@F4Jpa-aOgwrDxNOV3ib0liZKxGqtB94_&L`
zqH1&c7Jcpr0p<i&Ql-$ZAUVEs+Z7mIIS+>Bi%;8#Q`dUqu!m~lHS-h^37ea6{}q3K
z?t*u1X@Lu(y%;c$=k7B0lrf8oOT#G&BDb&Scf~XO!6e%B<i05V@F42|!+rjphZn;^
zjo?-NCir?5378Q#RUEZ3YVo2ZpxJ8sToOvpW>f35A`8lPz#vBB6g`T>vRWl=Hq#b`
z%RVB(3jx$DtG~09G@uVnpK$liOrJcK!(Sx7WEr!k--C$KmiiP3N?E$1H5UeVCZ@cL
z)I4s+9lb9GRhX;MVWJ4YkGoO$x<j=->9J`F9&lnD@5&Uq+L60|jKy156sM+OX}uq+
zp=DHAvMObeGz`87geufy0a<l%{ZY|j&X^;Swr14b))5&vu_SiY7Av2@Gs$kFlQ5yh
z`9OYXBUNDlEmu=zX8pFp0ylfY*cHP)Mb3@l3>u<^@!Q9y`CbL0l0fvebh6alFUAi5
zrB0vc-rv->Q-esDB=QNtO<5o$@y}v5?fDKbrIt~R9}oM7?{9-ESh01N6B3&+tMK-7
zrBb3WK*<|!CFH3e^Y%=Ax|(&ot!~*IE>!luu2|_e#}f;^#%{X37qck3HtxFaA?PGo
z&TY(6^x&7)fk%mMF(-p^Z3kLXI2~USdkWd7!d`QbOzDmyoEUSlgVdu8bSKTI?{x=t
zDMK6~Pv9#@J)`LxwSHO(CGEePLJQ?Obn~Td0F#~#!E+{AA1TOtNnYy3M>rgd!OVjx
zT9>QLDYK>vtr`;R5CAqV55KBu4JsLLWZKH~Zx;W1c+H75)HiMb55nz@2L4R*4g*g(
zrqFwk)md7TQzvb$4~jL%ex%i7;Zvw*79N9~9nC%-y$S049Ech5Hna&~ihn-o%sfw)
zwLn}xLx0cB_)|1_28EpD>&UexTP-i#X$>E5LH1=nzl5_sOB=G~#3Qo!zktD`@R{~K
zx;JtdDf;bAz^xzR*kVS<9DkV7ZXpvk>e3CD%2r9ehdqP8oDUfnRWzE+73UemQ~N^N
zA#(?S!wh~M0b#|XdkBGThA7xX;?3H$ns4AW_EbSTNo=unjUH7Os3+BgWhUMdS_Zc-
zAJ$5Z>!sp%fc9{rW4d3>J?ErCSLN|L&iAIuL+9nAPG6$>zhJRIui|dzdtehj3sIl*
z4M~0;^tLgsy04@)C+2ft*>{<`)Ax@|vNfXMPg+||R!Y=x`@<e@^b*=10V7V|{T#Ni
zgYmQZ;kPNi1lRGTgWMx6-?=jYBi*gXl^_V+pYlDlsjP0zg7=VSUgZTI{rOwtia3EH
zU+Xg+iye8ZI*Vmy?;UysVx<Gf6UgDTe){$GL54f!v1NFWJEbs8>Q4=5_-#Kr%}lBg
z)cqfpw61%ATxtE+H0v<eRhc&(mRw%kpcZJxNp#&ld+G;k9}gpiwEDf>LJ1~uPFy=i
zjhv_O)%}**W<1A1LrKN4Mi9)N&33cULj4CIpj8M>-1z~M(jt8FR#<8FCw^^I^kgIN
z<&l)C-8)dOd&?e5M**o7mT6W8e8dk(^<^J!$@i(BN97f5?q==Bv4%SdR}FqnLbJ)4
z_9v$4sS0GeO%{{p8K<=N+gMm{5;MW`osHGXgIY>VB5^j1FuBPn1md;$(RAM*wW!r`
zHQ7aK+$T>Spshq%O|Vq?z3d^V%%49Q#S!e;pT$~QEG&bH9@xP0gNSJKEB#!j-s%-_
zXS<w}_A5j&CFl5?mXb+aQcSV;XZ{q#{tw7ZY;s4*3OI;NA$3qs{Q^M#qf2olp%qQa
zp;@|w;ngJD>#v7YeH~q2>XDz@=5z9ni{AK@($1x&cA6sR^a&O_#h>Vj7?t^zuJ!g#
zZJ=QLCx@(<L_zb1CpxJ0QWmKEiWaxHWZyPjeDFuvobaaXt^c0f((_Bx`EFQT>zqgQ
zzm6&%BI`#;yb>@T5X3e7#yH@+3eG1-EdwQ*eK$)daUA~ydgPP3eRyigMqmuT*oCFr
zQpB~$c@bT%9E+5`oa6wn&F}`n6(CyYQt9n+MtZ`hM{a?A2|SLqG9zTdb3HJvU5c&m
zR~(Zfc+bCjIx+=|5LD7M$TEkyTRhGH-QG!CDDmz_s80X2xu4C<7AfMPMkQ$nvl^pQ
z=&CKr`9^jLR5X6Y?HFpYL<zGu0-LtIZfE^^((@xMV!P=nF@%$&z|L&^%ZOOC*SGe`
zO)i+1&u6eUc4ilsbSEUBf#?{_xQ9N8V82SBo8nuJ4a3K6g45~RVt+ls>?}z>4vPK7
z6w#QS*HZ=2eumCVG+OJ(3P>S-j;Fzzl1NqzzLQV{>eGW3Gy7ZDtoMpO1PUu?i&j@!
zU;F4~62Eb)g7{C>;z{;Jn5K*Tmq|%Ov#cDXIjxUWG>x^@wdD+ZvbJUB${cWFx|>T`
z?}GU=^CGdh5BLlA`w&(%;RqeyMW6rD{eS>(6xXhe*s$ms7QY3ZL;C^e&IKb_Jm!6+
z;sciYB#oVA3l|kG@Ls*P_TN!*MHSUhZZlDJ&}~BzFeuV#Z{2FMm!D`tuXsk_N!rcl
z{`z>LB!p~+8|9#>W0KH8n$jvAr-Noh%+40vT)k7kc02cV-s{ZsLlCTuW4s<<9zULj
zyM9TT1aoa>mfj{I`CzR4XOMDjDDt_ip7Gm^@L(ZjFL68pX99W%vLP#`xtj+b^zv5q
zK+#lVj5rhe>@wLjnx-p;=o1Y@E)M4))rh%4e>sdr&RDfg>a1-$Ku(72y{>J>S8{*q
zH5h;Tb`9s3glzNEfZt4F@Lg32d~~9~etAA8tfY)`9!JT`P(^-ko;Zt|i;!yfLfrL@
z{2!obQrc)U7JzSw7f-+F;Z%_v1+te4Oe91k-Yl{cSgz0%lNVZzErR!AdFGr(zj>2H
z?^YF#9%FwWy)sT+?kv{~ts^M>A_)r=C3CaEx<T>Nh$Qzjy6{#g#!&4Mn+7=;o1p=J
zeTC-CXw=!z_n6&l$>V$T5cg8wOEV-HwZNL+E>A-IO2=DMYy<}r9$D;L>i({bS+pGO
z&B}4};k|)6-`!r~pjJ&+7p6GTjH8UJEc_K(hVM-s>i5w^q&RWXflYYF&Y#y8uUq=Q
zk#mQBIQaBoO<t#H#1T#5a;IDxGE2LPT9qM$yDV{YIb0PJHQq$9i|Aumj3Vl<lc`m=
zv>k@bg1xtIV0aXnB}uaC0y%&=0U1h|l2&kcgz3ukmONJ=Cu1Vqqgm;;?ZdLTG{YF$
zusW%YL5xsl!^%S}2DVD0QZt`6gJSqmgS$-oPk@%5?<~4_%AAYO%W*gtlHC(Et%PvJ
zBi<^Lm2ZBfIX^7#{o3$1hY!__4Ep3`BIVT<^T?j-s!%@jl~AP#f5=I>%_R$Aq^QP8
z!v0i*M4I#=3K}f2SmIr=VH+j*hpf#bu=L<cYQd8%Byf>>{6mPc2gvs=@)5*|JI48?
zGw*W;_{^D{2T={F(MmVU#hNPx!=MKZIOJ3nIO*&4ZEmZ~6STXz3HJc9Mi}{sV?7?~
zTctve13jVEK&goMU-p9HB|=1*JFQYMa%&zCo`9muoN?#sK6nh@R7JSJ4$9$HZ;E=o
z2PtVus)+y~YoO*JmY{URnYqQI_I&;lJ@ffLR87BTXb&z-MGCNl;uq;o`Cl6oc2(p!
z&%Tu?cc`?19y*~KiD#4SlD53(xam}{%R6yj<Qg-Vboto=ZB=N(RD>VT%y~I_IZ&G&
zcu43NjBc5%-}MrLNhm=@)}8~sC44p)2yWctSQKvd#a)2NqucTv&@<m<d+#rjcHdok
z`uZ5WU>TX!osaVtRQpbHV%!D24aev_fojhOrjxt)U8c!n?=DOi_DaN?1>j^+<Qq@W
zO)V+;bw;qNBg99{0jH;CmX+I+qZMt%E>t{Zr}Ok`TujEFl!f`9*GW<Pymn0h_+Q#=
ztSu0Xu+3~^3yJD7=Zt|$GCe$pt}d=XK)RHLZQWLAyy@oDU(p^lo9?LY?8;Sy8W;5g
z3;pyp!7|C7Gx%u<>}K~K7xUC%r1NZ(xKx-{RB4YLX?F+P2H*eClSbIJU?Sz742!+7
z#y(#f>()=!ZWgttRU&P*W+~wbOt7KzEaH0VSy}J-q%Ygr0Zs47TrkyR-b5&lKcyO}
zLf#kmO%8MS;vC15wrYn)wG8{gXTNUvv5AK-W6vEKC>ZXyj(>yhy#to=x%Q;#awu~A
zV)(S5n!cFB^k!{?!L|<He0bEEq%@?qqu6SsY&Kx?TFFE1ZTTJ1R*Y6BBjQTZ#U%r4
zjYiAe&={TzBT9^tub$ZMG26ZPro<Yj?io}A8K&!bP6FsStKs2$l0PeuP`o#F4XTOH
zel=~#==>)qbiEO3p2jr=MmmBiRJ9dYXh)vLLGK+TfLUG2!>=2RDVVRiuU?zJsGAlM
zC<#r*3Heb>#f9&N0)kDEZEM{G04tYsH+bA+^db6no<%E<>(HLJ!%KkQ=#l_Tl)rE>
zV&@EY#$bZ&Tegy{(vcgWwtk8%G!WC0L{DW`$k8NMaREl5v_$^??;Kf?^UKXLN&_zp
zU56tq4zY<#X#^7z1sJ2Oa+AaycwRzxjZK`51qHnq$~ZHxSx418_~1z-ixiixwsL=9
zyl6atynl4wBEE+Bijy~D4gy7}JV-oP_65*<-FEJ0w4g&9nP_A?>T`r7G~^<?;@$mK
zcwow7T`3PG5XD97P&g8@>EdF91_%^{&M?9<17PL~(&~iTc16@%oIrIb0}pZA5YSbd
zux;<yHeqZ}!w8%ne7JQSzU;~`L=&Hfek-FLU8dR@d~3$2!NMxowAXK=lhAR`!Qaxe
zyA39ep<Lj`2L4<xwU;67h}87bXoI=ZdRWbyNmIw`h!v%K%BjiEp}%ZAW&4U@NM%Iu
z2Tu{q2?gfw0M=K{-P1B}X1^l1apXSPs3+`bFb*={`Pb4r!*EsJ5Z|(e8LIkR?AM-+
z(d)-T^ovL5d4oZ}tzuF0<9i&=`;Ge$aaPvDWZ1F5PqHt=$%~4IKXN7<KYL6C{|*t`
zmZdd3GURPbwo5wJkQQ6`GSZ-2G&u$pF7;^AeBL_>hJ8&W;b}WMYsy3{s|FDmS4Zdo
zKjkPNX{XlW;t%=@WhsD%qoVl5c5y$wh~Cr?uP8lMk5TNJWP>E>i*Mi=V@$^5Opw$$
zy<B<)p*_%Gi*^UIOc52CvMPjW({!q8yH{m3LV^^S!n28-xh1aEeGL+OuyL&|vo~#o
zx&$O%g}$20m=o=s;<cP1e2&p!91miu86zMv)$u$<Pg;VZ$;?P~VtmP*ynu$E^yIn6
z9%p?Mkben-EgvFzwj-O*`Nj@pbSt?tU>MCq@9IBN`Sj-^^4|Q~3b#9IA*BXP_o|gn
zh_OI+S=~jM)e?d$=!E%nyZ^An(nnBP$FE@g@YwNYj;zyPT70&Ol%!$FWD+!@NH2!7
znT?R4K1^RnXk`0!;&xQR|1}{t1AZ{xtRffU0PEF?e+e*5LDs86a(9%zkHnLnXG(!=
zIg6+_lCFhH{ig47GeuUI<aJZj{|fAN%|4Ut#~9x=_0ajh8?x)~VMJ$4vtrDyAq~mW
z(v~Mq+!k;q{vp?vUsXr+PvR6L_&<Ql-%gv*NbLX-G@Pj5E^8s5Utk7`r}m!dGjRj#
zyt7f$*mddwQ{WtXnX$`2Gu$R$+QS^Ii5+qbkMbXhhvJ=42L?vPodus`Rbl^JCbjY-
zxs3UIK$s8W8DfAJP@95jxgQd)NR{uuv$SqyC()6QS-hv3wBYR6+P}uRh`aO8^hXf6
z-_SSp3*MXHouPY(3Q3)oRP1H7b96VOfOwitQVM#mC918Qrw54fV5JT2e0$SA5>3^=
zfDyl~(V4Hc8e$(0wCTRr=b9SE*UQ-TFT9}zfytFI-H#M@hoe;Cst0r@8c=r-)fxUt
z41gF_0MmCzzwF|hKH(Mb6Rqtc%R;7~L~jJPZsU42&LJkKtVvZbtY&aI#7?pkgdXa%
zlw9!<pZ~)cl;EC?+Bu{5-Nuu-Um#RC`>%4QW}Gz!0lyI2`BoVi*Sr267t>&>hpH<v
zuI@%>vD*AE;Fr|iIZ|{-E@MdBmbN_`No-jt%#{?K$m6b=Wg!D(yh`Fvg1btBcl+OT
z`!7$7wDfe+S3<LtM32LYz}1BT1nx=R*Th(`-RdzA4*kP;q@|Dl{$LmX9603T57nE_
zh3h^=w;diiIW_s~DOm@?A}&lz1+mg`c&|RbLs^N+9@o>=_Iq3^x#5`RaW_pL-tw|k
z^)k!T5t!-ln*l)ivT+~$CuwaLR-;NH=(~~cb}A$;d*&(d%oG~fQ{3wXfZpfHOFMzD
z<Pl;kFPwjW6>b+!6@q3>xUeZxM6w%Rn0kF-n{Ecc&3fI<s`AOnj}H22=I4aQQ}onS
zcey~LS75?5<|mR%rgiT!<?GG7&rL}{MAkLW8(6|1ZoW5gV|@gh%K>$9epl@IEPnR#
zZ0jB@cuTQolsHn)4#J88@KaWGLTYQ&!I__euFUJzGXIk7eCy}G^fU8|ccaTY1Osad
z?2r+5^D|e4w>*)~B$gO#ha>?I{1zVV2z(J2>LjgzYOBDovwOdp2#`{e-|-1eRCe&P
z_>;+ZJsu@iZ6z*XCeYRHUYI%)2-NAeKL4O<eQ`VYG^47`4>X(%73iM}&|SpG=rxp;
zG<XxW*L%iPxcden6?$;S+jA?3(N(X}+V?&>Wv?MmO2lDjy)Gh&HYA5F_O*V(fpY_e
zr-qo_POP?tLMk7JQUmc`BvLXBI$q<KalEjy5sdS;RRgnCsM#IhkfkrRq2bv513x=<
z<6V+nOvh7pWH^mm$rLTM{glBj?2rG1W(jn*&Zy_=y*dES_dlrZ^%?5_ydqhDG)rs9
z3IInRGWa)PG-^!MAzS-y-uS;2JUTxqV|)$Bn0N@OQL!GrEwmZSlO^ax8_Rbs?$&Uk
z*UNHn9WF+LERC=Ue-*g5|Hg0^2P|8IIG=9DmkYzHDclI;6*?8LrZA{+Of5}^_GFh?
z*|R0`P{U!=t$yGY_<5UY)q#&eRHJFjyZNY2*2RD?LIyx(t;9PEGUJ|*pJ6dYNkcvS
z2NFo!_>N6oq0RNJP(=Z2=ZN$|QNB+eK+1;gU~jKWD4(6zO}a(Xswt5z^6De;B~>>G
zF%W8X)2?Gk^?QogUwRaw^~AQE<#pZ!Y5NIv7K87+MTLxxO=s&3V9UZ1a}h)7vlDY?
z{x#Xdrq!+x4zTwXQJF}3MgpN9UcN^T5MGg0u@uUCy)BD2!s^!bJS$-t9_16BEBtiq
zs}%B|wnSm-#;-|zA{t?C;7|r!1+b)QpAAcWcL14?J=p>Z#R$ssm+9K&M~eILS~^U)
z>6niQ>jN{sfpQ3lx~K5!4iJsnE10v&CB7*8Ib*-Lr^iqjIOmYBv0tXusTTX`jgaT`
z=3&#X58d(6pr8QjpG2InNz)9UD=j*Auo_CD>s^FbN%r=I>-$5<#Qniwy1T=&uIQ;^
zJjWo{|H^6UZgD(vy~}O4h!3}RjGw1wD7fciu@{-(Zxu!lccHwKIM(lE-K;6wT!Ho2
zQ&`O*8R}D{=8Pp1y>}KyK94bPxo-1$^I)gVg2-CW(HvIR<8IX)d_{67SeOw<W*+If
z4I2{3{rCgu_Y9u=UwJgv{}+$O$iT_T^uH;z{}V`KWMt*w`2UP~*}5A$l<c&+X2;FQ
zadBU)x7u!PO1jx>ov&Z7yDc`{xY%ro?eX3H2cvyf_Imxw#Hd<NGm6(#hX2>|nqAdg
z8NwSE855ZshgCpSPc=3>IR;@^Z0b)+h~xl@%@%ZPEfkv-unPd2N680j24`RdPRGQ|
z*q;C(a(l&#BXEW`2PlDD;TH|)Y)POT2RnvPXlrV92F=g_@X*!O1=Y>bImgv~zxcyb
z0t5p5&n6InIgSN^ps28%n3x8jAT?eEND|O0AWm!@P#E37Iu1er%>=l~1y})K<`xHV
z<xdWP%&o0F-^anZ@F(2Aih6$jotB<almjauC!;E%BdCW;KsK091;o(E3OX+J%WHRa
zJ^X_X%i`GlvF6eYaP}v*D)tu}^N0P@c6I)H7lD@>326Yu<OqfVJR{h85A(MuJGnXy
z*Z+IhSP}i>ujLQP`EvrE|6TQ8%nQZh75&D@me$?`7(^jzePg|g0~i<3$*ojCTsxpK
zCpO{6UqOtGz&ieq{?;E+X;#eN6`_&!uL|d=Pnv+-@gMiR3gYp%x)n3=RUgui@*2Re
zH@%a9^1tYrzB%B(%Ln(OQn%Jsyg%=gJ;vXTe}bB-a%w_>r+xoD0@IpV8<|5jvVxa$
z{H-jGFFf~!`fo;w<@<M?@tgb}{m+osiIdoD9D#cP9Pv-z^}u`G9e={^UqMLd&34au
z`Z_0o3ylnpKkeuU<i3&d%ZLAYW;+KLkZsN%;`bfR-^3py62dtgOQ8OTt@$9bO~xjU
z)+x0bgEE{fGqY*A*i#myk7eVP6gVu4fuU8sf1rO=RNhsX1P89cbenH4sq2=A5el>j
z4^G~@AWrQY_Fu=jcSnc)%V?F-uC#9ZFKIGYZfqpavg&ZG^XH{hKG6$^wb`s?OS3Q}
zekRBg{Ltd7p2hM^`^ks5HY61<)HBSDyvRPCEb3*9sKjqcL;uq(l!%7iJli2EW^SOU
zpJu?1U%DHhlaalaOx_}4I9)TV$QqRUgXp&yZE=e2#GTm<0!qaNX16s3?n3*|LKF^l
z5xUW+mm3pQoE6|m2c3uxwWw+<hQ4PMHNE@*gV2Xa6sC=pBjl#_P3Fea<UW=H&p*lF
zrlfZa7-PrOM=z?R*@|xfO-R=)7l}KAD}~R)@9;w<1(ifpSUE=J;VvsA!O=v>Jx9!0
zG9#dzL|xIUdgRYbdB6q%b6UMJjI-c$m>g7T74SW*Jgyr!!-dk-7hJr1eUT?fY3a37
zS6PSbSLH5eIPz3JFY^^cI2!Hb`Jy#$_*~L-zBM=wUsY)<$EfZ9By6QI#o>ih9MkqB
z_B;3%>6I+M&uH2u4-SJmO^)H#k!-vsBU8lqpfXh1W;b~F9+8!548yHI1wLXMJO{?}
z3}Ke~1uE<Wzb54x{AO2?+?b4^-^)yPKQAf|PM|2Tj7mv4F>as&GU+b9>sY%D8L3yK
z!*SLZWnQF0u>yP-FyT<t(#&U_ssQkuPThC=Do|U)s{{<`o;@~4H(tXmsec4&z!c5m
zWP`{^AOc4Ng(nq_ZBD?>tC~;O&)Q+ci8)D<%h8+db*2@z63N^z%h5RfI^I}BfRhv6
z?61*tR2!N<2=>LDClYUuO%b}mQL_+G8i|MXPgHb|prXr;JtI;;36@RzG+~0ZTS&Z-
zwyDE?Cs6u-5Sioy;0+UD+62>S@}MF;e}2&!IFg}q*6Q+?n#SJKrTpi{jQA5_1-(;(
zWgeKwR{oIH{UW{5;qc3UV7e`*dGcyk0@vc~?r9$HscFlkOpLxCIDGugWGj!h8CmNZ
z7GVXrczunq%(Ve4Ut92`jzDBE)R5*QD+4%@vfe-OH_fPOpb(^pZTOb!B7v8fys)yP
z<&RaUws!hXB*4>WfzGU;U6I$5V#-;DCxK0qt}tE&2@14q7x>K<3BBWTa15eJErXa8
z8^lrmNE6^?1~z+*wx#&?6wg^u<T`xo&(2lhxmB}sj0`v(-EO>v;3Lrn$UL+|Dd^gt
zTlnIzQ2pB2g;hs${L|nvA`_ew4a#$T(fKg{mD(J!*J}DUa%X4=E|%Lp{eH+E<rFeP
z7fybK4|V=)JKadi(Vtea?4K&1dp8;&Fi%m!*!RAZ>-uYA5Vf@6xj4MkIqO|8Y{d~;
z-mdcF*zn77hoWa)VXh?K+;P4k-Oz3iW4y<9pExr)NHmtNMLf`MtFSdK{u2UgXlDe!
z-BH==LD_hXu+2Ex>hU8ymG1;lLwA;?OK7QbiZ!?G15ZZx#V=(O#aj9!98eoP%r>N;
zc`D+oomBhCxLxOxUe=)gL_-@Z5Z|Xn$|`Pt)-B$(D7z(mCbS-C<=q4f51>%b5eCU@
z@;Du-M1}sDfdn6TThK+cg46LzvZm=oicckifv{SCJb_*RC-82_uuF6cly}nl);$Yr
z%d>B3%9X7x1M5|(cqVI3RHacmEjBBWRH{fZphchikBhp%7=^8)v*%Z0N4is(CJ)nw
z^EIFTWLyPgy0k`hY^<kpJBMa=@o9P;tsFAc7^HnP-yKRk!+mvtj`4W)qRXOF^7_+N
z{eLiaPC=S1;Fc}hUAAr8R+nwtt}ffQZQHipW!rZBw<jiIo=(Kv_k7OC{pH?krITw4
z!LIzQE9KDnRmP<CjMbN%VRNV{@@(zNm=li{y05{P`gGDZm=Zqy(qHAr5@%#jwNB$z
z%&p>Cyx>4ck#o+sSW+^NUAnvU(E;OmzezpljBR${?;CJBUlgRe+LPhW;JR7iI&0mh
zbYo<h_!7G0%?pkoD4-D0LbACl_l?d+svgEu+^KzE0nb^z+QQ&&$ghCbIRa)Bz6l3b
z@Mte67^aalB78jNEj69$?$Ht36_M0r;RhzUHD(U9e@tQT#52I;r>2p*lvCZl2$UyV
zJt8<ET!q`1Lag;CN0!(VXi~wu<KSObFcbZ;i26;UW;z2KjVSN!;-A*PbKikVL#2Cn
zSu~<rXNqHpL)Gsf^~t{+azl)H7<AACYpwq%Q3HvEVuO_09-T{nZ7ukPrpvwLrf0w*
z02#G_v2Pnd^04}7@}~r^*R|fYK{gA5=A$*t_T}DJp5%_uSuFu)@TB_-QS*Y8qu7=h
zfB&<Eau0&6r`Pu#lfg_mCIg{Voy)sr_D>LnoM~}q@YCX4kx7#c%gJXm-&?%mtP-Yf
z#Wz)?ftGIOonqHs$9koKckM0d%$@G1iaq0bqLy?50uMjJClPQP`kExpU*&5CRBD$=
zxfE?dH?gdLua&KYIRX^knYnn>4K+E{GEw%1?|KP^l;F9v@l|i`o!=0z7;NgDz-)iq
zNkpiJaqg^ztbNKzC>U#?nxn?Pe3p`0gD{4H5i7`8_(c{BMG}C;5cz8QEfJql!Rf%f
z7-W7qsx%~$;~5(@a)WF~lMr^9MTl(Rs?mB>l($aw4_G#QF-Z?^V45d`{>iWN{fV<g
zPxNLxZ8MINE&8i`_^eep3#0L}*qJtles6}kp+Sn<Xyu}fHY_wW8?(YZ0g4hSfe26x
z1)c{ZRVwl^S|UHL?;q8I<|J3!2r9M8uHeq=W<IZ2Uo#<n>zOmn1>HRBM;UJ?9O+r~
z{z+ir4fiTtnaqkXH5@%#D;~OQUK%0T)4nhtR|LgGUpwN~H#(SgJeyZWgbVJ|8vkv&
zT*@j#aV>M>@_ls2Evu5I7-`X${(o#l0S1bpQqs@=j%o<maSmCo<x5$odg1LQBT_zM
z49=#mBC1Xu54huFjVC9cEx68O6C069Ilxz}_(F(%a=f(QOpf_m(W0oDO24UoP0o#!
z<#F9xhTu*4jbx&7nc9u$3`(LhwlO6<mF1_NQ^(^w)hLI$@~-DmIUu=6-bDqbXJHGA
zw{>!KCd%ahg$A|NIyP`BDBz28hA~vf{1Ux7s<Eh=!x4s0CNqc+n)lC&;<9f*dpPkt
zC@#eNWoh}9WJ6?E9{JPdCWNU$_X0Oz;ikZc0xIgm=gw!g)7q-MD;mt5j3AL|UdSho
z(Tj$-sI?u<i}bGx#>Ek<!IDHCJ#1ywsP9MHY{#OW^W=s18{B!dcU>VrC`v3I`br;v
zY%!E}aShr66*mrMxj>SmcT^0#7}-vvbx6b#yR!UqZ=qXA0EU-DQy-a6h`o300t($@
z%#W>+Oa6)DutMJWdH3bFwqe!xgdTCWK21Bmcjo|=>;cT@*Yu(J2@%;};-(~7;^+wI
zK!b)i1Y-+JxCz$3!c=B`Wx_I#b~oMiL5fIhGnlBNq%O}sVs;>;1mZhqpPsAX-K*ux
z#lheaFE3gZ*cPLK?BLCGg6^(T4;pBfQ88@@%3Jh*tR|8#I`(VPM7%YR!nI1J!wQ`B
z1&P)~%LMY4(pm{5={%Jki|<^BLgH%eY;zhNQBXOH!-UV%<aSL2ao@dGKY9}aal#)?
zN5hJ2>q>Bsfx!)()YyPfTyc>zF@~5P+zTO`*bJSGrHk9m^1z%tBh%(wlk|I09`k?2
zC7Xa<ufv4~EU2I9ME@Nv+g{ta&GjJanyR`wnBN;jxMHrz?s$WYCU5VQpVZ*WPAB02
z*4YyCZUSEGv2|+Z^YN<gyP4&FYtwT8<a@L}EmRfhVN0eoe3H=_s6B!oYL+IBc^}Y$
zc@`peBKEu!YrGD;-F6?2;vq=dnP~C2P(5WWV8Z_t*H|bhtC{y%nVp0@hV5g1FK#P#
z_XI-Asxo=57jvC%%w@DA1yr+5Yt(<{y3ffX4kTv)y!viWRgRh0P?<RmDtA)fB;>iN
zQGVa-`=&7L;l!E7=GuK+#I6kpwbXpoFcTz8vGqKv6iI5bOQF@5WOXbFajRY6;PGnR
z&JvhNasfV$6*$RY1Zr?PFnYpGhj$qJM++gS1@8+v+pud%sltN#13wmLlvY{s<}!=)
z=2bw^hG=R)I|raYFbndO+1Xsl+xpmF14}FMh0bAX1xK`xuv=Fg>~6x!32chzf(EGU
zPKs`B2@WOE5nu?AJ<xI*BCsAN0}Y^Ho8(`d+hxDm4uXj-{8VH*dl6V6xe^v?sF&ZQ
zlL*g}5gh~dKjn^AanmNq)V&F(%iT&3_DApa@N1?xdMMJsOu@K3rjZ5cu-EUkVjdiV
z<>M)%VHfKCHE2Dgs$IXDWY80oFJ=cTx+U=Fhh$$JKH^xfX|ODuDpG-St%Bi(>bc(B
z>6MLACP(&1qLk%MNU6F4c%9S!s;uO`{8B*v%b1Z6R%{N;$z}6qaZZ{w0S4vzFN@y)
zEKa1bjI4b<QM)$jgo3vFrc0&CLhvZ^2Y7OG4k><;?D5D;8c0bs+keKJn^Pmk%<zQx
zOgxP6a^i3LmucMjvgg^Iuc^Ly4+%LEKt&g~$LJb7J$r+z$l733nR>g+!5FRtCH<s*
zS3i$`y}e+5hx6B#%5nPAY6hxm4OEdXB;`d2%W}WgL-I5SFQgiUM!?)KUA;k(<S5`8
z`%;l>Z|;Ug7I0gOeeDT~FXufI5Z@R#1aLhmsSggFgfv92C=8k3iM+I_f<b^1{xl&y
z>5XxorFNRp2Pit=flT<=!XzwtcwX3bf_G_3cn`S}xKi%(rj58VDdvXq(&4*N8Ptzv
zEFmCl;TIR>NOl>|BT%Ih+}rD^a8~=y78lG<RtSM%duBwW4H+U{0nJP~j-ELOQQ4sW
zO72+Owu}(Z(SFVN6#EO-{SeOMfcldZMBU$sqB&oK6C6m<9ZeyZU3n;7H2^HLx+%-Y
zuoJ2@ap_wrlgr_qrbDq?u)V0vba<euCoi3lO8C|p3s0jqwNIGZO?P$48hOEOZv88L
zGXr$h=;tOb8!En^={n1$WXZnn6T<Z_EtFbzwHMc;nRFzzTwn5MCyLXgONiw&rYIW!
zXCEHX(Y)b)Bafl>MF=E-g}{LlALh$hvRH0~2z!iIfr4Q<r6!GqWZY@cLUH9F`L`>{
z=y!4n?JC9QF2(Ik$XZ3`$-$7!Np{ajGX6pLG(Dka8mKTK5A!0>GAr)rFk)CCx*@?P
zoHH(~n=o)9UCY3lk~bV$qSJWkEV?=o3;ZQP*gf7t;pRW>Smoc|L9dW=9^VdzJ&QcJ
zXJ~gxBA2YtFkpdtDU}N7bSU-FjAvtd4<=d*&ei%O^SLuW5S4+YzlO_+LLFx+N0EZO
zSyTw8vkF~p!)|nw)T7R5yQ$R~U0_ST-k)cZVk>BQBxg=x@fCwAbR6?&9S0L`NGj5+
zr4*0OovyY1R6#od<7*t}Jt($Y_p7Sz#3xYvBIPNDRTguZ8I-qc4WY5Sg!XlYtRpHL
zGpg(^M3}JV7F2gt(YA5tF{|&iWbT~fHPimdc@*ObQ_j;Km6!K(oI>#<-Fh{bmMh!a
zXgp=#8^3TOy^De4-0<hEpOD_(aHy7+9~t0it0l>GBODVGP+fNC1s>^3ckr7=#U)7R
z{ojGT%hK=e?Z5hko3SlwHO**@dLnkMvG!*hO1O?V&;NJ>b**~pep#=l*m&ZtMab)A
zv6J6BuMsD%s|JE{+yrI9r8^;Zl2P*u*UJ21eVXC{JD#aFkfNE+ARc-u?WSjkIiOD$
z)_&|(_c?Y+xC6!d%CYKNeWKg{WZ=&TlJ<y4&NomD&snh`XYiN)S6-Mtr-|%*BEQ0r
z0y}rRZ^ZvXh+eCag|eX~SFJvF3k<EsctYQmYbTedfLw%8qh~+^8VEDiBwo1-SU?H%
zK@g(bLh~#&Mg8bFujg1@(0p~W7z^6$nt)eYx~gB)s_=G4K~BipH2AY?XoIyzQ+LoT
zbW?5uS`IH>yWo%W!HZ-r^&+YmtyvUs4@Ku9%1q%<)H)jUSr9o+U^~7Uazlr8PUOKP
zx$83MYt!rhcDo^v8-rsgjW`?*k$b0StWcKAWcngzd^=}*wI_I^cw1Rvr*jifQdM$u
zv_45g;?B}O;&>=4B1uy*dBlBJ#M+4en`EO!;LoP+w`Zu>uEykv`=g0UQ7BS5-RsK5
zTljBNt&W$qzC46D=|^?Fh~X8lM9QA8Y7@A7XjwHiF!{OtlUait31$>A2tbFS?c&4X
z5BhxUj-_`{ay%1I5$`XPD5uMUBbfb_dJX8Cg0cnxxwmSVk+oyFr$getl0Z{*D<j4U
z0gl334Pnn3Lsd3jEOmz~v9OJj(|lbAa{aPQY_GD+-&tb_zu+)jU;HJ&hw`Y=q_X0x
zG<!o3d&OWBQXHG`P3LLxv+6T<)~Q=D^5gt@)wEo(TPuX?j*mT<O^gX!MVv3mmLmpY
z(RN4jEGjD0DC;eoFNo4(mrbl(s4fkNsy~G$;_%5jDRoWC9%m*`B8}SJ+#-asut!`s
z-usa4`fXV~I+%{=j`z^>NpaFZYa7)tm^l6hzJ}4ctlMP4)c3v0&s5hrX9F&XsecN>
z1={@jRLujlz$j+M;O9TGb8;@Ji(NVv(;7<Bo@_X^6j#3j4oea+Pl3y^Hk0MttyxB!
zt72e&^Hwl2%C)KHtC{gIB?4o>3Dn?%JXwp6FbX9KQY2Bi)$cx-e?D9zqQB=3lf;Z`
z+OAt2=iVJX{p78nx?P7-Tj#G(_n?n+-)L{}_2@cdjBOqXf8>U}!0h!IPQ?zZ>u{LR
zNw~%knl;;VH$OHsy>TePc7|mYKGLb~Krw0wi@s~4X5-;~6cHY7b!kWjw4u&uM7@C7
z(C1m9;YUrp-cEl{r0^`8AyR1@-bKrAHpv@7QtkGYLA?>##3GiPt0V?sQBOcd!+#m-
z+oKYH4~06ii}T|W$KOk~Tv$H@iG8L0&h;8|=p}{Z|LVAuKf<~cjZVDEN%+fVt>#Im
zT;8lzvxGFAau5akH4@teF^8X^;nqo3QY0>z^PNAk7nh3JK=Mnh%uF+IIwVDyx_?_5
zh=7ePJJQEkN!EV;?_N7ZC)2(&Dzy2eDq0^TQ;r94`{BA4bte`3OnP%6>I-%uqKHjz
z)1+E=IbuQ3#(7FXsNDEThf076y{=|t&Bmd=$RFPrWO^cs%5+E-KV{8ANWU!Ce_|qi
zs&~&fp?>PW$*^)D6WDs^JHi^eiW~~{Y^k}z<_=-7cD!Z!SxP{*)$W>VF=Xf8Aw$jW
zd;EMk1eD2AXimPa1n8J4wGpr*hyI_;P2&+~sw~)%M!~bc2FHmw=bWv9e%*SwY`6;{
zhThrGVo7r}kK3iq_Jk&5wBNwb?{bjC^(i@9X$`F!P`;uo4RbNl<5(;`42Og(tb3FF
zVtFNr!lm(AQ2#kUJD&JftuW8_fzj5m#G|w!Bq#wqIBCovoVI|UOKhyL*yeF(MQ%%_
z4yzPQ!^}PSxEi75UK)H|Hc}|8>ww|U25H+#Rv_Ol9ptEa0T+!hVlja}XSQPta0(AQ
zeUo-=Qs8!o#QM8g^Jc}rLqzgqU2kxk5bk3f!pnC7EnaN4EsZx#B_Y5X3271(_=a<u
zDJI`19knR6M5KLbI3vdKwnQ7--02s39`=$%yOWk_A=k9mqkx;Ef>=3uaTBmR*o_%v
zO|(KLiq*@=W<oO^bqc^z+=ja699Dc<ZXH+*eRg+(fmO(hCJP>_JzmUQvBvV}B)=KE
zbgK#nrgz52Jk|WQ(vvMrY>w7iXh!a!un+x1vVH?y8UIh07`hVI7(Lmvztb^myx#4<
z8~&U^2e+<B@N^d8Uuu6jpRqnYh$im-JTyok=u1*!FB}#;-UW5V=!lYgIBneOr2gtV
z)y5$}+VV>FJFJma1R2V^uR^ChJ1<wP*<&8yF^MKxpG~^U==vTj_GK0=Dbp_&&1k<v
zOnPhvr_QlKK;Bz0IpS842JV?wK71@ezgJ+jWjY<)_y;qU;**$)5@ulkGuK~55S*aI
zo5L~!6%WzD3)OjloT8l<yxlBK0s!%xB?!Fq%x#rN!G~4U2rk~3i^oxmJ5U%tY6@Bd
z>E$>#siQ51RJ;v)qv1^Li&Ra&ODx-~hqlQmxZ}Cs;Ti|;GK6(!H3VoZ&g)#zy64^R
z<PO&PR<ONhi_j3Iip%`#SOLT78Ri40qp9wOlSfA0zqC^$aPuWT3Y?OgW}|=<lz;ca
zdKdFYLrL!^vI97S6zqe!G=z0W?pWsO$k{{jWHD_lKeq%kpE8iNk10ZNP}4!IoB8=_
zE?h7PE-|E(AD6vKkqX8Kq3fm#eq$M_NN#{YyZb^@afxpZ@1wr6&opiJ)&BSueZ-1Z
zO0?ng!aZglg{S7vR?+Zy<X)|=c$3!!T*;Vbux2cThm236IdtdQ88$Kah+QmcA6W4j
zJbB1)7sMIirw10VMj3b0NBzcBdyn*jUFNVBcuwhsNj|QJChP6sA|#K_&+_=PYPLmn
zmm>?3r6Vfj3jVfM3(PN=ZsIXw40u&O#Ga4H&562PwLb!qn7-u!#Sa+`ZMVb=g*Yve
zi%MlPk{oHWv5rSB5l_1pF4+`c@M7m5JnpTJw6F~O`RXK9^q{Bg{v9|@^AeIfuCrUk
zl=ltghdN3H)vWR>rMU_!;+3^!e@<JYKabMrw0`&|4vZT)h9J&4y?<@G(T=%fsM9ve
ziBaZa*_V3dhEf)dOUX6?u`hu@eot(`=+fXLW)jK;u4@a+p=PPwBN11)zdV_0O{`dn
z%047LDtiEjgLadJAJb`O!D=Ej_e91*xW^f<H`rO7`CrygXX;?omD5&)rFVlTB6s}b
zo!4>^esQ)Gpfz%5D%s0;!kU4E=3bJv_HkKYwh_R7+gy!I%g`(tnM`|5HDYTpn2hR&
zA};{xqgCBj00EV(;`?7nZaao9?#Sac(UCady#{Aw(x&#EON&^YmJUzXb@vb2s-ss#
z?As7tWbWOsrcSSI6QnTtS5!bQ*H3H&`}rN-#I4lZB<93pA{U}|P6?ds*G<?BNn=po
zNQW&Lp?dGxc*&t;1n9qhgBs(8DLL!kPD)!-pS8x7x}6ZH&qm(V?u~NBLK{qYdiwdQ
zCO%|1Q`RgfAw4#I4bl`_7&dhmK&z?b&M*BtH#WE?pUO<&ZYkuqOHFLoNPSw<3p{4<
z4X%Lp&`Oafs2<jt@|plzB{X+%?(dWiO>-4Tc}FOZ;PHZ2A?2+i?4<{?9JOgevU{K|
zYs-OL*JT?E{O29PKr{(>gPT%Y&*0AClxBZDhZ)q^q(d74CRO;}9$Z5kAFqiN5HU)y
zBJ=8h&V0p2Ai}}&8i{URVg8hsmHDI?W#$k9*vKO?W#jciT5Lb3$G#5PHMvSV+socC
z4U?=&iiD1?D1g7FvIw$1CbokiNQm*vW+8+?Q<QEMa@;JNt`Iyu{4{BsG_4|gkIlfY
zbH*g1ffQ4v+$g0>+j~U~8nBc8e6wb`6*b}6csTDFQu1wA==>p}l`x(ls$xwP7UUU~
zTbbWBU)6z>$hVn8oXu<PB33G1$l0nmHHRXXWS3lQuO&7Z*eo2tvs923=wsqOXOPTW
z2t}x_HZEu+%b~ev&m*!$YsN4r0At7|_QoMPe)4dZsl~q#UQb6vXCdi%`ijI<rpI%n
z`>O6mDnDh_S=@f_c%JA(jb^3vRw2|5y!n~TaP%0)`jsj1EO|Os>@P)U-~Ds~$<via
znOT#51uV+m65NS^gyP-9Fw?3eSWexjk1N8TrDJJ1Q^Fe%jm<P_dJFyaIgF9l3Vq@7
z6x175&C@UR=03J>hH6os9EAYkAA%H($+`t%do8VD1A%q)a|LRim|0>Vkvs)nyb8H|
z?`QxotaR<9g!YzGpe|<xKYTYZg_0%LH^C@YcqBxzL~D^Vny?Nej4dh^LOtD0CN?)|
zd@@mMx!pmarexG)MyY_Hah55s^dnnCVU%x(rd`j^`%jCorgs07@my;kHm(KfJW{PT
z@v&upUH;sccO*5xNr(-UP)hId4#D03aP;1yDGtGH=x(boyBQ)gl1l9)xzq`NEy-OW
z_Jk&p->Ub!)8&;%b7}xZTxoznrBjV+q9`^aa0IrHGs;w8%%rt~yhRE@AqRTX%e+=8
zGgKc+ZH%jr+7+6J1r1GFoB6U>v-@cuJ6(;k5T@B39#>65%oC~JJ~puz1;neb*?^(e
zp1Z+fP@M*Ix#w_L%C@R<US{eRGgplV%hf^N6WFcQW3U&`{a87rZAofo)u44%c;x|p
zYPio+2+-llImalCC%C!keiC)FbyF^ao<*=dU=^#ctIwCpyq_?J6_j2V4Q~4l!+k~9
zTAx}6AU?P8xDuC!x10S+x<)|8m0RH!;*P1B^H8Bmf)p_GLyFBYCP+qypZRQ9tT|hl
z1R@!yg;ie`oRrz}hBrbdtb|^wmTN?36vX~e$q^s2^l!5wb;S3XMTeRtlr~pue1lKW
z)2?`vECru>GylK<ad}Lyi2H+{=t{pcpT;IUSE{mRV9k0c`)cgs(CA^KE~|j<C|^k^
zx(FjTzp@epjf8*4kBv(7v<G=YMk28wM}~!zoU5rCMP1SS*0?ZfRCWIY_1r=2<xg?Y
z4&ij}pr$hvF`dFt$oE5z+_PyHPlCP^lkZIX&L&El$R<V}9I>k19!~Fc!$!R}O0Oqj
zkr`&GV_dL&vdsz$JekMae!GA6sX05B@je^*Y?gx3Ol88xa>O@uK@b|zBGrx&>yg_V
z=PTZ7x5=$c#oP|Pr9jjQrKlaQE-WtQ!t1xH&G!*)gkFK^%eKoewDb^tHUYNEtn%tn
z>}-%j2k8p$A{0wqVm?uqXm%L3-ra7Y11sjGBhsm4>&vL3ku;0h@05zRs~9K8t9?mp
zZQY8)N17cWB)?-(FG0f=Wqh#9CpODhKIm*g$BRh_jMDTyuA4dN?Fvc~RTxGzm&_c9
zd`RgkdxC9Jt;o=9H|fKT7;G_u>G8%V{zTsEynYSi(nKZ@#M1|Ht>khA2UQZDBaWI8
zs#v&_`-47a<&teWTsX#&OvD)!IYQG@!w6WsdkZZin|=<;Y?~HVj&6M$graP^5d0`f
zF;--A1FNC-(B;V|^+lUaxb52H#ilnZ@el^|kP}gTF`&hka(`qsj=J<hrGO}QZuRHp
z*iVb{uoJL4iBX8KFn6g{sBf!k1zMexsloQ)i;p@>M$vV-c7+ig6TQ>jJ8sNYkWqaP
zkv90@<w`#Oyn!qqzI&<!{Va`U^E!Fob5yd~_y4JbC+f|Njb`hG^$4*5H@|9a%;0lu
z?ORyA))BwASqT64d3QG06gsT9aTNQa!@hyBmECm(9tLc-;sX<zv5cs-K~YTOm(JB~
zPhVR_#g@1aJi$(ab50ScG<jgvvw{%A<(3;EkLKme>N(>I?1iOGlM)+S;6P&FTyJ!Y
zeALe9Gp`Ub@q@w`USl<Va4ZIGf2wObKwF(6Y$@Zj#cU_!8TL0L8*z8NZ()|gm^fm#
zRmd-hP`H+E;M*liQ*TR9>nf!0hc3g!>)V;-5jizPCA>c-*YaIzZ_Ba*I&oP*BF&5B
zQb)v}%+j&p(0i{UnIN=j7=L(-!AHw((G)gih3`X3LO+ELWx`!81C3%FeYClxBHziS
zt<ymCfOG7;lpw{K7%x3jHc#op;)Pc)Jk`dg!t#6KSdvwzO-T)9$6>-7s1KCe)fQ)v
zA+PZ}-VfI`g=d_B-AP7ER1xpy<@Ksz8GB9=mv18_!#u}%<V#6EoMGde8+&p9YS;L$
zb=Cfk$_y<CZ#aU9yXjjFd3~`MA-J%l+$)zv$mYgwZte=4r-IadJQmj>*<8gIi-72S
zdzw$~;GaxeEzv0c7D5@^;4+!dsJ!19u32szhHzQ|4@uKel;yPj-T%yH{a=~cyr#!X
zY4!?{!=&uX7*qp7nyC_&u;vczxg*<~_-SVwp%X6_m?Rx=26trq9&Z<kpTr)CHsg^Y
zq)T5X6o1sIfaQx>Xo}ErU2M!Ph-ub0vcchrSWzth9^bEo49;NC`DZ4|N8~zZziZ^A
zd$wv^Jch=$Q9K1g{j2#AGWjE+*fp4AeQM|==^6AnejQxFpe9rsI}pg6l^qyd>s6En
z>0F3eZt<q*XISD(wZbH<>rBTSD%&@@&F{G7&a5)k553|aX0)q_ez`oiC-x^apS$CE
zQy*O}GZ(g<h&dT!D1C*b+?2t%j0<kDTj}2NloAksw&Lgf);rMc2vpj1DGX$?L*r7O
zfeDT8*C{PCgNyjs^i}!504uv^CT{0Q6+R3c)%<NU^+|KWC8^d{hZ4h<tc3YnbH5xM
zo)Imu&sI>ALu}y1wSMR~H4`EdGJkZ)f}vPS09Pp{oZysT#RkTh1Ssk;UUjHS7g2)z
zyfnY&d(lUa5y2ovY`AVP;ULnB<FQh*hH>1huJ1%^`tAh%f`jGtL3A=9aJ|mNMo6&z
z5XE9GlZ?sjIs*d3!k~5UYbX4&XYgs%@DB@Bb5y*Q{1VMkM6}GN5Mxs@3Fon(-%o&;
zZtXQ}>HE1YC^XqtY@r?IYt0W*MGIb7t<-U&FdfX)!&m9<i5QA*C7)`j&`ne;yNhuU
zi8<4`+`h0W4sc|Mv)uZs{WPn#fY;k>iDF{LmN+Nz=8_L6Yf6Y_j7M|olM{Pg7ew};
zE_c=kMRD7W7*i7W>X2i-lrI(cJAM2jMGQ5Xu8Ts$k&o&3BboPhzH9Ns&~B%|Ckd;S
ztDk7kvz6qJ#VPaj*Az#k<~x6w4Pzh4>?Iy~L+%53Nb?ebz(b&4>EW*=(hz@^ORHBT
z*;@yqT;BV+Q0L1iZB1?~r=P2g;um8-%O<p%O%9?878}b(BGlEep79>N6cjfby2uAU
zUcOn^Dkh&@t^l8JHkOntxdu#TMpzjF4X+6gTJr{F)SwOk+xMVyyb66Yjnj^9wJZG)
zV%Hi#RXb5=z$v;kdA5>`#woo?91sXcrGiJBO@Yj8xXr^`LB17F?ILY@|CwyW!N5M8
zIC>+xI7UXT?}b!ZiD|o<`z~YWr=UMe50cl&!YQ$zHE$<x(%kP3AQ&7K6&5?!dlxDP
zYs7xxMPTK27^?key-T;bge&y!6Sk%yQO0*Q4$ff{!{>vYQAs%ivcfYxdz$%<DL1GI
zmsk84pg}{;$ya&>rhSjW>nLrfefa>5bN$DaVYCEY7bh){7<S|dqvrM>Xq{xX1GEkb
zK0Z9}@t;OI+t60waP4oq^qYHm@1jg*x8^5zy8Vf$O5*7o9Ut*M+D`ElPFu+JSq?C5
z9<b4Q6;q~0*f)1aakk;MHCQ~ZuccBV7%6LyFgZ&USP*sSI6`s)hw(nXmz)D7XT2pn
zh~*gh0UMv@+SNO}T9`gR;};>^mD*FCCdGAI88`Ndlu92d{&&3YRQE-?U3h?7q6eI)
zQA<(Qqj{PmO@g0vy5g+9b4->gOKc+d3*M-pQ@f$RswlT;i4KrDnU>zNE*`;GvVmEd
z>oW|xF%wWZ1Rw%XE*)o|#r=!*n!RPyg`cu!n7zb1^-Zry{;DMtIV*@9Cb8#DR<fR0
zffm|iT$f6<BW<yl;8f)a*|f#*z&@H5#bemH&sFml)wAySpo7kG2K*!wq)^y7Q<zT(
zO)3uVsm@<t*#hlCZ&@AodeI?MWZcBWI<#hH+yfI&5s43J<L1CCd^RyM8EL}(^<}0N
zfreZ)hfFQrAi2NxO`Peefp@1VO~%`)5&hjV?~qPFFQkc}npgpheM!ivk!M=H4XEJe
z^tC{*_w@%>|El$1$4Hsy6!C<#_xNbpvYSflUu}wygjy_@^V%-43{xB=tmeNun&>n!
z*_!0av+YR`*|E7TOX^4ad=zgmbyN5gpRKz(bSeKBShd@aER417GK+yw?StH5X|~9;
z_^F7K)ViIT#R}-}XKEgt0C_l$f2z(2&$IWJ3=EOnE<97ADoq?+zlSgXCCS9iPQfGm
zZU35irf-Hk6bZE>%*ymIIcvuK>UvGrSw&Zf-zRuBNY>nHNI>;zbzuTu{^IPQw`Vp4
zCteg%(yUQ8zAVh~cjzES$TXKzDEJIKiv8}MsJ;u${PfKwyC6`RB|{~KE~&DrTBiWV
zv_IetR6Z%5cW07nyWD5=M#D&d7w&yWP$e$Rwb4~AT4JsMrq<W_X1f@kDgBMT<MCH9
zT1hqioi}Dd6^ju55Q`b4ahBvu`r~wWWaI5~v9u#a#PcRSvcJ*#7byz<d$qY&%6bD%
z9RJuW94kiaFjgO20?JJ>6`CUKkj6?RzYBGjq}pF>4c+XIna{AZck_xD)y}ywey&zJ
z(dnsdOlW>^pJp_U7VOc4uDudfD}@qHez35kH8BZ!rM1S2_s6@xjb3co41SU`Uq`{$
z0=AnXq<{K(qZ^1eTCWtbF_^nbAhm;#DXKN#A1FlYssB2!$6f}k#}<U3%AKVNCq#V2
zPQUVh{xvOT?_^o*NsMyAnPg5!t=6`flZpe6&f`d$451zhY)~x>bS!g%85e^XDC1Qj
zawoSHQTdAgOF6S*VyG*<id-%pg29?&7fii^PzC@sK^0~E&+<0M|F68w%+A8}U)^mM
zCa(Wm-TvReM3p=_m#uN=jVDACgb&_IjLk8PF&fR~FuPdI4AW<(4JfT&OlT^u6dT3Y
zrPoEsrW_kd8*ir?%wFZVpLKU#ebzqbnzrUXcjmr#22Y<Oz$#N1py5+Og-uj}Wqe?j
z(*v2|;zRoT2M4)LSOX);P+X8znyC$f#DP;SP=HcEk4#Jp3=9RsBp=9(b+^m?F_pgR
zp)?MWC~5I!AgUuc3pvowA#|QzUV4w@?gQg{SP7qqWLUBDI}3o}(8C~HYSTBdGO>V+
zAj};4f#d{}kU9Ieroh9*K*%*nGX;gBKrxB2`oCp?NE7@AfA&NJa8U?7iY8RJncy<Q
zA!VPdo1f~^HG#djnbo*~0{uZ`>6gZ!RU)bJV#E{g1zM9p%KJ!g58RI)cs{ntmVCvL
z7*S#J>m{l80^LSX`k4h>SV#@R{SW4tC!?OK#3)1y9zloCup>b!SwmxA2KT3tJXi@!
zMTV2Q%Pp7<q(uuR!1@EjC6IgzkUVH-UjYX{Vwg(EE_lsQwJygdeyR1SKD6*L%wtOD
zO2$Z>ouXl`I8SqaOkzd#dT)7;7M=J{1Y*e0oV$K`#dVHv`O&Qrxd|=3NA{q&t<O-B
z#4s`r;ItJkbjT*lw}Xb8xB=hix%wu)9nk(i92{Z_6B^iigs|_1i0cHW>PJud$*t@O
zZX(!~l#r4``H?RFaGpTaFfcy=5sY&&@_%f7k%9BBuSvw1VDY7SNe4ef<O=kQTpi?G
zjQq6if0&o`bzeOCbx^*I&kD1NfM1(Op-%Yvd)f^LQ%{D!&Y;{B3335u?Mn2);UZ0P
zzBW-@1n0{`ZSP0Iz1D*FdoL^1HH+icQPHdB_mV85CFQ0ULk!<UCn&ZLROd}2;<+6c
z*%0&Tmvee+ERJv^uda2-aKkyGzxf(>%|+s*(H&hnL-_Pu7PfHD&BMpL*``}b|E#WG
zJL)l7@(%J>xeVxz4a|1Kexz<LbboWcW`LXO8iAAX1i5p1{zT+5%?M}xLeqTrk<4)^
zu#_Eiu68=pXgW+KqJCl5K9i%o5COBN&EOa%g=Zoj1n%{U+|1Gs<{=df7@0S{$(<x*
z7)GEs{6T<_H#L%Jg7RWb**x#*AWVsroxl4fZa!E<)Ga}kQ(%>M8ItMLL+IMpzwA|{
zDdbiX1l$8(wly4CYeZsl?&<hq&#(-7O9k7hDtgS83Uk3|v4md8);89)b1wk1v*9S#
zw$aGu14BD^G;bT=->${>Izu-G!(1UE0nrf|(Yw;B4+s6b7oQKkrMBUudtCYRo!E(^
zk4}LhSv?C@70?Ro>RFVlO5FG}uJc7W3Niev)dEE2w`YAG=RRImWM#F?592x!^GbY3
zy6a<7L<U=`Uip0PB(3_hC?BNPcU*dp>{bS1NSs*IPTsU<c1)tit*nI#RN7edOtt;d
zT1h?J$9ZZC)RV9z!W#lzCOP@p?;!V+FD^-FQ`<b(NmF`PKxqzSl2c+KtrfOvwDZ*!
zW*56<?XOF8@M_(|mSV-x&30PxR~GWzh(J9f2%&#_Z`(uH1Z{5me42^~GMkwN_!R_U
zg6U@QrcJiM$udiEgv21ZyZ5PX-!<~qKNte)E4B_`_GY!Gud$KDi5^GNoZz~-#dNK(
zx(MpkBM=G8;0GXVc~t=>MW)9=QzK)g%<I~r&R^q~+^<Q64yl;>l9z-_qZ$0(Wo1mz
zX`{s<Ux@~tVQczfe`x%|Aajhf><R;iB`OI<CtW4X8Jc@|sb^j?pqsB)?+qL}B@&B#
z<N#c&>f8UEf!o@u(7B*?euO|Kc#w}iu-?^xzZ7hEvY4C&6l$jZOA3Vo#iN!L0840P
zvn-w_b1Y+*OReEwC^GLoiJ8osR>?N39ZF)xh2cCi`p%W^v$bo13xwYCD!=S5j_SkA
zpEDpjPJUSUN~%dT(;Z8p<vpaM!fh%C2w9h*ir~$^+zxvsgQGRFV<j<0nY)oa+ov09
zjB19l{A#fUs&7w5>C@FPQ=Oiu=_~0BYs(fIDGFZ2@yUcjS6U58Dph<++(}3q20R+L
zOUYd9U#XfMP`Hbb;ekVA1U)xCJ7!5(ikfr20)+3fKFiw^N0XfyKe6R}s!!WqSL&E(
z3UTkHK=<mHr>|*C<7?I6$YPg4^`a$uQXg?NNyz_D3r0$@Q?c>%ht?&}@Zs`!ghrf5
zmuO_DMP~a<Wt-=l)i1U39)XrU6Mj`Dix6s>p8d90)O!E31TO8m{+$<u(A#yI17M+X
zt0@ZTq6@~*B62BqMIOMQt5Yz*wVr@B1-pq($rjN<?^UM4V0Z`hjf3a&f5@6Kk4z4e
z-OGl&vOW}TvRieZ8sZVIf}#HGT`>!3hN0`9D#k5&=l7k9!!6B)lmB?CY`J#HEb9aw
za9-aVrU_}$3kXbm{Lo@YJG3+Jdkb)6@-%vID`hJid<DsZo(>^6y#Psu9N<RK_$3wR
zE8_8?<cqJ|oz`Sb|FS67lHbGv+L^T4Fh$C;rR;`(;h}^4BdlrY;wEJrv(dysj9h-G
z^?M~}n_T_avAU$Fs{opAQ`zcO8ucd9_u=c($%qBC?QG>Dq}AiOZN}T#D^1KH3i1a_
zmKuS!{l5G)*d`X|O=e$#2+^7>C9^iV9#TwQGJZ+1E%~MMrDoFH)ixH=PJpTBl#9lE
z*Wr97Br!c}si&1%xQ*F<=C?lGji;(-+LX+mmt5Ta=1pr?3_0lUDpS1;l3zD5*R~tc
zAaC15chdv$Hcn*9TNiNPRT^2x*y+roJn!YPhsN;}>=f>l7Khk*^F9gH10D`k@FcSi
zr$NGjJ1Wc36uhg=etAmkY@?lvqjU>%*XDHxor8}?Nv@ZkGT+NgOK%ylpsL&it8aVI
zQ`SPvIPztLNZT|o_!HuJ-1cOMC2TWD`2JM9H_13kT;A_%2-8um0XO-F%Dl1_Ajczf
zGqQ60(iARJS2F%bQ994WD#weBMwx}x?^7KJxnl`8G)GY_mCsWd#NTo7f_8v=)i<`o
zRn=Rq@mG0#jx!7r)9I-TBMALsZABboyMC(^%M-8~ug{tp2XhG7&al{Bf)mTlIsiIO
z9!0EmA){-9PT{;Y)(9KqGr#s1C<k#0ww4+$H9?j`jf|9j<QuOg>-wyUpq@_^BtQPS
z5wV9UjqCZneghbM`&_(<Ws9RaXj7L~za3Pu#(8BIh_hlb=@$%~+bWaK`g3;Tlj@MK
z{&|T@_aZ#-9LwqkdAubOpxEpR&o<;G75or~UM>@PYh)e*sgiiitdPOn{Ki{5_L^H!
zIuz(JsmO=UI0BOmW#?AhBM=3@W0;qO`3L?EBTs9%xU|!hagPE7$+vdmU)2$qycJD#
zJTZbqpDIM;q?Aj8Y2iNVK#FSx>sV=96VZ)k)>pd55Oi8Z$s?x9p{>rKVL`xAh_-vA
z{c=T2`61{C0~zPb{+O3=bCiy*k>lW#gNyTZ@{U3DV5ROBl$|f%lN~?a@cJ|f%WWof
zlD72saq5qa8#dPsZN12l19jvHp{jeaa8u~NoF^!A^bS)RLR5$~9Lgm78mWt2BJi^x
zmhdL5I>HYekalC-1ia#|%HuI6!sL;Lkt@bzUfk<5O7q63yC@x`3jejui0iRSG5U6y
zG_GvzJiK&C!hZSl8*K1J?gK3U-f*j+G}1!Ox+dcBJ8Fe}y>Z&M?No4=Scn?K0J~U9
zyWYNW2h#J<#M09ZcIJkp!KYP?0b%P2G@1RgrRNI#Va~13>fa$p796Yh{PF<1rZ*~K
zSm}m9wP4_@cWZ)E@%bdm$425#<tXCowBep2B$?eSIb)*U2a=}dLM5m`H`Wv49|$Ws
zT~w~_)y+)kWIin_{%~&iPnS}SRKfM6n&a&c$O3+D_V>rfkXVLH!P+2uXrjYA0p#Yd
zPqL&?8c!w^)3!_M2B*t6rm7=^K=RYct(oJ$qgl^a!OA%`?p9jvRtGuL(o<g(FWn(f
zd6mNsy~HEWKKi*uq`s*fffH0#^~5dO;-_h*8D++4vgH||q-t|FtQnwjCE=7!q~L0C
zw|Gf4V}B;~%R^;<uQ}Fh(dp-v$0J6sevSqDbso$L%*N5rvTob?;??49cOGy$EXjM!
zfm?|yo5^h)5g#E|vxi7ZUi4+>4=Ul-35l!?S&6D`M{bAE?20ipl)xU<l3zA%?Y8K9
zwIMB7Q1ou(B^aqP(X=y|YW6l@cL4Ao`0<>YUIZ+lAm;xw^>F=1>S1DM`hO!;W<n+o
zW-gBZ$~{b+Osq`*%gt(ao3V?T?h-w=d$!BfR)g(kYYtDVZ5G~UD^F{ZJa=nMtj~w%
zZqIAmnD@(j)7-0ZOoN%~OjT`V)d{Y30y0(QJaone4(Q1Bwa!`k8CD1ILu%`2?X1&_
zTcgXQptE|vJ_!yjRz~=*`SFo||D>14!N=j}figiv1IU5Q%z%DjU|`T<2@dZJEKMwK
z4T1|+lvWFgiHLmar}_y4jphQD9^K2DN;>fTziy*&=0|r1&@E0MFb)7-MKDNE4h=vc
z)3mn!K*-=?bX1<uKqbN5*n%JykS@%Pz?7ZXn;MxwCUkQCZnJ{a{uw>L`cHOY{UdsE
zDvkw8xRwATC{7TVz}a~I<f(pbz<jd)2!M7AU<5%5Z5i{^zFQy}bN`N{gq*2e{Pw?~
zwAZpWI&uJ_yEQvA0D~}s{EHun%|G)%Ak_v>7iSiyCU-l~kC`ee8i3<B1}sUMpA(Pv
zk1Oca%#V2HMppZe@?zf~Kf@m{-DukDY+!mp#D7m<fdZGN&LXgj=lVGVz?~f$zcAp{
z&1HBV0Y-wb4j`F0Tp1fcIXQsAuaTcJ9)K#vo?q3@_`tyEqkh*l0PVStQ=^j;)OPyJ
zFe4ps!s_^*wYjy3kh-5Il+ei1^lu{kvuSs6aVOwoCs^jk7XFZzQSc!%IKI3yJNnB2
zhBe6aABXKd3q|nVuZ;QIFK-+Gj{<0e`r0MF1qe6-l#2k@NB{ue8~~c`#>$w)-sICA
z=*MRO=x2xV1xT}Bz&$!9VF^I9HNLty`Ut4s7XW4R2avx50!WUHp4za4-A??#4U5gc
z+7=cyw-!MyDlN{9jDQ(g8s9f7{MJ{lWCP^cQ{DReB7dqffVj!UM*(*gS{j)eo8L=b
zt$tnpZlwUJpE^lE;cPx}5m_OT=wqJyMPDH*!0NW};veGqFMv{PcIU~D?q>iAz4aBy
zW9geOz-5{i7wDxAnkysy4*+rf2Yl%1pQfG!gF*(;e|9$!E8|D?4dC%(UGhr6Xyiuz
zQVN)kjEqXiIp4ki&=2+7BCnN~_f!2|ivVcf0dxS?^8td0`OsGvi9OK2!&SZ1LS_E#
zO2(7RX9Wp<y-AjfXeL=X8Vc6<)cJW0BdDkBd+SpAJi@)2hn?QCgvEhcUJNzx!{J2k
z5cF4p@am&f{tVt`9qHn-h6%xam_lKlVl(ZmMKx|BZCpiPgmo!PPkxl#D!j4i(#p@T
z{Z;`cwF?2ZD2_u2_a(QCxjz#~$P!Yxh?<?9Ncx?NPZc^UArb0rPxOiCVCi&dIPMY6
z_^mV-uB5{YpL3HX%TJ`g&AH|7nH-o<HE=$sykY!jOb4p2B{W2<n<!YEIFJ)YyQY4e
z`6T7bIZTII<$*DMOa=x7Ds5Q1+zcWU%f1X4VhxdThS9`Eg~wJ--ok5hG`@L#-uC3r
z6;7Dr7ydCM{zCPq8y&HajN+B|02rxAU{F|F&Tu067DjDO1AE7hk9EH5{LSb=1~B7@
zJKD6c-;GJms%CVo(5HWPiEP}lG73E1CVx){v`Q2l8#DBr2M%i^Vl$&5j35C4`xp>{
zE~hdO(s#e5309aI;vdWyJQF)*QWCxu?(ea+xmtF>kD4<m$o?J}D;Bj|pMJ4<2ZVIe
zS2fq8#vrTpg4(8c`a7vVewj-^i8{(g@wf;z8;k`8j%J%}NY;WlAP=01B=V#J$>-Mf
zuC$wK!-PByWvL)LElRjYeF8@~bkL(}O(JQUhSTw_OXT461GL203bN2rHti31(5Zmu
zu0OTU?|X^`bGJ*25mh>QbMpxFc3)4m<#|Hs(rT#hbCB9=)iDSkRFqq|f14{FhGPN3
zc)#BnpDFKy`$}4S&A4o;e&%uH@hJ0&bHK0al=u&uOp2Mw{T;UeL)D==(&AHxGxa`V
z0gcL+D&Icbs>d&%@d~bG4K!N|#DU_WY{(bwerX5RY{KEzQ|#dKd_8Mu>kJ4zk>j+w
z<V($D@#XxWGg2$7-jB13n`IPo3<Mv_mTVH{9SHlzgMuvaq|K|dYJxJ@4I%y$8JOQA
z1|@$hv<Q1#^POGOdIz@P6&8&yf6wz?>NLS5tqL+ISzpAB&m1NV=^tt2tt(n??XQFv
zY#~;<gk5*+P!+Nj3S4OUJrS<P*n2@6S8zPJ_MTxThh>o^uGW{eg<n9TA<nr?(m;5R
z(?qd2#N#X9;awAkqE_E&j1YRQ${p@zy1y;Z0W9E|&9n%!i==tw{=PNsfD8X9<u9Lt
z8Tz71Y^p!_3YXG@yYXR2bm80^gVfXATk|9~HYIaO%9-3WnCN8Rhd+B;$`w^m`fY9<
z8h{bBb}oQ%*qvs)7SG@Qyj3Bg#cc5bPtV^z$&zf+lwn+>w-?{veNO4E(R$8Uxd-t7
z)^G`a9<oWObqL!QOvsHDA~Mw1D6r4+a*GqSypBYs_w05ZsaKmOjbe$akQrW}J-6S6
zLg|n2j9bLeGo7|$hJFQp+p$A;*2_uc#AbZ*C(~=wvq>5j)E(y{tAQAEba;R6_*Jwo
z?A;mS;Kl^7lt-G)SE5-zJr3;w+FAd(cfYv#1H+4s3hl<}w?Q+Ld1b9*27371gP%2v
zpD5g4#8h$n3(ORt+*%f50@BpoQlwdA8YCmJ_4f)d&g^AxaKl#BvYy?MENJynI30P*
zyb-Oqtp3jO<wVm)>T$n7wY?U#gCOTfr6!>OCL%W4vPL?>83pKsRKIQbM-)?u8LD`r
zFlB#lbR{B6dY%+BIY&L*vT}RbL$JN}uL<Bh^gCfUU4t}n{p@W+%$F%~DxhIm0nA!X
zFbZL73e&Qapa6^`*Ang!9Lt#K2JdgD#X&9vr@%VIZGi}GDO{I);2&?uOj$6MIlbnX
z;B6$P;99E0!lM8;$W?c;uh_2KS9_%l!Nb&fBylpL2t{?Oi<zSAv)l$hO*F(uBhR_d
zVBJfzR~yBu_M?%(Q;AsjHj(Rthve(_KAjilC(!3zMfl-k2CwomIn(1+`&6fc86E^z
z<d5oubZIwCC|!+_zKPvy;!G0X=&-OjU*o};PygmL%zFs?Rh%$w1T#&>M^-YFIlU;K
z?tq2WzClHf(Xi!JAx)IDoQ_Er3%XE&c)OOTdUe6ho+Mm-hhoObSL-_5dP5wk^&E)R
zLuL$SQzxUwP$>~KsTv;i-joSjtH8msWj)e8`xdBcpr;#>({Z`1SG|EKqERab4%>wS
zFU0G!BAbq&yobL(Uuru)PAL@&8|X{Lr}VE)ddq~?xG3zrN>)KWAn;M6;lDz(A%rd$
zR6XSLr|)){%f^LY=DNlc4f8K0G~emfVZq9keAr@mrnVCl^ln5zto>=gQ$`*7#3<<s
z(#TFc8OpKhDRz8UBm;%`IM_=P(S2`1W>5!_+dk}=e%(FRy^VgFB{&*KOWN(5j#ZCS
z#|u&t-DC(l#~GAPz8zujmelA*j9}pliQB3b=2$w28_cJ7A+}`qvpmJ}ox1~%e>y-#
z7K()J&=jAzGLyysb=O*|eKvF3AF)%w<RHyCK&!f-PGNwfWVvwO*hC#>SQ)MD0#_lp
zyr6SrwwQPKe%0R9-VUas?xHpkLu&w2aGrEK$LHd^xU@U@lZ+4n!@{FS6e!PeA!de$
z%GmX(56#CTF_F3>$N^i3i`4f-d%uuFu`j(%gDrg?8o1l}g?dr9H&iAEg*UPhe+nw%
z_Zn(<=mTA6haS~Gx;gcC)BguVQCl--B<;(%fkZExjhLn5N*EFpTz6i=EsbQOBePC`
zal?t6BqK9S9sIEHpl1gk6%CHgX<>PTt2|>{&!qlc$H;-OvX3E|Cu3<YYl8CSuF?h@
z!h8&@hTFT~5yXG6DG^HZ`=?ddx~A}emG5I@O^TOG0t6vBZHNcEcb~y=+Da|24ko^J
zGGs?AZ}W@l=Tt^|ALq?`%sB7VFvq{yU8bSZ=jM^QnMDM{?vYm>rea7wq{i-!!6Ct6
za~yHARBMm~X?23tz)69}<Nj|7Yq_(+nMMxz<b0~S*3fzc%tw1NA}hQp1Tl0Djz{lG
zYT+eK!fw;HljI`d4lpaImL)acU|U2sr^}2E0dU1Sovh?{{W7WAE4z+nx(m*sgAX(O
zrn{Z|%8w?fIZ{S5TYO=S^;XWt52=G83BPX$&^OzKZ=pYJy%Bdn%@%0`svU}PUCxgX
zmd_=G*t+v0ft%*bI82uQC<QBK(q~kDioTO(A*maOGqdj|=IOlc<N4@X9&(Mq32K3L
zpVw(acKHfS^A_PtdWcOpN~R5F(m@b*fsoDk=CckZp6X6nqBJ~Vc$0CDB~@jJa(@Yt
z;|M;3YkcHO`>j?a9CNj{E1($h`l1X_NISHH*T(t7r(T-F#`(R)tkTb~n^}<dP~Quv
zL9c5r8+idOT@EZ08umNn7z4Hsf^J*-4N{hv7SCz~S%#KWvjoQCp#r&dO2HquvTqbm
zfTKT-_R!6x55;<YH`vi!o>>tiH^gVQb=mITA!`DeuNN9Q6lD#%7@$;w$v#Iv@!PBl
z!L58GXogtcrB{3NhTqE}3qO27bG+m&>Dq_gb@(7pnS}i%CuI&bTw!EjAYv+~UJRBS
zRmeu4!E{%CHBju6SMA^cTl*!q>@Y$DgDrwd@=iUV*wqs6XjBExEnSNT$=k$hTZ9KK
zkI>gDztGi2Z+dC^Gm+paH0t|~)_MBYKwmL|pP9MS2J4AEWkKZ7Ol>m!>0IOCmafBv
z8b+*faN&Odh(LG0E!gQtafutrL3`opA$kS1Id(!Z^gNIp0(+LAKzRZj4=E9hK#A-d
zeRymx>hT?Qij-9m40E{c%uhP@_zk9aYU=cjc#@waW(g~4doT?n5aFcvH5?Hdrl5jF
z>WPT~O_CorS1oICG6FfZcx%9SbbaI&ZVEz@5tTGYyvuut4Y7@n9NzHXKB&OiT>Bi;
z0{ojNLZ>g~^5U_K@I21rv@lnP5ZP0RL1cN#+jiZ3LVdZubmfO;Z-rSJ!lsn_^6{zY
z0Kdx2#g)w!jKWy&t)f5z2`Ae60zxkH-VH@U1MG*k7cw!uLPt_oV2gn|_%}%sJsX0U
zHK30{TmQADus2#b>agXnS4?U;=0hYG!TZS{_^h8_nqISmAX!`>2649?c$AJ|p!0&@
zGJ=ed8xzSbi}~&`?>GXzev(N<V=)vv>dFg)l@oiD(^=XgIqc#4G;1Z&OkVa5!MqW5
zVUV`d7AL9}%*SRFs55}{!|t5fD@j$AL{d9XdBLdl^Ai8TqE30NgYc@QKURFu`j=VH
z`>^g~%8pd>Ukq`4*O-#Ds%o2tZz&9+8_pMb8tY6m!N>a=@|Ym<J@%{M_o0Vp5o1)+
zLveGNuR;p}XPA4_EZ7k4`BKzMoq!&uBJ(411cc6d#hJBZVD>|)Z;C2{12JaQ?xMIr
zhzWvHT_B{iwcjiX)oLfKx%1e5B~DJNkbTct?kec*T7wy6K)@nHf>f4}_DbbPMm3xh
zK#*YFi@7nqJ1YU%Jd-flvZU*Haz}=i%iz1#K;dU|xpI=Dbi5P+)hKu}^|YpdDP&Mg
zISU5L!$Uxy)EYT)p|{sHCDaf_od%ls)t%U(74-@YQjr-oQ&4o3zqM7>4T8?bpWmt1
z8n(WLXC~4?Vj-evn&68f>X0gB^UkQPKF6=bpWowh1H;#L<vqjTIPijNsgJ{nV8cp3
zCR6A73~;H(<LXE<|A;52eMG&c=eBpkqYKgGCG@N5_B;fW^<`w?BF~739i2)wxmFMi
zN?zvIFJje@)k@NXO-ig@U^j~j+B(6CrCV=@He=xin1(X|k1Ke#(7yuC57joKwg;lE
zT0+T6%V>HOr;o%5HiN5^wfZ0^V2%VnN~9G_N{<1W&FO7JDUD@E0cgE=Y+_JDn<aFP
z&POWXg3qkJtrVfvaSr7Vh8n_BCP)I2{aSZ;2ORC?Hr4(*WK$oF??UgvNh0u6M&c5_
ziUeiKv&t7)Z}-OYG+b1KQnfCWlKK|`+uDTrSWr!%JZqv7e&z(>Ck&deO$_hI{og0u
zj$!hse67sOIONHZ^ITDl+~S_U$4)rB`6l_X7ao+}$-BzNuAGrMj<>v3Dj8Vp&vW0N
zK>454;5*T4Rf9_wF?fJ?06;|cGL0)ujB2&H`enWknTQAPS<fS7K=o&USmybBe%=93
z{zM(u`!l}F=U&8Z;7DPJk-3gG-FP{4eId6Uwg(?PX^Kxe>-k_A%twujf*fq-1#`gC
zRfet!b5qr%fiwZMMUIP8yV*!h(3x9@CE>P)B4YA!P~73T3G)N(iYz-dnLrojqj}V2
z?jgGRf`-6zNKZl}wYNZSf4y?RUK{X6@uzek*uajtfJC@ywL<FkHg9Z9HP`)s<$3kZ
zIJ*-J#IV)Ld=iQjtZf^r92J&&a3$V?YB;=?Mm&)nKE;>ePSs$mDyH3>AwzQdg*<wW
zwOt}r-HXcy$Wy;>`z`8`OKr>{l94#2d(a65W(v9LaK0nd-k`-a-oB~qP)1SGB0VR-
z?BSydv+GEZ1k~K%0uB&=2Olw|%H;C>pc*q{(JXI-4A!i9V<dSA&v0d7fPAP!JBCx2
zpJE|eA4!nDk^!y5E=^|oo?{<<1?m}@m(NS7Pp7<;b^X53yj&x9v(bt8OyDJ@&E)Fs
z_JmQLi`OQW1UZk2XIhalgY&gKCwqpp;Sq>N#d1Q-i|_FZ(4BieO{h9sjzljaODDAG
z)+}7MJg?XKmJCZ@I^`qoCVk!-<Bgzfvou;T0HE6Y{^)32<rpb_SPh3ZFZhm`F=oQ~
zOX1m;7h~9*<aOs2QYV{17GB_>reI+s+1eFSuP9S6&s5WiWU>T~;Bz?RAwRv%_OwBa
zT3aCrJ_Y?Q<%^8RQB}6c9L4)Ft<WxpDR?p{BYu8#y41sW8UlqxFF1abFqgLrkHNOu
zr^ABw2oW>I&(B;BI|0ux$Z1Axa+C3)vvKLJ0XMyv8F}*n$bPmH7nE*qZyVvShL&NQ
zRQSEwxzErhEbHY9h(`73|8V>9wvQ~`IE#8?$f)WIyV0jcE_)Z?5G=57&!6jhX_7Yi
zQUJ6LO=oyr+Kb5cGV`tX+T8IcbniTxvu>z@J&SC$;D2)#Ia8bF{d{SGh8p{folfDa
z6KLKqGMT|TpLV!EQj*WlS?8)7Mz2}7C;xhj*K8JlF!hn~MJ}M?IMX6d58Yz8eW^Ux
zDx++>Ii1c*^Fvzpp`rZn9Ek>NPNBtZAw%Q+8GY@a&Xm7Xz;Q7iV;0UUwV_PT{=4nX
z?#UF!3v<m$m-_|&PqON7T(?msXL3&0Bzu$M)mw4Y&Lv)yi%LD-{-PTpYa?WHM{o3z
ziL0}5;`XJR!kXEYTY7`S%u~-PTf+#9<SCKqU3k22L@~wDBN1<cIvdwwBzJ3LCR9Wg
zae-RNBT~Q{Sd{FEc@r~TbSDP6kZ*A{;6@BZ_DMX6k($2>ycq9hrKL=p!QTh$r(xhm
z=#-Gm$q9VFY8+b*k0=Gz3qH>pKvgAkU+8!4a&v2>R@jr4wFqQ98ZjqZo$taK_XYw$
zjqJUVtQZ%p8$*v%bw9$u#cpkLI_sZOr))X=VG8^k2k&+0(+B<fKSv%2a`E}z@qJ|#
z>eP0X2J^0?B~B9li0o*8fE2La4Qez9!zbGHPs72~me@kCpdsn<>ZjF8uFd|zi!9_u
zm|Eei>P|#N)x^Vr(dHRdbUYs;n-@`(f-gUJTU{;Vzas+ct_lOUX-WpRv8+7U|K!|n
znE>rQ)*IOmNWLC;J43uy=s5nFH>NVJ4QLDf$@G+(LZ|m_&TCp&zF>H;ukV1B@doG}
zm6Sb4yK_^b-gfhO|6Fp&_jn)?JMTh${Gr`3zU6Z3j6kQl#aYpEiHt|Q+oK3ql0!xX
zvg&tII)2#UQp-*x*(7!!QSVdxO(+@eA&^E9=JthZ-GI5>6T=artUm-|bt)oOg#<Pb
zr&<H%<=b*|!tc=fG2)_ppj*pLu8Y3nPsJ363qhk}zMw1_@VUuiYx>#e1JHvlQvu;Z
zs!OTWz{3u{=LDf2Md^c|OGH@R`Qm+BGGCd6AN9g?U0F$`Jm}3e{i!15IrgAe7#zRA
zGAeUrn+jX0R9&jBV`#t4%PVx)BUxhis8P-%xlSx)s07OTZ7j~y1r8k{D-gF1gpaZh
zSj5$+afXo+%J#;{rtfY~#uUP62T1X$@rA5Lp6z4NAPAM`wu3j>uKS<W1?XjLvLZ}s
zCG}s!)Y3~-D5*46sD1V1_R6dchaaYMNIFHdX!^(MD}fWM#=HC2i?7mnQK3Qm?rv<m
zF1t|9tz<VBcsGRhM`MrRD$O`BkZpbmxbv84Z{MI+T2AJ;oqBF(pvupU^SS9UztR6h
z*!(o+xQmG>pNKJo1_V81&wOW)vQ2Lo0}+;!4_-)y2gi(c2wfxYS><>IpP?k&Zv$Ho
z7?YJ~M9n@`*{-l~ZoIp3Jk#nwnx35$SY>OAL!Q5^0}UEy^`BFCM5<moy@n499A$Uu
zbQWx__7}QZ6S7t>r#ZVXf%{-MA@&7X>3m0EpgmF=>J7Kv#~+d~m}XF&S`XGG(MHoN
z{l11e+8D-i2QHZV1()4_oo?px9kwTdYdmkY@+_<Wvs)=QvGLEY6id!!F0`eTf-yE6
zDdsC#$xC%=PZ<K*)5+=ic<peImR+Jo|KAVe=&_t#W%e~9EGu8~)e4esAsFndk2E8(
zjyOR;T}@WX@_aTtX0^5LioH!G6JJ%^3^$}qhv#5R__msGE|*O<?DJeT{0;;9fdQ(@
zLDjvt^oAeZ=XyMH50oFzDC=b4(bqxdpg?s^OstQjerNh0d*=XbUfnp+odn4;R_*Tx
z!|@Elo5_%IEP_T;LC~IOr@zY5E_QQLnKeuG`NtdW<xjp`RMzC70(;Bj0&J7hT~#p)
zhxO7mtg@z8O^y@94^$BSI4OI+^)71$HXnm!()|F34~3I%oeEOHns%C!sn-~ELsYfd
zLQRWRl~l*R-#X*7{gF`b_zv4|yMxa4M9OCf|8$k+szKqIU|@&RQ(4A{yqbF--bluL
zlFVzA;Qd+0cyWyohN2fN7n0;}mA8}Jsu=T9SJaWPg7>K>1&2ng{bzNR-%gY9BuhYu
z67$bf^;P<#j06mgMBN1aT1<?I5%iwJ*&jXu?r)&3D4&*4ipC+g%|VlPQB<OZuXjES
zi1p>^D0|jn!%*j+Z!ML-bW?Tsvh(pSxP4ON;O#9`YO!Ye1~uCgr$hi!Cn+&L1&5Ah
z(B#?ueF5H=-{5S8iYZX0a7s+`m}Mn1Yudw%CTpj14U2HYF~RIKEA}4ZlDIGiVPKVe
z>z9$ocxJ6ma&leUK~JZdy3T+%A;rG!<;!=w!&U_NV;#=rMvt<2&3kOmIA8fYQ0OVz
z=NEh|EJ{j>wF;sVePlXIGD@=O;}Q=MqEWP8Av<H@_klK*inW<O%uoiwREWw>jUzHB
z9V*HFrYN^d8#^?k&7o7sF(yRkw<EBqC<Taht(S~c?ng)E8M7JQew1SMC$5<c_hUV8
z_$Edo)3Ya_`@|DGmx%x<iW!Zpa=kI(YV12XaeYumLOH=)b;8j`nI6^}Zw-2eglDa9
zSVBL2Hc$G?o;~Qorj#Jb-t~K1yG$EE)2Vh&FH9S_=A69|a8=DR>6C~qucOA%5W|DW
zq~6#;iRu<IK((x~u8kzl$q#k)alzTflE!C~scpTD&9W?D)F=702#SUnHu~;%gBMN_
zetqHaS3KWbp(y7`zzZ%Lt?wI#<34JvM#0L&n{3^>A`14yxXO0@B(>&sGM9FN{9)KQ
z-Qt<yw61$7z52_*AWlYe=uS^aG*Qb^nDTxe_~UyOD87<ol#p*_+Ffi#qZ>ysXJ-si
zclS3p6uTL8%F7$iAr!wN8M0XQRr$k~$uCU>#I?-}l&xTo+l|rac^?wKtVkC@&qu_n
zMd9}$#8suFrZ0F&8myE-)t|rbc<|KmPKIu0vgfF3_#YN7gT(9&ZjS3rZ&)3dnwil-
zB-Q=^0XuN7hubLDc?zpgvw<M$U-b&vcf+8~gP$*v`N=dPLQ(#l3?O7Q3O$Nx_Vwb2
z&GSpvn`5!1+!oC#E@gR+uPb>6mk16*hjt#w+p}F!Xd_s<l!`d<F?+%uW(~1A*E>AT
z1;RBIQ!VrQtM}8inlll%uTunAb%luYG8iil{Ios#E-ytq^|6U+$PGS8LA2$8xptD|
za%`8iGB!#X^Sp3@&>E~$=uhPK{I_!=*|_QqIJylDr-Y8)z$n0lj~sxnW*TwfS~+Yr
zyd^&o%My1|S<QuHE-tHJCtp{GwT+`P=r*+R1BNwuV>+S2pSTOop?!_Ges32CDdrwT
zmSP?7`9ibUBvD7qen)XHFx->mpBVx_y;V}JU;3VVYyfMr82UaQUS{<e`^D@4(<5*&
zb~~jkFI9&`>R~K(P0N?~`4s)<B<yu%nbt0`is>UpBs(_1fkUcU*0kItNSscl?xf@j
z6?_JD=a<<xml`l6Su5Uy6vg5{0>98$QYaY$r~9s7FEewL#J|O4(l6w^%)^<S!6I5&
zxoQdHzgwbq1ZJ@d-_sI8pqc!(+ibHP2Ai~q4I;7=IiR&$k|?D7`7!Wn`6EYls>Zt)
z6ex5k%p8$gI<-%zLeJ~k63i)wuyQ!+9^3ufm2iIN`Vlj-Rbwh@khT(0#Wt}dfQB@L
zeHCbsK~(-=$&cD^ud$$2ULhz{nkxx;f%<K@yoN%-E2H0<OVLJ_bOv2Bnc2F23~o#O
z%fQT&2LQ>5WU+l$OY)Q7F8d7nrefP><^jz}thoSeW{CuS_dHVEV<Z_QNPs=t+kc7%
zPCJu$CfF?qeFW(X#>kj|{Fq1iH#Z-4>G)**M(zi-Kl%57aKsZ737><0swvdmuw6O6
z+jG|k%7`!W1#%ulsd0;ROIJ?v;dAv11qZ~|_z+98Ce89b^d8qAMy^~aKTkJU9;dPt
z<q5y03<$E^GhLxRc#hA5+Jz_03>%yZs;-$)+7v@SO5So`))Z}ZPqg738>rVJA^m1)
zQgX(`92biEhJ;Ph&}cXsHpWQ)m@Y|+yXKM9G<O})s~anrL}KX~p$4%{US`_03C$Vm
z)<|wFL@psiMUu24jCZDXY8Y}yqwkW;PE!>_xM=(~B-I+y)?oNKOZ2X9vpOHxVhlyK
zZUt45!~UaNUyZ~^2iCLD@$$a?sYDxueY^UeN@%%sLX&1GGwbqZ#ACZ)9j15~-HsVv
zxx&4O%q%L8X=vc}rBiNohg=>`YWQvp>29)ba!@#ZFpjxH&l8-axx|s*QW-xkDjzp6
zzah@SWZ5NB4BF=lV-x@Vhm0(Rjbpg2e4w{_uWtvB5{FZCpf*HjX2eJ_<5W#KgWe^?
zOpSm4SO()ZNRrGwqEs!P%R)xS(IKUaqwlgl#&B2T8sk*Nnz9mk*d?KIPG4()-EW?(
zG8?cGRsVu$&kpMA?IVmDxJ`d3sIZH(%7TLl|1s;y=c7<LYHTOl{)7X)YH*D{n9yzd
zea<|A2jD1F_Ak>|<jzX)kUL+|dl*|-I1^AI*jvw8e2l$-U8?DFRu~2)b_-@v5hsCH
zVk>`v{R9x)UybVkScE5G<q07LC9&@@UeV=aJd9n3_?7Iacqxe6*3qu!mfly8wBGA7
zOu}{3J#13;fvr$Kyk~9RZH70~k6OL8GhXN*tCyFeYgsLJ=V*cmPd2H^Y8_Qv;A2;K
zT^b6y4rb<s-VdR#*Wi@(xn}~-FwZItrFU!fw~WhVHclK|so&K<6ON*JcdDc&-rOcQ
z$q%vJcxjA&HKx}hmIM9_6<$#7u$Sni*D5f$ryqzs$~=rKihk^IG1Try@1EO2+f%n@
zk6`^g;Ta3*uA%oZ{c}iEGumf4WG$|T6|D}36%E^TTq-SuhAwdCB03T|$<Xh9IB_0D
z)Uc{d+7?~(pgJv1T2bctjS7S_RFqG~BacTbaQpIeUYyFRw0sy>Q4S70nr1~L0u`x_
z{l0%sf&iN}dM4*cavhW1(|a3zpcLd1Glg#sxoLy5&B=BQ?Pig0C`-`X)<SE)fLK|{
zXmJFNM8SQ=#+tgn=y+?K{kPcZ2uhIFd`CzaD9O6gJl&MRQ7up8v)^}ZMQ8B)fm{^9
z7f6=9z^ltC0e!g>xT*DGx;5r4uCK2BO5h<H6_Q_z#1o;9xkrx@PC}V;g>R&KsqSNM
ztN>LxhZU@fWVCE=;#2#6HLnYO<6Vqw^_TGqy%nBk7vJ|kCyFBKNOzZbrc3mmR-JPg
zxabSda+-*y<(5wo0m0eRThd1Cyx!ZXM_H{7@xQQ`A1ztwRshfhoJ4=fHM!Vx+JUys
ztb{1-eGX=fT$(8p*u>Tv@5<M9!y03)2ctp98e@9`MLqWSGu2`>3bg6TG<jw(#`9a|
z87|_t%|vEYbUu+7)v5u;m6guIT`XpS5n%1}EC!jmIJM<-KXd4vUz@(S)aglrd4(<o
z*H<J<f8)HW3`vFBvCF>@W87U>gzz3j^G;!dJn06#T^WFenCqq<TxaLCTSQaUVcsb(
z%NwR(d5m@od55a&(*C_?x>}dB?1q`0ceewUNhRO+9AnJAI`@b4wQ_a(YUmDXqcvAQ
zf!%j*wi0x$jVufH9V!l%L=E?bEkq&aiJ~Y(^zZ}~Vm*&vpa)u-&StsS6sbg+2b;|(
z6&K6)v7(jkhg6Ky=CADbJjn@;ls+hur@5%BnBb?o-=ln4E}GFfbBn1K;)bd?+N!tf
ztVZbB{)&)Nlw55jy!ZzI1dk2a;!IFObnq?DqB}rF7nQ)cz$;0@{mWAKvG4D2Sh|=w
zw!$63kk;Xp4BqzfV+n#a7FRcq^dOfR>YYF4T965-S!96q-81_<8w+AVoK^*;br?6)
zAde%-Izu)Q9Px)DWB?Q22`=8IK&4V@{|j<0>JUU&pSgG1b9f#AH)Ai)Av;q*OecY>
z15<+6wPd~K1)c5?f|Hh$;c^yY*nC1>wh;v}O!v~omW*+$E?^Lf{DV7h#3owza94@E
ziRYnCY`eMNK{hRNW0|La`%G>H)p%J4qrlO`NuJ%Tpjv!|SUysD9hzYC2TFX-Dbcr<
zOGvmZLbtVXV#c3xzDdxLF8<{D_ur8x!FGt?*QJY|;kNI!b+efn7v`Td%u37JD)zpD
zQu53h3x076B(>|%_m`m0RPFS_6k)%fZ=t{%b=Swg4;0Fic1bDb*1HGBTtKPjCIHO^
zCgP|}dDGeH^}hU)D>RH@Hnxg<_;y)19~fx!!Y-XI25mg{;iqQgv7lj`xtgNkyZ3v|
zpj^bf9A4u(e~u=FtV*dD2ucQdj12+489?**4UB~2jehoTZV;m6J_YiZ3MS%Waj8MX
z21KGScWQ<vc<8dTHNhCMjAL}TK_qGl#=ZSid&MOb;0LXO64}pP=~kCYi5;jy-=052
zdI%3mHX-90uhrtX@F%*iYb@s7Yf1_<@#Hr6-R4H7#JrVpci*N0>ok-K{w}8*Lh}sy
z7M2*%FH0W7Gw<aO)VSI;{{=GT-+L-&V9k!ollOY#5cD0)^q`$2fn)*>-Sv|fMSOlJ
zK_}>RQT(=wmS_7SX={6iF+w?0m*&%&g5c9~#M=&T7ysgQ%8f~=3$wy{b_~S@jZTb~
z2!RrQ>JY+6ADMNk*txW<pBU%MXBnhwKiIfz?<)T$>5(RTD1@28s#N{>{@B)ybt8#!
z7Ub5+mnjju>)_zgFqPCL>EasM8UNRM_L;=DmeAyHb(oly=<5*=T}H|4L=e%c#HGJ!
z+Lr1^Itz8PyF4r-+pH2*WXVud^bfloYrmZ!HR=C^Mr^vO<~9H9nh!JGj~X)XZR^Z|
zG|!=eWwXkoYetnZ^+GAE(VX|HAC4f;cb3f3WWANz*Qc+p*K++qxLKUOOv}W5Mev2@
zWJb=9ag1vpW0}Eef{WZjSf^s&p%`P}SK%IYagpYq?eWkB<K*`fYCagu_-zqnf;8u<
z55Ks$2}Ehir5d*#q_GJBT#gFt3IWl_VSX#>K_T*x*8ldW5z)THqGm^GB2|EcQ$_;p
z!JU*lF6R1f+XpXE%%KMmOTil~^(=&Blo1zK4Qq;Z0OkP9E#PJ5yZX7z!y(c|ZP{lU
zqUs$Hf>nVuDDoDQ6-LKOI@NvTj(U3^^?ez4qt?~VYC3`$I5wlmRShS6<|Y+H*%041
zsjA}q1;}_7!jqax;lbuTbtj2}g$)VD$G+SgYfR(4(uz_L#0K>{gb?={Z~ce}X;D!L
z5LD+dF7x6q|0(4K3F`qKeRBoakEgusDZX7=m<1bduk7qf*BD+R!u4lFbA0>46r7%l
zCBIS@6<EqAzEKW_Dm8~YlKx6I5@~5jE;()nI))DW)~;w)vL{R~Z8V+l-w#7A-mEh5
zpAfi=-1n`wq~R@G_By4YTi-k)>GrZC67<EG9vw93p{|N7P`Ga`9zxS}!T8~BKnlUb
z(+tv?nAVBg;4P#c((~`uvS6GjmJre|M8bZk9b1aN>SiF`ix>4jz4b>Vl2c6F-rWFD
zd2+%h3(-ZLFAx_qiwKKe3Z<u$A@S>y%V=fwxi};|)VFu&h`|_?u1y*j#zX5j8ek~w
z6biSIr)#d;!m4jAexg}TqCm*;E6iX<f*iV%Y`My>z&lP9YY+T>Ek!of%~Y%gTPosW
zo!sYsdrfKi;nhHdZLXC>l!ScODLC8G*`c#A89&Z6tSdho?c5DAWh0tr6IexTs;(Cf
zLzlZU`+<!u($bL#`SJEexXpELTGGVqwV?0kJd3Jx_ju%e-GJh;OW6&319ugpNcLFY
zG~=rVQAk$xtL;pQ$n#{@MFBRP4NN;5AGfdbuo5bcw+F3uUNUa0=Ulw{m)b1<2bf$l
z5{m_gkp4aGu(opz%t6HW@udT|PlP|5TGLl*W^r~INkT%E?I24pg0n1xlbghdSJRjm
zkZ8khzu>2i<sM$qbzHeQ-q;9ATY0B3@kf=@Nb<no3aocm6E)C9>D8jZ6TG=jeXVMY
z%HYeeRD9~c5od98s2vvYk6v(B?5qpqHps9?z$^Na^t&iN)>L>C-}8W>x8F=kZ($${
zfDb@6`}osIJ9MDRE!u<&3bsqi?C{zRGVErMu<o|GX_bAHB%>K7@>o~WH-@--ks4n7
zT0ceerY6?N5a+-&SO}<}TH^Vb)I)BbpX8Z8Dj_@fn00HRm@QN>pzE7=WSgGNOVZY<
z`X#Puuqe9+LlLBG+x7JpBl7hO=V96{pWXNi3<NLpo`XwNT&bY-0bSOD0tN+nPSJ_l
z*!;q9NFkoZR29~&`}^t5pUwvZmOBi6ELuVWf0Z6w)%}!U__IY3!FHu+LYk%J1=i~%
zJHqf&_XpgF7*qBif}C^FD|i5b-eZxReL&iM&EX2iG^t~&C732<re*A0k#hotn*x=}
z9x)i&2PoRz*4Ve#w~*ph-5r?<)|>(B=!z50B(SfNL+J2ITm=4W_)a)yPK}rfxJ%Xd
z&pP57DFYsK!t)#fN!Nxn3uO0zopi`HosM+PE@d~U>RW%@c7FHI$Y6EBmR{m;EK@uw
za8(byoAq-Ti<Wn61`wv{@Um(XU=)9J?=>OYwi!>WZjtz|-_Qm{N3M5dc;8Zn@<20_
z(h78}`nfRb)Dlcop1XPcEE&b3>qtEzCir<?CNe3ZA(w0-0b?OWiW5tvaIVF`d|ZZz
zD(HcPSUt$>fcfSQktgKkcNPqDD?yMtPB~5cnB`6{Z$p#f+H9%Q%-{2h$~{7>oX<+T
zA-0$2y!#i3$Z87FaNbsVIfxD<hT<|YG0SfDF?wU$j)X*V)U^#R*)7af^%l}2E7;Jn
ziX&eJB;pB8(~q|f2xyY#5Z-{Y^Fc-jzeTf@2<<Zn8t{e`>qq#(E|mmu`HyT|Fn1U?
zNhdE7`(5Fw5X+xGshXYiFNpn`CvPW&A&*%Ft}+pQWHQRIap4h+cg}<(=q1W4uHY)6
zhf0bD&1+_)ABL1354gFTkJaw68EE;XV$hibmU$L)NoeQURF)n{In1~p{JNH`g;|15
z59Kh>h+_b}<-$sdPOyAm!uF<-Xk5;%CH*CIe5$ORYcbVRN$<sJYo@|$B{)Q?^nC+3
zN6BdO1Yz~(VqTk@M#xEC3dvy+f|wzKAi-D>UPgN}c}BWbm#39^GMi9Yg~*?0W_BNC
z2h_R-l@y}XWS_?D5^U;k0;)aB{JJ(&V9wG5O3uFnw2F~FO0M9C!eH!djqr?CE;x2c
z>6v7AisO@OAgIzSoiGjaJBABJiL`Vm9-Rz{9l;QgAz^wz@vujKu$HTJhIVUud$)3X
zlpaH3;Nq+kth`p?W{dAyu8vYl@NPy>9lnir&1|lgH)GiWn*tY#kP>5Zzmj|2qPVV_
z!HVn?$@paVjO1sGHIP*{g;oTGy%)u_R?edIZfpAPc6X_DnaSDQH8g!5W{Q!1gH?B-
z=73h_tiF-=lqY|Fih#HK(_-)M6(DciA1y$fH(dYymwc&?Ep0?q^dt|*<$SATP^`SS
z8Q3JY6la|LVP=@1v7*aZ5ty|>uYqAKYuVjhsSZ+~@%xr?Il?w>-af-y6T+1{%ZG0N
zlUBZ;*qjk;3_;Lyu8aH%waq_7-($oBLt<BZd814^Qr!0aXzS10uSm5-n`NI3!`B|P
zZ|3vT&3(=>HkNxIDRj}2f$rsFFK)BY69Z|(cm-S9ET177p|7;8L*e5E<i`B`o8Gce
zd8;IeIq>r*hsSxQ+W1Hjpf!0S{yeoAXf=FCye(;P_js0?qFOe72Mt3|%BV7lubYZl
zH@X)>v!`r)RB0_OL%zJu!2o?L0+l=9pQ4&?hSlc70r*Z_TX!<ox$1#<{RT@)<>`77
zyAYLIPzmmky9+<X-d8JbUEr!VgEc|UG2Y*u3e~<tZ&vNrHQJSi(M?U+IhD#P$4Gzg
zyn=m?YLIxjXC1*7u4HD9g%STz#|UZ6XiwO!ZV<G0Q~8R<J11241Rxp{7JM|$+shHg
zEO=Fmr$@}M9~VY)x}kJS_#(DVTB#DrngHtaYg#;EZ2wB;+Y>hiIOjW*^#!8|Se?GX
zc90yi*2LQ&%U|09d_aKC<VMAALQgJ4w@t-j(%x;_)NO98`&?_(22WI5#z&#D>s)M*
zr1Ipnxj%A+&B0Q4mItv^B)?Cyu<YkF8air!HdqY#76(95qfx&uVB+jP7B9IMJwqz9
zj>24qJ_}oDi6#G%Ow0PxlEHZEE0J3oU0n~i=&lCUsgE{9dYdijPdG*+a3pq9rcj-8
zui~_&Pda!xeNqoZqa%8FeIcsYhCgMK%|=Vv-nYDg1P4QaRzDjqN`mgH9O82)L9Nwq
z%Z-`v?niU7nF>&_CkWz@!G#CC%>238gfyB%D!Hm#Z<T7k$+xT$x^>PSu4uGDRa2aD
zO~^z0XX1k~d|KAS(@Nvc?=-ioG9Ut<*r~rGv{c|r_k!`!nccR8iJ*$G2#Va~s_1p@
zECMoKR@)Q83wX?9epYU`7TT3&-(*1ZKxp_dNd$Y5if9)aOH_2khX~)i%&hJEo)fhZ
z(%7Gg)rIjQQk-aT1vh&o&*cjX9kuu^>RrE$pmK|Yh0U4o9fw2f!7+_0$;e(lck$|_
z$Ul$8H5M{<mmXCh5k*oqn~3!>AsU66tb{GVkRf^aJ0pWR&05ZZTAJa5qWT72%N5j9
z1CGXGrzvVSgyLKh<p{{};{`T$C6<w}3+RLZ99-&F?*s)@iF!o@hq<cRcv$#r2M#xy
zB-C^WN=b8Qc}!pL*=2lFuKQ=IIb&^>65bypXVL=F5F<Q8m_sKW7F%iCH@mO!SXhhp
zjBNg6C#0m}5v(wN??kO%bUMbELp@DNp~X5f2bJ~O`axE5A{xdufyNq4VzHx1_VHXc
zYCg}~zCcWhCu3$mBQ#4W9?s42S}=_DdRDt&@F9h&><t^}1=(xa$fn;HciQ}>))x0m
zUV7*PON~8|Ja5V|4=_2&;~!LpeKS%&<tkn|$SZlcn33$;eT$O_4kzPhgbL&5VZ9}F
zej1I3#1XzXSw~bak>t)-8Rk+Lu@;_7Zx4yu!3TR@EO+4H_MejKmKGBb3*-n9-0H}j
zf2kyfw2zNMZAqcBF4FB3B&~Aes&;Q&|7@OhFwV{6==<^_N|)=|gwIp~+cg<$@nWWS
zM`~Y&|I9=$ZVTo#uDS}u6d&cc57)p8YJ7?+H+gDzOnA%*a8JTbq=m~Lqe}luG5iDb
zWB1SfuYQ3_EZ7@AuhlpywN3BHjEoxJV7fbGRKgD?DQ;bH&9zT9k1fSXooh`;;5dGH
zN6l*v@?QM@J9A?~7Bq+;;!zW2x+xwS7Msr&f5_q4=ts2p+P3TrA5~<asvmxh&npGB
z!yA=^Vs5$W(OJ`5Ju4T%v&>;ScOF~7K=eu^jRqMKkkJam45po6@XHc!z`=x4M?|7r
z^QeSiMJ2Wrrl?NzteVlJUT4WWa?eB0b>WjTabGZ&<p#!!ydSMho(T=dK?PC0fOr&&
zH+^q*qZEDLEalFR$p1GFozMHCEzQ1_r;XF|)q~7+nT3KeXRykLty#2$4xgfURz#S@
z`y31m7r{W&0z=Nl9p`DsE%E>&G!H2?uy8&VuMT@kG-a%Ji%0kgyYnP}Ko&ABE&J;7
z`{-xY_l;TWB$@k6Bf>zV5jU+Tt09SR6UY2;NWwksT(b;#6_%~22YvQsyv`F3LbW6A
z9E+Qk`3c4{{ol?fdb1UgNcRz81e2U&&SV{F>C8&E$rTs|rXWzuE0SCXmuz9D+B)UC
zudv#9U`&llGGc3Uu~^{?G<QX3Tk^)$5tAlY>%RY~E9xMbnDD$ml=|)Jaf0_8ciUWb
zOMYo{CGyntE&6S$qtCnAc_Zs~V@;3^vqxvOK1xf?7*5|MClFbi_pqb@a}zNB+hwIi
z6I_mUn*Ce2zOdNVB7+c>qoT~w(>b1=gh7{I=f$QGmaEvk&jAwaJ=CQC($j{`9nAil
zDLp?rVd=y#wd0^)+xgPLW`gWdpMWanFl$L?>v#}?dvIP&P=f=Q?U!-b?<e>DtvP>q
zPNw&M-iSA=v-Mhiiu_q66@iafGyMJRRQql1WA~;F-oTP0f53;z{o5ZXg^!z_913qj
zoMzf4pB_(JiI;-CR=BPv3LHm+x{O;Vi!{?V#={}0d&n8%r<*pU;<wywV(hnta<16Z
zJkJrH8ZA2x2q=E2AI9SBGjw7PT8k#4O8ACRZI6)q9+!nx-ko1)t!v|*omCXQ)x*W+
zI_qK{c&%JRx3)r%pzh~<?+SQ5V`j0>*2YUbefk|PTHH=G&363m5Hbn8Fn6#T_%zYw
zJLyJyPz~m>#RYsQ5PGAJJvR2Jio(~V>>ORI*NZ%>X(!3e6-LR^?%9;o(X2&+2uyaJ
z`Q!blV|8g<4ZxSaZ4|$R$Al*d{R0korNbl=kFJ}@?=jQIw+AaTn8@Niqz+{#fhGL(
z#}-dve0*B8!ZkEJ`o$1TWm!t}^Ru}IX57QsNzI+Gqxk70OXLlh5lNk)oMz8d_<`qN
zi{nYvxxUMNb{$Ct<S2f+3R?v+_@0cOIP%8CDaeQB?YGX>MqE0(G8J-9Xl!TMm5*2m
zzK^uaRFKHo(DRk#Yvr?P%A`lNtFl;2M6Q`dg_OmO*M&vsx?<5Crk`%UNo>pYFZrbt
zv?_E3cyfIj!)++TvD9-#(|D8z7&3Zn@F5ua8-qS?!tHyzDakKop#yK6wbN&bWEiNt
zImn|o$0OHdVEzvIeEX$V@?Uo+*$l8~u#o($3F}&&&F)*-M`V&CUH(?*+ws>ge|m7M
z>%R(m`CNF;?+nafDM`n~1aP(o9q39HF3CA&O?Rg<;%dHv!h2B+rk}r~Fkx?s?JuQ-
z)UFUyn1SIPn)3;tGB3OT#&FH#M1{n#<^0T&kuAdXw+_4TW`uW3ByifMvx^T}W=6Jf
zs&-iSOQQF<^9?uqbv;SGaHX_^om@F<2Tm-w@;XOZ%IWx~=Z79WMimC%14dUk9)Y6X
z)D>g8S=k&(55zbeKv+AHFx)61bCpebkAZ+jh6~<n9j(J6!{@wzj`C$4t-jYLX*lTM
zy+WU_ES+>K&o>qJCKj3>SYLyd^b}SFSB>o6yFw_V#(aa|efxSn#z2l%bLF-ub*8%j
zIQ+mq!1a0uR#LyITUuH_u~94^QPEk2dLG{<zp8Qa-PA-qM8YwMjK>IgPSy;@;&s{)
z8H2CoZ6^c(zTfBg*8V|eGmy;^is_<YAj6#rGDhqEAidU*tuGh$<71d~cIJebrGg1B
z8ny9Dve@t57&A_wZZ_b>vK|Nkc=HmY<@5ImUJvvWFrWF8ywV3fvigw(pYY~d2&>bH
zf5r)HJR*}vQb4KO^2<jACaZEQ!l@>bTf)mV49J0`X8#TgOO21vlTXM{v1{Oo?!a=o
zf#9(_<n)6PNHcHIx#MtV!_wb|OUAk%FQPf1iH@+IOsa&FSxQFIvXLzih8K_2&aaxM
znFln4HmSO?kK;8+*jpKSzM@}>c#~`~X0qQQptUY<{b=bij;F||nv@?a7&)a`jCFic
z=E2}=+}l3j^J_8^wxPw)HRvn5J)?Zd6%3qE>*>%sqw0AFU`K{7^L(%0BMGoT^>s-C
z{bB3?(S-Ez8$nrrZl33JD{Z*M7ZF~$M-&@oQU|zO>Ie+vF=)voqNXS0p`Vx`;$QOu
zC^wR!gD2&+%3_mtlv|S2`v^3+fIYu!M=8{JQm24bTyKEZcR>#(_3~5stD!NARkcBD
zmHc6yBe63@<D$fJA6z6=)8ZUyhB_$?$JIHH+xkQKUJ>iufqMFLvB+k+;P;*_jkWl%
zurMjjSaPA^?`)>N>--SrX#~wa)KfG!9L=lvm^3zRrs=d{e8ayrx*yxqeR8+=U$6?d
zi+V9@R+XCc)9=N`NivBZ`|shs%!<m!X(vjVyqX*FXM-Dgll?mw;k!n7&Jorr!78Uu
zTm5aKiWnO;0<jX~(|C}QSCGDiO}0L;L=LUS4@wKoGo6_b*d(7`?pBtk*or|c!6;(!
zEwy0TCE&2;uLue*t2Le8+Hj$>jv3M}%{dn<tiy&xb#<JG?bFuJTm}RMgY+B;Q)VD)
z1z`o^!T|bVpJ|^c+zhJjcfp|z4F}(v$+B&fA*;x+Hv2ko(gtm}esh*z&N04x>Fsj$
zSc%=R!f}~5=1ga!xSV#v&~z<p5zR{M-O9?tq*Jl}=6jK+ZOu}lHm2qZ+;jbza&him
z!(h@|%?GvJ+20weuJ5zdR5U#1gXeKf+F4Mp6GQ5OG~_zzcHB9J4h0su^QRBg|L0Bh
zY9j$BWDY;!+LJL%0+9FC{bIfvMb}+1fL!&#$`U~fK^eJ#T6wlwoQR78hP{dU6#tR^
z6^-+z22H9)1T;poRSKiQIo|o=^=MIjlhmL<pGsCZOoyednhDfFz0{{Gu9uh1#Vn^F
zo6)Yp@L(rVv4^XMqA*Y?XfflgcMbP5_Uv+td9eu0kZbHYM5}`J{3<2|-ds;>+F})h
zb@|TFs^2mQH3Cm~BK8<td{J^MWJl-x&)t0O^h}I7bVRyI0V2!z)5H*t463x~Xjy0=
z$QzwUs+*Mc*W3>h1OiiP%W7jOx+tOz5q0w0ePV1KeV)0<Ynw^JUKEzpR=HB&qVeK3
z5;b4AI^jZ{hyf7-{rm$Sbfe4rN#2!Tx!)*hKxY;z^vK=z=m~bGA1m#+I0dH!=;RFA
z78wN$^rCg?C;X0H;+`n5)z}#=88;D2?hiE1H>rR^UXQ##gZfu$87RI@uku2~_g%rm
zQ__s%xD50j_v!qEe5<gx7oG1V&O}45dL?q~jrV!#N&}pM{EpJ$tkZeL^HfY+`_}j{
zNm@~Kzb95AK!9UoSur}}sST=c7;*)!JN2PH+)1U1i$w=%SFt-hQI3rG)?PM^2)7cv
z6`Pj6@X+w8<Msap+XW>0M^y=IUs1RcyglfMz8aRQzu@2`I<*8nfmH-h&*W)?B>Ngl
zKu9mfXbEbQ1p@;E@iA+J{)EpPH4No_S88VaOd8r-A`K|C2D9>bpNWkf(k<!uwDn21
zuJoi>lXIrqR?08d8CizI<46QDbO2@DX~vZTweKqvUcM2~yP&QNAGDl(z+)_`l8H0z
zDa6hsZj*MMZLP7P!!2k!=?d#Q`xTop8vCSR8tRa6MBka?EN>Oy28G;^3G)4{^);mV
z8ir!dys(2g(9}Rhf(3WWe_vLFbjBBu4DU09qGkdevlf%(!^zJHv3!Lm#)JzXHcH;+
zjtjCP<h4344{-{swyviRE#@<$(-QX8Td{?{$G%b`tC!jDMn;am(o@)V-J6W^tUBx4
zA7N|DvG4}|eAX%E#iAfrzxX!ryzuER&_0`5AEN}^*|%%vsmF{vCLqp?7ky4+U|k?1
zOUDjskThpZNJA?|XGQm$7EJOmHDde&i0CdZ0eV_8{QG5GBmnoY|FTtKYiA6M|38h8
z98LWYn$869%>;a84fcGR>Tg_UOcNn5NK(QRnU#+gFJ)6slV(i@gzMVU-EZ3DSS6?F
zm>gLKWvLN<+C_98OrV%DRg?GVv|d8P*83+Ouxu!LwZY6HM>#$JxG`OH9)WcyV?DYp
znN3g7>Z8}5)TQ=DxT=EB8&3Ym_i`K0A~U69zPg2rTAeLAneak58bw?vdI}fAypc^P
zLmijPDs5XJiq$X-jzdA#L&d3feM{gsaoJlRPyQ0c-d}TQhbCq~2^Rt^`pga*<;?cO
zpiaU|2&*y|h-#1zIblJD>n2%!m5DzSiWDui8KFi=g_zrEekC&a-}7dZn~x0eU$1YF
zY76%5O5HnpZ4SR|V&m!D6e!zbb-ZS=L>oo7NS!+BF~2cZKrzd-ZWPWv81jo$S%ZsW
z!6x@p55K;9ZpYNa2^Xt@K}LL#U%Q+}NV3zAljBA{rv-h&&bxsvqsHcYB-8U>YDy6h
z3h`mS6rnV7Zv?IZ?hO$fyBtptox(Ix0&q4W{eUsfvZ}vj53WCYAX?4q%8lL&e2n`3
zp$*pDMdLIX1b^*7o&gJF$uP}s40GX$E4%^f1`j=sspki<5};lo%P`)tyiLhN1Y<f0
zX_N}l+G)4+ayKNPGioHATyJs81z!tc8LrcoeIR<K6}!+Af(2He<P{}|_NGO)PrB?-
zO4&1$2d1Ggw8o$fupRhq+D76RV3~z<qrFUk>U@oKXVurJ+mIBIK@MpgKFSjn;%>dI
zw-$32Wu8f~#8FR5pz_a{th9bU_`4eSFj`^Ag0_4{2a-x6U;q?{J5U4EkyH{P;bRU5
zwmE@3V8jq*Wrj$r9wajI&sl;n9j$<LS+W9z<%cv_=7NCcwK_5^MHtwv32i_|t~1Qk
z78{4M3nx_+X3o3}jyqW^8PtmS<;XEWA(&%lxdJlRCjIHscvZtEY*KYfXCmr4PRj_K
z49LtFPU4!k8iyoTfx#CCi9^O!Vcf5c;rUT_Ej*N6k9pD*dWWsoi;8OUek4Eonbo_;
zDeB=;h}*S)t1yhBQOYgoq>84ww?_(ijbiFxOPqtZ=8<Q4EdcffGR7pJS{Obr6gdAZ
zn9po!niU<YXCZNf_`*GxiMhe+5<NSy6BR==vzg6+$#+3!9RQZu7WQsqd3?{v`~o2*
zt{;HNu2uiyi}VR(PL@-zwn7)$qZb`=&}fC6Mg+UmF&TV@*Jb#-T^KWdnupbHZ*Oh>
zHB}YazO*GRXU7<}eql~exN=s~>|=LI3QV~J-_cYPuf4u&k~^J#@qD+=N^fwe(1r0$
z<~WfOF3tykC0PyO#$J2`!Lp~FM1@g34Gb*?uopY+(ha$Rv2aDeQ3M2Z=f{ppYss^2
zA_wDov7M#yIxquSL@9y)(-1Xo8-qu*h7vJjoP&?x0_*X@)QTS&$yQ$OTG0%6l>@M4
z?^=!EUvZ|XcEOYiWo~41baG{3Z3<;>WN%_>3NbY|Fd#4>Z(?c+JUj|7RC#b^ATLj1
zYEyJ=3NKC|F)%O+FGgu{b95j%I5-L~Ol59obZ8(nF*h(EARr(hAPO%=X>4?5av(28
zY+-a|L}g=dWMv9IJ_>Vma%Ev{3V7P>TiJ3ON3wnASM=jdIE1c!iEvDWHhMe~C7G19
zh8`fQMdFGiBmlJK`}Ox^Wi`6G(ZCoa?WY?e3yE5CIhmDN)oe-YL?tR|ovftRM5szR
zLxiq$^hB7-sz^kr9EL&I$_rlwEDDn5dJt)fS5+|n0EDiBC4Szdc_3UBJc;t5lFHDs
zfUiyjqGY9nNPUn`l0ZQLnKTHd(pC_+V4;)=5D;8tOmx&2D&vwGQB)>q5*Afug&{7H
zw1>i=TxE?<eW8M0hJ=gCDQ$^Tm9sWcrgBl}15mE=(l}Pq>i`R#6qR>LQ*X(7!ox=x
zYm<>cB|ta~1OO5I0{WwXEm0}_VtKHlidwq^2aTcu&d$avItfCe$5W5ARgCBf0&Imy
zlc2g#X%?Um8ht?#WhGE2c!YBiqkv2V84o-uBBFvwGL{xY6__I>>4Nn{&^mmTQY%<5
zJdGPo9rRsV4XdRm(h(F&h4dZEbXpdifIA$`ip~>4&{zqTz#=3hF-tltWys^?E2W~X
z9D+y!ewZW@W-y<e0}6g3*Fgsh2g0#ZIV}#z?NWIdL4g7aEeBMv$*G{C#tMow70Kle
zE3`lyQD{pI?^l+f)C!?b+!6OM#KJ3}VmPp5rZ(VZ$-7VwTr{n48eBB3a1mTIt)LBn
z03!;}S%O4I3w{zSi~w4e>@@;5Sa@F=8RdZ`Hy8!WEm>|fBHobY#(=9K%MslQ6s@pP
zBd}=&LKGCO@USpNGa?@I$Z|{u7qT3z%)yU89@H=Y_}WzU{j00_>YzTk{<uotpU$qn
z9Mliyi%-qsJ?($-q5gOMbN%qWOkWP_<K}c#z1K!g40f{DZXzvhLOn6C6?<m_L@@7u
z_2Z9KeNxpw&0o%|`cd_duhX+;BI7@+fBowKKetx`R!uAd%PTp-RtH`a!0WZ12&;Ff
z;O|fc8zGaDUYtaH8c(>eN+SMkICy}M{f$qGX6T|338WL^XNL~qE_IL-$^tI9iJ-t2
zdSWB%B*P9Mlqi*WRK1t9FGY1+)o<Ru!}>|UcO*NQ7OSi4i;EBK<iq*ZDlt98j-oV@
zRvjWiQrgU4bjqsvi%3bAzn~gWnx!w`SHD=yPfr?HQq?aW9ai<r=KHEjqTW+x=QXp{
zhlBUt`w2xG(mhe=0gV<ZVgj_^BVUF|1d(dU|Ns7-zd&8VDV|~zDH59!pWLI77j&k1
z<Tfqw*C8MfC<t7p#g2a-1wc@R6&n+ID5;Db=GUKNV#ihK{zdeKJVFIm?EIHXvU4zi
zDEjU3M>f}On|dToHv9!x8>g^z-xjAhsK~9CanPdTK@ig}YEsQwDBxT`ivkZ|oI=`#
zzcsB=C_#B9`IwThov6e?(-8opIC&BrX-?*xIAj`UOe)1JA<Il{w4&1@wK(Bo9qV3N
z!~M*!93{R+%84u}6%=W?9?y7iZy+5qHYg^F*LA$oxJKDQL_337iKc905;CccDE0J<
z!xzm~6!}a?9R@TGC&VSqF<9NUJf|Gh!K`T>y-k~Wrk16YEe;VA*Y+3<)O-wxydWtS
zf~8>ej`p%o@e+at%`=TmXrTwEU!P(GQ9~zQ<pD8IV%E$ei$O@>sIST8Sq#riEzY~5
zTbx=K)c{?lxxYk?N13%1R6a^tTSM_t%*oiKeq=SY+`}HrYm50jCwtGPI7)Om$|f<L
z+ElWVoT9}=2PkvPTb>h2o9%Kg6%_4^aJeGrgidOCb(wF=ex^BhW}b;Zw>+medZ*c&
z`Ebip%GP+b*3FxgnM9zBf;5dQ811qkV6C$hXCAx4=6TxDKG*B2;1uncC@E)VPTZf?
zX9?O)V#Y5?;CZRd5nFaqjxJ$fntDsPcr3dy<?oVa_my*cZdDyP?4~jtvb)n9O@}_Z
zcBkY(jw?sW7^b*QvMEtnPVEekr1_E3vP-Gh5J&7p1d5|FAn3+MsX+TYiatvIX=SG2
zFqJkFIVG<7a2r!9DSL3so6y4qO;%Z#lDJMmoZOsvmZQws0G-gIaml1$E#~m5+#gyQ
z-bwNRuPixYhQ_^3yR^kYb^UAysC1-}6uKd%0&(+}`EW}*nO;jpMz=j$=fbDb108RY
zw{Q}7Ivsi(l~tZacR!VGUx_QlB1KO0d7L@Y+RR%~@LR))c|9w&QY2u@E?oP`Sp@`4
zb3d~zN13s~u97_(cYX@0Voru5^;_vu&{Gd(%FwPY=JOnly-O{fI+!j;$snduOP2!`
z(w3ms$CNQrOQ)1bPt+zV(>}JRmzMU1LZ9bopMoT{c}_VhJ=s`ryG_e{xMeA2YfN10
z=IPwzDFL{^o8A-6=Pll%pjDcuP1;g{@TS$Y@eSdP?Hkez=E<uwf01e((2K1Enup)$
zLzYj!Hc0YlVL#K{Un0e$%+V-aP%4r)%khju>ZbrVEhfo3d1W!5=d_-(Yq}g|wY_C<
zB+bqyYGxiYGc%5v?J;}I%+O|!nVFfHdCbfVV;VCvGc((_-*a|1?u|XW-}mQsbY!bk
zDy1qbRoS78N1{uUXDAl?8{i%GlqPSVRHl@Ts)2EgzJ0PIF?83cL=!*gL@QTkd2)<a
zTj!J$SivxgW;N!ZOQBB=OB5j^s9QwDF+MkRerDOd9r@63LLni)N!aaneHt1nDJdx9
z?;m-xQqRh_*BAKmbo#+xRqh!<7(b(|YIhRf`*C0qSkV@l_G16~ur+ah?j=sS6R>r?
z%r6xvSW|-4F!!czj)mwk{j1)RQJ*9X>6FVoc?L~(vJ}2O>#I;en|)5Tp^Pcx;5N5%
zcn6`P7}3d&=TdND*><@?pRk+HJsaU}&t=p)<^DG2FPuY#=G>6c=i7_dr>Sru_`t3}
z$j9sRk*nQkZDPwBUx|@3Q@ayZF<I<|Y+yDQ+eFw!3Byj!%I)}plk+AQ{g^j`r|13a
zXw8>Yh|OJEu<m`WZvKr5x1F8(`bB-@;a#ux&nx5k!T~B|z4!Zp(Vd%kq4Kp|rhGbU
zHV>g{`waGAL&m{w!(XX}1svm#>lD%rmrKZJk`F&W3Iu+aK3IJGwmqGCIMU>=U^=bv
z(DSY8>Ce4Wcqq_YsJIiKo9|iho&Q>+KLjT~7x=;F^>)5-Ru}|<1gaeuw+t^NGMi|}
zv;2Y-o)ah@8qf+0fs6(ddp7V|df#{_^?@G8SCI>zVhnOu|JmfD+EcwXZ+GVEcVhf;
z^SWE030gDvGV~62ad5zHm`aWkaL-mTH)ZE{U+~G-qc?B<;O_l7ymWU62lA!x0ZFV6
zc382Zstl}S<ztOGzJk*yAPJq9%a}n2$5W!z4EVUI`gGyf=g1Y%s|;sv_~=iZYdMJO
z^@C1*sDDAMPi?q*xHW3$(|>b%c<b!0uBj0a4xD=l$a?qu$j0YCJneG0x=ZbOzrBa-
z(6VuDnh>^|em@Y__jspvZ$<oU0#97i%AI(v)_N=5z@@15{vp{irbqKRag#|^v&ro9
z$9iB2dYj6af`cD{_3&!o3Kr$uWsEY$Q~1S(DlPCCzi$zkCi!p0u!4{KC!b+O5Z78Q
zMv%?6pp(Q~>YqbV;$`%>Y;!M63Uu(qr*h$8rr4a%BsoqJYnByv*7Q$Wyq|%UFII9s
zK}DV_DtVeQaqbZz7<^ye2Df@chkbLyU+&InvWqE5;CqyGK>5mZdf8^*RTIxdf_oUx
zqgEeoW~-V(kK6r=fu$#3H_ncCw=TX6ef}=j^(<Yxx|kSX1PRi7o!Hbcv%c77@pYDS
zuVvY6Y@o`4tEP0$!y~+_Cri&;E0^GRFJnomT)BDpu93uks#((|)CBn2sr}uBhsRH@
zEd{2MR2z9gZGGAZC0UyAOYE%FN4i0Mrs`B1jzds+!&El4Q$}gVjdM=Yy_<!T_ixg?
z_?&O=ZT@<t6ZIZ7&dsf}&9%j|`F`!wF7wSzbP3K;RuXiX6My1LV9Dw!S5!48gs37D
zFSr{;Ho#^@5{b>JOiPJ{xWHkcUs*%!?+8MEVwmC(e5ZQ^gIH?=X^#*f*j=5oEtkIk
zGv3ZRQ}?vS^W@~CDM_Kr6EX6BU5Zb(5tFD@?8U=AIjebdS2<h4yN#j8ZZvP0%;M=D
z9yy+t+e%OMwLXpW&>`sW`s;Ng;4v3mb@(<)#%>?@zb15oU90n0DEo&Ya>+PlmwN5Z
zabc?S%K_`E-@}e|ozBnt3j7lO>}LIW;SY~T3+L|rmTif-XU3O6Ds<qgiZFzy9ahSe
z?bg-vyyF;z_+m+|kG1PeqkF;RZNIXGV#^s+q2z(=+0gSmVf7LMWn1PC7YwB|DiYj#
zsV_<2gWcMqmZ`pvSjB0i)Sjb8!7RKHu9n%-=C5{d`G;9$!=>_XHlWE}a&=nzVo%tU
zO3P-Gk+X3%%-RED!9x7=yb;Z{VBrwbK(rzn;MyIUOx-m54+F<rv|<85r=-_Fx_CXC
zy6GW^e_qaZuyc`r(Bs8jjQj0rA9^E_QCA`rIa4cIM^aCADuW{C?ar#54}beDpc*bg
zU!eb$szHHz{6fY_{<gyXzT5J3Uq{a!<C(3?#piuTLWEC!XsktcWt;Yz9}bIPD3^9q
z=LhpUoFVi3qd{$Yn{lMb$X*t^EhYIa0pYMlqTotGnFe6~rK1Z{XU5D-^X~Z0d?fds
zIrEdY!j@4SZl(Sw<u@&}{xaG9RCeK@F0tR;)JJT1F?t?bT^O6VWJ4LP(bO~z)ahjE
z(l%^{_1X1J(wk$nCt82HlX0|24@oFk6Qm=w!<5QR3mZ=F%>=$xVMg3xbn*G({p1Pd
z?9$GKO^h#k0-zac?WD|XQb^lkCF|2{HfcSvFMP}&IC74zkaciHxV%;Fz4h3BV`zzx
z`WhgWoL}8y*tdx~SrokgqW#2s^qJtX8|7dPG@YtZ$7<bYa5OEuB?*EPT@VP=;%(IB
z9++s?!rFOTcs-w8S#qJz*iy83ZHepDaUB=8<NlD0wsqES_o!GqI@IVAh_lno=5Uv=
zb8eCB0cBddQQ~zE4_LzN+Rsq;l*2z-Ae3QcV(X{-(&fEj<#qo}$i(tT#<kO>U}Mqe
zFuCdc?v~)uhw5?j-Ywejiue2j^W43ONOa8=&;hzCpPbQpi@ipZGN6-e=);5%)H;bc
z83jK|8v}a9v#m???4oUg(RA{A*)mH-$2eY91)QY$E{wo!@ZP@G_?H<kkw%lF^AwrO
zUos#Yw!<x5?>+X^lxI5{=O|e{7SxVsdxChk=>(L>qc@ZAdSwLDjSZ!Mce@D>tDiQb
zZhMK~TI(VLaRz++cTRuRXJzeAUNUjl&!6C5_YTdf#=QE@gg?!WPIG+k(|lEqh$vic
z61t+;%Tv$Si8sF2bb9<ntal8=AM}OyS`@qYOXc5gTE?NN2iFVwMN(OSzXn$T?xSe+
z7H{-wY8t1k^`W_gna&VDyI{^+Hbt58$ztq0?ewsMaN2O9YQn1)FQ*<qkw;pC__yAZ
z&_Z<-Dk59E&#8D7LE4!}oJ}oDPCZL*`6S+_;EZ44<X!=;CVr*BUVUI9F9dJxZbYMs
zU3Y;qu$*5<_jNc*)n-oBhOKN>RL^v1xj_9WL>Q6i+JV2+3EA}v`G<jX<9~=<aI$dx
z_hJ{{xj6q<?1JU{clQ5o?7~}fyqsbfbv?J{m<XlZYraqz0XtCr5B46>v=Js4Ngu%E
z{UwIyV`S1PM+>2Jsw+7?9#s>=+p4jt%6ir9%w~><vph;+BMm**^jmqR<yw)e*RCt?
z=jbx+V%hN`#Ln}Qj3*6O5l$wnUExLM?6M1q*Qo@gRMMD)N^Jo<pHmR#Y8bCg{Zq6U
z1ake%UwUI`+zox!Q;FzWGlO4vABZ6y1G_OpqK|TlF)rkZYFv!LH$rZJ5oO+XcfpZA
z2vG%Zf0UjnB8Fz6eFBEc0qV7_yK6!HRe2D`zo^hn=`RVIup@_cfT{M7l!9uj(UYj3
zIcD6Xe!F4+_|C$z$c&5r(?mS5;F-Tr_;=7fK=Cw9(;VDUE?17$L@1E87qd`!rL7Yi
zaZDf%1(9?DMDK^FLDWp%Y|Icq(Og&}kQRdiL>*&vn$anFg$q+b4F{1{!<z+nUZ71l
zkcU{HP<R8jY1)7xFJ{Jo0bG1WD7!M?yo$9fGq?gJXeexcl-5vpp}PlgjE`LgEn!*V
zT;8%UO6yF2sqBa#pRLT6xTsrtXleziQO3!K;ErsbIr?LGQDZIADTWvm4W*IWja;LW
zw;UdGDP|~Y2=M~N_?INspvJm?3`k2fHvmw7fziaAoo4E7XwV{`7c^~<t6R_`@F3*r
zEswO@K?-{9G^A3{qL(k3+u?V(TlJKVC3xD^>GOK>u-D`J@_D8{y-|1e`S5zf<Tk%|
zlPl=^_PX};w8`5IByykrc=^5!FMaL0E;HY)r7|(5YE;*cK>}iRuA+$?4V9{Onhx3~
z0h0w4;tjEjhjCfozaGb11iSHSd%pO3qS@|idcML(h&<>;Tu}+!<H2`fmnADuYjU35
zFZqZQ$gJ3rTlqls|7Q7dr?7jo9}mP};J_NNh!-&wW(#DTkd?$<v#Prvj{QnU;Jei^
zccKK(M8H4%BK;KVKM%u_?0l7)(HIOnO2FbKc4)>J2`g<*OR~^W*!?Kdc}DKVVk4pq
zmL-CFMK47*JpxH5HQk?q78^sSDftmUZR@+pxQ|O-3RBf0vQrUu?y0x$r-3GJ;DM>@
zC_V`l8t6tMK%7zxRbPQYq7G3*JhhjU`&OlUPe5^HyGdcCodc*(?btu=u4xvevY8J`
zJ_BUT)JK&-Z@)Ms@3VTpc8@J|j3@7$mZ;T?>+CxGOc@tDNjl;wP|zV+eYT0$_aL=c
z2zLYZjC4bF3D*#fH)CZVjl@UMmhfWRt)R-uW#iJ9&V^y>h3;==qUy*X=71@P3897U
zw?tFX60i7HWEP<EP3(<T-MNib$Fj3xzbytZ;ikT)+us|>yFYYg=RBAz=W|VhN~UM2
zw;z-?(T#m05;;ShTHdDo8sfX%752hRZFFlN7n;qNb>Yb=tZ{n`PHG-d3o9aw;t&vr
z6_icfxe03$pg0kkg~BF00+Am~e9lL6spAlEt%brWER9n1U09m(2a9k)0~XbfQ3#gt
zLxYuby+F680CcJ!nsEJx=lEItwHj!`%k-H~$;6w05!n98Iy)nQoi50o?Pb240Q<uz
z>zIkYx)pbJbHa(k8GOE1+iUA3SO;Nl-2FPt!M~Y-?w*+34OW~Thuvs{1XnGyRGXUw
zn@z-KH~9296=cPx0coy|*O%BA`=eP|6QkTbZBwfM3_I)a;r6m?H5-p|AAY8lN<I&c
zi=>zHU}!2_w0P9B!GZ9`-_DhP)V~Rn468l`I`j!%>kWEgqqBJ-g-o6Qh~FOy2CDlG
z#0lP-bWa|h;d^f!?H<7|K<ku<*q`$*;bi|d_{Vg+T?O*X;$0{g6e2y^-Mq9qN9M;o
z+ef9o!)1K@HN>$_T(4U_{>`H;e=Zgxs3D!4!11ZG322&ht9ouu=;4?ddBU-MmaoJ9
zah)mcOnmjWD;NM#q|P1VQ###D(4%b|`;@apD!mr{s{Z6UX--1B;GvyCXc&2g;22=t
z^*g(k-ag_D7(USd?u?F|z9VK|Y+i4<*%{sD7aHE)6DxS@flRF3eGRY4#Z`|Vm-5|7
z3yhlH-q(*U<V+m3X8fLBWlfzcGS6V2E4pD_a%9t?7G*T<@G*Fcl4tx|hP%d5TQx-|
zTYd?52jzk=DD}yK!hp$wWBJciwUX$>y;;Qsm-Qi>->I6y`<t1D3|>hY3*~-Ew`@FR
zB3eor7Ny$w-JLyAQkHPWlyS)`LPi#nrb6eOJzn-3r(7$8W7`DrikX3NreLkNm?P(>
zwY9QAW)@al$85Jh0eF5pz5y%Fk2_MT!6-M@-QQk>2EI_gxez>X|4fXBzA%)?-<&$R
zwkKKdM~tFI@j&p}NS8#vIMrIDj;1?BjPmhlGy=VL<a~9VC#`9mEr;iP^gfd)7P4b9
zgUy`Nm=Hc^IPoyP*4lQ>F(Gy&NX>E8pz*@}*46bI+4WNYOVn|42j<1DJ@BPnYU=M|
zXETGmm#=*Mz)J3sw?fR@7pUsq_}G73%{l*jt2uB}g6)4T=N#PMIsUuLd6SNI&3@}I
zpDq2FSVHj4gJKPG&;g-1VxhQRn1oKqKcGY79w<|n`+qeDKA(QmO7Wv<CwZ7raWYp7
z$lO%K4wV=D;OLjzP~6aI<?gijW;eMWrNjlpwfBIyZPvH$2iMr8*$IlFB^rHW){ltj
zWxjprTqNHjgn?_<=b7LX=}%~<rFrT(x2i;9`6?;7O;uh$d8^!MAsNk{07HQ9C8_Xg
zW*wy?VPCM*9r7m><vCnPJdRZoCh(9d05f}!%GYr_J{Kmho|Iy9nj}^j+#Q1<+VEjQ
z)Px3NtuRr`^G>)9Go>-Y5!n@9ONLizB+NvK($Dmsb3Gt(mMr10w-8mEq+H0@uUkA=
zNg@b49{LeeSP``?UNw(O(usy<Ks%}*g|3YLmbjM>Y9<?cS{}x5P{O_F7yeHJMcnCk
z3oEeL!Fw$xTAl<L%S#FHfE}|DWu)!mq)$+$@<awe8n-JSm)0t)izF$4y=VsCgAnZZ
zSUk@=z!XlC0R6py>vn6?0hHD8rx}J+E7vT71^ZQ0(yZWS<SjiPHI@ZC>vy>nisBGN
zaxqk?*gh$mk8jDTlDG`GX5j8Qq+ytq#K0ozvw#`+pE-krBeU_#tP$wNGb3qH^=i`Y
z6yGNt0*fW1DrG=C5a^);J8-Jf$jG(1RzbdD@bL#2asu!Rf7We6tOAIzMT=&fgv1NQ
zaib;73{6BsKB;2aGwN7_#X?w6G#I085ynvBCD?K>gfetb$wx?|&60C8OC%?3_^V8f
zqwlspKA*NeuJy0BK9wwJrVGAeuY8`NwR-O6dP<jG=kRK-UZ$2_)gR&BhlxIGFMcoO
zn2-<T*uLz=KG@lD1xd1)SXW?wM>TFXLYj{At}&X|KnRLXgItwIVE8SLupN%Q9Kix@
zbXnOCTam|UgbDCuagDfO8FHKgSG&ko?J!>mLImmXdpmln$=$rP|77rPS6D#)dcI?t
zKXdK==4-xIE_ws@mk`DJ5+ako&up9~grOFr1Vmd^-!EPMJ=?8;D#r-knte$d%%*W|
zM~xt5=iZiY1KBN?l%O4yD0%5gbH+ZzR%Ul>Jivxm@{EYC(YE#t|KtOo0DIM2=^A0t
zB}5I(T*HG`^o(e@_VQa1v}pJ<!5_gA<cGP79^X3!!K1B@BW(|FPgiZNEuT9kyN7|N
zSAt;Eb#!dT>rAk5NJC{19h9Sh_oMrps_xH}gYEO!PqFsSuj|h$JeRe51^&+BnBwJZ
zgOI%^iXh1jZ&VUiT|vo&g7op#HzHs6sx9+!_pdvJEwY_lIWKr;@SVB=@a<}G;`l|v
z7|b?H!}sB(T;G@H+XPEmCMH2&*{?Sl?_q9TY_*>EG}*rb@>1H`eW_8SR!2^Yh{WZ;
zEmJ@aWku%0cR52+X5^a16NJ-YTjQM4dIJr@pwTw<<`i-TB9eb)aw}R(c@`PcZ~G7Y
zlo8=e&X`_c7bf?k<;5#05s}apHV+MennX=ZI}C`WwSfFBGMk(*LSrdQ(MWTKuJQN0
z=+bEH?5$@}{nf5GbWp2n?|xdBy`Zl$5Kiu7R7|?i@_q%1J~6kK{C*`IzcWSDQBF!q
zbq1Y&h7v=&oRb@JAx&xJJsN4r0Z{TY(=6a_RkWBROC{S#)&ne+I1+zp>bNE&Nk7!w
zgm`$CwkpzqxHPFkDX-6eVq*D}MpI&HHJ!?gK{-aJB<rKds*EwwRO8w(gII&WAzAZo
z*kSWaL-3|wkqj>ZiakvJ4^4*X>Ik}4M08Q=d~I8qxAICY!qucHw$gG@ftJkJQHiWf
zzD6#9BQ-?{9p_X>qR1)rQ6voypfAJGly8v;rG*x3Ch1fMp7=aw@$A8z`e>gjCXi77
zRpMwrG%c}aVw~7CQMz5qIcGKb+hSq`*QgOgyCQ!^tvvX*R#{!am{b{e%8lT|6%!ND
ztis9gtKm(OF#lYFIfl}t34R|6coi6qo<(_yhQs7?CCr=xoZ}xAYRiHRhUPdM)gj5-
z^G3nh5_G*A9s#<_gezD9)lw}RmigZj-~yp&7GGA05YgDx)(0;%uTWvt2!}sS$TZ`(
zlftLDubkm0(d{gdc`)GFKI})9&lCiupJ58MayE2+3|UjbAwcCVj2bbb#{w1>`EXEC
z6d;7u5CbF&jVXW?N}iOw#uqe|W&K6khI*g=ew11}s_oZCs!l=_WKC1E!mNq>En)Gq
zHKo@aka@j-LMA$0JM-kk!?-po=?Pg&B#~5pSx%BrT9lj{@#IZjCbgeUqm$))&2!ir
zsVL}~PS|h)<lqOx)uDAAk5(jT6PFT*N=spp?80&nR^KoJM)D7Lof|z!!HWR_gr)cp
zvF#~|D%G6INk!+uY7Na}(3ypiobBt1mC6L;qgR5TZQb1+Lt#`8Sxsf5DE;R&@C=4<
z=z7Ojv(%tB5e45OuYskN$3~w$=+)JJrS4P5EulGxMC|7Ddp_Vs6mr|xW+bFFJ|6uw
zQC$n#H=$-mxz?Zx%umw*3;qs+224YkDm=NY&TAnVlfI~Hwx+a@pFc8NLX26w5RAYz
zQz=?tVj~@l-x`C$P+G%CXSD*C)IMFT=*EGQRL*hNF#!-E9zMx_*bhtE#@3jHHlv&L
zeE5d<40akT(VC%YNd}+v-I~^2x>U-*c8GKcBabgk7K-MFq+dMddF%|>g%YaDe$gt9
zTpLyJpR75t$#f&F#>*l>x%>hcHEM$ci7(g?`o)5JbU-N@**8;#SJ6=cZ2CV-Q4k%t
zl@kgq9a7q*?0Z~PAKsD5J1}6;`kJ#I4vok~Vi`Kt!dGoQf+t((#pR<S)@3CUlhFt>
zitW=QKNAy07PoX{?;F@|l3{Y#f+PrZ^PR*0`oO0sJ^vwB>c{kF%LY6hc5aNF8{>Uk
zrKg;)CQ)Wd&mgENobp=H<WKEO0ir#5M+IIr4cR>#n;K|^711pL;%W*Vw379e4MXs(
zPervN@?#YeE5V3K*gx%;_I-3qCYV%6C4<tbf}8%hY<Ai-rs)DWhy2LDfl>{Q@gmyf
zuqB?kze3qdP&RyPgA$u4<q{>l)RR@1DU4}EEa49?WVg+D7K_|XD|v6aIWN0R9<3u@
zD`2A0R;L-y9idw+Ld!K+mfazbAij&r!=_ToX)a}%BMgTyDa+`Gm+FfWeze8RMM<K*
zc3UJTvH3ME?vp9D8HKP)EjB9O?n*ZtKnW-N<Av|yeO(2w*i{VEo!mZ}R6tshrI4V1
zXa9Zdrn?tqu-a*nkwwC|G1i|m2VhgRKSpXgi9jT8ZHg4dnA2>aTu?hvfo2gYnF+g>
z!GQ{hp36m#qJzEJk%m#iEkcwZlKrKWu2lF#II=%fzN%<2M{rq&1pl5JSv(kW#dJ-F
z*@0F57eI*|Vj&sD&cYKmiCTS?yQq?1R)Es3UPO{^s1D`hy-1J)wFhcaS)y*_HW*Wa
zW&%56GN~An3qz|f?nl}je$I_UyD~>N$(3{7H0c2sT#kd3f>m-!4XdD@K5TxMVP%+s
z&`S!n6#S%nZIXLPxC4zmdw+498GqF;pS5ro%L!TK8JO@5C<@}@+Bos-C&A=bu2tD`
z3JI?wn=E|9zfwC3DgrWFv`>cehYqa0wU;%AXeD0WPdurLs{~7T5p9DGi^a_pS;OhI
z42Fw4!pU!CPio)>S=em^9G%<iwqd=Cb>LGC`z;h+jRm{SeyKXw!>!jFM{2{Z2y@?B
z?y*;rsh2TFp@grr{96whA|*IS&rtv91nq+Epk%jAmGq(Vgxm10MnPb$%csO+rM8-i
zBV{$yYEbZA*>KST6Z;w4e{LL^4R2SXH0@1JzMbgCcOJ}k_-CVET#x+<+Gt9+pCFu~
zkM*|W^rMpeR+~*i=e`spFA%1EH_;|EidW2l7I&AQZ5Yt$dV7Pd<M!0H!qR%sw44H#
zrVo87k&evQd<R2qj>L;`i1pB+R@vdc9=bl<&4t%%T!3ILNkR?U+zj0AZZIBV`T56g
zsnNLLe3FW1al?`i3Tw;T)&*gb<tJuy;$a%~S#u&Kv<{|gSUUBx)sR?QHVshB@O#j(
z@m40mz+U0cWhJ3Ps1^c$1s>PVo0r2353lm{DM%mQ4u>%B-->+K)aRGY3`8J4)$FY9
z`KgRl#-E0YhC2Mj=!;9PLb;K_FUf~fLwbkDBsD9Bs~m#<3h28YC~i#2%OJY>ZX!z<
zx8?eK8(nb>>&Mk`R9C+UF8r+VVu^k2y0NJ06F<9>`}x<lz_D<@6n`8VG`UkB?)kiF
z$m(dQfUmP<c;AsY80g)A#(rnsNUhKB71eG|ob3Lc^mh<&E)#wYez)nr(j?GFkTwi$
z38+h7PUdOjK&@jc?#pYiqor5?)zOzOA24R#$X{t91atkHs*DVdqCdIXo%HN*_A*r3
zvZQ~zHmndnh5os^Vd&<*CpIm(a7$5a;@><<>$!#BszGPt$f3w6?+yv+eIs%yW!T6v
zR_$Jjdtj>!zd59aNAW;Xsu%%*){E-gKg@-_AAha4f22<7IomHZRrtshzKcSuEgeIP
zJEE%U6B$G!&pkVb&$)*czP|@oG2LN6n^s1}&#kO=18UKLB3`tlPtH1D<b`Nfo?Jt9
zHw1qjT(T&ko<UA##t-kSWFjR&6*~k;EE}9qQ)ZnZLQzz*orRxf96v7aGW90v@vtAo
zPx3K~P1xQ^&T*1eIU2r&MhmQ()L>b@T$W)C)dc%o<iq}(gbUB{_YhS!3h}%KV7yw%
z)@z$;_wU_qn5(t)oB$#GAdM_#SrjJXZHfA2ImAQbcOp`^!4WP};$ou)8VQBAJlby~
zdczPOjo(*Uc{8V*a6z@$z4(_adhHzGLMUHO`NjB1kYKePgE>Q!XO$q36KxlP80F0O
zs7c-QDfNjPF8?Qv!zD_amo6mPKCST>#_}vxKumL*Rt)Qe$Mj}og<x0L=lji7Jr7uU
zg#?pHj8tl`dI#}p!Se!7uG)OT*?wRm`l3!G4M^N`H=4U(F@k<dh1a(pd9UJbhw7+6
z&D6Q;32~fXuv+|U&lKqycjy6oWbDeLJLzM10YW+R<-O2ftGEvsoDTe`TTolY@%U0r
z6C8VY>=>alNkZEtWs#+(DG9N{N{`Qck*Ks#-6kSy8&Y$e6!GuVio@Y*jn<NtGgIRg
zqj4erLB}*0NIX2M`qZ*m$S9^AWdq@z6OiF6<o6BH7S7=4i3}IdRW&R704tepdsw{p
z&N`>5anXxNn?wb`nM$dwe})$iw@YH@goA`_pI-X%lH6Vk=yO)Iv(ii0gt>0XKJ{iR
z#25z*qHM9ny!hi2$kg1i45${kiCp_WnpLHmdcTyRm9(%PmL@iYnvY%kIBuhR$&Soy
zUE_~0E<&;)xrkrwN}D2M@x!G-;w}|8+?tEmnYXZ-fhibbViP~XrPz)r9<`pxt5F7-
zk_Ly_ymafxlbs9J;fx9a^!4k?oDV~Dk7s?ltIA9)II>BQjq9w-mZX-6MtwiNE8hvf
zC*Mu|l)OGSK~PB)g&KQJwqQ|*i(HYVmAg7b{>Vw-!0A@~9d$GvJR~XlC_)2&umMTw
zeqc!;Kt)G&8*f{W&6i}r_tKR%BGKEf5{O20+V5Dem9Jq<+h!yebc7Ectf5Vy)Gm3*
zn|aax=#$Rr>9w+VN;mLw`{Is&I0N&@@O%)&8&GBz<)$;dacO7c;@n`18GF`Bg#VcM
zM2tzK&&9XRf9#fD9RKU8X1Up!_1wFsxn?JpBc?Td3*%&u)*X)kxqRO=LBQ?g5$2(8
zuPxw~R-%JU=$1#kW>`@d<0(S2y|D9{C(B@8?@4{VgO;g_ILi_y7VcFBvJ1h(b#1Mj
zxu<Yofc6q2rZH@mZr2b4FVf@u;LsU9HZ&|&gXk@r=Gbfi>HrA}10J#vxuP|d`;>wc
z4h2XpZM@i43`&p;euLcDBXvrpJUz4sbz?6}D^tFyjqu?1o|loG*YwpG>e>!tVfh()
zsUqyAGObTbJ$GqeD1Ov>_>{3{c{m(X@gi4Bqz-<^UVXTfb|me~xi;J#n(;L8oP8Yb
zkwm}qgTJY^;ei$zk$gW$I51h?FA)mO3#n_)pOFl8Nr%3{wB_<NAJiTkpPf09b2E$G
zz~((2;!mx!4>BUQsGp1grndxZH7rX5=qhtsm$)v`@Pb#439zZ(2R4Bsu@x^o!5u}0
z7Tj_6qXFp?v^mt=`U7}N<IaKp87|z5tS&lC(9u*MM+4h*q<;;(|DrLv*WP&@+bpgu
zjWe>voV}<x?$f0v$;W!lBrIF-olJ@4^^h9Pm=NzIz-WYBdmsdbU)$<TiAAMMByb-e
z|9MCN$+@Q@P2oj07wh$ddBR7vy|h)q2LI(H#C;v|oz7CC57b;dn*U@fLJNP1O+Zmy
ztQ8dXIjitKlC-dO8%ta<`b-lw=odd-0C+(^tB>EWE|d9Gmie0D)lf9X@GzNoWpLtO
zu)f2XdyCfaD)>v|?)CiDTvoFL!w(77D|Dp0B&ZcZ@TBXwYrU^5C<5nD-a0*EkoG=0
zQxV%zzJx>@tvSQPZt{b=iT*({q$y<}n=$^xOS#mi?pADyPT{yHAFVleo*c(L-?d9W
zFi;<vqctdW(CXZ5%;o(ws$KUyHtC{dJ%5!Tt+(pAs8fBodzsgSX|Ut`XeBqg8M8H6
zjf8g~i`2~eeMj}786Q7HKRFM{RehwZ-l~J^hRvY{n=1C~eC1p~y(Jq?6){FoEk4u2
z{!u(>2e#Wz(vf<Dxb^Vx)fK0$H}w?YxOO4j;z_U->GHAd#o@t!(uw6@+XL0;nXe<G
zu1jLR)qOR|mHPqy$Pi<*#$wRT)MaM$B+|CL*=H~zyJX+}eM30$Y&w4~%1&&!EW~Y~
zLwAituUmq^m}}1~p68E`*dgnq-vR5xYx}7lEgtql`mmRbRxqkrNWBf;A9~jcRp?-h
zx@^)rM5~R|F$$}VzRVi=Gx@U@UKKX-j5=#PWZ|_J2M=V^?%YkB*7Z)cX5)p)HIc1k
zATlMC0o@<3&y0QTkLdF4McD>?>e+I+{)YpZwlK69qbc2z42qg=X`YU~5|U(IOB$#=
zGyL!6c-odmj7MX*-`$y*X|Busr!T`lc-lJY=@D2uT-QoO|Jr_H<_+u|PJ!~sAAB~$
zWq*ug*e)=cwxv}WajDyWUij@OnE<;qUKX*u!q``8x!em|KU?flkE__wa#b0p>d=)*
zssXu=vur`6E&G#qu$al2EhxcVdxCZRZUs>iO0@-fFN}JC2e;N{mnB$;9fB#*V8a)}
zP$`1!`B_vD3M7u`_C-&ti?P(+OwW!2tMb3%^m|v>2?HMc%g;(?;VZmha((OId8-e0
z(=G#Bfnv^Q!3DptpVpW!75e`<F1`$25D;)23`KH6Q4`gttqhrj41OuH$2NNBObJcY
zAPibq9?0x5JjsWt_~=KxrHDLjMY?5?=@C1?^}}Hru0=fBA<u$-sVznx&SDiFp7;7v
za#bTZa4x-6iC1==W4fj0y8X*M7-aK3mTHG@%v5JjGGLceV@R&{b?GU1b<~c4jrHaC
z-T?_CGCbfVd+(qx>jP|u>peIhV`KMve>f=>x<z37wbs(0|7$Py_<hx`<O;Xyd^K6O
zqrSt<`o;U`0JQrdwHrD2qN??LtU}kliLS<_38BM?$m`5v;+U+^86B90SXCX^IENUD
zvvxlA_#oe3RDW#URPhXyvsLnRICrm?2eRpVLwmc?nL+NVX{}2~YFqp|gJ{F3gx7bG
zD&`gFj%_QCs3>nOk2rJMi8#AA`g?re%p0x&{YRBUM|A+$9D%Ca>v?aSeT8yqogMqA
z&ell3s!H`FT&V{U=6XjvH3oJfx0N5MKfIUgX|y5JRT|{1-dCj`eu1uBpSu2sm_8TF
z{~KK(?Cb=vbD*YSQn7HdHU<7FI~!S=8an|gQ6O5t33yJ{P{mY(*ww-bKnwt45gZ&$
z&4}#{jjasLO=*}E9qde;jZGb>?M=*pVhk*d?97ZToHR@_rtYqG4knJ&G;sgcWMOA3
z281IJQ;YGiG6ReMGP5zWuyU|+urV-mP%$%80p;ZEO#Uko6$e9mds7o2w!zTa(G-qJ
zQAJ#XQNr2U+Q`t>7KnMERsmQz5(B^gwuhcr&D6mW*flX5Be2{s2RADx2Lmf3=l`@5
zC=a|hSqm3aVxUnROk$=+7KXMo#8&o(P5?(!Lt>ZzaXBX=D<ccdKPU=QTN67YOE@6h
zg7yEhHv$A^{2Qae1w?Den%bHJM~{t#^WWPd#Q!x!BRhfLuAdnt<mnwQ)|C2@B1W)?
zT1mB8sZ5$T9|4LUodzXnV%k@KZKpg%DTHxxZ*HUODjP8Y)DVK44u+YK1iv6mF+t}L
z6@o?uOzL|mOhghf89)h>r=mPcpb1Yhg;)jkwJU@$f-DIJOqjF`MoyyiqWU5Kb23xa
zeAtWLK&+dw9h*Z__iKK}H`(&DE9r}I;heq(ltfbK33ub{R>^#}<_c>Q-#hMCX>x<r
z*5g|qq;V^0h^Q65799k?p9ume;}9dn?V5J@)bmu;V5ndwHR@p1OwB`v2G;GY0&Ft2
z_uF?35u#`=-JXf#$d%PNa$@(1<M;gz7r~%sl#KLj=K)EXCym>6J9=+d%sFLyOSNW4
zRdMsuZ0&jwc#le}WCNuoxmuwk=nmf>yyO8EPLHrS6<sd>amus&Z;wht$<z#vNy^s5
z)Qwo18Ca&8g;f`hN!h}~^j|a_lRB|B3o#op3y`a1XXgauGXGQUTIrvQ%<TRV`p1v{
zITRz-=Hp~z5ffoy7U5)J6J}-SU=imQ5f<m-6lURKm*AG*W)&d*uSI}8{g0W#&J3Jf
z|N8vbGle2U+nPWfBgA}-Z8*m9Cj6WJt`%z=kL!_-BR+4q!lgOy<}V|v7y@W{$i^}Z
ztefRqFtA^!(vWDxw6w(spb@L?%NV<$7!XF}<g`Iru%P8)k>%3X<U+N=0e2srUg;0H
z>3iI7`c`I(8RSw4?=2KkT4;&n*%Q86yU8g<M!Yi!01GKCEA5#@)aC$m8@yGmegu_i
z`GP7EYw!y|>9pFnYA^yoB7h+1)c|qTo&BPKNjKC5v?^PXN=3XQtfWRCxqZ51hBgSV
zSEBI@z|&+q9cVVA)UP)kdN_UG!0GSP*a2V&0yjXp5XeX|fk7y&%A*J(GjLR<%Mi?0
z^8L{Yxep)!&;@DtaW*ahkYQQ^2>@2pDX^{qx`4Ck6d1`q+eX{Qw;<16y+(mX@qTXu
z!Bv=5{(kUnVqCq&E3_DYQ2_5WCJb^Q8NhSq5H>cz7$7-)i9!fXH62s1LCFUzpHCo~
zNydjbnMWYmA^sg{vLIW+G3eVi{wn$^{SJAW$iUXCT>srR81CnyISf;P1^auIc0X=w
zkPCE`yc>>=aHeF3up5SssJ2jtJoUN|8S?28%mXB*4XRw|Ni5eCZ51Uz9maVVi9viW
zcRn^pH1Q}Erpdr{x_#QIUF#gO(WlWu1jiZK21HI!m2yiGPpm_z3_?=^Ph^gjrcG@+
z30gUb+-!yZ@%#>!h#E)ZDB&-o_O!&zB&rgIX+$$JVyrZ6d1c<{bVHDe@k)#f7^1HX
zZQHrfUV);Z=#RQotLawi`O)YEBc`SNY;j(3AWM}!qDx*c8QpUw*ahbTf@Da~R;)1W
zY~MtxE|nk9G981ebZ$ztijVuE10)1jZ5qjf&^@`sDEEE`1NDT?P(Qwsh(vT*V|uQR
zOqUe`d5(=u0BBg6M+dx&h%{V!AOWpKwdw;DS`SteFZ7WC64A}5HcY_IF2xh`;hOGz
z8Yci9un(a~1vbKS>L=vL`3Hawm<RCKyiv#O5X>X&RqRzH5r%WvMp3{kEb9UKs$ru|
z5bHfc1|$0Gi*!f>U@SUIG29910zV@~Ug~@BpNahL^f-D(ro5AaJkwIJF$;EE><2@U
z^3u*AHPJ*<6+L&z3#e6M5>;(I(T;G+4w}bXs0_G{+&Cj923)L<cBNn=CYr}TXj()-
zE0xZpP1%ca{vi+#WRU;G(R(RCFJ6|3*f<NRiw9ms<5I(?=%IX0F?1O^(+)%Pm|*mD
zt5Ymomx|tz+N0WUR+lL`VWj_o8nIEa40NWvWq#M2SDt<~p*qhE#6>hSKcgpBCqzTM
zyydRy+X`59P@w99Y2h+tY8R%xrpWFjqo;O|#&4%V)GoeIa{4`lisyP*!EifJLUnIA
z?AcmedCMR4TGGq#)GjrV0X~bAK*hS~S}@QcLzm8=(+LRwC`9Tro+(5Ho?(P*TXcd4
z8X=WfgJKIgaq#z5Ynl+n7Mgdu6>on$h_{cik+YGa|7R^;w8_ZTw@XmZ88?p+EZ8Ui
z55T(At!EH)uP{3!--~WPi#<$qheWrK8#cc19#Z_&H$uqa=^xeaNISpm!J;E&eKN1f
zflmaIBKKde6|ern(ErOG(}p*LEDPjlx>a$%At=!RF1j@IopQ(B9yGcWSY_oO=enhB
z3F5GajmDGFqv}Mc&btwd-y-gWtIm%u)TKhV&HDv9QiFO5PmlYOaK`*`lL^?D@d;L>
zx}0te-+xVfopA*4nePAF!Q2W)od4xvo`AU^)>Fb&aP|+CbT6U{l2u3%iXUu_tme~=
zveMNUjcScF{fDRwkrPH!TXN5Sq@z^87awR9F`Lu_BB93ZN09ViegiISQ7dqaM5n3(
zG7TL_o?gpZs7lB)A*!-~hdg*|5IkY7W6-WVWNWYw0}zA&5@rO4S`2IOwLYZUZ|7iz
z23*VFj{y^TUG9^<^W1c<?v|rXcLI4^o*?)TufIck4ecTDA%}Z`qn8Cy+G}AC6&2WE
z04D1XeDSoxln5j0fTi|f*kkB`FZCfRLLc>FCf;Wy@W1}X{Ogx#fcf1X{;&VqHc}ci
z{5E4NG-jW7Erc4#Z?uK;c)a-auzd+xVJKQZzOV~F^spi!6*&4psl<E1-*zNqq&TRf
zVLv3qSV<F5<D<e%#K`{x3wal&ccB$B4l}+ntVo=kfz$$3Dsn_iJS(P1Tt%9ndGxv=
zT*|6}M@oqzfi~VGj9io)hjbK0D&z;NSOQ4`!vBTEDM8DW@IUqL#z{T$lleX@{fPT+
zlTg=^QOx^uCOrZ3CP50Rt03-ZLx;*InIZd<Bhl;D^)(41oJ-cBT-0!bT=2cBnOR^m
zZQpYoPAcQatXKkN0(*Q>IJq3T1*z0GXaCvuIQw6VY1gHLjYxvo)7P{zmw0!5o!$2&
z83N2g;bIx$XygJQbd(?cpce(O!j`k?<syW^w*%G|<kM!eZIZ7-%HSK&t^pT887P&I
z8SqX44+c$Asb~ah2lbjeVVup2AQzPuLa9=M?+K4<Anb_8kQt!XV5jfUey<-Sd5pdg
z(`!r3AlZs7Qn}xYt_u5VW_~ZZq}>;S&$@u|JggE5`Rc7fACFl<gLJvsAWZu&HKN>a
zG!^>UcDUeYK^0PdERVmM<rF&*u6)4cSzNcbxddbz1bhH$tjuL!okEfDpi}#Tq;g+M
z*xN5~kr%leLbVX5S(a=Af%o(`@38|85N~xq*u;|t%GF2T3VC=O<2*=^D9|FOeP;l=
z4jyR$OCJcmoiDZZg2{`8!%X?HiW)4N6QS1I`MdYBz-YEc+j|x2M{+<T^+;Gi>0#Cb
zoqa99<1>4yku3*nU)cW!@(-4q-nP5{QLq_<D5dwwm!yGLzB^J5R>m&CIuKZA4l|>K
zJ=^^Nk4GdB=bX{Lefk};6n?QAo9*|P|KnUQWCwh-f;<?a96Lo{;clgr?=8kfRBG@a
z(!_1P>H9s>-g*&HB<PHk<O(P36pRc@K$O2JWD16c+BGm;X-*)<5JO`3i#Y)$^sk=Y
zDiJcM@@5UrlQrK3Mh&$}zfdnrzY-{*L$7GWLcyONXL5XO_MlsSuZ07U=i&5f<;i!=
z75TmdJ}S@k5L$zrUUY!!IyEg7`MxzhDzo*#mT?^2bhblYE9&usG-uv#0Y|<4;#6L!
zO~s<T!V{#*$yu=CS60=)cHXEKmh&=po^iE&02yV)-?P9%Kg>1{-05qz;Xa7GnyOh7
zwNlx|7fpg+gwrExCpr}zLOoi=!c}^ZjhPE)lxJ^UF?nQFi+!YNEGyd`uR?bvnt3NP
zeA9o!y6Z^jE;Fr%YhCofGT`_@G#0l5LkKAp(#|Vv;C_|NSk@a)(G<a3Pd{?3f*f)%
zm(Lj1huf^0a`gUzvgJ5lz|~mnt@;CU%&~G{aS^4BxNbQe$ie=B&7Q7W&K?57$=M7x
zA=4b_ZBROTDQ_W&_=6p_uQTM37?<;$YbDgDT$i~!zYm&_gZ)qM>K~~*i(p)cU|giA
z%=6z^PL*cp-<PKccSxtRgad=e{Y>q2I95uxmQXXub)c~qrh5&b45SCr&sVUTwixo_
zdu{TB{RA|aSB`j^oUulPqb&K@SI!ttS7^}eWFOyKMIO$RGSo|}7x7~|aUGnuzwa%$
zR%q&(*W2}!8}owNx;ro8X~3imJ_Xn&dOzhoDhozy>k+W&c|45LcbKnyP#?3cL<-KK
zT2kLkC<hYW@jV>=nr6$o{l53>kFr`${jEx{c^!Y`g{HNFg`3)X!!BVg-@}fk^^}ok
z`OFpP%DCg}o=VlQZEQtO!o5o2u#5tM`}xg$fL+S|lWEH^g93|t)(xxp9`=O(d|*>R
z6pC_Z2p#eap!T)B7pfN3DUfg){<W7fZ{|<^s9xs0Ayi}Ld6iGF<?9nj)9afb?mM`U
z%?CDcRJuktmn#Nd`-qnj9P(Dc8#3S7wJmF=z&RGM{IyPS6~Vo6%51vf=IQmJE#uFG
zqU#8mCFC9>vF?XCG^WXgjlm`$*<loqYKk-2S86;O?-0@;Tl)A~;W7O^G#)A#h#_%^
z=+n=Ebrv8eir=<_Tz1+fn*vqyz$>Bn&f1y`2)2KY+<ZS?1dnpSK42a*Od6mL{fShF
zFTuSyj|hUfi0E&~45ne;0$ICkOJ^{&;nEv5d~*+!j0UT8);OzOG^`rX3T;BNB3R@}
znInLz{LKrOHrl%9N8v&RdUjsBShsA8U%P7ywjG}dfqliiY1ld77J7rUNAQO?%Ju)l
zNJJWj8B~>hoWwE(8Qr!8H6uh4B}haHt%!LE8PFP58Q7^I!&yh0hS&p*JDUHwEdvgT
zYA>j0=Z_9kBvb~%hwMgp&A08|d*^oqIt88s{r?+-nS10;GqG!_yotx6{>w{8yOqdZ
zaNDQ%!|x6B3H%az9r^#nI1xI5QX*FD@sEP}KZ*QHNnnY#WxxY*f&Xtx%?ydr=Q+x^
zBixGuiJK^kp0}cYm%K+s$DfEI9Lf6!7S)<XQ29}Pj+-6(oq*8=yh`X!`*G)|H2|$m
z;Onfd@=6AvVpwHTAiqjaS#!CjN<jH#KDM!GRK@4ByZKda?Rcw+!(cVXLr*)f<YIxV
ziNj=dQ*UOm*1`^NW--iSYq^S{<gu+JA*$sL)_$^4u#Jx8BKH}(LqmSap*>};DXaQG
zJnmqj<^r_Kuch1N+je%o>AICW9iWX$yQDqkXWD^+R?28SqZ-rw15~bX)j_r4N%I9`
zFEHKi_i0w_#!lGgzq9mHV~-%;VcbMb+$l_OF0?jLHK5v4V5?0{tWMOcKDGTmi9i(e
zQ@DE$j<kKcfsG!7=0^(%k5a`KLSD<4$41T5TjyF`D#$m~im%dMu|Yj>kBzAcLTzY|
zxhaHs){~}2J~g{noMSD@)|9#)Q(G&XN9~d(HKtD-e+{TNwX1jcEo1jSW1M-dt~)A!
zBCd^BB`jNh%1ENbq1e&gVUru<*+-VUuwk2$kH{YD%l88!sxNScMECXoJs#ocWa!}J
X1`MOYad0w!XXS>Ypb%G(fct*{i^jr}

literal 0
HcmV?d00001

diff --git a/docs/PSA_Crypto_API_Overview.pdf b/docs/PSA_Crypto_API_Overview.pdf
new file mode 100644
index 0000000000000000000000000000000000000000..ecaf3991c7da1d38dfab829c0665f058dd86c7ab
GIT binary patch
literal 200980
zcma&NQ*b6g_pck<=ESz&*qPWiC$??dwr#($Z5tC?6X$&U)ZTS=)%h;|ebrTc-Tgdk
ztzT0pib*iAFmk|A%rB3u!?6-G6WbeG!SV6IF{yewm=QB67+a~h*upW%6SFWg!!b!%
zIyt)#16ToYOtNNn<}Mb*EF7%d#Q*R5U#B)MW=_OR5;jIIW@2V0_NHcV0s?T(E>31f
zws0PsGg@-?_*^JGml}5&7!Ex{_F%#RoR+~wmiX-FGuYy3gad8lnoWBD*8VAlb!O=$
zX>&WF5TDp}Y-e)aB8KZmiIK%9lGhYSL=j8UY{PB<w&5y)#0=~QhasyTH=&K{l4z72
zi7A5|<Rz%`QY5u^IHbXMy{J{F1CpTL19XM#(_S4xdZctkMv((q4$th1Xx}xcoBMeC
z@By+W;x3lV>+C`F+qnJB67Zj7RH@7jr!lBdFMNtx>yHw#^jDCV5VFcJ!Zyq%KuCc>
zk8qq)*#1~+;sf>|*E4q!D~MaZy0d>QJe3jxVdc3(FpE55Fy4&R2S#&b-yq(gFY^@O
zyYP55cyuUHq_+csiY)qIdbCgk=jvIcTZZCe9jJAzjA)o4O|L}4uzv|e1_6KZ5yJ2$
z!zD=(pcUm5#kla|QTP+GQ3EL%$PW5TDM+cPi{+l;uv>&>AzWLWk-e-H8lic@C9%mD
zNxC9hR0t3fW5_v32_XYK!E}p@pynse<kBFv1Jo)gWA5=c5@<ohl^Dwp$-=WM5SCeg
zDJR5wE(ah!ZH93k9#S@eZl{4knGmGJdvOiYI!L3;&=NT-iyGqE7cF8j7G%4!nC^$k
z`-Rk?tp4Urm<_Xl-t2_pmJ&LTFb-pvgaAq>%vm<b&(CF!lSDYM9KpizKub_yxXgAe
zRBIf*76bg+Ut3Vd>_?(kT$=J2P6R(CnMN+xim|CCwLUwO%Pjq(XZScT*LBDKpk^<v
zZx8=T%9~wWdYfv(-uU;x$+@&%la%{-{8q9ccd?N{G<M>|)_W-VOz10HVGjE|x_)Zv
z*meCt-wE8k$!iIuoM#X`GWE|x$g}J7%j&XUnwOFhrXb%zJ}<YO!k(Dqhh81+Kg@RY
zEVo?Nf;$G)giJm+d8gx?($#l(#)(nGbIp{vPE>D0K9aNPEotZF6XY={@gVZn4mi!}
z=CtHguXmgH`<~$^g`^Iiu-yVqXXi68(>JlEhE|e)#O2AHj4-cVQ;2*x_jDN6%qxE~
z($*etc}8w@q3GAg|6Rh8eObN^RKS{-!;D$RkQSMJYzePtOCF^WwK_!c#bmJu<h8j>
zzkTAUqg87A*wZy1gV)=v0ljk8e5%TmzMT)vmTIi!rBfYeqPL>bzxXfU%`Ud<fzoad
zN4;YP-9EbyO>312;E}D6VqE9X6E}Fe8HNm#Zb}xy_U|`V>#U`>zFuE!`J%pUb&JiO
z=4GYjI>`lLWGeXnr_sj;zJH_-1f?$Gc7ET=^uD(?J8)LKPb!;rE9}>MEOegOX>Qm<
zYCQl2P6rv5lsycF(kcV|OZa+@X}XTJ8gKp{C!HR5q#UTVnHFkq-$4p!SWs<S`@3`f
zZDtz#+aKG6m(yLIlcJSXEAF+fZ@vqEnDaa7sGGq>t%@!5ZD$}R+rEE(BOpn8$O68z
z?OngjyiD~cS1MLqg!^>r+)7A5?^q2t;SadhOKYox-iB!m`l?DV!HtT7Na6d<woiMi
zUD9yY{UIxjxZ>9fLoKw94t(5Mg{rT4u=F^(am7IS;M(?g<zBw%wG1}jm)r536_<bQ
zt=S)%JuRy=pJc$qbaVKiX0iN@%#LCGmf|hz-cbD9$$2W_lK=B@J#FdBx(Y#Q1LIqq
z)$W$DEYgrFVy7S4!%)>f0+m&tmAF3V5;vVqKSa9mNvt@rI&Phq6sF8hf9_9bS+msz
zWWGbkKZW@>JbItnv_7D#MP4AUvW6np5uOv+SHEHMRsLyNy$fw!eC{<AFPAykZGgSD
zc~k_HKcf0gtl>gcIhU}{FxgM}CN;rnVR7Q-IzMj|423nH4gfyMtY&1cT+Vi1497;a
z*It3MpNGopOD}Kq^!?!x719O_+A8Z6^snu!i1k~oq1_`rkL0RbA{3L?tM#mL?sg|m
zf@m|W`9%sm1M@eX`$QBCGQHRtr6m{km1Cvpt36W7b2GD^QzZV`i{G7UH#U8<9zE5@
z@O!BtAMyrEJ{ouR9?C6I#9=?6hfA5WaAtO<|C<5-+5IoRuyS$yU!?ipBw=OdX8WI#
zq*QYvX-fjF=aSBY4TmHxP`lxE)g+$kIC=1JCQFnfz>X9Gj2-K_rEj+rQ_>+bn#oj6
zeKl!oO7_$G=U~jh6)081%DIyLHATrHVP@GYrB~MCnC;v8M)tmJD~Bd0+P5>{&ylXO
z<i7QD;~%^;QKl$frLs+6@5ZB|mH629RfyZpn~tS4!aMb*`KTm0TikHPo9S-m&)52_
z%J!AMm+!aZf82_`ZRhgTQ+W}kVelT9esR0CEYX|m>w(=%E~R=P7O=#Zvk%F0F@|@;
z-WmB`=evhxS+XBP9w{Iv+4iYS2w7K`@1gjz1K?PSQ4kd%8Xq%ZOH}1STm2T-jCh?L
zwwKeOQP)b+ub@|QG~VwtgjnpM;jE)hX&(9GACfMJI7W2GKp7{{?gy3`&-bC6{x~nI
zle>gjuv~5gPrG|T&%>^wC;zC(cDc4blHbQSU@#aWA^-I0ezpY_Lg&f3ijFLa^qP+(
zdL8Np@!TJ)wiD;D@q3XYqJW89=+@D*OxH*&gayc6oQ{QSG1`7>2+Le6w|KT6et`&i
z|8xijr8g2>-`GgZV&gkR6i*73cOao&5NBv!uxb{pBXb9{4%(Jnofhniy_>gwIc6?j
zD)F>8<w@8DNw7EPu&cPrhd4Ji^cayRF8Za6?5Z)@B3v#(1v(m;g8`h);sdK@hW6t6
zEOZ}wBg?-TGBP8pe;tRP^9vy+7Ss^e*X<MJpq&wa;}_U2LD62}lLzmNiq4yedIsDd
zTHc{7QV=39o$s3swA(5y#`66xHh3d!`1i>a{s3`QD*PffY!}*HHFnZEgmYp(k?TOV
zaioovULku*4{tE90KILz?mg4`4~I@7tTfe=5l34H!N;olhPy$I6RDm_x!27<z_u-7
zLmTkw=^-fhb-Awq9fL>C@B2Lrj=-sJfCad702@pfeViVx$yjyy6hzfV(@;Q&Nn_3k
zarD8l<53#ek0@Qmed1Qf4x2ts56%&vH}=2aWkFhE*>}7Y0~-o}q>RG;<+Pkb;A%SQ
zL}H+X%+#CmRRaDh*d(OJ?}98I0iSvrXGUHBbcynf53(6{&B<C@o(&I!5|il{*07B#
zkK9XwELv9ejg-eP(*L)MIAe@qJj{zkEd2-qjk%=mmwB`-X4u|p!>Ew#x<XPG0GR~c
zJf@aq6qG*xwrTs3)XJ{{nS+~pdJjpCjtT^%ok2xv4DzDmT;Fpgop@+`>VTOQoiWc<
zrNHjjLDozzEvwQ!pE3+70JcRBFA~O_E`S<3>{j<Tm>vdZ)6e3KBpP%b<QO0lE$NG!
zE7<T911X>!LF6LS=?)^y^s>9bkS&^V7>P*LBt|IFgIVI8i{~h}@;7q5jn7A7IiiR3
zHQgUEO(Lxw=1Ya|xz0arE2z-@X;?ky0(P3|Re(7#J4K=HLpvdGZu<OBVvM+cQZYlv
z#7D;$vs9_X2XZMCegE0uj)uuMNss$6DCSq;S1oHbW3gi0{xjZAj3TJ%{Lw=F#eK$(
zRmYwZSOnR;Z2%;_QfF9j^_hg*9Y~aNi)^4)p^drIclRilHiecOIHrs=E0;y%B;5CC
z9ad32(Py>hr`b)#;Ir+xvtobagnJ_^WB4H&=zwloXGi1Vh2)iN$7EdC;qsA!GHdtL
zy8<1w*~>+LJx}CqYLvE_CN0_=IuXBzUquJ6F<K?=C>po~Yh9P~TU@+u>LfBFv}%YC
zb(lk^G^k|3IHav)n$MvQ_fT#HO1W}ywWJ4<<->AHFQ#|F<;m&0t?uLAs;u$vKMqMu
z6COF|Sb{sXJCs1qrO8p)zBKCw|B^)S699XC_>QvPxHpXf8e|U8&tz7dAv|23Di3(9
z<G6RKD4Fj#t7}RT(e7_|p=&@lcQT1p1pHan<4?e~9Sr?Nj(F44;Reb2n-@Xdtp-|)
z^8Uae2Bz4WEDCx64!SOO&is9;()O3;MhS)@0+M+ji;S8z^MNjne`zlY2ZGJYAW3-*
z@CJ@B9q0hwKpFUNL|ODR?s{M+Mx5~Pggcr5oh0bru&aTQ+Bha15$7c|JbC1|E~1j$
zO5M@3PVW>f*_^6nxMkMSrrYy*>4ANGv`hDp`79bP3Sqn(2&W3R6Ssr9i=P3nL6tUE
zHx<76iwV(G)ll5bQq+I_q%WZwiot8=U|j$`%~Y(UjRG8vc+(ZFDpo4ny}5LC2lrZH
zh6Vg|+i~(=WD6QK-JcG*VXNzZynJ^o*Lf^D9Q~&-x3A5E90C>+Se2Uv0#e-qqt3y9
zwl`GSw7G||dX>Cbgbn*t6E<3-l&c>!@nTJuIF>W#&ipooJy+Cz<p_P6<mA7pfW<J`
ziUHmE#12)u4L#nmmg#fhJK=&SjDsJc^Djw-c@Y^BEyA_?J#!d|Q@yVPQmPdU@1d;F
z)GQ`O`xM_pYBQttz4ziy`9n&L;u#CfWIg86J2OAoXt3NG9Ss|-<P(TzCVsd&meV5X
zB%7QStgdXIZJRNjv?_0HdxdP>>IuYI{ReR}@wa$E?9Z2LmrwdBX6VqznsXY+U#AnT
zS<bncPXG+xE;||&oGPBiU_h7p=hAM|nqQyCLZKum`eEPHyR9DW_U@ma$c=_6d52B(
z5G<3A8dymLcwu?U3oBAH2B79b+t7eSoN}l1@P7V$YRH8Al71iSR~blu`jEa;TtSJ}
zrMTos#PLYIm4|akL8j-&>MLDugi?wZ9Bsmry5u~_1_A<t7H3=pN>0U<Y&m`EWNCTX
zgrlLpe?;F<?)1Zw|HVGI|L;2Y|JVlyE6e}XK4P_G?2kK8d*|xUbWHn)Fb%w}Y_ZqH
zIfW8LeYPe7(=2pw_<54N{(Rl4jL=G}x_hI%&Xa1<V_m*AeqJt>=li9PRARXnMlCH(
zNk!@AIlU%RRkl(`U#PAtQ`;&i44uzS=g#@Ab+l%WhR<nF)nxt>sAje1M@*M_EU3DQ
zm9Q(^E42P)%1LGk$tyvwby|7*1>{4U;9;Su(|d3I@NrhX>~oDprg!G4kVSf*TN0G#
zD#E8z6;ERF`wjyhNZ#LV;3R*cX=Y9z#7lHy{p>{(;r~doU1pcZ$C1B0Mq3|Z*#CO{
zPT!rGwzG*ewbZ@M^JY?P%lFgZTxmvYqF2Z_qp_-0P+*XJ6`#nFx+Jr#JkSn2*_#Ot
zy@cu&^JdQH9894_`;q<U^IKdF8|%Wh>*@NnJvGccoXeYPV$P5}eE7EIm38LR5f{HD
z__CX$&|uGDNIKYEH=?`+J>Rft0X)(Emgb-tbZ!#ULO5!3lgL{5m{xmDy@>j{GC}=J
zJJIupn}0oL#-Tdh#a$1^a`MP-Syj)h;cew8*EZDyAEE1D`-mS(u*gq6OKu{4>hVy6
zGGG5JonSm|;}B{tCjzu{@o2&NsK<#RhEb}?(O9N+CtcTC(ECAL`DTCx8-=;zEhW0E
z3l368%g9+&*8e%Sn|>f!N%G+@kIpQKkZ<tsO#Ua@7dO?(#h$oc3a_XQTJJL3>Ep%P
z0p20BZpBo`tDYqo6Wd(9u^LX>W)U=N@p~DDno6lpJDYczt=Reojg`n!!@Dm;RWTal
zyCDpukn^}D30jG~=bic5Uf+_$OK;LVO=M>WdqpsNq|Jb5nT7*rn9p<8HV0TNolWab
zcp94-EB7HWo#1@x7j$5t4xw)#0=lwK9}yV7zvMV+``^T$0MEx5$NiIMKa4AcNo{H!
zBHSGF$v*`%W-9h$B1vpR&?T)<hx8uMrar419^$FnmM=tEE6YXmHmlA6d>_xO@O|ty
z325ZLIKO^NAig9!4w4<g7sC0rRVsfX(NT*#nSY%<iQon`P7}{EW`@Q2VqUx9@D3fN
zdU{cXrb_X@oWC?MvSADD^2gqPm<adw%JKxE=c~MTWZ+if&q|n20n3DsXHY*w32Cj=
zwa1@hJ{VW|jF*c>;_3xy#IUn|h;=``2?+pE$LL>I7S(W$ML{);C%7Z&+wOO6^8&i%
zrLl9m*s3+zub@?7@M5-mJrRji+37_!@Lgjn>pI6Itt;L$h$_?s+~VV2BoBkK3H9UL
zKD01Iq{A)z4x=%NHS42BqT7Ivl|m_pM7wW!_~TJPtb09MUy<fsFk>LgUPW)5w~CGu
zZkrr^zQrooP`Sa`QZ9?)(CHK(;uB_7mH8%(zN^eTq*<)cxa#jIsL>GN0IY~V@5ccM
z_=L?OT)oJ-vZdl`EEi-%YnDaO<bh+YI)p*8^Q~*U{tUQR4>M*01rhx5McC?I?jCoM
z!NnPaVDj^k#oLhPVWeF}5m0b-g_Mu}N^zNK*23ogd0$ChaHt7&|Dtt;f!8*Ynz=eh
z_Z8>JL93dG*e0?UKUSZ({Ef5?4zW)h;BePLR*o376;+e`#4twP_bX%xD`{**X!hT8
zCby&nV+*c;fSIzyjBo%58Y$ItVVbdCcW0OqDOXHh8CwbMn!)K8ZnK7}H7+=Fz%Ad0
zNpk77C>zF|op134U|*Zs(zk|hsUM2qt1!Wi;zV0EHyUV6{r5fe>(%V#JEN!mcBZp?
z%YcnXY6S|}g$6oT?~pN!4;FwQY=<%wXh(_y#R7hzrkVMOUK3qK4FmoIc3cWs9$Y^2
zi=P>s{=Rm&*H7nw#o~#@!i7fMOb!7LOvG)>%dnWP!@OBCWsrY}tJN}T#E7jgf9>4W
z&0JL@V-rLb4$V+N-X8Op<=Zqe8I)C1h1DnwL3l^0Y2ajW?j+7KrkWRkU%V-NS#fkZ
z;67wQ{4OC)J7OSAgRlx#3Dv89Wy7AJ!-a=z)+v5Fqu=fZj45xkfyIu{EdJ`ZTQgy`
z1EVuy)Ic?8!{8VTuPa&Pt|%u5uJik9=W(m`T}s<O)ZpRZZnIbJ(N8%tkQ#{9N_#v|
z`i*Zd56?ciES}VT#<rbV6>-ScC4xDf_ecZ1BQuZD-wi+eh3)qX0r3cYb;v#<?~UHi
zuThr6&Hdmdcb(A-o3d==OkFGN58lC~0%arkm^5U>X&qL|nUL+9DYYogcCAe17!$7O
zg)bfc&S*Oq6g`t_zG_UkE@R2WJ4wh?=cum_w81g4kz>3&Q`y=gUQCyorTdkuHK=!f
z6Sg;8KWp2^Ecia*R4Wo6IWFh`gC>CiPmkW`48PHi(2M<5{X1x6!54iIm5JaP?F6ZB
z!N_L=b1M@EPCZJ$(a#Q(erYAeF1jJWv)@;hO9RsmE);tH+GB?NFs~Y_Pd~lc{L?)q
zt7vKQ0Mc+jL)Nu?n<~_zFN1v$#*)x%zv9Z@n=pXnh$;tgQ@Albvw$p)t8r*{y%63E
z*Stv5D1kC8K;Z(#hKLU&6)g3VwD&T37iKq&4s}1N1Z{wt{CkqJ-Ykof5YyekzpFlC
zS0Q)=9M1i?sXv+JMj8`og75abL4@Y&kfj7X+BQM&&p2B>4%3NQ1n8?LrREE!3=+^-
zM1FCDhz$Myc1Ne5kBqz|0x4!SbwSE7u%u!LKT-@PYPu5O=MoD90cSZrO^;mME{T{n
zGET4F{R;;X*B&yo-+mg$WUYbg^+Majb~Kx@D8&vnSv^Lh++nsy5WW0NVTy>`0lfSU
z$bq4;u{Du^duXebGfPtpiYk@)rSFua?=+1IV~QpBD}Se>VXI3_#~%ZxNm)c%UEpF)
z@{e(esr5dFHn_Qm6vZkvmo-Y@5yP;Yz81K7S0Xh5;u4mLh0`J4+g>{opVg(`ZYMag
zoYskm6Loo19Y%QLAk@-DXNsX0{0}CMMgKzey64nB5Cu=Xu0t0bm2E#l-Lg&1QWIJl
z4H#QKf(7Z<Jrih$U_@8=@Oo!v$}a!)^e&$!_cMZ8oqxEBYr&=ZM1fVcQ`*=$*ca!o
zk|Dbf)&ai#Z-|Tyve|v&yG4J;vP4n^1~a=Pg+f)U&{a*V7<LUlO@IL5EEPnyYhg*u
z!wk&PiG0B*9(v{};+&B0p25N~(Bj+@`gG2AN)4=*Ch!oB!%9goo~YUYztC8a_4~)@
zavUNjlRe|PHB{t-m>Af1YoBr~$Svh%M|S%X^(TIvc58h9Tq@Lln6L2%{p^=lk~Az~
zch*v<BU&q(Y#aNMr}J{j2+GIZyF8HqaJiC+G+O&?5UftAh!ODsFH|Pq&-?vJaL!hx
z{=b<b*MI3#aRC13eJU-P_!0@U|CnM08HKA+QV99IEuXgaAG2C@CmDg7e?lrQn7n*e
zQfF?r^?M!^@m{aSvFwnE$fTrwucV|O<);dQpEc8r$j<25JCB$0p-RB${rpXu+M((7
zT&ZT})$^OqoiDoA)obL)s9+Jl%a=t}+m-7hdYtIS8}V=bc=ODI_b{lueZ5OVJ`KJ*
z<&=(#4}mt}6+*3bEb5PaYz;*FS6cW@zl8GptG+$=mG8Yd|GsMXq_9S_R-#HRcRTv7
zCb)ml$<~cXt~G=T)bJXKhf<1n8P(k?&L$#l8Hz8q(Lt5fQ^qyhlOz?E7$+~<Dz7Vz
z9v$NTvNM_ncXZlYT2kTlp7VVVOx$Q=2GGpVSg{3QI7uZu9w&`C9Mc-|5=PNQ6S1G_
zuJvDvN%;P++_M^nnw42%N*O^>_-a$WaFP};;nPrZ9Q|&TTC>?)+XdD=g;FAznb%>0
zO)t-{cd{m!7dCFHl<Fm@hGLMp*(fBha4?C1gPm4lYZQk(2_#l$fqLnMmxf<T>aTKL
z`Y#^UdS4=ApxH4!vX>B5Eo3>P{YTaO2Y}%ONj)93zeYvFH}(8^bG&)K!4j<dGvf?2
zu{|o{F^QbMyi1ZVsFgEU6^i+Q5A}2(Q{MsMy{T+XmQZovHZq$HC1j#c<XU&OaaeQ<
zhkwpaG~7x&u_(i4P|B^*b)lNh5L^C$;*ZS1i|lj2`$5k6?+~fpy`>v?3^r1&Oif(&
zA3h#ZG`}R>>$7s{lLk9+o-uDF=xrG;F~_0>uB_St7IEe7S~w6O_T@3@UjmNT>TM*0
z0)ki?D5!K$3U_lt?oD6?J7z}zHmnUyyiL6EMMbbL8D$;Uct1l2%r;U=AnlM3V%*)m
z<?jJQ5Q54x9qu80cs_9S*Cf;S^_5WVmLBVQA7T5+vUFo0drO%0UNBWA!mPn#;FffA
zkY$&hrp3C0CkJ&ecOI1<;=-;D%Gwyh;(JyG&}EqKX#H}6&G?YdY=0z(u-$p`ChrUC
zKjnXa7c(1m$wxa@G|8$)X_fAoVD20M0Aw8C^sR*xi-gSP86!@TKSJe!8mG)ctHFS~
zuz8ekZDL|ScQtOr{wOEqyGN0MErlJ_9^qsy)rA`O!;h*XQ~`e!>~tBG^k3D~0l_`;
z()#9*r^%K?8!g}oOLvaA-Z5Yz99|opehGk&?faUG_@cj0nB`~RIXn5#P4J#XVOE-c
z&LDiD@Gv>U@*UFj@G-!yM7Y|AbA9<vl&Yav8HhhiJ}^W`d`GVfn6`TFpoHwMV-w0a
zZIuRw2gDihw}wX``yhgZDR7VMUn({M+4i3~>wGN|pPy!b^@;l@QM+{?DZwZk;U833
z0A|56LD(nQI39(F*ud!`D@aTfX(b~R+Pm|zJT11hwJ38GghUS?C`{S`*HNHWmvF3}
z;^T0>2(<I}dol$e|2H|Wsxd2-rLM3m_Og69_j#6esvMj-dGE;s!rHr2YJ@NvH;l%@
zA<TXlD3U0Ae`4V3=im{(mvDl;%-mZtm(~hhmQ@hk$4emH6=$-xaG)8+ar@=`H4p<z
z>D<}(08_wu?`EMry(qg6B*dTTHHjRlnEa0`eBlMdMu4I9fB^zU$p$`$3x<UH<PcNu
zA;{*2vTd)TEh9JCZ2hGj!Df?L+y=7lIP6`dcwU*46V9hi#pcl+rArE8Dwcn(D0*A@
znW_NKZ}~CFD}ti`3^ZM?4O?w70<JfEd1tJ(H8|`)xE%~N{W3wa{-i~%a%s^=BA5+m
zU8=PSe^vC7P)T+f!W2!}Ex^xBqffbb&mBc*aYl(SClQ#OqC9Qte`uac;fx)c2q0H_
zY$zfvoXJBH+o4J;g8qqvCc&{4Rg`)aBM^`lxnsvjf6Rp&x3)TB=2R9nnbS!hq<3wf
zFo75AA=Nwv(41|AwBto_+Q-GSyyA(g$_isq^=~Oo3xWQL728O6o->$HenI%enyG}Q
z&ew4l{9Y}!C~`|E7Oha-h%rBBYci}f5#A_WF%;ldr#`36)M>zoRuoz(ti)+RjMkV9
zv5|+js#FMHD;gFclsR|L$7(JWPkT9{WRgUz3Un{BVJt!oc^=0U#!!s*|If_DNx*A&
z&H_1pBGKDjir5iL%-4!iC(YpW&lycrp+&V)7w(7}$2gS+>ItUzqcC_uA)7{{KBj;r
znhU0Jii$6-E6=B0ov<c^BHl(@lf7xHeV*?}B;7&G<e{<ywk+7U@77XFSH3BW#SF5C
z>*1ic6}YA`Jc30HG(3ljmv;`S)2DYyQK5jVYDQpyjdTN92lJqpslr8VgV*s}dLgZ8
zFIP%&m@Om=5xQSMcN#>shCqE0ubR6~8i38H=4r7Bqd3{FB*9QOxhmc23~Xn;UD*QW
z!ra|nrL3m^MK%DeJnG;EUPWR;4cd8ahi7j@h~t~_ifvcY$a6@L!l(NER@D_lNXn{F
z`lPxmv*$Ep2(n&9qbN+A&7GY3CR7i)^Kp<V#Y~XET2|yW3hx8IADYX^(Kv037yxXd
zWT&t~*F!m$e}}z^qw54pG26eFZJJAa?BA7lH(~&&V?**9#BWPkKwBC@;H5vwbHes2
z(>E}a9zh+m$m9oLk>wU9eAHT9wc_4KJbV9y0opGIv3^S-r>x0dy&A;R<ZM#su<Q}<
z(+`tGC-$Yg7L@kE;YFo)-7lLUy3V6AKeenDCCnkC;0CNf*MMibcJ>xk<WloWZ3IoA
zzVIl?1tj!OQ8)lMi4dM55B)M6Z?U3&$4yJ8${wqbR8RgX+Dc!6rY1VpoX-pR;&wF6
z0Qk5%6!%4)Skuk%WSk^=<eb`0kS!?BZFm1J<2jX&i%64}i=yat)MJI@grfI+{wqd8
zV}!@(*IeFBP~wDNmPpV)MGn!_wnrs@Wpp6JG(WVO=Ok@V(nqfc50rIf^KwhtE$gdc
zLb<o&1crO;<CqmQ&y?)HZ@)>v^&HVav6cNRd2A(0B;xnnAlPR1kA_c}T%RveD(<EQ
zaDNOttwfu>=??Qby8XTRK2lm2QHG06>TrGjIav%@@@!*|aFgGLA!xTPVfDvNh1}!q
zRY|^-Ke6q8;ag=<#ZrU~Hc7T=D*CbM8B`7{=fq0}wu>9!Cuhy$P;fN(c%(9yo?2I_
zDEURm$z&Z9RNC%u%{=qTri)cL-en_WM86*{{=8z|4y%v2kGrB_uJVpD#(8>q;7FnU
zNz~dA9-%ZS4+2C7B<n?1_Vr5ciWQo}8oOdhT9v*-auq`8ArQLaP(l2*L3iUrdK@#<
zJNgL_u@|ci%i{N;c(h1fA}b2vWSUmy4&o>u8N7o~HlQ=seMbnH5qB@4Rk@)lQftB3
z!R&1}8ga<Vrq0}y<XaWxZgtjaEyE_XJd=H%Jt^cIWW+P~dEa_0{{fejaAo-adnOw*
z%m3dqSpXdWW6#Xh+_696MDXwHBaKH&@M@#?zpm}xG2*fr3V1f^w?mGq-4r3@O}@J9
z>hmj+q>#@-3NI95P{I&T6!fFs;|G46m}uKvbTEoFdU|Y=JL;upLwqmFWtlmu+eZOo
z#MA75A!Q2|eH=M5$7ap2+ub(NM{9qX(N#$zFFAULgI`(<JTI}fu(xemn&F#XMY8_O
z+Hh&sWII}fS1KE$!{Ts3Z+L>n##;6<_T2b>yCb9aR_~;*k|TN4R4sXMRIIt=JJ67b
z-YQEhYsA}fNE~fB7%t1Su^zo~+S@)7FtOyc+9@hnw+;wHr(-bfq7lP2Zz5;-b;c=f
zDgnH#xh}TitBi>$E>-7UitQ@J&DECZH-`d@O<SEHQbnVbUreLOYDy`d$)8BM%qe4D
zTlSmKWPH?%$H(rnEc6oG%D-!@smnTp1QftetC+7eav^RUTPT$VXCl7##k2^@icMZL
zAPJmSx3zHobJOO55-R^~E0q!PE4@)zvXhWOU}$F@ogNWMMV*j+ouT4GdJCc^ud#Dx
z-7BLAUOX2i!(kt%EcPwOw26e2#F-V5jRfM}yNN9eWBS=q=kJ24rP5C=(%66w>pisQ
zZtTrd_nVla@qVd;5}0jHL^bcRE8f(FsUr%*MTL@RGs3Y?hF3EAf-rA6Pg!f(lHKmY
zWKABzdslHKY1+|*pWk~-9>mx)JLFkBAh$;g$Q39}0t0T}`e4(l!;+rvngieFU$5(r
z*&`s|`$lc3fVbw!=+nCaqN0nL;G@0%BFxR#I86iJ?+zNY=bl?uHDx#@ju)+67bG`+
z!L!Z>+e0>BiZ>K^ga~V4XS$9q6j4Ed+UmrVZc~v#M2#icpOwSr9S^6Jq7=TM^xIHp
z6aPs$K6wQ?4*7@-ec1zi-BWoCm)zK&1IC0)Clnjp(}P`%kJ99`3o>aqFG)D|4I?uC
zR|E5F(+r8L<`ENu^CS)dvM?HH--9J#QDCIN@4UH#<tsBC$)Kgczj7^;3&SV#Tmz)m
z<FT0CmpS`K?O>u{9j19`KUCAFW|0Ybh+$#k$Klj-lW;Z1_ZN@c%wQIeum@jP5ki)5
zI2ttA;{u2K)~?;`(*vwi5rg8fh;y)o#9+=#>z0ysH*(L>tZA;o7eq1OcS6#Yiy;NH
z&Ig6sUKK?^O2r*d%s{@j3OZ#)jn7}pOKEo(=K7qm-l5!GBN6}by=sC1L5F`_!L8Y5
zjK*%{W*+%wDe!l}g~1Z|%g8}InH2=SkeOOQPUkLYR3VP<yawTxgUvE5Z6w}jHyg32
zRWgklTM*YV|EOXKXMwLUeBe4)64mpDbBX+(q@Sg`(Tj18c4L|N4C&+*E4VfHnVrJL
zV-8^DX24Rmk#UwD>krWJ(NqXahl-_XFP5tQBVK&^3tSLgH8?QfoQO$w2Yo)47jy4Z
z`<XsAIwn{jQPcun#1<hJLX2aa2!Sb_9eGT1Of8QmlFvmIGNmrlewJa7Sr*{?B55r3
zp`xIk<KA12+@iW8vI5<1^4+!V%678E!#KGgqw#X;H~%?AI83_)8vRlAAWZS5%l%mp
zSajH16=4dQVn8E;TG)#~3n)9KJj(z%+W~54A!Si6cT%1<NzsCYs_th=?^qA6woON`
zh0@x<+PQ)t-zmiz`xFLXS`C}k=SfK>W3KIg7zmCWr#Pf8R?nUpO#)c{^Tx@)`5`TD
zhN?{ow3Y8V8-j9?!C=upWrW>0f*F7odLP4Co@U>HoB-y;sA0hi1LUa55C~d~`-Qt+
z$oq+7t69l#K8sEnTvF#=?VA)Dh^iLta~K1{3c|dexhImt^ZkMq-l2FFWjrF_ykqD*
zmMzTjUa1sdAT3~OkgJ$JYXUd}vOqt;7)#p4uMJSMxDqM@z@5&1@j(`O6$NCmgQUbj
zhzsN}OVy4rC>EHB2O>fg2hsArL4p2b=)o%J;}+W8PXoqOQ~>9X3nXA(hG@<Ei${i1
zSpxGfoZ_<!M~pD^ChVqBow~PnLITGd*$l~keBw#>ZehR#YsxpOz(-HBZv%$FgA80*
zyM7#gzWhlf(2V&2?BI|XzZ>gGK>xDP)DtI`IO0v31cbmOprj|DKtw)3z@j?j4NhK;
zVWio|#`=2*$<e29JfTyo+(n3rT}3nyRlMDQO)e3lQhER9N~n!lj`+g1y#)7eiKevH
z|1yUDdv*;Xv668+R4Hb>7TzxSp0~GRo^xj{U*|Xo{NbwD8)7Ly+#IbK*m>DlY37>|
z)15NDX3ac4X3fMXCt^(SIA9`=DS&)Qe4Von91d%_o1@}DvBmsPCd~njejR6#eu@k7
zm0N3wNM6Z#NdwFzyRhttk@ACI{wj6P#Dluv-x-T=pB=q3kv{IFfvrWnf9W3g8G3N@
zs$GiGKGLlRJhAJQw0*>dX~ZKk2@Pd7>A%@W0ijbVU9W!!2RnVP1>0BujmG~aoy5Y$
z@;{#sY8b?C{fEZ4<>STR>~*$ZjbH0^yahwd7}mROh4UNIq|=T3I-Qr-OYs<%R4-1K
zD8xyUQD_rHQg1`wGu`3zJ1LHpY&{!9oRuh!b<wfvo;k3s8*ABnMe#2aYHr==p%DW1
z;#jy`9WNbUCO=Ev;i`K!3WrVW<aaW`l$mxd<A);Y*<ZLA*9vwJ98y?4KcA75N0r^|
z95Ww<TYto#j;*GqW%lgdg)X4tF;EG+0yX{ZnpvBe#5l$VHk)k|Pt5gtgL}+WT@i^c
z6v8_H?4x%Dhua!?;o8PhLXs`VVh#}DDyj(onWr#Ci*4(&S)!&6Hk<Q<jlKaXrY`0I
z*qa(RFzM#1@pTVyx|#Zg)+Af%Y{l3|vJ?I3%XHq;T<ii&wy=Lc1Z?@kNR&7x)!Ir%
zb*Msa?DO6k{(?MG!wVI~0EC5&ofrpyJXAbVp;c00fb<;}fWFyCqO$Zy*4zm}826&w
z<CXIb!@lyr$BU@R7J^O4D1^70PEVq#oj4{ru=^>55J;#}LF5skGh#Q$bMhvRiZjB@
z8xY%pgTI3lAST>=5(4UTU>ww01Mwpub6f`<!X^;RbL;kFAX-*(bKMmN=zy7|2tH1~
z6ffYRu}=noY?Fe;oFa@c-B{_nzo1VOKSU18{w~d!x$n7ap<+*j1SL~&)QK>N&y$i1
zsh*Fs*KzK;GIYB2VoW1O?i>=O4Iu5mAFz7qEFC7IWqfl>pJk%hgM9mk$|!g2n#|nq
z#^u#H_ubUM#ZNbDp8KHE6mlywXOclanw5YV!KnxvfoWGD8=Yw5&CKKmB>XN5;z!~;
z%!M3sQwC)Z^2ZJ;Fv>|{XHdUS<cW06nz<Kt5m_hFbB;wpfWSMRXEvwGTU`Kjk>x?}
z!(fsYoG!c#Ak-W$5Llu$VZt6j5XpvZG{aB$|6qu)5sL?rUD?dx*(+nQxS%(kY9kgX
z4wM#D&2J;E8ib``*|@^?<1xjW8@C&)mswr~=!bc|jwshaEuo}4(L}_W%1?9#qu<Jf
zK2Yh@xAIa0Rj@U)NnLWN2(pIea}5GPQ~hQ%Ai?@+W7nM<#EhV{0oaoCRT_c4iGWS4
zRs<kNIl=PTVvuf^?lFnbJf&t=t-&QcYqBFFw+IR5Lj*9=7IKS{_MyeWNVZTamfaH}
zbTdo>Oa@4~+gMg={d+n*L8F1a#8gbC0|NXx3QjYo7oT2&gNejeE2v4G(dxpZ9XP=r
z{g`B8S{0>DhgBLkhOR-kM8I2-Th0cry7RW(Iy1E`*%3fk*5rnM`lHnHtF3f2Xg<_*
zC>>o_4+Np#g)1oTgQ<e|9#wiwy3}-$>aI@~y@uGRWskmflJ-@Xl0wiq!ShBU&-dbm
zJu{z-`t2$!Y&^J@-kpLJC#j?5rXD`I|8%+2+y^Rj8_Qye4h3C#v}!qrJ6Xe&)Eqd&
zm|3|@+^=KOQ44nsnW+~Y8IrR3BKO;UAbU-0M6y^nf*q|Pw5X^IO4m})iC0J+1PjiY
z*Ms5_5@_5iYp-m2gH>rPSz6c`BWA@w8V|?73?nLZJCxjV*=WlNQaZ0F+&|B}rh)SJ
zFk4;=kyl@W^iCA(Pw;i2Bv|yvE8>s78;r;3MbMGZJ$>ChM1p*Om>esXvN?Lw!Ffg`
z?gm<bk`XBmy?TIE3tKn}>fpf~lESROp8bkhugyv(T7TM<Izy+lteG04bG~v0+T(Ft
zx!w?A!9hDrUrY2kr5OMGxHw4C$7<Z=$LUGM8?N);LpvyG8jWAGrceqh-@BQ+7T`hx
z1Q7}1>}@6L_bMWxy`s&Dy&g89u3%<#bpT$P$1@FY7y~2`N8#*ws^zDa%sGeT%VpIe
z3{M0Kpd+IHZH;hJB)L3BIJl1<VqJdpZqL<t!ATje`PgrI?98$t{81HRQ^i=Y*Grk;
zFVhUdI1!wT(7Qob`^LcmvXa7}u%NWQA`gFisJ_(@E#b#e{>5Tw?6WiCb(MW#`tNii
zlvF9Sa&3hQ(|%pvVO;I1g9oGnV)DQy*t(}t?|%i!TMuz}{qa)?QePIm>O(TO-StR=
zu2eb?q-oL$4_q6WgXKAJ8=X_cl`2|7NpP>rtK{#GrmSTYx+?@j;n=2SKi}@WP#mca
zA^S|Z$XF=D%xu>=aBy44I({8bzDF?CF~^Ubz#+bS)VVw3?o)IDZo25Z$Tq;+2V+-f
zH+2D!;#_$sg{osmIPb?+!;`JBSdor6LTq?HPEKi5gl@4+@o*;ogX;%GIofOJzwqxr
zr2GH=f&8C*3_IKZyc*Tgv#*{;?G@}BOxKM17pmtL_^+<ktE5d?t+mo?p*;$w#>C~-
z0hDU&r<aYl8OP>IOf99~Z)SRSjE(L1-`t+x8{?21Mx?BDr{}IcX{ng;V(da>g0y|!
z)J$J+-}<9lIT|6mXLjGlXqyfu<k5@Zod5S<Z&S|9@fh}-4w%1`A^B$_Qc{UoHjmpN
zrGhTDM)5~9^_P#FsRK)H*i+O2B)|~X*Tz&S!#VKShuy<yxG;u>OD~<p1}o28@`Q~p
z2wGV&oIf(Ke*1dHxKN@yzE0qn;iPg$e?6HTb(#>!yWn1kk182PtE_uo#f`!bE{yw8
zB@HSi!$_ksSSmJ~E^Jv=E1XM%{?V3W|BFae#?#byNq1Ockk7~a{OH;_NYe-W5#q_c
zk1mddrI;2UzIjtb>@YZx>#Cg&LjJ`@_A8c<KNEnsS+}#1Z<3E~@~y2iA3J?mfTqqo
zk(U2kakjB8ieN?5In;o!spF&0-lFVLh1=5kFJ1*_Zeb()&JnxnHGTzYTu#xULm73(
zN5!b9JD%m=grmiezd}j@KC|k8;p(o_fjUL2hlLk4{UJ<~+TcD$wFW@{(|qg~=JYdR
zl57a9UZCn$?tE*Cv=ovL5BGj)%dJ|V_GsV|QLil40BFVZ%|%tEgwDh0_ENSyL0bj6
z>cEQ=T8AosPaaf+Q<-^qV|~;@S{|;)xaUfAtCSc<Blma^VFs`XoSPJfZZa*e;z(Ak
z@+mKZ?*Jo&3j*H4GauW}s=#~+k*ufn&EtYFrsKe&N>bwd3F=hvPGL9Qr|D+1op9d9
zV*Obb#Xa|;k!RJ-9WNs{Uft1I2}2u{ebSVXUF>jdRq5+qr-J>_{n2|2Rv#F=8+mN?
znwlY12<q;xM9NwU<6kTlSoqR(rkWvU?~(!=!Hsre-^0%{tr}G%G{KF|Js=+9CL6@o
zgX~72#VIvbl=<bcWM7B`ZEd*(3!3RGHfwu52-7C<It4NDg~Dpi$LrAkP1*2O3eu5k
z+&>eK1fXsMF@HoQcz9+n(z!N<sqfn=x|Go_QG}&33~9&WcY}?=!9m^bwt~N$<3=9Z
z9-IR=B2nS(L3-(<x)gHL<$;_cFxRd~L1c+}0W=t>W)SCu$_N--&mDslyZ^E$?-yWw
zM%pG;x^u|P1PaM}<n1sk46vD<^c0YJ;1jIUn(>kG|APt^NPzm(=dc;s?H=q=`StTk
zpjX+=6L{fY#Qorp4&1;3-Kn!?iWJLfcmeD^?{n)lW6?73XX+qqx1A~dQ!6h6Nm`3>
zr6dlExEIv>G|!?jZ-fTR8X*u_0@hKTLVR;5V1B&;-0Xe*_*5Zn^H14QS_m7WB04<!
zMR)St{PuATJvG;qb6{*c<f*R}ds-{zJ6SQJ5p32c%H9j{!kMrUt)*i~c3p6wet6d1
zQcpunpKN%&NFO%yaKHw;cq;vhSSn04I|JHXuNJ^3LpM*pR^)->wPxIeBLM{!?BzAL
znl?NN?3Is9$@HvX2w#L1v}%!45%K`dCs4$Cxf>${sPt`k@D``R(3mN4=Jfbs^vs26
zO%9;{r1Px~B9}PTuM7_Qoo@9C@j=|?8saVLEge!ZSBnKDNfD(W7|R$WKQ5gcZ4H&+
zi$V+G4!asU%bfvGX1Eit%|vG-_)@vGeD^W#Iz^gaDl`k}IX2f;Mg^=s?>x1&Ad(vN
z*TwI};j+D#Fj+?1>rfpA1*m*%(n%{2ok`LK)~J<P8aS-cDA!hNqXk7ia&V6-vWV=n
z_XkUq@*OsDOexF`_s}P>Px#lLlrcC|4h-cp(DU<k4v_2()Rwk+Mh90Hh!`!Dlhlcn
z(N5sB)5S8+^gLLZ`-M8`ZIw>0fw4&9=p(?}L%i4VisgsAcyMKldaFH5wOZli#Q=<?
z=PT5JWy`7h<CdqeqQSDO_uXjaZBNtDU)*Ys&=;JFQ{PTTig{kUDDT}1p61Caj!GrL
zhf{S4)pi;;+4~CHBJA80b833y7}9#@A86gw?}}}`yf3MQk9m51jh<7q__*xlHs=zA
zLsVwx5Y10ND#Fwfcc*F<&+6cjxX#(YT<MT?&~&bvwG)EaODlWaZN=lS)DZpH*<Jed
zOxEano4QLK%u!OfPK_^UY#V6<C&8iM>=OJl+z>v75KUFq^lLqxeDm`PQ_`H1Kfp7%
zr2~#FQPXH@&TWWJW<F#^lI7l9Dl8i^+-Q2>VAHLI=pOrVI>v>{iYtdpgDZD^^dSv0
zB4z+sdQA<TgFt<qmR;!_51&VFrq9_68Iqne_}%v<1K89Yil!CW@n36jQs$?`_QL4q
zVW#ZY1)D&X@L5O~E`W`C<dAx*zRSTZy5bS-?hGN+3i4C#Sjgio-!~a@%B;h6X~r0d
ze_-9&-*Emu0@xz^K8$PfjJY!xToZwS1Az6$Z_Ix(7hUaH&k@Pxat8$Uq0L$Wr_yS4
zsTfvBxs-^wp3F*fEphN{bSh}>&EoO9BAqB>)MNsvnF)(#W>w#^Ni&<^x<zIGdS9pl
z&0uO<do73(kc5yB8;ahBVF-`XG0Ma03`~eaU1plLf-v}tb_-$c3>PEIG`y<BO_S<5
z(OG3f<9%l}C);5J20HLO3Q8AlJD2BJg4FhmF8p}sJ^bIQBD}-V-C@MO679!`6>zBF
zI~6hI^nnNoegbdbxWRctnv8LRz5^LbP%p6Nqb;@8QOqUsV`F?2ZGibbMhiY;TEw)s
zc0QR8vphHvgW&7FX_Y|Zm`MA~lc7#adOv3Gfyq<ri!atKsXj~kC!RI;h@P)Ebj)lF
zZT(haa8K4yhgK6%3Xv2XsqgFzoAW-vfdE-os@K_B?eCkHT%I}J0aOY!`l(OKa0O*>
zOUvmgpJ~gdK!yho4^yYJ4YLde8s!LdQw@eTLzTw&{s&9aLwbE>r%G^&LYt-phrf23
z#lI;rM*SO{{{Dc|m1S7e%}$r*UsQ~#PqU&{Sx7;N`|r0YgW5^_<KB~Vb*>+2<B>}j
zo3~WXO<F3M2m3p=qbC?~a4wiKqdR37c<60S093{m1%Lkzx6d%VxAdR2GCGRpEB-@d
z>u?vzp_&EOWB?nQ@cbzJommYYG$D4L)bAzHwHnMiKW@%NA78GaILSYoh?Y3(lSNy5
zdms&i$2f6RU`^z!?AZD31N>YQ(xV*^SGmxE#e}_Un?Wkj0=?j#h0^H#x_{gH0XZpP
zG5s$_$NFD$EL>dw)5LSCmTmlY8|rtSK_iiCKsu@cx%Ar!lv@^-T+C|_XGL_d{L~JG
z9fd7L?e%s2EkgM6R&NeCxPBrU_s{_w+uZcm-}~;{y+@bSW<JdG3&-w5TBA;Bb<3j6
zgoz8s=6Cm!^&$UXKW&HfSk*Y+_m~Q-X%`dbm_9FaJ(WbO(j`iLTu*lo#4e_@><xt9
z7Zr9EJ{A|bmgjHFnb+rcP*AW$>DXgO18L&+_<fE`i&#V0YD(C=DuISM6ddV1gNb4i
zv~DwP{wP{ckUw<V>tfQFw$lfJzstA?V{PO6Sl^95`0d`lKG^d%snzL~s7JL<*D)3F
zm!55%{k#I3yCB($FJdam5%&!6RHVz6Y*OK7N)}7bKf+}@j-(;84&&pxe3xD>cUv%H
zgIy0~8ggVIHb#7{zP(vp&wtOPy=>&|=eSC}3`e4kjvUM{jJx?Y)?O7_;AQ~U7EIQg
zn_6oXk1M-8A@Z0r;dw-CrI%dA;n$ehxYb}Kd`0`l!a05!Z*_<cK;&_#C~f4$`!-ug
zAN_J^p_t+Peq1#H!_MK+x&71@H0upYv;wSq@`sBlvZcvN*`MEpP_yB8Jz|SNk*<Ok
zf^P`UV+A?ZYFO84F;eW1L&H-z5`4iV)$K!snCZ$IEoS~Ad2q1-SzSv=vMy65OatHt
z%8yirXSe^bv6sk5JX@)@aXnL7Alr!{>p<t8j~y5qii_-L$;^h#9t1Y?-S;wnUuD|3
zLa6SF_`&5RG0v%AhHPhs!7pJ0UOy9rP(bJfh)zzmNekhBAF?D%aSA2@aeI?en#nan
zz}*j9PXxLw@_4{62l@eQffUAQeR<XoL#+V^Bht*jv#L5ZTZ|TRt0$jo8S;6$tLt%`
zihx0S#uO*rz)mtZK<%U!?PImEVD_rr+&{=@b`#k2N8cM*EbapF2$=yjQ0VLEwmv4s
zL0C4Aw;3?AGF)s8c{oRCCM3c;mrsdDzv}q`pmH;N_V&f-Hg=X7{b{f>kR%|x7eO<Q
zTV}xXkEXi+D*vr{Sqxh()2H(m9ud12LhpAchn}+)iQnV+=|s^bUijA{7Jn$QxYT2p
ziKuB=^9cRigSf1`@r+Ae(%bif3nO$ey!se;lnc$TAi_@Go?ssj9zdg%iw!<D%hl+-
z3=@A~$#2~HZfJszA=$sq6#B7tOD5Dbnl&pv(9;F9|8Ox>EiZ<+hl@NcK~kv-z{^ul
ztS#e)l#cq<jGM+vSrXVW`F#&dI?8ju_#m{`i-&z==Ui4Ar`qn=?%3OVbLGM?hrTPK
z`@~@cqeV>v`lrzc59E0i+4hfc%V&p533aT!4q@(^Sj7qZ)jqO!*x8l1_~k&J@JSti
z74LSb8CmzaP2%6H-Tv$U^oT{FMiiiwvfgrs*n*n-DJ>fyy;H#hPcw=hia7sU7YTuG
zrXmTy?gSk40gCvb-q8oF%isG54pJ7p%Ay^*oo0sBCTb;8)PV!`(}za>`t&aKG?aVH
z8b`!)i4$F|KDDv_`-{}3JQ%9ij=1~P6F^5iIin#9xo4_@-bfmmsTl=HdVW?pjjC$y
z^^lkT8)~uCe`Ef38vAQ4WOI8Bh1=2Ub!T0nQFdynkm#l3L==upYWi?Gd5Nj^dIqv0
zoza-*m>9)GMkeH&FZ^p1tGnwQm=93j%B|Rx(*4gc!S_zS9ht=n;~;abLnE?$2mjxr
z(@v(xXvY&LVG;;Rtg*_|$jrm<5tbuQfoH5#vw?BV4gf0_Lcnd%P=)MJB@6CBjWc0v
z-BHq7ZUr(6FXZDKId9k9iul*jIWD~)*{cFgFxVy%7w6WPofLj}2|lO@7$k~xtZPKG
zK*VSe-Kf*(m^8tDEoARWIT9~5{JZaS*eGb<9Zc2GX~CD5=?XJ{Z58qRs}^;XoLoEu
zh9ws3*GjbbH!Z8b0Cg5icmFO1kU}jpuB)3w>lUsRIaAE*G$ByZ6rGfWO01~B)uEpM
zuz;WgiX531^*zzjunSx?*7OK&nR#c*be1Ef1D3;w%K>qO3Z(o0VeFljM1huV+p=xj
zwr$(CJ<GOj*DTw%ZQHi3JNLtlb0YSN6YCqs!)Vbnd&{UA4a4-z@l5|qRTaq`L4Vm(
zY=XkEgR|P?tSw8*;Z`_c$)?uM?mvEWjW!q00Nv16<;mr1i?Dm)@jT;I>!70mL2v0v
zuxVidj1I!#c5mUu(rbYQA@)ry*U&LAI^~w<oOQ`IZD%$cdl3DMniaID$`jgygA?El
z@{UNWu)M1d&S5hr0N@aeRhL;UYnX5GUP3E!;p+&nkUDF*P}69=h3`<VRG*9#GpJ=y
z537|u#30J;>~6{-Xv)2<eChI@%+daY2Hk}}1EjUfSnEESNb0}cK|y^|IR?<6Z}?=q
z)*Y*jv`01xRAfkbjk`wc)O$#ygL@YG2EhdIrI=SWZTb%@JOws~U5W-%`De$8wV&~I
zf%4VsIeSFWyPuPH1@{q^xb6xP?QagwMte{;@=6Y(KFA9|;Q`UdH1}s7hsM>37;hYy
zxEQPP?1bEv35-?{_8iLCzx(cN*d>AFeGeT)cg>9ZDYbtEI;z=y0f$FnXut@+-j9ql
zPd`Bwn)C>{dN8R09`m)ICGXxoaO2Xhpcl>?M&m=#5mNV9nJ8UfImplk;<rmSecs+)
z&Tnsj+&{h#H}iIQyFXXM^!>cNMX56cJaA^4H!z;)FRNh){p^MOF($+rQOMadIe>Vh
zJ`;%@oM8MDH?mlH`IXZ`!FHg`4iCy<c;)ID;;^QK-}4_U&wCI_urnP)!mvJS*TRKg
zyH;XDKaB}}c{h8gI?^26rMDsv`g_jMOq(us@_3DEb<_JU^kpmkiU#FUN`KV!xiX%M
z(Is@CYxdyKc?YmDh6>c^<t87aNgbJh313$n)1+Uz)w7@zI$IWPDnSAK-tSxa`FMH?
zkV&W{ioAQ~w_TCm@}!1&$MOAs&ePO~s1UM*ntKs0VfH(CtwH_Q)1PVmA7MJna$P;b
z`bEdj=sEuOM)V1<H_@tsApE(AIeg&gwaGoq{>+M&D)6VmgY8FautDL&e#u3m!Gl;4
z(T6nK(~60aY<sjrvjjSZ_Vd={KyGQq1<YD`aT1Bn=9b-WEIq_LacF}wg0mESv>(0;
zc~@p+1M(9ac8c#@*T|!B`W=ntDa(qxI0@=_E2WkDPUZPp9xRp0zFR#;PKXNgfPmZx
z0YSlf<Ab$zQ&a~@$?w3`PT(7alVpLX5eG?eyZ~L~Eg2swmW;5a{+g5)udOwg+6rhx
z_GKQ=cnfS`$3f!kWc4MMhjLm~7}6@iZ_Cxe6E>5H`bxYk&egY~f>o;Wb_L&k%Tg7+
z8>gu$QIz;zqL%vZIXRQwaW?SZD2^+s03ziuGOII15ax}Peu_%Aytd_EVaTDB|GPZ*
zr8FOFaGMcSo6!Yvs{us~0XqbLAstQt*M_C<^LlgN`3p=?QfU6a36qI|`Txoc|6lGH
zHkSY6j^SYbuV-rAnwxh2+%Z0@>UWHkd#L04s1QI$O0A$;ED}n8s}I3d^)`h}sw<_D
zetl-EjJ1|(*rE@f1a%U*adJ7CaT2L%o8yI~$t4c=LmKofNJF3y<w+%wa>Wodd8!#^
z_ArAZ;ASbZ2feC8qFjquBg*pSxDjceEYFg}AY~OOcu6E7m*oV(P;-GjQ4N7)0a1ag
zQ9_u&7BOQYUx{rcC{78YS0|(?Smtnmf@xXA_vX>M6JzQ^uLTV;9go!C7(r}3_`>W;
zJ+Lgyo>H}AT|}du08S0lT``W=p>jE-Zc_gaV))XRf!?x)6Z(n<%76s><B9JL1S#Rq
z9d`fyTkS964~8pX29k6Z3wM^npahh}Ue<>L%UW_wk;s4rk?xASEdiWIcn9eoy7oa4
z!f1opWmpBqvSy7lIJ&mNju_MpBLKG!;D+o=CISXakHs1&FB8n>J|M-?*PG%Gzf!$W
zM^FI#)p$R^^c?J75Ayog4ijRm6--#LopmQhpsAUMMWD}!B3=VrxxdC`rP<JQJt<hD
z5sv^8!&W2;r63{#U{Y?tM2RH3fa8F{G4dUlSne_$N`?7P5zmRj7P3OW^Oi#>thfl5
z@jS2qTxvlerawBWMGIlHL`%XHufkbBjO7_50*TBakT!g-?hz@VFyhTtVMy8@Dx*J?
zQ0g8~JZ?ysAL4W&x%|*u494$Lm+jD7v3pZR>7{1lTYkeuz59pr(;2QuSe_p^Z*7}J
zn}$>UiP6Y#U=%dnjwJD7r&*_Y!*<(=QErF!`J>L~@*$vuCwv=y+0~wAu~8C8&7aLo
zlRYa4MBLajiU5n!n)dXP_gQ7z4Z=4vd=`i~XTTl_4m+p8tfN`ez}=qiEAT%VMOyF7
zbbKd1&n;iPhpXjlk(GqZHmlL>oYq-I7OBWC?4P{3eo0?6evT<tQANhf5xJsFEtQ^`
zHXRp=?y2I#t00+|NO#7Wo*B#@;FmPhJu`qeGkh%dw{l<FavDjai`!R=O>h_49h(ps
znao%BFC^8`G&Pw;E;$EQi?@AVEw`Q*d}v{P!*p%tmJKd}>zThj{8DNWzp8u|31Tb2
z2-#OcZ@iQpQ`H?=KB?v%?*?<XG4oUH+WA=`vk&X=P_C`^$Q`r7k43gAR<Gq3C5I1>
zfZ{A3AL*_KmsGE_B*o);KcO&}>wP~G9Ij74{3?sWWGlBR-`VSpCnxWze-<@w7rjND
z(T_d+E~;LSR|L~PUCSqPW$&wy4fUtWyj=5g0M;EhnB0UuU(CiJT2F`O(k5PUfNx*l
zU_Ly0P-(e^)xI-sgXwvdy3h^}*FTcyc|Dl0db`_ehToQt3h-j|S)yFJHEQ3ih7t?!
zFFluSQWrg!cMLXab}t&&k31eFvn8B4vQK@MN{P!fjA-aU^TPPFX|T$;ENeA*Xm{)E
z@-7~g{d^a$nYUWx#W9=IW-Y$V9%nmjf4Q`~@MH4WCmTK2h2l#O^G184^|Q-b`u~<%
zI~M4a!RYT3skT+_Z(vYmzdOP*r#v8dk-2uesnwdHM-@hyG3htocySQ44S}d)PNyM6
zREIg9L%H4P5mb&ZKX>tE(v+q(vL@T4J_`dInN^L-hS0ayL$xI$eMr6#bM4Y>jO9+5
zUuG4a2zP%mRPyuTkm(#!M|}PZtc)v8tu;{JJ8X4DzvIoO=24C82Kr)4rj1w!X>2b6
z*9UZQGME9GbI1P(_pwn|mE4Ak_gl}1_oTKs78O+ODFU#d4i6&Ol85pCerQuHq=<*5
zq3Iz;O?&%x=%;FFo_Y`Cn@j|E+X|vXT2ohsbI>A-?SWuV1_!hz1~}~-oAjsl8~<z^
z-#U@`-QC^)5#}tS_IMpB$iKltjM)qZ^Ep(XH2WwC-HbQZ$BVk({8;p4AG{{pE#n?%
zpQx4U(KZuTy;;$DNhK=e=rYP+7!S7=r$7$Pnd^%CBno9l$CYWlU9g4!M=GG(HDQ9K
z)J*x&DbeB41@>kkMHdZ7@FpR>a;Xgs#9ot;&4}%EsgTOiDdHt`$ZBIH6UmU)4=Ii+
zWYMC^mg;BYyb&h`r!KMfUy?5hrx~>lx#yc0L~LNHWH#O6Vl5#9919@`lfmy@s641p
zl?oopWth-~PW1?lPz?*8=x=>=jkv_Izg2g;D8y1O#w2*|L#MN!@b1p1jj7I38m5&1
z%rQfnQNQ7HcsL7vh^HMHvn7q5uMUI1!YHG4i9V;Os^tQv18Sp@o-@?l17NGj#@_i1
zsfoo(hIMDo`2i>b&9up^h~|$<hSyZ*(jllfW>l$=)~8fENfW`aFUz?}lD!OSy{Q#v
z8f|{!zW%Hg+~UX!rsBv%jaj2E@AD?&u5bRk)HcL5(pu<H;DO}Oru9hgw--!?4XV2v
z7fGbm)QhdM&rs63n!Tnwe(`nD#Q*zWW@hI2zy9U_f0oC}$n;+)KbVtFhi&(K`uW7V
zrhmf8$J=GuI-BK|vkz?GGLoZ82qNl5DkLVDCss?bxBp5+I&~ET2Y}6;**$6dd3-#*
zvm2^=WNTZh%V((~ovu>_<Y_<_A1s+sTQ6u(HF|PY{h<0-cl_K4Zje;KjdpXleaM+9
z>OZL}yEV;SXD<527$f3tawD>~9an2{2R?KA-@E^*kmm7xy)Eta`I#momI6u2cSh4T
zEHT09JZS&({aDG(kDukEnhQBdtJjp;7nMyEaf{a^Q@C4sZFf6cE0R6N`MNR0R0vFZ
zx7I4E%55ND?yLzWWjbU$zgScb*uA@(6Dw}O6O-9uKGt*2jrCKumyD0A4L)_B{sJ78
zau^eK04E@GpRMyoH4eiTHeswNAb$*R9nYa4CKM-WhBOn!!7k>RUu~eBtr@?ErSSFb
z&C%9VEya<OS!Odk+Oys=?C4f1(nR7CZ&)CvVp-2r9+9Mjq$n>F8P0V?8>OS^BcDvy
z{bgZ#jiAK6qmkgR+etYAu*pITXX5Oj8#b`Rm04R^ed)RL%*!}lbLQ$D+FT7>*G9h9
zT1zpd-^D;aL2nH0jZtZouSA4fzwhFlmaOP_;r8{hEWqD4Ir68)bx?LeY+E9^t(5CV
zXOpqOvpamAacx=e!G<zPUHlyjF)I2Pdr3l6bQKZTbT}QLjqW2*Y;1Z}zxM}K5~hNH
z?4(czY=hu{MzsibSMIZi3r)|18I@JMh|Y<&@~41l3RdcrYlap1le-Hxl6*ES3}6cE
z2vEMG<X*#$0kpjzD?GMjv;~N^cIU2cHAY5U^wMJf+vM>ahxpRXHVCb5d;ZJ+6s*SX
z4IoEy4n{37Q~|6c!7~XMGX^}!*HyJ!^e<MqnYe$6D+|Sah}+N2M~c9XHpU!4=F4(F
zqn)p!2JrUZ<(iLLVueObhLUJR*stc!aTzE9((sIC;7YD|;YGGMz4#jDm~T@Kim30M
z<~>?w>UHntX(E3%_uaVI7TpMd02?~*qFutY;KrIPKAj6tPuoD5y75DjW)X(7CT@ZR
z`o80x-iom~!9H}JLT;Apceou?pUxJ6>cW&7x6#;8AK|dI&!#;|xF)4JpuO3`gc9H~
z$gH4*!<$q`bX?mF7CoXngYC5P3?Z2D<^T#1*9ulgAvSgoLf{0t9NW)Gj&6<q&;ZK)
z7~r0dND6pj!=KR<-f#lh#IyQR)L$D1&qc10puoNqWjDd8*|?<n;b=S?!~y-=mQzf>
z0Edhq`~!pa=aAKhRWB!YZgrenN-!4;YH4?Y+|C{nLmmi-#eZT(yoA|=)?*Tebn1?q
zdN6v0t8U$N9^z}(J@t|oDTZ6SZ-DDRSET0-f|a#9<=K#8YT<isiiOWE@a&Ru1X&WA
zLOT*w5)k>a{@I6!KtA^krydX*`a9!sCb`4y3(8CB_=a19B<IfFyNs18BLhduAg{Nk
zCYZs&TROY$6ceX48!Pzjs-<jl1TfxjD+EF*#-W8Jtv&568`<_d+z(VpKpnvvoPv)#
z-3w;*YOAYCU%n?}UkR0nqHuvfcgqN9#tCa#ZnfKCw`@wIYSTsN^q!R7dZzE9OR|?)
zHlO5Vw0ndo=2QkCyu$#3l;9d2YGi>!kb%fp(S@v22X~i`x;XKFk_>QcW`kZ85kcP@
z;KLY#JidS*(Yb){5QLwywX%duhP>V4nXaH^2%M4VgyfS4VMhW_xjD5i=Q26fy!_ps
z->NNtj~M_aPf(DSG1;QUM(UCsLiFK8oM+kFf2e*y7xK;KLmT05srrrzNBNDgcnsTw
z;ZsWqb_ld3^<emE-8)YZ<hB?0M&WQ6f-7)k89Cm%YitNMD^_D4=zG-`Uj>TsqX`yX
zub8uZ+<GyfQ7n=qIi?3;j3j3pH3Uu5;tTO9UH|2G4;`TNM1QmEG&xR%yTv#ul7UCC
zYI0e~WdQD@5BI<*J%DyBB2cQB(96gAt|Om>g5&fRJOyivN)Tn>*+^=lA)Igu-);Q_
z7XU!P>2Y8H1EkDAawslpznO^v0zs@S%lPVcitOE}eCS?6rN*;_Gt&(Z*6)9&uhir=
zdc23Qr4h3fHeeM`ou7_$p=m+&t!xlB5^sab;!O|T1YUiy^FZ%m-^PAUQ6@FWr0Kno
z&krUik|$EfCo?y97{~i}9|k`rz*v!(l#m)mywQ2~Ge>?v>7v-W`go7uNGV6$2RW4c
z+H2D)?ZlhG|84<%D3?9rJKHg!+ilZ&_InMnCC4YPTTMA@jb?&3u2$%|v5*8dzBi{u
zha_=3cv_EYDs|T&OksB?4!nlZLn5TjP69TZ(5LZcqWrlrX5q=0lF62;fsvTp)T9T5
zDmTKe&}L?P(+Jv@)qCtj8FxaN9vs#L+Ne=u3RxgI#=5|NR+_I_aGbyS6cARdY#;=f
z)4IqI`)Kz&vL?n+xIBc_b!o(h(eyZt#XrG9@EXA{ae_M1l2{9d?Qti=zRL~uo^8Gt
zuu6B=&A^^588GiP<#9FQVIJp)h|gVK7Z1ssZlCwa)<p9S_mvX*8rJgC&waVV;;dIA
zIxRr}^f{DJ7$kgz1qZQ%(3o>J@lyi*#3s&O%OmK<Z}81OC8=bY`Pa(YD{Ds*E#)cU
zf}JLCm@36%E?4HipQSt%WL6dT9)6kpl_W<lFI|G+`#g!_lL)}9+k0*Bn^=V-?U#KL
zNS0cBMFmS#Cp`*70UNG8IY5thKQ)`fz^va3nqA8_N4zVb$2^Dj7XNUH$QULuVzSXz
zap9Q8)@l`$-w2d<*tawGc5=sGB5PO50-2JJQ=-_dKgt$^<2vIe1i{*(zqUDp=G;#3
z?ttPY@u%aKiO>?k79v;F;Wi*sFxW`0H%J)n%Tr1_a+4%g2K4a9qmEn^q&iIPiUjb>
z`Wffor-HG!%Jb*QDYwD8LeEqfKp%fdEPD?phb>J<@^bQ-f5|IHd!$Ypf&pA>d;Lb;
zn)y!2#^#2w(p}Bg+C3P#{ws2}`u$6m7RB;?2|%61k9Sb)n->}<Ym`u$|9VrlnzX1}
zmhi(B><-%x=o-Gl^0oh4S#GHW*5W9%EyyFLd*Xb?M2z49^_UfpW#K3ZTSpH%ykU%M
z;zMhbGtAT!9`)QYV9e*oo<JSy31gN8MAgn5(=ACv<NR*P^-kZfu*HJ^aX2oez{Ok)
z_Iz<Vn>RZwE&P2DVq*BVC}~NtdyE2zss{{gs!0D6N1PmEYQfp7VCO(-AjI6e$7F7?
z_5N26*PVL3_aqhn8-6G#p<?^1(%?xR=oES}mbel}Wo1HWywEmVTGBOnf1y-A?_b*>
zA6BX7KL8@je*#2C2A2O85Q{aW<Nm1_dp_0ABmjvszX`IYrpHI3u82w@ydr}BhFQh5
z4Th!Ktml4xR9{q(QED0!Gk{^dH10gBHv4Y%dVK0d%BHA=(6D_TiczFw7HpxkOBPSC
ze-56!9&M|QA05coj0V_SU2Yq8Di=%X=*Q8U@4|e)#C`Yf^q>z%YNV>A?3mn<0~xB?
zLXj>ul(Bu%&83hohV%=mqgr<`u#cCH<XM=&hgC~pZ8gx+;#Re?e8eBGcjoPW1NQ_%
zup(c>_<RZxzrJ^E1NIt5PF;DATr0q$bWN!Tf=5YcphlA9$pxKqi%i9!k!IpKG|TYi
zY(Xe-Wd?*+4O?1xtUaAVC!OVR*Ma!{y(LC0zI3IoJUV0p7tC7W6N6%tnp>sYzHz2Y
z<gJV8WDrmts>agHQ1g(qa&P)1|3ZJeFmZMTqID=pJY-nt%ga0mf2f^W?I%(;oH8Sq
z(V`Tse-Mnk@})>tOze_@PO^WHD#DzDPVCxE^$7ej0sV2Ff47*S0k>ZS<6`#iJR2y7
zeCZQy!u6ds#vs8UOUq=Rb$x;zftC|v*VUSBDk+Hz3(RwvYqxBWw-G>iP;*i)&LHf!
z-h3rQi==U%2B}3Qs&@mzPNgS6tpaK+Db_~8twSvYUb#4dsd>6#R^|&qFh#?_K+xvh
zuISfKo5^pnM8S~pBX%@YB3xVP#n~sr2*(%%m|E|M4QbAHuH$<*gmJ2che!7lBju5$
zr#4*~<sdf{X#loN-DY%QQJ6D+t;l)g0ac|?84t%m*a!|EN*Fi`L1}9O&y2nCOCvi1
zkg<{9m7a@UgHQYMKY>1VG3pF(<;BH~eY)0RkEVAnIp6<U!bzv9zz{r8GpJU|sLw#J
zRI^c?QX)XO$`jQ#J@)w={5aDZ8{Grs;0t501EqIw3LPtCJvmmtE*HT<hC_&s2IHah
zUl&2?JJVd^>d1=`v7<w0FQoM1L$+zPNezx6Ga{~DN1&(gw?(t;ai|i+VlpxkX%NtT
zbcVWji7{2gS1d-Nl2Hgx258bUEbW*Xc!CSP1{jJCj04b^`eh3>B~z{F=w~2hMQ4~o
z4rQD(!r~I|e4cYLL4@dkvBb#lav_vm3Z$rOJp)1pYGEn|%o(F6WE&)vUK|GwbaRWu
zn5?YiQ6<%`I?tPvP<3irj2L82D+?uK{rmFuGU<0FBi;pn6L6xlSW#Re7~Im5??Apc
zV4XiC&!gR5B9;3|n4Fi(!3#F$s^Kic(;(MOuR^I>L7Mf`p-V9zDq{E$&l+WPg}?T8
zUaEgfsYVysT;o?zQdl&nXZ;PUYF^ig-MSI3g8ed(f_ZWV%G{>mjk|0X#?YjuEY7N`
z@`#pNcDm3m^@q0YH1GyOLxQfP;V(__%K*(asNLrxhYrE#0A@vWooCmRi-j`<f27Se
z9D{bsdDFxb>+Yk;Z_^CkkBPbuZ?8&9@i8qVw7?^mI&4hL{4upod+{5Wy6(7&F!3Kz
zqChYl2n51a8DsTgz=*lV{gGZ=qs(!_l97|cmUzh_evL*zTEn{|PmmGA>>CId)xm%;
zu_S>Dv#qvk$oqar<kvii-03ixb5GSicsO;>QFGcLDjYENT$^1PTw29SaQ0kAj4kP|
z*oRY(h5>uO2Ay}?O{F8b=)KdHdpyBoy<Nz-5S8OCzCSXR8nqVQMSpYIGkh2u)d6o6
z!UN<KCYpOVTfI*)S^v;)^=tivqOCU5&WBfi&)uT=m|K=~dZ0K{IQiq)6$J7!T`=x_
znl_iZ__pmuSXx}`z!v1T^$Rcwp|1)g30KB1I7)=DYTNM~f<7prO`ELA)Q-b3R!6O6
zf}}-gyqP{AsuB2}*#bTq7;yCA0J`;U+QB4_VuUWANQ{m{7&(&1#y#l{ZQj&j0pT~q
zWDnOVX8MZ9HBv#U_HAnZEn_5j8~lD-AetV=(ffXIYL96G$O<nOMmUpOWa#iDP=KN5
z_9O#C+5)XH^l-h*L~zaM>lcECj5~rLybN<~30R?}h2_usd8cJzSWTy!<VhjpD~#}d
z-axHZCatLfxm!O$=;?dV#sQ3C_VD2^h%;5eDEsqOTgltZg-9kvGcCNv;|(bMGsF!;
z3+#i5iK}?92snl{n?w4{=?nlw%jabmq=&_z=KaDGI<nXaxe4h0EDl3^(i+)bfbEvA
z9yFF83ax)qZ_did4WoJ-@WG7y!91`?R08#Lu_vz0oB{MFH)O_+SQ8B>J`p<$Ydr^O
z>UmbsDJHR#n#K7M+6=U?@&jpw64ChyrbeW%`x|xdr2;ntzlZhP-H;VQ19AJNxNzy8
zecA{3HR(Eifzt$B2JpqKKeZ|*{HvUBPVLX57lizWDp*bVjQwKx{?}%35y@xFhke@t
zpZ3t@Icn1WWSI5vS<hn{yr;g&eHx3BnN!*zgOCFZZuL|Z{u(>N<=vX~Pe%hw#E@2J
zn<!(br~B7>#MR^osO-o&_b#uSULq54Q_L-d3RPPD)51~I3gC*-Z8+7*aZF_0EY-l+
zf_Y%cv<DyFs?FuQ!t86o1_RIL_I9jx@?4&zU9QoZPp@XfMQR-5oobYBvPQECL%qE5
z+dY{xRHzeMX9EmQWNJXrl^^3LKk;wWk++9UR%R;N;vk40@Nr3ef#J@mz9@c8xXAj=
z222Mo@tT?W=3QKXgzvM_e1h25`19pGhuq_>3OD342v=ey$;N1rT~=YG{>9qrFiJD~
zdBaG{+U@yK_%d%(DcHs$zC?F{R1C;!pl2pv{y+{p|LyJ<z6izh%YOh7R+j&eR53EJ
z{kI@;t*IHe)rRQ%T6@-77Jymf9-jDhLUT1u(zkKP1_QD#DxAu(7}-fGDn8QK%O|R)
zsP1;V=DRM7FeRKcd|7#*9>(Ff)BSb>yPB0;taUbh<2$H2q=ahgjKWM<I9;>$MZ9P8
zIeAlyJtI^PxgTfmp3HzdTash2Azy-@nYO82JxEYnX*U_vgZtp?RcV6t1RfOgarmM(
z)XyJ-KVAWZol`Ger~87-mRU6|SHf;P+S2Ms6Nqb<+~>>@M~2I!Aww`|5`&bC1Q|$k
zrB>R&RM(wMIM5ISuDpJ@Syj8qKW~uBs;T#)?f=;%YvK@eFe;p3FN%ayr(M&^m3fh0
z+W+x0!08Z9iL(`7Y;I9(q7*ON*~7X%o=felz%*zhy<j)TVVXCYG|ZH(pkOO%#ZA!Q
zDhIT9;13Mci+??*eEWnB<T~MrGuAjU+ZMum<_~U-61OIaCtaE)3|PTkSgVSVJ&wUj
z;B$#4={yM<Mf&BCDmFy#n4@nvfkLkRC6L;Pg6yD7*4Tx(uS2@oZEwvGdXW2vK!~}Z
zj)6Z+N!6?#W0M2_WJ+LnL<jJ+tK<};ki|@jSfnXm1<+~BptOv7HBrFjC=prR*`6T(
zoEDD2TxBkeyr>)othJ6lj>YM3_566YT}zaTO2E7KSSVbrjMQu}4q4Ee&N4}a1`3tR
zFz4STBPSqpGHO8cL9l){R98T8J3~AfK-VY~c)cWm(f$hmKCG51OGpEoFGdokK6>+r
zbAT&=hXG-IX1YkyD3!>$&y9-dppojDtbK?o!P`lPqom~#9z%1)_^Q2A2B>Sn-R}8)
z9=3%HpqT?F50gdH&jgmwhovRk-d_;%HrrG}S0Q?30sP|0>OE&);V~^Jydngp9jT5F
z6S@w)BF-qKj=}a??ibWtJfE!m7P{1Ii|mtQ@uX&6nSu4yseI6+y<<YI`voAl^Y)u^
zBb^xOsuC2`V7ZJvD@^pG<u-s3Bdx@K*G&)&;~*~3Foi;>m9!AI3lEA)%QCUizbYU=
zGNM~bm~3@3qSlQwu2$^4^o$q>T{U=G7!%W6C?k8)4$VwvT#ARwdJRP;kY~>GvFqXl
z3#7s&2nO^RPIlB;;s5~hnmCRicTo1uTlk%Oo~qmO0o3;am8@~5sv3=&VQPv<UDZzP
zX!+!nS-GF8OIXH>Gz^Ag{-%%d`*LGY;;v(M-wXZ#{43*RP{wGb%HE_!MzJcfxq#|#
z@hK^yl@vCej>;~=QN9c(Jm-%T;ap{m3P-3&MRPU_12*xBVLg~S!v_>NOqit7K>Vqr
z#51~UZZa^gF6LvDjJE6JqL7$UnJaBDf(lvrw%H>t=3Jr42;O3lT>4H1Ndu3+Cqg(V
zbRm|Le)i2!-e<CVUHKEbx7oUn6(BW&_pm6M(Kmg|`b5Y5m2Pe=h_RT>!tZVM*iH45
zQu$hgq1EeG_MwNy6fI0cn8V?Z$MztGkUymPOzD7)xxj>Ow`}9N>aqcg6tpMW8arce
zP95ZYRDf{RWh5CYDN^7*FXLw1;>?>aT>)SU6J~l<Mv6ymta(Ayd3C~O={3+MnAKAo
zVf#l!8I=$cR>acg4=Y&f(-o0XJ0Qa-i+tv=_;CtjT&^jq%um~}uBoEM&<M(q2FBAw
zITBvYDsF3?F2Zk(uIZFpMom!tx<;u|5zaow);9bZEoTI2c;l?(*pl++5^-z|gk||$
z6XSMhH<dco`^<*csg$=pe0bKK--R)c^z*KPj^XtXiqUyOt%?|6ZmR2P>-AsDI_etL
z)X<U<I-tFoEo50uhhv}(o8FjK_$RyHPgcL*pS``C-P^x+AET?c`qw)>ySv}+t(_{S
zV+aGj7imhFDMIxk;wZ&We~w$17-h&iyz>MZI&b26Aoq!>^=jUU(z0=BjD}I>4C^Dh
z#X&7sRTEiPoOLyMHR_#G!}2nIDQ06V9`MuMyvwvHXyun&j#SfY=unlI0_hFqB05=r
zu_jj178l9Sr#FzXDw-xg$wfF2?>t;hjzsC|pH_R*ipU8`%O(V#=S{DlVxTaz7o%zL
z5vMNn?!t_>y<S?W^(l4o;l!HMXlKx7tt5ZvZ}|8<oyaFt5cB|&pvdg=Eb}FzsJjCF
zQyd)IsXnehv`A<$C(CocV1$T$K&F~SP?MNZ`(t;$6ppPVkf6`zTZMbo=I#+@9Lp^M
zu`lOXZ{D>*rQ}XjTA8&s&Es885*<KJlh1#Qv?{FXL=FIbJA_ETIUfnrlwnC2dLjVe
z@&meBlK2YU&$^Q9B9E~lm&Q}&XTmx}X+`A*$}=lJ2iF@R^24+O9A#aq{3;k!clcP3
zj*R3K_bI8CI69vMxwF*vo=+_#&Nf9nUjq`e?`j<PDX3P1Gx3ad5Ira_BRLF-mVQ7l
zcpMEy>SI9!kA+?meuLIe*GKX5ktpsHYbW@kSa&mh(6YYx*2N{Ji&Fi{t_pwie10|?
zXPeD2KLasq1wYd+nAdRQ=X)Rxes6-nq4RQy<kAeD@%dDN?52r&f^q$5uexmDO170#
z*A9QlatpzEi)Vd`Fg*A*-4i@}{K=2X#@R0b)?WShfn-6D7lU@^az@iT;iJIG<gcO|
zI)`JT@du;K^0gGnzQwkLl{H%U!o0kr@gWuC60AHOUaN>UYc*UN5O4dZ!traYobmVy
zMF$R4^yUumDw1#Rs?gT461}wPPvjjNz21SkzO3(saLzVA&ZTf<IHHVw(7^9CU0-A<
zR&_XuTV?XCLJkN`sg8EqT#tq?x1)Xma<1$n{{xErTa5nS1vqBL|GEH|q9OU`u;qWW
ze{+fzOo)L1ty^DYxe<-aDpwUaJ6%rwBqsG!qWebTzkJ&k{zR6NFVwifG21cl+xqNx
zd7tw9-jH9Yr!=sG1}?q2j)WRGq?HuWngj#OK0P0|A06B(DL0!$o9;w#tD0VGuhYtv
zFP$-amxCvMuf1P)A>x(E#fk`+oKx^>d|z#dl<!nXfYJrdF8TpOpE*13hS^mqsNMV4
z$+5!9=YlW`hAeuws+)`6jm5vd>dq|cOKo+l*J`F}c5pz?Zu(<dZY&MB7gh9`8@`RU
zS}b0cW$RvhjmgjrP1F~qN?zMFfX|XB)mh&oz_uN#VjFQy?_+s(J5Vq}{YU_gWDdLK
z;H*F&bExvqre7cuknRj=PA-Dg;Y4U}4+R_O+i06^aB?GvkH^3H?jUpWeffz=kuJ6~
zugPY3O!zoM<fYuj5Lc2&tp<b~t7)KdyY<SaaBx^99B6VlDpEZokBZ;^a8}|fIm(Bo
z#$SI0*e4D20>b>Uh5v<h!$YTao0X@s@zG9a_N5&;xD1otZyPlN^6b0U&htvhIytqk
z!n--!qS;LRu33E$h=x`v2GBSj6o0Jv6Umjyl}*`_D^^_}n$O(Qyt!pH5kQ!I+=<H0
z^B2GC{6;Ge{UtGHdwS27+Gh9*?bl8X-ne&g97n!Q$N=IVeB9s)(*xjXo$aDJ&Rofz
zh3ZJ)Na!+9pdrJ#H~<k42=My=0Uk)}rbz1mt2pBAX+82J$X3ENm;m)>ix6OQfq5Yb
zp+(T2b4?Q?%rb;PMxZ~(gUBnh!NUlF1&{i(NOagilxqU^sbOk2fL=R-vH>-2>aaD*
zM<G@DSZUwvMYntML4`|e|Dt|?IbmJ8sc959w6vf31Ifggo%nQi`nLUCUk+|xukz#d
z>}>IWdHcLRLQ-@IeDv*)PZX+1iv-gU1`{9$$6r<nW?H(mvePXradw1g9$H8!yKNB=
z+dh)q)EXd?Y=%F5LE7!8#6xgP?S}T%-AAu$<Ci@aS!XTEjUwV~^3a$NX<~r~579d0
z0c64M_xY{1!jjAYKlj<dbpofA{~4qQEU`cCDSs&rrR15=)9hhEc2R?CFNtj^m@=#T
zr!0!g$S#$}-k<ZfE93?47hOdzad?ubr4XCnExHjP7e?otlPP5u!rSmlzj%sg-?5aA
zKDzZi^XvJ1ImOq{AD(^VL`uZh{3@xz`2-sw2u+SBcJhPov$KGKbJ4<vam?7a(2@XN
z<Tb(bR!8HF<ehtxYksGGN!iE4s4r_(SOz)YD7Oe@TU0OHo<~y607{81Q&UyOE(6JZ
zQfoa4&ku48`%Pb)>czDKw^iqc$hU>Tq+%IlGLc4Bw#koL+tD_`g!Ksxy4F@*;=<=O
zlsr%Zcn;3C;k$N3fJtevFf1*P%+>O5ko;Za+nDNS85Co)nTnTwM?P|F6VONI8|lCu
z$Hpqp`q3ez0{)xHqO}1N3^pu~Ekv*hq)GOZ{8%TwA5yLM%Zoyr+W#iYO$eNgYki7E
znGm-ilaRy_RG-3beto2nFBL_5Ga8iejCY12(u;!8&*2XWpVr4!az>y!mxmCi$tE8E
z0zSC=P0#>6hk7Ud9Vetfwh%yJ>ye9E@$@1ry<M_s^0nZU*GLc{Cht0Ats6AvDqZs$
z8f^ZIZ_|h3OMc0eAVd|?JBK#E`st%-GIOuQf<4KE5U=cZ_B8AT8vQ=6Lsnu6UF_?=
za=Y{*1cg@8uQN3K0ZkXovv2RR5%^Qq>F)8%7rqvi4$LqPK7l}oO!k*4&&O~Aq52_?
z8g3wXoFF$!Fcyl`O)q>^oT9%o|7_XV<8JSYdO52ALtXG`kI?YT7`;MHl=d&jD34LQ
zJO?c$tx=@hPyJG#u2RvZ_7UtJPs%Ci#~`XpIhp^+bE~%1n#tPw@zbf%@qsOaNkrbv
zbUJ60Y15*ne)RF5fq~-m9!^YEp%ED}v_0aw5(ma+aF!?jzBNtxkT@%R=tr=>8^AF*
znraxy{7R?Z>qSnyYi~nbqe2_HbaL}n7%)g}bHOca-_VzGD8S;K^s2J7NwXwsOk;5L
z*l9&)kzz5n%Biqq_39PO4ieZ4XJzUdhT7(oABvSN-8uFft&bbF!D==+GX>lceh8ye
zy!r@*fVlsvT0L3<GO}{q20XF(A~Bj&Ac7yfdq0$;{+HnnujifT&=LESht+O!c}eOd
z90$X~P~3)z;*n;mkDN(lAi$1z!~0YM>_;tqA3hYH1BL1&=j27aj2>k!A~fGiWa#+R
zj8nXEwh799?=;WEAih%U*6`WO%&+u~NYp6PxfstQVI{>bL?%p4|HiC8i`%SfEb1W3
zGs$p8IQ2{}q4j-eSWX3|U=P!$n_1iyF+2Ut9pU645?FMya0HfbY_q>oAu=EdGAWf6
zc`Pw&1aW11Q7fv88<<2viCmzhny)rt!YYhn)}G{yP<IDmVIWs{LNdev;WRo2SC3#c
z?5x!us}7`>*o%gf`Arf3yrq3|91<<7G#yZV`nG{XjW{kkTY~E*@C3P=ZMG5Bdz)ar
zFL#s>*S^$5)-Jo<j*x(7k1QcYHuu9DJ(xBUDO$X7ZvFQ?96%a?g3&0@?@%vA6Mx_U
z&ToYgS&Jp2h~$mXA}lTd6hga&WUi(MmylsqHatY;RdG95<j*bMliv(UJ)l^i)IFPB
zPcS)E@VU5kH=jv>r6%>vpHx5#(~HpkN60kqIZPCd09gTr1&ba<*_43&r7VneOCBE)
zL3~lh;epfX5TpGIf-nOe0>%?kIyJTGnOB7FvJ%fw(ec$wMpORG$%fxCiX2FWr{6Gw
zB)Y6)oH26FQ71$G6z}_sU*%5kfB^IqHcj6(6=oE)2544JeDK~QD+s}3?m3<{H$#uP
zm1>g<udi)nc%?^4k3!eC_jzKjXKBwcjAa{X&?%+1t(M$-W<;+}-dLT0N|Xx`&3Bli
zKd?{f6i?ckK=3WEO&S~GJ6=tkAA_x4Zw@dr`%n=iSS<I#nuVDWZ9zAKpa<F9gz%9-
zJ+Ro}A@gl-`F)_%^fko)2eSI7PX6Cy#lZewlU2;WY11Lw|B%(4B5V_C#L^%8B!Y1>
zbPW*6-9(%vrcE+2Bv8d0yni}nDmBFdmY17?05)Bk#OIpYukXpyTVJI2{Mbt&l(4i`
z;ml*loZ~PedSk-J!O8PG@uyOWq|#o!pZjfjOT;@eN8OaLe-=F9Om#;^uv1TtR}XhC
zDNV5xNtOB0zhqwX#EBJUn7IpQLzgY8D@fMXU?#cbi-`H^v`BQ*e{JQ9N-odDc(dQZ
zPDC%7v!3g(n+l>V#9xg|W6Oe)I@Y9NwW1<}Z{7`<tq+fC3)kmPi#?EBo?<s6DGrNv
zT}o#zM0Qu*Xz{yQn5#1*W?5?gdX~1RzfR9(XS@vaIviq8Vf)RXvvR^NbU!JLDAi2^
zLmE9~0PN7DY7)*_iYE-aDB;C6L|PM$_xG|};JcSj3C_GomduOJR^-$sHMsHQjYQlD
z^&M(@jztmCAxScI>99cQrzM1Nk43wn<|Nyae}6cmm=^H_ougjI#@baa*UF)+i75WN
zZg4O*L*y{P>2gRXjXk6gc)xt`Ah6X?2IrAGEILBB>Ku}})5k0eT^m&aHw0>*eOD+X
z*UHWfn_whvWbvFAF{MQ=_T@Zf(r+g4BDa~brpQvnv3wC@b>qv&fN^r`T&u_q*AesC
zO_dQIl_|RmLx)5v9bUN%&J@LyP+da4ydBPzzR!_fu8#*jKpu0+<F=n9us7C51qFvA
zAt+H*pJ6r~w*{I1iz`?ruJ+Gh7?0K4C#$Jfht}o<R=L8R7Xb6pU!*X!&j~J^_xIIh
zfjPGWF+^xqCrp`{Q4(G)FWD~|{l&~2G=DCLm^vYVc>TdGm`*gCJlkuU!?ojhAi-1t
zF4`*rPl8|^-7vBEf)HPYMXL@1GGY$7UcDR8gBp>u7#X4Cx`tf+n=LH;KA}t$>6GSt
zxg%2budF~HcJ;Psn?>m+N7my~H2OBuc*VJHD;?<mCRxhuPEp36EPR6{Qc(iX{s#9m
zt03i9A)d(!j@s@Nw*-NGZn+xrt{`^W5H44Y!@?csFB)ue$<}A;BuO2E5SR<};5(&&
zy_!8v#GEOuk-f@Ebsm84OW4HlGL<dm7HR~(MLDc*sDmo+Ug0=tVkk8x!aDDr%5&=V
zo@7%?)HH?poU^zIM3K?ma?6gb5}3T)av!UkL}_oL1ZezgfvzrH?hS(KiMfNOda-F_
zGC%1h0*5V8jFuh9VZD^1@X74%I*n-~)tmQ8txDZ|F(hl|`0cWVfUu<pn~o+!z<qX_
znTFMbDO0i%02)o+I$8pEcWnVG%;DEW*a68EO`Vluc=9sEJzMq01*VTSiwlRII1@=H
z@`?m0pX5(K+&x?YJdOOa_<lDCFCV<{bDPXqwKY43G#kj^+1?)~_CXWU11JzTpga_?
z*}rWmXZ@`xqUS7f8o1R?Bbn`!Z+$^I1TVRqfEm{3k^#rdl)fqrCIJS;dR~FSnf=Y6
zYHw=B^HmLZnqdFz$O5?VCM1zRCuO8<_2bA}fb$4yTjA0^AqeRy{8iz=TeT%OXdq6R
zx1h72O)|Slos9t;9Zz(m0+y?22=D>HaMUUqKm%XmWa{n^-@bz7fOG<P3uNkg1xR{0
z<{u{u$_QkkwcTReXFJR5xh(|X+I-Sdka=CB;_i}W0#%swh9`wUYkgC}c(Q?A0~+4K
z%Mg(Q7J1kfja{pA;=2N+OD7YNpgBpE%lykR9R0Y4v1E7$Bzrk7r*<+?TyjjVLe?Xs
z38v0gC!xeifC3162*5gaMfT;f%dxOx*`Dc7{z(fgHiUCdy@2&H*H!t;c&O$G6R@`H
zmzAo_)w*QF(|~3s7n$cU$bgEtI(z8+7|5vOe!_hPHHS-w0X~E1mKv?16N^z2t$#OF
zAxJ!lBa;v0M9`x<9*^6o3;OE(MW?hA289JIPekWDZ^ae+Wh9+?WJjK5;#3Xhm9k2`
zolr8<fl_<&ky67PUu3*$S2NHu`LB!fA5Q4!yE?WM!E1EtZ~4FoNkkxnOh?3i{ILWS
zMH_MUQvo1N)|_4>1n6?x;Kz(J)U_3U24^z-$IKr=5!)XCwu=#HX!c)W9Yi}O9fFyY
z_kU+WC>D^Q^4H}3FDmnB9XE_sqO7L}wX8k)KiVC%z<6wE1%CScLLs86uXh3XQ%#Q|
zyYLBu2u<31o$n#=G4@BreZ)vSvX8cE%!Qw;O|BUgDx8|vz4zG-uW>a`=Iy{TYwWOS
z8_Vv+c9+_49KN7QshBt|6C%EmT7dJ=oyc9ZCOKr+4nS5@*TIOB5VyJp_=YX}G7`iu
zbMpz@v<TKjiT^}u9LghxL(SL&gF{$jj|J_zJk%lhC`T+nU6`qbrchilr0-_aTv$u{
z!1X_yGOa#_DDF=Qcz5-<2J^TnAZ|*fb_Ns{1PpHHd$`z_A*6#zPuT>Lfh#1UDF|5C
zy!LM)S}B0>Ix&a(GZbf0_i`%P#`Tqjp&GX5_%Zaqhx$@^xxELxy1x41OKi(K@n~$W
z%S^8elGTyF_NDFqJU5oU?ZUS;cjOs+<1+P7-)w^7ftb5NU9@Ff6@q0<aHUG3{Wapd
zL=RT#&{Q5aU>wj7i9a$M$qH$^3}>PgK>oG!HuSf2v^|dNBHV6jT+)Cq!$S#INv?n5
zN6%l5w7J&4+2kURoy~rIU2|aRK;Eo7WGcI3K!!(x(7Y{)I(7=gKby*s4S3zX7GnxH
zM~hbgeW7o|E(X%%`+j>k=bt?}{rwN5@gI+TF|acHx8tN@4at9dEolF<*TRNkkTPCz
zkebEp005uZC*UcU#HnCXE}E|0*0lKk{MbT7nvpXp0N#Mc+w<(DzZ@rj%lCys8m4m`
zAqOX)CR{W?!5e%R1((1`CEFm3R4SGAcDIE0gG{5m&5JKDW-izt*I*yV1v}%SKIO7|
zZ{oLq+Kf?Y-=-5S_p_|}#q^wpscyjeIO)Og+Qk*kOV_hBN>TQ;p=z?EygN6#bZ;Vy
z#-qD^6#MJ*u}Y}oQG);6TEBo<$=^{>{#)=XM=&Y&VCvpZqbmv4r?c4gQ1oeBt{>|N
zq+G*Y0LP>6_LaT87D>Q_Sz1F>_sh#N5>s<PxS5sT{r;kg0P=_6L@D`(cO8NE0$#pw
z`1cf)l>v-Dhzn~H?kcS$5frBf&V^E~FWF*Xvocf6;3S-^H~_+C3;Jh~HR<bo;FEky
zi_Tbf9w}m0nh~v_BWvm66MNa#S)xEAL#OdX9)}m(`~8}@H~H|g@1CuHls?ZRkq3Hq
z-JU))AJEv_PE#rdnJhP}#1};oVb(K~9BpLXoKsja8GQrg2q)S<$?v0^6uNpVmlh=y
z!G?(vn^_;)A*;oJ|IIMa#u+(wkv7HxHHZM(f>JJ~=GuJpHj8qZiEF3zhm=@<j=jb=
zhR5|5pbF60V9|a0aTF^2QDR-@ppPkc)TnKRR4hr#UE`#gD!Nu&I1g{T_;oOV4`zKM
zj+V4VkhZjAqa|ugSN3&*Tka34_5Ee7k6Qst5s*EO`KJ05&nr~~Wk-fVrdJJ}`))FW
z9%LsKAmmpL9=`9wU(uomj+JoleZZfB1`vZfAkm-pbNd3?<pqv6wOMuFOHW^4-T|}<
zF^s=T!;OdXJVw@Ux+cy=&UWi>d6%^+0aagC!wem19s1syt^mjl`MGb?-<nOr#G9q7
zmLrL_9%rux(c|FXM?NRiTZ2lGdIKT(7^j}oV8Q<R9Nntuj_K6KPW|c>An`SVdl}L(
zJJ7x|at<V~(B|$(0D8Kr(Y2#Aa12?6AbmjW`O|Gtw4{Q@5k|GoR}&f1VCGrnr|eeP
zoJ}zk<NS8WjPOzpFryE!);76RNs<CLAJNVIy`5mf$;#nGw1klbn+W|Zlo|F?MqLHT
z2{AvSi~+qV!$;_%$vd<-JG%9d7@HB)mZh4TG-_(nEFHctwiw+nLZ(NXb-|-=ZDT-W
zkXKlUa=64@Hi<(efQR_4zn~~qMdf+#yF3~kiw>R6&yX!M-%_A<@jmdFHc;VNSS=ya
zhc3OVb2l7nj4Zet-|tS~prJs1d5~}^hNncn5+3!Fcksgs+3h7wDp165kN89Ra!461
z`~?+|T4f>ibeYXMy02v7^($o@Q9gehVI14bQov<-XJe)Uv=g|4`#~LTk6r^;>y+xj
zJety^Z%vK2QyQQ@V0%@DX^d_tM0<+k{FCNb+;iLUufk?Us1nYW@w`XY3*$z^xQFzV
z0|~jI;$v+I<!|3ZVxpxUu2S{8<~>b{&x&FQWlTVjc>wvkX<&Qh?YzqwdD}X5k2oh6
z-Nyd>IfbS}KvW+)89`0z0<!DPXg4fUs=R&JGR~LmXAtVeA?UtKhXTI!#IOL;NJs9V
z{X#-dt@#0lRtb&PtK~sJ0{(r(=b$g7_rO6i4In@B&Ae1Ifzgmkzp#~-yQ?DhV3;&%
zmtwZOqOHqSgrIi7jiz6nmo2o$Oh)@V@c5nDto-g&gA*EVz=;UH-{F?Kw3}(@`iKTM
zN4NlL>u?@|@d?3uQZK2Tf(aQn8l`3gd+j0UTmP~${+Q69N!1sLA8a$!DkD%yAq!th
zq1w(U!{NKC*d~l+w@5mpk~jj6d`dM5dcg1UFVTPIIBHCZ-3Mqy*x2&`tsK9nS!M6>
z=``|@W$Gp3p7^WMH(ld6yD)8-sYIB%2<v0i$FnwSUt0$H`S0pLGoC%>TD7v=9xA{m
z@}GuY7pPm9kn(3+Y0Jfk@-tsT%g|W>5zC7d>W`!MUuOmEjK>$NN+IGGApF~RcQ2-h
zQm6=zC+um&KoZaE?y(w=;#XyA&M;de9ix>J3ZphkaxDs{z!D>;m96*6Z;F6vL#lIU
z%+HtnKYTd*hM^3mg(ooTWNXFC4mOG&={rf6`l)6$@}|ndu|O`l8JuZe$)C5>ft&uZ
zf-SP%*k#8kXL%qWcg}ur3Iq~)RJnUWyiI4%CcU}1-QORdGqKjZhh-3WnZte;KUG#Y
zWqX#Sws8=JwjijqOQ4v<gnoG5C9bHRBjH0Y7^8Zo{^zg0x^@zF+WMZ0A3{cYbE_2a
zB541v$B?|8`Rf`h`#q@BO+B_1Uga0AAYc*CoC;;9U0)dPQ-?YdUbODK0>HO1aVZ}l
zbiOdyxoYqM(mvz%pjPnA99XVb<Jc8n9-ND37Bj92?~@$qc0M>#5Ak-B-^}Ur`3BG*
zJ_ob@IL~zEK-{SVBx<QqVWoZ<;_tTB-5KJa+70;(J_%Lss_?<6T7+D;)tFe08C3P+
zG`e%DjW^GD8X6x9-PmEP<Lm#fc`?D=OV|ztPxNG{l7M&vbU_Awht4Rbme1`1$lkQ4
z*drPB?<eaUb%06VV^vXO<t7vY<#8BHVPFRBBYVN0g4|&o8yYcR;1g+Z*b;#ork~@e
z_m2txwTL!c{>bTOiCYj6{dp<%R~}e4&+$gCP+XvsQ~_)AoIpw`$wZ`QYJ0g^T<rV>
z1Szi#`%g&0`5(dyCXWBQ!`!T)X}>l0KN~9P;!t&MS4l;?*)i;$f@s(RP!9;;V%BR5
z2$RMONB>qS<yF;L!*Jq`03-<n7OQ%CIx0WlU+sP0B+<ADA2u-BJN>pGiys!$xUDC2
zs2V%%U4O@Xd0qZ^b;8e%dhmqapQuIH+?HCxFwn@J4E%segt@+azN36i^WXk{4ayJP
zTy(W89JGt-sdobX4822<K2EH3e&W@<nfe#1But0779{*$d>qD%as8q}B9-t=%giob
zd118<_HeV-O+B{!h^b*7@Va(+!#A3rHHe)F06i)D{;8Br*pA_?h24=o>=U0RW&#SQ
zcaSy^qZsgUaNjlmLXZ3Rj0)>g4h$iIL6`fkT7D;cxZ|>!DO<r)qMA2$q8Y1FiClbA
zir(TwB@?!mt}XEbC?L;q*P}v|_+JjdLh1Xil#SnOz;!)21z-Mm2!bD&?Qcly4`o=8
zK#!lw7KcO3)h@!qLBzIDamHucb^jk@?-ZN~v~G*$k8Rtw*|BZgwrx8d+qP{x9ox2(
zPICHG-CK88?Nztdtob^h=lH&%R}tSBo5glbUA>Yie{sTZtUrjy*%(ft`T*xru|lH1
zuN;ljx$)OKu6V%ZRVH+d7d<#0XLn^g5<R?GG_;Uqh8E!zADH1TDP_LpxT}w21EJ(n
z1Bt5oK_Wz1jkD27jNHTdFu&lyd#oX_I}RH_uAF(ug;MZgS1=7*#t}2oktPgbAFr>3
z<)sB72If$_Lex%CwwS%8I2i;tm@$IL{>i=a&;aPzWFW1aExwx_0>cvox(?3FMml~L
z@lR|7TQb@}anbqf*<FqvQUQlVNDh7@&GrMW(qQ~dAKg|P&5ikNeXz0S!9(6SN5wMP
z`Lqi}n@~qGQexlu8BhdfN|4N##wKqB`CUdRTE~qBj(y>uGNH9$0t6dGSO7#4W??bw
z3meSv%{}jf{n4{&zG2Fs&ALsNn^-d-kPS_}8(av7n;ONG4yubBMPm7#=LW{mxjZN2
z6l0`k`e{ls2av)T8(jX~FKC|Owp<uNrRW?aXx#Li1N<DpOYE;6A^*Iw{*+e!M!Fzy
zO<D=@5wBgDC$K=yZ}w{!mjDQKf&}33jz@L4zdx5pWf`T5rCi&+1i}G-QIYf|#Y+)8
z8j}d?f}b&sG7;B5YlTllJIxF0*hiPrfk$sxHnRzlqRJJ2T;c8bo5TXfgYpriFqdTX
zasAH^iH+aGn29v&BdUA)V{0#TFjCv!*#QOErkeEx(lCj3R|;F&MuVCeu%<v<_Z;mk
z^GBM{Z_7M#u=k)Cxx9J%5iV#$(tA_P5P>Lf5aK>CvJG14u!l;wMB_3dd2*QAmcIc|
zLBqM0GLD$3Hbo56BEn&j#~wpt){H5JRyYI)7m+8WD3k$42F#uX42Igtmm9Ur03a?g
z_w7=#`cDs#Sg4}z6IjJFS6D(OQwFF6NSn_D(@j1MM(Np5rgj*g8eVd}!FGJjzx|Nu
z6JR7_$6`%?JFb#wJeCit8t8G(+wKz%p8KnUadOMalX3lyH?B<CT@Pi7#_y;)0owlQ
z?I&4sw9d6ac=nNgee;L9>eg&EqIQ)>;Fv(<Qh0~++0N*W`HTv+kD+qiRaFD-k~j_p
zv%gy#0_fe^DkrTgC{6#C_(Ib2D(Aq4g}OeN|AlZ8i7O1H8_T|Q;1pZ&)P&(a5r(W-
z`z6qR%Q)Gc8zBHxxkIHZSS;^ZemRC|Ry?B<W7<D;Xt_qg1HoN9q>SkSSCcNVPLXRD
zesU$shye!X!Y<qBDr6ST#vE26HO*@jeaYD&?=n&L?poVS?_@dS=Iw$Eqgg6TSZ1vW
zH6uusg|l;#07k<ycQW=ZH$0ven~0vXz;8G&3|z7T4@{tCLDk4`?UP>-<j0uUOAerN
zHoXF$)W6;F@BG}1=l5&x^3L%GD=|~Ge=$NYjb7+9dJxCsRmN{z2%XnsV$ANu03&g=
zvyv5$qcWo#sgx@r2bFw+k_dbPJ76S**Gj!2(SzT`zh-aMR26jvx_QuVD7_nV=`JV-
zy~N?*!IpLAq?<WX9aqTL9JwyqWB^0rd>t*VLS;AV59#KGCGr2&+3GD$gidmNj!VHX
zt5L%7H$n~=CrtgR8Y#C`J3Vi#^*t^$*y>WqzKyIGSC=5v1?###S6MW1GpYr$vO$qe
zrDz*n;a^jygp<QTkQm*xQ+@CrV@=k2Wb~z~ZDH$q05wWEj`<mxaqx=}i*>)<PqG>M
zQc@>nWy!K9nFhK4zk%pqF*qDT&>`k20sTn1D_?F#!a}Anb?KJ%hYGd@VjKryFF^-7
z`8>YV-RI2r_0*`6#>a^j0tMW!^m3DX^H4mahJU+MeN-%=EESgAlb^=9j)#6iBEnVC
z7DY+HYvBf_Dxq2xB}y|a@N8W@BwoVcFjMd4OC)D76-^+msq33I49ujphAb0s^exiu
zs*8k#Q@E<bANuzV9X$p@r9avWG*TOPO)ud8t_BmWn*H1a-l)p+8VtXuC<~!B+=Nf?
z5f6RCiHPtgRrU6bzcgl8;s7$n7UiE0CCJbTn4azt+2I>8EVmk1;mHU%;u4bVvCNFa
zwRhDcT7<PAghUE*`%Z+B4w$ntBGrBkEoK6QviA~q62+?S^7QNSB!=r@tfbv|34WPq
z2X^OkJQbW1Jn)pQ=Hn9}nnSaR&IBipDLT|^4e(pxEF+%Iel}|iG)n1-*cSKuoCE1^
zr6_c@<L*OwzW^`dUt5MWe2$U(e&I^{bg2+bS_bhWlImG1w}&6O(6^<&M<C@@;cSYK
z9BZOW6caFM21KnJ7}iP6&p6&v5wYVXD;4@43zRYsO{&tyX{n=5FyJMWgjwsq`ps}l
z?P}K&8YgSnFaM5cJ1MnjRcPhN0-p>_7~`Zg$8h|j|2j8iAyvtls?^))bY&ZwyKSHx
z71zAss5dK&>$%^G`NqvlKeJ4?nz?hcGy!QVpm&g;BAY7uNz!|MRe5#PMboZp=ji$5
zPb|@~Jq@9Crj%a9k>$CXtGl8L-#G>!8-Xitusr;Id!}Ih2u+JU=?*E)2Bufwcrz3J
zFHsttPTUXae<LT>e|Dn(P5W>%as9W;m=;Y<`%MXCzkjsP<|Is4xH!jz-yhD&YK%yf
zHD>haoKQjOl#vDzE6=rwe>S5kPfa&u1B}3-UseB3FZa{s!!`o}u(Q$c*q}3$4zBwa
zMYXKt@nLGnnF%M~hr0FKz}uW}@Ap^zUvCQrHDxwV2Lt>+!yJ+S@{C&fY_#o~mL3Tu
z&0Le&ZD&x4?L9JW5V|Es{5W^MkInqr+IzqM$tN!Ver?Y<_3Cubh@6p4##tVXaO;=I
zs<DvFu-n$7%_;3y^WnOAww~+|)hzn1n4r~p{(?)=l=8`Yn}jKK2U7%t%2Q4e;E3Vl
zMC?rz{aEwmW;08@d0=z@r{rN+OF@fg)5fZ3{At$QCS(yYTs|@_keib&)=X*lQdLt`
zBM2DqP#Zjsg3#05A(?C9Z&dbgwTduJh+$LC9a0Dlgf!1P0P6z;&QG`g@f`eN#y5=8
zRC93GSMtyKxe3iohh?h<{0b3j3T-mIrQW`7|BY_F9$&oKxsMN1%^%8Rn=@gBj&M!D
z*kQRJ0ZpoQUnFCX@kSl<?nL`*3w^e+uIg&up^GZx@hR6-gKg{7JOHdG1SNqnn?fjz
zjqLWFM4K&2)zO6K)Gz-4@mFu-$*JsElhh~464Z5kdYocIhRv<)>BGgz%TV}K^wh}m
z!;R6msh?xV-&6N#$`=)&D852YR#F3LSSp$E1cN;ynnr5d$w|#<bBb3Mb~SDzEA4vf
zgmMV(yjq3O*1tCf{BSdG`Pur;Y8iY8)q7Nn!kv>iD;=cSfsPi}(T@Gd2EeKb@A-)X
z(Oiu=-0wZJW7PpW0;k8=-zsA=Mk)8r8VZs};q3cxHiK9ktl5GdvxMCRX5RVh)hoP9
ztn0aGD=494iW8%<sy7rz1oJoI42%XmA!+Q6<uR?(FV3^mAp*^oRR<AXmQ{nK;K;=z
z{B`nvsFeB;as7(UP(g@yAL7%;kRO@j>Z2Ed9U)pj5gi)81In;$Z|mIe-<QfZtEQsg
zA08f;x5M9$$2KoVHeo{>6uk!L`n3{hTG8#0iXxalALYgh&$k6W6e;6d#9ghTv!8Yi
zv8}1g>99b!sKGD#U!)T84Pe^amJPI}BG~`nuQgQm;$=Q4G_cn-c9MSvVzH}OY^fiU
ztV`Z!@~|3K7m9$^(?>G6=sV_{r#W=O1NpRh&eW)CnVVbmGNtn(6j&zh8;IAA<@hi-
z=&bhp`t>C{vcmoSh3<p<n%jnzg`7ueJwnhu>H|cHy$0a6+$Hc5xT;;OEYtw-n8N(p
z<89ozTJbc_hBUK=BpiO7?}S4r6DrzrN637sVz=zIrb&YQpnNGl7*58JxCo~P7Z;v}
z-=#m_g-`H2bJ$1k7)mn<vrs*HPWASvu|GIO?#AE{iABap8*ff1mkLWTaf^q{oyIp+
zU$=Ztv7UpNO7^H&T4<aka2l>v*-I2EW?67NFs)t`_6^IBv#ci(3|+NGxF+&F&qrNZ
z_!@zfavyzUH~*)9Yo3SN6C-6F<0#QE%34Nddveow5GZSS_wAj^%B}|*ZF2xqqj^xh
z{P86$IMmQ&zye3^#~~r<jO5ryQk^15K3ljqdw=)(-aLTQ!3{&w3hrw&)-t!x#w(m_
zIB6OBVej+%iGP1S7*ps#5d(dXNpu%p{rq_Mv(dLZpVOb^_tn(V*ZXpN^=r`4p~blE
zJH!w|0B$mnsU71ShsjRc+u^oFB#{w8vhYT9$alp<?QYKnU|5NZl?;US3Su{;v2P?B
z2~E)n4`Rs!6wtS%-kU68Fxaf+je;|IOa+^<<{bLZdvO7k$K%8}al2Gq+zR+2V8b^s
z^zT5ZiDc1X@WA_=Oo1aI9GlG^`4KP>lYGT?wc={ESfE$5!7{{`SUgVhursr7?N?B9
zZolj%d3npzhUHdFKkKgz0&qY&6X+6#%u@b<-u+-0zoPu(*B7#!<g?fGT9brK;4feX
zBrb=ShPcM+T0x#zZluV;rTa=hhveYTlKG-Ppe~7Q(Gdx7Efw|kl))uFzButOYVFO?
zFsVY@=IQU)v>uEPqG)o@8sUzZ?$&7DM->6<X@e;K9;qrA<nG79GbHb3&2t9D4O1^z
zcw5E3!;FS}&Dct$i6125`VfFOmr%L%O^>7t=0Z83gpe^s;6&r%Ad#TBO(TlUJ?^v0
zyhp9A6|I9tH-^=T74z)=r@H=kq#bVj9qdS3ZgF=D(`p)*@xTrr9*EA_adERt3;@bq
zEnthdMxcf)XU!=D)iJ>s+$|s&FAi2sB3n+lM8tYNM4-cCN;o7^D(QY7a-O3N10y;s
z>vpdpHo%#0r{-;I>Si6q^QDufAY@6MB@o)!vjyA0fPyTVJ6TDH!ICAhIn@Rpy$q+q
zv${!k<0f;$2f@pf{>feQgVHcl5Nr%%&_Hi(R=J`*fy8m^lInFs84>>VJ3*Sm>4JXu
zG`8vl(qC1Ne`RYLMt!@Ysg`?aS5YTS#(_6;IoSyTv=aGSrK|QqrP@6%mj=gFRaLEJ
zNV*+RV9fZidLtD;GTQF3k1A8Za46^`rU4WzUuGCEA7^%mk16pf>=T-ennDsqb~%Da
zri1-Uh7Kx2>khg_eL+hDPNq6ZK%N#KZ%#dhfShASPKUtoEOV38<N6gpX4o2!)J22s
zZvGdKYo4{4P5i;J#`t^!X3LPhp_zQWG*aJ9Qa%&>pl^)1Jg_YxHM+J3cj%g^RZjjy
z6527aq$*!^UuYqhp?<rLWMJIAl|n+YmX6o~7CHe=W!`u-cbH0ou<%ut4W(-tmkq0%
z#_0%s0fEoH<)u%KBcWk^*c7!<Jctw`*x&LYlpF0m#-op;OAXXD0a28laSS4kSVpd-
zyn2a6;T7n2HPtjAtf@v8H7NyIHRE?o5z1G5W_J}nUr1Gyymu_<iTHiP4qQ3rI?tFY
z5WmGwA{zw#;~Eu`sNV<@tlZ5r(c~Q<Py#}~J}=#oVfobpW5+-zFX(=dG>*N!x<T}H
z;s0hVwP1i;tTE9+ivtfVbA-GQH@PG1St=xr7qC=vrK1)<WpAAZK^n%?1@D)56JjRX
z5RWxK1cncX6l&)DP|>y44xm~it`MOJ-^_b7RW&ARR_KHtwIAznqh8)I5CZD<f~~yo
zN#)61c_oy-AABvW&#Xe_kM94m-U?M~mn$bh)S{zMLSzLTTFmdGlYyd>FgZ}=#_T{2
z`(xM#mX74kpp*S!Bn)xB-5LhZhyrw7khr##fn4ox*c?v@Q81mmybjO?EaYn<$M<{G
zrjBv}TQ_^)T^JBt#iKnn?T9u@(a257En@+RdeG9%k)RDRfxvTjvhPbo;Ln(PgaM^i
zkHSsIwG>T_QL0l<=kxj@FPw3)6PAwiQYP~d#KU#N5QFpBh9!Ec9jGoB>bFLB9MOvO
zNMyCJ&14ZilaT|IZl3l>RyvGNLT0S8LV<O>WAF>822UEz5|;rEWa4EqX*cUheW3#t
z(mrtEf&f*-si}N;`@K31#TK<-?3TTOK1YgU*4pZEVbEDyaC%Z_QDY(UzoAXFOkqAC
zBt+fM{S>ht?VVq5_ul;2g3K5)ttErXleln;#+X-MQ%F<-QGh?Fd!}hdDo@5v<9%Bf
zH?kgg$DjL|-6xt+zZ`*%)C$R*27G3k=)=muY%-s!2w&FA8LxtC@YaLIOq4*1cTZ)r
zpc%X+8u9vFl%D^^W8aZBAnHxZTlEf*-J(yq|A5)Je0u*UO#L5>`%GNS|Fv;{M#I+r
z=wGI{U!Tw}HH2Phu|&_2HgI+zDi!WqYo1pik#&c8L03{$nsjYnFH1HNSxw6*k;Kwq
zfI6<yQ8(|LgBbtSuCF&mQ@PBfjOoHRW@Is~Ea{%S7_)3LFHPa}QKXb?Gr#yxgnzH1
z=oTB@cT6jRottIlVZ)F<3di*nYtmWCMOD+Yw2V*f-ERigcbBH%z-NZU`nF}m)s`}b
zzd?NNU$G(TQLJ)yZd&H|U#t%Ra$F$ky%_x$|5y{^KP5N+LZb+m=Qyb2%K&<-N?d48
zDuUAIDgyg;zAS3;6w)MR0NlE}x9XIAkL=>ZeFtVF(L?8vWYszC=4}ZIUReUs%&-zc
zj6XOzwG3$CyDAM!RZH`>obY%j&A;#IBr9L~0iG|je0|wh>q^~~4d-j?=BS+J-5aU6
zjNz(0ZFj{Os;o9$Zm+C?z$V+vjFcJ0Tv$u*nCM2}P;ipI9s*Nm=M|L;sz1d@8DIz?
zA3J=$y-fKJmW^jY$f!6HcK+U6fqJS-T04{bHZ74gIl|eCg2um##l$lxQRvox2tttw
zfG}q&ut1`g+IeaVZW17^O@p-kyvvS)G?81E7U+LVCSF?j2iW?Xv;y_=@j4VA7QDCN
zS;VvP6y+>RW*$F%<1rUqN@fW3csA{)j>3W~pyDxm<C40bCfsBFFiBt%*B{>DZ5pP!
zm5ZEsHYa;3l}4eymlx-kWN0wVC@XB#1STWeie-3MZ8Ufs4RDOrZZf(8h)w@Z`Dhua
z?bT?ZM?8Cpi3UiGYsW>r@M`ZasIU<JXMW&3)nCjHs9=r_FAA|}r8vr?pX-hoW7UMl
zQKVC{CMwV!VT#|>+s90|%k^Wj;PtlfSC@xTZ8QS?kbwPQAsEp{q%1s79|}{Y%&SY|
z;LT4D0Zx4R)-Tpy_97*eNywmou}1|i^Rr(~y=I{E&hoOY#dtVz6m)aOg=(2vUcE!Q
zPBfNjt**^sLw4P<uj&a0=uOheFj_gO0xm`}llQ~kg(W&FCVo(8`jVms_2r?HvgD>D
zrkE8uum90~BomG70={I<ieApgNzu##fnp(fBU*E!YreOpn`5+Z<U_8lBT97nnG<A|
z`0W;Yj`z?}00_j|fVZ%~SN)PAlC{hBBhkVcGAxkFla%`|4Nprcs=z|5O(VZNy4~&!
zZFc5g35XGB0;wgYF|70XXN=1&cwvVwg^u=P754T__7LAO4(|x8*EXw_G4CD}B4ck8
zbmhfd0lMkYjb!b#a2!w+%;kqsqWeXrDcEll?~}x!(VBe4Zdix8g9<4j2>JQm5v4+b
zu1(1eRm>7{$4L&J?j*1~86|R3IW?}HJg6|jO2$B@|F)t!pr;$Xw;CAYpop^90-!Cf
z!7^<S4E%!aty>|_hLxs9r207;9c->Fonk<^F1gD2n{XoZKxaIsv>u#twliGFVh}uk
zd>?~=-IHOSdUokZp)sdj8DL9aU^}4o-7|ypwjC?-UEooI@#<9D8FSKOz7CyoCv_5G
z`GsAFXDl4*$E>(x%P~~&Ug;P#`>`hd0w7neE&A!`45XXTJe(l#5xMWCtEQ6<2v0tY
zhdKOQIm&vfz1E@I`I!eCA>Rv!diq}sK}@;BKLxy7`{1f%NJE+Y=nCCITF6+T7wbGp
zJ_U^_njGrqhMdbnvOPmbGRlrak1J^dA2Vsgd2o>~5s%qtx%#?ASu8M%XIF8){_cN{
zy&@pIBE<9m{kpmN8an*`{=OgD?fp3~qp5zhD#1?n?%0W?FWrJ5*C%`6HTj#}1L(UB
zplR$hgw{PINU4#epCa=z)lv8T3B~70dr!H|5m?;xmvzI8OsEgQ+g8tY;XVy1)A5cq
zfg{6>fJY};G-Ah*aH_rNJv`M6Rp!f~Rww8`SDpV!@}uUsoAT4bmVH;9DyeI}>ji#q
zFisqiYl_H|>}HQpQ}B;(nya1qv)1t7<j)f@op+=pAEt*%J5wLod)n7bB%LhefQV_2
zI66%hd}88me3+?65olIP{0NSW#Hj;q;pJ8RA)hRt8;r4DxAB-tw5&VjJ}IzZvzS1I
zNZE1p<?L{G)K|P0kq!F@;ul;l*`5%JPcXcE{)cOKRRe=1TSjddVWmXTZ%U9<+y<|n
z@N)~d^g@K#9}CuhUB-!;F1he1UI^lswbyejscB7Gi5Hu}^H?1#+JL|6Y1d$M6Q7^i
zKm>()4&<^+hGXD;fpg+G=mi2#$W?NIyv{~xRkSI9=q`r!qo(qFa`?GBtoMQQ_E&O9
z6|{xj7dA6I{>dOZ_>CA;Q+>AVmP<Km<X)5)lpm$Izm2c{C5wwL+{;TLp{^hJAX&lJ
zgnkSE@IvL+k#=vxC&82OMIl~NiIj+5w^cYjzbvF(_^?g~?FLc92kQWnMr{cu=PLFt
zVk8ZOVGfA5EqZGsVx)>rHEr)#iNBe!$#?ZFN?^}y>x5%a?9D2kl0{%@UgDxCy&L?7
z0{RCUU9{+OBUl!)M4`~Yp!jU4{u`!}0GNshkHszY!2EA4xnA!+|5pO=ASkr|@ToKX
zr$reX^M4=LsQFJH-H!Bs_0e=z23pcm#rR{i_0cl)IE21aC;hEQ4UCN@5)Ur&e!dqK
z>YKr!aLwh!qAOj$QvH43pQdgj`BEG+$kz9dUFt2dPc<FKeefwN_`6lY{YCwK{H2o1
z@i!cNz2u@<y+R=n$w~Vbbhh_nqH7Hy)4VFf@6UG`{C|$!vuZfvV;vzt{N1=HWe<pH
z5Ew9c&)9YCQLa)-ALZoPgJvRFbAn~U3Qh!9QOF|o?EN!YYh2ICc*#VcjGHK9y-5AW
z{Hb9PcQemvyWFbcGvzciU&Imvo^yaABc-z%fxhaumuz3J%ADzFJ~UMnu*b{2qVsZd
z9v2AOA8N3yf9rtfdmequ9QfKlb&C!6x~jr;ch=S#9iV&AyufCGM!418+f)r^t7tHv
za#_`GS<+{fOk<eVxCu)7Ap3INC!J5rm@RPW)X|D@_^nK6v3KfhegN-)j>+!7C&KoE
z>PzuXF|zS_<pHWlg4-Mq+6r>*f~W5QjF^Hm+;CO|_BGY;B>Y)RH_<Ixdo5Pf`1R@;
z@p`5t%)}A&;Z^H~Z(%{t!eBxC$aD<G$<Zd0Lxripe;y?EYMl2ZpE^DXwON?Ha79v$
z{cWwV!dtg3`U_kI%QsmsXf(@C+bVkN**=M2`SGQGA2+lZ)l2)H8(Qv@u=Y`f_K|Wc
z65gd-s&z>8>lx5$Fy32}JdXA9tblOwQf`a+lc@WWIM*vO29M{iT5sZ-f324%k=Zif
zbB)&?cJ#IUmQub6-ti_7wj#0YN3eP}nw1~v5lOD{BqwF@Phm4O`^|PbPs92I+_}5d
zL?#&L)Q`(J`C36h4`3zQ_c|~Q)R%9&kq}Y_4jx~RK3wEvGRh(01Uh2|p%Xfgf6xqB
zL^kGP0%s_|^TtvPL9{Q?f(1AB?S|X4o}w7W;GN?`-ZfEngTRbdJ<q52A&U=5J88D5
z{%)xw`PI@u9>S&1Up9M}dS~OUgqEK7GLjLO#{$BLj<Z;P0-zS*z?lnt1n-jq4^cd0
zopk&SJu5cM=M|^>_r>?ar!C1tdsOmVBa9HMr*iCYKH^eEE0bMyV8HVT`)cLxyG(ML
zzwB<K83skeS#EQYJEneqRHuT2u^%^AFi$j>87TcV$mlJY2<ZBmAN6lfRR?WsECvyk
zpim*Mx6~x#0qScH)<@hT9w^!}WSZlm(*g0F$Q*<`!PrSlNu8}rp%<jHQCG+_e3rz8
z3GqGr93f5x<by3k-a+{3yl>5IXlxV2X`mXkizg4qcxV%Po9ha#pt#5pcHXnMZ?VaS
zi$2q26!8c1{U2PNH#P{2Bz;M_b#DsRBngYZAt7Ru5Cw@5LMZOe==I(ZE|yr@6s?*-
zQR^0vdXmBk_`@_AoPShg3`k)?^qI;0qNo82UF(X5rTFx+5J-|1fP*7Z1z@q9YNYmr
zB74fy_uNO&Nok_ee3wA9sJKu-nQt|n6Z8BTriY$_G7vCff+8?1X$`5qNreYRL}$vr
z&Lkrjg<TO9=;(CE83bLKs);^o&NEP>=x&N;CEVnv0@b3gS)hh^$Df^BT-y4Z;_-Sv
zgz=}-JbPGE-k9A{TQ4Z!5-8*RFas!$>muR<Sk%OB#9O3fH~?Ob;nSNjX#HJ=etMsX
zE2|@4KasP^`y1#yTvtx)#=NSGu$%`eDIK@K`>1MLm3HF$fMnCvL}~3+NKhk6nPlbf
zUT<;`3B!EdkAfP`Peumm;{;$2`-Vi^VWmN1Y@iWK-9cPO6!lOpu_0->kOXp@Yc4H(
zM|e)=nPJ@ih#>qXIx3Q-o%X8%i|GD|G0(y(EF$ccvoK<fH4%OL1nRfV&Q!SLwR<;_
zow>hmuq5DLBquC5T`H6B{C7=UAdc6e)**#8GWNk4dQWcZSbemRhaO!HDW=(@4);l;
z%$<U8UIH_DEI@D3+1{N<0%1tUnh7pvn{SFL#kDcI4b<+vq*+78aUS}#?;vN{`s^=a
z>a!<2DPuk;+*ncg-9bWxHIFT;xE#=KFPFn``fLb>L;_=L6x#FfKAe2WV#D%bmM3dF
zqha?(G*g538pb6-!4*Ov=c)sQ*TloNe&D+=^ya4fr2H?QonGTE2gVGqWe}N96;_J{
zC--}DJE-61zyDOI>GqC5jX=W;;d<jMoLa^Hff1gq9N^&+cgI&v=ue}y;=i+B;#|sF
z)ZtpCB4Q(0%nh6ZKMJ1Tu_|TxGZgw)r?O+a87IAv4I?K{+DVrxw0Wg@$}#>%#KAU-
zg@Mfjz>i7kgK`=NwBixj($%)%dn)KCO5bQA-DGH;q$)KoO57UF+zkOIsW{r9*ga#a
zfE=!arQD{{XH8?^ZAJfF4p$Uq`P}uVtEkz9v#prr)y{HX0s>e<H9hFbTMu<|cVR;K
z`;m7xhtkK@^l1S{0CYk(^GL%p7f+BGkf0g(*1KAOf#)?-nd^GAx=KUZ2;Y5{uYh;9
z;I{(s!72y!@s1Eko*wJa3pD%N`f_a|=K*;@K5A-<8T!E9Z|gIfgkXrn@XMGmhNqtL
zBrs7ZT^d9(W{QyAzOyT>ZMe)aF?AE>EWDRY*V}(FV2g9#;k6YaOX9PdU}SPF1-pHa
zzgk%G;&9QVN=QY^4Z7X62;@r16o0~2uYHK8qtpN%tTUm=_IOgR+~8S|SwEG=Z@E=I
z$d<sIb>yIi0KFhKm%wa<RPu09n@+SVMex<Bax&tj;^GbyX;bc0eW1ueet=Vh)wb0Z
z6Zk<mc3IECx2VIVd~aykR08DBZAL44dEw(FVNdBh`J`fnV)VQ*>>8lzG!6=U-x5Tu
zu_U>ECw!?#U#&)$GP?P(@);6dQwrIS{_;Z|Xmh$`TA*QYM5#_;+=-!>slm}rxo*+6
zM~fSQMQZhf@cdSq!+o!9#=X0--_{ckL7G+dE6DJtkNpQ^%`%#pJ#<$$U_e<lCj$R!
z3u}hp$@Fm@Z$_ujK*jil1`EiT1Cfq@LaaESi*$NXG2AfWw1mJkgihXyrApB)2P(_F
z;hXgSp`oQ0KF8*SO%=6?s<W)1&t~ctnCu}o>$vKnt3jrB@1e((b<6$AoW8XqUGSP*
zBkaJzPUh@A>Ha5*M_n~|5G-bsxCH&N6T(p+E(@0UDzhXGI|_?(H7mVOeV|(YfK<~E
z`mu@Br0sdl4%LeE?fUO#B+)pbb5SAJ1*B|Jb5;PKlawZvYY^is4H5>$yWO^=mY!iJ
zLJ}v6Fkfo!q;5^gLdItb{UDq-fS*6NeL{eyIJ8@q%T5<%BClDNQP?@g9%*H!&pve1
z<tF@u|Kl-rrm-DJ-tz?!Y^$o7Yu4xE`gqA7kc^Oa_Mf2Qe^R5daB}{)oNCFx{m;MP
z#($k|1@X)VO<NefEqPnnODCBJz{8yR?dYSKTACu1O5#e6Df<48t*DYywt>L_Wu2Rw
z=~-Tu$LVj6pOY?kZapeAG|58s*UjI|<dcg&zsWU=Wg9zptG}DRNAhazWKyfcX^K|L
zK)TCYZat^jaNZU9TXfm3UcQzIUVr}H<VdNDsuXjV_!eo@8NDf!4pypK{S#b`T=*d%
z-_*H?;S2?{v#YVQPjp_%g%|i<Y#FNm{(H?b`&!n=<Xng*>zH$j&`YJA)OO$4`5KO+
z;#)zxE<C1K0Be28&GGi(^83=&#nre*YqtZLZDT-;TVI`zAA{JX;n$1m<1m3PNivQO
zm&bhPNur@ujJ4j{yB_#t!G};81lahjC2vd9nXNI-`S9%Xucw>+CVoEHvS5EqdJibj
z;l!DxWjNuW?f8=(!ior)Ftb9g_GgQWXm4{*lVsNE`0@FCZM&0t3Fu}&;`%jDr?lAh
z(z~n8o|tBJgDQr%IrkQx@#e6+A^K|TR@*jr;pNFRWWNAG&;7`6`@zgwzF*gG$1MIB
z6)}u|nFgu6;HV|lL>xyU-Wu>6`gn7BT231(sV)ykAEWI>JbG2Q$CRh&c{oD!8|`j&
zhw_8c+@j@2_9iJVz)cT*Dr_@Fr6PMEcv-2S%*XO02IQc^UKI5>u1UoXU6%^E6X5nx
zt>|F5umv;1^5&|WH8BOrZQrSoW*B}?*NIFwyf&UXi-NNakd+&%#&sfNdU1S+(aC3#
zBIPH+e>z7K=UK*94;!#(*}&l7>u{(XH@M;DHClZPu+hpzUKrW<BsC1c=l2BZ<ga*t
z*Sovi7*KKXU)BxFP)n!+yqLM!)-ThW$QK(t?(xV=(N$WRt{#`K5!gzRqAkHq*Eq94
z4u9hoDx;YufSP6b|8@Cv_}niG&)fO_IJMldh%oO_s1eaF_&XK=_>(vjRfbPJUX6qA
z+Ecy}@qBmua`Qr9e4&9oP)=zQ_xL^@MRY4S6GLI}+8m+{Epq4QEr)R6HWojYNs;<?
z%@Y568Q}B>K}Tt{CVmFoY0)y}eM2e$a-1-aeh&Ct6(bd4$k0GwXu$oma^HZ_Km>L*
z!-hpPUKg}ks}DY3LzH}(HvZB#u~$ZmF$@bR5BK8^q!Ravw}FVB)Hccld4+L9eHUnu
zqk=6$Q517TGDtDk#rySK>>L+R1>1*~$uCKii8X~vlZBBOOIGO^D5uma+L!EPzZULh
zh1XO+8!Dh+S=`uQM)c(0@p--f-4^eTKzIuL?Tk|L-aQT&Qd&Z;f}Uq@quEnPq%I!z
z!|pWZ!j)X#lE4<X1;iKA!8#2N5un(do*Ac$6w4GP>rsamDAE44-OteGsZt`((+*Jx
z&mMUcAG=LKjjZZlGiJNe{mIb(n4mH^U^(a_p1$=MUS?ChKGk!x(eeEtH%tmo(W@qi
zSM3Q@s$G#c-p_mpAqB6qMmz4f8*7ky#?{%Z-F9XzYUOKS^`$zTL+-_%&}ai&uT6=m
zzwa9xWjAy-Ks4^X@C08r-x!w^bO{&M{jD<iuU#w3^v^nGx5+RJs)m4YN$DU0LHfBs
zo>B##hLK<oT)gAE#2{8uKQ|HPNc}_xAy0;mVfQuPzxo?k%rPl4DzLR?Pz2B&65BQW
zigw*e_0sV|;;B%v5S=F>v;a3{=_gyNzeMEXNz--dWF|L;<uA(|i}5V0vbY(f;e^1J
zV$N4v`Y9_AL@eX6o(7kB?>T1%dx=WH{ieIpXXHyR`9+{w#OQV!Z?{?_bs;+S3Q6LY
zsnvvCzzfVI4W_?3s&d_W#lwX$?j^d-NxO7BZ1&h@!eGH~14f7Wh{^%aKfRN4^KB%;
zjT+~`mZ`CT&KCDZC?1SaZd%x$+g_OtMs9OWvwcEzIm;x@pk3oV)6;&Q@F<5Y=g>t#
zJj@cc(g3y6!3n~g!y~Vi8LBOw9B|h?ztfuLY}nT)ka%8o*O@*sr;qW2lYTh6e?D;(
z$0?alQ(sXt3b@m?=mo$eivUJMpb)yLSZBqPJW?<fz3xTnlEkJBG}h79cU88u0Iz5w
z5h|2zZ6;hPAwS8lHGr!z&pLZnV#ze8a*W(Pqr=B{<2EX5dMIL8&ZYaRO_RR;f`$D^
z+LvYDtMJ%NJ5nnt%k}|D2t(^F0Fse0#ozMJ5yQ}(DDEgXvzgr=n<R>1+;xjF8(mu=
zv$b50;R))tIxDOLJ3@k*h$sC?T(*)^)q#4BQx|+t9o80l!pmc$iymw2-LE{ifmsVE
z_E@-1^ser-DX8;SA}^8i$=Cf4BNBe{@<2}$<aAd$cPtZwH^uOcXc?z=%Pu%H{Tv9M
zCDn*MS4pMdC`;^h8Cby%rV&yARZ&&DG^R&_JwPcp836q`V9cZYz-URtm$9{v>Lw&<
zIN4##Ji*IsgFZ|7-fvcLRWv*s@97-Lo3lm<wM}t{EPnPgx(<$dv0>blK}c5Cj$DkF
z#hh|(qjV11i@eF@n$vg|(?yied+I32{lb;Rwgv-GeZ(0MEm`gF>euv%YO__wC(8O4
zxKp{vX8=We%Z6=*kySw)dTRyDZQu{gjRO6UR%x9jpa!Yo(HcmhKB&Z%w9#9KZ>>oO
zT7<Zw%t(PV1sBiMLQPoP&bC+L6Sf|*Fgy?5y%Jc-TfjQoL$51lluEbKMzCAt=ffWg
z(!)PbM;s5|HQNPu0M!8L`RJSO2K$7ydxx7@8&xivlX;9SjjO194`GU;MP@z_n&;R1
zb!TYuhao#LgHmo7D}G6uP*NFhM=EqtP8F1=4`44eqje*vQ_i<3+QpZt0;oQ|5DW3>
z0Nm^QN}{rimuD(${dj{;D{~HB794i<LEow}G${Tae2-$SS3EfacTKd~nfw}R^z>5%
zhi&?rRR!)-k0_XI>=T7$dZb^<Y$R8z$k6u;a(ziJi2GvfvWh;<-DelMi5iTxVBd+D
zbiu@&t&wMJOaAP5;lzy_@;D5&jKnE=yw=$SWiavs1i1#{EGphXlcydLip)k3!rh>9
zg+0>#5?}YC*UmK1g1fdn`-3Pd;)7PdNBX^b^_@nEgJsT1!TGBOX+Q0vYOpJHc>1C7
zwpbt1oq-7SWf|x$Mxgy*hPGHL05^o7xrmEL|M=~CX8SAa2QXY4aQ(kQ8Vd{C{}8_Y
z|J9;#u>XIxXzZM9|1F4{(Ui5v5r^%$RG)6(vtT_+cm!Yq9s--ev<M}fEUe%1IX6`z
zs?bcpB))wKR+)`7FAYdx1mRz9rhAW_#>L^oqpIoKF`KG_q+L}ir<NUKYDLC6+9`n?
zhJWkGu$xhs9G;2T(#i>E52t5G#WqP-wpUJJ-AcKly#?7*evd0cUKN6GMaUj#F%eB5
z2_}~>AX(>%fU%nm0T%%p(J)oBCfX~&>En=9D(CsovifD?0!V!b&8JBtsBBnbvOou*
z^vg|Hf^Z;XCGo-yXk^-v{_g`0YqKZ~g&^H>15ph$7FrCJ{m~UjGOi>!qp*dmDW+&+
zsD1%$^cF0M705tFYKl=Q;C`wsyt^714N^e^e7*2rBYF%TJ%6AlmPZV#7~vqTMvdr6
z&XgD<qDllnvmrqg*!uQ7nZ*0cOz{6$u$Zh2JsR3l$rSeJU8%C@v#AHbGShaTQh-41
zks-05nn(ik7=?batcYaippH`4vr{peR1ZkP&37C;TNNSpBb^xu{l@$Vu$E#(4iuX#
zW$3Pe4TqdAJW*%Ki)sL{Dps60IaLm#0D@Ht>iS(WgSYn*JvD(z)tjg_l7S<Uz&PG0
zh&oKvIKIh)1Of+?NsU?ilPrYx#FTtADY4>-D6k4<fci^991yAD{a7|Z)1X0-(-WZo
zkaE(attnu#ux-Hh>cPm*&XPB!eK{S@&Td_i6%P$S_O4>4k2Qp40ZcL{+CUBgaKRMv
z<W1_A-w(2Fj;D4n7bDUf-kZKV?a@&98BcBcYIyk5{4UAs&OQ~|cC~^Lf-5F3on1Hl
zH4HpiQXI<uF1Hwu=3nOScA2Er4C=l8<|o$OFxjx}HE$R<Tg)T*YkB@(a0HEW5plSG
zh8m~j)zvW&j1L23QG4F2p<*oVM<dAVDLsWk+5)+}!80=ZBT(Z}mmyQnund>LOE2i~
zt^yEFBgkUCxCh6786GhXPUq66@rmRhbOoF{-6jt`PF&5Dxn~*v{WN-aWcFUE+jYMb
zbZJlj;{LRK`J4T(E5$idwO&O({AyYc@mr^HF14Xi6R*B3_;{y%o#AV9XW)+ixoW0R
zf3~hP`tsY#?v+2w^u|LBey=&kky|zXx)_eOot*TLoH40mbqm_;LF=7}`MTaDT+^NM
zQ8v@?Q&{#6)2!l(31;&!aaxI+tjR!0e&L1h#YP(xf?$m~)ML@n%J(dF+pG6{b@i31
zq#;MCYfW29FiQ)2V4OH#6-NWj1TNNK;)2E*2eTxQVUd#S<m#V(*dVs|M6JFaVTRjT
z^xI;naQ=}O{iMi%Zl`sf-2s&$VvwDY<e6<F2#R`43_H+%2e=zfCn<i5nkzcKL$$HQ
z&FXjcfV7nh`^dqw-}OTCrk`xim|1W3E3^KJaddt5M$;6%TNWcTbS9I0eBf_e>lxd<
zh)yYGUk8NFt~{Tio%lLKJN8OE?_CLAv$FM%Uv@2gs&vL|lp=>Z$I950C&@Y8te%Qo
zh3THzzltR$2I3Z=S{iZ`6A>I{2Z=TyN=Txs2CsFtN9;PHtZ}DeiwtabIHB4C(IQz-
z#TbkFV+vS<R0|%1BhAWoHfn}@N5>k5>$=7NVsAv~FZmv%HIseInrP|ond!6|Z^vCy
zfq;Zt=7B-@4B}e_4uAmw{sm48oRdRS&uPo0KlQnF-?}<-9A9I0TsaK8@^u(f2<qD|
zy;{0-^bme>>Wo(IzT0*37+lB-q9$d4K<k`fSl>jv-(kczpAe0qnr0NL({>@9WQM}3
zB6!k&Z!R1J1<ib!u9jC^y4VmX+PTgU&gQg13SAyt&sdq6S>pIPeNPA!_tO<lH7z4#
z@Ty;ncRtK;uU)Fe&2FTwGrTcApNkVmH^_|*YOko+ew&ru#4mT|F+B=mJ>G0g0>o$_
zQp}7Ec#5=)8=+!MZeZ{fGx`4Db1v>6zhnZf%<#?btkBrCyz*Vy4nU)T+k&tlQ%iFD
z=-Xd!^K}jp7hK_R;B|ayOMj(odXd`qZIW)18&aS<tA~=SLBy|it!BM<jVv2Inr{5C
z=+3M@{&dQ=^`=#j9)U<Ou9(v=Z_dHU8VHh6+R|-?V>eMik!&E492oP-QarP2)8LO$
zmaw8atkf(Q1pNyp3itT%GoJBlw{&A0dC|M3T!ZE`wn5RTe12FexLz&V)_>jhzp6F8
zPIaroueXj30(&n1@>>TrOVQ(AEWm*fS7~?Gz2jd9llc#Mimc54^B4SoOUM}6{(Dvn
zb0ThY{Q0JCo(|Q(Q3Iy!aCn>${shs0yNnaEazZJ(L4;ao>)gk8M-6o%^$N<P{Cc^n
zjp6U%Qh1)<!g+1Xl#F>-*`eGzE4^*!)FST+`8MBjSD(0kv((Fv$H$a>U%3qw4uw}*
zf0-LK-2tt>PFH`++}PJZvE-41f?|t$B2S*D<M|6jj=1Y18Pf^^Oh4&IXE@5wX!QP8
zEP-RD=;1`0PZyX9o;=UmHC8k7m86Rx>=NT7b+;>Ow(gvJ*}&tdhZ6~N1TEQmDg|OB
zeL5Lojlp6}BzQh>d9)^Lr%v=qSQ+i%bnX3LTZB0T*-t0^>POugy6Wi*da0qaa!XHK
z`I-JF72W8g*l+$rSmm6u%wZTBbOf0=W$jqm)k#11qr?(7{45%)N&+lvce3;M9lW53
z9n0<XHH(Fhn0BCd;&4_lx_eT}HU-6Q{x#mnUQ)}43hSzh+kIUHCZHJD7;G{fvZ@Gn
zhThlHw!5I+J%X)~$Jo$XDFX;c77*==mMGcTVUjwBiayrEvr9|~<-+ZfWZaZEXOQ5i
zsV9hELJ3eqkZHNgq*5@nnP&$Hu1vM9C_sh_py=1rg=gUBu9U9pm!3ZNbT{FquQK^R
z4`?`7H$bJT<XjGk|H{i{h&pHmc!=*~cQ4~u0D<U?ErwURL)oyf7*}`NOF4KEw}(;x
z4Ci3qM|a3TP^Pguc^lZSA%Fs~b(F-3u<lm7Ubg3>S*K?wzR&3KrJ2+=q~n&`w-GH!
zN7rpa2Z2ZCj-ANcH=;L|wTRf*8P*FVNG4I83jqm_HA+uR#$&1pu-x;|R4gPcDS_fC
zPKIR?k#Il?G>yKZO*Ljimb>Iey|C5<3lf7(05c=*+xHnYgM3ve6?w5!^6_Tcb8Ki(
zap-OC7oN4;K_lc2$ge!}k=atsYGg7b{}pl1rSMs&MTm72dNr*>y0IZfzF;U=J-0+r
z+(^;vzkgTffDu|7JKo;VH#dKUYC5~knG+nOFKU}r$Nrv4$8z^O|1jg#1&38(kIa==
z?B9q2=ocZ8u|R<`-tDZW(%!Zlm*Bi<@Ddw}^xumX;zwQ~0JG5$`(d~T>QuR{oN4?f
z_9BOO(R4pDTW%hqaTEyZaYw_?Ayu5lr7LiK+RXF+epc_*a7M2wouc;Zk<wX#88Y0(
zy-k!=T7g1^B0gT8qC7_>{i^6vfVav>kg?aB<2o_fW5LUlMi0pmeE8iiZvbwfha(jL
zq%571h(nT|e0k~W202U)W}=7mFnxea$_{U)qI2|;7~EieSz;YL6bpGrPB9eU1J7!&
zgh#<niO;p_kip3S;+CLqpjY$}atyR-2tN=^Gkjqjetz$?Mu4iyMk9i@i#ZWYwh!xr
zQ4(+7)Ay2qvvzyT$HDDsbya4S?R9b;hli6jEJ<`cbXhS(YCNEQ>P4Oc+OFxnV6TnP
z9gKS*p%<F`stK5`4B$B<!PEoIRSGdc(Wy-vlCKV@)jV+`+T5U(oAi<8aDES_*0h;C
zBUTfeEI~uF_^Alv4Nt`~@($bgM})Az702b|^Hf*9h5<54CFm1wl_Z2g^LqAL?$aHk
z|K*!!XZ*-1DoSU!(#zeID<$oL5A_w-j|^G${&BoZ!eBkAacb?@krvo7hI;olq4@`T
zQ8|~s<BNjdH|<<##4|VC%T|$7LU+Gi#n2pB+bRo@#?}QEY)0p9i}pvaopan6mv#CF
zgO$GaqHF&(BTH_dlhw2@@lczkD4+vOy-SD5FeZ03PB6gf48r643Y?Xfmn{B}I&mz4
z>bO147XQQzeojr%M4nFoz6KABiTbTyq>1j!z^{arKUim5#GUeQ+a$GyCK(v3cw}no
zOc!?OD;E=b8+BVcS;*t6vNF+kGOgpzv;HxvE5Z1#l0Bi81&$T;w7}$+6MS`R!|%!1
z6l+IL5vs%AuZFR67>RfTy+p={cwOI&6rc(HHoVklFwi)9N!!#)Dv?phVv}?vYtd%M
zxUJ}@$|ZS*li^HbV#wMo%@jLpDtlOuAsjdNpr6$-*)AO0N4X3tNi%dr)3_YoPK2>`
z@GsskI&YE_4-(?@rBtSEt^^;tlP#qSFS_8v!sh|pVGgRxvfaW`wDre_7bv2e2y5-=
zR4sS)(n<oPuQEzyfr9ChiWqt$CwGF5CCQ{}6&9B1wb`277biqb^9<-`yFUEfAHf0M
z9Iqo}KX^>h-&|}sePr$0@xL!jMZu~JGoz(}QFBTjR*8=Vq5_7!erg|rOp2f>yM+>k
zZ%)wpEa!VPBhA)1l4Xw)Lk=o*Cxfirru@P5PBN7?R(+$$S>NYZjIzrf<&yf9rVwbQ
zjuj41tgxJ)iBIThn5jzS0L7L#Zuv0wuqgeeswDj4Q3{5xOCC8U-!Y8f(SXi{zv>B!
za)T4q4jXVk{`kpx=uE|O=NF`dPBRe=Nq)z02d}R}7l_}T5~N`9S9d8-<BJ$|fbyLm
zZ=oBnft$CtQ4~HoUdI5l<#6_@h<rp(C^1l7-A+^R3%2q{GKZYCOCd*5yOXY+cv;aO
zkUbHVgkb3TSfT`<Qa_U=VmMelFH)DKER5>;>L_cIqrgXMW8*A|(%i?UnQ>c(ZZ7m%
zT!gxIwCu!}V|3`XjqGoG1s>66Z-z2bab65wj=)1`Va8x6UJQ^Y@puWMP(;U}Nq;zz
z{OL?x#h^c-7^=kM;rx8QZv?=MOTPbmv}R>t{2!zB{{t$RIR1P6>u(Kd=S_CR-c$86
zbSrWri2%ZZEhTwoS&DGEL+$N*fqxmz1ronOuP=7pF}m{c)o|T?5P^WBx9$6U`}?+f
zJ%6}nFidq$i1oMr)x~E=hywec6aQwWcj_5eMS`h7Z|fS#Tj1O#W3I#Aq!UHzIF_2E
z-FO0lS2=1;Rr{E@rVx+*Iyo?2MhM1xokEj1>*_qmw-_?Jpk962W{y2Lrk+YZL+EM%
z!E@rXZ7dzkYHRLfS)T91OY`6U2FKPv%c;<?Q0fX>5)xl-79Mduis^$i8PD(GrM7tS
zo-eSaZnE>VtpAazUx9TSD~;EaZGZbR2dtJlR-_0(CWB>1xWap^I6U7<XNZ06jZX_D
zlHFOKneSplP+w`NcpbndkTz<ZfJsC1s4Gp4#~e0q7GaU#`A)=Zb}Dp4IOibaw{4n%
zGI?S(5ZEjS7&lSxDUm9!DQ-4+p4rH<2*Lcq$=p3lIvId>$eASDGSGw_Fa^{a8dG~y
z;nwAp44qils!&J544}HWt;HTO6{?|c&;MyM^ck}=WxrQjTJ|x!uDENf*}`11b$o!O
zr8+1~F*g{{L`d}mPc^aE*eO-N99?jTwc+99Auej-{a6I6?IBH;ZI>272JPoGbu$Y1
z!#axB<8E+V{pekLK#`;&9S6pufy^J9%7lfWd%Nwj_AK$(z(*TsbnhxR$+{xyHamfq
zNi<>u?)Zn!@VsANPkf1X&PWv<;3=O*(9{f?=Pw?@`@{&AWwBQgNb!kRcO|dNha{$-
z!;#llUteacTyRGhz44-~z2qT_1L9BbY*tFR#yl`_I(|=^JbnL~_jrUFK`0Q7>EZ6y
ziw*C+x;qDG^~I7<JYp)oWI=L|l;YfvGj0NZ^-{&h5eE5Q*HShfBx9>`s|;SWMnH&-
z?BW#a(yEs$xtC@KQ)mQbR=D>nk^+Q^2gAy@;B^{dbJYWv>)^HaYvEKXZoag?M$*7M
zAO=T(*#7NrR-;g_aY3f=?9?a$+haH%<w+!8y$aeQ3|3QK;_|(%?IQgR2tu|-5+K~G
zo`ei?XD}d7LM<fX;SX>xd6#EE$%qN1{vI>c#1d}*)h82`r>|Dp5OCboL=b?F9Mq6S
z6Mol$M^oo}N2aR-#g!2-x0Tv^;r^6$@+1v~3$FB5E`6Xh2dj)d4@{<1j$$e)#Y?Y>
zl;I|%WkSV>IoXC|Irs%ps=LZdFIYK}Qs#45fJ%;^C(#Is97BO1Tkdv;ae*O_DGb;_
zOb9+tPBo8G>U`ne6Z_R{%EVzR2@=<f0Sq-g4bzfP66ZRq5f9Hz>CWcIEb(W3`p+Bo
zHJXVw;bYWC+Uk-Yf9B`yivxdaPuC=pi+nyLYK#++E55ZZK2#DFt?8c9fXD#i%dZzM
zWGLiz;#rdPRG%=62h2|oyEc2I+a~tgYY7O-v{zZvI<(d)8?xWPna*>LhfT{v1}_@O
zKDL{g1%87cV$Uk(^EkH^e+1iJAO8<y-w-QWux-1&&$eybwr$(CZQHhO+veG}ZJYnx
zpS=9Wzl~R|RY_%~8kNjBM+P)cZ{y<;m`0DFE^s@gkTlUs-hn{3E-HO7r-Q^GPI{A+
zwSl4H0v5D^P}2C{NMsC#sQ-ALF;`k!fggSt6pxhE;9OyAre&7$_sqe+hv(l}YF;Jy
zED_I(MH>L-q-B+li5sACTBCO;NOqVYIRPgt+RzDch>o1}O7ioXYi+n@-i6%q8aVhe
zzK!%}&Y2ysd@qNJlXApoU=>cz;m9k8l9GGBG(zm4eys6iTtN3PqAvbGaXObCpTgRM
zS96xYRp&x_&oCWi)szBuO45Ju!-0Dz-g$wb`j`%>g{Tes)qdc3SI<mf?U$U6lo{Nu
zSW?%{BG#?~Yw7k=@XJ!>-MjmmIY<sCTVTh$1l7&Q$z0zDKhVF}*ncrBezd=`Yi!Ps
zayS(3di(k_WL(?rS^HzfDoAmBfp2H}FQr<NvQeI3SwiI?_N+ICS9@58_HN?j_1^7o
z*5UQ}juZ_0`=4~%0N6`Wc`>Eq@Sj5{-eIAx*sv-3?_m-gh<QUV>we3x5(jurP3Ocs
z_F$lnoo*PJd&I<TSk>{Q8rOE(Px8&}At)?Pg5_C#$C8e6944K*?dW0rO8&`OEf6dO
z3Z?Bub*WfsAV)W|1P5R~7AP9$AVdw5RyIvjj3iFg{^C_=_cT39{{EZJ7V5|29&aGE
zy=b@kI0y>&$b>uSEX?b$8>fV(2r`2+RTN%uzp=DB6ZSyEqL$2Ln@t)AbEGVZP_!Pb
zJ(N`rn!8K<hJHk+j8W0iw$FzY#T=Fi1v5lRmmtAA9a48~$GhG84!4V06!_nY;eVU3
znHm4r0_%Uix^_qZ*H`zf2s#=?V(F0`0+BfCYNFT1F`vYh&8TIGpag@f&-YS9qQ(L^
z0FX_?d-<`7^84-UJWQ|gX>M31BPHzgkU)j9cJf0WRVBOP;BE`&2km=RTlDqkuG|u(
zrDuL9XtMDA<L>m)&-aalrfuwyn2Y!>t(L8Vx_0X1&O0E>w@cg0iD5`cRU|3*iru}v
zRidy=ukY)J3$Abda>z(kEVQii)?;sG@7lQUKttp5sn{V|RE$kG-4$XQ=y?+(m#{MD
zX!UWDp71q{*!IHluRYk3GQ-d}dv<gXQ)Q&79qvMT6dvv);dc0fwQzvV5BIE3*rB4a
zMYvx2KleNL`mP`<4aoE}`w?+W^e~!^=(pPWAp|=;Pb78>anw1Vg)0+@i*^djRM0E1
zv_eZ|#FmY$zx2US8bkb9)1Z0fh4U7Q1k{m{2G4QD;$K?_IA$DY9wTy@<8{)$8NcGm
zjI%=#$!^o*P3P_lGqbQ{J6t(1aMM{9W=jWQt`wP&#K>LIV%<>c{dt_6vqDl~5odqP
zl~W<tG`b;3qnup4??k47ahW;Shq!&*s+bn9z<x7UpXMOIzhryNA)g7stZQ=jNE&8Y
z86TeHmqfCU472Q9fl5yDz3LIaW9f_|`=q%T4Ceh%LTYq<-%kUjocPwOTpdk~y)eaK
zCtvtG`H(i*wU>gBROLi23bKxI6(L|f;m73!3YoVflq=XRhJ_Km?cWWLurlmLaP7vT
z?xh=oY}pWi!sKn~Vd=8iVjReFyLbyS><65xAni?%gPI_Z5dI=w@l;D6DytyUOmCj`
z2bQ<HBXn*-<W#XsLGnIN7p@@im3d{*0!f=uCBh!w{lNvRU42mHF#pM|(c*VBNSBNI
z@@fd`S@WBY@io92rgQh5tL35Xm%kNJvB-w_8|CrU1^#Cb{}?UnkF*o0b;}O?-Lb^e
zrb3}FxG9@HLhSA^*7WtUA!l@?uDv*3z+nUds)He52`KnWc9~2z3rAD$D0Xp)8g2~m
z?hNzaA(&}H|02D^@kvK6F0((lWW3R_<5Gi&Koituoelyp9DLD@&6QE7YB+@^bfStQ
z^#&+JC(fQpF-b#2YZbM~r~70+%-JDh9-XsDyt=2^r2gjFz;s<%$$e7L@oe~teN&Uq
ztSKc@s-XnvSi?COM2jLJ$r2m|_`T)bNPR7uiIVgRl#`*=S69pmdxo<Z8RLlCL6U}Q
zEDo7b^8~HWBmRH!zmA~^0W_fZJak3$@FKD8*9RAq&FztxqN}1!_%EvMKIi}Lqn{w}
zSRS9$NVkj&lSz<bLnP+s-Qb|?G0IvgG~|{&p5YsEL}CI!QfcS_;WlGQ_dnI!b_c^7
zC*}4u<%^TKd%8;#g%K3DnQ@q<wA+}i?=_JGl67MO7~bZ2Xz~N5+aUl&_M)=yse{_G
zV1DGF&2h|bOthAO1u>YhVq1hKI<a39YzN^{qez5KlCsWh5`Xgix{kKZ_EJYcSYYR1
zIJnYvKY;LeBpyN9g)rCR=NL~c7VBB}dGMqK3fg2tu|l5h3J`!!XdRaf!|CSmpK}P-
z12Zx!>nN1OgSZJ+rWw|^<kL7;vmOz%Z#hixd%%|lle?EQwL8&ElS<7&31|&mi4zm(
zr-2~Nv(7vA!79Wz1H(HA&Qyg?#d9La6C^G%>$5epzBz0oN8=2*v5D~Hj!2@X)}xnJ
zfkm`X^3yAFU{fWO8%B`d&u5Lr;R^^f&ZZRC<JVIrVY&Brr0CJ~<tjJ}B^0hIDbR$0
z{fG!bhSZATUlE7u1IfVCL^?TYXer`ex-ZQ*`f75<mTp8PvN`mko*#vMcwS#0;2pJ9
z=7)cdI#H6_6MfqGYlvvX@t5k41&hc-2!a@bcItAyZup##c;S66m&OdR>8Bumn|Hwp
z392|CSVmgaX)TC?Mf{te$L=y{)}zMC&#Gr_%?kqbc@}Glel6E)Nb)Uam}VsT+1d2S
zMm6H&AQ`t-Fd#YycA7D~C>jZAD`k=rRzNV$Si=8^SFDxkm#~dRh#f&xD4W+0os}p_
zTCFgOLSzDfYYCU)Xxa*&Hd6m&!uZd|ocwFO3Dl<^rO<HnsdXyHN>sN`eNrmhrANfK
zPY5VjqGUi1Gw^$P8g2=M9p-gv6>W_CdP>;rTo14TPu{1^M2YQZ&e~l9w{5*MzM0W)
zZ(UJ`-4jPm5E?1i^em7!u*Sd9c$$|GPCcGLzCr8&cxkZ(_N0=EDCe@P6BLJGZTQ?8
z(SX9zo6?Epvi1J-gJ|9L;H2NAPhXJMB1&Y=aVLVG?Hd!vRu3CRdD};{o8k&;+S09_
z{fxCID1f>WDks9tH+X!YksP9ZDKi=P!S>Z@lW`u>G+*V{`n`gZ4RI?(D)V)`UNYxq
z_vYF_y`rd-C>Y|ipe84BD%;K5(*r<Q8`Uwr#7gsRF1{mFHUm{QYnaCu7Yx04^Yfk}
zuN|z<Jsbe3!Q&MNLnFE-FiS1Ky%I#jal@O9Lgc^B#W9zm=}u4}utgR}_qy*iy&ovh
zd&)8<SF!wpBs_=^`+Hx@njSE)`M2j)2i(5jA?uBQ#Jd6}Sm1SOEDVbfxVl3e<5~Xb
zRQ3}63Yr96*CJoa3-ku`eA}3iTQeUa)1PXdb*|vQby%k0$bnQ|AL(j<>fwSd?rv#`
z)ivrEwnWSJr)IzP`&s~F5Hpjsc~T}3dYYmVP`zA@4?_5+5Tg;Wax1NjhfaXZJlGG;
zS@y4aUu&#5ZxY_jy+OudzK;TP>1E@#V&ATZVAf9`Ta7IX=yg#rrCBXsx3Hru4)BdC
zk(C2<pzWVHj#v@%ac!?F008l?*Fk6^SLI(hlm6tlOHEPM0!SYpf^gX6I+AD_ka#ME
zo?sm3$&h50Eo=?~ICbvpT$Tx^@3o<BDwdStB(>r(u!kVr7wfd;Q|UIXxmU!z=zT8~
zhF1w9u0(1-oilY@Yj+$7!EJj7*mN8N$~hdInKivG&4tm_lVd&iB6&gOsJ~UZmHCT1
zp-9n)wa7HpfZB)VC0O*gki?EBv*#0zY$joY=++$W=g7v!wO)ry@(7rzqamp9$UGU3
z<5~rUXeqSAQrq*nm87#i94Em~)wW)PPovLscbzy;2-q=KxMnJE$|~6KjnS&mrfo|F
z2D`J`E*LO|NlQQie}^}vksNg#+@+f-^B8poeL$!3et&(P|8~@+lK!`D?!Qqx85r39
zx2%Ace<=yY?1;Uub>l=7DxQErFkY89E>bOud`mh`>etnh%;(bSVA+iF9nZI9g9!1&
zDJ(rj89V_*U*T@vFMPN=U)MhWvTDVTEHLeG|H&343shPaDo`7w+2B5B`hw(yOtxIf
zTriieD;R3dTNxok4a;rBo)%nvde~-@KCb<6e;~NTvb2vVRoflf*GD4aB^OiksyZ8b
zcvQ47!2i~Zkpg@5+aa<qZqBEKmfOsuh;cH)f^BdpPUVQ?4!q=trtwCwQceqF2J+Hm
zKglnDyP}P8p2^+K04c5X1v64;e6Xtu%rm<}RWtpyw&8<6rFSK%IKl`jsbkWb^K-_T
zC>jjmMt~wp5)Y2(Og(vAZHv3@^?rXkzW+H~&D-tk`#t~J9t#_TyXE!%c&OV|qn$7+
zF!Jfi>t}gPsP@aGN*J7g`YuTxXz&#ziNPa1l9UIQiK=Y4{8F}O|HjT{@Y-ZtUXZkh
zs0OaPn`>U-Sxi1?9AI*ggPCR#u@hfPX`^3J%z;25A-)mY#8BT#$8{6z=qAT^gE2fA
z(BCS!YXIb~!>E5Lt&7W9e}t4$ez3&Nwg@M%+*)K^1}y&w#@^|`!?&GjVD&y4;54i^
z-5Caw?oHI9C|Jlo>J6rl#Bb$7F&W@76-xyz8-#J;U=8Woyh((g9**Y7*{kQs@!vsh
zpJ9Ue>T}Dfc@^H^a}&`@<Mtpp)*NO=;7leiYy&s#NB-C`n9+|5MZzBaM*(up`375b
z(a*iS5l==eH8@zsi6Kw{R}%^aK$-q@ll^kefNcnG-nk;Aal}x1`9&1lkI~oLU=K;3
zJ10$%G{<pxU~e)aVWtGUk#c4p(<?M`#6g7m$j)BJl6J$x5x<AU)KY%LS_ak)I0o<A
zZPPWwe2T&GwAaK0sv%EMK{(ZhTW*;lODLE%QII5jCBm+q%+!%)?Io5TY&gN0pZn{U
zS3Hf|&DCx{)1h)FYBDdQ`-o&d2e<OB-A}w*INH424V{9>rriRpX90n?3-?oBrSCE-
za{A301-t-VS<&Xsw3H4et{A|hVC>M>E@X)-uWT_1o9;3J>oWnnS9E?ouC?4_!yU)Q
z!J>{^s+d$80v&)^>Lj?AX-(-CuQnntP28x8>MRfFMXLEhI~}urq%HFj3N7NNkl`ZC
z!A_aif9Wp5m%jKM+60jEPKPHoijRtxPp@H-WQ^e+ncRR)Y|E-F43Q1mX9!B$Ku!`7
z9I79#l`SiyLtCm;6n-yWialEDVQMNSO<u&CoMZDA56nPW4R}_`G;fzuB4Jx2%nQNW
zQfA^o=rk$iS|5<8a`ZJpKKduYYF!!9CQJD7nG1pfKgk>+{+$FLsTS1tM1`5O_vfk>
zxyZr^)Ssf5D3_5AP)fIQMFzN3F&IPY{JWvn+?@Ggdc)NEW&^mjg4zC@eEZR&o@|T+
zHM8C&DQ4drz&_%E9brHlS5PAjKA?e^>URr?)Ex#+mp}$2xMR*k*s3qn(fQfG{UM{(
zzO<PJ-Rrl{aI$R%gTZj0z(nq>VOYTA>y&Fis*&w3+G*vPPc(T=yhJ)AF%$Y{U`Pmp
zW*;E86JNOajTr(Zz1ehf^Y5#0p(PIOd=XwEHZPZve4&Sp6|KZn4y?#Fd<A9u1AHaK
zbECa5-BLt}JVu*}nL6rj0lb@i_ZMt?3?t2gd&_(U9j@1SRD&P3?Q66~JUfg?_Sov>
zJc#_jZX!AOP`}OKo<2O>oZ}s(a$Ri`up9u@7DCzCOSSlMQy?H=)mta81Y|si&iP}o
z`(+7kJ&|(ySLdK~NM+l#a>X2=!k#U&BZJx#i++^T+X?jA4V*Sc$J8hP{!%GONOr*q
z1%WC$6A{||R>ut)fB#Q$RNVS*4gZhwLLGnP@le5hu4t(MFr6kae0N_2>mfB_#&qq}
z#~KX)y2TJ*FqG#`R(HoJqmkW<w?lhqyx#gOxzDENC_68`K8&6NDGvK$$4$yiI~!kc
z<wIBwksiu1yM##XaiNR0LAtfah~fZ-w((gSP66rJ7*k|~AE2{kV=iR5xLL2b+;k=!
zjeCwj7|h8Cs41d4DKAM+KS)!qrCHYt;vdQ!fauH(koZ3w`88##Wk{k*?fMF>OVL~b
z^9H=`8U}j>aP?7*#qA=R&z;rrP6Y>AbS)J{RI(_$Nr)(*Q?18#)N@s~RUy&uks-j9
zMeP&5%))~2cTp3kY=uWd94twu4y%o#1>u6WsOY)9$S%(hJ0l7=Q-kYW+s;*{-uw4G
zSx0>fCBK&r-pOW!l7~_dK+U46{dP{xbEQ?NVa|YJ4=TxvGEfGbtsRkIpfc5vZG1)h
zKK7qD1HUjppq(8ChWzFOyvyFhASbI3XeN@v9Ge{tV)XPwD*bEdme@a3*t1|ORshhi
z&Zi7luv*Zgl!JL)778<I0Ep;RTocjFt?6|$OR=`2BE?7uWY!u&Z6L5=PS1niROd&G
zhYGAyIU$ju91cECMyvNeI8l{WJu(0{UwDKfBZRYSKOoxhdIBFshaEu16Avsz_wAwb
zP|)73`*C$(_{IW5p|u;kc6`tuscDD6a67<pC^HAMS@%;bH!YHgfKUFP5PX}}czsWW
zjC*_Rg3u1yUe;W@eE}MnV|D~@Pxa(p^wgM<PI%}%HN#X3PnktNQ9%(?WI!@>*>ptU
z`mIZriR*f}KR{_88T-Mx@81R$V+Sn(lr3_QzH5h4B6_b<NAcP&3?0%j#)DP-q<{a$
zMIL#i2lT}1p_b(Fc0$mS<Rj!m(`Wus5>Xsuc-ZOoa(~3aDZF|8FI@@qf5Dg-IR5vk
zm^J?|yUE5xzgnEILd-Ffn5+K?`HHzdEJq|i^{jOvu^gr3oc%vI)B2$W8OJ|;^7ub}
z@?lk-<j>Fk4BIVJQ`G_G--qoXhcrthwT&xBrQr<5t}xfvyfdX#($8Psucw($=Dv-r
zVU-T4J-Y3Z(&)#7ixxm#uhrL2A=S*Y_Sl()j`>Gtj%BDg)6YJaJkf1y6WzEPEYVAo
zQ~BE_M$Rb;7qZiqsw+KgJ}ciRm!`j!XBlQU<8oXF1XEX}+T6DS$hUBs8D~TG{7t$n
zAYbt*)?-VXfN&LsC8$ivlZBWqs+1v6m~FGqNj4sUErK0wSx3ZL>-?y^>+`eE2d287
z=c!0^Z_i4F52Z<5Y$%IbI4O}Tq_e#(5BbiJv6)@>5MvQ%0KlJFHmc1*ul`x&%^r?0
zz#WuTlkD?sYBIe)B^iGg4}8x@Z99UZ?Sm;F-cI~)-%gT*QuO5YJ~6^vO<{VlsO|3a
zFSY=MQNe&Z31gC)J6%LlM=SRhzky_HPf>?J=m<vt=(A@4AcAf!a$q*=1U*2qdbEQa
zjNAZCIDi3$K$5cb`2;EnYzqp;g@w5fz9GsjJV*+G&Q2szu2it^9fP192B6!cu&|5@
zS_HaJ|4c7X`Qb9+VCmezQpQXPI;r}Cxct#Ci3H<n#|YBB_@iuSa434W1AWK+EAb*|
zAKATyQFMSDCx*kP2;WGEV(xQe$`;Dq4?6DO>&EVraL)X!BSZnz`$%1k93q6vfI&1h
z2)L{H35w6R+1WxvVvOm7?$PvH)b+gy5Ok&Lmoti?AN16>0H!=2Li&%S$zp#Xhb*j<
zKI1`tLOrZ76J-NFQGP}JJ|Y-eqMt~-XQkQJ_s?fSL)jQgr<v9L`kbm1Lefkn`}l)1
zYC_w7A3rT{B$%ER0+khW68fVtTD5OaT5l^_iZ1`qP)ygNf9G)H)l8QtadJ+&8~(SW
z)<i*zj>XP$i<?M5P7n>hGsLZ)kj5}2{L)K{4;aT#z9kk{Hpk4}OQH|VrxKJR88ERp
z*Gw=i6MFQ+e!Vh8N9AaEsp%*_C#^H-5FgVw!$I;U>K0H`4P{PrR@0~-85w-~kVnxa
z&bAJ~!5V<N=kq=22%VrWT-SI2$U3}7e<mh1<m^X=y{Q@(l$jmlKHR1MH%?Hx@pBx@
zTPzAa5LbPsb9px?fi_AV*dm@HS(yotIEvkIeR-MQ<09R`L?-*a$_6!3b6}?*g@IaW
zdI>f>WiMT9JE4slD~8KMOxM4;k=ml)pip+3S$X$-CaL-p6Y)nk9unzNJMd^tq5KSH
zqM!(s-z`G~xlK@(&c*&FqG5;Qo>462Dp2Lg!OxsV&<VQxVpLZ>B^p#BMg|7<$hl=b
zG^(k`^EQ{KBT~i_g`$>2RA8n+({ONKbbAd7$kZ)Kq{e9A%-AH~l-!cRAl59^1zk2N
z^Gweku5aw8OnC^#XtAzF8#NgM{!`K^X>?SaxHS<N^wTLUxPX$~Ruc_Z_8D402R*bt
z3`K1@Wdh%)^nz~eEd&rai<K9qIcjhWKp(x%mrLlzcZUf_+z<Svd+Z)(aG^3Xh{Ulf
zQWFY$0jW14ITqxbY5~DiQ5}%>>X~995s#J~*(bm;p%M_gK6mF7Uwz8Sf`t!%@`1T9
z6d-RgxV;-5f84wL)58-&FgF-1aR*i-tBkD$lH_PJ&=MshQ)mm7gDzQ|+rIK!luhpu
z=7~upQ(_858K{UYMgMD!iL_$fBb8EqaS>j%ys2pYaMDGUmBXQ13r!%o*V+T?<bk%V
z-?bTR!2M6x?K=)SA#L<iG+Mo3FENCmn7ecuAU-{!|K3rj$dZbA-BdZ&;Hx0TF4S-Q
zcftGC<Q^e$^b2~=J`5~icMq6mIfO$-_~Nb6{h=bC>o>`XBqb!Z9`rW9$D$SKf(hjf
zqo2PauVW=(T}{$bUy(8^yvL`c+k57}W`@DTm7<kXrXgFt;TWS7gBSd*7QJ(~fg~*?
z3A(>4U3ol|na8&Q7TNJ73dcC1OCFomHr-#F%Wku6%hGoqcc-EPGBcAKA`gYE?IqZO
z{ByhcS%dyK69CvwY&WF5Q9P3Z9inUKERoQDDZ-LInjHN8{GEf-_r=!R5SMapeTfP<
zF08e(|3gLep#(bEt&K-DBEpFXup9$TfJa6qOFtwEHy_mG$Cb#h_mKR_Mc8}qss`+_
zlG!@{aWnq#!Eh>1&sA!bKV2(bH^fi1g1zn`zH#Z1&??AMx-N{E6~dcTV2d(^!T)z#
z23l`2IqR*Qs;e0JAZ)KK5l!!lF>%Dh;>h|rj4!%hRXpz~k^iw2&_Ai*@Wd09&QHL{
z@)4`v15<(sdbfGHVBr(Y729rdVPZw;EAjzc^*p}R!DL!b?Pt4)yvrJuJ>bXtokrNf
zZ8$Pqfewdk1Xai7*+!5X)JFAGF8s7lZWoW{>HDc^&_n4hV}na!>eY6=m(fx|+IM0;
z(eZ-vIJp>m0D+gT3VXkV<yFAlq}2X?h7WJ&3$JDu2I#+3a+d$Uk~82lGSRdBj|PDe
zpOKB8jq!iB|3Vx8=M$fio%x?h$$u6kov4Mivxy@<ov5{evx%^Yk)5##Brh+dle43V
zfeoblMzg1hvi4>p3+@&$$RFmL|14P|Kuk9`x3;~T8`}Y$z~DVxZg%gZt=Ail*Vxxr
zES|HOY84fyTFsV~9T*wW;&MSUV@oS&<Tg-_d4_o=M_}XQWE-1ke(7lE!Pb>h08>v<
zQB`+FMg;KugrpK0@uhKyahN^(Mga13_8xFffOHIuj=c#0M1J_WeV;jG{VUjbU`~vR
z&P~7!fMiiWKoKo5GEO6+u~!59@hwD<Vox}Ph88EcdgeC!kEEcG*c-W0zWKo?01F}{
zDlIiJDk*=2ab$cMIx)ETHWwc@O(1d`0RW@?kc1YD{uSta$R&{Sig1c50ODknC1jQI
zvt6Vr_RaNm&aXIB1QZn(2u=U;`0h${fO1)=czGp-@5fq5ke*AnGSKm=-nid=54SHQ
zTC!5g;>r^8(cwEYSO8LgsJVgp2e@lL3nD)?us5v@ukwtbni)M107)n^GA>&%Ff}zb
zPbV`mGEXgVCr_@+zNZRJbxt5{8=Pu@TQ%@}mb<z^_8{rqsdHn%FSS5EDWLckX23w~
z0KdRtn_m|5N8QQSe7CN}zK|ZY!E-s;OTP|a?128?{04f*FDg}41qD=nBV!0hpulK;
z(%V>BQQ6s8fT2F?TRwiJNIwV=AmMBr>>vB_@7wsHK8qi<&id=mY3CZAo*3<4uaRi}
z*;w4)@)<wb&0*9d^YgQ#x4LM4|BMoryExA=J}Xm*k10|zVmcDq(n3kH&mDJsPL9pj
z3;(m6t?ZwNpCmbP<y5TxiE&u{14B^yUbYJKapmEa(G#5(qOZJ%2+iKriHVhgoc+Ge
z4M^il$cHbxstl6xr7O8*nVf6%CH~ZxS$>N7-+LdnfnOUYaL#}77=AB+xtZa>eYj=4
zoQJXLr?D?xAUioOEiV6zgchQ?%?0Q;-+)(VW=BAvZ0ziSo!npSH#v~M!+`WH%nqJ*
z53eymziO@&@fkG!mwG2|B)?owd{c7otE45Ky9K4K_*QQI6m!tI0y`_`Js9M_zgG>v
z2Z(O1t*LB{fQmn60>7J6<D&~3-+bRcQzF1`VwA_f2-fH1w&!5XD$UM}4R2~Hzb0vp
zjGlI$1o0g#cRnINj1}MOVk@^WpT1}6KO9W}&eGLazbr31QKYK)`9(zj-+Bi9ub5wH
zJFkPk3Q+p-YKUs`$z|_#uJ2P4(8h*VmJp2K^i2)G(b(A0Tl*NhUj7*|FnbeEJCmjS
zZGD*_{rqr^E}n3JYaCo2z|+<^d%x7gTv+}BXL09x;W+*HUu*{e^x<DI?10dPenhkY
zL2G>o;6(lcUv|SF`tfgA4FKrHKcctZjDAIKyz71QTzOl&XE|~|c2BcqcXq??vt@5=
zhG6vMzcD-S%0Hsj0AS00M73^UMgNWl-Tyl}aI_o#%rkrBL-l(-GyEoN`2qLFE49bB
z*Y&5VkKoaZm1)Wky041y7u;LU?w)PkOM!apn%Y0#&%Jx|2jjPP>jLjir}LR_k1K0t
zH~w7boKKOVhpOcp+*{4^mF=~wE@%EzzzT-h>0@*9iEqWvX4@}ocXbN(OyA-&j+4Ge
zZe;)8584j-_Pl}@`Sw1Uvws11%l04s-2!ISZ|P1a`19XgY~%X&{A`g%_+G>MV);h<
zUT1!{*nbBpWno)Y`C+6MU&BKE+Q%_CIMh4O>3j2Zq;FqdSATy>U-3YU{qVYe!%<ON
zT^@^#j*Y?R7@Qga)7N&@!XqL=Mn3rrWqw@XJ}<YtclUmyez*7m`17&mKz=?GYarz2
z(w0u*8SxqdGaStsX+IVvseNV6-OFz=m~!0N3p+N4`2z%hRr{nL1hq6IY<cpG{p1@+
zHRi-FSMh8lR2JDvB?Gxcc^!G(#|;G!IWC?o0W%z_e2=$>mBkh~-Ze?8oieWPuR#D>
z?u`&?XLG~MPb%1&tB?)1A6}lh%~uOSOHrl4t(@CXl(%TRQ!;4n%i6%F*T{=}3vQPl
zL*EJ14;ScNeR#?@m@D2Z!D5!B!b<5CSbW~xSt*n8g<05sGk5Wr)bOi{|EMEjgM}oV
zMdXAInt_mI1W7TO+*UkSuVO+{d+Q6IJS^w*K+eda@`A$-3S*k@*_02vdnzj4<=VSq
zA%W@RO_yWvPpZk<*KFf=A0e|Zjg|uSrv)A{lsD9x5aOt#`SF<dA0uBx=@X>}-QWke
zN&@&yFNyFMHO!Y6!I|#k_K2pJswapL3YiWL@`Sj1(;9dOmy7A5NV08LClxi0r(o-~
zeq+OHsNzI}6rKUKSFz;Vk*vPmpnWSwx||H4Oa$3=uyL&IWxP*#;IUVf`vs3f4f$Nu
z8BmwhUu@;r*2nuGU=&W`0n{7Gcx#>`edl1aYBH>)Cuimf-6CJ3RL$P|IKK-PA?+A(
z_HM(#O3p?x`sKF~e1;_DGbAF`<nw0hkQ$L7emp__3&52RQ}^tZI_KWOV)_}iW6q5F
z>E+pLyBn;tvW<Q3&_e*Q4)fv?D~408h=~9^6=rtY7=N2en~ssfxM3QAf{AfM`8l7e
z6#9<!$jjB8#HDYYXDuyDOsKpw1J+NC$~W`Vb9RA-)><&dJ(@%bb1l_h@0BdHep1=C
zV-$<ATP{%iT3TR7#q2)&rXgw0gCZI{WWB601P3kQlK7f4J%mf&5wWK5jrf+$X8)T(
zl$}?kuiPn*7*7ULF~Zu^EUHvfQNxJ=CTsDU-T9~(QU(H6vUxoxh$r7|Gc+ex+xsb$
z5Zu=0R4h(9w#Bg)yhZCUOjLXkF(RK|uw*iPgB94`I=Q@D$oDa&Dyp>~Ru}Ft&?#BW
z(L5YDQ|A5=9p0NQK;JcFDB;l6H@1<LE}N0emvyG^d(<tRPKM8u3DvbP3loMk@$&X|
zyxD?A+~6tZ8L4%F`xz(~u&zXA!|faup1%jKc9<xu!eVVMIT+Yt#7XuyOKFe>Mchc6
zS-WZZ!LjQ$bo+tWSq!zx9$)Yo<<xjZRj!a|>Cux$I$C@CefY$9rQ~|`Z<UUK2%a%>
z20>?E^J-@cbv-kv=Jb@+0kt6?WC^<8>Po+k^%pW;+Bw9zp!+jmz!z9=_7U<I`}aSh
zVr;!L6bdlP9!<p$q1U4z=|bb}6Jqzw=VJ(Z32iLO$Ljq^!cPj7pCm%G7^GaohA0)B
zoJhJf6Es(eFdK_2NPsRDJhrcra=z7G*Mu(`Cu$LPWkX~5k6gKyU4d9-23vsBxN>;9
zp^5<l)(Pm+=}(=N7=R8eGw@w)TPe~dm9&C!$9Yw8ULG&%(X=a#omwD-HWe!xO<OiG
zX(BUJX2fNX3VHEU@}j742;I2aDar+N-e|#9#W9??5;nW`Y1nWYLyc<vmE_XH0SE`4
zt{)R-+~<V%iU5h=cK#rnX%S&*AlFh(*|TTQoBItlABQBO(xr+hZA_Z%$Kj=D)6h=y
z`Hqh&FN%u(Mo*|_%imLh#HX9=%rl_`yKnN4K!D^aS@P-A<|rsuSsTHM!uebHKYbMU
zRHw>Jgs?Isd{phu#QXd7x7|<4?yGbljK+r&K+$n1!mac1Bpy`WupbKGfwUMpjX7z&
z0^Ko9wVhw;%73}+Cy4tu=|2>0SBi{kKc+7KyxZr$o6o&ynGskabaYb~j|t#&2{tl%
z%z3Iw<@;VlXb4uXHT1Ekmcw_%Q35*q*qj^N7B%XtCP(!KTHmHrX2)H!(W6T5!(C3c
z7P}De%r?Z8%-CkF=@s8CTA;_ILYPmv^M$NAliVH%J?E=o92=)R{7r#6p`!{%z?EY}
z<%ITg1)p<hQ(%$L8<d#NZCx1V5zyhp;LDnm=BtI6<%!mf(XN2<z?g(ZkuCP+Ptr=}
zk2_9DB`vWYRM1s_E<y`KNGWd~_-6mcNF#Fjn9G+C>p_Gp<U+l^fviD6-h0%DxTFTk
zX+=4cK=6h@VKgiRS~YJtpspI&t8HsLsUkGv{l+J8$ex)7w?&#QN=8-hfSj>#;U18l
zC|tY>9R(z6RfmV=2U|b#P)fJ9VK9_{sKZ>FxIQbnNB9Zfn<tuup9~{tofvBp91XCY
z`}6%1MN1FKaDTrxxlcQrRE2%edbZ=YVA7VG@vWNM%}u@53f7j9YPyGBAs~s!aROoM
z7wdvFIAwl>{UZd=H}(WDp*zC%Hh(-E_jMi=19yOHfwSZekKj}c6-L*Z@MtU<Peoj#
z`qCWLKxEeq?#%LycVj^YjBK}2fSSN)!+imqdQ(O9a&Gu%@F*LxA#BtY=i7md__DPc
zrG^e4*w9<$;&`9>->W5QrV)-A?5cTX=8C(VSi|YXs<yxzrl7HS<kIV}S2k=ASIi)-
z$q(|ah`$^aB&5^nf_ZSkLyjT<ORbkO)(ar)D?rL$Uo>5{<39u&@;4>|YWOEo>6lrK
z5O}sJMZSS_aS~sL{P<L2J4~XbwB3@-`y$^pA6b+S2DV2KJ#BAR-M}9F&}R5LRkOP!
zrdud&ePpgye%t>;4Cn*h#VcKDt4E-_?vZiuF7Yp-<vA5Aj0j|F<dbElE{b$ex#GCH
zyu&rc5EkEERHU!MVTK2=BWgpgxn_WERa91O8&uhL^h*-0rRnxh|GJ=D+Q<2h@|%l~
zdl(o3P}W60thWx$C&i$8@u3(5LFx4KN3j=)>k-92py?lWj~(BoDXM?eJ}Z3S3e%?@
z*~u^N*mPid+;V;j9!H71Pb_%hn{UjPnd6NazZ@+ofEYnCf9HBN+vIRXo1<K~b~z8=
zr>?#}5?aw`u3hqyHl#g9pDC`YQ-oH>w6Xo}yY>VXc!yn;VZzZ}L5aiTrZO`~%6(^`
z6R0o2Sjg@!s$MLHEp4G<HGh}vQMkS*P6<E-id&1nG#Tm#v!;qMD~>!mS@d%i0Fr7h
zF~`+!D{ZS(sUiot?xukS>+7h028hQf%m}dYTEsKBSl}+Rttrj>hlg?gBSnU>(IgFy
zj(SvzxYver4sqN1o|y%u5mDiH;(?0E3jg9^lpWGy7C0OgxP{d?|F^swVY+-xM0e(r
z*;yt?v;CeFi9Z0acRECr0GEdilL*AX;5MmkuL8RQ9}E84D~dREkvnp};LB5|d#{J4
zRhA&wT_Soqs&kthO6PH8qpJr~NZ(}<s1Q$X#=IsDB4k;0^zjLQo^i6niKXkl#$iLY
zqwMC*9~e__M&0YB;F$mvgc>6y)<8rCQCXu#zV0(WW_&{WOTYv50zu}9S+mfekFP4L
zlSWbjVbVk=jjy#Oxo_wU!D87{3=Pbxb`YIu(wFGo^Vq0n&AbU{i}y<6Sl2&QTU%Ui
zXB8!KH?XT=Ia5(LLrSU!6FPoLk+(Ngd3dZsMk8+knb5Od!p68L_@q0v!;uQQob9$D
zb&0QrL-Sv(WW2S2xrAx7qy>_C+;nfv>qG7Vqf|gxH&}j5oAH@6!ZWg_936{q^q0jo
z;_=%aZw{tRAj_*M{;;e4^r~p{ZRpM2;QnGh9MNoGFFdyM7emcFSu8hZ)@ed_oF@Gt
z;s&_$i1WpKS~T&JCYzZ~T%&V=PHabU$ra^j@+U?s=?eSCmKxsN?dilPQp0LLr`-rJ
zpFAi9fX7R~I!d{!nY*+T-XeWLan$5zRf%eZ1$fCffJ0}%R~5C{jwHMmS``IcBWfwz
zRf;U!FPK_ej&ATv2H?)N6fmkb$+M1VnN>p%_|3mrf()Gx77kQV_cAx2G{ufdFKW*|
zFx+#XxtI!=0<2O5@w3(sCmkTF$6fln%x3_@=9~V0Qh4$~W(c?d@^D1nbi~}(eYTLz
zBsGw(N>P_7r~Ggu(L)6GbA!YLqU1C=Krp)!FZ-h)-{h@Z4g6d{BD<>%uQ`31uz;G#
zqswRlkT7OImmE*6CWuYw&A!+F@HYLNl_GcaUgLQHKDmF+$N)x!ny{E@fM^+?Fd<J3
z$9th#C5)e<&4+VMUHy`$7tOuPX_dm;{vpSiq-krBz5n8BCA6V1RBb9E)vIT0hM1Z`
zbY=zme1db~?;yNde80s8ygebDUA;cFn>q$Ww?Il$8}j(Vr7AQ}1lf<k1BFqrXyl#l
zVDj6mV5M4*ji`Q1S@i%(tc3W{h;F}e$nf~P>^UM{!xVl5$rSn(eDAZCwTgjW%B4}M
zb?r^Vs46^4)V(QMpsu!r_KO;Vl-3Uet%hX59IlxiHmgHVDnyU<{(I>7Ug?W+EL~rQ
zpLNR1YKd&;@~>m_QuW|Rf5H<@gAL{KY8#n{?Oay6xkX8Sh%gC>jolkJNj&S<q4ce6
z19Cm}=PK`(?H)9{%H^2hJJlG&Uy927>{!9hfQp52J20gRd`b$0gfc9>bI7`$>FV0R
zXPG7TPv3j#1eyC5S0Nt_3hKtTHH<Y{g>ZMigd3Sv)qxM&;!MS*8d^Eps5m7gkDnQV
zAI<N5jw`FNvgzi_r=;h}rA*Lk<h&F@imVtZm<lB%g9s7)O${V3L<6I6_(KXtRbv@O
z0~G&&KX5Iqkplw+h~tos!|ZU?Cq?q6c`8=fs&x8=Vqq=>JwWh~QC_I{C(X^GNHjry
zz7;MG?5VcV4N^;g;sBU%PJ%Cms*p-icy6P>KNpBKj=7dnQ`WB#S5*_C`r3Bp$|wSL
zYcs)eulOEHPUD+|sS1_h)a;dxJuzAPdj-qD1PA#G$c(@k%L!NdYmjqrLH_Q9_A0M*
z_EYxE1b#gc;4Y8j0DoJF#}tgIa(u^c-IZgzR@Fn3&(35f$Xx~n8w@`mDI(-@er#-B
z+ik|ZRO@v<b$4=aS-fFx>nAxE&g5G%T~GPu+i9lQDm3|(K%}`d%>7`u`OKx_v&pzR
zdylni<`k{jwsn?-N;%ojUBQ>#5=eWSVjARl{UT6S7>E1XVAh#-uo$oLXr~ZY<OSLk
ztf0>i)R4E1KCpdw7FT!a7|^u=A7F~EZ?0sAlmE%%brtJ;RQ;%#4iX42U%c4^Jpj6L
z;{@fFE<GW)DSKV2eXh^jH08Kn4ER;PAeF|S)Ynw2F+#DKr|=q*_Ex%hGtzK)$Sl5J
z-$KS#N^Hs#G->2khEWpPyVqct{S#TVljGhQE*~JLSA`eE20Dz1g;SkG4%1KZW@SVu
zO6GAZ3TPQ`xSG=)dH4v_$yVUa;j(BD{SHJaq`@Ceh!+&PpK6{l6(cPIL~j%FYm4n*
z5!x~w>cJ!aLbi1$A*YJy(hqq_w_qANrpa{+mrEOdcn#XEimwXTNk61KIl8>kP>|%Z
zOH3a@$-IWi6^KDp-0aF!v{P9{Q6V0N&@Sekjzz+&s*`~5Ucb=I6S)EW*YYsF-(Tfa
zxfRD3)SLnW7fAS0O`1T>9+%x1-Lu}V^iO?F6v5g~OFD|9tR%&;8xXxW>bArDkxWu~
zYOoFScU)!1!;GSf`6#qU;S#yaY(mP3)*unETB@0K6VL2<^jI@G%SwlwDL7Nt*zAP~
zROY{NgNFrq+>^JBb{FZ73-*{$lu}!rgdB^AyEd*(l0~qsg!eKx7q+pAIUY26v7UiW
zp)e6PD-<JWf_3*N`(%DGqIA>Qn^vvAi2nIRl<6P|I^3$)otY8usPh3{zfOEkBEu8E
zmhdD2_=o9W;KXCBv4afw2@?B5h34`$C=icX1XCtWo{1<xAKz@q!z^OIHFI)%NJvW6
zr7n2izVlCO@P|5%q(o!mJu5>EPY#wt#^&6$H!@UX+2GAfYF0SIo#Ns5_N$4LbKfD`
z=E-Dwe%PEluQN&DM{-LO<5GX)645OI=^_EwBd#H%GSqVTKCEaYcpw-`M~5kMw?VCX
zOX#Bq?u0-x<SpRefXIfOh0(}9hc7xc#+1Lx5z0~9==u{-w0X+dL#$P1MO;@lL57B0
zHk!ijcY+QvuLLT-M%kDlwXbgn(*J^+7uoo|TlgdN#+Fp?Xy_D0TJ{t=Wz;F4fU)}d
zX4~o9=nwAoKLJ_v9#|lXZ@@)xGgKhT6QzqHAsd_K5qSk4-fQ3oKZZG7CwZIx1Vk&P
z3x*cw8=o|vEY%?YUShwAG7uT;B~%*QSqVCuH>c=9$K+N9@ghwi%Wq|*9pGBolv}RS
z)#;{LF4w@?$hC`Cog{iaCAoha07Us7rWaCg{|Miy;wSldu)xgYL34;k{1~KO+Zd%<
z|EVPO2oL5wQj*0>(LI8f@k%ue#)MsOUiczbqK<ZTeR#aICZVERj0<Zas)lREY%*wW
z`&pe#A>8A*YqadPh0;QO@u2mIjAMW)gTu-574~+AN}3^dGL`k^eXQ7Pm+eOua9<CE
zMpmG64S)J9N1%LoX1i{+^QlFya-r7zKs|qo*Li^>?5pjpP4rlShasn^&_6CjJ}Bj^
zDSfKFu(1rw+`7yb+m~HZb_?KOc);o)djD%O<5DqkZA6o2sZb;G;(~<q#JIxQ9g9hM
z3!HQSU>ypg{S*19J97a-_S90X|4d%+8Y^UDxEyJ&D*wIlz^N+~?S!^lyOYW?_srSU
zF#iSEhd7+AA5#QR*LN?e9|F+QI8UBzzWG(}^oToEjgl1#Q)5{tv8V3FPj9JQjI8h~
z6-loU0od{fg7i{*Y>25w5&X~^<PZ&1MW|jZBXy_daZMjQ_5Qi6eT597aLGhTDLQMK
z8OJ!T%f$dP=+FnN_Gr0t<PTm&Ra3RMXTB$^3fQ52n+L!_u#Yr%ATdK~A7feWH!x}!
zVOUX0=UKNlwXm036x)+B(rEp9lsREjQkBGH=!8VS$tM_#y&Nl(BD#rsel?Zke2lXX
z_o_h-hx+7^8%O2I1+6^Ev5;@;93+M>1_G&f5&0WE^`CR(xSG1nzccP~T?cr0lE0%Y
zq1w=a1Ku<celtG>2`7B}&R42-9)c7!(uCt45_JjI1pE!wAkw3zxuuPPs-S&}cka__
zY{V*wjB~v14`YBvJ8hOB@p@3y9L{o%w>A$BvAkHar<%`a^@FeEtM*CQnkf^mLKphf
zZ@Qkd4@5MsJF^)3OfcZl-|*KM1^hF;Q>+am4<p6~cnT3?&(}KL3JL}m*@RFGAH>it
zDw9aDnBSR-THfT^kAN}ZbMw95la-K;g7sF@rB+O9b~^9XHWCm2%F`c%X?W5o!`F~8
zjg{@=V`9?7)`EU}w#A<6Z!9fB+#|xmc*m>3_e&|C)ljzah9|odr=o~0E<Le*G0ne{
zzMC>an+$)2Xwzjh-D|>L@wN17j5*23PHWlom2dOX35O#is+O?gzz+X}p>f&W81F`+
zJ!vORj&eL4y@%hr8J*ihbVU#^Jw-&?XHZnh@+d(W!{#&?oJCMpEKT!8+w62wTTt>|
zR#kC4W}-H?R>5H<m${V_hMO56?(l?4daLTiVEgUlhHmImu^?FJEyI{C!uGq_Xh*{A
z1C5<YB%a0x=lM+uE(?D7bN|s%J{^K?%Q&pNp)8PO!n(4kGH<8PTusI*99Tl@Rn*;V
zb1p51xz4*Act|K_#q$74*@nr|!b5i<@3e22XS`hYoOf)D7Q$4xD_^J_>+AbxMPA_^
zwBIl2>?;@;3x&n>cZ|wHP>ZA5FTURNZCk!|xjkfmeoSfGvieIJNFaBG-d80POKdj=
zg$U^KOgFEppBU2KjS%bm{XG1e_=BjIM@!_(O|Q((X@8PwRfuI@3bAS{ikrP>Tudr&
z>2N5hM0UZL6581>hkCnG!cQxi$!cTGE>#z+m6mEYF3E><uB`)>mVIs&Xka#S_6=@G
zTnO&U=u4Uy)?u;v9o_9w#tpOjtH@$T^c56VpwP<?*Ha}$Isl%qioU~X!z$6m7Bu;>
zvWR-^)%l5Fp0@OJOX=N3HOQ`*BXym!6bH2HuV#}Qc0)^Q=or0*#579-bEJuTxUMB;
z9vPDH9@1u77PvVgmNgji4tp^t?Nmi=*=67ODf!65G6`gr(M>$~WA=6Ai)#i_fS$Vd
z2}&rb-}p8BSW-(U>{|~63h3x$xS{3s?ZMPTM%-`fWRBG<KT2KKOOplnw&ZfXFxT?}
z85c3NnSjq1bZZK#TMHn8Ov_=J6U1G+Gc=?z{g7H>jmuw|Uw1fmR?(kc0NF-dPcWT_
z*$*db`dU3cDc)^(^U;!=K6bo7FBDY@Y=|o<$j<LUe!t1H1g7-(66H~M{fNHAx_Ryx
z`zV;eL)Ts?$zCarZvouk(meC?==6o$(PacN3Typ;qEH58?#TNqhiK1T)D#)h=jK*R
zW1akBU695CzTO^<)mKCJ_lVxm>5n($a7!yN#>;{Iu#d+263Nj{cL$RP@=IZg>%;QZ
zRJVrjs-oq5^UF7G;vM=ZPj?6#A2Zkt-ZAWlC0bFYi3Y}Vv@6aZrU12K82F2_2)cJ4
z@z!2YT`STJH+p*&9Z=s@6$p-RN2rYS$^wnfuX16y<4_Hitc#Flff(XJmmC-2r4WgW
z^gOJI1s*PZwblfH9Z3cf+zaRCP~`E^ICX^J*FaHYRidWCB*6$WsSSsZNUPK(nON#T
zOz`c?@lT(e+*FrxtG|y@FM(-#YZVX}q+xuB9%gYzGya^S3>qrc{hH()GCG!WJH>r^
zrjvy{5VvVQ>ff*ic+p@La8cM^JETpzs$BU@VS8tU?m2nDbPd)1*GXOrZrvG-8edYX
zBe6rm^Lw*x2I>N?yjW$)a|~aLr!*TB(;C1}w}@G}Zt2A-<u_D&f{Q~Lqb6gj(c<-C
z5bLh#_5%pM*~K?t5C~|E0o4_5K`t{8Oo|&VyyYTq9ABR%EV@vuf%c-E@SJoz2WaQ%
z36<P6t|Kk)x<GtM7C~!jwRw)Qos+plh#tPKg@TVgvRd(exFArkPo)g<w#BP@we~pW
z2G1K;&6KMYV|u5F$Kv9Od%9U4_Ec4j%#sG?Hjs?q)O?P>uCE{=xZK#*<obVK9+KVt
zN(xJftZ}UAh-qBe;7eY}+d}O2&UjkkUW~r_&6lV9yf>Qs(T43ChESB-I6i_sF^Z7A
zWe<aWiS(sidj-)}+WrB;jq*N9`TOSKv5tR4lvu~C+$P#X-RN3a3>uj5k}aMGiAmiL
zUJ8s5{HZ-<m#z86eyZjEesust@pI%{`;I;~{+*0l#)2@R>&W40cJnoglWpNCfT4do
z-kbkX;u+6M3CW<r?mbs_7UzdTy;OJBm8-t+pgqntP#UA6QD^L_I*y)(pAP(VsSRzN
zb{&&i<Dho|xIQ&A$>32D$GqEk+5cx@G=6=41HERdnWU`fwM7w7FQ~}DK}7IqtSaBi
zYpL;+cQC{%Xs+jZdm*mRG%Ws4Sf`rM{&ea(Liws#P$aHutf0C13WufG8?~{|cDeBu
zE<BJGtff3Ce&CXiAs{bh#dgNF^7eJnrzO)zEcktHGy2*LOVsN67fzLR(2c>d$azPO
zca|xftQgrosBpUO4+UXNpRblNa<WqadRL&--8Gj01?4c5nyH5Xd!yikC54{4*@+G+
zWRULqy0jO0ejV}r9g%SS?sD>90#mFW-pOR$d=^>5Ty{Ij7@<@rC9Yj4`!3GNWH*)A
zXJJS21g~Euj4a%)WJS^J=I-sLGI|BQ1}mab3JX8ion`K#IW66<2lFsksOQNZe;PLV
zX>VM|v8ib1yo-Vd#V|V<Q+p3R7)I!!Ke6x{11>7fN55~@Z8;}Wv-zJK<jLI$AOZxO
z%;FXoEv57%SWYs@$Z0wN%V!>%ENq}!>x$vfQy&Z2cxtn|l<v>qCb#uri##7`IL~)U
zrgT4=8_dEMnxYcq0aUr2D}W(SH_t%znIvy)XpVQ1#8Mm&gNsR<AJ@_R^$asall;$S
z8=?Vb6+UQxk7v%ghkG(qg<R`_$(9hKgtK6o52xsGM97ca(+uq}Nc%LWQwhgu{^UIR
z%dLk)@cBoKlq{kiLtA0klK>s+?_babDQP>ou6(LGC6CI@#K$He(>D3My>%pfM<TT{
z$S6rVDZ^}U&^7JbG$r%s|8TACx%p>xNg2!GHiAOPdEwgIh-w8snrdCb8gOg22<r0g
zqL7j$z%gv~TB%M<dNJ2O=P}tduhSsi&yro)#8fCHPk4*PH_~nqVhe-i4@Zo?2PEdg
ziaY?k3wTYJ8E4~UujpbWp@)kl5sst}l&F1(kJNQG(F(Xyd0g4gsJaXHn9h$W@bAnc
z2>p(00`A_<SpX-zJ%wXn0ItG|9S~?X6m)9XKEYs=Z@hdrul61yvW)IYAy9QG3y<Xw
zI5l$j{xKKBsJFr?N%GYyXY@=ahAYqB6X25tDS&eT%zIt<rmJG!y3mvNbioRvc%((t
z(NdARG=<9WauepP7ha6%$K<)TZkUPdt?-vd@J#}iv@T~io-nat)9Onnk)2~D5_8bn
zyYd^JM*V2{J+v(l)3rV1CDm)qOYrnC8vlM3Yx=zRm!}Q!ZHxrRP&EVkKL9yE#=kL;
zv*a+#_S9ugxVE2iAgkh4AUrozrX(crOTqHs&s>x7T#jkcj8d&KXW6RsUlAy}D<T3Y
z!=GoYF56q8Uyx=uJ|tpd_l_yIU|Dqss7|tKA^C^$seHb93JhX>mT`a%fCfJq*j`7h
z*N^pap4(6hHT4_k9~2pUY2$r^W{MhkfMJ{3`^hJTs_xrzPP=tl4GR)@(v?wf)Ri=2
zu%e*BAO(mH`63j%p<^(o`%O>RMcs|>k38~HFsDKJH!Ig7YJ*jTLX&xf?4_%i(pl4y
zm7-p#5%W-$!}lLc`FJJuEq8C#pjqL`*GBPD&15)kDU?XPk<{+gHxFX3T4MP*>U^BH
z;_j^tC%*XbL})}&R!orBs&Ar{T`;xsI<fl07gp#7CAca5(A91S3}UJlQ-ONe$cRD>
zlV|;WGYx%Q>%o9*1O%<vsl8j`HI}wSgGUq<$$=xXal76=LE8o>jX41zbPSCtM#wpd
z`Hi?6c=EyU4JUx-V79vbSd%**$~Qr(Z*dmPbD3C4BRe4Fgg+oYD+*QLeT)zKK0rFR
z@o7s`#^#ptITv1bufvO9<>adZdZJ6xqWuCkPI!@vLM%M(*qjTkDKESyh1wDb-VYxi
z)eXh>J`KMq$mn^a(O#|qe%i4vMP;CK>=Cy_QZSpB02fQIj?@W`wLV4pz=RRjrQ-vO
zc`<H$i%^~QIWz_gvQQ708ClNaj7%N>>G%FHd!GCmR38vs-|OPp;WPAL3FgUbDcqt6
zVY-|thh|GXYNx#QVk6jhQKZ&&nyiX93csFQZ&&PC)Mp7FiV?p`2+=fWir>D{7U)Q;
z>dzqYFT91mC?tW!AHvTM51Q0F<YsHnSAUzA;b5a#u9$sg$?tQ2q@cEYqLNUQUKf#*
zy3M*cE=FXY$m{kb^Y#-OKKjv(&Xx866>3SwQ-nw_gqt_1t%{O;we;hOtdZK?9D$nx
z2mMEaje$-uqg{t)tJh4BygHU!?ayKvVuy;t^N8IVQ{iDwKT;xUCdXe!6Qf#1*@=cR
zX2p0qmgw0|y=Yr*JgLO{SAO|V)w4Hk%c?#><Ym8b4$bHY|Brt^I^*hpjYPHBX#H*G
zcZ(<f)B0=9L*{6kg}$WLT%m(xdpWg@2qT<K@3my^H=U(q+o2~eAxmR&vMVX>@A|kj
zZ!;Yq01w8~NKpNw9**FhW#plsA|3Rb>RIo7a;Tpe^45x;N^WkvgSw|n*PQ)xvNVEw
z4mG2aY~fZrCk+myhgKXngrua~w_oM6j8?JoR?`{4uWQ?<xUb~OJ83XHf;dK<z>RHg
z6K`B|FWm=WvLLyhx?U;WG%_-7@48Uk2JHNVE2>crJYX7zfUijzj2E#P7OI3Jf~rX=
z<t`maVb3UOC#CwFj{Yc2B)MQeLEy<J#X+A5y#uH<ezq&WSP-+ylLy>UPNY3*Do`=*
zrF2=>OXV66XRXtE3Wz7pu)O$fN8+|Q&Zw-+7Y8R4ed$#_Dwq5+LuYFpY~QRz9estJ
zEU$m8b&TkYao=l>d!g%0PrH~jqw^7)Pdm6|C<Y8?SmR<^8gqq6tm`Qyd)_BSrhCS@
zd8jl(OsUL%{npqeXK2^OOZJE`Eagc|I04+u&^8aTm7j*Y8uEL4Ab5GucN0GpQPz&1
zY8Fb*R{O&(!qkz3Ur@j1=zU3hY)N-wpC(W=Y6SLw2pg|Pgt_kOOF4JQZ0Zq|2|J9z
z$|!QAT@;2k?`k%g;cj48k=>T{`>k4#O{=FkraGdOcLoMVmFrnLO67T9TZ?rzc8?J6
z_}ST*Bv_M`jnr*C-rMf7w#J?Nw$kzj%rU@7I2b+*OLF?Ei`4Vi;(UXCPT(uBobg=I
zfYg>~zKXz%`}WaR);2-ldRmaw*iXIK!H*=UXm5=yKa2m8SYDp_&=5h9TYJ!(aJd<r
zV;Oy;KxVeadAosu+pjV)U1>4VJ@@Y9rRe_7fU%F^2o{JHiF{@cp8aJoYm=h(N?Lkl
zfsqRxtM3NtXSmLCa(D<KPk=(rRW{WEA1;5(((jPq1wOQrW>YQup91H5v({CNXE@FG
z%)1&;d-+9#1L=nZz6FBucsN{YP|<$jAD7!TgX7$E**Va*H%WRFNLy-h>O8i%sbJBw
zwTM6Fo1JTeh6tAihKg^T3u~YEroULY22=Z4=<V#y!x0mr6XoA7T7YZI3HfAyrg2tg
z+Q#Ty$bY7Suhl`A5)Lll>96Gf=;s^pgwWL_<YN=eaKS0)ISB3lDK4L+Sft#@d!QjY
zl09{5BBJop>9*GJ(uvAN+H7R0`Y;tdCDfFj=W_R^CQoYekyG?T#EH>Q)Do)58WcGY
zkG15mkq{FPwZLu@3J;wT2@-h=h0Ew6gGtdWg0OV>HYw00fV23^GU3zhXdty;dI;$=
zXi=bK0A6Tp1oWyiccNLXpTxbKd4~IYH(zJs7EF+fnZr^iVF=BsXKE1pjwo-;P6}f%
zC-NI9e;dbPB{$Ua7s~qs<~i6sNzv0xBT~)tp=lAA#sjBUzePJ?SWXg*5h;cf3Gjnc
z)F&-#+}xcxYxR@WRS`3(+%4%^>9%}nkX^BMNm|1fldRpT9VI*$mK!`l2Pss!Gd6p&
z7@z()zYl?)Bk#|x{;*rCt%fFu&l)CNa9GAIm({#=of|@cEs67;Eb0oqPAfTLh2Ad6
z#@&zLsJM4OZAy{ZnO$k_frL}{ylV*$1ol%sN%rD?+;)`xT~6Z*pWk#_qY>6S<XR<A
zVzh1gt7VNHT-Y_$F7Z2xmnC|pMIV)LZ*X3+t%6<d*N5BzU&^j<@fBxDX@23lJx!|B
zEIu(N$?skUm=Z#N3hkIdxPFC$^iCuA>ig6w5DsLUS-<5EN30zuK*X=$&7y)KHoL~+
z?GL<KaXf=}W>#T(BxnT7di(UGFIs5lFlT8DO;@P6Ih4;2d2(DVI8CyWjn9DcSSQHB
zN;S4eiQNl5j*mpDbb#*0b4eEQKuuN-UL7K8On8VZ@}bR?_oY{i6XKOFV9$qo9Y;4v
zJ_kblehjibhzakrn2z)aSJUhaGY#x8s$B^79XmVU$K2J|B0XWsqNG&OH^GK8o<`07
zRYfJR7?S_vkGQeAKNI4K_LzqaWudd$yJ<6&7~EBRu2a&!DS`#PIFGYm@gf}Ss#Q@$
zl`bk0mRbA~8?3f5bx1R?br_9F0(Z=0Rf|yF;QTxphOF=l2WHx^JL0xtTy3u1LP3q3
zcoK*3`Ouz*PJ(1N$dz9AZJDn(d3;v4AQ9eR2lFSL`aXg&mX30|)rJ{>$b3_-E=Dun
zXE=ydY3EK9PX<PUbwf3o_f!5);wcDcIP>KALNZop-Euedq{~QspLxax<?k{1NL6Wf
zkc0`DPUP*l2eT1LVwMr?N<v*XG3rN5Exqe<v3(Sx=mJ#Y+C$`??CN;k#&KGQ2a3{p
zs&t+t^VU}7ft;0eX+Ko?`nqcY+<V;KAquo#C1eZGT9jbc_h>8;e^4?7K0*6dD)v*%
z@r@-rq$W9diUnPcsjHosveFwgZ^aTxJ>T@+iBuKOjvnLN2QYJeVtr)$M%MfM{c2(^
zLfHBe8Ra9-+Vvj464aVlK(NLk57a3kRuH?P*I4W$5xXh7vU9dzaxHSz^HED=iw%_9
zX-@;!(F9&FbV8@UkDY?ktn*NL?kDg7cOSz*Z71Xx2jYl6oy5`RrmsoN##j62^(6JW
zSQq)o6t_M#mRhv)gcWTT1VExtXGNB*X)I^_&b~?nHfHnsZXJKO{g$u{7FWU$3eXp@
ztE%IpRw`lhk(OyI&X3!7qBW_@6IWpN?jaKqV${1PeLtaC0|8dFq4NcFg%Y8wYjHN7
zP*%LFr$^0+sJeC`KliQ3Y{%E5D%#Kyn_si28T1o_+oPi6N<8V6ui6e%RI~gPZ}r(4
zt23X!^QIdky?yoVFLqHx{v<Kru9V~*7;AaAKuLk+TFd8Y54XG>My14|bANP7@y*}Z
zu-7c5Ba!8`j1py_wL+1U1NxS2?YRKDTa#$Ibv64m)8-fQfLH?M*B~wYQ7@X@kxuQ*
zayPV=jqdvE6q)n`cve-MXtbI@E;BkT`D@R66Fq(SKr8ah2{Cw+4+(6;$X_E8XJ?K?
zi@yew<zR`w9luGNt&c%BGGw|i+{fvZ<5}BC5*d}Q?*xdeP>*3|q6os}dEPn&Ro`d?
zb>5qC9UjmzdR~mGb3|Q%f>=y=c?*Y0djb$XD~f5xB;Bys2o@uA`aM6E;?5o6h%aWf
zw<cILkADcXK+WJMibgcO$Ez6qDPDaTVkpHC$E@o8GYryLL|zkhF!9%^Z{|@{jQVuQ
zP<$O|Y6u5js15kZLi01}1q`|bG3xiDL$;cyES60a+s!e^=WN)yLFg#(a@S{il(r7B
z9Hc^1W(4mtWqRJP{D;xDOdy>vnGKRTJ$A4GuJ$q!hhtGRJLF(P2Yunbt5dM3Ed8dj
zF8ykldghxZvHVwMzl%;3G!S<y4!-3D1CnRN4)uzi&DagNsfy3Xd-9;z`^}M4IjJ6v
zk?c{SQ038_&l_b2hnedZ=eqbQ03yF=)QHBZE_jRHs<=43@_x{9e^WRDLM%w#d&VD7
za5=+d#o4FN8v*kJMuyKx=M0L<SZQH(4dzCiUZ&+57t-x;s4C2#S&lv@qRDGD<d){o
z!BnvIcGUpx3r1gfU5LUp^aC@-PD)jvD8HT%@fV+273+<tk&c`&v?Qxr`?#YJPv^oI
zYMAmj#j{%~uIB<%>MTdi)X)^&b)`m`ky=yyi%MZXwI^ha4L0a}c)s+2<gruu{-Qks
zqos9_+KHT-+pCcIyMW$7<#7tGvEVwM=T<LaHDqnd?t}_#rF|>?Ho^aPB`6&!Ap|eC
zyJ%HC9w;QYWmXz<2}zHU%y>!uQ_2#{hvlHYd3_H1OvIDq2V(|1%5TI{>Hwu~byr<>
zs$hG7ba@+EbjiU+o4kG<q;nHMX6<=fLSfJKQw(fEJ7E=s=s_v>jvQP?ecUnbMd>e>
z<;<h2Uayw6@v8~05KZTc5>OZ&8o}|5)Rp2IC0L`~@8syb5ayD{u*b-N0-SAQ5<&ze
z{WhD3g_Y->Z(^cXB*ieKTNq#^7DMy!rv~oczFfU;x>B=M>0it%;4oMCg0o=C;hQ<x
z$W=g2bc9q{jva~H(c$(o5EJ4_65K$ha|IIdSdAIwdh#-(+_1tlZ@;v~GAdHaHuiv^
zv&n<z1lv-Oq+#c3BIS2mqWJ2@g)=)YEu%ODdsKPWlvq#6k;Qvinn{>8HNl-H{sO=T
z++OSQ<sCRX+y<`sQqyeVMFSkTioOfl$WCq>3>6dtO`8kx(9lZ5zA&do6rln!QW^xs
zWYU6jN`zt_ywT+uNvLtmHzL|GOcv~fI0BYO4ms+B$dJfS4idLMWnSO<fD4ZH&zO5(
z%4-Sjs+?2AkKv86gix=wvSX~<j`%RKEar_)M7jHF4Ve=5j#k8I+}}7kNjk9tlyANJ
zkzaYjW&D&V{kRCjPo?y~UFhh;jI^RPBXx15Z9P8da1MB1jBAcM>=bOAXjjz7TZJU?
zf0`5%wRmd8@p7dQ0}>sn0G1ZxXFs!DCtI)2^%~~#_(%wOs1THAT2Dz&1i)S~<aC&0
zbOgfeHRZ`3DP{uEFCGIvYHuy-$Cu=M#eJC?oG(!Nk{8Q1GLhjGZT~fPieCEix<z7M
z`|LbRN#^0Hpj35LlCTqhu*olZ{KKv*gGum2M(N1F!$tQoA1X~25W}?NGIc*ApwQbx
z^nRjHo#P-Re^rI45#SzU@Z~vXfBRRO3m3}@W*p&<hT#UQo?Ic<r^KM=Z%|CSY}zul
z3G?z@zFBvlAxZ2?2eh*2P!381xuCa?w(zY7b`)7xCy%N3zs>ZH*LXPggz?QKZy0{=
z2w}?JJ-9y|s)bo$O}_+#hmoek!oy&yGODGu^QG2dyd+>g4Y_zVfqne_=KXzJ?WHz(
z9*}p!>W$7#qpD;!C69FVRQedJ@e|=}PJt^8w=j=BoGNuGD4N5Da})zK<l^D(-F*Z*
z5S{b`<hb*Do_njofDwG_w|95QqmxjHBXWsRG8`v2PF2w-MTP!pAS1U@x|<vScB?9n
zAO3kIw7uzrA_L7@vY<~u;g*AGcB#&3Eiuz#)uXRS_UXK71Y{d&f0zMEm6|vFdaoL}
z?6sd=pumnT|5xWTlMI#FFs6d8v>|ppGh$HDA+xB$#KFgOqYmpz#X>bzZrw~qdHLud
zHHf}tcUb9a0mZkAKqo|;PlQVP5-*GGPq@=@o8t%CHJPw`)+rq58f2^`UY$hc(gzL<
zfhkG!B?9s^JNT1Uffalc!QzMJud_8MA&e24<(uP`di)9a^*LyY&k~woVVZs=IjKhv
zw0PjzMVzU}FYE>9uP@BmN5rZ0lqhX14W=X2Z>TlI5&7R_KHNkLv!|bCDzZPsGjPOy
z<Q)6zDsilz>RgZ^oz)3qcYpvt2VcnDgq;q4bluXFtMCfmqA(JqzzXc&)*+pG#vg3V
z8aTS)LL2|aWXYdh0Y=SaB{fN)&;Tzp{j!%7As*<^-T|)W?BaVx9(fjsZLiu*k(M6a
zE*98v3Y#S!E6{OtSy+TI;ecfalKH_Lh4ZV4Kz*Sg86tesz7BD>b=r4zu&l}U1-WU_
zCff)=H0#6x-F#m4QFhG#$FsvLr&VP0@xi60!8lZYQpr!M09xYq0p15;;%d?_wL#EE
zK}&PqBP+@SZz18|FSenc^kInFC_Ox?3<EcH)!AVL47x#$`#kZIN%#{t+Xs92v^X>B
z355u7$cqXNp>SIV3?qq_x?bt@;eeiBIH|La#sMUf6=&4XcRLc|d<!-`BW|WV*jYR;
zJx~&Faotta%5X7lBEpTr%*1;1mvPCUmYWlyX>jKD$>41DFY&)+MFW%$Ow4TTPIe`y
zV1QDJ<KN@hxy~<JNznvmYGteRv&&)K&x=D#Fk~`Gq-EV?ILi6FxEPg?X7Q26)zX?_
zl3v%p?kN!?6!GF??!g71<Hmq!mA^X^aCJSyUUqFEXM8kPTo9`>sD{lT>RZT&l)rn%
zGM3^J?k9Bn##B`!FKF};`tfYO^^INDdn(vZ%^IsPs{>*hL<j3}P8yGJ5iwS6m(Uqa
z&k+AXz8QDr&|gL>0^n)z?OXQe%H{AbsFLXL0kl+T{ijXAs7HdLJ$lUDV5CHJyR1u_
z=9fu0_S4s2et4@f%uG!|m=rBPg8k1XsdpPAY@u^HxA-BB{LQNstT5ilqnJ<|;GMqu
zwa5fe+%edhn=O?VX$oOZ-!|=<urA^4c|RbRWm~j1NFqnpjk7t7c~R46ykWqAp4O$0
zu}~N<V2pn4a!r?16UcV#`aZC5SH%xep&I!pFy}$t(BW*=S$5Fh$;`$fp0O^4iqiWD
zr+3Y~A`||^8OV*lo6o>FbUklOXc{soVnrJa85jevd^^sL{>>c|j_UAAO=m<?;T(70
zF+{s!vpPD72R6AO;@=8t{Vg2b2p2JC9fO<ndxJxbX?43J-9BZ~=g{qessnlUlcG~$
z5{p9i{>pY~UD%k(>y3JeJ|@ync~aU$IbT|`9LCortM63t@LKG|A>-4dHh5Q%@fR>6
zSWhLZ_+?e(c7Q2ILF1dOHC#(46G0w5%rvjrkThzvv(SP~n62*0YBO0OgAJv2jsj(;
z9Vw1Yjx2mg>;NB~b$`g@d-eGQ3I1mtA<{mhDz5}^8a;+_wL*B$(2K=NmaYC@75(rZ
zV8boy#8NQeENYr4rAu5U2a+g10c03mPotX-P$z>}DC({aF}Pcyp>Q<ymtHWNUOn_*
zMA}OhBF97PI!;dzOpvU~f5qy#ESkmLwT-xuditGC^a_oYH2C(GhJ=5M+v$kEYG87N
z9i_AXDG(jXY%7(e9{hDMe634f6!zdjYyUKERiTlQflq(0BpeP}Wxzr~mEd&@t70P7
zj3S11GnPEu?dHt+^11tezgUKSFd#JZbT%Op&K%!0mA_VJ+^X+NbmokW6n33|tCo_`
z!t80DtKXI<jOCYO^!^O(oMvmsD_TP9lOR!v?_Wu)zjmzj^d+2vH9-5@T0;E&aJT&r
z2UjaH(p>ydOJ<lsoOHW*o;XL3c=CoYRYeWDC}+V6n?CHbl#2BfwogCNo2)0M<nA9=
z?pju$JztF;k+^spm<6`J^=@d0{2yPAm0~OMP8>mBRn;=~rZF6$%iEgGD>swsRi`Ov
zI(8X`LfLYMe*(WWFFmwjo@(iq5^5N^B}Q4H6Y~7}*<|5bH~MXJ3nGBy{>b-jJ%Fl0
z9clS#9O*5mN(G-9C3u}P<Wp$h@99{n@77?k5lyVR0aTsTEm@EFbur)gn!HG~k0J7+
zu$3;hfpE>fCc-ekc?Pz|$U}YwR4q8)=g*{I<YFar5QV11lUxPKw(PUffEQERgg7i!
z@uQ$mjXNg~?fdNz!nAHi(?d(9z5Pno_lijHPV&Jy*vKAp;fT#_CWqKoC#|-uz9u!T
zC9Zr5R}<wjm&4#84C9^a(--OS8P&x)CJ|c9gO;)l6fQ0nF|;&0mi~%Yi1%e%x*meY
zL{n}<la{%8F7-R>$OXQT;3%U=^wf#eTqq&CY&<_EI7l`GHoZDE5mF4U^e7qI+qCR#
zU5R}d0{;d6sTO~7&It)7IC&m#v!@;7Ctn)u#}NV2{;X)6!O`kbR&CoPdzc^N{>I0|
zUuJ8s3UZrS3SF+I1U@R7-ysi73jz7~>ybYM;akvzchDHJU-|1>63CQ-oExP(NFbO4
z!Mi3*3&CuRmJTKgq#3;n+<!(9R6@}GV9%SU>*K#8>H^woC{O<ogH#Q_aAA}(737+o
zAFmxTwVCJp%4YGKY6a)2&OlVz^;`OD$X+k=)VIAKCigywR1N!aFIT$lH;Sv$I0~@k
zJ+RNrXjpC4qKt*3AaAwA-R8i#!b&p#4JlZ;<Yzt;m!b}-p&hjoH!`PP5^)#|4RjcV
zvVBK$`A6aW0Zcl05<Md$^NTosUp{|mf6U%mEf3#Ip9Ya;hJYE()o(C|7Xky1TiO`%
z8#b7kT^qHh7UXDOQxiNaJT!mffIW$CMr8!2KD^o_N@2_EA>8bg>f=aOzagSVDBd>G
zlkY=$*@@1HLCk!Q#Okr1;!-qO|4GDk9Hm7xJ!?!LhM)}kF*#lghMG4MlOD#wvbX7j
z><W+`=49Z?xd1=R7_rIvI`KKP1gC1&eKv-Kk{awW)of|GK*{5P?vn)~<)GLHIw3w;
zG^;C-PLe9=3C?0k6t#V$MCd7SB+~c_jOV5g749!kL_@t+*;<U`knPV=!(ms13YaI|
zM`sjkjG+;!5%mDnrE1iLx4kbRMLEx-@L>D#zdHG?SGxz!jFobeMdbYJiX&danqbPz
zW{CwOE#QMR$wKxIs|y7d#hgrm@V*35yhzS|*(~j#tfXwk<kgHHO9<NVneoeQ_*50r
zUST<hE(6qUYcs4h2kgbFSn6eduPVAO7heqZV-%T;o@F|<@IQ^wo>3f=@5Ilud1w=o
z8mO?GTD&=$bNJ7|Pe4F~*M)vS`30Emb=AvhnhXr3{z^NWF@Y_u>DB(U<El+QFUvWU
zwqkselNpYM`Ke$?YfooSjQ-PNu?F{a`YI+pCg%}JPM;f)3CU52l&=SDy57PL1B@({
z7eE?Rffb+aQ~#|yle(SUo|dbd)IIk3&`NSSN$v{&2rUo{1fT3qU1iz`=5|GF%G~o^
zyn7S+5MlRAn3qaj%iM>Q#uDogcRDrGD@|2hlv`}&Oc3~oi$ODYx1$<=-)v8Dqei6p
zOr%bI+)8;n`2QDLEv3?y!Jy8K(S*V1c~$*305!XFETut`=F>-r(A~NT2-61dI73eG
zii!Afw!@IVlfcM%O^e_^bBD&40T?u6Uxo=>^sL;(&9{cOjouUR`DYt0eoF(x57L(l
zL>?+P0sV=OuTUaEI>ef(EAFCOx4_i`@|$eU{W{Gd@<SDXRcy`7_Z>DqwcE>Y-w{*N
z8eD4klZ-&bkC<M;GFv%L!)iGG^X3rF;DQ`z`<YHo_T1;iX0J&f`J{67+aK6J1!r{3
zjPrSxZr*#sl`+22$bu`nx;=R>*eQrE6{IwlG+VOT-Wc|vH0~>(sqHd&EfMUm)!jf(
zR8C(i63vd%LV0|S3~$la@z6L$iZkEP)c|V7S7up;p#$-C;5<vV^w`-P8)+mlq`eDO
z&6i_>P7m>Mi(f^?H!G_Fp)riWMFa?$fSN=+00b;(ALIGE-Jp>tQ@R(7Nf4dFG*JR@
zHs1N@cmoBj>Z_xMyeF5IR`I8VqY?$@{MXH{XqLyV=3|?7d4sInEiVFc4xaFX)9HEL
zJ$3a)^ukYkpCF$!skdB8ujiM1T7iCPH|T;+!w?%68u`bv8xHgF&P<z$N0ZEZ!Pz`g
zP<y!?jYoW2E6NO!@s>d4EFlH%j^)_*IGg&}TW_!U3RU1%X)a3ZDv`n1nL9*|rR#%2
z!goC5jvm7kDk!mB2VJRA{*l3vb;+0mDWR8B8mr%KS&dq|`StME4S~S+?-IE{BYQdl
zq2jzwc52xzvQQbq#Fyb`Vk|Yo^O<E%1gOdS|LcQL|B~RnAab|ECx;ozp3Q<131rKg
z0I4NU=78liOOmUnXI>r-DL`mb*rnD%ABB5*Ph7^3u5-4_UyF-Tn-r&id-W~p%8o0X
z{BIdrB#8((U&JZJ-i`>k_%noT?%Ll%h^cnwd=&Hv*4M{_frzf4()k@6RwN%bCxuIg
zv6L?H-&kxl)?RsfU-v^U!Qr|-ysmZ-q`JQz$Sf#D%+(&gd49Y|PCgBmCXo4!TyqmG
z^ZC}j=Y7?O3f{<&4P!=?dxXyWn(Rfur1@|-CTdS1nbdKDfP_u*!#xwUPMYL=?lsDO
z21D!l55grvkj)?ZTq-;UDKRKrCBPkgQT^q*r6?>T#k5=}?9FkhuO1&c?5aWGJ`|iX
z54>Rhn@4qNe!Br{#mvts!4_TeDH$a%2P|5dryv>9oVZ2s3KxE@7>Gya#7H**Ms=YV
z>)pql2?2_{m=QnTxo_qrhkStl=n(LB&<7C10<`7mtw7ep&~EHsEXJ>8<ROM1lAM^u
zUjl85;TO;l#WRU`hfVurQ7EGyAnoV(^;Z@Oj0|BcHEj6p{L<u<J*u#}yJHkrkTuyh
z4nznjB;M)iE>mtLmYiNC9{pNS_&h0UW@@b4*q|0^zc(9Zbtjk$3hfdCV-f?Bo+$Hq
z76Z}X;e~P2D)MtN`Pj8+8A+Ut4o+5Sj-9!b)LXc|$|5f_k(oJav+dlnfxw94*i@sw
zW~6eyB&QhvmcD-Xm%5NAg#IMQBl$@%rerW(X%O8@+Yn(oh6@+FuaH;VE70BFwuHrW
z*j}yShbXrHY>}yvUhC=|w$qS*T+8823P$MaNv3d(a>pcoOCj7r5I*13pyF%c%hRU#
z5`me@XK0Dr7Rcc|-Zt_|ok#i3TIO0Tc!DD^LZ`#B2?tD49P@cnZ!XT&&F)H48MSBk
z@|AwP?i=Tf;x1r481Mm@s3mTHgU3R^Q+isf+c_df4AiQ(Em>@ImqdXxl(bzE>OTRz
zRTB8kIxnS~%5zr~sf|NycfE{_Gc60u(FASOeCAMH8{|95wy~MN+iqxt(1Y@YS>_8c
z!XTpG@;tm0aiZnc(8ezcyoSE~vG!W@&UXJ8QkkE_H*`mVnO=gChB+8&l8*5$0m<kB
zb1h3FtqA5!(CSc)xRYUcGs_~gT@SwGec}@U;D)xhDoSj1wH{8N$&tI)DAWD1P<7#^
z^ih{r6)?%PiGmx^J;Q1(>rh>(MEw(l2(<Z2`$9BHb_c{uQ;zStXNag;ns1p`WGrWU
zl;5xexzgJ}NpX|(<m+|3*_jksKR@81be!|)Zx%ej?+$~lnDl?4U}ab}1Ur*_81F~(
z13yUH(vv|6^BAmJQvJP8d6~Zd5td;lTbp=56)x1bqM6d+8t)Y!XsL*d9dx&alI&dW
z<3wFayl_@~n7iDhxA};AIAZ?|_%gb{Z9XHzQnUo(aDs8nN|^nnVCX2Xl46J=EW2NX
z5T|>yxcy0)q0LpkT_2JEx=O8aFR}8fjF?t40cp#KUuKumfb}AF!o*Y$kqQ8axIpH{
z4*PSAQnj555LqJs`3kHNwW^yOqj|QJMIBnJpb6U0>p{r=2<ERK_l2<Wb|qRKghMI2
z5C0<}0G%OM^}}*_bnt;zDoub6CeY39{IqUu)>lWVfkTe1fyiH@&w5mBylH$7_6qXs
z6o~BfMvPn7|G99Xj}s6{UVkQ-oAxq>5U$sa3dp8XZlOft`GXpd96XKD5W$fE77E`y
zBtB*DP?WC)wcRKj26M_i;5rUv@Gi@SNjHUdhqNJAPXWr;T(vgK<O(T5HSukBZ{6<K
zS|g3L#OSI%;(NTKGRYu(#W&YOW5CpyV!<5OZ`o0Lib<2xN*;D{X9boGxj?0r8@q4R
zk(-zOWj_rNEh~P&;{-T^!~S)h!R9~?-r?7ffkrMj1t*Z88{?8M9Jk(8cCRE3UXb2F
z{<=il97arQAS5n~)_92dE@fM&e_pcESkFJljyBXpz09*MSt|hQ79=bz#=p;|-9uiG
z1N&^|U07)`kLEz$Y>aE5kV((_n0##UWWrWU(NHWfLi~meDp%2p@0F64Q&Bs@Ix6ex
z;8wdf6D>KUL2ZX~pP9u+6+@h}Wl;Cwc+^Qb>_VqjU~Zk8Dy=?|v!p&Rd5Yp0u+YK^
z0PgJpVsavT1&ke2oS8ksN@qAIS>fd@OY5vQ1)4VKqKqID^})dgqSLl2;MlmWk<+{>
z^M^&I-mN749peCH*P7w`LWCcYg@E(wL(+t;Kl%}sO`7Iw-NrNT3cqC=(^?60Ys$)_
zxp`elJ{J0?QHJN_V`d*`K~3?bp6~TneG1&bRVGaHfN+C9<8MBmb?sxBrCXYN+B^Go
znXoQe5^#w}KJwNgL1U%H!HPm}#<<Mmnno<3atOblG$VZd{(FFFu;F+f+<56fWWloz
zF^Fq>Gnup*siw+fkzpo>ol8{<N4GBVSird1`1J%fM=c|P-k_U{JIfH8&2lp;l!TSP
z4#3U#4}^GOuUhKWY*?rcJ33)f)cqK0;^+CuALzvS@$#-am0-!=U*+!uK-M^LvyMRk
z)_TvLw7_!H8E={U3`{&ZR^VNs(uve?#Xr4nKXPUYx=}-8n<0>iRZZUEe9PdYx1pfG
zm{LTb(%F6lm!dX_;g5sEIO`-n&ycu;J1SQahQH^$ZrctC_#*9pv(`-xuW<e^Pg;_*
zWA}!EQT|~9C#I5aAtSzrPkJ4KBvv*06b$cwxh^8maB<gbG~2mt{Ly~3-vTH`BlP~W
zV|m?U@Ck*89){7!i)BLVQz=X~#t$F2sQnE##0AU+w6ILDK1i!97b_8D`-8->Hz0$$
zMQMLRQ=4aUm&GZefe%;xGQcjO6^tCb_z~PJzs?7Nk)8mI<rss*ZhJ(Fd`<>c$oeG}
zus9KfMD2gY!1M9Kle_kT^gfJ7kl}eFtOPwGB7ABI>C%gz#y=@_&6~F$rkGb76i$L^
z%mUt=TWX%tQ`wWn#^!Wc*(%Qx>yE7c74r!oPtTY?Zjvu`8<-!<uZp5py%OV!pXm+!
zE)IT@imin*XxBei82~SPny8{5VQ#_<W93cpr*#>dE}^%s1d_pbZ8FNvqZ<bMydab`
z?+y<K`{r_Fh6@9Z3F5uN$b$`{!#Xs(k4#R~4HJ!@{XKrstuFCF8f)z3e?C@~Y)*(*
zo&(C~O=l#MNhZnuTy>P<*tbcH0NxyPTI%UOMQYoIt=93ls5<CRj?C=P&H8lxJWr&C
zMCg;1(gfvh8!(r!MvCsb2$5Ms?oDLtGslU0p2d>zAD3x*7nXfAN=wP5Y-{D~7Ra-Y
z(e7Dpm=HixlnNul*3Tlo%Xq9h-vT4rY*cb%Gy)S6i^<iaNUGAji0?ucY#T8yj3DRh
zPN(bXgo(bC(^Y>cs`Rk%6%F1N)8gn=m-)6{Gy0KC9?`Nl>vrud!4}bzqr7`=#!0!7
zI+8Ry{<q8=?exM<i-#YD&Vfzsl(XO;uwb|4eW;(qI)}sFSvS;FSvOJb*Aem?ZO`VS
ziJN}*?%)qacRj)cfJik)n5dQ3K%JRcnbk(Kd)#v&TRZVm;4@_okNrgNifcA=mb-x-
zjQImFeT=6zA|c~L3iKIj5di=}6lt3ys5_1Rtd`6#uQ`c!M7=rvTxj&eoxaGv?Wk`F
z5}akvIE`uuhc{Bn{9lkQZUFinymt@ji-L!x5<Y)sM-_UAX{KVdBe0e0WB2e<v!f^E
z{i#g`>{Bj(atrO^(vqut0qJoqaf%`J+Z>OcJdKN4Nrv&`GA>C=4jqPF41=W)2Q#ZO
zWVK!ctYLwT&E0A)1bs2rqiZ<cl`kOa8=oKlbP!gs;AM|eiE{|W4*!c%GEu6b&fe~|
z#jhAqWoljFVYuGR23)QwIr*F4eJ!rJ7;Bx6uRo@Lg$DKF5@wItF}haR;f--0P56zB
zTUPn+zOE)WB@l}j`%j`JcuH(?Ewu5+gy0|U5RpLA-(cb{Pdi``6#?@Pa;uYBsCcGM
zkvc-AWe$E7)$2%X*gZIm6qtQujqSB{uu6{n{tFHS$^K66f8B=AnQL7U9a7Wh@<>5D
znzU8~!UKLs8`4CDr*cQO7(4UM|JPNCk>Z9vHCd|*m?a;P8MG}BVKm4q!oF`4Z3H?0
zTP201JbbX-=gwLrBYwuUixMRyaP0bUH@G7-6<yp=ozFa_TUbN!kNpgD0jbpzzvza{
zpgs6ILxN}NI_4~{y52@3A!x(~Zz|_?QTmwwW-g`5GD7kRgtSYxAN$N4u%m7MY{rD3
z?WapYr5lSmF#N9iCB25|J`2GlF8G~JRj@fF<s({OwPOJ#jJ8BYWtNT;Z^fc*lzjZE
zSgzlD7jlo4tSVXuX-N7mHUfWsJU0__ZP#*kCQ*VgqJnkb@(6N$#3&JrxxFT!9+kX_
zThI7<42@SJ?SBeu%sMxuOzy*!Kc{3dynmUrg`8Ls&{(k0_tqdG;9VvohJ=QQP9THU
zHb9nnm_mZgK`jpx9Ly%~9+{Dgg4ny;9na=dB}F$N@G1eK8zj6><BIcr7BXMClAZ31
zC`fc%OQ<}(5J@K#yZKV2?{^dL#{qg{iIr8-wTr3+xnQ(TB&y#EALNf5c@$eA>#1=_
zdd=Sa_O^NkY#{dY<dNtUj#CMJ7^Mr%Fxnrk6h}8-X~7Bu^%RD7>3H_aFrbMF2n`p+
ztpbqby?LyA52_(KR>SW~B+CAHOt^FNdr_NQumf)XIkvg8JteE*c^R%M#h#8W_}4fv
z%l_oL_zKYE<(s9;z^BVKYvE32APRjOvlNi^tfPg*B+^#n`js1jduhJkQNBn@Z=tdv
zdAl;g>_`F-;JO`C=LGsB^-%}t#kt@5peE-vKy(L8C02&FbqNX<_LFRy3dUPCg&aB%
zQ^}w*c6_I1%!rG#JwTfV+SBu7=vkl?WewTI7XR*OyuPPFp6Kh1ci`i~cH^ZHb5Q7a
z|M`BdBrg2tsi56RcGLYU3L)ni)n|RM=1g`_-*4EYTrBsoyjdA8ydP32%?{_pR+_9O
z1gAYSnY{ee?z`}Ez+13Vg*WZC?3u&rGk=hqi#JY5b?H5y(=GZ6=th~*fNQV}J1DU9
zO}mo)c|N0k#(k5}NPd3dFFi7pzpGV&or&h-^}`sWTnT9b9+qakk&2zU2XPpnLhDlN
zcmOAEbpqWnzj5?ptDI<4yc(314;J(DZ4L#rLDOi2Q5IC4FY+j);!{Zv8p57On+XXh
zT&?r2bMVz3f!t~DlM>NFe@Fb(C`(S>HrENuZpxlP?;>S*f@GmZv}X`SHxN!U0wrpg
zff0qIf9YN8r{*s+*b}kSD|M^RYHP4Cb(hH;9{n<6w-K36=Yd_4!PXTW9@%F@s>O~t
z?4JvG3@L~SU&GXxz>!<G$hju9S}0f34JCSS#O|amjxsy?V7W@2+v40=&(CgroV5l}
zi>4c8t4QFGGROEEm|upQUfC=46RpytMt9Zj-i<AQZ>L&*2k;UC{J6w`B0u|cy)2n_
zK7z8S*idqGG!xVsR#u*XS{`~Hod`*7njO|YA-6W;-?MWt@qt^nXuH#%3+A=r=mzcw
zLr-5ai*53N=sI%>MncX@y}^?aY`dO+aLh{16sLDi8yEFqN@M4}CoB<uz<%E>byret
z5yEI8R+a~FeKE?u8(W=?iTO{~1-2@tBW9MFi#v>)(K>JO^2-jjDA1h+oZniSctwL_
z<)u(fh@%`X<<CSRfIf(lI!t6vmW=!UL?d#riZLYxZRQg2fG_pa&BbBxNnRM@C<8`2
zbkftCLri$M9sPTl5>*JzsOf7Acf^_l7(<}lCU6}R+;zr7y*5NW!Qs)Z2zxF=0bHjV
z=Q4&>pL4O_yd5UBL|^qcOZ|;^^9c0+l>_~D+HmvL0nR&iY3`-OYVp|iqw88fW?WjB
z^?0B;NP-?f(O`(vvZ1>B8*WcazS!NOwUz;l%O$O_?ykdC3MB!?gB&DqG+M9x<rqK?
z3-qF04CR!uWi04LJs9^Hzyf2{*EC2SH*Zw1I|-rS^yh7MG^>{udUAma`q$(I)f8dU
z>}%1N()+^-p!(eYlTeKBhAa+Ct>a>+v{(@qn^^L{ze|li2>>^NuGPNq#e94#)H7^*
zgd<3aJGDx3M)`@70umS2X3ElJhW(08A3!7C6~2@vyAzu^yo@0aQ*BTPa{iVaVwqSk
zDckp>(WGX4$)VCV)Y5{;Ud~&`M5LnP_mo}CSy3gCFA}6O*oVd*_hg+;mXtyZKX#g`
z?oB@|;6S&~`_sG?Wq-;c0J~CPQ>?|n|6&HRl{}MB<#t!Ia)s#D1v>1W;?J#7M1Kut
z3-{0W>%^%tJudBpxo6HX#qpgRr9aYNbU*#5uK0VLwF56i(H(NS0eOi7-}+$otQUGW
zA|U-!rd3r|2%6fo+WEL9yi?hGMW7l)ptj?wp>RNh(tTEtv4}(L)F63CIJi(MkF#Vi
z!gDo85Ofw)a7sWmu6#+V^C3;deOGl(RnBFI%@5t36(6piQ{7fMH~%nJTAVT!F^(9r
zZ|2*78o-MJ5(RLH<;>JJi|?grx-EPzjZqHN(YO6X^&A(vR6n0NL9;~FKl{_;z&fBQ
z#-zvxGwsY`m`bacC(?XudG(M~F46VanrmSPko|&a8w54S>Wmr+NZEAfcZCt>o$**>
zcqTh!!_P?wGa?sbmAP&CgP)>gYwdu5)Ivk&M1}i;BVtW4nJRg!(lE~ygjf0&!HQz~
z_DiW-O+d<^!4y%<?(U6feg62GB(M($o)t&a5XQ_Qd}Z}4;;Ll%G$o-eKbiVg?QUe0
zgDj58?au-(6dGOSNpDo|dH_@d)Nmrjv0MqT6ZA;!c<*(yq&B_f;zV45PPtZ!sm6>5
zUWZSE?@a-Pp$W46Ep37`OnS~La(QRS>Aj-O^Fl^J1<YGZc4)cR5h?uDB(L-Qp~o>P
zx`vW^QFmf3h9;D7u#Jh4gaN`)Kl2*I(>>fPe&kMW)cyG-Fep%0qIQOKW0%}oBLZ`D
zq#T;$l&W;q+D{dZVoW4AvrgmwFyf}3@L6?Cojhd(St#h8A&(iiVGZ(oc%4<3{)oKV
z(vn>NVD+f#VACPE^SWqwJ7c=t(_k5K&KPW)U~~5@NOHD$IXxmIHy&x0YIvWb^L=wg
zjNFfc{p`kXd2`!gI2k&-C=FUb;+GC_nqdE`-;r)2iU<5dGa)$9UCq2SplSReidH~F
zyKQ$McuTL!X4_*PUQi>0y0MJvSk;!j?J=gD;I098(z%&9zHTT6t~Mu%iLj908*Cy*
zSSRS9w=g%LdYdtvIMgB)cEK^0E6i6Y)?0v2ha`c#`?fx=Gq&g4J7eOOVN-g9%be4E
zexGyX%+(rK*Jvr2(@E5~zfd%$%0I9x{X7s3dS!JPDbRU+93$=n0@E&8%wQN`ipALt
zioXnZ)WR9LTrPpq^^eax|6A@BWaFd*l>}Xj+Xr1CQYlsNRj*#mGJ~+yi_f-U!)6$@
zhqNO;X)uo<)RC<)jkJe^Z5Qdo>0Veu)%$u?uf=oVO<)Q06juw-Z_Q;`C(KbB4(b0k
zmCJ2^H7bXHhg;<lJ3Ph1gyH}Ap9VCE-~sRAxKng|rq7TKG9)Q~VGN~dv=P#7z?=$S
zjSx6cYsyD<EE*<!{(x&gnsA+HU#+&YYOW#X;hnzOtQh4t{0da!NKeinX)A2dP0!ER
zeQ;_pfSRZBRH#u7Sjwl-DgV}hVMod*-8xTGiB{vAkv<ec#5=@pgZ^oO(a~v((J)(L
zB<fv7Y7e!=hxGHqJ(dq*ga~eNF&~NYYa?G0`Xk2X@JSMvn>bL)tlD%-CD#4jK~s@S
z^6AEe;>Zb6vP!DW@hP&qggQ3n<0pwSn6f-49@tH0EBJRq=UCG=N?nE5-JA{I@Sd-#
zjc4*-fU}=USWA{z9f3L`@HxuLAR4v2QP-dN*cj@b`dRn9f}-x}hdF7HmgjjVKyBp}
z@5`OPOhj)lTSfmQEu@nxmoYi>DCg-YEu;W1V>}3>>)#^&`bTS$(Xes#LjWY(cieUa
zcwLSA1hJahinwjSDe0u=FqH<MQqwSuS941_;1>Pus7R(ee64&2+n;6hVCo)OC)83;
z%ldXD$s(;E^LwA=LOLo*HG`s%NOXPle0wyghuQil$oI=~I6SWWbY<X+eDr4!>IWqD
zP*yP%RDx-B0U$6cHzxz3b=tt{Jglp9CgOO{%|;5LS9ia@fmv0qxx;z}lz6u<Urc(f
zMjt=&@A3`)#*{8DoB06s!Wi{ApdJ&0x@`dpEcxF#e45!kbo|;y8Xa;o3fqh^&$#NM
zqhCn*>MQlf7+F39&e4tgH5L5q+pKgf#>*lVS~t^g+$clsy(b&&Fm4zXdRLH<BfO*C
z`U>14gT^D?foU;W7Ji9@Bdzzo%;aC-!$W7Y@d_9L_wd+tJ^xSH5XjShd)&gnbi(r@
zbAP?zz8qJT<tr=0&(VP=eK!|n<MsY?x6$JZQFq#dROPl?lBO{Zv%~dw@}Xgf(o9}1
zamO(|i=4Fz;5zP=Ex#K4o!`I>Sjq3uhr0j9$vXJ{GmdaLdrupp5t$6^bBPKXVFgjA
zB&)Wt8@0V3#Tgu)<Uk>lZxc9-;H(I(!xK#(IP-e~QwE#FUkXIdQ(xh6G8*R)<YW~L
zhrQhgg{b!U_o%O_H}VsAtzQvIk>>thReV6o?P~|tRIYTV__3dy$*RgX)|VH~QXq1e
zr)Ci~T^zv|h=|AVU<#r=MoWg#(+;-_YYvfF1~uy40=yIO5YPRlB991H+!Pm!VIXQ^
z_C@QO%%ACfQSFrF`50fR*6-H0_!e4ZH}_x-1|6x$NjuPG#q*}25{NH<H)D=lD>#!m
zCjcDiu47{r&YefGpdcx2BmD|l)~zV!-VXE<uZ0)?Shd~f4m^2~LCchV`xKs`@amyf
z<L?gYH(q9tT}g>6a9E9TvGt-|kv$vlr`Teu7gt!<v+y@bg+a+Bim1QK9mo#i(2-=1
zdSX~T3lsL7xcyzw{_9*K9bVz9C=w?`FD9OD#A6#9b@K1+UMgqphle~ja--~`QNrK#
zw)C$=WU{XP?WbS+s~H%69gx8g<{HWckf11D^}6I^7(pFcmo>K1WM7V=e<j31D<m<J
zxda~WCSv7c?!U9Yc1YowHhd4yY=bVkTPbf98QD<jy2|hDVZ8s%PA@ri#p?TzM^CN<
z=*0OEvqre=SESk|*bOo4vXi2YY|QiWC=D@KqEqrDW~cX9{Hy9eJzzcXTRg|*t9%40
z2u{z=y?1_Zwg8`q0e}Hjt~d?sI6`$B44l_4V|7x0iOp3D8Kw}dht$-ts0Ww6E62(*
zv{1}$`W0ZbXfZwAi1Nf$=^)@<YS20imGL>SeWXF{8(l?kMrGCLRwA^E>~v4{+#tI#
zX5TzhiTPl{CMqU95%a;qOL0cEf0=CyA?TQL{Z>lLHp}o>rp+5Uy}UwVqHSlM)YyNC
zveW+>h_1$XvPU$mk<y-ZQxU8Yl7K9kH4>TN$?-a*iDd<!N_&wTmc@r#an!aoi=JKq
z*0{!_ivkSUW!B!=bLnO9PeQkiBU>(Jw#`nk$6+(ba%6Jr5}Kx&&_sgb@7%<IL_|s3
zcB3Kf6&L4F^--$HG-=`?nOaXOw+a{v!Uwuh)Zq&=E#oT4?Tx%V^QjV_-30ldl!B}7
zVoX#4L#PWq?T+G!T4`#o@at!gFQq-6i_a@mM{g56mT|N)oJWNT^xtoSlXz2PrS|aJ
zRR0EKbapdv?#!MZU>RA4>r6|*$m5#jlzvZP=j><Ccpi8PH0w0<XhsiQXKZo(rQ)6R
z$CRY{fh!ZOGO~-vh&LhcUQ4T~$73#P?t^oS?>3k#dt_Ssc)yV&3;sVgxS;up49Ebb
z0ay&9Zu^nAma7mPj=$uf;V#TTWpx;0N)~{8Y)LI^Mk~j@Zl2JS$h4=oQVFU-;`8mR
zwGq&0$rwAp9pCYI8>G!TFP8k7?R}=Ju-CD?ttbl9sneHhpeMH~m1p>P_Z0RIg_B#`
z-NZk(>%ShDGJSm0tT5};rvGVG0t5uEmm05M+;Qh;<!$n+w2vE=LJ=JsN&BYW?=}u@
zCl>^Sn}0SC(JqfjXLEH6-=?N-n|R?L1GE|{-n<rQ-Ej)t*T!8AZ8dhxPKNM@7OB3D
z3%(`RJx>5vwCY|}0%RR*c=FV)U><>aZXt4F<R@6ig;M3Qw{#fp1N6JwFMLik^w^oh
zaBxRG?O=cEF<5KaRG0!|W#cq<qp&q3@c}o0LD8^6lu+SRVCx{BT`|IEBNPq^R|)w^
z^aPL~MAIzm&gr3?tRRHxIrf90##jS$0P*1y{#*a&ZxBfT*Yg&F+5+7Q3l3LpgvOv}
z?k~`*NKY4NeJ?oxaYU26pb{c^lU6QyYf<=fc;O^*JfV+2g3)=JtdKKn{N!H|#^!I0
zYI!xDI9(JnPNe#Z)MPO}8DeH@@aGHc=*<Z>kbc8h2L3_P!3Wzx*rY>`aDqI)Hr9LP
zKU3Xv4)0yYLzq_NL;@mfwIdZ@%6*#qrI`gbD8VZE4BXPdr&J|(CB0oZyWypKes=IP
z5l#;#U_1lK3dO3o9FGQ=$ZuNEO-YSlIIX4hn3}kwVL{{xR5^M)Mp>$IBkIxt2_j+`
zWAk4>kiFR35B=5^w$KRYU?6{MV%8YTSsQ)*WERz&=^V8KGzUG=ANxjq4t=yZ(O*IL
zstWDFtd|M>eKnBJHb&1IR5miP{@%Wztp<zWrvSa_^>j#iV28v!tER|lM(q0>PNgwQ
ziDV;dqr9|=F2h*M>)`Ltm_$Ui{lom}xd{Huf5j5`pp2vKYY_pYy5;SDw@fI<|B?9F
z!`^slk~gpl^J*fC|4`q@tT(3F<e!G`^kvvT$^&CM!_^*M2ec*h6Z=~_Gle@0Xwt`E
zj^pgfN4NPy+)Arhw$Ht#CkBLXtY!qw2QLFmiw-9wA*EEZ1en;Vi=#`sb2c=k8kk1G
ztI!IG5qB22_DoYQ8WU9XY4Tk%^*kjC3ewL2F?pZa!Psk~ZZAZLFND>t!bNqCLP}g&
z$?TutwP%=&okNf&z?Ox}Rb94i+w8J!ciFaW+qP}nwr#tM|MXkD#YD_vHYegn<SsKZ
zGcxZv-^`d0$U%i93DU-_#p2{k2{iOTuCc+kf{7*U(@@W4=faDcsfS^!F@JYQAc$|x
zRB=Oqgo(rm_v^;irpzex0Yig17WM7ZM&Elg9b`zp^qOHY1$&h*M<}j%u0H`Bhp{_Y
z#xlVyn6@XOZg@Jq6L9b(9<OVB1w0P=?+o3|&N*{voZuM&?&XOQzbvi*an`rC!QEH#
zg#FH<jsWvpY7`4s)EQ>QvcXZkbh~@@<^4~u*d&?pl2YQ-!lhd;nvIkjDjn5y+DC8q
z@vO}#TBEKx)F)bqGEElN7fn+j^uuPH7YoL)Q0E>HxD<D-)lNUpvE#S4A?R21*{6Yy
zlgtOj3n`YN(;Tc{n;cP2_6XR?6IZP=ihpd6|CViBytEj)njz>$Y$Acas$V9bdH0rN
zl6<Jko;qWUnRekLM<h0&<ZAirG;Msr4s}=hCyf|q(ndvTs$N*&4kUpNJP(KAzdt$U
zLGZ<ZqXyAhQIwnQVtt$Euw2&rpb<`b8A9#BElg%fje1?Ge4k8c|1LH=;G5y2k_HSV
zWo(D0t<zM*d&%h1K)WH7MO9H?7GA=&ULY{2PwuF-vkS3-!(TS+L~TEgDM}4>74Z<Q
zi-iePNZZaS(bHp8^SzHBSBZK7M^#xXuq2RDhaL>Nwt`mdCTo=qKUuwtGnYe*Pn?;F
z|Jd;xx{A<nNDa*FpVlwK;b%qWe1i|)C~JXc-23e6yzMsI={wu`bO3DI>ghTKqV=+u
zX~&h<#cx9f3qR#%&^jaMdF-h<QTbmEmp8__C_N<217QdS!;O&<^r|!S70W){V3pq=
z(E*D6`{#WqsU*NmcRZv(i5aIc2Dgp2fUq*2HcvJ${c~)<$!rFJcVy!j$`-n{MRK{v
z1WnVKUoz0ItA+0%CA-uUy(Gwdfxm|@awHXS`Bi9`Dz@LfR@p0(=W@3B{RYT{ayN{T
zZuE4*Np8ftZhkW0H^mx*o%M_l$yh5H=<wy<Mi@>hSIL}g3H5}aHgWW^%9T{mEVvbk
zk)p8;=ORY~Rp}eiT6&$rs&UnvrZM4x#kQ6y<J!K@$WQFcy@$Q&0N`B+`~pt;Mh)Q@
zy}I(aTE~N(y9)6}blF)((f$xr{~;djnS6|^KXU(^)3H2H`ZqugaEKSVs&!&LE#{l0
z>QK&<@mr^w1E(`{Qvw@^56K|q|B||epf!Y4P~f6p@98P#(bQ_{*h4RXw(oEMO~6<M
zQWiL|uRGV6G65Z&tD@iQhCKYa-GPJKvEhILV8e4RPR3eA=}3xe|Ii7^=6MU5j$-O2
zA8$h$8EN`(X)J9~$7X2D-zXG<gp?@7MgkZ(>V>O}46giHX}nQrW{Jsw6Gw{z{Xzht
zrNV&0x!U{#vN0FV*?3~-dO;iIYjppPu$;tqtIbnQp30nN3F)Nz2&<!Ld^1gCzSlxA
z0eG<gz8oQo5{coX5=vIXW41UBQf?~DH&FH|L#?wCOCE0A)+wJ963N)2Gh&}7!-_No
z+zu7xW$i8Zz5F|t|GclhIWuD(q)Mva1C6Z3n+A<aM6{d2Lzl5xoTc09@*d2>c{lxV
zBL}QQKq-6@hW=Xz5-UN#6yN?v4|62K8#k=wbkb+^Tt+Fz-5EBPB*ZLDDQe9UrnlTp
z=d~QTr&qHj{c>x=<q(8w-e%;a2^fEx&vpGWv!|GepS6tfg$%M4vOE(Op)1Tr&ydT|
zgp{?9KE|dsNbf~vGldgV9pC~400S|G?p*1-%h$3$26Ht|%bj!t?~~G)4fFSIh3lM#
zf&@#<YiO~={^tgxuTJxDb@7*c2wTiqDFW_tMUzmyWjGCDOwNby)p|M+D~*rc%(ZNI
zFj6AIBS4aR9c_^^WtQrGfQTb4vJ~Nc(0eefe5$k`jaF`Y7S>R+hKAa3L7TFEKnB_I
zC*#s{G!ssLvs8AlOGB$h3_4A9PqHnBfdnTV8<Vhh`gx1lTawHGHC1U3?wdm(B^ivD
zW%6H1$+$zDr2$&Q&G0Z)(>?@yz0Z>3F10C)Kxk?OBJ0_vg_Qfka>fidB<Hvwv#<Kv
zd^b+Mpkk62X?pnJt2HYrUJm|B02JstC=eCb%(~wy#xgc59iO&zs2)ok^BoLhHYt%N
z9jmI$(p;)3H87=U-VLfTi?Dwmo{Grlv{mYqBfE0D#8Rc!?VFwroI|numHNGlh(EXI
z*P^pot@Zz!>u}rt-t_jF@_U;ZfRGyKU`sqkpgG=oFNFV-DmO=wn()bY6CT(TybXRn
z^rjgU@l0z`EC{hqGuSEk_XXAvejvR;(Z<8VTI1L6O<M9enn>fUGe}UM?Wn})hvjeM
zJ-gbzl+iKeBnnTv&Y2)eYD$D5uP^;IMx)rFB+n~uN;6fUO69e!Sp!G3q3<g9vy@p`
zH6Q*Xh1O?yTBlXF7U?^z_agVY_S>N)9XUq2OKsg%(TTPLflE|Rh~k+ct?PIVnkSk^
zshftQg}UY`&1*n<R5X?NopdEs!X@a79|GLGS7M@w!xxZ7)|;V@n;8MtuN3LaBJO~a
z+xug+Zi2jV_$Iv)42QE;>G+H(ZvLs<*RNqo-Ol2qFEc6gsKEZO@<bdM*+G2lCz*t~
z+y^K#=cG1@@Kx5M%x+ABs661C%XjK8EK)#7AB?S>j8{#MHP!ihsh(FV?9XmOCc;I8
zLwxwj`a*tP1lSdwW@t-~c*I|@`LN@(F!}ZIkw3elDYDqPnsq1FanlliO4C^Vt0{$z
zCj`pKko)fiya?(3mN4KhIbm7hOTNWLlPD%Z3Zo6JoLfL1Auz$yI_fjkCZjv5#sR^Y
zGj6Ak@RDtLmxkSeu^%|Q%Mwi{MP=?Yt)W%4z`P(5>38bx3j(&0<K}~J(_T|xAv<B*
z?2=xyL-ZZ@1fP%fJN2NOKIw-S{Q~#~%Pr3r**hgRm@PuK|0Vt@<$hzfZM?a}-Q0NJ
z^j=-C>3Btxj>vF(EnoPXvn0h|!3Glk=vO6m8Uw3EYONZQu+xAYsALq<IoKYegT>&W
zDjK}!NB(}rQDyg9jQ%bBnD&GXuI!8_Z|>A<+rN@rXiF6Rq%f<7<wP|nJd7Rh;bk+I
z703Cqc>W_j%>5Pfch+pdBp{vjrAX%aVH@NXI;XRjZ%|+!rSVl7@tyWMec33!6eNXO
z#+#w+cD2F1iBc%cE@N+Y(h67W5b_-&`s}w%qF?*N<@xJ(a&7=D9JZt8lMH>$K0%vz
zavyZx#Y-7d**=HVO`F`1^Uv=|`MshB(bx(&b7Z97*;reqOYgl)aM)1}Kv$M1OC!RU
zOd_y_bbWye6udN-WUf0KSwOvC$Ef;rR@0<BSPakeG|{+~Ep0yvzXg8gY4e%!cnQC;
zTeQa`NXq^!kDw#6e!~lVuM>C@=5QgKf)JxX>q<<sE<X8+s7<i0rfE#+v6sXKFZLvk
zI-QU1!vZG;T{J|cev_x4AGP1AIz-;s{2U8R!Coe1|6kZW4njskJ3~uoUf%!W^!{P@
zn7BCqTm8fCu`x3;{kQyI*gbYu4zB+%b}z$3A$zN}_F?}PanYQxy{oGWrQ5-Ld*|0J
z{QzHk7ns{G<n5gudd<)5p4DBKpWVWIk5Sx5U!z#AuF9-z4Z#exc}!y{RL~91Mdn2&
zdthVZl;5im?9npKLWDF%Kqz>ipfJ2#9rb+k{R_CpB!>G?#~}4QnZU;}xO<>Cz%sC~
z+4sjl4*78NKRyeXf6gJ|!MU-^+c!Y4fRiEo0zk$G5?1H?4}7r9jVx_J{{!8F*y!BI
z%F5*WnHZ3f{-jvSGbiHqPYy^R8y^{1#QpQf2sXYjsRVR9Kxa4R6i6x_t{>6d^p6P$
zPzI2SKQ@r6i6WVae|utgWgs)!j+dbcg|>G5H^3a}AHEK)3^*KWvLYPB-;x!`LDeKh
zz)#hm{q9570?3j2?#l17o9E|O8k#DS%7O}_NipCF7D&vWWqx<yOMU~eDE3ebd*9al
zrhwuV|Dq2Llx!Ls+p6>YOixemTq*}2>rCjS%&lGZ54xA0!2_i8`!&`7P2DRW?Y?f5
za|5%lZD|4aZylIlD;S}XEm*Sy(9bXAf4S-lA3Z5|f_JWCelT8k!AE)7Y5+$_PM`pQ
z;^=h$L7fH`I5?JnOF%~q$^2;l==sjVLjS@9a6TaI<{QKO>s=ot0LXyC>r;Tu7~nSX
zvuE;;x`%lFJ>gu<+YPJp<243rosGK<SjYl+Ta(1c1a$-z4fQdD0F$4p^$T3${aj~s
z%;>Xg3UWy@DVm^ZWxNeE6{LXoxQ&I*F04E-+zGsci5j;9;lf%2iOHb@4SmK(Zeqd&
zRoCpP^7I2N^1|P}@^A%TZJz;bE2->+7&!j|Ni);8FtffcIvbMcdMaZ&a!?eMj{Us%
zWbgg9WCCJ=Ab{rKft=ZxivY@(b&~H!re8+Bb^&Q&bmQoM4F8+}Ju`Cv_xAOBabj|U
z0>{3}{bq>sqyM59U}*%6p82<|!oI%q`vEDsi=$v*`(J7Ax)T8U@3~jy9~X&=UHNjR
z@zF`RKd`I;Woe*Xy$GNufIOC0{g&bE>gr?I>VRax#ysGaxt_hv@l(DJ;HU`slOXl(
z2bRSXp3wyogEoy9GySu&;<rJD2e%uhH$S=z{kNCIFGB^8O;Yt1;M3<k4cOKM(h_rB
z1!#HYiIPa;<OhNJ$K2GB?Rz2oNZ)xK0m{MWtt@^`&`2o)*4n>LNG*-PnAzKyz!@7F
zfnl$2;I{X%cFp`FQqcAX{_;<b{$A?~1^X>;2I}bjkGsds<q0hF`}N+BJuwFDH^bkt
zX9h#ac^H5!E|6zJUj)i;h7UVKGobmXZ`o-e&xyVZzOv`NVTk;+_pDu-@gLbcu9JUb
z@3_!@$jO0v7Wba@1mEpE>+(PB4!!3r?m2p@*uVab#Qe^}#M+g{1b|`zKll6Xdr2ns
zC0y{W4u26$-C@fB0%(CeoBT+ox=2|#v{~|J1bBCC0MUMH7Vik&7?v*x-gTzm9L&8m
z-{RDxZYBAC`&~*~|Ae{gKl1rcV8i_OKSMcxK=)L+zW*bDf70<)M0QuH0|>aQ-2NE^
zWb1?osK4rSAP?;oeF@x|_%$>Z@r@&w+uDBp@c$rSXo8A+IjP%(zFh@B?EL&Z^#Odo
z<3Nu6_JaQb^pHV1Jm(v`5pd~HASwJ4UVPSfwTEtB2pYryp4#tM)LsHkfGNLQXCTCL
zXx2deY)C8zNG(zhur&9mQ`uCZB&S8ZG@~aAi4h^XQrT9d{m5hMM4<Pl?@aF{sz*U)
zWF7q;ly7TjwsFvgYCZKV6l(I?7&P!!*lv@aU-6>g;*BfkD&I>c7~ax666Ns4jZSP)
z8l_9xhT7pkl_X(<*)}-{2{K1^=4q0o+$D5<eZpO+)6DFKo7x3k^!bNvD6}%IK|H;D
zf5gNwpP}e|GZyCHM)4B@8*XkzR=(Utv86vO8V-3o=B~OYnvAmh<AjF0kf;9b;ORfr
z0SX9Jg<=6R-$B=ZJqx8?4~4QqlMvpH9DVB5TBA#Fy~udIru8~e<?~?36JK%SwVZIG
zgDL*Fe&b+8_jyyMEzXghHHp4-lvI-BSh5EC52Cb$xJW5#2cC_Brf}q7wddI)dY;u8
zV;rYj{j*4p`4c>#=AH#W$l(sIX`k>SucCV`#4}|i)PWgU7G|O&t7)hqI3-p<lZ&R{
zlYYC8X(Q)Us|a^Ci;w`b8qaYs2e=|pK#ZdGRvU>t9MGeZSd-+?RteKLsZf6!9FH+g
zm!;DQ5S(6}1a`u6&9%#fw`Q3OCP-xv2UWreRc)b_)*FuyVoKH3#B=8DKeZ>5Hgdes
z`4w1CW7@*sHJhr>m3)!drqejk7ikIM(u{u+jRuZ>@Xxi#V(NdgkddmXLimtMQOa(V
zXLDG=LXE0vAR}Zzo4K^f8&GdJfa)ggo+~V>M~MeQ>M=Hg`hN5D{r05BOIa!Y?hYj1
z4nO`?{g}<-<bjjTzqBRM2{D<e|5z&@sk{{_s8TJjE1vLEnm$$N@xa=E%cLko#pt1r
z`x)JkG|rIEdHaWtKB#LD-eX#Zy0(OgFWZbhsW7ns!q50K>1P!7Ad?&iV4P^tqsE?R
z)zPdO)uJUtD%Hgb3i`-{x|DB_2y93yIUx1>_!7Bj@MdabsSgV_{f%T=fz4-W)xGeb
zdG2IdS$qyy7j+w6>vqc~0pePYEaPFxnjD_^i6XL;F>P@Yb?{ulN@6Nn9Dtq+_>DEq
z{g#lc?-~O6j<F@#a}K}4sHN83mEA4PhbykKEB*S0F!9nsBhR@glBZ_fGE2o-i8+Lj
zQEA#>#fw}3G1Qrd^+-!^r2{qHY|^8z6ca)|tXeedCX*U3x4_q=<VyhSXs5k1tHyAm
zb~}$Z;nyApi{D(QUd5*59E$ew<xp=^U+(xwcZZqUgk9+x%90ee?pu1s-DVG-xCSzj
z7<0?r>mL^8pF^hIpxPD@;X^2p3`$^DW%yLtk_dho_FGU`q9vUUU&^Ww_tF_#pj*=|
zZWtrDp-mLDww51}p;`XBh2v&YxCaeq*6MZ_rWx6>5)DKEU_oYA#{{d?vzMEw;2DX3
zp*X7$zFK@K^itE0s<gx=L;>5=E_p3^A%5;FTbOh!Mm93*<$`D+=C=mVbcW$c+OvOc
z_a53(pi`<dA(o7DCf%{zOG1BLb$sph^4PgPsQt(AGgm#qqL2(;4u41OdtM<v`gkd1
z4=O3_z<Js7OaPM9=e}knc8!(AubT;=^kq)`^>rn-#!r;ks(+;k{23v3C~k^~Z}BA$
z5St}AI0)Ir06xj&%7tWA<GwU>+xHRT4#c@F=vi}>JMIj_%W`EUp)NYTQ4cNT-L^HK
z(vD^NU9|}kejHrajc^=Hoc~4=K|IMpV0*pwky4^*5xo2S(Yy25e9&g35k(+;#w<(=
zf-|CeveQR{tqY3#oUt_CRoIU7Ha)HoPXfPt*i`%w<4>++aykoki-jL?qoR88044F0
z*0XV;JL72SlR!cWb2g+Vw%w(eNiW`AQ0^@RE8sMEm5ZnzWjeC1U@<afn0fIe8I1DR
z@~ykZlSE$2B8yu`=ZMaRfaAQ9!>A*t#!=goK-EPnm0sKy$EhLjXrw^Z9Hb$5lb=qR
z)-EJQe#Fjq2xrcm$(JAbP8%0$2uTMZ_pzKH(>#86`pW?m=xFl1ob;iB>G7pREK0UH
zaLMMQ6ZMQ@!@kB<0XgpF*GO7Y9VBV3I+*k27Yw;%RKXwOFBz26&7F9UlMo{LmNk8R
z2qQ_z`+imt)<9XWG)h0z_*UFnk8JP5pUU@_Q91BmYA*>pR}0f`p}eGvff#dcf1tHg
zEuXK#9)*dE=g1#d<=O3s67Eeu3i~JI%F^y#7R6hsjz-}h!@QcklN`!(9q2GR=qBxq
zFHd7AVCUk>i|?O=KkaG3ICwg-)sq)qsh<4XIX@5(;iYVHCC^bvTH9N)mE6i&XR|v?
zdr&T1@fa<-1U~2Q=tymNb?w^`(-6f*rrjly2FS-*Y-cj<LJifhk}`|m4sFBjS^t_v
zVd*L-az5%LN$0TOtywuKt0P-75oqDxI854Lpi@kULW|f5C&+7XE`g{piD&I_)~+u2
zjc2;ReBn}vj%XcoT~TBx@KALRKJPPzC)~jbwAAM84msl-1)lp~tJgfnpqi`Y@~got
zxc$WXT;5>(Ih46X*^G1R^G;c*YWrSr0l{g1`IjU4;VP^7({Yo{gsjG_7c|Tp^#CEe
zrb?EkM~kHYpp<+Fj{w|;e$*yLwSz$79nn|=mIQ@(AZRj@gpGY3QN-~)@VlK1EYpWI
zTR!g9XZtWgJZ88>o8);>B!Xnk<@on8B|CNFhk0A)T5m%4KDK@C6npahJ0ht?YHimE
zgcLUU0R!!+5qY&k&UreIS+KcUqYHj-=ko`>xhaY*N_n3}6ax=(;1aa;S}!UXlF>5?
zKctJDkwF~H;&MT&FebCD??iex+mFdi!BPz9iOvmEYMoJZ`9NF`Sbd4evO<_VGc@JQ
z>vn{jk`g;XtAeb6aA+?fE!N*hE)c0tl8$etYijb1X2eA5_NXlH8%uHVR6^&A=r3?R
zEX{s%c<G2$kC<i#cuSkfL%|4QafM8M*i1xqpY5^lA>SyI7>aFtw*d$6Tmt9akT!S<
zPg;zfC8!Sz4d*J94%1f~UZh_AdV6%g-s6a<Q9a|zCsnFl%2HxM=GAJ~QzXj#M;s<a
zBASIi-_hzqX~L?sgNHJ9V{N8kmR39NU2{rV<NIA9@G$;3=Q(1Yo`SkdQ^H6RPPNZu
zp&y$m37jfabZ%o>gp^r@kdDHlt!Or;`S*hSGJBBLj3b8LT)&5QUZIRF#{jC#=+g4v
z=<!=-RiY2umndZ1LVX%i>c}Gj2)o22W9R1Lp1%<6;*1{aHO{kr;t2hJH-G8avc`%|
znEBBjDl)CrDwcfZ?5EM0p&y}e*ddnRq^fisq9BizqS4$|F>RU*M1kq3D{$5PkQ|K_
zJZse721c`FAZnXfgUGU6W=(<fZ59eA>yB%tZTS=ry-0%#1S%R`h0lo4td$;vFp`Er
zm%c8Wa^n=uN^oGP&lsWRNj+p`A0P^(<Dd;;LDdOY(?vbj@})*oe!oi}&}xP3%|xlG
z`BOP3b!o_L1^BaA!4VVz%~pJ~{#r|#<I$)~TFPJAAq~%TjiG9wPa6x6chaI}3ThBa
z3t*1vs$SlIM{c^gWrP`{{L@ttFjjfxLc}26;x_jM@=(N%Dcc&b1(BuGXc~G}))62b
z20U2T;7tZ)(bq%hTwe4z&732}btxGx`!Sq#o}H{#a0A5&!dW7H3fc+x=)>kT-0o1j
z`Wn?f0?(Mq(r16o2VkW$7qS7OHuW%~t|noX_mwktJH=id>Q`Df3kci{wz;kRi1mV-
zSl*?M)(1OlJJYLgf<)dm(#Xz0&8y~P=lUGSw@Q9Qb;$1&{G_Wsgz`HwCT`tfW6lJb
ztB)OWrKd;60pZ~2a4988ga6J)n1cxkYN0up>JE;R<Ni}l$c0W`UTox5ylyR4QHY}_
zyX_a_H7j}quDr&jOy8{RPAz62d1Rwk+u%8R#M7lT6hG1LCdZ&}osP&%_B0`V7muxT
z^*1gw(4U-lDaS5H|BS9R5lo^Ob*N6~YK$^l06AtP&^IxS@D8IU=$$#gUsxVgRq6Xo
zhVlDYA#Xe_S%6TfEi#|(QhX|J&3gTvgj+&hxRiQaSgLOl==G72QYV9rocQF4<UY$D
zjKF3q{-9(_(WJYj)47!;I{URLVXAyZE6Y%H^cztZBa~>9kAvo}ksl+*x0#j3yf@%7
zJ>h<k6zA0rdu48bIYjc|S;%s<-Mojva@J+jaKV=7^t9&%RfI<&Y1Nw43UXAdHy6)Y
z=w}>O=Y5fu$aiE!_3Bs@WdV^p%-g(G3phwoVhCt;1YVp&bC3Y@>#@p<_ZFwE>mYRZ
z9bP|w|BuST1heZqG&nBcEOJh57f+LVeL%Vs^?fL;XF{V&_e2KuO_CADOv|Y934i{g
z?NfbRJ2Px_Jt{a$B&z=D?aHbkyOkwTTF@;K5j_TmM0gu(#hF3HdI!#XX{PzUEXBVt
z06%RttY#mpM}#CRcR07WE%WBOj^gHZ!kdC6>WITd4Bg(@$2`(8Ygrx`)D<G#Q+I1l
z<8m59L6GiRS?mG=-IomqIPu%lb}=H96+sZ=sFfJ<aX{zlV`nm;WP3v7SD6~N+;T5)
zX5hFWv;3K_P}x5W%^ab4`qxeIaSx}b=9MH8#Wod428++JC#-?o5Y8DVtNAi{U|i-N
zHFSsya)aBa>-)-c3}~apxz%{Z<5%(<mdNw243t<{4qs3KbG#aQP;)!Mvr8h{=_`f&
zg$-UmeKw+#pDk`szgRV_c5<n=?`D5;TvxsjZJT`PpeNIl5s?nOx6nsxf^9?5O4WsC
zLF4aAdx5u0vK7X6&;q}&hAIw_>^C+fWPGBCib0OqC%4e|y7MRs1<YTl3Q|ax5wglP
z)D>Q`5BUp@My0I-tvJM5!6Qz;5@M^WZ5tOEC1Tdz-Zp>u!|mmgjJ%*u+cf5LA^uUT
z-9ZMAYLk8+KlRs|fy6u9uupg!s<|{b|2fVMX(P75QQGUSkkz9x+=24ugL#=@32~q4
zql$86Rw)yarJ@m7B1zqV*@ED8JM}bjT6Q-Qh-4R*Ry6j|Yc?GT%|F!mYk>gw`gCx6
ztd+n-wUUuvwtZO<(&^)i&60QvIjnAw9pMjbEH`sIkx;Z@$j$&@5x9_aB~zW1de0wu
zp?qRE=U9?pkerx$ID_&gd(^Myj8mJ8N_*}N^UA>F`amp7wKD$;slZcg$cI_p(MWgO
zpM$f*(aqOF*2Y0P!e2}JQ1x-Zu#mgliufl{_k)@##jm}>zqLMbQEsCIYfW{)QOf&C
zk>h?V7H9BQrb%ZqWhc2MbM24yrr_`=^h1n3D6_Wnz}8CDRr-p3-(Nw7*j%e3!$%G_
z@#950^H*bp7K<FjmlFMk?t*++WN$B~;O3vM<XiN2mA!h93j5V_F+Sv7dZ)OG9db~3
zE8BD{zED?Ivg&JeUdDVd-hy9l^H)WSktJ6OIUW@cGY1;KXsV*)6u@h>>n<QEItWdm
zg}p&<w__&oGnL{BSls=UCXS%ltY7aafUh_!@J-`LRw6A`aFVb7;2(5#Dn>*SIP<n@
zHXsVmF`Ld=ohAw{uV>M9eiOu$f_ySA4lHmByEz{x&vMzu&UXyNY!Q}fCvG(MEwhl1
z8^nXZ>b+uy^ycgiiha)~_NzIV1>MwMZa99LVrGi9#kG3}18vzRpHLkY6Wg%fa1iun
zvyP#;UEzsne~!Cmrs4bCdRWUU&|v|hxszx#1t;oog@}#4;s)}vq%!298QP;bFnV~0
zIGt-W^Yw__f4a_PaF;LB)r4}r(<20`fNoHu>4qu~x`coU{Co0v*qumj4<aJZ`{eaE
zRy@yrLvg=8pa*GEvyD*B_atxklU3<_y@R|CRJxHLM33pp;S*7ZQ&k<VLE?J@_s_Rz
zvcmJ~ddkp=R{K?K2u1|*VT~ce*7O_~i|nXHD9A}0ya^2hYIjDt5wY7R#!X{%6AGY*
z2a??SLnBgcbsXtSCi-<G6Q(On+hS4yKvE)l6<=aMua3$V3r+$U$Np-tZaQpKB3;Kg
z6Qw8SqZK>2Z(=ZlpGRSdS0W-Ku&X|qx>OkGGFFY5;d>H?5cy3@v0uN4;U|lgeoTdn
z0H!wUalty~+jovK6|;PXXr#T`#1-EG&^F8R5O%RV4rtT1G<i;?;((3u89p{`FwgHS
z&QC0kv7jSE^Pj}LHy4V*@YWkDz42~g_68)Rz%A-9SB>ZUP;n7xm*0jj-x2k%oo%yC
z##gUv_~-;p>+-24>RVKQmzf?f+y2D6@AxZXg^6=OHT-3ql}>A%LkW*`Q#3}81HP9i
z+|vrCus(6v>>@}w?At?tCTdVgsPbJ287G7Mc0FM=Bpl4f=Eod!6&AnF!pL%$d1&rr
zyj4ufRmwL&^n@4tDCBSZ>dEP<zqx4nreS$P|9-ZcAI4REHS$r2zWo;oE4=}&q*K*+
zC?j_RS@?&r%kvt~?#?Z;NO_66Ra9@gah<2jdv_G2n{MvuV@~<;k0RzHmup@t5`;8m
ztk(MRFSHvs3cm^csgwZ72nR#6xeM75H92JKtNIoPdU#G=b3P(uD>DaPX{P%HjCoM;
z!{#(+C3s?9Xm%HlWId7h9y3q#Gbwdx-llbPsho4ZzaIk8v}w}gN%79JV3n=je?#m1
zHNcfE56BW_8<wVCC-_=#<%ms|axi9|+ie*V+0Y$(ID{v$r;?AmpN@{!b5%O~dJo;5
zb=MvHs+M|QnNVu@At!I2^%R2k#r~lg!{$zR3Axb73_tFvVOWIl<zm8cHQ9ZK*BY;M
zwYtc&ZKwhv%Is9xY0VUgq!w@t`CtQwL{^fsyWesK83pFGMfy-eZhZr_=4`*^Fe1#o
z<rUbQ>D4+2su?Emhl&qdp1ckE0-1|clX+-sEFp=~Cjj13BmNhTkFI%fJTa&OTXOKZ
zkaqF<AWt7$u0o$&j7LflBggy?Mtpcme}>mco3;v2Aqg5|D%h?)@>yw|`1BAMAI(CS
zK}irqH@9zVn3ih2euT&W(UB1a0mF(^&RiJd>D4Y&(aB=%um^BySy(u4H4r`EBA)gz
z25P8`sh1H(${+-OBJkf3;*+G)t|9pw)l8H}oxx0Bo=3>F38RwlWYMQ_P?Kw5l+k5v
zJS5g>8Ik9R6R9tPJq$%O9!bp4plo|+;-q~Fro;7uZgTxMjPgKME0GvP+{lk)pK*nK
z!ySbqKq$fp_VG8ZAP?MNp6#})Wn4sUaXI=Kpw<U$C29#QY<ugUwQg_W2M5uFWF8$5
z|31FROLZ62pi;%|5Ad6?)ZT(I1#H|D6wdXTP}Jqxu`|bg*9bsfP?)=OqT~3KQYmXG
z3sUAF@zF(ZlyzNY!jG}&#fv`S{Rb1|+4)T<j|p+~(Laahl^YFO>a!mC`K#p#)cKU)
zUd+w|?Ed=kDh-=ns_K5Yj-=H(`+0BiT660UAS(2FjT7pvWFf&_-Aa%uXbLl61Qua`
zGIchF$GwcFyd=zDHX5Sl+tGh3*K5~w+JN@X5Pr={0z|aqGL#<OF^(Yz1`r%5evcoj
z%eS;#F&Gyyp0L2t_)+32`Is>|3anqd*iJA3G!N*x=Ln)z_l!DthKOE(v0qKEKXrvt
zezZ5xmLhNdwa=zYonRIvg7sC|6@GU@GiHlV=}&n;aDucSUl+6g11yNC9O)n}$8X2f
zu@Sk1^RS8DNmCz;!49PxydUK4LsPOj*`ZOt*3`xw>BAiOG%Mjs?eHU@TX~l+c=v8G
zj&{Na5Mr39&$g{DpDFWJzGuq$lN3>V=w31Y!y)ngMugG-U5^`Ve)FAJjxkJ-yA)zs
zs8_b+eaK=Qu`LQGde>@p3iANcd+t!6XpYgxDT_sbj=S@L#c5>(J|)lI;N@q&b+ee{
zT$wA0ps<!SVWl@&c*E5-d#>@}X?eHXSc`r>@-NyF8$#cYc5$vQ!W?u=J`U+i_spDM
z+VOtFM|e$1l8wJh0lCCAnMeaD>>XlcTxc{wNEpNii{o{_p7FYzgGS!@I=9T*a{yhP
zpeLa#O>Qw4oxxm(et0%8cxE-iuVWsq^u`c86vcb|IcX{-c_Brx&r=P+U3j|q^lo_O
zi&j8p2dR*4H&lwlY_&PB)}>z@8h`7C>a&;-L5t4N&`b+*##dPQ+Vf{C(tDyiAWZjc
zpmq+3y3|k*mSkk=1-aB^R}i6;I{z)7v&dmGZ()YK{N5F7=(UTzeYg`j6g$96TT4OX
zX%`*b2W<-iR?%~oq*`yZx3(A<4O&<oXF8F1sbd4+>m2W6_7QYi(|rDTa?yk(J>>jI
zJk`&2AmTQSQ+>O}4c70nog|q8?Je=kD{MeHstAgoFKXl$R)j{erS={b&AP)Ts9ZEv
zLQ@K2OQfzMk3;?EEP}6XY-=M>1}$m&AjR}~>gcJfepE1g7KIdKZcTJmdPt*ch2=^^
zmQlTtiPRRxCmy--AS5OCr=mwGCSIxNcxf==i4UaT$5hO~3Ti6h`xNJE^~rATJVs=_
zH=$4>qWD9vR8Z(ZyYkb;zKq+s$Fm7lfjV-q{^TY@#Q0yvD%``22$+cAGEYvZFA_Pl
zZP{?qP-3dTO}E045=2MhSZcnv6!I@G-77@y|MJJZ?~@4d_Wm{rGXlYYtmM!H)VPjr
z(UH3aDACi65t%_x!W2C1?86o5$kd%V^QK9WM)P~*x1|lNl&**X?<^Q-3nnq`Qb}dY
zVE88llB>ARRTVPOB(LV~>NphQZzs%N#laSf@sZ8COux|bC!J)-+wmAe;7fx{%*oEd
zRr`Eu<PbbshWH)c{(E_X3>q37qu}S=YoQAh)&v`dNZZVDQ`bpI$yPq`uA|`DASyn#
zL`C$d2RRC{D=VJ1e}_^$O&D+FszL0ZZSZVW{FC7i`vnE5oNmtn64IEZK>m<llC?Eg
zbQ=BXKes}q6olOn!1*YFxNnwQcbh9$xZ>QUGzUDoZ86Z7M~;=FD0tH#s8bb>EBcFG
zpguTHZ7YQfR2+*Wk<fg|i)l&flJ)W1-@e3tXyQI*G3e?wfts@Bq1+H+i~2+eXVIs>
z3#pq?F+<dwE>O~vQ3idi?8R^*3iU>Lv{R^;Z5H_y0d$3WN`>X-5Y1rbg7Y#6W{-8P
z?879lE3f64x3L~~`6(*%KyE6jnlb(9x=<P3vu$h{Tnf@&cJ}duJN^rV;+23L`?5ZN
z{Cv@wDy4g)wf~de4%+?>9v<P`_F{G)b%li{rus6PxZsONSC5MIL6B5{ra7)rt;Pb;
zpy|=bHwEXtmMRlZT)oJtz{tbKJl)XXMnEVLe4%Gx!X@7UU581zc+<g0r1U(7B*4TI
z<m${cB%nVl#<|($OrIh^1&JB{JEEN}E0xR|{t)Lhxd0XR!ufH~1nqN^)1h(}1xSEc
z$H+LW%-?}x?*vaKTd6b{$BNdD1jypK_*%8aIP#haPl@=6k-G9N9I`%17&f-+vHNdJ
z%LlQJviN&52a$WayOn2%V))WqPh!DI@BLR`Lt3U(o1oUUBAT-{FdIxUx4HC?3pvS0
z<Ox>KmK`|bHMNZ?_AMfbSyP#`Hye!Q5moanoN$E=&{W_;Y+-4{<F;(UOHNA>_o>>3
zHdf#|?ipSefe7Q7-K)((pym6p88ZB-9fJj9s{#a{-axsp&WK%ZwQIl`T5K#W6KZ|6
z`?pMIh$iSX(W<^wF7WU${V>WiVqoH-P*qsr{-edadefl@O1lKy&RUmOi3?p78s3o@
zctJsxJLQ!Vc~xifX!g$TF6*yr)M&0Pk@cjPHE1eW$Nnml8e12PUNhc$aum}1{c@F@
znexbS6h79GBj-six*v8uQDJ=*Cb1idoYH8#hq}I!lJj5eI3UPc>r&c@l&$4X{L82p
z-nr8IA6%_W5L#*K4e}c+J0IZe_$QR+!EZ42Z1FAK@K@02!%Xp$4OoJIE>%c-e%t9d
zXgQAP^P8ybU<bo>eR7_9+n+Z7AtIiyq#_Jbj!9b3u>;<MjG0q*CNsAN32Cr;s_2z!
zaOgcLr4`OndykHE?+d!_BJTkY{F{axhbaGY$(qZI#O`TNU=I$e{CnlplJbs8JZ&|O
z|8y`%Gm|;<f_WXiLiU}-a*65a+CudA$_Xaf>f9H;<91+%2zg6qbeoFB!B<D5q0kP0
zUOS|&>8ZGtIay@kl;k}anMe!-7)gsM2ROt8st$&x%G5pJsOhHVq`BFy>V^}Pwh7w|
z!Vv=;nuEx}o+~5Bxh_Q6qK54pzRBkvNIl>kEg1-(#b|PX?Q+9K^dWLZB|N9QHs|U|
zG#+*bKh}A+6o)S2Ez)lTdXz)z*>Q)#m$<lWiojPCcmL&#Y^NkUq1s+m%(rk6@z^q)
z*j)FVNWA#^a=nV{<?tS_kSw4^>VaYYJc>xf(uHwV>qPc#f^a26J6S8i{L^5v+GyTg
zb19$MztFl%5gOqk2|Oy-d~QuIV-IiO1}m@*hh~FE7lW%SUHZ!$zt_*#l&6=1Y&Ma&
zT!i`0Qo$rz=DVN<#1~{!0!D76nelchtd<P0<MH3?-$NKzT9mZ=(z^#?GxS9N?ivN~
zqlcH$rPZqauM`5NFVc)3`YbkiC}9<?^O3At3k>J1EZxfZ6PA5urfv1r^H^IV7!AoI
ziwO{am@YD^t#O()JMTM-XTD0m&y@o|Ve;FpUy>Q1%j-C%pcDmPLZ6B6jXC_?wD6uu
z!r*QZP7_aB0oVsx9qN|k291#c6`wAFuc9a#s)ki=^tfbmVMeI%=+tDRTi{;wv0txO
z>PunC<x5{yyk}sl_cWKAK#FKf7PuG$fmW@9(dYua(pgfu0nSX|)S2d?N7bfkkT$&^
z?=?;fS<=E-Y5v^YOAWPOIxr1KKXV44p0<C)w?=xwa%h#I){A}gakkGBP*If`IYA;k
z&hnqTY(E;7@#1GBlyAiA(xZjdEzf*4J|Jz@GUx&uJej4k3Yb2`(q*Hghl#|e6dPSE
z7~=zI*R%}C5{9Nn39~I$EwBYR*mQE$4TK<2Gh30Vdrl&VrDZe5kBtocqGFrd`4Umn
z_DZ5dyb@g#t8fag`#(mnOflwStCoGIc4Itstc`4{0<bl64F4HY0v<ZbRrrv2y)<~j
zd{22wHp5{jO}Qg+epP{WJDpU}nT@BMk>9eoM|Xw{L5`L?=wrC`fKW?-anxi#NQ|*`
z`xhrGWcvWWt0F*}$I!RL%*Z%el){RCLlY|C%8~R8X0g%^qUCk)ST1cW%_wwMn6?;-
z>YRmTWhOL%9HAfi${=8JA4VK^SlV5X@R0a?ly_f82|H@%n6z#)tevr89e&WBUGWY)
zLQGcW+0FcN^kmS?YLdsY*px%#4Wv)HQB|`LP>xo4VJ)&ZVb?U<Fzv?Nl2fAPKhlZa
zVq0kxT}6#Jd8_%$@+ZEzdU*RP9)k7uKqm*x#>`Dfv9QWPj=wt+c943K>tiHGzuxYF
zZO(VB{UZ8wSlnsrX-rH{pYt+gwn5eM4FEhE;_b`?7~P_`T5<6Bo2`9$*NL&0<HmcX
zXOvkkcfrO?5}J52MS%#qJ+G0dB77OWkme}=I0EJnYIdhwP$C(V_Zt`O@{yPsPR5H$
zx3VW@XJEO4EjaMmwzi>b+c#K~Y*)B_qY5;WW*ff*FU1nV)F6v67NpNW#Ac=btKF()
zGd8hAhh%Pm4%U2YKOs^!9AEG3tY=f!P%)>xppk&(5!-qO3f=P(8kyv)7}QHP_7o^o
z;Jg+O{M5<7ora^%VqN}7Zt=o*g*-w8M8bcl)WZ{2jMJjc1oq**ft%Dbx(vP5BGRq%
zvaL#G<nUh`Y>~%jMTRu71~>vUGeh~N7p&!7k)smZ>nmQ4GFesFNP>DoIzuL+5@d0;
zS`f`F@&h<iQOD<r#JU-85@DDQjj3}9TqXq3E|0Tf^8TQtnZs_j%npPpS09F@3C+oE
z%+y`-^SH58L)Sgod)ePDRsA*=!aVCK6MP}XH1}ArR%OqAvnsT+bo!;SP%3!j*t7yn
z;iTRYo+zwgEr|JqIO$Z(Z!zo>rk$0GzNsA*Z0}2@?K~o>@Zm~*WZrK*^H;I`0?KDe
zjCAei=mpFdZC~XgJElKmazA1oWtpR^D4ri3nNVC7dfDtMac2(fJLMalK&oe$XP#&}
zf4_`c9HzrVZnT@)g}?Mf1Q>J18gMSw^82mR!RY}nYKIA3?{{!fJZ&a6?pB+Yuw171
z^)i*6Hwn=eb@N_!x`8rD%h(~S5)T!Q*H`3DL4U>5<fJ?F>EM49_Ct}ffB9fh3ue5`
zt!`f&m0})tg@A2r8+MlwlZ=EHH?HnVptnjt?DNQUNqC%3_hFvcBNW<W4~~=1;j)Ek
zp*V1*YVeE8<l$d`ODxlhArsi+D<&qX{Ux)y9uZ>Vm$v!&nCMR!B!c~nD1xBSVVq5Y
zHGHKHe9}1{KFp@jSC9s^-olT0w<H4Md8Y^98_qofNtbZIqhEA7N&u3*u7ht{(#o5K
zi*41bq|L0^6@sRbm!N2%a%3t{m%1z6Jm%6p%a`;ShPaIIZ=~D_eO+FD<zmaHRE=K4
zK6kRG3ObF4SbeX@AVJJV0DqEH<uOF#kV$yf$UlmxpwIDSgWe1CRd;<S5a#K#){+t@
z{>1E|@ZVD*i%#yi+D_fWN(t^*@)+*0qaZlV3MrPG${$JaWvj;0P5H!@^eFYLn{pRS
zhb{%(2rrRsx3v!-;LTYw9aKLc-pG@@_uy+}+|V_UBVNf!nIrljy(~EK?l60RGo+x5
zvZI0*kVnxGkZ<vcwTk-`A|HM#xu}W}=*1=5OSG6s=_!w_kChr$(MzH@mEV$6`xTPe
zdrmZQJu)PGnrq3tQ3=3}F~6i6ax_A?N}_{jnetxnvk6sc&xComCRu4$>T&ofm5?Wq
z>h(6h)S+)oSkR=5w?UF1!e$ojUrw}*m}yCMI~H-P))-Q|d#*&=Tqw41N^oc!;-gVx
zB^NVAtF1$?0B3RNXo*)=rSerQOz1pE+)dTSZ%}Ya(f8~IB_)ITEhl?P-1y9tF-xup
z>>LU!k9(l#F^glh^@XA!%w(=fHg!<po?xyrvUiTXJeaYs#_8R-98=Ecc1P%w;KX+G
zk2jE#>N)+h&&~@H$>?|3KTrGA%f`my=(VQ-HOba!*f$JTx}n$FRY-rdK6;-dgHK^b
zn@Zom$39Q4fHaapMX9-xmq=GMRl%1yt#5>7ozHh@T?BorrB$s8YEcLFl%>$^3(ZG}
zys<IB7fQ+E%1~n)Wn?g@#d{tzQWnSeEwK0$hcuSZ%+&Qv0u&R-=9;-no{GfImENL!
ziro%;ob_kzt{4vg)*>k0@R1Fecj2mQ+N4bFVHT&|s=-#W@KW~Bz==z%DSzxwhl~fU
zZl+c8*SM2P&<TH@QC?Fv5rZH(Q1RIWA5F?HK^5WXAELw|2*qC4@z*^KP$1$0f~%kR
z!};6SAZ@cYwAz{xHmyTXP1M4SZG_G$y1#R4?4wUP{~dZrd9NTcH%e~t+l}H>9*Yq&
zUJX}E1iun-yHYb{n=oYazwnv-q=yQgj;HU9(CS7L@{pTGKL-yDwBll11trr?c^V?J
z^Z^hC-VWJ;pSanmSI9H$Wet{n`~gF`)CG>~j(aS!4x7ZUpH73;lK8@Rr?F+>Fe=;>
zEMoiHV3=`f#eDKLLhPzC*czR`-qRh`l+b1X4>hd;9>N=z{$bRugT9z0kqQ=0w&ZG6
z5u0^pzJk@vQ4wA=Hs*P$c89!faM`a0h7g$B6Q@OS!whGAx}iIMp025l-r_FX{mv-|
z-~9mc9kH0%!jWHuC|rkpg|kQ9^_`=Z&i#k7gO};V6p33SjF*1It}rf0+$#(jZ*l-|
zg5DreS8!vIl-6_PDexe%6gzc08fq@4#i9p6nrB(`iuo$(nrB|r6oO`O0nZ$rgq(RU
zr~9l^LlSH}5#>P%#4<kCxk7ER^Iydlr-A#2%EbC+Z@Iq`s=tl{H7h<B`Xw233`Lc8
zJ{|F_{2H#*{Jr}jv<hCvblXNY=WVa(t~Lkj{k!%h=$*L&9qHd^6tgo4yL;OHhIEUk
zGCvkVJ^R)pfOuT{DtWhuh7TTcU$2w;w|2UEyOWdSE)=iILPS;_Kyj2<NDS~vFtEo1
zX7VW9lwvwgt`h~VWtTCkmlsM%;OFN6NZwL|;{FMIO}_nL#g&Ad&;GH-qRrpnA<n2{
z_RWkNC9%d&TO`t!ISqZad%2mB!@jOlF3=0@N2UI3>T<sa<XLOKY|2W(eWx6?eEQ<L
z99$=EF|H%1{!BI?^oJiiTedsk-J)BxU{y4iNoN>#C@-Uk#f=tv=kVBg%3tHiZ9>0E
z`YPd_>&`uq4;5#wDAdcx<CMfz)H-x!6hkuPk(|=Y3P-u357)eLETn;`;f?+sZlCFs
zuxf4RA^D~z*O@peHMBPIydBW?(xL67!5s<U4KV=5AYd;e$`&P-aY*e_f{x@1xtQI!
z=$|<BxBZBJ!W>cbP3}bES2cPp(VJ=&u9#5=^pZNkY-#&1DB$}Bb7D3PAx*KC*i6ki
zO(NAM3NGk~${AMcdajM{%PmaY1O9f?FPH(znoL&Z*L1s0XkYP6W5_>XAqRkyFU^nb
z{StLG&T1gZ<56sz`>@xmbg<Z5fow%3IDF2GA-%)Uttt9_=8d&@nhwO&%{Lc6yQ3bW
zisqJ)5m4dJj@%Mc7%2hlsRSf#v?VF2uhny4_x*5Y;7xVUVJ-8P?+oys^lzq{0CB*}
zkx2l)5gU~C?v0N7%Ler%5cWjLvr?BAs{wXELc|`2Yx;JI>qsl)BWMVrDiFI}ag+Yu
zb^Q3?F(SWROCAU&5k-cmZ5)3&)`fDINlNmK{_R8LV8)3KBHvsO8)~+vVF$*NtAaCl
z9rv|=m((?S;F?kCg=qE_R~TFIm7z&#ATXe-?0k*}2RJmcHY>dBiyM2g@;-OqLpTh`
z#_t1Lx^;Gx^m``jFa`yU@$){_YB2rzWe291up<%R+2A?OWrKe-diZhBDKTm`*00op
zy%gaMv!q!lref^s$W1H>qgsEdk_rWwKvr>oWt3;4BN52tl|yl(6XLCpsBhCl-FeIy
z{i2sA^_4>9Sv(233S)uqOvFl-Mbi3yrHpY;GvTuZ$x*viD2;z^yUgMhG#Q@PCaNf-
zUYUEZW)fh?W)`<*AU8qH5fyiV$E+UqgSQSJ7Td!{&pvc%A~KKp`;Z5bzk}_;c5Ddj
zQYTCS?&}zHelqzBz7XW%JrdCqVj&Qn<qMWZJ3Rf9J~?aD^R=1Nh}N_B;gmZ&M{bx~
zRIod7Nr0!DlEf0m%WrqXG{hvx;}o5rLimRfxU|J6G_Nu<pV9(f%SOyfQmZ$_b9?vK
zlU9U24PzQz)_S@N!@hfo{n1HbV$qvgzsYxq0awMektiI$Qf%cz!}PmjIr*EO+aO1z
z{;r_H6e8J&QQ^W=Kx$CYc-dOQokOEcQYP_26Wpmy|3VW&qI&9-)ptpX(%z6_O|YBG
z;Zd*YTVRubrF81#AVRz-(rQtqv@MaLjSOiGRAA8rBYeOF_bR?uezq0aAY;L^b-EY<
z{?_^#NqjQbeeTu_hcb>H&_lT{uW%0fK-g@o-hj@*-^ZSKXbJZBgIta2iU=hgUjs?P
z`R0Q6n^bdQf_W#jX&qLU#=n}#Seo&^y=21fOUq<DoJhnrdNm$ISY1svE?9us#Bs2X
z2hI0!e2i-FHj#CfSJ)TgAlK_;^ODK~$236#0>gQ6fQd{P@tz5^Uc!DQOYZh%_FzHE
zU(h-pk~zDcR?GR2kFu+K2u{Hv4`6;<L3KMBNjN(xPX44sptw?*HeO)^r@c_kw+cJW
zC@>zA@(!e>JSpM9@PEzss_+M$?0Ih#iX;k0l{0URo<RffL=khIgmB1GHm|#PG`}t-
zvj)@0Lf7KGR(pD@ntp#=d06`0+CS_JM9;E8Bi&%PoZHyUbmzl`=*f?fRG`0QDY~jW
zR_GO_J|^Ga)?kDj@8WoKaim1NkYRSsI*EVp;%W*w!c#=yDkrYZ<}(b5jW7fi$BdCY
ziGC(;s+RT*s4|COpId^Co8>_THul2R@y{v1qh;uFNB-_^r7(G{yWn*;;s8W9DIH#L
z;0bYtcJCwl*iueQE4_Jp9Ss`iWjFx0YKO{c8TW%%5_J{F^*eLU)KC-H5gmQCGkaXt
z1TSgnay`QpC_C5pV~_W<*-;exKGKI;mxbnH1n*-T&7(AQIoDv<km9=nzCQ;UVQ19b
zPT-9|SsrG!(xFijN;}7BSiJjrenw!P-kQiRiAO-%tVV9riN*JF@KnfjW*p%+!o2s3
zRij(%0c-w7{4x6Vl^!d?Lb~gFNmBKrGY(@s4wp(88hkUX4mm)mnBST(EpBF;=A30t
zmbcH8lRR}(wMdd+ppS7`S*tzl&^F+DQI#lfRyE0+S=yhN-7B@qYWxF6c&iGWvGi<W
z|IQhzUms>mf0&hN3lr~+^m240@UJiW;J|V+YP9t(Yt9OnFsPuHPHzJ@UMVWQI~p-r
z+U1T+$BfF!$$W)LkBUCQ&4{EQv!q&6yK$Ycy}60PM-IKE^Nv!~)9t!_4b%U^@lyl_
zE}P9x$?z_xFa8f>=Mbb>u&vRu*=5_dZKKOJx@_CFZQHhO*I(|k&DU>mBi`T+-XtS3
zCmCmuu_N<*doACu2DWc92vaeG294kIgxuRL*W;Q3;p$e37el+>ou6fD)9#Qm%X0)G
zZEGrmHVw-8IF)CIXl-RmZpimZC50E9F4GpL93^41&1`*`;QU!6VdzkT>n6XaPSg$U
zCzz4jgX3^$UGv%y2F*NdCk<H7E`e-l5SnQ3K}qzA*bnNQv=diksNSk!4{if?P24DL
z$Yqz`rLlQ<^-L8oC|@&3AwyyuFZWV0CH5B8YeboF{lBx0vW^<7uN!&#G%Ex*5W{og
zTz@4H^CQTneX_|L8gaG!Iqw6-ZgcGXtTL4gCNB8MZtKh0JgA$UnKbpZ)2xaup+-Xv
z@v>un5{o5>XBXT*m`Xd=fH@TyIo4FzX|sFpCZu|A4s}Gcv>B`z)`-sP&Rg97E7hp+
z;`CCmRR4ZX$)oXQbSuU#;9OsRu(s<HD5*w1L8)E_FV`FQqMNnTJYa$|2fp}3zqaSH
zBs)Tfek+)cn_H;DGd<73Kf1F#b4r(7H33isUjt2=58`QOg|Sj{K&sD7N0!W7sI6bH
zCpG+)`?9G|*asL|`5U8@g`d3NHaP-L#201IG!GQ+imTDLY=`@sK)l1j&+5Gu6D7#E
zOhjSZb(HVO_`8{#OW*T)KD<j;rhVXDNa4)#oe{=NUGn*WEK9AU%A&_KhU00fSs9i<
z__pP7v5_JE(8VJ(ty-sJsPk+_gFuxlCfUHN%nZXdFG~G4tT;}pOBl^}bgc6`HuC|B
zFZztzj6yF?a`5F$hKMW@^Cdu-{27&2?gl3BI%b&&QeJ`sdK&G-%){W&@}I8O5Oj6c
z!=)C)RP{s?ZW<meWORp`a4{R~%O}Ri;j=2yaTX^MvOss%bkL(-ZK_YEB+C8gG(E0(
z077n;chI~;!phqK8Z9#t17$*`kB3<UU_W7~@QH1!xLyV8RIkJL5$&b$0;g)jE`)f6
zRpGtiNoM`4pIKJGen^^CGE*<|lN*}za17;y4ecJuWE4TXvJV&dt*5>8R)Gi}&7gW_
z9=}!b4o~HC(N@y!`<83O9tY7J`gu1hMVP8Cia*7)dt>%D8BVB%;BK<IB+?hDm45?G
zwie9|ZDG$8sbwj&!6O`Ios`t^dTzJJ6Swzm_m4}9X@wBZ%<7FE4KL8xNsB^=AV-f=
zmO-e*`{PPreN+!AEJczL5SfE(HmIz5<gP^Y?1BArcG>yw1ITs6N_2~N0JF>aDq{UI
zTsn*)Yy7I$YqWNpowMrlDy<i&LXIt0%f%fv9qi(~{=P?5(w|iqTmkW_mUD6LT>+gq
zibfjrXO3+(;|oF5x447q3Fk>fm&2yC!cW4o0yGKE8B!;KaxpPn3f7JU$%u~5>{MMO
z*MGpm0*WE{`S#6<Nq5d!i&>hEtNpF&NXBCg6*(rzk5q{rG}?tkqtnLu2rl{c3W<}$
zsa`eSaC!!Jmj$QgQkkwojNO5rj8sR|>Tr`zdxR5jtQ*FPCnY`uRvPh(qFz^FSK>l*
z(-9{@yrKEtjRi|8rA0MYg?T2SA@O&iC*a{ht^_p+(VUm1lg^FUR$cq}K&9?z?q{hR
z_~v8fZ8Hkot1(a0DDydq-}W<u`;IV^qm`PYQ(6D;iX~Xg*C*fqL}%LcOO@p(H&}qD
zA^4p78cy>-?Z3z`^x1D#hkj(#{0Y!FCSl>N7M0=U5SoI{fppdn7rMYO`y|3~gUa04
zvzL-y6X8x9Ck)vN*5!1H2B@_5`jGX+TB$|d4npowuCfyX4VU{|GZI#y@7_;+zoBn!
znmS<(xe^lNV3Uv<7H^Ez1zIk&m+(}=?9A}zOngXx!R~8k<ng%twnaFWZIV{98*KTk
z$nA;kAEQRY>mqmjrYtPB#`l|*Qk~pwMfnOK!QvRMl4NoE8ne;l%OCqXvhEjulpU#5
zCQIfmtEp${t<221Nc332Xea>-`M?dFEf(|y<@T}7tRC2Z8cm3Vxn90Xk!CHCN)%vo
zW%GS?sRv1JmP8(x4s_kvgtp}TJIVDgc3r4OP{|&U&xB5pe(KBr*WowuA8O)^NXPOW
zsUD;6u7AR(9pb@|c(Hgxj&79eFQz?et3f)w!3&Mt2jyIc)^JXi`H~zRtwpDk{FT^T
zXv3s7BX#lSR*Q6~TcYJXQ8CuD071BU1We9|4je66EA=9!7pvU(N`k;X{SIkWx3PWS
z95&YdsU!C?R^sM1`IQS8IKDL+5(Om+wWh;zS;Ys8tNeBZ3!lgV-)r^21&0p=aT^`+
z%-f)t(iLm|oNSbq<_Gr#HHNW{FQW0*5sd_2C8upKcUM;Ev!J*rts1t3$(#zsDQWq)
zSyBNU+75wg_dkTOS=?Gd><Eus23K<uDdyKXul-TQXGAY&Jh9no&X;sLmM}~N8&6Yz
z-*~AcJM=A2GIq_5iR&{XUeZBv?{TDVRjrhH<)V~Suq)FM9e4@}eD&axz*DQ85wE?=
z1Vg!285Se^xmpZo7Y!Y)qT_v`C~Ows`%HGaCMnZN;I-KDnjycIwF|jD4l)S<y;__s
zO`d8YSf{H^)5~8O$XMa$DXET}CVjGZ?Z;;{r{$dep1X&NEI7CwY#|uxZ6T$EiiJiy
zNwQU{;^-Oe&+Pj3ntux_3p<q~=N-1zEmu!OUXFQu))M-r3Yvwewi-_qwA)Y=2{vU*
ze_f5;np#{=)v6$x_EjjhK5aHw4ART;lSlQ&8)U;8NTXQEv!qQ_)?zw6E7S&a&frrB
z;pIDKU}gk&x=u12y(0zuBg9iN!<CN=I5ed>&rK_MxzNx-+$VYNHalmJcun+)3<Z=h
zF?c%UFg|i9gY8D!KF(VQRIEr5@gS9I9bDhdY>!-As1ER1a-F=1mMv+SX2mj|SFxgZ
zA?XF{vPs)%I{jUeh)E3d2JE@L>BAJG!obKK18HC%V=>@r(&k9*VupYG0;MXUA4qo2
zqZW`jlZnotlm8}k;6*=uq$@E!xDrJi|BT@yH{y>`=7YNPXb5-{lh_ChBs??^=pE|0
zQT1u9zb6L!%uLL|5w;S6t;3aSDM$a5aOEd?pF$yn+G4~#1~9xoJI$&{9OXQ^#vjp(
zu^i(YGSMqD2d9Bffg$c5JI0T!=f3iOnBX0rmM&Ssw&80UO4hzNqNjgYL{efnJysyG
z5*!+df4#}O`VBnTn{(Nrh97zpr6Rl^>ozxb$acq(igfELwdEd}(s@|Ko&GYw!pq!8
zq%^~A`CxXob334tyqS*GrxYc!csyQFA|1;s1sEG9I=7JWkJwcu1@VMcGu|F!Wl7ZP
zhZF{4i$rq^A>fvZzntPuP=k!}qmSAu@?}gv{o26x#H=1q#|bFilW8ADb3;f3IT@xV
z@TZo*zA_cuqmPI~1PO^)+t4W#4nFR^UK&KH#n>QQnhSCEvO6y2F(Gp?|1v>MlEH+-
zgBeyzXqXJT@ohO^Fv8k-b!G$JxZQme=&ygu(SDFApPKw~Htl5Bn79Qy+S15BXV(ys
zADLo`x=a&4mVVrZ)Hr8~exATcQ<bCr3@|%UH_8cSLlotE?0$Q(C#sznelBm?6r~76
zFM?>@$3g_s7LE4SSK#Gbo$VbD=OQeFtdX35;Y~bB_!YRy0ce#1t1}kyz^(E2G|}8V
z{@m#4w>wJnGTc#mQWlqHQWxBMi<X0oFk|9`Asjkil|78|7CxuYA-~x}Fbie!-dVC7
z*Zy-#cu~iY3a<rA`5^`$Bw07r!6kbNU(ka8@1LQgaDs1^-0easBLHELiA-_vBgQ4C
zXVGGwizPlG_sU?gGLbFC>Ce)EkV3rvsH2rC*l>$h0q$xX6L%nTFXf1;UQX%cZUPVU
zz$(4DiiQOL2nTAb7?bW>P89pIi9w0@a_ldfJsgL=)yBQ>!gQEl%OtbS2Qj)oeeAPm
z9SEZz?+cdMC_I+dTdg)t|3;}Il%|G-`Uab#{Ro=}A6ws>6*sdl;19F9w@W@Nbhw#~
z<zL1<`9K+@)Vu4V!eGw&a!MPeGSK@%Lf1QLqFG%LL@_(1_Ns&Di7Y~_tN5nBCuhrv
z4j8dWiG-;-;bMBXs`$}-p|Qv1oc`(;fkeJLHGO!zLl47|yb4k@Nxz-qN9L#SG3o!3
z&ms5ZqSRZGgYy);@e)K})ftMS$3!Zx$AV!R-j|njkjGprdhmKN{#i8WL##8HKQ+l?
z;`@C+Ui$UDoZ`m)gYz4$%M0@uuWhsW_f;G7wb{Ojrl?O?Wdg9Oc@B`0hF97%^7FD#
zSvB0%mGXrX#H{(ux}U4B#D}tbeUbV%3K-J-k&5`!V38$SEr@O(2`oUIa{Bgk8UfcN
zq&~&Z?5PwRtm0zP)z`OBmqS1Cx#EQ~F1zEkF13_gR?BjmvlY7Dk@v(Xe0U3VPrm?>
zfflqt+_g|&th?S9z^vY;iXblIN7VH<6ZeCe)Ff-Yxk>{Uh_|(<ubwp=yM(RI=DSfd
z{dm-}RVUQ`q>w7#$cE~m95CH;g_pPtEhHRJIy)F06r7!itu3aBt(BS-pYv@X(2QWY
zT#=hlq`s}Rav4`(4x7(v`qom(qjKE}c!!e0kMLrEd~C(!qfC$dF+EXN7phfEDs~<K
z!KJ@Fh3FG&V|!cCQ}0!lJ0C$+5HXm*1(r`bGJH1kz+Oe*t?J4r_Q#DLh76_;KSX?0
z*<hs@mQa;TIQQ&aw)~|z#sDAC8>~Lzgu>T6Lm&Ey^#&aiK5w<f=utTZo%y`xWV(cG
zh#4<QGJ!YZ6|nm7tVO;WL}N%r<yA$!ADycopccr~{vJ&Lq1$8FuhO)#GF#zf+5}Sg
zQE2}G{1B9Vd27{awr1nR#)v1P4Rdc#*%X9n+-4HnFNyBni_lp*HZOaVf*x$=bIjl^
z@&>`|+&e;*ByyQ|{%}P!ew3~5beQA?b_Eu#HQXu?@Q0g9B#+seX|8ka5oZYc-3%)G
zG=8TXgF-d<c_vhI{TbkQHRprY5@GX3*Q{P7tL0%Y`sV_rz--)WdrK64{C>B_+z&$s
zK~(ck3R(uT9L`PyZ;o^nR8){PGaSyz2Vt+LbaNF-LsJY6PvQyYo0g@L-<S$&I%;(&
zoD)#xVrgHvTRRE*un3s)oFM~h>RwADu5PrIopBFw0(2hm0S+ChAT5gK{Eg>yM0c9a
zsr8zvwXZ0-{jk(06#4a!HLQP&V#z;TJsJne@TF#0g%y7ux%6-g^4f>Mkw*PGr|*%#
za>(f$=C^y9gQUKUEHL6_=`bRH`5-=Gi%lOoRigM0a%*PweDDS<#^K8!%^hJ|*`Rmi
z;t4&E)d@TpcoczIw5|sZa~sFcWvZdGhS=EX5)bT2l(-&`o-?IeRAeKMetvdVz;o%s
zXLWhT&GTZ5|I^d@*w&q>P{Ask^-zwBm~n0ryr2-2K+Fzd%C-4`+rZ>aVncI(&Wh%n
zwzN`tatl=`(G%t9WdpP81ZQ)h&h4{!_@Pt5;3rQ0t1+?VR5b|?(|KXJ;8cAmk}W~y
z)b%&-gU%i_W*IVVQ{zJQj4EmGt79(Xx0L)U^$$x#13j#V>R1~RxTUw3EcxGtFq__f
zH=qRiO>K_|uM+M?(&MR<H|h|zG<FEz;Ly#toIz7W#*XDFsJEH83hJQ{P)~(>i$Z@e
z3hsQ*>zTrvjMOxF+=xAdYE{&mIdmu$L0D8QPkuWGSg{CXG75J>qlhxaRp7+$<Nh!(
zfo?P9DIRjyOdiie4vKV3lXekK0W293ff%KAm3?*=+HXcNZ;H$*UXZ9L#)6pN3q!EZ
zVZUdjj-@N(aTvH-SuX14ALjI@VT{~0rC@DK<2`4pzUmEGwX<v`kFTgnED&$$8TyIO
zO4EGVxU+nzh9oV|sq%91hFjO4S8n`S`?<G#d}>x2&rkHzHjMBp8*`|%=Lh(qG9*wX
zYb0a)jyuO5i@-J^L(kO8>XZvg7bU00F}m4x(L>{96+K4dnWN|DpAHpqS=MPBBcdOW
zTkBU-_L8(ebhnUQ!$NHfX8%%1Wr7b2{k2v&Cs#8;^=ZACv89YJ%Hu&^w0wTx3Zlx7
z8c{9bO+sGINuN&qvKKKPPLO5BiiZzX%x}j`Y{o{GZ8ibL;Eee6k7Z3KHzoICg!ft-
ze*cmcn*JU1W~9_`Ln6b7g8UC#=n)uck7E41p0$D>7;#nao<?t0!<LvaM5<TvmU@eM
zr8*(I?{5;Kf`g*D0UGo@7(0HL<PzaxM=V^?xr0!eex1@@%$5FEQ6aAb(KVnl_xB&P
zC>-Qx)V%ydcN26U4Ijbj;CwVoAA)6VQEA=N)a@rqQXxGKoB6S4LoEz|9kbD2!qc%c
z@>Xb;Wp=})iVTt?$HggN%&Sp9p7KKqJpKZD{p(?zx$SIC@~%siDB4ow3Vy2)jB1l%
zi-;$`<xCSC2%>=ne8@SoyJGm;garJ~1{P16DF-&!V9kzv(b|cw`yl9dIqKj{mq~If
zn{p;lg{Dwt@@um~47S_wI1QJp3^M}QOfH%>EoA>=A+S_z<a`u;UW6*C2I}eW&k9d1
zS*|~$lJW}Hsoe*^o=NF%L$6%RY&FQDK$<IPNe4miFaYASue9_%z_Be+$w&WKtjJ?h
zCZai*_3vLkU)T3N$9$q1%57hn%!6R=Mya)e6OT$-RGI9hNV{7emcPfE{M{yltjn|Q
zI$Qanv^VDFR<M}}^iR)%@vSj`>ka>G<7xa+P^SPE`J<P7%8S04bASg5UUZlWLMzx}
z0f}aZ5y<VBVahz8jJ!e!9O3@w=<m(TH%8PyAs&xaNFwW=eqow?EB?r@Tyb8u`oi|v
zVMJw{l-ll4xrJ3cE2^|IWG4iyws*yu^t0a><5(LuMBGqHZ*j(b?S8)?n130S-@H23
zuk5goyI7#~<^>f!;(QYb7@`9WRI>gEiLlThB=VlWU8YOia8opeDM50i0XoMsE_~Vo
zSUI(K*1e)KpxLD@%fR@|+*~TQiOnzA5Yihye1DHaofVBef16n{X6ooY0nrx=Pa-LO
zh}Kg6A{S)<=>P?fNLFaPUW3sIK7#HTf?7B#^j&Jfa;C=f3K!id`_r?#eY;t0%K)$a
z#k@ff29B9_EDOn3ZNtTJqX)cD7wZ*$b~(St-fDOLD_Aa^6EZEIXQP4YlXbd4nSxE6
zN5VktV@P@ZUC)`3DlaACF>aF!Cq?Tx&GFYLAsp+G1bA<GsBi%h=*0~*6AWanl*IZl
zRZfoVSDz&>sR9`*!TiOmkJRTxX)*F*d&XY~gx?tl#r#99X25H7Q_3*F?Eh-!bt(X_
zlutvgW&Ex*q&G_c1J>3y;&ILPiZ7`&5OJu~5k$8DLrn=I>Bv|wlB!yANg8dTPxTDJ
z2g(!4eL~U*3zUPm+j%kT5?LPqoYp&ru)AK0Nm94z&?R^K$As)lO-!|fPWkF@KTSR`
zM%sb!X5eY7Y5%BC_bZaec3nEOBskErVs%e2gA<?O6>{dGDy7L^ehQ-A$RF!BSnSG#
zX#-a86F!*LZNX{T<TpRymTQ(t*DsQsQr#F5MV*58h^YEn7s#(MvKv0lXJf4%TRc`|
zx)pF`^l()&=OEd3<}uqyv~A92i<cskA2~)`-~A}JB*y$th|V`0>ZA1D3-=XN)PM~f
zCSqNAitLHW-Ezwx*VD{`W+}W*=l457vBg<RRhNxvq~r3e8{8x=ETaX3fY&2v#>J*)
zexpa@M@I*{Cg$eIW@su5?HGevYu9&jF&T!9f+fW<jkyk@c<sMc!$}+tv0{MegJs3V
zRLC`4GZfEA(&*eBM#i78D(=lFH1GFXZ8Uk|YiKI#2k<>Q9L6sP%qPtt)0e5Ox<seo
z4_h8CC^H?Zn+vsV+EQiw1{9=)<xq%)c)mGVwy>*J3|hfj9dx8RwJBSp&lD!+C^JLj
zJohO<W~#^Ihj$TI-H6YsC2>PUmvi0xcWLP`flIDnjXI+|>@mc)@+mpgFs5o=i8^bN
z>#W*cHj?(yV2%c{jiJzJfs>?9kNs)k=#KSfgre#6qmVXODh2%xCwXDTxCC<U+!Pw*
zyOl$?vaX{uWlgp>Tn~@k%hjP^8E0tr{&z2wr>53ca<#b4Fj5>^OKZsAh&NFehX|~e
zXQp-duXbX=$bbgi_XHR`AIkRPqWS8*v9N--1n@_y(P~drLJ?lVIkRdBVqj;-&`@GX
zDjP3Mf=nK59F4%vCSF*L;5Y_D5^DF598$vl!SP^$B(|qOzbMmEgCZ-@o;S;TT(w_M
zTZFX1BL?WhKky}wjiS3b8S9ke^I8LegF!@iH_NlcYx}`#Bp0v7JBh+9R%Y2OpY-+W
zFNdQX-f7n0=();g)FZ~xiZAz*zD}1Gm_ZfX;znQ{qIv>+U`*1wq*-<ZFzz5aFzbym
z8B~7qJ*qlU={bi1LAxOI+IddP8RSC3)6<h6&g1;y$Sdo;>3v2>lW@I+xs@~%W1_4v
zS4L7|3T)8zm7|Y{tCACGOxagzeM(hGE>+eGVa?|F?B)YuNYe?s87FSH*YW$T)B`VJ
zU+?THe*^I8U9!jOemnZRl~J04O$2&LMSe>#hi9*u#-J*Ylxcq{G^adu0Q~M91oYQ$
z2vrhpmt-{>dGRAc<Y6W^%?m8&lu4Tv0YD`;To_*=p8gXQo9n>`Q1!=EE#>iim`^x=
zYrbNaG%pQOa+8m~dQ0AKRKN=8xlNW52?kg+2kaAFq<7AX7ze9czW3%Fb160$^eFO`
zEm?D|r7aIIBFDKtQ(mWi>xAa}XF(3wA`3U}!$2AF#33x`f<7^r<y4eCR-N~XDlf5)
z(dpF30cp-nR36$`UyHLLNy{4)-1nTN3Q36m3C?l}^4Gu_5EB8@ED7qNRaI~cfp8|;
zS@rd8gM(h+_X$)_1FE;B$9Zq{R{BTiFPvAVZ5(GM6&&O3_&L^m)bBhD)^%VlKGW~;
zVtl3C$+!Fr(~W43+hn96xV8~mD(;Q^CRuxXqf$qruOExkVa&Q9i^Kvel3J`FN{F6*
ze<#Rg*e;hqUJFN=y7qAolh?<Ompt3Ib`TpHm6B20$Wgp8YU8`PM%XNz1_ySfa0_Tu
ziVVWSD{Dt+j{bV^_Oz~xQvn3JkJJAmbn#CVL+!}k19m^=hOx;^=~I}Q9NjU+93K?%
zK{OR?UzaX(rrW5u143I3-+Th_(O&*#qtX)Q)*1|Bt}KNbJ28P(AO^){cQ?COr=-+s
z;26ZS4t_!*F_lf5uVuoDaGq2GO|C=l6X=E>HC_A*C?Mud?Qd3K0XdFy&3yueMRQ9g
zhDE&Pus9~2`FQ=vFGngCi@$^+aCFEIJTX72j<g%cIGS$Y(_M$h?Ui~<&hr-pE%df(
zvTm8BLzuLUVI2!+$L^2U!AO9APdHSl563lW?-it+w<~-KD|QABiM7tgA?!Bbk;7AJ
zJB;5v;$gO5nbi6k8JXAfSRlGTL~et*e<X^lbD`^HRM#ONSmi;|I*F3=lr3#d>#c-0
z&V2d^<gnX{ZM~`rBsltIq~ykbz(xXAh(gf72+lmoVwupIPF^3+=kB_uBGl(@P-Vjw
zePtgy&o-9)dWEV-G|EhKXbal#JW_mwcyx=HZ&%KA-5|Fvnr;=VVi<nwfB)$#d1yV8
zzEV#wTnF=8I3{n6-=>srU-6?p2_wl$)gHTHW_j83(Vsjjw(Em?Zau$K0kr|W)T^5E
zBFXaP`Jfp<Gy(%{D8xK+%^_ieo}i89##t1YjJLHvtOCD04_58fK9X}ix62Pxw|_XW
zX^f+O8D@j+jc||Lvv2xV#_e&-^U!+7zxNn2#iisnHMh`lkj8U+pMiq*-n0s10rEQX
z)?kd|k#p3LaOgrF^#!P-F<ir2v7gP!BDS#$EfxfBaITZz3jSn|RA6II(0{r&EGX_C
zZ2iI8)87i@@vtKcc&j>);$yPAesS}h+l-JmbRV7Y^PPi(--l4xdI)X!R`(U!4oA|}
z1f@`5-0!fhu-e0hAq6!eqU;0>tD{d9$NCkd-^0`v7fSe=R#M+hKSp%ER?2Q1qBL;S
zNvGG*zpPH33?j54LPuydWIwt+Tw<p6X{xTO{O74&WkCa+_AE7CLzjS6POBAPpGfhO
zwx}k6u09<nR&#2=#ohqQXp$#)Mvy`c(4kDoi-_9>q^X%n>0lrr6@}$UEg?Z>i&WS`
zKb!Tk1kuLZsFHiee25e2e8YG3+(*pn^$sLe45n{=-VS=faeYWp-0k-`lN8E{vbM(x
ziW*kv7xFjs<_!DMI1IP)8-_l;YiCQs#<Fr&-^7hG4a`<`#u~y3gP?INqCB5L+tDmw
zM_gJ`vaIO^$P<IzJtMN0F6QIU5>KW)RDmQzM#DpUG-Ax!GEFUcjX>RgGVjlMnGL>2
zTA>_PB97DjT!oIgy!yrMlvmsL8l3aISn4+NevK!V3JQ2I(o4=4d(mR$y9l_exw}*4
zLj)vL_^@c{_O1>NZf+G`S83jqrW}raiqX6NV{6;2+=q8fkYi+MR`I6L)$GSa`KQ*W
zKJ$)6k>w}6r!xW%m?u<hGn-mTFTga_ZlU8tiv@IkTS)2=eT~3Qi`h5_uCtw;Ch3af
zXZvI#2<GFBn+YUsymapAi+a{Qfm$4_PU2d%?!AKi6%txhRpdHgvzXVj0rJsO@Zy;4
z`9b&ry!f^vcr9DU$>v`(7CCFzo##$Xk>Pzt+eC)szh^;zCnWC@6r)7xYg{-i#n(8d
zvbeFaP{PQ`sAEz>r0&{7jH%PZXT4nCvupcf^{6<(Tw$a_T@6Qi>u<wWXaabZZWO}G
z)HQg^z&^-^lmqR_+K!$caff5#vBI5Io6bqg&@#!5!v^q44)x}1IL}Z93F5CkiySPv
zw1^Y|J}VA;6iVbs0K0(AW@984l;uh5<rMnR7X_xc|1fv?xLda*fe_s|Gajpk4sFP6
zZ(Z3lmraEQc3uGhQ=es}s$>J&W#O-%a~9Y)0rZ|A*dqg_KtfJh&CzX{&dzD{OD0J=
z$oL%P*rt7V*51c;`$N}oCsO64@6aW!dXyjP9W7@!q-a!SRf57cV6q1J;Dk{;P30c;
zf|^&l0?b8=Jvq7S<z+Uo7zOm%MhNh&h=EHhm3DfA>$j)6S)0H)B+1^^Nh2X*6`QPG
z<ROM;E-jq-b&QUQawr<Oc={p+Gzu+;4CL#G;2r@VsHR!@7u>fNZKV*tO#*V-AUX=%
z0~Z1Mew9*;Y}u8c>N_X?QI)LR&l#K+^-nrpD)089l5fz@{6~`*KCBR7A%j&Ml32mx
z4*(Nam9tcENHETK9N1nHuTwr?A+ZHS|9H=xD-3LlB$CE-l161OR-7?Fabbv8AiP+`
zO&|O3oqw-p8Rwr_=>yQ4?GkgYD~hv5qq{ZbH}X|tE3A4u+=Gg%_AsG(n7hr=bJjoe
z&GxeM%P?*>*~+6ApX?E2WmT4C4m0dRH!ITO$^Ez1S^v1(@mHwaPrZ0MtYx?|cTy~}
z!244%RKaS*e^g%(eiT7r#+mx+O3Ja^KjMualiu&p_N)@+n21Tqk%N%~Jk%_>F|_qh
z^9A8ixvdl_6S1O)hD;yTxTyh&Xs^*Ax`%_|^1-E_?J;mC64@;Db_e(W#JVysSbXja
zl+~ec;7+l3J)w+w{DxZw5d)0^gv9Qh*>P?x0~|n=u@~V+Dqlcm?PZzYmAca?#-Wou
zOS&ux^oJ+SDb7rFa`m^)Jj1t=)tIT~@O49Ie6lcU%xr_sspINrQfd8|Y>cQsOi+sr
zVsPcqjYQd7Ejs3Ehi*nHqPBl8#p#9}Kng<HS>mVLC2KJ5rnhuZ84h2o0rpPwu>|vb
zk09hw2~;X^^F6P2ltmI0m{hA|-A~4fP_^j7>Xz|<W);5L1u5=EAZ3fbMs4}go^xyo
zH6JL$;CsM<OML-MpO1T6-ZxYF0;1lOrs8n1OnUsUX60Iv(M-hIOwzWkAX70)q3Al=
z;}I<ip@l47<*b}gSuGe&PjJ~krvl_jN@ulQ*h>qI=c~ah0}Ex`MwN|UROxN4yFMAG
zcNgmzn1`&ATrU+kIe}7-6R>=jdm~;e!?PGU=b?s|`tSyVnyV`r>+W$LU45+ghKxnF
zs8^%z#TgbZ(NQihZwoBLZ8=CSjs)asinNu^6zQffdytMbYkJjgmj}*Y)d#GX+{?v3
z4J-K<&+o#l2ROgQM!TLC%ofy=*N6lvv#RulkF}Qx)&i&8(hV#FP}Zh=#WP&vXU9o)
z^eVc@hs}HzRHrt^i|U#Uzpv*Y>|R&|p<~CLmn7U{v^l4wOvOc&;;$t@)2LKbV+>?D
z_Hl%-dt;-QUNoN=@@4v!sDiRVlyU!nLr#r<_(`0IVvAh?ki>j~Q8N98iEG=4`_H9o
z7493TmJg#62l675g;3)$p^r+FF{DNhZYW*)Kw9SX5P#v?GJU<fBAJO~OprIsr1=ru
zdB`>!MeHVVgxu-6yK@QaCnz||au%v&`|7n;d(UR^WDPjR#ylb`qtG;LY+Si*MHUlh
z$=-jG;Rqs_mC5^-fZWvl5HeT@%+(aI5W<U@iX{V91*!?}8As*Q8KBJdn!{Tr*!L`$
zr3{ZY)&mpaZ<L$kA3^RC;M`nL$XP8T*kY@@cMC_CKINZ@DHg{ZS(T)q^&;X2*(<%T
z;`DoCYbv7-X0v{QzKznHs`t9_vF@&qIHJW{{mTnl%1uYK{Z8<B@y_^eLwtJ?(Kp2O
zcZ??(2sK01@i|`gbI!z(n$ZzMC-<;SIfr=!tf-7RT*?G7EGaT@CN!+8CHKRk+`aDN
zI`;lOuwM<`?7ZvBPbbe-qfXtkFLKkS`Q>w>`|pGntA*E?59bh_;d^hd%UZXM!dM??
zzA7_F8|jDT%j*NH8Mlt5a5Mpe@ADM{JWHPpU@p^;8zKJIEiMdzVc<6#=YDLlQ}LY>
z8OGjYL$OmRw7G;gB|o(6Z$icj;k_&$!;qDY)xhB3OEliGZnd?xN|5sxsPN9l_2!G3
zdnENprR+g-F`3UAJS*~}9olbn8vk_P(0w)x3S<>>E<?&P*7a)c1)x?uYQa`dGk8~s
z*q6U%xYVpV6PXNn`iJS%1VzQd#>oAt!_gsD7{LsY1G^e$T2gR~0qG4^tIG_!_Q-ON
z4Q1b+#%5OO91720wC~py_(xdsX3u~<?B3PmIpo4qo*nYNK}r&K|5Xu@GbOn7Y=g~k
z&j+t?=;W{S`cu->DPra~mu9<3OIjkJF<;LRt#fYwZK6VA_LxNK4<Ym^*tAI`^zE*X
zJS$7FJA|N36k;5dWtILxoSMaQbpiUZodCr**Vr_2*m105S$yl6LT!A<9t@K%-eEU>
zj}ShpQ7yBX<8vJmcdv0K(kQWH>)F<e!U+DI)2h*>a@4;OO_waER0KSA_ZbR0faxxi
zXwrFYut*}7uI=alY^YhkaXnCSTLyFQtp>g2>Bs#|D-Ouhbyr^Lb&O<e9g*b9&DVGA
zkI3Gs6#RB=5!<erxoBb$N2VQtd>}Yjlx^(9Kz<aezT+zBBA*79ojUMz*s<9wQmqv?
zQe76HL@CZn=U?BkA9nCHEncQZ$W{|tA3c9!<Vq}Bq?~(}s*ByyDv_;aZUxbsJZZ4X
zKHqk>AGM4f?{E|1x_&sS6(T*#qSIk)6mOh1Rx1=LQt5b&`KBFaN#s?<Q-Oc~6Iig@
z)tseh{9^m!O3!-%o9*;)$g*mYTM%2rv(tRd<Y)Eu<H$+XIm=8MX?TSF#sGsYPWsAJ
zf8hqDR}%!KYSn`#Nr9T-59#RC=~$M$(+~oRUZ5g5><A&}LGhjWw-Nx!K8uz3VD8|w
zu^H-azW{A(j~!I0wV{N))fhO-ZVWun<8UFdFbIM@LUw#~oWPk&U9tTlPQ3hu(nIpI
zc1rSI4fAtZ3I=3W3uA|_vO|(2?$j#b&oh}yNssmjk4`^-s`uC;ykW7&zDO*VumqjQ
z1YBgE?zu5x^wbCqXN#u^h0-PE1H;MckC8bpWjRQ-NQ~UM@i3mJ-WtoilyKl7A<tXW
ze_x5;c^lHE_8SXAKWy5eO!|^JyZQkwBC5v*r{r(3<;Cv~y=@xI-`hPqnq7ro8^=<f
zEyR8hWJ1uvG-DAdp*Lj%=tdRGwHUg~zb8AM$=$`*FEdK|@5Q`=+_sO}v$qt~1@L2-
zx1+a<No<vusO53-O_CDOCXl7{=$xoo(7SjMyPtB}-(&(@N%g&FcubR0dpfu`9ts=J
zL_^d8kM86t9)*@mGU7f#RFn4iIeEP^5sV)Dg6?oaxv9n>QDx^T9!TgG{%}3R2Li*P
z829`OL^P^)qm<FU7kY1#Mu3qwUevP3%Ax6(?nIKz^0&k=0!Z#YrXsa}ak-t?KnanS
zhZcGd#fj?55D(%Y-@1`lc?}ir7kyUhM9<Tk$8wX)U!^9Dsb`cIieD!EJerjFw;sW*
zc-dA>XN`w&{~D}@ShOOt$Mix}z+k9+NJvN(Cnz1dy&stc!R&(A(N~3XQG1v-#ybC$
zEYUg1P0-ET#^U!LkOX?X1i!qs&Z$k%3BRHEo*{$o1ZqV2OI?b!=a=3i(6>mHv!F~k
z{p9aG`O*c^SFbA85-~S&%S^7iIYl^HD1OXmPvz7lv`IfT%{!epkpAN3Z$-36JHIIB
zPpX=%q5zTk_+#FU8hS;yU0hC*Irp`Vo6xK{o6?d#<bRLAG<!+boGJWRBGl9(P;-1+
zxc2Cf(}zFlN*i-Dx=Zkk2<Ag^HrVqz_CmPoc2OB1Nn*aTzdzdgV8EozbjbIw7Px^&
z-o#FyG1p>JlxwE{{yubs4{2nleb&Uh;j<!vU#}86;&gXBtaoeX+BvBkSIAJNF57Z@
zzW|gdaDf(C>*_USJuG^NbEXIyUP~IXg_vvME|-Vx&S4vJUD*T5pgdy(k8_-iT4K}(
zK_DMSa<V=YMdUy^Ex9-?3cAkSGQpr^a0mhVGJ!eJ)3V}bCe#F<ov!p2^q#0O`Qn;k
z81HUGpm=!)X#d*JC8zzKhmZjdVM<{M;x9w$?v|a>>)9P}U7a{Yv{UdpcniB}xf7qc
zYnzPw0yV9laFQZEckho@sysXBJLlDY3W~A3UoUUzQ0OuHwlSO31@<%T4+p;6xixDu
zP@W1oLkc}~CaP!MhLQQjnt{KUCMOg6```1q$uPX~&6)F3w_Vv{bh^*O#=Uud!^d*H
zdRV%M94Xz>{)?ACkktD#_C+eAj@_w=SaUckmW7%h;T<Aw@@I_SB7Sf3@AR7pR1uQI
zrgeR6(!4{$;AUT-FHd!6UZE#-6<fXa`Q_kVRNcWi{-LIb$k7(Z(w%M-9Ck?hYu&Yf
zpvJ*$*_Vl=8m(s1S`svxI(@vu(vi;5$cAmX5FJOXjV*|`LN;bV)TMGRN$o8k`I{dK
z85?}$D`GAW-ti9!g-NgmBp$djSv(V<x=%live8@rWLPvwhh2uX7<aMVv(Q>-sdgLk
zLZvKxebn}`@vo7vvfty8ssZs0sqhuW)}+SMN=u5}NX!G$3*Ga}(HM-H2-fSygssGF
zU4?fa6`v7hbS6ek)dYFS`_5TynzsGXla)h_E(Dzkn-RxF82E*-gCC;!1on^gIeQ1M
z^4sJsF1?NWI)JpDnoX4iMFu!K?RrUyX6L0e5-Li3tOQR5uT~g3+K<I^9H|S#TMK={
z;M9-=q*5Q}fvB#+58C1?3&kD$k0W}`uy(Y=eHvp#M27q=^!*%fY>zJ^?LXCDC5xn<
z)zmTuswgCNHIPL;(YqaP$ptX^@`o(#Cj!|7nyBdGQUx$$yJ2Yo-w;`{myPr-V_$F`
zM0OMzZQmPR$`#sopeUIUqk*U;EC#(Zo6D2Ay5%p&{=1+w826r<4IP-YhK0ahX#Yvf
zN>G_j9Yx5Fg5p;k+u;cPq;AJ*<kZ4TX%{nFj}R@aF!VNj7w+n!et{&Z9roOMc0q28
zR0EVb<zL8l{y4WGEgXN=k*ww(gKOX(nepFqRR3)lbG(5KV-xlM?Ycw#ht@H=Lzy8&
z3c~O->$_<TT;JS+CY<!j;)F`Z>ss5SZLiS5Rj{=C$Xy4#ZmqsmqLwXZyBJ>WRsG?8
zL%dfMLjoLzWR$=-tz_w8b@qdPYS$M94KIzKo6Xx@)k+(sD9oQyo+WUECi#bUK{=Qq
zyk=@O@f~^3G1eI$5MG2JoycY{MP~Grm@Q)~9%}H`HZ7S#6L+Bi-p`O^ucxDN7+h4t
zg|(aEB^{Z?dF85)7NQ?Y<2U89(wO=*qS>#24k-I=KAQOO?2(M^yGK-KPx>9Qv^-VU
zSxwtXP`A5yt;+vn|EAFEj?q3ALx63Y{lxJSvk56Dyy*-)E#oA{mU?s|`^l}{;AyzQ
zJ?MCAK-#)I`*%_%qZac6R)H#{d*|}zaFHpCiM+g0c8)%Ke#d7eXA`vQj57ID%j+hR
zz+>Y*oF(J{u@-KzMn5^K+L$842O!6JX1HWI3)y!Q2^RCt5$TS+fLT6R%H!|0!Vi2p
zVs`zYXO7DKrz@IJbo2{DZb9>f=PZMP2CPPBPjSoZF+jANU$ws9{raNlgid#37*>I>
zZb>qPO2?J<Z<n~+Gr7KP4>Z)SZMyHZt;;)VMRJHHi+%0gDL!eWqC=E8IF|fl)^@J*
zik(5{PqC3G3C0;A(_QiMCzfj{T!goT6}}-um7<9~?_|Qi?Dw*c4_@|U?a#BByy&uw
z`w*ipnWPcu5TLgALHr?_medjMrAC`z3#0+mYBX_q0z&oe2iV_@TKm6wez^Xd=ZBM#
z@jqf8W<nMgCMMSZO#iRvhlQ1ciRJ(6`FVBGNY?(~M?hKJA!BrQbCYtD`8z+2B$DRr
zCdnZw1s&L&9PC_{++6JcXt(|Gz<d4W4e$d5frdUzI^|qwUGxUTN{eL4O=4R^CxZqN
zTI*b94+5d7($zPChesvJ!CGAGo9sjU^OGGNiIo&3Ie=;jUJm4|qa)=r3IZ8HDz*g*
zIu#&iXA74*19=caokF;1fztW_RSJfO#KytK!}eR;Vax+{iLBGoZ5P-Qj<4c_nFN-O
z`|EmdU)o#|_F3K5H+<DT@@Qw`<(n8DLp?jXHA8CnR|895R$c<J)nhDMAR2%L0i_D^
zz*67<twZF4dc)7Jq^>MNj9XP){IOtZ5P`MwYH#=7`HqW<ZjG(wrP)hK&Wxo6Dj$Q1
zUt3vy`}z$D6?orf3SNFD_|^9z2<lf>HF++1hG{YG=<ulr>JPgI?d;U{v-9lNz95nT
z{H+*Ny4fC(^YaJDpgBlTCzy+~ySsbchHsnb(ttzT6{D>0^=y5k3$(l6HWui#3}+tt
zHH{IU(5gHeiDwT0?t23xII;@^<p}vLp9uPM<s2#vEf=^+^g{-L26Eq3x&+t<awELe
zx4ER<{+U!=m{$bm)LsuF6pRNShrxzw@ON(qo&ISQ>I+zf^F#Tk*yG*a_I*+OikrIX
zv-uX$#fH<(Xh_oc4_W)UP6r<!+Ib<^{PfyTGl=i%;TitAi4^pY=|Q>W@OlAwnIXPU
zl~R|KQc_ga43&c5@gikWV^$)B;~l`i(Y(9yRj5-B0tw0c0;M4__@i(aHxmAPtZHIO
zZs9q%d(+zxaS8O_@#g#n47h>?^a%R?2;j0m6Ix{fHnqLl?N0+Qb@}`w>%JLq{|J8>
zH-QTSWdr5Y0G-;Hj@@<b>p$FYO+RhHp%M4bfnS2uH`qHuLac8A6%dsBUZdv<0u9fA
zV(z^tjP)T?rvdeE?!tiJxtux(eN}Z5k3+yAy>G#p-V?0-zylxZOQb-1%GV4KQV{sF
z%|oP!z{3T^f*t<&$#4EVCO+6ZDmU3fFn<eVe%s}TH1#CS^@;pYh!VVJ(G_8@&uk2y
z`FTHIJ3j9UTETmTr|bY0zirfmH3a|a!<bxv1=~*PlkWf|CZV~z=0C>1U!K4X4iAoh
z2nd{MYjA}G-Q0j~0G5K~NIyfEmEU%~KnP@Va-iUJsXuPk-;qh+ngKOeLajiy{J#Dn
zSy>^7)D+I>?QgF@zB=;*tq`6+Y_vcKu1J_5a=`8Gf*?Tb1{})(oXI)Jz4&*Vcbq#=
z&f*_JV4$#R0#c|w_a{hbU`~^tC@@Z7Tt`1741bYt!~+O>%1<F)AcPSCs7>8B#6VZ|
zx1jtT)gM9&x0e51`s$NJ+SENn418XC56b^){vp%@3Y#SWyQ=+w6zaP85}Ln$_d{y_
zxcDI^DxW(*41A~kiE4K*Sf(v7hUQE7iSf^@{*HRhzf&`yI5qej8=U&sI=K8SBgdd{
zmRkMsR}>5IqZZ8gW~=rCdG&?l)Yfj_`XYg*4xS+xhc`7e{waf+vpan&qsBmNE{j>p
z^9P(6Ah!9T2A8gXg9=;zSdPJ>EzORNAV9rKfGwN-AVM8q-6BGzEZh+wRYold5GL0?
z5R8M9y_7K%u%dzSN&MW3fCK#yfyzPrOu_3$PZ4l5r$>Q5Djk9~zmX6#to>;2e3#HY
z-a57e?OYE0tRvEw|Em32ccR2oM`V1IGCF&#OVsHO^yB@Z|M*aT-Fgymr7y4kLCS%x
zEcnO^5y3b?aBls10lNE&1@`<F@#MEacJsOsi1KH4c6(oQw-@^OvHbAzCv>&#_mjm^
zAq~fPC4ipC#{co3FY);INf{nr#+&&YyZ`3*{Qril+b<CWtqF|NXSXUpKp=J>0PNdy
z*x|ba{pSYljG-Fd0h9;i>8hrnF6;+Nsl~s2!wbhjI8Q-Gk>~M3pfBUI3V0_^;zFRY
zq-0>%*SdQibYPSYtVhnHKqf3UUa-H<vF6+NpWA2ys;BQK$ghtY$Y0PdAMJdRcU_uv
zdjD!Hd{S^Dae^9*o9OuvTlj8GdV(Rfk%DJDTp!I=36xAaNE>i8pBAW!8Y~C06eM(9
zcQy!>ox3Vf(v$aUSwq!fgIta+8A?UNrj<Wdi<4N?`C3{Tm3byuk-xr&cjGLt?T7;|
z==P{6US9OUp6m6A^_Mtkv%S)$1!|zmI<*QMFay2jg`Cx#WbM$1f`0EEm4|7*K+`hJ
zYpjPW#90}9df$O#2gzP5dq9-xKq2vpkxP46bMfAI4V<Xd>_xFDgLzN5nWox$4-~3m
ztRh@@$*)@I{8|nzyMCnnLLawhG$Mr+`Z+I>XqH_u!b6lR;|D60lM>(7I7ZX+VTWfK
z(v*Gd)8a^My+x+gJu=@dx|m@KEX5@zAsypZ8EDK^t&ZQvj*s&Kp93$hl-C;X$HtIB
zGFGhQ?-<*;u`ez|jIY3%tY{j-!ng}JB<-gNAne+&A7Kv}Qz9dGLy`{UI1;GiO4&lJ
zB0K?;l%SCzIhhf|>ZwV~Q@U|Y((Mzn{YGe#(EROdO8DyG9z^hr`>{kZPXRNXR`+-D
zJfnwlXm>n7ohXpm(PD6Jxb+iw6<bvMCKRt>lP2P!QMMAfd^c}l*X4G-p<0v>DLoVE
z&?bV?l$`EQ4WpmoL;M@^98Yr!-f@Ec>U5p(9-%lHbE*mc40V1J)8m)B!}KkiSpohT
zl$df%1jbUE8$61B*r9d?KL`GzVFg>2w^jIxcBDtT)LTdOt4jPweCXdfH;ilgoMgrV
z7!eTBX0@_054ENmg#t3i62Jzd#%WD5HL3QayXPDxQH5Y{t@^bmpiJug;Y%e@FniZp
zNm*~BG{tEcNo=*fytXRfIRo;QU)0nTC8eBSNFz7F1%m*7#O#^UWEo1&#eQYD0``$P
z3aMt_JS6OL_H){S(7bK6F6&YfYTre^%aSUQJ#=*cw|JY#T!^|@L@x!?kNhgQ>f5Fe
zJoV?t#F9y^csv{jN6EWRtr<%I`zFyDWcVDJCO_p>7cceZG3@J@*?nz05Ev74Q&w;!
z^7@nml2~AG@R_e26i0?plt!+*tsg=3M1r)GgCwo?rAExb+$N8@2H5X@4Kox$HMEo!
zea-MPl6HuTOR|oW=40=w{Xq&0#K(y@SorCbKb`y?+K^78#Mb7mj(5z(yA@hAQnq5~
z7@4dq6<ZRIHCcJBC8)3^8ezy+P8O@;XaPoC8Dy09yw`L1k)q72b+?{=M?^HqyLa_H
zW>G%9+1bAU>r$aSyP0Klv^*UFLX3(`Bf`o(%pq$v2UwRK>0Jj^axKP)9K_mA-19BY
zuovU<v)pl>CN|fTs9GqF-}G!~a2LFOr4+IR^4x7b0ql0b)U;%>MkxQv4~~7F&HI!4
z*5|+5mSPSgn5;N~FLq<XFB*%DAq*WH6K_PL?QCqv*_Jopt;(sX?xw(}P_(cK;F_km
zw7y}&9xUB=d-4b>4KmkklN?-?HliENUNQ?0!4YX_5>0;;wJ8il_SJp83Y|@M@whR)
zNe{C7dz7U2LYN+<%3qD&A33DnenYE8hA$27L>)Jno9}=x47=At4g-ZYtrnv1V-zXO
z?Pgga^i#65nAA6ITfich%rwMZOZ$iSN%Im}Ip>J<s16OA4t1W%Zk#MnIbmm^dr_#E
z<@Vq3{t&+oZ9`fIpNMh711A9zlq{L<4=4Sm7ZAPIi4N2{N@dgp9NRC7QE|zKs#0$C
zP!aQ@;VNObnQ1|r&LQ{GTkbxPPZ2dgIn=B@boEtKh{?V6v9NS~$__j$<GHNTEbuG-
zbtZ`C1y63ia<gpHJ_B_Vz&#WaEL0S!+3<l30y)Qaho^0H*}t1AGY)XuB&n&!ZY=l)
zU_JFiuhpi$G<6o^l^CUwVV4K1Jb}y5O}F|y_|^O&jM%ft;Vt~BCzfcC6^ym;4f0*+
z#M`nx2ffX`oR6VGgrZ*ON}-vXug61sc<^^<g*KLIc6Cd%3O{boO9o>u+05EzYI>p*
z78r@)@Xlq%$As=u*E8lz$1hX^jb`h6z)6LKb#fd(-mso*ueXzsTcF=t`YGERevwU}
zcRKAEO9cy3+ghB_*IiG0I~~Im?Dc+hn64W#aHEWq9)D3yPfr;x_3qVD?Od$s6D6>%
zl-@P>??e!HP>(@f?FKhgoB><-9>~?l6n?$?CT+mWE0|IJjac4g%vV#-0nVz1^R%z8
zbd0%x|5OI#VjOzWz|wpcyCj^cO6NaBiYPk3ub`#)Gy7jJ0vX=+0<G3Lk~Py9fCpM;
zva`CoUa(TCJ;IE2e_%4Ni|8KMXrBij(iqLJ$wtvYbM6%B9TmBLu89^(-e*oo#!P3y
z+8G%jbsD-lKbQH{deMSVb(zsCETV)w=g|M4&iy->BuW>vmz4sEBAd+}Zk4a}WXY>0
zcH-@>yJvsGEy!9PbuRHn4a?QDoNOcl@E5(Y`}q%geBORx-j1RBqm37{b4k15wK=0U
z&yo6QGy%g;uSqa{;#`P6+hFJ}mCsRFOzH>;1W5@FUJ?72U9Sf+^_yJ&r18jsWJ1Lz
zb7D=c`v67K{MDZTqG%Ik-ja+#N1evCVVo&%vZHjhk0_`8XDYUlQp)FcTvrpmz}_Wq
z(x57>F~_0MuO52X8se2d4lYc!Sbfd@_$T4OIg$&?z=$zzx&fY`CSLLCWwpqC#Bv$j
zRs*tbBJy&bh7I#?3#Qg&XgUjywkGBh0Pn&-Cb29ZsB)>efFT;VsObFLP^}w$bpiqG
zshx5~dM$}6TRWl4nu56S)MRzp#=-EQ!L+tCYO129k6Rt!9$c28sO020{k3q#oJ%FX
zNdFg)Q>u&9_#TCBlR<7Y^iHr@uw>QyhfpVP`&?s&?!I4d{AUVSJ;m^F*r-@uu`2iW
zs(A%II?V~nSv=atKB-Q%(g-s_3L2PKjS4nlr?D{Q;|{wr(9;<n#1aYJhSywrX)-W3
zr!)$`XLen5aE`ddt|0ygTR^10lFb;RxI2!F6f$g_F%2vTuwN+N!P$P6#LMR{8R8%f
zA$#4WZ5s}u<I}Ag%vCpArkdJnlMoG1bQArcQNWax4U=O-H>RDRHf4m@0U7H8J=ml)
z9OJV`IPIBHcBV~|vQblrSx+jA^Xj2>!}eQjm9`7}XDie8C>AtW-~kj#71pQWUGE&>
z%3zY8>a<nL7{4zjJcipuOXxMeG()_^+&T-dcYG4wpexkjzzDJ<JG&D?yuiWtE0SA?
zv;4@>RZ=J$df6`<w>%M4H255I&5hv!$JMNLpL9-L-z!Lje&QKh_OWw*N)z+m@syTi
zn2hE+Db1v2B;_Q@;;ye^v(?MV{wWI(_{o9YiTdqPgx>f3kj2);rM~^%sjyw3(~~nZ
zsoj@2U!P*QcEcA0ZW#-lw@(}*se}(wUM4>;qP~!6`i+G!cIVgWBU9?H+%Bm3a}rq-
zTV;rrRGZ+9BEVof=Fd%m&}1J+Z9Rq}w5x)@MU($b`t<%|t%fTbvLr81F22aRl}%Kl
z+xewmMhiW6{tNzPELykNb2IOu{pyjUdb3DAY4tBitGgJQ9i^-cBJ47Ya5#8YQRB=j
zWbR3=FaztdC7K1U{1qXtJXu3rg6c)|*?49^VfrxEOl~h$f}@aqTi)kf`eeWJsk`fx
z+lkV+GD@PRV}3XfvWm6nE%Jm%BE!Mu1bB(dZ&<5A>b9moFdJKd@z;^V?>v?cMcr(b
z^hksrIi{>00=Q9}90Jvl$t~7=C6)vvvV)YDALfiYyN+pe5zXqJ_MKwivCkfi+sG2A
zeg1&P6>aMUo-RWP9o=w1rCP~i>kKAEk@f4r@Ta%iwBaFW;+z`7U=#Y45IL(WnO;m6
z^HtabGi_q7ce;9>Z#n3RsMAd=bR1SRA0=0K&b)p29ka%V0)7{nwm74VFxZl@;J40H
zk~M>O66U7cLrU0{Et=A$zd#J%yY*pjXBT&fP;VZ)MNtUZW7G%7<Ueavd=co%BIrgg
z<A1zHY^C6ID7;C`9}ZQD&&?5V&e6{Kalg}@b?L9fTb`%KfYm<6gM{x|gO{5$9u$ux
z949~P{X`U1=b3o$Bn;vGF2UF%6^J(7ZP4!~(Z=z)sIHQ`LBWt9lK;U}7*zU0Nmamz
zO?qXj1;f`AzUd+JNc+<Ll(vF>^~bnIUW((~cK`Km@5vR5ocgY|))mNmF7|vQg`;z3
zp~DW2{(L5ag4`#AG1wu}3EWooivbfJKYUZXpG@kdwy^QwR<qs*eg!>Y3=3SE;mF=R
zvYe<vgYKoTBDVu%lHSrNn7mnO2{M~QJ<S46X8g#}G%o8%!bH9Hif~iUO?@n>ADsKt
zp9f;robP!NF0E0TyhO7OX^TmviZ}8kLe1_Rt>2yIDIrcSH<;Ey_WfFR;xyhq9tV1+
z;nD8xO8}+6%;qCvk)`$x_pPcJA#g}Yle}h=P0NWB_Cb0__n{@&%4A;S=ZiM{zJr;$
zRL@L(k-I_V9`v3o)n9NbjMt>hr~Qw8?n;6?nf63|9u2?B@9Q?iijr_M;*n|7Mu%*6
zuz~B{Fq$W<%11Om@TQEf4Ryx(`&p=KJdgM6Kx*+v+4rX4-s39!!^TqwuXD%tlK?VK
zI|e?KTq5;CaY+?)E#P%e-(9FW4R>}%f}qvPhTt6G-2{s(LfqI}&!K&J!S7;@9hGr!
z`Lru=hSrc_au^8|=S9^~QYL7wiDoe-I|izKSuxsw1%8>w!}e^WJBW)<(&SG?QJ+p1
z^JlIsI{Lh<ZPH_QZn{UQBU9n|S(3SEUH0K^*hw2gk3T%&`aMJT02^qS%hkysxzy=m
zrvf3ZU3o@R<TF+w*t-qMTn+^XmD}U?HJRu%s~A@X%U6BId7}u+Y~o@5YRQXlY7R41
zr6iuT&AYA(?RFOwI9Bk97(9}4#)_TQJX;-tCy|k-U+#XDPGS6tb5H0zlhRATm{No2
zEeyPD)e{sWtv&<fxL~W!x!*=yl)rf`FxToED3QwIsJl_s#Wrp>(ygsYPXClS2qNmw
zbr@(p8tQe${pk522oQDmmT&k~k8*O3-^X%{*|mpP^2N5`Oe%tSy(k9z?K(dvti*7K
z22%lQSGh?=<K}BlR=?}$j%>U(K(+c3icE8YXHj`}s7V`Z3L*2#CfwH+_(2(U)deQ|
zxRC@xm0QxDjMF3bdR~}DtjJ%U25x7S^uCNc%Iyr1uB_W*_Jfn_$RA6|ck84t0IfmP
z$-*-7rCKxwB(f~J%|^Ttv#v#p!#oJda|>77{t<GMp&l|F1JeajwFjELvTW2<83EjV
zm%eGE6l~Hr$qlNZ=ik!xZ5&m*V3Fc{Bxz<%niP^O_TIcE@@sz3^yhe_uz$J2fBi<y
zd-?F;;>PJ?2It!~8_ALKOV=v}$g;^#M$&WidR_chojlq6wv%4Ha}1jf@0HiM$tV0@
zBs0U#w5C?1*PQgG-<o2cUz!!0<~-V2QDtylO2xP5i>>@Hp|{WP&k2j?$aeJJt+CL0
zy=yf*t$Tl5=(l^9a?A8=UokqRXMEY}@Iv<!E;*S`J!BzTwjcuQZJT9V$G+1gu1nOD
z@apG%DuUgnHo7SZ6B46)$XiW@Ou~+!=^rWW<v_c=roowwRIi0GH#=LlPO<eALPgUc
z`pleb?g;GKg?QAVaxGAiWSZJ0u*@k@1|QkALn}h+=eZ?bxKL&46BYY97h(j5PRW!)
zXOy(Q{L!NFHGi6tLs>HeO2vKg&M<Aya)MlnkEmOQ<&Qn<n5+dObdVnK8woehy&TU|
zGpM)h!ASLF<PnDupWe^+m7N&UcF?YB5py~gpH5{S&(%ORzKucsvvs>kYA)xnr(lov
zrGmHvvs~8B;diyyDTC+@m8|6ZZM^zVw5XZBxB6yAozouS28SFUyH$M9ba8nw1+!f7
zj`c+ZjBiW|CWIaGWeU0A32#Dh-dB-UrmMtB6%|vu??@Au7f6+viH2lMvA<sgxKS$3
zy-pK+p=MU`O~SUM6Aa?mo)pF9h~&}l1rsrp(Ve?U=Z_UdAmLk|Af2RtUY$@C#t~)r
zjX$f-C3^)g;?DmNfx+p}MM->U4a<n5n$g9$c{`3^dVW18Xccq<e517VGiYwI;JfCz
zbh=TjF^T#2dz{B<A~nhs`)@H}MSCC6K-NfTbC9sO@Q#+t1@(=#>Jn70gK3cmdxohY
zDhgpvm_5?7p|@7{<hXAvKD&HaTp=X@<<VLKa4U%-QJee>Jd6jW>!Q|X>^p#pi<5L2
z>uI8hzFM1GiU|xF25z1L?}Q3!Hkk7yaPo8WwNFlw>!_mnXJ2)G{lI3x0&_@6%gQ>~
zJ*r)*#I<jm3Azq?hI=+3rcz3a3ix~rkC_2GU$jsKKFWl+jGj0Wj^6Ayv^Tq1MDRFX
zee3Fmee}je3B^WjA-GcsY<G>7b^<gr#!T}1*u6<W=PHYybVI?Z|8m6m(}hH|NDPTD
zGeBvJK-`lg*?5-#Um#p)P|3WKtuB69-3JA`4a72srCjsmzpVaby?SFnN!UF=QMi&5
zWVX!QdU8?GO+LjhH31ODNM49!^@(T2#7_|zKE?bLifjD(bHOoD$T&ZTUZA<$<>#+T
zk%`~bOD`rPcYoOyw-4UJe6ms!x2?ai7-o^YbJFtcN|S@@iZsTI7s+W=Ii@RblY)Q6
z-MnoMAI>w1%wV9!Rppkz-$f^PY$jRAq5~6Zrhb}!D<P7!TUZw=%-Y{x$>}-L;gKii
z!W_=^5^_{x*vswOu1`hpZt5o9bO@Il1N>fbYEW&R6(ie9_v)=9r6H~;X`DKf&YWW+
z?WerC^N)f=Y#n$3o7K8c#Z~H!adXbK#K0yes*Uf{qXIf3!7u4;KSeT~HomDa`GL&g
z^zrZ$w+PkTn|LdSRqsrhN=m9hFLrt&E4R&}m#^pi)4M91oy<8HW~ba;risPU({4TC
z%5%bhIUHMRFAEv!t}o&EjXVep*P^+&C-si@^tyif@Zww#LHr%D8y(mDp!Kh>o-m?9
zm?}2T!FqQkSDY(2I+vz0Jln%X?IXAiw@&<&5yFj)UxOSUR;9N`0z~-FloihxT@s8a
zy}V{~lofP?{i#!sRCQ=V)Kg+!#178PN2bxvsI%^;%@gOBBa&Jn4`SSr7p#aRoz}iO
zd{*=b)C9<d8bR_3KHq^28y09Q??k<&;Xfo2@q~^z#ifkF8^B~bI=Je8BFW;-PUa{&
z*sRdRsSn-sExW+d@Xixa*r#3efOGnZWQ71@;G0qCb~=hLag>zw^)BrqjmiGDLic&J
zu=dGwbtpNbw;@v0%{Z&QF$lDoeqJGd2Mk3`Z5e(6cvemz8};xZTG%<{ZT?cRr<_HI
zR+rcw<g({|;#jm4EUePD+vjLrs7GP7C`j}M#CC0(M#vQzOH8!Ah1`7yz9vk)JBP38
zF;?C-wX9_i#(r`{^C*I(^>=byq7gB~Yirwek08i=`?dzh8|WxpYh9`MeaL@AsFsqb
zqona8l~!&?or)#Gn;7aw6eP?vjI(TVXNS(jkBn3jFAl1szd9#t29|z!+-C9~U5d`;
zLRwa^c&N8lkt5UxVrY!=eNkvKS~k2V`b9Nq`;2B@o<M)>@*yWG_y^aP>(XT<Vmx=v
ziahwm_vgdW;Xq@*Tq$*k{*jF`wPmK8;(+<P#K;*R3`4m|=C9p{unLUg@7XOW=QRq+
zWdspEHZ1n{%S)B<Edh5Dv6QCpkw89=nFOO6fLD&98PB;{FQ}{sc|JW`b$pbeZ{YRN
zPx!$HJ82)csiEz7(R8>TkPafzEJGJEbK(D*&8a>)pt~65!D&=Am#s3L-(o&=hNDU{
z+Xic)?W@eL3$AVRyHa0524d;_m^cffT$LB@O2pU3cIf19Oy*?Ey-~J+738IJ3|-$a
zDRU_U!-Qhn$`+A2)bq{f^nZ!hJbSm9y!?JDFAGH^_?2>O-rPHmdDy02Dym2BvmAx6
zw|N$LAxn;%xN3n5+7WyQ{s?G?bCMZ>LK9PRU{F}^M$E4OKA1NXvBPW_^zYV}!5aku
zeFX(<yAC$QI+p<Jf{<B4R3ru%Y<xnvzH)sA$rX$@Ta<WrGGu-@f!@B4IpEZIqEH+?
zd4XbOSI$b6(^Tqj=;MhSk|tUri-<-=cH3|LRot<d1v2CF;72%(ewa#>M(iU$bIcO1
zCfv4zY8YyKrO2vjDmn;GaGdum5G&(xXncm&X}%a<akkf-zZ@SoGzp-B9A3J=^3Hxm
z=I!(ZDHS|+J;cRESW#Ym8xy;;2r_6UN<H1EJ4}3O*p%JV3v(}6zHJGxAT?JH%#tja
z$7&dYV_5pg^JuK?Ku?xCSZ412?0_m*obl5d_sn}b4%k6n;TqGT=J{-`2zi4Y6<aO;
z6KOw`ij-)eNzoiu!3Ep*1%rRA3wdxiiss{BuOQGjfQ+%a!oC;How=GWS{q!_B%Tt6
zHl69hU@>I(75;9&aEL+g(<{K?Hz%XTHj7VeD7li)br!6x#UtZrHc?}p2)0&%lY?3I
zfvFuCF%sTG=IZsrsF!J**_e9QrYd;m^(-U=6AEJro=8(6?6j&HTkxzkr!L|tB1jvv
zcxR;Q+a}1|fXp-bno9*qO10WDzi8dIfPoOp@64QElZ0o^dJOrMFuIejw^^s7B5$??
zHYC$QrKFqJ-wK2evaQ~H{pQ&gx_4|F%zKb)t(1G4SsQ@34ujV9CECM-I^k@E;`R8}
zrxC<h{{%K5PQ3xLFP85?xbJTISsZQ|$eradXRLVq;tF{NE$hvTjn*k+LowIQgHY7Z
zrC;mJ6a(X{x8W~dVt+*A>kb&5IKK^Vvx|556@OkgL5bz_n%D7Xe`~APbvU{So`ys;
zJM-iV_s`vBl`mXdW?lO_Tfv(728Ca6(u309n$2%gP9n)Xt!HQ%lpMd7pV{q>%nZm=
zX;_)?cnOIK9LG{$9g!dlz8$7@3mYylVtkHtTcG2pD|gR`q}E5smwRu@t@-vWmVJKt
z3<7!hW?O`2x4nuX7S-Nevc}kUcPfcRRibCRYKed}9Sz@3a^MTMD-p|ibW$)v7V9T_
z-(1$Vj(F4@WfwJDKJcYVu3NTFc^}EWNx|eG6aT#uQl=1%^%L6Zb99+O_Pa>2o=oO4
zO13o6c+dC&j^(n=@aN&iC(GSOg+$iiwRVchDT&#(3nv1-5n4cBq2~&uOEdZ86d0uc
z(a)FjJS#I<bA6gcMOrS3w5Hn@OFxE(5s2F~h&DZJqW@)7!l*TfvlT0yHE5u+IgZDp
zQ&r+zu>$11Z=Mgg@pAi>_T&%U7Abc-WYY*`Cj1vjQkJ*nV-XEfVpv^@hQX~rU~HJ1
zGWCHl?>p!B+LnHB!s;}--1!q@h~oF^nv8wy9@eZOGT+#-_k6iGhCS2wWn)Ij>SZcR
z`&V+)ng#{+j+e!}18}Uns#eZu>$in5N_XMad~hYvi!>Z7)_pTF-@(4F2?rsEwVtA-
z)bn0E^38!;A$E5XRIqiIu|>(gOinB%V#OieU*DS*kLB}aCeF3KR(?HQ>G%$T;*gQL
zMm6Ty=N#gQU$X)p5|jNjvpW+P0}(Yex)h(<EaAcwo#mO|U#^$$eSnQp@R}^adF^}s
z7Lq4v_}(GW*goXR_nE{3o;0`+cM@AJvyC%c)ft5^t?jw`PVn$bLerIB)(g^aeYq%&
zhy_zzTCYkv3d7jqRg%pjz-r@Mc_}*4RrTwQ-LgK4f5KXNd7WRrvs26jt9?W%#nn|H
zp01uAE!*ByqVV7uJl9gOD)v+BoG<Rv*bznnJXq(3l7cE-_D+}}p;gE2@jKbr<~%bZ
z8lbthJ^<eBeKQG-*larm_cmu7B5<i5exHcmjD$J=vs-ivB8Akp*-O+``IqK9xFgKl
zcHn?J#b0FQjZ}9{5B=;Rdwtlmsq)ybDCM}=YqCuExK)4LTgh|>6j8N)5xy7TtVO~e
zYoC2f0%wM?5Ie37+#FXJvm{8_l#r}saJbWFZ6i9qY>l#U-E2T6t+bTe4Da`<oE8BK
zRwq{Z=*_5%zUNzMs=YvXMRlOd!?x1|PWaG>#H*fL#uWWNCK8M%=;u{LE}!TB?P{ku
z;o{bXc>4{U6Lt8q1x?ufOHw9;w8%YUjgyR@(w$acW+p^K(|@(;EO9kg5Y;(cge|0>
zT@w=m5z@G)bt>0j8_=0ll2Y$h38?sF7mlb{r!%ECJ#pE^C<p*ZkoA7vf(%L)a?tRN
zE?QM^nxnofz%?u)SQRA!fTIXcP}3uhUi}t$Dz+`Cj%dpUh^3qtfnm4PX0Ld<uHP|L
z-rn-Jt$soKIU{XHE$k>(e(vP%m6o=B>X{IGHlCPHt4BREocY_5A|Q7twFiTol)n?o
zE`uZDi`{@ZKG!m-$5WrE$}EiWg>m7`{bT(usTHHhChq$2x!vHsX@{Ih5@vT=32wFI
zdTF)qoOksvoBYPcTYYJZV^@g>OxQPeS7hsX&z~%I&9w~W^*-ijh?3p5j>9;*yiBKQ
z{?s7b*>X$aE$D<*-sZkCD=uC3#SM0LjF01X#b{^uB4Rqgonjk9!Bx-~;<>!_OiGB1
zlt_n1t8uG?@k=HK$r{2SZ-R3+CO~)Z61b!Vn$+ocZDlTFaYDgR0cIKF2v9K%yHC{2
z@l8aRaxU~O_^j2)WTY!?4=Yb94e4~Zi$#jj+p;Zo%9y9|$X5F;lMjS-OW3f8za*zC
zw6yUti*rZB;5eqFia|`$9$`VH>{dh{q-r8G5|Z|oNvZq%N=C>=OK1FnSt1JzL1mZv
zqBaN28X*JlyIy?j5uqcGi3arLY;tlOeH?hVrIDOYMR{JDw%~Cz{(j)2*J+vq+Z$)w
zN>d6Sw8Mu!0-Gc9R#LCexj8GZ=r4A^b68_{dhWc^%wQKQHKeWCdG~djw3cEz-ClUM
z?GAA`vV6kOQ9kra+O|IuoBM~P^S;j4<hsoL*{UtZS<ZmNbMz|jaWp*3oHQO3*P%KL
z>zp^^j|E_pnQK|0Zx!b|_Ix;$&qG|Trm<qi(XtizTh6RnD?aIK=Z>iJgt=o>>j3E<
zm71r6fyZR5pyx>cqt$EzT_i9UwfCsK@z&dyhaYQvl!|JcR@?Y`$x21HKBNR&`3U}^
zjb9_87nT!8VQF(c7*l+KXYS~sfJOSU2+YnAV>f?tZhSHVDy{i?_&834WV{YP!8LO`
z)XchyBiivf=Ak(wRzJdE|6Ns{Y*g;-{Kukv!CDR^c|5-3&-bjn^txb}_mZVb{RiFj
zEh0o8EjB0+!NJtITW7D_a%~op4i4I$^2saR&T)9(cd@jl9paM_q6s@Tl$c=#Jt1@-
zkO#cs_-H0+^HC51Z0}c*tJ?jr?r@LA0i#EqxE0^{jSwMgyHb`KPr@46Hi)31R1r6+
zyHGDEwM-X%X`N9T@RHkYr-7cc7l_aGL09Rk2~y1=1qSWDDVwH)jK*|E2T5R#6Bz^I
zs@%=5HM*Vcp0Vx3=Dl=O0d5DBUM?bp8lEa6GURQwQw9Z&3FHgo{oQD#X>=FA%d-%$
zNjN-l#$1ASn&MEd3T7=<%CsP#^~#>~2uZwb-vc1hN@JX26+#sEu<pL&dF`y{Jw}NN
z=P0!$<z|K`yKsv66``kiGcLreFefCfis!pvW*tYJ+tG4FAiaJ_s2-i8eQO?r>GSt4
z(i5M#g~Oe7)KJcKZSKH`i;^Mi)({7L3uR6lHwDTse#Xw;GLvHly$O;rDeIH^ra2;n
z3kw2kaPn3xfEbZbVzPZW*QW-UC{7toAx8YKm=*?>v{@HUC<31x)m15BU+iU0Sp0lg
zz(;Cnna*2_hNVvi)StPUF3j)72a+zsiNqsZkwR9BD@!T^{NX9{V~UdTHt=?N%{L3c
z<c}4HMcA2IX=&0s8Q-0R4AYAJFIB6BF&TCU&C}||$#~VW^9J1G6JlH3PThBuSgjK~
zFZLdl7U$0VmfF+Y)oEeDy#0=^&|Q-dqzQwAy-A-~@*~-na%_lu$K-oLF#~b|g$VnQ
zJY4>5O8kz*VijEd{^p4&oR=ZJ{S^rTcJla-HS=KV`>vHJ`Wnayik7>=HU*cC8CKgy
zu+XcauDA)tbnb{Uq7Uj8nyg%bDcBVSs?1++BrcL0cWD*aMs6ZLqy1<RdaZ80)WQ>-
zZSMCtoE6=%eqyAqUb0YsW=LxE38R{L{>7M((2rQ*aRoGyV4QGlZMt=B<HEy6H?gbc
z(5(*xE_`zsYIUfehf_a}w^-D~D5lORQFyvpX!qKUM;XW9oE)1Af5~;;Ml|^vwl!Bh
zBlel+=IV!DD&^H>Bn(a8OUg;SU8Mn?y|dxb0p<QNIiT<M^L^us!MR-chcCW0Lu%nj
zMy$Ljt#}c{2djH`T?5{Q@pC+@nDODa%MWIY(m#plbr`mEIa4=53t8Cghk{be-xml6
zd?{8|o!%1v>U_hO?{v~=f%lDj;eMWcZ>_Z#rz|Pdze{&NIL2B+LL#c2IxtCxjHpG0
z=G3@8=kB`<W35e_j*ag;$DNf;fOA%d0(CSodGrM2Hp@uz`+!+T@cIG^3NTFeoglY7
zJbr)v-omEv>Qzz4Wt6LY5%3-uqvi`aaiZ>Z_YFp}8h1etbKL313^mDSLWpIC^d%<p
zM$w^F3>ztQ1-}@p9asaB%14UiiaIkx{Cm(Fn<(KCoz{td(3*rC%`X=2Zs-UEC~m+b
z>J4bhSt~UmlP@IMM7C_P2=bF0VWrhJY~u)$evOz6cS@=xPf|&aG(}r4;%sl6ORP~)
zqz<AXJN?1mIjTrnUlqY`D-8cqt$uVQackgCtnzLo(Za*v(`6#jcBG4TN8j0tl~?Ej
zH0lp#@>O#`3$8d18apG88eli??R^*Te}wPQHX#VKAit!Llo92_xg8YPeRGowo(FA?
zj|q0cyJ7h<3A8=`f{(`T7e09m_`IOJ{?3Q<Cv^x*g9+I~bcN1do4SHID!we-u@mOo
zUIhUegP~mh(u@Zekz7d)-{H<8Jvc-}{oQUKMlCU+NC|^#AR||d$rtMwxw?bHqClVG
z23nE!h<6QJYpabNxNlx6C5)kA`+p=>&7Jbk3b2_}Bxhrqc=vNC%6@B3taYu+_+B*F
zOzo%YT-z_hI5|Q#a$im`V!BbHNd-?<L0%Ma@!iu8-q{cBvdA6VQ%-lPrb>d6X+?`l
znZ;!DxtEG3Ar7)P?wWo+Sob<upR4WLJVUXs1g5O^S}@ec-(<2|VQq4w$pj^goU=wi
z0`A`*3K*6V8Mf_us3ni;V90B6t$KM6p28TvK+OfO+;4u=_vCpiW{5(hNUeUU>a>Qf
z%KY)l$U&BS3BlltOkXhM=VG>_1ya&uh#lDrzAuMyq^Jr@E@f3TsAN9A<AMUt_1xqE
zEIfU_2iSXpTo}Cd&ZYM-H&zUCjG=hEn|lmTC&)?~C~lIl`SOi4C=q2dZdUUwB~u0A
zF%M7M@KJ&&4Bs!XfV<e--$f?TucT8~b!BYT%D8>4&M2mo8-8S?)gddZrlq(+-f;&D
zE0((dXgP>-bdojK3&rTa!hOJBs&SW^d*PIE5J%J(bQMNO+Y0V*YG*(;6ECRxfj0^A
z9rhIjaZ%JFgWa3_Gb>GUd1|s-NpE;ZMUaRy2n_6E_Rckt9B%Ipq?IwnYQZdOR*G;9
z#?`a-Uil1x2}Y5e#TkTFgGH&_PFSO&AH{Xum2Jhf|MM?T;AbmTRnCO*@h#LP+f+t5
z`Ra>NLLh<Us`Vs1TvEMgL6B#Y+5z2A4Xy_XqT(z1{d~uYv3<p6JPHy{4+BN4C0M(v
zUrtsxx%JJJ$yp_}+SbYN^d4Vq#7<5GtPW%`I(G@hWQ>&~g~$|U5{nYDCB*DAC6wni
zXrBEG-i1&Y>vG_ae{!juk>`-<TnnkC|6JzyGmfTf3E7&)28J##rr^4bZ-Rn+H-2G7
zDrO)(K&zQ-gMipQG0-u}JCh!V=tnOOHRwYP1{%iC2M7|KRLtVnLp^qtJ?5_o1>*SD
zY}?CVKy!K!7!u8ROJD(0N9B%TNf>1+BpK+sUqP{2+-F1sBUnj{-_#%z@ZQmHQ3+e&
zjfyDSNzqnK>vmZ#4>CbVBk>F2)oSzip1WVmcE8Jb#h0?&&ZZ*>84Vt+$_LpYtpPF_
zn<6;{jv;is=<NrLmMIcktxvfgJy!@_mR5={?mtA*odlh|y|M2hItOO9@)dp(!F`V3
zbi-CMz*Es5GoIu$>W(yViR}M?(2d<f9-_Vb>&|y*jZ*bpd&)@|Ne9Q<n(6`eyau_p
zl8QnWe{HlMoH0YLlWg1(lVYQ~Ro)rJ5SRysjkY!SF$*4EHb_HZa#WZf72{DXUbfkX
z9~X4O9yBVbaigw5qlH??iDv|O&abLHybRk_-Iaf;9M=oAg5^y<#yH%eD6FX0djrVD
zxZs(GirT%_6e!*V{-XOCh6_*3-i}$K((nJt-gu$!zP|?o$Hj$yJN<nQ|JJ&9!-;8~
zBiUmC-(w~Uf%HRFqKo)E1EZ3+1PoDhsJdo3&EU9gIKl1MFJ_&-lMwxPC5AqhHZS&O
z-R6ynV#ao1PWh%$_r|{v_rv<G_04qn;+sQ&bk9*$>>k?z5pS;_uALY+i>(%pC(G!q
z#mTXP7oA!SOi&ssAl}(WBN~Ztj=CsSkOeVRg0ml^gUS`xL2Au7_llOiLiIkH3DMw&
zw?C@!dAqPw?cD;pFv3N!iVRg>um23@_?Gq>mc0)v1p2p)9csFTlncQ<kBT{4&EvM>
z`sxT5qw>4{WqWfu59drv?>Q&x6F4^SXU?=3l`663><+T48~TF%${T=gWbb~8Z9;~@
zb<2|}y4_sks4^<-H(6Nq<Epy8Dg3=l25O8xP8zT)&yDu_O{0L;`%w8}8?>Z%s8Li0
zWv>@TPG$(ltR7!|!=8Etcl6^K4PW_X&NQ35kG@@SFLRyW1K^`TW9?fy7A<TtFweCR
z=pL6nz{CFqIA*L<LrouNrPx`o=rv_Lz>=~vj8GJ>T$3?N6*4kS$x;$AX&VuUP_*UE
zy}XO?jLIQ)Gb1q7X@=Z1kh4*JbJ+9{Kf=lU)c9tmK5)`^F;hf<>;!h16gU@%(a1D2
z9zm`!QB={8j<DK}I-V-cY`wl;4&x4AeEKS8sf-*qeo%UExw1y;eQ*70ylJd)cKOiy
zPu*|L`Pw)^pDf;^t+~YU?zX1al~1tg>6&GZ`~YY7VqV$r>YeAisrMBy2wXGfu-b>R
zB4VvdX5ejfmPmXZS&%PnlxAJT@^M$6g%L38oT%&&INUxUCsromE-|d)V0X9T3Ci1~
zpzb1(PP)Er(A1fE_ISluOE9_cE7U#WC(hLSO-Tj=?Jerh)j^AOje|^MEC{%pfu(M)
zR_|yk_b4?~%Vy>4_9s>r-$XyRgs#Sp@>IB9pmyXfg@dtR{kSfl`rDF=bxH0s%rTIC
zc)or=>U?CkYdUW6P55RHu<1{ysg|PUAWsI(=aB_{-2YN5)0awH;WuvEWO#|!J*;zp
zs42d~qg8K@9}y~G3RfE@jrK4gu^-G^vl7>-e0BKpX(W8l8=&r3w_Wv>^rL{UZEsl8
z&A=erFP@d08+_T%{I(HBGbtO1FU-{t8%Rb_OLm4zRI1VK$sBsbk1ylEC<fRc^=4`o
zD&G(+e7miEy7>f?iN87@rK@%qAH>n)9;oKvB+Is@IpL;G^(j!QwqoT|4uP|nsUFB>
zysK4+GHE7SRn2IK7Dlnr#zTZeh3ONQ;K<PUYn$Q*xyq7O_tZph$N&Z>v8z+W<S)iJ
zw)8FPL$Ivjz<qC)H%41grk^man&dc*PpW&1yqg*I#dZ*nuU}DOjg~5ETvj-K-V1a#
zu}SMuiio-TUj*u+u^||fR1|D8lpYHsu%miA6$liVg5S%g@YHYu1cw-2<X)pEHE(~>
zTT(Obo-5MZKE*r~FttfCQH*ABc^&U&E)KyWV_F@yy+8!k`>A}1Rd|8Q%5r`8wpr(X
z)bbV;^$k7xgjLmd5(_Xb`*oS9ars?-@?vqEYeA}lMlL4NyucQMlbp*in;ZWaIZ3Vs
zoi1VQ#J0f?VTu(aznz$zY#CqNpYvFg%~8Qbu&4u?ML%F*m<s(WhMD|+)z=gL82N>k
z;qipbf?*(;mm=~pOGSJ7ky!2R8>Nd^6i0A0Viq^%j7;hih1l=g5U+$?&|&J)h2OpC
zD$yeCY8wbd`{+g)syV0h#WQck)HBIwSrS3G$BsqpUEfpkcu1eWAY?X+;?V+Im3ZG!
zyG59?5~Pqmmljnwgq*89yj`HDj1F!&?C`6#DE?V=di}-=kD~9u&|V^_5_Uhs7ytTN
zc;@QX=j=sY@X)26JUUm?l~URFY<*c=Fl&8(TbZrdu-JEVKYGVU=VlUh1V$T$M@R#b
z7p)#@dEE+VSQ0yIJ$y8l31c+2=ViC8jMI;94OU6K&;9q={*PP|SxIV4I4_Bmq??j8
zr{b{Xud{1FUqRC98>KfiVz=d;YI~06BFLBO3^D1bnynosW%IQr%6H2SW+_F5g4B(g
zMuFSR4+o6*#u3Aaaw=|SftM0O_s<iLM@mcRORlxz!q`5F8+iP#2i0gg<a(FX-_W|M
z823et(}+y&^Kpv5zR$Otf<y={FTve*@1B^mjh<zTj84hM%@!VZceXsn+{U~cRy1c4
zbET(5X_1I8mDh0S=o?f#p^6Y!k#^pBjU#`Lw%_w(Yd&Ka<LUdkiD_ZVYX58w?#_$U
zDY(hq4}pF)q>Wx^cJOGWXPW{_2dW}EjFq|}yaV>;ucYi>uGW|Xn2JkH%HO+LEv|XD
z^U5yi+^Bxce8sF}*VRY<s>ku`>ji<EX`!R-lg-lG;Fe^gp|1c*kui~>6ci;*#w|^H
z^tcoCoy_H90p!|eVN8(zL)1@->tMHyNo<fMpU?1fuu<R(8`f^$cN6!NI`S%P41}Y^
zx92X(MoAeCw!f5qU~;{alG#qkhM2e-JghXJSsO5jKf-Ha(S}xTE^p+?gQp+#9#+b|
z{J6TCXr(FUUj%Y>kxNgis7gKE1M7kZ$fXM=OEXh%)8x3r*YOGKiDq>Pl7vibM%86_
z7e9cm^QaO5{cx@dIR3LpV(20-it@d7%NyL?u+73q>GH3$R?sKogXLq(+=Y=zG)rUS
z(+3u>BM~K!Go)noGe{h%UofiBz3D7>)G|<g4Oq(cXU**K$*=1hEFJC9jNl1}|Adp}
zlRYxZSPpoZmKa^&kwX7nL~ccI7#nb%VLvge`?YrCD^jqlYr0Ean^j(RkF(<J&n1q4
z(iFdZP9L7fd$oKr=hLfHx7FdaAnsCRtJUhL_LMo#DT@;4DECPJ^9c5sVA46(B@PgF
zWSP5nhw-Ov70lw=keRhOZJ*6MQsM)6u5!|kJbGJdusd12`hAle?L7-R?_b~F(lf0_
z*%aC*xE*bG4A}WBk-tAIHVcOd?Q-gM*pu<JuDdF`K@OSQVeyuxEp6rU#HX1^u4FL9
zI&V`5DT=j$qcMX6=c(+we*YTy0U5O=YzGC1nfvY0YAIvO)EE=%39fxZ_5;%?`n;lH
z044E*8nIG6UYzb#!lnh54>J?$Eb}HM7frv+L~+vO&*x*w^$$2Rr%Nn)eO2n?oD6su
zlj80V)DOLL-wbcUmQe)0NQOe3Dl2pY9`uE29m%X<4d3upc9WO<;>J<4jkcmGvF;+I
z5)O&+3!B|``_O6%^BMDFvrsDiI98@<yw%>j`SCW}#R~Dd2}O(+V#C?WU9*lr6GLWT
zPk?$yd*UbM4U=aU5%VXHH4HM}2(1sOeO>M6FYs;N4S|}0?HmT!^a+f11v+*J#dcv|
zxL@-+YJ3s1vy33d!V$2oje+C##6$Y9dmMSM6!4zQxXS+L3YTgxXznAN)*1mjDoz#F
zwVkNptmQAd^O^ek10Qex5j1kspcUNReyp>eJM0Xum5_1#?C5?1Gj1Y6U}7$%;~7O9
z0uvh2uYk~g#e|Pd$cO1kIK$Uf^gl}AK9IaTzN+QeW@^OHg~5%Y?qgl5V5LDf8n1t<
zmljp)aR&2i;1Z{Onts!NZjT6*Nj?6wAPuWzC~z!B(UbZ4)jaCw`%!)~u!bx5bl^m|
z_*-z75da03zEfL6NlG%SEdi~sxHxq6*hUMR6jw+XFN>l}->Yst>AfxwA$0``20DjJ
zhR%SYfn$I=q58A5G`hCc+538iV%Tl7rr|-ZiSRxwxj<TC-1QV^Gox@$m-g4K{*z&9
zdW3;sUba}9?>XPamp?4y1sHq<-C^k$BxuAk{%R-Py>c~M?Tge$0OC@q3D~Br%Jqh-
zINMzoww!BK9*&t}Vo;4a9^|>?p)pNTij`}HD(cGD{ah)9trsxzt|de;tp8#boJ3fJ
zxbsHj*URzI$8uNNjg$Ll09aZyZHY{HTH|45eMf{`M*o7tR&o*3G%ptG^x75B`sDdS
zZ586oFcG5r>zU#x`K?qjrnPwR`Vxf>(e<N=7%XdxHx{ff<Qqa4y^h$-ARS=Oy?kS$
z`#6h-IX;C*aMpKz+PW$0bu~Y8-wDXFY!deq)dD6;7pLrN&B||xgePHg!msHpL-oI-
zG~OL;zI*<l|Kva31Q+k8+LGSgF@!Z9RdIaaFCvms8HawCK3u^`;*7ENTG5EBn)(Lg
zO<(YedRKIW5ALJY6NNa52<r=FFJN5G^6?eC@<uHY`5WokhrOXO(hH$av=KL4F*73k
zg{U=K4nM4e>N8c+?NWS_R~`3Tc&%r+ZIE3N^~37dRwI^cxopY#5b|DIC~m7u77>rI
zX!KHPR_!5cyWG{0jkCJ!#BDgtr%u2}PU`H9={n*16_vaUdF_ko9n)49+x<Dm^bmn6
z0z&-==PKb)>7<&@N(^F3@3IBQm&;;z5vDNI?GV+w@3S4U-G4asmiP3S&p(yJG~nc#
zkrL9BD2|R1@DGre_Ohht)spGH{c+Ib5c&L5)eF6+!>ui*w7!+JFS8UqimQCE>|+t8
z-~6@}u}2Hu?Y?{X!|B~aESjitGq#Z!hHna4vkuX&C@GdtEuE*%sH)2?M&)UmveoER
zj*(ty?FYJWBLbsGH|rbPeLq+%oOSHTYz1Cm-a)mCrra`K)iS0_HVWZelpr2fw1>-C
zA0R>!%4ZFyYE}sXK@+lE|F*%+snNoZ4Vfek%XT;WA*~WKQ%S9*@WwZ#`*^wOE5b^t
zH65$Ix&RYR;nUgOyCAQskY0Dwl5O;ER%Xd%9*_LD_#WCvb!I<qEM&M!S9OVX-}S69
zwm4s7)JBN&my<+4;54@Wyj83d0MTBJdmw|=`-Llp<c5OHaKA&y26tJJnUp%OVgn#>
zB6as7mMkD9&w`McmA0+|BjslP3FRg>4xOm!JQ|IrFNK)p=18tS-YCi<Jr0f1_?JC$
zMHhtOsC66N>m$LsN6K>4X{thL4Cgdh(jw!G7}tI*@=b?`g%2CG-dv7oYSaU%Ql8<g
z5eqzTH6e2hy}vBP1j7_`n5P*{TJ?k9jtaqV^i9*u7lhx~X}4FDZydo_Wqi~QxJ1-K
zElKzFw6@JoU#b9kTzqj1e@|nykvj1zUe^b!%>*WuZlqX82P~-EUurHiAf7Ae-o`OT
z_%pxRy2DX*rP92*G5N`q{e0Z<CB!er%wYLk-8{QXZlokvoK4c$No#B1;1RaWi-4%j
zdnfEOXtWl|55@C1yKm-(mT4wh>rs)IdhPQgY_gar#>knq6(+lGFP4V;LjnCxM#Yha
ziVEnHJxVV>P5T`}GI}FDEq9RI2kS$?J~;mCqMDx;R+!ZDQqBg}=TQJsQHa}XG7_PV
z%V_#{KACg8QwUru?~3E-p5SXiYn)?>B&*yrbroIKg_qK?f@l?!J)I>0*Q;6`h@+VV
z(`f#Yvhq<{H1g1>TQ+ar2SG|t)*zRSS)Xc-)~mJerv*7nxb<`$>v7=mF*7S)OdoLy
zJx-}#23m{G-AuE@5(o%O+1x&8`jugcraE)BpQA(&8En!{R_c}0l|HPS1PNu@h7l!q
zDt-_TP!8yG4YeI$2?cXLjX(e$m_)U}CGYqX<9=!^@fsH+ptPuvH83CHC+=5_FD}bH
z^cR?q1g0cywF|H8v60A3DR)`KYLwscoIZqpEsZN77|2~;eqD$w;<=xzJDr?UXh!os
zUsQc8?Uj>m$$IPfn*<V3aTnAU9iItU%rk6R&<|=(wz~h1jdNBIMNyF8*tTukwr$(C
zZQEyT+qP}nwr5|m+5LwKI;bvO6e?6l@outQDqe5x{*CIBZE%0r6&u~7dTtUyn86u8
zocDl_B+7E{q!Gm+D`o%QZ2d^@RG%&Ks^S287zLmmcC<E>30e4Lw{wphXTF3xzEdJ{
z5>tiyQB&~q>~z$)8n@0B`rRHw%61%6A<Q~mXWRwY7#pUt5qtEm$ya?{`nB_=I9|s{
z8r{kiM|`>0zK!wMX*w0<RBV2qk$a=HWLUX@oi9q8O-zgCn%IhWreVQY;==((k5Brq
z%Y+x}CRK69zjmIsYrR)Tsq5k|#FF59O@W&YZCzMuzP6xi98LysJ!S<bFZLph1`GZU
zCTD3APTj&c&arf$?8+m<@Y>*uU{x=@CtMO#Ltffvb~yPn-f+7gMuqF^95o9-a01J-
zd-$Q!r!x@;U=uW${hyX<{!dSTXB?(5I}-DOb62*i1<DpG)>~$EGZJ2B>`+M*R0cZJ
zlO&ta%#04qg_1lj0v3)+xrbS{*(RY2LZ&)yyum6}&%fwdT^oszcZ=aE>y*edms;8R
z=I=??Ts=7%O`D(6=xb!i;yOlZ1{Dt+&@$X%uOyT^rD*ygsScDu3yG_JXf)Y#;bQ-H
zU(&Z{Kr4gqWh|&LPcs86k_vZkacFDt`jqcX6wKZ`mp7w7-e@!)v95maWHN_(vFF6r
zRK4Bk8WjU?zdtcBV{ez*QQnASghAg~E8%=)f=l5?`>&YBHr;tarD=!Dga&a`XOD#O
zU3wqQ5?ePFDe<r@lT$veDm;jT5gzdD=*y!04{!*pLhc#+nhoh5X74s}A?fot^WS1I
z1jT|^MNNx;tiekk?`IlHL)|_-T?D`zcWe-O1XsSsYQ(mhO?(B1y4*Fb4Q5dJ;_Tpz
zt*(se%0j7v^+ru@NTY)uZ)~j67Og832U;%I@NUwpjoJ)S_H|WEdmwK8gCiQb)!wcR
zj5SOmsaXRpCzF|&94K0q5*{OQ?qKKluOl3rMPPoGU`#^pad7-iHw!Tiy}0)hK6*)H
zoG0Ku$hq9Tau0)&b$w-1H0IEbJ;~I{%$QE=7`3(JPxpJQYp}RN-cZsx3EQYZn&(n|
z)^)k(U=eA(QLm_(3HV`VBN~|4sz=M9D_+f>gK+UEsTBE|4F;47NirSX-=d@cvd-V9
zgz3n)I_ys<O~5v5&owTw-!0Y#04HuFNJFbO2mLTsN;JuA$Wl?vX;G&NJiqA<V+;Kq
z<U0Iv%CFv|`1FJJM0xB>^}rWCojlUmwEBcg-Uy802F#5tG~&(4f*bMbf6Fi|-ADPN
z=nc8r7u(lj8ZAEO`7^z5&5U4(hQae7|5$1^VLcv!$d55r3at2Obsze2pK(W=s&Yd8
zYAPkvrSf=O^O4p)8(4+vFU)#nvYM0*PUUk44vLb~xC!OJTo%)}XxZ{Tnxoa)W%EF<
zFD>IOjYbq;lw?KVLKBJ>v^*j2k<RVX&3(;UgU56Lh}&>Q?G-pZV)h<q6f_?}<!iDy
zJmy{im?j9dx&XE!)elojbr<v$>kdg-vNw`%%TC4?F)_u#9VqPdMtzwRnH=+K=oin5
zK%tZpk&<6pfU?6$@e`JRh=CYJ5kV-nLgU+^nhM7@fquQYbGUYI>-3&z#2q{2!<pB&
z&Bzl`nal(p3B1rgy1!0cbGb#4dmwX`G9R2YS;_iw$zf?vZG%g0x@mmn*<AQHN&WSK
zg$LX=2<x!`gb9#{O4L{Ll95C%=pR_rob|vdwSQYdoHB-Rkf7`iD-f7vAXkm+tGflG
zAMJ){VaqbhWqesK&=2ffjCJ-3kAz4B+tKUj!Amn0U_)_w+8qJOBaP>4c}yW7qm)^t
z4i9}Po;bO~2%_~bm!rlr90gKq4ER2xBMy!R>WHf^>k%L}8a^gL-+z?jf{6j+ITu`2
zYX?D<N#yRRTY9%HQ_f9H95Y#(S!lv;yemtsMZIMhe=S0uJ4HdYyk_cjFtul351#JY
zX)n%&l+b<>s_~B^*OnEyA&v|^w)fV~fDs+-F7tCvhIxVSNMF@hC4U0j;T`;qN+dg2
ztsXu@Yca(?10{<`vq)T_8TXBkm^YOSU59-6kS7=9RpJS|2hZDP*J;fYjyJ07!+|gB
zl|=Ng1)FAuk*yeDcjQIe)#-BXw2YZ1{#F~>v2#_qrTlmlK4QO3=_}h$n9c-!0DS!O
zBG1c@EOsftBFe+iV57e5%h&5@Vphnh>U2aaNHDWOeQVv|sH6@qv>+L9M09wA;Ar-N
zgr&Ng;H^s8JFmsm0^d(E-S<~1W+Cn=ZCUVS11b@*d;*(k{AU|x5=+`0TG|41w`yxl
zfbe1*V7FjcFCGJyDH8W%_RZ?l0JhodtbVS#{n<9G0Ixtt)|p+x(X~_=b$%<Y)k4@W
zXjWxADdZ90pX=?SvPWe{8+!)1n1H<N+pSvra;LfV<d}g-tug`;!<6g(lrZ4lG7(L;
zC+m4P`!4;AOoZcqRSr?K-`SYTM=}G=kVwTs<*XU&_FJ+NiwF#g@$M?#=W$b1#fyNU
z!7`*S(muGKnrr9IqhVX|iVyRW6wLr_mIar<|MHuBImRYr8eKj#E+jz!aBUzX4N<4#
z%U*krn8n%`!cVKJkr)ogzOAOeOVLkij^^74#}qC91>YIHe_42K7qt;9r)8XsCbCCT
zq-J+eGO!`KB%&CuL3WSn9v^XZxBZ|;^+4yl7&^I(4DVY61!BpZw}LbTVyMY~d6VmI
z3(C`Yij_mk*wMg=LuV&#(O79KJA%a>B~-CCs0U8#*-i%;d)iuuSaX!|ajt2eInlju
zsw>~TCSjRcm{%IiC)E%Wa`US5a#z~${dQJA2-C=$;A)eG0|DlpROy;;r?E?*$(BNg
zQ&6oe0sytjOIkd*-Vo}1leoe+sp|c)Xud=-u{aX@P!2(X6jq~7Qo<-BxD;$x>cKBa
z`+i9sjXNRkOM4+=J|_DmVN8!BTlg{}lUTHs`6AXsQ3)q{q5WtwGIR5sNk4Iq;6}$6
z`eg8@=+Ur~|BIhUFxKC67F^?YcIAt7Ye7~eOkfC0aWXje<&@VLccbniHqUV`%PF3y
zkVQ<}q8_3ZwTgYzsKVyf-yQ0D3DNbzh5Tj+ZEg~awx6Z@Dj0p~zbOyQ23!KPX+vl^
zY8?nQ2_)c*Gd~KBZBZrmvo7#e)FzX3lz=&I>>ZprdPzKEP7hodR6%e?V?y5#@8+J|
zKC38!e%ed4fcz}G9Or@6(hUquYL89SSgzyzND{}gu?l8|0yjm#D`F2?pfMs3t57k;
zNdmuXqVB%r7WyRdkPV?!Pmec5yS9=VKhd|rep^Rfm3`vTpBAbk&fM`}<D~y1bGhA7
z`uncFw%O*hIJifv+;)}~2QG2pNSV#f6TbbypZ>tZ#W1d}@NRH`EN}4fzJbjnAkyI>
zka9E^Sz7p~I=gX&m_5kT%rg(GfKG_{uglJl^FlV{#>=hx2a1kdXlrF!@s>=u>kJJT
zLEZ9<LU50WbpT+x-GG!?+yusf9G6pMWu+j2+duMwRP?9hP{!gySaM0DVYO`)<Eq)Q
zP8q=2Ug)lOHVq#%7RVQzPD??!Q<MY(3i00j7f8B8uF_&s;;wihvQ8Kd_@$g>WF1Rp
z6NmC<{|Z#B>`hwYWL>sQk|*iUkWEj%v?&ws3=-ALiQK&W%2DmS3Hz$z1?96^W5<kp
z8#Vp-)YqU|5fy{l<n{M9Me+59Fyulj($ms2Obm4XQySLr^Pp{+xh2?QNlr&lHI5!u
zLMR*zc(Eo8iA(#3AG=#>GUAsTfPti7ezQbzrN$S#a%4uhgh9Xus-n8#Jvk!Uf}4Cy
z`p99s+QykM-7msO1bq7m2TNCG)L9{WC!WhuLyN=^_5H~(Oi(#C-d<_PfaBJmSk^0J
z*WV7?`d$pLJTzJ^6}VL>+hL;U%+$~So)1{j%I=bA@iM7sCp#32xilefod5uRyW?+%
z54i6jcb(OV|I?61jV3%Txa=F{nck#?X`in#O&UqB!iE+qDKH3ht_YE>8y9f?%|XRJ
za*fExElS<i6=y2p944GT4%Qz1Jc<^IDLZ>|YQedoa0_%B<5xfdcb2G)C=E1`UW*77
z;k=znPv=}|p$Y;%jz2ww8=c;PmLG1Tv?#hMC!dNH<hSGc*~8~)dSn4Ylw#;ofOXXg
zw%TwVIn{>Cl>zYUU@hxAQdH-!=LA!9&`p0EmdBRMeT)|FErGDZ9J0d?jcVc%@Q*54
zU^qBz>+Q3f8fL9enw3(Gv$)U2eY<V@_M0eRrgb^FQ>@lun=w+P(18hRIrtjy;x*pC
zd;eg~5PmK(hkpEESI{era^3Xpg-J+*Dnj>25!;RV8C$?z67yGHhrs-pz&=)<>$!1k
zL(h1Vhf+T7SOqv`0c$Y$kZjFtTBaN^Tr-FMUF6$xMZa;C72}AXIDruk%czPpQg9^b
ztToyo{|nyMIN^H$U_hV0K*T#T{_Qn@@Ac=I2|;@13>->X6oE=#_v;K<KDeAmSiDbA
zv6sz+`V6>gbpN>N5J;NwU1x6lQbi1G;ti^pIl(E)0lz`o8XcgPsZ}F6$kbq*6WuP)
zn`_!cdyxFgdSHhWm5pvJNS6|f6E7<p!*|=!-~JexBAvXGGjQ3rdaFLC@1I^(VBhx%
zFAbgP#&l$rvFa><kJI6O-_tCQkjH9ACZNR0JmXqO0c)0GHiOTtBI#IluWU(?jY^u1
zX-$oEksu6<5D~YW2@wmIi$xclzrQJ|Kt`&GRWba_5?_;>pW;{RY}wy4#<T3UHMPXA
zR_Kps^4)7fV6K0Svz(uIf{))=B8?|xckV=b3{Ob<T3P^aSkKj98HM%@BHDUrd^uN5
zpiEnqRs3{AN%6o6?q&%R#>ASbDhVrOT|H9I7=7&BqIL|yq+mWdZ_2ENsRt-_JXP*u
z<LkH<;3X?mPShWnk*qD@UXJ{W#I0P*IqGP6I=DX}W|iy?{qN?qoG*RLS|)&sWQSp<
z_BmA;bb0XKs~_J><9)=%u;YzR&(qf-!M`w~OH#eIS<3*880U(}1Vd$d@h%Kw>`bc1
z0%%+t(WX;%(_|M5!r%$Yhk0H?MAs_hYkYl~o(LACqmnXh8-t-V`9x;Ebv5!8p)?~a
zrhB_MadH!o%sWNB`cN-gszHu-*yDj$2+EH!HzL&X0%Xa#5x~fRBSADwj`a|{KHXq`
z-Ffzxw4X=Em%XvhKv&M;#yCCibzrpEgp_F0+N8R`38t>z<R`L9#yOsr`7)kqYr)x|
zv_F`nNl&SFGv&qU7^%XwbKG&-VFpD}Pw-T5blC(b&Iq-MGwSz46kcJ%Qu+1(#7d;$
zY#dyf-7|>N(!h;werW9j`7U|rZ_ynV9!-<J)I(7BMokNnNd3EmY$lgj>#)j?VAm0^
ze%RrPO0k_yycV4m%GWg^^f~B9H4;3ZVc&GB^m8IF=rtwlsaB$YC(u|-g?@>jELN5*
zk`K%n2jvC`er-=@@D3e+p+&yDj@po^ZdbgYJ77@MA+7H#V=iQu1XO5s_38V|@RAUh
zKghBkpqoX(Qri!9=6fl8v?0;UT94Gzy|qYsmHwLU1W~{VMq{aUDw&2NFArfz_}&~U
zzZkN`o^5;MzvGKkahVtq-y$$XQ}dUX#Gqd<H&7|fPcdSsjh-i?MYiuQ>;&Q>5Rkm<
zRG#FTCFopL{!3F_2klbq6BgSoG0wagd9=npf(oXUlnR%ky}xktN~nBB+27Wkku8Ud
zmoxY&jWk2;I&|Tb_O|<2n;sVkh;{EZ)2~ZrGP=O3@15F4^)amN>bjflb;%k*3&zxD
z9EhHR4_gZTWOJJ%xATBZ8^5AMo(q4TO>29;HB2^Ip_3v}fZrn;p?)CicA97g=#T4l
zHgB}e&=S5x<?}!nH9NzjJftp$0^rWxj#VFRhM!lpyAdheOvJjkwJPkS8u##?lDrcn
zw8?%xb6#KKMEbU=n3D17S@qFQRYKROR)yNR5$fvXaCw9!jokf^n%=v`XLxRwG@<C}
zs6vUl4$j{EM5E=56+vhum3sllA!0yYt}Z7aAF&-Pv>^;~i|%~UGK_;V9~OZC=EdB+
zlQ1gjF+sS@XJpTSsy_PQz9)%RdZLc0?CYLFsPkce8fi)R2r3cBGWZ?6@>h+Di=RPo
zwK2x&Y{)T-BJp*-_@?wgTd$32r1vYnk6X!gLK0=T4Fwa%0>mtWoATo*zWQ2(E|rFI
zy)2~&45LR}Xall4TDn<E24VYyv+7bJ`Qr_g3*T{I7c1h}UUcBHra9W6hDB2JXrR;F
z2;GNUP=$$M-TfY=Ct}~TM8~O~|I*kk7@3u)@7%ME018072~2#t>4j+8)PRMhaJFAc
z3`6qn72?;i@Wwars+CigH*d23;kc!<eub5To&22#0_{2kT<P{|Ry`+fXEf2x*LwgN
zp^B2eD56#M*qX3TqWq#QH-|5UmeaJgbCD#i-yr4BE1;72Htr1jX)VlTQeo9w(_S{$
zrAi`>z~I*p<0r0|Sy=0C_aN#G{4j4N19%eUP*7+i>kFZnDH>x89!nPFz9ueLpw<W%
zm8QMeGJR=C^QBLjgCp*B5ok0`r~@y%fzf}JJor6mgA4z{unXqA2>Ng$t!n{8wbTuM
zk;%<zBX!Cp-ko;yfUx?9r@4G4ESQi?r-2%sGxd&3-1F)G8b6)x(5dN~!>XF;v>}>3
zild2FRmTx6Ht<gB*Pvp{zzmc-Y0DDxgp2LM#mlIlT0Ch=Kt7eNb>W%$%SE+snIs0<
z{w<o$Tdd$!#glQtFsv6@M(pWL2|tK*0`t4C0~;l?5a#T^Kaq%CH@v<1<KRHaSOE0K
zlw?hzh8Yaz`Yf<Nkr{l@vu#qky+$}5JT?jcZONL-;E)h0!w=G?ZRJxP)$hTeAoC6U
zg{4r&zn9cqNP!s(JVJSpyY+hhsJv-ew%ss%e<Bb+w%YlS`qn$i#X-EUgs`C9mDTXU
z_u(a}H4Op~@eJ^@d<Kn+Be!f}(gc}5-&M8-7QA}}#F;c&a%KC|7#N-FQ&JRSY<io0
z#3XKz4e?zkZ<~N|5Ix05hwuDG0Mhx`-nfbXGYFZKL_`VV8<dNNmw$a5R}>~|-p+V2
zu1onWz>Sl+hfn5;W3J(j_Bxq>cEgTaIKz;LVS^GAer~gB>l2)*FPv+fdn?)}BDGwN
z_NLIp6{>=y$q_<R4-e(7^rf*A{c#LO#S7^G+~b5bR$&Jh3=loV47O`&{j`NrW?y7B
zUNMprYO!(6ix|&+U`qE3K(@R`y=Rovh$BIAqt0Zp)X=ivv0r~y(d$;#L}DGWk|~C1
zQ7!JoqVvBPZ9P_%DhSJ<7vB^Ir`Ga$(qO0!H>MmyDiS6*JNu-ye(}puxSyPV8O79z
z`!4!DzK(u7ndJRz95EH+VTidMF+E46*T4KzqA+JNK3mB6$ty*9w!g8y^DBRtfl`O8
zj``;6%z_bZjwEg7S(ZDN&;oWgn0*2GHD4fEI%z^FW`Kd*LPi$CRA^3&<bf7tHMXK~
z2yAH&!yEL$yUwBQPI=k~a<{BPnIiG~C<_9N!Wzh*6J8()-MT0Y{-T1{+$Oo&1o<b!
z;<pRE!v7#{;fwMHmzB&R(rYd!J$uW3SIi?Sjg$tWIC~XA-7i~1Q<bSgmh;pbP6p1S
z2bLsQ0d{|f8e#ioc*^%V(L`(#i->sj7Z|L@SYu<~9vkP)1}=PvJG9sT7@=us4t=;d
z8~%XpFC?<{U$v!V473_b5NZGws;+5iFtVii1HUPM#2#1Wps3g_i8jrCl`+~^>ysF7
zYPVHNgRS7XEGfM#(v_OUoA=kaMMmqvShr?o0`8((Fu*P2d#JktR{+#VkE$UJP*MJn
zX}#-AES>Ebc61DpV%r)|5I&2)4x-%AUAdL=P2W6YZ>l3priKx|B321D&=7y*6-XAr
zf98RlnAzV8!+$)-p}3NAAHJ*(>J8ktIU2;5Dd|F*g4bLz(H7=Bv{<ADgGH?>Nmkqm
zBNof}K?18xH}26DmpBYx>5**n_bha0^p~tC23Fj_<-PFk#yeOiGx`=J-A|E~$PnC$
zi7Kfj6>)Vw-o`+|{&8sgLrH+S{rE^Uh6g<nSz`-vN-`r^VAST^p|xMx>$@T0Ht$92
zhYP9j%fhvri-s<Z#+XCN4OGscOW9G{4DsJiPcdurN0$A=Nach5n#>5jV{@H)5!Y=v
z<9>G6>5^YPn~3pq*23wRu1MuFRW+x++(Psu8?ie|mS@hjt+jc6rOo+SoglB5Zkd_D
z+JBU*;@&iTZ<F<&LD1VC)3hXjw6gXP0YR&&$AMoS?bemVWun6tSOjhy3U}WunkrZ4
zd&j@%i)q(8?Ofia?@-*Xu=U0lMu%3&&`koZv?hUdCLbRLw?_MtryJcF8bvoemALNH
z^evZVpgK*ins~!YPk!EhuG`yDUX)v=x6rZE{Az?buNi+!-FlJzKf2yNM~WAsswXY}
zntcT3><dj72}z+{XEu+$Iv?L`1Ecglkoi@B)M`b`H>}eT6dOT}GHr$nqP`(3=P0#c
z98_lA!7hTGM96LBNx0EyJ7fC9bp|dxTl!YxAS`i`My1r$GSipk{nMj%>t-TInm*yW
zRv3Sw4L%7DBe_TUc|#YKQ+8;Y#8PAeY@>kQVs)u`p0*S{`Dr`^B2D*dsCH<Oy$epI
zO2`qlE5m0}Q*E4AyeZ5X_;F@kYHXFsAVovhBLzcF4;xmD^>|y3>nQrI@w{kyxRbX0
z<On4`l#q|70v~Bxw;y+$F%FOtpSxam(!{J6z)RDsGGA@>x6f@c7@NQZU|K&Pxk02*
zQlx;Myng+`*K;eT?f=GI6r>zm*U?yCOe&N#D&)uF+?E7<jLPxr#=s6B0q`yAh21YU
z*S%-VHJf%ir{;Tc@0tt$*gI%WCzLBNl$+v^DtF(Xj@I>WeM>(au3ptmaS~Wu-;s(3
ztSmAFEe%!k6S`8Ri&U&zcf`&KY(UyZXa&kTLNVE1&I^v0&d3G9;cb&TT4L6Ka<3Ln
zdH|8*g2Wo9&^wS$phE3moOqT@q1zf)H$!>y%7UClMAiwCzkns^E&mK*^Y`Atzjd{*
z|7_;wa1V23*(;J?ZhkB27h(Ezb3>se*Uej9_3{9X{%M|X+$&z<v$BK`jBte^pg7@v
zoVsJ2Wz}1CAn8#Va$3rJDYA8w&eNP)H7#T^JkI~4X2&8|+#>~BIiBo#?A^Q?(;rug
zSq8y)BbL5#C{K+&@F2=$c)5%1RJO(iu5ArsnFn_?9b^=rsmA8-75o?KoBOpGSp$Ks
zS8q30OK8d-A2;{~xy4g{8zHSMzR(h&Gv=e~YqodHIAcLJ`Qfw({Lcd%kp0~x5};+z
zXg~#@;5lV2?k;z<h7S_WaDH$}NG@k33f(HLBWWO2d`m_432$psmQ}7+D#)mYuFh{j
zQ|A@7Dx|C7`s@)3+Vfq>#=7sZVasFC>e1#vb+c6S4{D1qYf*MXI{sHKdv|oxG5y=?
z;dWy$@FC`X5`9_`p!c3ldt_f063JQrADADXV?{)3Vgqr?yh$t}n18(PdxPP*bVEDY
zGR~ZKhe^QU-m1>5m`PB0J=J_#0#)(@cpftiZ{U(QfMtRcv7umtQykB3;Z@jhk0>Pj
zax1zM_GIP?UlhXhIq%76-vWjcm1=?Z)+1#1SSy9~2KNAxF?#g|$x12y5IWB5^x;u0
zDlMy0d*C^N>RmQAvsN!RAWWiNXpB&QfdfgS(T5EHFH{c&MF#U`qo&K}2kw}6R232D
z?oWqFM^SEPq{45H{kkQ&T{SnHf@i*X65R5nN)S92t*}5W+;|mLBQFWGrd>)A1H<D<
zfel$*4M-oM_j~$SoVDHQeUHXf$f6Yk|L$$>otc~*J}7c)8IYsZ-7~B&_RD<Fh?BUf
zl#Lzy7XK1Ue1XS$m1vC4S$Yw<h3?Ttd+y(z-^ZQUjDf7@@;js9pcGDiN1n&oC8US;
z``P`dsA_=yzO11IYSUW>NWaVCm{+c}n?>GT*taKPTo1sq=kGp)e|cvFL<|Bl!C`xd
zwmBt3-ZTmfk;q|={8D{xOkDElng+_G|5ZoAa%IMI(eI1UTm5|MNmI4M!vM}zZtjH=
zi@^gjl}y^OhVNs##px4XO2LG!V0XE{5VN(W(8rHu1^LosD?>%$5|RIXO)YY14@dB_
zHNs^FPH=vIGTIlE{d?dY&+EQ*@V|0ETuX|Aym7?B;H#F|-D1U$W5GKvA$44&`1#Af
z4%I8yo|tIV)^vmC7+xXJ=dQfvEzw;)zj?br1-_2m-~|Pathk`4RF?=M0S@7?*PRR<
zfrk0$Ve{OBb=;wgh_a0?;VL_8;}hUMPEM!rAcgY&&c9vXS)A3E{anFli~cLnt&hAa
zQPfS!hv4c^zZN(nGkcTNWAllaQla=?ekg>9%iy0vl_Lu;cO3%MiJ(DPvXQ;cT@9D~
zH>Qm9Gzaps)0<<7M(t=<y$qJ+((5zi(fJvdMsuB|<knP{)x&o+AThM_-t4k75G>eE
z0Q-$JMwh=ZzF&)84a6Ntzj`ojJiw}#!*!upl4z7-GVI5U?&wy3qwhK3*B%%9%Rj1n
z@dqcfi}lkhy)t|!h*<niXQ3r}$vEE0fM>J88md>n#A|A4?DH`YOj)P0Y_)xfo-+oV
zWW=snaBic3q9W0aXdwF(YI`T(w|_ud^y|fy+d4a>%9c_F;S9VZk^$;2;NN89O2kJW
zt^RFx6V2!FR#oC=jz4-yr0zU^B{1{2-ejbE;hNLcoUsBzHHyu%JLx}VSyu(thQ#er
zpNWp7b0MQ#z(+UR!b;9Ft4p<DP!*;jIINh3z^Vk>if+FqkCZ_l4R3juaGXrVSm9ZM
z6YxKYMPQ`0KDl_TfW2qdSdST&(={fcDuoomHb@Dza(&&Zm(cvq!MJQU6N7q^0t{O$
zgyX;ar>$Ep+0-#K4~eOs{g=H>U?Kd(u)2hh$VBNIR)PHJ-1OBn84yb~1|gs+<>X^m
zqa~hZ4MoA-gFigaEhl7-{Ga3F^GD|hvBLs}ns0=I%&d`bQSdHl2KZtdrsJ}SQjXyW
zOB#Ukplc3{oKu_#cACxKAp7W=zId58EVRJ;!!7fLxT{}OWg%;(zT*@k5hz!vnF<(M
zy_~jneWuYOI1gtcez2Zw^v!EayZiK7k-ZrfL6EFySdQ}Gz!Azg+8s^icIV0kJh@e4
zaUmu+;3GVLE@#TzZ<kU9)wn&R7p3kKTJ3p|<b+0GNPb<Sn{I7EzNWb2mAA$ONpq<i
zfQqwy*g08_Ge8-ZNy8C%l8H|QC8>~F{ZHSSXnKfeo6N0)*}h9xgc=O5I(D5s0AHXq
z_qTidOcWfIi_g)I3~q}bTUsb?X;hk(2(P3HW<67ASS5=;ur9s{=5FQEQInJzv#k^`
z{Q;P~w}j1LKAOlBM~R*A@l(8}>&9-soRk2cn7_aC>~65wgtOMPsv`zrtYsFWX+B@Q
zXMu1N>>+KVMAi_)D|}ZXkO*vebZULdP4*07*N)B=|MA|!*}@(GsWTCI{WHBz?uW!q
zSBYFP(pdcIJ*2HER(dB$ztLT<hyAi45ay95hjgeq$sQ<&BjC`L4nBU%YN!1o5v#jC
zYgmHN)4UFe7q$a@gcZy3&sg=YrYzMi&;D0Zu^`Z{)wrAD6=oGRYupu9J&@H3ZVLZS
zkGMx&<gl~q#Dgl60D(4!wzy;EiQstEZ!;*PUHRSf()3^x<q%C<%&6nQZoJy0CBar$
z>DZL*_1sf7Ti$eIf+ca|hUJ$fp*+{^BpgArz8>_<OP&EwHA)5&2Aa_)@-LirH*sSV
zQx2g;1s$T=(IN)y{kpfMNuz1!JS7d5%hET9miWzH&ZL%GU}SxXK}!riEM{HDK}FoW
z6%~cLp)L*CRQArlTSA<JSlXSAXBTwgJx5#8TeRsiOFTPKNzav!hZ$PpRkSU$f?C5_
zHXg6*0m_e!>+hFZR&Ie^#q1NvsnwZ>gw8oTB8cWqF4>>H|IBvj`{z~wr`&Vjv+Y!I
z9=R4sY)%vZWanq5fH=I<Pdd0J{KPwS#kLT9B6IRuMnt=zzD4O8Pt_{Zn|KaeDTsbH
zKXcgAYz+po7iG6Efsc3xLkdiI&N)3Q%wj}}mI~6-amv)dYK@XA++s6QdJ>hr23gVJ
zGezizu_{tUvCpt3&wDSt?R*XR$id4;91@*m{^v$sjy}HV__ql;G7+wH=|)XcX6;=<
zNfQv`iAk7-u35{TsX)y@ijrGz$cech7++A$sQshmwaaWMc43(>#yfCVkR~P5P>;a_
zL@Ukkg0{j!QV9L*O)EYYNm#v6s?kb(cO!QdTm9%3=>e+XubVIdKrknMiuT5P&y~M$
z8MD&Dh!TD<bpdF1z>cIf88@=mbk`fEd2^-~fA~GA@II;NSYI!DYpCTCuGxv+=HF|Q
zHuKRWF`eEhkB^UjVgA*$U$~YDT1w?#=TEBmUXyrv+X=ysUhiG-YFhs%dAlWuxEIk#
zW<d(-7yb6Q%==bvk}Pcb`X!Ot9E=Zr8fGUDWQe=(5GnIQg9-<BQT0yO4syFj;ltO7
z1(X1?n*)}Bn(YN9!ZSi8z!EqV%xpTCa=50-(V2M3u^;>b(8;#oO{kPl-!IL`P5zl=
zN7YiL7`s*)dB)i>i{W>uaK@ix2!cPDr~mxOX`VbwK-~LLa80Bq1p=fNjB@|;n1ZlZ
znn4WeZ=TXVi$*c`GO^i;<m~~esVcf3ug!k4(;AM`#kt`*Iq!P&-_n|j*+UD|$!i)f
zovWFVXVw8HXg>~GA3KA=?MY&p$)^;@8;P_7y8Ui+7sFqa$v++B@G)U7EUya|(Z_xn
z-GacW3mDx0ffVOi3AcORNpw${p@HT}&jdvtK{54ixpsnq&}28@enpWd9Y=^%7PUUD
zBy16bC`b5%fV2843A)t;QXdV(2PhdG2GW;6g^84JR#jVBEFWm$L*OMz-F}zWG2dR}
zDL>>yS;DfjC1tI>kR|gLqiN5hnz?Qq#hkO+wcaW{g4XYkKuKnrVKfX=iVgFa@6bi}
z<I(1O-6`!(fj;h*Bk}cnz@KCdG}tM&st%RCwqzm)Vh!z9oc7D!Br8Ve+4DuwEP%T_
zr<(Tsk0?pl7p=J_Sv^vo^Y%!j^V<mCk(+@JO-2XX?^3*BmC7{l-#60*<lz`mu2Z6L
zCy>HQ8xId}pDon}Jv~0xQ1(D=`i1_-YPD7Q^r&mg>K(vuGOj$+@TI~oO%PrY&z@54
zGH<ux%WL>4p!99Enwt<<6M4Zr2;#DdioGuM@Wd`FJyN?(oiliTFA)SjNp<QzBVrF~
zYJ=6sz6hAHvKa}=*0SXUjcAmqB$}F(*-Q}DQ{{O|fh|Ys^n>NJD?hltUY;1_88qdP
zc*q{{lnS=%27LyWPcXMzysv<LzYpiE9d6xQ(}LCS%E7TdWI&VeD=<-e;PXwm$V*){
zPCvX&Puy|3e9*SenhBhJu0k&${mxJH({leXK8}MWu6pK}YRqUF{Lg5FW}ZuD5fown
z?>=X4^|WY*QK>uQnAJp>M~j>t7Xmk#zL1o5M=A3^ZK=-#b`1#@e3i-$T6!UCYY6;y
z)Edg9A4W5*01%qe;0EG+WeiXbnA01V?;~#^rqDxT55bDd{xf63?7I(N7-`!n<6qYH
zZvf*JpxTGm`@se}R<FD|NO~V$X*Ll0yD~`Ss>oNH?9k-8LxYc#mtrWf91s%$YcH&G
zV}dGGJxZdRmIkUjcu5{5NFyc>zIwwPl_ip;nK!q~=f{1YaT#eVyZ#|X#rLC4s9I9Q
zd}n-_uS-$v<rvh3l(qs{TM5!2G9XJHa3s?Cl5`=1_#X~U4h{lgsx&|OWt<&@)njDP
zER9c9yC+65-8)s{)!Xb*yXWkp$BU8RO?Ao<&#*!FFUilCM$}l&IKSzqKy|o;f2|1J
z%ITq%YY?pwG3>3t#U~=+qiPB>{7R*}SLgFqs@f*B7B=<wJ3Pgh-L!1-8LxMe07K-5
zKoW0?n6bi+iPqy{K5rLIe<U@i%^C!qG?9t^X%7UlD8*|_`Zi$5Q|{X_G#*=PCB!_e
z2G;=&&&YtwdSZ*fnF{j2(!bNy@(h5?&un7ZCN^b^H)cyX{cxHYt2>ZbUz4}}U;GTp
zRumcX26^E$&v=vFOn6Z8_C{uLwlVJ6!CBH+bC=2FIZomdww^_;6do)$_aCQnbXWW5
zRLKLYlX^GBpA4F)Xvw%NzpoG+qJ+~)*Bi0SzfYLmx2>t*YW2UuIU7_L=>7}Kk0wx`
z!vpyAq5B=SD(!v6$a5AJZ}0_!M|_5^{e@ZVVyP`yZdAXHnmkex1BPz$;EXI|v5ik-
zjOmjvt!D$S(5VI--lJ`U(~~zWUN$b+k!~q^nE9IT9<YR6@CS+#G&l8wxQym~30PvV
zm=KQt4h|qsdcUazGR_<b5MkIWpp`O_;{RF+cvLjcgHf_*{pCr*3Df1rXCnNb`=F<^
z9d0qhSDo_+jq#v8cNss{Fv!rbPW96x)VOVa$m8oK<iiUrG7D6O;XyZ->KV94>F5hM
zi^2s4E`+kVw9Fc)oyM0{?zM)1B{KeQQ}ukJl6+JAFwS=VO}eoM;YZMs!eu;j0I?ll
zJ%=3rm=D~&ybn_pajk4Df*LX8M3{Wrtt(E!tI`I6isx;-5P;dVKI72Q_%Te8f(Iw@
zga;`J@D&G5DF{Mu-8{-EF#q_tx$&!fN(r5GE@VR2;@TTvBt0&e$uqb488inYEQr;0
z)7z(>C3?@|e)edv7qtV-72N*`@8u^`n-2WByM0qFO^2kB=AhcTiju8_;R1#{r`mRG
z^xl#70SS5JCLR1ovai+1+&izuPKMu}*P%xvcZmrrKQxSr4}7SdnylKpgfQEGZ{H{t
z*$8EqtHRPL{S<{BpF9$wOq37te#q4?18=gCMx($yPBmN9Q)&2Py1!_XnW>yl?dPqv
zV~HBLH~1j&GDCV)qkZkBFBU={f<B~3!8pT8s6{p#)#m$O8n0Vcs!tT+ELH4qVBiEl
zF**&L2teumF=KlPfHCqsT?BpCgV`d(k5Cg{mpy~fDKsj9pvEPz<(zilM$VEf3TaqI
zl)M1~$Ca1>Ys?}UJW>-%C783Kw8nMEQn(V!?Hj4KtxJtCr1QDNla^%$b)4d>7fMUx
z===XG8Z|4oUOIZS+L7E%!1&d-P7YWzM7q|-si^}t%M!zTb%JevFrj|M+oK}(+weax
zX_+mo0%~Sy8>)MP+}*yGt}QO>Uu(i!?c23>md&ua3t(4HnUF}XkfE|@>fBhY$e!Zu
z3-djr&>zcfCFzRXzU%CzJ%7r7r3T*%K$Q@q7W*myEN4B?v*$(u>f{`IsCtXA<^c?*
z2a@qol@?-6*{6w8r1y<|lRADu(WmB^7nO(31bn?qCwF{w=j$;D8}4w*BYRI9-+iI;
z@VX@uz~G5Ba-;la(GEKw)Os#zasW?zF~5qUI<qjstC2=6ER39QVSdd=hdGMvsw8l`
z^aTl>9ZYt2d8Z}DCUTlBeM&%Y*OVhl_L*!nZprm{esjn)Mm=xxFTSY-zVd>)A>!9>
z(B@mqX2M;K8<W5sr0mL*K`r8}yWJWyi=LmUs2kLC!-(0&789!W{1NStgF$6ht4}Q6
z<gO}38~$6KpyGeT;|7Cs+f^;6LQ(T<?d;ZsrUoUn>Iy#bXx+A@kw-Eyg{l4@NHKC#
z#nTG!$hhk8j}s~|yKbq#B|Bxu8Ki+~Uksh1!|6dAjS<3}>!C9%OZFb1`Lk<-b|m##
z`eOYQ?zL0hjQy~%B#BkX-!0%(o<AUjBmLI@G#RL2z7wx@pQpWRlC915R|~(&lbx~A
z&wT<O>18Re-$Dh195~r=K(xv1-_RQrr4To6mtvx^yTi<$<qALZ2Vj1(OEj9;h_^em
zti+-{5x*x=f6D={$z}j@J6Oc?KrrvLx%`bje|nwYUq4b6E?d)i!1W5G8B~ik?-;%-
zH_*=>6Hd`PzP!p<tZNPHn&7ahPSuPj-8wLsqrGr>;*&gYx3TiB+}wV?1W$)38#Pet
z4tr5M6+j6#d>z_H_S7jxea|;yRkb}SfOG|TQ!$zYf46(mJ3&)J9ABw%$M<zx7n}<S
z`IYy6rnA5xqJ;*Pg4`8)r92ojSY<~BtV$4D)J_fB<|2bI7&AVaP>Q2F{{neUu;&9W
z$Ey{`QIs_n@Kl?rZKZDP1X0v&y`mA_(Mt2l7EV(HR?K9bG$S3dHLC@C<VbCZil(NL
zE@&w*ixGiXVm{;{MZ=O!cH@1T$&7?}7yF4$P|%khQkT>50`d{9<4u0k9=u3T?O|gg
zh4Q30Q)dm?iMWTsoE<?b4)y{O)f=Y)c6X%<4_O(4ECt|44@7pQdCUkdBdAE&C?a}~
z16JbfunC+c@TwG8%lxx##x-ZlV`kM!w1>n~E@=9m?;5PD-7+R>IVON&d|ID@t7#nX
zftdYblYIyE1m0zq_-o?oyKsL7DSr3xXcQ_|yQeCuF{009vu))nEKAkSp3iLESgO*|
zyqp4|Ki4iv`dXO<98}8<95VERk+2}Z3cnHkX#p#@*;reRvDS>ZvM&Fuwd5Q(#Q4hB
z7mCFd?4MIR5R#6B%#Xlc-v(!7R!X2=+zpQvM)i<qW5rpOzBeW0fnK=nGlUvrPdaCW
zsK}>dJ}odms9!^f3fDrx`i|$^DFISa>zMc~T7MZ&`)t6zn@|~xJM{ySJ1%c75m7_z
zKnfdY9jd!21rGUR!r*G)hSNP1|GeCHC`pqce{`Dy^-<*TAfnfEX@RyEA1N+){S)C5
z<c|t=t60Yz->kNrS{<P<7&^o=RXD2wM#t3E?edR__xDW>Ic(q|{hu+gLoHI{tuk6_
zLTP$}#$ujlW$gc<?3nD(isOqnqQ}>Cb}H6;TQa71R@0Ly=m=|=2ae+ATv1h>y474B
zi`u8_R*M4LD+!{5qTO0FB*S0|`m~Z7Tv+4@?-08s=#U3HVu1+m1L>o3YkM9+XQ#Bd
zJkznxQ1^(WQk>F;1gIe1bhLbb0ygbHJG#!`6^tQ)ErzIYTNlp8^C+6GQ6^e=FVpNQ
zy4mGy<5oZ~jw8!#-#jnh2_0X(4RnOr0%Ws(%d=9LI8fQ@w8mi>IIQe?jOLFJm?a8}
zV|qC;@6P68kOyg7S2+e>IRb`|YND-c(B<cX5D8^i9wMuH3j98o?lq8wGN;dd`v>sZ
z<6C%*g4&_?rOSx)sGYdLJCi~S6E>hv5C9bd8xqd^d*M|5oRufBQ^q31Fk{3xzDNBl
zF|7nPgnZ<{BN+;8PSlUfFaRZKS_kSnTK2~>9|2e6tEaeWtF=c^L~3%hj0(Cx7Z`hV
z`*{rqny!Kj6-cL2%QmssTVr&g>(NdmPUW$RTqjM3!PJkvVlT!Ie}isjWew3ehX@cB
z6jK2}-Q4h^YP;jJCO6|?h7%xLqFXXRCzeY#!tV_@<ypean(5~2`}*5}WVO6+hhYmO
zmWVHh-m~C$Vta8B#hp_mXdZBL3)`EC@qQ)YlW?m^Kz&=x2_a-^BBv*TdgSvT?-;iu
z_(8AsAx76)`r*A<9)D-$4!YWh7kx4ygc!~Nh&g@Xui6vUQ*Eldcaeudz-2dSS8)Nc
zzNnJ^$u9B_o&*%5>(4ygG0*>~Cfa?2(g&2_%H79iO=TS)Y1kZ6&utwjPiMt$XP$wR
zb+Nw2Lw-&($*MmH^OjV@ai(x!L=wK&CvtYsuGo?PV3sB9wTW5D&%kf$xr=VYocBcH
zn=<>%r;m(DXYL7b9R69GjvS#A66|u>AeH@U35Ei<(~L|A`hx@3k*WPeTpz2_WUQ}(
zw7xkXH`bR9N9i3G5t&%=V_%^D*RLm5vIOM8L&`B*&jM7@7K4iyy7zQyl!gRTDUSY>
zK-T>6`iWwYDj&WEuvJadFPB6zbI1pyK5+vCWUWN$CV`WpyN%*nxp4uL3-HhHhm^li
z`_souv|BgJD!Tgpsmwpb=m^LgOKTpWgFoTkPrsEvb7?eRi|(q(m9_Vu?WGH>i==Vw
zk}oy}kgIw=2M<M2VcXiTp7vQqnv5QASjINJ<aExyy@NC%404PLAdMZs)n$2E!>3KH
zM<S9DL!-dA(ku}36Hl6BR0rC(v>CDR&z8c}=vfaB2~>tp#oBWs3ItcbRaK+RR6P+v
zTAC7^;ZexvP>xN&K{r!wb43+9=)I!LZ8B|<tSfj2oj8Xe&NGr5$%slim;w)k?uRkI
z-qG-Mg@X@;W7S7;7G-=>&MJ<!$tQjLczF>@n}XM32pxxIH>uI+V1rt^LgP275Q_tf
zP-4Ne(qXc1i2u7JpGj)yRP#XiUIuu~=qtK56JYlpd!Y<16G(QT461Hh(z^y=WE)KV
zge&hccP4-X)<Koqu>@Fj*#mDbe#2P@GN?M?ts4S9u+XpBq$mlu&onLST_nP^Aq3t-
z5@0g4K)g`K$QF;rp<~_}@k9Q|KJ*H#EVw-gZ^cxfpJCTOB~zq#YIiWXKaZD3LHTc7
z!5^%ryvNbPajUUw2wnuJv~QjRaojf}m0OS%lZp%u>=-Pe?ZLE1dIz<4rXG6GLfAsN
zya})nsG**y>64La$owAUNp0VwCzvCUa<0HRDD#Pp1R=JWbFg=rJ=@2>R!RNLqWgx#
z5>Hl#7D9zX+Drda);1fmeTs{ShpoR0+d-}D<&h8dOfh<r+bnHPWzN-{@53XQ*Rd6A
zgpA_S0rBtmjTsY{9m(v0kN1(xm;8)2+Y6kN6sRCwq>esUvoZ<i)u;N2y0nNi##(-Z
z8t?(=3AtdprXio&6C5sGIdY;dbIb38X?3W)Qz6H6Isn2WE_+}^UWr4fK30bmRL&um
z1IjV!VkwOrwzS)C5}U*0a#p_K^)iM}5}R+Sea)*%ps|Qa)CC{AUg+QiB8-#|{LAr7
z=9oZ2<nL!Z)b_A^hocJHDHSqBWI{wAf`3Y!;r}?4SR`T}Glh^0OA{HWp(UgD*{_En
zSChEX4A3_;J)IE@mFP;yEMQ!83@u3~%&QTmG2z*5zF!bEs-$2fGECFqu?6Z1rINrh
zyD+#Y%&5Crs>!<81gU^s)c@k7j7;}y)s_!7jXUMKtP9#Go2^sDb(Kz75Gf+3P|AKA
zY_>Wg{Slx6NE3IB8|6%R<|+zXY>}doI_bg~9ud4Qz&+VOUG1uw<L*AO-Z3TVKErP1
zbbSkcwt}rhgaVXDN5Ntvwntk{T$!vE;X>uZWi~k&4m*Hb<*~jsqMfIA`bQ_EM!s#@
zv|a-_1+C=YyDD0}fQr%hpA78=kF-x~+jSkGj#d%pr@$<Xe^MbQp1Y4_3(!H3zwoso
zQV%1&Tu|~kJx0olgdD8-!std_xj91iy=xuDm075$%z70KB4V7deeAf<4cFP-I`D-$
zWbKLo;sS2P+zwB3MEue4c)dj!Z7M7a*0N~wm+wdJV}xoVQZsqv;O&_m#XH~((%E`v
zN>dPLl3$uVUIQ#ta*)>dSIs3eWz4K*?fK?S6OgDoA}!Z+)|qXj{M>s9NDf}NKZ=HC
zS3{zCSg46I^3N{FC(Q@eUK?)s13H&`uQ-Pc{SY*vUzmZ)?7^hs4s@kogRWk|;LgxT
zxh`s)FT+b>5yXL1Mii(zJiQS;FQ{y$Zj^h4X}iEie@<upCA6*ZUsWo`hNJ~v&b85M
zvOvjuoeLyZ{iQEJz8*D@=7SRMlm4bR5w|I9?jl*t0z^TwhI0(DRXJp0J&7Y9e<3Vt
z^lz%NBBah2{4fQ{qX}pdN}+|k7VrEo#xd%S5QtxC`e62R>QwJzO$#aHJ?9IQ-TD`B
zzdy&Xyi*P@f5S&5V}GjA6v{D^L+$>MD*cE4wxYOAv#U7-O;L6XN{}p2d(?My2DIbe
z<a#_g=9^9TgI1pX6+;VWKeiL?mahwkwjg2kq(XA5Utd4^fu|S={DcB`n{JGM{PIVg
z4<HI^ak=o03cy5aG3Cn*@Qctqa+uG?Nm%b*I)*&Q;uY6Ck=C<l)6p&D@78w8ZBpf2
zaLe`VT8bL=gu!zgEE9K}Q$OPDA#~(R%hf<8RzJ`>ipo5urb2=)_&K<GEC>l6Y+-a9
z%P{YlB+5N{A!WuSP&T%`C}up7kS>Q8RI&yj|CGv>qUcFp1_-ite?54I!e4t>z+TNh
z@z2L>=P42kG<qTfH5ZATqcD3r<l>~6-lVfkhXm*4<VPEhc8#;+6?S!J?`;%KBm7@!
zWh~;sLtvKwnqWOk$z736U@RmhFsn|Q`tDuK5&?JzeTtRAgQDpmw9uNn?$XWHl?jFX
z!#-GS$|QHy6fEmCYZtthgu+%Vx%g~^sypvggGR5Mj-*l@k>rf$cbW!DnNEHhdbRWB
z7u{EYS&L#qrfocAbKUv_U1V46lR}bletdSJD($~FoN|d{nsI0K8)<`2O_G!!Vcp27
zosbxI{|$}lx@%6m??OXkld;-RTqFRqb(45}w%xhTx-SWDA?pBkdY>~Ah**Zt7Np3x
zx2+YQA?+d;aLvL-r2xzTN34NhVz}}L&_@u2o)}s!A&P*&Gi7MuxeknHMHA%leGhjE
z;|@vw?jDbk6|IedbH_LNZIHRB6URa#Jn<^gXmOj471X5jDt=6d;*2>wN~InVSDf}^
znT4qzmh_V))g+hcFI;2SA!Z-;UI~_sx|{+8d3=x3Q0;*zXS{hn=+sJo=#N=SdfNeV
z?Y7}_tRX&EnOrAGVHlB98Z0_&w<ToP#=0!a>6eoFW1&rel-!24QnwccQLVv`rz|c2
z3gHhWl(N$N%u`uTUt$B447t!u8oS$^Ut|f&GlRo<@8>k*SVwJd$En@P-o6!<TxkSR
z6+Vv8$rG1^HA2j50{1|tu{hpXd$I^!ux!Qa?{edPpolP#ZXf*niD=5?srp?atUk!m
zceyO?pJ=BEx|14oL?l1v&=vtBss~}s2j_rLkYZ82+fe$XvId8*v36SfP;8b2ybP&%
z3lmzZSun5;<C0<RqHj54V8HbEB(MDq!g1yD^7_*ZWsEdq1@e<^;(JpfXUC5|sz?Qo
zKYL63-`G8{UPnHo+bb($d8OyxY#R2JU*@{(X3CCa()~Ht98<5LMbL-a?5$F&5;LwV
zTk|KbJ3}igUj)latt&e<q|^ZwK1g#$F&y4ysfLS5`iT<|f7?}2*%(S-?&=$AWWTOm
zoA8O~-feb$>}S3($pPSrfF;A4lyc(;yMg_p+NHvvoMqbjBm$@C09Rb`OueXeC?U*c
zdU)s8{*bEM77P+*lVoVz+mf^KZ};Ayh)=!b*TmhqK?6SfW!BuX?v^{p;KBxAcX2y~
zvxKSk?w$lis#>I=8N+J@rr3Nd1%Oej8H`gS*8F@%Xh6@hiXv;b+i6l=wI|LW6B!PW
zemrX5eW6c<XqxY@nI)g%PZaj%R+ZF7bnh2qL}0Y4w!)?sfEtl&X_GHX2lt$7e<{x$
zm72gSu`ym8Vw!=K3|d>8V!=V;p+gO?N397!X_#Xg87b6w+eydj!$8V2u{IjK$hj_%
z@30w0I-{Z5ovOx%ZJNX{dFN;*1kXHQd2j$nP}GIi3h4c8V+T_Z;4b@KX!*YYeg%R0
zdu)vMU1|EM7lwUwZ%X4Ua_+x;N-<Cc03X0;iD~BYFYO|?Tle+;Z;|p@*MY*T#PHwu
z!S;y#_;kU-rx%*QQ(DDORlsV`QRxf2qMB6ipaL{gHYM$D95Et^iM6#l0$i|m88&Qz
zgUkI&9zDGFguui5@^M>q0WutZK`rB=d2rF8SdKYqwEZ~|4Y~M<{2%{vgYC1pcEpLA
zEMhdWQ=@Hybptx-lNcdJ__XJ{#8=|>5EwHmSy}1F|7}isEkzslzglmgQWtHcLpzHx
z9EU$k0U`wiSIvB^8zB0X8>5(%Ikq%CZz~xLu){+Khl3@X;a!AqC|V~TbyE}FDv$0l
z%T7eUQIIYB!?Sk2IcD(DsUd!`2fNee>vyAmk;=opUe5qhJUMa={{%fI-ip5Wr{K7n
zwOo1|g?d+N%0@Z|g{eFxeHf|b*9bN<3P*>zU3#9UUa~1uKBn*UUDboSF^|X~Ky@qm
zN|=z2G?%f42(Fx+yd?X@l8v1N#`rX&CtJbsCVqGVLd+!ZNHpW+SChH50@`)umTzkh
zDD-g`00aUAG3-ir_2>R3W88?a1~GOg?GVCuZr7aM?-zKpH?|wO1iw1mjS|PU-&95m
zG~G*NBRTR0F<NeLh3*A&>!y1&h|`oByathzsk1D==kQWt%pIYHfGc=^M~l8!Dkf^q
zcv#^r4t7za63V7OqJ23D$&BK@-RH`f4(tDASWLD^*a>DJ^Y>?!wWd9mvGjhHJCCu{
zc7`}2C3SjTdOPzAWi6PQERE^(-&mr7G^y?nc#1~Y1N?>QzLm{`Y<&IlZF(nPwSp8q
zgrp67t=9qTMA957Wr;C7*S*zxL9<gN5x|<?LG#i$JpTPR22VTx6UjSP5!_7A8mKtA
ztIQ*W3CpV&+y~;_Co`|u$qs)wAwiaxXP+T>v5y#HPpV7uwfv*f@}%^03X>9D4F_L(
z>|U9<ra{1&kW<-%)t&sS?>24goAOSedDRKAg@pwDJ1{D`0jg0-%tJL=?E^D??KD`C
zmWT<kHi6g9KcNg*a__e*@1${wqlfPBCuz;usi_tY#F70X&$j0xFGZuD4+hJ49w3vo
zo78BH8NZ9hlFg)B>BTems;o!O4Z+>W6y_$}BHH<CK47J}*EkPIV5Jw`7<`jK;M*uh
zCF?2FQ34y_;C*`=O?r#z!{;?cqiLYk@pjkCK5wxtG{|A~9r+HaNxeo~0#<5uZf9vH
zCcodG*BR0Tx|9>tZhi)b310D%{<|O58g)+6unhP-B88ibtBt)y*kcmnvEnkt0FoU2
zz?dGA1b9o9V*sM1l;KpRx-kHL7sH@@?XMS@j{3hsl&;0PrltzeQ8d1s{_L?WG=T^)
z^g#xs?#!C(Aog3ZC~YNp-)Cf6wg*-QN>%(U<}?G2g9~J%PH_>1%k8|Ah$hjhMJXu-
z7uitg7_swl=`hd#?jDOV^{taj5v0=PScpyh1ExGN!A8ZLDVgQjjGx@l#m=P98{S^l
zqmaV|G&<W)kaiskg!*EM3pTwm4H_6suZJi}P;487O0%_5`b@FC8vFg=M~+nXWj3Jl
zuAGVum~yy7Y8#Jz)*On<8Qo&8%o(1_49KaOn%WRoib7G*b$44<t@q+us-&bHKJTEm
zQok5)9e@tfcm)Ur9JFe-gX5!aZZCqXv08~3M2R%W<h7x%UHxcP$G#08-ib>OCa}w#
z1!n>?;T(Umg2ZXS_BjeAZcEVm%}T9Mbnfr51N3p(pGs<$V8I8RvI4TbSl+4tf_+Pf
zM7E-(i2$2(&X)@x{u{s=B#aqwkMO>}&c)#z3F#|yPs37s5<;7rEsoF?(t5y$<OTNP
zvFs($p<@bVZe(+Ga%Ev{3T19&Z(?c+G&V6HFd%PYY6?6&3NK7$ZfA68F(5HHH8ct@
zOl59obZ9alF*P(aGzu?FWo~D5Xfq%%3NK7$ZfA68ATc&JHZdR|ARr(LFGgu>bY*fN
zFGg%(bY(<kV{c?-3O+sxb98cLVQmU{+O@f5R9xG#HjHa<mq6q0?!n#N-5nZtcMtCF
z5+t|;ch}(V790Y6Wbb?K+2`E%?>BmMuYSs&npHLDTBDncNI{uS(8S)zRLtHENXJCa
z$PJK@RkF7=v}0nVlLQ*tSQ-PE=@}VW;mF8@olFgZmiBfchCowp00+<lAa4x(aCHJO
zGct0)kpaX_?M$6MlqLWp4}h#G&``z0!ITL=Y4{gVuy+R185uf%s7>w6E$vLHK3s(D
z9Xy;Y%`Jd`VzAKB{fYF)TZkSYWoT?|@8)c62{5!X0Z7ry(gWn|-9Cht07`p1fRU+%
zp^X{9-VC5(ssT_{7FALPh%3pfDkxLYe*{)`ad5DA`k!2cl~q*5X#paFaw?(#Q#D$E
zxT><spHCH2yN~?MX#sL7ANoH$ABKP2Wkpp4RWubunHc`80l)-sHFa{f{6qU+xsiWl
z2KaYsAFgIj_O^c!04ObhKnHFH1~)f1dUF?NAicelIlY6;U-_w6SULmT?47IuA6F++
z8`HlE<6>v>QBI(R>E8kVGzB1IX>4leZ2HGZ%>Hks?MEp;oId2h|4r<p5Wqh%ZT>a~
zIGdXO2aScH^IyI)3JNj+TSH4bpsAgqo$-eu&=Bb23^4dh_VG3~q4+yNQ-H9GlhYp#
z*?*~={+H%osSDYEtW3wo%g4~|zdL4V=i==7kJ|j_vW@NSoGqP!&VNTV1(;ddnEuJ$
z`A^R*?f#O<3d%`}i7Knm$$Si+9i6QGM|JGzf$qS+tpCIl6p`Tua5Az3n7CL0j2}ZP
zYG)#BZ)^LJwKLqG@`+e})Cp+s<iYTN=GxlM-p$VI|H{oQ?M%%6RNlnJfkD;I($U3K
zQsjTEKSXf<mYJIZ0gM1sM}Voju?52)y1%C7kC^F?_@fLyUJmvS05d}yXHy?bGt-X?
zoR_nqt0@5J<YMaM^-slrA~+@vfQh9s@MF+FHVfQe(IxH7>;YVVi$5~?m+F5;fby@6
zO7*czP3-M#JOC!9W^fF0_P~#Up#1-5pZyn?n2U{#oT05L<$ss-zwHcdEp0sh)AGMe
z)J^{+ODSjXWNT>iUph-?F-vz-69r44vBlq&{agMwm!O@wjVXYRiItv_g`N3tjq0Cm
zW%Dt=A7_x|pCjy#p8dacAERk(ZD;E23}9vaOJ({|j{i#hqX&P|1~4dz3o9#2()^#<
z`O8ey&e-0>(#{;f%*GBdbaFEEfMfg^2xc}mfEUxpY@3+6|1~iH26{Vt;D-yq!3F38
zFtc}p`_okp4giDfAJJcklLf$_{BOhtU{L*E#Pwlm_;17sU@-bO;sP)j|1V-<WCSpn
z`~xxp7)<{SnLmupEdQbYAT|F7{9yg3_Jh{?AMk_M<{$7QmhHbG(+9ELKi~(k{XZZx
zfWhG(kQKn-^bh#K>--PM4qyQO1Ae68@{cuqME3X#{%6w^{v2L^?MudgckzEt^}nz(
z(8=D~RNd0#<Bs+Z6Inx`lcl>h<Hx3A`jCIT{`F1wKM2VFeIES7TS&;>-HVQujT1n}
z%=OWI7Ebm*t7Y@~4`1WI57@sp^vAgU3;#LY0H&tyrp9n9i}uDm!B(l?L(6?d3#Tg}
z$++mxsxbLAq!J)jGNwE5utoBAh)o5G0$Tht$&2h|B)D~blLPEZG{}N6Y~D6nzgAD(
znkatRHT0GB#X}So9LrUsR}IXRUG}f&BBnZ)$}P|=Wu47zOK2kisE(Zob9Hn-#V}94
zqx?!C)~RS)%ZGF;o@Z)Ccd|isUq;65#9N;31O>i7p~poV_6n|0&lwbiVvb2cIsE8G
z+XIa*7Wf@SxtGa!1VW7tU(dMt6&$m#ET--4m*lfyleV<lK-xUH9qL2f6%@LF>aAHo
z-l6?AHn$r9v)0&(hLLrf2DSZ^m)K{rJt)lzM6N4>E`gQnY8%wJSbfw?y^(F79OdYX
zAQdMMu7&!Uv?Te<V8Nky;1gTn3(_j&81`$_R2*(?rBe^fmlL&3r&Y~gc*xvq172bD
zo;@BZvgbY1ZBX=FutQ5H!O#OM0L7CO*BYdN2s^$nAyeXldOre`E90%-`)$vE<FC<A
z6i&N4rrtLewIu1*NRdv7=jbOD%?y9)Hms_xO1&KuQ^0d!6cHle3lAnV<P$Pva1H<!
z%R*jS;HaCQOH3)R6hNaZFKpDTdsNs7z_kkc>a`I32?|}W{)Iu^KL-^)jYm+3C2cR2
zHDzqBy0obVRx&yaJmvZ233scy#Zni9#q3UD|L)!Na2h#le6(dGkcL*QFAyK<^zIe>
z2j1aO??%ZS6B^Xa%_dW~boq>^Nc4oxK9QS~46i31=v<ma+snK{D#KUgENHJU*0C)0
z!0Oz|uB!m*e95^vKd@eZ5P-SR9-mO^RjRnE2!C>GiVp+7&f9}8-r+mTt6xhCx+$bj
zFIB``)h%xQYu;O1#YS(QGgRU?a;4t(T)PwlJY4t8EkXT|u}D+i)k;!Q<mGBiR}o3?
z75M2CIwO5@&z;AZjNL<UC{epE;MjI{k{#Q&ZQHhO+qP}nwrx8*HgEoW?-`vlI9**m
zS%a?Xp7g5z-sk01S76i>O8S&?o5JQ|B6}H*K=E(3IDW;jw!hprh$N}>k{xAh%AbW}
z%{Y)fs&}1aKf)JVAjDbP?GV&Il`y&s-s}zjIx*W~@)O1Hog`^JRp>oG(MwK?$F~mk
z)XlfgJ|p0>d4;_$aDof^wG=+C<`!j1gQegE=0JDD<EZC=OMe;<BPzr~gCL_D^ROy3
zvC2XZz+JNhH9X0}oz`Clq7oaJGvY9NcXj}A;x+gt*NZ=~p9(?u7$8)45PuAZn6f|0
z&imq<uN+iTlNs#*@}7sm*uwd}AKx)0Bg-?nEZdGN@jQF-nlnA(cqC8FmrreiI_8Np
z21l(17;pt6SYXx<64pJuZbpp0i6T<vMw_*`I_cl@p&?mHwx_Z6cc1jt(GUOxiH%Xz
zYu3+6Z^?4WA~r*N0E%<T^38W`$l?#6b8yc=#$`YvmY{o{?xirb&f9xff}Z#5lVhyl
zQbI>3&pR6Jr&!!|ukBi;;mWtCv(8c&1*8^AG|Kk1fo}zX-Kq&?=q%+<8aRtx9jF=|
zg)$^#7)cgY=Y^ZWXYV)NykE-V5C{tXJmZZ}BJD)XU~IH!6O(pVbgA~0QtrqgreNj4
zNiyoL0fx8N?yqXNG1mm5_j3EtK}}+&`H#9AOgFlkhID5~l4hK|wuGx^z~qZlOGUDU
zt&r3U%beS|hr&jW<xuua$Ii}3<ZQ1jB7iQA1lKI^Gwd6B>^j?G!C@_=CxhuvNT)Ph
z-zDfAKp#v9#(nez67Gx$b384gJmg7&BjL_-<5ERe`xxNGTAcfoN@@4eou&?Jz!iuV
z@fzq7PjWk&_f7nxsZIycp<9{j=*(~JuzqLd)pd$OO@o_AwvlymG2@5ox!fPi!nYqa
zJsx_NE{KC_QM~N@2hx>jI-YG^-@M67$>zTsS?XgfRwVYRL_Zr!YA=Fx{Xn_*JB-NW
z3Qr+I4(><VK{LbbM>A2ktUpatQ^vr-pK=Q8Rhd`tNGfW6ay(}Vsa99Y7v+*kCW`H$
zgTgtOp~%^nFfYGcz0zqW?7!KVhPis{RKm>t<P!5Je@cqTZDcw21au4~byx%)G;C9_
zV}g0=plO=?YQbF{&uVoj+~j_?08c#rUH~(zlAY%P$pc%ZWW3)(CLg4E1;cqQbT3U|
zztqL4#9B1L^PsWx48J;S0Nh}Nk#NV*=rXx4?38Zf=56uGE-$$Dlcr{utkzZvYn<u`
z!Hy9Zk*i$LD}TNDh1FDV!@AebL_3D8e_{mocSf;K9~A<Ya~Q@Vfe;arA&(&G@-gi2
zJ<Mu%@scCz5MX*BV8-ijG&9NOnX1};UHQgF6Y3r`qnd@@^_Lenu9?MR)q~_~K|BPP
zG;Fn7ysa)a^TDFz@n67rck$?nfj>Jg09!uJWou?XM=M+_@sm(u`X`4^^QoYc+M&$p
zOLpaakjv_$yB=Nrb&gD=OiI~pbfeYp<o7R94m|vMKmrJRx(+$O*O@VV^X$&m$u1;h
z@byIxE?j3}-mAcrtMdfp@|BNfuo%5<rCvOA)m*gq1PS&v((qO&y$)WqSib{&#S8~u
zBIa*1gu*O}d~^#O0;0c#4F0-jnjqVV*_g8)7kAFctpS9CXP=<c-BI~bFvVD$QHzNY
z)aM&jv7Uj-qZO#3Wy!f~3}Fon!J89j5839jSA2(Hw$7dRzw8YzG?-ZPkyCn2=D0a<
zggQUcBRA!4*-E|dJLP~N$wqmNaN%=FBWiHD(+ztS9W0agz+hT9EtKNy5q-qGY-2nw
zq4XZ6U0$Yh9WA{Se57mgqCv0evmo$s&nXnMOsY8-8Vgn@0gXOdm>)>+o2>acM2Ip7
zOj9ta4nq>Jheol_e5jhKY)Ir`Av#zjZ2+omyZ{|$Btn`^=HI3*fG%(c!kcW8_^%-U
z92<yI?{zGbN=03<6Y`WRz=ibvQMFUvp%#keHZPB0K=#twS1-=)&L%#Npg#)To{P-p
z<@y@P`rfv{8u^)n*feXNlhZ=_!^ABG1PsoTKH+2g$21wub6G!KIZNZ4(A`!;yGfSR
zb>m`C8-|{A9K?innO@8<(c_{C#-5bT9yE7!=bDKq<eVzf87|;v-S$Yhyn8@#vK1ru
z2j>vbV6d>cihA)|NWUY)Kb$Rd#T(3)#OoT&(@sZ#fZ=`pnxbp4>`><!A+6WNU&;gS
z7VXyb+8Mk{cL8iUq})wa<|!;i`uQlpBu7K}5hdPn#A=Uf_sLL<d_IzLRXDIk>0YNG
zH26ypPLx!45y3%h6Ja@sho%dP5C&i=GIL3Srk_&RIkRb6Ws#IpPo}EgQ*G;?aeeH5
zOywOS%PBZG(_FSNUA1z`9mT0lF2Pw8v(WMx+GUFd%)Ce!M`@Dxef~c*_`hu!T35wZ
zo^pc-ac@9;WNcG{L%TcvX857VpTHik%=AYTHMVPoBPtM4rk4smpdc$Ays!y|cqO32
z(HlNWqT2|0K+A(hBpUjO{w{N&E(;XI9f)g>-tqx~R_{Qa@WB%)h8_EV@TuDSWy8pM
z72dvXzt{Td!+|x+A94=C@72?@s{_Ftrdo-BYm>T`A7U7nANy&Xd<YED>t4u&N7XC)
zcsPCteO_^k9%I*Q^jPhY?Ygd9C6~3xMk42P+q6eD%A6;dg%Ro^YYkffE39Ol=t0Z<
z-}E_H>iatMu|QI$M3-MRT@1HnBA=qel1vrs;Hy0ba>>3qc!r>e4#G@I7bZu$&5k1y
z-Jb6?YUZQ&-Ph1!U3+n`j>#*gF(o|g4z){e<_9bN>ul(5KG=#RuJDe82!Yk#^EUl|
z_onpeA4<L=JGZ75{4lOHHSn#{t*>_|gmtq637jL-Z$V{Phf71$^NJ!ZM-t8g>%6`M
z0Dl@6gwy|-UO)U;y@sC@vfI2w73E-IY}-oR4UT<1meSR`Gg9)8RQBLpRA9WHcQY>?
zpv!R_twEwupp3@pS^_Ue4KD?QOHBv(2<hC4vY1ZkHWXH=uHQx_m{-p*WadR!s;YSO
zM?e`fLy0*Wv}HV<bCd?4ceKNEHHlj+OR%oyv<kBl`y5d0cbrqQhG3(IC*y1s<hoRw
zu?FpZr42adi2x`}#Zund%2$fP!p&`_^&awgyT)7peahsDTTl2hb~%kC#_=tlbUvNX
zWvbkvVYPtEs!ojOwG$ZO*(K61(a;F`z$vCmH%n^l&;nFSD~|C*h#E*Jt1V3k>uDj0
zrOFtK7%X~8isR#3P@I-DRw3VY%W$%al|n_~hap+t&6@K)Bk9m<;Fx{5Hns`aaT+MM
z(ng6^S@TzkZJSUrX~WWrfr?H$7?9RU6wi;$rs7n(-X_~FWT-g_tP8pPD=g2?i>fHm
zNBW1Lt>liDBDKW4C!BHtF4Vecu)~j!#Q)VfHJ=XWz3cjLJ=?GC6tVCMi-0MP$9L|n
zZN}>@t!b>t(0syAz*ds`zVF`B(w~rwSTU|4P0c>J_kmsJ!CPt8HtnyS^f`mUn{l*a
z7B6gIi3<2+LpdK{){9l#({qV`;3~f_a&LaXy%F*K##Vxe{a<-e4O}+T3h%3xNsF1<
zEoQ5Hh)!#z-S~i0TfMC*G<a+KGD;vghh>_Z5p|<pc+;gAXv(yts!LWx$LYqAs#512
zHcIpj#pU~ZMSya<=!rwS-np7}p2Q@1V%JUwUW>R1=zHaJHt4WPc&tdzDL`r}jbtOM
ze{Bsr4YScnAtGotikTD>lWF2cK#{+0*7yte-ffk2k@8f7yi!&iPf$mJgq&d^1dq|-
z3m+{*+0^fVEN6tWU~2y40f$dDZ^zXD)O<x=1nuTfa~hnviZKSvbK{KMWk`X@G|Fwz
z$X&+X?L%5Rkj~-Vb?SA9ylEd{0!+WfB8k`XJwz!Qi{Fm-ab1H}T8&RGh}7aG4y3cW
zqAB?3JT`E~IP7B`@{@$!K+!WmZG@&(Z5VG+rP8E~u&Sb6{Q5iUk$vf|28ptz(-fmZ
zq!e28Lm04w%}h~0_{5OZ$ajUwA*e))6W)r^y4blV*fGs)T36b6vMIDM=M(&R&~7h|
zS7D+y;pBTnK!5eJk`?ix0uY?Z(??vfJn{qXdL0KDP6NBNh&x$p$GxAa<;-rvG(~VA
zxA%r-+SERL!C!u`*^q|lZkJNkJ<=!DqOgTvi3F+DsWTy|U{umWs@=n8iyV<yp7aRZ
z;&Bq?6{hl`X$3?=Vey!cQ40dVWqC9mQQtVS20P^s^TR4Fj97ECS;Zu%>+a`d0;=^O
z1qL3IM3EtnlMR1gUb~i!-6wC<yAw6kWn;g6&i)A+kMlyT5q<OqQ-N);jz4s_?&isA
zu=y2?1e@+6>5;b$O&;=ao>(9?R(FZ)M1_95XBSGMkVTCY{F<GEs7V`xcd~}X5Tj2U
z3vU0;SUvwpP1=wJ3TJ<Yz<v<1TO%y#n`Wx=J0m48{K-@fPMSDBmLd!JsSz;2;-TU0
zMcZ<^6FF*L9;@kpV6WF;{XrkS*uO)=2iIsf_I%bPgMF%Mn3Bh^r9s#f88?kc`79`c
z%!<AmwTfeLwq$|}Ms1Kv8{7h{z7elD!4^%|dv2hASiA|XZW_X6+m-1qonaEgJ~{My
zg3^vBKDqk~4{QQff8FNK=@<z65g21l$^yqyMOEIzt(<#dz|gP2;D4pm9E70noohib
zc&k7rLFhuohKl`s;zqKN04`oIsE+*L3&w!2v8z*_1wj-0Ema=YciG0Bx|-}1toK%|
z*9TPWRju}Jl+|{|D)oi@uT^YeyEGGZcYknnQsHL4N%#*}!5JBx)&5gwbBq1PbJIn~
z*t5z>a3Ghz5v^@v;ZzA#xikcl!HYkGKMUQ4d<g)l%U`bY$!SR>A^c|$_-8_k-=;!c
z%<94k&IR|S%9!6aP&E@G8vSlw=%nepkUAU4M@J0Q%6Rk^jB-$<_E|0rHSh`ABC@~$
z$1c&Hq-?^1BQt3|UUju3=cqj1%jUW6zLaSA^40DEeARq8roS^nHM$qQn5nHd*YAS8
zL34w|Ih!0~hFyfg4e~V{+DL*5dM{yYhwCkVZQ?Utp<UvrN1hG0Bcj~ielsvJ2%Mal
zYmZ$aagug0);rLRgTQQ(2uc)n$?wJ+FqSeY!m<}{H!z<WngynoTh-&bfgD|ln|?xE
z4S_qC!wg3jBinx>#=UinI6e8)h|NdSiSO2p+_$fXD)S7Ab-L$lD|i#7dSSNC|Dimy
zjsZ#DpKC(2=3B|eD%vl%ISi7fGEjXc91sVcor+>64J<X(r%YK3-4ciu`jSgE7uMa+
zq0ssacpRZeg3wd8+;J~kfgr&LU_B{z{X?hQJ`3-L5$1$KL1|}DUMo?Sd|L?AkSdr-
zycNfVnl-;qe6fHu=^h7@Hm9ta4!J49fH}2$#O%zKlb!G>3@l(3>62P&Vr*c>*xX=_
z3ggaQ(S{tNs%Xmd_mTYff$h?z40uW3s8+AZ^CNZLi{}5}Ws&TZRp7OTi+Fk~mq~s5
zk3&VlCvDK_hP67fI6Nh|ao<)v41;h|SfAw?hH3$7UlN5$8Q}LpaWP9F5h;+!zQPA+
z>l7ITWG3hro$hdE*EEy6K~+A_3sNU`{@q#Cls{Urepc1pqRSVJuv6Vk+{4$fc|Jvo
z0+m7?WyQKz4~Htn-q$uh1gD=6?EuVlyb2Ov(P|kcyBN5nZ1RB!&(@1QlgY54)n$T$
zY_rYQ3;W~D1UPC!U>btAvuBTAt&YifrLxqjG?R>PoC=?%3|sEhPtg$<y`&Q|?;QVe
zZb>j+w`(lB1bZEsze1NhH4ws&jS*(VvzZ8=s7zfvo}7QG&nA0wyl$k;!7BwY*7XnR
zeXsi~H8>gvR1Oh6)K&^a1~M?eQtCo8O&KDy8gS6^iOxo`<KI3_Un<x}!^8#~@K_x}
zk=v<uQ3Zq9bIx^NTK-qVXeN+hK;TADU3L@w?8JeZf5}KbA>$M-v*Wgw70aiky2ib5
zF$j|h!lP~r8V!&|c_pwV;)M|!M4;KHrG%)W5eTlaiLOTs$EQw&b}Y4fzaz;-_S|*5
z-uW|Z<}ROBXL^A&?%g%4^iXV#@Mb77gu!w3Byp+k{W&V-ynD}jTs3=0P^d3*a^;;@
z<-rD!`DT;R7QO?83aSFT;nJ=(@=jl(OTTe^*(1yK;*br<ency?MJ{j-0X<DXG4`qw
zRFw>x^S?#oB-bNQ#q3#<)y?C`U`E!dP__yC-*)46H>+I1<xUEW7-Qt>6R;1CwbMiN
zySA&9ZDt%c-76$nkaIj%!>$h1&_OTTS_gUvhDTk(vhbHk&vZoU)CeVQ10QBqT94pp
z@<19Qx&tDdohxT6Yri&?z$4mWBzv7`>Lvy&*BYJ_Z&GPy84>JsS3r{`d7P{U0JGbq
z#-^E)1dbB9Lp5hqa}eJG`#1(XqbIt(Y-C~uOR~RfNv1PZ9rjdaN-nS?J#8{Kv}s~Q
zO{wbpQpCoySfV(`CsHat4rJGS@>hLN;Eg}T<W~G_J(Es08gz0Al1Vb*+v<BsF?f7c
zxY<4b8u3Q9*jk}eC1aGoz71H+IrLZ6_w3TEi|jmnRuQtCS?v;=vnspuNWavmFSq$2
z$6_$IGG#S%<y8lBFzp9qgL3s`fiZ~<<*)gceZ^KUjnb)v&PoRIEJ`jbms_C$OzJ!Q
z^9^VKlhta$#+Td4e9mDvte?&}y-6BG>g8uqHF#ezz=XA1ib2c)rL=K<*(3E_&ErTR
zn2yKPcgE&2QtQkQ%c<4VC_@PR$LznKizosIU#Xdc!k>ByUz!quKiBA1lV?DfkvxU6
zC6>6r7`f-Z%bb>MQ_BdLwR`5K$Y!!-0PKs4=qm6jV>4h6s-J$};fF~SUU8-VRRp0+
zI=53|cjf1R%eE%$L<`EO8%Y~3H8M&ur<bm%%z4DaHA*tLzx9kYyV6RQLrrRpF~D~c
zyZBhYzkk1%99|pPv-T)(m0zPD_PfTRH@xA&b(?+k<ooMIy&bV~VLA><Z(G>5<}R*j
zZwPLxtR{A^#?<eRn4%9P4>)U5o-KTkWg~sZ`JAkbvSe6}e5Hek=DxBkjxMtX1AY3k
z4!%9^xSuFmxfq{Rp&}CDvZAbGo1;GpVsAmbm{>hY{%hUu>Tb|K;Hdbne+9h?!pj2+
z&ZuYP;aP8y`<<@(`L$&S2UZ50$ayL(5MVs5pLMKwKrNBD6`>+fOFNImt)@{n<pZ*$
zmU8Z2DqZrX(w;Sx5blLUMJ_&{+qk^YE4fgSK39Px|CQeV^#|LQE8i?IpAGO<q%@@D
zedNa$tZ^wnw@6HG#gJqJ_R+KtK$DBbPXw{@0k$JvKn`>)N6kSrZWmbc58DmvRW^SD
zm-~&2_K`p@<}h$F5j5P-@cXdaRtt)~X_eD7@b&EmLty{J=;T`tB1t~wrp29H@f^5>
zAR}ia)e~QqZnKz}nm(QgaEzb1u1?UJ)xAP`F$T#mAUz|?ut~vF{`p}Koq5v`2)Sx=
zU)bvbtC;033!~ey-9O&^!3m_@Gd6L<uNHsL001Uy#xN>r5}R*2!dB4s*syoub)>Tf
zKmnkre>iSchm&{d#gL{F!z*ct<ku!@Bulc8_NCcO_tq&Kt>c|giUfsrGC?+?5WCg$
z1Tw!f-W5_zp)-nELUyEiKhaeQbWMmLMAp}MU{b`|iRK|$h}@zMh`A9Gp8L(HV%?E|
ziC+MDnv5HyoA3p6`}2<?%tR*<yVX*^UfA4zyjqk2;gg~5M=`oNTI)uk+K;+L^LAmQ
z#u#=dvNBpny|N>Iq2v>URuOqqA$_m>xPurv3XO`-a*N8FfKhKj?VqVUn&EG>(AKC2
z{LrgnQo|qQOaQq<knSaBR6G}FT^i@O6~bXmQMo7u{CE}KjX*?R3>#f?8c}Nw$U2nE
z93*ICv?K++Wt~&lo!S1?Qt{uB)-2gBPcRYHy~em@5NvBp5{B80^442gsDf#o;6eft
zPKu8_Re6QSfDS#K`Z|!AU*WsMA5YQH#@Sxv#cdpMewHs(VODs+U0}KG>Y6U`Fmm`<
zB$N|;nw<SJJaT!>P$bTUI=_7Yx7L+o8J75=nH@fPB@yb0xyW74jyY#o2H0g_Zd=0>
ziK<F~^mo1!jxqr(A}k17c@o?F44MJ^lp<#bi{$!TXIIDwYm*{GP<D|(4C0@=R8LGS
zo#(bos+4c0C5_*(RDOrvGqlZ=b6~%D0t6$aHCCnNlTo69lbH_P=3YNlt34?%)H~0N
zbW+-%p0r)XXzhwv#52Q0UT=!~I{MHEVd}aH<Mn^rMUW-NX^bW-^W&O3*d7^(W7ynx
zs0rjZnS2Dg+-8knpxX-8JI3evVgjAWz-iB^bJR@Di;tw=qf6`RZgDMF%dO-VYty;Z
zn^XE9ICM3A_RP*7|FX!Q2~Lg=zf_`c-QXhQ1aC1By-suD@zh@0+zX*(p09ZXA(fab
z1;$YxldA&<x8|l>{65;u@^(`8nwcx=1K;ga1RS-Jljj$RZrC|dys*;kB!eVstqB4T
zwe6%j<tZ%hqK?n6Kv&$crHd{bvPK}wl0z`>yQ|PyXC6xA=}PtXyml&+qf{zsGD`RH
zN;B`1O%Aq;03z{_nFM8*04B3}4-$rNrzos9KJMs%qd^vpomC=5svj-E`}@~d*n%*G
zPp$w+=e*DX$LB?A|7>O(86KFDd()!H>*F$Z?7t;5QuN^MkR9VtIU{g1O4~zn5zQlP
zvIQinX6fUi;BOvo*vgll<Hb-$^UrER+(jzXCGUUzv5GFHE-TELPrQ=tB(7<5%=@c-
z_uEXKViAWxNjh2`H_likjx@AkV+?3g^Xp0WkWDIQFjuI;Gg8Z_gD1S?V%kk?bmQY6
z7Bg@Zj5c!7`4>7BASocHO#K-KGH3E;QXer5k8v~jt!?-%QHk2IORH;A+3W=mqfJTF
zxtXpFAyo$)b>InN5N7NQCKY#UI`fIM0G$wEO<6t|ZNMJt*wIYIxkPUe)dGra9Iy{c
z3W_2u3baRJ|HBWzvjRGfeUcO?c_Sq=(A#wxTiJGy5%2UGgNH#>tNWxsTPALln`Ov1
zAvYey|9%##;KCRM^f9f^&ek(b?5wEWAhcCc`u6tN6^rQTSHq{!Nfgkwm9N6?DO9R<
zH6lSO4P31Q^v7&$okP-V4q@ELmcjTXooJ>R+R}CxObnG%HdObF!9zb+!jf_-7c9Y7
z$v|6Th0lGnJ+Cf6VVD{WF7p0D7f;TZH-Tsl)Au+C_1A9Un6elp$EMSTm^wF#WQpLi
z$~kq}ec@8F<CV^Rf{{=(-Yr$u8mb+v-OrHm{GtwdJZ!aNaN%B7LJ7m2f2;5(s%O6c
zc&yTFJ)p}D{JbE?SWPK39KmGe6$g=bfnB0KM@dPy_4^CgKJ9)r|4^6ZBJ*b?wp5*t
zBaJ0qWtZhyPR0bzM;nKyxC-L0a*oR5i5FYI>2Sh>dMBNedngUqtGjmcw@rN8(4ivA
z5H8T5A5N)-I^=<sQUI>aR>VXyKA=pfC1|ynvHgzt%|G6e<GOt$m#tguG3Dl`E9?{=
z*H^~Vr<&Jp2t6~NkuQlfe#*E}0Qrf!HpN#fkx1?e`59@-0~z+sg3z<*H^z;C#h6;a
z!DMXHqPki9VhcWl!0J=wNES@<T5j8`(N8O7RARqqfWcLwDc(5f_|Hjr&*kG{MijQ3
zjhj6iNzO|Xsc;L4g%+eB+29v4Jst(GzQtwkU*%y9Mw}-US+bcqWWc=9BE2iR_NiFT
z2ze&4$s`x{aF7K|h>Rj??ekjvjgcMrs6Jy1rY_MINQLW>hD>=w$yR+ct06WD-+D8!
zo!kz2ANe<B@kMIu(uU!v+j*($i+A#@{@|gN=ns}Xn0bVWTMDWv09na;cTSK7+In!P
zbz(5_JqH90{!%y>UaLXd+KDV=Q`ZckDM=gO2^!0ReKygI_7&uMqi@4CLKZ_Ycu*4_
zpGXjgRI(Wr4xEm>MB%vJBEhdhBT?Wth)|pRFcK3Se6b)S(w^KQwyRI0P)AqcC~<!r
zp>;(-)M^W8`hHg6$M4oh9+kP=dDYeW0LXTWs;01c0;SUo`J?SJR?9?VH3Q7g$edIF
zsTUi1R4c;a{a~Z%@$cR|m-WJE9JtwNwA&ZK7G2&%_mn_XB~yRTsp6Z&CDC}R9CnxD
zglk*X-vlz2`@{hR`AP&`{20-&qvki)Wr$RwlbW5KX#UJrBv0D?$|fPo1gE&=7_Y!p
zoc+RLP@zV^uH%aRW0eCWw8iQq=QdN8ly-(?_6|Dl3hrTNAK3&e5YzXNQ6w;j;!WAy
z53Qy4EL1vVhWr5%hXhv~7hM(?CpE|_=LBI7hY>#W2_#0pJw?iX730$)eyLH^sbZ{U
zppY_`xl%wh{xuX97TyG5juOPo<~SC-7=*evo5D7t0Bkq8l(~Es4m)p)wqY87ZQozF
zMFZbI4o_~1b<|JhA&ypHE1Zb&r)&xnXSrD&4C|0A=d)h0f58kP(ag~1qN~Glkud{{
z#`wVHnA#gI5iBOVC%YTz08Kg%OZ83h(n4s;YRkV06|z=~tkBbwUFaZH%`#q*QvttE
za{<F)B6qZt$*k^@2K>=Ew>a1*rg<V;aGii<&!`uwM*>{@pp1XkJT^GuSjLh3Uuxr9
zLJV0qUwq4&&-eS34Iw3ek%HEr5-r3!%)2+1p5}MY=m0{TDRdP@{hRL)cARYX{Gqxl
zbUSWS)jw&FgQ!F-TO1p*=xE)5kmGE*@`(Yv5cFh9am@{(9FDj#%R-^XAgf;C<q=L{
z0Xb?tV(jKqS9M21GP0A6jGlY`Bxt|Mx61lwnn;w7?Hi_sqBK8D$fc=w+3f7tF9MkO
zZY2HjzDh3NSxCmJlzO4WCjMdZ50_VJ5m^8Js-%H(JvbAKI&RVMQiMZpLZ8B)d=uo|
z{6frZ_?8R}<|wSNyU2CQL-R*t6e1qckx%A!VIGx+`RkU?ee_`(%EQVa>(I^wxl_>L
z<5Xzs{){s0!jT^P*-5^E_C^F;El}BydNg3j=qb)?uKdsybHk)YxERybBHYox{fyO$
zNU?*6neiQ3P`tGntIr5&>$Pc7t5<HtvRBW~;_6QS^k7zL3U<BL>22T*dR!NvY#4`!
zi8$K{xC8mXa^mlglYLz;8F$h~5$r)1<%g{$ZaCvJWbpQ2V7!B;vR;Tb#Nz}@b3xV)
z#tLjnO<obLJK2*8;PV)wf?+t%hFkcb3p(}IDc3hKm$q+XD~=A+R+BSQaU*2ddyow+
zYuA)~xn#_GXQmDxhtXgw*xf0$f5-OGR2LEU^8wyRjTuB?6lGj2EOpoz=wzsS)ZAdN
z7mbgN`2yeQ=Bg=-dr{T!XX9dzEJxe94w8b)ZTOi>j~#D`g4kB5JR@W602tm>jxoVj
z;k_J4L}Urwe4*S?H_uA)dyGm!SVX7c2u^Rw$y<uH%83<&kyg555J2t+@lzH*^7UK=
z#lR<v3h_}faXNJkNONCUPm{RV_o<D>&fUR@w9cts*Y{hO+M&EPV1!Qbw8|2~e|~9&
zYv|v69zFhMS8dyQ-<uTti38TX+TQUWgK)yMfRqU<_SEAvL<Aw^sy`i_jwuuXTLN<$
zQQfaxGe$H9#)h*0a%@%B`ERKH<mv5F52c4yO^-gh<Gw_Syo;UlfNV)7Uq2hGB1B{X
zsW&N4oI9F@A9ova7d0a-VHgWZn+4YY!^z=0_*VnEpL*FU=R3(4Tq+-3Bw+rV<aKoh
zN~QH8d-bs8Po9W~jJN3gplW%nOm9JIZfqWW9M{_Gec%mVW<ai79NQ6)BuI<%i0-66
z$w!!t)aEc?@a8r15GJS}C^(=zQ{5CUJ%bggIefSy!je%qX9>HXp0F+=Gj4i&`kFBc
z8Nm&G=h7ei5;?z?7lFGbHF+=*nid=JGb^lmq{V%;yKu&|y5UNZJhGZCfs+Sm%72(n
zBCqTgVCKCZYz*kc!RNK`FMBN5W|pxVCbP3yaOVOnK1vlZ-t%_zBh_|f$n40r^=Pek
zuSL=qQT%Xh$-JZp)W)+^I^#(f$J)$n+DKT^df!yXnhJ<YuhS8b!x|+*O+hP=wMd&g
z+8-!N(QD2{p;uf9%sh)2D1YmsOVwI>k9PH?vBe_uQ{f~*|JDcF>Tx3z$IQ|)%p{V`
z=^-(NOY=OV%vmkZiz7Qt<ti);u-B{+WkybWQTL8~zfJSfEkh|l8BsBbAu$+X#o4Lx
zaG(x5fHl&J?DViHWN&p+)LqLZCRK%8PqOzr2WzQWwqjxKDDq1QWrHOm6%Fo=JG^ii
zp4I9F3qeJ9^Uzao#a&feEZR;CuYieSu-bYjLK2;UsQmhQT@BbuBuBdD+iO;n$Zs3c
zg7eFlPkx$6=jn=ud@?Jz{0rTk)5@Sjg@yfWZ3Bt`5@~<M_TzL~gE3h@%ETWplCaE6
zFw4#i7bB`kDOSU`1|{vc_3;pCjt^t(IUCv2${0Ib0xsK&sWL!<3KzN;JG(@mOlSjx
zuXj0)sJ}ib^T5ZN8XP|9=FWOJAov)%Ly(Yw2P#VMF7kx#dttW5lzm=A@fti$ab4-t
zpaYIfYjV>TepatHL))W0>`t;@YzW84TFGO%->MNDcTE_5R{LDX%SrMGUksL#y$VXa
z@O%W#B#02l3%(mO!<S!Z_vyBb&qbjXe#L-KqF%z{j3lh0dIM!6fs3Lym$J$|K=8Sh
z((6$5kvKgL#>|W(i|(cW+txzs3alNDFYGc<VHfR14+0AM`3Y^>)vMUc8jC_M#IvT!
ziAD**L|b2BsA;e@$W>OS8*FBtc6~PqID4$=n}GN8Ct89IK|0HOdUxm;1mmHO^u(Jm
z>#UH+X1epQ2z#iq8q@~6$j9{P`7=~n<6kpj2PN1y?CAkUT1j7Q^b9&Se|$qKt5fjj
zzCJ_MkL5~ntIJPz@DfFV!sdmd8Q!FC?&!W~RZ?HJSIig=>!QrIKs^$zZ2R5(xTp@3
zWOB1>gEjTS<6&V84VQRZC$7nt)m2jd=k#b$QdXd~M~2#XQX}Ga=z2?ck8NdJ>|Ci7
z`KAE~EMwYu+1cwiHXp^YrtCo->jCVz=C8``CwQ0^w%OdHoujN>1uEO736&SOyOL$L
zn&sTcjY`*{VP=z9i2k*)HQ<F>{yA*go=l{?S+3B$$=5Qh`LiP&ri~q6u0cx0h<A}d
z2n15kX9pPX$#xcW^0(%LCkpVe>Kh(Ss}z01fSvkeLv3h!dYN*FouaG*DfFYQj%^AG
z-_<M;8*az&8^R;P<8Pm(*cZcx4Edu)y*|FK6hL!Q#;MINy1ewDNFBUE+sTxPN<JZ%
zlI#1^Zg+MTw20#d_3Lgk8^J!Lit`JeP?n{SAR?{^dNiT^PRQ$8rpY^tM1*9Z2|TQ&
z*FWvoaKXq^kv6ZHEj=Rqg08a~W}X7a;%XCow+RrQdBL}^v4yu0dbP*;u?(WQ>(|{#
z)fC^1>gy3*I|U<YR;|5nwdJeScb(rN*4(75g$GNtO|)OQ@M8;Im4b0ub)S3k-iNUu
z^GBpuBKxvoKJz&GxxGkDWEtIS?02}08*#4C5SQxf#9^*`>REZ@@%pb$@eYmtFcqL4
zcVcL}Jauoz!K@T@E-@bdD)75GB_$i%ax{Now{shhVB3?qiSkbBc?V}e0UP0Ty^aIZ
zkdhw_`Q$e-sR<uoD$quKM*ODchU*W-Jt*v>Vg2&wxb(aBRZFFFAL;gXZI6j)kj&2~
z9P!lZ&H?gb6V#IYGqfes(?6Ast(!bJM?SrH1t=d5O3slJBQdH9OvGXijrO*d`BZk&
zO@O<~SKFtb(sEuCeZD)$?T=V_uOL})hc>=GtB8i%euvR`yxsi|X~&A~@TcUtdo1;$
zH~$pRtG_uLrtme#kEmR1*?_0`9Y<##;axE3oTv78RhmhXw~*&np39NYLmaKW!55b-
zzfn_512+J<bBU9XYlt^iW@S)O<l0z;m>MmA+6Wxy+`!eM4k80W$sc0W^;~A`!oF)P
zKyEMR7k!uz+-oX$IeyvY+GIKAzZ&3WGL$#gmK_-R-X{b<1VJV6`}}BYm2+nuwcpdk
zw;brjcc*bx;PKo^>m7u7)fi}cVsjzyQjnHGbKJ0}G+r=yb6S+_M0JQy=1Z1)oAZ|#
zs05Gf0;1hZc42`$5WxFz{U)$tAN0^73uK9;c2pcsRh6?h2Z>hEH3{KemUa(HQlyA=
zqBSW%ZD)uC#RRe~*i{((5X9RLW!DyM^`mpEkqYJ_V&@$Q3H;xNdnV}^zcQRgI%BnS
zS?#`1AS$t(7(rP6F2BE#r4Q4ax1Wi%h_pZn$sNa`O47G6aKa-l>}){&E$cPlrJu{d
zs;V-mAS6*&mZOO4wBC~+mT`+wskHkFaW#YmQ2k2=ZFAxoCDx`ZW8f|WN2=Xlgt)?e
z9G!w2GKX3$(RLaZFB>B6{(jN7F>T3ydBxd9zB>!SoW#g$z?CHWZ?tuKz<reOrqAPi
z!pMMW4d~zawJJ+BQ|D>AgbTeQ=!oAw?bcH_5yHZi5oEL#{euXMc#m~xO^4VyVw^`!
zr&j2#0WiWzGO7L!-fYYoXzv|1u?^_<+5x0J(H^4IN#OvpN{yp2^h2(^eSpD?aZwNa
z{wn?vCGY+Q2znT$sM(>R0JBL@C3FfgG;2BqZ<x3QN})aV9d)MT-j;<nCPnJM^R~PD
zSC`r;;hMol5&C$YW8f$sx<Rm07@yy-TOY9&csr=J(RO?qrWJO{e2e)<HisKPWZJy2
zy<`Xo{o{42uAWftKxREtLDee21k|-EdSg20YhfV#dtGZht`J;CFvA!x0b3GZ&8`8E
zGbBTxLLqbpt+J;yL1rCAaHPVE-s;iY5XxwiMM81n{#@VQ?4Y_$3foj&^1bRbE;+AU
zp~-nNB&GXC&y^_2E?xNp#=@nuL0es3{y*SdG|}J<@|Twpu!4_hR9xHeQ_^<GuM*8u
zNc^m9G8dU`s3%(|v~h{n7IepT&#{S`DOaWXhsV5s1k!BoEn)O$WZw=$O7Wy8`1VFu
zruu}u2#F$+DV+8`hEYo|4E{#ew4py>P(q8+_vSC#QF?;wjrZma$q&NNYL9Bc1z`=@
zYM0x8m|p^j#O9$^26;+M|J1GC^2iA}-JQUt8YUA673s?f&#pMYj|on?6lW?iZFXlT
zDr$OoG)lmn|9hPO=^u%}Y}9xp7NeIO-0>ht=+Rf{0mxlpgxYS8f$+yxIw93OX6YnX
zY755EiP<`MyKAUDRIe7|Cn$3n09zD<%@={qmw~tUlOu_w6xyhpL>y2dKGZ0y^X4hf
zqIV~hI%~D3Gd7K)KE*~Wi6W%h$a!c_g=TzsNYD^lsGpF!MSh^`eR^0@y}>?(Ro851
z51r&PPcYVxn72q$kW{)^HxKXijjVVPf1P<?YpiCfLKq~t8{Z)kx6JPfl%*1NV?rwC
z!fdapdfW7$utW8YQa5_rRu0LF(|l50*jW!0M(Jb{^nL_P0#wCg_E8)`h`FLuyk<~K
zZPZ)*_YE^pCp|xT$5Bdg<ZM4ABwIvZ);&7+n8SRqUUt&xJ}*U{)qlatot1>aD0KlR
zOVy$g{s`%Y7<1O{(UNYH>NJ9^k)%(_J-X2>xFOUa&DYsKaQ-FW$l5kJ7iqWmmr#4~
zjlX?d($eOrS@5n>mX^EJVmW#~Td^haLePCQ@A8*ELUpP+A}pwYve+9JR%)mREyC*_
z)e*^)CZb106!OME1B!Y&8<4a0L~BXv;S*2`Nz~N8r9vNh;bhOLJq@oDZX+k)xv%p%
z_5s9Hu}wMgKSZsMmr3*X0p<C`OM5HO0Ur-mY~x7Nrzg<P8ta+r3G4&|6IVBb@T<Sb
za*%^B2NS&ieB`R-mZY~zaC?vd0go$tpCB*G&f^5-g$9%p2tq}vZ+br6>sV26#@5Ht
zxTyB93D;|%)shkqSZuw;NDZVOdp!`LJf+7ANntqeCLr#PcTQ6T8(E}o1g_?yKyu24
z(g5RO3vF{nW~LYGrRA&3c=zS|c!$mh)qWH=Q>v&{9ME7#E@zshamBkKLS+GEJCxZ-
zO#FC8S&FPgL`yJuWs4=nx=ylxgcSG=(d7z-V5w6^!&bqNPcrHsKXw|wOsP1RM9^7D
zFZ{}wOwH&#+<#hY?`5Jv80#;#?XwStow@gZgTDW{9NCofil-zUhR!>I2<e_&C3@T~
z89F_C|Kq{Kw`I^j_a|p0GQ%ZC9~8N7Y&Wbt4!NdA#y?F`No#fyxbnPN-brka3&|ch
zxxq;QX?$6JoECnIm}&e-v9Cm$SGjiY(t~NV`Xcc(HT*uXhO58Qy#MH_GrN3|TKSVl
zp#*X)7ZplQdTFu9syj;m)jy)j;R;*gLF4TcXUjS8vf*V?IyJb#7Ed?4)#sW*AKD=x
z`Lv&6vmvGxIDJmzhkN_eXwE@f{A+8Wo-oXwURB~>{RpY?45L!*706Jq)ii?|_AWEL
z8cQxZ=En`eb0jlA>4GvkeE$Q8lrHCFsg+d)`w^#MhCyxYEp(x)UK>m=yI>K($aESM
zH8=M7f<99Y((XE?$d>3P9j;YVKz}B*Ex`FdC7?qAEBm3EghK?2d#%oY@zQ(OCxQHv
z@i38;3m&dof=ZR_L#-_*JDSOX0rLBr=An>Hj=eG${QSvl?l~mh3TsQ@8?DI+9xm|D
zl8e^GQ){S3&FZ|s>NB<jupP7b+k=UC5P`n1-zX`R{OmZo%-la)>$P?aqbe4;wqR!(
zxbV#|1kpC(5O7AtJs5Vye3z#$Uw>$ThqI<5++4WCFBx+`A3j^pP0Nd_>R;$UPpqdU
z^C-$Y&GG@f;9=Ud^Y>c56Gpm77W;4Ha_RAO``sqC!&kF}w3)h+%ISflSnCG&Lcbt$
ze#5ihB5t|m$+BJ!T`Tf%R6@(Dox4u%(+MfO4~PsQ8rDEur%4&_?OWM1ka~4Zq@BJf
zEJ&ki3AA_?Ecxc5sz>*`Grpm>^#ZF=hC_|_(#EH_mN{#V=B#B^-U43>r&LDXd5s0+
z2?WDW=D0}IDCK?;BE5G-O!$15EG)Px!d%=QG3;>qLq+N-#E&1ur*vQvnp@UwxIce0
zOA$hTHv$<Nk?a5b*N0oY2^1vOq~ybX29+5TLrs?Y<vdUW2Crs0k<D6pAXdw#g1Ha)
zqPz?m!|sAZiaY*bIhxG(-%es8%1hZiN+ROwu6b>&&Qt4CjFj`VTVlNkQK6v@J|;&Z
zJ}8o_SOQ-xwMRc8u+-pQsd;s<w|;HV>3BQXpY_hNPvH7l(&S;S@A4`ymg}Gi$n%5i
z1;70g;DS8<Z*Z37oG5C}vL-&g{Tbqqn*1Xz?G-HVO8YkR<w$zAVobm)Et|maPeOU)
zN0TP+{TW9)O!@|AEDmD^R;ms|UoSbgtZ!Q+&qMM)i5C+oRfPEudo19Al5M!}%V3MD
zcb_$?vs+Dy?u-(W41++DTP@R!^QHvI#-cs&1>w88$O9#0iRpro^?#0FQO(o6kmDyE
zjL(<$QwQh~fM_R@5$l|r_{@v`<{}394glEP@Dh`t<BjHci3HxDW&yTtBY3WVG><m7
zN1tV`au-{kiJ4sBabOj8uf(2Xl^h99IxVOLNEfr3NFUWRSS(B<gW$?0q$gkPzQ@QW
zNoKxHwZYAl5DsCTZT@Z_<OTKcV>Gd`Z9pnq0wd*KP%ltKS*PgMJJ<w3lYJvJ6DX+%
zn~Qbo|DA*(9<2!g!2qdmrXbHr31x@a9sX6@1re#%f&ylpf{{<n)L0SgfBp`pTsS?8
zko`_9kn7tc?8Yb~I+)XcFATWx-e<;IRr`Pz5(b^0lMRGM1NH)}@&Lm8yq#4l3!9AX
zQLpDvQpy%ALvy0FTz#v@Us(jTZns+Xa@RV9{GM~UIzV|PrTr!v0+N#F9dgF5x6&`u
zRd`7#exL>7_<M*WD$^|6JSZ&f(>|0lSw<=s3)8ya=94kBCwc&~VUR*oYB*~3B-Eld
zNi~Ck`C+n4iVZoE7Bkhs?3AawIZ`DIrN`Jm%Hr+410Wu?+RZU<I5K8i`|3=yI*h2L
z+ZUsYTQ`UjU|9Mz)K4K$Fa70!^aaZQ3^IVlCyk7nsW}&uwqGs-j{kb(yCxE0&-kYF
zfjpT&rC_*oT$#k8RRauX^CIWa33v{tOOtOjjOExQ3GIjZt@Q3hY(A8&9~TFgK#cD<
zCG$J0d3g-&PHk}6HYyNPf*Gy!9QJ3rl=HJQKR-e~ia)(uEtM0w1=q~<60#hS7b~S*
zhjk~+V>N7Lo_Q$Pc?wUejRC1j;^pQgZ{)8L@<x|!bCi}r3iq)&Vo72|;%K7N612tp
z<D?9=qWtr?o4o5LPMT~R&0E=S!Y|h|MzC5>z;*BbNX?{5+ie_%aTNcs-`)u0E*7^}
zPE~Wwb6RE&ChjQc9E?dix}P9XCrB%tf<pl(S^p2_Qpb@lEjWg${xm9Muosc;ox!~S
zjS+G));8Xe`Nq50L{mzMhLjDLf^H_m2{~3LqK_08J{hO!ML#x+|6cwJq%h?Aq<AY#
zyxAEG=eR~bb}CkGuW~i<_KA;riP56{;RVqY(A>#@+D)9D90^#qjQYK%lwy5)2xNN1
zZy<}0-ZbEXQ||?`Q?IcuQ~MX1l5(&}5C$W|>eqRkK@Lu13^#^p$cy_7LIrKb<P+8+
z@^-Cc9y=-bl}p#MJ$+Q+XUbdu6XY|p_oyQ-A|1u}MhVUN&Vcj1zU+?x^_<jUOk;z_
zWzsng+7WDLFYZk?Y~`}wSzGH<(%lC!VdJix0-r!IJH@5y0Lhb^`NKY@*6pEPF7a=*
z1lNGH`4cY}Nm&11G=Cw0qtmD6KxI8q`b;nnFvmEc;7Z6YefDFfKgYjxAbCpB*PNqA
z-HiQEN6Z<wG{MY2p!}kUhS_&P0j4Yjot$n>%ooiZNd@EhJ&*t~DGJq}I_xHHeZ{bL
z*t5Vr-k0sO=9%_<_nxKV*s!c@6B5X!9Q3Ltsfd3XP~TxR8^e&ic)K!zklMYQB4<lu
zfgvxCkWm_BT@g8`Ps*E1l`sTy)*0U6dI}g{w{szcYK1d@R-ZX;Ej6a%^o4RmKtoBg
zJJ*=3aFVf71EE|fDMS}WP(%dLeFNr8Tk`j^=cK>(!Jkd@QxYD+msF9773F+HYukY{
zPbY7$<z0v5whC#^@Axs)RHC&WeSE{l5dl*QaQ=Er33_gVOP*E87XOV0-8e9$3fEZ-
z&)jSvLA*-ogSOu?PYRj+x{m2Zd8+B|PByx{S|;v1z;|avkH?uIG5Q^{;CJC~zO&v>
zY_PA%Itj_EtQ7P0EZ)TD)A-n|khdT^B?fn764tqLeah`-7OE^8JJ%k*ht$gD^txDw
z?<@AHj!Yoz+$iN=vw)Ovfhv8#SP_g`Tb0M{^zs=o-TZj+Fx&@IR&JZ=79X;-(RAT-
z<&uRJKj1-|w5I;6SLB9CpAuG0U}GsAHd#7Qv#2WzNunX$ui7VR!>J_TEPVR|$SDw#
z^gn3~zr4bK(-;_-=vn^DTwuUsV5MXDA2kLBHYPfj|E0#z^s6ysO}8*dbPC#;GqrVs
zxrXBPZ)3Us9<2xgot+@A0U)l>GI5*ZJf^4HA6~vUdVGwjOIeo76&@X;iU}0u3=o+B
z(Ne^IE;BGxQBz$2?C$P)IB~)0{KHFI!y|KueG_9-Q!#wv<QHZZXI79+$c#=b$DnrX
zngA%#+5F{s5GE#nK_vW&%CpM}$IOA~?g7R!Ij}0+*D@Ob%3yy0i1QK|1LO0N$E+<(
zZOlz2fF%$?H$2%iGBnwKbONLO_g^G>8-+0d8A3)@_*h9TCH?ZVA^Ae&a}e_YoPaT@
z0hjpx3u6E<1CwK11}UqIs4N2_Qbt)$Rx-!nhpy~c+XTk>5sfUX$mk&A=95z6m&Vq6
zkN=BTUQ_Y>QJYczTgAlA&BqUW^fL_%^_fjWTSHP+QcN^6@Yo3k0NuB|G(UdN`p?(A
z5QrT3GZ{>R*%4&p8y`SUlZ|upfq}lgy`4UzlZ~Ab2xl7epY`{dVq={XP#YjlHDI2q
z=r6^<8*N|D2-v*1KJcgu{kenUmsMO}o}GApLj<|ko7Ix15|F^>a_S2W%slY+lELx=
z1<scK|0ssVTrGBDVs^jk{Nn7!|4<C{WOM6t>%)+Gx1(V1%*^gTwEiUk^5~+YyV$>b
z2ZvAA=^qJnzyONH`n!92r;i&P#wJJm`%h8Z??x-byzIo{#Ky&5mH$sMsN6hy{)b{%
zI|@cEA|6s+#yH{&G#$l*2XP*anP1<2lYP8-3K~A*D;yh!)iX8*r3(yE+L{qUF|&kL
z_!o5B>1~jb$HNYc!=3g$tEIUKxP8_2UAsNCFf(-JdMd4TmA>?k3P($-c=((2kCDKu
zB_pdd7#*+_4nWEE2%1#y`M1=hE#vQ52Fs)K%;)Kso*$i99$TDFeg@h<IX<_HvUhd%
ze<6lZUjh&`nqP>ap3!WMKNNI-_F}=sgb!f0cM6aA=kh%lG4I<^&YZ7w3B=6w5Ri_Z
zSx`>_fFlqr;Qc4p@mW_3iH3y*Dx{@k>1TW4Cx)@9x#{jTcI+o&j_#{ESp)FQ>^}|z
zk0dGNe;fv4NmIi}UhU6R^^J7|ruPAt6PA)Z?l(h)AMXq+K11jZ4=UeXEdVeynVO$_
zf0Bi@jhUr!$iDH1QDdl!0pD}b=I>SwfW)AzhO#c~?H|l^Ui|}?5k6!|PDcPraMHfH
z`T03u|6hK;3L6`M7Hv-KKL`UR3IK8;&KzbEP@Sv&GhiAZ4x*1O2`RXr_-pIAZWwYO
z(LK67V4Bbmfek?7n(h#=9?}o%fdN?gXQUc{RDv%erJwi(tpPBd_>VB2%X%-w5X}p^
z|Jv~n0Yc}1E{K8ZC+h)NJ>{1$9#8V`V(B}2J#gC6_wVYvF37>+Yb2jnhA(26?B#A4
zILd#F2e<=9kZs(U6qyxYLB4YlUqrI)*WIvS%%asJT!bZ>MPI==8iud*L0=F*jHz!x
ze&X~W-~fw;S8xzi<2QJS1&goWi}3?I1d_=IdV^ok`WJ9O5a7=WWCZ9&`u8Agg7MEP
z?1DAC1<);Sa=l*>`!{ev5&IW4%8^rp(@!W?)4*;8JKxa^T1?5$8H`wVBi1c0WZs6>
zHw$LddoF2uBK_Q5E(1St=XY>bp7J;U1XRJ@@6DHw-oU?4^_AYgsNNl?8Gg94e;(q#
z1C_IJ{8vi;q>$vXlKnu$vpTsnIsFX5bP%fZxy;S}e3yRUf+YFYzW5qNh5>AMW32I4
z>*)bIhek#pzcksse~MPz_5MxutudXWzVCf~X@t_VxUjK^s%wB?I)QGHu!O3<MWxNC
z2`V|#=c*n+TS^l5(-_aX#_L0!+$CW|rGPWLn=POKn-IUdcrO82OSVt|>uq%3Hk1Bl
za5gOX)E}Kw-AM%y)^g*zAuROJOZjZ@HAcsrj+fHOSHb+SQqdH^qUZDeR7)x?{GbnU
zzK8uXrAU`C-qZkW(j4cKWK1c94f$aB<3rki??l@6ut}(*)uf+$3-vFHU!Ux`4JOLl
zmNkP#TO&W?#6DKlV{-Xa{@^W4+S(<^isd_@7S};}22vu5A$)>Y_!zAl*p(uxsi|Hj
zmnBZKW+l|<&r=1FytGY`hO&(kK7*SavB*5y(;_gZ1r$;M=VCoUb8+q2Q!7V{$zu8m
zJk}}SYVmi)LUzH;Xb$^EY1V2svc>WCLwch2V>KHD?@c8g&3+u?D%E7E*Ss0necd?m
zPewe`g-!9Pd+=6XsfT!Y3KWu{*A1UQ={C0KV2R(m1DmFd8b#rui&2!cmkTJ$AlG1F
zu~zj5<w&@j!r1=-LO{L01%ygLofML8$0IwO>$MfaT6sTarYg7%HCi)*E!QPY?4QD0
z{;g;E>kMvBD`<|h<BHj}2w);OC}aEP)H0%jhtdz<2TYYxE_uEmJQ3}C=CtD`EaJW$
zznQ;&45}iV9rFabQ3PCUb&Rl-7Yqvwd_2^|b-=UzRb2B$Q{gqF)H+w*l@yj2ykUA*
zi7h(bt<*o@Beqbn_N@uBiKxhC`vVK6Q(R<z`N!OTVbrL1P>m&y-!;`oKijN_CuIv(
zOs{So2p;m4goK@KNW8EQ7yr1O#H<{hmnYPUuF$P*yU_?lrcyEBVP%BltsD^fArimK
zJ2fnnKO0f$L@CDgIGK5wxKQD`L#+t5MF+P2eat6wjyn&sf`6Jfc2V7<)*9BsAE6EI
z!t_N3XM#%aV;{pclew#yxsspx0sI1X9sPtbdUF*m!!BkxF_--_tSUHRdMTZ!w!8Wg
zjSl~=a=P%)3a54!t>lN$;H_&2<o>cc7`q7V=J)u7X!-VY;t!E(O@#2PH_7%8YpoN5
zJPlGmb+wEy;d~NZ`%TSom6mK#vx;m>({G!QNV*)nh15hpDXx1?74Ye?l`hXjkiMVS
zoUK=l!tpk)BrA+#g_ybiJ{(hsaP5sodT3UQ*&z2)%B`&OIX1<rJ8|m$&u{nyR@4Na
zeo4nAMizXHiGGvs$Jj4c)A}@f=mBP)-kDcxJ|gLm=COgu*`lvxSobYMUijj;Qk#}g
zc;^YTi(*pR@23-kSII<VLJz)$G-qxaUl^3LnZLYMg}<;Dmyy|ENYiz#7cqICwTMT*
zSEOY)q$Q>Wis09gYvFdWJTsq_kf!gZ`X(#n8v=P`K`PL<uLMP!a4_9)a?7p-awjJN
zY%?N1_pK^pKm3}48{HP5FvT`Gl(j#ZA3-PaJ9KlCc!oE^@MgmULo&_y`9sHGU**DC
zh;;nYB<8`|Xpyf+&z7&*{%e-Dvu`(I>WI3<fi3$NU3nJ8Z>kZ&XTwM^S#}gf+n&;s
z(ML&dBpiSnWX_S|w9IgA1ero0-UEB=5NSjMSz2i1>_E8nHg7?Y0IiB&Z(e9hg|BA|
z62VjYN;CTO_m?9P=rMZ(==vr?dVkI<14-ER%3&;)%>}$cTM2gIjX1Qv<)5cXWNs3s
z3QK~sUeLblBL4F*jiSV7Wc8`GD1C<mZq3SVQK{*fGr_*CsKNT~;uVFQvMUPf-^C|2
z-TB0zIUH1WvtLWt(;Ld~vpvhbU?^@q2T)HRlCq%i1Id4NBst71I-c-BwQ5Y@2<8Zo
z8CGTqInh|AOhBgh>#6s})KtgB&AOReS~={3_b*)(-Njo$&zT6rlHJW1<STTH)>ttL
zDF8gnI<7oUH3KHQeLMJ=t0GTuYchv%S@aCX7P4gd*b^kWuv<C7t|%4T_I9(lCK?Ej
z;7ag$QIwxbk**`N13SU$FKc(fjvj6L6@2OWr@~8cUV+(q;nwY)AJkY?(pGjHXLn+?
zM?(78;4lU-zxeX{FR2C@uvCj>1L;L^7*hRAmjXCz(>d9xdiYiI-_U1a)-Ays=d0fF
z&%8wtd(e)pNRwe)zP{$TwV-+`#Xi<4P>H%TV0Ke1iF~^>eabC{$K=3KVX?vi`*ea}
z7pu+8IMv#C_2_tIeWYi|rUD@C6)q#pg%Ep%H+8slzVz;`?A@f1dp!l?NVc(KhA;t6
zfICH2wSH0Qn4amQ_nA*wJ$p7Kl1a)Qe+yG$-O@U&%zY!_F=hcog^1Nzrd+zIK+|&7
ze?vX@Ih?p~ZBCQeOdwIW$augjd(6ATBfH&uuFm%@^nVWn_CrN#gOGH|HBf>WQOh91
zvk`*ApOWDtdO@lZdMyWqOITxTy|oc~XepnBXS@WbM<El~YS<Ss5w!Y7z$YA2Srs7+
zGv$ZPG32djE7yQ<y?}AHeXFXv_&#Ge_9|s!*%6peUwMR{S}BaxJr1T+nt5vYhdy_$
zg5##bQOU#Lxe0qAIc3y9lByB4@U0jSfA|`|V1CZ3SxLw=7jUEzQR6TLr3NcaQz+Pj
zwSPUczh&!vk6x)N-e2dA2NBd!qA}5A=BFe!3(l}P+kl-p?&UX%GMVw>FKzQ4M>f3E
z$Wlgky0aC@pyZf+qe6*;iZ=er5MEb}tsUmEQ1=-2?K`RZ>f!As*@i$Vyk3a8c0m4N
zvo0a)mIw75qgIA|^=Q#-)QW%JIqZu>PI~IQ4?JDQUHne#XvTGO&c*Sz<DyQ;H9Fn%
zGu04#lJXo{<<Y%MMDtvXN8dLGzFnxQc9dO2@4q8@7g@G=^L=08R+?ZoCcFb82eRW-
zrD4qAMscRaM~%(VESoVv7DyHq9@b;BLF=R(pWM0Xq%^q^69y<pZdIOHc^WwryqRxW
zr#nbWuxm{U9VEA?Ycf34|2iFSH7|+5EJ<FXG0<~`hmL(U((+z&7yo8w&~^7yg7}c3
zuwzkV{D9QUfOd}cw9=WkI%ds5DsqZ1UXb7H`+Aj=!NYFdHbUQX#5)^+t(ridoG^VY
zZGMA7AIqeA^`&nzT`EKOsFk%(^OUi#dqI!~OL|Zw1vYq;Ca=1`P|z5@tY-qdt~Al3
zxe1Z{?Mt68c&29aP(~b1^RlfxkbzK@LQ2l5N5`;#Jm9V~aH2f-r$BbmE3atC$*YHS
z%Ln0ug7GS`qZ+QJ;{Y82`_+D#p5WSQl+Wprgyh35$*8)N7SH`Eiol4Y;6RS5MQ1@v
zdSaEmS7kMRJrP2&^k3c%PbqWCicn*jjo7cHMnOz`?;)^&x&e8@GCk!_5y%8O{&m4}
zvmS1c1A9kn6zq94hLXYkY&qSakAf+rU&(NQ_dYo)cjGaZPa2<*KX}N;GUnEd;UN`{
znXD|^1dvP1OYCe>&<vbyFQ)DzzwSA7NxOihFm=CC?{^di=yFDyXi}e`)9$-p?jn2{
zhTRR;z?7Ze4VYG9JRhx8n%okWER*7lx4XIhV%&2@3ay046|#F<sDk5o^Xr^B`l48A
zB+aB-451r-DCb~wx@?HShWPD6+1mTv9<mRD1cJ1B1RG0oSr-D}`GNhG?49REN69i`
zf;LGcHbZA<v93B{NmzTV%i+~tyGyc5Gv_U6$Pp4v+Gt3aLTe&xa9nT6MqL6Qa(p_&
z50>6_>8KnEU{|zJ&!ipj^cI}jyP|Y|yUF%39bJesW92%ev42MCVXdAmd|^lqz&g+O
zV06{jP`||6xk~?OUe@27muW-P$9~3*G*psZ7|xA=L!H2I&9?bNcg+>+R|@V9ZcC4?
zaV*4>afwpwz~YUNl&_36a~Y4#ez2g%TNa1h_;HDy{1i*qQ)0ztjO)Nnw$4L0dQ|2H
z=)G3<T=ua5brV@+EN`kiT7dht;5b5*F1sC8blz~+pe5Fqd*;Vg2w-bxW7S>Y`cXnv
z6ogt@2qR<%EKwzSN~pU39@>@v5dSpKTt@B603d23MPNOpL~UQDTaEOEEe@yA=t#Zc
zg#10T(EBU~vGX-76WaQ~igCpLUsokNecNJ8)S#2U@!s5AHEb+=ZkuA@GFm_c`ldZ^
z{=4{wp6|3>fRbSAv@(QX&vTcllrTIwG)b5S?o+SD?jdOfs^y$vKQ5KCU=zKVh(n@W
z#1^6dgvoMSO@6|yXK^57Tbi6rshf#V*T7h~-SYaFPz558MpMKU4)w`fX(&e=S?OuI
zHwyBjLK8kR6)r~6*<SYtO36~KvmfyDS(`7_tszztb6UR?h;+fA&Vrsc*-Q7PzN(I0
z^%GZii8btN_i@<_dU;Db;Z8K8W9J??yK^etW<vVB@L6?qU^yq`pF~v$j$SF`@j1&X
zuPv<|+|7ltTo6asB)DpvI44MNE#ed6RkWIBmM9~#{JckHY;RYhw_-J`N8j#?Af$|T
zHWY+_{z_g+hURlj!oqN{@pz+|(SAQyneqX5zlltYm*AkJCM`l<+v0Z9;n^TBPwl+0
zhYj^UMJ)7Quh{er>1iTsZoA}iCT}HS2~n?dxU_D@EQ_|`{Jm@Q>NnmK5|8?@CPs75
zRs~AJ-7}60n|$a&-WL?9!ZQX$_YP5+=UM^sz@lohFG?xuDbL3?oIj$~cIK9mU@r2<
z!%imm7NXGHH^}C2ofluMd!;vsNQ!u-J@E+p-7u_#k5hSs?Mu2T0~LKM^%Q^ZW1jLp
zo=@C%mHT=pqUn#Y_`7tvg>`>@$%L_yJN|K|NibLe=_!xiB+J`LpV^8;Bbf4uLj1c&
z52cR(&!g<GB8QW|vP5S-oB!zLL5j_7mR$i)Cip(xPtwWMn&rxwgAuD#l7YX2H^(dL
zvFx=tAK(wK%>AJ&G4WzF8zqDbWnVic3*Y8_x%ZLbkM+-`*wU56vIXS6ubmpbWkgJQ
z!|DSbu^%T5#47PLPtBp7p1nj!drRFKFi$D^ateOVF$=#HN*>5WV$-d(Q(-!)wnb^;
z2_I;cjd^#YXnI%Mb2yaaY?sZv2B$XLsYn%lQ|kF{QQ+Hx4xWbfzRa5&ulC)*W2Y)A
z(^LVqkLT#1Jo4JiZ2h&}{qkb}PFO4?eJHo(Y0kJOefWqj#z{1)O+YD%XR{)HUTeYv
zx|Ae>r+MW^vE!$?<&cmtmV@{>>{d8btw?I21N;!ad`#$HPnmRDzCX#~Y7UanlO2s~
zq-EP6YyD;Vnnmw>z14+B<+j-}<aZ#5@G-N!c*O^1)1hXsG3C-vEHl5VOTrXqq8A+F
z%g!!|ql<9dv{9$fL*%hyEEv7?8ZkU9867&k4@P*FpZ_HB7_V_6gXBNS!Akqo&Ae7U
zU76|e=`h4D5V7sSyf8B$^kB+}7wba8I}8!60`)T*NsMID06^YH1k;>M-o^X$R*em|
zb@8sf>Uq@6ltDU~`x9~_`eyb9^p209Jrm{a{!-`r#ogrB?MbhWcK2|#ou?Fn058j~
zP30~r8DK#jz@weR#vHKI>3cO^?D!s09*&lnjf{yTqu3b?u>~c+daD=bSkPnPv~l3>
znar~!)tX44AA$@9h8RMrCKGxJFXn+kk)EvOeS$W`-0~+Ra#zbWoL79QS(NgglL(}z
zYhXLllY0T4-xL~s=ZIIEDEmGX8JkY=1K!5v5E^e~yd`Ro9KdTTFusZJVP;EZL@9<%
z3JGYEq`gqlA;hElxz1N)n?*`#7EO3DI8U4Xas+1)B0T6hzhC4?zeaU@wS_W0_C~Ja
zL{!|%4E5EuuI4gqQ9O>0C>eHKl@lBxvJ-1|Q-CG@Jh8}!e@*RfzG&A|m5jcdxh4(>
zhgxTFQUzI!CCuPLHF&EdN<mJ2tS9@qV%V6`iU?lwVp^hpeu{P5uy<$Z*Al-k%aO+`
zHtqhgh|7JaV^ru|`_|5{t&tTvJgY_93J>N?<E}Q;9R{bLYC%S&(IsD;dreX<=#_J$
z;w5_5lrDGNv&j2txd(EcG`h|3o;Dw-S4KRJYuo*Iy#z6d{k{*!qOJ*0Ubh1f<A_g}
z&fl$3Uu5@KmUqPkI=%;%Y|H*~uM3XqdPEnY?L4`Yz!i>fE}zJ6Q2CG@eJ8()+ZO;S
z$>MvB(s7~p^2JBe;F-MYI=u}->}tEQo$!@C^9<blm9vf71x4V{N#y*(P}RHi$D>DX
zew%0XPOaM&^1=SHvO~PiosBlDJ7?I<f_e%L=QXEez5w7nK}($~#9jMm+#{r3QB8Pt
zbzqukyT1`z3FVYpn@?(=e9>wNQIRgkdj-FowOE0-du4o9Lsc@#at-8AM04_O-U?3Y
z(#CM_LMp!N+tSqY&>({5uuA}Bzso9Bd$OxKph&~ZFSfL(p$mB%)mff#qzI)ghRX03
z%@Rqr)2G)`Hh2d69LSUgkBd}VK89Y6CHVk>@8)>B9YU4J6A5oDfQSxN@~DHU*0Yz*
zt(;WM-N4}kXLbSmUP(@>H{-~ip<s~zTg^FgF26>gP>eM+jKkKM`ma?9(*q^d&gs1q
z3^6u>EzD@cwxTRJWeZ(mOScjt25Rmzcn`c#LWXZbL%f^A`|Qd-a*kNrU7H83smcy-
zWY;)H^b;S113d7MEqHLQaL5X^?)~%l-JIve6CriUp-vU!gB)zi;;sFqtQ&{p!>!jm
zdQAdl?F9J+Ejg`SvN)KmZab3oOI(-dyVq6K9Dk@!#k_cbM4GOi7b&f$dQWkimE351
z1QF!=-oa7Zmmx}cMDN!bo{o7i8W=|o<I;;YKN&VGr0|E`{#%##O?9XOiKD#NhD_Cs
z<VB&JA;gXkYY)6C+zZ_Aemn`suXjO0qHB+Lxf6u46!~=Dq6}Fr$xkSB5Ds*LK2B9G
z#`9NNe(v0c(mLQ<z`jxAC9^%vOS6URSmRx!!`%96T;qCLKY&%HI5Qvso@e1|{H4fM
z5xu?cb(?h_k9<ewnY)~{y6tv)_)tQPmLnE1E^sNa%(<Bb&chYO&hxg$2)08$h}21p
zb(lCluGcJ0Z}C^oxp)XSiSs&f)Y07*;w_yXKG~~3?=Mn^S8YMfx?k=%8ut4{odZh8
za~x&B0y99@`nOQaAd2YDN9N%1<|!C49kML7;0i3U3B0zrfjDwrkKpEjMOg!vIlbN;
zCBOMsM*Fn<?as>@V+4du&BMSX#+h9jN*pv#))FYM&cqm@TSg~KpznS~>7exTJ?p(>
zU8{Y(pYc2X_EMG9EQwKb@XhwzaDVyt8K0)fAN3pxi~2P0m%41fZe7n#>g>^%naEdz
zLvz+FE-?sp@~ge{!jROgS77Y=4H3cL$gtcmN5Rse4agX5Hfei$IDJRvwWJxbx1||*
zl*ofs!8bz<=zBNm(CQz$<48xXfu>?cyKi<+ISP!1Gw32@e06S}xZy{URQD(zmEFxS
zvM)vAzC&WsAaBxloi5ZgOD^IN|23^&Of8hXM?TFT?7(t<wOHPVSfd&583+Y#6wQ-7
zkgXPy)A(%5mo;gQkr+144h1+~78~B-EZlXZn9XoJlnmtU<Qt)j@b=99q0FafH`QX8
zf|_$6z%(A5{7g1mx2OB5Ae*JcUvJfrN3tSC*6Fi5j9v$ZO@K8Rs@a8~3|_!7LzC2^
z2e-|t%;kZXm?Tlp3RwHy9n<Qafr4f*gRMzv63XS(lZE|??3EhQzOUX`L_g!m!5|;w
zQavG`$2W`unh0YPsF`Y3had;Q&jO)kG6<ZcpNYoSLeXBd$Q(jkh#W!L>k2#kvvsK}
zBwwVY^3$uvIDg8n424_?HxHYHLaZD0({GBc$BH74yK?V}n<$3I)-`TFOvI5kl<q%&
zF8X*IUG4t}70SpwWJ60rrv{B8q~i<J`H(YHL!CrSvu99l)A^}{_R+w7{#RqbmF_J3
z@RLk}nk9-5<8mkdW#+(Pey8c+(kM6K?1n%yl;(<tBNT!zWseD*n8hc*u{WokVKmzv
z1jL<-c}K(X?MwT?eEVeJJww52#1t^EyQ-*+;|v@xUzfoLhv`eHZZ{IxNkx%nZNvl8
zXI^!#(zWmYS<}OU+wQ2+N>e(AK_Zn5*gOj-<^CkBvp8gSaNwflJNn@}5;ENLo|qxD
z;K9%MG|BA7@@@=_`!+oTPx(h;mxTBHr=Q&2V0}d}6KObL`V;K6SD(|@&NOlnJ?zIq
zv-ch&Upp`pDoB7(5R;3IR*mLd@1igHEENagU~_o6L>HlVcVy%A5@#P`MigLn4=$rR
zvZA_rseC6YSaxo7NZv`vi*A>ao3do9IVmxzexfwF;WbYXoexEn);zx#H1uEs<{7Ks
z+LoYAP9!FktZU+Py#rE7&VGyYn!7;q;HZ(uih_UqVS-`+%XBU{_8JGZI+r|db(tc~
z7q6vVS4P+WSSlnn!u{B1(rVzarR$9b)rd}&y|U73fU1NdWC_(IBWj~E8($|D-~TC;
zUxq37<LHEjtikgdn|r9Hl?`Fie3s<*nzk>G&dK$V*%;<^&%@|ml`X@uxl`*Kej*sL
z)yz;g7RfF#Mh+}>3^f#wg+W{7RYBHJ>A@_y$remp<09sMAMD$l7(Pxiq+(w<((7Vk
z;`P-;orvRdz7-;ntyPI-Gd(nsSprxUO>wMU5iJ?HQ#(p)hB_*-mUfTX8;8pe#_^UP
zzchR~uJVrvC3f;`4=z(Gu#(PLD9Jq0uLhQo*aW_MzTp`{;s@koOruGpw=svv+rl${
z$y?JYlw=@Q`ekN!G@(zcMgJa5%3fh(r<0DBv`sovN{%p&Cb}S=Nt$3eCE;}A7nP$$
zXxT@l{)7yp8q8$)!lW(5DyVBLz2IqL;=ZA0nnmOgE*&Kr79GcW{F)z*1b4M^OspvZ
zzD|W706$Wdh2YVZWHp)Jt@^t<37aIq1VWDN={9ln${leX?yt<LY1gk;2;qQV*z|;$
zSp@92k811?xC&QEHTQMFU(XCJuxf&NaFwHfUAap02&eQ!7&}7ZPip?&D;R5*E=6_4
zj0yJ2H7vJ_K-OBtMjADSThp>ceS6|rvouVK2%*so^PZqZX0)=$@y%BIWw4xWAM^>S
zTYcRP6C3XfulOBYriecC#)Te!Waq5%7{o;!-%FZ1Wk$CuW7-V<V`?CYk4T~?34EeD
zZURoky{p&K9#!PmR#n`%?5yzS#)7;6qrGKuSr2t0rvAyqNIp-aEqzF5BMqMCqb!rz
zL4K)kPcP(&BRDPhPiDX_PK-=W;VdSenq{%D=Jw+ils(^bhzKxgENUF_jPOeb7uH>m
zJme`|rq4v}r4U`~LHY+cM+WA~)77*Mf?f(AL_!X6arJUpFQhe98GMSQ^F#Iwo_I0e
z7BRZqSHSXGri2_C`UD1`BnxLT?AM|7%3!~!dm&M@uBR4oY)~{1!=9v~{<7w_8yX>1
znRwS4(#`;e=XuVL8dQP;UA~|H;-8jd*|<F0hKdSh|JlZzwlP^*&#mLFP*yt>T)ov=
zZpMeQ_bwq6ds5N{J@yM6&yCpBVHFe8jcr}4iezV?;dNF4wTG5vKLqK=;2(wM1yfIT
z(meB{X!1oN)l%s+(ZTk%TEp)L^;&EKRkbV+pR(iMbaL+-q0|x5d#rHh)-1L-c**k5
zb4DH4Up16k!Scd{VX#d5<iE}e!nI!pQ7pXJ30G-Sj)Z$zfuHTZ1#CikXxr38UdG0T
z%3$-#V%gw8CEC+*m+#CcThPVb=?ZDZ3Ez?swIVF1lyJ%GNVm**H_NUTcO&%S-hhYj
z&HNyzy&fndU%@Zm!{rl_S`1ghuCz4f?8`BGMP)JaPQJ7fj)eaTRQv`<K0|bBEUln^
z$^Ts{Nm;sbtZ<DT18kLQZt}|S)4F*^f<QBQ6X(V#%b{O$cmDa>=-t^C9CEz2P(;o%
zod_FQel>=>S$OZlh%>6IZ9-}!cX0^pKn|@2!*TR3OTYbAG7_XDnpa1DJ~YQy`XQ41
zphsw!89tK33R060N8}hffwXS}?+%RKG;(e?chw8Fi7`W{Dmzu{3XHgk0`<jvi32vj
z;duzlVi6!>RUIQCuT?Kvn)wzy)@WLxzFE(v^9CbYEPi}`7tCNO|7!^Es_~PCQhe@S
zg)uSIoe#^guI!y{DEl%!FNd)8!G{uIWb?0kOaqqRAmKW@8)TybR+x;X2q%BtP$?|O
zBjc=?EN^jOp4d5F4L?884zQkSsH4AhSv_w%U2t>@vuzu&BGu>O;o0|G9ujrk`$jqZ
z%5*xYQXGeksx8xQpge~E5)xAQ;`{*EdBiQ;Eb2ZXzm3UK-F6?BLQ=xPLQkz3ecItc
zOL3=t76`^-dEfqNz;+Auy_@Ku9Oo}$V5861$(dQ$HFCOvx8U`d&?P^r)6j2vLguRC
zBrca$@-uCydKM>CwBe_elQV#CU0)UDF3e<QA815wgzB{u`>pnY%!QqmXafGq;_+9d
zw<q6&ymWv1YW5@6gfs<odnlASkIkMIYZ5F(ez&SsTRli+FzZ0-U|^vW;}i3_L8pAO
z{^mw&Whkfv!MVH`W$pZomIfW27jMy;n`2~1vgEzHz|Iyf=)AcgX(#r9&tiyUwf(m9
zE+E&e>Ez^+00!A@n%%Q)hULaY_QxAc&RhgW;hGVEAqUq2Ak|NIHSBSO`A*&Q({Qh)
z7@86PVK#VzS<$^WCWrt0WOqoMN<kOZ4m8O&S?}77Re&R3Q?s=kKO^I(kl-)is?MDV
zUElKu`Zj&FH=tzSmOC)NUf^?g`<^N08(`E4Z!NhMu3t~?yq6xu;uyaJSGu!DxIe9(
z!t$SZa(Y`D=G)VSyqTb1$=uVGU}m71RG|wo8w%q6l#&D#AwLqjbSo0$OX5tnWY!ei
z3}L;B?h3)&_*S34q+k58jHqx5Aci8s@o7}&8)#-la-@p$H4QZ9Iqr`q!*+%(td!Qt
z6|h#L^3r^48I6tAqm!x}iigUihvqq{O{Y7j+YH3!ZcAUttK^RA1+E8OgNAW*lRr+X
z8?V)wP%~ddkeGApcc#nK&P*cKdSu-Td%k>dF&ROr-G+dfGl*2@uxk5iY8&7$vSH+?
zVPm7+_zp-m^ySk@?uIQr5?pR^{8E*%|3;}t#b>0<OJTEZ3+0PzY`;{Q)nHCnN`2h5
zu<_EHLN;76fB0yUZ;df;E0Ml|*iRU;NlFDBqYhGAy5y?o+g%}9%LqqSi`tn`1p5OI
z?~oGekqoMta)z9Lu1?d8xE(o?)`}>w2HDyaM!>6iiJ45$D>UPV+bP~vJltJ;O;Pzm
z<h|9?my#aAHaHNbCmYmH^xQowYFaRpi~NnvurZFisw>>$8<hZT(u*?U#dIAdftT-(
zND=feuCkdi*_FsdJ7^{b?R&&iD8t!UZ`v>N$2%o#h$AJwG}ZDx9!d?Bq*WrdynNhd
zGS8~F8g{EEs=<`ySj+OMS+x21SwV+P1ZRG%j~BGmv)f%ZZC&JrfIA}!pL;0k-urA1
zD}Dsj!aVD*CYO12Qv^`A{rLoZv!aR3d)xD5n51#E<8`;3grQv%)#t;|SC?2)DgI<R
zuf<d9=#b)I8rxn^l#7`})|TKO#mKK7iau+fYOCdz*gL7-!nYVNFBr?ZWN<RAW!=VC
zA85c#zA6&2TO8&PluJFnoDLZ%_(;W0y`!^~7M#X@cAF}#`1Z}Zji^&M=-ld>;G%I@
zSr>8j2!{$ohqa}vW)97}p!$asyOwLmt&r8qdd$4N{?(OA6J5VBoB{zZ`&f#FM2N=^
zoAJ%FshJ?lpPuc0RCZiWrx}>D?M?9-P*WUB-O>DYU%Qx-9M3MlEkWiQBO`dVD$K7l
zd%~t|4h$qmx*uLKYiOaJvMSDQrrA7`UeZunQY~&q@)mT(dDecf^Iq<bLh~bAEjJqM
z(N-?YF81vQw-2urh|=z=@*VxS8M-0oDY^!eRYCv#D462p;p|h{M~TNC_-U?3j6$!U
z>+u<46go+)`~l+EcEdm>!7{|Y5%iFi>;R+cHe$AcE7k5~I5ytX$s+8D!%_w=&+ADK
zl_s?keC$}7b<UA_bsxe$d_LK4vnA;YUvsF10ygZ2sekgXvVa>}zx}GOXrgsvwk61%
z>`QARNeTm=h}u}`)uuaMMm&hcERqP14{(kg7;dKs@Qm8e{A!pu(O<9C7kfs2r$Y<{
ztqTmO)&o==MXtLc-uyqlWkE(FtVtu}c%3Cg#XbI#zyQP^(N=&WS}~u28jIIwleE<i
zInA&m#<nrUu#01U9O_(8X=_Sor<pod6~)_1p^D2YuV9%TOfvxt1Ban&J=Km#kxnmA
z%{<fztMyG?qqAGVFZOcoqE|>=t>kJy!fG|^8+=(B>6l=i5{E3*NxPah8~C+H4jEQM
ziIZ*PHQpYRhDDK?>CGDBvpk`<x2&1_3#z^1v|1wN&J&NmUY?V2v}&sZc`jgTCktN*
z0Ii8y*AXm`s9ymc4Y=t)UHS$mU{6W*KFHYNEhxlmEN$T)hLz2h&`-Or^C<YMGV$Om
zTkaq@7F<&{aff<I<qgE*<d}@XF16My2g>8c3^)N7AEmalhZp1Q<PZvmVVLQPw*&({
z+MKzfBRo>C_LnpQ<6{4Wl}sYiHIwIXa>o`d@ve2b@r1HM;h49NeV;$sk+pzdB<=<k
zHlF2CKyffb4rKEa&XWy6J0nE!NcmE=C$h~?oY^(sTJXanyXPCg92_xFmfoJ`zV|nY
zRbRa$zsL9<4-KKoa~OOkSCV?Mjb3eis>H*Ba&=R6jQ;^#w$N)KIDS?bbzsa8eIfA%
zSMhU;bdkAL434hY0UmEg%G$+u4n;HQ=1*(w*V;(4rFL0{;H<<EKeLEm$KF^HX|c!M
zwWLf0pi_4o1nXJPt?iC4+RZykHitVH(JL+OH0`oaBjTyN2v&R~*{8VbdMS0m{m_3t
zZFu(c+&7S>3mQ&K)iU-N0j%fM%%mZdUaj}F5|>@3HYmQ1ocSkr(JyHQP^~plN@&k=
zA@4a%SSP@Q9gpp}HBrUDZ;eH!B|tAw-&m5r#n%2bQqmREpZ(@n{6TDr7%QLZBgqg2
z_a4c<T<2wf(MMCtOfiT`DOo&0l3S)zZ};K&E{%z_T46QdEp4?qKW|*I;SE&^gJ%>H
zR_Qw!|BGNPKVr4e7mquGfpvm=?WL!^`SMgxNF3JeXT|l;&REm9qlui##N*y7%}w+6
zB6Zd}UOpHb#w1&FBznhLgWO6CxTnQqTOOkmMr0SCT^?!xUtpYNt6icbV_$XJKPz)D
z?tZRd_g4L-*mh#z-hh^*d%w5<BjON|g!Np<ug`e~zMP_mKFD91`GSQZqL~BZm%zt{
zv%^!5N5bbAvy1R;GBza^GWD$d|23(u6M_+Zs3EeO1JY;W@_4>c+<>nd5tA(EXc6IE
zVLR{|j>ZS|Fa%9nIU6iyvQngDnmp7Fib6%xF>t-5scs)N`|y68Tqe&o->DJZ`p^r^
zL0sU6kZI}S;+<b8xVxf8QVzif>~k?nFJWV~%Z|#X)Gt7$zxP<;@w!?Ln_{t}bXtLl
zJFysuBKp)*@mTO9PG8%6F{AH=I&Q`!74BO;FJGN?Z6JFI^(S>4$Yh)m1z5!6g%7E|
zJX13gK)c|+ACV6}9N-cUYu9>7+J+x2*#+^TZReDVCO5=rt_3hIzMiqOKY@E`UKGUm
zoaTyN_TW1>6Jx}@+rgh=Lu&9;5!B6;&PJ0Q@?HmKSNAOR4@HWyq=O?Rw?wwb#6W+p
zmjy^h9mOCme&9tq59GlwV>;}Ck=|KB{{n*_O|!SxgeiJUT-@Y~&Ezk0Z>GBbVPG>R
z%__z4zOcBm(8uKvtTs3n@=O7<7PUiKEe(8zX!<Ao)AFj$bm{i=W|;{&&4uv2JqJmF
zx>eAAs!V`2uB8JzmVoO>9j=V(8vC!*40z|@>!ZbCggp9ON0lxjipZuE>4RPL;q)&k
zmH+2URmL8=VZAcOYn*%A^(WqMT!yts)<2mvbD4YTSb{i1C<8^tgEQ>K#xYa!KlWn$
zL@xRY%b#-wX=wtq=Cl;d<VW01NPmo~h_tt(WiFpqj7ztyhT*u93V;3BLO!Qh#4P{g
zAjT+EqMx29rDt{J2GUqIY{^8+KSB&oEU0(6i9?ot9oAjUt5$NdC5^+xcS}oDf%i@`
zPVz17eM<__6EbGdAY%P~|0ZnYc=&g&)A}f_S=DqR#?=&RwfSRAvH}2VzcZz(yrjMh
z=_~n75X$SaCC=dFTju6WH0s&lcZy5Z65#HHnSoM+y4>WF>UWjJFSl-z6$ZMxq2FK*
zA#xNoiV|m?;(|>kB8R$2*}!C*ztt7#>SW2svczDMH^ixYKD8be=SVB~iM-w~u{Chu
zs_s>OgI}%XR$=A8n{An5^d*SX^pqqT`Z%{h|JA``7T#(%j@y@#ygzsKcES&ZwgREd
zviL|m`LRBTSpNP^EMcV3jDmsNFh`>BVh)&PJ8gf0md=n=-qd`I@6(`h95?9?KZpEU
zn+Y)!T`Uo?w?6*eZoV`eg6}3tz)M(vvPY7eHAG|#NLYouBd>n%^7E7_?X_HAR<&&(
zDlL4!E1$|Rm$=<w5nK6+K<#;(t(+l!8xh_>rU9B`7Xax$zE)xIZZ44ij+E=2C+v^F
z@i6ue112#-Z!iVYnL56p$2rh8Um`{)z2RsyZ>wPgsv!_dpTE8`UhSkD%5m;3Jz{vl
z9nHj8a83C6X4@y?ZV|~2BTarsa=CtYL>YS7WA%c!a)PNrUwidKO_7d;=gGWR+O`_k
zgu%25#pw64%-}VRzLV8h5!w``!n4SHqoOwXV{{FK?8IApR>PXCpBmD7WJh98bz6QG
z&LUJaJ;9<6buvBJEjtfLXd00_5NXG=tXvNF2?`RJn2;1s>p$qOVPQrPMcTP=Lf}sH
zYM9^xk_+$_T?MDi40-l#?q}UTmsB3BS9*YjWK(Jdx36nPucK{LdK|Qs9lVuVd;+iY
zAnj%NfqXnz4W+`tt-;XAdx3B3X(huiIH1UFrt^M*%6=32WZM{wfhW)s!hRl?eNUN?
zosk?l?k7$P`?(^+o8cvdbmR%U`0`ZrvEL@-$H*H6#@!Vc&2hL@lzo)b0@Uauq_urV
z<PsMeQ<Okd&BTT7HLeQM8S-CDFx;e^bKn_HhvA8IoG_u=6!0P@a9D-g_O%1pPtzG0
zDUwLEt3E>(8r9<)M0|4&2*e!;U-)k@BZnK9)dlAcu~7nq=t<qg4(E9tIkl5$`7|&M
zS=1kcGpWSA!_Dp<WZGpONE~*2t&p_gUru8<-FshEH@tZ8W|o=xd8+WkbG&HSvr~&-
zGbH#(KLn{Md})s7aQ7}3f#yfgo!q|3JL$oSDICVcce*b8^cI&Na$Zb_QMtO}S>wQ$
zRRW$4t2hk)K=ndUT+;^aPC0*Vrjg95zQ}|W{2FNt0ad;)AD4{in(j+V%x4G9_%5wc
zgeTecWNf{gFG#q&`R!?P;cFvtuo&zQVU+B#z3cfJD=QT~<tQS-yk~WXP|qV!O}OpT
zOZ0Y3tZrVN&Qp)WX;4H6>9n;y^BHNYJPAH$6x-;!*mb+U0wXHnt$a-!uQTc%TTl47
zN02O~_)Tmdw-vy5GuS`A8>8+_TvJ%paU6QUTo5A8=3;LlWH5zAxC%4aaEi;!rwzRz
zU-%hKLa5r@GD6xwpO<ih8&G6ryR+65^2xNaI7$2)xxaLG5+iiq`7&bxE*~15XxL|g
zN#o}nvp4S*)eut=-HCXFJ{CiSRzKfgm90Pb-g60jl@dTYU5&lU4;&Sk#xe{%31mqQ
zh_&681~`fKdmXh>ov#W)zX*QZa_G~9>JN6`oEyCew4wie=<s!a0dpO0;VR?t{9RG`
zH!VR)I*sXkBL%Y^=gJdXE_CMc-NF2E=WYV+llGZV85}QIiU)&XGjNV%s)Mqba2TJ0
zY!eKxQRVMY&}tFi%jhZC87vw{!rLWTh9EzivSDY)?~-G18qMB)SV?0F@-#6<@G6q`
zHZ^)5Zd>=^%o$FM1XW_zV)a}BL%o}ZE3KfDq_XuZ-DfGt2zbITP0X0lS&(N;;)!!}
zv1r9eN#pLVLi|3`j{NmXc{K5vU|D9A6RNqXEe*hK$B5m_tSRQ2g7MyopDE$Aw!^7_
zl7>EHF}&18hrz(o+dcOWCrkDgz2!42)OBQGBx*Iy&f_FW54?Va_A9Sk&+{}>!HU_7
z$UmfvZ~QztVN-KwQEPSK32gNBCz`Nt^j8muRAMSTzq`9Us$tl1)2b<Qu%!icV~b;}
zj)x82|CmdkcOSL?87F$8ASmIfXTL4Iebplzbut($C&1FCn50f^M6C0@*ne-3CA}+F
z6WVBJXKe%jz`$aVOlRc2{>nOd6l^mKJCF6YAdo(e<@!*Al@B17cP~uElZ=b5!G^ge
zJAF0^fDQn=8$_a;PP#@34uvJ(9+Ye!5V;+}x&9f^9($BReX|V(40sb_ZaP)&i6Q9G
zQ%xezcFsieJD#pffVsPI;Z(p{304#Mxuj9$w`J6;1nFNOC5rg$j4=}={H<Aa>rF>H
zwxZC7(dC=KI+A8?&LxX|FYT)H4_*KmimA|#DH6HxPll3wOC=xcBj0|(Z=^V`@q@(|
z!Qh&KJt4XIv@>O;k(tnuiQQe=EKs!^B}|WPVjX@gNuhh2b6@a!dUf0(e=QsQJ|O_5
zPW7Vw7BDUQ5bS~<?e0BiT$BzSIe$hPAg|2&!zb0e<E4I&mc{wQj=YGb5|h19#Spkw
zwVW9>m*a+YLrkFzLYk$JR$dR_b&<r9nU$7o5<O~$r4ZF)1dO+*&JH7M3ikEHr)VM2
zwBOZHo~zV)h+cNjCSQn<Dz|_{D*~^ru(HHi-k)11nwIpmGi(A08Of;`GJsMX^=L3h
z>7sR<l3+Bg|Gg<(DWpz=S<QjxSMAG$GI8KXs~|031=mZe0k(J41DAtfad=xq#DKa~
zxdiUufj4Vhtyo+X#rb?PBw^?QSg^OP0kejq$%?uIjhB_kb0@c+wdFc?!??sxP%hsM
zTIMM~<HfOyD_>O)qH{{f=Eh=hk-{nk0|raMi?_%8fdx5|!-opc^pm1&W}U_7q5(2%
zg3{$&lNJ&l(h^+EXguMA0a-ipfjtmBB{KGkcuYztvu0XE@g@9I+>#9~<Us=~=MC?E
zeR-q+ydvCv$70G!mJX`T)DeMZ4cvM_6j@R%UK~m~VZU|SoN|t68}EhWC6cNP%(?UB
zDij&~@pAWdvK@xB{L6vr$H)Y5a}o)zYC{U!+aDAkY`|G(Q<<r|<GzEZU7e0;5}?sW
zQw#B-W~7`VU-EsA9vk3%r?JBQEOUIE8(xWeM?B+oA%)s-h>ZBa7?7Q)q85Z)Fb<z-
zK}GTjRX30_u(S5W(&4AI{F`d_tm3F)jmxnqR9g(VEnDph7T21L>DT^ZLPWU~#}{KZ
z@JV$QS&=x_W5=3v$Xf18mppt*Co59B7EK4el_p&Oitj_?nnirlA7D~u?oK~armjS`
zhLH*SzVSi`K#_=_ab6n7sR4JyiJSUVtqH!->MaDAEHhoY*PuvTe3Dd8n!zX2Y-gX?
zqRPyOB%Iyyf}^>L@=)w55ICR+x%AvK^*Qy&+~AG*P9qFf{c^+-BD;O+wmwV4`qOyG
z=DL!2AXadAe9ijT1V@V{`IB}{Hol*MO?5Gb-jWBTjaw@5kB(oOFiB(joF_uogQGE9
z71}6_;51|GxDc8OhlNtsIR)^^f*Gq&id2ynP$&*po*P4rv!1%VRjV((p`Ojc*F)P4
zG8JkbyGH?RN-~m4S^5NDw?28xx%Bj)4r<no)>lzb;|)nS1rx|kpyckZAterX<n@Sj
zuWgK3euh?k4zN{L`c>&5#Mb}8)3#HV(}-^VISXD%FVxvnbyp<EA&Op3C8jMVdIMhE
z;$xuD>6rl#XB1}quCiMtbF!peM9Ah&+P;%Fc2q<+TdznrWoc#QJmA|vd;RofnJ*fF
zj*zKTNGWB_&vg5sEkUUTT?YyA%kyL~3}ZYB#J7QC4!Nt64(<rP#bWeFBbbmWsay&D
zA)hDTR5ml`yd|jJG&=IY%Bz;T=}+Jl-N`cr+|N9t{wa>i)V(7^#%@7<5Cs?GpJ6=_
zt0aEy4Tul-<U6jPelSyagC_AeN^O4>5s4FfNLBNOwE?JiQejDiR%7ZUhE1}---r@t
zjN9m@LxGJt@_Ln<Q5s9=FWBL+>Kb@#n4x)9sG)=9mDuo@vEpgKAU&vETYt0hl0pvc
zA9j-rPAyLxKk&YPp6w;>S|#cMkJJkq5o~NJ2r36M|MI!cd=2Y75k{dvsh{K;3fDHr
zsXwqZe$WuiuB)^n@FDZLzV_8YO~2=(<Jk(j&G%$5EQS6Q$EDKWX$ap>pB}<vD21G;
zRB*mAIIw8N%}-XmIi8FM1~HZ$W=O1Sbhr0>4AAc-J)5JLodM7p=!}!^($*NvyEi`K
z{}>Rr+_NDVy-<2pl#+?H8`dbek&+wK_(JAdSct8xl}}OSXoP^g?*|nfkF8;>YuFXZ
zXn%dCij-=|;0b_PT}a`R2WW7hoBygOn^XYo=eP#xg}2i6T-!%nLBoe><u0k|&%6}7
zD=}oTZA#~}P}4o_uITcIet@Ux>3OCfQ0dfyE{Va@e+mb)(bBRp?r7y?eHRgLRVRXV
z-6K)(6YZe3k90!>VoV&U{20$B;5+IVs*~V>Am$?BnPakXm85{u%h%yxhj=Cnrb_4K
z*NbX%<rB5$M*5CsQ^;Qhvy*r>X&|Hg5jyO~B)`(^R-R7<+k8=Yc3_j`&|4fKf5Pr)
z55?;cliC7km_XbpHa<3%1NA7|d_L-!&%EAGU@t?NAlq10ch<@Qj}~Qk##Re4E`1?u
zrNK0zzsJ2CIkrV(=3NER+|Pc({TeAx!J(dOU8Je)8HG8uRJw<{+{LR_g&u^$QN`1d
zdxc-*2F?5ff@7vMxY4hrrpV&U3=Eo6mQnM-vlwRj=hY-nL7I~}z_9=fZh~1ToGUlY
zW#N}_aNC>*{o6|qJ3Fnp&u`7ceSBU)>y)%EmhBIG+*{It`cp3v)uUrCjXpgC{cUKp
zXp)VGlg+mZvGRc3kj4eatFi6dSLa_aqn_kBFX0roi~>5|s6E*y;^})~x%yrYdr5hX
z=jZ+GYC+JCU5O6LOC6!8QbV4(%wV&z+Qf_4q1k?Xv_D#oEN_Nq6wA6rY8Z~8mM1(I
zj?}rjQflN*`{S3C<Zi+*Xx^PQCch)T47@5pEgHoPMgD*nsG8Tlth0MlksuWn+LW)%
zJ|mB);Ik&O1DT7tB5sA@r`&7Fp{krZM)OqQeG&iJZk72%%a5cj(NRm|x`oqRM+m(`
zrI?3|!7nyenz$*=>qSH4*YE48eb=OD0*T>F)b&QEPP@ib(C{JM+C>rHNjRyzd-&9f
ztZjJoVeThHNv-(aRn#+!hu_Tx{k6|5u}$-rP~IpVVt1ny7qOGY`<Jd=V>nDz`g4*@
za`0KYPIq_f<vHVsRM{j-Y8GD?(bOf3*1U}ACWX<|<Wtul0)R=H&u3-#1p@eoS1i<1
z0lNbc_bQZ$_~vU&5W62}60F65zudX@Cf&l?=AuT}o3J%G)eAR^1A<6)jVD-u7h!~y
zh;!mN5KsAMT(65NfpB-G8t!{OTlWXoB$x15Zwon)5itVSXJ)sByDMxIJ3L6!F64PG
za_2>HchIi9+IvkGlpJbJbQeQxdTom7T40D*?cx$C0LL8qAryf3e1y#>CN%dfH$u+c
z(k|u4A~Wpp(BptNuEhp|S+-EbQk!PAooU{VD1oAzyT0#g7EF$t&08LQF%VCIta4A_
zMPS?xE;Lpy!!+ntVvEZBEt86fSo0^^S}k^f-3Q_y;FixBRwb~SSx8+O6GF`6`}=-~
zlH^NgZD}U2Hw|(b-3(MfMqHTvWvC0RL%q)TRLL!iRQez03K_caQ6a&8<@MeW=iDK>
zd_6=E%94W$#5lc2qPPtpQ0?RM&^zdb(N17j%XJXBhrsnN=^VMhkPw$6QzUe$l7dMw
z4wvHwmgp(LTY7q9YjfVDXRB~!lSX>pS>1|7TLX$rwM8bTp_Zq+k)|IgbcR0*cv1@;
zYU~;yG}Q>2jB>?nEl5*)?x?OxeXZ`y`NkBmGi)&6f|I=3EJnO!|0Gz~4%~iG)mSgV
z_T@(?49wJ-Tvo8kqM(DSI+=AexYWAD>bzkHOY{JKtCCt#iLox#8FSM+M$RQ)3cz^J
zGetiv6cMNg2peoS92$M0q;dLTAEWV!WTg4^v(wO{GgJQ-jh|b?Wf@5(!M(ZS$7Fb=
z#totMmr<o$CdNqBT|j!hOpZLFr~Z%HO*fT{Z#F2xZN)XxR1ff2;Rmd`CkPrXfYwA=
z3w;updVDk3emvUu3K^l@U@!Vq9nU>B^x2;XLvVhc#%M>}|9@@VvtlR;0szt2wr$(C
zZQHhO+qP}nwr$(V-D<n{7t@>}MBf{pOw^ku3Go+H1S>E{`$4#~A-qa6P7T|0p5+tc
zwxp8Q?DBGhU9Z5|E#mUr8f`7RIz^woq<lNw_k;8kU$XOR_)gJs`irQ6(Zn|+!Lz=N
zhGw3FU3O*tz^QmDFxHblylCWY=C1}h0zyfDoV0~k6<@?12gt%HdMI9I$JKnAT99r;
z8BO%9P;3vpbq}=Q(g^*n`XT5Uw*k0oV7SXpd!;T=7vUSBez|Uj0ze@k`{BTi4abc|
zMXG{3cr~jtd<G66{^t#0Nt|VL3dL)fir7WtFY^?a8SzGnS^DT77wA!lW(AwYhwnq+
zJyuT2CFjm1SY1X_DN$-s^&nY{v4VwX!{51<Y~b<!NxWZFnq!ZoetJ;ytrZK=X^c1_
zdQ;wcHXN6}>;!}kdw%HM5JzqI8tsB_qA!U7E{o5DA~(=qp_C3@;o(K@-l{*c8`D?P
z1pamh0wj?yr;gh~C-^f(vjlHDjsJ2OY)S>YjbaWvK7VzZuC)o1m%$`{zP08|V~S)v
z02P(Q1~2!P^%~IRG!3H$0__P|MRtM2+4MJ+vK}`E>0iIvC#px2-ZqM~fCBv|ogPaR
zV<DoX$kRVcSH@$Exz`w<DM4s5q)l@W=E%os!oKW<tRB2gRr3Aiq-sz!fpwnyF{P-(
z#APfQ^HvH$gYPWXoJ|LWtdG5N`#Ic66A(4f=mw<}q8xy#b9%!v*4iO1QO`a^o8T<e
zks)BzxUd`c{v$3TJKWLI4kP`@yXrTl@{_A(dM3L`;nzbg80sMhRcC)>CHBu7HhryC
zrK1~d1y0D-)nTJvlZ4R-MQijI&#{N0nOOauDPr$+nH4iHLL~a<3pVh`he%PM^lop!
zSK*0u$~tasDwPUss5WzgGC}VY5`U|Pa;@qsTI0rW45ij3NnQcCQFu<%9oY}9Fp1`x
z@FrIxm<wCU%oC%Ft4BnRqWSCtS5<^x7JLFZ$zVD42z+_VrvQW`A|yqMASh;Anbom2
z@z^0zSRerS%Q=jZYKM^@Y(XUYMfqp5<Pk+X%L~egP*jJP?I|nO`3+U@7i_YTeJSR}
z@}YqKj#arQkfV{xuK=F>b9n1*l6S97jiG35!jc^TOq?b#DGLzFm&ylcBRv>(C1UYV
zXBxW<d*T`;R2I+Gi*!W+ychylrU+^2^@glyzKv5(e1nEpwHJW)Cjv_CU(<2bZ<)u8
zYEuss60J-{L0DoCi}@#|`apM7M`?kMr#xObsPEl;4c~MPqucIM+abm;t`MY;bMH0G
z6#Z7*@1&3%Z;C%(^0~zkpo_Ls3tOxSPx}USiA$p^p_U4i332>L<J_UAdZz!kv`JHQ
zn_>QrtDvgC&#GreF%`TCO8@9dwI1~B>bWUP6IMNc4dm71DZ#<RD-6Yp-ld=?ar)~C
zUHR6TszaKju&rc-0yl&)-0};n+$?sWF(<mL!QAS|mj|!#tlJ>)S&bo*ZMj&PCt!kT
z`Ny5mTWyiA3i?m4mrtty*P;uK>Me+Xk+L5`rF9?>Cs$(Fu`D{m00KMkI=6Wj{E@8S
zreMnH52;Dbda{nYH0WEnM#9!ZF2?Y+ngb>oj?m}|C3bOJj6Vf{vUnC(5X&Yv1K)OE
zPP(%W)pKec&Xw#pj*nXqLI$#-fe>cc0%m9<PR^wTYK5pd!%TI|72xr^=A#spEMTXf
zOa|sPjC<BXwiD!p7hTbaltwJ8U%)=S|JnG~KLXd$c*RDM&4D;EI|^pQ;EPe%1V{V^
zmJ1|;+x2QW(NPpH6&b*ce5)S_1~LU=s`i)(+&bJ$!xoIabC4*(*Cp8IYumPM+qP}n
zwqM(}ZQHhO^EJ1BGy83Pu`?SxQ58|?yjAtjJ()MpF%ZaD3LeDRxU9+sH1HB8LEivr
zxcy70Z@6S}L9;edHavT%QBxCXAK<0+Y~x82V)}!_8*H#CY+4BnCIBgF`yhnGytvNb
z$uR@f!h|NDWG1dvlvyes1}Se9{6Jb#hOPmV;o6{6oPd7pTcQf<Z6OBWS&WkWd_Uh|
z_2J+_^kz4rkr|opN)t;RBg}{3eeaC}>1;>!=RP9Un%z8eWJGkQEX3{^@T9OUIivD>
z=ViBSmfX>zFoO$JSMwZ|%7q|JL)M~*g;&tjm;|%&qxlAG&}h#NeYnVb5$eKTh=ZZa
zOETCc&DEPs`k;lro$a1uZUMwL&)$Ie`BM-Nw^d>z`%3=pJ-Bl~2G2+hJ|3%jw;o%T
zacy+1I+T_s09i}L9B!n5i!gTmek{oA&|FYl)a`<h&yv&v)EC@!>CzW;xFmwO(Fd*F
zx<?iAnk5aHe9~6=2K1bc2dnRq+H4f;N#EF@t6V%^Brj0wW;@fTgI5ILh)_pv)@HJ+
zvf6H{g41@Hu-6(6WsY-NdRW?wXh?!Lf<mFIIz=IoppvYaS;f_4v<#TwYubuQsS}lU
z&-Uf&Yj_ud{qYRp{X`#SHLR=qb667xG0IfLh69HR;axo`vl+$~%mM_#jM${+ObEh$
zB4#iXVWkc#GH|7*VE@kopqp~S#l0*kYRKH!Y_L)ly@T40WkH2^_KOHS;`<r<1|F7-
ztDWOKs$`q30PA%*F;!@B6%rmOLydwPRxK$JE{v;!I5`A*yF`Vu>kx{~N8ZW-70F00
zH^PsHUUfDb-At#NnL;96DYoO6$;Gj{!;1r~{UP9vX~e~2k$VS4N1PGY=Dc=jh%_i2
zrpnn^2oRF=+i)kl@KqT$z|bYF8b`*iT)NVU&ura(Q2(mVI^WD_H6TZmns!>%I~G26
zPqySw$>d>gPT}1Vf_%cnSX~z^1wSOoxkOZ!X)N+bieg@rymW@$Q>oYVw9Ykv^b#@Q
zD{`=>WEHx={p(}lhu990v&W|Qq$d1;eT>*v#f;0LA%&c^u^_e@Zmn&pvKTBRB8#4u
z^@S4h#$~}Cg}#EQ9%`a71VoftC1Z7HzmqyAlsZG}77gTPwBpg-%ABi9tTsDr%wB<f
zwWhMk)dOk?ue)cT`(Rc4o$+AoO=S;r01I{>EP<;w3|6wW0n<E4A4_-ap=@ap0n{*X
zHKn!hHc<|1B~s|y>F!lPS&Svpfn39@%A%oGk1aNPc_0;W$`uwSzH?+(pK0f%)O~t<
zCEAX!r-v0KL&G(6rFsFCgUdGKO?n}M1*X6?m0dSxKZdyGQepY<@+0nY0&YThcqUst
zqAkS<3{c=a&_)JZace%tC{1VJW?p9(tDqCCJgiPG-35KGTV%3RL`!2^|DV5l6E+J+
z?lm2uPr(Sd4@#YP{PCX*-cV5^nkEq8BP$($c}$}v{ls2h=nVZ}X^78nc;VAYdgz`h
zI{R3Jl)Rp-DK-i;!V&#Ot{{J%GH*_uSH3GTczC>pRFu)^ZV%I=Kp(_WNxO@j7SI!Z
z`Wbfk48wLm?Vf_4ttPu_<Dd31jXN=a!Q(W*<9TU>dOHu7aL=v~f2f^;#2wz|1?O{9
z>#qv(EmeDZcP>pDk4lb7_AI;0KG35sjucI1z{jGS9BB^il)m{=YS3INYZZr9yG;7C
zQpRr?(vQVBOUpIpAVyYL88)k^JrFD{!WrV_FMZh_vwV5WXcfb6l(|bpYK$`poHBpc
z;bwk%Q34nk<9;TX;t6$QHgSUFFgI4J5yq=dFq~r0(RbRJDz&3iL@>@S$elUJkI5E7
z^X7ALC=K>#Kegex1IkoPb*FeG`B>vlyK<X9QKs8umBmLi&&KK$b_ji~8^7VyXuHV`
zK*mlYF_mh4I7)4QRFOz2dQ`HjXh2se?frDyvm9yN;m>!(UUHd^m7oKNWqCX&^tZGR
z0|aUM3}^Iu<&0%FVYvsnN4@5XE(N<~0!C;u6sd<Pu)SVcXe%OtGS6l_%>StHKn9p5
zAJlw^mB-Kroq(1C&m>K^NJX6{-%k~FV_SW=Dp&F0#crH4{e&s$E`493t2#{XUNWDU
zz>;^j+GpMSm9K#W#~$M8a4@An^Or2^M+(lEX6Q5GA+p;DWsX!pA%W{2fTmKHuoz$l
zdvIyQr^;z7{MfQlZuwr9dRd$n)_5S&FJ2~xAES*TB&#j9T9mQrAmk3d=zK=&eH%=5
z*dNAi@x9?bC|iavYyhQa9#f_H!wz_M_su@qUCNn^AG*T*vlueZUtMBJNj4ektUZPk
z+@IQNW?$n}zN6ZR{xj2{yqxg%dAxvcc341USK(`(`CfAZ*5Mx~_1DvIkHRLMpzj6W
zuieS-UmDq&Owxs=Vr+*EfYO60Mt90wzS^tAtp{x9>+a-UIhrc6V#sQ}HbN-OK+-xG
zbw+F1pk=u|bc=R1bU*w-WGJ=Hm~0$4Z2QLg;4CUPdtkCoMhCyJ5~LGUX1X37MfJ8M
z+TStyCO1m@-&3#k{C?a~W2bsVkoMLkm~v<fmp^GA7PEciT1@yjfw(e%ua9{e_40a<
zF)7Jo7yi_G+;g8XKjLTeCBp9O%JHJ?deoRXcsKd2Y9BrX3~gka*v}B~td!p~@G^wS
z5)Xnn6k?ThSq7>6pdsXps=3i&EVc6xi1)SM%}`JW`Sw2A9o>X*UchhT`hfa8=_p5_
zpO9PKck{A2o#|wbnNy&t^v*i!f*=l&@C3n%EapXiZjL`fGfv|Vs^p9>^?EdEmXasz
z@wFiJ|Mj5yfHi1wQJILslJBDQ165zuSa9MAsq95q_;*f(Q!9(<#)0hZ(k|-?<2;v)
zI~4AnDsiLqGST&w6|DyRG%^j#5X*xSD*IFequ14art+07wsd^5fadq<Z9`)Pz!ahW
z2U+E!YY%wK%Zz-S{}0w;w&_;eE0)<mrq+^&fqaq=Zy>U>BguUTCrwe&w%QV4he8@J
z?&j?YCRKy3sj|MSCHHsF#QNAS*gHbxQjUgut;n^<P|1<Z@6Wc6ip@!KnLCLxn0z`h
zonL~`56XdX*9Ppu5^-J6H$?`-mUG2er*H;<X1;+B4gUc#wpL6mY7jb@rON__Wp7?>
zWo$+X{(o69KAf|cP&>j93`mlMRdE<jG!Z(LlD+iF;+G-LC6L>mA(r&$4k{mYbboi-
z<8#kSm0-Dj&tF%`f_s(>F*U%zxgJ|$rM1rkO8gEsMk;H-mrQM~L}dwc*0AsbV%KnB
zi3J3|=C%X9QJ_Rxzb4D&Odj0{pyc0E#h*C%&xhKlgQA{cTCAS&l2OPpHE_Z#EWMuK
z6T77oNd`^)5zJV=X6!7uijyrDzi>vsz=;hgYU<b7coJ6w)ZjNxT<s3njGY<FbOg~V
z#QvIK6Z2p7_;PK^XH>N;F;fl1zBP`}4&4-pCf9$~JNq`_>sqmDuYg;|-7gL~YwTl%
zi~t+23AVsG&5)JpBPWL0%)&013kT=$n2&eL+|OQPr^$*8lT$X~tAA4hf<%o{BnYh6
z^c0MIp!5ovxE3U`-v4-_7rtX?j*mUnM<*+5a{$NV6_M;>%iy9@h$%tUX7acKJhzV^
zUjk~%ga<IQg9GX0eiejswlYX&@5s2lM~;hAJI7&8qPGz%L&4T6ry(ch%9HBbR~X~v
z&sqFIH-P6I9F?$|-?2L-y{Y|_K?Lxu;;SkIV5?{X5!GdPZZ%5{B-CiP)kfjO)^)!v
z_o~u@B*!@30WIK3;B|(D@~#HUA6S7Z8C&@Rb?;kg%2s;6A4Rj~_`_=>QiI2v)Le3F
zKsz4K+LNY8i&xW}-|gwt8Ad{WtMvy&nzJ6;z;LOU7D1RmyF$|Whxze(zNb*I14tu)
zjh-xAA_-8h1$vqEO-BWu4?!KkN{+lJvBC1;jSr;)pau;7sFIV#_j+Zx@4C-n8o?J>
z>iTiR(3;1nz8#HmWmNSq{cK^c9!Y!nU^-UqIY=Tt(KMF4{5G`riZVf5WrD6G<&v~_
z8py<<OC=!4pVwo{K>?mLzEcm!dC)+-sq$eA`tz69u&qOf!?~Yek}3BsP1$?<*Qd_B
zsm|b4!FpBG_EC<@vv5<eAVF|*A*dDxd5h(V^ONxF)F>no9dyQ~(AmO|oHl-3B_w73
zy<CzY6fQ%z0TD9KCiX^hlA2cww`?GXubhB7kH*(~_6Dau##>9^Jh!5Ndq;8YZ_|r@
z|24Z>5{|<B5-4NF50BU>_xS@SRp1q?>Btvvr;AShm<pS7`^~%*AXWw(<*Y8~<xI@6
zO(Z{mCXg>F8gLZ|^h2SDZL%~Bk#5N@u&x;K=&qeKPT0$_4r8za_V~p=q)}0r7}^t7
z0|Ubxr}wve$JP;&v`)CG>sLW;;*611=e24yC5hJ%5;m}>p&v(mg}2fU&vlrljmOEW
z)6=INEd6#4B-Dux`_Zl!-|{bXeR{l5iUNCzVot7e6e1DN!K>;{?NPR%S&Uj_aWLQo
zkxS|ZOYd=j*{Mo!Y@q3RQ4>WWVC(HCxoVD^fJ*3Nv3{pMI1W}NZdy{DPg$Na&OiDd
zYTfDAT6*f1q})8lbr~(JSG{R83Em<vabZ?2ucfYPe|8H16IAIr0c=M(8TJ1iwk(#@
zBe_XC1&zP8=MKrMbrF8qDp?TW4wPt)qOo4mP(_Q~cl+ur$)(cM<)bz>vq<c2y>|3J
z`XQ<N@J=&?jLPAARi>PtJL=F_U2a-U;uB_&)o4Y6^6T3pcMvC^%ue?gugm*oenyUA
zPttQ0Wr})y(0~F&T#Hni8fn8Od1Hs6NCj(nK;)Q4YG}rQq2yX81bKm@I_L-Lv#EI*
zJokWqMzyNf|HI7W0*ov~@D@dK$V8ZA`5Du{GhN|7T4UeZ>BCJC2Vs#MrBmY(u0iE8
z!;JpUe^Qs_R`q20Rk{z3>On34_m^7M2Wqw}>0D1lwsyD%ZUd;K-7eqN+-S43L#T0_
z`$U&SV1FkA?6CwLF^9<d@u6%qc-r-rUm>@L=KY%SDhU%{v9RV#q+Y~nM7hC?Me%Rt
zH5WQ7cfwB1Z2$6NO#3sic}w9<1-c7^b%(o_Are{8hzfgmElYN}48o10d`2S;;Z4F5
zAOP7A$qiq?9Yv!2;mA57Rk&*w%cdQz3t^!J*5U>w_@K;E-Zh$TNy-vw-Kv))16bvY
z1L4qR4yX7Q;G9mWa}lw40YzbkGlPuj@v%fZ+3Thxpppc@+wt=1>;s63bp7wK>RGBg
zFg=d5MxVq5;6`66=ElJyYUQuJt#f=Y^`@61)@<ZENWF#k`NUKrOGWr}KuuVe<dt4;
z040jO26S`Ny=SFYT1o<2Cu|N|UbVns#%1fM&7iFB&WxO=MSMHy3lmyRh$G7b{YOvs
z1_Ier4>xEWhYEkS!$sW|`2%R?X-CxL(S6T}U}+qUKp%zB$SpJ3sK9A?Di_8y&K4t{
zOdsskf3i7Yt*El^{fXY-qU=kJwL}BfJs`#o7jeSC;<9oH9j8xBR@Ha&g-<gs_Q9i$
z8|bEg2&-E4MuP+|B~oL;=y#`UHDeJUQ+~N5z&%k2CabOX!?E=OUpjkyrCz@bKgk*{
zto_@^+_AD9p9)F6(uocRJ9>SY)ait=IoRS#CxUmoWjA0Fj<T&o{CPn#nUi+R;%MpB
zkIOOUdI>R(=h9BW7YNXy6SWW3l0R~^Mftqxp=vb=jx$#ml0FI&F6JN-_Yu-??skk$
zvK2$50txujtun|J{p1D_i9;vy55MW0vGnRq@AM#o?JRTAzT}g`RgPx<B59Zh@z0(q
z`U-CsAH<W>D5zx6E#5V%F&auxdkhZY%}Y1<AWZ)RDa4G55ovrhAqs@e7Y#?W5qgLf
zimyB^qpZ#1`S}ZZ$krNnPEjaY$2a$CQ*HW^>#s_03<m(fZ49K<s=TDho7KC7qabkn
zqzD(unz&ryiTJJONyJ4?V$MS+%)HGGk3NPd2|_)4cHe={|I>qlCnqe5ZdxTyjQ?bR
zo57GakfZ9_9HA7z<`&O2{EAblP-?Yap<9;AU+zsX+Xs=_bWHWgMN;}UP87P6L?05Y
z{dm+Wxfj!7FGd1SV>n#T!mp@P+3x)#BLe2oC!$H)$OVgkt9G{l*>5r*!Fao^D|1Vk
zNvdDx`3F;rzeZw*hazS?8!)@tcF<)cT2#J_W<)>Z5S2OcjGy$UNj#)`d4^yBOe2xH
z$Oc;rSc5VtkM;;4>91P?MeGwN4|*fd7~iouqBq5$n8CF^J=B<xdW$E`QnCP%Djtjs
zC%zlpG3xGe79@i*!~Tv2UIaaFOxEbZ3$8Q<T(Sbfkk~)y@EDaPK)Ms{p>5%sp29P_
zuAn~tPpYcJe9HRyjAAGp;e`7*DMtU08p(%?{yjxl#jeA<`=Yms7G6eW;l39DJI@ZL
z5#2zrLk$MhQ<s}Lsv&ZamTfj`5uDz&X`9l+lmIMGqQvOHFoR{ecH%{11(AO#0QO*n
zVF+pw>%MwBUD{U5H2TAs<B^9m@r!&I(dA81V+Na^8`O(~xv7kcM}uwj*{pdmImOxb
z>{W`qu0{2GYE~7iFMWe|*&pDH@=$qBXBL=;InFXEaN644%^%|53do^nR^oKHpQ&}2
zdz&9fk_jPllc=`tte@35$r@GWVsuic;KmV$q&vx0yav0G0fTh{NSW`zr80fz*FW}D
zrT|}Ty@WHU+^3R+nwGPP6X5XlPp(_1dB2ev8Z4!N-&F;USpj!3_$Gv`2VRv`eUth=
zWUxN6Jdv6EC<?ER$&$-=5f1U6m?L022oN4u>i2(QrrVPRMb(Em)91dKE&Z|vX^_!L
z_Ka~VJaiNA8ze`^bZ^75fw5sNeE0kWqU~4c;3(A&YMs21(Ow`75)j>>b`H*(b|hgi
zkoQ0e7-;j#&es^pt~AyExer>AE3oI==S}6>6E-8Juqz*Y<OK+R>t+rltXp2}t-U^;
zPTDOR;VC}NFYE%4%*v*i;38EvMqRPsI-pl^kkOC={<Ulu?6@AobfLVTUthv|4u0u~
z2HT$5Ji;7!1^kmF&JxZ#SwV`O(^29L4CL=e>Uz}&33OwaZS^r>JLwFRls#~n`bm|0
zW(j51uP*3#vH*Sjt0to@&@bcJX4t?AqYu9%w60nU{g*#?70Mb?US&sfQqssi=*R(u
zUN87fKIPQxl8&!PX#>haW7^x|W0!jVVq4@?m4oh<E0PEGb@`tyskEVCzAT<1YfmqK
zu|stY5M4Kc%McfSHSsWs;9+SUwK8~mhd5xOH<D1fpT!Y(B3tuG2_W6zCt_xU=Jg7y
zzcCN-lug^5njs&mPiA{HL!NlxsQ+OYcG7s`WURRPMEfGT!o>3@_?w=CaE@`HF;aEU
zUUZ!1uv&Fpw|t;)U`wWmsKOql`>SS({EaK}yxXO}{3e90jPyk=;z2|r&;eW&zkxg@
zmYL<TE#$tFuq32Z`H|uLbCHpd1blIF%xh2Zof#34ob3aet&BD0w`<`ctRdF!YfgGO
zMk#I6a#5W`i5PC)qZOjlL@`CR<PG{}?3lp$$=ZXMb!TUX^!FD}01XlVasFbkh7_}_
zE!5}dXhUuy0#RUboV(`f;K*3RaSi3dh*W^pd}rOUo;_b<>pr)|I@TY^`j;wTRe%(n
zY4h{g7M(tsu6(9>Sa+2YM$gj+pi2S2!Pr2RE6KdqVSHTuiP-P8s!bgrJ31EQ9JaoW
zO%r4@A~zJW=?FgrZ%v~<w&=6bdl?ha%sCZNYAs{vAOKAq5xJm>p20Gf1okX?g|jIk
zF9OB42+mi4J#xES81WZpcN2rll&zTVnEkK?GOC<M^X;|_`ch@PQB8tdY*cYcKF}8j
z1#!(I9k{P*1{@B;hXT?dHXg<h)@=?Sd0R%-+M_H^@x-LZ_-IhH3Z*KsXsIZIi`0L<
z-#27^o>05*j#|ge*6k`;xcm7*WO$z3g)VVw$DAb&kZ{DT=tAtZC#F#`^qk=E=<z@w
z{{*Y_Z0dQslwqD7rL{p(qRY@+uy7F{nyC@#w)w2ydxv8kj4}m;SS<#|B`#tqeDE`4
z504}}PPO2#G5NTf@xwvFx2R~0=bC0`Gj{^%-@P$9>!1h_mQz@!dGbuf<RYQtx9~fR
zfTk*Hj5IvbW+xr|%A(u(@U>{mU&q@J={7eQ=f=RCvzjbEu-G(y>g@C9N~k3-7Uf0U
zSAsTAOu6W5!*gz0mmtUX`NDYR{lgfG=?WukV*4@jCG!t0J?;-^D^WVdcYS(=!MtsH
zwV?=uoMN%HA0WrBj)l|Yfdl2T0zHl7gr)g68Y5C<S+)>hP9&&;Fx;YaCX8W;T?89t
z@7zphd%p;r;4XG6v>-#dwIR02DSa3S)Pnw1{!(>u-bWYhO!p}YYN3joTxZg_WhNeZ
z8F;$&1WIk6-@GlC!)9_usplxwz&IVV-QI?X{q+b&U1P1Q6NTLgyh1AA!`opS#8gv{
zXg@k9di>Z@#x+cYBWEgJvUVk#GPS`K`jC8Zr(7R6u2_q9ErM8zaJk8M+Igv(F-Zre
zo-c^;F!WYKG9o6)MJSq^G0jIJIPic=ppy;;GdY_78;vnRx{WkH#G2d=Zc18nDw^ol
zvd9+bHy{$<grZufVoC;oHDnde1-YZ8!QjEg8#sYDdtZ#B<opjXIQR2DYZH4;Qs9`F
zVM2%n@rV6lILiz>Te_*2*y1I+uv`hw+wa0&s+SI%&Hs7ZCkLMW$am`A0^|<UE;tXn
zK61oEG9~+v0PtzDeRcDajJj&4m+;_sqao<5hQMXbFKS+9kUE39niwqj%>Jq3veq68
z)M0IU(9Lw{7^Qv(Id80jjQEE~yW|*-MDDgTRC+8G8xog9A^ONX^;}_H=6!s&n>d%l
zUX*P>56$i{AReMMUGshUG&?{80pu`!&|!~ln`QrmUhgm4mFTy$8PzzDwtS%sUM+y?
zSG>0D^eQB|ZF~*kZy+}fhxt?7)&9TDtijQ_t`;vHN|?A&2@N?_@MZ7kcEth?!WLX1
z-PM*^ofm0@jXlNg7y7pIj80dr=;9!1=ktx6=Q9HO2t<^gMfIp4U|4Y6M%eoCPwmw!
z#Hk`iMe0d_fAh#ZMxvR${z5{%aN<3j`36#IG+cVOA@VG3bJhNXnJ>>3FB;Pdj9Ppg
zE-c+k(;J4oEkczRsjL{_llM>j%V#{0`qq4wIAzx2R93f;27Tw7=6*PiS?=;?BF&~0
zXkn>mKNL{ZC*uS4h+-PYx42_zgK?jWZ6%mY1x+u&n)fz;lbPj63f?PrlsLiz++S}o
z{hP`@UeL1TA!LhrHHhFK7%%1!eRRWM-zI8(&G-m_G+s5hKiRM9qjiEnLX_E^YHxTF
zBa$;c;{ee%iJPemmCfApm#0eV>IN>(!Pkx_;~&-}4~T+rIE}h*Iv^R(tf*D4;1y27
zwY6tUVOtH=N0xX}NnGj(C>&E$GuaiAHc={b5@D-iicMUE!vT%@)Hu{sF>Q6&0B^_j
ztVRwYfwX?e{K8WxmOn${86>?^J@l_pdSqcgCZa&jBq#Pk6XOj*nj)3#AM1GWrb{~Y
z9?uT%pvfrJgl5dnMIKDn33J2;#Av)*!IMy#!q#N{U%nHIb$u8?N8u3+$>W@?<U}#Q
z)YrUZI80fQLe!~B-$$2U$JzHzSTwiCurin>mIMfxI@IZ!h&wl*rp+9+l_(N@A4#cO
zTH*vu1L2ZkD_Sn0Yi{mY-|M^RzpV65)Jgz0wE_dg{Fk}mRI&Txo-k9FuY$VM?Zk`N
z?YsO5@9Uupq{Cy0Q<un<cJ2`vcd4a1Dz)S0IqQ1pj<JmPk*H-@v#2D90F7(Dtv!rx
zo4!LnaNYe%f5}&FXo~gs1SHg{P8DM*{ba30gU<BK7Xh5c6Cj{HHJ9ZZzrxaM8fxG(
zm0K=v9_Cft5i&Cf*NflYOwQq-)P~2*LH_OJnm2Mwm~Mk~yIEMZQlB7GiO8dV+cl+t
zIT~1Zltj$zY&>lRz<qd9R3?y9PEFS2he*zB#eRXPAQW)0<ag#}IteBj!QcaENn;A3
zxB$Daa{k$cw<q7QfYz(8iVh<ZOBaf-#a6dJjlI`eR{6Kq_F2sz{vq;-I@Yy*I8At0
zT2qUUbxA`|D6uQv-bU)!eGg(Lf~h$OC&Cc<R*^uc`T-gsx_fzwQR&WHwv5_uCh!n$
zqwB7w#@AECSchD|j2ez_03B$)$nEZaU(9it23o*EDA-=;0S^e1Y}&q1PW?0+dn;!U
z)JJ5V5;n+}Sk`F;>IlOJnsa~F@<Y!(2!w!3d_n=%Q0VZYK#w!gUTbBG1i4^!VL`Ct
zk@FQIW}ChnST%tOw1D73((Pc3Aj9I?SCflCk%*Q3FCP>%as<iRHZKfA0X*Nul^HTx
zdw-1~iBKUL<B_iQ%C|)?+g+n&uG=9s8|~U84AJJcz=a(zpxBBoCbf8{yAcmL7Uoqx
zX;3SAII@4pSM-8-58^1l8YZH1>{RnFRnkk|+7>XgW2mrX%(h2(-4u9*_UrLW%|q3c
z*jyHor?mvxR%m=Nc`P5PHuy@vTU8uvhQ5SXch2=hmiUHkM$#oj4r}3AddF5La8{fu
zF&s<=yy%Ykr^N-TK&w{*3z#(2d@!EY{dd3Ns73{bh(YEN%Oh4J+PCibUim{}6|?fI
z?3`8;6(orw_*%v8QkoOpCZM7W1Sq%c1+Y#Q#*1%j=@Vnl<FL>}A(!FXdb~ZH;&y2V
z3)BtOHDNH5;hw)Wfvu#otOWYWjssgXs6t+=7G>Lv_vmHVwkso{hTlJ`*9@H>$1hua
zuxADB>5L}_MGqlxiN3lHhdxo;C<%LPG_m5MTY8aTiL+8z)Zm4|%Wi7^?u_k{4}rpV
z{8hA=X&ejW+oV!h5ym4BrFg#j8iefW<1TtB`jqxRK26RoS*zqVx0jpP93xYDAXGnz
zoel7NMIS-p)EiB5rr4!Yg=+dC!9af1{*(>o1UK|}Drm}6&G28IZrp6Qu$Qe|+l{+n
z*+26jEqga+n;Ao9y^Odeol{SWsZJh>M^#vS{A~?-#y90z7_81${j@L|id(_r*|dAY
zR+=sRAwr0AL(1&3+Qfv>RFx#g)I0et=4)6m(*N97T7K!H+q9Y`E9XG&o#)|NwTTc%
z^_5L1$v5^-+A!0`w;l6I{q<gH0tpc%5D8+QM8{BtavL>4;&9RuMgd6>6Q-l~Bgh)k
zn$_y{!ZFecs%yaeqiQj@CT%%R8b+RNQ{NE#FqSz^=}m8Dhv0-EuH>h+{zj}nN%+`f
zTFIkMIiII$_R<929hK3qIEJ=w*!IJHx97IShhcWce`{3WCLx(P<njmTMUcj8qs$i!
z+3`4zk=IX^4XA5OA0cvSkHzf#(yCo5D+J;cK+{}9m>c?L^;Epy#Q{Z-(27DuG-MFO
z2g}pHn@EDyL+qNAfai^^yMd9Y(w*ZqWRc%c4|x#U28FiYy(7|sf5p2Dmbbzc33FMS
z0vzPUjCZW5Kd{{B;f7HkzMBS)9Tl$@=<F!yWV8#1cK7|Rk*u)&#&ft+V|?*ixCI(!
zqOXdET?USRcbdGSQ(y~Ctu6_-xRV!F=O=fn<@Z1nt%M?B(Ey?d^9V{zH=~m@LaHY0
zBy6wrgrH*PdRj9<q#{Jv@+r9|mkN138rlA{Dw*inVq(t$*J3C|eTePXr{64Fr%sK;
z(;Sw@!|O&%p0W&8vb~lZ5}cu->6OkHL_cl~^+D_Nu1NPp8H{g%NxDVR@Yb4aYc{Lc
z=ryafnB<FB?j<DMGB?>D!5HDd*7+7dzQKCS;2naHcE51g(|U|k{=h~wE#t9veqY_?
zP2ua=J3HCIvYr4t-`vqts^y;E;=T|*hF(6#=;_Z>@l^*Y#V<sHe#j9m2%_oNmU#5P
znMi4Pf>?3eV<c_ALouq%fQ$*pncM2&$7D>*wLx6rdGj|W>6Du@HraGPTvP;I4>!zG
z+P3C1Jt%5s?7f!#BI$ShMCIJnR0#(YI#6a{E<PlUo8`cf<@{!P(3HBZU(&@|Ua{|Z
z5w=?7&wHRi_aT)kJuvgtAM}>qU_C9W9NizlgQVl`v5~<+DE8#7Dmgj|9f1iz_^f)l
z<X-!D7+o^A9dj>?HrC?#mKjmPab9$6$+a0U%^j=x>%G26%33-av00d^z16IV9n&RY
zKuE4y6_eA~%g@LI7gmmadQN6eI-BAc!AOBdT`E8lX*|p8qCY5m%so{`9hiu06oyKm
z?B_U0&?2yl8vh!_rZ}>+cat#cb70R}kl>ZZk)K~6<WDzr>stZF@34G7+3dvtcyPfR
zj7Im<7Tv%jwYL#%z{O%_wG{x_=ioiSkY4@92(fVY$0j8uP}PpSGXi(Wc!`hvJTkq4
znRG=7^8&3L`R5^448aHG&CWHqJBQz@Y9rGLBOy0eRW6qSEnvq|9xothw)<$#jUQ$Q
z1H0s@0t*$lSH)Yp=-FLPbtMGEM3ioHE+QNl*TDMOJ(*WX=_4jDm&w3eE<I)D4B<+a
z-3IWznA;u-w>}IJX1c<jP^A~j8al>uEegj$Q}P-VILSIBF;Yz3$lQmo7xiCAPf&0$
z&mtN8ZrkEHY?-P4wI%ZaqI(U}l_HEtAp5QEAy2^te)r|Av_{uk7~&5091<cZ1iH@y
zB@pI2@Gd{TUu@W)2Z1{<D{q6FfT3L`2#)!ZZ_bcLs(^zk7L!6fwG&s*rlv?0Y1Ai(
ze4+=`*-LdYBKV=pMtPe7Fep0Jp&`-MGASRNn)LWUzi6a1b>)A8Glw_y`mn>OT0LI-
z6i~`x)U~1R07QAVL_1mkf~{>*;o;*%LB3z4$JpR5@EYy8iAJPQ1v%Lf)OPfhv!mis
z@S&?le41O1g~rscanG?A_9h%2j*2*aj2Al&8IT`n@@UI>EFDFfST_aFFQkORb~uVH
zdabSp)D5m3z0eycH8<3Hy~9SuJPq5PZ5`+q=dnx2k>xvwS58iBL3fB)u1Qy@_zMJS
za;<=r^gAZ--~fVP=ZB`@w)CMmtO=VJ;!$g`OBz-F0_lL$_o%N?NFKc7^8_|;Pk~p(
z7x;9C3e{cpg<$QBwMPH3%&72`9muf8WsU{Cn<nlY^kZUcD49^*3s3!#tR^cq7m?<q
z(mz9R<YBvue2YzjA80Agu)yj(7yJ9I!H&=nBI3DL^(U%v>wbYqs<mkc1(-<!WsYqQ
z8yNZ{welqu>GlCB1_AYkxs}Q{T>}?#@PMV)2$a}@>O^!j5Jsx2<R!oLQ&5=hwLUIn
z_1ym{vTlDkuHB-iv#PAng3XPC{%#TA>8eVM23F2h5s!op3X{7JbHds?rs<iw3B1>9
zun6cj7}=w4L?!4#O{+5r)fT@uF29ij%d*tM|Id17mgb0u?B4^LFf`TK9AmL?w^Udm
z8sjc6z6qctdzTI`Q<M}vc4NPSzRVP!kft~}dwc74uTMClFt5-5jocn1<A0OeQ}(bo
z`Q;xsv{Z7ofufVeXP~Etq7$`nbaKXL=V1RY0X}>tCRY0Yp|XenpIU2Y6GwbHQELNd
z6JZl0J7W_lUS23CXGaqQ8z}dUYfTNi%@I`J)!IFyC}^h_7zn5#iS4H8iy|q@H-UN!
zt!nD_zgeXJp1)?M<cUcl6SB3pQn7}XsLe8OshNl*q1EmLrF0-}?ku3kO$fT_idsVM
zD&ht97EvVg<60ihz>zFOAVOS$Y*f$<#56+(0%fTb*gqv|pilqs`s|a?6~%|No<VDY
z1n`ao3gEp1kN?GWHHQJD7e{AUkVF;KM1*wFgr_lYf($950EYQn5)Ia=Xbxfs9@E?~
zmw`5b5w@JS&mkS?yx)u?fj0-i40Hg1vB0n2_fQl;AFpWdsEOZJWRD9YO(je8*Ej*{
zfS3anx?v)^2(<p$Uj>+#EC8i?8Co4eXTit;^Mn!*)&`&)X(@imAF2>Q*xwbHlP(|V
z1>NLG97_)!S_d<WR38*Gs%awtN3t3iK(lkeLGG%{eqI`F4uT#K+CC*Z&|yXZ)S5!u
z-x&1P3kom|QcWWgP{|!86J_c-6jT2$MU_C{sti!ilWq)G+CvUNpBTW`LIi>RlnC+(
z*bU@w;GzYT6&zxnxJ_gp`H8=!e5^L4p$tM$GKkO}QBfdD9mb!2!*RvHH3HVXctUsc
zlr&gC2LcXnsABjbm}c|8gOA!nWg=Pj5zkQoa!w@VK;#F8(q0pQdom7zDUi0r*beF-
znf62b0P%H00=5V#?A-Sn2M|xel^`IB!ht|PcSQh5K$A$w-h`sK!-ewd!$IIguFSdB
zk>GGpuEdF{?hethb@NK)!23r<OMoCp%UcZdR!jeGIuX3u({j6OREH({b$NLy*D@~#
zE7)-iB9*)UxhokMdTYe25tUV&R+3;_hWiY~Rvv%4I;heZNsi{5E&nt2X8)1TiYGz6
zbP&i9oOTD?L5CJj9p<BzElU#~^!57?BS@mgfp^+U+CpvIJb!X#tB!0MiTL|;C1!1G
zv6uH19zusB=u2maV=O^_B~sNzm%P1bO6(?KF;8GS%zro=gU(MYKXM|=rOXL950(4@
z7JRS?xPOZSzYhzD&~o3fa0SpBwiYb!So1=B()EY%O024i2ADOdJG{8Hcz4nG3cI+)
zP>tJJNFT4(FF7Nx#VW8vOGY2gtdT=F8@VYakp_$M@H4!-$EP*&t2A+4kI0o>FH0?o
zJR`S(>`LtAOn3+u!zoln-;S<)#IjA!04ZT6xvANbK=O({&kH@@OQ#O+#O?$%{>QW(
zvo}+ktTGP#F)AqY-q2g8x?=c2YoPQP&n4`j*wb-yLw<q5g3j>Tpmi%zU9jQN)oj^(
zRFKN}=K8zt+ShFtD(@3V{+XxDPzv5Bq%&3BswihC4*j%N(Y%$6LHg7{Zk$qIs?Wog
z&ybql+SZ6G7POQ5>siWwhZgXChlHO@>rD6^MGCOEr|_|@p}4uNBrk<h<kYDs<+>Wg
z>~VelI&g}c9ZRk>8}Tm0Wt@t*cf^7}Wyi1)wxcQB0R=f4Nl!8L3FqSP4cGgd{Kei2
zk?Km4b4~XnpvfwM3p;?Ez19SG;_~^~5P$#APtO?~`N4wnfu^kq#lDZ4XGcYHTRQ<c
zOYA_Imwn1GgiWFI7ZGMwxZ|WoMkR$e#siZ>i&-+k`;u&<-oq5*;bQy9-z8fsH%$YQ
zSSt17U<#Z4=ziUO21^GzfKnx9%=08RlL2r7SXe5Y`1^bk3Q3tyji5h6NDNb$h$h~l
z{Eiz$kdM(Ir!JGsSvE;$sCae{m%5@}JS!uCqQ&_v#&RUHE%8wgMd}|?zX8COwpJ`{
z%_LpSbNn9M5oHHThk;r@Bwmk9y15)AZBWFT9Y<H}=SJbpW8DP_PsA(IFl=ut=9VO3
zrcih=v2q1xQz92jCG9>x#!{i1o`(5HOU#0L$pDON#E0g=W1g`n$NUc&1AxvGq<uzn
zBDPYy(h!-akLpL$3;O^H-~xZ;oJ0MSt)4?&6%e<nnOhMH_iZ2!&@I_S%qp|D8%oaD
zrC9Ba)zWBP3dC(y2_~dqEv8FAi(EZLr<LunOG7HtwC*wf2xR1p2w<+{DFjJdQ8z2f
zC<ZpfxZ0-Y3eV>#G3+U3p1gcbZr!IJHRpn*Q(PcqHQXcTh$3?&RG8*XAa0926WhaV
z0@*K)HzQQ`fvWh2=j`1FiF-$rU~ft2TYC}LjKg~rgx4n{Ln9!}st%PNBKuEgI8haA
z6_truZYi;h*}Orx48_|FWs5T5IxHCu%6=V1O|_O3d*ED_vEF0wEKZRmm5KN%u!#Ww
zB_s`XH2Gq7*q4<0i@14xzx3h|vb0)XtA#wBrP;bLmCD^X^ftv%7t2`)a*eRG8XONz
zaFdjPx<!sod4tM*L!v8o!GDR=7vCfG%zZ;qQdCP?t%c-XBonTcFm6)|1So}tJQH{1
zi*qhs53hP+>Zy6VqM8X7gN(w-?6fh`Ju}1|munFxIMo>q5MzqGV4i1&DWMzTZMDH%
zD>JdOW?OckElA#c_}JvqQ4)0YyI|guwpDc!<y_|-Yh>4-)6403|M1T*hnFiyFU~9w
z4|}Hc6hAGN&f!@+DeQj1A<qGcH@<()tv0qtQpLGLH)sBMFw|db>g_~=rM+uHM^W4f
zoIN*gEw1w3+405Rm7^LeHt4&e;~Pbg{?W@+P$ek3@;)%OYPT-zDxSwMZvFKt{L4S_
zXZDK1Yb2);?TUoUw00ef)%11^gDX={FK(Tqat*Yz?+3EeSncZKa9V}M2<Zhav%!kh
z$jNok_N;`tnpU;E8Nd0eL{s|Y)Ve>#df0Z|>jmy(jMpbK#g{pteIxDV`rRr1`+jsk
zN{z3YAXzA$Gcc(qi<MUJLNnfTJ0Pj!gMVTWpok@pC5t7k*O;Cu8W{b1Ti^otV@+gY
z8?-!Ex7+jMs13z?bouz&xoZtD<p9|)OIH#>y#W-}PG}e_?+rG|8jG03b#yy%XY3>7
zYr@y4S8Q%)e?+y~5MTDRQI%cvysCp2kFM6y8ffk9hetlA0eb7MlmDkZ)RQ$`rO)e^
zvSsUg`nxB)w&KxkQC!{)QRb?c)Wb$YNA7R(<OL5hEg9aLqvT2T+J&WpiuLns*FE*e
z5U)y<$7=sREiCW%{`}=CUki3tR{db_h}jRNT&?q&<T9~PYtLK%yCc5|3CG4-cC2p;
z#w*8N=e@3&7u!sA8}uJBIXxcF7i4<w%-NG%7$>4g;1Dj}?im#AH89Y{>V^^}lj5YG
zYW-4qKj@+nsmPLJJ*zRraJ?aX+rgB<mhviOi*5AI>}<8D<8^NZf-PR_WbMipz;9ny
zR=(UR+WNEcVUZB&yxURPU>xxP!HKLu_AoOvr3)Qt`yJa;F}v7hXi<Xch-@VmIvNr<
z5(#a_YU*l+64$B6G$V#hM0JMxOX8{XaID!DGW%~EuEIOV!ndyB^LkJt1ntsrvfNJ&
z?XLCG#V>kQR<w@A>pVLj8?hjWy21N~NIl(aZars5k{;W*T^(E*)Jc>OvMv@wxzTna
z@)p0$tlFBC`(MqsYMGeZU9U!mu{xd3rxF9-N%~y|>83x6dV_TVG7f{RlWaCfu4Lv9
zR%<PtId&POe225B)|}oji>|9{GK)_o7MeGLG9N$fVk)D>OIn@E)|h5*Ee=nC1`>AY
zwiZ}6JE&`)1^cJt91oq}oN2zENxVjasF9DK={=3AgfDWpg+acqh$cm;nr;7%W|QXH
z3{E`gZfl7)YXvpqPAL6Ibu^E9?s69mT+hq=^yPciYxHnd?9v}zKZF{JHGywsz(|0z
z0%q-;ScALTbY$xNsGWk5Ig%)N5A3`R>B{Y`X2zkgD8KTkx^W8hq>D{;bE=>(CPkik
zzaz_VgwwTZ+8-h9!QFZQ>Q0|31T+_kDrw7!C!Z!KwtP~SL{i#BQai!$4H{WV@|8a5
z^PTcohaZ~PvJPTiZL9*GGK*somsJ&C8xZUBh1q!Luz2Tutd?OeDx%&uqJuk-aSAU|
z!#QZD@)Rl@!Zz&1Xjmx}Dn^Bu+k_$rY%w-!RBGf@4}s6YOwwbkcsq@Oo0Y#B5L^HF
zY{A?a!n^O(3%hOObJ>>Z9h<S8!6X+r1g+T%RTGyZ`%I$5U<IQeoZzs9^Rk7Hz-&GL
z4}<T(+-bq{3UdKlw&y}>SeXRKw)Aft6)KVY?aH2PlFM6M+ePeQT5*q3Y=Ss$6N@o5
zy7W|!Zd!-JSXx`Z=1jIrU{*HjKvY?+!PN&cMI*2&oip47JC(FnE5}hp|Ae&M#rSQ7
z`dN}l6eseOwT<xE4)T3H#lT_XEtGKK-gh<fn`uF7zrIVA)x{iMg&sPS1wX7i1$Ews
zCkJiW#DzN>ZYC}B+kD1Xy$>XtJg=Kz?#19Hk#IG<BMvglGW;5I!0Ho`kLBHr<7~kt
zb8%OuW4U3WIH=aSWL;sMRbbLPQ6&7@F2H6h?@K-|JPNbjIPA$Xu0PwFc%>&)7NPyW
z0c0E;{|%4{xHy~JIg(S*DO)&OoBTeNTnsHujGTW{LcajZ`L|BmK-okc-_63=9N+vG
zzBxLYnBv<T7+D#ZnNZNlJK7n$7@0Vd+Z&tyHltynWu~WPV5gvyGVyS;b2N4$r-1sO
zBU#wl3jZQFd~#t<MtTNz1_nk}2DaaeLG!nTjGgiSccrqUfxW$n@h=24uy!(mqLWt^
zQKuDkv9>leu(kb#hUCiT7EbuT_y4qk8ei4K(dl<Od?s23W(F1xMphOYMq1YYvhBD1
z@B2twxSHVq8p1{=Y+`6(U`v5-WpChY?qp(s@A`jtXQgGNWuo{G*fg;<wllPZVrFIg
zZ=de}jb&L`{tL>oFf;x?Q1*8Uj{j3Ao2?;JdpQELy{ngRqTSd1*#8eG5I`UhNMy4~
zd{ZSM<f3v5;<*uK^R@YQH&qN%qA)!{(b+(}g#BorfCGD7aZ{98v2vtBlybK9Q(=i*
z!W$(9>Qj9~6w8-ZMQDXp@oj{BRL!zVza2it<%MKz#9|R-xs5;ORYo6FPDXz-XBwjA
zlzQrIq+c5%CWLGB5|W&I(~8*Q$51_P4Sx&s64Q`paxMHh3j(G-$EYw`&yxr%mLDvo
z5t1a>7CzA48wEn7*B(MrVtVH7!e!7h!=?^3;kfLr69FPlMt#s1J@G;DA;uVy9msG@
zvjNhuQB&hXFcwn=aUvA*!F@>jpFdV8H99qiFLls97FczJ9Xbm})dS+U`e>ueENp}f
zy1;%&8cQMbPzeJu0-uussI#_FRv6BVU|roHv*e)c@BSeZ5wfunj9EN8+6v^Bc@N}w
z$XYH;coG8#0XonEDLBq3n{_nM1JUs0s$Or`ceP&**G$YI=fC^oXRV&%`xm<F?oRHo
z3-sRI&RHRf{Y|#rD%DGq<~6P9bF7}Pxv#KX3$6O%0c)vs9j&GYmBHdEL#gWx#PaHJ
z#zqn|t%X&a;bmnF8Z_VI3_a(qz@eJJ0*FhuudjP;`R{rk>Z@*Fw=aDru|zLzN5WN(
zbnoc=D9t)UiNHFqC^dT%8gRq$0Qt?5KuMZqfoTkgOAu)*F`?uFD5j5q3aUai1r5$c
zbXWDK%J+12j73zy;VKb4rIn?P%v_IGs|_;n!dA(Uf9a;R6;$BnJp+}w7B0SAf~hNS
z!kg&&!AxN2Jk~>}C&KI-_sOQiYJU$-irTV^)|?w1k{jxnHd}O$4ksj4Hq&h?T{}FQ
zH)T49#5X`}t0LDpkgRwgS<S|(n2Ht$*peZpr&{x~lPPvv23phqu^MjvDc)b1o10==
z$6=!QS0czeeU!MtkhsF5a*<=I`V3piS?yK9yu--hl6~M{60&S!X)3fx_FWpmp&BFm
zirBd$xwY}mDAvf((U9Y)gOxuCG7WY%At~u%<4)SRXs4+mGk*cEV@htLC842K;Hs{1
zqA)$NR@F?v*!n3uTI#K-DR)ck;<<gxYSoHiu)WwuR|4T@&gT+$f~V)>$Ak0pZhbo|
zR5;Sz^6%nx_GZ!UH~_Ad69pnAnj@QdPJs#sR6?92gT$!$dno@Y_ucHob>)L%l$94B
zJ-%E5cpNG`#29p_-q<={;($P79WuTQd*jMwr2<%}%t%8-1~iadB%dF?+PThh>zou4
zf|2483L);pH9!gnwHQWSf3%1~UVpSio4n3Qi57XSo}v`$YK<8aAh`r~65F(xlN!d+
zS~3KT<4`?|7=N_n$o#E|f&=p?y3qbF{+<IpTHBt>$_4<KtM)`J7#FRHSP)KXLt%fc
z)H)z-x*?e`H?F3n_Dh}lvI7BSx+rWGBMdgZNrrizvIQ|fxgmb(<?)llXp22}^XcPZ
zU!%NgKS64UE8v6kkE56F?(Ow;>bJAE?$5GL?Dg^W+Zo;M>CM`&7xulx`*C^f-l-?I
zedy55gpG&vy~6YUI(h%K0TlUA&*=NzmQ`26^Eyj6dU<;D-G2KG6CytB<#v8^{pjhJ
zH)T}!Rl3>!F{Cf%_vd@QS0JVrW`)RRb<_M~jj!f(pMvj?NaT0#oaGAiitV*mShY&~
zuf8}yv7t1jfD?PJ<Qz7VOd-fLf-~hlA+dsWOX8x21#n9L1qu}O@2}E!CRXFbO(s^9
z@F$Lu3oz9QGl6YX#6fLQ$pGskPl&I=t^+SX25C_#P!<Cgo*?H`Eu*A-%SyT^o68|&
z;cF_D1TmLOei!n(NSZSE7Va+;fx+ASI8Xgv&(6VnwJp=u8U|mepn|H4vpp-_{qxA(
zks(6f84nHa=tS`5(jJe&!idIL`5XI95t)1gs~bCyyq9L8<!@AC0~ovR3d(M}l`cJ&
z-)_@&Qm42*67|=CLsz+C_P#*fCl>7))3J*kG8l+X2+9EIUcRIJ0oK@5DH13rsHtz%
zTT%nyPy7i4OK`h1e;e>7?#jkyor8TmWmwE$kTQogHhvLpAAAw0HLyjFV6>%#CsLbk
zGPBh!0C=Ma*1kPK6z>3_PzE-kJsKmumNQfUaVPL5&VR;$oI-^W)o(eY2O20ChL}Q~
z7WmD;0!jFG5(StRcLQTjp~{H-7E$6)0b<f)K~apf=4nS_kbSaR`>9*m4YH;wFOq8%
zfs{`dM{CI}x+Q3eLx;mE=1O6tEm$J4&s8<K`GcoT5CBQ#7*9@7P8ev>OL163n^J_?
z2>e|Sz=5^8wpl}+$^c?bYX%h-HgXEbXT61!{^)w5ziTxkvM=f&IWYT}_2owY@$PDN
zL*?t_f;C2(ssM_8SK9aHetVPWzz=)6zn(bV#65+pjvTy44fno|{)YR)sx5q*5k1V@
zxO3ZZPrk1>Q2DvA13l+bYU1rNgZb%<QNyaG)h%>GW7YF`nN^yPi!1XHz9zb8i&5at
zOZ>r$<3AtaY7d_~L<l&TgdWCL2!{{c+9mQM!6P7yqk~5#e9(V++hu(BdDYjM_?G<V
zc$u+!yJ6<l({m_R?nY~r;S2fmIQqDy2R8mhwJd+i{Pha-#iz5|vD(YmA(5WC-7(oJ
zl(iLZ>-ef?E7S!2zj|XV^z{FWOQEi4VhTkkVQXySj;}?J&qB|j14XA~;c4=pBov(*
zz7_*M6aIe+747Vt@tHZ;e}_=~PY+YO-`s!PyZ_{b@wK>x>Did*8CV6`S%ld{+1Z6y
zMOYY_gxNWmnV9GW+3DGN@&Esu{LUk7Vr%y6{xLAH{vZ1?Bq^OvDI&-tuUFuJh~jM|
z@%E7LHKFlb@Ia&t@DLL0{1C1D5dHJ@_9OKUBdBK7O?3+kwq{k=MU4v_$F9*aM*DpF
z*3Tb2%(Jh&v%a@CJ*V8KS0zacejLSF)WxwUa*?kYv(M}qfEd@@8w}>aYk{o(E703e
zO?fbdI3c#cErl@!H~}{Rn)9^zIH4_oT=S&!umWy?*XC;To_RQZwoO*%+jBg9x=pY1
zu!66EAM+)1u>4#Bv`re!ISpX$L^XxybQwv@2Vj_u#x~*EBiI=wtD|?x4$v_;#-M=^
z!`vAyCHOh~ok1fvPI&f+*C-jhm&o=V65RnKsi#bR8cj6jP~#l_Pwrfp3X@*|=l8J8
zAx;2o{w?4!;im%n5Y<>R<>+9db4gMS$zlNv%%o+KhwSzUHt;dhr&4_;%wQGN^nls|
zO1=&fIUwSNa(Uyts{o286X39uN`1^34+NLf0C;&6Gi^+>K%c`AP9C7$fbqD!F)e`I
zkarnK9}kF}aCc~KO)h6Zb>S}n*Pzajdn|eaT0xxlXx9`QPG>xOyc<kSW^*R~<=!|p
zC>=oD!d?+C$nOyD(V=h?NM-zsiH{HH6_Ctds{FMU_blenckmVeR{-Gx9{r7L$!&m^
z)JJbXw*wEL1T31xJ~vOzmz@B64k8{Ix(m1uC0n7rV7S8f2AK}6i{Z*$C@u-Du^S*(
zfy1H|iV4ddDDDg`*#!{iz}cbc4*-i$sv<PiL4X_u6%~7-hk@HrsxkIMj{xL1sN~S}
zy}&If#U7gK7=Sl|Vvio^abONgv4^HV1K_Km*yAXaYAn~G6nm)HDe+K=Q`n)xrkvw6
zaKTc`7iy|!fpbhi859bqP$`942(3n?L_bd|4T>&qLTL&`?Pd%ZwA8+-Nr!+D;4(07
zsk>JL7lCPD!cyPY(yjoC+Ki?CPHEIuxyqBmjxl4w(#X3}rAN6`l9hegLVm$bfz1N{
z1;z{<8@M=dookj=OOt==iTVh<8&p)_*q{bORWW7h=XE^kn8wZ0(x0Mu(lNi|I>+9Q
z*L(+nn;ctso2BOZJYitRK8`nB9dn<h^=~xV31AS%aE>h;ANV1F>^p99a_)G@F^%IA
zKLPXsCxKId8aEkqwQG{>YP9{9KIzhu>d$Jl9EPqIIc(|k&oruTt5&K$$@%6SUOoeG
z6#1m3FW>6VYKJli&9bOtE&y|uUJvLmn8wwX)UOsTefzNnmH_pkdzOB9BW;;k6d^UE
z=fERNKYpjtC%`Iy5nZ$N)4SJR02`M7`A}_yRFr1Qe)&jLZG_zy6>O`eU-epP15~h_
zLZz9M-+$8pNhw6P^jNCjOCukJI2YnvR6Tu`{y48u!d^IgifV=s7ml66Syni_3a3>W
zvh>%#dSlpZ`BOcOn7vui)2QWH1*eQz{%TWC<A6$I)*6i=w93{hiLY#^vZ2ZjDv7To
zzOuin%M%-_x-#ip)j_J06I)c>kuXEm&4}z*maIBRb#h{cs`C=7RNahp71G^DmmS@1
zrmbO{$r^31)BkOmV5bUYZe(+Ga%Ev{3T19&Z(?c+b97;Hba--QW(qMmIW;vk3MC~)
GPeuyxa|`|e

literal 0
HcmV?d00001

diff --git a/docs/PSA_Crypto_API_Reference.pdf b/docs/PSA_Crypto_API_Reference.pdf
new file mode 100644
index 0000000000000000000000000000000000000000..23154711c475e98c85083a19e5afa4cb051127c1
GIT binary patch
literal 527887
zcmb5VW2|o9vhF)<+qP}noWr(l&tcoPZQFC$wr%UqeeOEh>t?Uq^FMET-rke`p(QQ7
zo?q2d)kqaY#Aq4mSfNN~7l&7&m<SjM><lfTczB@be|gxO5YWpTS}Hr+K+($)FfuSe
z(TiC)Iyn<?FmXcB%b3`jIhzwOva+%h{IB1Cy|s2WaU`G@vo>%x5iv2cGd6+Z<AZW?
zb~G`tfpTBp($JE}7Dw@YsZAR_%s043r;HG>7OK)0SY@dgl9rk$vy4<^P<ng$ib0<C
z?6UH5T~pAcjACzedZRNlGo7I#3`Q1%qECV%f;71!4^~yAAZ{9tMFoSkUvZ~Zu$vR1
zHW0=#r_Fj0;@&evS%=1-We+DHg~ej!!bH?T8ZlhW3xZ6O5Hnz?bCpvM-YEh{6V|c{
zc6p7~RR_4If($swMv6fIA<hB>0dU5kZzs5wFE(c6XV_bz&Tqa07FY`Tz7ZGzz)<ik
z3<h__uOi4|wD2c%0pj?DnH~TkPz8elP$2jLF-Ep3xH!Pk6ss^%$V-r69vGH~rbt3b
z^CS<JG>fmSb<iY`%sL(pvV~(y1$o2+Kvf<bov|1K#rV7TF%OgAx6A;g<L@x6M}>$q
zVLVXwtObL!6eoSbD{TUe-Ee3~;zVl5G=jQYBoY+P!fKLo2gJEFnpOnSe*7DTd?3mj
z)+G>acT42p*a#TKHhY6S8c2w66l*9Xbrf$Xs2-(F5ZE**InV<K=(GSy3<O<J@sR$i
zT_mhQ+BD2@Lv0Xtg<EQpeYn8_5Kd70x!K=!G+03qKpUr|w*5_~luWytQ5Z1!faD~@
z5<#e%N^!db7ybcGk_*~(bY~K+JePC7g!$q_?CCi-)$A!e641Yk%gVuW#N=5qFja&S
z@s%vu-QSchWrw%-yxGvbi0>}%A3`sNOKa&Do$k(;cGrR-@%;9Lq{_?M;#B8vf+9Fk
z@ypwa_vNYhs#~y>9fqq@UcP;GGaru^j`k-$&x6-Ft|C(aY;)|4OD>d8m;6I{=0lGp
zw4F(cGbPSUmAFs%3ihGZ=-C!no+PKvCG6abz&A`YFfvR-HcDv8%`P6+p659CRZ}<5
z>1~@2d-dtjU~Jb8EE{oJB;ht_M$=BZrWw%=^7hG>FEcuI96NVj&mCRP|EyQ^qw2BB
zF5D_?ZGLwMb^dnO2|zq3lc)h58$EtzpFE>>>!5q28m*qNH@g^$is;mSWR>;%l?V8V
z^{sToUd6pabAmJg`Yiwc709?<t-4dk?F8oSXIFpKzDngpc75Ru>m7Bvm7nihF;@v~
zTn)`*(1aS~!91(vk59So(yoln!(D7BHT-RPil^W(G7PD=#qK_(BUZVjtPA`6cAgg%
zYC9qPGIEgRcEIjY`k~5v?X6_Qy(gLK^{j}gwUAPM7I+m`Nv=&Zj{gA0GdYFr6nn7b
zzinU1$jpCo28G*d!&>KKZr?X4pMFHosutV!P!$zrB|Y*acuecYd0=+uqw6-?Y1c!m
zvID-v2)@^}mtJk?Hd%<<*sJk*!yNI|wa}_Su|UwYM8JazyIfJ3E~hmcYjZYQD&&_?
z3%EoQJgKa8d{)kod(6FtS;%31cS*f=)<*b&x_9C|gS#?KxODF}<|(_}L`kxF<z0-I
zerw^2hkdjK58Zw)r~O3il<oLL=vE;|Q{BpJ!c~8LB;cxz%WP?@noa(O#(L0MC=}9y
zEc^kCsXDPriLP?;45LFH(w)^W=l+CyTvRda{&@RPe4mZ+?D)7|@AT-~_bVTHMK?x$
zY2u=2Pf}Y$NsT+YO$D`m(AFP^Tk+<|U8NhcXCim=rTL|Iq#g>hL=HweMscY?i8lt^
z+o*%t<5wGET50<G;uJnU8xw_`&o&D|XEoob^|<TtEtDIf)`ytm#Jl$Q1thyxMZHb2
zL$XKLL}Kp4lB#U_DD+uRZcX-jiv2d$riMhXmb8ms?RT6X<U~a(=JpQe%?i%Gnd@H9
zLcw17T5{4h;?{9FS@G2KV#!-CY4KD|QPWvk(zNb%jAiC6AN|Wy*W<@0$XAQULk%4L
z3D0oVn|<7rcT%qg9@~tvypSyPjEJe4=ccnv>`!PCjq-St$~aGt6n|KUjr0~@+&d<C
zBdzf1I+61hBHY`-blsaxQ|nOpS~4O#F7y6XTK4@k@8O;h=KCy~k2}G;#@<E1TCxQj
zF7p(2A8YqWHK~3Dyvf2R_FCPuC(9vWFCfK1=K8%X{NV=J=JRE(hs3iR@DM9$J=!<0
z5rM%ql!>kJzxeR?>A%>+#K8OyDa674-xOkIVEv~Q8rGDx!)8b5zEHbO)3#1v9)u@=
zh+B_QUX1~jmc1A#MdN)`!e9UX=~+WdG9IOMOK}8@<nH9o^0|Rc6;_Pl<GLx3kAV!m
z6dGaNRg!oG5ij2#ixD1D%u*Ps=b$`S){(o7oI}-9V@#+V;*hT~eH9&ob{8Un4+Isn
zCrkkf)FH?cMM5Vjmv<oacq*qu;bC$NBJ@Bdw}y(iW1#0S5>=eju~!Kcol}2TNcY@t
zAV?wMk-n7_%<d<>@bS^D3ClvLWXehwqveoZQv~o&<ApKF{j2<6lMF1DXyOIxj{b^^
zrCfhNTcw<T8ES|Q8N&M;`nTxft2Y4C@l<+Z{DA~Xi{Qfqatd-n9hK}~0WuO&!$n6R
zIUOTCLG^IlkJOcv17aaNlqFM`m4H|ytV4yA3N|1q4%j>bq4Fb#-vXrb*d;8Y_b5Rn
z^pk8Ryp<2qMkpXR1rY&5UXg@M)$iBGV67mbLp7He)2G^%9n*idCoyLDn4|{Us2U8)
z(~N<PkMExZoF3CRm1GE*0P2WC8-&tPxu~iTGD^*-f)T07h$|ANBVb~o66{04q@kiG
z3>2M#zyzV2lCj4S4-14zDSF>6GA@fL;uH{bGp_q(47TR9guDol$YmfFavp?<StXH1
z{Hj9t8&K5p-jV@EOu)Df&7R1(E(Ize52efO5Q{QM#r^3zn|rHmVPf>Ekek=d&iChm
z{OjZBgx}Za^D0RGlq4tUcDdWH*YiPub1xA;j(Yi61lv;8TGf0i(5!Z}nGM^9PbL-k
z$knlW>gf9j+Ge_mbLYux1Dq|RZ=_#8_vxc*%7+}B$$@}7G`2dO!~1+_oGhyg;l%A~
z`{}#;A|-03ddJnU@y2DLAlD@U1zEB_G3!>h+1UGXC|!nQK`86tX_72!E#_h4*k{*$
zuIfSVa5$(7Mx0Nl-R^vcg>AvU*NS&0M^-s^<ERtOXv<SB+m^gnPP9TYo=Yj-F5|$4
z*sb}-e)+w6qpaH;DeWZq^u#fjhCktBVv&mz1UZx;Vek?PzYx+H2l8EV>ZU3+US{kp
zY|IRDhU}FGsmCTCX*ft*jOfRi!{>!ap6t+q<9_WTK23J)!T#{U?AcI=uW4GZ+3o3D
z<7Yy(i%!$YNqxUHTc$GH!UweEB-F(7{G}MQg;venb-ZMc^aHdb)AjA$K81}5maIe=
z`s4B?rU3GBcA&>1mHuQ*mh6xP=k3|v@^$u}!E#u_+K|f`w$3Idll+7IhodSJD!Vyi
zXh=#ocj<U-CDSGo8&0=Nmi)okut(p=;l<@<WANtaLhf}9gdZRG`@4H$@aAL!E$Ej_
z)P()W1sl=~9Qai#xtIP2^UQ)ysND3@Q2X~ymd#R-8NIUm9@CM8b1tu8#J5i=RDY2W
zM+{UZrW2Jo@;&H9nx7u;y0QQnQB&NQtzprZSEmlnb<p1(@)mhrxJcmIi-hdK0spRv
zc&x~kxm|GBov@W%g5=NKJu$ew8th4nOFbaSW!<lY^uUere%4Q2Bh^AnxkQhf!8<{c
z85?Abr^ot6k`3CgM9O$jg-C~>tsbDSItcMiM`TmfQpg{@!3|5}7^~-u+NO*%-cLun
z@3Q*2tN*z2Yz6h6Yl)cZj7gB~LPL4S$NJPgi-a_k7sY?Pc=HQclcnUBL*xoqL%z!a
z?T7xj-57+8h^+ltkuckyzf=)C*Fja^+i8Bx%lZbrQBZvPpGwTa!1523n3MItm6(N{
z>7Od`RECxvia0{>&WqY3aTkqG`FUheT$mj}AAz1koIB)kf=WPiK=?rKOgUoB*4=t1
zZ+13oLTl@m@|IH%mrr`V3>${k7@07j-kLi)ET<U{y0@1w9{y+u5nme`?!Go-JmN|9
zcu);rn)YQ752hJ3*Sm2R@mY2>G@wp^FloO0?TEvOzJGLNn;aolDy?U508}Bm#zD0x
zjEIM{hmgpKmk^BYiBCL+IjNW%TK#hVesnCNV_LL4ocio3^bnH1clar4H6&djDHyW%
zEpmi05NA|ijz7^z_*xJ}+jx3h9J17QP!<F#TRz98kVICPd;%GWQVY;;UCuCD^Jx+z
z$w=q8-Ax|^?ZZIpe1=UIartLC&4N7z28{c$pvC&;5aIw#T}A+M>pSTXkPthX-!RE@
zfawN0&QSvH=zt+mg$Ybl_OXFOVLtkXujq+UfWSrtOa_}|$27F#L$=1Ja?6nvp-}T9
z_6#2F=r}TXAq+S&Bn7+rL_&Wbv=b20P=Lik0x1cxqu?mL+LL5kW+&_!wB}&Io!AL*
zCh^!9aVD9RG2l$=!}jz|(?;SF3SE%jK#u_sQk~qOInpA3#jP10>E?k(H`P({Nl3E<
zlQi4cAskZ;_9F#D!=;S*4%pWjAHt7|1<yglaaoZ<pcQ}(!@y@hA%$S)EjJs;ZP1a{
zA+jEl?3+$Al@Ucbv%Pb8yw37)u))L8$<a*)>Nwq8w7T6t>|Hv#I`9=+q`g}>zf2X1
zCwke{d*4dhRX39i|BA?Ct!<_VPTZ$u8GE6oj45{CWHqAv^TJH|T;$%k>Rmuv%d&gE
z9s_qTRLi@vZ{haji<@e<e}7<qWjPTa&~?2|Wg&zti;;QUro_iOUW#~Bi+h#~=4^|r
zlHiC;X_wpt&6B*J`n|s1e&m~cSs%_DGuTrqz@6#F$r@i$oe*>6XlpogP={|mF+R`f
zSn+X{SKY#Lm+bJGbE>f#-K0Dkcc~CUHxx5?`%ApT(xZyjF6l;eXZ(#*W8yL+ZL1{>
z{dr%CU<c%|6||}D>K9NjS)M((05(4(5^MbeZey%-2#M_<Fgt4O%z7R+!4Vt5m?Im@
z0lAF<KCCYI6SBN6+PvujVVj)XoKnkU$sdO@Z2Q)P9+tUOo4MZQG+|y7J*u;N?28^a
zCk_@=k6UFGyt{JCDZFNkccp%D-H$a^6Z0aoI$;xjoZHV_ALK!aSe?LV&8rVFxE7oY
zCYE`p&3L%`i}?t@s%+|)cNtl87NT_tzp_7@B7d|<ajh~VWG{(%)0eXKKQew_`+_GI
zm4`PS8(8nfB1spCf1M;`e`{_kPgcs!d{A=C&XThm(J`oAi*`?yV!wBy=oP&Z40~1k
zXv16?>q<C~4YO17S)I0{q$+*ZG^amv)ZS6ZYykwE%{#0idaFRHVP5&ZNk_<6oY*C=
zKz<2p)Ntu6Lp}?Gen9o(vy7TWPCZn)o&U_us${5K{n_ejwcuay@1<w+Q_Vin{3yy_
zAs@&Xm#VBT$%Nfr%A6!$m)Xjm**bcy&FE`?&^tdl3$WEI?L2wt;c~0ts@ZXmq=rRk
zK6?pNUH|ayp=aGee^`4Yew?{TjPmQkuB!yT6$Y$O+wR3;*rB3hui%AQ!ecA>ij*sJ
z>##SK)|&buE6NZ0CHPw2`)P;#QRq=(b!5bkpKGVXWmCnIluWH|R^jZ#tf*4^YZBG0
zUwfe$k|py7z{*ugw;S|s#uMoFJUi5G+fKJ^z45!GjpotF?|%CFwQkoX6ttF`CZroL
z>$wnK^>cJMhEH!sk6i9N>{EfL7qwvT2XXKs23glF%NoP9_NQXO6dsnepg!Dp!T;o@
zFqwe|B}6=ka~X44hr3EROc-%L45HRfo$iDB`><X>sa?r;p50jYC1f(%Zmg9@aLe<L
zU#+{cu7XZ`#u=Pm`ZutN4%q(x1P0sRB>bNlNE{sh1`H;~e+rB(&7Hpn5`yoGUVZF1
z^yST3e1U{wVpEwcGU_4)Dm@5}04&BZ0_BfSZ+j3geOl+nAXuqVn%2zKwC|3$8@Ca)
zqF1rXqNGP8G__S!#0V8OPK}%gRGSzo%$`&POr?2qL72xfg=?E#w_$-~lOU!r6CtHh
z^`yQDjuE(7@*SENN2yF40i7WN5m*t7h4l$57{eU4NgJj+OhUE@{%@Laa!M=G7;sg)
zT}Xfn10n=1MnplIBw1j}%pmne43b!XMLDBE3|_E9az?PDD&WO51_GMcDsALA8n7sp
zTQ0`<0>`5MG>LW+N<gwypktE4uH~>mn=V%iBxM05odEF$>Rn{&8xu|~7!VBNLBW>Y
zvaTW$Cc=}+h$dCOeqo4nOk_w+(5nFv1du>j$PQ4eBecrhF=4#QfKXkKt2muVz@bP@
z+juCH0HQH;hz|smfn!Kuk>etAW9()^dX%V=bYdkza7UsX>vNJ}1`>NjMBoIRe&P&7
z15OkWNtzc}_8bHh5~D-3XJ!d{K|v7EUvIl{z5(v9gB1k2JQ55MASjSz5sN%-Lx5mV
zMDn&m3J6LBU_vC+GWq(JM1zqiL{vl4{Va?Ow@AsqA`;9X5<%$wwG0D~6c`L5Aq555
z#u)$p0Z!x-a7T|R#APe^Gi-tc1>o50F-<fO2@1-=?d20N6Z7<8R%d7Oc$KucEj`yZ
zcBilVmgh{?^8M*O+dDeD^q#N-{Y)=Ce|s2D^btq&YpQL2Hf$LR;<5A*o9ubktU)(C
zHiW}!b&w4*VpL{KjlA}2{Mabygk(Z~(3mVw8+1*9dmmlm!4(-_R%!sIh#uU|jt%U(
z<_LXD7-UhFAIgfJ2&|k6^eW=fPS$E}Jm>t-oc7(y!hZ26x8$u=n4qr8T=Blr9MPP1
z062LY#Fb5#A&&=oykXb>v~SJyquR?oJ}~IuDWwg$PUNHG-_c9iz&+&UKfxBCIGJ&(
zSVz7p7}`2~>OybD4e8_<+A(gT4O(-|%f0rLL}%F6<ebQ_)dam?WK$a)+ur5=McJv{
z=w|3T+@<cFlqr6ZoCY6x%|CP*=8;W)X|j`f*_rc0=k@*P<MMD$x97v`!2v^0Yhr~D
zXQy|#Yl>Pg=>dDE(tt*XR{F)BX2(p>O$xJ?ylX1sdtT7P|3;t%bhO+1Rwrpx`lEnv
zRqHgQC%C49xu<X%hI1GFMDO`{2VPjOiNDr~YR1VF|B2#JSXBLFC9!|~7b{2oO{5gg
zo2bb*#vv2!d4b5^l5~TL#tySrp7+o1m<dtXd5@V+fh~AM8_N^ntr_sI9WMOy3vYAd
zlLxKm%j4LUm-X+XTtb)VjteXsPo2V^4l&}3b;;++htUhK#)P+2?z@#=9OpImkIH{<
zmG&$R11{rpZTu<x9MP{T0q;;4(KPxxtEspe(2W(4ZJI#WIUu&bPAYLq@H%UUuW!P;
zLA`$QJuEnY2+{i6%LD06FqheQRrpRx>eMZap`8$rw|%X>j9@N&zdFylS>u|zX_>yS
z7cKfA70cQrD!ou9rR4HvDkmuGZ6v<0=WuTaH8vn?Td~S*ky~i``r4|q%K1zwVy)q9
z<qt(b)%UeD*Il`<KHP7tzIB{8-a0mSZF;&_msvxT>Pe5smNxx~pj{QFeP+P(lCRfY
z07kdM9C2aB`8YMv+!PH*-@7@Un)y@s)Bxh)Ub$jk`64M<QG2m_jhxEf{P#wj%HDmk
z+fx%L?uxq=JE)n7a7~B)smwySxe|0cMrNGGKz%ORR!hDY&pXb5cE!EabH4LO&1X0{
z`y&GtZ><W3n1?oZ2b}2A3i2ZvQP*Vaq-Q!r+?8#x3?~(cjvJx0^;>vuWrO7hxcjNg
z=6|X`2LszbRDVvE|5krij(=P(Y-wuQA^*Sa195kUW8ZiLBw6!_bp@0G;mR(K{-83_
zaKlix&v#$u=$Y$PtD8wMWpv1q1LoF;>>F)U_UBE8X&!hP>0?l{1TAkWvgXlJQ!HU!
zj*^8ov*~?hD4KpIN)3j)P6NW*_|z0gL>Lf%$nv_teHrtZGpYQ-y3~1@RT76&^XM3}
z0b%%BP_8@eEK(01b!_J*91ojx6hbMWL?r2M|C&F-h6N2wQY?w8g185>4y&{7WZf#0
zTK&dhV|m?3zYnSfN7Le4Qz(;30CAyz#W0(|usB0y1HfjR{_(Ir#ZlH35<W4&j3K0-
zom0Oim4QgYduVEMJ?u8Y!WIO&sQ8`Vm(JFAcqfXDPg+;^u*%Rkq`Nn}o4%*i2!M@g
zi_4XO30VoYIz~|}h8RA#O4BC>MugUv<sg(-IO`t|)W%FGiNjSV3*e>tI}YHz3ZM<(
zy9%fT0H`{}8>KIAm`MVt5ltJErY=6|w~=)aHbFBW1dzGCwkYJM5P%#&pq$|c09dvZ
z(jd+xBb5GZIzXtu<1|$tVBj>c6hPqgAbUXy-71B{T)%xsxUM+?V4!ZFCgFRo6w<0<
zFhc}%7oY<mjOT<yStJdY^(hfPkE=5a7YeW@zI7I`1d}GQP{Q0a9~F2bC<8?IFvY7o
zj0{pALCoFUL_N}U$}KlCw*z1cJfUy6eP7-#&PG9WG=e0-oCHO*t+lazq1nvpwpNRq
zyN~14Gu&$8+Lp#AJ8!O@u3q#LN7T|PpUF&aY)%%H+1*aI<0>iJ!79i(<@wrbmgCgH
ziLAA0eL6|Kf<@@Vs`h+PY<>F3aSN}N*uIBW*0Rs{3(6oq-|zwvOAT7|ho$+o`GD8D
zft<2e9s)!^J0U{-o=vje?A(KPD|LbnQV41Gb}PFjS~hZ%SHPmRv+M&J^-n>)Sn%*_
z5Di!1a5N|TS)=igq?fh9B*-`E6CB%z)WnF9qUq7`#r|pFrWtwA(Tpv|)Tf5+#zb?=
z)rzjFIsL{uPW*H<(aP4jFF|#Uqwk7)zu>f;<G4KTHV0*BS5!v?>)O;#=4uydss@N%
zDLHRccHC<n?RRiWS4lm~Q>ibI3Mj&o>W_GX4RXZ~Ep<f%>eAGoj3I79S#nu@-l*=<
z`sTNa8gCLBM+CGt2^!G$);8bAMncu|(I~jjB<?XDd9{<PWGfZfX(z$L#4h{o7tv4*
zbfMMpLmDV;32(P?4HQx{Mh4DOl1_OJRdSMX>OTXu7D9hUZw#Geu&e3bd81JWk^=Sr
z0Huv??Gw*Gus+2=tSEY&XLkL@J*0-em}||igxclSX%tbMLW(WdaDjBOLX|~PVYy3-
zV1qb2xX?jYVudJQr<%tMr`Pn=g_VU5C~1Yda{9*bmUKDmIq#Xj$xWxnJN{;#s>Pi8
zA|5yO(Wox69MA5yN<txi+uCA1Y>R2`=p5lw+21i&?GXK3&v8lP|L86frN4h0y%LpX
z{VYPL#0hFX9AJbP=Fa#5j_xMf&J5iTM6K)@tEKpeCQWGn=+;qDCz8G(_wY|YUV0vE
zebQAq>UK$uotiO@)IewDbgnnwo{6pLD|UMep)gX0E=emAJeD^yds~f*R0<*k7fjp;
zaFu-Aa^CYwdjhv{=SOJ40@1R8ezsYG&iDM~i9n?jZ24_ock-5*C;9F6+vBUbK6f&z
zEjP8h^hrFVnEUeN&*a>EIe|r4cDHN_4^@qaz-IGjbwo{A#Z5#T8C?pqBDb*KVLY!+
zXcg0}${er4(-!arz!Ipq%HuP6HH{$dLb+PeDr>qcV<iEjN|5k4tiX*mLn?~L*AIlL
z4$7pbJ_9<()Z>MYu(Kl0g};M#<WUQG6`LUU4@Y~tyxpiNYP3aVhrDm^qw;T?_L;zX
z+0>adyK}6o)NH>Ky9F|8mPu9L!&^2z$5e2m6s*kARSR9e42T@tNsKyG|87_M1<`Jk
z^zF*p-i&?kmdD7PmKH1DfQF^2RQ+V62C^O5l~L<a`JPKDQ1t?bi9O5C+4TbZtqZ?9
zM%_1^d9pA)@*-<DiM1^lN+nHOB@MoqkR|>I@A2dvEcqXRR>rUY;ASy0urvG{pZ?Xp
zW@2Ice~S--|8x5~IIdo9hyf<#g)ey2*}P79o`o2KBOEeZ3Z_qCzDW(YsWc(+bR%)m
z4H-Dn=*zLkn{faDq7&wa(=PM!+@B^cAw@!X0hmx~0IP{eBNM~rmMVvDWA=nJ!ebn|
zcv!8f1Z`$J+fYC=%HZhK)Zv5C9bGQ+<WQD!Fgvm_z8-Io=P<}nvY7W8`PI8So68oi
zU1(2Pqj%8TAX@o$f^42Ex0gNEI(FV%%jP*bC7Dq{fmZf&*!0JdF}5Jo0V{3k?!iX_
zheC?Fc}YRLkS6|he_B4LG=SgB$69K0XA1JO5zcp?z*a^n-QADPXUDkLEXA<we`5ac
zKK?uB|MwUG=fAe`AM7Kuf`l4_g8d0opCB-R5e4Ype^`W(@!w|={<R4E|E?7O!6H{0
z6SnIDC|eJxjZNq|(;xNDQIa|aQBj3ZbAN<(f2l&|rAb`vtbm0A2%C=y6G1}r;KBB!
zI$ftbfeY-S3+y)dUyDn)yJ*3tMn@Li6^oJ*fG8C~NYwa?C_n-R%_<l|CNN^CZ(Dba
zl|&AFr+a&a{nBM@t0r5L_0|Yh5)h;XsU{-am4L#WuOwJ?Wf&QQGCSy$H02hdqE3rp
z#&)`xQ8n&M3&^T;RN`;fWPLE`j-N3|67om2hX~fLd^c#5p>fZ4#|FXR08)lthdc3R
z4XgI=?Y}e%9ns7KCf!H~3&dQ6;V{|bsC5yt%yv&SP{biden(1=YnEZVZ+S4Rr$#Tn
z(;%-cL4JqHF8gq-b)Nqd>xBG`ls?-mgExPz9Bz7VO;t;a_U)}~;FTfo#MaSCxv_2^
zKT`ruN~}kO*^(k-&zx&~5hcesBlZR#G-m$fF`~ixSMmzxijChw<W;Xn)obObJ9tzs
z8@dkDm8@AChwC=84>~3_7&~ay+LC9cq~LL)Fu3h%g}sRrEtQnBSJMbCZg{ZGR(`fr
zfJ2!)kKO4<QG`j)@Cs5ZOf}UX4AZ__q+1%#@7Za|8bvKx@Jb#}tjI&lT{r?8J{=ne
zY0Guq4Al?i9rR;v+im#8AI>HDYF1o0KVGr#Y+gAuKHNEQwx+K=d{;r_>zvDH%?=%V
z^%7xwub(#;V-G0g=r>K*r8kGz*Yl6@2fbnwHkF*YVRV``eY40Elb(fIx7d6O;~$gu
zE(&**fqT${_f*JlH%Y>{EGA&r)#?e+3JyDiCSclpS7qNVYH`<KlF7%mkfX$IyxDO^
z;n`o`&PS$hY%lpsK>VLNLu%Rgpn-j7&yrmc-2HbXm1eFwbmJajlkFY3$}kPl#Kcu}
z@IrKY_RBW>y8q;YS-N1joQ5h|I~hMs4dND%M|gkypz>RM0<&Ec)%~XsVP*WEddA85
zuXOsKgh+-?Vul1t$juk3PdNJXGx?T}Bmg8PC^|#=B8g}_Tza#mn3;HK!`sUSg>6!-
zqXbi@uZ#v7(0b0xS*lY9HbNUHgnKr-<Vh=EvVf3D1`3JZZvll2GK2^L<iJBPZR|#k
z7pHqTh9Lq%sUKUPMYzBr*aQy#6^F!WJ=`jJ!rwnOLQ)ivzzZMKPi7#tkL_*%f)ymM
z9pA^i`dLELW#8W5`_nhLzk-@APVQRF8K{7UEy)!o5e}7r3=G3s^3Nfjq+PtyC>Jn>
zRnNr~F^YW=Vn2L#o?V74vV!7|+AsQAe;{hSHjBV6pE=msvA-|7m-#u`N{1PN3yFr9
zV7jjmp^j=yzm9SY&E+4wtaiD}Q9TawmvxpS=is6Fgx=aDzsDSL_-`w^WpxSOQ-%CD
z@(5%p40oWbjB!+|YB~5!-h|3|0h(Y4AQGJq#f14KwM%Jo#`N%?9WVoy?!rb36)~1>
z89=$!5V~N9ny&7~+@6XVAv)h>NF|j9<Y#b-V38Xqizs3(cJ9Gh+l3HZTwz4g1r1?c
zdS*?CT{efBt!j{>;&^Dsk7y_-3P$@?5PTunyq1vq<?=TyGHum%Acu@LTo2kDlI(f7
ze)xlUBl1z2V3gFfWGI*0k&%tPy~b=C=(q3?=k3uJN<XZ7GOA1?JxCjwJn1$y*?j<<
zfz84qJ*Ea76X;l%N=-T{e%X23*6FVIR^8hDSn%m!Kh?RB9@Uokq*$!wSd_+Y;Y~RW
zS;kKvH!hJ6#rqyetryo?ymZ=d1_~uO!p<zvv9&uS$7(g&=6JGCXHVKiz`M0V!{Rs@
zwY)$0I$0M#JTxRk1b2Z<^PjqJFER!R1TXd+uuF2ulgqVaOkOt>&}Uh5(!THK(-rCu
ztx{j(w0a&x#0V+H;mMW6M$#V3Lm*~r<fM)Ui=c-$(5WqWi*z;GXJ`V`H)~Hw^1qI2
z@xq^L9S9bfiRp6L1Iyz}*-*PyR#HBu77wARs%IKtzvqupAAx<Prsw3LHJBGxnR1e$
ziEHe`LGIAn4!2p$dm1-pXuKZ5AVSz0;OG{Z_0}&CSZl(Lo|=(&j7|?$?J;&V7%2t<
z>D1VWU@9Z2M3Qwj^?OhUH3Tu}2}XtZ?v94rmDXGhsXiRJfxW9}_^H&st_co6YKApY
z`F6HCIfbpW*;Q5|oTKVx1H0LQq2F58a(V-9nq%7*g=krV;#0E&r*X+kVF$a&H`)V|
zT0GE9JkMbvBN;S&hNF&P9%h}<vbaQA-RiQ<;E`8eG4<nfUvNwpNXOs3v})m!Fg18^
z4*3BnA5b*>C&l3S_lDm8hAR8NCMW)pVrbcAGN6p^yrK98g}V0`@hk0XXI#{+lvhwS
zRcokNTs2wFx7hJ##FgtWOnF&I4@5#DTx8*o^8FY^^|1=*<7BU%PK8Mk<Rb+DeP9+r
zND&HDK%ii(Qrjb*R2DBuTO~+)L17>xsKDoKb!TQ~hEBw{%(X(OsUi0Hy~iO*4fK_6
zobDs}SDtTE3dB)C`da69fkr8hVOCG~0w8xsE7+{m<bGUq3>LJYREnn<h7hD86#=QC
zEwwO75c;Q)0S_y5v1z1FjUJh^WLZybzQEIgVGtq?8uxi@-THl_eukc0b_@&|4p_cy
zs8_lQP$a>6R*BwhdFxI;Ia-q+5lK@-Jg~{geM|?jr^}cQDq;uhpJFKJx)*@f5=SV}
z!Gq_yW9e7?0ybC|;b1i>X*9?rh(8Rg!StF3HJe6<wu!XRJvY(Ks=ab<woXhsfBTXV
z{`?h_Oa7q3NBwZ-SrAzht_Ag0pyvVs6o3Q5eX`{?;mJuCpl<-aJZmf`Wpoa3jEu>G
zio74U(5|M3$JAt6r-;wQzFAfvZp_MbOz@z>n1nX~phCFY25g&vIdhA08dfDnrfr<_
z9wOlx)l9~rmh85~7Ey<%T*yHa+)?0NGBaVVZQeaAeSs44(NF?UlYv;&MH14HmSfV>
zQIvpsiCRwpNJDYoz~EWqgb(Hac7aVHD4-p^tunF)oR&ceYj9HG%#6#;IP^lb3t<aC
zy>vc;#--(qvhb5HpvM!Z+EGx0*6I`}*-nQOPhzp2m<Oq`SKJjDm!9mZLKj6IJGZT9
zes)@5sg|zm_9s0@mYF9=<=jjqruhlYnrOJ&h(HJILc{hJ^Z3Zspu@?(NE~4i8KH|3
zd+s|bT(!jDl%C-aku*od4);-U0{!G&Tr3NW*Cw0Xv_$x6qZBmJazbk-Q8_i2y~`ua
z{51Pc3v!N-q!3&7C3`=Fgi=4AO@IMTM8%pRzTGw33x1DXO#+~#$tNQr#dk9|zOPT&
zxbJsIjkU<#agEKMowO7X)_({r1_t(jL-GI5<m}%e+W#J%WnyLcSJwQ0u05u-cI;4F
zk$h+L_C{Oa`JN};t)<J5dIf_6B&Y=a!Lj6SL{l>Z6A0#hzI_jzx+Ecjw(2&tNV*z3
zpI;x?pI4c^kc1V`wP6@Jrd^}y&=>`A6j=y4*Pw>O8z7g;RUt&^v;qY#Et`&uYDzl5
z0o_m_V=>Mt)1|~z%9pVZ*c`kvwI?-YgcJ?Ev~ZjM2tp{e@CD;KFwhpniOhu>iz{7e
zK*b<cO3o?TD$J6au=-GPR?NLifF@)d|H2*B4^#+9f`JAb)xNB*Fba?2V-ZeJtregO
zAr&7jPvfiW`*Woc@T*D}jlrVqc1AFJX<|)KrxF}V64t3kt_@3#lw+;Ie_C{D7Tr-P
zAYVLHNlR;$6jYXsG}Zh=Rmaf6rcqkU`*%vx#>TnQauA<@S4BU|$|*||qKYF{WxeVe
zWn?p`{nmOJnR>fJ1XV`naYnYPrA_1nn>kE^4jGhJ91zJMx<TyZ24BU*T9ZiM)NqqN
zQ2YF4q{Y4z2x8nSYKtUrV+T?Dl5`CPXyRgWRUN0fQ}M`iOB+^GcXdrdG_9Bnzg+ak
zWyR_$5sbnTMnqa`b2PD#h0Q^jjVU;@1c^~R&}zhxO+tp0rBlsXVw5N9MMBeBgNk{P
zW2FKX9rl{4hnIdz*rwPbSoV6{<Thf9n4PJ%j1O^5dAa3H6kmhlK5k}OW`l8MdAxO%
zVGVnC%lhB8tNBEjuvLgl5ME-ueqK88%~so<>W8h1pHrPfCHHk`Vys_Q6}<e8O-z^P
z{hj#B!;BYy*M8M&t{$kpQE+Pj7^UVNl|<bIF7>i%mge0^gqvy?zHZl-;}<eDTr~$C
zmJbF>^F}nPIKMA6d-R~}i31PbY>wcnH|A+Ba89A%JI+CIN~YkGIQ2KTId{j{Qd_?-
z+jf1*d&E?ZX1(3;)H4RNd0RWTgxhp)Cv#V)%`h{yE=&j9w3?6Mu-)K6DY~6k_41c6
zwXa>pXmn;tOlFVM=G9&8&x^yuqQk?g1AoK*_uDA=;K7%{@$4Iv*|~4~;`R6&d2DC|
zdQOvXZtU#q=_JsBc|tkMxO&Dj_#i)CMCV{xF05Gh7rZu$1r@c0qUtxHv{Y$BL1cp?
zTi6FMzaKcP2Nmp_UFqKO>}hNM(H5fak!Mg+c~BB!5Kr6KpTObSmGaXIh{s--sNS}w
zxLo+F9GDSKb!&G<?TcMxF_?RplVC^>yS}%JVcrLBaK~<B?XGWu<7QwTXg=8hKfse}
z|5x(CSvnjvTX<j(E}Htz!6ck&QxJSDGT-}qP;5S&m{+?{<eyS$F5Q+OA^Vxl^X<-s
zm6D^8=<cO{J^W?cr^l(@Wv|MO%)*7IxwCN5jQ)!2>YQqMHvCxl74nTuVXtTRujj2y
ztxWmrVihS?k3SHpr0+_4H-amSNojDlPj0w60=J*TH(|#<ilTLRJ_3_ok9S`mE8X|J
z1P*M!z3NRk%2)>{mKF}C_P*a2yFpI5UpCM6zs?q6uX@<9x_L5ac9=6}^u2)rfF7g)
zXgnNn0V*@a#jz=T+NbU@=xN6rk<aBQ@}cXY7eTKBoC#e7J7-x_YucTs{-&%tPFERL
zE83mM>#Qp^?XFWUm2b@F>!;7EANW5UHZQT;xL;;=E>=#Tu0ER(P_=6Cs_<&9dLynz
zS$G3*n%zf*QM~BE-Nh^{bt@ueP76Lg1#mxK$Af3@?&wR?K>1<dYmg5bwBnEmzYmlk
z@mRbOMcnKi<S@9&+T14$#8h*E+DXovWy@-v1RI?Yhg*4)P~dg7iJlb?rRdCk=|IRR
zicP9^Evc?6<-MP}cH7(Il6W<8)C1JWGrZ~Uq{!R>$@Bpl#U;0yx&|N~8g(UuCS^fZ
z_Bl1kbbQbpks|25Sy7qDQEwCYjP&+s_)0DHaQncn`=#<eO$f|N5!2n;;mna1*Hc3d
zQGJt8ZG#pt7?|lc#?&!yFJ#up-4z;i#(E^|zdNGovX-#&-nyy4XASji^qI?_0YTMj
zcG6f_deb3#f*h>R5<{p`m?v7VM5JY~q=un!s0}>CKjez-nS_jHX&9`+>Td?rf7uYC
zPU2nm5*3=lPRS^Qq8QW+*Z?`nF<`qI&CSK3=~JS;b{p#5tS0&hmY<9MF_-89AQ1>(
z#pCEZ3-ci$)tfgLX#gPV+`nAIf%kS!I;Wg7m#_eoK+G(8v&gat@WBrhm*T;SpN=gv
zWJ;r#sZ*`H2|N_WvTNbtC!*c%5n-+hKD%P-QvOp2nEddYMz;xm9r-}iR?ox){dB!m
za@EF-U7Q9}xeMoy<kz)A&Gi8Fhh;aiA$l3~Cg_>ad4MaSTfTF?RZO?srHf%LvKQ`o
zxAIN4=gp#5={EP%cDYqaO?rpvc}Ba{aZP%s>2-$2F%0BK(c~(LRekb=di$`+q*C^-
z^!eun$w3l2ERySFz%DPe949itm1Dw#VFaQUDFdOHK-Mmk9ESl^Nm~$qKWEb&h%Xe;
zdj`1;u!H}XR=tMl2P1qIHusdi)c_j;`f3lV+D1BrR{hs6sBO1D(<tbxy{r|nS_yUg
zC|)M%0p|W!+|64^Br5c`x$A5bka1|My~sH6Uo?}h(rx=eR|zEon)<-<_9ATUh(Glv
z@%F3nEPEh&XupGqy_yTV`fSuvF#uOkBwW7hr0tE(W)}mWP*5Jcej&8=-J@qMU%7>>
zN>gaKLX(%z-GR^}rbt0;`(jE&J>>1T5S>yPooe)<LPECuu=!NX0cS?%&NKN@2_qP<
zQ6>TXCKy7z?9_|?0i);=`JO;~YkyP|yH)G8A=M@O3LbQfCrs?8QUhZ?nWc&U2}tY@
z@gEPMHgrz;-ONhYv~R+M34@<VyI$$g*+^A#=Pn{$<h5&FL6~sZ{&k3{XgmM+d$JF{
z^&<d}Ay<?(M{r$b0!*NZM*-$enQb<)oxrmWhK!p>lB^G-R;OyilD-9C0ZgEaM+wAc
zka$+?6UBKj0m|!=k*dmAqY-Mf6Hh0Xy#|F7dOo6Xjk$bT=3q~WKSR|ei;2D!(jNXs
z8>sx^$VEx?;wd8CS9i}}B<M$N>c#Va$ONLKOF?4}O-C4(lZd=4CV1Aau=+k!jh`5=
z7TU?&Z0IFiC3W{K2=n^aCE;1{Zx@tQhv`{Hu~kY9=hJaHyL`9D`INF<j^_gl%S~Ss
z@B*Anr|DHjv(<8qMyKhNG+FC<Olm1<t9!opP~27ni9mYF)_yP&5^tvok41XY=6)~}
z5^uXGnsKPbIIS)PX}z><{D7mnq;i8+mx5G*S?eN>Tzb;hJ~U<c58z7NF3Nw%ADI|A
z{w;s}--Q_q^FOwxul`O_F8o(v_CWcW#<%$D>oLhxJGG2mABwSn0!WRFgl#C)*TZ|Z
zUa;(15*#VAz(*>l^pchP{hn(y0kH`H0yZ8mt(&C)in1uAu*(M!o`(b^A)D9NrxQ5w
zc+k3?%nb^|C=piU_wve;E0>kd(dnLwk?JjJ{{;p3X$4iBM+DQ=D@#|4&{ngP4FpoI
zy8CgE+WOl8inH+Pi(Ef36;d;}IqT%xl+~ae3gseNfKfP(8nmbnp<37^P6!C|>WNkO
zY|>PP4eOU{+FS&}GsgKlf1gP%amIjdu2X&2ExFjt>!F*tpWk@~taQ2d(M4lbt&dRt
zy3mN>SQ`g{mDmXJSQ%H@C8RM?K$MZAKufrcWjClS*sP&x2;vHOc6D4iM8oVP+!$Nj
z8G^>pWJiolv%rXA7>%JRxH0yaJ&HybC$ZP?xRZ|@mc+0pQ^RP)z1No^Lpj)p%HSlN
zkCI4yx8VWnldZ88=+qzN+{n1L#O0!mzI{dY=PJhqOKTtFh(9q8x1KI)Ir8_D=?9is
zPZUxQeIYDcD)|hHU{Ncvy{`EjEFU}fpC=Fwo%bzs`S{T#ZyL$yjro*nz*=35e7~k1
z>3~<4XT@55OzEiH7@1W}tyj5;T4F8N0!S5LRMWv}iHj=|>m;z%Ie@5VMod|#8u}W#
zlO<Qy;vh1Ol+kK4rc8T>gbROPGM_nTC#wyDM9yi#nQAD0&x!T@J+i=_mzIqm9pQaP
za~Ut;Hjf_vD4WAhZJ@L4CIs083$^xpACj~xRY^xePjp_-TKw?DMBRh|$^AvU0X0^=
zklR{a&~l(dMc%y9lgP-&)}V4yH)?bwSrqSjBd!KgY@Z{jBQ2=YqfN`vz=k89qjcSp
zm@be@%sgG|auG6BA)d`lZdqI(ghZ)scpT}!yo{xlj=D(F$No=S-=F7;&yE#xrQ#b;
zkYf0WkAoR#=8rpjW$^I%w`}}<d5S0ixBnD4|Iq_w=lH(}937{1j=vu08)`=r{p|V1
zd~qbKY$jI~<CXDzOej{U37faIP{&lS-dbAK9eA``W=n`RgBTcewz&9>he=c)3<1Mw
z7Zg|TQ#l9{6(I#gjel?+3Xpn)fWIIEsG8W#0JJteMtW`l`)@`_&eZqw$42_`@fd99
z?{j@0IKa=<z$67EumaJOb7UapuQlx71S&|M*}hJI7^QK{6+1h>6;EE^{)jbSow%mB
zoSGdBQL)SYF9%dwKg^Z*zhZ~h(iK&B#NIg6Zfk;}4X0yojl$WhyNI`G=F@qxGZ$D*
zM~W6WLudN!nc!Pb+IwbtJ_RlnGs@(EZhvl+E??nVQU3`g<UsAjj53M{A_~FAX|{{&
zG{fTLhjTT>0C7qE{NcCK91+?l1GIEGFP17Rte-JDBSN^JIR}5{qVMvUrJRu+%IkqH
z!?R8)gpB$n1d!U2f3F+w$pAcVtKYFoP>g7#QA!!nu?*W_<Tqe>ToWzfegr}{^bD<7
zQ5si`3O&|YAqi^MclHknw&nSmye#M(32FsRft?=&E;j?CpjbIl8JbqGm~n-5VXw_E
zSxzx+TxuxY!2RE7RQJ-McC3)Se^^XO>-=mpQ7{7&@>R=3$7jRDrdfI#z4BcJbZ6kS
z$$8wm1#deHiHkL-@}%qGGE$&}QsiVP*;<6&>S9Xon%78ESh7@{d&5#Q$4z@QQ(RG^
z@T3)OHlNrPP9#noV}!D_%Y*8BGJ_H`*UnX2+ZlI0>mk@lj|i)t(sJy+&QY_BFvS%y
zwyZKV2YS+iupQFLlh1=s3eoIK+yaerE7+hgpl!QYn`uT&3qZ9n)n!r=HL@TC5i3Z~
z;;S#s&|x*$$^Y7+zYL_5#wCW<!r2qwWO=57IC~<Q?$p&Rn8l*HclpAwQ6&?joPT^V
zi)DIsfJl$%wJ)snrcKPdyq4^+c5H0b!jHTmeq@SFE7|c8#ovRaTMa4raF=Z38a`AQ
z`rll#+n{K7GfVA<C9)CJmjGyZ0bG54IP*Q3V{-=5aI;ZLSvV~P5|7NM_q!KiP9`pb
z?1a>~TScjwTxclkW1xvF0OC&wrqN+n+6l-Tr#Wqmy*#q7bZQ@=a!1`v7AEBKr}<lh
zcP}C3ILruNBhh{7c0ud+Vs&4)NapEi2R{)B8?yN4u(Xh}N&Zx5@$;DZy0Pnx5_|22
z#B4m!hYG&QtIccPnRxa8;*}VpEn{u#HxlU#%>W@u(QgmUzz7w>SDFlT$J~))<5qdi
zLUttIGWYgLJ7csA*FzJ3g*Q+9J@}tAg5%$(QvU^4PNx4GxK22(GoXaL@C2ur`d4%w
znqa{Y%KkQFx5+T(LBTnvY&9&k+3sOVgLxGqkX=V=1OR3e^8R+2_M3+A2NcND^}I;h
zUMvHG%J|FHO`!k9)<gk+{{?Wh5%^y3gDjvB43eS6olHN^O-nA-h5AA#(g{i*dIO)o
zaAgQmQa}XrESz701@iH^Mj?=p1@)b-#Q_|lJd8SD5!O%LPF3Kk9_DBi<k2V3p<q)Z
zi@*%frX&CjG3QhP<0OeoqE1U6Fy9cr=DwK!(#Kz-ZMAg4LSOdonAibSLp4zXPNB|<
zYzFr8cbnmFGVOzzKKMy8E{R1I%GVSXW}Z`@I+!-ukZeFqKmmf92)QrcI!~fxQqtxy
z5uJyb88Tu&pF+VH`abu2TS+Ujs0lzy&!cnREY~4ZGzikI4Ws(o-m_4WQoPMaxd07@
zWV$ZZ-RY!N3;QMJGT({qaZrc-p6GytYVz1zW_gm2o+pZTiZhKcDwPGM^P;6O_*_ux
z<;I2i-tEOMLrCU)qsWWBi1XB--rd~kU`Mwwnp{c2FX2i(-oQEz*To>*vJyu8)pw@w
zCxUV@iew0H(r$V_cGfjCa9l=j1eX7k>(Ahy<|mKhvE?9fd~jEEXK>w~PZ_5jQZl#Q
zVYY|+QQx%C2qe|tLk-X}J(#AqX|EK7phaY=WuTo$P*Jy5%Q=5oS+fMo$G9fKh|xCP
z)l8**q1Bil?F#>_K!3%jikMSrgJ3`G!;MdNsssrjr;l&a9m7#F<*CqLz6;mlV=K^~
z4v%|h90@ja8-nj*`;!wzrFoTwJ$kgVXVNh05sNt6ZcM*P2SbH3O>9}^z+d~WVR2e5
z(v&*bw%b%1v0s)YW^MR<_7Y#iRY<Xx;8SQfO~+)7q$h7EY?R_OK_g~}9~zbJsoPe1
zWEl#fY*;}hU$Q!y$MDjkK{kofXigNqUDc~>B-$o8Xk=Zh^DW`L;dL0zRIjPDVRsr;
zR!miTrRfL%qLwNo!HyWUQE&{1Xumx{CD8?^I)J+0gf3tkHe7o7@<$I6>_FPPS75UJ
z5RU8=WJ3$5a$trd-Nzp>X>h63!HXCoADonOWKtx_!C51(*?P6+-6=`pg&8p>M<;_9
z9a3(VT8T5ZF*`t_YM3x>IojsZIhN`#ptX`QQ<zTY6UrCQ+G*}!e>UB+$E@hBVlk*p
z9E<$yz(19=lxLEYyJI&X0qy$_!Or;q3HJYACzk2I4=ph<GydZl^zKX@E8}*=zg<&m
z=k(38Vk#BM00RU5G?KW!I%c;)?a6621BliB=f2~e6Iz$l6>jN$v@<9Stx=zfX|EzK
z(xnBi=9Ubpie|-%YOO%zDbwf_EItw8geU`8+3Y1O-st-2{$A(}NuZDQ(q;}7vTni3
zba`%h5|v^Xyvxp-2m5A?s{|$_R8*@ekzadxmXbr3Xs@D5lR}j785$~KIHLBjHgVJw
zLP#qOG%SqGCUeLSEaQPlky|8t3HH{GE+jcl+3d>PTfX$={rSyQ*S(B2bCiF(`t44Z
z+12#+S~gKGcpas;9X_&-=YiXa4At`D3CkDdP9l{)Tv7=&uFZ<bI2%4NvYLz6Mvp-?
zOwi69_Z>ToiBk1BS)}DP(;)=7!y~pz^X-fBa@{mf7z1)spL=x=Rc&Bg1rtjAUgum@
zddCtzxA#2Cxr3e%a^gpZ)fr%Wrn6QVV#Ke5>UpfyDi8(?%N|*#`3`}q(hFQbw35h!
z`n0l6Pk_leCCdiY@usbe<S<uRF3~XB$pIK;7vGVX1(Ik+Y(vyc5h$C`Djam{%k8&H
z@7h!j+NR8{#=OcY)2Qyo?2^X3qk~PWQv}vilfQ^8Wd^aD6qnm8{jkJBmo-f28tbiB
z>^ix$5N6M5>nRAla3nt7Cu2g($y)Rla>7W1Rw$|oMDf$>dF7)3MwT$}>uazZMx({G
zOgY5bmR)3d)c+nyxt&e9a}4~=YWBRzcINuF5NLzjIFJvkL*6GKb;e$+yM?p;b&)&j
z{QCU-e0_I(`#d2Zd+}PEYxm>e^m={$eRA;i5kR8Ihx6_II<fch;)1)0<ICggDRV<e
zwXu+|!b~?vqcLu%evdF>u~VW}JHKbc^?7!^rNi|Z_kDYNME>FbcG9`A$z&FAhQGkR
zv$=cXnP99W2Cf)N5|o4X$3z$@89<V&!Gx1`ts(I--a=dnHf~Y#nymaJVim=rU9wXf
z2~?sWfp)Q6xy3`c&3J2WXk}%Q?0uAlvH)_X7)A8Aow+4o1{ZOkY@%s1W;o(5b^?ij
z689IYq=XKe(>@n=28#f)qoQ7h=SbB`TtN#_7q|qKiztV3FdEKE1VritYxIScAqlaT
zjD0qy6))atHLfHeCXN*wNSow99HC@Ao5<@?1_wbfa{{6%nuzjLl>NRc!X9=8kRt~%
z=2LMvtztnhia~QeB|-QCK~P(?&P>Za;p7OFXM4$S61g$47O4^qr}}lkg}c=`l(?b#
zZQ&?pC4W<`5oP3|*N~FmG%=tY-vzl`WN0)a^&w(WcIHrH`(;rG2g~xz@>&f>Lblu)
zK=T|_ibEVMj7O%!)+gN<@Dd0A4`uHdC42L13Ab(Ar)}G|ZQI?aZQHhO+qUh~wsE@q
z?W=X~yz{J?|J1KO#LD_mwX!lYBX;cAiTYMn;}gJ2g~~t-f0k+mHFii|yNB)$si|2%
zAcA<9YGn!Nj&mknQtTK0l(ih!La-5s5;qbb-64Sm3>v9&3~>u9(kpRLdt-~Ax_+T@
zUnog?CWcdug;|`ByT3G;`Ozt77mE-NXXoRV4R;gM%UuHB+g;0s|LxPo;RPQ%x;Y9?
z)fBp(`8Twa?j<({o=mvz>!tN@HkZ%m_luO~Z)&AFKSmGvhqSg-HvF6YA?Dk&zsnZz
zZC^x;q*j3GN`>fl%64&VYuMA+2e40~FCm`S*Y0g6`#GUnu&r3OEL)Zx%g&W&9wis)
zHD(<-XE~*wIoIwvJlHNAY_d6g+H6f7QQV=ZgD%0IVpZjHfBI4Bv42l_J++f67Z`~t
z^;vIKR-fls3{0uHGD`?+o@(S+C{B4b6;kN4s!n-DVyXY(NHjdK!X_vLl^%)ceMl#n
zV(B2J(5K}Uswb1kl&=C6WJqm-940}CfNkdMl$HicU(=W;MM~r+83}Im#%+ikB0&m&
zig}vg{r9mS42;7mHC%!K`OwhM#FmL6+}N;;)$@-HIcdCnlvd8BxHM2a##2giOMDs#
z5d#((OmpNAGeS56Slt{i(xNyCtCXni#xFxG@u5rTa!vQlFbe|2!-#kO4_3rQaUxTW
z@)aAR5`W=Kn9<+<X`(<3&WqF^{L;k!7#)@CFPEA8(!f8>_dbJri=+sP;smDji>~z6
zK=pVKLtv_hEx+}V!=A(mSR1bpHb4wNzrlx!zVO1D+d+rq=Y3&^tRtr}q3YQ(*oLsr
zqpzd)VMC>s_Z6#m>}QvG)Lyi=om`w8|L0?HG%yw%?`irnb)CM=)M;iL&p$QyIh1|<
z?_UU$*m%#1aN*A%1)U=>v_bpt=6FPk4c-c{`x=M)^?e=Q=-^sFS@X}xp&JIYsUi1n
zCwJB89sP*kI&X&#9xIW18ftSB?2sr9!h`P5tPm%KX(ZRl4T%yUK3H0&hDD1Lxz?1p
zhOdQ@7!J8#RqT)$632zD^G5lLoX{d-uS)NO7ULRjgsJ0J5~wQE(-GF2d9VY87-S6V
zD+paJoEI3RDbrpOz&L}z99q}Hi;uUQVOo)L3#L+a7^-5W8DCJI&_5MkX1B9w5>)*q
z6OdEfcmf_xIKU~5=2|RalkR%d^Eg(cQNt~1#1fpSZ~YafFne~Od&S6rhyn-g>j~;7
z+;C|FXw{;?6Y!fwxSpb7Y_4OtQ(94&Y&ifl&$~I$Pn6*1mNsz+u?^b2J@+-Jo1!W3
z=kv&XooCB<*sKjLI_#!NlJVw;SV$w!a52t^=6d<m3FtGin(w|<N~^Q;v(lR2uSxhW
zVdGqjU67xOhRID`_fT_Acs_l>@Z3sOM^Bdd`06+riaG2X&m7iYK42PG_93{?wS5FG
z9K%qd>3w-8_9YxRmLIcT$!T_)hwWu+tFbNlzaDOlc03oJbC0E`GEdc)s%wqy#*UK*
z*48pyT_<Bt3MX)Li7D#)p+@cvHn)_aDWcv3>dd(o^OPZJBDu~^>&Ec>LfDL7tJ%Um
zAsX_Ew|Uon)JjFGv-=|r*2tx5f^_{=|Ms64_1o|*<IdDK>12#>7$ziI7>9U;S3}&)
z(`FoLg7gWRtjW>&yLbwC1nQ3`OU04-1tS&ZKJPhi6RY2MA-u6g|C*)zhscYGf#ZM2
zFxgrEGp_nq$R!&xP8s|d;I~}4hOzegoi}u=taME27MwO+zc54hMAO5~K^NbzItf^z
z3gQ?-{X(M-p)cN@)=%EB5io#3YO-sAPbN`S{*8JG8fZp<s4NIj4vB&RBf7Wq`F!YV
z@6OfsfCv7A!$7qcJ)iz<UnQTwbEO5Ju>;=}L+tw=m4~7n;AeNa#z(|hKd}V}P^P*i
z^ZkQDZ!2cBZcev1^LCbJsC(gnc4*kAH!NMhlR;q$;aKd4f>AK7jhPfDc=?uQu|Jcj
z&kmU|ZqLdF4NuG_UZ}w>{Xk*21HJX3O^)utdt&H42)|`@oA9#3^*Of^)*gVC+iDHv
z6_MYdS0YEQZ09$HCr;s7o8pk>@6H=P(VZ4NSsuQ)RYzS${{5(49m-pv6{w|?-M?tP
z{|3{327EB~wa-{9`u@O}4TGXWBe8xDNQfjhUL>n%v4St*s;+3+Z6h(65-ySYz$soX
z?n~ev`D=V4YVwU-Tqc`XH0+6Az6s&Tq+c!8epS^T--*pbcR6RXO03hErfjylfT*)-
z0xtygcW)*M<cO)xeBh7P4k!;)U@Im5j3{Y&ALTk~*Kag;l~Ngqrs4LW?9|t)zz%u~
zgzhwjd4Y5iYP35qJ>+0SBV4V@(&HKw+T>P%^ryZ-koL-U%=8m5Tq={tsI4xC<{7T&
z3ucJeV#;CTR5tx(N|o}iZqCvQc+IS)2KLxc%89qqQO>)O4q{2k0tx1r*kh^@h15@H
zXugiw8~u`krpaC*iKT*y#cZ79JKPwBDzWa~AsSUeI);>nrFmpc#cc_pg#mdS25vV+
zXrd3$Ha5R=BEOyL5~V~mXM=c-!nYx6%JM{{h5D7_!cNlhjUi?4m~#B#=!u1sI1kH%
zYMi=d_ESY^9Xp!nM9a|@^A*a1b0=Y*w}q{d?N<8CqNT6DgOc|n*ypy~G|Xb8RNBm&
z`ip}yn5AW*#!Zr@2Ve2wXvS5NuG9<)8-?VQ*k&F&P=&$AYeShE)*<s&HZaRYTJ{yg
zL?|k(o)vg=iWx8ZS7&HJ4U%iO;Kj7aluZxyFFM1cznV09hFQEat)M`EP}FKGD9q4-
zog=*o7uOZ7Pa;QNcMZyorp%mbW?wZUF0rGGHts>+$_l=;e{$D<LQWYNnEz!)%2lRJ
z>c6o^U%sGH>f*}j$|`;#9;8WZ^00P~IXkk0SY$HY870Y%`0@pdgA^lG@XZKk1VaR<
zbGuyhywCueGr^h<?qK)6Y-&w0n>uceWcZdU=reAvkc*YTviMePpX()(Fz~+JFaw2!
zBcShYdGog6eC(|C&OASH_rA!%N9gbe?#d0MjU&t#xZgY@&y^VNa>1shF<ot5kF|?Z
zTWf+uKGAKs+|1&wu~GBQdbIHE8}BNQNy(U`jQhQ!VrS%;Q!x<Izq9Uj80qKn6}{XM
z$rR8>mx|&ml#E82+dK}}Tv5uTME)JLlkmu`4bGfql!ObF8)TkZ<pqLf&pC|v-PU<f
zP`+V<&!oi`-D9HhrgfznD1_I!{0J@om^U-m^EMj95+n`Rwh}rOgn0l|1{uv;oN_&4
zk>*7)*LFuL1WCg)u7D@t?-$pYcmE9t&Qhf?^G+1CG70o31~5m&F;v+Zg?CI;H^_ON
z<gW&aER?9AEyf(FC+p|qas{%E0Ow_f(e*MS^!;MwHUwmbU(C0^lo~MLe%kG=E(~iF
zZBU85By)&>?$EXoB!CgRsE>s|M825HX;aU^BP3eETrU|hq>)hNM_u`T0VYv2xI;v0
zatcDWl`55a<%L)3DG+;K@9Wo*g^6%_VU1XG-MC=sIe>nz`rvJxQ-@MXv!<f;({#O5
zcU@5}Hjq??Q>Ci4(}y~FF>inQ%7!dg_4x-ESvV?7FGB^oL9mvQ1o^H5BU%id4ZT14
zu%qy<4h{PFnNFrpwVKXAO^+8^k7GyDTVwe_w3zgOhAPB5SwXX!GWM2*f?g{$wqk$K
z(JRxqCC=b5t)&6U%<?fTYex-O!=r1rYjc9%Fh&zHp;8koNh`ykE6iy$fp#@>F<`x<
zRzOBqvy5GtnZ1mO{Xc#z%nY%C<OKCke`?@(DAhM3hKG^e!E0(Fzw)z>Ohvz0oH;6R
zrL`s8sxOld6K4Aj4;u!%+Km2@FMEjr;QNKHh2F-M=feRuf{BVgck~Tb6rQwwYBdVD
z`tWE{2|=KS#$4bdiITsn?3rT`UR9CP#%!NjOe;?Qav2OCoybsxj$)=bxy2nm0#11t
z1cm1{<(P2~r8t-`Hqpt*x}c>`!>%nje-#+QBtXrfJ!PQ?bmiI%28ktv1g3#U5CfE&
zK~m8|Un7AnP0g16AhJ0-+nO&%5k|^KXK{o?#CDWO^~~Csj|k91Rp|`Z<X8T-X{q<}
z`c-K%I8@?TTivG4{u4<<!T>aW*YA`{DHQ>P;}^0ahY^hmkE9ljrzN0fZTDn}l_UGJ
zAg05s-og+i6&I3rPT7HBXO3AW{_>)-W#P4PJ)yV5h<h>4H&4xk<LO4Iv!ff0G0CG?
z<v+DaN(ZEHZ=LVWoLZH^mB#OcaQDg7{!-rfz%;;P5Q~HW$<WoFRig!@LX_}NC~}zV
zqy?<wc-w@6oHUVPzZcQWww}hWZ#D)K*>a_N7IaL1XMJ^MhwGvl^sw6=_=XfW3IEe}
z#`X`?R`&mwLXgI|;vqdk_X(AA6Fk}m4ZaY49O33r2^6VNxio^bB>{bSx&PaHd@6_;
zp?(SxH9A)cPWkS|>Um0VA11$kX#=JzYs*g!$m6HyJqHL~fC9vx2M82wAM#YA*_G;1
z%RnDLco)D3i0A=m;vI}l!fF_v%9nDDnaHnHNF4H)L7uO|87`r{;d>7tNI6;m?&CCc
zAA4|?!ovp+Nb(J8Qf6{A6XzuOWeuaUzLA_QMJsL;LxbhXyqh)GQ1Z%($@jY;{2@7>
zHk^_cSt5YwuOmg-JpG`DueWiwmU^|cb%P+meiC~KCWwb}LRnJutqv@)b7}aeG1e5}
zdevT=0P1XQ+vFCC2HS%wx#$rEQxknnoT=&ypDY&VCyV<MyfXv6*^F%`3{<ox+!=RQ
zs?W!%-rk|PgmKg;V8Oi5t}FxYV)kD@O&~UB>{wYBiCg0yTeA>2+BEO&CqG>7PW?Yu
z5MmFOAta?8<#aL8X-ox$>>l(r9&quek&65bNwhjk^b#sl+y*qlEmB9NsHakQys2b3
z`vR#5d-7m9>FxqY?uMJxgnt%6ycILXKnWt;4T&|Hrx<-bQS~;ahNfz#GPpWbj{#@q
zMxAewiQ{=GGo?RolcjS;*+gINuBfGUiKfY=l4?f+eOvOiViT>#G3a&0a%0@IB~Oo}
zPG^rYxs_SACH~e}N4ytKLeBFc5)BGS-VZJ(eo!tiz9(`h(V;?Qr$}YzRaE%6NZGtK
zUmK7qUwzg!;#cH-4eC`Dbv09K;jJhla-@r0x9-q6YLZ3}&<NUHmenEZ7jX9HKy6lF
zmYF^gcw4?!2X};ZUO?1_#h}iEhEA8@yIwSpLTnx$!S>ZF_8d;m^9XiXMbtpZQiG!}
z{nn%!RJ?bA6xN+czy5Tq-1k|PBX+<vjEehkB@n^Pod6oywyg7{BORF++mcQ-nxv|0
zKEbE_&Re_=d2u{Odig{=NQppfM0MnD#FoRbP_?q`+^JwqNf0Q1Ap|9vgc!5dH$By?
z4+xtb|H)#+<7<GM*UeX-m8*BwpE}<Lp@+Av_MdXTs%v<;=f{8hXD;jgfyg=2b0rww
z77qCpQ%D*rI|5y!A1p*Rl2702e4Kq$MixPqd4BkqW!5k$CFf~7JLM5h&6Cx7%V&F$
zzxEIQ%gFveo67#rxb1&;k2A8e{L9_r(^@)_S*@r&yL$PP&!WWHa*)yl_-!;z`UzXX
z+Uzq6838}gi1@d6ZXxD0r|iKzbD?~lS##rpJ3cOMcC45ORd`7PWq2_q9<1EbFD#mH
zW#**Bme)i{N330QOVRnhGR1<{0-@!*(U91k>$&qd$hTyeSoR5eXNMR>!n`+ghXO{B
zOp*#TAZcWWaI>^uNc-l187+jhzZ`4aL<iT7F(#WqZwZUZOra=rks?PSoDC|`Xe2Mu
z?z50zuo}T(C>THm&GH$DTS=<!V1AnyMAy%S<NkUfxn^idCh-=xWjRxjEG$w!z)Wju
zcr<S=S`h2aSt2=Jky5nFuZ*epJ}p*iFk~ojVys{wrVgtQ>8crT8ge3>kQSXxe4Dei
z8<$n|xL**YJG~Tk153@w5<1LR2k)E9APdE4Lirq-p!Z{g+GawTPt$6uJ911itA8!b
zEoF7?D=uE48fNl19}YQ6;7rDdqySKkDog4BQLM@8xH}~)?~L`y@F0s^sjH+1flH!~
zd1aL@s$;+t;#XsK9t3Gdfz~?YSHZCqLXOnsj5T--t1ZM-mAvD)EOcB0Q^Ie-mV*{v
zrtUF;sI6wt8FACR;_QhQDXVYdew4;?+M{Q<77B=_Vd8`deCb2r4DybGGqRxRNoM%Q
z%7|w`rE$|#2lE&<OXFGbb`FEbZiH|;Kw~nFg{u~0V$G13jvO^TUbDpU)C^f?V0A{t
zt}I9C-2T{ZH2WP|`~5KJ&FS@iJUw{0y<dsn>xt9*{rQyXyNk=~>GtvYxoHRGCH(e$
zyE?cFm+PxEO7}aI?naNN#E$Z%%Ai}>v43Y^$<YR=l5Smj?q>1vQiIbg8P3=J^_>v6
zN8H!r<?#0%{GlFS*LVWz_uK4QqTKcEjcXkJ)zlnDmV|5Uv_-oPpad(w;{;<<(fZ!6
zA_rPE{sq{$A`@%A*L55`g(kBOp!jV#g+v&5ViFG51WQtD(APcc-r$p{qY&~v$_BNz
z7e%Kbl!|tvS;=b5ig%fAZh`TqXMO#Vc6~L%78C1(p=pDOj(`wbJI1QDT6_81toA{x
zM#w7lRBJFl+lo9$$ZJtxMHXv%fi*h%Ll<$bCXnBUfZ>=M3B*lQ1b0`{5aE#49YoCm
z9|Bpz4S-}eRHjY+e8lOKIOa=^{i<S`;Ds$Bpm#CeqA=5~V?6sPVh51IROjmmRB@)p
zffU5QgN2gz!_75#8jMnxP5lIc6ZXum;1YF1g<Ij!mJ#@fi=O~W6tn>5g7x=XTQlVm
zLJei-3nWKJI;`1y2E(jeFzT}dK@;TL%=82r`(X!$$-D5g9BSfg(AYO){oVj(;Xcy_
zRbMYby8De&njV<&U;pk;A7b2cD_Wu;xUHnV(x4F_?Z3k6z|-yUcD<kD#ma@E>v7A4
z*53GfNbi1miPGtQJ$zl?a**uwx_hCE2*ln2{@osowbR?~<w~(U?DXC8{eJ&r2G3W_
zpe90!*=(7Zp*2da+vNpKs1P()|1H1D#qFy+0%(OYQYxAan*o~xn+}@|n+cm6&5Et$
zn3=Gdv{iD%D%Q+VF|FVobMB;^TlhY-NS4EU_ZVI(H|{NYO*XFZm4oHN8k5l5U7gMq
zpb@M)z=Bq`gE%E@JwMY5!X!pdMZ6KKe+*$t+G2Q$U64+kVX=e>6&tO%WN~Vtz^7G^
zPMGlqsTiD$Re-4jXc5@RT(|{JGKE3ACCYthB97g_JUGiq@Dv}j24Qm%$GVoFB4XgH
z%??WwPb8xiTGT2l1OTNXcG;8=_=jOBM&_>|-hyrKAJqEkz<c&Tgli6KHqiamSN8mr
zFjm(m;+1ulZxF4wcp0#sR2UVUr+FzV-~zuIQo@>e!o!@aX2yg=0^xinRLMhHf@z#c
zEbB}6O5>Sz2c?^_M{8fwD4-i)#w@!d(xHU0rODgMSrH5dRCr}&KcR|nCtVB5QHnw0
zKxIrKNrVVC_OjRGXNLe`B^!LwE8Y>}ulFk5(p=dG6>AGBf##<vX7;AJE7UF-L|i`=
z8qQ&g?eb6~3s5Rf>=98=C3-LY-_h>>_?ncy$8`Icmg<iNZ$Mx_BW`;EoPLL8pKFbA
z9X;&CSW-IUaxK3MMKW<MV|Gr}8kWB2_#ysP_Qpp73jLYQ!GY}Z3Uc+sI=nY8EfVAR
zoG^v>*--|be*9;j_}X`b`H(PwuN@&Vw9vFC%7uzuR>Lf-9At~&H4~5U#&?9+Z-bxc
zO%F+J!I#bfRSik@D0(VnCS*EfRx~qO0%-Z)-zpi=6z#I(E|N7$jMMwfp^G@OPVE0~
zxW9skB4fztbN_lsno?qv8~<MnYNZD0amHVhNz{%~q?c)%(s)sa7_F`Sf$MhhlxD=$
zCcvM;RTat{WNa}LV0g!lKfvZ@{|F*C>iNw01ea1sG<E+vLVB0@N*hD+p-;FP_vi{n
zQeR_mida7Xl9{W~E&Ps&1Rs|<9lLf51YlBdK)4X*U{6Ip4Wz8RUGoc>w3wtV?&9?9
zZj{t@y(z-(UIOe4PR-kb?XCe&vV6vadn<N}7OEzFZb$I@c}g*_&KkY4rpqr4@GRUd
zwWT90P~9v^H|<m5l^#(S@B-YGDy$W2NCs#~bNf_>zq_jp^Kc_bD?%qwQizO2PsJ*S
zxKY0d5k=3|M>G@_gJ4W_m*>#%i$Ig5SIMNqa4K!<Z4Liq9Jj?w#zZB=ynK~u`&)q1
zgx=<(Wq~C?k`yt9xoM1&u=T2yvZya%;dH?>HaB~WE7+|W4y<+FAC-Y>$y({G8F{k1
zt=0DaZj_C&*g(p{O&uY+5XknMqL&KS3d?9;W$Db9`F+7{%~A8#Pf-Ccnp#$Ew4pB&
z#b`7qPgWCG?=`%VVl(Ip50-kU4UiE|<r{{*VxuCYCHt+Aag0YNi6exm7lwOtxb8qM
zAF#opYif1KNCE|~w=$RV;48RgPTo}raemmHI=1eHy9l>}=`d)xJdiUeMPwUSBec=~
zSa2?X^sH@}!oJ3^v^>4au+5!>C@9`_t*_q8PR0*%w?RAHfcs)Wg_Lo8qAohwZ#0=A
z#+r@&_U5HO1g9z382It*wjB@~&!T%Pu!f-9WU_-iK{*ie!m0~d4x8o|owdTS{RKuv
z6gq+}F;>c<D<yP#8cc`TXkCZL*`3LFQ%7X@3iVB-W!<h$n_NP(ib&@LISr;|3&5m}
z&n?q+U`o!u5+(YK!8jlsiJZs|LC|r`txr(Ecger!7WsGr4kX+A!Ou^MPMZjwIvzZE
zG~j}?!wG4Zt=uuQ&l!4wQ**MPDA_7eyjiqhBiTZ+USgb?@E^vJJ8bF+i#D&$U^gN%
zd}&DD5&4}*7c<t#K6jeiRWBZ?-si<1_}CXaJ71=m^h449v3eLzSA!#Md_K52nn%z6
z%Qp&TVgrbg`vf7t6dvtXQ;wYejW+j*yNFS!G@4Y|!|ie(n7LoNRHA(?s5OQF9t*R+
zfF0h!>i-bVGW}$p|E+}gpPZu~fc#(PCH^ZK2}~USKx|@V`F|ibrO7yL&?AK0{Ds23
z3Pi28_HJWaAZ5NfN^q3&xLpHcKCJDR)%x=OMWVmJnB4{=QF<4gY|@1EG1b`_koSwo
zoRyF(lA=+_$~1BE?dX6L4T8j!0-RZoK%njj#{uzB*q)hg&imFUxw%_26tS4m@Al&F
zBAri*Ecq}){1PW2`2mVke8*F(%$+)A>)#SuWe9}7><7oMgxio5vVdv7ZQ;g|&$56+
z=z#>oc1xUMx+^2C#N&r3PU`irnWn<O4e*yY@TA80f6tiCBz0VDmubABo1B3qZ~oa%
zv~fif2oM+|FMv!z*`j4r(W;PK_FlOtiRn=N^X`w3!4(?Z0N>m~H%(zI4U8ii<zTjk
zne%0{N?Qj4sJU6T(Vq=@<t;2R0PMhg>j@A-4<L)_RNp(r>CHX!k-aM@t{0txBYfeM
z7RMi)1cF`L(Xlpex1I(9LOu6c;pp^P!eSYlkgYGO?h6l{kOa~vTc~2<(z0dBnK|-W
zR{4-GDT|`InZ&tjsbzPh1$$RHZ!~W4DA^5R#I$@NxqeJ$N<5G%n#K#Cf5U92vYNhi
z%7xgitYg;%4qzPQ%qyM+x3G>ZzHZdZm@Iv=S+hO;N5(+OG@}n<{|zA|xq>dULb3bi
z$?GEL!nJsX^u8V=aRXB!+`z@cGICCUbmHZ_Vg{D?!EzC==wbWuN>^QH_2~WfiRj|9
z`oo`|u{*<u9?e=W_p8((WpH7kiHkJcJ1o=0ykcy_$M|Z3h(QMk-5F&tJSk*5#I!;c
zPH=ZkS)|zQaNnE7kpkv?+Q+IE`cLySO%e6&Q?3*vk{3gOSKRY;Lx=g_Uct#gI9#@V
zQQ;H*#}nweWv_eW2Al)2fAAq@`hU`EVW9t)eJDA$+g6YPM)ZfbH)`DH@`bb8Y#GUa
zE*}rekVI<YAF1i@*J{`H*x-C_Jo)8yBvc0&Q0_5xzCR2N;W~wPPevkW5VFK!4Bg(R
z$kjOEbc<V<IyV!tf6;@}x-6}Y#B(9V!g~I|QkK*BuGsPi;u4oE-~h<$a>-Fde!~_n
zs0W!Hb{se8lmTq_orZcTvtSo}^gR?)N$4w-eS)!LXrB_>un$A1ax9uXOvXyDcNe~S
zYingBzGv&bwEM1THZ?k3eW4lOdGtHu8GeaK>YwN6f2Pg<xz8{$|LYnM)A2lVgFjoq
z%U`J27GdpNT;Cu>VdyYOlS+9Mq}FKu{0JR|FCGS0(BKA!y4M}9i<}Qb^JolB<4b*t
zQ~|KYG1>}iR&*@?{03#e3e<%ttm3$Z05r|~3Lz=4c8ivs7?P7MeObJUO}i|3h!bV{
zLExZ#ZHEfy^!r@w6T|1}ISnAc7c%lv&nQ?&O`x%%91rE-aBErrqdtre%|A82dC|nj
z)^Q|_&C8R-VF=3&EqbiDHYgOZw{U`XN#?;STtG;8BN0zZWu&ibp7aJg^L;V32Viti
zKIyM)L_h{*tQJqKZrBufMCI+&=5MO3l*})Hul|~c$xR~UF|Z44(J_L6g3`#(KwGj8
zmABNCuezpPgDJV&U62i6w(PrC+MHV49P06O9G4+!9&18LOVAcah~l}E1^OO-+Bt76
z#D3B}D579s{B^7|udTSmZE72*`lq%0!!P^a&I3mJf1RhE99wS-#PFj%^dD;(iR`Yr
z7$v!y2-^^V*2G^ZSTeZPj-4H?M7HH}H}@~1wZDFaZlj0$3s8Ve6y7~LiC{S554@>4
zMnlb<X_5n&C}vP&_G#axl`U&}lyDkbLo)*A-E+J|QfX&m71hUUPDCDK(5M#qOF-*4
z6TxG2pIz=2FnFxL_tkHDwcLnne7L7@Ohu8OmE0!kOmV-Q3~U6UO*JBU*<DghHM%Tk
zVP|V~D6VJwx!Lcwa5A|PMSZsL)G_F*@&PZbCOP|$GxQJTW9I*d!)!UR-!|*t4zmvw
z-VN|BJZ$VlElrn2)pBK*_F@&`KJ2(PP=AF?Uhk{s@B~X_8>fq4Oiwf3uWVoaQ#=Oe
zW<#kW?f0e7%H>YO=AAGY{}M(uzX;q3jAco}WXKFtC{&h?{+mq4I#UwJ6D;Wa!q>m(
zClLEtP$li5^hxBhDk-5~GMnjhf6wHxf&6^4{jyRp9vw1($HH8ZR4RZq<q06^M{>H3
zI<l?z#11@wITo1JB!z?Gl<Qw_cr)hNOtD&(!b~8tPjDK2(0xxk;+DKwZl?P)IJ0`0
zM!1kSeOp=}*RwM*#kVrn^fJpM)B<fj2A%JuPmmCcP#FD@aulZt$8bs<aVs%_nBNt1
zy_}xd){H<0;RCNECg^Q){Nu;UWSx=#=CmgO{%$0@ifR9J*(JN-Guz6rh($jWYU{+P
zENUvPyQeQDu5KgiyFJD_nsd{#UVV5x#~23~Ng`3GK-?!UV*aw@=~lmA5Kq)D!boF3
zn>*A`R7&L8tk^97l-VlUK5jeFD6ygYp7)1VOD%bw+-|5GeqyyH+lQI$JcPsPwf)@+
z5fRjY<=MKdIq+?O-dE}BO|I$-5L8UU{ZGq+@gHIw#{cS@{})&V$+0|g!2jkre<OZN
zhhUxj^oT)dHe(ZMEd#d66E=sIQ8s_R6sg4ohmWUxzQ^N_phX3D(4E^}Gcmdl;r+o4
zr-&qQi5V(*RJUTtY!IxA>5{p!#+l)BU7pgO@Zfk{UMrhjP4l2Wms(FTT+>sZNz&=t
z)U9TV>bX+Yzt<VDkiJGND8=x)`0b`D7vYPSb&hW;4f}?FP(*o@5L9Uy=5Gj7oxprh
z)?6mU(}iQ@>*UE2^Ymwh&kJkz-D^D~-9#r;;rDy3g)eYZo}}tOO%c;S>@92@{}pWh
z-?as@m1SZx|E=_)_6nhRw*dz8xZ>JbX|pVqylIPCzbCU5Ah4%A-FuV9@TQm`*}Vto
zxzpwTKu>HnFm@O)O@&$xy?x*I+NQn5GlaR%Ap<==ejjZdb*zY#KFmB$qOo$s@!CY;
zSs6l)L<FC3J9<BfIRioj60Jdt13?^*qHGF!?0a!;Q%L{WQ`u6@*wWO&gq}x>ERqs{
zmQ~sVfRHQ^1Bx^;7{)XbP}*X*gvW>Fsd9!sA{@MI^+z|#HIrDiS0Q#D#`x~(0EYP<
zmS&Iy-nF}8c@r~2?*`9Jz)@2iv(uT@BE^gZ3DO0KBMhBzAyN4rr??!3dH`sf8eUb4
z>AYFtiSo#wRkd1ZCZL~Z!t_r}4L2BZ77W}N=q?#E_+0Ftb2W1Hye*?vtjw93OOXli
z^8`Q_(#R==(DDc(QbalPc#^SCtF)=GvBiEvW1Lo-4=7s+4gOm9KjItYwB(Z#Ne~kY
zZhW(!!Z*n@E`^qM_$;b{*YL;f>^&B`4AY61eq`J`^OrT8_Z?(#OfG0g`r_`&hH@SY
zI>A|bD>%$(B!wa)ua~s44@;Ast$rXyfuJRC@ZUL|TdTc_A43^aoeAHw<}d4Ct!t+Y
zQ3*|HnttK|8Y+Bch(}LcVzxu@HGLTOC<ukzvw>uh;aAGGO>XBZ`<hr=*(&|DC%q$x
z;h1dzu6TtTKWtuymk_s{y1{$lr!yJG)=7h7i-^ya3bm3DVtGQ@1iyTFI0GbW)taF{
zzsVH|O0B$j6b@RJkl%-PuUaaYH>&Q6AJjz5*cM^E%NkV<DRLKMZZ~^C+w^6{&SCHR
z6%w`};T1Vc6hW+bmgT`--r>Of@>$&m&RrM2vOQ&hR8+CI*srh{y;cz@t~~vWRKS^=
zF})qMDc7P1>sz<yn?9mz=*vAn%PB9UT=674VV0j=!6D1cvT`+WWebq&_wu}~EHR$U
z1@c}}apuw|;7yd348ktCOEaCf$4EOc;47Z4It0?0im+AJu`01)R3MhW9;0iTY+N6_
z#JHSojo1v99uNL}ySKkWD_5g&{gcD}FSUyQO74DCt^Xr3{l7chu!fCOCOg8{wO;>}
zcfXUF3IxJ!{2GZEoexJ;?V<%2OuyqmmXUU!jA!qcs`%PS{brNWDL8zCuIr1ts~Qrt
z>NRTB)?>}UPNmhhs`Zh41=YS}J$(a(3Uw$!1;xIid+Ej}{Jxb48?3Q8Cv_#~=(=O8
z=_g>lwM){kPO%n>L&j-VFUMJEPkc|Tso{tgbc@X~(vSr1=N<3938WESDvYz3YHk%K
zeAL0Ecnf=6E0dj%&d}m?48%mXw?ftpMdkn;8K&6k60Cvdbugk&{}2Y%+5;k)K4rs7
zsb@T+28s4!5tDOwTtPt5lr#An04iV|G0ql}clPm*jB-;l#-oSj=3^X(3I*f!6h;D!
z^dU5)9b`k+70Mg15{c#AqF`w_N1zAKabtOz!=%|`TV_3&(4DT@@&_dWuMtmc!>>+q
zv28R5WxqvN5#=25y-JoIZ7Vnc*gnp-vr_-t0DUZB07Hg1D@Jc7MBFQY1x`@r^pL%R
zb!)7koibehA}4+(I*bnkE5AosKpmQz+HL}<(nWJ#S3A4Seq-kd3r-wb(;l{n<JQF<
z|K&PddDGIot~+Y4O-7;(o748a{5jZe*FN>^fIG79w$?9l$H2_twalg?f)7U01+Ws1
zOSrE&aPIjv?7?(n!zUZAxvZFN7Z4jfS>TtFV*1NhD2A+<(a3N<XCYtC@EV<OSHz~^
zs?E-zN5#psj&9k%XJCbFwsWjywzVkvTp?5meC^?)x~H&Oo#ZZFmFCu%x6mbxDJ=sr
zc4$xYEH8GXwrjd53wi;T$1$P^ku(MkJ~|L^+v!}7gDr-0Uxdajw#@O_Nvbdbdp3Er
zdG_{dKJ1~Zv8U%Yr_;j`qWgXM;)Ndx(BLkqDIzA?z~>L~yTgN=k6lQyOmkovw#1ei
zyFJpM0D>`90TA+fA$4+f@5RPu`mCWr^g<5&808VnC{ui8;8agcSTx4!p21?)Ud?}*
z02t$JEhqR}5gd#Wg1iS+d#%?Ks(n0g%TOFa0nbX7#(7m|O(R`6Dsr_%7}SHyjT|Z=
z$`N3hfib~QRdsGye`>*%OD9!Zf99A~)(MwxfiOHE-8%y7Xv&FYKzC;|o%~xHyX;AO
z2PT8PLu<v^^})NeOcgpLCZ)KhOL^xKiYLu1o{(B({Qt0aPkvyj8qJjp1+B`;O)~42
zeyf-)<Nw;=2eD{?<1{qMs##Y|5)`WvzjyAeUC*Hlx{r=!hX~^ytGuZApfsnsmDft<
znS~nED{sO33rk6uY~um44{%^lp5+?~)&oh>Ze$=cL4?LwF0HZFtx9pJ1MDH7%yNsY
z*C!{4$=1l{rSB5qy;WaO<pu0}Sa>OQFilD&@*yj`+u*evDnBl)$-8o)*j`fghqRL$
z92{pM<*L!uE^?~u&Q_;H3oj5%)gajR!V)Z^Vhp7n%Dbo?`&QzQkY*U#q?0Y89WPH`
z`t(s$6q7EC>Jt)aQ1$Z%|FRym<bexnsh4C6Rc0jg%ra@bIM`CtvY(1GeR<auZCSa4
z6_%rPy0=sgID&QwWkNoJG43m>7j(g*;|;NeXh%ExH&eR?K7o$mhVNF*Ixii&vEcFn
zApJv0vFi14H0d(Egd(gE%ko^hu@osM)z)01ZHmQ!H;o7Wf#Tz6!J(c{Ov5>Sa>r`(
zh_YtluW{Q<Ra(ED($I-SFKx*U`WEU8$(y1Mm6<e@gxtdqrHrw?s%P00^gDdUj-Lhu
zPIXZH(vw+ex+przK&TI0qU%l2G4&9cuI(EC52%R@T-<oa_jWp?l3?q5p55W|SyvRq
zNUY`QNoM_6*1d4@WUVLI%{uO#(Ti;7wpYW^!jFek&z|yoW*&w+U&iM?{(sohnSNBz
z{yRbYKh&Q&*#3ur6Dz~NeD~?_kAM?SJM7QZ75P5`PMYCJ5|9vZZJh)*{%8=i?&jDa
zBbS%fv~5eQE7*HAzTSK>YF~((>+5c;U@)0nmHE61Bu@$nMh8a$k>QPz%F_B`3DO9u
zz?pe54{Igt6vl!s!MB15dljO{w^X8@dUJk3as&cWF)O-1?I=hj<Vysk`)URk;!6q;
zEB+{A46(baV#-%qurZD;ymN>S3^bB4Nl5SVU6pEALki^~d8T5?ReII5A{UIwdx}uc
zRl=!`j5HWfBc|QSM|s;#NtcQSgNkd#nke2V7(_9HH0O-#@=6qNl2vQ~6Is$yu(Xky
zome`w^G(W*?WQaeIN(Y*?20aR7E3T!0JA8ta@BFxUL3-stWoAVw_z(K0Zt}~WA#P)
zNIT1%l5=X1pL^3#55lfUL~|!`gzH7d010WQmWn|M8=k0&n7IayN|dC($S{Tcf_?`N
zk(@48LZXr_|0Png$70L|=mJX%Nm$JG2`(zZH~mp1A(2JiY+a#M@eC0#XT=}$tI@9d
z&7NPuAss>~ZNpQ4V~Lqdq6V~HbWj^3*Fc2`fOJT=BYB+Oe;G_c0a82T7Fxm6ANk9~
z6WU3ufsk!6Wr7vU%`Mtg!0AV^5PyEi;2s9QNtt1GN?tzF-DBp`68FkjFNi&3bOcKg
zORGSkFRL&!>MIas(P9R5!W^O{57M}M(=2LmDT7DUEEJ+HUTiFc!IHTfLON*UlpJDO
zTtKwjEtPzJJQAHOvej1`#`f-Tef{m(`0n_@k;~_6bhL3-7L704PId5Dhkq^fC9;?1
ztLODi2Zt|<+6VK!+LLVAh%<OiiwuHaVtsIQeoyS>AXux*A+k58m*;n6>b2Zw?e?(i
zn%i6B$9^dCU+(Vj1aAhunw-5`l*n3p1<2*fC2#@lgYMW9GhMGNcu|;h)SlrC?~qnR
z5qMu`7_W>o1A^St*1D;1Q?n%P?mn70ByZXjhybyj9U~OZ00js)gxFP4iOc=Tk7z-$
z^a6x#Q1E^i8^C=GeZ1@dQ`ya;^L5AG2>7v1aaP{?YS2p&Jh2DRJPp_-0*0*lly)#k
zAEkR|@zFY@aJCq~<yGVbY{nLNl0?E{V*UVZh6LU);4Mfiu_(MV7seuPK9XCkT4!KL
z>!H9*>5w5YKM=i&{xPMy2oTu&pG;IJfta7@sXr~72)?ho9)MWnWIXN>A`S>8kSZX@
z!-y5KN7;h2h>?#(@reMLV#6aOxS3qhH6yAF4-jz>m;YGGFS;%b;+<j<ao8S2-2NA+
z9!b?Z5FNPOvj$wBbI_&CZL#Grj9PAi0#Vu(70eM{3FhJpDo0eyoZ&I0s`p|0Ep_-`
z7OZ>p+#B`d<+pWL>yL>DxH;{|duUz_3KaSNH8N(MuAQtGJ22-<v|7C$$H>;f8?BeG
zYjxe<_#uhIvvcfOHgwguRL?yEJ>1`2XQ7joKn`Bdvj$J~A7_7mv&AGZ01c@9606gJ
z*>h?2N3yrTV`z%$@vDdD|MLN0$qC_?EN=ASP(nNZpgxzOGveV&Hbg3qtcdK0+y=P-
zVk2lFxTu|ZyurLmHGOk(hYyzBN<>Gc3Xc*T#YhaEw5Gl`VFcoMGVLyF=?p6jGA?H4
zNA8vJ0+`R?Phtm3I>AFn?osP6eqVo%M{owg&$tk|(*S|yHSs~65DP#O9RF7vSb(>P
z$kXo@(XUTU*;WH2QdrUf9)SZW&X2raCI^h9LCka$Soj1yf%2TM2ek)q)*@GA0?{we
z3u4S37UCXl<-!}STnwO~f7Qzf(dZKAMZ;JY$|)LTXp6O^CO*u=bSIPq4^RS(POjB@
zpe*QRpIy*WCVZcSjouN+cf%@<xM)Rq?96#mOX<<`xe4G%*3z5fexS11`>xjadlZux
z836*NRupNL*Z2MLYktID(W;6(3FwbSG^Ve}#P&$*Yo-m?C^xb1Bq29{?gZO>DVI^@
zV%0M}+voHASoi!|%U|U2ylmhokm(peQxfxEANo|$HrynYJOy$v9;U+w#Ky**Z(DYB
zw4IBK@Pq4hXDx$gXLf`5rKNQ<U~+7!+fn%_eVeZl{2Qjzu>OCc26U+Jbbu^m4Zx`q
zh0bITz4IUC4{z`#8F=@+p33u$LnUSrCF^(aWtPZ76}Oh9-OWDk`mD&tviebh#RG6L
zi8?0SpdejUYX+!>Lw{qwPvfI+J}ll}ApXz;EOXOm)m@+U@00c6A@yImS9m$Rmhnnc
z@xR%$@kXi1{UU|}q4MZtHEIHiaN;y=*>*BD@y!2zDnW1W9@PzQmzJPS%qD0q0EZ{Q
zNhNV4dzJ^gYSFYT(;E>H62}-$G9y7CK`tAg*d1ypc@)8Y)Ny=!Ie2*7m2cL}vVHS>
z&OKQytDGBaaO#Be4yoiiYNP_f_=RlEqHDHPQ)-S>?<hjL{joejNA)ff^W*AJgaQZI
zyBhHXzV#o02ixP0E_~G{W1UIAGPg54471cYY#M>A6ro|Pcc{>{;^xMs(T#q=RNO?s
zyQv}Z*0fIrCwCi{gS&3pWNF?c<|1UxuYcHT6S3VQVzZ4ehNO`=S_mph&os5oXty~2
z{~5&=DJ2>irWP6htC4AHlhJIkQljzS#&OF{_GZs-+mD_0sSYk&i4o>v!jB+|C>BrU
zA*`$CU>_P8n$F2s9!KTtj{%oF-J%=C@NUC;T^i&>*MY&Pt#L}G&WYtZB(u6CXNa}F
z0!DLn*Da}1>aFV4a<RP1X9u2>@ZFg@MMTx%nAHSy;byRViF=f~B(*Nxr^;kUom6V8
z>Pk*}Y3gz+3!Xxgdhua<VAfw)bnQ3*&zRJe%bV3~2?4XRbqy;RrTW8+8<UhJ1Qf7T
zx-?SL!d3KF3GU4q^L46v1R|_euC{iosPF(EFd?|9JY3l`x>GZjA_GO*brF*dny94V
z6*@;ThU%8B*G8)^lN?TfVUj~o^K~1%hi(?OoNH$E)SJzM_WVUaOGreQLVFbI#f}8J
zC;74Qj#nW9p|sTlSeUFsJ|jk875(5S6kJtfjb%!cgzCBdH2|1VR)YpgK+gAn#TC9m
zS8`Sc<2YFhYf^>G*fNDyUBaea1S_%^4Fr&dx<)MFtU`0a{k*{j6>)iz8v?Kgj2bz_
zvVmOJgXxO|-VG!s!_GrHk-)Ft`Ee&wG3ETDz}Bwb!B|0?jgEx+cmqv{`8S$<>TI!S
zq8%9~QR-NVRp2gSIBOV!x=Qj%oz@9OsZE&hq&AzV!rXx~19Y@FK`xju(2nM8$6}I3
zkkp2tv=>q8G$$=(wjA~h+G{9kT*8AoX$_+FxT$u5)~w1@IW}yk0Ofmob=o(cc<X4A
zA`QP804>WB(+r}e&Q*)43UHc<_uFD7^A?yyFipF<_0<rr^klJCf~Mq0zhTlNTq<<F
z;dLF~{;8J0!uUVMM*j<bVEq9l{{8iThaaldHS9J;5qwr_3FgqD>M(Xj3x94f2F5QZ
zVKYzUS5KshB(J?K%l>+wxupJ;P@q)I5|B2zzMj6$(Ss?ehKH)tp4Fuzx1+7zb719v
zp*i7E>DF=FS#tnda*Q>>smNQ|Vk&D^a#Crhfg0Kr^@^^;*4P&FP?h1M<125yxr#Fi
zUVk9(H#Ba@^Tx{HS3)(S+jL{qV?kxW`Sw>ujcDy7?=%DTbs}+38g;Xtd9+18o4j(o
z7Fj2w(yAm-%ByL_lX#>vq~v$isPAHW{zb>T1IsRT%4FxC<Ezi%VZ(Nf-EA9HwucKV
z1G~!8>0m3$95lBMe@7P+)AS4@50d-TFuTJjIkW57UlE^l9fgO!6!^FbypplhbYuiI
zWosoB8r#a59cG}H{St#Cd~J8f0}!08pq0{MjWVfK8D=OMUFDG_B~OD(OUtI6*_s^_
zQU$}PJQv)hBFPOT^TG(BM3F?{LZSjW8X=V-)Pup`ktBqQ-G|0FZPWmVx3{W*c2*r%
z&1ZhP9zH%hRW)DgQQE_eETh{@rPS0;NI63))5MCHX5hhw^)?L%HifNWYJ}SJ_DgN%
z<#<~S+ttCqI4r37LRf`j%hn9(gK1_gxL9qlJWNb|qN{ZV2Il_6xXQ!6asq^-e1&*j
zl955B1Z^$_XMuyi-4lh|;Fb!Gs<DLB(&w_gN_hy%yKKiUqs*UVhu~Gas2>tQLfnVK
z)6AUL(02qS$0%u^c(2+>(7I4GAG)RR!bM(HAt;MPjwBtpYkoJ4hsD+1D|CpZ`Z%0!
zeBd-a9pW^>K0%5|kpW082N9mcgYC3RKY7Poqfq0(f3kogpB2@Nh{1sxPQ=}CjnjJ4
z2I`zKt_i04%M~Nur95MH<268rbCH?^;>%b7OC5x{Ia$ags>mqpVW0a8<KBt%kHu4%
z=2dm8uTVx7sGp;tQsfdr)M0RG-l%UI+Vd5AiZS8cR|GsTouwnk?UQGM`*HDWwUt&|
z0q(hin^zO(@$`1KxA%5)=GN9;+p?iQR9<}iIruKTYFkqa&>m!mbz0@pl?>&}UrmES
zDiljAr2wlNCy7APV9y?wSj>rTq>KqcyfpK`*XdH_F>QfWLu-qQWRH|bFJ&YB9ec&^
zI15L@eVZ{6BL!y=h2VS&k`O0ADDu(l7Gddao5*MszC@c?SN2da#XwW858)HyAx0Sn
zu*;+uXY3A^hJYA(DtC)h4?12D^8iAdV9zOmBpoyal^J~sc$;(2Y*z`+hy`VMJh0y0
zbhK7TUUi~CSS&*7<sL_ARbdJ7uB*ihRVbphOO2eR`~(_`0o^x}F#~3S+)#3^dV6~6
ztUaDmjF}@{DW}A5plVuHL}sK{+nqr#18drx4miD=q;3y7XZcogTIYkV8NUX28u1L7
z?+}}jQCMk~hA9ui;?VRVvm)00BfH<|4=j0*?~EAH!=gO{-#5g`3gIS31cEdneV>*D
zdpmWH1$@mu*KbyskLjG>$KCXl_j?pw0RjUS(7f{F;bGX41%QZ9EC}7iD731=CULHl
znalP?#EPx68_5{mU1gYAAuNhrsG;&&_p+9t3|583^-L%i_EM?V{9BnSPE6P;gv_K_
zz6JhQPfPyL6QJ9EF|w=|PaEt=K|FLguQfIh%aEUa6jljO1lJXY!Gx@4qMs%!NQOg^
zP8t9G0BP4>Oa%zWf@3X1EGu+=pFKy_Lr>fUUlh3Dej?;f^c2|2qYn!cKkOwqJq%&a
zTi*eF`oyrk_Kd|`xXZ#beTN5!&ks`<@6fbHUK472Uv{+1Kh=6xX!hSGC~<ilskYMh
z9pBl*iv=ZUjw`s`B<P@BmZgkmH{39pL}(gYkYZyK``m0{O0ClL*86v-dw2*NO@XZG
z0W0?ECIdx}{-W1@w1yu>iS`74v8@{R`OzIT!@Z6Cob(#&;5OI!_=}2%1DTCqZ5DEF
z^pleYT3oD*)E&oU=TU6pYknnxc*8^(ge934boT}UcUuD3>2Lk$#4%v5S(5emkKdH)
z6Vl@$J)J+dzCA5>PJ6k#`!=@e;P(?u2eX*X`(_Vk7g~Dq>Ggat>(T1k!SE%#Y9hC}
z9Ms~W_~B9!18upM@M1N10&~hD8cY|?*S|ZbhlZ?C?DV^lQL6YDbRY1uJuhY)TJ*dz
z@l`eVe*fGS+U|Nn#=JSNt=93HVAf^qDUW#jtM)G~I_$#-v1!IcV}9^Az@U%%#6LhX
zEKL8zp<@3T{a4R9jCI>h_S<beLVZ2sJO!6cpQ#dw6_G__+*ba1G%(_MRs{`Zm!&74
z&zU$O4adtonkXVv9-JBP_?qSh?F-l27q8oQQVcC4Go(>}7ClYkRm{<PmW)@~OO1!6
zcWck<A39Sts&GEC2Vj=c99KFkCcf@#Vg08l>2$~mOJ(pBqPsm0z8Aim--V{GloPk>
zh>!WN%>I+wn&g2Utx1=F@wE-gsc2MDf8^jX;zm61Z#eCQMVG%2sjm!*u`%Mfo-tNK
zaJcwi!-LSXE;=9kca9D`ncK5yi!ZVGwzef|ix)2s!^?jL|13LyNkH1Pb@zmOTOCP@
z)`Sk}Tnyy0-;pmke@nh89_6|Jg*HZAKxcEji%rXum_S`Ob>#xc5E({8O{*<ObCE+?
z3rx&m8~JuPd5UH`BadnDPar(w)=Lyq<v#f{=VYTgsTjCYwE!KjHhmv?@g5G4YoR^>
zl@jJr>TBYq!8LIf(o=i3djiRz|K4bQFU+CyN$I{#&^k5~uGWqABP<G;AYAhq0kOog
zi_+Ym7y={}?nuEFGGbBOLNpns+k)$XIELExT;oAHE8&1+bEE5rD~ygoh~bYIV5=Xk
z3rGE$xy_fwRRgo^6s+<%X`qq-ANA=d5kKg(UbSMXliDDUciP!}$Wc(}`={K&al#U+
zJnJDTlYn1yWYq>I>96Nt<pu!*s{f~(4XE0E4DfxcW&}4XBt(I$7wR~GN>$nzRxt&@
zk)p4K@AQPSSen3TIY7|+e!1WUQ5fm7iGuN%d?_T(RsaFN_)-@MW<|4ggYr#)Nw`3_
zX|o2;;$UdjFAuq`(`)w`l8EN(?7h{L`=~`Pt>bmsz?=|X_erb7_670H=Bl=zJKT}h
zO3eua;+jIc&G4S#xG$;Tdlx1vBvw3%trE<9g&5jWKo=y@!~1f4mNq#-<N+!9d8`7*
zgw-t;mw24yJ?g6xaEr2a@yn#qLQzNUU&Fuee(qZ?Wn}khOlIcQPV~@HU#R)Id_w;=
z*uo%7>auLmgv3esvd4;VuQBng%u1>$e{~`y9hmE#G$KXd5YCDSgOwA>j0oRCiN4<c
zp`$C&2hKUmHdHVS_Z9sP$jrA|l|Hg@F@xNA(+cjumzg;$8FS-e1(+njXioRD3IXwf
z@vlUILiru2c|;Xmk_fDpgmZq0^ov&o6P2baCOqasM`1E}OhkrdnX4=%qR28&a)eYu
zIX(a+mVYP}h2tQ^ry>aNSf~}BxJXR`F^(0*zKjJ(UbDYp<q9H@pB^Nak~+aXd)^(D
z0ZPo5Gon@=jYhscL@+s>2{p(^Vl*Oxt^D%naWaB}O+MBmt-DtwlN0MPb|`EPFcyju
z+$k8|L?qqubX~^^$ZK#6O+0^f1(6>SfC?Fq7AikhZ~=&qQ!^5Fm8zbE`ICZV=`@=c
zkkj+|MKmd^t#T$%y$lL5;oY<1`TwKr9b-HT`f$OvZQHhO+qT`)wr$(~H>YjeHmA*L
zyLWE(?#;cMH=B2platCx&WEals(SR($YWT2$aBa~m5U9>)c$3&QJ_F}ltG!?b=mc?
zfz<T4EgD7Q+nQzOvYRBPOK_3l!Y9JvOG^E!Uc+sW!^9)O;6;EDJF2HwV-(^zDC0us
zjYHg21@BEwE3#E+S@b7{gw%wlu`=L_4GLn<uEd7?SGbXhj(|f}rUssCNZkp#f)je&
zcx!DY(*)DX8QfgmrVcDg%N(LwVaZEUy8u!yg*(cp;*tBk%eKJmtz|~rnk9mc=#ySb
zv(Iirn70x%mh;RPpt|b0?sdZ7dnpTJ)Pa{j_|lvvofq`jdm*nKt#C>N_`R*7aZ91-
z#vkU%h)W9EkWLq)3>f+QH|;62Kf0c<HT46iwJ{p|<o?+q9_%bN#4jLx26^zAP~k}N
zR`|O@P8H%h4itw{712~)BqHU6+Wy|EN|CwxGd0Cu!#i!1>(^}+{kD*30fL2CUBpUm
zB;>Hls6AeXS`{O>i4KZ+%<yRP@~7;W4RUqQn!j&G9k&5ic@>c3^w+(V$U^y7VsA|o
zO@j1D`97s0zTLi@e!tsucl_H!d<7)kxC%YXC-1r#Il-4&x1Bl(XtdO^3o^61+(dt%
z!&{EY_g;eKN+k<i^Wp3Kv93(910HRK)_28*8ft-o>{#WD&lGSka#(%6ajX-$p)?aH
zlm780NMRfE1{cSyqC_LfxE&}Rlf0O;+hnDf?1Ek|ccxey*t`880b=Sv7++=(WHJ^3
z0b4*s<g7sIln{|#W<-??tU#7H^EJKE9u{0M$r2ROs%H}*g<I_Z;4P{HUg;Ifcd@H<
z@>8)=J`DkXsFZv*U(Hy9<7sf6ipJKl1KG_9S#**c)Qj(ni=m;%_nE`LJN)r^4@10Z
zIKESc<Q{%6Oh1n#wa=^7d%Dw)zYFA`zSg&XvAK+X-*(I8WIU|@m2{4T#+N8U6({!1
z<0?=86~jrgy1Mi=1=^ccgBiX9V~d-5DvJCAX(q)B_)qgM`+u<1GIMhOPkr%!v(Mc6
zH~%8}y=X$MV`5jTt9bC2=dd|7%Kwhv^0SHwOghWd(pGV^Uj2CD9g3mbkjb$NAwd^M
zh+rLJwUnS(?GXn|ZR9*%J?S#GnovTE&gnP;BDtKgbd(Qyh+9^(o;IHGJ$ju=*8PWY
zlB$hI`;ZPXiqXv%ru*vlw0m#4h5rQUbVRA-=IH}0_bkvTqQrf6oUexK9Lu^kPV0v!
zjjr>=@ff3OA*nlle*&exRnoONSOm;Qwq|fS1d94%U6w#!ie4lJz1<;RX)B3D`uVxK
z`!wqKY3(r73*>z@^7Zuy@Cq6l=*#%b2-ok0*P(Mui&0&WuMU>P<G#rpJ7Vue2G3z0
zAfitmGm;U#R;-xfUHIT9t{lTPtHXEM>#VxZ*z>Z0tQt|4A%7>(*6%Hv?bB-=2YVP4
z19TiaI&z!y8Tm|ZYtk)k>P)mLqJ5r7aK7jko9etac}iTzlm%cKVZv^^F6R4A@@;>2
z3hj{M`w>Y}bk%{bbrwdYv?nb#(Dh>_Y|3{W*{H3U>z14EPFoxG1#=gyBkI;2hwoA+
zI3>5p$wq6)OH&?9<b-3^8g+Qvw*lBmy$Bj_U(;vwO#(2@YttuZq(V0V)h<aap<MzE
ze{=$rTSptBF|#z3#!CZ@lrPAHEA_xBg-G*}adw!v^yDjR!z+5R9;xB>+2BS*i#*c3
zNu?qsY^_HSQn`?@8C&NNPHg;UTCeT_du>@Ed!xys-7Ur}B1N_y65N;lI#7ouf7A=R
zgI&=kNpdhlx{`{bMY{4;O<1qFpo08+RF37)Qg{~-_u4XW$tz93O^$p5)9`6-vo+{7
zyVLV0eBg|f?Ny3N_fy~Xyq4~+V2(;$EC&@sn5A-8OE;7F8^3@g`_-c~yl@FY61LX&
zB3XMl&07elp^Aj6@*9BM{R=`6^*}J$U-q$a?xYN4xsKe^W8^G2ox&#h=Ro6^8R$LK
zXFc{?f?yJz92@c4HVMsP6(|;E^tPXF_H_etz0Jc2@UTnN9xY^*{hYEh;0YDg&6gs1
z)e;Hu8KULbq=53QTJ4BXUPu6$of6oa0n1-t?!-fv;qG2*PT+{gHvEW@aZJBR#g&Ov
znG=DcffIjmr=UPV%>ki_so~h9;Xa9d2BiakpJdjfurL{d*r-RJRowyMV9`3Y9|RdH
zwP0M$T_4eIe!V^#h>hvFekpPZ6vku5(N=y~f%j+|806Io)-f2=g%hats-eRdXp7@I
z8wT=7iR*_M-F#sOpL#s0T<C2#S$vdq+9=G&2V{>$do$NI#IQUbkQeowM>i{u0C@tz
zDRHS^UTd6@8?0FYDMZI<|FM}N^1P2sJ&xQRptg=;Ba+4g&t{M>vU2F;+XH1FAN3Q<
zm^|yxT?(mNs;9XHsjN`-@-RuYmM3892Qc@<OvsIsk{Vn6jTa>D)netFThs8~9hb>v
zTyZs<v#2*~OZGHEmqim$+<+~``OCOzmw51Iv<RINyd6)h_bjvY%3vG}J8_yotYgC^
zANzadc<cpJ^OAWq!9@RCh#umuiW;suUjozM@Rbd3A<RPrQ<HGDZ4I;LW$Nku@N=!o
z1aK4fuc|MF?DD7XSWfSZ#d#4r5`QVI@v3>=rmeRAfb1EOTCx1#8<>`vQn9peC@l(Z
zd|=W66jr%;_$y`9O=%jDCMdvGE6_dD*Sp?MA@#eto00ACDN7C({vkLsJK@<)UHw95
zf>jO~hd^TkjsJ{kJh2ibE-%gM;fpAGM)}1R?Ms;)AAD&$$A;=-ofBWpZ^MVY6BVyT
z<EU~Rl|x4Bmh+cAPN&|B4aty#3v2h;@M_+9-Z+ba92USf7A^%RwfsO9B7Ib_<=5eq
z=x#Y8OH)q&!2X4=P*`{E!TSXIAY|`n>!3Io*3Ct9d9WkW&`JApTh%KG{qO*>(knz_
z7{YjAt5<G~(kt~RFhQ@k+!XTc=!JuTfnk7FUNtNDcNQIw{A{04@i$qNg6>zJ^kd;o
znAGwYI|{!;BxDap4$x<&{fA=}bD-k6=0fQ<Pw_fsG82AcgOA)`Go`UNk@03q!&VBD
zdK^SF`n{|>rwhI~WbbTMZLhMP-D0awkU&Hg_?L9~XKMOYO|LTX9dqtp#tE)l*HTKi
zd>*w*I&w5S?Y@y7+}#6IZxC74Ac-oX73Hm%F#{rnOpm`vCG)u=R~?Ik96M@pV(C(^
z<#0(n{N?#o+JZ-W;#dk7L3uC)z%ndR)F3wS$!`xjx&O2BE$mfHHYrH$46M=C3<I^@
z@b!*cyu=D`yC5<A<`*%&7RR@r!-eDukxPHL<!7ml|2upTiAccRQ57MVai#WIGG@0$
z%DJn-BuP)7WVpy9f%Yq5Ho=C<f0|M`|ASPMg^laK4j--6ws$<@LipY_G~Vwe6T1A{
zb(GM-ac#kDf4caH5s@cev?*f>Ftz+@>Un#Sj85G<l(Te>5td{TS4JC&C`Fs{WTiX0
zIV{+UQEa;z)XG#wY9DpC3{CHV0wImXV{M4DH~HlGo%iOrRRF*CA~)x5oL{_)DV;L$
zmWIk;!709tXJ!z?L+@hNt7Xsl-QEzi#&V@`Vq(mIHy4SB+4pUM4ITSsr&W$iAL}vV
z#l*MA?uWQG9$OI;psxj}Fy|3)Z(PucK-Gb4wYF~IUkVCn73^!GpUU?0(&+_o<c!Ts
z9X&lgWISD*9G^cNZM#|MmNgn&EZOg46=8>^$0gGrO}5C7!AhM8qIAf*uDd&F{7HxC
z)9DQhpu@XX>TML}@W3Rx)QZZ0v0GJRd=di33dw3s_&MmW(B-|b$53-Ia^<*nm9|te
z7nkp8E^duHI?0^;lPq9(8qaQ<dCJswP;ywWDIn>^wYpcSi@7{nOn0hT$8PFfM852k
zuQn-&qrJjXq=;OCnmK9ST#jJfxeF}&=kN0P3J)l?<~yE&x%8e5;`&MDQ-SMPK@^?5
z6;3ug`|<X(CB+#AciwO>3sYWdk-r`rHthIQlg-gQfq6&H5CyE>ZUO$IZ<JU|=d^Y8
z`ihREm9VvP+1r+pVgBZt<`g__HY%nU{8|4|_p*DVJ?p(+ldLzFMbijkfk6wVb~(Ks
zXQ`I|Y7Uy|Y2sx>0Ha{Nqd|I3*XhT~kozCQKa|{9GGr8S@JJlNn88FWJ7I!C8cxB0
zit8f_uQu-v{W?KGM~xrBx>1lH3bT#bfAwf0c5cik48G%cDPHZs2$l5{VY``A?unBu
z;_}sR!ys}qJ%~1AR%^1Dm+ltYWyNM{%*54`YF>!VZQ+rr8Mw0OWFHMQgD9j;m1PNt
z$(;&m5R$F-@6>gQG#6itXc<7~)q7)JBaU-O3t{###GdVHEw7<f>qb+jGDSpGCqk*{
zn-l32j%gxEOdCst&9g{AxrD;AfTo2BqB&?fW<@%{03HPR<I5c@?p{CUE!u+HJ==iR
zn#=18i%D4qY4?hr5(R>sb}l8bnT7e%KGasreIu#by(H1eTqqi@$_~I=BSXA7@>F#&
z_m?~inOI$LBD<_Dx};sS#825PXrquBo4~K3@%MEcDmh(KhdB<$wS<?KImFA$WB0FD
zCg{Cc3NGytX{~cVMdyXZ#yNqNaFLF%B0XlPcf8?W+hAN*%i4&G=?eB;5@VwYFFesP
zigRskmzV6rV)**y&)m?h5yhkY-1K!5#0}Uto7fQ`L}cKH$Udolx#BUZ>Clu5Q8UQ*
zd!95S!2_N8e8CB((or<@*)&Je<e}~c<%?7BE>+S3AF4sg<C<M|nio%t=j0R!(U^F{
zb;8S2u=w-$oGn82_x%$h_$_tR9_G$m@V_aY6G@*KuOg8<G}&OR64}EcLGZK)(rB7U
z=INol*qxJyBuW{ZYkTJfMVJ(H`IEXV7_u~Ltsq3%e5Rr`L#t3=#rtuq#he+{(=aX?
zapm9fM`S;5ac@M{xbwloTKQz0aA>%UYy{kp(5$Z-baxEo>gqgkgx!Ok)0hG=`Ak|>
zpMxJWkmRqkPVYcsln-2_5y(wqt*5mc#4=S-qH;lfYF(+~U4o^!!7JbI&TO^PsKwp$
zEKo7d@l+raVN_(@XP?4}D^93WPAh2sbdO7hJ@!{m{9@)~c;B8sN1=I)!7Ga8k9C}P
z#*UX-%!252PLjHywiVT#Bt`Jv&lN*j#^ZLy6H|y1REr{1=z>hUBjYq(^ay?k5~+3K
zv*1Bj!0Yd7#ZJZV>^^qEd;fEHUwJ*<NIH|^jIRD$y++L@g;us<{>3l*2?XY#G(eNP
zY8?W&8djqA>zDSb8o%*o6q$}fUdTNtA0&Q(KOi3g;^~*Ciei9LMJ{#K*KPVTD$7q@
z_2x%obv7fQg^MaetZ%**-7U^zJ}Q|vsU`N3IsNL!<UE|fLf*z_w-Tx>)?5Zb7g=0%
z;<E5hi)3UHor;6149>!|m+&>vK2C1+bohWXj|NRuWo0q7uNy2uynJmH9!^n3n*cC5
z7^N1-8-^Nb=cG9zNf{N&q2EJ|IXAQs89Mgh+JnW^EXDLHI4-_*5o<5>rCU4RK!VJu
zykJaVrGCoT<|cpbJ8d8f8l4D?BohtQm>hZ^CFegg^PGN&LU5JoOQXGH2yZivIo1#o
zFAxfKItel>Or!Ly@2j|h6kafRo`CW?a?KP9*j%8Ta7#g)X8)0LQ)ub=Q2*$pDC9*f
zS2U?0M=or`wRw=HuGp9EzEdD9ylralQwX?ItOAzTm>Wowa*&xDILiF9csb1!6Al_J
ztUBP)0j6@_=xu^l3Hw&H+4B-Y<TR9ou<W#P*3aVF+IzniDXZ=i;?1~p(K_15Zup;&
zb&MrXYbiIrhw(RNY_DsW$LB0^(NsJXKY!%0WPYVDm|<{LaJF1!1s~y8_l1if%4_uM
z-*|ZNQqA%7zy9s{2<?2FrwTfV8#wyUiz;fT2awl$1yq)Em{tx#E=4Qg*|;KH^uMn9
zTn0WXj3oX28A2G)71nWs383J-+j^==lkDS$!t&Q>3loVvd&k9aF_mEqRh&Y}V^eVE
z$CHWX+bmLU1KI(n+C3kIrxI{lrL?Lf)>!K+e-F5Ji5k>T<RjDQqL;DKBvodotlCX}
z(#R2EH3Gxh3h@e886&GI3M}Q%Ih9Ei3w5e4#VD;8LlSnQs`9w574Yu4%_cig)WsU4
z(<qWT9ja1cDv~uO4Mn7mD8GZ3)(snKOjs1u-8fXn<r~HvM1oQI_2haFTUVX+C!Oc7
z#IuxGG}A(Py|IKa>TnA^0`)7sfj@$sR2KlL+C)O|j)e?{O-Pg#Ra+|=>>hUt36I7y
z%B2a03xQFz(hLuJq=D~C`bJr&Uis&ez28A+HOJc1=1=V)ONLz8r#8hp-S@t@(Faae
zJ7a{trJbL%vPyR)jw^)YL4~UmZ`K_hZ{{6um%$P@t|xIY-y8{s->gsm^^63*9XH3>
z1NIv6byQz%KT8!1mUne_ZjRaW=7<rx34esuolJGtNJhm2PH#B@5-UD3{RENA{uFAN
zJUw8#Md1|gRdivqM9C@h(BN-0v9jvJ6pum%6E)P!AQbnRam5BE?^Pe__p*MQo8BG*
zU2Wh|(`X1Y14Z&*Bo`4BMhA?a1l0lc@N$%JeBeBULZ?3S*~0z6&k83^XxBUHf;;n!
zEf?@_Te!RIf8WeX4}X9P34#0m(-M&Be|K#De+o@GVHp1>yU)VT@?Ym1UF+yO;*Y`m
zt<`6aJ)7So;vrZ9kqV&<{S%rpnFyA$!<h=gmjt1Wvm}0h5X84cZ*#3wcc$Np0_$dU
zP33V<9VA9<mjUQYg*x^VqF~X;EHSyL&@stUb@a!J4q3q9Q%h-ugHk#|1yw$j=GD_!
zrQkzYQhy(a*b77|_rnWBI~&akP*R-8=`%vE3S?OuUH;aF-Y&h=Mv~F5hcK?m9KyM)
zo{O0%Yq(VB3t=BK;FfZ=>d+YnI#UT#BR9)6zOlq9{eGkmqx*A;BTVy+24Btn<cggP
za}{jJ7iTlRSy0#!8e}ZL9`hv^WaekFZ6517$))L9fE+>w;ZF`b2|ZVpsR0fVxXi@1
ze-Mwhd<TgFUK<D!B`Vzu26N|W^f>_I{A4?U_}P50#xkndp3Y1pXW$FY><uH1I!ooh
zG8S|$EA5Ao(NusMYt%6pft>y86MLvsfYsslSyOtTiO0XlXy+To{PJ0o4mb1!B{!mJ
zj+kDJnChdx6T`U@o1>p}dAk5NWqJD*u0~@;Q$9sjslRi1@GG{9R0F=XUP1u!Aoj^J
z6~#urme-_mhF?wG*>wyOD^3^qU9QNDb7i_H?Mg8!!Xd5G0HIbrz<^Vl<jLCA`SjEu
zF<f3t64RMFt=GFQ&E|&0VaU&AH5>NJpAfq#^t*uS#gZ7)&kLVM>HV&kWY~#NZ!iG4
zEq_kJ1VKiBdWY9HfV=rOrQ$3C<ImFr3c_A~fuUX=zJV`R{rg|Ty}X}?tGk_%<8HlP
znf1r>r-QkOKD^!l@vr@>yCD|+FwJ3dj4Q?#j2*abokz>Xbdoig9><{+%7Z%+yzgIs
z?@93T!v(v0x?k@eayXCfzIPr^u9b4&wKI}bu_tvTa4~h)oRgZ$H)P&SUr%yaKYh5g
zq{#<kaWxijY&#H_OGhS6tnq%)gjg>a>zgMB_wX)k#zQ`h){T&CtD;OtyQ%+<v~Pf{
zQFze8F^O2n-CC^dKgME?Sz;Ntkz}K_wu{WeT~+Dwx(#}wT~~K~jGHZQw1RMtQ}IGv
z_bOk6z|m+mi)1iea<hBbv@)P<eDgHwZ~@!LZ6J9ShwFx1uQ%HG$Ja3sp^3}n=Wvnu
z-+<^!$^dmCbk<qR1=6v#wUE%<sg08AVE7m$y>d1rlUtCbe+2sZPRT?=Hx}eb&^w%?
z4R|~U9!sBk2|dqSFLwt+2w9;vwhX9Dj>R_OCE0QUK-R>2dk|OajkKE1xHnQX@4rUa
zDbo3k9=c;USIuRnXD~85;<F~I8vrAZnc*YV5A{a;K2esNU;i*Wb6}pJE$1?+Lv|2?
z!Dl0Md%K#dSvtM}x5@56x4OinX$=93)E2F6^ZLf<E}FAFe?WqxX2Xt_5PwJW86V0p
zKgu--FGD0DJ>x@reBsH`1>P3g0tTPm<WppL3ktNJCuoccDaW$q3(yBTovx~w7ZEfx
z$O_P_idful$V-_^B`bD=&0<pmr7ro}g?2cqR{&m$6Zug38ZH1vAf~|$5s+Y|34SVJ
z3_%#Pi?<I(DfBn{FPywWtXmu2%oYTop+@tF06W(shzut$)7Ul6;K$x5%lGLPJpFVe
z2S|D~N;8L24T=r4fj-VUKLILTy7;jUNQ!t;og@AP-NX6Y&4wN1P~+MjIh7qsH?@Q_
z9sqJtR|#&*5CbPe)uyrcLqiTfG#{y<{TNBSiYZ9iY#=&=Ei88n>V~JHV@8d7ahudW
zP@RT>-)|XCe*6pfV(I1=43J>xP(r|uq|kj;S!gztb5Ga<qTtu#yT?C|o;j<?)xSBD
z8`U@ZRtds`Bcx18hnVVCZ4_=7b`zYmM5@Lo4g9;_<|9>@i4=XO3NAyc(&?ER_Dp-H
zD#wK}>$|Hdg<A9`B8&D1GTIXJRC9;1z^gv~?7h{}q-V&@?+<^cSvS7dPrJS3Zh(8V
zyWbytwe2g(%)`6SdlT<QBahIbhl;tugX8-tb<eN!a36tg{aJ)P&<Pj+r(K`aFaJHw
zTSfsrg{hB(uNnUv$Ei<;*PFwP`L^OgS|NLpus(H0^a8{TtYPNmgm*vAzOm09x620a
z(`TK^ocTI%g&d)ryT8JQgw(GjG|QpzAkjy)YK|ewGXwioVT!R4%-hr5Gw>J&EdAcZ
z8~sj6H`)1EhDMH5CiRvL;<qnN$K&e|8?KF4v_utEHoBfP<~XH`p-dX5%KM3;3t{n@
ztHUNEO|rE~DND|6Y$i%Iv%ZQo72{y;qTl|KJ`5J1es-Y^={@CK%$!26a=Yh}MMv=S
z(NO2&j)y()O15qW+K{0$=6X4Wu~?Xa0BCjbm8VFp`Ve5{m~RprScu^}1Rih21=Ntf
ziOm^o0p;Ep2;bsd<Xs#3Zx>pbRX<VMT*8yxiYtAQom#m_c<EcPoez`mbW}S33Vx`Z
zfeU?6(-aA5MCpMx)XNI!w*ZCTy3yTv7G->FGw-@%m(y9C##41o=9(K#HFp$t9?}9f
zy*&!Xqwv0Qjw+eNKqZM>jqB=YxI&^qUDbWFlH$a}>*BlZ{4Kth_y}czlhwEMx4wye
zUMBNrHk29<7>PEH#BW_)IzGKmq9V2Fk8C|af5<7W5@ulAiyY=EPMUOKK*@j2`lbw`
zohsIrJ^ok>-g2V;nxgND9I!v;jrw=G!bRS0BwC}~;r<0okhsO0nnhK-h)`Hw**eu*
z#2W37(jl5vDkf?WqUgQ8&fY{clsbnJqIflc^3_H0-2K?m^y4bZx=Nnbm4A0&{)4%X
zmmM(0ok}>(UH5_b1zKclY>MUee;-HWZzpw4(7KjHj(NbfWAr~Ajwql*Yr*e`v{|Sj
z@rBLRl&dQi<YZGAO?|1RPmHf75Bwo%)^Ef8JVVd7%tkZgP)rxVXw0M``C8nKgZ1T9
zP&~m>;!fP@u{eX?mnH?Me22K&2a(qYq0k-pWTAZZFE0^cidVle8J}}l$-!2Z1?SB0
zV6S3`wmkPZ!Pr*4>MD1YHsDJ^RdMXKC~?ZI`AlHPT>(#}>R+@vKj6ofqxmWNdlvJ2
z^5ztP=y8@yzSZ=smF7jLF|Ly~#Vcwt$9@=3v=7VPj{yM_)#H*Ol*RDhr!&UXZA+$e
z8-@eKV{ej)E~rgPTE~7n1!KQ2BpvD5aiT40)(yWG?i@J02@CVaE4M@9b~Soa;`}AF
z;Te|9DqJMEHO>&sF)}Cl@ToOCDG~NGuYY&nv^Ej>H1zdEbTx~8gqMfo`Ja*|2mBI$
z6sIDM|D3X;-%1Mj0wDUTnmy|BXm5s`o9*IgbS_BmoRvCcOuARuWlWB;O^veIqfSb2
zPf2jgzNKk?<MIre|EIE{9RDdHg_(`*|A!KE%VC=X$#1V7X&#e)UR_F`>U=@^ipV;t
z^cliW3M7Qqc}=8cQ37*pcFiLk&!()WMI2@bLma^}oYitx$zpcYcs6Ha>iB9zK9TDm
z=!VQS)q={(h&&jjx`(>0eKKpw`S|%Zn1K3HW*0LJ=lT@J+(*+{T(|kQcFao&2g(=?
zs#L@I7s%3bZEB+pJ3{*8PS_*aGm4OB!~OY<*40JJ=ah+23iY%reVfM^Y*Iu`gU92y
zphfJbc|PF*65;B{Yv@a`kKG@E&pWf;{aEIgqn(wnr|av8tq;Z90H2?Oxt9}pAKRJk
zcH~}EAM0r@8}nHbqkN-5s!wvw%VL#>u=YX)Mt@`EAw!jTW-AV~*ey=h`4-z_zpaTn
z$J?$b*aiq*?lHmkyTkB`l8|6ofzg~<PxY+k%JM2)R={t7BTiaQ+l{b$YKKmXh1v>R
z+6vM7&BY|l+6i?Hcf$6m^l0ti6Q5BX-DIzFsn~O^h?nBf0M8jN<eq~^*=99Nd^K`O
zn;kg~@mG6}9{py?l9`*r)X1i{;euRGEABN|tQFyK>!f)~ftr*>DSz<xzx17ynvS_`
zmw<H8Wqcuofh13ocnT|7Nvp1p$BUJxot-(N>FU=4rIBy^>U54mmLWjaUys-rJ9{+d
z`aE#)Ez2yMEjPpTIajWqw^!$r5oMZjD=16M34uUhaYt@M)EBP`B0Qsh#qBk>RYa=n
z+^Yf?GL<<+iC84h+}K?B)hs;aV%|&4^3uxAe!^BlOEFk|re7?uYCN2N>@Wc(odm>q
z9V>xO^PYO1q6m%I!AkAVRWSMlmippZt_@}8VtX$UBtDro-$4eI<r2TXU{py0`~N5@
z>nqzUk#Rs}xwe5Ph-QQ~P&oIoAy(SeOvv%g9<(=Ip=afsp$*&X2#ZUyxy29h=&m<7
z-IO7#XC6o(nv1;Pj37=3sY@Y)*~Pr1<d$4Q6();7_`zE<h%kbvF2la?AD*9|i*1kx
z{<9c7I&D6a{S~=kP+h8Q#_-1)l=am!CJqV!t1DovPkNVjGf#vC9M$zQ?oSGRj#NOz
z7kXxqFe+^;*=e(`Z?jfNfNmp-7}<eB)0~ZU1|qrcjpr4Qh3#-K%<aXfgX%%{12e(z
zz}aIo(fOY#<pZW^m+VKske(iEuP2-65P1*12f=B}x}16(2h6K#4lBJ9cn;OXmGQIJ
zSG^4L9sj7-hp_E>IQudy45`Pn9d7RyW31gALS3YvT+ool#ALqRK>Du0x>TpViXLa*
z2J(v#R%q0|uY%ge8KY55EoN^%E|OJUpkX9)7%D~vDG5O+SX|Mg`Sq*1F7yX&Lk`Jl
zZ84Q59?e4pYK&U{&SA1Y#l{Y`!#A#E#6WqCYQ9L=)~kYy^2q)d(47F|QdSS)9<&}o
zBG6fxx37S@l4u=$C9lWHQ_ZwyJ$uqRb=Hw*b2i-RY%i_S1zF7g2#U1eO_j<-t4kXG
z(i7!r4U5nU&mIAbnCz=Xt-fHP8{S#)$E+T^Ym$QgNkkKG?<oooL=s4F-~}~N6iN-Z
zEXn*YBb^!9h=j^u49ealor1F*mUF_`U$ivFdV{?^`ug-W$sMly8L$0~Rb6ul3?C-G
z_N5E%B?8j!e0mb(4o6znK2e0Bel%@E8Tufl=nh>xgT0oXh)zaV*3~@};o*uG)N3H<
zoEqYuOx_p*QGdl$;+^9#-AOq8AJ{z-o36t^gPH9!TM`%OyLB09<r<b>a863U$U-Y{
z+NY7C3CC^-YM5`rGbp1@Ilb=<vd|yW$dqJNZ{d21vC~i?Z+Gw&M9EUubV-%0NB8Qc
z{jQjxaMd@O8s2a!ewN$Z(1t3W0^XWhe}It)UNPf)i-w>a;MD#)&LeZ{J+Nn1{_d`G
z3(V(SzYRi0;Qz!858?~_4;TW+|A8U=PmF+r`G5ZQ|BFzR+Vm-hO(CqX7yoGO%^0~;
zf9=juB}sOrt;*_RsD=Gv8NFq+&6DegoPYV`3?p!`Y*3>Gh^M0Y1%==wR{K4S-5!1p
zi31wc@zIV_sCKC$n=Ak-nv=8H3X*n42jmP8*vW&=uZnYvUfuKo_@&WXdjj_wm!3TP
zKF5D62S$c&LV~a!um#X1EW1o0MB3Y%{6cPDj~J+v)xy1xJX$icF%`8Jt>W#EKS?~4
z19BRUHD%JZx+=8Mah0Z)$L=rf;epeyeIPVn8!npP+ZDDAwbaBQ5l><=5@f9+_$mfj
z!pzDj)(%DVe$l{P2Lgxl>TXX*#iM3!iqYK{Q94vmcs2u#;Sew4aSu+}ip5m34*_jM
zse$+QFIx3TIs*aGT}0XbL4^va-?!sY%Dg5psHSz7P-x1)Rx!0L0q`T*9Fye}Oa+f0
z(y7BkCfTFsRIp@!`*IIzZI>||Gf1;%vxY~tI2{#YH*w7~r!H-la99U`YME5WHj9<B
z6~d*_Fea?Ht|KPKq%jJJYfWb{EHP2DJAsAB-BeG8J(bG=L4;!UpIl^4lLO8r#%Zzm
zx*tduJ#)qw1&jdK$+l5EB)1)OVWpGO={RLtRuJ5o`k!BH=vzki!;Ot3a%0ZvaF9y|
zdc(@dFSAao>=rS<r;z3Mgp_pJxm`_`XN}6%{Mm5g(pLJ@Goifhr9w10a0;CB-4HfS
zu3f~IxB%&0Gtrn#*(SRUrQrkBQ@%UXKTa0b<TRQf<-XM50IjNbJlxdFd*@dAQ^uw5
zwLs*bs;o~?g-=1nnEh~+K0U%1ABa$z{Qnfw&+&iQtp6YH3hTe{{{K?bd#$6ZxFv<=
zKUaTeL;i=)jOS$v6p?~?0}TXVT8X5F3`^}}T~v1E@b=;}iitvL3JQ{7$f05~CXk<X
z%e$7vj8F%P7wf}oeY?Z36eJ-bgHc)l5|)(Cq7+Ud9sEec1<P&n1+31qeTj<9a5X3D
ze{gtG&GqK%=kqf5b!&Lv_kw7Mx%WZ1^a6Ye2R%~w8$eBRwPKL_-1`KjHw^4`rEFVD
zjmXgVI4f|t4|CIl$Yde``D2l62*Oav?11}$H|^c`>=Xn-N^@1kpPH#AM8y&ssjiev
zq$e!SG>U=I*dPTFlipy3j-el<zT~<~FCl|v-8C{0NL|=?=Irh4WjWEMZ(G9EyG3px
zjx0t}rp{D|XRXofq)=7Khnou@ns_j$8RHszK2zLoZQaww@G8&3T$5g+&9)b#c<P5z
zULpDSbN`OWz;Sjm&ot<|t+nOu@+IcY&@VcO<JBuu*W%>G)_%hs>N_YV;Y%|O$RCgl
z<_Nwc?aRa?chdEtTyWsDEui#;Q<(jiW}dz84;u8KtRPLJg;0btP6A@e(i>a$^>Km*
zy)>2?7IlH2?tC@IW1vYi7p8y1oI=GCmpp|iCa@0iDh6<O5Rgscv$zn-6FGt)*V7#G
zST+7@F@XRx3bxE=zaY=<MgiP4JSHdv3Ut~v6A><4pfVGXAlN#s<N}%VfF=&}$QL9K
zjF+aZ;4ATLf-UrX;<cCTJEc6B6cyht!<6t}C1Am<G;Ig8TLpx}B-7CKcz#^nXWuBl
zuXwmNgL!9H2l$MgujV|?8`=-i`+(AuSEF=_v7tvUuVAdcp=g?_$)CdMaCmi7%aAWC
zJxf6+OIpD{aiB(;ZcVAXy9~py9_GMgu;2y-9bF<gmt|cpdQu1I)KQ`3Wz+o!PoM}l
zl0~5uV3nvH`=}E`2g5kX@8OR}@b3rRvAXcvH99xw6YYkM8{&MC7Q>iL`5pC&I`&Jm
zLI4qkfwxbmmyK1&t#u<o$yw0K2J#sSKQ+<mv4n{WMM!Rt+5AZhgcT$Tq?1~!^69+V
z%b+EieeyRA^tpSm(T#F~rt~(w3nmcfnREd26_Ggch<u5J-g{tGhf))I7~NFXGimZ}
z<c9R4u|V{qK+qwjO~9evG;w5sS$F8$6dSE!H~|t$fi012XbD$VuBX-!ax<>4GM_CW
z-t9P_B*B34-hTK3+wNY0*e(*wZEF@>2j{PC&Q7rJH4O#&{nY(HeX&e3MhHA}X;`8(
z$V9lBIBcju-{O-&?q%=H`nrok$joduI9(4ObL-}pdEF$4aP4@jKYO56oQQfu=S!g0
zm;_w!d!PmP{mQ%quhA{1o?Lq5-jvxRvm=&qSg5u30u7rpkg;sjHd_{jdNNfZ^-`@-
zd#fj+^uB|Me~o~Kj{cC<?Rcl*IWI2G#(;lA3(VGPc0HBr#!b<7dVr@-_1)UZLI0eq
zA`396p9o)Zb2N8G4xuT@s6AxsxCJ==_JNd_a}`VVX3d5gpyLCHzbF}Yt(wesaXF6X
zs`=#%QC=^Ps*hv?zPPAndi^`fwx>NP6-sMshe-RyHI|87L2yp;x6L)K?iHG|y4O%Y
z|12;wk#%Ll0f%FhYzWut92WBkk+gix1;Lm#fz+Pb5o5yDRG>gi1a*>KLVLTZ(&T&w
z_|wSoarcGJO+!B91YLU<UIJAJ(~&^~CB8|8zG=mdv1OhKXWm7gM_i9+PYgq&>Z&y$
z1$SNl778}gVlkteSg&`_t|BeDz8hv5JlSbnC=Qb|rYq({{4c|UqxNxLL4w0I#6m)Z
z?MJm!d%HH_L4X7};6KH$vHu@sRsKKN3T7r|*8fFUu(ELc*SQ!gy1EJYZSekkhRg}q
zF&ZS|Dj>l?9sU1<t;ptUhKDm{P(fn5gXjgC=(`=;SmD7O=C<TFC;%DFW|b866IK2r
zDV;*LMy((X77(lVZ>OkVnL-v+=)9<+C#9<F2zcdZ=?WD@Lr)eq*~&5hoOpssZdcJP
zw^FIL6{Yk9%9xj@Cf|-mPkyC`Li@tFK{ekd30Ep2(fk~@tD7zpIqScb-sWwIYQE`9
zkAlfAq|M^Gxi#ToCLc5BV8(QW1kfGM>Ex|LB}-(tkDjSyyEJ>IjhA0(0r!&!1dKX<
z$o>`z9JtdBQv1@#W3lWTL5kL;I8SB$pr;x?Y3uGlYPJo9nfc()c9D(;94_eW%(I)q
zEyIIsLElnHGGftlk^>#|%q)n|U`b1XqY#9ITGE<gE#HT7n)Yc@t{h$`BUaz2WYgWu
zQDn!i?+N@h+ZdBDW^=VlG-G*C*62=D-?-gSLop>|ORI9)yj_7->c$s;jp4=!K1D;$
zu&Pe-h^mmW&bS9FyhxT)f952~tDa!kP@~0sJP<`wy$>SUk5kkC)z6&M7l@19d+gYM
zQ%rtK(oopg2M;Q@$uEa58jRV|?o-m$)EPiNh27)q96=V5AS@rMK-4KweAwWZdQcL-
zl^4s#yM4u4e6^eU7ijEkys3TbHS;C}UT|03l`uJUSC2HOWL0lF&RzGt;ZJ+c9;Fq<
zmiS8<UHqCP@ojyXKRo2-NcS8jq}OH8&994ROpKoQKPfer^#Sii@@oY>p3V>N7w<Kk
zQ<q=ww|hOWw<}MloQ!SH_c@XMNCo;oPw$RvhQ2A!F*TO~txr#n@XX-d5lP@42-VbR
z>r+}Hao{roIRbBHo!>T{-%~SdoJ&s`O9j1tUJoY`r*j!^D;}2*j;By_D;CaK<|`XW
zG$*@W=3%1sRcnHZ1^(V)0k;Y4X?SoB^}<FZa^FA|qKw3g(o(hQwJFn?uJ-3?s%>S!
zCQ<kSrGycwEWoLXx<+A^E^@@AWX3cRDwkndX<(-DTA|FCo;>QA*uOQJ!ZQ^>WNYlU
z;40GGlD3hTh?mic+h#FL1r{N<nUTq&Ku^YpbwEH;oDh`X&;U&iF{^s(i|MvC1j5Me
zHl^zpH}0jz^k#@J)ZhghkwigBlc7|lOB9+_9G0H6$;$wJOfJAvFWV{srz-!vxi~O`
zmpeQds4EH<Mpl{)(qzVQ(*~7ir>O5}!%$)H`SC(KnCGCmSJ3J{9l5oVTQQpG-)^Bu
zI1NTv8gc|)_zuu17*-z+9{j6T@><tyUhU@MX0>zK9dCJE!;RLX{w9-o{>#0fCvEj5
zZ6i}{mC&JQZSMrx&@Gou8^%oQ<_nj0RHDy+#aQwQ#`B1d3oB-7yIaI<9Bsj(TEjhc
z)8!^$P(9e+xR)7`y@&B;1S>8BzCHv~UJ%?>6T@iER$@5!0)DPMaCNtFbISO`db*f#
zcO!*`RE_2%QrJQ+h!)QX+0xZOQ3Tq%EQxvL*_TQB?g`l_sEI?;&|$#M?lI#Ew!1xh
z5=K(;*n^F(68JaH$*4B2(=z0-+Z^hXRkiLqx@aq&D}!$8o|FIev9sO({odlMdVsY2
zvcgaxtFF&Mus1*dYjGlfcJH46i7~LW$Mb7);u~St?|fw@C&SjqP1p14<$Iy^_GHe{
zKiB<5)D0P`l^&aK_OyTLjXbp-q1V38=Z^NVPg4iMma*9ZJcalSNdmXaQPmNgu~E;{
zUFiy2tQjm)khC~+=4}xxMLMzpT}6qiatZ2cNSp7X6o|vk*hu)Oy#W&-9J6*Mbwy<c
zE_Q)ZWi_08qyq{vpGtFklbgh@tpJ;PsZ+`k>ZotYU@iWp+Zq;Tr(u15mKo0#&vkBY
zE-p9L@=yuLFxM1G`tt^fRdVXq9;(^QUMR*NwdY7LO_%f`v(t(WM`kZ%3m^8=ia&7$
z20aq9Z3YZ>o4*kxV_T-$pm9P^TDC;TUi5snOf%;yPhVzF{q|ZKpV(EO58QDIC&$=Y
zl5`^tSY>s2pTqqzR`~HcihYC<IvX$q<d$#NxO}^@eD#c)Q0+d7%@0DCMk(0Ag`>k3
ztgcVMuKAjn_KzQnO~YYj{San`eTQqmx*UD5#K?G<72PA<BSDN*hM1`FCQFt^6W_VX
z?{C902v380F$0V9+vlDARe@?K&wW{GlX=FV{jk}VCMKh2b2Mk50#2SOP4?C)KBq}-
zo^Vzg0Qh0=B};bPW6(HLB{SF^fD12Vn9)nzHMMCCkf<C^Rm1Io8!6J`Ouxw7G}t^H
zV|4&VILEM(u;9{K|LOv$N>iUiQyY70TwEqU#E(46x=}?N>z96a8wU2&R{CQb#qDwS
zzdz5}Bc~rCEh1S#@rCk%VFx1&ge!$Ju`SKZiL%1au>HRph%<a_5A)Natp7*jw1^vV
z#>;9})RiFnVLmtFgpV!bqd)@F>lbkeEVlmmnTP}?ODC1+Z@4g*0Lw@6|8eo`Ohgis
zr*r-vN5k;TYPCo^VWy%~_$Ba9H^u-OIFAMG2`0)Q@6q@BeFdSx9$&!CSI^+~t?h3w
z;^E2`<D0prM~7|Hxfa(HP*a*lFr|jJ%${5`A0Ugy!|k&5Rm~XnHFDzP(YW+gT)mI+
z#h2MxsPePrmwwSvF;&JO@i}1lI+nJ$_tsK~s%ci2fo^B|@n!F`;6~{?{tMu2){9@$
zpOAt6e6p%fE4W&#577NAi<yB?w!p7a8PM5LBG1<W%4m6BCVx!!AcyP_KW|9BNp(8=
zn^=gSgLemKUlCid2TL;aGi)q{t)s2Snbqq5+`+7PI3%S#l$j{tecHh!dqztA*ilg$
zxr<%sJ*qI1c5~mxWyVSc>1|8))2DzLcWz@{S7<2hK?sV8w15%styTb`od)ivr>|+D
zftM}973MxP>DVWy*E;(C5!f(z+77`8q&Ff&1p4xfGB*=#yoliQ<s^DXrkNfUTxa@V
zKUs~bqi+lLW~gn>mY{!##_D`rB@Y0ahGDGY37U@hgPU^lGB?mo#^74g`m0*GwRf7I
za$-xw=s4|iAakc7at5qUjw%DLNG$d1$5p7_#w(s*Mt`-PK|;2bKvTN)PkutF2k)7m
zb32%zv?PfSJUyHZ&cCOWeP5l^3T9x#KbK~qD@RuYz+V-7W{Pwix>`bH&Nd->4$0zP
z@4EclyF1hJ(K&5q&#T3D8r}8%E($iV-HacRgPPqyI#m+qv8qo%Zcm!H)DCxOYzAyu
zTrMi7*`u`SSW#?{fINABvQ0Z#8zK|^4eP&%U=`(~-JV(TE`xe8QAko^XN22NU(G(!
zI82Igl#!~`hP1HsaT<g)^8XAb4|(ummh0^Z?M^m!{B%b+ler7qeBiOo&!8X8PitG{
zWX*5MFr^g@jcY4Z#@0|<`!~SIbUlv28)AR~MTQSxDc%^G7L&+dbggJr+gTaC(%G1T
z@Ehsm_&y+uNT(1M@lfRBfBwf!aM!}zA6`#qyuR4%z-7P7i&`nL|CsCYY75&mx6WW=
z<SYASH-o}odx2+t5U^IFpiGJi1%Qc42GW1m3c&y(J)%I)v&_?jgc<#`HEONt(KwS@
zUFZrS_LawUI$t9|K!26_1w0BD5^gQ(O(NtsUDr(e4+hWaz--B+*tg2%Vk?WPT)WY-
z!W^e<YQ)Flj|Zn;6R?)l$@g~t;y6h#vNS|~IOf&El#?~AIC#())Y)xn9qcJ@uQf2W
zj&)|RkLh-}9ycYPW}@l?*T0^<vkdu$O4sPzVWXeD-N*N@-0wc_>YQ%WIxn`>UZr25
zdB8~-nCc=Ea1qC;%T=m|o2Mi4{6G%<EgS$Qd+Ob_SCOv*WMDdOS;w8e3?A0zwxMQ%
zQA;)+>xoD<?tP|A*$!I#05n4+8+G=tPb-Tnlms~eF3jBWao-5vzysP@<gLvEr5l3w
zHXU_td2L>oF)2x_OTL9g=+;QfUPjL;y1hQHK=TQjcoq$$!W;ZT2@mG~<Kq|@>Kpr8
zkN@RFCbgKa!<X(!KlH@Hyf=oBNGiC>6x@v2dJH&5ur6$IdrE5<o~)*w8$m-w@&#jk
z00leOoql0{2hJqqm+&FJG~C@CJJSlumrOU2VIEnn1fUJ{@HkRUVm4{@^QXoqEPy`x
z#R?EU9*tRna2HFFN~k^obJ;E=!GU#_u!zlEQx<w_r*fLe*w#0dADKS(^O-z?3JLnh
z5)?|t`U9Pf#o&7|XVdNFgY?BL{3!sS=u=ocJ5uqx_sdq2+@Qm*gtRz<oIw`J{D5LY
zHvOkv6DKFj{}v|rzfdlg|Jpe>lcTG6#DzAt_d)&7zFUU)^zLvP6oDdgE~LwGPSVH}
zT?l_A1v=eej@kRQ*&zhu4k^K9K;}I#78UU0>g%E)X5@t4Z?wFX_2R!p%92QQm<#qW
zB_u?|jVKlhEIHtdof{tcA~+`q9;z&ato$(9r{IwBVi@xc1dDyM%WzX4le6-6F?Ais
zaYO#F`$C}7$|R&XmWm=J7c$~@`^XBHZgZsy1RP~{=V<MPuOtCf@{VU10(kL3T)hmv
zek!hPF`x#rBtyajUZ;D7Gu5ao&cet=AS*hkpE`sS@l`z=z}!Xy4YvaINQHkOi+^}c
zc;uS+O_pyeqM|mV%PUBN$Fx1o8v=K+_kM-*eN(MLymATE_vM$586)1?-gk)z1^07q
zih=QVG2;D{q(si(8;BHr|B*cd6a^(DvH}T5GOgDn2}!U~rs*#2+a#I4;Wzr(q390N
zGx`~3>0aP(_-bYe^7i<#$l9gYhbd@wI=h~L6oJtP3)JZIDhta;y4`Wa?t6huAiQ_C
zPRe%=Lug!JoX}wDS#PZ9J7_A`<DKsv{&L}Uf}ZbOpMRQv(Bp0J8cMn7xGr082S-|e
zm&Ev*_lql^V8$Y%ga17YNQ^6^e|f<a4Vc>65=HAph!aKc6Oqga>Lb<YuP8L$lh-k=
z1)MmAC;t+6S7ToWT&4GT?Z=d+Oc^t9wbw9rXGf3b*(3Z}>|eKEM~jmw);D=W+P?FW
z#smoo&neCC`Ibk5s6!+N7k_h%o#(?u!y`&Qxw39%7kzJ?{-rYEW$^`r3E5zFPm!M*
z);pw$BEj|nzB@U(Kn0|<zA|$MNcyX2FFd&vC4N7W6~O%ll|`$LDTTFgwzkAj8xe3u
z=n<TLj+>WSAy@`y6T>Zx3QouO>{K+y%4uf?)#Di$b+=;xj^2j!OmmIhjR%SgMYXdT
zOZPS<K3yL&Yu|E?biF0ckCRk2^@Z)Has`g#Aaeo+HcRqRw4_XtW>Fk-&X+rS{A2YG
zqgCtI(pTbgDGv6_F%1f;rp>K!N~9u}uuhgsKL7X1B!dR$UAcD$5y%ozUxfN|N{@|+
z#yljI1|m_uf;se`3N<<0{r<xgRr`p9bW$2jY6Z#<q0(+u%=XD;E3>v^=Ex@>yOEC~
zbez40zT!$b5B1l^sOCqlyRR}yJ%ZW0^~1c&fjU-`2SKgmukj9;a54PevJ>N01SNvK
zBiJ&i?pMoEZQ9VB#?}_bZyj3{CnV@&z@jXO)OvL>6`<B=DjJlcz`+3?jsaJx#j+tD
z2aH6crd%5yrUnEi!07iVdd0<JK3ab2Zail+z*4(7Qd4=DGYSyV)@E;kU!!->xthha
ziEwm!zf3T06V9Eu5{O_n$^p^TL<8F4cDM;J4azau?ikK&BX^K7?&@Dh8TJ-}jpek2
z(F1q>XwI{Yet$34&a;Gx-@NA#Z{wGw@^OvdZ=Xi4J<4(kZK81vouIqq3PrDR^};rY
zG0^pLT+2a@+5I;J-l~-IoPX?+X=7Ae>^B+*9c>)_Hz5TzZEIIDa2?Svelo+`FL|Ys
zs+*C1?mk+1#HxvWSM)c6Z+l+s_Ochat#6~&uH*UJT&FDNL3!F-ZT^Lx+m(437z*mz
zo_Q*2z4M)}Ei^saXN1<{)GE~6*43Al-`uC2lv~nf>ih%qQ_yEp2)&VW(~V+5Mk~D`
zbJt*T&^bqT-m0}U<k!Rrhwd7^PDC;55fe0N68an3y*h?}fTBrP9{&S5#`&+z(tnlY
z%FM*V^1mRfe<rN|S~W4FyBDMXFUqx`Z}1;vRc|ky4sLAhA-X97Yn&3%N*wyYN~h0a
z%o4Qo(_7$sDrb>l&z-TG3OW%Re?%LQd_1?vFH@%?3eyoCzTE^%uXG&@Zj5OIqZ19w
ztwn-)mx|LBI;Jv0&c~ve@!5C=PsZ1}JXW}y{S&gP)TCHfU6g7@EE`VbS1HWmIw3;*
z+?Y<pP6*mNxI6|!#!k0Dg+}ccOT2P|g0^-gg!|Ybo>-{J>lq?oPRM$udTBbpR+%7d
zXzK^}4qyWqgGldy$^@x|3s-Y1o!p>%WV*L$6}q>Qf-5Y~%ml>*6pH|-3?S-|HT0`V
zu{Xe6%@+s7r6jZvb(m!|fTlKts|*@&(Ujqpe&|$zS<^8nS5|S+a8;!Lu{HWDGqYBR
z(=gEsVO>en3n3R))(fFMpX&$zZ13(!<*u*Yr53EwCY2S;abb$5GwCNMGIgrBJTHZ9
z+YnB%IHqHT0F@kO@rA0joy=`<)nSaQM>C-Hjs;$`OpdVXl0lZ4wG}QjLv1@kLI7~8
z-#X993GIx;lFr_-2&DsA?u4Rc-WJcyicwTe*owV&LMB40zrje*0|Uf3_;ZXr*Obsz
zwae2mcqdXHVs)i{RCZGNp$Q@_`z`A|3aN%N4c|};nub*-U|@dKy(bJ3*j<dlG+y%_
zo|Z|uZ)Mk0IK*%m*1lJ%>=_QX9X)}n*m%^w*=*Xg8rIgRJ*?>b4a1ij*xlyyad-9p
zni?a|?ftqtc>X?lym;{3EBJXoiU`=r?d|Hx$>`#QhD+Mb|Mq>KI{)D85Zuo7*DC+G
z3s;GoMQLC~NhgzESXMNNp=Uku!_DW1t<XGptk_y>J9y;#JowtVK25mYmG|iL?e6n?
znZ^8ky!i@5O&V!G?^ehLD44eLm3PEWbuKS{WA(nBKm>ey%o}A=K~;#LI2$?pQfH%r
z$=W?-W;S;Gl}q4$XE50!Z3izxL*~yg%Gbm>p>f5)*ZiAklq2V<XPw3e&>WV-Lyeb{
zhJrwhKJoWxQfwGt0HNn2&$c#`C#Ns=nrE4zp5rQ6(y6;W+va+ATMQYl8YiRZ9bc-Y
zr>+;RE@1<XJ4C^m9<?4EZ(n{#7a|QtUse(;F+|t48E)~1K4XKftIkdDY-NM9r++P)
z;yDunt#uzUt>k`I3;w?td&l5f+HdVQwrzXGww)DQE5?j%+qP{xS+Q-bc*VB;=D*L`
z_3mBgsZ-CFdyeYr*>iSRSC6~z>l(iyeXs4uDd7@g5>b3ip63oI;qH3}Xpsr++iN-L
zmY4$4dLWLi6z%(X14__@Iv^q8TWs2T2!+hVtk&y=aK-HINcRWhEAVg~2FSybj0dcq
zlke(@)rZg}W8<2|ipun0Zyg!chJxez5qIvNe7|{~RP<Y??&J-Su!Q_y_Y3P^oY>SM
z^5QTA-$gvNjOli?b}e6T#v711<OP>uzmCr{;jkjCJhzSa6>_#OGtb*)cC!=v+D1Je
zr@-gf)&Y8o8yrmw-2qLo;b+rhAU<?F7ZX*Aac`HIQMARoP2V5)6PDB7iSbWv$gP$R
zU(Js4I4!mB!=0F|gqLrc-aA8L;=}U-5B)NvN!*C??JJTdo*?2UdO-K3`|=%p?tHdK
z=^DHDx0fy+&3;V%CkJ<!JNF(hFZ`V!Y|veJTMQhfSN_H?c3)$bd7th_8S<^US0%-<
z#dm+UQ(i`Pey`_>lv4Tw!g6K>1*dF_QU~yp@@&MJmX2IQ-hv)H$1dtThP*MRrDq-<
z1MNb#DlZ`OZ31kB*MlJWewhnExudf4iDvd@)&WXnS*$Yv3qLbWw^;8=(mAF&0f(|I
zwi)gVlmE{qP4=k<K#FXmRffp|ZKmle>qN<aZK}yU>;U}t;IaJv*zts-;7``QQLLq1
zr4-|xZun*Bo-o&cMidZe))aOxc@SQTO`8~V3D}U!%5m%X+cID1i38vih(6IN#OEvd
zack#}vmiORFlW?3f?6wY*g=9mb8=kH>0s}TvOsk%<o{5XCv#tWS82Bxnl?Po*iX$!
zh}T4ki^#Mo6si1oj!##s>2`2oAI;54K5$pbWA|kDKOtoVG}j5~@j05CoqS~R@pn5C
zA<EL;Ku;|d#ZB*<Cf3s4LeCC|qWf<En4G`FQ`5eryrEXbe~u^n>AZ+4-}qmLCL3Q!
zqxk-sM}|XqLS&D7%#u;Zi!9ampHPT_&zLHBLgx*bmh*=k*|4||@E({vgme3I)y$?=
z(kos65T}+k0z=yC2N@hi*3tUy)R+Rz0BY}>Iem9k5U{Pi!TMygO#)D<cWMrvT%n9E
zFe+5<bw-7=&?TpofSyK3X*khNpnpUqwW|nH#DpN_Z@fp7{<M4i4d<lkW~$3l%=$yt
z#Cj-%JJTS({TCOf!^3nIin0w9f*Dr`vVKpYaE)ISX(}y6U@q{|Z!J!qC;a7^&jLct
z9xk_M?3;`2Z=vj#hsyL}1$b*rtlmw~@l+Oe|B5&kclPM``Vn{h6$^jgmLwJi+pHS6
z;(3C75NceD>FyV|-L}xjPstbU+q}P{szO-Q79rbWhTJrVyLzO=WDaN{xr$oECw|b9
z%CLlJjlR{D%eIN9HydC=0U{c-rj3OGDWh8`31l7;)NH<2h`1JD<#?!$^f<~lTN;t@
zbBYa(zYvC$_F)SLq-B~@?2WIBisK~;xMmijbPJn)amn6NP!{2#r=co!dD(=ccEjD}
z4K!RE-*xKeisRhHk;50$4}@ubcEprO=ld}wa4?fTaB|2|{Bb}&<~<UEkTXfkgf}U-
z{&p-&5F5x$xarPvfs&DQ5QWoI{p#Go@%J%UFv!7HG;owHA7_S(vcqPbD{#agJ{gZr
z*z%3aM4W^?#_&9=bH}$sKI9(Ac5E1wsaRg-7IMYSn9^EKzIA45MDzV1Xjg`aNLtLC
zu;*r|th?1o8Im;HG08?3^Sjp1xsO%07(i#ZhOl`=@D^=)MjxH~4ar<++Fm7p`z7Uy
z=$(L_<S*KEuTHl`wrMzaQLwB>MqQ*+f{aYZI$fNXLpWk$LT98~>j{%y-rDUxVOxzj
z<;j`k5?{E&u9ZR4YJik6!nIVMC&#M!_XQxg(ygv_Z8^l_&5PgsH&wd(n2(Y-1NWw3
z)X=&@M8xUmS<#XeTheaN1<gX}XRNNSNl(W6tX5#p+*jyG_gI<j{M7^Y$EERdPT^H%
zl*8K9&iB)AXU=A_{6WQH#W)D!b|X8(l1C5lMq%W5`fF0v&dSwB-y~uyvcZ<Qt@38N
z{V&{vC;DF1n%tlvC%z{#tenbLxJECU34@`X2CXMDDIk9{jK|wM{mpiD9nRn%CW@S#
z{}cKD-*4%x-wu_3=|!2+0@$ueVtr26)-@@C&olEp-4rJ<Ntm}`@T}{SCyPN7Ym);q
ziLCFgT!*nHnb?C&HlmXRdkK1GJbCX3K)c!@yX3wtj6RmACsKKwl)s#gprOc)aul%a
z_QhJaoRdM6DvgLMQ`rV9SniITU;6e>*uC!<zh2*;c0cW3u67^R&x;?aU;ipf1EGov
z&}za!-vNrzRlC*WK9M}kKSZhh2NyH>)oKKUuGD;=`U3r^PCgQKUXB$@FbhrVAsMRP
zfB93xw1q>I!?P*@O@~o(g4lr{K^Ub-)^|+(u8|S0?Ae&MAsUotxjTqaqk@2&Lyu5A
z9`UI~)qCC%+jtt7IKbDI7mou)SUOF?9nE`@CA6{=m{A6giiTRUWk}>yG^(yaw{pT}
za2aH+Bzgv=5O8%p?78@H8b;&CIA;sxr<8?j*Aq^s&<+-WOev`dg1#C@0>+3*t>oiV
zbZ<s91R2j=NBxE^DfPmR?<!I4gKBTySD8csvya5kEdB!`j72>Kp5Yx!vkt~u`+UA-
zG6danJ%O|{jj20&iAJSisz}hXEJJ@N?ULTK#sNs-5;Q2Z>rsHnsFTc?hA<s96InB5
zih_JSidYAwVTOGDC+QES<&uN->Or^PbSo}JyaU7<+)WKtAqwsMQsaeEK@%-n0N(IX
zDK#FZ%Ev&?P75%f#Z$Nu-vhPq08ruLOd9(P#wc>k0m;-gyx-$I3~<jOge}tak@b_H
zUQU``8HAR-Y#^2XV)SkT?(G~vDCNsJ*`+k6)Yab@zzRl6KZ}{4st-d2vLzG6x~i7~
z*Sglqf2%AFYU<oW%Ri_DNSMKB9uYv|NYt*5n+ik`GDG#DiMDRz-bTh)14WUx=Xbb=
z*)cX2Nl{=Jha(=^YKObby0yEb`kjDx?el`ft)ywds8*>6Pb!9ka53$B$$sf7w}vT}
zrh!^nkbxzoaJFA_7D`=g*KGX8#qfBRma^Ssk)vET_hOq>yF!3$?;OXD3ur&>j_2X2
z6^0H|p?^%m|1;piV<pD^7Y;;h88>2sT)3DknCmV{rC*JO{xMZAHOg4{+~AQ_ZzDBL
zzPZ+;t8E3xsUY$hs&-3S+{JvUf0f%WA0>SoS-Vln+(%V{vt?=s3fMt*+KiEC;P+>7
zb*qYey%v^crO6d+<6aRgp<fAGAp5-pF?d|<-s6X-<un-BOba?JE=yh!D*ZI<U?TJj
zD*{|cVdOF=y>w%kPwmDv;q=sxcu_y01Da9<9RF~Q4DoXt$W##8WRbyTYOozaVY9mw
zBElMKyfizg75<3X;6T9|xDD!{AL%k@Ye&d1NJ4mrs?l4FZIin%z6nOfw?T7l2Tyx0
zGqp?_7aEQ5B{FCng<xrVQ`GrmQ>$rIV%r3WZ{^+*tVG0d^NIyhj<9Y&ffUE{jY?Yd
zPIspW+#idk2q7<V^;HgMI~yT1kfJvWGjd{12Z1a&&QVRy&HJTc*=frX#SSBALfj>F
zr>0Nt+g4vz`5tDdoUY1Qk2E4#w3x6D^s!>!O&fWR+aO1$G>RtM!+<$E;Di-X*i{T8
z`Ji4~M3F&$Zq825dpr(EYJ_$+2I6J&76mAUN?rs>vqsCPOMawmN0Ig<vY9&!Q(z&{
zkK0@kS2*%<EX^QX27KlKv7W_TJw2f*ENTuVguT>Pf=?RL+1$`k+}&z>rKe4)t@oUY
zg%0r{QeLfLgM`hMWV2AtATz{(dP+dD&_(?jr(vcOn6U~Ks-JJAI;Bw?d0jfEJ4PJb
zty{<5XD|F&E6i;`GoU0UB1b-RXcWer68mv|EWh2u*GjXvZK|A(0;00K_G);g#!S?{
zW}}{CO?K?i(Nr5^uVn4pR7@M{+}b_hGOUwWI%vyf(9KO~tJRlflNDPEXP3jRYWB$L
znL}%OqWL_-2B!|WpQ$G+b2M_MvredHCjT4d6Bg=|BKx0`!grzVzg#_FV*0<U2OJ##
zy7||Xwsxd(E3!|no;^V#X0!@sGFW6ECOb5lzM%k_=A;8X_we9(+5^tHZ*DDXVGF)6
zr`gHoiLPmfRw2Fjt4c*=47X-7wcJ>RT)}5XsnW+%$>6T=jozm+B}r2f7UlR-FsuD3
z9c%p~Mh@9HK3KY_2kiaw7Nz`n*AN9=SMkqu51H%+cbSMpa>5BBV_Tt-1ZX-gd8yS)
zBH(oLuVmnACoeydIYkV^ymJk|WYGc{nBF9vaa1lVNp?j#U7EDuSVf=^O{{A!Lt*cR
zC@vfdVCY2JVj2F44f3CfMKWonf_z21QZc#>QdMa(;IvL{d4h>5QNZTo=g(xa6=U^K
zvKf}CShSj{#^Z|kgb?FFeZ&XUGN%c$nwF`8rOr4)UNxr^d2(e8Msuv#loBwi5RCLp
z8ZGo=#$vyVP}Sy`_N?>w)0Qayy2v&Ee72v=YtxX!B9+jH;+)Sa$rz0fm>!=~G|8#B
zKN$8{-oQj(T$<OsQ;n`)IGn(#52H7ng{sjVEJIGx$NM81QNrJLhw|esEoA3<29hl*
zwajscmF&bAYgkItn>E)$k1z}?v_M;tDN3Z=1-TGeyU(0oO34`xoRH`&>)9{?op5R=
zJ`-8=>(8E{>X(Kre-H!d(uVd8aLi@|9>EAd>^25or6KEicTn}Bc4Oq`^eaJ;4aqcr
z;!LsO8@Xu&Jq4zt?E^8{gBqc5Q|l`dj%Oueet|2)uZ>M#rmlVpnLjVSxtCuzGrqE_
zf&Kz%rV1KknYrCxpP9eq`Cq=WjbIo9MZAlX{zm#%HSQ$GTBP83fyX!>;++~`kr5Mw
z#4GuY;h#-52RWg!V8VY7xZwN|*!(=B29pVac*B!;_l%|y!~-G(XLxkI#rS7gqJjOz
z?=^Q5p&VBwm<%OvsaU8rB7_2u^PuuUJnkN$@;`L`F8n^es_F^Mcw^Y+uhMIFU8p?y
zoM8AR_oUaFyDgiF-2HhF8X_>c-SYcwhDpow?oz@P)w}5TTTd$?p^wM!maXAfYhTNC
z*E=&r0r^@I9JFWXEtq)Xq*wUi%x&SZBnPk4uais;M1|K=CT8v`0<7F1=Ac(9Hx(}w
zV<_%#u^d+zyZ@PUgt&-!7AeG(Aj94KFh4!?zk-x}%@9-U3={MJ9pGm;|3~T$HT_?~
z|J2Qo^4)2bu_si9nUg1&S7)t68sVqdS=aw(;OM^iu1B#}eSG;@nVaJJ@uAn_d3W`F
zk_1~e7uFnu&r=_{S6>caFO`eiZ5K6l9s#=Fuy`$ymei}UEWUKVM0Md-`8S9+i;k~_
zffYp5$0NdS@3-p(#9F;tTi=(R&4IHO{;k;Bo@{lChVTml0*<|87mdxVRxK&O#6xWN
zW=$ZM!!@TRNxtDaaWH&NKt{iWao0DnA*R;{oDOa9G&)d@oM@n1zXYdktHQYsOvENc
zMF7h^Exd2RM~2I8k^_d@-~2gQ2O1b{*#O-D@uv}R+}sw$u_%}EomMeKo31n(@9!x#
z2;(+0#zY%;(?vJ!h(>a1&k5LwaQHE=P3v}wIY!;*eg9P!=C-(}-gh`&vwdqQ3Cw~i
z;Ur~@Y-MyA&*piQ+I5VhMZr+>L=%a*8{ja4JjjJ3Apy{ZaUk0s=4>t%zGnF5NzWAP
zO2;u4>2bA|_7?bdD{JemeNaX|LBx`oKp%(_atN|g%mOwDGD$PWtBFa+L=D$5T-(eG
zE5|D8Lp*hx2T-JsAopu8f;*P$pBPkzxXfWG&`cB>T+OiVwoR+!mf_LyCpC@9bbZ!m
zCE5p;9S9IJ;q+<P@f$Ngwn6V%kg~~&j4=zOglmp?A+20@GE8LWE#x*70<UR120P|e
z`9_Fdq3?o^@A7i}kJE%j(PhR0F!#BNff}a$<lI-f>Z{Jy9DonqGf|;53deQM*mNPW
zOjL?6XGb~S_doaqeZ5MWHOfdZOPW*ioGb{ZEgRcZWoe4(W%g7vr!2LsDy5v;`4=!}
z<$v}-9-HZ}kv%gF1p|Vx;#tyC+ay5wEgJ!a?!hZt>c85m)RwEgfC?ZFh3)~9Grf*-
zee&20yl<M7Icp(SvaQ9c)9WpCbvvf+rCQdOK@Kk>NZ(hnU?%X>?I#OfCQxBg95O_F
zDnvMMxte|}E?s}_bbk_CudWWlfQp0U!7yD0)nHHnySPBx-BEnL7B}eH?(|X+8f=T*
z`bu>%1|P3de%9kzU<$~@BWP!i@AJZe!c6w|7#_MN|0jc`4QxV*ii_{ERalc{dad~^
zK|3m=w(xB(rMRy42S7vk)^~51xPbU&&nfxu%&pi`?4X>gW)$lX3iE<{tBDlU-}v!v
z6RpO$14JMkXs7-2nYX}aWmn=N>CyxxtP!1FOVibKHVd(7#q!Z^4V_dc-Pr(Z$UBiK
zK4cw7F=0BDz#JYmEfU-VRsFuPq9K(d4W!Y+-q&xgW?MjSG+TCCzp7{(Pg3(-HEF-J
z&4VCLP=ww-RatvD5-b~I18)r!hoa4c-HMSx@Py#UxD7s3$e3**T9RHX4jgJrt{!Z_
z%%~FgaRyeRVD#uo3qAp9f@O%i)0LGEC{>Z86d<vqxP>T+Odxw%Q(f23Rh*b!Z5=&b
zoIe#BIanG=*>B1YCk?FPuFR$KMHeBy*Qy_aw$7SSw;oYyrUZXRA0Ii~G0552omcO6
zV8mhC{oH!0cnDoiOS>oq!(t-h+*d-lari8-Bw%vY);m82-B(z}vd)9%M&q^$%12u}
z^$%K{Gc|>M%AyOyXzj~}f`=q_-q?n2=@anB%@pV=TthKTN%_ca0w_u@OB%;xB*v0q
z4&93LHV2uMtePd$fLu*Dc2ETBTTuGn?DPX~LEnwiaY=5Vlz2M@->OOE^c*I<{Ef##
zy9AiZ(NwdYq(aX#Tn@l=zFx0rMv&F_MS&<Noit)EU}Go#<HSbxnWK(+HCnC+8vkpd
zWOLvIyy-Up!;^4!rkB;8kpY0-o<ms%cTIU!L_67ptvRkLLtW3dj;slDKS`%ozvy6^
zXgf$bJIO@09d-r$y2p|o$DWTw+3@#iK1?Akw{md3#y(I0Vqx^2U4S(%OVK9(@^)|j
z?3c8VXq(@o4E4Ux8}D)K$t`aysvA7)YM%hUw*oCAZinvdM~-WJp3foh>_;YI8JcpZ
zV&-F_c=V?;v`Pfrogi6~&&QVhgAH%n^ODYOUcldk51S4{@O`ueNAXW7`!QAqDsGPC
z=)cbi&=;1QDTqKBipV%=reNr4Z3=acuH-G%Q#gFZr1Nbyj_KvnP3_YD>Y6p4DK(!{
z5n&lWZubm4dTyeG>o+PgA?m^6BnvzPv<w-sq=Zd+Q)aSd7P@gAXtVD&tWe27;@u_C
z>2;0}?dY>*t{IeHc9fQxv2WuYojFa<5x1+X&VFg&P*GGHzws{UBz#~rY`Z-%Na)&h
zdK#wRf!#?^e+bx|eAV17Jh;90D((knH^0t3)OQDv{fu!j-ADF73-(p-MR;`n(m*Is
zNJ39v=$nqX*WK4Q^F=X(WP_Dv<Q~t`|Cm=i1iM+eY9~CM{LGl>n-1e>$IBubP-rFy
zCXPkE&@kK2pM+$43LM+^$vhBfvM!JOhe<RS`#+I`Ihp=7xqnGZ+jgBD&F86Bfw8xa
zaPsDQI+V99e6IvR9~lj-tBs|(M{$v1Y^hxJ@x+s4TO=wS^8-B%SR_O&{Al>fD>Rh#
z_n0~RC2yvS58o~Y%OK5A<H_4kWy7TLCKFL1_O9t)Prdisa(c!(FeH9^jxRl>h%0&m
zQ*WRpvRBtTn=8LxKK7ROLPI?{+E_ANK2LyRim|J<0dPz|jjt}bzd60<I9FYxR6EPY
zUx%bu%*0&r{Zlv8nNB`uv&C79shCxiwR56UIRNmW8Ze)Mw8>%(zLYKktYOa{otbTg
z@ynx2Qz6?vC^L)VjUi)B+-|&?7|KSOcXxXSM*nT0X^N4(#-Ra!BqBCshmU()nv<nc
z+)ki1iIex(rIp_X9-9XfqNX<{oC4iHrG@>iw}t@5;<8P3Vt`yk${DlLfw3{u!;g<4
z(MsY8^_!o_m2*IHZsgF)4lMZ^vXWhj5t5A<7D(~tL}?^H%|L++i*?{=v27o%II$0Q
z!9TIF0%#EZQ0p4{!*v$96btBJO~-=Me%_WFO&bXo9d_SsxN@~dZqIN`2zEOu-G6>M
zu!%76dtD+5KJxQ!ZA}rtCUmp{eL$dfh31C!=Yi#mGdN=avWr#nrxo)d@bb#+L@7Kx
z9}Zkv5QLuM-dg*We2kfYyi+}6F_n-htrbvDB)V({gZtw~{tSuKK2ala?2>aq6ju$T
z%2LP?O$zpm$d^QR4vyM|`bP5Ga};nEKrM9u<JqHf;@Ph#6^U*P_ae#Vqqi;<gqq{<
zA>3pLB3RC9SCIcjqW+5{D7X}Ql+v~{|D?3Uf1lOzP`8tFV^FAH0K^<b5hB87{7ojs
zvgx+j#$<z=3rogAfwstR&cl+GNG%;P8%aF55mF8FI}EZkrxrIR5yz4=jI#QX&+RP&
zi`RwsNPZDrh@mf9r$*~HE;0`iph1835sOd}Vt<0+Uj1bh0V`bv-OCGS2~<7ctb(rE
zSFsy#9j!vRcO1@?caFlZI&fymGe~Ekz|={VpE-N2WV}(Zh62x?f)9%X&8e^`(IZBo
zl-L)&RDbMB@;V){45mR3jXZOpMB%`-bxcpc6dAo|xX#<qnyYROT9?EKVK83woAM`x
zr6mQr5vMj?EX*6DY+!JGSeWpGvFGNcq4^jKlTyDun_=-P1ochQgYibT28^<qOZCqv
z4TKql8Tr^REPM)LDU|%58;2=NYj~mi>?3Et+_^-nZR%SLt2Md|3a^r&B_LJX35&tk
z)GpPjeZnRs{H<#0k|<O-#u4LrLd0^KUZVMntkI2G>5wcfrDe`iS?1=IGQho3P&BJL
z(4I5b)eP?-WhN*cU0LtOdj}fThgM#~`R@Bo(LT6T+CBQPifDhfH0e7<&@j`gw_8vC
zz)?xQeK<%Cq0!Q4j{-Xy<+?x(%YXMp9%zP+EaoIdy4)czBQ|R{es~eA<hB`w8@%gd
zKUbj6)ea$x6AHj*&KSTAv|crshQT%ol1AnBvi03j@9-QB(sDU&CmTahCa7*e(l$*s
z)K7vqumZ2`_C?`QyEOa3qeh<GTJj@#QD;f%uIz>{CatM+age#2jwM!u0J6I6<ySZl
zn)M88Nwf>q?q!KBBbSkl_`}`dh#RZ!l{2QJAX=@t5o-;R+-w?Go0l_FbbN?73uC_m
zFX#e0uE5d2oLI-55j1)gdUxM^HX%G%_HvdPJOiL}h=877)#?My`hW#ij%`j{1=R_G
z4Y!@Md;px3mmj(CkSGjdj+TP9wKpS=A>_2f?tZso_EqzxRE16nB<>GlJnfuF3ewd_
zn|QWGL1+}}KA-VefsmSX5nf<kam*%SbBwD|)|u)KsVlXv63HU_#=@>3=^9N_PA(n+
zd3+2^L2r}46W63rfod@{%4LgEh4S;sR7F90fG!jue0lfCwK9n;DY7Mj4@7=kjhrQ!
zSbQY5+;4b)%pDagkmdXeleXnniMA@LU!_Sl*w9HAo{}}Prm*56=8vfRY)IS3*=tuT
z?9hNRI^@8KxtGt&xUYe^lu#7wl47a*i-s6LO&#wRTtT8&vyf$t+8$>e^AG$>2?J%X
zDQ2pKs;GQOSBUsdEP2>g#ib3@XAn(gCpgfqkq@VMHM$aCRmhJ4Mg8719JE1Ad>9yA
z`3G~J(3uv5Q9@Vv(#cZy<gFWo%euvI0)k+j5X}v{rO|kT7T)=RJz~{e=d`DHI{(~>
zvx?Uzl@(U|WX#C}HU*LMDilCoYF-Z1eVMZJ`Y%))cedHzn!h8n`D)04m5-k;>y&?J
z3-6DOS$XjD$P#vmZW(D>)=iSu;qj!=vh}rj_t)<))dMgmkLArE)a|AG)e9CI=J95(
zj&f@Wj#gkT?#y!Mww{*!0j&~m7jN)1!k%|;1z}&n%@&gt|KD88%*gbQDhAiTMhbU*
zBZb!_k^ZA%I4POPnAmQ+dMi0Q;D#2t0~nsQRIN?y|B~sTj*{=!ygYH7VRo`x5&@_P
zd($2|d0A#A&jY$(5j_L9&WfJS_!n}-^OGiJrun{0YUh=S#S+}c2H(yd2Lt$3*92g~
zu37FL6*jP@C=P~}hTdH|+B)gG=?QEae*d++UEa$g&c~vf5R0GPxEPYU$|dm6{6i`e
ztwk!^&e478{Ta~({r<Q-5Ei`l#-QhZVGrEjhU{_x@9BGQcLLthMVx;SttJU`NG*j_
zv+*KaK3ZKyaL4}?9QVnPcn&-4l#(ofvu?v6O*(UHlBNIk!6;q0CzOGQ2ravf7(2hO
z>%nX#b>E}!&miHNN-YSwLgp7L<<lx6_{xnlEDqDw+l8c)H{aIF8hS<^;F~IA#X!Cr
zpaL5efqp=N=3RnaK>YL?l&278_!3ECn5+mncTL0>9wKpAe>%5T+btdx02Coi>w_gn
zv8Z&jV}~o6s?VICnp5+B-49H9fJO~V7J@HGQ`A<o%t=g**6E?@wVY2I%oHY8=BGdu
zMHQS@#&#=B+JYfP##+66k5BQyl^j-KI;)0i=3VCIS{9~KfnBL4gd~{17G1NCKPZKe
zGyn=hX51N{o4QSL#Kr`bFKgNvp5S(Ud7el&7ehWr+;2=r4#W;@LT<I&vM(;uGxn7|
zE6CD~p(QB=9Mhb~7xCRs?Phf+l<K=OKSO&*SQUsMsYP>Jiv8=*Ch5=w2MDvfeCecL
zh$*1QC}3u4Vuxc0&7OjzbSVYBcbJ#xlaW7Wo9sjr4eH$2YJxQ~cR^mf&Yf#FvNf!F
z@yuuf$zT$F-P{gigz^TEka%cryN#|pba&odpsmg+%p*-`KoL82W$93U+oDStE|{+t
zd$b4x$mGt|NozvM1S(0ef%s!lIaMK=$BoL-kM@S(Bw}XdpB~g`jU&?*e_TTW!UmFv
z?;Ky4tF!v}^n}2@=Z~F`bWxC_sD-q-L$`xsUXfFq)5pB7y#lvz&c_IXUX3`Oi(3pK
z10F&xUS(A7C#BwOpfd+}%{H-QLC+q5+b8~07s>k$xT9Da%;ESAq5@i+=@|aIt%}#M
zL_}M)xD=ea6b4Y`3VMP#6(n!u`fiH<J9w@W)nUQLA#*NSVA~})A*2y^Y)Z?~8aJP!
z5q#G<){aH{_F<A8Mh^^L1b5N}SzEe{%863bt%JPLxAT(OG6u}lRjd@E0*{=q&+1OH
z`>IjJKPUI+c_2n3GWxLC9TTGj7fe}564YJRsWQTG0GM1{m4X~d%|~daRYLYQ8)F6k
z`eN|AU;FInu4oMdPNc9+eQHPUG{)>AmabB(5vcy?C!JsV4;EX*^7#3Jw~A<#z-WyS
z8cIYlR^yNx$xNQ%VK??1`I5%S{xo;MV%c-u;u59Wp*}3zVhd@*Vx!n{jlK{NTsu6*
zs#{jfRsKEG`4_Ijj%$AX6#oza22{BPW?~KJeM1NvlU`th_7D@e@3Yz+cT-1hWSMwx
z9;*o+SR>3YEc*Qj%Egoj+#{qXl}>!2auUx_34Z%>xOE|O$cf+bb#>N2(2ViUQEQ^G
zxHA#?8R&89hrjz~#vw{1&)v<3GrM*aJJlF|IVz$G%^4Vrdb?9UT45)Sn0-^K5ARQe
zyuVixz66v26!`hQXD6UmeP6YEd>$P%c8dJ|qQySRtpEpn1*e%(1&6m=dzy-Fgn1De
zZYOLkp3G*r-4|wo^udFVhK>#43JeshH%Tb?0h)>>`WB}2`)0wPkquhO9{gY^x5uaa
zZ`GvU>tLg7E6Hm_fyl@mTvv-4i&##q*{R@BLvaau!j$$8hQVoC?7^!j!5+}Y0@E{l
zuMp`|5ZItVGpe9Iz7?Mi(Z$<?KT=l*SDZ%~@>u3a@NU$771HFW+8-dnLjjU0&@7{-
zs~6_+$-d(6CQA=p?m*-RZv(-^k-1ZA7@vr<L|2FZlq6XHDM_%f|9jCwL)Ug!9L@Vk
zJxZm#|6A(bW~q4$rU=@!p0~kV6CbaMgGJB)5s3!il%LvO;d{ch5Q9NQzas5K)y{mR
zdCuTv<}s0!tv`2fyLk@5GyhSKDE#D`2g5Cnd&E{ldyqJ;84G)A{zA5=uFJ#AnNYJm
zEL>u}*ZP@xc;MBR5p0iBG{@UA94*&#BM}%tC*%|jfMfrew^L>Rl$?jW@fHSk*e!&Z
zegFqOR*$wkg7$zTz!4Uis84ZG{6Sr?%u}F-mPlgd&t;nCPA3fo@HuUUyg0ke+XUz#
z_`J>f3bdW;H2bz+BEDW+{{5bXwSMtOcG|r>N;4JJ*FrZFKv~#FM5A#%a}-|lM-Y2E
z6Fp**G%|x!=>@35D9x9NQ9l-s*9V^b(M$o&<1d*+TY}`wz*TjrH6c3`FTg-mINi8c
zmq+f^3Eoz{t=uo~g$HWqg<h_s3?{^6KYt&N!1gECdlK&ao`}sGqOgnLEH-fMyR<0G
zs97+!nLlwaGokIuHuqy<a%4_cB2&XFPJAG9Wjcy4^0|r@fgPo`ra02FraAaG@3h~D
zG2+*h2%R1>X17J|@JjU`7!t%5xMeY{g5CX)G|cJM7&T3jGksYD)mdiD8{k98Zp<jT
zl>3`kV!$g$$!S|UZoE8<k`ZqIvpw=LaYU3wGC(seBwPaEsChD~n?=kvl(pcU)#uH~
zW-*0rHe44)5}yQvJN0DX*X&30j6gz4EjCV8%!CRjMMN#@X0lw_{^k-U@2m;Hk)}%N
z{RR?VJjcaQA!CT}6ET}0!w-lb7nDa*w{>-G&NYk+_E*$>EEqBG<>UFb<J9obOX`yT
zIZv$rF>qu9x@m$DoQc?FCHF&DnYdiKOyxN(-MPwAt6B|;!dAq1_1uKMuo#xUc7mp<
z_4@G_w8@W2`9IYc{NPZ<LlYh!Zc(H&8d7kFF_rwGCp6)y@>xHUxmiMXbZiv^!{c5S
zK30q?zdIk)+nsf<@9Y5?TDCi};x!5<JwW&>*}h|P@2Pm-P$)YMR{#F+i-6auZ#f7B
z<CA=LybbLC6t>J(^+EGRa^cTuLEAnQ_)?Kp;;y${>mp=d_RXa+K!Zg8IWgjhJXNBB
z%W<`p{8)}LE3dBJCD#Mxqt3}#+<%TJ@#AN5*;%UhivT%A+F%kDC52AyCfI=SrTD<d
z=Oxp;j@UwcCaT0HDi2)%>jEQ!#2X|AX11C|c+1KzP2i1rV}Nn0BbleFFvx(_>qSHH
z;rWX>hHT*AXJKR5g`qf<OTIXbiLq`ZG8ukcfeibUHKqR@%HU-@y5I<abyCm4!L09(
zyQ_qTcTvcl8#bM?Ys%!63@w_LEh0g1Ws%DH2&;|<5+;N`aYpJ63GLi2Z_V768cFhR
z9xgi!ji=blmp9%t11<G9IZg5436ke%u_iy=^q?UKt*oATb;V#b)0L+aCffwF;ZarM
zWQZSbn`@rOEXmPpEERDUNZt__|Jfx)sF#wvx`KeyD2Q3L_Ch3P%iK8hFD!ADx%NZ|
zn|14D@`zZQ-YQ*6U*4%{-17eBk8&}3Z=$~<izJn~0fL1tn9X|lpCaT%U>3%u=VvbR
zph13jPhyTYByb#<!utJ_Tw5t+Kw`uX^uf1-Zdr$(Pi{%sdLa{3)G@!A^KF=nKFZ1z
z?9r}_-zb0Y9y_(Ts@QRQOigs`e&0LWKj5kqUVA)iHR$^d<Xj8!zcn$R_HUYIm<Rf{
zp-{agl6zcc9FgLVte|9766%#MlC)GD#@xQHidXPd%-@lEZ*V|}J>Q@&Fnlzl_dh+M
z*;)RF?)=|oBsR`}T{5((A>+8tj?{goZb!j_Z&4x)6!&+pOrv41&0bfA&p06}B;Gtc
zTC{>hMdIUO6I>7`iE1Qflfa`6oZfE}@eQJk#kI_F&Yk75lmCf?lEfa#ZTfi{nmRn7
z7urY;<S@!?T4IIrSL?{YXxAz8PRX-vDYO(nOW;B0A7h95`CNxqxrxi88=jFTJ`!QX
zAZoQN;${{+*UxiCBBjtJl)^C44cC&&>5-Ym^u7(AP!xukEYD_#gJ+Pmmr<*eDDEET
zGH)0R?b0y5extwGjKY;h?>VVwP8r?>Nu@9?c8xqicdxvE<={Ns{XE44Ig#KDIn#eF
z{GFk`0eDwbEuP;B?-JRee(2h)oEa`$yeuYb8UK9@{qWCG<vx29%uL<|!GxytXF^V3
zy!}zmoGzaN;7^Uj@B^mYz@!BJTsnXvV)1A@^H>~3&}o;1e=q5Pb7`_bOp*!s<LVI=
zuMwuDy6hj;z)G%@mwbH$;!W2i_{d4AKTV)P-INs#g#JfCdNWhecmC_ZaK4A{j!nSG
zp*SOMkl1829HiE7u-@R-B4x{j3y+j@Kc6bMEbrNjvjElRa2VH?fxA~<mm+bkl(K;s
zr^JAzaJ!5USbY4tatO>X-2X<jj48TVi&TBDSCN_nU?^;wQH^;r98pqAg(B+C4-H~)
zrhs>ReLl6i|GF|J>&w{I+3i-tj@Z^!^~)by(6`_ha6Ez6iNh&<B=x5k-}0qXys>-A
z%)?4WT6xrC<7X$NzDE+~t84b8X`PnlPSLqFzfAK`%I}N^SG(i9s0~dTbg8x<v$vCL
zmJL-^MP6ct7Bhl5V%L<t`Cv0<HtpKgN&sGq2v#l9KKEi!whW4P0<;&0QcNEv<#m+$
z9mz9E>z@<M>7~WL+<T~`8#Ru|N%>c?XlRdjvp&avM|FH7<YC0@OMP)ISgOvzf?*X1
zm)xuGS;TH$o>Umh-h%vK&i!DtKu!-&t<btfX#wJ2!dUfR^ic>TP_g$k?|P!~bmgYT
z)5d6V<6=yeb^1$IVg_em)?S`AO;danv@$Phn@9ZQNh?F|+L27&yLV+;y?K@%Di03^
znb&I;5^l$*d+TOATy<`mPdT5G52}m=G~KE~<_{2E+IAOk0p)Ut{FbJI73shqKJl`c
z8C9-!7x3#=)NC&{%2oHGhEv*~-A83g>N9siT=2B~F<5;uTz0Sv1f%wYD)X)$`Bg=%
zq!4B?B*WtaN6s}EZrXmawqq7uRTWj3uQjyy=W0u^SofiY1bd2z_iuN7NsA^w@i-<W
zS(>5D9^^rPpr~jH@rS)6O_ZY_m#YsTCf<Z*5-*lR`*GXx(LpirrHC#Bs`pz(r`-Zm
zvZNCw9`HYE>K{R-ryP$9tX+sfBJ*IygtlHW)G|oyO*D>OTQQyra0F;;sM*797)ELX
zsZ&9vhiKC#I53slD#P#CNfiCkDP};QbuMueeBPJ!WnDb)?=>6|mP;$UlJaemgoC~d
zB3B?Ug4rSHm6rwYyolYB+j^2vZ`&2!I<apXiI8Ny8}5y1u1fk7oPW}+>%>2P=uXm_
zS;!nwCzm>%xCD4Kjz4gUubIC}sp~KXx5pCDndLa~NEBA4Kut$4VH<E$NzGD&lNg~&
zgi%t`%HYBttr*4eT%y-n9j_s&9<7B92ZZj@amI57pf&c^C@rYa1k5SY1UN5c0g?=w
zuCxrablYVc)LKu=m0(JE4lkDU)2dLG5*D}zfUN`JS&VZHlRv6|8Af3lDeAo2>2974
zan>9OPKN#}3P9=rM%EVE$s9FZ)I#^OU9lzYV*h#~4z0f?dPZ!F4ev;iK$y-;E(c?E
z6mQ&vmKsdYW^wxCk)=)(81FzD%d#gfsfCMrOo;?2n`!_C^9J~5k2z)3m~aQqpN0B+
zrdv7?KRiGW<?BXFRV|`lIz``fF0?ldk^G_xYn?G-u#A_$4SFGa92n6mN*`3E7`s%#
zE5b$Xsn~P(dgsR|8G-hN`02f)`urGc;Nr2?gPf+`6qro8o5_0J%I5_GehfX6vs6fj
zw#s;2EupP<UR#9;$gx3LP3eUUwitJDw8GYrw1I^B0^TC?`X@3Q*Z=Ca{QpDx;o|zg
zpdV%q=6_!`r6p7Q4f@&I*2_2fJ%>)6kN`v~NMNU(2OdBc*(9z%X>J;j=WqKLGVcA&
zXYmH>hIHts1722eELR6!`0n+CVnGURksw_%(dpO9?64zjlDFTrigyqdqfyZ^-k<9u
zQ?7k>aVj(mIlHpzO~nZ}>7jJ6tA-aaVgEtj3_Btt7n-;8Rq8(Z2g1=lW1~qBGi(*;
zD&8`jHnKjPd61QxkdnB>_9kg!mS3Pl#IT4khFUnj$#F9HNy7INxEMk7wu0d4k;>@f
zlIWJ^u!hc7YJn=1ay!xD^pQL8W)P}@CH08r;)%~1Qh6D%=rGdmQA}mr!ww3jdWBGB
z%)_kaC4FXjAqdjYG=L}r_&KH!wxSoT?x@pQq;7u;d?Ss4TdV;bH81!wsfk&_mRghZ
zLc?h8N5y*au5-|<mO+11DaNlp4Vd9W9A+4bPerAEEQsuW4cP+(G)T)hKV9VDJSYVe
z>ER>b;(UEaIZdiyFL*57a%%-P{RE+A1?=BJVALvOyJ*1{MH-;BOY>g3%xPNKzI2S5
zw@ahZE5jPFbvlH5VA9@E&?>k_csP-@z{#vG)tUpeTt_?s09FktA}>#k)4wPRH7s7p
zX=#;k-N2-`Q@hAC4s!<m&pO?!R{3nVVw+p_l+Gv+xouc2JC7+~5E6{U(jM;Kai8mT
zmT|Li=)T(yH{a-@GySRW?(T($jcT}Xb;`5!Oe%7AJnf$M-`1MQ>!1xqrDvKA-?ytT
z!CQ?8&-!nB)y%Jt=RH@~T(8@&^zg!dO#~*9DMfvtk+jMoxbj%0RJ?Y4^g!jH)9qdF
z_v>>Lw|lA$0hds+`3db<fGF)&?lo{xmwUfT_tT2}Snl{|5TeRX<Yy51WsleAY|k&f
z5Xzlz3ll-;o9%M0UI<5}@7;v_k55MLo~=z^1gT{+2E8^T_|>b+9xXlIPLHh>OiXn=
zqc5#g!jc&R9|U<62sG_L_&ye@<wyMG%p4;WER-ypYv0%NRZt3Vhwusd<*<ps>ozZ9
zvJ0?_!D&)=N@GeVN-N57xy9^1X3O5DoBuF$O}@t<jIe+Is1I8Y-ptqg&Z_U#rGTef
zchyX2$-L{6Z_n4r$C11_Z<_-TKWybtK<zJP39rACc+r+r38WiHR=Egg&)ged7dx4u
zK<lp)PcwwSKJM=UzMm8F41_uS4-db1KYUI*$4N{Iv*wi?j;b9ptpM=l7WI$nt)Z2p
zaPl!ZP;thEkYo*#OQb(`eECQlnW$$n?==snO3G_H<~x_8$tuSj_|mzK!v4mv`YZfR
z2O-YaNe~ll>(Lb>HGohCi#w-A6ffuwN2#8}&L`H_Z8gzsku7aL3Gow%kDD44bL+~P
z<ytzH8q@EGPA9>{#^IQnE88q7ail?3g`tVWh(929iV1ifAro@zlFe7t6tBfaqB49y
zLE)M^12-3trf;=aATL-Jdsrh$$0P|O=!OJ~RlcdIYOl3cP6%(O<(BVINvcFYXuHj*
zy$UhJ>H4{cV|fVl7DiPzGg{U3$Es`+>18?Vt*N9N+fZ+Y<&I39)x4Gs4~c3hYL~UJ
zqP!b?W`W~0NCOy|1oV-p(><yNr3(TDfIRy*YF2cj$kb7f*)U77c493}?J}`O<`rrf
zI17`dFe|i<D$GHgNv71;)Sr$PocV5}#96nsdM#z#YBRzME^r#G)KOB|LR7Ag0BUHo
zyq6f?&Ted>Q+kW&apQ;rcSaX_)$6xuQzZ_5^QEwvh6@hRThpwsVHiZo&03gtI6U(}
zKWg6QXuQ|Jfvynz>E#I2ER__lpMyw)R4Mb0XqNK{wh3gN@7Xe-1UjzAIR4jp#?q!8
zcL;Tzt5!mPH*&dR{4#B;?#2xjUniof(VYcO-(?n;S&l{ZdKO)EOT#0eMp+z<Zo{O)
z%RAk_*032CW~Oi?V3MjdYG7SlCL_YyTQ?f6FIIiQ6fohO{?fs3j=sc_m!gC(S61!b
zNUBt@-i*MID5<dC&cY02fNUk~XC#M?-%`e8eBqsL?k_}?3iNBPX-UU@?hHm3c`M9<
z%r=BLzLFzWfeF1?xt`QD$$`!pt#z`ppN?H>p<#L0gzdNKNi44+o<2M}x-UCqE6_e$
zgilk|E**)jMh^fPI7O{dfjH_(dHamAYv{crH^_GmH+CegI0`+6sr2yW1gnu)9*6<o
zSdC1WY|v<u1hk3JNW5;vb=|UOsEUqMc~;1@l7I?<InwC9a55-10pV0rKivxQffj7(
zMu^W$pNS4qHFfIdUD1>*Obby9A2VEGTj&sO<IgFRDIAC<-Xa8ggr5gwdVJT1-~p23
zgN7VoBk((qc6S#2*=NTAPYjA&lNVQg*ZS?lK!(i9BK_uy{Wo*ajisL_-c{H|*tOrK
z;9PVw{4pcX+jPy0qT94`nFn*}8&_+P6S10rX*I;FmJ_f@-P)WQqLL4bZL!aOml5|P
ztc6>%%cXT_eIm@2YB!$gooIA@qBy&skmYR6lZKfM?Ot?jt&@J8SDxFR?hgHo4J(Z>
zQ*%nukGJ6r8^UaA9r$HfyBU1Qgw96+?*nduX0{^RvTYJ*E~Ug>ge;-I6R>7+YI*iE
zrA8BbAh^q{9`-`_8~O0bC;a6e$6c5v>c$@1>2sL7U*L|GP2=(Vkl3dm9(UP3?iVRD
z7CRH;SUEd#ag<?)oQ&|Ixe0ZPRaX(~I;~Re1_cdN8_XRR<x<ctTDY*Ku%<ZW#7i|?
zQY)*ZfOP|Kp@T?7rC-1qn>Ba7v|&#sQkTsBg-Oq79?trO%eQYMXS<&03Wd0I=$y}9
z^khv=)9D9uYUjh2vv8i7nzn_WqeZ8c_G-<K##d`3TRpccaB#{M`&_bwoQC6&ce9MU
z{=}&>mBaE>fNT>nnwp$CFSuw!@EZW>aX~<Xm3>Y@6ecQUI^QA~vNzKbdwQj6X3<;@
zcIK=FM~@{GS9k4i418i~N>Bz)Ce~D{G6kLAOtBNnh4)bE58cD=6zdDWwT1Z_2B(@O
zYpe{2sv4iEaxrR-wQ6T1pOatLZQ{ru!ZEnq$&OR76S~;I>804tmjw-W;7ttu+TWc#
z<S6wwY`E8;-7?)r&dyg9#+gh-F5|tD+Mk1i0u9s9iVh1WQ@d}8e~Cel68gp4vV4nV
zhegk9xP0u5VMfyqR)<yAL6Jt2b#AXfAYVi*BxY!U?;CUCxeSYt(9saXHN*R2#OJrt
zEq|#Vl%u8R2kYhU6T*RtTi_}hU$n{?Z3oOhR6IUOmAfP7*eEqc5g^}^fk?idhLRg^
zt8yt?Q{Mbu3zlDf%>tRSt+JFmU8JmI?FyI?P?xbk5~PDYBgFowPy6z^4hPII*#VT_
ztGM|M87n<(F2-wANhs`ix&r;xn<cem79kuip}v|`)lwi!B>LYIhd69>MLDM^?91<_
zTE`FCLWkM<H<>#-U2%76cCXHHFPr{@w{QOY^JT9h{-TdDNtgK4o1_t!UG$rtx*bm)
zPFK#W1fk!l)z+gcrftQ-9Q_Yv2`d=c?eE!)j~p>ZP>p15K1B(xLp#E>ff=bl!fi>A
z%d*@0X^$_+rbTAue_ELNUj)qmcVXsRb^X`#-V06b#D!7x|9F{HE0kQ&FE1+T5#1RF
zfEsa8^gD5t>JH}r@U;Yxb0y%VyuW5GU}`2D`1?<-^ZRLSN*ujDoYeBM{()e1V{-4v
zdcW2g6#ALKh}L(@A4U~Ez!-)iCyYVM(f3Au)Toy#03j?zlJ0jkd0y$@xN)|cC2@1F
z+0K91VLngs0~Reuhk^1dhcT`g*wT5JDZCwS`DOp3mi15XS}ZU*NqC^VI5T1qil|gm
zJ)#YzEyd!C6tp_$VCWM!&JDLQS<3Xq3JZNHAo;LkZYioBV9k3+Bf$rD2a<#6PK6dO
zhw#}=gO#5TLjvqS_e_jVL`RGnu55sUGH)YH(oc>^LfxxkjM^Y`wn?*TI|DnYA#6y~
zv&1aJor0}S7OuH{-@gmSS4V1BSY_&1Qli;7aj^keLG=oee@z4&%*&c@hcc2Mx_P!f
zWO4J|v)T1(OLH~nhB2g0d-ZFw4MavFbpEx?WjRxKjgwLTd1?7z=OR+-dP~xcg`>4H
zHF7<bZ{P0_wuU)9j_UF7_Y1)@HR&JdN!S2(Q~U{wqr9mp#XS@*hO`1=74r9xfNW3<
z6;Z^>XOct0>fQJ^?w?fge)5UctsPuyV!kYIM?_OusOA)o7^pPKA0F+F<{GK0#b+X#
zRt<)hrR*ijlfbO*YR1lq)fev%OO4v0f4SE&sQ;`OF|r4P2pmSmi*f}DU_J=dHX<fD
zblIzR6ZXXfM9hzh7~-+x&G%}%dDfws>~-F73gFHDkSdMla0eV|T0KlKmi6&UK?Uyc
zCd}&SB9kEpC4${6NUv`O08UeezP-a_1#oOareLh*2Tt#R!mCCQX6#2*CwBGu7jC$|
zu2FIhymdo9qgkIa$yaSS`25G1`lW@Ti{=kr7@l0ph@ghe{4X3PBxDK|34tNst^C9;
zfv3Fzn+A{Owhw6Xs73emqbz%2QUp**u2u|sp=;En8x^Bohsgfvk%??bnRSDAeyp;}
z6`pL%9zvw%;E~zQsD%?V9v`2(*X0-uyy=6)d<KLFyUTfimX-9%E@DT<QAf=}HAm@6
zvdcA{!gJboI^Q1w#14tfFcFl<mI)s`%UaRl0`1pY|8_|%<k_Sn9YK>JjzlPIr2?w2
zoRC*t8rtwU=AaTvA4C*lbT{<yT5{xVbN3|C`=4JzB%cCgyEouGkX0&&R?h^J0$M|)
zQb9!<ygi|!qYQ~*0%ag%KfuiUch>V^q7d3Z;wn=0h+uhzex$a8R6OG}{B`o$*wFh6
z)2pZWDpcb)Odk&p1=m1FFolsNfjQPMzw)KS_uI$wZo<(0?x}|_fZeWNleM>E>#9*?
z0<a=cR+ZP%^<wGeVq3@I3*F$ZmBn2#(PYU;7!P%ffGgSR=A^E*7Yl^gzv+hYC@Gb2
zA8clov3}y5zAZGD9cMx-#ejr{1CbB~0g~X|n&{X%CkaSJP;KX`X?C2MUi#g{oC#K<
zwFPqbq?-N&hDeX$>BQ<`Rr{2MoJ1_s0E$Y9fS{#LSQcjS<iQGNh4|9<$G)NxjFHnj
zU?INHK>VaVE4}RDSM5|R+qHD5iL;PR;ah$i!=KeTOFV|`LVnk0B@7=0O>KA0cI@04
z{{s(NT?(GCN|bN?)Ib|Cs1dyHNJM$90B6_zk9*q@U{6Hq33JxGVv5J)Fq_$tFhv_M
z#ux?JyL;5TOAn-yxZJFsu>6>g9$J{#2((Xd;nfM&<_F!(-_p#={g%un!1q^!=ns?m
zI=U_cvJlh-Od6XD>#<Hi?rXA>Y|31Wf~3mE_@u<oDRLx440w8L%wxDVa`3Zkjrw(X
z&S&dx`U#k6%?$<9l1{>~rsRS8TD&Mk6E#*apo0DT;VJizlg|Y>hvey?&@Cc}X(JT!
zYCX&Bi=C>GlC*Wxk3jE1%ns%aHBM_pL)c7lp0l_4SqLm|5REgYU1?%}>x4TdP*IAT
zp{7lfkRoAfKV$`@bL&d(HwJNA<9zQW=k{r(2{4q?TF3gUt{ctPVB1_yDAc=erZxAi
z`4${^ieMw1t^@*&Wy`}Kt?iPtFsgQXvp?!uKgrw-Mb@`%qi}ET33+s*_EiQ2Px_yC
ziYk<st(8zma(bmLwjCV}HaS)eY&|>MMf%apQjMY{f`E|Dr<t5Tbjj&3&Tl(tGgyDX
z#SW_ez%U%B!sQ8$ny(vhj<5#Dl=ZQn(grlQZlY6snD#P31fGRDHQt<E_WEgR7gbm_
zuhdk)?CQpNURs30uA1L1ua*O@8cSBs+98I|p~X*9E*q?EeF_mfM5-nXuP27Ef&u)5
z|A(@7;IXygwl+(<Y}>YN+qP|Emu+j8ZQHhO*Dl+xuIF^0{!Vh9blzUc%K8C!GS|H4
z7~>k)uwJP&sQt;1>v6fWZ`cfPy=|D<V@Hy~3&*RFQF4OPdIBoVCe>TFhGg#{R$SpY
zdy_<IVzI+-kV*+b3fGdJ-Y!k;Z?BhhD^K6I8x%-U<m*Hga+yV0Olwa9*zdgH2bH+s
zPoCv~^oMcs#y7wqu`h6$yeZq!Q<erByBSMLTrZK{)*tT~ONP{#oq^eDPM|ERaUFn?
z_GdvHzZ=q&kn_gOscBfFv9G|fGdW?q4K7}i7@GsV^h|%ZouO1GGla6jwkop6U8<34
zKwkx^N9fkSmG26r#L<137T!>Pr}0I-@@@9*AqLN5pZk#&5px6XUln@iLFp7tt-`s_
zNJbsD%xF#SEH;l-M}7m#1+JU@+s42_|G%XiMn;zZcw^|&&~VydNBr3s^p{j+6jX?y
zZ4u$#bJ@ok#yCT{8`33BRT@DyHpL4C6*F#ar+jxn`EL+u@W!qJW#B>D{Y8DZ^n}=3
zA?<HI4#!@{<Yv^d2gN1E0`4d9`^i%n!;nQ1K#tFMjYbhNq%Dv`Ye<EI);~HNa3q?m
zu`((;#VgLMysB(nf3^*uFQ;A(Awt94$%y>PhwRB2x$aE(lR-cW=3#~i3OLn`#Mqt#
zeV82|Sb9TB*zWcC4L>OO;pkeKT6Pb&fODPQE8DQM3(}Z4Wa=<tfmOR>q@w=nemN*!
z+2FXn28aOz-Co#z_KyyaxiZ@E@-%pCQWFc_Qv0S*gquq}B*^AcE+-?T6{Xf}9PT{2
zElaX%q+w;d<;NE}_1$j#m7Ueg60-zQ$Yy~b|7sC3Ls=)v4z20L>*?v;L+W$SbZX@5
z=>{AgZ>vSu77`|r;2(>lMp%<XaBE6fk(E1j{P>7o5&cqm@`ysbHwY(fxc)2w#PGBi
zh6RLRC0UYu1$q(?3W81khIq1TGrF1WZjXCUj}0ICN);DW{L$E9d-lre=wC!ADJv3r
zE7c8)6@qHjd^8=vdAB3Z$;U&SQwf%W{q0OW*i3QA;*G<4bY_WVgY3Use(z)Yy2Lj5
z`hpP+qs}1YP3<pCmUW8P6mx2oNSNL-nkWR75_+F&OOwOeQC`mengC@(Vi(@!&kQ|Y
zc?^wgbc|;FYzZv)mKxEH(2sE61aR8e7?&)`VD4bFZ6B*iS!8w{-aNWS6&pzMG)RR>
zkfy$=s34%PM}_4@VgdDO-i$5_i!+>ZRKV-?BMJd$;{Bx<J^K!*vlj}0BMRqNJ^5-9
zj^%#9$tm7qM<gElwGlrJ$ah;M&esETx?5lk4*mBN2NQ-~84P{abs7-$aMupr%FE~2
zRB2vBYKsXnSsY(-t%WF<Alw4(r?esv`FT4aV4jz}cly}p6c%~*#1CkDSb%`sozPCe
zp_ScUNCFlIhnRJkbN>X$KtN0E8xAMDK8c{0FU@b!=OY$D0?3iH)yr)0X@)_mec+-1
zRKWni0Cz^_EtV6hSew5b8QvFNNPWrY##PWG4S7seP2U)(`C`wKIxCPHnTI&tR}F%6
zE0Q0Gl3i)Uc-K$h1ZaU1Aw@uZlgAExBop+fkh$QGz;9hWTK`*YMGQfFxdA{P#oOHz
zLt^@KtL!%Ux3$*p=C5ncsB5im10!k0B9CPP(<`NcX=!Q9DR2hEAZMYOi^u!F?!EC0
zX+;vIvgf9HVsDN;?N5Dp^A%1gMmhWCtczYqjS?UZdeC8hYVVG9zgfO*UY)<b{?;_y
zr`k<}#(ym9*h80<I=r42c0QT0tOCXQ*(KOcTF)10bu?_~w&eVll{)i2i`M0tUiPbQ
zg>e|Mfw_&s9|Nm<Rbc%#7lXF$OzR05yaPb0K<|%v+a?tabw`YYG58wTb4Hiu2jQXJ
zzw&#q$B+r0k8G<xi-4`51q_p)R5H}LjI6}7_;k`YBZuQZMJ5D2db|ih=9Qtd5&Y9V
zn=!@8v0tH=$FXbuSGGox%bVxy4j2A8itky1|52AP#&9|V2w9=jm>(8&d3Vdr=gpbn
zJbi?d()a`%i3keV89YLS=7`S9JKc0$AvQZMrr@Uq62fJip7*h<tK^?fTIHRMXiB24
z65Chf<}@xqdD$i)a8R%TnTxmMuo!Uj>XXvmqnVmAl~*C(L^{(*w27W6)S4K3cOjiP
zV?@l&{N-|c*6PRzs$Ac9LAb7=(ooAj-0Hfvtn02>p)UVUx2g@2)C#MvrR}<?XOrzu
zT22l-*Jk%qO+4g;hmpPdGyF?+@8)SMx}8(Q_9c^aZ4Vcjbo9`4jLse1lYRW(ZW4fC
zN+N|4zBwa;dM)ji{TWm~;fmf=TD6Ro{est!I%k#T1jcWE78_=NK_4eg-V*D5+Qp<I
zr?fOe)!Fe@>c$%wX)5ZexSr}Sk5TMDjG*KPele$)VzZ#+62^3rL?9?ZAVYY#OZdMp
z=`E5z-qCt_X?f9Z{JP<;3s)Srfmm1?Bsb3=Nu5~CsxY}*H6)4Hz?>ljPAO<m>28jJ
zr3=3d5}Fb{lu|lmCFQ|V>D`cOvFI+Z3=G_i;ZyJ3y*Y0R3FKBr6iBdhdQM9~ADZi<
z#qQ3ln_Ei`&UeOLe0Psea<NJ+(OAk1#o3DDB+ty7Q4KV$T~o4v<n)3P+-zGnDmn6z
zC@pXv3oQV(=j|^{?~yuH&X_8aLPBo#&}izLC>~WwSkl?vek>AGP^IbN`12us!;FS;
zF=v8Cw0cx&gdGgH8#9|}hqwnxSH9cP9$1TDD|Z^xA87#XgN{eKWAL}gPyT+ylDAb_
zf#I|wyQ%G}&zdja&+XNhsuEVbTjKkfHV4^K;IpUjNxi>pR1AC7e*hEVPK*014+wYk
ztjy1SaQ}MzOw9w(!75cKh%x<>Jr9#$k95&_;DBxoa7k{&_C=oxnyt)ilZ9Ng(`inJ
zOE^XCbKj$9BVEM-o3-zm)p@JLRvr?;T()Qrt5J=8wyxiRgX{e=X5U{lMR`+!TU~%?
zi)QRvV`TIf@a+pP2-l8Ui@i0G;G=kR@AUGfnfwWPVwIgs&_Gy-5tP$kZ{mcoc*QX_
z_$_zC)gbs7?{$%Z!5Sn))(m<pdRkYH1MX#VSF19)EoW$1@A0&ojX?jvIIjKS4dZ>=
zeHfzA2AQq)*{e3X=#q5R<c<;sDV}wEn3#<X?}DRx)VRfh$5fu#M$JEehdR5$XszZ*
znLGAsAE(-Tf(lhrts%22?TRam8`kX-#_1-}fmvzMVP@_m;Y9u<;;gy-x$G=)@4QTS
zTt6tMiP%JOk6#J=oxZJXg5|C8DCLDWYNJ!z?W8#mUqScYc!Lzx#)DH1>IA2*`wT`s
zaeYO|(|?#Bsy*?N(=~M+m*6JI5-N;;4)u7<xggSUY<v33%x3#EGL;NL&A%B+^+7id
zm*Ms=8xjM<|AZ|3x7mfA{y!$~{CL)#_F4b&tlvnRandWD6Kf<~#%gbSjXnOc&pO}K
z!2kx@^pmk!cvwI6y&g~KV}$i5UVsB6km{(|T56c#T>XJxx1Dt2IB#cq`6K1ZgU?_{
z<KPwWgO9*bAP!<kXU^!1d+LGlapIbVA;3K)H?W-=cg69fz6m@t<J6=wQsfiLA~m%-
zv7UU)5!9k`851#q%k!r*>ALdz4o!n(f1c<c2K(R3S8H=dd4(|*8SQPl_+055k%=Z%
z<h_+wK512=g6xf3hj0rc+<MaXp}X;IK8AjtNAA78o|;$~lDto~<;KJc;vtbha#f4T
z_ok=ZZ3)XBfJ{?hGIs07BxA4QE;mB~vcAPgfkU><GG37_7&NA(FS(fL%2%_}{)!i-
zQtUq;53zf9GxO}BvwYt(4x5va_OVmg3xsl)0ao=L&adjfz69>(dUtX6boF|a^0j|l
zc;A!xzRJ?ns-{zkt3C2gMU1GGGw8+d*Id%qB@yHP3}8sUD$=G-QOGyD_Cj_mdV47*
z%h!nAwIwZ*BxY(#E5ZnhbvrQZ7B)dOEC^E8-0wX0%w$77Z*yqJF58W-)=(xdSmf78
z8Vq)pT0lkO>98u-op8Xg%lBd0cu;iNdcf14Hq)2QJ}Y^aSO>1aMeO1l-*9PTQ_S#%
zYZ=dMlqT$k**g6j%^LXDdMeP#0z7R+oyU8LTISO^zB?SFA}_oe{h-Yo%gDiC#4&B0
zH?lyjqY0%p+~oU2p4k!?n;s|q&}?X%Qdv0Jtv@p}HS;J=qc?b<0}(g5HE%la?T3yT
zuDKmktWA5^8jw+3qfFRHx+c7SEdQ>hC^KU*@{47pFP6CsRCI)KYI1TpJ>_WATzs+s
z`FG;w75YFX*o2x$`9Udf{*tyA<b&Tzbnsk%H`F5(+I*EVOLYLGkrV8_v2xq5;pQCu
zd=HEzWkc5LeD0c{Qe)K}hkDHnm!g$LHxt>8nLUBizWHIwB+X)+2*^1>KP*b*O?t{W
zLEKIOwLpn%B7mpdObTNVkcSi0=QKd80INul{XWy^jr?(wO#J<KS5KS1%>V)V$OV|R
z5sv{l8iO?zba-J4^|7=j?5KfJH}2Bu;XgZ?gZAX1`pz~>d~+u|B{r-C=tE3uq>1c|
zJtaJ&lZ@Khe+dGlVceg`g|TJZtpNMv5d$P|)Q2P46&^w9T#7sjdIH2GCGq1z*$9@~
zG{q0*MgB}aoB&oQSkJ-!_JdHg(QBsQ=RS-bq5RS^Xa+SzQ-|B<r>o4*mW7d2cBu{+
zHOUZ=hGDx>Z^9h>ZTJhwIA)(vEd+l`of>s9m!B34LKi%4mq1!(k?(<AIg?sb@)xe~
zQXl7|g^`7}`)<b#ddkx{BXZ~gYzel)Xf6+9?Y<oPN2N$oqx>!>%>#nT;$AM5K9}|+
zFE1eMfk16`*-8WnL7Z+}x69Dy3b_Q!yoFvffQNA+4@%_w!>N)~KE!UOw6ayx@=$xZ
z!TD|H_<1S)SpH_>R8)>F9j86Q?_QW~zah!XC7nP%O%AhC=?w~WTBa3s*4VpOBJqij
z1VGJ3jWz5HO)c}Ds=rSPD%AyI{ql5z9n*9MejvFi;X0bjj;Im+{2z9=FWS}SFW*-e
zZx@H?&!K=xkvC0Sv92|kV9SDIOt$N^vwq-Fdf=)f6YTXgCiYsttr3q@QO~LC9Nae|
z)`!x8@+&%p(ryFW%ULH&Tb-+v|59<pOk5@|U)0b}_^&#PyD*yF`qwa;vYb?|<@$DZ
z<Lc&g^`L7D9<1G)KOe^VWL=-H(8QC4HeQKpdu_-H3Y*VvH&^tCT6Jx-I7JMmZ1ejD
zX*H6&p0P22Oya@*)SU3uaosmpXVQnX&Qy`^kz$&aZEYtVTH?@=MiXO*v|*Hy>xcCh
zP_W82NFP-olN*gqTFw(;Ato?1G9;1>;l?Sn8gmZbXHPks1GKEe>4M<WCFZ5W65|jC
zT#g9fpC#3nq`^M&AlJ{1>%3nOh|P*|D;3E&(o=Bw6*c(k4-X=lQ?r1WXjv|h`(Q<U
z+K@b_cB|mR*su)bD?I5c%2pg;tBUjBzxSn#G_K5=`o1~C{K`b)y~_YE+VMMO0~wbb
zFcZBSdsoZ*;PhC&w5B>8IbOPo-k&}1uX3NO;?^CGC(-G;Jw$opZYXRJm9P_-3#3Qa
zsOgpVdSh6lxVvq<l<~K0{QPW_T#_<1V41+Dm4Koex_h)Nsx)kUmxR9#kvB6qiGaV`
zCWPq}z@**D%I51sH1{~+p%xfp55QanS(_iu{q@}cS@W3Oyy8=(m;P|#^*Qmi^>=#X
z<Ff`Bd4=zYP~}?@DE8G4WE>0I9o+0DI*9(%g8(Vrrq5LQd{9;?naS5XqYU27WS;q!
z@94<d^<V#9+5h(e;{P@K{|EJ;$q74hf%Nb{_<6NWB4Wjj`INh`={jp#g^>+yRO~R~
z-XkC3=ba5fhSrNAw3rUv?oXd9$y@*+hIXmh%T={pd-5W<F)k1gDhdK{j1=Sq=oHwI
z?(;f+4yIH{GPWEiHSvteFXbUuJzTysTApmT*FGH*rQOXD!kb5vDrBVM2wcR6@KRdD
z+#WW{V3dQ}vN=Z)`~@>5{8c!V-%VL8_IX3C2o?JN*$5blvp0~zg=r7y_s$JFn!c>v
zZBgtc^=A}+Xk|?cZv7@6nd|%qXb=Ho9c-GEa5{J$q+=~+WbU$-JIb@>WuP_`uAm~{
z5v>{$1WKnEEhZsj%C`M+<`xJw#bR&Q)7(h{9$pO*83<g0HJ4&OfilPC6C-sixwR3q
zU`>=(_qp4j8!Jm(Zt>=<-Vyu_zD8W%T1Xh6i1Dn0p{QNVVTL^tuNRE6VNeb6R?IhK
z?<=<y_YbFv2Ji?>3oQQa$uTkf?<dE=$o?PaG%nS({>f?h9IL69D`QyjWW7h>J@sW+
zxna3rmHwgZ5Ts@Ir(9i3EB<)TzKsIJ67n<7SqC#_;&rOt;m8?T^?ImvTY8<n{;(fw
zEKwjQxqpMp?iZIjEsG<R==>V(crLr}x%7QV+YLhkeIH-Sux@mhYzO=a_sxVvS|p%4
zFpMewu=7vczRuv|hHy1b7cniyyY?ELzEQl0+@I$DN$+{ll9b@0K||PDb9;16)8Slv
z42D5ES<xo1ln+@+#2rmv{_I|#?6D;h@rOEsA0DR~MfFQU^fSBdGeV?snp`i<l;Hh}
z?hyj|>eotu^Vp6EoG2!O#M{zgKM)$ZpL)I|nNjxaSg_lL16O}=i1^_T<q6`=TIo{$
zJW`j1_@VII-fe#@jcu5)8?qsH%av|@|7bgS$VWkWaT5$k5zPrm*Bq}o{I^p}dp9>T
z6RY8(kXp5RU$-&<DX7r-SHqJ^w1ZZAefquQSX#IiHJt12q|(WcRV;0>u5(OB{(D$8
z2)Ow9<kzX+KPZ?V;*N4aZnXLcsnb6q6Cp$FtZN@giad&kU|%yJ6y>513Z3DXIf~d*
z6EwrV-wdNxi$vY%f+v&Ois&B-5qfE$e1xO^tE*TX%n*%ivU`n`7}C=Mo%SzhpEb~#
zdVpL$e30ONiZ_<5nS{MVs9|P|wlkhaeL?=B+H%P)STM-FITULu_(F}n&axY>42&A~
zr^xZc>X`bpvXYkg4SZ+>{|$Zz^gpz1*bKr37{~@uYBu)XNG=$UGnNu`z$)a*Y3SZ@
zc%TPr>@qvi384~@V<|2?W>{TFw$`bLoyxQ$^;LnE%lhs5sLNcV>Wu4bRWQ85T~Hl*
zW6_`RxQD-oOnsZv<iqIe3;;9q{?4!OKS#qGXhYlPZ<7%zNZPD$<qD^yLy{k6a|%X>
zdK|6q=zO0jUeJ-sRj)dn*;|(T=V89rw&%Uhi(_FBWvB6d4=!NDv0Zq$tzv7ZZ!&;u
zu~fP~R~G=H)SEaNU8P6-!pHG@0EA~X0D>*$PQPs%6yLvLS-4iAq&{$>ML;;DLC=BG
zp1<~w^3DINI$V?fm2=wzbAYE;Yt!pknwneF|1n1yWBePHlDO^bD9U$~_;aSV+p?Co
zQP3G73s3OP5bl(VCG@7-{IJ3lN)$D(J?pMwhu4%h@(oRmZ|AGq(Cq!?^Bu=<`cxHY
z1&D#hlKOpvonlx*cPhgYgk^7@6|7=i4Fr!)-&a#Q<hJ}!f-^|RZ|QF(w{dFZOm6>W
z+DyZqF%54-q&tt1T6|^*hEzjPU7|%w5OVlui6NwsoK=(8QKxJuiDo`C;cTiMf1|Jx
zvg+}MY77jFs4R<ynYwhGA8FZI)I5(LCdNxr?ZgVbd9BgYZf$!e$$OgvYb=-xQ(*q3
zNp)}wy0kH%UHeFh0Tw{qD;jJEUEqm3ju<0aBSin9%yju|P1GemI$@mtok)QHhD-p%
z*<_pn^~1!Rt(s+#H&|rA>#C%QX)%x7(O&~V7hpj6v)G?(j+ZGzz``p1>3sDusV#r%
zjZ#OP^o2EZ!YZvvTNh%-Iwr|LF)NsG*&l@zX3K}+C*MF(m?ojL8%0oeE615HSHx8@
zI#}+4blm%*hBrhg>r!I69rRyxTwuCQh0bJ|6~r=kk4bbhp%Z6V)*iK5yqJh!?dI(-
zbU|Qfoc}ganc4nrqOx%Or;yhr^$pttR(S7cHF$D)@!p6Dt|FlK-PUd9j49HlEmQ$l
z1NIn1EG#`ssx8oy5jS#0w6_#?hsY-a1exfNfxUDlF~SpA1m{imGnVb{V}=Nad}OgM
ztwM;H<RAQ@y24_IfSP|VcT`$T;6mIuKFc@m<)FUj0qC<^!w@@`%*D)wLpJRIT^F1<
zcudhzt@>4j1=EK4GiDDPxiq5i1j+&W$WIQg(BUyS7pwId5MeSA-Ft$DOkCWaG^)XC
z(dJ_l-xdvo$s*)P@j}9GH8DSJku?~j*a2NZP~3jb<|zX&_ML3Yr@_m^b@|FgR`c_z
zMD_SC-_7xh0<J^-`qFDCZaAEDv6YN`A9+MkeP(B?u;su4Q}hhOhYv|2%FaH0QJeCY
z*Bp61GMS=APn?mNhF&IVT7By%U2B1>!9nXwAXx?0&bxoppRT7{kK=mZ<%?`p)$45=
zhK*V%ER?_E0?GiSVG#ooLz>D45G_)Yma32wX{fAoAyXoP;@D8BU=}d<g$l>CWjIWk
zz({@sR!<w`Q=+H+fR0J)eU90%BRLQT7C3DHKp4t5ICNV)Ug><=p-~{u2L=yI(2Dmn
zD*T){{R`MWGYz-a?PFxktGD#+K=Mc&BS}tJZz7|@^y<*07NA(U%<7&u8_GPA{EwyX
zYLD~~_|YyJJYY`-mQsX6zfg(S{sLG2GA3}Ky>nD4)UEz$^zKy&z>wp<dH0ed2F35P
zmw@9;lBdqw?PSSVz=3a*C`td75ST{M$R|kJ_tEEX<Ek~6$0dODv_Czx!(p3C1y%Pq
z_nK~DrjyC7DS9Qb7b9?X2x`6-7Qnvm<ea{-C6Y%%dl->yP{ELF3KvzWhm$hlNfx~x
zB#S7YfwUh1LLMhlgua_5oea>a*pVNcT4hXz<nfIb0+o}(+HoGh4cKc<64Tx;i+R#%
z`?iN6krDriaY7IiAl(~_?*1uq&tfQWyHwqo5uMg_i2m@eBvc|k`gm_uLJST?f7<HA
z<mYBGEUjNfMb}kgECt9lq7jGyG57$;&91}SodGYK1302FS9+VSYXZp3?(%3>XUH;s
z(8@>R<B{*fZKun+U6%I8;uXIXGzXL>*vTiAt=6~j#!NIf4cbr$e$fi5FAT~U#aSqg
z3h;z7&boE1KFo+pWrLD(+G})w|Mu6!4Af!X&gWlq8Gm<5V;wDe_=rDehSv*>T*(rH
zNg<^M$D~HpWvC9xp|gCJt{Ym7!XWyx=z*6|l}0}15(aT102*4CHDD9{I%SlbS(&P)
zLQb!iB_Ri|Cu@&4o>hGi%;vKXHK#~5_XbU%fo@4@<3i>zDdv@suB&-0x~+$zReM#h
z-}9L7B?d46)V_U5H9&Jvzc0#If0!?-^2dOSpj*|f;9l(=l09vTRIK9BvXh&XLHgCX
zNa&hf0v83&(X#sG`H5_<0j*>WC=i4i6awZX0^&LWvnmjRR)~Whq_P3CSseSAF#$XT
z0)zto8@omGN@%}cH7OJoPJ41Wl><=jc{%9ot2wRZJO$0@M}Ph8a0zjFz;+?{mcm0B
zuVriAR~!O3Jvp4Ma(`v_-#(5C(G}YIV(cm4lC)`D#?`Bfu(P-4)C|Xb1rJYlq`YCz
zDvlHgpFdwG3&S%jUjO>t$<!L)7P$oe4eE4WEAnr{^GCD%KQPq)zSA-O(4GG414$=p
zVeM?<h)*YKZQyJoY+__*Yy!#43+d$SXkuUk>At?CE@ihN`cEj0T0R%w-?77v7V0o}
zFyew3R#D1af!)7XF-b<bMqF7*?{0(XJ(pTB%6M%$56oa_ZEx~olC2>}cov4RbjO3^
z;^Xa)RpCFwa{wX&Vp%ee{bzVGV;7wJo!%_m!0apP3vhIr6{SYrn*Iqzh;*@U9%XI#
zty^qTmxlFM)^7E6GcQ*PertUZ(~4A{^<3MR&>Y&!4!)0j?j&+4lYoFDrT--@U*Px|
z_SOM$vhdY1h4QSG#8RXVmG=UU07;--(##{hMo==aDY}wz4U?etxE41oPQpI#z$R$M
zI?ynmID!K^`b3D8UyGj=(XPK(IDRW>FbyKau+IUyt)4=ngzbGvf*2Hpd!9tbRa;T8
zF3Dlb%<YOEs2i<<KA(|%d?P&(#Rx#=HXa@nr9L56IKfwlRKWY7uPLpysZ;ByJAm|J
zDLVGMd`DnK)u>HY%!RF>UeyU43|qc42V@#Oh!!_K#2dgb{G~Sh0H1SfIJ_z!G2j<M
zwWyj$o5s}nr$SXUrcib+A5l32!hDy^K$sNy(O@SWxiLAQOEEPuF$hIP`rhpdvjoGh
zLeDJ2%gG{Jjh(4ne{T^cvWbYlRe;c`4#28Ce(-+$ncMjwO>{$?a0XbR@r#7$+p4gp
z7R{RML=DV`#H~(u$r7OavY<|6qmlC+9W57la5z~|=y}3CyBCcfPp|ov3HqdV#Nd4n
z)cBXkWb-B7T^h79*a09WygvGg5{T>%D+cqu;)fO3Q0OJNL_kiH^npl9g5oy@vp6n0
zk78(nb8ER;LNQZ9QHg2tMp3z8z{*7}_Y3Sf$WA9VO=d&PJ#xnNM*I}uj8CCz(bmh_
zb0A8^71n=L-6Wf^Xy;9LCD@5GV>p)h1Vt`JUoW|M0Bn(40foMV<>AeT$KlF&;Zt3#
z<enR}x>ZZKuVJUfQn&gxo@_>YPb%3ibaZq(d(ffjbfa~9&Y!NQy4?2w2i*(}H1)??
zTJC;lBzq-?QNX5h1bYTd>cw#J>bZh-QL2sD3)uIoQ_-*T(tFlSPv-z)3{S@Tg*+NT
zt95TbePO!1t95OgTz}dxUc*!@E>1wYlm?scSCG`r9oYE2-?O?24Q*Sue3fg_-A}rl
z<@xBo^Z3>sEm+i1Pgyg|rKjuAPhOB{&NUbsMvETja!F~?8FQgXi?{|nG$i;9b7$BN
zxA~3_Q~@7fOpj$Cjg5XmVECi0b}8~sF-;&{7GxFLc%I6LLqH#F!b{Ov8V`(;lA@Xk
zw+d@kWH`3n+F^X@FJB({a7Hmpm8_AL*VjUomK8O@p=XeKA*-((K#(h8E*x5bJXo+|
z1Ded!x0(^;N?TGV^GfpLoz^G&E&u-N0Y5plSOxQYMHosf@jr3KB14oHHIhDMx|K^Q
zy}pt2H)>^ob)pX_I_kilOlvS=jPE!=DfBvEvB)5M`s6W$R0DPJk}(_?I0~s+dmLQ!
z{`tO?At*Iy{d_evblZ|SEw~thrx!286$xL;V#|tMrZu*BQgYXe@6gns(5hsdE3|S>
z`21?dLEOVC=Mc9grD7OWivje;6m;+Crzvw{8v<DK?(i*aI@AiwUMPG!m3^W67z|0I
z!380?a)SmXUo+}*X6{wmt6p}vhIqBm55L^pjPCFb?@hyY07`8&|D|Jqk)HK`o?`yL
zQdMls|A!{c!1y1pr++nd?6BBSy`O7#51xYeKX*wWKz^-*uIcEbf&byYu!To2NLP@z
zHu%*H-1zM?gCn6!mU0<Sg9Zdie1~(E!2Qu0daO7=p(O6Fbi|*$8HYb?Yd*?}!GVm5
zZkk8(hzONLYDeY2S`4aRmX>OPU+`Nr8jJe36v=^azZlXJ8J*?VPN(>66C&?ssglAS
z9GzfA)r*)DdDObiSxfdFFlsyz)ypmnzP^GZ`mfkFlorQb#d58ed_(F*%Rmzp)Nbnx
z(cO*u4#2`fVswGPJS7=A%d3z-{o5|(<VtrCfR1C^ia@_9wq<~vE!N(_42vu*>A@c@
zL<cCy8w`*k2kJb}DGvvpA?r^GOG#_OF%+hh;!_Rw>785CJ-%T~l8d`FXG6qDnKKy%
z%xWD+{aVs1GlytG6qX`)O}piz_e_T-s1F4b`641}%!ESQNRu1_;!FP6vQUHMncZ*s
zS5u?EDk7X^ytKprVT!^;1vTJ!Z80AsJsCu<v~-OWlDMd<y>3<BEYA~v<gFzo$q4NC
zp%8@~w@QPH`YFHAN*tuI=}w1HRoX$%Q%-*q>u^~&@l(R|!U)mTG<e8GrHn5KbTWDT
zs-vMw8KFtSSPld%)O_;K%dnh!hUd0aNHR#KYVS>5JvgyEqZ*(@56myURYnq->eK*H
zyXW9f2c`Ch!;5B1KHWh4Bcl}Ry*AlNJG>DAd<!|`Pwcz^sk*;Z(J=JB!xw9CJ1{i#
z_GW#1HF4+Z`87g^_RXX9(b|nYJOKxRki$#+)%^0lUjoO>lS$))`+j}{XftHkJwQyF
zzE4_iHzKXT*moUzbEcx+2^HB>y;C!=@A5KHGVz!?bA0^y_d2I$<@k7eZ|Sw9`d9&s
zhN{vNGvcAMe3KIkek>i#YA5)*hi{<gI1n^X7|zikVyz{5S)JRtO{DU`A^^1^tQOpw
zC4h2K@!_(+NMy<p+!Sl1vaK;s&!Ma<nGrUNHg(Z|S`s%lG`&I?o|9ZJKLQW=*J|Hb
zK7#@;h%-hJ-Uel&>!iu(1TCBj|2O!-WC1o@qiG~AZ%|d0{?Q}{XGy@T;rJu7fY!at
z966?VdC@5QD7nKRzARELax^<pbC})Hi~XpuQ0i35r(eTT)Ej41w8dff#6esP??_mS
zb*@o3Ej0a-{@cQ!6pL7@jMktvqE0I|>}#CP?fMMJNguKgY~(-9<b7r^$nr=cnH+oj
z6E!_PohxmHV{PEM``6sZ%K7}n+!s;zjHa1aDHvdhlUD1!S|O5fTuQ3e&;g!*(mYfr
zB2?f#tvQ7)k+C=C>4pD#$Uwn@lNX8!kjc{*$`dU9Sz|s(LMt7u$=s==t1iiU0A&o*
z29jOc&UJ9a==2b@I>a=&2MN@cu;s~{YTR;XMZ4-yCAF|-vk}BIG0(nKx+{^%0BCUc
zYP;HrUVSyVeR|BOb?5tX#o_hAk+$oQJ6PK%)5oQ&uF)=)Bj+})Ue=?1zqKUVE~)p8
z8KB#WJ>Tg^Hif^4_XleetAqi3Xzmauidkm;QYzHV`=+R|S69;98y+E=BQ<hhP!Un0
zhR+oz%Rg2hdPK!TUgCM67G|eQ)r@~BETR<w#pIWc3bJ$&uHFey9lF(f1#LXSTzV+t
zm+L^s82U}we%Wb+HYjG8bsPmkO8A|ADxK>md7s&|cp~YO(%=`zt&ny+N#bcqPgUF#
zqcyXray0mkhrK|v6>UMRF%x|{zL8d4&tz?uWF*Rgcu2v(U@@1dRp>FdV84Lsu!)06
zU(s$|##W`1YN8H1=1H8jd>0l~gg4Ld7gQEmI{r0;k_249hyTG#K4~)4Z@RINGJ@O0
zT3o(8Vz6BAaY$3ENqPLX48oHG=mdsEqCCDVi!_JvPL;0(KU+!!GlTI<b{zv^ITEsC
z9aeu~W14Ha!iPrwh{LQd?MX7xds@BLl1a;T+A8Uoqv4);f!oY_!(0N-LG^^QhpH-y
zcpu#H%m>mtt^T^?Z;4{fPN=t3m(T69_L+@~RHF@3^n%OZ<xx6;E(|H<PgZ-WE{w&B
zA=yOFwWXY$B||;3Qo%A%N_l9YKm$&hv&Y|ybPO1I2P-E&??*k5^z4K=7bMuo6(4vF
zhH7DWc%epDl58>SEe7bp);}EnxI`CgqZaC+?jqfu&K#L8Jq|un<7W=DsL<9)C(xWh
zO6~;=ZX3h<%wNEVZPUispRV57O!R1;2`5=});)$7q3mz0RD4+;=eS2rfoZAi-V>c)
zP*V)2$t=anC0Mws(z=N!J#WY;J3^ttarSCfIy6J`=0wNcTFbJv%)wrllsnP6jC298
zeEvC|rh;xOQ5*Lw)^6gAm(bf79%hStpIw8tOqMqBYrf*a)WV|GQwx=WF;fYu^ASHd
z=w2MPPx|>Z(Yb6YEF2`~iq-m8Q08|UyM_`!R!dFuB}p8KHv@5;Xhre+(urj9u1T1<
z?<AjhP;xZhIc6!Q-iRJo_>2n5yV?6xL_}p3Z;D_>hvY(F+4qg<*z6~-%<Hb^_4D65
zO-sCHJ<a>x8f&~}3L>1$3uug6M=>)@?563*zr|%;KhA5(a)>prvWfrXcqfdqUf-c%
z#kgx<2trB1Gv;mwrIZPPW)?r~7#tPP?HsQfJe{MZeB?Xlx&q*Ay80x+KCx#I{58oq
z&LlWgEMv-IQ2FAWqBiS0y|{Lsa(q%^xSvcZb8mLFzWt8t{SJYSA$V@sf_bT&fpy=~
zsWA2k_uDxg(7E9j!TY*J$hmjsz2a|p#Ui{EA>us-Cj4r?FF@!SdG!IToq5#-tR2x{
za3O5b|A4EeRqgz@m%x7uz%VfVv~2#zFM<E9N&K**7!}jAIxa)K^;4zl*Q{Fr%QQ{Y
zMuQ1*10-OaGg7~vvJWt@pg~4Os@~$Fj{Dh;Gt=+AM@$c6=;y1t&R4dbjfDv@v4|vm
zr3FQajKtBQEZI+EM{ROTE7^q6f2p}t14n-2Zt^F@d<<OJ#>=QBww+hwUR~CIRek%D
zla#@dSf>buql;Nx`dr3hh6;$fw;3VNiIX#CuGsc4Fb1^21u0;N9eQ;;$|ix*2kSG<
zS9~fOZAWggK97SNnqvnzY3X9fYV0km6>HprJqZn*!wjh36j*(IZCb(p!RrW&G`%*o
z-@4Gj$+i{PuzcQNTS?8K{n7ZI1E)t!-GHB;Xx=`G2mYoA5GpE9Fw&N3Db}?SL<KSJ
z79#YgX{lYT`NVc~TRpA6@}et=28({zo$i-~XqBwPM-2-CB<05|{%unf2rg%12j+sh
znApx;u+U+b$D7+^W)5@+GAbnCh;9UXGcX=mSmbnb)2DCWZgYp~L$75bhMBggj1Ke{
zA|I&L7&96dQ3kO@QU#%XYPa;oVD4bMd~$hL@}0GLj+|A7LzT@pBwSa6AjDSe#Ay;&
z!mtR#6_#NK_Q_gZ8Z`aNmaFtq-`?1Jpfc*WB?AFb1<R;Rqy5aZviIQBS(BNW{;1Jf
zaM-rfUR|@!E)1o&$kv<0I=*)H4ag7&m73qP=Be*CJ5TuKyZnpWggpQv>R{sWXTzsN
zt(<kne($11|KPVqT}%JrSVb<npsf*|Cv<R{37B4P7E|#xB7tIK70|#6w}Bs(o-ci_
ze_JxR+Hkbt!C~W&Hte-41QGN|tOpyU<hDIH>*~L-7y7~N9Jk90B#=0D1h6~cQd4Qz
zhc)}f?)sb=HIgtNN+PE;K8~Y{Tl_IcP%!E@La)^nKsJQiQ%|sQ@&(U>2XPNC4{-Rc
zsOlZdK$qQNLNdgDpbU(l{A67$mS7H&I#HylY8+$wx+H6Al_Tx$4~cU}7G`SZw*8f1
z8@+i%b(K1n+dieQ!r?T-;milF2u`oVLj?Vf27sRwuIn0}9iwn&N+O~y1AnywLTQ+E
z0G>S;ty9&|_y-TGsWg*e5JI@4k7yk76i^WK4X*eg;l@avR@#RI*#v<Oyazd$l6bW|
zf`p?62=lJI`i2tP)*Xct%pJv7jpI8<e>Tjot?gIB=kqCJjVJj{3^dQ!{slLNY2<$0
zl{t#cC_VcN`U}m)Vk9Ux+Gx6#7d5h?P<|EyB*yhHq0Zq-8bHGcGi1fX$uINN4~I&@
zGY?o*iO<T$Me5w+MdB-6Y;uVQABg~wRSuGHUfl%z$)8^zTM5U?eCiALor{(ZzMbD=
zk>ev1iH_-PZ##4fq+^bE=9dnd8Ujm&znkkL<d21K5EXx8gea*RptA^ehtxwBP;?Gv
zDlePaddO=~d42UHJ)Rn@_5c9n#q_9TcMHpnxaZeH+7p71>E>6qE30CZi6t$`mkl5}
z_Lo5y*l-B64zk3+-TCWGDaS2LPF-4(;-k@#(x0;|@OVxQ%8D@g&pS?4Iz9ITZ2@sR
zT{7^AU@J~7VZ?-V#N^xBa&LPHjFYHX3OSVM6uGM?2%j5^AWs1*bXvN|h7%U7XCjLD
zz0wIYfI&>5hQT_qPzexo)h6a~Qo`9@6HOg>M%Z5cX5x4<M9a_R-Lq1@rGX(t#ca}H
zvvTLV*<o*IZPHLo(dw~L(X9GqI-m#V=05E&<3{rVHj7tq^KXOqNA~?+*EgpBKEC}Y
zGQMJ;;*X5qb&ui|BxD3G0WQ|moW;q*{sUNh;wPYqf^YO&?_neG!zn?dTQh#XyxM5#
zvj>5eI;M5CMfC^pC!7WjgM&9DW)Gz&410$+t91dsxZGy}i6T4$<E(kMJ*%WDVk644
zKXzGHQEZaXS{(Pw3SE7*{~bNFE5{PdA0RJIW!5nece;v6{}T(;<EaN42O2CrRp@WH
zKirkd_Hhm-dq%(w?>?-b`a9-0&*o*ZZKBy}C~a(tBjHiWGHPZ!ca;2yG6k=+T#b7i
zX=T1B<!>NbnmyF~IV7u6$>9#@npjRg^Q41U>3t9GTEr2;PZ|oFgKJQ&aw~annn`UD
zdSj91ki&f7tW?h8F@Ff0AzOr&tnwsQvUIe3)74Vbs48Qn<wiPnud@WlcX_xTp<%B4
zIubAfH;Mqk!4g^Ymcby}B%-Z$fubu(A}7HW)7leftBW<ib6ikdE~4T~@dYre-<<Yu
zPw(GSAPkI5|FM+6^dsf}-wb?wdi^-R^n<KLKVJ5-gJy|!+9y_I3xm=+M6Afai;By?
z(4RJbgr^vDF4v0}6F3NxyA!VG0XWhVP=rM*92iZ$9Q#0M*`$4Q`)KAqQHnyO5EPL>
zg!U+qBZmwNq^x0O(e%&fUDo;Ehj_MjruPyY+3hQLd$d&hbb)UFB|GI-2JA0hHMa*Y
zx1a{g1e^#KFs#!1R~J`J(1AqnUf>X>k%4;G5SNIH10bPZpgwB#G>1J0{LmK*bS!fo
zFmsTHMBPhxhoyy2xwA}7SYs)oDZS9*tY|<Uv6o>`86ha6bk*JUp(DZ*#GUM;(`3-`
zY49<_LrVqo#hHkIl$N-V2lFr$6h!fTOIO73Jl-c|iNp}eAEKaQC?}Ukf!{uB(y|eX
zjHrgLEH6?&zR=RN8R3{7Ln6LUPTSA5$Y|^pTC?GpZTl-y7fMGJ(M^OCdI@?0|5zWE
zJlCBCJd=T5=K>*Q2?zkZ3&YS0;WDPqsG>ATUm$2=PDFKk=DwEi%!OhEp6q0Xl_d@Q
zw7WPCZ>V6b=@Yj+E)Qfdy<AdIUlU`kvd2Wcmc^iHve4e%;%b?#q(<&THf}xVqBtUq
zD<k>9`pa8UxdCd#W;)TF-c_COPqEs4I#Oma1KE;uU~1bV7Ou%*vI$b;LAI6gcl(%>
zDWY^9;gda6PVzQa3-Ys@n`#lhLVEP(b`Ap(eR6u!M$9H_D5#V*D!FXoOh5U3ox`P)
ztm%vmw*=t|g25^ElFWvgE);s5p@W@%NIIyqp!h@G4u<Qr=RnKnUdFxbq=qwgk}?WQ
zG?GlI2=OlXV(o)IUsV0M1guPrYHrM>`i+AeCb*=3+4_h8%`d)L5dwk9#l9AyUWi|8
zMjNXN<b5hP@f>qIMk3_~4--gRfR@OmfIpG^KFsyTWuY^^+6qOjw&wz^AIHe4gW2q*
zck2r?_w|F^)-9g_H9qXXmz|h@Zt(9Q@5k{K9J|%Q-Ss8sxxiOK&R9Zu6U<7`8Joe6
z$J3_u8@O1`&nu(ZfO=aY9kQsk{K0km=UcpkNwx%>O(VXs$c~F~lr3{13sjbSdn*+Q
z5K4<FG?lgWTs4UMXP=ioplO<wC-N*=TfF`WlfZ=hCqkOf+s*fT78*-A)TyHs2hFIi
z{`ZgZr+p^Q$+td+zt(nN{V<2h-6uyL2th`4+5?4t5^exb{RY7m9#mdyN`Ez<5KlgQ
z>r%G{YXA89>D#w-mWH^Ftj2fQlhz%M`L9BSF6+(c=C&f%J!-Or+v=X9PRr6wTNt6M
zbWA{pKpA+1@MxLRC(zI6UzC~AqdNBKU-<OuUsz1(Ul2HGF?~yJoomW*0J1^*hEz~G
zCv$=-c^q#?zNd)-hC5`62+q2UYQW0KptA~tE)G^ICN5l+7?ilpU1q!Oz%}0^De8sE
z-6jHDa|nyzCY8buJsVR}_nmogn*fX5B7QFuvSNN-X*|2%JPo|>jcJs$Bxi%0n{)?f
z+gFn7h{>Un(v%o5sqLv_dazgTr;y6Iy|Xbi@%)j=E6yRN$EtBIqe0o)BTIY(!z*R4
z5;ii03{Sp;xHj=%m77>^se#GRo4Ig*ecu~)l}-9Pf%*kD4=7giFY}R+{@;Ly3~c{-
zM@ZUM?2iY$cjuLgTBRJZto6(F!yfJ-CBG|n+eM&C){9KI52_R@5Adq}+k2#LfW-fA
zhvl`wN;p$C#!S?4D*r4x!lK2;qSeO>lbn1&v?BH+ZX7AQ0;I)2ZGI`6;4^~RZOJy(
zU{P;?qk8I0w~W}i7#3T)Y<`AwYxdf!W$mA0C$h~SDc+Zbd=ycbjWZF1?7xt--{H9k
z++M-pN2CIJj$;^z2}Tr|(PBSR{5pQ0TtK>Wsx5ivGFPW6G8tj(C$A|Xrg31p&Kh+w
zv*uAY3Z<JT_z_2x7q>B@G_mKwUb2h4bdvC&fo1V}IWTdkun-8!yEt-1*zjR#`odo$
zn1;!r#y9NS(=qYrl)KW2i%HV|NK5UO4J^+rK+Ox(wu%@(Z$arf88Nx$#dr_~ae2Rw
zh~f{OCW*spgdB?Ce6)FJtVeU5xUj&!uQ_3ybEK$K0)3XGeO1OdT7f~yw_$<IptaG=
zf($wU_=C4=_U#d}st*PW@}c_zz;g<?IyBAh&tA!gHDd^5?Rhhp`-H`N{tV05N;7-g
zpXWhhFyc=u>mou{$V`C$Ra*fU5fUL_(($wjY^4AX|BAv0uY7+-J{n;lQ82AKXVWdt
zyh{^JT!W*Zkr4hkaAv7nOFf+*#`ixU9b`F^f#hoFqnGO1wT8cs&YBDcfs_+<;xj0b
zjZG!?8P{+jdTihV?)_CL(?BHHdrpv6G6Z`6bxzA*02&}y7f<jq@n{%-WGh0&#d%jM
zf%wWKPm`iq#4J?Z<X4PIDWV^PVG7!abaUa|vSinF`e4`bxpE2jnenuBX;-y<*`Y^S
zloTp#Q~=@P31R72s)M2I!&VQsz=7@BB$sCeP0(3fC`Dnf6B<{l8AYX9)|W&g5~YK6
zgPOI!52xzmedE1UkXohNaes9s^lek|{#LOVi8d2v(<bLe+@0QfL`AR&Z*-*d?rrE@
z^jF3Xv3=LkAe7hpJ)skN=0l!?+t$!{0CLCBN%LCXRoI3f7GosozCnX(a~Y$fR7SUW
zph5MpeUL?+s&R1qCa{uc;ZSy2)!Ij^l7|O+;}<|d0I{yJaLGA)d=n7s<dR4!3f3az
zAMQv^;CN0D%pw^KX4xzwnx!Szy(72g$ln4ax3Db<$F09;v|3fTcbBWE?KAX1H`_BH
zZL|Ks*zOVB3SruorLIP6+3p5~6XpM8Qg$6OLWxFb@X=RB?{a!m61QqEn|B)ZbmN<_
zyhn0Xzjoxcp1$ZUPJ3e3i@X~Lr~p#3VAMtZCEx0=<0hQldl~yTJEl-x#>0jsaR<*m
zK;7n>tZz30&c_5+r+Lif?G<Uua~51OM^!1=Rg-j2xl$ayptbuTM=wVr-norTD%o9t
z`INChq?53MkSd5!Ah-Qzcq)jJnULbf*{R~rK-k1x*iZ`F!-2}K+GnwCpKY=RFz|(O
z>fAJUykZs=;VnNN(o}BVOa@WaVuH`IVaXr;iR8cA>RvdI#Y^^vke^5jZ?4O4QmXp3
z_(!H~SXVm%J`~R0*vh1OcjSyhFGi=&X}^Fw5x)ukZPxu9Oa9j;|6}X?|8YY3pC%;!
zp}$#*{@(TrgHyWe%nX{yYr%P|5j4yxI#L$P{CwR)@$G9dIAj#-yu?XkbLo4NH`wbS
zG6({J+inBf8BDnO@M4k<%$*{CcI7DwiGG&B0f_b|kRzX7=aa7IvIoR_I~%fn>wVm-
z;z$+E$)hKuI$hGXZ;uyPh`zc-?962O%#5||)7odT*nVPx#wYX;c4MIE<F4}=5E=c;
zpJh;tz>}Qj_@8AE^a57r(dP=G1u7t&Io7oFsnG30LP1(HqaWJo3@izLUq|~<>=Q0<
z?se(JXy<s6ivqZcyOTo++5+1`5C&fWu!KFS-_V;y!ghiB7Pu+g`7T`CFb)9U5|I2?
zoh7n-1W_3^<l(GFv(6m25~}JeFuUaz`tBLrwl!+^RfxkpUN)>x`v*)wo9B*tm-l<=
znuLXls9=FAYM{I!t|T%&U~v8I2d7koM!lm-4#^XN9_hgY5&^YE3z)H{r%Y^Nn^r^M
z7^i>bb?rzqau%VTGCE{GdvWGQE$wg8PIr`<M4*6z#R;yZ%_SenzR{QNCnH2l+_Uyi
zU5o+d5@AX5NrTNmz-6F%c#g389Tbb_j(?_hFIu#4Nk_X^th7kZdHn+RKdzwyF5dUG
z>^r%H%37KI^%3X09Nt8IpKDADhmD)?id+aU7MEK+SkII8M)jlH(sNT~XUi*CxNX^=
z;Vg(YBR=2?3;?nP=g=A+Gs2z#W>RS2%<Z0z{9IA##f!OozKDJYa)>nxk3?{}(M!sG
zsOzc4qy};%olFCGij3m0bhs>17<c<;6PgIUaTS(@D9I^n-RA%-05Nv8DL5}Tl$kCW
z0=R}^AI1!2og23Xb*Vr=djpQD!NHvF)Wnrgf+qP^esPqF>uQ5E&|0!8yLQgpsbDSN
z{8HWh_0!Qp8*(3o_tB3hItWyovXa=%lE8}ZeI|)`8!3#*USz5FRM5FF-bU(R>2-HR
zZB_*M9@!x2o5a9b08dr)ZGFDAv*#A$_G;eYro%&glFtozV!;Ach=}a_kG*3ng(Xf`
z*u8FuL2%+Zyk|;xh<$(j4|_GR|5ZAbE4bm{{+lH8$Kluk2oS*dR8Pu@dmz4dsJ$0g
ziw03*9+X%r7Ni95d<z^PSUX=&L=J$qvB%I)Z$;C;D{OmCS<<P@N58eG($_DkX3#XR
z0$|~ca@5fdiPTix?-YE&do=-sh6r_+#9TVXtgb_IuK-!<$5cEvyi(P?dPQ<@99f=_
zyU|Wm{yVf3mQL;+PmJssjW1IdS6&Sj$ljS>XT$w_@Ofsw^u9oV$Pd}_$oL%%@5&$~
zq1*c~$`9|C55SlWETnG7TE(8JPf5(i-yT-t&Pn0q)CRauf4~dz?n~<Jh|pkuoc!*3
z6BkQNq&Tl#V4B@05GR>Kt@yTiT#StvFVJIk^TeZ4>1V1PraQyrL0gMVTC*x2x`~By
z8@x)wtxmw1D;RgzUV1dHhDU5#<mq?!jn1^8;4GPX2ML&MPYw2{q4AhRV<U=(BZ=&h
zg+YvM<rTsM_qI;0lC?&pVHr(yR;X_3%pEXs5jOb_yq3KuoJK_D^Fr}E${mx#Ds9=s
z$<55%dn?s89h##o;T8#u)!h6fo>c0xDLGoP4`$WRTCihns=0Z3eU+lkaJ)4240b!s
z=kaT_kolg<l8~BQ>I{T0m|lnp?0*}r|L&M)`j24?Kius9$D#yJ4j;$gw)LD4ij7R{
zfH_iX1u@zO0iv33lb=$m=&bntK7B!J5}!bF9xvo69<r|EbDwQzfw>9F%zoa5@#N!0
zmw-=Dw)|s<0SQSEKJP8eG)ILd>vJJDesFnVfR{uZ1L-tVqZ=O^@Wvh5B;MO_{GgvQ
zb5TY63k~<Y4deCwfSy?dsAWhBA<+swys-VKhAFLoZNwigp19k=!vXUTnrYDi58BiB
zsk9{#vHAu<#HeXazsZz1e*0n~Y=XX`-a_|SWl+7fHiab)>*wtn=nxgE4G1M%L(|<5
zTC`NvA7K|$rrDs^0%A^_CkQ6IxPpKoND3F7BFtZXEzbD4<$O&7#UGMgo<vGbnQ=T!
zvAC*%&xr-7eS$I~9WwIG_G~!<0$JuZSP>SZo=UGYe}}Mo_a%_7`fhma%^~|8I)81c
zs^$Bv5>0yp>0X4@vI1kNDl?EH*DwANAAGvc*@GW_843V@(lu;Lq>*npyDDEvk~o=G
zOwHp{ero-5ZdCSXjhxM4kOEI0@0!Y2cf>?xd*M|kfKz0jZlZw@B3GH3ym?#+Hr}PO
znns2KOU?5uuBzb9XfJYL=ot{K+o<CHhK!U9UA#<Y!T!G(d#5N%wx~@zZCjPLZQHhO
z+qP}nc4nn*o0Yav$<FiR>%KUn$GO=T`)0?85j)mgb3OBU-*u_)AzCF+um=bBbAV0v
znX%PMxY(x&1qQ`liU#ocD=O@d(e4YM&)1OFt;}p)iY5h%=RA%P^2|)G{F%5Mj1o$P
zg;YkO6O{kj)8QUFS%Je|csI&9rRbvd6h&@Kh9s%}4skNPV-MLsa~QR)8Sn2@T~)cd
zzgW_}tQr-^SnPTJaWo<CrKc-M4o(XAEqyz)zWLB&`C`%Yc6NL2R!U*p2r0tg@hgTS
zF$dn8_e$Sq8G<DV@dbqdkC4&m1k7W>u=37zCUv9=rXr0bkvg%<W;24=e)VU`Vb|e=
z&r{(~^i8SA;Ro8z6-P*>nk>EE7x2B(cb>w}<e_x?Zo9gjU7X7J-Ol7{(e<T|Cqp=A
z2r;%R-T$SnOIr^i(*t|(zC1VAYN63A0cIVFwtoRua#!!?ckRHJ4iBQxA?3Hr#$$<z
z8?;ZRrAg%mEs-h;mmQXs<dZ)Vm9#ti=pgs`rmsc^5QmlEt_*)3T}xUZVW)mnh^9@8
zp7D5tDH?>;A=_MsH8su*S8)|$$AR^BVeZSshHYOza-u~t*4eta@7No8;JEhWb&JcL
zRgjCCb!gjn+Om$PBFoU)o;pF<fGd3g#N`q^vZWljfpg)CU5)2iG0p8I>h|69i>p;2
z?TCx9B7V<!YD80J=8jEYZW`id$AkUG(1DQ^n}z)&C9e5NC*FDI4qs`?ms$mWg4^hf
zbnk`Z_7K#O#dO(y&{G^cXuma0F-o-nS)MgWJ#R_ogjZ@$<WOh%(c$iOgI|4ui@^Li
zsqobF^SCxo7vpC(Ap1l>zrn-^lrI>ss!_D0b)%vQwNFJHr2_~$8v&^~NaqhR7{I%E
zX!jAhc<JD#3A*Es>dYR5_Z&KC+ugC#{#@uRtmBdH78(FSL7VO#-_4ty#un%RV{7or
zLg>vG<u?IykBKgjfsI}Ib)H%l-?wG=o_Mss@`6t0erMgM%^`K(kxJ|1c^zulPHK9&
zAD-P^BEoS~ZN!h<nU<yR-`<k{p8vw|pFz%+9}4~l<n&op`#ID90Xdu8Xg?LnYpaQE
zu~rp<!DaEwk!UKyDMXU9F@7NUXTeA-rPl0Dc(ky?+bJK{5s+yFfzO#LgOel3Rq+F9
zir7#!auRi_kcDUik$L+_TA~1t?0RLfGKLfdTVLDlAP0u0p|o|!-)mEK+gHb~DQR~n
z`&z^xql`!RQ-Tf_xvrjrGpleRVIcFGg)8bz0i>%rlRwqx{<fAd{VemFDMwvGJOC-o
z8aneo^VvI4Kh<Y(hcask4J$>Y#31<;y_$m{B*70x$aVg;f|oP+<kRM6x?Fv$mrEY1
zm|YT##U6+x+mJdy@H_ojEs8J>c{%Xmr}C@^AhhBq2kk5+FF-L<<jDTpo*mbhko%hg
zF<abSl>?E!BFS{_MiS@uIh-dPkqRt~Boj4B75|qlVv^y6h!7NmUy3GI1z$*M&o!Lx
zPnQC`EOgLO!#I<LFrJ>)p%fDVsPK~bM>VEXJxG&+p5&5kkMu(sN0|iJz#)F8#BJI4
zkOyd)DY$G;If*gz#aVzrTzhb2oUG=WW%>~YqyAmm{z7FkT*N$mNHP*L7gQ3mIN4u3
z=!f<M>67#*2{>s_ZO$G}7Pfj|(w#QaJ%CmHYiv*~GcuC7&@tD&j<)E1MZ7eDZX`dy
zY4squVtWpYbU{=p@!0gR#8%F#XN?9Be$h=m%H+p18MRf>>|pC}rnYI=*yXj#SFm>E
zA<yR)IqIG#WN2SDtuZCctQ%B|9VA!8NS@L<p^CsmxKO72%w&|_nI>+Ei6+P!EPybE
z80-bHDT!jynuzk#<t^+3!}P7Q7XnYuTonE&Kg<s%XF?SgnjfTm77Y`n3auqA(&4jp
zCJ1HpH=f|PH1}_$eXY!;qoviPRJWklR_SK@Y57`Ql%#D+<U}9D$Uz+VKTUc4>E0Dc
zOD#frFxBT0i|6UNYA%-)300Dz`fE@JgMwONK`&6nY-m$Q55>7_{jgm%y^yLi0J;W|
zLw`E4xv=SO0=4PRTAhQxgJcL{bAGnplXe3(@cQ1nGzG8EeJ7lP6kWcd+_PRARgZlM
zH-|4AZ4jR!4@*LGLws-Cp?h*<sUeL%JjG+lK{hd5jS<w{O>^R)h5p$@US*s8USQ&|
zoM^6SAiF^6x1kh`NUg2|tzwEg8M9hS8M!=RP9ol1A$(1>2>fObG+)e5y5}_#L_oUD
zG!*^zd;gQrD#H}w@#WIrq7=+~Kz)&Sp5Lfg8r;M(BT$2R9?6Mj8&KFApKmB~ZN;gX
zY?(h6h{OL-j!v8@=ZCQq1-6v6=nsF0isQ87XMh|HuXdreta7E!FLx*j#P4sikL7d^
zcC7n?<cRGW)cyYaD~2xneqJskR!}cHJjm&p8yZ^-)kpNx$H`+@Ne%2I0iE6w=9A~(
z<o$MM^^V2q4pN`(Q{imQ<(#j?i8}{1X|~{SApa|iX`m0V&eWGk4|$P#XeuPOD^L9r
z*AOSGp=|_pw)|-M9Ipm$_tuNIr|eKJ2fIVyLX&5s11Ws7t%Wkk=w)q_@V&T^Xqw&^
z@s+%{%aP?8)Tsao*Rri>M6cphu^%n6yd3)!YQDFw)jNsN*)W;DX_?0GBX5J*cf}L}
z?TX%;!W_W#u})*aYrA1Qj@dN<%E4PR0SmG<1kT%<OBjl?g<qI)l1n$J{I=kqDV1a{
zMI~rZ+}ZVM!i~9b>evAa_;RtB`ts#s8U`=%RvYvK9IwWy|F?H8%fDrAF?0Oq2IrN!
z#y^#*?`j=BLVmu#c^6q+4@K;OHm#zP1rTvSpLkVK0=Y=B<Ht{3N|3;4GcLQ4_S}DL
z$-%|+KF!wDRNT*;-!F19pZ{=yoB#qTQ6vr$B!QrmD6D``mMu(;5gp`K5Z;LgHVa%p
zoFLuD$>i06WryCmdEkJ=s~giQrK9Y@qK8Vp#ewI{>xMD5;D6=(|CFYplQUiL%ou}R
zCqLFunZP<xM@(^&@I-SXMB^Mj&i`!<wY}psBu<#QQq!Rw^iKNm1+eLi3@o@GtF->K
zI6=AX9^}c9Zhn1q{8&R1pbP=Ai^gpz`89#iDwGTWBFulqr`wMQsYB7DYVn(Ta9|%t
zojn0Cq$UPWyla|TOfw!t7DHNPUTfv%gS&#*R<my7D(!b?(p+tM{bLQ)+82O=@-S{4
zkVq8Hb**dss{g(>e0{#sqS~a#C8@v4xlE%~)3>-#*R&Oz@no5#5(C@%GCj9%?>q&$
zi4JCapvLCCGLyre0-R=RpD>pEGn7?#;Img2O@N$^4q`LK$x4?KgqBq^qIT%nhZ2KN
zInM*+np2-o*rPM7Fte*M{Of^Jk|Lo`E@&mCwl%9TW9rKTfawGzQX-BdSkgod-ZU1r
zXxX%A@~IMIHmV}0a{@<B?>GA-ZhO49fiTC{RGA1|s|$9BOnhG$t`V`y%-Thv_Qm`M
zPl<M%PB0lww*rC;mKSHUQYbKpx0sDwvY`rx9rx&})uZG>{XMDO1m|RxDFoc@O$mho
z{pIja0~Xq!I1r#71w}#9t>TASLu7v@QyRQnAHEr^@>L_<&k`-3nlVZoNiF~ckmjFO
zm3<0o$en@)VCO7+on}Z7`@HN16{#OB8RwZS>7KNBeQGWTw(cUwCSehU#0_~c{9SWd
zui0?|0~}H`7-)u;tUF=h&YgGO=&35*85k-na%R;(rU-x1N-}~bhByCx<Ldo%2m?+j
zO&)cHvO>{Sv+Iw{4<+Q_?F6RTKlb9%lIe;G%l1mAH#^t3nC5XEd#{V#byrW<z|Z5%
zKZ#Z1VGNa2bkWv|1>wEpz)P~#uXEON(CR+>qo5v8%#TN)1XvjaoWP<sv7w%BRAR4)
zbzuC_yz*-<0_ZxSvdvrOg24vaD=H?i$^kQ*7Opa@AGqKwE7OzTJ2WresYRuv)AyO%
z1^>x=v9x<kI~Kir#MXUoLMJyUt`%z>1*F>%kMyAct=_CWQ4<gH@d!lPlBPL!nmmSp
z|6DwRs=Hv~6Jz@Ae9$1eg2pQ5P9xSni`X-X=o?QI_>N;R>J+@{WSj=~Jl%?MF&!`q
z%3NfV0fN?4y(?7Rw;bj#MaV4}p%tejrIY%1=`;OYP%BP))#jLV)9}#m?)Lr<B-2Db
zJne`~%|JE=zVdO@ge<i)!xP=piA_(vP_+px-MM4cc)wJ%>4k>*L~-!>5<8N^K(5@v
zqvbSVgcF9l_eN$Ik#l)R?R}>X<Ve9NR5BnK<DV{<qL>*fpZbNqzJX3T+l&CX6Kj<n
z9BS?3qq5dd)<GvhRH1X|F$IU43urmafaiBH%?><8gE~6ySaFnLzJs>`WKrVg4l-T6
zYm1Jjw*~so@28`@j-D+Z{Z&Y4%EK$lSjVp!%4>I@eL|ARNWYsm$H9#Eyv_!4dsSvH
z0pB@j(-XScSuiqPrTl`Yb4{*+oJO|y<LMI(tHRI=M!d|={gqG^sYJ#%nf%e@oh46$
z*L=6wZMW3b65BwoNjBUi#lilQ20AxLt=?q}mD=Ns8B-t|IO4pn(Y;g6qrr{^DGM(0
zC&71KVFI-@eq|ly=bAH2`wSoNfn2dJ-07)JQ>lw1+lVuPy$+hE01B_6H!U35Q^ziI
zb;;+2vbBjxQA2k2Oe(-mlh~6+KtjFvBD1D}M2|GNyst&;V1k6wb4m%6t>lux!n3W;
zK3bw(l9|!Wpg6U)I`4O0k(IDccIP`gK}KoKe_Jcq{sr}5WB&ibzy1U2(V{Bjl=Tnl
zLB+fXjU)dU;%~%hkzLBu9AoAw&WH=tXb{-|-CptS(;{x#XR_fw!t1XZ_2~Lyp++r0
zB|JCf!RJ<M>k&+dBQ-wn9U&M<M4^DeL`{)tb~=xm?!^mD^pYe7tk!R3ha!=pQJ`&e
zUO2sKx^dlBd6#?g^1}!O#akKuLV*{!@J{FA`&F3&GQVSpvL6naT$?j$7RdN{g^M_K
z0P)+EYE>KrOBz5u0yn!3u0i3E$P_S~9>)-x%rFTkDjYkm$1A%-LI-uZ(&-B0;XHK&
z7-FQ}wXcjJR>K(KxMM+KbfAVua%;$F$fpHr`Ep`qEUN?)nd!sd1WMPdO0WM~v!bQ)
zGBs9tcGX$Sw54{vq~miV{VoDQ6}9GGK;Fc(nQgc+>)oxAdR4+Cr+m8HWw@0_kx9x;
zb2{RE(#XF1M}R~h0hj%U9YT7KqrDH)MK7{gLG@Y@D42Bjazd8Ww#DK~(qu%Z=(4f8
zTxBEGt823``V?@O^R9f8Qc6tGa2B1wjZbq6g%E^bm*2AoC~e}xs4{G2yzi}FH%n_2
zD`jOO5N+9YHOlo91^%FE=`8Qp$7MB{O+y8k$wD4ED<qrbMp5*WO-~3zso>*LxImQy
z1i^J$*v0VE$@-uD>r6Tf<Ra>x&J>ssb~s2-_AB;P65(_K&$J2?g|o3E6xlML9|8Ah
zq2TWoDy{Zi(^#-|*6~8RZxJrWI=+kP<PXxlO5c7MRUDO+=O~G(2xi{^XkWaE-q(3-
z&_Qkpv88YcOCS$iOXeBS@`5sXCx|1OC1E1VKnhED=iF+*>>q>Omyis7ekuHsv*jTQ
z3!sTv0hm24KP(@C)tkI*8R<t>CX)^edZ&f><8ih@**3G0VIhU#jN`oaX)eKC7E|co
z(FExh8-en!R;A2Vp-Bpc#hA5x8f3uKh0MGP$z_QuYp=hIuN^zqd%a&?y+G$WD!;s5
z!RtN~wf^Og!@&A~n#BHZ^EIrD|1)31!1~`$UamAZZL!(@+4$Zz_-G_J?ZW^P@zegl
zsYUQMF@5zkBoJ8Y0apOyyDw9kj)$J8b=Fkk0o}wz_wi2qQ|tS+65L0^CC9{A-)T#?
zS`?^gAF2|=SRe;OB*B&ZBg#+894qOhbSw(TiQTD?7Q>`0rugO(!_Z|b^gt{mQV|qE
zhnbRA@lZk*A+?4LEdo4G8~I)I&dAT=B2#1-56a1J3{#fS<MdXC452!ju`RHkj_yiW
z`*?6BX_JDO^}+_e)nt<fB&rVckOF)TF)48A#(m^Q((f1@!}q$t#G{H+$3vL4f{8;z
zD2akld^z-!!3-e59UCA?@x}7eXyOo<{nRU4HwN*=p%QB{T6|#Ycy<`^YnIWd)wkhP
z-BO7K(7gM^5{P6Vg6v^VbNJCgBd%Z+IH7ukTciH?9Aeh=rHDeoQp|y}0d*w$?D!0@
zkYY46i^cGHrZ+6^3+#MQvnqtrLoks0qmXUISfzu?%i+8P9nGSzPSiCm1l}AKDZcQR
zRvV=1kmF9#h|l(rpMfRQURm)0B(llv1n39B5DHaD2}6~Y1p!0&Pi4VREoeAWa0SP6
z0O`XL`_z>d>62>%nlJ*lW2#7@hlu9IJtk*tMaBs>7*yl!p_EH8!~F_N{+KGl60nMg
zW=7%)6wyqK%21(uVInp32D_#E0VDFps-d&?x%6iUgjeF2Eh}c|g2#t0jcsfhyi(xg
zDk3Dk;){IWZ`h=+x(>33Is(bEd_8{Op7*EoYW;^B99!6+V0g~APB^NTCu0Ftd!NH+
zA{(1hi#}^=k{Yy|C;Gs~{YQ0s(EH0c=S{{-$BsW<P1RmakV~itZ&e(DkHCSmho<52
z$-g3;;)^G<&x?=CAB!TLjYrET@J`Y=zjNeD<qTFo9{+H&m$Vr&`Y`b6d2@4R<moXg
z@jZ`vKVP4Y|54%`!<Z}8Sz=8D&Fu;8DPpn);y#l4I9OZ+W#wrno};fKn?v|A5{=82
z*7N1=IraPgx_-<Xe;of~&B}L?a<sarSJo?&hnxH*w&n&jE8c8HE_$?OkvC@meGblQ
z;<ktTa_5^-+DolVgA{vF)@BwJhX)5QH^b}Ku8xBnI`A;qCPv1bma&Fi@0g33H-}y3
zs%%z6&~MiAiNoL{UsQp#5K$XVTC9e)o-*%K8n{=>*wV_Y#FJL5fh~UFa?4l)8&Eny
z)Q<_Lf(^cs$@P%H1+5WgHX&|5qm$sE&JD(SkkC(_g4mIuUaLdpf`g}BcmLGc(~r7}
zxyPxdeSjEcYN8S9W(qzFe7Wal7-n^6dC=&n)V=cA(`0AU$F{rBM#`2xJCXQT+qK`D
zlpLEoS(VsOlargX*Y4N|IoYm*F;hn#r(5axp%wI@CP>ZL)V(-98d$AWwk8%NZHs~P
zQ$c@xVfpf)?@l<vs-K;n6V2-Bd!=Cy%(ck&V8?#9(?x5=MhnVe`>#S@nrPHMLq=~i
zZM&39yO+<&r)n}BEtcA+ssN|>I?2Tls3-G<Ht_BUr_f$ZH50_n5T}s-^p8k#knux#
zYh@%L<d(SJL0>z+YlP_2>HH7PAe&JW*Mph`+uy1+pTAVPN!kml`#N)~s5gP0YQw<;
zg73Av9=rSPkmm0TZq0kT8x+7OyMcf!{cVhW0PUG>jOt6k`Xb7V590O>GhsWGFae-j
zgh47i0Hk(0-B&o^BRLvRwkDq~qK8!IW#ATy?OW82mM?Ta`tkb`vQMdTJei3&QWL7k
zKR<hfnjpK9a=_bTQWJ>o1_?|6J8MO-`mC&Eg4+>N6M*iHpRfEbNRJG3feF;?8Z&Nx
zuSfex7;fPv4yFH&s>3QLCy){hJb^8dTspdfs!BM~JbP8oZay;NFwIR_ACInZ@O_B4
zmgkDAix}&EZB9+7jzA&Swk}h~Zv;iH{`u`dKzk9zA+vG?{pq`z@X>%_nAx%fE+(Xb
z>5+hn0{F@{ks|ynOc`zlH$$R9#HG4p`0dSVwGXyaXJ>!x$FD8?=0h+VssP+%;<2uc
z)5^sJAgo!(GTD=?`JoAO!A-opUR6;sshsT|CEH1Q)dRa<_V4y<l4C%|xcgZ7ol35Y
zHfu6%25mogK-BE#4$NzSr~N!eBc8O;iMTB+ui&tdF~CmG`#){2J$(+$Ze+NCDmPlL
zFZ@^%5v;4)hlVV?h;rMPgmBfo#nm;L&BUei^BNhQ`JccCy`z-+XM!_5)Q7Hrb4UGS
ziTW4F;0Lq%k8>Ko)vf*kPCu{p1f2WyVVS1eiUEfAj`o{%+GtrLVRQ`2TMe<JN|qAS
zz)s_KkAxym$$zGv-u1%^X=iy};=8+<1)PNE>K`uJ7y0%PBkikE#15cQkZ>qM2GW1p
zyzZgA&K@Y<IK86UP}JmM4y7+Pyqnsk0&yV<FXVZ)surrGM~t)04kzwgKg0U^QV2B+
zMG#`r`Dc|6`$Pgvug_Tjl#n{ulc@g?Rn2iy%;z8L1hHiO(&weV%GHBtE0KnZ^JwWt
zp&~es<OId<w#?};zSy#&WkHZ}!3G-rFLEeC1hGPbELZ|OvJS){pl=4Ly3|Y%DlL8K
zGrbYSZzudNQx_f3U)F1Y(N%;Q#Ay%Szp2ryB+fj-X6e%t>4cF<i0AD#3jG8RMC19R
zAm!(V!C}<vVt>qZQok_B$6D$8o@?n78_N(x2f2gj^PUk(V~x=bxOL3CXpu);HJR@>
zH!#Z0=FHw;eY`#1T=?JXe!1p}D)MBA0zAQBO+PP{Lz(-<ytazgh4#vYjvkDk={vt|
zcU42GRsgd*0E<!RV;AC<u&3I_1WC^{o+XT=H<nLawn2H23DG5{i!Cgk`Q$_B+b#gp
z;nUHB+5(J$irPc`?YS4Kbk~g`HJkHh!#dN|w-8T{@AZ8Ws*~Qui9PkAj6typy2N=1
z^+W5oAo@c&Q?2@ErFhgh8WecBnRBIf|J9s%EoAr3AZwq_CRs3~0tsHpkrh^QIrsL~
z@6qElg~5Xh<9A1k``-m#i68`O8w=N@9pze!))a=btfD;0K-92`vUC-VXR-$oeJseO
zQ{M*JT0QkwPbn;^Vf%8|z*9S$J<_8fG}r>#{f4(Z;;qcf!TwkG*U@!7SEXI4yM#sQ
zYY9~zQTr(jYqEgBv7-nB%?-<H?e<3N1Qh7a4V1H~R$kC(XFF@I4weg&^=dWhlZ>l{
zn&PeMU-20d;%1FiWyo0;56H*({xvdfKjsK6qnh<b``t^c!7Sh3T!Aii=#ysyc-+%!
zY8??$FURQ58oJ=g&Q4a2pxz6A0CWwZkY(38$#degdM2%R>RUfoa-bIv<=l*?@0GjE
z8ncc{Y^<m7%`vuJ4)AIm&VyHe<%ip7*A!Uhsv<=AtXVA3APXZ~Wa!vrXQ^nSjB~^C
zr{)!eQQ4$;@N0@;$G9F92AGoMKF90qEHy{b*oBHq&4u=~HFiTxLsdveQ|H=<Y;{vl
z68`RnU_bklGov!XaI|%_?;l~?D649bQ40)pF(QRxqXsu2SY3EpKm{I05-X^w$B~O6
zq$f^Xh$0Du#uxlUp(uy{3hp={U+6vvPKN}OM<mr>;hy<iGxCw;TPaC1BQH=Fgxvp&
za~V%)tye^AKn|u{%4`WkonGx|kRmZVJFCT*6N!Jy+4hZnIt+IdT2!AwTREJX{IU`@
zQs}^W5m-<nYF#8566jenv+445SOo%^<y7a{X!YCvu$neY*>Aw@MC!-EhR0&$wo1v5
z@Z~e<V;3$t!X?kRbTWv$`gwi>L9Q*t4k@4o7}gamss0nBT?yAotwUzA8R43Iv2=fA
zT5EM<n`uK9{teK)3v~A{`vFFde`~sOu>5E0epuswny%XU@pFz%=xJMGY&8c<44Im=
z2>6g7qMBNk7K$VlonJ3G>q3Mi6ER85KH{z&qf?h#dD2Cj;i7b+eA;ojIT6$o;i{6t
zt85CA5~a$?ma-^OwdnJk4a9~>56swl(&~(?ue(87W0N6yC~YdgEz{htn|#!>Oz*$m
zPQ)bz5|sg%q$JI?e|<Xhyg3c&Cx}{4GE9n(m@xNZ|Mrn90=@jiQ6O|i+ulraOOW<Y
z7d8}O{`JXO_=UQea0^n#9^6&}Y^Ri1uFMfpE8SHgMRf`I+ssVbt=37_-(!kV(BzM;
z9$k#rU8#1uCsL4QWSEM_1zMU%)8*-??M-rXr$FiK3`!jH?H-f|J)j&K_bK#shmel|
zdBUx*pXstYE>|f72C1!T+Yy4BAuO<7a<K#yvZ(W)T_HSV86^5XGx1QMqkJ1DZL%vy
zyKQR)Ouw$`kA-RBIR_OKRL?!1cKul1E{k7(r?(hGGW<H@iKUpn9dE#UQ>Hhj)NaU+
zOz*<ckVHUa_ynOX^`JN1yt_H=`=$Pf%I*6bH)+(})fXSIhJPCjSU@b*{D?g+2DUO9
zr#DqpkWQX|*RMxqs9O!_W0mDI+keL+LWIeKI8c-vtS&CDpH-nZU8pIInAO$Ic+MN6
zrX%GjhJsL><|R<OZ?Qo;HBkz1vIw94k|}2kyq=SXGTwI5arR$d!R1Mf4=SJQ$K_Ar
za25abKe`NCJd=xsI1K-VII_Pi2u9fpe=7mG`HTP0E8SR&(Ywue!%5lV!}`(LBaqyh
zQW!3(6Xbj)u`IsS+mLt0?8O9j`#FYB6D1mtTF~h5&*6K(Ge;&``N`hmX4M%nns(fk
z3E+O41wFL`h1;O_V)Js&Pnw!3lL12KQ?LRxoWX&q(#-ts7HXBNmDVwuw*Kn%CEhF0
zfe*S{*53tc))3ge8v}`Z2Rh}usY>UxveH2^2O*b(=h~UvcNbdJ0QLFxSCfkyw*4oa
zw6}ORf^^C}r5QRog|!o}C%fGDPxt~{YrCBw$L*=Usn_t_+`JKPg-`lXk%aLclJ1(>
zz*u*r0S<}Lzn(hP#~ofx+Z9`(ZS1E}RJb!jxnof)yUm4ziV1%7A$nDIZ0XooZA~-S
zFHmbhowTJ5hO2Eo&U(KwMC`WLN%LH&*`Sy0pH_p(jHvSAAy%Z|o;e+#fp&xd-Ni)C
zMbb}15QXa}N2u*_8dJRzke>5>Qg|#-{l5aVR>188dG%A0qOF3impCP4?f`nE3Kack
zPh(g1WBcQJou=}4&^r{lPDFTF^>3|bqukO~J=Xmxxy{Vb)*ej*GNv!JqWTBADf@d$
zVOT>+oXxqJM1BFQkhxzihK8dM6Q7>Z-$_Uy<y<NzKCUOv&rpaYT5mcG39XBfM%O#j
z?dM`s56e4@rNFy9?%!<PcB=;vUE%%R2^(@$N&h{7vQ@9NE&C=p1aVGzXH0Hn150Y*
zYF=-E&Rcz3v7!3fpNN7+pidAEpZ%8qD_{7bCe*44EX~OvR8bREyfWuuFLJt-y`ch&
zENg@{g*^o3k$XgX-xD(&rjT*l&Xm7Aj{K^eLsWQ-zK%>=5dYY%6x7Vnddn^{%+qze
z;IQIyK39jBc)R6NFBODHnIyqDyI7e|G|=#60{Kcp-8|nM9jiE43a(f&k-y4*PT?_c
zHk}kRC2ykR<X1GAuvzu&+oKVHa2dz>o85#&YK70Y&%^OFzi|~z?r)w8N0$bMf{JW9
zE}Or1A8|4vW)F^*?-{>w{G^phSpr0};au!_I7}?54C;a|N+ajau(t?*CRNCruQYuE
z`{90}i4$KoX@6Cq<c8aY0NqR_(nZ>xsKmH5Qle`)zZaJ_YO#NTm$LxG#SX71(I-eo
zh?~G8lMJStdopx=nYeO%q8ksf6d)jcM@9p6)WyaD9TbsM0BUjtdD|p|<kA&DjO<M)
zPs|EREJn50{F&?yu!N{DWW72luNb@|VYWn4s=!|Hzcb1Y(}TK{r_D6E_QLkkKbq|V
z10bz+N-KaLD&e9ECz^M6xZECz`3%L*!BMlbyqvT@hOD@|*pN<}v!kP}XMo;D#dSFD
zu_v{6JGXS|+Cs!Q@AQHI!B4r8Z2^0%zwHq0Qatjsd-YGOLmX4+7_@4i@zD*NtW8@j
z;9Jr;=xd#1_37k%d<=}_-5x>(4fj1l&K&V=YIz&#kiq81-{Y~l(|u{^seAhYdUzx+
zTUr7=av)m6zAj~tMt;2^cRTI$!*C<y=kz)^Hy_l@`n!tbzEqdq4hEHYS&u$=&Lj3W
z-Y2?N$KZACLhV6pP?8(;33}N}6mRW+Cwu&<r;nD|+Htd83sMDU7d<83!|2|NX!19*
zpN@n&kO<fLuy64C1E=PDH$;FMkFCOpU=k2WV;Vc4e|+{D@uvJr6k&P~@o~12Ll%f{
zZqbY+gb!h|{boLTZ)u%W>JmLc)9%de@7!=*O#N;bZ_D-x@BXa|e%O%t-7;p-@(bS!
zM22MTkoV{YZ@-RB{_3u+Uk98VxiC2{9KDp;h4;1UHZJ8UK1}OUW2AH|?G|sS*)H*4
z)_W%U|I@GY{~OBK{`(Y3%l}^Q<@4iz4q4I1O%l-A!koxrk_q{dAflUFA>@k*6<u^t
zKCg0qyK99d@nUolhA}lU?P^<H>Ugbn;e4{<ecmTS%H@+oq_g$j3q}hgxEly7@OS^6
zcxOI#zc=|BFya-<rhk>?^U0}uuE>_QARmc)IPxWGVx&#tRvIcIdzf!S1k}7th%7@8
zm%pZAE0WWzZwqvz<BnD*?#7nsxNDz{pG}Eg%8K#DGpHgHT~gC(VXqkktN{)LX|wFj
zlIM+eyAw@yWFs)vHlN0s6o3`r4tk0Yof0#s*^4s~K!Ee6Gq$IvhHC(@gli3_hPH_Z
zV1q>>oTxx|1S=FYig(ejMtAVsc0(XQL`vUPV~oH`gnUvU7T0<V>5o|GyX24YX3IeG
z%TB(C@p#63$Fi_TITz`R2YVw&fkb3q`<<mjO{=Rz%j^4LZmu-|3^-bA{+%t4M|?#i
z8TGj!Nw?}?(VrjN+tupo?#FS@YXL=e{MY*K((t)D1ZU4XtTI@P97Wc9apxD02Sfrt
z4uL(9XhU&56xQZtiD$?g+=ByvF68xoJ+FR%h<p05!c^Y$pQ&~@!f5tAC9R9!)GuAt
zzou-j(lZo6#*HOG2DaGrW>?W*C%xN}hFND-C0uQAr}d^wLFOYw`lK$RwyJ-0KXc17
zfa^+v@`qXkc#VcsY2#+m71|oJy0Cl0;B<fH`t>m=QDSAO#JT*9JuF%r)^==DRB_^@
z$nI;+ncOY2dW>EyPzZoFEyf56GzXoA5JY?dqUlFe!l!oq+#gO2zYg#IJPilW-xZ~r
zJw^zjgrt*?=#ztSY_w7PX^vMB1IK~5(R(k2H<$O5LGa(qY4Vg`zUYr(XSsKXo4D%K
zQlT$JdzU+<w-72Iw?q=w2Q8qwD?uIShd#zh_`5j%eS#wnOa~YOAo8+}77T|V1MlLK
z-y{Yw3Cf$kuWJHT?^{3kyUBLz^g}&=jShscfGG4Q%vJ)MEGJkcQov%MxB=~inAwC_
zYAqY$@>YK?&YxT@mNk(*q@Ig0*U@YV{zcKpRroOo#S3KEF#I{9wFBQ@g&aQcNvzd8
zbvt9!8bN(S#bEHilb^D5ORN-jKzdfMFhix14b(kS1fisS>I@_$*BGfdO4(F7!f81>
z%uaHbdits>*-DMo&~{yGb!U#u^>i!IJ)6?+#ej$>cz{JcHOWPlP}o38)>~(hveVH>
zsZBKMq?-5{BYF!Due^5=YSNjaC`5QnRrdO7P5yP3GL_oPmD0;7coF5}`mtC3YYW_o
z)Px|Ak;w$bu`H&F&4c1br^2}rT~I?}G$35RD%Q~|chn+Nj(;BeL8)Uj$6O<`5-jhL
z8?qRzyp#8;8X<`4vtKq-taL1VB76KC@FR9i9f+)hX-V&haR+^Yp&`rl6S#3>Qs=Qk
zX~3F6_F%iku<|)y`q*{B`fW#1j;gK-uj6Z@PQ{YJyrLKsE9G&ALczMP+=r(1t@+D6
zDLKU)Se&RKJH8<SSaru*iQ^Zwu&pqbHCC>b5tGuN<;qv(JZUw>vs_HC#=B`vPCWV?
zFoUyxjX6<ua-fR?P4RDJQ^%UpR8yrs7!%hSV@>mU0;`CHJBwXbcq^+XiiTC&2$y?}
zah+xP<&IVj{F%t>fXn*nMPrW(;Xp06%{5>7K5HxUXDECOb7*m~+w<hu2~l<<2(ho<
zWXk97oI=?QLf`thrlKXvKg{l65O@e_%&id<<q>b-!18$j*8xRH!}*us<^cr^p@Q1^
z@O)}P1V<9<MMjH~b>)O}S4vpelno-?h9R1X*}_L||MIVs=Jk~ROG<za@GwN6UqnVh
zPE}C%6wrbwZ-(u^>j$Zu-M3KN<e4cmEpHCzduBk-?Y;3X-Z+hznf>R!bK<Ier2(O5
zPG5$P-0tWdBnXp?;c-Ly6$Wn2wJS45VYjbDZP>YQD7@IYvj*@c2`lb>RRTjZ`-<Yl
z8%J;ox+HRXy3(@|(itNgfhFI)lDgPZwyJzGbMtkH2)jTTW>m|@WKAx0hkwRHc?;Yg
z>LnV7=(m-@Q^fdwS?XDeJ}(&j>M~M$L6qI^O)(&8uEB}BiS2$MSd79NCgh&_V}7_D
zG@8Mt4l*Hw@p;3hE=IK`qgcz8e+f9k|C$^{Lps1k+X@nGdpS0YHt*&c6GbyD3oKz{
z*yK#ty42KprskZZRB7gk&@RP>#9vwbrx`Js<t8a7)+AT!h?Nr{ld#IoGn-+vvVRGr
zl^_%>QJ|8@2KXi0p*jE8Ihv2lv^QMk_IHr-5UBR9@;lC7-Y`_qfN7O9#-uLJ{!W3h
z4>EB*wJqH$sey*6PRcKEe<u6Fe_KNt|839A`rp^kWp$e$PzmPiT8}_q&pN+nCref_
zz|dZa%__-O!_fMovtQnN9nDgrmZWal_jAlEfn?Y<sTQvlph1=!H|{W@JFIYLp=ihB
zX1Ms}F$Lmxys#vsUE?i~q+m%m{vTlmJI0rt7ZSuE0{DTiVgJ9MAb!^{1T!bD^}1-A
z&6+01EuEXhM|-p5*m9BrAN+l$q9{U^cHCz^mkjudam!qx1dtt%rW!Y&c}rP?Ti9_(
zh#@;<(-|HM;08z`HNUfVW_c`Y@`K-hqK=y=*!7bPgIS{qag?!PFiV>KT$nOrX=i`V
zK5UyqWgi#SBE0}3fF|UTo<ai?=F&vR+#ZY*j>q-OISHBf;m?&m+JNR)t`@L-e0GAK
zvKVt$YO_>patyH0nBFoZA+c!DUPFICpN4V+obn+O_n8eA4U%J+W-Rvfk}Q=*mV@f_
ziwB}N`z^&LMLGoP)3Oqek>mZ91NFMqBDpH(R?CN7IQFZXg`bcg^i9LQHw~#&Qw?+`
zZ*TL67YcHg<j5zz&8N-71KMp;SxhM%G6#z=5nC6H%ax0w`>2p*#@)+GGWz2QOUvOc
z(pT3oKF|@Sg-R7oPILxQLOo186N_9^V6Z5iVlFqUJ5zQ#c?+DQ5RxMaL#7hSsfU%?
zsOf{nN_8zs+r!;XCL!R*$Wj{<pU9lkn_%8kItpPQs?$Nyx!(4Vvr9wI=eP5)yB41g
zkI(m40*O65i9jMk9ZLV^asn9&dG31KR>B5f^_Alh?f7s8HL2&nbCmjn;Yg(es^;H}
z@+g)|v>q#sRVI0XHvI7|aftv>ahs#()51YfN_p}MR!OUG*BYVJ`a@xBn1!&`bZ}RT
z=T><<e!k6uOT51^db4DAbYjYi?qtfO&2w*J$V;al)&WB>QPgoG7NN9oYi`-*UydYv
z2EQ{q&5GI%CMQ>me(+kcRkQo#fn9Aq&qG=)C;{WWL8U}|lpO2|rR)UdQa^0z`AX+I
zg|B0iyZ8-o)F4MK<ytW9=L4H;64Y@0YQ0u(SBNBWI1vgMIRhlxJ{5Ue9MZodj0g>{
zxy67A`kRoLeKe2{8K?yU@r5!7C<wG2WSC?FaT_kJHr!jV!rq^?HR1ZofW{ZrT%GXJ
zyn6(jQSG7erorQPtN!nu{%yb|E8qIL_~3-qp_df3>@dw^K4K78{&fyRpX30DiXW5W
zp54)6gvJGeg+N(!s}e1n$43d+O)eAJL5AuS5dO=eD^Y#D;Nw8cW1hz9Fd+DKH5rj{
zv>Ro-f$ij#Y4rz&6P8&+8g4v$(j-f|gEUxBfJZ`~i`6magB~$<0o{`)@&y#Lh?8d#
zB06+Lx1egL(1;KN0Pb_N$rfHPjSLVtN$dS=?(?T{d&v3NBuI^=ps^F%ra`Wf8+AC9
zAC8n)`+xf5PlpEQa>@6)#n-Ao8_E+$!GcsU33${bH^)`xc2P_+GMQvyL<S8@&T$QG
z$F2b!Dq9gxJ1u}vpv?eslq@hJx5hWr2L>G3jM=V{QJaGztIY94+VT6-W*u4`G;?KY
zr=!n;;+;GDop|;Gs?-AWFb=h2OiP3^n)^YQnW`C%Z|72|Jj8+40q4q3`?1&#2|~tJ
z!4U=B&}Lgh2+;n%%^*~*1<PBIN=E@dy6W#oSIpC=9H*cn&zcU?j*3E`nHZc<F>ysX
zEg}QTxbgFErf^0&7*QG3+L=p_NwcAO+M29m#{-VNg=b0598lW2*w&V)4=<<HK_SC0
zZi5XGxB8jsn3rImId@cI(VMi*B^)@~<B7gD2E7^D)lRpjlOTNjU1*6p?vQo_Az3Sl
z7dqc08qB#$=&x63pFnfWL|rG<AseKeMiLvJq@1alsQAsdI8n1n>!zV7r$x!Srl-Ni
zzF%wm!HIywIyQeSmJDBB&dqJ$jaC$A6S0_aKEaB!E%6`?+*`X4W7RP)2Y*$b69FY1
zZCq6si{<k)AA04>1nUL}T|_kPEHy*KOXVXj8}RE5vzMYDkLyka^3D8Z`@j%?(@m19
z@1Q$sCJ$r4oZHhvXuPrK*Zx4$h}vLh<fe6`lv@R=#|d_nYyTi;&;~&7Vld7%`#H_E
zPA-#K_Pc)2m0r!D&Jpj^UWC7|(1?(8g$qDhSq71<W>0Ap2wz9&yCuAu91ESV|1KZy
z9mlc{j4FUkvUQ)}8FGm=akf!Gq}86orv37y;BK0mlys19q8rNxIN+$pzfIpVG5t#f
z00+~5hpU#=bnLR|QG9+vRW_i-qpbS84--l)mTPi4S+kgJRD}Cw<RMLittWjyYa0v#
z5?QX+1_?#9vEN^H^PGGb1fYfIGF-VAV`Xjd{<>dwvSw}*#p&<5B(SyCTNP?V^Ij}5
z+M3zLU&%|$U>~dePUGGwp2E<`t;@SLZ!*-tOof~s(zoGU?6D+`CK<D)_rZHd6PcHM
z_m+}}x!J)FylRN+Q6o|d=VWy)S0@r-+wh7Z=Ywp;F^CkqYFRyKu`*m}kFkLfKrk{!
z5`3)6(*JUOv*3MqX2}6xMb`YQL1*uLt~oYn6qgPZm!Dw6hJ8zE`XT|=(D|EP<puo@
z!kt<<;iX~0pI+WY01~~h2k_RMw9V}4$(8e4wByV}aFXS?$W#mmXUkZ(0gyIobS1$O
zJv&%QXH#|IT}j+)*sRm;_!!5EwF+;Pkxpv$_C(j@Ln&1ZxOs<RTUZ;ZQ@3to7HM@?
z`@|M+Up8rVKJWM%`lu4brfz)&^~Uxevh*-Zd7WD-Wzo&DV7fCm-uOPFQ3Rtx!J}Ua
z_s-cSJ=VE{C^D81AJ@_#ELzKu{(XoZlC}&T{iGiu(7ZkrJ%lHie4twD+iD$AItY0<
z8tbQr7J<w{rxWhG_Fk+_3Ar5tYs7tFZi`f_o=IAOMX@E}L5vIk`^^h7LlrNBZ1LhD
zZjqo|SsWPYOg(X&EL@oaqrBKap??CG5^u=%8tE6)@EqHq<KsE?_4Jj7%mPtxcA3Od
zehLtLylOq4%LrYPxyS4MdyCTb6G0`(+pBi@;5YXC+Gk-0$B#=&{P-A;xW^@3H&^^a
zb>q{eP%Ys)a7`vI+{-k5FKl33i8Zi|Fp}@WA?E|7tjqH5-AwAA{D4*y8qNJV&T+Kq
z)yPMYU*4r%Ziy_O&BZmOZ9#3Px-edRqFzkqRkwjdD*K>S4!G7G)B0nTP@=0+oVDW!
zMNlkuWvVx_p>jZQds^$3D%UIZosK~@lx*tDt%Ht~LLsx=V3GP({3@H;!}*pSk!#F%
zYYxUk4(g#8U`mxY>($?%RYA|W9E}dB*?RDbHLiPL+=1NezHoFJdqX`FNTkCz#bcW(
zfi4)6Z1+I~5x4~`9uG*k**@IbKI}d0dEq?<6a3hY{G3~9^LJseA;y-K6`D0S*T?Sm
zE?zU!H9Z=gYxmle*+uq#&NxtVmq3O``<RpJcU)#St|(3eA}VhUIuHxasV+Jnplp%3
zlK)cHGP3=jf|36l8pg)<KWG>u6EnkqJujcuREWdwfc=T-o-=wUj4Bk5;J5GF2DN~0
z=8r$z-@u0$VLD(wHDFt_j_mT=jcd%gB;CAZzrcZ^UcrG46OvdOjaxXRMpGQqP|6pj
zmDj%#gi~yU#<4U-m#jY&Ea9(kz%N1zcZ8n86ugo_BUjR5paOX+g*nL1SJ95&0YSFj
zQ3gs`zzdF8=!O&x@k0KR5J}q0J>CKFS#AyFlCL_%RdqV?VgsRU@v0$6dW>C)-{w0_
zi4XCFpDPWWyv(s}?+*m;d=Lean2cl~&sMZk6bGV-1|++XVWH<1L;ff_mKh1StL(e=
z-=<2R<z@XMyaB6f%jl)S?DS_auDLcA(xUo|z>=KMu`D=TB7qKZ0G_oZ55(O!X|Fov
zRb#Gr%yMrgePlLClhkpLLYU%$Kan)Ti&73MCf*6<AoZg%(q%XtFF_J6mqHVsCefBO
z!P9aEMNZsW$ETTuVuMs1p28A3FB+8~h`=5JJ_inEg*<1w6^7Hyyf9!?ZfO&!Lv@1(
zt8@cU6gn(9zNweTJOK1EN4`o`DsSP6(-*{BCxL|kiKcYM_P}RpUmY_8%dyGmih&wG
zXe*3@B~^=d7~Z?3Ez~Ti9f@C>CQQys>`HcMa}}dkpY9|&W%bN)RWS91j0lPVCu35L
z!74&_Z(|7-m7qu;h1U%gllcu9l%;qd|Lm8JE1edmdp@tq0G!Od6<HS{oQ}pkAUu(t
z)|iA<gUh2?qxbP;3wMF{GpSUkc5#Boy88KcV@LPZr1|aa!7{Bzhm7Xq+46PqW_OXN
zr`W4rlQ(_f;x4gL$TD0lQH`3U?DXiMNXeiPx)ZlQUsUglyW-d3?SQ!wH<-7ht>f$d
z^7iEZ^xkzbxmx!ba--LaIl`S*u|$LBmq{7tvDpaAnPD=Xw2?Om&sTlx##u(<;QYAp
zPAxp|$YYl$Rj58u7BJF0TIswaYu2=eXnVuVPZD|7!Kq^iR!hJl3^a#N;;s%rMuNs`
zmv?8>*AO%b&=yYp^4r@NN0-omlf)furT61OPk@GX&q*j6tMvWPU|ny|TkiymiwR2v
zz;4LIsk)HpTPLF_4G_n0efOjwn=nIH<D4S{wP10uNNNH~;mM3hYKO+7bn6&nxf+Ot
zrYWW}LE@oFYLosx5Ei;dX=u5XONI$j%(8LDQL52op2ywc{hv<o2V_^yh>zVoPoPG@
z9&I-@*=Z!|%i5)JLX;0E(-pZo+R+oH6&ZCtpAX_{y{TTEFtxU{Ka2a*-J0LgZPVzh
zH#w?*-@JYtjh{zhRSv$rMHauW@E#srU(fE_=Flm|VD@BlFo#UledNNZFdRO+7jG^;
zcy@Lr%Da|1PIb$@3Q~jWtvp;b>&rD5>^=}_`quws9AJ|hOwGJM(^9pOYtAg5N#o=k
z22hIGNA&<9LxJDbk6m@=&_=sNV(_xV&N%c0!)4=k4*&wl77kECh99yRq`GUrEmo*!
zCYCUgwX`lH0&IqwDot<FETW&);U;~Zr@5<B4JS|XOn7lu7bif|G*wSCaMLwa8!IHy
zHc_V<&Ad<`pNOZ!jPu`hPB{WPqG_481N4SZGETx!YKo*%AP43|`AYri$gu1Y7djq(
z-tXwqA@FQZ`{3|Uk7WGIC{mE_V;*VQJu7q-AHP8$(&CD6nM@H0Ee~Eq5H5?lJDWd)
z1p>{PR;S8U|MA>A__R3*O>MSeKHf?b5=Pi$&GEi)Y|ykm6(b>=UVsoC=|Q)baO|ah
zyToQ#$@z>2E>MVR&JnxFuY{?YftesM*y=Eul#RryrA)sVsDPFX`xUj{KY&DCU6hZj
zBU|awL_rf(BC}2}#~g!91hDuV{8yqO7Iitp%y&)$jd=BPGY|}?#tajaU%eW~zw{Ni
z6a$RoWdml;eu|u|)uTEzni82}(m0EotXR3w2D{lOA-ftUA={SHuX_46{!Y*Y<;Bt^
z!;u0MM?8(f%ahKefN=u><EU9=@MP_3i2Q6@{5s2y@F}?cx@$l0pz|h%7iHCEb-5?6
z3w=UD!8?wwrC6Q858S&#Fd>e(&kv_hJtnZQ{15_1IA%JWCwaCnBYDQzsh*fFneR;-
zE2yi@?%tz(kUMR@)WUQD*3KMXLTJTfEg$z4$MC~lpJ8ZAu_x|(rz9E#yX0KZL^1)J
zMrr3t`kwK~Za1|(0&H||S|<3fDayEBqYz(<JAUM=#55fDDFB(Xf09q{JH@oFIe7oG
zAaC=bGs0<c*Dq8SgA}>0U!WiZm(^}u^1cY<t@1I$aUuR$$*`B`M|wO^Y%aMa;w=_i
z#~Y$GF1ewN{gt8(@+Mz!vSgcp$Nd(T4aG&-shR=-Y@5@j%0&%F%n?&W3;0ZdRX*@#
z{q!H^r~(Pym*Ne#3cPYQsTSoVK~;A9wCgLR@r<(JSrzkVKD1!RS$j-iYiZf|kSIJ8
z7Vzev+uK+r7C2xi3=|~=(@K9FGUYmIf-`j_`AUZPUx=IzA<97X2OYKTnUSb!WH%c~
z7afE|vzU*jyK`9b=-KJh=Vzy!kPpGmhs^-54EZ*##TZ^7`$oqt7YZt4Hm{g11u|=#
z6zyM;;hOEHUjaRj*7^b?;#WVsJ5!7(R`E`l{$iT$E<aJ`eQf%#!A~Y6cliD)-tBpR
z@dmYPQ^E@Kpl6qaWJ<Y!S!#&5Pz{ZlKZ9qX*jMAV$wQudYhOGt66|nF@D}EAllrUM
z=%SQ?$;?xf+eBVDNnKUkB{y`fNNcSSMXf|y-Q&HQu$wcnP<ZGa$B3amr7r}(=Rmf0
z)TKk=%T%@L;gGf5z@5H)1e|dIOk>0efoJ#29XGGpdJ6I=>TQ*qSLW$J4S0E0L6T$E
zIKd}v)7uUQXS%7;ARbXL6Dm=hOQ{S#jOQ4X=nondP)3nbgmbOMU;o}}P>O5hFG3|@
zMXtpJ(WA)wZa-zhFIauW`1S=pN{cILF-~X^3p9W1idR<c`y9mGcH`+?miY$Ugi~9}
z-K?LFpeX`)g}G7%>jDeZE9vKpiRkJQU3GuA63w&>v;fD_cWI(v9EYfUI0Q}8jkd={
zojjc_T!g9mqE5UwR-IE9H1b7QzAtctn;Wu!Da)9c|ILNOz`^!k%dQ%AoqsUJpTr9U
zdi{F5sYH}slza>vIfq4Nb+oQujkO3U8V%iVL@k%3JA=OOv?3d++!GPdC;g@7=RXPI
zGr!Ydo<(t=J!2jO4yHruxI=&lyzOrHB%+fMa$(4khOl9N&&q^;sAfqncUvOvNI#8k
zNDnm?{E`-Z7<SK)nLcp*Oh2xn3wpsd;{CG#ZUi>5+7x3y_qu{lAHmbuQjVgS>@nVa
z_ZRv(^mfw=o`_F=N2$T_oB>W>I!LD5_uvJrRaalQ1NXcxMs8t02_GUYTX3(?yajTk
z-DB}aSZ!a2xxEXrsD5)9o-Jo`)36Jh%Z?W0i5QBQ6bsGE29HRhSm47Voj2OdqKXD?
z?=$3QfB*nBIX~F{w^W@B1Qa`)`?%#DPm9&0X@wx+nkWiD1Vcr^#gyntj<0!rF}VRE
zZNh*h@N?T>w(yV{iB<br8mm@1tuDR*#fHrUa4`@RFdpRaRMx&Rqpx->G7&<bxxj7a
zu9h-YW%~O@A;!q9!SWME96C*G)>ynefk&KyOo$*O1m)obr=uNju3tNKpcA97TYO!C
zdUpJuoFmOt5|Q90<R)s&LU~S@$uBDnU+rzHNU|&zla+vKJTk40vFnha^7p%EC3mFU
zHghrgYN>)K13b`TLHmYM#mG&-AIQNnn6CvS)Uiu)mXcOQ8(AMLKH7?T?Z<QFHmJNa
zJeIn*sSB*iee94-DxoZoM?>}con*ixO=6tpQ=<TmvJ$W^@MTDHoW?50A(m{jsNV{E
zU@L)b468F}bup&;S^ei*JE;{kXWpgEuSLu2cnvxM#9{AwPxms@kg0WgPly7<QzZHg
zpDz-~WYYJwTbrMh`M}sB%OZ89Y;n+#cl*)sAqQ8_96Cl&?SC=$PQkTBYu9dUJ6W-9
z+s=w@+qP}nwr$(CZ6_-_`TqJ(o$q4Tsa-WM#@(zrtB-fI(R*u8``O=u)@pyf=~#R)
zZ~VwuQlu-!^>cPT@KhhwU34zmc9_KAbL`fAtIP*eO{}p44WxP|vHVFEP}y8Lk^8)I
zOQTi9hiFR=*lkbuni!EV38`F{`+?h%UO8MJlQyx>NsiGTo-J-vt==~xiudd^NG^T(
ze97C+yzRL52O!rGotc)-nO05A$BbQ2w?N@eubNguyByYp9f(>lHkjtl*(mq=jOEZp
zleO1TAH&Hf_j`o#?*k3>i*-bgyT<~1T`@qCO;{$@DRJqQMd;LEK&5Iz!eQ}e2yyFk
zRnA&3;kPqS=EsIg(q42)1{{GTbf~rMx_sId`I_VtQoY_%$pw%rn<LL66luW$4cf00
z#=rmUHVj78>JZ0ClS}a;fiqOl9%x~}IQ1l~GKrC@^(c6lkk9ZH8Mi=|V+>VnE_9H%
zs?eHi;{58oytK3PT;~}d&kt}L!r3z_1$QY}9K7VTY-NJ*?A_i$jb2_}M>UG^ZEL*L
z1SxFT+Ndt~-EN`fb@GVsHeB!S_P%7K1qBJgVXfIa8CP0w+cY~~yX7S_M3J-b?2@_R
zYd|@&3C6>_m>4!oRJQNQ`MX%G?CSs)99wU~>4RC>CaJtY!+XJQ^Ss~DdijT#=VYbl
zJr{UP8wj@ZgX7Q+uNCp)oYcUw=|+u2*C+e(ch=&bFIkr~e&KwBL-rzn{HO89@*fNf
z?DYTFpZH%S{jODIY&ZB3x<6E_erfvPwlAA5#n=!8<PwE)_~ix6f*{xi$rzIPG`}qU
z84v3_Qug4WvQ!<lt{m?VlauL~)I0*hvVCl)tZpLQJb+M1`=xdv-hO|DF?dWB6lbur
z4b%dMMGk@gW6^d#zgl;r#}h$~efRfdznR4=Fj~nRJ{11L^&Im!{XZ7%-**H+xHSGR
z@Y8=Gd4OG90w9m{{CtX&;KaYlqB9=RvTH8~@sUJ5(q~<sqpB~KD%4>ki9e20b+S~r
zBtdP{F3p}Ay%#Pu8P7NNot|qoCDM;HFEJ=Wyl~!vEQA8MWNLSFe%*hBUG0HxDxT$Z
z!-%oq<OYBu6#CZ0evQyc6a3R?iR4T)He>8?6w`&!ZcA1vL|mjPi~49wDuaMrk&=%G
zdx!Qk-n@JZLX93<4Oz@%!is9wb-lU~KTFzo&2_U_b{1ZR`UE^W;`GXZ4}B5>MfUfP
z-prk`C87d6OkUOW2crK>^+^}>ihmAn(~T3%;T~FjqF?M5BAJftS^u82ZkV9FcH1**
zn3b%}wKhGAt7(7%qUBdps1%fYRJTyc04|YcB>1i-k(4iuP`V}l;hU5xnV*axw6SH5
z<yHGu^PyP#oo2e!eT;P6(;wH$AH0j0bO`$XeF=22Wk#3@$>F0$VW7ai&S_EGwvq6{
zJ(`_n+AE!=%P-~1q_RxK(a><%N}JCOSb9i`VYQ=}*!C7=EC|t}_eN;1(~7=u{8?>$
zl+qpZd{l5cI@p$tA033_1g=g1w#w8Fp~DS-_s;9;*>%<6B7_P{haKD+^wA8Ywr8mZ
z4M9Sq04bS`ZZ!WP%$^k%HFhZwQZ4;Zx^pEbVF%KoM^Gb9oP>t0@#AY|;cc>R9=~oj
zmN!ByS7dt}b~!go+^TO}q)&xD)YAE~>FScCRHiK84f5dsJuot>PV2Lz+-A4_+pV5N
z7icc9rM|NY_EKQ1>0uO8eN@|NC60H4wW-DOP>Ddir7Aco(-$lz2}q<u$%Tp~k0j&o
zGxFGi5HM&DnsHk@EH}9loiK{>1K@SUH}s$GIM)AEV#vV$Uki?AHO<%!_W$YBc57aU
z5dX94g3YB~4(}9#DO2jGKIX(?QAr*QQx_a0Gtkm?WxIPg<PQP_92Ub&9CSE)`j8zd
zGzWp`wC!=)yrZQK=TJu#6x@YQ4CxZYzhJB;cLY0M$~u~&&v@Qs3v1CT^juGk3o<Xa
zD=lWvI6l&NVA+xtT7Ez58Oz>UM?<q#<=3#hsIqGLwODW$hu^U=Z(ldajy0u`+k?Oy
zw7WwTK(i{a>o|^i!0KlY$|~};l1o!iji0uDp`tCBX%r|EV4%PN#Y7#fuOKM?QNMd{
z+d13w`nmRO`|ta3u@jyR{X)LRu6;3+sy}Y1hFA#@*+>J0i<OSv7bk=+k(^n&9{rxF
zK3ou#z7>cR<cuy}g2KgG9-mUoV*a9MYJj%5SP?K5&6D!zL6=7R=Rq@20Uf8-^J~uY
z<(Bhnv-xbZ^}|St397m*7{m+|2B?}EBDOK+*>s>eJxQquqy<N1A`NyVeT!6$UdnTT
zme{dXKKfK80GdG$J54d{iv_OHKFv%8E!7r`h+p$ft>#>POGe?#s0wciT{n5piE(Zh
zxbL7S8&&r(^=s@=F9Czq{4jupMaL!%>FLBMGS&ec&+}`BK)4AWpO7DCfd9h?%tA!j
zhKwltsQVIaY*|U2Ea=Csm^L;$Q)hY%$UShJe^&c#^CY0UQ=whSGgH1qiXL@_!wpq<
zSUI@XJ(`i;RHnbyC^5tYTP9U<K9S=1DsO4gd-sw@+fBCn=D0mV3-z%ysa>mVr7ol3
zc^(18V}bCq&_r#z&sjtP42e2_KItP%L)g;b=Xy5S9qVm(pt!c>u94It0guw=!Zz_M
zGdNXl%ILh*?0CF6XdK(D7`v;eOLL4RbKbY7^U|X`Gg5oJAHoF_IMqHc#X03lP1qbP
zQolwGra=TLMMxw81LeR>jVh|)`((X-N^i_h#NDLopC4&28?7s3p#XO#xH;AZxbC5q
z)>iT4I`xufDr#?mYX`%zu)UE@Itxt0-qDtm>(R;R?;eTJZ10uM_Es((*JYWh1<<Gr
zL1?N?_0@9djI-hPjOu5BDQZJ&(j+I#U!%)ju)uRRtdVdIkW7fkfqg{(+L3Jn8T(Zl
zIp@K{ky+JFAEF1@*dNN5cS#CLs`jbD{M7GlKN^PSD}}svB?^nTi5l(x(yb9C*o5Z+
zgquG*tO0ysiNw;U_RLwrL|=wlhBGHaYg0wljLPJXR&p4$hav<Vl_?#186(9y<{o`(
z?fLF;HC-10QfYFu`CG$DH5$X5H7ujc2md-}fOr6XbEQi=qAsFK_N7!-?)%xpM8S)L
zC5nR~70b;9%AASZnK42;@c5NOK#H5PSKfA=Y=U51DK=fLiWWwMH!2Me-3gY`7eX3I
zvPiPM5%6Jbj$1^>WXl7TWXqA5X5xexTrc;_H(`T;HOXw%p_xhSuqtoYIYO43)1O&X
zQYhqFLj+<Z|HihOe1HP2HQ?<l6Jo>5Gde;~sG#1YrD7geVvzSL+)Y?Q+r=Stcx#2q
zr-7(*5O`O+eK4vFAC5W{X+S@fPY=E08J~(r{imVF_8*5H8_R$DmUa9;o(@)oUr&cX
zQy)Gc)1a#)-u4OTc?YR84~)7dMg$3$AkKL5aq;^rS40wZd&RZWdMRj_NbXo?s4M(!
z45^tvL<dG!2F%|XcRwI(%HesV80KG{Asz}t6+z1I?+o(TH>d0W>Wt*4SMD8ZWZyBT
zz3h|5Y43z&`Sg?YbZ+)cm>xLtDUvW&&OiWg>Adx?y+hLg1GiT&#Hm359wnyR_&97S
zeJkqu(EblVd-hB+lLeURLeW~!IV%5T6|^&U3O13J8olcaE{;-tOAbSfD0p+f@Hm&}
zqnT^_6m*dWon!SZ6KJY`2TTVfCx`P;D)Jg@^6zbuUX(mn@a+gY$6IN99I7zEdeIby
z(NF=X=*>cvB+FH_q`{!(T{$(?-_&&1_zo#-tze^!*<Sz}I!-6ALa9R^%loyh+8DR}
zavtfZpVx!z8a7)WSaYP2iLya;)Zz8c&SXkl_CV;NYUI%&8hiW@V$4$vgMiPW|AWN!
z#gOsk>P-J@Q!`s~TeFkxEU3nzcqoT#!HmRwgaW=0d~KXHwFpCBp(B#~h8#ci$<-WE
zK0F}r;>7?!Q|Zk7mB9U1#;nA6l)EdqImwIYX4dNx5^v9-PQ*k%ItzJms%@v8G1?a)
zF#?h6Z!NoVjG^kiu0*^m@B)1iq;bOZ1C9G*JCU%-Z*Nqf+~yXZA^=Dbsmw}Uzma!;
z*Z1M_=H%+~Yo+638?JUtE=fms#wC8>LS3;E#TvL=oC5YrMr&xDVXi&)!ao?5_#67M
zstrlsdMNxKD^&4lcl=f?_VfCJIv6LO(#Go5!twRt<u?<LZx<&9XU~hm%{al767H+G
z!f}1@#-S8@p7WZiSaE{g#uEJsqLFC$@YzW=mkaNsM^T|Bt<&b3=YJ9_S6j}u8L$k+
z|Ku{P#nwprm$LIho!XlUHBHUZrzSaXr*8_Z?2T3yv5~=&fGv|8(amxp=_m_6ilm`(
z6>2pr{!y0yN~h@;WrYe7QVrJRr*vmI_A?|%cFrKs52rq>J8C7x$^y#uh$g9)Uw*F~
zN&OB-&~~>FR{!T|v`c{uWL7gyWg%H^d`AhcCsN0UK9CjkKje>h-V~G^>Q7fMw~iPx
z7h^4XY2`azSL0F8J3U*l7XtF1$sOt?H6cvAfqCL>i<ys#cekh0Cnx56mQW_Ays*J)
zLWIzWHbr)i8CIDM+UOheMdB1#E~3M4@XH={%0g=rrp5v5k+?0-d8jpLs)`IM3VbDH
z82*C>uqYFG6HK5(O|s3Z#I>5VOb0bYprOs3sVd-nisVX0-M1vS;P)^USJdjLX=MYE
z6C{(i>0~yIYCo6cq5ZWLP0N*hM|KftQ{|iecG|~*@PY$YnrcMw5*Mk?P{wbIjV)S3
z&71~{SX&wj6Xvrx`KN?=AC8iI?wCj#?^$s%SS4;dOEW}Re(Wk{utlhmz4@gR|Aw20
zhBrMzM)te@9^j5OKc3@nou3|nY}T#u=^2oxQUxeCgW@gNFT(KzpgqpC*6Oe9laQKS
zTy)YEyTJ9}H+XskV7dP^=s5oODc}EV0B2=n{BH+c_5Y9!*%7>7RUy>$2!Jh9P$(ol
zDB?=~wq!C-liK(f(7=coSmieyH6N9{e`FI-Xf~jZc7xba!-+W_YQf25rwe62_E(PY
z4P(M*#|bMqm^$2oBn2sO3LGJhXGvUmIe_jD#-j(_49C6K4EV-|AfT6fkC`4*R-QsP
zR^g>qVELqf9zyho<JrlX2!o3MrY{12z+l3b^#4TbiwnxKj~m>bLpv+1eT?P@iRC}$
zaiGWC38eAsw>xsZx$;+|C%N(R9;hBF&K)Ki1+`=m;zEAyhspm|NNgsa55FBcJ=}Y6
zcl!@Nf2gL~{*5o8u~F(~Ps~A%BhP~&Q8XRG6h{<2!z=HYg<`=THx;%BnO!P<tB0aT
zt4xQTn0^O1qN#NIr_A%0A!o6}5aMc}Gs*{C;tWvIVC?=NN`z*&Ur?4`uX<B2l%wGI
zpUs&(+bmM!cLY`N4{j*_EQzQlSp%0o=zPG9h|-J5)8O01b7$uH`ti7&-0Np+kQ3G8
zr|Sq)(aCL_n-4|^LJJ{{YN3*M$r4o(4W!zgTS;V|`)HSgKS5nQ?md3Pasi$uqn-Pz
zoqvKyj(SN&NJpe<$|=F5<0FXt!O|D&Q=YhL2y?7_0D-!(<Fk<$^PuACi0kb1!>(~N
zL!APPe;|SY75U0RsQWrd00Yu{Pq^?Q4Sm0+eTIp%3K~NPQ3qx@W(Irz4v@o=wrcab
zn(9Q{;Q)eCe3H4!6wEUqR${W<oVy;&41Bt0(a&APJzh}YPc&+I@zkVq&Wn4G!m<KM
z^L2_|vJZefyt*;EGOQ^?wM+KWWpc59A!}#G6n&Nq?_R}yH{)bz`^Gr5_7@e5Ue=O2
z(kY+zg+S%fZcf%;GPc{=zp|viVYSKo<@cjo!-*~5f~k)qmSNa}f)sL!{*$~vdKls<
zjnzpaLGJoYQBJ|GoZvot)7K-pnt^|5XE#N=-CaQ^HzTbxA%w*egY4d;D^lq`svw)X
zQ;bK=lYVZlu3Wg?3lO8b$O!}fW$!qYM_`h6{;g~n_oJ>aTJ!2&UiaF-+U8trdE{yw
zUo6s#A8MA2okWgB9%+9zKZ9h`8HQFCI$=0b$xb>81Pllk7IftS0mestM+5!TL6pYJ
z%nP7ruL36Y)8vOCq!KKIlh`aH!q2(mM~Ne>O-#|ACCUW=`H)D?&eBUl#FNY~d^}nc
zl2w*BU5n48^*_$r6wRu&2B*Ajg}6OesnCR(+NjCs4!7)B?HHf&z+DYBW_5l$aoK2V
z<QqIMSt5jpB4eP}5|$&%)Yx<iwRy_JZC|~H^Ip!gi@eGu$^#GcxI-pu&mBk#RR2t^
z_~m+h;%A*80dS?FsZypXh_rUKX7?hS%o6$Si^&x!g?+U&kJp({x@5}9GMb8blCJn6
z`ei$f)HEk-px<~ZfWU#=pocOI6$)E5mW@MiDn~Y8@K{>55=O=Qq3WfCYy-aZ@CWHl
zF!1QL&_R~=BbrQVH%2zxtm#&#N;SdGozJ(t$^e%I^u;#W6Jf~1Sn<OXQMT^+YaY>K
z0_g;(04?G<x#fR!NUuPj2{91%+pzL5xqimk)m8`4R~jvbdt}V<Qr>$Jrdek@8)60c
zIjbyfW#XF2Kd2jbszQ<j!I9M_N3-QMYlFSmA%Q%_ZBKS&5jZiuS##Ld*m}D+6aB!%
zBBiq@YWwtcMo!E*!>`DOgDv*im0nRz8t0s6LLwk);m-rycg>`<GjeIK#SpSsg=Y8a
z!43}T7|B7vAx<ZzOe{F55K0`XQ7OIx5#K<x5<0cV2H`b%5B-6s?iqz<wyyl%X?SW1
zy|4!q9}WQprV7q9n&dD*Z)LpfT+_32qprUduZe|lee&**zPqekuc!M!N#f&KGpggG
zz8Cj6At__9um8p3KxVuo*;21=LgPplW#n4<8R??lAkpb?USo~qKtubDX<h56x;PnR
zuyWRGFDFmjb`mXN*k(?)Qv2WvHvRn!xBRfLOY$T(DA>mBQt_0NV3b+WV^=HosTQGk
zmyWE1@=U_9KunyLUP@lPL0+AP=c1f#G~Rv!y++yn2C0L7YH57Hr+fwOGWhJ1b)1He
zv}1uTGRp_sN2aju&K_KLYQ{;r=DNOAK)*eNfrnf$SsnNRjIKja{}0b8X6FA5D*C_A
zsoxHq|GENVTSLn6SCIEys@{oDD?#9b;EA!hFxps>H7DyNM1>@nMJh%pi7<wLTy{bS
z*k1Irn=^HXp+I_du6?=GLx*F<g0bkx`sB#!bRpI3BmKG^8GPxnCABtLv15@lF&~@n
zcbc}&N8jl};?U~T{M;|jWg2D*^*9e>EOkgLz5WcP=LSne1(K;gj_V?W8J71`O0Sa8
zwni<xJbV+etlZt82O{makC?JJSgI)?nCC~0wdH>D=4;4Gwhd`^C24Sh9S#{vvo5z_
z<|pqAWz1j{FMT>sq+#xjB9l*PJ6?`{FEQYiGOfbMITk<FH3_1S#5`G{h(xE`g*|l%
zPE>O1>^Cg32KDr~4R?h&r^{fkGMH=uNufOQ+0k+-&YOIQS$B1=A|HN9OKxrze-ncK
zIXx%j;t`T7F$vn#ZpfXXwlIn0E6obP**h!;%?ojS1Ws1sy9K7K1M4G<PN*sj8!?Xn
z{K(|P0SVs!3(xMk0Xo?CW->txFrd1s<-gomu3?TllCCKYl&Bd3PI@|_Ey#E<7tw-8
zj_RSb$bfd=N8mBFG3!M`2>T=IUlyAXSc~S-LvMA!fxt7yCyHSUQD25D{3p<g(2}4L
zkj4b96%yQsUX+_6(qA5d&*aY?ELR_WCJ;z7j~K%g;S{1D098X3(0)e=KVq$qz4<>0
z9*Dz(4j4n<SZG>ZZs~nohPI%!adD}{8$x!nEg@8V?qgRI4$4rb6-9_U=1sD)vqgr2
z!zf#Urx?K5XIW$Hr&#hRM|De|Ek2(vTALSoqV>zGOzS6D$_hM^jeK>Dtt#MSLB7~0
z2<G~TV!YYZ*t1EM28|&5Q2%4z$1faD%D`le+%diFDiFjO8e3@<3u3<GUuNiYVh-q^
zB%)b<)8jM}xnnK3*&t)&$;J)!6X(40=BGtF<t>}QsnMkJ^G@l9K}?8i?trMPT>?YD
zu8#&OzeLlkg5A`>i~IfT80gmVRL8Cw*ABSch$w$9?e{ya9flJGjltZ?fnPoh_$TrZ
zV%KzUCEd@a_Dn&8$VftXr&su8#K1Cx!oiiTfaDM+elbawVUZJv{$9)dG5P_kMEF6d
z_&O#VzoZjtVxa_w+zDU;Nfpxs_X}Q<dnizz$+*9tT#_vs(l#bnZ*V3zHhf(+-c2v%
zQp}4s)4qU>z#$@~$npVVNoJSSn&kkw8afW{l2WC2+a)TLHD*OR@=$XYR;*=LL;a##
zH`=Rst6C@4T|UcQn$?~vR^<SyCEt-v0G?bsnl<IfB>;LyJ#^Jx2=G*4m6Z&py_6)5
zG$X>4i=t0}LqF5oomz?C%|<{&!LVjBS3rLj;D$Twbss`Z84xgN#hh8SpZlCxyR#oE
z+Sv$vVirW$U_q=2pCoGZi>=ekqfFQ%w*~K#Qh@EHhWuAg94y=1yonoDeoq;_Wsh|&
z2(Fp3`~dGdn(HL-CW>or34)dcNK`a)AL|;aGsXb$FDv9ShhB(gYWEud>WlEZ(i;zK
zNP_#4r~pu(i2iG|1v3N2|Ah&vVr{-en#~90oN#^>+S0=svuI<aUnrUS0!68VG;Fc!
zB~O>MM-4P_M%1&}+6O98YqF+#OWXwb8~*u?dk35fHFp9)p#C5vd}GIy=GCyFayxcH
z#Jt=KFbVA3Z{vD_V_NkOk2w4e$zCZ!3FW&S((fu#dElIkT+-0!)Y+m{3$6ox(EIw#
zxfeb-43MkgxO17HS={}oqts$y+8i|&8Vy#P*?5^h6a*vGlE*{$F@)ikN~$~61cB-z
zLZDacW2I&Z;LK6#bapPg;BOoS99LW={BeeANrB`hFU0(joWDjEgL+QAY&M>i;(T&2
z%!NahupDhwGR8e)*IDeT1Q578b@yZ*x@&j1WzK3xvVg-`b;Z!`pnMAwy)WcumoYtA
zt02R(|MwNm0L97lr$V1rwhd~6Qq9&KVwVQwAB-vP5{?`t)1QmIh71o+-}*M+*N5Zf
zuP^;ayFZeI=ib3O-VKg*i6mDoXpbfaKm5UqJD^UQe|Vc5?FtWfk|<m;LF~!MSAY=-
z{6p#>qjcqVcL4<Q!`;zLbAt0Zh=}d~3bQpaM{O9A15cv_<BFm>>I5>Xy1Lrlptahb
zM7FBBvaLS8FCSw*VOAa>zA&R^yiNwlAXSG_hF8>Rz1wTS>40gEB+aV&<bWNgXrf{R
zKQHp$tu_+JXcWN+t}QyJHqQjQ%)I;|5iA|OjNZ16kVJ{-DWi?lXATl5^IgZ9`6QVg
z)##Cx=a2JyqR!xh7Fx_YOwNr`JKBWEQOsP!o+q*A**SiHzQ#lE)z+n@z0v9IZ12d<
z6?mSvz}@#yEPuyTHi%-LX`PJllu++hNecZY^@^%jvPzIop7B9pMToVtctZLJ+WW2F
zAzE&vhf-+IT6-Fj460P|<Slg)7{5~mA?Qr<ct1Hg*}i_BjC_C2+#IfqyxiT{*3Ldz
zHj{~+t0>2qtFW5qt@J3jalL57=ZmTkt>I?TAla-g(1aN;x5?uTT`#e*%z#{^1*vh0
z?VL>5=2ZtZhgz3iXprI5`m*u9`m1#ESb5T9Ul1pF_^0`i(<#-w88|7z^*N#Ri4z69
zP<x?}9$!t#YucCALvEqJFd9+(xL4|~4mpFK+bDUCR2;fyE@l1rR@A-@d@%Ko;UHe>
zMbgpaA`xzyK<)1F9iJ~cBkO+<5=_66;s3)t{r}loSsDJ9t(E1!M*UA~?Al`gkF8ZV
zfAmF!DglWCupjUh_}A9jx1SK&BA_=lGj$Rmb=7C@H~DL8JxspLa@?u!2K?M(5gW|s
zm0uE*WHKru2%bV|0Au`{FRvGmB#t6j^L^+`A+D)Gj-m+yr-CLRh#V+Kj!^6ZL;-4G
zNq-f>-f8ZTxU&RgtdRktAdtvU4q1@`gOoFKAm}I!2~X)Uy&h~qW~4Mvd*v-OZFP>V
zfDE4N&!%n<$)|+|$=}!(^sP4U{gN3$wdY47wG-s2f&`WasX#@54ync9#@z2xJtru;
zwMIa^Wkq_211bSsF%+lNMFcB2{#8mcmW(b1M~DGL+=Qxqa{&360~#xlSWE|<K1K$L
zP}cSb0*TDl0gv|ZFRx>?kPE~C?&8T#l~=-kVpc8xzdo(PgMC3MG1LT3{7)lo{sDcr
zvC~B^vnzV)V8L;3i!|q&8+!~|^>+|&^FF2gTn&7bmmV#P-=E59$EFsngpNP=sy-=$
zpB4-7C`ajuT&3bnGcYX*f{tm^LNY)vDkJrTNh}em4S69HuoO_i*^&{kQmo29p!5b&
z2^Q2m>(#9116l5IM)?omFH<atIfdF`aVs|EyEy%WB<{opWzmTYiP8(d)AB@}iUPE9
ziXO;7#~Zj|S^9pVB#cD92%1HI6yb(mkDeMRRe^;Dt`nr<1n%K-#V8Z^0yhZ$vY*|f
zyuM3jD2S=F_h13L`^%NlqoP|d>gDBIYTf&*?{{R{>6#bA3X(TVmbb_2&GWeHuDAB4
zLKT0QF}gR1D^+5WnV&p|%HEIQ`}_O4vD*u^RSq<10z%!S;Vch5B$Kyua5$mvwyG+G
zm}Ht#Z$SF=Ec)qT<U3;*RA#QP2QDk!=`P)%GdvxiZ<@WK8&j^8kFf18S4B*BYdV*2
z{gcs``^Sl42Cp_u-~3~hyBo)c{fDPZ(u|*5L^N(yy1r%g%(l%BQ8(SI_~&bVog=EJ
zqkucKS#C#Xk9JIlT($Mv&yK;N!TsLcvt8@w@p|2sEE8{ruH@aIKVHZ7yXSrMWK^|D
zi~R{PumuY-K`j#-6+{5@F^mGRTi7^Y<2BM(H)wiyMmGmsdRBKwE6ewvod>6m*SDR!
zkH^KAH@7#_Q9ElR;uB{K6Iyw+JJ(E0=IF)(eRFR|YivMzgfRRm92Rf58VP)#)@7C%
z8}W9E1`4s_=G=x0_IyLOa%^aNqA>7g*pb;)(d>L(3_~r$u>;=RFh3%VYNiX3^jTZ6
z=qB^M%g*$~vs<2Hq1sR*dO<)|tkl$=5^H$gQYZfpr`IQ{+9{5KM$m}*$aUYQ0n_zJ
zK~^i*Ml%suaLXC7ih>gmnJBfNW4tRvfQL~Lv{?S%_7n13>>w57;gBu6%sCs%+x6L~
zg44*(WQN6hLTJKdk!9zUWoi#)yS@fN=yMIgjl?O+MNoZBekWI|M#(CO8)=r4K%uQn
zQG=-WJp}nUVcEN~LIW=Lk#2JojQR<JMe@XgRP#|uW^xO5`_(5-GV^yyq=97gLXi*U
z2P#jk0Lo{VfR2lOdq~PxC#8<OQE4$F4k##iD<lKaiAN6e9yN@n@>l(F`@haJoHDF7
zt{Lu><`&7|w2DBAF{6gK<$WQN)rPc3`4qqZtI6bos14+ER>TFl5DRGetTE6g9{eNk
zb)iEH`DeF>=7s(+RGjU}iSh6?uqTf7juNkUCR_5pAU#6Gtx>$hYP!lRRKm#iM8ML)
z2MFNkamS2<1P7~5X=JpXmZd5H5Mtxs^a_!JWO4}dgn0s8{!LfU-4Mo~EMh$A$ck2T
z`Nu-@dM6F)Y_#UpYs%dKJo%q}KHWzmR%b-bky4pB94E3da6g+(0{zwwD$bQ_c6m!<
z4CHk^ckr1l+<LuP&}D#k`_YDV1Qfj^Q-(V?efJE|PGk;49>z47klMk($`O}dZPDzO
zLGF8-jRlx;IN*BN#3l{s^BEgN&su90#1EO{z#$*S^!($Y8dwS`vutw_9!lNgB|7O_
zN73>FklqOg3QSG8-{5k+;vP5y%Du^@v{VZO(r-7UNJ#EBL&dv_YK94XWRpW!62hH}
zlg-a!!fR~TkMVxhxOK{?G2n+JTHUBApta{rt51}n7*FN7DFkIp7S0nB$aF-qVh%0I
z@-cq$fdl!*p2Yp3?j7YLGAJy(<B4C;u<+`Zthie6W$Qp!6@Mpu^oFWglJ_mmWm2<$
zTmp{V2q`@2V?r&*Cg<WXaY?~tlA~x`)e!ZPTyd@N{(MO?JUOyj7FHU}FGfhmGy{qr
z?_uj(?Q{S6K2@vj+i#zod;N%2meqq<R--n$I@es&bY>&H@kOx10=){l8TzX{B}TF_
z*x<gEIjR6so+8Vj-$h3<sZ>Ul(p)_+yLQP^d0H052^nP#R(M`6GXPk)@HPc%qRwm9
z@Y8dtB6e$nIFdu2oV=CNfG8D(!q74>fUA;MX3hs&3R4q3NCe2OKZO+4cQ>-3X@{yr
zEax%FS}b9~i1DGu;g6F=G_<V8(4&{Uo6<Kt=PBA(^_37mJnNJr?k4lJU`H|ytkOas
zC%h&T&q*dl#F4EO4zr|I?F>~}5Tx=yWM}3uBHCOw6m~SY)T2;8f0QdRSrkUMX;}@#
zrLmhC*Rk3buTj9)#l@pe+&{~5Rg2DM`1TQNtse6oO2pB(@(RDJyp5^1d~0{{gQ2ar
zSH~Eu5xsp0c%lrxz&AktlY;6}I`yhpSEux9JaqM+5V?qY_<*bd)bBnEIR)}2fvp=H
z<>aX3T6EQrz?zSI%b^dieI>|qt?mYc)LhoP3S>rYPlB5g<c0^s`tRpuxXAak0lf@*
z3-ny@M({kqrN2Y2bB;!_ReGDzd2;FhTr@c0oO3QXzs&F`Y)4Ml_!1W173xb6YNT}M
z_qv~SCa$`?y}5ue>Gzs)YHq+8FZD;H=(i@yD`nTZjDCU;uR@GERY@a#Eq0@-`DXIv
z=JeprAeh}E;!X;%vl3E@EJT5-fzeKM8Xdw2X1i`W40Va<aaF}yuHl0ZTGjY{?Qh$)
zbM?C2x*20(!FN;#UN5AXVUetAXCoVc8qY9DIYoY3Ym8Dw6c0PY?u4GK{{U7dN~!$^
zjmFIS9}XoL8UFk3_i1&_-_0Jh-)Pa^RF60l8uZ=F)KwtXq7Iw&f#ih{*|`}xQcGL0
zcnCmZ2iM2$tKYBl&zQ-59bAeSHtXa44hPCy7Hi?A#%D|W%g)jxqx2)j(4tdpTBPHY
zJ>&9EM_{vdmA95!N3#}YO{-h$&`ZEwtm*w8ipf4w;qamZXzr0PW6P)EYodvIiA^VI
z83K^k_Y>usws+6K9fEn={Goe?shWmU$G<o51%tQU-|v#yUF=z*lFcv<q>qG_YQA2s
zRTbZeaT+{H{giS)h;cj6+ionP`ZG|$2z&@@dmqe&RDzn{>@0azmaG>5xyw}b$(Q8s
ze6*GUoc^r+lK@l1AwHV33X)|@ms^w-4bu{+(LaJw^wD!7c%m&XgmWEw?SW^-ipTnK
zeKTm{jecdj`pWmy0$BoV!;W^e_ya~|nOV2{yQ5vEUb5J1?n+$XLNO_&)48AM6(@I(
zb8HOxY(-ZQ5U-|NBR#3Hl^fAia~ntEPO7?Km{wAO{H=vG2XsJ-q6;o4!iR4SdVg=N
zxyFx+mrAPP_njP!CQWV9{zf`LNhu;xe>eYxO*GI$oHPNM`eJO(?`X1s{yrTuK{e4<
zSa+$hh3Dw=n0#qrO*c9P8%ZcrP;=;>JTf71%(V8_d{dr4ex2_`t3TmZbJ^a>#DU6D
zJnj!IE`c14D3wzoCroB&loyC&8YCS|GI@NHAnYuxgx!`BBSKl!6cK~7iLI{*LQ$v{
zzzf2)=~pqbE4Ks;vPY<O+sS{_DJ%|CPqRHj$8O+Jx02>hzza4j&}MqEHsTGjUhV4+
z!TNf8`@+^w>(&WvqvKE5c%3C0AER!m4x_BXHmeI74nT$CV`M*&DYE6mLn=pqD1!c%
zU;a-3mH;;GP)Ynu*u!FYWEtanxq)>wlYW9q1<50M#YBUDGZ-up!VFiVp1b@BV!l$j
zA`Mr;liF+78OHJglz$&Sf|DfqD$6=T<0Dg*34*>3+P#CAS1Qap(i&)ne$QS+;h!3=
zQ?+KRZ3lr4<MSB4vv9msHoK-8*IEua(@ocW)QuHpk|a`a`Qe77BM#)3$Zsto5sH``
z;##wRReES1WYUSfmNn%w7=R}O<33COl-1|#b}3JJQr{rgA-?U%{?@5v-&AepNt`z6
z4j198PmNb!nE{zjo3Twa>dm=a*xh=R{>9ZOj{1wURYa{!CF(A%!>(^)>b?ep4}|pT
z4a=fCLbcvy-PRF1WkNp>yS+CEF6g{Nz>P7N1`fjo-SX4ubH|<WtxqEGh>11kig-dv
zP)-UEXr6TmrG`>@mh*gJc1-@I#ik0qJe6xdtY{4F2x)sQa6NFsBjdQT2sH9ea|qy~
zg<J^<{i5}_%mc6Dpj^scNo<&d@I6?4*^~mjfYnlI<Rdti#JCyZjiWDC9WI0xL)oHL
z#?W|)E%Qw(X)9J_z7lUXzV+B#7;wBH(XSoK8K8SP$4jz~%oStSs=fWB@gOYnEQdr1
ze@RLYdZv!Eo}z{wR>A%FWfxFI3BpdSjxLdz4j7}U*VF-&(~<%f^%#Mgyp+WE!f;$a
zQNSb-_8X}ki;PnM?G6ZwUA`5oN25$Zc01qfIi3YMa{*wWgp6~<L^KC`*CJslhgbx2
zd>ricH*oe&S?@i);b=Mfv6~mMy@xTNzXtpK(cJR0ZlcWKQL;!d1=f0DBt^$IYS{-)
zGnjqZLA#Fw>Xy#)fF(=~3^7S@+<Lqrz0^XgtHmTMIjVPjBo`-3R<9sGpEe-z7s_dI
z=s&j^#hF3WxM@lkBqB*&+(dp7<|K7%!nDa$i+E>?9AwNn<9yKyJHPIz?N}BcJZfSO
zJm4^p&xm->=s6dK<)Zg&2QaL;`N#N~3p02#y3&%J^EF$Ftj`EH-v?cuRZ2Nt&=dhE
zO7BZIn)}^wlCT5Ec3<^^({pyjQOmN3OynC`z##aM#>AL3Xivi-eaIk-0|e1*5_Ckm
z=HR|c7yaXRju2UwK4T`RJ}X^&D?HuML8O2<amMugO(<{Bp>1a-V-M97l9R#2y-oAW
z*jxr~s}|LE)lKJu0GtXVwroDa*RJwmN^&KWb)jCiM7Qay1N&q1?|Nrr#Gp|-GSY^0
zUjUJm1T{4^Eg2(z2ekLrwU-a%Bf8C9ZP)hSr!ETs1WL`|Fn!n^eSWqwsh?5{;kx^b
zA5`T&%(pYL)sVrPFI@B+@y!K>6e4ytH_jhzY+T^UG`pfHk3>1|ue+P;7reKvw@l6T
z1Ka@{*fpp$l*D@i<PgPJ2Z+nRgGTs*@Wv0I5eGQ#xcSVqd8iLd7V6FqGMLuVA|A22
zY(vX)*n4s%s*6N}&;GdXcKQQj2C?dLj;Cz4-xRbh{k6TIx4U2mH+;@_>@fpgbq8D0
z;%^1g_B?9NKR)PNpnvF5Il*aEsOsO9*eH4rWF~s!IXT*hITmsr+9atw)Rk6t$Y<v-
z;z$uqJ=A5iq)k1zFxP2;<~CwWUPlW*WI+;c)E74+!mUS+t#d;+!<dm#IA=(>MD`xv
zxDipQs@{g$qz!wfW)&F=v$%Ol<rT!1diDz0x!f_w7xrK^x#&E~3l)a!S*QnpUP4-K
z%<w&M#UuRhvJz`Vg;zth!kPHz3`IxW{rJFfY;{D%5ZuCX-@b@O@bU`%=yU~%PTx$;
zf<^<fWAP6}aMkA-ls@I+tUABcqfzWX&U<T?|72yc@&S*tRU=yNtdP4J2oho51u7Je
zG(Nv{$AC}4%QE)X=c4LoJw<WQNi5Aae}cl5N={oMPOjjH&Ahr26B&<<7&s=bQvaxb
z>tsIDeB#Z~$xZ(Ujlx3z9~@$g?9Bf)DYsff-SLnW=~tuZE%%5k6T#Rdly87X)67!d
zqe|>dT}exlNHtAsXd_Z^B`$rxT4NWvUC@6SL=xXQ7k19SVF9@0U|)IhelT->xQ%m<
z3iTvSVe)X&ismH6Tq+WWGi7k>Y5=wR;(cAw_al<Q{5x-5tz37(ZQ@#b)<Ca3cR{2+
zl)$b@skm4F-2orP^lw=speQ*dh;=aSVE=gGaxuBPHU%d-@tmo&X}4?B6SpHVyn&hZ
z;Tcq!J@Bn=Es7EDfxZab>EW-L#8yQLLLR0I+3u8iV+;?}4ZypO8ESi8l>K4m3+dLq
z^<+Ecd3<WcC5Rt0u35APT*mJL$rOhzKlGTZ@MXI2zJcX!;tCotEH&h$Ymv9|;Q=}6
zWx$vrtY+H>>iO4(YpQ*NYK><lmb&8lS-5pip$3*I(Y3)3t-kvx!3Av<3-Yu}ewdLP
zIBN=-$8zHFK@VTr(tRKBSbcc!afc`7S2`lELm6<(^e@+AD!XCwJ5}i2P2yA9$(38U
zY%w3`JuUrZmjYF!UvO;2ICDRx0q<GlH?ckF3^TYYyGYX&QcGtImAk~X{?9hk;7w+^
z&bjcJcuV-?)Ro$9ztd`%Z^i%XyA7E{vvzj>X}#-bbi0o0yZF_a`=7_^pV!dCo%eQ+
zp34{T5)lk_`ZH-^%Rf!w38K8@Uv^YJEgRRwVZWJ?((Gi|XbA{`9)uBM<hL1hOXMmx
z0izO@y$bU@om$*!U*H)EH(6--W{#vk&!&&eyBng3V_iAq=^i)#_E0I4Rl|zH5aNwe
z%n@b=j}sd<4hl;{4F4T*pCj3EOLRElHW?$Y$2WuLVVu{__LG*yT`3$n@Cm3ZjR9VU
zF`ov@>z~2vTakqLHituk@vND#!1kjsJwCHU<;rw14hR&awzm2k+A!1s+yw&p`Qv{D
z?NJSOzKC*vj)j>nxIyfcT&rZN*VXgk$z)=s?=m<NedvR34;0&zbNh~_fjy=#>px*{
zxL__)$uym}v+#6@X9P<<`r?k<bDx1ss<W%3Ep38U$e5{9Y1gLQFIpgCI6qTAKyQeV
zUMU|XotD{_YKeR@gcKcxr!H41GF^ZA+}-B9e;iMyMy%mS;rnkF<z~A{E*NnzRh-EW
zMuy&*vl+Ry2&u?0HtyPfmEZ;-q~O#M^;0HD@5xah_-kb`Nw`00DaGh?*Z%1iQwA!-
z{-|^1t-$0gk`q`=f6NC$$8yv8rLEx9gc8eW=U=Jq)4}V@=Qj)+Vrt-f<$*e!62w>&
zWtkHTENWAhBdqN!5ngB<N-fI49xdi=_O^F+cVn$agLjI*G5#SOYa5itA91H@idj@t
z_(~Hj653$VT@I4zQArDs8&b>2TjA<ZTmfyUD$p;d^x*tsM-;RQu@58>Ut)T<%}YTG
zo{*~1*mifOc9Q1L0$tAyog^xi&FHVdODsk5iK~^9i8nw7bc}A<S%5s35<#TuB+4UV
zngk+ZzPCPGvm0+NuhFc`)M-(98_UJMTeFdJ3vkS01?~gW<hI<?mbSa?+i`LE+*MWu
z1XG>lWGtKF{MRavzi^?U#v?7qXJNupBr({UuUzw<$-LDAVB+7U86%w1Am6GaX=t!n
z7t<lTA(e55(e?~Xm9ckdpW@x$FGU#GH_ecIdAKc@60E|p&`<pmx6FqXBjCd@0!yTY
z2!}D{;SfD+`P^$N*0fWh`u;_O!)yj60z&M3!o)>yjJXWpNqiEB07!$lv%jPC&xo|7
zgyL&JSCuQA)~i--sTHh*{?$UKY?8C30+8I<r@`>2m21+MtEb9FRO8Ig<=`?nd%j%_
z9Q~}6Ao_V6kVbTq5_!Xdzq}dh$(O}Qx=&r1(oN?yqYQ4QP;^A{kcpQ)J$OlRqF7RY
zPy||AjI3ySD?0-~oWJl@*ugG{ayoM0z@e=*+SZ2=ZjuG>(SlTk98}J%;bfizZ`KA>
zgX~n#i!bt~veSCb^py&OL)VUS$OanA-3;FrRB0F`gFSlO?n=k}KoASeimU_l{bSyJ
z8+dczOvmRK&-KIJdUXm{29{YW>dgW#qVLKADad?V%dV8ZJU0iG0o4M*5{jZ}(h&g&
zdyRbq38EgbbVK%SQ%Lm~YO%EZmPGa8A66(75bN|btb=v&XOhC)_IBh-Z=nl>uK)>Q
zL<<L+!73p(Div_s?sZ;_o(L@dAFSue{+XygmWAXSe@g{WNHnq5kJ^?jpAQHiyNEkn
z{Y^JzuN->P*1RfmTP_U~u6z1;+|Q2l96{rh*QxDfN5_!O8&hvnULQDsd*g~MU=OZE
zIY6NT(U0MpMO@SVI+jgRkd<C-_cDcKXIT8e;Az}q7;y6lkgG7EE{>3m5z#}2g%T%;
zp0^C#eSdbbVXtV0N+P3^RW=98Wno+#gF%G50}AM^Oo>F(S4Gl;O*Xi?AU?*CaRZ!=
zIl7yin$ox7M0u{d7S<l_FI)eC3YbUy=2RYS=-r8lTf;)o8qa*ML=3q{f7B~4ILQ7I
zp%|cb#E_;LFq+q8Yc0Ijwzb>Fi}pYd-F9w>AaP~kuPaf3NShG7u?W%MK4u)^dClG~
zZc*Z~L!U!S$tpVDX6fqf?8L!7tx;5_?!3H)2rmcpzY$}<su9Il(N5|Y#{Uo_q^Bo+
zMe)@Sfq2Fy#Z1t<59sCH*423dJDk71c5~bA?%*6SCaY9G@kN;e(;})}BF{ITha`y#
zDk9iEA(7V5+&tjakUnwjRDWug(W_RozV1<MU}Ij?jPej-(IWj2HQB@>t+jjnD4Bne
zzt)f)begS@jQyNz<l0o66U$CozUoB#+n0cIw1duqJi59~cc}lv*L^@+x#3;SeT)QA
zN=9Wt)HzWG^KP_T4hNo)feXqVWUmA+*kFpgULDU!S{Ua3;AhgO=6}YR!51W<tu^`0
zlC}L^$tex=a{K-{7v@m!qGq;pXiibxS6O*Re4EV;J1GIJqBC1OjigHillfLxD_gST
zoZX<z66lkZs<!uj{rvnT^V7w3vAYvR*ZEcXA#fYE<yui<+}e#pP|uE!uo4BsI!Lcm
zXt6r(Ys(l`zLS{GyHu-&vi(wfvv<&Xljqts`gf(_s2&VrWdq9pT8#ay-UMUC5ErFZ
zu%~tu#qt%U#qXg&7+h@I694uqbM`QDr_9v{g^XK$x?%EnF{J%LC^8#?%+yy)wFf-e
z=0hl<#m*9j1Wf7#xDh-S=|&>C(uoQ!yg5r-cdqbwR-!MJmIOWB4{YCR=$rty%_VbD
z*REM`?Ch(_x{T(1^n_I1H2Wq}R~}@~n!1+E>}9pX&Q$>4P^=u})QLtl_?mAviT)ax
zH)>Ox4Sc$=G)1clJf<cI<ahHUvTC44QpN6)9eDq>qiHBd&vb2q%)8)<xho)+hUWB}
zG;R=&mNn|}EwZnVAE)=BqFc3)yn#g#vGG7UB@UI)#^_CjHFF7T_p-cVK-7zk32%79
z)U=P}@hR)-lZPgeCSE*HkV>+<rS^xd(e@CAMOib)M7nYt6@)1WPO=SL^Be~as){fu
ziCGk+3Sx4`F0VTaV3eJiDoyET1@UsF^ja>}S378V{-HIT_4Dm=GA`kG?E91MX_uxx
zRi%fgRynoelpMf8&z*`|QFT{~AD<a$B&`W_I(rr%skhmJ#?F_AeOC`Wk=1}w1dUFK
z9bXv+r=w>d?}`L0d-G5!QF)_Q=BbGd+5h}SW1juCt_4%uVd7lB@Ji{!UGBaBl_G-r
z15ciLzxtn)HVec5I<ftKtzWGFeJ91T#&6=C6UlqF7NL%g6``I`L_rDtV{Yj0s&)L)
z2yLB+XZ%=0f|;dM3<=w`_LcAMek%2PgXO3zx*AF}c|;Z_9Q-Vdgy&4)A;+!kj3}8c
zt=B#Tio*?8p(oj0+};+XU;w*|DDtUgDB*^)1U@HTXPPt8`>BZPQ~~vcLG9z5^S&*k
zR71nZ$626Id92!AAQXw8zPjfEUN(2OUfC12);S^&q+qt2%fqwlY<gcSd`#%49Q$m=
z@l-xckUWLe1&pi@*ZoDyVcoDxOuT9I?N8QeWQ|n!-*W4iC&M0W*YMT!l6s#X+Fhjg
z(I}ahgxLoM^IL{kEQiOBkWX0mM{*XVMQOfKb5fBv<-`x#q+}hi8k+cr;?uUEfY>KH
z(FLsBhQB@3r;`gwof!Wr4BpewI-Gi^4j8AIzR<)f__+)heQ{Am7#Xr1Sok~)(BMr%
zY<6<lb)7c}J7i3g@oX&(KTa6nzYU4_XQM7ei`A+<<Asam|6qDP-18;2Es-Y2#$$#x
z^SEo2@OA73n^6)NM>AJnL#RCJe+Dr?VXnqheBgQNm{u}{<5h9#s5lr$eX4D!bbm*G
zH;A7^76D8WUhBQvCwM(_CrG4DkQ#D5-kqNuXrW^u=6qwLE@ZKxXR#CXrP@L23S#c1
zZYVQpQQ~RSjnWUrj!)uu&N|nEoiV^68m_%?f`aa4oi=%CrT3Ok!pGf$w<zW-W1ja6
z%3}af@pDDQ=Pe6<pUBTLKUhSw8|*18j#$s1D1;!w0Wpb4w^oU+Fj9^nLRJb`&%jru
z7~~9<J9Rv?Ysro?ryf0R9h>w}32&4(SQ@ukF7;sv1Io>~^me8JgzfZvWm3R?^m^au
z=Dbc{_M&uzg$fE{vjKo=s4#nvq0^%_)=cu4z0UN&lLF*E@yei;qNP>p3}=Am3G<&e
z_KSy~!-%m3PQHph_bU6g)@;h@MmF$SVyl|s{W~4W5UBO#z|w;G$3`Orm=I+mkxs40
zz(C1k_b%dk`Ai3v`jz9u!IUh+lU;c^zjyJlUHVVX(s7+XN(%7>Q<_A?{|;6MQvY&l
z2;){ujr%?4Yzt<0TyPEF?LA+VAlQar-G)lpr6%;&hVP|!E2c;5)mGr*`uVg`HqcSM
z)g%ZdNVYlU<yitK3PV>nuTw>u9N~Fr1(j%8^$ChnRjWAfP^b%~j{Hw#BO(0^jKBTP
zy#xZ*a+3))aB3*3#HSSloC1Wxx@cT%UCP!(Abnt(YIT2nX9%nh)F;@7z5aSElhBUd
zzvaBu0;rW<U2_c-dA>+=I>+G)nhGG4DsC$!k#%9q2F~{7aitId_jql9%!~R{qF8#W
zhlj^fSsIV<SV1jVdp?80AR=jsJD@2F)+yE>Ty$DisY++iOIHzit$BZsA`#m7Smiub
zmPRAizi2n?xn(eZRXx<u>I7!VsO)J$<bHVyhM;#(MdHcQYK_cV&Z(p|=Zx@!j@Jto
zk1e}rFq_Jp+pNZn#d_pLH2hZo%!doQ2<4^msoAcwjuVfaAT8<RCcsk*zdgs(5o-6B
zot;msX7WSEP9>|SjF__F+$+CPSuRRZ6R(OS@!jCgIpTn!cpLy!U%sid)<1lYC3{Aa
z<ATg;f(BS?j1WrT4kZm((KOo@;472rUCC9!P*qo4IW^lAl(HAYxhM+IaC)Zn*E8T`
z60Rp+2qjt~z`OV7x?|893ur8#l(AY9DR_q8#2aV_?o@#st1n7|W&I(5kT7^*tB_af
zE3zCQdRv%=FCkTxzhJb{$N_U!t71(XGHl3Ht-}p?gm}9P=)ZTUT(_{Nv~c0VI1jCj
z!ex7H9_m(#(!XphuB}ZkC4p9h%*CN3mMk(9M7n>J0R<s7$i&`{Js%t@j=k0;+JNkg
z&s=twP#`K2rAsM<o7H-UrMxxrTt>ocDj(@VH!L3NtO&@u>@f(aCR5!FdUk73Lb6Xs
znSGX?ea+>b^xQW2_-Y%QERwJYinrA3W*8ZaWGHq7S2mEJr5*8l;PmYqs=Z`*cGV76
zU-uuJwO}_^m#CpN%P<FN<H85q(#^xKx26zZ+pV|xdS@1^tdKX>45e=0omh~4$YvTD
zC7GD`MY0;|rVhMLGU`B}@$)Pxy10wvOu2=_rkS7#uuRbiwSpPmn6GjVS<&qyAdY(-
z<mFuBV*#20nM!E{L(!GRH@m<Demm77nIyWPu?EDn?mW66>%-XwL^10TjhEa^8%)%b
zMuOu^z~k&$h&mw^;Qz5xj#tQ8&HU3CAQqyAsTROA%gUld=Sx7_<Pb1IU2D>`SYU%=
zzv|adHl(NQYEcisKMubGz&Cuab-zguyp?9inC<_GH^DlLF90DEi<BUc)q2@XM1aym
zXu=dK{C^mG$KXtYwrzN$jcpqn+uYc;uGqGXjW)Jz+qRutF*mmL<$0@K{J5*WdunQ`
zYig$EPtV!iM<1w^*z^mgr+gcdMK|I_oV1($nBzgmhbPvn*Am%a(fl#FNY}630ERE2
z6OL1Dyt7HFCkk9wn{0*Ebc<8h0ESo4sV!q}1hh?dQ~dkawj`YEq4Hujl04~XxquQp
zo2)W;8FRTHYTya|fmLF1qlVd)L-28C3TpV)U(c8^nbWdjsswYl__u>ovc%$%XqU~4
zl&te|<3`$ISUC~)+1>JiKNVh^U9!NMp^M>5xobucOss$Ne44&tym;J4O!8ISFq-C;
zGg?YgPbx<01Gmd?EVAUHyiCL|0_EOH_V!3L?aA4UkxGOvOS`Ko)(w$%C4O3ztt0B3
zFdjVVJ`z~M)5s@(IdXTk(zG!BlWgY8mrVm7adlAHYL>U+p8v=qb5*iQZ{~KMAV%)a
ztO0p*(3NifA8Lqh#quo#?FeKSJGt(g5TDrt7<e3k671?MHvWq4Zywhu-6$T>fk+!n
z?^KA>1HTc79ERV6R8{oPpT^j?%&}alC}g8@*t6**lh>h8=LQEXw=meJG4WmxXE+Rk
zQNgot*{mC#mFum)hVW)#v-HclJTwQn4*tj<4p`XQs$>)1^#{A9Ih8k1B)O#qi|F;8
zL}Gl%7?X6j>&sF|=+8wH*!-m)vb>L!AxIdxam-#nH{Bm@{4p?FEI{=f1n^#r(gFlP
zA$ZIx?(j;5f>0udgNK1t#Bo5zrh$q11oqF$*mTosUmMT8OBGd_S6gL?m^6Y7*C+#F
z_S=^m4!hQ|)(e*gtA;ffehwy<@i2W>x;0xsPZ(fgArdT6#0myu;z17=7-KOS>f^iM
z4<$lQtOn50A{DV&Z~p$b(j&5lP``3w2cfC^F>7i2eo*jH7^K9Qx4sM%t@CXeKt4aT
zA#EDa8gO{9LWTe`m)W$g$GH#QYoY}}xzf@RkPDMC!GTQn;6WMeGDyzd#jQr7>6g@_
zH@jrPG%t{O`Qy3MnClmHpx3)Bss9uhVh-I<$~$(B#$Z7&I^=KrbB2B(<Mp->scD?5
z(nWXtHhYdRO2B;$UmF4nz3NIBv@#&NTInW?W?T`7cN@w6M#GCh9K5j3utp`EnNd*s
zB$-Tm?`p}$(Y`UEO7dvv8=6u@dH4mAzv*`UpXREZ|7qu%`P(7>e;qIkViwlUCXPf5
zV%7%ECL$(AcE%<!{QNLZ&W<JqHZbn%7uwoRdz=`)Gd0(wDr{PtbOQ6xCnoIBnnVpJ
z7isw$J7m?n?0|NTx3lBXWT;^ZK;&Zgxik;)ty|2rTQy2_ml>j$K0QAo!>8+1Vu=C~
z`CX`d_TRYp`8%)(vYSxUD{bM~qpJaZUJA~=;6AUDl9tFZQyez!MfK>4A$OL@Bgxdk
z$TmIiIc&Xm4<P{E<0yvmuR^M);f6@N9wR$Yzqg@*aES4@wCYR`9Y(U&WTuCom|vZ}
zV)9X?vjV4KOY01CS}29BiXDXH8B2I*h2=K|k|Ly;w)rmQSs`>wC@O&K%G|>=Ca8WT
zcYfGjtxqqkTAYLHs;YZng&Eiahikn1h#c7uFpw~Qvr$Oc;?Q=&M)9DqiHT`|{VKPL
zBcrc^ZWRZV5J+Gvk;WZppf}+zr>GoOC<!&P+UX=3Q#eZA4_-kbq)x@flP9ka#p6fc
zXBXDi6E-eeIQgB5@)*(XQ&J6W<$y$(jc3PxMsMUmaGqw=m~bLhr~wpS$pUGSLw^0u
z4t*fUW`$zM*WqrnlN*dtQj?4eNneZ{TIF!s<O!=c)7tA_ilJzUue)>~q?(3f-iU-0
z^P~?H)4zvD9eP~RBanL847Utu7_<ZKOK7bD5g~n^8i)9pn_xs(PR>k}QIkW)I|WXZ
z;Q2(KL}o^Tf<r!#9cS>wUfbJGuLILd4p-%+fPjkiD_qjECvplokv0RY{8U8X?$wou
zp$O5P>KFtZayjp}De$v%PQ?u3%1YL!`RZBp&z6gf4Ag(+l}EeAvC5Vi@XI%TE>6b2
z+Po(6qhMNGs{{|Z2$ESM*}Ud8;rBL>oX`o3+KHHy$Rj{@rYVAqk`jub%G&Yc4C6XR
z?#ccWG&b$1yWtgzfbr&4V?XS$yYn!~#KM}$VcKkQ_Wgg|jSxVT?v=oQ@WG>n)g1CY
z1~MZ|tVN!5baO!m&9-WtrUHM3a@;?ypVy8z-;%qlJwC*b&r0t~gY2AvzIgCae5sUu
zi?Q>Ke7U*O1R6o_p<L`0*VEL0g7aNvD+Vj+#v$^f4mj37+$fJl%6<eOQg^F*K0kD`
zwEI1KFLcTHUFn{U_;dgTf?JMZ69ES_7OHZ3DT-+<jA%%=&2B>cNq{D*eW-lyo|Y?z
zdVcV>$W*QY`BEJd{s}6>k)_F(^JM`<wMjIJyS|q~ky3^@m}mB%2-b!9vsE3%dh&_>
zp9)8^7#Zf0<o)XdY%QLKzlsg~dqrA{94X-v#`{QH8D_Lye7^S^{4Yu_8&XCYyjofi
z-8Ls4Yk?iOx-A_Xh#%9?Yn|oAqU+ziE)op%Ve?3v18x8ZVIKLuvkRp-){6M8KQg|;
zXZ>^QQvai3^GXF!S)MF9{QbBUSbyB(GpCUp7Pb)y(us(t+Ayg3uf*ZdgFmnfm$g1#
z+b3>U-BH!t1Jj3+__ii&u!&sXy~_%mqhALJPM1V5s{YBX55Rx_L5=)V7wQQ_S5oA?
zpY^uQhYbe~IDq=QqTM%48<@!sTz19r(`SRW4W7NKv%&U(zG&@`kZFn{QRYaQ{oOlG
zcw^X*y?)|OK<U8AHsofgH+Fg(zz%y{aqEa5Gb|QnQjcXJvZ-1$HKEsH(!OIGZ<n;c
z=7?kSS3^6&9D9ngxJ}k8XR}ZD3DS$Y(8mr-o}*&)am%D*f?r$oY>Krm{<xW;u3e-e
zDeGk<Qu5w6M=|Trkm?6`nX9cgLKNyuW*!bHPm&Y3mssZ-3D$n%<FP3$TyoUs50<!L
z8ilXIizbaJB@*eb+<yudZe?K{Se`=6_7hM_fjw<2ICw@41ms?qi}7lIRl-!dlQw0(
zp0^r*>}Ml91Tt9VJ~+pn{{f>5!lxsKf3XIZ4)Ek4jIIH7CptB#)i|~w>Sq7op};B=
zv3$H#+k&uWwWaOYP_HS9^aT%GC>VMQn)gS8dO2cCN2>~50ySb$wKMIcLWMwm%0OQj
z(Me3iUK!%1%y!oaR;Kd5?Kkde*}V0w<AX|Eb{Z*S@2Y!_pEUkjK`9SR`Xo4x*6z~c
z&-RV|)vsd|LU!fpb_*OmB@LPzpcJZ777v65MYjYbK2-9fuwG+@EgCS?xO)65RO@Gq
ze<(WU{Udm(s&ZI_SR83%qFG6radte`ytk@#eJqxOKWgs4%2Z_4N{7ax>&<aylhlOT
zz-5W^mt$fTV{xw$mK%?rhW<bk({TOLR_`CEK_^oD#2i=V?>~La$3krjq1I|9+?3#<
zzw!Txj?~#|E1Q=AFQuABXdvI4vR57bHqn7B^i5k)BXit*FVD`e$T9Q*24lns#Edfa
z7r*2#56*9H>d5FIVd7daeOWDBPbw4KnK=88wB_5Q;TO`116Z=si=B~YTx`)-FUKE^
z1@!lBq+Rh62}UH7YSQ;-e_s7^4S#yu%b{pQ4S#d{UB_H8#0d(ul0e20MT_+-3YnL4
zzOug>yGT4pF)W>r(~|@142BMVShuXXhYE2x-EbnvLESnFFsc6=O`b`B)^(D6;D&K+
z!Jbk@s<>(aw1gWBqGSb$)gCw65|GJ>qj)KtGn&;MQ(z|#?$)vDGQe0C0CWGDWb|RT
z?=Pt!C>d?Hud-DBFQ^Hm(&pjE?~O~RO-49@c9@rMFeXy?kD!R+%GI9Aa-D>_54e?;
zE`?7^^9nraek8a;9oAc{G%n0xxRY<ObjEl(hK7?MBgP6;RNJA)cUed`97P-)(OE}=
zV8O?@Okq!IqGeVi?9;+U64`N`Itn$w0;8pUM{H{(<`4S&?xeG>qShdx`TY@FY{6zX
zo)pIc#zdxBr8va)R$`QOb{tNf4V9Iv>mgaWj4%C-^C*;CKW_)+@1KkD2e_hbmjQg#
zyR+dhYCY(e*Mm;b>W>)|&zX2DhND1IVou(;#QE(0nF7_+^OuYlJCyXvuTK6m*nBZo
z1}-Z|ice7Ol*j)_-unjT{wsk66C)Gb|4~@5Ff#r3#^Kt!cK9vG-wu|mBaa~|ECbl_
z{>Vgx_S(4+Q51+aV8W|2ixMQ*@o;1x4}1;nUNtI9)70yOu;AkxUTqV?j+{=@u}5fS
zf8a|-;Z0nHaTHxh*{Baf*|E3#Ym3pGNIB4KY;|$=SidxIr4A64tR<{GKq9Z_Gv9eS
zyD9vVXH#2SLkP*HdtQy!zM%9hPrG2&(I538{4A$zEl7>gG1}22gZY&LAymennWp>`
zwAXsdv0%lc1|UtgKp4a0{E`eN!DMS4?<FN5)Y5w*Yb^)gm}JUM-G|ae?#!=g6{f<a
z5)$#^7AZ6zxaJlM4Yv?#R;WJtU04rxSPQPWzqD|cGUvjU#qKu3Ks3?)2*2$xx5Aid
zduK(W9qwx;>AYtmhM3Yi*sLbwdsZEdLb`xBb<T4s`AP|8&qQ;ak+1Qp7WMTEFxSQv
zTQ)<6Dd&PTYCO|HgBzIHkebrUm!87=`TP<?lS#B#q5VlxA>zGz#lyVXZDo~C9iS6$
z3awH}*uMbZHvW7RUDL2t_TlOE91E)|PCrryijN|e)MSWt`hacXqPGw#F3PpMj6+kP
z@98_SOfT1s?qCmdZ}rNRmo5=aq!DX8y-}#|t6oFnsN|;3p)VBf^=@(3KgZd7CIQQ=
zZUI~FdSpZP;cc(6Oc<RsUUt{)hIb!%SWp|;rVAXhbS!$j6oneZLkbeX$8q~iH$^5x
zO0laO7{G+WQjXDoSUgKi0OlVnPn0@P#RqM4Td|#_ssA`lTsen;7%~SFDGUhP@9(zO
z2s!$CdYj#x-XGl^Spr`V7l%&_2>Lp@i2DyM$a%!wT<<T}DFZ3n^Y6PuyH`ejKyPj3
zQFj(sg==zg#J<{PQ;b5!bf2wG?=`$`TLi!M*Q0VS@1^(Mj<brVD|-6&$0HlR8(rL`
z`e-iKs>fwh>lxSdLd=Ftuk=&Gj2V8ffUoSo=tc-=Gk`Qlz~mH6?e<>*eVzAJz2@y`
zftZvQ|0yFIx@Pp7V#2Bfjn*k%89eDs!x~_pX$-NEd?o-BAvj4N<ZTo2;=<YGgY^25
zxiLxmOe!OQVSZMcS{a)(@FMl~;+mem58M9X97X9jwMPlP19)T?VMG<^+bTH)I3}p$
zl#RGBb=j3tMQ<b=dD?9#eI5$0D?@Dv<1y3)4Zsg2MUWSkZF@l5$sVT;)XwkYt^-&R
z343+@GnWl>(2$o^#wTX!HHO;7VaGO8Y`?yXa0F{_(lW+ZhRJ->%A6<AB;Nm^;pe%L
zfGwRH->Ae0ljF(iIGL~-TuIjOXlEW_f`Qx_wkticr^u(tY7TQFF$AP3e;atXXsxA}
z(;sfL76@8O1OPitE&n4FlIX=?Nn-_x!@pVuQzqFmx_POVJaK?jmLy$ioO;k*E_$uN
zA91YP5E`gLL$myIr%P@Ui2Zh!FeI40bP3dW$Wdx`e9RT0)b&hPjwTf&DsWIMXs2_s
z)}NTDvw9$fK2rz9-H?g|Z5(IXqXGPs)WVQVsoD#1?BEk<I>NETMBa$BpZXKrwO}qL
zSTKcHi;mLk%tQ1o%JMdUSzCx#OYP;=2~l8j>LQ46CvYm;Fcfrch~<V6z{83+qV3h~
z_21_#cq-Rw3nquO>~FmKr66Y2Lv${}rhBmj`$APlq>e;k%?)FWXcoY<9+Sj#51>A`
z@IG&5{MfpCrqCG!dKZswKM(~vUjX}f$HQC$n6ch|LBpV1B4_K=%{)Ql)s}EcgfQSA
z?ZXi=C@bA*Z0<uwszz#qih9ssdpxzH1H(1d^mb-p?ramD^Bp64ZChd40=^_Q(1PNG
z0&RHJCGxY2*$y!|o#7z>kEgMGnzO^K;f85F{(x?g?l*V<LQPH0YmK<Oy_5ULQpM5r
z)boPP-O+Bbdo<eH-ZeQR>CBe<nAp3=(?>?d)5?dtllnng&l`}l)265OwJfbAQf-pv
zz(+DTX@K8-Q*WPqOYdrZhUfC<#|$}5*bwY`8^DG2bZ)j0s~u}Xxt+J@e=a5t>|54o
zsl9JhQbCOPlhcZ<G)kB?5%~jxYTA~R)9&-F72GZ^snkM@5(MmILA_eNs*&QKp8b~3
z{3WWd{$BW@7#q58atnidVi$j$Y@DJjq?uC#)feE%X8#drSexjnmw?>hDrIWfHlg&&
z@~T+?rAX&yli>T91FPT2u~Y=vt-%#*egnzmt14iic%vi+$;TJ(62l0PbABRK@TwIX
zlxpAgsAOp!qJBv?_4_UGzYx9?O%4G`zk-qx6y`hj{h;WHmUb$Nz-uC44|Abn1II)+
z{L%wY#K#QtQN-1dFpY7t4KGLP81@%!G^$A#kZ4|RK#P}V*cst&P$3wANnQQ?FxcT@
zcb*)NS~pxA&rlP3XOQ5x2WEnBkMR7EP5-QMtLXq#<a}k-D(3U%<nr99Vq`rL*fS7=
z$Yq7LZHTb$u<^Lf1_2x_VS8ct$dfTSft)1TN_gV*eB#z9GLB`ag&wpfcu|BmTKkmO
z>u=GRVwz-7!K>}V3TeK2k2I@m!pRS@6+Wp>_<ApY#2b&97+ZTue;%1B&X@q2?SE;v
zszgT$MfOD!N7mWbw|}3VCD~gI_Vu0z#=a<StmaJa(#gYE_Jfwc@Y)yy#p;lRn0$Vd
z@sEXhO_W6|i`4!z+BUh2H$yMlDEej5QgjsJT+fP`9Fb!$4tvzZ>vo#>q=l#*LG*`q
za-_tqla9&QAu(%7uy>)iH3N;WFsq4s52sjf#s6X*OB}n3kms_uxHl9gdi^m@n=z`@
zr%wz<Fg>$Z3IeDx!t6H^2wy6Hf1mjv<RV!MrmmLKyWoi{!Kj7}31L+8=cBS!p(K`A
z`;rw2zl~H->lT|fo~`B<v?5%CyQnTlejn&CX+$HOxl<GOTHm#Z6x$eBo0Xr^J9!oD
z-}vDt*Ev|5(efn(NAuNfZUl^hSg&GOQ1OUDo{Z`f;3VN))MKv+g+^{A%PL7mCKqX`
z4&_@xB-;Df3MG6T>%tF}z*EmoPDFsC6m~gf9isnD0uAp%o!|mxzIkMr9S2{T&4HyZ
zU{3djc6ZsSdI5(Kg|g?HV@Qxkp`hEytF1>9>t{zNKia4lrrpR(qA+Tbqm*q3<C|w0
zcMFvQFn-0A@F;olMYU-1cb|POgr3!~(A`f&YxF$KSPLPXXdhPj=OFniJb#e4^PJOv
zBQ7;Wn84Z-V6Es$tF7cyZGD65<^~gp@k<CO1>HpxZyfg`Grwf7YU_wX#=2z_4M~uA
z3`|ECk~MpcMHQBD->l&m1yNPlik~Q4PN^m=RWs{I1ZGkc$rcSFJA)!BmkvWXQ%Bts
z%Tp&uY2>auMf;mW*>^QU)Xlhypkxw=BSg!G<2~UrXtPsNa-KDxk5K<41lA+Y1n_qT
z_&re2{grnU?8)hpOcBP{MR0NETD;M&6gOJyIngk_eybR<OXka-H~eRqxlXHFSQL5K
zDv`3EZ=!bGQ7&$DLc^eYa9GyKn<OuPC@UWy)Bb`@DcRFwKkdsGGZQiP*Q@DLhJ)}5
z!C1;I%A@bp4Lb4B#RD)mb#%<+h)DadpFyRZKg+f`fA`ZN|FvwS+qeN!_I<D21UgRW
z90~w2nwM?3mSxG0PnAAls_uaU-nSYHEo<WE9tm+%Q6k>yYk16o&ma0E46)3V%(TXM
z(49ehlj~3#(ia^%y6TdVLJ`H(;#{qgPFDERIWr%OT&loNWB#p8FYBO{H5ZMKb#kl?
zKd7DQ4<>{g^o%jkA~yz}(1Fb+5jnP-__q>BZ5-1Df#=g7YZs4Q;S^_WG0UPHzrLO%
z2P6`?gtf?EcB+8hbZH}7UlP2%mq5dInE2D4Oj^BHgA~5<uU)*`p-i(`g)Yu$J`UNY
z0E>4b<7X%}^z<UUs%lVIqc$sQ60AnDmRCOd#oE;MpVEUbo4Vy9Vsnq9q<@NUSzr`^
zue(s!Bv3bR934KiaVx8Bki0Np%I>ZH2jG<bKZT4jv$6cwi-N9i;51|Of9SM3isca$
zP9{5wbtZ&1dlPX74U#4;DjNOl=-AHS)-g{jIRvJHM6(ca>tPxwlir(rA1?Awf{gk7
zo^`dat!=%hG~T}Hy560pF^5De&1r02&17ORHrn$=qZG^57Cu)FgKuEeSzE{a$b9-A
z9xIqzowH}C8(t@fJ2hWNVUk}nYjzmNaL{9dB0q^z+dY}mb>E)?dqu6|e#h(+g*jT?
zxZZroThr}s+2xWs;h&kY-%jm;_O^m*Yc70iVRs_P*Fo0+0kTN+Y5r6wQnFEAXR8^I
zc4y{bJr{b+Um)ypTW^FKfM;=LlRNbJbz8lt^#oibGi7NKb;JBY1FK#rNAQ(+G}lab
zNt~GknAis&K#B=XU2W89I*Rr1B}_vv41EY25qMkw*0}%JojW=?kCGr)OJOFN1atfw
z$dUIdso6+rKw9ZgMEUB0&qWJz#ju&9JaT<_Kj+*;{7-{Db0NZ-BHeTg;OL=k%opVF
zWN%86Ju-zWzv&6NUIPMXIB7ZeVBfYceGBNA#!(c?k@sO3!<ZFVeQY?FcSXU`(umbw
zaw|7cAjxnmTQ1&SZ>>vZ+n58xoWs${UqT-k#p2J@XV~8#FKEF8GJv7zV}5V-?;$vr
zf+|wVy3m}sVTCC4m&#-If_)sgVyQ1z7pE@f{L~KyR;C(X5sP{`RK7<K)Cb8c8$!1p
zvmi7Z@1mJ6m<^Ay_~BBp4<tAj3%fnD=4V_wzCV-46*a0FVv#C`_zW#SSiSiRW35%p
zv-p46sP*l&+P01-UuX^Vn|ZRi3+jVU)z4HlrW+aU-`HFHD8S#r4}w3}3u19F^8k!Q
z6%4C}iZQx2gf+z?`m^~~N~oGplqn>P>UBP1f(&x#9(<C!g!XgJz#;ahB-My7Ijew0
zM4pCS(dj*`Mns$@OKEC#fwYvtj3(*Rw#U63J*1^6EJ<#&(<sE1tNwXFo7t(%zb4lY
zVXmov1AU~_sEoR}#&=D&Ke0(ZO)+Og4mFmB<e0#Dk!BQ;SOY*s$>`m+@u>B7ZNRjy
z0YXsjaEdC52zJ99+Hc&1TuPUhqH&|AkDQjZE4`EEdm$^_e8}OuT1s}vqm{_h@AU9a
zaMynKnHl=_Kp0$OyjMjgSr@8-*jfw{eHxgWlcS53ivJdaz<6JRMDJ3qUE~P*-WPpX
z8okAc1e7g16fG&Upz0q3hAyKKBdhItXU!YHP1Tz2(<k+R&QNTYDOuW4Z<htQ!Vsa$
ze!~#?CwcNhf1;m`Xdv=t|Ih?%sU$(4_8%QKmW}%|g_dsylQRlqu~&j&t>&|ntX2!P
zf-;TG_>WRc;ih0D0s@1Hl8NZ!``Lz6ewi(nYm;!I#Bi#67KstDi=jwGM%@2O^i3xe
zAQt?{de@O|69`%wPlPd*$P~$-rK5^C4bD)#FVB?UFXUcbBrK{OC4#}HF7wl`i?{O)
zNse5hdK@s6A4RQJGS6fc6>o5~z@o!A;Z|5)#QTow4X`PKjdSETiogqViTopn#ZA%L
znAZ}oYnabB_?fyxA4E3TlJxlr;8eCYVpJLQy}Z*3F&NFW#H}fv*6qz}?%!3&+Rx{4
zPenM+5#K&)utO|(S*g*-rFK~n3PwNd{1d#W?vk*3?xV5mmr0M|iziS*aUE#$t$x;M
zwI!v2)j@{=>xbCuT&5-0L(0Z+^N6(zveEB!CQjRJ4+PW$3Ff~|$6&!`;z)~ovEbgR
z61pZaei`sU%nNP*Y8&gVJ#Si?*gunri@s4!F5{jCyK%{0J$j~&{7B@-l+{RXWxJ@4
zKVpna>K`K5w==_BlFiE0G;1Vf>`^bTlL<&d_R|KW#gq|TMFr>%{vwoQ1?MsurHi3+
zwgOF}5odQP58#kXZ=R6iB(P0R_U&XG`loCwZgV66Jnehtn{D+)SS<46U({q@0ry%^
zu^L`chD+GFi?Jw24V6^x<wIE76jFxLfH!)yIjbT@D8xS{I&F=H)b*;L@tDtOkk@=|
zG(U8$7!9?_B9+v9@vr_hZZqh>RLZm+T%>dVErOs<w^;3S;|lo!D)Vo!e;J7~yO0HP
zKHp(@P<}pI3%`6FBtJ5DAD%n`6q<y4Z3SLf9J_(|ujE^J309!g46Py^F8g4VbgVFz
zKWypcVRK<7zn)%9@xn)iu#IfQvgML+SU<Icsd`fCDb78kmo{vT*H5H_UCWzRHy#75
zD`tscb{?%JrTOtLaCRi~_0-&Od$Y5xIb%nGwC&BA-Z@0Xr-ZeCr{L->%QyZt6F5_k
z7zRLFs&zLqTy;llJ=+iuOeH>P){96&>lyc)@jYkLtty<r@i`;5neOL2?)3gx+42Zm
z>3p4%CbN4ejFWMo^;;1bxLwzQiz_I2od-v#TR$TlCDz(|>MuMdDIg;rP+<?0I|Odx
zTsQRZ)hEk4b9Xu-CCA^Ef{rz4GP|m8Z>N-`^sHHCyNr-=#mg}2281VCue~3yQPDjT
zYFFriz>b-KdTs$OXM!c)fKz8ssA(RhdeqQjG8da*UDw8EVg=RaT(Tl47@SCh*~D;N
zsV#jye*P$N^}CZ4FPCR0P)gvLhkt@el_?NxHIs46a^Gv>X@OwtTMbI!`ZA$BujLhF
z`B^f{#c9id@C~}+IZ_$^eqXPLD`%GYw-_*J8|f*R!LO(PmtiD!=BT9r_$H~pv(<uX
zzNog;zCA5Inu3QE{!dNTZGh3X0pB=5Uq_Y)1sSuJTr_Yz$Tws9l5!wp4qDEt!hF->
znDhV^0V>m(CceV}t3;^h5|3Zm=8DxxP%0#-P?;u<;mXdA@M<_^VD0(S)|U^@&m%K)
zuc<kGxyzORclX}uy?py-=Q8wwd$ifw`O0IJLKndN{1+zF3UeWJHO8f7nc=3k8Q1~r
z6w_&YhD!irbv}xNjBi~H;}ne8IFw=VCHI;Bz}V8&fF!P6(^CCq^&Rr<&`<CP3yv_C
zentW?x(g%tJ+8yBf?AVD>hqWZ(*a=EoUykXOApSJSPCURexq8$W&QU{hoK#vMx-0?
z!W~f(xNXyQ34T-`h1RGhr`Q$XB?h5*YSMplLcim@LK{%~E4qB&I-(=kMIk$3vhU+0
z4~J&d?OM!yZtsqNoyk5f9@P*@?W@iOgG>InsN?_CRFiX(^TTOm<gQFGuSP=bT(H=>
zEOk9iD#+`b*MHlscNclSTiPaIW$R{3a@o?Wm5RhP$fr2FZ;B=?sUX{O>prk!SG-Ae
z@;G==_F`BG6cQSZsnN;`h~p{xjEE4CtFTW0!UQ!T2Y-010~w6B$!Lhfb?H4O=K-JS
z))!qX7<9YygX-U0eH94Dz_|ZUlSa<}7i#|B=Cv$b|FwDTw@&<jvXH(fjYzYY*rl5B
zDCDP1+L=Uj>!vX)bP_Paahl?(bRNl_i*FA+of1jLGzl52lKvXZ3}MH&H#`SS&88U5
z(_TGMURTq2whn0S*+$Vln*3rLceDbzqom93mYb`S7k>CXEqF&HDV&V*O};WEXKnuw
zOJ^<?ShW~L;=?>LDID$XI4?goNf|M;3lqn<_7<D+MX!!%nu}+jw)#h*TOYpTEooD@
z!rL69+gz63s=}hPu@ouv4-013TcAWih%3vR#gXXmU6Icap@vsKXDJ6UZjHcTlx-On
zJn)7{l-n=$L~8uwW<ceu{i_1@iC5VA1w!Y_<x{iRjZ=?1SWr|trFajVws907%P@ZJ
zCM&6BSZ%^#-JNqNJ47<c2A?Dn=uAb?h+C%KzZ@=&9SmH1&Qm^KsZ$;gj9t%6%oKD7
zT{tM0<M~EnCx2D_zA(X%`#e>KiwXQYWt<hl!Ze24Uq}?#WAq_@(DDj(jXD^D`X#95
z`|9HC<H3pw!Y|Ho<Ls`2dIFp3?&9!yqVd?q0N761{kM1is)2Ef33BppZ{k`4Lki`~
zV7GvkkE(Pzgq>k_`0pEi3x_ll`gV3wb=&@WTXF^JF1MUxSYU#bmDc;(5Cl-l6Dx60
zZ%3N^mnf@!F90*Y(glw~kvlpeO^t$0if#x-FSRTDPDds>-;s}nc5X&NfLiOJ?~1+r
zWYK;xS0x{8(K377Q32-mn0wqLsOJzlDW4<3T0kIO^M&A#52fMsvLqQI%S`s>*NHIM
zy!)%N>5yb*i%pwaKw(BgFU1N>FGYFhZ%#2<`^W_X`(V;A4q7+GUP&gg$W6n1jORcg
zz6jUSkKy4fOn?F2^uFKWnp7jGGLK|c3q;Ao_~gXGx;Hc*Cw|D8hwbZ?@Le(Y{E{y3
z)MVm|w^xq$g5cEEP@da(f?)g~oq6ckS($VA<eYw(kj+8HGk<igkqAd1u!N-uyF3Vj
z>K_qv=8O`28fTCGc`~F?djXd{Qox5&(LRkLi7Xl;e1b(QGZ`&vO)6$8%|GsUedhrn
z3&5tti|n=iuy{HboQN7~ij^KHgblKJG$Z&V>)hY8Q1I?A^UWW^+gnPrCX<;pBwiD>
zv6%B04$+0f&?818*!)EoXDNG(0`3wpA|~966oQ410?)s9t!ENQ4=`^%Oez3PrPVik
zs|CIGmyrd6czMQ;A6ax~^k;CrRz0o+^d83km`?o!={p1jf~G8$nexo2gcrdih{wF*
zi0zE1Luanh{FoLh4d?k3DhnqS(~ORo?g$*hi{K$Wx{*#sC7L{Qqs3$rkqLQJIWXW=
zZ&4oK)yAmWGtrdY@`+O>*NouRixZFTtmoB+QW1^OkX)qGCO;FmjTFcSk@f^}^l7O#
zwh&PyvtZa4@-ICs=p896{bf{`PhQj&KqHkYNY$xkP+nmaB6_a*Vf6!Xg`v@J16FXd
zJRplskoGq;?%iRvh=!sY)upjA$PM;r+(c(+ZOCYZa%aD)a`cT4+_6d6t7T6x%gg21
zn-+BmZz_LLj(6D!rMMJ?@kkbSu4)1w`Id=ODX@OZP_g(@!cA3G-9A3LjJ6)BRd<|1
zf;naY7j&vOVRx)7c{7&9Kci2O5N^^FrC#xmyy`62t(go@ep~+D(^7SncC7D0swv(c
z3Ew#ie#U?}wa_(^S$<cuvwFY)eeQ<g2!|ViCJJ?9<}y`jrve9v{c=chvO(u*1M}uF
z3@gQrxY!|?RcR}0wW1Kzom|ViZjTca=hvK%?;*8s$Q{xHpL!fWn5h9hZ=Zb)(WOXb
zf0iD<Y>{%eooRfybsVeeJ0h}P-~4~5;2ezqAzPe@nd84+_HX{5oQ3ZRxpA&qsoP7z
z3a5}(<pfHL?kvVnx`k#1&3Q79>aUMW_e9#U+jRs4&~ssu(-`kdt}WPKEH+h47p~W5
z*7hz&kXnE!zL{lHnkh4}9glQ@X1JL}Q|XI@ORP(K<ClO>SM&DvUOz|_V+*{HII2*6
zQ#;m?I{1|q5cO(D-9&`qhCY2T)L<DFt7{@g(22SJi=73`VmhHGF{4mEgvPGSwk15w
zUOe!~rjb5Euwp2d0Y``MzY*Qr!rLtH%R6=&p=@|*QA{774$OW$KIuJvnHzG)D+^&A
zh{|J)%nmO5n(1~?KBgoj3u4U{tLz3J^=K7T$OCb12vU~(EGfG=pkmv1P3ys7K#(6M
z5IKJ6VK3D?R!j`qaDwoWvXAi3%w*AaocpK4cpRA!mdQpMMt@s<Ho_fA9bw?3%&%R{
znV@jqm4$$}dAdEci<P>>$(9CEGvp*fr3F1<7-G6G3k3l`Z3BK8#KKlRI|l}7bFpXU
zVq<i0&@Q;u5N2PRVg8X0aXIM)80(QRl0bvNn3<AGwrVlJ9Oyt6NE<c(fl0OS+5vBP
zNgw8oQP!zX;a0x^6U`umA_H-!Uj!G07o#D|J_7HRRKsi5RxHPZkz6h$D1wGwfNLH$
z<`$o$iRF?*MZzlolW=m7F5_%3#;Y0gjF3ucf+m$Y?zg}?Tz&gBh(ysCF+N9hX_lW&
z$?x2p<1Ls<@XvgyG|fk))ZdgDS;q%A$pn2}loa;$cAur;<98WiTB!y-uI}@XBTc^z
zJFV_4$?hoemsyk7iU`p{xKIle>T$`rywnS_yVms#itmCJ<{2np%MMY}^XuK?>kX{<
zG~^YupHEoZfB5>{Mkx1OJ5<pn72(ffOs6~s#WtdH1<dqM_WkkL^q$uMV{Y=9eZJ7Y
zB13L?Bo6e;y!yklYwO8Y#kbCTH*(Gos-FaBRaB>*ML$=y>D<DR+~-?zfe=EqGNM8S
zWONp_yQMWVlCjR6#0Fu|YFa;R3^RrdVY8$k5g>G}bLreF7o*elEFeLj67$X%0!|l7
zj1QIrIi=95Qq>2HFu{|*t(kyoEG`xqg&x4Vdm|2+23~k#C5t5qYmV6`)%g7l$AprO
zha>BxJ~CxBt+3n9CD_f^RU4JuL3tk61K1MC*a;O%Omg)?Np$j}(V{C}m67Ao5F=By
zm(_Jcv_*?(23&NEggG^3k^`R(R|+7PYKD@SWJUX<bG@;qDryy#YFM-)a?9@XIg#_g
z=|t^85|`?tY9A|NYd2T~<wr|z&iQkdb}kTjO?YLyty{Pxog2yFd2Dj&C)z0YInXup
zIP%anlRWk8ekF{L?wpdcSXih5<w+^!%2KB=DftKl52=yFxaHg!awbh!Ul#pyH2X@Q
zs#H$1I=lF{g)woT;@UBVM#@G5HRJC9UT5F~+U|tz=(|}@EL+c-`!9Mgx;xK`dob^(
zEneM1IrPOL8aDSdsVW3e?D(a;7W1?CVr%{~gC5NR1lUuYVTXoL{3BE&l}4<BAHQ~;
z@+gorb(B-GzzfB72cG9|K`XUSVWq1t7g?rjYS(+EJZ>dJh@uTYIf8tOyxXp-zg{>}
z%OksU_I0+QDsx_#s$Z98S!lPNa0EKIs&_rc_qF4~GoNf9zA;pRFt$h3Ry$|xPcZlz
zdX@iBNZC05OIyot*2VwzwPa!X-^qFZ|IE}WZSDVIUHGp259`8YsLes57b+HZ1H(KZ
zcT8BDl<^S<%Yjz7IpBHwDT6Oe+%;2!=2&DolC|Rip(hJ}dQ$wh7X3_V#B#CBrMRi0
zwQ&#sPly6H^&AM@<UfOXhw8cCSqeH5muQ&QdfZQrARt<c1@foiSXppdlJTJ;_!fVb
z$MH@6?ox-+G(XVbmtb*?7|9Tz5G42~aS@rc`6qt!u;HL}Ez60M<dlfUba-~*%L?UK
z2_`^0GhS&o{*1J07ABPA#k)#1KG0-2Iz$mSDaV;FfscW~=9W2b3`mzBR-rdns0!~*
zQ$bQEO^X=8sbWPptEDoe2<Emm#A6%v%5d3S<rPiH08yL3BHa6xQl<=bymQV`s)lu|
zEv%BJ6T<ixrq@6tHIKudnl`w$FpUHQI_#>Rf2$g?R_GEV_;9&|Sglekt1k+(=v9ET
zO3Wwq8!S}na&?+CSI_6^UzVFk#dTFQuaT!z9|;Sz3XKII4i_h~+H&*zeN(gc-Y9?F
zoahh{R6-9W>KNK{gu66A^V29&-<-e_1gR&{(}InGdBt5f%F@w7GTFK1{jhD>oFeWw
zP8Lq;MWq#Qu-z8G^L3I2v*ZjM9DzQjysJ$KOC3PU{+(dAe1mkhYm)1as)K`n-3*5s
z7G9^ZD}e-po89K}L*ubF4h+{}>af2bJiZy*C6)GB149c!3?`UO#9eZdS0dw&5i>M}
zIOZLe(jNxGJ1OvKLm&$Z!_Keuq?5h5g2)NGcFNSusI;%E%Ugl355o6ShUe7FMM{|#
zOuKA>uid>!2LAQ6)_eDYtSseIn&O@6>3FNF=iUx(Qlk4zZ~bE}ul@^NpYLerv$yBd
zp|i`mg3H^wVBuK&Y){$@%F`Q|Z|`<3+$DQ+TN^x^t@Z0Uc$NqEq`mSc(L~ve#zAqJ
z7kdcClx;nI*=@R-4$95LmTlfk`W}5>kIgK5->=8Rz|h^1!@XN8fSz8bFZ!I-f{(+?
z)#1`o#+ikOOSn0(%a87^VYi|}znv1Aqf%=ItAXmF=+plu)QU=oWOU?HzuVmbqDUSg
zKmcG9@I{p9jCLxSOJR@N2|Y4GdO!$a6Uau)(U)QGdCF-%_*x(+yF<Y`<v9CJBW!c!
z=<u?car5B%F=NKy+ur(qdg`fH&EZr?NdM*g@^_*pXVw)NBNO2D{Ofn9)1?(SQ8gba
zeX9n;zq`YuU)wGzejTr$<v}?gha+bd91J=9_+jcZ#U%m=;qKX(^7{Z~0=ye@4fQne
zxkXB?GyQ$(90;mCQHD_gxlm{VF7}70*nhOGHH2Vqw=dV8UG1OP?v!a^<H7_JJ67o^
zQ>gi0TFHg|k#c^ZTVy^FKen$?F6};_JKRgoS{U^8`FwD|x<Sp|DK$mSb5_QbrxwD)
z`HIs<OmufdkHMzSyQB+m0!IT>6k+>QiPKi}$o$~$<tKn8@_qz*fd0=Yi=V5)j}A%|
zq<UEs;m<we=Rb3>m&uuO5S#mbpd0G@*qim@4)~$jy|=}nbFgTXW_jyL!zpxKsF+9H
z#jM1Ge+NzkuceS!9MBmO|Lzt2_f3_{#ye!Dz9e8$jB`L|i#Ppg=~Y_F6yzz+Eb?nX
z9T+a8-vWbWM~b*4T1pb4+#0&`CC2|sl{!?U&fxVOdZ1j_ew}#7+FM1TPJKr;%x|py
zFA6aB7HmzzXc1w(-5YvRbO{pa&U=VmM0&f)4CKX##Wglji7Hs*%|W)V_ubbXB}_m3
zSqWwNdmC)oDowq)FP?5cV%`41L1>xAVu(<C1}d3pggrgnz4FRmmK=1Gpcb`ef+Q#}
zwdSl9&N6<15iZF*X=plCWTzfYq>L)?7G909v3r%ia@3Z0(u8V9{y^A%1RZ+j&RE8y
z?#_TNj+5PX;S2*UMgw*$z*V+J3BOqfsrNQ^g|{EVJ0yU-#zL%@i%?D6brww9zCBGB
zP}cQay=Jn&8@P($klsX}#7wSI&gP)?Q}ZJ;@5fKL`I0CqZQEX)Crt~)RgYpFNF22o
z^1w->CYQ=PEohV2XH8*{2cTA;+Q$|E-8j6l29BPTJhAT#aF#wCY^d=qAPEpAx{f){
z(y99qM7@f#2@o9;)_ejSLOVGBfN!y2)xAkZIz@B#{c*FxvaX6QNzF+_{LqaGO_jga
zEkVRgGdT|S53{$bQ{_)?6B033CNgah^bj*-C2%Doie_shpWvCDI#V|^3$tD&zB0Ut
zUp`fbwIJrEh<WPHONR=}i<T!F%j=p^g%YATqWl2N^GolznIvztCH=_-BY0cG{55gN
z{|V~rD&Z9o17=H8<k`62Z)f)k^%G3{i!@k3jTg~b3%74sthPzf&1O*-*JVX)^M5rr
zaa>x8*V0X`(yJ_*|8IkfW2((!TGq)n-Dx2+<7k8RxcGnFdMsYcFttnXviNRXWS${_
zk7H~zsmnBIfCVu?YSMR|h~HgKR2<I~w<!8du|y1UMTip5NDC2UbIA^g)3|UM`2tX7
zr1%Zc!GTH#w&vmo)k8*fPLi-NBSlo8X*K9BbP=OY%Ms!e7=^*BcRxH6-v#YT`z;8y
zNE70$vJ=*=b<8^b;)xNP)_F4*nz<fiynoa5`<%CIKwo?Sm-}3d^o!P-b0>*6LtNvN
z%=9WT(!{lnJj!T($qVBPQQciru0Do88UuN9Kj4~0lK^#pAsR!#zC%VHbj_{s&&rca
z(4*Y4(6EeJMp<8KD_!M)FqT8*l#PMup$VJN7iP6pdw%Cc<<^mL5<Jg6u$7CY7%SMC
z&Hf_BbD5p>`3FfB*wdp<f)bwM{MG=70}jV!{9fOm6ELeb=NtJ)Chs$fZ>DP@uH=l2
z1jS<*iTevM5trSjyNVOBV*F+l(u`G^voJw1d9JOn>t2mE$^5RIbW(St#)hRsM*G-K
z=Y5AiO*iu^^4_CN{+4&yXm@T{)%(N%C?;U~l_S@~546<<GcgDtg|OY#eCfNA*Zbx?
zhwus_0JtSYf%n(+wRM5taGapqaBeriy#g6tIc|uB;aCTJim!hP+Pc!+9q*|XY<&i>
z4rP?89mRD-Rg289PxrV4m58jp!ZowUj%5uSpe%b=eo|?UeG`dnEpKjcwu9*=<mK0l
zUd^`#T^UGM;?1$Jr7x%eau-t|3Qs3<ruCTn@qn;17&(1P(<+y)OQ8q5LOjz{f0H@W
zIu%iRh~VbGpi~J8C?6t55oJ13A=C-HwqdKxgLvBxU(cFt52U&Kmux&2h*jXERXleD
z+JI=L)1FY+wc(E*Ru;Jlef}}kSU@OY%tZ1mbh`hJz>Gbv?UC9oowkGU0G<we3aP@w
zBbY<WJ4tg`w`iaRuuR9!W|T7m^#Np!V^8ShEvkdpgsQ<jpx`FD33`2f`nxOaJ12W0
zemKA&hkSQeanZ*6MBCosvQV6*%L{;AIj%l(eRAdVSz|l3Z21D{n-bdjv2lEz-zS1r
zq9MABBjWmuL#?PnNQsJ^`+$DZf!uPJUk`k{?cuOpTtXzjLJOav2|X2=3FLBuF3Z^X
z&>tb<6)CL|t^z>R(i?BovF_K8iLr;D)}l)t6SX-b7JptjrPp`FYNHE!-D)pBUaT2I
zm7K&ea_{me#3!3PfxZWnO8{WZ+|9;*cUP$!&$jF3<6pPrd2RYPZZonaV`u4O4Q*G(
zhrqzfb^a-_?vM`MEYg;Y^Ro$Ljs-cE5fll$<gFDh;@oFCAESK}9uC5as{3ESpq`$S
zF!mwUkE(=$oOa@WCj+Rx4y^C=xPjTHkhp<cj}z~$`WRt5e?i#-GKh{hV2%3S@}EJ1
zpOW_y5wH9A9AH{%`CDD8g`LMyV6_+XQE%bQCxx}MZHiR|?5|9<=%@_q`8XHGAHBdq
z#-nHQJ&EIOvi30|p1J<2iDfdORhB(Eh#<!WBkMwdDANfjgb_umwtG8<@5CI+OI6=^
zWo(W;bWOJ$PCRip43uPXhwYk_9O=MF99N~QzNxVKx-X8%FT0jC+vo<_o>bOR1s)*N
zruv>ivh);b)#oW4X)6*kYiI5&wfK~C;XmShUNfb+HSCQzZGM5I9%%&shvf(d3)}xg
z0{`F0Jo~q2+JC8otJ0KqT9-iTzN2wQQ#D|gk9H<wf8=h8X-Hiph({xjWGV(l5mG|A
zs@W#65R;Gqfbp+J9qgWEf4(wp4o`3NO}ktT6h3`Myu|zkoiUm|n2W=D$vz(SC;7{n
zkao9(uJ`qJP%r>4p2_&Eck{@eb|}3>sBqGeBAHmDk{Pl_^5@}b%Y6QAjkFe%r?CIt
z=Ro;Vq+)C3YBjBIo1Yu2uGh^MlSdr^6ArrCgf{DKOMuV%elQ%SYmrdR>I5mO5UR6%
zoj_>ybSh4;Qh*4{$Zh_(`>j)r<pGL%fj+6j1U<0%sBc;j1r13NH6R?hUT)w7afx!!
zC%Zb~kmOWa!vy~RNu9uj42F#2=U?Ol*q{_mbUuIS23Z1=!}ehI+L?t#faRI((eUK{
zS@vC%)l>CPGV|<k$DJY-z^yUWQhH*=!CYsZ-|Jk-s_N^C(@Q>@a<!QOMly{8;W>#8
zr*Jn&1r#Q_uQ3D)jYHfcWR&8HZ)lx|UR6r@o;joPHe+#Jx<z7t6bN1*#y#p0DLu_L
zYckCv8^VOhE`=%XDI)me#;zy)E9UR0pC`)k3}%Pia`ldNFjIY1@%H&<cd^AUmbze2
zgz=rvIKQTfw?!p0`wYe*8Oxi8{3T+rU;!X{svbfH@d&sWS1LIMPx6J!nlE_iT@6EG
zqS&b=?w+ML%1j(qoIXLi((78Hur|k~-nNeZQsS175_Bj5dUD7Z*0{tQgCnX0;$pWM
zVnlW#JDmbQNKGyz-a{cm3Fi}+BJu{1%gGCKow6^3Rq5`(>4dnxCO@op-vTk>F;enR
zz}SNqOyZlAB@~pADv7b{_~ExbTEwTP`+gopW*I&iBb+S#@D4O5ssz~Mn36P9>-sas
zx&CDekKVqZAMOS9hE<JkMC}CIgB2m};J6)W8h7pFl^<xcG%FUz=NK#Ay{u9xp6Xhe
z$dE+6<!6!mY?E)pwe3$DUljAwU9Z(vXEN6F2lxIGWGdVc4-7BI>ShY9P6TBpSzV+I
zV+3$8fO=vE0s>QWDFJBc8v|^SD7108Aeqplzu{V3JhfV2`gso&UCZx7t&k-&eU%@L
z?b;Ujm8yLO$SuN3*3Lh2F>X3_J||Vv#xN~I*Ub#b1P4pZ>I||#i5La54mHdSutxS;
zB^Vg+L!jpEBRn-zP!ti=c4PN#gyuq;E?}2Y<<Ztp{<xF@C!0o~<xw{dgI(&}ils_C
z(8^es)MMP<?2NV<6D$Vs^QhXxHZIJofYqQ#fmz@7p+?Re;8pCQ0s0Cv8#W^_^omEf
zH_{o*I!C96GO~H-@!h<|HXcS%%(<m-L^$u5qlV!(<sR!@AkLg#KiqK5PfHOGWx$Iw
zHxWyoz5`Cgo}S*Sg!vGL5o6S?V2N{Mgs}y{`qD9x7!jun{?Wn-$5Hl5ZzmHcfc;wZ
z{KlrEhW9&e?)NSqA16vOB6kmtE*I`C-S3`KZvLTX;+L6a)F*&cHi7Ke?|G!vIuXI?
zgI4$6MnjXPk{}i;QRQcE=bzW?KHqNdx;ukwk65l1pE-kDSqmb?XN#|DVudo9-{0)g
zT-`(oAp|djTEemZ&b&Zj$KLWKh_>U`m1hu7m>V*7et{W}QEiZ2JAqo>kRi#rxufEN
z9Z*o)m^#=^=w*wL@{mb9u|i>;QkX>k7GN|Y4osYU7;}2ay5m>rznzNp>1BGz+LR+0
zwz>OPBMFDC64sVSyVnP0tTv+}N~OJRc`D0z_|nDm>aJIl=ov@aw>``2>$(o}di{iL
z-P{lt3v)@9VKY2d`1XEgn%>N)T$^t+b+kgCi6~QBL;Tg6qDI%8_PC@<m40nsS6Qs7
zIq%YbyD3)m!rTyV<aN{3UOF}0e5c3^l*7tk1-f&mAG&@khLAr!KwNl-X=>WrQHhyL
z<%j<DwKZlXgiLtUYZ}W}Bpe%g;td2<{Z$Qr6E|+cUg)eAcG6hp!j6pRoSIJe<0#eu
z7w$QEtHCnzuwxz0k8K9~cl{GQo@Q6o$q*7;^x(+?{ikY$x<=WCN~%=PLW5RQrVE18
z8OtBOh3BBGzp<kN<vKt=$`i)hR(@K{oru5z%G)1vGUtX(&^(k&DUwVZzS&kYE~=ds
zdtX^5q)q>6Tw?uyVY2@{E-`Zc*ZU1a8nXWrBiD7Nz9TWM0#*Bbz_u{Fa6ez%&V~J#
zc8(cWQbvTj?DedJNGLtmTr)BA5s(n*--5Ur=Hrj0i7aMIVP}@WaTQFSOrZtK>_rr+
zSi!~wtuQraEon<CsmcpsRIqJWoxk|Ovk0$$>(V?rPx8s?C0~f9f*sJhL}j9Lc961m
za29MtO4<q0lB^YLT$i@tYiRsuyNfa^Vle(nbp}2Trmql8J3)ZbPbQUel8Wl-lmOm`
zMNr?#vgr8B3ywMc>L{a8#*OJ%ai}E(&p3P+f?uBTKukH$dg3~XiPJ<2nG^-4SKa_%
zCxlwYE7C-UBM~SK+OCBnECk9l?}GXeZw%Z&Ad7$@Wk49?*4&9wE^^0eK$+O(q{oc1
zEMtJ5Ot1yyDQb3&O%p7{=yW;Xz4gqCYWAdfe7v`d`^Z2DdpHe~cut}h=E2dAP1Nxs
z1rje+kg*dO9f-|C7lZ;mi3JJ|eOut&<nPYOLH+k`<=cwjQgTy%wv6ZI%c>=x)Z1p%
zsB<+NT8xd4$ZkF&8Byz4E#>)o#{?KagDxlLUafAM-7wJv@(LU>W?I`7E6*%R&|=rq
zd8jA_1Y-qy|2lHZQC8<da6@;szP9=QD0`<MQKF@7vu)e9ZQHhO+qP}n+--ZeZDY4>
z_w@JAKZuxfaptC?Dx%g^t;k$i`R4PY%G;)-xqleN<zL9-XBxeZc}pKDwQ9d@`L<WO
zR}@AXZZR5|P&MdL;&;QjJM>pS*1<IVy;5n5;lVCZTGZGF>axd;t|Bo;O%XH1;*d>|
zA0paCgEh-vW$^mDH_ctly~Q~sWo)bb#Lq;g<DO%<a2Cq+uk-9d1;Xos0AwLmUg3%B
zIfWIptsaF8hQY93+tTZ;M2>aW$U*L(>%RUcREK&A<k^Nby*~uWN-a{T_%^-5Tk1nD
zA%zS%#6)QOn%{5LBlW7<vd<N>;a4&eBk_RsOg#U<X>~yQ(ZO<*@CCxC-;@sx48I|d
z@Cv>*>rpp$F94D7%oQ0shGEIC^p_m}C-AwMe&OJU8F!u)*K@(8$yN<6Yl=DTfc%Gc
zHtkNq*4?Af5@vlcAwGr?a*~qd944Nj{s?i43d+MDlIK7@$C^#w{AX!3BN>y=5NIIp
z=`h{0H2ckO`|@ne6BFW`PaADo(cJe)JQlP?Z<*AktORQ_FxnQJL@F%5w{fp0f%?ry
zwjHjx6&FCbC2+L?7a`#AbAW0$9ry`<T8N^Z!@`2+v?C!zF`pezmNh~eIDC{iaD(A;
zy)`*>vxxUFWTv=qL*j58j~axq1aY;}hG#T0ZirO)f^9phMo#VMAcwkNz;%?1Os{HY
z<hJ8`1gZ9?>(}alImC-O?|@gy0i!jcFj|hD36B`X-e0>4EC+iXo;ONImvh_JS;hp1
z#XyRu5XWXWMQ%mQ)PX<t4YcO1Qcjsc%WYO7%Ib>QFWGK!yPJ1q%N^(HWD9eCH#}9@
zImPY+<_9#uDjWSjg(8ms1Q2HU?@<x8TAOYMqe#9d)Q=F>p?tpSkAK&O!)xwHG05SQ
zY0_Y9waEz(Nz4v>zADw+gG1Ui{=zd8XkJ#;Z7lax19;ctJ=<~VljZ(=P65#i6sAmN
zcYE-O1*YWTE0IL9XL|2;5}kf=zKs|M5zArt)U|tO&#*%;UnujR>XkQ7E0KDpj9C`p
zU&D~+_Hl#cjo_^tfdN8MyqHbSwDC8xhxdIQ7!D8ie<<>FJpK<o*w%QT*Uj&0uPL8|
zXRn+Df?FJ4)$VhAx5ii#kMzNUmtEc8KxWw}FSGh_q+9IRG?ngPz3XGGbCtZPEAwA=
z%lQDeN(g|r?}Q=j=$3AlHS+?vcVa6IX?HZU^NnfpRFngX`h&{)hvWwF_ExvPnEw;S
zwN?tneA>?R2#stL$E2##E6CqwcGgAsAJcC=5B&_a<C|Y87;!r`t!mv$=3U1u$C=y~
z@~*dvOYz94CsJ+gK8xm3j78h=@htz2%0Zeu1XL)?MZ8+|h<8r+^+-3)U!L0GwK}wK
z=Rmy@HdFqC&su}H!m0OVCv%_0yI#yKnk+M_{4{~G(Ut$D*S<V~HSHHPu_K^*<o$9g
zKD$o0C}EyJFk~x*=ba#=Ba7e_>eK{%K&URQL)qmYv7&-NGFWMRPiAxhg^+&-G<qZf
z<C#W892P<mC9OmkVyU2snh;M>mIs3|#LG%3$?n#h2SFYN=~<(oD-AHfhs08=)k0c^
zZ3aO6x-|`>)`r-}VWg=JBM-O8;ro%FzNacpKjZQ93{M(LGe_meER8U73(R+Qdi5F?
z<PK^XYye4yk;Kf?g+euiHJVHx#UOtr0v;C5Zk0vrsX}(?n7TIXOu4!~1^N)he_l1s
zIhn{~&z4zlJ}w<|VAs95O8IwnixaN}vg-&y;4$f21sh_D2#-ki2R9naIL82yA}(O_
zieIZcZ*R_24c@uJ#&wdAAs=fWFnoU@k#s_SZq!CJu`IpELrwdBy7~yY9CL+;F%Az0
z1dn1^4aGW6k#{e)<mp05Q6kVsy$uI)I5EV)n4-J(kHY&@TT{`AJ3MuCrx0bFB7P_z
znVJei5YWJtX4$+TwtbUjFS+7-lhHP0mY$<NHa}UUz_XLS1}~YL8%r3Ps&`udK*JHi
zQqgRL^8IaQ{^O!|_336g726-0>G%tlww!GxtGL%DlVAe`e8D{)z`&Ura#MF!#!_#y
za+v2&Q!o1iZi?iV9-vF*K?Bw)sJG(SU{3jSAp*{NbNCi0<VCcIhAp)IWhLon*|hBH
zBA0zvG+H##yFu?46BGSqr_{deHq{FUVeKDDYd0u`)^l2uZk@B*&_g@8s2-09SAEqY
znZ*Qb%=)X^T6k;KPHfyp4DEWEts3ag8w0<Wb6P3AkJQnDq*IsKhO0@NnpC~N{BzK@
z{A$qNHu3AjuE@)a?OBM~5A#kf3Y%rD+zrWQaj4e+um(NUyw(y4H)~o4T)pk4M~p%n
z7lEByl*WC!2*O=_qGxy2uM;GWPw;k{ZjF23yV_q2=h_7BayP2?`=J{-dUxA`7?Oen
zHxHusF2_R)FJB0S0x@i`rU~IFp*Ye6Mw<hO0KK!;wWT{a3uqXUbo8uxs%SDm>=vt@
z#wDZHMn7n$;ZzE#DOayKG#M9FZKbW`B@hBb<h4tO5`hRpAT|-JQNv8rR=PxTG@)=P
zbaE~#F<oFmCT8sdo^CnG^epZPkSE#V-Ivlr(lPmD2AlTb-Ix6BAM2*&T!rI|Vts2D
zfeB76BOZP?&z)fHM1^B7#Gb})WZ@&UnER>&_cjZ2cXJLi$hBK}F0ajpHk5{F$6#_|
zQ;o3~@BQe!2N)1mVu6H-*2R9h<;dXU)76E=$B!QilUf{LakB;|6c7!Fun62Mif-vI
zyJA{`8Y+nZQ>Z2UI6@KB9;bYu$hiS&){P1~y!-O-@^^iDWWdss$M4&D5#W%WDX(eF
zZb@koXxJ|Ue8eWSPi=C;U^C_WMTW`CVL~Fn5tw?JQI7acTwjwb=>IB*565rcfzPbY
zjd*p_iQ5%EHqhtkbZZ%GI!VO%{xsxg)6pcB6hX9?eEW5Zx%a{L#?_Sv-%T%G-Ch%e
zt}IP@jnaub%!7dlZsclRG1!c@ixlGf*p1eplmLCYAo->@RDb+R$GYa14VXInvcGvS
ze0{Ot`4d{o@>ZJNID?`&2wuw(XUuC+!=|x-1xE*G>zJW{Fk3~BiIp}{f4DL9fA}!q
zu}Nwwlb=F#<Mx84AJz4)?w7#^%c4Uh_T*Q>2w)`v)>PUcO!#$^2d;)3csjc>_29{e
zs^fD_WVdU`FP%WpZ3PV4bJc9Z4VA=zpm29GXP`R;&Oc<OVxo<5WE~?)^pT_W!3vPc
zgU7+6syqCj=+cC`Ig(ZFTXipq{MeY4SF6$7cZ<FdkD8U-s@k;BiKlKHJIB%Nx|4=I
zacB?xUHMPK!e+ZT=L65U>f}GnSHe~E<X8{x@P!^RPqr2Ha<7I{5iNFMNcR_D!&JV@
zR_ykC4dS$8GKxJKHLI=2^>w%1B04pXX71hg&U_RvT0Z<-(q`QIIx5T7SCk)UR-*)k
zPa$QqgE|3*NK3;=eZEWufk|E#X?vu`S?vX>i2=PZqa>w1uye6_59056!`AU_QG=ge
z)W1kIRzHW!b##8fL1#lF{=?CMgYiF@VKXwa{`Y3szpAN2Hkj``{a@7-j={X-{m0mK
z7M|0Mbu6r~H^i2R?C-3)8MXDtjkuJPO}XpFPRolS;KpB+uQ?L@#2C!qLS`q{Pg=}g
zZYx5B1r8{kM4iNh1qujhGzct*MB3@vg9Srg1cMWQbjzLOyNfx9rwhyZSR%Fd->de0
zo=2Ya*Bq#gZ#jOk3yZASPYeeH<~}#Dq6qPR;)s{acWff*<!?39=_q3N=QzuQFTfKb
zExCFAhS&^0OL6}YsSgWXXb?1(^QDUqB&R74IfpS!&*3r1nm*)?$R-z~!8nEi>)kOx
z3?s9h5Ej_*mcKL_idcEY7v|&ZIAkoB;vpbRQG#p`SkVT7F67qxCFvpZ27HEI+H)X-
zA}f4|K#dxETDdl?<JHTJ<%i+Rn(ugKY<-+1(>H78=k@-MBGWhLdZ_3d^a1l5wumd6
zEBA*NEkXa&oqdd>gKg8fB|Oq2XPfC`pt=`q7+M+St^W9G_3Ui@k|xtn&abo2XKi<H
z`Sa_+B~9i;pReyL@(s3rs{H9?k1&%(<OKvZk(X+GEjp(wR%fF61V8Q6fg^Q*^`B)n
z>I5pcIv$MeYYu}?cr*E?QDIY)M@Q3b0r4p}mr}Kg?Zwv^o)PL!BaoCND@Gup6>qMZ
zt6r72%K`^3tp)Ma+tV$khgcCo9bP11gpm2DDPYNz{RR>a2m10$5xih{jb<+0YtPVj
z79<8h0|6W>AP7s#+Cu>3ua>kbPfAtr;x1Q)=%CLyP*%meq|S6x!X0rnX~BsDcNaPp
z%|PX>cUITFphXd}D_*4#olF_lcloU^aeU{FH)ic$!BBYHs%4{>A`niUl%0&`61@}y
zjH2CGp>gE`O}aEQH14FAqA7Nb1~^qdo*&PI2e*!*;hkHs0&vBqb{S%9iH^-`6M!8q
zTM@418w{DSpe~xL%yo{%#-VXDK#6z)g42Kp^AM!NkdY95??eHze2_Rn%OEm#&C-_F
z3PPiMl4jo%Zsw=GiK=-^kN_S*gr;hS(W$^Yk+NGOMfCIa64XPJ#uI7g^509>`GRvR
zx32MK(K07%XG&|;)ON>md~?pfb9vr)m&4oLQH9-n9P{52YVHB`$;!`<Ibws4VNBu4
ziN>fAuX<{NBW9?r8#O^|za$V_H9^uAq3q?jVH7-#66`61DAUax1(0T`GF#hdB5E}k
z9!KBV%*x&gt8BGbWCqac&aePj)vO-ri(nS4mUVPFV=~swY^2GN*l$A3GyOykE@!Nd
zR!h~UwDU8OC@&eO@C+6P-XDl`t_1q2vad$(0NJ}ZSvvR}Y;HFSPRi&|mO;Ei1p|oC
zYF8_`x?T#bv(jEhmz94^LrQU)BA(Eha0L3q>o6fSHH<Px!w<x=Bwq=ddDy^Vvtm_e
zG10iWErir8F4s~lxsHu2%xbL(yku{%$t$*mH0)^^5}zzL@XGK#O}D~Ou#cGZG+Axb
z{X-15T=rx<`Cx&jFWj1csZ`$``jvIvs9qcEO4{71j~a-hzsNt~wR9C}{!?IM{SWv&
zMi$op8lN|<Df>TdgP#B0HrUPLM8fu#9Knaazb2Ga1Q~@xg@Kb8_wxUGmLN_@=!bAz
z3$6tbtM`8IxjwTrz8N3dalH^;^YR}_DNjgC^4u>*Hz+B21d>f8(c^gH`#@^z3&ZFA
zKhb&P<?NG|JnUC+uqpl>Im5GNh_S`%PKM}hUWOOu(fwMNiLhl#5{lQddD{7XM)pv<
zzK;w>TAqE$sk3;$Z38>osUE|NSu{64BazUra$gfYaJ&Hu1g+!kG?4u%`#2J#E4TrS
z55sKgpQjO-Y2tR7YMr{)RE&)<aPQmz0$Gt65TcpClU_XUh8rQT^~G<OjkvF5S-jbb
zD*gWczXbvTuE7BUrl1tZFom-ckO7ajNQ~W1TcZwdM*&=&_RfiksudffrfvM`0UQN5
zo|1FVhzVydZJrWddi>dgc(&2*ntuHmxEni6`KD%D<gKDr5l$5jxk03I2<Yx;RF{PA
zNVFu<E3@+ev`&8=%B#-EI64i(XF^enQpk(LKQ|NGnt=<C9^`u*M)}AuT29Kwl}|n;
z!9gAbz3~2>kS(nyii<ZUs!7QcosbBS7!ygTo9<0xb8~Cl7b7b*l<8|#H3DY@EGLE2
zsYmpfOx>Qte6b9W^(<M11y@gh4q*(aMKGFDEAdI(C{80ObP`^Mc_<Nr&&<ZGujR5q
zcUP)+y9qBkDgSPAV4EZ4d3&V4s+kN!IQ6T|<)O=th>aQCmH3mi6(1I9y!raaX2~$Q
zm7a{zl%MYQgQ(2dQHait?e@yo@#=@>$eF3K0j`1FRZ!C?7V?$Cs9cd8>e*1fW-!{l
zp<^Zh9~=>Y)r9Myl!6E{2*{5hF-IDS9O#Ncz$6vV7_X%|RL7}`TxSsBp_e9yppM9O
z2&1Bh!U!^oLj1-AZ9_He3NJdkbgv@7fSju|6_{;GMAI(JzAS?d?*VLpgAb!>1*vnQ
zc9bdjw3Zu;AQ4UmQXml>Dte=eprx64a(^@{%X8+1C^zUU7Hia@sm#CZ_Nf$kGBaGA
z{`7e_tC5kq^2ATKB3G#C*p^RPA);9BC^$YbR((t>rBC&HVxCTSAlK`NKTL{^ik(Je
zMS}u8xON^e8<%j3vI-*Q*(Z*?ma*^JQc{7y7eHOZs6dkdt*UOpcNOmsjfmQFY~kZl
zaf0Ztx>whDLn$7}pyguNf$A3;0Fv|I+_uD~XEZ|K<jJnthV8F~I*CVAD1OElp-Ynx
zidHnKQmrj)V#8d66@OppZ_9s8D!My-IV^U;#v63CW`m#3aJQT-P+@oFqS+Ysxry4b
z@e;&u?4)(T?y-=-KFvc6oe2j;1@CpQ-^6J^#e%Dny6S9gZ}DtB({~#FT)Vj}U-^4s
zJjNwR=*mz2$&E`8#X*oL$ZA}H7-}44O_Is&Ff)!K(I|~{?UCNZ-yZn4yDeA`X6)KS
z!|cW-gk~$S7v43~hG`wLk6{dS_HYkc4y=f#Iix7<b_UhO{?a4(^X%oa4(*L@cykXi
zc+RO=cCqx*EHL!p1~V5?BZfh#DPk=G4^P9mWsZ;o?0O#^ZPG7XDZ)|E72<oU7Z+y8
z&O_9A{^7p&XUZGd&ilunx?TPK@G>sb=l$0leL~dD#gBPZmqbtPY{|4WX7yq9QXp59
znM3NQWjigiQ@vIFG>Q;|4!($NCOqAOvne8#m`5Yp0Q1C;pUbWx$?xN%D-e2?DjTqa
zQ+_A(2#F<c`Y@Gpr$4$&nqNEfcTco_g>)&J_GT<wo!Q8yDLc1A*3SOA*wTQM6)6hk
z1~?wkMk%z5j(;MgABVMHFvB}k3P~+v?A2w%I*j~y2WaO^qk*;C!<s)`J3Q~Ps)M)*
zXbbbK=a<zqkjmFU#f9wMf^=~7=wyd##un!m9eh)mGC$|9l2eoI(zxk<!dC*IeEx?7
z!2aL5v;PWL8UAm07!y0g{||e1?ReZaSifC;#`vq~IEpAFNDM$H!3`i<1QJgPYm8AH
z*y6g?HC^EGzMC;l@$4tkojWh1{B+$sOsNOha3X#ssZ?k5E*0ZzB_s$GZZ_vYu1ddX
zCH3arL0@9mLKl?jo6-$Ms&UdQ3S%aT6~)MZM5=MP%je0At|mfsf|+Y$PG?Bs*TWb>
zqr;}DQ}oMprYm(KG2;_{@DCFA(ir5azJ9;Ram0_)rYco`?21Hw;Whhrd}mhwh&!r%
z);l;l#W6`-Eje8CJND@<N69Ghqb*0>D?sE1)z#!R(<E1~Ad`c5T3xw}KMG+5e32z|
z%rSx4?W3&jajeGuh#E7b`g>(AngJywr_t@8&Y^$!P>}ykTpZp3RDY8xAP&k)EI=mr
zHKfQjY1gaiP><BB>MY{iA+>Z8u6Eh|`qjMBgqr$-DHvm=S5Q}ztH|okpL;d%($#vk
zR8!V^K~<voGfT+0DDEMpn&KKbq@S(?hWGo~K}{!Y8KUT^PQJgvCe`ZqE0rsLRqw&N
z<hBo*c;P^QSV%UggvP2Cb7S*0ZJcWW82sTwe`fNL-~onbk6b1_uW5gIWl(lk2^~|6
zxvq>-FU_#%p+eBS8)xlwk1ke_5t{b}DC(Rg&xcMUAp$RY-9WhO`OGC)_d;}5bUIO?
zqC59Obw(ste-hML6b+;{VyVrlh6n+*lW?H-=hFct>aH=#x6nn)`jo6wHA!{By*}t{
zSMlkdu!4+{NBLhG)}h(Ho~*7R_^;--gWIcrli6?ord#Ua1OZ;}4sH*9eBa)!a_Zx$
z&3c~eJ-v4Po!_iqI1Yj`LO{yrWCX9qL618JNqToKD}J6Pf1L#%?-&dA78nb1K&*tg
zASJUDvJ|olWE+zEZSm|LZXNT;(e-^@Pe9dS(8Kff;Mp&3{Q3OfcB6;b)72M!T6)EN
zoL)cn@x$%$7vG0=eY(%^%2RIDK-E$aqTO&PO?*s3Qv0(CUtC{K72RJexj(P&PbRN#
zbzjoW)zj;LMVs&E_ahH?ZRNA?q9G@y6Z0&S3S}0PNhUdqbIz2F-z~sPzq2#Yuh*Qb
z3J6OSniAGa2?nBkA+D$O`SAfz@b#v3j;E$Hyg(6;lY_(tD_jdkAA+Q10qs!;6o#?4
zjA0=dDb8?-d={(dU(-&WPyGG3p69errgOb?jxj8;5}465h>UJChxq{Pjv5bAA(gnl
z(1)X`tpFM@cqRw{LN6V3=ti%!=t8^uV4gTCw(`c5M)OicNX7C%(&gU2G9QMupnT_&
z#bK<Q>=iA8uolp2nB{=uDjf?cwroO4;#LhA2U`zK<+_cp&}b@1aG`!<Q5pg5&6d7r
z0*DvZXQrA52#pgNWZEv2z%jg+;i&mpJl;*=A>10xp!?mR)>x)lUK3P@1fG(YL9rnv
z8><)(ac(17vw7{xkVoA$fuc47e!D;`8I4V8d{0IaM*-Z}FFo@zEU=x#8gtnRxju+Y
z0IvYfuz7)q7zse^m~L5#<AR)NjI^#;`}Hh@b1UmevdLGu@cjxvoR;G_IcmX3Aj6ID
zg1Gg5-mcDXkCpt_8^E+hXDJszad_nu{k7xoOqqec@}{%h3PuqIl4`(#&HWcaCgkQw
zPV?KqSMIL`V^$|)*SC{>KZ_mXx2l3j!Or8qU%K1lK74|;ZlZ-~rmR~LlP9wOw3Tvb
z9Oj3eQaZF&;J%HL83_}nOO_MOCp4D1`Cu_{%wD++BWK=Ti7eD<!-7jFfzA5@v=4kp
z_v_>%)nqZz>Ofr=^WzM?7j8xB_b+xQuC>)m!@aT9VK+up=@-@f7_R?*U^spq-B`XE
z2P?$0`>uO<{)xW*4q4d^!;Q@i(~S;)rss)RiZk&<2jcaVti>hIWFF2tMkt8pg7hI;
zXbGA5Qns24E?Bl14OpFXj%>LmbCI{M4Z^_24*zFC_x+MHwm-<KVqPxxJa^-Q2`FF$
z7WKaj;O0C^4Qat{VCUf|6WALL<%$UQ1KJ`Fns1e0MLza;UPD?ayNNc9foj>y*@-*r
zx#@RA%ZIxA9?J*b3D9BH-E4}T@|da~n<Z2slxb|j=0dL8KZ+eF?ayKuGoH@d7BE0C
zU|qXqFc_I`5+Ux3o12z*wIUwml6)M9R-WvLR^N{zYn@UHO}T%<lK*J8=vKC=Ye84F
zqN&)@QrKpyYMU*mX{Negi7JX+tt^WWYKo=A2L}Ej0<fUX9$ZjC2Py0@`K<jzaJZQ9
zz(Jg#)Hios8V-PcyVF`k;_bEkU?U2tS<#CkUrQm0RdoOMRD>lS$?9?OnO2N2aZ+Nw
z5pw|XeG<5@vc)WwJ>{dfO)<DJQCXMU^w)iZ%&c&&tQGS9n8%quq@)SPIX_hTvIkWV
zdbWr=NE8>pXZD7drE8H*QSf?qi7hZW&QxfWe(Hf_u^<dcx{4yOTxKz^hZ%B&-6(3Y
z&!>DoU8qPFu`oz%K+-#s2|k+fV3mOw#X{#+JnbtxNi*JeDNJ?gL&ba}#e_4^Cbu^R
zD1WAzI?{C1#vRMoAc!&7QXR?AZQIe#pz%^^{A4}V#jGO7zAH(?7033b?nsJNl`rUf
zSGD)bHn6Y3Mw#xY!>+ige|l%r&^w-v$$&!ichfeT{|+U+%LaAlYWz5cpB1WT#d}xV
zD_HVg_xmBGwu*VwBI;S!l2{*YVEsOo)+$<Bt8B=rY`mPx1F;hRitrM$31lf`D`e+*
zJ=sf<qVf|1Y@5WjN*H!a>ojyUu<?(yAC{jUtbM{9N0Al@i>;icE-DAYij+9za-`7;
zD?Y-2?`<!TO~hz~J@4luqRF(<m}G4hGr|(BbB-&6=47~r9oLgRb7N{KO?GvJ;mBTn
z8&P5=-TwY<-x9|%#UvMeJU`Ltw_W6T@kq>YV__;lqd5S}6ogO0pM2H$tKUD7_nWa2
zz>WyrL4RahiSrbXO_o?|n5#x1VumG2<XnYJ71McRVfY1PY$G}fijLyJJ~3rs0`Q)t
zK^mWioMDoKOVNdvIK=x6V0Ly8#3CqqrB7YPq+Q{0-ONh4Fgol_*%}}rF(+-I*Vw1K
zh9OxoB`_*Tpq^63^gOl9Cc=P>cbKIDA`#QJXiXLsDr|y2NjsrsNIk6VJTT{J7J+3x
z-*`Fd%*Fg(40cb{IF;e~0$t(3l(zz&WG@yN=6Q$<M?5p8q_hBhsw{EJQjSgK>GlDq
z;$zu{9SqEyv<dtv!R4O0_1I8IAMen<eZHX=5JYN?OClnU!WKAC=Hrm5N}6>XDa&0i
zMzt5@PBV=o(pHrjTxQYM(b<~Vi%e?&#fgy}6uh{2;=`;%OY-76ZmUrA75eP*t(Q|1
zvwId>Cp+CGXG*qGLZ5oqVjCW51)~RUrZ9u2b;@Q=#}C^qh5k$00ncQu`$+IZc=fw#
z?Km;VrPwaEG2Naed|)o^wl$-|9C#DV_O^c}|D5t_ef*9a&b1o}_C^@Ic_s+qYXL88
ze1cQDfd2DvxG@uN&3#{V^*6een0_O!+rqB+{;Fa{mgA~Y$YM6B-P&L9RO38vCgUS>
zdbsH<<}H|L@dt2o;D_oz9DzAF|AXBXBPSE{e=VK-?F(mfp!mM1-&)kCTDTlOpOV>;
z<+9DJ%{&%f-4kg<Y8nSaw_6@xoSX*54zLU186gDK7B{~n#+4XctPifpo(z>djENs>
z;@#thYbKLVj{J4TnS7#jieSyu-0j5S?2$hA+V1ljzJ_{xsKTcyD#shpO%#`&|6qJG
zahyrGV(M4Z=Mv$&f+5Sz#|46K6lH_;z`Lht8#F!HgtwV4xK0j5eBiwh?dkZ_4r`zj
zL|fx{asx+)E&ItU#tpJRcwX&^zz=O}&WElYtZCTbmBe#qT|ocyOrbJ~zc^x(cqH)z
ztDT+_JdO2zp#xyG(Pa{1>EqcPJqw}w+C(;&j_dO#aB$JZ5b;DF4@RTHn~`}ltvz7m
z2<V>T61=7&S{6w&znaclHlJl_W36Q~Vc4!GDjJL`Z8@TJh$xg`&%Hq!KUz9^4Xqo+
z<g8nVW<+_w^S79!HzzVR!d!u8PsbA3t<#Wd@9R}F9mrQRk|nwchi~OyQzgjZbtv0|
zDxc)adu}PpITy2j$ex&Q`fO?7{k0`-_yUWr7s`aLB-Jx!QID3TRvYrs!V?0qqCu8N
z<b6jJFfPDZb7aW8?AUu5cM7QTtvnFE)7Er3>C(;G=&d+RKpcR>{0QN25Q=t}k`RA1
zhE33Su&ud)zS3@396np-yBsRJWVRbXpfiB^0&!Alo}CM+XS#b}CszO<$tPG->V>In
zrjO>1INzxD{XcH)d(tv8eZJMB$u8J8Q(bIys&6{XHrOi%WHL*tK^=6eL{NFZCkhwC
zMz#@LT1U7v3&K=HS(kxaPjz&l#XK6Jay8F;nvbHM-YoILI`A<}q5}9mP3%0_LxmK9
zcB=z!Gds7xm!1izV9`B@d67Dut8_pB?R7;7c2sGCDCV79f15~R1l*Z*>3k$xAw*{b
z3pwJ^I@uUpFUDj(buJ{rn<BN}Je^2N_GByN8QN-wE!S6u982HZ7(vm)lB8;cVI$1z
zb<~>Lmj0EsEw!X_GAI7CB%<}mRXfJ4gZMotH++sxY2ifZ(H1ex1t(V}3d2a)V2<o<
z$n=qVs}%g2v&kG_kYt_F=Pj62R<l)vvy{Rt>6;4mJy1g}|M4%x7nj$r;DuYmJ&U$f
z>*8Z=7How(;YPlp8gDvf)Dr2yVT4%dCa{vWI{GJOMrCKYkgg0SoROt=<Bh_T3MNh1
zBP_wbS?Hz@cVGaIILn_FtT38zv7U`{l*?$+Yoy%@Pv2mSaLWWv{t6~&DgZ}kE<jh5
z1C$gVWk4%klNO3dFm*hGoxLO33*ne3y)L(DjJlY#n(mo|E7KdbMIis!k|bErxeeny
zY`d{_jpc|mU{-?qcEtemRu_NE-FU-zWL!qMcK2-fy}R=62bhwbk0aM1-E5rcgHii5
zZ3eU@xt&k^lp7&WdJYb<*k0_~s;kk|-kocdWqb)2<TY}<g3izOkQm(Y{4H^Gq2d)K
z<&J!Hy$DQXfr)s|u9?!q92N<wkaCs37ezSAPCaCWrVx*KfP93gKneOUo6>kIKMudH
z4(#yGa8*G(x~Nk2iKB3ja3-e-^w1R}iY6K6YQ7Funn(((O{W|LKtoz>QvgGWacbq$
z1OO?U#SoSIZy^%SC_%WLCvJ?`(EQ``b^iCs=7pud%fqdy13PE%ahV$4euvGX8P68C
zgKFADV-4Goi3&}LHSxiC;uF9QVkzsDk1lxzQGBwSmUU?1$fz#3nc0VjdPT4RzwDA2
zPYAD>W5x?*W#yF}N8sJjw;x9qOr5-RZAWZ)ORMp`nDqzKohDHX&4G~nx>t*4r#eeo
ztq6wiSjIVNthzLH)%cHE(1_Q7vbXxVHlm66$*Y$2$;`c2-!!ila(;-x-W(f{UAQ60
z)USBltBE>=B@2X76i12mn&a<?oofG3b#?g1=D?H7r{@|lYYw9xTiZiK#H5<7NH;FN
zp=9<&Z748ztJ#nE@@R8ZyBzos9_OmCaINg4-BKp^<Oq^SbB|Y80=9Pxolro6rYALF
z+aQCG8G=2Y|E|dljR(gV#78&PVfB7GJ-mCH`q%i?t=)U0|Hqpl3y1K8EN$)Lvs=jE
z;gndfd7JTXC)ZFG4rR;p1O<o84P5JAfsUFDs*UAGGk@pz20knn!^+YGm$AJ#MK>%&
zN?Q(tmLbMyLpj*2yD7|y3`ojwBoFLkRfz1n{xx{<W>@yvlL1pZ7yX%~m05068!^f?
z7znoa6~*sIpfsiveSLjKY&DQ5tlK1+Xpe1&KJDGIx~(qpJso=FJCmP*s6T$j&D(UZ
zp|pkLJ-0P)Mz77Ua*oJ_QN@)w^*vC*h5U+2a&7gXU13+m8<;recjdDsTN}HYIq@tv
zDgC;w6yb4m81Z~z<G=A~UISw_Z{l)ZPqwUhB#c12_|rt+y2<@TgSzgOXrJy*hE8dN
zXsLCyV#tI%)`p(dtOE@O7W9l^i>hGXPa(11JV_RxgiV0@15W6DcDqoAHJo&qk$EnL
z=YC#XlhnWT)xx#%_64O`_~{?fj-~wr3~kyg{2!7!C-Z+0doePx{nu{s+nTn&q#}gx
z>;LK4k{B4h%2f$4noMd(gPvj;<ENp7SuwW)j6D-sX+K}Mr%+5P*{oh$5uc?qpv8}!
zTyx^yP~gM><LEs5UBAfDWx%mWm6!<r@F`$eQUa$ckVwwqgSHix%$I+E1VF}d7&g@T
zc=6(+DkG1moZZ^+(cn!@m9b^d<~ZDR?|w9k3!s6UR4QASP{N17_iV~@U<_=101&60
z?%gQe6Yd2O4s7Es?v=f0!+YmoDDHo|3dd@Jh7^S$G(u@3g;;OlR8o*(9Nummd16&M
z;EZs&WK_b5Yd%r8c}9ACsV(ziP$o*W!NVDmB`OSZ6XNoTiG)1F!SUzmB$$k}i4c{l
zA}EKc6j8ytr$nu6?6IK<h4IHs;f}hPeU>~N9<Fge8dDzg{OljQIJkN_v$jV{yk5sY
z#8utGLFfG1NherYRl7RICK%t=h_A)B!{wuynOygEq_!?-iz?dT2ht;=318q<I3$(_
zOJ>P~J%j?XA2!6)3-)f4Vymt5YS?`Us<Y{!G#4)Z=|esOBd=i{=oraN7}``h(p}Sz
z4MT8nI~hfbu4~IpfDVi8-JG^JAcIF@NKT6@GRQx!nt?=UoQibM8Bi>eq+MM2K1{C+
zIn7mfOk5uq29Ha(7WLr$x8wAe9c!&bg4xXiN#t<Ah*7H6Gfo93BnU)N(!C(St^gol
z+yNp`x7Y3V+myMwT9(_J6bLfya>$KM8)d~l(fp@V#}dph-^q@FwYf33rZApSVlT=2
z{nYTx7>a#|9@#!kz7vG2P#A#%A(-WnAHoE3b1=)vylP9lk9nY4mo%1ANe=cr{90ap
z=E5vcBr<4WkW{#6`v(>%t_MXgG03<@5TQO0!<h;(v_uL*Dn!2O0>-U1!nf!Ti<L0}
zkXOw=$AgCK$)6|+j^&fSkMcuP*G}c(glS4qc1lruc}gUIS%)-KVd~;j`rE%-o&f(2
z5@&+h63@)tqa1NIj2$Hs2j8nXw_1!!a5{lVH%W;}>_mL7e9dgKWTz{tI%j40e5TMQ
z`3!w|)za4g*r27oTj)-%lDgM6OstfSo{u-1nMlvCwga`MK(3Lhwd!Ear>t*deH;PJ
z=z&VYBzN)$sD-?tfmFSIz*xO%xTP+|485C}_JqKYpQD@<3b-DUs=E_G61jx#M%Br&
zqg!)m6QH+7-R%-XlE_0pm<f|Yf3R3$(gZ;j(*<F#)xyYwKI$4pnzasZMhvG={JnL^
z<Hn}qJV{*Crw3PGE$@S&oBb&DR?|*fu(#i3`*vPfHUHyvtIUd^8Eel5B;5-9z_bg1
z;a}N5JPGoAw;ld)!A#@`jW<FMvNOGW7SN4hfvsIiXCmeKlAy^d=r4@?cfbb0DH=AW
z7YHk3M+|tiz8^&J6b+fgAD0a0A(W#6v;I5RU>6YevTJYuiJaVR>hfrob8Bh+sv2^%
z0Q%scM9GcTJMyBPa<#s*|F-SLnWrIosIJ_#TZithA}2iGjjO%zE}?m|)hCW34xeT+
zH$lZ`Uht-_pnuXozgYZ5OTHTcSMB=daXF<f;@g?nQLxW{Sjdbx-^~odoBetdH6Mc{
zD3388KKfOC{vF<=;@B?3|6?i=BO&EK=3;4f%-CWI-}Pwv^{;yPmBlUA$ihrF;s>xM
zI&kAZMbBSl%l~63@_(uJIT-$Hz00(Qbn>PMLhpzADTVsJ;Z9P;K?A~lfdt}TJR#Dh
zG&Q_>&{h+g$OeT^cP}$966qB#?7xB0PZ^4Ref8cl#a$6%vuOId^nCtQ3lyZ8D@2_;
zB9Nq&D~d^uMVc->aXX_)B$KG}3$LY?Sw7<yK5aS!^>_BGq<n0)&7W`Yn-WrjDntT-
zA3D$<Zg<m92W_Ci=`2P)X)L6a>57f|-Cvnv)*2sdMIt7ak2_ae;!1%GmZ4WgtI_yq
zD757v)ZW(g1Mw!K@Y51h^NH%xbcdfAH?r1o(xXP^_Vi9GLJIVI?}%uAMwl@QwM8M;
zNtAw)V6g`9=18LL2^L;hNg)p7#UKmG0yR1k_uJc^ZcL&DWZ$JyX}J|9DTt*>jWg8x
z?3>-|@7xSUd_u65?KW-RKi9abOIl!jw-msEI^6gilFGPJ7t0sb+0{3B+ufcIqc^ye
ztCX*sH($Qvs21l9R@rp|S66KIjc_#&W85)=@v~_2+HJ%Yo_FuZZ_5`a#YKSQ@EH>(
zVo59&V*>Jr$q6!#5`cnJn<{J;+3?clmkZ|Kxv;6xTL0>2_4Q~$WBc6Jv>~AqlBl#8
z!Pb>~?!ke1F5GVJD{seMVc;a!xowqwm~T2{0NyUQ9$vJaS(uYR!?Tv+5o!uVH1QV@
z{(d@5YknQ!KtxGX-1rBEIKu^)?gjpg664b!60a+fV-})BAB!)#jakVg?sG+Qo`9s(
zX-HKJ*Vq4YfC-UcIuHOl?q^Adv3Kolbk|YVO4%;$;L0d=6(^=Q>O*FeB}e}{m2$-E
z+mHc)xh@v9Rkz|?YN@t;kIbVy>4t{Y0vZZAdO+q0XI8Y|Z&F%y4W2mpuVtnJ<KPn8
z+E=mJPi`10k9=%-dD`P2Y1HVl8f0+3d!N57y`FwHvWxnHU~BhriOkVGA^w5y=nDZ#
zXU<U1JKxe>2g{cGw7;x3#>CyF<Ba9rYN?Yw>~jumW|wv6(0EH4treeXAJqwDgaXax
z{H$vbBMDX?G7t>O#ifX?PiKm~fj6@yD9$OrOYS@kvxtkj)tOg_N`SY>1bW{p2x3ri
zvbe_<$9)>W$=%C#BiTrVb8r&EghHO{SK1G48Q_C$%6eW~?>_bHm>!}P<)2AH9PCHh
zBLZFGDwt%2VED}<WPh6H_6b}JMJ6|Sx`*SG1ZWS=C2>pdc4pkS>uBLQ&D<w)R*bsF
zHLs+?KuBU_9}Ny2+mBKCv>zWUb!%fsyg>u<&&Y{LoiIolk55YIQx563%;u$BeOx&%
zCxE71va)TruU5YCC<B1S{99V=yod*iy?rdQ?EE<p6Lwc}KVm>f_XFmtK+QjaO$J&F
z(<F#Q!j1|W{aOogr%MOcSUwdqfW>(12YqZI`|k^Vo!YzeOT2goCn|7+c7W^AI1FN(
zZZQBBoiC+AmKW=&6duSy>v+KFNczR(#%gl~w$>P~<(0d611y$|{%Pg7OoR9-XK3|6
zJWB^7=dhVDVfNwyK8fUKK)@kGh8Ov<6aghB=3WMgO}_`-kiH;bvCY6}oxEx~o^D6Z
zLF~hTKW%yq1HOq;WtavEif9fnCR)n_>qOs;`B^%%)XlHycIEDZVbnx3y#UO$a<aR+
z(+u_^TGd44P3>tzCpatZYau}%Zu#7f4waC}G$Oxa7Nb3;+8VpbQ8vOPjO?m|(*5hX
zv1{7X0uL^L;3Un8V&s=0HX`=<fOh*~p&K0bk8a@4s)OuiAiBf(3rimDB6m(1iGpC6
zogGbH&>M!GVF=eeH<bIPt2dKAC@&4xSiybCJY;fY3z33G;l!K}#eeCc<(56cD@L&U
zXJ9%Hh96<Xc5hkR*rB6lqIJsM5Q-;$UgATu_^ELB%Bt(Er{4LZ(6a5R^UVl{6pYy?
zYYix109W%A_rwZIy3~b(B44E3&m=32rZ=VXwfVb&bxCslnf!1t!<CuOR!B6l5rzBB
zY|f4UcSaszi;v-<0z|=#=fj~~K2qTe5E&?_ykq+ut)Ts$l4nI)@-VVzP7-9F?fD10
z+5HI@h9YCj;GH3KGqXQV-Q7gY5$b{Ef^>!rbF~i4%Q;^EeNzAN29ugoImFZ`qZmhB
zl4I#Y#c=w7=5x?Uys{l1d9rA8pr>fYEtNM&<MQNi)DD#QFI@xgo^B{I(w59!9f}c-
z9m1j1=&NowJ@qB28>fNJ8!(Cvf{mKsSEWpNgib<=rep>TqNT+ak!!3rkf)i|=@!zD
zqv4}Ty4w)UwdQn-TP22}Bom%g_dmN^y6h`bA@E(iG0tmvwqWs@=`YgEFN_@SYZw!~
zT5=R!Lb<8Y8)`BfmY4Y2riYoaPjRGg;8l>Bp8KO+gvyAOwXFQii9w4xPM*qb2&ed;
zAa!NvAHZkQWtjhvVmVm<-yl8}PX|*1dU+!&Wfxm0dO3pMZu|cLqMV#ves3As{_n;+
zGvhCI>c5=mp8nsiUH^+86?)(x0SC?ibOdY%{YN0-sL<8`qf5HZm?RNK5-iDom$}=W
zl+!Y&=We1Spq9HU9Y1_%e+n~+Jp}=rKLlw(K#1%puvj31g`_(aA*^Nu1W$?{`A`5)
zK0$$2fj$-dV1ar<fbt)-1ZZrSo+>z%)h^lNu{Sj(9ASaPb&!@b;7#TgDwX3t;R!>?
zS~dh(WY2`Kgvy+s&={rmNQnFTi;>3^<Om2Zt^@fWD%`pa1?hSPFtYOi7lY?#(Py?t
z10>j-WN~!R8>ySVIfNeeJyMv&5O`V9IJQrua0msmQo>_lanFd-p<unF6TLct>Yevx
z1`;$;d<?Is3~&iVB{k}DVW|-JC@ae3!a;+iD&J`SOq&3xy-Y^o1PH4ORvt2%VrPjt
zVM!-IO1J~fOI<7y4^~R}K@2n!OcFuMgb4zp#X1Ti--(n@h3-P7B0w->RsaYzBi38+
z4VhEmTy)7EF)W5&J!1HZUF*LE8F<MP1&lA9To!R*oUek?H|T5vJKn+Zl;XO~R3m?q
zPGU4y4OY^NTI|#=LS+#fwC}+Xh+q<YZlYviDx*h4U?`xm3W66jWG{I|;2E2GMj!~K
zdjA@wA`zIffKvh!3M-0WYB7=uGcl{Qij7=KB&(hu*IL9eY=@;PQiqrn)kY%}r?!M5
zGW1}etAT+sUZ`l$6g;B^<Ysi5)##6o&GijJ*pO0qk<a*AHK)?H!mzA6sWdh*SVy6B
zNsv|bc|2bp+-K+S{@K4@tggQ3ik__Bm2>}k%dfBR?Q8$Md@pOww&(Q;_IG@Hne^B3
z`=)&g|9xk}hutT8S<tpo#Jmjp4_vi#1XhlSP^Emh`E1x^efVUbuD>&{jvwRazvbzt
zO?G;Hxx=fAw|~|1<uo0U`J*f+iUk{vnjXhFqGno;^+V+OI(xg}!lB<ewMsR%tLo`5
zbdMuvxhbD~4fcK*H)$8y_<`=nTviwlDq@<Smz6U(lS)`Th8B)~K;7$Iy+x9`B;Is&
zx8D1$*_*3v?pIcJ0x;R7rsFM5E1WXS(e<@b&&IUL`RTZb)$XBFSnC7x1Ju<I8r+xb
ziZj|%gfq-Kj?m6C4-oY%Lorgh9H5xaR)2^!@^#qK>CT7I9uaA_sBAiH0I9Xkkrpz1
ztQL!8qGe#kv_FIREybs$MmwAK(sbgRsnsGi{IVO$I^;0v!b7c=%8omnA|jA_W4r(6
zMUke*a+5eI9s$~ri906CQy_c3hM3As9+1P&_N%y3O6M71F8XO0HmJmyL<qz91YnJb
z;<p;WI#;=tXe{uQwg=P+%wf{$hz|$07wZw{)Qlh;LQpH1r8C<DM*USLR>2w#QMd$b
zp^Pt9BCb+iN2GX7i-xES{0m6nk;-9=5Sa5SJBnphd=!0R3KzYE*(!w^D2U}DSj!C-
zD*P$b&a~4UMqdGLKg;Yzs6krXJhrDAwfI6`#n0+SsA5{YH8uyzUM87O=Hd%DL|q{1
z_iEMt`Qrc0y|xsDh1yO$($wMgF$7QV*WB=`rxB7f_P(LUF<2OAV@oY_iISfUWge6d
zez>c`5qTHf)aYO`W-y-()l9|nEH;G$#K&$0{8n&Sn+&u7#dQ}wI9p$T-HFJ16N5Lp
zT+RCnF*vvzuW%Ty9{Qzs96=g>%}^L<TtF68&t52#Px^QWg{SN9=*;S~V>~;&{X?G(
zpS0hQcOQy&U!6!ltafvJ<8)}L?$SO)Y$fY$B6alsdN#9b3lFL5`%tg0ADgZ7$9kud
zih2VBI#Q}zdw+H679?H~<4U=KzC-(Z$yqjdN_iqM>4S1XnRqYT>VvHAuSQTOtQFD&
z)eIHZr+>bKl8DXyccsbv>x-z95knexFfx$bJ4^4g>*x1&KXwPj^^KUtXuhJ6a7*$G
zo2iQ>JYjgp)W(+HDr0$rk(hW$(o6sY^uri&gpjra{%+P?wR-F!h*0G*XABk`*|HBm
z2)Zo8gWNt77spQA0eOaJ%a9(u<ORH;epR&{<G#w?hPK8O5UbNdfS+EaSI*(daaa~w
z-bxH=?5y9q9?T-1z#}p@TmtyU`RF55Q&6d7-Ql%cRwWUHUePX<QH~{~J@IWRSCmJ&
zmD~vOzLz?~JT3WL39o@@*x)upJxLgZ-*5%eBC`)zJ<r$&NsTd`L)|z#RZDiO6-!7W
z8CnKX)Jv?^u#OSHDxUsENE)o~EXdxd<FL8nArr!4levL`9K4P}S{|xR)m0v!2)!oj
z(I3S^p6-%&W(=cX;@J=sp(0+KWBQE&$v1WXfNBlE{o<APMoj#U_LGn<Za@FZqbwnY
z@sPNJlC)f;wZR>FIjsBzSvhn#NNo;3zFs(1Hb{v^F50TN;cj_B4{;4AqRRObRk0!V
z9FC-_8(D=HS%s^N1F99;0M!lUh`K;^q?({gQQgogV?FujKVEQF(uOviG_>KYCk<^m
zYiPq;{t<XHSwO9?TZ*W8T=&8nDE`H8alF}W{<Q1<f}1R&#o=WR<ego_C?knY!(8H&
zi#YB)3=<9LYFtDWF={9ZAjL@p2+kw|mc7}9;WPS&>Bq9nz}`@D$_jW&V+yv7t~biN
z?cqYiR02aAM3OinilLo!kdTnKE{323{s!IvC{ve@@y)kZtOu>(IL|{Lk>FetN%WXS
zj%rc^c<m~V4ImswuU*JASTZKG3-@%G2|(`XU_-4!Lq+pPR^j9~yl?6D`B;8!yJ@W&
z#Wn?mzEj2ADhI`3azZMs)_i2!O3kowUQe@`pGeNm+VGxkL9Mt27e3G$#J46aigeIY
zsiwuu)p1FRs!^fdG0<=y69O(ZC+rxT(llbcfz;sdx{d@~a`LPR7%?bw@?)Q(W5yXw
zyFwCOgEffv1of4bzVmqHo8BAeRtJR~6DVh@Zsf56=#RL>FZ-n9-r0}6-`N73ITwoi
z5ul7!nPc_-t_HhYnf;&D6ChBt&O&Z17c{-JM70B$1b5&*edez~(%?V(jZNZe2l4~I
ztNY7mTCZ&Z&Sf{_c78yxIf7t8Zd+UZ@GlkXlk)|1`qe38GWW_^t6~uO2pKut*H^(V
z>lUL@2mVOMksEw@upt<vkJyy}GM5hV#=zjC1#v);CuSsA;bG$RCgFo3xBlUI3m^>(
z@kk^GwDqQp7YOEFu$-b!77HwuvK)4<^(z?#$j55Jj(Y?t@O22p3nqg(AepO-k&bIQ
z*SN=s`lBRns~XbM(m47hC@dYmNkVNgi!m%&kZyU@IFON^L9Ncflr~QcJ-a@;^$01D
zei>AP7tV<e1LR1Y2a=VJRyD<gzKd}+U7RAt@Svis>Id{dU;=-MA4nG@m}7>ga6X)M
zD1#^x-ahbgi?Mj*3MX%b2h`A7T#NQ}Da4S(;g4i7A+3cq<{7paT&{fy0#oDlOc_@t
zZ-~b!FcdFH++)B6`p7~2sv2q>FIrw1XvBhPE)-M<!6?6XKZoowOgxv#7?CU>?{^n8
ztb|4627L&Ft#6jst`SlB4^m)kOCIA!kXX`)7m`I<8kHu_xz<$(SoR(XB~usrFZeT0
zl`t3nNABK|JrhV*(>(n{C(daN5**bzRC?jsG$t+(jFus`R9#3rGi|Hwuh0a`e&g1!
z{Pt!$_3d^rM)NQ>w7DU<p^*ln`^8dwzhcL7M`Oh;UWE<q+PogSWvcYC{RNz^uiM)$
zU=`)*JMyERd4=3w{@$N{nx~iSAzU6K>H9roe{MHChheSfeTa^`p8L*myD$FY+gI!5
zX0g*he?`l(Hg)Ce<InZ($p@3??3ed*fgS-6Qcto4drdd6iKNEk&2Hb%G97UfPD3q&
zY-32t-*B>Hsatu8fVCS>D*W{~3@||e1lBm}ndDlfTcCYqfoOdV(0O9?e%nbMY*u@b
z0Y66(Z@c}Gxi48DL2znZ41=o^5l9&tFuv+PR}Os;Y~ZeGAJP?ORGN#PJ3_Eu;P`+2
z4UjkdSB>~zIqG4*0y5b`225waPG23CH=l17G;x#HQZ_}ECdSu8J=bb%_aC*f&BK=5
z9E341!STe(f%X^aWQ04iXYl!VMq{_}8}Y4h3yZL`Uz$U#&~tb~QLUiHMf2qY-tRQd
z2h;<L&06wnP*?qD!~1;nOt7x=`U&C%fI-m_I@ySMGiC7U|Je~Q#zX(0@qgnVpHoKt
zf9srIo8kX3VZy}pJB$BcmN6|_+Rnx8NPe^Rd-HW!7W1Hh@p;3{$+gVf-bV7a%bD9w
zh}pwS8*5{G(`No(XDgu2&Bz2N1EvTItF_niwQ9i^Je+k8Z@>7p^Ky9}2OuP=@!YrK
z!!DA9g*#y}64ztulQD^?JN$=y+-pc8ig3rOrwcpRt>HuK<KNcW_I-QoBF{v!Zd7i4
z*+cb@p5o~R*PnhEAS8x;nl^R*Z--n|o{x1$NO<5A&8ID{!NXx>3gg46x^LfqSiHJ}
zzyD<Tt6O%9T1rR|#IE$mWMYbh|HMALGL*TbP)^gBREH7d4gG+^Vww&=4GInY;_rr2
z^9~;p7{ure1?=U7_Awz$k;ZcnWClx^BIPp-;^-T&SIHz7;Jb`>To6hL=uhcaX*+_L
z;vov;L~rfl=^Vt(A%sX{%nkM5SZF3+c!hN9seb5W?@2aDeqt)wqtvrnE-17ws-wJ0
zD)FH){tw39F-DWHYujzxcHeE=wr$(Sw5@5|)3$BfoVIOE+uHrU`LeT<@5#=S)UV35
zs*<Xt)~a=_^Ehw&tF|6(=0O3vBcV!FJR`W6@o*yh-m<t?{4;T3XtYB?a|V`emcOD6
z3`CiWLSDbft~>xnAp0M1VMeE7q(<N`NE`aUFfhgH`sczZK!1I=$86<k0tqQXBugTv
zOR{9rn(sK+mo%<<UNBPiy%@PS%OedWi6RKs9fO0#g$?SmLJhV_ItvG{m=i-iT4EAH
zhYRu-yptADV9H%z_ii!p%iCi%zMAs;23K-duD}h#O_8-#Q3mgogoiZWfYX~3HD}r;
zo&lx&bM{3pKKB1Z;U9wy)>u<Nl~{JanE@9c9nvp|0YAV<i$W9_@LqGVd6}bZckBwY
z<@5gb_|D+Yk@ULNYJibT?*9Ge_l?2ry4ZNuxDB+t4%ElXJ!KNi7(Lo1;Um4n#o8I)
zFc8XM<enV8l>KDp?Ek)T=(pZ)px126T_q6I%ntBKhQD70z#TA&OP$_7KVn@LvkKbA
zfd!WF*z&)=T|9jKOPh__IP>vh$=&YhH`80P?f41&=>xp<U>!I7!*ZCq;Uz%Y$+-l(
zg~qb?k<(kjziPA$d>`9)Uoo>vtoC>3!}M!1el9UtiiPaVyjDg#<X*u`B%NJgMq&$2
z+GEl=L<gLVHq*-Z$|@dfvK5#vw9`)qvJm|Hw}OVJhEX6GS=~&2S*p-Odj@q+CXB5B
z9|rxa8xs^%z8f%EGXF#sFOZ&d#1#xo#2QthJW4tZS}h^R`x4;khk3@?uHFyAPMv2X
z=9v0{s?&}xIg@fGoeq1s0b~1SZMX(jBVPvcu?$Ve?(~*it5f97zb6E(@T)GBT2Cbp
zB&_;00~#eg;Cs9dN+sXNuA$JZNsEAk`)FQj-lSTB%AYxo__H;pk=85n_N6e9s>oex
z6A!p;R(#G+R^nZ*fmONAF3NM2Y4SF<044KR)>r-;Chg4bVY7ptZv_QD-%y;%zgRa&
z68!q42PxQzmGmFu>H{XdbJiPeX5fisLbMF3`=Mj28Va!(wL0kPf_f91-^@%^Daqr}
z){Y1LpublAuvpw5j5q6L`emJ9N`$j%VkPH4nK-nr`6rlp_;>!ah;&7340C3As6TMp
z=&{XfKerhKKCm3yJ>EH7a5j6bCx4g<ck%3MX-#uZ$I}p6FH~R%Hi_*Y+2dNctrtgc
zJ73AZR${C&Z8LiqyW;;cJRlN7RXb>j2}uzf!opMN`{QVAbj-=KhRG`~4CS6&?LG?6
z8Fa5mC|0L*tEGoM&_9S$o5$z5SZxV@<!c+0K;VCUP~0EkQVOSyvgw)Hp|u7=gYeb@
zNC8)^K2-p;jt<OCA03fN^Te>T7zXAiji$Mgw=Jb-6loDi(CA8S68fs5dZ~*ccSG<g
zQY+Kwf%LY%kM&)MMPPb<gupRgy+-}3ECHJ>B$1__PBOa%lf*f*SaWJ$wo@w6xg1EQ
zVEIEaD`o$FE^vSnE?;h6mbdoTo4aoLxI3nG@~VgIO*oa#M~lA<CT(NQ%)jUK9Wox5
zq0j{5!uyEJHNo~u?STRZRU_R|3z?F-dlF;Xt=xW7d@KT!&lVLl+FE{I8i<(&Ay*Vp
z^HX&T*0hOq1glFOV|2;ij$9+cY4*ajy#-j74zgL!mYt`l|JRjI&dD5#MZt+%8ALsW
zqlWsLc{Fa4xD~Ush8QK+&=F-tEtB~9JFPx}%pr3iyTB#87FB_6B<Tt{R-gU9Q2lFa
zZdAtY1HJQ)>*)Mh+UWkp&0W5VQ#e`T9Zk_|nwIKt{nU4Dc)oyS_ITf64VzQPmcGe`
z7pd#WBuE~rLOwK`1`vP`2i{1P5LT!b+9qnGMrqLNKbt9#<+eaNIQ>I4h5YI+Y8ka0
z-q}(=<BeBUjQ87@GLUBY*jcRInUW(Zb@+V5lF>$Z&v*s>UHua&R!>kQ+J{gl2c*zF
z0z5qtA}@4%SZddiHbJr#(4C3%1m$k?&c1TLyC3F%sz74_ZfTc!0SVYGHbbt2P6Hk}
zv?)YO(z>%vlid8BTeL-)aig8tKG3rk25<-i1hW%Ts5$W?_+FM?4h&Yj(ycby(28~P
z1czvUkMKsBPJ%X#WD{y@>4W;ddXYa1ZP1}lM7z->GPBxJ$W<^|j@fgBM~T1bHoBdh
zarJfVdt?2h%cAn)@4>`s^kfo;rnwXR6c>w=SncKm(9~bOvgQUDjh)}J7ZP?lN0q+@
zRBAb<GosiP=q?i9NWlb>VMUAOiXxyXObNy&)8TA_^gow$qPh)VX6$(`?6xl543*Th
zvg07OUKcgTp@bMjx^UpV47=(#W!nS3jR?^c8G#T#j9BnOjP~)(NRhrv5n%u*NIS6J
zK8k;}s?8-E7|Lm+r{wcbK>|Br9K1sJZ90v(J{jSz^ui}}Z!|QBUCrVYkjr4($#8F|
zge|V<IopdSKZJcz4AzI1;?;dZ6=^gK0Sr0)ZJ^64;z+Mk1T8$PeV*ZkOESelw(Kxf
zH@3!DLG>TJJKP)j{pf;u1uGKa@RYNoFiw!9@9kt@E(S0uAzncqIRW1)DDPbIw`wXn
zM;~sbk);d@FB1qd=4|^Ph@jlTdjF|@V*3w+EX>R-|Gnjww#=^$PL!Xm*c(bUF)Sc3
zA!7#|33*<00d-~T#>_v;Ow4A#qEOh#x%7YFo+DBFG786am<vID|HS=cMpodBPS*No
zN-GUcG<rAN0#O0|?H5xTv2jX$?FX=toKD9IGta;xUyh=mhK`tKTAZXFH@tZLJCbqy
z!^bA67J~xEy<E}lWA}QBdHN?gc-<LOwO?JtjN$mo*3ckmipR7o8av;8GpIh#nZXG(
zASZIux;#^$MzSz6S!+u>wRQD)B<JJ)M}swk*P4(Nl!oR+3zQ7{9ENQ05dQEH98gKb
z%Is;zJk?;Rx*j=3N8kByL5$D4{qaa&MA)lNprUP*`1A(;zU<B=BWrjXS#otzQ1Ez!
z@z1~zM^~e39!!7a2}`03dbc-aOQK!}2aVl0zV6I=N2x4;%G&y5&Crn13n|-T+Pmx*
zKZZr^Fupa!174GB9$3O^`#CiUT)`v@bftr^h&NkrKTymWyp;9uCE(J8zD*==^E9hN
z>20Gm=y+$M6It2Vs|HDh1`{S%cXLGsZUA%-9FvYF>>A0HE8YFv+gK(d&6DDRh@Df|
z$Uz||R@GYdZ}=u1(S>p~CvIy>1|1o<_DkeaU7qYOtWNGdl~O1xvj=M@!<SD6NjS-d
z{nx95_ynXuB#6Q*9u%@UJiL-Vq?_}>fC$UVZT*53dQEY(f)Hq>XQ5VGn0lZ;17q|F
zb#r-)OEYpgDmSPv6f*|PZrbT9L|_thQKVCa6pQlq1it~~m_v@<qrp&w$IlZu-KObP
zff4JekZHmIo_dzV&;Y$*!KPB)zmnLk&n%KStt+ib@2~sz&d-eaURdnow^L3v<#wC&
zX@+{S#T#$=%Mu|FF_U0I{`BTOag>D!keBH)8F_jFn_Ir!z1;+}4ut<OISw`$3`&y@
z;<IfmVe2Qsu^eQ8>7mYpH3hICm<eMmb}3B685OzyP5|@LZ<1T)jxNM~V<}Kr?7G&Z
z*!BI~sv91qtM4jIlK~roDHhrM^2B09aKdd*(?qWC_@Hxi{Nd?qVgJCCzdc8RKL=>7
z-ModUQ#Z)9l_DUr(Jwxm;b2I(|DFqGQ*SsJ%h^mT_|`D<H>?yA2KFMN&bT8QM>%(Q
zOvOI6pd}zdhHe$RT`@wFwRnsc@t#=c5FUnYpDsm&&AeO<lLa(%!lza~L>l{y-3$Jn
zbBopG)A`^&GNMj>SJHO0x6Vc~t!xSfDk*U^B~jp#scH}Wrc@9pw<YQNQngA3r6x6k
z?I<8YViO~(>I@*9Lac_dRubHI?IUVPL=tW<DQf+X7BTP@7<QI!Rz0q{$|H(2uJy6j
zJxi%WNM5-{F+_1+FQKcFyFehyve8x*zxjERIKQ9OhW*NAvP^Tb<HJ)UR)nm_WHz-S
z^tfC)kX1@q3$)A3zcP$4KR^Mf|L07`mY^bwC|?}nh!itvuuD6O-9kMM%frFW9CNEJ
zzdp{!j`0t{4T;1A*IesC^;yu8BE{BM%{CQXgUl&)BTcm&2-YSY&QVYo%DM&ON_Vb#
z(IxNUR$&~hM6zMTV#5-<b{iMA3=`YimThCOyH7o>A-j6`37T=;q6)USm>$w#fe7pw
zl2Ss?KYqek#gF1DdDivKTKo=cU#`cfM0(0}uB<84Yerh4?_L|dKze4P>(h8BS%^kJ
zG(Q@eMh}$JIIz?`7Oz#UHBzxw=^mf@FHW<2=YHk#*V~p0Nuiet{O(rP)D-g*ZhL+9
z%Ny7nVzD%6vyzn?8JreH(>+mOr0$3Uz<Ps_-x_z1(2D;h7p5Ze3DgKSX;LwMI#4dF
z`w|-B%mouesTH6nvVSpO`|TZ!wESHT1~4^1VxIB`+%!M$W%h=ua%{-1W?8h1@AMfG
zjduo4?ZDlk8hz1EvMjg)+L&SGVaNK+XUZ<H43kOLEemLqn-kV@E1y4Sl<lx2??K)l
zqst4IgJXKO$ZzMt67e*{=DDu#f;sm=xVlB@KN2zqEw05=&z%e1Nbv2N%J7TBG%Eg(
zeot5bj<KZ+(?3)q+W9~hGpF4C!SIlmI6V|WqTiMN*#Rdq8AH|ghvGAw^lL<R0|+2?
z$e-4`!K3$Z8}B8cPm<Z*swJGx%J?Ecr))frR&(AaE3TocG!_=ETbGRiPxCbB`YUHj
zOB|Ck^rgD<>02S5(-Ms~O<^zvz7T~*^;K~rGujEbzNwCB$yHD1%cZ;{e3Q5CDn6`b
z8!MJBUXWs<*Px6<Oz%(PV@fLUmLul)NmvdbU&uF`w;~2G;!pPz%A>j(r!t4lM=-~k
zV_(#1%PmosiIdG>K^yI#I#G`I+q9{F+6qIA*6K+LBAI<=Fn^k!qU1Uf?wR=Nmid6+
zSGXfLt2duzA|qiVp}t!sw0e(%p&oiY7#BZ|#Mwqggf46MI9xolT4J8pKHr<g9Cf;W
zno+qF$<~2&j8XgaR8IT#6kk#9DZW43Ha;gA5yu#DqQo@~2h<}?=@3u!ap{Z%_5lNx
zUrlFPdn>f*mNfI|R%oA4Z2w)g#vZdanl18mS5gH;$|w`z+8i+CV(j$zUgTl&2E^z*
z@woA-W4iyYHdO;|pcoxU*uN;~m{6=*-}uuZ%X3RW2ee{%-C)zy05(5EbC@rQa9K&v
zZ}|+CbpOs~#SrggJgV>yOL$9P06xAq(GZfOn}*Z5zSlpnTQvQG3z!m2;B{GWtmuk6
zFp9BUcXql*-$22<5tV*_hSmBT+;1u5kNJ^zEZB(IQQyq+*6kn~<+&(>u6G1u8Z4ZU
z>n~I6^$iOk8ITarvLOI0L^Vy<dl;AC$IA;N-<AHJF6_qQSb=WyNfytCT*iiN*OvC1
zHEd|p?Lw5Zv&V}n7m|(zL%VMTQE%~yXy|Yr8BFZN;ELt+rltQ4*#<$DS_9EN(n)BQ
ze<XWDtwXlv=kKvmRW|qSX@ws4X{1*|28?;M|5OQa{fABx69>zGt<yQu)^k{wMDv}k
zy&;h_<K7{RV<pn7kedfDSfZ|uhb6BUg@Y~GdRV!}_lCpbLE2E&wjw0v=gso=nSGpU
zXX)QA4C{`=BoxQIuKn}G%B;-nz<Q4+t}U&A9Z7mCu5z7EX7+w@nl$>qkaNAet7+qo
zKaf`lY8|f4>9#q+lurka$ZP$W-E+e`m|!Euakfm&;u+2kcRsf_=-w)APve8(*jJyD
z;{4vajHGQbOwXa1{<?;vs3g>vI`4_~>SR@9LK!^k!GP^5Vt}OUg?DCns=yA|MTj1R
z&IAf2qX*wWB6bAU&(!0$5L{3lT8=RUb4{#KpJn)9>uXD|J|A~_;AHcVcRM>6@;|DX
zco6tRReu7v(eD0Td&Yk|2-mf>?`fagSC&2to$a_y;P#)7Ud!c&fQoW?SIGWiQSsX!
z!>t)$Ap!}`Y8?`|Qrr|M8(;mcWZ`6$KK3!JUzD3iThr5@cHa#==Q~@mwVj_k*O1*D
zW9lhZ5w?#+4aq8jP3+UAKZFNU5;P_!{UxZ-2rP3^G17uN#pa!k;7WncV14j@YG>NH
zN_OE?Yal=nYf>e$ICUB;&N8R-*P4<DRe){KyhykBR_5&g03i-uDmc#dV!bp<(JN&e
zDYZbM(j21tpzVsZ;G;Qe-V>n$oPOa*zyzvTxkHV#HS4|~Q22kcZqt_f;raA~3=)nP
zcbCzG!?2JYBB0_zc;iFN2;Z;<4eJK4tyPUWA&hySju}t6-4(}NLJ*3BeudNQxk3qv
zkLksOnbyOpN7QpeJ$-49^Tj&0h6i^#KV8C(Od*8vFnJfk4TzeXw2WPEj(vKEK41^E
zlaS3D$YRWK%U@fdir33i;WO5Yjmn`D8#QeX6_X|dRg2{eaerW&2LAflE412##Geg5
zW%8pAOl1s|Y&ZF{JoIj3{B&L^5+V#1?nVjekPv$%Us`_kxR7>Y*!@J9jh<7z4%Yf1
zVH39CurKD<)ZO!EbZ_3EnFp_Rld;nEZDt}dK+{Tbzq_7fx9aM2T<kt=(vwrl?wR0i
z-AMl9^`kk%TT<M%(iYy{Q|ry8Enz1}D|2tz82z$t@N{nLK&8#?xi^AbY@6!p>#}+7
ztTe^-@<zRh*nP`gBWTIGUV5hlG3W9Anz<>D)WJ@|s{zP!9?|Gfr0&|T5ApI^$t$y+
z>e$e){sVhp<9Dl^=cK{wtdOlp!t$A0(61mgE_+C$Ct||@{cO%mqoOGMQW)rAd3xYb
zSjdDLJG2~C5<8F<ghZCeGUPRtC;R${C_X|W2qirM`x($cj)T83#~>$5^dl>b_|{q+
ze)bpuZQ^%!%-+t*;-p!J9GnG1HnHqQG#XGq`u=o9C30vbeVs|@7;0<c+aHxBF*Ic#
z9X$!^O7p4ti3v!(RCO11rN{kLjYYpr#7r&bVF>$@;9>TsK}&~3cxpP%7UH-RgQIuK
zR0P4Y1EkW)T4Zr;KSnIebM4l|6cyKKlA{o<`T5kh_`8Y<?4GWQr$NNQT(|nk<*~Jz
zRAz-HZ!j(oiwS3liXpUq+A-E~abFu1N4(bw_{O6Zeea0iNBed<x?%FScIE~o&2;f%
zP0)iFco<Y1DmxrIS!Q5W$>OU87L&HH7^$Mg_ExSuhvg8@XcN-r)yL_<_sPj^M~@D<
z8rjO155+MQ3uXo5wm-6lJ-)?3;Hx^0M=8OWDZpS(czaD9F^pLqVAiig1k@?vhFW5J
z^ocXkN*g#B>@fl^wIhQ{?hm0?l@kxKWnBv9E=3V__+gzHk92bb)y)y04=4E-P<Eir
z-4MOM@bwv8yQP<hUhdU)6$}~(sCJA67*75g$l8&(7427$7iiK21gJFz*?=T0<FY9>
zMt?+-z?i#>a`J5;i<wn`&*1>tqIJMVEJ>C!j5ya=+t>&F#-YK%aSIuF7NEt<O2n4V
zNldXJ!HhEKwx$`gtmgyzU&ScUROd`<Yi@rokt#O)vtTWi+o>c5?dR))h6)0g`9WrZ
z7H=b3&OM4PW|ko~{<Go?0!%oA&XSFBdleX|lcwgE1ls;h_`Y`?j0MAE9OY$1SGk91
z!bp{eDAAX{1lkk-tgmpw;lCwNnEbry<5EP*JlwFb0#I`Wq|z@}tlw+)hi)sD`?D08
zuQ|0_JFuLa16kdE1A7t+w*KdyXBMNt`7GT6121QW*W3T#J{sZ3cddSvcsBOJ`WM~)
z7Cn`=Cws3Yhepu4Gc^(EJ0R!mBBt6h{~84}G^Zp;KT|h+TS#;E@~%@fp^Jv0eS>?c
ziKqUDw8+H#pFFwQ**O2(4VG#xrC<B(NPZ_8FLP76s#2+DuL&}e6VqhvK?|8PkD*S2
zQoP`q#tW>Uk9t}S{j0#y_wfMJvjyv3g-X5PY71B$j_z5Z>ogk)O_0|t9`zejPb}ye
zy4lijRGM@h0o%~7FYw0@Uz!EhOH^BdXNKM0#qRqtAGyY+Z<ZHhrena$FT+3|?q^j8
z2dtkSIr8Zc29*Xf2=qkNTEp`JMa%KcWz_G41K0~T!uF<gSVP%Bx+<ybR)X#3tQYvy
zUqOyWUN<1(+yu>oYPqYGVyv)@lo75w%64W+=I6Ne7JJ4CxD|A|0=O!p9DElN{C+8+
z3u%nLe@d7)s=kKkLj{bFEi3O5hWwHhd?7c+*Q;vk3SYDslDkFA|M{&Cv6vy88#qq%
zt$soln>9`oPZfD)oXH{UU>9~KmV)RUqZwWVAsu$sxD6^JKUbMEt+1B>d(!i!U(Ag1
z4?ktv&n9ARlA1WG*|WHuk>w)~SIVWHKT*pr82hEB_cUjXdvYn*@zP0jUF)$m-uyFX
z3tQT8s)g@yHhQ3>fscZ%OsjOHTPXQFIi{&jt;xE$UJtH##4#&TLr9%a`mQ;wGV-W*
zUqVp1*W%TtG5Rg@XS_L37Upy;dP~`1su)f_Na^a?M`arIp_PqNkp-*NcYi(iNmfB!
z8Mi+Bj<R25K2OXE%JTaGSg_)?Y~MV(tTN;LKpY&(;Uqn<8bNIJvANn^io7yu`egg8
z2(6#02LNJZu8B>j0o$JJl&bUR#|`c*iaU&}aPo$sSh}1L3z~UV(t0dSp*R)0g@uKF
zE|*!J!$zx&bm~d5Nf+Q4Sh6r=d8%YyJ7K3B6=~;+_-{P~cFQUjziGguhmR1xgQqAj
zNYk*wjhIbLykR$kHkxJ7v1ya+5=jYj<ft!|A%y)@hj3rEjeVVTNS<bsZP+rFNZiDU
zQe1_Q1aX<(_yN+S%;TSS&20So8ZaEz6@c)tnCOlsNM#Z-O)<v+nV=vVBsmVxh%<6u
zVVu0uKq=%UJo0{Jm`4@qoEXAg*=+9|ySkQv(Ksl#)9>g8x&K%6#9Oc(*lLpbFtaMh
zbRbQtkz1%0n;9k4h!%yb>mcJfh=a*gobB&^q5HTB89_>SX;*y3<v%v;)Hd#OS>w;(
zuG<aMLF;-?_u``m`^&*&DZiDnC_pI;s@jPMhs`M_*lcPa>CZcEeZr;nIj&p>7}pQz
zozppOXo^#{P4NDrT*i19R~DZMkIb$SNoBWsH5R#P<cfY%;iG9yFQ`izPHx|tD3<<h
zIH#QH^TQbs;ycRYz1UK*bGkl{)+F1K2w4s678V5(O5c$SzhbIb3#JF}_7XY@q7AW_
z@2;2TO$jUGt`H?$I*<yH>DttygXu;b`703<2<wxJM-Iy>3{7(}{pnS_xBCJH4KhDW
zaK~$}Ts>~c?b+6aCr^Ie8RkqE{p7ZUhy*Uc6sA!PB_Gi)M*YJf#tuXAtT$-JiYA8M
zp2VmqZI}x5Y<{xk7o%U~Q+#UL@s}fj8MwEii1>MkD4^16vb-(mAZZ$~5k{CoO(sEr
z0xy`~@S_Lsw=OQv@4FYL*4)@zoA5zlw>MzJ&FuHS!)jI3=qpw6T}nN1V>H*i(M8kX
zULAj?4R03A>pg;#(J)hLVmC`DBO6NgZ3xf<yD9Tm#_x(`4+G?NysK-N!~$+Q&YDm|
z=gJR+^d$MUOW~ZM5dZ2?!t2&EEY5-=SusM%BU{?MBS5*VWbF3Ipp-SSXu(H1C8{wm
zj6sQY=TYbO^WLKf&%_9$CMkqOHN%}a$ib*x127aLW|yLBKnrZHB03C#22k;XO(@_<
zxSL7D<J6<&GcPdh4caiU(8Jr{^PTP-efc`@;ID(uu5O<EHr?w#N1@+rY^<|e?~!5B
zKtasqIo7$2u-2i(|LrYS^4XQ>n#bd^?EkxW^Yr(AcjV~611o&*{1JdYJT}=>R~Nf3
z&qz@6B0wRyb=EIKi!>g;;CW{G)7pTk3>m3~GVOP^*OXkX^uL_H8}jmI*DtFtV_gIo
zc2y&74nj#_UxXTAp&|?{zQ5d1qOnW#sB|U-_g}UCc(b^(bmKq_P8xc+f|%J&SE;!1
z3-8$rCFB+0nq4u$^s;tA319si*)P?gwC0_0JGUFl<K%$65Fc^wo(_#NI8%M69{;t%
zaerXbrLgg>^V+BUf9Eo0F82TLFW&#}P&6ak|2q`T%)$C!^D4J=bZYT_Xk-Gt#snLf
z)sm3~U_Ugnz>WVyBLf?mp@YVG0UKqH|9JOXtZ|FWT*Tsu3KlZ(;cV>i5m7pnke*>f
zaN5oAkYqm02vxo*g(JPJwF5Nv6BDc&l)-1&#Y=7r-Hy!1|8f-yOMF2PCZJS)hu<ns
zm*FpHF?R)^2dNT6JSW)X15YQ)ctlfmlBOqiIrJAMM@o@wTgAG^|6K(_7VOedP4khC
zp??KhB24;@C+-1=P*!8_CN-IZCpNpYLN)fP@J?94NFpGjyrnMFug4qTUB{V8UV;v3
z=0~iLM2XCA3hre~1%(Ky#K;v06>`B@D&OL#2b=vJ;)f{}YJQVwK(IbOFruuE_|PL@
zR!XuRgWKBGsM2t5Lk2yZvWw+5t>lN~XI!yO2kl@-A;f-Twkk9{qHR`E#-=?XU+Rx+
z3lXE28$@SUT1R|oLa9{9H=``wtIPTwX&4!8(C#ZvE_qBn#z^L*HwrfxUxG2*iT0^?
zly9j*g;A9kC3C8i36mTqEeB35lCpR_CZgsHR@a-cp?u7&3U@#Q3mf_MiiAzv`g;&l
zIhkEf3W+VdI-sDrnZ~}NxI;Q}gE~2~ybe6PjgFB2&kvubbWzmRj=j7bTU@-zF6IWV
zzNv)%xWt2yx>aqIRuqD!4@Gqc^N$aG_+^DC=q03itE_?b{^1S~04cK~{Dv#q^%pWy
zTMh&$m<tAG<Mqbo`u?vxPKPLU(m(rKjTY`<4565-q~Mufm3uc=0^h&0kzrh5oATjm
zx4#}1+}(41?zT&`X-zc`TSmA-o9gZM@u0qpR7|LVbUB1E<oXRau37#3zR#y`F4r7A
z=zFC9np`~TZldJvE}+_GZZ2f!_#6>mzJK7pJGl7`P&eYfzjAQ$>`b2cX>u=Z<`xKK
zzX4C}O@_UnT^vo{7<2l(4&U$HOy5mr?giav8u;tq4BoyU{k!2}WT@Tlaw8<!{{DBf
zbocgkHQ3a}|62d_k8twi;I{GIAQbc8cC)o%9?iJg6aFy|zhQi!%#zBxf<br3XdZ+7
z*QODhzaNG(=1>0>_K`Mu75p5;U8utmr?maH(J|wqx2GwvoyX_X&1WI!`|F_6e+Qqx
z(?2~e?1}HTbI<_MpU3AbXg#>nFzBw#xV|2I7dZIM*b*LD@mG1^aPRv<%ccQhSnsC)
zFM&SouZPdU&y8Gz9=y0(|15n!f7u1qCVJi@UVI~?B(fhT*a^3(j=#CS?e?JT#qoJP
zS!`&lJK$ATe<gML)DyUdAIBuB9sR71iYIP0t%x#46YU|FoegdGtI*nb2O_)SbGyJR
z<?o@~l!h$jUCY7zL*mu;%F+s}+(d@OVX%p~qrgQ+VV6w<rCJPQ%!=BuSSv4ZM$1sM
z4s=%<j*(NDwh?IHQnMWD`y9_A)xcWvb?WYl?tO|>U2xDb0Q8H{Mg;`$>`pvY?GPc7
zF;u2;b<up_bTm$aQ`<%AVt66i5?CVq8RmR7m9mMAYoa#Y`Ott==yZb$Jh(-WMbfs)
zfgTv9;^)B6y_Yvg!xSna%2{4IM=)q5zigKVW+uGAs!`kwAT1a;YoJ(UlvRXMlq@H*
z2B3@<V4FYivAha2v~JQYoG5k2$nqUQoblTTm4{&7;GJbRdQja|{qn>0HsNNVi&Z2?
zX4UK)8R(m(vFvfs-+<k_j%@^M<xpRCKSJho-WNAV912HJwbt~27#XuaXq}c7NyBDr
zIv7AREd4<T@N#*UedL17hYygi=vYapeTl(T4gnoii3Lz{QL+aK63xF2>uzcfB4b=9
zvt1GD^CTQWSCC*Ea73T6jgWCbiD%Jih67B`myt0R8_k9>&(9E07aRM|7I%o6ui5$U
zRarbJO`SJzB-+>*7vy5lX)FMa8#orwFyyV}^&6FQBO^VOOlK0vx9($4@0PFM<okqj
zEeeaDdJWZQh>2I~CY&sLupBM)$@Ghjg7vVU@Xs8wdb{*4vD4+SzBN8p3lvBERy_~r
zjlXhb-gM_r68U2v5>&2J&gCL}4+V4NM2dGO)3R-M3kS?5<!99L1K8+LLF6h%&6sXx
zxQOBC5=xv00TD4H*t>$<Q=mLhJtx-WY~kZIo9*|r$#ooLL)IGIL5o`3hXAX?1Kn6~
zE7-M!1fnWd@yR4+;_hvJa3T7Y^YCnHjSsVJE0`c%gv_gqumP6jrdc%7L7fx{P2_Oa
zD;996I{6eE7!U>|yIkyW7-N$3J2KEfR6(B&4T$-AWoR-YP$zao$j}Io?iE;B#NMxu
z<F6x`+-o*Qg{~s5HEAgA#_=JWJ+G->)q;E{I_E2V$(Y+xB9-+)G!%-KwSbBDN(zM>
zHe~1m%tUg*YDOK>V*SLY5CvKH6gH-^2E%9Xf)hxV<1tU9dmjf_)f+p#lk_+MEBnX+
z?=*TAS7VG>Maw2*|2?->yI}XBduBero?n>l+8++(tlg@`&(wRValEJ0h=Ge>H4>Xp
zo8K|aC_eW|xPmRJ9ESJ@;nQG=!ah?)6>Mre#x}8$LT#J#K=C8ZsEMe{QQ)>CZ!Yw^
zXl<n0K<mKC!|T{F{X|8+uhbIS3H<1sRPh=d0abn|W8nrogOQ)A9}gN;x4;-X2Gs#0
zUA5N94xY~B;baVw)vGojev<Io0S{Ihu_-1n=;J5gl_|SnwHx*P*}Xx<;IoQ6>f`cV
zlaPkK-2P(cOMJBfj*h9n1^mkUtJ}ms0U6-Bn#csBs(mZB;DuwdjL?FqZQDJY8eKtd
z(}<Orf8EqC@0~qwlW82gmfzypFgB9$g?&*k7i0hpQ`~XI<WIkzg$s%MUw^PUkD$`N
zak$T*?rt4+xVYZp<z3bFD?QD&wlq2ClOrQD9ULv_tFltKu0rS?WjeU1lGcmgm5m>7
zJQlAhUyhzi-qZ5`=O|`)CN}Ir1NKI*eb6s{rta1_QyZSQ@lRX$oFAn+N)_wVuY7yK
z*-gT%gu`|@l5k}cNUV9UQo}A*hw3nVWI405cvsM`0;z{OOMvbp`rA_YNl~kY-YVa*
zTp_60kerQC8K5;ITZ>*f^-<+-F?y6od^10G8*DIim@FK6vT$0w>}%$m%@=`oL)N}p
z=@Hsc-ShQOT0B7YqPGI8DJ9gZb-A!5!95BBVHaQNEj9$LWSW*A0DGxgqv6x`)*RO~
ztJycxbiQPmU=N0rqc;Mg_#hbf&(jIwsI+0!aMy1+PTQLiAb>1umD?XM_Bftq2viL)
zpyNP*h&fn6Y-d&S_bvsJhKg`8IY0wl7)eN4R<GPy)C4NTaj=<+t|rIDRY}RK|G14l
z0d>xjXrCK3XLISuxsg{FQROGC?8iFe(2_gTKso2?CMuwJ#4Lg>hh6`@3Ep`|_WNFp
zU**R{a`T{3m-pAs3LigDwzT$y9}YB2Tpx8nj!=oMLGc1hgmaL^ElyG%5=A8siIN`=
z1_mrKI<Nn=p$b*MOHwJO*hpK(Kp>35xN}Y#-T@4Dz5me$OOHzXsaG0<SueMi`}oU;
z&&nhUW)(=~Du!@w)}3dw?EIs&m@xv=v9B^eaLUY&k3F}hqt#4{%ml^mJYA^UHX?ns
zu7lhwFV4bi#g=#bxIa+Nh`ieWT`RLNvHvGe3Qmsyx)h$)l5yA&{~wM1jU@1r`OYE6
zDUn?U063_in&CGp7Hf0rs&Wx^qTE)&cQ;F?j8qY&nEiep=6(L&C2!BGo4H(}nP{Pg
z#*V%LpEuQyOkdmvS#L+;e`Wf{oO84t`l1~5@)kccC8EMo#D4;=H#b@z3uvxvXOdX`
zluowR)$NusTz?N}>=+n)`V9-Firbd5$Vp9@CD+#4Z!cH^_jX56B9q7PbB?=`rU0b(
zam*g>m*O;7SEZmeJfhOJ&q<B5utpa1*D{dTH|V6eGg+jqK9<?#*k$&QY;#5|SriVc
zY%~m=6TAzzI=l2&N7e+o>kLv7MX_Tl=PhU8rHXE0^=D0S1Z*z{w&R*YE*jIO@P;z1
z5{sl*!z!hM=B_z4f*lGo+m*TPyY&gLOSXb6sQ=wz7?9qUjN7kh`RO=Zx{X*~`gB~y
z^x@g25n&5(rIeYy6+R(<&3Yq-0EDft`zLEAlok#|9Em}a5DaDi20{p~u$fer_8>*9
zw{N1!K*ia0PIE33&)xD=oR0t1Lu0>D7Ki9Mq?gxqP7LzTciC2=R`fxGm6DzC{uB6A
zD^H;e(luAGW1a=lv^P6wr?PxCmbd#Ih(=j@3m)0%tmWN=er3(4&T}#VzykzFW1$0p
zb_C(pBw5L#gYhU-(@W*pR-DsH1k81Z**zS;8M9q$mQ+mfu}-O+XI!0)X69-o4!bmX
zr#u;TL^TWRv<%nCsq%M^X1Jt+(fH!$MX$0m6+8sebWwA_ZYUWz_rT+qMge5GSW1Bm
z7PR7ME}3G>>r^}f0+DT`!ga8YL-M<0Ybl^atzRuP73_~uvCGVnmKB7cYX$2rcA5oL
zUm3urmv)+?pKdzq)@wE7&J>0htOlf>K_w!`kh30Ytd%5@MaNW@0Vvjo6iEHLjK1VH
z&=f%vqd;K1eX`)wVV;9fFO0A53&x}D0U@Ni4MtQ3mXlV|j6zsu1`wp7Ih!o<`@?mm
zeKNwD*8Ii0WGue@g%K7o1l-Of1fbJ=E{+MnF3~3=5m&@Uq;vaHZc#~pUxT(r9395~
zIbJ8T+V@U<^`RsxKIZN<Aa1>?6XNpy2{)=mghwzk8uK#RsG__Yh*M^;O>&5uwg+Sp
zP;P=1ho5=-FOCNH1Y1#;@n$g3%2Ii+7(o|@E1vbE@Dw6~^5ff17lJXu(4s-`OHsn_
zZor%2sP-!!A2aclKTXk=Ff^FN%X8!5)M^+ZNd$lB;foKqd_&*j+2^~D$3l$T<N9^y
zLgSEx+#1Djo=vo@n(~!xy|>OPop;tP6XoELg6+%0#a7Yc<U#izd}XNZd3IA>(Kp}!
zb`615bQTPSyWE=*JvYS4!wd3*^T^)}6htCvY%k#U>sd=S+C{`*t?Zz|{OYOD@o$_F
zp54TSCg2MRD>+-v1O->T`jPv;Djx9UZDVBJBE~~S4`-3Bj{YI~VPcV%G8-|C_#eBW
z2IYXSiPblIUQom5{PVF9n0hi+qyZIuDBoG_>f=1g*TFpu&=rJ!NQV`rto(x8{e@Y>
zNv%8E@;9extV-g&&#6DV_B3fqph88LeesP;d<CwrB9!afqnzTcPw;a5Nc6pSIv**Y
zmaFJluT0{futWWh>APjjvlfC~nv$_*_w4h=I#IMdYCkFDWi#3m3jcf#SR2M*+^52`
zj!h;&Ema?mx^4#ckQsyFqq5rW+&=TUAh<z@jz<_&t18|^{YT<o{t^L&P*BKf6p4Q`
zTW4$3U0`Q>hCwC?O#YQWF{tpq-AC_eJ>S6rbwUKQkcJgxhKAM;kazFZ-n6*kpB<Rw
zDIyplLemQ#3b=OjI}m}mY-!jt61JHo*0<3z_LBdnN$KK~%&rw6pHYa7X_d)a{YPCk
zEMX#5iz%kvz#NWP-`z-Jl94u$;TIy!Xciyp&UHJi(RO1mD)n-pLF4<fy+jrd1Y-|O
z`@p-J!jAj0`e%r4lbCuaxmVCEWF?{98GpZ-R^eYr1I5#PI}J8<iTg)J<4+?Rix6DT
zuddfurGRr8`6Qz?8NlA=n!X$FCzRyo&>rRf;DlFGCuJBIt6q*yCzRGH4_+CpGaRj@
z4V3_4{)+G2k6+y}MjpoC^eArXqMfS{TmgP;_rxnc(!{2Ssm?5E%(#biNsyy^<d;8F
zXI0u?3-H5-5)LEBhiZ7Y2pQ&j$BBqd2XmFq;tjWFyeop<+qB*@0aS5kYbXoItvnK4
z=!b;AN_<@-^Q^qvkDX%MDUP*eEL*2>jfL+%e{=G3l8S-m`7*JPBXPH5*1+^VAp$e|
z0FEcUDz_bF%sa>#d}%yOUnu8Ty__1OBTP(aw`L=`d@}6zu{oUZ@yaM>i=~8+l;WDq
z{Cxb}hu$y<9iq=Qjk9<P&$trJSay(VW!T==M|a4Ca-TG6?d<=Mza_7}=b|7fwL54j
z$AS_a$+W{TzEY~|%1Yb{Fq<zb2vS%5M_X_*Ul;=HQgi-8l4kyKm;Ap#I?OEW|8<i7
zAN9-r|EgbZNL1mqrBY4b6QstnY_Fy+rP9|cvbPHG9Q)V|Iah7j-!Bv{%zXw8vwS6Q
z#J;r8zZN-gd1N4Ya_#x$9sD}neMcn%k!o0cop_^ti0~NlB#|sS9D5M4?!rjUUxR0r
zGD1ayASd^rz9inPJ;v0P5{K^@qgo?+*mvj)TwYEdEW(&Doo2zUU}V7V&ZkYi?t5`T
zFzZE}6MEu&CbC|SkKc1wwfeeq@uN5U-1V2nVg@+_n4nwSa_qmngQuAp3v>x42s<fj
zjg*1_xqs9?xr=O({te0{i@g&OfwJx3H8_O=wtw%WVk-+HKWg&-Xkh?Qu>U;l0~q)0
zuoyFl1|k9#sgW0<1<6z?Q#`_%&piwY5M7E@Q78yo!m8{6!XTob7f1U+R8U9Zz>U&D
ztvpsByno>;CNXb#;cHS9f(m@%NP;}IzC=(goZ4c)u~GQLF+#5n@}nSI--=j8RC9?R
zsbB)Mw@NiF!eQS79!#~|qhX)pp+HuHgfFg`CJ?;akIDsJWX|bz2@CGuCBgbk;+m#s
z9>ELj9ld^kGCuI5)Iqn&%woYl(M*2E_;~fQGREa*{E$iRBQBtF0T4X0Jej4pmuDMS
zSBGb3O>Sj|c^`T2O|eMPuxN&JkOSwKNSkgU_w47tjciE`O<tP@Lp#PK;kx1}=J*bc
z+*s!iZ*MOSE)QPppIGq~C@`@q??29a(t~=^X(k#I2q>Pz&?z9)OMvT{*yNkzq+9+(
zjFH2H-P3;ANVdl;X7g&x7tg>}-2(x5cdkZ@^|3-_;P$aht~+<+0O&|7(6vlwPZuY%
zJ3YLcv89Lxy;J{25qo{SyF%3TEY=NMFNmrpfPq^{vN&`Y;7r)lNMc`kI<4TK>5CFU
zK-ftNtXsdM39tQd1?0KYt1f79W!?Bf)Hncbnhz{mKLO0r@f2OpY}jDx`!cq%fCg1M
zc6|RY*SnXSqlHU*=Il**3U|!astZ<J+n>NC4uIp{bL0QKfqOoLKcuaG@YF(w#MG4n
z(U6_2S#|@jv@vPpmx$3;D5aGGjH5Ra(i62h8e)Qo-~{B#SZ?C<MRMw~qVkQ5JVlLF
zV23`05fz7NniKdHxXK-#dDL@(`wF2S$V8O8AC!_HNBu3t*QMSHXeHP{_nHLmM&mUI
zGsKh#K_GpNCeFKv=B7?ddE%j9&(m4asN6$R#}}TeL%~#(&-6$PmspxQg@zD9u#tC(
z^z$#dW07=39W~0E$j;<p?E4w{6i$<qRD1euS!>+VscRKNoRDF$TO?V>hGf5RkXKvr
zNTVs^*Gx~ILxq^>Ce+EbGQuuijr2~fYz?SMCeD)EanEyOY*T1Sv{1`8rI~f5ShvE;
z!JM$8cdnK_FGTfM$BHiF&EMe6>-oh_uNjFcuYaS#H0T{*s1|<q|9T*%=-!f$_~6t!
zPqHObk@9?SmOSQWz;l{0YFWa4U67VgvId5;t-<jGsbIpPoF~>OR7>GzY79n2;E*Nz
z;w|#HG3Swiwxp33G;v-h3mzK(7yrl91GA*umwzL}=G~Hj?(XDpeZgl)imZ|%CK0g{
z97-U6H?sJV*<VL2BD+LxF-|(!!dpwU5}cy^a58M7VqzM(I^MEpOSD|im1wrrhi49_
z^2OuKjcU_rS~rXyKjdB1y6m#2nuGR=Ogi5hxKNl#M2?eyaE+EqXceGmhj{UuUmZMB
zMt9oUbzBi47G^4_@kJ~yS^Muung+>uY_Izq@4`ub0<eZLcEItQ?wN24F{}6t6&>R|
zWNN_;;u%frl{dV&CXS^UC~+B&pJyhv1n3&62gyp>gi#(o@z5MTldbsP0OgICAAy3n
z+*hO$q30A$SopFb4Hb>x52H|QPq=0p9)d6h$3QJk{GTs1XBlxaI7u`(`;~AbUNg_)
zy;f6l7t2Z`hp(QU{LA!4&nx~aPCmah;(baga>?7ooJM4j@6_}Prw+E_r^+fIApb88
zuVnhM(ypcqYB&gS97v`m%g!av1NDYWfu>-m?rKVj0O?j6MXQ#FB#EyIsszCht~c6O
zymkt%E_|yjT`YYCyV_-FRHmZ!prn=rP$B)O)cEIG9+3Nh#ag=Bppcp=(%C^_=5Hp6
zWf{E~&cos+lzjt@TOYH}vh`GI)9Mu+spu8yXTan@yKbWXVb7(^&nR^h+FkTVTe&X|
zdDLd*Rbhd^%ILh##XV~VVPy0Iy}*XUidBDmGgouMtxUZBZh*noWmo~htE`JB{_PA_
zM{>a~kS1Wea7{soEcqpk?Y%Z-WATy!nt$aoY#d@`l7Zvhx6L3$;NJrJ0n$2A*ad$(
zHwRD<guZ~^;{f9aF`iLw7M-CPj$f?75afx?^rmzT&2RR^N=o#CU$DhBN$axZ1&eWE
zm`Cl^Nj@q1HPzabrj*pbWhQ4H*L3}xbC6KBF__)-)w3o0)Ox$ey>p_w8R4**dUm_T
z?t3QMm#_<e>!gcB8x>Dzbd%T;t-0=JN~xoLn~JSe%z0r9VS)LpQ)c2S10s<NJzuN$
z9e<BFDM!yWOiYqEk|26x%{oH?X1bWTX9xAMGQvVkLY)5gpkawn@|>Va1;8@6u4nE4
z7}166Bx>7dvMxMH@5MCHL4R9If@yu|mPEs&+ZSjPWLiw}OkR;(Prdx@+Fef{(#gel
zOKaB_+fJBFKeIsNb7)&`PMDZnP*F2121=MdnLXH8`y5QWWoRr7+o4#B4Y-m}k3y40
zGV0m#7AR=ddTNQnVW+xRogIVw_}jFU@(Lq4>y-K=0kbj*fdpdeG|AT@+*c{mf!2Ps
zmaR#_2n%zm%b5)8T9**T2Oy<e8K9G?30M|x$dGC02QE_5c5Zr?Y{9ghX!GNlgJTWh
z#bBSd$<r*GRnTs(;%zMJ*{+_`N%34nRWw%Bt^w+7E+4d3+2X@syxyjhe}DLApMM+&
z4I96M;Iv$75a_h`4lfL_tk=(N9Mg!<tn-7t{GA`1dQBq#+I!C?Be;YKvn61D#$E2E
zT5lkMR(j(CM_$^#q2@A83AC&1Gz}TSMoHi8fJyppRw7t8s1;ZjEwW{_cta(9cu`!!
z|GK6AD7`aPnjy8M{0)g(9$)gG$}zV8&@*9XW%{qFu+!RFNeAo*e%A*167AIHlG2L_
z9Hkq47pjC>8!9}VEL3UYsdjdz<Ml<dUjDv)GRsGme2DKw_Q)WDyP!}3BO~j5BVnDn
zC+-6L+BthfJ5IDFJ<Ph%yrWFIxx`^u_r<qsF1Nd_uMDBXwx+1CJ*W=3jb?vDgNa=E
z?ulS0?UFHskS(YvdT?j2zuHIyqu`ZqA9xRyHlSMFbNvTLP?r6e7#n<MU&tw2L#Jtn
zZ0Sju%-z4c2Bj6EDG&Vb!j{*s=GKYE8dKI6$|#?yC?)ysXMv5(<CB%>n-*-no59d&
zJ@oUBzKIZn>IUJ`I&OG}L2ws^z$}}(Usv9njak%M+#IKuhs?*^0^99~FuMTJpBJ`G
zSPG@J3&XR8VZ*lk8F6ts8Qkog^FITp`Ea*36N+`Ic3g61$GE>IZ85JP!7@?O_SFyo
zYL!m(xmN090$+HFv56j3-=9I)HOsr5pN5tujX#5}l>fY6;Szn(Xm>>84NWAW?y!?G
zLe|{UL~o#Ph|6%Xql3uC9z#zHz*G64Rx^>@Q4xQ0!hO|kHR|LK^*}hU3Ws<BhQt;N
z@W*_8eDD-7?^jlaFFhX~T!8Ot)bGI_&ZX7<P9A*UW)%juCC-AR3URFxu=(tY;?F=g
zU^wY!YqkneT4l@&Vv!1n-Mb3bYt^WO!e-9(K%Wp#Cc|t1r2ZOOuC=^g0|Q^07wbZU
zqQlGdk$-3X+2B;`fB+d2i31!jkZ0XHKZ2X!{BX$0oN|e$t6?KK=s2YIU8+A8o;q)}
zkeqt?<NjgBC8f<R7_-05rb7}V=7kyvWupSSHv4zZ0nwISZDA;J+{Pmxc_28~`+L!V
z%|zOOOh68;g&vq3x)fO5F$a5OY$}W}+z;Qsyt;B5Vgb3Zm(?sc9kk$bQbzqkxNKqd
zK!rVGNh97N+gY)oFT&0QaTuE?u=2k8dVGC7m^}1j&F$);C6Guejaz_?-K}K1db|9@
zYw8aSzSur(%JiVDWilYWyFO<N%8!RAzhMZ;T5{VE5MK!Mk108z;dQG{)r;%S4Q^p~
z>`Qgc9JSxi=N*wz+WGowpF8OCH8ttHs(U?sUAc9+yED3F%!#``IS7N*b*s+MOZy39
z=Wxv9@0>PUxo@j;GC>eirC`JLglb{NLW!<#p9}_17LDT7FO9<U>d<rG`ukW#*`PZn
zm+mN~_($h2KJ$^%OzJa;Sr4VQ>+s(*bRMMZ_8XH&*hQx<ChKI`3`7SpQQUcy=YztF
z#ij>rQ`mw@Udk3)HHJ4=;t(k{di7|3&I0vG1Vc4kuBnTPSMP_Gv81X~%T*+V{1fez
z(3|OE=cO>^s$WRBq!+e?n3-4D?H{T&C5SglYLbMO;SB2`6J97J)zV&)=}}Nl(L_V3
zr4zYYOWS9}n!GJt-n2=?+iYpM5?#C9wH51iveta&g;$~-3{_H@4x;t{On#}A<iGvB
zm+SlEHM=*G`}>r_u$&4^T~tP?l=JjZCf&Y}7jZek2RT_V9m5F=Z|L_LGm5x1Bivy@
z)duXNr+(j8ep%RgwmVvl!we)C6mvT*_laae)ix<)Id+xx^f`P3NPvBGQ#Vb@Yo{wx
zX}eo^gWZtUXLFRWWd*LDH}-9bNb|87LAE`!i)IU&K!V|7m@dib(|dP?ckgK&v-F_)
z^@^a_QY9M^8e7$z;2-;IkViB+jZ{+Xou}51(vpS{;crkTdm*jE%B~6sq-J=g<Mcvc
zra&1Fq#OeL98-gD*w8e8|BazN@lR}u2<s=bIKB9jbpfxqKyvD)Y}S{h*hJ3Std5AM
zfn2&2F0VX?5^9^dZTu}rV;KsdU7j=onn>+S;2bU>h5Zc+oSj%I=JXJxBBn=rJ?V-a
zPdu>(=upt<!@UD<7}{#r+avyU=S>=R&z#>*fGd#29l;>o@*<AUA*1nZL^BDJ{;0MD
zOO2TyNuGO%mbPk)@3Ow#`M6Tf>6&I6^t@~G^NWpUx$=F6>yQn!`-W4kR;qz#^(I|E
z`6%xQ)e)3&E<C_WM7b{A&fI69f2FOF7PdjIMZ+P|gXU4A2(Q;ikq84+syk6#-{E%*
zSZ>OjSK(@(lhHZc$afqF0kL*K(`>wwgja5FZRrSqD|%+0<%oX@b!v5eoSQ0%jVYh}
zaemHn;hSKRL=110=4ggvFIX9q&-!F+&AwM-%xaAHUkd3o3DzZxexl0z+c`5UJyAA7
zwPL3pu9TnN?R--;YPQI3n-d~MoOG5o&AVi7YIB)N3GLxHlP&4#$g9zxe)}{$1Z$6a
zc+Omo*I6!_)fDug+CLTAv6(<c=+f2`a@8SFT@x!bT*QYA#X)X#M?kwNsV(gZ5=r2t
zf<<U?3vJ=SqVQm8cg15y6zqm<n`P9Tr+N8PjlBB(Yb`P9vk0y^G3e+uN<!UG6paPg
zPv}AH!RoWFnaJ*UjEtElKYJY#^P(7yqBQ{@328=9H+m@%K6F0h>OhX8EO?Fd0%@WZ
z&gIhleeHobGtwBfT><-(kDz&!Lb)7LYPdjAD1u!JygF<Fx*HZpUJLFU3B~^pXYU+i
zTh#Oowr$(CZQHi(+qP}@ZQizR+qP}nn0_<gd`O;5-kGGbvvc<OYps3i)T;VnE<wW%
zjapU1w!kQfmb)n`NN2`&nNFX=^lND%zz>0(i!wCKh?pCc^`##9NCwkMtW7$FvyeW#
zJc=13_*Il=h77oCOl)M^Y9%bip1`R##|)Mt&mP}q$P@^0YeuggX<vxicLU&z4bRDc
zkUo_TljDP}Vh5Pj&VErR)c}4iHPBiOZL0$^5V9V_r)Bn7V@@>sown>ss+Kg@@bF{W
z>xkW{<n*6z1?A6TmvxuRY#80meEHwH8>|yg*$xUov`dz#2Z@e|Fp<9}#FNvqV@IvE
zQ-TM_R%j!J2ijrW!JdYGD9krWThJNpmuvsR{EvaxbL@te&bZG{%W&yFmff}pW#|X(
zZli?2e^j9h*a0ue(5z7848MH%31?s1{|-5NxAEmKT1B6~J3jGcbhVaGWW6k3Wb<|L
z1&lR!D8&gp#<!%LK|UqOmcJ48pkVO&Xn4OrmX)+S^KhWy$ZlAn=J9P>bb<}NeK^pW
zF&(Vz>#(khzkG&94vNMavrE^Pb0>e$6)f<Jv;m5~$NCdpJPv)lS%+3=S`a&H0J3ye
z>`VO+Obaf8YTug$2{!cExCgqZ+J6vAz0K;XXFla}@R%40yfq)MpnEURQ-yqk5fRcp
z{fF9(@&9P0{l8+v7+L-oHjMNCgJ|{tz=pll%o=~>6Dt;q0EzkQ>^2JkgUI5oV+Am-
zELxl!zXFkbJ$-R>tpCa4xFcE1nT$$fUjC&zNkpQwks^nnNEIV#+-9(*^RM7gB>af~
zN-QJOT5LnmDC$e2Ii*6C7sf-Q`HvGyQ^g4=j;gNhq{Kfp#%5nM%K@1xmssV^d+XW;
zh-Cc%TpAa%B#_?F*Ptll90HK2jPK(_Asd<KrAo~P8dk&Q3MxZAiLM#u<m9goDC0!4
z3&_9){NDRJMG3vxd_zxJy99%o81%XVBq}&wj6x~c+Qt+dq=KFdsKa8f0&BFv{;MBF
z4_5RK&8eJ}VzJo`%?dRrT1!aPNhL+F2?y)BNNZaUvh*Cl3YK=yn#BnS0UKo}@eREK
z>#ue3FY2Nc8)RESa(Y{UwKFhPYwc0hhcp<Ks4{JTN2;$$6}^m>g}NGB_0rRI&q`1d
zmmQ_B^NJj$I>nnjI*{!T?tVoXYnmaB%|<><FqoI4C0ew+j)B;ci!kO-g&k_}jp?xt
zL>wpSHb8mOxo2R;;i1}MZCoA}K_a$3(XZUi6KVN3+6*Tuy9Scq#9!UypNw`=1y{&s
zNB_A4?#N74*GxJU`~cwBej+xrU4Vy2&{cE}Nc(w$KqXf*|KzbII3)ozb@;wU=7<eA
z8XS`i6@ae(FlS=IDiT78gQ<|w9U;?O%nb<%V0v;x!P}_%u8>_L%Rj&n$BQ~3(KvR!
z8$b|d+l76FhToYi6xeF;1-_rJb5rJfl$~3<pMKEnem^7phT@8KZz)zL-repWS1tPd
z@23U1x-_CjK<#d5{B1sWWIVn&b~(vOdh&kHgQ}TW*||D|3O8?%JiDz`{G@(dU%2Vp
z-goD&?@k`bIiZ>Kd|pU)-CEsV$aMGJ@83s(KN#Jbcw633YZFoIHCz4cl5uw5&7Ivo
zA68m=xs|?NFK<lz_<U_&bUaV!Mo7G56ep$6tcS2Qy@SL!xyyc^`$M$pe7r-#VNF8=
z%>S}$nH81Doybd(i;y=V&qPjixKEr2+r#HY9nkx9LEI2G|K|<opOeY#2IuK{PU#bx
z|KsMW|CVGQ9J}T0d2TAreuRDFK|i<W^`#(F-cEmNqQcf|eudqy`)y*XME>D<mz%2(
zZPabTST~jikB0{9xl=J#4Pt_CJNkCQ;h|)s#tzu#6@I6)-RI+etzm}$`*Dq3c!AY&
zj#0KV*@FbP3@xDMZt_599e?YwI&hJL4M(TxIDPy$sBT}Pf_CKZ#S9^C*vbsKfvl3Y
zt`-(}#`$dFcx|;QRZ}zD(Nc97Di|VSG`#`hm{F6ifxJ}}mki4!o-LYoY1IOkoUF^P
z$I@nXsao)4`k`D+2+OhA$3MO-(B$R(y~Q(yHVvBF1zZJvU+zv#d;KqP_Yx*}F=1R6
z3+um1IVJt==ZUSe{R>aG^%{>jMF*&fqh;59++DxBmbqa*qqA!b4r{{Pf-1;3RVC9%
zwWeUsjP$occV|ip*sSXh^G~5S3ww}Ysa`J;a(Ez&HTY`Mm7MK#ZP=oTmP6$o0Z+_<
ziP|_9N@mTO849dpw=gXz+uXWuDg2ok)I;Y2)eFR(VQEiNrlpL83iozYrVqx=&5c=a
zr0vrr7gEQ@US26UJZ#%wqv_<ytN^Gd-!5d<0<K0f>KyS<SY6I0Y)(pOQyxYm8{9!X
zU6~9UeCKI=35j|%j7XjPn1h&>Q{<;~9-lW<DniFRFR;Kpg{J^8#cd@V+K{P?FNPn+
z<(mxw7Gkr6$bv}|BK(+wwilV1Z4tE=08m;!#;HQWlc==|{~~w`fFN0F*CW5SzeSW$
z*aRGnXWLevr|WF}C7@R`KtV#~?=huD8V}K2+4Uq>Q}paFS}(*;n@(P8V7mXhEBj(t
z3jpPuJuf|)0(5+{F&+>ujcH`#7OOA9<r<J#wt1i31c%A*u{i}*{3$X?HD$&6I84)s
z+BHB+DMIVvcd^U?@v1)qqX9YJNF4-yEpRZv)#{u`N|*BAUEE_X*~6NTG*k@xJz11R
zc@;DQ#eoFliT2Z{>Xa9abq7%{8(w+K-|A8f!CBv7sYqjV#uMn+(*fq_qox(SENijP
z2T;T9vfFZit@^${x^R-C_rb^q{@F!4a9B>`mUZ-yYjq^><;f)g5|~1#=Idi36DoMz
z5PRS`6rRqg6ttvF3#?I1F2#nc06<DQim&5Z@y~-#l*`xkyxAU~VNqv*Ev>?(d~~e1
z-<(7vuSI+;>ZSJ(2yXqAXWe1V)#0b$MimWX^^z|+|K9&oQqHPEG58ZVM3Zpd-Gs_n
z>bTaT!E-^+%_;qiVphVWQK#-f4%1V3f4y2g#L>cjv)+PHM@%@j)s#MIWc$GtbMuV0
zbH!~|^L=%HIQO&J(XV`8^1Pj6^3c%Y3c2JRzt`eIarXFf<4n<I`=!mDysqu|KO)n6
z*~@A9_xk^YtKI!vQJ<xGsI%Hzik7E;$ivzO44My!2#jTWX!)^jIIktWJaTMqNU>JQ
zKZ_hJ^Xw6##ZW5g?qkR)iK!MyxIx}_;Eh^UGOu1D+jPz<VA#^+Bz(`P6vNuiL!P+t
z72pk?nGiitN7)<0Dvl3#bhV7*y7xn|3FZwW2SpISW)VxwanB(VTH;D|z9+{>@)O)j
z{9sG{y8>f53g2bHW!4x-QiZXGs`h2XVn)3?IlwWIo;w+*uqKo&$aZjQS*97_bDs>c
z07w*aoAE^(3x-JR64b;^yWa*>vP_*Or<rVo0B*>AQSl=VT+x1l)%d2A$)3N?y-vZ(
zsWFzGHq~0fcy3^A`;;*uG~uAvuwfMx?Ep#RU4j<$Bn9;%`0RS>@}o@`0R)SkcspQ7
zL}FYeX@n{E>o}u*P&g9pMMAt8?OX{Yb1cOW`QBOyOH=>aHgu!gr5^v!&Ha1E_r)3m
zg?xRiDCW{F%dulN$TBy*ny8Crb@+1@%<cd<s+Yx+C#_<KE7PteIpPgH)3)a4zxKVZ
zC}b(p^)bynP)qI=H5=<BpD0L5fY@N4s6S$&LXXyox4C$?ABKV73lYyVMHf9>kZJgF
zkcpqijDq+qyyl}-$Z1(?o?O{n3EYly{bg~GO8Cfyd}I<nGV$-u1W#uI=L-RgCBS9!
z;7Yl0g?y>v|Mei9;E7T2+&FMhJ$v<nl6jM1*)xrnwXi7UQG@c29Ey)`17WN&GrdMa
z1jUt9S~(<*+mY#bEdq9G5us|%LgZ@FeW5zfDk84;c^e?}zt0D44xIa5xm#^s9gCOB
z44+xug4-^xnNK`db^7Id2n#NX@v2QQA=8FmBNV97Hae%T`7*<uq^%0ct<<x;qNKR1
zChr<D(QNhC^de-YcBdZSR4iNlug~2g<UT&-HtK9CQ5UDlamnW8)NNI{*WguQRXN;p
z`FPDf&fMnHBUDS??b_|Hzm2b>X7@XMr)o)R3C3{U39pLSt6>LU>}oI*Aq{T^B+riu
zxHSu!sPWn2d==^n>gXm75wR*_CpyiV(L&WCCT&nhS{q=-%=p#<@OUBfkS8`<zMN?-
z#rgV0#G82K87i!SO+VlC<?r-Byr`>m%B}1FuyQzZJMFlDyB?2Th<rG>dE?><&g8zi
znMKyfv@_*mmr`b6@#4-QLKGi!v4}FF)=uyc8_RK_%V!$h!OJ|J)!D)~1R^~3YjDS2
z=#?>79ePB?DQ@*?%_!IrajnBqo}8_4E$^_=RX#rw__A(@%l2vdtbwxf1LqZXm9@4g
zd=-HhSdxRHvvboDFEoaEOe9N<Qw?pZzE91hTpN3Sz_GZ(hyO!8&-|Zwi%g8n|Nlng
zvW@MU&G;F?lZMt3^}AWh+6~&t;4qF=Z8WP5nO{#OrqcfOIyQCi%n0Id?Mpi)YAq%<
zv@|w8Z6B9AUyp-26QVf?llLd7zZyirNA4()MsLg)+F`^kUh=pt%rI^pdD0H%b6sIS
z1D}@hWH)<M5ygT?RqAgIXP#)+?L8m-+F8sd+%T1<8gL2nH}BtDxo#kMMp2it?Q~9*
zEyWWZ_C3bdU_Bpe{ox+fPwH$=mX6rHtsqfVcU$ys8nVE|RueV%!t&!~8Oa2rM^<VD
z43aJLy63LG&JkOX`z$XW@Y)xot-ZSq0cq_2H5T7+N(Y~Fn*QbX*ABeYCHi&gQluwD
zCiRLt65)Y_GfV)^<AfWam99A2Gx>VCpT>=p6bOTc?RrgZjb{;TCm^Hb4`xtsG0K%F
zE94$Rs-l`G*UJ6Hu3-X(*yrgtb&X*_=};lKY-cx1>jP@g1$c=+@c?)ID43hDn8)va
z?~xnU*Kfyh`=l<lJ2y_Ld4}LxUKFdo$hb2N{`X3R!uT=ltQg5)A{PcBBAQWkg6?<!
z>uCqxz2nyzSQ!eZ)@B8pHvj`LNM@#jX?UmtIU|@xGQvy^TiOql$}<X}Y@)1nY<2s&
zv%S)HP{{s%&vwbLU)TJXE2Be%R%2Dj>WCr=uj5htmC!Z~nJyaSWC;%U>YmoSN$ydv
zd$V`>yGz=UT+QoSU-3SN7&W>dE|zjmLa?*6P7LR;&WG25D}x<YP?QEqz<{|g!;qq{
z4F(az!ICQR1uT&m!8#3)YjEM8%bDTl^ZPqfI~6a>%U$C>6yB2cZs5M_nOVcO>y074
zRKMo8%r^}`br7&>=5srY8{T4rJK>0M9RQbZ&YZ@9r8?@q(qVR3Yb6sgOcB!_VeFf2
z3jqZ<WJ@rxpV+098g>saFDxEd{2bZ9_pRw-ljF$>_2Ba25|#ZGqVp(VfYC-Y8!?P%
zrY*5!H>!nP<^jPtrGeM1rz%xgSlTZS#p8DN0i1p&sbqWiVx!a#)LNFes(u+yP#g!L
zm4SL@iUGwsiy&^hohK|?%U`wcA6`gKr^tq%XTiwNlh_wnH0x9SxP})9uC0K>G_j7^
zB!n=dn6Ah)`rFlf0rV<N`8<=ZuRX-k+wR-MVcpFOe)UF3CYL5@C2t@cTgcW%<v*st
z(X)EOMz*$EM&{EfoRTr9pp+q80vIcDGOA>sYhJlw-<cjGOV*d0M^5oR>>pj#RmVpk
z>bP~FQscbZx6#~g@T2<^FN|{LmMOMm(%CqR>}w-dJ}ps6l)*Xv`(2SVB~8+we`K1m
zSl-*n8c)sZH|!k-Osae~iBBR#-=VfJKN5s;nv8xk95*nDMrCNU?2fH4>XNPk?)=c~
zdsbll<!bx9GTQ@HbjODohGQXZS!xJFXKF)ank!Rue$B9MmRS}PR4ij1&!n4nE~Jz*
z6f?QxtmbX?Xe1!Sn-;uHy{-2Gi^BxG-W<oGFpeILQI5kOOzCp-Q#2C&TEi9lV_ZO*
zU(%CphY5&>c+!^OL=tXEg(TTtii~ShIg$e<$y5@}f2o~PFfL?Urw-Mao)(Z%M8M&B
zOC?^r4ZmQGi`%ts+!6W*=Zv3wbDzI%3`v4xi48kMbBiyQ=*CKt#3}}-bg4XuKpFwI
zQFFq5HX7FpC9BY5VMWq_8lt`-oA!Xnj5Sf>1j!v+wQyKp#r68-$Oro-bP$UM!F<w!
zAUHhXCq|2;^t#q6XKQJXO#6kZ);)4A&?bDeX03JNQhUNeaBYE>FqRvA5;I}M?}MDF
z#<D0(R}2~=pwZDdzvb{fKpefLTz2kFDx906&??60Wag(L3QIFrDrSA1DM^@?+NSyG
zfc@Yb4qKNq6uI!K(2gqE<<%FI88Ij2W0oOVB~6DLxv8H%3{=O8-s)4=9+SkNtvTkj
zmz`lRFHms(>%8~FY;-2|iw;S@%pq=OL^_fO*f41ZME(+GPo!}~_c4*4NTX=RC_8dd
zXBr-w!WA$G?_uITmYKx?7UhUPQhhhdC7pMRK{!|1d36jOSgwgD<nIw}sD98T^Hf_{
z_qfNNLXq^KUB19+wUhCpbRED6FB;Q!Rzw05)H0x?BZeYjgu=!m6#U_(WdPc|>*}2j
zuPB<*azu@>vl6WmU7EJ*DviDJl{?W)g?$MjPOew*!n?OwwUJ)n{^wf@PBDt=^u`iH
zAK7$QSs?@rAy=BA5yRkArvxwD)vqlp8dbwNY<Z_x3WuAvgf8}kWn<Z`76kfmAe7XQ
zgCDHi6|#rJnT$%+{+B97ad6Y;Eb}RtH2dP3@&-NWcJZnsH6PMXN(`x=6W&oVl9r*`
zCan|}H_RHli(iN{nQryce+WjHmhD_{>*uDEPv~Ds{JPcmyM%I$Ty8mvckB68LUD6N
zBLINQBpuFgMrg{jTl>k*hC~fFnA^XN7Ai)~!otb<{e{9zjcmV~|Akxo7ffD_&=AQO
zPTWL05qjZ(o&oZaIVwL?F-ou<+ILxSJu0=GF)|xBX>#By<`hG$hzcXX5qeXQVR)EN
zOb79@d{c1r5;tfZj?)uk=Kiy~x&&np20?X*1c<#Im2OC}j-#>E(v7Z&3+%`PaBt`Q
z`;7%E>)(tw2pE9XZD$txPXif5D$DQWJpsZ)T6(eu|2OFzRj~TQu>!1y)@1#r>-N^D
z+qdJ=rz7IJBUIY1p(kTw_KN5x@!7p&IW-|H#bum=Re)0pReK{G51VxW^&Wltn{W_*
zD^mAwDv{y!GzZcf6seUzYcC^BHlyF)3iO*bR&e40<3GTdQU2BcsZe2M`41RAMvnis
z?$D5y?Vo)Pr0*R4y|`klS&4d*jh7fniP$Pxvp9wp7uF6@4*|$(*3codKWqAaw9-tk
zA?U*8*TP1|((*0sxvA}>#v*MG=LRkwt$pWc)%s-Yxi?+CkO~yRCo+0C_yqzGBk+_+
zgBg?AH`Vf9J@URzJktooc#qUMeAUMrBG2!O@S7b=HXX^9ct>|ssxkJVNtyii5RF4{
zl#D?DpvjyKM^i65b<AOI`~gCG7##MZ6Ga29VI0a#NGET{`s}UwP0P#nb7}~|RqZgK
z5DK0?fsC#znk>3v4QKjJ$UU9%ego;nj?J&Ie_;Fy6_&Mxtvftet>W+nvhrf%gz%9`
z;kbR`^8A@;B@N9PPHowys0F59x-G_iBT^3a?xe=pb<de_F<>6r7RW(DbS_0GOP93l
zpr}_!e7j$Ua`Fkq0}(H%Fd9p=1}yr&#2}D&nkfVLGg3bez?7Lt+zp)f+b3*N%-Zm#
z+2kGsDpVFkAW-UWVPu1Cfd_1s`c8IT^;8L?ep1zJK<6Hyu&)V9B4qR*M4=hLi;deC
z6q5EIcp+cHm&qr^vy@BZ1N2o|y4c}V3FGNyXeRSbnq{3yP~g?*o6zEda>BMY&Nn3V
zQ<*06)fX6~PQd;&>4;-LuuMNa(N3c`XLn15eC#x39nCv`R*1J@lWMOKZ;Fay7&C()
z(;^q8h^J#$tw{1Pdscu?-~o<M!B^-rR30K2_Mp>BHB)Ce0pE@2ihjr(Z@5@@X2kLz
zMk#qWC2%V`zL)zQMsX;+ZThSgGZ*2WKVg>SwfgprqnqCJe={`zfHkvpyaSrC53iOa
zxgw(fYTo0EaX$g;O+F3a^G0sD`M?JNgeFm9$d^^&9r5mK)pF?CKgjIV6wovvyp8j0
zjAmq|=`P(i)DH<Jq4UO!wOnwH@*5c6dhI*}bC1KG3Kgr}1gfnWDqr5MDV6tc<AP5-
z%Oa_HCW9$-PEl=w>!KXx7fqu2KrN<-#>sBrLTinFR^Vw_gMV2An=IzYFry;pTCG=D
z)+!jS9EE{!O9r8pAm&*{rZF~Y3s6m{+Eyt=fs3YxX|0r~(pgu;Wsg%c!xurI4e~)E
zm<_WR9C0Nac~-bj^RR1|LeSc!&EZF8EB(}~sJ!r-AkH|D>q}`dU;Ygn-yE7?*|4*D
z5jEM-LYcyba5x^;M05jn{w}5=H`TI+L)#D&Ytlt1N4N5Akk#gJ50qLS*sV7UN9(R{
zAg@$bv?`wB(YyA#P9J$6e%@_nfM}HKd8C+3!4_5$+N|6kZ0-yTsm){l(byIyWHri4
z_L%uqo45?;o_s-s8)Ag9m_h(VfK?>XsnrNIK%$Bao)Aw~3<He^Lo`n0_-b4~o@$JX
zN0{4nYIC1K4R#tN7^r}#2D4V?8-=A$(~l5B>iuZ{?6ae?&|G~<5thB;!6O2a*lMy)
z96+als3BQZ#RxSJ8j^N*qCh$BRR%$JKqc*qjlU4es5)Fnhq^dNl+q<@%2xVN>alt1
zv_Th0@3@DUpCsZut({~;?g75M;E5;u1F-L|>h{-rMF8Vk(DxerFh3w!=RDdmSh~ED
zps?zjL!fLTxJB7Y|Mkyj3sHcL8gVn)x+uQ!D7g5p6vQGjQZxpwbOjN7b;2@TCzrTd
z#w#R}-X8Y^fohJRt}7~ZhjCULf1iUtk5Tz>os?ioNGX(Z{=lO%+Fl4D6i?5@^%%JE
zslbCbMO7R)wQH$BGJ|!Y*xNi3+dnOJ-dO~j2;1r>o^(FHjxJn2etb4~)V~;8PgcY5
zpxlh|DoyEGoJZ@<EIGnva4F78^oBO7_Var|+JNBohT2KZBS>Lf5aW5*Y8Htg1Qso}
z?eN14BE~==Bs`obfuiX7hOq|Y4<HioL$T%qcdr-jT%PYQyC-v7j~<V=Ea~3Z@H4x*
z=B#nIcKQ`#b6@$1aw)h4Ek=A}>(nnc+?j$0X|{=-!e)`ScNHbKotwH=d)qwC%$-%`
z>=j3An2?{`{j1Z@*7dLipTDwDm|njY-<4WekRKMqOnR55o;g$~64~|ozXYH$11C6D
z?hCiz@{e_ySex8ZSSQVF!Ua{mF(u;x^risS?jT<?d!cDqMRl^C@Whzt;~QHMRc&O*
z<l{e0h_1oT*|c*cFaiorM=Tzwp@g_-5&*oh<nnm;?KC5`SV3BNzv{P5GKn)g*EixV
z1$zr7?;PHrT-T15-zPBNE~-suEfa{9V}O8GTNj(IsG+Xdu#`}7B}Q9YW|8JtLbNl1
z?K^foe0;uMSX*#p1vT;uAAP4M4QQ>?f7v=+K?Cbrg>JicscLk?3_Fj7hmb<?FMg3B
zTEJy2w+8)?7j_>f2Hr0h20WL$b=6vIysn&qP0jGYFg4mqH3JNI$mMuHuWO77vxN7b
z!+|`QJl{+>aXEO!ZUbYtu1uZW1ID<&g8G+60M^z3d4W17HP;yCXtN|RuG+Wn{`!sh
zxA=UvJSWb%PKS<8b7#JUtp|I2KRr0txy>RU9z9AA@Q}o^Y97J^kq+U!JJhVfd?(|q
zxY$Mohb~PK4@39CIsvcO(5R=2PMh)uW(9p?2fo+DLL!dW#{q;-a#|UQYBQHnLH8ta
zD@!X=u$o>})!jlFSAImZ9Mlx|>%4RCjhXf19%RtE2H76fqb1etctPr6q)f_U*Dc$W
z6V62471VozjjAQX9-ToDgiARS{obg(5<QLDe(#2<*sPJZHcRKMkx_BtDjTDxDwG7;
zP9M*4nB{6rDPm+lo8!)E8xNJ~oE3I6i``nK9Id}_8nw0eQ$|TOsfw0Md~)`Cf6Wng
z%!@yTUlP&;=g?|43r?XN<_@Al>7Sp1#Z;rVSGvBr3f?)Y8qZ&<vKiGf7gXQykMNT}
z|Dmv9Vfc^a1ZI~1wsO>ekrPHyeSZh0#3~_jJETW3O_*U-eXaoH4Xh2KV+29<Ky?x(
z`=9SwYHmUCt&neqJo!uS?^zGo+AYD^Z9&;19s0v=eqa4OBf{OulbAi+bYeNlu@}lD
z5zIN9JK8uNS8y&}%LFnDd9n`H+t<B23UOc?Hi*^r7FZ^V_4CFHCTPW1J0m?@S<ECl
zU=>Fibjk&8U3dT0egUf!c9r(TyQgsbZNJ>~7@LE=__{C{b)S4rn$zLZ0Yp>Ru3~O|
z9l&9;Iw<1qqc7fJ7zJ}zlR#+uK#ZH#!gKC$3yrF=$0o5^2B4|Y7f9E`u}hr=dX8=M
z3|JP|_|fH`_3MZ^R@Q9840A~=I26}34DPN=8nF4?b?eHax|jP6EB;*zL)#;>L7t<E
zh|Y$)OOOv)4#!(M)vGETNy%XUV|-)C7X*bs4@)*-!1X4d8Hr}G7Lbzv5+{jew($f{
z!|+LLYVl-H9d)aH#+B6%Y|EQ|L7W`=Fz9a@Rg{BSY4(1MZ(FVd{_X9r%4o4{IB6Yo
zHSjxq?<La#Q?$bdO)4H^fok*#X7XsBb#tx2zc2ERR~QU|CnFw3A2u<}+)G{Fh{x(m
zv&bN;fWg^N(ChZ1AcrY*G&+_;@3VsY)<3FhKo+edZ=$#adrlss@!EKTfpLnY8~$AW
zNv7B%v;4F94!x><t5y%S@y0upETm0_&73GIP1~7Kp2eXx^)w|g<GVtZL;nZ(h~wt?
zEF?fP@SvH%aB}K~LBY`oeRlW^f{OLY%6nF|a5MLi=2rx+KLIku5<$Mju@)MgyW4n7
z2=4>|L+!4cD)iY`&dQ8-KnEHacP%0l^EIRQgc6M{1W%Sz3VUb#ASmLV;I4^r>8FER
z3~U1GSnBD|9PCV1<TXCVf@(6I99XLs$K1tw+j|<T+chkBBKU$0_Tamx{llNXSwx!T
zPz(-|HpV^&0DU?~!IgvNc#A(FS&e_faY({jK1j};Da83)v*8LxpJZic&%)ZO47y@p
zieSJ}1AtT~m_5c$8Md%^-IW7C?^3f_8nkGcE2@*d@!!Sq@H}66mBAFK&DDCHI0OHQ
z#-B&EFt7;EQH|#l#5y0&u!!Z*)FgJ>c)3GBQU4*i*R?>;t96=AxGk!>_@y<Nq0vny
zO1KYBpQS?%y>IRX6708!@i{aDU}8DS6^g?K=-N_=S>)tHSQl-aq5L|wV_)oLb$mi)
zeK;G1e6%DF@z78*p24T`JCKC5t5n*i%#`a7y%z|Pe>2n{1xGD2X&q&U2QsBMPWtfq
z)k!u#gs@7^MS4W?|9#nB+LzqEg}9C6`THP}Mw_Vl-XgpdE>dkiFjOmB#_@L+>Q)eC
zgCOf#JBK-S=7V%eznM<GN%<?jQ>t6*KA9&#KTYTX$PxE>NX9TlR6*82=If<&-L(Zn
zoI91_{&%J6ZO66y$N=<Gb_7`Y1o)PN|Kt*+&2q`Uk{g$b>2hqkB*brX!lX~d&x8bw
zdihD>Islh_0yHzx<!5ni7KCGs$Tn-b{0K4#%FJf241(f8fWc^78O%8eYia3Gj2~7_
z;1?<r>5LX%8obrTyhCGScJQwihv1F`6apd99d5h_s_B9dta^k`*e(Bh&}0-sX!$?<
z^`D<DOh$CoQ%2v9UXVa<(`iuK)XQ?s$Xw>TW(;W(|Hy{13CNpUR}Ek2$jyI2v6?J?
z+zf!vaje_$sM`jFpd*~(sYDFDV<1Bu+3%!MAqqUQM6ZZ(93BxcxKv!Q9(iD%cG)N&
z>8fZwe?2{}bh1!zD7UQFvA=4IE>CPv;u(Doeh){UVaud1xGwy7a=gFVXd$*OdCX(E
z{JZi+CTM@y@+?5U<B&tKKkLvcA?3UJXU+7ZK+=$1o938&@C9YGT9s`ux$2B4x6Wq*
zHoJeXT7AR5qMgi%tQD)ZFb2jy&!I!nd1-{hCg5?eNSn9Qgzr)y{R}j0w$Watt-y+1
zf@LlZoACH|Va(nNFhi&DCquTViqNBI4?39V>MQUh!Djz?)Mgu3hw+HLRC9ZF_1wgW
zl~f5AO}94<l^=sasR7}0pcoah+n!*@uScn80D`2|n_aT?Gh9loetBLdt(h7q>;bk4
zte$wedJXJ7ILu>rM*C$(ck@*&^xmPWtfbV9uUtVaFC$qcj%3~~K@8ju=?=ENnsif$
zVnmW4mv2rm>C4X?j7i&b{I<5c!l+Nnsf|*qHxMh!+A>#G#GG0C8Jrm-dGvKIi6K?C
zvAhi<NK{W}0T5ay)ql=%w`#t^B;8(LxlVa?kqw)MD(zg|)*2}m@%Kg&*aG`y5Ox|7
zn>{qHyuOdH)*slHHb?&XG!)6hO~^)tF;p!zW=Wnm#VEL7`p5eUw^#=oZpI3Djdfye
zq*ZLfDKMHSiv3GVy{=<n^z`xYz|%`3vzl-pK8ZxaeF=o-OS4<C_JT5#hrQaaW8!RW
z_2M`%ZCa}K4BroUo9g_pH-~8w@#Sl#N^}+j32t__HPOllyUX`&zUM|*DHFys=;WX0
z*V6`Sx0?Dqm2C^LMij8nfNu?8pjq@gMq8pco$+yU(mRf1S}JFUA0CWe?)%G@<IkJr
zebL6xJJ+SIS!Ht}>M#}oh8HymVJ5C9`v5~_KnUa4B_6JDMu2Kr*u%X>{?*Oa-at?L
zfFA7dxs;~qr7MWFt@`p;;7JlAjBz5NXZJ!6Ewd-ohUg%=Y5(vR;N$66$;g<n{bol`
zImilHgVfsZ?rkdJPDYp||87OH;%V7k2uKZFv`&j$vSUCi^l2>*dP?e9+Vy}5%XMrG
zWX<}0Hs38ryqOyYmbm@9iB8whHg3g*`p3}qNauk%Jp%hXsZ+Ae!m2O6qQ^}Q-dc|s
zhf}=e4pwGNi6<>5D^q2INj`#nPx>XpwD#A$I_I1dZrJ%m-e+<TGxW-yRr5#U`3cb^
z+TQT9lenJFublaYth+m$cWE}>M(`Qiv=sh{2{g5I>)NWAl25Yxw?P@-#F9bYxkHnt
zn>%nQX;C1ljzoz|{3ZE6Dd{ojl5zxTB`k6e81+4~pS30JJ<(a=M8Dt%!)`>~6yuAZ
zsm*+||5R_W{_pB$GNyLs&K3lW%#8nSN9QYziP#M`l&ufy*5rWnz0Ae>A!i_v)BG5>
zj9vwk7}~{D)hH?MuXjDZ!vq@-rkrSSU1#GAB#+#%lf<+<RHD;?!;`neFIx7|T@}jM
z;};2Jn`9v_Qw>EH{rs5-v<3QyxNzwJ(4*Svo-dac8}=dR;YLY2SC0-_s?0Sf^|rAj
z{o^Ela+G5v5qPGUzEH?yd-B{KgvMZde8fH;)>C@^KT*Ml8c-$1L42~lnei6neKPGm
z*K?Xxh^8DxD$i4DC`r?H0Sjl*NJ5G7@Ef*<FQ#zEOi72PU3AaNQc1(u+|{I|1R4`6
zoTwmEAS0m@1U`JIWFDnarjC9jq<lL&^Nr{l<+W^BQyhIlwFC#TjGP)#d^3eA5wK3e
z4%i*w>?ZTa%fBY%TP9Jv{YL8C{1W@XJ*Srrj5{?(w|*~5*?A2Ym!OL2F1`}(<ny~D
zzkW1w^B15-i;(D8CnCTC)|ti);_3+NZXKmg;iTm8>>U<R8_VQ#<TP!>iCHm+e+nSv
zppyd^Cc|PZS9$)rWS+z#To>bqfFW30u$vQn{aVyWVJdx$BqtO)@WV%$H8hBW4Ou*z
z1vn(~2s^MO6Nf0nn(R4Iz#J>_wG&HZiF!7mq#p0y+YIhx7(g-i0u^zjP{~ZPRp<(M
zTdr&<)8ix?!kI+C@lU}N!<aw{RQoFH&_?|@KJ5&pc#G;}T<k{{6~YIrD!Q~$p&hj#
zM;Sh=3Xl>e@19Qxf)?KuR{eESMU`gHm+YQ?R+Q35Cq)_eZxulY>F4nGAeDWaK~d78
zu~AU=)poAgj0+=N#2R7%rUe#wOwCyzB3WM7F<UlLR-x{|6GRA0ij&(3&3r`=77!<%
z-CGHSb04StLOg|lB4^={77*ejc|;VQKK?^tL}_*wC2+X-Bsd5hE;b4&$0Ji}?tt9Y
zdYlb9y^+FV2Sz^8tOs<K)eA<Z3(5xcOs>oihV9`GtFe}v!dk%1&8oo<P89~Ftmb0f
z1%?<;gwsNTM>8BeW9&W$Wd~gYjlLE((c!><I!6;dZG+J2$>@n$(8AVwbwl8j8shls
zKG-<IEZ$6Mp5E)TZ^S&!TtSXgy;IC1J@x?r{-LSLcCkR6)jCfH2$sK(bcuI^H1vwB
zEo^Pj`Y1}_82CZq$cP~-SvtZplvP@>d~ic}LTl~x^A5WRXgSl}K2S<9cFOt4Rg_^^
zqz98T0>QV1Z%{1@(&Ro%08p1cY&I!t*x+>V7Kw?$`qo_uA5(Bg7i`~+AQSDLJd)q3
zM@$yUb0)?+x9;wYtAb%*^UsS4P7FW9n`bkU5Oz||0tFm`*wRJ}SBnd(kk$33gY!J=
zkerM2ylolgUMln}^^ME*I!iNQ-ne7TH5aG-K%WE3gnX*h6~AX&e((5V_7Y4RJl)lJ
zg6rZI_gv|;4OG=fht+PzSROh%p_94ZCU4Lw)p@2e^1!x>5{@#57J6n7fD+z9Lb&G;
zqm=-E+#&jt^0w^}c8~)WH~=x_Q)MOd*L%TpYRYrPE_KhZsbO!1EvjW_TH^MU5bkgB
z)-o?(?afB(BoK1t0TD-=#w|Gv0cs8@rOq{{d>D<TkIM8>zC+t9H~l%rGtIPa>IYHF
z7U7<CYYF^A7miIPAX)q2il|<@!igb|46rX4cf7LJu49-B@8He#-Yd=pgLF(l7u_kn
z+n2rDpi)0F!7TbBojZ``@WLCo8|;i&fm_1^pq~aOeWH;CRr)J^O!!jve@MJcZ2!AN
z^8YJzn1S<ugAQ~2x3LIQ+M01VEr`B5`g3t(&}lAr03g78c_acb7<KrG5TUar#DjBC
z6{rS3AKpvMS(ut*?WQd&4|$5PVY)PGE5Ak?)X8O0y3MO)F8#&2G2cBdBo_kbrIo~O
z#(LsbBObVY;D#clu38|(ucJlV{s5VSd_a68=O`GGlX6F~Eb1jv;$v$LWg4MhkTmj5
z@5m`!#fS1L*BXPlrSo-&#*i|5D$5?rhPdce#d1XCCAS!FVF;_zRC0>s#fK<p<0Nu>
z1<5YR>z0FdLobDstDy`o<#U(<EUGIArhuxtrtZBu;{6!)^>PCm`z~1Ng_jFbC2x6T
zC3(Dv1HeV^P{~}x+NR^#kTo)u%vF4$RT@sbP=n1x)I++Fb8ltN5%o7RP15yF0pVk-
zZpCHNWmwCzn?;G<=34DIrat+u83oD;eyN>OqVZ@QK&HCW7t49^Su0h0UnfqhSV8wy
zg7rFMX$&Pu#g>cJv*k=Sou}=Nmu(u3fDA<@4=ahK)F~^Bp<{2E%AEu-RmStGs5@d#
z(vgv@i7u?>Ct;Me@hO38B1C>5Y(kDcH$cSyO2=M6sQ;xeqJlI3(@+bj#TwG`{&4s2
z?R8O)+9-!uF5i_t)_Puv+tHoEf;6df$<&A`pw=QzXIyfjOJ}^``p2QUtjG}b_D&Iv
zSZFUa#!1l!fg%RMR5h8!;>T#kM_870xZR4?oY;Z5<bqNWahPK7=oW(MKWN2ZmkVG`
zM0qXEApfc}>H2WFHg$!*1&xvM@wL;w(erbV%MiH>mM9Tqef#v=v-o*FPLjvVwjl+l
z@ZK<yK-A&hAS0Kd)8>?hi=?&7#Gxgz@LDjTV8M{N?;4xA(c^cX$#H3!8L9%MH}kn{
zt28Sdv1j<BWZCnE9pUiz!2Yu5=%6KwE4FMZc&xuvZl(_n2G0Ex?Q3I?6XMUu(%07O
z)8}m0sa?<ezK7e#)aQV(TjE0|{?6p<zaP8qwl5r}nHv0UPl1T<&#9}O;}*A@>yfuB
zLYgXL{pp2@?}iTic67e6a?ns`hdqV!7LA%7aO7703&Zb{8vUJsvnb(Tb=&1uKaxts
zGQ>8-BE%<&#Z?F^5cYh>>X<*aS=I+Saap{J_>jLJ31R(<;kbQ^7+#j$+VuUhbJytk
zd0M*g+u8JWb>p9UsnFYRY4Pj+nz%ZlxA@vG$GJl)?YG#?#5|XB&mB!9B(g9m@Xt2d
zE~!}a-rD*;yUy%@Q+o-!xxU%%@_2JP-RZ{C_g%T*K&xPmqm1c7!Ro7!0XDL}PMUfY
z_q+OlfX=1F>*Nd@f1{xpuChyTIW^8Ql{?_M6>vvgM*mxdPyF&{v9+L5CLXp8ye`6k
zi(FGvh;hAeH6oNrb_nB)>BWRs8ONz7dNJ;xw#10HyOw+n<FOxt0?Z_pw*FYFIHXGa
zIwPzIiq<1tTuVyl)^H-WUJ0&_gQZqMJ|Bn?L^@NX$P#BExHDPgc&r#O0}KMuKMbtF
za$R2K6^(On3`OIJ#yaBPaHHt56!44knRKA=aZb{lknp4>i@@aCa}q20Xt;`%1F6Bk
zq)Ny&rX$+=bq?4vAO-Wkjnk;RBxGQRha4~UhrCm$edBZgq((>G$qi)#?~4TxCIlR(
z9nWkv_YrJmgp_s16Tw944fTorf5;;U?>XT}$_STa9sR{MOy#v~aAeTY$j>FRtl{I9
za8WC;I{PI-tSQj9hi+L9WYMUZC>O`ORCg`Ixz*1MN0||IY{d=N_Ru0LP)Kp4z)e6g
zKqX6El7{YCfN9bwCPt-m#4u=Nm+3vKf7L)=l2G%BOf13VOvT4hr$cW-g2vdqnv#((
zUHmhP_^^>y>PN#9iOhr7+RYP1kJW2{IP(-l@1jA}bYC$lPmTM1-_A~QpvIA+k_ltE
zCRiLWF+_6+QDnGe>dkTdB~as40M4kXge!wsz@$q-J&SVDSyOyPyg{Q=F(Jt45169c
zPztw;2u`joD&3!~DLqhBnZWP=dRCMg=U5~|7R_=XLrrWu<Am1r@1*LT$7)sx3b_i0
zpAh)JBYY33gF(h2Mg>4!MnhmiAQoM?fL0RY<UyIZ12$piQQHTt%fo^10#g7_dln@k
z=+q#?B6RN1C8C)^cG6n%a$*sP3UOot5CKZLu3^KthxKM=mB0m*5bhQM#i(*jfnNo`
zkl}AYVxF?r+hy8Ng55yaWzrxiklAKNuLiXH5}Su&j7D#eA>Rgt?c1(%e7<l$srfqo
z3_cEgN8Ht1<+`K4t|nVlMHl2*L%#}GTv-0E@RE|3XARZDa=dJJKX{Rt&B=}j7MX|!
zP@hJijRI|x^G_XvLmfiQ^Dqab>Z0=pD?t_e7m9MC(4P{0j^sh@&_%UKJnD`~NbCqX
zLW~rA*d&82$xl!Di2eb(CTETJZm4%mVVv!mEiG@{_;r_&j3hC=RI`Y4-+cHP{7OSb
z(B_&5A-djH10YI>XjeWzNEPqFmT4eWkiVOIjB)^k)oQf&)kh*E9qufKbXy(|rBC`d
zIUFdE4n?{)GOGqj)@f;%+>l(;5QplBYmWqd7q5+iGVj(q#UK$mGTT$JRB(&+&ZQ|8
z?kr{Z8OqxBEX4`-P3oZ{$cf+2<}D@9OyfrNXoalYb46`g$*HT>01Yor-M;$<KeglI
z$2~TstY)+1-=jx_aiJy1xz;$2s{8UCJHm=Q#S*pt;M(C*Jb)^H`P$w02s^wRz5aWk
zy{?4>o28zFQC59)CrY)?Un|iu_M&$|Op|*=)7hg#waP&(iuL9(Dc{x(M<y@y4jYt#
z51e~tMm98p4S0tgdO13%G<_|9i$-`TgdXNwM$qv2FwpR(^Ik2N`2UKngjkob965Dm
zY5}GH8OE!z&PBLqQrz<?u7%WB66$i|?M;wsao(SN!wGp}x7Flrhf^kkLrQ7}y}s_~
zUnc1OsSm0y7-QVbP?=zKz1(?9U8Zr7WFh(Lpv@TpVC~7Q;X7+i4k@1?@(G6Q5L{|_
ztx{RPTFndod8lKgS@BNLHxatZS_Kk9W>dbQ)Bu2tHAUzTV3H+FvJm5D!tw(c9~97>
zzN~bjX}CMx`L7e2a*0^lw-XYXq&`gCyauTvdg^aeG$^6gKBHsR<Jq4kWYk3DH7mp%
z9w4I^ed%_V5Ip}%e+e5Sh8FHC5K6Ux!U!Wh@pv`5xt)`t79h5NdmO}97?d@t2s@8Q
z2rra7x;s3DT&)tJ`mF@(H|Wlj-uN_yT%i0x=2nxE4|i8=mXc6X;)MKtuFZQFxMUj?
zuuSrDX!4`8KL}4Au~~GM(dODbX(=ftT=Wuvh9MK)@^|_PQ9Gu&mGVo$Cf)*J40KEX
z);z=}R}M{xA`1to8@EkMEA=Ceo(pM25NfuKTPxu;i;RnsQ-@&u?t>=420ATzgs-Mh
zbz@Qrv=LDDhj5WQ{j-#pCR+GWej4ba>b#3yl2H$d_H>u}U>-t~&Iv2!DKSZpo?j~&
zXcTna{q{;>r~RIvbY0uZ{q|ulx6^lS5-gf>vy+)hPC~P++|rGJedfg#;n>D;{wk!1
zi#Ghpm)_)0kJgWSi+LJe>{u9Y)&S;Z&Dq|mW5q>oI8MZ7_<Z=X=-#rZWj6lNvfSSC
ziJ@gMTRyEJIiD@9o%LOWVJ5LHt);Ytw$M7#d}@4iFw68jhx7qWOat3=`vqe2N8^vC
z2o=(~r<LkIDH81T<Abdwb^CAD9k2N`t&$9CrQ{>c`a{F;CZOVHW+$s2<Ia}?f*M5+
zUd(4W*T}GqOqJ>@k=|vmTXMrSddUF_HVChI8#LiEBY}$1htbc2yk-U=z<2}xm3s4D
zw^P5=<vHiTKi<)e^5)=D5Rp$bRrv}Dw(VcK(+rL8RZ-4~FN<C4d0YC9p><IWm;!3|
zzjK@khzLl|jJ8iSq961em9x?Ra5iA!{7>i}hX4K$YzlM3j%e&@>$mbJfMs>Lk}l+_
zWn;dhVs7Y*&bKfNS-)a(Mzct@TfPu^d&yE(-MYrc(2yPjKF_B+@vTr^)OKI|aDN)O
zJpTem^dyY%)^~3Zr_UpK^q~*uxXWPoy6uJ~i3lae3l8cydD24fV5##<a_(5{AXE<W
zetozUmzNS$Apof5M5D<1HCL_n?J{DJ<W&=d7e;bABfY4w=U2V~T=spWKvX>C&B(Tv
zrve~DTpjP|c;7&EK~e5Ug}YOp$A6r?VHUE6K@ePZ7^El)vc;RBJ$rcN+vuz0r|4D|
z-5Y@!L!}dbu-gmI^#w8EdjUcMO(tYIj{zb6mxu;0G#%Btdh(DDIQqeM-;o~mFGF<E
z&J8;oTxV3kgLqh?@DrT|PO5pSqgA3o7JBCcK0u#1X)avEP=o52y9lTSm|4+QU4-Ic
zf)~}KrEa<jM!@3|^l!@g2Ru#rnc<*^1c*0@O*8k1*m@!ylr_KOK=dTW92_Pt#^Rs`
zstbb#wnV!ojCemd2ll7f)PU=mV~LBM`oYq;?aTv><be?X>JN9e`G>C3^@6Y<cn`U!
zHV48hzT<wbQ5kiBzl_f{aSaaw0~)x=3PKbVL_z0f2D*i>RjqvFmz*|=Wx_>@pj0nk
zFI$fdQVWWD=S7&C7zZ)o?6fqrA{vbnClU?`lSxpjg2VH7E|=gn2L!)s(#yKs<s%<^
zVn7@EGN%+Lb#x9)INPFw1OK7(txXy-0$cfszp5WIxRq-qJ0wu(!-i4Lg;CGdllUJ7
zp-4H<OBMni{7UqF9IcvU5z+G@Z&H^I3)?h#6^$~>Me`jc#{R%O$~SNyD&k>4G{^ON
zC+K5*VKA-f=Vi)e#`C>3kEl9h9MlPxmV%KlvbsnH1$K<Yt!E-#YxXaVWIeOXf&)9d
zaZK>ov^rsjnkH>IcFTm}ibwr$;HyCz?j^Tc^Elez<$SdY7<OJvcs87KqYPgEx??}9
z@rXAP2*KgNBmyVIUG9@|TG^t{zE<MA%i8Q+PfK$D7aDAqtSh-7SbzEEh(2!Vmjxws
zRS}tNx_h5Qi?3aj#5UDi$@yTQ&_MzwM;9H9mLfcA+{Z9Bd?)fat2-zm)i`#D@TYPq
z1_F0$=!&INy#2LNtqD48sc0)$CjxTle#Ma=c9WWVQ7AQ&pX9=mR~M*x4l?NZAdW+k
zdZ_&X72El5=~M>49~=Ik;-9mBNq;1;>w&C=hb8XAU+d3sS}<ZVaBL2kq{%)|qftfo
zLD9(v&3Lw}6A%{r(qZNu=0IoGFM)$x6a6WX6&(zSBiHO`bYYjzhL22i=#n4<o0XSq
zrXnt7BhtjPGS~*ZV3|-9y_1e7j0N+fXFP27^)SQP;j3=j9Yag-ueuAJ&&8@XsGJ#%
zA%vvk-YiFt2)2h1q!iC5mk&`zeN<Z?`|OB)E1^zk2vkbTq5O<7nq3p55)djsAYfKu
zNmEtef+;_+ebGUJrQr@0S_3sA3Nzi-x=*(SF+i~J^kP$&lY3i<kg73VI%OMf@?V6J
zGwDQj!l7vt6y(am-Z#2od^(5ikRbZfK@<vd<PBE10D|cY_{|JY1~~3wDgL!12$~GB
zg$#BM5P?ID?kG6lS=Gqj5<<NYc|QLB|GEZuM9paLASRFib=Oczj-KOf!8!4&;r11w
zMVk2wxhsIBcieqmUpze>USHR$aFFO#=Rb^j0s>x(c=Nv!6J*&S0&&CbmD<tq-#8<S
z5Dc$y0N_Ms7vPl1$O{BJ#3A-YIgu@#rJa3--A#SkvE|6hDa@}ux*X7fYfA31mvMRm
zK10Tp9}8-k_U5<qt<vjQ_+krb=FPwxq=05m>92qQfNb{Bv;T{l;YPmq5!y?9E55#R
zD(YRtb%i;7pD2;n=ikwbGjGx7o8gbP|9N-ujAYD~wv6kh16PdP2upUs>34L|_1-R%
zb|eyc9iB^flJG}}nR78&Twc*1UdZf;D@kHjaiL4$EpNvWp|tYv6>)AWr{lX(0d?d5
zu|);dOcK<kBq5J%T4KTWd$(lj`ucSAWzLYTHc!e#MsdN5;k9Z<5uh~Tpr`E6kvz%f
zud_RlLK++Jw9j?(`e?pF>YjJuEE}4EEa_XL^(Dy@@-?f_|DxCWx`B&dP8@}xS3t2^
zo~{_AfA`3#sm~WS0_Nl}ASj0dn9hn^!M&8A(4(!_)uLIc*?sDxtsvvYIrmrxn8twD
z_gXht9Rdf8-F*&Y9JT3Q5Up5ygJxrNu431ETClFcx2`mKt{|%7VyiYc*jb-^5O~{F
zyCLajvH8fAu}Yqj3UvCq(92v2_WaWfNKm6yf*UPc?~*eD4Soh0yrXeN+^yG_VyeFe
zVA&kPEo&f0vMDSsB;bvjN-pN9-CIG3U0F{;=iHFxT{QRAD3fG5CcVbj?Z(jTn3MK$
zs%74=wdTs}J~Br&6?KnLYs(#)Ek|3TaLW<vPA|SvXL#l?ART#{Z`QyWe!0uOb57#p
zJ<K0Vn#JmC>H;x+bX@BZ64dS}d^$8z9{;htynbP3RI=h2xi5(G#Ll79h-M;D|D{vl
zED-=}elwTvQPqGRavzfabsTS!DP$iBOpk<1J_K+KM|UtKbfUZT#0rGM7n$>rr_0wR
ztcd<vzn!WO-=VAWRmzT$^?|2l$Mm4^*4eulw%J1QN&j=4M*1IW2v*kry}$TB20KhF
ztc?GCAdTjq{b98K8%P72t=DuIvl=aI)v43lmh@Lrk!iHq4gis4t8Kcbr-Yr5kd2VP
zl|lB!O)j^pN3Zr58GQ15o;J25pPO;>O5vb;{EG^PC*E<vrOz8Boi@4lzHqmDnHjT(
zL&kCJH^{Q;l0JSTI)5%bakER*?2cB`OdlGPa_z>Fss8RJnnmX>?0xh(RKA`}Rp0p@
zoW}9}nCc4$?S2q`(&73qW76b0hhg=f|BJDA43aGFzBS9XZ6nLJZQHidWp>%<vTfUD
zmtECm+rIU`GZS|r=8cIr;(X1>6Tg#ja_zm>epbhTxPtC-8W_2+Zy45Y>@iA6^#B|-
z{sqyojsjGx3qAm&M31J~i)}qd74axxh8w=L(eo3-uH@C5z<kc*$J&yh$9Xh26UX`M
zyyCl|wXAXk(SHTrS+gs$kyCf*+cLB4>D#^hM6{7^jY@IpY2K_Y$(A)hs36;mHA$}R
zz9)51sr7i^@2-p(5k1&QIYIBX=(#0Z+);@^!zBZsB-I{?qjyN2Ae0>~-;RCUzC4DM
z-dCD$VxgdGT97%H4{{L;tj1Grp*mVqAUd%89|(w0oKLNZDT8FCB6VqFkU;Pw-R`p*
z@27!uT>fTg%%~z6(PN3UzQ65P75}!~7+BzN3RgVMb_IjeF0bb$+pKfVl1p}N$nrf3
zDm2nr1cBY$Jp6=ClxBH$ESa~y64pgCi(uv7i&z-7{-`GBlL@4ak2IMwO$o&^>a7@M
zRIE)h<bQdtNj8SoGDpDAL}7oL8&(l7ru~RIySZm9NZdv&+Q=vK*H|XK;nNM^K}+x^
zmA2~#EHVAOP=!S_pKa)sb1_~PXlmTle7J0nSFx<$wrkx*axYowMO-IT)Ql`a8uOy!
zu?^|=e&eR`lm0A~CJnJo3@zF{q2&axcw!~xWdItKqYfptA{R;`9${*;*eDQ0bs(zZ
zEEh766^xhbbdv?xH1BrFm!YTAKM04BoBKa*6fcT6S>t5db=H^$AK%RcB*ElC=X{Ch
znBp!$3ERI?_iJz@cjN{q*Au_a1j@W6jA^KFcYTWav2C;A`{k*G29>$#6<9vy)RgtE
zG_(*Zx-)OBF$x-^HH^~6B6UKmJqauL_j6!&_(IFIA0tC*B<1B|Q;W<gf(KK^?;D14
zD;FpLcRsTRiCQ|nDl|`r&O2x*)cnzyG!(m?Zc+XN^opr{1Qr<msKZAgk?^WC55QaU
z=tMfcv!c9uLKk$%Q?Tm?qt&K1`dlk8m_}$|=3jAoFwJJD0Mb)W5c6uH>q7G&kZTxA
zRO_dHti&E@iGPAA*Q8i~Gk<~(K=ZNkW$<r$X)%oq>j-{KDM5~9!s{ebIZIm9{b0a^
zZJHE-*FZx=XdKm0bs8_du6Te81G)iqyQn8os@jmk#Xxsw!C1-hHxN91qM+}Ql@)%i
zB~2cZigRGWBN8ywM6kQjGK@$#Hey?a<!C8LBZPM=tkGZz*T`<&u26t(<KibdmrYT`
zd4FEJ;>&g(H7p?m3Mz)#vfgf>*{3ydlO8A?;`CG4?k<(hJ`O4|iZEU{C$`xoqipgI
z5~k;u56z+&SZ8=)71Kxp)jd}e)8(n-tv6X0AgM#3YeG4yz_c|xGLlZ;tV!?|7^Jfb
zVu?<x#${6LK)4**qWB*wMWwzW*Xe$nz@>kCw%_NQ8zN5%%Rcz1nkcpIfjCgSbZ4~}
zY@>*bSDf*xX`i$1u8I1EBX2hW{}(sbCEysc39&C)U#Kib$KCEUKcJqTDJ>jQd2$tn
z*RDqwg~FMvRU52m8aAMBlvw^)-6fg^dcIU$|8p@?h49rK7!NpiXAC^<?Vm-#r%wiq
z6HLWT>QW(kSUJI}7=H<6n$Ad6W5br@mI@3A2t-g38J1Uw9jV8Mt1ll`9HLHmN5>Jn
zdZj)#m1YD>YsHY}^>M69{K&w04lo#Iqx-g9Xnyx32t@8jaQ7t9M=0Vy=gyhdZTx6)
z#KO~mS59}Mt{;a&Ik<B2ogMYDZ2rxHj4kHCp$c;o2A7P{y<I>|XMT0PKW3Fw$s-og
zKb_~b@8RPQPK+J6@)W_DESpQJ!yTOfiMo=XK++9*#GlV}_EF><=a?pl##4MHMktVT
zUxWZzj~WcV@BE}TaV&hDJe}G*`pbv0sW<j)H7_+4EE>$c6W{<>CKl0$iEG}~tt<bS
zRaV=%Sz9@Ho@AXQ$`ENe?L@T^FdvV^%fjIVp=NC`-K!a8SAqR0h8*g=xM(kaAIQk+
z^?`5hXi$tO#Kj>N-cN{{;KvQ=Y88GeIg%XB`*gP)8$M0_wa2%~9#r`iPAatQx%>#U
zYX~%dbyI*J2F-j#a^!y@4b~Lz_!j}nU6H|NzjQV?d_{!HYN4}#Yp{&g@i>l!q&mOA
ztyB-ra2g(H$YJzw!w4&_U-<eC@#yX-3l+nb3~cLh{c&(>YvJ>zLjaq9Q$gT4+#p9h
zn8jyVb)jS7=b$i3?+|LYj9hu(_SxV@_-F1J{`qKTKt^%_D@$ABeXe|+9PND0<pqvr
zSZh769zrdz2mCYIo-wIrY#OyBLgJcvV5p4g8A1rCiqZ?0d-Ld<3x951$m}<D^j${T
z)SS+k)F#4mSr8<cY&JRjc^s1=aczWnxzNdmFpE_}sZN2MoKbHeOh=d8muX+quDquT
zGm^DOZ}|K-WtJ*<p@2OLUq<_y0=LSZ2ZlyMmv;sSWRAB~4*5G*qqh|UurcBdn-IR^
zbRNu!Gy8@%1cefm+nXiRIHzrFbF~r-hLxx?PpIY0^A*V_sqwg0stuIZV2^d9uCb_A
z+VP&X(-yhpBiLWV__Y`9)l1~-wsZ+u<oBo^I@8^{3J?K#m#aoDzgcF*0(%7!XZe+a
z^!SYhGnhsWaZfGDx2|(N;gk@`nz;g|bHXE%sSWJGBpDmvE73qm6iU~wQrdMi@{qRG
zde=qneQ(cEQuZH-mM!lFq=t86H*@(1&0Q)1{et7Z{=eE{|E%3W6zeO#OF7vn68UrI
zt;dQ9ieMqy=p2egtD--hF1RL`vZ2!s<g0pDt=bKyyBuZ&vcZ<?C2cZh$HPuJzyE7o
z-T5KWdTH)!)KEO}LMx{U8TREAnFT@*IVERz=v3*FXI$p`Sv8LBxmmKun$y1a=!zdv
zkmdX#sjKKJ<aI?YH*P7?Qp#L7xyEBGILmB<5!9|$HH%Pdp1eMO*q@uPeNSe%cCk}y
ztQ3BHRCv2T#U#k_kzLAbS}pBwIBD1IMhxESLBiutIL{#JiBV_9bjQHEr_$u3^z~0k
zfw*X>-1`P5L8UJK4<e8Czt1LQV);KqWKMRD|5gP~>*&R8jllcv7%;_MMqS0T;2{8$
z3iAH|s9>?A2<CCZ@)cGr&)Al2h+d!hvbyJMqFCohR&;<zG7`)FkVYQFOSq_*!!Q+1
z;YqHAh6oIY;)QIGLl1vMYnD~`m4HRgC$l2CxRpap)W;YGicYFcP#gcf&_D%eeyWTB
zm6!w+_v!j1CxaeexR68Zmg&(4Hb=_ftQN%t354VmX-QI3OwHNblraO)ZYzU;Y2Leo
z1k_9vb4Savoy%YJ3W!Ikg!1DH1!Y*kT<EDxd1q6sLxJ$Lx%xQ$42UJyM}m@}G#iTJ
zw*&)#`Rqo<IW6GD!{`f}D?utNHn1pCvX%&em5KfPs)QDO5H#hg+Voo#sa`=rjHC__
zp%lqiD0Z!HkEhW!e#|HUG@C}?#zd5(GHR-+qhn`9D~hL5nx*4v@L7#@E_gQcQ8*UW
z5_e$X+i^Hdl?RDN7^w^<X0jyOaJ}noh>{w9PBcgPjOl3N{w}G8UrO#8eT(ALKS9);
zja1@H{-%;>Rc##7Aw>`}(8<$iieL<>B!}!$KinBK<FJ!LA=gml_0OxCCAr^eNKntO
zP>!M`oW)UCf&X{_#$bu6OxQjNhFv95$Ytu`xtsfiFNTg1oC5E*HxkC2NdkmfIl~6^
zeWVf1fkU9EnZ2g{I(cZ-r^YQ{8^-LGO85T1)9F*#negDQdjip-<F9greL}Q1v<Um#
zvL82OH?$rNU6T$50DF(rL9xuX&W{&sOQ-L-JF~kFhn*fPts14*{0Oa=FSQOkpXX-}
zOOMm6J6+L|aJNgRv!%URJ$_P`|IQvRdAGyTQhC&#m*(3ERhDZ+@mA({9|bQbZ!WYr
zeKF<zJHEcSvwEQYJzZQrZ$HmhM80<~U*6>69`enWIUkr)32sR~8;Y1x3b^Nu{oxFJ
zoI?G332CJ+ZrnNQJUOz7A})Y<dVIfUUm+~dITyMf_=4=`x#U%%U6#1f6QJ9v^%3aP
z7R7obGK<{7Bkq|jcfr}GZ5I?pkBg+jf!D&DuPyS6d-1f}R5UIL?9{L3`8RsL>wEQT
z9KPVYOftOpd*GT^$YT>qkg1KzU52cgj&FlJ<qWqPcF|K2`s*h<I0SloyZt`bDL?+@
z1=>z@5GC&ySsfHNJemb%hn6}ELFxxrAIz-C4mpO4iJ`>_AFjspJv<2cQPr!ILrx;L
zyGIXo1s&4q#ke7^((l#jM#V-=A@@YHZkHmrGPr4(#;+PM?s4MsvO8ERp}Wq-5e7b;
z-VL5XW^pr^vkOSJ57KzB3NTioHUye|#92KB_!?@}2PzrTl}RL$3`aM{3i70K$^BtC
zfvnP_$6XEizBj4ougA>uxu{tD#qb+FN{l-PbI2QU`7&!BP?u?zMjiXPnHdASPIjQ4
z?NY@~u2)1D4LAXhh_9RvV+XG0Fp3j;fAGs&O!4WZ$&)$#{S%S|^HzpVJK=-1=x*5E
zdd`ZV9L_y8Ib~Jun}bH#7{h4avYXfrM2p4UfL=uzd^Q>f^nM^8;C5b<!Nn6OX>l7+
z3_Sd+PIj4kVguihWAX`Ae~>eVPoi>gbu{Q|PI~7#;kaiu%{4eg_=v!+U|nrqBHx!=
zz>rup9bCR%W(F>QPKiuk-qJHs5ATv=m)x2hBFtg%G`#nl6m1YhTR0|UerKRFPT=e1
z%%8@_b|MlgDoY@onVIWU{xC>v;_uhB^2`{5{>p{2Jo>IBkA!&XO1{!YIULVuxBE!c
zWmf-MaWtLAAO0m@zt5|d_E{H7tB>0az1i$;;)!F@hJc%+$FW!BjoA3iEM+c2F@gDe
zrG3@;Eo2Jb?zVP<-pt*_-G{x*<K2hPj|Dr=N2{!^lbtDz(%L{9KacnR*Xpo=!QH{f
z(M+c=$I--Q7yr!C)=!NUflv&gpqdn=a}8I&CDMH{|6rj!g<~ddB)`6o7(Z9d7++pk
zFZ2UCO|4nmpc-L4a2{Bc*`S&<*KXAnnG|)S?CzSz6}P938T}Qh^R1#<K$0SF4jWZr
z(&)j^GE<IplB)zQlg_H7qBC<rOZ0J3p7&tFegB>7#Mo?c7|CWzVtob~YX**Vzjb5d
zQlAW#9SRQ3C^q?DPE#$;QD#IL0iAB5ew89xUG^s0{(Gz@1&ODvcH6+vr3folhu_;l
zp$V6kT}7j)=*PrHV<&Xb9zo`7${J_=SpmBRU!f+$kyzru$poNJ(D3KkVYsQr#|A}R
z>6A`0VCRQ3+$X2jvQ^$=TF;h7M>7I?_^6k9K4v0fr?-dIVgBJF!MTXb0}1)5`A=pj
zfGBy9fO!Ev@mm~=AF%RhedIK6D)UqMeA%BfR<iyAMbi?Q7BNXxDi9PJ2C_|fTjpyH
zk4MMU`Q-h17Y1>rqfiSOUk6rHIg#!>M9bTuIJ~@U|L?833ipD}x{2Rv%ZhVly>Dw}
zNV@Dgq6Fs)1(>Y14-nhEhi0sx-iR2LE47^$>cfkHBo*n!X=V{3qV!3Y4aESn01Mr}
zCcAZuJ@}-^c_Z6-+zj|0z90umCFK%v^uL)s1)clFjhpp%QPXBXx4Sb>)p5K_<dWmG
z@SLlDNUL=i;j+at#*nlK8ciWhhgH<0t4wFVV#kn}@UPx?!dglC*5%QX|54dP|ADQZ
zWfCaKHxLv1M|jhjfkS+`0gvSGMcMwGZd}5)mP#O$#H;!xceIb0+^B-kpn`eWg(=gS
ztRlJ=4)9H5PDBvjE|-N8FU+0||6BJ>A@wweif9$K;PTCiJz4QH>7eVCHT}SGL-v(@
z)mseRR07FW#B`Rx`v9C3)PRZTK||<3L-3%&^<bXRW&MHJfp+CjQYWq*a4)YK@G{-`
zbir8eocGqyzLq}MJNEeN{*e{xmW8Kb1m1$e*zo^c&PRIsdNe|0*TbsTl{jNfB4BUZ
z05A-~izM_vsM&a|Y2q>s(rHuAMJYAu1n~4u=hNt1>Anu>5-ve@T)(>g6r0M_>p6)O
zUP*v8)aXXtD2s1G_z*u9M7q(ev*0IO(U4Ih?;KL%zvE^+%u;78Im}OyEpv0U8fvKQ
zrj&*3at<xQB<r7y@;oJp37bk9!uE#f2@$Fo_qNN)9b5vIUy-U%gCtR#3lD=+n(i@c
z^_kEPfbj}hshwF7LdH3m#`v@s5qbvSm@IPvgh<P@I{_(yv5Mz!&$4KwR2I9?=5bc!
zmIeB6c<s3rkGyFeNQjd}JzCr|xq;?Ey>8&>lj1DM+Pmq9;w<DldqcoWLKaldS6ubc
z%6d-$_}->LtZ7aJo`S4-4z;W@0t3q@0EUUU_hUKuIw)a)z`r3wr)9m=Y|F9*)lk@p
zwwxl1$l#|*$xlv%v?kk!<|=mODgUY4c(kacrvSCeg@O6Pk(_XF^0|UR-g)KyAb|$m
zhO)U4dNPIXHy~Rhhmhw0F$CPn5c%#RRt0AGCFaIF!xCVbAy+MRxI;f_k6+RpRoFGU
z9`(lJ!N-9;80hmkQGbO+7MWpG{v6&-Q7vzM0MS^3yZ(kG7pHdr+DL$>E9{GLmNZYE
z3mb-1?O8xJBTV^rojQ>|Z1ku3C3x8AWFb*_hn-T;$`Vb!;vbk?CzuZMYskNoH?{N+
z*>ZYn0%o>2C!O3p12^sh>sm3a<Br^!?65Rf5)ooNev<Rkqk4mVGRv#@OJbZf7Z18+
zm(ol!N(C4X;83=l_Df|X#aX=HFp(eg@WQqz>-pwl&q+Y(i=N;aGi3vTeZ5>ZBp}{*
z!udHWO|RoCaNYmCO=j(x0AquTSz_nqt`F-Q*s2(#??0$?cBcPG_~-nuMR>KgPEuhD
zieIilf1zHpx+`eEmy3B9YN<P5^ogvqIn$X5j)kIsgejgc$-rM*asbO`@L~|4N!nxo
zxN;T+q~n0mVqfc*qxboc(4HE_J8HCiv4n!v9%}*}M-r~th<R=kM_Mb8H*hJplQzk?
zAsYCGEqX52c8c1W_Vk_pY3(!<PmcwJ83#=)Q7hh9*;@+*XB?G$QWK>+QElk;_=srR
z-M8b{%xIir<I7+UptlFbN;9ly>wddNU&h(5I2x+7ykZ`LY7G(jnKGiPo){7|^dQ)7
zoWk#Oo+j!4v&h$u=v7`ZrC$mD<%dCTe)2lYIJWrtEQUt+V23t(cBN%f^~nlvu;`m=
zsmnsGbD~xIN)!LD{0&>e%A5d1Cu}~QEv24~h~TcQTKy+I>qJ{xd4GN?lf&*>iYb^y
zk>T+;vd*gwhW!(Gu>0AKU15;Uz<-cE%)ba>`j1AHnErwrmT2wuCrGts9Ny!8D_Ec4
zC6x}{<La5%*2hw58|K9Kc7FwyI=f@}Lgt_FN`D3j_TBloBD*5EItvt0KO@4|(d!@9
zq15U8E|l2jQy)K=S4+z*0n8wO)nhJy^RIk@2z{F-uyGn#jf|tBuN8d0LqQx$Z~M9%
z4F{u+@K&MnY|~k#_4>gJ_;es}qnNyJA&SE+m?VeYi7NIiiEq3DCH|DGI2eEvi0oTP
zm-^vzO!^)S*4>Dbcrxk!&Z63$cqLWT2j`ncBiSgrkWi}aPbhT!KL+0cCx-D|>Xp;t
zD6%+%gYK=#g_|)PqdV}_;L<xaxc7#%66pf%c+m|qEflhPlrO;6pyi>%LzZQG>>#<P
zdXu-xJ^SvCR}(Z_daVZW^D;-YRUSoP^}*fk)dVc;s}n)a1N#Qp)l+>Cj8d~oj~_5B
zK6BhA@VB(xfZRN!I{yiL(>$((ckoa9E{0&dpm?30utlk{P7WF17OgteMUQwb2_*H&
z@k#n1r<!^qAzZc{;_lHXS);Dh!D)z996%D<xg4NG#!KD><+pgq=ieP$*cU>LrTNAz
zKMn;-fP}XKQKHdwn_HaU|FtGmP}C<2t1pFW#T7cdcw>WMzi4OfS_P?srTtRwea8j&
zsMwwftKg{=EY`&D0qjg->SE3{hN>7V$bOtfy5S<rbPMlNWwAR!2e}4da)Iy`Zl=O=
z{7o+Udn?=39b!>52vi9HJ*tK#Y+ZFg1pqtFgb3m|zQU{C3!42J_24yB-W7G%u+E#a
zhM+&4W@t#QHMt=BSwYc92f4KUct1>YvCXXginQBM2hk}aK;|$aw%hy5c%c$40nIH1
zelruln^bFsSFKzEw(k1^kjW|8ChR~lJ;Wh>*^QnPOQzgKI9xIW(*nMxq#fxDO*aqF
z0irKuoRz8PcFloxXBE$-qEx`DOX)u<AwJ2DjI-15WbXT;Mxu!sJw91|VJpgpmW&XR
zaD4hG@I)Qb6NBg*vzS$;ULv}^(&Z=wlZ7!oi8vAu9}ABP=FG_#2Hc2!*H%p&nKPb`
zadSOp3bmCZh(^>Vg6z^(lXqXW)`l#L)Ob29>=X(W1l~}tk<^i7opEO;mEltUk)0(7
z6fBtALF#WV9fiu5XLV^>uceN|Q?VXTL!{EQ(sW7=1T5#qp>Q6O&ljU|(Eb!r+*gqg
zR4tMmyMVL*d*3lox4^@(nTzLwJxyxonqBR5!HyD&o{Y8D?2KoVPhHP4vqZK!>(XtA
z)NeTuZ=V#1ShqAY*KOdh9|SVa#9<+AJ_5-q*M+$qajYk{2^6OW@B8fr@^y#giQjPr
z482LBeASz*)$>sCnbMDu`?#bev0Pbgh=(|r5h0ORg;hX4{C>A|<Mntp_c?hs7WOrt
zZlD#uj2nD>vd3oEB0TXm!1yGHi1>OjO8ml;yO%)Vi#cNv^$qxvkFk)7)^A#RD;2~m
z+KvaZ3}dl8j#@C~^{$TBa<#V}@GRa)2^1*oKW}BwJi1yPw1`}5NpQ<7`IUYm><w}`
zB3{CC1~M%==hJ~<{EvwJ9D}RFsBEm?7J)}8OSUCCZFJmCVha_D7bGwTm^0d_-fi=A
z;qlRuo6i>itju#myV~3^&yXBpc}>Z<VtslaT+(J&&KyX{bBkun9xFpnzAx(v(LAkv
z3|w)<P882!^2(CgD}74BBd(F*{<IX*tA>py_^gGS{j~$He-#Ib@nk-tRvs&ZfrjM-
zu_Q`4gjk4K+)!X~t;0WknouIC^VXKVgDbcy6^6aN1FJ6`8wl$%6{o|<vI0sqZqM{q
z(sn+K_JSx}+R-wQSDVtt=X>L3;l-RkYm<K~=4y6L*RI*ty~7Nz`s_jDrKi*{udPhO
z_0zB-Y^mk1K}|k|e=52!UdBq`SyLm$q8oBabwvv4ZdWyY#uo^bu<Jv+Jl4c<*)fT@
zW>oAUT`8%dEhY$97)-{3FS7C5!^;aJ7p-v9%I)t-HMaF@FiKs(^oorOi1`e&T<>c7
zMeZ3k!n@|X8V8=JFw*?xQ~_?7J98ST&JAH^NFEUxUY?#M+=aPjCcp0oXAgmhWaduH
z6#<1W?sHGpu8p0V-Q5pH;%8Bg(a58)8a1p$&KTbTVtt`RfvY?~Ihn_8yN2-UD(7l+
zWpM3f*YC@T^Xq{XJG)<7M=rBUFV>I_K_lFa_HU<=<+80MxxeRoD7CX7O$y<IVXOQG
z!{GSz_276JxXI4}G5>r|eaj`$ic2TcGPDTGh|uJ|*_YYwT*_+Qj%ar6+6@BD!|mtg
zhdC>*UT#|GhV`21g)^9mogmScJSVr1Wsj-UWzN{t6mVx0yAGVU0RnO+Gt%r2`6D-+
z<Nnl^lgGlLdHMQAX*8Do5Ze-uuX5k<GgjB1^>}5H@KZ0yC$LSaHn)&W!Gy2(wK~Yh
z^!>?j7TEk!&f`|Q!ABu?ihOUkH4${g%OUGB)%s9FXn5}HAGvOLW!jxd+I1A;hPpkZ
zLCd>RR+_;Q*}Hn_2)j|n=+V}%CT7SM@ifOqrWDiot}M^erJTbf{k}WZ6psysOQsoK
zRPx0z6rtpuZjvz0#c8bl#@;V0Z^bzb!8A(7gn~M6Q2MduT;-b(-fWA<m4lg@%@s-M
zOU%I|AD`S&;eq7Nj?)$x@g7YY-dc*A(zt>06Dh_f=9*4EiBZ|sHhr_ya7Jnaq~tNe
z33E>#)WyK@^y{+}iOMOp$i)K|%rTVeq2o2~S^g~E<}kXedG>7+{-o3#dIPLp`<)t+
z(K+<P>JQ1GS!<!<wqB`&*w3B!%m?yUbZfc6Z_s{Y$Nwk<f2Qw@L=MK*Fuc6~ryI+}
z%KqPWV~2m>7H6C&e#aUw$QANUiEj0uV^WgrDwN}Nj_%gy7ifo|2yGa)5SdfvexEG>
z_MTzGtP0;dvH6wiD+T3NGTUl;TRym+8A$)m(wajO1t{xj1A0hO4XDXmTe9D523i7P
zu{>|SUr}OQBGHPLrC<ERmHX^iTdT1=T~TSHdPv27I3o#Fyy;Vr{%}x>!x-aCdYJ9(
zjj5geaXa<RK@A3U(PhWl{uLQKQBIMZNz5(Fwl{IWfHP{_NuiwJh{YsDTqTIrAfha*
zj1YhDC{-Gu=5Ap-X=E4A5^o>b=TTQ;8-J#hsJ|Q~Pw>QJ`&|f^zY+7lW0>sXuZd+v
z#Xi`7FQ1kO^&pLzY(poY>P2{h3v40PRY(ZRWCp6m0ACGK$+E9g3pMdZ+fxzrTrV(c
zpXc5R31|q3<ku2*5=nhDJK15SOr-Amp<+dQB07K}rmQ6FL9w4%+8yBn<s)Ffy??Un
zTDzAK@~mB@7roh>I<!WzWdOpPcc&kW3_k;Ko*Z*uVClV;E|!18VM@glJR6c_Vbf5?
zSi$Pq_fv>n6sXMrC+*Jua|3hxiP%01YbgGZ<S;7uasA9SnC6pICr2b3{XijEuWu{;
zXy6}gAQHV8)a3sS>S2LLe7zo1NV@D;-ae*^os$!)44{R+%78`Fccz=-D}I`~3&no~
z1sci#AWB%(bOX{*=o{CSAz$g{m>GPk1rNZ~j8hN;pht-MrN6(q8i2)n8TO%8F-3ch
zyrE^?rm5PWlgMmxN94ZN34_e)CM2R=+nEw-c4S$!^z+u7dO_^?^OozZ$Ua-33*1Ku
z0%+Gkl$c3;UdSs6SmD$^&n@brJ%p}|2>))210jt)Nmhp10@#w`Alp?rL#ZVzB#~QU
zto-oTY)=S3vPme32a6UPOV9&<c}rPoA(uhk)BY?V-i%{8-~Pk!$PZ^UYBdzJgIQqa
zKw1kr2xPO($B>6yn}VPU<DG?zWqbok^7R!W8xm>x)vc?015(drTnCg2me#G8cI~Wb
zchY<(1B)Ce8F<t1avLFyS%qV^m2UVO=^bY4Y!L|R;=x3N5K08lpCB^h2F5)-uH_u4
z9-Y7&ZE3WeB8>Y-Euq5!ElcT)yFVtGX5!P^M~%f-oK*7?LC7t3q2u)Rf|WjVe5NV*
ziLpDBnhw(L;(RlP+YKma<8yTda-c2_RdmP=e|&uLC#_F5i*$u_Nl+KSB?Mbpvyhjd
zCI)W)=RkRr96BZRu#{;G%h^^NVGkF?<&0!vt12T>m}YTW*cv~-NXS{+A+vpTFcdq1
zlMI&6Vt^khEJ~F~{-P1TzTLx}!W3*?;63rrjdXs@LA4}(sS}~%GxuxEB7LMk6P<MI
zB>B*w9Fsv&L)F%-&#7-U%IxCvbW!{LH))jYJ>B!zEeumhbfSWaJ+2pzNAC=8K%Q^m
z&=uC<s>XFP=VLa?5f>CoMK*H^Mq+IJ)^4V2L@yu2@xI|v$8Xry$(b=qlM~<xJcQei
z*Yv0cAODh!OIA37I3i5hS-cksz9hP-k*Kxjjg4{Jr+PQre6OEv>NltcGddwLt%x<N
z6IRA_kuPv9dy8GSSx)AJ`!}yv%&=PkXjs#AuTdQriKeR)!@f0Wv{03?iL>*yDYx$*
zKu_#7M&qj|e|z6__M^?MixO`4ILVn5<A=1e<nUu94E8SeaJionb#yPh#+wSog%@^H
zaC!W$5l+=&S5$c1_o7(%zc>?5C|O#3;3CSCFuhPR$=+lRlaEW{8;xrU-$;*ldebG^
zcD=s?i!)D^3vfR$F8Xza5k}QwIL55T;F&-|{IW=Dk`~w#07_1o(&PK*r)fueZx@}p
z!oI@}z|hu$O$SRym1YM+mK&^0I4oku0<6sI$~3Xm^w^=5e(2mbjN1xGxT6H~*4qec
zZw<@oIY~oM69^jAGA#XAP3!rE7j&C%n_oWXII47fVbXQz_Qn7+zP7T$tyeED{tq5f
z*@lbNd8pB57<iE8w@SA;GrTyXv#6b3r>~dy+t-IDPmVwjFT>Sn+)j@IgVsJbjrQ}}
z640M^U_rr>)k(8%#->TrHn|xJ2t5-yTT)=<a<~b*&a<W;&!9(dOli{O=aSZB#-KM5
zmW|5TSJ%_#Vb$oH5mp=*K>@<&M?3P1tRBo7cO|zizu%i1v#*bz=BC_H(#Gq-6-b(!
zTH{s2IWn^gD2UVBu#$$MZhFHy0a)N#@(7YE#_b$@KNhA!`Entymp&FAk)VEvL(Hg}
z8=}Tc1M%PD_%Ek@EocVPE0coR`6!8s0+KH>@1lt!5JLQVp%WMGdQ3_!2$_*jnxk6D
zYP>^Kxc=mGckapAcw7dQF+QqjEv{7oaj7<ST&f0*$ryjjHZ{d=P)Gfwn`$NSF@3%{
z=d}F84AGY-|4tI%0)Z}qemu7~pDS-LQ|Z|AWW-8BvQk$NOA_myi-Ph^If9Ba)X(|s
z@B`mgSY;RcI@>ng1pG36M`Gd7<xN_G?SYk!ytIluGm(fd-0HpTFLmz$6@)NGm<6Qy
zh293&)XZcy&5~Oo9C3=2AmL@~@=EZ(@^0`sCDry#(QygwivP@{uIE@evBCHs<cS>4
zdWLEUxYZYQcMj0M{QQ4EkL0z}N|z|WK9eL~Tx{&r>|eZ?H?m+iuGKGwe^#8n^Lt#K
z1#^38r`UZi*0O=M*OXS$TF0^Wb|mTnwY_ZiS~fqOlfMm}xptGGrWo*+8Gu^uZS32G
z%YYW&BH<zYp?&cAjPQV22Y`*$Z<!5G0_vbmd4kGM16hWQx{dIliDC8$ez(wE`CDkL
z6eWDW_oTuS-E>s!eFHfnp?m&^<`oCye*i=<GjaU)YslI=F6*2~ezOL<66w_3KWX8w
z2^2-6a!C&X+tYFzMtGxAyr5yA3;J&>I}@qV^)dbI94?5_{zSf=>z`fgDIwLEusVb_
z+p{%(?ajsHKP+^+>6{<YLLGA0_QOP<&Z%PH3)}n(;BMgX)d2*1qQ0FL64n?5%jMo|
zw|v_@We%suw3&c9&QCinZB))(oL$p`Fw~1NyHY0<P2Htw81xvOLw~(b4~)4NKayIt
zH(^0Cmh@pPKb$?&R<Vuzc6O@-i2Iic`wPXJdIROYB|mn>Ku*y5N>w;OXq6NHZr#-`
z%$I`>GAP*%Wr7+A(uut!fq}PX%xjL(9bpqSMiHXNlob{;MuAikrw=bT|5*WI^ln`r
zHiJY4xikIM&Up+Y%w;TC0NP*K><oP6<<u5Qa{zmyu+?%Gk(qYwD9R|1Eby>@^DFmG
z-%)Vy;7gE0Rei=C+PT;^U-u6#P$2c?$p4gR2Fb*L)rfq?m-Wr0j{?Ah$@+Bjfi-ng
zqOMo@zqS2nYs#h!C9nKzkJ;Iu5(X~H4=9(leNV&p9z`@vyI<wa`a{ASzP00$rkno^
zAOM6QY=brWbL+T>l~bevb%C(iZL82CE(wMq<EQyZ^3q7y%{V5Dim>ZkEsTp94uiSY
z4Y1an%ktiAqj&SA;;uNQInNIudN8@9!G4Ubdmofa$^A$su~v7hrEMBSPFPm#72n%?
zhLuArb9KSjaG`ZkWT%pY@>taHp_2*I*-;^)(Z~sV(ebP5mgEli%7Lv>MBWhwag8m-
z7uL&1W&)Ndb{;*1wx}@Ov|uBW;KN&YOqoHsQC+l5JrsFC;AfKSK6&Inx$6UFl!+~U
zoGj<)S)|aQa#aG*dt2gO0TbIEX1^TjVdX7)g1CMoYv*R7l9_Hn@fe-V{%uJJvEEZn
zG;6F9R_x|rz%jqeKSKqkkTeEu3&ty_yir)#^?7@J^JdK^XhlG$X27Xb`%?dLZ3&qQ
zC>nQsi_>6DQG<)F>3XlR1rXsaPj_cCHvJ;LS!)^(aZ2^a4iSX>ON`$i?`!deFGqox
z^!mO#?Zb^bBX051Uhl^iJ7dGbLVQt&A`NN=w|l`zAFb}>orFfeO|m$5MSH~gj`$|@
zVcG`SuPCv)bi_FQfRWkv%X{H680#&GyMT?r?+-bUkflV)Pd7w%5YK6x0Z+0HJ~A+y
zXxFfY3i<N>^3swymydU<)MGG?aQ2^$3cbxq>I!w?MvD*(H5ADJSGMrPIvO*rt*cq1
zo_CZO{&7Y|o-C$dUGa(dPrXfj*p^|Q?xHmTOhLAamk0^zoDQ-(@~o1#`Qpvnkvn}Y
z?tz%ZKib_Ze_vByVb<#w@RwZ!Drj8Z?>sF3^GI^c_|WXL#0D5Zttx3h=d^<8;gNg&
zf7i%<Jb3;eyj&*U)>T%a8|xxiNrQiNFWg;pDB&*I86z)sx%*V|lHgZSU|5x1H)?-s
z<lLVcIdBw*Mr*fj8ERx1NDyy++TiE7dpX4iO41PHl#N)1c3o&+Y}mWrSu>)q1*ROt
z8|NNvU0uRPGb*%p8=jCxwsqyswkGN^ewdC~vSq@v(@zmdXb_*k{aDY-Iu1F2npxtl
ztneMRk&1>H(7`mm%pwvbR6N;aB3pRdbp19!5?aMXqQ{1p50I%Z_HUZ<&x7W~>P*bT
za#M*EI8fpE$yfd8FeNMR!~#sPFX!{$Svg>dfaZ}r)Ph>94eokpmulT~kPxdR;@(N+
zI^W4aZR~+`t8Q2J<JtndECee|yTLR`dcQKtZ*-afutPywNenPj3#t^Er;6tOpQL-l
zYA|ZEc<tf<sK<O}>Ke@;8Xy)(sg4x}GYR4)JS6dieN9lR!lJK+QXySUWad!$#Ndpx
z(S<)29Zr7$W#?OyM0dO3O};wUu#5}W)MamtO?*YGf2hP{8?wo|2Tu8}NerGtDDw*Z
zaw}jtsFfd@v`c0q-W=6r;R_iN@)zGvFNx>*Xa)4`l2cR@D0Qh2NDcPMGX~Y3<p@8P
z0Fl9R2tw7s<q`>vD*Dw8YR;=-m6osv)Ji6W!hCzxD^Y)E(R(LNsU0gn&qS&nFQPsZ
zo5p+#y{eZydUZ4)aJO!m{+b{@6%3pV-;6KPkA$Y=5C{<3<nY@q?%{6U=@)%JKM3@j
zn`ov&G*p<)MK%YH_8HJmds||8z57ntj+c4Ibs@E@35LohpXd4ZMg|Luvfp0TwG}aj
z2Gkz<k?+s00J%2my~nf7!Tvm@#OE7!yH;PlOALjxoS@R+{V%l`m#^vCCxT2V*V>=F
z>VH<)6%%R<Dh%a3`{dPo0PQld)}~|UZYT(~B7F#@EM(E}<VSP#+K;6H&Y7r~{qOBi
z+<nSfx;@e0V8os_UA^=Az!pAHwJdrzR)KjzvYS?Z*t|ZtKNtA;<76F1MQen>bi{|`
zv8-i!kS=5UixFWh#+B}xch0lCfB!1`98$>W`;^|pVI5heHT|uYg=>CNMRdy0&1Ph6
z|ACkF3~l2hOVbWk<LEahX-ZXgjb#+VU5cu!P*XN|#seo#uLk=V3$S4*)4P}oh2D{F
z42BuWu>q1q?CjQxaQnH9EQ6Rp#5_CmO_Qynl?JgXkcJ;FrngfYD#w%3d_R5<>^h~n
zAYx!0xz@Eh@d(DhT~;hCTE#k<L(4Im;-tH+H@fw!FWNb0-8CS+eZ)o;xqfHD>sXPl
z8Mn5SOOJA>J;7wHmxGTN)&IMb!oZBMC%6pC^O$K<zUf`d2Pd!3(_^>9rSaHo_EP)0
z?rel^&p_zz8XZQqa(nAAe$`idf{&kya7pLF>%WtUz=O_bNkFXF-pIX>I*xq!GA~w6
z_TScDWF|$+5i9tBZ2@<r_)mg{<)>x$|7pUou>IH5xM`i8|3Rn!Z$VQAqx~aj-nY|3
zrs~<Go&qkGmZmTcfx{Ic!-k)x4!_=Pv`}6!AvV@3en|qSez;Y>t5oVJ*EKiPJ-!|-
zTpXoAZZzv2KpW{aYE1Tzp$|CoMuOFw%beTH4u1-m_iD3S{6@yzmdWM6N*$*-K`h&U
zy7GuJ#SN(^to6vh@L|c=`tTCTV`v#eUT{m0`P00*?eht$BV+l#G%)t0dv3ArV#8!l
zI#U!K!`A&e3cu`aEZY7-BM`kTAG#bwlxEdTDU^jLtQg<XP3SxD>x%-qK$Qnnr<}aZ
zaL@vj{u}Xs3mOFUvHd0lP@TWwDDJFnKA&~-oTzrTfh;2wnnb{{j_EOYjw05VJ0*j!
zKh5NvsZoVq#NO!Z<H7Ocw9&bRi>~2v!+(mkp&8}MLz7fu{kBsWUd84P8F_PWy@|kY
zD_3e~V1)&#kU*-EKoqy-M$d2IXNgHdh9Hc`tK`a-y8v~Ak71J4(XVIzVLlcX{de}O
zON28C+eNLe%L1ZB2Rro!{3e}IhYg+TUE*wK(7*&BP<SX{P$%+d7_>**cGyT7iUhxv
zmFpP)Yt)HfWxQ5g;K%V8J=84N8G+MV<|34Ee7L`}E3|mfPE0udz!3-mogzU7;!mm=
zz1`g~_TUb(rVGRp<Wl;^{`&4P7H3s!zG!`d8aenI34MLk^3#I08@NYu85-@Fc0w{k
zTMT*DReIRiy5HZQTzIkP#1#;jCJftWU`U!Xt7ThmI%r0KTHiwn<lainvBz4s0VwR>
zgnP#rj!6qvIP$%?M%ll=J34>Q?wT(4naDNM{rZVFsb?p09P8)yszMEW!t(LXdA|Lh
z<}aStDlNAyyU&LmE4F}d&Q6?pVdvV(7fc$PTH{5-&mC?C{GBtBL#~+$;5t~1g|>wA
zf@&a^gk>D*_C1)zJpa^jOs9M=CWPE!9KDfnW@q4Gn@++z;7XSiTE$t-<FSwq6OAFd
zRVeVv0&VCKeo`iG&gD;SaC<J`g-!H4y78G$3S7Gk7SXmu1N*uIB0evo?2q4QuNhzN
zF|s|cnw@;OGxS0!nMHnmN+-<m4&wfc-PolcrH3_aEji8|tyiofgbqxNcAsI{fbcA(
zTOOMAGrE>|$8Ol@gPJi~cefs=JMlpcseGwM(eaptXM`?%q=8Gdj*jB^z99zPB)?T7
zJ%|x6Q#@{XUILvGK88pM@9|SyA3(p0GFMiqRWyZzk~KqgE&&#$O*=DoM*|RbhimWo
z5)#UQr5r*IV;K0_22<T>lpt_DKwrJmY86*fo--OizeHh05_r=kF4`_M7#bH{PmU)n
z!!W}Yy-`2%gLnL8VtCJ-=GOhwFq$k~E7hiWPy6`_pe@!bSV{p&r25j~k3@oDOM|T`
z9J_5|f}#<}nGw65xlY<P2W_d_(g!kAbmYV|>M8MMW+ER;_aFdgA|ijEcq!Z2(u>P>
ziyxAI3h;x#g{cQFZK2U6M_BYc7kk@EFtd4+H7bgW7E&8z{vA9><QB)OQ}4K0Bcg)z
z<paA{=rQ@F)Y~8)F_R?EQ5|PsnojL$>9`0P)KH#eS&Tbsh>t}@s;brz9k1+0i;LKw
zJN`xlnfwH`q@p*wT~V4CcKk{9Zt>9sBRqI#*z@Hy^Nym?f*&+&54&JRZBiHlk{Kp#
zyX?patDM}FAIm0=i;qGy9@+*>oxPa>beFU+GRQGicNNOg4YqgX^lhw&u9aT3kUaoW
z0)d#tEnwcv7ccLL$n)CH=~qoTCv-K?udxkV=+g&{04YM5A~=Shu`wVo1-L7d*eTu(
zCS7B8ib{`(_GwTZOEx_Ss(8?>ex^Quh4iPTR3OZ9^@@u3rlS|Jp6A#IUJAawhc@JZ
zOQ~1EBy|@fIR}<B-=S;0EQU3L0S9A?n&$2bEw1V!Cu1QxS=F|$NiM`=61oez-v&&E
z_w+rr+};23BABAi!4$A<0y}auQOrRS);Uoxfe`%b{d@A^EF}Mw+_NK7UjR)lMXvy}
z44gbJUjx2bd!njHUH_yfaXw7>@<3gghW1J2F2h_rOk9y+=!<*mK)hdVO}mS>_U9FN
z!0pFQVEIP}h#2c~WcH^}%hk09)TxVb-BmM*!|${OSoZ-ib=aD0D0>p!wN4lIyhamj
z(IE-pxE5#7Bhbe|t6p1VWNROy3kB^|6pQSxoshDZ_pK@19dnJ4!<EYk_Lxz5j4UbE
zL7?C76rm_FNy$ma*h76kX*QKD$=zU;&rQsD`csOgC+J6{CClXaye1%1>?0kO_}Tqd
zeEl+%i4m+d&PE2QTp)?kr#o+JQNxZ1i=jF%!<>s$OrmkPh4Ocel{S-=h);QI*R2%C
zE2}^*gLkbc&<gWmo7@CgaoipAjZnzP+;|%5QNzqh-H{4s!Vh9Xgj*{MjAZgt9_S^z
zt;roIdlS2~Zf7$jlo~VzBQ@1X!%t_{p5E(Kz37z{o}b<RZN7b{%DuU@rzH<gCSN!^
z?4!A#pKN%(n4JNGRfo69?i^uh5L6-U62*09*I*!D5g*OVLrQEhE`pK6aq9Fw|J}1)
z4ju!3r8L?;b(JJ|lry-x5??qyOzIx7&h7<IRx$R@;6A=?XT{Kef+OOLcDuL#sVnq;
z|E~I?<Ls^%G4!?lr~g-$ARI|j1B!af^_8_NSHWU%4c+2u`myrXMIF~|LnfI6K6Kq^
zvD#{#YO0uu*n%;I#j{&g;E>{^9)3Gmam<kcA=PSg*g1;JZXWmV8+{7s5T&KBWFn6>
z%-)92+?4}DV6P9yFVKxo3Lqh8*p{&Jm`jb4Kf0`TwYX|OkFmly2XLQ8kqwHNv58WT
zoNw<9VtZ9*p8h}oL>W^Sv$OZ7`!|zmv``zGlQ;wBuH61S^%O$rimb55q$rCfk42NE
zmgf%aKR+kiP-ZhAkjB_^14=kC9?f#jmhZ@40R&)D1N;{_hALt*@-~QhKkF~-S1l!O
zL4P?o@DHHA(l&uyp-~XN^I!wy9_e=0ZQ%_8y4=4xI)4y}szG}Q)~Oa5{uJ@y(Lu#a
ztQNmTa3I=)kvj5T>Eg7EnDot~(C!_;m<2zNeaRi@9)s#EZ@z((Q0_GUgA8M1<NSZg
zu>W8F9W(R)8J2Oe{MQStOFA2|WUcVNxj)g_cLm7Q%E<wtzy|-w1VR1>fJcWB)xjNw
z#S_&H^t5wa*TKfuDW8?m#!}WbRac=_K^jSdxOP#cECSPx1Wv<diVjNy9@JtO9oJN(
zsN)W7qRf=Wi3Ho83<_N?gCc3;A_c0oi#xRr(%j{%4WhD620PUfQyD1M`bX#A0Dog~
zAKUAccwpu$Dg|-U3o5*bv%BJSeTfe!G$9(H1`2<fCL$S3BA$;FUI<QSa<FMY2pMoK
zJ-`Y{hF^$A$eKJYFQ90n4JWz%=S5!7{>noI`A9C92o&=&rOChCwM7d|yLx4Wk#tF5
zUJnlpWVN+D2{yh%kuHt9ZKR2mdJIGbPS+PsO;&*r%7sR3fOD+)z?vOmJS=pGAwBt3
zUSufR<9HG4G!1ZKR5A!VFwD$|l4RUqrNp^-(7*5|U(2aeyl-K(M8(;vb1d_$m*G;C
ziG|UwIKm|jP^uo68{V^--WY;U4E6|Z8u|iyYOm*3yl_dns2%Rq`N@WfW^wUM6|rfs
zqpPBsYe`u(k>0F3)?^o5V@KULO13u{rWxw6qr8Yx-bmeH1f6T)TNNspT4H+DbAs2r
z>!iV*-!tA)KQJE0mSIk_{WT#rXf9X<Fh&#2g00{bT5H&`J3F^d5BS4@9Oq<@fVm-i
zQ3_1L*dP#yjWQ(engpLI!PRb;o;yBu<}hfkh@p<@v?u@Mz$i3fzM)A6;&3B2=1yi5
z5D+{b;>!o2mn3;R&P;(?c5$@Un7L7Vt>23{n-jWG%W;uT87i<p5obRTn^nt5dC_A)
z-rI1m=3WdmaXO(FeDI~^1k^qoVYjdPmO}V8R9ZR9-`W0obh-6#dB@L-*t+BM=+^dW
z|9b1|=@cA?ckCh1t##9X^XcsJPR__syVH9=*g)LX{&|0Qbv3wQ<>kRGxX~>@e_y#9
z)k!$$(wi?w3Mzyi+1%at9@d%;rsF%{=koq~zT%Po@H!65T{R7x6Oz~=sP_+W0FcC#
zuUyCb_bPuXoZG$#cwkyKF#1GarnLPmU(U5YF5NuO20sJwAodXI_#0R}4}LCuIbe09
zz}icFeDt(|xc`3n7FVnPy?^u+)!BM~=f2?J?ezY>A+YK9n$-fklL(y&J^4EX6j&sV
zQSkW_xd#nUE^ac|Hp_AU&c69|b=BGF_^$Rc{p@hf-}M8w^L{+Kp4>>=K}>bCZk*TT
zqGz3CjjW+7r`zYItNvQPJm$7^iNfXqRY1bt7#~2cpDi1rF~ihMs9>+|D59R_Y!b;a
z<h9Y$z-NOWeC%tmru$8aZ##oi8Gb2|=cd6-!n}~Nd--o_vT2p|kU52Xc0fbbPHK)1
z1J8MC9JI&w7`X=PI02zVha`3ePI?y#5e7%a5Gv$%rb&UX<qDVFAafIYbsoRtL5pOC
z-Av0FBl{a+UTC|$YE3cK3=EoO<yB*d7fy4mo9=Sxy*A_@c#dMZ>iVYJj8w%!BC7s{
zp$SftVIhc{!ZAC-Rio621zz}QDgk+sfx-0&M!1MHqxkbc@aBk68OSKRXh+^SkayRs
zN}xhi>8K?sPmEPS{7U+vWh{mws%FNU7YO8Gqzl9-Y!F_``rKcd(X)_T<RKgsRC=aC
z59*){E&iWzDADrOoH-bq0yaVL)9D__d|O$?vn9CtxmKUaU;g~kLk#FCg-^x6oWNNU
z@7)X<V|%{zQnMgR$1V4!e|;d#Pd_gFV{7PA7;1DB_dKzNNoiy_UZO8?n_gRJ2Y>JT
zud72D|J_cxVb&9(i17B7z%*rzJtuth#h&8BjDEQM7Vj2>8}vW1ggpo2#?(sd3>BVu
z+ua$PEV8JU8v`oT3-Ppa5b#qbVc3XbX*SvpPh$aiivQdaR5pV{{Tmw~&pC^l4#2k!
z50Jz2PZX`@jDjlC$WAjTV*=o{=;U>mz58JtQq$e3-NkLwk1KS?9EV&3ByjCCDRD}y
zx=M_b8o>fczy14RTKd?o`>m^IXwUPckb4B#G;q@*mNV2p<{mRl=lWXnRu5o$49Rcq
zyI^VYR#lM(mB+pQxDnW(nzL22R?OT#*6lgkNtp~A75K!VyN7>w!nMqu$QzaoC)@rj
zXqx{WPH9FHrH@!i44Z_q+Sk9e;$CIQ&b2{M#XU_rUzjmn*gs!})J2bn@iHB+(OJ^1
z{J>0TBc`naFcg|@Zss#o!KbEAT^3qli;*f#w6Z5+H4CA|t+fGjt3(eb(uGS!k1$y~
zgz^khLjZ#a8>6MQz+4x#wW~|6!5#$5!tF|BA)ar6)y$Wi>ZD^2HWaGnwImJD@v`y?
zAZ8HdwAKKdB-+iPU<R?jMG+VXruE$C?4(OQ4iy9_>r?96<rvnnp4Y9<rysTJ@ibe(
z)ueZ8Mm8R$7=Z2Q2_|9C)-5B4SHYG1);Z7Uw}`^-vh6gF2DcFsR}r$oWhY=&Cl8Md
z7H>%U)ymGW`44U})pl)!DG+C!k?uyH&<w^PQ1I7CZ;I;o-AXU`iVC$Sj}fho=jU!X
zq5j84e`-s=`EM{f9!T0)qb(km<FSY*ct8qC!Prbcr)C3cgDPR=JA}m$jx~=3gkFrg
z*Ri2h{o=>%zwi6E&iUE%>v=!B&#m5TZuG+Tw7Q?mg~3PW|GNC8-&E#v6ZKzG^<S>Y
zzepY{9_{ZN%!j$a%$#r(=?BL9Ao@C*@T%$(b_M%EujhhHiBWiAY_l=6myH4lEOh31
zNrlSPk3lGY``l+>2QnH{snTM6>Hv;{rhsyQPD#$^V8D;N6#o%hx7T3={+jctYr2uu
zE;6Nh5!MD%U0&~(geBJ$dg4}!xI(|`hk1GCXI3;!t*RvICHZ@9qy_ikEl<0cVOgOu
zYY>kwwhJj9kNx^gynu-Z304lt{%;uT(4>T+UCK5sBZ@2{^p3bO?cyMeAQ@s)Af15r
z7gvHUpl-(7XbtX*WR&cGarVu@v3>2DNlt9rwr%soc5=cK+qP}nwr$(CZBD-L&YhX6
z`PIyw>FU4suCBdyukO8`^}Y{QEB-=3WE#2iQrUT?eVTI!2qs-h<2%tpfD@|R9>Li7
zmn-^3dYick%iP%594`YC(XX+oePWqXn=bEAv&5}V^+GQyuMMa2?RLSvTo!LU8#sMJ
z_<QxFerxJj6fcEGyVR1nA=5Q2cnyWSSBsx^5*9v(A)g;CbG}|~5^ZrfqH?}A%6L^e
zd#Yu(J{G6xB%)=%%8g=P`r-jIMZ0F>dAJEGt;kLkUWK6V;-C!^3xgDB<HG0JmEGgU
z!T%M?lBbJpFM#&efg253(6F#0u-1qjnrDEBMb(o@rjuGgM#%g*qa+Z9SJK#m@dI87
zN3Aj)WJ7?fFx8J4C}Mj|4mGYQVgZ=@W(6o>z0U`><ZX+Daj(m9Dm6i5hRT~~DEt<e
zJ~#D#cI1f0NL(7%Ya9!N`}AEeexU894m14bdalU@^F86uC=$3x#+e3dtsG8hbYG@7
z-erm3<-H(I@fO=^B;Smp&oD_twshbzJLFudV3^QTa!<3DpMl5Gr%#XLGfC^yr%w>$
z)p_fc_lH~F+HT*Dr=QD9@70l4|G9+P6df!{EpC;2qrUC8@?~8Qk0?{Tw*Kwq&Pas9
zV7hMKb*rcfWU>v|`!gr?rbjJK_7F3G0HHhKKyXk4|B~wO1e9PVe>n#M5Fecpy$Z1-
zy&^XWQqC5M8_QnS$N8BoXtGzb0~Pw1G9VwA|F?@Qs%#6-fq5&XQ&|8=2fe&ri)WD%
z#Dprje^xXUmzHY<S||ThUN8G<oy8RY&3d=T8UfvWB**wdYq>-7TMt<kelWfm%A}@~
z<{LpTyQ;r66Em$-Xu;dO1oKnOa0|bTtGmggPxmy#9_;Q~?VMyPF0EM(o5}qKkCV7H
z;k1Wae+-Of-WObKGPz-5oq=PPW!&K#co!xI{~u638}mODTbUXDd#x28l1}vRPoK#S
zpH9?5-@!=O$iUjr2$Gi<(%!+&NZ%6DWo<G+O0ka~Iq>-t#d(!BL?Z3DPErI15B;pg
z23s_jkjYQuwzvDasbK^^4+X8tDveZEW@=Om@>kBxT@#YEIUBQHh%#ls0Vwm2$Ydr7
zX%PRkKaeg222%^Gn+Yd!PJ;DflGnXIc%2z4<ssW|`~V;TJamD;FWfTduwEy_B^tM1
z0@6Z;EeM@9hwYA*mg3=d8&D2W<5%_I7y@`GeQf_#&VHs_gVJw^<X3vSM6XW4?mq(|
zcR;k6+$ILdlab$X=bdftGEkHD7m|tO1OpmEhkS<gf{DO58V*|320LclViTWJ&L;kd
z`;yft+Ba$P9>gwXLpv-*aw(fv!ka6tNXwhyTKC*`w$5y8eBAc8%R%-e^s<_|hhTzs
z!Zp(1iR<EW=MdXuO$hnFBd7!;U)Kkyi6#y#q$(Q6eMx5Jxt!jIE3KGh_A-gBzVPeX
z82QAW+y#x;k_XV+)eRpp66vzl6!x(ygv!=x2(_qcXNCfZA*Es!sc?!{7l|*Y+pZmZ
zO8GJ))1L*zKbueSP3g~y_YYUL02d;JsQzinS^r_m8Ccob|Ena&OLfiYbzx+$>FSz*
z0PND#sm*;}WROb`NvJ}sTuDo#)+n~xku?G*^6~29iNWRpTQ*I8!M$8ZZhMa-u4e10
zi9gnd`qyrEmw)aa!YE{O<s^@2tU3XRND9#ckR|qLlD4>XXHSC%p`sz8*!6ERF+7#2
zpVJ*U^L_8=!VJBWkCe5HM5+SGlEX)>k$~z}h$3YQWAZknu1K$W^{gT6>9~Ky>m9P9
zcT@X*1ig=#Sl7mP_rP2k=<>PVXJV0@H{c=!1bI-Jhymss*a+O22obe>*$P+J<t%y=
zaV?U`KIxQvlkuAlMIY~#fL24iMvH4-VdHh;bt-Ncs<oewxKP~P8M;03==Q<38Zqb~
zgbA3$PsY^zgwUB_25On$-Q@3_8~3Lu5L~_lh#-_V#tHsNm443&VOzyp?Wyo{-)5;@
z!zo9l=?e@im0I*$=nOcG%WU`Jnh4UN-6^_abadVwIv&nBGb@<ZDwU=Aq*G=o8HCg+
zgRYI!NS8bJm&9byI1Li%T{Qb80o)tO@{g}{E$~O-?2*Z_(x5?(tk`bKP-bEo4khyU
z=LvuK7QZ*e4vR|i1bA>tDTs@|4;&I)&^0{Ll>t}qRq;8lgBJZJ;!l73^Z|2gOHc0b
zj#C*O_D*g<^-eAThY1V<16G$~+y!!!TG6vZqLdol5y~oL*3?9asu+8pH8b1cG0NuA
z1F-tS1;TjeXBv<Na0wzph#QeHVX5KPi4#JO@`FPL*7)gRCJy9<vi|KVTatZ%uZAf`
zj7FEi?*;Y_*@bCvX`OKR8cG+p_tC6m*aqZ`aRX)^6Vwy3gKfAZ1$8_{o_mTu16Yw$
zLq}G9i4GWS0aPmtF4+f8!GwTJ5)U*1AsKBtM-KBd=r-r0o`-_&fD;#ujJDv!^I!##
z`y<>1pJhKZTLh?84BY1n6x<g@deSZKHvZr}_Z}US)guu6pf}CxNTOjk3q(XB3ZkHu
zVermy9s27hLOkoJ6PKA|$lVVg^z^%MvATT$LlKZr@@exKUebkJSw0XLYWj8`K>{vD
zDVue==qCv|IK!2?gvboj`VRd?g<<yk&Y?Xr#Jq)Wj&h3C@z^6aX_R)Iwb*~xY4u?k
zI*$2-yg){Oo_ZNmIyk-2^ZgdXuz<qa6UZDihFsWb*<!*};{fUNcAiS26Tl2BzO5H*
z8r&*T0M9F30F5`kzs$@IghpR1Jm3xu>=91*n7I8s7G8j}NxpfOi+y%d&t6~hf$L1S
zXeM+Z-Sh22SQhrYA*1lp@1|d%QpeO#kv^!aBdV*L;VCMUEW)4*Lr<ZM9a&wd(AB`5
z3aAp+pNP`;rB@BA;%ixR|6B$dU`+r!PxZ&%U1RrnT2_?$?ey&I$ZmFw7YkszhF|MO
z{-*Ia7`N5_@-`f~C_&*3Oz_bp%KD$ns4eA=vwMHf_C?3aX4y}~<EOuU`eJVG<pwDe
zp`Og^4v9$`c$|Y^orrnR2uC@cOD2~tXxoJ-a?}J~-z#hmO#B>xZ-fSHzo>!ba~|J}
zcdVCkt6>7f^p9bBOAv7ICwrlC74@qKiLZ2WfJ5vcJGp)Ray!p1*KyD4JTBrsiI_;m
z0Sq3NGQ3GooGOF_8tSvj%}iH}Y_wUex4UpgWJ`PW)W^Sg3;W>1$HzSDoI=~8%E30o
zB9Mjwl=_5(mHitD#=3%YCeY6j3Z-A?eCxedi`^h`hQp*T^`AmaagHfUz=^->wD@#~
zU!>P&Kk?*e<QCHR(i_&Uah=?SDE6S6XanidaLWGpX_oz&$!S(9+{P?pWHe{fu$m{H
zckj3&c=*ldj_{BG_}tyi^D<%lUfYqWjmmFk%t}Ye)eyz9o?78Z&!TyjYEfzp)eevO
z>o;wBZb8zQY1DceRQvi9BUL%I?q$85WrEz^_7!AgkOCNHkW=YZ?4z8mx!49WkL{RI
zM4uQu@`%pvu?n)ktjlG5mD@2AI_Dk4#2Mm@{SpzVv_gd)T3(@gBu<s+hMC~}gwN*c
zrc->=Cc1_8Mt3;Nm;3wNGT1K){JEgBZ8g4>NeGw7OCky<fXX_$Ok}@i*1(o<Jnqa@
z4}28%Y9a9Mx-r`2`gVs*w)laoV0W@hg^+b*O#03Z>*m04bT@IPOUWP!V)sgBdmd9y
z_qSD6XG4D!-!5j}{k_hwejnaYpxKjtf1f01PE^{Mgedf?dG5_tsJkNDl5b+Yx<{|V
z%A5I*8n72A-RN7ee^}|*8UIPw$;S9!rp9$@YTB=jApZBP%2BPtSt4@-yr#Wzzz#Bw
zRT@c#Flic4*bu|c?ym=NB7$73eA`Q@-~1k%JfDw7ZlD+3Tq~`uFGfzcw`me$gxij(
zOz&4N=n~70+}VW5?Dc{7jl&4NpMZ~s)+;70&LKK|jtw4=c{Z^fI91tBKLnS~X3K_+
zig-3}+Wh1L<(h5ltfb*#Gy!DdYOi4+II(`J7pWbbKJKmfitpiz<?z{yJ#RGNgaO#m
zgg8WrvCQJ-@M>>86Ts}xGra+i(~pR3562cgaU0NT)v1TQZ8SBkFa(sd!ngReOXZYH
z#DIGzqM#5)nEfp$ya|7LwF$IbMpa7lM8MiR$;00&757)_RD7*~`m~PR2kt54`YRap
zeg!+B*dQIzekV2AVj%d(=RG_q(1P!`?UD^%Z%P@zRBU9~e;77&8~F)*{mrjljiE9J
zK5kwzJkj{krG?SmVB4>9M8^XazF&U`Rj>y^%a12vPj1!-mqq+)lxRIDk~9(HxRv4W
z8q}{J>#&o~#YydWb=<A4(yPKfu8MEE4JMd9binZR_ll+~*v^Y<G#~&c5JX6x#=HBK
zYyjhHSFl`XUMaQs#OM-N-fq47dh}}5%0ggN>`@Xfi`tG;#>{s#BagmAW@X1OrCP%K
zy7QdvXy}O2(=@E{;$!N#k=~oi0cOr7_HpxY&j&W3U8=flSe@@rMCKt+M2k)zE9C?b
zg+H-P<I?$bkob}>!Gs}&38vx5gTwOfKl`ojk*}WHOivk66UMdUzSV0tESq+#;7I7@
ztaFJcQOu?!dVMkZG5VC~=7fI8gEde({o=bZTU{{}<z=}$zzoxDr9sybxn_knz=7}q
zEEYXJ#T*rWx_<cR2T*H(M6|oKQ<dbsxQGkRzzZs}bm!TgVeYwa$CVq(aufXI=ad~i
z<dBs>6d_rHnbIYIuGBzVw9C_@-@bCA;T=w+Wa$Uj`gl*FC%JV~K;TlLi)qDGVBpml
zd6~Q_=xMy@M6d)~rjR29E0x9345Gh0LxO9j>qrZH*)|JQZb|9vljejRhd3chK_S=V
zW)-!SVyR@)moEt*qhTDAkUe7rH&<9eJ1dfvM}tpoct0GNzCT{=MeH1M_im^UzfKeZ
z@8C3gzHT1k>exfh-lhQuk!{@+z!hruPq|quSI(ABX?_0$9JTd9ChEU>3_(ipE!mdF
zyCzU?5h&rY2q%J|%!dGguR+h^DyyJNDA__d;*KW)3&au!`i#(ZfPw$SJr0lDKdKnD
z($eW*2H=RO4C)COZ_qD`>9f_M2&lokp+QMgzSF*PeNEC!V417@@e}Ns1h2HH>z}c>
zBljb3D!mzkhq(YSW>nvjX0a)VzoCpe5SC5$rur_Xe)XchIwT(ASddUz0a7Vo5C!C3
zckxz??A?8LX0eB00ZVRMkKl6;@AHKE)&5Rn1otCCTP9i2HwA?(kz6rn0O^<%F&DI_
zh!M<+o#7m-IIz$;8SQHEZQf)qA+*x@qL26Hj0q2S`#2++X}s4&U$PEFj5@2Xm=9u0
z1tY~Ou$kqTHMk$!00Q5Do}H4Vf}WJE!o9gv_!-Hs?Uo2OCm8z_&^1TJf-omn7D<Tu
z46@Q_Zq=oUXiCN+Sp)?2YO^#P8jmD}pN?XUK{iYPDIRLbNRp_(Ks0ptQW7=>7ZZn5
zg1W>~$Bbdf5}wV5zcvhUY<C`Lk<)x$Sg9*c6(`w%UT4Xa?~kbLT4Oc-DSl8o6Z9LR
zDL7C@P&(|cewpy*FVOUXiBM2R+-eOa<O4aOcp#0QdB7<rlTdj*T(d8(dEj3#p!P}j
z8eXMxinI1))j)?8v|&QBGuCvpeoK||NQIqZKPsiX=6efkafl%g%3-FXk>n(vb`;S#
zWONG?;Cf2&A^1mvDG%QiO|0EYlG1ca6x%G-ffjrmun%Q>q_C4)`F;(<U7AUZz@8NC
zVyoa>*J4;X!*UYg1{vIx02q#<Q8z1Cc~6Ej^7^<E*W9;`+)7ACBwdlIj+=L(25HUn
zGK)7J-QRTy$$S|j$J3x^sb;!GF!(NWac)0<5x0$K*#ryG(Ia#iExTQgUdomNnVGl+
zMcFc|Fr`|`YSHIX5vLcG*!O_&l5Hb9gl3WYWCuCT3;3==Bdu?56wvp#)cQMo(vB6H
zL8jx`8#6DKwhRx~l*wy66S(O5SBH=7+0-BUxFEw+W@<Kr@0VO-3cO+7Q$Y(P;)QK!
zcD5NCa4pE=JUB4;*=l6fCA|YOQxtLRkfoS1h(51fD|fM<1F{CjlWXZ<jkTqHTd6$C
zgDc6^^6IIyN1yh^R(!PCz2Kc_75bt3Q%X}Hl;Hr$2+;?zIr+ud1fZG1*`gt=Z@LEQ
zek0{P3cgZ^y8IUQ{=~ScQe&AGoGhun!%Asjaow{}Wf5n*c{eeCVR*rCC3Qo;xL=wZ
zG^f-S=b69QT)2BNMi=3Z2N1L#Kvf@)^BB8lM+dfa@ngBrW&qldnQ{PD1!6Fch(PEm
z!^|0k1$D;-20wn%JsH<e=XaNAxBdD;n=}>~(F0_z*7@N_4BMJLA=V7{Z!zpU?*);G
zNz0nja9wvBQGq!O_(XHM%DTR(x2-R|GmP6;J@$`MgYvg)oeA&l^2=58Zt*ROgASW>
z|LVS>L(q7{q6PSLhsr8Sc$vPz?h(IJQEX%!=H9B>W}SWRVbVq%{?8=iL$Bp6<(tp@
z6d~)w&9NZWXnj!#TwR&m2hScjai>RCP2mTZh8cM~iisy<!h<)R<6Y1<w1<Rq6KwNj
zX@{8b7X#m}x!}rJ;aZD19~<f!(2PfVqE2ySenD?jVoHVWV~L-#UomGbHkRUR48a^z
zPJ9~X?t#V$ry$0E>Iy~C>-aP30|<gk&8h2~&gnxAu(bNSpq_$PH2t(752UOIQ0xaD
zZg+RR>~x~&Rcd{0IReW#X8Kw__1iZK8ja;UG?i%C&X2f!V4#_rS|?yvkl$CVvP^<w
z=_B|L7;J{xRR~s?dae>)n7hDqCC%oC&(CiU(Gk}^oE+Tw<lSfJE`KwrG#;=)0e2oi
z`nF7rSvsMwS>j%VoN`@1J_rZ9AVQGJd^)*$yT7}zbzx5pJv-l@@4n2d!xYsP8CCy$
zEvne?N^3QDX(&NYX;5l+ozFHg5n3^2#wA(TS#6iP{iBQCLGiJ^!@vJUrQ#B7`>|n^
zY!@iS`C(E$<0raaXXBFSLB$YAN^e`ZK+(LtTp4?@q(#zBQ}zv+C223=5NKOfd661B
zlUoPpYK!KG-Drd{+2=C5lFEZ($+CQqO$b$V)V>*kw_mN=ILWwRoU3;4)0)O#wy2I<
zj|L)oO1j#$lA8NOHCr^byO?|#v~paiTAzZuVbJ&|W~rl9`z&O@?cQB0M3WV!w+dE#
zuvl+Q4G$~r$FKI>IkrRU_B$eP(_&EfS+?l(c-N<M&q}$yp(ts`h8A!1+BuF`eOQ!L
zNNueLzV}nEWy|a+YWHo@UXo<9h9`xe9_i46{o<F4UIR(s5Isw{vnJ&xj*OYp?V_U6
z&Ps0+qHe9KQexZX+{oN;T7>Rc8`#flK7I+l-hE?k`hpu_p-}oK*vs}$Dppq3|6ka<
zA?9XidC{-p!Qt~vOtzYboIjvMZ^KV~{`pu;5*ZL6ia6KuL{JN}cb;`sO*hY^ciiru
znI67vjCNg}dfqY;AIDK|9o09II46%Q68A6I+j@NWm0iD$L(0Av(0jb6YRwkjPx-^1
zv~yQYFYcGBf&H{;RTqQPjW9<0ZpXi&b`lRdZ5t`vaCK{a`5<#bz1g~k6`iop)V+<T
zgGGaez#UcNm=E{X)vF{ERTAzN<x{9k6fl>7msvat0btMjH&wjJ-TMmc>kn?l53=@M
zci#-st?9Xm9-uU-`;+Os-FO#|1y5R<A5%;p8lZ2|18xT*dm!B7uJ)$S2M5JJb?nRi
zZ(v&<Yx?<6$_}Q|n`i?XfG<0epMckU?$Ny#KxW6!Lsy(dD9#Yq2Elt@B{(%&2m0n8
zs%DFPUfpHwG=B41C{QK5Cl2=_N8L<J>{^C@@V9=;y#5E)&PX40bgM8vOHjlPcOrj5
z4gKyvcD#WnW%M-eRObURCIO}wLrz?w`-WBM1^GSn$NE6vxLog($Ak6H`S5or$Xoaz
zV;H+Pi|$MAc88Mdl!7aW$9~=`U){;&7+Awj^-U!AxKxiNnnow*kzk*KrOI=|1}|9q
z*r9D;$)C&+ci}9tZ1(ha*O$FL$eT;lVrh$+-bC>7jM2D*kFPYBRtG+OTv7D10UtYZ
z3eH`=3s%`)uj~Y3?@DjnK9iE)<79l$sH0L6fO_m@0P>w-x*Hb$+SxlgT77bH$B-h&
z1$+DmInerLl@Bw;9mm%n$@mdA;?}z2iA8qg>;k`CEys4T41@<2*!={d{b0=LcmBev
z+(^O$`+Ep*=?$=G?PZ8SsEEr=BgknbvYtot4tC<dT{mv1{7;nI`EQh)`-5^rsRI^j
zw7g}%Km|#<4;rPmR*CuG-g9Jy;SwED`PC#VEV9~g@s)UlnLI1#nLX))n&g(~Kn~!k
z%TMPq^MiPW2`*|Yph|b8*-A;b4veN0+@OE<S(yQOu#j(Zv*BwcgsNGrbn8MTd~r^J
zwh9mYkcqcz=*;z$RPk^>vXhrx<FDI&F(JDIIR}>{d+(=GfLAaYJ#QB`8TE@`WtbD6
zKVj@VrNE^tw+^^;l`H2er?3#(2x;a}FqHnU-2VgTrl4QL3tKP#C(hM?o5lVQoQp=u
z<Aj9>EJ8~GEWC9C3D54xo*;R6+Br5?!zJZklP|6ajcPcAWABLUgk=7scA9BdGgVl1
z9-Y3$qltGgpOpL^0&l}3NR)m-&zz1d0zb%#(#0YS!{w7YL1SHP#y%&}5=z7|JAb$x
z`>mMd!G-#4hq#Y@Moe`92=hZZ2bgx+(#;>*xw+KD<DBHTw<&F(eCb@KUty!KY2Q|O
z0sumC()Pm%GS2ZS3sCM?=vmidCS{iJMZUs-sLcOOWO6Sk%R0o;aarUW+T!}!|J$pt
zNG;SrKHB@eQR~#X8#IwCHz4l~>AYck@;cg21cpnqy6QKLPtPO#<U>Q>%)`O#uPp5#
zi%5APwyUA{wlt34Fz0O)fBtCeL@IPq7fYNGkZgv%#uDheAtS^#mRZK<2Tm)T0RSU8
zUDW%|9Q>-6r`{%JV{|gMx*(qyU+R$K5eX05($$9%YaeB^Wv2TqGbepm4o@1begqm@
z00fV?e8O}>PxFQ+_G@<<t!5F0$qoTiA08+^T3D8bL8`oyY>@F>rCyDB2oPQ%(vHsx
ztX3H7S&vws#JQwLTw@qT@YVLdQ~(xDDH&=A&i~?OI5~n>DekOdjAWjKkS1OK1RU->
z+E|u{K$5Vh+`#LzTpLSm!o9^i)nUid&&r03t|awC<KUZW{TOp{z>w|DS9kS_N?=LT
z)J?x|fJ&P3WW7ym=s5oX3PWP~e4)D$u&L`Q6UnGhwtkmUo=hd<q5${g0ee!^58r_r
za>&Gx`$6A%AVVgQ0$x0}A>HLp!s>CWQD0726=<ak4i&R4cV`E4St*4BJ;XK{w&e$Z
zf^*}c6vY*m%_ui<^EuUplgZFg6ITg2<E12jJFcA+MG;scC!F$va^N1P7R?~bpE{-l
zo@~Sw`6QG3z`oxU_|JP+19|K641!AGPv-|wJej(%;B9Kl@bXL?JxA9E53hP~eqEnT
z#IpLb-`Wk|m`pTmr&fe=t14ykraMUiNyyy&a5v?ecDylz001uwwaGR0PvnY_UCSIz
z{+c48E06FLOP!F;qCbnp7L{0^nY91?1NoYd`+R;uPR>iqhMezdBr}p&`v=(sBHt!G
zLfj8|cQ67FFGLyuF{0ETYCualmJ_(@G)gnQ{I?pv+?bWl8sPrKyX8V)w7%!2K4L(y
zwxQ?Qlb7gFgv@JNHI5t!e34VT3|9nk#b1Z<Ny{u;L86!~5bnvFpqhJdJBVL42t-C0
z-fu3h9BDG;l|n{+;Y(&1gs>F@snnDVJffN`-kMN!?x64`=FWSD!9T9yC<>ANtxa1-
zw042#awQ%LE@IbFr19^g9uDvH@66d=E!RR}nVGvkzAs6ii#P<0EcoE#lPy0832lF7
zsk^ovAMOuGFSxW%vi98AhNClII$s27^Zu%ZgJV#$hMAg^iiyv{RD^(CZ8^*jdQ%+`
z(qdKNAQZ<k5vZoleUqa{wLLAZA9D7F=8LF4`cZA|U!GiLoS2mxwOWoN{?#eQ>n+bU
z$zkuRj)Pr%A`{b?CBa%z8}1Z#`}?`f=nTl<tUDMuC%X3V#Pa&%{W9hO2s|?Elu_R|
zlhKden$l=mIYo#AXwV)*P!mjSPz253>EY6nosmqSajquR+97I;$Sh~&y<)}ox4oNO
zM}&eWV@sv7jZsCYb}5|p{ue%RQ~K(PJ~4K9TJy<qIx0a=z$e(PUVWu7N4Yd!b@gzv
z!HDVo`cG4scum*CtVqLLS<0)Pe}**riobpC>R}F6sGX)wQRr~JP5OEz6snT^B0%Qj
ze}k<3|JoERubF8)X*dTg?D_DQY(|3pY(rQe;99P*oIO$qArwNDLXMktL)X7pGPFKT
z*fAP!)HG?vanGY-G_c@P%$M_ib|2BUa87*I**JjlJ{Bahn=Dvcg5JDc?Wwwv#`)v*
zW;U86<6mdcF=?0p7WH{B0ZynV;>gvyVDTZ8i=<sGA>H;u>_McB3kBb-9cllfw{rL{
zYIL7*hzX=$DA_cAq+xrV3Y8ozntV4rzG4Emy{=yE)t*fMWSr=B7VQrjwLGZ0;ih&s
zJ!!B!4If(5<HGf^-h<D+bWXR#N6X?3>DNkYc3G$jJbf<p5{67~F6ld+q4O38V|wl8
z$OJ2Kw?8D83psJNGE~yKTB2RRmD_l8YD+spIJGx~d#q7oTG2N@+i{?ZGb=Qj!*b~r
z$WZ83se(KC(ZtMEvx}7{aHrDQ69Y#dO(>Y5Z33U`IomPZvHY;;xGTIraXn*O&?;p8
z&%bZMTcZC7x^l4mFQn7|OuJ`cWd48XO<Mn?-Tzc<;b+jWO4PR`c#0e`3;5e;oxm)l
z2}+vw!0Qhu;?|A3y@Clzr0Vj7Oa1@w;~}04X1zbhat>_G^>3~2JX+kG(adLwb|p-t
zYr8`d(G(VYgc08wLtW3u5DAJJls()KcWPGWTVPFJetK|WB5`-LPqL0%y0|mt*)Y9v
zyC45J^2tFb91u3p%Yqfx_wxM$f~ysil-3}UZe`Pj<MkZc0@~`lr~lLS)OAR-jEjaJ
zfu&Dn&H3W#llh1)uTMKEyBmH7F2YNYcNRemzT8QGzTd{R(3VfN1+U-PDwew#6pPr!
zyjH_z3<<H_97Zb`14hXDS3Bt4^D*fqu>~nKL1in&E+h!WMx?Yv`jIy>Fs2_Z`~=b<
zP57!1;>hVV&n*>>Y4nwz2SR51_s(|+bn&stwX887ovi=qt8Ot&X+IV9jR)8k6ZZ#a
z-XC-j-975SVcJ_`pV;R&4^|lCZjkElj7*t!V_zVf7<XQF@%s~c5d`A867U<JR{2GG
z@&OdOp&3CXsT<-Tb+xy#2~4Kk7{d)Lq$rQ6%ZCkDb8k$#c=~nA{JkgLcnoJ}9w0DQ
zO?RZVY$FRENv+)FjfUx-<sjylV6!9E41YqQ1rt4zgc5w7x(xt|VQ@u_fKlS3A49yU
z?QC6-4shO#-=xRa(__EcsHA&X<llwCv8$5a<(!vZQV@NS4IL&Z`uarPE@@LuZb>;b
z3Y$?IL&q#JLH~l5{`SAv#rS>aA$sBi+k)2bf}3JzI<yhNQrm*2)LPIDGbq9_4RUH0
z&r)GyN0~3$!`z?zOqBTd9JxSm|6<%~>GF^M#JD`K0c>s1855kdZQNh3F92Iai7)s)
z0QxrS!gTshTgtF9*bVF>i32KfAto`xyjLCiVJrA5=s0mxg$Rsh(;&pS5J3`nARBn6
zoc;s`Vl|ObMy96}vgdaQDDc8F1goT_i&Fq@4|Ory7#4D(lD&7En_M1Y@Pb;8IDx5S
zF(f=A-kgx7P;0ZX_Az79w5PJ1)`uZ2Tde_ioWj2?4iir>k~OT~OUlMF-ug#DEae?w
z&pd2bES7_vh1SmQp3XiDDNe|c031BzJ_euckN~wwK<rOakUqgU$T<{qHSuTiVNpO4
z@{g2k?O5B?z>Yn*gp2A+FdBX+gmHX$X6`_vs{C3o*q;n@EgH0~K^LTEn~K~pX6?)}
zNsbklT`6ViDDD?{{1~n}3G$_y@~9;C?V5g>4)sB$579sjM8#kOC4JF;DG25S#>U8j
z&~WVpq$HR1V?(2twBwF3pGUPuiGx1yx76hozEJ&r8g*iHL<I*ZF6+KJc?cIo@9ddD
z<<zPI<~c?w$JJ$`4h)#NH#FpKw?oFst1iu_O?2tz9tMWt7!d@565dQ}O^V0|h;AFg
zQd~87P(ZH;gP6MV%FL>vWyh#{-m>Q5Cuo(Qd5yXaPl|t~vBQ^0XKhU@r<3KKO+dO1
zYO0=<e^(=-Y>r7J1m03=tmqsPOCGPkEIDX%Y9zSI#t}>^i{Lu~je{ByFkG_@wu-+S
zGHqAp1E<t$N?ncd8ssPnRE3nBQE#p^lW@7k#qgh{;&70Pm?YwB2OJI(wnZU@G+xB0
z&M<`BQRNXM$D2~e-ETgXUuw5OC~pF}z^kT_7m=7fI5i4)vvTE1st_aQ#thL=E6zhL
z)>zNYN-8#X(VO`epf*~q$zHhg%AxYx_0U(DbL4rTTM4QC*+qgvZ`<Ow;G)Fep$2oi
zVyDE11`j;FE7=)goZ#@g5!c!BN`^+Cgx{AD^kR-xR9HP$`RS*|{iLeUjn}M7@o}>d
z#F&b%B3YKO{lO5;v+7Gv@>mWhl^LTHe-5oq72loD+9L}%rB}xX<Q?-S-|iG~$fm`~
zNH}x{J<4&$09?Uc1`Vd6VKYahR@Az9cY4lig!bsFFqC(5*_a8!=x1q|-qo-rHbvDQ
zrHZoC!#qX5r<Tm4p>_^0lYVlmV`#Yhv`WQ;5tW$l`v!0p+GP5NRfO%wu<L&+NdJ%0
z1^WL*y1@4TK!MTJw$^G!@LaBLiM|}yo`N35021}_=&|%grAOo|V1f33reaA`3nKm{
z;q5uCMWY&bDZKo|xdsFnu-U4mb7#Yzkt(E+N2q-wOyX1kOt43xFx*#&G@gmzD8HnO
zZ|daRK430!p`atBkUT0S+@3LqAz8tMN++Q$aU^&ZvJ|9nA`bNK4heymx60XeMJg}m
zN+Y!qD{m{oNon-S;`Cd6Mo1EX;=H<be}Ffv0Oxp*CSR%vTU#)3Cx0#iPRG{-KfISj
zM4i#QUo2alVFy?ML%Sq7UPvBKvdAjXfIt^+YHkhKt#(hOM14;qfHaH>jwnnY2bCGk
zKiPbV7BP{DK`+$e{Kf!HQKJx;rk)BVEz(FC>84N*77#DgQw_C3YBty?R}Xb$SMDS(
zPxDqnio_LfAO%yOE}m9OoOTcvlQo&%mcx}Qq1~cmsUJJ3ZmC`d!e%hIvb@f7BZbfu
z2q~Ongg0VEp!t9=k6H|@8nU#)C|9u=h~Y$IQdzG&ZP1tT;s6u*VlwX)t43seHFt-l
zK4g`3!UUrHjv+hHBMRnT-B20SxQN&`$EDI#O<J|>kGXq^AOZ0*e1nwl>bt)ig<g_Y
z07g&&;AaaCXtPaE;A<d|HU=o{D9q>&|9q%Jae`~0<w;qKx}3m;VqBw_hF5!81TMkS
z5|t;WFk}k3+E$HhxP~;vKOfMTS#OJ02Y=|GEhI|asM3eFrGm+7G<j}~;RxscVtm#@
zTg8?}#G3xx=ILa1_3D(a`q=9Euw3<6)ujD;3tIL3ep|QeZF=>p{673|mka6+OyB*c
zuCw>L=V!!HaQ$ZUy~`pGRW4bBdI8!=u;QtIG>JIeVct^mX1>_wRlC)5@_q5~=2iNY
zET2|Jx9jKLpd6iU6rEQ|AZS&*@(EY0%2X&Srr#0574h`x^d_2a#_sieuGtlaaY^B{
z0Ib|kX=WO=;BQ8dR-XQ&Z0$rKW8g#=X1|uv?7DdOX;$d8)JfN+)Askht{QhIRx-#L
zl<~`AI-a-3S9u~!MWX!x+tORp7%_UXRXH}rbC^+AX`R}I)CRavh<k6{wo<B+K9BP`
zFR!;_<J5q`Eel}Gxn}er8Wg22pMD|{W5f1HGNH=R7u(ae!*{^r5J7XAT0Hj44Q>)#
zhq625m%}G+&qbD2M)dY1eTLQZLHh9K)#=B*^7BU(4R0ymgh_j~udA1%<7sdC%e$3b
z^077T(CZy%PNmUzN^$aI`F(c#qU3IvJ1A%Pf~GGZZz-B7@MC{h<l+q7>^CMo&JrfQ
zwu@H=i2%JATsinYkJgvIydK3<Uz3qCFc$d)W>Q)b2{b{Zx+!Hijq45r+^}Z%mDx^f
zLgP>H0$4?!C#7c2T}n}@LIX1_1+7gn{1`Z#Mp>U{cfHU45Xi?a>-+3e;<kbA>-;6v
z>{b^dn?M?T`izB5_n)N+GdeY-F`bcI2s<VJ!wr+)ZbLip6r4X!V*$J{Hdln*Mj(z=
zND)285E`IayKTe0q`QE;JY(SVDQ47S4a+O;L-DIi)?sa&C)9<>mY`S)OA$Z2!>0qt
z&f+#|M#-r%A{wy)Nd$R>Q?p;;7A300URXU>kCL`g1ez$O$P_kZ2o$4)0u2G|g)ZC`
z)G7CN`D(Ngt+JXmU0=02G{<OsfY;=TG+Ot1%E|PgX`-P`E7*BA*u(p~D8k0a6fktm
zbIJIcH&JNa9bKH>w|!h4Kg3>E5$%|*KnbG*5DdFXMT#9xMc%I4A|PilZzuY#9#3kw
zw4wDL+=yqd8uxu^fAvfkt)Rf;KT`mRAI3Um6a58`FGKD<Yd_~J;LJK;u6tdshu>|6
z%4^}kHTxF8rf&z_$h!Lm4W5JbM2qlz?ZyB(4z$cG@{b`I&lAq+*BDT6+(9>uTp;YX
zv;a^cz}u7QU$t_Uxyii2<wviNZp-ADho|K+Mzsqp9hth2?)Ie<72~#^t(ufc+0pkc
z6Z4C*#zfIm$l(to>8qHwBJBkOm|YF}hdQmfJcVW4lU;MsyHc)=RITkB+AA*5UF)nh
zIy1@Mi{^`uMq5ex|Kq*HXtHiH)rHlJ_M~2WJ$MOX2E>-z*|>b!2GfjYhtvR3X+$|Z
zQRR8*4^22sdp@Obx;mO$pd&-Q2levzccy|Loo_sJu8DuU-ga;p8JY;3i>K~y5Eoyr
zcTvi*OJPNR*urA?_5iu*uED5`8D}>nhPiSin0%Oq7g*3&6+Y%GuH#gG<n8YK*%_U#
z54xGPZe0Lt@iG#{DWXHy5lY8A1&1gVd-lB|P?Q!uYMZB$T(<Q%3%MqXwd9C>)6xlU
zAd5gLbe1@2f8r%b%Xx-LHTUh`Cge<#9f0Qqofd1fm}cPh6RsIxxI6kgL=i_y!#ybH
zwAct1Aw29}!!p{EU4ZEhRNta3OCpMCYAz8skMqz-I{3-0)E>e$S!JBbD5n%#Kv)QA
z{iHRvdA&uWh{j@#e!fhB0_ThhIK#Us#sJreo9BcyVZBy8b>8!+H5wKg?2E{A+|(kb
zv-+YDH8ndwKW*S}ZgTuGhKXLd2w1&XYqBk1R9pQCBy20x)M92B6+-qR(tN-s1{~*b
zCc@A@HX<r+>|$iuv3&{LV)!nDF2@IhRx;i<-!a>#Rtoo%He0QNh?jD*)@kV+P%kZy
zo-}9!_BYYzVyn&p-nUQ^JK<>*I6ZkCR+=h8MiJ9Qb4stEGc0-q{b42ql{JQEnAj~*
zzDA>~WhNux`n}-1jpT;Yin!ubg&KUQIoeFo6)I_QJ4f2z^GaK!OEP7wNatLM*ZX7F
z<r!MfdFzx=8~TV_DzE#myVkcI?PT`WnY%dtzbHG$0oPwghwb^hi*2O4T59R7K4dVR
z&5s?IWJD`6Bh<JsZr>r?b8UMz*!A*LmrRRT(*CwSb{*e(%XRaWY~w9l!#*Otygq`i
zWxa`POB6;fOe0#LYE)^M<2sTTYNYfQ5>wr!ePER61|8b94Hm)2Ovog>38aqx7#H~!
zi<1p~z#39MqK?xrCc3HJgvL=Ak~qZQF>M5uWl$#1@oo~9k{d^nNfx^BRCDSDib<_s
zx$^)d`u%EmgaV@m&{>vAlq}@EqjAd%F;|g^mn6|^!n%UHe26<yDn&LOr6Ibxq>584
zRQMrsVo@G8+db6FQNZBw7h0)yB};Y|-&HG?J}W&DeOTOnN8u(u(DG2;2|SEg=XFa*
zH!z@B{uaRkn;Y`2u*EmWF3HSV-F=wA1grZw&}dO<WKN@L-rA5PW$x;Y`-(xEQ~50$
zW00-?rb(Nl{dG4ld%rm7h!1U`R27F>z#DqT-1{78YuE%L0gCgDiRm)u=Gd`$0QeoU
z{)Fs3oz5NNQWFZAw5z&coxTD06y=ovit~w0nsyFM$BBYrj>4>XTzi5L?=loeo(dNN
z!aV&QYWQm}xOIA;IrR{<dfPj>0pz-0S5#=_={x-|X~xbRThP$<Go!|hchH*uBNDc>
zX3bXZ4u(>xkJEAN5c^2Og5Ly|5?pUwz-bC<1<xkAs-Hls5!4PCqh1SmK<O`??KE&#
zsI6c&J$S`BP0$Nsy7ALjJ=p|IHJM)7$0nangI-1;3utcs=>kRL)F3lIe6XsJXd(?8
zzv)G+0k6cVZzQvy0W#?G*@m2gTKh^AOCR0Tl78^<E+mBg1FYs?_=nVc1~w+f|7vlj
zQ(ZHD?WZ_%tm;BaH$(d`XBG}RoU~5E_{~cvg4Dmw7(;;lZa}QPq!h1@JZ<O}2710t
zaG{-dv#qCG*-^kwL$FR&Slv&U$EsBh#CL%<nOh^b^l^ghS+cSCGS(;DEQO|?XPx$1
zQ}9Hz6Z84bqc#i>nwDpyM<R@Bzx&yt>c~SAZT9PyU)J#P!*S~7C`jTGIQ;+apCUO0
z-CSn+$DT_aw<l$AMzn`885!(3V0E+AJla1BCzPu`j&weob^P=iWzog1<Ea;Tl@l{{
z5xVJ<6@Zi0g$XBGQrFz06p(hA(I=4ZIpOLDv2|RTn(%(zqZ7}oGefMaGsE1+vQPT4
zGkJ>;y-(b^-q*^c<22<<U^jtV6Ykqn>_|3Pp4Sb>7*4cIz!QWJu9+c4*xu)^pYru}
zx2M0Sx5GJq22TwRPJTLeyWbxhQBWMK`f=jk@%&COyJ*n%BW@0LVSyGycv(bsclZkA
zP;nE;)RiLx2Hp{{gSfNL>@~C?2@eX522bP|;m2VRB#CJv5vw|g0SL*!oQ<aO6*wmJ
z=rpSBjR0WE85s(W1)CYa)I(7@erofcU!471YW0xo-zj<$4E_qY1ufI743i9MX)g<R
zL0Ql!kPd`86xJ)%n;4PTRzhqQ6x4w)Y+Ccuh<umPS95)Cn)h7qZfm{XsItrC%5>l8
z?z;Hf>UVDb?9B@IzI@)MSCP-<A1l}J8`Ym+ATRN!7DqLZwmf_ubYC!;dEOJkpLM<{
z4BeAhfqeVUwyAo6C9vTE#(wrzkv<ZRG%W={o>Nkl2A<>d-j_2bH0Lk!2U%aIf^1o3
zevuH@G|Ydj+@RAftxSoAf7+iBzrz#&!Te7W=qJ9mOtC&|H0Y;3J3v+J<RP^pRa=xH
zh_y%!<@Vd5tu6u8BfrEd;iX9;^QlM~16&b|&fQuS!x^|=%J4Wym4hcl@~1<bA&NPQ
zn~#Uf6{G|Gu|;^Mq>Uw)Z9g?WU#i&Zy+gFN?~9w5zk~@(#6pt-2~parv<9kthJ?ZK
z2PA7I;`!@@u04j6dC9C;N{AL|m`QlW76dFn88LgLS3v7-oXqlKxxCU^cEByWd)1=l
z;CD2@yxyJP%Yf9Lfk>u%zro>6)9`_0r!vmZ6JVsN67wGZaU)-4()5z*6pc<p-jSmu
z?kpM1XkNphyY1nXSKF*~4H%Pg(7`yr>BA$JV{%Y>k~$ES(o<&VSHCnDH_SXU`nt{;
zSAxBS8))4OnaH-rOc+Qi%KKbi3r5*@5)J-Ba)Ug7EHd~?W8{EPIHTz#P)?7{7GXhZ
z5_v&YeIYb?A6G%`r?WDAK(14XRIJni?GHIy&)S|%>19SvAQHPu@OcLaZBByTVl~5u
z77oD}t75OtA_ERwwKm+KG8tbCI1nZ?sj}O;Hqp_ac_mJT#tl{27CD-x<<EOVdQR_(
z9+DQQzW}rKEw)i%4m*EVTs$gCFlY%r{DH&`r$q1|+HH)F&~BF;`E&E$xgHAFO`!}Q
zF9i;1)6N-t`C|*E#^nW&6ngdFsfP$j1r}0K=r$y#Bp$Ftq8v^MLDg4v0?WEy@6~#o
zu_UJVqzDz{OaF1D6n_X&==Z>;vY<Qy7GC=7#8uyYBvig({1UyLT?uyHpUW~hDGLYN
zX)!e7UYtYs_>lBfWjCv*kB;kmXAEjABun?<cK&)6ORWs{oVB0>)BEc`b@4e;Q`33f
zGoRaKDG11{Cn)1TFTn|&5t2~D_<*dztu^T61HUa|<wc=j@!7n8Ab#J-Pmy{p%D14r
zlvbef(KxCSK@eRxms%K9wP4lOhBNokf*z>>&}3spv4B|l)ilxP;F+uf)~|><{YSji
z2C%4j=Y|;vH5i-d;u-=(h7EnLD|k7COrPOJM~7?4kj5&UburcoOedO2GkQ61HR=*J
z(eamhc$vfvM@B|swe9?%MN+nEpFV<PqU9S%B!J&_1dFw3VyWY0A3cO+I{dM;#Vm>^
zS<pDxsUFU<`c_NPUu^`pH`3Lm<<H>t^)$?Y{y5ns9RH<f!s&3UqC+RH*-{A7MG){m
z>8pif7Ih<vauPkx%7^9QPab4r{>;z99d;l$*`!8P+t|>X(p7rAabKYx_ARhlAEPD6
zZ2?p8E#s=H1FxQ(g&l64Bdw-76lI{`7Of&4bK`Oy^IoR0NAGOfcd<8L>BD@uZj0@k
z_1F-~2M3)Ft-oit>baj6WFf(bNxxyF@y{TN0Q)iIF#X9ICYpe&``I(V8ij3RODaA(
zvCFCS^uo)+zX6&db<6%~Rb>4~lKIckf4~0k3c7!h%=g9+{)1$WLu!wA8r!%UDZ7-c
zm$6_xO(AJM-gM@JFJ7^Ke?Ct%=|db8P8=6Z(}CZ0b^29Q++N(fRUX_)hn7u>=KVV1
zF)il%)3oStfh5wElm+>bQ%PraUh_nOpTd>gx%WR9@J81ue<*!?|6Rm`-*{Iu4qsMo
z@i<p}k^O!it;Riuh8W}*hux+6yc#sMyS;`2vi=ioLHx>lNAa9>gtqNHyv5}4R33}~
z<#Em9ZFgl0sHf#W*%2Jxt*e*MBdT=5_ZY4nZdW0Kcwk?j^3HqMX@k<on5Uc_qmyQC
zOpuA`=K@*{#%w5wFK{B-&tw1}P<VsvU#R~L56V5+i`fec+zZSgps9CYoY-Qh;)jCB
ze1rU==G$xEUbIV{K9zUC;=b<463g4S<C`=mA(vFOW1m+xhquS~F8q+^mlU47$KoE|
zK%2w+2n3L$@XIC&`3A=Nkrua1JQvaS_oWaYbL}!6ooA4HPZ~D2OxW^AeKfUXBTxyS
zUdD5kF1B4SXj}%NQ@#1#0$@C!MRtql$J-)Ezg!K%qg3uO<L~)Bx(FwpfmUH*kW6;t
zQdsyi`hnXYWoW+zTG^t-#6w+WqF_RQQ7#~mk)1j1QmX&9lXD}|>4uhas#LLBd!<IG
z<8@iwiY&`eclVFYVtf4^Ulx%kXw3(7NLKjsk$hTE^^xyN46SC$<)1C@WwGFsLG_=<
z+slf>-*zP+U}|wTPNzP4hXFtZF*HH`v8|O&_+5b39S)hlsoL`kK{KDs=0w|*b#)(4
zweIb7W_I{)^t;U=TkozbYwk&c0Qfdym`;7<rsTf>rwot5!x_P2s!t$nYb)i@oX-_l
zoTCqMXb!nrHDkR^OcScIv+&RUB7Q1_$4KBY9z1>o8)cEaB)J~F(lhNceF%9Qc6I42
z-KfYnEy?92ulQ)H?E<)`S9=G$Gw#F)-^+Yh`r7^pqXY4fzU`whuq3!dKYR8vOAe@a
zbl{#$)*`?L27^L?<iH-;?(UO8Hx6bjaT2x}P?wXrk>)7q?sQ|J->0kEMB;}LM)#o_
zke>7SrqAHz*3pT=#eKpG9`i$uY^1D(cY^NkfC^xtn^#t1gLCvH$0puMd=Xm$WHAAd
z&+`qY7YcaGDrl?9)kKRN+Hb#onBPC1&cAiAb7u2w!9Z32){kaUwP!n#ufYVfS58P<
zkxO7@Zxw)#J;Nq@Ce3BWFye$WVN!JQJV%NG+-xB0BeoWW_VED%8u95d3#6{ez6bS*
z%D-o4kOH@4_I`yictaMGP=Q=x5h*LD>uXKqN*^38x0T;~+<N{XxLn)qXEXS<lDY$a
zbSw(Sk_f*9-mM=sso3(6Al$dT;PNY&0xZFYq1Sb=PUQAra?+Hst1Ck%l6H9eifq1p
zc=U7M@XhA4T0T&rRnHeEi<pq#gXlH-#30R+nkX0u9?DaLQph<M6dBfWOk7z6=9Oq_
z&NC($o&)kj+7Ww72M1j^*JrlU5riU{tvx1!uxXIHMh7rG+#>9m-qi^Mu8;0{T+dyF
z6Q5J>HP0-~rWjz{kzyo0#Q^{wOxdm~&jEwS=ysZSh9}L_g0*729a2I;=ZY7}O65$F
z`}c@7?vGHq$!9sL*p3Vw>Asix!v<t!Pc8^1%<~AM2B3a($#SH-)8F&e#oL=LE22s!
z<XKwTp{1NBfQ1ErrXPHGa}lEdMamhBAey_nyGA(9%w~lsVe!+^^F4ZZ`Mmtp=Hu|z
z*nx|q*GRh2p{3&IbIn$ZNK2DOnLpXv<iZ4l)8~xh?hxn@alG5d?Xd1X6=!dEm>Ddc
z7@HfB??BI8nLEuzWt<;NxP5Eb@Ck^UA4@+Mj1*_@A9VdR)`0f=bCX@cb#-@jbaeal
zX2;&z)t>2vtK;p79W7&{sVI$OWe%q=4GZ34fG`i!-vXmJ@XPTETq5?sCQsipc6a&n
zX?geMEW7`<#CJT+?9@ix9o*cCKgW0bUn7J}w%rcy!)Nyn2w;vshtkDZ;9<qs+K3)n
zZr07wONpSBl@!J-Z#}Pv{qeiS+!e3iEtzi9N6)74y-B@?$D4!0XI8yIB?6OWd132n
z=i3!GFDvdhsYIw~MVW>glA%2h(ANSzWq+K`<Pw|=Kv_|T6!z<E-T%BfgLGPl_%bUi
z=-0m_sAvQfK%>v({<(3N2s`3h?hZsyvStNotsxK~1$Q|F0p*5x9xqHCX*|;YQHWwS
z`_HH5J<2r;4cq#cVM$%)fFsr>muDL0$vQ)QEOmLqD(a+iap(FUhXO}4E+AV(6I*ts
zPXA*`6LVQ6C{--vapnvw>i{&x$dY$)*Yv_A-MW56^~PGX>EwD-ToUz^!EnPHY?}N7
zb>}??s%p}!PnxkU3!y28>pN0y^y#H^ozcF=Hfa+>p7FV}LcJ$r$555>Kml(JZn1Y-
zh|3_ei=)j=0C?<jE3Pt*q0nXO2*78xztqqS!jItSL#@aClO8L~lFTq3lR(Aa&ZP-#
zdC15jDW<VIe`Ag`i_Bk;$!leb)g#4!oub0!y}z0?#h&ib3FCDRQ&s9m7HZm`TEs3E
z_{IrHNQCf(CA#N!U&JbEZuEHAnp_9eFAq{qZ5@dnjCE{mJ#jR5&eX;1m4?L>i^O5p
zSL_qt7Z*WQ8=j^s<oSTDqf!`yc2x-Z+%(CelZ`tbsR#mun^{gUe=*hhQKiTgn_DLc
zOdeJtt#f~UtL5OXaCY&!j=fRVn}{V3myfS^lOFY7DN8RYZS=8=*q3ypm>)J?a!WYW
z&5zA2iYVvE>MH#u&LQo-dLyK5ZMy~pq$!;u3pWuPeKIWHLhC#g^4r%rLiceC-qiYG
z&`!xNq~heUG=IJlK*cU#(=Uc-K@G!WQ3wUpE-_UGK#*IS#+R-$86c-(<=O;cXG-<>
zT>=0DF|1%q18VU=0gdDP5F_Lk0nu_9Iadht>w%;-#c6kn$0DC;X(WC&^KOsOzOdAv
zVgWZ(2XK?R@}w#ZDo0Dl{thyb9s2`nz1^Io-!X?HFE&Q>poM$-BR3`hz~59`0qnJr
zYkuUgWWg~|UqRmkfD4t8Fg=8{hx=ZWaAc~Xc613Lm8XCf^s~xZa1BpA@kn15OS9no
z{BM+fbBr!szh&Fqr)}FdPTRI^+qP}n-KTB$Y1_7KbNan^Zstzzm&`Xw{a1M^zk0H>
zYh~?)#xy#DO1hDDBs?6~j43LKGeMG|K%_t9r~XtD<2!IuEiem{Q-9}`ht)SA3wP}K
z5Fo|&)lSkbpppBNR*0>ZT|ypdK-<N1lTUJ7SgUNw7RBG{7o;h)Il8Pb)kr^m7+F-T
zL%{)wh51_y+mM3Nl~u&(w@C0=MOI{Ca|uaTZG>xc2`+=UFceU?eB|8!p1d_C;?i&o
zr`7N3g7>T<7zU&7XTK~%7VO{!M(N;;Qsr&*CE#YutBC2lGbc15pA=ZC7knniW|mwA
zahhwOax#k-rf7?Qne4`znG7ZFqj8-zYpv}SFWpq;jFM%&t>f`3_neKv=Ag-Uv8byI
zE}lcToKt=mjn+LY{Wjj%AyX*p<r2TI&oF1H)Hx`DG<62IB5nBHXng6kcVA%Q_w1#z
z8iT!-I80lAf&r;>$^0Q3T~9Z`OnM~~<tOXCNHf74TKiaQ_#5Um8cyoHL49*9xpM*k
z5J=oy>z+iSK>1`tSrr=R;QRhI<J*f>;_UFv7m&AI68V2(V`h4We<9~#WMloe`;@9R
ze;A|Ie~LACMa!T#6RILV#Y{%1JJQDiO=OJ|X;Oi6FqQ-K>%?82mUB}`u(n&#rv=AA
z4r(+vt5vqaH0k~+*8Dy7=j(pdg&Mp~U}foIH36MNKy9vA4BoQ2w)+XY^!xZib^Hj1
z!QijwX^ZRmpbf?YxDsbq=A%~&RKb93zjG1lk914bR~JDok|x2B6V8FW;i$5*#@E0S
zu;<f4->4(zkx9F)9=!#@G-7BjL+A4u3hTFhyzU<Ai!(9eMspE9gei<~VN$7<QH{DT
zcvj?AX?L{edG)KfeX}<MwalEb1zqfXKHG=ax%AHK3R&0opV9-@{;u=U)M0hdrf2?Z
zUX63p3p%7vil|Apj!7_bIP@!$KA_WQghMC+9-HJ3V|`v=!Z@cQmOR$}TKvr!!`%9u
zo<~)FM636phdo51=>8JgJ^VPL{vXOGYesA3$5e>izuSk<_ka#oWr7dg0>)3z&svJ6
zSL8xy$NvXJa-bYqjn=`s;;`c3kS6ei#JyUR1_7==N=u^4s931~S}3Jl_OI`I(DMX_
z2JgA)9VWSspSMMy0e>)%9*j6Ur`vRkj#7aDs6m=ZWcM@0)n!g@@@(LuSwqwV)8{1(
zq`@G-*)OXhkNsn?c6?y|DT2)RV0s%raWqq^tK8qdHUV|<nTd?xmixm;`1(rA@P<GL
zr!Mt%6AQbhXsolRtxo;)!=Q!(=(g5p!upco<bjHT90hZ3agVg-wKo@D+G35jUdm-Q
zn2@HT=ZyW6qLpGVhJ#nW-C*l_zTI=b_?bg>^=H??v>Lu_PzLJ05tF>#3_9Ok?>}YT
zU}L1yi20o+C^c>W*vJF$r=OT4{{+@6LxmCz^K_x~kMfgk;qKSQL!t$0CI}PV?@eUl
zHa0_Zm^C&df~RubeFB!x)ZxHqIQmoZn#E{4nMsNBL$qXaxcsF*f{=xhKj&f>CjjLe
zW6C-x7Q(u05l~*eE~h^bc$-|(Ec%8w&Oh^lyOK?x4UMRbdIPzzedKBAnizO)HeGrr
z{m_2(Ezg}e?~n$y#Ukbc9rTnxa&JP8S+za?T(*{7owg5~e_F>a#J)aHl3Y@x)kh)@
zu1sc>M^uQ&m$?pA2=CbdEiLo`<VSXn4Z)8R5CebsbzO@T!jZosoX~(YRv$lkCsdOW
z!;*!YiVuz`2S^7MUn~+=BAxrEMs)sE|5PsjvVcVsl*vik$Z!diFp&=5ZmQ$73@Ky@
z!4z?IDm<G{<5FTxM0`agh!Yjuy=`pKL;~}tLjmb}f4)?<Fr3ZP?WV+4FdH0uS>2QM
z+$T0*C5>iGYLd|wxuvz+A0FY3=g&2F>x2b3m2Vq!`AX_<ee{_}I!E5>ay8(coWNfg
z@GCTIPd#FiKx4^&`bVt#rm^4d*`iLlVG4?NYN(=;Tx)ndL|ofo3R9WJNapE8!0g!h
z5q5BsXZ)ohtuP6^{=#G`x7JGFUmd7#=kX^2OYo)Tb<Q<kUx_q~zN}$wmO5ix@0vfo
zFyEK#^NK8DPO?qd2a-a%B8*dfqjb8Du9KSS0bESy2M;vDvE<p+C}t+9E5&X9CI0D@
zg+V|RC!0?FJd^|mi#I1BNTnqkR4RotS7aC2i~4k6*Lr8n#iPjxA|q(BkI(~m;lv*^
z<UlEWv>a6%i)7sz5d!gJC&xNw4P)!$hV*^t+Xy_=^wG;~q$2oDXY(8fai7gPh&y!J
z^32Z?Ta6z!KY8x@mtJQ(Wc=PpW$no%geU?BtCyhrkfqf38-VQo^!8St5o<GR_jbL0
zC9igzfKeS7h%1LRcS)5DrjSmVVc;(NF&GrlF3}F+5qnSRk)`|F`^DXBAC{~|*0u0`
z6@$`p+&FNIHgseF76OrLQ|SjcmcbNB;>Y=_Ci7oNCdJYB&s9@dLD?_9c)*O^UH$KB
z2|Cl0YMM$|j}C0YM2@3c>6Xl`pXB;3hE##1mu?FtW3VGAw^*e|mrpy_XD8ln+^L~o
z&s(LtFZc6CP8ych7}Zpl4j@Ffpm~Hjw4CQ5`c9<!{*v44JPNHmR*@Vx1C13;x*>^~
z->_tbs8IimIP{+*RvB97VTH(JKn!|culYH|#`L@R$*L@_Sh+p3|8z^(c4f|5IeDuf
z&t*)4WoyI5k7B{gC}GK*|D<-$VvvO;xW-^ApKm4mO(K-5LP@w{eq?fU=h){rnKbfS
zrV1J%f`dr455{cLM=e1JZv3`qSqGA*Sa%a0LP+$Rf*=;ISJ}nba-08gnZ;;YO>Xbb
z$%JQiHa5WY*eYMHv1R}MysX4Cb;MHFCx(zh@d7TVsQN(o<7%IxA0nR?^fh--5UEgn
zz-JGVinJwt;rVW}zor;gK^tFknd~9F6jLLW5L7wII1*|F7O96M1g*R(Uz`usmRkd8
zw6w0kLjL27+x<~KY@L^E9;QFpqz@d*{K)2S5v^J*1Apt%1qf!BUhp-kIDRq%1Z~d3
zHixh`*w`x8c3w>BLp%U<=kwyD?<-yVd^Br-j<RNX+P@&ORCL+!oAU?~su~oS`3G1B
zU{5_gAqSFN7|@l=aE6<-e?Ej(p)VOV1QZ>&o3vJRBGE022P4~^pt6JH5?vbbT>b^*
zOwNX#h|H*3NqkJDJGV~j{3A1i5{5RWJf7;!Q!OS`LwRZ49kVACX^bWkzMn4f2RWGS
zCnL}C*_hP|>xJ-_%~{1H<_&GlBzGBdG2u4*2iwR=3cm6w-yLDeDLkt{<|4_-U(b3R
zdh=Bi*)hM~wPt=IXE5=YM!GdMxT?43zEw}Eg47lj0o$e~0r2Mj0AN7>amnJP5{c5k
z2q=0ZNyVUsOqe%_$s4tEMdg|%pfAf-e6{*uhh*4(bMIJ8UI|Nlp99oPn@bNOK*NPy
zbq<&mbS4)T)hg>Z^;h#Hxl3<tkj>L3?2OhVC$`>?@D$^~yc#f#Sn@pw0!+}0@+^W3
zHI=_^NQ`?S7kOZs43b^q3<Xu1NSfbx1)4C9I*NNtr@Uqo6msiJg5JF9DSjB(4beA`
zE~-9sEs-k@ZAgzss{B1BAT*Ux>MnLMmrOyl_fSKr`7CqW7Ii;nxI8`xg8G6FK<Z93
zzfxkH;M?<fy+HYLAkt!Wza=DBC_yTq?zuicM31+w*+_%J+WP$6-c9Bh+Sb~mUH<r*
z)fY~UdB;B#(F+2Km>#w8AO4s|qn~AM^f|7xT7$yiSY{sZ1aMPWU)eFX*InzgFb<!m
zbf&CH<oRJ2w!K8!SRGqUqXBg#E;?JptM4&){#1fx(no-+x9Wx#hGNKSoK{kP)smsn
zeTVo2G9aqRGO3>IzkiBmkZ?uuMP#P^4Q%kR6)j=y-NuGV%r9k!1wp~J@owYwg#UOG
zT-JMYv}0-(eQM?&Ha<o-Ox)o@_#@&W0ysB2-%oN&UzAB(>GT*)IN7u+2OkZs=(6Yu
zp+%#20Dwqb$doKX5@H$3daiDktY`{gW7I1@BhkI4n?$xpnG_16n8P*9`g23EpCsMI
z*HXJ?)u>{L>Cba{t4BIuV)jRWYC}O44xDamFRHBZcf4M>uDw|48>I7Aw=mA_`l0#~
zCw?Ntj^!!iLh-|e;)hl$ptdSG3T}bP*FGjny!L;*#zcI6xqHg1ThfJ9e0_aS_x5u9
zD}2oQ-!qo~x7?kP<G<q9{@>j3q~^NAJ}aX4v+B)k1tvjjqSt~Ob4<hjxP(J<ePU7s
z(JU%ed$rhP)&1i-K7WL3co0?7FWOl|_x4%unG+ko6_2J`XU|7_m&bY2BQ-dOVxy&t
z!FmRVqDHG!Lh-8Axi^nV1cE?<rtEY1m*&-%SpqfUZ#uX@g1%+jce7`Yo2N>^U|%rb
z37<N4Q?V78paJ-p%I+@A=|5kN!aI^y@lpx<_@NG#b!~5N;LRyF>vX6h6V6q5x7k>c
z&;a{TR@TxrU+%$8Pe0jQw2Pvgs2wKM3HYJsecZ6*Jx_4BFn@VrAll#zCly9CVEMTN
zr&(bsg#TQcV1D5l{BXy$R!0GBn$@tbjzOUF@OA1WO<MF+$#v@1LL5z2c6HD?;ggtF
zm2jkK_@rjG>Fmc60oKH2n#k>U{mRj5SW3?7x^)ASk<P?~^~5gCcSvu;cl(u_1g{$}
z`X^myxrN$y7+^J;N{fjdFygeHC+fyvz{%nChN%c4CTNFY(C#keO06hiQ8d{M8Y=?Y
zLOAXQ<6f7xx`nKB4~aUm8J!R2H_LuumeSFiktGmvkWLiR^iv2Y@k3Kdha?nAgfR^O
z@6y3r`{Uz&yOz3%2uDUA7~fB*ulWjj(P3a)lHx*()6EzN(e%s+b&*!fmr@1o^x!Sx
zI|^1un+z7=jy%CjjBIqupzw5@xF4unPl?*o>zx;|BnqEuui)Q8ThzTIZzP@2k+;{G
zUtghPr~}UM!akPV7u-pd!2tbs)hv8s<mB4^5Jotpb+ud~Ooc_zQg!0t^7r)7lF<ui
z<w7(~P!bQn!h<2@5lM&(t~^78kwh(6#Zv{}_@dFxL-ILJ^#*XhaP{Rmffz<Kra}k1
z1uVt0QauQ7+myRXp&pT^DsRf#ka5wV#XgY}e<ua(y8xif+27L?>yF(ceLj5Z6gi4r
z%RVOhe6-T-;&`DmYDJt^_f$pqY=hqvw)}oO4%=L%R8{~2ah^b&#zjX%^+^D}Bq)y7
zW|4PMyeb$IAg-Hv-IHa6YBEhdd+;WB7$BkTf6;;oxQjC-srPuhsn92FaZVfyZcppI
zkXs@#_vXf#ES+X!+dpkwWmO`rI;mQM6ey#PO~Wr*B7t*QLzwa$fgrMv_X`HUSmT5j
z_Zw=AjQk;yIa7k1f>tgL3T}<=*wcShk00*b>C?D)$Mf&AsdUFYOX}km_(gimQ%3To
zs}yLRUh?4lLThMrXGPA+(+N|JXIpOPESNAD$ICsi5W}?+r+<>s*r=)q2w0K1W7_%t
z%-9=Xu!SgjZGvd>z|ckC(e)Tgq51bjJMecFiO&Lwr^$lWEcZPrdzN2#zepj+ld;8?
z^lWa&nkIH+zCK(%>3_X&dwS&bJ@yQP>i)g#G4!{zs!HLrOKIN7{aWYtSYJ+0TOY|!
z59eLr<3DLcuos)vfx6R#50;Lz4vU**Pq*26YXSq-I;e*M0TaJ-7DGWapmC(dr~z0@
ztnztk9@p3>nA+r4`zt1?7j819*K0>^3<Wl>a;H`oq^sGL0Q^xqk{gJ3^(l-z5ZT`2
zGk&BT-JI3$<=}9Z(_|{`k_YT~%qI_70p-us&}$Wv56qM{Xn)F8lU-||7Yf)KlpL4>
zeE*k7YVNqSba>S2<20abLwT^G<Bh1O1PtVqk;xT9-^^8BO$Ef$)Ky=Pi8wNV0lt6y
zs@?O&`Qh+t-ix`-yBm*pg7!vDm8KH+JT^`vvmXG~QIQGel7SH3_8Qyu8U3I{&InTM
z7e=zOuQb7ZTSptP?&S6Gb8Mo2Z|zvFtEQ@QrOnSTGqB;w<4tUs`e$qc-?Y}A-rJ>J
z!9h^P*j-j_*<zocr+>M!6|QdX|NXc>x%z?LUjEDN78;KlzW<oUde?uJ&?E%WEvD-N
z&{e0aTTm;kLR$qyo2JY9bm3^JZ#3!t_&>`fVi*R#u?Zz$Qi~`y{l_%6N}u=qD<($3
zMXuXMwvz>GlQ){o^;gTi?EdP@Q2|I%VT`ivqxbJ7Chl0+NVlKYqJnIy_A<2v3@x$*
zW)+<%skX%UkjBlWRU6@?(r{M)nP$h2?`ImWNeDr%XhtJ0(<hpAA!GsD(6kZ#{1!kQ
z3$9U0iv8i)(pM+e3~fXhuJh#$CknGf7VV|JmOu+8&(OX&<I9lbQcuEl?X^EQ-kY^s
zg5glEKEGUs>1ikft>HnpG*WZN1-|#B#syNF-)A!E8sXl}*i^$R=nzsbi+zG^CO3o!
zzoctdYd)iUqC3e~tV1PzuWeJ+dq69E$a8<0tBRnk7XK07h`0@KUV@c%C5S8>k2v4w
zgo=C@n5A4C<i(x~#EIOjFVD`IDxK2#BLn6KAER!v0=(aE!@1A?doDQ}QV_=8`3rh~
z<yOaq-Rf(T7lh8XDW@iZ{K}x$z*g`A%zQ@{Og(IeOd^;s#E?B!0vU6RbTsg#w2??f
zR7-qsR9nC1>^A89N4NsU+0KDOaI+G1fJuXgd5|>3y71Gbg%zv!+0F$rYvCyJM~HCQ
zM58As!@`|lR6Dqi#$}yeV!{EYIX-dZ^|XP;QC1>+L$TxBH7Y%1`h15_%IM2Vq6-e_
zM6uo${o}CI0Xj}DiOO_mj3Zma%=>wpp|gtQQ^v5$M(?<pR`Ldpe<3+|$h0Ywjd;gu
zj2{w0pu!t#`{TS<d~Nouad2Go-5j>&lv=Y@K^0q9l*M#CCf~y781QM>tz50tRPd41
zq|<{hN{p~HW3#R#yx>;{#0`2`x|Q#cYR7@&HQt_D_x$9`fu^kYh}wF7i#FV%UV^T}
z-w0bJCW%}&b?e`~sY!vP%&TB>u2y@|t8$Ub(Vv2Mu}aZzgZ7u%N%Lso@e9gpORCGJ
zYj3)VyS>!Y*#`!wakC+Bq`%jD<Lw4V7q!^#Ag4A#6W<o3@RscTp~<23oGIWPaNlO_
zw;LgR%@i|CB&K8ENz@7fK~p@_S!b|nZ$<$ejZdxN|7air%UCCGkWT|WY(f9!kBVmp
z>XtygN((siyhJM&xthwD1l;Xcpqa|8N?hgfq#LbDxbLrvO3SZ{!k2pcm_Vo%iclbR
z*q~K{n{Nd#CQI11VsjSkgnc+<UHxvuna;z^{qov9`bB~qKQFLY|F^$_i`slosf7Sl
zIkp#-ObbB(mQgY%;#7oU8C@Y{AC5-L@2v4T-?|_HVr`9AuiyVng!x#(1YO*|;0ZmL
z#xwiM85B9H6I@6;G!&m8Oqg64+cM-x&}niN0~asngrdvI1&nBKuHeBJ#*LIm-EPS|
z8))49fWLoBKb(SE`}9Bp>2FYqwCrWqPTt$Fv#4>|7<gDbnj#}0h^6gUHdzru2r02j
zDbE{DjTGc6MnQ1giipda!vbK1f7oZy5)uQQvr;bF;$Xu?oQeh^txG14QUxU4517B<
zqmasJ_ONudp_qV{xPW%CQ6HbO7EuBIRVoAwk(pt?2tt@&v7dDgtL>pN`xA^(^s0;^
zeUSrn?v|ap@{l9Zf9@k-X`YSdajHqltI|=s&T(}>9*~1YnR%Z|V|BsZ36%%{D9OZ#
z$zNnELlE93zH$*YGeNt~&wUA$<6c8Tpw7G6L_9uz<rS3q>22F&_J#36<H-c&gedaC
z6fm>iq(^MiGd^n_Vx^e_8^Qy+G|NI)_h_6FRP{-`oWMf&(|{()F>ZAhS9Dtg|E%Mn
z9qqB_j4SNiv*J%YSQW(Z^9ZWELc=6F7ZEcPMAd7F_SD>OS%^hhe+_{{loPy9nCW&G
z7=JKaDOZ%<m_G;zTtr2K-pO;f<#TZFSf`R#7T3brpJP8=X?zN2J9g)`pMhw}&0Txv
zvRuX=-`!n9bRF;O4%fTBLTaRI{}Z+|anS$!{vzi8Q;ovT`u|a3w;qH2<1gB-IT=0(
z{##*yBF;y@1DymS2GF+@h{O;7W&vH-)PDt4d;iF>$d#4dlq@~Yl^_CdQsG%KYT<Hw
zlVwnoq|mV<US3x?VIxP@p0g{nx=~9zd?9jG@1UCC)b@uA3T`RVLN#I+-&OgffZUm7
ze+_fi%IGYD5=K*2Ui9Ty6_WbV5k#`+rKY&>fMG$6i_!2KB|7O*Rck2z43zpZZH9*W
zJWWvm4F$}mG|h=Rp)(qW>YV~T{1ds&*wS#LuE4ZB!~~XBVHQqx^aS6WEGS2xK!COq
zuc~N^!bVAIfreSRpe6MqbT8lV1F>A!-(Rf%D%4-HydBR+%)|#Nqg`pvBiIFVS&bf7
zVh~)|v9tg;IYlN}wbCVHA2ZTPBVs$gScb~;I7G!l$5xB$-k&mEZ{;k7tFX0QSZ&L-
zXd%5ewr+7ssxvaeF_?QMLgeg?nj3UviOM2XxHFjrOUxdtwbIJC3#bP*$|S<=h6Ji3
zxO959CVB*iU!xb1n>GrY`iG31r4fcBAkkA-CAtDdy$c_t)l2?Es<B>)6Vmr-hfzQA
zd6Q+4%<|g^4Xz8xjp*6IWnPc;@u!-d!s6lFK9PPt!)4C|1!g6qY)`eW#dwhG5hObO
zv&tQ~*rR0x$jHGNyitJIl70lZsL9P#45UB`H_c=1o!CFT7rkq@ISzV&`nQ1_{(w2`
z1R1pD(@-4T0Ehdq7^uOtZrX{o!K1#QNL;P^Pck8~cqb?~un-at*oRPpWS86Bfx+{~
za*Jcj``u*bcxL3L>vc%x<I8o;_Q$)y^Wxzmvu;;dZ{Ul=^YZ4li*8Te<Bq}eCHIyS
zodwkD@Vo^)UTIR`E<&*ua6O8Ru8VArQ^$4trY>!+u1kk)JMX8R^Xt`RrK+Isr-#?0
zVC?%S>oNNSr$+8#qb@22Xaikr;{va%u9v<4cWi930we-cH|RK~;DFT%yp`|g`84k|
zo2umi`VsR4%d)V;wj%=$AefQ+2_RiVHm!jQB*nHcby5J)en{B%*TOb+swywhmV8OK
zgRS7{J>sy~Jb5{_aST8KM|5eVYEa<c1A;9Lfm!KOdY#X=r=z<?s_UDzKoKLwG3W$N
z8FdjIsO7B^4R!Z=PxD(?4_bio74P-S?(gFsKlyxsbjc#W;e{^u=XqJW?^4H@O2?^2
zlVMT26l{RgOfMSy+Ulurm{a}rtYSNS{0COkpe+BC^(+do;%FMjB)*5tv|OF;Hg%-^
za&|KV5?wk^N~(-2Ecb}uA%qqjl2Xvi5r10oj;T6z|HSvg6VbMxA#h`Q;R#!Q)V`)I
zq7c^47iSJ1HX;VD9j4pdmoC%Cx;E{p&&Oj8U!kuC&n#DZK8}u;#0JsJr2~(L9hLUo
z-6W{zZN3xp=U<iMy6w)W=8L_n;)uZt3|u*ns%8Udxn19!2sN|c5`o-R$)KB<$eH|=
zw|C5mD`c@X<e-Wxsl}KpXjlgs)%-a~1<;`O8Y&D3Swn;9ZrXBn)Ztk;zj60yeuARY
z<OQ|T$qX@Q@SySVFqli&+$cv>di%jOCJ0`c2hl4Re}!{IXY3Jw(vzu&to_=ToA3Wy
zwh()N$0hY#Y{OKt?PxPHj@Zl5!hw}A(l$<Nx&gr$)67wN7Q4>MsR>4Ib#E*Q2y}d_
z_XbbC1wL;W*7>W$7o9%Z_g5M!9&8%L<t~Fcla;L+lY)(i;PS$ZGFCe!OJF9!q?xwa
zxq#;Qn#R&n{gPq<vvLu@lDyayKn5tICcg<ZM35kqb>As-jNAxQtcf9A@K9EnR3M+~
zQwdWxyZ~V<IB_%ssH6N=fHSwzDq_{He=V&!E@Vd8(|y*lPDv~NoR}epb}ghL)*U2a
zTacDhcGm!qKa7IqHCY|(=^x#1a4}UMuSKlKEUWl7JfuYh==q>nb?bCbELrwe7$d2f
zZK#imKMWi-MObQJVS5dcXm@Nv^f1DRZuTW4fg1i|J2azyC?1WFlDXj%i88=xq#fL}
z%w;n36iljtfchx&68<2edMIK-=90B-Ddzf@EN9%*%4Va$^==gQeWA3a(5P{Id_03y
zl$I2hcvLft#+!(i#s2T*4}*;8-qR(GGw==3V@3@*v`bcb$(H)i3?&_E@trf0ng)yZ
zm@vIG=_N|X5+btzu<=B3`lF>%K)t9bP@snhvmJWk0@ds6_88;=NOWDalGuc4b$S6b
z#&v)I+*z!UP;vm<P;IVZi{*9JkjbJGc{vKR_Hr{!_JuJ6ZBHCSPVI7$!Ps422Km_4
zP>{#TY=Hb3M?Zd^*!Z?1jQCUnhQk15V}7_?#3q=sLuZYX<&L&w#x&2>#sFBRK;R;G
z%oP8m;b0{Tl>>oEfK7)n0kjuVc1AT%zl$E|rJi|KeE4+4`ee`GsVK3)Hi=(eY2g4Z
zrw`+*h%>fv%5*&Vwu=3fb><eg%!wj1AE1QfvP61*q+(Ots#W^)kjXREj3Nb~>XnTx
zV`^UEBgYg`Z5OM%I_Qqcad<k-zbomFsAn=9;D@xxjjHh)>`pX!)`gGi?!PNRyQf$4
zR&I7$I3#apN3gO{s4C`IP5ESZ)V{;)KBS8;0Wn_nP_7o7Taaz{c~aufNhb}Bi&*&8
zGFK|4FBaE5HCuY0Of$|Zr5_jDpTp}g7GP{bn2A^fGiTew+AxYSs*P=E=KIXFH<oZ@
zOE{jB@oz5pIPfI+F(x)~O|D`oK(ocjkwCYJxy@wF<W;z2^I;?aB%DMewa5MAa!ciw
z5(H?#vo9JXtsAZy^HcRJ7^zOMQn82alM*DRjQx;bAviHCVP1bf=#Wv#q3(OS+~PXb
zn~5EY5%NbUjG0y>GE_QnCWxu6%(LP?pE^4PJw=HkLIQV3k9a$zUpPiymZ>1-a|cf=
zl9mFUx`Q|V5h@>ZuP_P(sUCKi5>VigO^2C6ja>=~T4b};MEadCWizLU&vOa~u0W}`
za41zwrYYyEYDvd)i_)T8%-i-v?Y?L)?a8>L5$RB}$0X<lwHYp}Yo^GdduxtpluYP(
z3#o7V3wZf>Jy{xE3pAiDp%7|lL=RF9Iw*7Gl|T5~(D#$bfJX61!CK3&#V{kOchtWw
ztvDH<_;I04Qcjcl+|spA7e%o~A+-T2DGTAH!;MBM*M=|XvMvJ-A3$<a5o|Z6c!@w(
zupgY5nU0K@A*YxFN8nHkNUa|{2r6yKIATfA=!oEHo?V%*+8%c-OnEQpZ$+>2R7;t%
zS@l_K49Ts-IJh*u%)Wsl?oc@RGV6UkvZev9Rb!UPtF*JJcdoOg^KrLh<rQ%eK(h4|
zn6T2eVxW6X17GOKPzVXeON5OhDP^DT?xxa4n{Kar*}}bgB$tYh?nc|@ps$d<skioX
zvs{9PGD%ZKM6<zvTprQQ|NTm7YO4BAchjoI_^Vxsvwn5tCq&NMBj8XA_Vq|$hv@J5
zWpD#Hd^OiT#I(BN`-%wcF__@Ms!Vzg<T9yh?1-@;MnRVV)&&BZ25AyWEmG1LNlbzR
z30|)tM!`GRqZrm!#W?GVOC}|ZxZ)<<YrA2+b))st8b&>@S1~xM0g>W+Y9=>z{?jio
zHfu%e+`<XD<sP2aN+!L%f9~jc6($wp*f@*(=KOG`HaI9ky~$EjjU#apsu{6QEs_8?
zS?6D@Iqp1b+pIMw*@p3ed~g)`u2>sMAKnE_G>i+#o#f3m3}O$;thu()fK`0_2ftXr
z@P)k5A*b?&<a$9rYTz}a0S$Eyljc5qVlP@f|0hakW}s*LZz%x(l_f*}@5dlkt7$tH
zh#~)w>kmXq)m_r_csC>D_UV``k*%7V4T`Ap339?S$|F`!%h$q~RDgwqzl%8a9NE36
zPc88vJp@3aJ#+)MYFtZ#sjZ;(3w991184~18Yxi0pj1veOprcBe@eQt^i9%kek$4A
zy2cX4t`*JA|2{JMhR;z?>^W;lUA6IF=jH%9LNdaor3BNA&D<3~e}eN<y<AWct~Am-
zIP%_uGT0bQMYs~1ExmV%BFhF)(0$Q_L^N^tYoM?EEFC=KS60w~g*hGPKui4u(GH#t
zs3&sCJiY#vfWv487%33Zxu8RYb7Zgy6FG!;xvIU}%f$X$<$Mr#Rr0?fQ2t>F>1qOy
z&&ln%9FePD^me8V)8m4|uYaC8pQvHpaiF1`4N6`{2;Ed{)&^zGA=b*r-Be?0IBA%p
zR9jE!Wp;yyP&P8=0E4(;?RCCn&?S5V4J_{GCG&w)Cf7z}*-??jEev;D;kO?@%X@A}
zec87=cMXoBNoDAtH=!qHG7ce`I*FWb`WdBC+!daZKcjQsv#Y4<!kc5;#Ty?b8x^)j
zQ^(C(JSP$lq}d>5eJHMZPm;{sRdkF{-bgntcSZ|35Ej^AtQ>U^Uj_nCHTZ*AWS6p`
ziDg$Bofk7ufgucBFBG!rB{HGb`?JQGxZv9LsZudf*#R?<^V1;JpHGc2`8wKra^L*9
zxUXlIkg+_R`Q(ae;V0%HOb^dO@(=3K8-34*91sAdivdELMK7n<BKBjC3|$em^3*g_
zqzC_qmQ}z)0KF-Z4RY#}4@TS$1@vJ6a7M<#tcxyWOkQ7g`h!c*3|+aMooAW(YU682
z7D!M20V^BRj!K!8uK)SR7-{{B?KLNh29o57cY-82sw-L3VutU-+3bL9In_5fwpt>)
zyEU1tBV2d{l<oQG^^CKX&V%xm0vpQkkE%6^2FTqi^$;Cb99dR<96xq*W3HR!s%XYb
z43>$M7QsM7)Y$%GvYlQtNT2sDGr(rZQK7qbJ%6TdS8rQJ4VcYd94(hGGsy;u)kg^B
zHbDL?5q3ItvM2>cn@l;K_Xi0n_E(8jlT?P7bZQuWdIqfHK{`02j9y6E6`jjh?;O+L
zwHzQB#6Bwm^t1idTcHPcDqG%g=YabJ5lVZjd|7_!HMgAGBo;ndL+UVX`#pqaN~@;1
z_FD^t=gO7fS(CI{)F`3S%{s_ozDP1V(=T#lX_5Mvh8d~eFoL(^q~UP9?+>c8q!Oxj
z<pFDsARLyOgT+J`mUx@}>>Nc^R^C?5hh5f<<B3%sjvAnC5t5CYe-=AZ&KJ`^7IhAX
zOm<jl;AFL*6g|Tv5=fH<R4Q$I&Rly8q61L=7-#Vh>C^X<q80NMl1De|tK6r)4c5S4
zZ?}+j{W6J}ds}+LOFVPn|5sZN)4y^`GBVTu+nx|LX~%U|_^xwRy%IEwk|02MkkP{Z
z8v7DwEm01m3z*Opz3^({3c{6v%Yz=%TmJAQiZzK1Y^!*H))nt-eOK{-lCZqUzRcO3
z6YeniC?o<PW)D7uzB+hv33OECXws9V{j~c0>4KGxILWptr8?ZX8LH4+5nF^~K)6DH
zs`Mtv#lpab*_~^^VE%xUAtUVlG<#+p7#m&$X8*R9upRvHS<?mwe>aGsR#sNgYj9tf
zFvmna)HBIXMJ^nIF*^bCl?M$usWlr#0kL^oi_a~?wKWoUD5U&L!~<}KBYOksubgP<
zlff9+XHO@YM6e{K9rBpCX#r|AJ(>*$)aD%F79Vt|>(ua0q9B^$%!StKQn+5M1}P-F
z&o6eKwpTYE54Iv54|^A97e{Un*F+s1?HHHIv&ZlFnoE6%Ft9YB!<xewd!SARAFoyq
zM@RR!^;L5Z2QP0g2adOu!$lm(@Gq)+UzQ9;WjoQwFxk!IWO-f=A6R;^IFkHmGv<T3
z=hg(IS37p`PCOLj%e4l%3YIdehl;v6;P@8G2IPZXaF8ceVa~+@EQLMu-C|?jgwJ1<
zz{Km}WA07Zm7QwcIW}BGv-qcC63OKi8_pecPZZ>071_1JtCU#BXZE=vL-27PJX(NY
zF^GQt82G>f3`mVrR(7~RU0&eSF^O&sCC1+9h}Wv6$<Z^}!AHLdhxR}-Ydxf+$DWcF
zMqc=n(va7Ehjb%3MW~%=#FiN|xpyPw|1RrP_ym!HaUKWZ1n7}T1KwA7mG8;K5Jmty
zz)K1jt0X&wV0~cGUl?(wj+bXR-;S`OBD{-pN0_CGvPS`UcB=t$|0c_k_{IcUSNQhy
zz}$U3UbRLS8+Xrl;dXS%Sm!$gGw_gMb2m^UJF)reA)=TEi6EW{pVmFCY+m|&4IX<r
zvS5zS2SgTM0?FJ<h@I$Gi7c~0Ij2Tq*Qy+`O+b>%<d1QnCt;7+PV6&M?k5s)dp)g<
zlYtBb{$VO!ua1(zVEWud_`DeOO))IQ9-#5IZ}*gHGlLG-r&j55{u@<sc{E2N`OuML
z)}1({!=ZCZwY~n?38EzOki9~k3G95yZGLVEReC!WE77G0T@|_w<m%0pq0g$%kB2A*
z()O|q(r|tFiKR~TI3OQF1~%WBY07Q@hjym$_rXm5TfuT(x{LP>oPN>few2y3`S~Ld
zAH~I?Mg^46Ujf@wQYO{;N-g7O&g+R{oKY65)s5nmrk_*GfUOAU^I4Zq2EoD4+&R_+
zyGu@~#0H(}4u62#->}X2yX{M$G;3;s%`~0U%<tg!%a+Sk7M-jY-o_`UFM_9K3QX!u
zpCr0w0~NtIYAD9(EoPfe`E&<JZ;-$bIg=b#HqJv`z9D&)Ryu9rRaI!M{zpsnT{#(v
zX4k)`59V}|70SIhn%EY{XqtIti@=tm>w)9WiSbM=_LWLpT&~@kvrrbj3~Ef%MMi`0
zTV&gNr8f~-Zv^R=gz*CNI70VNNHxh>VuoEE+2g6&vRe18?zHB$hEFGs=KH%Z4=tK|
z>BJ6;h(f`ykXdx(bEWI9TFyNsAhN-@4lE@;>qK2q1K56N+R2sM8MVohl=Sl*JU62;
zEtdu_eWebU#{i!>j4R&UU}5luwEnA|^8ad?{x6Wm%KC2y{w=CW+OCVhcb}`?D8>0T
zt&-uvde~(Qi2477IZN(>07+L{HzSwd%`Q;9ZF9Zj4;GUT%4p*AKoB=IG&C^XPkME%
zbUfC&*10unaJ!Eh(20nnGuk@u3!@L}p9n(=6Wpp`U609{-RM6C4ugnh(WjMuf7Y!z
z1;eB;M|>VDFIgL}mRRc~OSs({G`(2!^Pzeg&0q|Zmu!qTM^^q?S?^u>g)2fG-W99i
zaBklhw__3A@7eNV?q8k#BYDtSENtP-sN*Dtcs6kqA~y&FkqlsXa+PkMI@7~=f9`13
z*sfqxALF#H^w_j0d|%AzgegbMC+-)b7~V=iK!&z?Xny8ui)ZU&1gVzRbXB+9nuHR0
z&ugp8NX9$UJdYcX40d()np(h2h-!vfl7sVU?9kd=MJI2V&~!HZJ`Kf$i1OYnvR?a!
zoWk!1zwcO!*#d!iSGNA$$OG8dU0)8#hkVL?0!x3+o9L3D9A7LPpW1RnM6=lFS=mX&
zl#Mqe_AX_L3Jvl!P3kG;+Cexy*A-BmaFwy-b!fbGWFGIU0KG=hhSLE@eidy;&1sjk
zDj}~Vak5_<T`e_!q)A4O3n`B*8i#=_93DOBDG^NN+=NW{us!;OPZ)R)y!Y$Nmdest
zp1S6~Sv})&LAe(^mYpHtY(LhigR01K`-?-GJ9~qGn5`Fgjsh%+j}KBp%*y4~FR5{q
z3x@X+Nzi}DY<0|<X#H7j#}=%PDG<qP$q)!K%_wTV##4*=l?-y%9_=x?ogd2!{?XF|
zibk@7*B^00M)Y)13Q8Ji2&eI3ma;-~WTM{-24P;e2V9AdnXCNv9z}FU=!on71?l@y
zuXOHvq&zS#^5V^nL%H8}JG-W*=i~MAZ1Qby@Ek4mxRNdPT(w5Gx+ML97h*6zI$#+R
zZdlIqrbHGznL)_>g}y3_P1;9OhERFDgvzNn(nO+C@$=mT25$SkgznoC#R1eg_=-rK
z;Z#SLt<_{~pZmtdIkqdGMH(1<lf5rdrLlb+%Z{$l=R0W1v^$v%tiE|;<QaWl!6wRN
z#S18d;1?g0KEvK@?+f)ZN24F)WOo%hR0@z_#06G!Q(jwTyMf`>cm)gH`h)6X&Y@nB
z`Se?%dHbbJ5q{SnPM+vAA-Qj3<<)+ZiO^H@tpp)#hLm1t5E+Q^^+w4UdAvl*^o>=O
zY>icEo$)HrXKcA}0yH+bcjq+W=_VJ(@#I`4&G{^J{6ucJ!NrdhJ>+oW#;RDwAW$rO
zO`G(~ah}E#Y_wdmStPLPdPU<lbh@25(^LjQ>LesV-&iFyy@p;+;zfg4N@2wg6I{tP
z08@L(_QkVd36d-@H{uOyH~8I{{`g`LV8XptSz8FA1~qXJ1;~CQzh2x;p0cL^?zsc+
z853+*KXXi?BgRk1OMCo)OY<Y{;koUkbO{yyM{0i3hKG@C8F%!Kl={a0zX=Y7XO&@o
zN}A==o5ku|TUetTUtFYBV*UzI7py^VMF?z7Nzo{jP()zPd1H4Ae(+#<(@NUe;vEMN
zZ7%!!Zd{*y{7<zLvk<{qIN{kys0f4^aq>Le<U~8T>L)DH=qU_>ko)sYnJ#Fq?S!&<
zs1@PQCMOyhrJQo7*?&FPF#A3!z`m^Rt5FsKgLVt%VsO7sEm2^kwc!jGAL$q^C*QSs
z`;Gu6>|Rq@K;CZcafisbCpZ(L*C>y%%g0#r{0ymrMHL7TZ+9*av87t^!-V3o?xt^l
z_rv7+9T&Pm&?{durKM&Jhh6+#=6jk{$9Q7^{<1`q@Pskaj)x=D!pu;l6gx@sBdJR9
z+SjO<+X<S!)X{o>zR9khRV-`7ySI`m23t^iFZ?ur`*cJ4^V=6gFFtdv-gVj4M4G@!
zk+rSj&B}M?$^{Uqlrmq#N?~J&#(O9Lkn~JI55U66AM=rqXKi8=3p)g&q3gq%uPt}!
zRHfNMdXFt8^2lax4_%%eIIC5xFb&YHf0yubTRGomH3*I09Eq&vo-fUE&Vc#EldJSW
z1fc-C-7u<PrJaaw8hM<nRfw3FpZRM~`Ia02B!-=vc&grJ;Fs#JKC`hNJLgifc=8~m
ztd6%cp*`4C0m1G9!FO_cos;O;mg}386u{GiZ}Jx0ngZD;U}b^2;^7VSXSTJOpB{j7
z9iqHtKMt)tcxDS<-852O(eqr@4B3rs$}?y$SE!*Lz}L4mmw)v|WBc!iga4)JV`l!h
z>otEoFRpv+h(Gn3H$+)T%<byUco+ip6Hc_yMlJ77)4S|D#9O<pD^9HU=cPuYLu^t}
zcQe*;hc!QmBofNOfz@cxnrvu2GITy|CVvhIWg$$Yb7{bdR3XN1$q@%KXsfPqVjwP`
z%JyAs0-S5__b2~IUdSwb8op%?atJp61)xbkXW;N)$kO?6=GTMQBo1`aK2WfkR7KnV
z?p*@9`ZUoW;9mBSH2Fhq1B{-kCu#YQO}xt7K*;)4UPob02G*QEZk*-Z9{$?Zaz}b|
zN_KQv_bM>R5lnL&k(|DjwYF$Q1Q!isTy_W_0(#vc4SdZZgI<qyWEYcQHlmlK8vfS;
zf7+p6IQEQcK}x8&FRME?Oh}^mqJom0T-~yc8(cra4*LWM;UXb^m`Tul3Vr`fN*<8@
zGD|&33xX?gQYiN{mzn`P?vFUC=c&dd(cG8Qs#Z)Bkp-0lk8qK+DgNBU1eKwG29*Gr
zVSNBUCXl=ofEXUd*b(N+))wztB=F10$(OC;Dz=+DCR1uYK|0!aN<=If3SfZLB!r<~
zE(9S58k$f<6ZCH%u&5ufYUW(M_17Yv?q>@xZVs!YC9QG?I-gmw1c*#oy#54zqrO&*
z7JD%)3~(r<JxM|&c53P+<K^~mnBl^X%+*CZPHd@ARoE1B$&w+)W5FT~P>@|art!w%
z7d=uUdVa!OUjjMp7E$`4Z0mz*opzp<L{h^ByQbizDp4V_oKFlV$kWd6Ue*xbqPT1F
zyAHIjh}-B!1|j|fjx@2;l{1DB3@c5@l!Stn*ymYlS^)KJPeNk_BLc`y*Tjy50G|r#
zr2rx6oKPNtxYSgzU(*GLq_m^J89Fhf>`i~gG93DuQbiAvQkLg`Ek#6cxA0@tIrtDh
z6A2XD*uv`c8&S&#4S7NBpA=fo%2G1y)uy~&d1Ki+xKPxLB5<Gw5D@tn@gcqVGgRuI
z5=aSgk_rA%=XS+EB?4zY^y|?=qC4JaBoT$7tqpbd!@B_Dg;R>(t(1J|)&Q+@vg|;b
zT3pH1j^OhDxYmZ{zGkI*G~XS5<M-1@x<1o{e5CEm4(g8PA}`ms^B;d;iPCG|$v*z{
z!2M~_d?U3_#G>{Oj3<Aw#H%{?e`|JESuPFI#V*2+7}zZ*3^y9lrCR{+O60g2c)NXJ
z2?Kicf?ScUIZIfE9e`BBYz+gioPB5vKosL$+I#S599sxm65Fal)n|Tojm#@peqmv+
zSjFAfilmc$@lQu8zisPzJl3ze#5kK3rU#dir@Wysy^}i7D7aLW?UV7AeaMwov6#EE
z+n9)|%Sy*6%yvSy!uq;UP-g=>SBoCRVllm<OWl1tRC9XIk(w$nY(G;kI8wk)W<t7`
z+^EJAMpT7NgigkD;cwI(T75CuCdqc|;I-ovCpuPX=*&fKbD}Mt3{u$nP0Jn-V@Pn4
zhBOJAfOuLvt_KQrmkf3|d1*s*ewn)~u*Mhj@+O1cmp#SE_H5puOXsySga~YT;Vdqp
zzdg=H74~C3d>Kd9oYb~8V1ai6y#HR8-V=7vYltP<DJn6)2udVXYS<#=X{tsnMv1wd
z!=U|)BFI8P)rQJ+Iu>M3?B?Sv&4iyAjEn5B)*#7^%AXSfL(+N|$^bPc=_>%@4+|~x
zgcFgL2M{I-bqecS1CYRZC*h?%iHBfcBIi|g+ifL`>C{F3tu8^AxO;fXvI1H>qQp_M
z)qkh}PR2tL;08}!kDor&rHnXV(8{i!tHX&I%t<bS5o&sRnyIbt5G;s^%an4jx`KJ$
zZbzqx)fULoCBGqL)3Y^k{BDh2My}Zy2n&dI2Z+Qgv5A2%#58b9qaT#t0&)-kx0Lc%
zPSTuci;!hh2u&YH5GI#t>we}gcim$q0o~IxE!~?&KhZ03Bml1@vVUltK7%+i#?+mT
zy6D&M57tZ{PxPs7pHGcMW&s4Lyo~u@C)KsTj3QQT(7efOxG($)X{~p_%ejC+`a)=}
zgYva8RSs6SMh({XpX^g@qGxyJ76kiALKDjRil>n@ujkzBP*OvnWH^JKitVbsCF?Dp
zkbn<MSivAf)7ruzgPst9e(8D4?HY%Y+3tS)S+-Ucv09nXnBRSKC`_142v?luRJ5r!
zJp@IQOxdS($@%a=8y~Nsi+<4meCW~pv!6=MS>bFQINU_4<&5S>A0u_i@OuTj@NO(^
zcG^p6B&EZ!QGf}isgm3^UUFmlB|UZxnPb87mTB9)A3BG|x-Xp^D)-{}9-k8dT@$+I
zEO-2=)6_(e2*y}&4{G2wJQ-r72FGI|41k|zOfT>5eCNdG&dr+#Gb+S&el_oV1}~~)
zI|l1fiuF-t5+MT@Dw_?Xs@_)oF&;bFgS(pP!&!O{e99v7!Wl5^W8Iru6YM<orHS-B
z5Hn@3Dp&37qA0Ys%FGC5o~Ztj(ycCtcPYJneL#KlXxMmw-cnXroY1Y@Q-%|jYHKiO
zF>{JypIr@&$W@|tL2D$iEN8r7?vRXmrXbJBV`n^R{C5Qr(q*m^7n6*B>Udda6f(~;
zI*n4xc_U%85eNjThRIyGxWW^@C&)x~!yP9hRb0;FqfFVUnxA<O0_7~ffSe8L&nE8_
zRL8@9dy)9aL;^buVvpdWo)8%}c3t86tjJD>i+eR3&AXW`Uc}mZ5H1zlECW|;l!2vO
zlB957wimfx_3mybZr8ieH@11$-fdbwnf?nkG`fu%v05aty2d@|{&Q{{=Zzg!XG3FO
z`4<R8-vkuIkN$H|3;%*6_m&X0j-h{rV_!I9iMZnD6Gxy-TGjtJvDRUNzJ?D2XLyzN
zm|wdwh$z`Dp_thDQTlD{#Bv^Mi)%~ZZ%#kqZgeInnKN;_;&74|5}FjSCs^2|ui0#(
z*@VwWZ*u}Fg1!bF=0`j|15GZR)xRr108E5J*NO*&i}w>_m!*4UY*;)BJ7uVN4d%|;
z_QBHB+>^xe=;^r4ooh^4vkG>913tv8=0)z;q9eCB2C$np1Wg2UNs&gv%IFmt1{@a{
zX7<O)CbZ?*FnyP0k<%Jdx!Uo!K!qA#Z%Ak*WDsNYIYB07m)miGIQRM;x)six*-t8=
z&qj|qyWx65x!R!@K(#!8-Xs87v;j!|wqjHK{@k>iEJ^}hY<hR;T7vW-<uS0)^&ru@
z@$m;BALv*L9cB~1#P=K^BJe69yAu*YETX{oP5F0s{#8?ArSu(V-+QDNbWNcT+oUV{
zHy~duy70e3c<le`V2Oj}-)46wH8vf85T5V!KdxrX#<zMaUPj1t!}El6A}MX{ODlOe
z^6;A8DFaVa)9*J+b;O-tVpfxXd5Qqkznm*O9u-?SS3I9;pHI*B@6J*+Q9TGEg7miT
zMxp7Uf^P!C2>Ck?hu*D`Z*Q;1b$N~)2OtBVD`q>a6m1UO1On}x6066vr6OC!>XoFs
zGiYkQS_$dVJP-UZLdc6YG_U{oyyJLcx&4#z6De@*$>MlypG%NSg`s)9d#0<pauSa4
zxTyN5-vr0mhzb(CQPveF+$PJ<j~VlYjpU1LE19mkroJLW!w(9U%hUM5JMaVYwxQKP
zP=C?t_gcmMg%vPX_m`!Xqz3^SfnXN|T<K)IObtD?Xjb#msrq8j-uUorPph^mz4!Ie
zo>-eI4G3H=_-e-{@PdLL0PR~th958vYWds?(*F<u?bkoqOAW(Eq%49EmS1ohckp;N
zZcf|w)!3X!X*fT;I0`U)qnvk{umiDFIxD1)+Q8lq%Euw<hhUG<(Sbw?1MBn8UpRj^
z4QzN>XbNqObpx0pyeTnzJKKLSd92N%H9amLZLjF@NM<DFln)7LV@F~!PN54KX&K%3
zk-8z@iY0@I^*NbMWnb2vtD4cpEtYz0S?<FAJHeY+HPK??lRzqrXq(uBay}OAZY+h8
zr(-y8a>GFYBHUer;xW0uxOQ@*VMG=D0{f2sB{nHVkJiULCF)qHVc;a~Qlsh4o<xfE
zN;wbvu^`*iGqNXq^%&dAxs6H5U2Z%$+Ps0aj;y|X_OPOJbl6;*5N#fTRvEc*%|v9G
zZC&Jn(8N}>D*c(gu?7Vd&@X>kpADwhd7p%ep0q4-6ec%-fF=7w-8;PBy8(eo9{#4S
z|FodnmoD93X8_5J@c@hfl1ietBMY?JVJ>h83ue?siH694plT;|(Tb+pJq|#vhi$6n
zB5Z+LBhu2|qigYJmrv5mv(uAJRQ3LwR(@KWbz-CvM33My1^616?%r-E2Tp3Jvs@`P
zN4OBde9!>@f%1Tmn>=W#?lg7;I6zVvIhEK`oU8?GTve|N>)e!l>UcZnPXiL+=Cq&)
zE)=*)Dpc%ehcBbY6#NheH53wjXJy)aK}u`zd1;<|NsXX{m+Vf334#>sUBy-zQ3kc(
zP_niO^IllWsI3}K_kl=+!g<7>WpjaERN!|RtMD$yJ93C;$Vh42p5lS;IXBIsiORVA
zS7R^{jY}!Zj*>aC(%r+|!r~SY&4YS0mNF-%_kvh=_&s`qc@R+CCEhUAO}IZau!waR
z%fw&5-}wWxCUH+RyOPZTmh&*Wus^PhUkXK|&9kwnn%X%_OI?D=zH@d%!?X|#g+iB6
z2%V|)HqC+kVK19HY0c=tCA)W5uC#CPBTF70H~5%i30AO_Itviho$7V&^{+XjxW25Y
zfH45yM6D$UC^?>kcj7+TDfmkKrJ_U~G;HX2HHk=Ey*)XTWx#peVhY|HAEZ^;2c{-`
znM1fP+BQx<=@ITX)v_=T&I(?u@MT7fVYV<j2poeNmkxk{R)`zdQ5L<_1pk%Tfb9RG
z>>Yz_iP~+=vTd8YY}>YN?6Pg{vTfV8ZQHh8)pc&)j(dK5(S151WBtj<STiH%nrqB_
z$NLOO4g`~ll!-l7X=Ag-C6jKKe@zOk;#Ov{S>j*nyeel!M~tJQ@EXTOw+rLvzexM#
z<9$;QQvt&?lwfJPV1pghCgLzZ>)vQth0`E|d<5h}BUW?D(Ax7Td%|jh8k5NEG1KY6
z75cX<K$kz?-&YCqNU6(@ii7N{Ywg$st0rMBLdAT;T+m2l6#bE0I@pXV&~JH4V@Dx*
zY@i1iich0w<8%QiSbzA2G5@XJweRm;JUw0R?S0B9+OActuK@O~*S3>5IR-)pJp(Ns
z$0~Hz!IdiK`(--|m6jWWm9V@PxSKKe_`Z60a`j}-T&GlAoTZ#SdA;R4L}Ql9o^&b5
z6dc{{zE@9|572pcQuZ?(JUc}!2wAvFgAwd{_0ggPu*e9m&ZMrc!K!lUcAxf}2=<ct
z@7`4CT{rC8!Ho>HU1YK({`rT=yQ)?9d}mdXjW_PR&ZDG}6`(A|RSY$4qDqV1M)mz`
ziGQFqxxYvJvv_a!w>i3Hqq7Yr!iPHW;%#hio}O;yFD093aW^ZDkPJ0^jbF!%-sllm
zEG?H}9xYQ=hxSDevgTthLF>&Ry(~hA0Z1&9eZIRRm5hj8Cnbj~&6W%mkF&X_5xpM^
z2>?h?E62bu>}LR65vKI7P$)2h7`rk0+qaF&i+f)GC(^--O6gU`9>j7jce#T$`3buL
z#tA(jIl8NTbeSq;A$f0)%#F5hcgKeZUr#peNzTpAb<p#2$^W{fy4=6FHN!TOKGK##
zgy`N^G&Eh&9|UcHYq87O;=_bJpox;;cJzu5e3L#>j~-(c-bXMr9SKS^m=^bZd%O{s
z38xPW6#;1E-3DNoi%K1+ZsxMiAl<TaNtp_3iY0@zop}`m?wxt{UqbaNg9MLtqqED>
zvPL@k$-14`XLb}D8qpoohYgN{)T*mlhTc=NR@K`R-Wj-OlZjAKw8rXXlul>uZD6)Y
z^_L#Ql6#1Uq(rds&<lqb5h2W-&pg?=<<X|`AEBR%kp?K~q$f7zPyFzqPK^KXe^1Z$
z->bR*?{O0U-R{lC^gk{4PHE}HY&HMdz4iJ=o<&kJ_w2-bA!6ZMX=Z^$_d^>)>S8Iz
zAmcBwI{p&8z3>cpI(MzOENf~x)9J4|79qMbXT~t0;C6wX=sbq&h+7IeP0ApU^QOsb
zkGqI;DUpo~iItSo{<TjVy^fvuC`q95r#0+N=rhA^3xi(FrfWr0>L^Z)S}VL1v{^{p
z7o5Ait#m~h%s|0m08JQGpq?XfNmQ)o$S;^2sx}$nW$pr!h?m%31q%a2wx=jY?>sP9
z2TJ51#irYhav({7L0IeTvqABUA)u{q{)?fUzXy%M|KjnQCe@*;Pt)XXFI0L4*eYzf
zGAeP;3SNgiMJ95ZbjScMk`l1S9oss%9lKxGC?<J++irN{-@#EY(VF4t!qFfVyg^!e
zH8rwU)?xx#8}(j@jtN}WWljqy$RrmeOfNV5PBG*XPJr4GbTSDEWmVNF22B~i=MQeK
z+)$yvh!W5RSUfpLkEGq-f@*Z*VBTy1GiK>(kW4*49GD%yH6(aqh=)L;KWs$@oFr%%
zL2xN)tOdy~E74aOjqRp{EjNg&%?!DHa1|V(mcZy#JA8}H=qTDDZi&7Zjd$%AF?Q|f
z2*ltT3~z|X0;=G-B#h8hRWuYz_c4+mNQ|0+KLOOxY!Z4hV2x!e4AdD6o1C6HRR^>T
zmT&x8+2-qKPiMt1ZVhH_$e=O^yBW5zWNyeLISeDbI1EI;j|K;&PlD!^3ZCEWH(D&8
z-gHa7Oms1nK#tyV;@g?Md3{k)anTX61#cVD@%)j)r}yPh_i_AgnrWl!b_o3A@ba?7
z=d#lcaWyh@{ZY2vhF<1$OES4F!lY(aJieGTDgU<4<G%00*SfV+ouk*W<$6t5V^h7;
z+1>eB*7J3CuaYBH=_=u@%D2KU8Kz>1RU1Ewfpl1NT~R}Od-7mFgzJPy>jaSAMBMOd
zStt<_TikY9>WCC$hv9@n^ewoa>%I*~>3(Jvj4eOEsqs$>p4l?a{juyN?7r{C2p3w0
zG!Cu}EsK@8%v^1>zWIg-D9hoLyWU3rQ|cXI+2dj4qT^yhD&rO{mvWgSigPh8WL|E8
zd4^+3H&i)cIQ%B?d%BBXMuGor`^x9@#W&NPfQaT}78PW2DMQcK`>kaBJcBX0wn4a2
zG7Z`}UM+f3f-|CDWnA1{M;IoDg0HK){cnipcrspW=DLyG8Y4*g?03o$p>p0)N{e1Z
zu?a#&PpIcmT*(n060!y^pE(gC1k%>t@3{{KK+~7Y<MwZQgR-sbHCMT<>$k^`EKm1y
zo|$*Gg`sOL{p{*%o2udFlPL+Cnw`zXGZ#JAjV522gPAY3m7b1cHO0aP;WVRD2mc=K
z3tRfIILP%2ww2DI&nQNW%3%z+09rxapnCL38l0e7h(?G`2v4c*O$rPsRTL-wJ6hE=
z3CWYVZ56?hM0}`_yq>Q%&BNvNB57r%a-I`;230(8G{wRkN~<&&qm*9y#72=zMCuY+
z3w7XR&^*41Q3yuWf?{Ubu@6j#v~g+d09XJE;~`IwWu6JJn8@z&dV@-qs8YAxlm&`|
zSSb>uBpk5LzSbfW(Bvt7!&(v|3&0G?0PM=Xa?%(k2|C?k16mwY++wWbOS4Z>Y&0x4
ztFYWO3TDzy=YT|-jVgx#B(U?5&A=0>+3ffr4w&3d6^JE=f%~d5Cf;<vyI<NkSL_ap
zd{MLzP?;fYfjdQ5wipD#!fV-yMvD`mF@W6!3aAM~Cn(i?AJ4MilRJbD5c#=D_SbG-
zID4eYv?Eq5UWm0f01t4;&0=~fC{;a%W*&=r8Ihkyty@{(VA^Vsq5!8<Ol%Z37V9wF
zC73s&+i%J)w51V4%eX<>2t<P-9YH^yT}eOBryCTYhJjEmh$@mm2QpFsB5b3qK6!8S
zXKn>|@-U>g{4=*&x^t!7D!nA%g)&8?k$VcVhG$ngaux;tXc+4@8ee$iC*{|xF;?H5
zH`Xs*2@8>?qf3ama$_gur<OkO|2_u(4jox*<@h2vA>I>FX9gz6SzxC9*9Qllb26oQ
zT0k<TINK4aG3geRd=Ng7dF)l3NZoN=!fPykcY1Yk#`pF6akDcj2mI+R;uh0uxT(y8
z-{g&0HaW>WY=IYGruPLc2I4`NwQ&%whh|hO<NLlntx%ff)xqedT)c;qzyp1dCM%5d
zBT~RICnyLu1i6^VzE~ZRlO6nv6?vG#wp67(p2zHy#Wb>~Q-<;f$1&qwvIf3&d%3l+
zhEn*f2vBgiNNYl4wV=d&5EM&pZGWj-d5&3iDP}nVmB~b94%Y=GT5TdmBWV?&r=d<%
zKVo=xD26u$x3p@TW!0eq;xH^vs=TuQbyzCXC*f%UqOZFzfif)fy_j#9`6a&1;Sc_I
zZdPuOZZFbDv>WOw@&#Nz;9=5uZreP<q8ub{DvWcrK`Hii0)nGhHx42bg6EMK@%Q~V
z0+M=O_Y*h*jV0>y<b5F91zvA_;j|00svl2XwVe8M_DH-G8Eyof5RO;s2_yrz^g!}c
zz7y#^A_MX$>-h-OV2$t9&GALXj;1&EhoCo>Lrp`?Zb*_*h}!EY^H4jk?lF+pSs0tg
z^>UxLYla*%_@K?Qef7Cixe!0}nHW~FJ5cZroFhodktZvfAk#7a4XPgR@j9A^IRiOC
z8qoUy&I~%erDaNQYK%lba+oQn98#TMQ=-+*_Wv3nNi`3aXER72<%uFiiT^_CMJ1E1
z2D8-)75?uXqPuhN)1AP>v>#Z*6NXOn28c{oRgrZ15C6!d{jH*YAb#Ke7>9rA+Mr;v
zM66nnLF!0#%c?gPcp<w;EGVw7#9_}5ZH_6aNW_e4@ov#A$wUZX@D=6|6}<`iqpN5}
z^Io1uNy@BAWe-wIzn?UoCV$pnav7HC6JYUHH!H^1p6RpvcG!hHc5{<;dGb-&g{=9^
zZNB!fYr+?p!V}YaIw&HBhO6OZyoMfUqDO-3oa~JlN8>6WF8C2plK9(pZ0uG|#IK+;
z)6%>S7tjZTS+*z})a%L;!emMpHfSj30p}+|jI_(4nQC}>c^k=MaQnA8>Q=u43hz;B
z+D`9sH6e-ilm~jCV1NUQ9l*Sqm2kBL#6dW@Fe=W>smsjD0L7q@%c0TkFX=0eR>;>J
zwq%`D@N@8#WJx{CpqXedrmlVmOF(4Ey(mE_k~JH=ljL+=SNN_?5D4I(j-4qkr&tJH
zDIBxYp3nsK<_U9hinZ>4d2vCWL0%zt1<uTOVK3%8BYR&CxM^**sRCC)p>4El&()Zj
zoF2l0o-q5vQb&kpS+a?I>-Awiu?r>eNH_45T1`Qa%ajQ;kK=JyI3lul5AdQ{_qPiJ
zawXsec*aLB-L^iAR4b3XR4cD*mE1H|oVaU`g82*g_6#)m=nKX8=r5SyA|Qw9F`(io
zf7PZN0m4@SaZw0tJK=-qG|>K;wVZhjMuf2U`Np`-jU_s6Ir9X7y(k@ch5n&S<f=Il
z&!f0}!L0Sdy*w;6KKQZ5Cn{w6Ohq9skII7O13-(}WlDZm=<SjA)z<x9)+40(3Nbd^
z=B{%vG~n}3k&ufwf7UE1JGQ_(?2;_J50iA#dn-sf1s<1}d~hyuxS;LlG@)Iewyahx
zzU0C`e2^RJbku*z6Kd1S%o)RH56L)csEDFn5>2s8NU_f9+#Da#+Q6&h$^4l|*vM--
z5RgZRpx)!2@ul1+Mxr_CVNQ)&SU%}tr96<#!qwnRwrBS_bfh^La}_m>Mg_w;q>fp?
zwEp|!&%ez`(u!AYW3l!FgxU`8^dGc31IK^Y>i@g?%0d6X?L-9s-$a!vH7&;k{{PCT
zxFnuTz1pUWscX*ST(=a=!6^xZtV&}LhAjPh$u=Pr6fA?}rJ<g1rQLCzzD9ZsgJ_4+
z9qC&mWgFG6KoPqGo(I7$ifx9W`nON|jshjE!ECS|q-K$PEKxT`{Aa-Wk;5k<Xjk15
z&U{IeYRk$F5u6VQDgk5;w~%3#-XHB^cfl+m`Syy2C{-)aM}=xdTpR!y?h-p493Obz
zC1D+p4RxsS&M_Iyof&XO)nZWMmC2A%y6a$Q<=x;H3YU)hBz4cDQTdPjr`i41Xg^d8
z{jacu`Vf^wScMy8Iz6DhTSDEyQBX_nW=5dH?|E8fmZtUhI&*;Kv74p!D#{ffq6a#?
z`Ob(pQbQ82Kl8Z!ii@!#2a?D5_l*>LW}|{31>w19jEU50YX#7Umx^(!yd1{5&>ORE
z2Psa9HVj+dJC6H=JC)!>F76q2L$ya}G899qe_|3!CLH$UwTIP)nq$yyD@M#F7zjN^
zO@fE?EL1;1L72{zk3y)(eYQ0D>d>HpVSpLEYJ5Hr7!b+a>t&(Qk)GOjBpT$-p#F(r
za}+uiL#S^-e*FlxrpJm~1d^TzA=GN>6S>1GB&8YlHmXRgm=rT0!%z+|xKcVmYM6wQ
z%0dol*C$vvTNDW!jajXn`sY4hN+Bc_m8{={g-8aLG3tESFYrHGwpr3*^L<lzR|Tk3
zmVJn<$V^kJO6Tkz=kWssI5J2Y84*}UQAS6p(t-6CdMg->>&u+yZzK-+jmk2wQ`I*w
z>Fl`c>XoEjuc&Q2S|77C(xA`6x7hf4H}yC_U8{=p&>z))N5dV+a|7gs5b7@O%pq(Y
zU%}J8-zw+ohoT8z$%2|(*H6IUKoZo9wJ?5#;>nU)sX5JZ07(tX`xVfiLlMLH=+nuA
zW=V3_I7`*#;pC!(Otoz<A1{2oZN0q>dHIwg7jwUeVcQCrgMy3mg5{495y(%BFfc$3
zFcI#3mKS0S1;yGC0aC1P6(RYiwWdzln7!1L*j}I9F?YLV#}#C;8ykZNXUT*T6ygkx
zvPY&P($p3?zz{zj6E}5alzIzJ+wS!AbhPp2{349mUQ!k=TwNOo9ipE~LNgZ#(+7b9
ziY;+CMvR!d8o?*FlA~K6SzHx^2`TfJmh;>a%Q?zz^UvxX#Y(extTwN1UKWTqK_ya6
zKdQdrI{~DO|HChv@%R1u{|R;ce|!~;%>QG~ev_uP<9;*RcedVM3_WsVJoVW9S8|5|
zlSM}cN-I-G!-fIQKIjfm@v2jX%lnR}vBdBVT<sT9SX{QF({{Ea$f^eCYFo$q&E@$N
zml`M1n_%noWyOI3Nw6Jv4v|3STEm0;Zp0p413pd)(_k3%M}5i7!N~w8PIM_bc+1^>
zEo6&DtmvI8P4_Py$)|&;7LAK!BoRqsJag#y{DE%OJ!Hnmj^4rh%xgl`24`4jFfG2$
zrC5zm&!B)@G_j)Pe8}>OBZw#mL04G|A*gB_2GNzB2;-nHMo17W@BIM?ONqk`?q%-g
zx2;JmDZ|7<0K<I~T@t}Xv^uo)<}c<A+(xjV_&CDx(-hY}x|I~jec?$Y1u)m?mmbAY
zQq{QOM-ju;;q~|%_r5laiv+z~Z-1z9_VbM$$CS$_XCVe0oUiV&ohdyyes7<}Lf=#~
zU8>PTCtRjKEx-uqpbpkd${w0NBv_}L-W*Ky3=V#@9MgirF%fkdY%U!}ho$?FILw<q
zPD61J@1dLBRyk&C@M3gk<w0Y9B8Q0q>TVB|n>bjX2PQUgafJ-3yRZ&B4f1pt!l7gJ
z41i~~b2>GFtm4-*g7t40lv*W7oHWl3swk0*3{s^MF=6<(vH<RM6voq>7p_gp**OX>
z1afThAqweopHi#M9MMN*rKs~5(JE*Jg}47MF-rmCC~qyLG1pJZLI`9Hnoyr2=q@je
zN^nI;{QB(;Da=S1zY13$YzYYr`DGGhLRyhFcfUJNAV6FOfKm{k^R!T^$B~nH4Cgs<
z$d{6A2lRk<0-g+_s!qm;QH6KCj(*N{;mU>n6oV5Nr17A)us1za0fgg=xJnpCeLL&|
zfoAATdYR3Dab1iH4|CF8d<4k@l;0wNW;~-GOZ~Necfp>3AGi%kCk4R@M+C7<?SuX)
zY%-aivdyAHyUi8b4Tv-Mp=YXkJgNA4ti_Z8efMZ^g>;ifI?wgE)G4yMsxnku8Pij0
zVHD(fctAFY(4(XVyv827>Kg>If~0)#CYl?nl3z$IenWft`5^3>CL$c~!=_O`|4PD<
z&8veoGYuqDg;YI^5k*9@LyIvaq2KGL5=`DhoeVsjz1bEq%#?_4h^h-D+P>~veZWS-
zj!HOKq3IFz8}@y-rK$gG9b1SDYzdGUl4fn(^gl`OK*j??!Ev2^=ElUXg&Kb!%4FWJ
z&Ow#60yi^Az<FGgU`%Yg1@fI<!86rfk_!L6bO*}CiFy7T>BsoTjCItDnf$BkSh63$
z=L2pfEHveC;TmemmSQUTz~6M4t`K?~`n*_q{Rg*NMR++VFI*a3;ut_w236QHGS2(i
zIxP`9S%2_`B#s4MX}G^eZLbx_!YiS_$xlSZ6%=#Z?;g}kw>jRHn^{@Aq%1;eY3B`M
zJF0VrCfI)h?~If2<0BPzb+E8SHwPeEApYhV{{n5^*>!?N`SarD`r^iRsu(N!Pq1(Q
z+1u9Af@koSHN#deHitJ)EDwNO*sl4pI>m5S0X>j4v1jbYm>00(u^!3J*LMpZ1j-~9
zKYz*v2aVZ}$3?A&bq<E2uy3%ye6ttEGJNPG|A7X8PbTj#c3&NW5vb!a!1?Y*uv9*V
z3!axrz3lIWi|pjZ(GoH~aHZ7YhF1{H^9L4_TJRU%xOk0SrUORFQE>0p*2XEN6oVQ5
zir;mhSUM5{a@fnF>Ph@U=@<><REW<BbrX^vk^6y1x8Q(H5VUu7R~5#<-pmN)Y`z+8
zhEl#XO=4<1!(BJ5i&7lrTzFP>;8Cv;lT%2Kd@T8J8@-q1sCCz*mbh@kqzP!!jk6v9
zZtzwih0s?=WGs2<x!r+1iudEu(Jbt}03#7ebDy|p?@H^*^76>!nY<asA5O?v8!-0y
z+4ETjnUO%$>)27yq1#VncJ{P(Ok*s*(ox_EV^3rT;N}Uj#FPeY<lI8&QrTsMQ3Bh|
zob7ea4(iQo(-RtHdRGpM4mt*U-H!Jj*<H)tHltj~+yXTzp0ztcr=%~ob_AP9E6nS$
zuw1e-1){6CJcp=%;4wM?Mkw{gT+j|NFoY2my?i!~2r6n!vB3DP=1(x=Qafgk4yRI&
zS8j1Pg70f!F@qZ_1dbRAZJ_AS+N%N~JE^J(X2BS344G@KW%2(t@=#ui8!E1WqRyxa
zX#Dv@x_-GRx|`i--ZiWh@P`;QLZnp+Ig5G?(xF&J(Ofm~%dx;m;;C%DXv?knV+;Gz
z%u&Y>v&lRaY}<==t6E*`5sOTD{mY(tTA|N}%lrBdUWuq4&mE-5eLw3HBa9Ar7+u^&
z8#=?{83yhVKz#guvV%S?{(41!S~_z|a6XyR!VjuY4X5<SDDpN{h}P+;cD!64>+Kav
zy3@ik={KW60f9K1u<fZ%h=CxyZqcd514UzidSmGJ7{*ne7|CNpWXg5AX8$F3S(Jfl
ze0s|EinhR#O%&AC4AJ%_T(g8_8g*E#ID$qdgpE&ohVSQV-O+RCkx`gU|1!7~3b-fV
z{E!;`Dm1;;(e%>4uAFIK9N+YvO_||?mjn0)O9mURp!OR+UEgE1Af5+>HzJB9Q|_QG
z$1zgCzYoJoUBf1hW0)9IdXFnU+5C&%1ii+l=|N`(w%wbvJ7<ACA2oUq&T(>dm9*#v
zslTq$Kx3ZZc@f$PUlfI?)eyx!ArJ)gUJVz_bg|n<U)!DNk_DFw`MkgPW0ow+aJ5K|
zA{yamfbXq^G2F7Kx-T#U2&En9?k_|zS2}tGfJdhvoamgaV?{#rqMJTE`I%hV(s*PK
zcON5bC2x-<;LamV7cY-xf0jF)dHooe0cvghboF#V@^nZk@9SQ&bVTybg+2)V<-;mH
z&IbmpzS*-odvd0RTfU+>Rr=Bkrorh|!2sYV9DVv!0{7S0$jJ%TcFG}zd3H^oj-bsD
zeqeO{O{K9m&u-K*uHS7BtVTUF%5N&c_nIwleF2Psk$?V!CSs!hPnw8@<^M<FVZ&jA
z{lEB;wf7_{8W1)hW8Mqv^<oLD(~|dAifNRnG)&1Z<_g4$V{XmQzXm`6X504IN7XAK
z>2M%9w%HQwEm$xuIke{LnQvY$Pv0T!36X4s$#m}qoJeg#>XCw9%KEdp_m#b{x-UO&
z%S)czr7powXDN0}pUYF1oc)ZP>RkKJ#-&+=V~ABKpx1lt$!LdJ!P*+W8HkNxgfXKw
zdRwAa#7RR<kHH0^&&OJSn0xgTG47j{J$7#^2z1ri8sBv7GB&a0M9jUR>E7a`Ai|*o
zPn1OLW%J+JjP|Y@2RNTr=zV1_V66($(%#*5{)rzUn1I?^nov$V9uR+;KM4K|rd>x1
z8|1J|bAM^<Y^n^Hk@UgAVQ&0T=ZC(Tai_%+#<q-kyT43c?Y%hgWvg#&MOzxapk+b9
zJw2wHlsOe9fU`<tITh5Ir-c<tVC|OV0^V-=B9!;PQ12WT5NPwYG1jXMMQ)uFOW`9<
z-GNDbV~yc~oo`0|X#6P*u*+pB9wd0%Q;K5VCx|hTb*R40w}!>4Lp-U*Y=aEA%7$F6
z6%9HfBj~c{PYWVi_Cq*aYkp_QKz*%#3|uOBf3KRc>q6TUiQEW15jL2zXbu2a@B!s9
zPFUf<Z_bG7Wtmi0j$&m6)r>o?EcYPzyzEzWx!;$?SdV}d!D$#!A{<Y_YGnXiZ-<%1
z6~?6LxVzf2;_do*JhNfM*2&%-h;ruM9dwU^lb_kX=)ALOi1RvZO#z8XYbaV7*VohW
zN#TY)%vtHG=JT^QD#|3=x?Kd`Q!4b8Or8P9Sap*re*}c^z}RO8<uagvf|?N#yd_rh
zhmBy<&lN-1%Owr|?5nmRUihe}xEsP~j(wXt{dI!3*xyXpld-Bc8MeSdc#M$(g_>L#
zHrrsVThWT)q1ygs1@BBy>J71i>ufS^iRj44_}I7`vSa;?Yte%p!M`CdK(1U?UMOE$
zCr(8L2U%rl*Qi1cX~xnHzv!%5f@n<xDC@671S^bR^TCp({o%-r#8R&;OIC?!5~Htx
zRhx0{(D(&HH>Y0l&mVVryEy@3Tc($1Oog!Jh$h@!J$*VbW9wu#im@%%Th={8m^K0W
zyTC+75z1ELS%Z^V`~%kjAzo!S$Qi+SVXcFIGtY_Lp3p|^6FvdyF~lC=Q&j&c_g>Hj
z{|5k$Oo^lg4AxXGF-z)|`8r0MO%6(MalvoA-(;TkZ}da46;BV%9MG2ivLaZJf1kRU
zE`ubU5A;I+f_$!-<nAkp*x?`2Wzlt>Qk5QqDX0I7LjiY?ges)*=!vH?RTZc?#Eg-y
zii#`;TtQ*Jp#VF3-a!33bT)@dwNEV(tIVyjjjM3AUwQD6W#L0*;~2C;K_bG{NQ5~q
z`FKFb5~qDq=KMIcKlg1D7&QKefnrS{tTvqjq3#zdMjNR3u;TV1{fR-Xk7RPwtcMfe
zyDxLstS>}ATRJ|SA6^!LZE)8u+qdCwazw8~2>ryA?of<k5);9sM3ybU-bzt>4GXN(
zUj0TRwSGSAr=SxuU6r0Ox1<RLq7Vl8B@)qQsTfMWGE!MzcujW9)5;Mm#Nx=3M}yRU
z&y#_5(z6{M9NLDH;qgm4E1(HbJXP|;<NN$A3&!h(7|mB`rd?roWx>;~O7`sg;*%l0
z7*Gdj^<tQDtsI0xT-zKIFuWkW8ilCY1i!OI>PT#87EwjBKqqvQb%E`9I<-vKyLF3h
zXZq~sQnOqJHC_01eIcMa=BjcRUvkBe;){t_)Lm}qjiC}Td0e|q^W1?AqOzMwP_>Lq
z7Bw)9KA;+ykp5ry`23_#*f5nIz7L6<M;PDFT5&EJ>o(rAQ)^>R(OLwSElO;Lj7)vB
z<KrqtBYpB6tAyloqeStESH*_Dm<OIl`bcBZTVQpa)o$>3!D#S0$VPkatLwz|Bc1JL
zksHaD1F%J-t{h%%-7>jQR`(=iI6mE(g*%a1=IYE987*2^4ukFIzmbwBu<ImcQQXzp
zlC~B=eI-ln%%?g8Cy!?Nr?s&-ZYB6~0Z~|;Bg{beEI$8k)&|!K3YEpzMn)GuwfK&h
z)$k}|80cv{4lS)a<r@^_%z*#&EL4$kz?xo&8Z#_V7p29Ymn|@rvU4ZQzfj)1Y5j1B
z7tX|Q-yuVtk2agMl$T(KlzUKs|21%E9Qr3P-JP9dL&pCq+>dIyG((K~6S0tDLFBwK
zL6bPJD5@QsziYTzIqquwXL4hlE*reH_S@u5<Fx{EcW$63KtvH{!JZaboDzcixT~)F
zjT+FU?z{QX1VrxTsyFDT*NW^y1&Gl7NzG$ZZ5{fP9*4U!-YwT>OVoRHbQ-!t4uhu(
z&BvU`V>_@ubl#sVKIz37BFY9$|0n9l@e#m8Pd@=twV7^o)Q#co-ok~g2X8ByY(QgO
z4QJ+j*IGV(?%p7zJf%L%T9<xOyE=pN=efl{W1;B03Sf`l?)>oXHy~n!3460iM~v%X
zdl&<}GsP$fw|JpXySaVGbwi@&W$PCP{OWPtB<qzc+CFl~7DIhhDYYEc(HBjka}1Eh
zx!NlaNI-wGb-D;Cv;f&5@8?-HeagtmGR)3T?oOI-ciR{$dR4f*KtcCQonOZjLtP`8
z(RVGTUPbl}_ah2ze=DVY7@NuA!{=dH85!dey3HzMh%d^yl+pl4abRVmDicw-bmRP?
ze`oB$ks0nOG=pH_u)d-$WK!%Hqx8~rMlYw#!n+P2M(hH%jrsrx^2XS2g?8zerxoX>
zC_24spj`{$h#x?NM@x^TcHGYBX-d*KsRzv~jxKvyOE&!L-Av$e9x5?Fu&tf)?}-%T
zY*q3mBoFh@kR)h<lH5Gn-Vc#hTgEx*LKlxfl<Vwia8xSiJhFXr9`alhi+g9CvkW<o
z)!Suf9%!Y}Kzhg$OYja6&xJmF4}srq?rO0SJLEXe4xuF`OQvsHC>o40eDn$#NP{b`
zsd8#!(gWA?bzRbmN9Vziuh<Y9tiHHi*_tjhQ8(*#0aEB;1dJvo$zo(*-6#?`vKE&F
zqbyqy=XVr$Pm`k&w)ms6=TqGx1Q+_hpnE?A+=xpXjP$Tck)Q_~VXH`czpzZAnZ&j?
z;wl~zt6z#<ko%m5#pC5qo8lCW&Q;}73itr7(5%{ZCmQKceCKtcF>1)r17goD)Zgn!
zVa5B8^E>shOMN*ZDtEZmI(=Jz`+ZO3duI-cllD%h8w24^8&7_6h_C!A{{1MuWMVx3
zt{9Ej-Bmbu8t0N1bo7F=#~}2-8E48*qz|grx`AglbrAc+giU#e=bj}*u=q6JEn=Wh
z&qOT>@+?0yA_V6U*$01G3=}zedQ@-9QbS&Zs@EJai%z)d<nEtxbZcoh&U*SELVW+D
zl>ASoRtAp$aof_=FS1~t9ii)i%86M8JBs9DLX0eyT4~QHszFPMNhuLnb|0&^l3~o$
z_p7-!6OxsXecAv%Jd%cw=jlS#H6xcxc-G{?arWJ5&$6(NyeJ|-s}N#Yk?4qlniA^x
zG~?jxIc68y0dyp@{dW8Mnjp;<UEw2=^2#Y;%>}cno<1TWDQ)u{w5mr7<rqmghoNaW
z-JV&ix%-R29B!tYAV5d1U}S5ObiaQnAcF<XeEz*agjy~jjXuScLcIdGl5{9tYuzW&
zdI1%|c-`GxX)h?kx^b<JN*}%+1d2A2Mg1F|fr3nt;K)PY-Wdkibb#}7ZTtA@ak~F?
zc{#qbmc>~>G%s$SRyDVOdi6lUZ2jRYj_(R~xNqg`&~ov35K@<oEdgio@!atfln{e|
zmJA}e3Qzz~%uTCC6hoDcjA8CQ@W~Jc`3R^rlxK$Of&~Y3!F~q+F)(+9N1(bLrNW^L
zKaZXTS^aNKnsyYuLtEjALG|yt(`$oSRfHb5E4~YZvYlws_CCPJrS^5*c%Y{X?=gT3
zRLMJ$i7d2BH&5Rx0#iAx(>8Ku_Gpau<0R09e)-ECaL*vwht2F!<ftH-pfeqFfYsP9
zo(gN2z*FRmv3L1Rai}UoH72OxheCG+S1o|@ympj)pW1bojmP6J01CS>Jf_wTZD8kW
z1O${gR!gR0jU|=vse@SHn)qnGLh8WaEWjJ0&HQJUXebx<d3Cu>Haf+bKC}aAFvr~k
zxZ%$>LqOGcobtRq&iiRmiJayuXDt~PSV6fotmth`<*!eWYMES-Zm_C9kMs9^xh}TD
zDM~*d3l1B7cF*bfeRhwn4KGIQTOw4?JGv%x9<N|v8@6sxst#m3ZY18m{K~^R6XM=V
z^)>0udU*V>_FS_A`(d<wPbfnmypd`b&g~Qtz0x|N{CBy7d=jNyg&1hh#pGlE=&u8)
zBS#%sTHN?m`*gJLC*JHMC4t-ehb^G?-PyaLEa9pmo^1REHcXc5()GWOk1@}W^h<pz
zu|JZDBriihAW4M_9~Nw7;M<-2G$v#rLiXo;{U$3{L#J3}ZaYR^{TDEOSs7;;MPF$-
z%PGF^W0xhBYZ9zNs;16AnPmLYb>RAQ{@R80Z^=YM<?;(6_*Y^gZ%fzxeiMT^9&;qV
z536ObOJ1CEKDGKRCcoZ1zOHOXSFWp%W<a%6!=JSeL?}n#0Pg79X5-(PG8S|a;NEq>
zWuM2YTrQhv4~SY~4-p{I^zpNKCQB|r&Q92Q{;*NERulWr@SHRwx3nGoP6i6J5m^xT
zfLD$C#h{I~J)B7Ev2tM)<q6)tevA6@(+$<kzBTNJWheF@=LH#E-n~q671)6;cI|f1
zLfTR7bbOh>r!0s+U%T1=qP3jJ@@>={>>qg`^7tBZWr$svvxMfnEsT6XXht=bK1vHI
z=GR`R^t;vlHtW|P&R*YpS~RZF)*G7qO~35kMJlpTFrAKfH`ev);;yW5AjJq8k-l3b
z$vziCiC4};S#GM=yNg=7RB$+G(zc@p2}KOpbXiE5`y)9}d8qe%QI2?%Q^Hj`oad&O
zBy_>YjWERYpVmJnrvFf0U|{$kmlviqH*5}mx6(6erwU+(a5edjwrkhMvyMWx@u2N<
zJoL=X@emgqn)8pwJw6dAlnIQaBhQnDdPrLN<?1RYi@}W1*~B>BzE3YB6*t%FSVa_4
zNN7B~B1i?y5=3bViLs~lh~D8GL|%+Vj8QiaPlgSae0*}nAR|NVt4Gdl8gf3~pM?9F
zgoK!3%kZXY?H<k_ZcjH<K<M_uoNpGtptpjz^Ye)scFo={e4<G8WYL|+ag{+(hy%%0
zMvvC_5mZ*s;V`Htg|7y*(J=W$L?Z29|4Xeca397^RPK7%Vv7O4Oa(A8WxeoO?_8n;
zNqr^ik4>7IiozSv<j>8u_%VAbiFh$%x*{B$dCs?F*)3jFw{)=he))D^w#eq>Uq>x>
zyB8~M_Zswab*l=m=gP@ce(`(A@C(D|8pz<=Qofo7!+yI@v90awtMX3}sS=lgOd@La
zj)M+U9yL6!Ekj0qhgsGm5ECtx6KAEV^8-1jZ2)p7I6&J*e5YN{XjM6{At1J+c3Cad
zT3<YqTHkUW{&|o(lBUw{e+*0&+Eg6liiRsz=^h)4D>O>w_k74<hJgJ~FVDx5x?o4f
zy-|>0pzLFXkiuYy;=917`<+XVT}CEU+YBncKQczSU`_$7hZg5)0Ezs}M!5i^B;Whu
z_OhO>PXZe;$cJdSB?4sT7PRLTN5$7ygQNCK{IX#+p=U!%J_M~kTWAJ-=g|&K!n!=C
zqPkn(Rh1Rj&0#0}1m2;;J#wXCY)3=@e9=rK_RnCi3LU>OwXATb5y+!cAOTVYt@%2u
zp~X2AvLY0_@!~EpIqn}bQ36sCTfI@%y4PetT9?sgRA4v~GWGi(n=xTy-!~DQbSXpm
zQ$IHmmfch>V(~rG&oD*WoIquW=1O^pt!Zo(hB`fE*_Q?2P$WUY5NZM~C#-qSNl@lM
z1jKh0`9cJ&-Y7ze<|GPa40S~jxr-iVu}uJHgMW6YLQ+dBjHH9wCyMC#rJgl+_YlYp
zJkuI@ZUc>Vh=R>RM%S4BTH-z4S}%cNaFwf8_1I{*XhY5x)&>tGK&C20(=(#J1u{-C
z$`wn%jxY7NS_qI$8v$W4Pr@|>v;Y$TOSD%43{D4f`Gt|j%1qZuLaU_ZLqIHh7Jl$F
z%U`MC_U9!aE!rY{qq`3r;F~}w8GVdE9@%$KsEJgu3K;gxK(aJ4lZF|(OA39EPsndo
zhn4yrLT}^8`4guT1S9|>rtwSPGYOxPX{Q8KpA3K)N)kbBAThESU#qyz!~_Wuj!iFL
zyJivqGk>h(6FfEczCJ5n!jzt;7y|I@j33Q2%bQB5*t!e>$rMLEyxtX6u1`<}&li_}
z4S`j)SD#Ec7zjIgx+x|t3%Vk#%XR5Y>#?fTv7*b=7_dGHII0k?nb^BIPI)lpux%)6
zI3hp*GJ~M$0+B?RArSiipxf^gVTK^%;30@fEARkSV(t%)5s9+*f%eB=QB6T$PAg%P
z1y($dK)&P^zs$i3xu;BK@hTIAbaejQ?U_CwT%D{PoW!&=$mQ^YB6%hg^|yNW(&x=>
z9YS2vh9w2Vgc0luuIi8s^un$B=V9Wq1q;+rgBiHihas*qm?x}tqhktexoZxTIyU0@
zO~YYawak;Sa*;;)9Rkg)11R|`rk2wJjfpU7#`;Yx6eN#=pefMx(=rtaCoY5`jSd&D
zCS3@fU`l6IFoaQx6|r%_1zt!$8Q5{0+j1=xzy0kwL#u{b+zd3lz!C1fTuyp}%PdFD
z4Dh?Era#cB5#0#sRoc?kMA<OxqJP=wt3@Bs-D)<;Gh=5i(_kx1rP*HP72z>bR-SUH
zfC24Z0yI%vTC|~kJ<8$xLYYq@=*Fi%kFvlm?@uq>N@JVgJhd-j(y&e$@}Xee9>3^S
z?XVHU*Fe}szn&rWN&Un)#R87rzARp9PEDaloqOYN#kIX+OQ1`^ZhElwKZrHZR-tQ)
z>g%8U=_c*ky|$;=Pg1#h^jIFURnDnF?_#|pVAZ*EK5#gh&np*@?$&}Cy63ct!@N-w
z>84$o$s+Z?2E>?BvbBWKk5(9bE-6ixZyV9W&Of*PwjW~73lqZ1M4GiEZ_6uq>fry-
z>8kG4bv~RvaDZX8$yw}BXL&#eR|Y00nZ<ZAxO!5;$1`Pv&++|!d%pV~=-7VlC`ic;
z4DU6+*{%B&==ATLvZ)SzFe%DtypYGpvn;xlF=&i{6O9!rgPC`CVa9)Jn~C9BFpF8^
z=wst3RHvP=<{{KMJ(0<{*(khM>(BFsoD=K4>SzhcHuy(BGab`4-5e>NOK}(Oje;Og
zij@5I11PuzC+>g_u>ZX$`kN&!fDZx8OhaFV7ZISQGI0(fz1gD2yY1Bq4?v883v@-!
z7gwXR+%%+uA9FI1mnCZfl?Dzjs~f6&h2xHIVdc8*!}{DRs`gZ}QoZPeYP)f|qAex0
ztvcY+5Tdzhd$f6uQ95mu-;QTKmqiks&LK#zcq1%Z<q{hIxSxQ<g550)K^7`jy0CE@
zcn2;_azGR<D~}#ttHdf9vkF+oKWpVS%q!D-%RIQNXpV8NTNo9!X=X*lj?9tab~}6#
zI3NuBa4eC~2luD>cXCo7?mZSV*KhTX8e?BZrGM6V8g>8ZYC1lq$ml$J-ZL)BBK?cg
zCns;_3)FW`eVG08n*+8fNA|TsoULuHZo#OH_VmLVz;)GI2OQ@pF^g-GOG1jC9g_K{
zpX?J@L9l#hIFn%PI~wv&t#s=HF#)Z7JjpZ_DTN3$y6@G=3-;8C+DAe0_eJ&(kb+QC
z!hcXC3>*yqO_BV+v>kA8u>T*(JO}IlT(M|v*x+!${l5G^wSOtnL=lk$3IIF~xTLLx
z24Qkf-O|@zWPvc<hg+XEynpee(6Z)gq2y{x0E=YpNT<olr?`(TicTzepjDiXju#9&
z7bH*v>d18=L?1E!GsK0)fZFK>pLCc%mUyRF4#j2S3nrj#_)%Ia)#j6^4fiBz$FV0F
zHk5>O33Uutma2>+O70bQCn3ZTj$@J|4F%Wk1qQh*UZ4{}OJ5<eA0Xcqq9rd4OxYI8
zl97n}p*}M36{HVfr#3mnOWI#W`avr|7p@N%plk54m{{f$Xzgc6hiGe5&q1_n*?5C>
zD{Y9xI|_x&kY;jD8babS7OAqY(Wk$E5r#x)KqzTUu6%<Pf>s_ToP~ignMk<Q0S4l~
zcBN^TuV}y9vD6Q!Uzix=*?Uf5@l|bT0%I9AcGi>y5^vg&Wn7{$IjpFC55@rC!#KcC
zL~UB8=p=Ejb8@JNR0(S2tq7?e0-#hJum)8;x?QYKt?`V3jMO3B9WWDX*j0QRZgsos
z!+{nU(4s+Q?4~>&XNR5Iv3Lih+9c1KYsZpWf8J-;-^_j64)jPy=|#0>-Fq|YnF_bi
zH{+!vGaS#aOhG?T!Chk90`&5riMoq@n9xQ(0CpI$dWGN=K6#UdVfX|J#+aYFDjW$t
z(zqs0cr1_V2iUD6^586KM?XxDavr^}uNGXPZp9=o0tQnX8a0s$lv_bT)*lA?Et=Y?
ztBl+*HGz=~d|e)90k*l8KyKD?a<e^Y^Kvyb^nGsivaqpN{)<tsh|rsH*|~yW@N(Nj
zg#4uI=(+i>`}hW3Vl(T&Ke-$4B6z}$3>vxwQ3992%{B7obOUefc9zR--IB9;Y598S
z+W6Z2zQ3>a{W$*oJn~||f3Nu3yZ<zilcKecoR~GDn~}<1E1?Xo(=()Hg7<aa@p25|
z8~6zH1cX=1eVx1V`Tn*3C&NV>L@%L&L`1aod_7N)CneO3{{aXKRxg=c?9)>_6NT03
z%db>C7QRrBAIA+&B2IXnPJYY2U-%kQ(TOez)3sA;`(9Uagn2!i;<B=BmHmjEe5k9l
z<%NFMXm<~7^ow0*u4AclTe+d%yIwQk`(_>x*}PtZ|1azR=SLEkVcT=N+1JFI)eDc^
z6uMdp+6fhuWA((>#sIsX?n$u6mEOZ+`H#&{N5waVNIL)s1c(mpZKK&2V4yl$JKjNc
zaIMO6$Ar!iwj<fS&Y+KGQRQUTVg2;;&Du-$)s9vQSF>-Wci=1h<=?dfhUYFg%#_p~
zGRr`f2Paf&nH`A5pji+bL8|~}fsEMn*o;}xVphhcxUw_(1xT6DjilA;!3*0iv(k}}
z9;A-MSQ-QBrc!LBlHTl2BAEM={he98ZY;$2PV;$=x4aaEkD$ygI_Q|n^m%cqHthFq
zdgT$AS}zc6!Sg}ISNy=C(VFiKy{>gV^;$fXHOD@m(}Kx*`sLw+DS8-3(fkcKd;VP+
z@hVt`c?0s>G1M^pEZuGx24Zn01lGYgMC;l$H3FXpE#Ia~_!@uL!!o+O6~Y&byMhvn
z!&HB4Q#ePQmI3S{r@GDeAds_sJ(In=+v};N@6Sy#X5tur)}cnfz*ovU3^cn;-4exK
z5Av<qxQ$|=P8kSM>jjJA=)mmt;y_@6eU{o?J#n~3u*)u)Q2n+ra$G~god*aiIlG9u
z*S-&h{p1W<X9-)xKtmTS)wGwt*6o%2<zj<~{?p?ts9`<h#X@hJL)b{^mH$HI=u08W
zu|G=|Hl0K><hMyaCscD1r=f<;g?Dl^^M%&+FZgmX>IAvy=R;J4B;*T6Aw6yp>mbC-
z<}7zWsd`ylD9q)i17q9*Z}=7b)j0JwDBB_kvx>n38=dU@&*3OFVnFwZK+qBL6^wl0
z9%~*t9v)V{Ku;h4#_9+1I2!&}ymQH;05dgj)C2diJ7zP90Hx*=CWXs#U4LV8THiK^
z)GhyFxCj_)3I-H$APixip@3z$_py&u%y6^-wP-GYb}S@#DSf+;x~RENn6J1*KV^tL
ze;FmWbZ(VkZn~7T!K{f;32o_)r6ZYB-zU)KXvuoAz@*j?)jqo^r6Y#QNH$Xx<kA~+
zZO~%HWaAN>v|Z>f6f2J67Gj0id4vV*a^8#2vBroy1n@q`zJ0OA`&=j<;(%=!D%hjC
zS7lexSqLgK?R))rB{HmgdOb){qDQ|AF<+q%W*Pp7|F$i>2DrO(m#<vg(#IGl@7+&c
zq_YrYyQG?t@OFIC_;S9yPD$k9Mp7qIh<fKFl>z;7JArhSVzGD<3}3#KbC0cI)UrC>
zdQtn1t-F<6@Ryj!pCbbv)Mxxh<w}3wg*x-E_|<pPx+f{ai<H4-y10VbbfS4pg7x16
zi+mky(qf_*!XMUr6t1sEDd`|YY!eKB=C6y_A9u}I)u9P)Y65#HEYsS-OZ3jsWQ82X
zldC*X39*(wO3=cM+JCE>n8nDi5sWhl(!lD(^^O5%@I(uZ27A!Wpyc8Nw1#r+SgKau
z^D2<#vk32$FB)|iW$>kM=vZF!3P5L_gw_)4OJ-848E4i3^ZCAm2-vEaB?3~D6ye3{
z$AXqK`i6IXGdy$_LiqeP@}8fd_4@-=$mVca$10TLC;r^!8AT~30y5E9p%#Cnbe#Zj
zF`AtNV61x0Kc2%>9MyuB^<jxS>q}Bia7bu(2N1^1V>CTqRX5ws6Cp+wqeTjGdBG9+
zrt%d8tIT6W3ToA>Irs7vMw>Nx(V_xoL4~rc<|w++nnv;!dRv}^JMchORJe%rS)){g
zgW+I))2jjkxIvghc~3fFDt%N@qKx1Z3aBOR;1cx=gl5+iG4E;b1N>aE-MCB<BSR+w
zsk;vIUKNb4J@+h9JEH+JY9Kb(V-j|{-zCFfi*N=sMR^JgF4ilM=I>*P^1OoV!JE4K
zI87*9@naiQ##eF0)7xb+nOi4rVm?#Fx?U_EyaT$v3Us@D23=!VAD#kx>GG%A?zT7G
zY%Mxln76gCnrNdmQ-*`23YLo$F6wF6y300t{IGxCf<2+i8iaJjYFi=KIvsXOPjl7Z
z=4j%~tl&AP@`W7B;hAmM>Tq)?$u*qKp>*=RVsMP=7b-dZ?r4?m4shOtBcdsEBAuXB
zW4pRCP3H{Y4{wyS|4|HI{F&jaIrVGE@1%f3ETM80tR(t(){dZ+S_07!qWcf`xA{=J
zH57kFc-2CS*BbO845k)B&m}ShQ8Ugy5n*cnPYmpW^nSw$C^x$dF-|gBqJ#yle{oso
zjOS_%H&+Wys2j7K{&y@ny*H)Yu1j{<hC7kXN%$rGNmQ>)m`p60IkF<MO;{-IPA6it
z+Pd~7+YyrT<=gX>Ki)FjS}xx9ZO&<(wl3~=w3;pLhtV464mU-=CXU^c-I}ehBJtt-
zkDFp3pck(Ht7D8<Tn{LA<=?))wRrCl7Pd{ythJM0IFvFI^wAHEVL1rt=;4kzVr$#A
z6mO1jEg_`m`NIobK*Sm``hiWV5!Ha6jns@IiQJaLqLvX0k?6U_65(QkNSpKo;LzbM
z`q0j*&Q$;(D(Qc$U?Fp2+&KINhHJrYz~wZR$N-=GAEL+5L3zOKACxeTO@^yi+i6B2
zv|R4HaY^qs?IlXqP!A`UZ#bS;F>DZx*w^qfvZ%#OIs0YwF>`!_zMeYs@T_K@6F{2}
zIHIFUC~<(fr}<8)$M`cpIC9;D=IFxuzK|sLnL%K?Z$o_gu=M5i$-v|s=O%T0`~3Hr
zcuQ$g_dpvTb-~B%4olk}iwHb-$LT9<FxD8MqN(A26u-KZ(1ALT+HZT=;~?E(i!O)~
z{>9`kyU3LCJpi%lHNU_NMi^g#gG8G1LEPi|?(g;roym|6;w-ZP-BA9_0s7IYeGgjr
z$DFO7i5cjWP(PV*xn`gJ!1Lu3AN_|t0P}w``221RSpTP;#aEhIj_0fhzc4ww9sT0c
z_{s}na>5cPEb;IKrmO|H17O+y#8i~Yv!fMP6De&g!CDd1_gU~^^ud;jFV%`AT6Q-W
zyW6{cA*Z`7=Te~HMg#){9uOpAQegrXkpPf6=GRRkj27Pr9|*x|1Y*KZdSCB`)anz7
z4xu7T9U8KW6OyTYt7h@3-3VQ$yAe?TI(7nV`J&i->Qrt$uWwjzrPu3FfCBl7-5IY#
z$6mKEb|%K-zO5lS^wmHA5RZ<RwKLc6{ni5rhAOuUNVMpb<YUX1S6KI|+`45|+g#wD
zbCYugAy%+7voQk+sND#JV3*@Z==GUL4Y0M+^yu(uCP&vLc5%57VZnglNTK6EppQe^
zyDp+{uIcDJU0rLmLZQHhSDu#E1?_(MBH(>#=m>-MK`oT`{k13x{<Vr`#bFcxp#Mrm
zH7{sHy5`K;vEV}xW1T&@a74N)kWb4i43nylA*L4-iHjQXb#yV3X$2KVXC~3mc16Lo
z2>y&4KY{bP`d;cqbri(BuyqMI0qL<gSI#eC^lD%MK#==bxf`HZL00KQ6P*-6_v0Jn
zl8R)`|Iu=NSy}m-;H78jKHGv3vyRs4>6Fp5R-vkNCs0qo1`#bqxAwtEW*v%+-*dN6
zLV~0L)FLcfRoLET!rIOj)YK8FC}a_{0|N&kOvAVM9TjtHykn>+C87yREk}Q3ibMy_
z_U0!1d&*WRA5LUV#~1#MSQoN-MTJFD)9>Bv+b!kkg`9>OXdEE<5KMRF2^_;Kf)>sb
zCY!8x-$YmQI*WB-MJ_GXkE=U^m|61^tkW4h4%9{ptkbk|{$v-!Gz)7h-w%~~I&NS;
zf#Z*;b(OlhE6%HHP5m*MLd<Lf^tbORoP!@w1cS_0eSDP`6#p))Y#7H7lLqp@AR2v=
z%Je?fjk?LVaT-4_uhOlCnd2Ilr$-M|Z>*4hG>&<GSW7X<*j4ScauwWs?{ND-sri@T
z6o<;D7f(WSt(z=?E$Wj+vs}@J%O_>FMx8zL&2VySZ0S2+3|5<Jv}S5|g%H5p!ZkAS
z2T!gNj&9A+3c+^>XCU-44RV+WV_3byRwYA2$83h~!C0yIR5~GrB&*-(?kY!4;yIBz
zB9y(xEm7Hxe&L_l!_)janHEmE&YewK<?_Si|HarhK#2}5TQ+ao#%<fSZQHhO+qP}n
zwsqUaZQGiD@Bf+q|C+aEURH3DoSc)DmDH(J)vhhxQZk;CMKkWuUe`bpX>Q;XRuPQU
znqiTsr40#yul%<)>&!4qt#yw{XyJ+(n!!m3!P*skgze<BehV<Nc${G-;g&(BH1Z^H
zNwph1<u?q`0wNM2EI15=LMKl%kgZzni28Ua$H4e@>c&hj-GU>Wzw`pt0XM7q?1B`E
z-;TCqJt2>h9@r_QS+4;$Y9OA4Etq*wxSb*D`Gs+|w`J(1Ofm3Yj=)_zsR#2rseQsT
zpT02`_p{un$pfHK<Ay*&_k07L1G$M4c&H;u&^2sZSwYL;(>yw5ENZ&uuUAF=_REaf
zgyoe3xIZrvF$QVCrMpjaPvyTAz{O9gys6yz?5RcBAOT^WR>TyKfU?vh@C&O$ojL5C
zCl#2Nl(>kUOVWl;0VUys+1BFD42D=QVc~?&8FFS5jcLfNwl;T!gU7}d8R$b^y4|Lv
z>X=z26&pYVZ&ft9$hsQaz$j5!HM9EbrtK&xcK=isfv~C<spITS4esYZSnq+hW4RIq
z0~9`Ilb2e2#?6im53dD68D-M77S_A(F>S+inIyUqPx#J&b*cDI8NQD5EYveG0`V_;
z9O}grJ97#3s}JMQ6|w*Vufl(;-Cne{eb`hbA#-AYRIRiQTMCZMliM0Zg8se+=x(T8
zt2Rm|zFo>VLU!z1A6-u_Sx@Tk2+vKN5+kW@J>SDamiJ&fQ&e=}ZLoLaM>a=CsS^xq
zm9Z9<X-Yid(+gy#{lTs{;uQm_RGDPTscpGHgfzmHMh9Qzmf}&Db`U%s<>}QR6jqh*
zezp;@A*NkG;h+Yz=C?KV+=Hd2S)snx<gRa8W18Oj2N4J1P4C7j`2s1I0)qQs?@RaI
z``7vWg!4dRNgExAG}FhlArPspGuyPhyT!ZpT**!|v0cb^VnVOX>SkS2;Y?_L=p=aI
z1(d9$N4R4<lER^8(bA<ss_0xPVeJn+q#8sEm36JBAZJB`_k!%e6{^t<Em_2}x@Wdh
zPbY^~@ozM=Xe0}!fdw$v^6Mpe${&X6lPB2CsD5~_r+~Pqmj|2v)QC{-$RK1>1P+k%
zG1lRQmQ3xlBTBhmkjK}vomzJ1plC*^PFTV2$G~>snojx;aYX_@_@>Q45d;iBZ+cd?
zw9+)8@gr&M`SMn4SI>XsQlOXM*t2<AoE%<Fn6F@QO@eX{CNP^~W|P$0r*I$K-~y;;
z4D4xVlOlLl4ocyPS?Q8W<3EL!4PRWouE*a{dASlP1lcY{)?htHDLtIar1i7zZRs_|
z<8PM<-?D6l%)<!@0FbHA_3=l1Y(f+=n)r&x(%;Xmx{RXzQHu;S@F&nUV&L_PQ#&eN
zRi10#@0eF#Z}0O=<{IJ}I%?lQp7Cw}D%trDCCz`c==~>ziIs)^KL+!E1DqJGv}Kz~
z2k(2Wt8Y$w<7bFvCCDUwwgP9qP*grWxg>)?EE6Ds2h_;&{W-H5G?(BE7e4)Z<*M7u
z8Nd>jw*j?~n`ZCGJbF3&XL$I6Bq?kpjWnQO7*jmJ5I-&sKc<K;62;@D$9l0_r5TqF
z)pPT^`{nCbDX>0tD3QsppgcZ0Dx>|2$R_iuN9E*ZPUSPD6J>UPrr)J7341{bS2y@F
z2*aqkhG$?&@cWmUPVKjWtBS=Hiq$Ez6QxU>RGkOPe@+`%T1lGsHqSezo4R+(n`ya~
zD;X477|<p!MCg)sh3NLOLb0LtBksv*8w<3ZNgA;vWSQK<j1dF*OJCM3qUwlJ<QFK7
z9`$P}yR!Krh+;4<QF^m10g2TF2%|xl2>bKH<l*V1+{~zbTV&%5<4swPB&*Lq#!ELX
zn=M4d;l>w1hT+4&VW?2lMi4=%&VbJNa4`-DH6P&ZXu4QvoyStvyAg!st&yjWY8DL;
zIhbAE`4wh9&1L334ZmxXWbOs3vDcImmtTGI)}3TZ@{vcgG`lSG!ezrv$$)Mz72lf`
z>42h>t3Tu1l&yKMu4pfh)=WVb{CfjYte~Md4UvFY=+RAoB8O^qd7=Tzo8LN@c5ys<
zqwiP16!^K59V;s5HG%QLN}|(kERBtq*UN1j!HVEKpHrR^sx$P61Lb252)B~bu|y{p
zJA&zM0$0jpM)AJa-fT2NG5ecfQM`z<`eJ+VQ$oK(-=iF-@QPiz^kYbQm#)fn%~Z=}
zW@$?Ao3L+16;`G9hi2pBkt&7ug%CX^y2dncz)0XfX|SHqFX%dZGn{x-kuLEL%9#pb
zgPR(+r!nl#opqDr@{&JpF`gF+luZEjc)<(7MM@4_ejx5P!~yqmGWM?Z&PEzP3>7|n
zzkqV)mLPSa&U2zlmDJd?I@V#NxczA&CenHik47SJA@qYYVow)pq4X-Gcve;9uGZ8$
z25dqs0I2o(-|6aI#CtVUKHa<9UZ9NC7Tx}pV*H~5|KDi9|Lv{+H$J80SZ><^KIo9=
zcNCoKUs^k@jX>0hn#&vTf)cPnLID~9WZylhb55sA;|ZT{^|%4R@Kr-x;iYJkeQLpa
z_?P&I4&d;Vf&79NdW6gv&C-^2{Dh*KsH0E&O1d-_CIpj5?ylC3KWg0VCXD)R)==mi
zu|%G4`qbD+e+^0|HNT>XC0-NCptV%XZkO<N2ok9qQf+|GSJoMBNi66q?!FQB+|ceX
z!;{}0*Al~WVTBtMuCI+(j`ug7sv(Eo4$3Kqe?Id}GK_rw%6y|-+RmOzZ~v>O#PTl$
z4jUW$zb$aORW)NX*?w3BYwOn0+`@hYPM(Hx0YrK+OdRM!#hDT~!YtAHcrjm5_UEIe
z<7tqTiApkL1W^1f`wlx#ZZ?R&r(fSRc(bcm*$0^|Ya!gN8N(lFKWQ=Q5PmN(Xb|ZU
z07fUX(_dkKb~72aibfMo&eGr&_0OJP4nSpv1;Cf$#EBq)3`6kwVSIYLcbVN>#$-5q
zXcrwkS9S3_Xc||<@`CBDPpQLT8cR&!D-EOIe~cO&<3Tct?p!HgZRL?X$#AdP7Gzu}
z?@@o2Gd&X7Tl^rXN196fN(8IsJNoYMsjrn_$idowDXoQ9>Qf-h$`}AB8f)^b2)g80
zw-C=xD9)TCkc;9K=XjzJ5~rp<w8cBYn7OLu1_|^77nhA^A?QI+2Qh1e{bJs#Xztp&
zY7AY}sAJTBkxr33J|siIx%<7@6_1P<MBhZ#4WRsho;$AygPB4Ousp<D15THRAHj+g
z;n02TYG9npc>0S8!iKb`cYsKsA#Y>~ZO9oLWy9Cq-aNEBg6v*V<!cAh3GXA9K^AN1
z9+hphlUnOn%du#WZX}5X(8VuJ8181tRxqXC<aYNpi(aX&q&VZoLI9B^fAH$T=Z0L0
zRzcQm9t=U~7wIZZvb?Ksn%hkD_OIyDev9~q|9Pxl1{$$0zEv;J9R&^uVZ)t?0gE2H
z%x4}Q6x2ZOYCAhMP^J$IF?Zs8OMzeS53n_qNH=Tta158r991y$*&&0i40muJu93ZZ
z&G`dSrbh05*D4V=aCAh!#{d=Y^vE_I*;M&3A%B19x=FEuuq5oN8quvpM3MB{XN}Q&
z>u!U&S2*nA^*kgsK3k~rbSXS&?QeqEOq($B_;V!JaskRdHV=xpdq3X1+JODD|0W_x
zOX-#E&2ErBJjuY|#P=bX?uSPnF7Jym@5?jRU7#9Klh!Z&i>Wtyp%7@XH+7EulacP%
z`Cl-92Q7G92Z&$;i0&?i3vgxM;xIrLPc2S48i_PO?kq{JMv;Cqk&bGP=z6*gg<NuJ
z5+QHYFUDdRj-@z$&OQxf6T7%I-eLEadQI`)+kc8>!CWn&_#n>S4xu3mPyF$zQXedF
zKBkHYoa;F)htPe0oD(!!?7LU#;cPZ!y-94pq*2k=ow<n%XU2cD3WvsA$#r3SHwg94
z^!RezzqnrZ<qU_7|5u+fJ==d1c>m!IRFgHZFgA38q*Zh_aB{aZ#-kOnb+G=)aqzSL
zXAOEtS~(?QH5w6fD`OdbYhyez8d^gKcRMFrT{bgaU2_{lD;hf^6Y~G8CZ}&|EaPl#
zVC;bRzpoUxF|idgH*~^dV)|jPro&T!q!kdbb;HyAhhSl#XJo}=U}VyUq!o3rb+-FQ
zrGG?G{ZvvgcC>YNFf?|=<Klv(6?StHRdmvKGXCeDKHWbzg8cvJ#Zdoe&BOCE|J=5X
z)6W?^S`%tIYPz4sSpU(90^UE*{+EZ7nUU`Qo5msQQbXF7s1>36xpr6HQI0keSNN`j
zPp^;9j}0L%P#^tHV!fG={njSR>*K9U^&&mRv}o(f1=rBMI0q*|`fj<>L)pq6hxbo_
zE<VZgmHCVD%g85#kn;<#o3x=zLBDsGtFJRJ-2Th`ZMUc6`PREEZHp)Rhnm8DfA+U9
zuPv|d7i8gw<;|7l$GiE<6DQN{l@0v$*WaPgkokns+JI4J*f*EI-1I{mnfcMx%?Zu3
zUk~D5RDY9zeYUt@Y;kHnn@1CEa6)WrzwE;t9#8Fl-z`(q?(8yXbvI(+!qMw|j?z@G
z@m_ZJ-a9l+!i8Sj^x%BiG1~T7S`IBB=A5#}qpnQxD3dPeWW1q~zH<AnO^*&bU!0%o
z@@8Sec>9$Ka_b^J^(f<Fq0#FSe;_cIfr}~Fuf@)@J|9{n*Ejubh+=Ld;|N*TvN5z?
z%|X^ue4Y`H`n#e<X(;a;2%;7aPr_>vrB)q7k7-q?qL%wUd2(W~@fF-Ifq|rl2f!mV
zrQ8*>oD*Sd;2dj~ID#2CO(@xy4L4}q+ZtJyBE@JeaUVNOtZq})-jG;Ji~nUJ0M3Tl
zCv@r4vYsnLwlTf2!*u&W9O7pCSvu%^xx1mZvZmqEc@}avUgh7TH`MbYw>iCKPH?i>
zeype4G_j3#k6GixHvMR0W7M)PdMWLD7@d2Pt{$i>+kFKGe1bj_*FF1sRPKP4!d=Zf
zXkszTQ~~Xcc&(fFMUVl4&>#>o5QGU$b+qq*!{}wGa6?MW)?9D!maojnj2=t-uErZW
zq#TH54uJ%YvJ^NS=r1t|*LDM%EBO7P&vsoubyhfwRm~&u(YtJ0?{UFHLS~Fx`E6%m
znHyT!yLNefqMmiT@47&cY&IWAvO+K*TvH^@@3vGx7qhzy3)LeVwhbCdNXeJLtrqWq
z4eB2*VpGFS%tcrZN)id~Mdq5+1#U3Z_O~et13HoWg)yrZ{3|T6R>(JSt|gajV|d;T
zVhNRv2y8(97R(JK=rj)&Y9%F`fFochCV_^q%n$)}n(@k1$kPhbYu#_wCn+hmhLCW|
zBbTlxin>|bZ*o;^M&1ikb5{!~CkGI@H7(%)!FqwrpAEw*RXb%bgnybA!@(NHfqen3
zCt$18v}Z((J+XUdQ;6h120B|R9tOhzh)Sb5z-W07&WoF^7|9LZYAs1EU~Zzg55x)2
z1=*lo4?a=MKxq@S6DYp87&sq8ak{B&)hf}j=wc!)C<-_2*PH7HO$YT*?eF=?N}<-b
zHuTQU#6_>wm>+;^mNaTW>OOkgr&AQ@S=-(Q5Ux_dA{T#Y9|vdSJGjDt`tfRfWgkY4
zl=UgLBkqd1go#!F9<2mnU^GA!M7zj$+1Si(8#|2omcEXQXUr!3r6Tvf(kDgML?s*b
zWDG}!NbmRh(WjT|#f0teg!rmJRBDh0H%AY3(R~#_bwoq`05}SEXEI5kYpG~_SBg~u
zp|<=|d^`*N4x;ge{5GVNu(Cw&GT|0dMn?TRXNgdWAe`#?WBykOI@)*YLj8HSAXgL^
zD5TFFINM%JYhUg}k3kmpYw7MqLO|m(^J_p#btrV=OrKCjm^vT{55e{li=MOz4Zh`!
z-J^unuLWd^Cl>k<fRm)Bcs3M%F=9*|uU`reerv-rEn%m;1=4kKW^981;rGV9#%!w5
zrFQD7!IK(?k9O@UBbeFKI41n>w{!qs%X)+H0ups0@%&aPFaWd#2#w5e-hvU1e==At
zT34%p4Dd$08(Mz}=JR8q8vqh8_-Bn#5Lrgj)hKX;6$iSl*<yrMV>eTD%|e1}x+_=K
zfW}?gnwH?mW1$X)td@iG&FV=`Py8^u5Ne9UPuC5}CxTA&B!_7sobMDL9|9sdLq8%B
zGn66>O&N>8w&wXRHNc`rp=8r=(o}K0CYb(2L&mSPfdTH!mRVDf3mn&_yg;`_bo;S!
z1BMz^wP3JGU{CV8fW&A7UtGp<-TrEj)Aa$y!cn8Ha*pz7zNtD8SS`Zlr>sOLRnSf5
zoy0es?3Bjfq63GYU{rgFH3#=L+@Ff$WKa!}B~V~agD$Xz?vUm1=g-${$~Yj*We@+g
zhxo{@7QjUs2X7ZV<;0<erj0g$(qwIn;q`z+#mSG_vTG6{$Y5+v(_%Q6wLsNMN{47R
zBK9fCEF1{>Uhag8+>~fQKoaT?6=Cv)-3a-fP)lNY1FAGnLk4zSE>99|;3$$|8^oGK
z|3`ENl*+motcywhuHjrDsc@y5Y_y=WAgiT7$|x?X409qS1mrlm9J68>voAwke=s1H
zOjH>-5d*@KLk&I*n^QSSD~2zfVk{w{1!)2SHb97}ENTJ)PmvF6jKq>InMGLcr~~>S
zG6o7?Mx#X_Yr=Gb6AN!f6Q3phpjuBn3SV?w)^8hHkqjb-pv-AgA!oux&9fx}ovtPy
zRtw>6DaM|_AIW8%V_ui=<ubq?=y$A4YH~Q~c7@^nmhLkMNNkM@k-?XSqv&hH`9dSx
zGSbulSr3pYYK}|an!_wRbvtj4{N~y?$Si5igOgVMG&JV4-;mE)J`12JDnXsb0YY{W
z!$QCKi54m2Sf1bS5tWp;Uo>sDi4P09B{LM=b`u_FG$L`8>?t@*OEQLzfhpjLbT$uL
zX2C>E4|faW;53~yOh7kA#~xb7!0YQcEH~yn2JPHA64kQSR(ncgRXFIYfEea{2|11P
z0##m+j()nKynPRrS$!+V)nkLeu=?TR>byp{&=c#Fo1zVOaO||4DEM?`8308yh)~<Y
z3rQIQWLT@g5RO;%oTCsIKhLqA=2Fc@Af)Hl>6vadtMw>*)<-8!NVNk@+Ko|(x*Bx<
zL^lno<Wq379%m-G_E{2#GHN|ie}wqMoj`X8N{oDmj-qted`D+%E453+p)%c{g?Pfu
zTsO<7JFmk1_}GxtT%CSBz-hYPiw^jQ<9n95%!@do?7$pZXt+#%Q{|ZJc%u6_{Dv0U
zR2y^B^Pz_r%<34@W@#|s)i9$_AR~9{Kx+82@~N}~@}GQaS?+x_arbR@9^s}Lc98=O
zF0MOVBm7vr$5(Tw<<QrWK9jq!IwqGYD#@6EaJlm~lV=kqaNj(%G&?z5ZyAb#Up?`N
zXDZd3@OXbNhAE~J&szOC^T>!uWfg$h4dlR32{Axl2t)(I1{Vg{gheIF^-LwRH@P;q
zj*JoEw4{~isKL(YHY=naJV&M<FyVf+I`We5?q3uqOy*4XwN&^+)VG{HbaAqILmc0(
z$!|Te28C$r1d}~z*`0QW8RQliJPY(5Lm`-VtQcXnPGZD$TMZ(p6Q$>9E+{dO>*RP_
zn(~@n?!fLqe*+hzhW;xA6BFxykC*#T>)MYJ`JWo;j}GkgquA1lSpDdsLdJ%+M#lfp
zI~|=IjP<P{-LkY3q-_G};Deuef>Tck0(SK<A@G$?Lxg>m)`9)Fi^PWU1W`A8aC*s-
zI{<v6OmlX2#b+KJFGG|`u6-C_svB^#9-E|8ZN*%iFtXT;7GO=fy@y*dHq?po+tyN&
zN7f$`$t2Ugf~JihGdH={$_v5pi>0=^h<V#0H@&m5f-=szzURbjlFQ2|%*){%XfHq3
zV~7&fx@xUgaaXKyC%zbXTGNeCd*SMgNF*mWG4HB7<H#195{!3L1F}9_OJm4RJ?^(W
z<WaLSO7tPB`Y7sngkU4d8hISl1hCmN93!A#G43I}40r-!vtl)-n=$x9*}lSF40o~F
z-IrLyuuNc9rckZY9qnc|12*~~yUDJE`+E((+4tE;8UGr|gMBf-|GB9uG<_&&M}wKo
z;6`I>4Ld;%L!0{Dc7XjtUV!_Taz%AcwW>C+P)#&nbeJ3Ug;akpvU3Yw7k_r$n`LVG
zoetF=?}xyS2s-A9kyDmYb@&9Wkg+%KU;OMa|NK|{U)CLZ<{ya0Kd1k%`oDguscE~x
zg6#8LJ4crnN1t|-y(EZ>tbV&h5<^N!9?$~cF+|-_ZT_cC^ZnYDY^@$yzF{%#ZW4&C
zK{|qK$F+vY_@eu{juivjIIwh7$`cb*fq~ZZggmM#DF>1)VQ8|ZTa~BZ>xIPgir&mn
zYan{~&nWJf2DGS>x$np6+4<=3^xfs%U@6w3GrVbFFBpi2LF^_>IrBo2rz$R3?Y7=E
z=6a4Nok3o=Z)6TGHw`*sR{wi%*XwR8piX#r<$gjQL5+$S<T1H8yw2o%hJw6Ueb2Nf
zGorv7uP&{Qp_DCZr3m3h>N6$&VnHT9V`iv(R*9*3PO#v9?#w<@y3Cz@*04Nk>~*Y_
zje9gGOYMsP=WMI(y(Zq@bL*Zi)`0d*c$=?3nsuxM$e?N07%D(zCHMCS2SgJ4<|%`e
z+?m=OKqTw_5NLfg1Bpgivx(zOQ!|UJ2o!6L9TG~7c3i(Sor1(4tI8uFME0nn5~h-2
z&OXh~b;=IW^(Fr7&G~UkG`QzvABm=_bJ1Rx30LwF5L{o;<@tQqbx{XZ@>{ojDCjI5
zXO<of16d29PZhqx{k7o~2(0o0mva?lD_Z^T(Nfb}$(-nKL+jI1%IGH&#_nmuf@YkI
zg0y%3Gdl8X7*SvN`6`=se-fK2<)x7=H%A&5!TgJfiwctA?&x_IsuShF*6s06Xs*h<
z_Ru0d+vTk|o6%}+8(2jv&{pL}iW;C9vdQfsRri$a;44&QH3Hzsc*ROL?^FfKeHaK`
zb>1gmu5M1wh<b()%ZHo|y~rkf-v&e;@^LW3EI*$mVqAz|_-CrhqvKG$1F){sDeiGG
zKkr*^Hf}aiym=ixJYT;|G1f1mP(ZrIhq+I5zgH7fl5&{dg)s7MPmny2V;Cb|Q~-OQ
z1qr|7Jn+2`fCUslJ)QEW)Z?(SLfPYUCf1nPM03MzRX*l{+6nZwUX5yH&7$ugb;^}g
z)t7Ngc6OrQ9#=Bf;tkAVru3eQJ9a9dA~OxA5)q!VinuZqq8Y9xAOvQ)&@}YZY}15y
z?yjh-3Jk1k`p#(aeXUXXIk}fXwt&xn1Issbs@%TrRy9Vo+paiONMOhKF@E?`G)qD#
z`W>N6Nabxafrm<`3L)RK31Tx3ce@r?73{ep*;5$u>gV+$#OXjCs(pK!^7dRgEBU-t
zna$IT&O$kPUAvuGu^ln1+tK=#r}ppbw0aK>#s<88NpUifhtUVpm&qzK$>!GH;5}%H
zaU1NJAC{@<W3!|vKz|LF#`WjZQeEMN)<ipu0L!MRCkMIfl$!__U;&M`+^H)rXYxvq
z9kde5`+(S@%~qWRUvOpldTc7wEx>_K@V0@yh_S;i9T$e{<O;wsNhPIfrP>NO(41aO
zzIy`}eP7W+&KV&k6<@^?SZRG5VA}7_Kkz=M4W6woP6W<E#J+(?V4~*LoInJ_Q-;IC
zpy31RSf>E7vmx)a3vc;-S_s9N2AD#+L3C}sMsQ87$sxVXE0oQ0wF7a=KarM`9oJD~
ztdV8+(TilW!HLd00I_w^KPs<8{6>~Fx*}~BjgB-UgRgc@!Zbyhw5aVi*ykZy4AVm}
ztf*K6i?6X4h+uz)?d_DKGgM7lmp~|k{ktD?^Llso4IXd`isYmLx~gm&RkfzahaP|U
z+f*#Lw~SZ1J`zIN)gcW?BK&Myy)yTnxwLg|h)GnayqlO#fR54~DB^<OK(!(wze;Nj
zSSFcf1|8CAP8dx{!@mjoEZ@a+|EY_y2FnyI4gs)o!w@ku7pXEgbwR1R+y2L)q}ogh
zbKwvp2EZNYU0f_<-x)h%?8mmkDJErq6FB;+xojPgC$KM`mF&NCX}+Zb$qML=BZ?7!
z0a|ZAnwO9d2Xz)%S=n`^@l>btYn-5M13Q*1EdvQ{WxFp22cB~)Vyk*v(Sz;cBF_U3
zw&MBNB;|6=3$POAEspg54=*-dCDb?+4v46LT^j+p>g4D6zRB&;rGvdTq!Q0{``5G|
zJI%|}C%2Ia*^JFq<O{BOw9ERx7)}^}h}ZvXIQf4>($mxZBuM;+f7aB=43CM9p7q}y
zZ>BXh9XChneNJlo3O@tdcNA)r<PnbwhhnfLIqIw1)Y_oMgeF0ww~~dw-|ipvOxul&
zz$z~g)Tt7p`DLG3xql`!5F|()F<h&BX@n{YAlfE{9{34(e8|0Wq96fsn1P4^3yS)N
z8vz7=iJY`*njpF_kR*O@jIt@z0XzOA${^=*pdwG}aLC}p0e=TR`~(|PNbv#waRE$W
zW;tmN84jR)XF!esGGx{vG^6|?DO(h|UkPYV`OwJz48aZ=@OklN$rgUWNG8&AMdHZa
zyXB7{TA7J@TSW-8{sM~c%%!|BY(Pa==@U0*)&+Ruj<QMA(6UpTC?afO3j)X@fP8jB
z=&l5Q1$0FmY`_AfG!PVW@?=r+uq(=VT}7^WRYe5g%`p*T0Z8QpLT>!l{e=(-xqb_I
zRLS|J)Tw4QB8^otUUePJ0hm9Wka$$xptxs<#gMij%pxFi<q&RrzcIuFli&iJ#Pp6J
za)KzOR)VwxQj}B^bmO&~o6L~h{Yp?lvR`(gw1|jr(E5$>f+7N!#tRPpHz}aFB?2Cd
ztR4`?;+!b%IO3BAj6pwQ>?mHc=az(TaN<@FfbJ~YbO`ccdPL1`sETfu++M=tCi;5)
zz>4IDD)V8!MAw;``T-%*Nk~u1QS40qN*@cNK}O*Y_~i%48*!~mBn2ZuFkp#E2P@&0
zgwV8g`X!RyTM~Gmks912NWj2|$y(DbF+htd0FVQ5r^4s4a}dokW`$r!Ygp$^<sk?O
z1oNY1c|9&ec&c;-LlB32J%hgQjpjm*O2+0xZZ8bTr(_QApCs~rzrv+AqZRuRAJbzg
zCkW0Or1T&3woiU|sntZ*_E4<eFGb$$C|$ar>9oB*5RHXrP040dCFD{;3-UC0Cp;Y9
zAqf+t@38Cbx_AV5JZ-Tt)$Vt=Y1UomaMP}yzvydU#C7+y$GFLB4<S7vlN~s87x<5t
ze?h$S)Pzj04lN@yDy+5EUsjS1hVE0-r|U^TWa~sOgy!bgV&Vtw$LGArrcMG1?8pG7
z=@kQX5i5~6kw}qPk!X>4kqo5RaUrQUOeScjU^B>$apB(w{gz$9X?Tij4i$grjw}|*
zu2aqQ$j<3KO}&;`P1LtK_{nnTYw|s)Q&(y$?187q@)u+Zsd!XRP>Gg0gF>3D{XUqn
zKxrZHnu&d)GQgX=3kULL4Gry}uAPUswo-W~OINAGybD5}WrZdAuE3vaXJtZ6RUK(K
zb?I^xkWy<L0XECYn9pq8U%7@!A68|aCE6OnqDrBj+4>Sez1TkNv6<f5Q>Y4i5Eo$$
zLL2hhwq8QnfFuog1$4({K`A6t&6PiVX1N|A`{egm+LfE$56}4gs=dw`H!eIGss-#4
zo`rgI&mC&a0Y!Lv9TKx^3qAPJJT_cKYq4N~{wc46U)1t1O$t+!S4%8Qq>fcP^1#Sw
zbMNT#A$MYBu#eHfGb?iXZ2VTfE|pfbZYp}H*?x<RmKJ``p+uF?uqq&=wxL5J_bR26
znA2KtfHXUL<K(nv+kTBHTzwV1-5yjfj&0?VbGK<}!(=nT6HZM+j-}B@)hO~x>2d^g
zSG8#JVX97v2M<k%OKC-{EpcHXv$*si$U;8c`5KMXq=Nxu;(;k@6%Z}At*ZWFrAmEe
zbqu0#Y&%0alo2gtAcTuBy<!+*V@H*j1VrlKzKGWm3FHm;5Nkt;G^IadGtDp`%1tF_
zTF?qj)@(Q`e8p39p@{Cdh~jP3#UEm>Y`G^jVsF%&%_C%u$&9FUoXdJSuCVe?VRFTN
zT7DNY_;`4hqZLpP*bcJ6cqWg8nTFjVz8wM(njS@`;77#)I|c}$^v|J*{c6-3dyr=I
z4H_V)0JL??1JqxA0|m_j%s}+}VP>tTkvE6=4y+wQ;KVA}v5ejbGfA+K9lzD!kUXE;
z?ouzgA|XnPeuw{75nU8=OS-2TaE}1wtok)C$u(oHLZ*#L)$6K8FAYwLd&Csk?0xz)
zRS`!_@yJ%HPNgPU^8^GqkOp&XFVo1M3SR4;f})iwgX@_f{SJh`c?C7s6<%BwO6cQ-
zq@U~F8NN$**1mL~1{2I`Ysz3am61+Hl=8G4nLZ_^--VppaBc5udvHZFwv`?8*&W^a
zj+5K9i2vnX8rVYoJ(&%=E+xGI)|A>o9Mc)=_W|VyoP_m2I?NhLY`iW&+5Xz5TDx*k
zqOMz8aep7#7G>BRb8>RMKmE!M&0OF#R5?-hi=J@c@2@rWG7c<dD-LLh`MEK!?K-8I
z)TZmgxez_bX!rn>UktdKn8di6$Aon`aTK6jxh{hGZt+h>dnmZFBpJ8I9^6^)lkb25
zE?cHxVVqOn<a}OHYrDKD$=`5OnCSq~GwxFgc#X>UX((x@OGc=TMO-_xLs3kHPW+!X
zc^z08S3$V^q!NoPf4lh}PxnT@JYNvr5(j2|IvtBXWxpP80Y1m8>v17Uj_dR)E>{S2
z7v*wg9In7r>$kp&k+P}r8SokN8S)w91skUD)jOnKq>RQXBvsTKCK8lWsv3Txu_~$5
zjsN4&OoDStRijZh@i~>c={Sev%5w?AgJP%o&nuz$cpw*s7^y2|@%^#y(B1QeWLW-U
zP*p?wZlVl(FwEQgftbxQVzC7`X_^KSL7Vd_?ywgehw2!?d{s(&?ZVVPt}|660C;jb
zy8L!(%xut<Q)gRo85rmGCc0BYTi*I|{e$ZvE#&#cG<5C#*j~)%WywbS_?qSZ{gJXQ
zO0XyXAbEY-t9ph*GmyJ&V@bT`^$eBk!`-F+G(9K6QG}d`l}MgDtjze7hADD)efi?1
zP;G!2vzx3qzlNCnel+aV(Ej^iBDgzeoC^Kf`;TxGKBlv6vQg!EML3m@8R|01yD?*x
zp(gFBgQN1O{jx5VIwuwC@>mVwuQP|~3Q9RjsVby<NCC8X?ZrB+Asg-=tcg9u$}&gH
z=h^R09V?Y8jG7t>7k5W*j8vj(T#XhDrAo;sO>8h0DniX~j=IMqbi#9ZG_^myu~y5z
zdX+CY&IX7b7yYZyk^15Ll|BWi_RR*jsnX4QXovOoARTQ4v&PFA*$t!@<enoltBz03
z87<!fUlTq0I}N?{sTZ72u20;a!#a(u7rtw}t8f>hPe_%c74B$%%B7jdAkJEtT5C_=
zOK>x%Q8uXJ(W^4_qxj?iU571J>QeHlF9Nh1ay}!w4WV3yQ>^s<T%fTuplCM2c+UD5
z<F3NIQ;WxHMjt#hm6~tSu8&y^9krR5Vy#+9?zn)c5X`lrkNC8oPb#6JMSgiK*Q#l1
zYxQv~@}8YS__l`OmMN~J4w5)uRhD4tcSTC~iX|Xbq?)Q9$u6E>F7m_-rIkT=gxG7w
zgq|+9XlS(<t-B?ENmmQytc_G!c#Wz&`$;K>X5;&0Zhx;n-B?)c^$4~O)=H*qrfAvw
zzg4Y89e%Q2{Gw5g9qeo)GOUg3j&HpfVj6s$R{68)a?^C^24aX%8!}FdIw-uO1SQ3`
zRy*o8pIEWlP+5VmXWfMtT7nONfevPOw@mW-&Bp$IRc^s@K32oR6jFg4(RvW15og4b
zhE0!YUUy*uxQ+5**w_|m3*{{yXi#(uaMz&WlsI9%XTd6wkS{|z%bjhPb>%*Cx<pyZ
zd7c$xG`Yz5#3aa(Ns%j^Jo`kEduh>~=B6XXMf>EYbKy3#l6qmA*pZ6#J{kUbg!4X0
zJy^4{Y*K$!i^h6!#3ZvLrTmZiLfN~q^8VoA?(v9jpm*O5w6_+GQpFnV=AmP~Qd8QZ
zGCPbSJzs!t!X!-bh)p@hGx?xKh4=OWNw#-%@!E}GsxE5@2I(gb2+s3jFhyUr@^a@{
zi4H@bQF&7eh1C;<wG)$danhM#K$@l}wXYcaJZOcgw!TQC7=C9ns}2n`B_e5kZ@TfN
z$9Df&mzRBogCa>{;W$9jylrS;*?>fOGj$+DR;LZezL?ZM><+P5(mz;d&Uj9Z<?q6s
zsEeClRdo@ks%F{3Uj>42E`akB&ZM>U<P?7nJZpu&ZeSN`fMf3Ob{)*x8%@=W`S<HC
zG)?%JYO56!m4rBRlC$wbI|0fPDS+f3fO@!n4d?<PEW=f!j9cPV?JBY7X@VS8GIe+3
zYAD*&`I8Cv{XRZ}5qz9gbalgR1e_ZR8qC*HB1=8i-TBGMl|ki2yUmpyB1+PVxQxhb
z8m~X&6|u5-Dl{CxJ3z=|giP!rVD<2u7KpON4<F6QufgI|C#yQE<@|{GVTtB0!Jwmp
zThS(~UE)&e6>7C&1gO7PCth`Mdg`N+;;JpX4NiN=w^O(3YFKN-WfX!cmuG78)zUii
z?NNV`11{;cQ&MwgxLVc5jj6Shvf-Wpp)Iw<JLwfV7Z#b-BwY_ovOQK%PUM9*hBQ_L
ze)&BTWK`@mL}=mKH)bIEpT50;sMxDU?7{-R1EdsJ5nIniD3C}lD&3CBAkLrDY^mnd
zQOrm>f-iy5Q5I7<75XV)LTZBR-qQ?v_q@j?&>UaHQ3#JV?*kOU=_wyl24p&kSePf{
z37TuUX}PkZq!K@SfT`e9f$0CU1L1*!zb!HVVvJj4cKWDlxY#9>LaH{D8*7+XXB<=d
z6E0oOD>#b{Ek%NT)GEe*7ryc3czd<utI=V~uuX~sscIx?J`Osn3xmYPEk`6=_08?3
zN8esACB`F)6QSQegwOyJQ!_xDt%G5b%Qz1CXEfEp7MJrc1I#)_+6`$sx`h6=VpJ%A
z1CQVUJl<<2Bci}ndPI+*K%PiiZ~n9^d=5kv$EZ}SydKF8a0aL%UD|ORrwRPe#SjfJ
zE;{ny-r|RH$ONZR0f%u_YJ36z9OWMN>HBZW{1-j%@8Iv7hA*^7ws3cQVck}UZ{6&~
zO!4JxM+e5=1h_sjJ+3r0_xg=9q0=O|ESX-bR(JZ1<Nsr4bd~15ZR&s_cH`FQlE(5`
zz4ON?yK>d&l1uzfwPrfbBl)D>Fq?4Cs?FiMnB1EL98Y{=+u`(8BKeQaSb|_mSND7g
z%t<<YdR)3(`dm6)dR@9*`c3*+f^Z5|gHb$j<!@OP{07K)<*+INBNT$lv1k0B><D^?
zF=HKf!{CXuB57Xq1Ba0aB)U;_uLeQmXoONd==v>agg!hrZLVT@e>n{$N>3L}MK#kz
zcxpIn$+K5DtCFNWNn!inUQgsp$$iR_qy;(qu&DGt4?1LP*gUki1B#t8di>b{E`Zfk
z=Fgb$gb|A6(w^%z9`9Z1k|7qH&9o_#t>7iBv8Yden-%@Zp3?h<OHRM&{}(m_X7>MX
zBlu4fz)yV3zik2-*3^_e5JCP2(nc9#4K6*qa}<s%NKXJ&Oo3ClpsoQA-G$huxGC6o
zhp`11b_!(Ggh7mN4Etot_4bw>Vx-^LFOc8Va{aYoP$^H2fEcO-jXx?rfgubjf(WAI
zq~D$lA-sc0Wp7KjRM+HLK6Urz^lA^)yEb?G)n0iew&9K-VEC@5D?NF>_4JP)V{ni{
zT$KlTK(J3oq70|63piIK@LiSyc@Y_$$)D^4TQ;`P=2}1zD*66i<wNH_P{9C3H!qaK
z>>Z9afBy|Tv4wy_10ql;19AAA1NQu;?ctBQ-8RY~XkTtxS-KL|<r&@i0s4WY8GWfc
zo%pAB;qT`QI_kS7USfzzGw)3Sp8+Do8!5+K2vjv+)>G!U_sNhDDO({&t)xbE`gg1_
z6Sfc10)ihng(}uc?NV6)F8xTsn<svWq`}xU1Xmte|K@MEiB+6iaGf3~oe$X?Bl4Fi
z$Q+JQ98NSJ@+YHNLYE_D*I_RM*{-viE|0IJ(kpDw$B%T`Ex=CMEmIz6H2T}}_xAtT
zm5f~_6*7ptvhSpH`1Lgaj^iMRd$In2>2-|2)qfq}TG>@xstf0~ulySH*2JB!lPp`N
zy1|$`p*Yb^G3!kMx7$rY+eJZJq<U1WdKCOn;dOz;rRZZ_>$R>Uw~ykrFZo(s#rl&}
z@!)gd%4ZcUGFwqE<1e}YQux7mjj;bCwi+C$>9xY{HfVrcF7lLDd)}LPFkUzWSE-oZ
zK6bbLfNC6;M4Te95-+>z2qO4vy5rwtKwO2$T!ihmW{MxSdz5%P-_0G$x506n3>3{}
z+}E4fr8@DC8z<9MY!`enTVFZslEO=Sm5YmK0{=mOaRfG8@Z{XY!-umw6<-_D0bID9
z+G&Sf(cp91M0B8ryH%76AKMJrku`byxyffLmZ98Fyi>!x11L^2J3KvSId@dL>!&+y
zLKC1+d$crq^#F_phx%XngfW9X5UeO-6r^?Kzgv*WMuyr~oTuq4vhi|;Wc2QdEl9=S
zkF+jz);Dw-hmXLhuVl`>*w8UPe-i?p{`Mo0glr3{Qs_|S;N@TwD_yJ8Eh_YJVM>P`
zB|#;Vj!PPXfO=ZYk{GKfb3A=k&@+fDKIP}g$l%H&GFTFiFO-~99GgHo!I}Hpx@hIL
z+88E_EE>g5?gCBg52qfi0rkPPCHt=Ofc~^s6liD!;W36eT2sY4b<%zA(!q#bJmN5m
zv2Vfe;`hh^IhF3#SckyvdR?1ggiim9*1p$@g)!JZ!GLb~GwSWwJ|Mmg#%Ft|I|nz%
z{;wM$Uw0h>b=S54=LceQyE%kqn~A@WIJALz@-9W8UFCq?rqG^Bl8^v*Z|^d**vgR{
zW0?yKf4G@eVLc|g3SDZIod%M%2OLHDyCg<QeUrM_3Tnb6`pRTxW((a3a-wjIWtT~c
zcmqR5`mS|`?z&=U>>hYy>`xH1T39hpNZG__^^o*x2YHU`!F60$fC9g9=Ak>IRcV?=
zR23T2@R9-r0pbjBrUid-sKxF2gx{a`_;Moan3L|-ZZ$Cja?}Ks;etnx5(7Ya<$Ai{
zqjMAVJ`PrT6sP{77M`7%Ha*l4ef`2O=JEakmj(O+0&UTnXhU^TAG102d`R504pfcl
z;%m$^->gxmEn5=exa5Xq_c|M(enLmA9*icdC&nJ{&Vch$qszwq%R@ujy9Ec1zo6QO
zM;lN?5NI^T4ed!SPjy!lhUu@{ayA`1f_*)IO|PEPcB%@V@!ii&P-x<krrkNnY$x6q
zL+`q9KxYUd220;=pQ>#taB^uXIn^dI|8Rc5^_IMs{VS2p^xqx6|4*|nBg_9W>oPL@
zU@HGjH{!IGcI;6LjCZc?-ssaXVFUp=U?jk6Ukj)Pp4i<SiyD>H8f3sP&VC<&@!sqF
zV~ZAV^ZnB;PujZGd~OzJA;rUdDOrgD#WaNkrucd&273iGCqxRG)uLcLwTy;0W)h^}
zB&~&T1LRbz0^|>oNhI+WPBBo4WjmVCaES?;d1UgAZS2yq!$8v<0}5>kMWyouDf&pb
zOy~W+dE!jA1i~?Q0~!d!Lx%b^LO&oDdl0_K;Lf0pFl_#Q>w30;1%J+ffDI+@rhrJt
zyZH!dL<8Pb(r|peC<PMzUO|C0p(079@Zw#CtRf+Ya8hDy0f|HrDX0Xg45s#?L<_`J
zy?N~AVlH*?y5t}R41Eo8Jw(Gt`Y@8jrDC@9`q+`Snz-0sf`@V)L10MJqr~YAyb5Ax
zaFvoQM^aJrWU}o^J~dLoQ}X(d!Nc<U3&N|j`V7Nmxsi(FHrU}&rZ_iA_yei}Nj@!}
zK&}Wi@JU`Y2tDu@w=8UeWGl}7SYbn8eNthox#e^;c)5&1_VtG2KGhxP;EA1Te+`1h
z+9Umd!Fe$86q^oB6LsYb(Ch)bCh7YW!}p|U48Yr5(fm_!bHT2NXX+!@w%D8y&=HOQ
z;PpkSznR&IpQZ8-nT;Eu(PLuQMWVyZF6UyF2+)Ph!mJD|ZRLWVhYP(Q7Sp0Uo4HaX
z?Dvr0hy~#9Z55zPxAV#kn^AnSPzfj$(ikvJ7e}H`3%CLgo1y-rq~HoN-Gf~Yw@117
zX67dvLhAIqKfLwn+WXZd`<&bBet+|I^|b+a{_gYf2Y2V={OT(*v~}a_>D|u_L1*jx
z^^5jd*GKkq_v$ONyC=6NcFiRC9BXuqJ54bSDW{^C?PRF!>i%>%^7L!t^h*|Qhg<4d
zSK9Yw?{Y9SSGQLu)s=VU4=)v<pL1&+je>K(LrO7o4YY2ZMD>UL+eIVi$NP7`!jd{d
zWz@t46q7|iecvbp8ci?QMaL)s@#V(43fJFt@X19Z7zL|x@?1D8rtCczS-rg(NB$db
zfG5Zl7>-D=Yr1zJ`UZBpH*PhoX5n)6%}E+d4Tp(lWQ}J~dMu11FEw@mWR<Tz3gej<
zcYyPwOUP+884h7Kei6RDb`1AhU;k=b-_O_2!Sg>nyPT|cTh{6a6y;aLPr@rJQCPPM
zn1hF=4_Ybd+`nPxil;`Nu;&ag@DZu>ESCl5I}p7Htn9ZoVw~O~sHn|p#3*pE5E=3+
zrotb<|8`YR_6)aFHwjKm1{gJ4X)&xuvv8V5#jz6>!Oh`#W3=C3<k6a%8=YgQ%f;gZ
zbpa{a!2aNk%_CaF(-DH8+^Ps(0*0lskf5RGqM#A)qA@Ys+1ZjwvkjdVq#BWogDW+6
zv6`KtxTnqa+87paNaFjFlHFPqY?isf$%*sH0N%rO5~sRD1Tcs0x|F9l(2@iVSUeH>
zF}49|`G2$SRAh6DAxU7`?W)To<acCt>+v(Qg;I&~*`DWEjCGKiJptuqEoi_T2Ch_F
zdx;2I0+{&#MV}!A4dwv9IiwpG2_o}`q2vti?Ts<ftw_Df!R~0Tbd+){u9lBjU^3A%
zYiew46L|y8L8k;2bSauGiItt3jEVBqmcgcSUs*;HkFBf}6Dv7xU^4%jyJie@nG~5l
z`ZZU_CgHB1y#{+U7-3)n0n<FDA*fAVGp<o4&{C2zBYw;A_iEA(YUy6y=&2f-ACD_-
zh_bjM^9sbqf|{C`rX>Si;%Qy)(=nhW-8=Lb)a-LCTL?Qtg^LgudlIZBS@fB}2JBle
zmR(58JLF+W^PG#$l>8gcJT&40ed3>cNLunxzCYZD+@~$-+E}Z9Nc1V$Y2;h{<g{md
zVUc`D$ZudXmRnnQ7lPrA28-1w5sotG6vOfuD1qDMsmZO_v*M}6MY^SB^RmOju2X-5
zdB0W=`~QC3Ml#bW^&%&MPY_h^5^@tXFQ>^!afZq#KC-sW#GqZjb3Yf{A@%}_eycO{
zg8fUWhM5IRPVC`CvSXe@jx(|6$r8k&#BG@}5bbWAIoD8AebZCpB*IxZ(0~nQwDTO+
zGwg|de>8p3wDT4MM#dB&1mEpOR{ggJip_1!A~Gc&!+IwL<ejD-@8#N*sj(Er^b?q&
zEWzD_J?a(Gq=o5SG7ddn$19N@YV&P(#NQve##*})wSqlF+Nc(rfzZg2r#7E)Qgn`Z
zM*jYuPj_=cY&DqwI)NQ+m}oyL*{#fIywfVOcq|-&F-U?^QzuC<`aNY9gB@hprGa!#
zYEAvykx#dOLGS(Rj&7gry(5W1vQChm!&>}#s#<QfLRFpYXfWZK+HUK~VMc50M*9oA
zW3})oHn1n4I35HdoXh0I_0Trnl)I%~X@%HmQo8B5*+waXiaD--IukzEQI+Flw7L_?
z?CDcv`NZ$%B0|E{7c5GC*ig?t>n7|C*Qq6t<W}Z2rGQ@esDPy~cRaxq$2TSlwa3&4
z(z#gF*jXTNc}X-~H)N0eBO+$56-^f_DB6pr{vrrPk#1#+^2rt}YiE`QR*e}mGg=`2
zEU;sup1}vIxl~G6q`&d4Owe;Z*L&JTvjE=hyYh%+*^i$hrQ+PpZd4Fo95g#5#|WGT
zDWeo0$i@A>aA-}P#5BvT17XR^l(cKel<-j?lJ_6-9)39TZ|r%rIK_m2<!Q}i<vC1p
zVvSSykjXAQr<i}uwBLqgctxW!jD?QegPr=jgPb0u(c%^oj>SVpqr;qIQ=1j~^Rp&}
zkhKSnEZtRf3CAdD#!H;U&I8|v&HvokD>^q{Ecz$(Tq@LWLXpD01p-<6j_dO^Yk{XM
z)vn8U|1C{)?z47BA`tlQ`G^$348aNSS-kh{sN?o$w<lD(j^z^I%s^8cBde-(oi&dG
z(}ydH_FIm~xQ{NBKlc&+bN$CoWJ0#lXmMZBLn|coqZeID3+w1bhUTV0(6X@GR9W87
z*lQrhRnM{p_7nAe_2L!&tU8Io=q~gcR4deTDpZ6HzCetG3UtLeDrrNVRHl=mtG^qZ
z@>)Q&i6bQhLbN5+Er-*cRX;)U_WHo53>w`xsK8ji@h9YksRNwMCiT_j+IM+3HVmL>
zy=F{UY|9C*k)F_UeuzaR<LQAp(eoB_B3;*s%bimJ=&PMuTmEPbG-TsC?2X=V!4m@E
zK+mFuW(^wJ@$l31^kUg!)@z7zz-#hgrp4lYK@y3o`5$DSeqDdRoPa=MIE%nCp;0bo
z!ts7SSZICR?M=VK?i<@`i<<py?G`E_x$fclO>7J9%Mp<22K91E_7eX{NY?%Rb}9Jj
zGP+s%Ufb)zzUABcedpuxxO4pB@v7h3`Hg6JZM)qIY)@q~XuD}~jl<Jb-I+W2db_#v
zbUAty8LC@iW5z#lBYm6|SMV9U{%2B?EL}mtyQ_z{(iOeeb%V2N+tL@&4g8d-=(du{
zCppK5Sa1%175)x>LOhNxh`tPZnt^F@j!Llc{}f=SIhfApsstPVM`2^mO0W@TnuY0q
z6dZ9f?&q>XkGYsmM5k+KI+m&&_haY#<4%=qIJwds4c=p4@bCo5cUX>Zm52I1Hgtux
zaPMEX_4K|juVHFpUza9$@xEOszaJZavjsnSry`lyL3UWr%Gp6C#xjZVQ|!|#__|M(
z+QR41;eP+xyGs*g{qFPX%KZMXQbU^jz1PLDX;2r{?CEhY(BJuKUOwFG|6bzy$1%Ep
z9y^|&_673(X#g@!Hu_dJEtYje7x1B+{tM#acI1W9kB51L*Pmw_-4}GObmWC}ZWQaF
z79eB)VrPrjKL%RG`=DGHe(!_viF6K`uhN#O+3nl!dk++ZO(1?s<?TF23A(Felf^``
z(G?G7jNM<gbR(oHNSG9t9&4Hvt011YYnJ^8gN{@tZ}Cf13S^0C%Sz)G&aC9H`gS{M
zq&ze>$qDvUq;X<&mTSN2D}qz8m6K8JF+Y2wgQ}{-<~?HkuBOXWQ?5hVc2DPkJ+nFf
zcFIX2{~^aMLH$#<?m^Z+#=8}{TXG509z4@NntHV1uS!?7&0^!5$XV{J9pIwu%q4sZ
zqdx2}g=||Cra|@(N%O1e^(YO=kL$Oj!=2?FGBaOb@F`TBjU2*#r|XO7+VzQO0~UDM
zojm}TYrH2&F1M4U>r;ge`)jeg)hN!cL00EeMZGW9E1OTxfAP!1!u&5_uRnp2|9;L#
z4RzZM5qO_JwRm!Paefw^&$n>^Ov3XK&TRx+EOo#F@y49~u`BZPhdZuf@f}@B#-fue
ze)#-a4kwwmCN8iB*Xx5iOKcLDy-w**ObkC^k?nWLA{r917!gFb36j@c;&oQuQrn);
zHS{!lBOfPMCmZUO(#bY1I3>P2(^n^nuP34JR_26Kn7+*5RYN%HJPMXY<j*Cp(f6^d
zok5n@+-?Q)+q|z6oUu?LAf`8;E0I{eEOz)LI%uhB%=XO!3UspK0e0lqpv45K1zppe
zwov$)yxKD~bS2M?`vxQ%2hRA1Y`P<17C9q6XV02N7{%Re+z`A)_N#D#MXZ=M+|BO(
zpgEg5gJ9-I&nCP{-&kndO)ELSi~Vzh=FL9vf4|(0TP$z1YECx50Mg$RF+jQj4P{Xj
z)zhfA^<kq`-mFuE2bCOUxYX-u+gr;J7fe_p1w_F|1{W(~<vHH6__Z<<AYT=UIer3V
z+oofVf-5ROsvGb;9UN#;|1ZkUDM*lLThnE9*|w|8wr$(CZQHhOySi-Kwrx$Hd+*>(
zoS8Wju^-mn`H+anT)7wi4>i9JF@De_*gOABf+y40C%dS3V8F0aTIk{7^Oz=EQ;hf(
zYx<|AhRO^wR9oF&6$kSsPmo%ySVY2(j88l!Y1PkQRT)xs5|*Ru7lmV3k_zF`H5<wg
zsKPVVe4r!8b#_P~Z2W4#3VPVoAc2m}z=WQvur@sw-Umg!o^qb?`Mhp0%x{0~H_Oi@
zpLb(ZcR=Kr9_-)6ULX2vl;8kQihi#sRM)XmqZx7O8S(VmXr_r4Mlx0M@ES-BvdoTP
zqZW_N=3iY)r?#n24kPD8F}oh&hEMe(Vp~;9sHBk9na%6_#QLH7);(40aPzO1W`!;-
zDB%)>!_Aq5_8Fq+k~AWamz2?s6>Px1ha>t^%JfUhe!AKyH^#$$twVN<b<SEgq`J2A
z#;(Oomz2`>GkzsylT5-Sf?BkkYPwY8$YJBw(mY$Y(w5r0$}@zT`iwDEj|cZ7(ZCT{
zQ$<T`1$1Labr=v!dWu+J4vwtpHT;Mcf}xUVnx4BIxR6PlK)i*bRf9;vJZsE~MWZO@
z=FY}3RON{>D>_Zp&F!$}yT+FGsnMwt?|XuVH=`L*Ga<d6woFyfRSNjkMU~fBoekhB
z(4Ck^`*Ldm+~+O_boGE}=ol?r@{caWOm^yN1G%Sq<a{y&`m5ru8xu2;X-Vy?SC`)&
zK8lh8&2jaf%QvN8cIYG{XSgce@zGYGDw2y}KSO$elAVSvHi-ccmd|unnc?(c67iu#
za<kSSK+mY>Yt^WImqbCA0=SfCJhOa^M$*36jzLEa>`&L(%;o|X&4-JKQJ@SqA+X9Z
zZf$;Ds?g9Lr6YT6Tgj&MuQoxMT$K#<#N+r<MU}I7*r4en_x*;gnr+zf*4TtCF$CzM
zQEUh8nARz_5J&LU&dBj7uo9j7tm}}fP^pIvzuGi9IYRL(InHAP5|defWErXia@a6J
zzwxi0zfyXqMl&oS$mKVs5bd1lO+kns`|Yi+VnhQ2a<wsM(WwTd(}Eo<D||}h2KCP<
z!+{5=+H_C%hfv+^RPRRoKfcjcQ222>6`bOtwhA+N0?%(@7r7hYlFADKf9GCfW-A_D
zKE=wTD5w@X@@&~U`PhMf5`}MRQr5ba4`u)G^RQzVm->`0V2NA<j$2U%SVm=H^e!ag
zt1#;mIh#=Q^`?*+2(dfwdqF){2?O|RZ*@DPC=)1WaSBQNj-x!gtp3gW$Z5VWTKOzB
zv=~H4s=PJD-8-qH49gYk4fPUpog?72gyXxu6*$qa+%{SK*$sYQEwr_@lPOzsadT5W
zcp0SqQ<cj_Ya^|1X?%dPUu>>tdm`5duYzT7U3@f>ekCnuv5R^@MIOD!$f+@ED^z4p
zi>cyL&>$0>Nk|W+z$udTsVrQuH4K4Pfcf!|$lIoC6IJbUZrfcri6LmRwDN9XtNg3z
z!QW=NG6_5zVqGUTl)UInQYVIXXKRL|BH^U&A7zoRLJFveqKzMG2Sz-dTB9%J!uAiI
zZ|gqG*l*8Ym`dT9jUUzsKcFHyQlS6Jo3Q;0SUNrHUxfO<86R8v%RJa%ga4}_T&9L!
zhd1fqb|Q$oIcUGYl-eAv?X=N9%3?FW#bUhxu<`u`OQI_jUa+Y|H4ESmB8ePoYBG(j
zW9E`QXEpE1aKp{BPs%t*In?;JA*E=LG~Q$^#Lv<*uJerI-xp`T@bh?df0x<W2XFSX
zQTh>kSn~RIy7ggf&#L_gXLsOe>;8Gl;nw4u3TYGG9NHzt_g9$<@5}JR_6hE8EmNR$
z>M;C((DSk2&5>n>_FkhY2FYf|WzXjnTzXuVSl`{ZH_OG>c44Ld?7dxYN{Atoe1fS4
zVE)Bjmx0u=N>!#YZKy)Ux2@`gYEr|-(RqI3)wPH5A(QVE%)J4NMpTY0>H^^7-ShsT
z9+<D6)?^HsY2=w1zWLA0`AN4+vxuxnWBpEmiJ;zKo~cV~+rF6pEPXea&(_;r)wb{4
zY9LGzsX&GEg{sp0#LJ3XpV)5iJ>K%qc3}6?h>*#hp;UXUxG;L%RVy3JV_7(Ai^bK#
z+~wK66BFl}OI?qy)=F&^&k&<<m5W>cokV`)P>W#wbzI7}0(vS|VF+MkNI?D`CO6=q
zgnAdci;hjsNp3y?+aXPs7>1JmSajMHi@l;VE-+y;Ip@q5t4Q<21*peep``ViudDBa
zzP)b!qBrQNYThaLCloX~-B3|79J(Xh5*wd$FJR{B)KO}tFa-#~4|9MLJ3~6k5&0__
zKnbzJI%U$6%*$t)lRs93RESfNQ^M%xp?HJdA*!Pi3%$f%js>{_710I@t~Oo%0M|Y)
zh`SJcz8g5#K8GFGe$A5@<ZCp&47#%T=kvna0emgYq&|#?BpD&>oDeoSLJ~tZf@u4)
zLHO`q%R`8z;&JpZ5nNM<XcK`f#<U2<kPBPe-SqPzGXT<%^-v8lRFs1^HxCal7p_b^
zyg>sHCNeF-0{nOw{(b<@W^u=U(cM$`nnO~45Of48NFX*hGa&#^l&#sex~`?4e19Uh
zWj8AwNXt4O%%OmBNy=G}sA!U8{0u?zN&zqGa6cyHXHf+<l1f7iSWaofB`~atUKC6)
z)os<|Gdwyth}8T~2h@}U0=BDOL|QjFnmpEihd%Dr-!ykl$7$0Wq<`hiAkX19k>wwf
zGnMBUrO&u2)JHu#iS<D6rkhheh4~hB);50EFwX?dhaKqolZhA2>q)Yd1Z~OT&es$+
z4m>Oz^bCha7lj%XNTEBDXwr|UI!xZZm*v0`EYb%O%QA|;p5=k3S$M%KqM1?8DxC{3
zi_3*~Gc0dyDr5S#CExIwol|;4Y6Ol|rfR?&YLeEdT%?3oPD-k+tt&%9O=*K}J7$`|
zF4_-8$wJ#H)PcG=JrlO5op|P7fOe?h;Le~Bh3hlO*PN2#MC^}4JOSjxKSzL}V0nFP
zN(aV-O`BmtPRq}V7?TbEj!{+D#dBh*{0-VBgAd6HuR``7waaA#E+6&_pz0KV6{j!4
zj$&09oif;~bf7;@Ads%;ts|@Rk{lX}-;AD*{1w)>N%u9m<S~DDmJ&LX3sW$RQ9haC
z&6JY%PM~ae!uSUybzoLyL7t=xKpQSpr5LCM>9Kgx-g_0IdvTCqId6OlcGlLZea&Lf
z!ItMW#m;0Q?+19-RVVjhD|yWAkGfQCia);b-1INSA#B@|6TSC+1KfF-Y*c*_^)`rw
zBu>eb!aL!I<pdI?I^u*t;g*y-)uB!(rU6T$ZT)C;P34!A3bo`R(9#SuqJ2#6uA(E?
zbK+nG5^)5D6Z|l+Ir`sKNA8(H?(mR{z=+69mo(MfN}1FKMDTl8B)>6RQmNo<X~psS
zLTzdFXWpI@U_#ZCXXl)iO7FCcTsw$zhs27cwwp7=zoxoGKrOPD;mfVOJsjK?#axu&
zK}kW^j-<f#8<19i-*i<Nplm?De!L7+(79V8%p+D0&FsJ{Cdkn!00vJk1S!LmaEu%d
zlpBI#{>Hd5g2VD$-KoWIc~&5=it4vmoO+ILW=RvR_Y!p}*xU$ddwV&zW(W8zUJRV`
z;$qMJL+(2(nt()PEV+26@x1IgHDJ>WhLC4E5H=rv>fQ<(;3UQE%LClfmWDg@n1f7+
z0oowaO{VNB8lEQiL~z3wAmC1bAvB@t1?EWgC)~W*TwfsG)--vhgo%=e(wC%frA|dg
zUHwY<t1+8?p@cDviRv1C*<nB#EfoIj9G>uKFRx;Z^N?WJSKK>Pt2W8PBpTJ<G&v03
z$Jp2it>2cLP_NvIz)R;8+UA3RIz}NRL#eSWTQw*V>HE@%o>w=EB^O`V+*qAq`2=to
zE*l~>1AlhM9@on|Yb!stzLk5L#t3)x&5m?p<7n&X>%IbB))x-_%J=s*9B)VSZtYIZ
z1LO6?Mn&)su=E2Z$-nTa%<K&RZm$93|CH@#WMTUEL2G}LQaG*g-Yd1c2iKBt7lBlW
zbU?)PU7fu&dV@Y<%XA<viPj)kX3*+j3BEn0Y=RV>?iNQe$NeEnFBP^=`p)&|O3u!f
z48Q2j7+{q~K_L^?Kw-p(f{~+2;{>D613)84+LeIpa};2T&K1J_878pAK#J#*QOatE
zl6T=sE;S;+P@T&ab_XBYfG9L)vlMo@m=A;q&+#Q;6Wk<F2MPDEQQRhkbn+=>PEmLd
z!n=?2IG9ycIqDY?7fDkz0#!y5457oZy<?CQ?0h)bip^~C#l<jY@%zY0WGO(s{t|@J
z-6c>PhR+os*^?=j;{JAdC_=ZBI)n$r*GXbah1tU<=xLm|Vp1J2@C6)6I(Q`shVQ?Q
z3itzRQ|60h?<~oEGMI<hN09uemdI5|g$t70JMU7e<b>$KporK}1ZN}?4Ha10bDBP1
zV6EjFXd|y(rC_MCN!ZKVg&U5?$lFC1z8O!dAq<T}nj%69u?_YphiPF$qVg3z+yi0s
z!IXqG%BO=NyOyGthBeZ+C-xP=lXQX&t+7qzQcMpIgPIN$lh!QU0tg_M9@(?&A94w2
z!PKw_XGwbj!rQY@98L`K#xI^5^sgmZMX+T`+#4eKl$hthpamWC%t6!kdu&EK0A(Sc
z2ur`R(7ypfmWu7?oUxP~c1k!7Q`mKTS!0xn$*w@wNZP^ZVo^m>D}813ac{{yXi`D=
zP8!zZXL<WT8Lj@ZVPqrqlVww5Nl%Nk;|Y*`rL3c5P}I$|b*uctytz{MLe%qiUdal#
z^K*5Afa~*dy>$@!clOoco0j|YFmv;LGBt36yYq7Q9U2yf;Oq7J68huz`US_t+vWZ`
zz{V4V$2JmOr-iVMehv0vYZr?@t{DzF^2Oryr0n)e!}Ymw@DjVXcX3P0+wJ@Lbkb@Y
z`{MiYHgK@f>eH{g{k;f_yS^l&HN7eg%LBEN;u#!jKl7wJVC(Y$_Ve?Qhj7E<j|HLp
z36p5=4yN0Rc_zcJxJJ1tV6cr$AQ)i->O-5<s&S>m4~#7UsJd3y4lmUL<eFTD1vJua
zkU~wEU>}|->P?T1yAl1{T4~%nK*VU15QxR#$RzAFOa#kthe*{n>{lwEY87^$`A)N4
zh5d?lks>e0bLikhO5Q_A@9>{1_;t4RWAPZ~e)SrCo8{rz!e^dc$Ii<|_-w3`IhRH+
zO+lh;0IPMv79vL5F&Jq`%l3eDj^;%shl^qs-1e-&k9IO~je}L&NQ||$_O)Rfy?z!U
z*fRUyEAYRy3S8<+vqUU^>6)V&tIb&Rj$3mZnkc)`Do~Deuul-UIWGN<a}1^S1c}C>
zUvW4Fu8{oQjFnqDYfVs@2o#>_5k<5P!u4y@Ao55-LH?WztVKwcW7@_&bhhG(>zOFU
zg>yE~9E;t|t&x$g?uwcNn19ox#539%0&BM+nH8xP(+U{Rp(eu0hXSEMOw3?>1U6Kr
z!PP{v>E=M`fIGK!E8y3<#gZ%TufMp>oqE7zn&Q63OJ-cXhH8>C&)7G+60HTlwOHIA
z+`E-M@TUyo5Z<6r-tV&>`DiN=PknwpMCPuKCtBY(dz{aygHAZ4LDuOp$mG$_HP%C6
zfVP8&(sr_kcVx1G?A*NLy^WXH5m(?!7`PpuFKM?|pU)@3*SjCg+l}W1x4&{{S=L=2
zw~-5n<x^LW69=_7vGhF)r8nP}kG!or+~3Sn3k8!K=*;GQF_byDf2?ovK|pnVmg#G!
zY1w|L2yvFH2y#I^QRVn~pgMw_?X<yHV!=~MxG)@2VrGD-{ZsKJXGw}k4oOxK#}QLZ
zG&0Q1ON!I~H{-ZCJ=H`f!`=L!4fPCT^OR!s6qA24mW$O>O|&zd&Hu?bZel7Wo8sM0
z2u#*1_rugnBuX*JRHwnJ7?QLPccCmWERvsy*W_p8o*s~M&q1j=2!Z4~A0DkE-HlwU
zjBIkJwxZOW^T>ttL+C~JoI<}#GzEgU&4ysGKI9yMPPmwAjm?u^mY@Fs%l=*QOD30Z
zK$3Xdd}=J<oaZorc<-~TpoL5qC@^QMQjk-X$xkRGq<zim0Zao-b9C@!sz0t*9`!*{
z-k&(V&zeft!AzzMFG!hl$fW29+dVdm)4wFEWoLdCC8R_)4~kqkeg^RCSBi)fDp}XW
zym*U8^lbn_*_?VcbVA|Fs#z~?M#yz3dADCN+Ntr`Mc&_Zl+FOkhmm>h-hJ_IyaZ?C
zvySFibY%3rCeD`BIePU4l$wXXPRbwH_rDa2mi+Bcv(vTkZWV+p>GfGP*(q(0R>i6z
z3HlSa(K1@SQ`5<b=@t5(fb7B-P=wn!>_`L1ZPYI0n?vl)tGL2J0;T)8Dkp(W8SW>K
z37H5-1^%N(I!-d<Z>m|{?b-5zHWB6qXdHJ*uX+l8`_zmld>oYI9dd{Q=>^=2KGtaL
znGl^cUd(rnQ&l>qQTeQFn~h%;UrKx_HO?Irxo6k~Blb~Re(g^pbiD}OTPn5~9BQoM
zZ%C(@tUZcv82`9ed{LS2)O>1NVVa>%7wE`tQe=+e>yJ1h7)$W0<=@3kJ%0JQ^t7D1
zBcH!qz?kPpbD^{OlgEoa%RIS=1WX#{s9<cs1D@SSX^!d~9`Audbn;S*YXf~iB|mUV
z9$jg&&4}8OZwE!rKgtq3Z#c8u)OgxeE&}BjdV>DzdH3u}FRHa@=$k(ucfsBKjXsM3
z)i~7(zdHV=inrl$d)$PS%wk#cgu{t%5%Pgz_NYa$?5$~%%%jdxkY+zB=!|+e4HS92
z91Uj7ZUwK#h{@*OK06j<zb5nu-!_kgB*y!>62;|YLrO-<l%*Esu<<CYLX{)Tm2ngd
zqy+37&nmqS^4Zz;kL+-7Bm!)l5fXon^DZAnyp<z@UvOFfgM{dI=<qx#s`BUR>&bMo
z4C3N4@jfwMo$FoO0EfOAsL^Cjk$6bS8kY66U6bn>t?i|9)#tEjU^Nq4P3ZB|l{zre
zo(Gvms)R_vx*k7KG+HUfexl2u=?w;%K1n%>LDK4>(><W0W!UpdY+!!LR;g1njZ82}
zok!iMVaTZ#=L}*QFJ1xJDi@*Hl;KerKXJsPCr^>eF0xCXm!V4tBSa<FxBbD190FCj
ztNX(ViBAZjnYR6LcHR7Pl<4s4Y;iu`W!IW~aOu452wDU%Hj$lfUvN2q4hLnse>HdQ
z+Et9kU30~@HteA@VsrlmZbIdB8cO44lOTl7flYJ>Gods?GHu5GkYV2+KU?IG-;o9U
z@+XN<)C+L(*wMtX0{3mUvunTnSixe9n&9Kf{?eY9PsWozTG~8ICw_;)1;2MlHgAm(
z0>T^iRP{C{h+G?qDw;Tl)TKpoqYerM@OM<Zdd-NtOI=ZZXmr{hS?i$IMbtRd1NIB@
z7xt_!L!%I0BW#sBuyXE#Trfx^UE8zw4x}mT^@FyZiczw|NqJnn@NrP?i<`HN@@VNX
z&7GMc&%Rs;rz-H7tIU)`fUISo%b#LSPdiCGe$OD(m$?6U!^OP!9S`gb)u4^374+L%
zz+Dlp!AxSNv?Rg}SHp`GKtPNRu~O7+)GO{0njk3A<QD&aLWZcN#a1)Cp4VF#z(*cj
zs`W5TBXHu;L%>EZwrOumoyPfwj<V-9U6ObE>wN~HiQbH^O!dAK`lfG&-@Djs*K!H`
zWc|qcbaxqDIdw^PoxahPw<a?sUNv`Tc^+syYT*dq1VN1a5i2xqC<&}peJ^1#L~gn(
zg&@XpkK@$5CYMe&Cz@*%Ci1eeUnZ?%<2~kM3?RVdd1BXJ(0Ze8j{{Y<FK)@e+x_;n
z9b&dcCFjzy9V0|-i|v=psxA1%)@;wPd7zJF?Rb`&8o4u0(l}2zong|Fi(ivIjPh4K
z!KMM>+Ls?&M^DVfB`n%uF2*hBhQj+bi(4LkWZORm26T<aadJQPXW#F{;1Xtt_H(%b
zbszD_cA<V6k#2pkcHPI_r6o(5A+wi>opcgs-KW$}o+`V1l2@Xfbr_fbF=aN)PCf2o
z+L*VJY^0uQ`6uJ4rEy&ru+OyFvb+&|_xUYK-+EEkr*cVxR|ao=cv*mb*rjE-dX_r0
zIdS?#>14B!mH&=)>|ytTo45L4ruu!ikr#jZurL)f3Vxers2*DI!RNgG!p8)U@|JX%
zyp*>wyLl&}$$fDATa5R<(Y1XNs~OPePqF9B1ctHsGb{b%w{Ui2jXKR=nfnPg&zqC*
zj>3|}0v6)eE+iuMSWVLQ%Nnc(IO|SHtb&%;Tf*L*N=eyu6M{t7(X;U8H++1HGPUbw
z|NMqGEF#J*V936);Lz7YBHb5Fbu2b-SPioW8y>GA-3C8~pesZpEQcr$()o~#`qFNa
z#l;{2R*QWCTDuPhj8#kvGP+3yT||AoF^?;Pyd2k05ro%}(K)${9E|*%xa{^bYhCJH
z)&=DF0l~%|4Za9{gkRq-wR^CgQ+SbzpI5E`7<t+KXI>A3&1CiEtw|3)PW(|5PDwoQ
zUSN3C(YU(3+{c+@#NaBmD!Dpb_E$BKzq9hO=pJ-7&=0sIc?z%I0BSuTQ*&r@%C;A2
zeRO|W)=j{%;E5Ziw!kGL)x8+jdffXE3$XCoVq8lIRK0>|Ad)BSko|RrP{XHD3hSXw
z2zy!aP&0Y-x~Y9H>lm&tbTo~tNIo6}0X;jAmw~m+BUl7TPl9}0aWWV2aO>qu2~tY2
zny~40E9LEzHl>p<@uSB#!nZEH6Ko?tK=2PcE&pQ6%KER+xAbfb|0NUq|5jTW`U{y@
z|6BV0S8YYgl<T(Fq_%_WkRQxHoZclqVNsd^6NsUtzK^*edgILZMqQf^F%r5SKZhRC
z%you+r*&to5lSu7Ozk2o%bm=2eR5IC=!|2bOLMAsbkTXLj(k4+IJ#MuIbiA??IwG8
z7vq4#DT>EN_9oCH5YwcZ8IKw-K%EV`^da5KW8aO;HwWG<oVfvWo+)0uoyCLg?Ge<{
z(Ct|!5P@3pgVW+I&%Q5i7y9~!`Q>m0DXT5K@fz{>L5(@SHr>=LWPf>2E(J<FnmOy0
zq98=~^90*#6n!@6nBdvQ0<paVJo5p_N{#kLt0&IRMSIZu%60IK_FJlr{@}VP)$Nv@
z{R!L+nVszUY`Rdc4Ms0-qqb-a5P{uP0DKvZpdM+cXG;IO=sYo2aZDS&Ik36GK-*zy
zpHxWMP%{|8C?cVa52j-hhqF!R$#?OU&Zv#~inA6B62dQFxuB_)fw7=^hD~QzekV{;
zq+`nYXz<cs=oF=+qke;RKw`icn^GI(1mQ4U-dMUTN~D4GyZsD&^mOR-(1U~PgtFB8
zQbahAi6z#Uzfv)?&ciU>=UK>P*p)r$lxH~``A)hZ#O=>ruxSIt_jmyz8FI3-Tz7_B
zEtTblmn+H=F{8GdxJw<G+s0tiixbeH4fc&Ac1Mw|1QGPq`jCo835WUJ#)Hh$L=!ap
z`C<@Cio|w<9S>Tw_+J9AoNM3X(I~G${AA1#Mydm9xM@Nd4&M~J`Gu@8x4B>Q1%^R<
zM?iMQd4)FzfhyyUUUE9li4*;?OHyw*xJ%F8fIDgIt_<y^*4oDDF#7Ig`Dtr{G!_ad
zEv}|}?P;?Apiw*&EUCm>`iVI)N?vn>V;V@h1cR5}6&q0&&!H;P(IXVAq}%Wd19dgr
zGe}5RBMNRG_cbAr^xyzYS8cv6is}L4O9W9AHp4g>(<oJI1680UUe~#(bDnDXqcT$&
z2?h6Eph7v<n73-4XcF{8pC#cC4#;6z$|mcxsU3ASKm$)T^i}*y{mcM&mTfxb7gz^U
zkYNQ9JR=-;BFgJxjv%*LO@fjeUimzfQ=#*NTdLH?d@?fMv_A6WW+xq6PTP1@KQKD3
zbZTB_?HG-qv!rZR<V#WnPG9Acs=sr<QFF)HW1489hR+X;XW62$rW+SmZVZ)Ah<p+@
zpMYIEQv@Newe)9e9e1vNaL|?vEPcu<WY?}Vs=kPmJ>@6W|8dJ4k@~A2u{|tP;za*~
z(sGGt{lrkxJ00)rt#bud+a>YGj|9@s{bn6!#MP(s59T69jXSRnnQx_{7S!QHV~-Xz
zS>G}aU`>P4Hrcq3qn)F76MQ(O?Ox#hszVGW0d?dpA92T)%wKH6-2vk(;Jo|Cu^M0o
zuYa#upF<2XLElJG-HJ7*&I_Vi*Lh#UW+nOf$658{6hE7{8$~&8;<R$p%5?8l2X0l3
zXl&{yhyyQdN6vxnQ>JLqN?Z4qLxc)<_X&J0SG`kb52tbPvc7z(=wQs&J$L89OP0?F
z=gvmzIlg^wx(Src;klvb4fwQ*lZfQ%GC;QPQh6EZ_lkL&8Xk11@tOLH<5BqgTJ%Yq
zaX0b~VxLNOq?B}Q`h8RwR;8n32cW!%_rfy$V}FOSkTL}l*nB!y{1F5e)%Er0sNoOV
z!k860O>V&B6|eJZAIVLDIu)z){S@6FsS<mk##d{e$ydg(W;)ESysXZl{d5H(Y8OAn
zD!@-&myfN9m(=g(Eeq$5Y?L`H(PKN=q|%BZMH{oxs__#eq~jv0=Ndi91y`^ZSLWM3
zXJgoJv>#W!_Hm+@WUQMH(?FZblcvuSZ)?_09drJ~`|Hp#8$?zyAKmb>IPD{0888zw
z5F$afczjF{mUdFBVst?;$rc5j?9Aqq5k2fpnwH5=uFNs?LB6O42c>?uO}F{?2@D|`
zXN0J)Gb(6O=KxFDdt<koi4q@nx1l9HdtNxG%3i1n?Q(*`wMY(GQK>=Dfnit1vyJ;b
z%Uj|e^l~XPb|nA^zTi1!e3Cv|fl>0vmC#L{X_2`b*n;@n0J&pKF~%|Q`gCqbs5PSF
zBOZQJj9AjK$^loC!Z$aL%)#kNTSs#?Lz-{C^(v;Biah*x8aa@{cwM#cMZL?8njf~`
z#i0qxjtmikK0eSV=~;JftT-f74%664WnU*%76-~0e6jpho1y0DU<ZSW=5*#P8yv0r
zov!5Wv;yK_wbY{GxYPpoY(2R#_`WybM)McJ7{1UFk}U+a3VDcar>v5W;!RnP4AwV5
zSp}-jy%b+w=rPZ(j*Scc-PqE2Hvy$zILdz&d!N#~PGkerEj+%P5=S&SE4Ng>zTuzQ
zNViT_LeFA}j>5aA3$p`v#UNl+i!R1qvT)9(?UL*Mn5b+lYf)Z&Fdnkov8Ekqfuj9@
zWBOdb{0q0s#`M2NivN4Z89OWUzngu%(v(ch6oLP9p=y^@QE=CVw=$@cs@*=goq44|
z5T0CiiULWZ^Yi}Liw_6{vL3wE=Ad3rx3IAA<@~}r>DL_`+Wiu!djoEJo%SD<JU8Ec
zis<GP+{S+e&N_2Fbwd#2=h7&-H*r2$8^6q?Zg1_;tmhcoz0qm{4$l>D=>kIgcvdF^
z=2|~uaZNEHtM%*Dko$(Wal1P4KAG|D&^!;BivFTtuBVm*X?N;aLrw9xqtgD?_SjD}
zkNl(GtWC!~7u*-RE)z^dX;tzgQAWZYgoq?+a#{j0Xu*67hqaM>(+0L)giQYWWeSHL
zqY*wlNo70jSDP^+pe_YU@E;eBkKoLe(ih;H2{j0F7*=*6A15xUf(!1fa<b*c#le!C
zpiH`*h31b4&~HznAv>(;y$q#EVS_ZN6p^)dxrj3T?KB9XaK_=AJttf3lYuno&CJ(@
z7|i#|+fZAWV26GvFwEQ{hPd_mV02RZSiA0xfPQSa!m(VUU!#q_xRD_SX~Q87FSMY;
z{R}{)p-U_oLdFga1MpFyJxafVkIx0{9^0VCK{v>V2>I|oD?=FpOqe1}J)l|RWjOrj
z+D&^;nL?P6Kqw~XPv0Zx9jhB^_D0PzTGBt_Z$j9DcrX1_a^0{$%=X_IWeE%M8CQ1+
z!e%G&u{%ZB7Q_V7a=|cC&FGJn2!9a>K`;mq!>IO|AW&xlrP>K80k+{y!;8^fknyVX
zvQv@uEZ8N2zYRdtR6~aqG~+e%wO^CLO^O<!V;6iaQ@*Q#KQa+<p`3yO^N`ecaa-!#
z;Q2Dj(mc-^cDkaFXmmhTmUT8e!$!l74RM8OpW><31T))XOV-Y$LS0N~H3Tf`@ZlG&
z=U{tM2NrASj_D0mfgs4Vn<pkSjM2L6vNLLva@WMk75F<Pw4?(mWf-_kwh3+Caz*Tb
z!)hr0z)vSkIK#iO7<0VJw2quZ8(n?A_oAz9dhb{RCc;#hwW3Ga{>>iz;$jF)CDn0F
zuJJ1+He8iR-L{J06hQ7by^~f>YpS&O;|)PBbpP!B_;ygPF{Bx(AN8jf-oIvRe$WVR
z<d9q6o&l8jT?&$vRn8$t83NH(&HdHj(3saWkm}zsTLY4`tSr<7W(+w6ES_}-#uVEH
zFje`>k5PgWh%m$}MGV>V@-u7mO3>Ty>eFtAGvCQSndWgF<#G%4_+70tpeh`<4Cd(G
zf&yR;9dcl!mjPjeO&SprY$2HGjX=AWlwRp()U7LtZoL)Lz%5I71nFV(_+2+{((Fu>
z-B)&?ov7&B;^=&>PZz{pOIU9fIRb|+=!9<^5TasfQ(>tz(T~(FA7nQ`I8*3+(-qi1
zI$J?T647_4{G~$7w|SMc46^X3LkqXb9M;S*QrzFw2ex3JgFGNOp~uydqz)NIh2r{G
zdnMQ&cU5#vdKU^MV1!?OFt7;;WnwC6tKJ{n91S9IXHPd47anC0`hxrEA7r-DV0zXF
z!;UtpX(RN|V4Hk9B#bJU<X^Jol(OpZhoH~VV8A^6B?IeVjiT#CW@fM<0qQ#Jl<T#s
z`E>k*<o2sjRLYz{XhdN0`5Yi<1ALS1Z7QY=;UrLrS0y>h>YRW2TWtVNKPRHm0A<L^
z#Tb{&Dd)xH<nLH6F*T-t=jQ@4RMO?h!UtdMq5zXs9w!?G>X*}K%w1RA9^(Uj8?o8W
z*f^ltHgWl8>rql@{dm*0<F?`#SQVbO7Wb$>!usW;P0Y96$fuw}jBHt7>%7nUc0wgs
zdvuCB6|=~NFxe_&Im~lv0cql`HsW^Fk|Uc!;kr6@vb*J%pALfZ9TQt8>O#=~3>kSK
z_nxbL(O{<e=~bhW?3uVmZNk67AjWf5uD1igj<G2uyd3b9+^)U5us1@&O++Fg&z3=f
z{~FxAe@4e-9I)srxpXg4p|>dA9Xy`4B}e3?w81}IPwsjo0~waz>UyHx>I!ZTYk8;!
zBQ%R`zT`{={>;lDiyAuW2_5-v;5d>MICOvVFrGnCh!|{;es<WU+Hk0TA!>Z`3-eJ|
zuR?U2&&_E`@wg`t{&kV*t)?N1lCb`m9GB?P@oXArgPQ4}GLToL)ta3=H|&%}Xzhen
z6k@pfh@OXNZRSkbmO~v)!T8)(A(_u0|0j#vT*yo|pYUx=I@n9K&$#%s{{q`wiX*>4
zfmvH>Ohrc)RQFE>jfx&9b5w;4r5%>UHc^?@cQZNLI?S<yNDU_d;!zm=yzY}yE5iN6
zy?b=rfW*L~^RvcDqb~``NJ*rU9|Ft1cvRLXhlmWqKs78)FSJ5~w9%eiGX|;2xZ}N7
zqa;oqD0qtKecz^BDrUnZd|we+jGmqGUKvOffi{2$LBW*b@@`hzg1wibEA|dRIP)dT
z<to3!s(<{Y(!|Wc#?Z?{)(Ba&jK$G-;8`sf05dP1%vGrnJm{eo7cF}!-?TBWKiOs}
zeWP6~^mC#fqoe79i#)p_QZ!GD{r)<-g8d-MRX`JDK2`#YWi)CLHHwzVLYs)xs7=B3
zGg|pqurZ+8!>+I1S646P2ah5-2xZeN2jf@U;yLKk`6mV`xCNDQM`{=3bMMa<WU{%*
z?-T3Kwb_>u;m;xSItq(d+IeEmoqzEoz{2*w7WMw$`xu%2M<3%~dAfhU>Q_tK7Kb&#
z`=$1DWGfZ5G6GK+A00ojml5g`ppO`?6AJ{aQ=D{oFoocE@9WMD#kqpSu%FjWo;4%{
zwnVG#ozvf(F|xY`4{1-^&<HZB#2T1=JeyBq%I+9g2eAp(Aqi(6pMAaJhm<?Pe%mWC
zdVSf~bf3~BEnPuy18ZdlDk*(q1r${D&2g|d%fK2ncB1-pQyrKsk<Q>4`WT^<;UQW)
zmxz9R9MJJ-Z)Sg80_qqS4=A+h&tTLT``*GKUHePO;@aV*l@VTAw^3_y;rb}8|L3cS
zS^)g97)?J42T!n~0WsDYqSCPI10qfzA7QJ|_%nqKokRnBSStD?IArSJpb02zpeG9z
zGU}>SS|DN9<w&WyxX)|S?%Syq?6{=F@g2x6MW_*xhSTd}PE152yBg|~`{y(*=EC3e
zD0OdvN12EobTk<;z+vQhg(ls(1+JFTWn7`s-Ak%8uMtzRN4^O|5DA5<27$8|+}R7^
z!wXLmju{xVLEZ5khW6;8<3+ZQ5%G!HU!eB`9qlpL0ty|dyVtATyBxfRveilNAvkm8
zDD^uILXR1;#I6m3I-+%n2JAKvm>}`m5a_Y=75+67k*_p_pb3(!TKv}R%BMm`2O4J%
zfF_T>{D2SI!uR;ua=KvAz$TCP5U~te_~!Tw&g9^2zXz=qA*|2|O`z<BGzP8sMazUI
zLq<4hdadGbYKE-j8>YY_k?*)as7)fzrfEzD1nR>RshL@|qD5g&U{ryb`a%zY>YGoY
zF;F=OLWXTe4Dk4aj$%an-uEkOb+o>2_p~+t3Q~SNzdsKxz4TbO9-RF6d_CjQ)_i+;
zD{f51!mjmyIX$gZ{&c(_i(>M2wY__8*rwvegR4lQUiP0~hBVaJ!R4HtqpNy%|JA{B
zc=~d9O1;3VNv*U^{ds*mes6WH)wyED+uqXY@i1QK_I+|hps84AJ<LbN3hlPi7=*I1
zdJ%r(P38SM1O4WNWiZyUzM{LMOv%rxf~b(>Q<Q1%NHEyZj70w0ZXb#(yeM$ygl7`f
ziC3Zi>y*qBoJmaOk?a`15obABb-mBk_-jbl+JB!QT28AuG9MdqQ?H>SR<}5%8N;9^
z@T(jSNb-$f5&~cRSrI@1+`|eWk~^auXU2xoXe@4Q(m*v7|Bc#ul(XdC4&oG_t<<;?
zXm}jb6xZom%rcdw5d|Iso`RF&B2{USE%{g}nk>`t9>=3<<<<Ea=0VeY_i}XZ`~C7G
zx2+;fs3`h-dFcMRRoC~+T<7!t{pt$f&LIhW(f_VFb+qCzu2Y6ropSnxSAAIsm*>k!
z9QDPFx9@bxm38Ig1?J_CmiNom#L;=^^UTIkDR0L^=e?t+{S(ZwjjipDCO@X#l;usW
zZ|B;^N9R0?&r7R{ZYr<tk0VA5EPGXyP`F2^ogZA!Z&o@W9)yFfrvvrwk<Y*{^eTQI
znLs9R4)8ao(T9C5TAr;tJ?>Kf+(0^Td)SgAF6xs+<3i3-z$w5P|H=Pap2t4LmYQIq
zUTBh9V37W2V{(B(c7lugq3NFu2h+FG!g-)&)C#)Q-cfz*Y!nXUV`jTQM$znJ*0LCp
zR7%KSau35(`pF2+)bg=X#*lAlR*Ih%O&N(*7_pEbmcq>)AdkcOSDli7jLwqfJnok*
zc3KdBiLJR9Q5v$LD`^a5@MrNI#7#zVjWEC7di~C}|HZ^qN%#;jS`!h0hLX;v1Lm>u
zOx@Ao+@H{IaoXqX>^Z?1$c{Tk5w{L9VH|*(sshIO?aJp%FWV?|XzZj6y<d0=j1z|7
zv0&B{`|dR`0Bl999u6ix>>cH4m&%?omj4i~Q6acIT3({|5i{8{H07CWNFTeb+9(f2
zs^o0+e7Y&&Pg}&#4dbFU=NvNc4c>YZ)nA)8do{W%R%xy8hm2*6MCY+l4MEX=b=N)&
zra@x&%PHEDB>@^7D#8LFTyVe@@-*u+rRe4Z_t!m_W0>*_sTsP(O*tMEM_MU+Ev|6(
zSglpg^EF{_nKyly5{<njiM6q8G5h&wz<3RAZXWQvQa#9(J+LHxC4DSSuj@+BpKV?M
z%ZlcLkFqcbe$Oo?6y3EeavwFqE553zXYxQK*{T4heEfB^{H+!(tkLwMV-1x@Y#j-4
zZd(E;*b&cVQ_I{vb<1lmz;0y}UtEpN467_dXC5UG<)JT5iuyxr3-<ZeJZrPpo4JTQ
zFF!M#py!DX74zokf-}wBxumv-+3WfCg11RZ=Ry_B37mF)TK9`}gE#0u-1*smx<Rgx
zUQwZQx}M&;C}XGeH&8jCtf#R!-r-+x9WFY-hm-iTy96;W_QZB1blz;xyz)?z3|;mJ
zn`C!4^qOJDROE09vPrAva=}#q#$R;iLNCCsX?Z%5)?N^eY>!5}k>JqQ|D58e>1!BH
zqWOCR%@hPrlyz>O(;x}}9E5wJuF9;@qs0X+V=P9=K`F-eXRhqSZZ$#MG-p2}sp*H9
zehKU4_BIk$0^c;_sBYNZLg>`S7Fx63==Stj+rEH}cDTz++x({Y1nrxP8&s}e2;!58
zm1+|MbFs4zpt@}Y9Via#i!Xmst32#@XpwYi&Tq6UK0ki`#>kqqnSv(6VvMzGm_5hI
zhEs<}9Gb&@*AbMhX2SC{6|v}z#$G4+U7#}0ZL|@)%a<zX14PTIy+rg=AST4AUKkbf
z12jr)6JcgBXQB>_4{5}dM^u4RT!VLJY&qA@Z4}<LzIR(3*3*?pa`01VE69bufze4G
zOYmLX^)r;UF~o@=5ZGcH+!}}ZgcCkzo9*!p-KkiBtDUI~b7(B=n>Fz6rm3Y-o-#ix
zNV-u1!scXx(hO8S1+|{95cz{Ghopk@3R4J$8~Pc6oQk_;N`3RUplHFyR_Dfr;lw4k
zP3&~KldpKWEnj^jz4;~klo215ZN*;{^FHn-;qKrgnYXp|s$^4VM~(I}vA_Ypn!-UN
zXbAa3MLxdr@p#{q4WQX$5+I_*K?x3i7kLJ}>)=C6KFo2$^|7C@I5;e#+Iz!{*J);k
zJiWI$C<KV#|2Vp8NvJS>vk+YC#)rD~>-~7DS5vYj8VuCiuCuTsQuUD!7Nh3viw``s
zjYF~LRgXV%G0(C^8<B`-Z*H?L`Gv?wJB)&b2thwoRuH<_bq&-%-o+>sxQ}pQ9TFRf
zk0AmSxG3IbW4+yo5j;H@XkGvlD}ntQ%XnSusM?trmK*n;t&jC|f3_>sJ^+rv6Vhyl
z>2K}Q>I*7%h|h-Rx%Em^#vR6|)cLaC;e=Z7nvn8o3<b~1)EFekD@u?l)0p~K91fd@
z%@jf-9u};N5-lnm21U9wK8OOsz5A9t#JmSHMLHZ-nGskuwC7(A$X)v*hL@y0N~j-v
zk+D&9{oS`)xhLhc;Z;eR$wdB@5wC>~%MzS=^0a9j?pj}=AgFAteQ2WmMSqSHYkTTr
z1CD1$u$XWJzO6w&bWsTQQaUa->HEgYj@qJyE9EioPLWL&mMG-#bj40Zk>Lv-$P%D?
z-<o?V^F&fg6ca&gu4%W=i)1H#0};mWD90^Au_EHW1V=Hj@;pLC+7XvW{x==7{RNBn
zaakzo?_TUO%jeD;z3v!IyvqjCZAsCdO`{Lh<nS}88HIE&Cwqqj0}RfyJ4XqH8l8+^
zvlC4WAn|14gFU}h<!A85lovZA4=K-|bdM-YHn_xzOFRVrWAw{vhvarZ^EzYroHKkb
z8o!oL+%7carhGMBmLAbjhnllXP3UXDE;yv63^ZYv{O6L)guO=0f<soyK@)cA5gYZ0
zIr~4BWELDUQWl!BN{*PQOU>D(C(QqIsnm&F`b=)#T)osdJH=UJ+1&j+YJL%;xSUZ!
z(KM-Knp`?tK7*r>$yvnwpAU$YPX8ar*B7&61O?mt|JT4+9e)XAA5y|SQ^GBuq>!oH
z#fL;(jS@yg+>D3;8Y8VPxgY8Wv5hlbR(4w`<?%CiFx#U6nrN1{3oC;S$UMh|q{ad$
zO-VnGU-aTYy$YnB^c-2wcX11e5f08&OE-d1Yc$pS68*S6U&_2k6+VWM2z){qM(MQ}
zWWKGHLw_vkY+`ldt+o|qaFqC+iD=yqW?1(EJ?-~JjKgKBIQ{0?)q-OV^#$D}yMmhA
z&nAMgYKji$t~xox$SYMx#MhMr{CvQ69CE#qj9n!knaOsP(B?vn8_LGsG~h&JbEE%z
z9ZIp#8}m7F@D4gW5&MpZ*bBhcw*<ky-@-b6*s;zB8$LU$J0sAh%t}c<^koXoNkE-T
zyuhhS1sw7bw;7)weea#=oGcuC<6!E{)h_;oD{QTFkH=fX(f;YP6TL+>DlEqwKDSrH
zowRO@vDXKCh@`~&g~0Z5bJcg2h8c8I=4|RN-ZTq&Z{ZVwbFGuc1NO31$}+5P?+OEv
z-x=opQh+daoTZNeoz7#A@$cmzhzqO^YIPVRsIqdEp=aOxDMMy=dZDU*PB;;Y&gfVl
z9>J)~Jsu5~dH`t607|=w0dwl=>r{|2z4}zi-6+Y=-&uvn;1)jfFT13q7UubjGG?y{
zh;axwLRZ~@X$QGN+bqqgadszZ4kX}o2Gkh0^w6^Z!50u>p5C;qA_aiEr3SlfsKhxs
z5o>a(>L=jNYd&}zMa%zk_|t4{{_91ryKre}LhIuwMzss4QQV6UYGwU<8^bL38stKW
zvMU35YCE-A5EUmwDgJYl$qYe#Wj1>@gKIo#7cF0!hj6zQIg4o{K;lnFi)}vTrq3Z{
zBwNoou$s7Cb4X;bPkS=U0sbweRqbl$lFry8LeT2biRZfn*gZ&wvRu#+_UsETO*7KD
zEsbYjWjO<({syb6hH1}*KZgcEtI3BZ2w77>81P3Y6k6Wb{avq*^E2*OxPV8!YH6;i
zB7HqWDRbuZL!ug9oAkMu8nwq~W*OOy`HPS3EloQ9>t9}7Y!7he)mf-xFORgK)jnBw
z=mid@{s$x0$;Wf#NY&W0m)B}3SfGZsTS@jU$b?nx-8j464L6oJhb5s1)D|OVd9{dF
zZdZ|7i=l2U{$b6hA4}jv&dGWyq$XjLKAao%iis!pA<&J_TN`MnJ>189!maPIDQ1hS
znz|8=Z}Rzq+E3ZoSxt&UnN2WP0YEV-j>i=Yf7EyB*3H%@FUeRG=f4OKu+#s8U}I}w
z@#`Nb#sA6^Ffg$E+q?fOP4UK!HiW-<f?INBb%^Jqv?Nn4=2Bvx<Vfz~0unU?VNK%k
z#8ll}FfoZuVKYfso~~fRS+l&J@7XOsyQV0+NAt(j*123CV~+Vzv9W^IoA`b)Nel|X
zc;dMY!gmHz5LqAJ4{C$k7<)*ZuaO>7OU`tK;t@R8hlOFA1vY6H%@wD|iH%cTA|Pse
zp=rWqk&Jt@KN#L`IHFK)FPb2T(J|k*)T{_-(2&!+KhBTtkF5yPOM}MF;S}YSC<y_=
ze-i>w-aQJGU8t$oGSLGJD<?O(B6F$b@D5$P!;M5`-W=2O7u;oie@3|0YA^L$nlwGr
z;JIQHIVF9R-cPD~4E!HvGVjM5Ts{PltMsJ*ikihjPo_z*8dB;#3!tgI{tdoQSzh$V
z&lQ;|#(x7^nXJAxag$C|Yqyax<kap9(iC%{_JP<>3l0Ya&$?y7IY@mo5*S$Ni}<7+
zj#Ryle!cJNGaDxm{wkD$^iL0$k}0=Tq@|2g;E<|bTenF)`z0k%QIf&XTg*V$#V0g>
zVi2ZG@6==t<+R$E2h3<3v<ZwO^XT?x1Gg{lZ~G>H{6agF@Lvsa8=!cs8fd~4fAX6d
z!tf}d_keF8;E+RO_?QQgwnZ^QdkmxXf}teE@UjYldL%YXgp7gXvBiNV%8kz^U4Szt
zJ>cjZAS~E#@gwg#1k+W&lv1P2bCnqu%yI&`eA6<km(s=9UdAH35o$v?)au3+Yd3jB
z^Jk$puhEua#HoJ8(7@hdF>&<5+<B{Y8H-@!J$6rZ!*!1dR90hT{gVErQxg?gHmU9q
zjbOdM;)UN%nb@k%v<LybW0HRU5O94qTav`a+%@^gbXo0?Br<jwBsMS_@(EWXgZLpw
ziZ2J2qve-lGcgyvjMFUO*KCvfww=Iozi>;V%V5`eOf5s)G`FF1RCWSq(|XK&_XS>Y
z>!Z;aJF^GQ>A8G%SeIv*yZ-q6WXVCt1?k>29(bfqYaAtM^a<=j|G|03NIYxR;g|r5
zOLS^BM}xBNH3os0bftRHZ`JIm5-Z2=*|~0c2uR5`G2O9<wDe0F3S^~BXLi~MCQfH*
zoTwpjr?;oHpBaSo*LR;CJQyOhw~Jn3gwWgfY8w9r{k5dAm4|8Es}~XiKktJR$i@k{
z`psEQv222>60V4g&V$_PCY-O%Tz1+58B#Y4vPOJR5p^Z8U>p8hLn8zn1Chv~)Pwsj
z1QlXH<k4eVb2T^X#dpemf6^VOlH&w&EF!$KmHQhsKIWJ(NG&6a%p!}d?(&$+evfOV
zCiDS>UkY?6w7MoY*iVC?pi{6{h6jCIQHiK;QX6EeUru=%`k1r^q4eCO*u!lMfY$!2
z01*j)_~Yx&yRqK<`u!nYQV5F#cnnWKT1EzdnVuS4J`pKXKJh{x8Gd(w$07m#87!Gf
z_0B#SZf-<ED?swrv_3(wRMDsmygh>-T_yVqP%sqMcQp5bWpA3u55ry#%n_q%z@DZ(
zVGtigvhWkJ<5ory%o2i%#EtZ-F|c)o@lTbB4m|rIl3Mlx$4^)Nh+)?x9Q`){gv$Gk
zqtSPo+@8hfTB&nVp@)hpJxg&I=5qxmf%TJTZO;^5PY-Kl$Rj;6fP+8*QdOutK-d(y
zpP^$p!935eS>ymcZ(vZi;tKN6YB`LepmGkY1;xm&LkTxnzvNGM9jsF^5kUL73cRm@
z<ZVg2JEEfBnpo$!s+>59R}JTurM9rl7e+p<sod_a#R{z+>bi4*5)bfbjt)RtQIuSx
zLs_enLt3$p0oFBbX-SVM0^G_)wDrevcoKI_lNtK)xsX}isR$0oC{!L$xR{$l;MVqc
z98ZF?=k%z@-^%Kc>sU05#2`K8&l@Z*ACUaj#v71;f<a)#H*bIO*CqI^UZ`v4W*oh<
zMzi7C;4p|WVHLtiJxN>blS=;dg9mQWpSEt*wRLxiD>=QEti50KgQ!W-Kg2C7h?!lP
zt7@csh2GHh+#Ku$wd@C)>&QN&MqYn9n>i<s?|5>^&OBH2b&rL(y^?bAa?o5<|6qdw
zKjMDTOTj1ew>nVHlL5hv&lZayg2O0QNp8GVQ7YVOzL2_#6ZQHe9X|iAz33Z`44KP2
z@<UqRuo7k$#9rvM9(os(M;NT@xZ;4QbSTh_suaCSB038{KBfb<!ay`HLscZr^zP$5
z3d?UVtppFoK2M1&q+;{l*>LH*mX5EHROH-II<OV@;L>e9)gV#~HP@8lN10dSHLZlS
zhw6hr;@>b8c7q}>7P|a10i~bDWea!2zT*vZsFENr7L2p6qbWm4t|0Npid)?Wt@4r<
zN;4WGqI3VqAUAL3$foKodvnXXB!6^Pq8y?k2{qvN8LV1i{M~Cu+g`)@h%gvaolrTQ
zoPP%aiW#+(ih}>1u>$P2ZGb?s^XF6zXVdLXg#}X#Lnjf=IGe)fbfuYIP2b9|d!eqV
zLbo$Mx4LETi2{2cUNgzAC37KaTkom`i2hI=A3J$L>a#TFZU|yj)@bjiZF`CuG$2pd
zIhY_<{gL@)-1SE@?wp!tZo_*E3;X89J%+}o2GBoQg#Nmr+bPkD(+$2Yky|B}cvpKs
zFk1LajWnWgJd_0U_*6#C60hY<6H;F072j*AKii5Iz<&VG=(@>pVAl)SO{FEDgtlwG
z1a0X3v*H{DroctEW$Y;KU2rCbU2AFMTYa@RodZ~N6kNs%K>hh3#De1md<cj&mp>(7
zM&QF%e!Dt5sc?V=HdV)M1(|JDEh)uZW70m`@4It_(iZf?+<ddaq(wlukQMpVm%s<`
zi7=obQrv3P1_*&5;L}2<e48z>sejxE%E8Evyb-Li3iPe78^{`BpWJ_U#4Oy{<aZ4l
zWOc5aa`K{Jr(1rX40t6Mx%jZxQCSDB<(#LQ^f>I_%VcitH?>InT7SqC`hi4+coo*a
z_7_XG5x?{zY^L(H^C^rc%=PL;GW<8z-T}zArfCyxowjY;wsqRJZQHi(?$fqy+qP|+
zbKY-e?)~S^7xVu&Vs=!ly;oJmUKOh{va&L>o+li6r|A*iUAO%g&W5%2&<_w$puF3^
zv6I-DIsSv4^nVVcF#bP=6cYpEe;p1oYa@oZ1t#R?gyNjBtqfH>91(E94{nv19~!-x
zE&+WwKjxY6dD_4PwRVS>kEQB*3qX8@`0AQ9O5H^o<th0bO{9Dg$#Giy)L^=(AZxQ$
zCZU%+PxA6Nq%+4N(I(0#W{4BAf(w<)pjK>Ai~)X2V?ojztcpv?<;d<fd%H0Xn4%gg
zrwNUX{0IYQi2aC!Pq6sNHLl9#szMi`v!GVZtPC+oqkdarT9-Cewpr!MJ}x9+ThMGc
zAPlMu!HWWr48pX{UJ~-TyO~&56XNIL$wQ;0{{v3tCP{#&T9IVJS7%y#(9dU@Gex9k
z5N*S5PB<q_o5m)^?;ceCUMQO(86+D_m2+mQ_wqOwi~Sr5*K|tIWLifT)Oy;H)9+n;
zDrKmdp$>FZ*HbJ<NzTRt*Pv-y1@&8aN$LRBd>4_W4L!A?kMdk1YPlu}Q>708xW&R}
z|Dfpvb|%ag?9OQN?BxBP=sG5(9yo69hDz7D-3TE0t~5PVXUsl%$fsxi--F4}f5Hn}
zJs<Jp9jcK1eaIc3008C7c<AKdtIJO^B56f8<ss>b-XI{V7}|HF8$)~^mhp`Z5<P%4
zkmOp!mxC_4_F2UZ%E@wB<~&+nFZE&qeMsuGW;60x!bZ6S<}{K#ZX%YS8T-2w7PVyg
zEuSDi`7K|&xD@fQv@npXNXov#1pGWzZxC7VxDCu;ULu+;WCeE$^C(FRSdK2I88sHr
zyY$5plqy>3BgDN+dxb46+A?^N%P31>o%cKzz5GDiKMoT+wp@F<G~2gKZFjc$wywIp
z`FNLRe7zr@|G0L{+~6G_?S1&EA^5C*xxb`tq3tMs*|mI_r02BXs5{86h3Z`g#;(p&
zt&*JRq}#8XZjt?Q>agwD`g7gWapR)v;`@5H_x;teQnT~L&0X~Z*VFlJpJs#`1%@*b
zw?h9bgDl*bMzS|dd;f9ddO`N)_U9*-s_@Hku(Z`+^S78Q)b;)C>+zkrI~NVU3iN>U
zk~?Z987|qFzRq!_e%b_j@srmeswdnsVbKgccaCu^eBiDrPx>d@zP+0llRpc;LHi*+
ztob|vne;&WIB_|LY~%WyTHa?)KSGKKKwI$B!FG{-vGE*7ka5;jlB(ZKdWpS>&awlq
z0qWHp*KdQ<RQQq>d|k;NtKT{d=LmQ@n**sUbip~0I8PIKGaeQ1TLX+m-S}{803Qpt
zuSjZ8N*YonETPU3j`{3>9)sKg7>x3q1rB2#leRERKQL)g%?0B@mBdrrH06rWDJr?g
zjQ0D~7xX#ujTA4u!_TGhzYJ}V&L3|#I!ZoPYP!09<C&pLJ5Ev&Kx8#YbrPCmATt0h
zHmt81N7gNCW^cdL!?ejVY~@%9g@dV?oX?$T>b+>pGAGbh9C6fS2r^(jaEpH86I)+k
z3;-gwZZE74Q=%K>OjwzAW!YqcMm(~#Y+Cx+V+RjjnFEY{04@uyJOsHQy6n{Gm{vK?
z5`at*kp`Hv>d?O(*GZ+MI$8kKL2@`5KK15~PPH`X=m3{JQs9-)sYtb+iI&uWUSR6c
zmC6oWf3U<x)=5!>(yt{A)E{?JgM)G+-41Y+&=J#@3Sm}&To}4RTpY2$Ba}aq`zLt~
zZk2-MsHgi~6J0Q0bgPcg6I!dooQ>y}$|Q<R07q;vKwzalPy(=c3H^<n)a0}j=;#3S
z^StegDDoQ(s&(~+=iUOQkUUvr>h-)|MrvT<Phpzu5l7Nwt(fD?RT+mpXpo;UQQ{lm
zijDZ7gt+mLT8T^<!-#b1g-1>jrN%2OD2OJoPdkVz>EhSM!IsL$c@tT$`FSLBGLQx-
z!hLye5270hwA||OoxtW``p~Z=l!UOctq8&wVe4T8h;@(tb@r%tAURl`5*#wq6cWHv
z$Q-bzLl~fy-#fxGT~Cqu^OS=>b&GXjJS7ZFrozQ`VQL1kM|%|Mhm1!a^?IV4l(^UM
zPL3+XD)kh=Gr)b+O3K-_Ssx2}dv`U$!5D2uu3I1L!7L+XpP=cNsQn4W5>-K084H@U
z#2z-*4v=Dnv!?)--pjHSyA<=le-fnb26=Lb&x7EXr+uABAoaUE0@}&}7}QO<)>k*c
zqsOrI+nRxyB<e?1*bCs4Vj3YpZ}1>BaX)gb_C4wDCfFz-yttU!!Lt_W>IBMv{9eAw
z^&`foZ7BwD!dnAeZU~ezhq}}O943-@p+DG54Hg|-<L7-f^%WmGQQ{YVCF972WE8z4
zG^IK}Lh*B>!~+LV7J|4FJ@GSDA-!G;T{B<)diXQJP3CLJ0~@4952DT>Uz4UP8Ggah
zAf!wFsCqF|h*(%-+t!kx^L<AoOTd`|CY;l<sezIMgntAu0RfR`8^sR8)#d)OaKFn#
z1+n0hUuUOgCh88q5RsvtYLA1;b)pa@A#I3Ng<qw7j5e2$HU+i8Z808cG<JX<2Y#%t
zhFCR#k!WK?F%;9t;5oRy*s?-_$USGmbK6X)FL|TGwZ{rh^j-}t_}PymRwKwJ9W^-g
z^3`~%*T?3zX=1lp(7bAg`9!}u-Z)zi8#v5(LNeK{n19G<DZ!)(c>)LHxr~aT)9dlp
zTWe}<zsG!`JkX!hED{XE<9S6;T#Dh<vF0c@S`<t1qtmOKUm)QWW!t{B^ZgwwQ}uG?
zL;^prc(L96^LB#weK5wcnCSRi6ywYFw)C}8BJnvs@GIc%!MNu9SSaE{HfJz&@<Y~{
zEVq$qO!t@CNA}F~sOLJ_&QPkuR}iSHF5jl?4(;iH&C642P5YMXM2+kg93EdvO(<S!
z#}?YI#x^gH%iJ#FisudAc8_mbibqsVtasC-ZOF`x@6|c5Bz&SR#?Y1__^!Se4|i|4
z?Hu*Y$%^TB*z*Ob^ho&z(@O|55i1dkP-c9le1^U!QLqW~OqsjPl%qwC;zL%($s%{j
zF$c@cI=AIR<x~Uf|N0{<^JJ6z<d}nPrp<kN%F!mr@!?-psmE>1Gez#SQ;z02k`G!L
zC-dC@s%n0*TCA>L4r(H;WYMpJ;L6&}sQu^8Y9}aoSvc3kj;Ro%4x<cXJ!&&*KFV~4
zFUvLI#d+m`QBP%3BHXqH#As*yYx2B?!yE4nba`MA!`n*AQUj=%B!PW2iMi5Pdm*i#
zKFblMSGQ*blxhyx#0%l_==hBk2%@X#K#*VbQnKYma9cHC9xz4yJmCU#70!coZ4}uI
zMPY2tN#h=5U0mK_#E}-1q1c6|7gFy)Qk|{}XptB-mhOm2gjmkSlM?(0{Njtc9^!en
z;R3r@A7io@CArYnLCt`iRZ?ex9y8lf9$g$H-@5>1R#Xa@F0ZQ<_Lki9hgNdIAJxge
zwQrn`fX1x$=@;~TDNOB1PId`Ha@}hrLCVsLu@QC@Yo2F8^hp$GT3;L?vj!Yk4r6E7
z^FC)-_o9y$uF{kCh)3qc0L(I*qiNw0mL41r*JRx-vn((e)d4feQJhq$K6odz5O)bI
zNcv>F%4aa?5!#%N4p@L5N^FPAk|Jhz-z9&13Y*&TqUkYBZ5pJ>%}SU${{(&m{df(t
zn{}N;Tokjn%!v|U0?^O;k^fSwX;L_rTFs*}#-vVZEN0ECpky3Pr>d_0or4bVs!b(<
zyP!+vzI83wT~5eWBwKV5G?VN_>%D;(M`a<R_=-RZLc{vokf)yYKF^eg@*V4TpquQ2
zj&A2zPl3y3K|J!AP+K1lW;g$Wo;OjD@0K_4<?ZVRT@SS^T=HrUn2h{@RGibOF>88=
zK$4jn>4e8LVz!4OFZ@TQ#?SE==>CP+DwTE$k!>C4A?vM<ZvS8!5pNv*y%YC57BwY9
z9m{Ha3!An6mssBfVPu_1wpm2M<b@u&vh^Oz46)aAJL9|S5L{>Xf$mogc@}7Qf}f;!
zw$pAf`?+o?`;@0M;BOIj$q@_o<M|1g>v)Lo5rOB*sD1WDzBBuXC!()$kY#i?VLHW}
zWMkY=LTu9GFg(*mTfxDp-+FngA6yv=y(@DycD4*S_AnkYnvHheZwWQ*xT!8gA=vWm
z@?Y2baPK@YA9a3#L-uu66}gzl`R4nCh3>+{(~;k>K-)-oAYK`-?T|K|(tRcFKdKNv
zP-cQR%l~GJ!tocV@qcsWGSJgA{8v-Hr&Q-0*4dH0PpFu$BGc7_h$ZVc*?>s%0Q&<L
z#96P*z|n6j85Y?Sr+mI7Qlzc%7YZ{kFC%Gmx2Uomooc8FYC*uWR;E8S8Z4pkb0^wh
zK7ZN4BWD4Rki;48&h%vu5tOlo5mjE<tY?utfr>6Kux^cNzq&pnT<(s$ISr80SJ~H=
zUQ`o@nT{J7UeZGuYW*DhR=fLLdBRYEfbV`q3Gxe&r&U?H?!c#2bk6_?Y@qBiJZJ%r
zTaA`hts|r@`qboQ{R#*=EA~Oj!uEr3VlXjQz!p-{4@MC5)W{!{KrS53L1rk-3P>bX
zz&CTL(?mq@51GoX3Ysd$l-3YM=83c()U<F${7SP?b+%@vy_otWfaIm%lc?(Rre`zh
z;bVyY;1pOMFvt@M7+hsGn5@)#dvZ##a#;sp88%5p+NCrLI++Czj#>j<AED0?fpbI|
zPe#PUx2j&sGH<k;X1ycS>R$q58YSS1%9}{TC{&HgEBOPqfuBPa>>#L|pH2bXBOb#X
z{|h0|=cz3JZcmd$K3)(6LJS88T?HLsj^nWlR6BKp`GK6Jp_-7EjoH%@h!ZPWp3kA&
z&K%j0O(M{gLPef<hW-e=Ofs7Kn{tz<qR*yjju_7|c0`$d!n2!DI3K@dW`H=YNWR)Q
zPaR$LO5YuD{;ScXP_@F02&nEA1?5Tzr6SqA(%ih<dyVjvJ~dUC1X^JHFR5nf<#K-+
zG@r<Yo;rPKj9od!Pcpnp_%BzO;npX6T(iFY{CbvoqjVu$QyUE><;nYembSP+&SniZ
zhxv~IE^L_(dyS^^40$d@cif;_bCkipWhn?FwF_M<%6o%ZiwS?ActFkz-6pyhx0ocm
zJiF()w6OC>nEcr_!9()9Omky=$|@PLC!lyuvVm>+1-k88N0yWW==bQ(N1G${nLk-c
z$fgoUeaLN}a*DzPO=}-{kLxC18!HEN+YRhE<>z9^dr`XuMXrnUiEO&>DnD9P9ZEm6
zQio;^6kk*vX-0lesykRYlvxFfpKp{ss4IsmdzjGNzMGa6kDPeTpBHs6HHlYC$@WAj
zu!_xB+o%0lc#F63%%6>nwwhI2If5)!PqKY-Kgc29i>7h>d^tw%jWCZspP6q*NgdY%
zPO9e_qLL_4JD%1&T`Nw7Y*w+hzq>ozpMS4>Hz*;OVsEo%gxF)A7L4hZMFqH}SAPq2
z;@l*=neMq1!TBMp(}_m!)CKv3eEMcHqp;FRWw#JHopTOin@x+*bwQ)3ayZx6v(x+$
z$2dGsHh0Dy6kwE&)D&?^ADxNImQE3tm2@nMghTiSh6+&I{CBE@;Xm>d{dez%nyi6^
zv7r+rouadWle?WUKAotogZ1C@nt!kV>hYJ%SWZbqjaJm$%2-C<+8Cdlmd?<@-OkBY
zSJ%<p!`M-m-Aq^4+{Vy~*3QU;;(zp((>FDiake%vcEJCie;{sSVk>NJ=!DPA@h{R1
z1xPwUL0dO`&3^{<7cmf@frV8YlJ2*It+U<VK1?istN-><Fm|+cb}%${#Q!IBCF17v
zThU41$@pJ)`t<+$5)%05A%^;Yue`i}%iqD<IQ?zGr!%3Ur=kDnf&YZR6!8Dm`v1CZ
z7&-pabE#R$^3t*c^w3=&s;_Cd8646JgDc|T=7?aqE#`uTnryS<BOyV%D+k0;GDuQ_
z;@PGnF58YU36=9<4Ap%ia5Z}L)mxaq9s8eftpe*|+@V>nRaODbb(xgiJS1R>oE<4}
zw*Bo0cZj4+69ij9gxrEz#+G5z=j^Q5L$pYa4p7yY8qgTS*J4${oRXEAc%s@9BnYCc
z!4#hq)C!(O)HzsU?TBj?B9T{7mdj&76xTJ|J!5Wd$UVs=pw5~0mf)8u+!ZI+A+#C?
z)V>wy@*Ap2Gj93p6%5Efi|H0dSuHOjbFYbJgk3nmHzML}??)8FJOp@#I%$Io^qOM6
z!$sdDu}2+{S#tlTG6;M72j>}HX-9iMW7d?FG5!VNaKH!^RlT(LZ#n5G_RsN6w!SpU
z=IR_<+mLv*YZ!vTK8fDL>;?$eOp*9^(#ZU8kR$(2)&H3Hzw+kvS9<6~t^Urou(6@7
zk?}vX>*(ZQtZxnJmZhCAV>5scJ$%C*9J`e#A%RsdAzxV5aahZz(F~Tm>lBX~0M2uG
z6>7gE&PDuL+cP5?vcJgVY7-^b8M^j}u8*D#(>l4L2S4qGk-aKjTM*u&{hcZ9DNpR!
zLyJ%{4bxzTNzSX_5Uw9Qm6$#AiVu+M28B9sN?ZHJ`GkF5v;DIhL@P+Kj!F$%wi)?c
z;~_|1@4m5?gm=&`-OM+1a*klMee)`2(%kB1O>gEZFqdQuHAUYDl>L>Om_T#V=XHUf
zkx^)zo-*ip>}}9Ak%c-pO5muWki`<g++@^6%*%)u4mSxl-=G@bVo>dXvs_WRQn`X$
z!>%K*d)O^@_dA9UQPV_n(p1g~bjVxz+A<A>VMV?z#z19|#W5SqITJiO>iXFS?HE(A
zJ>(PM{?q)vVBiDmu7OPT+Xs*hG5_G-O$h_rf3Pk7uPO*5W4r&~TH>FS_Wz@n_(voB
z_fh^!Yy4GW_;gAR`ZkVs`VPi6hVGDb;`mMu&c={*LVsI?ja|$QjTL?i{v${Km-Gtz
zztJm<9DlXZe<r?F^3sxn{Loz|s)y`6jZ;p%oNcJWYPY%1&D8aaSJm|*SCIKV+mpze
zYk`Df#Y}We?qibW@q-RDnJ%~;fI9q!jrOreDR#a<2l6S!n18LxP#!sX&0@$I**&@X
zOv$lZ&>*TeT>Y+i_<qmXAXPJQmAyC&mXRPBDe62n8oR#9rZDkwlNnH_<l1$>ao!Rw
z5W|fD4IWd`3dIyv8EYcyUn=F2Xoe<H9<uboUBxXW;5Vr2LMd2scn~)!7lgm?>ZLmZ
zB3&>hHuD=sb%>YV>7rjHOfbId5}C3Y&0&q$zf*pxb2P@514~-Zh}5Enj#UWVBc?<P
zvgn^pvxnkre`m449<`M7E>~`8El6)8ta)`|-vR6#V77+HvJyp<|2y&gU%d1GBa4BV
zgXNzE<gc9kXRlmae&VmjfbV=j@sxs##|zIEt*2H#8w%xBYQf{z6OXruqUU(MnW&ei
zd;;K_oTjeT%nCW_TLT~ROj`;=h;ruKWz-E6WIq_<lwZoNifB>XULx)yPjJ^t4O`fq
zq;7|eh)vQmP}6@XJYnJm2O!@L7}neR#j0BpUv_u?1t)V#n3R7bP#}J!Q|OzFBp5%n
zAyCp8eZji+jr^zLcj-ghK3SRi!G2Lc{?;!M)f675;YXnC@6-y+=B()V6ago&gcM^)
zh#T}9M4O5zMR;v%Mj3*;N^^0?QgvM<UPfNTZKmzSoGu!7tYPWufp^vmk_(bMm<O1x
zNH03XpV3dl@5QU9N1lv<F57cVK?`+Um1`8|G0x7Jg_#^J_b(u<m3aSu_tshe5%T{}
z?g#@1BkO;8!=bL}xbQDlL%9;VXJk6hh3Iq{GWbML@WSv@e*Zi2`{8A!6fH>$F<<W)
z9j7KMF!1bdwfXDwOV?>v8!AIfef^8aQ**n=SB?j2xVM;r%H3fHhI{N02k!`MgI|sp
z17Yx--^iV{=#vcBy^$8L?pa}XLG9b8#F694Vv)6B4N9~;8KA#?aS+tPX%r$Kxew)S
zL@Em4{?xLBwxOYlJ@Q<rRB5Sinv5PpUn5<dpSBQL>Fu*>?YHcD&^lO|w809r_J71H
zXy%pbH1JAUZD4${qv0_Wm(eF8ZkXuv>y#TSWJXpTtlcerJUlR9NC!?dm^LJyHB7vq
z^<7SF?Cx9BcW{0ft|#)nhgpA~r0vJY@wqna+t3UT;_}R+TF7dTh-_y-CjRP_Y6q%g
zA>ap4vn~<EJ<yK!5O#>L>ZhtNRG=%lF<o#)v!w-|y<thu?t(2YS(sRRyX(*>$#JJ}
zL2x!F5wW1yqw0n1!d}DmuB6N9{w$<>Zq7g&_dfK9nOokjs=BHDT6Z|?>#c20y>+{L
zKBLN2h`C-!eGOCCUT%@iUQRHq^7JITO<ivkWo^Jd>;Ql^LJB2lf%p@fX4nAPqQWuy
zY~d*jiZ8?N?1w~;A<%6twQT6Xc8!WRiGe>T6tq3?0?u*h8C1(-)q5~>w+6UU5aw~M
zPe~rsob?n9Z}Wy9#HkPlW8P<zj@{s&T^NZ6o<zV|7F~PcjmFuswmDN8&bGdnYQ-S)
zs><{&edl`rXAm!FC-cYi)7q0fPp*&qCO7haSVWzz>K(WcaT?$4dVtCq_D;eDbYu+p
zZ+76Aib8S}P=j(8=Kd1VY)b1+@JbB{ijX=mhOTrumlCz{u>K~W7BvJg!iQQD34sw<
z#e(S!E~f_1_#!n<EsB#34n|-xP;~lLGaw%iRJBQ8=GwwbpP#H7a$6E_rDPg;h7OOI
zb5oC^DcPFm?D;usc(d`tmJ0gieJ-b-13Q+te(JXaWP09mXVn#3<1vhnur-B<j?59m
zSa54d?Q`;mOc-!B)hp-&LV?r;$aX-l35X##CxQq#Ss}-z;9eN<y%|!?1+YSJ&2Om3
zFXY3w&SRCpDAqU}z`gcSRKtMZSZ_$xsfHY-sg?Ea>0xBGF%NTZP3!0(fvT$S#~S5o
z+nb}RgQBrVcYO1R$LKAP1=7Vaq@{uOz3|$DxFF%CkoqcN*AoK~3K6?mYy`Odo8(y3
z2c7q9Qi+&Kk|WGiQH&<6G6jWMs_oMU(P0sXuu*{mV8-DGPn_XI&WtScs`D<!I!?rw
zuFcN4yf*Um$M`;LFHFYFwIRz<eR(T47RT(-CNW$Qy(pvLS;ByU{st6}lt_T~zc54U
zvAkKZ)1UP7eh);uH%tymr=NQEnm?;oP4rW*-UFdmboR=@nG67^D<wuUQ;$c}XNH_@
zN`)z>q1rD3B%L4Fe1Rl8zz>RDX`k!tC9}B$-uF*!;-?8oF>1V7<gJi5jArJjqu*f(
z>|!i+5JFB^D8A7uUl;tU3=X2Z>3h{a%hP&&Nn0lZ-;g5^D=#yO_pbub*P>QUhNZ~G
zk>ik&wlbzVD3ni&d=BShqFRms@NA5T%y-x$lnjEsW=3>({ptp{=~odUPLfPCnJLVH
zhrP4N4tpn(t_HIez+=ib4gdBkz^xInr;-QP2W?ERmEv^fP6sredrklzi_ixegVfSJ
zrZPkg$p+0^MR$8+q)L?VFhhLu8zZ{<8TWdpobRk0aY}0qu}miS09;mAhC)KTJ#kK9
zJ4{2_;2@#SFY4~v+LkFXNwlS;=>y=$#3R1yjJSubC5_`6%+zk!oHWCe8Mm;=c}g%v
z0kz&KuXFh-G>vE9`a^b;N(85*Vr4;TYeC7vqP#9*k*zG!ls6Y;<sIH>i{O}><=R{c
z)%K3d&cn;`igA1A7%HfE(=mH)wc>DUX=89|K{^eXUavcclX=iG2*_{o5<?c3*3L2d
zDvMl`YM>Z4GenJWmam5CZta#6Si4~ZFved2!2#EqV1Jd}T!Z$*>r#7POU5O^W3|}0
zHV=Cn^i{mHc_tFAA8@d+R&jQ*u)C7yQ~hpM9`!ab^B(bZl<NNg(BwU6US+MZQJ~J4
zHz~y0Tov9ZALyLTA8eCezvf!ch0clX>rW{QTDKAA(2m!kzR(||X}U0-7h-TYuqNh8
zUU@Ee?sDN+iB-5H7g@R<=h8kpZlI0&beKnLff`}Qn;A(epBAfGXq)lddDz@yN4u_M
zTHFYiX_R{#6m|fTJu1VTm9eoLS@*Q9>K$@I=>XJ`5^TVcu)niZSOBu-IMJ@5R2C)2
z3c3A;ZhSWBNwCx*KQ~};3pKFC1GV5AH?j=P=74yv-?=%Ipa`~+*~3i-^PyA&6j+~g
zbMWveTB=%}T5@R*Sa^xUL2SIfeelfSxBnTdV(fc^ynM)5msZV;-cPMuHp0Df+Gz3k
zaF^rM>>s7(NbYwMUwP%9+%dRcu&N`DnM51McGj>RC4?xMwb%F6(u(Cj+=`f+G)8Uy
z!$oj+x<4CRPXBIQXaA4J{{O^|VEMZ@|JUa~wWrpv)HP%OfowWaZ9R{aA26cL!QfI*
zo-=8X&X{l^SZWqGYNM}J=__8fN%(%xX+yUf5Y%h2MSyeUTbVf_tYv$tbzS?g-}L;9
z3f2iDBuHb+aYrnW1D6#=hS-lT+2+#4U&oWfc&{LI=T?6K1Nr!)YK)6^)?<<f>11ik
zEr~WhUA<IU6T3{A*^5df?C=ME`G?+Tt^@t$`x+q*z|&}e0a{)R*tY(%>%*^$BCG3`
z-a!7;o0%<Drx#-%Fz~G(>&fRzzvP!_(nT4rMfM?XHi&@!Zc_XCLa*%dm_o9}7TF+O
zlo88V7b1`+=m7x)Z~*!i_-idOcz=Lrg1-Sfw=j?mm|o;)JUu8vt2unQ89xsOJ#nAH
zF#ec9_XSozL_!{WDn&S^6htb$sde?hWWTW+gO`OV{_kpr;jhL{?e(sgG(#HfQh_e;
zQn@^e5adq`Ak&MvIeOgg&L~?Oo4?oqt_T6+`Q0C~e;js|IBHRs1_4_;r6s^Xs(w7K
zq3ylb9=6l5STauv)S#+FfaCS?X#m<b%=b<;k|~Sm^0kE=1?7;(nV`EO8Sn|<64@aa
zKH}`?i!?^T1Sq26M-4t%#Z_Bw+hBn%Q_E*+f6AiJC^J)Az-m2Hh(Gc+;Eh50;JDA>
zlV&VFTcei<#Tzt4JCZpof7VLi`6ZQ4UqWl`%6B__Kp_2EJO%cQ5XnT12{;n`p}<zk
zE0@)|kXH;x$dU-fegPvAV%vRqR7TH~I?V;i*TK<0OVru_(V2RThvo8+*I?|YQ?W?s
z9!V=N<1rs01u-JJ<onZ<!_wwzn9jR|AP}p5O{`ua&O4LEzVN$tjBpi12tcd#kGjID
z9TBHqfPF7Ma5UmIvutWbuts^M)Hw4BT|locsYcn1%Um%S79{a}$ed#(n8{P9u|cSK
zH|U&1hglkwil*b)MNGb;=8e-*2oI9l6g3S^N6PlG=4?BZK~L=XR?cyGEt7R^@p*r_
zj#7p4HMbRCG3za7DHi+YD1Zal1~U75i6usqwI7)Fe&h<D_Ky!s%uXkcZWqo-!HKU{
zqn~*_0tje$crmmC13A4#su!1X12b@7I1w|}7>z|75<W_*HCv!Q-j!ny6l;~<YCJ7*
zm}uv;uXFo3vM(^A*dWI*Du4G<s$`!FD652{M6Pa0Jz_tEI0utnG10vcq;94>n=3|K
zonbmU9o-n;Ya{udbiHVrp119oRam}OqZv#_elcOd<fi7eVcZQWU`UP_Ls&7tuBu9H
zMVmJtS6A&>hdYRJ?lmedHuIa@%WD~-za01GR8p|yq6oni)P7c@nEnbS`NsDY+UJ~I
z4#_I^>=j4KZRO)rdwqfs?ZNEwW6UA2{GpHw%w|ZJWyy~vzU(3vS{QN~FjBK5GK`}6
zCVqq}c3l@S16=n2o3(u=CWIN`p@XQ_?~}sRYII5pNh|`M;F)6{)#s%mL|Dt1u_wy)
z%PG<T(xkp|hD$|0&JlCaW3guj`WWj$K$@bd#LgQF<LSARFTpd!6*Rg^OxYKt6ov62
zXqe6BfP?JAAjc&ZMfK(xQ#iEsux9ILyYeqi3Mym!k+Ur;;i$v3OBiJr`9A5?sCL<g
zKT!7pA!tHDbqyOrqC&|0gS<)<3^4(5TiVuJu_0BR82aQ9`Jv=pfULJeBB7Xreg))V
z)5hy%^%R7&YfY^_*6`Yje!mD$*j>>K`3XDmByI%y43b0<3;=3Fd&yzp;|rC+aW0^7
z%x01d_{=g5K4ZJ`g8R-AZrJ4$@k7P2fAwQ9%Ur^m17MG?9N$_xx@kC$-mG9t5ZldK
z!KycK1nu(ra1b(gV}2pV?hMw5-c{^Hs|)P;R{ky|FGuLwAi^cErbWcO9@B02+Y=kl
z4e`uYPZ=}H-Y_4S6CoqLasr}tyN=bvm(50R0bR!HXAN=I@lyd-_=yLY0W;=xW2v9$
zc?4c^V^M}BV1=<<%`bRDOKs<3-@6HXpMkrrMHV1B<@bQ^Um8iJRJ<^%v5|E|V&a{-
z`h%~o+W!M^bMSrg@0JyY|1uH*^M7De=3x9UGsawLsXK16Hvi=x+cmrwyxdT-D8F1C
zd)=O7XR9-<mm2>SkUMB!QC8c5L)G)`17_8%Av0Wj;8F>eYV}0$4)AJc$4Z^_oTJ(~
zza1&TE*?~wL_t!{IFFP^H6j^a)=5RujJT<muSIe=ctn-wP63rnuajer$Bx-##saPw
zo?8}=Pe~C(B%x9&;T%|A*c?KxEnWffn?Ctb5XqPdLy*ET8L_%?|1VN+5iiiKL?fD?
zyt)^lgwi;d5OTS_5O`~OW7g|z>2WX|H7F3kuia_#{4f!Vd@o}+JJVbs;XROOAyrW<
z`Cm?!%yAIR8W;sY-W2@q7Q+4x3FI)8=mGi4#vJ0TW{T=n;K-tokOSb5^+yryOQ=fZ
z&fZ7AAjoqw*obd)amXdBz`?VGW`za!wUXBp78dOSh!~1C-xVkYJSOH4<RIub%##Gg
z1o(-Mf0xdu4(0~c6=9mFwlcC#*1-!T_2vB<Ge71aQ%K6ob&ZQD3?0rxR+z7i@L5%e
zKrKWh7HI@`z=XS%n36OnU`f^}H}Oh`+;@(VfN8>lzQd#^moG*_1PEYc1=cA75(o_g
z@xbrX92MXY>6{hG6HNES64S+rhQTChBzKGv2Q`;0D;z^9QbI77pa>~LSviG)1XV~?
zPyjhcCnVsSWfr6@{S^%%mlISTO<ff1L@X{@hyoHSCBaqSt5>G2fYunPkBMKfJxhz3
z3&_DpuN?$=G^ABFA3)fERETL5N$MsjI&3Ch7a`zRIG)uwC_@ArOidK>4Hb#-$NPB=
z!_&b#naahs3%A+yaznd;W=8kv;>7gwo4(ooGoBmlC;Tg#$KcNo`S<|F2Wg4*li_R=
zu$!?|m7YAhMs&6QpW+Z-fQ_#6h8fCd>!EJ!9B33zId2DE*p3R*nT*!6g@y<4pM5Kr
z&T!JTQ~Kn(3nhhR&QxJE-m35S6{b&5*Gj<;ja#hR`EtyKdXP(Zof8I|P<!A(87#BF
z(Q<!J1OXOx(uLwA;+0Ozqcix4Udz`kV1r5Ps$fsc!Ti7h>2}M%nJlin1$E0~$Xu_=
zQ3p<8rrxuEQweh6LRMtnJBs0|S!<6lDwR4@ED%;T=dGiV7@HZHr^(jv?TjlF8Kut?
z%oKR@c*&I|Uq3PGfDEn|HHp3-o&?T0-MkCn#utazJ5KP}#a-c4Ff|qFbpW1IoZ5yO
ze=qfud7fz)p+wuXp0-2pY#ky=pyibp127V)C@e-GcCZn3YYbVlMWyy;Dq#giHQ&uS
zbKB367V$I&5V?<WX2a4Mu->i#>r5$kLEB)~)HDw?m@eXtt+L0CmULNm9J<w(3Cz#m
zs<5_AsJt)eFUPE$iw%orWZdtxEJg6`90!$i7!w{I$9a;MSx^mb{h|)6=z3z43HZ>+
z>_``yR2w7Gq~_g@dP=d1A1^YC{~hNkhgydn-eR3(?R~CQB7?!GH5E@b?S}#Y_OR^t
z<7IqX@A63+7zdblLu--*d*=!o=}hJopaz6W^Fp`ZjJHg@1!}oBtIvVZG*+w#es9-Z
zXP$AHOkbh|CQqcvfv+;ZGQ36-#uvv+eqt#C{t{MqSibj>ivNwzAVWlYVON0U*s13C
zvV@=NSGiP;6!EZJM$APg)JT&R9A5=f!p2$2B-L8SVQIN{sNKLZ$*0PsQf3srbc<No
zA_Z&NG_4oCtw%CaAQ5K|RV3!mmPJ+|d*PqW1E3<YqC$&!9a_(BYx(;k52Cg>?)TYk
zCZI2TAd%KOP_-zz3Mf#D9r`SEfhEP}7At$JuC`0|Gb-2#sA78o#|&;|;Zli4fOFJ^
z3%)gcUnX_~>gY;lk^|I+rSyuk=*ej!N1L9AUwuZVmV(3lS;xs3^cC23okS)5IO!`^
z9q!?}=o}|)oRG_{k@Ya0A8HlKty%OgStBDvi)Ro^m_|q~z(uIK8Du#A9-LjWW7DDo
z;HIm(8881MoLIHnlk`yc$9L#>!lYTI?qXwl$99zp-<PUMB~w>6;&yQ5^2&DjMyD?H
zg*C<oS|c1?9C@;aZc+g-*$LTt1Vkv=x;(3kPkxoj!Lw{*PxaC!r1b-oQZbp+Xg6-?
zqjg9x)$>yz9py7|&!!6BR?a}pfjh6^A7E7-Teij@-S?uhb?6R;qbVm+x$*Cu4c=`$
z9Tj62Y5FGN>yxHZ$@52N>^ZTbu4km5RAx(M4i$<S5q;KP#c6496AqSi@G(=t$)GF<
z79<bSNvYLzJ0^xEFLbiP*=q&d3R#8Akvzm%4!6nkoj+PuEvmlymB@c$@6PjOGd<8}
ze!k91;K$M=S?}>}9G}Jld&Fov;pZXAD((5aJT#-2>wc&32Lml^#b#cepxFzP`VMzT
ze1H+$J=Sz@>BLdLTKW_|9P#<q@Flv;-Q54#nO%JGr(NiqC{aBR=~+}!>VKnYEFzI{
z`7v^9zh0O%;k2AjWQ-fdJ(R}uOnVFy9=>im_Srl%AlK;VV&v5-aOmOv1A9>lKCh~P
zGu1l@6nNP|D}*HO>Z_DsU2QN<-6K`uHs-Spv$4ra)x53E>c07SVz~@kp^Uwz9MWFX
zLah_9-Wx7EiN)MLei@PEncQ(D9R2n7ON~vluqyN9(xPdjmRU<j)WzQ0IeukPgRjx5
zAtDp%*%B9wwUTM$o3Zw4D2?etPrLF$*QohSw_e)EpR<j*{kktLWT{s4&X`ZWqI0eG
z^MST{mBZWw*Pqr_Oh|pR-t&_8Ba255ZVl~nV&CZ}^o#Bz;w$?rkjF%~;m2^N)^-i)
zIq56$E7E(U+mx@?B<jq4JB5J-pRDv_-rcM0Mv<?0i)5o}Z<);;oe5reH>OfQyb0P+
z|Ku{@>5}h~L$gk@*#x-5fUhCmdNt*073vwvbF6x;rs%2j#y%@2#$)}tg0%q@m&tZ*
z0LQ4g#Fi8&9N=9O#;}KX(wJhRLfN<JjIA>I<RotTQGkhO??&Z~M0)($U^RK{i**R0
zpKIr-V%|aE>2+`O2yS8Jqr?z9xK0k~5o1`I1Gl*5dFj5LWbSz4o*~+SYnWAc_>N<v
z6UeBX6C332;_>Un8m_7s0hh{&>$BcO#9AChwRC3QhWM(-WJRvb1Uu)11;R6MRdU_I
zj1)$7<)eGJIj|UIhzPyHi$ltz4s-egS=DZ%K_~XDv!vQ#g4U2w&zhGkm=uX0s}`92
z%|!LlH!JDu7J0!YbL}X`iX1hyqXh|5z#M6f>^;_qI#k2Y72<2P%4TmvNH<YF$_Ngh
zZofRUeG|<FRz(5C*>--@6Dh{?cZR)fMzSZ^*(R2F$_sA&jHwu0$@o7dmXeQq(S!Mp
zJHrhZ=Z>56mU~mD)>mqaCubE;_A)kh74HTEwu#oY!rHf~-6WQb%bQdApW>nPbe1>$
zvXClE8-nnjJR*7O-LPKU%C>uU;ikkUvo$P)R2N3jPcUULs(8e$JpDWQAy0+x?h#4W
zcW?pEjd8FxryYy*S>FIJW;K*&AWvnZ=d?@@vEQb=HIwo>hVmMgrMiT!MFf1s@s7$|
zZcJ&K{KzZd(OXf=tDV;{w*0EK00d%(dz9`yspswfdt`F|iYbx;E6v=8s-Shx`$CJb
zQ<HY@SW6J}iy`$jP10+Ug!dQ`&oMl<ZIJ5-(bsK6etlg*Ev5W9f_Lh%Ov(E7Mi(ZH
zZIJb=#{FSZmphWxxG#8Gdx3bn5V@$O%~3l{rdTw`A=D{W6+|_ZpKG@BIi&ec>r1y<
z=M$Bdut`kZRYl^WD?&jnhME+EO0n@fY31qk9cFjR4rLefF2#<|&q=zpD8FGBfF^gM
zp!=DCdT;|B&p|1=CEKc<yz@mX6JJPd*p;^%taE)?0-z@MLnFb3%G}eLV0#$@7?7)C
zgA`KwR2rVZlqTbH{-YP_LIKc?V+)-!HQdrBWj~tIx$L49I={&}iPnkZjn=bBbK&?A
z_clUKcC4Yw97~3r^X5+S&LdlDg}lblp$tJfH7d$FGmvHb<P-PS!Hbep|Aa*<v$}po
zfqLj7x~Y1JwjF%KQ5t;i!KzSkIS<U!qf=l>Ep)5*s69oWLTk?9K&!TYo!H8zQn3!@
zmR0@3%-zwWHD`r3Ex(KYlCpP%qXoXI;Guz(xqYJfNoMZJjKIAlQFVIc#c#PigSMAS
zxLMEn=rm<Pp>dhj&d6GB&4|3pmAeQ;<azpyw7G}pLVllS+9M|Y1&n<<JVUZ8YR!NU
z`DG%lNksSsD!pi_3DtHN#-#mRcm+QXG%_tOm1WVBpy4lUQ(yi;<w0PnDqPFy5nR>g
zUfg-d$ds?x@6z<&sYf(LXZYZ<kN3fLH!e9WHz3%5Ow~U|rW<0WYYx4vjE{lIneh12
z-^?Z^xm|eI>mTM)l3U=)WDIqt@sHcF9t6wvqO~k^2_>w#f{nBy9k?_aUz4M+7`<xP
zyV&SQ2idn8YMlhOl~B{s`+o#GxrZ;i#KBv%<I*3h84w*w+>w;T$U2M4n6))?RS%7(
z&QL(eArZxiDMy`jLYH;3ZjUiN9`Y1obU5=o`P!SE)UkX<BwtMP>@dgTi_wxSu1gN5
z%~sjkB)-;Fu?=Fb8XnYaM1w_5sGKdlDvXfm%_*C#tqORJfuc_h#x~Hkp~fHbj01FZ
z0w0d9ZS<457oA$#FYzuMd<za`=#38gfl7<-c$*oWrO6y`wSL*|j#!~7+i1A<cdG02
z7!VBO$1ii7667X`+66aWFUm<W*I(1@zcM`VI&nyKG8zytX^Y>R5HP8nZ=M@Zvf^*d
zSr9Z7xYDICT2dp_Eoux$A^TSwb?3PM@kFo5jdQ?g$Y*ot)ET9wHvc5lITMnu`SlZD
z!CceE?f8)~b(M9*F4>2qU9_&t@iq`1=Gr4I-06NIJUGp!znSIR%JF08_`P@XIZ&Zk
zjDs9`DpRu1sU^M?20J<tAEJkH|Bkk;(=|$>5q*lOG111tAxbSP<fLW1vc5{}dk-#p
zx3KWB`~hAJv+OOfIR;*glJYK!N0_z@x;msCrAIjnMSTt5$DA^wG4@L?csfH94~5@@
zNUD&}eU{=-)BoZ*Nwr%NQpC3%pf5<LZ(ejCgLX_Gd_P8iXnzJlMZmKUyd@=Na`e`^
z>ga>9c0aVsJF?Vs@^g6U;f7w5xTTNQs5tk~ht1^^wqaha1+pPZJ=eH8wtwpfcp;(u
z{oiflIsW5Gxc})L=3x6TM}4a>{_?uAK5pp}=+QCCH53Y;&!-YtXW?sR88z3_SV9TZ
zVQ8k&xTiGIe7t81DKr~V$;>1FqRimt=6=yEWoapO-u^&;+Wyn#j}kZgphe|T>m>m+
z)9^V<fZLFt{<LNi_0l8Cr%s#Iwiy^{@j<OU{@r^A{K5Q3g(^K+JpC9W;5kJ8rUn;S
z%%YBF93S6*pz5sr<&CPz#O^uq7y3Z&`)`42YFaJAR;Y_2mb0(<0%=C|Re|CW@T#-V
zqVWml%oi}5)3t*J*;aT~*UwvR-(DPj*~7-gl7Lpcci_EH7blK6yEBWfBu!dK7*(YU
z=WhRv#cFw|zZ|-P=MU!XI-}C^MMcbPqAiJHfh;%Y4MvWCQZji9Y6EaA_$)><$7UpY
z7cuEY1qqn>&Y(-hCzSGvbF{0TS|*=TIsA1F7Zg%J$)_G&DH`0{0EV@X*Tq>EI<k@F
zbme<51%Fn3M-FCqgyg#Yc{t)w1rOJ>Y$mICV&bY{hkq`)7E@k#4D)EHS$6Jj7oN<R
zJ2`Q3p1my+-<t>e8ly0Ta}nNV!H(~vFPZcM;j!a<QVv$u6q&EvT<S(Ej->v~9HL2N
zOPwbQ+kS6>eTb(duhFQCIfQHNskezSb_t5_)wyf81w8vtZL$x%cA9#t^s*%;z8>Cl
zgF+d}Kx2j#T(~iZ|0e4haYLfsZsJCK-~FR^m*q$(DDSz0HeTkR4?`Xs)?20z3YvSy
z4or)#-@TK<-tEKD$p~Uu5@?<OH-Xp=j_(AW?h}+3p0|Vx?=cMchaWmhp<F#{(|<Vs
zZm8td>DAoJ6=`UtWp2tES(f%2y;;Z0_n0FEu2arLt|JO0z;cmq@=z$k;!Y>%4GKk+
zUuTv795C1*_Ji-pP>Z+vs3V2JqeI9pV_!S9h;*XOy+E8D3gY!xMlrxVS0xt*1U?8z
z-%2&`d;O)fz8;RIt?{s7fn_`t5pUo03)XvnKdILTcYA1V>o0<P+Tg+1Sa&mm01c!_
zW5Q!BPV*^<USzeVW16*bEieXq4irX^I&hMtwK3V<NTgXn$oCyBrp!5-e0K*L7#9j~
z^4;nFxq%Z`gsqH>EM4_<%lNOgn`^JrLc|AUyDSOdh1`T|<mG4V(1clg{?n{ie}-}K
ze6KCy{!Ypj<+7C*^qz7s@6I_-k#{^$V&E^YB!FD!_(AczRt@p64dB)+nS=DKjMFY!
zc|?{zu<8z&XlElS<z1L7WyUQ%r%>VAc;nzhdrcA^DHzP+)%uX0=QV*|94>JAh5{dS
zY)-!ODEzz69R*!&+k17EWF{CD6jE&~I#vb0?l`_vV6pCy&Zewl^fF6gv*r;0Nh@oJ
zMfG0e?k`ylT9-6Vt@dCv766wNthv-kltRu_#}7)nXjFpt)TePPl7)JS6m81iv>LhD
zK>dNr^DAfSYYG0<3o*HrWqs39)yAxf^NOzx-U=ykD;tk3gcD48Th3vY`@6Q@EB@sK
z11;@=iW8dHqd>G`tRR0NGLA?3H1W!<$`fm_Lbz1!%pkGPmCG$)*kxHAm31;EsHk<z
zjnk{^z6Y}zwZ(xeCg3bA^9rJG02&eO+$u&{9*Hp3bj)+xL3^E3QZWs(k&oASD3jK?
zCQUPh^y5vM?oCDE=G~?nm7F^9>tLfm2!3%c3TI~Wwwl+A<D>hb&{wWzl%JNjYtx1S
z?8hi=^^!rXR-b=Qv)2lurBuAKM*!z?=m%gRm!H0vHJrYL58&{V^p<`GYRHpR4?G7l
z^a3P&ib86rOko3-bxHSy%RlQREoWA-7jr9$P-y8N(xN#VZ`{8iYqi5R={Zbv(Z_N7
zduA7AeyQF|Ure_v_<Ol0@lKK*%Ee(%`hV=Pf#1*O1N<toZ5(IYqgNT@-VeVqOok<@
z-qBB1+r+LLw=KwBpv*)Tb_R7L1;jz;$LT;`+mKtb2Cpgpk_-0>5Gwm36>>v@H3VOj
z*MH_vDYg5<0&<Q7Ib`1;;3oL8^K4dfof*sO#5aRTeq-cH^3Z6YE4`Yh0Pu?^X5W3N
z8~3-Xe!+;=_ul8|T`k0d0+t~`7D^3;4Uk~l*azCF+9p%XkT>|S$8^4fa~>R05rkTr
zy&&g8ZMoji*YTv-bnP(Gb+aIvi^=Tij6f)08s_%&Q<4ePTd9c>xRHbkdzxy<cx6(3
zDaUN`6cP_ay~}E%6AU%K#N>kxeXZUI7^)1vSNBSNPa#;qe7I0o>=SXdlQh^Or9Vm8
znhH!`;w2#nYyQC9s|U7kCl41^OrCdF3|T?q#Kb_cq&B~1Z_Tyx?vS@;uaGg6MIIka
zVlUN#m-8Q!jqr1y^fKksfb7zgm=zK#>UGw_m+K1|NH!E@w+0sQfp4*0y9QCUm$2F-
ze4?dCg7@I^S^G7{N$=J{zllmQ=PCUhYp3X}vk(LqicuLqouo_XWSoUG;F|tgl@T@)
zAT2B7HygT*CT(*t^|9xyx^YbFU8)FY1Vr4{DfzTh++dg*9WF>m?*3OOQGJ}W9d1aZ
z5mEi^7p!0cW-d<13k&<8Sfm)$PxZX-3b5N7Ppu)!zPy3GTap}8bk5ZD&A*r`pslux
zVkK=BOL!-xTAC&w#NTj04dmwkyCuLv|L?Ga7&sXI>;8K63)>A=_@C<@!QSpw{>cQy
zvfn+>;^!b|>!c0YFzTA<5ml>#)?*EYF59|2T)dT`#wF$%wnB4Zgt8-^cWy6CO~<HB
zv|OeK(-lx7EnbMN)rQe{)Uk*=&NOtj;S-g2lkcm};ae9QIXl{>dlhHJE2fPd+9zkk
zkw3|F@}j5_`-D287R*t&9<7bx2^3NsQSSK@X{X+}Jy+1f**#p)#JQ*&SEnC?Ep05?
z&b&Uw%h1c)8cFQ_w%&<JRFP1j;Mcuw=FyxzuBFTQZ%G<$%|{8nz(<rCZBcRs%Vd<L
zNuuF(>6Y#xsW@s~7}+vDSew$ru55v0OJ<DN*%k&(p(eK^>oWIOoB<3MPudb4J%no&
zP{&HmE#5LgfdLcQNFoY}wYD9wYFX;uaK{o5cRwr4IeVac4nFy;0%z0J!v$ln9u6*S
zxKUBmFZMYE<`gp*D(=0tn|!pf#bu*HB&tKSrGrvC#l*GN6*qSKZ!v_p!EiiaK>Wc%
z8iyBzss|rA(j7yA8r!8D&?KbLO<EFcU|oj!_J}4MOO)dbq#|rNGWe@{m!q$X%ZAb|
z2w8rq-BSd+PV`Y|_91wnTgvQPh3K`79pU#tM@V`E%TtR+rK9!P9<R$v5D=2das8#l
zy3DcWojUj|C0pG6PreRMXC8^u5$4Q_Mk1(W59^`2b{*h9R!d-Kff}P|9vxOV(g(6h
z>md-JWh(e{id=wuGZ5A8TekMy<Q(Q)45B~;N!b=&b5QV!Wvss4Y6!1s57(j0D>;*B
z`Zl5-lv&3jtyYd)7V<>aEbz3If?gZvZu5(4lv=d@T5?KYrY3Wo5+?H=3BL2l#vEWH
z%ZD|fP$bR01iZ8i@*c^#U<2%|_FBfNe4a5|Fl-Rl%7%G=qLB<YK<?H4{Iaw8v;c8n
zuY(g|oH9gSh6qql*2)M7u>d*IstV0?uZu{~^6l)e)TDlJi%v&3y>~+~Uw0}fPMTww
zlmtQn!G0cB5a}8Mkc1LRqM0|~P&^=>LK)(md~AlHDBRHOH_ae*M<*M8W4a0z`;%o(
zdo-)VZt~ULoI4OE?L6FewuTJ?K|sKdOwV1XtlFr}*$)%u`8W;85<WA|b#hYQdm*MK
z2yOs2q6WY~CPhCbpl#RaVeL71%nB|9VccB*n?!Py%i`zU7@FM=!&k~rLzqbuei?pO
ziK{)nXvv5sbWD+g2|0$|@#LQUGW!WVra`;`-ey7+5*+SUC-knkO|reryMfjSQ5QEE
z?gpve_BU)@Z`bab%VsR;E<f;dXP6f%98N+OV(d>+++l!S3kh+Z5(i=eA2GkBn948o
z%*CJ4sfH8p#KywK4(uh|U$Q9PJAu6dx2B?f4Q{98wRz7kcyMNvS-%GW7+HW{#OQXr
zJXat1n$0UNDl%2H_+$l3FY})vk85@RP_K6X4Y0!GoUD*Fn9-RkU7TFC_-uxX4lcQ#
z!%OZGdrC+jAdNpc`v#9hbiAwC!`<J4ULZM(m|8F-#rXBD;3}=}G3HQcsF&<}sZ_3%
zl>wQmtwWTkWKyx7*R5y)l#Hu`MX;C2**uUd3b!i+2fODLN!^o=M}d~-a?Hl$T6|oI
zNuCV#NkB(QNr#S<73ZT+rh@;$$nen|8M4N6h*GVo?k@TAj|dk^k2NNaQKA5wmk125
z%SrL>6>yFR;+pNVbK}X%+S1X24w((tkrlm>-Rau6X*mQ#hk8|_fxKLe`lXdrhYxlx
z4*~IMlu><c$ljrb-J+B_9t=AeZgt#Rrlc<yOTgl4i%Fi9q_CGtMV?ickldlCNi3|2
zLey&2E`%<sN3?c9@DWTsX|Dz~Nvd5sRzMu7+?Ll;_20OA$KcMsc3U*I?fjySZFTIV
zW81cE+fF*RZM$RJ=-9@|d-mD)?7I73=e+mpT{UafQ?qKV53|;KFrP8UV2RXnCjBmI
zT|nN6txJlmW<9Tz^i`Pu%47gRa%<+WT(-Z;Q&GZp*}&8hmpS>$md<J;CNOO4OI%Nj
ztcVX_l@xS5T|w^eF1{E!Ilt&Tcyo8R;SW652+$^w{`6M^Gj9I~AVE4g`kShLk3=pH
z9fP-PVMnNkrG(WE$Y6k!bajT<<TP(+_t(_Ge1Km@!g=L2c{|)?H<N_-KYI({=mz@m
zBV3-DAmmMzOzr#`7h$;rj{~`gOdsVmHWHbqgrGyVP?4uZOLY#c>MusIRs&X@L4`0i
zoeOl-L@rRUv-1xBJ_O*#-$sCZ^VhWZ16R(Su1HX>vR^>~LBL949@*jQ%Y(4%LF6su
zUMC#5)svlCtL+s1xDT)+xV-0xQsw-CGwirRC(qp!Rf#F|P^#yKusL!amoGhWtzz(P
z-%v#R*FaQIL!YYQON&=dF{&cem+Ct+<kfMF=s7D3u&9i*^_|A~%o=WDm|VD*AuPLZ
z%-Z3bN^k$RAT2pTs2&)b!+Q>iP!hLn?p;P{3rO`8DiGj$3Fw}jOV%l$C`MAvS~e^F
zp@8TtVty*8TlA6bWj$JiTz$UVgL&M*TUyff<=>qO@)`r|r04NQ*#n)f+qm<3r=??U
z3FgH5s?!sdV1{}GG0<Ie|6;2U&TM;pnp#yzx$8^3oKyBsvHV+*@4sWYS=j&WSiY&I
z{T<8EzEuE_YB8}(IThX$-fH_KvRSm}U7ArVEn$V~&^6P@I#N2>-X1zq3$4^Y&9a^7
zh5X`(>FE)#czH-=y28b}CWcpk-`s&CcEvR&?``dD%_jv(y0_ya4R!XdyzMX-XXHZE
z@E~|=QDB*6&?l&GSb=lh>;4g|V3~?26+gnxU~3N?K8665I<0G(U?9~8bjq(iUx#}b
zo_HSmkGPz8Gp3Z0laedgl}>m1>_0&`Gf+a4s?<>kobmofC&{xb-DU;d6`P=lj&xf!
z`ZEn*KX<4T#K0SR3njQ^lNe`>^r=S}B}c|PxgNyi{s&SGwx86IPFftTDnvMuA1ntW
z%PcGzdQ5lH@0Ib>6AJ?|(v4j?${$j^mjt=i1soWbRG$?r`w!EPaY6<0KlQ5ybF!k%
zbs*DhSW(4~@sb+Si5ose@`*Lk307Gf+lE4&U<gxMciFhu_}5)w3C7+jFAkP}44gwj
zO~h`1nM7ScDg6)xTL_UywMFe$*w4c&y%G>d#`%%*eBh`9+4Oe_RJO=Oe1ei=g=$li
zmB9kbNceN!=fMP1oLXJY={j7Y;yAc)R~W9bkbez#XA0XP^C;)!91I})%kMNkA1Ra`
zY?Fed1q-gQ2sezyZ}8d7b+y&}(ir<7jf_~VUx;2cx;!XLD;`1dWUAdPl#6Qh(lC&H
zvfuk#9z@ClXSL$N7(})HQ(>YW;{gDO>%lmPhcOq^-JL=izo5wzh~5n=?&hs@T*ppV
z;y=7H0T6w6c-KT%SDKG2hCm!iOLYhLO=l?DdW7}V9+;1ZF+|5z4+Zpjm7BTMNY#gK
z^THf0m81*$U8GeIj8z8hb*h0ptdSV7C&DKruj+TbYo#U%^gmhyfssfrDd!-JhXK%G
zD2itti(*uz4f*KQB1WT<nJLVr!|h}Nab|f$8&Qo#uun*B(P9(?Dw>p_Q2~};QcRhw
zGPIeP%?2RoWW}6dfd(FK>1JQm+t@CiT`gU^tCK?_E$n!m-rVQ9t~x!{GEl_k5CF(p
z7Q9}`Y|s@G4n3;oQaND#=%c^d2~{=O41wA$^=Hjx`@M*roO<Rdp~=>lE6v;`=W6Vw
ze@2}cBbQS(0obW?Evm@pzY1m@Y$_NBq0)^vWJ#hZR9c|aTOzaEv%clQtXj?47Y+i_
zBcYoW!m@)p_0A=e7M(l1uFiifG$^b{L)F&D95$>mwsZxvrBE;H>I|r;cZZ3MiAe^!
zS)n^<N?LHuQ6>BJbLI<0D#rtTvYf+7mg&ove0{#QbDwBuBfhDo+HwVE>bSaXzJPXr
zp4-GjPoc><uHYx-`Gy7fQOLQLf3d_|CBiXOTsdob!uaz|NvKI~Su4t;1|LHzA@*7|
zQw8kWF>o+&e6242MqD>=d-R#P*#AE64=O+rcF?)8pU%2^3m5MHJT_ywJI8)$+hMEI
z`*<dRj`^VZ)RjJ4{go<%m8JdkzOj<MeQ(o&KB4=Rr;u^d%o8)dniX*R;>)z0ll)O@
zE(u<BMu#L~R*RO=>r&giJiAOf6x}Krt4&{EXq!J-RoJPsWX@TuQFy2k*?4===&sLg
zuy9)g>u9&<x?4&722IuO*Wy(nKDXi$#V@<tr`0QAii^T=`vahnkncrZO*OBw04#I&
z*NfE=b#ut3zwAu9f~YSiVyX`_q!8r1J+OEBNkU7zXOgz_m4$l9O01{l^5U$3fPsg4
zes{y#K+Rj$#4$Au4ecjgZrnUm_@daUN7;5>bS)3Gt8i6CIhKmjjd97>Eh)MZq>|lw
zyt#@2Vv!}wn-0^u0nXukfz@K@O1Y(#a!l1)g5X81GKnUlB05xk`W-;Isi2&yto%$#
zSyO2-rrc7gb>|CKHuhcc2dlqy&NZyg3n&Sa2DQFTd#@uUc#<%s*xUq1Wa{h|P*)l*
z7mu_Z{j<GF=rcW~$XD$@#RS%W;D%*n`-XA-+c;qBf7N%Nm%4cdy#Pc;sZ(v*h&+ib
zV(n#<=6cpM7=d_m%~F~+5B1}Z*BjySe4`=zdZ50LUcaH#{hQ0(_$RskalyXv%)UBy
zH=kneh(N80Idt3V6)et_qLu0pntV6r!$b=rYmPZ9G412NI|kesC>8cI;)lDFt8zid
z#sd^nd1-fZ!DFG5aWj<qAK6IjN~_z~4Noo%j}W?$LF#_!_1UxbaRu0ttvFt<QOVe6
zo)vn99Wl3630mKPBa-<UbxxJyKwStmH~)AOL1cm^S(jK@3;{KVh!3q=Lc<4x*R?Nm
zufteA9j`RE&*>Vz*ZI5ck>t7un(1j8nYwsOLlDWj{w%>5b35<t$rB#Qw34OC)6d=?
z5XsVs)aLbRw8d3XPy*HF_RhK|!}M&H9$>c&s*C1q*~{|ru-f&?Au+X=^}xx1%s9Ke
zB^>5l?ZUPcra8C}&eRWQGkw-Dsn`5N=Lyfq$pIGVE5`cOy#-W#Mz|Cf&9J8IPVCw(
z9E7V=gY#V3kBKKmTL<?&?O($sRbxTLYcJ#PFf-rGW3kg+Wmn$Uu{E7HjVTZ;IDauW
zO!K86&e8yr)&3IAGpr~illr?R9OF<sR_|*~M~fA>-qy6fhgU(WbUL}RT-`3biNvBf
zji|g4{$YlrDg+^ZV~>!tkHmU7Rz2!ktnPAPbab)X*}43hd{A9J4}Nne=DQA9AULz}
zb$no9(SMqe5rKODdJFE{-w5pp0K0`jad;;|oe=2mCnkCr+wfMA?icAl)oQiiHM?Bu
ztXrmQTG=9XR=j+{cy2DnS6_(rq{PbtHjEgLGLwc_qO@cT1L2IgxiE7e?((M0Ajyf$
z)hj0gQfoqSR3<pDrrdCmund;wlvOh}@s<NXU(mq5G?-`O{TKVcK*}lKt$||JbU25p
zEidytv{hV2<lTB{sLEFZl9s!SlN`TP1k#E+(`NI*;G|iRvw?ks{#s0OY?OwnG}=hq
z5{rXH%xdvOdT2FMsIr)s-?NEu^2e-^7KrR{ox_)ggnSD;`{179WRis^48ijhp_68W
zVCmx_rv^umfEv_NWT#4~37hwyl$|lT0lmRr!31&~6^$#Nr1AtmqR*@|(dDzs>6ihl
z2Gi*BRo-5MEZ_n!ISig!Rr4Iq;i@e(9tgfL(e7i@lbiREEeX&SU#Q8`1m?#QGu1`{
zBu^P~!&!e5e+rqSt2Nri9e5wm>IYdy$RLkUj{1TwR2(s6L;F+2OmvO{MgIo+%CjFE
zaxW5pNfgKkkq%ilOGt?%qpvxELE67&7ouruzz-t$jC%yNZA}^1m7+qkk)g9lb%E%=
zAy*=2)`|NCVRku$Wg}Ru@k2T6YWV(fb@TGAj3o=?A^jZFyRH7xdyE@dQSkyV3hFI1
zolC}UP>++E;p*`uq~QHfMod`>ab^6`N&e_#&24)Ehv%={F>iq6xhV?6SO5k(g*=mN
zgR-3U+Gped^74zfqrb(eb4<CvBM=z`%7~Tbx_u(P2k%s0P(AK6f}ZgFL}KEN)0$z2
zc$O4~KjVXWN)fiSA5sFX&uCG%$yl6;U3dv()c}#}0fIK#&Xc~ctL!*wECzJ8Gt-Db
zL@VSj)9Bh!1_Ftvl`4sh(F9>L&w^5h3W9R9!h@P}2{s4yuA81+G!6V}io06am?Ix*
zVo#6P(<P(fkK(a>wdTi%u4dNYg08jIH&^D|X63T$YIfI&%CBpLt2oS!sWH=*Tg8-e
z5AlPzQrClTDB7bIKtLbcmbqE{_b^@ZC8@Mfw&~w;=F+;~?69~zu&U-s@&rO%I4FS)
z#3yipL5S3jdA6BToK>5k5kxW7Io#p;SffVEn-_0PLY==!)Dr4fhy*Os<+qgw8K8+>
zj`4F^oh4F>5lz{<Ab}iI3N`cLYTr2*{=n$;dEq2%g&^1<2$0&a1dNNXar{bNqbYdd
zk}=6b>Em#hc|~KlycM>#DPoiTbM*P=$Zv6lkdr2<Vn7CJGoZ(WIG_qwHwmxa*mWy%
zlhQ=21A_-f@vQfeKPZ}qvH6SL(6aw1ytPU6-g}kB+6~(^^eW>)RUOv6*;rhc0UlL7
zMGw=~Optka(q!&TCca5_J_5)F<NeHPuIZYP+&Yl$pCT0df90+C&t4=uE9<`-p{mr?
zZP!JSz7fL!x!=EmJUcK`jdWm!;$sKJs3?PHNx$X3o5LgvsTCwPb+=aoS?D)K;~ggP
zr@S1`@u<JaVprNvItiV9xJ`2oiFBb%q6ug*No1iW9w<=;ab&7$*obtV-cAaJ^kVIS
z3Cov{XL-(Z6qXzKND~){qZ$B_32F&0uLV<l_#jCu#NblXLIj6PMzb%k_?n6<Z)U(^
z+YLTc<H1AtA$U`Iye%Qwd|WHNgJE0_l!TmSE#QrS(S3-AW4c3^S~v`S47!e>l`_GU
z1}hP$J!~F!0BHabk+}bLv^!EzuwmODv7`hU9={BtT<(xyrtn_l#MUqei#DwUM(c#0
z4z%^W_w5M|Pj`gOY7kZGTTo=Ao*+Lt$atK99E3EdhxaU+juO0eb&ka=$(?)H;5ZI8
zi~hnW645SDJ+=>U8it~gmv;(+;o~Hd-8tHFJ7K)~#p8w0E4TS$MEMk(>lb|}4R0M$
zhKzKUc+oEj-;ACFvHc^j4rCzt%3PSo6#f-l&-w7)fDSQ;{!gAqY5RWkFeq6~7bKGk
zW35Tcmxd!ON#xdNG_B}en$nt@LeN$Qgq`XSJpP=)=Bc!@Ex43Co%a)k5rm^zrFn=O
zrJfpsLsYlF44#z!V@3G5Y_B(ft_}~cbEfNi1xG3oa5-W7@LMuiMVX|@0BKvED!6eD
z*a4PhAeScOLgp0NVd}uhm<Q#G6o`F*x4NGN0Ao-D^#vF!Tpi?vE{UH31(F(B9<9|j
z%}^*<N(tm!xyk$&yuj*GNtVaxAzfM~V4LxXpk!9@9iAKOGd^Mhh{Uw|gE?cm!vdW=
zU57#lJl^91Sb$BlrnvBn=REo?uy0fE{d3~Q-Isx2b2B=Wz3c2OgP%j{6ciiuw#<N^
z?vxR*U4|tG`#}*L5X35hfhe!F;1ee|tJx7F;3Zt<L-lZwuLE(=0htJNppmDbOP6!3
zKda9l$2j7@nYBxtMuXY~*C)zUkM^bxpruMp_N$x+58;WL7Z1<Ht*gl!<ETRwis^Gf
zcotcs6I;!9-DeT_F<%0WF%IS+zj9lc0$(9^lI&poNHXAnUNXH)`WnIrU&1A%q9{Qd
zo0TEG<6xF79fA?o?+Z3C){9j^(f&6(db-BObNPFZNcThXo`2RK4siq+bqs02WX9#t
z;)@BMumFocLgm*j&<P32I|?c=Qr4RP3-^NdxJ0J&VR0pFRc7D&*eC@k+0UdOR}Xe)
zifWd=vb>Ot)4<IB-lgVbU*|BD(qA?*<=~t(F9JAVB+E}Q0=J`vK;Po*1MjaExmypx
z^|NNzhmV!)?d=`Ge4)84eOG7Go~zwQ>z|=F&R>rPPU?IY@Gn;y^@I=FL0!aeL&4Cx
z5`aCUmtCZv*HibaqM;SL&nUGl!WX~$jcwglqnHD^kLlB6>0e1iv=iz@C}pQ;bVSN9
z7~pv)O)osUd%C&bSblcAdO=fS=vlKqY2fmU?Xgy>>(_j#nP$C5S+Rj2(;3X9Sl!b2
z|6H&a#+D*z<4Z8JpwUKl%O`7&A1zQP?h7u^C?^{l4L!nkpmgAE)}2nPtUp#(v8uiT
z*3*3ilA~0@Cz$ZU7W-=@BhV~sL2EV}bKqUdb99Kum~n{B=?ihkQr6e?cPzkXsdz1g
zpg2euJz%DhF_wN^Nq##-;j%}LVm$kPn2Tu9kYSMnQg$A0z-Zt0+rx<RC%v5Ep6<Jy
zj74~Wv@_mfB%(h+?-^W~zw(1wCn|#r*h?loKcXr?x7~(;7j;|b?*)($MuIYY1CG@>
z-dlk<VnU&TFf(w!tU-WIb7fb$3m*KTG(dkx=`FLgu|c_HH$;}MXvP<d^-*`r#zsaI
zxTTfaX&o>$E2E!2YZeH~4c-cwXH2vD+ojDc@l(KFG(BVckrqoDH3a*pTJ)41f=W>(
z5x}*785B=)XTQC@rFhWt%(R`LSSm`iXZ&%gGA#-zUt(`YtL-e!xbZH+iIeefZ^_FP
zfS|$J9|1r8_AH%9`C#oX!`pj;W{pCb`8K3RYRb1#=3v@{o~N${6Ry!4N}2f+o2u@6
z13wb2rM;|w-?mag+!}L8<QNp(H7cuZZ{UkNkhJQ@OVoq?T2(=X;ND}w)H6n2l#0i=
zAJ-x;f?&H!Dv?lAUa!&`YNYxgv*Dm#^9bx%#~&pPpQo7QPi*p6U>ze^#*0J1vZr3g
zD|DH(pYPZ{ObG1PeX*6QO2uRSxqh^%QkVH^E>1@9EeYQ6KEgY*9-OYNW5<OT!h;}7
z>Q^v#NE|g_EcXs~C+DyoDjW?@FFR-8g0-yq`2|e1k#7Bu!SWxDb+WSmFQpH_|NU5J
zwvxQ<8UvEgbWLqzsxZ#*F9UM-LO8XKJZCb*`Er=HaDTJ#Y~+Tfw}%EpMW$gPcA{PG
z?U&29socO`3_$I5wSz5BtU_FW)Ev|SZX6&@0VaVa2raM^?CEE)J_AhRf-N^2-D4jV
z$yb}Q!=`eNN2sfvDf5x?WR>#>yFc_r8^yg!kiDQ+RKpHY&y7jj)8+sUFvxR}VMaeo
zl)$Xp6CzX+mkTITR6W}JIWsO&B2)s$oD00lmMJ2<`p!8BYy=V4oLYTJIb#|^bg<cu
z;U0IdgQ2QP>LF=Z93QLijNVeTsD35#w+vkMHxKn>nf{Ot&Nni~qr}QDvq6>?wdf&v
z!eEKkX#UhZT4~V^m%_-;dzSJ?(q?JUo@O^<SRX?^GJfL+a?qgZLtplV%dK38XzT{-
zMw=e9kqt5V(J=EL$ljPg_~udiqNT>0_-iT_z=NZzosEGWaDudumQVQ6@~qaAxO8ZW
z$!NBl#aKCVoy=HTmAMIwznISzwRwp)lUXaPAB45of5fC<OZmPFH}$X~_QhePry1)H
z=D-={{~Z#iJ`g#64HYUd4|-o;H0sLoQrGo<XZfhj(b?|K-Q+ZN{%|&_;0BL5W&wl#
zgA$~@2{n*}r1>l}#-2Q*bV5D;D3O+NYnuO474Q{#OYO9Y*pm{h-o09tZ{a$U{&@^P
zz*lVl*FA9%@D)1p{o=ox5@tMZ3yl6r?bMofeNX4abFTHizSEj-;V8#YzMyI-e0u-%
zHF7Zi_YG&JZyvILH+4&n?T7(kgcEu53Z5tgoONbNckB_(R<Ysd>!s5O8bJ6%0Q<&b
zW8qLyX+A#0Blbfene1^#)|5%bIf)zqzJ!Fc!vHEOiT+vxf;f>D>Bl>6$2>Rsd^t9*
zBGFdT4xPHW8FMZbHXXKC@{D790622wKd|Wuzm^8tkt4|jCp$P9>Ll$h6XBnCoUUWu
z@ZTc{{ioSOUx(r1<8zT9_2<|UdSKsnoS||me*Ac}XqZdcFQ<MOxRO;*TJBTkOiDcy
zjfNY)ox%S!yujryk}>@6YsA9I`Cr%QKlqHkS=khwzG>Kg0lujn|Mky0I68fsOyBnZ
z%72*|7?}UvMV!=JkHKp}_TK*1?mY;eXuko0g7ETB0Akcz@ewD+itJtspslK-23G0*
zS;8@2kgTFJS*dvg)E~B~Et6w_S@8?K4Nbjc#hiAD@^evx>(+&KO`?9vpl~Yb9oaQK
zBg(0$Im896p*7BFaH+78<j}$2vyP;qEiq%pTp@(Pv%<(1G*!KIespUbTh?9zJoN-T
zm8=cVek5LVy3DZn^vYsHp(0ivU(?3HEu#upv;xK*HgIHZiz3_3rfMxbqlH3H$oxuh
zS@4t2r;t=Stb&Yn4P1__k>*uVu%aFBUT$s)Rs#!xR#mhi7B((p!4tzt8OH=@E&<IW
z?F$G(B>LhOgiof=MV6?t8sjBy(HBcQ{<(EHTR^5K6f!)qg~2GiD!8O+l1?hMbds>!
z7UkipZ;1@lu2CV?;Y<ghdaXY@M>n!@sh+B?jcAsWoN3cG(L7)8#7TZ7Vv&m9+C~tZ
z#t5N9jiL?i6_Gy_zc-MYl%c_pmA?hsSQ&5heIk{uB%_^b?4fr-Ut_InZt+i*a)*ZD
zAl5Tl5aKC)CN7{wS3H09CmX|VMN_!6wWJhi(uP`rWtgp0osnw4o*7!^CYFaE#s!@Y
zNwkeV0|fD(8rKjXO7?Y$TBY*244c;l6V#n9&|H*1ymdcv)ziT2QB-Lf*ogq=%~R?4
zNlhj$n@mc(b1Lc`XU*d9Tmx8L+k2BH(b%rRYequoC?PVttam1vD88yjC3V}$Y(+y?
z<>Nz%<d~_t&eOFEs9L=(n}<E0AA~FX6xAW>{Pdd>%RTS614E{{th*)4^t#TnIZmmv
zLnSa2>z1-Z$8k=+hXv)8)1!Pq3tN1KzA4KUr&4bK%AcnQFc6*ZM@Js-Ha?5IXLLO;
zr{=CNAMfiGmwtzD>^)O%GhZCKT0YQPcN3~D9b`dI^mIMhwl%ujQFj+psg0hx)AM(q
zk!RcOrpWA-8hX<D@-Ri8emAeUP5~k?QWm$lJznn7zj80K@&+uXW^gC5FLCSH5ST)_
zxfizvHrl&d-!C7o%eBAmUM6zCU)|cBev}zP^J(|;G~uh|^AfcdOwDY7Gf3J>$GP<T
zQfno^VAZrdk4fP2?$N&cjPA?j<HI@B_AT}1XtJiJx~AGD_sg}ri;7SCAuyTii7Bb^
zy7pd4vJa(FjiVsB=-&6CZ5zzC9Jrcd5oNFd)c(2&oDkJQ(lnIK($3Z(-{08u>*!OP
ztXGr|>S-kNY`I5AyQ<W?bG?G_jbmO3gF~*A+Y<k5MfRf+&Z2D!);bLPhFPhSn-*md
zQ!!7D7e*P{t^v{i(ssMkjj^ZQ{U->cK_P<Uq;ven(={iX19DJoUJc{4Irm^WYip{}
z;tbyXR>&?CsKFFAaW#V`2YTz-??wFYvpukAJ95m~M0(|E28o~sbxv?=c|F$riq849
zCp-p278l2yhQPn<CD_DpCbWOkx-HzYxjiS0EYl*pK-E9|x^5+xP69!F$L0Yw8y)C>
zt4)fapZCaO7{!O+s5dR=Bn4aE4`L36QuR`D@?r<sigsxICN+8)u)p_Lb7vp^$)u7o
zU-M*OY}iUZC^>rUSyx}oia-F8e}U`d=45uzB)=r89lW11>v*-@K!oSdQ1i)Kg4ddK
z_jpCXjJ~7#l>^O~bapdk8YL9VV|gM*(@I$<Eu`CvDP}S>{rHJL$WH1rA>U}wH|P)&
z_VlSu8zP$TdZ~>HZg;{w*wOyPtM_y%=I0&dx^2`&1P(K_Rn0#96+GqCr7UeuMo$ao
z_y<51wlG5!ns!H-Ce`Oe=PeDWO_7c_d}>12591!lVuO3Ct?}DJ{2lBFsEP2xyXVG`
zwqN+uwGv>pRhnDO((9$)W2~-6i>qN*=RNqHUMEs8lHOhaAR50(l9UQ^l(x@r%Z&q;
zRUYn66<(M&oczmMJVzxl!j$Y9{3O2(V<1910!=MH<5XDdw}eG=LGkm3j@~U+wsU}$
z;LpUiK7s4%P{9k>@|#z{9pM3LRc|v1SU)v$sU}k(s|i^pX^lV?BQ^GU;yiiXh>U>>
zi2WlIv7)%LA0Z?A1oj@8ux~u5-t64_DY747dUE6I`Hf}v74!Q!T<!yheq|587%a26
zc5^ILg<@v_4T2ZCE#7j|2#EJ~^t;V+un;inR%`#0oR8zOBk$V83S>P-0pGbX$7MF`
z{F>S({KT3XDvr+gxWiI6HcF0H7DZsPtR{hsZ9d{^kEuR8Y3{D3hSLt6afad@trR-p
z3ab9s%{#)0%706lJ^9qQ9xm5BPn0*9YEnvKztWKisVjaY%Yf=btsY^bGtK5CWak7t
zB!fTMYdbWWKMytu$XJrxzgaMHdGF3Z@fI<j3int6U7B_I6`Fs*x)5e&jM{VtI4k!M
z?T_<`_q1UhONxG0oVXg_H&Kx~CJFXWV3UKY)k|p>eSwrjezAP0fwZ=$ozNm0rsQ_G
zED{Q~+sX?8+yLdg0b$%*+Sx>g^(^Jn6I?b@2?d-Ydd|sk)68Pyjc$Iujam=ordJo*
z`V~P$ocrm!%!&%k4=J~0%<FLe%@Up{3-n6DU4xwi$Ly-uC3@zp-4M#iW54dEP9fUX
zd-zJRyeT)&xcVgbQeyi6V*rY%Hrij;o+A0HX6C{DI@@Xq;ag(-ZksUjqJ|V$?04Z1
zvIDhw4nG2T`#pUfJz`_WL70?7d2FkR7EEv#n=-tC_I$E5>lh(h!&7FIRUdVupefGS
zMytPvJCtxQfxQqY#mNQW!Zstn%5qFlVCQr}>?S_=6EW~1FW~J&B$y82<sG5J`uZvT
zWaWPW-z+Qp+47qBIO9bwri-<P>A*y*mq`Z#67B)bnnxQDvQf6OWCs*gFp9fpc${C~
zG<BaQTIX+VXrL#?WjrITaBBS`oCX(*^3Cj!M$kK@dt#y>d;BAdyrR6SBh4+4NPauU
z=UoD=C<)Vl01^H&dV=1b^Rk#|v3OyCA4GgwfiKM7wFV};e2BG(>!F09AKkbF$7&`r
z^GPH6661+OWf+&M#Zam|HWwk-LGU!#oEjkwe&!^UW2;j*OeiLKPGQb?QoR;@$9l(2
zB4dA%&O3)G9CGSn9Ja8p=$4wuD7=p95N0`^IcvLY@4hVd?ryC;6~%S@ye+#3ge-U!
z&qTB;Y(TFKyG^f#yf7@e0D{>ii7SpU3W1#K{)(*#v(HwX;K(TEEe9EaN;Zdz<EFT`
zOU{tw^6#TNKAZ8&nr3It%ND^d<80wK_C@m~u#sW}h@GlVor)%2PWp@^Z^1)KpLY7Q
zOKVy>XRgf{f30ZeRy7KxEb$qtoO>HnzUE#%G`OW-60HLD@Ds1st>cLM!lvDD!HnYG
zpP$<i_l#yvIj;iGkqOxZf5tq2_4rTk`D`GzaGM?Mfq44$s17P}UI-r`kvZZhJLXsR
zs(XS_UKWT_?Q1n}XifpY(2mN+x%@%8SwP%xnD2#T{94%lTqvK-mk%0NAI>}OyOo|W
z3wKuIuQ)vlg|8i~J-0IUkJ&htNdHrbUd&wx6?tvJ0#ylbwee&jo^~{;9szJD7kgI|
zQnscVHUCpiTgxJShm?1dWkeSyN*P<60=b3MF#pq-52Eau5ZgAw|Gh>afk?uaf%W<I
zjvk-tjzLtqDw$&`N&QU?`=}G{8eyVX%+r8-jYLZbLYN+pls`lSg31eQVH{L-2KhG)
zGkn7@h6qL+CQxck6)v#KLD%dR7ZFDhl?k6yu%Nt*91|F99qAD+8Rq&)0f^HvgK6{2
z(9W_qTJ#^iVP<__qovuLF+N~Oaj{kY-%2y$T=bw(23TTz<J|P_W!^`~iN3KiMIIoT
z?bPqH(I<#dZzjRx@%29K5;5nk=m-zuqfo^Hu!NM-3@&qgmbe}T1@xTT$1$q}L-<!y
zs=vswrnPsSWBH_DK1;L^rD}>p;KD0;j+E}M=AXr6&GQhY&Arc)J`uykbmsnhwZO{A
z{!i^%76#6Lw-{(j*L2)tLmSz?qkM;A9->}dS&5B69v*6`JN)stxWK+IlR?HWylY*C
z&zlSmJ}uHnknkG(Joi(Ki;GJP=uiSU!V@&ZRGImijIWKo<=|*SoRA`;__TKp?N$aG
zXpu?Ag=yg@3p$fxw@c?x<%!_R%j!qqyNBO9Q$VvpS+n^m9#B#au#%qTLr1BXuQzRZ
ziwz=9_DkdXJcNqrxQ+9SyRPy?2_0BAyU(cVwD#vAeWr>ZNHY5tSdaJy?%~<1_QZ-}
z9=~Q&IwLQX@_O}pl%jAQv(d<cqmXbtSVP6Oy%ZCN-;Z-tw>(TE;OJSqli+H!6&^^P
zWX{Pa&+w^;Sh{wuPPNei$dTP^maZ&5T4AM%sslpp$rH59bz4Eqx~G>elAi&sHQqHj
zks_?QN6L(byaotd9p22kbkC_O$5-wTT3=bIhYnoZKW&^%+>@7kctAh_Q6cAWvg7mC
zi%fb|0}K{KDK65L?mM1%zn~q;VuezpM6`d0LspNPR^iE@#^8`Q-_U&wa@4sQ)z&sb
zY#$x6S^bF+18N+~ij}4`m=Fmk4M*{q@L(eg+i{V$gGr4R<;WwAFv9_C_aH2W2LNDs
zA(81}{zAF`gtY`|^j?Dgxxx`P1}gJWx(<o&fZaHTS7788s&?>^wD4mQR&l8#XMZ<N
z4svMpW^~}o&m@;LLc|D)jvtaEETI~hD|K#H-AghbtnJxi+*hcZy^zAb!Ed)FYLg~k
zwfM8;G_qB$K5!sx28-NZ42nPpig#GLfg>j2jFDty%m5M5xTK!Obzd<-5!=E+DF9@t
zj3*SwAOJtyW`=Zx8kSt&33JIcS0&RVCU9P9a8_hu|JRb#u@(9oOKs)tsi(wxKnz_&
z$KLo0pLU8FIvHR2^!tS(><Je&_V?aX7<4ofimC7qk`NT3HqrfBUJXomid${TcQgx@
zU*uNV#R8I`PCeb<DSc((EV^P7Wc!d5j+uJ7jew{I34s8iRSpQZY<l_4jkN7uuZ{6S
zAgB;{dt2_;Zf%tSIrHE>5fp<2Psw7~`CM~8;5^q7mB6}jQcZj2WR}gn)b<dsAEySm
zrb6rzA9KY}(q#{;$j}~F6ID7M8ugw3hF4deE|_gPqFBgT?<7M1VX?bzUd0cO>sIh!
zg4L09by2By(`*H#NO@xC@^2L(C+ex&O<K|6Lp0jvPkeT3OXkrbAE$#VTtej6GBvb^
zBT?m<o^~9)>4pJrTDO;%hH~EmTVpzD|KCAaPX%p<nWcjDyWuEhvw>$4`0|*c90Eq!
zChmn~Z==0l*Y($IHz7ZzG>uSSQJwamHQpN6srwfd09}mbaA{v{-$LzHQsPTN^-p7W
z%ZnIYXFT~P_bCvab@keV=ThP|I2-2O<0W^eU1Xly4K12+H5I9QO=`7Kq3B;-4$9KU
zUd%fI+5UalE!%abuFWa*6Otz!pyAM5yXx-nRl&!Rt4Di>=54Fn<vF@%SLIL2MD-9j
z4h?SE_mzs}+_6#W0StoavTV4LB@P4y^znCQds!uQheJ;_6q)B`3}EXe7&9Tx$5F7c
z8m1L0x*Y+|#cM59-gko?j>i{FzgEe*-b#S=pS2TFOX!IOC=(pdY6Dd2zlA75ue42g
z?C1KDNfQpZ+TH3hu6=<O`V)0N`39WPB>h+@gCBeeDbT74GU$q=#)Zunp1Ig!L=6(M
zisg^qGR=qTMRHO(iS2YH_uQE9w8bsN@uW_fip+G{V<<8Eql8ujpie}07Yi@Rt`a^N
z;*xa?=?C#GlGDgjDp|_ZO~<Gb)7|D6(%VcY*2XNiVf91Djf%56nK*6d^D4P?Qc2kR
z)C|bG1gvuy+g>n@)9tSQ!KE{C{8!4P|LkwFu>JckJww}ZjRP&@>IJ<!D19jT{X%LP
z%5GqJjo7^T!i<6=XqA6u=bY{BOtoGHqf`;!-w`#Sj<D-^aW<X?*IWwTylYr&?Rkck
zcXHl)gpt*wq)q$@Pt4I<$hB4!b1n4;ThtQ!t3(5w*htD4{U1cJ0)!VDA2X!2=L-K9
z`@&sSzvI6-`sR1e`xESiw9mG=EQOihxah>(wk4YNg^R4G-(=C-xF>RGkBGuA;;!B?
zF10a_<v%2P0|a74pgV|LDuwn=xPH&N-D_5tA>B37C=YdoJQi8E>ddo@Z$}P4=d!Um
zMO8^!2||!|`dNGl<3rG*vJR{%{g9WXngSazlMWz)Es)3^Y?A*A=!3`{)W)6-$WTK`
zq!t~qO3NDKmB+c8w&(v*DMoPyDWMzElwA7|o~0EG-95|(yT1<2t61~_TRlpN0ZEI?
zYHQ>srp-obyu0-)p^zYYNUewA5>+$NM~`Ws)`$hOn4x6#S2W9fg<@uOG_yJ1n@WXs
zQ@cuqInp#wttlSF&7`6{<P8E8nlreDw!ZlF#$F(gQkI%m+OQiJ45%bm@7T5=;M_DL
z3z`e+bzcupCmGe}g)ICNz{HS3g;qiC!A(R1kjQT2XtWp%?u&zikOv5jr@GdRdXY&^
zfoUZ77XH$>F-8%#pIjKb-v_`9)!}TC>OUhmfTPnb2L+1Q!<N)_exav%>n$?uR^O62
z#cd#j1`W%r6(~&|rpwXG5rNVeGw?vukhyYp=+s^9^$yMU^hF<X>QS$9;@@!3n~Rq)
z{>_r`5jthXb{=M|soOMDqV70nV7nBw8t%TtMHtcFY>`6!rD@rdbDyGEa3ikahUW(L
zb%r57%2dk)cC1RI)PxPmUWqz`!6wJd!JI;6Y4F_WD$V<`0Ec>3ZEX<~>vZ0;h~Z_X
z4AzJ5RQ`uDv59+>JSZpXTyksxz@wIpFj^}1mMY)Uft|@qLzt^!ZN;v-`jKIriaP(2
zHJQtq82aHlQJY!D)FjUPmgc=!FUM?sqvdISs7gDh;I=hRqsjZtfbmTJp}H6awJSR-
zIg6G_tBJ*$JLi;b!zA+amGw0WXo~4n-<jNjVN&HxY0mFr0)MUK1#pUj1Mhx8WRF6Y
z6je%$FVVZaFTh^_T!!t5Dwb4xL(z#u^XiyxBIaGb(-fFge;7xDFAwxs{qyjf*<_ln
zfy@X?oxm!MZch90o<g_>Pc&b=hDtx+#gH0?B$i0g|84yG;?7mTM{N>)tuEfdq?*nB
zE5gOSNnL0>+FD#wy=uDdFB+WG?+X%k^W;k-J6N58Vu=}4*NeDK_jQoubY7I&hTp=Z
zByr-J;4kh>F(L{JlHfc{a(mj2)EzCU$Q2O6Iltzll{4pHO|}+p#!ojh+_!G>sR}xd
zXH+wlAL({BJI1HzT0C4;irs7%SO#X|HRnSA{sPlkXjpZ0nKm6*<f$1Ns(aZN)Y!q>
zd2h{`Ts?p5=AjmpXT7qYz^w8T$dWQ)6>zOM4Dl8jU8!_=Vk$%wyY=zfl60d3xyfmX
zRR1BRh8d_fq%E(Gd#Up~K34)V9Vk6E*1@$-<90EXMG<~Qi6)0pAjg>F7JTf(%C#o$
z;RhU)%rDpwMLZGy__!PwD=gTgs~FJ0?7~9gruw*u%CX!^aMF|7%&^CyZaoHkInh9!
zI$mN1!uFK~yiHdb+0JYufGRsrr!V~}H5Ea}O~Xu|dW?<d@Mo5bd;hM~FY9v+uKwX0
z1dZG}266FE5S2H($cstz3#$f-FHQ{_w2}JMDkrMmpL#n-h(y6Mhg_-AB~DC5FMbn4
zD%vdcE_OQ2t0eTrU(KzJPUN4b^#Xo%dBo*f%Q+DqU7e@Vtm}*Jkd&P@&A#qav+$}E
zt^1~G?be#_imn`t%L`KMe^F)M>J_^Q@0G}Vrr&Ss53&c}>>R0X`108K&;KDDFmU|W
z4FCV!5BOFZ_|JX-)3-3x|GfV1Exs;I?F!=-c<-K`{@9DiSTd<kKcYCqV%kQe1fE9x
zBmE35NwYNEAE@GA-pjXbI0-53!D$~%%g29y-mW#1(vKyi=9Q7sd;hpQm}8Yd_F|-&
zl;^xAC5|pg5w^BlNL;8Rz?INia%7e$h+>jT*ct&9O)yFsyJ9hC{4`i9oQo!r(vUhH
zP0T<Zv68?CFq}$ws!vB37NGQHNth0ZOG==}@^H+mEcRWoES@G7WR&YWMA0l35673R
zd4Dt)aSeM^lT(-DMH}sD0r#@vCy|q-m+2uOSH>ttnAL|YkCgtv)!?W%nx_`?(Phwu
z4Ou>b`T~LzLyE|?3yO_Kgavon_oUc~5pV}ufLT^*EdC)%=@wj^t+1fTyxU<eHEGSe
ztZ3=Y%dUWH%*(ErIlO8i(RClfSzcHje5JzrF#ZvzfeLiJSzfdSqgv{5+Esn5aavGw
z?158Mc`S<a9yTj2gqu5X1Wyg_$bWJzsg&l`*rW->`ASOFz+zIwQ#wu)eOp;XnRt6$
z-f;RlBtGvYkz@X<VNY)k^7F{f-=P}aRmKtF6NE4iR!hC_mjHHFgPv3#yya}&lN`uy
z6vD^Q#+j+y4v6(35)NGQAqGn+gHwq?^^b+GDO21i(26li9Fu_wIl3)i-0il^=;pa)
zko~T@-R2;Dw$5!2j0VcZd2^7JzZS62q22~;G^{S!FcmC3O-0%8qviC*XZ$Lecba<r
zY&6biETa<OsGTq_hFv`O;OmUf!*Vp|{R-kMv~lZRZZ~_okLn)a(X`jVx`pexU$?3!
z(!<626=bsSpBJ&)-cPT)1+hy5^toHzvh+HI>r$nDa_cY5@5kRhP*&IX<@slqWXm+4
zXS$6p@8|tb@8?a`ulG;nubZQ*Si}}tqWznTH$teI+b6^pdIDd!*PG4d*fZ`n-=~rh
z+ivf>v3c3Q=yfmmm2R8*2_s(7FI$~~NI$Qhj`@7v9-#$wH+eDjX@$H98nN!NqOkrP
z_t7xMVVS{MzzN>MjWLr>$MFc=dZkFKKJfg<Gz|nnAVwfTAaY<F4UxKFeUK6K7)k;e
zsg!uie@uiJ!H?l2u##GeFU3_7sSDNrYl4+@IZjK+;s0e=5v>Z=2OGhTVI<I!YKk|<
z{m+R|Bg8R+1YS~4@yEDxqE(^#e@)Pmw#01+I>7#K<AUyGo5luvXy9Uk@axgX`*Xj=
z_Up#(?cnbwd+b$;cJgw|_V%aU+kJ8+BFj*X{$Oo6&&{J9bDM#x(LGO|MwR(x@Z-~s
z1E_BC`c+Q1hvYSJ&kMm)cIa2i<qi~-Tp-WycaC$WcP=Q9A0uM)?&Z2cz_7n-V~UwE
z(*oEg?sKbRc+L=nxgiCM4}lZS=9rR{q$cn$izz>s>={E0upe)L1Jy2@2WAiruo7?)
zx1p;B!|57K6oyoOV|9Zv{tD>*(R=nrfqi_3w>ru}o>adM(a!^w_eYv(m!yLJXFP7Y
zhoyU|4a14RfFB4PUZ_ouJ5sN>o|_)#W!r)~Jd|4(&**WvAaZYBEqOK#R*pfM4xC^f
z(!MF+q}vNJp8!nW)P{ou{&i)C*}nWxRL<BahzJ*nTseP$23Zb%3Z4&q8z>(}n%1)m
zDzJ}*9|vjL=vgc%;aU-HHN?0jl40lCDhkEfIvjz5Ts+VDeKQLS5+6)8Cq84h)F`e%
zZjuuUnrf}u->(eaYR*oMO_$NzB+L{d_<Wh)kIxDqU;GXW)n&knG^%>C-wFlNNg@M;
zJBL(eHbUixk|~JK{!3w80xn=)F#Wifarem>Yf!kW6AsJ@1g~i?%j&KhX(L0yE&qGT
zf661X0t_I+!69;Tr3v6mOSQoBJuW#aEei|{mMQ}IS^WYMPK~K&nOB_35gvyJ*2z`+
zfnhA#xjRLs=H6mXIue!w)#*I0z`%Jo<;NQUwIKKas9`9O_5Nf=isINam42il6}!^Q
zr(}jBCg&M5IuL(~3X-`>qeljr2bj$hAn>7cZX}N-RsH(H#B~L}*7Jzcg6Il<KdD(#
zce{C|#b5z?egQ_)9*7`4vXcU?dk12m5kUr$O43y0&|T6pu+$njj=vQ8XmkA6SfKk*
zm~Bv?d$1hG#%WN)iGE@nrEuY!F<QBUcI5Fp4H>Kma)a9CFp>=qDINr1zofJIK#86^
zc?DuGLjrnO%nT<0s|G3QNk-yYk5lyou|C0{WlZY7Tt+I$4+F0FSKN^z_|8<$vB6g8
zDi4T}*2rq!;E#eCIs!%+3Zz+_7w}>Dy3tTyM?GWIplf9|!M%aJnYhW^ajr_3Y;(}$
zuhKeo#!Wtm;Ud@xYhgUZKp`r=B}Jr>w1fTa!T&l3+M~&74&-g|Tc)*S?{T9+g6fgP
zB5x@$om)Y*dVw2IJ9;8R(6i!R3HIf=HH1N7p?Mx!kJRFa1@022`d)YA4a>LTbBMov
z6Jc9=m!KU28Y*_^(To3PulJqV{Vt>S=RBfA`1uVSX*uIH<=iEJ+ZcDVA3Io`QqBh3
z<>-a{;c6G|tX=cR92Jem^|&dvItXU8tAP{{sG~V#at(rSYR=pP1u8D&U(p}qr=(6?
z%sDb%(7b7acfjm*Q(sOq9x)CtY^$v?ppa=r<3w<PqS9*`Qq@>yA@hT|#sRii#&yAF
zZ7ex$Row>^r-(+}zl-bSaXiz;dY=>uPZjDTaWi{h953K6w%HLy<|c<*mtts51ZcM}
z`ZMLA=6oFiRB-dzj4TycO-dFxzZ{f$cn1vP6iczKAs-(!NQ54cf2k`|D3!EQG`PtE
zehs&q%VNlmZLJ(kNeH85$j<c9_)c{3vR^G@pA~lujZRBF1>96aHQd$;GB<A;O$CEc
zwwrwxilQ2Q$fj94lbhj)-9zDsD8<x7QG}sEf&>7~m4nLUdN^hUA3QIIkqjZcPEA|4
zGUlbj9^S9WvwsllvwFO1qhmYKm0Q8p37N~v{|0<oru6s#CGNV}eV4cvO<&>b$Qymw
zac_!!OF%Yf3+^s01Z#$mAnPpSnA5(cLSm+%#1%Z)fDR1Dt!7(G$$;$A1#_2NU}3fH
zJ*|;Zal{fMXkdqt+EI0lb>03+K8$mu-9v|N{7iDAi4yYy0s}}<r8w4j(}ik&v@`6I
z8`9V`)qhn%S*7S%BlJ=Z$?jsQy1)0lw8~1Kyntr4mP{Ih7-d_}%=Cqqz6Vw*u4%0B
zMMJe3>E@ah3(p1UinLS9aF<>%Y8*xzgF?K^44<n4_-I_UUU2va^GiEQiY8kLIVG7v
z1YHH2kG8*taT@}^li`myVx-{NAN<!2le<NQye0RnZ%ZsON5N{fD(cx@^eVd_OIAS2
z^&MK^g4ajVs|F5CURBb+YZj`ms9s|Nc8GwPCjVGdcZ1lalreaoc2t;Un|2B7irmqN
zs_Eo2x5ZKnxDsuf!&T1bK7mvpmKmX6nXYd>We@dAx@wOZ5=s%7bdkrt4a+Yk7NYc}
zFbjE1<L~#5R$urY#rQ(|C%;>5zw}VOeC_Y*EDgYmqiwwQB!4s{?zZK>KPKo@1;wR;
zDBm7un0isYFZe14`fZ&(`pyD=Kb?N+&I5XFB0LwJVo%Qqz!!O8$~}`Tp4{992S_BF
z#F8vxDHdavK*RsPjOZoM|KAL2BF;aO1C@=T2LuV8;+I5ip$D}B@VE>A`(}#k<z4;=
zdMTuMECNq5);eejXUnctmDBlmxf|qdY9_p~t3MVqzySZE6#@+Qmm1hS^(v5iXAN<h
zO^Uss4tV|{2zh`WL0!=Hy4-L4uD!eJlf0#dMRjR0SA}GITcNxN7h3G8XJVu?u6et{
zhF+k&?C0{P%P_l%6}e*zQ`mx)>UEW_(CU5)ww%3_><+9w3W(~TH1*E)ENZ3e`FBuP
zkBg5FLIIz;JNw}d|4<S!ar{>es{dn2#K`jhltfId>>U4gNt7vDL&lCg^mL`@293+N
zu1vQ+N1*@&9j6w5PK@!6O%#+QEU$Kb@q)iSR@+a*KudP_I(cuMOQ)L6rF^)4W>r?G
zQ&MChgPEh@q<wE>c|xqv;yo>nTpXD`y!KStxOQNWtR$tRy{L3{%U+#9P)1HeaG57Y
zBilsJ8#ui@E2tW;X7$&iuzksAT)K*FSDm_PiT6Q8(gFga+QQ=fW%x_ROvcx=3|_!G
zm|e~JG(wf4+X;Q_w6Yy%tn%`B(&+LHm0F#!y(Yz|;PmHb?cYvF4x_N@o`!=aC}6~E
zlQ&e}w&>yt@vVt&TT(<+5WQ!tH+Sk6D#0}dVaCnn`*KEgp&AR3CsrGK)b3$I-bRi6
zqrNjo@QpHW3#RjkkEHZ`nl3R-%11tyM`|}R?L{=2KR8}Ag0Z$Hl%mU~>J&$43P91s
zW|PFxYfT~1ENdH2b^G1c<5G9>o5y6)Y3<XNI1S?}Ti0;Q?Kb8qZC7_J#=_Me8Al!j
zCb?Lmsw9)8Z{KK~YwvAIN1Moo87h&hB}<J(BkJE(&DP_?^xJGh0xH{VhfOL$agXAb
zHkk%tP0ccIgR)ZRkaTp1I$gn?m^CwGmzpa)OVIBv_tt8iIo`H!Iy|j^kfbYhCp0|h
zWGkDRz3G2xH6f)|LL7ZCstlBB7}RQbb6&{R?le_~z#_9N|G=(X((&O|t6H=+I+tIS
z>Dt$0{Zmd>n}@MJZOod}nmb`(Z6nnH-c&_ow4n@tZA<vGv&;8m`iigkiN5FKv4e1X
ztLJqj*Jq>W>l>Hz`El`qx&3jS8q4RUs26e@`n28o_4tvxz3?%y{&vOp`7&}3j~17D
z^7|+}7bVl(x~ANH<)E2<J{0lqN5%c;*;V%^UDp@Y$N3xI=Yt{Jm;38pB>U&vHlv<D
zj~n9#H=<w~ys5q5?;5;GM8K;ElA2!ap+1Q#NAx5pSlV+_C1^-%SRXMiFh-TBX<~RG
zjjKO!ebr|ak=}AA1HaP#q3}TpraaKT5ziHo)F@&TZjs3iSYx1WK-m$_J~mw8T&IM7
zwe+=NSPaqN5_Rep0$}(Hco3@%>36QcpI*S7KGLo`^0y6#X~_eZ-$FBci!IDjH!K8z
z@Qej-PsPjM4bGKhxhGz7!xGMHyMp=v>n}Fj*GFQlN6pI>XhgF9e#)&GKR=gW3DX*n
z|4$?UgA(nVwk%~q$m6K!Ks&>1UmdQ&=>Ad`DK3&Y+7tlzeJ70X9+k~EQ=<-p=?s+?
z`Ugmv1SkGVPacHKyYh#$c9uO*9UV@<Iq$5~WivYXDYvZ4P)9g(4hS$&Ueu;Vig1zH
z=mNT5`Cil)T>r$-#R+q2o`&UN^)=oziE?-gxakTrfI^zdV{2lx`dV12ob8TF7#kAq
zp;$Mes!Tyby|_@IRzb!6uR&BOfM2$v0;9Q7GP^yf)`{W9(;Gr4u~3OS;546tCmfAL
z0d7r$8Ue5-W4`L9!{nt1(-2QpD^Z`8A7#q05YCK(brerNEAfz#-OHf-bL6Dc9I8~n
z8lPFUO03DhSJ$E_jFF(9->$sMpsH+PeU_8rTE@vaYHA|nH&aReRF@4i948pu>GyLM
zkW^iAJ(dX&VN(?9@Br#}9|y^fbS9b#b12oaff)*}k_>xlVXSGrxY8QZYf)o)^z2%f
zA<A_p#$lllyQB@dw?_FBegBvYmR^3%GpuZvHW0Qpl7!)<YQJL-kx`zIV`ZthykRei
zH2j<c1<cYsgh}8a-OE1!?IhaYFsvp4q{Lr5E}_*1{Ngqb{1A%dH_2mm&<4fJp$sg~
zT(1~S2)eAGLW;g!5zGW2M6z<QKt)xTaT|`MhY}E$4ZKabH7lh_7^nDOXt<IUBad<0
zR#;RRFp&zHO5kRdGTP2g|N5dDTaTC*FpA17!@)fulU|L_u#uW}{s&{<7#v!+Z5i9P
zPi)(^ZQHh!6PqWtZQHh;oY+?9-L6-CyWZDbch6ZHtJaVGW7phkjT&PP;0(mPt5naG
zBpfdo7N<d>&{AlQbIY!R(m{F9A)Q4FF@;B=qZ5ZM1k1GLFFP)A`<O?VVAWrxs)7n)
z=zIYX4b+8GrSJkTg;a=(S(GP<l{kr?crygO>nI)BU|4$N%c&Sn=HnqM>p}!Tz65fx
z%wPO65J{p&z|r{kBsL>5Qt}qb;^t>j#l$wb`l~Q9+A(eSL|_B2rBBEl+-iftRCwj|
zdAILI1myRev;m_np}!(TX|N*89o`YZT*}p;EW8aDW?O|^1rEfx4zFDneqKWruujGI
zVj0E*Ti)HIv4mf|4FCwbb=?UyT>=eSnRl7PzqJk9=h=)!lI+T>KKGCuReo@^kLtZ0
zGdqbTe_S?Al$h5`clFoea7-9|t@_Gu1T8L~cX{<I1M9L&3NG_;EDEf<kh>j)R5&>c
z3@vY75FpD^nIJiEm`p&uWR7R%=E)#2;WkVx6X;fdk^!!~fYjx-lDd+u)<^*-Hz}X4
zQ0<twQ~Qw6x~35(0_#D%Q|DlzQX5E%Gnnvcs!63fCOgvTtvWd#L#8II<~=@GqYWW~
z@Q`W_Gcq0N(FC2@ylnY&hXh15A)||IbvGy)!NHbF7<vU)oUyxNEzA1S1(gd>6oa!g
zNF>VzS?#r}tD(wwYFyBhRWAl-PqS2Cc!S>Ka_e?V9Hj$IC$_9DB_2<ri%8Vg#M*rG
z{?!H`Vrn<sVIuy`PeK@WBbQ%4M6m7T-dBl5Jg4FB0XQMP4Ktw^67lmf;x`$g2kYR#
z^UkF4te9b?q|mei9+3WV+ljVV97;EB$P3WoobjxV6apa&g^emf8SM(vnlC-g5H*I2
zzKqa6_66g(E+nC(b*)Ebo2P83%{}Y*)xb)e2a><26XYqM9}&PTW!v&-Ruy9MB7}}|
zBJP#UqdJm@=i7E5IcPVML*WY7`>EuPrd1FwK7{4gW;<JK+!i6tgf5?z+7{^0dn1!z
z6)tG&uff)UP_Ra_9i<EhSe!#y$FjIst>vM>A3V(A9zB#qb4_l<pk^zlaxWkScFp))
z<_^k>g%%Z^(%}d}_B0l&fsr;XE-_)ssUK(nl%_*5v}GU=1d<tY0_E$cgOJm`67nLX
z$nI>!E&&HrEGm$Td73ozwDOFqQM7FcFX0RrY?nFTwZktF1?ik}ROZ%hSedmsUJgsy
zVDmVJSDCtLHHtKG#F<h#a{>_xuTz*^FC4>u=bpcFyK|UKJ1FT6gxxPV%XkqcWTy$)
zTzFgnZGzO5Sa1rJ_?vS@SGZLwX+I`$T?g`W#noo619CYO6r)tR9JyEnuj(KyI}4hY
z8g&Vj+O0u#JB(-Tr3wk{p!cDRb`lkwZqoR!9V>;JdzC9bb_EyRTUXafF7<`8x0&?(
z79hi9(W$H{$jWd#-Jk?+;pPwT_@Xxk)1woJ<oip-p-}JP1r{`)R6KL!(yhel=C@R$
z==Wx@t-)7P<p)SQSSt1pi%_P2vY+MP_|KI!QyDsT>zo)P*RLquAg8-VTy{?;8EJ8V
z0l%)A%QLBE4QS?}v<%kU<@m_*aEtbwtAlT0S@#IPUcdc55=J4kfk6_M)6G9OoXB(I
zUb}$@%@7F0eegk|`0;@mfKxA-BVWU&$!@_~;X?3=&T5w6)7X!W(9o;wXez6T{PFGh
zDGCQc)mo}1<RB&&?d$*o;R<%eP(7fvX9BX%OW)At8@HQhX;DnM<YD^!%e3Ax^1;h1
zI%HP_F5hc1leOu5U20ddYbNB}@8v{P4mNe{+U^QLX*)=AZKASl__y%>8iHZoDoYRy
zZ@kMz$p7dLiy)9W4mF70lELH*C2+A_QO2I9ro7uUv}M@tHA<v9b9wZ>0<<er9*6KF
zr(`tlHx?c}U7B8yc{6Q`T`r05<kg#to$dYMHFCKXIrWdA24dg*glX4B^RmeGJc98J
z+c*4mI6Bz%XQ6Ra`r<rvam(Jy*N5nS8lYsm!UZi3z^=n4YW6&r{hdgA?!V7_!Dax*
zMQ=L6%{M+*mXS?uusND|l>G6(QpMU{USWOKJ2_8<G4nfrMm|ogMJgP~5UZA8t?Wa~
z5@E!ikiZzRNZ~FSEXgC8p&$z?g{TBYX{$14K<CCU($EZNPT-D+oW)w~GPV}x+GZ!j
zGEcT;oTQZo;%xUv8+eo<#ht^z@5<I-6$`ucX5XZ>byT*|BT6i-2D9`-c&;?qkm~so
zxQt=r_J-|lEPY~PJwQb-Kt%Uw3p7^nWk5V-Z%BK#W{&}5lqB=X&M`a$!6FvhTh2uT
z#@c3<=ixla#41mXo|?d~1Fi7@<;KHX7&s3LS#l3W=PhPqeLFVe13xE(dkKL_{Bw^u
zGkD7WEX7YBnk2u=1j2BS)n=4ka@{|?giu!y@V)c(l()t+8wl^QI4NPX$DLGOqL{!-
zOg%qXIv11eA2RB}&e@p7o<EoI$536Lh|FWAFr_+sNo&}UU`Ra%%1ZosaZ-f??p2sn
zo0%?ItZ~Z=w6rQE)%%D`^aIYT-gA&aqP*ge*n)$2jQhg9^mCh}_FL0JMlNrC94%yw
z@X%^^$*T3z7X5QJKDd?i6$lrVig$+Xw4OCb=yI-ROb;G8^3z6^&k|l&=}F_DT4ih{
zSJ&tYcSgHB*39$G3pIZYQy#i*a{*_2CR==@>&G?845K)2e;YW;v;9ln2m5Z|8X(3+
z`vjELie&Sdoo^;z{^kXwhE#j;#kKqtB^8}t(s|mR2Z#Kg5YpT2gg^aUKo3<VHR09K
zw}t1q(EV%URJ)UM>BYmZ>aD1~%UiJgNB!g}%Y6F}6@!`K-<3W8P3&Nx|Bo#emooI6
z%Goi7uRl@R7Sm~@5D;jM!ZVa0tRb3hpQVRwIF{2bJC@QLw&Z#Qte2cV!j$@)2*vq7
zjy$$g52td25N8EimeHDaxMaZDGpsgb2)YAOsyUirHLLU15W>Oj)xtv8UMRZ(7HV0{
zS(o6^r;<DlS-BL5^Pl8k%UyAMW3ky|jxk7Ea~7|<&vpf}-hrH}PC0kq_s1dWtBOr&
zuAV{m*YR0=aG~0@a;-~Guay;|NbWlBR0p9s|5{cX1W=iq%e&oMRbv<H%3+7<`dMjX
z(v<N2;ic~3j?UJ@R+}x4J&8^1wE22UnD*6rAio|zH(w*$t_tWFVkz$C&M7GG(fZah
zgQdX(0Yv;`c#1d)9v^2wlrKD*_9fwpv_n-|-0zdlH?j886AC14wx;UE%@3B>20yhG
zA-alaF8j-z;j+F#$`sX&=|GTZPZ;d)leh6xd_>bHf}WIg0p8w3P#0}B;ji8J(nxt|
zlT`Ztc!;*bsEDk6mj#Qrb$?GEc0XU9!Ckxw{@RjeD)?v15L3HE2~NET#~i78(=+mc
z2~0gaY>flJA3iBsqEnF^wg)4c_(e?Zll{~5W87EK`LHuLKA#-?*bxrqlT=jUf<oV~
ze)(a*yH7<6UnI~lfjIhz_*}w7Tw$N116gP}VMl1fcmgC~%y)wnt^I~02k7)Aq0J5f
z%6d1-gOpMjlR7B82nqv1Lli>kp<K-d*0{y6u({m^kw8zv8P+%;q~K12)5nCeCur1)
z6P7by&umoDGvXXiq+44g^2%|a2?wG>k0ckWXR4A{j7{Dwa5TlR5JAykaAk=7<cWP-
zqu+_-P_L?JCDJJf2PFA}TpRuhvn3{$Iaa;?qJ%CWP|CBV)`}*H1TQ$QsKAn|EYNo9
zzRK0?R;pE`Q;=3pXRnmLuCXO%S%S~<n;S~+>_<zy&<S0r>T%Pi0}AcTrreTd_d=Yj
znJFKw;9$WSM(n+=F0k#(5yu%YByCf845+H1)1<L-T*9;d#_;=T!-hL)uSzB_%wH*}
zET`Vw67cdGBh!7Xxo>$jrnkNUhL0EGY=5ALghC}iIY0HYF@%MQ6wmI^s0lQuN9sI&
zN5bO!V}K4mQ&1|26qHV6W8J+S8X{~}g*&A4qMuB_6A8bXoR`Ao7hWp;Y0_yd1UZOI
zTwLpGlbgTKV~vzt|0TE|{4Dh&dy!s)mS@f1i;Q>7JZIL`O6f6QKrI`8i*(f{R86`(
zhU`{Ly*ak%PdWXh2=58M?uj|+-1Kgd<(F2cb`NYw7OauxkTbYMJ`T~I65vX@)Ie+p
zSvR2^t5s5H)f7RF45?h4AE2c?l^l^?%9^1(aSZ2ZkH<rTEhU$CS?|7X>B==~VjdyC
z^PGO~5NtMWv}W?68EKTBs+VqBv340*$~dskrscYO*1YaKu~vM&-Vk?@e)MV&C`b4P
z7ynu;_=obu$o}u$0RO+J8Y9#HLDiTU+5S^hZR&?;fHQ*lLo~?8PfXpej{O2MsHI5)
zK|)BuOMu`ZzeAFq>^eS!`s0_Q)TPD51~wDOv%m^rdujRhkbYHu#=F&&jva==*n%a#
z3InTbHJVRjKlKzHEDKdo!Vjr8kk7w3N-fHT)Ibtf&hpoPv}wC<96;)z1F2Mk1)Aq^
zeo7EN2}}}x5(q_tqBhAI4RqO78VQ_sa}vp(a*P^wlXItU98j**M=emE)^v$rQ#2Ay
z*rV~Ufa5R~R1rau26R3_bS0=mob9zKT|t=!bY~-@27XddL=4)m(&f2)Fq*L!1!zqZ
zbsqBuH{^51UqS|*yBL}V*gJ;g)-~&}L*Zt_>W~LTQg}AE_)W3R0GHhB&GL$PKW65O
zl~q5j^uVa0M3&a`3leNhK?XF+r=r5aI&DSq6NFBUT#JGwEgDPn>SNGoc3DIt@hoMR
zGmGUT)$QC1mko&varkFm%7Rk{*A4CI;{thifuct`Eg)q^I*(8^rweRgtMsuN4AC^3
z)>5VOw8U!JovWU@F=f>zoj~ZeDliuQ2-z*Y^^zcqu5gaomk2X@TF|$_<=R$fz?7w}
z9Pep^+GdX5R0H+MxJU~G92E1q8#+SBVE|<l<?k7QcFmbgLwOS8@`mOSj8BCd4F5h$
zBYTJ$9bFb_A~+p@zLf-#t4|$zLAp;Hi`Z7r=mG_bW>*rkv!~r>#6e{e(cS<MvV-Wj
zrS?oj3<F{lc~Cj<=ODw3C!aD@ToNa8g%o1O<G0&2Zsi{gFWc^NcX0E3-@%{WdpP?1
z99Y;oojUR3iJtNMy!zsEE2+W5>*3++mJ&xi{XCs1>G{*`D|Rrjb((oUQgQ>wGiW-!
zNNfrhpO}w$MZsvo{b=HTOY~<ucp(RGn>To2;wB8A_v0Ps_e<<vB;D1`40|Wcb(|Sv
zTn}VP&-X#j&HO6;1&zXmzTfxj`}NNIKn>ni4%iu09YwBHgPO6E?i%0T6cg#$8^u})
zCokaf!`toNK_=5n*ur^gP5<fT>qtrMgFR-#3W2BF8&+4=bq;U(wX2n#-Ph^f{lUn6
zNhDwF^_T0{QwO{r&j-e^{!unD66$7-;W<X=3O*iSps@V?(JRAt&g}PSji}Y(N`-)J
zE%pS{nW$?)tHPGK?L(x2#-n8%_C;uGo~<!k1ol$&aVT-(KSTrZ|BOiD{}~m;|0m8t
zU&*eXrHB(4M?iAQ+eEa+AnTHD0!OzHB@C!Yk36KmB+(R!<}p&xgy}!x8Us*MQ1?nz
z{IW$3a3u&}H5QGgB0(iGki|%rGkQf@>XrEXg;245PvoiX7{9r}Wx?%d@#<zY*$?rY
zuCa0c0>DA2T<bXwI<mF-Y2_iHO$U%GrnKQW(!6v;3EBQ~%^SmsBc;CP2<u05U`Pih
z7Ag8gTgUKwopnC}eiW925Mcu;HJw?|+S)$ulY`t<u87*9?1fVzXOhtDup~rq4DtQ7
zO({>%zM<K^_n5*hiyH>AZZ&mQxm;X9E3fR`sTT~7!V*&E6sgWz_Sk<*X!#d&o~z+W
z)hso*JwkMIo)g^9Ozw2xUxlT=nCqy9o{DCU08D~WM5Y0`zD7N$SkD1*poS7sR}Uj(
zivJqJDHe<)WmckcSW>ZW0OE+p6{M^V+EN}bA3NrT>RU@$D_$!|W>4l3U`!xo&NhuI
zXw`Z2revV_x%`$Hr*J(><dFYeET09O3em)nDkMhz^oyBdOJ3b^uo^2*J$1Aa7Bb?P
zUVfN2MQ{nni;$~W<ci@j(jz|lH^O!faHH)Ip5-1ul@xb!AjMYHFQ>dX%L@xeaB>|k
z0!KJfmx<+OU1L8u`S!B=aX>{ismzH0RDrtops}qgnxwy9C<Lw(s~UO~{FkKhWjN9o
zywFg{9X99Y>UUo#xi0BycJy_bUYT4lv+Wc|$-slv%o$v8v+Ye)SNevj<0)K8TO4W2
zKF9Iv7yG%=xL}Fxu6>R6{;O4+Cvd=xv}0#*LKn6+rm?&Fnk%$)S-^v|c96DZ9ZndU
zY*pvYzqgdnwc*yLvsC@)>oy#7Ci>oJ&--l*TdZwLV|M|nGM#l=!&Z;lzUUjPE5GOm
zZ8Of{h0f>OjUAe}qS{ahT&no>^8l)}&QrJ=KRNi%*0=8Z`x<Shl{jF^w3d^-%ylfB
zIMNn<nu9Pk-L8~jiYCs>ISOspHCx@1(tU^Q6xA%c4)8TwrrPB@V+Lp2XFmD{ua3LB
z@pJ7$mvu;%Ve2YROOoMKH6J^woo6RZzP?pB&Chz8=lh_1XxX;c?1mb4BFuVFXMCx$
zKf8I}eY~FDpDvy+hpsmwiP6PqW3+MF*c}}X_eY1~BZ<|-s$;Zq+c+Iv4$nrH;w%0&
zu!+;g;pk*s15&4%Rk1fZ6`x7WCT1IR@kqS?|IV{V;(tufDtwQg>%GLB&zIAMssjA2
zd&{i~8jP<Ti>l^UhbN)J_e2aAxO}SLS|xlVwY8Gqn$U8#+1~_pxV?g2BvjlEXf3k-
zwVk*Mm-ZaMo~pOCE+B<ocvDcp&7pxIL*oVHLi)v0eZY1)w9h)RVfXHzKiDkmodXKs
z4kxf>2PepIo;F-S#;efpwQ&h(-r_33LSS<H$RSsnX#vg2s_CORW=gcR5MYZ<$rK+y
zsC6XmS{jtfZ9oIARA98<gN=^l>Ov$lM+E9j^Jj3bV9I4vNB(ib?1GB~Jhd@QxmC(p
zPbK<qhDq{z6sw2`Z0XWKeq+maWCjzWKZMyhl&zopJawLCN<KJ3fjGBjZ!SpLRpnW2
zq$pIu_cLTyn8L;*WM=?KYQ(4av=HH;?CR7pl3LNi`nTXLkjE;hBq8y*UPQH=+Jan7
zb6QACo^?BxYMcvl^7COJS#JPvYGla@sa1_Q`z&dobCBp9RUHX^E3q;;B8N5Abp!bp
z{37j^WLJzuPPuhe-RBqF+cxVPJ3P?Kjy^Hl+8rYu_@GitY4MB}xFD!&KUy_ZEzHUs
zUs^Y%?<-CO!({zYIa>cB1CmxaK<dtTYNwr?VCdZtVattp2Z-MlUoJ=mi#-cCNIi{T
z0;g;>e(Dq-@Ldx)fd8=CV`gLdpRG6;nErF&*inX-Q@%Jx==CS6PninU0xWZwRQ{j?
zQgi`nvNfX!;stq=f(9Ye!PlFOZ052*Glq2elPHJtf?Ur|UQe;VJ{-Ycmg(YXx|0Mj
zW&t%6Na-AZC{P&%|MJMdz+PvttISV>l}?+_G+*HQLP+%m^Oe6~NDl682C~?GYzSRY
zfN$4;8Kma<Fn>%AzQ944Jg>3+0}HKo)fOEgjj18kQ~usEr7?H25kQALz>tGN(idUL
zz?}DYHWa%NFJO(35f|{q@W<2sB?7Y{fr1!w2#ZXC$t?WUf84x;rcz~5V>;G%@7-n5
zglOB|XNai>-Hdnp9bSw+W5py#%6`St>$51Tn()rRh8u&6c48k>JwyARb+cX~kjx}+
zH)-%}X`Q8qMFYv|Rbs3nHR{R3;90!H!gbIwmxMpB#n%y|6&`qmR9{4X@D=T0m>{h%
zX&{roJD;D{Qc&UWSFEIX48?T*8kR4Jl5J6C`kGfZK47kH`d#QCf%49*dxDcWyzI1D
zx3<~)IR_2ad_SzGKi?mOFj^@I!9;)47hyD;bm8`~)<}A)+QkCSYoR8G^!XCP)hbIz
z*M+uH*6(2nhm5T0w8ZHQz1lwLtCp`7Po216;}YI0EDy%7Lpy;0apHH8q4)_6NM`2E
z$P=0Y)EZi?WvA5EVfz9DSz?RvnDewX-%)xzIK)sgcI&xHJY@VJL-)ysUYbOxud+2r
z>$9=@O?r_`R7AGz+F-T@(;cUHwX4G14HESzr9Cbefq}YylZ0xGPg&CKkRG#eKXH-8
z``5aIUgpe2Z%iy6L8vG@Ru#;zT!?nb3RO)^BF&OBaT%(4aPomdRAWtwMoZKM*2_Xb
zE&b;Ba%lDBzko>2f28}F+nu$Q5AF7|yMF1+(vK^|su1vzeu<q)ge?w4d2(ScLGfxS
z#$dQPX$X{hO9KtQwt9EJUbU($J#M{H@&R^n6{{lNn@JT)uygpVXUnT+C9XPjfv%}P
z8DZcuyWcImkw7z?>7WReYr}=Y;!cqDMW#}1BFeYopkNbt$d6DJ{p<#)ko^?Gcr7`S
zI5gr{g@6s)_|6f`*r1-j1H{z`WETDNg#b@qVE5Lg08fE3>caV}RK>#Hu!+t@H57|z
zVgWc%zD~I@<IrQ#U<$zyVDBjVQEH;7s@OC_CEp%@gsUW+`^mwC4i;-UT;8}|AgT$N
zw?R{!<4?<a1~Q2#tRBAa#V;D`R9><vjS1A0j?A(o`|K(ANYE%XHsF&^`-V|Xgpexl
zmqk|V2CokVM++WD8v}Q`cmucD7De(k0StB+SH=!_OT&w$=Yzr0W?0}Nx1*W)cX3E8
zK`+@&x0n4q54upJ8SoVE2)q;rLE`1y=c=kmeNf9f_?55aChB#aA{3z=)aWHgX@!#W
z)_+}jR^*QWjBWk(;rr`&HXMSU74u;ruuZSdC}0|AMVa^Lh+`{>MSi2cW^aYZf?Ors
zkhwLh0j2}BeR`%+dz$GP_U-wM)Ywxt)qW23k;|=u4?dU0CnyeQEwmSe3&fApAKEI-
zr>H;}%T@@3gf#W|5>eE<#f+!}rDAsH&ekw?D-Oen&<R@t8wBs_+RLUctX3L~(0Pe7
z1Nhyg6_tx3IjQJ(rWl<vhL$BOROJ$6ZcJRrmDfO?`Yo@}tD`d4O}5aVhH*p?lt)Z@
z0}~qw<oVTD`Q3Hr+;KB5{1x>Y-r3+-%9u875|V`c2JQVb{qzszmWBQw`f#!S)ZqVg
z?>v;MWtU0+Q*M7mT`=?eYyPmCs+ak$>xE5irAaE`fkKrIngm-f&rE67hrJXM4VehC
zc6dEGJu3`Afc*N!o0G}0InL1Pv&G8b_rK^78_7Y7s{|tYHo+qymrLIm{QyEm30a+Q
z4P9Qp&M&u|JcQaZsrXQ-tBL);q14eDnStHo>)i!<(Vy`E0^4l@^p+A4>BHe9iqHee
zjxqx?<X3rtL>Pp%%9)+A@XJF<D?iBpFhjPfu>(%vvcV)YaSj>x->WFs8DXzu0V+l1
z$%HGvRAOzkER~sRCQ1f2TnMpHa{O_Tk3DxN_7{1?$b0npO(h%~?zU^g$fh5r{2)zv
z?@Wnz|8d8f1(?*d@qk};H-UbcRF)JXan-nT&MPT|R>$t<ls&jWZG!h56L&1Zn3GJF
zzq@aWzb#)wwBoe6QhyQ*dugnvuDaAX@5=Tn$?sUxpS03Bc-<7GNt~OIRHYI{x@70P
zc>QLK32!K-N~G1*VDzL;JLjAE;FBlK4D{oeXFI*!;z^1J_)u(V+<(Sms-ayLXGW-7
zP^^iL|2d*I?8P)E*sbj1kaBM>ywA3CW)+avV3Q+F`hBF9m!}Z_8)e5B*TV0>^ds1K
z#1q<|w6X426aLn!91#UxZ7X6C&)Jjieq(es;dn-KY?4?QleL(JFU83G36!8tbDH9J
zSvXP3N|uV(^{w;Jau=+j^UHj0s%7*qmqJ?3#`ctlbTSf=6%-3v;yk$wm}Jvibqh{q
zPwX0>z+?Hotkb@oH|MIncCT+XS?Y~FX>y}7{DmL%aAg6H!>R>+J!XW}ZxF?+he507
zk~c|ks!+7;h$$Qpl3@^0Q4^bys)DrFXU(Z5db3MrylB@AF}xau0_i#zdXNv!yshvb
zK6>W=%PZ>tizqR${Trh6qiO%w@gGQ6G!<fTT3~&9^zufIMW`Z>BmhPINkTV(X!Hkt
z&8=Sg9N<J|cWG;9_}{MI6}bMmAm}fPn1Zw8v~pF*<uH?oC|+16NS;||gjYbPl-EKN
z-~L4a%T{v<NO;&2lsVhE+hs0~#iCI-ohr%>m%bu^BpCbP@^9e<SI@U~8Wb-KMyyH_
zULO1<$*inXUZ#ji>rmblFGZuG>RMK^F4Yl4GVL0(q^xqRUfD~pV5f|ndWMwSI$5`l
zq~rvd*Z?P198<LXnnjZ9mdeb+IE14vXyi!yvZDEn*i^{6GDlfdd}vgMIF%6#s?1eW
zU>G3m1cJACuQYpfuk<lsG`UAo^lGatU3gDnG%$=avHHT8vyTdymE(w1yss#Qai-mR
z09rN^K!Zrr?YK;`><!mUB1ASWE;*#2DWREJpdXpMqySK~s*}oIR(oLJ$a77blFRDN
zb~9dCdvBEyHMk?zVC?epZce<WozmlezVD=eE*&~EXT^9=W092@&Fi-^PkvIewKT5K
zUf5UdRAq%_qdXaa56=;cYhnJp1L&LfdJV#<96@E02o-<45iE+#+=ot3U2fAYcUs+4
zohFl8DRPWG#8`&$>IibCIlL$n&}}$_Bam0Ce6metN}PQb+(m3@h6{`_wkhZx8a~y_
z{8iQb+n<86+YM2PzYn&7qS!x_i)jF*X@&wuNjV)2z*E^p)}Xhl;AI^KdcQx$YD-3z
zG*Amam1ELo0~L(O^nmvBYOSGT;r#o{F-Lai$6l0oD@)hsZO_8@YeNqHyX}V^@v=Aa
z4sQqbN65qLZQ``1<a&Gd!`|)f>+4g=6WC`)i9srKzE4=QI+s+qjsC!Fr_gL>{#1qY
z^Y!-8h?7Uo@9k)-=h~@4uc)S{dtk>Fr(H5M6fDFxA^NQj#dB(jhu=Of<Gt31LwN#}
zvd&R|!rGZStY70YA1+IiltUF)U;LFR+M1Qo`b8b8%PiDNi$i=ya|8_hXBV#&TBpa(
zJkD+tb0kj^>)}s}BkqKIDGz7OVwIN+oSy<C=1U!ByXNyWE<mltr;5LNGR)E9Xig(l
zfsM2Ng;RPMxL|)I4?S6fJD#UGGmP%T-<e=FXT$+vk~a~rl6;3TqNqQGS5SkJVY+0r
zl!s(CAIZ5m-u7IT*l|4_Fv++-mJA#npMI$hH(&3I)))6A{iqIAWh{5E3e|O}@S+Y!
z^2#(IyqY=G3}?HR)nB^i6qhVmmNo=eM35mvH`1&rN_tZSlU>3#s^pV!y>N>E{eiC7
zZM~n4g#$x<xwkOG*AtE3<L>RAkxLhcO(b)9Vn7#%L%39SkL>H|`MP)eS>Z)5U6MMZ
zSGaKgu9q{vu|xazt93K08+iW*3KWyGCe5h1JUA$UzrN<nZpeGx+PU`oINfTA?I~`<
z^>MC5!9mPT<LXPj<^=$$Gt!^L{S1FKTfS;Eo$rP~3JldJj1npR1p<{9+Di!H2z!V%
z$`WTqu)=@*4`Cay3DgGa2z`h)N)x9=(8B+(0dPn7L%dO*I4^={{;PmZ;I^LuW5|C9
zSYy~j5rLg6BX8#2?^;G19{9?({<{t}!QF(k7zY5VFv(Fg=c8Vhg<`61Kyb{AjoM@(
zhnhyz($g3m%|{5_>^LT`fI>FmXo)DqTH8P1U0eP_*y;KleR;7kVovm7>x^(kxxEl@
z*2L-;pI|7RllPe5gSSF4Mf4Tix}#i5H<a+y2l{Zj#{uZ@aJolp^^-ar`d5KCciP8@
zAkoCBPE&XzC!({`#%%g~A$ToQ`U2g=jwq2sQXXX^u|xm5jKbY1PRLGb$`!egbuKTo
zTqK%bv>|WdGWCn77rwTEiba?9SMX3{gQs44nD<h--a5v5a$d7>x#QZTc(FQBtk+En
zh~strogPRmbC@>Qrhw|7sKNrCUgqHeorX3uV0qty{Czk-qf%0}kKKQbD^W|}mox}V
zi>$>DOFKaKfG`!+ZcwOd#}8yC@|c-Kpa8u+6MDe9y`$hhXLfT&-g!K5L@rjBR*LSk
zc+G^4Ty+*U&ORy}1TrA}xKGx3VWjn1v}H&Z?j%xNpJ2aGrA2A*p2!cA48104h~_&y
zY+&ovZc}%G-mUw}(1Xu5s3u}|6y|c^V%`A==`QI24U3e8aBq7N{Dd8s>+!qAvDDY8
zcCSh0>4Y9(3sHx?SHl`DSNZvbAj0X78l2_LF7|8al{qG?KsTEec}#TRWQT$X41?2d
zcNyFz7)~7U0A1D3`F?q<$jA>a8yLDJS%?AWQtPYzVgyi@K#fE@8`z5ulK8c%YldWX
zI5Y@@YZ#FmL0B<UqSn(2hTWYp++MCZ0?;ee<zj_t-V})&Sf>-z4(^t@)m8^}^(%Sp
zyJJP*c_+-=RlRx7vtghWFzl}@1ky@7uIJhUXV=#p-6fnjBZ8K$og0Q%J49>A8lxx#
z=`l@)09O|{Fju2Xq^OD9yK&F_$h_2qZmCJ|s;+R?x=S5Zq&wl98=w*4S70|ZCEHCZ
zY?w+}<D1mXFu2|7NGTgZz_VfagBp_fuuBCk!wVP*!b(4vws@~>^HbiXTwjSP2$Dcw
z;;yAP!tWuCsxI`%hW2%@IkzQ<Lw8vqF)**|GM3Vk>0@XsY%Ic#budG)?BDDzYT+^V
zr_dR6?H8}Cy?K9&-hpI+^9GlWq4%)u!>=Mk29l4VE!c7qw$PzNtftV})<XYwtFvoc
zb;ot{g*CnJPwrXXhivlyTKV5|BYi0T_$;pb)V-8eY@v6&k=w-;_)h<L!T_q6>fI%O
zMH0Rz-k^N+?`pme&3@`UCisVybf@@#FDuM^LEF4P>g^`#dC;U@zbJnse&uaP={~r1
zVRk+6ZD!^<_|*I>?HqjmE9Wru|2+e&e}Wsx1LO|k5OI_^PK+RyAMd{gs7Je!5XghE
zfWl^7Z3NY;F}nZ`UY8uF{(`18C*NOt$k*VQPJ8Y3ir+Rfc4}>Y!>{VL$@@E@@cfAO
zcHX3*fnuOI(txG|ZPB3=5jbLulJY!>gpvkhfgXz$CZHCOpZ<6etFAiWmzS&_(?FmS
zhO_;Cixxo=rZcH1(zW)3!z~GT^SMtK5{r=1^4OAL=ZBA?!-?BnuBxEMWZT_snR@Kc
z^XP6-DWYZD_5Wz*XA272Vc9?fU(W%CqpK+b0sq6^c8c!sf{!nHD)kR*Ll(w=mo@)y
zG6Vww12Y5be=h_X30Ub_82|g}XZC;J60p%T{Kw5OqTRri6F25r=Yw+<MK~1#gb>C5
zc0E(#7KI`ZB$1HBBSjE&NnERxQFaB1$5RrBBNhdrP*6(J0qM!lbUkl=>z%)=E=z8w
zdzd~=ZqGEVU{7bdMZch4#=Fw9kN{1<qX9?&CcC(>^brt1kWd2vK?1UKMDMAqt?u{&
zlu*D#2M{AFeh0{l4iKn!%7F$B0lUOQ<SqlN5vXH8pd|uDN(J!q6C#M;*%2VofGP*L
z_g)6H1M$<40EGhDQxYp|o3|DqqxDSh#PZvc!y`~rQ23sxamvrZhK33eLgdndoP#(G
z)Ifx^0!7Ekv%{Q!#v*Mp%BoXKO3KeJEGPl&ha&Rl;~u$R0r2dpljRb^01J8bUId^M
z13wbj*76lV0<Z@R%i2#~`y<W+o<sg<Fx|tbaG-?rZz$jqp6HnodN^mrmB3450||YD
zTzrAA0KTo^5U2sZ)Y|yg&_i~^^~Mm$QBFex2|D*6#BzZ*QNb3~77%+q4XyzQA>N@0
z22q0sPlUJ$?A5|?@op+yAmnA{03iD0Ud(u5P+-Lj7=SQZ&xfJ{(M@hPDkEyuMBCf?
z5Y%CI^Z8KOvA~9|J6d*g23!OPco2F0wBYQ6y9S0Zp5WyJNg-O_fzyh|@nN<>Us`4m
zLqQ_~Nd`lH2?x--5llj#k+|3S*Rer8Q9*RuADG?T3lJ*sgMVPq^R)uQd;{O~@pJ3*
zQ@;UD&YbW8e>Vc?)6e3;4FO&1$Jm4H?kwHfrVZF(`+b?WqR#>am*8VSw7-0uk3r4Q
zdy(`nz3<%UiBX$7%UxC{Q0(Nyf1@fZ3VH(iyo7}Ke+cFi5MYoH0iulXy?i!I>p*<S
z;eW?h{I=%@qKnXZh}<dd@p^g@0=nXZ+5`M*NW(*t)4_;)-;r(s`5l=1LU;3>e%+(^
z<;UDpde_7F*~6viwR`qPHT{Ww^F2stYp-_A2f^)vuYb!pE3!Z2|6*5)dC}tPV(@eW
zZu^b9G$?rEC@;*uPca3Lh6wQc<7t4w(w;8uQ->Yx>>-o2=aUpY&?$si-z^^FWe7EB
z1}NZ*DpU<~5!5eQ|7P<8H&Fj3Vc?5%6dF4eeTnZ~{-+7U6Z#o45-PCZta&&afZvO|
z6v|)V;fY1O<HyJ?egQxbq)0iyeX}QEPJ%iA$RIRiASh1VO_LX!UU1)cetv<KNK#sy
zZ*|x=fau|t`$*Ck)vsnhNPMvSKmou+WbsnxS|=C#34<b{2D0z*IG8cj^}IHOZ}|Wg
z%w{c@MN@`8axN>$_qKIoboHtAHW|6GPkOVfftVRbSg)#<QC_}|^$g+;oz215ucBMw
z9N-i!<fLd2xk<&O)xwCmEf6=2g3|S|qf6Y5Xm$#p@A9jUw7+8_YWbwqsPp+N>$(~V
zMM5(~7H>z1gw12sGwveJse3h>a<+8>QgbPYWuBNVjV7A00Fc?J%Ftb(K1_=`mADE4
zns~9Q-A=)VWhzDQ>dL~jYH8ElT~ACct42&g!y~d;ss;<)??c>j;|5LJ%?o!=#Y-|*
zg{}@{8zf=oH|U#)R4kUEvJ|jcsXbU0d|AlDvWv4+sqX#^m(pQYo!M0HgJ=1uX!(~s
zEZZFQH}?Uq<;6qxa`ex*TOex<^G84A%Re=S+&F@encwBodAh1c1vC3=H%<_q>jQfk
zJPk9rjJBl4gz?9VhSX}z#F(2n`m!|C-b=vQs<w_YwO3BpNBv&!yzKD}C0tcilG;jF
zs0!g28RnaUQ&D!JeTfG&wY!;`=AJ5zjMED?4m&OVR&$aiE3g`W)k3WtkU!gR0^S^$
z6`@A6@2v}H7}-Mwayj-@*B%trUhuRi4F2#4{MOx$JlNuYYvCD112XUzlhA*-CB1S^
zqz5hq=U>_v&)(^xwc%VpCSQJU%nX#by_<f8Z#!201fW4=``NLV<=KA<Bh%^R$WiSm
zy&aoiNt_KKyaXj1Y!#aLfJ&0_`L0`Bji}+zVLpIXkqwHrkkekU9*N#YsW8O)b<Hah
zVT+Rzyk0mhA6M5BGcCxbT(G!Cs$xGmbvPAHJzh&v7lYo9@Wg`AuGnR68Get8w`%8P
zy?O%Hcg1wpgwDmDK+00?Zq}o(+ulVjdugy16SkD>w>)QAb8>aR>)th`)HJE+pS&Ll
z#Qa(j-{^I%lF`tdA?$9hl4Tfjh4<j(z6P}splRiwme{G7f*kCE#|3P(kc|?BC6sFu
z$9tR0oqiEx!y&B<h)aaT=4WfDfS7jnF@rT|ZI~UlL<UwWE#3Py_*y(jme~i2MFQ@D
z_grj78G^-=JputgGTeT+RTtANHTn{RZB7&<4-*`|N*+&ZGn+6w`R4%!H>l-Bw77JH
z_J=C^BS<+DBWzHXt=APsX!0C;<no>^<!IJ#VN~6^wx6cIh<rdl<jPamE#3hzEmW9l
zm!v+JG((bK>S#+}!(x+xHwC&pw_64m--zU%VxukmgOc3d;CvzAhFy+3!No*46^7mI
zyT;uf2<El~>R!;RZ@t~11-HL#MAi%xGskU<HDA0B6(82+<%d9r-Mu%fOn1Mf@qTi^
z0GBGd^2s5aslx_GRqj0Y>#I7qGZ~u}AuAwEnn}!Jc)+cX_Zr9|{V#$CV(iXIsm$vt
zW)GIN0|D&k153>$nV^|-B2{M>?yOxlP1~YgqrLY{m94HUZ=9=T+cNvL5&m6fp4sqf
zJ_<n;4f1j$D8eRbthug{$*F$sGw<uV`xG5J9ZUzO$rp3!Yl?esGZ(9S-`;9XmZ=NL
z?-EAkz|~RvN$$0GuxM$tV%1R&jh%KAhSKzihEK^#30J4lz}QXqD1BXvAtn>H!w)F)
z@P@@}NXxg-PcwWnPsBFyjM0hZY)X+GRDH0Hr<L|_Rs#EXFXClrC>xhM<5DVn1B;Y1
z{-P^V5!KZ(NUiIuZPfgDEtB=xM-^-UeYLBT%$(s-#5EvYwDn;&;E`=mz{D1X#zLG^
zQX%TNeE&0lYX#uE_kKl~HP}fX#^*&b@7}Nzc_o=)Ng@VY?8d9A0SN1GAAbJX3#YCr
zc|t03ocdO}dMDbBp*OUwulWJ5_WrSq79k<8`tcRV=YuW?xphv`ttsz4u1*)7c)WaH
zpc&|2k+#am+ekr;i;8+dTUs+Wk;F(|q=zNAAaABdni6~ujBj@jx%zeL9pC&Q<{Kgu
zgq<gokC}hW`v1I!PLf4?F(mU0>f$lin12GLEWL0r+L^4+Z5>t*w3T9DtQ!<rdDc{M
zp)<RhbjVYmGh9U`MaM_r6kSiRO#b1bx-(tpj0wf$t|=!yp?#y~K~T4_Ukc_?$24hq
zQWbcsRZ8baYMw4K?ZX9ie`7i%zbX~?4JQPXL3m}UDq1sb;XY)1EDhpKU)$vBFG|=<
z02j+$3wpso?+bRUhMMc5vJ;hxIotLlfv?=pS!px#{BGMqN4&?06qpSXF!SVCa!5V%
zKg&Gcy5w}IdJL2EJdjbOdS*)XZ#SqO8OEaa37=!So}^8akehjxlMW}kl~yHT6i)LQ
zU5UU|H%RX89FMYs`m;oJB55kA=w}C{S_+MdkVKMng*(^T$WR$7wNGvdOaDq<DkFaQ
z)+aDI;X@dkyooJ;d8+m(E+kYNntJcPPP_K2ZvUi<(ynl&!}H|Mu1xoJNwj7@oVx4W
z9f9pI(@A;-&ti$G9yk83?wO&3U+|9luLDyMoP`P?a~VDkvxgZC4u%P&i^boN5qEYi
zUv8=rNoPM@-I^JhdDAh!Z&PMst?6P_GX9`2P@7tOwGm5#_MGq8v_9DpIeA<0#gJp@
zfq=?@6Qxfk2hX{jy_WQ%1inoVOGBX=CpF&g>Xz@&Y{%E~_^U6km*w{gCC9OqQm;_>
zezoe#4}{~-UGI%bCM^>oLz)O9uSqwq6Vo8gL+@{W;{(ivw<Ov8#wj8HE`f*?QZXMV
z$&)VLt5}!^+t4ekM(|fnG#JP)IAmqv1UE(9@Fnkd17O~1{QGAR#UBpku%UC9FdhyS
zzOZN=Qy%*^&-LZ_r@6$5;sX7X2_Dy6iUiJ73!T;BWfa{eim1n_+<w$4$w9G7CIs}<
z1MX{yA}MD+1r^J(LIunU0al@P%P6%2Xh}^Oh}g(#ph}jEgm--(BG+yo!9lsPQr3ck
zf*q5Mo_6owX~i?QoifjhBOtS1?~e#dYmS?RH_9Ei!6|+d<svRtTWekh8%nXAOejFO
z#*QK@ix(cp-Mwb(ULUJX4~>uG^_GO%Pw)7*eIXzQ0GPxK)UDG^R?AOCI>VME0=7&6
z$E2SS6|izopAT6M*ci!YEW{T}g2<(RQ(ML(p%h}{w(^y`bU7*QHc%Fb&hfKd&r$2T
znMi=ogngzQ|K4h%D(=a8Fo%y;WM_<Kgw70d<KuatMYpYUtRW#koT>xxh^a~pHWygl
zM&*<~H117oH#OxZ@NZTmC96AgKpqYElZ)leJ3-+J_KmjAC`L;@c=i5ngVzQ;o8%}E
z+66Zxpo+2~ATVHCV=Lf@?}*SPaqCX=`s`4Aq~L3knwTj5lZ}$vKeUyYx^8`BtIz=D
z#0nbWSLJKov%|eCE94qBfFOFsT5TwxjJALmbcg?<`^6I&xadu)aI4%egUHtQ%n`ZT
zts?if?AXo+d@3#|L1o!(!uRM&Tu|>h*W@qU<<|CN{&DP66tJG!^IM^bY8pT4d3~L>
zg;NSr5n-F4RSy~4-q%!daLkK(*!tC>MAyQF!GTh@*w5(5mKi)^w2eBq%WSIw8M_~x
zE<Gp}-JA!1#^Qwo&f7$BmFEVx!L^2CgJbZTqW6wPRmkJuPW2m6tDS(~!~yiBK4%jg
z?p(7yK~|aazA&)O#pq@6xyfISvXOD}5#fQI?@vdX?^zzB2G&kX3w1Pg;xqP)JPv;~
zzH*%5xF+1v38W<!gDnX6J=-x<u!LmYeJIt9v>F^jN$SLu(vfo+z}VvqtI!ACr}l@7
zC<?D1jgOBDzfSYSTgbu)EM98FBq@7a@Rs^V9?<aHa9-+L8^1R><`HSomw@^3XQ|yZ
zs+6VkFcZyn_4b~>H7LUmuM^J*C&BU_npd+OlwYTJl(Ks%%-A5P;(ibiw;bERRZGDw
zX=2NbvrSNL%7TsMp2=%?A$+cey5wAs&(rDabPyr5@ljmeT6ANFf6NaPkFI9a(Y=P-
zIjiw(O*j#AjF-~cdnDw+VpcxK5RVJ>xiI;P@c`UX(vh<LGoAgsw?6*)ZA_)QVc@#c
zM8j38(jmWmE+C3Mra=sNw#F$J5WPTL`GRWbI#_nd97bfc!d?rhs^zyCtpbfq&{?_c
zfwtA%N|2!cYa{g0Wb@dX6jXu&+d^Cl6z6Y*17#{9>LGMVZLJ|a=}ug5()qlPa$;#J
z!r!B*!>&1|8^WnnSnIysNRpPxUbi9}6FRL8_IuH=&1p^4PCQpx*Wqj6)AsUTxfkV@
zoq{4x3B4(Ck3j9k@|3BWDnivL&8#kN_RXf+?fbh%*I{IRzP6?s=O27$&giIN_83}G
zS$f*C4~G_H#R>t_q=*Yd;%ONTg=pJo(q%chZ*L;y=PjiiWKu3#9a8TItiJ=Jz~HXh
zE_tnx4c4Kaqt<V`s)}$;613>1dDio>p8w30LK+?}IL4ZRp=gX?sfvI~(koV}c1_M>
z2_6yFlppDASXSgYGf$X-xIx3a+Vzj#m9V|k?T+Asrh|ALTp9}|BAdzT$bzVOA4{x=
zCB&r*c{KLb*?EPhbfZX?Iw^|fhH7qGKQaIPio=rP75&qF?2iR%%^11uogKFTBN_9-
zT!i4rRJ84<5#oK(9Q=?RCf95=<3>MN*|v<GTpu&OlQX;mHa(7CW#ikclM+)`CuuG4
ze(()wNunwYVd$smd{z0If)82E&3iM+^&wOv;!a#bHNoimE_Pc6EJk`8tnQ`jfR~K<
zXnTsl(N(?dVZFD>U!lP^0Lkkc_>n2ja(y3xL!j>ukb7G<{V=pHrp4Rlr{sse(NJU|
zV>#ra*$7aVRQ9&&J#vZ$69%DMi=EjW2M|7V(|PQ3k<ZgpRHiVVLP+yTcMQ$4S38Sr
z6aV^IecP-_&+by*X(8nXwla>cd9r>87#3OMyN=CQ@$271tKwN|qu0xd5QD)}Gwdz2
z!{jpmXUJLbl5H8%&;VL!VTTvCg!V6pV{|*<4Z$EEt;y?{ll1PhW8IOdXzSKj_fF5v
zvaq8m+>dy`A|iQ-8Z2YU+}ilz_NbX#GgG_pT1PbWmBi9y9GfC0U5-DWnp4id#TEEc
zJGfEqhw~y5y^cXx3K^>$q{1UfqVZ8B^16=nFb!H7sl1h*0?uOkJQXQ1pNk`+oTHsg
z)cgi+KMIe>;}Jq*9xXmUej8R9m3r=L@f2)}o5#++%pAj;V+G8v{knY~kF82hzC$Zm
zraUz^n{yy;{*iQRR9~5F3aU2PoO;q9TVFPj$itqazwRrbupjM$hqy?uKe4o*FE+b<
zMo+JqG?~pDsl=)_r86<LS-!Xu-OZ)o2p-~~;pc;Pk;?a1fn?@frE^obz!Q}n{QCKQ
z1Lxq9D<=KQ5Px`ZB|dOhNTZ?_Q&WL{*3pT$L_q-a<_ek*y`2mH6AVFky*CT>wmas@
z*PLp#evaQH6CGsR6Q{2kH7y}pCfVfqWOfoYTOnvcj^xB8#bv_syi6R?<Z08>Bf)sW
z@UWgCr5;Osc1MJci<ss}*(S4GncvqM&joo#9K8JM#yn?*s;dEIvk66=<VaS0ed=_#
zoL$AEl$g@ymi<n9SmIZ5{S+DMapz#Uu45$NykUXpHI!nQx+N-Q=X*I;Z$(i;Ws9B!
zcst@PtK3#mNtSP;!Pn76S>yR0Mrimz@VY#lKXJLXxdj4R&}pPc1C@QR11n`{s>s>H
zB~gG!dPm8~4G2u3r3#u}0=ko+=PO74$=p)?Rh`;S93PxZIFM!}qvYl{#}z>!6sRjK
zpSsjipLgk6U0H>p1P@6l!Tm&e85b<Yhy8JiRTj0S;HYZ5@T*smR)`%xv+-g{+VJr-
z4Bi1rd0*5VMa`T=EO=u3PAlYBeS3Z*dAKeA%Xt#EbIW^$K{uI2hbwB%>O4iYzDqxe
zXgPn`=U(@K5q8y^HTV71wQA{NLfs+7TU+pJz3x)T)E0??k{Tb{TBYkmHko49U6E?k
znN)Q!<r^#`cU__SLvwK_@wo}|)@^_Ap^5eT2Qq_CJ-t~`*)PafgxB2}DoPSMBZz$s
zYP@UD3KE%S9ako*`nD{6bWjet+sDJa<wl)c>hoYBg6=rHNh)8!Dr=)fnmt|-&}tRC
z5H-D1zGxmKl3%cd)^Y++S0jdEY2=;c32sj>V5c5K=Pk^kHgK@Uu9&@e7@z*d1P4+q
z3$)iFN|#d%BNSM%6@eEzlk)piSKFZlj9u1|x+wJ>9~yXjgM3S2ryrEpEItDQ3nOk+
zp|2jh!F-$2WXEk%E{uvPlQ;$0I-ElAV^FFJ%?<%eQJ>0HzKsxk>2$37#(VQN4>4ms
zCE9Vqwr-7!>L>$Z)qg#7xbW?7phgwZazwIgD4QqGEJNWE2~jz?7B5>2>KWnWp1-N4
z3IZR6w|lX7I}z?^OY|8|4ZuY*==^>uhefcvw=AcnaXw>D_rzvo(4YU&I7y>W_U^2e
z&bt1A$Ep>bm%NQPLam80=~nb}>t3KCzrze1S{6jnJ=e7p^`vU`YRqb`e3$+fy3ETj
z#*f@3ZEzfK+J>a+E~8^ld4qFiK;)l-wXs^OEO!r$rm=b<B|Qa-CBkLb-q(+mGl1EY
z+@(6puHY!}4HAk3y+N7jF0Q5`DU|U_bDy4^6?#3yH<q;S-sH(9`g51MrhI?SC&gFY
zp$3ZWU(p{#0lgVwb_hbDKxu8!vuXZjVO?l}HNpI(CCa@X+DqPjOn)0W5V{u~?wkh{
zgS2ts%(TnR$P7Rp)zOaEn0@X8Y*nWF(aG$vI+VN0NNvnO8X3;a%+OyM3>Q_&#tzOZ
zVQ+B$)>brqChE|fKM0VDnSnlYzBtM!?uTfiGt*UJNA$IOof4Om+?U|})QcHB7r8ek
zy>sH8I0$w9LrkVL`Zv_Sk)=(%u0l$u>x<js@D0)*ea3T&M`Q<T8%zDcMS^ZGl)({#
zanhp8T&2WZTip13>wMGz@brq%jw??zYK5btS&jA<``BRu^$rd<F*e2f6d4KD%~E5-
z@@WYL!DrUM%AW08e;+aSGS;jN46N(%e3Oq3Kb$0jkz_?39efIuFMlDchCj3+;dlA{
z`gjkE@&Zj;`z)sYlkcp<=`C3KmVsq9f`GH=Eaf_IaU&g#dBk`5R+EHL9`KE=Gg*y_
zWzET7<(Ei?PCe_-;<aNSeex^yM^B$v(}k4Py)0yz1Gt#lv<AZK$+23y->J-s@;Ajx
zPD-UpF{nXQD-R#YP171>#Vg8hpyxO(??hv^<>JW*!V1X2_IC)n#X<DcCTE_%vY#He
z>*pkRQp`MT<OaN`QCR`kk?N72_rK<;1M|sysOI`7i1;slSVuvawTWw9+D1i22vF<$
zJe4b786N>P0s?TPy?i0wyl5S+#gppO;u3%E3dwq#ax5#%2Iq7B7h~txq)F6h*|NKA
z+jz>hZQHh8)n(i4vTdWwwr$&*o{5<|6EW|Hn}6U$WPZxC_Fj7~{)Q_|oPtTT7~nh3
z=#qOm$$e`<V*hIZ-|wg~5+9^{xRbR_KX!t~oeM6LrwQti`urHinqMF9=Zszff60Gz
zo$aFra4EK;uxD0lomifBo9p=eK=YB!<;Fp-#7(lPQ4Oa=ece4r6YPKctF81#7kKN1
zLUAP}gU~cX$9~V1K&*0*hyLR2)y7HgPFsZG=(hCkh;0sv5KW^*Iy>30LXn^yq()zN
zdo<DE!cjor&=sRFR240>3a==>!8&}EB$_m1DcGP?<E87h9N1Xe0m;S7^DH_UJQeBa
z6<SbI=wrIYg_&(10u+m|&8I>1O#7?x_If6V?~mK{QFi?otGEaq5WkMfxNA!nj23Ce
z7;)Z~qf^#8=t&&yJBO9b-wE96;QN}P5NRxKDWoPQhis><*3Pi<HXSTyzv|-E3FLA(
zL%*T922!qaV>uZqkmQ8aL0GHCI9Gp<3>m(XX6UJ?#{E1`#H*<pI=<uttMb#KKu<f|
z?;`lVB4fTiJWr+2OO1R53CmX#{A6_R3zS3gC^)jbp$^>Fs;MhQtauMELdYjaX^ipi
z*P5?l_psEDkvy<vZZ$q|pGL8Sgx&WwFHkH4@uHd^D8t;^khZosoyJp-nzG}R0o#bv
zn!5=}Hu_tqkAYX91h>;C=n!kKLH4!igDpzQvA1u?b;>Ng|H%0M|BU%R#>dS0UtupM
zLRL=Z|H$~*I5=7UyD6|37jTv2n`e5ea1df$roXd{!tOyXrH24Gz+X5<mT<zY-^d`u
z67EtGVJuL@)xp8ZMG_AL2iXrlIo>NB?o(PjKHfLxH|{s?{4<ayi*qLljiT#)$q7)X
z2<aH4@CvhwDrmp~0w7(4i2T5a7C_>hgWny{0b&4m1P)}P?_MC7YXB6?m2z<YEQc&9
zNdEB|91tu}-@v{Bk|QEi9|B0k7i_o-1|+3W*KP}ttX=>%GVlW-5H+E$@7CTkJmn+f
zj~95IFei`!BO}uF&KVFVMmjexj35vT5hY|g?7Il%U#$GN-~mI*9sgv5G#7zCIzw--
zUESTDMD+Mw67JrX@OA<0xJN*<L7sh^-3BcI`k<gqg!Fa%Nq5LVz!2~bar}P1MR?;l
z`|zOoc+(D)aC?E%w<4<po4}`o!0#2<K(^|b`v@8b2mv^^FLpo%dbhn3UsK<zP_eH$
zaDhSz^fidV47i2}bwS*NK<ne!U6cf<>_ETkzQBVyyb0&t5E-C0v5bNsKCf{>6jB$!
z1!h6N@n%5J;oU_&Z@v0*{9{I6D&gK!QxIEVBrq^AL5>7(EBQs+xZxsu-1K|+vs{G;
zyOF;Ae{pjREMKo6w&d3MghI7tQOKy?F@RkWzsAkrhk`%_iim=Vya5B)fhHl(`(7%$
z0&8h5-4Q=0VsZ&*chJsY>Vy%1VS_jNXZ^vx@evs?fsU@BVIO~X0{ykX3;=!T@S?yr
z2G0&){r(k&TYye}Hm|p92Z8`Bs3~3m(Bs9+4LdALw@m_+`OZ(D|4rJAgnGZgPWr{n
z-=EmA2@+qRZyp06gkD4_Ac&{{VB*uXK7X~jz`h?h;CJ~7>H&CYprCJ;sGbsk*UP6g
zpiBRue&APgMmo~WW&qHKzl0q;GKk<D!tD?Hl7H#v4(4~|_)pZ~&sKaxY2(8U;N#}?
z2Pw3zFUR)>WVYx@<PUg$gvbQY-Hw9sD#4u9fX!Ym{STh1sNk$nyzpw_*d!?WAvpB+
z-5_uB9v?s(j|1lXHjK&tGqktp7*4#;B_97)e+S(K9qLh^v8g9t?(`-MGBeFz2oa%a
zRiSs~bt3f7(c=tXGNMA!6~opYEHo(L^);eC$m983Dq<f&G<q4`<OzEtuum5hDNGKC
zzzi-_op1-rr&eP=VgN!;$fKJ8an3g_A|A!-2$q7pySocYZ+W2IuKu(ApFsmY0A>Fr
zDl#?FxdzI*lNOoy#Z)63bwp>Ho7KP!bEbJj+_`FIotE7E%y_mkgJSL#FpV}>i}hG%
zPR~1&?_sajgu)4p$G~9z=TvS#x#RgUm^0Jb4+Y)=sw0V5tYhRS=$+7u9vt3#x;I{{
zsm+!5Q{Z1<8`dr6vF$1o(Q#rcLpm+ne{U-T8`Z@~jGM-*j6BOPi1m*#b;~7MT5zep
z@l>HwvmR5qbW08rsi*q3_Bqa_KH=G)n`mgY2N=x_b7=7dO3B9sDwus$Y`Q~aT{Db-
zKO|i@_7CwYdLe^0ze(CD9q9^JJa8x|3!G+6dF{3yVnkL@My?VkWZGx`xIPa2t;tyK
z7`$2OSy3YZXDGvC-h@*!gxs-`EJIvP^L;X)xKStu7g0akRF(n*==@2V=NAtciqqfD
zHM?a#j5DXr!mlFLz_Ba18Jyf9Leg6`-eNUu^0iaD=P23Wdvjj;tLf)b@%3D24XQ1b
z(IFsLLHQ<K8YlWCa7J+eBRpGYm@Cn)BRiFG%rmF0=4c}8V`RkDrs?$y&OIC9a$DsA
zcS9=}af`lFi&mZKvbg)a9=p`X<|Tv3I_qKcjzaTojd@^2F|ImmEhpD=)X#XtKf|Kp
z{#o16*Cgx5tllMT<WNRYuSMf3Ezh{T!)7K>*E6-=eK_)>aCQ8q*08giiLjTq{7(2A
z3s42afb3^*Dbuq;-T%cWFWewL0wcgkC5ro%&*XD>i6#Muk2I_OS-l_<EGW((pM7PF
za0cIgXr!)^s3OIk&@cr&=agZ<<`=4#*Lw~QfofnP#`vl`^I1b!Y-tm6E(E8}stL45
z9DqklP*^z<Nox)FtAUP&QQlvx_q2BPbPux6CrSDhJk$H*8iB4;t$K41{kbciUD)XL
zVl@qyZP-r+KP@iyFZG8gvZnv}em7aE;ZTPj!9xLe_hF;d@yLB|K1#Z`QWy7QI}vqu
za9Z^S7c><%qtL5M>(_9$@V&vCpNl|5-yh=Gw%y1%QPo!Vi7xF_xfaN#Ki1C7Gz9>h
zG8Gjo`BJ>wt+<^p=I-mobMZI3({|tW;Kj-!9ILh3<ClXgI$-uf7pdRkm<U5<%WwMA
zhV)G1zS-R6LFFX|;h08Vu$;5M9I>>l>E?A%2}q^*93JvCef^&g>i~QnX$)kE*L<9E
zMwDx?Pf?Y&bND;`)mSC%FQJ?(t?f+jdXo`pt)UP{nF(VCI*BF_aBUJ2^j7y%vTMS*
zSC>e{cudgqLowZ<7ZB*_cH>szoVW{4<SyE52lP=C-52`DfPu^cBT}n7vt-xNU{x!Y
zyL}yeKBji0g{OfA*UoK3MF0)@<&2N1O@Fd=5?t(bu$8V@rQRK|XHRc|_TRR6@(SB=
z13WIzjrnX#wnU%6YDJGoU2`s`+5T0zs{ReJq9(Y;aaE6{8+cwN(@bM@Cs%lLA}h_S
zXalyM%aZWb9<JQ$>QUBx(&DkEL(igpg9HyZwDL7u?qRJX+c2LFt)H^xaf+{MH@mNq
zg)oW2LsLQ@t;Lylv<wq{4{46_Z)DS*9{$b)%-W7z%geZDX(zLp+Z%?=jvhV+3DMIS
zzf3RuwL)O;i^i>QOOg+4ewLG5Mo?RtUbU5+5HXBMoPeKkWo5sYYD0C?uUM(hfldv6
zXNt857@DYH8?Zsr*DO#?_*2UA4hg6_w9zffQ96DtW1j)miii4rO{jiN8CTYuoQd9u
zD1L;GI(v%EpRsbJu-8H**X+CdO*S<{W{*Yl6HLcY3I0B|Gw%aTQDSBAlspD)znten
zPlPNheT50`+zL}oFtX8u2OVwRfV2{6Su!+^MEc2#S7sUTSY@Z?Jd!J$pPVPJ<<1HN
z1|}OOLLG_z^i&ddHda#p*H3_xi5ABe&24&>K)gPmQYKVotA)|)Xf>S2?Q5lpXZuWe
z{!>0~gEz}ad&5`AcJy-f8Lia0{nHk;x(;fNK<@9u+eLQ@F-??f5ym0T;p`TUa3huD
z()%M<Y--UFz%4Sbo7hFm2kVkg0_yL&4j#O_z_cQb#&&R&A5k*tu1r5K$AVPh>w8nO
zJ@1XRo-~beiZ61QO+_EtB4{|c4>^@;_mRKJA!6PEO-|N$(nR{i>p>zgS&*sZI2F1P
z%O=jL(j*G(?rr1;um^=w1g!)}zRjqlJ|nUjY~!fo*`Wqi_FoD7Cc7o;C4B>$bW)^F
zM}FggMUe#oA{jKZWQq;UGS4%R#LbeOd5E&X<yDxyqd-P)7OO`Pu63&Q+C%X8L(QAk
zXxmM@w%~9dKI1oRrAaS|i3B>U2cxwv+vr5|rX|uFJ5}|(;c3IFg)A=SneGv1;uhHi
zB0&PR=(SR5fy*sa<Z@t_s$`v(!CVKyIfqhN>DjA^uv3X&=sdW&sL7zdL=ngezR7kH
zkzZ#jW+!{U>54I)alIjPri#4(CS^WwO>oRx)Gvr>gdf9;lRi8t3B7&QER7A))hJ=a
zx!xr{DbUVJ3kyqKF82Vqwo8gm13Wn=%)mr3OArg5*A(K!%V13A9({=e5iFFE&1HD)
ziL2bhRPjIsxlEP-9;&K57`^L4SVB8Xgv}cV1Np3#`mq$-7SS|oyj1wIw6Q$$AUnu0
zx$`pKzQE>5KSZ<C(OzjN4|87Sd-D;>!%9116-YD@#O`E2IMBA=oz@g~@N=6Va0DL^
z6xVi(p4wC_yGqt%;qp~ke6b+wAb{0F`EdE`keO=J#NXC=FgJLr*^$34RDF}jHs219
zjy=O@1!@dC#%kN;t##`oWx}(U6RS@5O+=chz%KSK(r}#XfT=&PJBmw}sZtg!ja4*n
z_Sol$_TL^ysvrCYR_BDSW>$=&?!=||SS0WbIg!ldFOXhtqHcPmzabQzldYg|rZN=?
z9kKq+d1I>0_2>CqfcR<|JU&RhTnL7P;WmO@_iY{cA*8G^^-@|Aj@NT0Dn)8~?h}1^
zv9v!FoiZlVo4MjVT9}8v<;Z$Xwp%xIH+Kt^9e`FZLfZ73Bwis?L1;SD@QyXf>)%CZ
zq2|~8E=k5R9$W_;Lz&ni9A(}ycOe|^&$SOa+!;HI8|%q<e)W4_qH!0_-0?rGgY6*T
z!hp#9UPr0qu;Ryc*jszpg_~0PHKpb()=mrAK!Jr!wrz#OeC26o@oyDgwr?q+_E}(!
zEyD_KRSid1ioc79e(7gQPm<XTt#JK8jD2j0GJPOL^{>pNZLSDL`TN&-!!{*2g<#SS
z$b6Cm#Hq=M0cEd_pA(vbE&D`kLH4emQ|M2&#?0u&ea6up(zM@@?PStkK(0~lNewd}
zf_v?Aopi)O!|iXA)mt{B%Z)EH%53Y%L=w4|);9gxx!7eUcJwZrMDNOco!nfb^Ly&a
z`{`I4S_aGh=n)m?{alu6yh8A;$tLWvi-<Uw7koWcPbF4+zxm?uyjxWXi*mqodhx5&
zs&4ZDwkk@Mm4I{s&%KCk>n}DJkx#nVlv0RcqerhvXbDZ{PV+z`_MwT4w_w><!UH*(
z>QhT6xIg1YSvsT962mxA)UPh25kQlu{?q0b9<FqWGimG7MtKI(@2Cq?PE%ZGfY+`P
z*dUWHMr~U)!j`9mK32Jt<2}-kcj`75tK2=um6DyJ+`{aaa&vHzWUOLVjic1YFm5>&
z%)}8VgolZ!Qj?j-W@dhiq!YU_J{tSDa)0s8b7`R)gl*MpI=o@&Grw^p+wv;>Pf~@L
zm&YL5ul#(1yM5fYt2cE~V02mvt80T<KVVODv2JP;DO8HmWUlwB#Mo=iw#sR9-50MA
zdJj#npXj8JtWRTz<<C-+1T^*9+${D}Ow26E23A<4?wt<E(=6rD=Lx9*$?JM{U-Fy2
z;s=NEsgF>ezDg8hINqEDq6cU^d0oW{e?9-&%__V`Z?dx`$-+#Q3uNVFpV59>YTwg|
zvs2@9$e=($p~!w~`p8f!I{2ilb3p@H_|lgT=2u)UidO-AKJ!GNMK(L*b=Ib*-%OOA
zYr8cm!XpL3tjB`c3x-xA-V+1N@2yCnFi%U<0S9DIxM52XzZN^v)bcu<*$r#QCs>fr
zNQb#NNF0=;)rkJ`8_!dm`*9*SSrT;tAFCAnmFo9HG2BP>dRg<yyP~tkM>wc;ovC7X
zoTM;X-PX5<ziMHsp<MCBmT#>@PqEK#$oh4mNojJ@S5_@!J|CkEvK~F5^wi-<rg_c+
zHQ}rAWI}lctup|<gycUO8+7sNA{U}ehd5wT&HisTOE-=f`_$Gi+)*Y?GobgXww-c3
ze^j$@#J2<HkgB_ea4zee3C)Bxwen!4lKZl$CH%n6S}AD|iVVi0aWjAQT~fpNx+*sw
zFH9BxH?m=i#?~}l`%U4K(6of&2ol;KZ3gue0V4nn7xY@34`-yj2C;lG%Mxmf8F+Qy
zQdDnR|4p&$Pj};e8k{gh%dqNBz>^?ZG&@C6BS=%)<5J1^=*qG#dJR6<T(BZT0Nn_v
zwckTzu<bxPk|)6g#JpQ-F8{ze;HB1bTkX(s2|qrXz#bm<12_F!Fz32NKW*vOZrjSA
ze~7N9Q#Oy(=RvQl{TwT7?v={A=nW)~!2Yk*WzL$q#gu9HL}{16u2RAQYEy-B4#2)S
zB^OU#vpFhB44Jp7>bOsLj-s7meTV5ayuD3sI<U}7I<aKHCz2`DYwPou^}J4GkNU$H
zYrGn-symHW$gjF@@-pn3NHGQ4*y1N;+;*6reW20BmB1ih2jTrb8RBBf>T;`3r$m#%
zG;PbXU7NF{InkRizvg_(f`q(oagUSAbskt92elLJGDrs%kO`ToQ`c2ntqR;o$?MU+
zry%UHV&}$sRdoILp38Ql8cg_SQXK;J`1iP_-KpHlkh?QA70*R$6)`6xLD&UeJ{8J5
zGY6-)#V?{8cW3@-C<D+(Vx1NamtnX#XaChY*tjRr@kya-F+ArPXxd}#7(PykyTi~r
zeXS?W)W1yO+8=SFsGFm$IC{IX2ldA+#@kxj9DEsFJ-jp}^9N?5{vN}P5x{aG=scG7
zTk1aE6meRH)xtL_qtd>*XSjBcA$MJl2UX=YS_4<$j`N^KpROwV#cT?HR~g<YU03cL
zT~~7dbeC&OpRQkv33d5V=t^zv_uN5c6m6CMYIB>ot#Rpz@ah`I=U1+6(jb#oLGOM&
z`ErV=6>OacUXG9hlM)IZSItRxQMr$u#v%od>|Z!ZB+GTRJ$G*MUgVZhN=q*&(CGq6
zR=>%lGnepa1?T@PYML(6^RL-Wd-UM3IzpHI2dvk+1Tb3oCxFTg9}c1lTwd2H^aPI+
zZo7NtTC0>;=p$N3;H><noe%6TM`ER8T+sf7m}=ui4Kq6TB|PeTin@&Soo7$&xjc?_
z5VG#~AM{+Ve!cwE^LN<tKGWaoie=^t@CG@V%eDf2kixS+Qf8>7ST?DUf5f1g=(`bh
zO+SC-BkLN7Wy>Ygm*P`QJd!qDHaOd*#urJm8XeQi8_5qRZIR^M8ItRuDwiI*Ji|7V
z?_l8Ec+#;hKuuSj(8N)gqVzcQ+umDQZf*~)a=sO?P`lai$W%l)3mB?-QXfKo>D(b8
zmtU7)up+(ykFgr{fMxSLI6qI%!1pHPb37jILB#ru4i`I=n9hqjfjO__xBya9j{N<D
z5;*;{4zE+jCtm-Qkm%mAgVvsoUHgH``r0deg6L@~V%!WJBzBna=SFP8u)cZ5)iu><
z?Owpeaq5JRwdYqrGUX7!nm;UDj>oSJ@jIWhLV8+kBjk&Fj7-AIQjd*hFGsyom^k>s
zU&OKzRgF;-O8fT6fx_?Usa$Z;#xC-$RMK!qT94XOfuhCxAo3TH6mX$ZSb6`do8IU;
z3b!P^Wj(1bp8#&8a8_;#eG&>{Gy9_x@yIBX9pEQ2eI{nD5byM2TfYo7#HZSbqOx(t
zl1jxTlH3xXBJ65MBgs~N>1x9l2-~TWkddFSEgZj52$>sXO^8R+W8N6D!Q?EHJ0{y{
zXs`W1YGQl=lv0>yw%k~#T##-Pyw<#L4`Lgmu}9G~!6G1+uRyhiW4GNLlb>EdR7hI1
zC5f4=PF(vi_%eLT?Gn%2lP;xh@FN!QJa>`xwvnAHqmnrYZ$4nTS(ygjq-ZkGt$*)Y
zjCU3LBmv_;i|OLGvbuUjmrYVZlJhw7LTGe4MC~HeXK<s#KrdV3Gl8(V3HlUztHj?Z
zw)}1#vg?qoF!;=SCAs5QC?Sz*uKkCn)e!C|UIseGAo=P96*T)~%Bd6?@c}AFdSCTD
z?7iK+YqhQb#?<`Ez0YT#7i2g^rzK7Mbz7Ye!0<jjE<xHJZG<@7KIG$bt8Bj0ycsG^
zwnojidg4%4bCoH>Lh6*4#X0zSYdCZZrx8wQWGfh%5oS?HT$B~$|7?hGZAS8k6Qt_(
zacTxhveJ`3Q^F!>L`vvyRN4xzjOGFO5;F3kHAT@FFvtoS*PpIf`SWG}-(S7@6+IyF
z*?&8k7RXS9i}$!5);UVBsYp|6SnDFY8nkil`A}RNdNzL-Voqjf({Yu2wo0ot%+tK*
zMd!ZOtj=Icq~Yf^WM`(7Zn8^0tAp7WjJ}vI(sb1TEeU_Gv@cAd#OgCG)UuC}q(guO
ze#2~hYluI0lX0oY-cm(;KyYTts3mH2QEP>cTQZL!K^iCU@+L5#3uv8T>-bE|zVx2M
zUnO@oXT-~*EMA&=5X8l4VB34Y=v=3rQfn!gy6~r>`A&XkpS{ohO)*4oS2&S&C7*=;
z2Nf?!Ks>B6DPp*d+Zvf#4|+^Y<DpY(a^eP7QZdN)-D8;o33BqfFg;G#7CF3mdxA#W
z(_{oXmzG!IIg^`gZ|ZS39F6-6$?fc1^4Tt8<fTzOkplc<1?MmkSf;+%K1?|MH(st2
zo=ta9NR+DP1`)F&ly0wSTS7E;v!b9jgYvoeJ}FR>iX$MLijM5>wZ$N3uK7lX1z*Q3
zigwSW!ghQgSsH}(ot=yE?!O*on$rFmeW<qd1dW*jcMm4PmFG0>FM=VBr%fg^wA($5
zP{;1&S@5)Fe{=tC0V5wjsd$%fL6TaW5?qGZz!x=pvX>M;Zs4EYTd`23_mc|YthuH3
z!|Axul<)}C*JgJ?70U6wgj$ksG^MZL7S7bXWOBW>ha_Kubmt#L+kxLW*eoWjd;v$Y
zYlZZa-`MVU)vdDVkD0c4>qxdLC+(>`Gb&&ZS_um@9MuvO?|3c(fO?C!Z5uu{O<Y?V
zEo#!lR7u-cQ%qJ>WKqK4{<T)J>_w;Q{P8-_PDrX54@NInoQS>l^rro5Fe`@YEZbPG
zLpPhU&02P|-Dyit-{B+mTJmkx*>lidwW`wbX71fUlJKU|Jo><UMm3%`-=wh@2gMLd
z7#U&d&AjxKbl2d=%z<T>^hsbgU16-ePN6*X8RN(0dawPE4Y%C!{3rUOH(kg_u0csB
z=K^Cy!)5iFMZ<KBaSkO~?sHY$qJvdW4j4|lCZVIM6TdKa`X;h-3#}uWsnqSDL|=oy
z9Fz4_4F#igX>S3Q5V2G>M@qtZWoqo!^xl&3=wu*?A+%Pa6u;x7)qL--!6JN%EK92l
zoVH)gN3NQzN_8RhNMDb9>(tpicis6diQ@kLXWOfYS<KIg@_1|{!`mT-+dc>8BaA?P
z3~pQXWk39Qfp{|8;&afM8+3xs2=k!!S_=DN9fOn^848520@Js=vxNPapPcf%LuGTL
zl0DWk%SIgXKcgEtoIaKM?R;WOVOc}>*NWjTQK4WV{zEs<0X>fBb<yL{5M&ZK)0omt
za-)&G9lme;Py4tAN<2%Udb7^(!rZFKSB6~plIu@%NW0q`3G$bk{Z!*LLa^J)RpaGV
z<!?g`&@mBIxJego#)WwMY?E>17}myG&OEw9jmzlITSVW|<)LHy!1ho6+B6-y|A^WC
zf49j0!fgLF2l_uT8_Rz=JOAG*9UCX$zb#vcae-vn+*xixL`p1+KqliCt7XQVD@Z%l
zMYN6Xr({l_^Tr?x#}=_C5=2Zy%qg3*M&y-36p8boINJXBzImyB^0i)mpIY<g_s;8{
z@ys0@uBslPu#RaFqWq(%!3V{!fg8UvtAGUFXF%i!(1;I?ktK+575Q{cs>34IVU%Ez
z`t%1r)I|c&PL~1=?mJ*xpyr<+LkR=}g@<z-)^K3LLH+JG`T;4>9RdbV=bp!&-Gx+{
zqXY{Lmc_riJc?{;9^7wvTS49pb_PadtncjVT>#dk2&O@X7Y4=#RN)Okx02u<L!JKF
zlK@-3ARyx)yQ<SLcLWATKtS+IM+qgkvZ5Ipg7qM*cMG5g336~1*8uH>fM79{3;ze&
zlInop-6SRndhypGE`XgyfjGiQkYfc59kA>ut%GR-HgISEO+hzhBbD(RJn;kR?cS^b
zA^MH}Z_XC+o&y&&I43s^NX9@mg<U1YLkdVu<l<jOnSkw6Sndq~h{Iv0AvlK-;TfuN
z^xaGw1|(L&0}cLqb?1TGL_3Qfx;2iE?G;0PRfTXLkEFErY)V1_2^ot2JeLPPiwro3
z-ICs&nc~Wy#iz{c4gG~|YWrXfWzB9542n8G^y^Q-?Y~x7!sm#2R3C^!-Kj2-A`#FY
z2qDj&8%Xc?g*PXOA0$!lW*hXUPxjn&z%M(fV1jvwzz>qU{=Q8lpyj1sdnXUQ|9W&1
zgou6E&?6vfP}-!Chx|*9cEM8wIPPyX67su5m?OMUK;KUvFXM3H4Av~;a~J%#J1;bZ
z=A^Zy6{8R4`~D+`hqJi>2zmK{J_;ysP(&y&xXmHD&u>jJoY2n=h*$o0YDyfIfWaR-
z40pL7tF<o%P>!F9AlQGDO_n9L1uEcypOzh5xZhzD^8RP)X@}~E{a@PR{>SLepS|et
z`1F-~@{Rl3KiE)CLcF#Y2-kY6jsx5x-;qn;i~SLJKhBC3aan@B^e48$z>tG%w7|yE
z<~RuIAt>bMH35^Xh+;qsCn99yYwzD@?q{gxBvyp7Wr29RaO^h??EgU<goe8g@D>1Y
z7=1(c12~!u{q+wRZ~_+={?+J2`sbE=gDIfUfDLMD01U{RO9!-+yP*A4i`aW_S?d8n
z{4g;?#XxNtUqCobG-I{a=ty8-HvZj4ZN`1z65oor*T?6P8(-`c4%|Nz-*k>(11P{0
z8Q9{3WI|V!LO8KBrf0mbYJ5`2*F|_Z(D%NyfZoU}1>6=5kAfFkXRT@#%Zh)Zd%K+?
zsuQPdR`&XvMjhYMVd>ZSo7nlxE4<3ryQo3w!U#TbINAdf`&%c1qEW^Oj83;*OJ=bo
zb`)vt4Y$+!gf}OZW?6Etx*b}@j!Nw1{Iyjb&BSuKDMGVXS4E7E<qBzk@b{cl67M-G
zdK0SQN5u*=uBc3t1L!f7IGFo41YTWc)T?N^Il+qSewrPP!Ftq4WL-Fz0THxNX3rx2
zhNvy}1uEaF<nqJvCl;p+S4+u`!-vG}>)Fh2ASA3cbG`;?(zPNo@4U3{;#qjSbT48s
z+h0hsQ~0J4bust#soARYzifQCk>;3XoLNLUb{a1|sy*v+nNbd{UkXeZ`g+yX7}oi!
zaqR|1eh48M<x)1}#;$-N^|`$&;UrTYC(kKYrLEym*y})JMQ+ZrBg#szJvEs;0m(WM
zBnO4=%8nYv@vbv=5w1~7QJSaXp(l|RX#gG8rYN(vX4Jdx<ixYNSL7Uy&V8_vHd=GX
z;8T|f`4BUe-~J;{iUmPwGVDXw1`;=0GYw`gclBDy?TsRqxalz~kWQkL6x4b#+&zQi
zS25TJ-g9dFXXE0rAZU`7a>2aX-oX)vtMEn?EXZ56=6?(GzrGJp{7jer%yw=zEwY2i
z%BI#HQtgLa`?0&2oIz*n#qsmh6Vu`q&WTtskC!c>U=1|72#ca!iVR7y&%ob1Wp}4J
z%`dq#CFg>t$Iz9svT*Pgv41<Jce*jD884^0fL#)ZX<n{jX~~rdw5TAY&3u$fMYWM_
z<TUzj7RS|OF)h-t7iZ$t)|yLE0sVDZ{kDb>&Cla5_+laII$AIffAO>)_W@er5cw9u
zY$9*rP@_4?)5>frL98}%eLCq!i?Sx}io21V6e;wCWJOS6VY)h?^J~K?xKms0puBX7
z>U4=u3uwhsAQ@|)p2vud*mZGzkDqnh-xiK^cjlJ2qeqq+$nD}?K%Xh&Y)l**a0l6Q
z#9g4hnpuTg6zMe)q$Lo@Xn&4xQlV;99b)c<_N+^sVa!EOG$Kw^S7+~uZ+Jro^P9o;
z`ucZMf3+_biq0uLq>dmQM_qTmkT)Y!t0kjO%|<)BVz+S_;+ANsj944w<x)pK<!Yzo
z06?%t;L-N6mcd-4D4H-n@gKWLM0`|zdn>5R*E)SzkIxh?O^I29-2Qy@Y@wNau5U=Q
zKY5RZYvV_k7FE!3<GjqddQ|c{o#zr=UdxQUu^<p@@M}|wPD^heM;tNb|7?O1COp#6
zk<?El)=;(jFr|!{)%0(cJgx{0m>Kk{v}FxH4yt;1iGD0SM$xDc2r(MATbB1mhP`6!
z>iVZkVYfPpcFh;ERR7F$y=F6V34GVnHx$$O*f?b_i5&GVK$#&L;~eJhX9XI`4L)c?
z44>1yn!AGg{bys@qC(s;fUr<L%B}SAHF{8T#`DtJiM7=Yl<o6On+*6#0V@iaQv>@2
zey=R9KPj{=8d0hT!QSjH<zZlgkna33E+1k_YWJyePoezRFWt<GH1bghBAsP=O>uzU
zSi~-O2i4eMwbRfrurhkPDix=zy?7iEvS;W_C&4Dy5gW4?y|0__`zbYSZsu6lXuJcD
zHx`~^EaG1sUbnfjZ`av%oG~n``LQJTtTFh?L%y&rOg@y)OC1V~G{A}*npEkUA_h-Y
z046QB&V$(_ns(b5{8O1yuq<cc?^@%rP_M2#$*AnFgsX{#y76cu{)tHYe(8)9w<?yi
z%BnNR_ZRM0N>0)Z8@lA^uA!XNxcAuUOaVuPyt#;#x1>#GIz=8GK1`~{cL5Ozu_jK{
zj$J`^?T1xs{+DdqTdKx5*>Zox(h*xw{+MZn1OoN)!)qS!1NjqMTenHohLb<utkg$+
zkskOSEDSt1{4M#WDDgEo_EDk24DR07<+;dkPnB@zdD5>Gl6A`Ix#SMW);f2&j<W~R
zT`u?JQmp<^Ms^0hHqD_>NJwyIhvkTAevSTx1=8VPMj1C*``(4TfnmQ+-mdAewq2R5
zI%62w@?+i~fC_Gyc`%DTBKY_nA~NONLa1yPWOAWB$$6dgx_&YN8;ZN7GZ=?(4^oF1
z=Hm=uqyNsa+hhxe@ghdALguG_A&W<%Zh+L{@@9l&$_Q#`bO<JpQ-4(qZeH#2cs+{Z
zx11Gn{o3~hq3@;ZPKdv&u2%G7xbBj36=)Ex^{$KRPn%$>8&ve{x419zZa;UZCC}Qa
z7417|(G>h_BeC_QW1Lc81czm<jP2aN4d3$)eUm$|$=I$|`(*Hg<FPTKAUT0R-R13=
zo^i&&cGzzjdVZgML40_Kyg)%MTsDOpZtB4$il87eP2}&vQ8rPgNwh|j7{9OAtBE{0
z&5f}nT45@t=d?^#PU!8z#Z@@FKqBc-u#IP&&u-Mur+JVH)u-R6J#;dRme7+>s56l7
z@hel49Fc!F=;+wOF{_k^W91*EZ>)@dhCUa1o*}OtlA9S%W<hxxH(jWg@k#MFLdupj
z&SJhGC%E71M<MC_z*A&cd}~Etd)%w}hD)yryFa7u@NIHcWaY&@5KCGn5FO`KntUlL
zxI=+QaXHD_f}`LO^v+PylbgF4W?nt1#r5dvOzcL<5y8wGd;F?Umunl8v^^Lq3p)AQ
z>l8wt%SwtH*2@ZVmi>M31hHzSTrzQ8ysm#2jLi#B8=cf9F^c8!AQ{7Q`Hk6XjS}IT
z{Igy|U+N}Q^DGm3imod%U6H>m)_P4RckHUwoVA(4j3yH|v#?ESxZyR~izu6TZC5V=
z2x>p`mZ;e^OsSlaz-F+(r4dn$8Qb^Gli4BiREJPSiGq(Y-oz@*UfXgWCuPF-{QiUB
zilT7NmAIdDTw!`f-J?Wdmj1X0GYI9bSQYjaqgbK0aj<=6(vghmQt~bZn^n)>6Crlv
z2}|f#2&g3gmfd-JpJtfy5LoSNEqrNbWN%!?PXDL*hr~4|G9V~Mzk~>z6BASu`oduS
zbQAsc8+vXp1nsil!=Cg6q00vE4>vqH*-H2V@d*=~Q%Ge4WCFU;BB;!z-djRCzWCZ)
zt_sohsHhK?Jft3$kN(W@5msRKZ26yr++=9_YDdYnIyEks!kbXzP{y>O!2!IfOYIOm
zS3FAjF`giu{YDs>m6<U-PjaEAQyjVCl*H()J41x`)*J2+o{iCJCf7-9iXIwp|7qWn
z00ml;d$N`{#SCZ3wH%e;@nistQGC;ofJ@Sm??<B`ImM_Tkj*b2yBBCA3T<<e9oFHX
zy!Ipvgq)xC4`8X}AU*p98=1TOOZGUoQ5(e4_bQ(Q86|lHmmQK7-9u2x8_0qRcUB<M
zeXH5#^qf$QBkRs^O$Gm3a)x}T(xn21y^}K45D8c!TgZjCAm~pV%@{R9E8AA4G`w-S
z-Y_3X(ctb9QqIm`Ud_`D&79V%TpoTSuHpfn8oHJ}f0bpa;CCxX|2c2P#ISYs;NeWD
zkwA?IzgK8S7L28Co0Zp9g+qd#v^aZiFDU=il14S9#_xE4BE9UqkZVy3U)Mhr(89?<
zk_Rv94@ovQ9xCWk(-lMOFH+FkZk(wJqLW}#_D(YH^O_V2w?2Lvcxpa+*u?bpaVv8)
z)lbtn9bOONI@a;9&Uq~l9n<;DPva?h$KqG6WpU?AlO7@M%T09KaEX#a?pg%$12>^Q
z)}I4nQpB|{w{zDjSdnsuNgfREGPl>Hox8B;_P&hzAL{4b&HCBpQ*y4Q`oCt6sVir?
z_v6s<T$m(3%^dNGv`<D(cpKeG?AE=+g$7V4-b$y-37$!Te(qSt_5y2dWTW<KazB$|
zj6``F-vv!E$n>L1d`-CTg3n^RjN2Rb{w=-+IJoxZ%6{Sj+XpwhK;viH6UQikFZqs0
zCl9THvraoXK0WN-IpTE>?0Vcgc85-<^I8i36{V=={W(Zpm=w;KJOty<vFGQ%<uIk$
zLc&qToVfD+uJ*}z6{{jK)I(u?csN5d?mmBTNG2EDb8?tGH-drM?;mGSD%{Ty6r448
zrKpqdQvc)aMEUsE9r`O47Vo^ecJH?GVDlXv9{6`&Jx<C(xD?wC(8tFga9Ta+a4LX3
zh|8(qT@1<h_7_S}k9nzM22x^uNs*}4fHmG0wKqEhRwf_gD8=Io19N0S`zo5L9Vcp}
zErSK0R|Wwc`OWb1c`erJvg$;6<M95Jk5!{Xo5pJ@2ul8J)w~4zCmc{WgUmKsK4s21
z7US4p^jMO{4i`{2?;Y+~4{s@B+hY1C0kLA*=z;vDL(XR9fVXJn7s=X){B>=gG-4J?
z5+h%+AncWA^MLr)xmAD+pi=Mx?Wnb4vQZNoY)ZVoas^f*%JMi0VUuIq*M*w5v&ksR
zUT3hc_j);})^Q_ej<n>|`j0F@=kc11e3{czJqCWy<a>0}z*@~8|8Hh4HkT0Tez!=#
zuM+d?vv9fbv+?|B?}IQ4HS^=SG#0P^g42aPlNM}2%T@Caq@Fu)AAiTrqS7;pc)tp+
ze+Ca9w-5%qz&tT5jEKa$v&Vwyld+SrOCR!v0f^PiXC9PEp-q%FvLr-^dwM23#>)%o
z`%iP+GDvWu))%;98O!ND03yEca?EH6Wrr<4^9(`%bqAZP&Z^J7PxSjp^Y2DY&&fuO
zC`cyY{O9JCcJ~A=su)>bu_5ILNewrG0s)#s2R+|z#__tLqx-Dgo@`IELd1@?u+!@A
zi8p+H+7{qcri`~EBI-t>23*y>?C=;vb>1QMuNBYRaZi2a-^%YpdZ@*eJg?;{L&*3<
z{&NgL*_yr_nNqaEbw>=?$u1wWC>Qv7s^bKrrp5|WUI&@&=ACg1Tzbu>uLord-1*If
zN%AyZU!5mh{{{sso%G;kR`jmB?kE9?Rk$9*=zmcwR={^a7#3+xj;inF<Eo^5I^3Ib
zniQ$L!td5?Dvnm!8A;Nfs;=(<SUYv4>V7%J#q(Hx>=ogy2pzxmczwRx&r~Z9>w;vE
zaKwfd=atmRcF$?ZdJaFbUZqvw)KVGH+5U-}N(&6ehX-_9<hksPr*fDfxHh(aGnz>*
zc@1EJEIqO)JKD+Ki(D*y4DigU8`+&_fOYsdx8PEjPW+&w9+fHZ<*|JJTPZHRU>t;z
zL+3Be-n8gu{X}8e{i-I5OjFbB*8e(JMJON`Y(KL)KFAD;W00zLOKLyP+Fy2=pB>|!
zt+<hf0G_#qsHNA9e-U#+7^O~wY8BEs$ic7G-&{SP=`!bhr4kW!%FEukJ>s3#o9i-0
zoMD`aT-kE9OnxNH`fWp4qVRU4lNqeATpg090OD--Q8W3GMFF9RNX&z(943J6Sq$md
zT&!n1jIyDG<+Tb6KM5H0efhVSH?-6eYUx~a=sw+_7Iq-^%-oyeP@h|(<_?&z%4$2I
z9_v=7P?bY-#h|qY>CYD<)ra7Nk`FWU#o%sPzDz|L2cUTeOhro9Vy>w37eKuZllL^s
z@Ma5gXYg}ai4eL8^qZrf4B9z1z_i=CuFPcdcEOR_m^pu#z1UKk7Z)BrT&TZGW}>aW
zO_otJ97RiXNzI;1ETFAf%izA|b`XWZr;Yk2LIfA_m=zv|=^~?-+3$IucAwZ7=4f@7
zy%=gb95sSoc0U`lq_Iyj=ujKHOIu_H-A@<w3Sl={VsJ&K4x}+Asam=;VAja`2zD*>
zOerWTRA?z+MSo+P`n7*VC~paHpm23CYR!9wQA#`oPHx=u@wCJ)uC38R@;u72f8G9b
zk*^AP4FoA1PChY-2G(SjvC}{v4Lp~nNaT>)e0)gK6%!~CBEi^#u1V91DdS+-zfTjJ
zgB?!FYjHsD8zq`bC|2c{88T(&e9$>JT7ygOR!XxzvC$pWbRA4Ad&t1nd;2oe)(Ww^
z>ueJ|6dC$S=nJDIEA+g?opC982ql!@E7yx(eu?<Ocw}Jtw!9uXMyp438Qsk2F3or*
z1?8F!qMcQw7s4IycQ+Gc2Stw+S}H{?v|u(C#uY@TB4Z`1i|H%j>~DE9<Cvc)pgq$v
z%H>Hsz0OJmC30&v&G?Laqr`e(OKY;CmW--aWchSQaH<|Ug^6F;*{$wh<Gn{K{y~j=
z!Nnz}O}`c^eL@sNoA5T^$hyiuu?(ML&jb^c(;h{ClOIsUbIa5wjLbWmPS9d({s6lk
zX5xG~qZg}22ALivP9ea*s)H}isu1?RSF-ct$>GBpj3TY4`io&fhVo~Yi|0{F3eyX<
zpm&iX^%%$7tb|qWwV!G1`{-STH8`7siTJC(8WH}2c<QmZoNYSYXk-R2e%`75+7evL
zxiRDu;-=D@hwgkJC4TXiM=GZjBAK3)QKlG@J!Jvq$RY!q-fof<d)(>J?g9_>#{uh)
zM33D~kJBddz*BlhrjkdeQ<_V#3!o$L8hgM!8hC9^<i_Gm42c-AJ5waQ#yzPay=r;n
zglUBYci$LB*z+~#K`)AB&Zp4BTH$;CC9=?Zc*V#S8mYEhTO6SmnibdB3M&T`Ql49*
z);<q5^yy+dtz-|<DQ7UUL6D9o^RSwwytEOD>Z;pEeO>;8TGvLeDT{(B?Jl?Qb(|V@
zVgutTSYNhzIre?g7dMWM<@-54wM5o>gT6`O?#<jp=DC9k9FM&?`-H^j?XJHx|HL=@
zdobTShprV8*$$Vq#T7dP-95&8>cXcgq{g4FnZw;|C8ULKUKx)aa-N?)Zn@o0p3O?j
zH7h@A+?&Up<Y8>Sk*9`se42C=R<C`(bHil(Pi@mMDqlPm2n_)qHve;`+KXj~E7}d#
z!q6!0#-I7bp?3Eub?X8Xm!gFvVLfY_d1|opt1LB<JidRr9}4HxMpznQn!`#<`Io_G
z)=L)`<i;>wRtTj$>Nfez>XF408Qk1d1dJ5AvQ($uCH+azsk%#q4c`KUtW{CIx&Wmo
z9@!pQSmlcq2CDAv87|<+z9^3g`L_CBV6G*8on|sXBrfmBt8NJVetl*){lsNCnbdZ8
z8<sQISC}PC_N2mLQ&8uxpJqL5RJ(2pWG`pa&)z=pRMIPIz$E0uF83>;+1g;3E>wc)
zP8OARM0%@s4@-<-;<6X}mU6)MYMD`^#=)<wR%HjDYcoVwS1;ARMVDjl1UXQf)H6ku
zQv9D%1^-lEw%LM`E=|e<T<!DgjM|G`h}?<l$&D$^y?6@PJ)n}m^<3u6GNrbtu{oP6
z!K#Hqli!VG8);4Tx&D>^l3M(o{TWS_vc+#YgmT)jX1;{J;3=o3mMyZhp-Vy?_e*$N
z7!dk&xsPTr0!dT$sH+GhwSQ^-nF_Q)a3&gJUYDI(tO0n^b2-C&U8Y^OAvU5_jnFhE
znUC){StK*FZ!{D2@DU1PW$11A+fE~hT;@<4()rrkZY@c~(vs9FZ_we`*+0GMo!q-1
zTHCC<it2f&bQpBWo39;1_AGHh;oUe8uq_14euu;Z%qoc=u}%08@5iPkPmUh%Y8;fs
zC6o0!OWzxh1!0~nQlN5@>0=%qE8YI&FqG>>r;rw5&z+fv!aBmF6i$#26!vYsMa+a}
z!9H&*qABrbmH_;Q92r;{`dc8jjlS=z^V0o?nb3yx&H}&ict{>7dhTALLZsu2^@el|
z{1HbcPGzw}?T|LdGkKkJuKP|@bxFy1H!}*>j=R9XRK~{3Vj|PCal1<LuCJw+mp3^)
zys;O!24OAVdH|VFg_Mfk@`hA9!;kyP!443#JNVLW_Cvn{S~qhFd*@$<fO{<>{lY@r
z$bOtM0Hv#LXKCFp3&o;eG3!UteQdTWY<nc@YD6cE3j*3yE?)h`r6bGP$HN4ky3+^d
zpiG5u2K&u4i#-9S;x!7n?<+**<m`WpSM+~ewz`}7+(jFsc3vng)kggKs71Y90(13e
zE*o#SZ-0Qk(Tr67BX9eEhw}cfx{`(E{}?L&sViCjbFGb?g^}aGU2F3IS6SRz=9?$n
zx(aX!b77ZomxKp}gJT|r`!!FsMFurbv{hW>A{h}7JpVf&IC$su!u!Ve=BIc0rCQVa
z*gf~_()XF~W6j*`7i?h-a9kJfBzzG_5U~fC#~T??q!xr3$S07WACaD)pP&vpx-b9)
z<Q-?klo6tRupdzN*B^koCD;N*T4E9<fZS}L&}WPQB_IGrNJvaXNZmh!fOvR<@skDR
zoCZX>=JopuSgR{w1V9NDJ5d1T{NM=5%|#Ud@%aU10O<q-_IF6M-M<s`P*?EUAfFC3
z-!#erq@CCuY+VQl0zilveETL2<wivTHX!>uZf0U4YGoO18rIo8d2biOBM?ar$QKd!
z@EW=S@{<}X-}VCLT^XB!9=2~58t!Mp0LWRuW33|yNCF51;&;A7Q557N{vo`;H9SCJ
z1?;pfFyB9c^@rF2^cxpmAV7UrfA8Dl2L>$k+pPs0#IVM$MS%dYh_nk78UVyao!JFt
z560eyZuJvo0UJ0N|J{<?Vh~=9mw3zVsvQv7h2Mv+xtI68E8t#-12PQ@DeSj2`a%PD
zpPusPITE0*j))38@|BW@yov`VlG}-}lXu)9V5q0i+p7+5P}V(I%XG=R`5K+STZ&KU
zTFj428vJ2Di4+V3^$-;m4h0J&AP-DvpO3Or`wPx@Q=m7d*U;n_u%8`(Jpi-;P622Y
zIQa8lJZ{75HxQINf<nNKKlXR~02(6DYEU3l0NyAP+|ZZ13n`q_t98s}FZU{rL4RCw
z9#Fu~%7wmsszk`zU_N4=|AK#Oy1eR;hPZIXh5XnL6E$UD7qB1C?|mSAM<l<1e-D&^
ziV7y;zwx_{mR)|&&#+pqMPLZT9~#|5&aa$?6M|oLKUj$Hef-9jgYo0wz^gxWj})H+
zp8|(jeLtGly}IB2)IVrP{%G(1=0*F!fuAjnKccVxmn}60;WGpfO6~Yiho~0)@r^)V
z_7%{lwR1}#YeBp^KN}UXb)s@XJc~%>7WjeUU7vB^1N{zYb?l>h7|}pnU&Wcd4u$#;
z5WvEM9RQBkm0v-R`zJpPI8LJh^rPBfvB}5wC{UcjKbz`UFu`j-*ldD^NCDNIoz)2R
z4J)H5fIfL3&Xi}un;j#F+dCmcs3KS(O=F-w;N#ej%6cInK5dQ$Gr%VJ8f2;d@J<_0
zFI2$H^zzqE03m+>LTq-ke);z=7(O8*gG1<VqHhw`{IE`LCpmv>sEn7Li=8wOsKZ|%
z`}9+T0f~mwPlh>Z&G$`uJb5FGE6bgQC{qvx!AMoG3}4wS^$n`#xzwwx>dG-@r}U}f
zGBY0wPJZ3lw|@6*>>jMTbOeC~Jay#`lga=e*Y{<lzXk|}j@hVF;oGEqQuBorP4xn;
z2GWcfz0ep}XzPAo#iuPeJ+|~c2oB)M*(i)93&i_}4;?Rxd0C81wIpJbxrjqaZQ3SY
zm=!p(+XZ}(Bl?ss!%F&ZHd=qpW2&mUCh%}a5xJ-qPb-niV+o7NAABd%*)w@WWOI{0
z+Q4H6DhPdQG;&i%MRYH*`#U1dNIJZDwK-N3SV#}&4$G=Bee_S(H2#@=WIXh^YTciL
zr@d%KZX*%$Dp)z!BRbiFGy{u=@sE5+AIij_5_iJn`hogvPW8UaSz&4DIspqJU$eMT
zPqZqd=M$()#j-kXi2?bhnJgkUrwcUTNV-r#8)ZRbVL0V1KvchA%WJqY*$N*zMoxw8
zwr^@7`cg^|l=98Ft8ci(y-4B=C-u+9%zvZEb~e0xyd-KZhRp1s;5bu95uUT48}KgU
zLVH3t2EM;}o_64ERU{re?MErgKo1KAgNOcw4b9x3%vk3zL*Ba=Y!m@2qSv1|)Auh!
z#`31Zo2SkpNB{d{<9Ys?o473qqPTVJ+r3Q#S1H2%V$3IKLlg69=S-2MWZN<lE*`Oa
z{Pi~r54<sB*Ld!2$tQ%nP{4Y=!Cd|xZ@=cC*FKLG?<i}WT_i)eK-t?2guPlnX3jkW
zVR*r`Cxh$s!bp1KS<U+0G1gDUioJlE@h_?xT)B-LqMf=97HJ$?17_3GC6D!x+YO$x
z1z+a?N?lvLPZQduS@S}X@1dLSor)l|fY4|QCOv(VW;NPh>g%vr3{%{);2+&+upPGw
zDiH_#@u>a7+2~I2gr!#j#Wwr?&o0)`w!N^5jXO_*Ef`C0JiMI)BK=)(EywW4)#lQg
z*%5i45-#E!pF=}lSN*&zd+kh~VpW(qtHEd{?<O@b>^UhNi&Ox+nngvWPn9Q4n<d?<
zTW?1-Zb|BK7>&Rgudpmz*U0k1nc&q9@L(^`k72=AfF8d#=Tp%kppwoI{pm83)s-3L
zUf_sgC`mxpNX3^Ta0QOq(``qpf&#RSnCLY!Ej1u<|47g662K)N#;HM>Hb|;kv;4gm
z6dC{<PKy`s%o=%S-K?7Lw}dePvl32M@UlA(h=Ix3%kU6;`lx?ud|KI1*?Ee%sX}Tb
zPt@c!-eC&kIb0=BBjgy7k~F`;>7IOg*!ld{W$05oZIr?SqpSW<nZ)UiM6a}fNT@O+
z)?e1{CR*!z?e}m!hu5$74W?bhT#m25T+4Njr`_0ye-~h4ZI$zSEQE7k-8Hi`eL*Q1
zuRLzD8MpirhLiUlY8o<n)Zrzg(6Rch$!UGvMHD%wGeD1l9Ld2AIoi_oUR;A_B`Tb{
zqQqty(fwYRSqsa3D@3{Y!IeN{#_`%`@K-{;yT4!FxWETj4kh-*b+f9ZaX0>^@4<GU
zNK|m+iCDOjJW4Kb(=S!aLIfsa@qaLOj?I}yjhc;ZcWm2uV%r^eY}>Y-bZmBP+qP}n
zoV=%IPR&%E5A*H*1^cerYp->c(`$X~s}+p<XG=P61WrWD$cYtc)|tY;*PT<@WZvuN
zXM@2e&5gH#-1y0=_Mx>BUmEHEGt6r+>z{@<K)6H(!Y1fU7@1+mi>VR&p!S(vWniHN
z+vU_RcN67Lc=Xnd&(7w)coUV=K&IjH1|+UgKa7v9DM;XKW+1-Yn%Gex(x3DcyPegy
zDO&PAcsw;`lEn$q79mKHyd}{ky^Zrmmu865bI&D(x+Xi^i}@YY#Ufpy>-@dDR~=)Z
zFTJkkgchmI$=C4G8vwMt%re)uu)KpUAsaOIZ1iEjzdj5ksKX_s)GUJ78p6YRj;FTN
z>JP?Gn!U90k6?VGId`6&&#Clti`u0EEBhPu$*o0)qDKg_R(0G+ri2Bs-a6z_IB|{J
zp|*3=<k{3EQhB}QXD%clI%ZNZ_App@*s0U|vS*!h>9GIZ*|O%Eap{BS?&w(Md^ew}
z2GMN?fE|v6gZrq~dS*fjm}{vo)8|92zG)kO=vx|4HViib*6*yuU1D$$A8!T_6oDj1
zorqB+-^x%AS1olS%DQ=$2(!(AYJ}!_jTRi+d)zZ5JZF#S9cEvD*R}Klyh}{&#vS7Y
zH^8SuIkWR6=~jnj6U5Bj^ikvXWV|Wkc*yK42uw5@6AX|4l~axnpzI-PQau@Llt~j{
zhU3sJEpO_7&CQYD)}QkZ+o^Tj^$%tlcs7-HP4hMYtS8;B!4zN2Ac1JN_dtnLJ<JR-
z`IYusV?vhyZqGbmTA+l<c5!J%fW~CA%l3_=DEu>UU|o#ZZnpFS@K{gnk9@>Dvc_8K
z|1vvDWM|w`%*=5_OkL2lq<vZn5w8M{%o)JCPf59?b*-~G>%i4lVAmEgV`x`0m5PxY
z!?(b|-tyhex1KY4I#MuJv=ArCCGuV_(r-nyl>LtT?B6I%-XVrX<}d%4y!5wJhm^Vi
z+od1aW<z6tzsmhUZrnO{xjU-?$-ylAqJky>5X9ly^Gef>nV!h2+JFpoSL+H%FJW)!
z?)>8`DOnMx4Jp_x^{*pIaYDy&<!$V?VJV9M+eyaV@f{qSuD3#=j4P4xLd_UE?A96Y
zS~LMXThoa(R=^Nr=kE$w3LUkdW!rjFdRLAe4FA40W9?IcRp{FiUQGRsX)kg){#={q
zKI$q~KMk1Zrqevd@82Q8@B8QMb12+=goW)GNKjdFCwv~Sx}pewy;O#&b=a)5zU4wh
zxao{)(F~438PdCT16?WfX18fJHIz!I;4Ty{EXfg(Ivy%P9U{#JjG%Z?2gazpp|Y(A
z#lru&r(<VmoKs8N5*kFh_Uxo(W!KYPqCWIhQXi}DqHU*}SbIK`8s&UeQe+qtL9!rO
zA}JneyH<Z4{%+vp#U7=k4S#Sh4zQHR9*OFq44!qwHwha?Xp^5R<7e>WTE@b&$V~L$
z!ECtSvonm*by$U7m|FJjKUbdir!>buO)G!~*JVAw6VNx!qR_EYQZ~`C{7aY(3fv_f
zu;Mklqb_H>8~W=hemg?%_S7dO0-brn)r^|6D<(==F|%6llCmCais{<Dp*j$8ICA)(
zK7|1^DE1$Z7#e$<)=ZG!g<wP-_e_cm<Q~uGH>}YGIa!_W?vAGs@({IIJ<Uc$JUhnJ
zwUQT<%|4aOAjPnSs}7!yd`Q!b0m0z%V(3r1Z1A!I1sT75CvPudb@KFkiKIqbJN?9b
z@}!Lq)uZmE^o)tv>5{fn>x3TJKHmaMX6c~cn-0l6+G)G=>s4aU*D+)x&0su(k<R!&
zJ~yj>wnGTS5Y-C-wE2jt9;F|Aq^pyaV!`!w7oM9I#mDjOQx%_JDrg?vVQvtUf`Fv@
zkf$D%J<sQ+2?f(8u;Z6<@=nk*H(d7|H|BrVb@il}odoWXzN84l3y`ly!(E#2Q=NLs
z(SH_<_f6Qh$?oTw+}{v!IcKVmf2xs3a6HQ4?{z4tY!pjS_}2tk7n)T5<2H0sF=RVR
z417&6Ps~0fT5J&?yE%agUr6^-E1Xu_`fHRX*JU<#J%f``-4D|%RtMK<fAsNuH~A*;
z+?rmRl|o+pDyOM3TOPDyZ0-a%8aHf<KC@`RgTv87g+&~@rgzB*ik4Z8Y3Go^@2>93
zl4j=+nxpS9i%A|Fm)8vy+|y1v1l;6U7kI(i1Q`Ui?yGDlbP2@!un#TH+2;a%H3_aq
zr@>&7ZBF8^pC}oza(E5-Fx2R+N+g_8hP-X4U`sdLcaMV=4P_~5ofIqX7VVo#c4uLO
zE3zsxL0{{n5+18c9utQPf)JOsD&+Vr`XcnhXr(gWsBbiv{m*#i7O9>)dIh>hR!t}%
zHl?5Ql_Cq1o3q(-Zn!hfs`e?TJwQ4cRMLEp=0ni0W$z%+8e}&Jq^+q6J~&q^nX{8&
zDk{h2VB(9*ea?F%+^>O;&D6jd$hVs?O?(@=)Op%B=H~9LbiMQ}Q?+y0|Fv0)ZH>|V
zQXX=xGS9UoaX>|a0ZGh}VHt|B;7Mf|*lJgpBGZ?6)jqQD+*vO+xI|BNhQCRH!_Omb
zz=?b>ApGfoRnp&`rNrYVX{HAGPeKIi`lJ^z2xgcG?J+Xdqa3M^b5`!1h9<1o_&HDp
z;izy_(Di>QS)zi9{=(dZn`aGeB;|ijp>9#~2U`@JR05y&TG2+_QPL1=@7=SBTG}iv
z^2j3SvaL-vJ1%9%uQW6oL&`-+ite^=vLf}*hDjR((BCBMC~?CjEOo(kFB?M+mc-tB
zN|~Du(f2oy4z=EQc)D#AO^BbMG$A{N-ytJ8VOKV-M&{%mG|sx1YoG-!i)Ki4*?!N-
zbESC|wp_QW-Jm>rU@$STwBEiop~4eCZ!8C|4hFB@&HBJ|y)n(?HSUPRD~1xcNw#f_
zo}4z$MBc+SL;hUJrc!z6*5%J$E{%`8ZpdA;Wpx#@$hfanGSh|Fcymz5XKsLQQY?DL
zKGx5ul5E8;swr7iQ6RFcJQ~e|&~md&&bH*dpW)z83|=bF6ZU(~pa!8`YFCUy6Es=1
z=F+f<Z=DqOYiLdCuf2)w7EKF3O=9DuAo`#;h!jO-dBC-LeN^1AT{p3WS_ey2m2*8G
zi;r1~V}zX|#&Bah*?Uy~^<`X^PMr0E(HKeItWQM+aX`|5QJpD7y_lSx%&W1p056?=
zoHe?{IF_Vd>(-nez;bat&#yu!bnKc`BPu333kM15KSeeVEw{qNiIAUL-{hS6$Mtj2
zIaCrDp<+5LOx8Akj!@aORTnMBtS=yid^^n~Hny4^2-#oO$FWP*7jt#=jw>wpGlYX|
zt@3GjmSsF=MjnegyZg`HM{y@#i>0>7;9;X8BWovTv6yTUDk^DwNj)_<TGjB<SvQ#!
z6c)gyylA1gusCNAsE19SU+a=tAB{A3kI3u)lVt7kX|*X9v!#feYnaVrKUh9P=PtB0
zX3vt9?TLO*&?vg_ZcCq=3ulV1ScguTb`rx$yP}Saa1xiep2-y=J$jvU_b(sHuTt)3
zxfF~1?evIz-dRd0dSNIGv%UBWGSeEjZ1rJbC1b~vJvMH8Yz*W+c9q+9S?#Yi$b&s2
zv~Ud{7#|fZ@zxB6lRaevZ?HQ61Kk5zqG8!>ueEF05u>!$YA^L4TRSyrdmNHlm9v36
znZ6L6q}atPAyXzLYQK{(3W?0FAhVoP8I?Im^;KJ2p%q_&z9O36vkz?M9?<2+h{L(F
zS=~c}`NZbuy3y_s2b18HpeEEWg41-UsYyK^(S|G2-!D30z?$yQZ6Huu_lE+KYm=v)
z6sDMwul-Kxy`?{Byp5_N9}0}<tTnW}x-ewF0I_7=9xj0nA6KRwK7pSPyRhil!zCJj
z+e^)BiE#a%vmuZ{BUo}EtT{#31PApo>bxLi%L<F1ZGOb+u;IbyhU4YxOuv-lqW17j
z2z>wVa&*`fjBU?-2jRe%SuW$PectVmnLDT&y1l)$>SG3u$LwDS5;uvb^Vd7UoXcsF
zPb&40*V>3aj`FJ*9I?NjB7KGv(DA=&E4~_`WqFxarssaE&@^ET-Z4Mjz*;ai0{E+I
zd6bEzggKUhUbe|$^R^KjX(?zS9~6dVO8cBK63z0pq1_C12h|AnPqdtr<&66piZTg&
zdb<o^SFf(oO38Id-AI1j_}y@Rg#X@w-2t=@5L4#KJplj)i3@;p<Up|`LsE~|9yvwZ
zS9YQ@ZL2DMRcgJM$*0V4V}<^0F?o_5<=ys4RK%jNjU=-GKjo#|bsr}Ct@YQr7;7GE
zd2m9tTnEHd+N~NpNi-UfkBJ6ZH4~UKw~&IWIy$2DNC_R80anJjG#~^NPFU(TO*G%~
z1>|IC7pB);C2jSsU~UV|ehkg;<gOs%)VL0{vC;+~K~D`CRFmrtI9);{;)tZ)aSsXU
zdpd9IUXyeadHSg$T20rA&fxGYV*;8Z4n232^R=e{hJ?4T9gh5tm|(X%15a%EvtyG|
z<i94T$F7JSdNzfo?HW-UW1npdBC1CEDv6&{Z9#iD6pJ!kws^{D27d<R;Al^MqWKe5
zYUZS8sN|8`&URH=7#5JufG-6MZ8Ve#NLSv|Y%2qy+v?q8-w6|6C(~smfMPjY@pXM~
zO)DW36tXY&*7J5d)7FYT;Y1+iw9HbN$XtebIh)(@Jd>9^1C-`d_fG@0PedT0+O{Gz
zBS$ydD9?t$T@Se(L}@i8&xroDzl0?ei^@;TgtbzzT6?)<%zIO44pASFeDv{Cv}iBz
z!={Iga~47-H3Nke)4yj-2O-5zCiAbuX3`K#y?vxf;dEzu%VrKw5@0tG<}60pkBLWf
zkPzAKs0Tquw#8L%76FW)2b83J0{V0gd3Svws{K6)F#a7%mYE^h+KAE{L=kW&Z`rb7
zrsczk+aLbPa$(+KVxo{F6v%Ls8C+8GWFppSdYqMhzmJ5_k_Z-Iy)TNnNx%C2S1spJ
zrGeQOu3)HK;bDO?aq;++X1K(4@532kEbt=1MrO{H1fd6f3l~%MWjAy0#OKE3Cm*xe
z?2VIve4*5QAk)3n$n1<PHRu$rCCbWIy@pw3q@GM54!6b9z0_{<_xA#T1|VxubTjqP
z_qw1XL{K%?mLAv}@f}5FCCw#j0_f}3n1jf&1Dd{1KfLP=#TJef-T@RJDndcAg-EjX
zhYfMrRHCp<P#j_Hp7K)c>Q|?V?CM_`%Ko-Bn@&=?9gDGiuapZqBrY6!N6iRZ9xV<t
z?<7`?O@IhQz<6Aj2*q^~=VFi!McJ>I{S(>QWBOhTLao*g_dDoLC|i|N7>AoHn}yA3
zGT<3-Yv=9j#crkZ$u!p8AY}4<131nWjj5hCy2EARmdLeOHJ0P-|D*fW6XH#%J;k7i
z-9Ic+e9UPfeI%|l*%Z5x>YrmRcFtep`&~3sLe2&DAkCk0r&xnZ7s^=YLD4{9IFc;h
z#V^%=RLdZsdv&+6<{2=@6Y~~K#c~rcxqlwU&s8u{H^b&@h-<8SO!KdGxl9GuQ3K#Z
z#|>@W$bHWb7XC2qfdk#SeR*NXA2x^6!*{P_mnpS&(!thpIWn%VS?YJNf|v6y)wF0_
z{yxF0_@~E>rw#M+=+9Ap@G@~I)iSJs_q`G&9qJqhN;G53%iOdOf!9cF|8X(DQ)}Bp
zaX`3K%_t~`@~<RXuhGSB6<7u~e*J=8@_&{zpV_bG>-199*+&;GOF%*i*8n>NiNfOB
z!Mj2+B2D-;x1m1i^4)ilj0(aZoNsa;Amol1>4|DY%PCA-DGE(;NVpH}1Bc7}r9#Ri
zY}i1`xk=4Ji_~~S9~@pIK3(`}Tsn36d|D`;$=$Vl+0nD4Y^rBb^y_?bZFq1{axN&4
z_taZ4L4~EfV(5O{b=Y&`u5SkUkuCXWLSB0{qxNrwvzN3Mr)>fIu}i1EC#aq#;P%+9
zzM_GsA8wMO7;l*kNH}@FGxZ9cBKwJEZ7b}H&V|CJXc3dksB_7<lP9}npKtp_VwuId
z#U)k7NdM$1K`^=cG+pCfVM}$aTj9Fio~WuF5cuZieyrdNk9UH0bs9^PcIeIzPbB*9
z(cM1v74&+}4=ix)!-B(oFe|W4?o0sVyFGh9O9i`B$c{ZAV@MJl`y{|(Cy%ow4O8jv
zcIyxmzO{6Y?t{H$Cs^RIglY_-ap9}B<k#UrhsSixG|T#ORaeyRK-)8I-*tdTVdfv|
z+qPg<gn{Sc4VHTs)D9hEA6o;m++PyxOqS$qjGS75tF1D=WK3SRf<2yso6gd<#&e4_
zi`r2Fjrz)buo+K(p$8Wz!mMM@DA>MCOg0Kn;ZBVE>r*+YCs`(qS*Z$E%G0{Az*crH
z6IoNDB5Z`q56YYGdIZj;zvn&jhov*#V9y_`Yh#P;_A&Qx8#+EpZ-;dcf6aX;q*f<0
zRXLArTIx2@&r!+mjnd>^u>by-d@IOi`n?hSCsv7SeNiL7QwCjEb`II!<)9j7_BWk5
ztfEYYYh+j?vDNJRNiF(gLPS!O-PG%h6l#iXce2I0hX;DV;$$X>rX(S`s;O>`;N@!)
z&Ywa)d1XXa!*)v~mga?-y4&%VE6#Tj@w~N}P7;O|m18q$r$>6N{k1id@!|v~idhCf
z3Xmdxg_6`XrRevGBhc~<>dnUMDCLy60n{U{fBHJLZeAA|Z_+B?Qv3`J)mLyHl~K)#
zhXG&2oMvdmh3E9@h}%pO1ZEe;cHszNmbi<U%THi**V4SlYH;y7z?MReopv&%>{q7J
z&!u{qgig>JytSL<>U`F}cA=Q8tZ`%t3vBWPZ2>t)c;Y3|CJofVuv|@mg(leY&T^~$
zEeR9!0qYu%-po{Ze=~6#<42vm7qcRpn>K=TuKb3T>iUCvBcE3Nzk7Bhs~wK+;8$^4
zQa+xmPb!{TIc%UdRojI7RhdZ}8}>pS?lbNE?%sC-ujDPG)q;#%Funp$OO8<k!H=uh
zXXT^MG)}sK#ZNlM`IOqHqeM50S}~Bzp`3!O&1MxicUWaIfno;L6dc(=4W$!~h3{xN
z(~5wm`mu5O3f`4@fFzLaoBJ2yRIZ-F|Abswm<SmOZ4E470D%7kS^u*Z$o${!&>!T=
z#QEP{(f?a<<X~d||3|L>yCk|P;mS!#NHhWW^Fcz#2nPzs1lm8dDIqD5Dpl^66jazy
z7(|&hM;Dgc=NsiX_3e74bH2r9>3!ch?epaG?6ZCR+QRt|4Tg5{vlFOF3PJ~j0VWBY
z<P<eA2uv7P^D`AF(l=-fC*I!o)kmsL&X`1j8y@$j3r2<p7citZhQu0D5-0-1+Nlk!
zrw^nq14By>4gwq`Ksf4)98XE*$2@>zgE)f>W=4$6D33x<R@hDeb9E9lWOZMy285V|
z36zqA*8R?dm%9TY+?$64CIA`W640ve5+tMzEG9vT8}jrn4vqhdf^|&?2I}GV7CETJ
z9fnvj#-YO%n9r^OwFl`4TG+k+0{F*oJQ3Q^^Cd?m-37to>E-?25tD#yKm-E^)dN!F
zL<_kYFmfZh(5D14arBE1VHcRj3waS<`Vww|eeq-msv&&YKKwHIrUn!LkP8vWli+ZL
z>O=gQ*yHTc(FfvHwH9n(c%%ObiGGU)wRjLSy&~B{ZJ-;368%?5RFx4(fbl;eQPhZl
z_5xmT-rcHhF|aS{KrUnSpiY#zN%#-}&x9Yt@mEZMAk**_<cDKDJyang@y>N0a7>Ns
z3tLcUD$flc$ki_Ryuz1suK?+HFRs3sAEktnjEo2f&^=I(SDsvt?qT%jhJJV8jxM7~
zKrWDLAx{r53m7fb6;S_2JeZqMhdvPN7%T?b&5z-z9q-o*<jIK!UlYjHhfMli7UQpv
z;Jfs9T)fvCIE66ksRwALdb@iYU+=&;R;1<aGxY1-$KL}cy?BWF!<YQaRYno{6c!2z
zC=vvWRJ0eU2I+{1o(K%;&GeTy)Q2rj?)QNOA#NPdDF3EG%&9J(=Qldgw65a~$d`sR
zX1F39T+cm0yq3R+puz;`$2Z-7DUQMaQ5;eJqd1-&p1tu*-2X>${LfNgcQ;s+S?3HE
z=m{YcyTAv>BHGh%12>~*OX|9>INJ<T6fzo83>FitpD36hv9DcA3H1i1Nj0LlaMqW^
z5u(p`>Z0~8)L*_i)UWgPfYJY23cST!0Kfmd892Ffg$k*i=6_Zd{22)B_97>xhVaW(
zK;lP15|b0k&-Vjj9Ey8l+}@Ug00KvrU?m6lOJjoC@e_&vX#1^C1ca0r{9qr<mFpYq
zQ=rEP1=J8Ipaak$%9i^MArl1>P%GT8Zht%6*S+CS_xH$Cz*7ENf-9c)t@QN;)??Jg
zN-{FRhE9%gs*1My{9W0zM{?sHq-S3AsbA-ATS1xrzMlw0Vcmz@2#qMJ^)5A(C-W&k
zT`*h%s_}x*75%2!ISH#Zp}-(wSoTmwg%1tzcD+5UB#GL@AHCot&wjOwK4Tp8i|$)O
znZA=tKYfU$yrtirERWvHxy;VMNN5M*5I9wnih;v$$`=xRr<d#Cf;@)tnAwP64#zf5
zJ2bAa_r0Ky0{~97YuWry`)ntfsXXoU^$Dx1Ih0=x(tbbF)Q*{9lWY3Q#suUo_>i|H
z0Vc)dX>CMjtEHyr6K$E2TSOfh_SzQZ{53SV5<UJ3*!VI3J|+TpqjjN{iWPFK=qhsd
zQV;VK2-y$qCg??_UyaA9q}+Gng+eeA!2L4{y7@$dBV)d8#{Z+Ve7m0-wmqAj&<|v?
z@K2R~huNETM~au(&C+h|OMHe@Z5eOe9j#v&J!5FRoCIb-sOFFDW7LZ|t~DC@Lm0r;
z1nnWp>9SWO{l!;QW})76;ALNb`CH)9(H@S+UU>qW>mf7JW|<!OeTI-SR(u!{Gg;I&
zC3&IHyyECXIT^88;n|xItP?oqSsoMT_0dmcdC)Q9@%ePJgIWjHXi;E1)3KP$X7@Gz
zj;e}rWV+_wD?zB=(0~N{5UpL&vNP0`uhXs%A}8CkcZ``wz0z1H*1#L^m;mQSv=9i}
zBO;VjjGCg}X#eYI9ey2LV0_dnUY^c)>dX2Ie|-PK^^^^2P8vI;&ouJn)Ai45l{T{B
zx-qoZvZ}AhWSkhkn*=;nVu{ioO?ZhmRPP&;4#IF*j$F5=vuVj1%{l3_W>=JH^GIwu
zc~O~-`5nl}X%}Yl^(s#+c4Vh{p_BiCO@77&PTB7UEQ4!l;xMfxD;+~7Dz1VZRbRE|
z%L&kgsRXj^@O84!_!ko;hcZW0xyyPfgz(T+6`g2Tw+}@JLMKMY30_>$+wdIl$K*<f
z#Xz%<RB=^dldZaWy4QZQE?P=OLqwiM`|mRtLGSlPmXdbqWW`lOA1ZHcG?!`mbno9?
zoy~zEFu`$@xv`>=eAS*Un@fpvPUPwmld-4%*%}=L@aBJc5788D7oX{gQ8<}v5A@dp
z!k!r-xO<ozN>Gk1G=r?X@Hp~jmk!qmKrpSt2GR38t@U?Gq<LL8=o7F?`aJoO)N0cb
z0F}ZZLYEB>JlWG+aCI~%lO-$EFLgW6ukr}337uJ(p3DTNIE6gA^SU)WJek0cO&bj{
zd@(41)?i0_@WJ~Kc6<7*sjjIkzN9IC1$!9XrmSRea-~S4H~Jj9#&{h>{Z2xv$U=`P
z<@CRgSPqD7ww!=aBuCe`B*Wf=ooioWf)ch7At|1Ir_o=QKC`*uU_<Via0tpS0KTXp
z=@l#@ZZ4z`5EsrXPG3~X?3{ARe-dn`j^c%<&VN7T#|RHm_1ImZG!FcND<n<CJWkI>
zBH3=ml97I?3*;W+Fjl;yFxFs~bJ*0hslTnAiCVD=YAXKDYAcnPt{B1KhbLsp_3$8{
z$E$*;gvKx$=ktD>Y$P6zQ-Rgg^iHaz=u?*1>h}JQ#_@5uhwQ@H6T#Q)$;J$yD-{2E
z!UdoLX_!UnQ(7@#X6_luzM#L)0LSECFSPh|bLNtaY+7zsw*C@0+nF%=x{(z;5wWjy
z?KL716`8&-llYYOev_k%R2~*#$-q;6v?2?rMbHi$=ZUg)<UJ|{ldtmCV(xY<)RysO
z36}J+coYjfu{;zs+I~0dyI#%)RP{mF6P*WjMVlb(h5Zb?+|*`}Ts4rCN-(-j1=amF
zAfKZ1EmO9eWtKSdlKr4~wUW+f2F`iPcdL=CHPzRT#LYdDd~6>GQWMOJ40MOn<)=~x
zcs1+3IHMAHPdRkrFMS)h#!y<cml(Rm8m`GG$sEQ^uzSAArQ#rSTni?c@EnH4BX&ZC
z-k5!E`3#PY;4Gz%gF6?v^&2`X&Zd!1@}&RD;k^<g-K=gniP5f^Sp1kV$sH8QROl(m
zqPn$UE4Qf&JH@B0<u>%YdSATAB+=gyXtao~yd5)5{kg&u|0SgHirPv?fckC_Lv1^}
ziEA?L+k9!cY>A_f?-KiR*bV~5oU3P%&}EC~aP_$fm#vL@*q6pHpaV}akV@83@ZfgH
zlifAeMIp+^5x;R6jhm&<QY)3Lk5G>GsH~W8Z6iwg%^~<({)T8eL**!4U09OYJJO+m
zEIP<OSY4?D!?{g(>n~7u`~G<&SJXX66Ao#8xu%kaBgJ@*ycI9>^cr_xx(p24pWKqN
z2ik!|Cn1lTqmncMn`)oXnLaB1Cr5JKB9<M8_#Oba?R~ARBa{wZSjPbK*q7J8fT3lH
z<3bhdk?f)q)(<-0i{T}l*o=!ba8$ukZ9G)5K@AGf@8?U-xjj>ycXg8j8PAsL%LV+W
z&_0p4)Gkx;KbeRaw<uRCeZ|+}5ee?yv_XlR;v&$81DekBs;(mucxj?=EES~xt{j6W
z*0wjsD*q`QVzoCrjmTi3so)>y3CT0{CH&bnRl|j6(mC?eee-Ox^uAOE>)Km1ZL!eD
zgDRTd_kXnH#qnhOV6hCM>xZL5GU{t3+bF$M1DvbB>CaW1fHYet$QkK-z!f#=|Kj&-
zc_LeRaI=eu`lYq<r#PdITC5dn%CD&|yo$aRA?5^#k0DC>7riWZi=uiuDlynD6)Auf
zIo*1Z3?*5aZ}H1yn(-jHfCfL90)1lfn^NIGDrE%eMgQl-Pet{V-WNV92ck;oC0-=s
z%#jWTh@QQNfsj4&X3jk_(IZ@S_T8%eQatTLKnb3&N?m_K=68Z~1aG<y$o}_-&~D}A
zuIB2muj>7;?MLnt@|s=gjwUVBYL@=$9~`F2_#F3cPFAVTI?p4cks~w3QGDG><=iFw
z!Cp}NS(GDvcZABa&fL*8!O7CJv}Um7Cxght@D6Kq#g<oqrE>!IDP@aR{aTv2;u)jE
za`y=7PabHa3w?V@{n7JVs19vZ3!R~TgGA})KC8o(d$J`jEGk9Syz|t?LD?x=x@?HG
zq~QHC+E8l$IBeyO!3*C=h?s6|qfBscHJ`lSFDH|8hfm?kl+DY^rA_%<C$cQ6{ru6`
zXY|icHjL-FJ4J@7j5^gTrgav?c@QCL@sWalCVR^;*3|^F^gR3NG;V#NzSFsc<0<7m
z*ow%Ucyi67K8JreakON`$YHZWOCq(Jeuyy`nZ`e`|9wFc4vgsf1go<&X`t?6&N4&I
z2EPr#m04)2_SSG?o3WGlT78Ptc)!#e$u&h4^aI$|W%c%?Eyta%;SckZQ+HXxaDllW
z_mgUern_5{W;-QWSCr8G>XmqOYMV`DZ*imL?sNq)mSRZr3R?DW9cut#Np;Pezq%Q6
zfTF!!4xE+Z@D)4Yz{3_?&F1yj8`+oJiKR^sX@n!mZBV`gJ)b-)?Qb75k4TMq0BW8>
z6pj2tnC?PsMh%}nxV#SBM@XXI;<v^J*^KU3k;V><Av{;--^@TN0YjY;i3UQcis;8S
zzl|a`R%4ylqwtjyQ?9xPO7t4Qo6ho-_)J<fd#^A|yq6W9)E5nVAQpIFARbaAlFg2`
zm=f%GWC$eog9**9BLfHjKqB4IEi(UAV=s%ghq}>JuyQrcn+=<omF=8Kb>{*RUNbR-
z@#uj~Awu@{Apssf1^cbn<Im5y<-WrqatmnX9MUoNZ^U5^nEC`oBzXWWc51);U@ET;
zl+<YrXisDQd~JQ15j)kDy7y!77sY@qoE*<^#UXE-Q8KtWE6x7FCcUzh2J8iT`f>%^
zdZCflT1>@w8;J+Mvr9$LndW_3m>S+{=!>yZpvS>-Ca83Hq1ye!hi#q9k`}+q*`?NH
z)HJ>1FXXR<KB^Ql<Pz))N?T!y+ehY|hl%miM26)ci7^X3Gf1NLy*{xCs@@2Yk4ndR
z(p3K-<7?v$=l(EG4dKlFD*K)wvjEQ<63hnd%gkvN+R5;^EouEd)Zzp>$RQP$;^k`R
zsg#s1)WXsebVIcuC9>q@_#s;Ilj+@(PPkaL;ikkclCh`VlZ(X+$@EVu=2?31tbgm9
z(%1HXIyw5-9nLgIsmo<6f!v0h-JmE*hScdI3i+2O*@LRQaXj<xfn#|a9>dcn<;OIm
zZ`V+GpEFTrr%K`+?#u>ts=DM84!0xmFVyX5=e*OCA>6*<+?51^)$oeZ8TtyZ#mqST
z@3XTls~R}`{8FP=>iHZO3p76M4}aNwD4#+d4{z;9U4tM@J*R*iHGvsuzbrmdBHsQ>
z^+}IO`ZJt$0xw+#JxlOLHlpgTa<jugi!aF>iL@hMbKBCePvg@XRc|ALE$6kVi`xVS
zv0OtP3`G~Wm~FLt<=BdJ&MHC+Ny^qD?$u{t6kYLxR7d53cr^dFhuXJy$s?Pm0CPo!
z=I6hgJ-bTKc~QdM+ziU+A?Q;G`!V9Mr($u0+jV|+kT_&jF<-N`Vk|qHlEZ7Z`F%J5
zA5!pD$O3B$i-YobntlGMWr&NB1EJkUatL-}tO1o{)=@CKfyAh?GvB>Dvb%VDQ>vfi
zYFFjChI0)}TY2(0os;>sZJl4oo$#+v);B4a`mW00%&2P?zAO&;S;~CeW0rst)z*wQ
z%YSX&vd_ngX7gfP>pAE0dc}i_j?V=pfpH!F?hlJmQ-gJtsr-vQ-}-pQ$Tl&$+v^Ee
z02?i+tjhRa+5txhEIsTKF*GZ++uMwnACyfy?|!V(C4${=<yv;tSYIOiA>|9KqzV=$
z7ExPbh4+Z-_25p(OS9-hIql|0Ecc6H^|8m_v^!A*pu+MnuN!##3)pUrQSMwIX1wDD
zJaawexUXKRzPaZL{TxSk^O~Ax{ZC-{o&98T8>GQzEV9V^viBR9%`M;>Br6l3T^_ml
zS?hnIX(qSC>|GhFw<se$3Zgd_OZCiEmqvNOnNMHTp;_bg7_xg+KNB0b=(U6iXXb5@
z#v$>|tUJSkM9eiAX=deIk}Hx3$=11=r-(oxc^8piZ%ByqwE^_CykDU^T%uGw3>cl=
zvNmY@&&>{p*3L@&A4-j7J3Nfh%M-BW%UxFxrl+nrJKSxD!x?Hb6kH7y!n85P&X%m2
zWy}|9NyFCDRjyahDrb2sO?<Ee&|W-VA>>qkPxibpEQ4%Gn9CfwF=n5%cP#IXL_UDp
zsbF<C`*pbYB>vxMh9a9uZ1}Ms>x;{6GU;~MIVb%D)d}Q&)zR!zDNA@a_u+DUN-1jb
z7mDDvg_)aFh49)oGRx?lqK;TH>_A8c`O@Cr`S=*J!yJycPIRX%$Z@n-Zq~~b>)^D;
zE)e73^C*-&G52u1M!48b^tHiw?w$#?^N#tk#;W9ZIazd>(*4B8#bEChK2UH5i>1-H
ziLFi!H@guY$~N9qg!$eq^MVCh+7;WDivJGp`qv<zY0wB-YVzG?M(o|0gqxuzg^%LB
zChQdx(B@Cey>tm4pP+Cx52s027M*|DdKNorxGfg#@97baimX~;7EaQs;l>ao*<l^w
z=tpmAVw$MIOL{y*y8>_;O!G_V(YMXAb}C*UtZ_9$TgF@DrNkN}U+63AE*?ZzWgRZ=
z>7(;7{W}Zdd6S~A`NXK7!2aM4cf4*z>fHThj_!DGcu*y`5_j~ePs<_lO_c;NZLqEG
zl}!z#CaiMXgU2@ynZLPTExLnq7ffH{xcoMKKnmf$7(|)6Z7wWnpzz}_aecUNe2MCU
zBe-j4+Pk0KW&fjbX~udDqY=kM{IA?kdEKf~mmjQs69C^VuxA1`a@p(Y&&f&807^R~
zK?$spvTk+tM!P)Dd;<YBy;|=5r<nQC)2AZJn2zuF(-yBo4(b+u_*D&w(Vt;}D&?&e
zB;s`!cXh$V(z;)f?S3_E2EoWbFq}|Um77c*yy?G#O50_z^=w@i>N>wBXc^iTWdXT%
zvCzcG76axDt;97h-7Sq7kw(u%nTDPBbrSr20}S&4DJd2>+m7kvi;-h?MJ)6u$Gd}Y
zi10YvukiD7WnN;m8zz?ceJan?jP!L04}r>{!VB6xR*s8lN6`$8AUS7GR`Wkmog`ls
zyM3eeHiCq@J6~Y0)>-BHv5N|dTpCS#|5$6Kg7T%Vl<kzQT36K+{9(*|w&%_g%AxXY
zW1X6xdbU^aWaCQ36jU2VSeu8@tDghu`A$2qtBfdMnD$`RPXoP;`MTnA1tqy)&;o18
zie!#)-jY)gTOn!4{+>6L@e!nxP*`LJWmFt^Q1EMH_iFIsym5H@eW#wke?_=0kY9v#
z{3NU!AuAl;&U>SgpRJhmqBZ7_iVar<X<>;3FmWDA=w|dGBvcp-(QLr0-m<J7Ro77w
z)%R$*bpTIfB+MdC^i7k%hZ75CQ+_4JD>b|kztz0I{>Jn;pjJUEVibH4L5}WjOO~3Y
zd}^y*9NagUmUA6hCml3*l#jOTIY)P7^l^5s)nqtVb~sm^DF#FYsY#LH<=PFBb$0fU
z#jysuWSvGL!IP9M=WS({i6xiew|LdZ=$tE--52TFaZ^B_y1t!pmB`oASa~4EjDHK)
z4%Ix0EKsbig?dxJ^4t|Y&Ih;LXGx*~f)BNAso+MS9$GNeZB~KRon_l%|G*TWt#13K
zt}k0V+Gq*T>z{wbm^@*6(Z;P|KV#<XwMqohBEZb;l4B2Bs#IVbf&c6Y%96hO$+c6)
zBW`Vxv~Px?GF4O84y(N<xui+|E=d@Kr)Zn6vpP5h#l01Kyn)(zIsodG{=Kp<rRPDy
zN+xRzA8be#@H_rpqJ(IHxK_bb=IX}$O*)GGv{h;C(!K;2g<z0D1g(?dvR=_J2c&xu
z^1u)t%NN7j!cQB?V%v6mGIg0@-6?ReE0*>zDjF8{zn71m#-{51P06BxdCPcQTJANP
zG)37=9pJ{g+icG-5xn8b0%3G<)1^EKv);}{J0s5IK}m1#PrzOZfyMh}%08u)Nm1#)
zKAVJlJlkK53WB2Hf*AwaeC<SzAIJR+pkq%`CaA5XkL8^_XI~`K=8=dg;bIX>P=-QN
zxCWLj4{Y$I)JMeX^Z51;S`+&G9fYP3OwVuAG%JibK+Iv@U3!WghU82|N-duYJ{I*u
z7Mq$?Sk#M~=>|^RqAL1f{q^3?QO(_1b^?=WK?vL_`V@-8-CzSLF(@x=>Em2bCb*Bv
z#rXUj7rN2qx!#WRuUz&su-ralMxW(|rs%!-GjnZqWws`=GV;_RxMU3rX4VJ-&ba#X
zBg)@O^I-&D#E4$)D^DJOtPHv<Nw%_(U3hFzJzWq4thxBD@kiGl?tF-j%dO9p`^u}&
z<G(emnP#O=l3vbkdmGyygz9_|)5NlrC2KFT#Y#-@sBlL6F#8GIv)pk^Uf@39X&=;I
zRkg!a%6aEQc9g$iP(bpb4}qz0LsW;?UK0H*?h^@jZ!9fZ$3biRgJqfL_$ntzKucKE
z>gwb>m(7bVUQ>+ecxPo0n_<8!EAs@MDgv^N8KhTIDogGc4yq2PEvpbhWY|KNrzZ4D
z3ip4Zx<LbbQM8Bg>9#?C2Rd9&!G)yHMw=3Y`ZzMoLi8LaTI#L`B4EagXK=EBUw7~}
zSpB}|VK4$qp*hx02kGMwiYyccck#57&f%HBz$Z(?U~YNLgik_TUS<jJ5I?!K$5E_R
zMlLD@yBV8OtJE@S;yoh0QewtRamN$AGG8Y}ufB3BS?5mcc?i3GOPLnoIBmS1wT2OM
zw(@IWZlaRrsk$F<Jk7kg%k%k_KNSWLHfdO~j+g8?^V>2F@6tYav#u--JI>nTAX}v?
z9z@6PeJnC(gh_+cYLdB3!+u|A=o`g}Cn~ArVOcMROL_Sd;h!9ycrFLuDzPX>Vmq{f
z67xpKJJKJKtuXV?8OKXjLTUNYQb?gF=TE)@WQDAjoJ6dUK>AiVWAUk((pSZSDA$Sg
z8Rd9b4<oTH6Nok^Qc9J?b=ghGULmd&(wU=c?%#&cLbiIcJQ=C4-q{3#!T6}dFHj}R
z>}u6U$BnP5{aKK^fIyvWJOWuf2h<3knSWX^&VPy~&bjXZcyKqTu03)Af*l25+wj%%
z!1t^ks%r71y|&@g1k*?u%L})|@S-&9K9Np)_jy*!#H{B|nphVoRuuCoq~o)Ta@Coq
z%0NYB<A^#>ayxjKU3y5oPL&txKqE!Q=G-|{YU|2YExy&<Z9!%x7#}Uu17w}^9H;0V
z^Z0uMXN7BP=#2+Lft@#o@s8cS;JVatkFwD5I+~$iopqnQI7E9nS7YCxO~Jbk|08((
zL5cqZcw}PxKN#`{JTkNWH-`Lwz#}vB|9@N68C+%F_M4qfE)D|P*eP~)Q)dp3y9t_v
zeMKzL2^xeLK0heQDNI5#l8`PJD!)O(^)2TXF#Y}9am{t@=`!`ySuMYj(^7TavJxc|
ztfEIL-a-x&j*bHCZ|rXYQM@!Kz^D!f1`!F;(lUXh&hes))ng1SZiqx#c=7F^Aly%+
zj$4e-yY~U7Ady>@ilZO`M@dXYLrew>0V>+7m*&frKT{{*9L50x!3qTItSG?=(Nh$1
zcOy)anOWOn`Sl2O5PSzLYGhOh<{JvCy0L2ph86&ZEl@LM=eiNC5QZ~@1}@rD>+>zq
zOLHAH=rIBV`~LFcM|g#W1anz9LIL$4sF&qWZU={Z2_FjV%Ldm0Zy)-73J10WlFmiK
z=xe9Ez*~U`1`oLh!~upDGq6M45y!}h9oCL(R$hR}`rt?M&3XQ9j|BFW1+M@`dUx&Q
zTi{D3MCc1CoU4%34heP|D!>hVO|-EiAS~;Rw1i0m6-21tjZ0*Mg+`CR2QSznh-;6~
zO%n>lrW)msq#fwH-Y+l<g-8n#B-rw4q4=VPy^+Kg$H<n{&Vw612;{R^5+l%`*HZfq
z{k>X2gK`)M_u|<SD$sZJX#sL{NMscw;^xuoyzt$&L)hcXNWqCg37it2gq8~2$LnvW
zTUvip{b1sQf3qzXugh2!nEL~5A#d=jpxu!6@Nu6(p?U;5b_HnHVDW#TBm6f2SVY8+
z5eyC1DTs$C&hOi3xcA1>cdF&E0J%#*i!sKNSm365x;y8>{vjYQ&c^54{<~9G-&*){
zed!3qm;0+(Ru%ma77hso6g1d~l+=%ycn(E?it3l%4F5cqAd>Gm&^N_zNOwf=q*rA+
z8=3F&m3IbUx9^BR#FuI9W<}1WKL3tyqE<Y05V%3_@DE?*PuG#}=-uwRk8X*tZE$ms
z*49t<`>&>N0+TSFzRBxq(3pll>X|@r3Y@<Pzt<O0zQh|K?6CUAKf5cr)uH5|s3j<H
z(}G0?1odwDIYA1-Z-V=ykkm`>3C2EpCw(O+;r)Yf@)*N(uQ9aIus(FzGrMxDTAm>x
zhR3(bIpz4iJJdj-MSFctWmJSvpactue1I5Z<nmj*A;WgSpab8(Oqdn0f<*M~i3GG`
ze;%t)vhFNv4*K;W!Bv@p4WT!KAOA=2gi=SLynqt?#z8`dgfT>F(f=I$QUqUsjUFny
z<<PJr`#S&7db4X`z=e6?3=bF+ZCMa&z*YOl_zp$aN%4BuNXI_fMj-|=&ihE)qwy`3
zvh=s)Oh<h%+TW?*bgp!ERKVnG^2efUkI9^AWxXs>2SjIsFIwkyd?j`wP`uD#MU0xO
zQ}ep`Tb#$=%0{#|i8KLX=_sa2ins@VQ>Vf*tTEECGoK5%>dg|7X<@TG<w@DBa|>p&
z;T)@7@L2MUfmt+Ihoq*(yxxEd;u7ylG?HcC4%qgx6WwoKT&!nqWjobwdUaM&k48{p
zi)s4mG;R1F@QJmFbG1cd0c=#mg&XG<NL_}GuM{^NgW|HQVw;#{ZI^10hB9dooAEC#
z*)8gjsaV#VWMfZZdINBqJuOV(tJ^}9A{(p*4g?eBO`Dy5#t$V@l7Oufp#4AhAcCRk
zJn#3OY1Q$mp2`&C5{{Why|JzCtgq~t%vJ3J1}S0f!BR)NPO4ur<M77!s^^>!F0~v5
zgcM~_(MyaBz&Rqz$4d50Y`%cfq!_+eu9R3tBpf#7uX-SyJhz*7!Bx{m8@f6|OL)eC
z7btuhVQpj%hQH{V&Kq>CyhG4!x%@{MB|t{?u??1~gmP+h&Wf*?dq`1y)U~(bH`>?6
zKCMo@ZELfHyb_-)q@V7ChVcHLFZ3MsG_nT&*{$BcV1M*_Ekj8?eQ4%uM1pW;;_S$g
zM~C_ScEvx(=1sSEOTX4_;XRJ}9aF>TB$nM_ex|N><qjBp=h=#rHa>58mCp~bJgOE7
zYq$6a$l_Klja<)nSCw?IG5jPzS>U7QqrCu+1^Mh2J+O4;?mkY?JKWkhg{MRG5x_ml
zBwZ_@Way-lQ6TbQe7b6Us^@L=PiOdaRX>ke`g@+A62T#OJ@F1677{nOACJ4LULF)n
z0qYbFhJC(J)bwY4<k)>gClc9I2jtf+?p<yqWq^!OtkIPb-4?+WVoH$%AIf@2Ydsfb
z;Q&pQ@Hqj{N<Z34wfEc3ERGUaXTJCOhY)lnm{Us*TB^rzQ$%fJ7B!3ZCVzWBPTZzN
zoBouAE<s3P9nwKwqu;}^f4^&HBCO}Y#bJ8ZxfcRGs)qi*N<{gMdQyYWNJH)D5Xv-|
zLF4XXMg=@6cyUR5KZ*V(6*8^UC<+6t&?$bD;ISNcALG+pubxCZk^4p77WM(zF~o}j
zjb~mJx%CgalYz>dh#VStT0ZhPI)m|oGecRzOHwhDYdhBfE6ObD13c8S&?b};UAImD
zT1AOwtbg-da9KFFB%>!O6-Ft&(-luN%<%*ZZFK5^i(M;V6n=tJCph%nD6Etmi*Y69
zwx?mBerTckvF)1_br_)czs3v;m$p2FKtA+tZjm96NkGF%3Nauwr}ck-pgjDorL>z)
zVVX2^Vel$i6|&63%;BcheMVJ{?wFQ3K~N$O-5w+a6E>pp{Tzz6@$|gFF7{)bUO6Y-
z3Aa&LHJp2QUpOSlsY$MI>rfA8q$G)F^t~nvE5V99>1%d|VN-L#Px1@ANIwFOeUQ6}
zij*atUAE%m-{HK*QGdSXWjkLpO^iKyE@)QEn({pTc~L`O+qNilGHO2m^!1kwvrV2`
zSzAf>?@Qytd%2553Y0Igpg4-hDX|BA0L2AOp76hegPOx01yAZnh}Nve_n5};ImhlJ
zT6VfzuqYaaw6oBy3IF|r>Ak=ZO)Vj7kX0hO;<tB!_j{XwxF@|181JD9%Xj0MjrD!_
zTbcv*yx=bqBjP6UA8k4hAK@Q-b2DIS44}H`zkmjquN`J_0w5L~Z<#_WYmntQ@jF!_
z(rPdDkub|$vXvuhygMmwR`$~3&tJt!%(kturXzDy->}44E}3LrUxA96safgkg<M(C
zY~yj{n8|4^6;%Qv#Z6RHhZ8squV#V%JW_i3yak<P+UfiA->#$l>MIb^1%*FhSA@}e
zkhvXdim~FCX$@iT^hq*q8b;m%i0b&v!TgcIGitM=uHdNA-Gga46`B8?p#Pb4E3EQM
z<N`;ZJ=%EcpMMua``NTq30SLT)~W}8Nb1m#d@Q52+m{p25)$ZNoQJ6qRg7%ZAAbz%
z@81(iW!XnwVtAZ$3T6e&WL#q|t)K4WKQZI3gvn@JgUFZ?12tWsvDp^Kiz{R2yB#)D
z&2nI@ix0*P4smVBK&!C;)rKdGJ*;$XzMLTXFZIk=DGn|;<I3_4pTn-nEOo7Q%Wiy~
zpawX^_E|_ebuaqfO$VKX&%NV?f=1!Tvax;^yV=<Xv*^buWs9k;)33C#4IO6>(VSTF
z<2-L7_Sv}Q)&}XhO;|j!zX`uIy7t|kOtBNL$+-T!I;C(nZtzbX!llOpmU|gf<JzAk
zGCF4?PmV};rLzgn;f^~yOgd#R3O*|T$xf^`tpkdh%O0u4Ro;CDh%^#NSnH8{mWLqH
zyH_U~-t-rk>u#@>A<<@t626?0Tc;T1gmMgua55HaAE;^lK&IyB?!d}n`sETJ4$({Z
z)DuEZ9@8YVtlm?}BfT#{Y!llaSguC@Ok(zG8?##_3aEoTn!ZCbm|c&qD->p$m=`1U
zIyMwwxg$hV*|v<VIKR2c@p^MhKRO-Q-Oiw1CE||O!HsT2sDXPIb~X0M4VlgjQr(fe
z3Vv8#%#V#6C!f}3{r-b#7|Bqcy4`VSJ7Z*;W^PjAJH=u_ME<Y|s_(HtPx_b3fvQE>
zlmK}s6XQPH)n7t!VEqK6xm1g2JWvPGLlN&S!voX39Kgb-x!Wl->xwf=#a%Z3-VjdG
zWSU{@`9@FRrpECJC4qaolWZ=QRdChWq18Bf>Tr`n@uYs5Y0U08b<+430ZJ;G?}ipv
z7Pshtc=qgqo}1SCgl!JUbN5Qek;1#=Cq-ZQY>X#DQlGM9f2Ij9R`Uc!os4qGVLc$i
z;+>QPU7K#pBFFNR|Dv(kNg$qnW}Is5M;)@Fbq0Cd0!{)LtWY%CLc1kv6LkY*@ZILk
zlkIh;Ee<fs2S^+Y&jbaXZ@?D#-wlDBQ^}yyDlhIC6AhYFHb1=W82lksND1CV8rOwl
zX9DOl7Ao=`SLr%<=H85vix7YpHMFDF$FF@pYV*~Gbz{y#d_u%~HJ8X1#g5z(X{=-9
zy3fX=wiSyF8lF_VFeXmcWu25cIh@(}H*e~l<WyJbP+SHpY)jsW4vmYSgDl{M-OOz4
za2VB1GcvmaHL}%~@M@Tjzpxbf(6$OqB8ghI&)sth2Fk@tC#BCN=lhv1QcJYL@Q8a6
zz&P;7%Kw;%1LcR+qH?jufD9dzMQ>+szR+*sae>K$TXJ~u44HIieIuuC_@ugs;s_+U
zQL3?dJ)6pjx+g)f#$VEA)qRYUNRpI4#)e*>!f{gH7p5^^BWk(ip097u;PSZ7dX|~@
zw1v=cOuC7qu`$aDCPbc3siB-4515QUD&jT)WE)`dVh~Z$f8WZYj{}PPSutP;Hu6#A
zzgTA-LIbydUyU{=TVFmW)E~>CAB&ol1UCm@h;!tBLL_b;X(-rFCng?r53)7wolam*
zP#R$ugoNZvgX)uEmt^s~?P0zoj$dY7A%Icwvw)ydge0W}>k>&<QpUSTwGqaF<C8|w
zvdb*Nlub(==0tT;l)jb@J7!(JA8c;MJ)s6Zn6)PlftW974hWO)#*C+UYC=va!&);*
zvb7EoxkDc;go`+(=6u4UPecAe5H)M2Fh$2-Bkq^L=Rnn5dPJU7LE9KE^&etR{x>PF
zWdWyc4#5uva9n#w@jg*%zA%a^30dCpZ%7ModRN-hz4Rl-vPr^9=CFMqV$@`!_Kn;a
zAlk-#4s~VnTlq)0JkM<|;f@)H-`{1zlW!lFwYMWf*kWG=$`E#3Y$D8T7xL#qgL3WN
zs#(WguUdWQYE12U+L!V2H@kc9FX%uAm-`;iZm`gx6yb)C3RN_Kp;V=WW6{HeK~mQp
zmzNi^ncF}+CH)w8aDzkg?aFMaDx=5*EXRu^ltlG`#F+;7fP_b?^*_BXIu_ZOLg?-j
z3lFVK#c8X(bprE)@{Tfk&+kBdrg6MnqbeV;55o%);$SBC>~dfJ5+9i|)3}t^K&KM$
zgLTKBW3GNNkOA8S=S~ZB%M_+u{(rG`4ne|b!IEy<wr$(CZQHhO+ueWLwr$(C&39uW
zW?~jE;_Pc%bu#nI#HFwELjpGd!R5w8o{OuF={j*vJt@SdA8#Kqm+)8MD$%%&Ix6i%
zed9C?J3e^~?tb%Mrj;e-R(bo<OU7Sd0<5UP_e=>%hDzmFymL&cd^IOqjCIb}*_u|L
zOH1TwE1s}AJ>#cGzd%W7isAvBhSCvLzvkA<8w%8UEw}+{hax96dHh4Ga^;0#X+N6D
zUqJw$ra-nctu4tABeR2L#)^r_BA(DWjj1I8w>v(bWay??!~T;w7p%9bQ)-wj^~HR)
z9{b8gGroMD$y#rTn%duvTJZ~2F~=Wfd%4w9&_TN};H|@p5&BKzRbm;pUork-fr!z2
zliktfrh0N@N#uky8p=(qsyzI?-iRL_<f;kpav@tb$PT@e{d78S_!D!w{U<rQ6e7ot
zb1fBcu1T8d*Je)ToZE=76F6Y-!{@;*t(Vf&?c?|@x{h7mT9d{^GiYYuP>?nMMg9cV
zR&Q($;a-HN2_BtlD~3IcKzs>2);jFuzJkJ~H2}g4XDgx@oY4CgWku&2=sQ~a3Vr`t
z6c!s{pO#;R2J#u|J2{Q$V`}n&Dri|*uv0u<U>PCS0{M}|ThPT@(3bQfrbhFGnSh6^
z$9>=Y16u2w?#qwy&*S=z=57*3xJa`f2$Y&C&T!K~h7_{UT2`5jdqi@;Ps)k2EOOPG
zA0Zq(?VezMswLMci@;@SESnNnbD$;uks4+`*e8g{El!Gqxn1dKePVtm!V`~_#p_e#
z1T8BT8RJN+`?(2davz|x|NI%KGz8{%Jlzqb#U*%R_5c|Mbqib;J*T9jDZ99g2Tg_I
zq^;Y~HAagCFhX{*yUmwrUu^0Bg-i<+#^&*5S+OSpR3{+yFBC$-UZ1*;k1rAi1TZZf
zqt|r1KI!pB(a1cN>czZrb6D}V5m`HU@Y|y;@)Ch(^8-`4bK^V*zITWjWkjuSKIY`{
zMRagB4QWPj2WR#s<aFgxie^+G!}uaDE9JERvZ@AM@`d6lKG+&4ea0PNrM^g})ATuw
zX}fdm`O0^<2nnvh5DN;*nt0zNk95b&@1R17aO`k9@{mRG<_AnI3LTpfQkyRw2_lNb
zrAA>WT6OnIVTj1Q1kdWvHpEU0A07vDLeT_v+*u3nYAQy@0r);)FHYT+RY(anQ$*72
z=J@daup)OGRCJ1B;uP$G`?fsU&3iR1ze!8%G61h88=B-NTF4J-tpJK~KQp|tD3s|S
zPbAwkl94|(85h#Mh(Zd|-OqI#OIVg~tKhT^q^LYhx7ckub&Q^9&2l9%FSNj@J!(6u
zmVIYw;?~l*QmL<+g}ri0Fr-^56nryZhJ5+*TMQfsJe!Cb`86aSLs5urYENUj6ycMW
zY`2WZNgJ?Ecu-dOI4v3p3#g%q@*DW2VvfQsQ)b3OdTQj+ijig&ow;BPq*R<n@Y4CS
zWaGAoGzZ<T`RzW2DL*ck5@*zMtg2#Ijf|}1kF$Q~U18pi-?K-fTSYr8`Xb#QUTI?N
zt2K)~YNc?yQH%VJZVWv}-Xm}gz#qIHEG>%X{9YQYMhrT0%&tL;F9!`>x30L;@bQkL
zxgBcfb|_5iHpXieY!z7zvBQ&?O&ElR)cCAC;f`@V(L<PZ8uHuq*M2mz{T09xR_*r0
zi_o^1GwD-)KUPI5CK94=!m(=$Yu_#=H<Us)BG<^0;vYnfcrqpqkLX{G^KIU=9S-i4
zdH`}{T6P#wh&6dKfUKXY_=$ehy8qxvBoF2UgB%a=GYyY?xzSV*@fQaRcbrah5n9ji
zQxrsHc=Z%&en?ghe|}BJp>`n|ThC6r6a^8o1GZe^CeF9!1Q4XwWw=OuX*b``Fm)F8
z(q?WSc49y+)tOt0juY_V-tvPxwJ#sx{Bcl=1y|-RW>=QiL34R(+s@?4q;=?2IuDzs
z+my38q1RJDgJsr*DXD-r%`bpJbiIjRx<s<C+FamiVQ54nCmvkURgvyMcT;E=FG|(^
zVITJ~%2uz063!Z{;Af+fn6z}kZ^EW#D*3CKZpjX1fcZ{*goSGS_u&@rjpVUso{;|x
zC$TqmDvSD?G23pio8g7;i>W&spOyjf!71>r;wDV)cuQb3T}feY!r57=y#8zAN8m7t
z(X=p*9wP-gsWZ)t@_ubBzcDWG^pK^l`q7l+b>I`w?L-kM`?0kFi@I_^JM;Duj6q|4
z5H+cQK>4$EXG_Tx+BoKX%x~yys#?ae;G(B-EoV#l6(Q6mU`$W@ER*S5Q5`mIja3^5
z@SN@c>Ed7Vh4hRi)Rp)G_hKkbf0X-#9cDbRR0`?a<jOQb4R^Pq_jdPG+fV$(gv(i9
z5pvhMCY9>3{Uq$Uufc8v%b1_%_7lTF+2D}j*Of;dufDiTGQiGtmrEwOnDnFU>;3ID
zh@zhPC3P)Gt24c#1n^xcjENe-fp>JyXgJ`ak&r)_`A_Jh8~teRpK_A+hq4NJFpeBG
zCo|0Ujh;LM=_*%7#_;TZIFg0lk}RBI`G1>YOK4PPdiBr`6!;?U`%0L*(PEA7&{z*9
zi4sTj#49s^9u?!@nRQe!DQ_wQOAy{+0l#^&zqfvPqhP~&VH=MLtuR5@V-ibc*tI|c
zNBw;$5&nhKSVFPr+12MA*XNF&7QYF1@{hpBVH8lngmhLOyx<0<$1iL)?dKL$dI>z6
zuhO_sj9J@iEk|YZH7iQ;zNwxvT$`1tIOy{7S}*4nDl=<iPCj2kgTqD6zvkSvb@Pex
z;&PZUiM|HD8?SGNXRQTTORb_&1Kp3@fY~MN9wX1T(;2#TQa=#^%Ca`q-lgp>yN!8Y
zP~+qDe4XtB4rx{;hT6+v@qwgjb`YrK6-~?*_PDx~BS`(hm<DtQ74=TLuigazk7`4+
z$@|$d`0u7&dczm&sXMm4H`LltzpJen)8jJ~KxxEXxW#twqNuWIN={2pj$f+7leQDw
z=F*&*r0Pg8)e&0zjPdAif?Rbm#gg7Y`=?yF`rDRVYgt}jveW#TJ(lhVu#03gRon&H
zW6AY$zFx=peS`Gw7Je_Rm!80!WMO+WH`UaBV!p!i+5<(3v{KtwFObtmuiCQ*loT96
zzfeayV*M4}I6WgM$`uJq*KL$>l<cs}Jl$~@-koqX&kE&5%&vny9*dI}h&@<K47k$|
zo97IgXA&W2743Y!bDMd&(8$575jUiY?i}6YR)yCNe*9{pQUB_!W})b;xwSXt+hPyr
zEjmH2zV`XV2q`nXt<@&cx4gj8Osm1HetI=AtOdZh5ej4dhI{r2-=@`YEB5#&b+-vO
zRFawPbTD3=u_f5%p+_I$Dqwe4YMm^+xVqcJwllR_gygzSwcM0s&zl~Dj=TTrGg^fb
z-$m2D**yLhN5Y)6-%q!!4T57Rx#3~x3lFhKYi_<H778r?nN1lcrqxI_8hR(b@5<}T
zO>q<q6qzkIEVVI_PS#dXd;7p=Egt%YO~q(fet1S@Ns<TP$bQ0=xRQGKGLNzRyEWo#
zJVEy0x#=3E>VeOl-fZn-k&aPmm{;|(h75p`w-PUI<%YDC$>xFmx2&zd?Ea|hKRS^V
zC&5F?B&J{vJ(2ZBb1hcrO|IL$nCr9cN_&7UhSV|FcQ=`KO`4ZD%XD?pmdAw$gX>Ru
zb23Q-oz*+hsscUfBeKS61=8S@oVLzXZC|dl0pttEIpB@gJIutd)zN;KMpaewW*PZ3
zG+C519M!jp{oTWsrB~_ry=CIKMaFD2msBD_Oc^kA-KE2FAGo*~1U`A?G>|qj!M~LT
z*-Bq|H7qezdx^&sk3ix;;V1Fr`Fgx0dx}0)8s5hC?grp3rd~?<(9wteQ{E*laQlp9
zb%1O2!8S5uuzqc)*p>k4y>_vojC}Z|vPjRknKSLEH^lRVp1UVoM6OlGX7=(i<Lv4?
zuS5+&#WRQhjQ$tkHlfwKugb;M7_oNV7cp^?$L7o)K4^UJgu{p0z^n(syzN;h@!@gW
zp?}>vq=ags2xsp*$$ygRJ5%eZ*?0F$uqFCJWmz*C66C4CGUe*}eV29M`#S8-+D$Ry
z`#kHiN`Cul!4-nA%6o$x(ctGCjJzX)_Th434$SdWo?=zjDQkE-m}+NLaO_p`-#yX_
z75X!xB`vZ+!Rs#4>HMO#l6X7u8xVCCa|UOd=93zX%W>hLsZ0YrMb6v$<Et~aR!JlL
zw7FeFFP}H*zn(&1-uNKTNx!R~CykOl;o<v0(kWl*J0N((BP&=)d$NK2_Mpxi&W<mw
z4DQqGB;N4k5AfQI_`e4wS^qb^l8y2IDU?hEj2tY?4F6ZY{Qm_@MouPnrvF2yg`yX;
zv~e+YBA^$uF?2B%F*UX~F@@segK~CpGBvb?^4P3yGj{o>TTh4OZsR=C%5_n2RANky
zYdq3wyY=6@U2nbF{_XXh-7vrQzRh=ji)S6>uCn5LQQ>7h(@4(IkW19-pVz{tu(CZ7
zn49h&hD~5>S$1zuZ*5H~QU}1|2KvR?Fr1hOy$<k#D_vC^^n&{@14T8DKmfx6P+t#_
z(b3*+FaapE%2w-EI!XoyKxGQ5YNe&s`Pcl73^ecllb_eeeIpxN1AyYspA&$#%9bWT
z9o~oVw}y=xC=d_~iC|!21qcE$F<Bu!9syWBY?1<KBtTt|n+GZ|tGG9~3_xIN1<>3G
zt^^!YeFK2@*8qT_p^cgKtDMC<q)!9r9e~%r3ua;P>5e@=0$}kJ9}Q;!+}y;{()RZS
z%g_Rjv2~%z`F#@@%-X*^**~~&j}PR3Bewd7)Y#DUi*5L^_J%GqySY2C+dsQJ3V6?6
zl~aH2fA7Mu;QUVB)^nlH-oJTnUsBi-c*IZobM*!Nw02csZe<GZ0MN<toh*$H!SLUx
zhI!|o>@WI^*xZXg7MvT|nwY<2K-_*fi)wRo3&7^KKj<g)ul(C@^W1>H8ZTaKZ0I$A
zckMsymp+aRu61DA7z~3<&EHcNhxhEQ^<}8EhkU`rdZtD&2Iimeo%w}R|IeHNw?DRs
z%lyp3UumJa`OV2eR09Z>Ak&lvxA$x$ffxTWrXm0Q@jqCkzcz^PJ)*lme#gHmvA-?C
z-#_oXKkDZ4;?U5Typuh^_jqWq`?s(LFbTll4r7|<>tFo?ue4IM+P`qvKUM|QcYKmR
zeg_hq=U+DA{>k?`0vQ;YKSP!lbXHeDtjSC+j0}L7XPRHPOZ~3KRKoe$!DXm-^#%WI
z$O3aSqfdH1Qe<Ud=PG}#xnF#`g46?l(m(YQ{|aWQ@^Yz2siogF?w37^j=oK9ijK{1
z(pP?|#8$R%{b+v%5YQT3fZJz(c>-Q&YVv?1`@y^E>Ab&io4-MZzcVeZxq;bb(1M3H
z6S7l(=s*0vKOM^-bPPmlVCx}&GtmXXxyk!Gk01IWemh`s?ykPdU+=>|v~T{kKR7Og
zb0C%gUCm~;cSM7<q`XUo;8b1~!s>;!As9Xs3uT=;m4q{8)18}Kq{bQ5+Alra@p*=k
zpN-2-2dk%szvxqg67Z#<Ms7%t%;-Bwsh#Zq_ML@UN$>r!a^08&uTrc7KUVq{(1+|`
z$rA%}Aw9vabKEF{%G?#W&&$Zo@MX$5@Z9SKu!Sjt4mzx2;0{2L7P7zR7^2_zi$o^_
z7Y~d2FR(^;{CGBMtg!EJyfpPgO2?q!s@fgjo&oaXD&(@KS$I$XV<?BPrjRs<IYjUx
z>KDO4F?Wc-LInQVZZc+@$7M~=yK2C2r4bvMw1q(({36i>vCE2Hu+nVFfY}vb8DJPr
z?iV-b9^B5=G(HktFqbAq`ms+zlzi!lUTKc4Jk?@_IU|g*T7JTd{<+`aY&IlE;9KXh
zR*7huyFAr-D+_bq1s42_pe`k}z%6ddE>^W3;(5INH=@(AB*=!%QQG+1YK%+IQK^Xx
z^KVzJ3UICr0?mSO@c)RvWn?*o01*xL?9Cz4WuSZ!vw%!Zgeh4`7I{g}D+{~VJ6k5z
z!W8HD!E}-{2dv_5S^tRnXUEbwqiH3&u<Tk}qEm&T&Kso<^nFPGMMLuzsFjAe)h9S@
zCiUReKHZMXVk9xkg`9iVg|Qz?zRTJ<5VB#u{}|~Nd@=dy3aBIapIkcRm}0U=8JG(^
z%XHOQh<NIAWPSv(xBXQIpTU-|KcV>I_*u1t=_%}5xO-t)2c4zbiUGqC*^h_KXAj=3
zEBTcy2~)n#Levd(|0pGa1a>nRUaMY1hKrj9ZFy+u2M!|2Q4G}4B}3lQYBTJ&*b?y5
zg?aB~o2X5Y(-)XJ@2fV^Ea{i<s5hwx?YO=28LT0c*M;!aM;pvreFMK{&o%mUY|BT`
zuBk#C<ZH=>+Kg1bx0veZA;py$RvP}W4IWuUa#9UZb0bG<=(NKGvMjcazhCh@IDyMm
zzQ`>NE$Qvy&c8X=>mm82yrxIyP<%0Ed~K>XTVGA<0FTJB+5ebrm|>x0u6%VSW+5dD
zvB$;1pHkHGGY=+p1XCjbci^X-!)rBeBZp9jCRb)Bbs|)Wvu}ems9Je%>an;;1;rXo
zP;n|@g|_@aft78U9DnPYpom~{PQ+1o!nYv;JEi+)h!S+F$s=uJw0SMild^tXF#i!|
z6~^&KYWC?`gBN;Cq~0|IGw{U}T~Ye*lc^^HbY(>rZ9z(60oz2**oG>#pf<cyLeKD^
z#YHjUHWs3&u3|zxvCi?lhTk8SpT{~Lwd8ijL(@Eq>4Q;Jn%z7agBCF`z}wR1=d@+)
zCyEZ;(RS!In6XpreR%O0E+MbLG=_5x;<^BZc4~crg76xG_S#x#@*<J9jfZlWJgK1f
zXEh|u%FmF~C51GVcDoWq0FIgIM(KH=)N@UY<b3USacjnUvOpDE3^4ehdFFIF!Wj9o
z5}F^cSlfyZn68?|y?{McU;KeMM|jBlfq&epn~=S9t8`rrG4F7H$}MFIN6tl2jRKy@
zx>u-WI);uF75BAnnJ%n~W`TPwlRx<c6<qpGI<O+f8zwTgu~stIxLU+wW%hm*rY-!L
zzm#^5|FKJA7JokF6Y#drc`!?;3l1d5#4e2wh6MvR8OTCH(R)2aQt|4FD#1z)QH=<F
zaR5v^#+enqG!T@u<4c4}A|L&>6yu`5$OHQ;z~KR&MxqJ-@C{r71^1L$$BFa#A{8p2
z^%PTsXMQNqVV4r=5?-tNxq3OU`<6`Tg$Q+9oFY!6n@sa7-u0Jy0-u@mZ#<xRpz|IQ
zsLre69B*;Y8%&oOeRg|NoM&Y)I;h6MuwpkawUzRk5nfuYcIi37<Z8>PBE+V!2#GTG
zac5gqJ5PR^in5HyzVLn_yR{?_wJ3Hx2Z3h?z;kYHK-J_<saC%H8coQqK`(o2PoT%s
z{}qPOCB|xZ2@b}Qe^JZ}?l<K)6YZAL-_Jn}xX#LPKfp{Fv+(%5V>9b5gO{|dCvbZN
zuTpF$@n7K+s|y<~#H@^uS!e8Rrngglf+X~@Dxi!0E2V34&4Sv0^JmTM)R-dL*^Z3=
zZTPo5^<YJL)ntG#wVnyGy5DfjSmrxs1pNt`O5b3X{ia6KQwRo?ui%O&T)#n44?Eup
zpIgXav+fH@AAnKOxn4gUaLHG11krT->OX1Lr>n63>6B8fvWKK-yifPQl&?-&hmEkz
zn_?g43j_-_7K0R~4J3HCnBp5(DCN4xQYs_<I?E@YZc=h5sw<XQ3j~x>-ghZ}^Y2cg
zg6@?dFtz_=o5{Bwl#ojKoU}nR&lyWBr=hJw%8{Y`tn*W(v3qW(pn``ZiEK_5O^C18
zbk1VV#mR1(@Im%FCc>0bQwhRzSQpshmatkxGM?tA>v%;vkzz-9ygrucS$XA-Fr#^N
z7C3h7K4ynle)9$(3QuS7`@TQ$O({|{mW7cd?xysZx~2lxBhgx=)YY-eqT}(BDbyLa
zaye@{%}jFv`XsSR&hOvYCDwm<RIQlY+n&-lGIGJm##bduLrxpN=IKM+&#^l?)|EA8
zyhre1Ps^G*1V8dCR-q-fMvdH_I+0r2q2p-#0_+Y$wg`Q#QV@*SBL~she=VZVz`yo4
zdX22<_XEjbBCSL-<4wJR&^v+J@A^U1*q}o73#&=1Xa&v$lT*}7Act*aTScH3!bwNc
zaL)`1^Bug$?wNzO)SR2XL$PH^hmjlaCk${=x7M_NhQISdXD_n0KUSEuA6(dTp<G{s
zo8Ca0N0~i5mNG=}bx>h~4r<f$QcGu8^Z*n-%nbpkDQ%`)&Z44S69@FWY)KE8N)81v
zEWZc)tontvUcr+#9dq<eH0QW6nXzySTlA0{_WO4=@w~O*E8l(F*w87}O?l}BH<()w
zSZ0pM<2J3*w5&g8{h>j$!u&K>RS|H4>!Znm4}P@!pv38Y0yjTE;*~23;A}fd*7EVF
zjAEob1(p>`h>{n%{m#>DCph|%J$W^0K!=|XZ-tl((MXsGy|JcZhUKQ7_tG-<MuJx0
zq@xX->_?IVB^u}8*2z^`z0UsXm$|DA;E6JNpc8xDgIl$ivB2odM<>ZI3wr-9NM9wv
zsSD2brlXK0_sLe=w{CCJm)Yu4lew7X8l~FA(ste#`AbJ|_Oiigzmnw8$yz$|5}!8*
zd4lcoWEc8AVJxMx5`$|$FY`uPixp>8-GkOm5$g%!D%uR9qF<|m!5RuI7MuziReka!
zs22kXCL&zQimMT10RBKD$saum15^5@eAhDSlC5@2JhPeVi*uR8Rb!f%t(=+}l)t%q
z{2x0U3DS)lDO9Ns3~leUQT-Ivi%-C15+~xd2=87%XMOXufbF{Agt`XP15A*xyG(;;
zk}-%qSg?oA$o0}w2Y?bvUg(dNF!QGAK{nAm257igT82A62k3}zS-ZPv%pQFe*mXMw
zK3015dyzyl(B|MC<i)7j)GR=MV1?YC^Rl&P@w6PU=^}nF#zjGnXnE0ANQ&~2h0#`R
zP3KY~6hMD}8>DUPKm1uJe%AZ+qWW;_KB3>*X~acWSa12{#gLn3suB&7kg5SDDwDM-
zpDQqH>X+LH-6mSNz+0vH1-nxOL#sA+G{`hxhxsvF&b$va%{6uhdIyDgNk~~Ylrd>0
z2f@W+r%@0vmFi7*v763OO`raO3}HJe!4(^=9sRfkD+4t<RWa3o5MlTUI6dBF1p%2t
zIO>vwF!+uz)wUcswp)m`sZt=Tg)qb(v@Y^pa2Bm)?pazWtrkmiOT-$bCA%A1g%bo#
z+){H2tH28SpH>ZzelAD*Yv{1mib+12s~yw<?J+hdVs}tRN`#{%+dk0W60VA_@-uk`
zq4UfKENQN0hIN3f$&0w@Ly>|KR}5_I#U};h*aDTv5qu_^mfLBuyhSws^HxH^!`e12
zvy8k%zLgduAN1{>Ts%!@Ph)%{+F^h4g&es)w{nVXkLg-FiEwei%hDegZGN<wSPzKh
zqT1gZmTaMcAXW>+<C^JFw+gyFAFv26b*|H3d8PrEfaAX#ONLnI>s#I~{SsX45O687
z(|V||2^KK-50d^h3DUujw$GV!jPn>fxqC&5C&r5`*j7_~U(#o5<>t%$)uu=$_K0_D
zxkqoxZi(fWmvBWWIVqWFNP?V7L?qorAvh^ucK%e-kz`Dpo>V<GU*FU$bockmhI#dK
z_&BV=q;Gx|{d~f!eu@a9ZJ9<lM!7>x<H${V47=3^GT!g}@oc@sdP@0Q$g6}wi;ziw
zfqM7dAFv#Uc&Q64&umr?<mW5X=t{2UK$zu3VtKR;pgZ+B5{3c^X~pWOSRpnT6;3n{
zLJER~R9m0zrtl8{4DxBAKc;uCvsAfEWz#VJO6+0Uo)!VTs$Hr^ozGs;B9_3<_Z-ED
zbP3#>GR3bzb#M#F53#nRaiz??U>qN{6nQ8Oy%9g!N^;TRqPX<+%!eg~a%}A@B88|3
zA2_lkTX}~i{2`LkU{u7%^YJ24qm+2u-l;7w0Hdf<UD%<&6M>tyNV80QjJ3%48Jy~w
znVGCZWLdRGN2*hy<$aQa_4|kffhevDoP(|qphBD5EN1n@=}Gb_5;6S%tGgX<2ODra
z{8C@Q0Yx4HL-mazpM5^xUx*P?O)lMu8YTDtuPD`|rFp;@V%}`*nabLY_dWTor1XeT
z9x@UqPhy!n4e2#n|9E-YSUpKSk~ttYx+dp{1>&!{IT%%vaSzI-fAonF#tZ~6^>=;v
z{gIPfVHaZS5}Mr_hJ>D~^d>2r2ZeO|zAi%jF0dek^Z1YAn^axH1w_GG!V*uSoSN@h
z@NU!`JrHZ1qNJ^bUj^jvWBPPM1XBaiRQa)>ii*N8U>JY1$}hZcZbQjP@t{VK??Lg6
z?*0~^97Mi`oa&TPT%($y#v$+5t&U%MN>r9a@kD^M*7vsQC7S{qyAtnttg=2Mozd`~
zv3S#(_lVnxezJWDQHHIhEYp#(3<lJxl{hO;d6`-2I0IOhrC(Eo$lh<oP7Rfc<S@tK
zrUs)HlvfwBeCJeAtw^Sa)HADrcldK>ujWf_XK1?tndxzf>^0tYl{@{w#!ul%fw~R^
zPeW8e_8C^J*yAH>qWDa2i3Ig9F6kL9J7bSrnTGx0q7$`=MqiK99;@tcP&$37e?9c>
zu53nJI3prk$JkKw)UsYJ={er?*dvMdz2f{PUki#qZJ?KOmzG%4!D2%2!&Dz5hJ17N
zU>V%h&gU7CnP?_E#ZkO{TBE8b+n)QkeWJ2Ta4$9_=r~$jb!63(j-d?sH*g|9GmA%3
zC~uB^`6Yl%L3PIqeSX7-9mkVFe<NbCs!k8vT8=iRnFp}bk;l=08<v`PTvlQM*h37v
z>Om`Y?e$m*h5s&&VYro!Mljk@N$12I?Ne@uGIJO;a<}G-@4aLyZnMQjXYLG6Ap&{S
zO|E)C$%^P*ca>&6wYN^9Z`TyhDCSxvjpDBbfpkD*SRX;6ry9qlDY+Zb3fG&L#1)1e
zKjLY7E0-{?LSDUtX*bWO1mEo4$S#OeV@PHTOU$ZjqDwmmrV^m{>QK$&rO9usIEWhL
zaf$Med$v124qjniOruz3gA?xX;9XXnz-p>IvXRv;sqH}vsmn2VFOaAiFI%r4@|L-Q
z+7teU$TQxsaV<&x1>Keo2Ghm(ALyxlE%UR3Q*#`wf{V_XJwUyMnX=kWaz@IrX{@8D
z@U;Y;Q0q&IsWfB;d!Wv(Bxd0OdSODd6;Pr5c@wL<j0ufJUx(EL+()kYu#c1Rm~2di
zG}AWqT;^{Io55@HWG<wJyAzRgaCk6fN;48?Gz-+l2Nk-uu%cAo8>mY@m@<w9KD!4W
z8wX)h%y!U#eH~IudZk1ShtJY*v*q1v*-F1ertAc*Z6Q3}Yw8LUH^mD~C@+uUqZyiZ
zR0^$t5{#v*OhK)NFi5pcOwz9W9@qs*TDLISreqLAZou#<qjmc8dK&h=ywGz#7qwy3
zYR|1(7F_EWNC|i^{HJ~fJTz=N@hA2;Nuu&RYUSvmlhL)w#)h+>fzg2gx;3=FM>hIZ
zg;6KsRME3y3v%HCODwr%&Ou(q7U#{K3-$Sr%jBDtqQB-a3+Y?G;;JgMJ<F(>7(T2j
z6V0fT1vj5D-^Q`v1{f(6NV2Ph^2mv?2$f!*kivGga8_5KoDF=JL^Xu397}Wrf0$x(
z6l5MnpdcGEjZDAMoDj|<Zp=rG^y&oA4<|i{1=)$we!O6eqZ4x%K8MTSg<Q3Wk_&uO
z!az!7@~6>X;w)w7q5e`{=!FK^{HMj#fJwAU=`7N0;ctPS2LV|SQWwsMm63oQ>s-y{
z?RSiNrqCEPt6ze&6c25q)Eo$1XEg<BlLx(HfL_HNO5Z?WFq%j*HBsDP&9|`Tji;*G
znZe=uWyi%OP6=DdJ*vCKCOg{4eG{i1z@O_rD9Iiwb<i&BX~!e7)FvRYA)M^;$@vJW
zcO)T)Xrk?;bRvY7rXaC%wLZON(yn8NZ(EqzKR6ZxK{DHNUoTj|*r8}OC5Vm}&Q&|Y
zqpmE)mi-vlpeL<j)#LcYDTrkhNQ-x9J@>y<SDiG~kW(9Knw?X$xSiCT(P=|7tUOJO
zG<S2L=PT_=fHmT23o*=b2nBOQ<djZXEzuV0Rh^$%xr+=6wKNY9k?wfQ*QQ2KBMsdA
zZ;rKrH7TllqX$%C&oha4<gR(QY&L}uj~&Kw`)Qz`2yd<$T55CtM_#R-H%#`rUS>L>
zW4RdpQb1c;vh3V0xc*W<08vFw38SfnUF^QpF0U-FsYaSAEQc03XwQ|yoRb7xPQReZ
z1F??J8BEH<-?%Xv{JK?%#^_%Sz)Tsz{8#IqW~az-%)X6F(#Dm3P=xA6Ic}xeNqPM{
zO{S=-_YmrNYN)EK%88HQ9l%tO#^e+|kkJA{xT_(W71~Gs7y|+Guhb4{OL8Pz4F@u7
zvO#SBSKL8+bt1J?XBC4r^~eq^_bSa==V%r(6O>-M|D@6;+W32Q+9#Sd3QgYxZZrmw
zNr-p?M=LWjK~UVV@79c`x?{q@nW!NB&VZN?ENx9x6UgbN00|+Ftq|2=4YHKBil9-H
z+QJT%AzN6FF}c5<*RTg|!;_0aMl!T0!sN6#G@q2DLSk^tTobv%%9(MAB$o7Moied1
zhll}wJ*bZg6`n7Kxyf3oV^nMFx;ESBO(3#8M>&wW9cx2txjqk#)`I4J!`HkH?^lW^
zAC{)y3!^HIN8RRr;LSI{<B#H%YZ*6#o@yvc%J=&sIld~9v&qcq4*z&}Swb+W7p$-7
zVN8}(AsZK3DI6P|f#nJ}oJ98`;g_+kx2J`c`r+EtK-BkR{uzmZGus$q)@?RIc5{P)
ztdyfV8uc6ZMC}nfSDuBJG!JEp@*Upn-3Ad4hA^+XIW%C8tsO7*X{&Xk7FfD`72hQ@
zo7o7Vf1C5RqhHHXeStTcYU`rF*eo{2nD*BHmcqgOyn=K@FoK2lWGeK6w%La)9n1J+
z!*cgVZEd<ujo*5DudP47WP;7cmMzSeukYRjb#F9m%ypT;cUwHwOLJl09tNdawfa)|
z?;V4EsKxYgPz4fKIBM>(8UCS=nE)T1dpB)>6mBRNcBhOfx@vpb|15X<kjqX@F!c?V
zbG7OdSLH7w144b9In@S_1%K2?DUz0ACN&I(;q&Kb6M+>!VWGPEi)(cMj#J+GgeMo*
z#9%{h(6M<<F|Rw{_jb$b{>287ioY?WM67lM6TtskrlLl-!F}wpLvV;Kq5m1-_v5NF
zEO;84F2GF8ne<-AY=We}M{?GH+Oog7<W`+b-{9oC3hj}@en^1^$~+7z{&I0bKFEr}
za4{&QZti2dy{_gv{T%G!If<l>1Sw+7LfxI@e^wZ@K0ctfh#2?vS|FNlfQTZPS`Oc!
zlW_>;pXR?_YgA*{9&+>EnU5mnB1bu3`h1KtG`~ghgeW-ET<7`6qIckVX|C@wE6VYm
zAs)9~W#Dl9EQ`E=w<rysOjYW*0Q>x-MXg9}W?*J|5sN^ed@7J239MWWWP-%f+1aHs
z)n}9t7%|zG6p*21s(p^xY@4UQgmRa6x-LN)%mim4OfJ6>LMta-OriQ*8XC_qdOpK4
zouoo)f|!K!*X9rL?wAhB0#}#mFN`lnDED!ARXO033X0blUaYKDc5^tbF8s1QtmLpM
zk>+?cIN5(?Jif86zu01}XTzV3++-$4KHJZ1Wa!G0=yOkFoQ)Ne;fec?PB+(1yze(T
zO|q=961@~BFkYet1aV810SNr}ty3#-KvEM*7K8m1b@Gnr!ns|$(k9#)Z(nlBDH@5-
zZ^DBKa$K_ZiCApCB$<Su6=hp3Gb~dP$F9bW+T6U@>i~UyiIc2U1qOa3J$DtY3$-@a
z3BOlAhOS7yEtSd7TM`C(VeS@)n1#zUdUG@lonQqYP#XN1+@SFkEeLBq8|$+|cx9o&
zaeQ?^SVgu+nt04|Ps2KNF6aB|vwnoUqv<xmlZljgA#$|6d@XfCn&vVSFX<%V@41^3
zD~JfKo;RQ@5e{jV3~UR!mUVKH1Ne{lADOV10U&dX;e&b~k5k&~TTw(~qJHdeP{_(k
zx&fub+<&eJiFShW$S`R2<VHG4iwHS;WHhtrFbb7REAJ+}XMSPVvQeylutK7cR;4rc
z8ReW=(<cRD<~3_O1L;MnLstp0&=rD``+a!wzLyPI_1e{SGhP{y@~%rZeKhu%KQX+*
z^DJA!S(Mb)sSBm5$BpJqsMdh>f(smEf-~>FOT|*S9hwN)AeWU^thxl>tN1@QQI;Hr
zy^F<XYx*1|xd|SKSmw=9;p9z(&4bcl-9ys7w;X_)Z*N=tpigKaa!aSepSAO}L3_(g
z71V1XeMe;YnGl-iynPQDrJn$yt-<etw-Cq90dllEjwKaproZGsZ7luW&(^!-eKVrP
zYN-kMZUM`y9SX$1Ik-{Y3aAdcSvTr|G;}fL3V2O?Sz)E~XEwtgia6xY3>@q5X@;Qq
zcR7kg*J8<QY4tnz@{jlORC)Cm>9F7xC`??in4~bjlqzq(n{A!n&IBk`DEBS7bz7^U
zYz!TD&T*txUgFwnDqm43N8ebuW<p8?Xt~Dq{qiz*Vbmk-NcT6PAzV-eFh|jT?D$pn
zH<NBnpX%E2*U=g)D&ZX30A#WO2^9<Xfr%5?vrR=agZ{n}%Sx#?d8YSC-04F9ah8Ii
z#M;Y#$6+4+1;(+&N=ZnQ@8jZ0ned4kww8PKmKg(y&w2XN&`4ofq%!EBYp?c+1^s>y
z9W4>^+I)FuA>!=bfYHt^722@h13KYDCL;D+2i*=m^R0n&QI=Bny>WCBvY&KqpGA0$
zml3H-+r=AxY4b(<rTf$34egmmxP)5bA_>trtvkN^sFbRTFGy-`#k)}`_Hgs*O&v)E
z?0m}V%y}$&6dPywN@vbISpGZLPq@AY7$n$dVGncdUO5%iqtaq^#H0iVQ2951b<Y-;
ziy-)PFKxXLxl6{GUR3(P9%2E)eb;>y7bwKf(>CX%qO`HhA_lOAjT=Z|rD#|i7qW=L
zI;h2Cf2z4?ng))67JxBUmo^ngCbB0=zR+i#u<C7dxO;9-j9t~TK1MQBn^*|;JhHuU
z?`f6Y*irMkh6)Vhge33_SaC8oAA_pYvt<uH&a#}C%`-RR+;MCaQ;L6}^X92Hbxu6?
znXloIVXG3S_;{!PRRM86<k2UPuOd=J-SPJJa9xFj*AGrMy4M$=wjNA#PNh9pOk;rK
ztLZ=#N<l3?&BTUEVAhU~F*l86zAqoB*WV?<u=q09RmGdW1+gE8X9PP&-u`e-4<je<
z{e9l^0UCY;52{;YUzy=&L76kl96{kle`9r~63dt0(jWkWiHM*_!0f_%-xEsVn>Ol`
z@?Y5*{4&*D^w^el+cTdbycmIl#mScM!#{+`r@S>>7_mQ8Y~S)E5mzKIzK0T-mXna?
zx!`7(sOpA!{KGZjE_0h3j;lQUm{4G}@zBjX1*+ExM$FNLk5VBJhUCFA{Eya!Hx+<(
zz!+_Ir$-d1x^IkjXXQ0_p*@dk@3tKH2ux!#30EwbWgoOwq%A7x6ldL<B2+aJ=!kRP
zgS6NF%G8M;i=A^)S?NA>QKsi>Zl6iMy?@;k7&&`&YWXMPB)uT+@;6%E!3@=gR$;8`
zg(Bk1zC5o>%%&A++vzpcs$aRVWamHAa8Xjrn%m}3EwqT>XXnnSl%r%i%{`|ki~*H}
zhFk-en~3v?a7(Y=uMM346)B9>q~%a;J4PqyZt!1@^lP8_GaK(;$WN;}JsjTkY<nB)
z6T9)&2}!ex0D|Cw0SUGT;AzdgtnqNL%;3%@1vi;>gnEhkg7dS$Y$s_fM(vcein+ce
zLY7F@oOz9+Ahd_`5a_YUhw6^JYGO8hC5O&94pZ#fjmL=wf|-rOxUATa_159z>7JW9
z`?XH`5%7|fz60@Yn%mS!(2~=usXQc$g`I2LYgb7_DhR|`<_ff;aA1@!7jQW6!|F%4
zo#5LULRK4O$I-53r#ZL=9}4~m0fGzsPAY1*oqxSvXEp}cim390tbFC_s{HMw{v3Kb
zfBeKsoiNczK9US?iWb2D%`AjX&`J7GEqtl41|ZolPr7SR34E+U6rjTDs4^0`pgFL~
zg+0bz36|vN%Z$CM<K2fKtaS+XR1DKky#ykA)i?_OKy5?UkWWY{x+iXkkk^G+$UZa!
zk59b7P;y2@T}UMsMkI;|J$u}A+HrRPiIhwmI)CuZJhkqlo09%9JcaS=zB3bo^k!zT
z>U>T+3MNd@vqVuwD9i(dOVuul#AEhEj6Z9SYkg#Mdw0o|`K>qQHRed&-|`GzID}}g
zHjpr&S+%U7-j;J;M$atfEZ9Ed?ZXqF!u)WqNLR%M|G>zRS3Af<tE$iS)#&*bUGq;~
z#(y0D=&zL>?%`=?UP)a<?zgc4z4@}nSDmC@B3(z+(3+1ZBQ!^C(tDMpkANwm`L<YO
z`JObKrM2;gs7U|6tOyDN=D6MGB6GI+k})MO4&Sa7MJBG{fQCMeR)DR1?*FntPADxM
zkUHfaJF$CMZ!AmrC~rOBQ06p_Ok5u<2+$Tw3j_{}G_E?(PO0KZ%6+%dtzmDu_AHxw
z?>zJZkE4ORiFupGGU{fTC4Uu)>5y?%pU1pRzhyu6TMif$fGhCFp1ZdsWL&y9x!a+$
zH-!+IN*@995)OL-EV?L*)&E8S(VuU0g3-WI?;H=sFB@y#JfU2aLC-k-s}+#1>SC&>
zfXN2Gk^~#E&LF1JCP8zcLa3<d7mQe0p-t`{$St&|u)Eb^US>V}z_s~2FH%aKm<OCc
z9=k*g8whX!j(lR4u`CEy$*OkDWlTa>fZ*(*a7B7h1e)UZ6r1k&aCiHm(QSu)7@Ff^
z*!Rj|Gka(WiCKw0Q71TnWGW!H7|ApdRHl=``b>+Y9K^wGP=d}yp6CO`zjJtlEIewq
zvn}-Bq9PA|_Gj++j%<)Mh}Bs|if)=u(=|4nNx?t9WMnWmfoC<879buD(yUx}j&6G8
zZh4R2DNnFbr8^m|io(O*XWjp)!7l3%1uw``Oc^@qX#(4xa<2IThRYBUJi~D$=w)G;
zP3oAdk3`e>hd@E(`TA*sTctCCuk?Aa^PAo|cu{W%UW4qUY!-Br63Myiz54xIL~_e;
zP;)03zIxkSERtZ0h<q90GV|1b{8|m@mI36iLi2hF#*b69N13JcWeuBLpL!G#`xa}M
zp5of{O&xTlcmQQQ3i@wi_`Knri$Ro@1(!I<4?rc}PQ(&~qPBnko$Ms@jD>J|;idaw
z(%d|qI(xC-FW&|qA_2Mo0-N)wOvG#zz+29srpr+M{QXH_52UTFo8_N}(Pc15Bq%K4
z?W2|tAzC-F!m-RavCTz<MmFm9^AkQR!378xD+f6-2ADEcm|RCPq`vtBI-J7raCKGF
zRO>$q=(CGNq7|+%b&NX*xMMs+EIM8-Rr-YF=6j@tmMao{=>%N)h^XZa=6t+jrHoHq
zSr?h{obUGajoL>j$0(*y{~1bqY01+Hzh)Zd0wZOIvI2pS)M1rVsdF6M(%#&)2J4~p
zaL~Y}u^asXLK3Q_X$yDxfaVy_<<2xD>ijzaTialAsCE6u2i->cod|h)jPf!Vo4PZa
z^xk4{8A2Z2K<;Yya2G=F&;nMpY&r&6y>f{hZ#-KfPv^&AjT{noURPcCMd@agh4UdN
zAyeEb{Fw#_{?h{KsS%`l&PntKb5t{*pvtaJUWB(2d(PYW@2I3tzXpDSqqLaGFoFo6
zvxOh!y4XZ9>z{?#tH%L7k`H&AN$rB4ToWwr=7_qipI<TOgiu&pMmT?JUdOH>r>>OY
zo1ObF_-uS-a&b5=(VTyKoWZ-472%%cXSGoBl>d-#D4X#Lyx6f4#qapYI()q*jd6mG
zQG4_*iuZ4EhAmikunz<TZ(w>WyN#uEzu<4lhFIiBf+&OuImaLVF?i#7-v40e#YVLV
zMhC6%C4nCeURkwOTjHJ~2{PEplSduJ3lUM!-Ms7Ek{wMu>Tusla(!cCK{^<|l`0VW
z=dn<3igJwrdV3gncEU~UBgz$s#82KJwj9_ih{kX+%rz)6C7|ZH11%3oY!tDGBmfGL
zIA#jc0Owku6=q}-wHgxI=I**weXiIJBNyG!?8VF^%d{9pYAtnfUg7qcXm=ttl9Len
zaOOUWM!@+;(<W7pUp0!8cuVEUcBtl6Mtn(uW!tsrwz|xtW7lP^5~cWNPOzc|XRuC%
z&E;U@WfYXK?X~!}x)He@c2Z4=Y~zMxRZe%z&TRyuVs!MtW`M)AfIW%wnpycc)1^`4
zWI}anLk#x;--kx)rnthuCT6eiAnqv9wr6Mf*R3sL5#y@S(abRonsAX2?6V-FvXTRV
zda`_B{Sh$qSyjslok>APAc;#VX!<yebRiy<R$0jYE&vIBUkV{K?RaBI^Zz`)++1h0
zUqg%S_%`iF%)`wHg)t9c;qCA!&t6eDw__M<VYQ0|@?r8=AV*{2v*qfw#Ug#f)p|xX
z&$Fiib(!tfB(4Z##<&xv!9<@{HxR4q9O|t#s!n1cE@O=<=2@_&)>Hu1n=&EkB#k^y
za$fQ7NM+G<rYJQZup}&XwA@Kgj_fGmN6fHc#L2xG(8zk8d$IT1ru<$LN_c5!IU2p`
ztroWXT!+@k(Xx#vh*!-0Fj8-Sbb38y4R5CSis30AGLcHj#7Sd=jD>e~tEdEGTkShT
zhazrN6f{7}W}Fnhs^l%1C4mF{dOCmV(LomE>?Y|I3M{4%KMY6p$99uAcP0KHf#H@(
zT~nW}8a}5e4Q|+-Mxk1ACycDvbiKiYE|C-LgE~EcSvQYBFP(;nlflvPg9-aKx2p=B
z_J6h>G>ODCxDugPm1~6si->gQw1=t|(}jObeH$)=np$w2yDTGTswGWi23=tFJFmpG
zFPnzUO|#6@X&S-IJfK@E`L63nv&V499iV}gO;V!qDjVd7bHL@ZGJa7pOXri~1Q53S
zdJ4sLPP89q6=2X*4;A5QP|mlt0(y1#y!(}Vh-*x5EaSRNUO!ji*~V5R{}9e@v%$W<
z054)iKGtCCPEHaE+IQS~3x(U3O6oWC;8CD;gmS2HK1a*n<)#}@WD($}335n`(<|aj
zdxCJJPq12qU{7KUFfvW8uC-4NDi4v0=NRPlke-C5$Ss9y3n4tc4n`vA=M~ope>9uP
zd49W7{)L$0WbFfvBVM(la8~3_1~<x7LAl&&OJl86(6f?`v(I0n*ft5GfX69T45$XN
zR$v4qy8qa#+#FSv{3pd{p(2mN+L?F4J`7IJG2GX}rG5U!1Z33H%%<>tr`qQnb!j_x
zPgWz}yto2E#tyR;gNJACY>>Wo;KLLgQA}9XmG<~W&?KwH1v8NzZ!}m-yA^*1c3xC#
z>P`ZIWFpHID>pQ9mciVL6ti}ckoWA;pC=H(2;Uk98BM>g=0Y6u_lA)rGTnYpg`3qn
zs}+3R@`u;Fh4tKfk~%6rSFpk~*iKT`38WJnW=lWC?J!tAYiSVz!jfH|EoUuwgrgH-
z`|-ER8AQCw+X3g^ZCt4N#_ft>E2t<FdgcgSJr4|!*TN0npH|qObhy@!E}7`R3qe=;
z?e@VKH%vQInim=3;3u<yzmqKK+Cyn{!U{JB6*_!%nnDUDky<=?zXLJy&vho7JzqRQ
zqEDbkLO^+?DAo|yy{oo}1QoveYHXloSRoG(Er-=1&P15z!23DXmie`+@P^YrLsb=A
z?6DF4B#oPJ>_7#T0i9s3F%tGVlC${-@1Zn_TF2-T1~ntMV1hnqMEa?+Jw=1K3z2Rq
zwb;z_2C&JA0}7EY-Jw~pYoRsA9{9MWyw8tRI#Y?InasKi(j>I`(%^7iKE?7f^A6O9
zDEejhdSFyjx@{{U?&#I>AMqs(zx^r?4owt~YURkK=+EZCMS8UuhoN{eLpJz6*?@;#
z7jGT6`0mer_pd0t1thB!(rZT~zm@590j#esb-DB)b8JwYSDy{~uurE8&R915VOD4S
z5Wh9KL6wFi7&lmKp>Eazd)=6g$8s<tRTWp_Vw$1u7FHE1`|Bc;`&Xn1;OG{fHT0XY
zr3cF0I!L0!kfZ*%4(ZPP@|{a;G)tP9E870Sc8+2&w}Z6|72B%Cz!aID0q3<c8q~@5
zzK@r%p~EnUa{sYfav&@*Z)Prk(cbA0l^ezNh#(p=U;)Lta&$pZ*NYhb7o&9(x5YsH
zW&{kLu{D+%ct?Gn{)HV)^28O7eWJ*q7?GtkqB9-ZExA81t*<srXsD%TE*9H5jNiix
z;`af_A;r*|Ve_{7{)D#Bl=`R`W8NW~joi|>wI?FqRTqUoJa5^0seSkLbFtg2t1^1r
zk710aD&CVvwyupV`aW@zDi^k3Z5=5t{BSQz$gL|z`U(^wlmK7X{3usET)!Wv`{WB7
zN=h8fsg{fgdVK~S$l~<{5YbUwBwj<HUCE9w#Cvl(W^sqH>_1y>J`VvfJe99Cz79sQ
z{P#Gvi8&@^yRq3{`^mONA~#N3m72K0YWdt^-hp}AbQXjALno_O^<O<L`Zh3Q1F|ZR
z`Kvuv9#6HaZE?kJ?o2$q<>{nJ=4FLL(BP0Jb~HSG7QY(zzq`2s58VG;(>VaMk%IIr
zkgW8fvHTY)<p1tJ$n3KwTkieavs6@H>T@Y2X;IGEe18~^SBvhh68+{*F$nWB?Lr=V
zeXj_Oxxf9+5>F|Dh-(V;lL;6?G)1eL{f!lwj9a+%am2Nk%P45Daf1G_J;V71X2Llt
z1Kga}uL579vgxR3&&-V=bgu(Aj<z6s=LIIv!;N4G7x!0ids@JezNU3GrK{^mfciIT
z5nE2VtM|YO>1x#_u2~xwNSQcRKIZw&kl)ah26`;K0Y77E>^vPX2nskV9tV6*UmjF_
zm@p>y84UB|gJRB~O{AM56Kw+oDPQie{~P|L`V3iu;A;^*e|byQ{4lqsr|%*>g&N6t
zZSiH@U5~Np^S*^OQGmHzaqV)@8E75TsEwQ15sFXopsLI2Fc0H-_qMBbun^*~s=7z=
z_%rHl=&o;)&7+h%rAX?Ztl%OsH!!-Z5ELuqdU7|>Sr7eWtZo|~7?<n8QLcG8B)3yt
zo+HtI%*C8+Y`5hd0+p*8b4jSJS^R+C_^n6I&_~ao)`!Ae^!+wrGM7mP-|q>UVUH1L
zN9`Rye<8W=sh;Q$iTmX6{UPF@Z&mx*j$s2`29x=g`#1{caN{pQi=u4j%~SZgw^-#5
zC;pNfG0LOr!f}XwDE=m<2*X59FofQQGSr0Nfo!SvVLmb3QGNg-*LceE=JeI52JKPu
z1?(<r?^}1sW$+r5leUyRuf!OdA-bB5I;$1itv7MUgS7go>pGGDTqg$wVJRhiI(&>_
z#M)+6QF<mZ8@QNrgkcq-rT0^;(6>(T@}f34Q^(w5nP410(A&N#FKOW7>V)LI#KAqy
zfNe0<9NaHC`-D8bNP&z)a7bEsl$k=`9l`Q|G^OOCgNVs+7ud$lwh>$1FC(ErGc&}5
zpKR;!p1WTygCptDUJ<lR>&xiq<l#5d*XvGbmuZv!H~v*UxMaxP*kF<WOfi`<nFcy{
z`l{%u<UKXZvaxnmBnpdPo#=r!%RK_W@SNsRq_uwLL|-B2lCkF{TA=_?XEo(@Wtj~1
zW;C~ZgWDH0NzTj!gYzhVNkF5grtK4#ja@XF@I?#Uc%#b*?IS@--4YR7HL(Z$9+c|1
z>9qUj5FBpbLJ(SEw~rRlUfP1^t4+e(-^E3-tD5<%hDf*gKa8D2upnL3WuI-^sAt<o
zJ=?Zz+qP}nwr$%syZ(;o=*bt+J<OcvjlAdVy_V{Ld>Xtx$UI~UxqVF~>qO`nrdNcz
zsaP|0(R-T5v&<QT5T3Nco&fmBA`D*Wr@_wzO+fcV48@n=sCy=4$n{;vMX=d0YUuHR
z=!N|6%hed}MM-3Y=hX>?w!9UUR`c?)YdLQ(O>3rgiUV4<M%)ICmxA)bi4c-LW0&W=
z0!|8vntTezj!(G;%;S;M0K3CI?~!);zMHAh4H(nA6+e?VQi4~JA-Lh_HYtAn>_8w)
zY2x7AY|ARlbiT(91VQB^ao~f`frz>^O$y1Ib`<eed&gr*W;bfJYul_<Dqqn39(Xq6
zrg}2aj}eMtFWHHHRB8fEB2#A(p`YaBN!UZtMW#8YuX#xa+Pyoy%ZHgHf@4n^_x50#
zPmZt(XLN||k#64|G%5EnH&sC}>ow6(w#5{X_dkaADukQoduIcv@%_|nT$NctI|ZpX
zgaR%XJ4xN<Xc0d6&{NYz)wQ0Iep=sP3Q0QeF65v%&0fOPlxdI@EL&_<5{SHUh?0de
z)e0^8MflJ8v%v+2Tw^!{x#hmFZ)eZ$H|+X!Nam?)nr*}s9=1KPi54KI9SXAwSp)*6
z>2xD8T&Xe0Wf&_Sf~leue(NyrbU}ETpzz&P$#QoRMhVtuOeM~9f~bNxsu<L^BTYnl
z7K%BAp{eZ<VN?N%p{T9!YKcRu$H-ge<7v%d<*KnL1tNoD1+D`9{)k=vkAZc-vH@jo
zt%qq#1Of1fqUrU6XuLm4EEtt%CqndYomtuKBAxaZ9rp-H$ASJ(Q#I<V8nK|#B@2_^
zHFty#^Ne6^z@`ov-d|y?H?MKJ<PF?mKlt1yJ)X|k&+g_IW)y$F$FB4QW^MJf^>pF>
zaw}rPIR!F?$2|xZ6`&4%aT$YBnTB*Np5$r^Fc0W{Mj0&g$o5drhg6E!(Lx&&5ep;r
z20GLCm4rh$mwsB0kR67LXbAOs^RZ)4OYisOfC2faq}#42C+`&WFa!h*!GChZPS!)*
zGqUYB=v{skGry0}#`8Fw6vf#RXjOJw<G+OMs2O^^B!?aAZK=*5$TSO+9dgMwK<YTA
zKXqQAD|L|rU*_`cD6$8pe5|{=G>?)_6c-5X#x&jabskK0;*P<<c|6-+haooQWV+iX
z3*P%g8!ctAZ7X=My{2|)D9C8ns4tl@TJ3F%ElaSNLxPKs5Y^xcW<H_A%4xGvM#^5V
zT~w8eKHv6}6YJYK*n=Z;OG@GSHs|xL2!w{r4snB(LU9LiAx`>znYfxN&PT#plBX{M
z9;AP+%!P!cdJDClvyJJDFv84(+rwyj%TV$y0~hePm=Y7-l_d{|HglhYqY8iQXY0e_
ze2y}tH*&GGcHCU$-5K+DQrP&Ngy=D5CuG-W>dkodH&*2dGf8nDJ@p#PY?S@c7X*MZ
z23u@n37m0OV;>m1t6G(DpS^INIPU&I|7j+DR-}I!pS;F4nA`MIS2Ar61<D2H(rK*Q
zHF&VLoD4hYzcp<yB4KXLl7i48{;+O=CNM)3|25{d(-CmA!garNFM&n%NFBRbjf<vL
zs~MRm5(!MVEs6g_o0jZ?FqvCHzB#vBSHf-)RuF#B+&JQn)Xj~yLxb2ofh)jk;zUr#
zykei0?cSN$doU_P@tleyKFfC>(fLSR7T8p7Da}07BDAW9xJt=BgJG@#ecR~lV<geJ
zFHxPbRc<c(U1aq1`y#FQOrPQ&ZT?*0k07+)Q?Psl$D5UdqHPxMx(oTbwoAVVI1$-c
z>8UrXVY5k^0m3?b0@~tAE0tvbJ(qZuiV4Y@XNPLu^}^KKG9p0&G6<7ogfi=fa$A)v
zW`Xw-dEBSM(j%mOJPILv3t>cwO15$z!?^xp)QdFQi5`W~jxt>m0fdR@vI5ITGD0~R
z^%4eoTK{rX8Tz^YO!=U<Uzl-EWDFEG=ar-v#OeYOv95hQ)C_D05!vyFH2vCoF!Wwc
zSt~|zy9@hY16QgFXYB{7G(pzt(57mW_;aFAi}P&BF^kTyJ;4CqOMSK|bw`DBK|kQQ
zsOtg0LT6!}NNq6VG|Hv?dXJ4Y@EUaB(j@?%*7*;0Mdb(X$#ivk$xbzPJd2TGk!EB&
zCN4+L+R3>>1;PwFCR>_tBYhBVY>2C-n%pu78B%mu>-J%^Kn%GKSE3OW+OH0UOUQ>m
zTZzdQ4{RBy{Mz+Dk5lcx5(&%gg^c=`L^*<1eQL`g*_^SM1e>LrTH-C>nub&4e3jP5
z^b0m>f=c}d&fILdZDAhMopxI$Nfn}Ez?Rfotp(WL{L9Qy7bl&{T{({LFTr0tPtE`Y
zE7%@;HW1S4?7mx)`5Jlo%S10c-4r({2c)IULk<>vNPU6qo`?h)=tBxEHphj;J%9Ss
z-==npkb<Udqf(jgkEKbON~1Tx+ricg;%6RcPV?>4Bfv-@qy9VE=u0egDXwt;755j}
z-Y_X<z--Gb+6P6J6juei{x3FCT6CU5(T}pgolA6F%Z5bnn^^579LhV5=}}ahp9)-6
zRaxVz_SKYlB5LJvS4r7&-DOq#jgSgRA8wiVFzhTohxNlZ$v^z$T1=&?PtkQnnM<Qt
zHuh|R@KZ@hS1Oh!%<rwS_;4u*&2zrAdMYM~k7?jYd8c#HPp76sZs*xE83o+0L4G)v
zBeWZAxchTmNP$r}%Vvuttmn@tbOl^=Tgj<xITIuFd~A#Y%!jMa)W+Ttcw#iP+HdSs
z+gsO6xs=-Qv$9+uY{E5e=>*z{uM{ldha4)JXmD>!K6r`}QUYZSjx7p4vXmV`4>-pR
zFYW&}V|*4EZe(~c(XMN?CSo%})uiYm_+DsWCKwJ67<`d}FvuJmmCMo6&Byt58C-tO
zKN13T0pB=RV?k}I!ci_COmc%tjD^8;YuLg19U)06G$}3ag9^QezCG!t11rbjdc#i5
zxb=x+*nLGaa{%oek$W%!;aVOrM{DH%zkt>8h`BB`y4e6|O-`zvS$*5k6_4yjt03M@
znf#`tj<#bAI&hO~u?cn}=P{$wZgkg>L<T%?57)@CGhh=5OWJE9l$%dF?`&7A+>7cs
zUHuze;=O3}eBfS?`}A^(O}_GFX7p0JozfQRf0(;vfTr~99<>Kj2_%#Qli_AKj$>u5
zeo)jOBadq_?-v<O%UzMZdoBBjQ~T*)b;hstcSUp-$sUPaR$6=TNa@PViK-1@q(#`q
z4qoQqZTY_Bi^P!w)S7J7-p&TrQYFtRTsAxYRAemnunPMe*}auDx3qW1@J8*j`54OH
zH5@6Pc2H45eM-^Kd2DE|Y{j2Gh;)iAJsp@qaS!8<n~viW66&XMj9j@iL-a4MlaHf%
z`gA^$^~`y7Kz*1KN`3}5Z0*M;1u1kjGhe)$Mu3K@G=E#E*)_4xJl~MA0LXg7u<9NC
zK<colnR;G1>XB>CE^h%Lmv;%*D+Fkum(0i{UB5N<m@~IS*pYH+Q})dyMKluxMA_1u
ztyXl$M#~g;uVeS1<s62-7?2W*(jx2?2o9sM@ZLvB%~0sGNiV+>7r<HH;@RA(hEdi+
zKcC-nTrbIgOa!xaq=B1&{yup1!!&gx7Vf&kDSMm$!6@6!=<05)OP1;dZ^Y+x%~g-9
z&-c<4*WJZ~q1I)-rXgQkvLn#*RuCrYy#Tkj4gKdZptw8)P%U;dJ-C`Lyf8x!07&*X
z3=nPTlAv3f)C!kx7PFS{Xvl>QuJaVviiVkeDsbh$L9wZHT;M!TjlHEJc)ff(zJ>b~
zPu5AiDza+@vv*xpqMFgCInWQBxwL?$_x)t1y~S)A^k#Sw&mGTo8vI<hKwaP2{UC^(
z|MR^C!GV>R0m(Wir=Pg9PPy+6=vYCz3ZCzAHfR@1#r<s{(1qH8vU02p0Be~CUP@65
zZ41@uDP<_r3@x7`=%r(g*!7Bgm~%y@PX_w>n$~Ezs0>nR@qQ~q<<+buy45xx#DwM2
zA<mh0r<fPF5QLBZ_2AYv^Y_4@_X3Dg??_ChYe5a3THe;>w;}IA@mUCj2Tn&-Ki+DF
z@odVg*4_=vw1%Y?Sq-q7{E)M|2<qvIg27usX6uZ;L%xLNtdjcF88u!5HQoe1+_Y=@
zbpe3E4v{$|l9A%zPA^RNq+6Or>=>gc1~C8e(Hk}a!v~{^H)A?;<;^UtIcH~fP@vU!
z&HjSKrY{0@>$=lY7_O7+G0bzjR%gmZH&u37%QFjN$bchvvkOulaZ1r%q!!_I6}dR>
zP5)cUL=70iv!2~|VGg$KArOCd8{1TdaQtlP>k85I5$vX+3T8DC9XyqlK;DxKxs3A&
zgB-3091P0wB8kj=@C-^4+d#}O^Jhs_7A%virHx0l5k2PEJg~RJF#Ia-fK{94vD_ge
zXVf4cFRYZ@Y3A@#=Q9OaUvtCnF@6qjnumlfOJP1t5G9woLKIWSp-UgIl!Op(K($te
z820bj!GJWXnyX|&#kfG`qVrY6*Gf)hMlMsS%UT21p$y!E@ybQ2y*%_y8hQ7vQt^R$
z))2e@%#JBL3d{?sTyK?PEkCW1*`=OZkA%B2#WmB#hVjuM<wV(;jf_NxMw9;R;q!M;
zb2_w*nV6em!YG8FdDphotrI;`h#n^X$1jK=RQK}%c+`dg{ltrvTDU34#v&h}{g4qc
zv`ViBn+ps!rK>Q0iurbxmPwIumuTdl#9vRKcC3R{^>yR7YG&ei3=2R>a`uI;7=CQ+
zw3Kn}EJ&eC22eaN&LLOL`Ncu-HqI^eQvWlJ-nnf845ktiaHtmKwU$|hCIPLGUD%t0
zTOgJBaK5`45!HkJcc6Y8;})(`zYX#S!H<~CPDzc!O175h<MCRae87ZVMSGd%!W>se
zQne3O!$V3k)5W)J@7_Fx(?wrRq{=>!_}juORTvl)dHA1lQPa`NJKb6wF%fP-pWc2c
z)2ka;uzcC0b<}l*ZXjghwp^hYlR9W3A>x&I7Y6o~J?7C^#0*SI!OcZW{Yy5-eEzyF
zW;<vjbAvTtPjDdB`V=gXQQ)+Usr#<b-+0Ap5ogIjx(h$L@FVR5clf_PR%8eyE<mFs
z=tQgz(+i}Xl#YKRxaGtb$ZqA^^#KtW9V128Kg@u(fH&!}--PZ6;ye)^H_4qXluF3T
zUzxoI!4JiKcA!vVX@Z3iI-=>=!RTy04#tb`_NM21-v7cy1W+(MO?Mz6YC$9^o)gZo
z*lZiUksdwWs{!8*e-6cG92Ic>wG*2d&BLsCmxyq0#9C>UtE}mD=IKh@N`Czk7rbd(
zj~t!`K@&OdoI3Tw!_cXz_(~H>%146Ae%!BfHmVX_2Cf$FE+(-Ri%@CeuO!5~0ut6N
z9n)ej8NAOfr=jlLd4gWWt=TyEW?m3-_8l<20LjH6+<XzY=SBe3?Jwxy!*&b8h3t02
z4{wjurNF!`oPHN!vQconj<t3q(rT>}<ZsBvB-WF{F`RqMPLuePpa{$k9yHjBHC*z$
z0iCcQrL-<_1qry`&D)2Cu*ev&+31kx?%nUkLatC~@cxjhEBxm~_U!Q)N=}rc76oai
z)ahrB9Fx?~mhRu(%V!);Cy0Q0#bGGCLRLWV#26XymqlDN+<*_0QF<udr8Rgtw5nf_
zlEhflkt0}3s<KON5D5%*a0@OE^eJ)ax6EumptTbJ!tmf3dh(|E04+(q(TsZjG46bT
z$nm=k$#MorxxNwLP2!|R%$iYem;lvxIX3e^@qpx%0&Y6fyzM*WV^V~Mf^A5~iY7C_
zt-gcel|+6ZDcf**g~#b_hpv>3Z6d!gE;=jg?gIaVJ$fMzZA2;^myJnjQNe$uAlmv*
z2jVi<C0cYv+r!mycL4ItvciJ9N&8iU5TuV-C^UZIXfhN~$Zz^uU^&ZK@b7&cX@+L@
z2B{2OQehWtipIdA0Rq2x?wj|H(@_H<L8)XQCd4c>?@>^+D^hWU0&BjNyNV!Nvs!I7
z@btQi+$fMhvrVbuTR^U#`#oUeMQYtB6tKo-l$cq|AUHzZOt0wyb60y1R(&Jw0xllC
z&0HP*rxbCXe@f`pT(LXbtzxh$)A?$ZOvdzUF2=-y*D&di@baAdVhZ;&CAqd<crI=_
zEdfHo03xx>M-BSyj3O4+iEe6`3YXP`jV@(Pa3K}anSOq2JXb))E2a_~8u_?o1>_$Z
z)d`X^o$uwp+K_>^;2kd+EC~|4c-#t)J4a-6y46=wLZIxthmW=ri%}#fBqZJuE~7xD
zWSA50+y;AfjC;h(r}dj^9;?O3U=F=F@K_3E8lr}*I~F{4Wuhl8EDoNHx`a=EJ^{HH
z8eAwEHam%7EP(mIH}qU_5U(G&Y%Nwmi>+6m=)F_7shs3F!wDkN5=nIg$Cihs_G~HP
zU_Yv<A=#riZ>i`y&ky3A0~m|?EYqZ(nECh2&Ss-s^XnVt)pU1=fwqf`mnNhYqq3<E
z5^WK%9M;O{ytvSyD)fZQ?>KL~n>ZZj$MQ`N)ext@wKAFsK?rWJS|<GqeOb!^u2Z$*
z;pvw>u9&dH#$FI069(PKq!j=hkeUY-7gQe8Sa4BAQJ+_?y?>RBe07{a$eAJG8D7vj
ztUhX|gYq8=?yS2Pc$+Csnqk*U09h1?i$w@-fJfqMQxK=?K<@asB)5>ZM7w)x4Hl`V
zWZ*_ZqK649elV1042eK-&E76@?k8Jq8{UF299dUONoK5MGcyBuHXi&&O<VR)QV8#l
zmatA2ro5uWr`N&<<sp78+c4b0;K4DnPDD0pm-K}c+@Ma>nYMuD;IK6~p01nU=UTQ!
zvs%0a@|8rp1VZT8{%GUvT*d4Jz(g{*0$TXis#zE0c7I3+Jl?cmujB7cTP}weC%9sg
zB65XE7tE{M<i}?{%`IXCX`6^0>9B(9Si>t95^2UFkToJa!@#CMF^WzM?veYM2|H#0
z4YNAer*9T#u5*m9Nl^GOq(hwor3QZ+WAIOkw)HQuahjN7r3qmHy5r10Hko~S6m0j<
zM)kl(ehq!Dgz7%xqHyPVl|i`5y~jZM_$attbRwmC5Nis|_PSod<^Zvy-;*%>THYVO
zQT!_duQL!Yia4x1*+U_sy-c&gyEqnA%fdrq@p{Sht9Yv8>bG1VN3Syr)-yFiog%VT
zY<9-kZwcdtMKzvCUzyj#f@$HW^;mmO>_^E#sru4U=%H)GVM2*kw*M~Q4qm+$VtlUZ
zbOkh{2!0oA+(DE>o=2ujU`9<$LQpS(#)vZ*R?WFAHDk{7b_gvE^q4P)+h!XizUuD<
z>XsV3!0|4RX-}P&?|?|<#RA+R=1Ts<sP{23(h#PLzwizJroX++Q{~8PA8D$~k&GQC
zDU>UV$PAhSLsT<1a%(w}B{jecj;(~QCVF4cK$5@oSspD2ZDs$i&_gubPgdws-0Pcd
z0Q1&4Gl(0_O}G&(nXHCW?U7$txuR<RE=@*0%&0TOg^B>OOWnBh<0Hu_i;oivKSi5g
zBNbD`g7rP_JVfe_#%7W+$<+mQLv}s%^OLyTN0l`CcxYk`C7l|cyJ{du+JvOA4*K~Q
zfmIfkS%5R{<=cP|E}hX(Sw!A=wItB)n&~JE$CRvN82<?or7RWtqhvlR!4;~UtaOZv
zwSM3m7`}-sNhQ+)$_miFN<lLn!BCKRKd;}0siL)%hBK&E-(O0(o$K81Ca7_EutvW%
zr8H2l!U~qH`%W1ch@)yKwI;3G{j)+w@);!oe@EGfmY-naQD9`RIl~p3J7cmcaupjy
zkxy(Ba~K%lx*a<z6t@P|zD@V@Hqz)=bCz+O&h6>8KIw3Fu!jwYNj#-oo_RSJ8xu3Q
z?DTgQZR5_!>=~Ku!zW3~5}mC)hj%@2V;4BDf^s8HYgmX@F)g4)Zj@p%2FDAAO-DLc
zA^n7k7U*gh?X^u!ELz8@my&M1<rkn1vDUSy@VwwzU-B&%$^2ar?E|lOX~NR66-nH_
ziskcqY%jKb9?icyPvX3t?slsh`j6?!_*S-kM(x4L8U6iPuO=!}zsKloUi#r@5dRqt
z4UknueT$RSl38_N1t=e}&xq5Q)0Z^!5{F5<_IkD1QxiKfA<Kf+p_$}|q22TC{Z9mL
z31!-5_@vMGEbj1s8i&~ali>A#kzI@gY-~(y{{`@3XJKRb-~29u|2M#^TFqE3>AIyP
z-lhn%qq7tHoRAa@L(eQNUkIzH_%A=dAVU02l4u7uh&)!f06+Vg>&wpR$IOrO%nyTO
z_iV>%hw9d)w@;Up6X%DPLyOIdo-vy$20A`lEjvH-fx$JX_sL1ccrkd(>q3i52ml@+
zp%fVzs4P7Mn7yMiNPph}0C61+KcW@z-YNK9czC!zBOuDw);Bld3miQFmE3GtbYS44
zZptn#fMu^QL2SHSST~j5`+Yz5)z!%jkV`O+!dEWvbH5(I6d+7pAbTJn)CMP+g$5;n
z3Mvf&Kj;<I3kV0WQx~3QJ)oJORbP!9J$B#BH1gipDxlusi3RlgHdfMS{9iaI0KmK(
zJ?t?<jI~v;s~_wGkhVY`Z34NoLnZ(q&^6BhE&W&~zji=^8rB(|mR@MLrp@+mim~m*
z>-oWBL{E}M`@n%b)*J*^j6H_Rn1Tmg=K&o4y508tI5CVplh-rzOOwOr&SJhb;%Q<i
zU;(Xs0E{*C7p_zm3_WQ74z9p2JV(BSc2B{dq<zrfwvFFPAQ?aMHM}G9OPCNrd~>{Z
zU)fV#Z=fHsR{~d8(_X%L8{e)Ubzl%MP_9jT!-spmlO}(jla|mngNH92G!|7ZHURuv
zT^CKdS6{syy;(kBgYRx8t5^{~t8K09Z-5p(E-5@3wlzaZfXiQL<D1{Cv0uROUt*wN
zv7_(b@K4w1pV7ZxzuvjOGSyedS5=@6?pl7mw3vN|G>2ewAYVPESpqqJyROlp=x@Hk
z{#pbxKEGslw=tr7y%FEGJ-ve#^mB)DM_SkT!TSe?rzhW&F#eQ6Ui~ec2x-y4eQ-x#
z?2UXbd6hJ4i<k#cK1(mNYWRU}?!O_J?EF?)TE3A4Pv{^n&EKByu@2u9Ibt$0>qqGn
zqrIK_zit=YHb7H-v$!yCx6GomTUNjBZ_~tdw<pjLdq^k1cK6U>0K&o`fCXM&0>5O3
z_*gx@*}49DIS9Ibm~?D(bohJs{{UXT*;Buwg+~^LCZC>;Px=I^o1?~`rTc7FhsWpd
zW%s$SzxC(7S-(|07+26O{aP8Wjqzc2Qxnr6%iJ^=7>dl7*C#@FVNP_FOn)e#%3Ur!
z;!ztZRLq@U2@^Vfw7z<VZEbeHS7SIoZ{*m@nf|JRy}iLIBLHj4BKBiBW<reGV8n`G
z%Dni?d-aW1oq$D@)7S3btfbZCh@9hMJ-cQ4ohBl)YeEFN%0n<5CUe=;Nt;+BNpSh_
z0O?EL{{T8(u)U#9mhSia|I{!o<={%je38JALC!7iJ$ZL9r{yM}ieyjoTtv5q&87s|
zu=}7gz6xkKdd(q3y$luU)(`@S*btCO6_w4$M^Si6zKZ;is|EW2QvBX+vJo~tPQY3n
zc0YHS=AL`jUS|rM$*S+1xRK~3kfpHAQz}~UlcyTVBRnM6hXloA8Xl1mC7x}3UWrDl
zxwKa5#P4>>^VTPcm&4#RaSSGoF9hm<TrKl06R`KlW<;T&q_$NqU!v{|ydi4HF8cYz
z!0F|J*?8jb5b<nYxp7urPM_+@%EHr6K}O<(zcpUhWNg(zqI0v2-J41m#bBt#H>)nD
z9s3%7*m!oi2s?Z{MdU*DcLBbeRCe0#U9JfZ&NaaWw3IC}FI!DQyQQ6TPBTa<x;9AR
zE@-sBB_B#ze~hwg1UjLt&?+AP`}wL<$Q@VlgpY*epkb<v5-=qD&emZ=g>b>!*poht
z(De~7cLJuV9tsm7Y{UXJUB_O4l0e=>I@%`eakn7YeM($Ag7L7Q7K9sG&?bg2C(hzr
z#PNy#8aMIoBd;SyvEr#A4q}?|E*N`e6+*vRCE2TL_otGPpwj!<rh|v>jNpN%M?uTn
z*L4%M8rzC=OoQk%udL|E#l1RlC||-Too=GtgW!D~xdN4M(lq$Ht|V**FLh5w=0L99
zDhg}C^Ayi`uHoRLxEL^6!s@H2(_dq>;b_~-1Wor1fCZ*&m)Au&${14v5OjmT^3Jx7
zX`+=YZK!fqQ{tkeJ6T#{I{2N?st|n)`)!yTQ+!Y<pUQE3s0R@8p1srnvyllV#)oc1
zZo>YT0Xm!&rq|4vX+Z2PT@f)^?Os5bXGwFB4ydrDo_l>>rGcE#BGTmG9l{TGOFLcf
zRKM){G$>}AFu$PZ_go{*`E(iMp;=8USWESK++Jl*vgw=r5|Ck`fjWD=z6GbV+3$Q|
zu!SwXkI*}ot3H2-a9-Ww@X(ugXDnJ5Et`D*5p$c3dKv)*)%Sy!!r;8V!_D<t1<ON2
zy(Ew(ipDZrTdbjB46PG?HHU<xtQyZM#whc`*aXzNSTD5u!#{mmDK~gF2ku1+SK+eU
z@#_Zk=Y)q)W&h??gir3=#y24YNM!8Kpl)`zH%r|Yme_<-X-mFm@2ja+v-qi)@{MH8
zLiEL7AMZe%Mh>VVHNppVuvXbQ`&fl|y`N~|>PaWz>8|p{Ork?(ev+sY?B8jzH~F_D
znfE4W)iWB(+&|VZ1KGZv{`B&ChlDr;Su2R#Rem(%ho?Jf^;Rh2r9*L5iTz>i2wc-%
zC`=y<v1x>{E#XN+MUSJ+a~lb(;X>V=pvkMv`+{^vOO$*TUsh%&@=R365$R`NGl`RN
zP+WIb7bld*r@|6nnj59hp#$PNNypHOP9V9_4c;g2<XG4d5fs;T!1u*R*d{sTRvO?b
zm?X^_xq)MEEGw!?xxC(}?wTS>#$Jco$k<RW>8#JF8jh&^3>3djS*B`jua^xAUw^TQ
zIz@p6zP*Sj_dan~PMlbvl^D(-v3$)?)_2U*7K_41Y-IVWm$e7X@9taoC@mNi;0ZpY
zW#b76!rrFI;`zPorR?t;j3Fzfc4!BSjDo;-@7KND=~SY_%X3HG{OBo|6$D@W|L#0^
zYc&3&xy7LIL&9>*f5w^lsY5U5$=uwhD>X|#SXoE>Id4=d>kEYX^N0i8zlDp))O<xk
zV-20%uXKL;Q@jG15=ap&4xG!U{JG*O-rNMA!1}RJ?8rZ+PkJwn1NjoZQ|gvH^vdUg
zOu`pKkMd~m?P-u|r>=g8iQhzPBd=%b@!e8&!7kCNpU-3VAb3<&%6(cBxin4`(tVz+
z<<WHVE!bKUT9*KSm3aMLz#VXd=|Y`M%{dT)u$V#W5Vu`5Q~Q@9@Vp`!5^V=h*erHJ
z;~(zMX<o6JP6Bx((t45v%eB0s_|I*5iB&R$dfnRwNI;WL<cv6#uRppSjAO6@EcNO!
zZ1C8tKGteQ7__+NIE3zSPS#MB!u^Fwk81UwGLvZ};mR{hH|a=yZ@c;s$}YAr;vIa=
zPI)ip%z5Nrq!zmV8P?>L!=T2L#GGhVTf+X}nvEEldOhZgjsmr6d)y(ymw-kMg7@UF
zJ_FN#4EfycopM9&TEdV*y-(5)9sQsgx1PsSb+GgP_LJyW*sg@cNQ2cKuCN>;{S(-`
zjyf|z*bBwrj80MBij>&&1A)IE9@->d;PaJo$GTFJoG5k1S3~PJP2<|DO;@j4!!Yu?
zyXL|bYGX*nMk1aI+J=lB5oz_lVasNY9*cQbK!$Z3vD<gZ6tlaKKXI8Jv-cr39wzu3
z8w8Jk&H8-XYJ)#a$GyyTrMZq}AvLCsY|`PYJPQ)PMMKNecVGYN;yoRsQ+fBKRAuNm
zkv9@mZI-xEHRhH${cQ}M%3;a;T;Oh>u!X3rKXf5YjmC-H1JV4;Ke*F9I#7+KCWs*&
zv(kcadK@B+^BvWH$(2N07~hXw13K>0Wheto4!(4~{3595A9w38cq<@fTa9YUT2a--
zXkUecA66eoeZtoz#!b9B*Uo*(N{oV;wbf<U@*{^*?l0OaO~x5Je?CcOZ{gS(xVF}8
zFs_Gd{SA9;W}S*)z?x$DF-gc6E&IBB=F$wU4km%@)=tKV)x*qk%GHC@x}A17cG%m(
zpGBYk=)+X?mguk}_2pKKw6r`9i+Jr+X!iBvCsjZzaz2vM5Z*g=rYfl8glA%D^g6-m
zm{-<Y4LE^*u*opp-2kv=si)?7J_xaNrJgl?1S>$~j}A_GJW5?Yi?V<<>o)XOheU-(
zixn_>z2qyMM3jq~uB#n3@n%#6ugbp?%@z9B_OnyiK@(HpNEy<j{ge-H1oY^vP1lX-
zyuJz~CjI`-{<tJ1!eJ+mqj#+YMbPcSk!=aFHu_kNjgoIR_3I)<E1opgA)i0)6+O2o
zg@(gMWxAVv7STQLIx}BID%w&n@5Mqwf80L3!%n+t$nIsQ8g4EKd_}MmK-TO#-KXU&
zWo__ZoQ7~uE?~M3{fynwNn^R5Wyr2Y*LrxYrpB2&&c+XJHpS?!95wxsv>tqS>n7MB
zYAO9ikfFPL2iMq3O~>)X-eBuqEw(u!?_jpMd&}nV-dcQKgbLgeQ}&z+mJQ-%3chUx
zAC>A{y+JDWQS(MAvcy>Owy##yaZR68iDhu~K&uL*4HBQ26#_NyO1cu*Z_YkUB4h%L
z7>7ZWi}w??UV7#;d<gzy9LnQ)mg}EMw4u)$^h?Nj$ypNAT^S=E^Yd8Frd^`$RQjcp
zVZ$(}>XkNF7Hyy*6j79q`_2Nc6bTJIoa)pu5Alp1SLre-1}?+x056uDc3dy2UP11}
z{<d@~IJc2LZV_?T7d@h3C$S1_B<8gJc{gHQpejAxr!1UKUCxeMsztw%fgF$T6|gXt
zms<2i59coSQlk@jU4gs{SUWChX#ZUc<-R{#mf_|OvVPW>HsFq6UYI5=uwIq$H3<lD
z_NqhIxX)7EP*%K^lILFsOWeOUv-8sO%(f2Q-E`;07`}$B6<tgg6+ixXd;jFL?d^Pg
zui?<PdO-C8{@>Ynn3d$507M7kCF4geH2k_-g2w2YEE<ftPNq?+qpP^cvhO7N$W{}!
zq)9M8EDa2Lpi^&z^pT`3+bqR=!diAfl$b*P2SUwxD+e~FD3$I*nG3DdtI>D=LueRZ
zROG|QJPu8on=K=tR74p8r3@T{We!>glV%9XySAr?2+^n}0LRRzVfYYtScmNX(nVgg
zDN<K;;(#Z+EoZ`Xelb59@Zu`!VKaBgFN?;c6b6O{t80g(A)MA^aJ+R@l2KB+9ML&y
zr6jU2xs_&&C36|e+Ty#@!!e(GKOzv|80!y>nea)O3f}$>O>n?pX}@Z5iP#rYOBGBc
zp^CJP3qi~FNQDr;62$5f!8#9Z^_5nf->`?ybx69nksYeoK-q>rTy5V8DDGTek*`8*
zo!VEdN3yXDm%Gx>lcr}WD+GwMtAhy0S?&X!JWu;tpjv;y++g^%cY&NO3Umw%u!;bq
zofl3hpX{*OKlkgS5>L6_7L(uF=L<<*_n(`WC$K_O<&_oV%UPaV?Kni5fx0@&wJ7PR
z&HsrC3Jt;PPi>=O<$xW1Z(2kZ!PCvjkA~&vWhF1u-<kes*12Z^dxk@#niCnj&4iTQ
zk&!-NNzUk8vGIn-rSS`Pmg#+EZ6NK1`H1Nt_MxtICy<>}=_xiU30ya9+B1n*$Y7uN
z-{HtYC4M9e@X#<wOlsRED6hJGY@#pf56bIG1cOb`Tk%$YA_ii>+1|K4?De55m7whD
zXc#P4iO-E~J5=|h{ZnE_mq??90Ld?w4>l{t>K>S=!MsPLLR33L0xG;V)3XSLYVZ+p
zE=TQ5u~3en5G^Q{#D=JKJr)u@(5E1)_k#W-FiF_IZvWtL%UG1Y4y;IE9DlPKdGnTN
z2|Y`bBOO^!rkO>QV0`z>{2gS%?4Z_?=K1DJ@axoPy5fSG-hnEf@TLOdv%=*{xJg%t
z<pJ%5lM<ah8(>J^Iw4gm*)<)KQ1vbunIl>o*<W;fF;1os+@6;;PgrUYaGwaDwwI)_
zEumd4G|09aEXOf2(yv^CstNDW9t4I(!(qy7O)m&pL*hu}i_%i>G<E$q1X?P^Xb2&s
zdFJ*DNDa1tbvzl`4K==33v4`^)VMo1Yg7M2rvCN3@$o@|(=p<O=iwogzSFl`e{hJA
z<w%bg0m!my(pBT~KvCS8+a+2!7|mRYJ=EW|q5f0$$G-eSkMu0L7OxXHS^Fb=I$loG
zEoGo_G@{tuH=7XR+LV>v0kb^A`{jBjbkTp>kXX!(DNgU{!&Cl3Xy{1dRUpdZX3|5*
z$!k=}5V0b&l>^M@am@~>N9s5KA}1WIzkp5DhpcJl=?Fygd;j>xF*32=4IB5{{}~Q+
z8{Yn7hjk6z)?ede%ou1c(9WEd4a@RlJeJ-?e5Hl#oh=wCB}ZP`T}*rIEfzOALrQL3
zgy(R5UV--H=_u~E4;3Nbsf~N$tGU1PU;;9$Ghnz`2E^$C{fkjWe>Q9n(*u7z*541H
zJO>B4>5{h=3ahmZ9q|m$T9vww%>eSjt3e_@71*p@l^SiA1x$f4qd{@)sn>oE0istp
zuS!Jx2`kPYnqm;08K=3E*Nu{fs7{W4%u%N%p)7KALKVUr!-DiSMt*?sW~cj6?m`Py
z>LjKH)YF*!tXBLXOG0k$7T2hvc(Ayaqa-9jo1ZIppca_C9d&I>9loe=;#gBOe2$_w
z<x(rg>M>@LfDU+A5JG(e#^{*zxYrW%+0jF-*Y{Pa+#|>2?yXDf<hv|7MyRY&AFA;p
zTU__IpYgFfF>K=Us#LSk)dI>brINJR1+X~_Q3k%u3Kn}qDJ=VS`XAuWGy@Dmty}t8
zLS4h^lM-~TVn~g$FOHH2`0a6dsOEh=7ga{#EX13cSHze?b^w)W`fD+2P`suD+T=Xc
z#EiBQ>17bI@<MlRTMqAQXcx}zGyGwq^V{<zv36NRbyUf7)gsG0Cz;}1uT|g*hwNmX
zy#1n=1UUEkpWzEEBNrSuD>f}bzO#qL44fN=9mEsR<%!N?poz7(2o3^N+*u9rZ!j0t
z+DvlKqQ02*(bP7uKb@tzwW8b~UJdQgTq#z<N(VeqlCWZ_*Iu+XTWx#9v*MmYc$Lo4
z*{SLk*T@Edd`KBy0WOrHs2C4+7)pzYF=&A)u#+&^l9Lz;-+a=`S;AulA68a3jJx%K
zmWa6>Gu&LW;zlrO0Xrf`8e*j@YFwI4@oQ11<L6|f+gAxCS)Rg))>1y&$lhbo#{860
z#GPO-o93RMv<#%ATA}F%?&0APU&)RRie)0r%X}7#C0?OjjRC6i>J-LtpDVj{GUlq>
zNU`?yHtBjIaW<#k_vVmr#=hR3(pzhqpI04&(}%TsB%WOV8{#n<iGZV6pw+3$#_=Kj
zxP{JZH-CKF><=sGD_Ktq<%$qk3Is%|%Y>Ak4PE6%2h>@(4lns5W)I9=w^pVM#q&k9
z#5lFQKzh&jDBD$Tb;^z}C{C7q=I5Wpz^4~$)|WAZH1G%^?r_i*uCX`=#C6pnhF`FD
zTa$#^hezehodn&FRFRc%)HW5VYu&%q^vic>lkm^hcpsE--U(UXT2k~Xc(WXAy-Mu`
zdfb=KcT$Akg|CfXGhOd0UiLFa?=Q&1)L|!yVVaPt$Lo7RrMS|%VTPm-YmkfB$eR7?
zcDCkHAnR9vEp6<2aT>oo6@_mVFsK$uex;;r9WI!UliMh@H;h>dg(k#hJp+q9LycDm
z!tA%Km@T7R%9CD1Qp*7HLihf0rzin(J*kthO;sX*PGGgTg0uVZ;Bb{odWKVybXx6X
zy;Cg>^2MJR@IM|>IfMMW|7fepK6@NbLG@Xl&*C3459A^i<N;$@`a6z7W{yLukT7c1
zjJ9<{Rwo1NtRYYb53X%i`FW>**tJxj#ivW{upDi3;%*Z~+MdauQi||%4<oop;OC&f
zOKp3L8L4Mr_sA9qA*`n=S6<x2+mfvs)Te<og4;H0{lncP5VO3AAEYm<g9(2~IsTo;
z<9&1jZg=9RlgCaN+vjOA5!$Aa)lj-(=8CX!=fx}~t$#Sy261qSlSL!%&bW4ZlHd8A
zV~gGqP})9PSUjlYvAaJ9%g(oylAY!{fp1w!-+0a^Dh!UxY5$sb*>t`RFL6~C-gz#r
znFE4z6H=3yps}_!Xx|zG>C3*4>><L=7F|ab3Y=>?m%`~5rI);PW|;1DXJi}HeE+mo
zzV7JWUg|D{vzcugisU(%Vn~ponc2x5ghVgOa6m?-O~jf&Xh3m1oh+q0onEWxmYt4g
zxv-k7pI4vgI5EL_5Jua!6E!IvUS*z`YB$`)ViP||q1&w$K6@Tk=_R$FM$U*t*vsti
z<bcslb!#E$vCgfhzTr$0hy(aw#vPRfn08gvzajZ|eSmjU^4?bq)Vm1c7WBmd1sE$I
zZHy`uyIkV|@B|6P)*$NB?PVS*ZZ^fzMZSjhazu_D(MUGz{C1S^5qN$})X$3A?ewnk
zZaZAWNgjAARw8zDOH-<{v(u}~-+ejyy}Z%{;NS~TKK#4Jk(9Q2u5*I5S0eMZIV2kL
zWLj!*5Z2;mQs3IgSxFr*(ULts;)19VSVB1)!>*J4OBjb?MNj3B64pq!8WNk}F;T>f
zFf@)zURE=IPP;wUl94}X<g_8QVI<f^J(?Enj)oYbeEbwB3Yw;qb5y*a6m<b?6R<Hb
zB$v9);j^b(;nx$UYxY&8E6sDIiR7q}Th_E#j5K~!pnCL)ghuijUOY_P+536C?M~?4
z!zbDyw!6V(;rvcalW$}@rhFjEjYa~%yhy6&Gw-sMrA2P@YXD2y`2%8rPi`vXAMEm^
zb`;KCbE*9NNq;*6i*wo$P}4KP3Te_n&gD5_0#ZW|Px=hlW=B@PYKy#PJnxFKu|(Q2
z8&&pF{v{2BE{~Y>vBA3;xw4Zg$jyUhJK9Jcn^Br>)4&e_;Hc^t8YFb%J?VynMG?*)
zAj%Utf+E$g<`B+GD48yekyK^=lua0y?mZH5u2bWh5^wE-<`s;mdH)C>?hFqfdd6dW
z)l>4af@z%7xb3Tg9_9jOA?xwetwC_t;%J~3)Pn0Zhco!-N6|Sa^qVXtVE0+?6z%J%
za^Pb97e3QHvN$L0Od6d`?7-9jvFg5A1CU>+qO6#x<G}`m@CI>U9Kj{(qVSj_vwrfZ
z^Q!f3z?h?utj0LEqwm41LM~coISw#p<Pz7~K+@2hz=Cna*3VqzH{ma4eX}9y)wPjm
zj@QFYCi~@7+;XD|#&gYpiLqw(`1;qMzBnqD;$yJg>L(rWs_c5$7_P|kOmrEkXF;Vj
z+tmNGA?fm1Z_!Axb`FKO%^6u#{|b)j$VAc5I4<uR%8$I{K?M(Jev8N{k%=c6VZ>06
zAjlF3w>$(`#=uKu(L~zK%j;w^g3}?@^Nmg$IHo9ykNb=~_&x_RxdeA{4VMhspzd|=
zm^-Dx(!#eg(JEh>(CYA#peCE-VJ|s{a4@vciY{~#D)b{)pNHUJd*~HB9f&i{!F-gU
zpkT8*$tM4l&(SR&HSAp)RUsJ|KC8#}ktg`9B=Lx<4nOyVQO3>up@WD8_Vg|umDKyJ
zJtL@jDO(>SBFVmV1cUb!3|ed>t*nR|5Uk@HTyNQ(W?IK6Ix0o0@3P?6=++DXI-#}0
z-!yga&Hz={aphf>fFMp%xQ;=@@>UP{B6x<zlN=dH&i3LbwOrovU)%i5a{MWxg}-q@
ztmSD>Pv<>v6K$3S@uevU5Sk2BG8Gsl)2t(t<i(*|(U+L-n+<keUr9YOdeP>F^BgR-
z%x%thkf<UCrX4_AZI-qR4g`A$0O@#O$z8K<ihe|`xow7IgR2+q7d2yWrv{Gz@74qy
z-;dhChpI;MRmphrTw5rE?tE$n7hTgEZBGAu+z+YJa$mc8wzHXear&c#zES#m3yv4$
z1qL6;Izfq+QMpkHyNnj*G6Nacqtc*z*u5}B`i}7(JL{X!g+!rPFAY*pk`tFEjF3`G
zE`b31LCBNHoFjq9SJ#j2rkeHn*F0F}Q`@l`mWaq#z-+>gp)B*c0IAqk6s!fxf*4X~
zm@q61##+@o=L=cBHV{z0z%>*Mmkm}`T6*J=L~uhO$F5IXhw`-D_O7^O^L0#BbRR)B
zl<HZ9G^;!b0tJ0{38*{|wSFlHL8!E7^S$6DIzy;L@xeY2o9GyVuxhAhl{*c<P?zN6
zAGI-Nt?BOaiij)JT^3jpm-v(@!+S$-Xey<=3iaXKdyQM1Gb67k)pc4!@x1&OZL2wn
z=1fUXIBa~!lM;+w^kczVrkdZ*0p}2$ZvnC7F~zVI(AI-&44E0jtsI+0eiTviaOrna
zxXVzBgbF#G-qJjUZ-}0Z6!3UGS^gBSwie;q%0vnK`rop1tE@$KFk*KMj^DA+5Az79
zJHypG`a@d~$Hb>E(3tS|<tMep!CGWCkaSnyws?3KIml0@G-=?)&;!?k)0{r@)Gq8r
z@_nR=tt;GD1(9BvtewKR{Y|+sH_R@avAFcqNk8FNZG%x<g5%|v($i_2GEikso=X{B
zLhD)K6V9QzypYC62Rrlo5x5l6n&9}c;z9#bVj=f*4v4uNM2UrDYIZ=e)#t-fcEz8>
z%Q|`!Y3>UOdGfnt#GegUqdW`>ix4NbIQz7=hE(^dxjBE~yuj<yEnS&#nME^fZ9izE
zO&6QCxvh${(xbrA)L5u8O>r4qLOXU{(8~I4AA5yP=!g?lfg)w|i=re7j!zu&z8`?k
zqffmjBvp${S=VafZ9Hl<v}V~09bjkvER~MNv|#b-;JCs*c{OKN7)Z63nzrEW)7h=q
z6hBXo*|w#*j5;Wsf}!`E+$fqeyy^xG<wEThtOfnD_s*?g3Ve-8=+MS|M`6OpAm2vk
zEr0LDGFOq0?M$HVTFT{ce|!5(KRL4^7QuC(G#v8Esw<iW@4;AXv;P+GtDtR$I(|wP
z4<KgOxprqiS6-Ek#5|h2@Ii&7Bo6g&GK{AqAo&dT5Tzi|YmqP4OqF7|eUQd}J*n*z
z$==^^x1Q%!z(_(Lz|r(*wj>a9Pp{--%7F^)L(o$tHKiR{k`vB?9W?{G^iB%9>3#TV
z5b&xOm)b`dZCG{k+L7rpwlE?qE9$kVf8VX7mF0f!r^cT|JnjA|79uNG#(lv`<<MRk
zeFT75UpIc={dmph;3TQKveP_8n`Fc>?n(e%k2-DvouJrEA#$kNS&z&q%0|MFVE8fh
z=%;|HKPDzg7nqa}6;O8Tj^U+IV~<I?ycQL%f|awcS^H5_dpRA+w)mNroGf7`$p7|R
zAIBhCv>HqPDb7(*VAsr9Js+K#=0pzzIU+K*3e3mR%BhZc3)JnUR^cY%yYsg#1<1_@
zy=Bi8b8?ysI**=}2D_pt`a-TM-;~7fsJCP%$XM)w!~pVZzwc#+I=!M0vb@#(#SSM>
zxN5)YOcK3Un`)F0j~5stXQe@3xWQ>{h;*Xxz~RItzd%C<3LF2K`QZ4^%m+RD|4DiL
zv$ioXaQtWJgMpErk@^4A+E(qPtdzZ-KqF)4io|+z1LErHy4g3P9oX4v3H0v)@_$~v
z?xp_nZF_rUZOU$+?qeTnDmR-<SEyHxg`+B;1xsB=`5(Bn%sfrONO1$W$3@piCPu_p
zQ+L;8H&g5lj={;w&>lcAJAkdPM__RPy8~eHEBgJJ1L+$8(mOdh2_Xj$TU+;J5169K
z0#ve?z*=f*a{4E2Lj|ILd6S(Tl_rmCr|~;D97Q#=HnjzAa{lpq)74c11Ol8v<M+cH
z!-7DNms?6mNCl9S7^?&%@oV81BewJ_h^%KB10jHB1l-^REC)1ki2=Cu#Q`95X(`F;
zm2@<C>qBw?!T`*=@+ZrSwd8k2&imG-<@Dp3n+H4kmj{Li-~gP$jke0>^VqWj2UyQg
z>rDF**&DPmd1WK?6zhzI$b{boPb<hyY)lL%9^1jZi&vIc`oibVrise>owx@1umirD
z;w6&4meTs6Jh$Bip9)=FhcLPXu><Si`c0n1fS?EESl7gM_d5CkXmkbnmL432G_w4W
z1#<!r%WID>EN7V;KL<Vm{;a+EYLw~ot=t*g+1WU}-E{F4`$h+kYeb&ghyu(>KPD~>
ze-yKEjHBT`)D0vuwlo3PGx-SJUK;-4^RD3^?Zp;;UY(NjjiYC5Zft%5NCTSQ!#uvu
z;!^-B`*EdY`uY_9VH5wdMSS}oTbuNj@A6qM&%y7d=Z~tHJ-Vf(J8@<#;M-^bpqCW}
zxgYgjE$-v*FxI+X70*xTnJ?@Tz)#@*F9^}G)zdr}q2?nzMH)uhk3I-Tc;J?QNd$o@
zGPGZM{Igi>PfO)`1`uwwKuaGy&94oyUru`Vx2{(O8UZrZW^cw!|9302ndL|A6yMQ%
zCR<@rML|^s*mbYXVs9Y|pOUM}bKNh&3%>K%diu}mJ{^p{K9{Q>Iu8>$m0wPB_~T(c
zLp@O2dRzBzsFyD=!|x-t>CqL01NfO2%Jk5e>-q2f_hZp39lb#dnM;Z9ba+H#eD(RL
z*>~zbU2Aw`;bCZjZ|_TN!tdkPYaFou4L|bRF(_AJtw4%-`uWT<dpodU0cZF2R2*>s
zi-_~TSl1Wjb%)pD0BidsjBZ5$<^{Rijt2Kh?6t0IvH43#M}0L#r-I+<E@Zbvxu;KF
zwPKU~Kk+#I1v+7I?mzRF_SCoyzquoQ`K@&{1;ypBm;XEW{K&=I`GNmN?9y{6KG}LV
zPeZJPg*CMbmjw@ohx5-pq{zYkAdm6x-5$U1Dyq{gEuggwHO{*#F;4E0;Q@&$ywK<-
zXQC?Ghh)yx(4M_P;tnB3$S5UakPTxQ4<S(hEZV7uxmOi7B3U#QuOkuoo7e(1a<1i*
z)&T=nAZN(=MJOOwN3;#)fSWNgsMYN7NYpi8)(|GV1km$|C@bOf5y%xil6TiU{J?%m
zN-sI#bT6nV*Ff)VUHmD@yV^^AQDXvL4*^2QKzgOQiX_2acaz7tPw$)IBU!5BxJ_v(
z1F0W>EK!Cvh*iGhEf`x3155OWjK-tR)@F}?jX5W)@L9Ec^4Zptd)JpLex`vZ17T>;
z#9r1P80ifVzY-D~es`TZ6I>Z;#~HqrW#bS#lfTrqBRKKtho-&Tn4^gl%z2$_xAM*k
zCu{3G*p6-HAU|Q^K0rYE9xh01HcN);Tg9rco3f5wZ$>cgpU_1qMKFY1ZhzvbxTOv(
z(a<2|fv+_sLLY;Tu<?4Vy;^X?I0A+rFM%NN8WBb!?+_E?4zz0py*uxeX@&@wS~cjP
z7a;r^CjG%$LBn37{|waSOX^{?fo-eQ{2O)O5mfp?iezXG_97L@t65TW6ll_ak{5Rz
zQI&y6g8M{w<=g^ZK@b82N1Si=eRCNK<QNA{ODI)ZJu{C&Ri*H&&&p9{EHUQO7qa)*
z%>?N!(xbpZx4k>uC@O3juG1+IDOAsV`de1{NN>xnApRS|!SfaZK%#ply5|3+R^!`^
zZeZlwQ2mwA&9<xd@FK|7*YIcHteWGpzj5tdG}_s7yFdf3i^B{Y4uOR<fl80Ox2pFt
zwD0c~U<}=N?WcV@VCdy$MW%EXoK3pLN)0ZyB|jnp^-`}5mw?874&PtD($dGyM2gwF
zK$aOuH{0!u<8W_F<->*ql@^!|o6C)dV67KF*hC2znO>8me^!op?Hjq`R#l&ETT*O_
zo+EaF$aTvnLa@+@utR<(KZ^0fekOyn%)&6!bPk=~SF_8zx$hdIF`!nMSECzx*%#4J
z7N_rQ2Y8k-!WwQJK}Ldwsvs*)>QG_Xq^xq?MIbf96n1f)O2PIXMr*Mz5-NbnLxYud
zxl)r#kFP5KUyR*DkRU;ufZ?`1?e1yYwr$(CZQHhO+qP}nHg^8QZtP(Xd&|04R8&?z
z^?qi{x8ZlfRDq4damQue7?~Bq$!O)mrzdLOYHLlbgES1S<Oli_tv-bMJ~Ue%z{HDm
z1FvM^&$2rOD6DR)?U1@uOz*`~-F`WvvF)PyrE4}2;+4m-aw5Wk695#UmwC9Os(!iF
zC4VgfFrK4%W6#o`KoyPSe*F5kX-0AWrsP&PtPi&lAr=IyvViUCEC7EMqiwi+uo;zr
zBR7Q2*&VE8qpc<D>-n^liU5sb!f)yts#222M7vty*)K^g!kX!|t1qGYhVu*TeAhXg
zx=YCDiye5pM@VFFE}g@<Vv(t3=s$UyT(;Ujp115>JZT)o_>R;TF34+IQ7f23@y7t#
z(cV`aY2m`=?|Dn&T+x~eolh&Iv?m^;D?Hf(4QU63<({hLB(wMH>jBD)wM$5c0HQs_
zFs_m&=jfGgYZ4Pd_nv;zL|V~;Sk+_8KSEO#r_UkdnLn1L0_12MOdCZFQg2z1SHKSX
z>rPa8)JBYwbK@*8)>N~!xQ36CP@=w43rR(iVlyG1O((az=Hn=dcSDOT8-rQCV>dbR
z&>k}{XgWvs;7?(fh7YeCh=?pHr91rff9phQ>^ZJdI1dRZFtpGoVNPYpgD<Mz`-k?@
z<2)`lYHd(6dS=#d1)m@28ULU~$>v0ZQe?fZ22ECi6qjUfmvo`T=v03=geAkG;dJwB
zS7eTeSb!lroT?}fQ4ac`#oI$vz^5XS7ay)Kd4TXMemHHy{)w>Hy7GkKTIbN?ERDja
zSMZc&H&Z?oWb>Yfcyt@_@zPDG187rdb>J3=8xZUP8PDbAi40bZ9Y!b-me??<zV}C&
z{Oi&$f~p1k@DrYA35;xIEW|J6+Qz}>A}V4HiIEyrDx2ARQM2Ryo&2fYB8B0P|1*%N
z;htv5#+PgUufcO)Hb9uz00xKae}Bn>7iF2E*Hz<`0nXh`SbtM7RIdp*jn+XZ8sA}0
z_Z{SQN|r=zE3~0Y!{_5FL~OT5G@(HiMdXzr!Y-dbuI#V<{Z^D5;RHX$ddK7Yataw?
z`?>0dS_I5&dhJ0UwM*I;Oe|2u=lkFy)!SZla=)mNj4L%eF6LSrRLeTO{GH;y7Qa`_
zd)Ndb=J9MTY2vfV+DaS~jSDs16t{wg?}O!eeGa^tsZG>{_60a|4c$5{`tDQ#E*$rl
z)M97#mgz1Enrvw}R^+C=R<7upOiFsLMiFsl?!0XsAhdqD`trJ9lyfbvc!BP+g}TLU
zXhUgWEPbm4!v?i=X)-q6RO)P`h$2=o!GMAtNhHZ4lEyTboCB&sU@F2!{A^B>MNKej
zrJX0uqWdf}Y#Z#x-CbRD*w)>R^>R3SFJ!+jqGm)B?YgXKvi9V~I~Q25N#WwYw=Ll`
zF0`*vQd%(h-?J0!9u70g((t37l@q!uY8+E5BW9;*gQL9>j1WthDswVl>2M#XB_szS
zb>)TFyUI+0o9b>jENTgZ^?mdG6kp7OxlxL2F2+JKW1xsifUUtRNOQtUQM-<0CA$M|
zqybI@b&@@Zi7!y;6$rn&q?6i=Kf>)Auj|!GAyJSguBP?T-xCrw3wxVc)$ovj_v{ar
zN+D>n&i41=P8<PW?Q^F3HB``UAn=VU$q45~?!89b5O1aRPT(KkArMqpbe{_3O6kd&
zKm|fm1D--!NUn~GI?HOPkfr!O%s~R&$d}<$;Tys635@VXm8s6^cFo}85oU)WH;Db-
zkh2=MqP24(m>_GrJV}lA4-3dC5&DDbK~ASq|I(-0&u|&?D!bNFj|ADu7tK-yA%#6e
z&(S~JluKyO`emO<XV}Kj{CW_E>(0KiEG2CX$fU^*Da&|6Q7)*dK*ibW6i1_lwq7f3
z9bD)*NAGk5BI>FcyeDjw2W_%9w)@swNa7gI)<eUEIJ~ncN8bgaS3h57i^<fx3)zC=
z3E%#;tV0ROUbow2kaKnlAOj9bwExanJ&$qDv5UP|7R(bHOq|<bWUyigbd@H;*oNY(
zsTt2Lz1wCY6wB8%rNa@2R`MgZP8*q$GKhiZFWdXb6>lOq^Q#Tr9Q;&d?b~^@rCFnP
zDHm7EAm#eZ<OZ_VdW%4moq8Z?`ZDy)VMi)LQM?C2a-R<^k@5+Y&B6PGF$!&!Al?f$
zh{!toqVP<D(qFRBi#>a*TePLgX+Lo-A?MU2N7FTPNGg7opbpZ0t^=DhGsrv=EHG}b
z=-7*Dy*vmH7D)`z62+x2wO^eZkKAyog0=bl4mXE$omo>vWSg;{U%$Xi3cw=na;}qX
zyx=gkS6VpJ@eDx~O5r#j2+`%CRaPZ?1X`2NPotd1ejc?@yaKNbG9onE(0QutEOkU}
z2OYbo9S0%{wiR$tVxUC6@VKv7Lb}O@(*@1EeV8PW8Z>kwwL)y&=W^vKkB8_o6M<$6
z6g?xi5}~Byhc*N)Zme5$#w)(p;P!;wYkjg0wQyl<ylIFWNuQkFeR8`?wehEu1mBVD
zl^FTYs=vzUh$@{A0k-J*?1yGg7QZ><5xaswpUXohMKh^0Ac7YoT3tnivY>vTYzd3v
z<-I(=S7I!cKic@Zy%hXD{uD0C{}LY+xPG|*aHag^J1XlxkA@`*may=A^agt9M%9>$
znYK!-i2puO8b9Ytm>Ha_>;5QMNFxskteUkF6s<5ZR8dN2j(yD*Yor9pQOOd5Cp`;;
zaO04LV>T+&7A|Bhh*_HB+F!In?&#J3p<ZtE`KZ2)h!Qp-JKox)IuvziyCoMu=co@8
zAdZFMfk!MEk?e8wgtWQyPaAXhGC|MiCD)$*rVZw0lcoP@EB+W76qhVM)2wxczCA&{
z^s4hXoO6+5xy0WexQeW#HKRCc^G)H~0C$*`#yh6#AJm<TL7{_2(;0Jws}yfD8&z+N
zg3N|KjJhM8?(y{R-e0iZ12nnP;G{C#C-_3Qn?JA-(P<o8-qL?w4ge(&%7(laH@qkJ
zP4e~*n!WJQz&hW{+nJY#iogU%(n>3ARfd@NfyAmu07_CKEk#yeVSH1}NJe&~PRi1$
z!>d$73Vne&<`aA~pz=R}ckP03Wn}6N^;1n-H@m?ShaO_h6@ACQYpEMh7DdGyG0#3t
z2vGzn3AI_ImDs0}k%l?J8^#cF{RQERD~x+QPl*#asW%Y>+KZao-pw<__^}%~dggSR
z{!?@2DRD2QWqnn_1)T(?8z$X8kfGjL=ui9;#r)CXh9=Lb?4tc-l?&2s%3Xz!O_`0k
zKEB??c8+yYEL1?nf&#EkF}oiCsFITT#IB-(%wNg{d%s=9_$dnRkAZ%XmVMgBvqDC%
z<d>@7cs(Mo|DfJQ;Xf3Qh8~{5jc7gWk{9Amv^zoJ?Yd+at4jLdn)P$hI?0R#Rrj&r
zjQm||s%K#c8kW^8kz`j;S#p|5in&Ic8&J0dinG~y=^0PyQjjW9T(+L~bPV1EGd(Zx
zsKr9tcma{msDhu2qsljE`e`hfp>H|2p8eAb(I<4Cz74ChF}!P1!bzeLgdeM46r-)@
zR7cVz5gys*xA%7E>_?7)-!xqF+`bKS2N3NgKxBnjc{)STHq(&vZ8nzMs_||n*E*yi
z8RHO)mhHIrsIsqJy)75vjQ8<9<Bbaj#cjactK_{B*HU?!<gVy$;}C6!;%LY;TdkX_
zr0e^Q<~|w0g;6RG_WlBXm-kbByq^t=^;SZ8gSuWqJ(R0eWo)!@Cule~mAxF+5dW^F
zh}4bo9GjX=?OOXDw=8;O!7>N}hmg8EL$5zo)3qriudLf^sJ@z>JSX%By2l@^0YQM<
zyOh&XWcTCpb;WksFLFrfeoj3SfKIOU;R02##XEf7U|2BEq<!vwj7YFqf&fCOf@6rI
zO7HoNXt1T#sM;NOD1tP6y;z6FVy1KW2<q<}4Vri8w3Pk8_xUL)`93fw1I!^BJjBtO
zMf^$Yy5AEdJhlX*WA1^Z<?&$cR>AX^e-qeS^H@CQwuo-0mw07!rH!uqu3POKnmrfo
zDR+)(1eoWeV#qZm<(i?QD-MX3nmot)d%RuWzX=qr{;cVX`L>!93*XT6!{I)A>|#2I
zmYeNf81KpTxf{}$i2a*iO(#;_(7Lw8f&4c~7K2ChdQUE#aY4UgUj89gCB*5dlaeJK
zi3-_#0U08MDJIy-z}+Y?Lg*_ZAmD~PLk{Q26M4WP8oAl7`{)ciyj%O_!YtGbzyrB`
z++{0sITi_{AedLcvz{W%;L3(d+~ocvm<c=QOK6Kp=&BOFunn%ve`X<;8}%`jtw!v*
zeq@M1!LCtzx1tyKJ!h(d5u?e{s7^+Qp@oXqX>wo_=S)80mO-@AH6ad-QE5az;S(uT
zibGA)Oy(M0myg^+?N-Ek!}L&pMw0?^HHV@J?AqD7db(91qoN3NF$~QwlKZTJeuZ=u
zJBDnxcrEv}=^8-2nfID!;!1nc*6>YWHy%Z;!~*-2gob?L#eLzaE>-jCiomHa!_4=R
zzBeOr>e=3F^eTjP;fAGq_w{gFN+6q*6>Y(kYjBqikO4i&TJI?jG*L;UWr<uGX;AZp
zm5thqClB@R21t9*yB%pPCM}I_xE`19j+b{zic-5zkp?`|J#`B4`c!0WmT$vRD721L
zIw7-%>RS2bibxHiuzl2k%|T;Sw3bRYJ+)y_d!6*wdR*WKxlvD#N3=B*LvTOKu*1=A
zU_sP*^y|m-v~9Q;0|qGJmF4Gs#B8+hO!dv2E8vY_5D!GiEd?AW;}2~=?Zk1}*Cg5H
z_nCx6ceUr{;uSC%5`;N;lW|1P+52{icTdEyNs$mM`kAcLT`{13FYQfT+svPXxQkxO
zHiv3WX2T7;ZJM`l|Dd$7XdbR-5DN2t4?&8<95=XwYpsJ_B=1x~>Q1R!y*z2E2?S>#
zg$kz$A47h{T%{e}UCW4#uGpnNF8FF%@8MVj#ep0P?#9Ru?nmuVj#TkPvDFUnZRZC0
zM~W7QP+q~t)k*N#o5U`XH3X<_NmRH|&(01(pkyrch_t?lG(GGOF5TQ8fYc@Gz$D`9
z$=N=8`*quJ1M3a{Se6k19I-;oz45!Yh;+&AL)sbfnDwlfPiyZQzc}CswoFq^c$du$
zY2}tmy|(%2(kc?Ngy0m+!Ni=qi13PrgySkLWKj}vs@9c?M+k*ApI;JtyWtk%Ecv+V
zu`MG4Sf^=gKB;7>O>!}BA+>Wds)l7o08IIu9?n^K;r{-xVeXo3ABW@e=y<VJii!b8
zmD9F-{z*Z<%}Pj=pr%5L92JYyZSKyNVX(o`15GB9Z~6{2BxDQ5<kp(Mev&O(Fptd*
zfz#mn<?ylw$Hg$2d<GvWE4$58uptITOc}<xi6%F#C%+yaQ`=Oq2FJQ<?L~#UYnRqx
zGqzBp0(VA1S67~iN2TVi-xo+AN;L>HpLz8p;pZ?%u*Za3mrKD8gkC%kwPDCtQ~mET
z`(4}Mv6i9%))WhCweRnJ`Q$z6m|8G^MCV|w(3#b=-!1i=e^oOd)!j=fiL!wXy5<G;
z$BR<3&fzs}(efxG*qIsAm)@Y-+kE`ava|94<8CCQ)>qp?kcqdcCWlHt`LOC<MD?K(
z3yYD2oAjm4ZYp7~!kBOeR!MkQnut*=wYJ36Mstiy4USlGncUT=#|Bd8Yt^#-eZ}Ln
zB>P(Giv!Q9gk@(Zc&h0c<6Yeee#bsgsDSW$)AQyspZ1Wfcx0&QpamZFXa8;WtH=SJ
zQP;?Y6d4U*^+I{elqHZU`O&5IJ+vA1B8mXDbr%zzedWlGx{=Gm7?$#r0yXjFohqV}
zQXB`29W_4bz;w;>{xjsPz6I=409p}jq2MEee7&<8B}seC_^xCLUh*!yeUZ^XLGQp*
zB=YA$CTjvlI&Ff&8D{+E39t2v7^GIC*yN7ocp*tsqlk6v(qM%hY{xnTo4M!gQXry(
zoe+HI;mv}x6oc*^&#|=RskwtOoUhKofjQwe8b=#^jDqTrEPCIzH{XpyOMA@H0k2ZK
zY?AEL^`U`}@V5bei#ykz-A?e>t>_+rLf7F4wC!Y^Gq3sqeTAJZiZCaYR^ud67<ewJ
zx<9f;I;gT&iIi4HB}RqUHx2V>%u?J%p~a<B6mtb&BwEyO<BrPvS>k;AX~>ykE%x?e
zp}izUx00ueIO5b$K*1gYQ~|lzNcp7<-$7W-pOAZ*jK0wILW)H!+UbMHFI(NYOLyre
z0UTZHzD^d)ft~pT^y<-1qA$ug=%2X(#tZ!`MFJ{wRH9eOCA0g2OfN9gmDnmvGvkGh
zM(l`z=Sgy>DcniThE`j&Tw9J=l}F5N{pz6>vw8F`a;w@myWOE{RnG|54Y6>Bau8Pk
zZIT-LMsb_4)EXMT)VX;GXX?uIdCCy_&4ZXBJMwr49+#zbu^cM7us~mzs34|Rbj}H>
zz2YvzVr#&!tIPP~ig>I-hUsqEFY;=b{(U^;oGe3m7I3J+4D;r4Umjvh;XIgTpivo8
zuy7A^=m}Mcjq&_P1nWN;AGv0Pl1g^cN6freeL(Wl!##(ZDvh*8FR&t%+Njo-I)oD{
zVw%>Glrw=m@l!}j2}&)-y3k%V$(KJPY3KI(BSCm^M`IAOc%?qu(F<!SNoJxPoK1rm
zi>DfuCdS~M0CN<4j{N;A*84I^0Ch9ju?5PQ)Ht2-*8?&cN|jkm9>$IvD+%cMv`mCb
z4bUJ_DtC34K$9zs<vTDgc+-c^N3t;%TF4lI51%7my;YYhzx^1j+www8JrpC*^uV+x
zi7?4po@S$lU@+&y)^U@2i7qm4O?j$1=%zYd{{k}m-xK7a1>?M*Q<!P)sKK#jP3uY4
z*@w0dXT?ugc{9z~7TL7M{^UefzMqT3?tN3G`3sw$-jVUji%3Hm|IC|J7-4eN^y2Rw
zC942xI^t9=M-o_qvrdBsjF~u^h1zKb?kT);Xb(_lrvS0Y2wiv~mfhd{7!vLL_N4^m
z1C`*lW^@z=r{B-%MZc{HAq}BXLZgh392^dHyNApSDmL&K8GWBwBQ#{p`aDeF4%|V2
zD9N<q$6W6P*MCHTRxzMyQ9WPc3P=H{vpc3UUsN#?q=_z)fd`3Z?P0CFm^Sfjfi+n+
z!hOlUU{}noPmI_IuD3KPbkOS&Y~=k|xa^0aD1&H{=k`ZSP7b_;=|oFr4n{>Y6oj0Y
zv)XqZUo<W!BHW>PAPsoJc4y~0<R=_17>Y;qPBgQn;3;}ratX?i4CZ~oZcT6djh>_8
z$%+3TIy4wINm%F#8(ypjrBPq9LP(ggd1*bi?Gyh|)Z+PqB$gscfDL7s!nPf|PD~=K
z^d;n;V2ke7LK85K&>?1P-)rc<$Hq7X!wgl9I-Ax9`IWcVl#e?3v%0co8Jt~f5W6m|
z3)-CZp!{)&mo;^KkA!+12vpkKq<CTzxYsc5{Qas=e_?c%fBwzrLr+;>C;)d6(ICsl
zx%=cshRr3P2(LjohAC7o_4aRcd9yk&?bbxgl=Jh!q_-j8ErvEzv)VobLVyfXbsUhe
z?o~q|Cy~UWqw&xN9=%|Aefmy67%RKgGWTY0<zh?<-SxF2#?T-rPeC?eBDQecyGwKW
zbD=|{&&?(|dfE|DJm1a2>y>Z8%KF>UUyP0|E4Xk=YzuOvNYv={ro|_=&M|#+YqbRh
ze!e&=h0&Uxwc1cBO=3W}@2~2sj(}HDr(Ee3iLNnhjtBEFo>{h0_f}f`koL8AkBf^{
z>aK{xWFr(w<_)nG1x#p??ayf*EUfBUUNcXxEFVKply%$Ka!TckKD$%+J`<BSL>$p}
z)&P7hE2CgRw@R!v97$s$I69HXi#k5zpg&d1=@;>K?y}&7+Mr>1$lo458|h%7j76B!
zdB-f+qQ}Dy3eD4dmqdQ5fU1TpjsSWN@m5}NLa-gCD%3@Jua>@A1`3CPXxcaiubM`5
z&t^{{*eKM7poe*I$oxwGUVe%A`REO#mHmWhb6L39hhKt*3yF^>&BNFq*cf8(F$AL0
zislvZq$09=HJzQA$Ds65n_Qyw?a{5u0pmjD`JbMX5nw{PzYLCvJe*=n+Xe75ReX)9
z?QsjM+$FbWyl?+W$Kj#5$sa+enpnHg9ltDNxO%(30~E$eziG3Di<x|IME|IgJ1o!8
zr|#?KjEEGi18D!LzZG9IZ_)KDnauYRQY)ud1#QV3KC{gTZs40df3BLj1wA5OGTt1k
zmS6h<7i3;60-U}I+lh81eiR?mPillHjNEOR4~KCtUn7v*4k`A^RjQqNOQ{Se$N|Yk
za^LE7%1Di*FUq%@@IVsI=m%05L3#5DCY3HM?`3OEDWmw9#&F_#0E0LhgFRw8EP@!q
ziPSxq1+qkI+Fro&lB_cP1hW@?9;u|FS2j`hkV+J<m7tu$!QHJ7jNd6{8+u^4?J1)y
zPuCN7zOJXD2D!ZNhhT-N0T2C-T?v@AtC7t;DfMJT-J!`2TJpI*N3xM+;6=Xrx`6Q=
zB?LWu?F>dh!c`N>9)KSCkeGWbuX9wVPI#cSI<XUVEJeBS5*m;WgG~0kgOyN5u?X-L
zWo(j>U6q%TPVXzc@zvL(p$7<o#mj~Z1E@__kF@rUGh@#DH|2<FCKtw~PkgdR<@))Q
zN68;{4!~cI5z%b{FTOvLJ~@FM!AMWPd|;?XbFF(8fCF(3odF|=OfbUumRNZSUp4yV
z7D}_(5Cy#GbSWasOEV>uEgp-4c!$Qo>3NvQqHd=VG(lR3i1w>B^ipVfEJ!I~PZ#x^
znD%%n5Reu;hCOCI$KSn`g9Vx$x-*OZOc=-#I9^cG`jU<E;dAYo8aWiv>XBM>b54Cu
zKKW&<C`SsK=$@HmU825ROZcHI&FzJj9<JrUV-lmvR%f<;g2T@AF@!S)EpEfCZ_Y;`
zLQ!p$GJHmG8WLmTJaq(7DTAH3+`2<mxgA06K$?RTutwdo(dU<?`&j4ft+w5a?oJSD
z3t2Gb(l<u@`K{m`4IZYYlyyoe8V`M3Xr!@Ovv)^j(mE@8@cL>Q{$s+wQ26mU%6URa
z3^zr4Pah!qto+A)M-LkCiF;0SJXJSNUym67l!kTJ+2`yW29AsBP7KgK=gy<TK%M$_
z<i+QkqO^HRec+35?c-nzwQ0I4o>2+Z`qPG3o!==sSo2dvexpL7bOV_dqbS+_LAt(+
zBNuAZ8`6jWLa`>7XS@9z#t8#`jui12CLcrnEB>x^01YjCa?drF={%aJ4f`qv2)y1K
zlvA<e4jgeuha93o#o=^My;*~m=?I_IKz7%mM3*COW+}hNh1abdr@=NFJ|Dz}0zUO3
zfS91?ibDgT@eB^-m1grF78hh6@xpST3OFet8G8!sP?`Druz?izGQ%_J8gaGviM;=%
zRKoL3+NT&^1g;fs_luz8_{2DgCxxjtT(mG|b9AW@1ive9g0KW<S-U+2lyF>5Ua`cI
zsYS%uDqAIuv9!Zj7H@;aI1HP+#2q<&{iArqo=MXE@Bhz1*R#EG3;v82mv5ZkY|$Z4
z5QvE>5y$`&9f?U*!Pd%L6wgm(DuX1D#2+E$1Xnj~lkU<ynhW4?swKoT-79pUL1;=_
z{btw*n#qDmT`~638TUy0@&i$UX4igfA7h)3LmL0>B~<1%MU};F4zN1Thn1MFqrn>D
zLherHN+zBhfV&r<#>KmHNpjX2iT4Jy5*;_^^%VHgYmX?LUdsZRf<JuV%GAuRpr>e|
zmnO$Lk=jhL?l{9~GnniWjk8RcEiI<UF{J{O%BOZAmcx(Mt^5ui!F(LnBkaq=Ltg>t
zJGw8n!xvF^S`lcKvEMEkLSu)jsP>XeO*RQg%a#_v&&T+;R?zOUorInT@Mdffne1EQ
zz@{nylbmR$`f>z;_wKjs<DOa7LB*t7j;Q`3HF|NgnSs)ZQify&JH?Yy-c-%1JQ)IV
zgVh^Gk=D5@OuRS8u8>*ovr|fgT5ECbhw6ac0UXL+`}L0BC_(pKBa%idUFxx2=qc$l
zr!SRsHai(r=P5Rl8{TZad7N_;to(xp5=O&H4T?VjXV)$?H;d8B#ocQIfR)htglen$
z)w~bZFhMFPsE_^}QzjL<V4q}(pw4OwF=ymx3ae8y@IcG*OcvE?g+6Ss`j}l3(^Za=
z!F-WdWdIswLv{_2g9EH(0U3zwg5zT1PwmD!O}pG<)wG9!)D*CjN^&rb#_Ck&5^Va3
zEMP2XK%LTfZ%U+qEO&carPub1xMPFZHTk-+El~3^lb5UbR7w6|@e7xX4Tfj<2-}cX
zWNnqo_4Vl$m}}|eX;WwH14-I}U|?kyqaRd*E*or$!}+k;$y1Zqwt!#q#<F%~A#Dvv
zW2)6GizcJB3#7sNqI9%L8U|?1LCM2s8j(wy;HL;K#*<%gO}zC1j$p7LFjQ%f(X(i7
zUw$sBU|u{S+ji?{9~04UI@sg_A0@M#HXHbsU1FT2b>PLXPc?bWvPP7YDhyUw*5yz$
zFR9QDmLL+mrcjkE7Bc5Wg}ITf1jEmCOL7oR)HOsVfC8p>^+2|sUkU(DutsUTZ1~#!
zmDSN^EEL)i(CB@g;6toIyzLkRpQcjX4s3~NXE`6EkDWwvU<U6Q!Y-;-Cb}PVsPX}w
zShPrTLzdsQdPs@sUmmWD3x=g^#sUOrqe(0B!c1b$xq5PB?>f#4)$Ge*jd!=A@~X9$
z%url$dj(if4ya4tW6-8#j%X`cMXnRiv(r8pg*Ro|S;s*fw2Srx5Eg8vs0>SG9kCL~
z6KcaVt*n*%P0Nr_8C<VT>C1&~wPRKZnYCS}pYvr98WcBommFxe+M3*vVB-4qS*XTM
zs;JB*7aY7V1R_=*D|FKJ-P30C4p#J)`j(3;^vWvw#SlABgK0+~)p}XcF$aW+frgri
z=tlE{aSPxw*%Q`gL1xH*hB759xb?TK#Dc4)*sZO-7V9wP`)xN|#(S0bA05-ptLFP$
zL)pHVG~a|T`Mg{ObAIorZqV8J2-dY6dglNZlek<qKB!w(fjV@gVN0>LFf200(DD)g
zmZ#$w+le#puJHq&;+1bG8GCCQDqq~)ua%@Hv5>~|RcGbp{=IzFVw9!dyvZG~XO2)m
zRJUOWe_*rQAR+$a*!ZyWunVQan`sR)MIV#26B(KmGaKGJ##`|hi6UD5>qUXc!i4XE
zJ|oeR!Y(gDh4mHYf@z2Md%71(!k<>BWRR<{7Q{UC9%X!xmY6-Yd^h}vx?z*xMATrn
z|47~Dn1B8a5-)q_&axaCVph?II90c0GaA^WxvIm_P{}BB_|XUIdL}k~Qrt!QL*b6=
znt6RD*kPPW+ha=8*MG}$D2BjeLAjCLltjgZip8L3(X=DDjb2}C2}gdTJ38QJf=A^0
zlt89e2qIxtWqj}*wJdw;r~+l1r_Y<g8KF*oSv3W+@T~fC#8sz|0}|!1FVZZ0cVfW?
zeGi$B)%F83=n#M(>ws;)HK$pe-sx}FLo>3@$mr7rLBTEE4x$z$7`M$QH4c0($=c9i
zr5<I!ie4IXZNDmLC2vIRPPgoW`!ZyN2X_-FdIp8%MaPV6c53iCXq$q%ZCB97QJ|WB
zX>RhF|Bw5b)@bYez8-@d;{?!YqvERfPjB5fob%+O@WRVx%8Oe;Vlx|DbA;H5)UDn9
z2f)g+hb*QMZ(^ze_xs$G21y3(BhaApg#zZL7k53+?>fe9EGLB>XZZdL5>6chnV<C)
zNG3Ud$a#+0iLA@UaRwMx`eYf_YKo&Xi~bXL_X`U_TMb5x=?mGk`+_h{IOqo~4v)f_
z!d*7DteC_EE+}P^L#xu(Awo^{PZkd$+mkKUv*g4Np=8DUuMAcoao<3Tx~164zbIFK
zy2wTPS6<SEKHgFt6YFqx{CbnTyrJ+YSRe36^SHA4a(NxlClM6t*uYME(X<d(-O*n7
zcFCY#@DhwsL^!>cEZ>xw0L?&kmK5Ew_w0h&oA+uU2xA0RTcqw*k0P7juMqw|Dh3xw
zX15yOETi<^MX%Iy+2}27LlleEefC0-VTVb9cx8ioK=+T4Ezh4dVmrGhYHH4TV8X9C
zikapScn$fw1yvKqs)XfF1M-|q{Z;x~5)`VtYH5qbv{xa|0iOVzV(C9NNy7Nwm8iYC
z%01gGf400_QGChb=cyesC*27!>Aj@!QYu6S#van+1jZz8Oms$BZxEL#phUl6^;?d+
z6;%Y&ZrEv$q)X*2AIs;y$L;QC8IO4%l&GBh<wL4&>P)!4BfrEf!&aWzJRu0@LB5c9
zp`(u2ZM+AI)t$vGkb2qT^ESlXe&l8N^dDcmY2|los(wJoXsq<Bf0na)`3^?w;J!6%
z_7$rmycEGPDj)dN_x#>tR{Qq7RfnFj>$m>iGVGCfgpTo=e7|gPPsc6I=6G-4+3Ek0
zs8NSo6b7n=<)$l01czs})8B(CF(y7v6o^4nsVB_X4u*TpeHDBpc>TZ(aG7Bg{PHhf
z0o`b04Qoh~?Y&mGS91`(kRbdrjIvgM!dLAD%&*dQ-E8oN65&e6b5~-&|B(}N<iyVy
z{+W+F=OWKAsHqE1qy20$&RINUP(vod$TE46RtVR7Vk<%X+<<wgEa_*=-8Trj>k_XQ
zO=^s&t^}s!OWQ~bdcxqvczj~&9|Do@=Ae|1NU0Ex|I}vVyYc27fimTzumbMTh+V*o
zP$#f`II1V`=dY%7gy8+x)yw>sqaHZ@H%>Et&pdvV?4W1;mT7{y_LiMp2KtA+8Lli*
z=@fnFLxUJry1b0upQt5Uvqr?i9fr5DXQNR34&3NuCkVyd6yE!E69aiaef!l|`?JvN
z6so5BDH8F!!_QvA@`md=45sEgo+)FMN;x6c-nT34dyj{9f}%)n4_bQhUb)UEjcyC{
zueXhBj^g^Y`XOOV{LVX>E3w)Dsje`2yrNy!7*z&yO3eb&4?^N9;lvV)6*2@$)X-3%
zIKPQaZ?_CLrCCMZwsJpo)Z6iFVNzxRwFpMWG|`Oxm)o+`6lOrWK5_s!PfOgos3yZt
zyWdh{7N_Du!h73u&suV`l!K~N$D#pkuW5SlyVZKr_)JmBSji|56^QpDL!o0~ja>-o
z<SF5rXUb)a)Dch7r=4AcE%Q<ujClYg+w=Znu&>ux&dTZz-yN00K@Bg(;TcL2qYIh~
z60pzTP*PfpP{)PIds&uuN{;1RdttXS?{=Zjb4^&6upJBbnev{DMj`SCzCd>hv}-W1
z&|a25YeY=DVyv5D<%zhxIg9`&h*u9qBMYo%po#I-%ZV`P+<5r)2|MzV#z*~!eEfN?
zVxUdpXxENozJ!Ec7k+lb`$;RluC#XLdJ))GGSLT9Z_P)|gW(=6sz^9MCa0PlVKG%X
zwTP3KHklvA<6ixPwQH%?GG8?8{x0{`+){0pyOX~~Qa<iLdo35rbW@2_YY9pGdzhTJ
zxv2TvXx|)%f7pH?xVNoF>Pm7SbxdRGvCOHOv{egl^*fwPA^+_!y3?~gRDDZwqwDM;
zo`xm0R1}=)1qXHyhuSHee~`{NcR?6zY3T=4%+Mb29wJ*VXfgM4+jQ#&1d-_6y1xq(
zoC9y$xCxcppdlC>X)~-i?gk0oeNAppzW*<A&qV)!ihBm;|1Iv>=;{9Zk`eEJmU#3G
zEKH35Uvb}RtfZygNF4=|x<?b;DR{SM)4y$wjrmXBL)`pZ60`N=w{?QO#&X@pbMD-J
zb-aF^(Z5uvTdq*8GrK6pc`2G8FaTlz4)eFjz)(d^{WJH_ScImc#)6vaVES>*;Sggh
zAa{UveTs5nYyhy?RD3N3Au@b8ejIZkcu-7WbqzpjZSC#*<NySCoUY)|jE<xL%@qk8
zuz&x4`)dAl07Py5{&{aZH`6zP&iit+1Jnq-vhr(@!A1UEMN9VQ^Gjq$(6i8o1qmbb
zT1@(nyO$iR1p1G=2N$&LV>KnTgf{f63Z|c1K@<c2hui_Gew_i(eT~fTS(!yg;A!wh
z{qXzd;moY=?P1SMV46Om=Yg;M;8;*&VsK{xphf-C1M{mFMPak}0H8GuElm@9fq1S;
z@_a$o+5LF9ta$3+8*K4JNkt98p*czWM3-y}4t^KTjcm@ISX&B*!C?T>ecUqqqOyNW
zp5R~j|LrL-G}btPvixjhd<`)G0ZC9}TvkGEaO-);uCS?o;`gu2^eta@q0Ru|_!tGj
z|5)Y~9)eGUzwTaqx#sx&5_$@9a$3In+64aGf6&6B%Ea(lDvG$FuEeH|$l%sbQ(5h&
z|G-5iRg**X4SdmdhBt2e8qn~C`a%hPyPBBs2%%^ASygWXlJF_Ik+{b#ii!a||7xdV
z{Jv&<_0ApqCWHOfHog8<xBu=G{vHzl`2GtmW@~J%Z)ohyofrcAG#dfnYK|b{LBDmH
z0{Eg$>-LlU_G*T(psw8f4tD#xDuMq<Ug~!EjuvIX@Inz7S-#98n~0qFVo+lbQ*Zf^
z>{4Y#O#_yMtl%zxjMjYQ5A|;hpuWv7`$9qK>FJyNuu2VY4XjPP*uJy>fCBQO9`};}
znl15mq!aa)Q&9R8e&)Jd^5*RFnDmJcZ{G-R`5qB~GrZRh>f-3@$6@s)`Ugj2_4SQR
zLGFF1b#7&0@B9jm`MRn7d{UX79qH|Z&HapJrXS~C{T{yVl5YDJA~rIErGNd!G$s|)
zOpIm!q#e{<TU+nnFYNy9`oLBHJ$=s&2M5~r8@cO6;~VMXPbtSRmtkIG=N%Pp{`648
z^99>XUaCYs`BV<<@KzjTX{UtI@d06Ek$UKA?wG~h?7op$yn%hyQ&)5@1(<z==o&Zk
zc$8ly+hjj~0ZMz4h+B|ZD&(R)F=FL0_tsb0+{9E>TA=jtC&{uhb@c0QE4?Rl9Dg0e
z>unT#q5siAi(L0#00>c0wDS^3cXRU<Wu{|za;*D=s&GZirQt-430OtgBz;dK8Xw>8
z+b`L9gS{9(j+}ZHbmGJMPz3!pOn#SKqz0bVFo#wFL~2Y8UdHc%kv4|S8ylueC&d*8
z|Bgu`L5J>^U<|gxYw$bye96b_&SHX74vE#>Sb8UnoZD`5bJMeF^4qA|CEAiXqr&D*
z#*F#wP+wo)sP_c}Dd|DGFwe=7;<!7YN?1|C^>o)9cNNRbBzKqQzZYj&4jl7x2bEVR
zS+tM`Ng-dTfOz|4og@^i1(8HZ|LKCqm-g20yz*9v-0EP`opR->tJ?fGg0~U1`zlp=
zE_2v^G$A38TEkFpc^8Ffk|7&SOyYLp@6H{BJIza1X?X_m?UmBGkypECr6Ikx8_@T8
z!;VQ%ry#3JXUMr$gboI6Ry8WFV)YrUFR|%Vkr1^v_Fv`im9eakr9tcTPf@&y^oBJE
zVKf2!#nu&*Wp=V#7ZEEO49)lz=TZmRC+G5wbLB(<0g0&^GB>IX%U=5%2O}*Zcfwbz
z-?kiq1$NP1*tdGu{HwZdy1+d!;%zQLinZkErx&S|8ip9KMVr@jYmWd1#;XTd6ivxr
z3x|EpswB^(3>eSoH-IrkMYQr1FON~!X1yV=3sz$<r4+`D2c8$a;5)}+ANXZ$ci9oR
zt*)!RW5B<wgzDYc4ZIR5Ft;$(2P&5lgp=;cQp-Q2tRATpTsk%9%3_%ra<0-Vd4C@P
za-))SI5=i=_p*}y9eX~60ljnETySSyD-ud_X3#d@w)1h%eTm1%N=2f5d6BWLF_`AE
zttc?s_;}~i7rZ|3h{CRhAWsn~yCu6Ctf{AqP7)R6j@ejqYU9r!68^QoKodWaJ4N8N
zSRhd-L3h2-EA)vIekGW<JJZ?{S@Rw`PfcQHTf%$+4YrPOVL-W)x^sNo9<z|bV2_66
zH-}HFW&#H93Q4J@JxCGq?h&+-U|idXO!wgk(ri>?ja=B7T=;_z?H65A9-5v#KH+u)
z_o#H4H4r9b(S;(5ERsl0CM~;rUtIY8vea}>%C%-Bf<lJctD_&7mXmpho=j%SI$rvX
zr;O89_cF6N-B_nTM`lWC1(mS2gtNt4u85Hx1A`9BEIi%d7>x2qsNK9KP6f|4JDaRx
z5h~Y7(Qjz$Oz2V~5Pue+C{(f=Z%T}?m$mT}{i^*FxqSDVfBSJ*pZLTDO(ozy5(6Pu
zUywz&Jd4OmoRTBiv!f@4z=&qZ^ZiI<TZo2i=q-4HOCi<FGzbG_1jTjPzz4uqgi6}W
zFDVSlBJ`>Xf1NcuLXGxD$)UADH5Q?66tf`XP_1)5KH2Q~oqgdK1&FaWOkBWXS~aD-
z_20~h&FsU;Y&4TKjKM``WE8w`(^6ly4T}p63z!EeCBG;qV?MxZ9bj-{BkoNX&#-}{
zb5HN{zDZY9$lsRt^>sP^oH5C1f_{E5;5nVrSa?=?d*%VR4rFN}`Ps`3h=_|aM0j!9
zD->p1FkVsZAEO?WOrys%$Yoh$(NLL@dzruW`b9XCT=YMbeJVL36aarOQpDF}9~!#!
zJLs)O;^2VJ6=YY@snH~=_Q4Y`<eZ4Ql{usO7hX&&?(EM|O;Q`qRY}esWqaJVjMf+e
zyX~8}yxOo6OMvxwE>Zhf_KQucsL$}-*f`;ml?E3|+|fGu{Qb%&v2lrR=++S;=(i;3
z;55f(YllXw<6EN&NBeIhxr^kuqQPYj1pK_%&g78zBI^{s6IBvV1(sYX=p0j(8$SiL
z6Y*D1={Y%dgJ<i0&?lf+bX`sj**_fs-`7{=(TN*Zq~xtocuj%}w57#+>5?E&5T0I6
z@h*JgJNCyQ>Kbja{qP{N#?k^3ULeyPv$58k>FML*^hsFhj2p3QJJ?r`C%!|#1-32i
z$7QTEj+%rrG5=xMBWkgW;EsQNo;9wn*_-m?W`be~4{&U@&f2`>rz+GKFGnuB;I<G}
zZ3*dCpi%UNLgh6ukx+X*kvZ!dBSo@6M9>BXfTHVEfupH1(@*p^s<qgipv`M{@&Ue4
zAs35_Qy?yQ%PT3BMOI7jS2AAP)mdV9`i+jiG0Ke)ieWu(m`y$}C}Mo)F>gsFLUAig
zOCMGUITh;<7u?|!nl7CC{j5@Td%aLtthNIWrBjfpR;{JVsvs>^y3eqiJ5anAML7^*
z6aSiPy$OdsQ}d1%Pkf`$24m*qZO=#Ni+`w_9MkIQP~}uyc&W;$RQKzu1z9d|-WF;~
z>?8_LhkIMH2>;wOaJrRA?hMn{d<Dt7sv}8LVREh-%>!Z!Z%9^vF5pJoA8sAK@S)Gr
zHb^2h%;OibV>_p0r5?PytKJaOoiJqNAoOfdQlVtOkMpFU`}zl4g+o>qw6im_M8UH(
ziW8ye;m;AD1YX`2;#u608I781w^z+zA3zcYGOO@Ui2Rmcwh-YkFr2)zt+5-mUEWPr
zI>*<n^eY9Edq>8|oo2^U+A`p+>M|gx`m_o*{Cm)1F(Usp6poXW(-eSG!1ri{%4KY)
zh`r7n?ckPBq{O&uN>w|yJoU2n%tFw_RWLwZ9BP<;!|cDwAAFWZay3G~S1KlzNR$OH
zRLA3>Vzc71qWVSs$QRdbEQyxGg-vmB9hGTVci=$JD8LUiQ2~->dKz}08mHod&FIYt
z1?JWBYptL(5Tz^GR@l%9CM!B-KKTG0MPerqH|<Gg++Z7PobX5b+c;#b$$f)xB+b)R
zrz@$vmkPZ9O5MO?rrHoitZWk#7QsKX;h@52{U*5yU~1Q-lu5d5lQlJ%V1e{?40h|z
z-&ZRZhz#RYaOi}Q4AJt&-$3qz)`c~_t8FGWADwX1elYz)DWDzjp><334#9Rl)$s5E
zhgSEu!bRFJpQZ;dczK(pW>4&*?_sH1pd0!leGw8eTz!T{0dz!s@N4!jtE%S5ofvqm
z4$|L%#0a*`e$ia1&Y9b=zu1>;Af*Dc(oP^bXJ$}UpneW45u)v?{oHJ235=E8MaiOd
z4F=&7@aXBQRILiCDo72g1uebe;fR^uCs!!FG%r2e*2O4l6!MKO#oi?u%ts{t_7de-
zOk?HGcn#Y-CzjCxmmvrnsYYiMs~7&2SbpeVm=XWNADv}}w#QpnMZ(k0sSy!~!lgke
zovi{Vv{_n<@u`VPiISetAo8QTv~Z!azi#~Z*^jZ{Obe_hTsS}erPF`k^??{&xvBwZ
zz@|HDRqWGpq=gX{Cq8zpJ6JyddXQ1=c4Dr+6{TIWs2o*$7k<ID^l#`6TlvhE6*=V6
zu@yR&kov&^B{C?t^1^Fx3p$6vn_26bl0Ob4RTY$Bn@cs-_hUQBCCi4J9SOa|!_I>?
zKu2c<dmjoATSMxsZzRa`Dsaqi+)8HMukv{0SFS!d%#%ZF+HD@aP>pQRd>oCn4&=N}
zMoKn1cq*^jVa1p!JZ%#PZT9%s$^ZrI9!>7FNAOR`U6z94FS@$jsRkhnPT&wVy0DIy
z!&<Uzp|Ttfy^5omrjhhG(8mF7aqX&w?xk$w^>&g=n2m+}InROvq>+-6`3tSqQlMgh
zw$nlZ+d8BbN4qi9YA)>FIiylq8lM?V*zYi}C|e{qbU-M+Taq<log226tKsA9dY9?-
zgdkY9-%U4I3)!DqPZ0EB*Y_s^^9!L<9QqfNXbKlIvFNlMS_){iOElM1dUSG6w(?q!
z{#LvT3SV>&GuG~W<ux*M8Red)>44PRLVYJc&1^-29tJ<NG{L~w3m}_7(M$FCp?Lb-
zuY9bI{m=_-MZ#J=h22K7-=Cq{;9tAw*5=(KymgN($VJO1v0F)2#-?1L%<FHCr~hAJ
zj}dp1p_}Y%-@7<L7c}tlqC?Nkx#(~>>^^K4oBsX7V6%N4;kOkaj#P{A-p6A38x#ex
zmVdW$PrtI<svu6>?@KT-*V=e85iXpPl>(q3dbr-(!Tqp)=l&jQanTRn2Dck(WQVg~
z!k>o45;<|2X2mMLIl%#}+vFAe9hm+(dq~#ivTg57U-evzL^v0~t9!d=S((fwJFk~;
z66~zwKB#KN#RJRgC-;<)iGLqc@d{98{Jl0dT3fk{^ZR$%rxW<y6g~J6MK)TGyC}xE
zu5z%2Y0n!dzpC?vTT1t8pm~YGg1)J98K(``c1Yp#4q3t^M?X-26>Wafq1-RhxlRTi
zBZ;szoXmMw=<i9<WuIWKhXsM!7COz?RJlo4>OLkTCqWm`DQ4v}5~}ORUAM#71a{98
zk)o6i#Z-1#;F@t%mk&}Qy?3E)MNtU8^C{>2+g=w<Wo*D-d4n^AV_NS;sJnTpay9wc
z$oLvVE36)BoG-F^asvIx7$iWbql@UXk;WY(-DgHJT1SQ<Asn|w%NE5M!KgQNq?AsX
zxa*fj*W=fekl?|#Or4v)2e5MNkn$qjmR|tzY(>^|nfX6SBP0<#L#fciIe2#WY`G7S
zU_(x#6JKZ{IH^|9B?K!h%-F*&RppG{!|K6={lLwkLtlk{vYa@~4e4rwbh^)LsZrtH
zJ7&f+El`Ft4~IDXWD&1C9K+}0`s$yMuW`kmdl6i>Q|>&bW6jzGS_SH>w7gCy$ZY=&
z$^6)r1{N-GVD(|?syDs)u8ZP>$D%`U<#B=OIEjfzO7dBkkX`?xKW>d`3qtnxWyo5F
zTo)`APa{J#2DkC#`e@o@u-`nl=*t#_`9#-V;m+d|GhPWtR$6ba_t-{cRf+iX>G29_
z{7U^7s%7A?wY4}At+ww9RK*Rr4If)@Qt#F3#jxsw@{zK`Lt#PXC3p`b2esXn-plPL
z*tk-L*`Audiz>a(;vnraBM8t~SH|BG6N_A5skf6p#PVQ09~TR5UhG$Stz!o?D-0Xq
z7QO{$PM(yEQO8F#5YQ@W0uM(}D57!NG=UXVNiEMC?(HF`oNx+FiXu=>ZIT`bN|koV
zy@665J2LgJdY+1-3>W{4-X5OTpvX@rR+D%YCTF%x6z6-X9KG4B>dSl;CRNy^V!5f&
z7ZZ19IfM<yFTe30nP$y;ACF1e*klFGXega^mDW(0-M_Np$q_EdGl{cFJ>=DqCUPps
z*p)$pvmKF>3O0VX*O-%?S=nvq|D?@IgWF^3T!x@PghA0&L^k}Ryc&}f7Rj71D6rIq
zDGboXL#g(TJ3U2bIC;Ko-2@e{W{PzEPMisUkiFJIn1_{6`8bQOMpyikD<&g#oz2Bj
zEebUivB$7#VuP*&*x@O5;(8ew-P&NYIl|0}d@7Z8#~ed!za-lse|Oee!ci+bc*hXj
zSl^o?bMFc|xU%ZK9Va%GzlW4y6p}U>3~EElT^LEEHgF~<^Ou_l+q2>1zZizu?Z>T7
z?VIF1pi4jS*Sb)noox&Wv66310jChN{jhJE9Er3iobAqIKD7<Yd3{O_+UWBm=%DD2
zRCKzTBkTzV)nZiBZO~7A@7Yc&A0ley0P5}L^sOw3OnKD@_E02(HRcpJ&B?f=I%1lx
zTF&jYS6JBPzjU1jFfpe8cg!f8;pMcSzk}b8k5BXh(MY_^F_2~93zQB~1Ze>|`kOSg
z=Y)oP`Bg{!gXyV{H|~vQ%w5<m2ENHIt=o?-#jr*%Hodja5@4;`BbQU1dR<<2QMoUF
z(>GLHEq57H5k*Y=n*Xg7Q+#T%<ede6#bJ^Jz(2Ju5ji*t>~5?+WQIy9YrWZV9sX7R
zS&~5F*LUAQ<tQFJl0{K+=z$ARE&&AULxo#}w33AcoXC{E&rQ*;rMo?WT*y2!jE=P_
zY;yeCv}VDW!;B-*rB&vxzK<S4*<`*WP7kIU`eb;<V%Bk&C^_Lhv&#67?C0nqsv-h)
zJyQD+gFWWg9-e_W2X4!J>tB99L$3xHYRV+^-c}bAy)($#>xRf>=cQ6N+>#J17c5TJ
zOd>`!Ggtcz%?k%69J=ime&OMoY2y^hPUEFY`5NojH8orZm8L~?kd*h?(W?&yCi=P<
z34zN9+wT0XO-kXRx#xTRsw@x(xKS(Fu-0=MOn}Ym>P@A@6SwSaZvkl1k^zl?BB~dd
zx%-8du<^>}=k7YJc-d7mSjqsy*~omY$3{Cm&Fh0POe$+7$gIE21yC|q-5S*wL2xBG
zO+c^4yy&1(zKai4(ushT1pfV-+!&CgGH(g);Z<+GFYt+Z<?vHv!beab7I!$4PtER%
zd&>%C(AtBEm_}vkV>|LkKxI_~mEooex>-ACHk&oeRM2(mTyODmJUegFf`%rn*=gk1
z##LvoF|wwqu67_G5-*S?`e0cu@+jYhIxNI^p2TFy#aTl+WF_GmUzV7wh^ig&_S+-h
z5yb6f6h{}C{FSWo(jf!JR(OZYbtJ(74y1WT?RaUE(x{}Rs1PZ=qDa85fMYe{@J`I`
z!Qom<6r@>SM(&}{Yk`ksTkfiS#TP<3N1<9*yK#hqf{+$Zj4G-)wus=SO+z7KvgdM3
zciYT*1I<4Qvzut}?}n#GuF?`S@q5BU_U`f*n-M@S<4#5&$e>{CJ*(O!yf}JbEjrCf
zP~jH~ZAr+cu`M@?gs`*Ayn}C+@dxp-vI=7rw|38?W5D2K$msIy*~hAq2L9vBwh*Dy
zuK}<QD9C723Bi4O&b`IgXe-Qgpj|OqpgOG^V~U+_^IrL90xdRnjT~;LS-8=uKIL+l
zJ45<?J(FY6;rMg~DpR1k+0!EQhTCXrb^F{xh2L{EYMU$qlSTHeXTLMj0YR%v5*vqJ
zipD--r4QHeiJz!?OWQ<W%IwrRrBFRTq7V2gnS}C0rB9>fhUmW^0fAm`u&mF7_feP@
z^mfa(GTT^?K+87D$NNH82TOnGx(c<DsDm{e5#vj@NR<{@-jM(`4eMr{bFH1}!82bj
zjupv$V`(vWTkgq>$w1k_8eW~3^qc6w(U%!v@2-Md?g;UmEmDRq68fZ!$643D?0?kD
zoQ=eo&lDDRY=Tjf{)@45h|YzH+HC9_CvR-qwr$(CZQHhO+qtoA+}L*huLu8HJ?KFX
z&$Mb#b=Eoi*#vF7A1dm~w)JPxVmFVEg>J{pSM-HAZfCmYU1c^E<Vae4YSlV0o2ich
zKq*5Gl4x5e-^!!HCgN15Cce_;HTCek)A_l*E%G-s8CozAtz8@sO4U{>uBbHyM%nz8
zhi@K_Qv7|5M1%Oo*0(6g-RKGs1(W2<lW8qHVBZgAblv(Iw>&-sVvkNPce2)aL1O2{
z6OC*Ef_D>I=r0?;o$8hh)GO%GoKDanFF})Q&qry?OK08P=k3Bzkz^oe-jq*XcQ%I*
z3wf%ht~bN$)g9v+={?%g))brAN*vVe?qeL>5(Sb$iUZjyBZ+X;iZQI}FifAW_Gh5$
zqVD|wYjFRM1F@0%-BRcm4M{>PL<1C?O3I~R=1=R*P7)UpxGK>dBc14iJq+~PRJu4}
z+Xm%bezQ0XW~^_uXtiNNzox?_=W`Zd=FG#jB)%TAr?Q<IjvF^ywHh->bZv=m<~t`W
zEWBbq+;c_Q4SEf_bZI(~9!6Rm5uNvb9*EGj2lxk@MuC!;_ASi&L^3zA{#~UNHtDp-
zdw-0BW--{653l`#gVnk5Pb}kyRsePB{@$F%tzprRpLfhq2aKtu6g1&8OdaNJAX`Gg
zK7bC`yZ(=j{c(PFU2zl%^=2PPMccw&tI2qQ2$V)6Urde!NBoZ<u$1c$I`7Z{XSM5U
z5bEZOa%l)$$!NmtRx=n%)R_$;`Dv^EI0j!`v8Za`G(U{$)9vmlR|_Nx1Uw$x$wOr6
zS4~ErQT)Z3f2SWB<a$aiRelGW;FO-nw~ZE@sc&<XO#ne1Y+%A&>|_+Y$uAaRK!&y)
zJy)w}>G(D&gXwX&zgv*L=JFiNQdV2sMjkJQ?{@npSw?}haz4j>NyvcD`+E#f6s7<5
zcKry=R;AXyhlucXqJa=7C%w6ZrOPX><kkFrz*c;bo5<pqJm{fnZU%Q6WvaELDytxp
zB-8S-ZU`AOrOM^u3MSHfAcipHyIWR5cL~K*zAeO0=G#|b+@TtnB`$B|c#A65*PKDi
z9U)SFs8vfWIe&SRn)YwuA57nuyiGwSIgmem&aj#oib`LJhwruF;;(!w@T6rJ0Y2}o
zthqHG-bMNIy)c7dri-RpWL69>?lK1+y4>ROz>E2%G^W5B$Es?>t^Fs>@=|u{=l9xh
zrg$kP3>6;y@)S2LE;rq>8_EMOGo)SMiCkMqW~;Uugah&Vu|vu#1vW%emZHQ>WxY;Z
zFnm7t8HDqj(HBxz>y{+G{~`O*T!7`L{LNjFS<nkN*WC>^jKuEMcU7`h%TBcd<TyV}
zy09TPEj2(%BsDIpkKc^wy}}Qv#6wLF&p)^pR3Kc*n(e<DYLWy}@{pa|N$}z6uo6Nx
zc9h%;%xReu*ZBTSA!2U&fl;>&G@ve*>FLs_mrW{s%lB9@7Ily~k=~`~ov3Y|gaWrG
z##*-V`%`T=FiQ%{d^zeQS{8QlJu%-E;ic77LFH!UrOnbb9p;J(K%0Jm$ROB%WN{tz
z9}h&%X4v)YpwhP_<S+;4yqxK~Vy>J<kGr*`EYlot&qPKA%jU+4r8)wu#ICnx6h(G7
z=nAxWPa7nJ(y&3lV5|f<(xQqypScn=My7E1P}fXnTEE3L(_x_I^-)mQQD6JE>nw@(
zH!~)hk&p|FI$AvGXz;*<7I@s-l+=G;;o!-AWdGr8m%QN&iS7TD3xzO#8k#gQf+Fk)
z#(EyhdWLRJoU22@k_qXDw)#wEp)vuA><u?qPG1;Nm($cSo&si*A!2p9YG=JgOitAR
zvRS(<T0ykge`E~*c?{#6OZ|fB4E`9&Shl9*=00koh8W@^Z<Imye*<Yhm%g}FTvc;#
zBhZSOb-Vy{ME4;oMtXE!GJAdAPF{<cXA*H?)+t64aRq>Yv*Q_xJ9TdFz%1jnW7+eD
z;B%6BIQKGaoRk{`aYNBmnGot}_@^z_!WkawfllA^JHp|L9}G(WxV`aAox~Y)8Hw<s
zxfVI9kwoff!nJdIsC`HSSiQC&;xnSd6ETxUQPKmC7~=9tOVrMy9bi7|qA|~FugNiI
z;j<Ius+2kNHg1|}hP;B*&T3==w?@yB$kPL3Ks1|T!@{(%E?XXIx6Q8T8#Ddo3?3%$
z$(lte75}A4EH4dcFTZ8TboNdXrg&U9JX>-wn+`z~OB=?IgDiU*e9&2!YYF)so`tcH
zjC1qZX0`SdxRaZ5Nq8WrkWiFd2;S>H^aNC6O7Wh2EdNbBGdgJA9!@Yow;;~e`0Rdb
zLVED;t#vxx<y9EGts)dM2I~<5T?@;A=X5>H_ZPN;>g2F!nW_{3tr_rxa71>!Vy*0x
zk}1!~BH)V2wO3f^@k`a=aUI)a!<%gSlEc)saJII=XW7&PO&Xc*>4b`$vKMiaQSFqD
z4ir%B2WQ`6>0DVl+~q1DbJ-Dl(vHmATS6><*ygR-9uT_=rM6W90Urffx#Nl@yw0-2
z<*8^&iRyXcWIp-RuWq&hwVcNtQx-?oFK?L5D(=a4tr2FeaqEj$NsOx;Eq(ZYC5i@a
zyV8nkLSPE|UGux)lJ0mZYmW6VBXA}S?q|90!<~Q)o{9xsWwCRUY7K~MbF$7f`IK-Z
zdhNydR3mFFf<M3WPoC^tjb%dNXKM7<{z*IpWnbt$j*M}ZFCBHdj?}S&>^={(b7}qb
z-vyz4*n=}C75I$$kF#9#OoA0KH0lYyj)th_=E6~kQVbT8m?_GSIo)V@@SK@9bsN6=
z4O2LWAzaZvs5y?+!nv^!bKW)PwKbH*^`Y<W{PQmx!s4I=0!An<!W?Gn&3@m1lt&m#
zu*me$@PH1LG-LG;bc~bl8teQhOiz{rJUBPs`#K3MbRjz2Vo6aWCQ6?XAr6m!PW@W{
zf>k*`*kpL)(IC~)*OfBO;0V^R4pl5@Hz#=t9jE1(bCq^k_}caDwY3DX8zDh$WWrd-
zWsvSZLx7hcv3TBj)w_9z933T+A*c&Yl>a+^XqQW=77;)AvpSCc<nC4aWwEXDpIYdA
z{zX<MR;KR$(Z+tt3S8^YhJ*-TW?z@hK9!;<yPtMSOiANTVFE#_1cW0cgWmqjXX{Lj
zuI+-@o?fqCq2+=wg@-A=FZ7>xr&&t(zQ<TR;&6yK2;<Q$(yl&)gTwJ&mj3z0ITJiw
zy-a@WhbSvfbc9}Yh=Edj5uCGzaoE^z7?Xp{F}-2743O@J?6@J*?o{k?Bt1|IuMIFb
zs~8?Cddw(e$q>6e&6;EHPcjat2r|kJpw*Dl=;7gcxVRR=K}dtYw%2(3_IuA3AII1@
z^;UEw>aXBnB(yfKCLzTssfp-zZQ%?+msB>P#5}R;#o$xlCdS^mWrh5eF~$NLBPW<K
z231#Xh>8Tv-gQa~22DHW!llI4T^+iqlXbpCSimDADYFX1(Wb^isJ4aTWGuXTPD{uC
zBD3M2yDtCb*VQ&}SRsVRz*($1T$WK-%z2Fvn9k{QEsa|^MZONcgvFDH3R`t{=gMJ0
zdLr4qaI`G3wsvpFK$G_sGEG}PQZXXBL847AsbbaUJiGJnt=Q&=wX?fF*fpO21J1Bx
z7NPnM>F*cU#T(+2n4(Z|2FEpJ^-!tz@Blm3kS%V9NEMNNrPl$&Wj1QB&(4(>x&Tp^
z4(sxwkeRzXEs$sCmK9nKaI*w&Wz^j=zKaHnpLHWg>V^Bu{<l8~<;m~i4NK39Q4M8-
zlW{~@->vUGGySF*{XL=@tpA%xki%D%L$c=)U9Q5vXSLddO^Kb7bw?vp?UyA@eCx8w
zId_6^0}7a|Ll$?K>^xmG?lPU%mo2D5lD=G>v3HD*C@}ieS(&G1v?5XAkE3BZ>oT2d
zxT7StYRF$`86zU%!sAL3{@E@nd{xr{d!$dphR70V6l-KeTL!$)h}?p4YS!ZLwoFg{
zQ%jyWClbAqoh}tqt<KoXla9r@e_zlerrU^EX>a6Z>1Cb?hg$9-6=dp#4X9+MUXB52
zfd|?zUoA8kD;U=>E}lH-w2<w<=o}K=mRm^$TtZlSG1>tgT^vWM=0K^7x%QLz5#zp>
z-;W&&llh+tdnz=>b_`yUq!9>`mwGa0q~OBZ=^6Pw#xA37r94hcKVPn6Fd5Bn1RLs2
zlq@(Krp^_UV)+x48%3~VkjAlVwsBY~XT44T_+}T+<^9d&3$Y$V9F$!*oSmHq0S1Td
zybX^^-&r~-`I`YJXVx|Ms=enb6{8iI=M&?~*LkP%%asA<SRY*bx?hd~CG;pmxYl^^
z$7>0i1XQrgpLU~cFlZfw_>6B>mLV|+%|^m}v|uU8PHq0YA|=}&s%_PkhiGV`1y2xK
zR`9ih2jF|+zVvV?mz19J-!#|xb-@4^=$d2Om+~+Z6+GB6Y(3tIDH3(CC=>jda1ON4
z=wZeLL}AbDZ>%OS3xNp?l6=iSokK?F_I|09`!)Re5OAUXg8-Z|B-FxU0B%}R;%?ZZ
zPaScrw$kH1tdx8=-?G5iqb@YWhm^C$^bSekU~4H6f8CLbj&7CQN7Hj<S}@t?kRIhQ
zY#<cR7V-$i<rg{C55UG^WaBK(307@iGe5$Ko+)qvbMFYOl_43cZ`=(`gRg2=!+q_O
zEu#%4l4ngaE&EQ=0+D!V5RX#-?1e&5KPB5%>l3-kAjWy4X{P31SYSsl=r<Y~NM=h>
z#8I@mS8hFqKjLA-&T2ijBa5XA_*Y_S#x7!jv`1z^8k+z<m}lvyF>)9$EPQTz-C*~s
zyJO$gGxY-b6}+40s^SYQO6~DBcnPfX?F-h62!^AkNCJ@XE9(co*o8qMug-<<uHlU<
zqwf)OS#@l815Xc`D1aK|+b2=mIE0+9*7@SuDTvuXD0hQ9L?mzNqE|+*6zKAJ;xwq^
zX-P5o8VqR8jT=u~{`@Xlo!AuKg~^C{Wx>~hN^n@7Tu&_=*A2{a6F{EQx?`L62Ug~)
z+{4BxYQ0yPLt;dno+bdyT5*Mak5O#z{-b-qSM(Tsd+mLP55Qkv<oHP_bz?<K`MG5b
zsOHfdj6^Z_!vT6%*A{c*Q%95w;Cr|g){Us#KO?<ufruGnVmtqrhOMoF#{PPdV>LzD
z@<pfS4=SPs#PFxmKv-lUtrLk_MKDD@`z>3iIYfPOH-d+ObIxk{jXFKoqz~az8_V_z
zRXhpT^i)Qx)G0pYiJA4$ZUW7F^H^<_J(PE?U`be^P!d*f?3k2rNzGO$!W@a3rA%M*
zL|8$|7^04w5cj^w_h*K7h^0xfmw2g%$B%4z(-qSt%E;UgVpjpz8`!6N?pQY_D5qf!
z(Fc5`u(v@zDR)fLvtfgZ(G4SNrPVJ7IE?3W!-mtz;vGph7sR@h)hbQ6u`ka}M{hA!
zzto(q53L)#4!Rvx+NkYd=LsE_ky<}g0d?W$O+5*W@*axFVFT>&8A(~~BBwWJdH+wn
zyCbgz%PoBnyrsrf1=Q&U*Rq|%z{IT_Du%*__(xAm7FVL?BUabhGLv6p;D#!5{?aff
zJu_2AGyzXR+9x&HGwGiszbktpriJGP%4EX{BoiN{^CG&-$w=LeKX6?2IJX-Mu&#t-
z(80`2VuP+{P|z!;MMu{Dq(!#aUv_=6x|EELiX2MokahaNoQm-9)_PQwJT^&j;{Bmv
z_TzD4uSrcjXd;6Ldd{xA8*`~LXY-3tc^SVn#bvE-c(axDSYVr!AAyXx4!K#x$7n))
zTXDf1Jr%W7>{o0d9G&3S2ac-F1Poi{MCw?;M&l?hVd;fPkmw>JBJJlk{=lB&Y(9cr
z4(`e<sxPSZWvrzmgKECTYLUduF(rb|CHp6FBl)+Z`beRlsz)v>oS9;_KYF41`)cE#
zn)l|j*bJU$mm$t*!epQ#MF%C~k9OyCWR3qG7UHT8{7?!*GxHn~kayeD@>rb}d%R#U
zD#5YQ%7P_taAUGLlncY|8d=Ue<rwx^D%Hg$v}{>t)@hHaUy1nUaB<w|^o3_NuKj<`
zoqN(zl#H7~j8qfs`F~as)e6;pXiOlZz5@xX8|ekNiT_ZjQF>akeF1a9OjS}nN!Fke
zzak6^eS%O@_Qp!yAZ^-^+9XlL$ZRY`u6m=BoH%{=tb06Furu1V`^Z?!GMaWC>qQ7;
z%pp6ipjq)Z47hp%Pq~;F$r!u(zCxO$IDU8Ke5yLg3e85Wi`l{=W_HOu3*11v#$0A<
zLLy6@aM3rj$TM5sW0G_CkTgf;ER$Q_g$bFPqDA<Y|FTsv2c5li_7MRsbUF%@?&owD
zqXPP#qnfKXn)m|A48d&c4^7rFv+MVsxNZkS1iAZQi;~Kmy%(8|*l;g6#pE2w^3rq}
zems-jHBxs{*!@Os*R;ncZ^4_9kn=o}Yz}*s1&u7vO41;iuIP*H6!kV@?*T}W2!((k
zFd1$?QP6zsS2g_Ve1->!JD(jrk8PdlIL{fbLL8t?8nF;H4Z(Wu7V>l+V$_iC+R#MF
zdO=fIJ>pIn8OxOiTu&Vw`<%%n1;`k{?qTM}yjl%wMv+O3Ta?3t;ypr?eqkNTQ!F#Y
z{eOqlyToNogpTz}q-ag>Mi_^u)z6(2hXGr!3m3GdSfe(kCjv(CNueaH9Ab0xENSp`
zd~eM~E16zdCs;b1#5LYJTlUpJbeA~nrc(H8yVz<)zQE(>Q>9jbixp+9dM!(VPVG#7
zvwQbZxu+KjP_$E^F09ZiuDMfWwjm2dSvnF^gl4b}Al*J)eG|ec7h-h9S;u$8#7xuM
zlhxTi&cLNrPqFN+tmq<ZQBX|aBtD{U2Ct*J*?KfS_B<+tWo`Tt9X$VTu5uw;2^!!b
zHEbOtaa9P$BVbO0va)$F*mX#SVw{xxbE^Dqu_Y{Nmzfy)9Y|c+Gw$fHr0&Iqf|rXW
z?w@xl;ZR=Nr*N<bib_|H7blrrq<Z>zie5Thm_RZ-5G(@r898Zb<nDA%#MYfJ!7f{x
zSGYkOEO#F7%K?e036IDog9`EDxx9V0G@9>(n9+CWr)u1;$jv&CdBTmZ^j9BW)-ks;
zI`%%;pzN(FI*6C7>QLrJMUXzZbk&gT@WW#b(vZ9M5@}>wGuxAFKFE`~SW3Re0dJ<w
zyFFT*<c`IrL~9j|?V4pjw)4&Ay)L4nNj@v7OhX}<Ry8<MbSUpK?`b;)Im2@w<oj^=
z9&&q&i_w%-STXJ=GOOxVs<4l1+hudXIS5of@0Cx3MI-T6@oV(ccD!9<Q)iT$4#HU2
z*O4@VHIEsFJ!hFT()iKnjMDF<!ib@b67*kWhkC36r*|ukgLXNmc8&k>zgO$S7v%@w
zmQgT#=tqWD;}Lv)F-Zi>%0+a!Er`}#PQgmWQD5`twZiCBN5c^8Bfj{g^ONr<UQr(Z
zWfub8Nfp{Vw!5VdEy5~K*{=DBtYv16@l9b#F~d_M+}@zpblA30AAZ5VQDUV*7Ym;!
zahq?-2^KkC!(v&t)!Zp;oU2oaPwu<xX?T2xkg*((x_6;h9GWepg67!<sj-TC`0C?!
z$~ORnSCQ};^sqPL3CX?AJ<!)F1Y0Px_t+`BeiMbc5`?_FDZ>qK0di-oMA9MKnqd^H
z;L(QYfovE4)C%?|KJ!^FuE<e_V*+QAR+SzYmNH?{oM{jCJl?oaH6entDhU7KwN`mn
zdVicdT0z`5FW*pPH@-dDKO$p*`hwVaISIW9*Y$~NvdXMLD;~Aa<ov)0m@268Dez{W
zo!(%<ITWap;0E^J4{E)Ly^V}qp7cVO%osi55Uk^(!z!m3XA|x?TfK>6rXeSaEX{9D
z|9T;tY|Midz8+E!tl1=v<;=^LB(uH`q0R1-)h7Wb+q-?)5+l0bA_ax+LM0k|PF}=h
zhEZJZ1-ciyn+($B!S93~5@T0VNMAa$l8H}h)SA$S;5(!JdbLYXq9Qk~OCjFLI+HtT
zv~PPA6I|D}yKHYo`G$2*gUgolVa9t=8z|0xBjkMSp;?YpSc8gY*gn3e8Sg<bKl4sx
zXa7CP8?!8vM*-H;wHcahEh6$p=g+qu4hHcv1o1mnvaGLnP13=GC3oCBV(iyB`ZaA<
zdz}sVTyM5qQI#}<^8!KAj~Jo0K9kX+LUQcCd&bc+7+wfPM7gkgYot*9OyW&4kXP&D
zE*4z4Ty9R1h~&~~eFF|H*np)!*qsNhn3#XC5upaP%R3iPMgbR<yO%otD1)X;4Ag1t
zjP%LKR4le@`JFY)Hr#(H<!qr=al7lh_78<0`E6Hdt(GKJ643KeW!bxc#s{fDqGhja
zXKy`Y=V+YLR<lu50H_zK#Rxkawgy1%c5&fDSOchaN=HxXzEy=qwK_E-r^}AD3*_hu
z_#TmY3)K&?H4W**r>4gkdkZvre!af1U(c7=;}FpxiCE>>?j43%+TqphcYa`Cnj9}}
zJKbpRBT!%RuMXqMe~2TMlkm9r`sxV%dS+F9CA^Nh%W$fdikf|gU>E^dk3(rDakPW;
zmQe>^hdL}CK5Dm1n9x&jR)oU<KS+skcfP^3wXTCM$r0;+TX9?4>`}WC(d>`hWpO8@
z<j#vxC&|AEjnzPi|4+E%KU#yp-pC4uhv$F!4aWZj3M?%DTQL!^FmZ5j{%`qz!yPQl
zZ0!HPaED8~v5T2v7cI_~+wOYXwTjJ_r}0)zhtZbVXib#uR>gYf%Fb)fk6iv|?6+|}
z>uEFIEbGfUDv4AT9FZA3*+~+-fI0-an3-NcP-|~wc61e^LZ0C0_TryAz%fHuae+d!
zTPyRg{*%7Y^v3r3$|f*{-PK3Bdb1O#53?IY0~4r5hG%A{C#S|wUFOEm)cjy3py1fX
z_ICe|0+Tzdds{QaPw5D*%+A$JU|p46+<z#<i5b-i9lYIa*$G__P;`Ih_iY6bBcwRJ
zxwSO4I#6p@6xsg)L;8`>@$m2hBG>#GfgGIy*3tw454S@*+p~lB_=!JV2~3b#+`qD$
zSNLsG=wrxct98E=00G;77Z-o0Mvg5EZGHg8E{z6YS=~$vU$QD77Gx&|zX*_Y4!>ua
z9j(os=X*sx89&YT|1l&81#`bav^9ZdzcdrmGl`P87T3pSbi_aYvA;qNzhg8ry1+Qo
zHPbxPH9*ef0iETQXiNM;Ri2z#zsV-=kT!5EkB^Qn4qzG>Tb&u7n%Wt^zJu=_7~R>R
zI=MU3-#$P6Bfr~&jSWE4HL|+EWG89<<9GJA{)W!c{@4AO-CWw<ATF7hnVFhE)4v`+
z-lf0p1!nL9-1Yw1)EHaYpcy13A}J=KXFts^zir59u5Xt~fuYg30|S#Y_v)1Xyblfy
z-{s<@#+Sd@NRRypQ$VyhKs>)vU-sia)Sm9n=IQ-ZU<$v=4J-k_=aPeiE1SzW0^jzD
zXN=AazboT=fT>?)p5NeKf2lKmV~MVfjqhf^3x72DH|<VX0ld5T&FlZTmh{fX-qzf;
z-=hJ4EUT<v>C<0+KNFqU>l#_nfHb$?9WrZxq_w;=GpV(@a<xD7k$wl){8c{ttj@&X
z=m)+#`oO@@-~)b6R%&Y{?fmxWzxt0K$xP6hAL0_Q`Q^cBEDLA_*Y9e6WAo-;h#$f1
zE>7-W+c|#7r~hJZu4!w2$t>({EbU<0yN(Se0ai;Go6kD*LAQer9HVT1D}UbpiA}@5
z?!dd`BiRT5kGFy3_wEONipO;<cBC5A(!H@e%-@0eMBeJ)web|~#LQcq8Cn=DDtZ87
zWWQi~px7Cfnf)^$?~#oi7a!zCd&ElWC9CjSDZxg`7F33D89<@(UE}0)Pz&!OtD>w7
z(B#uBJR0<Z>rqRuzfwI5(Z#$+GHrv17xzuQwaxV_OkDT1>GS5TyB1>5)5AoNI6=^d
zO80fJ?Pcy-sXIKp$-Fi7YrFo1cnf@<Nf$j<#@%L+?en{fSppCX9FkC=*^v?)9Lj<@
zj<4U<WDW0_0kGj+=9S_|9qJe&0b-|Qu6QL2+Pi3-?<O2}5A#ag-j{RNC^bh@JJj&#
z?r9&5h5Za&o8fv)tZ7$`?59uT@!O*iUdL{)<N{bv5dtaDAUGFE!8_nMT5~?8Dt|ts
znK()h{hPM#B2XXo*|7_?A)l7Xj!6a)^Zy~^$ye)PZ(}J4EmEuU!oSlTUH7j!JaGI4
zxZ5fMd?cl5se#h7s{hp%uYQPNM)Z#&db+M>${cq!;#BwPxH~I@v+{-g834w2h5ow(
zF-2KV_nbrh?kfIYjIuE0%$Wp$9J<Xw1U#azD`QwCf%!V3f@P+t4-i~`DlMH$cQeY<
zFIs6Q+6GpUN^7SD0`h1~JctBSi7F6vndG=0&u<M53Bqw*#iC4cNF2T|3~~=nXIX6I
z2hD0?G|AghywZ&MpLi-gy9Aa(h9baPftAG9=Cy;BcLP?8W6_=nt`Y(`bjpGj-w^Aw
z5W1F%^E!kA-|=|-Pj=#I0b9B9FcSkZcS9@)EqFpv`rLva^9m8+sG#>b23X;;XvF@;
zu{dk`oX^|K3h_W{5MK23fXKBd^e%q0TvW$%q}5}TmeUGtWx>)f32*<X-jIRi6ox(E
zP%L0o^1<LMa(Fs1cw>2?0sQ9Q&eg$;bE-+PkL}t5nFG#n2KGXd8;;jQWrO0}!ar~%
z7JK6B>1dC6!G{%3Npnuzc*SPrgJ(E~V5-z@z==F@gBvPiXSX+vcm{7lrC(7kX}rCA
zPu|X!c=YYk@_y_g@hv)r1kmxzwu|iaS=zHjc!(AI05*%fK?3Gjt*mvWXZ~6Z70ed$
z`tMt@P9iF@H(Zy(_=tEcdO5<V7-!MD?dxG4((}p%wrauw34+A+i;A4*Lr>GvTO_i5
z8*-4wQ_>6V8Ra%Jj@<kB7P16R&zgnS_?&eztLWJ|cM)>}j!m>S`%XS$96r8tsHurG
zis14e8{N5*PkF@6p6X!MAi7>?+7fk*Fw>8aKI7N}PJ+u5We@S*D(w3gAMZuB<ZMoQ
z{^SuV%{2BmYl)QDp{W<SWOSxv41o%<s+_qTpYcK`bGwT*>J3V$BIT-+0xs)9O-(v!
z=^g~OzgpDLkWlKeN3UNL3+b+R(t$J-AYPzYPS*)(f4iwU-$G^@?9)W;`~QMnq3gW+
zs~ua7Gc0>?g1I`Phmyci=~R4pPUYq_){-R>4qUa7GPvbTG+<`gP&Mmv!z8}#e~R=I
z2!ZDx54QPlKj*S3@!YWXmMt+8S$CR>==d>GkUynH8#)C2#aO_}FAzVAP6^U6Du<db
zU|G-Ro6%3nGy9AJW3#W#dW)2_1d8(zL?a8d7<k-D@F0)dlQcb~U~t#gIxs)dhx;$w
zaUhqUdr`X<u0I4lG}>1tAF)9U6f24kxm0;7Y&NVK>;7b&N1rc5A@9!7y3^%*^xz_?
z1m>wTtwIBi>9+#b*?wMgpXs9r?O%y8q5IFm@wF*mPiS^T?siWEU1qLc>(!~cmof%B
ztQ~_$GnDBcd<OW7neZL`@~^wiqUGPjCv=Ki|Dg|06_;2cJ7jpYjQZb%Sb}G^wA>op
z&`kKn_~p%^WEsx0y<BYyGswLv>1s<Jo!ckQiy*Q5EGY?$myUn!G*2|IeodWN#Xmuv
zkgEt}ds7;%^+e1wfzh-~wQ^u%FR)JfhUkJ9W@QL{2bQZXas8P@M>M@!6l80?vOaj+
z=aJX{;>4p;q9`$COqnpqKrz{os-LSng+=#eijfYg%4|P;aI<sMq^qkRuiTj%eC=Cy
z{lpDsT1k=_(aF%mOlb1FleCa2uB^tT?l)9+Nl(U3QU`o$qo1t~QuyL-b`}@!ZNS1e
z7o<j{FsAe-MF^FafaDPLJaB2<RBfMXbr70EB^j%CKo+LNNBYv^QrF5o;1C)2k((V5
zCy=jVD-jheUHuYvA-?o>3qdCKZo#RyH=!>%SRa+0n@p;~nABSCghv6AbF{nJR7j@X
zvik&joT))~t^6|@`OwsrX=?O6+Sr%N5(t!&zz~y*U*Q6q8|3MLxxq#(KY3oHj|?%Y
z>31`|HAY7{A*=}1V>p{Jm0Y5`RG@1>x9A(3k%Pvh?yMvX50NwMayF_u@2r9F5o&g7
z?oAwr?uvF@$Bf@U7sF{eDLIdg3g4q2yl%ueiTejF^<|d7MlzXuC1{XyJ!VN-3bD-?
z59c%$>=33UgHBhB`^$#ku>Un$o3>124s>!%SPQ?c54*Q1CQPOaOAnK<69^+R8_E(u
zl*AQuHx(qLvBAdyuIIX{ObD$EoR>)bI12Z=e4ej>coPvhlw~C_zxtiGR*4A6TGPm1
zPxh8j3-f>i1ixL|j6zsCZF{`Hul*3iz^kB_NJ`L-US4VWr!QTUr-$q*2(1AW^wchL
zbzIoS!)9+%6#<dr?)McP2FN)UA*gNh4QfL$X54yCr6=>TAwZIVb^~JXW5B@2{i;g)
z1AH+AAQYO#OOww`VFU!tLWhpRvk2xXz@NhZ5Qb5lNG--F>LkQbq3C64ANI!mOe4bD
z#`iL%T1?v&BQins{#BgHEHVc?)Qy<&(LujQb!*CLxI{Kkd5$|~Gtimf)s~U01IzMv
zyuK_WI$6%ciP{uDpdabH;C8Oj6G`nK58_HDXUnp@$OZ*m68HL*WW5blj>?dpU*0^B
zQS9q!1Qotqdw~k~c^jkF7=P)B4Bow7k;Y^nN=gplxh;)@-pO%vsuX-fzk;M0*0{l9
zenCvyIe`$$3R`rTZ@{KolsthPevj)-5@jCTuHe<I)oNM#?SJlMoxL!QriJ>Zv?l7p
zlmgw2YbBMNE@7;>8SlN)SZT3JEa>8Xw9Vw3P)~pOcjW*HzyYx{xb*Su+v>Qpzh2Ed
z6W&hPjAuh)oIw?ph+CBl4dI7emmfLV+<)J1;9m-Bbb=-5<Sb?X2EN6&<jWe4k_g#1
zVRSYAHHs*sDbl~9BoGJl7;(fE5lmwL2Db`jONTON+O3aGQLyr?fO!P2DSEl^KHfRE
z-CEG1YNDW!Vco{yw#+~oY`3<;T>C!Kc(2Ub)Y<4W;{Q#)R=jD|CJn?Ia&-s=<z_qB
zrnmUa9)jEc%5p(Avyny+zy$Iy#IQq{P~LZlF3lsFnH2S$k(eo9mg~;US_f(_9k7O7
zZ1lyVU<Yo&g!V+7F~Ie-A~p-sH#F={k!V^t+^W4Soe3)g0mX=i=S!d_n+tK^DLU2u
zm8Kv_6@xhxY+&&h2-%S*<Oc-?hVuDOECCqB#|*%t(hkR9(!m1zM}hQmsTiG`{ZSSA
z-&?IFgn4wcV@CE)&|w3vsp3A8D}xcpUKtE1<YV!|7?R0j;}4Rvkvg=p`RD~&)qYZm
zzv&fzI>1U*`ub7AuYF2dkdg#Hr_R&lwn3`^1-V8w@Qh)!==^UY0$pOp41eM+TzDHH
z)_IC<gWQAoYLd_5BFn`j3Canwy#$8o!j=?KKTpmxy?t)y-2&P_^P4n()e0J(DJpg^
z$NYrd=OZnI^K_oLE%HfM>#M`AW>6=?UN-ORQM0~!EuL8`1ep*1%K`(-Bf_q^)||BH
zCe-8p*-Im=i^?IXQNudPiFL)Hvz|5B#W4&D0zQM|mL|$_(?oijoA2I1us!14Lb)J|
zOemRboQENRAk<?@=bx?TQM~&lu(t7|Of$hkX&fYOP%GqmTV7tJF@slA<j^#P@+)^<
z%LVH!@Z)0YVL%4^gq2y!SA%lx7I8EKI2=|~DvK5w`ibxlXp%N>^N_y4vti1E9$+p`
z?(v!#*)KgMk}*WBts0kXi*5fI#hS6Utq|ncJ`3(5`N|Fp&ZF8`)8M*b37`Fp#g`r?
z8MwnPp&0LoOP+7T_LYzOgs)v6=XpoR_ZAZQ#}P?Pj0@p=^L>jSD_lLOSZP|cBt@4h
z5AFO{_HlcV$mb3B?PV`w?zCNq1rFMf`&eepi3m}w_X!s5&?tU!%JW?uf`>`FHpo(X
z1LZxR5p%SBtQzz+uTD)GH7>>nHl>4UuogX#fnwVavEwHt*+q3w63t1|Ej+NqR(0KO
z!`#-3-OYvP{Xf~?Dyh6_NT+S)H9@R*ux13+ah@@B{Kk|6IA&VRJ4`+yMxiVf#{p)Y
z`o?g&6#y?&!QrKrK22UWmwGkIBqMCto{6POH|P!eA>m~D4AZ4g?k_g4j6Ov5ffW1K
zTA>r=%D@5a-hv9GsD(;vUGupoPl!F~!6Rn}zgLY!(s?s3TZ#utOl3oagYlqgPzxIb
zoh2{PE!u0t;41p`g^nG1B+EANMZYyIYJ{1y%tJ#$?arO_yjm4llHY~ERk$C`vrB5s
z%ye@!ea>gY9@J$aGFL4M-b}~&3jK=BKORL(@*I3RVZrN5OJxXm%a)^9X`8^}5PEIq
zn~vNte{(NfQ}}I(A6u`>5Iy-_$x{O-r3%+ToGGT}Urej)CU!!mC(_tqY-LipguM)C
zXWC|_PU9xp1@~+(GCX$)2GT<u@-T|=_nQ9($;+i!)6@So=C2(t{q+RRYWKV)LAJHs
z{ECDrSY}^Jh2W5GlD4pk5qunwbohR19#KyOjBhivvRs@?1}0cWZp2qbwy_r8uIod$
z<l7U+Jn{%-KiLYDPy$PO?YX<omrgV`)glgIWZ4ec@^8IaC1<l&Aat07@VOZOl;$VL
z-0aF%jOijJriwko*Z;c=?0(GLZg>NiqB!bmOyT7~B%jgaRXZgbUTaJQ(lyPcum{(u
z^o92<BR@rOS}@-o12mBx)%QfekGuhvNJ?UgNDKkQN&6@}RSD<yi}B75vV`bI@>gUr
z30xH1gs0Xlpk~zwfm=E@WzWXPzFXGhk}7WfYc#uyuY3}&nMI=Kd!?O{x?o8Mtn?n2
z5=`!-bxT9MSe4P#<b~r4r@}#-_Cb=urnH4x?!_m>z^;cmbR~q&z*7L@q>YNrKf5`S
z-k1nL#`9I74FU<;outfO(x9#(_u$*2m7D|vaOmi{S?UVjQCnnOds;<2{kk%|Wn*g$
zN1zUJ3V)w}h##ILIs(Z^HTngw;vXi?e>Uj#^xdR)M`F6j=gujEu}?JRwSz(M?Egda
z%X42-I?L{wb<>crHlBLCG4l}ZZjve~$+NsZec<Sa(3=MNSii|$H)Ht`%E|L363aoB
zzBw>1>`|7}CHCL?6X*|5EFT%xnI8+y0EjQQfO1&)oElW;cwx|w*o}?0OnoX0Pt9zM
zqM|cS#JmE*f3dfEbz-4Eob5#$IQkeYMVFGAu|nfBz%ZHPa{hW9i|W(nlcOHyz$5D%
zu)1emgsWq0-$xDINj@je5Uj^l*V6>*L)fbf^3%x%K+4_T!7H<QpDQ2&IeAp1$CVU5
zzEwy1#(>n}zwaErm0Wc#+4oR|ff-X0w`4TsUg%{MG%*iH7Z^h0b0+}2z$Q>g?61ed
zu+j=^rL(yf_^EH0l}ef_S3*(faDWfz`e3(jNZF)qz{csrGt$FDrzLG0imIbiLBB-7
zl-~F~(5)mCQ|Ea>US}O+6`7^5kBK>jrUhBIFVA3JFV`wgVJhJ7zYe?XHal<c5A-$w
z2L*;@1E)@z)%93=P33nmxDsSFMEBRg9kT_>Zm}UsfY)7vvelR;OzYlK6Ewo}&bGE*
ze$2?&qeuI9W)1UZBupQOa4DVs*S0wRV0{fiS5C7?o5k@@fz97+==h?SP@9u>7OUf-
zvpNhAx(m~e<NxA=USZqhI-ET`31R<(%S&p$E9?awgs7_HTz1)yRGjN9vXAnwjYyIk
zf(SYGF*o^6=0)_9s3~~qh&=>}US#)=v&+k=Gd;@D8jWkG3SME4U`p<R^?+Bahn_Fx
zt{q`cl^4Dh(mdHu44(1yz}W)r%OQ(#U16wf%R5FEmPN`iMA659xrSay1!v-Sk^%9N
z+hi&(tP_j8=f(`#Ugq7)9()Hy7*2*F!whJmLSQEZ-7gY>H^Us~RwHUq@O?)4!#ycH
zybj7QQm)?P%4(KgND?nl{loc?1ScvCQo>e@axXX_s}7SG3iC&R{69<>?!Yovr5aJ{
zFS#FNoarTvvKn#a>9Bg*B#&a`L0PqJgHp;)7}ds@x*hry2dXuK-g>KIdOv^^(Bz%y
z{}A<l5hM3kyRUdDk#&77X7wxyKQa6d2k{_t9RmAtR%~`Qzxre!POStJpDd&ah<w?o
zPy+WkXt8WRwSYsNXNO-~4rS!3E)Q(!febzu|IoX#7*fH&KDqvR2kORVt#J)MbYkp!
zVMd@!3v!2~&m(9u0*V1&Cx%cg0KvE(LZ<RO{>{dN8lBo*ZnLnfV8wRGjNf_`yl~}m
zclP`00Q2*$gy9Z1{xj~2^l`|*RppKL6ePz~)u3A^D89q$x(9A6lcKX>>N&`cgrFaK
zk~teL!rJg2s{IS}b?`|_xK9zXC)N;LN|`PUmK-<N9v5Ya<OJ%2T3oX-QBrL1#0MM&
z<CBY2msF&8K{m1y<+%rg$@|#z4?LCF<PT-+rJ>i?B{4hNS8hBm9*)w1m6cg6f}byh
z{RX0fpZ{V8IxGpd2V<L+vH|7<oMYaUeaQ&adk0FQT_?=?KWmnPRgda_>+VouZ)!@`
zGIjM=YKj1b{*_~KutXU6P8PfOSrSHju4KM)D+_Au_52bJXGbZG>2ft;vh3)n=PTSV
zmbJk|`eX8hVMvmLGQRQ+OCu9V#YsYbdWlbtp6xX7cpSVKse!+msPn^$8jL$Vzf~t<
z^3E14sFd^Z=a||Ve{a3@q72e((0F>fI8J{c&bLl}n(PZxt&&ChxalJeWR<yrl7_#*
z2kQ<k;S3`aC9*tTrGxN8XH^^t>0K2Ypo~H`flJ2b1rDybC*)}Uv}AN9qS>U}40x?}
zNbe+d@tSjBEX4^Og?$se$BR1kL-muya>`TIW5h^-;Pvv<*PF*AkBM2=bBQXO+TyZe
zh&yBGIX?u~r+;UGx?Q{RCeg>Ag1)%`*MFSzpl9T(uJbrrvTU&>A>^RvCBP-Kbe>Ym
zG$h*b*2nmGZE-ZgW9fMap|Z?^73Y5A#PgnG4W}z)>_I7L&LA9Q!3&N*@1XHWBj#g5
z#Rv+@p<M48gRSDkg0<ZVR?0Iy8M4)eete{jGrqQ+;{EGIs>Uq@gPX_;n3Xl*d7ze0
zRw;zI;O~Z#3nStkQL;uITHjbVRQ2OE9qv`%o5_&Bv|gA_anHyVQg)87h2jb8rMgHb
zn>2G=4Ef{=iwyZ%NJe={UF$E5WPLh|*~3pD>Nxp<*IE-VbBPSBCfM}UYPw;XP<Kxc
zn|y|{&bhIZlltgu;+k!h@0OJij~VhR^GL&sTxcy36AXJFKb*rW?>~-(`KltGIwukH
z3)Gf9Ag+OCR4Gu~I1}O9&)Pf<r$W7>nt}?KGd!=*4ogUe<)#w5jj=}G^f&p-Y`d*6
z&^-!ts3^aEWZuH_bRF$VI{=q0|0BInkcWgyla#ZxWXrYx)AgbBck}XOSVtml6IHs>
zfOUc@#ZPH9EFJ!Dc>xPi4RrVUb{P4ZwYe4L*ANQCZg8wD>?0OLqq8GLnG^;=pvoQF
zj)7Jv*iyU4l-ff%vtb0xX&oX!+nbb8f3^i3qb&y?%}<|*+q*l{=D~HQsEJfI^I9d=
z2k^Jg8UE81^a0zS>8@+5dn=WWdyogyPwC=J0g=jhU+r8ia=qplb4Sp311vBvApFWf
zler0Vc6zK|M>?lO6&7?lSxoVWT8v1ZxCTq*&nhaj`d#fQ!x-Zs*hj9^s)`LN2(sI?
z;@4L2t>QHm$K>Q2RyL1tCb;Aa)xkb%A1yj~;<LQ51Zj|+3c99eL*QDPigB~^meh}M
zSd8&@clO(YX%*ZzJZ%2eA4PN0`e>I((Q`Udt%$+RjpJM?`mi%iAHc$g@k7@a<QE6m
zdzSS<1C<a2&u%5DRErh{-ws)BQSMLC%u%nh$2r$9@_CY?0a8?aD#kC!UcPzUj4J9c
ze*}>wibbA@wpCDF2-DKjcP=JSkpQX0QLL5G6Z=$={=#ffKb84@HHpO$oL4DKs(J_g
zNxy7<&^5Ol$<UUzGP4rC9gjml=ChX1S6orr@t){$PH?G9RKB}298Bo3S$eN7VA%s0
zzwK69ds&&(Pt3|%b(RCL0$<_KuZweOG_W_M9l#o(3Y>wC-S$ZbZ1WY<O@HjK@MYOn
z779s8E9@AkfV4c9G9i|Tm4gzQ{H{nr#jCOrABF72jk3E#boym{xK4da_V^bT0N;sT
z$!ZLAp*Kc5u|Of>6McOZs`0$2EbUZ<d&|3y|Cco_&hY)QUEO-a&QiWn8tzv-YfzIn
zQPKzbz#K|5Ex-M|{-y%5j8pd$NupFiR5jsW{9ajXgD&?Up!u9`0UH?mFkAmK2=GI}
z$wdZc<VXB>LM-+;o>^f}L;guX))gay9oM0o02gTT&9@a>ov6+UBd!tjugn}LhyE#j
z?gF<{n55HI7{9R&?wcQuo!<}HwCA4pLnCsn(I)!NpKGjy1?ZW}@<eJ?-D4HuJ`I+{
z17b6kO8Q9)m*U+iLN9NJSJTz#>YV;PSn%XzPCv8EsQBXb{=`P>dim6{!zQ8{eq$V>
zO&`cS-HTWjrrFU+`Mdpo_DCpzf8#T8AUIpC*6kv-$bK@0@VuWcCx90v!+pePi)j}!
z#7;v+tKu%XKK@ju^J9tQjXRU-Ljm1|+;{!Y`h|}+B{!zP)H=Orz<v)G&f=BQ`VS|@
zTk|sGN|7`lg1hVpHF=up%WAZn%xgs<2^7t;*Z`UXk#>^vKvAeaW4WkJspwXmv<q5!
z+!CRF--90;T3<)K9QBsMAKBX)k3MfTLzxiO@iI4RTs;gQVEcfI#D+NPWR13*YR2$M
z@3Up4YYhUhE&BF72ES@fU2I%D<|5KGBz)flp<EcH>x$s%T!Y*h{#v>q6^6Z5DDsbD
zO-i2BC}#Qu^?P_%&N!z<Eed8i=HtHhCAbmQv^W|&;Gabv7iS)>dQ?U6+cd5ePT^Zc
zXO$1Ve>y;UMjlZ$WK%m+vvm6qY=vxX80Hoytx)S`ql!BYFU1;nVlQNG06|qYxjLeA
zDRSeyf`usF@&vy$NI_2ac&v+kx9xx+bIdHUkWjiu!vYE;!E9h&S&h4IkHEqNj}j(?
zJxPcyyD;H=qzWs7m$MFc()!Xe%ZGxEMB=hU)r9jume&@^^I8eGOWA_=EcCb0h{!N2
zaoZ%rR0<-lu@bfIGsgHJ$0IiZJo~L;%*ABIY)t&1*wg6a$3(CWb@>6lfw(=PdX^AL
zVBO9(Y=}KjBbok36k@D9e4DbyPTsiB7>=P=$zP!_LVi3-9z<9@uPJm<aDHK&0Hb5q
z{A-tM8^Xw1+{hzb+w#xK)G@#UNclwAGn&bEyw^?w*^V=8Hm>M!2UMXe*w%58EttG|
z&?1=pS}}d2yh6E?0PzQ|5St_%4tg;q=R~C&lxe1k*FkatWmuokPuk?j1b!xg=xV%%
z5uG`|G*}*YTD&B4TXUL8ua=i_l|+VUc*f|&bsL3Jv*%6Rz@tI8tjbEmx)3@R!6Aby
z77Ub9?twarW#ec^k$k&sF>X*^*(mAjr?V~3u}xn@<S9y*b|#37+VH(g)c2psIJF-0
zFHR$|%$^L0k8xb`&XGq4<|wqid@fZMfO~P&H61&0*>=trp(-MTNe<IkxWysNJ~xJp
zL>1_8{e$QQH!zCp0Rrk!OH)h5MqU+f?UMxJw(ER;GpfI-l|{B72~(=7>ST$q^vAH=
zDQ?p~X(EqZgkie+Yq7y7pre-bW+^_npe;h|WS862JU!ypqt*D$h?z%(1`2on`I4A*
z@uFfxbI09D2$Z_loyjyQik2FwDD9o6TuI6pd)`=#1b(t2x`B3eM#2!s6ZqGRtC<}C
zrdJPEXvPh+acTFKg8vhKqkH$;F!A`JVsq8{&B~3ZV_yfd@9q;~KHo9Vah1WGK%8OE
zs2Sh5?AJ*HJvp5zw(%u*L%qto1N3rWg6#mwx=2hcTU_Em{gA1ejeAS*{O=Sm!>7k`
z9PeX*F<0)@BO&ySx(!<6Y+_G@6Qq!Cmle|Law|+BDzU2HdLAV#1r_V(nw9sn97~xO
z9!Aih7jcWcAyO`?$Y)!aHmPn&)lEKWo^j%Om9;juWI6g!N%Fx?KF`?BoQko=)A`Ti
zHlFmWW!Hyj&QfttE9mJx%nkwbUG)H)OwwbE8vI|W>MAPad59X}cMKS0ZuqzGc-Zs0
zPZxBU$r-FS101brb+;RcII9mL?Oyi<HC~cT>R-(SSVFTB`5+Dki6kNKi(P-8YTY$+
z4xN?4>0<g~&kO~5QC05%rys|#?Bw{#0!`#xKO~EYWQf#nhB4e~S(6)~!LmAho*HNN
zuuM`I+H963Bk-rJepD0jGbXzHqh6X?|B=U{o;Ee&YS$Svkzzm%%<+;^2zTdSa7Ke9
zy(*B0NY_ElKd2)G0xfe_1HDe)0)Z?n;(&(iJW_aZNZMGx15rx4XFkO_(>``>G>pO}
z^&`Em92LDClioe+$dW@>B3j7*<R~YaJ24Rmu=~795HB*)lmWLka6CT3HW%`leAi<i
zD?J06PLJcjfp^E;(CtEH5W)-74HHi%Tzt+@!j`GZ=40|S%>nv)lx)>njVr#SgSZeb
zEWsW+?m7v3<7n$7Z&>=bIQX~<tm-=<m()UoMXIx;Tko(2!Dd5q6iwyyN)iS_N|@#t
zE;&8B;GhohA<l=ifTSWbo-^*D{)iV51W-t^<uq)#L`qYIq6h2hlam3j-q@-u46!T|
z>2e8-j1nLU4e_2hd?Z378a1z4wLG6P!gd=E>-{<uj%yx6$8_8NN0-E0F{TtGKw~GA
z5Va<P3g$R1G}OWFX<o_XD!00RKiH)c=wbh)zM}|$C=n90pc`36Y=xhc7ct`kB~+gj
z<^05+mp&Fnwai!bkY=efWrUWY>ENKtCNX(XxG#8}+~2x8fL4M&Fi2s``9N6;BIS95
zAi>5Y_g-CVg7Dvgx~UKQzWzKFq-<g8=(Hj}Smk5zZlXb<$O)yC?s3DWmeCcpK3e*Z
ztVl$Dx&GRy>cur^8X6%hgN6}9^HkS<%S%v!T6C1=Ej!y8#MQO5*YFv$EU&EL6Ai)`
z$y?c9Nkh&htm7UeWH!0c$x)_a`c|(4&q^y$YT&No@FPe(5n8KZ3fX#!hiK@OG%t*>
zXGnFFeZob*LB0ToY8&jrrv-e{#(^mF+*b~eE$d+gQf6=a^;2&)yjsFu$+264pd7=;
z`;sYUt(&HIXSMBHC#^n-68$(2G*>*aSXSI8Q6K0siMc%8`?s(rg2Et@2#x-*qYI-S
ziPc3@mRo8=12AEi@!?_?^=)5BTn1Z9r;7-Dpd)P5x~4k~CsxgBZ&I$f2iMnF7VT5$
z&SRe{lO#FaXQtBH*+w8Teax`;TwjXh`mG~nH#fMir}-;nuM?*dJ-5pgti67ZvY5JR
zk9<ECJ}sFV)+ScezcVkNT6U{{MBvSSG&Zj=W88x`H8~VK;H$2NyDg;?I>EeF+29ny
zYS-2+uC$JH0|G=b{zk_EpvrdFPGq>IN^9G9k0K0BP!ekq9Qnkz^rcBy=3aVbxJei$
zDLSOSmv;>-;O0bYMnF;ZE}q4OZ|884PwZF*AmdcAs_kwyFp84kWPA86bsf9rp3qKD
z=rR;rwFKa#Vf;&X1GLWGQeV#HJ&D!{?S-@|;RuEyFnm{*nb1$5J5EoPs~Hz2+tn8h
z7$(5lI&%;Gx)7BiOzF19ka8`l!xa}A80E1&5Ci<J#yxnoPZqdkfztWQz;wpJSRUkb
zT!W$T9NkhJ6-6BGE%=@0mArm;jg>{;4B||z?LE$tudE>?&es12O+d20(u~VBpIRKe
zA;bm8TKt#Row*o%e`o3pBPkIOKf;qFX|&pCrYS3KC=CV8$hD+}VEo6j`c9Vn2hpRA
zrnW9f)#(R>AJ&z?Z(k^G6OSo6;~l{=k$l}N*v|B9aG+bN8JPv+U~$%GN<tCJe2glc
zvtI_L34HKmD2!6>J$~6#I1~<I58<B`vIr+Pj~+R^`Abw8$uV4Exmh@xW=)Doh!=o|
zh)aGDjE1J`#Yl8>8k~A21@pHLokl*hmnIH%n`>qTHX5-NU5xYCNLn=d?d4<)>ggdc
znUsg3n<w)9y0nZr;$P&$G#fY!m+rsNSFK;D!qSH8#$>mzzuY~2<R2TX-|}Fx5sq7{
zCfRt!73IyQJ<l4mb?O`QCVxw$0;ZatyC86do0q!XCdn2B21Rs@6(vUR;q=`RydyBa
zh?RPc>JNk<vFylok*9sTz3*}R$<Wu005%MKp5ItK43Erio!#3EKqGS-PUMyqKxgjY
zt;5n*d;pLUYpW++inLYDO2SPPP+G72_ctoS2PnqF`FLz|b8yIgwVMZ%a^oWoDZ4E<
z?IEuw=;W~XUD*WC%}mfM9*z%7{21VF3L~UqyPEjKP@5j{YK21EQMDmy@z?$LRyea<
zt?QU!&K0^{&8xo&SWP9UH5PFsr!J$}jwkKW#o;_W<*3mJ$KvdE7Cz6~6lSTL5s-O~
z;`8&r>$l#^V}_Oa?_+P}h&Tt{lqs1y%CTy4X9W?VH^ygt@w1BkMxK^&mLn6kc!qdF
z&>TPaLM2>nUg}DIm|pK)uc1L9Ya^OglmLd#;J#v4J|Y;zCmj52Zpf;TO#H@1Rh#sK
zDJ)l{)UA-etDI}=CL>zM9kX5s+BictXxUt3kKL%b)>@F~U>5;;!{tHf!(wtA<kdmh
zY>yQ&7qu7;WalSk?)ZUyLuAYZVpPvXDr5masZO<C$Q#*fZnp%6;-{@iBrw<{SvKcg
z$*~vWhF^8;jraoLB6k9MZdBNvWe*T-U>xEZx;J4QR&xD{9CE$nQS<RV1QSaOBuIa(
zcZB{8rNE7~fvhr(T|Jr8Wo%DAkFQc8$V}8ddIpSYeA+6F{lx*Om@E=aIH63c+h*bb
zjxj=FuPvM8mM=}dMDGTNq2Eb5u*7h<@E*tO`X^JPuGbh9Z$}{1I;K+E$olI7m#&IA
zJlC9_2o$0MMlnfZpmMzo=3Uv1<SdQKoum6EtVqt51y#l(Gm<O5Djzb{LtOhnvO&d?
z&sE6OVF&89`P8*8V_S49FXzSo;_DdjT?<lJH-T;Z53Qcvw*Xh$Mi4pOSh`W83D`R&
zR1$|d|COC=-58t?g|QSXj{);(<PhB8Jm#J2x(Ql!onEwT7HM_{QAMYu<jabmuFwR`
zJ7k8$D5Jn{lg+!u6*3dObU}eVpeH6l@dyCRAr>n5)hm52gV536Sd=uUm}()jjqPsX
zl<A&TS3GwRu~bFTD#T-|&YKbZaMeSwKZkH2e6AXw+#$DPf;by+`jJ;uo&bl=$L!Zy
z*vkn}P{yUv8hXZS+AUL<xZ+}|K}O)jg-oa^F-UHcTZPz!gTxF0Oswd!2^y2=;XKD1
zg5MJssP`K_Urh$SlEXeuWWHVM)wQ|){Kg`9wx=Wk)zhX?eYRs${HxCsbo7_quo~+2
zV@fHFIi_a6AM59W@eK)PS-OI}HH=(Jnt&C#D`t&Ln8MJTAwnrP_PLBCrDV0iEN;hd
z0_7AosVooWiUiznPrD}-g*x5Pf^hnpoNu*UtDztE)b?-|od)Et%`UJgDaonf39SIW
zDc5^Q-HAp!$9ji0?+aHprns_W+p(D`nklL{wCR)fe#OBR+W10C>;Sm7k7DvlPGmT5
zfZZtY7Y5u=3T)${u~mS8hl7?GI;#5!E6yRzb)-RhNS;o>bv`6$>&ceP%R3<-VUoB{
zB?@~$Ru1EDia$uFTDqYGd(x<oKWqGlKLiNF;jwG+Rq==cuY^&Gbm6R-lSv+F50e^o
zGg~}=e^;H)nS3%>&)4%|&N)N0ZHZc2n3ludZ)O+^++r>U>D_RFK_#gZ9t`8Mh!;0P
znmOz9t!#wObbDL=umQA%=p`<&cI6BFJu7UWzZ%^|MGe=UyII9@9)s;*El*;LPC3Y5
zj8&1@W(i~xd1!7}kgytklQhg?L7WkwL*fw07mD2xpdpG;H(BHv-mPqFf0Fa)ShGni
zG*w(Xe8-EXqGSN{3<KQQv40FC{>F@4@CPrMI3Fh>OhP3afc3ZW5CBBZIcnoU(jvLO
zLI>Zm3~;6@5tGn+vl5qP3Gb@SemMP5`1ZBqQ!pq~KNzB7RPL>XKw!fXF;LMGrLhoh
zuv3mt21A!77~Ex+1^IcKxpa`f(O%dSX)C!h>^qJ0&eY^DAvgHz#)4(1R{XN)qYHCf
zN^Vr`JXlDtzgvcVEu7q2V=6kRN+sqn`vWAvrd3HE?A@MRG@^EW8dGsmI+Y^pBjLw<
zlwN;LER}rNQF=Xm#u}$$wRV5ZsGsZyy%WMSua^1Qc08dboTZp*k_uAw{FEf%_p)md
zIe+tTS$VsnOnOK6;|jPo&u$gW&&Jkh8~JYC&0DI{c`tGSD4y(JF>WGi>cPUEep9Dg
zRG32t-eTLCD=2Q(GWh<9Z}T?-8!TbH$S3I2cGa#dUjoLKsYWcf94XIR=ZoSZyNxTq
zkvv+0ng_Qm^3c8)YvVro+uJxhv84{x<~>ljdj#%BkWgbo)wIeWD;}joBeg+-G}%_t
zW%jU$tJ9ax9{Iu^9K%Nh@RjW$<#=?uu)BX``7+R&vc514k&5=OC67xl%uaup2V%Ii
zc6_&pUMZkm%{lr&8Ww~dg{$nT-7jfvZ7UN};#(W!FAtQTSDVLxx^N(er$9}s`^mLc
z)wZ)@@?1+TZ9x2?ag0r8ur#pYI1RoO1I+$W7{jDdD~|=JALQ+@%()30y524d`%|kN
zJv^O??XEL}(~B(ydDuOX-XI;l4%cKj=U+?p*(x!9Ge^wPxi}Sc{0^Vwl@@9_zPue$
zWV*5ctsBV^Lmr_r8zuK?VM0*oNb#$f6f`nC=@}On16D^vp|pbyLl5hZC7EpBi#FI|
zmwt&s0USQ@1N8D|D2?MR`TO~RC^jVv$-AuzN&`=Kr9q*fL>swA<R5WgpCnHUMpR))
zibBdU(Ycf^_;q$VtVGTqN3r*+1`>_Ujv}VcIM&;WwvDYczQ+_sBhGl^VaInlm4R|9
zr=oCOCSu*t<qx;A=FW&=^mPq@(+qb5I{g)dvt+48anKxM<BtJ9Ri+C+_3<=Vy`QbH
zDzz~sH>n@$qjY2oEC)HU1rZl+6=h9g#WJT7zZA$T2BDP$iSQ2i(b+HU_%Hc$?YUGL
z{8+(aNZ3{U&94x*327AS>2d0#lE^GEk7qk)8R`9&8%g8~f$fW4>T{A50UTwX^D=Eg
zSu?)`uV<##+lHp)d4}Bi=3e2o;B4HQCvND+pWs@E5yKP7h1n<M(Y$hnr%^1%wz=io
z;DgT~Ek$|nO8bN;6Tn5N_Z3uPn)%S$3yD=_bri54;$j#l+X8kng{pa6@fZfsmR+Ik
z-MpJrm=#f5mXl}3!^84z9sa<psMze|Ht)A48~6P#`dLjb*>Xlj(OiNdq=$De<SlfY
z)wWq4a5sQOf%2u(yn|j>$v!Of9I!R{V{)JP6`t&8(|)t|S&k<ATAFi?E1&E@^k?4{
zYwHO`!iJ69(;xGd21|z)6pXk;{PZxMgbGhQjsfcje4(Uy1(Gh&i+Vqigsl@JmZ@uA
z2>Nse!EgFi4&4wvj87#<bq-#m1P(hPikvn1c3AD=&|e%%xH1>2auYC(Ns28PJo=Su
zhIC_LveEqk{r8=EgLLJ`^%<M+W!ARHZJ&m81GLM76o)6G^(4?54>tM^e?|=@7POXx
zkXnG%g`>}0mclS4<U_;J09Ddy+{yN=yX(PO=BA%_6_kAy9ur!6a1+k!W(eS;bf}qr
z&}XytpQY5=<7nBIP<O#c8a^d54CLkcdgMCVLciqdXauhnwuQi62Jw2`S*GGGjRO=m
z9OM+A_SQg{e!DX|U4BQ_oPpqPIJ~WltsI`W-!eV@Q1j9bgiFCo{|=}&(@{VwyFuA|
zUoWylfHGjgae?v=m29d$ID<~+3?)F79rZvg79{ZG11oI6U?h|6bb=mil;!?$S6h1C
zWtW&W{MlgSVAb2(s$ZBTN;of%N#o>#MnN~2t*P#s=*iB3IHf298e9RYNq$e5YJ~2A
z*8tkO@G1;jn*Cc3^L7kM9~Mj?rr*c{T@fugow~BD0s}2ZqZ*i=Qk2Cn4QmRQI8q-4
z>c&%wyuY2~K;jfQt5_7)ZG$ou>Nkz8IxCI>PY0V64yI)41<r*Wg)I-Z)&RP9HIil@
zs=)$=fmf@QrpXCw81UkQ0VmJr33-i|GE10B0KZw3$SktI7?8zBN3T4>t2{MGOvxL#
zYQZ#oxO+)OdY9##*htM#X5gksi)Bx5mqy{Qj${Y%w3AWhuu~>-kRG;o3W}7E5E0Ci
zbbqWZ{W0QKs~<l*z}B2-g<FEidAbw2jlsuzodn9!65EWR_CYvj-u7ff8DFp<_w-xi
zf$8Lr)lfcJiRO`7%`ZyI<{H%msYeUot}3|jb1TgCX|qb{B^bdZ{d4W@=yr|D3`10(
zPAin`gq7d}PflWsWA|`J&Q-Fs!^jm6cLvqOq|wmBrTQyJBDCkbQf1%Irkk`Q?S}MS
zlG|H@5Zl3RVoAmjC=#Ki^*+;f6fFpr%!tS=Ch3bAPl&O~rAsWNL42NRS6)lT*9K85
z`3}MOv@ZK<;uM|{Nc!Sd3HX!-ls)rmi6O?Cje@`l!VYCRi|yw_dFGO<qbC!i*uCuP
z`E{f0ozZI4;UTYg+n|>4KD7AO6LsrvAR|y_f@OO`UT@ZZEUcRS!V{I&a2ApR;j<X*
zADrz^mGpK@aY)iHWq&+F;UPU(1N7H!nH%K)<Oj9ubw{TS+7q*TM1httOmRpeAWKo+
zvL(hdg)@;hpxIUL-=29L<Alf;751n(CLvP$QNYjK4*os@17o6c+j6~5{>}jr$SMwc
zA4>RGc3w#vaod@I4{RX3+%R$P;O^V0w)eo78Xmt&&wOpDKlrT+-V?cT6oCNOP|?>Y
zX$_{sNps#KlSP}0Z&J|OS~rYHP*4ngXtfLY$!JBmH%h5_ydO^@qq*}C;-JXW|IBh>
z@+g}QkZN<Iimj}NWB*Z>SS)o?2aJt)g|ohaf{F-?VKkkOki{ikGJyIXbg<MdP9}r-
zh*VL}IHvpq>LE0!D9)i>RB>+*Orca_ml~BHwqN_mXRn`t$UEYDaNYE8yEzW(p2PFN
zRE+JE-yDTvQ$RcqLxq$kH9ILrXzj1*!QUD3Z&R1fr5nuEDh1TpahwjKFqYO}%wR3U
zYC0oWg$cQQSmsf0{FPg{r_K5Xt<dL-ov{^)<>56*H?ddb0nLjLS`f>}X}lyEID1Gh
zW8sdPLP_6pj)IbeBVRId`!sW%I$!wtJYw9BVCsacp*gFQEx+rzq;+*W;@_>L8Vztu
z{t4zyx8h=&*m|<0Q8t2LNz(V>Vf48T65IuOY-lC_;v9(}g_y#(kNsHm<G^@+wog*$
z(tsePhJ^J6-QBMk_KiJl$ceWc$7lF}WMY3cp}H+L>68ZnqWrO9$DRJ{M_R`}YWJAh
z%s7^=a`n`Vj9rNhdMYw9Q4CZ~{w*(bxB_?DUS>3}hEb|>EqH|%s!2t%I&u?fgnYCt
zz~8N6q27~+yzqxdVxqaW_zzDB-yZ3~HRh)HkdD;WjX$DdzT#b@uv=daW)nN_CwvAG
z>lMa@&nr=TcdCp#b(qs8VMuKoR6S06>dCxP*PG=PJ{z2*6u9;5OMJ9~NpViSF6a7(
z+UV7_J>-1irvVWox=D7TIQL3)i{9}K469g>pzK)rOk{A$Nd_N<aGEGf#U`(&kH=Bc
zX$g4hDK<p&kJi0wY>riwCJda$OgV~xnHs(CO2|gcC*)TfD0Gw##vUAp$2a*kNZVAm
zjT;W3e7P0<7xv#MO?Sz%5Df$d#28uKbv_CR4s(JcZx}H+ln_1?l1Z4&(O$k^ZnPzO
z;AZQxKe^PjCG1o4u;xzhZxveP6@Q(I8c1WPn7mB4uf4?d9s{U^g6|_y5``+eWYLKR
zvvLulH`pyOvfpwXTG}c(TF>5##0RF;TPB)Kv7bCqatquOQa%TM970I|Ho^gx(LHyO
zP5{};ARhOI(}8b@l+AVmb{)AxiMiQ59`m!*>}5d`2oL9w1z(oRp2ib8O`?l!m%=^v
zJ)_RuKNfH+Q0Nrw2Ix0RL!K^{J65`}34Gh6kTW>8nZ3N>m<GA;_t|K?m|ziE;?nKe
zDs;_A-5*Fv0-?TAtC%L47xJLhL`ds}-HiJ)Q#gX%A09(R#A9S!b}kS2yFCI{E04|O
zhKox#%S_mQ(Q1Ij+gz1gZrgxbcGQdf_$=6Dg@je1maTHmH`;4|=;cuMmp!HCucPAB
zeCz!4F5*p8$I@A_`5oE!kOKAM06QcZ*~jZ41-XqR6B-|?!5ubddoEpv-IA0K4J9Cr
z*HH5|$&xY?4#zz@f}v5Sb3WVnoQl4yhl?zuK)HRkb=#tQd<UPZ2>3_~r^FgjpOpDV
zz&inK2btwI<UMr~IhO`<JWkKM=jiW8LCheWybP$#)?eq(;AK(KiIty)KB}&a#XK$@
zmYh#~xb)SW7?9ctgR~ga5X{o3+OHD8&vd8=&*32+|F-v!!S>(y%<{OdO>?R7Sa^1j
zMAyq6eKtjH^HiZemK*@sbE<Tcz6d^?WnY$v1+)6iX**h^0141^xFf=Etwk2FAB<(B
zWr<)Hh!TQ*CDMhaRuR!dqUFrFQJghGJ5sf)*?6wF#r3oGzPrxP>(dMM6u$XdW5`9z
zJMo-b2G1N!PA+d=;QMGHI+TX`t|3tpdiMuuSDC<^BrmAQ?g|xrA_8?D5QN~&#yk}K
zgjOGQ=1z-@Bs?$%&3;nfb!+q@sDxC(S`<8&OB5Oqj<1-Yszn;ZD2;FAm1aC#zr7s?
z!D?IX#a8t}R+^(N5HTQ6T)ZVO_n8EV%l|P;xN@w6wnCur(4d#+wd**1CB}IklN%qG
z-XIr}8tP$@7nr(17DiiEBCqnpQH-j0nufR!ltwLy;>&mHYusiFXwiq{oUqt)4z?9q
ztz3owUc%`fNTPtaagf!13ug?B{9PC-#MgKHgZ}Zx5nE|_`&81Z8`7d-Z9aVSkIxRU
zF;x%NysR}~PxdKbrt(c25us|BEhT=bM=-_PYt6xm^#|>;Wn*GH#<DZx`npM!dnM!U
z%{=bAkkJt@aiEr18>QHAy1K_574a{u=)r;Kca;6wc`;o}4MJk2%kL8<w5ak*6YeS~
zA1SM}^kbx`Eou3g7po|xsSlI;8Nkl6+)%PYSKigC=_9w<m-C?AC!}nL4I2wIw{o?&
zXW?>=oW>UX2)EG#|KIyWIguW#ZvnOj4XiMXo{**O{T%5Jqp9Y+4?MoqerSpJk3&Su
z1A`m_+T_fQyX1P_29iyb6W^~~Jg3xoKxj!TfV>z6mujPC5Mt||WtDcl77vtRB;?T7
zhRy+~Qt?<(LFF_7c`Re2Rytez>4vCe4j;5;>~-IW7^k4)5crTr@43t>FeuEDKtEm}
zBMH}A`PL}vep%lGcTo!^4SlSBlYgW54R_1D6IZZ%gXNH>qnz#ThPmcrv)+8Gy<pAY
z1g_8nZ=cYR={ca(>c`P%H&Ct%Ue}mW9RGqaG!bj!cBKAf&zadZcgJ{qj}$GBq%co=
z=UP>2S~rIcA7_6-S+}Reqt<9zl1p52Gj3@nTCg0U<{x~g!|OF+m`Aj)Zd9&Q1#MJF
zZ#aGh_u5Zz<LHVAF8ZzaJ&D@lJzd9oPU5K41mW%+>MX^r_sxqtCZ!#}jqq#(?TwH;
z-42rl&$za>aR~c}rQz#UHiXj|2`LWhkKdfSpoF9zU?zAr7>WL3w+<#V%eC_JRQ#3C
zpx&0ZljtynwmAhm=3(8MxFwcEYR={~e@fP3`v$C^Hz=#m(tTr9dbe$(;)D8e$X$&R
zV&@)$ESu7gN&n=E+St+i_F*FB;=+WO!Fd0yg0`XoSM;qxTUqapT@lnhlmd?H#r{Mb
zyd>b5R`6F%9ZsOBz6<QV3q}Q5xqHrW5xNm`FwSUDX??8ik0Y6=<~Ae7HpXBSEhFz!
zcxTX&sc7Pvk^Dw?2HrUFrL>2tT96KIYpZU|*$7_ZZ>ar&R+C=v{uNveZ4A$^gqbi`
zu0N2MKis+1JTc@VES0NCqB@Vp-MX7?Hxn77DY?ABUm3q9n?>`9&q1K1+1Agrm@3>R
z>28zC$V6raxH`&cB#1cd_wzbX5i+Vti^xLyTKV4A_q-?{?ldq@4z@IadChd5p2{n5
z*Sy4u{q7#|cl2~Bllw2PbMtjF6Z$n&lEn>b)r)_OY&!FK)R2)d6j&)y*8Izyq`D=0
zRo~pd9p*<%YFkk|aTYu3_af6i?*V}lG&`ikudoi;j^t1UMDHSxa})h5A!3mn!CZai
zgCw(j_RG83tHMmRg>f7n=oo7O+HPWjUI~A)m=SE>Qa%P!HV&v!!Tcq8aELE}sc@#@
zp98*BHQ*g6M$27tNPl?y8mj8w5#>V@-oU5qUS*L9o>L?Vt6*DY0~UCPg;(#q5GvSn
zDuoV6dD1h97W?<k*H>Kr4*&^3_P;}n3S+<_9P3wWVlHfUU|Cr8?+;y(dbkngyK-w`
zx(%fA++Q^KGXV3`Rk!SQ*yu~q%R>Nz*sj-aeE0KILt=F2W+33F|A;alK`nCI=N>8x
z-e5msgTf9-Me690c~eP+p4lg9Kr;;Gl{+>ntqQ-DeLdLt$G#S;v{_y1N%yR^;(6Iz
z;NR~E;wp+u=buW`R$h5eY|2sx>@BHA`#eUpT;oL#d5x(2!DB1hPaLtvS(%6@>2Y4P
zj-y&sb5pGSKIoM{bKdq&L~>&VLKF7Mvl|nd+%vBwqLP(b?u4ki*@Dl`IgO@tu9&sx
zVQS>)=CxUM2AwpIaJW!W?GjB!gz&GecBLJOjd@wGg%tnffx|K9_HoTPiZd|a?p|rC
z)#;n_yn+#bl?t3LnaUO^oDT|ILuAHIzxf>|NtH{k$@dHGWoLfdQO$LU@I#6d5l<#K
zS}_QzGeMB9vuKyGai`AJPBy8+ng<3H*-nbwr-w$yi7SeK2F4P-U!77@1e*1&-f+V6
z=x&n0v>-9xQeW-#u|fr7+d%68-!MD3&1Rrq`;N_%Z!*iR*LaT+A0ReXb<`4MejuHn
zcU!a#ud$>~*w&t4Ywkn1j+7bIg5Jl4(4O(%>X1J(3z)k?Fy3E>Y*@a5R(^?V)^I%O
zqR*M<njfF}r@r98VMQCeC1)y9HH&}~+7LA8kal^;o{FrcrHdM)j(e*P?t=+6zi({X
zLS^~ru80Pi&GB|l%){cvXq%iJkUe|(&xAYEON|sPXmR}~iQu1YuLV678W)KOCVYxH
z;$}%qe4<c6-aF;gN425@Pj<&`J7w{41AA<9Uz&e%Q&!e^Og(~ZCD}|};;e$?Yyup1
zZk7v3m}fI*P9G>U?N&f;xbEu=f_E9VN~i8w7+!rK8Qz}#Y)7ekU<Kb_!Ik6M!sPSF
zn|P{XUiB9Vj;-|_4HHbc2yU-j=zea11V-e}`kx5jd&7p3m{p){hj%4OPFp|^QSgjw
z%00<v^MF6SfsMa8l%(uv&%yEpWe7!fGQPHpbsR=00MyOZaxV2KYUa2?hP*d#!@D<|
z-I}m5(Iz-cnf@3|&V6j3rI+w$99;aq9+oRKQW2j464w7H|45QBC9((MeSSDMl{~9w
z8g<WAQ69_CAijW?!W<mK{DQ?MD*rH+{(pCl5rw-|b{%Xte%I#-^*v+T6MHQRZ8M6`
zI<tL+Fvu5n;|5nGLcJ&UIG#5vz%Y#ffuq7Ify4t8FrIjWHkTjwTUWUY8OWb|k5~N+
zwPkw`aliN<>{OH|Qnhj>*m2&#Tf|w^JLt~-Q8#@8z_5oHth;$lJ2=(j9%9`RTtvUR
z*c^4uEF&(VvlZ@gH@Puq)cN}L7j9o>3^DS~ylsC)jk3?HezrX9=ztJujpPQ}5U({7
zcsla4_p#1E)*B<mm=@?2e8p9bI5=E$mB{iEZ|h&@zbGhh{gyehkEsj*wgj27u!eXE
zIUZh|!z_%-(f4YmS@7`eL=Lf`d_^6TSXQm0Q3xZ-?AEr4a9_{v?Q%CbUXcsiBA_T}
zo>5v&o06Us5_wUI1$5m{j`Q|v+UETzqQVFqCCj41>FaS2DE!r-#aZ@WdF(JYesB4u
z2{9G^0x&X#-6~82v&+6cyxC++7+e_|*#iWn!*@^K=FTxp?)-&pP3UaviiTa3qUD|$
zyd#h4Nqe#YRQ;^mv?_RQ;vvEBy1nQ9i|ZunwjylD=aNn4z8Gcuex2-r%JaqLklU~g
zDyO<{M+S~a1GEBx1c9E25Fn$8w3dTB<ZL)46=3X%?zF&loxo*J(7EgG+6nk4u>oLb
zXAX7?YT9cMHx?p{+(TTWy89O`{;I-k1cSsUJHGim8^A}*t<LB7&nl#+@PYSI3tv4(
zRD_(Kr<6lf9J4PHuqztwF@aaG=oRqC?)97`J~;u;`-g?_na${hipyfLL&=H&zPs23
z%QL2Pre8BTb#=hV?*XUnF<v$1{Lv?Emd^0;$LQi;xKCiKZp3_b>HvUg2oQcXfIsEQ
zEjFo!IFG&j-oczPH=2no`^NStGW9B5k3baV?U^w*n$NcRgDt+G+!Iv+X>kBPhF(ME
zbX!+bwVJtF97`)x1YhD<Qd4zPQ#KH6arIw74Ka7ChUBBr21>rnY<6c&@NXtgaWO=!
zJ9_R2azV+WR1nnSS_creLsUse9qAHMVfYQi3NhoQNg4T+o21vCWE(KZ6<r_uF_9eb
zeR9t6K7Y~nf)RmK=*-s4;^Suov8@g@QgAbW%5<3btmKTFs<O_&@PVFpAexgQR!x(^
ze?Mst;~+#oFVPgF;CoYbn+zEABoSMVYiuM>y{{vLM1?Ep@E1|pEiI8~b|9Mt8^4J1
zOsI<^8Xchm3?T^ZTM+dO_<d;<v6Nk=lbh@C3d$wgPRxcy%H&i(w_PyCXeuSn?V)r=
z`a}Czcg#cbk!RsjpmgGr(cX6@h!RZbG*3tdDfaBjL-|+(2xVgt|37xwxsqnDxT}Q=
zbNI)TD1(*zqvRGo$Qfku7e5DHg5{cV>PN2MIvGzyXDZh>)<bg_s<hy4&3l$_k$)$o
z%<lJQ^CIPS>4o2*3xNiHHa7&pU4mXA3pnDUT5~31C)oS0R?5=KdEBFbWbF?K&xca8
z!>Lb1-38VISmT##{7vPvJ{qeN<*Fcg8iqw_)}DERAP^6a&AEg_;)W~XX|h9hsTvHk
zrj8iK6I(c_SKQIPdT;Y%^~y7hXEh-J+-hUm)LT3|{bL>oFi4#?y1{rssI*ZMe-^Bs
z$nU1t_%L+&4}lEf4y*+<`%-t%4_$}Fzl^5oIqmV~0eQA;?bPu8(5VY$xd`;gi~N2N
zDcXfN&R_42{4({$ObF$ude3gIR!C_Vpy(&Ruj4;L)NAsc|85vHt-8QKti_jbD2{lK
zgb7`-ija+PVUN)Vrnx=m`9BvKKvruvNntW}nC*is1jjB}k{0GX5g9q=)sg_{IANdH
z!}lhi3ZFO%opz%EbGg2fs|Ziy7l7P5861OJAtaAXA=-cB##G6bq;vUYAA_>^`YqH<
zIS94th5I`Dz(_~T91XY!{zCRxp1ZDMfvGh>iIq5@E2|CxiTa3rvt^K1hh45&3?Hs5
zCF+TIS6{z<io}stnK%s~2C(8L(?w9z0MA*Vg<;w!8a6ja|C_!*zZ%GYuvvifl(3Kf
z^u($k;}uFNR!eg?(b9Q(uhxOv{or7<wYRvH`K!*|^QN3gLg>bsw+PA@>7fPjeR_m3
z$a+O@GV2dwL!6CT2F^4kB<0D`hyH!Q*S;~Ww${#+)p&7T6cDq;np3&OTFrhx9&zLW
z3<6;u^A?Z5yU#99d<rekCw=~L-98a3j|0ha_6*nMR;B-m?<@Y@A0#uBCDE6c>Cx44
z%(EJ9k72Ij_iLU>5d#C%oLP%y*kkh-ADRcz>LCPR$89Fwgs{@SM^!>(B9))~>p%tT
z6y3C_j+Lw)YFcj;=Fco`a@3^_=7@{Rs8!<G@n#u7KV0Je<V+*mN#Ex%tn2uhNaZpX
zx<~m*01u~e%xllJlZ*K{x}ndnK|RylqHBDd8ZEOi8rD+WxIE=;<$q|O1FdEGL0KHD
zWM4d1qmT-GzPa3Gi`X(Ug^$7md1{K92tB_;ySENa_E49k#Inore=<4;wL`~Pee##8
zaJ>Y0CiYpXsuI@1aX`kGYqa2ZudF$-3}o<?v=5zA0h#dIeW&*!PV5)N$W95hAKVys
zDnk1~@$x(;+0B%NyVXz@+{rV;;m%{abgtwCH`NqObp-Vp%n%i+&$X6Jcl6PhQZhzD
zxCZVq7Dk3s&C8(;bw1<ov<?s`(phyp--*ELnQL39eGVzOgKxf7!w>O8s1E%%?`t-+
z^u0zaTc~c5hkKsPq{3yaDSOQxr`_8Wcef&5%AjQ}m3cbY<xiMXn3>vLp4#UmJ#85m
zu$4tDQ{4cMW0_}nKhlL5OGpP3zp1_Otl^f?R@2Bs%q#jaSQQL-nHxv?HDL6be?V-L
zPqj)Z&F${`(wnPl1Kea8;7KG16l#`ABHts0|4#-(<ym{GA~>a~#ho6Ee66mP+>6;L
z@y?FlzBQ;(a*x*cWe5ZGdP3R%Q55D;I;2!cTZkzRYN}nbL;pC$scnP)g%^E_$M8U}
zX$Ip1G)ng_585*fyNe>coR3z<R$*NXe)xp5$NJ8e`C8afds)67V@V2l3J=}X44z%2
z0_3*HXfkmTt~|@79zZ4GkC5OyO2@~6X}NO9Vp*fnS?db6{i<sR-AD;9MbGF9)FO+u
znu2+a@8acDIR*iIrbB{I$ggbn2HlCr9D~2+C6u32t}{y_&P;o=Rq<KK<chJ5wZyd-
zrcttup$oXW-770)+r!jSG($uaog~G0XtLe`RC88JGoCaV3eZz#c@h(i!)Ey%pku)o
z9xul~6Z2Dkcgw5l+5}M3pEffe5xbm1FU4fKVgaf>BL|6A4#^Gsga))FL8CcG>afoU
zf@~nwf$8oGO8&$h(Jb_&2e)``ThSE;=$nOr;-7M8zqxGh+!V>cs4$af7AB&`*;tLF
zvDZY`0b&yqERU~~bpj<APxArX^^9VUhbAO;7+bJuT$26dGtOB6GbxJ|PVAz7h3ll>
zV%g+eBxhEwpft-jqqK{NsK(`4Rz{k1)io{US)^TW4bxB}M5glyaTHalfg#@7okOzC
z>O1f8jT^1q;Zo<k=*xHM#bxCYcT)Vk2k(bf2Ney9uOJA>D%E3+OO>6Sd4#CN$I3Zd
z$TgM#<^~X3?OOWQ7eLGG4=r}M+E&wY&Yxb5kn^SzHR2@Vz|iN(GEQj=7OPUsKS0%)
zqZ(#UUFl&Pwyo>0M04pEuzsfbqE-z=Y-w~9Zx#=plFuPN5PV4A^1$C*XNoSn*10Q$
z+HtK~bXOdMLg`VW1FfxWsM9QNb@>cL+4JR-u#{8IbQ5vK8x#Wf^Cb1BOf3=ESGZH7
zgfK|Y(3Z&vO@epr7UeV+`z`<U5r!eOjebwCevmZ>A2hJCSo!9X`>B`0dMTtjY{4$L
zcJ$Oo_)xz;+RHqk5eOqrh9b05gBWEq$#9r~Ik3%=bFhVNuJ?Q6f?2P~sm(=o>BBPr
zM?S8Z!YG*8ypUiF)nedOt?yV0WPapMGC!4NMPENU2u2v-BT?Z~O(kUEqL+2rr$f`9
zd9^qdL^l8DV81K~@-_@~%0$?6khU9r(!BoAB?_tvoXva=sC%pBP6sDtdHaTP7QDQd
zDp>u-I}dR8)_%W!K?a8T2l+RyjZ<Oban`c>A;}h7LfYn8Mgts6#He70;I3f9jJFO2
zgVkS6=9jStYUE?x3q~9UNd65ExXlAgA}%DLO%L@ur;Kh$w8y6h<BlVSNt@nzxOsQ_
z)fB!h8|GrM1->#7)*(ae+`$pqme(Ev^}zlV7U!+mjmZHRbH;QbEHZZ`==aVX<Rv;Z
zedxOC&WtvA1OX?JEJwcBb2ms4=?8MHAwAO=kj*FeKE+jWNNcgzzxNj#xEzvgwgySk
z0Yx$e|JJap_0uiV`tkkwTvkyDP-etIM3aZ?UMc0qBI7ak?Q9e{4`~>3Vg5FGD9K`7
zwAT_Nw<|df&jr9K5s_?Mw|Sg0D7cnqrXB7aB6|%7cBe^HY06ZT%1F+4b1Ig65M_eF
zm&!d*ZkLXKrSKjM$@({7@km***yRSwly~r{J1|Tc+6<w31)#TdNV<tNf0;j#@^pWS
zZi5U;b^MNKP7O%m-0Rl_*^;zEQBIi|q*d(&Ze}AURU0LVwMSux^yUYco#HJxKj3BY
z0SwQdSlizUsIp?)(H(m0B3CxAxQh}{X?_4_rg++;RKI1K$}u)Ot**VB&4|)VuRSXI
zlA{(BI#X0;;6{UVFJF=d!2#^WTZJ1y=yAdxoXXpZ91VjX8G#W(i%FkWmmX%+2m)*{
z0gbmXRv`<&^obIo>ZeFZ1Pw_4TNWD3dcm6Vh|FQD6YwQFIqv#_wcF*5TkQYApad(O
zU@q~-Wt+c?T6p}3PzY|a4=G3lLsm`fUTaaOtY!7EH%}^{`Yr~nrT);n2LbgQ!<-D~
zXvI!uJuCM*GpF=<sK%K)px=>%r=#U)SI)=V1uGkihq@HuCiP*U@Ep5Yp#Fnn1mj`z
zgA{ShdOT?q6$00+2+~}NCSd{y%j1^fw&Z!h{i&q#Aci9t;DPX(UJ3Ss7_|WeZ_O%V
ztLXn=%EMcA<q>BBhnJVfjPnniFSroZ`|wMQm@%vCT^3gaFs;c23k~zXq4E(Yo@Gd%
z6wyEZEtg`hIhy8_lJaf(R9MG?5V(h}_5eWqPvfTBMd6qhitbliv%~H=v`m!AU=+qL
zM}ej)0n=9!w`{lLIF&WtT+8jD*ef9^o~<<3VVUcbS~u!_BL%nS)Oy+-toOUMThi9-
z>MiZsw7LF`bLP`vv~9JtCzE8==FV$^Cls-~OY1huo~7W!c@RuIgWv~{v6coBTL@Yy
zfE14c(F6x`TKr>^Y7jvqO~cl-gp2=b8?P3!u0<bcm~pTLVl?O2olz1mWJ1zg8Kxj)
zOL-0cZJyB`BF&T^AA52!MGX-#K9-0lNvNkA`Q_u>P&U?!oPPw(-wRhu4nF~x_+X~!
zb{;GaA8d`y5IQQ+@Yh0Wp>&13_(_oV?x0Luc2>8@4VN|n=HkT_P0LS)M6O>T1z&vc
zXHncR=Ncly_pmUC@W}G+uF%(XztHlZ+@`|81ksI++Bd-0H&kZ&_;v`aprU59z^eO*
zpc&(@*!Tz!hZ^<uXF!Kw_TpOd!fO)rmtt5r!>~$Au&GujL0zB&6zomgl6Tmc_4JRt
zaeCyTnd8WgO`~iV63Y7TEGRyoX52o-3<C>rrUjC|yKaefi3&OH+6myF5<6VJ7GF8;
zLhE-@!eHgkz;tSPNWRi90Di6{hqd7Vqo9BL7exMG%5P@=PxCaN+_X*uAi5ZA&<{a7
z6)|}0DT}wt3cpA>wMEiY(F>EUfTKaF$>?Q}!m}%9{(qj4*VF0L7~TR}&7~;)U~@I2
zL``tX{KjuK+EZw_*Ye&%6jcfhZ=`;)8<x`jG#D}aeijv114a-QFf3*p663H1B<Ur{
z(_e2Khn+jLe+GDB2`#Hq9$nws|0-s+CkV)U&5hY~KY%AK>2sDDHXSqDH~?%6zJFG5
zROy<B9<?xlfSTIk@>E(w*V1!0N<-zOagYGhez3W>&{-JUYD#ga>*vT-fg*{?Si>@s
zq}6w`S|UU>+D~(rpHGtXnMeYHvn2$mS-=6Jkr4g-aKqKC)qlx9o|ptw$SivftsiK2
zo|e8#6cdbxy>SQ5s6B+scgJoE3s0Jnjs7`Wt|K@N)`mHIh4}Z>DKiY8yTaV27t1M;
zk2F`FBdpc^<1xlh2l88Zv?7aEul3nGS-Gc&=gDYmTondTs;`rV@CQpJ@ZP_MOBS^F
z^po)q%23a1^KS2YJ8Skod^GG8em$8o8X29J6fq&&8J*%B0HrQqeVoVv;|BSMf%C_w
z^wqy#g=O)<db%~|u_XBEzf(2ze)F_!Z(h33CBaF$5xb5gnN0jan;xwy(8tyo0lINP
zS`Bjs>dW|EskXpMW`!wzcl_q;@(}&z?U4i0j(aUCY3ne75Vx3EO9N^vhG&NATri4e
z-Pj#5v{mRUiL6Qvm#Q>2&5ak<!V!LFN;<dK`*%HARO<De9#QiV1UeWMI(14BRD=sg
zO?{sU7oa?kj(}mfi9R^Dhj$m%*J2liPA)TI5RZ7BX*MHLa1a3u_#f@l*wiSxq5~}y
zATw!P*QMYqW4QTEl@u<KW}LYR_++yMrSI95vLqhn(o2IWjh6&sr3eR!1C650TJsaC
z$6yb57dg@<llj~PbiI}u?Zmzb(}LZ@5ioT*yQy)l#66nY3nTL*xL<2xdt?63L7QmT
zLU!c=^u)XkJ9F0&td0FKut_Dj=$6+5<NnJu4v%YEcv;i>jMcG~+*Ne6vjHh~J}f=w
zNof@9C`JzX9z_5E^tvu$;DPLIdt#pq%@rYF*wWl#N?3)LBMJ;0?X5fe=z5?1UruGn
zGnT+Pp=F>%I6jQ+2NW~l72!-0NspC=V_q#p+CwzPTp#(+kX{?|WS9>X9t|0jW4jDs
zk&YRR%BUtLkEd>2XnU@|)}fb|pJ6QxK@Tzdi`(F1i1hPkf1a`=H${}_yC-3F%~huz
z>Z!F88T-_IL@+mQoQ+zf%L3I1f3_^w=u+FM7|sJxA|o|{wNMSm@I9H?iaA~bOIelg
zX(0D})!Kkb7ovo|4fEbnUja_i;TBV!X)qM1L}TujmM9(D!fm>3kSO>oj#618sECuf
zglxuIj@KMZpgUO$Nv^@b?^^G?8fn^ox!<S@M4J;5KR}EZO{X-S*F0b|10D|yF}6<|
zpP0u~P90r`EtN;$TW@v;CSPj0=u|<st=~}cas-lXA~v=A*+L!Mvk&ZQ<GIX0OP#(~
zHFoFT!(j*sN&jEhT5SUX#7iEr;Z`TnPS3{dKAsg1WDpu%_0xLSe~3R<C2|0Z=cx~=
zvzPceP@YRI4QM{zibltN@Ja~jA%dsr%N(oeY-XlEVUIz#7$K-8g1s>y5S<)%NQ17X
z^->hkZc@Gx!7&pso&<czT5;L>my;L{(=w-@yt;ZRP&kF1k@QBotST}rg0)DthbxXt
zufdiU{CQ`E!wzwAKzSJC{fk%-%L};x-Cb=RoJD{FF)j?@tlKM7`hWmCaoDXcTMFY?
zc$?I5-w`%h*$ls`#^ba(DYy$ZC&)vt{`+)kcGIh2+{_oBPn}}pv5o2bn7AK$clvZq
z0JWXHO~f8Pa?;e>+`ZvIPXg8y(i#Qe$57K2+hFr-aRevRr2g5)*K?0LY8YHaGYd;(
zUr*U`+LMRD<nH=5JyF5aC!zHc9>zY&2M6&c!Yt32I4E+64HuPW^M33ezdVcY{%3qy
zO~6`U43tbGT#abH2pV>ji}B%CqjR3%JKdyIOF#7BcS@k>ag|$FXo#FxEY9{200aBc
zLDY|35tzQ|&ci2hu}zr*C|%JGb)@}P6-L)uNJt|%8@c<*5j1ku5vIVCJ%P!_jg!}`
z%eD@ccXD<w9qCI-3a&-(@nW8upYH>gUO53Dhex+FRm|mAk8b$Pdi%(n)_($PAFf7l
z?HO$fyBAV)3UKR=niwX!#qR4yD=6RDHs5#&syD=(IB}H>9ZkP1v7sMxx)zURVHQH{
z?1$xuMpD@2*#W!Y$~uyuuSgKgU91jSysyj~DK?W{>I{J=Py&_wxtLPz3T<6tm+tqA
zpMimDm5ZH>Rh-FBv(b8WF@h#i!h&}(xh{1(<8*uUl2M!^i+U*0lIMV7x;bbD(%H;t
z{hnXd3Jyo1BObbPq8;AuVyIzMTp<mT1o<m_`Rts&ts+sod5`-t1p;fqg(Q)cA7uQ5
zVXj;=Ojg(>)h1mHFH225Yj#qkv_hP7zd<^289-Tb@x=B%o%~tAd<QzsG(&NNYRAb~
z=RM5zEsi_xM^=iU_wEdcPOL`_g{xO3cRX!3OiP!K5EwNDbUtWjBFE>kh9kn<%Np(U
z7%re8Lw6_EqY!B#@;AGMp*n=^6tLn$8tAnhvO5v6W;lnki5u&MN##-AcM=mlyFzK(
z=lRxMDtlFs!b)S_^k{VN+J2E!Tzu-6;7;?Ivw2Q2r%*(=fMA)>XYzBwRRa(0`x&qh
zbb4@ZFLS)no@P)lX9rNYpcI<Iaj>HO*Mz$Mpm$wfhZ8-uC1=j0Wz)utJm};8)<Qe}
z?-_uVNa4d>HB!w=AWy?bBJGL#ShRsLR25I%2Ak3rD4r+<F>>X6<1I+DQX#nt<@tS_
zDFhvX_9dXT?-(KGCc?K^i!*oz3@f1tq3V`Uu1IljC3EbIJGUxcy+%19XFGY7u-jAe
zsr<MbR6X6wUzJ5U0$&`vHk2@bF}SB=?)4YF9uM_OErl#npx?fBZ0vhxut&n1cu>U)
z7`4n9B_u6K-byiNS2l)ItM3pF**<IP?G$0O+|@hr#s0b2RJT9WP$$?+Z|$%(mtEKZ
zfxtVA24__H%cNGnXy&b>v!w#k*f0kO4t(;zFhBqgK(2T6O7T=dQm}b$0!W7zW*nP%
z4LGFDdfBySP~^@Yw6s?3)7*DbI(*gcbbjc20JAMKBwgx!tFDl5nf4KS#N`y{p@W(A
zi@-n_dQ`PB61kn1wJ^`UHdahAfa2@hYPjMp3-<FBdMc{uw5~@mvq<z>zVh0884>DS
z{MZL8X+cDz{K97in8723?ye<n_+?EIxnu6@GErA{E%=V*Ic)`WP+UKMXVD}E7+?Cp
z&JRbtc%cegUpbh|RlciYzp*RgL?P8NJe!@%z+sd84H3oJIxRW8;U3O^k9LcE_=5`7
zA%)+%cR<NAPtff~q}TaSOSTp>2^BRVn-_UoB&Cu;5Hjh;FAtmu-6iUE#v;qA1$>J4
z;kvKWf@cW?s)byY;h_R|yz^~_Wis?9OM>G;B6}?~+HrML8q;~A4v;w293f-20jfhI
zIyA?(#VU<@r{(xPRM-s6b>(gYOcS}nvbeYmZYN?5-a+=XmE!0x6Jh;G$df)P>K=iL
z)H_4uvp_E7tss~uBEvpiBvMT<U6B_Q99nm~@IEUQ!BLP(^=`<9sr`hycwLB&zwNqD
zSZVC-?GcTZkg`h5z$xkJH}Li9rU99I&b75@YrXt>lW#b~kf=yTUF`>ZIi3$2>f12c
zA>YOPb~Ndi()TP;SM!(=B583{9*!9QHRC^dWK0qFsxu1?mas@}e3sB)8-|<Mhlkbi
zx8$8=c<uy$KZo_Y%VLJ?-~WN^&v5hzh44v*MFhbern~Y*9n{|s_*dZ5WAJkW_}n!=
zhJ0&9U5JdAKciZ&_c7v@A{&HV$Dl?jpApEXyh#|IN{qP6{?1%XfZ(rF;=QB*@u2Fy
zgj6o%o@7mA^mcZaW0%dq1fsMKh<R7x2}7u-I7Jwp-5FD5RS^(A9AzNvLa{`dzNRcz
z0^0f<dV=&-O2B#odTpa)#Y0e6`bpmg!{5{GCjC3kFHSkS$Rm2Cf3@cIl(!u2XWR?0
z)~Fmzn^+_db0=Jwn?5-t5jFai!G#I8ye%G3K`anTR0UQem$7w*NT4v>x{WKpGXKnd
zP)#mG<gxBiuMu~1_b$%DpTX|`pjMKlc6MhujIDfuNaM<Dyb{o$94;+1XJHqK@+n?1
zHJ+Fg2|=@2YOcnxvk|;oynQ64FaEAw0A3{kx5ge+Fhcu!v*Ow(^nN`jwFDC1QhaRn
zpxXaI)LmD-#JyoCMXZVaG8WnFSNRp?Oe7m0!lh02O%>;*Pp`Cn%e9L2z1OO)apk=S
z1;1hg{d8_<H%ckR%B-Py4BE5i#@E145|?B~qW!E>j3G#{-r{_}HCjP)VuwP44r~i*
zuc^5Pr-P|Zsc=}LUNgHK6PD4qj)6w{e4{yCh*t9Yw|ppz8~_gfcsiT4i<o~yfy3xi
zS{vR$Yiiz0Lqy=qeVQ@iSDTN5072+R<daxA20Tr-XlTK8O7<QQTq|<;&|JcPSi|M+
z+IDTfi!0ZSd7rV{C^X?!0_gR@U|dh{GzH^jw){Wq8Lbd5?Lbw3tr&eVb=;H_7vMUi
zoiQ4A185R3w((ve8&*zg4t%P+)!_;(PrJSF$$qrAUu)Ly2d1ce=9{?-suI`XpQc4B
z)U-pSzdX{0Le9N$8knD|;T4kA+TM^;9*#sy-ps$aKEboj!Hw04{m@0&v{dTcCg)kZ
zJji&`bD_2hlp=*m0o>Xv<R%RR0P_gmK$}kT&7vwltVnjtU62eBqfLl_xFVQ*Y>|B~
zpAk!ZP@6EY*G(<-DSMlVDzcc15HPo+e7{4o45HuJW_wkxIS0x*=UJDzshF|z6v#k?
zR4O4E```D$Iq{z)*^2|MMeWi_FWvzi06dj+dF|UxU203@7{9d^=%EczWq(_QUr0MR
zaifSCcz!qMSqFozhF4SJ>n#lZ3`ymj@M5=*FTa&QC5$;~WC5OujmY<$v;Qvn>&au1
zecBLX!Mvi9;j8(DEXksVU0`d;W%o8ROtSC{^=*isPtybd>fUKIXo0AG2Jys+LrUq+
zkkS%mG}q#Fx@Wx=c}`uhi1x9}m_E($@2VqPY^2+N?;<0TeZ3zbn()nXufR#N!B*{Y
z?le7eELLdTpvkTEa29>kVMh(S%_jvj#;3D|tbu^38eeEP(!J>~5ok~9RtcNz0E_B+
zTzZCXUlHCxXwC202u|>D%cX%bXYWh!R+pZ?B-3In>qQ)anj%Rv3G+Dkv9v%F>I5%H
zG|6frvvV#T3YVE4&s6-ZF(Q;vRwJ4^PY);nF*3cYhp{gaNOgb?WMaTHm`7?7VDhaD
znCm;nMk-S+AaCTqgtGs51lfn~98z7lf`#)j;PG+q8>*$~cu+){ZWT5Uag2YB%q*Q{
z0T*2M_)c8pL<!%HU}V5=0RS7Yc+!yNtBWn4=vFy6dRbFs8Bd|Q)y7bVUzBO|>uSrt
znYXE;jv(~Zr@ebxDqiAcv#v>VZf~{Juz+y<B(NtF(Lz()0zuIZGMe+m`jH=%XJ}Vf
zgYBF&dcMT6qW8$EAKK=n6J`s;%gmEhmYZEj!CEVM#VcY~Q%v?J$vLUftQ5g>47JOF
z=YvDhxfx}bap^IT7JcE=`5%3pYzHb&@UE#=!wJN|*3P1a=PL}6Xz3Ee?9D!Tin}#K
zJ{{T5%XW`VOb;nUhUA%O<}r}b{rL@Vs~N`B5MWktjPDs<G^V9n+uMK=c6U?cosTp$
z+N$2BS9NMwlJy@~!6qn9d=%)kTtykQ@|Oan(==3AEnKSCIja&lh^<o4fL%1|5m1#s
ztQp{Td8k&C?<Qr$<e2idd3A#<=(!>&1FCX~9#WYewcYC)a>Cn}f)L0>h~VI*%X`_q
zvFD4%dVR~nf2Kr1h#~Cq`^4}Wb^t#>z`qMVeuN$TzmLn29ZrGdzw(~J#d9TM#qu;%
ze-T8dBNg7~-&~@WEoueWxG*d3b8q+-QjTP6OwR^rqhanDORxmLr%XH;k2XK;lQ)|s
z*%hPo8d9$UP#oUtT0;gG#OGYrfLm#QrpnkREMNXBe3k5J9m;WVA|fXV@yp-%xwmid
zr#lQ3A?yn+td1K+NjOTLTfRXwHALbXt%=Ijtx1>4V8E*qh}p5h)f^_?m3+c%q_<0@
zBD<-#V1!|q$yZM6hlk%?_0Vp20|Hl0+IUQ<2QG*Ja?*HQY{2nFuG-&;kF~Ijvb@s(
znm*|t$PhI#14ls?Y$v;+(k8X!wv<5*Ij!1+aN$K-?%uqw5fVI4>*8}3RX3Lvj8h@G
z4*w<FO*z-x4h&T<%VK1u)u{n<H#868n066xb1}U;?o85p%^5Amxlr=FWS~G$G~;ve
zzsEG9k?a>cwiVcMtdUOUB20Q{hxL0Q92}l1)F@*MKKq|~oe28KM)ZKacIa?;_l&Gs
z&i77w8v%B0UGFoYVxdVd{ahyBjV^$C%m=s??1D_1e-oJpJxns|qZudvP6Q4DkKrV<
zu)a_LznsJbF7w{|t#vmjAt>_0QjHJJrj!?_m^Kc*>g>dnA@2<B@g^S<_%sY6Pj1VQ
zB0|b?1e(~D{lapNEREpYaelun=}=W_8|smL?Q90m(55+pNv<@8QU~{b`LhC8*%3@T
z4CR`%*B}G6_qb7wKu`~Q*T|c$D=8aBnHc1OO^VrQs@kwOvV+luO3v<^8J<~z<9Cx#
zT>GZ}KE}%)<CR0HST>+bL3l!-6I$ibUr9h>gX4&8>|?CwA71*U?^!GIj<vr`5<jIL
zon!lh<goPR%bYzyYpn6JoHZgKpn|?MXcpfdW3?bPHcL=86A7G=oY#+2C>tHVSK(5P
z-4j7~mXTZ#tw4F8nS{U^D|d>A-A!Jw>>ZpqOr*^NPL^*vfs>`Jg0(6;BmWmK!{DF=
zv*QatdBxQ&A^+s;z~~HjU*cDKaAO%IdXZ=~o`KXsFnO4PZ|pP(0Wq;O?MvTJlS_kp
z5r-#?56cm2dR3)g*mAdnQmKM_N%U0c{61G;N_4gXZ1a+ic3hc)>b_3Oljog)@F%s^
zSz*i*%77sL$<Q;#eJdz0H|16_%2nt+)yw>QY3J(OZrC-L-4v{+h}>?s=G(IibeUVW
z0V{!gt{+JC+&e1s5bkRjU9GK-L4^&QN5iUrinGiB*3!DRPVXe&yx8hNRc`l@QA5Wo
z?C5OFT+sr=3ozZNmxfjHJpv9U^m{9`EZJv7*rQolR>Si15)ewDBfOG?Z!&rZfvN97
zWFZtUS(XQO@VT#wNj?)ed-!bCKF@nG{!G%Dw+RR*cQt18;@~EtQ&L{yLSU@ZziUvm
z1Lk(UP$OW&z#77;S0POwNvw22sFJ0vg@!YfpgbG`<cmS(#Uq#o#(+T9a}{4?ufxR7
zQ<lK7)IsqYSu(3vQo^VQlzp<jjd+|OKyu$UGak?68=>+#Kt{*L(aHyTWQDQbU<pjd
zh)J*|+Rh+0SoY;RU{F*=JF4`IgG^7Scl8JHreM^v+%!+HQS0R;2=qCMwYGj9nFP26
zy)jV?``1?vH{24Um`A+{El#;lf6<OJlUYZfdc%uB2C3N&rCyW&fIi9TeCjh5N5`|y
z!9u<#X=)<M`&duK3HN}iWC!}Abm_#aqLjE{0{IaS0T(`V)8WyMXevulb(ubwZjw!)
z{V@>J$l8(~vE8w@$#trYRz36}yL0mj0Z3V3(?w3W*}jZ))aZe;eW>F!1msY#9;0W*
zI}Y~j#%{Evu@8CvF0JvK|Flx+IaMVHr+GR&;J)WcAztdI)$h1fgo&xCpKobS00uco
zr(HBhXVwrb(wG$aM-XAzT@aRDvz=JpBP~Gfi#rbSFO_<+*@`_8mB+aL<mMIa(y#=T
z2;RqqfPvWmC<t(q*6v};`8MTWL7wG(Y^|Nj6!Fa8@Dz#f`J@2A0XJ!hytVJK5N~yP
zx0+;c9;7s{yDKaui>%ujGR9Ow{>rvX`6Ci;gLr8B;4PT(eNL0w#3r663f5s*-QT;o
zFU*<dA%>e@8MS@JOBYE-_4%$3&8}<oSbJQ6VBng4*O&&2XFe#VkgN9vlfBozsweXR
z`6zq`oNB%nX(jQLnO$KR{52Y}aw?Vj&3XYL{wH&(LjP>)-#GNxlu`YS$$iw^Z7oVf
zeBOCS$=Jq0RV9sFC)C^~j`@a?Z_D2zv0Od<Zg@Z1OHrt_AJ2E$PCKAF;^{~^y4wrj
zaREG~SYM;{4~+@p<Y5sD3e}dTQEW?n<Kg10eSJT04cn~nfeK?$Ks2rs{xJb#XN7nV
zSKubWBC*SWahxo?5>Uvc2KwO-g59qN8NXJd?0DBfLdDEIs2h2J?D9^6Auz%}0i)0R
zny3P8`oEs%HR|Ipq}lsj!q+!gSj|R?g??95b#y;~d_KFBM~49ySaZdU0Uts9HB9kY
z>HiFt+5cSxD>ITPT9gE&E#4j6T3DD-q9PX?`m+~O&^Ls6o7g09sJ4^M-aWg{3<>%C
z7wKjBXk{nU3RLc>)%%mrtFAv8)PXtrCSI<|6g`5l*C#hocGlt=?Ip3*`{^{^SS8jA
zTyGy61e~l^J<vAzH&-65fZ%ALLo#~cx2%b~1-k5S0XdFQX9KoX1h-__?!qxwZz&)6
zqQ|I)@I0W;DMXNCFHw*S)@>%aB5>Wjw)SM?EwRune>TWtZ!B_f4yT1NXU@@i3-o)a
zyAhj^?Hv`85itj#UMSpfWZ&bye|~A!g^Y)P^bVFhlT{H`8ZZ@j{WsMsm%TV5`Z*X7
z2tgVxw%gguhBro*HaS@l;(lbiWjKg9b-VemS&D^-W&%QL(2g-13K9N~ATk33=V?jX
z&Y5~GG;(k%b(VB(&npi{nmo^CSluyQhdpxIK<9_Hv|G9zaqF=dQo}-y)Z_qUVP$Pc
zjdpVxBl(O?GjsZIA<2#mn(?n^ZE`}9(2Wj07Lj&jZ}I5|{Ik5rzq=xT(vK;Uph%qo
zbT}2Zv%6EVU@+lF?Q!1*jvl~*V83Zim3ptaRPNx)Mnqc$qRK~Ot|^3A+!-zP18>{}
z?vKy)tac^uYGV}=N{n6AE(ny;M!O@IXs3RM;P>+ZdL7l;oN?L0t6q*5y<;cQ|Flcy
zijfYs{Kw%y`DFwuf?s5up%JthZtDh4JaazKqxd)DmW{fZYhY-XMzMq|JTS|fw=R+~
z3D};o=8s4863yqwx>CAxn3l&FU2ekMM@qMIS=9j#rd1&23;-nBDv-c5R>2eNBA1ud
z{NDv#B3FocK;tdI(qT$TzAS03KS@IQCZt`T@yCeHEBk-yIj3FD<LhxQ9qpX#&&@%P
zDs6LRP@YwM7xdx&+WX|3`FwnXNc}YPGSwc}L|lD{gT1%F!i+Hw6N%F4{8y#M^~*u%
zlav4iMp$@hZkLGvfgLP@(BzmrA_$ChupsJ~F4_+3I*}hrZaQ#_a9<AEUG$;xFx+!J
z@d<-W^AR>-X%6^rl;sJRnXm{DsHZmEN-G+jl=k`0T|Y#jg3f`FI(sPD>`STyi47yh
zD!HqBxai=kKk>0zrM@0;5%YilIs3OA7wgSrj#p}g?;L?07cmPIM{03ytf_hm8)$rh
z&MN=YW=}loV<X?o7fMLD{kyI!O<A=Bz&h^ET8|dNlNxbBp68XrYL&D_r_@1gk@{|h
zgs8M?^$3na>S2JsdUFJU44gY}YPdvU`D_*TcrniJQOG^xmziFZ+XR{pyqV?w5K@o2
zH4Rh<>-EA9EjSVAyr9i#^~pA%RfOyn)E43%zKxzgxm)Sj+kY<{l=o4o^zPeqN77hl
zMy-bZR*j&*eVAW7r(N-+ZWw3926gdFPw1ZBX*!$tS^eiZbNr}LSozMc-Fk56-wp>C
z^Y&8q++_$Qy8B-XE#abhbJN1DMbk|f@`t(+#3N=#sLnklO)`?m=0KQ542iE@&PLQp
zWEp^ExImNH1s8bxeFBbw?phWge*qT3BTIW2Petizn&Se!Y!c6&P4*p*FeH-^ufcEG
z`%Nt)*ZU_blnHC{c^7%(a)Am+gw^vRzDfnRNA;E^Rg`^Uy@jrzxWViav9w8|C5MAA
z;FYYxyA<=be?qqXU9c0{Wlg^U@P<BE^NfL;6x~aT?3G4prfqC2D|irZHevZRW;w_j
zm<Ota=?T((H7H>qN4V-dP?W8f>Yg)?D#*KhdeCUMz$Y}ALjcg=cm9xqH?9m73S7Mg
z^U#~rw9;~=S$aQ{?&iriGMBSzyRz?a(S#IKH~*iY*nd1IQJklddRAE|3)_G@_pAE<
z#dY3A^M*v$@ECRbB{b4AM(n2;)cJ{|VQ<-|FQVZsRv;f7g2^v0;b+Yu9WATSR#-1H
zGlYT3*Z`G8Z4}G*O|R#!CH@=)CCf5&MN=>|_9LPmj&H}bK<0;-b>1b2T6pp1$EG!o
z50NfI>&HaXZ?==i{(hFX6&bm&$eRa_vvAYtTd<afoXDhSChJh_e9VhYuUAPPu}}o-
zaMv^eXXP2`;(#HpAZ#Xzlpdb*R=Xq58(XLgyKG@He0euBsc8B24K6P4HUXWN6ZUvS
z!VLmp&Akq9rXWXK1mg-~`1r%XEj-(HoDUPTVot4RtQ&IcFl2VZ&ly$0pTy|kU#VDW
zWW}-UBnIM#!9vcCjEfr2%hZx+JdIP+k6<+M<oun4pqpoogELdKImRQ!|IIR7KHh=M
zUoWj-uFC0guCg(%9}U5&zwU1HcT8dbevdkaK9}WR2ns`rXE>R<YShTC=_Xy{GvQ(v
z3(%9L7R<P}^&&(tGHOaUThBq3ONK8<UHE>mz4+>IDnLpmKO3_1m=85nsph@Hvx`Jx
zfkqsjI1V^c?wpTza>%+v9GpL51J{Ig796UyF8<k!NYf}M5=rNA9im37+hIV$7U3)k
zp86TLZ{wkllxmPGsZE>yKuaH##l~2KJg&>^)V6I;+_Q=c410HB5SFv9;mh#}0kFS6
zxS$(V1}(%)2Y<{Qs^l+a!hMOEKO5Z$d&QQ-%Q)y`w?U#)fn}y>8hg61MyhjN%r~zb
zL)fB90TAA~z-5U@aFm`sbYg&32={vdT?VH(Y|BFy!P91B@yKN3L2jquB8nc%Uy_4^
z|4eBC0P6E?@%w40a@|JBH*Hq_)sY@tf2dA07%H%s%LKT8m3@4vSm*@w^z}A`3319e
z#>b>CNtBUWFjXJ;y=UG|!FJ#=#wYjlxk<^_kHzfUA{?0K1GUD6!Pzg{^-&2Wjk_b|
zKz_G_PW-Qj)-nru%s*bY0NJBxPd$J!=@141czj$n5U+XSSyIKxLlLn~HXzzWWpVvl
zl6Fm0iA!+*@-^%4@Ru@P#@3VK94<SeUQ+wXRN<hvZh&kbIztUIT!(may%4y|+&Y!)
zNAjvD@G~B<k_hbqj|yfCRYZk?Grdb^Wv}R~*#KoDuw|gW>{yKH-O;CjE(r6qt&lRu
zs+Up<&4e<hlvD^6{$BW)9^sms)`6@V3y<Vk641i-$T*)AbVc~s^X7{!JtiAoly~(<
zY{4+`Yq!o+OfHp45kWy>K^Wbj>8BDq*zKX}*jj<tekx5uLmRO^T&JGzpLbZEkBHWg
ze5ZQYWoVU1`n#LN)qSwLF2ys1n1$Zk^en=d+6f^s!>=^-?g(%g8=!z8a1xs^S@%0h
zuyE)Iw6xIg9UEmeF$wDj$7=q9pcL9)aKH;YdJYMmtf;4sPY~5nmvXn&NKZ+}igHWH
zgk8j;c6bMdla%QoPO0dVMk^3w%lqX?24GNnmQAaTg)F<4R)#vv4WLis$(#v~f)agY
z(Aqe~UuP536xa^NrcDuTQuO`Uxs_||7&LEXFaXn!;Z!V#J5m#w>7eO=edzoSlyNDT
zoinAcOTF*Phyy-zfF|0p51_;$M;^|W%yP==L%YU8WoKgPb;jl*&>w(nj4v{2SQd|k
z6mBNP1C^{uvVw0;&b7q|<#k9l!<}Lb2mi-tBL$n18-~PI#kOD$SrF73dcOPMam;I1
z${etp{RNib9QGg@7caT1+*qR1e3I7o7)JLy^>1i8c<v5n^Du%0!=9z~GH61d0BN*e
zHZ=!lgRsslrHT%ged3_2R7<=dg}a$n?$S7TqS;13S`jY0V`|^WCGyGbq}?obN-Ns4
znt_<53C969F(M4f4Wc1v^vA?5n}{GzQ+j?Kc-Y@W3+U;^X3A+Gq~QXni#yhBJHWWG
z6fpp(^Ay%kA1*Y}k8u*!(Pgpe&fB{}GYE!10gPwWr|QT3sk?=`5~JGep@5<#$hG{H
zbHO$TEG9^erxA&^MS{HFbR#7bGg%Bv{}y!Q8U2h<Tm`pV3+$P?-VOiUFq0CLv{^E1
zxyGWwjRpOb#@!q#K+t3v35)Uw{Zv)Tpp<`Nyc*#Slu$NU!rIfayY-F|v}VGZ4&Xys
zvnBnG=woB&Mf%xNte2aIzK=bN6YQxMv77pF62Mr;&f?WDycixA{`89PC2q9oD6{fJ
z@XOVs8uu4^^;v;roS_E%5v@nIm|Y;5;Mtni#*>Sd2gKawiaC0mNef8rM>Uu*vVS#2
zj9vzVpTlJ>`mn_!cov_c=U2*>89E(~nk77HvZUE94>(~L4SsuTrLap`B0I15cf@b4
zP>agUhQ2RfDeweuuYHj>c8F9Bh+nO4myTT*O$E8frNjj7+H~x9(dWO0dKkI2$lL~9
zg6`kG6EM(YVLZX~9`9kr*|H<_lit`glD`6i{=QhGQM~-oS3`(aW-&rh3l3No1JEEi
zNt>6^8z|QX35?xxe!jITSsJO|8K~A3&XCNAc~!5lt^ZuE4%$lD-S}dhgftwLwH*eI
zE6cp<YhpgRsA4T44vV$%aK?UhZOv7qGOiS&jEoR6R!DYxT+(pHOpoFzLYk6Q{3TNR
zL^q=w-VWLlr;hGXzr$*>BMGK|(HQ_Zo%0m#EPZ$?@8bN$q#L-ubZ(XuPwCi!HtBBM
z&tzTr!N)o6e5A|;YL1)0AXJg45M1AA;MOX{-KGW#VV(f7Dh)fEaHBqJeOoI5hR~X{
znZ#|i2BA3;#=L>gFb_6j8)2-~OjaE*hj_(L`VB_iDgC*Pb(?q<5MGkntgL6>;)P|}
z!vPG&b&w1firY4*&`UBVU5O0g8o?1c^QGt#F^YW!{oB%pXUy#DQtl6%HDwpqB_k#y
zCw)qz-*#1}QIW9r@W|sZ2eCAnoNp~Cu9P7z^>A%hfy#Pnv2^s6D_6gq6x-?HULIz(
zZkw66n`ZfX!U17wKF5bBOfJybE+|6e^p*5Gkq%L$>Cd1g%mAqbKt-Pyj+B(+?8E7M
zQZlA&Hts=Y*_TqfTQ78i50?S05(AwwH5)+898)R<aI@HO9t%Fps;0H2aAE5XhTXME
z^TS4GV2Sddn)mq|covhps>{Zg0|s@lFdlLl3q4Do9Sjp-bwHp+P;b`vi3yozPIq};
z9BB8Vi7W?iEly8oD^f$`eNVrF)(;0)=s~ME(2fUiz@;|n-4+x;B+iIGgm)qv+o7TM
zV@j{-q5B+8V24h~>CDl)1TtZGS?u!j1}b>}*WZJ^8{s1<G^ZIW2u_tK8OfrBxv@*7
z^{5L7J0G3@@`J{S{bh$4mV@B!fn)<8?I`~6Vs+Nli65jo&wO*Pl-Fj=Q`}U{MMnmE
zxFfn_T{l6C_Z~#q<1Df^+``EBg?vrW*B>gEnC}vTU2KU<PaFt#l!th<;C`~wyYLDw
zB8F?&Z2yatTU;&uqu^xKd;%!sZ957@Wo>P659Bb=_)OuTR6P)EzIE*zD;MF>BZz>x
z)qUu7#CezN1#R)&kGM^(y8WV!;y>+@Amufk*9b(n--{up>?BKj#D793HK|F4+GVH3
z0k-@<tIk*1{P1YuZ-rky(iHH$cz#n+1+<Oo8)_vo4K=Z|%FthQ75*&OaGREh3T@>u
zG23)>pg5s}6j5wefUr{;!KvEsvRsGy>HbqOmJH1HF$_Iu#gtKVIqxS+$O6x0uZM~#
z-nu?x#yLL`qlDi0HAIJz!Wp0YYFyzhq6jSAO#}WihQr8^@?chN_J+d#XEGTmFvx<u
zwnFP|aMnwcSZ0)T@GN6^7}mIEh+KMKKrX@pCYM+`Lv&}l0Ve3^`4<CJ>A3hwr9$s<
z7SE6=b9MBD<<C*m`CVjOQ2Y}_NB9q4h=wGA;5T%S(10u_FqX%1!&+BT>13x(Di*Y(
z!SwvHYRc0VX(jl$C`o|YMX_N|GOhXHBXT*5w9uS*aDGo&;w<8`()#{Wmd+QCd#9ht
zdxmUWnxfc4a{~<FYi)`M`b4}@`o2Z(BdG^mo#XJJPE8%lHMyF&rBOE)mC|c0Sg;UY
zow15CceA6`6#I4FKmpHEHU6*uBjWJUXl~tkxy-_h%LwvHX?lf?eZe??msX0uVksx#
zznZ?>Ih3!=Q2w!Iy!<?y@va@iH}v=4giYmmA<=3!9uhxJ#r6<cKWC%9o-6xUEG%p!
zn{+Q^)tY-&G_$}JkHjP2JU>TMW$VC^VxPgz^9*ZrA^$CA7fMB(gc!t33WdKD-=P5Z
zDiLbg(K=%ov6`M1ijWT3PZfj8hgMyMM*gBihQJ1VM=CW5E8i}s0kSDg*7JxP&=*o$
zmEvYX0)oNA(kuI#y_Qy0r(@B)6oF^w9#dQ2A=Y66P|I`H7YTPyDo&3!!>%AD|E8M*
zY{E34bQ`r>Ce9Jq%D|E3Sh5N=A~FW1Nf{XTUYBnab*z1a+|%{w*B_1NX|yD*GmC_y
zL>VZ^UMTGnpY<ujowFc`9Hmk%KTBexIjn%#+s-nVD@5Yl0}SSg(e=Mux5e*+s%)aS
z!Z6?8GR0%Tow6_pwXKilB#BHd0{lL1vK7<JVFDcS<yg$?MK9%CWG$Sv27N}dqz`Wz
zc*p~dMxW_E#RlOfv(bR3GXXCgjF)0>%vi%QJs7H?$=%aYNR3RH{T!>yK^pa1)S$DJ
zLKZOzmKgK2>-S$v36DIT_F$?`8)n=5r-5JY-yKq83N&}>@r2F<$IZ>c?1DbSqe34Z
zd5abv`@d`(G+yLqnv@qLuGO;?V=F4~6?<N0x&!74Mhukg{U?Qon)8Rj%ej)l9oVDJ
zc!N2mw;R^6n3rcu7qBY6{?pHpaM{XkFmKMu;~J2?(qI;2f5kzB%-Zw84M3qj$`Zvs
zN_G>-@&pU+O*`UJ_y<cOkYE#x+@fb&M2zPPnS1Kfgfr)9L^uiMfQ6{%XeLQbpY!5<
z!{a0vdHs+ZgspV0mf(oC%>#P844hyxXmJ%ANqbU^x#IoIXvCGEu+Ylu37LLYUF2Lr
zx!3~gbu7E=TeMUC_i$81FY0W5btMdQC6{p%Tg$WmE)Bs5fg;LcL~T4fvP2TB>|pu_
zf2twSJ0Y5t#v_dSI=KZE-Q*uwPCJ8@lUi=}n_je1VPJu0T~Omv&eZU0u+*G|J>-3^
z^@s<m?NM9*&x)dN?O;hV<m(nqP-$@F<epQ{=4tGy)W4>@rK`KbhC_4o#NW@xf?Y_U
zFpUE%dw)y3Q<p&?yW5n5{(ykDIFDa#^|qx+3y(){Pps)_lgt2}eylwM0-D9H6>qqe
z>Y&8JsO^1b|I`qYNRje$AQCP~4frm$9|r5Iu0bo+3`3_38o!!r+TDAqDbX>tQ8%qX
z;vF##y^vgpX6FuFSi9Ou#dV=>i=^2M;+`(tbJsOT2Tx<#N|*|Ym;M$h`5P7OWIY)h
z%SbL`D^w^aH9yjqt7A!NH&oR}qfc12rM8zWhW4E~Y?$b?j@=p%n)+fltHw!36x8#~
zgHO!c#~Wk1^X4{@(zLH>*c2iPL|E-x2UbMG9IxQ-e<4By$mTnxyng1>4M<Dk=wlq@
z41cb|y0PR+N71AN)FB7fH@9_$JZev3aU|DiUYEmzkUO-62Hf%?10E$_fQxTPsfLVs
z0{Y1}5ljvzi_Xu-#!oIeI#X|moS%Q8qVV_@tR2Wl(!9@4l%CcSraH7qYkD$qmrISp
zlNT<cf#L`D$`hCDA(n~AZ7{8%pIBTr?zWzKU6<-P)xDlzv!K|)WWSQhbToPqbQ{c*
zX-Lpxl=UKPu37+wm7v^QC*X3slA^YiDzY{<ABZtY!HbVhL7^tx#FkFrwPd~+=jy>-
z(Z!`$CM=wO%<vhr?~7JwvIVbTNHrC$8e?kKdCZKEGtdGpf;E03oQVJEOZOS)^})=)
z^Ns5dd@yBaT@=reN!;<Ruee+Z*mu@Pr4sf7+s<ub(-Sv=!1$6EE`4l+cmf!zoj^vz
za?^PBS=VZCT<`Eq^pYdu6!!g*8-lT-`F6mkpSe9ij8-k_j`LWZ<OOKuLfcQ-8y<te
z$*}=`!@q|BJ83iWSy6r6Uft=mP*)lUPK?y5$#%`i$q=4=g_{y9Zls8U`54`8WU0M5
znjZfvu2kUug`X~+%7~mYA5%*LQX+TbbDy+6rfCF>h+xvqDy`B!vjPPLH{q|>X*}sF
z^=EG$4*Z5#hVM%`sTC(eY_J*b3kK(!i#)t)ui^!13j;!0HHxRMFdw3EC!1pYE`~Cr
zv>>nGFousyBos>Cde(;%pxQ&g8d^0{^2pscWheH^4~?Efa#_CuX#*7%FiqD1for}l
zkRS!PUa;9(MY1>*R<wf>%~pox-e%1Q?I06!&)-s^dCHPC<9CC%1T>#z8U!*~wwzk9
zl0w1yD#V0${B)PrxQ+@x%CWBx!G}O(f*0sc!3Y>Jii)aK!=5}C>sH0FCVd41lJ0ak
zulMg}(f3>|3H2@l)Uv;U&KSDPW}N!+yVJaK!Y3#I6iMx7?X4TVNisbJCs>w@g#(Xr
zjp{WW;x<+<C6X#ttM&Wf^Cl~2HGpQ9ez?&u7B~39m1_`eMU!--5=-ziBx~2F{Z+#L
zWL)agpT&sBzkV3$8e7^diyAIf%6xgFzQLlQT|qZ|>P!6>XPGW#zBc$H(HVDMT|Klo
zFUG#e=%9vcQyN~vikWB$^JO=c2><)W@B}Nz1MOzuP>RKWuh$xDK~svSLSdhN(8-e_
z?7rZ}4m1Ge$abS6r~`MoZ>Qe$?_;)bNvnRLFz^CS7W(zokzPo<cv-d&cx=+{IxHUx
z2kXcH2=FTo$D%R)h$A+%2y*&(1Z1A<+Vo=${)_o?E`H>{Y=N@D6UfrlvX)J+oc%a4
zs4BYoQgzt5dQnV-_x=mkPBk^MYT_md9x8oUDaz~>EV60pP6gU=Rj!zQ6dyjAJP5Xc
zl9siA<`4_WWu$FH_E?@ewnu1P6D2!U{&{9@Lt?8v?WKfSmX{U7+g*nE{`zFrB~^6|
z*#VaZ{<dv8YxWT3S0g`4mJbLLub6oD$_$Q?-OPX~bzaWMrG0_LMiXFlQ&Cuwrq)rQ
z<gb9w8%BMGWV_-wuz#tm66FIS#f?-ZzFG^O1iSl!Pln*ALV8qytie6#_ecoo+b}`D
zm;>mcijw{60_@(dRm^Lf(R<F!mn{Oq(nO%$gYjX0k7FWF^3BkUS|+*kf{os)RaKDK
zXNhA@&?JJD=ir1KM=teVL>FA5S)R*k%Tm>JGaBbbf)kjNqo>TxGZWjxVtG14deh-T
z5y?d?6o)-@3w>yKxWgF?K7=&XDN150)^KTwNUBR@63m_2hL;qH0y3D;%U3NX(Jl^;
zcwGZMFFYXRao&nmO7W<Zg-MQUV&}k#%N>ZniO+C*jKQ;f^bL<;P~{W%;SP&K$I7O6
zp$PL=-Qwtz{)0wdG%HJ~4y?G?WE8HXeY6Bf-8Dy%8`71hyVdURFENcovfIvuclV|M
zWnf)@Gc-|9<rpvU(l#U6Qh=eeUnk@+BQ|#jA`4=YeiS(RhPdtHR^d6$8ZpMB#76Yl
zZCz)%66>j)DQ66VDJy(OP#En%WjxE~_jSw{t>a!iuoGUAiGlVEVU8h)&#2nyKGWWw
z$WsSj@U&K*V^Q7;QC?I5HB(YohZ<2}@YlzUad=L$FfKV|_)22pkkIWOCcLqXKqrEr
zR2$S*G1DypJ3bk9pLlv--)$jH(3H<G4~91EIwGxE!v|fBCGWF986~saQp#tyj9(&w
zRfh~D!+W_KEG)w9Jdd6xx*}XYset$vlnr{c&lx{g1RFmW;Y<ecI#RYPi%<Ntj-uSm
z!qV|!w6MX)v_3>}jgjnyq8w(q^yRZdjC`@br4Lei;NcB2Mu3b2jSM?MROb*(In(YU
zsEx*1KGh#+9?7(ZpezA9lNJALi2tELJ{yGdqq<j8A1d`NKmCt*f+NCfvsh5|X$f$n
z(UiAMbW)sJDZ`}%q(^kmNgA>|%w-%9S5OS+Xvz&QJ<Jo@M{MJ-?oRr9)pz=5lQRIP
znj%=%T=2lko(?0FX7d=w`7&%mF*(T`tf@S$f2Q~iLIDLtxv8c>mq6hDvhAeyHz+Xy
zZO|;84B_Yc8W`znn5G}?we(5VSdl7MfSvBJ+xz0qAyTz}v%1~D?cR>sCDU<fmVrJ#
zZ03fD_W6QzlWF`m3coKx{|C{LrjxJ3YIPNPF~&^~NUc5SIJDe<?XsbCs2SFevO1wI
z@PetWaVreCo^W^a(q*cfbcx<ZunhAv9{zO%@P%y`wj}PsVQ)A%Kok4zj^dG<oH|E}
zsC%uvY5S=`&z^CRLpKv4BG?xW-(L`G@~JkC^+jkMVW!)7@yOM6i|vD-yW=%;8U)91
z10BNqa^{K047Obh;~sHvx`f-%Me63{CjwA8v;t*r^&PjiAS2v>Y$iP7W|RZBj3?){
z)1b+=(spViK4Ti?rV7bHQFYsu4z9TFJXtYuhg6!GLVAz90F$eaNio9_67#aCO~ZJ5
zRiti;_->{@#7O^8UD(J@?uofHJ_+(D^;{7z+GnEsXFiY0(qa#xNs$_A%yf~LLvKFa
z1-|$8m^57)A7<W!&m95cWCU_eqb;jXUF1vvKEM3;TA?R4$S6=A=h8_80(FfUV}Hn?
z{mE!%I-J9gRCQo!*1Oz|kn0F;I*!f^^92Gqq8(h3I4?_{WR_eymRRO@XilIhqG&9t
zdT0$fpa4qTduf%}=fcU6m@Io@(X|eg(w9rzYq-34MlZV>_Xdv?Syh8kHBrGBMtG1{
zYhf5-l#Ncca>#afzM=Nt1ch-<yOYbZN1pgS|FyRY&tb6>%O8QPkfpog?6xRC+6@n3
z-6(~_i~fOgK!2dkM68(A;aCA2!PZ(@@H;(Rg9sFKaxWLWV73#642y*01Xpm_?-dVM
zrsqC8$JnEl)8<42?9p8XZoT4T#OZ!K>s}KumgD`;jD4<#4D{PiEEzun7>QEvJqt-=
z$?b-SO^!DNkQmat8`u(ukCs>}q8I>sNA5}JAyG5|cA)qkbiIqV?CCP3ovWw6YzlxB
z3)XDgzBuABYC5hb8qWBTd)!vp2z^~NP5rW!h8d?htvj?eo|SWW9}5Rio-Vr%QtWKu
zMV?w%mL)&!igtE>uDOOx(b`W&wg(2i*jfW@>V#6I5iLEasaNP_<c!;5pl)?+q!QvS
zF1?~-j-oyOPypij_71SE;qOLpaWe*i4)a@ER9fJODgp}u`OQPb%B0uQX|fMjRV-T7
zt^3%F)8m@Dg9WDqTiWBqW-87nK8kKItA)865uNl61uE)V^o*7S5D^NZN${|Gd9{^S
z*!Ck4I8%W3&R)!YJkJww52`ivYI5~>{>bu)CrmiXs`UCR_U^lGL(TqC0LNt_{Oi~V
zdaS3Uc$gr@yj@t>deK3?1kTNKFl}*@|IA-)2vrgJQ4s-LAb>?T?Da)IQr*DDrI@3m
zFDjJT<U@q$@Otfr*nJ>ZYn}nbDK}72$j?5HouzF}Z2NE=**MxX0K~Ynh8b|){a*N<
zW=a4@sJP$p%JlZT2%)c{PW;p9T%-xX@k7(wiDgD8?1q}?MLp){k%!0BJeO~NC;MOH
z3@vgvXb^5B*|C(Ajg#BFnwC<~z1l`2$ha)hd7E4MEg1n%oh_a76?PsR9Zsz13<z?%
zz8l*jHS=Dds2`gmgxC3Ai~Miwua*}@2G0vemGUQ63GmjElxf36=VkB#KO5XB<tHnM
zyx#2wZ`Ms{C)9VP`I?5g7sqD19u5v@{fj38ky-so8KgF|qs%!)3U#}|?|{iB)vk@T
zWi?3r>Ulpe^Fjph7-CGY5;AD9SO1}nI}S6h^wV~=+)Dcmy9+dsABm%u3N-O6&Mg%O
zL(=MYQ!#FewdPjzp8>M&uaAmp78A<EL&>%AiWG<rt=A3IJhsuYtY@dw!Yt@5mbfag
z$hx}`9J7XqFL)PFnCguEEHUdF7(-wJ0mJgpEKF=s2{D0twp*P6a9n<OGGtIpPuM~#
z>X*@1{5Q@^@LyU^tj>0Vm1ybhh;;}5bn0@3#YsY(Fj3zeO~&J2>gkEi$o0QWxlBE1
z(ow5*{OtXjMR5bGcpOx)b{$HAh)})J(VzW>$w4o|5iYyx&mGeURm&Z&s>T5}+SqZ?
zSxVcd7ZXcLf2vMJyz6f%wk5Trhfe-h>5J+9?qBI7*M6f|@C?7heRDR}HTpfvVQg=j
z_w+oF>aZO3JU|;a9E(KWMcSKE3A#@3Q!%(K-xWBUt6O-=mSlPlsnGt5cJi5K(TeDB
zY|U$WvNk}vu${Y0mlwAK{Duj-dfX-VcsIQ<AxH@Q87G6wCB>Km7SBL6B}31i`xkA?
zA4%Pg{oGamdn`|EMXm~G{&}nw8)QW-ZkI~bPrFl%J$_kgi3abRTzd5twf68QP#S27
z4fI;-H$tLMZQqt$FE}ppN<mx*PA<92r&~n-JW$Ibz<_8|*92{ESxHo2?nRD;HRi(^
zd2a9u;97LAq0$bq6h6aKrbwyYwKDL%Zgm8c!69>R8rLOvxJfs?q-h)pcJ6T~Bc}Gj
z6S5k6{EK;`W0LqQI37j$))$|`WxkT><O=18U;t~R^c8^7Rh6PW1c}DHub}t~^-$q#
zji%U{qs!_IzL3?Kmq1@ExA8Bi2ti|tCdr<bM3{1SJOA+kgmxF0mhi`u)_+lGLt*xE
z1N${mS-%H!^gjsxSm)AcC8SRLG>3EU6p{vip4z7-Xj{7IPw7N*H=LkcO`4lCzJ(PW
z7}f_*D_7Fwg`a>8z_53!=ixAWqhE*Ndj)M3R+)7ARhQ@nw7NuzW%&g<8Jvzc6&;x?
zG1ns3k(t;S8N+vnP|B}4`#d72D<Ope{gp!uGs?s2a>J81d#F9@cZpKqpxrm3G6Nz%
z9|leYGW`51#KUw6iEj=A<MX=uiEwkQtfBGlvlU&lpu;{q$Ry9Kx759QS*OVPOk0m9
z6S+b%A&iWWwKrLs)w`8|YKrR91f1fcnE*RTPNFJZ{&&Yre>IToCeUs<V_MZa6Q{hg
zQ~P)tuqoUiiq6EP3{~wVMSpF^F4J{U@lSG6e?z}!p)B)J|Ju`FL5OqkYZRqAjz{X&
z*_Y|8)lLFVCZ(Am{EO1jaPj9Fedf0Qi47o&Wy(%TNEnbeQ?>;38ZvUW8IM4&zPsAh
zP2bAeTMsbfoVgkSte$Xl;kexKD*b}B){)CP8?SX#1(%js$&H3G5r{SNPUD9jnktB?
z6;DHWd-l5$Ce4{C2d5|6`qoc8nnbxDH!!S)Uetz@R0-;Z{()JQMNjXDFE3|{j_nP+
z4s~*h+Wi-}SQ^ryBRV1Hg*X>G!i1K2Gb*o@1w8r#;)^b-G%dx98|$5U#!sT(OZa4*
z01oK`iM?Gc`zXD<Pds@>&xla0dH}-<L$W*7@VS{ub)#E}GVQ(-fGRIjqv5ACeZ6vn
znIS!Lzg}Ghg0x{7tqK^Fkc;uaph3+Y7qHKD$>Gl{_rrN<V*^(xi!7>aP9T%j8l{w9
z7czI)n{7r!AVi2A5se3&JOR)zwc_y=xI;D;y8v0D7a-@SoIt@!970{?on0<%LkL3D
zW(swJ0r;!(q-mcPNz*M_9v~}G`ZJJpn;?EyNn4}rVYHcnZC$GI3AGIx@{jQ7;+o5g
z(fVupZlA4j{HBxqCA%uAjZ>;m%`8alrfzb7m3Hfp;bh@pOOf_w1vkt(RfP=^mnxAe
zFm!JnkQ+Y!;J-_NR1(2FByamLc!R9~NZ?1Xh1M|gp{f?-4i6+=gK}w>wT02vza7X>
z&(_W6?A`(|5}btYO*R$sdo=eDajkEN5c`Q?t(G~>*;9&v%>?Wv^&d?S%Hy!Q47)Qx
zC;EP}Mz+Es&SxM>$E|LAwlt%*KSP#lBcRBTCAA0vG1<GE6wX3bD~tu>1geD**st?{
zr;1B(8E&olw59GX*`6-BX~WS!67B9oMPi-OyNk=bn8e)$8OIEH;uqUMXXbKZ?YEU-
zjC}xGXw?uRfh}fK2DMI$_F19!6ky|RVFLG9Q&0m;zYAx7n=BYTX{E->ujlZ~+Y?&k
z8mpT0omE1X<YPZhxD&(>7I9@EiOAH_I0>3wt3&(wj+T$>tC2!dfX%1E(9syDe4o`~
zDU-l+UKTHD?7fBUw_>!neca1<-75v*S<2o3-Owu3t}!oLLaGtjnpo=Ke`{si^O*;j
zR8I|!`<E~EGuzn`m4gt2k;gZ?q0#&(7d4MGUZvLhKY{$7NlKuJ$j;K3S}ixU<2FxW
zLoGCJTC;&Sxl4t^O8OdLR}9783yQJ$&tsi^-@3}8nfyR?v2+EK^40M>fGspk2cw~w
z!n;QlOC>V!<4$c<GKfkI5@u5Nk_p1Hw$Ig3%Joy`@o+y6cSD1>RBv+}TKFxa{(s?J
zMRAEyv=jVcn!*$PMu#7<E_@?1K|1EIVA9Jj(^p6s&W)m%GLV98uPsJ;Ad?A%Q+vRx
z%`Ud%GjI|1aEN`Pd^Dde#yo%iWEQPa#fLALI%o%|)ZcJqjP*KoSGj1~m$j`kd}+0y
zS%=#tQb)DG*D&my@`qTLe%WP6c=GNZ&GIdlDp=qWRV+hnV2Ptd^d*1<xamX-j@BI8
zJtRlsKJR(4ci4THb9kcs9xzoxF;+uE?YB2q1Rk>t>aA_yz7M-ilutZDtv7~Lfxg)B
zMO~*)VV>nApF3w<FdM8%nHZK22iwtT$(mNqYvbxDIbj`I9psF}4Xkb(FrbV7zty4A
zIv|^ebT;b?s%Gobh$Pw~H})dpXYFTpU7<v7oS)$37xw)m#0BM@S5gbbpOR`VD5=6V
z0i&Mkqf~#F{^~o>U0%sAla=C#n=|%^i3SAN#Vzk~^KsD{d+O>Y1#9jC(NLT8Q70>r
zqbdjok7f_KoZ~^E;$Ae5j<?<gNl>Z5Q^FpZK`*USU!)htl_FeNCKtQrb^|XnO|s^5
zX0Pud7J~_+Auu5~yKt)j{XBvaW*Of6+Rx$ox{)E^Cv9cT<Oaeh@bBBj8P|r8Q%GdW
zhqFjoasD){%0FAgGuW^)qzc9`xu6e^-egJwqg?>%@~yBdn5gdl7Jhz#G6)(Kracp9
zas>DNOiVBj2eIwKZjsKtCb5)UF7%GcSkyB+gRo;IEiSezks#=bxfWd!1F=E8_FbrK
zXY6S=RCDx2zL(95nu;M3Ni=D7w%7fB?b2VU$&deUUHMp^0ilsxljGbFzu<Zyr}ee4
zkVO4>7t~9T7*UotMro++*mcnwD%x{`?n#NKIvCJagI4;xup_Xra66WTZ(U{&wcag~
zB-QCWBUEK!8EtA~l!Ru1oQW9r4BHKJY8{7pi6|bigg>H&emZ&zpRs3=BNYvn^Kf4`
z-G{dfBLJH!Q#;VY&~foJ?wkS7{u-S$oGc7HgDj>{HCH{4FPE}l>aTpOVN&f<*i^`2
z6BZ>j-f!va6-T$CP3CKK-rdf;>81+aDD6(`U&e9dv3$5xbtl30@X*NeU&soA2plvo
z(b^lr+(;H3GUy$F#BTJ_4?LSy_?`v0Xwt}-07<U~tW_GRVZg>0FBTHk3N7#nG$3ka
zKd|z2(ekTlmP`V)l!K3x^=jwnBwJRX1<E<E8q+0*xY+iuS>lLhvCe{pO`d(NW$T^_
zRX2F|c_@J_RtqVV%A@M{#Y5{yNW1{XeP^xV&xJe3Y-!^%e;GJ<K!+@4k-h|~e>kSH
z#Bf{7Y~UL%f+A8XrJMpUYL)CKFYV{MI%nd+*OdUPjHK(LQ!}A&{w*Bv`)AVyD^i87
z<lsV7^n{tsGDUUnC6_rw^If~3bz}8UEf%*gTeR3t@{d5%@8ImS$8~1Bt+V0Cz#M&w
zP-9H;;;h<4CPKShpB6;NNk{$%dwHGgsevQ8=gI!ziyEJDSe9Ax{Zph#z9bsCg&?(T
z2Hz*tF?Q1eiCc`(id|5L{Ttre{{X6eo1VujmY0wufA!;*g4PJcI!3CY=_&Al$vdl`
zrG60T`k)y|2nc>y_mbLJyANXV0$hH}o-?u#67sOq%>WH{X|d*2WEfkmbc5ZX%KSWm
z*$o|@g9rx+ogYtHn4J-@A(-gM%<$Nk6M#)=P-fD@C&c&{u6+F)ThUrTj1@H35&Iuc
z2k9xt%MIv)pz$|+vW`Gnbi17$e}GERR9YT$h$u3yJ>dpsfw4tIHR-qo2Fag;cn^-%
z_=a4szeP%a!6)lQ;e8irx<PG^ndx$fy=E|!t*v^*3bNcm$S;;Dg#*NzhbF?UNqJ*Y
z28cP7^l^*l#J*g&fV40$0O29nZk;2ufq`CTNuaj=7T7Onlft^GY{=2t44sIuFL_U~
zgMgi}{%vlBIMo;3;P~^=ly;AP=1|ID40p7f^=+0rDI%kZY?8mpKPA<@qxdPQhoo5F
z%O=l%$Q+^&=T`Q-_c@v|71G5fAo$vZG)8*!7RJn^EUt^w!#;#xawpLy^5!<-P;*@2
zz4vN({55s45|E`B;wKEWSVCbPBCuIL%Zxr9_O;+1fU6MN^CVwb19?a<jnSEKPnD}z
zXjfUCe9mR72(t<gJ<x$3=X#4jWwlpTAllPtnBB|8U>-u9bP1{3hvl5TRrMe<z<(3^
z@BgYDnL5oge8J}%UU?+t;PVDY{rp1Q0_EwffKq=w`1qs>TbW+cE^R?%#c;jfo0jQ(
zP=9TdY^{N(y4SCC0|b95;x4T7ujx>fpuTSooyRJwGJ8<iRW+F__#gyi_a(v7jgBpz
z$(jO<;8xFkKtXeKv?@VQ!x1|pG6<<*mx_a{9<y!l$DldC2OLpzv3}gK1Sz{g$Cv<M
zKirM@;(bFr#;w-`opsIq2p_d0*G7{=`cIZK)HB*{9M#qrtwVdHSDM^If2|>yjLMb%
zCpgOX;ogHe1V~xI5m8+1jf?6!?ott{ngzQ$#8ynOE_W6Lkx;hcm2&8+Ei+iBx?rl=
z|5PABHLO)B#g4cRx4xi{Svj_dy4X~(gQ&nW`ly~^2dWi?BJO#n=jO1~twL0_yobQc
zF_eO!p!mtmCPlKh8h6~F%t33_69Dnxk67UCbSmA(WIQQ6`S<;x@9MeF`9A|~Zwkoq
zX59t>-$s?=S6=(Wa)xH`ZBJqTVX1fbknHv{a7#Mg?A_6MP|VwdPOLfEMf=E9V^-A@
zU@V=NUuQpHg|Xz?GVMA~4Ngy5R(6E6{mi>UD_BvctGyR<33RiiYS4^2Uej1o^Z!q`
zL9eA6J=5d6#_j+AW-E=RvTm5y>N}-Q!vPCNVP><KF>}MysXfXiS)SD($b4rA{2bEJ
z<hU^op4i*ZJ@q;S;F;zIO=_?t_7VKW;^g}z0Lu50ZqJPn;oO-IA7f%6V7_JoB3XRZ
z_Mr$AJQiXw9e31VeU=jI9{xz*UpJs$o;B61s#Zx-&R=l$jjmRk`cY~tJ0Xo!*RV;J
zgBW%64<%7M`?(?)8<p@sWD^t~-8+y8hF?xJU-rr^dG}`3>1NWPHurVN1UX(l(2sY?
z+L0Q)Qu?1Xmu+LZO=`269l(eh=h%S76vK~$O1fS5z^leRwK<jT2<J;i28ABmF{$d2
z$`LT>CVX6YHXVZofEs7O1}3fB-#ML$2YMl_$5@n{stSk}D;(P;3)0jqHv~crj*qNu
z5YDMI41f~tmO!6-6B_{eA)kq3)ni8VplmJoI)+^EMM6u-m2FNpC5olZhlKMS4rIt@
z<OQbi#-mfqf)_-f9SRF7E;TQ&iRR>5h7lW(9Z&9r+=Y|`K(q%3LuZ1y`Sf_cU9p=v
z1X6APp%91y$eA6jH+JnqrcO&PUu*1E$uNsD_`v;z;OGvqHd~$s6}`<Z)7FIYs|AQo
z%W6>hidrd~xv${!?^&N$#B`tBd#+e<o&6XPKw{fBxxHLP&`VR$X6$WdARQ1g;=;7@
z`}8?qpawdEjiSWhRwhWo53Ma<01BC?;jTWZUBDV}qA!Zp1;uf{;2h5`<qtO1u+7a!
zB*~QeWyPUdW0^wedX2pE)9SeERUaO=#<tFjib=~8=%R*!j_Q^BUd^lV;_pDg1nd_t
z=J~%-crX@d&ojnA`+uP^ZYwy876%|tU8N%5`&HaO1q+8hh#Z^>(=ozdshr<a++3DD
zS~?R`*1^dj>+i8Lc}dMcJH09E#csP48s0I-PJf0f0`V(U1zk<i`!WFx*5;<X;a?Ct
zzU4!GjNxW&w`?#r&iF0K!o!w25exti`>HI%9hhb@m8CAWf28n$c-94hibMA<Fazg^
z_SeAhn*92p9YP9M6Jv#TmgRr?z;~2u(OTXL^uk!!Y8WwZ@hX$KfN;5>1K1cBJfrDg
zy-&~0)+GPMoA5xndQBht<8z&*q`bVwY^b)&Sif0O`MM%sp>FzhbUO}lsWn_1uA9I9
zGb6v<nzt`qh_E<JLLC;%rgR;amwH3j?~cu_O{xdY`QdzP%rG>(qk5-_3&h*^h&f;8
zv%V9Kw)3S>@Xx4>hG*tsTw&v3#D+EC`f9OI$!C>D4t9{!Ueg<P=Y3<)kz&DRZ8I8u
zWaa>ehCIjqDZSoiR3oBcIym}-U>-KgCK-vO(gj3w2<U?`13gu<s4iOtJ!I;sTLnT*
zb!iTiWb=88c0x815dnn!8Yv1lZ-GP5wWXE$vojE_nEseWdW=(=3dK&)Z3t`h$1_}3
zaSzq5nG<PrYFmHHAItN<JcK>MB251;`t51Z1(+>Cq_>lVb6msvp&?<x`@7M6#~H%h
z0oG8%abfS(I4Fo()w@OR4^X}eKzWW!fV9)KBfOwbNK_wxEtSK>lws!ZPlYe3*HDk#
zt3IX`V(|x85Y@qOY4INTm?bjs;Desgr{Q4{*gKY%COD2uu9gKqWFW<I#}0!B22D@$
z{VTw5vAo^3r^ai+g(Q)^(g91RIKWS{43MLwGf`xigwPh>6WNh<%OA?DQ3g*r1Q@NF
z5-UH%L0rV3*lv9QjfkAU5n@f9mwP(CHl<|n{*BLEnj~J|4r%l22G<C#aMRe1Ubi@^
z%EJ8`GqQH54|CtreV-->-YTF&;EGFv2Z2L){gRV`+fn9=&C5JRk*R&B%Le&X7T~{#
zQq*VU0C1R5pX-+b6xNXdW+WxQnvh4=wtb<Kp)ULf{5)OhB-S;;MheC{qF_hkVKFMA
zxZ;MivkTvp*5e`SBt=Cj+w$DLut$~<4nczZSgO)gD}Y2P1xV=NGrb+{jUpBE>p)-b
zH<GPe%6s}LG3=c6ltNzL(Fz9RPHiQ&%enzO$y$lfTHX>(1H9hoRZX=xHDF#>d$!bx
z=Wokt%8$M_Q|mDeLY#|Q8gegVqj}d25!!}u)l+?h)o-JwCv64R(~Nyna4u1}Wo+BF
zZQHhO+qUiG<OC-twodrRwr$(a<W9}KGY_|>Za;LbjjG-c-L-pv-}=_dC_!$6v?T9y
z;=XVAP4#S3BY2d<A$coH8mjN2f{qXzLCkc5X;Ik=vsM0u_F@ANk|Ot|qL^zWL_o__
zZ{cbN=ZW)7cj;?BN<B3<qjTq0ZWdS(l=DIxW;e&<QX^<%6h3u)z9|8beIaz-C;tm|
z{4u`*gH9}?;&Js_jzNyAdDh%=%m~t$E^94;8C1w2@**wV1Ij)Fu_AdhOj=u5@2TuX
z0p(~f-LYrvBvi|wJBh^&A;A&RkUI^RUnpEBt-%q)lLBHkkd*YM7pA``iBWV({4C<_
z5E80;Ob(I~Gino^;gG0aBepuhHFeQj+PhvOXju3>g}bMlgm^KvzU#=@iOh*IiW3Qm
zD3o14^8x}D<26myZRqXfCGSeT!n8C&Fxzrd^~on*Ia-=$@|tUbMRL>i{T`9Fu;4kE
z&*q_7(|oY^ZFM9z&Qxx(vWfQ+*hK9PEJ<Z^Of|k0+c8%W@T`xS+H68IYImTuTFGBP
zuDu8KHxv40{{@k^Vsm+JH86g9hr!{yL*4n48(30wztka2mIwP@ix9Qs@#Sr`ieUl#
zY1Of;X1+LnU(#v_1Vf#9i|Nl@sVT_90<H^#7{;!U_c)Z0oPD5@>=|lEgA&b1TukXQ
zFH0m{!sw;E+hV@xuYqm`F{4;^D;w{8_<Ia!(;k-t6ZB+S%Xhm1BnK-AqTxMo(#q0k
zyD+LMcf696f5W|mk?11`D=f}+n<lR@-$7SOfqf*Aj~dbs3%urZ+w!^&xuQkZoKe^u
z@$odHIvqRpnLj$<F|fc)2i#ZZDAxFB$l^jOzEq)`33~~sV{gv{hH&!@s9VXI#+Y^a
z>kM22G-)*3d2vW_uc7Gdb`ql0r@3XMqQqKr9_kz7QC)5bK*&<uK$ND@Kq%(<|J-G@
z#B)b?0~rf-4VN>1-n45pnGSfg@zIeMBjsM6$v<t%9xisH;z)NgbI#zfUXG6@Z%P<j
z7M(WQ4!zHn=g8e?g`>3_$BADUE}mf@Q`04dGG#gTFTR{_f(6v#OBpQm<Td(VjYRMu
zjvLs1olrAMQ)X4xxehSq4rZ=yF6PGe|A8D$Y+%^g+1QAfi2eie@xd_4nLAjzSuqna
zGjnqOXN!f1la1rQTC7A&|2aU!#lp%>^uI3{MhR;>H**&vMhQD(H*+y_Q%5s%7y$v8
z|MN7jHG5Zgy}Z#mc7+f~PY75fJ0dQ?Ccn^(F_sYs+?7I7p>PN<V3S<P$<q@A5CZ1u
zKYF#<vAyXSI8CVd%&orYUZFUzT4_@klf9NDRAO(GP=#kF1RTV&ur@F%3<{=drXHEa
zJIWnW1*8bZ2^C*pfO=*H{<@q*snSOP;u5yjOD3G4$ee?r07Ra|AA}0E0|W!~3f2~+
zXuEUX17d#x4pi}^WQ*$=L^FVF;s_qjubjeRL}?2(q1->Zv;+ggtRBg=!nGPoi~s`E
zScdTZX%-X~U!BXpu+fLy`?s`aa$sWOj<XLiJ&nlZ{2mJ|C4yIY#MC=p7S1{_HuUst
ztw?T0#1!?Zy8oxgRDDuN<&V<vb^~x6MnXah$i+pA1<?rV(2>y)L?~ASD?d9eIBR-c
z{g-|(@a6Ld+3zQ$n^Y#wr@-9b<P$^SN4K?U*k~4Sk$kF@x*qgc3scY}l&`<SD4{ML
zC-C;5b|73pUW5IBqVR$CU|Nj6{hR*e(jOqE>~q3}WczrptgV1d2x%Z7G5*CqIE_5o
z1#*c1!n@2TG9dV7yzSv-LqG_kM!SGw3eFPLAKhO3WfZmg%a=T<n12Di5Yh}3gd3=L
zdpl4QLNU|U2DH)TomUUr3?8`7wz5-QNz?d?^Yc3%4YSpoW_%1V4rz3Fun*$&<0f@*
z9Pl|^Q9*PP_z&bOpAM3>5%}hN^<#eF3uOnc-qXv4Jm?k?l@<7_HKie*6b%lT>B}C=
zpNR8jlvYtNA&`CU`{vuGEU<w1(#-sE7!K<j4be;G8b}H3W6AOHK`dYz2<Gd%L1;;d
zwl#3{-LjD5K=J&$Y(wx=urd}fQB4G-fiNW~{5O<s0o|km#vM%e<1|IknLg{3P!YMv
zW*_MDGwYX18}}E$T1N<w!4wtR|3e-rBx0Hm#G?TRUC$CRJ_3RtreqDdkpG7L_ybUQ
zdQx<K+y7JG^1YTT{7WZHNRQa4=@lEd&ZzgjBIu|RhM5I(X)<{^pHBxfQ9(`53R&ak
z+ztwVY#<}tOi%mR&)GVqA{3*~+$TyV>PA@EOa-}<A>(6@-tKRkS8y9t198c_-J)X}
zI8#Caa{@jnuXJ&LG%AY+*@ll9VtFj1+i5s?gfn}H9h4tc&6fRlld3RrG2NHSo8I9u
z9ID`M{C99nReEa<(3sjcr}U2R_YRob>(aklTZmWB6ZiK_uTuK9p?OyQy{ruZRbdvZ
z1a(OYvwz{8AlnhT+>UfQXktBp*7}183l_Uy4T!%5tDbst`h<uR;{Rw3^^#B!Jnm~W
zVdOyylFAlLUD;q;UJUQ#nxcndUuUOv%!JjnVg9k4L*b<^8ms!!>a@Yy!^^YJZe-?V
z=Y&E$8LVAk&Cdz6Bo&U(>Pi$NO(zfFRjv_HA0H~#gBJiOHSS5O8`iU#G?D60jGI{v
zs)ls7N^yW~bo_g16nYG`7BeXt-SU%YX@dI=SSTS9C;Yu26Op<WF7;Q)v?tSLMb*Ku
zQE6}+EcT7}5h^OIgyl9CJ$1CG1aZulj6@SX?A|aU<@Y!Y^pj#-QNy~y!};CPlBGo<
zNQ5o!WuZF1w8&Teg{C{3X4Bj4cEB9{?YPA%q|(jtHQ8zp9BkA^gk>;4VWN=;<(HU7
z<m(68ecR4M$Ay(M^l`C^_e%6~f%83L66837a;;7^#U|N-FJI)GXuDYut_5B@sqOA_
zJBV@o@Pmn4&^~hrq(x}#Lc~m5{Al-RP%Vr~Ibf|glTc5wqRIybFb#F3MMjzgjU4qg
z8Sf<Zt`r3#J)lME`b?9&>Ylh?I0L&}@Nu>qM7yA+BuOYR)gd(cqG;QIh>mdD3)uuj
zZHPQg_Y4=?)eH6v+u4j3mkA#bXJ?*@48|owlLoea(3T!A#V))0F<o4E?9TD;k&bzN
zh3k?)%G9jZJK@S3@hp9aMxdA{sn`z#rQF0b$F`3u0%``oq&|Pt(qZ}iO$CpV9yJ|h
z7#U#M!F^8BZfjJ*?A&@js##Z#K`lO+va;{L<`T_BCW{EQn3aSqG#!hJbo)pslPbUB
z!S_C9t%j6xDF*sXgTwpl_ql^WGN>P#KQ@i{pN@j{%~37qz`sV!do>Tzit0SFO?spp
z+VjK0R&hGS5Mhq{6b7tW(eWhSGUjuunN?{5j-RtfFO^E__#d;ZaO}rGKGH8{$*?i)
zkLCWq)Kg<M)qX9)(Hb~Q2|w^l3h>X{BhUEkhtbS$cYv@w{4GaHWY&S#QuVKnGQhK7
z(Kwr+Q-p}JRU;8C^XO*hz@cDaVh!8F$eZbVZfJ{uSSF-ctJqfVl)Z!_j#rPt<53Q8
zoX_HDIv%v3iub8<ZJc?#H5rfIu~X$P_g4->ulfbB=5<_IM;q2(pEL&glXT>K*gW5M
zwbx)&F@tO4|8U9(=;+0_0)m)Klb1GKYu2#lt?%ST%9QfJ{?fu)mWAP8#KlcQdDbjU
zF~U(jrwuM`YIfX%#ezfPa4)n*GWbP&Ofp&;CxINFN_iZr;LD&gv=^vNI*iP604VMf
zs!gDo>(!4vrE)Y&hL3+RQvcF0HS)QHO!V97iCbe$_fLd@-q}?s1@#|)l)fCYKmEfu
z8&``;htQMfoSz6G{3;I8n`LttFfulXa`{I3$9ruP1$OF=j7ScC9_dN@UegIY*jDTm
z!eD3ef~)FvE<^!LS;fy9me*n3X<WTSrvm-f)2jW+MY#B?R%M5bRt>+aYhguoGP~-m
zy#uP$+EZR$HUxuLKkR&5MVwTX^I6mjG7!A8Wdu-oc;hGddj7Y>ygKp8i*SG8sAN!p
zZsf*~7KsQHg5Q^}z>YAhG_xBg=CbV?oO<3sf#n@cWBY^};pO>BPMn-Ix{Ok18h`Cb
z!iZx3BGx~Jo2UvgB)}bl7{}sAZ)ay`H@7Jdp_mua!Y56uH`)T`cbh77xFz|;u9|p$
z=E&G6eA^glRJ5b;Z^}KaH;5HNK?3_I64!+J8&Ug89&(5fw{m0t1DsKwJIr?}l(Hx*
zQofe?^IDP(R{4Met`+P6%&E`5{U<BDvBcx)ffQ|P`GMKNeOD%ON2Xqcd4gl-TN0nm
zdK4l>^lI8ya*<>jMT+=|EO{Jw_+422elJnWSqfAxl0PBW*{xJvl#3R_7-5ZOalVr?
zk$v&vLU>m1+TSk(=GU>`i@YyWiG*Aa=S@JbsnA?LCddVv<F9JO0HY{Lneo=r-w2J>
zNv#du6wJPC@<wQ0Y*mr@)^H>1>fRp6Dg9@#g@}k>2xntJemnloIE*3T=SQ3~m^71c
zzKkp7Ra}*>0G|Y{bMxZa#iC6bf(G)Oj^0bew&k}h-bc3VTUykp?bAxWnOCr3dJDy_
zS=%BFQ$PIrD{p`D+@@AHjMqF!+nBxBMaLPQw>06&M}Mf>j2Qj=jFRcJt7+S|)Dcz|
zW*)@k)C!HIg*Fuk3P7z&mi;n;Si>eKOyF+~x$JZXQwv^#Gj*tKRI9DG-v(AH%hge^
zN(D@fMgAvukcQyfJvE2adHO1Eaw~_?$*+4d`>U@|3Z^{f$(K9zA1InDu#4{IAII2?
zwipUDTO`_??EZRf5FBecX<-LnNL6lzFme6Y*G7fh8?AN*1BPy2S~uW^43m=$H3#hO
zD?rZT{dD`U1-^rJjO;uiI%l<vePrCPx@rNx4;?JtZ=GVMJ2V{rX$zMz@*uR4MGED3
zCW?~=7<=y9;zC67;adondEv1`x};yfGFbJM+-A=nW>TY&?ZWWLm7D)LTYyctZ>82_
zd8{QLtBl@&utP#&rBP>^Ndcmsf-h;``Pa_<-GZgvTT}s(QQiweUVBWrcq))EwtMp%
zBnM8jEtm1-S5#-@iNP0=^KQCyv<H^xULZGV{x@A23;Xd&S=Cvts%2Gpk^h*g5!vG;
z^}}+A1}cgr=Jvt!*GdT=7$S@&e&sp;+ue}d>B7i*lbQ_1K?o3tz;-Pfvpf`HQ7u9D
zgFO*q5<TI}g3UQWYKGaWO+<!|;8UjTJZS;Ck`j}kRE-Bz?)B!e1Hn?|FI4SEQ+)ag
zNJeqVB-7$j1qw+59xVv%P9IX-l7#oMY!9v!g*IzHE%HOuN*_8M7k%f)79ltd;I2bl
zUWDjc9of!1;sTjgnvDRaToSyOzXDbNK9P(?xDpCez#%<gp8WJT8i4oQGw$UWO~DYS
zyN)E@JrQhz#?uWyR~lvYIwQPW*d*p!R#KTs6iB-#B689Wbha_(U8gV9%qxjmsRcPK
z0|hV>OfcrwAK>>0626$pi}ZQF^p=42_ddy!DXNFS&(3ia90_7QI?`EsF4?2*7GQEc
zz(Q&Vj9PuOD?esr+GOv#v^QX;eN7+H%%^m|C7bHR!-Cts`ic+n!kW6Qa6cRU3s;fz
z>Z0UF+Gry0I_*r;@t&|5ZXKj`aH$mPKdq#ULm_up8Wk%E6lxp^JM%H1VyvU~7|<EB
zX9zt@vo&q1=xU0n=$Y(Wj}WSoRRR?V?=D;7=B87SD5hN%Q;wu}+)dzX*Y9g;_jP#5
zH|iG5rhQxYBWvd`g==Qy84KeIZEuKP{)v45HUhfDVCQHyN+|ZCVl;g_;ZKpyZALbG
z{VaNNu7bDmmt6XN<$hT27{^n(TB!g0<;GN_nk+=qI{U%uDe|XUJ6G3{7Yko2W;Y~*
z<jMaHZh?kDm3FodTdB!n+^x^~IhtN2o=&Fj?$S6u?K!J*C?O^*KPIMG>W2AK)U-{n
zT<sT(uo#3#O3HOZ@z&SQmR}T-ZRDj5p$i6efu^-E`^4~5QYLrNqmKFH9g9DovB2y?
z<%Z&od8pr7Bgky{9O8TBSl7H}Olcw5mel@+QL3cP@iZzAXPYCA!r7pbf5Ecv#SHrC
z{zJo6!Yp!3=AMgc1o_(x8;k*W{L=z6l^%z`!UMIt!da|GFU4<HiJ|k<$l^oa=%moH
zhC~^TmQPnYPzSo-r04)EHt*&-K+2-wE_3way9=?$U&eQ|$iQrYAXya-;ld{ypNh^0
zT@k}7I>dHcH(U+9Tb8|yfHj)ycTRw=8-bW$4}6=SZK&xMu5+k_NsGDP$LVH;uI#^3
zjXC<(yuJ-ys@D{`gzBQ?2^_iI@1(0=K*zDA)DK6_k-r@*a|Rci(;0)~=Ee1BJ5n*H
z&3dB3aSd>TdMUl+0&!gfnYe3JXe8`>octCt^4qj@kiS_LZdeW)Oc59;aqP9hn@`dr
z^I&n+mGku!x_`MtB_ZC;wW1R$tMZW`xNMwUmcjT9V)Un{GD>(&nGFz8NN27=JSEEo
z*tz)WJ!D}Z3|Iya7x0?B){iwC5+y^mPJejV?PMH&ViF7ruMLG6e_TEbtWmB51Jpp>
zMeet>q!@>AA5%c|{1)+-bCNbBCqOBPLC>`}2kMOj4n4+>n`Q24GP<VG!>8}MN+Ba;
zJ*gq`M;^r?Jt7Yoa($`v^Za_c=y@2^Z;i;HI71~vt1I?>Zc@!rNQkwo0L0fJ3|(@H
z*%CWWB4UK&!gT*eJtEJ3H!k+Ot#$QvJA}dz1G7;bem?T(O@lZ?SzJdMrUN#kQ(W;z
zrgknJ4#A7F9=IGO03E0HU`#5xMDOsBmfdn^h$-D?iucKiC8=F;;w=y%)XNm?vkn0T
zD6yQa^@Ogmy25&}+ed1bHQSN3&#`pWP~Ua9zfP0(gbQk}&Qw);SA|x^`VOzg%Oe~4
zR#ACt+NN=_Bk%~h8_EB5g}W1SAkNeeu%Yh+cy(pi8IbSO@4@9u{8=q%-@<)g#M8w@
zv?IUd!c>IOLw^GvBrWktWevVZ-ta~}ovDAWL*d{Ia1-Ds>7f{#(Sq$OM`qF6-%8^$
z@PPWfkQCahU8ShQNF)d9QEVD@$GR@*A9ZcnJreQ5Uzs4I9O*c5*l*U_&6*sTXIVAN
zj4KU@#(1;JLW_?M6=nu8Lgj8MGrLQ|IB>PN7MS5Jyu8&uw;;%<Lc@p9)zTX-=+5$u
zjDth~h&x}f9f@SSn8)M*+sKp)+-HSlfZ0Y0O8Q81pIyU}8AKf`potPJCL@;Q^_uzJ
z?)!eDF(Onr!6?6)rNS^|Uc;TKM`u_{v2EQT!7O(3$vl7rW_5;ER(=lY=OMg$>}rCb
zRsZtNOhDqDh6(R(YraMe&49EkYj&#J9JE-*|A<!)7>G>?dS;%29WqG2mh<9K^<%)?
z)vMk|u6s{3LPrR2AqWRe@Il!Ky(vD<@DIc4XEz)c)nRKqD*pr7#TiXkg}m=<wGSG$
zvL_-Ls9!lmm@19cViVzx-u2eIr?j9gq8%45fwK2HI+$JJ6|U$mN<oZ;L0C0WJ3Sp}
zZ`rI+0DG8-Ysy7bwa2MTm~FNhVLKohmnPh;d1mn#gVK4yJ^m8yS#x@Xe}o$nTTDs{
zK%Z@RStwT2_<g+s8pGkEOg=O5X?!EZ1i7Q(Qm-2rY50k;<;0yX+mG?}=71siEN6{9
zpjTU~_DNlb#66bcFMF~1Y=T2;k!+(@n1V=KO0|pTt+HI}?3`9qAt~+MRaLsqqXLaU
zs?ykZ5#Y{D9l{Ftk0Ol0t<w++kiH{7_z-qrQm#$_%?fL8QLbVCkKv2xy|yU!7}U(U
zUKpNmee_RTd(V1fls3_Cq8`O)@T}OtnkOSN3P}e}K92iefrV1oOHp(Bkvd44yZ4*j
z_C~Mf{Ng;<Vu~p0edhxq!SZGuPQaVL(uM>@#QxyqFPzs<9umDUDBkHq1|GM!12(1a
zl%K5A3x}VL#1@`~R9@2#2y-8EQ9X?{VmQAB`_E(xhh^itIok_rU7%wUe@cb3y*DsB
zQB5R}G?PDO8jtGefR0i`-j|}BJYNh+{llw1eoi%_Wdd+3JQallSY1$Mx^2D<0Zf7P
zuNgI%edRo?E8zZb%sKkd1X7qO7SJ0L#DdXOR|k5*^ztMns$kRU6Cz8}1|sRbBn3RF
z|G*<$F`&*Dbs3W-g}d5is6`zwn{eRb-!a2Qz{uS-g{t<EzF?4y$`h{IZNcal$TZjS
z=#hB1W9b!S@KHY_E`GZ;R#AL*jiekw08(hkQ-(4?VTMG3`bS{F9zTZQh_BLlGv~sz
z9;jz+8=L+N5ZzXQ?5J04AOLV57@>Mk3|B-m9kxmf+@)X0f9n#I4IR2dm1ZB!!fM9p
zJxVlPdr*Pq$-!_8;r@!Hi;)?-!hE14JHhW9BscG3+549y_xNGZ<mcIdHaDL;Cq7wp
z85lTfC!EcDgs&#gLLFnr@a-*7;c;tsfJNFvFH$Cb(yJr%@#JuBD~)*i+<0FP-A~%+
z!f_J3j%A#g>(<MC`mXLfDnAB7*BT_!UP@mC+Fnm6sE~#iK>x4{8um)#xd*?aIjIN(
zvBi?E#sG2fYl->!&I^TB-PMPAw3)K>JB?<7onGJ&OGn;#|JNA301>l2jr}o;Z<087
zK=>jMrga7Tabg33q^eEK9E|ne<O0!ola(Ce1Pe2gNEBlubw`8Sn&ii=&Q4PH0{0!j
zA8YGXV0Rwe(|hxx1SQ<shV6E;oV*WMcz4(e>6xlv$P}Cwt}7RFH9WdB{B42$pOp%+
z7#G^fGxIfZ@cu=zX$cFzZCsdRbB;RyE3iOf$zp2w>RbQ`C^A6S@-i#Cu&ch=PR0-I
z{P@FIS_p5rKz2<e(OU=RwDBx<(}Pz7VHy`_vcooTV0E#ryL%n<af}z8ZIm_v9uB1!
z6ITVUzukK?Df+6hO?kk6TzxGUXJZzz_qL_ltlfh`*Uz^=@t0*Ym=_6c`?-K5l8ZYz
zPS{0AJatL3k10FKEr$T%$e*iNIK1qc=$cyRAD7g{t?we)wxGtiqU6|vm{07N)J&b1
z&T?9Kb^m0TME69ou2}l%9OL{7S<U&uMfHvg<Ggm_o?rpLXr%Qu$$OR_^3R7oS14qK
zB=l9xzunD8arXwEZT{z#op>m7;vv?+=c=yqt+fd=!B}kp(}iNopNjHncB_u)^Qkf~
zEb}VZ2JF(oC__|bFP<Iw-QAZ)EH%!VUfZf_OU*SaIN@yV9lCWFc{oVvmTDD@Z9-T<
z<ttlaxOn?eikTN&l&*#bt&(++vRrE}EyyRswGk`1FY{v>@$Gz-zsjRSDMDWVtY04f
zl#g7RNl`UaTO``0d-wnTYh2*rx6%o{U=^EUo1nX`PUpKblGDx|+-cgc<&YY(kZOZ^
zhijdYgcG?IbySNGHH8pc`S3!B7ii_*AMCC!yrcBns@gf)k~wV3Yv_B3Qp%UP$g_j`
zu2^BOCVh9&c>?^JAQ<a;EH0}uKHqxB4Kf4-e&~KodTe|y{Nio-G4HsJsdE&r^Rsxc
z7%Y#q)jhQcE0RM9`1fGS$Y(Z$cU><&p{LI*Z5RJHF{gKM$X^zrx^}bd&~_G8L+#g>
z?7=KmMAy5>X`;$^vPUG!^cA=TCx><o@o)E+9Db8*8$7hCtmFCg_7t3Jd-SgGwd`3Z
z`L$A2EGK!?9@i;*!e7^~1y|^{m6wrZ+J&#k=bh!)kmSZ}k<0sNg?9Px8~%*eD1TuI
zKcY$GALdI|Yab)3<y#6I^O|nvFUrJ=0e4zphG;CiDWs*6fMQj$;+855!!EP0lnIX#
z69`pB!wtW@mQkEVZk`h@x9&G=Z@0pCCAGL?Jimc85wz{7xOjIwaxsmbZ{fV|d8pLT
z&^0}yv40GD=`h<TDl6no59?dA^k>Wh$1%W)HL-jO2tWV4-U$jm@P2JZ!;ly;2(6I=
z)hC8lQY(Kux@kTv{ZSd%aU9EjQY&uR!{xC>oUd3K<haH*2kI`r;CciFZKfq#aK~L_
z*<bnAhKgfr$f5rs*AFI{;?HSb>5}zjLv3$FdGcex@;7O@#SYqO@C9lMcJ7)I<OjQp
z-Z=|7QD7u4c93mt=MKFLu3uZGIa;UdmtsIK;SgSLx-`wq)F{%Px+Wbf5rS+9M$&~&
zW;IUo<s%WLcRL)K`EH)}C{=6TBlLXsn$!hkyjp`*o@sD`SfGpXI-oS&&T%_+CCjGK
zmdiY-GbpqcotD-p9Id#<o{2s_`;jC2bWn;#nh~PHWyV06S<XOD$wVE^>t(;1c&P9#
zs4~HP4$34MMuqR~WG42E2d6g0qzm#@QL9Z=6M0c|JPooa5Gj|e0-Xev*6C$VY0~Q^
zy)V7QCJaX_5=4pMbk^)7$5iiog54781oE3rycGL|5mmSn;v$NreDWW~>5pwsRRDJ6
z7XMD1gahUAGfJ+Dz0?QN;dAqZyV@5^;+Z;A%pbiZU44z=Y_w2Rm|%ma+Gj)MZR|<p
z=724^dsyngy0Ayc!^||c#MIs7BLdE0raVgffdfDkbHo8p{T03lQ1`=|$g;D|hSM$u
zbhhpa#%s{)BRU)t9pwp&>^+bQ^ajb(w6bIw>uTsJw<~3TH?}<L+n6cK=p?Q|JiA}$
zWksO&XpW>l6c!NoWwD&8c>X%B61l#;6mT|SPU!-P_wQE8Eqli(Flo>lE0L{+x17-)
zD~~oBQ$!s|{-)vIZh-~i!q0@$>A-*2zL7n^Ez`oqe>3*K#1P(FWS&mPjIFX66QtlP
zpX*PdIl#9S90CtRj&?YnIe>NOiv)4VDfLIEi(o~Edn%mmEUU^r5fOWeI2*Y+rg&tF
zAk<hJmvDYck{h>tmsTt{+1>;Ua#}D;*gue#+=Csy7<0fP2`Dvz9h^du@S;XD%1ABE
zD_!nxDZ@fL7yz(%{G_IUTxD_Jj#n@^)k?+5397LhWy-0;oAH<7J?8pGNavqKuH>r%
zUP6->8V^H|!*s5366vO0IVBo!dl%i%zEIT5{HtC2WRBMSrgL3onsxuI5O9nZD_n|)
zXJ8>zIC@WDTHpwp=|&gE*-a!G8Sh~VhU`v;Gm`v0*3}MmEK!yW0F)(q^{U<=!(J6@
zTpn39I^#(H5lbLA^vl^q-cUt0X(iQtj-UGmKlXP)<5&1HDLG~R#?$#N6z@DTR0zTb
zq$*-C3O4DxMV^3p(!m_uV36b8d`}FQe0**~y-o0@U9Z&M6Xe#080lq}ztIFvl9GIx
z;@K<tuWJT-*{wF5=m=T-Mnp4v;IIU@xhYt6drVl@hB80*KBxia81@&{8{Z#0AJa2O
zrG8)&K`owiW&)=Eu<5)uSnd8IJV`Zz3p+RgBfVn@3S8K^bl1m^y*FY_5`gVxkiPVR
zi~(M$6IdG$H=Uq#$}r=oD^Y9ifl!SG38?!>QrC_`x!JKME?1f#zXo8;kEI-AA^0l2
z@*L9*lkbnj;Gz(%|GFIuU%9GkFGNW;Tp&KNK_0aT1#-ta9thj_m|F-_8ciOZi)s>M
zIORhQ8lVAedTOU5{UaGq1q^+O5>Zc{Br2N@k{;xZm`$;d)nCYKCb8;RiH^LjbCiEX
zP=z5XrCzB*+cm)M^0E-7A5L#$y4-eK%O~CIJbXcD^QPIMG1qGq1%?va7pIKq1B<Tz
zu~0}>oG5`qCcfP^R&atCpV_Ckwfx+6A=dE-gBizA*D@#4CvtM<AKyWZ<e)9_6l(w8
za2KxVW>F|2a80pk^_(W{P17GR(hBHM_kqXhnI3=PrkqpE9k|$TtnTxqzu;&4!!V0u
z5wtBg0OmaAwD`TZ@*j`4Cn`d&?}z@8G4XW_jvdMul(#w^mRboFc!nE=wv3DYa0ncE
zRx&msha&&jswR%LuY=_XxL-*a>jm&)pKFOhW>>ew@y!anqTGLd4|0R^Fp3sGic6uj
zom#zgtKgy!IcO7<H~uaU<UhxQ<Xo8<80hz){KM@g`kJEQ(>Bw>cFZ>+Da9Jef6*tw
zmZeC6yNrz1r7Nfv-i(_<4-m-NX=4Z<%5f1tSRp5`{PLcDOt5;BqF_jK8avUJWZe2X
zD%yp9z?XNh5psY8Tr7cll5~H2ccpY;=;DZQZGQtduzp?tcRU3q?*E6UpyuslPQ<8a
zVx#J255uTH#LV==N|3O2adrEFY+V1vP+((aX8WHq6fSkOUDqX+{FiHc_vPfVyByWa
z%Tq3?ocF}*@pu!)5!1kA<ET|A$_KIy1&^OVKsLx^K3LQZOYMT>3*Q}%H`X@`jhYbA
zYvT|)QDjs^)#h+)Mr6Px;nlIx-%rML#Nk!jk=|Emq!i&bp&h`R{m8{;Ag#brprIo~
z+kP}ticliJa2RNJOG+~;!Z_=H)rdjW|EeuXO3{I!m-Pg%Em5ln$1UZ6v?`bJ!K^)%
zfo2(lQl+MrimbDe7N*yv9+ob+N!Q>ofKB(HDJ1``((BaZ)Q{5uGgggs(=X++o@|z7
z>rX`Ov<9tUii}+*6(szU7ac&Q&y6V+*^qur@^qihSukW{;7v$BgR<*-CuAFmA*QLL
zYY2{6y$r#e9utQQg~1sWa>Lw>2LpbJ!i4-=#YqneniPCDA{Na6R5FYRmb`TVfD=g6
zRAf9wTBDZ(g%K~b5QY{8E>TPkzq4N_D+Le96vu<50>Jl?&SX%6R78oQ6M?{g?~?)#
zMGPa4mI>mRu^=Vp5|(vS1yT_C@j|r~l37b5hM-BQq{~ask<%>j+Tl{BA;OtU9nKM{
zG$P6oSpzK{b)!!wX(}d$YJow6izm`-Q^ZHoO$u81Lm%|RFv<3S;=c$wT|?c#D-q^`
zW)*e_{ZYJ^FsvI4!A_FeU35e5hl?w;D4da$!3r6b_<(2L4tXOn2^JblW9jo!8Gx4G
z=XYm{X&C4eQ0SwBT%H|ZqNR$`GtElRi$KoN@KKb9YlOm?jfk*TA!KfmfVP=q!W|W(
zv1gH-VZz+~lcnvr3E<qutK$qb;6&%eOQgI9^>A_JN!<R0IQ$E7Wq<UcGdp1CFa8JV
zdjY?xqCnKkVNjRD)X^d&wcI7Yh=T|{l**}%lft?ZuI=n)-P=)aOupJh$7rtfV1dSW
z8-X5MbLw~1*XK3pM_?N~kyN!3UGJuja#UPZDd-bUi+1}e)cCV?SXDdeRkTirR4Pu|
ztjdCdBXroUZxcXiK|GvjK}u82Kv`8^70{nSAB<%4OXBaEQ<|Br4UNB%IXn-Mx;%c^
zww)N1FI!)qsTz&=kQdG0&IFEf9<4{r)gAXs;0TOnaRV6y3M|A_A+)QOAi%SXtYL?i
zfas;E@lLaNwQ9^Vi=C`emm-^+ytt|}8YE5M)KVd69Ef82mu*}U9>M$rN>pTsMHvoT
zuyP9qgB^3<2O-w3u-L@<Ae7u+_9Y(OxVrc7&?8Q{0i&WQC#(tRIoULZ#zCl7Nm7s)
zjx#b0BKKYqkn;$fa*;;CnAaAmi$<d&C7LwI@^U@3FoX==xt$8=Ky`<<98>QYbRrkv
z)HYZk@wt${OMbHDF7I^eSyWuXMDFqFjX=E7SSrMhj~OYKzUgPyj{v2^<Hhrs&%3W>
zm{=egPrCT?9TE0!?0A8UDaq7ZJ{bNYb+T&N{W{X*<>Ci;{ncAH7mvB#p%{EY{)&~{
zqw~%f6#=hkB!9k_Aa%v+ikIrMmTQ-xHMu1U#C7+Ze6i!iNzZ@(-aUOp-<PWpP70=U
zA&dvL#$868Z+L!%O2Cg;l0^J=n>bz|#Xb;H%%9f(iFqWl+6mwG1wioxu~&P}9I>}3
zq)DPr`Ue+xst@5dh}`J}p(-<25U(jH30Lr)gy6F2Ybem7AT}d}+T#~0A$M-2Nd3J-
z=Wv?kq-$d8O;S(5or~4pdg|2Y_uP-P#|En|=;*cjed5D64@c6=8w-EEJ=}#LHqA{3
zLE~eEq}x`6Hq%?yD}WSrjA#-+cKnt95nTN?*37V=3qg(jBQlFcqxl+lneuz;G!$i^
zh~V8%!9PWs;9=$vFZ_?I0_!dbcXY?fXfWT_a2j$(Tf!q^4XI>u3<7L36(RLrbikG}
zO}mg~RSH=thzA!2v@qQ>Um>bKw0bYkyfcm&yZB<X8^Wk@s(W%G&!4)!^qL;qseCA$
zhv)Mtd@DAWhCI@wt`2R4=5iy<8O)pQ)3|izL{Sf156IuQO<y*%t!;Csoi7gc*Ql?Z
zEw+AksJ=R~Qp1hU$#J)M<8{PA^W2Y7H8LR_zj!4m>=}>(|Kgx9Bnu|2SecOk-;NcE
zi7L`PQxw>zn3D6K$B1La61o9PpVkx3&O@;D$68T&g$wiLl$G!4SQkO7#e^zWsL@R&
zbE&i{IPm?XQ`nJRAN7iAO`_(sTNaq@cgoXie8n}m`dwvX&AT>{B<KT|@4k2WW{xrk
zJ@jW$l`rH<;_P|6{++p_*DKidqDN1HZr>zc4VNi50i2qSIg}ajsd^s@TgyaeNd<j4
zr2QN1c*e5U6IyzfV?znXO}?VWPK3UONCP5C5kOCT@vzQAWFdasPWF88GT)o`U2tPt
zH8}JcC1!*X^<;>2MX6`-L)ST0g+8gmZ%$dEHc3U0R3};+^axTBWk`_c+rt~Q9+jv{
z@2c@G-4Mr60RF<-2X4Q~bVFI`Lv)kF;4%Z$+c;AOua*)JOqd<=r%{d>KxMwA9{p<Z
zm<95kXSW>uTvSkagj9%?^J46&{q5!f``R5Zl_*!%$u&y9<fZ2P-%kIG5X-W$onbL+
zp_?g2#`J824YI!tC=YFTpmCEG<C#@bcF#@oZi;qzO@~+yBBUT+&$`!|@NP+N&(+4!
z+Dl%P*uMJMde)O3>1N0~pZjHSwboC4p0Ey4ZqrJ}DO%z+kJfNN>|NizeV26>A%a-V
zTZYh5sJ9S_^zl+OVcJ0m1ZYbz6GR+ashlwqP|Tv{lucgP@pKj_{`nDm7zdzV<#h`3
z1bjRhDjIZpQE)lLL0~q@lo2EnDt2oS5>RXNr`$$T%OirED9`U+RAEn_S_6Q6S=zq3
zu?_U5s2dTm%76PNo=}=U*$H65Pa_Ot7DH${?V4@rb%_fhtT1|~X@H0@K&tw%Js^58
z+e6%2j7dz|Jx!Yp&mtAWKT$uBm4Bz%HJUmG`rI8I=(|l+Kg*i6hN1epjK{`1!2g*a
zCCp46J*M8&cbT}@TiG`($osglcblm7lsntQmU%4zx^D$;IY?O_EWJ+H>V8Ys<MHl^
z4x`FR42c(*C9}j3007=!OI|ISEN-m0-u>9K3>)SFX_GmPuTCr$jk}9ZY+4>17kd|#
z{e)Xx(o+s3e}Zct&Kn0tz1tBD`#mfYaui*;e4e~Ha3&a5tz4M-aN{8M@4L%nF7{5J
zYYTe(zFi;OKvmHx6;Bm$`0U+(WD1&j3;!X=H>+lQKRs>U7h`_=aCh=_Wp`!8{Sx%q
z)Z4J@O^2b@FwWp;5^<YT$*E}^YO85nd(1zquH1AXwO?KoeahlDR$Ohpi1Nn_q<jhf
z94TnTydd`-OjuRCVCOY<T$#S0_Z<!}zFw`h>xIx<o^*p)K(1)qbrQhK=d@o~v5s3k
zb#q!G`=>;k!Rj$IML}9Jyn1kE(>wKZx>2usbz#M-KRREvavBt<SM1-$eX@38HOI8i
z?=i~^G%(~a<uL21pSDAT73?rE<seAF<>+qb377AWWzMaGX3%Rq2Q*<z!kW-(1NBFy
zx_a>c%dTg<7?)>_eSJH$U~!yMlq^Sv1okMoUu4qevkh>hs_tnR_~6bpRLG5({LZSw
z^<Wi<ylWh7GVW;<T+w`@d`Em&WX-2jwkQJ$@bY^28mt{p^LFRKsVR#`kLGA1@&~dP
z>dD};A$5ibdaVlGrxbFBwu8b3F$V#n3b{W#8CanUH!qXkS<T%)cHBCw%Y#G87*3si
zjgaf(!5$3#%88gqB--pFHs_?ewZ%oF<~U3_p-5GB@nvyWwbm!eZ^5n~0WS(<1f{Af
z2A{tcxgOZ`XYwecK7Zf;r5M0t5OFkW)(K4zm3ZStXD#a3&`rssw*4G4rJ=VL^Y9u7
zk>p^h^K|JMIV_0hQA}8t)dAFMd=imYWL})8*dmS|r&AcgsK2nc3~sY!Clv3nfnK&w
zQ8NFCI(<56wP2SWSThA3Y>_9BVOb3KZUukW^H|?=&9;#5Zy^dZO+ei+FLJn9*(%r_
z&@2buXOD`{XDlmN?z~+Viuy^0@kyqEdyK!mDsIH<*+UnwJ-P$6cLug7J@gvk#SpGi
z8*#UOyLy0^1ZdqYQ-miHu(eo(#P(*bNINNt+4LmVfPD*LO}~SsG2N~&;Jp-~ZJ<=<
zzGvo58xfI<!Xs-T+Y<YdV3AZ1_b7#nx}cZMZ#apTtxAJ8$JWr0)5_bjyoCyJ>+jUE
zcdwTb`dkV<lZ~AVIm?%0gq=e9-9S?+cuzlS*uZ=AHoWL}@_`JmKfw3x#bmojSY5^U
zbyBK`{+*H+1xSdPU(H+5(RT9{pfVJ?^z6TXJ*4~Oe_!+4_!D?aJs9KDQDu;u;Pcj?
z<mjQ<^FU`T-eq`e;P6mzT@&EF-BV?FYyMeLY#_C@c<r&=(}ZrQ%&58Gxrtd+wtZC-
zXdT*FWa#MrYrV#&zT++4cNtw&!|Lyw&;#9Q3H2ju7hHX#v#zH!Ekq5H`guVx|DTF3
ztTyMK2D>~1<N6J&+ymcw`|}Y0L4o#Ae-p+hd%esj``GIxyT-|=8haPU7JGfF>Vc^Z
zeh-q3(e8bKIBWl$m5ZqE2dLk#xjvfiA(Y{7F1}$Nuv0=)(Lj^zuN{>rHLw$Sk^)?V
z(g?Z3+x<_qQ4+-=LRy3QcVX>zn$|Sc(pw~T8Z>y~l8B>KetIu!vqK*F>1VZ4_2lEm
z2)^w(S`h|Lxu-F%FCg_lT&A(COXh<4<Atv%>qd*8>e2-n#OVkB*s3Pt;gSyovPoG@
zud2o#)uP2{qDGU`NU%dAnA?@zVqQS+yVTKR$)~4A<UpunU9|BsBm{+iTzk@K<0qu0
z6WLTmGia@CI?HHE8xhCQ035^e?Q>A8#?^!&=?r8{*}-!M6X_2LrgmECvyF&-V~0Js
znF@zg?R#b8*%bZ^>T|g5sWjWFhoVo!f9bfgN`Cyfb!SJ^)cE*>(oxF&Ot&plPh~7n
zsNS+EIMhyy<9vc>CL4|H8xS8P9PMT*W9p4vfzsJOfGhMADAlg<T0_!ZyaSXCEY!F7
z#nPv>OF~Ab!tkW^Z8DBH4uNI5x_W5n=N!3^Ok+Cp6tZ~i91fC95LV+aewWD{jU|kd
z!D?8q2T8P-dRv$9ukou}rw$%Ga^bYo*yM88*caS1tKI=ubWV+g<%ts+wW|=pkf#v8
zyjQZ2E5a*w$g|0{r_k2#P8~%YBPx;Kbx=thv6#sKbC}y3yA@=PuQRTzmDe!zzgIRk
z;H9kQzO=aOI2@?OI_i|YY6*yG`f>73)|(fltj@n^c;xVp4eWV&MKSoq@}>h+KHU@y
z(#gwOTU8TIbtz2-InQFQeakxQvu(O}2Jh$k4+ggWh)`{-5Y=X^Nmo|m)9YrCb^Xgu
zj4(yP$b3=XN|{Fy?7}4Ip%AaZ=gCXN`Inz*5xFqcF%{nEP3z8QA5bfDat#&()Q)5%
zqA27C>qkt~9p5bxa*GdrgaQ3}F6+Zc+kM)tP<RD}who^0F%H71HG&B;E@M(GG>`dr
z33?&_udREm&@AfTew|=^v;}&qgKa+DV2gaAMPTtwkeIX3qUDexp2EMnLdpJ03pz?_
zkZ9hpR1JtRI<PSpK_rgA;!ncKw!+EyN(1zTQ36yh^i)NlF)Ls)$#oduv%<o3#l7y+
zWCT2j2s{)SeI)<F!vjRLmllDe*5Us(G#7~<^h71n<^OlV6n2*XSull*>;J}5n7Nsl
z{-?1Ne=XS>GI6+#XX-N$E0+1}7F7{aVloXV;sJ222@vRDHn^yL)Wt=02H%Z#@7ji6
zg2)MOl07x057l<fX`jO@M+emj3ETFzqOIlsl9>XYt2sMs%yHqJz3l()c&=;R@SIcd
z5T?HWDc;j-(YDS7eUuUJwenh_b>Fn{7kH@V5J^nf0s~4#+JJ3<2IMDiA@PY3pmx#D
z570toz<{9xSdjIQt3UzZ09Qyvh3d43$Od+{b+jg&qFW$?>ScN1s@a{$5Nrdb&XAqp
zDHtbvIV9lrAr%hr4vPHSAR}=?@E#6Wm=L4fkPsrNa4S`$lC{U*KPPVze6Z+VA>kw`
zWk~zKq)Ng`5|a2I*+XDzNMyj2;KC>q8qS6I*IQXfREYFVk8@tB+^q%xwWHopAuzcT
zPB`I01xgw(A*SHgpup?Yo1mRwVkjq12vB1%*~Lhs6MsocP(Tdvh|tXd5?Dh*2(eVA
z{X#^Rf>)LmjIl(&RM-$llyWxG1~Z{G6hXCM39(mDhZ-1c+NwHU-(OYasy1j9BtB<d
zFtFh~b5o>)kXaTem+&#TkPRnkEU;`E!Jk_pTqx1=CnVIJLXvP2HXIh1b1x#&fj<gd
zNT==B$9=#o7FcNzstu4THsTPlsxbUo_C+9waMD5->x(EYgfMp46;V_<v(c1)q5W_y
zvZy(P@G80m657VtaO<{!z{lHrrl7!OC1+i551)Wvt6=N?>+!Zg;M@JUD}3VpvEsKt
z=DqjZ?(=kD;A-))^Ve<bG4lHpU%>aW;K=76eu038__I|j5w`8)zZWPJ4*Tfau6lz0
zZ`aTzkVb>RyoroP>`%n!s(QbeCAtuW{B#MPTb8}1YW&#~%J0uAE>^7-|NQRX3zg~f
zOwz%lS;Vb4f3QHaL5V(+FW7L6G6|7Jy2#sruHaHSmySLqmG#frB39T|xjNG;<8(Db
zjSS_|yXrr(L$FhE9&bd9s?u(;W(tAmuike$_Y(0&Hq)PS%Tg;omN!6>1#!+I>8Ev(
zaUvpP1UR8MX_H(~2qU7nQ3_9!olpondOrbbEm7Q3gF?U#$cPw)Jy9N-!OT#UrgJ-q
zEKri9g<zo{HmZvkZbFh!OKQQbDWqUS)Hu^Jpy%Y0mNHfq3Nl9L<q9e)br!oUOWP{S
zm3$4()AP%f<ipR@+aLmoZV}vpc_Fqx#7}=q*8?({UQ(1<M1KLM`KjC)d}jTH>83cx
z);K5D*tI(TB_icucje65GQ9!Sr_tro`IZJ(G(y%!@!S`fx5L<MRRcOcyYp{EpXx4J
zv^K9amU}WQS|3$AK7O1`|3T<#dXT2b5j48Pw-7X5o0MCaWM|sm+$qIgn;f=Hl(1(#
zsQ<^xj3}xBCA9!TsSn>H@C)vj)PoK{?$1OQcY_*IQmg+MUCeH>ps2Q(!;#}bx^P&y
zc<%FVso~e1Y-IOp>6xJXNV1Q4STtz!e6-y)@ajm7{G^nP!Iv-Cxj*wWpiUiz(+dr*
zWObT^)0^yN$9fUJIoaeBK3@IzWXC?e^kZ(*{yRt3*69@L>}n2YD>rApkiJ@Ua)Ld}
z8;J+p?x`Bky_vt-W7Gz_C%Ja@9j|A$wSnE}2cOXsIPZ+BEG_WwuXlR^$0tSZRgi59
zV_E2B^I6f-7yV?lMnYv?^MTtwXLCfQxZ!fjyv(ysQ<b`7vqIW$jSidqKe@{)&dm}k
z=S>q`OS!8(4YnDZ^t^KKoqCWc&f740y$Rz#|GFlqslp*}Dat6g%`+%zxR27$;L2Cq
z`+8-5hT?L_1>WPu(lA-_pail0_Fr#}!@AdA=^F1ecK@7b;*YuxN3IBSi9|D2pSxCi
zhCco+G1WuR+j7^d==H0exT;t3%1iu_=9GWaT5{24X`nylxcstMlYD~J9BHvu&GK+v
zS6I}KLS1ntUNMA1kRLHCq!N{gwp*~T5n|^&OTB_6iRT@-f3O(Np`Mf2x?3az-H;2_
z*uKV!?P=J%;c)gkb{Wn&)#!5I+k~%J{j8*rDm8CekIlIhXRjaATclB_LepeM578Xf
zQAo|PHZh<FRIaw)N7I@a-XHEvWkyAo%wLN;`zm)u^>Z3G+7~ECgrVfJyVe~6jb)#U
zKL?H6cVjM7Z^Lpx9`Ec}rXp?Ach?Y&xgl+$t#ZG(`#{c?q;RU>%d7Mr9pim$)H1Zo
zTTM-^uD-Hge+a5^@E#i-Pds~a9vzr8ta3y0_B0^2q-+v3S|BX>A@lhlJ|~}r-H~_&
z;Ea5Oo47h5AWUWBHng)rW+D{k{nB?cM2eg@q7zi9&*p|?wY2Qb%cjWncdfh5x<nhj
z$erwNU+!E=&L^!`hI~&bcFjdvaJLBP^V{dMvzU62s4j*kcK}#i;#F-{uVbBEH4LBU
z<@ZM>wmBSK;N|6yf8s(qtgeT0^Fmr8t}aF|veZvBa{GAvJsgm6&JJ~TyHOgqPT}Ut
z{eez~<J?@92vbKpdOknjx<7sYw+_r@`G32+{}gHdS4rppCso45#r|KJ5@rq#j{ouQ
zo;4eTCkZFM{Y?7?8B$rJR^h+|fjXiJMSKAHQHL0j6to}a7vOLymnadhfoS2Y)hzS;
z*Ehl5c4dtt!T-GazRW=%@yiZZuC;!hg6V7EPZgf)c3R-j!8OG9L`(KfK;tArCtQC^
z>*)67y2G&UWIb#k$J25>d~>zu4H-BiLIzCYkXihV9r9A0vF2_$U-tY3BPd<V)ID#k
zJ^q$9pQgO!EyKmURwp4}s%yjTiq~-j2M?ng==2V_>F?1$6W|m3;@EI3L%KA7>#{bP
zvxKwZL;Gp_0Yd;-3`K>%agkk(S+8~1bQVH*LnaVu6c-agbG)(GN^bxY2r@Yg*21WU
zEMRe7Ue>~spPn>k?TH|hu^#~aGc*yJ-%hoPtrVq*0Fh?;nFDMtxCGx9yJ$<$X~f7>
zIN{C&I;N+}Qs^XH0Y}wB62C7VH#ii87yOE?6hX)KL*DsYuZ5}2y|iOC8FVM{3s}5O
zye5*m9b)caP{-2pxY=b&28GVT)}U%Q1h}+*1xpDhHXb+akxT(%z(>FX0t_@E6c`Y+
zgoOlW6_0yBz;O--1!0!kt<gjv^Rqf=P#51^YECGKCP0vp5bMwM9A+Y{84A!4VEbbT
zK#&I$5mu6GeHO5#sSwl70qa<7y}VPXQ7`n*Oa<egF0~&p1qkxP@&>>Me7xN4KG$x4
zdzpjno<FaTM^4i&UEVD-ZX0}md_5s-3IzIoK3`7yy+6z^I|c?C&N>nXel-Z}ew_~Y
zeC_57u8fx{Dn{On+$T9}@f~bEsR(uwEGl_iKaHOU+EVZ(wsoue4GfpPM}7L31>&_|
z-~P;8PwpTGy`H~bx^v)z@9aKIG1%+US+u>H?wV`=6Z%WzX>JBqo6&Gg?58~a`JbZq
z>0#3){@Qa#<8Xgoi}kCQ*xD|1K%93VpUx{-F5}>qx4c87R!hXLEtWGp)IAB`)Leh3
zW!5^br@;BM_oGh{qpe;B`J3Ot2mxUCe75VKZvT%mA>E^Sc}7=X!(979Yhm>nxiMwV
zrI;V3iFfV$=IS`nlqQ28vH^s(aWqPI>Q(O)dBQnyH^jv&aVs)8C?X`H|M%~6QkU)h
z&Ry~!S?L<eHy<Z$Ma1*dRZo%UaJTX6?)WG>;!VuCeGvj+M`wD5lE`o%^WH01YiHub
zmewG8-@P2h5^HbI6{+bhu;r&VE8eF$(oX1Ay)%!c*!<eAJ{+6|gMQ!N7msw&u4A&b
zkoKFjYyWgl(mUbKLYDN$4WPPomSj6MM+KmCScNNLbu9lIRBcA+R-Ik5=w7YSfcQ_K
ztn<O;=?7^nO^lssEGah-26vfXY_{^qJdxHBV*9q%+KdXUXtKUntZO!#5nfbg`!8Nr
z>NFreElzZwJ*iW#LSot;nYd$Crd^QNWyW>UYAQD%f-K4Po`GomFXrAlIFer37c?_7
z!<d<I%*@QpOk-wd7&9}|nAsjPGh-Xa%+%(wz5dQU=f>OEyKmp08{MH+rBtd^wUn8v
zO8qkB0(DJxWP7=adi|-72-gR@<}t}{uGV5heYN&0hkVi03sM14m+i8FzwjB^)~_z7
z-8o$rt&4rH+@H<Psgm=l`9$(MOYP85AgnVezMv@7ob|4JI#aKE_dIh`@H$;4>Q+$i
zS+or`NCNV@{q~k#KhJ#UIV??Y%BOha5v@xEX3hAgU6h9!;J%$+SdMRly=6A!&uq&)
zVy(@_cJuhqt?L>&;`+Ee7Mlrz`An`MTMGWu@wV7^r!P|7*VD!?QXPd4;)UdhL2h^2
z1xNjAY&WkD&AO~n9j?!hN0r9(J_EMLKNqED@qGrYUm4{_Nh2m)A8wz2dQWDGY`G)*
z$X_ox()0bzpz%70pY?HT{VB=spB{gaG#VX){ASm<EDbv~f^BDMn7WBBlsmEdTaHr-
zu{T?&^<#E*#`WMm7-UwzwPR)4?$wH)>Oic1b7A;*p;>KM7gnh)s$R@gi_>b6D?_kt
zVh7fhPD-t~69en&fPTzE3rwx}kxskqzuF!9|50P%jjQ*)ZF{xv#P4y5-~UIQ_rJmz
z{BLv~5BvX$U%>r;j9-wOyY-WtCn@*(jpoi-w{PYyU&5%N&jb<_tR#%&R6&dV`TJs^
zcbBq0nH3QD8k?w{m`J!slp0c7C8bEUWo6Oqf+QXPW8`-Rw(f$g!ry%ZyMy?#7?*+G
zz2WS>-lO6BQD?=-&Gao<;AZ*(1@4vX9)<LCKjnQAc<(Whbb3#8vEMGyJ{$3KztjPE
zxAyyP$ClSD^wrab7BK+=m!VE4@vr?OoDP#0w*`ELfX3}&#n}NxfL!<JiBo$7DUazl
zs2j%_CSFR8P!=A`N#xkk4ineS8LGE|47~zEQ|I|-?2!W#3!}|+5np3DMweU`o`$`!
z+MKya(vINN*fIQcL!5-RneMq%%~2MDYv+=C?CWKiD|lX`tC*mG4kqVZfXX=2W~$!{
z>7Agj0+sLXj7qTopC?Z5_pb$zZgD;wrIBD;W_m(S>+YzM-jd>99OfWJb~^u^(Sl%P
zKC<ETl>H9|*g##Ns{c5u=yRy@nX^DDc2rldok28<jch9uMdU^>y39QE@P$WCjQ?*j
z9m#=R2GlJs6d~P#D{DzD;9e$)cawc_&BI0pD%zM)jn22Uc$!lu^YYXY(mN-7j-BVR
z#UymUEK2oGZUuIAzm;-W#mV8bMKh|$$Bdii)jbUPY#gBVu+0&M--bfo!Gra1vLG+`
zv(%V<>ua-!Q7#~4HPpofXx$#4gY-oh>c;TXp&<wTNtG(4f(^&GOQskTD<yc>Y{sq>
z1<DJR10++N<V+#{xFrsFj`)1JU;X577-zNpd_(@cnZ;p9kN>Rk&;0y&5I^2MJZ8H8
zyol-!cwK!7=v|<{%Ktdc-+nM>dDJ!Bt7r09Oz&7t?|n4?`HJSXx|*HZ=7*Zo)<aJC
zi0Sa^{PY^V+OuhFc;shTr{RBce)i^j@|NT93g_`Up}BJ`x?}0FxXQnCTz!3Cc)b{R
zeb2vBUVXjzzvjVr40XzVwiPrTN0GOGUUgI4cDEJ#wVVsS|2=%F(`5UUeb*0od0h*5
zd8h;4KP3tBu^AMj4Zd6U==d@r-Qq=f;zLtiBOqNDqv&@wJlQkXJ%;1^yhlKX+tv?6
z7=`&rW7mShwt>Q4BdS^XJ1zp4+T?fqy<5ipeMdO#K1A34c8A_;roY{+m1UFk#$9Cx
z9gPUNSQYe2jPFRCUgBa?wfjh)))IM~R@_cs+&o!CbU_Vv6xTYGP54#U3bZ-TrFQ=)
z>Pr9ih=+v#v$Hc3>1x}xUQ-f4CYhaGWp+&w)zP^{(6P1IzP0Vr_22nTmp9Cq$)Huo
zz~||K?4PyVdPsWy-~*3DForDc1kZ0!f!BN2nEr=-t6Xb7$li5hbkP1iL0di*K9F0!
zy9f9~-O%ltzo(%EdO!g_T0UVLzPo?$bGo6MG*jfE8GC}(d|-Sa*Id7dzq+AYG)v;1
z^nI<pMyoY{$4a)mQMx$xQ*5PNt%|(VxTYh=za70JKYPPhdJy=FPaq3<g-m^n%yBg_
zh4;JzqgmSe2n6^pb@c=WE^<>k!H%GR1FyAbYE}n)H17M;kUc$ySCMbL+17l*^@A36
zEZNf2?zWjf^Ll(iOgsSZm@<OjtYaUy#vE_z4zdfLpM+^{MIU`5Cor7^cQ5&Y-q4lK
zW?P6zo%n|BPr}X-!rl>`#8$`rFkOGDcvu-WBU^Pf{tBcoCYrB`xMh!d*z|K%6X86_
zU~c2z<!K2Nq<-oIWcK#{t?PY@?|tn3BsM%xuM=dw_}%6E()Ib*?c<K>jSSYiQqNHn
zAw9UG!|bW_?jvbY7Mr+7|IWMeqU!^(%m3r>xQ>|U<8mb6&1&xuJBX;L<COiZRMxpi
zU*;_-Ab{ptcJG~HPo<G7eWC|L5bybNeaE58F%Qt=eGO^p9)J2y(ZzK5l)l*m+%8t|
zOC5ZZYOiPN=vwI@uJhR9Quxk(+I>FIbN7LIChM_Z+FUo}p?TMH=P%Y+chKejLfpIM
zy7Q}%?RXjgo#~;i?tU_0?pISC#uH#UH@ZzTXWQK;3VOrYC+bJ%+sf^YhsS$=Uz_1x
z+ShD=9!<G(znt9he|tSwyh|rmf88?pd-|0Bx%2n^(&Osm+P|u7g$B(hy(Kz(<QJBH
z!mb=$kE_JtAAnisqIV64jx%Qmc~dD$3zZ>7IAcp4anQ*m$adH6){Vg8G4a+zgut)+
z`SgR_gM?T{WzO&9>V{?;^{x5_L~#>H=q`+M`AhZ#p%>@%r3bhrl#5c(KTefxkL_H{
zajlI<tcz%tA2+*N5GIhD{LqM7YoE6uFRsUDSxe)2Ol>)_1#PndcXt(TQYJpgbUeNh
zvra|A5sw*qb<#PlKapKXv6?1sLL5xE$fw8RZda}>aK%Sj|00|3vTc7(4d%o6G%klV
zJE<YJN}*a>pIOM+YM4mx%6Q{ErszD_?;dme40$g4JfV?WTDvLP2Yc});^g5LN9YBY
zV0sh8)k~J4tRK9(`}uPxs^r7WGHcpyHE&lZvuhfZTC7T!6LP;*xXrK(Yv^dPA&zhV
z+EcpLA{CIexAA(6*Ma9<GZMCKkv0(Ev=wz!%RJSL{cg-ua?O2l{9mkf4W-<{bR5Yj
zW{#*&#WKF7)X2h7+<A_u?`RrMwwp-eEgv>gE;~gdll@$8J11_#66waXR>?e=ZWTXU
zVzH1`Hd6?r{$#d3%ki%jkfjb4NHGq7SiwWLC#*HF86NCwp*BxyJjk}K)<I<<#nP0C
zZ!B?`ByJ_bMY6P0FmAR9dBluiaDf6?T&1t<@%@LZ?`+`%Cz8Ly2loEj`G;pj$lAvm
z54dj+vhtUcUU?m+W#c@{bEpyQ`&b|3HFQ1Dk!cHlzSJ2W<@44*+}C}6P$AQXCv3hO
zPB6|R>s&=$7{<NcryG900u%+`R|7t<8xP#%-_}--Mg4b9iG4law-f_vJNvcLS8J$g
z?Xzvqb}M^TLFkK9rg{#y<p&|)lK&_%K~kq@^4C}<;*FqX-#b`cvrmE1dRv!8oJzVZ
z=-qXe<4RZ!UWYp#zLXhz{A{$!b@=v})JUcU8Mz3Z{(IBkq<xhcxf+sN^30aCaDcR;
zzSOffu($!g(+4r8_)KNq3#VY&0tW=w09UxEeG>h%Z?$)^cjskn-|3OmRLmhxj{3KH
zoZ(97p%5#qEiy-HcHxTlgYyRpeYadhfim;Z2D)_==Sso5=N2-j+6V)jbI&R(XOb~@
zQ4@$GrKT}RKc$`kV9c#e?n!3?NSS^_$upmQa{!eCwKH1bS$mPz7F65&d6{l_w8|vt
z!EjGOJaVup?a}FX@N~{_#*oC@b+*rHta+W76(Yn9-EgH_p2qd=S=Y@~U!n~{tVjs?
zZt5X2B$aD&C)edCV1;a7ag#h^*5F0GXs6Cc$&DSmfV?p}dKr>oVr)Bz2Ad3tw-hvD
zW}iFNFnRyJ|EOvmgVvf^j41!tByT|HGLUbo@LT<w>l_gYL<bmOAvEo#$yyQ(Qw+_;
z)^Na{uv0G^T0YyZGG6m**HIp#vu@|38!sozAv@b%(1ND9jT^%be??}OzIb*Tw0x;H
zfsIBSN{WRVdS7K4efSdk?-_q|OX94Jd7l9%{!8XP7J0ZF-XrSPVeW8Fj;CyupZj=n
zJZtA@IQrp%ig<UfDmL~Zlka77+ro!JO08qfcdv!6@Re2T)B?u!ekjA5lKvj~5kd1v
zBWAx+3YR%D_=Wj|=2D~D2#f8C7q)Ia*Dx?ZBZU7*Ri})|S(yo>Yh!p?on3PxMy^P`
zx{8@Sa5F*E6?;W0%m3K89QN%!tzYUPou}AsR`Jf|V9;!AbLT$#nd>*_+FAjDRT^wC
z>^7zZ2bS7bm$J{fwq=j^y-GJ8<dWxmX3dIHc+3x|q>elPDuUrF8pD7m)7gP+8Ft26
z=1f4d={HL}q^6t32L0CJ>j<u5y2^KsEN%ep_5jqWMU?hm%vB=ib^u06Wst^9Nmj;B
z_9@$z)5Ty(+Vj%W_Zuugfuc&7=bD~=wEMb+vk1=`yGN`*%9*2lH*t{jZo*_mXu<Ot
z9lwHY<{#tu2VvDnl~&tU@-bO8T9zOi@&&If_6-Lc#Q~qI^K1VLZBN}p1wquYX^!&*
zb*m9vI$Q%POn;yA4-C7-)QXcujV7xb^I|3*6-ihF<VLE&_nV|{5Ro`unIf4Aemezz
zd(`$HTpUlw^EfxZY|fo=3FMh^fX2A+ULBpY=@UM^zDaHsC#g|qu?z(akhL}sFBC`3
z<ptfu2CT-vw4)c%LY}i-gsZyRjbU_teE)q!{`<J+<7!j@&hhi5t#^v46AIrE+Vv&u
z8_sZ>^0QOB{7F-=c1K7ye<9I;!I9#rGC&1tzPx#e&+oB=BP3O+dfcwMtHx{2J&<id
z4EMXZsyQM@#)cU6Sa>Vo=*=FSI`z$jwSe~*@*Jxgh-bG+%)zX~o6+xe$phgMpz4dK
zfg>qnyKWJ?x)spjoJj0uI(KL1{6}E(0%`7%2;j@D0?({06HHhxI-252J`>|AzOqPP
zkGPvxwd6s@-13fsGU-RtN<CoX&3=`cP+JM^enkw&TOuB&k*iK?{zR}RaJ=pQM4ma|
z9pHHH!7AW4N5$2v>2Dqi3ndIzf~F3~qm$VQzeE9@)z}$d@`9|d#kw?gTJn8gJdIdn
z_-p;5bmF>go{e1mm=gbG??&9duO%`ySyr{gVK5U%OfaifND7f=5qsc!{84~pSNqj|
zF=f+^)u1J7myon19#fX$v<Z1n!FFm17HXS%_)NE-rN?h4)S=`4(H@fs%?q<KWLAEJ
z7|-vO(wNeBB&&4T4sQV$kAyYN?DofF=~zpS5Td`)4f<=M^hshzg5`7-p9hiXZ&0bN
zuYy?FVk4j5K8+qNTJU8P-NfLj+W2{<_=25BsPI19$GK#5e<9UI$r^=P%SWohtU$R&
zG5M6khN+7s{yx|T3Ke=&Ei0Jjl!q&MR?It;tb-D%cMPo%c_hjaAwhzM*q}nOf_APQ
zoh*UsmO)9(bZY&OM;^RJ*V)HfFZ92nggQ&5v~C#19g&)3<|to2mg5XVN}`l0)+S1=
zhrV-S*ncy<w`R*zh&Q%fdVr3!uLP1#@>*#E6KS|p^(WS2aci-LC@DH-K`h+y)%#y}
z6Z%ZAfZVWCAc4YuV-%qnzLokMMfnH%_PTIm(4|ie@L#u(_pA$?w^v5#R!|He&4`cI
zn32r5aZ-hA=>TbylcT=OscJj5S@Tzb5%Rqd-tY1oW#u6AqO63n5Rq~h14np8SL2AF
zF8|EG7?VdnmKBLw`GQoMo?Suj0nV=wc&FtOl@WA>Zpx7*A28d5j_S$I>EN14^GwNt
z@=8EqOM_p7u}~b_Cy2|%l8w7=F|_eJZb@TPtDPor69g8iqd~HhlhcPPDpn}1C_*K@
z55&l7UaOxnT92Q<247Z-ZBc^j{j7#I%2y@eIl90v9V5A>(eF6NQ*JLfFb{f&0&>Ss
zmrr~0@}CLi2HN6f|2bw)wwhfiFw;n(yh<NH(qBm9;?%|n4z0pB5h$$p@i1S(9C06S
z(Cn@T3o0T7nu2AtNI&!+U-0T&s3gZ%N0e_5;ALc!a85Lxs<>E=&{NUX<q|pPln4mB
zz_XS|<_96fEEylNfg{C5E9vO|q^q1wmMHMSGZhN`Q_}bS20~iQ#u}G?Mj)H0yy2x8
zceV^VHUNQJYZbeCR|tcd>4sQVNo7eNv}!a;vv3h=hZQYSk{$QY@B7uh0gdjt22-co
zYC3ZrNM-N?2~>E;L>PAYt;6k$m0VYrt+6c+VGG^Hrh!`q4jQC{en&Iz{&FK<moH@Q
zf?|xnQd`V>An#^<-1^_BofjZ0*<odgSo*S@ZA86f%ZAz<Tmd-E$yAH`e4P25`|H3!
z;i90wkrcZC0-Eu4UBHxx%Szr;EYFCpj8~3A@qD^xkzO)Dwm0=Jc31aV{BS&Ld<&X2
z(u>e_wn^jV_Cr)v$?i46cZGPN4jc7lR|F+JX23WOq1+r|Xs3G~@oIfSYFKowdWdZq
z+4=y&QofP8l%q{ne6^&INxJ@1bdXaE0#XTzMqk}Yll<ah(-QDsY@GtBWm&5-=IbmF
z3R_vxg>T1>YJK|FJkbC)MaCPiNZd0TD)mm(i3!QI-Yfb_@6y<@LPgh2UMFgC%u(AW
z5;HG056zI$-bqCKP)m09Y|oI;Hjx=1b8ZEAFHNRC-|7Zain<g)m9o_OH$~6c&V$lT
z&f3S$_Zf@qHOj|AVWpu>{XD!AzLC~Td*#yJvA5^^TU5-``mlj6?3O)spLHZ)Y@A`}
zv~@`G2t!Tiji(k)r52yptLfj*i;{08zhm>d|5;wb^`4)WSvAS@1of;+FmWC_nTJUN
zW@wHegyRUK7sqlv{rK8nI>d&K)MP%Yja~1T3N-;LZD$EpvBf_$<5Nwgi<8E43YM!G
ze87MqBl29(gjnJ?(3*R}7trecUrgl^nN%KH^@e#yQi@qvyK0~Kbo_4dZ>4HTjh-(c
zXCbZdny4^Gl5)vJXKhga{1sD%k6n>xjV-lQNmvk*QDLj|Lv#~X_~*c-b*L8pUuZU9
zy$P-y0rJfiVI2MFSb>iMVhaj2NfSAIrA);k3V!HvHxhZiYhrO8#kEvEj#r~gW~H1O
z$geccq4hgE@0^i;WNI#vdU`ZCh9AyuzD^c8Ti93;oA4H4M)KMjtk{yBlms$GO{eSS
zJWIg75a`A52)YFJc_XQM3<BF&ej?~P-<FN^Y?xXNkwESeGkLslO92q^SL?SBO3<Hy
zgntGdRjg(@$NH0D!hQkA%a{BxGvHmgkdF59Xh*^4A=Bl;E%)~P0+Zd(zB~>xfdYCk
zjRBne3jZa!;vwov^3G~ybt}OZl@;BEiBL$bs~5hF#{R_R)JVW0Op@J`_p&YyuMLZa
z_2GFVA5{5CDn9OwB^a36X|ymR6T)N52#7wNg5!^s7eS1vr(#01C|9#w2n%UmeVQ1r
zqJe}H8*C8;tz8DAqa2K0w&x9<pJDb`5a%d)#Zk$M0AI(2wbG_#SGuzHK+ThjzhCp+
zh%H|%CJ|MJ=}fnibt@K1vR!l(*FJLAE6eGCs9aKU9a%Fvvm-66l%Uf;N}&JFui)PA
zURX(;S{QM|6k~%%h1JLRSAdqB3IRrs#)8CafW2}z*n!X>iItVj5nh)^IGnwJNahdo
zAkx-bUP3?xL$KUtWOhU@IZdWGMpFbIqFylM7>yJTMaygqrlQM#STbF}!>@9570+`&
z!KH=EW!O3|aXAXDNk&xmsF`a4Aww6ORTi~v?F2L4>>{KpNnnhWa&eOdR3OMnh~B<c
zlxw|iTk>ChvwesBL7`zILDUZ^UsK8?OLDi8wt89u?<u^H%(&%Ag0vziKVNFJ6_=T<
znfDc6E!YnfNEW#XTzk)Oa@`vJ@h53ZgZt?}<0_kokB(f*TMm&BjyqKPj6yc<k}R_u
z@T1Wu7gaV<L|7~RYul^itAKEHbYbgpx7Cjv;}hrSRr1yZy=T!}<!{*7&FlsVq`7YM
zSge&4<mfVUrvSF;u`|8Gl(5#*$%czDbR>0+X3*(mNjnatTPYv{gKJ$E_^5tl;^~7L
z_HZrLxzH9~wrC{h)}M1g?kr<f{=WsoRJw#PgUSRw(y`P8KU;hdcRJ%xKT*0Hsbpfj
z=}VgU#aJ=d>J-|DWL#GctP_=fL0eLSg;NEFa+5!BEOcBvgU4qfcS?7jf5)h@m;&Ot
zqzCQ<jAxSL?DmN0v>gO?c!1ID2N_S0b!Sy+^L9rtrgfc94nj#WB}D;t=f^Sdkhd!S
zx*OfhM|j-w-?IG_h~qxT&JnZ$3IFS5%(7;7_?bV?R|GC7h&MtP9BPQFa=BB_P1W$5
z`b*=D_rkC<XY;z;O<q9eL+9B9hC$gu#|7j0=si~W5(2yP8T>DaIU%Cpbr)u|kku#p
z3ggjD@E62h1DyKRJQBC1e(t!4%kL$R27Ww5Qb8nAh0eljUm$IMUq~cwmlw7=x(3;n
z9iv`$0`?<Kr=TJ&7wKiGoukU*;e7^uo1kfR-Qa$FrqO{w&Qo1T3^siq=8&NN@6==N
z#6dJv)zXl)akmwtnCJA$hAS0m3iz2=n*!)0hb8b)TSFWsk~u2}y62>I7OoLJuiZA@
zjjk#>6m@2xHw&FTu)id~)znIbaQE07`{)f$1cskhht0(AW-n9{4D^wX6|pnMoXu+d
z_o&BEgFfq9UZR9C@Tu(@ap$*g$6kJKkgY0okIR#jp7im)#ZkUA`7?05V8F<|e)5Zw
zRZ~V<fIheBP0taOUSsmeS*fQznGtAyINyC`0t*}L97KRk9gFPL*&H<}jol;44u=WO
z?0O?I3Bm3rSD2>XSDKRpJLjQvFA%^MJ=?%2L89bp%gQ(}Dy`6~cs~y0j{C>3;pES-
zAoSl%BH~=+0vT}nCYQOZ!Sq)D(xypH>;_8W!4@K`uGkY-^26O9b)RI#p8q8N6dqli
zv|l{O7;%%ABR*-W6<cOrz$s0h_Y^EE0d7qv{dDVbT_e)$*9n}<dIX1pLhe#`j#;{v
z-)*_l@MVVmi4JW%ayq&=)#;Z<TJNw(9w}oqf|!+h^!Eg0-Gk!@M>79_fBw$JQ(+NK
z;cHi0;TIu4E|~Xa^Ao6b12|q6X~~fdv<J0{Hd(Iw2gG5N5TZBl!_=1&cz#WdqPRYE
zc9b@`vk3dl-QRZ;$^7XSO1_nJ4C>L2cAzw6)s%hMufKDerKt1|An47HAu***5~#fC
zl@;$;U7m`DVUa@;v*ijW<=nSMu55X?z7<Ncf3|DgURXE$OQc#Z7Hc!P@s?%PQp7J)
zi$Pekr{~b%H{OryxGom+ru8d<C6rBRW*CKAv}XC}z15GvK3R2&0_2g>Q)PgX*65}Q
zX`L}H+I~E+a#i!ECXn9lb&Rwz;CNtW>P`00N92PgwQ}QV@-vhNuI>`ZNmBOH6B`gO
zL)fgkiOUOfqJ!Q9ApFp0b=HKwK6R`|maG4^oE75BEPt%zD8qlxb3?tz7g7sC%laDm
zD#^Oo;PLpJI9eA#-l};Z|1zH({@d>eo{@5iLo!LqfXt1DDXn^aDw#$Diu<og30ZM&
z^H=I1%oaD((8!eGT+?W@C#~zCL-16@M3j+5elT{jIqAEK40f_pz248*9IZm;?0J0n
z?;{JUIyL8$lCr^*AI=6J+K0|W*^1e>cHSpr(BtOaEFs|zQKFJU#Con|my0G;<$ON%
zm@QDYI=g{A{5g83Dk4D~Pu*LzmJJk<bVpa<2>Qs`@+DoSXGugQe+_<cueZ+IXUWLN
zmAb9jxyLE@v)Vg=qBWY2j$a9_I<lBN_dsKZAigSi{G@wW!|Y^|OjKk=5U^Kqu7Ui~
zkb#vjI@T`m+h4ceeDrahq2oWQF;u;h?*xjpiC}oL=ueuc>PFs^`}sJ{tN{kHMA#kp
zCQXV=g?&rs{46=pXKR0`I`tq6w1;DE;AWxh@+;WIN?O}RLNXg@ck~>qtX|LrskUN7
zXO7GY_KHVdd9r=>dw9UYs*7B`KP5kfwkjB@=#q;kAUc^5CIo-ooIkb7P>7AH<U8^$
z?65zo;D@#o&%YNMc<NNR6J2@dLLtAb(lP{OSD6-_@gL$z@vD+mbzFME%)fx@RRal-
zfIP!q`B>lAnNQL2a2Ieo+ET%ahEFtUPGQ~mH#S2*&8&N8_a+iftJNn84d;w3Gv&Bd
zu#MYlxXYLbA6LA9C1)o@*06q<2?{$QR_eWgNSIs%v*|oD6(NS4Iqu=kO2ZA-0`m{&
zj5&UvmH)Dy*MT_O1LW|H4Xleor}OA)67hd1{lrbm-&pDh45<Cxf@nl%?V1hB^9Jb9
zVtaBLz+D!^5w@N|{U%<s_<%~ily)RXFxESUvI$$azr~wgeo1cc4Tq?-25ywfrqIR=
z_{%cp3K5KBN{Vy7f(ZYdPZJ*?WkNJ3!fi?)R`?~9AWLf^k~g(OyGY5qPzP0n^U82{
zsBP@?uc7AZ&7NmTzKoH$s%nTv*4!b-i*Ku!u;)1vdj*_Bg2Z*^5(-UA>#-JjEK+&u
zl;oWsF_MXsh`7{a&%IUC1S@0^2EuGAEbO1L0MFZ@RMA_nx|y|2%7Zbqlme9v+`lU%
zxxVnK5MWVjkCB8bol=~^;)zenCv5$|R`o(pTByW>#O;b&>BF^P!6<DwmGw{a`HyK&
zi)z!7Yk;ySkW|JnEv)QPKRHcz56ddYU6Cu_tD$UY8O`AiA>`T;j^o@RHQ~E33}b!9
z1=M0&B1(^CA%AC1dGq2~@SLK1=%y*5->?jpY4wT;bT-C)uaz!8Cz=T}brPP&>+^4I
zh@UyR%MhJBP*~tLTh4o>Iwj5IiN?<sW9Rh_VKtj4DOj@edEv^o>_7a^TB!20t%cr(
zdcvvDkNQ$pw5B}n@i)JA-I8OA3*;zAF&z;dqL})9bxXz0cnj{9G-ww38Kg@|>{;P^
z8n7fHpK~U(A~EK-KrPW2<rf08SAfsioax<bz!OAi|L;{%X{s)8lvD^5`34J}W>Wo=
zry1!o|G9U6ii-n^33FhoqrN>Pip9#cXJ{Tk>|MHB&z(D8fWiIWl7l|p9YR^Ynl4$>
zfQ!J4MZb^7W4(%-2dVkb7>(p2TI`r&YO)#&zq(!Wz5BIF-o+ZDA9y3~NM2Di<f<it
z_lN8RJLP5a8P%p~l%&a!Mv&e?4)ZK<s5dWYeB#O-`)e5!{wgDE6X)M-tl}Y+iAMDf
z?9QjO)K^1)Jf|KW#Lj4Vy+WGOcTF!jnjTzeTK?C%*0g-|6PiRgO8tLuY2ak${6BN!
zV`1iC`)@x!4lXX%|5HD{QoZRUa+;q#PpU&dOp!SPL4wxT`1&`99y>WTj(Yjc0s87`
zsZFi#k8jdMsHeL~sLL+W_ZTE4$fOX#F!P}?9idjwXnf<6od<n)iA-sYqv;&j*(M20
zK0h!@mpWr)0oeMHvFt4$A~|8%h}hQ|0sWf4Jx{?6eQ&1}dKQK)W$sd$`fVyj*+w;b
zeo3Jn!l#O^sMH^m*b_obpdcFVp~=gg3=YGe*}(UR$!vVn|5KJQnLZ}5k<>ASAuiB}
z&AH%3?qNJx1U(-n{YDXB3`1?WH^71e3<6WwV7d)+QDHny`ZXc<l0-d`&Xta#rsBvH
z)$QLQJ5gfjI=%u|wr$9YyZ2|1;*DJE#dBO4_0D&k$EMr0AwdlSh=Z~(y#Wy$86}K?
zh?OsWDBQN<-~=^5W$(r>FsQ+`%Z3}@Bl26zQtd}<s~bi$qqj@6JHp9yDLpSJtE|TI
zAhE0g6rBW6f(150%7iwWKD2eavaufLJOuWHp@<8iXGPqR#6};8HAZ6y3~xxYh}|Br
zaOlI@N@546$4Zc4lW?@EcAM9os=_bka#wIN1BQcQfQzQ%Y*E9pc*~B^V0KfKljRJx
zilW$vIMP(!89A^ir78l`Xs9u}%^M7Si`o!e=X9g7E$uLVfP}LReIwuCMaO7Lxg8f4
zVByIbx4{rvF^)`$?l6-U4wF;ZO;n7ZMKqiOwM360v;ablY#?-ZAljUq<+S~iBY_%Z
zW&-(E25LHLiA8Eo%RSIHM&(WBtb^UHT(86R6=M1-z4zlGz4!0&&D-7n-OlIZIiM}T
z|MRbx_uKy4Tia~@&gXN_-{-&Q^*`6AlS|nT*HNbutn>$Y*S&DOfTy&)TAmr7oz2<^
z?DX3Q%cGe`nVNt4&DK2F(HUOgO6*UXGO&mwxS#|XGSf+8&nKF7@a|+}aq3Jc8fHy6
z1sFJ$agw$F@F5sA%-lDFC?ok|?z1Rrm6+p|nKQc>cs7Lm$fMf#BGCBeuE`?qKLD0D
z{Oi7b$Xsfi(IR8287GUyXq}=zSUs`#^Dh1K`R*<KDZtw9qZudQ^UyKiJ6pV$*V|q1
z;9I(*VVxGpZv5kfKSmM!_W=fzF@8h=dgHJcOYSyff>DY@M9qfPC5P)+L-4Y#6Jr{1
zVR<%yS5_l#TxRg<hu{3i>f!kv=kEZYw;+-BS_#sOY;J8W3Z=2}+t>#SU~$8F=YiNh
zm`||ffxAyv*##Byr27bit<KoZlmnhd{+&oMFurux7v~A*gXgMdo~GSX!5WBgA1K{N
zNA>fZn+k`iCMHV3yxE?x;Y1!BiwVuQ9;pOjFp_MTM?Qn6<nlWXOP0w6N!^pyE=YAY
z7?jh%*Z{EgL$vE1XRXuN-Rpq8W1iKbCclhXq5kHFPP3n7ELHG*&MM!Lc@~r)dX7>g
zc)T^C<acv>L%bWoaN^ItIoT6u0arm-r~Wn$D-{?AcH?ElrVzns^c)J$aA|hQC9!i7
z%1p%}bsi-z&L7N_cUIwESxvh2SVGIN+bX)@O=&E#oQ$^NZZ$AG%mZYz8L)h0Q%>hq
z4DZ^qMClh+NfcHS=;0RT23YLzO@sqx&E|ZznMUI@k{JowRD#gwg_Z<trVVbw?;_h}
z3R}+XWM_4_58>3HijSGl$hoMd71v_24zZh))Sq_cis5eB<AY29>q6LjT#0TiU=*{5
z9>bb}xjN(Wd;VekY<>W74^l5<FO%Vp@}Opj(lUx;#{p>;DKvJ$h7@H-kn#HrdDDPC
zZSr#{tSSr{1$Pb$S#yr$5SCW)`&oooh$qMKTVwDzh!rLMw_>))VF~O-8McW2P|&6U
z9`iqW%%D1QFf-%yIGN1cAgy?LY34GMybfmvA4-CfABHEr9A}ambbs7pA~{F`8=4gT
z@!nBLK#ZdXX2fo(w{D&eFGtgfuO~HsI5TSR&@P+1x55wLnx_32NgL?LL~PWGZAxwt
z#o<0<4n$zb`EE?vH-oCnAW&O9h=8k6??x+p#w<i17sfWjc8KfmE#k??#5Ra`%${Yf
z4r><ynnN9o&AA_#z<r3?z%}?fW_l~!S4F$FV)TjI_gR8d!@{&~^hg20A32(asfz#-
zI3@_ecK<uP51*h6eAEUd8_Asr`rMM<#DCx-dv*AgAiVx0u-zHV@6+DXu($jD=gB;J
zF4k!<H!`k)ogDZe6^@wdfq5$#y-Q4fv)d_IPr%#dBoNv=1#z)KXo`xA+He&Y@XY=V
z3R*9`>HZuAh7zOH-aW4WP5Z#V=jkY8i^u4xqcc?MYhyOl$bKw?KLi>9YA^zAfWRuD
zZjTU|yZ)L^C{H_|<;YjOY0(*DA`5$4Jo|Oi#S00fa4Z~}kNj!YI8e}`1J{l^4|Zbv
zQI=WwBZgZOl!h5u5u-R^NIYXV;ZZvFjhVGOx%*hBEc#IjW0vgPOf)QZh;&*Po0FIu
z5KzCq4Z^$NVf=0ujh9`-LBMu>V@-oU;cfo)^C>g(eRPf3#LYzzRt$)d7)g|owKhxt
zf<>8c?IVO^(iX4jeY6{bfQo<_7h7EdpuW|<k6(CoodFaO?bSTV$K)lx#DnNHG!z4;
zZ3F!N_B)n_zFA>E*eZ&wrhmg&rrF6g=J6cg-YZO)#Aw8@mCnbJDt?-cuPZEKYJ)Sk
zEp_~OGf)YC7sZ0qy(1EN+*p<;W4?0gbe&mH^6&9?f8MDZ^yXh|U|k1;kzSdF%-_C6
zOdI@0RzD@#39q~7@>JlSaZ(|XwHqNZ(r&&H-DhXGk${q=Xx$*nwv4Ko<IHc%-5Wb3
zS(uB?y+FV|ZV&+ACWB<-*t!;bWgqP{g!?sW@>>H`m0<lT1;PJzTp{~I6F5SiNI%+$
zA8S~(mhhDR5KewCh&Sh7FM*bUl;4GuWV$8ommE&Zs3&BK$nt5WZ|+*`nn&UBq%@o}
z1EgQQ#l%r2Ox~X6kxLyg-0&u{8hBvhtH9~zS6)a5PO@OLgEE$bk;Cr>cjQZKSqWRU
z&W%VECh}mbl0R3hp(TfjQ?FAN{$NS_!zx5KlmcGYS4)ChnI?mG0F#Dqw1GS*HXNSP
zXb;1PDS8E>m!NvdFCTc{dSMWFuO~-C)h9f|A9sK<&yJu9;kjfBbDAnlYKo$=?zW^l
zFhCEyV8Ltwk}zX&(g*<7JQ?$Q{nfr>D?(N009Z9<p8a}R)n<meIZl2~-xy#B6P+9O
zPZ~Znzo~UXyH_luFk0Qe4<(Q$iQe-||80ACQ(n~XW$+C`FR&wJuDtSP)N2>8$%U5;
zPL}s^lXhx^1S97Lo#B^ua&~YmB<JoBp<5_c3J|CVIz=wsMUV>_hjd!f2z8i%C4(Hw
zP&DTCU*Si?rZ0}h+?m~VxFSoQ==#sWs~kitK+w>pK`MG9HA+tSP+ZCnz^f$XZYGL(
z{kboEK!!fi{g{PUNqH(R<3Ti}M>R;e8*Wa>yo@PC3|6B)3P3p&bvj<)Cor^n>HgXS
zsRpEz8V2Lzf%j;@*&vbnv9}XUGTclIBkj$NbUZ2PIi;g!8%gy=|1$BmUWtBJNL{|g
z;XPv5Dm3H4UNR^mDe0Hp7pB${FVB?51g9L(d(a1Aq}o~`h|m&9#fs3{eFLLubU^+g
zClY;3r1<Lp)f#lk7-oC@Ro@d%eWHvpG8H&YkqE{(AF2124_`P)=+=0L>&vV1r5-O<
zi7$&7z0`{y@S9Ya(%3ht;Q<h>gy_OK*%V6`BD5P*mi-kI%E@9T1SVLOi>KmT2pYy5
z8MKlN_#~1C?r#98BHusv)^E(emvp9*K-4838n+51lU&GPm3Xk;W%|5z|6G$tY09Ir
z$n;<|%yl@$5C00&OB-9k$|Kd4PrnSC%*v(7aa;*SzGj(4+W~xYokrUROiLjx9FCf#
z>BeaP%vuHLs-?~4MUPQXQD72UZiR0lJdUzT`(N(3-5;3nCe$R&mPd>!sqsg?Dz_8H
zhiCEA@T{2CnbnSG-M3$p2#zVE<CRf1B_aQ?AyrlGCi^%VMEYY%vHHgr!b?c2NXj!>
z)V%sYN3%^{Xf;hhfAY-!lmektlKNeEW!*<`^O?l4sZm0EK#m8ycKp`?cyh_XCWfII
zZI#E+tj$@=GhTI>j$9Ntzj9pTP$9|c!eXni2gmw3(N<gO>}sR8u6LA9e>Epz6imah
zK!SGLR?DSTd!{YKZ-*Xa8EJM)c}Z{7%8KnYgW@*57<9Kbjrfi!u6-NQHj;)F)!Ahg
z?Wg2aQ9_64?qr?n){>6{pi{-g9lGBFNEf*`X%asQsNLnS(AbH1vP42$i4-)BgY6QU
zYA%YWGt~PivHGt^7iKJmwNb1rKh@0#uaRiS(*&DIdZSd;t|O7EBhAi;j4%`Z<iphK
zT{ti``ct{yF(7)TQV*0XM-Q74$||-n_^Nt2j|6J39Y1rndp~iA(s9ys@9bWBpSYBE
z{1G~373x+$>9y0Wr(z^CS{70wI2fDd&P{4^Z!9&qT+?^+_Z>i%L<X&+=uuyO4M`Oz
zs~HvENoSKusAD#`N*?PEs4NUR#jq}u@*}j+qUROPD|n79ez<Csy0UK-4^c7XQ=h3-
z*v)=V!?nQ^8E0=Pzg+q}xKAWMWy+5)?W`aWF;w;_stBm9@J=9@;nfIK92I|q+iMo{
zMb5=O#dC+kx4(Lg3je4e<yTh<YAJtB9K%yM&JiKf6JS8wI{lT(TZM9Io!A`hhj?01
z(0opZqZZ@Kh>Q|{BuDg+cZ*t>Caw^@V2%13z4tp6h^enBocgd<TSrn|;Y*2JUGYQ)
ztdbJzE>EfchRTu8B8L~Ssfbtg4LCdsF`&F++SL;*Eq18d*EBJB)GT#i9H2vvplAdO
zFiGOc$BLrjjxs@NBmz8O#I`BiH!OO>FU3lin|IO!a*3ADo}^7*B^uTzlJ_kjAHGL<
zH{DVCRX<eziSTYryYTbr{;0(93Gl8ckTuI5ER#A=fZXeARTb9I5eWMumyZ>H94N)l
z<kzzFgG<QyL~ZV{W7=5P7Lkk2E~W}G7mk%s;af$x00Yr1=nvhYJVLk7#QGxZ@n+Jr
zY?mO;p+?6a?KO`)D&@gWk$*7~vcD=Sf_B6OOm4QUNzE<LXhtm3XwHh{!l8{cPf5~A
zF`HhpF>m_ad(8adpf`he@Y$Gf*nC_{-FIG9)l`VmSJdZ`p#antunfvth1$k^rDKiT
zs2GC-ge>zs9tjW$oBfHy@oh25o-LZp1-3E$vM6Rh<QP~^+?mSMYk$tR67)|eucZ+e
z01ldJ*2UY_kALFEgwrx$DHaw0#N6Lb_LPKY(sfB8wkR8$8dQaoXUbHCn<jcxg<Ymj
zafv+qbodOw$*s{k$YQsPuTRc_R&}b3USK=@qK*>JNJN0?$JHCDRm%AEn>l!#!jK4q
zQ5b$cV3L)hVK>_Pq9)U#TdZ20MZFIsisV<VRglEn<DWf^cP)AqX|^(*ArafpQiOcK
z56QFL!ZzVMThC@bn0Z^z6OQD~LD9u+em@S_?M2PIbbc!FEWI-v8hh(9O%T!m`#Voq
z6j(bQ+mbZfqVA9{WZjBm<U<Yk4kRMy(J*fXIfvhyDtxmyR{eYLF-}&Dz2&tC0kd1<
zmza0_ZsyNE0y2!tO0$yEp<^!;+ygDce<-*Q&X68{7wR1p=5eI}SeNd@g_BbWxeu_A
zAM~{5Aj-TTk>|^Y_c?^jp1<7LYmt;^0ppN_6a0Qn+W}UZ3D1IV-#9zO52kHBhisEa
zWj)6p$Q^k<MDrK36rOP&Ud0p%yXEF#l@H32JaRec9XzNEK*=}0YT5=$iL5>Vm+A2M
z{T>D+Bn`VU0d%W?GeSPCy4v1wXv1tigMko^{q25HMl*gQ#XOC<$vb{O^S`EwJC_E&
z<-rC?0prEabY{ocqVC&_J079`y2IX(oyE1A&v%uY!XtuiHwgfvwrVWJTdS~()8PdE
zQ;yHC8+AH$Ohg0#4^)8kL!4XGyngkFRSSsTFNICkL4A|G#j%%eFKhJ1!Pn`z${Vuf
ziT9zM_1KX09*=PE=ppm$XFUOu*zMn7!1O}$6dqy?$j@g04vVNgHe!luw6PqbTPc;>
z$J6t&hUAl>BFcqA?K_YwD^Dy~Iw~WHK*Z4jht6r1@?CmAcYisi%X&`>Y;EtbTRVAz
z!gP0`<=Vo3ds5aDo!7mh@m^)bCh;xrwh)!C)`J%DmpG$A`B?h)#}>ED6MudU!xdlI
z0cL`WM8z)EG1_d0cJ<@1EhXzPsft~(&6Z0Zk01}MKij&I!(JHZ*<Ku(gA9=PmB(3-
z;aja2^e0WcbXvP901kqSl^Xwx%Mym{QHDi1-H~WfNmPDn#Y<-%ns`L<dqir5nmfb_
zAVy?1B_fhy&=}WHlQsM|p%%ICJAo5~;vj0QwfaP*Ie^0?RnI)hiMU_qBYUtYdwF!T
z$JwEtimG1#uqZ^t(p<JPvowFmF2nKoiLyMu3kpU)i6wDdjT<}^Du)cC3;p4T56Sb@
z#i+wn=@OZvH-S#5z~uEDo0)z_B9Nxz8!sJ_(4gr_Q;&X9L-6jjeiMl8WoXk=X6H~g
zeA)8&MXXjlE9xuXDucwaemaTjEzZWXzs1FOa<5#WsP;?}l7n;j_H#Fc09XUNYUUS=
zhAh`=NewLyd_Ky+X8M<2Uge^P4g$hbEZ?0>+M1sC&#x|xEO(xT*tj5r35=DPt)}&W
zd|pUjOBUu$ZhFWQoB5rfA%mT|fC)s_&B8wSiRGi0ggn0j%tqs^|1lXDdQ?-+_uO9L
zs8<QU`@y;jro54y+ZN~{7ns@qhKJq;DBcg30k3pcu3+kVYn%)t1;&)eAJmq)@Z&v7
zi4RJ8ZJdmfQuWy8r>Y!9>t@3|S^xu!kG60vLADm0OJnD6$4W7^iUp?nnufwI{8Fzd
zSpakmL$qs~Hptbd#f|}4)rB5b(CMrVJ>!Z>6-(MKC&1f@jNP;u?;@6upt3%+!?b7T
zhOkxEVuud)wEb$W0eV)gyHwV&>jT7sZ}Gi+!<K(==gi-wbl}5l$+#3YZ9ND0sSW;m
zUT(R};N_tgzbOZu)Jk*7c9-kfl&oKaLhFFePGNHO+Y<CjLz)iyYfJVL^r>1Gab2(A
zoGVpxega|P18G+s!<wV@y9|n7A<-F(FmYvsH^rRCSv*+|G{?#0<y_LnwPi6fVM8%%
z)v!hB3K*pyz5#qie3I{>cyN(U!!p%{oO~0O@ndSX%K4y2t$u@m<+0LwT#wbUl6Jj-
z%`x7}rM^$i(_?dYw?Q=f+k}0?gRpNm{TbVnTAd3(_DKoXcFAz0!gYPSYt`ZI@nDOq
z^vG7ZgXZB;sRv1%d{1mdLuJRHZ&l^oK9E-gu-(5}m?01*=oQ|UZeiHL;I1Ok5~xkQ
zqp9W>q6uCRzb}8u2=x11qu(Qt*t><rm&&UjGa+C3VBB5Zog<L$Q5!5{IQ6}1N}723
zdsVpX&UBa3w7ws&VlD32-L|=lrSdBD(*Z36heiEzbUD*$<@W7~sdv>hzkM&CQemOu
znd7XYV(B*1S!Gkjx#(ZX6`=5ze`LXxnj`&z4Gb{Vk2|u)10Bf(USggjeYDwdY0+N!
zGr*GHZT^3F{LS@$3rsBR=4$2WOijb2X6<Tc{`ITsW@2M*>iU%v{fcMo`c)=ptY)r7
z;$iJ-MPl^@5A5u0Zb9N?Y-($4X->nW<m_nXW@_$C?PO;0RgHm#k)4^5g`0*+*4)d(
z(b>#}ng;H_TC#R@5c>*YOhPTj%gW5c&BDUU$->3L#mu4eRYTs<?Ek$`&Dq$=$=vKK
z2D0(j)(bc$B{gv^MhQ1NI}>9Ehp*Vk)M{4NE+k*y|Kfq3M8n+K<?C`JY>X`IEF3(n
zoE!|SjGX`B?W_J*f8?y)%}Kr(;bIaqH?cN$pdqn!GIq6cF*hc0|M%&fjI4}oH2*|f
z{!dV6E@rO(&8q{puVBvqg_X?4$@<?f4p=z<&!LiQwE7(gI#9dM>0WW5BgHfl)ya)u
zw0=3RUqE$@TN}e%IH+J5X$M>QI`s$)r{%F{T{VP}^t9_;9r-+HnRVw?C_r(Exmn+g
zKan8Qn+3J8+amuZsTAC|mfFm}<?}o?jUU(@XNVu|cS$1}-!*l&#5&#O2+M0aY$_u<
z4EkL!egI{%icRULJi}iUG|&ilE5!2TL4!aZ-@&b<GbaT#k%t)KYBZV)UmEl-lKTs4
z!q40t9D1jk`455UsCgrtsiY~9R;j5I4!88NrR<ND9=J&qJ*7cr+~8TlkVO=`exgIt
z(6t>z2beP5_`fJ-^Yn8lyzSz4$|X%t*RzcN3~g>)e_zu5a0OTIo$_`vu_$x!{fP~d
zuJm_615zIN@n5KAWjP7V*Bj4%t|H2|IzC+!f1TFR(Y;Qb$m9FCzkYbgdD{M~Sh9LD
zNnTR>a@}c)iDBK;zr*rDU1O%^B0*I^nz!e>?<0gYPkB$Q+fa3jeA&sbTmuSG#aA+{
z2CDU51sTP&`SVWlLC&49(f;CD*H3>ofa?4Qef9cIun;Oa#0w3IN9^66!z+OJ?XI3H
z<#Z45{&96?<8hzg*(H--8*N)NUF?>YP{Jz{`6CN09b+(MVrj*72s|2vIXDm`#e7-Y
z7A}u_gQ7o$J@Q^4Vt!T{?pV#wYTDCKaMQ25x0ANZv8~PR(}~S~E|?Nb9wMtk6yz)(
z-&M*s%*jpvcXqJK-kP4%e7aX!;wC$4=?dkwVWd3QQ~p^<w+Yv9%JIplSnVs1oM~iS
za58VJO3kR|Z_Gb5L#mPGYmVafSqeA)lnG^LwshhmSuLGj?zNQiO+(zOKd%Ds7bPxw
zw*V4)*eiI)4Hju$d6LAY>eeYuGpQF<+eJu0=nx7h+=X0d6S8|4518?svtG35!&1`#
ze@=yEb3?TCnlwdCk`>;w?6{OOuf~O#I=e;c6=u$^f>lg%saz7b;3Zi56eV+a$6tL4
zswE8%)5O^+tjk*OTB`R!m$6gjbYtv*ZVShakJS0c+VztR+idj?DZp9?!Y~`gtP)>w
zA#2st-3VM`xN?X5B8Kc^5cPyz?(hsuYuTkMB)WX<nOx7yeBPxzdlnK!3x<@}{;mae
zUZJPIie8TBF6taUT}DMXkJY^erNv-r8Z~yNOPN%YZ+Xl`JC55=UdqKrmiTETSKQIG
zj-UITF+(hCkPxUr-=tvf@aZbFM_4iv#JS}b<V3pqvh)+&X)i*1)NU#-1lHk;@dpWX
zXYwwnfte_cX(YT7Yy!;=M7MLRqK1kvO39M)@%xS;&*;7_WJej@E#vH1c*Pn!l-X$R
zFc(Vh!`G8;{7()cksuJ>UMGk12oR0&j3)_Wi=9`v-|9$VQc-Ei)Fjpzzz`SYVZeko
zPr$%T!Azk{!+#^7O=W}J;*y4OfQ2ys^AY8Of}hETsq`t<&wb?bF#PcDS;heU1+E2M
zkCea|D6PdYJh|}#dD?>PBLVgX@(6kX&K_%o{tjD01>W+;`wbOqv^6+}nye@`lGUgI
z0!#K!6}SPY)l-4&8T0ud4{jz0>qM|Ty0EsBDi{~VfbLiXb9e*n?0W#`uJI&9s~m*+
z00*pIveXCaU$8-{8&kdg!2sC5>D19-Z>a6W^Uqj+si|(b6a?&2`Xr)?w77ACLJ|)G
z5N5N_%76AsM4+Q_lS)%#UWx7ske|lSeTO6VP4Q~`5xS=ju`SMe7Gj9<3_0$5_I;vj
za8?j-hlxTT-e)2uLGuN@+rap80F568P5{_2B?v=R!U6Sr6=@1Yg@CxlP*?)bN#SyW
zu>G34qxmDchW63xRT(w^NzT{3pO+s$S!1GEs&ShBlbo}>^=1#NimI}tVybHYJ9!vV
z`w4vPQer8^RMq)+lKL|3vG>%8?V|g_klV2?j{}SruEPONP?P&UEe4q0BD-0}GxRF0
z$BcbUwz{=HcU(*!cbzxI1Y`|$eZUVkzOD~D8b0Ma_VASv?fAUvo4@$kzIX&25_`CG
zKR?y}xutlK#XUdXdV9j|_3z$#Kc#=(FVZtuK;zRhcpW_%JUo;nbGZfhz27Ys0e83d
zOU}qY;aggHEdNK<&+-3IUs@{W7H~|`4rb<_B)ZHb99-<2`fyCD*52m-%EK{flIXIK
zu#vEQQB@orUH_r}1B0XT&q)@J{~Z2<5b)2T7>O>Q1PhCZxVSivD65E=m?#^kh?uaL
zh_EmZD~l+%I43iU0LlM%m9HzwnLAj1*&8fuT>nPT`A4(bxqc~oCJDPQD?-fN)X~iR
zAJy#Q`emlr!+CB{Y*`zbIcn^9=wFtqFq~;T^mu4q`&2*q?L7I_7{q3R+#(=?Q(F8Q
zD##2%k&^+BCCzAH$zW}e+=7D%4#(viK^TJ_L}SKSlgfZY?XMaD<Ab`JeJALBsmfDT
zZ@cO~_V}r=b-Y==vC-KUFt@$3vYpo4g1I25pBi^*U;5;;hGu067-|L7gY&MtH(jz`
z1Ut0y+kHp$DM-J>0U!+`02>G`0S*~q{;lwK00fr=%dVl;<$4hDRysRf1ZX2rfO_k6
zIJ|MfB`<(-5RG2Oo^5iC6OS>R!p?SWB3#xO7ogLM7(QtX3HZN?`|hwPmZo1N=Oj62
zl$>)$2}%%DK*=ByT#|sGge5LXzyktGPDauKx*%!ENKS%_#04bhu!M!(JK#Cr@r3u@
z@4NSp`#km3_WX9Hr+TWZrn{<V<|%9+B4kH5E(-I76xoqmWQKo&g!+Qeh*8FN0$J#~
zQ(RSBl*fIg7Fd_~<3Oo#1=!&i`K1z&SE(suJMnlQ{i5JwIYX2oOx~=Uti`x?EF0RE
z2T4AtP;s!Zucm|`tf6f#-zf<Z))gX>%0yA$$7|#k5VN!#5FQXdOrxd1^O;+S$b>hm
zA+*Ha!q%V0usl+&`O{k@nZ;p&vp;<wu&GJEh{PEufYl+dRkzYVrO>m2?7i?YnjbqR
zFKhmUf@QCWz@E?fRyRG)DCytgpRlj(rZ;II_d{e?>@!bA27tUU++-Uq;V9Ttldwe<
zQp>-Ueo;(wNkZ8!ZugtZA#HYf+fm$B0EHNWzTy*$=?vfaBN)-7*;cwppLYf_gZ7pS
z)GrbCg!_*9vK6Av;X{@i%lJdB9NCdh+13XEw@^MGGS)fAZ)oW#jC4Pa=xxwf(7F`_
zN*l9gRII&q3i^g%?V#<~|1q{vt|B!*@}7HKOLoyVmirAolzOXH0P<B@<_jvl_b4O3
z_5JPqdXI4gJCn)wR~i_F>|*eBJbe*|RfhoE%TM2!LcO|_f-`8I+$uuEf)2>8t$$^f
z6+pA)7!jl1`+^KnwMvk%AXnTByyFDxH+bl;+OQH(6&XJI>jPLl=%Xwj;w`K~k9O0Y
zkp%UA9TbIF^0^K*TEDN<`?&WeP<W86JT-Xu!Zzo7H~k_eHqSPP*}k@uU-hi2i?Xv|
zzfNE;HhUh7pZ!DNKsGyIe=Bj?wObvCXlzz>Ce7L{0fcpVmJ|TFKo1NLDq@zeG^zSR
zL{7Zg#k1u*M*Hc-V&biBFSTwOGPP4!*^_d#EzH@LLPczq>=*@Rna4?Bh)?n{a)@S+
z4ziYuRS4b!KQD7+of2pjk-!L<+bq{p-kg0A;f#m=2&UMiV1mrxp?wbJ44tCyK#e#Y
zm24R`8P<j|dG(}bSDzE1T(ARE<V@Nj#3&cNRjX==uv<{08`_&F<~N~Pfr8{HOiEbL
z@n-=Pl#dhfRtQu}uA~k%iYj=_^f=TuC%6SR3?(#yJB|u~l*pt8I`~`ae_9>U8#jo;
zm&#7hO&BwM?w2#%Uj70p;(oOsu!^Rc(*lSA0(NI_(Fq&$ln}PF=rxtKB<V(+2t283
z@>D3c-OZVweA<!%jdfERS8N%9Lfiz#@3k~4%HA2Mm4TFpl7o=*{uY6U+A!VRA~J^#
zxytupQ*Ao!8Xk^Hov>zcL&Rg*J59BSN%=9QF>YuY6QtmA<u%XtbJLr2`e}OH@7vE!
zkG=BT^bnf5Ua^!d)UbhpT%@sX3*Rk~^2mUM7GhW%h?LBz`3j5=g#1422{E{aDm^#7
zw$GGzGowgBUKBeJ1}<_`L&`dc>wULpWJyNJ^p>EdL+uy(M|Bi(2yS8&(^P~7h}xFx
z$GB&d2#rG-(yF?H9vgCIc(^d#ut^9dlG=i|i72mQE5ZPOzjS!(in2o-*qS=HpDV~>
z+Ml=TaSKV^{kVDhJT!@Q<+Yy6(`qT&&gflf1jB^$ZbTy!sRhnDC{q&k{md;!gV$2*
z7<?+PylS^*MyZR9)5Buz2#ygiP!3{bl>`0So(}!wfMet-Eq8+8U#?JyaWEnWJYz<(
zJgU``i|h<YB)<WT?$u)rxL?g^V&zyRZ|6Wsp4KcWD*##xMLsfbT8N0Bl(Qr*Ld;rD
zN?DRWJo}ZgBwa;BKUhmZK1DS0<0ekZ3b$y>Vih{vncTyAL1Er&Z;<r5;VMOVLh+O0
z69nU9(NEWEkQ9i{H?B;z52{HYSNfJ)$xPq|jHOmsNlXxGfuhDlSvI0@LFHm;WR%TZ
zvU+xF`A9q6@Om(u#BnVQX)NCk3tz88ddWBOOC)4TDHFd%@V1v%LI5wBQKs$SL^c=W
z4QgPHZ@Xb%z<|J8LtJS=<oOt(1x_oO;(9xpEbWqeIt&@xW2)OtAH-P!5$^C_FrwT6
zf(-d8_1Q>Q+u^5;ValJeNsx6+JKVbRtnCW%pt3DcV3Q<kQnBCde;^DP**<ZGpxauA
z9nmS1MXP=_ci23B2DsEg3qo!CzRsIG<;Wbcv0WL9I=?cz<Aj8G7vS9vqYE)qNOl;W
z3HcAKm%zAt3&qm?U7JUsv~&G=wLd=7pG78u4Z^hK5O=kFQk?V@<W*6{w7}U<FAz{<
zcQF>^hk!9ss57rcN=fb`9<)S?e@V3)zi%FP4b;_C9uJALBhGl_Sq!SCO)VF(AGfV$
zHHBWIDm&L5x9%uYDFk?fi9=$E3|X;5oOeyTxa@QH&*I}P^d51P(_iRkZ5$bu8eWOO
z7&w>+>r+G`8h%>X>r?YJ_sq2{P=jf_h!mO5`U6s~pLe$-cQsh6CkI*i6_$=!>2*MP
zn4<WfR>pnQenpk+{d`=Cu4Fhw2gzu`>QTKYpJ_{)BPM>Py1;rS(r?)iDG=98KJu=7
z2R$+0eJ^%VXqIg^i*>{e&~GzZCTU0#3p_nI@($1o<T;3?=l$8-q1SNMrRs>Q5Zty}
zT~$a5i#6}xt!)0>%4BV#I%>!{nt5dDy38X69Q>Q<6_=y~N%|4o@3jwAq8LEi{m@A$
z&T^h8Yb@ilfgt>{F>bFaCKA+VX+)J3U}Lt-#2J1)pDH_-c*@9wzFP`pU|V@$a!y8z
zHDfPOJYwW*KP;afl162<Qlljo$$Iz8iJ`wSK>9W;)iRQTTD^L<dn~hiW7wWN_)_G3
zO;+G>tHR5I=+F2dL*QW;E!T9G``%5itw$LJt)H)f4Ew(DXbEOpG`|sK^x9aw+BhKz
zlTRRo<U5Iy7e(&-i@|$i>J+#X1WXr4`Q3^zh*z23**X-BTw0+jRiZ8ym15a+!`_m;
znY!7@84InOnIKsK*Ts3bLb;-VLto5*g2H1%%f5B|L3uemd(Vvv(RH5>b+={x@C-w!
z(v|RWoHoda(ms20>Mn?e47{wx>#)_T>CZ_BN_EpI{Oz|xU8JNRK3?a93>CAtoVt3?
zB#xc9A7M0jgT3{AoHw(8QXSO>F+5UBi<&EC;AXVY?X<4)U5-y0IO_u!vj*@dsXma_
zvl@LL#e(Vz7$gS>?=D5L&gWgY#u$PRr6S0~i?fvw4*vngF>Mw!Cx2)wQXIYyz1Rh%
zmJRJuJWzHS-xF||&pLjzw)_BrV`0YvieiIadfeoWzzwkDAZrSizd(p2Vg(igvl=$)
z$>Rf_AT!e2lU=m&nmpc(WY{T3Vpbg<(2Fc1A9}L6HyTvq13hLUGQg9Ay-~{_#|X)!
z9K~=mG;NE-TI)l2srxX|B=Jk-B?>m>uok`XyndY;g*9RTw6fjFttHfF@^Nass^Lek
zPwBJRSg7uIQ6JxjGK4r}BXWiYd|>Zs2M@SXojG04YT3GJO)NU;S4P0FR{Jfidv9`;
zi+5k%MF~atevTthlA;|Sy&+kxKV463nYlTIBiiZbfy*#k>lf0!Ia%9y?O;P?#w6fC
z)l;G#&B+=j&!RJPnKgXQ6UVUmiafc~j4*Jh)%EYCmN8k%gut-SGUA3OQ)wgcLfvmj
zf{6$VPnL~Ft7^gn<VEEOoh`=f##{abbpFI;Gcw9ir+VZ2Wv!S&ZN4`zoeO9#-C&~{
z*7La;qsOcGuJtQ5+im;iXbM3IgR6uoFIn@$uj>;JYVh%gX%dPh!IW&SXB`Yq9e$)C
z<991#Z-1^Xh-bp}oFw!%QK2R$9nO0y-N;`dvJV-hUHLu*$>qk^28k$5mvSrkT+l3P
zj79_6k=%l`#$2IYsKWIkRgV4*6ROrXsFns`3$B<w^ZoZaQxMA6Zd35OaU3W3Pa3oM
z&#MKj@rK?u<ae{#edV9(ELdog7f<46*2n8+gKqOry)Ag##49qGSG8Aef_h|?h|ly(
zz9v0g#k=R%B83I-8*>4xly3hD@!ouL5ih@V^~0IyFMO<|P>vAp2bb;t2Mky$H_)W7
zkDJu^j5C{hI3+`GJSxgw&R+AmFi;Wy!fBurGj*qw#19>MDT()0O>0B0=7ifW36I(}
z`sKS`y|la(EVY;n<G>srk~sxFsPb!7rF=q*?lG1!oO~vpr7%N`mb)|@BH632k1<B*
z>mLn{kh%2?w3AWxf%LyaI_ARd37)e!@xEXpc7y~z0Dix}%!_6^vR$}2gxbEjMn>MN
zOCnXL)`I>E+Z`~3Y2Y9=O0zy^e+)X<L0G?VEG2l>x}myLL$MSgx&&eWqRw$2FjCHm
zLw*<Z6r3(+l(JrL+^8%8X>X1LOrV549<EMpYs6+jNgubcBS_J<M5vaF@-Oojjntr_
zB2YS5(__R%CA&+7cVDAEBf?W=?ltM^Ki&xK)f;yLOJ+~vBX@(SRHrGC^Wjw9@1wXL
z+)UI2t;n~6mi3|)hK8x63Y@qWwEDGr!mJ}+qU*>WC<i&Mpt9bN%e{7=eo+&owt_l+
zH(r(RJ{?;V#IS<0dN(eY>pmS)BL_)t@km5oQ4U|+!V%n}v2J2XE=~vx6XyRO+AnYz
z81_4R8agK+9~?F(Fd7C;H>cEe%O|7u2uOw<a3u5&H(jM5xfyZM`~s;Rm8P!I%qK2A
z1FBxULH%<k97WfdcS(ZIvj?<ckhsyrj=-1Dpf)>k5VYl}KCH(`zl3Kd#AIYp4a-PW
zd5>2vB8AsNUgkVmHx_(vgZU(z_??UYrhO{+8-q+#OuRbyQbwquz>-hcpKOm`*CUKy
z0EI(sNQK1vzhSK(m3}|$rM=CkbC1iZTn#8Q5{<mCn3X$B{O@dLgV;VRx>CFNQmdlI
z?<_A`PPK}h#yRTu&ao6pwx>aV%tiR*vbydJGyK(3z{3S}$?|wphv&$^+G_4{N0ks4
zKV*0%&-z)=U9uatSN`4CH~nYlPQ?o0@uY3-`S6SH%M9Q3yeQhtS50O%Be*nR?#rer
zEyq<OQJvpKH{#hJR=6&Qku;oi8^|nQ5q0h~_dR#^c!@}2<;ZFTmD8L;T?k2CgxMDJ
z((9G*4|^uB(*)~pFTeiYwvEpi64?kJF0vEZQzxi+UVwWG;jz!FpJC4NEavkPOK26L
zN^C;xz=&63{;RN=509%{MUPALR;rAW3q>xWb%3`nlq5N)TrJwBpedoZyFee}TpX*N
z{8Z)6ptE3E$Apzp3Q;ct_)Z7(dc+;>Vj8;?iVr?FU&p%|4UJZF1gK}-St&MgN>MEO
zdiQmops(rs%IkkZE}GD{zij@oN6j=+&Cfcsv&kSg(f;P{m%XR`>EFRcQMOx99ppRb
zJkCKuI<xoH%&&4{i*8%Ko^`E@h&9kd-F{zvz3q-*sfkxg&j-R}nA*{id|-Yljc>}k
zqN`SXE3O~esC{M9<7aEKi&}XsmFhbvvLc;VV_=j|nRpAE<Xm3u<a`wbqe2f<^*K&I
zBW)VNhJ)h_Mg#sS?L~N&LC-&)zSUl%>om)`_{1!x=D0nzK<skp62VHy(#6;}Ia5B}
zcQeF-Y~Kw&5Z~JobU}9s%+-s|CL+)pcH)R+UbK+gvJ(B1@elsv_Ee<duX#I5<ExhY
znJh_!hQ5`cW@VuCvaREIeKR#a<`2f1WGUFbI!IOHj`DUk*Ou2yet8>iF~m@WeL4cJ
zUx82M`EQCMvMA0stoLm;2mNI!G&*`_w!c2^xnwpMGwezGn7=bNvHk5j?hwmY0V#i)
z1isGW>1ZdbIrc$3sdp`oTcDcv4`F^hFh9{CpW!WIvi|UNyRF+vFW^eDRQB~m_wEst
zy%h^yV>6m#s~XnnC$nkYGCY1~e>fuX%-o-(D(U{}W(R7c8F(p5!-kgi3Hi1?e)qWN
zK_%}PTM$n;9T9cIj<8#un^6*FP_`L-FaX{eF#Y&#V#C;$g*_r!^>~v^jlE^5Gl^pQ
zF<)nlFYLs$A7OE{SwaD=y7zfXR5z(ojj>-;e;Q59a+rW<oZTDrV@_y)&NwwRFn(KW
zk)uN?zatJZrF|t>5_lf9ZVo-m_G0%Gk`rTBh?D;$BX*&ys+A!BZrr0OZKYAzUK{p{
zQZVmSxlqua5gAw*@?zJBT#ZF5)}Mu#FQu)wEOz}G)o}Yb?(%AT-C<DOq4}}%gr_8g
z8zX{kP)XuFXrS7Re{)6i=?!U*{<mV7Ous;`DKDnd!j>E-^lNAvJm!$Y^NJq3oV}2-
zqh%D!@@nu{9G27igi4yPene&u6`XWCyH$x+z@xwxdANMp;3!a$88RQf?0hK}{HRV*
zB=c<+dU<OmgZJn|V#j#Tc6^~AW@9=AIkeY;4Ocn56d=xqUB0^Hv(iL~eN=Z}!Lw1C
zP@i-XyTk@&-hAHiwyFvBl^?s0aa88od6TucY@oLj52wkP{k}Z;CZToH=E=5A3pR~=
zn8RauQFa}>;^R}GFgL8Fw^NdnNFF`!LXkB(EGx41wm{3kG~2L1Ho5ZsYWWpoCAJ`!
z!RU6C;X!746$gRj`Ee!tg25#E(+3Q_&)S!1qlX8j+OG@`UO^$$u>L6bq`*av)_@$|
z&i=Z%O#-U{auup|^EfW%oK#I>#pL;68;;HBjbh#2x1V?>Bqs0%V{b#Q>FsE7#4zX-
z-3~m8X@4t1wXSEJ1kz9H?`d6yH3dgQ@>;0eG}C4zm!|H5#r1;ss%F`AG~@=3g*;_c
zz;c;akHox5Rd+%K@?9G!<Tx9GC&La=dpM%}ooZ-JkTk|y+u|z^FjnMjFs>g|oA<r`
z>6wX0!R_wLBa%SzyTmPD{*h#+{rlRJFO20JzZx+4-g=X6bg;R)K5ubI@Ej}25$S<*
zB(__Hv{1)%pRgU89x|R-F+#wzH%IK4e9g7lQjMb=U+6RO-O}!SVJzu*``)Yl6y7HX
zdGaqKb2$uCQjIelUpO*3-kt7}?!av0#H$O<<tkhsNiz0#q_t*>G}A_={8#aH%KOsm
zNn%rpl#(t=G`;s4_DzS2(~gV-unwG9$6!|1t^OH-8E_<+0*j+cx?{7zR!0a32X8WJ
zHfq8<kv<_ian0ni`JD2E$<bQ-RhsdFBW?Pt6^&fAHYe?)RO1H64}+PHSp&ySKRAAH
zam_xy&T9JceOAP+2eh5F%q0&PhWk%tI54YQEL-3vk7kc1c;qx>I#lsQ^o0FH>F{6+
zElw`AMF_}(p<><ww{SGsbmR@yr;8Wx_p~|^W-T+7EHTwDGF=PSj(_!DH6%*?K(JeX
z-!kcBG(%op;@y1DJFFy0gZ{qDvBqy$Ro%gF1jHY;2z@jee6%R{GzpGv-PV?+{3-H{
z>0TK-JovzEq%u||iL2OV`hW{(%{8fq)*d?rZ7W#%xEj(|SdUHSvgo}p<o%q$YFaU;
zmR+{-4W+Vih`r)O4-6mHEQ_Eh#qNK`e0z&oy@lO>k3F`;u6m!A_3y(~_ib{H%ZyIH
z`4LgHP|K67z#D*jGDc&q>4LMB#b+w%;u7Id*-t4z5CZsE8<dq>^P9Ry(n;HE`Kc5r
ziD`?XIVDRj8H?Q|5aiEsA;TI(1<HVGqFRf>^`xR`vXjRFLItc*mpo|<n_T2^osg^(
zk<JNq<PVck^FVk8nCe{ZUT}=o?k%D!c{vzx#G0*%Z|$->H|?dPy5ZlEm9)Kttpv|`
zec#lQwpGP*OPh<);VM<q3+V4e#8(r!`E?XfCyll%-IBvxu)%Pih;3<YQ6i&|Qn{E_
zbjKFY*$@5{$7Y!G%e7GFWZt7~=Y%sB!yCE{D-2qmUFzXo*<NxJ=36K9fW*tTyEtUZ
zw#V3I0%0Y)%!eIMo(8%MH5^xNQ|vI=km5-i($CeY^`YlnUVlF*TVEDyPMb+nKm8_$
zk0roR9;zYDX1ceEII;Vk;Gi9woRe<?SjS4Qc^?@=v$=mVg}L!06uFLlM<*z=r#<Fj
zW_7!sYi414iw>`hp~Bn?sbK0aPMLx2ooCGVAi;)ElNnC@RoXCOuA)nx?O9a1A>aDA
z8gqbp@m#Co`4Q}0d2p}mtYz<hBY|F^*I?lt$j*)qcG5ac>(#m#D}I60mWxc2I1t+l
zWKCvPA3nbEOV8sZJ*9Gen)Pw>Gquu-a1Gs&y_p+!aSPvmP>GZY4I3q6D|T#5G2LC@
zyGLR|SjQjm;*+$Le*;yBIbyV;>A#Oq#aBM$`tJBmOS&_a>z>1Yy}RC>zy-s#W&UUk
zVu@;qS2kzqW<bvyuE*UJ0|d2>49>xm6@(w_+{Xx+t*X`t*GnuY!rqLEL?Ma(3<?<2
z<b+mwQuMXpR}-bpJbF5?0xv!mE5dXK3-&eP`V$>+-a)4rc!dCiN#I80c?&MW6|cRx
z&Nk4Z>?%~i1<|2eoB>9TPFt+j>biR=ei6<a0_)pZQnf#1>O#}>&{e0_$9yX2dek1e
z@nCxGEs`VT&vs&}d6-|rjgMLWU|}r1;fIVO&FaUp`!*<n*?Q6;oj(NnfUWr76w&Y&
zj}C1HoV-MuiOWs#f3l<#XQLsE_O9jQk9f0wJ`zOn#(5IgUlv3t0PKbQ^_T(+&g04g
zt_+N}o`>{tDZpw<4qn&3!E|HX*QReC>z=0F!8(qB@9x`}{<Am+Pavn-a^7>gHG7#a
z!Q_k$Ej!=q0b5B?#I@^O33yTQlT~T>#19`{j!!h%zD$>BeO=Aqtg`(g?C}WrbOj!~
zZv#IrvpM}%hFLW`htt{(tqJnk`BnxWs*e@CP+{(Bz`w6_9ad1N{8Z5ey9AD5gOi8d
z-wUo8bcEHhnl@fH#|PX~E#}+i@t<}1otA-l0xzSkJ3k{iYq_AbwvA?M$3vAL>+C9q
z-_>NPYPTUJ<kG2$nMU6q+Qiri_-M%Osf*purK}jBRQRGrO<;RbI6~uc6Sw()nxhay
za(P^^=vRpCUMM~=r@h=LiXdf?X$jaaL}5A)$;c0qS%##JrscD2aBWC!2(cn3B8TFE
zc=K?K$7y2#Wut~XUKE!*t2~KUZKGFo2A<&?kKNNMu>4ejV$j|+3x;y*U}k(~+zwCm
z%mIUG8gK!}i{(Jp&Va)<A^q*zbE3Fa7uVnv>DYtm^Y~6kEg|Y{Hnssw{dPmRb&_b2
zYs1EKxCztUz@)mfBsvj}-nzi9sf_*^{1MB=5kuaoN#3!+F4`NpJd$knm2tuLY$M3i
zGeJ=lxviZyXT1|^l2Oz8-uf2U{;{q_B<akt4Hh0D)(j7`x$qC={hLnv5yN^lIfdw7
z7)b^%MsGIfSJv6KjGBiB18<7Otfpa)f53yM!DuYU%Sbf{mH~sO8a+uRpN!*VGNVtD
zsTV4B#gjh<oOCFlHCL~PHo}+?SzR@VeW&LoeI<dvsu>1@WuBxZV;}9<7-G6R!3sxW
z0@xq(Z~)vrm0Lu6^quG!o~Dh{*7ASl_iHqy@<^_=ql~WW4C1sEI0$ciMaz+#k%Y<#
zU<nXR;BOl&luxIXN)`xZ6)?hmVl=eOn`NlIWUcSlaxgtHib#`gS_GWo5hmkj<v`81
zus^<n74~iZJ4JNq;g@czgE`B{YEqp;gZ6s4W)G7?0}{9%Qtrx2{%c+H+l8kLW$nng
z61{SnD=_}H(LzKzZDukKXvm6`$7_I^3I}8oVn71zG@FrqWmL_#aOvl0;4dBePscsl
zLU6f78$o7aD+CH(=X_<PdgD9%q_P}*7I%%L+Gk0uvE?fc{Wz3^P4(|E_B+ONZ+`Rj
z;`y~a4LW2$%*i7uu*LAa#dODmZH1I<1=hkQp@gVrRmQMW&kKevO!B0QGrYw&zB{?M
zm9j+`crqq5ddXir3rU7`d*YYA33!d^KE1v6{nOrW$6`P=@3D_o;1m7Lyf3j|{-Uja
zRUrWGZvO_vH09ssL@TwpYfVr-W|$R)qNxsoRU)eARwY`4tc{MsN1453hdk0Nb7FP8
zI=*>Fqw54csV8RlW6bn)o?PCT<{l)7k@bgbyd_t38*m9XWa0hJc?Riz)X0ywe<}`M
zh{iNi%M6()J7MGw=nloU(tuVwoj3eFc4x=N8q?hkesUxxhW+saUU!m~_BXJqRfi-V
zGT=;f#-96y*Rk9PX=mxSRVco|>`{z^9MVlnfQ@*`n&NKDjW#P%xsvCNQbEbLN2xr>
zFOE{##<ML`e8&8v+P|IaD9-EZYyp=l^FNrz3Aw8W$UyN}wu6fmr+h#@$$c+L#0Dbd
zN!Np2C<{MItUIR@w`yEJBzxVndK#bjTb#TsniX8<tcy9nSi=sGN*7+XU^CYE&>t6!
z+dzWh2R^Bc?JdIYtibDz#mX?<KyjL#L)4bVOhZ_@Ra5JC7I9<l>QMQN-yEwY?pcG#
z?M9+sr6bfrhoc**dC4_~sCeVAAOH4CEx#21a($=URN-OO-aGN1VY0fMq+Wy$t)umY
z4o7N<PIG;oqS1_j%f^&@{A>q{vwU934mLyOPIt+?spJ$W8ga~t!f%FMgEFQz4*6gK
zL&bJelBG4#BS^+=FVQ9?1bsey_5(;ZGy(Bf7F(W7-73IWoL^(C2`E^Ji2M%)|IyN4
zWGu!0u)=oNV$%Fh#XK-PKWP)~F?FJIMhDY%oA4*o;9W3#z&}zHKolz(s<147!r;Z7
z&?q5ax_FwcbC#?yP&2{aIPY6W@K_aj!o}gd-}{yZM(7I||EP=;OE(V>J288XCE2n0
zE4T{A|Ar+g#nM?~g{m=T)zmow7wyvzXe`gPUfSeaeNhfcKM{3Huj4b8kuZp5qgjQJ
zEj^GZaYjNp^z9Z|b_?k{^}0E_I*8ncyBn_A_dZ}^5mCXx%O>}58wA`Xf%ye}@uI||
z&Vmfl5#NB10?UVe8QZXGjVdBss)J+Eh#${mk4GZ?ttPfC!W@^0lm8|okn{E@N>s<*
z03vVrr(%(dTR3}gTI+vl4Q7h)u>)VLNHY+5Yt3q0Z90WJb<LDcOJy|HH#osUlmh!f
zxCi^$V;48Rs8n(<9}ZN?Tgx3}kKwy7t6Vx@+uS{s>{|}?kqg9%9AYf~<zoHq3g%*j
z-eG|`OxST5aF=V^hll;VnwPxh37g`ZoG4n1<q0~Fc$pEmJem6%?*gg;Tw27LOKWCB
z<oE=(Oeb9OA}?(rm&eI_Gv24IIw`boqj73>6HE6MjQ=miKeTv$PT=%^*Djb<V3vI%
zig1gHy~*LPsj2YG8Syv9a6qOZy$_VV<dzR>HztL9NT7Ew%CfXnGx<3VZ4bMMdI$k6
z-#V?z#l99NG;nUp3B#l{D+8@O{!=Y~$aOAE-Mqh(o(GKM(eo&r=;^!LN<zU-ZJWg*
zSyp7rVEE=~CBkW2X;t=g?DdTH$z3niRTTOzwTw{ygKJ-fJNrqB?%K%+6+f7RJ++fz
zksI!q+~sza-FU@dT=_!&M$AukRjQVE`7kuG)xEWMFU%ciK)cFrfcne6_L6NcvATc{
zI-(DWS0Gzt3VkLhVaNVI84d73s6OpxrF5T@Ey~tKnq%R~{-m8Xw_Ma%t-3+wS7|h-
z%G?S(|G4ZOMkv@pKIGAZD^98D4?OtT)KI?VjzbxI^>@QE_^R*Drt_7K$)Os^@BbKM
z(Ca|NGx84*Tj_OhoZd$~dJZgJmS<^E{i3Nxn@fZX%z>IYU)WL$L-?SysZEc}e`9}!
zNz4C*W;;~3lFlZyZ)H!#t^xE78w;4A6;`MVeC??0GM4TKJpaV(1vYla#u)PpIGfl;
zSQ7dPN-<$=7DEC3ecBrmIJ6yy73}MNinzdHM+)4ep&S(Fqs8I=5v)mZTh!Z>U}NkJ
zfCf)={-k|){!t>(cxOz(658W;{9yWD&WsHTEF8y9%$OCo?vN~U(ch^iDu1E*PKEwv
zHA$+0XNGNgh1Bxl4m_SG@ijY;UfiY@gT2uFp+977!y)#WBGtrG&USDz<eDEY{Uo`$
z&#xQB%7%VJ|0NY5(kl4(%YhY6Xu%=bU>2@<2wf^|nhkt+_+V%ojrFB0&YIzG&PNl*
zZEy(p`89SG4i~yw{N+OZ(FTc~oMR95Q@LCW%S|l#J1oIhFzyQc;{J5VISl=h-Pg^s
zt1>{!L}d(gJ?pEzaaBjk(IrpHWyD|$422fuMYs!K!ql*%#EZKexC?3oJz%nzSVnQI
zge}IQ@uVZ<mp_C9FDdbwF1D@InP)K+?b`cV7x%@DJSkTc6I>WB6vs*#F4hfX*<38r
znCXcNc|t921F2T<wHn$s%Zc`jjy)>j^jyFnKG`Uo3%7}LI^fO9vU#Qx)fCIU>*X!z
z)yqLx6xEYFRwtvi5aT&@oog3Qnd255PuZvuDE(x~XV_}+^SQucl-DKuc*^F?#1s`G
zZ`ILV&YmavufW7Fq&T|tE-i(y91y6csVn(h80n3|p!l-funGy6Q!mEIs79PBXZ3Xi
zahGeEK4$q%WWf<~bgJisq?}_v=!Fo1K9bht5kBR@4SF6K{6&NPzfxP*p+xj8H0C5{
z!<CTpU=6c5>8h;?C`1wzVE|=<HJTy_ei{2AD81?kkyPiYnS>@_xF>)VK2OSMvWO-1
zg_ds(UO`Z3=`AKqlZ{`i#`}-?_n#@5^NBUSb+eE^`PcjR9_Q*A7`VEc+^W3f5AQ@9
zOnK}CCm&?gP0ye5Z^}J^cTO5?xIglf^6}(fo~Tom%`s9G3vyG=59eo-Ue47cG*EON
z(nzLA_ZcYsZ$a~s{1VbJd3t09_Rcg~$&Bf(1FSf)&L&rrxzlL}3#0k3Nngp=qc->*
znwV53cM4HY#~b2(&L1ib$n$p*Ki2{x(m2y6_wm4K7ZZikc?Wny`H7|Va`kWkJV`wn
z?;ns<in?%J)r|J<t0tJ1!Uvkx3wQTs{dN3?j^wa*%3Ydj^PH6UmzysLheV1K@tNcO
z5obG}6$5Kliz9uZ?6T@ivd#Q|jQ63qkDEmi<N>x~YvEi7O2QfOJ^n08v$j0;2rW<A
z-!(^@36b)o?`wKeeSrZ<^VhKhM9Gt3qbbP$0wt1K86vPno89E?fAQx+g6Hbp<)3tO
zui=Q$IRB;|hj(vs0JmP9S|rxlD===(f^~ZKkiMfzzM*YfB*EkV03Ft~EsCgmY(I(X
zw+Nh?-KEc|`gdqjWW(LdFRs?&WPEmjJ_;uPu`N%8!p+M$PRoMz`|N<}(v0rV(QLpR
z@6e4^BC3aRrT0cPSU#uvP+;xqBJl3<4seIk6My_w?EfLO-;Q5nUMLi5o?e7&uTd%*
z?O6S^@!&L%%>2>AFU%HN3ebwtn-`1U%1B=@9b~>oG}^~37)n<Op%3@1fTV_vltWU(
zWy&F@%^wPP0~#0u=n~XYeS(J<?W>t9^cK}7CxERLwFo!DwFoOH3#!rDv&q%@JgH9P
zq|S3Xa9p@stICw2h^J#K1;n_h7(9#`^$-^_ax;ArrV<X^BSfHVF#fD*tlM_0teGCj
z<M4f+l<HbrOZoHfe~e;ocq){nTVX8@2Pw%MCSMSGDlVVwnc452MZm&WJ#pQeMLb`*
z0t<sf5%EsT+Cf;W!`Fx%Z>84l7T|$w;6bEd8CfilR0j_8+o-xHuTS4{UjksX60C7=
z+FV`N^%jkK+g9!EWHp)JBq6IUuTr;^r{5FK(I#stcV-6G)|t3uDl0$t!C11+h`W&u
zw?iERbXaG$?wM28sr8^+{$yUCC0U{T%O~I9RO7%$C?$(=zcapxw>xKwjH+a<;`)Rw
zKH~Z~Exh8aRkoP~n#>FBcJ8d_EWtVx5Cwj;erRdU#$RYR#hfrV^Uf}TdEp(hI@_Oc
z<4v~LX<11;@F6N4js{BPJ0ZQrGHe#&vILnL-W12ev|Zdb`P)xRn<xHt5xXmOiYI_1
z^|+vY>8F^JhqKf<-;Un(75Q41?7C)Etyo$twm+r68ki-v%H1G3yBcWCu<c9pZr39V
z3;=zdzJ{gVkFt_iGc6ZKo)(7*%&r!N%&k5Q0k2NnTAWu*8~I!;>bb&QCYrx8Thc%$
z|5<crh1U3OwBog|SMm+1ePiF<x|-DwRJ*vV2%NdDZ_!t^Z1)KOS(+{$Dt3HRXz1Ja
zO(^pY%$i$ewE-ZbZ*3k~cq`l=&vyOrCw{hTFhg~1-=r_5WY^=AX)73z%jHF{_Rt44
z8oF|o@_UqiH$?W$)XDax7s+T^W)cMkDA<5e6Of+*?zc<f!h2d2J2!!4t-nsWOw0*@
zwe-aicc9FpjrYt6SM6|L*zthE&O&BqnT22OAm`Boie@f(vcE5E`b%>EkKR~K?l&X)
zGosbZ<4<NZbLG!v9S>)`hwZ~<3`>vtt-<L&vN;eDy&6T;(NrIi<9)^?^>{p2-kUt3
z%*0=HbG30~Xx{zy{{uRB$fjrZbb{UZYCMIj&&`5xX11?Ox!Qy>ith$B{@<WV61TA*
zSrrY)ina&crhOt7?w>)%8x<MZXB%kWxQYPxZh8q(v|B_)%AM{9H@i)R#Vl@r0%h$~
zM0R!u7v+N#c6K-q8LVJXFNMHh!R346v>Xlc%iniw{91619ZAj7CU>l1_wJ5;D0U<@
zNfYtE2TS)JD>Hpjg0w_g&^eNhrj+bj!z>?;+1EQ(*}j-uzYAM%8{@8W><&s3akD^q
z(>t#Er-;m1!E`OhT<IJc8oN?CMJ(=q0-erQXx4*Zuh$stx=gQ#Sk%|7$x(KtYF$RZ
z4zD2Xb5yf5fi;4Ugb!W9cb;rX={UxPrj^iH!1S%gDmoljS<_1Hn89kijtI=(!$E@!
z6+gapD;jjAwuzvvUhUwTr~8xu%Nibzwu{`@cl3j#_|m7IPH2qz)>m*ST(<CUSX-3n
zGUXAq@PdI}V<d^6wbC^>vk8P!(=c+Ku^9A}o^1r4_AKn-8S<OCr5yjDo-Oa_2>GU(
zevRx#f(S!$wns2+;$`~?Zf$wT2x0B~M?7)Vq?U>1U4g9?qdcwRnq)lXn5M46httc5
zt`CK)50)J7`ws2POw%Qf@>=nLfggS=wH>7YN73cu6OOimeZ6m+!HVo|x;1iYF*-jA
z(OvQWA0?JCsbZ}K26_iZCpRsIc5Q_rUX|iz&pg|R%${8xHY&auD7JhwpZG=$lkIV1
z`*eDZZIgI8=tP~Kt3ENOjl1w5VlVso)TN;S&8J4Xn{y0pvjVL|%PL&;0%w1z25ZGV
zpXv~Eq8>sY)(dMs<$xz$19qz_pN(oE0_w43<f^Ya*qr;8JG+>(c8We66aXqx*nGcS
z-<CB!JP^PP98yH5hDQf~b4_b=PA=DZDd^-8J$e1xyaVa4y8TT?7B!V$IeEz=__9L&
zg~&bm)<b@!*AUC0Tz<DFeE%H^^5^>-iTLx0_`imb(X5U<oEMVORkyI#v#@^874G~_
z$mKuNa;^|SGV<2b53h{Ezqy#Xde#M3C;ewK37_+=Nbv#a-S6~qB-Q>(P`&Hxr8~pJ
zroi#As-$1Z5SH`{0mpxOo+6$9lSFFL6*1kCU-FCon&bsiZO_A%|8<6X5qNH?7$O6u
zA8mSyc)oYi^}}ZqylOd)r5p{osQ1rj*1Ub}9{KnKkDQapNJz=cij(m1T{F@q`CnS2
BJNf_s

literal 0
HcmV?d00001


From b0b189f31f5742c0d6afb7cf249ddb57baaa7554 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 28 Nov 2018 17:30:58 +0100
Subject: [PATCH 827/889] Add missing compilation guards for GCM and CCM

Add missing compilation guards that broke the build if either GCM or
CCM was not defined.

Add missing guards on test cases that require GCM or CBC.

The build and tests now pass for any subset of {MBEDTLS_CCM_C,
MBEDTLS_GCM_C}. There are still unused variables warnings if neither
is defined.
---
 library/psa_crypto.c                    | 16 +++++++++++++---
 tests/suites/test_suite_psa_crypto.data |  8 ++++----
 2 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index d100eb1fc..910de1f03 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3146,7 +3146,7 @@ static void psa_aead_abort( aead_operation_t *operation )
             mbedtls_ccm_free( &operation->ctx.ccm );
             break;
 #endif /* MBEDTLS_CCM_C */
-#if defined(MBEDTLS_CCM_C)
+#if defined(MBEDTLS_GCM_C)
         case PSA_ALG_GCM:
             mbedtls_gcm_free( &operation->ctx.gcm );
             break;
@@ -3259,6 +3259,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
     }
     tag = ciphertext + plaintext_length;
 
+#if defined(MBEDTLS_GCM_C)
     if( operation.core_alg == PSA_ALG_GCM )
     {
         status = mbedtls_to_psa_error(
@@ -3270,7 +3271,10 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
                                        plaintext, ciphertext,
                                        operation.tag_length, tag ) );
     }
-    else if( operation.core_alg == PSA_ALG_CCM )
+    else
+#endif /* MBEDTLS_GCM_C */
+#if defined(MBEDTLS_CCM_C)
+    if( operation.core_alg == PSA_ALG_CCM )
     {
         status = mbedtls_to_psa_error(
             mbedtls_ccm_encrypt_and_tag( &operation.ctx.ccm,
@@ -3282,6 +3286,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
                                          tag, operation.tag_length ) );
     }
     else
+#endif /* MBEDTLS_CCM_C */
     {
         return( PSA_ERROR_NOT_SUPPORTED );
     }
@@ -3339,6 +3344,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
     if( status != PSA_SUCCESS )
         return( status );
 
+#if defined(MBEDTLS_GCM_C)
     if( operation.core_alg == PSA_ALG_GCM )
     {
         status = psa_aead_unpadded_locate_tag( operation.tag_length,
@@ -3356,7 +3362,10 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
                                       tag, operation.tag_length,
                                       ciphertext, plaintext ) );
     }
-    else if( operation.core_alg == PSA_ALG_CCM )
+    else
+#endif /* MBEDTLS_GCM_C */
+#if defined(MBEDTLS_CCM_C)
+    if( operation.core_alg == PSA_ALG_CCM )
     {
         status = psa_aead_unpadded_locate_tag( operation.tag_length,
                                                ciphertext, ciphertext_length,
@@ -3374,6 +3383,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
                                       tag, operation.tag_length ) );
     }
     else
+#endif /* MBEDTLS_CCM_C */
     {
         return( PSA_ERROR_NOT_SUPPORTED );
     }
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index e1c1b0545..6087412be 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1770,19 +1770,19 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
 generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CTR:PSA_SUCCESS
 
 PSA generate key: AES, 128 bits, GCM
-depends_on:MBEDTLS_AES_C
+depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
 generate_key:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_GCM:PSA_SUCCESS
 
 PSA generate key: DES, 64 bits, CBC-nopad
-depends_on:MBEDTLS_DES_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 generate_key:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS
 
 PSA generate key: DES, 128 bits, CBC-nopad
-depends_on:MBEDTLS_DES_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 generate_key:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS
 
 PSA generate key: DES, 192 bits, CBC-nopad
-depends_on:MBEDTLS_DES_C
+depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
 generate_key:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_CBC_NO_PADDING:PSA_SUCCESS
 
 PSA generate key: invalid key size: AES, 64 bits

From ce6ec7d5e79066837fee64ed49cc081586070a13 Mon Sep 17 00:00:00 2001
From: itayzafrir <itay.zafrir@arm.com>
Date: Thu, 29 Nov 2018 15:51:18 +0200
Subject: [PATCH 828/889] Add github issue template

Required for internal issue tracking.
---
 .github/issue_template.md | 44 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)
 create mode 100644 .github/issue_template.md

diff --git a/.github/issue_template.md b/.github/issue_template.md
new file mode 100644
index 000000000..7d4f1e840
--- /dev/null
+++ b/.github/issue_template.md
@@ -0,0 +1,44 @@
+<!--
+
+   ************************************** WARNING **************************************
+
+   The ciarcom bot parses this header automatically. Any deviation from the 
+   template may cause the bot to automatically correct this header or may result in a 
+   warning message, requesting updates.
+
+   Please ensure that nothing follows the Issue request type section, all 
+   issue details are within the Description section and no changes are made to the 
+   template format (as detailed below).
+
+   *************************************************************************************
+
+-->
+
+### Description
+
+<!--
+    Required
+    Add detailed description of what you are reporting.
+    Good example: https://os.mbed.com/docs/latest/reference/workflow.html
+    Things to consider sharing:
+    - What target does this relate to?
+    - What toolchain (name + version) are you using?
+    - What tools (name + version - is it mbed-cli, online compiler or IDE) are you using?
+    - What is the SHA of Mbed OS (git log -n1 --oneline)?
+    - Steps to reproduce. (Did you publish code or a test case that exhibits the problem?)
+-->
+
+
+### Issue request type
+
+<!--
+    Required
+    Please add only one X to one of the following types. Do not fill multiple types (split the issue otherwise.)
+    Please note this is not a GitHub task list, indenting the boxes or changing the format to add a '.' or '*' in front
+    of them would change the meaning incorrectly. The only changes to be made are to add a description text under the
+    description heading and to add a 'x' to the correct box.
+-->
+    [ ] Question
+    [ ] Enhancement
+    [ ] Bug
+

From 58600557bba1774479d7aa29be46d182ce9e072a Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Fri, 30 Nov 2018 12:04:38 +0000
Subject: [PATCH 829/889] storage: Correct typo of PSA_PS_ERROR_OFFSET

Correct typo of PSA_PS_ERROR_OFFSET to PSA_ITS_ERROR_OFFSET.
---
 library/psa_crypto.c             | 2 +-
 library/psa_crypto_storage_its.c | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 910de1f03..fc296d365 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -4259,7 +4259,7 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret )
             return( PSA_ERROR_INSUFFICIENT_STORAGE );
 
         case PSA_ITS_ERROR_INVALID_KEY:
-        case PSA_PS_ERROR_OFFSET_INVALID:
+        case PSA_ITS_ERROR_OFFSET_INVALID:
         case PSA_ITS_ERROR_INCORRECT_SIZE:
         case PSA_ITS_ERROR_BAD_POINTER:
             return( PSA_ERROR_INVALID_ARGUMENT );
diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c
index 29394b5d8..35caa39ad 100644
--- a/library/psa_crypto_storage_its.c
+++ b/library/psa_crypto_storage_its.c
@@ -52,7 +52,7 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret )
             return( PSA_ERROR_INSUFFICIENT_STORAGE );
 
         case PSA_ITS_ERROR_INVALID_KEY:
-        case PSA_PS_ERROR_OFFSET_INVALID:
+        case PSA_ITS_ERROR_OFFSET_INVALID:
         case PSA_ITS_ERROR_INCORRECT_SIZE:
         case PSA_ITS_ERROR_BAD_POINTER:
             return( PSA_ERROR_INVALID_ARGUMENT );

From ac41c191b90c94c0fd2a5b1f1eca7675ee467773 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 4 Dec 2018 10:57:13 +0100
Subject: [PATCH 830/889] Add psa_crypto_invasive.h

---
 visualc/VS2010/mbedTLS.vcxproj | 1 +
 1 file changed, 1 insertion(+)

diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 6535d483a..d305c4515 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -231,6 +231,7 @@
     <ClInclude Include="..\..\include\psa\crypto_platform.h" />
     <ClInclude Include="..\..\include\psa\crypto_sizes.h" />
     <ClInclude Include="..\..\include\psa\crypto_struct.h" />
+    <ClInclude Include="..\..\library/psa_crypto_invasive.h" />
     <ClInclude Include="..\..\library/psa_crypto_storage.h" />
     <ClInclude Include="..\..\library/psa_crypto_storage_backend.h" />
   </ItemGroup>

From 79e213cfc8547b64cb645be0096e9ca07930525c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 4 Dec 2018 12:25:40 +0100
Subject: [PATCH 831/889] Don't include mbedtls/platform.h unconditionally

Programs must not include mbedtls/platform.h if MBEDTLS_PLATFORM_C is
not defined. Test suites don't need to include mbedtls/platform.h
because helpers.function takes care of it.

This commit also removes a stray `;` which is technically not standard C.
---
 tests/suites/test_suite_psa_crypto_init.function | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function
index 359650429..132fe82f8 100644
--- a/tests/suites/test_suite_psa_crypto_init.function
+++ b/tests/suites/test_suite_psa_crypto_init.function
@@ -11,7 +11,6 @@
 
 #include "mbedtls/entropy.h"
 #include "mbedtls/entropy_poll.h"
-#include "mbedtls/platform.h"
 
 #define MIN( x, y ) ( ( x ) < ( y ) ? ( x ) : ( y ) )
 #define MAX( x, y ) ( ( x ) > ( y ) ? ( x ) : ( y ) )
@@ -41,7 +40,7 @@ static int fake_entropy_source( void *state_arg,
         output[i] = i;
     ++state->step;
     return( 0 );
-};
+}
 
 #define ENTROPY_SOURCE_PLATFORM                 0x00000001
 #define ENTROPY_SOURCE_TIMING                   0x00000002

From 5a3c50e89049b4a5efbeceea49318182fac28456 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 4 Dec 2018 12:27:09 +0100
Subject: [PATCH 832/889] Don't use an enum in a bit-field

This isn't standard C. GCC and Clang accept it but not every
compiler (e.g. Armcc 5).
---
 library/psa_crypto.c | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 233a19ede..7415a9a4f 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -147,12 +147,10 @@ static int key_type_is_raw_bytes( psa_key_type_t type )
     return( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) );
 }
 
-enum rng_state
-{
-    RNG_NOT_INITIALIZED = 0,
-    RNG_INITIALIZED,
-    RNG_SEEDED,
-};
+/* Values for psa_global_data_t::rng_state */
+#define RNG_NOT_INITIALIZED 0
+#define RNG_INITIALIZED 1
+#define RNG_SEEDED 2
 
 typedef struct
 {
@@ -162,7 +160,7 @@ typedef struct
     mbedtls_ctr_drbg_context ctr_drbg;
     key_slot_t key_slots[PSA_KEY_SLOT_COUNT];
     unsigned initialized : 1;
-    enum rng_state rng_state : 2;
+    unsigned rng_state : 2;
     unsigned key_slots_initialized : 1;
 } psa_global_data_t;
 

From 3cac8c4d7839c11b5742ecb282f20aa19c2eab19 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 30 Nov 2018 14:07:45 +0100
Subject: [PATCH 833/889] Move declarations related to lifetimes further up in
 crypto.h

No content change. This is in preparation for declaring the slot
management functions, which need the type psa_key_lifetime_t.
---
 include/psa/crypto.h | 180 ++++++++++++++++++++++---------------------
 1 file changed, 92 insertions(+), 88 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 1ca64922e..282f90965 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1401,6 +1401,98 @@ typedef uint32_t psa_algorithm_t;
  * @{
  */
 
+/** Encoding of key lifetimes.
+ */
+typedef uint32_t psa_key_lifetime_t;
+
+/** Encoding of identifiers of persistent keys.
+ */
+typedef uint32_t psa_key_id_t;
+
+/** A volatile key slot retains its content as long as the application is
+ * running. It is guaranteed to be erased on a power reset.
+ */
+#define PSA_KEY_LIFETIME_VOLATILE               ((psa_key_lifetime_t)0x00000000)
+
+/** A persistent key slot retains its content as long as it is not explicitly
+ * destroyed.
+ */
+#define PSA_KEY_LIFETIME_PERSISTENT             ((psa_key_lifetime_t)0x00000001)
+
+/** A write-once key slot may not be modified once a key has been set.
+ * It will retain its content as long as the device remains operational.
+ */
+#define PSA_KEY_LIFETIME_WRITE_ONCE             ((psa_key_lifetime_t)0x7fffffff)
+
+/** \brief Retrieve the lifetime of a key slot.
+ *
+ * The assignment of lifetimes to slots is implementation-dependent.
+ *
+ * \param key           Slot to query.
+ * \param[out] lifetime On success, the lifetime value.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         The key slot is invalid.
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
+ */
+psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
+                                  psa_key_lifetime_t *lifetime);
+
+/** \brief Change the lifetime of a key slot.
+ *
+ * Whether the lifetime of a key slot can be changed at all, and if so
+ * whether the lifetime of an occupied key slot can be changed, is
+ * implementation-dependent.
+ *
+ * When creating a persistent key, you must call this function before creating
+ * the key material with psa_import_key(), psa_generate_key() or
+ * psa_generator_import_key(). To open an existing persistent key, you must
+ * call this function with the correct lifetime value before using the slot
+ * for a cryptographic operation. Once a slot's lifetime has been set,
+ * the lifetime remains associated with the slot until a subsequent call to
+ * psa_set_key_lifetime(), until the key is wiped with psa_destroy_key or
+ * until the application terminates (or disconnects from the cryptography
+ * service, if the implementation offers such a possibility).
+ *
+ * \param key           Slot whose lifetime is to be changed.
+ * \param lifetime      The lifetime value to set for the given key slot.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         The key slot is invalid,
+ *         or the lifetime value is invalid.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ *         The implementation does not support the specified lifetime value,
+ *         at least for the specified key slot.
+ * \retval #PSA_ERROR_OCCUPIED_SLOT
+ *         The slot contains a key, and the implementation does not support
+ *         changing the lifetime of an occupied slot.
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ *         The library has not been previously initialized by psa_crypto_init().
+ *         It is implementation-dependent whether a failure to initialize
+ *         results in this error code.
+ */
+psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
+                                  psa_key_lifetime_t lifetime);
+
+/**@}*/
+
+/** \defgroup import_export Key import and export
+ * @{
+ */
+
 /**
  * \brief Import a key in binary format.
  *
@@ -1872,94 +1964,6 @@ psa_status_t psa_get_key_policy(psa_key_slot_t key,
 
 /**@}*/
 
-/** \defgroup persistence Key lifetime
- * @{
- */
-
-/** Encoding of key lifetimes.
- */
-typedef uint32_t psa_key_lifetime_t;
-
-/** A volatile key slot retains its content as long as the application is
- * running. It is guaranteed to be erased on a power reset.
- */
-#define PSA_KEY_LIFETIME_VOLATILE               ((psa_key_lifetime_t)0x00000000)
-
-/** A persistent key slot retains its content as long as it is not explicitly
- * destroyed.
- */
-#define PSA_KEY_LIFETIME_PERSISTENT             ((psa_key_lifetime_t)0x00000001)
-
-/** A write-once key slot may not be modified once a key has been set.
- * It will retain its content as long as the device remains operational.
- */
-#define PSA_KEY_LIFETIME_WRITE_ONCE             ((psa_key_lifetime_t)0x7fffffff)
-
-/** \brief Retrieve the lifetime of a key slot.
- *
- * The assignment of lifetimes to slots is implementation-dependent.
- *
- * \param key           Slot to query.
- * \param[out] lifetime On success, the lifetime value.
- *
- * \retval #PSA_SUCCESS
- *         Success.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         The key slot is invalid.
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_TAMPERING_DETECTED
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
- *         It is implementation-dependent whether a failure to initialize
- *         results in this error code.
- */
-psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
-                                  psa_key_lifetime_t *lifetime);
-
-/** \brief Change the lifetime of a key slot.
- *
- * Whether the lifetime of a key slot can be changed at all, and if so
- * whether the lifetime of an occupied key slot can be changed, is
- * implementation-dependent.
- *
- * When creating a persistent key, you must call this function before creating
- * the key material with psa_import_key(), psa_generate_key() or
- * psa_generator_import_key(). To open an existing persistent key, you must
- * call this function with the correct lifetime value before using the slot
- * for a cryptographic operation. Once a slot's lifetime has been set,
- * the lifetime remains associated with the slot until a subsequent call to
- * psa_set_key_lifetime(), until the key is wiped with psa_destroy_key or
- * until the application terminates (or disconnects from the cryptography
- * service, if the implementation offers such a possibility).
- *
- * \param key           Slot whose lifetime is to be changed.
- * \param lifetime      The lifetime value to set for the given key slot.
- *
- * \retval #PSA_SUCCESS
- *         Success.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         The key slot is invalid,
- *         or the lifetime value is invalid.
- * \retval #PSA_ERROR_NOT_SUPPORTED
- *         The implementation does not support the specified lifetime value,
- *         at least for the specified key slot.
- * \retval #PSA_ERROR_OCCUPIED_SLOT
- *         The slot contains a key, and the implementation does not support
- *         changing the lifetime of an occupied slot.
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_TAMPERING_DETECTED
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
- *         It is implementation-dependent whether a failure to initialize
- *         results in this error code.
- */
-psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
-                                  psa_key_lifetime_t lifetime);
-
-/**@}*/
-
 /** \defgroup hash Message digests
  * @{
  */

From f535eb2e616593807cf879914ba926a97cbe92cb Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 30 Nov 2018 14:08:36 +0100
Subject: [PATCH 834/889] Declare the new slot management functions in crypto.h

No changes to existing functions.
---
 include/psa/crypto.h          | 125 ++++++++++++++++++++++++++++++++++
 include/psa/crypto_platform.h |   3 +
 2 files changed, 128 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 282f90965..432ce6a8e 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -314,6 +314,10 @@ typedef int32_t psa_status_t;
  * generator will always return this error. */
 #define PSA_ERROR_INSUFFICIENT_CAPACITY ((psa_status_t)18)
 
+/** The key handle is not valid.
+ */
+#define PSA_ERROR_INVALID_HANDLE        ((psa_status_t)19)
+
 /**
  * \brief Library initialization.
  *
@@ -1487,6 +1491,127 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
 psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
                                   psa_key_lifetime_t lifetime);
 
+/** Allocate a key slot for a transient key, i.e. a key which is only stored
+ * in volatile memory.
+ *
+ * The allocated key slot and its handle remain valid until the
+ * application calls psa_close_key() or psa_destroy_key() or until the
+ * application terminates.
+ *
+ * This function takes a key type and maximum size as arguments so that
+ * the implementation can reserve a corresponding amount of memory.
+ * Implementations are not required to enforce this limit: if the application
+ * later tries to create a larger key or a key of a different type, it
+ * is implementation-defined whether this may succeed.
+ *
+ * \param type          The type of key that the slot will contain.
+ * \param max_bits      The maximum key size that the slot will contain.
+ * \param[out] handle   On success, a handle to a volatile key slot.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success. The application can now use the value of `*handle`
+ *         to access the newly allocated key slot.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ *         There was not enough memory, or the maximum number of key slots
+ *         has been reached.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         This implementation does not support this key type.
+ */
+
+psa_status_t psa_allocate_key(psa_key_type_t type,
+                              size_t max_bits,
+                              psa_key_handle_t *handle);
+
+/** Open a handle to an existing persistent key.
+ *
+ * Open a handle to a key which was previously created with psa_create_key().
+ *
+ * \param lifetime      The lifetime of the key. This designates a storage
+ *                      area where the key material is stored. This must not
+ *                      be #PSA_KEY_LIFETIME_VOLATILE.
+ * \param id            The persistent identifier of the key.
+ * \param[out] handle   On success, a handle to a key slot which contains
+ *                      the data and metadata loaded from the specified
+ *                      persistent location.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success. The application can now use the value of `*handle`
+ *         to access the newly allocated key slot.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_EMPTY_SLOT
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         \p lifetime is invalid, for example #PSA_KEY_LIFETIME_VOLATILE.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         \p id is invalid for the specified lifetime.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ *         \p lifetime is not supported.
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ *         The specified key exists, but the application does not have the
+ *         permission to access it. Note that this specification does not
+ *         define any way to create such a key, but it may be possible
+ *         through implementation-specific means.
+ */
+psa_status_t psa_open_key(psa_key_lifetime_t lifetime,
+                          psa_key_id_t id,
+                          psa_key_handle_t *handle);
+
+/** Create a new persistent key slot.
+ *
+ * Create a new persistent key slot and return a handle to it. The handle
+ * remains valid until the application calls psa_close_key() or terminates.
+ * The application can open the key again with psa_open_key() until it
+ * removes the key by calling psa_destroy_key().
+ *
+ * \param lifetime      The lifetime of the key. This designates a storage
+ *                      area where the key material is stored. This must not
+ *                      be #PSA_KEY_LIFETIME_VOLATILE.
+ * \param id            The persistent identifier of the key.
+ * \param type          The type of key that the slot will contain.
+ * \param max_bits      The maximum key size that the slot will contain.
+ * \param[out] handle   On success, a handle to the newly created key slot.
+ *                      When key material is later created in this key slot,
+ *                      it will be saved to the specified persistent location.
+ *
+ * \retval #PSA_SUCCESS
+ *         Success. The application can now use the value of `*handle`
+ *         to access the newly allocated key slot.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
+ * \retval #PSA_ERROR_OCCUPIED_SLOT
+ *         There is already a key with the identifier \p id in the storage
+ *         area designated by \p lifetime.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         \p lifetime is invalid, for example #PSA_KEY_LIFETIME_VOLATILE.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         \p id is invalid for the specified lifetime.
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ *         \p lifetime is not supported.
+ * \retval #PSA_ERROR_NOT_PERMITTED
+ *         \p lifetime is valid, but the application does not have the
+ *         permission to create a key there.
+ */
+psa_status_t psa_create_key(psa_key_lifetime_t lifetime,
+                            psa_key_id_t id,
+                            psa_key_type_t type,
+                            size_t max_bits,
+                            psa_key_handle_t *handle);
+
+/** Close a key handle.
+ *
+ * If the handle designates a volatile key, destroy the key material and
+ * free all associated resources, just like psa_destroy_key().
+ *
+ * If the handle designates a persistent key, free all resources associated
+ * with the key in volatile memory. The key slot in persistent storage is
+ * not affected and can be opened again later with psa_open_key().
+ *
+ * \param handle        The key handle to close.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ */
+psa_status_t psa_close_key(psa_key_handle_t handle);
+
 /**@}*/
 
 /** \defgroup import_export Key import and export
diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h
index 9af320d1e..c20396619 100644
--- a/include/psa/crypto_platform.h
+++ b/include/psa/crypto_platform.h
@@ -49,4 +49,7 @@
 /* Integral type representing a key slot number. */
 typedef uint16_t psa_key_slot_t;
 
+/* Integral type representing a key handle. */
+typedef uint16_t psa_key_handle_t;
+
 #endif /* PSA_CRYPTO_PLATFORM_H */

From 644cd5fd8977ed0a0eaa8dbd1cc6f66dc4865446 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 11 Dec 2018 16:47:35 +0100
Subject: [PATCH 835/889] Linkify some macros that were just typeset as text

---
 include/psa/crypto.h | 52 ++++++++++++++++++++++----------------------
 1 file changed, 26 insertions(+), 26 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 432ce6a8e..0e57972cc 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -3266,9 +3266,9 @@ static psa_crypto_generator_t psa_crypto_generator_init(void);
  * \param[in] generator     The generator to query.
  * \param[out] capacity     On success, the capacity of the generator.
  *
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_BAD_STATE
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BAD_STATE
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  */
 psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator,
                                         size_t *capacity);
@@ -3284,19 +3284,19 @@ psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator,
  *                          written.
  * \param output_length     Number of bytes to output.
  *
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_INSUFFICIENT_CAPACITY
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INSUFFICIENT_CAPACITY
  *                          There were fewer than \p output_length bytes
  *                          in the generator. Note that in this case, no
  *                          output is written to the output buffer.
  *                          The generator's capacity is set to 0, thus
  *                          subsequent calls to this function will not
  *                          succeed, even with a smaller output buffer.
- * \retval PSA_ERROR_BAD_STATE
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_BAD_STATE
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_generator_read(psa_crypto_generator_t *generator,
                                 uint8_t *output,
@@ -3322,28 +3322,28 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator,
  * \param bits              Key size in bits.
  * \param[in,out] generator The generator object to read from.
  *
- * \retval PSA_SUCCESS
+ * \retval #PSA_SUCCESS
  *         Success.
- * \retval PSA_ERROR_INSUFFICIENT_CAPACITY
+ * \retval #PSA_ERROR_INSUFFICIENT_CAPACITY
  *                          There were fewer than \p output_length bytes
  *                          in the generator. Note that in this case, no
  *                          output is written to the output buffer.
  *                          The generator's capacity is set to 0, thus
  *                          subsequent calls to this function will not
  *                          succeed, even with a smaller output buffer.
- * \retval PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_NOT_SUPPORTED
  *         The key type or key size is not supported, either by the
  *         implementation in general or in this particular slot.
- * \retval PSA_ERROR_BAD_STATE
- * \retval PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_BAD_STATE
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         The key slot is invalid.
- * \retval PSA_ERROR_OCCUPIED_SLOT
+ * \retval #PSA_ERROR_OCCUPIED_SLOT
  *         There is already a key in the specified slot.
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval PSA_ERROR_INSUFFICIENT_STORAGE
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_INSUFFICIENT_STORAGE
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
@@ -3370,11 +3370,11 @@ psa_status_t psa_generator_import_key(psa_key_slot_t key,
  *
  * \param[in,out] generator    The generator to abort.
  *
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_BAD_STATE
- * \retval PSA_ERROR_COMMUNICATION_FAILURE
- * \retval PSA_ERROR_HARDWARE_FAILURE
- * \retval PSA_ERROR_TAMPERING_DETECTED
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_BAD_STATE
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
+ * \retval #PSA_ERROR_HARDWARE_FAILURE
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_generator_abort(psa_crypto_generator_t *generator);
 

From ae32aac48e7181f1e2bddb5bac77d6270a56a825 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 30 Nov 2018 14:39:32 +0100
Subject: [PATCH 836/889] Switch function declarations from key slots to key
 handles

Replace `psa_key_slot_t key` by `psa_key_handle_t` in function
declarations.

This is a transition period during which handles are key slot numbers
and the whole library can still be used by accessing a key slot number
without allocating a handle.
---
 include/psa/crypto.h | 173 ++++++++++++++++++++++++-------------------
 1 file changed, 97 insertions(+), 76 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 0e57972cc..6807c73f3 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -36,19 +36,15 @@
  * @{
  */
 
-/** \brief Key slot number.
+/** \brief Key handle.
  *
- * This type represents key slots. It must be an unsigned integral
+ * This type represents open handles to keys. It must be an unsigned integral
  * type. The choice of type is implementation-dependent.
+ *
  * 0 is not a valid key slot number. The meaning of other values is
  * implementation dependent.
- *
- * At any given point in time, each key slot either contains a
- * cryptographic object, or is empty. Key slots are persistent:
- * once set, the cryptographic object remains in the key slot until
- * explicitly destroyed.
  */
-typedef _unsigned_integral_type_ psa_key_slot_t;
+typedef _unsigned_integral_type_ psa_key_handle_t;
 
 /**@}*/
 #endif /* __DOXYGEN_ONLY__ */
@@ -1428,17 +1424,14 @@ typedef uint32_t psa_key_id_t;
  */
 #define PSA_KEY_LIFETIME_WRITE_ONCE             ((psa_key_lifetime_t)0x7fffffff)
 
-/** \brief Retrieve the lifetime of a key slot.
+/** \brief Retrieve the lifetime of an open key.
  *
- * The assignment of lifetimes to slots is implementation-dependent.
- *
- * \param key           Slot to query.
+ * \param handle        Handle to query.
  * \param[out] lifetime On success, the lifetime value.
  *
  * \retval #PSA_SUCCESS
  *         Success.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         The key slot is invalid.
+ * \retval #PSA_ERROR_INVALID_HANDLE
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
@@ -1447,7 +1440,7 @@ typedef uint32_t psa_key_id_t;
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
-psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
+psa_status_t psa_get_key_lifetime(psa_key_handle_t handle,
                                   psa_key_lifetime_t *lifetime);
 
 /** \brief Change the lifetime of a key slot.
@@ -1488,7 +1481,7 @@ psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
-psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
+psa_status_t psa_set_key_lifetime(psa_key_handle_t key,
                                   psa_key_lifetime_t lifetime);
 
 /** Allocate a key slot for a transient key, i.e. a key which is only stored
@@ -1609,6 +1602,7 @@ psa_status_t psa_create_key(psa_key_lifetime_t lifetime,
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  */
 psa_status_t psa_close_key(psa_key_handle_t handle);
 
@@ -1633,9 +1627,12 @@ psa_status_t psa_close_key(psa_key_handle_t handle);
  * minimize the risk that an invalid input is accidentally interpreted
  * according to a different format.
  *
- * \param key         Slot where the key will be stored. This must be a
- *                    valid slot for a key of the chosen type. It must
- *                    be unoccupied.
+ * \param handle      Handle to the slot where the key will be stored.
+ *                    This must be a valid slot for a key of the chosen
+ *                    type: it must have been obtained by calling
+ *                    psa_allocate_key() or psa_create_key() with the
+ *                    correct \p type and with a maximum size that is
+ *                    compatible with \p data.
  * \param type        Key type (a \c PSA_KEY_TYPE_XXX value). On a successful
  *                    import, the key slot will contain a key of this type.
  * \param[in] data    Buffer containing the key data. The content of this
@@ -1647,6 +1644,7 @@ psa_status_t psa_close_key(psa_key_handle_t handle);
  *
  * \retval #PSA_SUCCESS
  *         Success.
+ * \retval #PSA_ERROR_INVALID_HANDLE
  * \retval #PSA_ERROR_NOT_SUPPORTED
  *         The key type or key size is not supported, either by the
  *         implementation in general or in this particular slot.
@@ -1666,31 +1664,30 @@ psa_status_t psa_close_key(psa_key_handle_t handle);
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
-psa_status_t psa_import_key(psa_key_slot_t key,
+psa_status_t psa_import_key(psa_key_handle_t handle,
                             psa_key_type_t type,
                             const uint8_t *data,
                             size_t data_length);
 
 /**
- * \brief Destroy a key and restore the slot to its default state.
+ * \brief Destroy a key.
  *
  * This function destroys the content of the key slot from both volatile
  * memory and, if applicable, non-volatile storage. Implementations shall
  * make a best effort to ensure that any previous content of the slot is
  * unrecoverable.
  *
- * This function also erases any metadata such as policies. It returns the
- * specified slot to its default state.
+ * This function also erases any metadata such as policies and frees all
+ * resources associated with the key.
  *
- * \param key           The key slot to erase.
+ * \param handle        Handle to the key slot to erase.
  *
  * \retval #PSA_SUCCESS
  *         The slot's content, if any, has been erased.
  * \retval #PSA_ERROR_NOT_PERMITTED
  *         The slot holds content and cannot be erased because it is
  *         read-only, either due to a policy or due to physical restrictions.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         The specified slot number does not designate a valid slot.
+ * \retval #PSA_ERROR_INVALID_HANDLE
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  *         There was an failure in communication with the cryptoprocessor.
  *         The key material may still be present in the cryptoprocessor.
@@ -1708,13 +1705,12 @@ psa_status_t psa_import_key(psa_key_slot_t key,
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
-psa_status_t psa_destroy_key(psa_key_slot_t key);
+psa_status_t psa_destroy_key(psa_key_handle_t handle);
 
 /**
  * \brief Get basic metadata about a key.
  *
- * \param key           Slot whose content is queried. This must
- *                      be an occupied key slot.
+ * \param handle        Handle to the key slot to query.
  * \param[out] type     On success, the key type (a \c PSA_KEY_TYPE_XXX value).
  *                      This may be a null pointer, in which case the key type
  *                      is not written.
@@ -1723,7 +1719,9 @@ psa_status_t psa_destroy_key(psa_key_slot_t key);
  *                      is not written.
  *
  * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_HANDLE
  * \retval #PSA_ERROR_EMPTY_SLOT
+ *         The handle is to a key slot which does not contain key material yet.
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
@@ -1732,7 +1730,7 @@ psa_status_t psa_destroy_key(psa_key_slot_t key);
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
-psa_status_t psa_get_key_information(psa_key_slot_t key,
+psa_status_t psa_get_key_information(psa_key_handle_t handle,
                                      psa_key_type_t *type,
                                      size_t *bits);
 
@@ -1798,14 +1796,14 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  * - For public keys (key types for which #PSA_KEY_TYPE_IS_PUBLIC_KEY is
  *   true), the format is the same as for psa_export_public_key().
  *
- * \param key               Slot whose content is to be exported. This must
- *                          be an occupied key slot.
+ * \param handle            Handle to the key to export.
  * \param[out] data         Buffer where the key data is to be written.
  * \param data_size         Size of the \p data buffer in bytes.
  * \param[out] data_length  On success, the number of bytes
  *                          that make up the key data.
  *
  * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_HANDLE
  * \retval #PSA_ERROR_EMPTY_SLOT
  * \retval #PSA_ERROR_NOT_PERMITTED
  * \retval #PSA_ERROR_NOT_SUPPORTED
@@ -1823,7 +1821,7 @@ psa_status_t psa_get_key_information(psa_key_slot_t key,
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
-psa_status_t psa_export_key(psa_key_slot_t key,
+psa_status_t psa_export_key(psa_key_handle_t handle,
                             uint8_t *data,
                             size_t data_size,
                             size_t *data_length);
@@ -1900,14 +1898,14 @@ psa_status_t psa_export_key(psa_key_slot_t key,
  *      namedCurve    OBJECT IDENTIFIER }
  *   ```
  *
- * \param key               Slot whose content is to be exported. This must
- *                          be an occupied key slot.
+ * \param handle            Handle to the key to export.
  * \param[out] data         Buffer where the key data is to be written.
  * \param data_size         Size of the \p data buffer in bytes.
  * \param[out] data_length  On success, the number of bytes
  *                          that make up the key data.
  *
  * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_HANDLE
  * \retval #PSA_ERROR_EMPTY_SLOT
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         The key is neither a public key nor a key pair.
@@ -1926,7 +1924,7 @@ psa_status_t psa_export_key(psa_key_slot_t key,
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
-psa_status_t psa_export_public_key(psa_key_slot_t key,
+psa_status_t psa_export_public_key(psa_key_handle_t handle,
                                    uint8_t *data,
                                    size_t data_size,
                                    size_t *data_length);
@@ -2052,10 +2050,11 @@ psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy);
  * Implementations may set restrictions on supported key policies
  * depending on the key type and the key slot.
  *
- * \param key           The key slot whose policy is to be changed.
+ * \param handle        Handle to the key whose policy is to be changed.
  * \param[in] policy    The policy object to query.
  *
  * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_HANDLE
  * \retval #PSA_ERROR_OCCUPIED_SLOT
  * \retval #PSA_ERROR_NOT_SUPPORTED
  * \retval #PSA_ERROR_INVALID_ARGUMENT
@@ -2067,15 +2066,16 @@ psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy);
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
-psa_status_t psa_set_key_policy(psa_key_slot_t key,
+psa_status_t psa_set_key_policy(psa_key_handle_t handle,
                                 const psa_key_policy_t *policy);
 
 /** \brief Get the usage policy for a key slot.
  *
- * \param key           The key slot whose policy is being queried.
+ * \param handle        Handle to the key slot whose policy is being queried.
  * \param[out] policy   On success, the key's policy.
  *
  * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_HANDLE
  * \retval #PSA_ERROR_COMMUNICATION_FAILURE
  * \retval #PSA_ERROR_HARDWARE_FAILURE
  * \retval #PSA_ERROR_TAMPERING_DETECTED
@@ -2084,7 +2084,7 @@ psa_status_t psa_set_key_policy(psa_key_slot_t key,
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
-psa_status_t psa_get_key_policy(psa_key_slot_t key,
+psa_status_t psa_get_key_policy(psa_key_handle_t handle,
                                 psa_key_policy_t *policy);
 
 /**@}*/
@@ -2341,12 +2341,13 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
  * - A call to psa_mac_sign_finish() or psa_mac_abort().
  *
  * \param[out] operation    The operation object to use.
- * \param key               Slot containing the key to use for the operation.
+ * \param handle            Handle to the key to use for the operation.
  * \param alg               The MAC algorithm to compute (\c PSA_ALG_XXX value
  *                          such that #PSA_ALG_IS_MAC(alg) is true).
  *
  * \retval #PSA_SUCCESS
  *         Success.
+ * \retval #PSA_ERROR_INVALID_HANDLE
  * \retval #PSA_ERROR_EMPTY_SLOT
  * \retval #PSA_ERROR_NOT_PERMITTED
  * \retval #PSA_ERROR_INVALID_ARGUMENT
@@ -2363,7 +2364,7 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
  *         results in this error code.
  */
 psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
-                                psa_key_slot_t key,
+                                psa_key_handle_t handle,
                                 psa_algorithm_t alg);
 
 /** Start a multipart MAC verification operation.
@@ -2393,12 +2394,13 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
  * - A call to psa_mac_verify_finish() or psa_mac_abort().
  *
  * \param[out] operation    The operation object to use.
- * \param key               Slot containing the key to use for the operation.
+ * \param handle            Handle to the key to use for the operation.
  * \param alg               The MAC algorithm to compute (\c PSA_ALG_XXX value
  *                          such that #PSA_ALG_IS_MAC(\p alg) is true).
  *
  * \retval #PSA_SUCCESS
  *         Success.
+ * \retval #PSA_ERROR_INVALID_HANDLE
  * \retval #PSA_ERROR_EMPTY_SLOT
  * \retval #PSA_ERROR_NOT_PERMITTED
  * \retval #PSA_ERROR_INVALID_ARGUMENT
@@ -2415,7 +2417,7 @@ psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation,
  *         results in this error code.
  */
 psa_status_t psa_mac_verify_setup(psa_mac_operation_t *operation,
-                                  psa_key_slot_t key,
+                                  psa_key_handle_t handle,
                                   psa_algorithm_t alg);
 
 /** Add a message fragment to a multipart MAC operation.
@@ -2592,13 +2594,14 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
  * - A call to psa_cipher_finish() or psa_cipher_abort().
  *
  * \param[out] operation        The operation object to use.
- * \param key                   Slot containing the key to use for the operation.
+ * \param handle                Handle to the key to use for the operation.
  * \param alg                   The cipher algorithm to compute
  *                              (\c PSA_ALG_XXX value such that
  *                              #PSA_ALG_IS_CIPHER(\p alg) is true).
  *
  * \retval #PSA_SUCCESS
  *         Success.
+ * \retval #PSA_ERROR_INVALID_HANDLE
  * \retval #PSA_ERROR_EMPTY_SLOT
  * \retval #PSA_ERROR_NOT_PERMITTED
  * \retval #PSA_ERROR_INVALID_ARGUMENT
@@ -2615,7 +2618,7 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
  *         results in this error code.
  */
 psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
-                                      psa_key_slot_t key,
+                                      psa_key_handle_t handle,
                                       psa_algorithm_t alg);
 
 /** Set the key for a multipart symmetric decryption operation.
@@ -2645,13 +2648,14 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
  * - A call to psa_cipher_finish() or psa_cipher_abort().
  *
  * \param[out] operation        The operation object to use.
- * \param key                   Slot containing the key to use for the operation.
+ * \param handle                Handle to the key to use for the operation.
  * \param alg                   The cipher algorithm to compute
  *                              (\c PSA_ALG_XXX value such that
  *                              #PSA_ALG_IS_CIPHER(\p alg) is true).
  *
  * \retval #PSA_SUCCESS
  *         Success.
+ * \retval #PSA_ERROR_INVALID_HANDLE
  * \retval #PSA_ERROR_EMPTY_SLOT
  * \retval #PSA_ERROR_NOT_PERMITTED
  * \retval #PSA_ERROR_INVALID_ARGUMENT
@@ -2668,7 +2672,7 @@ psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
  *         results in this error code.
  */
 psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
-                                      psa_key_slot_t key,
+                                      psa_key_handle_t handle,
                                       psa_algorithm_t alg);
 
 /** Generate an IV for a symmetric encryption operation.
@@ -2871,7 +2875,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
 
 /** Process an authenticated encryption operation.
  *
- * \param key                     Slot containing the key to use.
+ * \param handle                  Handle to the key to use for the operation.
  * \param alg                     The AEAD algorithm to compute
  *                                (\c PSA_ALG_XXX value such that
  *                                #PSA_ALG_IS_AEAD(\p alg) is true).
@@ -2899,6 +2903,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
  *
  * \retval #PSA_SUCCESS
  *         Success.
+ * \retval #PSA_ERROR_INVALID_HANDLE
  * \retval #PSA_ERROR_EMPTY_SLOT
  * \retval #PSA_ERROR_NOT_PERMITTED
  * \retval #PSA_ERROR_INVALID_ARGUMENT
@@ -2914,7 +2919,7 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
-psa_status_t psa_aead_encrypt(psa_key_slot_t key,
+psa_status_t psa_aead_encrypt(psa_key_handle_t handle,
                               psa_algorithm_t alg,
                               const uint8_t *nonce,
                               size_t nonce_length,
@@ -2928,7 +2933,7 @@ psa_status_t psa_aead_encrypt(psa_key_slot_t key,
 
 /** Process an authenticated decryption operation.
  *
- * \param key                     Slot containing the key to use.
+ * \param handle                  Handle to the key to use for the operation.
  * \param alg                     The AEAD algorithm to compute
  *                                (\c PSA_ALG_XXX value such that
  *                                #PSA_ALG_IS_AEAD(\p alg) is true).
@@ -2954,6 +2959,7 @@ psa_status_t psa_aead_encrypt(psa_key_slot_t key,
  *
  * \retval #PSA_SUCCESS
  *         Success.
+ * \retval #PSA_ERROR_INVALID_HANDLE
  * \retval #PSA_ERROR_EMPTY_SLOT
  * \retval #PSA_ERROR_INVALID_SIGNATURE
  *         The ciphertext is not authentic.
@@ -2971,7 +2977,7 @@ psa_status_t psa_aead_encrypt(psa_key_slot_t key,
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
-psa_status_t psa_aead_decrypt(psa_key_slot_t key,
+psa_status_t psa_aead_decrypt(psa_key_handle_t handle,
                               psa_algorithm_t alg,
                               const uint8_t *nonce,
                               size_t nonce_length,
@@ -3009,7 +3015,8 @@ psa_status_t psa_aead_decrypt(psa_key_slot_t key,
  * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg)
  * to determine the hash algorithm to use.
  *
- * \param key                   Key slot containing an asymmetric key pair.
+ * \param handle                Handle to the key to use for the operation.
+ *                              It must be an asymmetric key pair.
  * \param alg                   A signature algorithm that is compatible with
  *                              the type of \p key.
  * \param[in] hash              The hash or message to sign.
@@ -3038,7 +3045,7 @@ psa_status_t psa_aead_decrypt(psa_key_slot_t key,
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
-psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
+psa_status_t psa_asymmetric_sign(psa_key_handle_t handle,
                                  psa_algorithm_t alg,
                                  const uint8_t *hash,
                                  size_t hash_length,
@@ -3055,8 +3062,8 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
  * parameter to this function. You can use #PSA_ALG_SIGN_GET_HASH(\p alg)
  * to determine the hash algorithm to use.
  *
- * \param key               Key slot containing a public key or an
- *                          asymmetric key pair.
+ * \param handle            Handle to the key to use for the operation.
+ *                          It must be a public key or an asymmetric key pair.
  * \param alg               A signature algorithm that is compatible with
  *                          the type of \p key.
  * \param[in] hash          The hash or message whose signature is to be
@@ -3081,7 +3088,7 @@ psa_status_t psa_asymmetric_sign(psa_key_slot_t key,
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
-psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
+psa_status_t psa_asymmetric_verify(psa_key_handle_t handle,
                                    psa_algorithm_t alg,
                                    const uint8_t *hash,
                                    size_t hash_length,
@@ -3096,8 +3103,9 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
 /**
  * \brief Encrypt a short message with a public key.
  *
- * \param key                   Key slot containing a public key or an
- *                              asymmetric key pair.
+ * \param handle                Handle to the key to use for the operation.
+ *                              It must be a public key or an asymmetric
+ *                              key pair.
  * \param alg                   An asymmetric encryption algorithm that is
  *                              compatible with the type of \p key.
  * \param[in] input             The message to encrypt.
@@ -3139,7 +3147,7 @@ psa_status_t psa_asymmetric_verify(psa_key_slot_t key,
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
-psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
+psa_status_t psa_asymmetric_encrypt(psa_key_handle_t handle,
                                     psa_algorithm_t alg,
                                     const uint8_t *input,
                                     size_t input_length,
@@ -3152,7 +3160,8 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
 /**
  * \brief Decrypt a short message with a private key.
  *
- * \param key                   Key slot containing an asymmetric key pair.
+ * \param handle                Handle to the key to use for the operation.
+ *                              It must be an asymmetric key pair.
  * \param alg                   An asymmetric encryption algorithm that is
  *                              compatible with the type of \p key.
  * \param[in] input             The message to decrypt.
@@ -3195,7 +3204,7 @@ psa_status_t psa_asymmetric_encrypt(psa_key_slot_t key,
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
-psa_status_t psa_asymmetric_decrypt(psa_key_slot_t key,
+psa_status_t psa_asymmetric_decrypt(psa_key_handle_t handle,
                                     psa_algorithm_t alg,
                                     const uint8_t *input,
                                     size_t input_length,
@@ -3314,9 +3323,13 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator,
  * if the implementation provides an isolation boundary then
  * the key material is not exposed outside the isolation boundary.
  *
- * \param key               Slot where the key will be stored. This must be a
- *                          valid slot for a key of the chosen type. It must
- *                          be unoccupied.
+ * \param handle            Handle to the slot where the key will be stored.
+ *                          This must be a valid slot for a key of the chosen
+ *                          type: it must have been obtained by calling
+ *                          psa_allocate_key() or psa_create_key() with the
+ *                          correct \p type and with a maximum size that is
+ *                          compatible with \p bits.
+ *                          It must not contain any key material yet.
  * \param type              Key type (a \c PSA_KEY_TYPE_XXX value).
  *                          This must be a symmetric key type.
  * \param bits              Key size in bits.
@@ -3335,8 +3348,7 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator,
  *         The key type or key size is not supported, either by the
  *         implementation in general or in this particular slot.
  * \retval #PSA_ERROR_BAD_STATE
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         The key slot is invalid.
+ * \retval #PSA_ERROR_INVALID_HANDLE
  * \retval #PSA_ERROR_OCCUPIED_SLOT
  *         There is already a key in the specified slot.
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@@ -3349,7 +3361,7 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator,
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
-psa_status_t psa_generator_import_key(psa_key_slot_t key,
+psa_status_t psa_generator_import_key(psa_key_handle_t handle,
                                       psa_key_type_t type,
                                       size_t bits,
                                       psa_crypto_generator_t *generator);
@@ -3409,7 +3421,7 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator);
  *                                a logical zero (`{0}`),
  *                                \c PSA_CRYPTO_GENERATOR_INIT or
  *                                psa_crypto_generator_init().
- * \param key                     Slot containing the secret key to use.
+ * \param handle                  Handle to the secret key.
  * \param alg                     The key derivation algorithm to compute
  *                                (\c PSA_ALG_XXX value such that
  *                                #PSA_ALG_IS_KEY_DERIVATION(\p alg) is true).
@@ -3422,6 +3434,7 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator);
  *
  * \retval #PSA_SUCCESS
  *         Success.
+ * \retval #PSA_ERROR_INVALID_HANDLE
  * \retval #PSA_ERROR_EMPTY_SLOT
  * \retval #PSA_ERROR_NOT_PERMITTED
  * \retval #PSA_ERROR_INVALID_ARGUMENT
@@ -3439,7 +3452,7 @@ psa_status_t psa_generator_abort(psa_crypto_generator_t *generator);
  *         results in this error code.
  */
 psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
-                                psa_key_slot_t key,
+                                psa_key_handle_t handle,
                                 psa_algorithm_t alg,
                                 const uint8_t *salt,
                                 size_t salt_length,
@@ -3462,7 +3475,7 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
  *                                a logical zero (`{0}`),
  *                                \c PSA_CRYPTO_GENERATOR_INIT or
  *                                psa_crypto_generator_init().
- * \param private_key             Slot containing the private key to use.
+ * \param private_key             Handle to the private key to use.
  * \param[in] peer_key            Public key of the peer. It must be
  *                                in the same format that psa_import_key()
  *                                accepts. The standard formats for public
@@ -3475,6 +3488,7 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
  *
  * \retval #PSA_SUCCESS
  *         Success.
+ * \retval #PSA_ERROR_INVALID_HANDLE
  * \retval #PSA_ERROR_EMPTY_SLOT
  * \retval #PSA_ERROR_NOT_PERMITTED
  * \retval #PSA_ERROR_INVALID_ARGUMENT
@@ -3489,7 +3503,7 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_key_agreement(psa_crypto_generator_t *generator,
-                               psa_key_slot_t private_key,
+                               psa_key_handle_t private_key,
                                const uint8_t *peer_key,
                                size_t peer_key_length,
                                psa_algorithm_t alg);
@@ -3538,9 +3552,13 @@ typedef struct {
 /**
  * \brief Generate a key or key pair.
  *
- * \param key               Slot where the key will be stored. This must be a
- *                          valid slot for a key of the chosen type. It must
- *                          be unoccupied.
+ * \param handle            Handle to the slot where the key will be stored.
+ *                          This must be a valid slot for a key of the chosen
+ *                          type: it must have been obtained by calling
+ *                          psa_allocate_key() or psa_create_key() with the
+ *                          correct \p type and with a maximum size that is
+ *                          compatible with \p bits.
+ *                          It must not contain any key material yet.
  * \param type              Key type (a \c PSA_KEY_TYPE_XXX value).
  * \param bits              Key size in bits.
  * \param[in] extra         Extra parameters for key generation. The
@@ -3569,6 +3587,9 @@ typedef struct {
  *                          \c NULL then \p extra_size must be zero.
  *
  * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_OCCUPIED_SLOT
+ *         There is already a key in the specified slot.
  * \retval #PSA_ERROR_NOT_SUPPORTED
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@@ -3581,7 +3602,7 @@ typedef struct {
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
-psa_status_t psa_generate_key(psa_key_slot_t key,
+psa_status_t psa_generate_key(psa_key_handle_t handle,
                               psa_key_type_t type,
                               size_t bits,
                               const void *extra,

From 69f976b1d6cf55801e5a268296131ffabef5219b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 30 Nov 2018 18:46:56 +0100
Subject: [PATCH 837/889] Distinguish in-memory slot number from in-storage
 slot identifier

At the moment, the in-storage slot identifier is the in-memory slot
number. But track them separately, to prepare for API changes that
will let them be different (psa_open_key, psa_create_key).
---
 library/psa_crypto.c | 24 ++++++++++++++----------
 1 file changed, 14 insertions(+), 10 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 7415a9a4f..24ad06d38 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -126,6 +126,7 @@ typedef struct
     psa_key_type_t type;
     psa_key_policy_t policy;
     psa_key_lifetime_t lifetime;
+    psa_key_id_t persistent_storage_id;
     union
     {
         struct raw_data
@@ -720,14 +721,14 @@ static psa_status_t psa_import_key_into_slot( key_slot_t *slot,
 }
 
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t key,
-                                                       key_slot_t *p_slot )
+static psa_status_t psa_load_persistent_key_into_slot( key_slot_t *p_slot )
 {
     psa_status_t status = PSA_SUCCESS;
     uint8_t *key_data = NULL;
     size_t key_data_length = 0;
 
-    status = psa_load_persistent_key( key, &( p_slot )->type,
+    status = psa_load_persistent_key( p_slot->persistent_storage_id,
+                                      &( p_slot )->type,
                                       &( p_slot )->policy, &key_data,
                                       &key_data_length );
     if( status != PSA_SUCCESS )
@@ -763,7 +764,7 @@ static psa_status_t psa_get_key_slot( psa_key_slot_t key,
         if( ( *p_slot )->type == PSA_KEY_TYPE_NONE )
         {
             psa_status_t status = PSA_SUCCESS;
-            status = psa_load_persistent_key_into_slot( key, *p_slot );
+            status = psa_load_persistent_key_into_slot( *p_slot );
             if( status != PSA_ERROR_EMPTY_SLOT )
                 return( status );
         }
@@ -889,7 +890,8 @@ psa_status_t psa_import_key( psa_key_slot_t key,
     if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT )
     {
         /* Store in file location */
-        status = psa_save_persistent_key( key, slot->type, &slot->policy, data,
+        status = psa_save_persistent_key( slot->persistent_storage_id,
+                                          slot->type, &slot->policy, data,
                                           data_length );
         if( status != PSA_SUCCESS )
         {
@@ -914,7 +916,8 @@ psa_status_t psa_destroy_key( psa_key_slot_t key )
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
     if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT )
     {
-        storage_status = psa_destroy_persistent_key( key );
+        storage_status =
+            psa_destroy_persistent_key( slot->persistent_storage_id );
     }
 #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
     status = psa_remove_key_data_from_memory( slot );
@@ -1121,8 +1124,7 @@ psa_status_t psa_export_public_key( psa_key_slot_t key,
 }
 
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-static psa_status_t psa_save_generated_persistent_key( psa_key_slot_t key,
-                                                       key_slot_t *slot,
+static psa_status_t psa_save_generated_persistent_key( key_slot_t *slot,
                                                        size_t bits )
 {
     psa_status_t status;
@@ -1140,7 +1142,8 @@ static psa_status_t psa_save_generated_persistent_key( psa_key_slot_t key,
         goto exit;
     }
     /* Store in file location */
-    status = psa_save_persistent_key( key, slot->type, &slot->policy,
+    status = psa_save_persistent_key( slot->persistent_storage_id,
+                                      slot->type, &slot->policy,
                                       data, key_length );
     if( status != PSA_SUCCESS )
     {
@@ -3119,6 +3122,7 @@ psa_status_t psa_set_key_lifetime( psa_key_slot_t key,
 #endif
 
     slot->lifetime = lifetime;
+    slot->persistent_storage_id = key;
 
     return( PSA_SUCCESS );
 }
@@ -4437,7 +4441,7 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
     if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT )
     {
-        return( psa_save_generated_persistent_key( key, slot, bits ) );
+        return( psa_save_generated_persistent_key( slot, bits ) );
     }
 #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
 

From 7f6e3a868af6c7aba1a16032017b15aca616eb3b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 30 Nov 2018 18:51:45 +0100
Subject: [PATCH 838/889] Change ASSERT_ALLOC to take a size in elements, not
 bytes

`ASSERT_ALLOC(p, length)` now allocates `length` elements, i.e.
`length * sizeof(*p)` bytes.
---
 tests/suites/helpers.function | 25 +++++++++++++------------
 1 file changed, 13 insertions(+), 12 deletions(-)

diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function
index f416b3035..cbe3fa0d4 100644
--- a/tests/suites/helpers.function
+++ b/tests/suites/helpers.function
@@ -95,7 +95,7 @@ typedef struct data_tag
  * You must set \p pointer to \c NULL before calling this macro and
  * put `mbedtls_free( pointer )` in the test's cleanup code.
  *
- * If \p size is zero, the resulting \p pointer will be \c NULL.
+ * If \p length is zero, the resulting \p pointer will be \c NULL.
  * This is usually what we want in tests since API functions are
  * supposed to accept null pointers when a buffer size is zero.
  *
@@ -105,20 +105,21 @@ typedef struct data_tag
  * \param pointer   An lvalue where the address of the allocated buffer
  *                  will be stored.
  *                  This expression may be evaluated multiple times.
- * \param size      Buffer size to allocate in bytes.
+ * \param length    Number of elements to allocate.
  *                  This expression may be evaluated multiple times.
  *
  */
-#define ASSERT_ALLOC( pointer, size )                           \
-    do                                                          \
-    {                                                           \
-        TEST_ASSERT( ( pointer ) == NULL );                     \
-        if( ( size ) != 0 )                                     \
-        {                                                       \
-            ( pointer ) = mbedtls_calloc( 1, ( size ) );        \
-            TEST_ASSERT( ( pointer ) != NULL );                 \
-        }                                                       \
-    }                                                           \
+#define ASSERT_ALLOC( pointer, length )                           \
+    do                                                            \
+    {                                                             \
+        TEST_ASSERT( ( pointer ) == NULL );                       \
+        if( ( length ) != 0 )                                     \
+        {                                                         \
+            ( pointer ) = mbedtls_calloc( sizeof( *( pointer ) ), \
+                                          ( length ) );           \
+            TEST_ASSERT( ( pointer ) != NULL );                   \
+        }                                                         \
+    }                                                             \
     while( 0 )
 
 /** Compare two buffers and fail the test case if they differ.

From 5ec7b078ea0f35c16403cbac3896e158919c0a83 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 30 Nov 2018 18:53:28 +0100
Subject: [PATCH 839/889] Add tests for the new slot management mechanism

Add unit tests for handle allocation and release.
---
 tests/CMakeLists.txt                          |   1 +
 ...test_suite_psa_crypto_slot_management.data |  59 +++
 ..._suite_psa_crypto_slot_management.function | 391 ++++++++++++++++++
 3 files changed, 451 insertions(+)
 create mode 100644 tests/suites/test_suite_psa_crypto_slot_management.data
 create mode 100644 tests/suites/test_suite_psa_crypto_slot_management.function

diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 56ce9338a..21cdfaba2 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -116,6 +116,7 @@ add_test_suite(psa_crypto_hash)
 add_test_suite(psa_crypto_init)
 add_test_suite(psa_crypto_metadata)
 add_test_suite(psa_crypto_persistent_key)
+add_test_suite(psa_crypto_slot_management)
 add_test_suite(psa_crypto_storage_file)
 add_test_suite(shax)
 add_test_suite(ssl)
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data
new file mode 100644
index 000000000..133f4c873
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_slot_management.data
@@ -0,0 +1,59 @@
+Transient slot, check after closing
+transient_slot_lifecycle:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE
+
+Transient slot, check after destroying
+transient_slot_lifecycle:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY
+
+Transient slot, check after restart
+transient_slot_lifecycle:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN
+
+Persistent slot, check after closing
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_CLOSE
+
+Persistent slot, check after destroying
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_DESTROY
+
+Persistent slot, check after restart
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:128:0:0:"0123456789abcdef0123456789abcdef":CLOSE_BY_SHUTDOWN
+
+Attempt to overwrite: close before, same type
+create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:CLOSE_BEFORE
+
+Attempt to overwrite: close before, different type
+depends_on:MBEDTLS_AES_C
+create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_AES:CLOSE_BEFORE
+
+Attempt to overwrite: close after, same type
+create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:CLOSE_AFTER
+
+Attempt to overwrite: close after, different type
+depends_on:MBEDTLS_AES_C
+create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_AES:CLOSE_AFTER
+
+Attempt to overwrite: keep open, same type
+create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:KEEP_OPEN
+
+Attempt to overwrite: keep open, different type
+depends_on:MBEDTLS_AES_C
+create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_AES:KEEP_OPEN
+
+Open failure: non-existent identifier
+open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_EMPTY_SLOT
+
+Open failure: volatile lifetime
+open_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT
+
+Open failure: invalid lifetime
+open_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT
+
+Create failure: volatile lifetime
+create_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT
+
+Create failure: invalid lifetime
+create_fail:0x7fffffff:0:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT
+
+Close/destroy invalid handle
+invalid_handle:
+
+Open many transient handles
+many_transient_handles:42
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
new file mode 100644
index 000000000..1f1984e3f
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -0,0 +1,391 @@
+/* BEGIN_HEADER */
+#include <stdint.h>
+
+#if defined(MBEDTLS_PSA_CRYPTO_SPM)
+#include "spm/psa_defs.h"
+#endif
+#include "psa/crypto.h"
+
+#include "psa_crypto_storage.h"
+
+#define PSA_ASSERT( expr ) TEST_ASSERT( ( expr ) == PSA_SUCCESS )
+
+typedef enum
+{
+    CLOSE_BY_CLOSE,
+    CLOSE_BY_DESTROY,
+    CLOSE_BY_SHUTDOWN,
+} close_method_t;
+
+typedef enum
+{
+    KEEP_OPEN,
+    CLOSE_BEFORE,
+    CLOSE_AFTER,
+} reopen_policy_t;
+
+/* All test functions that create persistent keys must call
+ * `TEST_MAX_KEY_ID( key_id )` before creating a persistent key with this
+ * identifier, and must call psa_purge_key_storage() in their cleanup
+ * code. */
+
+/* There is no API to purge all keys. For this test suite, require that
+ * all key IDs be less than a certain maximum. */
+#define MAX_KEY_ID_FOR_TEST 32
+#define TEST_MAX_KEY_ID( key_id )                       \
+    TEST_ASSERT( ( key_id ) <= MAX_KEY_ID_FOR_TEST )
+void psa_purge_key_storage( void )
+{
+    psa_key_id_t i;
+    /* The tests may have potentially created key ids from 1 to
+     * MAX_KEY_ID_FOR_TEST. In addition, run the destroy function on key id
+     * 0, which file-based storage uses as a temporary file. */
+    for( i = 0; i <= MAX_KEY_ID_FOR_TEST; i++ )
+        psa_destroy_persistent_key( i );
+}
+
+static int psa_key_policy_equal( psa_key_policy_t *p1,
+                                 psa_key_policy_t *p2 )
+{
+    return( psa_key_policy_get_usage( p1 ) == psa_key_policy_get_usage( p2 ) &&
+            psa_key_policy_get_algorithm( p1 ) == psa_key_policy_get_algorithm( p2 ) );
+}
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_CRYPTO_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void transient_slot_lifecycle( int type_arg, int max_bits_arg,
+                               int alg_arg, int usage_arg,
+                               data_t *key_data,
+                               int close_method_arg )
+{
+    psa_key_type_t type = type_arg;
+    size_t max_bits = max_bits_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_usage_t usage_flags = usage_arg;
+    close_method_t close_method = close_method_arg;
+    psa_key_type_t read_type;
+    psa_key_handle_t handle = 0;
+    psa_key_policy_t policy;
+
+    PSA_ASSERT( psa_crypto_init( ) );
+
+    /* Get a handle and import a key. */
+    PSA_ASSERT( psa_allocate_key( type, max_bits, &handle ) );
+    TEST_ASSERT( handle != 0 );
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, usage_flags, alg );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+    PSA_ASSERT( psa_import_key( handle, type, key_data->x, key_data->len ) );
+    PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) );
+    TEST_ASSERT( read_type == type );
+
+    /* Do something that invalidates the handle. */
+    switch( close_method )
+    {
+        case CLOSE_BY_CLOSE:
+            PSA_ASSERT( psa_close_key( handle ) );
+            break;
+        case CLOSE_BY_DESTROY:
+            PSA_ASSERT( psa_destroy_key( handle ) );
+            break;
+        case CLOSE_BY_SHUTDOWN:
+            mbedtls_psa_crypto_free( );
+            PSA_ASSERT( psa_crypto_init( ) );
+            break;
+    }
+    /* Test that the handle is now invalid. */
+    TEST_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ==
+                 PSA_ERROR_INVALID_HANDLE );
+    TEST_ASSERT( psa_close_key( handle ) == PSA_ERROR_INVALID_HANDLE );
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void persistent_slot_lifecycle( int lifetime_arg, int id_arg,
+                                int type_arg, int max_bits_arg,
+                                int alg_arg, int usage_arg,
+                                data_t *key_data,
+                                int close_method_arg )
+{
+    psa_key_lifetime_t lifetime = lifetime_arg;
+    psa_key_id_t id = id_arg;
+    psa_key_type_t type = type_arg;
+    size_t max_bits = max_bits_arg;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_usage_t usage_flags = usage_arg;
+    close_method_t close_method = close_method_arg;
+    psa_key_type_t read_type;
+    psa_key_handle_t handle = 0;
+    psa_key_policy_t policy;
+
+    TEST_MAX_KEY_ID( id );
+
+    PSA_ASSERT( psa_crypto_init( ) );
+
+    /* Get a handle and import a key. */
+    PSA_ASSERT( psa_create_key( lifetime, id, type, max_bits, &handle ) );
+    TEST_ASSERT( handle != 0 );
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, usage_flags, alg );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+    PSA_ASSERT( psa_import_key( handle, type, key_data->x, key_data->len ) );
+    PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) );
+    TEST_ASSERT( read_type == type );
+
+    /* Close the key and reopen it. */
+    PSA_ASSERT( psa_close_key( handle ) );
+    PSA_ASSERT( psa_open_key( lifetime, id, &handle ) );
+    PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) );
+    TEST_ASSERT( read_type == type );
+
+    /* Do something that invalidates the handle. */
+    switch( close_method )
+    {
+        case CLOSE_BY_CLOSE:
+            PSA_ASSERT( psa_close_key( handle ) );
+            break;
+        case CLOSE_BY_DESTROY:
+            PSA_ASSERT( psa_destroy_key( handle ) );
+            break;
+        case CLOSE_BY_SHUTDOWN:
+            mbedtls_psa_crypto_free( );
+            PSA_ASSERT( psa_crypto_init( ) );
+            break;
+    }
+    /* Test that the handle is now invalid. */
+    TEST_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ==
+                 PSA_ERROR_INVALID_HANDLE );
+    TEST_ASSERT( psa_close_key( handle ) == PSA_ERROR_INVALID_HANDLE );
+
+    /* Try to reopen the key. If we destroyed it, check that it doesn't
+     * exist, otherwise check that it still exists. */
+    switch( close_method )
+    {
+        case CLOSE_BY_CLOSE:
+        case CLOSE_BY_SHUTDOWN:
+            PSA_ASSERT( psa_open_key( lifetime, id, &handle ) );
+            PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) );
+            TEST_ASSERT( read_type == type );
+            break;
+        case CLOSE_BY_DESTROY:
+            TEST_ASSERT( psa_open_key( lifetime, id, &handle ) ==
+                         PSA_ERROR_EMPTY_SLOT );
+            break;
+    }
+
+exit:
+    mbedtls_psa_crypto_free( );
+    psa_purge_key_storage( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void create_existent( int lifetime_arg, int id_arg,
+                      int new_type_arg,
+                      int reopen_policy_arg )
+{
+    psa_key_lifetime_t lifetime = lifetime_arg;
+    psa_key_id_t id = id_arg;
+    psa_key_handle_t handle1 = 0, handle2 = 0;
+    psa_key_policy_t policy1, read_policy;
+    psa_key_type_t type1 = PSA_KEY_TYPE_RAW_DATA;
+    psa_key_type_t type2 = new_type_arg;
+    psa_key_type_t read_type;
+    const uint8_t material1[16] = "test material #1";
+    size_t bits1 = PSA_BYTES_TO_BITS( sizeof( material1 ) );
+    size_t read_bits;
+    uint8_t reexported[sizeof( material1 )];
+    size_t reexported_length;
+    reopen_policy_t reopen_policy = reopen_policy_arg;
+
+    TEST_MAX_KEY_ID( id );
+
+    PSA_ASSERT( psa_crypto_init( ) );
+
+    /* Create a key. */
+    PSA_ASSERT( psa_create_key( lifetime, id, type1, bits1, &handle1 ) );
+    TEST_ASSERT( handle1 != 0 );
+    psa_key_policy_init( &policy1 );
+    psa_key_policy_set_usage( &policy1, PSA_KEY_USAGE_EXPORT, 0 );
+    PSA_ASSERT( psa_set_key_policy( handle1, &policy1 ) );
+    PSA_ASSERT( psa_import_key( handle1, type1,
+                                material1, sizeof( material1 ) ) );
+
+    if( reopen_policy == CLOSE_BEFORE )
+        PSA_ASSERT( psa_close_key( handle1 ) );
+
+    /* Attempt to create a new key in the same slot. */
+    TEST_ASSERT( psa_create_key( lifetime, id, type2, bits1, &handle2 ) ==
+                 PSA_ERROR_OCCUPIED_SLOT );
+    TEST_ASSERT( handle2 == 0 );
+
+    if( reopen_policy == CLOSE_AFTER )
+        PSA_ASSERT( psa_close_key( handle1 ) );
+    if( reopen_policy == CLOSE_BEFORE || reopen_policy == CLOSE_AFTER )
+        PSA_ASSERT( psa_open_key( lifetime, id, &handle1 ) );
+
+    /* Check that the original key hasn't changed. */
+    PSA_ASSERT( psa_get_key_policy( handle1, &read_policy ) );
+    TEST_ASSERT( psa_key_policy_equal( &read_policy, &policy1 ) );
+    PSA_ASSERT( psa_get_key_information( handle1, &read_type, &read_bits ) );
+    TEST_ASSERT( read_type == type1 );
+    TEST_ASSERT( read_bits == bits1 );
+    PSA_ASSERT( psa_export_key( handle1,
+                                reexported, sizeof( reexported ),
+                                &reexported_length ) );
+    ASSERT_COMPARE( material1, sizeof( material1 ),
+                    reexported, reexported_length );
+
+exit:
+    mbedtls_psa_crypto_free( );
+    psa_purge_key_storage( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void open_fail( int lifetime_arg, int id_arg,
+                int expected_status_arg )
+{
+    psa_key_lifetime_t lifetime = lifetime_arg;
+    psa_key_id_t id = id_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_handle_t handle = 0xdead;
+
+    PSA_ASSERT( psa_crypto_init( ) );
+
+    TEST_ASSERT( psa_open_key( lifetime, id, &handle ) == expected_status );
+    TEST_ASSERT( handle == 0 );
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void create_fail( int lifetime_arg, int id_arg,
+                  int type_arg, int max_bits_arg,
+                  int expected_status_arg )
+{
+    psa_key_lifetime_t lifetime = lifetime_arg;
+    psa_key_id_t id = id_arg;
+    psa_key_type_t type = type_arg;
+    size_t max_bits = max_bits_arg;
+    psa_status_t expected_status = expected_status_arg;
+    psa_key_handle_t handle = 0xdead;
+
+    TEST_MAX_KEY_ID( id );
+
+    PSA_ASSERT( psa_crypto_init( ) );
+
+    TEST_ASSERT( psa_create_key( lifetime, id,
+                                 type, max_bits,
+                                 &handle ) == expected_status );
+    TEST_ASSERT( handle == 0 );
+
+exit:
+    mbedtls_psa_crypto_free( );
+    psa_purge_key_storage( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void invalid_handle( )
+{
+    psa_key_handle_t handle1 = 0;
+    psa_key_policy_t policy;
+    psa_key_type_t read_type;
+    size_t read_bits;
+    uint8_t material[1] = "a";
+
+    PSA_ASSERT( psa_crypto_init( ) );
+
+    /* Allocate a handle and store a key in it. */
+    PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 1, &handle1 ) );
+    TEST_ASSERT( handle1 != 0 );
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, 0, 0 );
+    PSA_ASSERT( psa_set_key_policy( handle1, &policy ) );
+    PSA_ASSERT( psa_import_key( handle1, PSA_KEY_TYPE_RAW_DATA,
+                                material, sizeof( material ) ) );
+
+    /* Attempt to close and destroy some invalid handles. */
+    TEST_ASSERT( psa_close_key( 0 ) == PSA_ERROR_INVALID_HANDLE );
+    TEST_ASSERT( psa_close_key( handle1 - 1 ) == PSA_ERROR_INVALID_HANDLE );
+    TEST_ASSERT( psa_close_key( handle1 + 1 ) == PSA_ERROR_INVALID_HANDLE );
+    /* At the moment the implementation returns INVALID_ARGUMENT for 0
+     * because of the transitional support for non-allocated slot numbers.
+     * When this is removed, the error will switch to INVALID_HANDLE. */
+    TEST_ASSERT( psa_destroy_key( 0 ) == PSA_ERROR_INVALID_ARGUMENT );
+    TEST_ASSERT( psa_destroy_key( handle1 - 1 ) == PSA_ERROR_INVALID_HANDLE );
+    TEST_ASSERT( psa_destroy_key( handle1 + 1 ) == PSA_ERROR_INVALID_HANDLE );
+
+    /* After all this, check that the original handle is intact. */
+    PSA_ASSERT( psa_get_key_information( handle1, &read_type, &read_bits ) );
+    TEST_ASSERT( read_type == PSA_KEY_TYPE_RAW_DATA );
+    TEST_ASSERT( read_bits == PSA_BYTES_TO_BITS( sizeof( material ) ) );
+    PSA_ASSERT( psa_close_key( handle1 ) );
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void many_transient_handles( int max_handles_arg )
+{
+    psa_key_handle_t *handles = NULL;
+    size_t max_handles = max_handles_arg;
+    size_t i, j;
+    psa_status_t status;
+    psa_key_policy_t policy;
+    uint8_t exported[sizeof( size_t )];
+    size_t exported_length;
+    size_t max_bits = PSA_BITS_TO_BYTES( sizeof( exported ) );
+
+    ASSERT_ALLOC( handles, max_handles );
+    PSA_ASSERT( psa_crypto_init( ) );
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 );
+
+    for( i = 0; i < max_handles; i++ )
+    {
+        status = psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, max_bits,
+                                   &handles[i] );
+        if( status == PSA_ERROR_INSUFFICIENT_MEMORY )
+            break;
+        TEST_ASSERT( status == PSA_SUCCESS );
+        TEST_ASSERT( handles[i] != 0 );
+        for( j = 0; j < i; j++ )
+            TEST_ASSERT( handles[i] != handles[j] );
+        PSA_ASSERT( psa_set_key_policy( handles[i], &policy ) );
+        PSA_ASSERT( psa_import_key( handles[i], PSA_KEY_TYPE_RAW_DATA,
+                                    (uint8_t *) &i, sizeof( i ) ) );
+    }
+    max_handles = i;
+
+    for( i = 1; i < max_handles; i++ )
+    {
+        PSA_ASSERT( psa_close_key( handles[i - 1] ) );
+        PSA_ASSERT( psa_export_key( handles[i],
+                                    exported, sizeof( exported ),
+                                    &exported_length ) );
+        ASSERT_COMPARE( exported, exported_length,
+                        (uint8_t *) &i, sizeof( i ) );
+    }
+    PSA_ASSERT( psa_close_key( handles[i - 1] ) );
+
+exit:
+    mbedtls_psa_crypto_free( );
+    mbedtls_free( handles );
+}
+/* END_CASE */
+

From 961849f6d189e5b796625bb80b6663c0398b0473 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 30 Nov 2018 18:54:54 +0100
Subject: [PATCH 840/889] Implement slot allocation

Implement psa_allocate_key, psa_open_key, psa_create_key,
psa_close_key.

Add support for keys designated to handles to psa_get_key_slot, and
thereby to the whole API.

Allocated and non-allocated keys can coexist. This is a temporary
stage in order to transition from the use of direct slot numbers to
allocated handles only. Once all the tests and sample programs have
been migrated to use handles, the implementation will be simplified
and made more robust with support for handles only.
---
 library/CMakeLists.txt                  |   1 +
 library/Makefile                        |   1 +
 library/psa_crypto.c                    | 107 ++++++++++++++++++++--
 library/psa_crypto_slot_management.c    | 116 ++++++++++++++++++++++++
 library/psa_crypto_slot_management.h    |  80 ++++++++++++++++
 tests/suites/test_suite_psa_crypto.data |   5 +-
 visualc/VS2010/mbedTLS.vcxproj          |   2 +
 7 files changed, 304 insertions(+), 8 deletions(-)
 create mode 100644 library/psa_crypto_slot_management.c
 create mode 100644 library/psa_crypto_slot_management.h

diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index c8070bb27..3a3f61bcf 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -54,6 +54,7 @@ set(src_crypto
     platform_util.c
     poly1305.c
     psa_crypto.c
+    psa_crypto_slot_management.c
     psa_crypto_storage.c
     psa_crypto_storage_file.c
     psa_crypto_storage_its.c
diff --git a/library/Makefile b/library/Makefile
index 95faaaef3..1822a24af 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -83,6 +83,7 @@ OBJS_CRYPTO=	aes.o		aesni.o		arc4.o		\
 		pkcs5.o		pkparse.o	pkwrite.o	\
 		platform.o	platform_util.o	poly1305.o	\
 		psa_crypto.o					\
+		psa_crypto_slot_management.o			\
 		psa_crypto_storage.o				\
 		psa_crypto_storage_file.o			\
 		psa_crypto_storage_its.o			\
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 24ad06d38..0d809cbaa 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -44,6 +44,7 @@
 #include "psa/crypto.h"
 
 #include "psa_crypto_invasive.h"
+#include "psa_crypto_slot_management.h"
 /* Include internal declarations that are useful for implementing persistently
  * stored keys. */
 #include "psa_crypto_storage.h"
@@ -117,16 +118,13 @@ static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n )
 /* Global data, support functions and library management */
 /****************************************************************/
 
-/* Number of key slots (plus one because 0 is not used).
- * The value is a compile-time constant for now, for simplicity. */
-#define PSA_KEY_SLOT_COUNT 32
-
 typedef struct
 {
     psa_key_type_t type;
     psa_key_policy_t policy;
     psa_key_lifetime_t lifetime;
     psa_key_id_t persistent_storage_id;
+    unsigned allocated : 1;
     union
     {
         struct raw_data
@@ -742,21 +740,34 @@ exit:
 #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
 
 /* Retrieve a key slot, occupied or not. */
-static psa_status_t psa_get_key_slot( psa_key_slot_t key,
+static psa_status_t psa_get_key_slot( psa_key_slot_t key_or_handle,
                                       key_slot_t **p_slot )
 {
+    psa_key_slot_t key = key_or_handle & ~PSA_KEY_HANDLE_ALLOCATED_FLAG;
+    int is_handle = ( key_or_handle & PSA_KEY_HANDLE_ALLOCATED_FLAG ) != 0;
+    psa_status_t error_if_invalid =
+        ( is_handle ?
+          PSA_ERROR_INVALID_HANDLE :
+          PSA_ERROR_INVALID_ARGUMENT );
+
     GUARD_MODULE_INITIALIZED;
 
     /* 0 is not a valid slot number under any circumstance. This
      * implementation provides slots number 1 to N where N is the
      * number of available slots. */
     if( key == 0 || key > ARRAY_LENGTH( global_data.key_slots ) )
-        return( PSA_ERROR_INVALID_ARGUMENT );
+        return( error_if_invalid );
 
     *p_slot = &global_data.key_slots[key - 1];
 
+    /* Allocated slots must only be accessed via a handle.
+     * Unallocated slots must only be accessed directly. */
+    if( ( *p_slot )->allocated != is_handle )
+        return( error_if_invalid );
+
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-    if( ( *p_slot )->lifetime == PSA_KEY_LIFETIME_PERSISTENT )
+    if( ! ( *p_slot )->allocated &&
+        ( *p_slot )->lifetime == PSA_KEY_LIFETIME_PERSISTENT )
     {
         /* There are two circumstances this can occur: the key material has
          * not yet been created, or the key exists in storage but has not yet
@@ -865,6 +876,88 @@ static psa_status_t psa_remove_key_data_from_memory( key_slot_t *slot )
     return( PSA_SUCCESS );
 }
 
+/* A slot is available if nothing has been set in it: default lifetime
+ * and policy, no key type. */
+static int psa_internal_is_slot_available( key_slot_t *slot )
+{
+    if( slot->allocated )
+        return( 0 );
+    if( slot->type != PSA_KEY_TYPE_NONE )
+        return( 0 );
+    if( slot->lifetime != PSA_KEY_LIFETIME_VOLATILE )
+        return( 0 );
+    if( slot->policy.usage != 0 || slot->policy.alg != 0 )
+        return( 0 );
+    return( 1 );
+}
+
+psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle )
+{
+    psa_key_slot_t key;
+    for( key = PSA_KEY_SLOT_COUNT; key != 0; --( key ) )
+    {
+        key_slot_t *slot = &global_data.key_slots[key - 1];
+        if( psa_internal_is_slot_available( slot ) )
+        {
+            slot->allocated = 1;
+            *handle = key | PSA_KEY_HANDLE_ALLOCATED_FLAG;
+            return( PSA_SUCCESS );
+        }
+    }
+    return( PSA_ERROR_INSUFFICIENT_MEMORY );
+}
+
+psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle,
+                                               psa_key_id_t id )
+{
+    key_slot_t *slot;
+    psa_status_t status;
+
+    /* Reject id=0 because by general library conventions, 0 is an invalid
+     * value wherever possible. */
+    if( id == 0 )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    /* Reject high values because the file names are reserved for the
+     * library's internal use. */
+    if( id >= 0xffff0000 )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    /* Reject values that don't fit in the key slot number type.
+     * This is a temporary limitation due to the library's internal
+     * plumbing. */
+    if( id > (psa_key_slot_t)( -1 ) )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    status = psa_get_key_slot( handle, &slot );
+    if( status != PSA_SUCCESS )
+        return( status );
+
+    slot->lifetime = PSA_KEY_LIFETIME_PERSISTENT;
+    slot->persistent_storage_id = id;
+    status = psa_load_persistent_key_into_slot( slot );
+
+    return( status );
+}
+
+psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle )
+{
+    psa_key_slot_t key;
+    key_slot_t *slot;
+    psa_status_t status;
+    /* Don't call psa_get_key_slot() so as not to trigger its automatic
+     * loading of persistent key data. */
+    if( ( handle & PSA_KEY_HANDLE_ALLOCATED_FLAG ) == 0 )
+        return( PSA_ERROR_INVALID_HANDLE );
+    key = handle & ~PSA_KEY_HANDLE_ALLOCATED_FLAG;
+    if( key == 0 || key > ARRAY_LENGTH( global_data.key_slots ) )
+        return( PSA_ERROR_INVALID_HANDLE );
+    slot = &global_data.key_slots[key - 1];
+    if( ! slot->allocated )
+        return( PSA_ERROR_INVALID_HANDLE );
+    status = psa_remove_key_data_from_memory( slot );
+    memset( slot, 0, sizeof( *slot ) );
+    return( status );
+}
+
 psa_status_t psa_import_key( psa_key_slot_t key,
                              psa_key_type_t type,
                              const uint8_t *data,
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
new file mode 100644
index 000000000..ae5e146b9
--- /dev/null
+++ b/library/psa_crypto_slot_management.c
@@ -0,0 +1,116 @@
+/*
+ *  PSA crypto layer on top of Mbed TLS crypto
+ */
+/*  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+
+#include "psa/crypto.h"
+
+#include "psa_crypto_slot_management.h"
+#include "psa_crypto_storage.h"
+
+#include <stdlib.h>
+#include <string.h>
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#define mbedtls_calloc calloc
+#define mbedtls_free   free
+#endif
+
+#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
+
+psa_status_t psa_allocate_key( psa_key_type_t type,
+                               size_t max_bits,
+                               psa_key_handle_t *handle )
+{
+    /* This implementation doesn't reserve memory for the keys. */
+    (void) type;
+    (void) max_bits;
+    *handle = 0;
+    return( psa_internal_allocate_key_slot( handle ) );
+}
+
+static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime,
+                                          psa_key_id_t id,
+                                          psa_key_handle_t *handle,
+                                          psa_status_t wanted_load_status )
+{
+    psa_status_t status;
+
+    *handle = 0;
+
+    if( lifetime != PSA_KEY_LIFETIME_PERSISTENT )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    status = psa_internal_allocate_key_slot( handle );
+    if( status != PSA_SUCCESS )
+        return( status );
+
+    status = psa_internal_make_key_persistent( *handle, id );
+    if( status != wanted_load_status )
+    {
+        psa_internal_release_key_slot( *handle );
+        *handle = 0;
+    }
+    return( status );
+}
+
+psa_status_t psa_open_key( psa_key_lifetime_t lifetime,
+                           psa_key_id_t id,
+                           psa_key_handle_t *handle )
+{
+    return( persistent_key_setup( lifetime, id, handle, PSA_SUCCESS ) );
+}
+
+psa_status_t psa_create_key( psa_key_lifetime_t lifetime,
+                             psa_key_id_t id,
+                             psa_key_type_t type,
+                             size_t max_bits,
+                             psa_key_handle_t *handle )
+{
+    psa_status_t status;
+
+    /* This implementation doesn't reserve memory for the keys. */
+    (void) type;
+    (void) max_bits;
+
+    status = persistent_key_setup( lifetime, id, handle,
+                                   PSA_ERROR_EMPTY_SLOT );
+    switch( status )
+    {
+        case PSA_SUCCESS: return( PSA_ERROR_OCCUPIED_SLOT );
+        case PSA_ERROR_EMPTY_SLOT: return( PSA_SUCCESS );
+        default: return( status );
+    }
+}
+
+psa_status_t psa_close_key( psa_key_handle_t handle )
+{
+    return( psa_internal_release_key_slot( handle ) );
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h
new file mode 100644
index 000000000..36917bbaa
--- /dev/null
+++ b/library/psa_crypto_slot_management.h
@@ -0,0 +1,80 @@
+/*
+ *  PSA crypto layer on top of Mbed TLS crypto
+ */
+/*  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_SLOT_MANAGEMENT_H
+#define PSA_CRYPTO_SLOT_MANAGEMENT_H
+
+/* Number of key slots (plus one because 0 is not used).
+ * The value is a compile-time constant for now, for simplicity. */
+#define PSA_KEY_SLOT_COUNT 32
+
+/* All dynamically allocated handles have this bit set. */
+#define PSA_KEY_HANDLE_ALLOCATED_FLAG ( (psa_key_handle_t) 0x8000 )
+
+/** \defgroup core_slot_management Internal functions exposed by the core
+ * @{
+ */
+
+/** Find a free key slot and mark it as in use.
+ *
+ * \param[out] handle   On success, a slot number that is not in use.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ */
+psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle );
+
+/** Wipe an a key slot and mark it as available.
+ *
+ * This does not affect persistent storage.
+ *
+ * \param handle        The key slot number to release.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle );
+
+/** Declare a slot as persistent and load it from storage.
+ *
+ * This function may only be called immediately after a successful call
+ * to psa_internal_allocate_key_slot().
+ *
+ * \param handle        A handle to a key slot freshly allocated with
+ *                      psa_internal_allocate_key_slot().
+ *
+ * \retval #PSA_SUCCESS
+ *         The slot content was loaded successfully.
+ * \retval #PSA_ERROR_EMPTY_SLOT
+ *         There is no content for this slot in persistent storage.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         \p id is not acceptable.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ */
+psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle,
+                                               psa_key_id_t id );
+
+/**@}*/
+
+#endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 91739f55e..33ca54f6d 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -39,7 +39,10 @@ PSA export out of range key slot - lower bound
 export_invalid_slot:0:PSA_ERROR_INVALID_ARGUMENT
 
 PSA export out of range key slot - upper bound
-export_invalid_slot:(psa_key_slot_t)(-1):PSA_ERROR_INVALID_ARGUMENT
+# Hard-code the upper bound of slots that are directly accessible because the
+# API does not expose this value. This is temporary: directly-accessible
+# slots are about to be removed.
+export_invalid_slot:32767:PSA_ERROR_INVALID_ARGUMENT
 
 PSA export a slot where there was some activity but no key material creation
 export_with_no_key_activity
diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index d305c4515..341e058a8 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -232,6 +232,7 @@
     <ClInclude Include="..\..\include\psa\crypto_sizes.h" />
     <ClInclude Include="..\..\include\psa\crypto_struct.h" />
     <ClInclude Include="..\..\library/psa_crypto_invasive.h" />
+    <ClInclude Include="..\..\library/psa_crypto_slot_management.h" />
     <ClInclude Include="..\..\library/psa_crypto_storage.h" />
     <ClInclude Include="..\..\library/psa_crypto_storage_backend.h" />
   </ItemGroup>
@@ -291,6 +292,7 @@
     <ClCompile Include="..\..\library\platform_util.c" />
     <ClCompile Include="..\..\library\poly1305.c" />
     <ClCompile Include="..\..\library\psa_crypto.c" />
+    <ClCompile Include="..\..\library\psa_crypto_slot_management.c" />
     <ClCompile Include="..\..\library\psa_crypto_storage.c" />
     <ClCompile Include="..\..\library\psa_crypto_storage_file.c" />
     <ClCompile Include="..\..\library\psa_crypto_storage_its.c" />

From d7c75707b88d3e3aca2f2fdcdcad9f76cfafff83 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 3 Dec 2018 10:36:46 +0100
Subject: [PATCH 841/889] mbedtls_psa_crypto_free: free allocated slots as well

Access the slot directly rather than going through psa_get_key_slot.
Unlike other places where key slots are accessed through
psa_get_key_slot, here, we know where all the slots are and there are
no policy or permission considerations.

This resolves a memory leak: allocated slots were not getting freed
because psa_get_key_slot rejected the attempt of accessing them
directly rather than via a handle.
---
 library/psa_crypto.c | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 0d809cbaa..50c8a8962 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -4559,17 +4559,13 @@ psa_status_t mbedtls_psa_crypto_configure_entropy_sources(
 
 void mbedtls_psa_crypto_free( void )
 {
-    psa_key_slot_t key;
-    key_slot_t *slot;
-    psa_status_t status;
     if( global_data.key_slots_initialized )
     {
+        psa_key_slot_t key;
         for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ )
         {
-            status = psa_get_key_slot( key, &slot );
-            if( status != PSA_SUCCESS )
-                continue;
-            psa_remove_key_data_from_memory( slot );
+            key_slot_t *slot = &global_data.key_slots[key - 1];
+            (void) psa_remove_key_data_from_memory( slot );
             /* Zeroize the slot to wipe metadata such as policies. */
             mbedtls_zeroize( slot, sizeof( *slot ) );
         }

From a426168cbff890e96807a489e0d3a3a164d2e105 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 3 Dec 2018 11:34:01 +0100
Subject: [PATCH 842/889] Test that failure of import_key preserves metadata

---
 tests/suites/test_suite_psa_crypto.data     |  4 +++
 tests/suites/test_suite_psa_crypto.function | 39 +++++++++++++++++++++
 2 files changed, 43 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 33ca54f6d..d23c364bf 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -323,6 +323,10 @@ PSA import EC keypair: valid key but RSA
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED:MBEDTLS_RSA_C
 import:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_BRAINPOOL_P512R1):PSA_ERROR_INVALID_ARGUMENT
 
+PSA import failure preserves policy
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
+import_twice:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_USAGE_VERIFY:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30819f300d06092a864886f70d010101050003818d0030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_SUCCESS
+
 PSA import RSA key pair: maximum size exceeded
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 import_rsa_made_up:PSA_VENDOR_RSA_MAX_KEY_BITS+8:1:PSA_ERROR_NOT_SUPPORTED
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 2fa060b25..3978ba7a0 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -948,6 +948,45 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void import_twice( int alg_arg, int usage_arg,
+                   int type1_arg, data_t *data1,
+                   int expected_import1_status_arg,
+                   int type2_arg, data_t *data2,
+                   int expected_import2_status_arg )
+{
+    int slot = 1;
+    psa_algorithm_t alg = alg_arg;
+    psa_key_usage_t usage = usage_arg;
+    psa_key_type_t type1 = type1_arg;
+    psa_status_t expected_import1_status = expected_import1_status_arg;
+    psa_key_type_t type2 = type2_arg;
+    psa_status_t expected_import2_status = expected_import2_status_arg;
+    psa_key_policy_t policy;
+    psa_status_t status;
+
+    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+
+    psa_key_policy_init( &policy );
+    psa_key_policy_set_usage( &policy, usage, alg );
+    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+
+    status = psa_import_key( slot, type1, data1->x, data1->len );
+    TEST_ASSERT( status == expected_import1_status );
+    status = psa_import_key( slot, type2, data2->x, data2->len );
+    TEST_ASSERT( status == expected_import2_status );
+
+    if( expected_import1_status == PSA_SUCCESS ||
+        expected_import2_status == PSA_SUCCESS )
+    {
+        TEST_ASSERT( exercise_key( slot, usage, alg ) );
+    }
+
+exit:
+    mbedtls_psa_crypto_free( );
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg )
 {

From f77ed1f20b636c81a980c1e7431130db249bf1eb Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 3 Dec 2018 11:58:46 +0100
Subject: [PATCH 843/889] Factor the common idiom psa_wipe_key_slot into a
 function

Many places in the code called psa_remove_key_data_from_memory (which
preserves metadata for the sake of failues in psa_import_key) followed
by clearing the slot data. Use an auxiliary function for this.
---
 library/psa_crypto.c | 29 +++++++++++++++++++----------
 1 file changed, 19 insertions(+), 10 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 50c8a8962..1a038a12a 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -637,6 +637,9 @@ exit:
 }
 #endif /* defined(MBEDTLS_ECP_C) */
 
+/** Import key data into a slot. `slot->type` must have been set
+ * previously. This function assumes that the slot does not contain
+ * any key material yet. On failure, the slot content is unchanged. */
 static psa_status_t psa_import_key_into_slot( key_slot_t *slot,
                                               const uint8_t *data,
                                               size_t data_length )
@@ -840,6 +843,7 @@ static psa_status_t psa_get_key_from_slot( psa_key_slot_t key,
     return( PSA_SUCCESS );
 }
 
+/** Wipe key data from a slot. Preserve metadata such as the policy. */
 static psa_status_t psa_remove_key_data_from_memory( key_slot_t *slot )
 {
     if( slot->type == PSA_KEY_TYPE_NONE )
@@ -876,6 +880,18 @@ static psa_status_t psa_remove_key_data_from_memory( key_slot_t *slot )
     return( PSA_SUCCESS );
 }
 
+/** Completely wipe a slot in memory, including its policy.
+ * Persistent storage is not affected. */
+static psa_status_t psa_wipe_key_slot( key_slot_t *slot )
+{
+    psa_status_t status = psa_remove_key_data_from_memory( slot );
+    /* At this point, key material and other type-specific content has
+     * been wiped. Clear remaining metadata. We can call memset and not
+     * zeroize because the metadata is not particularly sensitive. */
+    memset( slot, 0, sizeof( *slot ) );
+    return( status );
+}
+
 /* A slot is available if nothing has been set in it: default lifetime
  * and policy, no key type. */
 static int psa_internal_is_slot_available( key_slot_t *slot )
@@ -942,7 +958,6 @@ psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle )
 {
     psa_key_slot_t key;
     key_slot_t *slot;
-    psa_status_t status;
     /* Don't call psa_get_key_slot() so as not to trigger its automatic
      * loading of persistent key data. */
     if( ( handle & PSA_KEY_HANDLE_ALLOCATED_FLAG ) == 0 )
@@ -953,9 +968,7 @@ psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle )
     slot = &global_data.key_slots[key - 1];
     if( ! slot->allocated )
         return( PSA_ERROR_INVALID_HANDLE );
-    status = psa_remove_key_data_from_memory( slot );
-    memset( slot, 0, sizeof( *slot ) );
-    return( status );
+    return( psa_wipe_key_slot( slot ) );
 }
 
 psa_status_t psa_import_key( psa_key_slot_t key,
@@ -1013,9 +1026,7 @@ psa_status_t psa_destroy_key( psa_key_slot_t key )
             psa_destroy_persistent_key( slot->persistent_storage_id );
     }
 #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
-    status = psa_remove_key_data_from_memory( slot );
-    /* Zeroize the slot to wipe metadata such as policies. */
-    mbedtls_zeroize( slot, sizeof( *slot ) );
+    status = psa_wipe_key_slot( slot );
     if( status != PSA_SUCCESS )
         return( status );
     return( storage_status );
@@ -4565,9 +4576,7 @@ void mbedtls_psa_crypto_free( void )
         for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ )
         {
             key_slot_t *slot = &global_data.key_slots[key - 1];
-            (void) psa_remove_key_data_from_memory( slot );
-            /* Zeroize the slot to wipe metadata such as policies. */
-            mbedtls_zeroize( slot, sizeof( *slot ) );
+            (void) psa_wipe_key_slot( slot );
         }
     }
     if( global_data.rng_state != RNG_NOT_INITIALIZED )

From dc911fd59455bcee34227ea9d9ea358d3fec0cd0 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 3 Dec 2018 12:21:51 +0100
Subject: [PATCH 844/889] Remove redundant slot-based test

fill_slots is superseded by many_transient_handles.
---
 tests/suites/test_suite_psa_crypto.data     |  3 --
 tests/suites/test_suite_psa_crypto.function | 56 ---------------------
 2 files changed, 59 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index d23c364bf..a468abfef 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1,9 +1,6 @@
 PSA compile-time sanity checks
 static_checks:
 
-PSA fill 250 slots
-fill_slots:250
-
 PSA import/export raw: 0 bytes
 import_export:"":PSA_KEY_TYPE_RAW_DATA:0:PSA_KEY_USAGE_EXPORT:0:0:PSA_SUCCESS:1
 
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 3978ba7a0..aebf9a6f2 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -871,62 +871,6 @@ void static_checks( )
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
-void fill_slots( int max_arg )
-{
-    /* Fill all the slots until we run out of memory or out of slots,
-     * or until some limit specified in the test data for the sake of
-     * implementations with an essentially unlimited number of slots.
-     * This test assumes that available slots are numbered from 1. */
-
-    psa_key_slot_t slot;
-    psa_key_slot_t max = 0;
-    psa_key_policy_t policy;
-    uint8_t exported[sizeof( max )];
-    size_t exported_size;
-    psa_status_t status;
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    psa_key_policy_init( &policy );
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 );
-
-    for( max = 1; max <= (size_t) max_arg; max++ )
-    {
-        status = psa_set_key_policy( max, &policy );
-        /* Stop filling slots if we run out of memory or out of
-         * available slots. */
-        TEST_ASSERT( status == PSA_SUCCESS ||
-                     status == PSA_ERROR_INSUFFICIENT_MEMORY ||
-                     status == PSA_ERROR_INVALID_ARGUMENT );
-        if( status != PSA_SUCCESS )
-            break;
-        status = psa_import_key( max, PSA_KEY_TYPE_RAW_DATA,
-                                 (uint8_t*) &max, sizeof( max ) );
-        /* Since psa_set_key_policy succeeded, we know that the slot
-         * number is valid. But we may legitimately run out of memory. */
-        TEST_ASSERT( status == PSA_SUCCESS ||
-                     status == PSA_ERROR_INSUFFICIENT_MEMORY );
-        if( status != PSA_SUCCESS )
-            break;
-    }
-    /* `max` is now the first slot number that wasn't filled. */
-    max -= 1;
-
-    for( slot = 1; slot <= max; slot++ )
-    {
-        TEST_ASSERT( psa_export_key( slot,
-                                     exported, sizeof( exported ),
-                                     &exported_size ) == PSA_SUCCESS );
-        ASSERT_COMPARE( &slot, sizeof( slot ), exported, exported_size );
-    }
-
-exit:
-    /* Do not destroy the keys. mbedtls_psa_crypto_free() should do it. */
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
 /* BEGIN_CASE */
 void import( data_t *data, int type, int expected_status_arg )
 {

From a8860b2990be9a1380a6bf1ca4072850e247c870 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 3 Dec 2018 14:56:51 +0100
Subject: [PATCH 845/889] Remove lifetime test functions

With the handle-based slot management interface, psa_set_key_lifetime
will no longer exist, so remove the corresponding unit tests.
---
 tests/suites/test_suite_psa_crypto.data     | 12 -----
 tests/suites/test_suite_psa_crypto.function | 55 ---------------------
 2 files changed, 67 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index a468abfef..4d7793556 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -471,18 +471,6 @@ PSA key policy: agreement, wrong algorithm
 depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECDH_C
 agreement_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_ECDH(PSA_ALG_SELECT_RAW):PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_FFDH(PSA_ALG_SELECT_RAW)
 
-PSA key lifetime: set and get volatile
-key_lifetime:PSA_KEY_LIFETIME_VOLATILE
-
-PSA key lifetime set: invalid key slot
-key_lifetime_set_fail:0:PSA_KEY_LIFETIME_VOLATILE:PSA_ERROR_INVALID_ARGUMENT
-
-PSA key lifetime set: cannot change write_once lifetime
-key_lifetime_set_fail:1:PSA_KEY_LIFETIME_WRITE_ONCE:PSA_ERROR_NOT_SUPPORTED
-
-PSA key lifetime set: invalid key lifetime value
-key_lifetime_set_fail:1:PSA_KEY_LIFETIME_PERSISTENT+1:PSA_ERROR_INVALID_ARGUMENT
-
 PSA hash setup: good, SHA-1
 depends_on:MBEDTLS_SHA1_C
 hash_setup:PSA_ALG_SHA_1:PSA_SUCCESS
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index aebf9a6f2..8b3c79428 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1733,61 +1733,6 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
-void key_lifetime( int lifetime_arg )
-{
-    int key_slot = 1;
-    psa_key_type_t key_type = PSA_KEY_TYPE_RAW_DATA;
-    unsigned char key[32] = {0};
-    psa_key_lifetime_t lifetime_set = lifetime_arg;
-    psa_key_lifetime_t lifetime_get;
-
-    memset( key, 0x2a, sizeof( key ) );
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_set_key_lifetime( key_slot,
-                                       lifetime_set ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
-                                 key, sizeof( key ) ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_get_key_lifetime( key_slot,
-                                       &lifetime_get ) == PSA_SUCCESS );
-
-    TEST_ASSERT( lifetime_get == lifetime_set );
-
-exit:
-    psa_destroy_key( key_slot );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void key_lifetime_set_fail( int key_slot_arg,
-                            int lifetime_arg,
-                            int expected_status_arg )
-{
-    psa_key_slot_t key_slot = key_slot_arg;
-    psa_key_lifetime_t lifetime_set = lifetime_arg;
-    psa_status_t actual_status;
-    psa_status_t expected_status = expected_status_arg;
-
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
-    actual_status = psa_set_key_lifetime( key_slot, lifetime_set );
-
-    if( actual_status == PSA_SUCCESS )
-        actual_status = psa_set_key_lifetime( key_slot, lifetime_set );
-
-    TEST_ASSERT( expected_status == actual_status );
-
-exit:
-    psa_destroy_key( key_slot );
-    mbedtls_psa_crypto_free( );
-}
-/* END_CASE */
-
 /* BEGIN_CASE */
 void hash_setup( int alg_arg,
                  int expected_status_arg )

From bdf309ccdb51255a39abd1d29bbf19539263813b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 3 Dec 2018 15:36:32 +0100
Subject: [PATCH 846/889] Convert the PSA crypto cryptography tests to the new
 handle API

Switch from the direct use of slot numbers to handles allocated by
psa_allocate_key.

This commit does not affect persistent key tests except for the one
test function in test_suite_psa_crypto that uses persistent keys
(persistent_key_load_key_from_storage).

The general principle for each function is:
* Change `psa_key_slot_t slot` to `psa_key_handle_t handle`.
* Call psa_allocate_key() before setting the policy of the slot,
  or before creating key material in functions that don't set a policy.
* Some PSA_ERROR_EMPTY_SLOT errors become PSA_ERROR_INVALID_HANDLE
  because there is now a distinction between not having a valid
  handle, and having a valid handle to a slot that doesn't contain key
  material.
* In tests that use symmetric keys, calculate the max_bits parameters
  of psa_allocate_key() from the key data size. In tests where the key
  may be asymmetric, call an auxiliary macro KEY_BITS_FROM_DATA which
  returns an overapproximation. There's no good way to find a good
  value for max_bits with the API, I think the API should be tweaked.
---
 tests/suites/test_suite_psa_crypto.data     |  16 +-
 tests/suites/test_suite_psa_crypto.function | 855 ++++++++++++--------
 2 files changed, 511 insertions(+), 360 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 4d7793556..9801a8db7 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -29,17 +29,15 @@ PSA import to non empty key slot
 depends_on:MBEDTLS_AES_C
 import_key_nonempty_slot
 
-PSA export empty key slot
-export_invalid_slot:1:PSA_ERROR_EMPTY_SLOT
+PSA export invalid handle (0)
+export_invalid_handle:0:PSA_ERROR_INVALID_ARGUMENT
 
-PSA export out of range key slot - lower bound
-export_invalid_slot:0:PSA_ERROR_INVALID_ARGUMENT
+PSA export invalid handle (smallest plausible handle)
+# EMPTY_SLOT is temporary, because this valie is treated as a numbered slot, not as a handle
+export_invalid_handle:1:PSA_ERROR_EMPTY_SLOT
 
-PSA export out of range key slot - upper bound
-# Hard-code the upper bound of slots that are directly accessible because the
-# API does not expose this value. This is temporary: directly-accessible
-# slots are about to be removed.
-export_invalid_slot:32767:PSA_ERROR_INVALID_ARGUMENT
+PSA export invalid handle (largest plausible handle)
+export_invalid_handle:-1:PSA_ERROR_INVALID_HANDLE
 
 PSA export a slot where there was some activity but no key material creation
 export_with_no_key_activity
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 8b3c79428..c40ac5f7d 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -130,7 +130,7 @@ static int construct_fake_rsa_key( unsigned char *buffer,
     return( len );
 }
 
-static int exercise_mac_key( psa_key_slot_t key,
+static int exercise_mac_key( psa_key_handle_t handle,
                              psa_key_usage_t usage,
                              psa_algorithm_t alg )
 {
@@ -142,7 +142,7 @@ static int exercise_mac_key( psa_key_slot_t key,
     if( usage & PSA_KEY_USAGE_SIGN )
     {
         TEST_ASSERT( psa_mac_sign_setup( &operation,
-                                         key, alg ) == PSA_SUCCESS );
+                                         handle, alg ) == PSA_SUCCESS );
         TEST_ASSERT( psa_mac_update( &operation,
                                      input, sizeof( input ) ) == PSA_SUCCESS );
         TEST_ASSERT( psa_mac_sign_finish( &operation,
@@ -157,7 +157,7 @@ static int exercise_mac_key( psa_key_slot_t key,
               PSA_SUCCESS :
               PSA_ERROR_INVALID_SIGNATURE );
         TEST_ASSERT( psa_mac_verify_setup( &operation,
-                                           key, alg ) == PSA_SUCCESS );
+                                           handle, alg ) == PSA_SUCCESS );
         TEST_ASSERT( psa_mac_update( &operation,
                                      input, sizeof( input ) ) == PSA_SUCCESS );
         TEST_ASSERT( psa_mac_verify_finish( &operation,
@@ -172,7 +172,7 @@ exit:
     return( 0 );
 }
 
-static int exercise_cipher_key( psa_key_slot_t key,
+static int exercise_cipher_key( psa_key_handle_t handle,
                                 psa_key_usage_t usage,
                                 psa_algorithm_t alg )
 {
@@ -188,7 +188,7 @@ static int exercise_cipher_key( psa_key_slot_t key,
     if( usage & PSA_KEY_USAGE_ENCRYPT )
     {
         TEST_ASSERT( psa_cipher_encrypt_setup( &operation,
-                                               key, alg ) == PSA_SUCCESS );
+                                               handle, alg ) == PSA_SUCCESS );
         TEST_ASSERT( psa_cipher_generate_iv( &operation,
                                              iv, sizeof( iv ),
                                              &iv_length ) == PSA_SUCCESS );
@@ -210,11 +210,11 @@ static int exercise_cipher_key( psa_key_slot_t key,
         if( ! ( usage & PSA_KEY_USAGE_ENCRYPT ) )
         {
             size_t bits;
-            TEST_ASSERT( psa_get_key_information( key, &type, &bits ) );
+            TEST_ASSERT( psa_get_key_information( handle, &type, &bits ) );
             iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE( type );
         }
         TEST_ASSERT( psa_cipher_decrypt_setup( &operation,
-                                               key, alg ) == PSA_SUCCESS );
+                                               handle, alg ) == PSA_SUCCESS );
         TEST_ASSERT( psa_cipher_set_iv( &operation,
                                         iv, iv_length ) == PSA_SUCCESS );
         TEST_ASSERT( psa_cipher_update( &operation,
@@ -243,7 +243,7 @@ exit:
     return( 0 );
 }
 
-static int exercise_aead_key( psa_key_slot_t key,
+static int exercise_aead_key( psa_key_handle_t handle,
                               psa_key_usage_t usage,
                               psa_algorithm_t alg )
 {
@@ -256,7 +256,7 @@ static int exercise_aead_key( psa_key_slot_t key,
 
     if( usage & PSA_KEY_USAGE_ENCRYPT )
     {
-        TEST_ASSERT( psa_aead_encrypt( key, alg,
+        TEST_ASSERT( psa_aead_encrypt( handle, alg,
                                        nonce, nonce_length,
                                        NULL, 0,
                                        plaintext, sizeof( plaintext ),
@@ -270,7 +270,7 @@ static int exercise_aead_key( psa_key_slot_t key,
             ( usage & PSA_KEY_USAGE_ENCRYPT ?
               PSA_SUCCESS :
               PSA_ERROR_INVALID_SIGNATURE );
-        TEST_ASSERT( psa_aead_decrypt( key, alg,
+        TEST_ASSERT( psa_aead_decrypt( handle, alg,
                                        nonce, nonce_length,
                                        NULL, 0,
                                        ciphertext, ciphertext_length,
@@ -284,7 +284,7 @@ exit:
     return( 0 );
 }
 
-static int exercise_signature_key( psa_key_slot_t key,
+static int exercise_signature_key( psa_key_handle_t handle,
                                    psa_key_usage_t usage,
                                    psa_algorithm_t alg )
 {
@@ -301,7 +301,7 @@ static int exercise_signature_key( psa_key_slot_t key,
         psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
         if( hash_alg != 0 )
             payload_length = PSA_HASH_SIZE( hash_alg );
-        TEST_ASSERT( psa_asymmetric_sign( key, alg,
+        TEST_ASSERT( psa_asymmetric_sign( handle, alg,
                                           payload, payload_length,
                                           signature, sizeof( signature ),
                                           &signature_length ) == PSA_SUCCESS );
@@ -313,7 +313,7 @@ static int exercise_signature_key( psa_key_slot_t key,
             ( usage & PSA_KEY_USAGE_SIGN ?
               PSA_SUCCESS :
               PSA_ERROR_INVALID_SIGNATURE );
-        TEST_ASSERT( psa_asymmetric_verify( key, alg,
+        TEST_ASSERT( psa_asymmetric_verify( handle, alg,
                                             payload, payload_length,
                                             signature, signature_length ) ==
                      verify_status );
@@ -325,7 +325,7 @@ exit:
     return( 0 );
 }
 
-static int exercise_asymmetric_encryption_key( psa_key_slot_t key,
+static int exercise_asymmetric_encryption_key( psa_key_handle_t handle,
                                                psa_key_usage_t usage,
                                                psa_algorithm_t alg )
 {
@@ -337,7 +337,7 @@ static int exercise_asymmetric_encryption_key( psa_key_slot_t key,
     if( usage & PSA_KEY_USAGE_ENCRYPT )
     {
         TEST_ASSERT(
-            psa_asymmetric_encrypt( key, alg,
+            psa_asymmetric_encrypt( handle, alg,
                                     plaintext, plaintext_length,
                                     NULL, 0,
                                     ciphertext, sizeof( ciphertext ),
@@ -347,7 +347,7 @@ static int exercise_asymmetric_encryption_key( psa_key_slot_t key,
     if( usage & PSA_KEY_USAGE_DECRYPT )
     {
         psa_status_t status =
-            psa_asymmetric_decrypt( key, alg,
+            psa_asymmetric_decrypt( handle, alg,
                                     ciphertext, ciphertext_length,
                                     NULL, 0,
                                     plaintext, sizeof( plaintext ),
@@ -364,7 +364,7 @@ exit:
     return( 0 );
 }
 
-static int exercise_key_derivation_key( psa_key_slot_t key,
+static int exercise_key_derivation_key( psa_key_handle_t handle,
                                         psa_key_usage_t usage,
                                         psa_algorithm_t alg )
 {
@@ -378,7 +378,7 @@ static int exercise_key_derivation_key( psa_key_slot_t key,
     if( usage & PSA_KEY_USAGE_DERIVE )
     {
         TEST_ASSERT( psa_key_derivation( &generator,
-                                         key, alg,
+                                         handle, alg,
                                          label, label_length,
                                          seed, seed_length,
                                          sizeof( output ) ) == PSA_SUCCESS );
@@ -397,7 +397,7 @@ exit:
 /* We need two keys to exercise key agreement. Exercise the
  * private key against its own public key. */
 static psa_status_t key_agreement_with_self( psa_crypto_generator_t *generator,
-                                             psa_key_type_t key_slot,
+                                             psa_key_handle_t handle,
                                              psa_algorithm_t alg )
 {
     psa_key_type_t private_key_type;
@@ -410,18 +410,18 @@ static psa_status_t key_agreement_with_self( psa_crypto_generator_t *generator,
      * good enough: callers will report it as a failed test anyway. */
     psa_status_t status = PSA_ERROR_UNKNOWN_ERROR;
 
-    TEST_ASSERT( psa_get_key_information( key_slot,
+    TEST_ASSERT( psa_get_key_information( handle,
                                           &private_key_type,
                                           &key_bits ) == PSA_SUCCESS );
     public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( private_key_type );
     public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits );
     ASSERT_ALLOC( public_key, public_key_length );
     TEST_ASSERT( public_key != NULL );
-    TEST_ASSERT( psa_export_public_key( key_slot,
+    TEST_ASSERT( psa_export_public_key( handle,
                                         public_key, public_key_length,
                                         &public_key_length ) == PSA_SUCCESS );
 
-    status = psa_key_agreement( generator, key_slot,
+    status = psa_key_agreement( generator, handle,
                                 public_key, public_key_length,
                                 alg );
 exit:
@@ -429,7 +429,7 @@ exit:
     return( status );
 }
 
-static int exercise_key_agreement_key( psa_key_slot_t key,
+static int exercise_key_agreement_key( psa_key_handle_t handle,
                                        psa_key_usage_t usage,
                                        psa_algorithm_t alg )
 {
@@ -441,7 +441,7 @@ static int exercise_key_agreement_key( psa_key_slot_t key,
     {
         /* We need two keys to exercise key agreement. Exercise the
          * private key against its own public key. */
-        TEST_ASSERT( key_agreement_with_self( &generator, key, alg ) ==
+        TEST_ASSERT( key_agreement_with_self( &generator, handle, alg ) ==
                      PSA_SUCCESS );
         TEST_ASSERT( psa_generator_read( &generator,
                                          output,
@@ -713,7 +713,7 @@ exit:
     return( 0 );
 }
 
-static int exercise_export_key( psa_key_slot_t slot,
+static int exercise_export_key( psa_key_handle_t handle,
                                 psa_key_usage_t usage )
 {
     psa_key_type_t type;
@@ -723,12 +723,12 @@ static int exercise_export_key( psa_key_slot_t slot,
     size_t exported_length = 0;
     int ok = 0;
 
-    TEST_ASSERT( psa_get_key_information( slot, &type, &bits ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_get_key_information( handle, &type, &bits ) == PSA_SUCCESS );
 
     if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 &&
         ! PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
     {
-        TEST_ASSERT( psa_export_key( slot, NULL, 0, &exported_length ) ==
+        TEST_ASSERT( psa_export_key( handle, NULL, 0, &exported_length ) ==
                      PSA_ERROR_NOT_PERMITTED );
         return( 1 );
     }
@@ -736,7 +736,7 @@ static int exercise_export_key( psa_key_slot_t slot,
     exported_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits );
     ASSERT_ALLOC( exported, exported_size );
 
-    TEST_ASSERT( psa_export_key( slot,
+    TEST_ASSERT( psa_export_key( handle,
                                  exported, exported_size,
                                  &exported_length ) == PSA_SUCCESS );
     ok = exported_key_sanity_check( type, bits, exported, exported_length );
@@ -746,7 +746,7 @@ exit:
     return( ok );
 }
 
-static int exercise_export_public_key( psa_key_slot_t slot )
+static int exercise_export_public_key( psa_key_handle_t handle )
 {
     psa_key_type_t type;
     psa_key_type_t public_type;
@@ -756,10 +756,10 @@ static int exercise_export_public_key( psa_key_slot_t slot )
     size_t exported_length = 0;
     int ok = 0;
 
-    TEST_ASSERT( psa_get_key_information( slot, &type, &bits ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_get_key_information( handle, &type, &bits ) == PSA_SUCCESS );
     if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( type ) )
     {
-        TEST_ASSERT( psa_export_public_key( slot,
+        TEST_ASSERT( psa_export_public_key( handle,
                                             NULL, 0, &exported_length ) ==
                      PSA_ERROR_INVALID_ARGUMENT );
         return( 1 );
@@ -769,7 +769,7 @@ static int exercise_export_public_key( psa_key_slot_t slot )
     exported_size = PSA_KEY_EXPORT_MAX_SIZE( public_type, bits );
     ASSERT_ALLOC( exported, exported_size );
 
-    TEST_ASSERT( psa_export_public_key( slot,
+    TEST_ASSERT( psa_export_public_key( handle,
                                         exported, exported_size,
                                         &exported_length ) == PSA_SUCCESS );
     ok = exported_key_sanity_check( public_type, bits,
@@ -780,7 +780,7 @@ exit:
     return( ok );
 }
 
-static int exercise_key( psa_key_slot_t slot,
+static int exercise_key( psa_key_handle_t handle,
                          psa_key_usage_t usage,
                          psa_algorithm_t alg )
 {
@@ -788,19 +788,19 @@ static int exercise_key( psa_key_slot_t slot,
     if( alg == 0 )
         ok = 1; /* If no algorihm, do nothing (used for raw data "keys"). */
     else if( PSA_ALG_IS_MAC( alg ) )
-        ok = exercise_mac_key( slot, usage, alg );
+        ok = exercise_mac_key( handle, usage, alg );
     else if( PSA_ALG_IS_CIPHER( alg ) )
-        ok = exercise_cipher_key( slot, usage, alg );
+        ok = exercise_cipher_key( handle, usage, alg );
     else if( PSA_ALG_IS_AEAD( alg ) )
-        ok = exercise_aead_key( slot, usage, alg );
+        ok = exercise_aead_key( handle, usage, alg );
     else if( PSA_ALG_IS_SIGN( alg ) )
-        ok = exercise_signature_key( slot, usage, alg );
+        ok = exercise_signature_key( handle, usage, alg );
     else if( PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) )
-        ok = exercise_asymmetric_encryption_key( slot, usage, alg );
+        ok = exercise_asymmetric_encryption_key( handle, usage, alg );
     else if( PSA_ALG_IS_KEY_DERIVATION( alg ) )
-        ok = exercise_key_derivation_key( slot, usage, alg );
+        ok = exercise_key_derivation_key( handle, usage, alg );
     else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) )
-        ok = exercise_key_agreement_key( slot, usage, alg );
+        ok = exercise_key_agreement_key( handle, usage, alg );
     else
     {
         char message[40];
@@ -811,8 +811,8 @@ static int exercise_key( psa_key_slot_t slot,
         ok = 0;
     }
 
-    ok = ok && exercise_export_key( slot, usage );
-    ok = ok && exercise_export_public_key( slot );
+    ok = ok && exercise_export_key( handle, usage );
+    ok = ok && exercise_export_public_key( handle );
 
     return( ok );
 }
@@ -845,6 +845,13 @@ static psa_key_usage_t usage_to_exercise( psa_key_type_t type,
 
 }
 
+/* An overapproximation of the amount of storage needed for a key of the
+ * given type and with the given content. The API doesn't make it easy
+ * to find a good value for the size. The current implementation doesn't
+ * care about the value anyway. */
+#define KEY_BITS_FROM_DATA( type, data )        \
+    ( data )->len
+
 typedef enum {
     IMPORT_KEY = 0,
     GENERATE_KEY = 1,
@@ -874,7 +881,7 @@ void static_checks( )
 /* BEGIN_CASE */
 void import( data_t *data, int type, int expected_status_arg )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_status_t expected_status = expected_status_arg;
     psa_status_t status;
 
@@ -882,10 +889,12 @@ void import( data_t *data, int type, int expected_status_arg )
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
-    status = psa_import_key( slot, type, data->x, data->len );
+    TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
+                                   &handle ) == PSA_SUCCESS );
+    status = psa_import_key( handle, type, data->x, data->len );
     TEST_ASSERT( status == expected_status );
     if( status == PSA_SUCCESS )
-        TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -899,7 +908,7 @@ void import_twice( int alg_arg, int usage_arg,
                    int type2_arg, data_t *data2,
                    int expected_import2_status_arg )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_algorithm_t alg = alg_arg;
     psa_key_usage_t usage = usage_arg;
     psa_key_type_t type1 = type1_arg;
@@ -911,19 +920,23 @@ void import_twice( int alg_arg, int usage_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( type1,
+                                   MAX( KEY_BITS_FROM_DATA( type1, data1 ),
+                                        KEY_BITS_FROM_DATA( type2, data2 ) ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, usage, alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    status = psa_import_key( slot, type1, data1->x, data1->len );
+    status = psa_import_key( handle, type1, data1->x, data1->len );
     TEST_ASSERT( status == expected_import1_status );
-    status = psa_import_key( slot, type2, data2->x, data2->len );
+    status = psa_import_key( handle, type2, data2->x, data2->len );
     TEST_ASSERT( status == expected_import2_status );
 
     if( expected_import1_status == PSA_SUCCESS ||
         expected_import2_status == PSA_SUCCESS )
     {
-        TEST_ASSERT( exercise_key( slot, usage, alg ) );
+        TEST_ASSERT( exercise_key( handle, usage, alg ) );
     }
 
 exit:
@@ -934,7 +947,7 @@ exit:
 /* BEGIN_CASE */
 void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     size_t bits = bits_arg;
     psa_status_t expected_status = expected_status_arg;
     psa_status_t status;
@@ -955,10 +968,11 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg )
     length = ret;
 
     /* Try importing the key */
-    status = psa_import_key( slot, type, p, length );
+    TEST_ASSERT( psa_allocate_key( type, bits, &handle ) == PSA_SUCCESS );
+    status = psa_import_key( handle, type, p, length );
     TEST_ASSERT( status == expected_status );
     if( status == PSA_SUCCESS )
-        TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
+        TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS );
 
 exit:
     mbedtls_free( buffer );
@@ -976,8 +990,7 @@ void import_export( data_t *data,
                     int expected_export_status_arg,
                     int canonical_input )
 {
-    int slot = 1;
-    int slot2 = slot + 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t type = type_arg;
     psa_algorithm_t alg = alg_arg;
     psa_status_t expected_export_status = expected_export_status_arg;
@@ -999,23 +1012,28 @@ void import_export( data_t *data,
         ASSERT_ALLOC( reexported, export_size );
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( type, expected_bits, &handle ) ==
+                 PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, usage_arg, alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+
+    TEST_ASSERT( psa_get_key_information(
+                     handle, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
 
     /* Import the key */
-    TEST_ASSERT( psa_import_key( slot, type,
+    TEST_ASSERT( psa_import_key( handle, type,
                                  data->x, data->len ) == PSA_SUCCESS );
 
     /* Test the key information */
-    TEST_ASSERT( psa_get_key_information( slot,
+    TEST_ASSERT( psa_get_key_information( handle,
                                           &got_type,
                                           &got_bits ) == PSA_SUCCESS );
     TEST_ASSERT( got_type == type );
     TEST_ASSERT( got_bits == (size_t) expected_bits );
 
     /* Export the key */
-    status = psa_export_key( slot,
+    status = psa_export_key( handle,
                              exported, export_size,
                              &exported_length );
     TEST_ASSERT( status == expected_export_status );
@@ -1034,32 +1052,36 @@ void import_export( data_t *data,
         goto destroy;
     }
 
-    if( ! exercise_export_key( slot, usage_arg ) )
+    if( ! exercise_export_key( handle, usage_arg ) )
         goto exit;
 
     if( canonical_input )
         ASSERT_COMPARE( data->x, data->len, exported, exported_length );
     else
     {
-        TEST_ASSERT( psa_set_key_policy( slot2, &policy ) == PSA_SUCCESS );
+        psa_key_handle_t handle2;
+        TEST_ASSERT( psa_allocate_key( type, expected_bits, &handle2 ) ==
+                     PSA_SUCCESS );
+        TEST_ASSERT( psa_set_key_policy( handle2, &policy ) == PSA_SUCCESS );
 
-        TEST_ASSERT( psa_import_key( slot2, type,
+        TEST_ASSERT( psa_import_key( handle2, type,
                                      exported,
                                      exported_length ) == PSA_SUCCESS );
-        TEST_ASSERT( psa_export_key( slot2,
+        TEST_ASSERT( psa_export_key( handle2,
                                      reexported,
                                      export_size,
                                      &reexported_length ) == PSA_SUCCESS );
         ASSERT_COMPARE( exported, exported_length,
                         reexported, reexported_length );
+        TEST_ASSERT( psa_close_key( handle2 ) == PSA_SUCCESS );
     }
     TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, got_bits ) );
 
 destroy:
     /* Destroy the key */
-    TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS );
     TEST_ASSERT( psa_get_key_information(
-                     slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
+                     handle, NULL, NULL ) == PSA_ERROR_INVALID_HANDLE );
 
 exit:
     mbedtls_free( exported );
@@ -1071,18 +1093,21 @@ exit:
 /* BEGIN_CASE */
 void import_key_nonempty_slot( )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t type = PSA_KEY_TYPE_RAW_DATA;
     psa_status_t status;
     const uint8_t data[] = { 0x1, 0x2, 0x3, 0x4, 0x5 };
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( type, PSA_BYTES_TO_BITS( sizeof( data ) ),
+                                   &handle ) == PSA_SUCCESS );
+
     /* Import the key */
-    TEST_ASSERT( psa_import_key( slot, type,
+    TEST_ASSERT( psa_import_key( handle, type,
                                  data, sizeof( data ) ) == PSA_SUCCESS );
 
     /* Import the key again */
-    status = psa_import_key( slot, type, data, sizeof( data ) );
+    status = psa_import_key( handle, type, data, sizeof( data ) );
     TEST_ASSERT( status == PSA_ERROR_OCCUPIED_SLOT );
 
 exit:
@@ -1091,7 +1116,7 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void export_invalid_slot( int slot, int expected_export_status_arg )
+void export_invalid_handle( int handle, int expected_export_status_arg )
 {
     psa_status_t status;
     unsigned char *exported = NULL;
@@ -1102,7 +1127,7 @@ void export_invalid_slot( int slot, int expected_export_status_arg )
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
     /* Export the key */
-    status = psa_export_key( slot,
+    status = psa_export_key( (psa_key_handle_t) handle,
                              exported, export_size,
                              &exported_length );
     TEST_ASSERT( status == expected_export_status );
@@ -1115,7 +1140,7 @@ exit:
 /* BEGIN_CASE */
 void export_with_no_key_activity( )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_algorithm_t alg = PSA_ALG_CTR;
     psa_status_t status;
     psa_key_policy_t policy;
@@ -1125,12 +1150,14 @@ void export_with_no_key_activity( )
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 0,
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
     /* Export the key */
-    status = psa_export_key( slot,
+    status = psa_export_key( handle,
                              exported, export_size,
                              &exported_length );
     TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT );
@@ -1143,7 +1170,7 @@ exit:
 /* BEGIN_CASE */
 void cipher_with_no_key_activity( )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_status_t status;
     psa_key_policy_t policy;
     psa_cipher_operation_t operation;
@@ -1151,11 +1178,13 @@ void cipher_with_no_key_activity( )
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 0,
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, exercise_alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    status = psa_cipher_encrypt_setup( &operation, slot, exercise_alg );
+    status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg );
     TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT );
 
 exit:
@@ -1168,7 +1197,7 @@ exit:
 void export_after_import_failure( data_t *data, int type_arg,
                                   int expected_import_status_arg )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t type = type_arg;
     psa_status_t status;
     unsigned char *exported = NULL;
@@ -1178,13 +1207,16 @@ void export_after_import_failure( data_t *data, int type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
+                                   &handle ) == PSA_SUCCESS );
+
     /* Import the key - expect failure */
-    status = psa_import_key( slot, type,
+    status = psa_import_key( handle, type,
                                  data->x, data->len );
     TEST_ASSERT( status == expected_import_status );
 
     /* Export the key */
-    status = psa_export_key( slot,
+    status = psa_export_key( handle,
                              exported, export_size,
                              &exported_length );
     TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT );
@@ -1198,7 +1230,7 @@ exit:
 void cipher_after_import_failure( data_t *data, int type_arg,
                                   int expected_import_status_arg )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_cipher_operation_t operation;
     psa_key_type_t type = type_arg;
     psa_status_t status;
@@ -1207,12 +1239,15 @@ void cipher_after_import_failure( data_t *data, int type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
+                                   &handle ) == PSA_SUCCESS );
+
     /* Import the key - expect failure */
-    status = psa_import_key( slot, type,
+    status = psa_import_key( handle, type,
                                  data->x, data->len );
     TEST_ASSERT( status == expected_import_status );
 
-    status = psa_cipher_encrypt_setup( &operation, slot, exercise_alg );
+    status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg );
     TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT );
 
 exit:
@@ -1224,7 +1259,7 @@ exit:
 /* BEGIN_CASE */
 void export_after_destroy_key( data_t *data, int type_arg )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t type = type_arg;
     psa_status_t status;
     psa_key_policy_t policy;
@@ -1235,26 +1270,28 @@ void export_after_destroy_key( data_t *data, int type_arg )
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
     export_size = (ptrdiff_t) data->len;
     ASSERT_ALLOC( exported, export_size );
 
     /* Import the key */
-    TEST_ASSERT( psa_import_key( slot, type,
+    TEST_ASSERT( psa_import_key( handle, type,
                                  data->x, data->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_export_key( slot, exported, export_size,
+    TEST_ASSERT( psa_export_key( handle, exported, export_size,
                                  &exported_length ) == PSA_SUCCESS );
 
     /* Destroy the key */
-    TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS );
 
     /* Export the key */
-    status = psa_export_key( slot, exported, export_size,
+    status = psa_export_key( handle, exported, export_size,
                              &exported_length );
-    TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT );
+    TEST_ASSERT( status == PSA_ERROR_INVALID_HANDLE );
 
 exit:
     mbedtls_free( exported );
@@ -1270,7 +1307,7 @@ void import_export_public_key( data_t *data,
                                int expected_export_status_arg,
                                data_t *expected_public_key )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t type = type_arg;
     psa_algorithm_t alg = alg_arg;
     psa_status_t expected_export_status = expected_export_status_arg;
@@ -1282,17 +1319,19 @@ void import_export_public_key( data_t *data,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
     /* Import the key */
-    TEST_ASSERT( psa_import_key( slot, type,
+    TEST_ASSERT( psa_import_key( handle, type,
                                  data->x, data->len ) == PSA_SUCCESS );
 
     /* Export the public key */
     ASSERT_ALLOC( exported, export_size );
-    status = psa_export_public_key( slot,
+    status = psa_export_public_key( handle,
                                     exported, export_size,
                                     &exported_length );
     TEST_ASSERT( status == expected_export_status );
@@ -1300,7 +1339,7 @@ void import_export_public_key( data_t *data,
     {
         psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type );
         size_t bits;
-        TEST_ASSERT( psa_get_key_information( slot, NULL, &bits ) ==
+        TEST_ASSERT( psa_get_key_information( handle, NULL, &bits ) ==
                      PSA_SUCCESS );
         TEST_ASSERT( expected_public_key->len <=
                      PSA_KEY_EXPORT_MAX_SIZE( public_type, bits ) );
@@ -1310,7 +1349,7 @@ void import_export_public_key( data_t *data,
 
 exit:
     mbedtls_free( exported );
-    psa_destroy_key( slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -1321,7 +1360,7 @@ void import_and_exercise_key( data_t *data,
                               int bits_arg,
                               int alg_arg )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t type = type_arg;
     size_t bits = bits_arg;
     psa_algorithm_t alg = alg_arg;
@@ -1333,27 +1372,29 @@ void import_and_exercise_key( data_t *data,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, usage, alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
     /* Import the key */
-    status = psa_import_key( slot, type, data->x, data->len );
+    status = psa_import_key( handle, type, data->x, data->len );
     TEST_ASSERT( status == PSA_SUCCESS );
 
     /* Test the key information */
-    TEST_ASSERT( psa_get_key_information( slot,
+    TEST_ASSERT( psa_get_key_information( handle,
                                           &got_type,
                                           &got_bits ) == PSA_SUCCESS );
     TEST_ASSERT( got_type == type );
     TEST_ASSERT( got_bits == bits );
 
     /* Do something with the key according to its type and permitted usage. */
-    if( ! exercise_key( slot, usage, alg ) )
+    if( ! exercise_key( handle, usage, alg ) )
         goto exit;
 
 exit:
-    psa_destroy_key( slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -1361,7 +1402,7 @@ exit:
 /* BEGIN_CASE */
 void key_policy( int usage_arg, int alg_arg )
 {
-    int key_slot = 1;
+    psa_key_handle_t handle = 0;
     psa_algorithm_t alg = alg_arg;
     psa_key_usage_t usage = usage_arg;
     psa_key_type_t key_type = PSA_KEY_TYPE_AES;
@@ -1373,25 +1414,26 @@ void key_policy( int usage_arg, int alg_arg )
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( sizeof( key ) ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy_set );
     psa_key_policy_init( &policy_get );
-
     psa_key_policy_set_usage( &policy_set, usage, alg );
 
     TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == usage );
     TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy_set ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy_set ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key, sizeof( key ) ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_get_key_policy( key_slot, &policy_get ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_get_key_policy( handle, &policy_get ) == PSA_SUCCESS );
 
     TEST_ASSERT( policy_get.usage == policy_set.usage );
     TEST_ASSERT( policy_get.alg == policy_set.alg );
 
 exit:
-    psa_destroy_key( key_slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -1403,7 +1445,7 @@ void mac_key_policy( int policy_usage,
                      data_t *key_data,
                      int exercise_alg )
 {
-    int key_slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_policy_t policy;
     psa_mac_operation_t operation;
     psa_status_t status;
@@ -1411,14 +1453,17 @@ void mac_key_policy( int policy_usage,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type,
+                                   KEY_BITS_FROM_DATA( key_type, key_data ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data->x, key_data->len ) == PSA_SUCCESS );
 
-    status = psa_mac_sign_setup( &operation, key_slot, exercise_alg );
+    status = psa_mac_sign_setup( &operation, handle, exercise_alg );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 )
         TEST_ASSERT( status == PSA_SUCCESS );
@@ -1427,7 +1472,7 @@ void mac_key_policy( int policy_usage,
     psa_mac_abort( &operation );
 
     memset( mac, 0, sizeof( mac ) );
-    status = psa_mac_verify_setup( &operation, key_slot, exercise_alg );
+    status = psa_mac_verify_setup( &operation, handle, exercise_alg );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 )
         TEST_ASSERT( status == PSA_SUCCESS );
@@ -1436,7 +1481,7 @@ void mac_key_policy( int policy_usage,
 
 exit:
     psa_mac_abort( &operation );
-    psa_destroy_key( key_slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -1448,21 +1493,24 @@ void cipher_key_policy( int policy_usage,
                         data_t *key_data,
                         int exercise_alg )
 {
-    int key_slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_policy_t policy;
     psa_cipher_operation_t operation;
     psa_status_t status;
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type,
+                                   KEY_BITS_FROM_DATA( key_type, key_data ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data->x, key_data->len ) == PSA_SUCCESS );
 
-    status = psa_cipher_encrypt_setup( &operation, key_slot, exercise_alg );
+    status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
         TEST_ASSERT( status == PSA_SUCCESS );
@@ -1470,7 +1518,7 @@ void cipher_key_policy( int policy_usage,
         TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
     psa_cipher_abort( &operation );
 
-    status = psa_cipher_decrypt_setup( &operation, key_slot, exercise_alg );
+    status = psa_cipher_decrypt_setup( &operation, handle, exercise_alg );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 )
         TEST_ASSERT( status == PSA_SUCCESS );
@@ -1479,7 +1527,7 @@ void cipher_key_policy( int policy_usage,
 
 exit:
     psa_cipher_abort( &operation );
-    psa_destroy_key( key_slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -1493,7 +1541,7 @@ void aead_key_policy( int policy_usage,
                       int tag_length_arg,
                       int exercise_alg )
 {
-    int key_slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_policy_t policy;
     psa_status_t status;
     unsigned char nonce[16] = {0};
@@ -1507,14 +1555,17 @@ void aead_key_policy( int policy_usage,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type,
+                                   KEY_BITS_FROM_DATA( key_type, key_data ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data->x, key_data->len ) == PSA_SUCCESS );
 
-    status = psa_aead_encrypt( key_slot, exercise_alg,
+    status = psa_aead_encrypt( handle, exercise_alg,
                                nonce, nonce_length,
                                NULL, 0,
                                NULL, 0,
@@ -1527,7 +1578,7 @@ void aead_key_policy( int policy_usage,
         TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 
     memset( tag, 0, sizeof( tag ) );
-    status = psa_aead_decrypt( key_slot, exercise_alg,
+    status = psa_aead_decrypt( handle, exercise_alg,
                                nonce, nonce_length,
                                NULL, 0,
                                tag, tag_length,
@@ -1540,7 +1591,7 @@ void aead_key_policy( int policy_usage,
         TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 
 exit:
-    psa_destroy_key( key_slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -1552,7 +1603,7 @@ void asymmetric_encryption_key_policy( int policy_usage,
                                        data_t *key_data,
                                        int exercise_alg )
 {
-    int key_slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_policy_t policy;
     psa_status_t status;
     size_t key_bits;
@@ -1562,21 +1613,24 @@ void asymmetric_encryption_key_policy( int policy_usage,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type,
+                                   KEY_BITS_FROM_DATA( key_type, key_data ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data->x, key_data->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_get_key_information( key_slot,
+    TEST_ASSERT( psa_get_key_information( handle,
                                           NULL,
                                           &key_bits ) == PSA_SUCCESS );
     buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits,
                                                         exercise_alg );
     ASSERT_ALLOC( buffer, buffer_length );
 
-    status = psa_asymmetric_encrypt( key_slot, exercise_alg,
+    status = psa_asymmetric_encrypt( handle, exercise_alg,
                                      NULL, 0,
                                      NULL, 0,
                                      buffer, buffer_length,
@@ -1589,7 +1643,7 @@ void asymmetric_encryption_key_policy( int policy_usage,
 
     if( buffer_length != 0 )
         memset( buffer, 0, buffer_length );
-    status = psa_asymmetric_decrypt( key_slot, exercise_alg,
+    status = psa_asymmetric_decrypt( handle, exercise_alg,
                                      buffer, buffer_length,
                                      NULL, 0,
                                      buffer, buffer_length,
@@ -1601,7 +1655,7 @@ void asymmetric_encryption_key_policy( int policy_usage,
         TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 
 exit:
-    psa_destroy_key( key_slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
     mbedtls_free( buffer );
 }
@@ -1614,7 +1668,7 @@ void asymmetric_signature_key_policy( int policy_usage,
                                       data_t *key_data,
                                       int exercise_alg )
 {
-    int key_slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_policy_t policy;
     psa_status_t status;
     unsigned char payload[16] = {1};
@@ -1624,14 +1678,17 @@ void asymmetric_signature_key_policy( int policy_usage,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type,
+                                   KEY_BITS_FROM_DATA( key_type, key_data ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data->x, key_data->len ) == PSA_SUCCESS );
 
-    status = psa_asymmetric_sign( key_slot, exercise_alg,
+    status = psa_asymmetric_sign( handle, exercise_alg,
                                   payload, payload_length,
                                   signature, sizeof( signature ),
                                   &signature_length );
@@ -1642,7 +1699,7 @@ void asymmetric_signature_key_policy( int policy_usage,
         TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 
     memset( signature, 0, sizeof( signature ) );
-    status = psa_asymmetric_verify( key_slot, exercise_alg,
+    status = psa_asymmetric_verify( handle, exercise_alg,
                                     payload, payload_length,
                                     signature, sizeof( signature ) );
     if( policy_alg == exercise_alg &&
@@ -1652,7 +1709,7 @@ void asymmetric_signature_key_policy( int policy_usage,
         TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 
 exit:
-    psa_destroy_key( key_slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -1664,21 +1721,24 @@ void derive_key_policy( int policy_usage,
                         data_t *key_data,
                         int exercise_alg )
 {
-    int key_slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_policy_t policy;
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
     psa_status_t status;
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type,
+                                   KEY_BITS_FROM_DATA( key_type, key_data ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data->x, key_data->len ) == PSA_SUCCESS );
 
-    status = psa_key_derivation( &generator, key_slot,
+    status = psa_key_derivation( &generator, handle,
                                  exercise_alg,
                                  NULL, 0,
                                  NULL, 0,
@@ -1691,7 +1751,7 @@ void derive_key_policy( int policy_usage,
 
 exit:
     psa_generator_abort( &generator );
-    psa_destroy_key( key_slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -1703,7 +1763,7 @@ void agreement_key_policy( int policy_usage,
                            data_t *key_data,
                            int exercise_alg )
 {
-    int key_slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_policy_t policy;
     psa_key_type_t key_type = key_type_arg;
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
@@ -1711,14 +1771,17 @@ void agreement_key_policy( int policy_usage,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type,
+                                   KEY_BITS_FROM_DATA( key_type, key_data ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data->x, key_data->len ) == PSA_SUCCESS );
 
-    status = key_agreement_with_self( &generator, key_slot, exercise_alg );
+    status = key_agreement_with_self( &generator, handle, exercise_alg );
 
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 )
@@ -1728,7 +1791,7 @@ void agreement_key_policy( int policy_usage,
 
 exit:
     psa_generator_abort( &generator );
-    psa_destroy_key( key_slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -1856,7 +1919,7 @@ void mac_setup( int key_type_arg,
                 int alg_arg,
                 int expected_status_arg )
 {
-    int key_slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     psa_status_t expected_status = expected_status_arg;
@@ -1866,21 +1929,23 @@ void mac_setup( int key_type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy,
                               PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY,
                               alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
-    status = psa_mac_sign_setup( &operation, key_slot, alg );
+    status = psa_mac_sign_setup( &operation, handle, alg );
     psa_mac_abort( &operation );
     TEST_ASSERT( status == expected_status );
 
 exit:
-    psa_destroy_key( key_slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -1892,7 +1957,7 @@ void mac_sign( int key_type_arg,
                data_t *input,
                data_t *expected_mac )
 {
-    int key_slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     psa_mac_operation_t operation;
@@ -1911,16 +1976,18 @@ void mac_sign( int key_type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
     /* Calculate the MAC. */
     TEST_ASSERT( psa_mac_sign_setup( &operation,
-                                     key_slot, alg ) == PSA_SUCCESS );
+                                     handle, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_mac_update( &operation,
                                  input->x, input->len ) == PSA_SUCCESS );
     TEST_ASSERT( psa_mac_sign_finish( &operation,
@@ -1936,7 +2003,7 @@ void mac_sign( int key_type_arg,
                               sizeof( actual_mac ) - mac_length ) );
 
 exit:
-    psa_destroy_key( key_slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -1948,7 +2015,7 @@ void mac_verify( int key_type_arg,
                  data_t *input,
                  data_t *expected_mac )
 {
-    int key_slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     psa_mac_operation_t operation;
@@ -1965,16 +2032,18 @@ void mac_verify( int key_type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_mac_verify_setup( &operation,
-                                       key_slot, alg ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS );
+                                       handle, alg ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS );
     TEST_ASSERT( psa_mac_update( &operation,
                                  input->x, input->len ) == PSA_SUCCESS );
     TEST_ASSERT( psa_mac_verify_finish( &operation,
@@ -1982,7 +2051,7 @@ void mac_verify( int key_type_arg,
                                         expected_mac->len ) == PSA_SUCCESS );
 
 exit:
-    psa_destroy_key( key_slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -1993,7 +2062,7 @@ void cipher_setup( int key_type_arg,
                    int alg_arg,
                    int expected_status_arg )
 {
-    int key_slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     psa_status_t expected_status = expected_status_arg;
@@ -2003,19 +2072,21 @@ void cipher_setup( int key_type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
-    status = psa_cipher_encrypt_setup( &operation, key_slot, alg );
+    status = psa_cipher_encrypt_setup( &operation, handle, alg );
     psa_cipher_abort( &operation );
     TEST_ASSERT( status == expected_status );
 
 exit:
-    psa_destroy_key( key_slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -2026,7 +2097,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
                      data_t *input, data_t *expected_output,
                      int expected_status_arg )
 {
-    int key_slot = 1;
+    psa_key_handle_t handle = 0;
     psa_status_t status;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
@@ -2052,15 +2123,17 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_encrypt_setup( &operation,
-                                           key_slot, alg ) == PSA_SUCCESS );
+                                           handle, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_set_iv( &operation,
                                     iv, iv_size ) == PSA_SUCCESS );
@@ -2089,7 +2162,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
 
 exit:
     mbedtls_free( output );
-    psa_destroy_key( key_slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -2101,7 +2174,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
                                int first_part_size,
                                data_t *expected_output )
 {
-    int key_slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     unsigned char iv[16] = {0};
@@ -2125,15 +2198,17 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_encrypt_setup( &operation,
-                                           key_slot, alg ) == PSA_SUCCESS );
+                                           handle, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_set_iv( &operation,
                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
@@ -2164,7 +2239,7 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
 
 exit:
     mbedtls_free( output );
-    psa_destroy_key( key_slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -2176,7 +2251,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
                                int first_part_size,
                                data_t *expected_output )
 {
-    int key_slot = 1;
+    psa_key_handle_t handle = 0;
 
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
@@ -2201,15 +2276,17 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_decrypt_setup( &operation,
-                                           key_slot, alg ) == PSA_SUCCESS );
+                                           handle, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_set_iv( &operation,
                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
@@ -2242,7 +2319,7 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
 
 exit:
     mbedtls_free( output );
-    psa_destroy_key( key_slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -2253,7 +2330,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
                      data_t *input, data_t *expected_output,
                      int expected_status_arg )
 {
-    int key_slot = 1;
+    psa_key_handle_t handle = 0;
     psa_status_t status;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
@@ -2279,15 +2356,17 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_decrypt_setup( &operation,
-                                           key_slot, alg ) == PSA_SUCCESS );
+                                           handle, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_set_iv( &operation,
                                     iv, iv_size ) == PSA_SUCCESS );
@@ -2317,7 +2396,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
 
 exit:
     mbedtls_free( output );
-    psa_destroy_key( key_slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -2327,7 +2406,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
                            data_t *key,
                            data_t *input )
 {
-    int key_slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     unsigned char iv[16] = {0};
@@ -2351,17 +2430,19 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_encrypt_setup( &operation1,
-                                           key_slot, alg ) == PSA_SUCCESS );
+                                           handle, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_decrypt_setup( &operation2,
-                                           key_slot, alg ) == PSA_SUCCESS );
+                                           handle, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_generate_iv( &operation1,
                                          iv, iv_size,
@@ -2404,7 +2485,7 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
 exit:
     mbedtls_free( output1 );
     mbedtls_free( output2 );
-    psa_destroy_key( key_slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -2416,7 +2497,7 @@ void cipher_verify_output_multipart( int alg_arg,
                                      data_t *input,
                                      int first_part_size )
 {
-    int key_slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     unsigned char iv[16] = {0};
@@ -2440,17 +2521,19 @@ void cipher_verify_output_multipart( int alg_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( key_slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( key_slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key->x, key->len ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_encrypt_setup( &operation1,
-                                           key_slot, alg ) == PSA_SUCCESS );
+                                           handle, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_cipher_decrypt_setup( &operation2,
-                                           key_slot, alg ) == PSA_SUCCESS );
+                                           handle, alg ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_cipher_generate_iv( &operation1,
                                          iv, iv_size,
@@ -2512,7 +2595,7 @@ void cipher_verify_output_multipart( int alg_arg,
 exit:
     mbedtls_free( output1 );
     mbedtls_free( output2 );
-    psa_destroy_key( key_slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -2525,7 +2608,7 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data,
                            data_t *input_data,
                            int expected_result_arg )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     unsigned char *output_data = NULL;
@@ -2551,16 +2634,18 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy,
                               PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
                               alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data->x, key_data->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_aead_encrypt( slot, alg,
+    TEST_ASSERT( psa_aead_encrypt( handle, alg,
                                    nonce->x, nonce->len,
                                    additional_data->x,
                                    additional_data->len,
@@ -2572,7 +2657,7 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data,
     {
         ASSERT_ALLOC( output_data2, output_length );
 
-        TEST_ASSERT( psa_aead_decrypt( slot, alg,
+        TEST_ASSERT( psa_aead_decrypt( handle, alg,
                                        nonce->x, nonce->len,
                                        additional_data->x,
                                        additional_data->len,
@@ -2585,7 +2670,7 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data,
     }
 
 exit:
-    psa_destroy_key( slot );
+    psa_destroy_key( handle );
     mbedtls_free( output_data );
     mbedtls_free( output_data2 );
     mbedtls_psa_crypto_free( );
@@ -2600,7 +2685,7 @@ void aead_encrypt( int key_type_arg, data_t *key_data,
                    data_t *input_data,
                    data_t *expected_result )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     unsigned char *output_data = NULL;
@@ -2625,15 +2710,17 @@ void aead_encrypt( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data->x,
                                  key_data->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_aead_encrypt( slot, alg,
+    TEST_ASSERT( psa_aead_encrypt( handle, alg,
                                    nonce->x, nonce->len,
                                    additional_data->x, additional_data->len,
                                    input_data->x, input_data->len,
@@ -2644,7 +2731,7 @@ void aead_encrypt( int key_type_arg, data_t *key_data,
                     output_data, output_length );
 
 exit:
-    psa_destroy_key( slot );
+    psa_destroy_key( handle );
     mbedtls_free( output_data );
     mbedtls_psa_crypto_free( );
 }
@@ -2659,7 +2746,7 @@ void aead_decrypt( int key_type_arg, data_t *key_data,
                    data_t *expected_data,
                    int expected_result_arg )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     unsigned char *output_data = NULL;
@@ -2685,15 +2772,17 @@ void aead_decrypt( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data->x,
                                  key_data->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_aead_decrypt( slot, alg,
+    TEST_ASSERT( psa_aead_decrypt( handle, alg,
                                    nonce->x, nonce->len,
                                    additional_data->x,
                                    additional_data->len,
@@ -2706,7 +2795,7 @@ void aead_decrypt( int key_type_arg, data_t *key_data,
                         output_data, output_length );
 
 exit:
-    psa_destroy_key( slot );
+    psa_destroy_key( handle );
     mbedtls_free( output_data );
     mbedtls_psa_crypto_free( );
 }
@@ -2732,7 +2821,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
                          int alg_arg, data_t *input_data,
                          data_t *output_data )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     size_t key_bits;
@@ -2750,14 +2839,17 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type,
+                                   KEY_BITS_FROM_DATA( key_type, key_data ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data->x,
                                  key_data->len ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_get_key_information( slot,
+    TEST_ASSERT( psa_get_key_information( handle,
                                           NULL,
                                           &key_bits ) == PSA_SUCCESS );
 
@@ -2770,7 +2862,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
     ASSERT_ALLOC( signature, signature_size );
 
     /* Perform the signature. */
-    TEST_ASSERT( psa_asymmetric_sign( slot, alg,
+    TEST_ASSERT( psa_asymmetric_sign( handle, alg,
                                       input_data->x, input_data->len,
                                       signature, signature_size,
                                       &signature_length ) == PSA_SUCCESS );
@@ -2779,7 +2871,7 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
                     signature, signature_length );
 
 exit:
-    psa_destroy_key( slot );
+    psa_destroy_key( handle );
     mbedtls_free( signature );
     mbedtls_psa_crypto_free( );
 }
@@ -2790,7 +2882,7 @@ void sign_fail( int key_type_arg, data_t *key_data,
                 int alg_arg, data_t *input_data,
                 int signature_size_arg, int expected_status_arg )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     size_t signature_size = signature_size_arg;
@@ -2809,15 +2901,18 @@ void sign_fail( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type,
+                                   KEY_BITS_FROM_DATA( key_type, key_data ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data->x,
                                  key_data->len ) == PSA_SUCCESS );
 
-    actual_status = psa_asymmetric_sign( slot, alg,
+    actual_status = psa_asymmetric_sign( handle, alg,
                                          input_data->x, input_data->len,
                                          signature, signature_size,
                                          &signature_length );
@@ -2829,7 +2924,7 @@ void sign_fail( int key_type_arg, data_t *key_data,
     TEST_ASSERT( signature_length <= signature_size );
 
 exit:
-    psa_destroy_key( slot );
+    psa_destroy_key( handle );
     mbedtls_free( signature );
     mbedtls_psa_crypto_free( );
 }
@@ -2839,7 +2934,7 @@ exit:
 void sign_verify( int key_type_arg, data_t *key_data,
                   int alg_arg, data_t *input_data )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     size_t key_bits;
@@ -2850,16 +2945,19 @@ void sign_verify( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type,
+                                   KEY_BITS_FROM_DATA( key_type, key_data ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy,
                               PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY,
                               alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data->x,
                                  key_data->len ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_get_key_information( slot,
+    TEST_ASSERT( psa_get_key_information( handle,
                                           NULL,
                                           &key_bits ) == PSA_SUCCESS );
 
@@ -2872,7 +2970,7 @@ void sign_verify( int key_type_arg, data_t *key_data,
     ASSERT_ALLOC( signature, signature_size );
 
     /* Perform the signature. */
-    TEST_ASSERT( psa_asymmetric_sign( slot, alg,
+    TEST_ASSERT( psa_asymmetric_sign( handle, alg,
                                       input_data->x, input_data->len,
                                       signature, signature_size,
                                       &signature_length ) == PSA_SUCCESS );
@@ -2882,7 +2980,7 @@ void sign_verify( int key_type_arg, data_t *key_data,
 
     /* Use the library to verify that the signature is correct. */
     TEST_ASSERT( psa_asymmetric_verify(
-                     slot, alg,
+                     handle, alg,
                      input_data->x, input_data->len,
                      signature, signature_length ) == PSA_SUCCESS );
 
@@ -2893,14 +2991,14 @@ void sign_verify( int key_type_arg, data_t *key_data,
          * because ECDSA may ignore the last few bits of the input. */
         input_data->x[0] ^= 1;
         TEST_ASSERT( psa_asymmetric_verify(
-                         slot, alg,
+                         handle, alg,
                          input_data->x, input_data->len,
                          signature,
                          signature_length ) == PSA_ERROR_INVALID_SIGNATURE );
     }
 
 exit:
-    psa_destroy_key( slot );
+    psa_destroy_key( handle );
     mbedtls_free( signature );
     mbedtls_psa_crypto_free( );
 }
@@ -2911,7 +3009,7 @@ void asymmetric_verify( int key_type_arg, data_t *key_data,
                         int alg_arg, data_t *hash_data,
                         data_t *signature_data )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     psa_key_policy_t policy;
@@ -2927,20 +3025,23 @@ void asymmetric_verify( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type,
+                                   KEY_BITS_FROM_DATA( key_type, key_data ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data->x,
                                  key_data->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_asymmetric_verify( slot, alg,
+    TEST_ASSERT( psa_asymmetric_verify( handle, alg,
                                         hash_data->x, hash_data->len,
                                         signature_data->x,
                                         signature_data->len ) == PSA_SUCCESS );
 exit:
-    psa_destroy_key( slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -2951,7 +3052,7 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
                              data_t *signature_data,
                              int expected_status_arg )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     psa_status_t actual_status;
@@ -2967,15 +3068,18 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type,
+                                   KEY_BITS_FROM_DATA( key_type, key_data ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data->x,
                                  key_data->len ) == PSA_SUCCESS );
 
-    actual_status = psa_asymmetric_verify( slot, alg,
+    actual_status = psa_asymmetric_verify( handle, alg,
                                            hash_data->x, hash_data->len,
                                            signature_data->x,
                                            signature_data->len );
@@ -2983,7 +3087,7 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
     TEST_ASSERT( actual_status == expected_status );
 
 exit:
-    psa_destroy_key( slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -2997,7 +3101,7 @@ void asymmetric_encrypt( int key_type_arg,
                          int expected_output_length_arg,
                          int expected_status_arg )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     size_t expected_output_length = expected_output_length_arg;
@@ -3011,23 +3115,27 @@ void asymmetric_encrypt( int key_type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+
     /* Import the key */
+    TEST_ASSERT( psa_allocate_key( key_type,
+                                   KEY_BITS_FROM_DATA( key_type, key_data ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_import_key( slot, key_type,
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data->x,
                                  key_data->len ) == PSA_SUCCESS );
 
     /* Determine the maximum output length */
-    TEST_ASSERT( psa_get_key_information( slot,
+    TEST_ASSERT( psa_get_key_information( handle,
                                           NULL,
                                           &key_bits ) == PSA_SUCCESS );
     output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
     ASSERT_ALLOC( output, output_size );
 
     /* Encrypt the input */
-    actual_status = psa_asymmetric_encrypt( slot, alg,
+    actual_status = psa_asymmetric_encrypt( handle, alg,
                                             input_data->x, input_data->len,
                                             label->x, label->len,
                                             output, output_size,
@@ -3042,7 +3150,7 @@ void asymmetric_encrypt( int key_type_arg,
         output_length = ~0;
         if( output_size != 0 )
             memset( output, 0, output_size );
-        actual_status = psa_asymmetric_encrypt( slot, alg,
+        actual_status = psa_asymmetric_encrypt( handle, alg,
                                                 input_data->x, input_data->len,
                                                 NULL, label->len,
                                                 output, output_size,
@@ -3052,7 +3160,7 @@ void asymmetric_encrypt( int key_type_arg,
     }
 
 exit:
-    psa_destroy_key( slot );
+    psa_destroy_key( handle );
     mbedtls_free( output );
     mbedtls_psa_crypto_free( );
 }
@@ -3065,7 +3173,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg,
                                  data_t *input_data,
                                  data_t *label )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     size_t key_bits;
@@ -3084,19 +3192,22 @@ void asymmetric_encrypt_decrypt( int key_type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type,
+                                   KEY_BITS_FROM_DATA( key_type, key_data ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy,
                               PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
                               alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data->x,
                                  key_data->len ) == PSA_SUCCESS );
 
 
     /* Determine the maximum ciphertext length */
-    TEST_ASSERT( psa_get_key_information( slot,
+    TEST_ASSERT( psa_get_key_information( handle,
                                           NULL,
                                           &key_bits ) == PSA_SUCCESS );
     output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
@@ -3107,7 +3218,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg,
     /* We test encryption by checking that encrypt-then-decrypt gives back
      * the original plaintext because of the non-optional random
      * part of encryption process which prevents using fixed vectors. */
-    TEST_ASSERT( psa_asymmetric_encrypt( slot, alg,
+    TEST_ASSERT( psa_asymmetric_encrypt( handle, alg,
                                          input_data->x, input_data->len,
                                          label->x, label->len,
                                          output, output_size,
@@ -3116,7 +3227,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg,
      * it looks sensible. */
     TEST_ASSERT( output_length <= output_size );
 
-    TEST_ASSERT( psa_asymmetric_decrypt( slot, alg,
+    TEST_ASSERT( psa_asymmetric_decrypt( handle, alg,
                                          output, output_length,
                                          label->x, label->len,
                                          output2, output2_size,
@@ -3125,7 +3236,7 @@ void asymmetric_encrypt_decrypt( int key_type_arg,
                     output2, output2_length );
 
 exit:
-    psa_destroy_key( slot );
+    psa_destroy_key( handle );
     mbedtls_free( output );
     mbedtls_free( output2 );
     mbedtls_psa_crypto_free( );
@@ -3140,7 +3251,7 @@ void asymmetric_decrypt( int key_type_arg,
                          data_t *label,
                          data_t *expected_data )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     unsigned char *output = NULL;
@@ -3160,15 +3271,18 @@ void asymmetric_decrypt( int key_type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type,
+                                   KEY_BITS_FROM_DATA( key_type, key_data ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data->x,
                                  key_data->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_asymmetric_decrypt( slot, alg,
+    TEST_ASSERT( psa_asymmetric_decrypt( handle, alg,
                                          input_data->x, input_data->len,
                                          label->x, label->len,
                                          output,
@@ -3184,7 +3298,7 @@ void asymmetric_decrypt( int key_type_arg,
         output_length = ~0;
         if( output_size != 0 )
             memset( output, 0, output_size );
-        TEST_ASSERT( psa_asymmetric_decrypt( slot, alg,
+        TEST_ASSERT( psa_asymmetric_decrypt( handle, alg,
                                              input_data->x, input_data->len,
                                              NULL, label->len,
                                              output,
@@ -3195,7 +3309,7 @@ void asymmetric_decrypt( int key_type_arg,
     }
 
 exit:
-    psa_destroy_key( slot );
+    psa_destroy_key( handle );
     mbedtls_free( output );
     mbedtls_psa_crypto_free( );
 }
@@ -3209,7 +3323,7 @@ void asymmetric_decrypt_fail( int key_type_arg,
                               data_t *label,
                               int expected_status_arg  )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     unsigned char *output = NULL;
@@ -3229,15 +3343,18 @@ void asymmetric_decrypt_fail( int key_type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type,
+                                   KEY_BITS_FROM_DATA( key_type, key_data ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data->x,
                                  key_data->len ) == PSA_SUCCESS );
 
-    actual_status = psa_asymmetric_decrypt( slot, alg,
+    actual_status = psa_asymmetric_decrypt( handle, alg,
                                             input_data->x, input_data->len,
                                             label->x, label->len,
                                             output, output_size,
@@ -3252,7 +3369,7 @@ void asymmetric_decrypt_fail( int key_type_arg,
         output_length = ~0;
         if( output_size != 0 )
             memset( output, 0, output_size );
-        actual_status = psa_asymmetric_decrypt( slot, alg,
+        actual_status = psa_asymmetric_decrypt( handle, alg,
                                                 input_data->x, input_data->len,
                                                 NULL, label->len,
                                                 output, output_size,
@@ -3262,7 +3379,7 @@ void asymmetric_decrypt_fail( int key_type_arg,
     }
 
 exit:
-    psa_destroy_key( slot );
+    psa_destroy_key( handle );
     mbedtls_free( output );
     mbedtls_psa_crypto_free( );
 }
@@ -3277,7 +3394,7 @@ void derive_setup( int key_type_arg,
                    int requested_capacity_arg,
                    int expected_status_arg )
 {
-    psa_key_slot_t slot = 1;
+    psa_key_handle_t handle = 0;
     size_t key_type = key_type_arg;
     psa_algorithm_t alg = alg_arg;
     size_t requested_capacity = requested_capacity_arg;
@@ -3287,22 +3404,24 @@ void derive_setup( int key_type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( slot, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data->x,
                                  key_data->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_key_derivation( &generator, slot, alg,
+    TEST_ASSERT( psa_key_derivation( &generator, handle, alg,
                                      salt->x, salt->len,
                                      label->x, label->len,
                                      requested_capacity ) == expected_status );
 
 exit:
     psa_generator_abort( &generator );
-    psa_destroy_key( slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -3310,7 +3429,7 @@ exit:
 /* BEGIN_CASE */
 void test_derive_invalid_generator_state( )
 {
-    psa_key_slot_t base_key = 1;
+    psa_key_handle_t handle = 0;
     size_t key_type = PSA_KEY_TYPE_DERIVE;
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
     psa_algorithm_t alg = PSA_ALG_HKDF( PSA_ALG_SHA_256 );
@@ -3323,22 +3442,25 @@ void test_derive_invalid_generator_state( )
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( key_type,
+                                   PSA_BYTES_TO_BITS( sizeof( key_data ) ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
-    TEST_ASSERT( psa_set_key_policy( base_key, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( base_key, key_type,
+    TEST_ASSERT( psa_import_key( handle, key_type,
                                  key_data,
                                  sizeof( key_data ) ) == PSA_SUCCESS );
 
     /* valid key derivation */
-    TEST_ASSERT(  psa_key_derivation( &generator, base_key, alg,
+    TEST_ASSERT(  psa_key_derivation( &generator, handle, alg,
                                       NULL, 0,
                                       NULL, 0,
                                       capacity ) == PSA_SUCCESS );
 
     /* state of generator shouldn't allow additional generation */
-    TEST_ASSERT(  psa_key_derivation( &generator, base_key, alg,
+    TEST_ASSERT(  psa_key_derivation( &generator, handle, alg,
                                       NULL, 0,
                                       NULL, 0,
                                       capacity ) == PSA_ERROR_BAD_STATE );
@@ -3352,7 +3474,7 @@ void test_derive_invalid_generator_state( )
 
 exit:
     psa_generator_abort( &generator );
-    psa_destroy_key( base_key );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -3394,7 +3516,7 @@ void derive_output( int alg_arg,
                     data_t *expected_output1,
                     data_t *expected_output2 )
 {
-    psa_key_slot_t slot = 1;
+    psa_key_handle_t handle = 0;
     psa_algorithm_t alg = alg_arg;
     size_t requested_capacity = requested_capacity_arg;
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
@@ -3420,16 +3542,19 @@ void derive_output( int alg_arg,
     ASSERT_ALLOC( output_buffer, output_buffer_size );
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
+                                   PSA_BYTES_TO_BITS( key_data->len ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( slot, PSA_KEY_TYPE_DERIVE,
+    TEST_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_DERIVE,
                                  key_data->x,
                                  key_data->len ) == PSA_SUCCESS );
 
     /* Extraction phase. */
-    TEST_ASSERT( psa_key_derivation( &generator, slot, alg,
+    TEST_ASSERT( psa_key_derivation( &generator, handle, alg,
                                      salt->x, salt->len,
                                      label->x, label->len,
                                      requested_capacity ) == PSA_SUCCESS );
@@ -3477,7 +3602,7 @@ void derive_output( int alg_arg,
 exit:
     mbedtls_free( output_buffer );
     psa_generator_abort( &generator );
-    psa_destroy_key( slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -3489,7 +3614,7 @@ void derive_full( int alg_arg,
                   data_t *label,
                   int requested_capacity_arg )
 {
-    psa_key_slot_t slot = 1;
+    psa_key_handle_t handle = 0;
     psa_algorithm_t alg = alg_arg;
     size_t requested_capacity = requested_capacity_arg;
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
@@ -3500,16 +3625,19 @@ void derive_full( int alg_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
+                                   PSA_BYTES_TO_BITS( key_data->len ),
+                                   &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( slot, PSA_KEY_TYPE_DERIVE,
+    TEST_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_DERIVE,
                                  key_data->x,
                                  key_data->len ) == PSA_SUCCESS );
 
     /* Extraction phase. */
-    TEST_ASSERT( psa_key_derivation( &generator, slot, alg,
+    TEST_ASSERT( psa_key_derivation( &generator, handle, alg,
                                      salt->x, salt->len,
                                      label->x, label->len,
                                      requested_capacity ) == PSA_SUCCESS );
@@ -3543,7 +3671,7 @@ void derive_full( int alg_arg,
 
 exit:
     psa_generator_abort( &generator );
-    psa_destroy_key( slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -3558,8 +3686,8 @@ void derive_key_exercise( int alg_arg,
                           int derived_usage_arg,
                           int derived_alg_arg )
 {
-    psa_key_slot_t base_key = 1;
-    psa_key_slot_t derived_key = 2;
+    psa_key_handle_t base_handle = 0;
+    psa_key_handle_t derived_handle = 0;
     psa_algorithm_t alg = alg_arg;
     psa_key_type_t derived_type = derived_type_arg;
     size_t derived_bits = derived_bits_arg;
@@ -3573,40 +3701,45 @@ void derive_key_exercise( int alg_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
+                                   PSA_BYTES_TO_BITS( key_data->len ),
+                                   &base_handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
-    TEST_ASSERT( psa_set_key_policy( base_key, &policy ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_import_key( base_key, PSA_KEY_TYPE_DERIVE,
+    TEST_ASSERT( psa_set_key_policy( base_handle, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE,
                                  key_data->x,
                                  key_data->len ) == PSA_SUCCESS );
 
     /* Derive a key. */
-    TEST_ASSERT( psa_key_derivation( &generator, base_key, alg,
+    TEST_ASSERT( psa_key_derivation( &generator, base_handle, alg,
                                      salt->x, salt->len,
                                      label->x, label->len,
                                      capacity ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_allocate_key( derived_type, derived_bits,
+                                   &derived_handle ) == PSA_SUCCESS );
     psa_key_policy_set_usage( &policy, derived_usage, derived_alg );
-    TEST_ASSERT( psa_set_key_policy( derived_key, &policy ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_generator_import_key( derived_key,
+    TEST_ASSERT( psa_set_key_policy( derived_handle, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_generator_import_key( derived_handle,
                                            derived_type,
                                            derived_bits,
                                            &generator ) == PSA_SUCCESS );
 
     /* Test the key information */
-    TEST_ASSERT( psa_get_key_information( derived_key,
+    TEST_ASSERT( psa_get_key_information( derived_handle,
                                           &got_type,
                                           &got_bits ) == PSA_SUCCESS );
     TEST_ASSERT( got_type == derived_type );
     TEST_ASSERT( got_bits == derived_bits );
 
     /* Exercise the derived key. */
-    if( ! exercise_key( derived_key, derived_usage, derived_alg ) )
+    if( ! exercise_key( derived_handle, derived_usage, derived_alg ) )
         goto exit;
 
 exit:
     psa_generator_abort( &generator );
-    psa_destroy_key( base_key );
-    psa_destroy_key( derived_key );
+    psa_destroy_key( base_handle );
+    psa_destroy_key( derived_handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -3619,10 +3752,11 @@ void derive_key_export( int alg_arg,
                         int bytes1_arg,
                         int bytes2_arg )
 {
-    psa_key_slot_t base_key = 1;
-    psa_key_slot_t derived_key = 2;
+    psa_key_handle_t base_handle = 0;
+    psa_key_handle_t derived_handle = 0;
     psa_algorithm_t alg = alg_arg;
     size_t bytes1 = bytes1_arg;
+    size_t derived_bits = PSA_BYTES_TO_BITS( bytes1 );
     size_t bytes2 = bytes2_arg;
     size_t capacity = bytes1 + bytes2;
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
@@ -3635,15 +3769,18 @@ void derive_key_export( int alg_arg,
     ASSERT_ALLOC( export_buffer, capacity );
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
+                                   PSA_BYTES_TO_BITS( key_data->len ),
+                                   &base_handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
-    TEST_ASSERT( psa_set_key_policy( base_key, &policy ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_import_key( base_key, PSA_KEY_TYPE_DERIVE,
+    TEST_ASSERT( psa_set_key_policy( base_handle, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE,
                                  key_data->x,
                                  key_data->len ) == PSA_SUCCESS );
 
     /* Derive some material and output it. */
-    TEST_ASSERT( psa_key_derivation( &generator, base_key, alg,
+    TEST_ASSERT( psa_key_derivation( &generator, base_handle, alg,
                                      salt->x, salt->len,
                                      label->x, label->len,
                                      capacity ) == PSA_SUCCESS );
@@ -3653,27 +3790,32 @@ void derive_key_export( int alg_arg,
     TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS );
 
     /* Derive the same output again, but this time store it in key objects. */
-    TEST_ASSERT( psa_key_derivation( &generator, base_key, alg,
+    TEST_ASSERT( psa_key_derivation( &generator, base_handle, alg,
                                      salt->x, salt->len,
                                      label->x, label->len,
                                      capacity ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, derived_bits,
+                                   &derived_handle ) == PSA_SUCCESS );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 );
-    TEST_ASSERT( psa_set_key_policy( derived_key, &policy ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_generator_import_key( derived_key,
+    TEST_ASSERT( psa_set_key_policy( derived_handle, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_generator_import_key( derived_handle,
                                            PSA_KEY_TYPE_RAW_DATA,
-                                           PSA_BYTES_TO_BITS( bytes1 ),
+                                           derived_bits,
                                            &generator ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_export_key( derived_key,
+    TEST_ASSERT( psa_export_key( derived_handle,
                                  export_buffer, bytes1,
                                  &length ) == PSA_SUCCESS );
     TEST_ASSERT( length == bytes1 );
-    TEST_ASSERT( psa_destroy_key( derived_key ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_set_key_policy( derived_key, &policy ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_generator_import_key( derived_key,
+    TEST_ASSERT( psa_destroy_key( derived_handle ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA,
+                                   PSA_BYTES_TO_BITS( bytes2 ),
+                                   &derived_handle ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( derived_handle, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_generator_import_key( derived_handle,
                                            PSA_KEY_TYPE_RAW_DATA,
                                            PSA_BYTES_TO_BITS( bytes2 ),
                                            &generator ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_export_key( derived_key,
+    TEST_ASSERT( psa_export_key( derived_handle,
                                  export_buffer + bytes1, bytes2,
                                  &length ) == PSA_SUCCESS );
     TEST_ASSERT( length == bytes2 );
@@ -3685,8 +3827,8 @@ exit:
     mbedtls_free( output_buffer );
     mbedtls_free( export_buffer );
     psa_generator_abort( &generator );
-    psa_destroy_key( base_key );
-    psa_destroy_key( derived_key );
+    psa_destroy_key( base_handle );
+    psa_destroy_key( derived_handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -3697,7 +3839,7 @@ void key_agreement_setup( int alg_arg,
                           data_t *peer_key_data,
                           int expected_status_arg )
 {
-    psa_key_slot_t our_key = 1;
+    psa_key_handle_t our_key = 0;
     psa_algorithm_t alg = alg_arg;
     psa_key_type_t our_key_type = our_key_type_arg;
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
@@ -3705,6 +3847,10 @@ void key_agreement_setup( int alg_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( our_key_type,
+                                   KEY_BITS_FROM_DATA( our_key_type,
+                                                       our_key_data ),
+                                   &our_key ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
     TEST_ASSERT( psa_set_key_policy( our_key, &policy ) == PSA_SUCCESS );
@@ -3730,7 +3876,7 @@ void key_agreement_capacity( int alg_arg,
                              data_t *peer_key_data,
                              int expected_capacity_arg )
 {
-    psa_key_slot_t our_key = 1;
+    psa_key_handle_t our_key = 0;
     psa_algorithm_t alg = alg_arg;
     psa_key_type_t our_key_type = our_key_type_arg;
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
@@ -3740,6 +3886,10 @@ void key_agreement_capacity( int alg_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( our_key_type,
+                                   KEY_BITS_FROM_DATA( our_key_type,
+                                                       our_key_data ),
+                                   &our_key ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
     TEST_ASSERT( psa_set_key_policy( our_key, &policy ) == PSA_SUCCESS );
@@ -3784,7 +3934,7 @@ void key_agreement_output( int alg_arg,
                            data_t *peer_key_data,
                            data_t *expected_output1, data_t *expected_output2 )
 {
-    psa_key_slot_t our_key = 1;
+    psa_key_handle_t our_key = 0;
     psa_algorithm_t alg = alg_arg;
     psa_key_type_t our_key_type = our_key_type_arg;
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
@@ -3796,6 +3946,10 @@ void key_agreement_output( int alg_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( our_key_type,
+                                   KEY_BITS_FROM_DATA( our_key_type,
+                                                       our_key_data ),
+                                   &our_key ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
     TEST_ASSERT( psa_set_key_policy( our_key, &policy ) == PSA_SUCCESS );
@@ -3889,7 +4043,7 @@ void generate_key( int type_arg,
                    int alg_arg,
                    int expected_status_arg )
 {
-    int slot = 1;
+    psa_key_handle_t handle = 0;
     psa_key_type_t type = type_arg;
     psa_key_usage_t usage = usage_arg;
     size_t bits = bits_arg;
@@ -3903,16 +4057,17 @@ void generate_key( int type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
+    TEST_ASSERT( psa_allocate_key( type, bits, &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, usage, alg );
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
     /* Generate a key */
-    TEST_ASSERT( psa_generate_key( slot, type, bits,
+    TEST_ASSERT( psa_generate_key( handle, type, bits,
                                    NULL, 0 ) == expected_status );
 
     /* Test the key information */
-    TEST_ASSERT( psa_get_key_information( slot,
+    TEST_ASSERT( psa_get_key_information( handle,
                                           &got_type,
                                           &got_bits ) == expected_info_status );
     if( expected_info_status != PSA_SUCCESS )
@@ -3921,11 +4076,11 @@ void generate_key( int type_arg,
     TEST_ASSERT( got_bits == bits );
 
     /* Do something with the key according to its type and permitted usage. */
-    if( ! exercise_key( slot, usage, alg ) )
+    if( ! exercise_key( handle, usage, alg ) )
         goto exit;
 
 exit:
-    psa_destroy_key( slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
 }
 /* END_CASE */
@@ -3936,8 +4091,8 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg,
                                            int alg_arg, int generation_method,
                                            int export_status )
 {
-    psa_key_slot_t slot = 1;
-    psa_key_slot_t base_key = 2;
+    psa_key_handle_t handle = 0;
+    psa_key_handle_t base_key;
     psa_key_type_t type = (psa_key_type_t) type_arg;
     psa_key_type_t type_get;
     size_t bits_get;
@@ -3959,33 +4114,34 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg,
 
     TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_set_key_lifetime(
-        slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS );
-
+    TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, 1,
+                                 type, bits,
+                                 &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy_set );
-
     psa_key_policy_set_usage( &policy_set, policy_usage,
                               policy_alg );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy_set ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_set_key_policy( slot, &policy_set ) == PSA_SUCCESS );
     switch( generation_method )
     {
         case IMPORT_KEY:
             /* Import the key */
-            TEST_ASSERT( psa_import_key( slot, type,
+            TEST_ASSERT( psa_import_key( handle, type,
                                          data->x, data->len ) == PSA_SUCCESS );
             break;
 
         case GENERATE_KEY:
             /* Generate a key */
-            TEST_ASSERT( psa_generate_key( slot, type, bits,
+            TEST_ASSERT( psa_generate_key( handle, type, bits,
                                            NULL, 0 ) == PSA_SUCCESS );
             break;
 
         case DERIVE_KEY:
             /* Create base key */
+            TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
+                                           PSA_BYTES_TO_BITS( data->len ),
+                                           &base_key ) == PSA_SUCCESS );
             psa_key_policy_init( &base_policy_set );
-
             psa_key_policy_set_usage( &base_policy_set, PSA_KEY_USAGE_DERIVE,
                                       base_policy_alg );
             TEST_ASSERT( psa_set_key_policy(
@@ -3998,38 +4154,35 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg,
                                              NULL, 0, NULL, 0,
                                              export_size ) == PSA_SUCCESS );
             TEST_ASSERT( psa_generator_import_key(
-                slot, PSA_KEY_TYPE_RAW_DATA,
+                handle, PSA_KEY_TYPE_RAW_DATA,
                 bits, &generator ) == PSA_SUCCESS );
             break;
     }
 
     /* Export the key */
-    TEST_ASSERT( psa_export_key( slot, first_export, export_size,
+    TEST_ASSERT( psa_export_key( handle, first_export, export_size,
                                  &first_exported_length ) == export_status );
 
     /* Shutdown and restart */
     mbedtls_psa_crypto_free();
-
     TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
 
-    /* Mark slot as persistent again */
-    TEST_ASSERT( psa_set_key_lifetime(
-        slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS );
-
     /* Check key slot still contains key data */
+    TEST_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, 1,
+                               &handle ) == PSA_SUCCESS );
     TEST_ASSERT( psa_get_key_information(
-        slot, &type_get, &bits_get ) == PSA_SUCCESS );
+        handle, &type_get, &bits_get ) == PSA_SUCCESS );
     TEST_ASSERT( type_get == type );
     TEST_ASSERT( bits_get == (size_t) bits );
 
-    TEST_ASSERT( psa_get_key_policy( slot, &policy_get ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_get_key_policy( handle, &policy_get ) == PSA_SUCCESS );
     TEST_ASSERT( psa_key_policy_get_usage(
         &policy_get ) == policy_usage );
     TEST_ASSERT( psa_key_policy_get_algorithm(
         &policy_get ) == policy_alg );
 
     /* Export the key again */
-    TEST_ASSERT( psa_export_key( slot, second_export, export_size,
+    TEST_ASSERT( psa_export_key( handle, second_export, export_size,
                                  &second_exported_length ) == export_status );
 
     if( export_status == PSA_SUCCESS )
@@ -4049,13 +4202,13 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg,
     }
 
     /* Do something with the key according to its type and permitted usage. */
-    if( ! exercise_key( slot, policy_usage, policy_alg ) )
+    if( ! exercise_key( handle, policy_usage, policy_alg ) )
         goto exit;
 
 exit:
     mbedtls_free( first_export );
     mbedtls_free( second_export );
-    psa_destroy_key( slot );
+    psa_destroy_key( handle );
     mbedtls_psa_crypto_free();
 }
 /* END_CASE */

From b0edfb513b2f256507650a48b35b69891f940f76 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 3 Dec 2018 16:24:51 +0100
Subject: [PATCH 847/889] Convert the PSA example programs to the new handle
 API

Switch from the direct use of slot numbers to handles allocated by
psa_allocate_key.
---
 programs/psa/crypto_examples.c |  56 ++++++++------
 programs/psa/key_ladder_demo.c | 136 +++++++++++++++++++++------------
 2 files changed, 121 insertions(+), 71 deletions(-)

diff --git a/programs/psa/crypto_examples.c b/programs/psa/crypto_examples.c
index 72c41fa79..53b6b2ae7 100644
--- a/programs/psa/crypto_examples.c
+++ b/programs/psa/crypto_examples.c
@@ -44,10 +44,7 @@ int main( void )
 }
 #else
 
-/* Use key slot 1 for our cipher key. Key slot 0 is reserved as unused. */
-static const psa_key_slot_t key_slot_cipher = 1;
-
-static psa_status_t set_key_policy( psa_key_slot_t key_slot,
+static psa_status_t set_key_policy( psa_key_handle_t key_handle,
                                     psa_key_usage_t key_usage,
                                     psa_algorithm_t alg )
 {
@@ -56,7 +53,7 @@ static psa_status_t set_key_policy( psa_key_slot_t key_slot,
 
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, key_usage, alg );
-    status = psa_set_key_policy( key_slot, &policy );
+    status = psa_set_key_policy( key_handle, &policy );
     ASSERT_STATUS( status, PSA_SUCCESS );
 exit:
     return( status );
@@ -98,7 +95,7 @@ exit:
     return( status );
 }
 
-static psa_status_t cipher_encrypt( psa_key_slot_t key_slot,
+static psa_status_t cipher_encrypt( psa_key_handle_t key_handle,
                                     psa_algorithm_t alg,
                                     uint8_t * iv,
                                     size_t iv_size,
@@ -114,7 +111,7 @@ static psa_status_t cipher_encrypt( psa_key_slot_t key_slot,
     size_t iv_len = 0;
 
     memset( &operation, 0, sizeof( operation ) );
-    status = psa_cipher_encrypt_setup( &operation, key_slot, alg );
+    status = psa_cipher_encrypt_setup( &operation, key_handle, alg );
     ASSERT_STATUS( status, PSA_SUCCESS );
 
     status = psa_cipher_generate_iv( &operation, iv, iv_size, &iv_len );
@@ -129,7 +126,7 @@ exit:
     return( status );
 }
 
-static psa_status_t cipher_decrypt( psa_key_slot_t key_slot,
+static psa_status_t cipher_decrypt( psa_key_handle_t key_handle,
                                     psa_algorithm_t alg,
                                     const uint8_t * iv,
                                     size_t iv_size,
@@ -144,7 +141,7 @@ static psa_status_t cipher_decrypt( psa_key_slot_t key_slot,
     psa_cipher_operation_t operation;
 
     memset( &operation, 0, sizeof( operation ) );
-    status = psa_cipher_decrypt_setup( &operation, key_slot, alg );
+    status = psa_cipher_decrypt_setup( &operation, key_handle, alg );
     ASSERT_STATUS( status, PSA_SUCCESS );
 
     status = psa_cipher_set_iv( &operation, iv, iv_size );
@@ -170,6 +167,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void )
     const psa_algorithm_t alg = PSA_ALG_CBC_NO_PADDING;
 
     psa_status_t status;
+    psa_key_handle_t key_handle = 0;
     size_t output_len = 0;
     uint8_t iv[block_size];
     uint8_t input[block_size];
@@ -179,21 +177,24 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void )
     status = psa_generate_random( input, sizeof( input ) );
     ASSERT_STATUS( status, PSA_SUCCESS );
 
-    status = set_key_policy( key_slot_cipher,
+    status = psa_allocate_key( PSA_KEY_TYPE_AES, key_bits, &key_handle );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = set_key_policy( key_handle,
                              PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
                              alg );
     ASSERT_STATUS( status, PSA_SUCCESS );
 
-    status = psa_generate_key( key_slot_cipher, PSA_KEY_TYPE_AES, key_bits,
+    status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits,
                                NULL, 0 );
     ASSERT_STATUS( status, PSA_SUCCESS );
 
-    status = cipher_encrypt( key_slot_cipher, alg, iv, sizeof( iv ),
+    status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ),
                              input, sizeof( input ), part_size,
                              encrypt, sizeof( encrypt ), &output_len );
     ASSERT_STATUS( status, PSA_SUCCESS );
 
-    status = cipher_decrypt( key_slot_cipher, alg, iv, sizeof( iv ),
+    status = cipher_decrypt( key_handle, alg, iv, sizeof( iv ),
                              encrypt, output_len, part_size,
                              decrypt, sizeof( decrypt ), &output_len );
     ASSERT_STATUS( status, PSA_SUCCESS );
@@ -202,7 +203,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void )
     ASSERT_STATUS( status, PSA_SUCCESS );
 
 exit:
-    psa_destroy_key( key_slot_cipher );
+    psa_destroy_key( key_handle );
     return( status );
 }
 
@@ -218,6 +219,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void )
     const psa_algorithm_t alg = PSA_ALG_CBC_PKCS7;
 
     psa_status_t status;
+    psa_key_handle_t key_handle = 0;
     size_t output_len = 0;
     uint8_t iv[block_size], input[input_size],
             encrypt[input_size + block_size], decrypt[input_size + block_size];
@@ -225,21 +227,24 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void )
     status = psa_generate_random( input, sizeof( input ) );
     ASSERT_STATUS( status, PSA_SUCCESS );
 
-    status = set_key_policy( key_slot_cipher,
+    status = psa_allocate_key( PSA_KEY_TYPE_AES, key_bits, &key_handle );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+
+    status = set_key_policy( key_handle,
                              PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
                              alg );
     ASSERT_STATUS( status, PSA_SUCCESS );
 
-    status = psa_generate_key( key_slot_cipher, PSA_KEY_TYPE_AES, key_bits,
+    status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits,
                                NULL, 0 );
     ASSERT_STATUS( status, PSA_SUCCESS );
 
-    status = cipher_encrypt( key_slot_cipher, alg, iv, sizeof( iv ),
+    status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ),
                              input, sizeof( input ), part_size,
                              encrypt, sizeof( encrypt ), &output_len );
     ASSERT_STATUS( status, PSA_SUCCESS );
 
-    status = cipher_decrypt( key_slot_cipher, alg, iv, sizeof( iv ),
+    status = cipher_decrypt( key_handle, alg, iv, sizeof( iv ),
                              encrypt, output_len, part_size,
                              decrypt, sizeof( decrypt ), &output_len );
     ASSERT_STATUS( status, PSA_SUCCESS );
@@ -248,7 +253,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void )
     ASSERT_STATUS( status, PSA_SUCCESS );
 
 exit:
-    psa_destroy_key( key_slot_cipher );
+    psa_destroy_key( key_handle );
     return( status );
 }
 
@@ -263,6 +268,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void )
     const psa_algorithm_t alg = PSA_ALG_CTR;
 
     psa_status_t status;
+    psa_key_handle_t key_handle = 0;
     size_t output_len = 0;
     uint8_t iv[block_size], input[input_size], encrypt[input_size],
             decrypt[input_size];
@@ -270,21 +276,23 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void )
     status = psa_generate_random( input, sizeof( input ) );
     ASSERT_STATUS( status, PSA_SUCCESS );
 
-    status = set_key_policy( key_slot_cipher,
+    status = psa_allocate_key( PSA_KEY_TYPE_AES, key_bits, &key_handle );
+    ASSERT_STATUS( status, PSA_SUCCESS );
+    status = set_key_policy( key_handle,
                              PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
                              alg );
     ASSERT_STATUS( status, PSA_SUCCESS );
 
-    status = psa_generate_key( key_slot_cipher, PSA_KEY_TYPE_AES, key_bits,
+    status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits,
                                NULL, 0 );
     ASSERT_STATUS( status, PSA_SUCCESS );
 
-    status = cipher_encrypt( key_slot_cipher, alg, iv, sizeof( iv ),
+    status = cipher_encrypt( key_handle, alg, iv, sizeof( iv ),
                              input, sizeof( input ), part_size,
                              encrypt, sizeof( encrypt ), &output_len );
     ASSERT_STATUS( status, PSA_SUCCESS );
 
-    status = cipher_decrypt( key_slot_cipher, alg, iv, sizeof( iv ),
+    status = cipher_decrypt( key_handle, alg, iv, sizeof( iv ),
                              encrypt, output_len, part_size,
                              decrypt, sizeof( decrypt ), &output_len );
     ASSERT_STATUS( status, PSA_SUCCESS );
@@ -293,7 +301,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void )
     ASSERT_STATUS( status, PSA_SUCCESS );
 
 exit:
-    psa_destroy_key( key_slot_cipher );
+    psa_destroy_key( key_handle );
     return( status );
 }
 
diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c
index 2c75ca462..470b1fce4 100644
--- a/programs/psa/key_ladder_demo.c
+++ b/programs/psa/key_ladder_demo.c
@@ -167,15 +167,6 @@ typedef struct
     uint8_t iv[WRAPPING_IV_SIZE];
 } wrapped_data_header_t;
 
-/* This program uses three key slots: one for the master key, one to
- * derive intermediate keys, and one for the wrapping key. We use a
- * single slot for all the intermediate keys because they are only
- * needed successively, so each time we derive an intermediate key,
- * we destroy the previous one. */
-static const psa_key_slot_t master_key_slot = 1;
-static const psa_key_slot_t derived_key_slot = 2;
-static const psa_key_slot_t wrapping_key_slot = 3;
-
 /* The modes that this program can operate in (see usage). */
 enum program_mode
 {
@@ -187,7 +178,7 @@ enum program_mode
 
 /* Save a key to a file. In the real world, you may want to export a derived
  * key sometimes, to share it with another party. */
-static psa_status_t save_key( psa_key_slot_t key_slot,
+static psa_status_t save_key( psa_key_handle_t key_handle,
                               const char *output_file_name )
 {
     psa_status_t status = PSA_SUCCESS;
@@ -195,7 +186,7 @@ static psa_status_t save_key( psa_key_slot_t key_slot,
     size_t key_size;
     FILE *key_file = NULL;
 
-    PSA_CHECK( psa_export_key( key_slot,
+    PSA_CHECK( psa_export_key( key_handle,
                                key_data, sizeof( key_data ),
                                &key_size ) );
     SYS_CHECK( ( key_file = fopen( output_file_name, "wb" ) ) != NULL );
@@ -217,22 +208,27 @@ exit:
 static psa_status_t generate( const char *key_file_name )
 {
     psa_status_t status = PSA_SUCCESS;
+    psa_key_handle_t key_handle = 0;
     psa_key_policy_t policy;
 
+    PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
+                                 PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ),
+                                 &key_handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy,
                               PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT,
                               KDF_ALG );
-    PSA_CHECK( psa_set_key_policy( master_key_slot, &policy ) );
+    PSA_CHECK( psa_set_key_policy( key_handle, &policy ) );
 
-    PSA_CHECK( psa_generate_key( master_key_slot,
+    PSA_CHECK( psa_generate_key( key_handle,
                                  PSA_KEY_TYPE_DERIVE,
                                  PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ),
                                  NULL, 0 ) );
 
-    PSA_CHECK( save_key( master_key_slot, key_file_name ) );
+    PSA_CHECK( save_key( key_handle, key_file_name ) );
 
 exit:
+    (void) psa_destroy_key( key_handle );
     return( status );
 }
 
@@ -241,10 +237,10 @@ exit:
  * In the real world, this master key would be stored in an internal memory
  * and the storage would be managed by the keystore capability of the PSA
  * crypto library. */
-static psa_status_t import_key_from_file( psa_key_slot_t key_slot,
-                                          psa_key_usage_t usage,
+static psa_status_t import_key_from_file( psa_key_usage_t usage,
                                           psa_algorithm_t alg,
-                                          const char *key_file_name )
+                                          const char *key_file_name,
+                                          psa_key_handle_t *master_key_handle )
 {
     psa_status_t status = PSA_SUCCESS;
     psa_key_policy_t policy;
@@ -253,6 +249,8 @@ static psa_status_t import_key_from_file( psa_key_slot_t key_slot,
     FILE *key_file = NULL;
     unsigned char extra_byte;
 
+    *master_key_handle = 0;
+
     SYS_CHECK( ( key_file = fopen( key_file_name, "rb" ) ) != NULL );
     SYS_CHECK( ( key_size = fread( key_data, 1, sizeof( key_data ),
                                    key_file ) ) != 0 );
@@ -266,30 +264,41 @@ static psa_status_t import_key_from_file( psa_key_slot_t key_slot,
     SYS_CHECK( fclose( key_file ) == 0 );
     key_file = NULL;
 
+    PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
+                                 PSA_BYTES_TO_BITS( key_size ),
+                                 master_key_handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, usage, alg );
-    PSA_CHECK( psa_set_key_policy( key_slot, &policy ) );
-    PSA_CHECK( psa_import_key( key_slot,
+    PSA_CHECK( psa_set_key_policy( *master_key_handle, &policy ) );
+    PSA_CHECK( psa_import_key( *master_key_handle,
                                PSA_KEY_TYPE_DERIVE,
                                key_data, key_size ) );
 exit:
     if( key_file != NULL )
         fclose( key_file );
     mbedtls_platform_zeroize( key_data, sizeof( key_data ) );
+    if( status != PSA_SUCCESS )
+    {
+        /* If psa_allocate_key hasn't been called yet or has failed,
+         * *master_key_handle is 0. psa_destroy_key(0) is guaranteed to do
+         * nothing and return PSA_ERROR_INVALID_HANDLE. */
+        (void) psa_destroy_key( *master_key_handle );
+        *master_key_handle = 0;
+    }
     return( status );
 }
 
 /* Derive the intermediate keys, using the list of labels provided on
- * the command line. */
+ * the command line. On input, *key_handle is a handle to the master key.
+ * This function closes the master key. On successful output, *key_handle
+ * is a handle to the final derived key. */
 static psa_status_t derive_key_ladder( const char *ladder[],
-                                       size_t ladder_depth )
+                                       size_t ladder_depth,
+                                       psa_key_handle_t *key_handle )
 {
     psa_status_t status = PSA_SUCCESS;
     psa_key_policy_t policy;
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
-    /* We'll derive the first intermediate key from the master key, then
-     * each subsequent intemediate key from the previous intemediate key. */
-    psa_key_slot_t parent_key_slot = master_key_slot;
     size_t i;
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy,
@@ -303,63 +312,81 @@ static psa_status_t derive_key_ladder( const char *ladder[],
          * the current intermediate key (if i>0). */
         PSA_CHECK( psa_key_derivation(
                        &generator,
-                       parent_key_slot,
+                       *key_handle,
                        KDF_ALG,
                        DERIVE_KEY_SALT, DERIVE_KEY_SALT_LENGTH,
                        (uint8_t*) ladder[i], strlen( ladder[i] ),
                        KEY_SIZE_BYTES ) );
         /* When the parent key is not the master key, destroy it,
          * since it is no longer needed. */
-        if( i != 0 )
-            PSA_CHECK( psa_destroy_key( derived_key_slot ) );
-        PSA_CHECK( psa_set_key_policy( derived_key_slot, &policy ) );
+        PSA_CHECK( psa_close_key( *key_handle ) );
+        *key_handle = 0;
+        PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
+                                     PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ),
+                                     key_handle ) );
+        PSA_CHECK( psa_set_key_policy( *key_handle, &policy ) );
         /* Use the generator obtained from the parent key to create
          * the next intermediate key. */
         PSA_CHECK( psa_generator_import_key(
-                       derived_key_slot,
+                       *key_handle,
                        PSA_KEY_TYPE_DERIVE,
                        PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ),
                        &generator ) );
         PSA_CHECK( psa_generator_abort( &generator ) );
-        parent_key_slot = derived_key_slot;
     }
 
 exit:
     psa_generator_abort( &generator );
+    if( status != PSA_SUCCESS )
+    {
+        psa_close_key( *key_handle );
+        *key_handle = 0;
+    }
     return( status );
 }
 
 /* Derive a wrapping key from the last intermediate key. */
-static psa_status_t derive_wrapping_key( psa_key_usage_t usage )
+static psa_status_t derive_wrapping_key( psa_key_usage_t usage,
+                                         psa_key_handle_t derived_key_handle,
+                                         psa_key_handle_t *wrapping_key_handle )
 {
     psa_status_t status = PSA_SUCCESS;
     psa_key_policy_t policy;
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
 
+    *wrapping_key_handle = 0;
+    PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_AES, WRAPPING_KEY_BITS,
+                                 wrapping_key_handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, usage, WRAPPING_ALG );
-    PSA_CHECK( psa_set_key_policy( wrapping_key_slot, &policy ) );
+    PSA_CHECK( psa_set_key_policy( *wrapping_key_handle, &policy ) );
 
     PSA_CHECK( psa_key_derivation(
                    &generator,
-                   derived_key_slot,
+                   derived_key_handle,
                    KDF_ALG,
                    WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH,
                    NULL, 0,
                    PSA_BITS_TO_BYTES( WRAPPING_KEY_BITS ) ) );
     PSA_CHECK( psa_generator_import_key(
-                   wrapping_key_slot,
+                   *wrapping_key_handle,
                    PSA_KEY_TYPE_AES,
                    WRAPPING_KEY_BITS,
                    &generator ) );
 
 exit:
     psa_generator_abort( &generator );
+    if( status != PSA_SUCCESS )
+    {
+        psa_close_key( *wrapping_key_handle );
+        *wrapping_key_handle = 0;
+    }
     return( status );
 }
 
 static psa_status_t wrap_data( const char *input_file_name,
-                               const char *output_file_name )
+                               const char *output_file_name,
+                               psa_key_handle_t wrapping_key_handle )
 {
     psa_status_t status;
     FILE *input_file = NULL;
@@ -407,7 +434,7 @@ static psa_status_t wrap_data( const char *input_file_name,
 
     /* Wrap the data. */
     PSA_CHECK( psa_generate_random( header.iv, WRAPPING_IV_SIZE ) );
-    PSA_CHECK( psa_aead_encrypt( wrapping_key_slot, WRAPPING_ALG,
+    PSA_CHECK( psa_aead_encrypt( wrapping_key_handle, WRAPPING_ALG,
                                  header.iv, WRAPPING_IV_SIZE,
                                  (uint8_t *) &header, sizeof( header ),
                                  buffer, input_size,
@@ -435,7 +462,8 @@ exit:
 }
 
 static psa_status_t unwrap_data( const char *input_file_name,
-                                 const char *output_file_name )
+                                 const char *output_file_name,
+                                 psa_key_handle_t wrapping_key_handle )
 {
     psa_status_t status;
     FILE *input_file = NULL;
@@ -487,7 +515,7 @@ static psa_status_t unwrap_data( const char *input_file_name,
     input_file = NULL;
 
     /* Unwrap the data. */
-    PSA_CHECK( psa_aead_decrypt( wrapping_key_slot, WRAPPING_ALG,
+    PSA_CHECK( psa_aead_decrypt( wrapping_key_handle, WRAPPING_ALG,
                                  header.iv, WRAPPING_IV_SIZE,
                                  (uint8_t *) &header, sizeof( header ),
                                  buffer, ciphertext_size,
@@ -525,6 +553,8 @@ static psa_status_t run( enum program_mode mode,
                          const char *output_file_name )
 {
     psa_status_t status = PSA_SUCCESS;
+    psa_key_handle_t derivation_key_handle = 0;
+    psa_key_handle_t wrapping_key_handle = 0;
 
     /* Initialize the PSA crypto library. */
     PSA_CHECK( psa_crypto_init( ) );
@@ -534,26 +564,33 @@ static psa_status_t run( enum program_mode mode,
         return( generate( key_file_name ) );
 
     /* Read the master key. */
-    PSA_CHECK( import_key_from_file( master_key_slot,
-                                     PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT,
+    PSA_CHECK( import_key_from_file( PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT,
                                      KDF_ALG,
-                                     key_file_name ) );
+                                     key_file_name,
+                                     &derivation_key_handle ) );
 
     /* Calculate the derived key for this session. */
-    PSA_CHECK( derive_key_ladder( ladder, ladder_depth ) );
+    PSA_CHECK( derive_key_ladder( ladder, ladder_depth,
+                                  &derivation_key_handle ) );
 
     switch( mode )
     {
         case MODE_SAVE:
-            PSA_CHECK( save_key( derived_key_slot, output_file_name ) );
+            PSA_CHECK( save_key( derivation_key_handle, output_file_name ) );
             break;
         case MODE_UNWRAP:
-            PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_DECRYPT ) );
-            PSA_CHECK( unwrap_data( input_file_name, output_file_name ) );
+            PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_DECRYPT,
+                                            derivation_key_handle,
+                                            &wrapping_key_handle ) );
+            PSA_CHECK( unwrap_data( input_file_name, output_file_name,
+                                    wrapping_key_handle ) );
             break;
         case MODE_WRAP:
-            PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_ENCRYPT ) );
-            PSA_CHECK( wrap_data( input_file_name, output_file_name ) );
+            PSA_CHECK( derive_wrapping_key( PSA_KEY_USAGE_ENCRYPT,
+                                            derivation_key_handle,
+                                            &wrapping_key_handle ) );
+            PSA_CHECK( wrap_data( input_file_name, output_file_name,
+                                  wrapping_key_handle ) );
             break;
         default:
             /* Unreachable but some compilers don't realize it. */
@@ -561,6 +598,11 @@ static psa_status_t run( enum program_mode mode,
     }
 
 exit:
+    /* Close any remaining key. Deinitializing the crypto library would do
+     * this anyway, but explicitly closing handles makes the code easier
+     * to reuse. */
+    (void) psa_close_key( derivation_key_handle );
+    (void) psa_close_key( wrapping_key_handle );
     /* Deinitialize the PSA crypto library. */
     mbedtls_psa_crypto_free( );
     return( status );

From 8d4919bc6a46e93da2a62105a31bed55f147b745 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 3 Dec 2018 16:48:09 +0100
Subject: [PATCH 848/889] Persistent storage implementation: psa_key_slot_t ->
 psa_key_id_t

Move the persistent storage implementation from psa_key_slot_t to
psa_key_id_t. For the most part, this just means changing the types of
function arguments.

Update the documentation of some functions to reflect the fact that
the slot identifier is purely a storage identifier and is not related
to how the slot is designated in memory.
---
 library/psa_crypto_storage.c         |  4 ++--
 library/psa_crypto_storage.h         | 27 +++++++++++++-------------
 library/psa_crypto_storage_backend.h | 29 +++++++++++++++-------------
 library/psa_crypto_storage_file.c    | 26 ++++++++++++-------------
 library/psa_crypto_storage_its.c     | 12 ++++++------
 5 files changed, 51 insertions(+), 47 deletions(-)

diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c
index 0a5805b62..687269b07 100644
--- a/library/psa_crypto_storage.c
+++ b/library/psa_crypto_storage.c
@@ -147,7 +147,7 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data,
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_save_persistent_key( const psa_key_slot_t key,
+psa_status_t psa_save_persistent_key( const psa_key_id_t key,
                                       const psa_key_type_t type,
                                       const psa_key_policy_t *policy,
                                       const uint8_t *data,
@@ -185,7 +185,7 @@ void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length )
     mbedtls_free( key_data );
 }
 
-psa_status_t psa_load_persistent_key( psa_key_slot_t key,
+psa_status_t psa_load_persistent_key( psa_key_id_t key,
                                       psa_key_type_t *type,
                                       psa_key_policy_t *policy,
                                       uint8_t **data,
diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h
index 167b0db05..478daef8f 100644
--- a/library/psa_crypto_storage.h
+++ b/library/psa_crypto_storage.h
@@ -56,20 +56,20 @@ extern "C" {
  * already occupied non-persistent key, as well as validating the key data.
  *
  *
- * \param key           Slot number of the key to be stored. This must be a
- *                      valid slot for a key of the chosen type. This should be
- *                      an occupied key slot with an unoccupied corresponding
- *                      storage location.
+ * \param key           Persistent identifier of the key to be stored. This
+ *                      should be an unoccupied storage location.
  * \param type          Key type (a \c PSA_KEY_TYPE_XXX value).
  * \param[in] policy    The key policy to save.
  * \param[in] data      Buffer containing the key data.
  * \param data_length   The number of bytes that make up the key data.
  *
  * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
  * \retval PSA_ERROR_INSUFFICIENT_STORAGE
  * \retval PSA_ERROR_STORAGE_FAILURE
+ * \retval PSA_ERROR_OCCUPIED_SLOT
  */
-psa_status_t psa_save_persistent_key( const psa_key_slot_t key,
+psa_status_t psa_save_persistent_key( const psa_key_id_t key,
                                       const psa_key_type_t type,
                                       const psa_key_policy_t *policy,
                                       const uint8_t *data,
@@ -87,10 +87,8 @@ psa_status_t psa_save_persistent_key( const psa_key_slot_t key,
  * this function to zeroize and free this buffer, regardless of whether this
  * function succeeds or fails.
  *
- * \param key               Slot number whose content is to be loaded. This
- *                          must be an unoccupied key slot with an occupied
- *                          corresponding storage location. The key slot
- *                          lifetime must be set to persistent.
+ * \param key               Persistent identifier of the key to be loaded. This
+ *                          should be an occupied storage location.
  * \param[out] type         On success, the key type (a \c PSA_KEY_TYPE_XXX
  *                          value).
  * \param[out] policy       On success, the key's policy.
@@ -100,8 +98,9 @@ psa_status_t psa_save_persistent_key( const psa_key_slot_t key,
  * \retval PSA_SUCCESS
  * \retval PSA_ERROR_INSUFFICIENT_MEMORY
  * \retval PSA_ERROR_STORAGE_FAILURE
+ * \retval PSA_ERROR_EMPTY_SLOT
  */
-psa_status_t psa_load_persistent_key( psa_key_slot_t key,
+psa_status_t psa_load_persistent_key( psa_key_id_t key,
                                       psa_key_type_t *type,
                                       psa_key_policy_t *policy,
                                       uint8_t **data,
@@ -110,16 +109,18 @@ psa_status_t psa_load_persistent_key( psa_key_slot_t key,
 /**
  * \brief Remove persistent data for the given key slot number.
  *
- * \param key           Slot number whose content is to be removed
+ * \param key           Persistent identifier of the key to remove
  *                      from persistent storage.
  *
  * \retval PSA_SUCCESS
+ *         The key was successfully removed,
+ *         or the key did not exist.
  * \retval PSA_ERROR_STORAGE_FAILURE
  */
-psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key );
+psa_status_t psa_destroy_persistent_key( const psa_key_id_t key );
 
 /**
- * \brief Zeroizes and frees the given buffer.
+ * \brief Free the temporary buffer allocated by psa_load_persistent_key().
  *
  * This function must be called at some point after psa_load_persistent_key()
  * to zeroize and free the memory allocated to the buffer in that function.
diff --git a/library/psa_crypto_storage_backend.h b/library/psa_crypto_storage_backend.h
index 3ca9a1d74..47896b872 100644
--- a/library/psa_crypto_storage_backend.h
+++ b/library/psa_crypto_storage_backend.h
@@ -47,15 +47,16 @@ extern "C" {
  * This function reads data from a storage backend and returns the data in a
  * buffer.
  *
- * \param key              Slot number whose content is to be loaded. This must
- *                         be a key slot whose lifetime is set to persistent.
- * \param[out] data        Buffer where the data is to be written.
- * \param data_size        Size of the \c data buffer in bytes.
+ * \param key               Persistent identifier of the key to be loaded. This
+ *                          should be an occupied storage location.
+ * \param[out] data         Buffer where the data is to be written.
+ * \param data_size         Size of the \c data buffer in bytes.
  *
  * \retval PSA_SUCCESS
  * \retval PSA_ERROR_STORAGE_FAILURE
+ * \retval PSA_ERROR_EMPTY_SLOT
  */
-psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data,
+psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data,
                                       size_t data_size );
 
 /**
@@ -63,7 +64,8 @@ psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data,
  *
  * This function stores the given data buffer to a persistent storage.
  *
- * \param key           Slot number whose content is to be stored.
+ * \param key           Persistent identifier of the key to be stored. This
+ *                      should be an unoccupied storage location.
  * \param[in] data      Buffer containing the data to be stored.
  * \param data_length   The number of bytes
  *                      that make up the data.
@@ -71,8 +73,9 @@ psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data,
  * \retval PSA_SUCCESS
  * \retval PSA_ERROR_INSUFFICIENT_STORAGE
  * \retval PSA_ERROR_STORAGE_FAILURE
+ * \retval PSA_ERROR_OCCUPIED_SLOT
  */
-psa_status_t psa_crypto_storage_store( const psa_key_slot_t key,
+psa_status_t psa_crypto_storage_store( const psa_key_id_t key,
                                        const uint8_t *data,
                                        size_t data_length );
 
@@ -82,26 +85,26 @@ psa_status_t psa_crypto_storage_store( const psa_key_slot_t key,
  * This function checks if any key data or metadata exists for the key slot in
  * the persistent storage.
  *
- * \param key           Slot number whose content is to be checked.
+ * \param key           Persistent identifier to check.
  *
  * \retval 0
  *         No persistent data present for slot number
  * \retval 1
  *         Persistent data present for slot number
  */
-int psa_is_key_present_in_storage( const psa_key_slot_t key );
+int psa_is_key_present_in_storage( const psa_key_id_t key );
 
 /**
  * \brief Get data length for given key slot number.
  *
- * \param key              Slot number whose stored data length is to be obtained.
- * \param[out] data_length The number of bytes
- *                         that make up the data.
+ * \param key               Persistent identifier whose stored data length
+ *                          is to be obtained.
+ * \param[out] data_length  The number of bytes that make up the data.
  *
  * \retval PSA_SUCCESS
  * \retval PSA_ERROR_STORAGE_FAILURE
  */
-psa_status_t psa_crypto_storage_get_data_length( const psa_key_slot_t key,
+psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key,
                                                  size_t *data_length );
 
 
diff --git a/library/psa_crypto_storage_file.c b/library/psa_crypto_storage_file.c
index 03c711af3..95857fa40 100644
--- a/library/psa_crypto_storage_file.c
+++ b/library/psa_crypto_storage_file.c
@@ -48,15 +48,15 @@
 
 enum { MAX_LOCATION_LEN = sizeof(CRYPTO_STORAGE_FILE_LOCATION) + 40 };
 
-static void key_slot_to_location( const psa_key_slot_t key,
-                                  char *location,
-                                  size_t location_size )
+static void key_id_to_location( const psa_key_id_t key,
+                                char *location,
+                                size_t location_size )
 {
     mbedtls_snprintf( location, location_size,
                       CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_%d", key );
 }
 
-psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data,
+psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data,
                                       size_t data_size )
 {
     psa_status_t status = PSA_SUCCESS;
@@ -64,7 +64,7 @@ psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data,
     size_t num_read;
     char slot_location[MAX_LOCATION_LEN];
 
-    key_slot_to_location( key, slot_location, MAX_LOCATION_LEN );
+    key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
     file = fopen( slot_location, "rb" );
     if( file == NULL )
     {
@@ -81,12 +81,12 @@ exit:
     return( status );
 }
 
-int psa_is_key_present_in_storage( const psa_key_slot_t key )
+int psa_is_key_present_in_storage( const psa_key_id_t key )
 {
     char slot_location[MAX_LOCATION_LEN];
     FILE *file;
 
-    key_slot_to_location( key, slot_location, MAX_LOCATION_LEN );
+    key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
 
     file = fopen( slot_location, "r" );
     if( file == NULL )
@@ -99,7 +99,7 @@ int psa_is_key_present_in_storage( const psa_key_slot_t key )
     return( 1 );
 }
 
-psa_status_t psa_crypto_storage_store( const psa_key_slot_t key,
+psa_status_t psa_crypto_storage_store( const psa_key_id_t key,
                                        const uint8_t *data,
                                        size_t data_length )
 {
@@ -114,7 +114,7 @@ psa_status_t psa_crypto_storage_store( const psa_key_slot_t key,
      * affect actual keys. */
     const char *temp_location = CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_0";
 
-    key_slot_to_location( key, slot_location, MAX_LOCATION_LEN );
+    key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
 
     if( psa_is_key_present_in_storage( key ) == 1 )
         return( PSA_ERROR_OCCUPIED_SLOT );
@@ -154,12 +154,12 @@ exit:
     return( status );
 }
 
-psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key )
+psa_status_t psa_destroy_persistent_key( const psa_key_id_t key )
 {
     FILE *file;
     char slot_location[MAX_LOCATION_LEN];
 
-    key_slot_to_location( key, slot_location, MAX_LOCATION_LEN );
+    key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
 
     /* Only try remove the file if it exists */
     file = fopen( slot_location, "rb" );
@@ -173,7 +173,7 @@ psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key )
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_crypto_storage_get_data_length( const psa_key_slot_t key,
+psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key,
                                                  size_t *data_length )
 {
     psa_status_t status = PSA_SUCCESS;
@@ -181,7 +181,7 @@ psa_status_t psa_crypto_storage_get_data_length( const psa_key_slot_t key,
     long file_size;
     char slot_location[MAX_LOCATION_LEN];
 
-    key_slot_to_location( key, slot_location, MAX_LOCATION_LEN );
+    key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
 
     file = fopen( slot_location, "rb" );
     if( file == NULL )
diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c
index 29394b5d8..86e0e89f3 100644
--- a/library/psa_crypto_storage_its.c
+++ b/library/psa_crypto_storage_its.c
@@ -68,12 +68,12 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret )
     }
 }
 
-static uint32_t psa_its_identifier_of_slot( psa_key_slot_t key )
+static uint32_t psa_its_identifier_of_slot( psa_key_id_t key )
 {
     return( key );
 }
 
-psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data,
+psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data,
                                       size_t data_size )
 {
     psa_its_status_t ret;
@@ -92,7 +92,7 @@ psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data,
     return( status );
 }
 
-int psa_is_key_present_in_storage( const psa_key_slot_t key )
+int psa_is_key_present_in_storage( const psa_key_id_t key )
 {
     psa_its_status_t ret;
     uint32_t data_identifier = psa_its_identifier_of_slot( key );
@@ -105,7 +105,7 @@ int psa_is_key_present_in_storage( const psa_key_slot_t key )
     return( 1 );
 }
 
-psa_status_t psa_crypto_storage_store( const psa_key_slot_t key,
+psa_status_t psa_crypto_storage_store( const psa_key_id_t key,
                                        const uint8_t *data,
                                        size_t data_length )
 {
@@ -143,7 +143,7 @@ exit:
     return( status );
 }
 
-psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key )
+psa_status_t psa_destroy_persistent_key( const psa_key_id_t key )
 {
     psa_its_status_t ret;
     uint32_t data_identifier = psa_its_identifier_of_slot( key );
@@ -163,7 +163,7 @@ psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key )
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_crypto_storage_get_data_length( const psa_key_slot_t key,
+psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key,
                                                  size_t *data_length )
 {
     psa_its_status_t ret;

From a23eafce3ae5ac76ffd708afc06ee2e20946d51f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 3 Dec 2018 16:48:14 +0100
Subject: [PATCH 849/889] Fix snprintf call to assume less about integral type
 sizes

The code only worked if psa_key_id_t (formerly psa_key_slot_t)
promoted to int and every value fit in int. Now the code only assumes
that psa_key_id_t is less wide than unsigned long, which is the case
since psa_key_id_t is a 32-bit type in our implementation.
---
 library/psa_crypto_storage_file.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/library/psa_crypto_storage_file.c b/library/psa_crypto_storage_file.c
index 95857fa40..87420be98 100644
--- a/library/psa_crypto_storage_file.c
+++ b/library/psa_crypto_storage_file.c
@@ -53,7 +53,8 @@ static void key_id_to_location( const psa_key_id_t key,
                                 size_t location_size )
 {
     mbedtls_snprintf( location, location_size,
-                      CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_%d", key );
+                      CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_%lu",
+                      (unsigned long) key );
 }
 
 psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data,

From 7bc9f682324acdb2692bca373c877d7cc8263b31 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 3 Dec 2018 17:05:18 +0100
Subject: [PATCH 850/889] Convert the PSA crypto persistent storage tests to
 the new handle API

Switch from the direct use of slot numbers to handles allocated by
psa_allocate_key.

The general principle for each function is:
* Change `psa_key_slot_t slot` to `psa_key_handle_t handle` or
  `psa_key_id_t key_id` depending on whether it's used as a handle to
  an open slot or as a persistent name for a key.
* Call psa_create_key() before using a slot, instead of calling
  psa_set_key_lifetime to make a slot persistent.

Remove the unit test persistent_key_is_configurable which is no longer
relevant.
---
 .../test_suite_psa_crypto_persistent_key.data |   8 -
 ...t_suite_psa_crypto_persistent_key.function | 186 ++++++------------
 ...est_suite_psa_crypto_storage_file.function |   7 +-
 3 files changed, 60 insertions(+), 141 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data
index 46e547c93..c9eb8e103 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.data
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.data
@@ -24,10 +24,6 @@ save_large_persistent_key:0:PSA_SUCCESS
 Save larger than maximum size persistent raw key, should fail
 save_large_persistent_key:1:PSA_ERROR_INSUFFICIENT_STORAGE
 
-Persistent key is configurable
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-persistent_key_is_configurable:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
-
 Persistent key destroy
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 persistent_key_destroy:1:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_TYPE_RAW_DATA:"deadbeef"
@@ -36,10 +32,6 @@ Persistent key destroy missing key
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 persistent_key_destroy:1:0:PSA_KEY_TYPE_RSA_KEYPAIR:"":PSA_KEY_TYPE_RAW_DATA:"deadbeef"
 
-Key lifetime defaults to volatile
-depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
-default_volatile_lifetime:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24"
-
 Persistent key import
 depends_on:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C
 persistent_key_import:1:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_SUCCESS
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function
index 0ede6e6c8..08c7ca017 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.function
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.function
@@ -85,7 +85,8 @@ exit:
 /* BEGIN_CASE */
 void save_large_persistent_key( int data_too_large, int expected_status )
 {
-    psa_key_slot_t slot = 1;
+    psa_key_id_t key_id = 42;
+    psa_key_handle_t handle = 0;
     uint8_t *data = NULL;
     size_t data_length = PSA_CRYPTO_MAX_STORAGE_SIZE;
 
@@ -96,180 +97,107 @@ void save_large_persistent_key( int data_too_large, int expected_status )
 
     TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_set_key_lifetime(
-        slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
+                                 PSA_KEY_TYPE_RAW_DATA,
+                                 PSA_BYTES_TO_BITS( data_length ),
+                                 &handle ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_import_key( slot, PSA_KEY_TYPE_RAW_DATA,
+    TEST_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_RAW_DATA,
         data, data_length ) == expected_status );
 
 exit:
     mbedtls_free( data );
-    psa_destroy_persistent_key( slot );
-    mbedtls_psa_crypto_free();
-}
-/* END_CASE */
-
-
-/* BEGIN_CASE */
-void persistent_key_is_configurable( int slot_arg, int type_arg,
-                                     data_t *data )
-{
-    psa_key_policy_t policy;
-    psa_key_lifetime_t lifetime;
-    psa_key_slot_t slot = (psa_key_slot_t) slot_arg;
-    psa_key_type_t type = (psa_key_type_t) type_arg;
-
-    TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_set_key_lifetime(
-        slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS );
-
-    psa_key_policy_init( &policy );
-
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_import_key( slot, type,
-                                 data->x, data->len ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_get_key_lifetime( slot, &lifetime ) == PSA_SUCCESS );
-
-    TEST_ASSERT( lifetime == PSA_KEY_LIFETIME_PERSISTENT );
-
-exit:
-    psa_destroy_persistent_key( slot );
     mbedtls_psa_crypto_free();
+    psa_destroy_persistent_key( key_id );
 }
 /* END_CASE */
 
 /* BEGIN_CASE */
-void persistent_key_destroy( int slot_arg, int should_store,
+void persistent_key_destroy( int key_id_arg, int should_store,
                              int first_type_arg, data_t *first_data,
                              int second_type_arg, data_t *second_data )
 {
     psa_key_policy_t policy;
-    psa_key_slot_t slot = (psa_key_slot_t) slot_arg;
+    psa_key_id_t key_id = key_id_arg;
+    psa_key_handle_t handle = 0;
     psa_key_type_t first_type = (psa_key_type_t) first_type_arg;
     psa_key_type_t second_type = (psa_key_type_t) second_type_arg;
 
     TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_set_key_lifetime(
-        slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS );
-
     psa_key_policy_init( &policy );
 
+    TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
+                                 first_type,
+                                 PSA_BYTES_TO_BITS( first_data->len ),
+                                 &handle ) == PSA_SUCCESS );
+
     if( should_store == 1 )
     {
         TEST_ASSERT( psa_import_key(
-            slot, first_type,
+            handle, first_type,
             first_data->x, first_data->len ) == PSA_SUCCESS );
     }
 
     /* Destroy the key */
-    TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_get_key_information(
-        slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
+    TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS );
 
     /* Check key slot storage is removed */
-    TEST_ASSERT( psa_is_key_present_in_storage( slot ) == 0 );
-
-    /* Check destroying the key again doesn't report failure */
-    TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_get_key_information(
-        slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
+    TEST_ASSERT( psa_is_key_present_in_storage( key_id ) == 0 );
+    TEST_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
+                               &handle ) == PSA_ERROR_EMPTY_SLOT );
+    TEST_ASSERT( handle == 0 );
 
     /* Shutdown and restart */
     mbedtls_psa_crypto_free();
-
     TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
 
-    /* Mark slot as persistent again */
-    TEST_ASSERT( psa_set_key_lifetime(
-        slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS );
-
-    /* Check key slot is empty */
-    TEST_ASSERT( psa_get_key_information(
-        slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
-
-    /* Import different key data to ensure slot really was empty */
-    psa_key_policy_init( &policy );
-
-    psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT,
-                              PSA_ALG_VENDOR_FLAG );
-
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
-
+    /* Create another key in the same slot */
+    TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
+                                 second_type,
+                                 PSA_BYTES_TO_BITS( second_data->len ),
+                                 &handle ) == PSA_SUCCESS );
     TEST_ASSERT( psa_import_key(
-        slot, second_type,
+        handle, second_type,
         second_data->x, second_data->len ) == PSA_SUCCESS );
 
 exit:
-    psa_destroy_persistent_key( slot );
     mbedtls_psa_crypto_free();
+    psa_destroy_persistent_key( key_id );
 }
 /* END_CASE */
 
 /* BEGIN_CASE */
-void default_volatile_lifetime( int slot_arg, int type_arg, data_t *data )
-{
-    psa_key_policy_t policy;
-    psa_key_slot_t slot = (psa_key_slot_t) slot_arg;
-    psa_key_type_t type = (psa_key_type_t) type_arg;
-
-    TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
-
-    psa_key_policy_init( &policy );
-
-    TEST_ASSERT( psa_import_key( slot, type,
-                                 data->x, data->len ) == PSA_SUCCESS );
-
-    /* Shutdown and restart */
-    mbedtls_psa_crypto_free();
-
-    TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
-
-    /* Check key slot is empty */
-    TEST_ASSERT( psa_get_key_information(
-        slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
-
-exit:
-    psa_destroy_persistent_key( slot );
-    mbedtls_psa_crypto_free();
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void persistent_key_import( int slot_arg, int type_arg, data_t *data,
+void persistent_key_import( int key_id_arg, int type_arg, data_t *data,
                             int expected_status )
 {
     psa_key_policy_t policy;
     psa_key_lifetime_t lifetime;
-    psa_key_slot_t slot = (psa_key_slot_t) slot_arg;
+    psa_key_id_t key_id = (psa_key_id_t) key_id_arg;
     psa_key_type_t type = (psa_key_type_t) type_arg;
+    psa_key_handle_t handle = 0;
 
     TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_set_key_lifetime(
-        slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS );
-
+    TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
+                                 type,
+                                 PSA_BYTES_TO_BITS( data->len ),
+                                 &handle ) == PSA_SUCCESS );
     psa_key_policy_init( &policy );
-
-    TEST_ASSERT( psa_import_key( slot, type,
+    TEST_ASSERT( psa_import_key( handle, type,
                                  data->x, data->len ) == expected_status );
 
     if( expected_status != PSA_SUCCESS )
     {
-        TEST_ASSERT( psa_is_key_present_in_storage( slot ) == 0 );
+        TEST_ASSERT( psa_is_key_present_in_storage( key_id ) == 0 );
         goto exit;
     }
 
-    TEST_ASSERT( psa_get_key_lifetime( slot, &lifetime ) == PSA_SUCCESS );
-
+    TEST_ASSERT( psa_get_key_lifetime( handle, &lifetime ) == PSA_SUCCESS );
     TEST_ASSERT( lifetime == PSA_KEY_LIFETIME_PERSISTENT );
 
 exit:
-    psa_destroy_persistent_key( slot );
+    psa_destroy_persistent_key( key_id );
     mbedtls_psa_crypto_free();
 }
 /* END_CASE */
@@ -278,8 +206,9 @@ exit:
 void import_export_persistent_key( data_t *data, int type_arg,
                                    int expected_bits, int key_not_exist )
 {
-    psa_key_slot_t slot = 1;
+    psa_key_id_t key_id = 42;
     psa_key_type_t type = (psa_key_type_t) type_arg;
+    psa_key_handle_t handle = 0;
     unsigned char *exported = NULL;
     size_t export_size = data->len;
     size_t exported_length;
@@ -292,51 +221,48 @@ void import_export_persistent_key( data_t *data, int type_arg,
 
     TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_set_key_lifetime(
-        slot, PSA_KEY_LIFETIME_PERSISTENT ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
+                                 type,
+                                 PSA_BYTES_TO_BITS( data->len ),
+                                 &handle ) == PSA_SUCCESS );
 
     psa_key_policy_init( &policy );
-
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT,
                               PSA_ALG_VENDOR_FLAG );
-
-    TEST_ASSERT( psa_set_key_policy( slot, &policy ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
 
     /* Import the key */
-    TEST_ASSERT( psa_import_key( slot, type,
+    TEST_ASSERT( psa_import_key( handle, type,
                                  data->x, data->len ) == PSA_SUCCESS );
 
-    TEST_ASSERT( psa_get_key_lifetime(
-        slot, &lifetime_get ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_get_key_lifetime( handle, &lifetime_get ) == PSA_SUCCESS );
     TEST_ASSERT( lifetime_get == PSA_KEY_LIFETIME_PERSISTENT );
 
     /* Test the key information */
     TEST_ASSERT( psa_get_key_information(
-        slot, &got_type, &got_bits ) == PSA_SUCCESS );
+        handle, &got_type, &got_bits ) == PSA_SUCCESS );
     TEST_ASSERT( got_type == type );
     TEST_ASSERT( got_bits == (size_t) expected_bits );
 
-    TEST_ASSERT( psa_is_key_present_in_storage( slot ) == 1 );
+    TEST_ASSERT( psa_is_key_present_in_storage( key_id ) == 1 );
 
     if( key_not_exist )
     {
-        psa_destroy_persistent_key( slot );
+        psa_destroy_persistent_key( key_id );
     }
     /* Export the key */
-    TEST_ASSERT( psa_export_key( slot, exported, export_size,
+    TEST_ASSERT( psa_export_key( handle, exported, export_size,
                                  &exported_length ) == PSA_SUCCESS );
 
     ASSERT_COMPARE( data->x, data->len, exported, exported_length );
 
     /* Destroy the key */
-    TEST_ASSERT( psa_destroy_key( slot ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_get_key_information(
-                     slot, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
-    TEST_ASSERT( psa_is_key_present_in_storage( slot ) == 0 );
+    TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS );
+    TEST_ASSERT( psa_is_key_present_in_storage( key_id ) == 0 );
 
 exit:
     mbedtls_free( exported );
-    psa_destroy_persistent_key( slot );
     mbedtls_psa_crypto_free( );
+    psa_destroy_persistent_key( key_id );
 }
 /* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_storage_file.function b/tests/suites/test_suite_psa_crypto_storage_file.function
index b6dcad777..e753d7862 100644
--- a/tests/suites/test_suite_psa_crypto_storage_file.function
+++ b/tests/suites/test_suite_psa_crypto_storage_file.function
@@ -11,9 +11,11 @@
  */
 
 /* BEGIN_CASE */
-void load_data_from_file( int slot_to_load, data_t *data, int should_make_file,
+void load_data_from_file( int id_to_load_arg,
+                          data_t *data, int should_make_file,
                           int capacity_arg, int expected_status )
 {
+    psa_key_id_t id_to_load = id_to_load_arg;
     char slot_location[] = "psa_key_slot_1";
     psa_status_t status;
     int ret;
@@ -36,8 +38,7 @@ void load_data_from_file( int slot_to_load, data_t *data, int should_make_file,
     /* Read from the file with psa_crypto_storage_load. */
     loaded_data = mbedtls_calloc( 1, capacity );
     TEST_ASSERT( loaded_data != NULL );
-    status = psa_crypto_storage_load( (psa_key_slot_t) slot_to_load, loaded_data,
-                                   file_size );
+    status = psa_crypto_storage_load( id_to_load, loaded_data, file_size );
 
     /* Check we get the expected status. */
     TEST_ASSERT( status == expected_status );

From f6cc435a8a09f6dff383433a775583a0f691ba1c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 3 Dec 2018 17:44:43 +0100
Subject: [PATCH 851/889] Remove psa_key_slot_t from public headers

This commit marks the beginning of the removal of support for direct
access to key slots. From this commit on, programs that use
psa_key_slot_t will no longer compile.

Subsequent commits will remove the now-unused legacy support in
psa_crypto.c.
---
 include/psa/crypto_platform.h | 3 ---
 library/psa_crypto.c          | 4 ++++
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h
index c20396619..50ca546fb 100644
--- a/include/psa/crypto_platform.h
+++ b/include/psa/crypto_platform.h
@@ -46,9 +46,6 @@
 /* PSA requires several types which C99 provides in stdint.h. */
 #include <stdint.h>
 
-/* Integral type representing a key slot number. */
-typedef uint16_t psa_key_slot_t;
-
 /* Integral type representing a key handle. */
 typedef uint16_t psa_key_handle_t;
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 1a038a12a..bff0ce709 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -43,6 +43,10 @@
 
 #include "psa/crypto.h"
 
+/* Transitional definition while moving away from directly-accessible key
+ * slots and to a handle-only interface. */
+typedef psa_key_handle_t psa_key_slot_t;
+
 #include "psa_crypto_invasive.h"
 #include "psa_crypto_slot_management.h"
 /* Include internal declarations that are useful for implementing persistently

From b77a6b25c02a8b5a94de7927d4d963dd5df11d97 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 3 Dec 2018 17:46:13 +0100
Subject: [PATCH 852/889] Remove psa_set_key_lifetime

This function is no longer relevant. Use psa_create_key instead.
---
 include/psa/crypto.h | 45 --------------------------------------------
 library/psa_crypto.c | 29 ----------------------------
 2 files changed, 74 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 6807c73f3..4aea9905d 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -1419,11 +1419,6 @@ typedef uint32_t psa_key_id_t;
  */
 #define PSA_KEY_LIFETIME_PERSISTENT             ((psa_key_lifetime_t)0x00000001)
 
-/** A write-once key slot may not be modified once a key has been set.
- * It will retain its content as long as the device remains operational.
- */
-#define PSA_KEY_LIFETIME_WRITE_ONCE             ((psa_key_lifetime_t)0x7fffffff)
-
 /** \brief Retrieve the lifetime of an open key.
  *
  * \param handle        Handle to query.
@@ -1443,46 +1438,6 @@ typedef uint32_t psa_key_id_t;
 psa_status_t psa_get_key_lifetime(psa_key_handle_t handle,
                                   psa_key_lifetime_t *lifetime);
 
-/** \brief Change the lifetime of a key slot.
- *
- * Whether the lifetime of a key slot can be changed at all, and if so
- * whether the lifetime of an occupied key slot can be changed, is
- * implementation-dependent.
- *
- * When creating a persistent key, you must call this function before creating
- * the key material with psa_import_key(), psa_generate_key() or
- * psa_generator_import_key(). To open an existing persistent key, you must
- * call this function with the correct lifetime value before using the slot
- * for a cryptographic operation. Once a slot's lifetime has been set,
- * the lifetime remains associated with the slot until a subsequent call to
- * psa_set_key_lifetime(), until the key is wiped with psa_destroy_key or
- * until the application terminates (or disconnects from the cryptography
- * service, if the implementation offers such a possibility).
- *
- * \param key           Slot whose lifetime is to be changed.
- * \param lifetime      The lifetime value to set for the given key slot.
- *
- * \retval #PSA_SUCCESS
- *         Success.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         The key slot is invalid,
- *         or the lifetime value is invalid.
- * \retval #PSA_ERROR_NOT_SUPPORTED
- *         The implementation does not support the specified lifetime value,
- *         at least for the specified key slot.
- * \retval #PSA_ERROR_OCCUPIED_SLOT
- *         The slot contains a key, and the implementation does not support
- *         changing the lifetime of an occupied slot.
- * \retval #PSA_ERROR_COMMUNICATION_FAILURE
- * \retval #PSA_ERROR_HARDWARE_FAILURE
- * \retval #PSA_ERROR_TAMPERING_DETECTED
- * \retval #PSA_ERROR_BAD_STATE
- *         The library has not been previously initialized by psa_crypto_init().
- *         It is implementation-dependent whether a failure to initialize
- *         results in this error code.
- */
-psa_status_t psa_set_key_lifetime(psa_key_handle_t key,
-                                  psa_key_lifetime_t lifetime);
 
 /** Allocate a key slot for a transient key, i.e. a key which is only stored
  * in volatile memory.
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index bff0ce709..15bab676f 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3206,35 +3206,6 @@ psa_status_t psa_get_key_lifetime( psa_key_slot_t key,
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_set_key_lifetime( psa_key_slot_t key,
-                                   psa_key_lifetime_t lifetime )
-{
-    key_slot_t *slot;
-    psa_status_t status;
-
-    if( lifetime != PSA_KEY_LIFETIME_VOLATILE &&
-        lifetime != PSA_KEY_LIFETIME_PERSISTENT &&
-        lifetime != PSA_KEY_LIFETIME_WRITE_ONCE )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
-    status = psa_get_empty_key_slot( key, &slot );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    if( lifetime == PSA_KEY_LIFETIME_WRITE_ONCE )
-        return( PSA_ERROR_NOT_SUPPORTED );
-
-#if !defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-    if( lifetime == PSA_KEY_LIFETIME_PERSISTENT )
-        return( PSA_ERROR_NOT_SUPPORTED );
-#endif
-
-    slot->lifetime = lifetime;
-    slot->persistent_storage_id = key;
-
-    return( PSA_SUCCESS );
-}
-
 
 
 /****************************************************************/

From c5487a889289ec977e860d1293fec61aae805260 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 3 Dec 2018 18:08:14 +0100
Subject: [PATCH 853/889] Drop support for psa_key_slot_t in psa_crypto.c

This commit finishes the removal of support for direct access to key
slots in psa_crypto.c.

This marks the end of the necessary phase of the transition to key
handles. The code should subsequently be refactored to move key slot
management from psa_crypto.c to psa_crypto_slot_management.c.
---
 library/psa_crypto.c                          | 202 +++++++-----------
 library/psa_crypto_slot_management.h          |   3 -
 tests/suites/test_suite_psa_crypto.data       |   5 +-
 ..._suite_psa_crypto_slot_management.function |   5 +-
 4 files changed, 79 insertions(+), 136 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 15bab676f..ce9e3e5f2 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -43,10 +43,6 @@
 
 #include "psa/crypto.h"
 
-/* Transitional definition while moving away from directly-accessible key
- * slots and to a handle-only interface. */
-typedef psa_key_handle_t psa_key_slot_t;
-
 #include "psa_crypto_invasive.h"
 #include "psa_crypto_slot_management.h"
 /* Include internal declarations that are useful for implementing persistently
@@ -746,55 +742,34 @@ exit:
 }
 #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
 
-/* Retrieve a key slot, occupied or not. */
-static psa_status_t psa_get_key_slot( psa_key_slot_t key_or_handle,
+/* Access a key slot at the given handle. The handle of a key slot is
+ * the index of the slot in the global slot array, plus one so that handles
+ * start at 1 and not 0. */
+static psa_status_t psa_get_key_slot( psa_key_handle_t handle,
                                       key_slot_t **p_slot )
 {
-    psa_key_slot_t key = key_or_handle & ~PSA_KEY_HANDLE_ALLOCATED_FLAG;
-    int is_handle = ( key_or_handle & PSA_KEY_HANDLE_ALLOCATED_FLAG ) != 0;
-    psa_status_t error_if_invalid =
-        ( is_handle ?
-          PSA_ERROR_INVALID_HANDLE :
-          PSA_ERROR_INVALID_ARGUMENT );
+    key_slot_t *slot = NULL;
 
     GUARD_MODULE_INITIALIZED;
 
-    /* 0 is not a valid slot number under any circumstance. This
+    /* 0 is not a valid handle under any circumstance. This
      * implementation provides slots number 1 to N where N is the
      * number of available slots. */
-    if( key == 0 || key > ARRAY_LENGTH( global_data.key_slots ) )
-        return( error_if_invalid );
+    if( handle == 0 || handle > ARRAY_LENGTH( global_data.key_slots ) )
+        return( PSA_ERROR_INVALID_HANDLE );
+    slot = &global_data.key_slots[handle - 1];
 
-    *p_slot = &global_data.key_slots[key - 1];
-
-    /* Allocated slots must only be accessed via a handle.
-     * Unallocated slots must only be accessed directly. */
-    if( ( *p_slot )->allocated != is_handle )
-        return( error_if_invalid );
-
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-    if( ! ( *p_slot )->allocated &&
-        ( *p_slot )->lifetime == PSA_KEY_LIFETIME_PERSISTENT )
-    {
-        /* There are two circumstances this can occur: the key material has
-         * not yet been created, or the key exists in storage but has not yet
-         * been loaded into memory. */
-        if( ( *p_slot )->type == PSA_KEY_TYPE_NONE )
-        {
-            psa_status_t status = PSA_SUCCESS;
-            status = psa_load_persistent_key_into_slot( *p_slot );
-            if( status != PSA_ERROR_EMPTY_SLOT )
-                return( status );
-        }
-    }
-#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
+    /* If the slot hasn't been allocated, the handle is invalid. */
+    if( ! slot->allocated )
+        return( PSA_ERROR_INVALID_HANDLE );
 
+    *p_slot = slot;
     return( PSA_SUCCESS );
 }
 
 /* Retrieve an empty key slot (slot with no key data, but possibly
  * with some metadata such as a policy). */
-static psa_status_t psa_get_empty_key_slot( psa_key_slot_t key,
+static psa_status_t psa_get_empty_key_slot( psa_key_handle_t handle,
                                             key_slot_t **p_slot )
 {
     psa_status_t status;
@@ -802,7 +777,7 @@ static psa_status_t psa_get_empty_key_slot( psa_key_slot_t key,
 
     *p_slot = NULL;
 
-    status = psa_get_key_slot( key, &slot );
+    status = psa_get_key_slot( handle, &slot );
     if( status != PSA_SUCCESS )
         return( status );
 
@@ -816,7 +791,7 @@ static psa_status_t psa_get_empty_key_slot( psa_key_slot_t key,
 /** Retrieve a slot which must contain a key. The key must have allow all the
  * usage flags set in \p usage. If \p alg is nonzero, the key must allow
  * operations with this algorithm. */
-static psa_status_t psa_get_key_from_slot( psa_key_slot_t key,
+static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle,
                                            key_slot_t **p_slot,
                                            psa_key_usage_t usage,
                                            psa_algorithm_t alg )
@@ -826,7 +801,7 @@ static psa_status_t psa_get_key_from_slot( psa_key_slot_t key,
 
     *p_slot = NULL;
 
-    status = psa_get_key_slot( key, &slot );
+    status = psa_get_key_slot( handle, &slot );
     if( status != PSA_SUCCESS )
         return( status );
     if( slot->type == PSA_KEY_TYPE_NONE )
@@ -896,31 +871,14 @@ static psa_status_t psa_wipe_key_slot( key_slot_t *slot )
     return( status );
 }
 
-/* A slot is available if nothing has been set in it: default lifetime
- * and policy, no key type. */
-static int psa_internal_is_slot_available( key_slot_t *slot )
-{
-    if( slot->allocated )
-        return( 0 );
-    if( slot->type != PSA_KEY_TYPE_NONE )
-        return( 0 );
-    if( slot->lifetime != PSA_KEY_LIFETIME_VOLATILE )
-        return( 0 );
-    if( slot->policy.usage != 0 || slot->policy.alg != 0 )
-        return( 0 );
-    return( 1 );
-}
-
 psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle )
 {
-    psa_key_slot_t key;
-    for( key = PSA_KEY_SLOT_COUNT; key != 0; --( key ) )
+    for( *handle = PSA_KEY_SLOT_COUNT; *handle != 0; --( *handle ) )
     {
-        key_slot_t *slot = &global_data.key_slots[key - 1];
-        if( psa_internal_is_slot_available( slot ) )
+        key_slot_t *slot = &global_data.key_slots[*handle - 1];
+        if( ! slot->allocated )
         {
             slot->allocated = 1;
-            *handle = key | PSA_KEY_HANDLE_ALLOCATED_FLAG;
             return( PSA_SUCCESS );
         }
     }
@@ -941,11 +899,6 @@ psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle,
      * library's internal use. */
     if( id >= 0xffff0000 )
         return( PSA_ERROR_INVALID_ARGUMENT );
-    /* Reject values that don't fit in the key slot number type.
-     * This is a temporary limitation due to the library's internal
-     * plumbing. */
-    if( id > (psa_key_slot_t)( -1 ) )
-        return( PSA_ERROR_INVALID_ARGUMENT );
 
     status = psa_get_key_slot( handle, &slot );
     if( status != PSA_SUCCESS )
@@ -960,22 +913,19 @@ psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle,
 
 psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle )
 {
-    psa_key_slot_t key;
     key_slot_t *slot;
-    /* Don't call psa_get_key_slot() so as not to trigger its automatic
-     * loading of persistent key data. */
-    if( ( handle & PSA_KEY_HANDLE_ALLOCATED_FLAG ) == 0 )
-        return( PSA_ERROR_INVALID_HANDLE );
-    key = handle & ~PSA_KEY_HANDLE_ALLOCATED_FLAG;
-    if( key == 0 || key > ARRAY_LENGTH( global_data.key_slots ) )
-        return( PSA_ERROR_INVALID_HANDLE );
-    slot = &global_data.key_slots[key - 1];
+    psa_status_t status;
+
+    status = psa_get_key_slot( handle, &slot );
+    if( status != PSA_SUCCESS )
+        return( status );
     if( ! slot->allocated )
         return( PSA_ERROR_INVALID_HANDLE );
+
     return( psa_wipe_key_slot( slot ) );
 }
 
-psa_status_t psa_import_key( psa_key_slot_t key,
+psa_status_t psa_import_key( psa_key_handle_t handle,
                              psa_key_type_t type,
                              const uint8_t *data,
                              size_t data_length )
@@ -983,7 +933,7 @@ psa_status_t psa_import_key( psa_key_slot_t key,
     key_slot_t *slot;
     psa_status_t status;
 
-    status = psa_get_empty_key_slot( key, &slot );
+    status = psa_get_empty_key_slot( handle, &slot );
     if( status != PSA_SUCCESS )
         return( status );
 
@@ -1014,13 +964,13 @@ psa_status_t psa_import_key( psa_key_slot_t key,
     return( status );
 }
 
-psa_status_t psa_destroy_key( psa_key_slot_t key )
+psa_status_t psa_destroy_key( psa_key_handle_t handle )
 {
     key_slot_t *slot;
     psa_status_t status = PSA_SUCCESS;
     psa_status_t storage_status = PSA_SUCCESS;
 
-    status = psa_get_key_slot( key, &slot );
+    status = psa_get_key_slot( handle, &slot );
     if( status != PSA_SUCCESS )
         return( status );
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
@@ -1053,7 +1003,7 @@ static size_t psa_get_key_bits( const key_slot_t *slot )
     return( 0 );
 }
 
-psa_status_t psa_get_key_information( psa_key_slot_t key,
+psa_status_t psa_get_key_information( psa_key_handle_t handle,
                                       psa_key_type_t *type,
                                       size_t *bits )
 {
@@ -1064,7 +1014,7 @@ psa_status_t psa_get_key_information( psa_key_slot_t key,
         *type = 0;
     if( bits != NULL )
         *bits = 0;
-    status = psa_get_key_slot( key, &slot );
+    status = psa_get_key_slot( handle, &slot );
     if( status != PSA_SUCCESS )
         return( status );
 
@@ -1185,7 +1135,7 @@ static  psa_status_t psa_internal_export_key( key_slot_t *slot,
     }
 }
 
-psa_status_t psa_export_key( psa_key_slot_t key,
+psa_status_t psa_export_key( psa_key_handle_t handle,
                              uint8_t *data,
                              size_t data_size,
                              size_t *data_length )
@@ -1202,14 +1152,14 @@ psa_status_t psa_export_key( psa_key_slot_t key,
     /* Export requires the EXPORT flag. There is an exception for public keys,
      * which don't require any flag, but psa_get_key_from_slot takes
      * care of this. */
-    status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_EXPORT, 0 );
+    status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_EXPORT, 0 );
     if( status != PSA_SUCCESS )
         return( status );
     return( psa_internal_export_key( slot, data, data_size,
                                      data_length, 0 ) );
 }
 
-psa_status_t psa_export_public_key( psa_key_slot_t key,
+psa_status_t psa_export_public_key( psa_key_handle_t handle,
                                     uint8_t *data,
                                     size_t data_size,
                                     size_t *data_length )
@@ -1224,7 +1174,7 @@ psa_status_t psa_export_public_key( psa_key_slot_t key,
     *data_length = 0;
 
     /* Exporting a public key doesn't require a usage flag. */
-    status = psa_get_key_from_slot( key, &slot, 0, 0 );
+    status = psa_get_key_from_slot( handle, &slot, 0, 0 );
     if( status != PSA_SUCCESS )
         return( status );
     return( psa_internal_export_key( slot, data, data_size,
@@ -1916,7 +1866,7 @@ cleanup:
 #endif /* MBEDTLS_MD_C */
 
 static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
-                                   psa_key_slot_t key,
+                                   psa_key_handle_t handle,
                                    psa_algorithm_t alg,
                                    int is_sign )
 {
@@ -1934,7 +1884,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
     if( is_sign )
         operation->is_sign = 1;
 
-    status = psa_get_key_from_slot( key, &slot, usage, alg );
+    status = psa_get_key_from_slot( handle, &slot, usage, alg );
     if( status != PSA_SUCCESS )
         goto exit;
     key_bits = psa_get_key_bits( slot );
@@ -2027,17 +1977,17 @@ exit:
 }
 
 psa_status_t psa_mac_sign_setup( psa_mac_operation_t *operation,
-                                 psa_key_slot_t key,
+                                 psa_key_handle_t handle,
                                  psa_algorithm_t alg )
 {
-    return( psa_mac_setup( operation, key, alg, 1 ) );
+    return( psa_mac_setup( operation, handle, alg, 1 ) );
 }
 
 psa_status_t psa_mac_verify_setup( psa_mac_operation_t *operation,
-                                   psa_key_slot_t key,
+                                   psa_key_handle_t handle,
                                    psa_algorithm_t alg )
 {
-    return( psa_mac_setup( operation, key, alg, 0 ) );
+    return( psa_mac_setup( operation, handle, alg, 0 ) );
 }
 
 psa_status_t psa_mac_update( psa_mac_operation_t *operation,
@@ -2494,7 +2444,7 @@ cleanup:
 }
 #endif /* MBEDTLS_ECDSA_C */
 
-psa_status_t psa_asymmetric_sign( psa_key_slot_t key,
+psa_status_t psa_asymmetric_sign( psa_key_handle_t handle,
                                   psa_algorithm_t alg,
                                   const uint8_t *hash,
                                   size_t hash_length,
@@ -2507,7 +2457,7 @@ psa_status_t psa_asymmetric_sign( psa_key_slot_t key,
 
     *signature_length = signature_size;
 
-    status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_SIGN, alg );
+    status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_SIGN, alg );
     if( status != PSA_SUCCESS )
         goto exit;
     if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
@@ -2570,7 +2520,7 @@ exit:
     return( status );
 }
 
-psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
+psa_status_t psa_asymmetric_verify( psa_key_handle_t handle,
                                     psa_algorithm_t alg,
                                     const uint8_t *hash,
                                     size_t hash_length,
@@ -2580,7 +2530,7 @@ psa_status_t psa_asymmetric_verify( psa_key_slot_t key,
     key_slot_t *slot;
     psa_status_t status;
 
-    status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_VERIFY, alg );
+    status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_VERIFY, alg );
     if( status != PSA_SUCCESS )
         return( status );
 
@@ -2626,7 +2576,7 @@ static void psa_rsa_oaep_set_padding_mode( psa_algorithm_t alg,
 }
 #endif /* defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) */
 
-psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
+psa_status_t psa_asymmetric_encrypt( psa_key_handle_t handle,
                                      psa_algorithm_t alg,
                                      const uint8_t *input,
                                      size_t input_length,
@@ -2650,7 +2600,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
     if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg );
+    status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_ENCRYPT, alg );
     if( status != PSA_SUCCESS )
         return( status );
     if( ! ( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) ||
@@ -2706,7 +2656,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key,
     }
 }
 
-psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
+psa_status_t psa_asymmetric_decrypt( psa_key_handle_t handle,
                                      psa_algorithm_t alg,
                                      const uint8_t *input,
                                      size_t input_length,
@@ -2730,7 +2680,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
     if( ! PSA_ALG_IS_RSA_OAEP( alg ) && salt_length != 0 )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DECRYPT, alg );
+    status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_DECRYPT, alg );
     if( status != PSA_SUCCESS )
         return( status );
     if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) )
@@ -2816,7 +2766,7 @@ static psa_status_t psa_cipher_init( psa_cipher_operation_t *operation,
 }
 
 static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
-                                      psa_key_slot_t key,
+                                      psa_key_handle_t handle,
                                       psa_algorithm_t alg,
                                       mbedtls_operation_t cipher_operation )
 {
@@ -2833,7 +2783,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
     if( status != PSA_SUCCESS )
         return( status );
 
-    status = psa_get_key_from_slot( key, &slot, usage, alg);
+    status = psa_get_key_from_slot( handle, &slot, usage, alg);
     if( status != PSA_SUCCESS )
         return( status );
     key_bits = psa_get_key_bits( slot );
@@ -2908,17 +2858,17 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
 }
 
 psa_status_t psa_cipher_encrypt_setup( psa_cipher_operation_t *operation,
-                                       psa_key_slot_t key,
+                                       psa_key_handle_t handle,
                                        psa_algorithm_t alg )
 {
-    return( psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT ) );
+    return( psa_cipher_setup( operation, handle, alg, MBEDTLS_ENCRYPT ) );
 }
 
 psa_status_t psa_cipher_decrypt_setup( psa_cipher_operation_t *operation,
-                                       psa_key_slot_t key,
+                                       psa_key_handle_t handle,
                                        psa_algorithm_t alg )
 {
-    return( psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT ) );
+    return( psa_cipher_setup( operation, handle, alg, MBEDTLS_DECRYPT ) );
 }
 
 psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation,
@@ -3141,7 +3091,7 @@ psa_algorithm_t psa_key_policy_get_algorithm( const psa_key_policy_t *policy )
 }
 #endif /* !defined(MBEDTLS_PSA_CRYPTO_SPM) */
 
-psa_status_t psa_set_key_policy( psa_key_slot_t key,
+psa_status_t psa_set_key_policy( psa_key_handle_t handle,
                                  const psa_key_policy_t *policy )
 {
     key_slot_t *slot;
@@ -3150,7 +3100,7 @@ psa_status_t psa_set_key_policy( psa_key_slot_t key,
     if( policy == NULL )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    status = psa_get_empty_key_slot( key, &slot );
+    status = psa_get_empty_key_slot( handle, &slot );
     if( status != PSA_SUCCESS )
         return( status );
 
@@ -3167,7 +3117,7 @@ psa_status_t psa_set_key_policy( psa_key_slot_t key,
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_get_key_policy( psa_key_slot_t key,
+psa_status_t psa_get_key_policy( psa_key_handle_t handle,
                                  psa_key_policy_t *policy )
 {
     key_slot_t *slot;
@@ -3176,7 +3126,7 @@ psa_status_t psa_get_key_policy( psa_key_slot_t key,
     if( policy == NULL )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    status = psa_get_key_slot( key, &slot );
+    status = psa_get_key_slot( handle, &slot );
     if( status != PSA_SUCCESS )
         return( status );
 
@@ -3191,13 +3141,13 @@ psa_status_t psa_get_key_policy( psa_key_slot_t key,
 /* Key Lifetime */
 /****************************************************************/
 
-psa_status_t psa_get_key_lifetime( psa_key_slot_t key,
+psa_status_t psa_get_key_lifetime( psa_key_handle_t handle,
                                    psa_key_lifetime_t *lifetime )
 {
     key_slot_t *slot;
     psa_status_t status;
 
-    status = psa_get_key_slot( key, &slot );
+    status = psa_get_key_slot( handle, &slot );
     if( status != PSA_SUCCESS )
         return( status );
 
@@ -3248,7 +3198,7 @@ static void psa_aead_abort( aead_operation_t *operation )
 }
 
 static psa_status_t psa_aead_setup( aead_operation_t *operation,
-                                    psa_key_slot_t key,
+                                    psa_key_handle_t handle,
                                     psa_key_usage_t usage,
                                     psa_algorithm_t alg )
 {
@@ -3256,7 +3206,7 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation,
     size_t key_bits;
     mbedtls_cipher_id_t cipher_id;
 
-    status = psa_get_key_from_slot( key, &operation->slot, usage, alg );
+    status = psa_get_key_from_slot( handle, &operation->slot, usage, alg );
     if( status != PSA_SUCCESS )
         return( status );
 
@@ -3321,7 +3271,7 @@ cleanup:
     return( status );
 }
 
-psa_status_t psa_aead_encrypt( psa_key_slot_t key,
+psa_status_t psa_aead_encrypt( psa_key_handle_t handle,
                                psa_algorithm_t alg,
                                const uint8_t *nonce,
                                size_t nonce_length,
@@ -3339,7 +3289,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
 
     *ciphertext_length = 0;
 
-    status = psa_aead_setup( &operation, key, PSA_KEY_USAGE_ENCRYPT, alg );
+    status = psa_aead_setup( &operation, handle, PSA_KEY_USAGE_ENCRYPT, alg );
     if( status != PSA_SUCCESS )
         return( status );
 
@@ -3415,7 +3365,7 @@ static psa_status_t psa_aead_unpadded_locate_tag( size_t tag_length,
     return( PSA_SUCCESS );
 }
 
-psa_status_t psa_aead_decrypt( psa_key_slot_t key,
+psa_status_t psa_aead_decrypt( psa_key_handle_t handle,
                                psa_algorithm_t alg,
                                const uint8_t *nonce,
                                size_t nonce_length,
@@ -3433,7 +3383,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
 
     *plaintext_length = 0;
 
-    status = psa_aead_setup( &operation, key, PSA_KEY_USAGE_DECRYPT, alg );
+    status = psa_aead_setup( &operation, handle, PSA_KEY_USAGE_DECRYPT, alg );
     if( status != PSA_SUCCESS )
         return( status );
 
@@ -3862,7 +3812,7 @@ static void psa_des_set_key_parity( uint8_t *data, size_t data_size )
 }
 #endif /* MBEDTLS_DES_C */
 
-psa_status_t psa_generator_import_key( psa_key_slot_t key,
+psa_status_t psa_generator_import_key( psa_key_handle_t handle,
                                        psa_key_type_t type,
                                        size_t bits,
                                        psa_crypto_generator_t *generator )
@@ -3886,7 +3836,7 @@ psa_status_t psa_generator_import_key( psa_key_slot_t key,
     if( type == PSA_KEY_TYPE_DES )
         psa_des_set_key_parity( data, bytes );
 #endif /* MBEDTLS_DES_C */
-    status = psa_import_key( key, type, data, bytes );
+    status = psa_import_key( handle, type, data, bytes );
 
 exit:
     mbedtls_free( data );
@@ -4143,7 +4093,7 @@ static psa_status_t psa_key_derivation_internal(
 }
 
 psa_status_t psa_key_derivation( psa_crypto_generator_t *generator,
-                                 psa_key_slot_t key,
+                                 psa_key_handle_t handle,
                                  psa_algorithm_t alg,
                                  const uint8_t *salt,
                                  size_t salt_length,
@@ -4163,7 +4113,7 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator,
     if( ! PSA_ALG_IS_KEY_DERIVATION( alg ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_DERIVE, alg );
+    status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_DERIVE, alg );
     if( status != PSA_SUCCESS )
         return( status );
 
@@ -4294,7 +4244,7 @@ exit:
 }
 
 psa_status_t psa_key_agreement( psa_crypto_generator_t *generator,
-                                psa_key_slot_t private_key,
+                                psa_key_handle_t private_key,
                                 const uint8_t *peer_key,
                                 size_t peer_key_length,
                                 psa_algorithm_t alg )
@@ -4399,7 +4349,7 @@ psa_status_t mbedtls_psa_inject_entropy( const unsigned char *seed,
 }
 #endif
 
-psa_status_t psa_generate_key( psa_key_slot_t key,
+psa_status_t psa_generate_key( psa_key_handle_t handle,
                                psa_key_type_t type,
                                size_t bits,
                                const void *extra,
@@ -4411,7 +4361,7 @@ psa_status_t psa_generate_key( psa_key_slot_t key,
     if( extra == NULL && extra_size != 0 )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
-    status = psa_get_empty_key_slot( key, &slot );
+    status = psa_get_empty_key_slot( handle, &slot );
     if( status != PSA_SUCCESS )
         return( status );
 
@@ -4547,7 +4497,7 @@ void mbedtls_psa_crypto_free( void )
 {
     if( global_data.key_slots_initialized )
     {
-        psa_key_slot_t key;
+        psa_key_handle_t key;
         for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ )
         {
             key_slot_t *slot = &global_data.key_slots[key - 1];
diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h
index 36917bbaa..cf244f266 100644
--- a/library/psa_crypto_slot_management.h
+++ b/library/psa_crypto_slot_management.h
@@ -26,9 +26,6 @@
  * The value is a compile-time constant for now, for simplicity. */
 #define PSA_KEY_SLOT_COUNT 32
 
-/* All dynamically allocated handles have this bit set. */
-#define PSA_KEY_HANDLE_ALLOCATED_FLAG ( (psa_key_handle_t) 0x8000 )
-
 /** \defgroup core_slot_management Internal functions exposed by the core
  * @{
  */
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 9801a8db7..848e8edfd 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -30,11 +30,10 @@ depends_on:MBEDTLS_AES_C
 import_key_nonempty_slot
 
 PSA export invalid handle (0)
-export_invalid_handle:0:PSA_ERROR_INVALID_ARGUMENT
+export_invalid_handle:0:PSA_ERROR_INVALID_HANDLE
 
 PSA export invalid handle (smallest plausible handle)
-# EMPTY_SLOT is temporary, because this valie is treated as a numbered slot, not as a handle
-export_invalid_handle:1:PSA_ERROR_EMPTY_SLOT
+export_invalid_handle:1:PSA_ERROR_INVALID_HANDLE
 
 PSA export invalid handle (largest plausible handle)
 export_invalid_handle:-1:PSA_ERROR_INVALID_HANDLE
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
index 1f1984e3f..753a70564 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.function
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -321,10 +321,7 @@ void invalid_handle( )
     TEST_ASSERT( psa_close_key( 0 ) == PSA_ERROR_INVALID_HANDLE );
     TEST_ASSERT( psa_close_key( handle1 - 1 ) == PSA_ERROR_INVALID_HANDLE );
     TEST_ASSERT( psa_close_key( handle1 + 1 ) == PSA_ERROR_INVALID_HANDLE );
-    /* At the moment the implementation returns INVALID_ARGUMENT for 0
-     * because of the transitional support for non-allocated slot numbers.
-     * When this is removed, the error will switch to INVALID_HANDLE. */
-    TEST_ASSERT( psa_destroy_key( 0 ) == PSA_ERROR_INVALID_ARGUMENT );
+    TEST_ASSERT( psa_destroy_key( 0 ) == PSA_ERROR_INVALID_HANDLE );
     TEST_ASSERT( psa_destroy_key( handle1 - 1 ) == PSA_ERROR_INVALID_HANDLE );
     TEST_ASSERT( psa_destroy_key( handle1 + 1 ) == PSA_ERROR_INVALID_HANDLE );
 

From 4a044739a8443fcfbb9cf9d89f862389b3dd3066 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 3 Dec 2018 18:19:39 +0100
Subject: [PATCH 854/889] Fix the build without persistent storage

Add missing guards on MBEDTLS_PSA_CRYPTO_STORAGE_C.

Add test cases to test that psa_create_key and psa_open_key return
NOT_SUPPORTED.
---
 library/psa_crypto.c                                |  7 +++++++
 .../test_suite_psa_crypto_slot_management.data      | 13 +++++++++++++
 .../test_suite_psa_crypto_slot_management.function  | 10 ++++++++--
 3 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ce9e3e5f2..c67c8a798 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -888,6 +888,7 @@ psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle )
 psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle,
                                                psa_key_id_t id )
 {
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
     key_slot_t *slot;
     psa_status_t status;
 
@@ -909,6 +910,12 @@ psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle,
     status = psa_load_persistent_key_into_slot( slot );
 
     return( status );
+
+#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+    (void) handle;
+    (void) id;
+    return( PSA_ERROR_NOT_SUPPORTED );
+#endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */
 }
 
 psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle )
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data
index 133f4c873..39e05abf8 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.data
+++ b/tests/suites/test_suite_psa_crypto_slot_management.data
@@ -38,20 +38,33 @@ depends_on:MBEDTLS_AES_C
 create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_AES:KEEP_OPEN
 
 Open failure: non-existent identifier
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
 open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_EMPTY_SLOT
 
 Open failure: volatile lifetime
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
 open_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT
 
 Open failure: invalid lifetime
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
 open_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT
 
 Create failure: volatile lifetime
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
 create_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT
 
 Create failure: invalid lifetime
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
 create_fail:0x7fffffff:0:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT
 
+Open not supported
+depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C
+open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED
+
+Create not supported
+depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_NOT_SUPPORTED
+
 Close/destroy invalid handle
 invalid_handle:
 
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
index 753a70564..754aae08d 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.function
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -29,6 +29,7 @@ typedef enum
  * identifier, and must call psa_purge_key_storage() in their cleanup
  * code. */
 
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
 /* There is no API to purge all keys. For this test suite, require that
  * all key IDs be less than a certain maximum. */
 #define MAX_KEY_ID_FOR_TEST 32
@@ -43,6 +44,9 @@ void psa_purge_key_storage( void )
     for( i = 0; i <= MAX_KEY_ID_FOR_TEST; i++ )
         psa_destroy_persistent_key( i );
 }
+#else
+#define TEST_MAX_KEY_ID( key_id ) ( (void) ( key_id ) )
+#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
 
 static int psa_key_policy_equal( psa_key_policy_t *p1,
                                  psa_key_policy_t *p2 )
@@ -109,7 +113,7 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
 void persistent_slot_lifecycle( int lifetime_arg, int id_arg,
                                 int type_arg, int max_bits_arg,
                                 int alg_arg, int usage_arg,
@@ -188,7 +192,7 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C */
 void create_existent( int lifetime_arg, int id_arg,
                       int new_type_arg,
                       int reopen_policy_arg )
@@ -293,7 +297,9 @@ void create_fail( int lifetime_arg, int id_arg,
 
 exit:
     mbedtls_psa_crypto_free( );
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
     psa_purge_key_storage( );
+#endif
 }
 /* END_CASE */
 

From 2f060a8ea54ead4912d5ad8ab5cebc16513dbdc4 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 4 Dec 2018 17:12:32 +0100
Subject: [PATCH 855/889] Rename key_slot_t to psa_key_slot_t in psa_crypto.c

That way it'll be ok to add it to an internal header so as to use it
in multiple source modules.
---
 library/psa_crypto.c | 78 ++++++++++++++++++++++----------------------
 1 file changed, 39 insertions(+), 39 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c67c8a798..3e08657db 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -139,7 +139,7 @@ typedef struct
         mbedtls_ecp_keypair *ecp;
 #endif /* MBEDTLS_ECP_C */
     } data;
-} key_slot_t;
+} psa_key_slot_t;
 
 static int key_type_is_raw_bytes( psa_key_type_t type )
 {
@@ -157,7 +157,7 @@ typedef struct
     void (* entropy_free )( mbedtls_entropy_context *ctx );
     mbedtls_entropy_context entropy;
     mbedtls_ctr_drbg_context ctr_drbg;
-    key_slot_t key_slots[PSA_KEY_SLOT_COUNT];
+    psa_key_slot_t key_slots[PSA_KEY_SLOT_COUNT];
     unsigned initialized : 1;
     unsigned rng_state : 2;
     unsigned key_slots_initialized : 1;
@@ -640,7 +640,7 @@ exit:
 /** Import key data into a slot. `slot->type` must have been set
  * previously. This function assumes that the slot does not contain
  * any key material yet. On failure, the slot content is unchanged. */
-static psa_status_t psa_import_key_into_slot( key_slot_t *slot,
+static psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
                                               const uint8_t *data,
                                               size_t data_length )
 {
@@ -722,7 +722,7 @@ static psa_status_t psa_import_key_into_slot( key_slot_t *slot,
 }
 
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-static psa_status_t psa_load_persistent_key_into_slot( key_slot_t *p_slot )
+static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *p_slot )
 {
     psa_status_t status = PSA_SUCCESS;
     uint8_t *key_data = NULL;
@@ -746,9 +746,9 @@ exit:
  * the index of the slot in the global slot array, plus one so that handles
  * start at 1 and not 0. */
 static psa_status_t psa_get_key_slot( psa_key_handle_t handle,
-                                      key_slot_t **p_slot )
+                                      psa_key_slot_t **p_slot )
 {
-    key_slot_t *slot = NULL;
+    psa_key_slot_t *slot = NULL;
 
     GUARD_MODULE_INITIALIZED;
 
@@ -770,10 +770,10 @@ static psa_status_t psa_get_key_slot( psa_key_handle_t handle,
 /* Retrieve an empty key slot (slot with no key data, but possibly
  * with some metadata such as a policy). */
 static psa_status_t psa_get_empty_key_slot( psa_key_handle_t handle,
-                                            key_slot_t **p_slot )
+                                            psa_key_slot_t **p_slot )
 {
     psa_status_t status;
-    key_slot_t *slot = NULL;
+    psa_key_slot_t *slot = NULL;
 
     *p_slot = NULL;
 
@@ -792,12 +792,12 @@ static psa_status_t psa_get_empty_key_slot( psa_key_handle_t handle,
  * usage flags set in \p usage. If \p alg is nonzero, the key must allow
  * operations with this algorithm. */
 static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle,
-                                           key_slot_t **p_slot,
+                                           psa_key_slot_t **p_slot,
                                            psa_key_usage_t usage,
                                            psa_algorithm_t alg )
 {
     psa_status_t status;
-    key_slot_t *slot = NULL;
+    psa_key_slot_t *slot = NULL;
 
     *p_slot = NULL;
 
@@ -823,7 +823,7 @@ static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle,
 }
 
 /** Wipe key data from a slot. Preserve metadata such as the policy. */
-static psa_status_t psa_remove_key_data_from_memory( key_slot_t *slot )
+static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot )
 {
     if( slot->type == PSA_KEY_TYPE_NONE )
     {
@@ -861,7 +861,7 @@ static psa_status_t psa_remove_key_data_from_memory( key_slot_t *slot )
 
 /** Completely wipe a slot in memory, including its policy.
  * Persistent storage is not affected. */
-static psa_status_t psa_wipe_key_slot( key_slot_t *slot )
+static psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot )
 {
     psa_status_t status = psa_remove_key_data_from_memory( slot );
     /* At this point, key material and other type-specific content has
@@ -875,7 +875,7 @@ psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle )
 {
     for( *handle = PSA_KEY_SLOT_COUNT; *handle != 0; --( *handle ) )
     {
-        key_slot_t *slot = &global_data.key_slots[*handle - 1];
+        psa_key_slot_t *slot = &global_data.key_slots[*handle - 1];
         if( ! slot->allocated )
         {
             slot->allocated = 1;
@@ -889,7 +889,7 @@ psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle,
                                                psa_key_id_t id )
 {
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-    key_slot_t *slot;
+    psa_key_slot_t *slot;
     psa_status_t status;
 
     /* Reject id=0 because by general library conventions, 0 is an invalid
@@ -920,7 +920,7 @@ psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle,
 
 psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle )
 {
-    key_slot_t *slot;
+    psa_key_slot_t *slot;
     psa_status_t status;
 
     status = psa_get_key_slot( handle, &slot );
@@ -937,7 +937,7 @@ psa_status_t psa_import_key( psa_key_handle_t handle,
                              const uint8_t *data,
                              size_t data_length )
 {
-    key_slot_t *slot;
+    psa_key_slot_t *slot;
     psa_status_t status;
 
     status = psa_get_empty_key_slot( handle, &slot );
@@ -973,7 +973,7 @@ psa_status_t psa_import_key( psa_key_handle_t handle,
 
 psa_status_t psa_destroy_key( psa_key_handle_t handle )
 {
-    key_slot_t *slot;
+    psa_key_slot_t *slot;
     psa_status_t status = PSA_SUCCESS;
     psa_status_t storage_status = PSA_SUCCESS;
 
@@ -994,7 +994,7 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle )
 }
 
 /* Return the size of the key in the given slot, in bits. */
-static size_t psa_get_key_bits( const key_slot_t *slot )
+static size_t psa_get_key_bits( const psa_key_slot_t *slot )
 {
     if( key_type_is_raw_bytes( slot->type ) )
         return( slot->data.raw.bytes * 8 );
@@ -1014,7 +1014,7 @@ psa_status_t psa_get_key_information( psa_key_handle_t handle,
                                       psa_key_type_t *type,
                                       size_t *bits )
 {
-    key_slot_t *slot;
+    psa_key_slot_t *slot;
     psa_status_t status;
 
     if( type != NULL )
@@ -1034,7 +1034,7 @@ psa_status_t psa_get_key_information( psa_key_handle_t handle,
     return( PSA_SUCCESS );
 }
 
-static  psa_status_t psa_internal_export_key( key_slot_t *slot,
+static  psa_status_t psa_internal_export_key( psa_key_slot_t *slot,
                                               uint8_t *data,
                                               size_t data_size,
                                               size_t *data_length,
@@ -1147,7 +1147,7 @@ psa_status_t psa_export_key( psa_key_handle_t handle,
                              size_t data_size,
                              size_t *data_length )
 {
-    key_slot_t *slot;
+    psa_key_slot_t *slot;
     psa_status_t status;
 
     /* Set the key to empty now, so that even when there are errors, we always
@@ -1171,7 +1171,7 @@ psa_status_t psa_export_public_key( psa_key_handle_t handle,
                                     size_t data_size,
                                     size_t *data_length )
 {
-    key_slot_t *slot;
+    psa_key_slot_t *slot;
     psa_status_t status;
 
     /* Set the key to empty now, so that even when there are errors, we always
@@ -1189,7 +1189,7 @@ psa_status_t psa_export_public_key( psa_key_handle_t handle,
 }
 
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-static psa_status_t psa_save_generated_persistent_key( key_slot_t *slot,
+static psa_status_t psa_save_generated_persistent_key( psa_key_slot_t *slot,
                                                        size_t bits )
 {
     psa_status_t status;
@@ -1784,7 +1784,7 @@ bad_state:
 #if defined(MBEDTLS_CMAC_C)
 static int psa_cmac_setup( psa_mac_operation_t *operation,
                            size_t key_bits,
-                           key_slot_t *slot,
+                           psa_key_slot_t *slot,
                            const mbedtls_cipher_info_t *cipher_info )
 {
     int ret;
@@ -1878,7 +1878,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
                                    int is_sign )
 {
     psa_status_t status;
-    key_slot_t *slot;
+    psa_key_slot_t *slot;
     size_t key_bits;
     psa_key_usage_t usage =
         is_sign ? PSA_KEY_USAGE_SIGN : PSA_KEY_USAGE_VERIFY;
@@ -2459,7 +2459,7 @@ psa_status_t psa_asymmetric_sign( psa_key_handle_t handle,
                                   size_t signature_size,
                                   size_t *signature_length )
 {
-    key_slot_t *slot;
+    psa_key_slot_t *slot;
     psa_status_t status;
 
     *signature_length = signature_size;
@@ -2534,7 +2534,7 @@ psa_status_t psa_asymmetric_verify( psa_key_handle_t handle,
                                     const uint8_t *signature,
                                     size_t signature_length )
 {
-    key_slot_t *slot;
+    psa_key_slot_t *slot;
     psa_status_t status;
 
     status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_VERIFY, alg );
@@ -2593,7 +2593,7 @@ psa_status_t psa_asymmetric_encrypt( psa_key_handle_t handle,
                                      size_t output_size,
                                      size_t *output_length )
 {
-    key_slot_t *slot;
+    psa_key_slot_t *slot;
     psa_status_t status;
 
     (void) input;
@@ -2673,7 +2673,7 @@ psa_status_t psa_asymmetric_decrypt( psa_key_handle_t handle,
                                      size_t output_size,
                                      size_t *output_length )
 {
-    key_slot_t *slot;
+    psa_key_slot_t *slot;
     psa_status_t status;
 
     (void) input;
@@ -2779,7 +2779,7 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
 {
     int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
     psa_status_t status;
-    key_slot_t *slot;
+    psa_key_slot_t *slot;
     size_t key_bits;
     const mbedtls_cipher_info_t *cipher_info = NULL;
     psa_key_usage_t usage = ( cipher_operation == MBEDTLS_ENCRYPT ?
@@ -3101,7 +3101,7 @@ psa_algorithm_t psa_key_policy_get_algorithm( const psa_key_policy_t *policy )
 psa_status_t psa_set_key_policy( psa_key_handle_t handle,
                                  const psa_key_policy_t *policy )
 {
-    key_slot_t *slot;
+    psa_key_slot_t *slot;
     psa_status_t status;
 
     if( policy == NULL )
@@ -3127,7 +3127,7 @@ psa_status_t psa_set_key_policy( psa_key_handle_t handle,
 psa_status_t psa_get_key_policy( psa_key_handle_t handle,
                                  psa_key_policy_t *policy )
 {
-    key_slot_t *slot;
+    psa_key_slot_t *slot;
     psa_status_t status;
 
     if( policy == NULL )
@@ -3151,7 +3151,7 @@ psa_status_t psa_get_key_policy( psa_key_handle_t handle,
 psa_status_t psa_get_key_lifetime( psa_key_handle_t handle,
                                    psa_key_lifetime_t *lifetime )
 {
-    key_slot_t *slot;
+    psa_key_slot_t *slot;
     psa_status_t status;
 
     status = psa_get_key_slot( handle, &slot );
@@ -3171,7 +3171,7 @@ psa_status_t psa_get_key_lifetime( psa_key_handle_t handle,
 
 typedef struct
 {
-    key_slot_t *slot;
+    psa_key_slot_t *slot;
     const mbedtls_cipher_info_t *cipher_info;
     union
     {
@@ -4108,7 +4108,7 @@ psa_status_t psa_key_derivation( psa_crypto_generator_t *generator,
                                  size_t label_length,
                                  size_t capacity )
 {
-    key_slot_t *slot;
+    psa_key_slot_t *slot;
     psa_status_t status;
 
     if( generator->alg != 0 )
@@ -4205,7 +4205,7 @@ exit:
  * to potentially free embedded data structures and wipe confidential data.
  */
 static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generator,
-                                                key_slot_t *private_key,
+                                                psa_key_slot_t *private_key,
                                                 const uint8_t *peer_key,
                                                 size_t peer_key_length,
                                                 psa_algorithm_t alg )
@@ -4256,7 +4256,7 @@ psa_status_t psa_key_agreement( psa_crypto_generator_t *generator,
                                 size_t peer_key_length,
                                 psa_algorithm_t alg )
 {
-    key_slot_t *slot;
+    psa_key_slot_t *slot;
     psa_status_t status;
     if( ! PSA_ALG_IS_KEY_AGREEMENT( alg ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
@@ -4362,7 +4362,7 @@ psa_status_t psa_generate_key( psa_key_handle_t handle,
                                const void *extra,
                                size_t extra_size )
 {
-    key_slot_t *slot;
+    psa_key_slot_t *slot;
     psa_status_t status;
 
     if( extra == NULL && extra_size != 0 )
@@ -4507,7 +4507,7 @@ void mbedtls_psa_crypto_free( void )
         psa_key_handle_t key;
         for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ )
         {
-            key_slot_t *slot = &global_data.key_slots[key - 1];
+            psa_key_slot_t *slot = &global_data.key_slots[key - 1];
             (void) psa_wipe_key_slot( slot );
         }
     }

From fe9756b1f59c3c5290bf40c90ab27074231828b8 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 7 Dec 2018 18:12:28 +0100
Subject: [PATCH 856/889] Remove a comment that is no longer applicable

---
 library/psa_crypto.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 3e08657db..1b44fc61e 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -4551,8 +4551,7 @@ psa_status_t psa_crypto_init( void )
     global_data.rng_state = RNG_SEEDED;
 
     /* Initialize the key slots. Zero-initialization has made all key
-     * slots empty, so there is nothing to do. In a future version we will
-     * load data from storage. */
+     * slots empty, so there is nothing to do. */
     global_data.key_slots_initialized = 1;
 
     /* All done. */

From 3f10812ff998055c36a0697e1f5687119954d7c6 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 7 Dec 2018 18:14:53 +0100
Subject: [PATCH 857/889] Use the library-wide zeroize function

Since Mbed TLS 2.10, there is a single copy of
mbedtls_platform_zeroize for the whole library instead of one per
module. Update the PSA crypto module accordingly.
---
 library/psa_crypto.c | 35 +++++++++++++++--------------------
 1 file changed, 15 insertions(+), 20 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 1b44fc61e..afb4d325c 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -81,6 +81,7 @@
 #include "mbedtls/md_internal.h"
 #include "mbedtls/pk.h"
 #include "mbedtls/pk_internal.h"
+#include "mbedtls/platform_util.h"
 #include "mbedtls/ripemd160.h"
 #include "mbedtls/rsa.h"
 #include "mbedtls/sha1.h"
@@ -94,12 +95,6 @@
 
 #define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
 
-/* Implementation that should never be optimized out by the compiler */
-static void mbedtls_zeroize( void *v, size_t n )
-{
-    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
-}
-
 /* constant-time buffer comparison */
 static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n )
 {
@@ -1215,7 +1210,7 @@ static psa_status_t psa_save_generated_persistent_key( psa_key_slot_t *slot,
         slot->type = PSA_KEY_TYPE_NONE;
     }
 exit:
-    mbedtls_zeroize( data, key_length );
+    mbedtls_platform_zeroize( data, key_length );
     mbedtls_free( data );
     return( status );
 }
@@ -1722,7 +1717,7 @@ static psa_status_t psa_mac_init( psa_mac_operation_t *operation,
 #if defined(MBEDTLS_MD_C)
 static psa_status_t psa_hmac_abort_internal( psa_hmac_internal_data *hmac )
 {
-    mbedtls_zeroize( hmac->opad, sizeof( hmac->opad ) );
+    mbedtls_platform_zeroize( hmac->opad, sizeof( hmac->opad ) );
     return( psa_hash_abort( &hmac->hash_ctx ) );
 }
 
@@ -1866,7 +1861,7 @@ static psa_status_t psa_hmac_setup_internal( psa_hmac_internal_data *hmac,
     status = psa_hash_update( &hmac->hash_ctx, ipad, block_size );
 
 cleanup:
-    mbedtls_zeroize( ipad, key_length );
+    mbedtls_platform_zeroize( ipad, key_length );
 
     return( status );
 }
@@ -2072,7 +2067,7 @@ static psa_status_t psa_hmac_finish_internal( psa_hmac_internal_data *hmac,
     memcpy( mac, tmp, mac_size );
 
 exit:
-    mbedtls_zeroize( tmp, hash_size );
+    mbedtls_platform_zeroize( tmp, hash_size );
     return( status );
 }
 #endif /* MBEDTLS_MD_C */
@@ -2096,7 +2091,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
         int ret = mbedtls_cipher_cmac_finish( &operation->ctx.cmac, tmp );
         if( ret == 0 )
             memcpy( mac, tmp, operation->mac_size );
-        mbedtls_zeroize( tmp, sizeof( tmp ) );
+        mbedtls_platform_zeroize( tmp, sizeof( tmp ) );
         return( mbedtls_to_psa_error( ret ) );
     }
     else
@@ -2184,7 +2179,7 @@ cleanup:
     else
         psa_mac_abort( operation );
 
-    mbedtls_zeroize( actual_mac, sizeof( actual_mac ) );
+    mbedtls_platform_zeroize( actual_mac, sizeof( actual_mac ) );
 
     return( status );
 }
@@ -3025,7 +3020,7 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,
         goto error;
     }
 
-    mbedtls_zeroize( temp_output_buffer, sizeof( temp_output_buffer ) );
+    mbedtls_platform_zeroize( temp_output_buffer, sizeof( temp_output_buffer ) );
     status = psa_cipher_abort( operation );
 
     return( status );
@@ -3034,7 +3029,7 @@ error:
 
     *output_length = 0;
 
-    mbedtls_zeroize( temp_output_buffer, sizeof( temp_output_buffer ) );
+    mbedtls_platform_zeroize( temp_output_buffer, sizeof( temp_output_buffer ) );
     (void) psa_cipher_abort( operation );
 
     return( status );
@@ -3468,7 +3463,7 @@ psa_status_t psa_generator_abort( psa_crypto_generator_t *generator )
     {
         if( generator->ctx.buffer.data != NULL )
         {
-            mbedtls_zeroize( generator->ctx.buffer.data,
+            mbedtls_platform_zeroize( generator->ctx.buffer.data,
                              generator->ctx.buffer.size );
             mbedtls_free( generator->ctx.buffer.data );
         }
@@ -3486,14 +3481,14 @@ psa_status_t psa_generator_abort( psa_crypto_generator_t *generator )
     {
         if( generator->ctx.tls12_prf.key != NULL )
         {
-            mbedtls_zeroize( generator->ctx.tls12_prf.key,
+            mbedtls_platform_zeroize( generator->ctx.tls12_prf.key,
                              generator->ctx.tls12_prf.key_len );
             mbedtls_free( generator->ctx.tls12_prf.key );
         }
 
         if( generator->ctx.tls12_prf.Ai_with_seed != NULL )
         {
-            mbedtls_zeroize( generator->ctx.tls12_prf.Ai_with_seed,
+            mbedtls_platform_zeroize( generator->ctx.tls12_prf.Ai_with_seed,
                              generator->ctx.tls12_prf.Ai_with_seed_len );
             mbedtls_free( generator->ctx.tls12_prf.Ai_with_seed );
         }
@@ -3995,7 +3990,7 @@ static psa_status_t psa_generator_tls12_psk_to_ms_setup(
                                             salt, salt_length,
                                             label, label_length );
 
-    mbedtls_zeroize( pms, sizeof( pms ) );
+    mbedtls_platform_zeroize( pms, sizeof( pms ) );
     return( status );
 }
 #endif /* MBEDTLS_MD_C */
@@ -4246,7 +4241,7 @@ static psa_status_t psa_key_agreement_internal( psa_crypto_generator_t *generato
                                           NULL, 0, NULL, 0,
                                           PSA_GENERATOR_UNBRIDLED_CAPACITY );
 exit:
-    mbedtls_zeroize( shared_secret, shared_secret_length );
+    mbedtls_platform_zeroize( shared_secret, shared_secret_length );
     return( status );
 }
 
@@ -4519,7 +4514,7 @@ void mbedtls_psa_crypto_free( void )
     /* Wipe all remaining data, including configuration.
      * In particular, this sets all state indicator to the value
      * indicating "uninitialized". */
-    mbedtls_zeroize( &global_data, sizeof( global_data ) );
+    mbedtls_platform_zeroize( &global_data, sizeof( global_data ) );
 }
 
 psa_status_t psa_crypto_init( void )

From 039b90cf5b30855ebd10d0cbcdb395f6793e9a23 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 7 Dec 2018 18:24:41 +0100
Subject: [PATCH 858/889] Expose the PSA key slot structure to internal modules

Move psa_key_slot_t to a new header psa_crypto_core.h, to prepare for
moving the responsibility for some fields to
psa_crypto_slot_management.c.
---
 library/psa_crypto.c           | 24 +------------
 library/psa_crypto_core.h      | 62 ++++++++++++++++++++++++++++++++++
 visualc/VS2010/mbedTLS.vcxproj |  1 +
 3 files changed, 64 insertions(+), 23 deletions(-)
 create mode 100644 library/psa_crypto_core.h

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index afb4d325c..2712c6778 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -43,6 +43,7 @@
 
 #include "psa/crypto.h"
 
+#include "psa_crypto_core.h"
 #include "psa_crypto_invasive.h"
 #include "psa_crypto_slot_management.h"
 /* Include internal declarations that are useful for implementing persistently
@@ -113,29 +114,6 @@ static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n )
 /* Global data, support functions and library management */
 /****************************************************************/
 
-typedef struct
-{
-    psa_key_type_t type;
-    psa_key_policy_t policy;
-    psa_key_lifetime_t lifetime;
-    psa_key_id_t persistent_storage_id;
-    unsigned allocated : 1;
-    union
-    {
-        struct raw_data
-        {
-            uint8_t *data;
-            size_t bytes;
-        } raw;
-#if defined(MBEDTLS_RSA_C)
-        mbedtls_rsa_context *rsa;
-#endif /* MBEDTLS_RSA_C */
-#if defined(MBEDTLS_ECP_C)
-        mbedtls_ecp_keypair *ecp;
-#endif /* MBEDTLS_ECP_C */
-    } data;
-} psa_key_slot_t;
-
 static int key_type_is_raw_bytes( psa_key_type_t type )
 {
     return( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) );
diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h
new file mode 100644
index 000000000..de877d344
--- /dev/null
+++ b/library/psa_crypto_core.h
@@ -0,0 +1,62 @@
+/*
+ *  PSA crypto core internal interfaces
+ */
+/*  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_CORE_H
+#define PSA_CRYPTO_CORE_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "psa/crypto.h"
+
+#include "mbedtls/ecp.h"
+#include "mbedtls/rsa.h"
+
+/** The data structure representing a key slot, containing key material
+ * and metadata for one key.
+ */
+typedef struct
+{
+    psa_key_type_t type;
+    psa_key_policy_t policy;
+    psa_key_lifetime_t lifetime;
+    psa_key_id_t persistent_storage_id;
+    unsigned allocated : 1;
+    union
+    {
+        struct raw_data
+        {
+            uint8_t *data;
+            size_t bytes;
+        } raw;
+#if defined(MBEDTLS_RSA_C)
+        mbedtls_rsa_context *rsa;
+#endif /* MBEDTLS_RSA_C */
+#if defined(MBEDTLS_ECP_C)
+        mbedtls_ecp_keypair *ecp;
+#endif /* MBEDTLS_ECP_C */
+    } data;
+} psa_key_slot_t;
+
+#endif /* PSA_CRYPTO_CORE_H */
diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 341e058a8..366b97e55 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -231,6 +231,7 @@
     <ClInclude Include="..\..\include\psa\crypto_platform.h" />
     <ClInclude Include="..\..\include\psa\crypto_sizes.h" />
     <ClInclude Include="..\..\include\psa\crypto_struct.h" />
+    <ClInclude Include="..\..\library/psa_crypto_core.h" />
     <ClInclude Include="..\..\library/psa_crypto_invasive.h" />
     <ClInclude Include="..\..\library/psa_crypto_slot_management.h" />
     <ClInclude Include="..\..\library/psa_crypto_storage.h" />

From 48868129cde07ad7bd54d0cd8fdc948850fc43b8 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 10 Dec 2018 17:30:29 +0100
Subject: [PATCH 859/889] Document the maximum key identifier

Give it a name and explain why it was chosen.
---
 library/psa_crypto.c         |  2 +-
 library/psa_crypto_storage.h | 17 +++++++++++++++++
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 2712c6778..d272334d4 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -871,7 +871,7 @@ psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle,
         return( PSA_ERROR_INVALID_ARGUMENT );
     /* Reject high values because the file names are reserved for the
      * library's internal use. */
-    if( id >= 0xffff0000 )
+    if( id >= PSA_MAX_PERSISTENT_KEY_IDENTIFIER )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
     status = psa_get_key_slot( handle, &slot );
diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h
index 478daef8f..85881c164 100644
--- a/library/psa_crypto_storage.h
+++ b/library/psa_crypto_storage.h
@@ -44,6 +44,23 @@ extern "C" {
  * inadvertently store an obscene amount of data) */
 #define PSA_CRYPTO_MAX_STORAGE_SIZE ( 30 * 1024 )
 
+/** The maximum permitted persistent slot number.
+ *
+ * In Mbed Crypto 0.1.0b:
+ * - Using the file backend, all key ids are ok except 0.
+ * - Using the ITS backend, all key ids are ok except 0xFFFFFF52
+ *   (#PSA_CRYPTO_ITS_RANDOM_SEED_UID) for which the file contains the
+ *   device's random seed (if this feature is enabled).
+ * - Only key ids from 1 to #PSA_KEY_SLOT_COUNT are actually used.
+ *
+ * Since we need to preserve the random seed, avoid using that key slot.
+ * Reserve a whole range of key slots just in case something else comes up.
+ *
+ * This limitation will probably become moot when we implement client
+ * separation for key storage.
+ */
+#define PSA_MAX_PERSISTENT_KEY_IDENTIFIER 0xffff0000
+
 /**
  * \brief Format key data and metadata and save to a location for given key
  *        slot.

From 539cda57df9a7f36b03b46075016a6ce91166760 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 10 Dec 2018 17:31:59 +0100
Subject: [PATCH 860/889] Add tests with invalid key identifiers

Test that 0 and PSA_CRYPTO_ITS_RANDOM_SEED_UID are not accepted as key
identifiers.
---
 .../test_suite_psa_crypto_slot_management.data   | 16 ++++++++++++++++
 ...est_suite_psa_crypto_slot_management.function |  8 ++++++--
 2 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data
index 39e05abf8..46dbea2c0 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.data
+++ b/tests/suites/test_suite_psa_crypto_slot_management.data
@@ -37,6 +37,14 @@ Attempt to overwrite: keep open, different type
 depends_on:MBEDTLS_AES_C
 create_existent:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_KEY_TYPE_AES:KEEP_OPEN
 
+Open failure: invalid identifier (0)
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+open_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_ERROR_INVALID_ARGUMENT
+
+Open failure: invalid identifier (random seed UID)
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+open_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_ERROR_INVALID_ARGUMENT
+
 Open failure: non-existent identifier
 depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
 open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_EMPTY_SLOT
@@ -57,6 +65,14 @@ Create failure: invalid lifetime
 depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
 create_fail:0x7fffffff:0:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT
 
+Create failure: invalid key id (0)
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT
+
+Create failure: invalid key id (random seed UID)
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_PERSISTENT:PSA_CRYPTO_ITS_RANDOM_SEED_UID:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT
+
 Open not supported
 depends_on:!MBEDTLS_PSA_CRYPTO_STORAGE_C
 open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_NOT_SUPPORTED
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
index 754aae08d..fdcb5a949 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.function
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -31,10 +31,14 @@ typedef enum
 
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
 /* There is no API to purge all keys. For this test suite, require that
- * all key IDs be less than a certain maximum. */
+ * all key IDs be less than a certain maximum, or a well-known value
+ * which corresponds to a file that does not contain a key. */
 #define MAX_KEY_ID_FOR_TEST 32
+#define KEY_ID_IS_WELL_KNOWN( key_id )                  \
+    ( ( key_id ) == PSA_CRYPTO_ITS_RANDOM_SEED_UID )
 #define TEST_MAX_KEY_ID( key_id )                       \
-    TEST_ASSERT( ( key_id ) <= MAX_KEY_ID_FOR_TEST )
+    TEST_ASSERT( ( key_id ) <= MAX_KEY_ID_FOR_TEST ||   \
+                 KEY_ID_IS_WELL_KNOWN( key_id ) )
 void psa_purge_key_storage( void )
 {
     psa_key_id_t i;

From 408319be3ab32f70af5b0d1fa6a9942ec64fe37d Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 10 Dec 2018 17:34:00 +0100
Subject: [PATCH 861/889] Remove redundant check for slot->allocated

This check became redundant when support for direct access to key
slots was removed.
---
 library/psa_crypto.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index d272334d4..554da4bb4 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -899,8 +899,6 @@ psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle )
     status = psa_get_key_slot( handle, &slot );
     if( status != PSA_SUCCESS )
         return( status );
-    if( ! slot->allocated )
-        return( PSA_ERROR_INVALID_HANDLE );
 
     return( psa_wipe_key_slot( slot ) );
 }

From 66fb126e87bb5ff67cc0fbe31ad2a4cc5c6ca08b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 10 Dec 2018 16:29:04 +0100
Subject: [PATCH 862/889] Move the key slot array to the slot management module

Move the key slot array and its initialization and wiping to the slot
management module.

Also move the lowest-level key slot access function psa_get_key_slot
and the auxiliary function for slot allocation
psa_internal_allocate_key_slot to the slot management module.
---
 library/psa_crypto.c                 | 76 +++++-----------------------
 library/psa_crypto_core.h            |  4 ++
 library/psa_crypto_slot_management.c | 76 ++++++++++++++++++++++++++++
 library/psa_crypto_slot_management.h | 20 ++++----
 4 files changed, 105 insertions(+), 71 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 554da4bb4..0ac1c2707 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -130,10 +130,8 @@ typedef struct
     void (* entropy_free )( mbedtls_entropy_context *ctx );
     mbedtls_entropy_context entropy;
     mbedtls_ctr_drbg_context ctr_drbg;
-    psa_key_slot_t key_slots[PSA_KEY_SLOT_COUNT];
     unsigned initialized : 1;
     unsigned rng_state : 2;
-    unsigned key_slots_initialized : 1;
 } psa_global_data_t;
 
 static psa_global_data_t global_data;
@@ -715,31 +713,6 @@ exit:
 }
 #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
 
-/* Access a key slot at the given handle. The handle of a key slot is
- * the index of the slot in the global slot array, plus one so that handles
- * start at 1 and not 0. */
-static psa_status_t psa_get_key_slot( psa_key_handle_t handle,
-                                      psa_key_slot_t **p_slot )
-{
-    psa_key_slot_t *slot = NULL;
-
-    GUARD_MODULE_INITIALIZED;
-
-    /* 0 is not a valid handle under any circumstance. This
-     * implementation provides slots number 1 to N where N is the
-     * number of available slots. */
-    if( handle == 0 || handle > ARRAY_LENGTH( global_data.key_slots ) )
-        return( PSA_ERROR_INVALID_HANDLE );
-    slot = &global_data.key_slots[handle - 1];
-
-    /* If the slot hasn't been allocated, the handle is invalid. */
-    if( ! slot->allocated )
-        return( PSA_ERROR_INVALID_HANDLE );
-
-    *p_slot = slot;
-    return( PSA_SUCCESS );
-}
-
 /* Retrieve an empty key slot (slot with no key data, but possibly
  * with some metadata such as a policy). */
 static psa_status_t psa_get_empty_key_slot( psa_key_handle_t handle,
@@ -834,7 +807,7 @@ static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot )
 
 /** Completely wipe a slot in memory, including its policy.
  * Persistent storage is not affected. */
-static psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot )
+psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot )
 {
     psa_status_t status = psa_remove_key_data_from_memory( slot );
     /* At this point, key material and other type-specific content has
@@ -844,20 +817,6 @@ static psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot )
     return( status );
 }
 
-psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle )
-{
-    for( *handle = PSA_KEY_SLOT_COUNT; *handle != 0; --( *handle ) )
-    {
-        psa_key_slot_t *slot = &global_data.key_slots[*handle - 1];
-        if( ! slot->allocated )
-        {
-            slot->allocated = 1;
-            return( PSA_SUCCESS );
-        }
-    }
-    return( PSA_ERROR_INSUFFICIENT_MEMORY );
-}
-
 psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle,
                                                psa_key_id_t id )
 {
@@ -4473,15 +4432,7 @@ psa_status_t mbedtls_psa_crypto_configure_entropy_sources(
 
 void mbedtls_psa_crypto_free( void )
 {
-    if( global_data.key_slots_initialized )
-    {
-        psa_key_handle_t key;
-        for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ )
-        {
-            psa_key_slot_t *slot = &global_data.key_slots[key - 1];
-            (void) psa_wipe_key_slot( slot );
-        }
-    }
+    psa_wipe_all_key_slots( );
     if( global_data.rng_state != RNG_NOT_INITIALIZED )
     {
         mbedtls_ctr_drbg_free( &global_data.ctr_drbg );
@@ -4495,7 +4446,7 @@ void mbedtls_psa_crypto_free( void )
 
 psa_status_t psa_crypto_init( void )
 {
-    int ret;
+    psa_status_t status;
     const unsigned char drbg_seed[] = "PSA";
 
     /* Double initialization is explicitly allowed. */
@@ -4513,25 +4464,26 @@ psa_status_t psa_crypto_init( void )
     global_data.entropy_init( &global_data.entropy );
     mbedtls_ctr_drbg_init( &global_data.ctr_drbg );
     global_data.rng_state = RNG_INITIALIZED;
-    ret = mbedtls_ctr_drbg_seed( &global_data.ctr_drbg,
-                                 mbedtls_entropy_func,
-                                 &global_data.entropy,
-                                 drbg_seed, sizeof( drbg_seed ) - 1 );
-    if( ret != 0 )
+    status = mbedtls_to_psa_error(
+        mbedtls_ctr_drbg_seed( &global_data.ctr_drbg,
+                               mbedtls_entropy_func,
+                               &global_data.entropy,
+                               drbg_seed, sizeof( drbg_seed ) - 1 ) );
+    if( status != PSA_SUCCESS )
         goto exit;
     global_data.rng_state = RNG_SEEDED;
 
-    /* Initialize the key slots. Zero-initialization has made all key
-     * slots empty, so there is nothing to do. */
-    global_data.key_slots_initialized = 1;
+    status = psa_initialize_key_slots( );
+    if( status != PSA_SUCCESS )
+        goto exit;
 
     /* All done. */
     global_data.initialized = 1;
 
 exit:
-    if( ret != 0 )
+    if( status != PSA_SUCCESS )
         mbedtls_psa_crypto_free( );
-    return( mbedtls_to_psa_error( ret ) );
+    return( status );
 }
 
 #endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h
index de877d344..ba6623564 100644
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@@ -59,4 +59,8 @@ typedef struct
     } data;
 } psa_key_slot_t;
 
+/** Completely wipe a slot in memory, including its policy.
+ * Persistent storage is not affected. */
+psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot );
+
 #endif /* PSA_CRYPTO_CORE_H */
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index ae5e146b9..6d5c7d4fa 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -29,6 +29,7 @@
 
 #include "psa/crypto.h"
 
+#include "psa_crypto_core.h"
 #include "psa_crypto_slot_management.h"
 #include "psa_crypto_storage.h"
 
@@ -43,6 +44,81 @@
 
 #define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
 
+typedef struct
+{
+    psa_key_slot_t key_slots[PSA_KEY_SLOT_COUNT];
+    unsigned key_slots_initialized : 1;
+} psa_global_data_t;
+
+psa_global_data_t global_data;
+
+/* Access a key slot at the given handle. The handle of a key slot is
+ * the index of the slot in the global slot array, plus one so that handles
+ * start at 1 and not 0. */
+psa_status_t psa_get_key_slot( psa_key_handle_t handle,
+                               psa_key_slot_t **p_slot )
+{
+    psa_key_slot_t *slot = NULL;
+
+    if( ! global_data.key_slots_initialized )
+        return( PSA_ERROR_BAD_STATE );
+
+    /* 0 is not a valid handle under any circumstance. This
+     * implementation provides slots number 1 to N where N is the
+     * number of available slots. */
+    if( handle == 0 || handle > ARRAY_LENGTH( global_data.key_slots ) )
+        return( PSA_ERROR_INVALID_HANDLE );
+    slot = &global_data.key_slots[handle - 1];
+
+    /* If the slot hasn't been allocated, the handle is invalid. */
+    if( ! slot->allocated )
+        return( PSA_ERROR_INVALID_HANDLE );
+
+    *p_slot = slot;
+    return( PSA_SUCCESS );
+}
+
+psa_status_t psa_initialize_key_slots( void )
+{
+    /* Nothing to do: program startup and psa_wipe_all_key_slots() both
+     * guarantee that the key slots are initialized to all-zero, which
+     * means that all the key slots are in a valid, empty state. */
+    global_data.key_slots_initialized = 1;
+    return( PSA_SUCCESS );
+}
+
+void psa_wipe_all_key_slots( void )
+{
+    psa_key_handle_t key;
+    for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ )
+    {
+        psa_key_slot_t *slot = &global_data.key_slots[key - 1];
+        (void) psa_wipe_key_slot( slot );
+    }
+    global_data.key_slots_initialized = 0;
+}
+
+/** Find a free key slot and mark it as in use.
+ *
+ * \param[out] handle   On success, a slot number that is not in use.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ */
+static psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle )
+{
+    for( *handle = PSA_KEY_SLOT_COUNT; *handle != 0; --( *handle ) )
+    {
+        psa_key_slot_t *slot = &global_data.key_slots[*handle - 1];
+        if( ! slot->allocated )
+        {
+            slot->allocated = 1;
+            return( PSA_SUCCESS );
+        }
+    }
+    return( PSA_ERROR_INSUFFICIENT_MEMORY );
+}
+
 psa_status_t psa_allocate_key( psa_key_type_t type,
                                size_t max_bits,
                                psa_key_handle_t *handle )
diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h
index cf244f266..ee37a2010 100644
--- a/library/psa_crypto_slot_management.h
+++ b/library/psa_crypto_slot_management.h
@@ -26,19 +26,21 @@
  * The value is a compile-time constant for now, for simplicity. */
 #define PSA_KEY_SLOT_COUNT 32
 
+/** Access a key slot at the given handle. */
+psa_status_t psa_get_key_slot( psa_key_handle_t handle,
+                               psa_key_slot_t **p_slot );
+
+/** Initialize the key slot structures. */
+psa_status_t psa_initialize_key_slots( void );
+
+/** Delete all data from key slots in memory. This does not affect persistent
+ * storage. */
+void psa_wipe_all_key_slots( void );
+
 /** \defgroup core_slot_management Internal functions exposed by the core
  * @{
  */
 
-/** Find a free key slot and mark it as in use.
- *
- * \param[out] handle   On success, a slot number that is not in use.
- *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- */
-psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle );
-
 /** Wipe an a key slot and mark it as available.
  *
  * This does not affect persistent storage.

From fa4135b13537840714fda55839ebc9822f2d0f51 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 10 Dec 2018 16:48:53 +0100
Subject: [PATCH 863/889] Move more slot management functions to the proper
 module

Move psa_load_persistent_key_into_slot,
psa_internal_make_key_persistent and psa_internal_release_key_slot to
the slot management module.

Expose psa_import_key_into_slot from the core.

After this commit, there are no longer any functions declared in
psa_crypto_slot_management.h and defined in psa_crypto.c. There are
still function calls in both directions between psa_crypto.c and
psa_crypto_slot_management.c.
---
 library/psa_crypto.c                 | 72 +--------------------
 library/psa_crypto_core.h            |  7 +++
 library/psa_crypto_slot_management.c | 94 ++++++++++++++++++++++++++++
 library/psa_crypto_slot_management.h | 39 ------------
 4 files changed, 104 insertions(+), 108 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 0ac1c2707..2c49eadcc 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -611,9 +611,9 @@ exit:
 /** Import key data into a slot. `slot->type` must have been set
  * previously. This function assumes that the slot does not contain
  * any key material yet. On failure, the slot content is unchanged. */
-static psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
-                                              const uint8_t *data,
-                                              size_t data_length )
+psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
+                                       const uint8_t *data,
+                                       size_t data_length )
 {
     psa_status_t status = PSA_SUCCESS;
 
@@ -692,27 +692,6 @@ static psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
     return( PSA_SUCCESS );
 }
 
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *p_slot )
-{
-    psa_status_t status = PSA_SUCCESS;
-    uint8_t *key_data = NULL;
-    size_t key_data_length = 0;
-
-    status = psa_load_persistent_key( p_slot->persistent_storage_id,
-                                      &( p_slot )->type,
-                                      &( p_slot )->policy, &key_data,
-                                      &key_data_length );
-    if( status != PSA_SUCCESS )
-        goto exit;
-    status = psa_import_key_into_slot( p_slot,
-                                       key_data, key_data_length );
-exit:
-    psa_free_persistent_key_data( key_data, key_data_length );
-    return( status );
-}
-#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
-
 /* Retrieve an empty key slot (slot with no key data, but possibly
  * with some metadata such as a policy). */
 static psa_status_t psa_get_empty_key_slot( psa_key_handle_t handle,
@@ -817,51 +796,6 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot )
     return( status );
 }
 
-psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle,
-                                               psa_key_id_t id )
-{
-#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-    psa_key_slot_t *slot;
-    psa_status_t status;
-
-    /* Reject id=0 because by general library conventions, 0 is an invalid
-     * value wherever possible. */
-    if( id == 0 )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    /* Reject high values because the file names are reserved for the
-     * library's internal use. */
-    if( id >= PSA_MAX_PERSISTENT_KEY_IDENTIFIER )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
-    status = psa_get_key_slot( handle, &slot );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    slot->lifetime = PSA_KEY_LIFETIME_PERSISTENT;
-    slot->persistent_storage_id = id;
-    status = psa_load_persistent_key_into_slot( slot );
-
-    return( status );
-
-#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
-    (void) handle;
-    (void) id;
-    return( PSA_ERROR_NOT_SUPPORTED );
-#endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */
-}
-
-psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle )
-{
-    psa_key_slot_t *slot;
-    psa_status_t status;
-
-    status = psa_get_key_slot( handle, &slot );
-    if( status != PSA_SUCCESS )
-        return( status );
-
-    return( psa_wipe_key_slot( slot ) );
-}
-
 psa_status_t psa_import_key( psa_key_handle_t handle,
                              psa_key_type_t type,
                              const uint8_t *data,
diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h
index ba6623564..24140b517 100644
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@@ -63,4 +63,11 @@ typedef struct
  * Persistent storage is not affected. */
 psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot );
 
+/** Import key data into a slot. `slot->type` must have been set
+ * previously. This function assumes that the slot does not contain
+ * any key material yet. On failure, the slot content is unchanged. */
+psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
+                                       const uint8_t *data,
+                                       size_t data_length );
+
 #endif /* PSA_CRYPTO_CORE_H */
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index 6d5c7d4fa..f623cc988 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -119,6 +119,28 @@ static psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle )
     return( PSA_ERROR_INSUFFICIENT_MEMORY );
 }
 
+/** Wipe a key slot and mark it as available.
+ *
+ * This does not affect persistent storage.
+ *
+ * \param handle        The key slot number to release.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_TAMPERING_DETECTED
+ */
+static psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle )
+{
+    psa_key_slot_t *slot;
+    psa_status_t status;
+
+    status = psa_get_key_slot( handle, &slot );
+    if( status != PSA_SUCCESS )
+        return( status );
+
+    return( psa_wipe_key_slot( slot ) );
+}
+
 psa_status_t psa_allocate_key( psa_key_type_t type,
                                size_t max_bits,
                                psa_key_handle_t *handle )
@@ -130,6 +152,78 @@ psa_status_t psa_allocate_key( psa_key_type_t type,
     return( psa_internal_allocate_key_slot( handle ) );
 }
 
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *p_slot )
+{
+    psa_status_t status = PSA_SUCCESS;
+    uint8_t *key_data = NULL;
+    size_t key_data_length = 0;
+
+    status = psa_load_persistent_key( p_slot->persistent_storage_id,
+                                      &( p_slot )->type,
+                                      &( p_slot )->policy, &key_data,
+                                      &key_data_length );
+    if( status != PSA_SUCCESS )
+        goto exit;
+    status = psa_import_key_into_slot( p_slot,
+                                       key_data, key_data_length );
+exit:
+    psa_free_persistent_key_data( key_data, key_data_length );
+    return( status );
+}
+#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
+
+/** Declare a slot as persistent and load it from storage.
+ *
+ * This function may only be called immediately after a successful call
+ * to psa_internal_allocate_key_slot().
+ *
+ * \param handle        A handle to a key slot freshly allocated with
+ *                      psa_internal_allocate_key_slot().
+ *
+ * \retval #PSA_SUCCESS
+ *         The slot content was loaded successfully.
+ * \retval #PSA_ERROR_EMPTY_SLOT
+ *         There is no content for this slot in persistent storage.
+ * \retval #PSA_ERROR_INVALID_HANDLE
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ *         \p id is not acceptable.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_ERROR_STORAGE_FAILURE
+ */
+static psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle,
+                                                      psa_key_id_t id )
+{
+#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
+    psa_key_slot_t *slot;
+    psa_status_t status;
+
+    /* Reject id=0 because by general library conventions, 0 is an invalid
+     * value wherever possible. */
+    if( id == 0 )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    /* Reject high values because the file names are reserved for the
+     * library's internal use. */
+    if( id >= PSA_MAX_PERSISTENT_KEY_IDENTIFIER )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
+    status = psa_get_key_slot( handle, &slot );
+    if( status != PSA_SUCCESS )
+        return( status );
+
+    slot->lifetime = PSA_KEY_LIFETIME_PERSISTENT;
+    slot->persistent_storage_id = id;
+    status = psa_load_persistent_key_into_slot( slot );
+
+    return( status );
+
+#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+    (void) handle;
+    (void) id;
+    return( PSA_ERROR_NOT_SUPPORTED );
+#endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */
+}
+
 static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime,
                                           psa_key_id_t id,
                                           psa_key_handle_t *handle,
diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h
index ee37a2010..a2e52ba32 100644
--- a/library/psa_crypto_slot_management.h
+++ b/library/psa_crypto_slot_management.h
@@ -37,43 +37,4 @@ psa_status_t psa_initialize_key_slots( void );
  * storage. */
 void psa_wipe_all_key_slots( void );
 
-/** \defgroup core_slot_management Internal functions exposed by the core
- * @{
- */
-
-/** Wipe an a key slot and mark it as available.
- *
- * This does not affect persistent storage.
- *
- * \param handle        The key slot number to release.
- *
- * \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- * \retval #PSA_ERROR_TAMPERING_DETECTED
- */
-psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle );
-
-/** Declare a slot as persistent and load it from storage.
- *
- * This function may only be called immediately after a successful call
- * to psa_internal_allocate_key_slot().
- *
- * \param handle        A handle to a key slot freshly allocated with
- *                      psa_internal_allocate_key_slot().
- *
- * \retval #PSA_SUCCESS
- *         The slot content was loaded successfully.
- * \retval #PSA_ERROR_EMPTY_SLOT
- *         There is no content for this slot in persistent storage.
- * \retval #PSA_ERROR_INVALID_HANDLE
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         \p id is not acceptable.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * \retval #PSA_ERROR_STORAGE_FAILURE
- */
-psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle,
-                                               psa_key_id_t id );
-
-/**@}*/
-
 #endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */

From 09829036ab8e2757c00848c72c724fa7bf728deb Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 10 Dec 2018 17:00:38 +0100
Subject: [PATCH 864/889] Document some functions in internal headers

---
 library/psa_crypto_core.h            | 34 ++++++++++++++++++++++++----
 library/psa_crypto_slot_management.h | 26 +++++++++++++++++----
 2 files changed, 52 insertions(+), 8 deletions(-)

diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h
index 24140b517..c28968197 100644
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@@ -60,12 +60,38 @@ typedef struct
 } psa_key_slot_t;
 
 /** Completely wipe a slot in memory, including its policy.
- * Persistent storage is not affected. */
+ *
+ * Persistent storage is not affected.
+ *
+ * \param[in,out] slot  The key slot to wipe.
+ *
+ * \retval PSA_SUCCESS
+ *         Success. This includes the case of a key slot that was
+ *         already fully wiped.
+ * \retval PSA_ERROR_TAMPERING_DETECTED
+ */
 psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot );
 
-/** Import key data into a slot. `slot->type` must have been set
- * previously. This function assumes that the slot does not contain
- * any key material yet. On failure, the slot content is unchanged. */
+/** Import key data into a slot.
+ *
+ * `slot->type` must have been set previously.
+ * This function assumes that the slot does not contain any key material yet.
+ * On failure, the slot content is unchanged.
+ *
+ * Persistent storage is not affected.
+ *
+ * \param[in,out] slot  The key slot to import data into.
+ *                      Its `type` field must have previously been set to
+ *                      the desired key type.
+ *                      It must not contain any key material yet.
+ * \param[in] data      Buffer containing the key material to parse and import.
+ * \param data_length   Size of \p data in bytes.
+ *
+ * \retval PSA_SUCCESS
+ * \retval PSA_ERROR_INVALID_ARGUMENT
+ * \retval PSA_ERROR_NOT_SUPPORTED
+ * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ */
 psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
                                        const uint8_t *data,
                                        size_t data_length );
diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h
index a2e52ba32..6746bad91 100644
--- a/library/psa_crypto_slot_management.h
+++ b/library/psa_crypto_slot_management.h
@@ -26,15 +26,33 @@
  * The value is a compile-time constant for now, for simplicity. */
 #define PSA_KEY_SLOT_COUNT 32
 
-/** Access a key slot at the given handle. */
+/** Access a key slot at the given handle.
+ *
+ * \param handle        Key handle to query.
+ * \param[out] p_slot   On success, `*p_slot` contains a pointer to the
+ *                      key slot in memory designated by \p handle.
+ *
+ * \retval PSA_SUCCESS
+ *         Success: \p handle is a handle to `*p_slot`. Note that `*p_slot`
+ *         may be empty or occupied.
+ * \retval PSA_ERROR_INVALID_HANDLE
+ *         \p handle is out of range or is not in use.
+ * \retval PSA_ERROR_BAD_STATE
+ *         The library has not been initialized.
+ */
 psa_status_t psa_get_key_slot( psa_key_handle_t handle,
                                psa_key_slot_t **p_slot );
 
-/** Initialize the key slot structures. */
+/** Initialize the key slot structures.
+ *
+ * \retval PSA_SUCCESS
+ *         Currently this function always succeeds.
+ */
 psa_status_t psa_initialize_key_slots( void );
 
-/** Delete all data from key slots in memory. This does not affect persistent
- * storage. */
+/** Delete all data from key slots in memory.
+ *
+ * This does not affect persistent storage. */
 void psa_wipe_all_key_slots( void );
 
 #endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */

From 79a11d6c422be6662cb17a9bdd1255807f33549f Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 11 Dec 2018 15:33:21 +0100
Subject: [PATCH 865/889] Test invalid lifetime regardless of support for
 persistent keys

Even if persistent keys are not supported, psa_open_key and
psa_create_key must fail if invoked with an invalid lifetime value.
---
 tests/suites/test_suite_psa_crypto_slot_management.data | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data
index 46dbea2c0..39661b9ed 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.data
+++ b/tests/suites/test_suite_psa_crypto_slot_management.data
@@ -50,19 +50,15 @@ depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
 open_fail:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_EMPTY_SLOT
 
 Open failure: volatile lifetime
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
 open_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT
 
 Open failure: invalid lifetime
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
 open_fail:0x7fffffff:0:PSA_ERROR_INVALID_ARGUMENT
 
 Create failure: volatile lifetime
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
 create_fail:PSA_KEY_LIFETIME_VOLATILE:1:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT
 
 Create failure: invalid lifetime
-depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
 create_fail:0x7fffffff:0:PSA_KEY_TYPE_RAW_DATA:8:PSA_ERROR_INVALID_ARGUMENT
 
 Create failure: invalid key id (0)

From 23fd2bdb94c8f182ba14471d857d248236129bbd Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 11 Dec 2018 15:51:32 +0100
Subject: [PATCH 866/889] Update some documentation related to key slots

Some of the documentation is obsolete in its reference to key slots
when it should discuss key handles. This may require a further pass,
possibly with some reorganization of error codes.

Update the documentation of functions that modify key slots (key
material creation and psa_set_key_policy()) to discuss how they affect
storage.
---
 include/psa/crypto.h                 | 51 +++++++++++++++++++++-------
 library/psa_crypto_slot_management.c |  5 +--
 2 files changed, 41 insertions(+), 15 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 4aea9905d..c58d22ae4 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -41,8 +41,8 @@
  * This type represents open handles to keys. It must be an unsigned integral
  * type. The choice of type is implementation-dependent.
  *
- * 0 is not a valid key slot number. The meaning of other values is
- * implementation dependent.
+ * 0 is not a valid key handle. How other handle values are assigned is
+ * implementation-dependent.
  */
 typedef _unsigned_integral_type_ psa_key_handle_t;
 
@@ -129,17 +129,17 @@ typedef int32_t psa_status_t;
 /** A slot is occupied, but must be empty to carry out the
  * requested action.
  *
- * If the slot number is invalid (i.e. the requested action could
- * not be performed even after erasing the slot's content),
- * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */
+ * If a handle is invalid, it does not designate an occupied slot.
+ * The error for an invalid handle is #PSA_ERROR_INVALID_HANDLE.
+ */
 #define PSA_ERROR_OCCUPIED_SLOT         ((psa_status_t)5)
 
 /** A slot is empty, but must be occupied to carry out the
  * requested action.
  *
- * If the slot number is invalid (i.e. the requested action could
- * not be performed even after creating appropriate content in the slot),
- * implementations shall return #PSA_ERROR_INVALID_ARGUMENT instead. */
+ * If a handle is invalid, it does not designate an empty slot.
+ * The error for an invalid handle is #PSA_ERROR_INVALID_HANDLE.
+ */
 #define PSA_ERROR_EMPTY_SLOT            ((psa_status_t)6)
 
 /** The requested action cannot be performed in the current state.
@@ -162,7 +162,12 @@ typedef int32_t psa_status_t;
  * Implementations shall not return this error code to indicate
  * that a key slot is occupied when it needs to be free or vice versa,
  * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT
- * as applicable. */
+ * as applicable.
+ *
+ * Implementation shall not return this error code to indicate that a
+ * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE
+ * instead.
+ */
 #define PSA_ERROR_INVALID_ARGUMENT      ((psa_status_t)8)
 
 /** There is not enough runtime memory.
@@ -1409,13 +1414,22 @@ typedef uint32_t psa_key_lifetime_t;
  */
 typedef uint32_t psa_key_id_t;
 
-/** A volatile key slot retains its content as long as the application is
- * running. It is guaranteed to be erased on a power reset.
+/** A volatile key only exists as long as the handle to it is not closed.
+ * The key material is guaranteed to be erased on a power reset.
  */
 #define PSA_KEY_LIFETIME_VOLATILE               ((psa_key_lifetime_t)0x00000000)
 
-/** A persistent key slot retains its content as long as it is not explicitly
- * destroyed.
+/** The default storage area for persistent keys.
+ *
+ * A persistent key remains in storage until it is explicitly destroyed or
+ * until the corresponding storage area is wiped. This specification does
+ * not define any mechanism to wipe a storage area, but implementations may
+ * provide their own mechanism (for example to perform a factory reset,
+ * to prepare for device refurbishment, or to uninstall an application).
+ *
+ * This lifetime value is the default storage area for the calling
+ * application. Implementations may offer other storage areas designated
+ * by other lifetime values as implementation-specific extensions.
  */
 #define PSA_KEY_LIFETIME_PERSISTENT             ((psa_key_lifetime_t)0x00000001)
 
@@ -1599,6 +1613,8 @@ psa_status_t psa_close_key(psa_key_handle_t handle);
  *
  * \retval #PSA_SUCCESS
  *         Success.
+ *         If the key is persistent, the key material and the key's metadata
+ *         have been saved to persistent storage.
  * \retval #PSA_ERROR_INVALID_HANDLE
  * \retval #PSA_ERROR_NOT_SUPPORTED
  *         The key type or key size is not supported, either by the
@@ -2009,6 +2025,10 @@ psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy);
  * \param[in] policy    The policy object to query.
  *
  * \retval #PSA_SUCCESS
+ *         Success.
+ *         If the key is persistent, it is implementation-defined whether
+ *         the policy has been saved to persistent storage. Implementations
+ *         may defer saving the policy until the key material is created.
  * \retval #PSA_ERROR_INVALID_HANDLE
  * \retval #PSA_ERROR_OCCUPIED_SLOT
  * \retval #PSA_ERROR_NOT_SUPPORTED
@@ -3292,6 +3312,8 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator,
  *
  * \retval #PSA_SUCCESS
  *         Success.
+ *         If the key is persistent, the key material and the key's metadata
+ *         have been saved to persistent storage.
  * \retval #PSA_ERROR_INSUFFICIENT_CAPACITY
  *                          There were fewer than \p output_length bytes
  *                          in the generator. Note that in this case, no
@@ -3542,6 +3564,9 @@ typedef struct {
  *                          \c NULL then \p extra_size must be zero.
  *
  * \retval #PSA_SUCCESS
+ *         Success.
+ *         If the key is persistent, the key material and the key's metadata
+ *         have been saved to persistent storage.
  * \retval #PSA_ERROR_INVALID_HANDLE
  * \retval #PSA_ERROR_OCCUPIED_SLOT
  *         There is already a key in the specified slot.
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index f623cc988..4e193b56b 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -100,7 +100,8 @@ void psa_wipe_all_key_slots( void )
 
 /** Find a free key slot and mark it as in use.
  *
- * \param[out] handle   On success, a slot number that is not in use.
+ * \param[out] handle   On success, a slot number that is not in use. This
+ *                      value can be used as a handle to the slot.
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
@@ -123,7 +124,7 @@ static psa_status_t psa_internal_allocate_key_slot( psa_key_handle_t *handle )
  *
  * This does not affect persistent storage.
  *
- * \param handle        The key slot number to release.
+ * \param handle        The handle to the key slot to release.
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_INVALID_ARGUMENT

From 76965bb678b54784ccabeb2ac9a7a323898a2182 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 12 Dec 2018 10:48:06 +0100
Subject: [PATCH 867/889] Remove MBEDTLS_USE_PSA_CRYPTO tests from all.sh

This branch isn't expected to keep USE_PSA_CRYPTO working.
---
 tests/scripts/all.sh | 29 -----------------------------
 1 file changed, 29 deletions(-)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 6af13e660..43f1db600 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -573,35 +573,6 @@ if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_
 msg "test: compat.sh ARIA + ChachaPoly"
 if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
 
-# MBEDTLS_USE_PSA_CRYPTO: run the same set of tests as basic-build-test.sh
-msg "build: cmake, full config + MBEDTLS_USE_PSA_CRYPTO, ASan"
-cleanup
-cp "$CONFIG_H" "$CONFIG_BAK"
-scripts/config.pl full
-scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
-scripts/config.pl set MBEDTLS_PSA_CRYPTO_C
-scripts/config.pl set MBEDTLS_USE_PSA_CRYPTO
-CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
-make
-
-msg "test: main suites (MBEDTLS_USE_PSA_CRYPTO)"
-make test
-
-msg "test: ssl-opt.sh (MBEDTLS_USE_PSA_CRYPTO)"
-if_build_succeeded tests/ssl-opt.sh
-
-msg "test: compat.sh default (MBEDTLS_USE_PSA_CRYPTO)"
-if_build_succeeded tests/compat.sh
-
-msg "test: compat.sh ssl3 (MBEDTLS_USE_PSA_CRYPTO)"
-if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" tests/compat.sh -m 'ssl3'
-
-msg "test: compat.sh RC4, DES & NULL (MBEDTLS_USE_PSA_CRYPTO)"
-if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR'
-
-msg "test: compat.sh ARIA + ChachaPoly (MBEDTLS_USE_PSA_CRYPTO)"
-if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
-
 msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s
 cleanup
 cp "$CONFIG_H" "$CONFIG_BAK"

From 2e14bd3aaff4e00ba330763f89b3109783e20303 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 12 Dec 2018 14:05:08 +0100
Subject: [PATCH 868/889] Add missing static on file-scope variable

---
 library/psa_crypto_slot_management.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index 4e193b56b..0b4399f5e 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -50,7 +50,7 @@ typedef struct
     unsigned key_slots_initialized : 1;
 } psa_global_data_t;
 
-psa_global_data_t global_data;
+static psa_global_data_t global_data;
 
 /* Access a key slot at the given handle. The handle of a key slot is
  * the index of the slot in the global slot array, plus one so that handles

From 3d2f949c86914616d974dbe2de56a162cc7b61f5 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 17 Dec 2018 23:17:17 +0100
Subject: [PATCH 869/889] Move the ARRAY_LENGTH macro to the common helpers
 file

---
 tests/suites/helpers.function               | 3 +++
 tests/suites/test_suite_psa_crypto.function | 2 --
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function
index cbe3fa0d4..38c16ad50 100644
--- a/tests/suites/helpers.function
+++ b/tests/suites/helpers.function
@@ -150,6 +150,9 @@ typedef struct data_tag
     mbedtls_exit( 1 );                                             \
 }
 
+/** Return the number of elements of a static or stack array. */
+#define ARRAY_LENGTH( array )                   \
+    ( sizeof( array ) / sizeof( *( array ) ) )
 /*
  * 32-bit integer manipulation macros (big endian)
  */
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index c40ac5f7d..311a48d6c 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -13,8 +13,6 @@
 
 #define MAX( x, y ) ( ( x ) > ( y ) ? ( x ) : ( y ) )
 
-#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
-
 #if(UINT32_MAX > SIZE_MAX)
 #define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) ( ( x ) <= SIZE_MAX )
 #else

From f055ad751246215a9760f6b053fd763470842b3a Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 17 Dec 2018 23:18:00 +0100
Subject: [PATCH 870/889] Add a safety check to ARRAY_LENGTH

Cause a compilation error on ARRAY_LENGTH(p) where p is a pointer as
opposed to an array. This only works under GCC and compatible
compilers such as Clang. On other compilers, ARRAY_LENGTH works but
doesn't check the type of its argument.
---
 tests/suites/helpers.function | 36 +++++++++++++++++++++++++++++++++--
 1 file changed, 34 insertions(+), 2 deletions(-)

diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function
index 38c16ad50..4a9d2a3bb 100644
--- a/tests/suites/helpers.function
+++ b/tests/suites/helpers.function
@@ -150,9 +150,41 @@ typedef struct data_tag
     mbedtls_exit( 1 );                                             \
 }
 
-/** Return the number of elements of a static or stack array. */
-#define ARRAY_LENGTH( array )                   \
+#if defined(__GNUC__)
+/* Test if arg and &(arg)[0] have the same type. This is true if arg is
+ * an array but not if it's a pointer. */
+#define IS_ARRAY_NOT_POINTER( arg )                                     \
+    ( ! __builtin_types_compatible_p( __typeof__( arg ),                \
+                                      __typeof__( &( arg )[0] ) ) )
+#else
+/* On platforms where we don't know how to implement this check,
+ * omit it. Oh well, a non-portable check is better than nothing. */
+#define IS_ARRAY_NOT_POINTER( arg ) 1
+#endif
+
+/* A compile-time constant with the value 0. If `const_expr` is not a
+ * compile-time constant with a nonzero value, cause a compile-time error. */
+#define STATIC_ASSERT_EXPR( const_expr )                                \
+    ( 0 && sizeof( struct { int STATIC_ASSERT : 1 - 2 * ! ( const_expr ); } ) )
+/* Return the scalar value `value` (possibly promoted). This is a compile-time
+ * constant if `value` is. `condition` must be a compile-time constant.
+ * If `condition` is false, arrange to cause a compile-time error. */
+#define STATIC_ASSERT_THEN_RETURN( condition, value )   \
+    ( STATIC_ASSERT_EXPR( condition ) ? 0 : ( value ) )
+
+#define ARRAY_LENGTH_UNSAFE( array )            \
     ( sizeof( array ) / sizeof( *( array ) ) )
+/** Return the number of elements of a static or stack array.
+ *
+ * \param array         A value of array (not pointer) type.
+ *
+ * \return The number of elements of the array.
+ */
+#define ARRAY_LENGTH( array )                                           \
+    ( STATIC_ASSERT_THEN_RETURN( IS_ARRAY_NOT_POINTER( array ),         \
+                                 ARRAY_LENGTH_UNSAFE( array ) ) )
+
+
 /*
  * 32-bit integer manipulation macros (big endian)
  */

From 0174be2c1723952487026cabfefaaad75b08756a Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 17 Dec 2018 23:26:01 +0100
Subject: [PATCH 871/889] Move the PSA_ASSERT macro to the common helpers file

It's potentially useful in all PSA test suites, of which there are now
several.
---
 tests/suites/helpers.function                             | 8 ++++++++
 .../suites/test_suite_psa_crypto_slot_management.function | 2 --
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function
index 4a9d2a3bb..316c06e31 100644
--- a/tests/suites/helpers.function
+++ b/tests/suites/helpers.function
@@ -90,6 +90,14 @@ typedef struct data_tag
         }                                           \
     } while( 0 )
 
+/** Evaluate an expression and fail the test case if it returns an error.
+ *
+ * \param expr      The expression to evaluate. This is typically a call
+ *                  to a \c psa_xxx function that returns a value of type
+ *                  #psa_status_t.
+ */
+#define PSA_ASSERT( expr ) TEST_ASSERT( ( expr ) == PSA_SUCCESS )
+
 /** Allocate memory dynamically and fail the test case if this fails.
  *
  * You must set \p pointer to \c NULL before calling this macro and
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
index fdcb5a949..407d24b1c 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.function
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -8,8 +8,6 @@
 
 #include "psa_crypto_storage.h"
 
-#define PSA_ASSERT( expr ) TEST_ASSERT( ( expr ) == PSA_SUCCESS )
-
 typedef enum
 {
     CLOSE_BY_CLOSE,

From 5f7aeeea06a3954f307e41f2ba149cea10aa038b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 17 Dec 2018 23:26:52 +0100
Subject: [PATCH 872/889] New test macro TEST_EQUAL

TEST_EQUAL(expr1, expr2) is just TEST_ASSERT((expr1) == (expr2)) for
now, but in the future I hope that it will print out the differing
values.
---
 tests/suites/helpers.function | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function
index 316c06e31..da843b2b3 100644
--- a/tests/suites/helpers.function
+++ b/tests/suites/helpers.function
@@ -90,13 +90,23 @@ typedef struct data_tag
         }                                           \
     } while( 0 )
 
+/** Evaluate two expressions and fail the test case if they have different
+ * values.
+ *
+ * \param expr1     An expression to evaluate.
+ * \param expr2     The expected value of \p expr1. This can be any
+ *                  expression, but it is typically a constant.
+ */
+#define TEST_EQUAL( expr1, expr2 )              \
+    TEST_ASSERT( ( expr1 ) == ( expr2 ) )
+
 /** Evaluate an expression and fail the test case if it returns an error.
  *
  * \param expr      The expression to evaluate. This is typically a call
  *                  to a \c psa_xxx function that returns a value of type
  *                  #psa_status_t.
  */
-#define PSA_ASSERT( expr ) TEST_ASSERT( ( expr ) == PSA_SUCCESS )
+#define PSA_ASSERT( expr ) TEST_EQUAL( ( expr ), PSA_SUCCESS )
 
 /** Allocate memory dynamically and fail the test case if this fails.
  *

From 9d8eea7e19a625e5e061007162343d7ee1b36970 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 17 Dec 2018 23:34:57 +0100
Subject: [PATCH 873/889] Wrap some multiline expressions in parentheses

This guarantees that they'll be indented as desired under most
indentation rules.
---
 tests/suites/test_suite_psa_crypto.function | 24 ++++++++++-----------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 311a48d6c..11e4dbb0b 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -2135,8 +2135,8 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_cipher_set_iv( &operation,
                                     iv, iv_size ) == PSA_SUCCESS );
-    output_buffer_size = (size_t) input->len +
-                         PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
+    output_buffer_size = ( (size_t) input->len +
+                           PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
     ASSERT_ALLOC( output, output_buffer_size );
 
     TEST_ASSERT( psa_cipher_update( &operation,
@@ -2210,8 +2210,8 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( psa_cipher_set_iv( &operation,
                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
-    output_buffer_size = (size_t) input->len +
-                         PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
+    output_buffer_size = ( (size_t) input->len +
+                           PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
     ASSERT_ALLOC( output, output_buffer_size );
 
     TEST_ASSERT( (unsigned int) first_part_size < input->len );
@@ -2289,8 +2289,8 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_cipher_set_iv( &operation,
                                     iv, sizeof( iv ) ) == PSA_SUCCESS );
 
-    output_buffer_size = (size_t) input->len +
-                         PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
+    output_buffer_size = ( (size_t) input->len +
+                           PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
     ASSERT_ALLOC( output, output_buffer_size );
 
     TEST_ASSERT( (unsigned int) first_part_size < input->len );
@@ -2369,8 +2369,8 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_cipher_set_iv( &operation,
                                     iv, iv_size ) == PSA_SUCCESS );
 
-    output_buffer_size = (size_t) input->len +
-                         PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
+    output_buffer_size = ( (size_t) input->len +
+                           PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
     ASSERT_ALLOC( output, output_buffer_size );
 
     TEST_ASSERT( psa_cipher_update( &operation,
@@ -2445,8 +2445,8 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
     TEST_ASSERT( psa_cipher_generate_iv( &operation1,
                                          iv, iv_size,
                                          &iv_length ) == PSA_SUCCESS );
-    output1_size = (size_t) input->len +
-                   PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
+    output1_size = ( (size_t) input->len +
+                     PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
     ASSERT_ALLOC( output1, output1_size );
 
     TEST_ASSERT( psa_cipher_update( &operation1, input->x, input->len,
@@ -2536,8 +2536,8 @@ void cipher_verify_output_multipart( int alg_arg,
     TEST_ASSERT( psa_cipher_generate_iv( &operation1,
                                          iv, iv_size,
                                          &iv_length ) == PSA_SUCCESS );
-    output1_buffer_size = (size_t) input->len +
-                          PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
+    output1_buffer_size = ( (size_t) input->len +
+                            PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
     ASSERT_ALLOC( output1, output1_buffer_size );
 
     TEST_ASSERT( (unsigned int) first_part_size < input->len );

From 0f915f1d2a53cd390224376b6365f73fe58868a6 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 17 Dec 2018 23:35:42 +0100
Subject: [PATCH 874/889] Indent PSA tests according to K&R rules with Mbed TLS
 tweaks

Only whitespace changes in this commit.
---
 tests/suites/test_suite_psa_crypto.function   | 30 +++++++++----------
 .../test_suite_psa_crypto_hash.function       |  4 +--
 .../test_suite_psa_crypto_metadata.function   |  2 +-
 ...t_suite_psa_crypto_persistent_key.function | 12 ++++----
 4 files changed, 24 insertions(+), 24 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 11e4dbb0b..d6b5e5154 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -617,7 +617,7 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits,
         if( ! asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) )
             goto exit;
         TEST_ASSERT( p == end );
-     }
+    }
     else
 #endif /* MBEDTLS_RSA_C */
 
@@ -1210,7 +1210,7 @@ void export_after_import_failure( data_t *data, int type_arg,
 
     /* Import the key - expect failure */
     status = psa_import_key( handle, type,
-                                 data->x, data->len );
+                             data->x, data->len );
     TEST_ASSERT( status == expected_import_status );
 
     /* Export the key */
@@ -1242,7 +1242,7 @@ void cipher_after_import_failure( data_t *data, int type_arg,
 
     /* Import the key - expect failure */
     status = psa_import_key( handle, type,
-                                 data->x, data->len );
+                             data->x, data->len );
     TEST_ASSERT( status == expected_import_status );
 
     status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg );
@@ -1832,19 +1832,19 @@ void hash_bad_order( )
     memset( &operation, 0, sizeof( operation ) );
     TEST_ASSERT( psa_hash_update( &operation,
                                   input, sizeof( input ) ) ==
-                                  PSA_ERROR_INVALID_ARGUMENT );
+                 PSA_ERROR_INVALID_ARGUMENT );
 
     /* psa_hash_verify without calling psa_hash_setup beforehand */
     memset( &operation, 0, sizeof( operation ) );
     TEST_ASSERT( psa_hash_verify( &operation,
                                   hash, sizeof( hash ) ) ==
-                                  PSA_ERROR_INVALID_ARGUMENT );
+                 PSA_ERROR_INVALID_ARGUMENT );
 
     /* psa_hash_finish without calling psa_hash_setup beforehand */
     memset( &operation, 0, sizeof( operation ) );
     TEST_ASSERT( psa_hash_finish( &operation,
                                   hash, sizeof( hash ), &hash_len ) ==
-                                  PSA_ERROR_INVALID_ARGUMENT );
+                 PSA_ERROR_INVALID_ARGUMENT );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -1870,19 +1870,19 @@ void hash_verify_bad_args( )
     TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_verify( &operation,
                                   hash, expected_size - 1 ) ==
-                                  PSA_ERROR_INVALID_SIGNATURE );
+                 PSA_ERROR_INVALID_SIGNATURE );
 
     /* psa_hash_verify with a non-matching hash */
     TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_verify( &operation,
                                   hash + 1, expected_size ) ==
-                                  PSA_ERROR_INVALID_SIGNATURE );
+                 PSA_ERROR_INVALID_SIGNATURE );
 
     /* psa_hash_verify with a hash longer than expected */
     TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
     TEST_ASSERT( psa_hash_verify( &operation,
                                   hash, sizeof( hash ) ) ==
-                                  PSA_ERROR_INVALID_SIGNATURE );
+                 PSA_ERROR_INVALID_SIGNATURE );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -4143,7 +4143,7 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg,
             psa_key_policy_set_usage( &base_policy_set, PSA_KEY_USAGE_DERIVE,
                                       base_policy_alg );
             TEST_ASSERT( psa_set_key_policy(
-                base_key, &base_policy_set ) == PSA_SUCCESS );
+                             base_key, &base_policy_set ) == PSA_SUCCESS );
             TEST_ASSERT( psa_import_key( base_key, PSA_KEY_TYPE_DERIVE,
                                          data->x, data->len ) == PSA_SUCCESS );
             /* Derive a key. */
@@ -4152,8 +4152,8 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg,
                                              NULL, 0, NULL, 0,
                                              export_size ) == PSA_SUCCESS );
             TEST_ASSERT( psa_generator_import_key(
-                handle, PSA_KEY_TYPE_RAW_DATA,
-                bits, &generator ) == PSA_SUCCESS );
+                             handle, PSA_KEY_TYPE_RAW_DATA,
+                             bits, &generator ) == PSA_SUCCESS );
             break;
     }
 
@@ -4169,15 +4169,15 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg,
     TEST_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, 1,
                                &handle ) == PSA_SUCCESS );
     TEST_ASSERT( psa_get_key_information(
-        handle, &type_get, &bits_get ) == PSA_SUCCESS );
+                     handle, &type_get, &bits_get ) == PSA_SUCCESS );
     TEST_ASSERT( type_get == type );
     TEST_ASSERT( bits_get == (size_t) bits );
 
     TEST_ASSERT( psa_get_key_policy( handle, &policy_get ) == PSA_SUCCESS );
     TEST_ASSERT( psa_key_policy_get_usage(
-        &policy_get ) == policy_usage );
+                     &policy_get ) == policy_usage );
     TEST_ASSERT( psa_key_policy_get_algorithm(
-        &policy_get ) == policy_alg );
+                     &policy_get ) == policy_alg );
 
     /* Export the key again */
     TEST_ASSERT( psa_export_key( handle, second_export, export_size,
diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function
index 14e6a9769..bed80e262 100644
--- a/tests/suites/test_suite_psa_crypto_hash.function
+++ b/tests/suites/test_suite_psa_crypto_hash.function
@@ -15,7 +15,7 @@
  * END_DEPENDENCIES
  */
 
- /* BEGIN_CASE */
+/* BEGIN_CASE */
 void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
 {
     psa_algorithm_t alg = alg_arg;
@@ -80,7 +80,7 @@ void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash )
                                       input->x, len ) == PSA_SUCCESS );
         TEST_ASSERT( psa_hash_update( &operation,
                                       input->x + len, input->len - len ) ==
-                                      PSA_SUCCESS );
+                     PSA_SUCCESS );
 
         TEST_ASSERT( psa_hash_finish( &operation,
                                       actual_hash, sizeof( actual_hash ),
diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
index a8316c40d..af11e7ae1 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.function
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -46,7 +46,7 @@
 #define KEY_TYPE_IS_DSA                 ( 1u << 5 )
 #define KEY_TYPE_IS_ECC                 ( 1u << 6 )
 
-#define TEST_CLASSIFICATION_MACRO( flag, alg, flags )            \
+#define TEST_CLASSIFICATION_MACRO( flag, alg, flags )           \
     TEST_ASSERT( PSA_##flag( alg ) == !! ( ( flags ) & flag ) )
 
 void algorithm_classification( psa_algorithm_t alg, unsigned flags )
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function
index 08c7ca017..aa8fddd3a 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.function
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.function
@@ -103,7 +103,7 @@ void save_large_persistent_key( int data_too_large, int expected_status )
                                  &handle ) == PSA_SUCCESS );
 
     TEST_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_RAW_DATA,
-        data, data_length ) == expected_status );
+                                 data, data_length ) == expected_status );
 
 exit:
     mbedtls_free( data );
@@ -135,8 +135,8 @@ void persistent_key_destroy( int key_id_arg, int should_store,
     if( should_store == 1 )
     {
         TEST_ASSERT( psa_import_key(
-            handle, first_type,
-            first_data->x, first_data->len ) == PSA_SUCCESS );
+                         handle, first_type,
+                         first_data->x, first_data->len ) == PSA_SUCCESS );
     }
 
     /* Destroy the key */
@@ -158,8 +158,8 @@ void persistent_key_destroy( int key_id_arg, int should_store,
                                  PSA_BYTES_TO_BITS( second_data->len ),
                                  &handle ) == PSA_SUCCESS );
     TEST_ASSERT( psa_import_key(
-        handle, second_type,
-        second_data->x, second_data->len ) == PSA_SUCCESS );
+                     handle, second_type,
+                     second_data->x, second_data->len ) == PSA_SUCCESS );
 
 exit:
     mbedtls_psa_crypto_free();
@@ -240,7 +240,7 @@ void import_export_persistent_key( data_t *data, int type_arg,
 
     /* Test the key information */
     TEST_ASSERT( psa_get_key_information(
-        handle, &got_type, &got_bits ) == PSA_SUCCESS );
+                     handle, &got_type, &got_bits ) == PSA_SUCCESS );
     TEST_ASSERT( got_type == type );
     TEST_ASSERT( got_bits == (size_t) expected_bits );
 

From 8817f6100735acf18dc35849335317a27c0a9b68 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 18 Dec 2018 00:18:46 +0100
Subject: [PATCH 875/889] Use PSA_ASSERT(a) in preference to
 TEST_ASSERT(a==PSA_SUCCESS)

This commit is the result of the following command, followed by
reindenting (but not wrapping lines):

perl -00 -i -pe 's/^( *)TEST_ASSERT\(([^;=]*)(?: |\n *)==\s*PSA_SUCCESS\s*\);$/${1}PSA_ASSERT($2 );/gm' tests/suites/test_suite_psa_*.function
---
 tests/suites/test_suite_psa_crypto.function   | 1540 ++++++++---------
 .../test_suite_psa_crypto_entropy.function    |   12 +-
 .../test_suite_psa_crypto_hash.function       |   49 +-
 .../test_suite_psa_crypto_init.function       |   34 +-
 ...t_suite_psa_crypto_persistent_key.function |   85 +-
 ..._suite_psa_crypto_slot_management.function |    2 +-
 ...est_suite_psa_crypto_storage_file.function |    1 -
 7 files changed, 850 insertions(+), 873 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index d6b5e5154..f665fb78f 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -139,13 +139,13 @@ static int exercise_mac_key( psa_key_handle_t handle,
 
     if( usage & PSA_KEY_USAGE_SIGN )
     {
-        TEST_ASSERT( psa_mac_sign_setup( &operation,
-                                         handle, alg ) == PSA_SUCCESS );
-        TEST_ASSERT( psa_mac_update( &operation,
-                                     input, sizeof( input ) ) == PSA_SUCCESS );
-        TEST_ASSERT( psa_mac_sign_finish( &operation,
-                                          mac, sizeof( mac ),
-                                          &mac_length ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_mac_sign_setup( &operation,
+                                        handle, alg ) );
+        PSA_ASSERT( psa_mac_update( &operation,
+                                    input, sizeof( input ) ) );
+        PSA_ASSERT( psa_mac_sign_finish( &operation,
+                                         mac, sizeof( mac ),
+                                         &mac_length ) );
     }
 
     if( usage & PSA_KEY_USAGE_VERIFY )
@@ -154,10 +154,10 @@ static int exercise_mac_key( psa_key_handle_t handle,
             ( usage & PSA_KEY_USAGE_SIGN ?
               PSA_SUCCESS :
               PSA_ERROR_INVALID_SIGNATURE );
-        TEST_ASSERT( psa_mac_verify_setup( &operation,
-                                           handle, alg ) == PSA_SUCCESS );
-        TEST_ASSERT( psa_mac_update( &operation,
-                                     input, sizeof( input ) ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_mac_verify_setup( &operation,
+                                          handle, alg ) );
+        PSA_ASSERT( psa_mac_update( &operation,
+                                    input, sizeof( input ) ) );
         TEST_ASSERT( psa_mac_verify_finish( &operation,
                                             mac,
                                             mac_length ) == verify_status );
@@ -185,19 +185,19 @@ static int exercise_cipher_key( psa_key_handle_t handle,
 
     if( usage & PSA_KEY_USAGE_ENCRYPT )
     {
-        TEST_ASSERT( psa_cipher_encrypt_setup( &operation,
-                                               handle, alg ) == PSA_SUCCESS );
-        TEST_ASSERT( psa_cipher_generate_iv( &operation,
-                                             iv, sizeof( iv ),
-                                             &iv_length ) == PSA_SUCCESS );
-        TEST_ASSERT( psa_cipher_update( &operation,
-                                        plaintext, sizeof( plaintext ),
-                                        ciphertext, sizeof( ciphertext ),
-                                        &ciphertext_length ) == PSA_SUCCESS );
-        TEST_ASSERT( psa_cipher_finish( &operation,
-                                        ciphertext + ciphertext_length,
-                                        sizeof( ciphertext ) - ciphertext_length,
-                                        &part_length ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_cipher_encrypt_setup( &operation,
+                                              handle, alg ) );
+        PSA_ASSERT( psa_cipher_generate_iv( &operation,
+                                            iv, sizeof( iv ),
+                                            &iv_length ) );
+        PSA_ASSERT( psa_cipher_update( &operation,
+                                       plaintext, sizeof( plaintext ),
+                                       ciphertext, sizeof( ciphertext ),
+                                       &ciphertext_length ) );
+        PSA_ASSERT( psa_cipher_finish( &operation,
+                                       ciphertext + ciphertext_length,
+                                       sizeof( ciphertext ) - ciphertext_length,
+                                       &part_length ) );
         ciphertext_length += part_length;
     }
 
@@ -211,14 +211,14 @@ static int exercise_cipher_key( psa_key_handle_t handle,
             TEST_ASSERT( psa_get_key_information( handle, &type, &bits ) );
             iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE( type );
         }
-        TEST_ASSERT( psa_cipher_decrypt_setup( &operation,
-                                               handle, alg ) == PSA_SUCCESS );
-        TEST_ASSERT( psa_cipher_set_iv( &operation,
-                                        iv, iv_length ) == PSA_SUCCESS );
-        TEST_ASSERT( psa_cipher_update( &operation,
-                                        ciphertext, ciphertext_length,
-                                        decrypted, sizeof( decrypted ),
-                                        &part_length ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_cipher_decrypt_setup( &operation,
+                                              handle, alg ) );
+        PSA_ASSERT( psa_cipher_set_iv( &operation,
+                                       iv, iv_length ) );
+        PSA_ASSERT( psa_cipher_update( &operation,
+                                       ciphertext, ciphertext_length,
+                                       decrypted, sizeof( decrypted ),
+                                       &part_length ) );
         status = psa_cipher_finish( &operation,
                                     decrypted + part_length,
                                     sizeof( decrypted ) - part_length,
@@ -228,7 +228,7 @@ static int exercise_cipher_key( psa_key_handle_t handle,
          ciphertext, a padding error is likely.  */
         if( ( usage & PSA_KEY_USAGE_ENCRYPT ) ||
             PSA_BLOCK_CIPHER_BLOCK_SIZE( type ) == 1 )
-            TEST_ASSERT( status == PSA_SUCCESS );
+            PSA_ASSERT( status );
         else
             TEST_ASSERT( status == PSA_SUCCESS ||
                          status == PSA_ERROR_INVALID_PADDING );
@@ -254,12 +254,12 @@ static int exercise_aead_key( psa_key_handle_t handle,
 
     if( usage & PSA_KEY_USAGE_ENCRYPT )
     {
-        TEST_ASSERT( psa_aead_encrypt( handle, alg,
-                                       nonce, nonce_length,
-                                       NULL, 0,
-                                       plaintext, sizeof( plaintext ),
-                                       ciphertext, sizeof( ciphertext ),
-                                       &ciphertext_length ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_aead_encrypt( handle, alg,
+                                      nonce, nonce_length,
+                                      NULL, 0,
+                                      plaintext, sizeof( plaintext ),
+                                      ciphertext, sizeof( ciphertext ),
+                                      &ciphertext_length ) );
     }
 
     if( usage & PSA_KEY_USAGE_DECRYPT )
@@ -299,10 +299,10 @@ static int exercise_signature_key( psa_key_handle_t handle,
         psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
         if( hash_alg != 0 )
             payload_length = PSA_HASH_SIZE( hash_alg );
-        TEST_ASSERT( psa_asymmetric_sign( handle, alg,
-                                          payload, payload_length,
-                                          signature, sizeof( signature ),
-                                          &signature_length ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_asymmetric_sign( handle, alg,
+                                         payload, payload_length,
+                                         signature, sizeof( signature ),
+                                         &signature_length ) );
     }
 
     if( usage & PSA_KEY_USAGE_VERIFY )
@@ -334,12 +334,12 @@ static int exercise_asymmetric_encryption_key( psa_key_handle_t handle,
 
     if( usage & PSA_KEY_USAGE_ENCRYPT )
     {
-        TEST_ASSERT(
+        PSA_ASSERT(
             psa_asymmetric_encrypt( handle, alg,
                                     plaintext, plaintext_length,
                                     NULL, 0,
                                     ciphertext, sizeof( ciphertext ),
-                                    &ciphertext_length ) == PSA_SUCCESS );
+                                    &ciphertext_length ) );
     }
 
     if( usage & PSA_KEY_USAGE_DECRYPT )
@@ -375,15 +375,15 @@ static int exercise_key_derivation_key( psa_key_handle_t handle,
 
     if( usage & PSA_KEY_USAGE_DERIVE )
     {
-        TEST_ASSERT( psa_key_derivation( &generator,
-                                         handle, alg,
-                                         label, label_length,
-                                         seed, seed_length,
-                                         sizeof( output ) ) == PSA_SUCCESS );
-        TEST_ASSERT( psa_generator_read( &generator,
-                                         output,
-                                         sizeof( output ) ) == PSA_SUCCESS );
-        TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_key_derivation( &generator,
+                                        handle, alg,
+                                        label, label_length,
+                                        seed, seed_length,
+                                        sizeof( output ) ) );
+        PSA_ASSERT( psa_generator_read( &generator,
+                                        output,
+                                        sizeof( output ) ) );
+        PSA_ASSERT( psa_generator_abort( &generator ) );
     }
 
     return( 1 );
@@ -408,16 +408,16 @@ static psa_status_t key_agreement_with_self( psa_crypto_generator_t *generator,
      * good enough: callers will report it as a failed test anyway. */
     psa_status_t status = PSA_ERROR_UNKNOWN_ERROR;
 
-    TEST_ASSERT( psa_get_key_information( handle,
-                                          &private_key_type,
-                                          &key_bits ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_get_key_information( handle,
+                                         &private_key_type,
+                                         &key_bits ) );
     public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( private_key_type );
     public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits );
     ASSERT_ALLOC( public_key, public_key_length );
     TEST_ASSERT( public_key != NULL );
-    TEST_ASSERT( psa_export_public_key( handle,
-                                        public_key, public_key_length,
-                                        &public_key_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_export_public_key( handle,
+                                       public_key, public_key_length,
+                                       &public_key_length ) );
 
     status = psa_key_agreement( generator, handle,
                                 public_key, public_key_length,
@@ -439,12 +439,11 @@ static int exercise_key_agreement_key( psa_key_handle_t handle,
     {
         /* We need two keys to exercise key agreement. Exercise the
          * private key against its own public key. */
-        TEST_ASSERT( key_agreement_with_self( &generator, handle, alg ) ==
-                     PSA_SUCCESS );
-        TEST_ASSERT( psa_generator_read( &generator,
-                                         output,
-                                         sizeof( output ) ) == PSA_SUCCESS );
-        TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS );
+        PSA_ASSERT( key_agreement_with_self( &generator, handle, alg ) );
+        PSA_ASSERT( psa_generator_read( &generator,
+                                        output,
+                                        sizeof( output ) ) );
+        PSA_ASSERT( psa_generator_abort( &generator ) );
     }
     ok = 1;
 
@@ -721,7 +720,7 @@ static int exercise_export_key( psa_key_handle_t handle,
     size_t exported_length = 0;
     int ok = 0;
 
-    TEST_ASSERT( psa_get_key_information( handle, &type, &bits ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_get_key_information( handle, &type, &bits ) );
 
     if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 &&
         ! PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
@@ -734,9 +733,9 @@ static int exercise_export_key( psa_key_handle_t handle,
     exported_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits );
     ASSERT_ALLOC( exported, exported_size );
 
-    TEST_ASSERT( psa_export_key( handle,
-                                 exported, exported_size,
-                                 &exported_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_export_key( handle,
+                                exported, exported_size,
+                                &exported_length ) );
     ok = exported_key_sanity_check( type, bits, exported, exported_length );
 
 exit:
@@ -754,7 +753,7 @@ static int exercise_export_public_key( psa_key_handle_t handle )
     size_t exported_length = 0;
     int ok = 0;
 
-    TEST_ASSERT( psa_get_key_information( handle, &type, &bits ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_get_key_information( handle, &type, &bits ) );
     if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( type ) )
     {
         TEST_ASSERT( psa_export_public_key( handle,
@@ -767,9 +766,9 @@ static int exercise_export_public_key( psa_key_handle_t handle )
     exported_size = PSA_KEY_EXPORT_MAX_SIZE( public_type, bits );
     ASSERT_ALLOC( exported, exported_size );
 
-    TEST_ASSERT( psa_export_public_key( handle,
-                                        exported, exported_size,
-                                        &exported_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_export_public_key( handle,
+                                       exported, exported_size,
+                                       &exported_length ) );
     ok = exported_key_sanity_check( public_type, bits,
                                     exported, exported_length );
 
@@ -885,14 +884,14 @@ void import( data_t *data, int type, int expected_status_arg )
 
     TEST_ASSERT( data != NULL );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
+                                  &handle ) );
     status = psa_import_key( handle, type, data->x, data->len );
     TEST_ASSERT( status == expected_status );
     if( status == PSA_SUCCESS )
-        TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_destroy_key( handle ) );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -916,15 +915,15 @@ void import_twice( int alg_arg, int usage_arg,
     psa_key_policy_t policy;
     psa_status_t status;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( type1,
-                                   MAX( KEY_BITS_FROM_DATA( type1, data1 ),
-                                        KEY_BITS_FROM_DATA( type2, data2 ) ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( type1,
+                                  MAX( KEY_BITS_FROM_DATA( type1, data1 ),
+                                       KEY_BITS_FROM_DATA( type2, data2 ) ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, usage, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
     status = psa_import_key( handle, type1, data1->x, data1->len );
     TEST_ASSERT( status == expected_import1_status );
@@ -958,7 +957,7 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg )
     int ret;
     size_t length;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
     ASSERT_ALLOC( buffer, buffer_size );
 
     TEST_ASSERT( ( ret = construct_fake_rsa_key( buffer, buffer_size, &p,
@@ -966,11 +965,11 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg )
     length = ret;
 
     /* Try importing the key */
-    TEST_ASSERT( psa_allocate_key( type, bits, &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( type, bits, &handle ) );
     status = psa_import_key( handle, type, p, length );
     TEST_ASSERT( status == expected_status );
     if( status == PSA_SUCCESS )
-        TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_destroy_key( handle ) );
 
 exit:
     mbedtls_free( buffer );
@@ -1008,25 +1007,24 @@ void import_export( data_t *data,
     ASSERT_ALLOC( exported, export_size );
     if( ! canonical_input )
         ASSERT_ALLOC( reexported, export_size );
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( type, expected_bits, &handle ) ==
-                 PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( type, expected_bits, &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, usage_arg, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
     TEST_ASSERT( psa_get_key_information(
                      handle, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
 
     /* Import the key */
-    TEST_ASSERT( psa_import_key( handle, type,
-                                 data->x, data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, type,
+                                data->x, data->len ) );
 
     /* Test the key information */
-    TEST_ASSERT( psa_get_key_information( handle,
-                                          &got_type,
-                                          &got_bits ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_get_key_information( handle,
+                                         &got_type,
+                                         &got_bits ) );
     TEST_ASSERT( got_type == type );
     TEST_ASSERT( got_bits == (size_t) expected_bits );
 
@@ -1058,26 +1056,25 @@ void import_export( data_t *data,
     else
     {
         psa_key_handle_t handle2;
-        TEST_ASSERT( psa_allocate_key( type, expected_bits, &handle2 ) ==
-                     PSA_SUCCESS );
-        TEST_ASSERT( psa_set_key_policy( handle2, &policy ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_allocate_key( type, expected_bits, &handle2 ) );
+        PSA_ASSERT( psa_set_key_policy( handle2, &policy ) );
 
-        TEST_ASSERT( psa_import_key( handle2, type,
-                                     exported,
-                                     exported_length ) == PSA_SUCCESS );
-        TEST_ASSERT( psa_export_key( handle2,
-                                     reexported,
-                                     export_size,
-                                     &reexported_length ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_import_key( handle2, type,
+                                    exported,
+                                    exported_length ) );
+        PSA_ASSERT( psa_export_key( handle2,
+                                    reexported,
+                                    export_size,
+                                    &reexported_length ) );
         ASSERT_COMPARE( exported, exported_length,
                         reexported, reexported_length );
-        TEST_ASSERT( psa_close_key( handle2 ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_close_key( handle2 ) );
     }
     TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, got_bits ) );
 
 destroy:
     /* Destroy the key */
-    TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_destroy_key( handle ) );
     TEST_ASSERT( psa_get_key_information(
                      handle, NULL, NULL ) == PSA_ERROR_INVALID_HANDLE );
 
@@ -1095,14 +1092,14 @@ void import_key_nonempty_slot( )
     psa_key_type_t type = PSA_KEY_TYPE_RAW_DATA;
     psa_status_t status;
     const uint8_t data[] = { 0x1, 0x2, 0x3, 0x4, 0x5 };
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( type, PSA_BYTES_TO_BITS( sizeof( data ) ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( type, PSA_BYTES_TO_BITS( sizeof( data ) ),
+                                  &handle ) );
 
     /* Import the key */
-    TEST_ASSERT( psa_import_key( handle, type,
-                                 data, sizeof( data ) ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, type,
+                                data, sizeof( data ) ) );
 
     /* Import the key again */
     status = psa_import_key( handle, type, data, sizeof( data ) );
@@ -1122,7 +1119,7 @@ void export_invalid_handle( int handle, int expected_export_status_arg )
     size_t exported_length = INVALID_EXPORT_LENGTH;
     psa_status_t expected_export_status = expected_export_status_arg;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
     /* Export the key */
     status = psa_export_key( (psa_key_handle_t) handle,
@@ -1146,13 +1143,13 @@ void export_with_no_key_activity( )
     size_t export_size = 0;
     size_t exported_length = INVALID_EXPORT_LENGTH;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 0,
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 0,
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
     /* Export the key */
     status = psa_export_key( handle,
@@ -1174,13 +1171,13 @@ void cipher_with_no_key_activity( )
     psa_cipher_operation_t operation;
     int exercise_alg = PSA_ALG_CTR;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 0,
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, 0,
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, exercise_alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
     status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg );
     TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT );
@@ -1203,10 +1200,10 @@ void export_after_import_failure( data_t *data, int type_arg,
     psa_status_t expected_import_status = expected_import_status_arg;
     size_t exported_length = INVALID_EXPORT_LENGTH;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
+                                  &handle ) );
 
     /* Import the key - expect failure */
     status = psa_import_key( handle, type,
@@ -1235,10 +1232,10 @@ void cipher_after_import_failure( data_t *data, int type_arg,
     psa_status_t expected_import_status = expected_import_status_arg;
     int exercise_alg = PSA_ALG_CTR;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
+                                  &handle ) );
 
     /* Import the key - expect failure */
     status = psa_import_key( handle, type,
@@ -1266,25 +1263,25 @@ void export_after_destroy_key( data_t *data, int type_arg )
     size_t export_size = 0;
     size_t exported_length = INVALID_EXPORT_LENGTH;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
     export_size = (ptrdiff_t) data->len;
     ASSERT_ALLOC( exported, export_size );
 
     /* Import the key */
-    TEST_ASSERT( psa_import_key( handle, type,
-                                 data->x, data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, type,
+                                data->x, data->len ) );
 
-    TEST_ASSERT( psa_export_key( handle, exported, export_size,
-                                 &exported_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_export_key( handle, exported, export_size,
+                                &exported_length ) );
 
     /* Destroy the key */
-    TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_destroy_key( handle ) );
 
     /* Export the key */
     status = psa_export_key( handle, exported, export_size,
@@ -1315,17 +1312,17 @@ void import_export_public_key( data_t *data,
     size_t exported_length = INVALID_EXPORT_LENGTH;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
     /* Import the key */
-    TEST_ASSERT( psa_import_key( handle, type,
-                                 data->x, data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, type,
+                                data->x, data->len ) );
 
     /* Export the public key */
     ASSERT_ALLOC( exported, export_size );
@@ -1337,8 +1334,7 @@ void import_export_public_key( data_t *data,
     {
         psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type );
         size_t bits;
-        TEST_ASSERT( psa_get_key_information( handle, NULL, &bits ) ==
-                     PSA_SUCCESS );
+        PSA_ASSERT( psa_get_key_information( handle, NULL, &bits ) );
         TEST_ASSERT( expected_public_key->len <=
                      PSA_KEY_EXPORT_MAX_SIZE( public_type, bits ) );
         ASSERT_COMPARE( expected_public_key->x, expected_public_key->len,
@@ -1368,22 +1364,22 @@ void import_and_exercise_key( data_t *data,
     size_t got_bits;
     psa_status_t status;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, usage, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
     /* Import the key */
     status = psa_import_key( handle, type, data->x, data->len );
-    TEST_ASSERT( status == PSA_SUCCESS );
+    PSA_ASSERT( status );
 
     /* Test the key information */
-    TEST_ASSERT( psa_get_key_information( handle,
-                                          &got_type,
-                                          &got_bits ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_get_key_information( handle,
+                                         &got_type,
+                                         &got_bits ) );
     TEST_ASSERT( got_type == type );
     TEST_ASSERT( got_bits == bits );
 
@@ -1410,22 +1406,22 @@ void key_policy( int usage_arg, int alg_arg )
 
     memset( key, 0x2a, sizeof( key ) );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( sizeof( key ) ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( sizeof( key ) ),
+                                  &handle ) );
     psa_key_policy_init( &policy_set );
     psa_key_policy_init( &policy_get );
     psa_key_policy_set_usage( &policy_set, usage, alg );
 
     TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == usage );
     TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy_set ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy_set ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key, sizeof( key ) ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key, sizeof( key ) ) );
 
-    TEST_ASSERT( psa_get_key_policy( handle, &policy_get ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_get_key_policy( handle, &policy_get ) );
 
     TEST_ASSERT( policy_get.usage == policy_set.usage );
     TEST_ASSERT( policy_get.alg == policy_set.alg );
@@ -1449,22 +1445,22 @@ void mac_key_policy( int policy_usage,
     psa_status_t status;
     unsigned char mac[PSA_MAC_MAX_SIZE];
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type,
-                                   KEY_BITS_FROM_DATA( key_type, key_data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type,
+                                  KEY_BITS_FROM_DATA( key_type, key_data ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data->x, key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data->x, key_data->len ) );
 
     status = psa_mac_sign_setup( &operation, handle, exercise_alg );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 )
-        TEST_ASSERT( status == PSA_SUCCESS );
+        PSA_ASSERT( status );
     else
         TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
     psa_mac_abort( &operation );
@@ -1473,7 +1469,7 @@ void mac_key_policy( int policy_usage,
     status = psa_mac_verify_setup( &operation, handle, exercise_alg );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 )
-        TEST_ASSERT( status == PSA_SUCCESS );
+        PSA_ASSERT( status );
     else
         TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 
@@ -1496,22 +1492,22 @@ void cipher_key_policy( int policy_usage,
     psa_cipher_operation_t operation;
     psa_status_t status;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type,
-                                   KEY_BITS_FROM_DATA( key_type, key_data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type,
+                                  KEY_BITS_FROM_DATA( key_type, key_data ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data->x, key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data->x, key_data->len ) );
 
     status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
-        TEST_ASSERT( status == PSA_SUCCESS );
+        PSA_ASSERT( status );
     else
         TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
     psa_cipher_abort( &operation );
@@ -1519,7 +1515,7 @@ void cipher_key_policy( int policy_usage,
     status = psa_cipher_decrypt_setup( &operation, handle, exercise_alg );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 )
-        TEST_ASSERT( status == PSA_SUCCESS );
+        PSA_ASSERT( status );
     else
         TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 
@@ -1551,17 +1547,17 @@ void aead_key_policy( int policy_usage,
     TEST_ASSERT( nonce_length <= sizeof( nonce ) );
     TEST_ASSERT( tag_length <= sizeof( tag ) );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type,
-                                   KEY_BITS_FROM_DATA( key_type, key_data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type,
+                                  KEY_BITS_FROM_DATA( key_type, key_data ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data->x, key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data->x, key_data->len ) );
 
     status = psa_aead_encrypt( handle, exercise_alg,
                                nonce, nonce_length,
@@ -1571,7 +1567,7 @@ void aead_key_policy( int policy_usage,
                                &output_length );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
-        TEST_ASSERT( status == PSA_SUCCESS );
+        PSA_ASSERT( status );
     else
         TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 
@@ -1609,21 +1605,21 @@ void asymmetric_encryption_key_policy( int policy_usage,
     unsigned char *buffer = NULL;
     size_t output_length;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type,
-                                   KEY_BITS_FROM_DATA( key_type, key_data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type,
+                                  KEY_BITS_FROM_DATA( key_type, key_data ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data->x, key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data->x, key_data->len ) );
 
-    TEST_ASSERT( psa_get_key_information( handle,
-                                          NULL,
-                                          &key_bits ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_get_key_information( handle,
+                                         NULL,
+                                         &key_bits ) );
     buffer_length = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits,
                                                         exercise_alg );
     ASSERT_ALLOC( buffer, buffer_length );
@@ -1635,7 +1631,7 @@ void asymmetric_encryption_key_policy( int policy_usage,
                                      &output_length );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
-        TEST_ASSERT( status == PSA_SUCCESS );
+        PSA_ASSERT( status );
     else
         TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 
@@ -1674,17 +1670,17 @@ void asymmetric_signature_key_policy( int policy_usage,
     unsigned char signature[PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE] = {0};
     size_t signature_length;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type,
-                                   KEY_BITS_FROM_DATA( key_type, key_data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type,
+                                  KEY_BITS_FROM_DATA( key_type, key_data ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data->x, key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data->x, key_data->len ) );
 
     status = psa_asymmetric_sign( handle, exercise_alg,
                                   payload, payload_length,
@@ -1692,7 +1688,7 @@ void asymmetric_signature_key_policy( int policy_usage,
                                   &signature_length );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 )
-        TEST_ASSERT( status == PSA_SUCCESS );
+        PSA_ASSERT( status );
     else
         TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 
@@ -1724,17 +1720,17 @@ void derive_key_policy( int policy_usage,
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
     psa_status_t status;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type,
-                                   KEY_BITS_FROM_DATA( key_type, key_data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type,
+                                  KEY_BITS_FROM_DATA( key_type, key_data ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data->x, key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data->x, key_data->len ) );
 
     status = psa_key_derivation( &generator, handle,
                                  exercise_alg,
@@ -1743,7 +1739,7 @@ void derive_key_policy( int policy_usage,
                                  1 );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 )
-        TEST_ASSERT( status == PSA_SUCCESS );
+        PSA_ASSERT( status );
     else
         TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 
@@ -1767,23 +1763,23 @@ void agreement_key_policy( int policy_usage,
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
     psa_status_t status;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type,
-                                   KEY_BITS_FROM_DATA( key_type, key_data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type,
+                                  KEY_BITS_FROM_DATA( key_type, key_data ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, policy_usage, policy_alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data->x, key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data->x, key_data->len ) );
 
     status = key_agreement_with_self( &generator, handle, exercise_alg );
 
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 )
-        TEST_ASSERT( status == PSA_SUCCESS );
+        PSA_ASSERT( status );
     else
         TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
 
@@ -1803,7 +1799,7 @@ void hash_setup( int alg_arg,
     psa_hash_operation_t operation;
     psa_status_t status;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
     status = psa_hash_setup( &operation, alg );
     psa_hash_abort( &operation );
@@ -1826,7 +1822,7 @@ void hash_bad_order( )
     size_t hash_len;
     psa_hash_operation_t operation;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
     /* psa_hash_update without calling psa_hash_setup beforehand */
     memset( &operation, 0, sizeof( operation ) );
@@ -1864,22 +1860,22 @@ void hash_verify_bad_args( )
     size_t expected_size = PSA_HASH_SIZE( alg );
     psa_hash_operation_t operation;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
     /* psa_hash_verify with a smaller hash than expected */
-    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
     TEST_ASSERT( psa_hash_verify( &operation,
                                   hash, expected_size - 1 ) ==
                  PSA_ERROR_INVALID_SIGNATURE );
 
     /* psa_hash_verify with a non-matching hash */
-    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
     TEST_ASSERT( psa_hash_verify( &operation,
                                   hash + 1, expected_size ) ==
                  PSA_ERROR_INVALID_SIGNATURE );
 
     /* psa_hash_verify with a hash longer than expected */
-    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
     TEST_ASSERT( psa_hash_verify( &operation,
                                   hash, sizeof( hash ) ) ==
                  PSA_ERROR_INVALID_SIGNATURE );
@@ -1898,10 +1894,10 @@ void hash_finish_bad_args( )
     psa_hash_operation_t operation;
     size_t hash_len;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
     /* psa_hash_finish with a smaller hash buffer than expected */
-    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
     TEST_ASSERT( psa_hash_finish( &operation,
                                   hash, expected_size - 1,
                                   &hash_len ) == PSA_ERROR_BUFFER_TOO_SMALL );
@@ -1925,18 +1921,18 @@ void mac_setup( int key_type_arg,
     psa_key_policy_t policy;
     psa_status_t status;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy,
                               PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY,
                               alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key->x, key->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key->x, key->len ) );
 
     status = psa_mac_sign_setup( &operation, handle, alg );
     psa_mac_abort( &operation );
@@ -1972,25 +1968,25 @@ void mac_sign( int key_type_arg,
     TEST_ASSERT( mac_buffer_size <= PSA_MAC_MAX_SIZE );
     TEST_ASSERT( expected_mac->len <= mac_buffer_size );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key->x, key->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key->x, key->len ) );
 
     /* Calculate the MAC. */
-    TEST_ASSERT( psa_mac_sign_setup( &operation,
-                                     handle, alg ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_mac_update( &operation,
-                                 input->x, input->len ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_mac_sign_finish( &operation,
-                                      actual_mac, mac_buffer_size,
-                                      &mac_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_mac_sign_setup( &operation,
+                                    handle, alg ) );
+    PSA_ASSERT( psa_mac_update( &operation,
+                                input->x, input->len ) );
+    PSA_ASSERT( psa_mac_sign_finish( &operation,
+                                     actual_mac, mac_buffer_size,
+                                     &mac_length ) );
 
     /* Compare with the expected value. */
     TEST_ASSERT( mac_length == expected_mac->len );
@@ -2028,25 +2024,25 @@ void mac_verify( int key_type_arg,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_mac->len ) );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key->x, key->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key->x, key->len ) );
 
-    TEST_ASSERT( psa_mac_verify_setup( &operation,
-                                       handle, alg ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_mac_update( &operation,
-                                 input->x, input->len ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_mac_verify_finish( &operation,
-                                        expected_mac->x,
-                                        expected_mac->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_mac_verify_setup( &operation,
+                                      handle, alg ) );
+    PSA_ASSERT( psa_destroy_key( handle ) );
+    PSA_ASSERT( psa_mac_update( &operation,
+                                input->x, input->len ) );
+    PSA_ASSERT( psa_mac_verify_finish( &operation,
+                                       expected_mac->x,
+                                       expected_mac->len ) );
 
 exit:
     psa_destroy_key( handle );
@@ -2068,16 +2064,16 @@ void cipher_setup( int key_type_arg,
     psa_key_policy_t policy;
     psa_status_t status;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key->x, key->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key->x, key->len ) );
 
     status = psa_cipher_encrypt_setup( &operation, handle, alg );
     psa_cipher_abort( &operation );
@@ -2119,30 +2115,30 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
     iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     memset( iv, 0x2a, iv_size );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key->x, key->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key->x, key->len ) );
 
-    TEST_ASSERT( psa_cipher_encrypt_setup( &operation,
-                                           handle, alg ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_encrypt_setup( &operation,
+                                          handle, alg ) );
 
-    TEST_ASSERT( psa_cipher_set_iv( &operation,
-                                    iv, iv_size ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_set_iv( &operation,
+                                   iv, iv_size ) );
     output_buffer_size = ( (size_t) input->len +
                            PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
     ASSERT_ALLOC( output, output_buffer_size );
 
-    TEST_ASSERT( psa_cipher_update( &operation,
-                                    input->x, input->len,
-                                    output, output_buffer_size,
-                                    &function_output_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_update( &operation,
+                                   input->x, input->len,
+                                   output, output_buffer_size,
+                                   &function_output_length ) );
     total_output_length += function_output_length;
     status = psa_cipher_finish( &operation,
                                 output + function_output_length,
@@ -2153,7 +2149,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( status == expected_status );
     if( expected_status == PSA_SUCCESS )
     {
-        TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_cipher_abort( &operation ) );
         ASSERT_COMPARE( expected_output->x, expected_output->len,
                         output, total_output_length );
     }
@@ -2194,43 +2190,43 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
     iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     memset( iv, 0x2a, iv_size );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key->x, key->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key->x, key->len ) );
 
-    TEST_ASSERT( psa_cipher_encrypt_setup( &operation,
-                                           handle, alg ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_encrypt_setup( &operation,
+                                          handle, alg ) );
 
-    TEST_ASSERT( psa_cipher_set_iv( &operation,
-                                    iv, sizeof( iv ) ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_set_iv( &operation,
+                                   iv, sizeof( iv ) ) );
     output_buffer_size = ( (size_t) input->len +
                            PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
     ASSERT_ALLOC( output, output_buffer_size );
 
     TEST_ASSERT( (unsigned int) first_part_size < input->len );
-    TEST_ASSERT( psa_cipher_update( &operation, input->x, first_part_size,
-                                    output, output_buffer_size,
-                                    &function_output_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_update( &operation, input->x, first_part_size,
+                                   output, output_buffer_size,
+                                   &function_output_length ) );
     total_output_length += function_output_length;
-    TEST_ASSERT( psa_cipher_update( &operation,
-                                    input->x + first_part_size,
-                                    input->len - first_part_size,
-                                    output, output_buffer_size,
-                                    &function_output_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_update( &operation,
+                                   input->x + first_part_size,
+                                   input->len - first_part_size,
+                                   output, output_buffer_size,
+                                   &function_output_length ) );
     total_output_length += function_output_length;
-    TEST_ASSERT( psa_cipher_finish( &operation,
-                                    output + function_output_length,
-                                    output_buffer_size,
-                                    &function_output_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_finish( &operation,
+                                   output + function_output_length,
+                                   output_buffer_size,
+                                   &function_output_length ) );
     total_output_length += function_output_length;
-    TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_abort( &operation ) );
 
     ASSERT_COMPARE( expected_output->x, expected_output->len,
                     output, total_output_length );
@@ -2272,45 +2268,45 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     memset( iv, 0x2a, iv_size );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key->x, key->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key->x, key->len ) );
 
-    TEST_ASSERT( psa_cipher_decrypt_setup( &operation,
-                                           handle, alg ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_decrypt_setup( &operation,
+                                          handle, alg ) );
 
-    TEST_ASSERT( psa_cipher_set_iv( &operation,
-                                    iv, sizeof( iv ) ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_set_iv( &operation,
+                                   iv, sizeof( iv ) ) );
 
     output_buffer_size = ( (size_t) input->len +
                            PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
     ASSERT_ALLOC( output, output_buffer_size );
 
     TEST_ASSERT( (unsigned int) first_part_size < input->len );
-    TEST_ASSERT( psa_cipher_update( &operation,
-                                    input->x, first_part_size,
-                                    output, output_buffer_size,
-                                    &function_output_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_update( &operation,
+                                   input->x, first_part_size,
+                                   output, output_buffer_size,
+                                   &function_output_length ) );
     total_output_length += function_output_length;
-    TEST_ASSERT( psa_cipher_update( &operation,
-                                    input->x + first_part_size,
-                                    input->len - first_part_size,
-                                    output, output_buffer_size,
-                                    &function_output_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_update( &operation,
+                                   input->x + first_part_size,
+                                   input->len - first_part_size,
+                                   output, output_buffer_size,
+                                   &function_output_length ) );
     total_output_length += function_output_length;
-    TEST_ASSERT( psa_cipher_finish( &operation,
-                                    output + function_output_length,
-                                    output_buffer_size,
-                                    &function_output_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_finish( &operation,
+                                   output + function_output_length,
+                                   output_buffer_size,
+                                   &function_output_length ) );
     total_output_length += function_output_length;
-    TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_abort( &operation ) );
 
     ASSERT_COMPARE( expected_output->x, expected_output->len,
                     output, total_output_length );
@@ -2352,31 +2348,31 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     memset( iv, 0x2a, iv_size );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key->x, key->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key->x, key->len ) );
 
-    TEST_ASSERT( psa_cipher_decrypt_setup( &operation,
-                                           handle, alg ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_decrypt_setup( &operation,
+                                          handle, alg ) );
 
-    TEST_ASSERT( psa_cipher_set_iv( &operation,
-                                    iv, iv_size ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_set_iv( &operation,
+                                   iv, iv_size ) );
 
     output_buffer_size = ( (size_t) input->len +
                            PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
     ASSERT_ALLOC( output, output_buffer_size );
 
-    TEST_ASSERT( psa_cipher_update( &operation,
-                                    input->x, input->len,
-                                    output, output_buffer_size,
-                                    &function_output_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_update( &operation,
+                                   input->x, input->len,
+                                   output, output_buffer_size,
+                                   &function_output_length ) );
     total_output_length += function_output_length;
     status = psa_cipher_finish( &operation,
                                 output + function_output_length,
@@ -2387,7 +2383,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
 
     if( expected_status == PSA_SUCCESS )
     {
-        TEST_ASSERT( psa_cipher_abort( &operation ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_cipher_abort( &operation ) );
         ASSERT_COMPARE( expected_output->x, expected_output->len,
                         output, total_output_length );
     }
@@ -2426,57 +2422,57 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key->x, key->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key->x, key->len ) );
 
-    TEST_ASSERT( psa_cipher_encrypt_setup( &operation1,
-                                           handle, alg ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_decrypt_setup( &operation2,
-                                           handle, alg ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_encrypt_setup( &operation1,
+                                          handle, alg ) );
+    PSA_ASSERT( psa_cipher_decrypt_setup( &operation2,
+                                          handle, alg ) );
 
-    TEST_ASSERT( psa_cipher_generate_iv( &operation1,
-                                         iv, iv_size,
-                                         &iv_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_generate_iv( &operation1,
+                                        iv, iv_size,
+                                        &iv_length ) );
     output1_size = ( (size_t) input->len +
                      PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
     ASSERT_ALLOC( output1, output1_size );
 
-    TEST_ASSERT( psa_cipher_update( &operation1, input->x, input->len,
-                                    output1, output1_size,
-                                    &output1_length ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_finish( &operation1,
-                                    output1 + output1_length, output1_size,
-                                    &function_output_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_update( &operation1, input->x, input->len,
+                                   output1, output1_size,
+                                   &output1_length ) );
+    PSA_ASSERT( psa_cipher_finish( &operation1,
+                                   output1 + output1_length, output1_size,
+                                   &function_output_length ) );
 
     output1_length += function_output_length;
 
-    TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_abort( &operation1 ) );
 
     output2_size = output1_length;
     ASSERT_ALLOC( output2, output2_size );
 
-    TEST_ASSERT( psa_cipher_set_iv( &operation2,
-                                    iv, iv_length ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length,
-                                    output2, output2_size,
-                                    &output2_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_set_iv( &operation2,
+                                   iv, iv_length ) );
+    PSA_ASSERT( psa_cipher_update( &operation2, output1, output1_length,
+                                   output2, output2_size,
+                                   &output2_length ) );
     function_output_length = 0;
-    TEST_ASSERT( psa_cipher_finish( &operation2,
-                                    output2 + output2_length,
-                                    output2_size,
-                                    &function_output_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_finish( &operation2,
+                                   output2 + output2_length,
+                                   output2_size,
+                                   &function_output_length ) );
 
     output2_length += function_output_length;
 
-    TEST_ASSERT( psa_cipher_abort( &operation2 ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_abort( &operation2 ) );
 
     ASSERT_COMPARE( input->x, input->len, output2, output2_length );
 
@@ -2517,76 +2513,76 @@ void cipher_verify_output_multipart( int alg_arg,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key->x, key->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key->x, key->len ) );
 
-    TEST_ASSERT( psa_cipher_encrypt_setup( &operation1,
-                                           handle, alg ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_cipher_decrypt_setup( &operation2,
-                                           handle, alg ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_encrypt_setup( &operation1,
+                                          handle, alg ) );
+    PSA_ASSERT( psa_cipher_decrypt_setup( &operation2,
+                                          handle, alg ) );
 
-    TEST_ASSERT( psa_cipher_generate_iv( &operation1,
-                                         iv, iv_size,
-                                         &iv_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_generate_iv( &operation1,
+                                        iv, iv_size,
+                                        &iv_length ) );
     output1_buffer_size = ( (size_t) input->len +
                             PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) );
     ASSERT_ALLOC( output1, output1_buffer_size );
 
     TEST_ASSERT( (unsigned int) first_part_size < input->len );
 
-    TEST_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size,
-                                    output1, output1_buffer_size,
-                                    &function_output_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_update( &operation1, input->x, first_part_size,
+                                   output1, output1_buffer_size,
+                                   &function_output_length ) );
     output1_length += function_output_length;
 
-    TEST_ASSERT( psa_cipher_update( &operation1,
-                                    input->x + first_part_size,
-                                    input->len - first_part_size,
-                                    output1, output1_buffer_size,
-                                    &function_output_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_update( &operation1,
+                                   input->x + first_part_size,
+                                   input->len - first_part_size,
+                                   output1, output1_buffer_size,
+                                   &function_output_length ) );
     output1_length += function_output_length;
 
-    TEST_ASSERT( psa_cipher_finish( &operation1,
-                                    output1 + output1_length,
-                                    output1_buffer_size - output1_length,
-                                    &function_output_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_finish( &operation1,
+                                   output1 + output1_length,
+                                   output1_buffer_size - output1_length,
+                                   &function_output_length ) );
     output1_length += function_output_length;
 
-    TEST_ASSERT( psa_cipher_abort( &operation1 ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_abort( &operation1 ) );
 
     output2_buffer_size = output1_length;
     ASSERT_ALLOC( output2, output2_buffer_size );
 
-    TEST_ASSERT( psa_cipher_set_iv( &operation2,
-                                    iv, iv_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_set_iv( &operation2,
+                                   iv, iv_length ) );
 
-    TEST_ASSERT( psa_cipher_update( &operation2, output1, first_part_size,
-                                    output2, output2_buffer_size,
-                                    &function_output_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_update( &operation2, output1, first_part_size,
+                                   output2, output2_buffer_size,
+                                   &function_output_length ) );
     output2_length += function_output_length;
 
-    TEST_ASSERT( psa_cipher_update( &operation2,
-                                    output1 + first_part_size,
-                                    output1_length - first_part_size,
-                                    output2, output2_buffer_size,
-                                    &function_output_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_update( &operation2,
+                                   output1 + first_part_size,
+                                   output1_length - first_part_size,
+                                   output2, output2_buffer_size,
+                                   &function_output_length ) );
     output2_length += function_output_length;
 
-    TEST_ASSERT( psa_cipher_finish( &operation2,
-                                    output2 + output2_length,
-                                    output2_buffer_size - output2_length,
-                                    &function_output_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_finish( &operation2,
+                                   output2 + output2_length,
+                                   output2_buffer_size - output2_length,
+                                   &function_output_length ) );
     output2_length += function_output_length;
 
-    TEST_ASSERT( psa_cipher_abort( &operation2 ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_cipher_abort( &operation2 ) );
 
     ASSERT_COMPARE( input->x, input->len, output2, output2_length );
 
@@ -2630,18 +2626,18 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data,
     output_size = input_data->len + tag_length;
     ASSERT_ALLOC( output_data, output_size );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy,
                               PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
                               alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data->x, key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data->x, key_data->len ) );
 
     TEST_ASSERT( psa_aead_encrypt( handle, alg,
                                    nonce->x, nonce->len,
@@ -2706,24 +2702,24 @@ void aead_encrypt( int key_type_arg, data_t *key_data,
     output_size = input_data->len + tag_length;
     ASSERT_ALLOC( output_data, output_size );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT , alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data->x,
-                                 key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data->x,
+                                key_data->len ) );
 
-    TEST_ASSERT( psa_aead_encrypt( handle, alg,
-                                   nonce->x, nonce->len,
-                                   additional_data->x, additional_data->len,
-                                   input_data->x, input_data->len,
-                                   output_data, output_size,
-                                   &output_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_aead_encrypt( handle, alg,
+                                  nonce->x, nonce->len,
+                                  additional_data->x, additional_data->len,
+                                  input_data->x, input_data->len,
+                                  output_data, output_size,
+                                  &output_length ) );
 
     ASSERT_COMPARE( expected_result->x, expected_result->len,
                     output_data, output_length );
@@ -2768,17 +2764,17 @@ void aead_decrypt( int key_type_arg, data_t *key_data,
     output_size = input_data->len + tag_length;
     ASSERT_ALLOC( output_data, output_size );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT , alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data->x,
-                                 key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data->x,
+                                key_data->len ) );
 
     TEST_ASSERT( psa_aead_decrypt( handle, alg,
                                    nonce->x, nonce->len,
@@ -2835,21 +2831,21 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( output_data->len ) );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type,
-                                   KEY_BITS_FROM_DATA( key_type, key_data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type,
+                                  KEY_BITS_FROM_DATA( key_type, key_data ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data->x,
-                                 key_data->len ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_get_key_information( handle,
-                                          NULL,
-                                          &key_bits ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data->x,
+                                key_data->len ) );
+    PSA_ASSERT( psa_get_key_information( handle,
+                                         NULL,
+                                         &key_bits ) );
 
     /* Allocate a buffer which has the size advertized by the
      * library. */
@@ -2860,10 +2856,10 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
     ASSERT_ALLOC( signature, signature_size );
 
     /* Perform the signature. */
-    TEST_ASSERT( psa_asymmetric_sign( handle, alg,
-                                      input_data->x, input_data->len,
-                                      signature, signature_size,
-                                      &signature_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_asymmetric_sign( handle, alg,
+                                     input_data->x, input_data->len,
+                                     signature, signature_size,
+                                     &signature_length ) );
     /* Verify that the signature is what is expected. */
     ASSERT_COMPARE( output_data->x, output_data->len,
                     signature, signature_length );
@@ -2897,18 +2893,18 @@ void sign_fail( int key_type_arg, data_t *key_data,
 
     ASSERT_ALLOC( signature, signature_size );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type,
-                                   KEY_BITS_FROM_DATA( key_type, key_data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type,
+                                  KEY_BITS_FROM_DATA( key_type, key_data ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_SIGN, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data->x,
-                                 key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data->x,
+                                key_data->len ) );
 
     actual_status = psa_asymmetric_sign( handle, alg,
                                          input_data->x, input_data->len,
@@ -2941,23 +2937,23 @@ void sign_verify( int key_type_arg, data_t *key_data,
     size_t signature_length = 0xdeadbeef;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type,
-                                   KEY_BITS_FROM_DATA( key_type, key_data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type,
+                                  KEY_BITS_FROM_DATA( key_type, key_data ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy,
                               PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY,
                               alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data->x,
-                                 key_data->len ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_get_key_information( handle,
-                                          NULL,
-                                          &key_bits ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data->x,
+                                key_data->len ) );
+    PSA_ASSERT( psa_get_key_information( handle,
+                                         NULL,
+                                         &key_bits ) );
 
     /* Allocate a buffer which has the size advertized by the
      * library. */
@@ -2968,19 +2964,19 @@ void sign_verify( int key_type_arg, data_t *key_data,
     ASSERT_ALLOC( signature, signature_size );
 
     /* Perform the signature. */
-    TEST_ASSERT( psa_asymmetric_sign( handle, alg,
-                                      input_data->x, input_data->len,
-                                      signature, signature_size,
-                                      &signature_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_asymmetric_sign( handle, alg,
+                                     input_data->x, input_data->len,
+                                     signature, signature_size,
+                                     &signature_length ) );
     /* Check that the signature length looks sensible. */
     TEST_ASSERT( signature_length <= signature_size );
     TEST_ASSERT( signature_length > 0 );
 
     /* Use the library to verify that the signature is correct. */
-    TEST_ASSERT( psa_asymmetric_verify(
-                     handle, alg,
-                     input_data->x, input_data->len,
-                     signature, signature_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_asymmetric_verify(
+                    handle, alg,
+                    input_data->x, input_data->len,
+                    signature, signature_length ) );
 
     if( input_data->len != 0 )
     {
@@ -3021,23 +3017,23 @@ void asymmetric_verify( int key_type_arg, data_t *key_data,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( hash_data->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( signature_data->len ) );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type,
-                                   KEY_BITS_FROM_DATA( key_type, key_data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type,
+                                  KEY_BITS_FROM_DATA( key_type, key_data ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data->x,
-                                 key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data->x,
+                                key_data->len ) );
 
-    TEST_ASSERT( psa_asymmetric_verify( handle, alg,
-                                        hash_data->x, hash_data->len,
-                                        signature_data->x,
-                                        signature_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_asymmetric_verify( handle, alg,
+                                       hash_data->x, hash_data->len,
+                                       signature_data->x,
+                                       signature_data->len ) );
 exit:
     psa_destroy_key( handle );
     mbedtls_psa_crypto_free( );
@@ -3064,18 +3060,18 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( hash_data->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( signature_data->len ) );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type,
-                                   KEY_BITS_FROM_DATA( key_type, key_data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type,
+                                  KEY_BITS_FROM_DATA( key_type, key_data ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_VERIFY, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data->x,
-                                 key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data->x,
+                                key_data->len ) );
 
     actual_status = psa_asymmetric_verify( handle, alg,
                                            hash_data->x, hash_data->len,
@@ -3111,24 +3107,23 @@ void asymmetric_encrypt( int key_type_arg,
     psa_status_t expected_status = expected_status_arg;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-
+    PSA_ASSERT( psa_crypto_init( ) );
 
     /* Import the key */
-    TEST_ASSERT( psa_allocate_key( key_type,
-                                   KEY_BITS_FROM_DATA( key_type, key_data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type,
+                                  KEY_BITS_FROM_DATA( key_type, key_data ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_ENCRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data->x,
-                                 key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data->x,
+                                key_data->len ) );
 
     /* Determine the maximum output length */
-    TEST_ASSERT( psa_get_key_information( handle,
-                                          NULL,
-                                          &key_bits ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_get_key_information( handle,
+                                         NULL,
+                                         &key_bits ) );
     output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
     ASSERT_ALLOC( output, output_size );
 
@@ -3188,26 +3183,25 @@ void asymmetric_encrypt_decrypt( int key_type_arg,
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
     TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type,
-                                   KEY_BITS_FROM_DATA( key_type, key_data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type,
+                                  KEY_BITS_FROM_DATA( key_type, key_data ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy,
                               PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,
                               alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
-
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data->x,
-                                 key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data->x,
+                                key_data->len ) );
 
     /* Determine the maximum ciphertext length */
-    TEST_ASSERT( psa_get_key_information( handle,
-                                          NULL,
-                                          &key_bits ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_get_key_information( handle,
+                                         NULL,
+                                         &key_bits ) );
     output_size = PSA_ASYMMETRIC_ENCRYPT_OUTPUT_SIZE( key_type, key_bits, alg );
     ASSERT_ALLOC( output, output_size );
     output2_size = input_data->len;
@@ -3216,20 +3210,20 @@ void asymmetric_encrypt_decrypt( int key_type_arg,
     /* We test encryption by checking that encrypt-then-decrypt gives back
      * the original plaintext because of the non-optional random
      * part of encryption process which prevents using fixed vectors. */
-    TEST_ASSERT( psa_asymmetric_encrypt( handle, alg,
-                                         input_data->x, input_data->len,
-                                         label->x, label->len,
-                                         output, output_size,
-                                         &output_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_asymmetric_encrypt( handle, alg,
+                                        input_data->x, input_data->len,
+                                        label->x, label->len,
+                                        output, output_size,
+                                        &output_length ) );
     /* We don't know what ciphertext length to expect, but check that
      * it looks sensible. */
     TEST_ASSERT( output_length <= output_size );
 
-    TEST_ASSERT( psa_asymmetric_decrypt( handle, alg,
-                                         output, output_length,
-                                         label->x, label->len,
-                                         output2, output2_size,
-                                         &output2_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_asymmetric_decrypt( handle, alg,
+                                        output, output_length,
+                                        label->x, label->len,
+                                        output2, output2_size,
+                                        &output2_length ) );
     ASSERT_COMPARE( input_data->x, input_data->len,
                     output2, output2_length );
 
@@ -3267,25 +3261,25 @@ void asymmetric_decrypt( int key_type_arg,
     output_size = key_data->len;
     ASSERT_ALLOC( output, output_size );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type,
-                                   KEY_BITS_FROM_DATA( key_type, key_data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type,
+                                  KEY_BITS_FROM_DATA( key_type, key_data ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data->x,
-                                 key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data->x,
+                                key_data->len ) );
 
-    TEST_ASSERT( psa_asymmetric_decrypt( handle, alg,
-                                         input_data->x, input_data->len,
-                                         label->x, label->len,
-                                         output,
-                                         output_size,
-                                         &output_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_asymmetric_decrypt( handle, alg,
+                                        input_data->x, input_data->len,
+                                        label->x, label->len,
+                                        output,
+                                        output_size,
+                                        &output_length ) );
     ASSERT_COMPARE( expected_data->x, expected_data->len,
                     output, output_length );
 
@@ -3296,12 +3290,12 @@ void asymmetric_decrypt( int key_type_arg,
         output_length = ~0;
         if( output_size != 0 )
             memset( output, 0, output_size );
-        TEST_ASSERT( psa_asymmetric_decrypt( handle, alg,
-                                             input_data->x, input_data->len,
-                                             NULL, label->len,
-                                             output,
-                                             output_size,
-                                             &output_length ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_asymmetric_decrypt( handle, alg,
+                                            input_data->x, input_data->len,
+                                            NULL, label->len,
+                                            output,
+                                            output_size,
+                                            &output_length ) );
         ASSERT_COMPARE( expected_data->x, expected_data->len,
                         output, output_length );
     }
@@ -3339,18 +3333,18 @@ void asymmetric_decrypt_fail( int key_type_arg,
     output_size = key_data->len;
     ASSERT_ALLOC( output, output_size );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type,
-                                   KEY_BITS_FROM_DATA( key_type, key_data ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type,
+                                  KEY_BITS_FROM_DATA( key_type, key_data ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DECRYPT, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data->x,
-                                 key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data->x,
+                                key_data->len ) );
 
     actual_status = psa_asymmetric_decrypt( handle, alg,
                                             input_data->x, input_data->len,
@@ -3400,17 +3394,17 @@ void derive_setup( int key_type_arg,
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key_data->len ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data->x,
-                                 key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data->x,
+                                key_data->len ) );
 
     TEST_ASSERT( psa_key_derivation( &generator, handle, alg,
                                      salt->x, salt->len,
@@ -3438,24 +3432,24 @@ void test_derive_invalid_generator_state( )
                                    0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b};
     psa_key_policy_t policy;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( key_type,
-                                   PSA_BYTES_TO_BITS( sizeof( key_data ) ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( key_type,
+                                  PSA_BYTES_TO_BITS( sizeof( key_data ) ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, key_type,
-                                 key_data,
-                                 sizeof( key_data ) ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, key_type,
+                                key_data,
+                                sizeof( key_data ) ) );
 
     /* valid key derivation */
-    TEST_ASSERT(  psa_key_derivation( &generator, handle, alg,
-                                      NULL, 0,
-                                      NULL, 0,
-                                      capacity ) == PSA_SUCCESS );
+    PSA_ASSERT(  psa_key_derivation( &generator, handle, alg,
+                                     NULL, 0,
+                                     NULL, 0,
+                                     capacity ) );
 
     /* state of generator shouldn't allow additional generation */
     TEST_ASSERT(  psa_key_derivation( &generator, handle, alg,
@@ -3463,13 +3457,12 @@ void test_derive_invalid_generator_state( )
                                       NULL, 0,
                                       capacity ) == PSA_ERROR_BAD_STATE );
 
-    TEST_ASSERT( psa_generator_read( &generator, buffer, capacity )
-                 == PSA_SUCCESS );
+    PSA_ASSERT( psa_generator_read( &generator, buffer, capacity )
+        );
 
     TEST_ASSERT( psa_generator_read( &generator, buffer, capacity )
                  == PSA_ERROR_INSUFFICIENT_CAPACITY );
 
-
 exit:
     psa_generator_abort( &generator );
     psa_destroy_key( handle );
@@ -3477,7 +3470,6 @@ exit:
 }
 /* END_CASE */
 
-
 /* BEGIN_CASE */
 void test_derive_invalid_generator_tests( )
 {
@@ -3492,7 +3484,7 @@ void test_derive_invalid_generator_tests( )
     TEST_ASSERT( psa_get_generator_capacity( &generator, &capacity )
                  == PSA_SUCCESS ); // should be PSA_ERROR_BAD_STATE:#183
 
-    TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_generator_abort( &generator ) );
 
     TEST_ASSERT( psa_generator_read( &generator, output_buffer, buffer_size )
                  == PSA_ERROR_INSUFFICIENT_CAPACITY ); // should be PSA_ERROR_BAD_STATE:#183
@@ -3538,27 +3530,26 @@ void derive_output( int alg_arg,
             expected_outputs[i] = NULL;
     }
     ASSERT_ALLOC( output_buffer, output_buffer_size );
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
-                                   PSA_BYTES_TO_BITS( key_data->len ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
+                                  PSA_BYTES_TO_BITS( key_data->len ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_DERIVE,
-                                 key_data->x,
-                                 key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_DERIVE,
+                                key_data->x,
+                                key_data->len ) );
 
     /* Extraction phase. */
-    TEST_ASSERT( psa_key_derivation( &generator, handle, alg,
-                                     salt->x, salt->len,
-                                     label->x, label->len,
-                                     requested_capacity ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_get_generator_capacity( &generator,
-                                             &current_capacity ) ==
-                 PSA_SUCCESS );
+    PSA_ASSERT( psa_key_derivation( &generator, handle, alg,
+                                    salt->x, salt->len,
+                                    label->x, label->len,
+                                    requested_capacity ) );
+    PSA_ASSERT( psa_get_generator_capacity( &generator,
+                                            &current_capacity ) );
     TEST_ASSERT( current_capacity == requested_capacity );
     expected_capacity = requested_capacity;
 
@@ -3584,18 +3575,17 @@ void derive_output( int alg_arg,
             continue;
         }
         /* Success. Check the read data. */
-        TEST_ASSERT( status == PSA_SUCCESS );
+        PSA_ASSERT( status );
         if( output_sizes[i] != 0 )
             TEST_ASSERT( memcmp( output_buffer, expected_outputs[i],
                                  output_sizes[i] ) == 0 );
         /* Check the generator status. */
         expected_capacity -= output_sizes[i];
-        TEST_ASSERT( psa_get_generator_capacity( &generator,
-                                                 &current_capacity ) ==
-                     PSA_SUCCESS );
+        PSA_ASSERT( psa_get_generator_capacity( &generator,
+                                                &current_capacity ) );
         TEST_ASSERT( expected_capacity == current_capacity );
     }
-    TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_generator_abort( &generator ) );
 
 exit:
     mbedtls_free( output_buffer );
@@ -3621,27 +3611,26 @@ void derive_full( int alg_arg,
     size_t current_capacity;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
-                                   PSA_BYTES_TO_BITS( key_data->len ),
-                                   &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
+                                  PSA_BYTES_TO_BITS( key_data->len ),
+                                  &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_DERIVE,
-                                 key_data->x,
-                                 key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_DERIVE,
+                                key_data->x,
+                                key_data->len ) );
 
     /* Extraction phase. */
-    TEST_ASSERT( psa_key_derivation( &generator, handle, alg,
-                                     salt->x, salt->len,
-                                     label->x, label->len,
-                                     requested_capacity ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_get_generator_capacity( &generator,
-                                             &current_capacity ) ==
-                 PSA_SUCCESS );
+    PSA_ASSERT( psa_key_derivation( &generator, handle, alg,
+                                    salt->x, salt->len,
+                                    label->x, label->len,
+                                    requested_capacity ) );
+    PSA_ASSERT( psa_get_generator_capacity( &generator,
+                                            &current_capacity ) );
     TEST_ASSERT( current_capacity == expected_capacity );
 
     /* Expansion phase. */
@@ -3650,13 +3639,12 @@ void derive_full( int alg_arg,
         size_t read_size = sizeof( output_buffer );
         if( read_size > current_capacity )
             read_size = current_capacity;
-        TEST_ASSERT( psa_generator_read( &generator,
-                                         output_buffer,
-                                         read_size ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_generator_read( &generator,
+                                        output_buffer,
+                                        read_size ) );
         expected_capacity -= read_size;
-        TEST_ASSERT( psa_get_generator_capacity( &generator,
-                                                 &current_capacity ) ==
-                     PSA_SUCCESS );
+        PSA_ASSERT( psa_get_generator_capacity( &generator,
+                                                &current_capacity ) );
         TEST_ASSERT( current_capacity == expected_capacity );
     }
 
@@ -3665,7 +3653,7 @@ void derive_full( int alg_arg,
                                      output_buffer,
                                      1 ) == PSA_ERROR_INSUFFICIENT_CAPACITY );
 
-    TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_generator_abort( &generator ) );
 
 exit:
     psa_generator_abort( &generator );
@@ -3697,36 +3685,36 @@ void derive_key_exercise( int alg_arg,
     psa_key_type_t got_type;
     size_t got_bits;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
-                                   PSA_BYTES_TO_BITS( key_data->len ),
-                                   &base_handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
+                                  PSA_BYTES_TO_BITS( key_data->len ),
+                                  &base_handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
-    TEST_ASSERT( psa_set_key_policy( base_handle, &policy ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE,
-                                 key_data->x,
-                                 key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) );
+    PSA_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE,
+                                key_data->x,
+                                key_data->len ) );
 
     /* Derive a key. */
-    TEST_ASSERT( psa_key_derivation( &generator, base_handle, alg,
-                                     salt->x, salt->len,
-                                     label->x, label->len,
-                                     capacity ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_allocate_key( derived_type, derived_bits,
-                                   &derived_handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg,
+                                    salt->x, salt->len,
+                                    label->x, label->len,
+                                    capacity ) );
+    PSA_ASSERT( psa_allocate_key( derived_type, derived_bits,
+                                  &derived_handle ) );
     psa_key_policy_set_usage( &policy, derived_usage, derived_alg );
-    TEST_ASSERT( psa_set_key_policy( derived_handle, &policy ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_generator_import_key( derived_handle,
-                                           derived_type,
-                                           derived_bits,
-                                           &generator ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) );
+    PSA_ASSERT( psa_generator_import_key( derived_handle,
+                                          derived_type,
+                                          derived_bits,
+                                          &generator ) );
 
     /* Test the key information */
-    TEST_ASSERT( psa_get_key_information( derived_handle,
-                                          &got_type,
-                                          &got_bits ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_get_key_information( derived_handle,
+                                         &got_type,
+                                         &got_bits ) );
     TEST_ASSERT( got_type == derived_type );
     TEST_ASSERT( got_bits == derived_bits );
 
@@ -3765,57 +3753,57 @@ void derive_key_export( int alg_arg,
 
     ASSERT_ALLOC( output_buffer, capacity );
     ASSERT_ALLOC( export_buffer, capacity );
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
-                                   PSA_BYTES_TO_BITS( key_data->len ),
-                                   &base_handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
+                                  PSA_BYTES_TO_BITS( key_data->len ),
+                                  &base_handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
-    TEST_ASSERT( psa_set_key_policy( base_handle, &policy ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE,
-                                 key_data->x,
-                                 key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( base_handle, &policy ) );
+    PSA_ASSERT( psa_import_key( base_handle, PSA_KEY_TYPE_DERIVE,
+                                key_data->x,
+                                key_data->len ) );
 
     /* Derive some material and output it. */
-    TEST_ASSERT( psa_key_derivation( &generator, base_handle, alg,
-                                     salt->x, salt->len,
-                                     label->x, label->len,
-                                     capacity ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_generator_read( &generator,
-                                     output_buffer,
-                                     capacity ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_generator_abort( &generator ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg,
+                                    salt->x, salt->len,
+                                    label->x, label->len,
+                                    capacity ) );
+    PSA_ASSERT( psa_generator_read( &generator,
+                                    output_buffer,
+                                    capacity ) );
+    PSA_ASSERT( psa_generator_abort( &generator ) );
 
     /* Derive the same output again, but this time store it in key objects. */
-    TEST_ASSERT( psa_key_derivation( &generator, base_handle, alg,
-                                     salt->x, salt->len,
-                                     label->x, label->len,
-                                     capacity ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, derived_bits,
-                                   &derived_handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg,
+                                    salt->x, salt->len,
+                                    label->x, label->len,
+                                    capacity ) );
+    PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA, derived_bits,
+                                  &derived_handle ) );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT, 0 );
-    TEST_ASSERT( psa_set_key_policy( derived_handle, &policy ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_generator_import_key( derived_handle,
-                                           PSA_KEY_TYPE_RAW_DATA,
-                                           derived_bits,
-                                           &generator ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_export_key( derived_handle,
-                                 export_buffer, bytes1,
-                                 &length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) );
+    PSA_ASSERT( psa_generator_import_key( derived_handle,
+                                          PSA_KEY_TYPE_RAW_DATA,
+                                          derived_bits,
+                                          &generator ) );
+    PSA_ASSERT( psa_export_key( derived_handle,
+                                export_buffer, bytes1,
+                                &length ) );
     TEST_ASSERT( length == bytes1 );
-    TEST_ASSERT( psa_destroy_key( derived_handle ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA,
-                                   PSA_BYTES_TO_BITS( bytes2 ),
-                                   &derived_handle ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_set_key_policy( derived_handle, &policy ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_generator_import_key( derived_handle,
-                                           PSA_KEY_TYPE_RAW_DATA,
-                                           PSA_BYTES_TO_BITS( bytes2 ),
-                                           &generator ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_export_key( derived_handle,
-                                 export_buffer + bytes1, bytes2,
-                                 &length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_destroy_key( derived_handle ) );
+    PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA,
+                                  PSA_BYTES_TO_BITS( bytes2 ),
+                                  &derived_handle ) );
+    PSA_ASSERT( psa_set_key_policy( derived_handle, &policy ) );
+    PSA_ASSERT( psa_generator_import_key( derived_handle,
+                                          PSA_KEY_TYPE_RAW_DATA,
+                                          PSA_BYTES_TO_BITS( bytes2 ),
+                                          &generator ) );
+    PSA_ASSERT( psa_export_key( derived_handle,
+                                export_buffer + bytes1, bytes2,
+                                &length ) );
     TEST_ASSERT( length == bytes2 );
 
     /* Compare the outputs from the two runs. */
@@ -3843,18 +3831,18 @@ void key_agreement_setup( int alg_arg,
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( our_key_type,
-                                   KEY_BITS_FROM_DATA( our_key_type,
-                                                       our_key_data ),
-                                   &our_key ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( our_key_type,
+                                  KEY_BITS_FROM_DATA( our_key_type,
+                                                      our_key_data ),
+                                  &our_key ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
-    TEST_ASSERT( psa_set_key_policy( our_key, &policy ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_import_key( our_key, our_key_type,
-                                 our_key_data->x,
-                                 our_key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( our_key, &policy ) );
+    PSA_ASSERT( psa_import_key( our_key, our_key_type,
+                                our_key_data->x,
+                                our_key_data->len ) );
 
     TEST_ASSERT( psa_key_agreement( &generator,
                                     our_key,
@@ -3882,40 +3870,38 @@ void key_agreement_capacity( int alg_arg,
     size_t actual_capacity;
     unsigned char output[16];
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( our_key_type,
-                                   KEY_BITS_FROM_DATA( our_key_type,
-                                                       our_key_data ),
-                                   &our_key ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( our_key_type,
+                                  KEY_BITS_FROM_DATA( our_key_type,
+                                                      our_key_data ),
+                                  &our_key ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
-    TEST_ASSERT( psa_set_key_policy( our_key, &policy ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_import_key( our_key, our_key_type,
-                                 our_key_data->x,
-                                 our_key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( our_key, &policy ) );
+    PSA_ASSERT( psa_import_key( our_key, our_key_type,
+                                our_key_data->x,
+                                our_key_data->len ) );
 
-    TEST_ASSERT( psa_key_agreement( &generator,
-                                    our_key,
-                                    peer_key_data->x, peer_key_data->len,
-                                    alg ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_key_agreement( &generator,
+                                   our_key,
+                                   peer_key_data->x, peer_key_data->len,
+                                   alg ) );
 
     /* Test the advertized capacity. */
-    TEST_ASSERT( psa_get_generator_capacity(
-                     &generator, &actual_capacity ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_get_generator_capacity(
+                    &generator, &actual_capacity ) );
     TEST_ASSERT( actual_capacity == (size_t) expected_capacity_arg );
 
     /* Test the actual capacity by reading the output. */
     while( actual_capacity > sizeof( output ) )
     {
-        TEST_ASSERT( psa_generator_read( &generator,
-                                         output, sizeof( output ) ) ==
-                     PSA_SUCCESS );
+        PSA_ASSERT( psa_generator_read( &generator,
+                                        output, sizeof( output ) ) );
         actual_capacity -= sizeof( output );
     }
-    TEST_ASSERT( psa_generator_read( &generator,
-                                     output, actual_capacity ) ==
-                 PSA_SUCCESS );
+    PSA_ASSERT( psa_generator_read( &generator,
+                                    output, actual_capacity ) );
     TEST_ASSERT( psa_generator_read( &generator, output, 1 ) ==
                  PSA_ERROR_INSUFFICIENT_CAPACITY );
 
@@ -3942,36 +3928,36 @@ void key_agreement_output( int alg_arg,
     ASSERT_ALLOC( actual_output, MAX( expected_output1->len,
                                       expected_output2->len ) );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( our_key_type,
-                                   KEY_BITS_FROM_DATA( our_key_type,
-                                                       our_key_data ),
-                                   &our_key ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( our_key_type,
+                                  KEY_BITS_FROM_DATA( our_key_type,
+                                                      our_key_data ),
+                                  &our_key ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_DERIVE, alg );
-    TEST_ASSERT( psa_set_key_policy( our_key, &policy ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_import_key( our_key, our_key_type,
-                                 our_key_data->x,
-                                 our_key_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( our_key, &policy ) );
+    PSA_ASSERT( psa_import_key( our_key, our_key_type,
+                                our_key_data->x,
+                                our_key_data->len ) );
 
-    TEST_ASSERT( psa_key_agreement( &generator,
-                                    our_key,
-                                    peer_key_data->x, peer_key_data->len,
-                                    alg ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_key_agreement( &generator,
+                                   our_key,
+                                   peer_key_data->x, peer_key_data->len,
+                                   alg ) );
 
-    TEST_ASSERT(
+    PSA_ASSERT(
         psa_generator_read( &generator,
                             actual_output,
-                            expected_output1->len ) == PSA_SUCCESS );
+                            expected_output1->len ) );
     TEST_ASSERT( memcmp( actual_output, expected_output1->x,
                          expected_output1->len ) == 0 );
     if( expected_output2->len != 0 )
     {
-        TEST_ASSERT(
+        PSA_ASSERT(
             psa_generator_read( &generator,
                                 actual_output,
-                                expected_output2->len ) == PSA_SUCCESS );
+                                expected_output2->len ) );
         TEST_ASSERT( memcmp( actual_output, expected_output2->x,
                              expected_output2->len ) == 0 );
     }
@@ -3998,7 +3984,7 @@ void generate_random( int bytes_arg )
     ASSERT_ALLOC( changed, bytes );
     memcpy( output + bytes, trail, sizeof( trail ) );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
     /* Run several times, to ensure that every output byte will be
      * nonzero at least once with overwhelming probability
@@ -4007,7 +3993,7 @@ void generate_random( int bytes_arg )
     {
         if( bytes != 0 )
             memset( output, 0, bytes );
-        TEST_ASSERT( psa_generate_random( output, bytes ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_generate_random( output, bytes ) );
 
         /* Check that no more than bytes have been overwritten */
         TEST_ASSERT( memcmp( output + bytes, trail, sizeof( trail ) ) == 0 );
@@ -4053,12 +4039,12 @@ void generate_key( int type_arg,
         expected_status == PSA_SUCCESS ? PSA_SUCCESS : PSA_ERROR_EMPTY_SLOT;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_allocate_key( type, bits, &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_allocate_key( type, bits, &handle ) );
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, usage, alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
     /* Generate a key */
     TEST_ASSERT( psa_generate_key( handle, type, bits,
@@ -4110,50 +4096,50 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg,
     ASSERT_ALLOC( first_export, export_size );
     ASSERT_ALLOC( second_export, export_size );
 
-    TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init() );
 
-    TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, 1,
-                                 type, bits,
-                                 &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, 1,
+                                type, bits,
+                                &handle ) );
     psa_key_policy_init( &policy_set );
     psa_key_policy_set_usage( &policy_set, policy_usage,
                               policy_alg );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy_set ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy_set ) );
 
     switch( generation_method )
     {
         case IMPORT_KEY:
             /* Import the key */
-            TEST_ASSERT( psa_import_key( handle, type,
-                                         data->x, data->len ) == PSA_SUCCESS );
+            PSA_ASSERT( psa_import_key( handle, type,
+                                        data->x, data->len ) );
             break;
 
         case GENERATE_KEY:
             /* Generate a key */
-            TEST_ASSERT( psa_generate_key( handle, type, bits,
-                                           NULL, 0 ) == PSA_SUCCESS );
+            PSA_ASSERT( psa_generate_key( handle, type, bits,
+                                          NULL, 0 ) );
             break;
 
         case DERIVE_KEY:
             /* Create base key */
-            TEST_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
-                                           PSA_BYTES_TO_BITS( data->len ),
-                                           &base_key ) == PSA_SUCCESS );
+            PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
+                                          PSA_BYTES_TO_BITS( data->len ),
+                                          &base_key ) );
             psa_key_policy_init( &base_policy_set );
             psa_key_policy_set_usage( &base_policy_set, PSA_KEY_USAGE_DERIVE,
                                       base_policy_alg );
-            TEST_ASSERT( psa_set_key_policy(
-                             base_key, &base_policy_set ) == PSA_SUCCESS );
-            TEST_ASSERT( psa_import_key( base_key, PSA_KEY_TYPE_DERIVE,
-                                         data->x, data->len ) == PSA_SUCCESS );
+            PSA_ASSERT( psa_set_key_policy(
+                            base_key, &base_policy_set ) );
+            PSA_ASSERT( psa_import_key( base_key, PSA_KEY_TYPE_DERIVE,
+                                        data->x, data->len ) );
             /* Derive a key. */
-            TEST_ASSERT( psa_key_derivation( &generator, base_key,
-                                             base_policy_alg,
-                                             NULL, 0, NULL, 0,
-                                             export_size ) == PSA_SUCCESS );
-            TEST_ASSERT( psa_generator_import_key(
-                             handle, PSA_KEY_TYPE_RAW_DATA,
-                             bits, &generator ) == PSA_SUCCESS );
+            PSA_ASSERT( psa_key_derivation( &generator, base_key,
+                                            base_policy_alg,
+                                            NULL, 0, NULL, 0,
+                                            export_size ) );
+            PSA_ASSERT( psa_generator_import_key(
+                            handle, PSA_KEY_TYPE_RAW_DATA,
+                            bits, &generator ) );
             break;
     }
 
@@ -4163,17 +4149,17 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg,
 
     /* Shutdown and restart */
     mbedtls_psa_crypto_free();
-    TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init() );
 
     /* Check key slot still contains key data */
-    TEST_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, 1,
-                               &handle ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_get_key_information(
-                     handle, &type_get, &bits_get ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, 1,
+                              &handle ) );
+    PSA_ASSERT( psa_get_key_information(
+                    handle, &type_get, &bits_get ) );
     TEST_ASSERT( type_get == type );
     TEST_ASSERT( bits_get == (size_t) bits );
 
-    TEST_ASSERT( psa_get_key_policy( handle, &policy_get ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_get_key_policy( handle, &policy_get ) );
     TEST_ASSERT( psa_key_policy_get_usage(
                      &policy_get ) == policy_usage );
     TEST_ASSERT( psa_key_policy_get_algorithm(
diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function
index 46c77e97c..117184df2 100644
--- a/tests/suites/test_suite_psa_crypto_entropy.function
+++ b/tests/suites/test_suite_psa_crypto_entropy.function
@@ -55,9 +55,9 @@ void validate_entropy_seed_injection( int seed_length_a,
     TEST_ASSERT( status == expected_status_a );
     status = mbedtls_psa_inject_entropy( seed, seed_length_b );
     TEST_ASSERT( status == expected_status_b );
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_generate_random( output,
-                                      sizeof( output ) ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
+    PSA_ASSERT( psa_generate_random( output,
+                                     sizeof( output ) ) );
     TEST_ASSERT( memcmp( output, zeros, sizeof( output ) ) != 0 );
 exit:
     mbedtls_free( seed );
@@ -82,15 +82,15 @@ void run_entropy_inject_with_crypto_init( )
     TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) ||
                  ( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) );
     status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
-    TEST_ASSERT( status == PSA_SUCCESS );
+    PSA_ASSERT( status );
     its_status =  psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
     TEST_ASSERT( its_status == PSA_ITS_SUCCESS );
     status = psa_crypto_init( );
     TEST_ASSERT( status == PSA_ERROR_INSUFFICIENT_ENTROPY );
     status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
-    TEST_ASSERT( status == PSA_SUCCESS );
+    PSA_ASSERT( status );
     status = psa_crypto_init( );
-    TEST_ASSERT( status == PSA_SUCCESS );
+    PSA_ASSERT( status );
     mbedtls_psa_crypto_free( );
     /* The seed is written by nv_seed callback functions therefore the injection will fail */
     status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function
index bed80e262..5931a2338 100644
--- a/tests/suites/test_suite_psa_crypto_hash.function
+++ b/tests/suites/test_suite_psa_crypto_hash.function
@@ -23,14 +23,14 @@ void hash_finish( int alg_arg, data_t *input, data_t *expected_hash )
     size_t actual_hash_length;
     psa_hash_operation_t operation;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_hash_update( &operation,
-                                  input->x, input->len ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_hash_finish( &operation,
-                                  actual_hash, sizeof( actual_hash ),
-                                  &actual_hash_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+    PSA_ASSERT( psa_hash_update( &operation,
+                                 input->x, input->len ) );
+    PSA_ASSERT( psa_hash_finish( &operation,
+                                 actual_hash, sizeof( actual_hash ),
+                                 &actual_hash_length ) );
     ASSERT_COMPARE( expected_hash->x, expected_hash->len,
                     actual_hash, actual_hash_length );
 
@@ -45,15 +45,15 @@ void hash_verify( int alg_arg, data_t *input, data_t *expected_hash )
     psa_algorithm_t alg = alg_arg;
     psa_hash_operation_t operation;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_hash_update( &operation,
-                                  input->x,
-                                  input->len ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_hash_verify( &operation,
-                                  expected_hash->x,
-                                  expected_hash->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_hash_setup( &operation, alg ) );
+    PSA_ASSERT( psa_hash_update( &operation,
+                                 input->x,
+                                 input->len ) );
+    PSA_ASSERT( psa_hash_verify( &operation,
+                                 expected_hash->x,
+                                 expected_hash->len ) );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -69,22 +69,21 @@ void hash_multi_part( int alg_arg, data_t *input, data_t *expected_hash )
     psa_hash_operation_t operation;
     uint32_t len = 0;
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
     do
     {
         memset( actual_hash, 0, sizeof( actual_hash ) );
-        TEST_ASSERT( psa_hash_setup( &operation, alg ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_hash_setup( &operation, alg ) );
 
-        TEST_ASSERT( psa_hash_update( &operation,
-                                      input->x, len ) == PSA_SUCCESS );
-        TEST_ASSERT( psa_hash_update( &operation,
-                                      input->x + len, input->len - len ) ==
-                     PSA_SUCCESS );
+        PSA_ASSERT( psa_hash_update( &operation,
+                                     input->x, len ) );
+        PSA_ASSERT( psa_hash_update( &operation,
+                                     input->x + len, input->len - len ) );
 
-        TEST_ASSERT( psa_hash_finish( &operation,
-                                      actual_hash, sizeof( actual_hash ),
-                                      &actual_hash_length ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_hash_finish( &operation,
+                                     actual_hash, sizeof( actual_hash ),
+                                     &actual_hash_length ) );
 
         ASSERT_COMPARE( expected_hash->x, expected_hash->len,
                         actual_hash, actual_hash_length );
diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function
index 132fe82f8..f4da989db 100644
--- a/tests/suites/test_suite_psa_crypto_init.function
+++ b/tests/suites/test_suite_psa_crypto_init.function
@@ -142,9 +142,9 @@ void init_deinit( int count )
     for( i = 0; i < count; i++ )
     {
         status = psa_crypto_init( );
-        TEST_ASSERT( status == PSA_SUCCESS );
+        PSA_ASSERT( status );
         status = psa_crypto_init( );
-        TEST_ASSERT( status == PSA_SUCCESS );
+        PSA_ASSERT( status );
         mbedtls_psa_crypto_free( );
     }
 }
@@ -156,7 +156,7 @@ void deinit_without_init( int count )
     int i;
     for( i = 0; i < count; i++ )
     {
-        TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_crypto_init( ) );
         mbedtls_psa_crypto_free( );
     }
     mbedtls_psa_crypto_free( );
@@ -172,7 +172,7 @@ void validate_module_init_generate_random( int count )
     for( i = 0; i < count; i++ )
     {
         status = psa_crypto_init( );
-        TEST_ASSERT( status == PSA_SUCCESS );
+        PSA_ASSERT( status );
         mbedtls_psa_crypto_free( );
     }
     status = psa_generate_random( random, sizeof( random ) );
@@ -189,7 +189,7 @@ void validate_module_init_key_based( int count )
     for( i = 0; i < count; i++ )
     {
         status = psa_crypto_init( );
-        TEST_ASSERT( status == PSA_SUCCESS );
+        PSA_ASSERT( status );
         mbedtls_psa_crypto_free( );
     }
     status = psa_import_key( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) );
@@ -204,16 +204,14 @@ void custom_entropy_sources( int sources_arg, int expected_init_status_arg )
     uint8_t random[10] = { 0 };
 
     custom_entropy_sources_mask = sources_arg;
-    TEST_ASSERT( mbedtls_psa_crypto_configure_entropy_sources(
-                     custom_entropy_init, mbedtls_entropy_free ) ==
-                 PSA_SUCCESS );
+    PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources(
+                    custom_entropy_init, mbedtls_entropy_free ) );
 
     TEST_ASSERT( psa_crypto_init( ) == expected_init_status );
     if( expected_init_status != PSA_SUCCESS )
         goto exit;
 
-    TEST_ASSERT( psa_generate_random( random, sizeof( random ) ) ==
-                 PSA_SUCCESS );
+    PSA_ASSERT( psa_generate_random( random, sizeof( random ) ) );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -246,16 +244,14 @@ void fake_entropy_source( int threshold,
     fake_entropy_state.length_sequence = lengths;
 
     custom_entropy_sources_mask = ENTROPY_SOURCE_FAKE;
-    TEST_ASSERT( mbedtls_psa_crypto_configure_entropy_sources(
-                     custom_entropy_init, mbedtls_entropy_free ) ==
-                 PSA_SUCCESS );
+    PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources(
+                    custom_entropy_init, mbedtls_entropy_free ) );
 
     TEST_ASSERT( psa_crypto_init( ) == expected_init_status );
     if( expected_init_status != PSA_SUCCESS )
         goto exit;
 
-    TEST_ASSERT( psa_generate_random( random, sizeof( random ) ) ==
-                 PSA_SUCCESS );
+    PSA_ASSERT( psa_generate_random( random, sizeof( random ) ) );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -275,16 +271,14 @@ void entropy_from_nv_seed( int seed_size_arg,
     TEST_ASSERT( mbedtls_nv_seed_write( seed, seed_size ) >= 0 );
 
     custom_entropy_sources_mask = ENTROPY_SOURCE_NV_SEED;
-    TEST_ASSERT( mbedtls_psa_crypto_configure_entropy_sources(
-                     custom_entropy_init, mbedtls_entropy_free ) ==
-                 PSA_SUCCESS );
+    PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources(
+                    custom_entropy_init, mbedtls_entropy_free ) );
 
     TEST_ASSERT( psa_crypto_init( ) == expected_init_status );
     if( expected_init_status != PSA_SUCCESS )
         goto exit;
 
-    TEST_ASSERT( psa_generate_random( random, sizeof( random ) ) ==
-                 PSA_SUCCESS );
+    PSA_ASSERT( psa_generate_random( random, sizeof( random ) ) );
 
 exit:
     mbedtls_free( seed );
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function
index aa8fddd3a..bf7537641 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.function
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.function
@@ -81,7 +81,6 @@ exit:
 }
 /* END_CASE */
 
-
 /* BEGIN_CASE */
 void save_large_persistent_key( int data_too_large, int expected_status )
 {
@@ -95,12 +94,12 @@ void save_large_persistent_key( int data_too_large, int expected_status )
 
     ASSERT_ALLOC( data, data_length );
 
-    TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init() );
 
-    TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
-                                 PSA_KEY_TYPE_RAW_DATA,
-                                 PSA_BYTES_TO_BITS( data_length ),
-                                 &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
+                                PSA_KEY_TYPE_RAW_DATA,
+                                PSA_BYTES_TO_BITS( data_length ),
+                                &handle ) );
 
     TEST_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_RAW_DATA,
                                  data, data_length ) == expected_status );
@@ -123,24 +122,24 @@ void persistent_key_destroy( int key_id_arg, int should_store,
     psa_key_type_t first_type = (psa_key_type_t) first_type_arg;
     psa_key_type_t second_type = (psa_key_type_t) second_type_arg;
 
-    TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init() );
 
     psa_key_policy_init( &policy );
 
-    TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
-                                 first_type,
-                                 PSA_BYTES_TO_BITS( first_data->len ),
-                                 &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
+                                first_type,
+                                PSA_BYTES_TO_BITS( first_data->len ),
+                                &handle ) );
 
     if( should_store == 1 )
     {
-        TEST_ASSERT( psa_import_key(
-                         handle, first_type,
-                         first_data->x, first_data->len ) == PSA_SUCCESS );
+        PSA_ASSERT( psa_import_key(
+                        handle, first_type,
+                        first_data->x, first_data->len ) );
     }
 
     /* Destroy the key */
-    TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_destroy_key( handle ) );
 
     /* Check key slot storage is removed */
     TEST_ASSERT( psa_is_key_present_in_storage( key_id ) == 0 );
@@ -150,16 +149,16 @@ void persistent_key_destroy( int key_id_arg, int should_store,
 
     /* Shutdown and restart */
     mbedtls_psa_crypto_free();
-    TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init() );
 
     /* Create another key in the same slot */
-    TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
-                                 second_type,
-                                 PSA_BYTES_TO_BITS( second_data->len ),
-                                 &handle ) == PSA_SUCCESS );
-    TEST_ASSERT( psa_import_key(
-                     handle, second_type,
-                     second_data->x, second_data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
+                                second_type,
+                                PSA_BYTES_TO_BITS( second_data->len ),
+                                &handle ) );
+    PSA_ASSERT( psa_import_key(
+                    handle, second_type,
+                    second_data->x, second_data->len ) );
 
 exit:
     mbedtls_psa_crypto_free();
@@ -177,12 +176,12 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data,
     psa_key_type_t type = (psa_key_type_t) type_arg;
     psa_key_handle_t handle = 0;
 
-    TEST_ASSERT( psa_crypto_init() == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init() );
 
-    TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
-                                 type,
-                                 PSA_BYTES_TO_BITS( data->len ),
-                                 &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
+                                type,
+                                PSA_BYTES_TO_BITS( data->len ),
+                                &handle ) );
     psa_key_policy_init( &policy );
     TEST_ASSERT( psa_import_key( handle, type,
                                  data->x, data->len ) == expected_status );
@@ -193,7 +192,7 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data,
         goto exit;
     }
 
-    TEST_ASSERT( psa_get_key_lifetime( handle, &lifetime ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_get_key_lifetime( handle, &lifetime ) );
     TEST_ASSERT( lifetime == PSA_KEY_LIFETIME_PERSISTENT );
 
 exit:
@@ -219,28 +218,28 @@ void import_export_persistent_key( data_t *data, int type_arg,
 
     ASSERT_ALLOC( exported, export_size );
 
-    TEST_ASSERT( psa_crypto_init( ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
-                                 type,
-                                 PSA_BYTES_TO_BITS( data->len ),
-                                 &handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_create_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
+                                type,
+                                PSA_BYTES_TO_BITS( data->len ),
+                                &handle ) );
 
     psa_key_policy_init( &policy );
     psa_key_policy_set_usage( &policy, PSA_KEY_USAGE_EXPORT,
                               PSA_ALG_VENDOR_FLAG );
-    TEST_ASSERT( psa_set_key_policy( handle, &policy ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
     /* Import the key */
-    TEST_ASSERT( psa_import_key( handle, type,
-                                 data->x, data->len ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_import_key( handle, type,
+                                data->x, data->len ) );
 
-    TEST_ASSERT( psa_get_key_lifetime( handle, &lifetime_get ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_get_key_lifetime( handle, &lifetime_get ) );
     TEST_ASSERT( lifetime_get == PSA_KEY_LIFETIME_PERSISTENT );
 
     /* Test the key information */
-    TEST_ASSERT( psa_get_key_information(
-                     handle, &got_type, &got_bits ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_get_key_information(
+                    handle, &got_type, &got_bits ) );
     TEST_ASSERT( got_type == type );
     TEST_ASSERT( got_bits == (size_t) expected_bits );
 
@@ -251,13 +250,13 @@ void import_export_persistent_key( data_t *data, int type_arg,
         psa_destroy_persistent_key( key_id );
     }
     /* Export the key */
-    TEST_ASSERT( psa_export_key( handle, exported, export_size,
-                                 &exported_length ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_export_key( handle, exported, export_size,
+                                &exported_length ) );
 
     ASSERT_COMPARE( data->x, data->len, exported, exported_length );
 
     /* Destroy the key */
-    TEST_ASSERT( psa_destroy_key( handle ) == PSA_SUCCESS );
+    PSA_ASSERT( psa_destroy_key( handle ) );
     TEST_ASSERT( psa_is_key_present_in_storage( key_id ) == 0 );
 
 exit:
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
index 407d24b1c..4584ceb94 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.function
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -367,7 +367,7 @@ void many_transient_handles( int max_handles_arg )
                                    &handles[i] );
         if( status == PSA_ERROR_INSUFFICIENT_MEMORY )
             break;
-        TEST_ASSERT( status == PSA_SUCCESS );
+        PSA_ASSERT( status );
         TEST_ASSERT( handles[i] != 0 );
         for( j = 0; j < i; j++ )
             TEST_ASSERT( handles[i] != handles[j] );
diff --git a/tests/suites/test_suite_psa_crypto_storage_file.function b/tests/suites/test_suite_psa_crypto_storage_file.function
index e753d7862..dabba2096 100644
--- a/tests/suites/test_suite_psa_crypto_storage_file.function
+++ b/tests/suites/test_suite_psa_crypto_storage_file.function
@@ -97,7 +97,6 @@ exit:
 }
 /* END_CASE */
 
-
 /* BEGIN_CASE */
 void get_file_size( data_t *data, int expected_data_length,
                     int expected_status, int should_make_file )

From fe11b72b93598532cedd198d7d42cfc1609d31e2 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 18 Dec 2018 00:24:04 +0100
Subject: [PATCH 876/889] Use TEST_EQUAL(a,b) in preference to
 TEST_ASSERT(a==b)

This commit is the result of the following command, followed by
reindenting (but not wrapping lines):

perl -00 -i -pe 's/^( *)TEST_ASSERT\(([^;=]*)(?: |\n *)==([^;=]*)\);$/${1}TEST_EQUAL($2,$3);/gm' tests/suites/test_suite_psa_*.function
---
 tests/suites/test_suite_psa_crypto.function   | 406 +++++++++---------
 .../test_suite_psa_crypto_entropy.function    |  10 +-
 .../test_suite_psa_crypto_init.function       |  10 +-
 .../test_suite_psa_crypto_metadata.function   | 100 ++---
 ...t_suite_psa_crypto_persistent_key.function |  38 +-
 ..._suite_psa_crypto_slot_management.function |  62 +--
 ...est_suite_psa_crypto_storage_file.function |  26 +-
 7 files changed, 326 insertions(+), 326 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index f665fb78f..561136de2 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -158,9 +158,9 @@ static int exercise_mac_key( psa_key_handle_t handle,
                                           handle, alg ) );
         PSA_ASSERT( psa_mac_update( &operation,
                                     input, sizeof( input ) ) );
-        TEST_ASSERT( psa_mac_verify_finish( &operation,
-                                            mac,
-                                            mac_length ) == verify_status );
+        TEST_EQUAL( psa_mac_verify_finish( &operation,
+                                           mac,
+                                           mac_length ), verify_status );
     }
 
     return( 1 );
@@ -268,12 +268,12 @@ static int exercise_aead_key( psa_key_handle_t handle,
             ( usage & PSA_KEY_USAGE_ENCRYPT ?
               PSA_SUCCESS :
               PSA_ERROR_INVALID_SIGNATURE );
-        TEST_ASSERT( psa_aead_decrypt( handle, alg,
-                                       nonce, nonce_length,
-                                       NULL, 0,
-                                       ciphertext, ciphertext_length,
-                                       plaintext, sizeof( plaintext ),
-                                       &plaintext_length ) == verify_status );
+        TEST_EQUAL( psa_aead_decrypt( handle, alg,
+                                      nonce, nonce_length,
+                                      NULL, 0,
+                                      ciphertext, ciphertext_length,
+                                      plaintext, sizeof( plaintext ),
+                                      &plaintext_length ), verify_status );
     }
 
     return( 1 );
@@ -311,10 +311,10 @@ static int exercise_signature_key( psa_key_handle_t handle,
             ( usage & PSA_KEY_USAGE_SIGN ?
               PSA_SUCCESS :
               PSA_ERROR_INVALID_SIGNATURE );
-        TEST_ASSERT( psa_asymmetric_verify( handle, alg,
-                                            payload, payload_length,
-                                            signature, signature_length ) ==
-                     verify_status );
+        TEST_EQUAL( psa_asymmetric_verify( handle, alg,
+                                           payload, payload_length,
+                                           signature, signature_length ),
+                    verify_status );
     }
 
     return( 1 );
@@ -495,8 +495,8 @@ static int asn1_skip_integer( unsigned char **p, const unsigned char *end,
     size_t len;
     size_t actual_bits;
     unsigned char msb;
-    TEST_ASSERT( mbedtls_asn1_get_tag( p, end, &len,
-                                       MBEDTLS_ASN1_INTEGER ) == 0 );
+    TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len,
+                                      MBEDTLS_ASN1_INTEGER ), 0 );
     /* Tolerate a slight departure from DER encoding:
      * - 0 may be represented by an empty string or a 1-byte string.
      * - The sign bit may be used as a value bit. */
@@ -549,7 +549,7 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits,
                                       uint8_t *exported, size_t exported_length )
 {
     if( PSA_KEY_TYPE_IS_UNSTRUCTURED( type ) )
-        TEST_ASSERT( exported_length == ( bits + 7 ) / 8 );
+        TEST_EQUAL( exported_length, ( bits + 7 ) / 8 );
     else
         TEST_ASSERT( exported_length <= PSA_KEY_EXPORT_MAX_SIZE( type, bits ) );
 
@@ -591,10 +591,10 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits,
          *       coefficient         INTEGER,  -- (inverse of q) mod p
          *   }
          */
-        TEST_ASSERT( mbedtls_asn1_get_tag( &p, end, &len,
-                                           MBEDTLS_ASN1_SEQUENCE |
-                                           MBEDTLS_ASN1_CONSTRUCTED ) == 0 );
-        TEST_ASSERT( p + len == end );
+        TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len,
+                                          MBEDTLS_ASN1_SEQUENCE |
+                                          MBEDTLS_ASN1_CONSTRUCTED ), 0 );
+        TEST_EQUAL( p + len, end );
         if( ! asn1_skip_integer( &p, end, 0, 0, 0 ) )
             goto exit;
         if( ! asn1_skip_integer( &p, end, bits, bits, 1 ) )
@@ -615,7 +615,7 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits,
             goto exit;
         if( ! asn1_skip_integer( &p, end, 1, bits / 2 + 1, 0 ) )
             goto exit;
-        TEST_ASSERT( p == end );
+        TEST_EQUAL( p, end );
     }
     else
 #endif /* MBEDTLS_RSA_C */
@@ -624,7 +624,7 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits,
     if( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) )
     {
         /* Just the secret value */
-        TEST_ASSERT( exported_length == PSA_BITS_TO_BYTES( bits ) );
+        TEST_EQUAL( exported_length, PSA_BITS_TO_BYTES( bits ) );
     }
     else
 #endif /* MBEDTLS_ECP_C */
@@ -644,15 +644,15 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits,
          *      algorithm          OBJECT IDENTIFIER,
          *      parameters         ANY DEFINED BY algorithm OPTIONAL  }
          */
-        TEST_ASSERT( mbedtls_asn1_get_tag( &p, end, &len,
-                                           MBEDTLS_ASN1_SEQUENCE |
-                                           MBEDTLS_ASN1_CONSTRUCTED ) == 0 );
-        TEST_ASSERT( p + len == end );
-        TEST_ASSERT( mbedtls_asn1_get_alg( &p, end, &alg, &params ) == 0 );
+        TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len,
+                                          MBEDTLS_ASN1_SEQUENCE |
+                                          MBEDTLS_ASN1_CONSTRUCTED ), 0 );
+        TEST_EQUAL( p + len, end );
+        TEST_EQUAL( mbedtls_asn1_get_alg( &p, end, &alg, &params ), 0 );
         if( ! is_oid_of_key_type( type, alg.p, alg.len ) )
             goto exit;
-        TEST_ASSERT( mbedtls_asn1_get_bitstring( &p, end, &bitstring ) == 0 );
-        TEST_ASSERT( p == end );
+        TEST_EQUAL( mbedtls_asn1_get_bitstring( &p, end, &bitstring ), 0 );
+        TEST_EQUAL( p, end );
         p = bitstring.p;
 #if defined(MBEDTLS_RSA_C)
         if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY )
@@ -661,16 +661,16 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits,
              *      modulus            INTEGER,    -- n
              *      publicExponent     INTEGER  }  -- e
              */
-            TEST_ASSERT( bitstring.unused_bits == 0 );
-            TEST_ASSERT( mbedtls_asn1_get_tag( &p, end, &len,
-                                               MBEDTLS_ASN1_SEQUENCE |
-                                               MBEDTLS_ASN1_CONSTRUCTED ) == 0 );
-            TEST_ASSERT( p + len == end );
+            TEST_EQUAL( bitstring.unused_bits, 0 );
+            TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len,
+                                              MBEDTLS_ASN1_SEQUENCE |
+                                              MBEDTLS_ASN1_CONSTRUCTED ), 0 );
+            TEST_EQUAL( p + len, end );
             if( ! asn1_skip_integer( &p, end, bits, bits, 1 ) )
                 goto exit;
             if( ! asn1_skip_integer( &p, end, 2, bits, 1 ) )
                 goto exit;
-            TEST_ASSERT( p == end );
+            TEST_EQUAL( p, end );
         }
         else
 #endif /* MBEDTLS_RSA_C */
@@ -683,9 +683,9 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits,
              *      -- then y_P as a n-bit string, big endian,
              *      -- where n is the order of the curve.
              */
-            TEST_ASSERT( bitstring.unused_bits == 0 );
-            TEST_ASSERT( p + 1 + 2 * PSA_BITS_TO_BYTES( bits ) == end );
-            TEST_ASSERT( p[0] == 4 );
+            TEST_EQUAL( bitstring.unused_bits, 0 );
+            TEST_EQUAL( p + 1 + 2 * PSA_BITS_TO_BYTES( bits ), end );
+            TEST_EQUAL( p[0], 4 );
         }
         else
 #endif /* MBEDTLS_ECP_C */
@@ -725,8 +725,8 @@ static int exercise_export_key( psa_key_handle_t handle,
     if( ( usage & PSA_KEY_USAGE_EXPORT ) == 0 &&
         ! PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
     {
-        TEST_ASSERT( psa_export_key( handle, NULL, 0, &exported_length ) ==
-                     PSA_ERROR_NOT_PERMITTED );
+        TEST_EQUAL( psa_export_key( handle, NULL, 0, &exported_length ),
+                    PSA_ERROR_NOT_PERMITTED );
         return( 1 );
     }
 
@@ -756,9 +756,9 @@ static int exercise_export_public_key( psa_key_handle_t handle )
     PSA_ASSERT( psa_get_key_information( handle, &type, &bits ) );
     if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( type ) )
     {
-        TEST_ASSERT( psa_export_public_key( handle,
-                                            NULL, 0, &exported_length ) ==
-                     PSA_ERROR_INVALID_ARGUMENT );
+        TEST_EQUAL( psa_export_public_key( handle,
+                                           NULL, 0, &exported_length ),
+                    PSA_ERROR_INVALID_ARGUMENT );
         return( 1 );
     }
 
@@ -889,7 +889,7 @@ void import( data_t *data, int type, int expected_status_arg )
     PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
                                   &handle ) );
     status = psa_import_key( handle, type, data->x, data->len );
-    TEST_ASSERT( status == expected_status );
+    TEST_EQUAL( status, expected_status );
     if( status == PSA_SUCCESS )
         PSA_ASSERT( psa_destroy_key( handle ) );
 
@@ -926,9 +926,9 @@ void import_twice( int alg_arg, int usage_arg,
     PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
     status = psa_import_key( handle, type1, data1->x, data1->len );
-    TEST_ASSERT( status == expected_import1_status );
+    TEST_EQUAL( status, expected_import1_status );
     status = psa_import_key( handle, type2, data2->x, data2->len );
-    TEST_ASSERT( status == expected_import2_status );
+    TEST_EQUAL( status, expected_import2_status );
 
     if( expected_import1_status == PSA_SUCCESS ||
         expected_import2_status == PSA_SUCCESS )
@@ -967,7 +967,7 @@ void import_rsa_made_up( int bits_arg, int keypair, int expected_status_arg )
     /* Try importing the key */
     PSA_ASSERT( psa_allocate_key( type, bits, &handle ) );
     status = psa_import_key( handle, type, p, length );
-    TEST_ASSERT( status == expected_status );
+    TEST_EQUAL( status, expected_status );
     if( status == PSA_SUCCESS )
         PSA_ASSERT( psa_destroy_key( handle ) );
 
@@ -1014,8 +1014,8 @@ void import_export( data_t *data,
     psa_key_policy_set_usage( &policy, usage_arg, alg );
     PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_ASSERT( psa_get_key_information(
-                     handle, NULL, NULL ) == PSA_ERROR_EMPTY_SLOT );
+    TEST_EQUAL( psa_get_key_information(
+                    handle, NULL, NULL ), PSA_ERROR_EMPTY_SLOT );
 
     /* Import the key */
     PSA_ASSERT( psa_import_key( handle, type,
@@ -1025,14 +1025,14 @@ void import_export( data_t *data,
     PSA_ASSERT( psa_get_key_information( handle,
                                          &got_type,
                                          &got_bits ) );
-    TEST_ASSERT( got_type == type );
-    TEST_ASSERT( got_bits == (size_t) expected_bits );
+    TEST_EQUAL( got_type, type );
+    TEST_EQUAL( got_bits, (size_t) expected_bits );
 
     /* Export the key */
     status = psa_export_key( handle,
                              exported, export_size,
                              &exported_length );
-    TEST_ASSERT( status == expected_export_status );
+    TEST_EQUAL( status, expected_export_status );
 
     /* The exported length must be set by psa_export_key() to a value between 0
      * and export_size. On errors, the exported length must be 0. */
@@ -1044,7 +1044,7 @@ void import_export( data_t *data,
                               export_size - exported_length ) );
     if( status != PSA_SUCCESS )
     {
-        TEST_ASSERT( exported_length == 0 );
+        TEST_EQUAL( exported_length, 0 );
         goto destroy;
     }
 
@@ -1075,8 +1075,8 @@ void import_export( data_t *data,
 destroy:
     /* Destroy the key */
     PSA_ASSERT( psa_destroy_key( handle ) );
-    TEST_ASSERT( psa_get_key_information(
-                     handle, NULL, NULL ) == PSA_ERROR_INVALID_HANDLE );
+    TEST_EQUAL( psa_get_key_information(
+                    handle, NULL, NULL ), PSA_ERROR_INVALID_HANDLE );
 
 exit:
     mbedtls_free( exported );
@@ -1103,7 +1103,7 @@ void import_key_nonempty_slot( )
 
     /* Import the key again */
     status = psa_import_key( handle, type, data, sizeof( data ) );
-    TEST_ASSERT( status == PSA_ERROR_OCCUPIED_SLOT );
+    TEST_EQUAL( status, PSA_ERROR_OCCUPIED_SLOT );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -1125,7 +1125,7 @@ void export_invalid_handle( int handle, int expected_export_status_arg )
     status = psa_export_key( (psa_key_handle_t) handle,
                              exported, export_size,
                              &exported_length );
-    TEST_ASSERT( status == expected_export_status );
+    TEST_EQUAL( status, expected_export_status );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -1155,7 +1155,7 @@ void export_with_no_key_activity( )
     status = psa_export_key( handle,
                              exported, export_size,
                              &exported_length );
-    TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT );
+    TEST_EQUAL( status, PSA_ERROR_EMPTY_SLOT );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -1180,7 +1180,7 @@ void cipher_with_no_key_activity( )
     PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
     status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg );
-    TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT );
+    TEST_EQUAL( status, PSA_ERROR_EMPTY_SLOT );
 
 exit:
     psa_cipher_abort( &operation );
@@ -1208,13 +1208,13 @@ void export_after_import_failure( data_t *data, int type_arg,
     /* Import the key - expect failure */
     status = psa_import_key( handle, type,
                              data->x, data->len );
-    TEST_ASSERT( status == expected_import_status );
+    TEST_EQUAL( status, expected_import_status );
 
     /* Export the key */
     status = psa_export_key( handle,
                              exported, export_size,
                              &exported_length );
-    TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT );
+    TEST_EQUAL( status, PSA_ERROR_EMPTY_SLOT );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -1240,10 +1240,10 @@ void cipher_after_import_failure( data_t *data, int type_arg,
     /* Import the key - expect failure */
     status = psa_import_key( handle, type,
                              data->x, data->len );
-    TEST_ASSERT( status == expected_import_status );
+    TEST_EQUAL( status, expected_import_status );
 
     status = psa_cipher_encrypt_setup( &operation, handle, exercise_alg );
-    TEST_ASSERT( status == PSA_ERROR_EMPTY_SLOT );
+    TEST_EQUAL( status, PSA_ERROR_EMPTY_SLOT );
 
 exit:
     psa_cipher_abort( &operation );
@@ -1286,7 +1286,7 @@ void export_after_destroy_key( data_t *data, int type_arg )
     /* Export the key */
     status = psa_export_key( handle, exported, export_size,
                              &exported_length );
-    TEST_ASSERT( status == PSA_ERROR_INVALID_HANDLE );
+    TEST_EQUAL( status, PSA_ERROR_INVALID_HANDLE );
 
 exit:
     mbedtls_free( exported );
@@ -1329,7 +1329,7 @@ void import_export_public_key( data_t *data,
     status = psa_export_public_key( handle,
                                     exported, export_size,
                                     &exported_length );
-    TEST_ASSERT( status == expected_export_status );
+    TEST_EQUAL( status, expected_export_status );
     if( status == PSA_SUCCESS )
     {
         psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type );
@@ -1380,8 +1380,8 @@ void import_and_exercise_key( data_t *data,
     PSA_ASSERT( psa_get_key_information( handle,
                                          &got_type,
                                          &got_bits ) );
-    TEST_ASSERT( got_type == type );
-    TEST_ASSERT( got_bits == bits );
+    TEST_EQUAL( got_type, type );
+    TEST_EQUAL( got_bits, bits );
 
     /* Do something with the key according to its type and permitted usage. */
     if( ! exercise_key( handle, usage, alg ) )
@@ -1414,8 +1414,8 @@ void key_policy( int usage_arg, int alg_arg )
     psa_key_policy_init( &policy_get );
     psa_key_policy_set_usage( &policy_set, usage, alg );
 
-    TEST_ASSERT( psa_key_policy_get_usage( &policy_set ) == usage );
-    TEST_ASSERT( psa_key_policy_get_algorithm( &policy_set ) == alg );
+    TEST_EQUAL( psa_key_policy_get_usage( &policy_set ), usage );
+    TEST_EQUAL( psa_key_policy_get_algorithm( &policy_set ), alg );
     PSA_ASSERT( psa_set_key_policy( handle, &policy_set ) );
 
     PSA_ASSERT( psa_import_key( handle, key_type,
@@ -1423,8 +1423,8 @@ void key_policy( int usage_arg, int alg_arg )
 
     PSA_ASSERT( psa_get_key_policy( handle, &policy_get ) );
 
-    TEST_ASSERT( policy_get.usage == policy_set.usage );
-    TEST_ASSERT( policy_get.alg == policy_set.alg );
+    TEST_EQUAL( policy_get.usage, policy_set.usage );
+    TEST_EQUAL( policy_get.alg, policy_set.alg );
 
 exit:
     psa_destroy_key( handle );
@@ -1462,7 +1462,7 @@ void mac_key_policy( int policy_usage,
         ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 )
         PSA_ASSERT( status );
     else
-        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
     psa_mac_abort( &operation );
 
     memset( mac, 0, sizeof( mac ) );
@@ -1471,7 +1471,7 @@ void mac_key_policy( int policy_usage,
         ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 )
         PSA_ASSERT( status );
     else
-        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
 
 exit:
     psa_mac_abort( &operation );
@@ -1509,7 +1509,7 @@ void cipher_key_policy( int policy_usage,
         ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
         PSA_ASSERT( status );
     else
-        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
     psa_cipher_abort( &operation );
 
     status = psa_cipher_decrypt_setup( &operation, handle, exercise_alg );
@@ -1517,7 +1517,7 @@ void cipher_key_policy( int policy_usage,
         ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 )
         PSA_ASSERT( status );
     else
-        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
 
 exit:
     psa_cipher_abort( &operation );
@@ -1569,7 +1569,7 @@ void aead_key_policy( int policy_usage,
         ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
         PSA_ASSERT( status );
     else
-        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
 
     memset( tag, 0, sizeof( tag ) );
     status = psa_aead_decrypt( handle, exercise_alg,
@@ -1580,9 +1580,9 @@ void aead_key_policy( int policy_usage,
                                &output_length );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 )
-        TEST_ASSERT( status == PSA_ERROR_INVALID_SIGNATURE );
+        TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE );
     else
-        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
 
 exit:
     psa_destroy_key( handle );
@@ -1633,7 +1633,7 @@ void asymmetric_encryption_key_policy( int policy_usage,
         ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
         PSA_ASSERT( status );
     else
-        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
 
     if( buffer_length != 0 )
         memset( buffer, 0, buffer_length );
@@ -1644,9 +1644,9 @@ void asymmetric_encryption_key_policy( int policy_usage,
                                      &output_length );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 )
-        TEST_ASSERT( status == PSA_ERROR_INVALID_PADDING );
+        TEST_EQUAL( status, PSA_ERROR_INVALID_PADDING );
     else
-        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
 
 exit:
     psa_destroy_key( handle );
@@ -1690,7 +1690,7 @@ void asymmetric_signature_key_policy( int policy_usage,
         ( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 )
         PSA_ASSERT( status );
     else
-        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
 
     memset( signature, 0, sizeof( signature ) );
     status = psa_asymmetric_verify( handle, exercise_alg,
@@ -1698,9 +1698,9 @@ void asymmetric_signature_key_policy( int policy_usage,
                                     signature, sizeof( signature ) );
     if( policy_alg == exercise_alg &&
         ( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 )
-        TEST_ASSERT( status == PSA_ERROR_INVALID_SIGNATURE );
+        TEST_EQUAL( status, PSA_ERROR_INVALID_SIGNATURE );
     else
-        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
 
 exit:
     psa_destroy_key( handle );
@@ -1741,7 +1741,7 @@ void derive_key_policy( int policy_usage,
         ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 )
         PSA_ASSERT( status );
     else
-        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
 
 exit:
     psa_generator_abort( &generator );
@@ -1781,7 +1781,7 @@ void agreement_key_policy( int policy_usage,
         ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 )
         PSA_ASSERT( status );
     else
-        TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+        TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
 
 exit:
     psa_generator_abort( &generator );
@@ -1803,7 +1803,7 @@ void hash_setup( int alg_arg,
 
     status = psa_hash_setup( &operation, alg );
     psa_hash_abort( &operation );
-    TEST_ASSERT( status == expected_status );
+    TEST_EQUAL( status, expected_status );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -1826,21 +1826,21 @@ void hash_bad_order( )
 
     /* psa_hash_update without calling psa_hash_setup beforehand */
     memset( &operation, 0, sizeof( operation ) );
-    TEST_ASSERT( psa_hash_update( &operation,
-                                  input, sizeof( input ) ) ==
-                 PSA_ERROR_INVALID_ARGUMENT );
+    TEST_EQUAL( psa_hash_update( &operation,
+                                 input, sizeof( input ) ),
+                PSA_ERROR_INVALID_ARGUMENT );
 
     /* psa_hash_verify without calling psa_hash_setup beforehand */
     memset( &operation, 0, sizeof( operation ) );
-    TEST_ASSERT( psa_hash_verify( &operation,
-                                  hash, sizeof( hash ) ) ==
-                 PSA_ERROR_INVALID_ARGUMENT );
+    TEST_EQUAL( psa_hash_verify( &operation,
+                                 hash, sizeof( hash ) ),
+                PSA_ERROR_INVALID_ARGUMENT );
 
     /* psa_hash_finish without calling psa_hash_setup beforehand */
     memset( &operation, 0, sizeof( operation ) );
-    TEST_ASSERT( psa_hash_finish( &operation,
-                                  hash, sizeof( hash ), &hash_len ) ==
-                 PSA_ERROR_INVALID_ARGUMENT );
+    TEST_EQUAL( psa_hash_finish( &operation,
+                                 hash, sizeof( hash ), &hash_len ),
+                PSA_ERROR_INVALID_ARGUMENT );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -1864,21 +1864,21 @@ void hash_verify_bad_args( )
 
     /* psa_hash_verify with a smaller hash than expected */
     PSA_ASSERT( psa_hash_setup( &operation, alg ) );
-    TEST_ASSERT( psa_hash_verify( &operation,
-                                  hash, expected_size - 1 ) ==
-                 PSA_ERROR_INVALID_SIGNATURE );
+    TEST_EQUAL( psa_hash_verify( &operation,
+                                 hash, expected_size - 1 ),
+                PSA_ERROR_INVALID_SIGNATURE );
 
     /* psa_hash_verify with a non-matching hash */
     PSA_ASSERT( psa_hash_setup( &operation, alg ) );
-    TEST_ASSERT( psa_hash_verify( &operation,
-                                  hash + 1, expected_size ) ==
-                 PSA_ERROR_INVALID_SIGNATURE );
+    TEST_EQUAL( psa_hash_verify( &operation,
+                                 hash + 1, expected_size ),
+                PSA_ERROR_INVALID_SIGNATURE );
 
     /* psa_hash_verify with a hash longer than expected */
     PSA_ASSERT( psa_hash_setup( &operation, alg ) );
-    TEST_ASSERT( psa_hash_verify( &operation,
-                                  hash, sizeof( hash ) ) ==
-                 PSA_ERROR_INVALID_SIGNATURE );
+    TEST_EQUAL( psa_hash_verify( &operation,
+                                 hash, sizeof( hash ) ),
+                PSA_ERROR_INVALID_SIGNATURE );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -1898,9 +1898,9 @@ void hash_finish_bad_args( )
 
     /* psa_hash_finish with a smaller hash buffer than expected */
     PSA_ASSERT( psa_hash_setup( &operation, alg ) );
-    TEST_ASSERT( psa_hash_finish( &operation,
-                                  hash, expected_size - 1,
-                                  &hash_len ) == PSA_ERROR_BUFFER_TOO_SMALL );
+    TEST_EQUAL( psa_hash_finish( &operation,
+                                 hash, expected_size - 1,
+                                 &hash_len ), PSA_ERROR_BUFFER_TOO_SMALL );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -1936,7 +1936,7 @@ void mac_setup( int key_type_arg,
 
     status = psa_mac_sign_setup( &operation, handle, alg );
     psa_mac_abort( &operation );
-    TEST_ASSERT( status == expected_status );
+    TEST_EQUAL( status, expected_status );
 
 exit:
     psa_destroy_key( handle );
@@ -1989,8 +1989,8 @@ void mac_sign( int key_type_arg,
                                      &mac_length ) );
 
     /* Compare with the expected value. */
-    TEST_ASSERT( mac_length == expected_mac->len );
-    TEST_ASSERT( memcmp( actual_mac, expected_mac->x, mac_length ) == 0 );
+    TEST_EQUAL( mac_length, expected_mac->len );
+    TEST_EQUAL( memcmp( actual_mac, expected_mac->x, mac_length ), 0 );
 
     /* Verify that the end of the buffer is untouched. */
     TEST_ASSERT( mem_is_char( actual_mac + mac_length, '+',
@@ -2077,7 +2077,7 @@ void cipher_setup( int key_type_arg,
 
     status = psa_cipher_encrypt_setup( &operation, handle, alg );
     psa_cipher_abort( &operation );
-    TEST_ASSERT( status == expected_status );
+    TEST_EQUAL( status, expected_status );
 
 exit:
     psa_destroy_key( handle );
@@ -2146,7 +2146,7 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
                                 &function_output_length );
     total_output_length += function_output_length;
 
-    TEST_ASSERT( status == expected_status );
+    TEST_EQUAL( status, expected_status );
     if( expected_status == PSA_SUCCESS )
     {
         PSA_ASSERT( psa_cipher_abort( &operation ) );
@@ -2379,7 +2379,7 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
                                 output_buffer_size,
                                 &function_output_length );
     total_output_length += function_output_length;
-    TEST_ASSERT( status == expected_status );
+    TEST_EQUAL( status, expected_status );
 
     if( expected_status == PSA_SUCCESS )
     {
@@ -2639,25 +2639,25 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data,
     PSA_ASSERT( psa_import_key( handle, key_type,
                                 key_data->x, key_data->len ) );
 
-    TEST_ASSERT( psa_aead_encrypt( handle, alg,
-                                   nonce->x, nonce->len,
-                                   additional_data->x,
-                                   additional_data->len,
-                                   input_data->x, input_data->len,
-                                   output_data, output_size,
-                                   &output_length ) == expected_result );
+    TEST_EQUAL( psa_aead_encrypt( handle, alg,
+                                  nonce->x, nonce->len,
+                                  additional_data->x,
+                                  additional_data->len,
+                                  input_data->x, input_data->len,
+                                  output_data, output_size,
+                                  &output_length ), expected_result );
 
     if( PSA_SUCCESS == expected_result )
     {
         ASSERT_ALLOC( output_data2, output_length );
 
-        TEST_ASSERT( psa_aead_decrypt( handle, alg,
-                                       nonce->x, nonce->len,
-                                       additional_data->x,
-                                       additional_data->len,
-                                       output_data, output_length,
-                                       output_data2, output_length,
-                                       &output_length2 ) == expected_result );
+        TEST_EQUAL( psa_aead_decrypt( handle, alg,
+                                      nonce->x, nonce->len,
+                                      additional_data->x,
+                                      additional_data->len,
+                                      output_data, output_length,
+                                      output_data2, output_length,
+                                      &output_length2 ), expected_result );
 
         ASSERT_COMPARE( input_data->x, input_data->len,
                         output_data2, output_length2 );
@@ -2776,13 +2776,13 @@ void aead_decrypt( int key_type_arg, data_t *key_data,
                                 key_data->x,
                                 key_data->len ) );
 
-    TEST_ASSERT( psa_aead_decrypt( handle, alg,
-                                   nonce->x, nonce->len,
-                                   additional_data->x,
-                                   additional_data->len,
-                                   input_data->x, input_data->len,
-                                   output_data, output_size,
-                                   &output_length ) == expected_result );
+    TEST_EQUAL( psa_aead_decrypt( handle, alg,
+                                  nonce->x, nonce->len,
+                                  additional_data->x,
+                                  additional_data->len,
+                                  input_data->x, input_data->len,
+                                  output_data, output_size,
+                                  &output_length ), expected_result );
 
     if( expected_result == PSA_SUCCESS )
         ASSERT_COMPARE( expected_data->x, expected_data->len,
@@ -2804,7 +2804,7 @@ void signature_size( int type_arg,
     psa_key_type_t type = type_arg;
     psa_algorithm_t alg = alg_arg;
     size_t actual_size = PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE( type, bits, alg );
-    TEST_ASSERT( actual_size == (size_t) expected_size_arg );
+    TEST_EQUAL( actual_size, (size_t) expected_size_arg );
 exit:
     ;
 }
@@ -2910,7 +2910,7 @@ void sign_fail( int key_type_arg, data_t *key_data,
                                          input_data->x, input_data->len,
                                          signature, signature_size,
                                          &signature_length );
-    TEST_ASSERT( actual_status == expected_status );
+    TEST_EQUAL( actual_status, expected_status );
     /* The value of *signature_length is unspecified on error, but
      * whatever it is, it should be less than signature_size, so that
      * if the caller tries to read *signature_length bytes without
@@ -2984,11 +2984,11 @@ void sign_verify( int key_type_arg, data_t *key_data,
          * detected as invalid. Flip a bit at the beginning, not at the end,
          * because ECDSA may ignore the last few bits of the input. */
         input_data->x[0] ^= 1;
-        TEST_ASSERT( psa_asymmetric_verify(
-                         handle, alg,
-                         input_data->x, input_data->len,
-                         signature,
-                         signature_length ) == PSA_ERROR_INVALID_SIGNATURE );
+        TEST_EQUAL( psa_asymmetric_verify(
+                        handle, alg,
+                        input_data->x, input_data->len,
+                        signature,
+                        signature_length ), PSA_ERROR_INVALID_SIGNATURE );
     }
 
 exit:
@@ -3078,7 +3078,7 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
                                            signature_data->x,
                                            signature_data->len );
 
-    TEST_ASSERT( actual_status == expected_status );
+    TEST_EQUAL( actual_status, expected_status );
 
 exit:
     psa_destroy_key( handle );
@@ -3133,8 +3133,8 @@ void asymmetric_encrypt( int key_type_arg,
                                             label->x, label->len,
                                             output, output_size,
                                             &output_length );
-    TEST_ASSERT( actual_status == expected_status );
-    TEST_ASSERT( output_length == expected_output_length );
+    TEST_EQUAL( actual_status, expected_status );
+    TEST_EQUAL( output_length, expected_output_length );
 
     /* If the label is empty, the test framework puts a non-null pointer
      * in label->x. Test that a null pointer works as well. */
@@ -3148,8 +3148,8 @@ void asymmetric_encrypt( int key_type_arg,
                                                 NULL, label->len,
                                                 output, output_size,
                                                 &output_length );
-        TEST_ASSERT( actual_status == expected_status );
-        TEST_ASSERT( output_length == expected_output_length );
+        TEST_EQUAL( actual_status, expected_status );
+        TEST_EQUAL( output_length, expected_output_length );
     }
 
 exit:
@@ -3351,7 +3351,7 @@ void asymmetric_decrypt_fail( int key_type_arg,
                                             label->x, label->len,
                                             output, output_size,
                                             &output_length );
-    TEST_ASSERT( actual_status == expected_status );
+    TEST_EQUAL( actual_status, expected_status );
     TEST_ASSERT( output_length <= output_size );
 
     /* If the label is empty, the test framework puts a non-null pointer
@@ -3366,7 +3366,7 @@ void asymmetric_decrypt_fail( int key_type_arg,
                                                 NULL, label->len,
                                                 output, output_size,
                                                 &output_length );
-        TEST_ASSERT( actual_status == expected_status );
+        TEST_EQUAL( actual_status, expected_status );
         TEST_ASSERT( output_length <= output_size );
     }
 
@@ -3406,10 +3406,10 @@ void derive_setup( int key_type_arg,
                                 key_data->x,
                                 key_data->len ) );
 
-    TEST_ASSERT( psa_key_derivation( &generator, handle, alg,
-                                     salt->x, salt->len,
-                                     label->x, label->len,
-                                     requested_capacity ) == expected_status );
+    TEST_EQUAL( psa_key_derivation( &generator, handle, alg,
+                                    salt->x, salt->len,
+                                    label->x, label->len,
+                                    requested_capacity ), expected_status );
 
 exit:
     psa_generator_abort( &generator );
@@ -3452,16 +3452,16 @@ void test_derive_invalid_generator_state( )
                                      capacity ) );
 
     /* state of generator shouldn't allow additional generation */
-    TEST_ASSERT(  psa_key_derivation( &generator, handle, alg,
-                                      NULL, 0,
-                                      NULL, 0,
-                                      capacity ) == PSA_ERROR_BAD_STATE );
+    TEST_EQUAL(  psa_key_derivation( &generator, handle, alg,
+                                     NULL, 0,
+                                     NULL, 0,
+                                     capacity ), PSA_ERROR_BAD_STATE );
 
     PSA_ASSERT( psa_generator_read( &generator, buffer, capacity )
         );
 
-    TEST_ASSERT( psa_generator_read( &generator, buffer, capacity )
-                 == PSA_ERROR_INSUFFICIENT_CAPACITY );
+    TEST_EQUAL( psa_generator_read( &generator, buffer, capacity )
+                , PSA_ERROR_INSUFFICIENT_CAPACITY );
 
 exit:
     psa_generator_abort( &generator );
@@ -3550,7 +3550,7 @@ void derive_output( int alg_arg,
                                     requested_capacity ) );
     PSA_ASSERT( psa_get_generator_capacity( &generator,
                                             &current_capacity ) );
-    TEST_ASSERT( current_capacity == requested_capacity );
+    TEST_EQUAL( current_capacity, requested_capacity );
     expected_capacity = requested_capacity;
 
     /* Expansion phase. */
@@ -3570,20 +3570,20 @@ void derive_output( int alg_arg,
                  output_sizes[i] > expected_capacity )
         {
             /* Capacity exceeded. */
-            TEST_ASSERT( status == PSA_ERROR_INSUFFICIENT_CAPACITY );
+            TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_CAPACITY );
             expected_capacity = 0;
             continue;
         }
         /* Success. Check the read data. */
         PSA_ASSERT( status );
         if( output_sizes[i] != 0 )
-            TEST_ASSERT( memcmp( output_buffer, expected_outputs[i],
-                                 output_sizes[i] ) == 0 );
+            TEST_EQUAL( memcmp( output_buffer, expected_outputs[i],
+                                output_sizes[i] ), 0 );
         /* Check the generator status. */
         expected_capacity -= output_sizes[i];
         PSA_ASSERT( psa_get_generator_capacity( &generator,
                                                 &current_capacity ) );
-        TEST_ASSERT( expected_capacity == current_capacity );
+        TEST_EQUAL( expected_capacity, current_capacity );
     }
     PSA_ASSERT( psa_generator_abort( &generator ) );
 
@@ -3631,7 +3631,7 @@ void derive_full( int alg_arg,
                                     requested_capacity ) );
     PSA_ASSERT( psa_get_generator_capacity( &generator,
                                             &current_capacity ) );
-    TEST_ASSERT( current_capacity == expected_capacity );
+    TEST_EQUAL( current_capacity, expected_capacity );
 
     /* Expansion phase. */
     while( current_capacity > 0 )
@@ -3645,13 +3645,13 @@ void derive_full( int alg_arg,
         expected_capacity -= read_size;
         PSA_ASSERT( psa_get_generator_capacity( &generator,
                                                 &current_capacity ) );
-        TEST_ASSERT( current_capacity == expected_capacity );
+        TEST_EQUAL( current_capacity, expected_capacity );
     }
 
     /* Check that the generator refuses to go over capacity. */
-    TEST_ASSERT( psa_generator_read( &generator,
-                                     output_buffer,
-                                     1 ) == PSA_ERROR_INSUFFICIENT_CAPACITY );
+    TEST_EQUAL( psa_generator_read( &generator,
+                                    output_buffer,
+                                    1 ), PSA_ERROR_INSUFFICIENT_CAPACITY );
 
     PSA_ASSERT( psa_generator_abort( &generator ) );
 
@@ -3715,8 +3715,8 @@ void derive_key_exercise( int alg_arg,
     PSA_ASSERT( psa_get_key_information( derived_handle,
                                          &got_type,
                                          &got_bits ) );
-    TEST_ASSERT( got_type == derived_type );
-    TEST_ASSERT( got_bits == derived_bits );
+    TEST_EQUAL( got_type, derived_type );
+    TEST_EQUAL( got_bits, derived_bits );
 
     /* Exercise the derived key. */
     if( ! exercise_key( derived_handle, derived_usage, derived_alg ) )
@@ -3791,7 +3791,7 @@ void derive_key_export( int alg_arg,
     PSA_ASSERT( psa_export_key( derived_handle,
                                 export_buffer, bytes1,
                                 &length ) );
-    TEST_ASSERT( length == bytes1 );
+    TEST_EQUAL( length, bytes1 );
     PSA_ASSERT( psa_destroy_key( derived_handle ) );
     PSA_ASSERT( psa_allocate_key( PSA_KEY_TYPE_RAW_DATA,
                                   PSA_BYTES_TO_BITS( bytes2 ),
@@ -3804,10 +3804,10 @@ void derive_key_export( int alg_arg,
     PSA_ASSERT( psa_export_key( derived_handle,
                                 export_buffer + bytes1, bytes2,
                                 &length ) );
-    TEST_ASSERT( length == bytes2 );
+    TEST_EQUAL( length, bytes2 );
 
     /* Compare the outputs from the two runs. */
-    TEST_ASSERT( memcmp( output_buffer, export_buffer, capacity ) == 0 );
+    TEST_EQUAL( memcmp( output_buffer, export_buffer, capacity ), 0 );
 
 exit:
     mbedtls_free( output_buffer );
@@ -3844,10 +3844,10 @@ void key_agreement_setup( int alg_arg,
                                 our_key_data->x,
                                 our_key_data->len ) );
 
-    TEST_ASSERT( psa_key_agreement( &generator,
-                                    our_key,
-                                    peer_key_data->x, peer_key_data->len,
-                                    alg ) == expected_status_arg );
+    TEST_EQUAL( psa_key_agreement( &generator,
+                                   our_key,
+                                   peer_key_data->x, peer_key_data->len,
+                                   alg ), expected_status_arg );
 
 exit:
     psa_generator_abort( &generator );
@@ -3891,7 +3891,7 @@ void key_agreement_capacity( int alg_arg,
     /* Test the advertized capacity. */
     PSA_ASSERT( psa_get_generator_capacity(
                     &generator, &actual_capacity ) );
-    TEST_ASSERT( actual_capacity == (size_t) expected_capacity_arg );
+    TEST_EQUAL( actual_capacity, (size_t) expected_capacity_arg );
 
     /* Test the actual capacity by reading the output. */
     while( actual_capacity > sizeof( output ) )
@@ -3902,8 +3902,8 @@ void key_agreement_capacity( int alg_arg,
     }
     PSA_ASSERT( psa_generator_read( &generator,
                                     output, actual_capacity ) );
-    TEST_ASSERT( psa_generator_read( &generator, output, 1 ) ==
-                 PSA_ERROR_INSUFFICIENT_CAPACITY );
+    TEST_EQUAL( psa_generator_read( &generator, output, 1 ),
+                PSA_ERROR_INSUFFICIENT_CAPACITY );
 
 exit:
     psa_generator_abort( &generator );
@@ -3950,16 +3950,16 @@ void key_agreement_output( int alg_arg,
         psa_generator_read( &generator,
                             actual_output,
                             expected_output1->len ) );
-    TEST_ASSERT( memcmp( actual_output, expected_output1->x,
-                         expected_output1->len ) == 0 );
+    TEST_EQUAL( memcmp( actual_output, expected_output1->x,
+                        expected_output1->len ), 0 );
     if( expected_output2->len != 0 )
     {
         PSA_ASSERT(
             psa_generator_read( &generator,
                                 actual_output,
                                 expected_output2->len ) );
-        TEST_ASSERT( memcmp( actual_output, expected_output2->x,
-                             expected_output2->len ) == 0 );
+        TEST_EQUAL( memcmp( actual_output, expected_output2->x,
+                            expected_output2->len ), 0 );
     }
 
 exit:
@@ -3996,7 +3996,7 @@ void generate_random( int bytes_arg )
         PSA_ASSERT( psa_generate_random( output, bytes ) );
 
         /* Check that no more than bytes have been overwritten */
-        TEST_ASSERT( memcmp( output + bytes, trail, sizeof( trail ) ) == 0 );
+        TEST_EQUAL( memcmp( output + bytes, trail, sizeof( trail ) ), 0 );
 
         for( i = 0; i < bytes; i++ )
         {
@@ -4047,17 +4047,17 @@ void generate_key( int type_arg,
     PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
     /* Generate a key */
-    TEST_ASSERT( psa_generate_key( handle, type, bits,
-                                   NULL, 0 ) == expected_status );
+    TEST_EQUAL( psa_generate_key( handle, type, bits,
+                                  NULL, 0 ), expected_status );
 
     /* Test the key information */
-    TEST_ASSERT( psa_get_key_information( handle,
-                                          &got_type,
-                                          &got_bits ) == expected_info_status );
+    TEST_EQUAL( psa_get_key_information( handle,
+                                         &got_type,
+                                         &got_bits ), expected_info_status );
     if( expected_info_status != PSA_SUCCESS )
         goto exit;
-    TEST_ASSERT( got_type == type );
-    TEST_ASSERT( got_bits == bits );
+    TEST_EQUAL( got_type, type );
+    TEST_EQUAL( got_bits, bits );
 
     /* Do something with the key according to its type and permitted usage. */
     if( ! exercise_key( handle, usage, alg ) )
@@ -4144,8 +4144,8 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg,
     }
 
     /* Export the key */
-    TEST_ASSERT( psa_export_key( handle, first_export, export_size,
-                                 &first_exported_length ) == export_status );
+    TEST_EQUAL( psa_export_key( handle, first_export, export_size,
+                                &first_exported_length ), export_status );
 
     /* Shutdown and restart */
     mbedtls_psa_crypto_free();
@@ -4156,18 +4156,18 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg,
                               &handle ) );
     PSA_ASSERT( psa_get_key_information(
                     handle, &type_get, &bits_get ) );
-    TEST_ASSERT( type_get == type );
-    TEST_ASSERT( bits_get == (size_t) bits );
+    TEST_EQUAL( type_get, type );
+    TEST_EQUAL( bits_get, (size_t) bits );
 
     PSA_ASSERT( psa_get_key_policy( handle, &policy_get ) );
-    TEST_ASSERT( psa_key_policy_get_usage(
-                     &policy_get ) == policy_usage );
-    TEST_ASSERT( psa_key_policy_get_algorithm(
-                     &policy_get ) == policy_alg );
+    TEST_EQUAL( psa_key_policy_get_usage(
+                    &policy_get ), policy_usage );
+    TEST_EQUAL( psa_key_policy_get_algorithm(
+                    &policy_get ), policy_alg );
 
     /* Export the key again */
-    TEST_ASSERT( psa_export_key( handle, second_export, export_size,
-                                 &second_exported_length ) == export_status );
+    TEST_EQUAL( psa_export_key( handle, second_export, export_size,
+                                &second_exported_length ), export_status );
 
     if( export_status == PSA_SUCCESS )
     {
diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function
index 117184df2..704fad913 100644
--- a/tests/suites/test_suite_psa_crypto_entropy.function
+++ b/tests/suites/test_suite_psa_crypto_entropy.function
@@ -52,9 +52,9 @@ void validate_entropy_seed_injection( int seed_length_a,
     TEST_ASSERT( ( its_status == PSA_ITS_SUCCESS ) ||
                  ( its_status == PSA_ITS_ERROR_KEY_NOT_FOUND ) );
     status = mbedtls_psa_inject_entropy( seed, seed_length_a );
-    TEST_ASSERT( status == expected_status_a );
+    TEST_EQUAL( status, expected_status_a );
     status = mbedtls_psa_inject_entropy( seed, seed_length_b );
-    TEST_ASSERT( status == expected_status_b );
+    TEST_EQUAL( status, expected_status_b );
     PSA_ASSERT( psa_crypto_init( ) );
     PSA_ASSERT( psa_generate_random( output,
                                      sizeof( output ) ) );
@@ -84,9 +84,9 @@ void run_entropy_inject_with_crypto_init( )
     status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
     PSA_ASSERT( status );
     its_status =  psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
-    TEST_ASSERT( its_status == PSA_ITS_SUCCESS );
+    TEST_EQUAL( its_status, PSA_ITS_SUCCESS );
     status = psa_crypto_init( );
-    TEST_ASSERT( status == PSA_ERROR_INSUFFICIENT_ENTROPY );
+    TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_ENTROPY );
     status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
     PSA_ASSERT( status );
     status = psa_crypto_init( );
@@ -94,7 +94,7 @@ void run_entropy_inject_with_crypto_init( )
     mbedtls_psa_crypto_free( );
     /* The seed is written by nv_seed callback functions therefore the injection will fail */
     status = mbedtls_psa_inject_entropy( seed, sizeof( seed ) );
-    TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
+    TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED );
 exit:
     psa_its_remove( PSA_CRYPTO_ITS_RANDOM_SEED_UID );
     mbedtls_psa_crypto_free( );
diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function
index f4da989db..e04652fda 100644
--- a/tests/suites/test_suite_psa_crypto_init.function
+++ b/tests/suites/test_suite_psa_crypto_init.function
@@ -176,7 +176,7 @@ void validate_module_init_generate_random( int count )
         mbedtls_psa_crypto_free( );
     }
     status = psa_generate_random( random, sizeof( random ) );
-    TEST_ASSERT( status == PSA_ERROR_BAD_STATE );
+    TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
 }
 /* END_CASE */
 
@@ -193,7 +193,7 @@ void validate_module_init_key_based( int count )
         mbedtls_psa_crypto_free( );
     }
     status = psa_import_key( 1, PSA_KEY_TYPE_RAW_DATA, data, sizeof( data ) );
-    TEST_ASSERT( status == PSA_ERROR_BAD_STATE );
+    TEST_EQUAL( status, PSA_ERROR_BAD_STATE );
 }
 /* END_CASE */
 
@@ -207,7 +207,7 @@ void custom_entropy_sources( int sources_arg, int expected_init_status_arg )
     PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources(
                     custom_entropy_init, mbedtls_entropy_free ) );
 
-    TEST_ASSERT( psa_crypto_init( ) == expected_init_status );
+    TEST_EQUAL( psa_crypto_init( ), expected_init_status );
     if( expected_init_status != PSA_SUCCESS )
         goto exit;
 
@@ -247,7 +247,7 @@ void fake_entropy_source( int threshold,
     PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources(
                     custom_entropy_init, mbedtls_entropy_free ) );
 
-    TEST_ASSERT( psa_crypto_init( ) == expected_init_status );
+    TEST_EQUAL( psa_crypto_init( ), expected_init_status );
     if( expected_init_status != PSA_SUCCESS )
         goto exit;
 
@@ -274,7 +274,7 @@ void entropy_from_nv_seed( int seed_size_arg,
     PSA_ASSERT( mbedtls_psa_crypto_configure_entropy_sources(
                     custom_entropy_init, mbedtls_entropy_free ) );
 
-    TEST_ASSERT( psa_crypto_init( ) == expected_init_status );
+    TEST_EQUAL( psa_crypto_init( ), expected_init_status );
     if( expected_init_status != PSA_SUCCESS )
         goto exit;
 
diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
index af11e7ae1..1748b205c 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.function
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -83,15 +83,15 @@ void key_type_classification( psa_key_type_t type, unsigned flags )
     TEST_CLASSIFICATION_MACRO( KEY_TYPE_IS_ECC, type, flags );
 
     /* Macros with derived semantics */
-    TEST_ASSERT( PSA_KEY_TYPE_IS_ASYMMETRIC( type ) ==
-                 ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ||
-                   PSA_KEY_TYPE_IS_KEYPAIR( type ) ) );
-    TEST_ASSERT( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ) ==
-                 ( PSA_KEY_TYPE_IS_ECC( type ) &&
-                   PSA_KEY_TYPE_IS_KEYPAIR( type ) ) );
-    TEST_ASSERT( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) ==
-                 ( PSA_KEY_TYPE_IS_ECC( type ) &&
-                   PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) );
+    TEST_EQUAL( PSA_KEY_TYPE_IS_ASYMMETRIC( type ),
+                ( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ||
+                  PSA_KEY_TYPE_IS_KEYPAIR( type ) ) );
+    TEST_EQUAL( PSA_KEY_TYPE_IS_ECC_KEYPAIR( type ),
+                ( PSA_KEY_TYPE_IS_ECC( type ) &&
+                  PSA_KEY_TYPE_IS_KEYPAIR( type ) ) );
+    TEST_EQUAL( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ),
+                ( PSA_KEY_TYPE_IS_ECC( type ) &&
+                  PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ) );
 
 exit: ;
 }
@@ -113,7 +113,7 @@ void mac_algorithm_core( psa_algorithm_t alg, int classification_flags,
     algorithm_classification( alg, classification_flags );
 
     /* Length */
-    TEST_ASSERT( length == PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) );
+    TEST_EQUAL( length, PSA_MAC_FINAL_SIZE( key_type, key_bits, alg ) );
 
 exit: ;
 }
@@ -134,7 +134,7 @@ void aead_algorithm_core( psa_algorithm_t alg, int classification_flags,
     algorithm_classification( alg, classification_flags );
 
     /* Tag length */
-    TEST_ASSERT( tag_length == PSA_AEAD_TAG_LENGTH( alg ) );
+    TEST_EQUAL( tag_length, PSA_AEAD_TAG_LENGTH( alg ) );
 
 exit: ;
 }
@@ -174,18 +174,18 @@ void hash_algorithm( int alg_arg, int length_arg )
     algorithm_classification( alg, 0 );
 
     /* Dependent algorithms */
-    TEST_ASSERT( PSA_ALG_HMAC_GET_HASH( hmac_alg ) == alg );
-    TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( rsa_pkcs1v15_sign_alg ) == alg );
-    TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( rsa_pss_alg ) == alg );
-    TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( dsa_alg ) == alg );
-    TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( deterministic_dsa_alg ) == alg );
-    TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( ecdsa_alg ) == alg );
-    TEST_ASSERT( PSA_ALG_SIGN_GET_HASH( deterministic_ecdsa_alg ) == alg );
-    TEST_ASSERT( PSA_ALG_RSA_OAEP_GET_HASH( rsa_oaep_alg ) == alg );
-    TEST_ASSERT( PSA_ALG_HKDF_GET_HASH( hkdf_alg ) == alg );
+    TEST_EQUAL( PSA_ALG_HMAC_GET_HASH( hmac_alg ), alg );
+    TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( rsa_pkcs1v15_sign_alg ), alg );
+    TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( rsa_pss_alg ), alg );
+    TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( dsa_alg ), alg );
+    TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( deterministic_dsa_alg ), alg );
+    TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( ecdsa_alg ), alg );
+    TEST_EQUAL( PSA_ALG_SIGN_GET_HASH( deterministic_ecdsa_alg ), alg );
+    TEST_EQUAL( PSA_ALG_RSA_OAEP_GET_HASH( rsa_oaep_alg ), alg );
+    TEST_EQUAL( PSA_ALG_HKDF_GET_HASH( hkdf_alg ), alg );
 
     /* Hash length */
-    TEST_ASSERT( length == PSA_HASH_SIZE( alg ) );
+    TEST_EQUAL( length, PSA_HASH_SIZE( alg ) );
     TEST_ASSERT( length <= PSA_HASH_MAX_SIZE );
 }
 /* END_CASE */
@@ -203,7 +203,7 @@ void mac_algorithm( int alg_arg, int classification_flags,
 
     mac_algorithm_core( alg, classification_flags,
                         key_type, key_bits, length );
-    TEST_ASSERT( PSA_ALG_FULL_LENGTH_MAC( alg ) == alg );
+    TEST_EQUAL( PSA_ALG_FULL_LENGTH_MAC( alg ), alg );
     TEST_ASSERT( length <= PSA_MAC_MAX_SIZE );
 
     /* Truncated versions */
@@ -212,16 +212,16 @@ void mac_algorithm( int alg_arg, int classification_flags,
         psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC( alg, n );
         mac_algorithm_core( truncated_alg, classification_flags,
                             key_type, key_bits, n );
-        TEST_ASSERT( PSA_ALG_FULL_LENGTH_MAC( truncated_alg ) == alg );
+        TEST_EQUAL( PSA_ALG_FULL_LENGTH_MAC( truncated_alg ), alg );
         /* Check that calling PSA_ALG_TRUNCATED_MAC twice gives the length
          * of the outer truncation (even if the outer length is smaller than
          * the inner length). */
-        TEST_ASSERT( PSA_ALG_TRUNCATED_MAC( truncated_alg, 1 ) ==
-                     PSA_ALG_TRUNCATED_MAC( alg, 1 ) );
-        TEST_ASSERT( PSA_ALG_TRUNCATED_MAC( truncated_alg, length - 1 ) ==
-                     PSA_ALG_TRUNCATED_MAC( alg, length - 1) );
-        TEST_ASSERT( PSA_ALG_TRUNCATED_MAC( truncated_alg, length ) ==
-                     PSA_ALG_TRUNCATED_MAC( alg, length ) );
+        TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( truncated_alg, 1 ),
+                    PSA_ALG_TRUNCATED_MAC( alg, 1 ) );
+        TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( truncated_alg, length - 1 ),
+                    PSA_ALG_TRUNCATED_MAC( alg, length - 1) );
+        TEST_EQUAL( PSA_ALG_TRUNCATED_MAC( truncated_alg, length ),
+                    PSA_ALG_TRUNCATED_MAC( alg, length ) );
     }
 }
 /* END_CASE */
@@ -238,7 +238,7 @@ void hmac_algorithm( int alg_arg,
     size_t n;
 
     TEST_ASSERT( PSA_ALG_IS_HASH( hash_alg ) );
-    TEST_ASSERT( PSA_ALG_HMAC( hash_alg ) == alg );
+    TEST_EQUAL( PSA_ALG_HMAC( hash_alg ), alg );
 
     TEST_ASSERT( block_size <= PSA_HMAC_MAX_HASH_BLOCK_SIZE );
 
@@ -248,7 +248,7 @@ void hmac_algorithm( int alg_arg,
     for( n = 1; n <= length; n++ )
     {
         psa_algorithm_t truncated_alg = PSA_ALG_TRUNCATED_MAC( alg, n );
-        TEST_ASSERT( PSA_ALG_HMAC_GET_HASH( truncated_alg ) == hash_alg );
+        TEST_EQUAL( PSA_ALG_HMAC_GET_HASH( truncated_alg ), hash_alg );
     }
 }
 /* END_CASE */
@@ -287,19 +287,19 @@ void aead_algorithm( int alg_arg, int classification_flags,
     {
         psa_algorithm_t truncated_alg = PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, n );
         aead_algorithm_core( truncated_alg, classification_flags, n );
-        TEST_ASSERT(
-            PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH( truncated_alg ) == alg );
+        TEST_EQUAL(
+            PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH( truncated_alg ), alg );
         /* Check that calling PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH twice gives
          * the length of the outer truncation (even if the outer length is
          * smaller than the inner length). */
-        TEST_ASSERT(
-            PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, 1 ) ==
+        TEST_EQUAL(
+            PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, 1 ),
             PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 1 ) );
-        TEST_ASSERT(
-            PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length - 1 ) ==
+        TEST_EQUAL(
+            PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length - 1 ),
             PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length - 1) );
-        TEST_ASSERT(
-            PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length ) ==
+        TEST_EQUAL(
+            PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length ),
             PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length ) );
     }
 }
@@ -363,8 +363,8 @@ void key_derivation_algorithm( int alg_arg, int classification_flags )
     /* Check combinations with key agreements */
     TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_FFDH( alg ) ) );
     TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_ECDH( alg ) ) );
-    TEST_ASSERT( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_ECDH( alg ) ) == alg );
-    TEST_ASSERT( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_FFDH( alg ) ) == alg );
+    TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_ECDH( alg ) ), alg );
+    TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_FFDH( alg ) ), alg );
 }
 /* END_CASE */
 
@@ -388,8 +388,8 @@ void key_selection_algorithm( int alg_arg, int classification_flags )
     /* Check combinations with key agreements */
     TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_FFDH( alg ) ) );
     TEST_ASSERT( PSA_ALG_IS_KEY_AGREEMENT( PSA_ALG_ECDH( alg ) ) );
-    TEST_ASSERT( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_ECDH( alg ) ) == alg );
-    TEST_ASSERT( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_FFDH( alg ) ) == alg );
+    TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_ECDH( alg ) ), alg );
+    TEST_EQUAL( PSA_ALG_KEY_AGREEMENT_GET_KDF( PSA_ALG_FFDH( alg ) ), alg );
 }
 /* END_CASE */
 
@@ -416,7 +416,7 @@ void key_agreement_algorithm( int alg_arg, int classification_flags,
     /* Shared secret derivation properties */
     TEST_ASSERT( PSA_ALG_IS_KEY_DERIVATION( actual_post_alg ) ||
                  PSA_ALG_IS_KEY_SELECTION( actual_post_alg ) );
-    TEST_ASSERT( actual_post_alg == expected_post_alg );
+    TEST_EQUAL( actual_post_alg, expected_post_alg );
 }
 /* END_CASE */
 
@@ -431,22 +431,22 @@ void key_type( int type_arg, int classification_flags )
     if( classification_flags & KEY_TYPE_IS_PUBLIC_KEY )
     {
         psa_key_type_t pair_type = PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( type );
-        TEST_ASSERT( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( pair_type ) == type );
+        TEST_EQUAL( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( pair_type ), type );
         key_type_classification( pair_type,
                                  ( classification_flags
                                    & ~KEY_TYPE_IS_PUBLIC_KEY )
                                  | KEY_TYPE_IS_KEYPAIR );
-        TEST_ASSERT( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ) == type );
+        TEST_EQUAL( PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type ), type );
     }
     if( classification_flags & KEY_TYPE_IS_KEYPAIR )
     {
         psa_key_type_t public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( type );
-        TEST_ASSERT( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( public_type ) == type );
+        TEST_EQUAL( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( public_type ), type );
         key_type_classification( public_type,
                                  ( classification_flags
                                    & ~KEY_TYPE_IS_KEYPAIR )
                                  | KEY_TYPE_IS_PUBLIC_KEY );
-        TEST_ASSERT( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( type ) == type );
+        TEST_EQUAL( PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY( type ), type );
     }
 }
 /* END_CASE */
@@ -462,8 +462,8 @@ void ecc_key_types( int curve_arg, int curve_bits_arg )
     test_key_type( public_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_PUBLIC_KEY );
     test_key_type( pair_type, KEY_TYPE_IS_ECC | KEY_TYPE_IS_KEYPAIR );
 
-    TEST_ASSERT( PSA_KEY_TYPE_GET_CURVE( public_type ) == curve );
-    TEST_ASSERT( PSA_KEY_TYPE_GET_CURVE( pair_type ) == curve );
+    TEST_EQUAL( PSA_KEY_TYPE_GET_CURVE( public_type ), curve );
+    TEST_EQUAL( PSA_KEY_TYPE_GET_CURVE( pair_type ), curve );
 
     /* Validate that the bit size is less than the maximum ECC bit size
      * in this implementation. There's no parameter that should be equal
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function
index bf7537641..c467d1901 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.function
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.function
@@ -66,13 +66,13 @@ void parse_storage_data_check( data_t *file_data,
                                               &key_data, &key_data_length,
                                               &key_type, &key_policy );
 
-    TEST_ASSERT( status == expected_status );
+    TEST_EQUAL( status, expected_status );
     if( status != PSA_SUCCESS )
         goto exit;
 
-    TEST_ASSERT( key_type == (psa_key_type_t) expected_key_type );
-    TEST_ASSERT( key_policy.usage == (uint32_t) expected_key_usage );
-    TEST_ASSERT( key_policy.alg == (uint32_t) expected_key_alg );
+    TEST_EQUAL( key_type, (psa_key_type_t) expected_key_type );
+    TEST_EQUAL( key_policy.usage, (uint32_t) expected_key_usage );
+    TEST_EQUAL( key_policy.alg, (uint32_t) expected_key_alg );
     ASSERT_COMPARE( expected_key_data->x, expected_key_data->len,
                     key_data, key_data_length );
 
@@ -101,8 +101,8 @@ void save_large_persistent_key( int data_too_large, int expected_status )
                                 PSA_BYTES_TO_BITS( data_length ),
                                 &handle ) );
 
-    TEST_ASSERT( psa_import_key( handle, PSA_KEY_TYPE_RAW_DATA,
-                                 data, data_length ) == expected_status );
+    TEST_EQUAL( psa_import_key( handle, PSA_KEY_TYPE_RAW_DATA,
+                                data, data_length ), expected_status );
 
 exit:
     mbedtls_free( data );
@@ -142,10 +142,10 @@ void persistent_key_destroy( int key_id_arg, int should_store,
     PSA_ASSERT( psa_destroy_key( handle ) );
 
     /* Check key slot storage is removed */
-    TEST_ASSERT( psa_is_key_present_in_storage( key_id ) == 0 );
-    TEST_ASSERT( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
-                               &handle ) == PSA_ERROR_EMPTY_SLOT );
-    TEST_ASSERT( handle == 0 );
+    TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 );
+    TEST_EQUAL( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
+                              &handle ), PSA_ERROR_EMPTY_SLOT );
+    TEST_EQUAL( handle, 0 );
 
     /* Shutdown and restart */
     mbedtls_psa_crypto_free();
@@ -183,17 +183,17 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data,
                                 PSA_BYTES_TO_BITS( data->len ),
                                 &handle ) );
     psa_key_policy_init( &policy );
-    TEST_ASSERT( psa_import_key( handle, type,
-                                 data->x, data->len ) == expected_status );
+    TEST_EQUAL( psa_import_key( handle, type,
+                                data->x, data->len ), expected_status );
 
     if( expected_status != PSA_SUCCESS )
     {
-        TEST_ASSERT( psa_is_key_present_in_storage( key_id ) == 0 );
+        TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 );
         goto exit;
     }
 
     PSA_ASSERT( psa_get_key_lifetime( handle, &lifetime ) );
-    TEST_ASSERT( lifetime == PSA_KEY_LIFETIME_PERSISTENT );
+    TEST_EQUAL( lifetime, PSA_KEY_LIFETIME_PERSISTENT );
 
 exit:
     psa_destroy_persistent_key( key_id );
@@ -235,15 +235,15 @@ void import_export_persistent_key( data_t *data, int type_arg,
                                 data->x, data->len ) );
 
     PSA_ASSERT( psa_get_key_lifetime( handle, &lifetime_get ) );
-    TEST_ASSERT( lifetime_get == PSA_KEY_LIFETIME_PERSISTENT );
+    TEST_EQUAL( lifetime_get, PSA_KEY_LIFETIME_PERSISTENT );
 
     /* Test the key information */
     PSA_ASSERT( psa_get_key_information(
                     handle, &got_type, &got_bits ) );
-    TEST_ASSERT( got_type == type );
-    TEST_ASSERT( got_bits == (size_t) expected_bits );
+    TEST_EQUAL( got_type, type );
+    TEST_EQUAL( got_bits, (size_t) expected_bits );
 
-    TEST_ASSERT( psa_is_key_present_in_storage( key_id ) == 1 );
+    TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 1 );
 
     if( key_not_exist )
     {
@@ -257,7 +257,7 @@ void import_export_persistent_key( data_t *data, int type_arg,
 
     /* Destroy the key */
     PSA_ASSERT( psa_destroy_key( handle ) );
-    TEST_ASSERT( psa_is_key_present_in_storage( key_id ) == 0 );
+    TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 );
 
 exit:
     mbedtls_free( exported );
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
index 4584ceb94..30d44cc2a 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.function
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -89,7 +89,7 @@ void transient_slot_lifecycle( int type_arg, int max_bits_arg,
     PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
     PSA_ASSERT( psa_import_key( handle, type, key_data->x, key_data->len ) );
     PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) );
-    TEST_ASSERT( read_type == type );
+    TEST_EQUAL( read_type, type );
 
     /* Do something that invalidates the handle. */
     switch( close_method )
@@ -106,9 +106,9 @@ void transient_slot_lifecycle( int type_arg, int max_bits_arg,
             break;
     }
     /* Test that the handle is now invalid. */
-    TEST_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ==
-                 PSA_ERROR_INVALID_HANDLE );
-    TEST_ASSERT( psa_close_key( handle ) == PSA_ERROR_INVALID_HANDLE );
+    TEST_EQUAL( psa_get_key_information( handle, &read_type, NULL ),
+                PSA_ERROR_INVALID_HANDLE );
+    TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -145,13 +145,13 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg,
     PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
     PSA_ASSERT( psa_import_key( handle, type, key_data->x, key_data->len ) );
     PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) );
-    TEST_ASSERT( read_type == type );
+    TEST_EQUAL( read_type, type );
 
     /* Close the key and reopen it. */
     PSA_ASSERT( psa_close_key( handle ) );
     PSA_ASSERT( psa_open_key( lifetime, id, &handle ) );
     PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) );
-    TEST_ASSERT( read_type == type );
+    TEST_EQUAL( read_type, type );
 
     /* Do something that invalidates the handle. */
     switch( close_method )
@@ -168,9 +168,9 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg,
             break;
     }
     /* Test that the handle is now invalid. */
-    TEST_ASSERT( psa_get_key_information( handle, &read_type, NULL ) ==
-                 PSA_ERROR_INVALID_HANDLE );
-    TEST_ASSERT( psa_close_key( handle ) == PSA_ERROR_INVALID_HANDLE );
+    TEST_EQUAL( psa_get_key_information( handle, &read_type, NULL ),
+                PSA_ERROR_INVALID_HANDLE );
+    TEST_EQUAL( psa_close_key( handle ), PSA_ERROR_INVALID_HANDLE );
 
     /* Try to reopen the key. If we destroyed it, check that it doesn't
      * exist, otherwise check that it still exists. */
@@ -180,11 +180,11 @@ void persistent_slot_lifecycle( int lifetime_arg, int id_arg,
         case CLOSE_BY_SHUTDOWN:
             PSA_ASSERT( psa_open_key( lifetime, id, &handle ) );
             PSA_ASSERT( psa_get_key_information( handle, &read_type, NULL ) );
-            TEST_ASSERT( read_type == type );
+            TEST_EQUAL( read_type, type );
             break;
         case CLOSE_BY_DESTROY:
-            TEST_ASSERT( psa_open_key( lifetime, id, &handle ) ==
-                         PSA_ERROR_EMPTY_SLOT );
+            TEST_EQUAL( psa_open_key( lifetime, id, &handle ),
+                        PSA_ERROR_EMPTY_SLOT );
             break;
     }
 
@@ -230,9 +230,9 @@ void create_existent( int lifetime_arg, int id_arg,
         PSA_ASSERT( psa_close_key( handle1 ) );
 
     /* Attempt to create a new key in the same slot. */
-    TEST_ASSERT( psa_create_key( lifetime, id, type2, bits1, &handle2 ) ==
-                 PSA_ERROR_OCCUPIED_SLOT );
-    TEST_ASSERT( handle2 == 0 );
+    TEST_EQUAL( psa_create_key( lifetime, id, type2, bits1, &handle2 ),
+                PSA_ERROR_OCCUPIED_SLOT );
+    TEST_EQUAL( handle2, 0 );
 
     if( reopen_policy == CLOSE_AFTER )
         PSA_ASSERT( psa_close_key( handle1 ) );
@@ -243,8 +243,8 @@ void create_existent( int lifetime_arg, int id_arg,
     PSA_ASSERT( psa_get_key_policy( handle1, &read_policy ) );
     TEST_ASSERT( psa_key_policy_equal( &read_policy, &policy1 ) );
     PSA_ASSERT( psa_get_key_information( handle1, &read_type, &read_bits ) );
-    TEST_ASSERT( read_type == type1 );
-    TEST_ASSERT( read_bits == bits1 );
+    TEST_EQUAL( read_type, type1 );
+    TEST_EQUAL( read_bits, bits1 );
     PSA_ASSERT( psa_export_key( handle1,
                                 reexported, sizeof( reexported ),
                                 &reexported_length ) );
@@ -268,8 +268,8 @@ void open_fail( int lifetime_arg, int id_arg,
 
     PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_open_key( lifetime, id, &handle ) == expected_status );
-    TEST_ASSERT( handle == 0 );
+    TEST_EQUAL( psa_open_key( lifetime, id, &handle ), expected_status );
+    TEST_EQUAL( handle, 0 );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -292,10 +292,10 @@ void create_fail( int lifetime_arg, int id_arg,
 
     PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_ASSERT( psa_create_key( lifetime, id,
-                                 type, max_bits,
-                                 &handle ) == expected_status );
-    TEST_ASSERT( handle == 0 );
+    TEST_EQUAL( psa_create_key( lifetime, id,
+                                type, max_bits,
+                                &handle ), expected_status );
+    TEST_EQUAL( handle, 0 );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -326,17 +326,17 @@ void invalid_handle( )
                                 material, sizeof( material ) ) );
 
     /* Attempt to close and destroy some invalid handles. */
-    TEST_ASSERT( psa_close_key( 0 ) == PSA_ERROR_INVALID_HANDLE );
-    TEST_ASSERT( psa_close_key( handle1 - 1 ) == PSA_ERROR_INVALID_HANDLE );
-    TEST_ASSERT( psa_close_key( handle1 + 1 ) == PSA_ERROR_INVALID_HANDLE );
-    TEST_ASSERT( psa_destroy_key( 0 ) == PSA_ERROR_INVALID_HANDLE );
-    TEST_ASSERT( psa_destroy_key( handle1 - 1 ) == PSA_ERROR_INVALID_HANDLE );
-    TEST_ASSERT( psa_destroy_key( handle1 + 1 ) == PSA_ERROR_INVALID_HANDLE );
+    TEST_EQUAL( psa_close_key( 0 ), PSA_ERROR_INVALID_HANDLE );
+    TEST_EQUAL( psa_close_key( handle1 - 1 ), PSA_ERROR_INVALID_HANDLE );
+    TEST_EQUAL( psa_close_key( handle1 + 1 ), PSA_ERROR_INVALID_HANDLE );
+    TEST_EQUAL( psa_destroy_key( 0 ), PSA_ERROR_INVALID_HANDLE );
+    TEST_EQUAL( psa_destroy_key( handle1 - 1 ), PSA_ERROR_INVALID_HANDLE );
+    TEST_EQUAL( psa_destroy_key( handle1 + 1 ), PSA_ERROR_INVALID_HANDLE );
 
     /* After all this, check that the original handle is intact. */
     PSA_ASSERT( psa_get_key_information( handle1, &read_type, &read_bits ) );
-    TEST_ASSERT( read_type == PSA_KEY_TYPE_RAW_DATA );
-    TEST_ASSERT( read_bits == PSA_BYTES_TO_BITS( sizeof( material ) ) );
+    TEST_EQUAL( read_type, PSA_KEY_TYPE_RAW_DATA );
+    TEST_EQUAL( read_bits, PSA_BYTES_TO_BITS( sizeof( material ) ) );
     PSA_ASSERT( psa_close_key( handle1 ) );
 
 exit:
diff --git a/tests/suites/test_suite_psa_crypto_storage_file.function b/tests/suites/test_suite_psa_crypto_storage_file.function
index dabba2096..bf86ebb4d 100644
--- a/tests/suites/test_suite_psa_crypto_storage_file.function
+++ b/tests/suites/test_suite_psa_crypto_storage_file.function
@@ -30,9 +30,9 @@ void load_data_from_file( int id_to_load_arg,
         file = fopen( slot_location, "wb+" );
         TEST_ASSERT( file != NULL );
         file_size = fwrite( data->x, 1, data->len, file );
-        TEST_ASSERT( file_size == data->len );
+        TEST_EQUAL( file_size, data->len );
         ret = fclose( file );
-        TEST_ASSERT( ret == 0 );
+        TEST_EQUAL( ret, 0 );
     }
 
     /* Read from the file with psa_crypto_storage_load. */
@@ -41,7 +41,7 @@ void load_data_from_file( int id_to_load_arg,
     status = psa_crypto_storage_load( id_to_load, loaded_data, file_size );
 
     /* Check we get the expected status. */
-    TEST_ASSERT( status == expected_status );
+    TEST_EQUAL( status, expected_status );
     if( status != PSA_SUCCESS )
         goto exit;
 
@@ -69,7 +69,7 @@ void write_data_to_file( data_t *data, int expected_status )
     status = psa_crypto_storage_store( 1, data->x, data->len );
 
     /* Check that we got the expected status. */
-    TEST_ASSERT( status == expected_status );
+    TEST_EQUAL( status, expected_status );
     if( status != PSA_SUCCESS )
         goto exit;
 
@@ -79,17 +79,17 @@ void write_data_to_file( data_t *data, int expected_status )
     fseek( file, 0, SEEK_END );
     file_size = (size_t) ftell( file );
     fseek( file, 0, SEEK_SET );
-    TEST_ASSERT( file_size == data->len );
+    TEST_EQUAL( file_size, data->len );
 
     /* Check that the file contents are what we expect */
     loaded_data = mbedtls_calloc( 1, data->len );
     TEST_ASSERT( loaded_data != NULL );
 
     num_read = fread( loaded_data, 1, file_size, file );
-    TEST_ASSERT( num_read == file_size );
+    TEST_EQUAL( num_read, file_size );
     ASSERT_COMPARE( data->x, data->len, loaded_data, file_size );
     ret = fclose( file );
-    TEST_ASSERT( ret == 0 );
+    TEST_EQUAL( ret, 0 );
 
 exit:
     mbedtls_free( loaded_data );
@@ -113,16 +113,16 @@ void get_file_size( data_t *data, int expected_data_length,
         file = fopen( slot_location, "wb+" );
         TEST_ASSERT( file != NULL );
         file_size = fwrite( data->x, 1, data->len, file );
-        TEST_ASSERT( file_size == data->len );
+        TEST_EQUAL( file_size, data->len );
         ret = fclose( file );
-        TEST_ASSERT( ret == 0 );
+        TEST_EQUAL( ret, 0 );
     }
 
     /* Check get data size is what we expect */
     status = psa_crypto_storage_get_data_length( 1, &file_size );
-    TEST_ASSERT( status == expected_status );
+    TEST_EQUAL( status, expected_status );
     if( expected_status == PSA_SUCCESS )
-        TEST_ASSERT( file_size == (size_t)expected_data_length );
+        TEST_EQUAL( file_size, (size_t)expected_data_length );
 
 exit:
     remove( slot_location );
@@ -142,13 +142,13 @@ void write_data_to_prexisting_file( char *preexist_file_location,
     file = fopen( preexist_file_location, "wb" );
     TEST_ASSERT( file != NULL );
     ret = fclose( file );
-    TEST_ASSERT( ret == 0 );
+    TEST_EQUAL( ret, 0 );
 
     /* Write data to file. */
     status = psa_crypto_storage_store( 1, data->x, data->len );
 
     /* Check that we got the expected status. */
-    TEST_ASSERT( status == expected_status );
+    TEST_EQUAL( status, expected_status );
     if( status != PSA_SUCCESS )
         goto exit;
 

From f812dcf4aea4390bb6639593613865be77dd5aee Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 18 Dec 2018 00:33:25 +0100
Subject: [PATCH 877/889] Rewrap some lines after the macro changes

Change the way some lines are wrapped to cut at a more logical place.
This commit mainly rewrites multi-line calls to TEST_EQUAL, and also a
few calls to PSA_ASSERT.
---
 tests/suites/test_suite_psa_crypto.function   | 138 +++++++++---------
 .../test_suite_psa_crypto_metadata.function   |  19 +--
 ...t_suite_psa_crypto_persistent_key.function |  11 +-
 ..._suite_psa_crypto_slot_management.function |   5 +-
 4 files changed, 84 insertions(+), 89 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 561136de2..3e957b8f1 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -158,9 +158,8 @@ static int exercise_mac_key( psa_key_handle_t handle,
                                           handle, alg ) );
         PSA_ASSERT( psa_mac_update( &operation,
                                     input, sizeof( input ) ) );
-        TEST_EQUAL( psa_mac_verify_finish( &operation,
-                                           mac,
-                                           mac_length ), verify_status );
+        TEST_EQUAL( psa_mac_verify_finish( &operation, mac, mac_length ),
+                    verify_status );
     }
 
     return( 1 );
@@ -273,7 +272,8 @@ static int exercise_aead_key( psa_key_handle_t handle,
                                       NULL, 0,
                                       ciphertext, ciphertext_length,
                                       plaintext, sizeof( plaintext ),
-                                      &plaintext_length ), verify_status );
+                                      &plaintext_length ),
+                    verify_status );
     }
 
     return( 1 );
@@ -334,12 +334,11 @@ static int exercise_asymmetric_encryption_key( psa_key_handle_t handle,
 
     if( usage & PSA_KEY_USAGE_ENCRYPT )
     {
-        PSA_ASSERT(
-            psa_asymmetric_encrypt( handle, alg,
-                                    plaintext, plaintext_length,
-                                    NULL, 0,
-                                    ciphertext, sizeof( ciphertext ),
-                                    &ciphertext_length ) );
+        PSA_ASSERT( psa_asymmetric_encrypt( handle, alg,
+                                            plaintext, plaintext_length,
+                                            NULL, 0,
+                                            ciphertext, sizeof( ciphertext ),
+                                            &ciphertext_length ) );
     }
 
     if( usage & PSA_KEY_USAGE_DECRYPT )
@@ -496,7 +495,8 @@ static int asn1_skip_integer( unsigned char **p, const unsigned char *end,
     size_t actual_bits;
     unsigned char msb;
     TEST_EQUAL( mbedtls_asn1_get_tag( p, end, &len,
-                                      MBEDTLS_ASN1_INTEGER ), 0 );
+                                      MBEDTLS_ASN1_INTEGER ),
+                0 );
     /* Tolerate a slight departure from DER encoding:
      * - 0 may be represented by an empty string or a 1-byte string.
      * - The sign bit may be used as a value bit. */
@@ -646,7 +646,8 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits,
          */
         TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len,
                                           MBEDTLS_ASN1_SEQUENCE |
-                                          MBEDTLS_ASN1_CONSTRUCTED ), 0 );
+                                          MBEDTLS_ASN1_CONSTRUCTED ),
+                    0 );
         TEST_EQUAL( p + len, end );
         TEST_EQUAL( mbedtls_asn1_get_alg( &p, end, &alg, &params ), 0 );
         if( ! is_oid_of_key_type( type, alg.p, alg.len ) )
@@ -664,7 +665,8 @@ static int exported_key_sanity_check( psa_key_type_t type, size_t bits,
             TEST_EQUAL( bitstring.unused_bits, 0 );
             TEST_EQUAL( mbedtls_asn1_get_tag( &p, end, &len,
                                               MBEDTLS_ASN1_SEQUENCE |
-                                              MBEDTLS_ASN1_CONSTRUCTED ), 0 );
+                                              MBEDTLS_ASN1_CONSTRUCTED ),
+                        0 );
             TEST_EQUAL( p + len, end );
             if( ! asn1_skip_integer( &p, end, bits, bits, 1 ) )
                 goto exit;
@@ -756,8 +758,7 @@ static int exercise_export_public_key( psa_key_handle_t handle )
     PSA_ASSERT( psa_get_key_information( handle, &type, &bits ) );
     if( ! PSA_KEY_TYPE_IS_ASYMMETRIC( type ) )
     {
-        TEST_EQUAL( psa_export_public_key( handle,
-                                           NULL, 0, &exported_length ),
+        TEST_EQUAL( psa_export_public_key( handle, NULL, 0, &exported_length ),
                     PSA_ERROR_INVALID_ARGUMENT );
         return( 1 );
     }
@@ -1014,8 +1015,8 @@ void import_export( data_t *data,
     psa_key_policy_set_usage( &policy, usage_arg, alg );
     PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
-    TEST_EQUAL( psa_get_key_information(
-                    handle, NULL, NULL ), PSA_ERROR_EMPTY_SLOT );
+    TEST_EQUAL( psa_get_key_information( handle, NULL, NULL ),
+                PSA_ERROR_EMPTY_SLOT );
 
     /* Import the key */
     PSA_ASSERT( psa_import_key( handle, type,
@@ -1075,8 +1076,8 @@ void import_export( data_t *data,
 destroy:
     /* Destroy the key */
     PSA_ASSERT( psa_destroy_key( handle ) );
-    TEST_EQUAL( psa_get_key_information(
-                    handle, NULL, NULL ), PSA_ERROR_INVALID_HANDLE );
+    TEST_EQUAL( psa_get_key_information( handle, NULL, NULL ),
+                PSA_ERROR_INVALID_HANDLE );
 
 exit:
     mbedtls_free( exported );
@@ -1826,14 +1827,12 @@ void hash_bad_order( )
 
     /* psa_hash_update without calling psa_hash_setup beforehand */
     memset( &operation, 0, sizeof( operation ) );
-    TEST_EQUAL( psa_hash_update( &operation,
-                                 input, sizeof( input ) ),
+    TEST_EQUAL( psa_hash_update( &operation, input, sizeof( input ) ),
                 PSA_ERROR_INVALID_ARGUMENT );
 
     /* psa_hash_verify without calling psa_hash_setup beforehand */
     memset( &operation, 0, sizeof( operation ) );
-    TEST_EQUAL( psa_hash_verify( &operation,
-                                 hash, sizeof( hash ) ),
+    TEST_EQUAL( psa_hash_verify( &operation, hash, sizeof( hash ) ),
                 PSA_ERROR_INVALID_ARGUMENT );
 
     /* psa_hash_finish without calling psa_hash_setup beforehand */
@@ -1864,20 +1863,17 @@ void hash_verify_bad_args( )
 
     /* psa_hash_verify with a smaller hash than expected */
     PSA_ASSERT( psa_hash_setup( &operation, alg ) );
-    TEST_EQUAL( psa_hash_verify( &operation,
-                                 hash, expected_size - 1 ),
+    TEST_EQUAL( psa_hash_verify( &operation, hash, expected_size - 1 ),
                 PSA_ERROR_INVALID_SIGNATURE );
 
     /* psa_hash_verify with a non-matching hash */
     PSA_ASSERT( psa_hash_setup( &operation, alg ) );
-    TEST_EQUAL( psa_hash_verify( &operation,
-                                 hash + 1, expected_size ),
+    TEST_EQUAL( psa_hash_verify( &operation, hash + 1, expected_size ),
                 PSA_ERROR_INVALID_SIGNATURE );
 
     /* psa_hash_verify with a hash longer than expected */
     PSA_ASSERT( psa_hash_setup( &operation, alg ) );
-    TEST_EQUAL( psa_hash_verify( &operation,
-                                 hash, sizeof( hash ) ),
+    TEST_EQUAL( psa_hash_verify( &operation, hash, sizeof( hash ) ),
                 PSA_ERROR_INVALID_SIGNATURE );
 
 exit:
@@ -1899,8 +1895,8 @@ void hash_finish_bad_args( )
     /* psa_hash_finish with a smaller hash buffer than expected */
     PSA_ASSERT( psa_hash_setup( &operation, alg ) );
     TEST_EQUAL( psa_hash_finish( &operation,
-                                 hash, expected_size - 1,
-                                 &hash_len ), PSA_ERROR_BUFFER_TOO_SMALL );
+                                 hash, expected_size - 1, &hash_len ),
+                PSA_ERROR_BUFFER_TOO_SMALL );
 
 exit:
     mbedtls_psa_crypto_free( );
@@ -2645,7 +2641,8 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data,
                                   additional_data->len,
                                   input_data->x, input_data->len,
                                   output_data, output_size,
-                                  &output_length ), expected_result );
+                                  &output_length ),
+                expected_result );
 
     if( PSA_SUCCESS == expected_result )
     {
@@ -2657,7 +2654,8 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data,
                                       additional_data->len,
                                       output_data, output_length,
                                       output_data2, output_length,
-                                      &output_length2 ), expected_result );
+                                      &output_length2 ),
+                    expected_result );
 
         ASSERT_COMPARE( input_data->x, input_data->len,
                         output_data2, output_length2 );
@@ -2782,7 +2780,8 @@ void aead_decrypt( int key_type_arg, data_t *key_data,
                                   additional_data->len,
                                   input_data->x, input_data->len,
                                   output_data, output_size,
-                                  &output_length ), expected_result );
+                                  &output_length ),
+                expected_result );
 
     if( expected_result == PSA_SUCCESS )
         ASSERT_COMPARE( expected_data->x, expected_data->len,
@@ -2984,11 +2983,10 @@ void sign_verify( int key_type_arg, data_t *key_data,
          * detected as invalid. Flip a bit at the beginning, not at the end,
          * because ECDSA may ignore the last few bits of the input. */
         input_data->x[0] ^= 1;
-        TEST_EQUAL( psa_asymmetric_verify(
-                        handle, alg,
-                        input_data->x, input_data->len,
-                        signature,
-                        signature_length ), PSA_ERROR_INVALID_SIGNATURE );
+        TEST_EQUAL( psa_asymmetric_verify( handle, alg,
+                                           input_data->x, input_data->len,
+                                           signature, signature_length ),
+                    PSA_ERROR_INVALID_SIGNATURE );
     }
 
 exit:
@@ -3409,7 +3407,8 @@ void derive_setup( int key_type_arg,
     TEST_EQUAL( psa_key_derivation( &generator, handle, alg,
                                     salt->x, salt->len,
                                     label->x, label->len,
-                                    requested_capacity ), expected_status );
+                                    requested_capacity ),
+                expected_status );
 
 exit:
     psa_generator_abort( &generator );
@@ -3455,13 +3454,13 @@ void test_derive_invalid_generator_state( )
     TEST_EQUAL(  psa_key_derivation( &generator, handle, alg,
                                      NULL, 0,
                                      NULL, 0,
-                                     capacity ), PSA_ERROR_BAD_STATE );
+                                     capacity ),
+                 PSA_ERROR_BAD_STATE );
 
-    PSA_ASSERT( psa_generator_read( &generator, buffer, capacity )
-        );
+    PSA_ASSERT( psa_generator_read( &generator, buffer, capacity ) );
 
-    TEST_EQUAL( psa_generator_read( &generator, buffer, capacity )
-                , PSA_ERROR_INSUFFICIENT_CAPACITY );
+    TEST_EQUAL( psa_generator_read( &generator, buffer, capacity ),
+                PSA_ERROR_INSUFFICIENT_CAPACITY );
 
 exit:
     psa_generator_abort( &generator );
@@ -3649,9 +3648,8 @@ void derive_full( int alg_arg,
     }
 
     /* Check that the generator refuses to go over capacity. */
-    TEST_EQUAL( psa_generator_read( &generator,
-                                    output_buffer,
-                                    1 ), PSA_ERROR_INSUFFICIENT_CAPACITY );
+    TEST_EQUAL( psa_generator_read( &generator, output_buffer, 1 ),
+                PSA_ERROR_INSUFFICIENT_CAPACITY );
 
     PSA_ASSERT( psa_generator_abort( &generator ) );
 
@@ -3847,7 +3845,8 @@ void key_agreement_setup( int alg_arg,
     TEST_EQUAL( psa_key_agreement( &generator,
                                    our_key,
                                    peer_key_data->x, peer_key_data->len,
-                                   alg ), expected_status_arg );
+                                   alg ),
+                expected_status_arg );
 
 exit:
     psa_generator_abort( &generator );
@@ -3946,18 +3945,16 @@ void key_agreement_output( int alg_arg,
                                    peer_key_data->x, peer_key_data->len,
                                    alg ) );
 
-    PSA_ASSERT(
-        psa_generator_read( &generator,
-                            actual_output,
-                            expected_output1->len ) );
+    PSA_ASSERT( psa_generator_read( &generator,
+                                    actual_output,
+                                    expected_output1->len ) );
     TEST_EQUAL( memcmp( actual_output, expected_output1->x,
                         expected_output1->len ), 0 );
     if( expected_output2->len != 0 )
     {
-        PSA_ASSERT(
-            psa_generator_read( &generator,
-                                actual_output,
-                                expected_output2->len ) );
+        PSA_ASSERT( psa_generator_read( &generator,
+                                        actual_output,
+                                        expected_output2->len ) );
         TEST_EQUAL( memcmp( actual_output, expected_output2->x,
                             expected_output2->len ), 0 );
     }
@@ -4047,13 +4044,12 @@ void generate_key( int type_arg,
     PSA_ASSERT( psa_set_key_policy( handle, &policy ) );
 
     /* Generate a key */
-    TEST_EQUAL( psa_generate_key( handle, type, bits,
-                                  NULL, 0 ), expected_status );
+    TEST_EQUAL( psa_generate_key( handle, type, bits, NULL, 0 ),
+                expected_status );
 
     /* Test the key information */
-    TEST_EQUAL( psa_get_key_information( handle,
-                                         &got_type,
-                                         &got_bits ), expected_info_status );
+    TEST_EQUAL( psa_get_key_information( handle, &got_type, &got_bits ),
+                expected_info_status );
     if( expected_info_status != PSA_SUCCESS )
         goto exit;
     TEST_EQUAL( got_type, type );
@@ -4144,8 +4140,10 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg,
     }
 
     /* Export the key */
-    TEST_EQUAL( psa_export_key( handle, first_export, export_size,
-                                &first_exported_length ), export_status );
+    TEST_EQUAL( psa_export_key( handle,
+                                first_export, export_size,
+                                &first_exported_length ),
+                export_status );
 
     /* Shutdown and restart */
     mbedtls_psa_crypto_free();
@@ -4160,14 +4158,14 @@ void persistent_key_load_key_from_storage( data_t *data, int type_arg,
     TEST_EQUAL( bits_get, (size_t) bits );
 
     PSA_ASSERT( psa_get_key_policy( handle, &policy_get ) );
-    TEST_EQUAL( psa_key_policy_get_usage(
-                    &policy_get ), policy_usage );
-    TEST_EQUAL( psa_key_policy_get_algorithm(
-                    &policy_get ), policy_alg );
+    TEST_EQUAL( psa_key_policy_get_usage( &policy_get ), policy_usage );
+    TEST_EQUAL( psa_key_policy_get_algorithm( &policy_get ), policy_alg );
 
     /* Export the key again */
-    TEST_EQUAL( psa_export_key( handle, second_export, export_size,
-                                &second_exported_length ), export_status );
+    TEST_EQUAL( psa_export_key( handle,
+                                second_export, export_size,
+                                &second_exported_length ),
+                export_status );
 
     if( export_status == PSA_SUCCESS )
     {
diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
index 1748b205c..94e6f6cb7 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.function
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -287,20 +287,17 @@ void aead_algorithm( int alg_arg, int classification_flags,
     {
         psa_algorithm_t truncated_alg = PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, n );
         aead_algorithm_core( truncated_alg, classification_flags, n );
-        TEST_EQUAL(
-            PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH( truncated_alg ), alg );
+        TEST_EQUAL( PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH( truncated_alg ),
+                    alg );
         /* Check that calling PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH twice gives
          * the length of the outer truncation (even if the outer length is
          * smaller than the inner length). */
-        TEST_EQUAL(
-            PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, 1 ),
-            PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 1 ) );
-        TEST_EQUAL(
-            PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length - 1 ),
-            PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length - 1) );
-        TEST_EQUAL(
-            PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length ),
-            PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length ) );
+        TEST_EQUAL( PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, 1 ),
+                    PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, 1 ) );
+        TEST_EQUAL( PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length - 1 ),
+                    PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length - 1) );
+        TEST_EQUAL( PSA_ALG_AEAD_WITH_TAG_LENGTH( truncated_alg, tag_length ),
+                    PSA_ALG_AEAD_WITH_TAG_LENGTH( alg, tag_length ) );
     }
 }
 /* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function
index c467d1901..425dabbd9 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.function
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.function
@@ -102,7 +102,8 @@ void save_large_persistent_key( int data_too_large, int expected_status )
                                 &handle ) );
 
     TEST_EQUAL( psa_import_key( handle, PSA_KEY_TYPE_RAW_DATA,
-                                data, data_length ), expected_status );
+                                data, data_length ),
+                expected_status );
 
 exit:
     mbedtls_free( data );
@@ -143,8 +144,8 @@ void persistent_key_destroy( int key_id_arg, int should_store,
 
     /* Check key slot storage is removed */
     TEST_EQUAL( psa_is_key_present_in_storage( key_id ), 0 );
-    TEST_EQUAL( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id,
-                              &handle ), PSA_ERROR_EMPTY_SLOT );
+    TEST_EQUAL( psa_open_key( PSA_KEY_LIFETIME_PERSISTENT, key_id, &handle ),
+                PSA_ERROR_EMPTY_SLOT );
     TEST_EQUAL( handle, 0 );
 
     /* Shutdown and restart */
@@ -183,8 +184,8 @@ void persistent_key_import( int key_id_arg, int type_arg, data_t *data,
                                 PSA_BYTES_TO_BITS( data->len ),
                                 &handle ) );
     psa_key_policy_init( &policy );
-    TEST_EQUAL( psa_import_key( handle, type,
-                                data->x, data->len ), expected_status );
+    TEST_EQUAL( psa_import_key( handle, type, data->x, data->len ),
+                expected_status );
 
     if( expected_status != PSA_SUCCESS )
     {
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
index 30d44cc2a..3df0887a6 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.function
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -292,9 +292,8 @@ void create_fail( int lifetime_arg, int id_arg,
 
     PSA_ASSERT( psa_crypto_init( ) );
 
-    TEST_EQUAL( psa_create_key( lifetime, id,
-                                type, max_bits,
-                                &handle ), expected_status );
+    TEST_EQUAL( psa_create_key( lifetime, id, type, max_bits, &handle ),
+                expected_status );
     TEST_EQUAL( handle, 0 );
 
 exit:

From 0dfba2ddf0162136eb9cc29db845dc056a39427d Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 18 Dec 2018 00:40:50 +0100
Subject: [PATCH 878/889] Use ASSERT_COMPARE in preference to memcmp in PSA
 tests

---
 tests/suites/test_suite_psa_crypto.function | 22 +++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 3e957b8f1..0d5da7c22 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1985,8 +1985,8 @@ void mac_sign( int key_type_arg,
                                      &mac_length ) );
 
     /* Compare with the expected value. */
-    TEST_EQUAL( mac_length, expected_mac->len );
-    TEST_EQUAL( memcmp( actual_mac, expected_mac->x, mac_length ), 0 );
+    ASSERT_COMPARE( expected_mac->x, expected_mac->len,
+                    actual_mac, mac_length );
 
     /* Verify that the end of the buffer is untouched. */
     TEST_ASSERT( mem_is_char( actual_mac + mac_length, '+',
@@ -3576,8 +3576,8 @@ void derive_output( int alg_arg,
         /* Success. Check the read data. */
         PSA_ASSERT( status );
         if( output_sizes[i] != 0 )
-            TEST_EQUAL( memcmp( output_buffer, expected_outputs[i],
-                                output_sizes[i] ), 0 );
+            ASSERT_COMPARE( output_buffer, output_sizes[i],
+                            expected_outputs[i], output_sizes[i] );
         /* Check the generator status. */
         expected_capacity -= output_sizes[i];
         PSA_ASSERT( psa_get_generator_capacity( &generator,
@@ -3805,7 +3805,8 @@ void derive_key_export( int alg_arg,
     TEST_EQUAL( length, bytes2 );
 
     /* Compare the outputs from the two runs. */
-    TEST_EQUAL( memcmp( output_buffer, export_buffer, capacity ), 0 );
+    ASSERT_COMPARE( output_buffer, bytes1 + bytes2,
+                    export_buffer, capacity );
 
 exit:
     mbedtls_free( output_buffer );
@@ -3948,15 +3949,15 @@ void key_agreement_output( int alg_arg,
     PSA_ASSERT( psa_generator_read( &generator,
                                     actual_output,
                                     expected_output1->len ) );
-    TEST_EQUAL( memcmp( actual_output, expected_output1->x,
-                        expected_output1->len ), 0 );
+    ASSERT_COMPARE( actual_output, expected_output1->len,
+                    expected_output1->x, expected_output1->len );
     if( expected_output2->len != 0 )
     {
         PSA_ASSERT( psa_generator_read( &generator,
                                         actual_output,
                                         expected_output2->len ) );
-        TEST_EQUAL( memcmp( actual_output, expected_output2->x,
-                            expected_output2->len ), 0 );
+        ASSERT_COMPARE( actual_output, expected_output2->len,
+                        expected_output2->x, expected_output2->len );
     }
 
 exit:
@@ -3993,7 +3994,8 @@ void generate_random( int bytes_arg )
         PSA_ASSERT( psa_generate_random( output, bytes ) );
 
         /* Check that no more than bytes have been overwritten */
-        TEST_EQUAL( memcmp( output + bytes, trail, sizeof( trail ) ), 0 );
+        ASSERT_COMPARE( output + bytes, sizeof( trail ),
+                        trail, sizeof( trail ) );
 
         for( i = 0; i < bytes; i++ )
         {

From 40ab95bdbca011e9f88a190d49128fc10e71e2bf Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 18 Dec 2018 00:47:17 +0100
Subject: [PATCH 879/889] Remove checks of test parameters against SIZE_MAX

Our code base doesn't even support 16-bit platforms, so those checks
are always trivially true.
---
 tests/suites/test_suite_psa_crypto.function | 59 ---------------------
 1 file changed, 59 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 0d5da7c22..cf0dd80d2 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -13,12 +13,6 @@
 
 #define MAX( x, y ) ( ( x ) > ( y ) ? ( x ) : ( y ) )
 
-#if(UINT32_MAX > SIZE_MAX)
-#define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) ( ( x ) <= SIZE_MAX )
-#else
-#define PSA_CRYPTO_TEST_SIZE_T_RANGE( x ) 1
-#endif
-
 /** An invalid export length that will never be set by psa_export_key(). */
 static const size_t INVALID_EXPORT_LENGTH = ~0U;
 
@@ -884,7 +878,6 @@ void import( data_t *data, int type, int expected_status_arg )
     psa_status_t status;
 
     TEST_ASSERT( data != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
     PSA_ASSERT( psa_crypto_init( ) );
 
     PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
@@ -1003,7 +996,6 @@ void import_export( data_t *data,
     psa_key_policy_t policy;
 
     TEST_ASSERT( data != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( data->len ) );
     export_size = (ptrdiff_t) data->len + export_size_delta;
     ASSERT_ALLOC( exported, export_size );
     if( ! canonical_input )
@@ -2016,9 +2008,6 @@ void mac_verify( int key_type_arg,
     TEST_ASSERT( key != NULL );
     TEST_ASSERT( input != NULL );
     TEST_ASSERT( expected_mac != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_mac->len ) );
 
     PSA_ASSERT( psa_crypto_init( ) );
 
@@ -2104,9 +2093,6 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( key != NULL );
     TEST_ASSERT( input != NULL );
     TEST_ASSERT( expected_output != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
 
     iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     memset( iv, 0x2a, iv_size );
@@ -2179,9 +2165,6 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( key != NULL );
     TEST_ASSERT( input != NULL );
     TEST_ASSERT( expected_output != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
 
     iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     memset( iv, 0x2a, iv_size );
@@ -2257,9 +2240,6 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     TEST_ASSERT( key != NULL );
     TEST_ASSERT( input != NULL );
     TEST_ASSERT( expected_output != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
 
     iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     memset( iv, 0x2a, iv_size );
@@ -2337,9 +2317,6 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     TEST_ASSERT( key != NULL );
     TEST_ASSERT( input != NULL );
     TEST_ASSERT( expected_output != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_output->len ) );
 
     iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     memset( iv, 0x2a, iv_size );
@@ -2415,8 +2392,6 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
 
     TEST_ASSERT( key != NULL );
     TEST_ASSERT( input != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
 
     PSA_ASSERT( psa_crypto_init( ) );
 
@@ -2506,8 +2481,6 @@ void cipher_verify_output_multipart( int alg_arg,
 
     TEST_ASSERT( key != NULL );
     TEST_ASSERT( input != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input->len ) );
 
     PSA_ASSERT( psa_crypto_init( ) );
 
@@ -2614,10 +2587,6 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data,
     TEST_ASSERT( input_data != NULL );
     TEST_ASSERT( nonce != NULL );
     TEST_ASSERT( additional_data != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) );
 
     output_size = input_data->len + tag_length;
     ASSERT_ALLOC( output_data, output_size );
@@ -2691,11 +2660,6 @@ void aead_encrypt( int key_type_arg, data_t *key_data,
     TEST_ASSERT( additional_data != NULL );
     TEST_ASSERT( nonce != NULL );
     TEST_ASSERT( expected_result != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_result->len ) );
 
     output_size = input_data->len + tag_length;
     ASSERT_ALLOC( output_data, output_size );
@@ -2753,11 +2717,6 @@ void aead_decrypt( int key_type_arg, data_t *key_data,
     TEST_ASSERT( additional_data != NULL );
     TEST_ASSERT( nonce != NULL );
     TEST_ASSERT( expected_data != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( additional_data->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( nonce->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) );
 
     output_size = input_data->len + tag_length;
     ASSERT_ALLOC( output_data, output_size );
@@ -2826,9 +2785,6 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
     TEST_ASSERT( output_data != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( output_data->len ) );
 
     PSA_ASSERT( psa_crypto_init( ) );
 
@@ -2887,8 +2843,6 @@ void sign_fail( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
 
     ASSERT_ALLOC( signature, signature_size );
 
@@ -3011,9 +2965,6 @@ void asymmetric_verify( int key_type_arg, data_t *key_data,
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( hash_data != NULL );
     TEST_ASSERT( signature_data != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( hash_data->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( signature_data->len ) );
 
     PSA_ASSERT( psa_crypto_init( ) );
 
@@ -3054,9 +3005,6 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( hash_data != NULL );
     TEST_ASSERT( signature_data != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( hash_data->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( signature_data->len ) );
 
     PSA_ASSERT( psa_crypto_init( ) );
 
@@ -3178,8 +3126,6 @@ void asymmetric_encrypt_decrypt( int key_type_arg,
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
 
     PSA_ASSERT( psa_crypto_init( ) );
 
@@ -3252,9 +3198,6 @@ void asymmetric_decrypt( int key_type_arg,
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
     TEST_ASSERT( expected_data != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( expected_data->len ) );
 
     output_size = key_data->len;
     ASSERT_ALLOC( output, output_size );
@@ -3325,8 +3268,6 @@ void asymmetric_decrypt_fail( int key_type_arg,
 
     TEST_ASSERT( key_data != NULL );
     TEST_ASSERT( input_data != NULL );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( key_data->len ) );
-    TEST_ASSERT( PSA_CRYPTO_TEST_SIZE_T_RANGE( input_data->len ) );
 
     output_size = key_data->len;
     ASSERT_ALLOC( output, output_size );

From 1f2aa0e3b0fc8934d19f08e28ba20aade2a4c1c9 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 18 Dec 2018 00:48:27 +0100
Subject: [PATCH 880/889] Remove useless null checks of data_t* parameters

The test framework never passes NULL for a data_t* parameter, so
testing them against NULL is clutter.
---
 tests/suites/test_suite_psa_crypto.function | 70 ---------------------
 1 file changed, 70 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index cf0dd80d2..c194a074e 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -877,7 +877,6 @@ void import( data_t *data, int type, int expected_status_arg )
     psa_status_t expected_status = expected_status_arg;
     psa_status_t status;
 
-    TEST_ASSERT( data != NULL );
     PSA_ASSERT( psa_crypto_init( ) );
 
     PSA_ASSERT( psa_allocate_key( type, KEY_BITS_FROM_DATA( type, data ),
@@ -995,7 +994,6 @@ void import_export( data_t *data,
     size_t got_bits;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( data != NULL );
     export_size = (ptrdiff_t) data->len + export_size_delta;
     ASSERT_ALLOC( exported, export_size );
     if( ! canonical_input )
@@ -2005,10 +2003,6 @@ void mac_verify( int key_type_arg,
 
     TEST_ASSERT( expected_mac->len <= PSA_MAC_MAX_SIZE );
 
-    TEST_ASSERT( key != NULL );
-    TEST_ASSERT( input != NULL );
-    TEST_ASSERT( expected_mac != NULL );
-
     PSA_ASSERT( psa_crypto_init( ) );
 
     PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
@@ -2090,10 +2084,6 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
     psa_cipher_operation_t operation;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( key != NULL );
-    TEST_ASSERT( input != NULL );
-    TEST_ASSERT( expected_output != NULL );
-
     iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     memset( iv, 0x2a, iv_size );
 
@@ -2162,10 +2152,6 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
     psa_cipher_operation_t operation;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( key != NULL );
-    TEST_ASSERT( input != NULL );
-    TEST_ASSERT( expected_output != NULL );
-
     iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     memset( iv, 0x2a, iv_size );
 
@@ -2237,10 +2223,6 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
     psa_cipher_operation_t operation;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( key != NULL );
-    TEST_ASSERT( input != NULL );
-    TEST_ASSERT( expected_output != NULL );
-
     iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     memset( iv, 0x2a, iv_size );
 
@@ -2314,10 +2296,6 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
     psa_cipher_operation_t operation;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( key != NULL );
-    TEST_ASSERT( input != NULL );
-    TEST_ASSERT( expected_output != NULL );
-
     iv_size = PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
     memset( iv, 0x2a, iv_size );
 
@@ -2390,9 +2368,6 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
     psa_cipher_operation_t operation2;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( key != NULL );
-    TEST_ASSERT( input != NULL );
-
     PSA_ASSERT( psa_crypto_init( ) );
 
     PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
@@ -2479,9 +2454,6 @@ void cipher_verify_output_multipart( int alg_arg,
     psa_cipher_operation_t operation2;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( key != NULL );
-    TEST_ASSERT( input != NULL );
-
     PSA_ASSERT( psa_crypto_init( ) );
 
     PSA_ASSERT( psa_allocate_key( key_type, PSA_BYTES_TO_BITS( key->len ),
@@ -2583,11 +2555,6 @@ void aead_encrypt_decrypt( int key_type_arg, data_t *key_data,
     psa_status_t expected_result = expected_result_arg;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( key_data != NULL );
-    TEST_ASSERT( input_data != NULL );
-    TEST_ASSERT( nonce != NULL );
-    TEST_ASSERT( additional_data != NULL );
-
     output_size = input_data->len + tag_length;
     ASSERT_ALLOC( output_data, output_size );
 
@@ -2655,12 +2622,6 @@ void aead_encrypt( int key_type_arg, data_t *key_data,
     size_t tag_length = 16;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( key_data != NULL );
-    TEST_ASSERT( input_data != NULL );
-    TEST_ASSERT( additional_data != NULL );
-    TEST_ASSERT( nonce != NULL );
-    TEST_ASSERT( expected_result != NULL );
-
     output_size = input_data->len + tag_length;
     ASSERT_ALLOC( output_data, output_size );
 
@@ -2712,12 +2673,6 @@ void aead_decrypt( int key_type_arg, data_t *key_data,
     psa_key_policy_t policy;
     psa_status_t expected_result = expected_result_arg;
 
-    TEST_ASSERT( key_data != NULL );
-    TEST_ASSERT( input_data != NULL );
-    TEST_ASSERT( additional_data != NULL );
-    TEST_ASSERT( nonce != NULL );
-    TEST_ASSERT( expected_data != NULL );
-
     output_size = input_data->len + tag_length;
     ASSERT_ALLOC( output_data, output_size );
 
@@ -2782,10 +2737,6 @@ void sign_deterministic( int key_type_arg, data_t *key_data,
     size_t signature_length = 0xdeadbeef;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( key_data != NULL );
-    TEST_ASSERT( input_data != NULL );
-    TEST_ASSERT( output_data != NULL );
-
     PSA_ASSERT( psa_crypto_init( ) );
 
     PSA_ASSERT( psa_allocate_key( key_type,
@@ -2841,9 +2792,6 @@ void sign_fail( int key_type_arg, data_t *key_data,
     size_t signature_length = 0xdeadbeef;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( key_data != NULL );
-    TEST_ASSERT( input_data != NULL );
-
     ASSERT_ALLOC( signature, signature_size );
 
     PSA_ASSERT( psa_crypto_init( ) );
@@ -2962,10 +2910,6 @@ void asymmetric_verify( int key_type_arg, data_t *key_data,
 
     TEST_ASSERT( signature_data->len <= PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE );
 
-    TEST_ASSERT( key_data != NULL );
-    TEST_ASSERT( hash_data != NULL );
-    TEST_ASSERT( signature_data != NULL );
-
     PSA_ASSERT( psa_crypto_init( ) );
 
     PSA_ASSERT( psa_allocate_key( key_type,
@@ -3002,10 +2946,6 @@ void asymmetric_verify_fail( int key_type_arg, data_t *key_data,
     psa_status_t expected_status = expected_status_arg;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( key_data != NULL );
-    TEST_ASSERT( hash_data != NULL );
-    TEST_ASSERT( signature_data != NULL );
-
     PSA_ASSERT( psa_crypto_init( ) );
 
     PSA_ASSERT( psa_allocate_key( key_type,
@@ -3124,9 +3064,6 @@ void asymmetric_encrypt_decrypt( int key_type_arg,
     size_t output2_length = ~0;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( key_data != NULL );
-    TEST_ASSERT( input_data != NULL );
-
     PSA_ASSERT( psa_crypto_init( ) );
 
     PSA_ASSERT( psa_allocate_key( key_type,
@@ -3195,10 +3132,6 @@ void asymmetric_decrypt( int key_type_arg,
     size_t output_length = ~0;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( key_data != NULL );
-    TEST_ASSERT( input_data != NULL );
-    TEST_ASSERT( expected_data != NULL );
-
     output_size = key_data->len;
     ASSERT_ALLOC( output, output_size );
 
@@ -3266,9 +3199,6 @@ void asymmetric_decrypt_fail( int key_type_arg,
     psa_status_t expected_status = expected_status_arg;
     psa_key_policy_t policy;
 
-    TEST_ASSERT( key_data != NULL );
-    TEST_ASSERT( input_data != NULL );
-
     output_size = key_data->len;
     ASSERT_ALLOC( output, output_size );
 

From d76f181617f1ad9429ca389dd276e1166fa5d3c2 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 18 Dec 2018 00:52:27 +0100
Subject: [PATCH 881/889] Prefer ASSERT_ALLOC to calloc+TEST_ASSERT in PSA
 tests

To allocate memory dynamically in a test, call ASSERT_ALLOC which
takes care of calling calloc and of checking for NULL.
---
 tests/suites/test_suite_psa_crypto.function              | 1 -
 tests/suites/test_suite_psa_crypto_storage_file.function | 6 ++----
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index c194a074e..f8c9c7492 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -407,7 +407,6 @@ static psa_status_t key_agreement_with_self( psa_crypto_generator_t *generator,
     public_key_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR( private_key_type );
     public_key_length = PSA_KEY_EXPORT_MAX_SIZE( public_key_type, key_bits );
     ASSERT_ALLOC( public_key, public_key_length );
-    TEST_ASSERT( public_key != NULL );
     PSA_ASSERT( psa_export_public_key( handle,
                                        public_key, public_key_length,
                                        &public_key_length ) );
diff --git a/tests/suites/test_suite_psa_crypto_storage_file.function b/tests/suites/test_suite_psa_crypto_storage_file.function
index bf86ebb4d..e596be1d7 100644
--- a/tests/suites/test_suite_psa_crypto_storage_file.function
+++ b/tests/suites/test_suite_psa_crypto_storage_file.function
@@ -36,8 +36,7 @@ void load_data_from_file( int id_to_load_arg,
     }
 
     /* Read from the file with psa_crypto_storage_load. */
-    loaded_data = mbedtls_calloc( 1, capacity );
-    TEST_ASSERT( loaded_data != NULL );
+    ASSERT_ALLOC( loaded_data, capacity );
     status = psa_crypto_storage_load( id_to_load, loaded_data, file_size );
 
     /* Check we get the expected status. */
@@ -82,8 +81,7 @@ void write_data_to_file( data_t *data, int expected_status )
     TEST_EQUAL( file_size, data->len );
 
     /* Check that the file contents are what we expect */
-    loaded_data = mbedtls_calloc( 1, data->len );
-    TEST_ASSERT( loaded_data != NULL );
+    ASSERT_ALLOC( loaded_data, data->len );
 
     num_read = fread( loaded_data, 1, file_size, file );
     TEST_EQUAL( num_read, file_size );

From c08fc1d7e97bbc84d6ed7d6e2d212a9650ed0dd0 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 18 Dec 2018 08:47:00 +0100
Subject: [PATCH 882/889] Move MIN and MAX macros from PSA tests to
 helpers.function

---
 tests/suites/helpers.function                   | 17 +++++++++++++++++
 tests/suites/test_suite_psa_crypto.function     |  2 --
 .../test_suite_psa_crypto_entropy.function      |  5 -----
 .../suites/test_suite_psa_crypto_init.function  |  3 ---
 4 files changed, 17 insertions(+), 10 deletions(-)

diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function
index da843b2b3..5f9f7b099 100644
--- a/tests/suites/helpers.function
+++ b/tests/suites/helpers.function
@@ -202,6 +202,23 @@ typedef struct data_tag
     ( STATIC_ASSERT_THEN_RETURN( IS_ARRAY_NOT_POINTER( array ),         \
                                  ARRAY_LENGTH_UNSAFE( array ) ) )
 
+/** Return the smaller of two values.
+ *
+ * \param x         An integer-valued expression without side effects.
+ * \param y         An integer-valued expression without side effects.
+ *
+ * \return The smaller of \p x and \p y.
+ */
+#define MIN( x, y ) ( ( x ) < ( y ) ? ( x ) : ( y ) )
+
+/** Return the larger of two values.
+ *
+ * \param x         An integer-valued expression without side effects.
+ * \param y         An integer-valued expression without side effects.
+ *
+ * \return The larger of \p x and \p y.
+ */
+#define MAX( x, y ) ( ( x ) > ( y ) ? ( x ) : ( y ) )
 
 /*
  * 32-bit integer manipulation macros (big endian)
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index f8c9c7492..c1339c015 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -11,8 +11,6 @@
 
 #include "psa/crypto.h"
 
-#define MAX( x, y ) ( ( x ) > ( y ) ? ( x ) : ( y ) )
-
 /** An invalid export length that will never be set by psa_export_key(). */
 static const size_t INVALID_EXPORT_LENGTH = ~0U;
 
diff --git a/tests/suites/test_suite_psa_crypto_entropy.function b/tests/suites/test_suite_psa_crypto_entropy.function
index 704fad913..727db43e5 100644
--- a/tests/suites/test_suite_psa_crypto_entropy.function
+++ b/tests/suites/test_suite_psa_crypto_entropy.function
@@ -6,11 +6,6 @@
 #include "mbedtls/entropy.h"
 #include "mbedtls/entropy_poll.h"
 
-/* MAX value support macro */
-#if !defined(MAX)
-#define MAX(a,b) (((a)>(b))?(a):(b))
-#endif
-
 /* Calculating the minimum allowed entropy size in bytes */
 #define MBEDTLS_PSA_INJECT_ENTROPY_MIN_SIZE MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)
 
diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function
index e04652fda..c8f6e1b0a 100644
--- a/tests/suites/test_suite_psa_crypto_init.function
+++ b/tests/suites/test_suite_psa_crypto_init.function
@@ -12,9 +12,6 @@
 #include "mbedtls/entropy.h"
 #include "mbedtls/entropy_poll.h"
 
-#define MIN( x, y ) ( ( x ) < ( y ) ? ( x ) : ( y ) )
-#define MAX( x, y ) ( ( x ) > ( y ) ? ( x ) : ( y ) )
-
 #define ENTROPY_MIN_NV_SEED_SIZE                                        \
     MAX(MBEDTLS_ENTROPY_MIN_PLATFORM, MBEDTLS_ENTROPY_BLOCK_SIZE)
 

From 0344d8171d64e701df7a8700ec9bfabb0283a3b7 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 20 Dec 2018 20:09:04 +0100
Subject: [PATCH 883/889] Simplify the SPM compatibility hack

Define psa_status_t to int32_t unconditionally. There's no reason to
refer to psa_error_t here: psa_error_t is int32_t if it's present. We
would only need a conditional definition if psa_defs.h and
psa_crypto.h used the same type name.

Keep the conditional definition of PSA_SUCCESS. Although the C
preprocessor allows a duplicate definition for a macro, it has to be
the exact same token sequence, not merely an equivalent way to build
the same value.
---
 include/psa/crypto.h | 24 +++++++++---------------
 1 file changed, 9 insertions(+), 15 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index c58d22ae4..5be1b515f 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -57,20 +57,6 @@ extern "C" {
  * @{
  */
 
-#if defined(PSA_SUCCESS)
-/* If PSA_SUCCESS is defined, assume that PSA crypto is being used
- * together with PSA IPC, which also defines the identifier
- * PSA_SUCCESS. We must not define PSA_SUCCESS ourselves in that case;
- * the other error code names don't clash. Also define psa_status_t as
- * an alias for the type used by PSA IPC. This is a temporary hack
- * until we unify error reporting in PSA IPC and PSA crypto.
- *
- * Note that psa_defs.h must be included before this header!
- */
-typedef psa_error_t psa_status_t;
-
-#else /* defined(PSA_SUCCESS) */
-
 /**
  * \brief Function return status.
  *
@@ -80,9 +66,17 @@ typedef psa_error_t psa_status_t;
  */
 typedef int32_t psa_status_t;
 
+#if !defined(PSA_SUCCESS)
+/* If PSA_SUCCESS is defined, assume that PSA crypto is being used
+ * together with PSA IPC, which also defines the identifier
+ * PSA_SUCCESS. We must not define PSA_SUCCESS ourselves in that case;
+ * the other error code names don't clash. This is a temporary hack
+ * until we unify error reporting in PSA IPC and PSA crypto.
+ *
+ * Note that psa_defs.h must be included before this header!
+ */
 /** The action was completed successfully. */
 #define PSA_SUCCESS ((psa_status_t)0)
-
 #endif /* !defined(PSA_SUCCESS) */
 
 /** An error occurred that does not correspond to any defined

From 5e09bc7eb5293578f2a400dcfce221f6321a74de Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 21 Dec 2018 12:06:15 +0100
Subject: [PATCH 884/889] Fix maybe-uninitialized warning

GCC 4.8 warns that some variables may be used without having been
initialized. They aren't, but determining that takes nontrivial
analysis, so initialize them at the point of definition.
---
 programs/psa/key_ladder_demo.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c
index 470b1fce4..4acf6b150 100644
--- a/programs/psa/key_ladder_demo.c
+++ b/programs/psa/key_ladder_demo.c
@@ -393,7 +393,7 @@ static psa_status_t wrap_data( const char *input_file_name,
     FILE *output_file = NULL;
     long input_position;
     size_t input_size;
-    size_t buffer_size;
+    size_t buffer_size = 0;
     unsigned char *buffer = NULL;
     size_t ciphertext_size;
     wrapped_data_header_t header;
@@ -469,7 +469,7 @@ static psa_status_t unwrap_data( const char *input_file_name,
     FILE *input_file = NULL;
     FILE *output_file = NULL;
     unsigned char *buffer = NULL;
-    size_t ciphertext_size;
+    size_t ciphertext_size = 0;
     size_t plaintext_size;
     wrapped_data_header_t header;
     unsigned char extra_byte;

From f3b731e8179db0c400fad4af0507774dd68305e6 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 12 Dec 2018 13:38:31 +0100
Subject: [PATCH 885/889] Move integral types and associated macros to their
 own header

Some parts of the library, and crypto drivers, need to see key types,
algorithms, policies, etc. but not API functions. Move portable
integral types and macros to build and analyze values of these types
to a separate headers crypto_types.h and crypto_values.h.

No functional changes, code was only moved from crypto.h to the new headers.
---
 include/psa/crypto.h              | 1413 +---------------------------
 include/psa/crypto_types.h        |  101 ++
 include/psa/crypto_values.h       | 1418 +++++++++++++++++++++++++++++
 programs/Makefile                 |    2 +-
 scripts/generate_psa_constants.py |    2 +-
 visualc/VS2010/mbedTLS.vcxproj    |    2 +
 6 files changed, 1535 insertions(+), 1403 deletions(-)
 create mode 100644 include/psa/crypto_types.h
 create mode 100644 include/psa/crypto_values.h

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 5be1b515f..4669b2a53 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -53,266 +53,21 @@ typedef _unsigned_integral_type_ psa_key_handle_t;
 extern "C" {
 #endif
 
-/** \defgroup basic Basic definitions
+#define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8)
+#define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8)
+
+/* The file "crypto_types.h" declares types that encode errors,
+ * algorithms, key types, policies, etc. */
+#include "crypto_types.h"
+
+/* The file "crypto_values.h" declares macros to build and analyze values
+ * of integral types defined in "crypto_types.h". */
+#include "crypto_values.h"
+
+/** \defgroup initialization Library initialization
  * @{
  */
 
-/**
- * \brief Function return status.
- *
- * This is either #PSA_SUCCESS (which is zero), indicating success,
- * or a nonzero value indicating that an error occurred. Errors are
- * encoded as one of the \c PSA_ERROR_xxx values defined here.
- */
-typedef int32_t psa_status_t;
-
-#if !defined(PSA_SUCCESS)
-/* If PSA_SUCCESS is defined, assume that PSA crypto is being used
- * together with PSA IPC, which also defines the identifier
- * PSA_SUCCESS. We must not define PSA_SUCCESS ourselves in that case;
- * the other error code names don't clash. This is a temporary hack
- * until we unify error reporting in PSA IPC and PSA crypto.
- *
- * Note that psa_defs.h must be included before this header!
- */
-/** The action was completed successfully. */
-#define PSA_SUCCESS ((psa_status_t)0)
-#endif /* !defined(PSA_SUCCESS) */
-
-/** An error occurred that does not correspond to any defined
- * failure cause.
- *
- * Implementations may use this error code if none of the other standard
- * error codes are applicable. */
-#define PSA_ERROR_UNKNOWN_ERROR         ((psa_status_t)1)
-
-/** The requested operation or a parameter is not supported
- * by this implementation.
- *
- * Implementations should return this error code when an enumeration
- * parameter such as a key type, algorithm, etc. is not recognized.
- * If a combination of parameters is recognized and identified as
- * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */
-#define PSA_ERROR_NOT_SUPPORTED         ((psa_status_t)2)
-
-/** The requested action is denied by a policy.
- *
- * Implementations should return this error code when the parameters
- * are recognized as valid and supported, and a policy explicitly
- * denies the requested operation.
- *
- * If a subset of the parameters of a function call identify a
- * forbidden operation, and another subset of the parameters are
- * not valid or not supported, it is unspecified whether the function
- * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or
- * #PSA_ERROR_INVALID_ARGUMENT. */
-#define PSA_ERROR_NOT_PERMITTED         ((psa_status_t)3)
-
-/** An output buffer is too small.
- *
- * Applications can call the \c PSA_xxx_SIZE macro listed in the function
- * description to determine a sufficient buffer size.
- *
- * Implementations should preferably return this error code only
- * in cases when performing the operation with a larger output
- * buffer would succeed. However implementations may return this
- * error if a function has invalid or unsupported parameters in addition
- * to the parameters that determine the necessary output buffer size. */
-#define PSA_ERROR_BUFFER_TOO_SMALL      ((psa_status_t)4)
-
-/** A slot is occupied, but must be empty to carry out the
- * requested action.
- *
- * If a handle is invalid, it does not designate an occupied slot.
- * The error for an invalid handle is #PSA_ERROR_INVALID_HANDLE.
- */
-#define PSA_ERROR_OCCUPIED_SLOT         ((psa_status_t)5)
-
-/** A slot is empty, but must be occupied to carry out the
- * requested action.
- *
- * If a handle is invalid, it does not designate an empty slot.
- * The error for an invalid handle is #PSA_ERROR_INVALID_HANDLE.
- */
-#define PSA_ERROR_EMPTY_SLOT            ((psa_status_t)6)
-
-/** The requested action cannot be performed in the current state.
- *
- * Multipart operations return this error when one of the
- * functions is called out of sequence. Refer to the function
- * descriptions for permitted sequencing of functions.
- *
- * Implementations shall not return this error code to indicate
- * that a key slot is occupied when it needs to be free or vice versa,
- * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT
- * as applicable. */
-#define PSA_ERROR_BAD_STATE             ((psa_status_t)7)
-
-/** The parameters passed to the function are invalid.
- *
- * Implementations may return this error any time a parameter or
- * combination of parameters are recognized as invalid.
- *
- * Implementations shall not return this error code to indicate
- * that a key slot is occupied when it needs to be free or vice versa,
- * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT
- * as applicable.
- *
- * Implementation shall not return this error code to indicate that a
- * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE
- * instead.
- */
-#define PSA_ERROR_INVALID_ARGUMENT      ((psa_status_t)8)
-
-/** There is not enough runtime memory.
- *
- * If the action is carried out across multiple security realms, this
- * error can refer to available memory in any of the security realms. */
-#define PSA_ERROR_INSUFFICIENT_MEMORY   ((psa_status_t)9)
-
-/** There is not enough persistent storage.
- *
- * Functions that modify the key storage return this error code if
- * there is insufficient storage space on the host media. In addition,
- * many functions that do not otherwise access storage may return this
- * error code if the implementation requires a mandatory log entry for
- * the requested action and the log storage space is full. */
-#define PSA_ERROR_INSUFFICIENT_STORAGE  ((psa_status_t)10)
-
-/** There was a communication failure inside the implementation.
- *
- * This can indicate a communication failure between the application
- * and an external cryptoprocessor or between the cryptoprocessor and
- * an external volatile or persistent memory. A communication failure
- * may be transient or permanent depending on the cause.
- *
- * \warning If a function returns this error, it is undetermined
- * whether the requested action has completed or not. Implementations
- * should return #PSA_SUCCESS on successful completion whenver
- * possible, however functions may return #PSA_ERROR_COMMUNICATION_FAILURE
- * if the requested action was completed successfully in an external
- * cryptoprocessor but there was a breakdown of communication before
- * the cryptoprocessor could report the status to the application.
- */
-#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)11)
-
-/** There was a storage failure that may have led to data loss.
- *
- * This error indicates that some persistent storage is corrupted.
- * It should not be used for a corruption of volatile memory
- * (use #PSA_ERROR_TAMPERING_DETECTED), for a communication error
- * between the cryptoprocessor and its external storage (use
- * #PSA_ERROR_COMMUNICATION_FAILURE), or when the storage is
- * in a valid state but is full (use #PSA_ERROR_INSUFFICIENT_STORAGE).
- *
- * Note that a storage failure does not indicate that any data that was
- * previously read is invalid. However this previously read data may no
- * longer be readable from storage.
- *
- * When a storage failure occurs, it is no longer possible to ensure
- * the global integrity of the keystore. Depending on the global
- * integrity guarantees offered by the implementation, access to other
- * data may or may not fail even if the data is still readable but
- * its integrity canont be guaranteed.
- *
- * Implementations should only use this error code to report a
- * permanent storage corruption. However application writers should
- * keep in mind that transient errors while reading the storage may be
- * reported using this error code. */
-#define PSA_ERROR_STORAGE_FAILURE       ((psa_status_t)12)
-
-/** A hardware failure was detected.
- *
- * A hardware failure may be transient or permanent depending on the
- * cause. */
-#define PSA_ERROR_HARDWARE_FAILURE      ((psa_status_t)13)
-
-/** A tampering attempt was detected.
- *
- * If an application receives this error code, there is no guarantee
- * that previously accessed or computed data was correct and remains
- * confidential. Applications should not perform any security function
- * and should enter a safe failure state.
- *
- * Implementations may return this error code if they detect an invalid
- * state that cannot happen during normal operation and that indicates
- * that the implementation's security guarantees no longer hold. Depending
- * on the implementation architecture and on its security and safety goals,
- * the implementation may forcibly terminate the application.
- *
- * This error code is intended as a last resort when a security breach
- * is detected and it is unsure whether the keystore data is still
- * protected. Implementations shall only return this error code
- * to report an alarm from a tampering detector, to indicate that
- * the confidentiality of stored data can no longer be guaranteed,
- * or to indicate that the integrity of previously returned data is now
- * considered compromised. Implementations shall not use this error code
- * to indicate a hardware failure that merely makes it impossible to
- * perform the requested operation (use #PSA_ERROR_COMMUNICATION_FAILURE,
- * #PSA_ERROR_STORAGE_FAILURE, #PSA_ERROR_HARDWARE_FAILURE,
- * #PSA_ERROR_INSUFFICIENT_ENTROPY or other applicable error code
- * instead).
- *
- * This error indicates an attack against the application. Implementations
- * shall not return this error code as a consequence of the behavior of
- * the application itself. */
-#define PSA_ERROR_TAMPERING_DETECTED    ((psa_status_t)14)
-
-/** There is not enough entropy to generate random data needed
- * for the requested action.
- *
- * This error indicates a failure of a hardware random generator.
- * Application writers should note that this error can be returned not
- * only by functions whose purpose is to generate random data, such
- * as key, IV or nonce generation, but also by functions that execute
- * an algorithm with a randomized result, as well as functions that
- * use randomization of intermediate computations as a countermeasure
- * to certain attacks.
- *
- * Implementations should avoid returning this error after psa_crypto_init()
- * has succeeded. Implementations should generate sufficient
- * entropy during initialization and subsequently use a cryptographically
- * secure pseudorandom generator (PRNG). However implementations may return
- * this error at any time if a policy requires the PRNG to be reseeded
- * during normal operation. */
-#define PSA_ERROR_INSUFFICIENT_ENTROPY  ((psa_status_t)15)
-
-/** The signature, MAC or hash is incorrect.
- *
- * Verification functions return this error if the verification
- * calculations completed successfully, and the value to be verified
- * was determined to be incorrect.
- *
- * If the value to verify has an invalid size, implementations may return
- * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */
-#define PSA_ERROR_INVALID_SIGNATURE     ((psa_status_t)16)
-
-/** The decrypted padding is incorrect.
- *
- * \warning In some protocols, when decrypting data, it is essential that
- * the behavior of the application does not depend on whether the padding
- * is correct, down to precise timing. Applications should prefer
- * protocols that use authenticated encryption rather than plain
- * encryption. If the application must perform a decryption of
- * unauthenticated data, the application writer should take care not
- * to reveal whether the padding is invalid.
- *
- * Implementations should strive to make valid and invalid padding
- * as close as possible to indistinguishable to an external observer.
- * In particular, the timing of a decryption operation should not
- * depend on the validity of the padding. */
-#define PSA_ERROR_INVALID_PADDING       ((psa_status_t)17)
-
-/** The generator has insufficient capacity left.
- *
- * Once a function returns this error, attempts to read from the
- * generator will always return this error. */
-#define PSA_ERROR_INSUFFICIENT_CAPACITY ((psa_status_t)18)
-
-/** The key handle is not valid.
- */
-#define PSA_ERROR_INVALID_HANDLE        ((psa_status_t)19)
-
 /**
  * \brief Library initialization.
  *
@@ -339,1094 +94,12 @@ typedef int32_t psa_status_t;
  */
 psa_status_t psa_crypto_init(void);
 
-#define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8)
-#define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8)
-
-/**@}*/
-
-/** \defgroup crypto_types Key and algorithm types
- * @{
- */
-
-/** \brief Encoding of a key type.
- */
-typedef uint32_t psa_key_type_t;
-
-/** An invalid key type value.
- *
- * Zero is not the encoding of any key type.
- */
-#define PSA_KEY_TYPE_NONE                       ((psa_key_type_t)0x00000000)
-
-/** Vendor-defined flag
- *
- * Key types defined by this standard will never have the
- * #PSA_KEY_TYPE_VENDOR_FLAG bit set. Vendors who define additional key types
- * must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should
- * respect the bitwise structure used by standard encodings whenever practical.
- */
-#define PSA_KEY_TYPE_VENDOR_FLAG                ((psa_key_type_t)0x80000000)
-
-#define PSA_KEY_TYPE_CATEGORY_MASK              ((psa_key_type_t)0x70000000)
-#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC         ((psa_key_type_t)0x40000000)
-#define PSA_KEY_TYPE_CATEGORY_RAW               ((psa_key_type_t)0x50000000)
-#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY        ((psa_key_type_t)0x60000000)
-#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR          ((psa_key_type_t)0x70000000)
-
-#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR         ((psa_key_type_t)0x10000000)
-
-/** Whether a key type is vendor-defined. */
-#define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
-    (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
-
-/** Whether a key type is an unstructured array of bytes.
- *
- * This encompasses both symmetric keys and non-key data.
- */
-#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \
-    (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \
-     PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
-
-/** Whether a key type is asymmetric: either a key pair or a public key. */
-#define PSA_KEY_TYPE_IS_ASYMMETRIC(type)                                \
-    (((type) & PSA_KEY_TYPE_CATEGORY_MASK                               \
-      & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) ==                            \
-     PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
-/** Whether a key type is the public part of a key pair. */
-#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type)                                \
-    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
-/** Whether a key type is a key pair containing a private part and a public
- * part. */
-#define PSA_KEY_TYPE_IS_KEYPAIR(type)                                   \
-    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR)
-/** The key pair type corresponding to a public key type.
- *
- * You may also pass a key pair type as \p type, it will be left unchanged.
- *
- * \param type      A public key type or key pair type.
- *
- * \return          The corresponding key pair type.
- *                  If \p type is not a public key or a key pair,
- *                  the return value is undefined.
- */
-#define PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY(type)        \
-    ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
-/** The public key type corresponding to a key pair type.
- *
- * You may also pass a key pair type as \p type, it will be left unchanged.
- *
- * \param type      A public key type or key pair type.
- *
- * \return          The corresponding public key type.
- *                  If \p type is not a public key or a key pair,
- *                  the return value is undefined.
- */
-#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type)        \
-    ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
-
-/** Raw data.
- *
- * A "key" of this type cannot be used for any cryptographic operation.
- * Applications may use this type to store arbitrary data in the keystore. */
-#define PSA_KEY_TYPE_RAW_DATA                   ((psa_key_type_t)0x50000001)
-
-/** HMAC key.
- *
- * The key policy determines which underlying hash algorithm the key can be
- * used for.
- *
- * HMAC keys should generally have the same size as the underlying hash.
- * This size can be calculated with #PSA_HASH_SIZE(\c alg) where
- * \c alg is the HMAC algorithm or the underlying hash algorithm. */
-#define PSA_KEY_TYPE_HMAC                       ((psa_key_type_t)0x51000000)
-
-/** A secret for key derivation.
- *
- * The key policy determines which key derivation algorithm the key
- * can be used for.
- */
-#define PSA_KEY_TYPE_DERIVE                     ((psa_key_type_t)0x52000000)
-
-/** Key for an cipher, AEAD or MAC algorithm based on the AES block cipher.
- *
- * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or
- * 32 bytes (AES-256).
- */
-#define PSA_KEY_TYPE_AES                        ((psa_key_type_t)0x40000001)
-
-/** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES).
- *
- * The size of the key can be 8 bytes (single DES), 16 bytes (2-key 3DES) or
- * 24 bytes (3-key 3DES).
- *
- * Note that single DES and 2-key 3DES are weak and strongly
- * deprecated and should only be used to decrypt legacy data. 3-key 3DES
- * is weak and deprecated and should only be used in legacy protocols.
- */
-#define PSA_KEY_TYPE_DES                        ((psa_key_type_t)0x40000002)
-
-/** Key for an cipher, AEAD or MAC algorithm based on the
- * Camellia block cipher. */
-#define PSA_KEY_TYPE_CAMELLIA                   ((psa_key_type_t)0x40000003)
-
-/** Key for the RC4 stream cipher.
- *
- * Note that RC4 is weak and deprecated and should only be used in
- * legacy protocols. */
-#define PSA_KEY_TYPE_ARC4                       ((psa_key_type_t)0x40000004)
-
-/** RSA public key. */
-#define PSA_KEY_TYPE_RSA_PUBLIC_KEY             ((psa_key_type_t)0x60010000)
-/** RSA key pair (private and public key). */
-#define PSA_KEY_TYPE_RSA_KEYPAIR                ((psa_key_type_t)0x70010000)
-/** Whether a key type is an RSA key (pair or public-only). */
-#define PSA_KEY_TYPE_IS_RSA(type)                                       \
-    (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
-
-/** DSA public key. */
-#define PSA_KEY_TYPE_DSA_PUBLIC_KEY             ((psa_key_type_t)0x60020000)
-/** DSA key pair (private and public key). */
-#define PSA_KEY_TYPE_DSA_KEYPAIR                ((psa_key_type_t)0x70020000)
-/** Whether a key type is an DSA key (pair or public-only). */
-#define PSA_KEY_TYPE_IS_DSA(type)                                       \
-    (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
-
-#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE        ((psa_key_type_t)0x60030000)
-#define PSA_KEY_TYPE_ECC_KEYPAIR_BASE           ((psa_key_type_t)0x70030000)
-#define PSA_KEY_TYPE_ECC_CURVE_MASK             ((psa_key_type_t)0x0000ffff)
-/** Elliptic curve key pair. */
-#define PSA_KEY_TYPE_ECC_KEYPAIR(curve)         \
-    (PSA_KEY_TYPE_ECC_KEYPAIR_BASE | (curve))
-/** Elliptic curve public key. */
-#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve)              \
-    (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
-
-/** Whether a key type is an elliptic curve key (pair or public-only). */
-#define PSA_KEY_TYPE_IS_ECC(type)                                       \
-    ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) &                        \
-      ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
-#define PSA_KEY_TYPE_IS_ECC_KEYPAIR(type)                               \
-    (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) ==                         \
-     PSA_KEY_TYPE_ECC_KEYPAIR_BASE)
-#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type)                            \
-    (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) ==                         \
-     PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
-
-/** The type of PSA elliptic curve identifiers. */
-typedef uint16_t psa_ecc_curve_t;
-/** Extract the curve from an elliptic curve key type. */
-#define PSA_KEY_TYPE_GET_CURVE(type)                             \
-    ((psa_ecc_curve_t) (PSA_KEY_TYPE_IS_ECC(type) ?              \
-                        ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
-                        0))
-
-/* The encoding of curve identifiers is currently aligned with the
- * TLS Supported Groups Registry (formerly known as the
- * TLS EC Named Curve Registry)
- * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
- * The values are defined by RFC 8422 and RFC 7027. */
-#define PSA_ECC_CURVE_SECT163K1         ((psa_ecc_curve_t) 0x0001)
-#define PSA_ECC_CURVE_SECT163R1         ((psa_ecc_curve_t) 0x0002)
-#define PSA_ECC_CURVE_SECT163R2         ((psa_ecc_curve_t) 0x0003)
-#define PSA_ECC_CURVE_SECT193R1         ((psa_ecc_curve_t) 0x0004)
-#define PSA_ECC_CURVE_SECT193R2         ((psa_ecc_curve_t) 0x0005)
-#define PSA_ECC_CURVE_SECT233K1         ((psa_ecc_curve_t) 0x0006)
-#define PSA_ECC_CURVE_SECT233R1         ((psa_ecc_curve_t) 0x0007)
-#define PSA_ECC_CURVE_SECT239K1         ((psa_ecc_curve_t) 0x0008)
-#define PSA_ECC_CURVE_SECT283K1         ((psa_ecc_curve_t) 0x0009)
-#define PSA_ECC_CURVE_SECT283R1         ((psa_ecc_curve_t) 0x000a)
-#define PSA_ECC_CURVE_SECT409K1         ((psa_ecc_curve_t) 0x000b)
-#define PSA_ECC_CURVE_SECT409R1         ((psa_ecc_curve_t) 0x000c)
-#define PSA_ECC_CURVE_SECT571K1         ((psa_ecc_curve_t) 0x000d)
-#define PSA_ECC_CURVE_SECT571R1         ((psa_ecc_curve_t) 0x000e)
-#define PSA_ECC_CURVE_SECP160K1         ((psa_ecc_curve_t) 0x000f)
-#define PSA_ECC_CURVE_SECP160R1         ((psa_ecc_curve_t) 0x0010)
-#define PSA_ECC_CURVE_SECP160R2         ((psa_ecc_curve_t) 0x0011)
-#define PSA_ECC_CURVE_SECP192K1         ((psa_ecc_curve_t) 0x0012)
-#define PSA_ECC_CURVE_SECP192R1         ((psa_ecc_curve_t) 0x0013)
-#define PSA_ECC_CURVE_SECP224K1         ((psa_ecc_curve_t) 0x0014)
-#define PSA_ECC_CURVE_SECP224R1         ((psa_ecc_curve_t) 0x0015)
-#define PSA_ECC_CURVE_SECP256K1         ((psa_ecc_curve_t) 0x0016)
-#define PSA_ECC_CURVE_SECP256R1         ((psa_ecc_curve_t) 0x0017)
-#define PSA_ECC_CURVE_SECP384R1         ((psa_ecc_curve_t) 0x0018)
-#define PSA_ECC_CURVE_SECP521R1         ((psa_ecc_curve_t) 0x0019)
-#define PSA_ECC_CURVE_BRAINPOOL_P256R1  ((psa_ecc_curve_t) 0x001a)
-#define PSA_ECC_CURVE_BRAINPOOL_P384R1  ((psa_ecc_curve_t) 0x001b)
-#define PSA_ECC_CURVE_BRAINPOOL_P512R1  ((psa_ecc_curve_t) 0x001c)
-#define PSA_ECC_CURVE_CURVE25519        ((psa_ecc_curve_t) 0x001d)
-#define PSA_ECC_CURVE_CURVE448          ((psa_ecc_curve_t) 0x001e)
-
-/** The block size of a block cipher.
- *
- * \param type  A cipher key type (value of type #psa_key_type_t).
- *
- * \return      The block size for a block cipher, or 1 for a stream cipher.
- *              The return value is undefined if \p type is not a supported
- *              cipher key type.
- *
- * \note It is possible to build stream cipher algorithms on top of a block
- *       cipher, for example CTR mode (#PSA_ALG_CTR).
- *       This macro only takes the key type into account, so it cannot be
- *       used to determine the size of the data that #psa_cipher_update()
- *       might buffer for future processing in general.
- *
- * \note This macro returns a compile-time constant if its argument is one.
- *
- * \warning This macro may evaluate its argument multiple times.
- */
-#define PSA_BLOCK_CIPHER_BLOCK_SIZE(type)            \
-    (                                                \
-        (type) == PSA_KEY_TYPE_AES ? 16 :            \
-        (type) == PSA_KEY_TYPE_DES ? 8 :             \
-        (type) == PSA_KEY_TYPE_CAMELLIA ? 16 :       \
-        (type) == PSA_KEY_TYPE_ARC4 ? 1 :            \
-        0)
-
-/** \brief Encoding of a cryptographic algorithm.
- *
- * For algorithms that can be applied to multiple key types, this type
- * does not encode the key type. For example, for symmetric ciphers
- * based on a block cipher, #psa_algorithm_t encodes the block cipher
- * mode and the padding mode while the block cipher itself is encoded
- * via #psa_key_type_t.
- */
-typedef uint32_t psa_algorithm_t;
-
-#define PSA_ALG_VENDOR_FLAG                     ((psa_algorithm_t)0x80000000)
-#define PSA_ALG_CATEGORY_MASK                   ((psa_algorithm_t)0x7f000000)
-#define PSA_ALG_CATEGORY_HASH                   ((psa_algorithm_t)0x01000000)
-#define PSA_ALG_CATEGORY_MAC                    ((psa_algorithm_t)0x02000000)
-#define PSA_ALG_CATEGORY_CIPHER                 ((psa_algorithm_t)0x04000000)
-#define PSA_ALG_CATEGORY_AEAD                   ((psa_algorithm_t)0x06000000)
-#define PSA_ALG_CATEGORY_SIGN                   ((psa_algorithm_t)0x10000000)
-#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION  ((psa_algorithm_t)0x12000000)
-#define PSA_ALG_CATEGORY_KEY_AGREEMENT          ((psa_algorithm_t)0x22000000)
-#define PSA_ALG_CATEGORY_KEY_DERIVATION         ((psa_algorithm_t)0x30000000)
-#define PSA_ALG_CATEGORY_KEY_SELECTION          ((psa_algorithm_t)0x31000000)
-
-#define PSA_ALG_IS_VENDOR_DEFINED(alg)                                  \
-    (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
-
-/** Whether the specified algorithm is a hash algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is a hash algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_HASH(alg)                                            \
-    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
-
-/** Whether the specified algorithm is a MAC algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is a MAC algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_MAC(alg)                                             \
-    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC)
-
-/** Whether the specified algorithm is a symmetric cipher algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is a symmetric cipher algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_CIPHER(alg)                                          \
-    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER)
-
-/** Whether the specified algorithm is an authenticated encryption
- * with associated data (AEAD) algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is an AEAD algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_AEAD(alg)                                            \
-    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD)
-
-/** Whether the specified algorithm is a public-key signature algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is a public-key signature algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_SIGN(alg)                                            \
-    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN)
-
-/** Whether the specified algorithm is a public-key encryption algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is a public-key encryption algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)                           \
-    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION)
-
-#define PSA_ALG_KEY_SELECTION_FLAG              ((psa_algorithm_t)0x01000000)
-/** Whether the specified algorithm is a key agreement algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is a key agreement algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_KEY_AGREEMENT(alg)                                   \
-    (((alg) & PSA_ALG_CATEGORY_MASK & ~PSA_ALG_KEY_SELECTION_FLAG) ==   \
-     PSA_ALG_CATEGORY_KEY_AGREEMENT)
-
-/** Whether the specified algorithm is a key derivation algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is a key derivation algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_KEY_DERIVATION(alg)                                  \
-    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION)
-
-/** Whether the specified algorithm is a key selection algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is a key selection algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_KEY_SELECTION(alg)                                   \
-    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_SELECTION)
-
-#define PSA_ALG_HASH_MASK                       ((psa_algorithm_t)0x000000ff)
-#define PSA_ALG_MD2                             ((psa_algorithm_t)0x01000001)
-#define PSA_ALG_MD4                             ((psa_algorithm_t)0x01000002)
-#define PSA_ALG_MD5                             ((psa_algorithm_t)0x01000003)
-#define PSA_ALG_RIPEMD160                       ((psa_algorithm_t)0x01000004)
-#define PSA_ALG_SHA_1                           ((psa_algorithm_t)0x01000005)
-/** SHA2-224 */
-#define PSA_ALG_SHA_224                         ((psa_algorithm_t)0x01000008)
-/** SHA2-256 */
-#define PSA_ALG_SHA_256                         ((psa_algorithm_t)0x01000009)
-/** SHA2-384 */
-#define PSA_ALG_SHA_384                         ((psa_algorithm_t)0x0100000a)
-/** SHA2-512 */
-#define PSA_ALG_SHA_512                         ((psa_algorithm_t)0x0100000b)
-/** SHA2-512/224 */
-#define PSA_ALG_SHA_512_224                     ((psa_algorithm_t)0x0100000c)
-/** SHA2-512/256 */
-#define PSA_ALG_SHA_512_256                     ((psa_algorithm_t)0x0100000d)
-/** SHA3-224 */
-#define PSA_ALG_SHA3_224                        ((psa_algorithm_t)0x01000010)
-/** SHA3-256 */
-#define PSA_ALG_SHA3_256                        ((psa_algorithm_t)0x01000011)
-/** SHA3-384 */
-#define PSA_ALG_SHA3_384                        ((psa_algorithm_t)0x01000012)
-/** SHA3-512 */
-#define PSA_ALG_SHA3_512                        ((psa_algorithm_t)0x01000013)
-
-#define PSA_ALG_MAC_SUBCATEGORY_MASK            ((psa_algorithm_t)0x00c00000)
-#define PSA_ALG_HMAC_BASE                       ((psa_algorithm_t)0x02800000)
-/** Macro to build an HMAC algorithm.
- *
- * For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256.
- *
- * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
- *
- * \return              The corresponding HMAC algorithm.
- * \return              Unspecified if \p alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_HMAC(hash_alg)                                  \
-    (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-
-#define PSA_ALG_HMAC_GET_HASH(hmac_alg)                             \
-    (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
-
-/** Whether the specified algorithm is an HMAC algorithm.
- *
- * HMAC is a family of MAC algorithms that are based on a hash function.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is an HMAC algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_HMAC(alg)                                            \
-    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
-     PSA_ALG_HMAC_BASE)
-
-/* In the encoding of a MAC algorithm, the bits corresponding to
- * PSA_ALG_MAC_TRUNCATION_MASK encode the length to which the MAC is
- * truncated. As an exception, the value 0 means the untruncated algorithm,
- * whatever its length is. The length is encoded in 6 bits, so it can
- * reach up to 63; the largest MAC is 64 bytes so its trivial truncation
- * to full length is correctly encoded as 0 and any non-trivial truncation
- * is correctly encoded as a value between 1 and 63. */
-#define PSA_ALG_MAC_TRUNCATION_MASK             ((psa_algorithm_t)0x00003f00)
-#define PSA_MAC_TRUNCATION_OFFSET 8
-
-/** Macro to build a truncated MAC algorithm.
- *
- * A truncated MAC algorithm is identical to the corresponding MAC
- * algorithm except that the MAC value for the truncated algorithm
- * consists of only the first \p mac_length bytes of the MAC value
- * for the untruncated algorithm.
- *
- * \note    This macro may allow constructing algorithm identifiers that
- *          are not valid, either because the specified length is larger
- *          than the untruncated MAC or because the specified length is
- *          smaller than permitted by the implementation.
- *
- * \note    It is implementation-defined whether a truncated MAC that
- *          is truncated to the same length as the MAC of the untruncated
- *          algorithm is considered identical to the untruncated algorithm
- *          for policy comparison purposes.
- *
- * \param alg           A MAC algorithm identifier (value of type
- *                      #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
- *                      is true). This may be a truncated or untruncated
- *                      MAC algorithm.
- * \param mac_length    Desired length of the truncated MAC in bytes.
- *                      This must be at most the full length of the MAC
- *                      and must be at least an implementation-specified
- *                      minimum. The implementation-specified minimum
- *                      shall not be zero.
- *
- * \return              The corresponding MAC algorithm with the specified
- *                      length.
- * \return              Unspecified if \p alg is not a supported
- *                      MAC algorithm or if \p mac_length is too small or
- *                      too large for the specified MAC algorithm.
- */
-#define PSA_ALG_TRUNCATED_MAC(alg, mac_length)                          \
-    (((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) |                           \
-     ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK))
-
-/** Macro to build the base MAC algorithm corresponding to a truncated
- * MAC algorithm.
- *
- * \param alg           A MAC algorithm identifier (value of type
- *                      #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
- *                      is true). This may be a truncated or untruncated
- *                      MAC algorithm.
- *
- * \return              The corresponding base MAC algorithm.
- * \return              Unspecified if \p alg is not a supported
- *                      MAC algorithm.
- */
-#define PSA_ALG_FULL_LENGTH_MAC(alg)            \
-    ((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK)
-
-/** Length to which a MAC algorithm is truncated.
- *
- * \param alg           A MAC algorithm identifier (value of type
- *                      #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
- *                      is true).
- *
- * \return              Length of the truncated MAC in bytes.
- * \return              0 if \p alg is a non-truncated MAC algorithm.
- * \return              Unspecified if \p alg is not a supported
- *                      MAC algorithm.
- */
-#define PSA_MAC_TRUNCATED_LENGTH(alg)           \
-    (((alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)
-
-#define PSA_ALG_CIPHER_MAC_BASE                 ((psa_algorithm_t)0x02c00000)
-#define PSA_ALG_CBC_MAC                         ((psa_algorithm_t)0x02c00001)
-#define PSA_ALG_CMAC                            ((psa_algorithm_t)0x02c00002)
-#define PSA_ALG_GMAC                            ((psa_algorithm_t)0x02c00003)
-
-/** Whether the specified algorithm is a MAC algorithm based on a block cipher.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is a MAC algorithm based on a block cipher, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier.
- */
-#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg)                                \
-    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
-     PSA_ALG_CIPHER_MAC_BASE)
-
-#define PSA_ALG_CIPHER_STREAM_FLAG              ((psa_algorithm_t)0x00800000)
-#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG          ((psa_algorithm_t)0x00400000)
-
-/** Whether the specified algorithm is a stream cipher.
- *
- * A stream cipher is a symmetric cipher that encrypts or decrypts messages
- * by applying a bitwise-xor with a stream of bytes that is generated
- * from a key.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \p alg is a stream cipher algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \p alg is not a supported
- *         algorithm identifier or if it is not a symmetric cipher algorithm.
- */
-#define PSA_ALG_IS_STREAM_CIPHER(alg)            \
-    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \
-        (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
-
-/** The ARC4 stream cipher algorithm.
- */
-#define PSA_ALG_ARC4                            ((psa_algorithm_t)0x04800001)
-
-/** The CTR stream cipher mode.
- *
- * CTR is a stream cipher which is built from a block cipher.
- * The underlying block cipher is determined by the key type.
- * For example, to use AES-128-CTR, use this algorithm with
- * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes).
- */
-#define PSA_ALG_CTR                             ((psa_algorithm_t)0x04c00001)
-
-#define PSA_ALG_CFB                             ((psa_algorithm_t)0x04c00002)
-
-#define PSA_ALG_OFB                             ((psa_algorithm_t)0x04c00003)
-
-/** The XTS cipher mode.
- *
- * XTS is a cipher mode which is built from a block cipher. It requires at
- * least one full block of input, but beyond this minimum the input
- * does not need to be a whole number of blocks.
- */
-#define PSA_ALG_XTS                             ((psa_algorithm_t)0x044000ff)
-
-/** The CBC block cipher chaining mode, with no padding.
- *
- * The underlying block cipher is determined by the key type.
- *
- * This symmetric cipher mode can only be used with messages whose lengths
- * are whole number of blocks for the chosen block cipher.
- */
-#define PSA_ALG_CBC_NO_PADDING                  ((psa_algorithm_t)0x04600100)
-
-/** The CBC block cipher chaining mode with PKCS#7 padding.
- *
- * The underlying block cipher is determined by the key type.
- *
- * This is the padding method defined by PKCS#7 (RFC 2315) &sect;10.3.
- */
-#define PSA_ALG_CBC_PKCS7                       ((psa_algorithm_t)0x04600101)
-
-#define PSA_ALG_CCM                             ((psa_algorithm_t)0x06001001)
-#define PSA_ALG_GCM                             ((psa_algorithm_t)0x06001002)
-
-/* In the encoding of a AEAD algorithm, the bits corresponding to
- * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag.
- * The constants for default lengths follow this encoding.
- */
-#define PSA_ALG_AEAD_TAG_LENGTH_MASK            ((psa_algorithm_t)0x00003f00)
-#define PSA_AEAD_TAG_LENGTH_OFFSET 8
-
-/** Macro to build a shortened AEAD algorithm.
- *
- * A shortened AEAD algorithm is similar to the corresponding AEAD
- * algorithm, but has an authentication tag that consists of fewer bytes.
- * Depending on the algorithm, the tag length may affect the calculation
- * of the ciphertext.
- *
- * \param alg           A AEAD algorithm identifier (value of type
- *                      #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p alg)
- *                      is true).
- * \param tag_length    Desired length of the authentication tag in bytes.
- *
- * \return              The corresponding AEAD algorithm with the specified
- *                      length.
- * \return              Unspecified if \p alg is not a supported
- *                      AEAD algorithm or if \p tag_length is not valid
- *                      for the specified AEAD algorithm.
- */
-#define PSA_ALG_AEAD_WITH_TAG_LENGTH(alg, tag_length)                   \
-    (((alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) |                          \
-     ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET &                      \
-      PSA_ALG_AEAD_TAG_LENGTH_MASK))
-
-/** Calculate the corresponding AEAD algorithm with the default tag length.
- *
- * \param alg   An AEAD algorithm (\c PSA_ALG_XXX value such that
- *              #PSA_ALG_IS_AEAD(\p alg) is true).
- *
- * \return      The corresponding AEAD algorithm with the default tag length
- *              for that algorithm.
- */
-#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg)                       \
-    (                                                                   \
-        PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, PSA_ALG_CCM)   \
-        PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, PSA_ALG_GCM)   \
-        0)
-#define PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, ref) \
-    PSA_ALG_AEAD_WITH_TAG_LENGTH(alg, 0) == \
-    PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ?  \
-    ref :
-
-#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE          ((psa_algorithm_t)0x10020000)
-/** RSA PKCS#1 v1.5 signature with hashing.
- *
- * This is the signature scheme defined by RFC 8017
- * (PKCS#1: RSA Cryptography Specifications) under the name
- * RSASSA-PKCS1-v1_5.
- *
- * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
- *
- * \return              The corresponding RSA PKCS#1 v1.5 signature algorithm.
- * \return              Unspecified if \p alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg)                             \
-    (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-/** Raw PKCS#1 v1.5 signature.
- *
- * The input to this algorithm is the DigestInfo structure used by
- * RFC 8017 (PKCS#1: RSA Cryptography Specifications), &sect;9.2
- * steps 3&ndash;6.
- */
-#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE
-#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)                               \
-    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
-
-#define PSA_ALG_RSA_PSS_BASE               ((psa_algorithm_t)0x10030000)
-/** RSA PSS signature with hashing.
- *
- * This is the signature scheme defined by RFC 8017
- * (PKCS#1: RSA Cryptography Specifications) under the name
- * RSASSA-PSS, with the message generation function MGF1, and with
- * a salt length equal to the length of the hash. The specified
- * hash algorithm is used to hash the input message, to create the
- * salted hash, and for the mask generation.
- *
- * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
- *
- * \return              The corresponding RSA PSS signature algorithm.
- * \return              Unspecified if \p alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_RSA_PSS(hash_alg)                               \
-    (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_IS_RSA_PSS(alg)                                 \
-    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE)
-
-#define PSA_ALG_DSA_BASE                        ((psa_algorithm_t)0x10040000)
-/** DSA signature with hashing.
- *
- * This is the signature scheme defined by FIPS 186-4,
- * with a random per-message secret number (*k*).
- *
- * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
- *
- * \return              The corresponding DSA signature algorithm.
- * \return              Unspecified if \p alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_DSA(hash_alg)                             \
-    (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_DETERMINISTIC_DSA_BASE          ((psa_algorithm_t)0x10050000)
-#define PSA_ALG_DSA_DETERMINISTIC_FLAG          ((psa_algorithm_t)0x00010000)
-#define PSA_ALG_DETERMINISTIC_DSA(hash_alg)                             \
-    (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_IS_DSA(alg)                                             \
-    (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) ==  \
-     PSA_ALG_DSA_BASE)
-#define PSA_ALG_DSA_IS_DETERMINISTIC(alg)               \
-    (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
-#define PSA_ALG_IS_DETERMINISTIC_DSA(alg)                       \
-    (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg))
-#define PSA_ALG_IS_RANDOMIZED_DSA(alg)                          \
-    (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg))
-
-#define PSA_ALG_ECDSA_BASE                      ((psa_algorithm_t)0x10060000)
-/** ECDSA signature with hashing.
- *
- * This is the ECDSA signature scheme defined by ANSI X9.62,
- * with a random per-message secret number (*k*).
- *
- * The representation of the signature as a byte string consists of
- * the concatentation of the signature values *r* and *s*. Each of
- * *r* and *s* is encoded as an *N*-octet string, where *N* is the length
- * of the base point of the curve in octets. Each value is represented
- * in big-endian order (most significant octet first).
- *
- * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
- *
- * \return              The corresponding ECDSA signature algorithm.
- * \return              Unspecified if \p alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_ECDSA(hash_alg)                                 \
-    (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-/** ECDSA signature without hashing.
- *
- * This is the same signature scheme as #PSA_ALG_ECDSA(), but
- * without specifying a hash algorithm. This algorithm may only be
- * used to sign or verify a sequence of bytes that should be an
- * already-calculated hash. Note that the input is padded with
- * zeros on the left or truncated on the left as required to fit
- * the curve size.
- */
-#define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
-#define PSA_ALG_DETERMINISTIC_ECDSA_BASE        ((psa_algorithm_t)0x10070000)
-/** Deterministic ECDSA signature with hashing.
- *
- * This is the deterministic ECDSA signature scheme defined by RFC 6979.
- *
- * The representation of a signature is the same as with #PSA_ALG_ECDSA().
- *
- * Note that when this algorithm is used for verification, signatures
- * made with randomized ECDSA (#PSA_ALG_ECDSA(\p hash_alg)) with the
- * same private key are accepted. In other words,
- * #PSA_ALG_DETERMINISTIC_ECDSA(\p hash_alg) differs from
- * #PSA_ALG_ECDSA(\p hash_alg) only for signature, not for verification.
- *
- * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
- *
- * \return              The corresponding deterministic ECDSA signature
- *                      algorithm.
- * \return              Unspecified if \p alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg)                           \
-    (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_IS_ECDSA(alg)                                           \
-    (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) ==  \
-     PSA_ALG_ECDSA_BASE)
-#define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)             \
-    (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
-#define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg)                             \
-    (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
-#define PSA_ALG_IS_RANDOMIZED_ECDSA(alg)                                \
-    (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
-
-/** Get the hash used by a hash-and-sign signature algorithm.
- *
- * A hash-and-sign algorithm is a signature algorithm which is
- * composed of two phases: first a hashing phase which does not use
- * the key and produces a hash of the input message, then a signing
- * phase which only uses the hash and the key and not the message
- * itself.
- *
- * \param alg   A signature algorithm (\c PSA_ALG_XXX value such that
- *              #PSA_ALG_IS_SIGN(\p alg) is true).
- *
- * \return      The underlying hash algorithm if \p alg is a hash-and-sign
- *              algorithm.
- * \return      0 if \p alg is a signature algorithm that does not
- *              follow the hash-and-sign structure.
- * \return      Unspecified if \p alg is not a signature algorithm or
- *              if it is not supported by the implementation.
- */
-#define PSA_ALG_SIGN_GET_HASH(alg)                                     \
-    (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) ||   \
-     PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg) ?                    \
-     ((alg) & PSA_ALG_HASH_MASK) == 0 ? /*"raw" algorithm*/ 0 :        \
-     ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH :             \
-     0)
-
-/** RSA PKCS#1 v1.5 encryption.
- */
-#define PSA_ALG_RSA_PKCS1V15_CRYPT              ((psa_algorithm_t)0x12020000)
-
-#define PSA_ALG_RSA_OAEP_BASE                   ((psa_algorithm_t)0x12030000)
-/** RSA OAEP encryption.
- *
- * This is the encryption scheme defined by RFC 8017
- * (PKCS#1: RSA Cryptography Specifications) under the name
- * RSAES-OAEP, with the message generation function MGF1.
- *
- * \param hash_alg      The hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true) to use
- *                      for MGF1.
- *
- * \return              The corresponding RSA OAEP signature algorithm.
- * \return              Unspecified if \p alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_RSA_OAEP(hash_alg)                              \
-    (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-#define PSA_ALG_IS_RSA_OAEP(alg)                                \
-    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE)
-#define PSA_ALG_RSA_OAEP_GET_HASH(alg)                          \
-    (PSA_ALG_IS_RSA_OAEP(alg) ?                                 \
-     ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH :      \
-     0)
-
-#define PSA_ALG_HKDF_BASE                       ((psa_algorithm_t)0x30000100)
-/** Macro to build an HKDF algorithm.
- *
- * For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256.
- *
- * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
- *
- * \return              The corresponding HKDF algorithm.
- * \return              Unspecified if \p alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_HKDF(hash_alg)                                  \
-    (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-/** Whether the specified algorithm is an HKDF algorithm.
- *
- * HKDF is a family of key derivation algorithms that are based on a hash
- * function and the HMAC construction.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \c alg is an HKDF algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
- *         key derivation algorithm identifier.
- */
-#define PSA_ALG_IS_HKDF(alg)                            \
-    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE)
-#define PSA_ALG_HKDF_GET_HASH(hkdf_alg)                         \
-    (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
-
-#define PSA_ALG_TLS12_PRF_BASE                     ((psa_algorithm_t)0x30000200)
-/** Macro to build a TLS-1.2 PRF algorithm.
- *
- * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule,
- * specified in Section 5 of RFC 5246. It is based on HMAC and can be
- * used with either SHA-256 or SHA-384.
- *
- * For the application to TLS-1.2, the salt and label arguments passed
- * to psa_key_derivation() are what's called 'seed' and 'label' in RFC 5246,
- * respectively. For example, for TLS key expansion, the salt is the
- * concatenation of ServerHello.Random + ClientHello.Random,
- * while the label is "key expansion".
- *
- * For example, `PSA_ALG_TLS12_PRF(PSA_ALG_SHA256)` represents the
- * TLS 1.2 PRF using HMAC-SHA-256.
- *
- * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
- *
- * \return              The corresponding TLS-1.2 PRF algorithm.
- * \return              Unspecified if \p alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_TLS12_PRF(hash_alg)                                  \
-    (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-
-/** Whether the specified algorithm is a TLS-1.2 PRF algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \c alg is a TLS-1.2 PRF algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
- *         key derivation algorithm identifier.
- */
-#define PSA_ALG_IS_TLS12_PRF(alg)                                    \
-    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE)
-#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg)                         \
-    (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
-
-#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x30000300)
-/** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm.
- *
- * In a pure-PSK handshake in TLS 1.2, the master secret is derived
- * from the PreSharedKey (PSK) through the application of padding
- * (RFC 4279, Section 2) and the TLS-1.2 PRF (RFC 5246, Section 5).
- * The latter is based on HMAC and can be used with either SHA-256
- * or SHA-384.
- *
- * For the application to TLS-1.2, the salt passed to psa_key_derivation()
- * (and forwarded to the TLS-1.2 PRF) is the concatenation of the
- * ClientHello.Random + ServerHello.Random, while the label is "master secret"
- * or "extended master secret".
- *
- * For example, `PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA256)` represents the
- * TLS-1.2 PSK to MasterSecret derivation PRF using HMAC-SHA-256.
- *
- * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
- *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
- *
- * \return              The corresponding TLS-1.2 PSK to MS algorithm.
- * \return              Unspecified if \p alg is not a supported
- *                      hash algorithm.
- */
-#define PSA_ALG_TLS12_PSK_TO_MS(hash_alg)                                  \
-    (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-
-/** Whether the specified algorithm is a TLS-1.2 PSK to MS algorithm.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \c alg is a TLS-1.2 PSK to MS algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
- *         key derivation algorithm identifier.
- */
-#define PSA_ALG_IS_TLS12_PSK_TO_MS(alg)                                    \
-    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE)
-#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg)                         \
-    (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
-
-#define PSA_ALG_KEY_DERIVATION_MASK             ((psa_algorithm_t)0x010fffff)
-
-/** Use a shared secret as is.
- *
- * Specify this algorithm as the selection component of a key agreement
- * to use the raw result of the key agreement as key material.
- *
- * \warning The raw result of a key agreement algorithm such as finite-field
- * Diffie-Hellman or elliptic curve Diffie-Hellman has biases and should
- * not be used directly as key material. It can however be used as the secret
- * input in a key derivation algorithm.
- */
-#define PSA_ALG_SELECT_RAW                      ((psa_algorithm_t)0x31000001)
-
-#define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg)                              \
-    (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION)
-
-#define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg)                              \
-    ((alg) & ~PSA_ALG_KEY_DERIVATION_MASK)
-
-#define PSA_ALG_FFDH_BASE                       ((psa_algorithm_t)0x22100000)
-/** The Diffie-Hellman key agreement algorithm.
- *
- * This algorithm combines the finite-field Diffie-Hellman (DH) key
- * agreement, also known as Diffie-Hellman-Merkle (DHM) key agreement,
- * to produce a shared secret from a private key and the peer's
- * public key, with a key selection or key derivation algorithm to produce
- * one or more shared keys and other shared cryptographic material.
- *
- * The shared secret produced by key agreement and passed as input to the
- * derivation or selection algorithm \p kdf_alg is the shared secret
- * `g^{ab}` in big-endian format.
- * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p`
- * in bits.
- *
- * \param kdf_alg       A key derivation algorithm (\c PSA_ALG_XXX value such
- *                      that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true)
- *                      or a key selection algorithm (\c PSA_ALG_XXX value such
- *                      that #PSA_ALG_IS_KEY_SELECTION(\p hash_alg) is true).
- *
- * \return              The Diffie-Hellman algorithm with the specified
- *                      selection or derivation algorithm.
- */
-#define PSA_ALG_FFDH(kdf_alg) \
-    (PSA_ALG_FFDH_BASE | ((kdf_alg) & PSA_ALG_KEY_DERIVATION_MASK))
-/** Whether the specified algorithm is a finite field Diffie-Hellman algorithm.
- *
- * This includes every supported key selection or key agreement algorithm
- * for the output of the Diffie-Hellman calculation.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \c alg is a finite field Diffie-Hellman algorithm, 0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
- *         key agreement algorithm identifier.
- */
-#define PSA_ALG_IS_FFDH(alg) \
-    (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH_BASE)
-
-#define PSA_ALG_ECDH_BASE                       ((psa_algorithm_t)0x22200000)
-/** The elliptic curve Diffie-Hellman (ECDH) key agreement algorithm.
- *
- * This algorithm combines the elliptic curve Diffie-Hellman key
- * agreement to produce a shared secret from a private key and the peer's
- * public key, with a key selection or key derivation algorithm to produce
- * one or more shared keys and other shared cryptographic material.
- *
- * The shared secret produced by key agreement and passed as input to the
- * derivation or selection algorithm \p kdf_alg is the x-coordinate of
- * the shared secret point. It is always `ceiling(m / 8)` bytes long where
- * `m` is the bit size associated with the curve, i.e. the bit size of the
- * order of the curve's coordinate field. When `m` is not a multiple of 8,
- * the byte containing the most significant bit of the shared secret
- * is padded with zero bits. The byte order is either little-endian
- * or big-endian depending on the curve type.
- *
- * - For Montgomery curves (curve types `PSA_ECC_CURVE_CURVEXXX`),
- *   the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
- *   in little-endian byte order.
- *   The bit size is 448 for Curve448 and 255 for Curve25519.
- * - For Weierstrass curves over prime fields (curve types
- *   `PSA_ECC_CURVE_SECPXXX` and `PSA_ECC_CURVE_BRAINPOOL_PXXX`),
- *   the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
- *   in big-endian byte order.
- *   The bit size is `m = ceiling(log_2(p))` for the field `F_p`.
- * - For Weierstrass curves over binary fields (curve types
- *   `PSA_ECC_CURVE_SECTXXX`),
- *   the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
- *   in big-endian byte order.
- *   The bit size is `m` for the field `F_{2^m}`.
- *
- * \param kdf_alg       A key derivation algorithm (\c PSA_ALG_XXX value such
- *                      that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true)
- *                      or a selection algorithm (\c PSA_ALG_XXX value such
- *                      that #PSA_ALG_IS_KEY_SELECTION(\p hash_alg) is true).
- *
- * \return              The Diffie-Hellman algorithm with the specified
- *                      selection or derivation algorithm.
- */
-#define PSA_ALG_ECDH(kdf_alg) \
-    (PSA_ALG_ECDH_BASE | ((kdf_alg) & PSA_ALG_KEY_DERIVATION_MASK))
-/** Whether the specified algorithm is an elliptic curve Diffie-Hellman
- * algorithm.
- *
- * This includes every supported key selection or key agreement algorithm
- * for the output of the Diffie-Hellman calculation.
- *
- * \param alg An algorithm identifier (value of type #psa_algorithm_t).
- *
- * \return 1 if \c alg is an elliptic curve Diffie-Hellman algorithm,
- *         0 otherwise.
- *         This macro may return either 0 or 1 if \c alg is not a supported
- *         key agreement algorithm identifier.
- */
-#define PSA_ALG_IS_ECDH(alg) \
-    (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH_BASE)
-
 /**@}*/
 
 /** \defgroup key_management Key management
  * @{
  */
 
-/** Encoding of key lifetimes.
- */
-typedef uint32_t psa_key_lifetime_t;
-
-/** Encoding of identifiers of persistent keys.
- */
-typedef uint32_t psa_key_id_t;
-
-/** A volatile key only exists as long as the handle to it is not closed.
- * The key material is guaranteed to be erased on a power reset.
- */
-#define PSA_KEY_LIFETIME_VOLATILE               ((psa_key_lifetime_t)0x00000000)
-
-/** The default storage area for persistent keys.
- *
- * A persistent key remains in storage until it is explicitly destroyed or
- * until the corresponding storage area is wiped. This specification does
- * not define any mechanism to wipe a storage area, but implementations may
- * provide their own mechanism (for example to perform a factory reset,
- * to prepare for device refurbishment, or to uninstall an application).
- *
- * This lifetime value is the default storage area for the calling
- * application. Implementations may offer other storage areas designated
- * by other lifetime values as implementation-specific extensions.
- */
-#define PSA_KEY_LIFETIME_PERSISTENT             ((psa_key_lifetime_t)0x00000001)
-
 /** \brief Retrieve the lifetime of an open key.
  *
  * \param handle        Handle to query.
@@ -1900,68 +573,6 @@ psa_status_t psa_export_public_key(psa_key_handle_t handle,
  * @{
  */
 
-/** \brief Encoding of permitted usage on a key. */
-typedef uint32_t psa_key_usage_t;
-
-/** Whether the key may be exported.
- *
- * A public key or the public part of a key pair may always be exported
- * regardless of the value of this permission flag.
- *
- * If a key does not have export permission, implementations shall not
- * allow the key to be exported in plain form from the cryptoprocessor,
- * whether through psa_export_key() or through a proprietary interface.
- * The key may however be exportable in a wrapped form, i.e. in a form
- * where it is encrypted by another key.
- */
-#define PSA_KEY_USAGE_EXPORT                    ((psa_key_usage_t)0x00000001)
-
-/** Whether the key may be used to encrypt a message.
- *
- * This flag allows the key to be used for a symmetric encryption operation,
- * for an AEAD encryption-and-authentication operation,
- * or for an asymmetric encryption operation,
- * if otherwise permitted by the key's type and policy.
- *
- * For a key pair, this concerns the public key.
- */
-#define PSA_KEY_USAGE_ENCRYPT                   ((psa_key_usage_t)0x00000100)
-
-/** Whether the key may be used to decrypt a message.
- *
- * This flag allows the key to be used for a symmetric decryption operation,
- * for an AEAD decryption-and-verification operation,
- * or for an asymmetric decryption operation,
- * if otherwise permitted by the key's type and policy.
- *
- * For a key pair, this concerns the private key.
- */
-#define PSA_KEY_USAGE_DECRYPT                   ((psa_key_usage_t)0x00000200)
-
-/** Whether the key may be used to sign a message.
- *
- * This flag allows the key to be used for a MAC calculation operation
- * or for an asymmetric signature operation,
- * if otherwise permitted by the key's type and policy.
- *
- * For a key pair, this concerns the private key.
- */
-#define PSA_KEY_USAGE_SIGN                      ((psa_key_usage_t)0x00000400)
-
-/** Whether the key may be used to verify a message signature.
- *
- * This flag allows the key to be used for a MAC verification operation
- * or for an asymmetric signature verification operation,
- * if otherwise permitted by by the key's type and policy.
- *
- * For a key pair, this concerns the public key.
- */
-#define PSA_KEY_USAGE_VERIFY                    ((psa_key_usage_t)0x00000800)
-
-/** Whether the key may be used to derive other keys.
- */
-#define PSA_KEY_USAGE_DERIVE                    ((psa_key_usage_t)0x00001000)
-
 /** The type of the key policy data structure.
  *
  * This is an implementation-defined \c struct. Applications should not
diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h
new file mode 100644
index 000000000..9b44d6aef
--- /dev/null
+++ b/include/psa/crypto_types.h
@@ -0,0 +1,101 @@
+/**
+ * \file psa/crypto_types.h
+ *
+ * \brief PSA cryptography module: type aliases.
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h. Drivers must include the appropriate driver
+ * header file.
+ *
+ * This file contains portable definitions of integral types for properties
+ * of cryptographic keys, designations of cryptographic algorithms, and
+ * error codes returned by the library.
+ *
+ * This header file does not declare any function.
+ */
+/*
+ *  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_TYPES_H
+#define PSA_CRYPTO_TYPES_H
+
+#include <stdint.h>
+
+/** \defgroup error Error codes
+ * @{
+ */
+
+/**
+ * \brief Function return status.
+ *
+ * This is either #PSA_SUCCESS (which is zero), indicating success,
+ * or a nonzero value indicating that an error occurred. Errors are
+ * encoded as one of the \c PSA_ERROR_xxx values defined here.
+ */
+typedef int32_t psa_status_t;
+
+/**@}*/
+
+/** \defgroup crypto_types Key and algorithm types
+ * @{
+ */
+
+/** \brief Encoding of a key type.
+ */
+typedef uint32_t psa_key_type_t;
+
+/** The type of PSA elliptic curve identifiers. */
+typedef uint16_t psa_ecc_curve_t;
+
+/** \brief Encoding of a cryptographic algorithm.
+ *
+ * For algorithms that can be applied to multiple key types, this type
+ * does not encode the key type. For example, for symmetric ciphers
+ * based on a block cipher, #psa_algorithm_t encodes the block cipher
+ * mode and the padding mode while the block cipher itself is encoded
+ * via #psa_key_type_t.
+ */
+typedef uint32_t psa_algorithm_t;
+
+/**@}*/
+
+/** \defgroup key_lifetimes Key lifetimes
+ * @{
+ */
+
+/** Encoding of key lifetimes.
+ */
+typedef uint32_t psa_key_lifetime_t;
+
+/** Encoding of identifiers of persistent keys.
+ */
+typedef uint32_t psa_key_id_t;
+
+/**@}*/
+
+/** \defgroup policy Key policies
+ * @{
+ */
+
+/** \brief Encoding of permitted usage on a key. */
+typedef uint32_t psa_key_usage_t;
+
+/**@}*/
+
+#endif /* PSA_CRYPTO_TYPES_H */
diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
new file mode 100644
index 000000000..d83ad1be9
--- /dev/null
+++ b/include/psa/crypto_values.h
@@ -0,0 +1,1418 @@
+/**
+ * \file psa/crypto_values.h
+ *
+ * \brief PSA cryptography module: macros to build and analyze integer values.
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h. Drivers must include the appropriate driver
+ * header file.
+ *
+ * This file contains portable definitions of macros to build and analyze
+ * values of integral types that encode properties of cryptographic keys,
+ * designations of cryptographic algorithms, and error codes returned by
+ * the library.
+ *
+ * This header file only defines preprocessor macros.
+ */
+/*
+ *  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef PSA_CRYPTO_VALUES_H
+#define PSA_CRYPTO_VALUES_H
+
+/** \defgroup error Error codes
+ * @{
+ */
+
+#if !defined(PSA_SUCCESS)
+/* If PSA_SUCCESS is defined, assume that PSA crypto is being used
+ * together with PSA IPC, which also defines the identifier
+ * PSA_SUCCESS. We must not define PSA_SUCCESS ourselves in that case;
+ * the other error code names don't clash. This is a temporary hack
+ * until we unify error reporting in PSA IPC and PSA crypto.
+ *
+ * Note that psa_defs.h must be included before this header!
+ */
+/** The action was completed successfully. */
+#define PSA_SUCCESS ((psa_status_t)0)
+#endif /* !defined(PSA_SUCCESS) */
+
+/** An error occurred that does not correspond to any defined
+ * failure cause.
+ *
+ * Implementations may use this error code if none of the other standard
+ * error codes are applicable. */
+#define PSA_ERROR_UNKNOWN_ERROR         ((psa_status_t)1)
+
+/** The requested operation or a parameter is not supported
+ * by this implementation.
+ *
+ * Implementations should return this error code when an enumeration
+ * parameter such as a key type, algorithm, etc. is not recognized.
+ * If a combination of parameters is recognized and identified as
+ * not valid, return #PSA_ERROR_INVALID_ARGUMENT instead. */
+#define PSA_ERROR_NOT_SUPPORTED         ((psa_status_t)2)
+
+/** The requested action is denied by a policy.
+ *
+ * Implementations should return this error code when the parameters
+ * are recognized as valid and supported, and a policy explicitly
+ * denies the requested operation.
+ *
+ * If a subset of the parameters of a function call identify a
+ * forbidden operation, and another subset of the parameters are
+ * not valid or not supported, it is unspecified whether the function
+ * returns #PSA_ERROR_NOT_PERMITTED, #PSA_ERROR_NOT_SUPPORTED or
+ * #PSA_ERROR_INVALID_ARGUMENT. */
+#define PSA_ERROR_NOT_PERMITTED         ((psa_status_t)3)
+
+/** An output buffer is too small.
+ *
+ * Applications can call the \c PSA_xxx_SIZE macro listed in the function
+ * description to determine a sufficient buffer size.
+ *
+ * Implementations should preferably return this error code only
+ * in cases when performing the operation with a larger output
+ * buffer would succeed. However implementations may return this
+ * error if a function has invalid or unsupported parameters in addition
+ * to the parameters that determine the necessary output buffer size. */
+#define PSA_ERROR_BUFFER_TOO_SMALL      ((psa_status_t)4)
+
+/** A slot is occupied, but must be empty to carry out the
+ * requested action.
+ *
+ * If a handle is invalid, it does not designate an occupied slot.
+ * The error for an invalid handle is #PSA_ERROR_INVALID_HANDLE.
+ */
+#define PSA_ERROR_OCCUPIED_SLOT         ((psa_status_t)5)
+
+/** A slot is empty, but must be occupied to carry out the
+ * requested action.
+ *
+ * If a handle is invalid, it does not designate an empty slot.
+ * The error for an invalid handle is #PSA_ERROR_INVALID_HANDLE.
+ */
+#define PSA_ERROR_EMPTY_SLOT            ((psa_status_t)6)
+
+/** The requested action cannot be performed in the current state.
+ *
+ * Multipart operations return this error when one of the
+ * functions is called out of sequence. Refer to the function
+ * descriptions for permitted sequencing of functions.
+ *
+ * Implementations shall not return this error code to indicate
+ * that a key slot is occupied when it needs to be free or vice versa,
+ * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT
+ * as applicable. */
+#define PSA_ERROR_BAD_STATE             ((psa_status_t)7)
+
+/** The parameters passed to the function are invalid.
+ *
+ * Implementations may return this error any time a parameter or
+ * combination of parameters are recognized as invalid.
+ *
+ * Implementations shall not return this error code to indicate
+ * that a key slot is occupied when it needs to be free or vice versa,
+ * but shall return #PSA_ERROR_OCCUPIED_SLOT or #PSA_ERROR_EMPTY_SLOT
+ * as applicable.
+ *
+ * Implementation shall not return this error code to indicate that a
+ * key handle is invalid, but shall return #PSA_ERROR_INVALID_HANDLE
+ * instead.
+ */
+#define PSA_ERROR_INVALID_ARGUMENT      ((psa_status_t)8)
+
+/** There is not enough runtime memory.
+ *
+ * If the action is carried out across multiple security realms, this
+ * error can refer to available memory in any of the security realms. */
+#define PSA_ERROR_INSUFFICIENT_MEMORY   ((psa_status_t)9)
+
+/** There is not enough persistent storage.
+ *
+ * Functions that modify the key storage return this error code if
+ * there is insufficient storage space on the host media. In addition,
+ * many functions that do not otherwise access storage may return this
+ * error code if the implementation requires a mandatory log entry for
+ * the requested action and the log storage space is full. */
+#define PSA_ERROR_INSUFFICIENT_STORAGE  ((psa_status_t)10)
+
+/** There was a communication failure inside the implementation.
+ *
+ * This can indicate a communication failure between the application
+ * and an external cryptoprocessor or between the cryptoprocessor and
+ * an external volatile or persistent memory. A communication failure
+ * may be transient or permanent depending on the cause.
+ *
+ * \warning If a function returns this error, it is undetermined
+ * whether the requested action has completed or not. Implementations
+ * should return #PSA_SUCCESS on successful completion whenver
+ * possible, however functions may return #PSA_ERROR_COMMUNICATION_FAILURE
+ * if the requested action was completed successfully in an external
+ * cryptoprocessor but there was a breakdown of communication before
+ * the cryptoprocessor could report the status to the application.
+ */
+#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)11)
+
+/** There was a storage failure that may have led to data loss.
+ *
+ * This error indicates that some persistent storage is corrupted.
+ * It should not be used for a corruption of volatile memory
+ * (use #PSA_ERROR_TAMPERING_DETECTED), for a communication error
+ * between the cryptoprocessor and its external storage (use
+ * #PSA_ERROR_COMMUNICATION_FAILURE), or when the storage is
+ * in a valid state but is full (use #PSA_ERROR_INSUFFICIENT_STORAGE).
+ *
+ * Note that a storage failure does not indicate that any data that was
+ * previously read is invalid. However this previously read data may no
+ * longer be readable from storage.
+ *
+ * When a storage failure occurs, it is no longer possible to ensure
+ * the global integrity of the keystore. Depending on the global
+ * integrity guarantees offered by the implementation, access to other
+ * data may or may not fail even if the data is still readable but
+ * its integrity canont be guaranteed.
+ *
+ * Implementations should only use this error code to report a
+ * permanent storage corruption. However application writers should
+ * keep in mind that transient errors while reading the storage may be
+ * reported using this error code. */
+#define PSA_ERROR_STORAGE_FAILURE       ((psa_status_t)12)
+
+/** A hardware failure was detected.
+ *
+ * A hardware failure may be transient or permanent depending on the
+ * cause. */
+#define PSA_ERROR_HARDWARE_FAILURE      ((psa_status_t)13)
+
+/** A tampering attempt was detected.
+ *
+ * If an application receives this error code, there is no guarantee
+ * that previously accessed or computed data was correct and remains
+ * confidential. Applications should not perform any security function
+ * and should enter a safe failure state.
+ *
+ * Implementations may return this error code if they detect an invalid
+ * state that cannot happen during normal operation and that indicates
+ * that the implementation's security guarantees no longer hold. Depending
+ * on the implementation architecture and on its security and safety goals,
+ * the implementation may forcibly terminate the application.
+ *
+ * This error code is intended as a last resort when a security breach
+ * is detected and it is unsure whether the keystore data is still
+ * protected. Implementations shall only return this error code
+ * to report an alarm from a tampering detector, to indicate that
+ * the confidentiality of stored data can no longer be guaranteed,
+ * or to indicate that the integrity of previously returned data is now
+ * considered compromised. Implementations shall not use this error code
+ * to indicate a hardware failure that merely makes it impossible to
+ * perform the requested operation (use #PSA_ERROR_COMMUNICATION_FAILURE,
+ * #PSA_ERROR_STORAGE_FAILURE, #PSA_ERROR_HARDWARE_FAILURE,
+ * #PSA_ERROR_INSUFFICIENT_ENTROPY or other applicable error code
+ * instead).
+ *
+ * This error indicates an attack against the application. Implementations
+ * shall not return this error code as a consequence of the behavior of
+ * the application itself. */
+#define PSA_ERROR_TAMPERING_DETECTED    ((psa_status_t)14)
+
+/** There is not enough entropy to generate random data needed
+ * for the requested action.
+ *
+ * This error indicates a failure of a hardware random generator.
+ * Application writers should note that this error can be returned not
+ * only by functions whose purpose is to generate random data, such
+ * as key, IV or nonce generation, but also by functions that execute
+ * an algorithm with a randomized result, as well as functions that
+ * use randomization of intermediate computations as a countermeasure
+ * to certain attacks.
+ *
+ * Implementations should avoid returning this error after psa_crypto_init()
+ * has succeeded. Implementations should generate sufficient
+ * entropy during initialization and subsequently use a cryptographically
+ * secure pseudorandom generator (PRNG). However implementations may return
+ * this error at any time if a policy requires the PRNG to be reseeded
+ * during normal operation. */
+#define PSA_ERROR_INSUFFICIENT_ENTROPY  ((psa_status_t)15)
+
+/** The signature, MAC or hash is incorrect.
+ *
+ * Verification functions return this error if the verification
+ * calculations completed successfully, and the value to be verified
+ * was determined to be incorrect.
+ *
+ * If the value to verify has an invalid size, implementations may return
+ * either #PSA_ERROR_INVALID_ARGUMENT or #PSA_ERROR_INVALID_SIGNATURE. */
+#define PSA_ERROR_INVALID_SIGNATURE     ((psa_status_t)16)
+
+/** The decrypted padding is incorrect.
+ *
+ * \warning In some protocols, when decrypting data, it is essential that
+ * the behavior of the application does not depend on whether the padding
+ * is correct, down to precise timing. Applications should prefer
+ * protocols that use authenticated encryption rather than plain
+ * encryption. If the application must perform a decryption of
+ * unauthenticated data, the application writer should take care not
+ * to reveal whether the padding is invalid.
+ *
+ * Implementations should strive to make valid and invalid padding
+ * as close as possible to indistinguishable to an external observer.
+ * In particular, the timing of a decryption operation should not
+ * depend on the validity of the padding. */
+#define PSA_ERROR_INVALID_PADDING       ((psa_status_t)17)
+
+/** The generator has insufficient capacity left.
+ *
+ * Once a function returns this error, attempts to read from the
+ * generator will always return this error. */
+#define PSA_ERROR_INSUFFICIENT_CAPACITY ((psa_status_t)18)
+
+/** The key handle is not valid.
+ */
+#define PSA_ERROR_INVALID_HANDLE        ((psa_status_t)19)
+
+/**@}*/
+
+/** \defgroup crypto_types Key and algorithm types
+ * @{
+ */
+
+/** An invalid key type value.
+ *
+ * Zero is not the encoding of any key type.
+ */
+#define PSA_KEY_TYPE_NONE                       ((psa_key_type_t)0x00000000)
+
+/** Vendor-defined flag
+ *
+ * Key types defined by this standard will never have the
+ * #PSA_KEY_TYPE_VENDOR_FLAG bit set. Vendors who define additional key types
+ * must use an encoding with the #PSA_KEY_TYPE_VENDOR_FLAG bit set and should
+ * respect the bitwise structure used by standard encodings whenever practical.
+ */
+#define PSA_KEY_TYPE_VENDOR_FLAG                ((psa_key_type_t)0x80000000)
+
+#define PSA_KEY_TYPE_CATEGORY_MASK              ((psa_key_type_t)0x70000000)
+#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC         ((psa_key_type_t)0x40000000)
+#define PSA_KEY_TYPE_CATEGORY_RAW               ((psa_key_type_t)0x50000000)
+#define PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY        ((psa_key_type_t)0x60000000)
+#define PSA_KEY_TYPE_CATEGORY_KEY_PAIR          ((psa_key_type_t)0x70000000)
+
+#define PSA_KEY_TYPE_CATEGORY_FLAG_PAIR         ((psa_key_type_t)0x10000000)
+
+/** Whether a key type is vendor-defined. */
+#define PSA_KEY_TYPE_IS_VENDOR_DEFINED(type) \
+    (((type) & PSA_KEY_TYPE_VENDOR_FLAG) != 0)
+
+/** Whether a key type is an unstructured array of bytes.
+ *
+ * This encompasses both symmetric keys and non-key data.
+ */
+#define PSA_KEY_TYPE_IS_UNSTRUCTURED(type) \
+    (((type) & PSA_KEY_TYPE_CATEGORY_MASK & ~(psa_key_type_t)0x10000000) == \
+     PSA_KEY_TYPE_CATEGORY_SYMMETRIC)
+
+/** Whether a key type is asymmetric: either a key pair or a public key. */
+#define PSA_KEY_TYPE_IS_ASYMMETRIC(type)                                \
+    (((type) & PSA_KEY_TYPE_CATEGORY_MASK                               \
+      & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR) ==                            \
+     PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
+/** Whether a key type is the public part of a key pair. */
+#define PSA_KEY_TYPE_IS_PUBLIC_KEY(type)                                \
+    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY)
+/** Whether a key type is a key pair containing a private part and a public
+ * part. */
+#define PSA_KEY_TYPE_IS_KEYPAIR(type)                                   \
+    (((type) & PSA_KEY_TYPE_CATEGORY_MASK) == PSA_KEY_TYPE_CATEGORY_KEY_PAIR)
+/** The key pair type corresponding to a public key type.
+ *
+ * You may also pass a key pair type as \p type, it will be left unchanged.
+ *
+ * \param type      A public key type or key pair type.
+ *
+ * \return          The corresponding key pair type.
+ *                  If \p type is not a public key or a key pair,
+ *                  the return value is undefined.
+ */
+#define PSA_KEY_TYPE_KEYPAIR_OF_PUBLIC_KEY(type)        \
+    ((type) | PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
+/** The public key type corresponding to a key pair type.
+ *
+ * You may also pass a key pair type as \p type, it will be left unchanged.
+ *
+ * \param type      A public key type or key pair type.
+ *
+ * \return          The corresponding public key type.
+ *                  If \p type is not a public key or a key pair,
+ *                  the return value is undefined.
+ */
+#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type)        \
+    ((type) & ~PSA_KEY_TYPE_CATEGORY_FLAG_PAIR)
+
+/** Raw data.
+ *
+ * A "key" of this type cannot be used for any cryptographic operation.
+ * Applications may use this type to store arbitrary data in the keystore. */
+#define PSA_KEY_TYPE_RAW_DATA                   ((psa_key_type_t)0x50000001)
+
+/** HMAC key.
+ *
+ * The key policy determines which underlying hash algorithm the key can be
+ * used for.
+ *
+ * HMAC keys should generally have the same size as the underlying hash.
+ * This size can be calculated with #PSA_HASH_SIZE(\c alg) where
+ * \c alg is the HMAC algorithm or the underlying hash algorithm. */
+#define PSA_KEY_TYPE_HMAC                       ((psa_key_type_t)0x51000000)
+
+/** A secret for key derivation.
+ *
+ * The key policy determines which key derivation algorithm the key
+ * can be used for.
+ */
+#define PSA_KEY_TYPE_DERIVE                     ((psa_key_type_t)0x52000000)
+
+/** Key for an cipher, AEAD or MAC algorithm based on the AES block cipher.
+ *
+ * The size of the key can be 16 bytes (AES-128), 24 bytes (AES-192) or
+ * 32 bytes (AES-256).
+ */
+#define PSA_KEY_TYPE_AES                        ((psa_key_type_t)0x40000001)
+
+/** Key for a cipher or MAC algorithm based on DES or 3DES (Triple-DES).
+ *
+ * The size of the key can be 8 bytes (single DES), 16 bytes (2-key 3DES) or
+ * 24 bytes (3-key 3DES).
+ *
+ * Note that single DES and 2-key 3DES are weak and strongly
+ * deprecated and should only be used to decrypt legacy data. 3-key 3DES
+ * is weak and deprecated and should only be used in legacy protocols.
+ */
+#define PSA_KEY_TYPE_DES                        ((psa_key_type_t)0x40000002)
+
+/** Key for an cipher, AEAD or MAC algorithm based on the
+ * Camellia block cipher. */
+#define PSA_KEY_TYPE_CAMELLIA                   ((psa_key_type_t)0x40000003)
+
+/** Key for the RC4 stream cipher.
+ *
+ * Note that RC4 is weak and deprecated and should only be used in
+ * legacy protocols. */
+#define PSA_KEY_TYPE_ARC4                       ((psa_key_type_t)0x40000004)
+
+/** RSA public key. */
+#define PSA_KEY_TYPE_RSA_PUBLIC_KEY             ((psa_key_type_t)0x60010000)
+/** RSA key pair (private and public key). */
+#define PSA_KEY_TYPE_RSA_KEYPAIR                ((psa_key_type_t)0x70010000)
+/** Whether a key type is an RSA key (pair or public-only). */
+#define PSA_KEY_TYPE_IS_RSA(type)                                       \
+    (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
+
+/** DSA public key. */
+#define PSA_KEY_TYPE_DSA_PUBLIC_KEY             ((psa_key_type_t)0x60020000)
+/** DSA key pair (private and public key). */
+#define PSA_KEY_TYPE_DSA_KEYPAIR                ((psa_key_type_t)0x70020000)
+/** Whether a key type is an DSA key (pair or public-only). */
+#define PSA_KEY_TYPE_IS_DSA(type)                                       \
+    (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_DSA_PUBLIC_KEY)
+
+#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE        ((psa_key_type_t)0x60030000)
+#define PSA_KEY_TYPE_ECC_KEYPAIR_BASE           ((psa_key_type_t)0x70030000)
+#define PSA_KEY_TYPE_ECC_CURVE_MASK             ((psa_key_type_t)0x0000ffff)
+/** Elliptic curve key pair. */
+#define PSA_KEY_TYPE_ECC_KEYPAIR(curve)         \
+    (PSA_KEY_TYPE_ECC_KEYPAIR_BASE | (curve))
+/** Elliptic curve public key. */
+#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve)              \
+    (PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | (curve))
+
+/** Whether a key type is an elliptic curve key (pair or public-only). */
+#define PSA_KEY_TYPE_IS_ECC(type)                                       \
+    ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) &                        \
+      ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
+#define PSA_KEY_TYPE_IS_ECC_KEYPAIR(type)                               \
+    (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) ==                         \
+     PSA_KEY_TYPE_ECC_KEYPAIR_BASE)
+#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type)                            \
+    (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) ==                         \
+     PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
+
+/** Extract the curve from an elliptic curve key type. */
+#define PSA_KEY_TYPE_GET_CURVE(type)                             \
+    ((psa_ecc_curve_t) (PSA_KEY_TYPE_IS_ECC(type) ?              \
+                        ((type) & PSA_KEY_TYPE_ECC_CURVE_MASK) : \
+                        0))
+
+/* The encoding of curve identifiers is currently aligned with the
+ * TLS Supported Groups Registry (formerly known as the
+ * TLS EC Named Curve Registry)
+ * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8
+ * The values are defined by RFC 8422 and RFC 7027. */
+#define PSA_ECC_CURVE_SECT163K1         ((psa_ecc_curve_t) 0x0001)
+#define PSA_ECC_CURVE_SECT163R1         ((psa_ecc_curve_t) 0x0002)
+#define PSA_ECC_CURVE_SECT163R2         ((psa_ecc_curve_t) 0x0003)
+#define PSA_ECC_CURVE_SECT193R1         ((psa_ecc_curve_t) 0x0004)
+#define PSA_ECC_CURVE_SECT193R2         ((psa_ecc_curve_t) 0x0005)
+#define PSA_ECC_CURVE_SECT233K1         ((psa_ecc_curve_t) 0x0006)
+#define PSA_ECC_CURVE_SECT233R1         ((psa_ecc_curve_t) 0x0007)
+#define PSA_ECC_CURVE_SECT239K1         ((psa_ecc_curve_t) 0x0008)
+#define PSA_ECC_CURVE_SECT283K1         ((psa_ecc_curve_t) 0x0009)
+#define PSA_ECC_CURVE_SECT283R1         ((psa_ecc_curve_t) 0x000a)
+#define PSA_ECC_CURVE_SECT409K1         ((psa_ecc_curve_t) 0x000b)
+#define PSA_ECC_CURVE_SECT409R1         ((psa_ecc_curve_t) 0x000c)
+#define PSA_ECC_CURVE_SECT571K1         ((psa_ecc_curve_t) 0x000d)
+#define PSA_ECC_CURVE_SECT571R1         ((psa_ecc_curve_t) 0x000e)
+#define PSA_ECC_CURVE_SECP160K1         ((psa_ecc_curve_t) 0x000f)
+#define PSA_ECC_CURVE_SECP160R1         ((psa_ecc_curve_t) 0x0010)
+#define PSA_ECC_CURVE_SECP160R2         ((psa_ecc_curve_t) 0x0011)
+#define PSA_ECC_CURVE_SECP192K1         ((psa_ecc_curve_t) 0x0012)
+#define PSA_ECC_CURVE_SECP192R1         ((psa_ecc_curve_t) 0x0013)
+#define PSA_ECC_CURVE_SECP224K1         ((psa_ecc_curve_t) 0x0014)
+#define PSA_ECC_CURVE_SECP224R1         ((psa_ecc_curve_t) 0x0015)
+#define PSA_ECC_CURVE_SECP256K1         ((psa_ecc_curve_t) 0x0016)
+#define PSA_ECC_CURVE_SECP256R1         ((psa_ecc_curve_t) 0x0017)
+#define PSA_ECC_CURVE_SECP384R1         ((psa_ecc_curve_t) 0x0018)
+#define PSA_ECC_CURVE_SECP521R1         ((psa_ecc_curve_t) 0x0019)
+#define PSA_ECC_CURVE_BRAINPOOL_P256R1  ((psa_ecc_curve_t) 0x001a)
+#define PSA_ECC_CURVE_BRAINPOOL_P384R1  ((psa_ecc_curve_t) 0x001b)
+#define PSA_ECC_CURVE_BRAINPOOL_P512R1  ((psa_ecc_curve_t) 0x001c)
+#define PSA_ECC_CURVE_CURVE25519        ((psa_ecc_curve_t) 0x001d)
+#define PSA_ECC_CURVE_CURVE448          ((psa_ecc_curve_t) 0x001e)
+
+/** The block size of a block cipher.
+ *
+ * \param type  A cipher key type (value of type #psa_key_type_t).
+ *
+ * \return      The block size for a block cipher, or 1 for a stream cipher.
+ *              The return value is undefined if \p type is not a supported
+ *              cipher key type.
+ *
+ * \note It is possible to build stream cipher algorithms on top of a block
+ *       cipher, for example CTR mode (#PSA_ALG_CTR).
+ *       This macro only takes the key type into account, so it cannot be
+ *       used to determine the size of the data that #psa_cipher_update()
+ *       might buffer for future processing in general.
+ *
+ * \note This macro returns a compile-time constant if its argument is one.
+ *
+ * \warning This macro may evaluate its argument multiple times.
+ */
+#define PSA_BLOCK_CIPHER_BLOCK_SIZE(type)            \
+    (                                                \
+        (type) == PSA_KEY_TYPE_AES ? 16 :            \
+        (type) == PSA_KEY_TYPE_DES ? 8 :             \
+        (type) == PSA_KEY_TYPE_CAMELLIA ? 16 :       \
+        (type) == PSA_KEY_TYPE_ARC4 ? 1 :            \
+        0)
+
+#define PSA_ALG_VENDOR_FLAG                     ((psa_algorithm_t)0x80000000)
+#define PSA_ALG_CATEGORY_MASK                   ((psa_algorithm_t)0x7f000000)
+#define PSA_ALG_CATEGORY_HASH                   ((psa_algorithm_t)0x01000000)
+#define PSA_ALG_CATEGORY_MAC                    ((psa_algorithm_t)0x02000000)
+#define PSA_ALG_CATEGORY_CIPHER                 ((psa_algorithm_t)0x04000000)
+#define PSA_ALG_CATEGORY_AEAD                   ((psa_algorithm_t)0x06000000)
+#define PSA_ALG_CATEGORY_SIGN                   ((psa_algorithm_t)0x10000000)
+#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION  ((psa_algorithm_t)0x12000000)
+#define PSA_ALG_CATEGORY_KEY_AGREEMENT          ((psa_algorithm_t)0x22000000)
+#define PSA_ALG_CATEGORY_KEY_DERIVATION         ((psa_algorithm_t)0x30000000)
+#define PSA_ALG_CATEGORY_KEY_SELECTION          ((psa_algorithm_t)0x31000000)
+
+#define PSA_ALG_IS_VENDOR_DEFINED(alg)                                  \
+    (((alg) & PSA_ALG_VENDOR_FLAG) != 0)
+
+/** Whether the specified algorithm is a hash algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a hash algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_HASH(alg)                                            \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_HASH)
+
+/** Whether the specified algorithm is a MAC algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a MAC algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_MAC(alg)                                             \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_MAC)
+
+/** Whether the specified algorithm is a symmetric cipher algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a symmetric cipher algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_CIPHER(alg)                                          \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_CIPHER)
+
+/** Whether the specified algorithm is an authenticated encryption
+ * with associated data (AEAD) algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is an AEAD algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_AEAD(alg)                                            \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_AEAD)
+
+/** Whether the specified algorithm is a public-key signature algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a public-key signature algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_SIGN(alg)                                            \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_SIGN)
+
+/** Whether the specified algorithm is a public-key encryption algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a public-key encryption algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_ASYMMETRIC_ENCRYPTION(alg)                           \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION)
+
+#define PSA_ALG_KEY_SELECTION_FLAG              ((psa_algorithm_t)0x01000000)
+/** Whether the specified algorithm is a key agreement algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a key agreement algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_KEY_AGREEMENT(alg)                                   \
+    (((alg) & PSA_ALG_CATEGORY_MASK & ~PSA_ALG_KEY_SELECTION_FLAG) ==   \
+     PSA_ALG_CATEGORY_KEY_AGREEMENT)
+
+/** Whether the specified algorithm is a key derivation algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a key derivation algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_KEY_DERIVATION(alg)                                  \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_DERIVATION)
+
+/** Whether the specified algorithm is a key selection algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a key selection algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_KEY_SELECTION(alg)                                   \
+    (((alg) & PSA_ALG_CATEGORY_MASK) == PSA_ALG_CATEGORY_KEY_SELECTION)
+
+#define PSA_ALG_HASH_MASK                       ((psa_algorithm_t)0x000000ff)
+#define PSA_ALG_MD2                             ((psa_algorithm_t)0x01000001)
+#define PSA_ALG_MD4                             ((psa_algorithm_t)0x01000002)
+#define PSA_ALG_MD5                             ((psa_algorithm_t)0x01000003)
+#define PSA_ALG_RIPEMD160                       ((psa_algorithm_t)0x01000004)
+#define PSA_ALG_SHA_1                           ((psa_algorithm_t)0x01000005)
+/** SHA2-224 */
+#define PSA_ALG_SHA_224                         ((psa_algorithm_t)0x01000008)
+/** SHA2-256 */
+#define PSA_ALG_SHA_256                         ((psa_algorithm_t)0x01000009)
+/** SHA2-384 */
+#define PSA_ALG_SHA_384                         ((psa_algorithm_t)0x0100000a)
+/** SHA2-512 */
+#define PSA_ALG_SHA_512                         ((psa_algorithm_t)0x0100000b)
+/** SHA2-512/224 */
+#define PSA_ALG_SHA_512_224                     ((psa_algorithm_t)0x0100000c)
+/** SHA2-512/256 */
+#define PSA_ALG_SHA_512_256                     ((psa_algorithm_t)0x0100000d)
+/** SHA3-224 */
+#define PSA_ALG_SHA3_224                        ((psa_algorithm_t)0x01000010)
+/** SHA3-256 */
+#define PSA_ALG_SHA3_256                        ((psa_algorithm_t)0x01000011)
+/** SHA3-384 */
+#define PSA_ALG_SHA3_384                        ((psa_algorithm_t)0x01000012)
+/** SHA3-512 */
+#define PSA_ALG_SHA3_512                        ((psa_algorithm_t)0x01000013)
+
+#define PSA_ALG_MAC_SUBCATEGORY_MASK            ((psa_algorithm_t)0x00c00000)
+#define PSA_ALG_HMAC_BASE                       ((psa_algorithm_t)0x02800000)
+/** Macro to build an HMAC algorithm.
+ *
+ * For example, #PSA_ALG_HMAC(#PSA_ALG_SHA_256) is HMAC-SHA-256.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *
+ * \return              The corresponding HMAC algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_HMAC(hash_alg)                                  \
+    (PSA_ALG_HMAC_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+
+#define PSA_ALG_HMAC_GET_HASH(hmac_alg)                             \
+    (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
+
+/** Whether the specified algorithm is an HMAC algorithm.
+ *
+ * HMAC is a family of MAC algorithms that are based on a hash function.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is an HMAC algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_HMAC(alg)                                            \
+    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
+     PSA_ALG_HMAC_BASE)
+
+/* In the encoding of a MAC algorithm, the bits corresponding to
+ * PSA_ALG_MAC_TRUNCATION_MASK encode the length to which the MAC is
+ * truncated. As an exception, the value 0 means the untruncated algorithm,
+ * whatever its length is. The length is encoded in 6 bits, so it can
+ * reach up to 63; the largest MAC is 64 bytes so its trivial truncation
+ * to full length is correctly encoded as 0 and any non-trivial truncation
+ * is correctly encoded as a value between 1 and 63. */
+#define PSA_ALG_MAC_TRUNCATION_MASK             ((psa_algorithm_t)0x00003f00)
+#define PSA_MAC_TRUNCATION_OFFSET 8
+
+/** Macro to build a truncated MAC algorithm.
+ *
+ * A truncated MAC algorithm is identical to the corresponding MAC
+ * algorithm except that the MAC value for the truncated algorithm
+ * consists of only the first \p mac_length bytes of the MAC value
+ * for the untruncated algorithm.
+ *
+ * \note    This macro may allow constructing algorithm identifiers that
+ *          are not valid, either because the specified length is larger
+ *          than the untruncated MAC or because the specified length is
+ *          smaller than permitted by the implementation.
+ *
+ * \note    It is implementation-defined whether a truncated MAC that
+ *          is truncated to the same length as the MAC of the untruncated
+ *          algorithm is considered identical to the untruncated algorithm
+ *          for policy comparison purposes.
+ *
+ * \param alg           A MAC algorithm identifier (value of type
+ *                      #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
+ *                      is true). This may be a truncated or untruncated
+ *                      MAC algorithm.
+ * \param mac_length    Desired length of the truncated MAC in bytes.
+ *                      This must be at most the full length of the MAC
+ *                      and must be at least an implementation-specified
+ *                      minimum. The implementation-specified minimum
+ *                      shall not be zero.
+ *
+ * \return              The corresponding MAC algorithm with the specified
+ *                      length.
+ * \return              Unspecified if \p alg is not a supported
+ *                      MAC algorithm or if \p mac_length is too small or
+ *                      too large for the specified MAC algorithm.
+ */
+#define PSA_ALG_TRUNCATED_MAC(alg, mac_length)                          \
+    (((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK) |                           \
+     ((mac_length) << PSA_MAC_TRUNCATION_OFFSET & PSA_ALG_MAC_TRUNCATION_MASK))
+
+/** Macro to build the base MAC algorithm corresponding to a truncated
+ * MAC algorithm.
+ *
+ * \param alg           A MAC algorithm identifier (value of type
+ *                      #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
+ *                      is true). This may be a truncated or untruncated
+ *                      MAC algorithm.
+ *
+ * \return              The corresponding base MAC algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      MAC algorithm.
+ */
+#define PSA_ALG_FULL_LENGTH_MAC(alg)            \
+    ((alg) & ~PSA_ALG_MAC_TRUNCATION_MASK)
+
+/** Length to which a MAC algorithm is truncated.
+ *
+ * \param alg           A MAC algorithm identifier (value of type
+ *                      #psa_algorithm_t such that #PSA_ALG_IS_MAC(\p alg)
+ *                      is true).
+ *
+ * \return              Length of the truncated MAC in bytes.
+ * \return              0 if \p alg is a non-truncated MAC algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      MAC algorithm.
+ */
+#define PSA_MAC_TRUNCATED_LENGTH(alg)           \
+    (((alg) & PSA_ALG_MAC_TRUNCATION_MASK) >> PSA_MAC_TRUNCATION_OFFSET)
+
+#define PSA_ALG_CIPHER_MAC_BASE                 ((psa_algorithm_t)0x02c00000)
+#define PSA_ALG_CBC_MAC                         ((psa_algorithm_t)0x02c00001)
+#define PSA_ALG_CMAC                            ((psa_algorithm_t)0x02c00002)
+#define PSA_ALG_GMAC                            ((psa_algorithm_t)0x02c00003)
+
+/** Whether the specified algorithm is a MAC algorithm based on a block cipher.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a MAC algorithm based on a block cipher, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier.
+ */
+#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg)                                \
+    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_MAC_SUBCATEGORY_MASK)) == \
+     PSA_ALG_CIPHER_MAC_BASE)
+
+#define PSA_ALG_CIPHER_STREAM_FLAG              ((psa_algorithm_t)0x00800000)
+#define PSA_ALG_CIPHER_FROM_BLOCK_FLAG          ((psa_algorithm_t)0x00400000)
+
+/** Whether the specified algorithm is a stream cipher.
+ *
+ * A stream cipher is a symmetric cipher that encrypts or decrypts messages
+ * by applying a bitwise-xor with a stream of bytes that is generated
+ * from a key.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \p alg is a stream cipher algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \p alg is not a supported
+ *         algorithm identifier or if it is not a symmetric cipher algorithm.
+ */
+#define PSA_ALG_IS_STREAM_CIPHER(alg)            \
+    (((alg) & (PSA_ALG_CATEGORY_MASK | PSA_ALG_CIPHER_STREAM_FLAG)) == \
+        (PSA_ALG_CATEGORY_CIPHER | PSA_ALG_CIPHER_STREAM_FLAG))
+
+/** The ARC4 stream cipher algorithm.
+ */
+#define PSA_ALG_ARC4                            ((psa_algorithm_t)0x04800001)
+
+/** The CTR stream cipher mode.
+ *
+ * CTR is a stream cipher which is built from a block cipher.
+ * The underlying block cipher is determined by the key type.
+ * For example, to use AES-128-CTR, use this algorithm with
+ * a key of type #PSA_KEY_TYPE_AES and a length of 128 bits (16 bytes).
+ */
+#define PSA_ALG_CTR                             ((psa_algorithm_t)0x04c00001)
+
+#define PSA_ALG_CFB                             ((psa_algorithm_t)0x04c00002)
+
+#define PSA_ALG_OFB                             ((psa_algorithm_t)0x04c00003)
+
+/** The XTS cipher mode.
+ *
+ * XTS is a cipher mode which is built from a block cipher. It requires at
+ * least one full block of input, but beyond this minimum the input
+ * does not need to be a whole number of blocks.
+ */
+#define PSA_ALG_XTS                             ((psa_algorithm_t)0x044000ff)
+
+/** The CBC block cipher chaining mode, with no padding.
+ *
+ * The underlying block cipher is determined by the key type.
+ *
+ * This symmetric cipher mode can only be used with messages whose lengths
+ * are whole number of blocks for the chosen block cipher.
+ */
+#define PSA_ALG_CBC_NO_PADDING                  ((psa_algorithm_t)0x04600100)
+
+/** The CBC block cipher chaining mode with PKCS#7 padding.
+ *
+ * The underlying block cipher is determined by the key type.
+ *
+ * This is the padding method defined by PKCS#7 (RFC 2315) &sect;10.3.
+ */
+#define PSA_ALG_CBC_PKCS7                       ((psa_algorithm_t)0x04600101)
+
+#define PSA_ALG_CCM                             ((psa_algorithm_t)0x06001001)
+#define PSA_ALG_GCM                             ((psa_algorithm_t)0x06001002)
+
+/* In the encoding of a AEAD algorithm, the bits corresponding to
+ * PSA_ALG_AEAD_TAG_LENGTH_MASK encode the length of the AEAD tag.
+ * The constants for default lengths follow this encoding.
+ */
+#define PSA_ALG_AEAD_TAG_LENGTH_MASK            ((psa_algorithm_t)0x00003f00)
+#define PSA_AEAD_TAG_LENGTH_OFFSET 8
+
+/** Macro to build a shortened AEAD algorithm.
+ *
+ * A shortened AEAD algorithm is similar to the corresponding AEAD
+ * algorithm, but has an authentication tag that consists of fewer bytes.
+ * Depending on the algorithm, the tag length may affect the calculation
+ * of the ciphertext.
+ *
+ * \param alg           A AEAD algorithm identifier (value of type
+ *                      #psa_algorithm_t such that #PSA_ALG_IS_AEAD(\p alg)
+ *                      is true).
+ * \param tag_length    Desired length of the authentication tag in bytes.
+ *
+ * \return              The corresponding AEAD algorithm with the specified
+ *                      length.
+ * \return              Unspecified if \p alg is not a supported
+ *                      AEAD algorithm or if \p tag_length is not valid
+ *                      for the specified AEAD algorithm.
+ */
+#define PSA_ALG_AEAD_WITH_TAG_LENGTH(alg, tag_length)                   \
+    (((alg) & ~PSA_ALG_AEAD_TAG_LENGTH_MASK) |                          \
+     ((tag_length) << PSA_AEAD_TAG_LENGTH_OFFSET &                      \
+      PSA_ALG_AEAD_TAG_LENGTH_MASK))
+
+/** Calculate the corresponding AEAD algorithm with the default tag length.
+ *
+ * \param alg   An AEAD algorithm (\c PSA_ALG_XXX value such that
+ *              #PSA_ALG_IS_AEAD(\p alg) is true).
+ *
+ * \return      The corresponding AEAD algorithm with the default tag length
+ *              for that algorithm.
+ */
+#define PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg)                       \
+    (                                                                   \
+        PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, PSA_ALG_CCM)   \
+        PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, PSA_ALG_GCM)   \
+        0)
+#define PSA__ALG_AEAD_WITH_DEFAULT_TAG_LENGTH__CASE(alg, ref) \
+    PSA_ALG_AEAD_WITH_TAG_LENGTH(alg, 0) == \
+    PSA_ALG_AEAD_WITH_TAG_LENGTH(ref, 0) ?  \
+    ref :
+
+#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE          ((psa_algorithm_t)0x10020000)
+/** RSA PKCS#1 v1.5 signature with hashing.
+ *
+ * This is the signature scheme defined by RFC 8017
+ * (PKCS#1: RSA Cryptography Specifications) under the name
+ * RSASSA-PKCS1-v1_5.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *
+ * \return              The corresponding RSA PKCS#1 v1.5 signature algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg)                             \
+    (PSA_ALG_RSA_PKCS1V15_SIGN_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+/** Raw PKCS#1 v1.5 signature.
+ *
+ * The input to this algorithm is the DigestInfo structure used by
+ * RFC 8017 (PKCS#1: RSA Cryptography Specifications), &sect;9.2
+ * steps 3&ndash;6.
+ */
+#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE
+#define PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg)                               \
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PKCS1V15_SIGN_BASE)
+
+#define PSA_ALG_RSA_PSS_BASE               ((psa_algorithm_t)0x10030000)
+/** RSA PSS signature with hashing.
+ *
+ * This is the signature scheme defined by RFC 8017
+ * (PKCS#1: RSA Cryptography Specifications) under the name
+ * RSASSA-PSS, with the message generation function MGF1, and with
+ * a salt length equal to the length of the hash. The specified
+ * hash algorithm is used to hash the input message, to create the
+ * salted hash, and for the mask generation.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *
+ * \return              The corresponding RSA PSS signature algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_RSA_PSS(hash_alg)                               \
+    (PSA_ALG_RSA_PSS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_IS_RSA_PSS(alg)                                 \
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_PSS_BASE)
+
+#define PSA_ALG_DSA_BASE                        ((psa_algorithm_t)0x10040000)
+/** DSA signature with hashing.
+ *
+ * This is the signature scheme defined by FIPS 186-4,
+ * with a random per-message secret number (*k*).
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *
+ * \return              The corresponding DSA signature algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_DSA(hash_alg)                             \
+    (PSA_ALG_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_DETERMINISTIC_DSA_BASE          ((psa_algorithm_t)0x10050000)
+#define PSA_ALG_DSA_DETERMINISTIC_FLAG          ((psa_algorithm_t)0x00010000)
+#define PSA_ALG_DETERMINISTIC_DSA(hash_alg)                             \
+    (PSA_ALG_DETERMINISTIC_DSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_IS_DSA(alg)                                             \
+    (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) ==  \
+     PSA_ALG_DSA_BASE)
+#define PSA_ALG_DSA_IS_DETERMINISTIC(alg)               \
+    (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
+#define PSA_ALG_IS_DETERMINISTIC_DSA(alg)                       \
+    (PSA_ALG_IS_DSA(alg) && PSA_ALG_DSA_IS_DETERMINISTIC(alg))
+#define PSA_ALG_IS_RANDOMIZED_DSA(alg)                          \
+    (PSA_ALG_IS_DSA(alg) && !PSA_ALG_DSA_IS_DETERMINISTIC(alg))
+
+#define PSA_ALG_ECDSA_BASE                      ((psa_algorithm_t)0x10060000)
+/** ECDSA signature with hashing.
+ *
+ * This is the ECDSA signature scheme defined by ANSI X9.62,
+ * with a random per-message secret number (*k*).
+ *
+ * The representation of the signature as a byte string consists of
+ * the concatentation of the signature values *r* and *s*. Each of
+ * *r* and *s* is encoded as an *N*-octet string, where *N* is the length
+ * of the base point of the curve in octets. Each value is represented
+ * in big-endian order (most significant octet first).
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *
+ * \return              The corresponding ECDSA signature algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_ECDSA(hash_alg)                                 \
+    (PSA_ALG_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+/** ECDSA signature without hashing.
+ *
+ * This is the same signature scheme as #PSA_ALG_ECDSA(), but
+ * without specifying a hash algorithm. This algorithm may only be
+ * used to sign or verify a sequence of bytes that should be an
+ * already-calculated hash. Note that the input is padded with
+ * zeros on the left or truncated on the left as required to fit
+ * the curve size.
+ */
+#define PSA_ALG_ECDSA_ANY PSA_ALG_ECDSA_BASE
+#define PSA_ALG_DETERMINISTIC_ECDSA_BASE        ((psa_algorithm_t)0x10070000)
+/** Deterministic ECDSA signature with hashing.
+ *
+ * This is the deterministic ECDSA signature scheme defined by RFC 6979.
+ *
+ * The representation of a signature is the same as with #PSA_ALG_ECDSA().
+ *
+ * Note that when this algorithm is used for verification, signatures
+ * made with randomized ECDSA (#PSA_ALG_ECDSA(\p hash_alg)) with the
+ * same private key are accepted. In other words,
+ * #PSA_ALG_DETERMINISTIC_ECDSA(\p hash_alg) differs from
+ * #PSA_ALG_ECDSA(\p hash_alg) only for signature, not for verification.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *
+ * \return              The corresponding deterministic ECDSA signature
+ *                      algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_DETERMINISTIC_ECDSA(hash_alg)                           \
+    (PSA_ALG_DETERMINISTIC_ECDSA_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_IS_ECDSA(alg)                                           \
+    (((alg) & ~PSA_ALG_HASH_MASK & ~PSA_ALG_DSA_DETERMINISTIC_FLAG) ==  \
+     PSA_ALG_ECDSA_BASE)
+#define PSA_ALG_ECDSA_IS_DETERMINISTIC(alg)             \
+    (((alg) & PSA_ALG_DSA_DETERMINISTIC_FLAG) != 0)
+#define PSA_ALG_IS_DETERMINISTIC_ECDSA(alg)                             \
+    (PSA_ALG_IS_ECDSA(alg) && PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
+#define PSA_ALG_IS_RANDOMIZED_ECDSA(alg)                                \
+    (PSA_ALG_IS_ECDSA(alg) && !PSA_ALG_ECDSA_IS_DETERMINISTIC(alg))
+
+/** Get the hash used by a hash-and-sign signature algorithm.
+ *
+ * A hash-and-sign algorithm is a signature algorithm which is
+ * composed of two phases: first a hashing phase which does not use
+ * the key and produces a hash of the input message, then a signing
+ * phase which only uses the hash and the key and not the message
+ * itself.
+ *
+ * \param alg   A signature algorithm (\c PSA_ALG_XXX value such that
+ *              #PSA_ALG_IS_SIGN(\p alg) is true).
+ *
+ * \return      The underlying hash algorithm if \p alg is a hash-and-sign
+ *              algorithm.
+ * \return      0 if \p alg is a signature algorithm that does not
+ *              follow the hash-and-sign structure.
+ * \return      Unspecified if \p alg is not a signature algorithm or
+ *              if it is not supported by the implementation.
+ */
+#define PSA_ALG_SIGN_GET_HASH(alg)                                     \
+    (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) ||   \
+     PSA_ALG_IS_DSA(alg) || PSA_ALG_IS_ECDSA(alg) ?                    \
+     ((alg) & PSA_ALG_HASH_MASK) == 0 ? /*"raw" algorithm*/ 0 :        \
+     ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH :             \
+     0)
+
+/** RSA PKCS#1 v1.5 encryption.
+ */
+#define PSA_ALG_RSA_PKCS1V15_CRYPT              ((psa_algorithm_t)0x12020000)
+
+#define PSA_ALG_RSA_OAEP_BASE                   ((psa_algorithm_t)0x12030000)
+/** RSA OAEP encryption.
+ *
+ * This is the encryption scheme defined by RFC 8017
+ * (PKCS#1: RSA Cryptography Specifications) under the name
+ * RSAES-OAEP, with the message generation function MGF1.
+ *
+ * \param hash_alg      The hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true) to use
+ *                      for MGF1.
+ *
+ * \return              The corresponding RSA OAEP signature algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_RSA_OAEP(hash_alg)                              \
+    (PSA_ALG_RSA_OAEP_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+#define PSA_ALG_IS_RSA_OAEP(alg)                                \
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_RSA_OAEP_BASE)
+#define PSA_ALG_RSA_OAEP_GET_HASH(alg)                          \
+    (PSA_ALG_IS_RSA_OAEP(alg) ?                                 \
+     ((alg) & PSA_ALG_HASH_MASK) | PSA_ALG_CATEGORY_HASH :      \
+     0)
+
+#define PSA_ALG_HKDF_BASE                       ((psa_algorithm_t)0x30000100)
+/** Macro to build an HKDF algorithm.
+ *
+ * For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *
+ * \return              The corresponding HKDF algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_HKDF(hash_alg)                                  \
+    (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+/** Whether the specified algorithm is an HKDF algorithm.
+ *
+ * HKDF is a family of key derivation algorithms that are based on a hash
+ * function and the HMAC construction.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is an HKDF algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         key derivation algorithm identifier.
+ */
+#define PSA_ALG_IS_HKDF(alg)                            \
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_HKDF_BASE)
+#define PSA_ALG_HKDF_GET_HASH(hkdf_alg)                         \
+    (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
+
+#define PSA_ALG_TLS12_PRF_BASE                     ((psa_algorithm_t)0x30000200)
+/** Macro to build a TLS-1.2 PRF algorithm.
+ *
+ * TLS 1.2 uses a custom pseudorandom function (PRF) for key schedule,
+ * specified in Section 5 of RFC 5246. It is based on HMAC and can be
+ * used with either SHA-256 or SHA-384.
+ *
+ * For the application to TLS-1.2, the salt and label arguments passed
+ * to psa_key_derivation() are what's called 'seed' and 'label' in RFC 5246,
+ * respectively. For example, for TLS key expansion, the salt is the
+ * concatenation of ServerHello.Random + ClientHello.Random,
+ * while the label is "key expansion".
+ *
+ * For example, `PSA_ALG_TLS12_PRF(PSA_ALG_SHA256)` represents the
+ * TLS 1.2 PRF using HMAC-SHA-256.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *
+ * \return              The corresponding TLS-1.2 PRF algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_TLS12_PRF(hash_alg)                                  \
+    (PSA_ALG_TLS12_PRF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+
+/** Whether the specified algorithm is a TLS-1.2 PRF algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a TLS-1.2 PRF algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         key derivation algorithm identifier.
+ */
+#define PSA_ALG_IS_TLS12_PRF(alg)                                    \
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PRF_BASE)
+#define PSA_ALG_TLS12_PRF_GET_HASH(hkdf_alg)                         \
+    (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
+
+#define PSA_ALG_TLS12_PSK_TO_MS_BASE ((psa_algorithm_t)0x30000300)
+/** Macro to build a TLS-1.2 PSK-to-MasterSecret algorithm.
+ *
+ * In a pure-PSK handshake in TLS 1.2, the master secret is derived
+ * from the PreSharedKey (PSK) through the application of padding
+ * (RFC 4279, Section 2) and the TLS-1.2 PRF (RFC 5246, Section 5).
+ * The latter is based on HMAC and can be used with either SHA-256
+ * or SHA-384.
+ *
+ * For the application to TLS-1.2, the salt passed to psa_key_derivation()
+ * (and forwarded to the TLS-1.2 PRF) is the concatenation of the
+ * ClientHello.Random + ServerHello.Random, while the label is "master secret"
+ * or "extended master secret".
+ *
+ * For example, `PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA256)` represents the
+ * TLS-1.2 PSK to MasterSecret derivation PRF using HMAC-SHA-256.
+ *
+ * \param hash_alg      A hash algorithm (\c PSA_ALG_XXX value such that
+ *                      #PSA_ALG_IS_HASH(\p hash_alg) is true).
+ *
+ * \return              The corresponding TLS-1.2 PSK to MS algorithm.
+ * \return              Unspecified if \p alg is not a supported
+ *                      hash algorithm.
+ */
+#define PSA_ALG_TLS12_PSK_TO_MS(hash_alg)                                  \
+    (PSA_ALG_TLS12_PSK_TO_MS_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
+
+/** Whether the specified algorithm is a TLS-1.2 PSK to MS algorithm.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a TLS-1.2 PSK to MS algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         key derivation algorithm identifier.
+ */
+#define PSA_ALG_IS_TLS12_PSK_TO_MS(alg)                                    \
+    (((alg) & ~PSA_ALG_HASH_MASK) == PSA_ALG_TLS12_PSK_TO_MS_BASE)
+#define PSA_ALG_TLS12_PSK_TO_MS_GET_HASH(hkdf_alg)                         \
+    (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK))
+
+#define PSA_ALG_KEY_DERIVATION_MASK             ((psa_algorithm_t)0x010fffff)
+
+/** Use a shared secret as is.
+ *
+ * Specify this algorithm as the selection component of a key agreement
+ * to use the raw result of the key agreement as key material.
+ *
+ * \warning The raw result of a key agreement algorithm such as finite-field
+ * Diffie-Hellman or elliptic curve Diffie-Hellman has biases and should
+ * not be used directly as key material. It can however be used as the secret
+ * input in a key derivation algorithm.
+ */
+#define PSA_ALG_SELECT_RAW                      ((psa_algorithm_t)0x31000001)
+
+#define PSA_ALG_KEY_AGREEMENT_GET_KDF(alg)                              \
+    (((alg) & PSA_ALG_KEY_DERIVATION_MASK) | PSA_ALG_CATEGORY_KEY_DERIVATION)
+
+#define PSA_ALG_KEY_AGREEMENT_GET_BASE(alg)                              \
+    ((alg) & ~PSA_ALG_KEY_DERIVATION_MASK)
+
+#define PSA_ALG_FFDH_BASE                       ((psa_algorithm_t)0x22100000)
+/** The Diffie-Hellman key agreement algorithm.
+ *
+ * This algorithm combines the finite-field Diffie-Hellman (DH) key
+ * agreement, also known as Diffie-Hellman-Merkle (DHM) key agreement,
+ * to produce a shared secret from a private key and the peer's
+ * public key, with a key selection or key derivation algorithm to produce
+ * one or more shared keys and other shared cryptographic material.
+ *
+ * The shared secret produced by key agreement and passed as input to the
+ * derivation or selection algorithm \p kdf_alg is the shared secret
+ * `g^{ab}` in big-endian format.
+ * It is `ceiling(m / 8)` bytes long where `m` is the size of the prime `p`
+ * in bits.
+ *
+ * \param kdf_alg       A key derivation algorithm (\c PSA_ALG_XXX value such
+ *                      that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true)
+ *                      or a key selection algorithm (\c PSA_ALG_XXX value such
+ *                      that #PSA_ALG_IS_KEY_SELECTION(\p hash_alg) is true).
+ *
+ * \return              The Diffie-Hellman algorithm with the specified
+ *                      selection or derivation algorithm.
+ */
+#define PSA_ALG_FFDH(kdf_alg) \
+    (PSA_ALG_FFDH_BASE | ((kdf_alg) & PSA_ALG_KEY_DERIVATION_MASK))
+/** Whether the specified algorithm is a finite field Diffie-Hellman algorithm.
+ *
+ * This includes every supported key selection or key agreement algorithm
+ * for the output of the Diffie-Hellman calculation.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is a finite field Diffie-Hellman algorithm, 0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         key agreement algorithm identifier.
+ */
+#define PSA_ALG_IS_FFDH(alg) \
+    (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_FFDH_BASE)
+
+#define PSA_ALG_ECDH_BASE                       ((psa_algorithm_t)0x22200000)
+/** The elliptic curve Diffie-Hellman (ECDH) key agreement algorithm.
+ *
+ * This algorithm combines the elliptic curve Diffie-Hellman key
+ * agreement to produce a shared secret from a private key and the peer's
+ * public key, with a key selection or key derivation algorithm to produce
+ * one or more shared keys and other shared cryptographic material.
+ *
+ * The shared secret produced by key agreement and passed as input to the
+ * derivation or selection algorithm \p kdf_alg is the x-coordinate of
+ * the shared secret point. It is always `ceiling(m / 8)` bytes long where
+ * `m` is the bit size associated with the curve, i.e. the bit size of the
+ * order of the curve's coordinate field. When `m` is not a multiple of 8,
+ * the byte containing the most significant bit of the shared secret
+ * is padded with zero bits. The byte order is either little-endian
+ * or big-endian depending on the curve type.
+ *
+ * - For Montgomery curves (curve types `PSA_ECC_CURVE_CURVEXXX`),
+ *   the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
+ *   in little-endian byte order.
+ *   The bit size is 448 for Curve448 and 255 for Curve25519.
+ * - For Weierstrass curves over prime fields (curve types
+ *   `PSA_ECC_CURVE_SECPXXX` and `PSA_ECC_CURVE_BRAINPOOL_PXXX`),
+ *   the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
+ *   in big-endian byte order.
+ *   The bit size is `m = ceiling(log_2(p))` for the field `F_p`.
+ * - For Weierstrass curves over binary fields (curve types
+ *   `PSA_ECC_CURVE_SECTXXX`),
+ *   the shared secret is the x-coordinate of `d_A Q_B = d_B Q_A`
+ *   in big-endian byte order.
+ *   The bit size is `m` for the field `F_{2^m}`.
+ *
+ * \param kdf_alg       A key derivation algorithm (\c PSA_ALG_XXX value such
+ *                      that #PSA_ALG_IS_KEY_DERIVATION(\p hash_alg) is true)
+ *                      or a selection algorithm (\c PSA_ALG_XXX value such
+ *                      that #PSA_ALG_IS_KEY_SELECTION(\p hash_alg) is true).
+ *
+ * \return              The Diffie-Hellman algorithm with the specified
+ *                      selection or derivation algorithm.
+ */
+#define PSA_ALG_ECDH(kdf_alg) \
+    (PSA_ALG_ECDH_BASE | ((kdf_alg) & PSA_ALG_KEY_DERIVATION_MASK))
+/** Whether the specified algorithm is an elliptic curve Diffie-Hellman
+ * algorithm.
+ *
+ * This includes every supported key selection or key agreement algorithm
+ * for the output of the Diffie-Hellman calculation.
+ *
+ * \param alg An algorithm identifier (value of type #psa_algorithm_t).
+ *
+ * \return 1 if \c alg is an elliptic curve Diffie-Hellman algorithm,
+ *         0 otherwise.
+ *         This macro may return either 0 or 1 if \c alg is not a supported
+ *         key agreement algorithm identifier.
+ */
+#define PSA_ALG_IS_ECDH(alg) \
+    (PSA_ALG_KEY_AGREEMENT_GET_BASE(alg) == PSA_ALG_ECDH_BASE)
+
+/**@}*/
+
+/** \defgroup key_lifetimes Key lifetimes
+ * @{
+ */
+
+/** A volatile key only exists as long as the handle to it is not closed.
+ * The key material is guaranteed to be erased on a power reset.
+ */
+#define PSA_KEY_LIFETIME_VOLATILE               ((psa_key_lifetime_t)0x00000000)
+
+/** The default storage area for persistent keys.
+ *
+ * A persistent key remains in storage until it is explicitly destroyed or
+ * until the corresponding storage area is wiped. This specification does
+ * not define any mechanism to wipe a storage area, but implementations may
+ * provide their own mechanism (for example to perform a factory reset,
+ * to prepare for device refurbishment, or to uninstall an application).
+ *
+ * This lifetime value is the default storage area for the calling
+ * application. Implementations may offer other storage areas designated
+ * by other lifetime values as implementation-specific extensions.
+ */
+#define PSA_KEY_LIFETIME_PERSISTENT             ((psa_key_lifetime_t)0x00000001)
+
+/**@}*/
+
+/** \defgroup policy Key policies
+ * @{
+ */
+
+/** Whether the key may be exported.
+ *
+ * A public key or the public part of a key pair may always be exported
+ * regardless of the value of this permission flag.
+ *
+ * If a key does not have export permission, implementations shall not
+ * allow the key to be exported in plain form from the cryptoprocessor,
+ * whether through psa_export_key() or through a proprietary interface.
+ * The key may however be exportable in a wrapped form, i.e. in a form
+ * where it is encrypted by another key.
+ */
+#define PSA_KEY_USAGE_EXPORT                    ((psa_key_usage_t)0x00000001)
+
+/** Whether the key may be used to encrypt a message.
+ *
+ * This flag allows the key to be used for a symmetric encryption operation,
+ * for an AEAD encryption-and-authentication operation,
+ * or for an asymmetric encryption operation,
+ * if otherwise permitted by the key's type and policy.
+ *
+ * For a key pair, this concerns the public key.
+ */
+#define PSA_KEY_USAGE_ENCRYPT                   ((psa_key_usage_t)0x00000100)
+
+/** Whether the key may be used to decrypt a message.
+ *
+ * This flag allows the key to be used for a symmetric decryption operation,
+ * for an AEAD decryption-and-verification operation,
+ * or for an asymmetric decryption operation,
+ * if otherwise permitted by the key's type and policy.
+ *
+ * For a key pair, this concerns the private key.
+ */
+#define PSA_KEY_USAGE_DECRYPT                   ((psa_key_usage_t)0x00000200)
+
+/** Whether the key may be used to sign a message.
+ *
+ * This flag allows the key to be used for a MAC calculation operation
+ * or for an asymmetric signature operation,
+ * if otherwise permitted by the key's type and policy.
+ *
+ * For a key pair, this concerns the private key.
+ */
+#define PSA_KEY_USAGE_SIGN                      ((psa_key_usage_t)0x00000400)
+
+/** Whether the key may be used to verify a message signature.
+ *
+ * This flag allows the key to be used for a MAC verification operation
+ * or for an asymmetric signature verification operation,
+ * if otherwise permitted by by the key's type and policy.
+ *
+ * For a key pair, this concerns the public key.
+ */
+#define PSA_KEY_USAGE_VERIFY                    ((psa_key_usage_t)0x00000800)
+
+/** Whether the key may be used to derive other keys.
+ */
+#define PSA_KEY_USAGE_DERIVE                    ((psa_key_usage_t)0x00001000)
+
+/**@}*/
+
+#endif /* PSA_CRYPTO_VALUES_H */
diff --git a/programs/Makefile b/programs/Makefile
index f3627c906..2792b0913 100644
--- a/programs/Makefile
+++ b/programs/Makefile
@@ -103,7 +103,7 @@ EXTRA_GENERATED += psa/psa_constant_names_generated.c
 endif
 
 psa/psa_constant_names$(EXEXT): psa/psa_constant_names_generated.c
-psa/psa_constant_names_generated.c: ../scripts/generate_psa_constants.py ../include/psa/crypto.h
+psa/psa_constant_names_generated.c: ../scripts/generate_psa_constants.py ../include/psa/crypto_values.h
 	../scripts/generate_psa_constants.py
 
 aes/aescrypt2$(EXEXT): aes/aescrypt2.c $(DEP)
diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py
index 7e4420b69..3e4e88b77 100755
--- a/scripts/generate_psa_constants.py
+++ b/scripts/generate_psa_constants.py
@@ -285,5 +285,5 @@ def generate_psa_constants(header_file_name, output_file_name):
 if __name__ == '__main__':
     if not os.path.isdir('programs') and os.path.isdir('../programs'):
         os.chdir('..')
-    generate_psa_constants('include/psa/crypto.h',
+    generate_psa_constants('include/psa/crypto_values.h',
                            'programs/psa/psa_constant_names_generated.c')
diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 366b97e55..bf9035a39 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -231,6 +231,8 @@
     <ClInclude Include="..\..\include\psa\crypto_platform.h" />
     <ClInclude Include="..\..\include\psa\crypto_sizes.h" />
     <ClInclude Include="..\..\include\psa\crypto_struct.h" />
+    <ClInclude Include="..\..\include\psa\crypto_types.h" />
+    <ClInclude Include="..\..\include\psa\crypto_values.h" />
     <ClInclude Include="..\..\library/psa_crypto_core.h" />
     <ClInclude Include="..\..\library/psa_crypto_invasive.h" />
     <ClInclude Include="..\..\library/psa_crypto_slot_management.h" />

From a7c26db33555af1dc6c35c16244bf9242c64b54b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 12 Dec 2018 13:42:25 +0100
Subject: [PATCH 886/889] Move remaining size macros from crypto.h to
 crypto_sizes.h

No functional changes, code was only moved from crypto.h to crypto_sizes.h.
---
 include/psa/crypto.h       | 72 --------------------------------------
 include/psa/crypto_sizes.h | 72 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 72 insertions(+), 72 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 4669b2a53..fa8045cf4 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -53,9 +53,6 @@ typedef _unsigned_integral_type_ psa_key_handle_t;
 extern "C" {
 #endif
 
-#define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8)
-#define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8)
-
 /* The file "crypto_types.h" declares types that encode errors,
  * algorithms, key types, policies, etc. */
 #include "crypto_types.h"
@@ -680,39 +677,6 @@ psa_status_t psa_get_key_policy(psa_key_handle_t handle,
  * as directed by the documentation of a specific implementation. */
 typedef struct psa_hash_operation_s psa_hash_operation_t;
 
-/** The size of the output of psa_hash_finish(), in bytes.
- *
- * This is also the hash size that psa_hash_verify() expects.
- *
- * \param alg   A hash algorithm (\c PSA_ALG_XXX value such that
- *              #PSA_ALG_IS_HASH(\p alg) is true), or an HMAC algorithm
- *              (#PSA_ALG_HMAC(\c hash_alg) where \c hash_alg is a
- *              hash algorithm).
- *
- * \return The hash size for the specified hash algorithm.
- *         If the hash algorithm is not recognized, return 0.
- *         An implementation may return either 0 or the correct size
- *         for a hash algorithm that it recognizes, but does not support.
- */
-#define PSA_HASH_SIZE(alg)                                      \
-    (                                                           \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 :            \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 16 :            \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 :            \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 :      \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 :          \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28 :        \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32 :        \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48 :        \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64 :        \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 :    \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 :    \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28 :       \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32 :       \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48 :       \
-        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64 :       \
-        0)
-
 /** Start a multipart hash operation.
  *
  * The sequence of operations to calculate a hash (message digest)
@@ -1433,26 +1397,6 @@ psa_status_t psa_cipher_abort(psa_cipher_operation_t *operation);
  * @{
  */
 
-/** The tag size for an AEAD algorithm, in bytes.
- *
- * \param alg                 An AEAD algorithm
- *                            (\c PSA_ALG_XXX value such that
- *                            #PSA_ALG_IS_AEAD(\p alg) is true).
- *
- * \return                    The tag size for the specified algorithm.
- *                            If the AEAD algorithm does not have an identified
- *                            tag that can be distinguished from the rest of
- *                            the ciphertext, return 0.
- *                            If the AEAD algorithm is not recognized, return 0.
- *                            An implementation may return either 0 or a
- *                            correct size for an AEAD algorithm that it
- *                            recognizes, but does not support.
- */
-#define PSA_AEAD_TAG_LENGTH(alg)                                        \
-    (PSA_ALG_IS_AEAD(alg) ?                                             \
-     (((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET) : \
-     0)
-
 /** Process an authenticated encryption operation.
  *
  * \param handle                  Handle to the key to use for the operation.
@@ -1575,17 +1519,6 @@ psa_status_t psa_aead_decrypt(psa_key_handle_t handle,
  * @{
  */
 
-/**
- * \brief ECDSA signature size for a given curve bit size
- *
- * \param curve_bits    Curve size in bits.
- * \return              Signature size in bytes.
- *
- * \note This macro returns a compile-time constant if its argument is one.
- */
-#define PSA_ECDSA_SIGNATURE_SIZE(curve_bits)    \
-    (PSA_BITS_TO_BYTES(curve_bits) * 2)
-
 /**
  * \brief Sign a hash or short message with a private key.
  *
@@ -1675,11 +1608,6 @@ psa_status_t psa_asymmetric_verify(psa_key_handle_t handle,
                                    const uint8_t *signature,
                                    size_t signature_length);
 
-#define PSA_RSA_MINIMUM_PADDING_SIZE(alg)                               \
-    (PSA_ALG_IS_RSA_OAEP(alg) ?                                         \
-     2 * PSA_HASH_FINAL_SIZE(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 :      \
-     11 /*PKCS#1v1.5*/)
-
 /**
  * \brief Encrypt a short message with a public key.
  *
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index 7e1795673..5ad695a39 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -50,6 +50,42 @@
 #include MBEDTLS_CONFIG_FILE
 #endif
 
+#define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8)
+#define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8)
+
+/** The size of the output of psa_hash_finish(), in bytes.
+ *
+ * This is also the hash size that psa_hash_verify() expects.
+ *
+ * \param alg   A hash algorithm (\c PSA_ALG_XXX value such that
+ *              #PSA_ALG_IS_HASH(\p alg) is true), or an HMAC algorithm
+ *              (#PSA_ALG_HMAC(\c hash_alg) where \c hash_alg is a
+ *              hash algorithm).
+ *
+ * \return The hash size for the specified hash algorithm.
+ *         If the hash algorithm is not recognized, return 0.
+ *         An implementation may return either 0 or the correct size
+ *         for a hash algorithm that it recognizes, but does not support.
+ */
+#define PSA_HASH_SIZE(alg)                                      \
+    (                                                           \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 :            \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 16 :            \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 :            \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 :      \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 :          \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_224 ? 28 :        \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_256 ? 32 :        \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_384 ? 48 :        \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512 ? 64 :        \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 :    \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 :    \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_224 ? 28 :       \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_256 ? 32 :       \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_384 ? 48 :       \
+        PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA3_512 ? 64 :       \
+        0)
+
 /** \def PSA_HASH_MAX_SIZE
  *
  * Maximum size of a hash.
@@ -84,6 +120,26 @@
  */
 #define PSA_MAC_MAX_SIZE PSA_HASH_MAX_SIZE
 
+/** The tag size for an AEAD algorithm, in bytes.
+ *
+ * \param alg                 An AEAD algorithm
+ *                            (\c PSA_ALG_XXX value such that
+ *                            #PSA_ALG_IS_AEAD(\p alg) is true).
+ *
+ * \return                    The tag size for the specified algorithm.
+ *                            If the AEAD algorithm does not have an identified
+ *                            tag that can be distinguished from the rest of
+ *                            the ciphertext, return 0.
+ *                            If the AEAD algorithm is not recognized, return 0.
+ *                            An implementation may return either 0 or a
+ *                            correct size for an AEAD algorithm that it
+ *                            recognizes, but does not support.
+ */
+#define PSA_AEAD_TAG_LENGTH(alg)                                        \
+    (PSA_ALG_IS_AEAD(alg) ?                                             \
+     (((alg) & PSA_ALG_AEAD_TAG_LENGTH_MASK) >> PSA_AEAD_TAG_LENGTH_OFFSET) : \
+     0)
+
 /* The maximum size of an RSA key on this implementation, in bits.
  * This is a vendor-specific macro.
  *
@@ -236,6 +292,22 @@
      (plaintext_length) - PSA_AEAD_TAG_LENGTH(alg) :              \
      0)
 
+#define PSA_RSA_MINIMUM_PADDING_SIZE(alg)                               \
+    (PSA_ALG_IS_RSA_OAEP(alg) ?                                         \
+     2 * PSA_HASH_FINAL_SIZE(PSA_ALG_RSA_OAEP_GET_HASH(alg)) + 1 :      \
+     11 /*PKCS#1v1.5*/)
+
+/**
+ * \brief ECDSA signature size for a given curve bit size
+ *
+ * \param curve_bits    Curve size in bits.
+ * \return              Signature size in bytes.
+ *
+ * \note This macro returns a compile-time constant if its argument is one.
+ */
+#define PSA_ECDSA_SIGNATURE_SIZE(curve_bits)    \
+    (PSA_BITS_TO_BYTES(curve_bits) * 2)
+
 /** Safe signature buffer size for psa_asymmetric_sign().
  *
  * This macro returns a safe buffer size for a signature using a key

From 2d59b2cd6bd1fe0c862b02c140f3b40b24accc06 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 12 Dec 2018 13:51:19 +0100
Subject: [PATCH 887/889] crypto_driver.h: get type definitions from
 crypto_enum.h

Now that the type definitions that are useful for driver are in a
separate header file from the application interface function
declarations, include that header file in crypto_driver.h.
---
 include/psa/crypto_driver.h | 28 ++++++++++++++++------------
 1 file changed, 16 insertions(+), 12 deletions(-)

diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_driver.h
index a52ecc427..43b3cf760 100644
--- a/include/psa/crypto_driver.h
+++ b/include/psa/crypto_driver.h
@@ -35,19 +35,23 @@
 extern "C" {
 #endif
 
-/** The following types are redefinitions from the psa/crypto.h file.
- * It is intended that these will be moved to a new common header file to
- * avoid duplication. They are included here for expediency in publication.
- */
-typedef uint32_t psa_status_t;
-typedef uint32_t psa_algorithm_t;
-typedef uint8_t psa_encrypt_or_decrypt_t;
-typedef uint32_t psa_key_slot_t;
-typedef uint32_t psa_key_type_t;
-typedef uint32_t psa_key_usage_t;
+/* Include type definitions (psa_status_t, psa_algorithm_t,
+ * psa_key_type_t, etc.) and macros to build and analyze values
+ * of these types. */
+#include "crypto_types.h"
+#include "crypto_values.h"
 
-#define PSA_CRYPTO_DRIVER_ENCRYPT 1
-#define PSA_CRYPTO_DRIVER_DECRYPT 0
+/** An internal designation of a key slot between the core part of the
+ * PSA Crypto implementation and the driver. The meaning of this value
+ * is driver-dependent. */
+typedef uint32_t psa_key_slot_t;
+
+/** For encrypt-decrypt functions, whether the operation is an encryption
+ * or a decryption. */
+typedef enum {
+    PSA_CRYPTO_DRIVER_DECRYPT,
+    PSA_CRYPTO_DRIVER_ENCRYPT
+} psa_encrypt_or_decrypt_t;
 
 /** \defgroup opaque_mac Opaque Message Authentication Code
  * Generation and authentication of Message Authentication Codes (MACs) using

From 5e9c9cca030fcb38125ce59ef196064170063773 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 12 Dec 2018 14:02:48 +0100
Subject: [PATCH 888/889] Document macros that were referenced

Macros that are referenced need to be documented, otherwise Doxygen
has nothing to link to.
---
 include/psa/crypto_values.h | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index d83ad1be9..4d25835be 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -446,9 +446,11 @@
 #define PSA_KEY_TYPE_IS_ECC(type)                                       \
     ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) &                        \
       ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
+/** Whether a key type is an elliptic curve key pair. */
 #define PSA_KEY_TYPE_IS_ECC_KEYPAIR(type)                               \
     (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) ==                         \
      PSA_KEY_TYPE_ECC_KEYPAIR_BASE)
+/** Whether a key type is an elliptic curve public key. */
 #define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type)                            \
     (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) ==                         \
      PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)

From 75976895c66d99a5053e681033ae659cb8730ee9 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 12 Dec 2018 15:55:09 +0100
Subject: [PATCH 889/889] Split crypto_driver.h into one for each driver type

Split crypto_driver.h into 4:
* crypto_driver_common.h for common definitions, not meant to be
  included directly by driver code.
* crypto_accel_driver.h for drivers that work with transparent
  key material.
* crypto_se_driver.h for drivers that work with opaque key
  material.
* crypto_entropy_driver.h for drivers of entropy sources.

There is no code change in this commit, I only moved some code around.
---
 include/psa/crypto_accel_driver.h             | 796 ++++++++++++++++
 include/psa/crypto_driver_common.h            |  54 ++
 include/psa/crypto_entropy_driver.h           | 111 +++
 .../{crypto_driver.h => crypto_se_driver.h}   | 855 +-----------------
 visualc/VS2010/mbedTLS.vcxproj                |   5 +-
 5 files changed, 978 insertions(+), 843 deletions(-)
 create mode 100644 include/psa/crypto_accel_driver.h
 create mode 100644 include/psa/crypto_driver_common.h
 create mode 100644 include/psa/crypto_entropy_driver.h
 rename include/psa/{crypto_driver.h => crypto_se_driver.h} (52%)

diff --git a/include/psa/crypto_accel_driver.h b/include/psa/crypto_accel_driver.h
new file mode 100644
index 000000000..b752fed88
--- /dev/null
+++ b/include/psa/crypto_accel_driver.h
@@ -0,0 +1,796 @@
+/**
+ * \file psa/crypto_accel_driver.h
+ * \brief PSA cryptography accelerator driver module
+ *
+ * This header declares types and function signatures for cryptography
+ * drivers that access key material directly. This is meant for
+ * on-chip cryptography accelerators.
+ *
+ * This file is part of the PSA Crypto Driver Model, containing functions for
+ * driver developers to implement to enable hardware to be called in a
+ * standardized way by a PSA Cryptographic API implementation. The functions
+ * comprising the driver model, which driver authors implement, are not
+ * intended to be called by application developers.
+ */
+
+/*
+ *  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+#ifndef PSA_CRYPTO_ACCEL_DRIVER_H
+#define PSA_CRYPTO_ACCEL_DRIVER_H
+
+#include "crypto_driver_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/** \defgroup driver_digest Message Digests
+ *
+ * Generation and authentication of Message Digests (aka hashes) must be done
+ * in parts using the following sequence:
+ * - `psa_drv_hash_setup_t`
+ * - `psa_drv_hash_update_t`
+ * - ...
+ * - `psa_drv_hash_finish_t`
+ *
+ * If a previously started Message Digest operation needs to be terminated
+ * before the `psa_drv_hash_finish_t` operation is complete, it should be aborted
+ * by the `psa_drv_hash_abort_t`. Failure to do so may result in allocated
+ * resources not being freed or in other undefined behavior.
+ */
+/**@{*/
+
+/** \brief The hardware-specific hash context structure
+ *
+ * The contents of this structure are implementation dependent and are
+ * therefore not described here
+ */
+typedef struct psa_drv_hash_context_s psa_drv_hash_context_t;
+
+/** \brief The function prototype for the start operation of a hash (message
+ * digest) operation
+ *
+ *  Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_hash_<ALGO>_setup
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying hash function
+ *
+ * \param[in,out] p_context     A structure that will contain the
+ * hardware-specific hash context
+ *
+ * \retval  PSA_SUCCESS     Success.
+ */
+typedef psa_status_t (*psa_drv_hash_setup_t)(psa_drv_hash_context_t *p_context);
+
+/** \brief The function prototype for the update operation of a hash (message
+ * digest) operation
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_hash_<ALGO>_update
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm
+ *
+ * \param[in,out] p_context     A hardware-specific structure for the
+ *                              previously-established hash operation to be
+ *                              continued
+ * \param[in] p_input           A buffer containing the message to be appended
+ *                              to the hash operation
+ * \param[in] input_length      The size in bytes of the input message buffer
+ */
+typedef psa_status_t (*psa_drv_hash_update_t)(psa_drv_hash_context_t *p_context,
+                                              const uint8_t *p_input,
+                                              size_t input_length);
+
+/** \brief  The prototype for the finish operation of a hash (message digest)
+ * operation
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_hash_<ALGO>_finish
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm
+ *
+ * \param[in,out] p_context     A hardware-specific structure for the
+ *                              previously started hash operation to be
+ *                              fiinished
+ * \param[out] p_output         A buffer where the generated digest will be
+ *                              placed
+ * \param[in] output_size       The size in bytes of the buffer that has been
+ *                              allocated for the `p_output` buffer
+ * \param[out] p_output_length  The number of bytes placed in `p_output` after
+ *                              success
+ *
+ * \retval PSA_SUCCESS
+ *          Success.
+ */
+typedef psa_status_t (*psa_drv_hash_finish_t)(psa_drv_hash_context_t *p_context,
+                                              uint8_t *p_output,
+                                              size_t output_size,
+                                              size_t *p_output_length);
+
+/** \brief The function prototype for the abort operation of a hash (message
+ * digest) operation
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_hash_<ALGO>_abort
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm
+ *
+ * \param[in,out] p_context A hardware-specific structure for the previously
+ *                          started hash operation to be aborted
+ */
+typedef void (*psa_drv_hash_abort_t)(psa_drv_hash_context_t *p_context);
+
+/**@}*/
+
+/** \defgroup transparent_mac Transparent Message Authentication Code
+ * Generation and authentication of Message Authentication Codes (MACs) using
+ * transparent keys can be done either as a single function call (via the
+ * `psa_drv_mac_transparent_generate_t` or `psa_drv_mac_transparent_verify_t`
+ * functions), or in parts using the following sequence:
+ * - `psa_drv_mac_transparent_setup_t`
+ * - `psa_drv_mac_transparent_update_t`
+ * - `psa_drv_mac_transparent_update_t`
+ * - ...
+ * - `psa_drv_mac_transparent_finish_t` or `psa_drv_mac_transparent_finish_verify_t`
+ *
+ * If a previously started Transparent MAC operation needs to be terminated, it
+ * should be done so by the `psa_drv_mac_transparent_abort_t`. Failure to do so may
+ * result in allocated resources not being freed or in other undefined
+ * behavior.
+ *
+ */
+/**@{*/
+
+/** \brief The hardware-specific transparent-key MAC context structure
+ *
+ * The contents of this structure are implementation dependent and are
+ * therefore not described here.
+ */
+typedef struct psa_drv_mac_transparent_context_s psa_drv_mac_transparent_context_t;
+
+/** \brief The function prototype for the setup operation of a
+ * transparent-key MAC operation
+ *
+ *  Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_setup
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying primitive, and `MAC_VARIANT`
+ * is the specific variant of a MAC operation (such as HMAC or CMAC)
+ *
+ * \param[in,out] p_context     A structure that will contain the
+ *                              hardware-specific MAC context
+ * \param[in] p_key             A buffer containing the cleartext key material
+ *                              to be used in the operation
+ * \param[in] key_length        The size in bytes of the key material
+ *
+ * \retval  PSA_SUCCESS
+ *          Success.
+ */
+typedef psa_status_t (*psa_drv_mac_transparent_setup_t)(psa_drv_mac_transparent_context_t *p_context,
+                                                        const uint8_t *p_key,
+                                                        size_t key_length);
+
+/** \brief The function prototype for the update operation of a
+ * transparent-key MAC operation
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_update
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT`
+ * is the specific variant of a MAC operation (such as HMAC or CMAC)
+ *
+ * \param[in,out] p_context     A hardware-specific structure for the
+ *                              previously-established MAC operation to be
+ *                              continued
+ * \param[in] p_input           A buffer containing the message to be appended
+ *                              to the MAC operation
+ * \param[in] input_length      The size in bytes of the input message buffer
+ */
+typedef psa_status_t (*psa_drv_mac_transparent_update_t)(psa_drv_mac_transparent_context_t *p_context,
+                                                         const uint8_t *p_input,
+                                                         size_t input_length);
+
+/** \brief  The function prototype for the finish operation of a
+ * transparent-key MAC operation
+ *
+ * Functions that implement the prototype should be named in the following
+ *  convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_finish
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
+ * the specific variant of a MAC operation (such as HMAC or CMAC)
+ *
+ * \param[in,out] p_context     A hardware-specific structure for the
+ *                              previously started MAC operation to be
+ *                              finished
+ * \param[out] p_mac            A buffer where the generated MAC will be placed
+ * \param[in] mac_length        The size in bytes of the buffer that has been
+ *                              allocated for the `p_mac` buffer
+ *
+ * \retval PSA_SUCCESS
+ *          Success.
+ */
+typedef psa_status_t (*psa_drv_mac_transparent_finish_t)(psa_drv_mac_transparent_context_t *p_context,
+                                                         uint8_t *p_mac,
+                                                         size_t mac_length);
+
+/** \brief The function prototype for the finish and verify operation of a
+ * transparent-key MAC operation
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_finish_verify
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
+ * the specific variant of a MAC operation (such as HMAC or CMAC)
+ *
+ * \param[in,out] p_context     A hardware-specific structure for the
+ *                              previously started MAC operation to be
+ *                              verified and finished
+ * \param[in] p_mac             A buffer containing the MAC that will be used
+ *                              for verification
+ * \param[in] mac_length        The size in bytes of the data in the `p_mac`
+ *                              buffer
+ *
+ * \retval PSA_SUCCESS
+ *          The operation completed successfully and the comparison matched
+ */
+typedef psa_status_t (*psa_drv_mac_transparent_finish_verify_t)(psa_drv_mac_transparent_context_t *p_context,
+                                                                const uint8_t *p_mac,
+                                                                size_t mac_length);
+
+/** \brief The function prototype for the abort operation for a previously
+ * started transparent-key MAC operation
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_abort
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
+ * the specific variant of a MAC operation (such as HMAC or CMAC)
+ *
+ * \param[in,out] p_context     A hardware-specific structure for the
+ *                              previously started MAC operation to be
+ *                              aborted
+ *
+ */
+typedef psa_status_t (*psa_drv_mac_transparent_abort_t)(psa_drv_mac_transparent_context_t *p_context);
+
+/** \brief The function prototype for a one-shot operation of a transparent-key
+ * MAC operation
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
+ * the specific variant of a MAC operation (such as HMAC or CMAC)
+ *
+ * \param[in] p_input        A buffer containing the data to be MACed
+ * \param[in] input_length   The length in bytes of the `p_input` data
+ * \param[in] p_key          A buffer containing the key material to be used
+ *                           for the MAC operation
+ * \param[in] key_length     The length in bytes of the `p_key` data
+ * \param[in] alg            The algorithm to be performed
+ * \param[out] p_mac         The buffer where the resulting MAC will be placed
+ *                           upon success
+ * \param[in] mac_length     The length in bytes of the `p_mac` buffer
+ */
+typedef psa_status_t (*psa_drv_mac_transparent_t)(const uint8_t *p_input,
+                                                  size_t input_length,
+                                                  const uint8_t *p_key,
+                                                  size_t key_length,
+                                                  psa_algorithm_t alg,
+                                                  uint8_t *p_mac,
+                                                  size_t mac_length);
+
+/** \brief The function prototype for a one-shot operation of a transparent-key
+ * MAC Verify operation
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_verify
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
+ * the specific variant of a MAC operation (such as HMAC or CMAC)
+ *
+ * \param[in] p_input        A buffer containing the data to be MACed
+ * \param[in] input_length   The length in bytes of the `p_input` data
+ * \param[in] p_key          A buffer containing the key material to be used
+ *                           for the MAC operation
+ * \param[in] key_length     The length in bytes of the `p_key` data
+ * \param[in] alg            The algorithm to be performed
+ * \param[in] p_mac          The MAC data to be compared
+ * \param[in] mac_length     The length in bytes of the `p_mac` buffer
+ *
+ * \retval PSA_SUCCESS
+ *  The operation completed successfully and the comparison matched
+ */
+typedef psa_status_t (*psa_drv_mac_transparent_verify_t)(const uint8_t *p_input,
+                                                         size_t input_length,
+                                                         const uint8_t *p_key,
+                                                         size_t key_length,
+                                                         psa_algorithm_t alg,
+                                                         const uint8_t *p_mac,
+                                                         size_t mac_length);
+/**@}*/
+
+/** \defgroup transparent_cipher Transparent Block Cipher
+ * Encryption and Decryption using transparent keys in block modes other than
+ * ECB must be done in multiple parts, using the following flow:
+ * - `psa_drv_cipher_transparent_setup_t`
+ * - `psa_drv_cipher_transparent_set_iv_t` (optional depending upon block mode)
+ * - `psa_drv_cipher_transparent_update_t`
+ * - ...
+ * - `psa_drv_cipher_transparent_finish_t`
+
+ * If a previously started Transparent Cipher operation needs to be terminated,
+ * it should be done so by the `psa_drv_cipher_transparent_abort_t`. Failure to do
+ * so may result in allocated resources not being freed or in other undefined
+ * behavior.
+ */
+/**@{*/
+
+/** \brief The hardware-specific transparent-key Cipher context structure
+ *
+ * The contents of this structure are implementation dependent and are
+ * therefore not described here.
+ */
+typedef struct psa_drv_cipher_transparent_context_s psa_drv_cipher_transparent_context_t;
+
+/** \brief The function prototype for the setup operation of transparent-key
+ * block cipher operations.
+ *  Functions that implement the prototype should be named in the following
+ * conventions:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_cipher_transparent_setup_<CIPHER_NAME>_<MODE>
+ * ~~~~~~~~~~~~~
+ * Where
+ * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
+ * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
+ * or for stream ciphers:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_cipher_transparent_setup_<CIPHER_NAME>
+ * ~~~~~~~~~~~~~
+ * Where `CIPHER_NAME` is the name of a stream cipher (i.e. RC4)
+ *
+ * \param[in,out] p_context     A structure that will contain the
+ *                              hardware-specific cipher context
+ * \param[in] direction         Indicates if the operation is an encrypt or a
+ *                              decrypt
+ * \param[in] p_key_data        A buffer containing the cleartext key material
+ *                              to be used in the operation
+ * \param[in] key_data_size     The size in bytes of the key material
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_cipher_transparent_setup_t)(psa_drv_cipher_transparent_context_t *p_context,
+                                                           psa_encrypt_or_decrypt_t direction,
+                                                           const uint8_t *p_key_data,
+                                                           size_t key_data_size);
+
+/** \brief The function prototype for the set initialization vector operation
+ * of transparent-key block cipher operations
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_cipher_transparent_set_iv_<CIPHER_NAME>_<MODE>
+ * ~~~~~~~~~~~~~
+ * Where
+ * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
+ * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
+ *
+ * \param[in,out] p_context     A structure that contains the previously setup
+ *                              hardware-specific cipher context
+ * \param[in] p_iv              A buffer containing the initialization vecotr
+ * \param[in] iv_length         The size in bytes of the contents of `p_iv`
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_cipher_transparent_set_iv_t)(psa_drv_cipher_transparent_context_t *p_context,
+                                                            const uint8_t *p_iv,
+                                                            size_t iv_length);
+
+/** \brief The function prototype for the update operation of transparent-key
+ * block cipher operations.
+ *
+ *  Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_cipher_transparent_update_<CIPHER_NAME>_<MODE>
+ * ~~~~~~~~~~~~~
+ * Where
+ * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
+ * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
+ *
+ * \param[in,out] p_context         A hardware-specific structure for the
+ *                                  previously started cipher operation
+ * \param[in] p_input               A buffer containing the data to be
+ *                                  encrypted or decrypted
+ * \param[in] input_size            The size in bytes of the `p_input` buffer
+ * \param[out] p_output             A caller-allocated buffer where the
+ *                                  generated output will be placed
+ * \param[in] output_size           The size in bytes of the `p_output` buffer
+ * \param[out] p_output_length      After completion, will contain the number
+ *                                  of bytes placed in the `p_output` buffer
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_cipher_transparent_update_t)(psa_drv_cipher_transparent_context_t *p_context,
+                                                            const uint8_t *p_input,
+                                                            size_t input_size,
+                                                            uint8_t *p_output,
+                                                            size_t output_size,
+                                                            size_t *p_output_length);
+
+/** \brief The function prototype for the finish operation of transparent-key
+ * block cipher operations.
+ *
+ *  Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_cipher_transparent_finish_<CIPHER_NAME>_<MODE>
+ * ~~~~~~~~~~~~~
+ * Where
+ * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
+ * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
+ *
+ * \param[in,out] p_context     A hardware-specific structure for the
+ *                              previously started cipher operation
+ * \param[out] p_output         A caller-allocated buffer where the generated
+ *                              output will be placed
+ * \param[in] output_size       The size in bytes of the `p_output` buffer
+ * \param[out] p_output_length  After completion, will contain the number of
+ *                              bytes placed in the `p_output` buffer
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_cipher_transparent_finish_t)(psa_drv_cipher_transparent_context_t *p_context,
+                                                            uint8_t *p_output,
+                                                            size_t output_size,
+                                                            size_t *p_output_length);
+
+/** \brief The function prototype for the abort operation of transparent-key
+ * block cipher operations.
+ *
+ *  Functions that implement the following prototype should be named in the
+ * following convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_cipher_transparent_abort_<CIPHER_NAME>_<MODE>
+ * ~~~~~~~~~~~~~
+ * Where
+ * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
+ * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
+ *
+ * \param[in,out] p_context     A hardware-specific structure for the
+ *                              previously started cipher operation
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_cipher_transparent_abort_t)(psa_drv_cipher_transparent_context_t *p_context);
+
+/**@}*/
+
+/** \defgroup aead_transparent AEAD Transparent
+ *
+ * Authenticated Encryption with Additional Data (AEAD) operations with
+ * transparent keys must be done in one function call. While this creates a
+ * burden for implementers as there must be sufficient space in memory for the
+ * entire message, it prevents decrypted data from being made available before
+ * the authentication operation is complete and the data is known to be
+ * authentic.
+ */
+/**@{*/
+
+/** Process an authenticated encryption operation using an opaque key.
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_aead_<ALGO>_encrypt
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the AEAD algorithm
+ *
+ * \param[in] p_key                     A pointer to the key material
+ * \param[in] key_length                The size in bytes of the key material
+ * \param[in] alg                       The AEAD algorithm to compute
+ *                                      (\c PSA_ALG_XXX value such that
+ *                                      #PSA_ALG_IS_AEAD(`alg`) is true)
+ * \param[in] nonce                     Nonce or IV to use
+ * \param[in] nonce_length              Size of the `nonce` buffer in bytes
+ * \param[in] additional_data           Additional data that will be MACed
+ *                                      but not encrypted.
+ * \param[in] additional_data_length    Size of `additional_data` in bytes
+ * \param[in] plaintext                 Data that will be MACed and
+ *                                      encrypted.
+ * \param[in] plaintext_length          Size of `plaintext` in bytes
+ * \param[out] ciphertext               Output buffer for the authenticated and
+ *                                      encrypted data. The additional data is
+ *                                      not part of this output. For algorithms
+ *                                      where the encrypted data and the
+ *                                      authentication tag are defined as
+ *                                      separate outputs, the authentication
+ *                                      tag is appended to the encrypted data.
+ * \param[in] ciphertext_size           Size of the `ciphertext` buffer in
+ *                                      bytes
+ *                                      This must be at least
+ *                                      #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(`alg`,
+ *                                      `plaintext_length`).
+ * \param[out] ciphertext_length        On success, the size of the output in
+ *                                      the `ciphertext` buffer
+ *
+ * \retval #PSA_SUCCESS
+
+ */
+typedef psa_status_t (*psa_drv_aead_transparent_encrypt_t)(const uint8_t *p_key,
+                                                           size_t key_length,
+                                                           psa_algorithm_t alg,
+                                                           const uint8_t *nonce,
+                                                           size_t nonce_length,
+                                                           const uint8_t *additional_data,
+                                                           size_t additional_data_length,
+                                                           const uint8_t *plaintext,
+                                                           size_t plaintext_length,
+                                                           uint8_t *ciphertext,
+                                                           size_t ciphertext_size,
+                                                           size_t *ciphertext_length);
+
+/** Process an authenticated decryption operation using an opaque key.
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_aead_<ALGO>_decrypt
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the AEAD algorithm
+ * \param[in] p_key                     A pointer to the key material
+ * \param[in] key_length                The size in bytes of the key material
+ * \param[in] alg                       The AEAD algorithm to compute
+ *                                      (\c PSA_ALG_XXX value such that
+ *                                      #PSA_ALG_IS_AEAD(`alg`) is true)
+ * \param[in] nonce                     Nonce or IV to use
+ * \param[in] nonce_length              Size of the `nonce` buffer in bytes
+ * \param[in] additional_data           Additional data that has been MACed
+ *                                      but not encrypted
+ * \param[in] additional_data_length    Size of `additional_data` in bytes
+ * \param[in] ciphertext                Data that has been MACed and
+ *                                      encrypted
+ *                                      For algorithms where the encrypted data
+ *                                      and the authentication tag are defined
+ *                                      as separate inputs, the buffer must
+ *                                      contain the encrypted data followed by
+ *                                      the authentication tag.
+ * \param[in] ciphertext_length         Size of `ciphertext` in bytes
+ * \param[out] plaintext                Output buffer for the decrypted data
+ * \param[in] plaintext_size            Size of the `plaintext` buffer in
+ *                                      bytes
+ *                                      This must be at least
+ *                                      #PSA_AEAD_DECRYPT_OUTPUT_SIZE(`alg`,
+ *                                      `ciphertext_length`).
+ * \param[out] plaintext_length         On success, the size of the output
+ *                                      in the \b plaintext buffer
+ *
+ * \retval #PSA_SUCCESS
+ *         Success.
+ */
+typedef psa_status_t (*psa_drv_aead_transparent_decrypt_t)(const uint8_t *p_key,
+                                                           size_t key_length,
+                                                           psa_algorithm_t alg,
+                                                           const uint8_t *nonce,
+                                                           size_t nonce_length,
+                                                           const uint8_t *additional_data,
+                                                           size_t additional_data_length,
+                                                           const uint8_t *ciphertext,
+                                                           size_t ciphertext_length,
+                                                           uint8_t *plaintext,
+                                                           size_t plaintext_size,
+                                                           size_t *plaintext_length);
+
+/**@}*/
+
+/** \defgroup transparent_asymmetric Transparent Asymmetric Cryptography
+ *
+ * Since the amount of data that can (or should) be encrypted or signed using
+ * asymmetric keys is limited by the key size, asymmetric key operations using
+ * transparent keys must be done in single function calls.
+ */
+/**@{*/
+
+
+/**
+ * \brief A function that signs a hash or short message with a transparent
+ * asymmetric private key
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_asymmetric_<ALGO>_sign
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the signing algorithm
+ *
+ * \param[in] p_key                 A buffer containing the private key
+ *                                  material
+ * \param[in] key_size              The size in bytes of the `p_key` data
+ * \param[in] alg                   A signature algorithm that is compatible
+ *                                  with the type of `p_key`
+ * \param[in] p_hash                The hash or message to sign
+ * \param[in] hash_length           Size of the `p_hash` buffer in bytes
+ * \param[out] p_signature          Buffer where the signature is to be written
+ * \param[in] signature_size        Size of the `p_signature` buffer in bytes
+ * \param[out] p_signature_length   On success, the number of bytes
+ *                                  that make up the returned signature value
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_asymmetric_transparent_sign_t)(const uint8_t *p_key,
+                                                              size_t key_size,
+                                                              psa_algorithm_t alg,
+                                                              const uint8_t *p_hash,
+                                                              size_t hash_length,
+                                                              uint8_t *p_signature,
+                                                              size_t signature_size,
+                                                              size_t *p_signature_length);
+
+/**
+ * \brief A function that verifies the signature a hash or short message using
+ * a transparent asymmetric public key
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_asymmetric_<ALGO>_verify
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the signing algorithm
+ *
+ * \param[in] p_key             A buffer containing the public key material
+ * \param[in] key_size          The size in bytes of the `p_key` data
+ * \param[in] alg               A signature algorithm that is compatible with
+ *                              the type of `key`
+ * \param[in] p_hash            The hash or message whose signature is to be
+ *                              verified
+ * \param[in] hash_length       Size of the `p_hash` buffer in bytes
+ * \param[in] p_signature       Buffer containing the signature to verify
+ * \param[in] signature_length  Size of the `p_signature` buffer in bytes
+ *
+ * \retval PSA_SUCCESS
+ *         The signature is valid.
+ */
+typedef psa_status_t (*psa_drv_asymmetric_transparent_verify_t)(const uint8_t *p_key,
+                                                                size_t key_size,
+                                                                psa_algorithm_t alg,
+                                                                const uint8_t *p_hash,
+                                                                size_t hash_length,
+                                                                const uint8_t *p_signature,
+                                                                size_t signature_length);
+
+/**
+ * \brief A function that encrypts a short message with a transparent
+ * asymmetric public key
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_asymmetric_<ALGO>_encrypt
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the encryption algorithm
+ *
+ * \param[in] p_key             A buffer containing the public key material
+ * \param[in] key_size          The size in bytes of the `p_key` data
+ * \param[in] alg               An asymmetric encryption algorithm that is
+ *                              compatible with the type of `key`
+ * \param[in] p_input           The message to encrypt
+ * \param[in] input_length      Size of the `p_input` buffer in bytes
+ * \param[in] p_salt            A salt or label, if supported by the
+ *                              encryption algorithm
+ *                              If the algorithm does not support a
+ *                              salt, pass `NULL`
+ *                              If the algorithm supports an optional
+ *                              salt and you do not want to pass a salt,
+ *                              pass `NULL`.
+ *                              For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
+ *                              supported.
+ * \param[in] salt_length       Size of the `p_salt` buffer in bytes
+ *                              If `p_salt` is `NULL`, pass 0.
+ * \param[out] p_output         Buffer where the encrypted message is to
+ *                              be written
+ * \param[in] output_size       Size of the `p_output` buffer in bytes
+ * \param[out] p_output_length  On success, the number of bytes
+ *                              that make up the returned output
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_asymmetric_transparent_encrypt_t)(const uint8_t *p_key,
+                                                                 size_t key_size,
+                                                                 psa_algorithm_t alg,
+                                                                 const uint8_t *p_input,
+                                                                 size_t input_length,
+                                                                 const uint8_t *p_salt,
+                                                                 size_t salt_length,
+                                                                 uint8_t *p_output,
+                                                                 size_t output_size,
+                                                                 size_t *p_output_length);
+
+/**
+ * \brief Decrypt a short message with a transparent asymmetric private key
+ *
+ * Functions that implement the prototype should be named in the following
+ * convention:
+ * ~~~~~~~~~~~~~{.c}
+ * psa_drv_asymmetric_<ALGO>_decrypt
+ * ~~~~~~~~~~~~~
+ * Where `ALGO` is the name of the encryption algorithm
+ *
+ * \param[in] p_key             A buffer containing the private key material
+ * \param[in] key_size          The size in bytes of the `p_key` data
+ * \param[in] alg               An asymmetric encryption algorithm that is
+ *                              compatible with the type of `key`
+ * \param[in] p_input           The message to decrypt
+ * \param[in] input_length      Size of the `p_input` buffer in bytes
+ * \param[in] p_salt            A salt or label, if supported by the
+ *                              encryption algorithm
+ *                              If the algorithm does not support a
+ *                              salt, pass `NULL`.
+ *                              If the algorithm supports an optional
+ *                              salt and you do not want to pass a salt,
+ *                              pass `NULL`.
+ *                              For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
+ *                              supported
+ * \param[in] salt_length       Size of the `p_salt` buffer in bytes
+ *                              If `p_salt` is `NULL`, pass 0
+ * \param[out] p_output         Buffer where the decrypted message is to
+ *                              be written
+ * \param[in] output_size       Size of the `p_output` buffer in bytes
+ * \param[out] p_output_length  On success, the number of bytes
+ *                              that make up the returned output
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_asymmetric_transparent_decrypt_t)(const uint8_t *p_key,
+                                                                 size_t key_size,
+                                                                 psa_algorithm_t alg,
+                                                                 const uint8_t *p_input,
+                                                                 size_t input_length,
+                                                                 const uint8_t *p_salt,
+                                                                 size_t salt_length,
+                                                                 uint8_t *p_output,
+                                                                 size_t output_size,
+                                                                 size_t *p_output_length);
+
+/**@}*/
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* PSA_CRYPTO_ACCEL_DRIVER_H */
diff --git a/include/psa/crypto_driver_common.h b/include/psa/crypto_driver_common.h
new file mode 100644
index 000000000..6f1a5d5d9
--- /dev/null
+++ b/include/psa/crypto_driver_common.h
@@ -0,0 +1,54 @@
+/**
+ * \file psa/crypto_driver_common.h
+ * \brief Definitions for all PSA crypto drivers
+ *
+ * This file contains common definitions shared by all PSA crypto drivers.
+ * Do not include it directly: instead, include the header file(s) for
+ * the type(s) of driver that you are implementing. For example, if
+ * you are writing a driver for a chip that provides both a hardware
+ * random generator and an accelerator for some cryptographic algorithms,
+ * include `psa/crypto_entropy_driver.h` and `psa/crypto_accel_driver.h`.
+ *
+ * This file is part of the PSA Crypto Driver Model, containing functions for
+ * driver developers to implement to enable hardware to be called in a
+ * standardized way by a PSA Cryptographic API implementation. The functions
+ * comprising the driver model, which driver authors implement, are not
+ * intended to be called by application developers.
+ */
+
+/*
+ *  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+#ifndef PSA_CRYPTO_DRIVER_COMMON_H
+#define PSA_CRYPTO_DRIVER_COMMON_H
+
+#include <stddef.h>
+#include <stdint.h>
+
+/* Include type definitions (psa_status_t, psa_algorithm_t,
+ * psa_key_type_t, etc.) and macros to build and analyze values
+ * of these types. */
+#include "crypto_types.h"
+#include "crypto_values.h"
+
+/** For encrypt-decrypt functions, whether the operation is an encryption
+ * or a decryption. */
+typedef enum {
+    PSA_CRYPTO_DRIVER_DECRYPT,
+    PSA_CRYPTO_DRIVER_ENCRYPT
+} psa_encrypt_or_decrypt_t;
+
+#endif /* PSA_CRYPTO_DRIVER_COMMON_H */
diff --git a/include/psa/crypto_entropy_driver.h b/include/psa/crypto_entropy_driver.h
new file mode 100644
index 000000000..f5e383e6c
--- /dev/null
+++ b/include/psa/crypto_entropy_driver.h
@@ -0,0 +1,111 @@
+/**
+ * \file psa/crypto_entropy_driver.h
+ * \brief PSA entropy source driver module
+ *
+ * This header declares types and function signatures for entropy sources.
+ *
+ * This file is part of the PSA Crypto Driver Model, containing functions for
+ * driver developers to implement to enable hardware to be called in a
+ * standardized way by a PSA Cryptographic API implementation. The functions
+ * comprising the driver model, which driver authors implement, are not
+ * intended to be called by application developers.
+ */
+
+/*
+ *  Copyright (C) 2018, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+#ifndef PSA_CRYPTO_ENTROPY_DRIVER_H
+#define PSA_CRYPTO_ENTROPY_DRIVER_H
+
+#include "crypto_driver_common.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/** \defgroup driver_rng Entropy Generation
+ */
+/**@{*/
+
+/** \brief A hardware-specific structure for a entropy providing hardware
+ */
+typedef struct psa_drv_entropy_context_s psa_drv_entropy_context_t;
+
+/** \brief Initialize an entropy driver
+ *
+ *
+ * \param[in,out] p_context             A hardware-specific structure
+ *                                      containing any context information for
+ *                                      the implementation
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_entropy_init_t)(psa_drv_entropy_context_t *p_context);
+
+/** \brief Get a specified number of bits from the entropy source
+ *
+ * It retrives `buffer_size` bytes of data from the entropy source. The entropy
+ * source will always fill the provided buffer to its full size, however, most
+ * entropy sources have biases, and the actual amount of entropy contained in
+ * the buffer will be less than the number of bytes.
+ * The driver will return the actual number of bytes of entropy placed in the
+ * buffer in `p_received_entropy_bytes`.
+ * A PSA Crypto API implementation will likely feed the output of this function
+ * into a Digital Random Bit Generator (DRBG), and typically has a minimum
+ * amount of entropy that it needs.
+ * To accomplish this, the PSA Crypto implementation should be designed to call
+ * this function multiple times until it has received the required amount of
+ * entropy from the entropy source.
+ *
+ * \param[in,out] p_context                 A hardware-specific structure
+ *                                          containing any context information
+ *                                          for the implementation
+ * \param[out] p_buffer                     A caller-allocated buffer for the
+ *                                          retrieved entropy to be placed in
+ * \param[in] buffer_size                   The allocated size of `p_buffer`
+ * \param[out] p_received_entropy_bits      The amount of entropy (in bits)
+ *                                          actually provided in `p_buffer`
+ *
+ * \retval PSA_SUCCESS
+ */
+typedef psa_status_t (*psa_drv_entropy_get_bits_t)(psa_drv_entropy_context_t *p_context,
+                                                   uint8_t *p_buffer,
+                                                   uint32_t buffer_size,
+                                                   uint32_t *p_received_entropy_bits);
+
+/**
+ * \brief A struct containing all of the function pointers needed to interface
+ * to an entropy source
+ *
+ * PSA Crypto API implementations should populate instances of the table as
+ * appropriate upon startup.
+ *
+ * If one of the functions is not implemented, it should be set to NULL.
+ */
+typedef struct {
+    /** Function that performs initialization for the entropy source */
+    psa_drv_entropy_init_t *p_init;
+    /** Function that performs the get_bits operation for the entropy source
+    */
+    psa_drv_entropy_get_bits_t *p_get_bits;
+} psa_drv_entropy_t;
+/**@}*/
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* PSA_CRYPTO_ENTROPY_DRIVER_H */
diff --git a/include/psa/crypto_driver.h b/include/psa/crypto_se_driver.h
similarity index 52%
rename from include/psa/crypto_driver.h
rename to include/psa/crypto_se_driver.h
index 43b3cf760..057866445 100644
--- a/include/psa/crypto_driver.h
+++ b/include/psa/crypto_se_driver.h
@@ -1,8 +1,14 @@
 /**
- * \file psa/crypto_driver.h
- * \brief Platform Security Architecture cryptographic driver module
+ * \file psa/crypto_se_driver.h
+ * \brief PSA external cryptoprocessor driver module
  *
- * This file describes the PSA Crypto Driver Model, containing functions for
+ * This header declares types and function signatures for cryptography
+ * drivers that access key material via opaque references. This is
+ * meant for cryptoprocessors that have a separate key storage from the
+ * space in which the PSA Crypto implementation runs, typically secure
+ * elements.
+ *
+ * This file is part of the PSA Crypto Driver Model, containing functions for
  * driver developers to implement to enable hardware to be called in a
  * standardized way by a PSA Cryptographic API implementation. The functions
  * comprising the driver model, which driver authors implement, are not
@@ -25,34 +31,20 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
-#ifndef PSA_CRYPTO_DRIVER_H
-#define PSA_CRYPTO_DRIVER_H
+#ifndef PSA_CRYPTO_SE_DRIVER_H
+#define PSA_CRYPTO_SE_DRIVER_H
 
-#include <stddef.h>
-#include <stdint.h>
+#include "crypto_driver_common.h"
 
 #ifdef __cplusplus
 extern "C" {
 #endif
 
-/* Include type definitions (psa_status_t, psa_algorithm_t,
- * psa_key_type_t, etc.) and macros to build and analyze values
- * of these types. */
-#include "crypto_types.h"
-#include "crypto_values.h"
-
 /** An internal designation of a key slot between the core part of the
  * PSA Crypto implementation and the driver. The meaning of this value
  * is driver-dependent. */
 typedef uint32_t psa_key_slot_t;
 
-/** For encrypt-decrypt functions, whether the operation is an encryption
- * or a decryption. */
-typedef enum {
-    PSA_CRYPTO_DRIVER_DECRYPT,
-    PSA_CRYPTO_DRIVER_ENCRYPT
-} psa_encrypt_or_decrypt_t;
-
 /** \defgroup opaque_mac Opaque Message Authentication Code
  * Generation and authentication of Message Authentication Codes (MACs) using
  * opaque keys can be done either as a single function call (via the
@@ -243,208 +235,6 @@ typedef struct {
 } psa_drv_mac_opaque_t;
 /**@}*/
 
-/** \defgroup transparent_mac Transparent Message Authentication Code
- * Generation and authentication of Message Authentication Codes (MACs) using
- * transparent keys can be done either as a single function call (via the
- * `psa_drv_mac_transparent_generate_t` or `psa_drv_mac_transparent_verify_t`
- * functions), or in parts using the following sequence:
- * - `psa_drv_mac_transparent_setup_t`
- * - `psa_drv_mac_transparent_update_t`
- * - `psa_drv_mac_transparent_update_t`
- * - ...
- * - `psa_drv_mac_transparent_finish_t` or `psa_drv_mac_transparent_finish_verify_t`
- *
- * If a previously started Transparent MAC operation needs to be terminated, it
- * should be done so by the `psa_drv_mac_transparent_abort_t`. Failure to do so may
- * result in allocated resources not being freed or in other undefined
- * behavior.
- *
- */
-/**@{*/
-
-/** \brief The hardware-specific transparent-key MAC context structure
- *
- * The contents of this structure are implementation dependent and are
- * therefore not described here.
- */
-typedef struct psa_drv_mac_transparent_context_s psa_drv_mac_transparent_context_t;
-
-/** \brief The function prototype for the setup operation of a
- * transparent-key MAC operation
- *
- *  Functions that implement the prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_setup
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying primitive, and `MAC_VARIANT`
- * is the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in,out] p_context     A structure that will contain the
- *                              hardware-specific MAC context
- * \param[in] p_key             A buffer containing the cleartext key material
- *                              to be used in the operation
- * \param[in] key_length        The size in bytes of the key material
- *
- * \retval  PSA_SUCCESS
- *          Success.
- */
-typedef psa_status_t (*psa_drv_mac_transparent_setup_t)(psa_drv_mac_transparent_context_t *p_context,
-                                                        const uint8_t *p_key,
-                                                        size_t key_length);
-
-/** \brief The function prototype for the update operation of a
- * transparent-key MAC operation
- *
- * Functions that implement the prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_update
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT`
- * is the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in,out] p_context     A hardware-specific structure for the
- *                              previously-established MAC operation to be
- *                              continued
- * \param[in] p_input           A buffer containing the message to be appended
- *                              to the MAC operation
- * \param[in] input_length      The size in bytes of the input message buffer
- */
-typedef psa_status_t (*psa_drv_mac_transparent_update_t)(psa_drv_mac_transparent_context_t *p_context,
-                                                         const uint8_t *p_input,
-                                                         size_t input_length);
-
-/** \brief  The function prototype for the finish operation of a
- * transparent-key MAC operation
- *
- * Functions that implement the prototype should be named in the following
- *  convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_finish
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
- * the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in,out] p_context     A hardware-specific structure for the
- *                              previously started MAC operation to be
- *                              finished
- * \param[out] p_mac            A buffer where the generated MAC will be placed
- * \param[in] mac_length        The size in bytes of the buffer that has been
- *                              allocated for the `p_mac` buffer
- *
- * \retval PSA_SUCCESS
- *          Success.
- */
-typedef psa_status_t (*psa_drv_mac_transparent_finish_t)(psa_drv_mac_transparent_context_t *p_context,
-                                                         uint8_t *p_mac,
-                                                         size_t mac_length);
-
-/** \brief The function prototype for the finish and verify operation of a
- * transparent-key MAC operation
- *
- * Functions that implement the prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_finish_verify
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
- * the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in,out] p_context     A hardware-specific structure for the
- *                              previously started MAC operation to be
- *                              verified and finished
- * \param[in] p_mac             A buffer containing the MAC that will be used
- *                              for verification
- * \param[in] mac_length        The size in bytes of the data in the `p_mac`
- *                              buffer
- *
- * \retval PSA_SUCCESS
- *          The operation completed successfully and the comparison matched
- */
-typedef psa_status_t (*psa_drv_mac_transparent_finish_verify_t)(psa_drv_mac_transparent_context_t *p_context,
-                                                                const uint8_t *p_mac,
-                                                                size_t mac_length);
-
-/** \brief The function prototype for the abort operation for a previously
- * started transparent-key MAC operation
- *
- * Functions that implement the prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_abort
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
- * the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in,out] p_context     A hardware-specific structure for the
- *                              previously started MAC operation to be
- *                              aborted
- *
- */
-typedef psa_status_t (*psa_drv_mac_transparent_abort_t)(psa_drv_mac_transparent_context_t *p_context);
-
-/** \brief The function prototype for a one-shot operation of a transparent-key
- * MAC operation
- *
- * Functions that implement the prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
- * the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in] p_input        A buffer containing the data to be MACed
- * \param[in] input_length   The length in bytes of the `p_input` data
- * \param[in] p_key          A buffer containing the key material to be used
- *                           for the MAC operation
- * \param[in] key_length     The length in bytes of the `p_key` data
- * \param[in] alg            The algorithm to be performed
- * \param[out] p_mac         The buffer where the resulting MAC will be placed
- *                           upon success
- * \param[in] mac_length     The length in bytes of the `p_mac` buffer
- */
-typedef psa_status_t (*psa_drv_mac_transparent_t)(const uint8_t *p_input,
-                                                  size_t input_length,
-                                                  const uint8_t *p_key,
-                                                  size_t key_length,
-                                                  psa_algorithm_t alg,
-                                                  uint8_t *p_mac,
-                                                  size_t mac_length);
-
-/** \brief The function prototype for a one-shot operation of a transparent-key
- * MAC Verify operation
- *
- * Functions that implement the prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_mac_transparent_<ALGO>_<MAC_VARIANT>_verify
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm, and `MAC_VARIANT` is
- * the specific variant of a MAC operation (such as HMAC or CMAC)
- *
- * \param[in] p_input        A buffer containing the data to be MACed
- * \param[in] input_length   The length in bytes of the `p_input` data
- * \param[in] p_key          A buffer containing the key material to be used
- *                           for the MAC operation
- * \param[in] key_length     The length in bytes of the `p_key` data
- * \param[in] alg            The algorithm to be performed
- * \param[in] p_mac          The MAC data to be compared
- * \param[in] mac_length     The length in bytes of the `p_mac` buffer
- *
- * \retval PSA_SUCCESS
- *  The operation completed successfully and the comparison matched
- */
-typedef psa_status_t (*psa_drv_mac_transparent_verify_t)(const uint8_t *p_input,
-                                                         size_t input_length,
-                                                         const uint8_t *p_key,
-                                                         size_t key_length,
-                                                         psa_algorithm_t alg,
-                                                         const uint8_t *p_mac,
-                                                         size_t mac_length);
-/**@}*/
-
 /** \defgroup opaque_cipher Opaque Symmetric Ciphers
  *
  * Encryption and Decryption using opaque keys in block modes other than ECB
@@ -622,269 +412,6 @@ typedef struct {
 
 /**@}*/
 
-/** \defgroup transparent_cipher Transparent Block Cipher
- * Encryption and Decryption using transparent keys in block modes other than
- * ECB must be done in multiple parts, using the following flow:
- * - `psa_drv_cipher_transparent_setup_t`
- * - `psa_drv_cipher_transparent_set_iv_t` (optional depending upon block mode)
- * - `psa_drv_cipher_transparent_update_t`
- * - ...
- * - `psa_drv_cipher_transparent_finish_t`
-
- * If a previously started Transparent Cipher operation needs to be terminated,
- * it should be done so by the `psa_drv_cipher_transparent_abort_t`. Failure to do
- * so may result in allocated resources not being freed or in other undefined
- * behavior.
- */
-/**@{*/
-
-/** \brief The hardware-specific transparent-key Cipher context structure
- *
- * The contents of this structure are implementation dependent and are
- * therefore not described here.
- */
-typedef struct psa_drv_cipher_transparent_context_s psa_drv_cipher_transparent_context_t;
-
-/** \brief The function prototype for the setup operation of transparent-key
- * block cipher operations.
- *  Functions that implement the prototype should be named in the following
- * conventions:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_cipher_transparent_setup_<CIPHER_NAME>_<MODE>
- * ~~~~~~~~~~~~~
- * Where
- * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
- * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
- * or for stream ciphers:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_cipher_transparent_setup_<CIPHER_NAME>
- * ~~~~~~~~~~~~~
- * Where `CIPHER_NAME` is the name of a stream cipher (i.e. RC4)
- *
- * \param[in,out] p_context     A structure that will contain the
- *                              hardware-specific cipher context
- * \param[in] direction         Indicates if the operation is an encrypt or a
- *                              decrypt
- * \param[in] p_key_data        A buffer containing the cleartext key material
- *                              to be used in the operation
- * \param[in] key_data_size     The size in bytes of the key material
- *
- * \retval PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_cipher_transparent_setup_t)(psa_drv_cipher_transparent_context_t *p_context,
-                                                           psa_encrypt_or_decrypt_t direction,
-                                                           const uint8_t *p_key_data,
-                                                           size_t key_data_size);
-
-/** \brief The function prototype for the set initialization vector operation
- * of transparent-key block cipher operations
- * Functions that implement the prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_cipher_transparent_set_iv_<CIPHER_NAME>_<MODE>
- * ~~~~~~~~~~~~~
- * Where
- * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
- * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
- *
- * \param[in,out] p_context     A structure that contains the previously setup
- *                              hardware-specific cipher context
- * \param[in] p_iv              A buffer containing the initialization vecotr
- * \param[in] iv_length         The size in bytes of the contents of `p_iv`
- *
- * \retval PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_cipher_transparent_set_iv_t)(psa_drv_cipher_transparent_context_t *p_context,
-                                                            const uint8_t *p_iv,
-                                                            size_t iv_length);
-
-/** \brief The function prototype for the update operation of transparent-key
- * block cipher operations.
- *
- *  Functions that implement the prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_cipher_transparent_update_<CIPHER_NAME>_<MODE>
- * ~~~~~~~~~~~~~
- * Where
- * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
- * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
- *
- * \param[in,out] p_context         A hardware-specific structure for the
- *                                  previously started cipher operation
- * \param[in] p_input               A buffer containing the data to be
- *                                  encrypted or decrypted
- * \param[in] input_size            The size in bytes of the `p_input` buffer
- * \param[out] p_output             A caller-allocated buffer where the
- *                                  generated output will be placed
- * \param[in] output_size           The size in bytes of the `p_output` buffer
- * \param[out] p_output_length      After completion, will contain the number
- *                                  of bytes placed in the `p_output` buffer
- *
- * \retval PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_cipher_transparent_update_t)(psa_drv_cipher_transparent_context_t *p_context,
-                                                            const uint8_t *p_input,
-                                                            size_t input_size,
-                                                            uint8_t *p_output,
-                                                            size_t output_size,
-                                                            size_t *p_output_length);
-
-/** \brief The function prototype for the finish operation of transparent-key
- * block cipher operations.
- *
- *  Functions that implement the prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_cipher_transparent_finish_<CIPHER_NAME>_<MODE>
- * ~~~~~~~~~~~~~
- * Where
- * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
- * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
- *
- * \param[in,out] p_context     A hardware-specific structure for the
- *                              previously started cipher operation
- * \param[out] p_output         A caller-allocated buffer where the generated
- *                              output will be placed
- * \param[in] output_size       The size in bytes of the `p_output` buffer
- * \param[out] p_output_length  After completion, will contain the number of
- *                              bytes placed in the `p_output` buffer
- *
- * \retval PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_cipher_transparent_finish_t)(psa_drv_cipher_transparent_context_t *p_context,
-                                                            uint8_t *p_output,
-                                                            size_t output_size,
-                                                            size_t *p_output_length);
-
-/** \brief The function prototype for the abort operation of transparent-key
- * block cipher operations.
- *
- *  Functions that implement the following prototype should be named in the
- * following convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_cipher_transparent_abort_<CIPHER_NAME>_<MODE>
- * ~~~~~~~~~~~~~
- * Where
- * - `CIPHER_NAME` is the name of the underlying block cipher (i.e. AES or DES)
- * - `MODE` is the block mode of the cipher operation (i.e. CBC or CTR)
- *
- * \param[in,out] p_context     A hardware-specific structure for the
- *                              previously started cipher operation
- *
- * \retval PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_cipher_transparent_abort_t)(psa_drv_cipher_transparent_context_t *p_context);
-
-/**@}*/
-
-/** \defgroup driver_digest Message Digests
- *
- * Generation and authentication of Message Digests (aka hashes) must be done
- * in parts using the following sequence:
- * - `psa_drv_hash_setup_t`
- * - `psa_drv_hash_update_t`
- * - ...
- * - `psa_drv_hash_finish_t`
- *
- * If a previously started Message Digest operation needs to be terminated
- * before the `psa_drv_hash_finish_t` operation is complete, it should be aborted
- * by the `psa_drv_hash_abort_t`. Failure to do so may result in allocated
- * resources not being freed or in other undefined behavior.
- */
-/**@{*/
-
-/** \brief The hardware-specific hash context structure
- *
- * The contents of this structure are implementation dependent and are
- * therefore not described here
- */
-typedef struct psa_drv_hash_context_s psa_drv_hash_context_t;
-
-/** \brief The function prototype for the start operation of a hash (message
- * digest) operation
- *
- *  Functions that implement the prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_hash_<ALGO>_setup
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying hash function
- *
- * \param[in,out] p_context     A structure that will contain the
- * hardware-specific hash context
- *
- * \retval  PSA_SUCCESS     Success.
- */
-typedef psa_status_t (*psa_drv_hash_setup_t)(psa_drv_hash_context_t *p_context);
-
-/** \brief The function prototype for the update operation of a hash (message
- * digest) operation
- *
- * Functions that implement the prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_hash_<ALGO>_update
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm
- *
- * \param[in,out] p_context     A hardware-specific structure for the
- *                              previously-established hash operation to be
- *                              continued
- * \param[in] p_input           A buffer containing the message to be appended
- *                              to the hash operation
- * \param[in] input_length      The size in bytes of the input message buffer
- */
-typedef psa_status_t (*psa_drv_hash_update_t)(psa_drv_hash_context_t *p_context,
-                                              const uint8_t *p_input,
-                                              size_t input_length);
-
-/** \brief  The prototype for the finish operation of a hash (message digest)
- * operation
- *
- * Functions that implement the prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_hash_<ALGO>_finish
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm
- *
- * \param[in,out] p_context     A hardware-specific structure for the
- *                              previously started hash operation to be
- *                              fiinished
- * \param[out] p_output         A buffer where the generated digest will be
- *                              placed
- * \param[in] output_size       The size in bytes of the buffer that has been
- *                              allocated for the `p_output` buffer
- * \param[out] p_output_length  The number of bytes placed in `p_output` after
- *                              success
- *
- * \retval PSA_SUCCESS
- *          Success.
- */
-typedef psa_status_t (*psa_drv_hash_finish_t)(psa_drv_hash_context_t *p_context,
-                                              uint8_t *p_output,
-                                              size_t output_size,
-                                              size_t *p_output_length);
-
-/** \brief The function prototype for the abort operation of a hash (message
- * digest) operation
- *
- * Functions that implement the prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_hash_<ALGO>_abort
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the underlying algorithm
- *
- * \param[in,out] p_context A hardware-specific structure for the previously
- *                          started hash operation to be aborted
- */
-typedef void (*psa_drv_hash_abort_t)(psa_drv_hash_context_t *p_context);
-
-/**@}*/
-
-
 /** \defgroup opaque_asymmetric Opaque Asymmetric Cryptography
  *
  * Since the amount of data that can (or should) be encrypted or signed using
@@ -1037,176 +564,6 @@ typedef struct {
 
 /**@}*/
 
-/** \defgroup transparent_asymmetric Transparent Asymmetric Cryptography
- *
- * Since the amount of data that can (or should) be encrypted or signed using
- * asymmetric keys is limited by the key size, asymmetric key operations using
- * transparent keys must be done in single function calls.
- */
-/**@{*/
-
-
-/**
- * \brief A function that signs a hash or short message with a transparent
- * asymmetric private key
- *
- * Functions that implement the prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_asymmetric_<ALGO>_sign
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the signing algorithm
- *
- * \param[in] p_key                 A buffer containing the private key
- *                                  material
- * \param[in] key_size              The size in bytes of the `p_key` data
- * \param[in] alg                   A signature algorithm that is compatible
- *                                  with the type of `p_key`
- * \param[in] p_hash                The hash or message to sign
- * \param[in] hash_length           Size of the `p_hash` buffer in bytes
- * \param[out] p_signature          Buffer where the signature is to be written
- * \param[in] signature_size        Size of the `p_signature` buffer in bytes
- * \param[out] p_signature_length   On success, the number of bytes
- *                                  that make up the returned signature value
- *
- * \retval PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_asymmetric_transparent_sign_t)(const uint8_t *p_key,
-                                                              size_t key_size,
-                                                              psa_algorithm_t alg,
-                                                              const uint8_t *p_hash,
-                                                              size_t hash_length,
-                                                              uint8_t *p_signature,
-                                                              size_t signature_size,
-                                                              size_t *p_signature_length);
-
-/**
- * \brief A function that verifies the signature a hash or short message using
- * a transparent asymmetric public key
- *
- * Functions that implement the prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_asymmetric_<ALGO>_verify
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the signing algorithm
- *
- * \param[in] p_key             A buffer containing the public key material
- * \param[in] key_size          The size in bytes of the `p_key` data
- * \param[in] alg               A signature algorithm that is compatible with
- *                              the type of `key`
- * \param[in] p_hash            The hash or message whose signature is to be
- *                              verified
- * \param[in] hash_length       Size of the `p_hash` buffer in bytes
- * \param[in] p_signature       Buffer containing the signature to verify
- * \param[in] signature_length  Size of the `p_signature` buffer in bytes
- *
- * \retval PSA_SUCCESS
- *         The signature is valid.
- */
-typedef psa_status_t (*psa_drv_asymmetric_transparent_verify_t)(const uint8_t *p_key,
-                                                                size_t key_size,
-                                                                psa_algorithm_t alg,
-                                                                const uint8_t *p_hash,
-                                                                size_t hash_length,
-                                                                const uint8_t *p_signature,
-                                                                size_t signature_length);
-
-/**
- * \brief A function that encrypts a short message with a transparent
- * asymmetric public key
- *
- * Functions that implement the prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_asymmetric_<ALGO>_encrypt
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the encryption algorithm
- *
- * \param[in] p_key             A buffer containing the public key material
- * \param[in] key_size          The size in bytes of the `p_key` data
- * \param[in] alg               An asymmetric encryption algorithm that is
- *                              compatible with the type of `key`
- * \param[in] p_input           The message to encrypt
- * \param[in] input_length      Size of the `p_input` buffer in bytes
- * \param[in] p_salt            A salt or label, if supported by the
- *                              encryption algorithm
- *                              If the algorithm does not support a
- *                              salt, pass `NULL`
- *                              If the algorithm supports an optional
- *                              salt and you do not want to pass a salt,
- *                              pass `NULL`.
- *                              For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
- *                              supported.
- * \param[in] salt_length       Size of the `p_salt` buffer in bytes
- *                              If `p_salt` is `NULL`, pass 0.
- * \param[out] p_output         Buffer where the encrypted message is to
- *                              be written
- * \param[in] output_size       Size of the `p_output` buffer in bytes
- * \param[out] p_output_length  On success, the number of bytes
- *                              that make up the returned output
- *
- * \retval PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_asymmetric_transparent_encrypt_t)(const uint8_t *p_key,
-                                                                 size_t key_size,
-                                                                 psa_algorithm_t alg,
-                                                                 const uint8_t *p_input,
-                                                                 size_t input_length,
-                                                                 const uint8_t *p_salt,
-                                                                 size_t salt_length,
-                                                                 uint8_t *p_output,
-                                                                 size_t output_size,
-                                                                 size_t *p_output_length);
-
-/**
- * \brief Decrypt a short message with a transparent asymmetric private key
- *
- * Functions that implement the prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_asymmetric_<ALGO>_decrypt
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the encryption algorithm
- *
- * \param[in] p_key             A buffer containing the private key material
- * \param[in] key_size          The size in bytes of the `p_key` data
- * \param[in] alg               An asymmetric encryption algorithm that is
- *                              compatible with the type of `key`
- * \param[in] p_input           The message to decrypt
- * \param[in] input_length      Size of the `p_input` buffer in bytes
- * \param[in] p_salt            A salt or label, if supported by the
- *                              encryption algorithm
- *                              If the algorithm does not support a
- *                              salt, pass `NULL`.
- *                              If the algorithm supports an optional
- *                              salt and you do not want to pass a salt,
- *                              pass `NULL`.
- *                              For #PSA_ALG_RSA_PKCS1V15_CRYPT, no salt is
- *                              supported
- * \param[in] salt_length       Size of the `p_salt` buffer in bytes
- *                              If `p_salt` is `NULL`, pass 0
- * \param[out] p_output         Buffer where the decrypted message is to
- *                              be written
- * \param[in] output_size       Size of the `p_output` buffer in bytes
- * \param[out] p_output_length  On success, the number of bytes
- *                              that make up the returned output
- *
- * \retval PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_asymmetric_transparent_decrypt_t)(const uint8_t *p_key,
-                                                                 size_t key_size,
-                                                                 psa_algorithm_t alg,
-                                                                 const uint8_t *p_input,
-                                                                 size_t input_length,
-                                                                 const uint8_t *p_salt,
-                                                                 size_t salt_length,
-                                                                 uint8_t *p_output,
-                                                                 size_t output_size,
-                                                                 size_t *p_output_length);
-
-/**@}*/
-
 /** \defgroup aead_opaque AEAD Opaque
  * Authenticated Encryption with Additional Data (AEAD) operations with opaque
  * keys must be done in one function call. While this creates a burden for
@@ -1314,192 +671,6 @@ typedef struct {
 } psa_drv_aead_opaque_t;
 /**@}*/
 
-/** \defgroup aead_transparent AEAD Transparent
- *
- * Authenticated Encryption with Additional Data (AEAD) operations with
- * transparent keys must be done in one function call. While this creates a
- * burden for implementers as there must be sufficient space in memory for the
- * entire message, it prevents decrypted data from being made available before
- * the authentication operation is complete and the data is known to be
- * authentic.
- */
-/**@{*/
-
-/** Process an authenticated encryption operation using an opaque key.
- *
- * Functions that implement the prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_aead_<ALGO>_encrypt
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the AEAD algorithm
- *
- * \param[in] p_key                     A pointer to the key material
- * \param[in] key_length                The size in bytes of the key material
- * \param[in] alg                       The AEAD algorithm to compute
- *                                      (\c PSA_ALG_XXX value such that
- *                                      #PSA_ALG_IS_AEAD(`alg`) is true)
- * \param[in] nonce                     Nonce or IV to use
- * \param[in] nonce_length              Size of the `nonce` buffer in bytes
- * \param[in] additional_data           Additional data that will be MACed
- *                                      but not encrypted.
- * \param[in] additional_data_length    Size of `additional_data` in bytes
- * \param[in] plaintext                 Data that will be MACed and
- *                                      encrypted.
- * \param[in] plaintext_length          Size of `plaintext` in bytes
- * \param[out] ciphertext               Output buffer for the authenticated and
- *                                      encrypted data. The additional data is
- *                                      not part of this output. For algorithms
- *                                      where the encrypted data and the
- *                                      authentication tag are defined as
- *                                      separate outputs, the authentication
- *                                      tag is appended to the encrypted data.
- * \param[in] ciphertext_size           Size of the `ciphertext` buffer in
- *                                      bytes
- *                                      This must be at least
- *                                      #PSA_AEAD_ENCRYPT_OUTPUT_SIZE(`alg`,
- *                                      `plaintext_length`).
- * \param[out] ciphertext_length        On success, the size of the output in
- *                                      the `ciphertext` buffer
- *
- * \retval #PSA_SUCCESS
-
- */
-typedef psa_status_t (*psa_drv_aead_transparent_encrypt_t)(const uint8_t *p_key,
-                                                           size_t key_length,
-                                                           psa_algorithm_t alg,
-                                                           const uint8_t *nonce,
-                                                           size_t nonce_length,
-                                                           const uint8_t *additional_data,
-                                                           size_t additional_data_length,
-                                                           const uint8_t *plaintext,
-                                                           size_t plaintext_length,
-                                                           uint8_t *ciphertext,
-                                                           size_t ciphertext_size,
-                                                           size_t *ciphertext_length);
-
-/** Process an authenticated decryption operation using an opaque key.
- *
- * Functions that implement the prototype should be named in the following
- * convention:
- * ~~~~~~~~~~~~~{.c}
- * psa_drv_aead_<ALGO>_decrypt
- * ~~~~~~~~~~~~~
- * Where `ALGO` is the name of the AEAD algorithm
- * \param[in] p_key                     A pointer to the key material
- * \param[in] key_length                The size in bytes of the key material
- * \param[in] alg                       The AEAD algorithm to compute
- *                                      (\c PSA_ALG_XXX value such that
- *                                      #PSA_ALG_IS_AEAD(`alg`) is true)
- * \param[in] nonce                     Nonce or IV to use
- * \param[in] nonce_length              Size of the `nonce` buffer in bytes
- * \param[in] additional_data           Additional data that has been MACed
- *                                      but not encrypted
- * \param[in] additional_data_length    Size of `additional_data` in bytes
- * \param[in] ciphertext                Data that has been MACed and
- *                                      encrypted
- *                                      For algorithms where the encrypted data
- *                                      and the authentication tag are defined
- *                                      as separate inputs, the buffer must
- *                                      contain the encrypted data followed by
- *                                      the authentication tag.
- * \param[in] ciphertext_length         Size of `ciphertext` in bytes
- * \param[out] plaintext                Output buffer for the decrypted data
- * \param[in] plaintext_size            Size of the `plaintext` buffer in
- *                                      bytes
- *                                      This must be at least
- *                                      #PSA_AEAD_DECRYPT_OUTPUT_SIZE(`alg`,
- *                                      `ciphertext_length`).
- * \param[out] plaintext_length         On success, the size of the output
- *                                      in the \b plaintext buffer
- *
- * \retval #PSA_SUCCESS
- *         Success.
- */
-typedef psa_status_t (*psa_drv_aead_transparent_decrypt_t)(const uint8_t *p_key,
-                                                           size_t key_length,
-                                                           psa_algorithm_t alg,
-                                                           const uint8_t *nonce,
-                                                           size_t nonce_length,
-                                                           const uint8_t *additional_data,
-                                                           size_t additional_data_length,
-                                                           const uint8_t *ciphertext,
-                                                           size_t ciphertext_length,
-                                                           uint8_t *plaintext,
-                                                           size_t plaintext_size,
-                                                           size_t *plaintext_length);
-
-/**@}*/
-
-
-/** \defgroup driver_rng Entropy Generation
- */
-/**@{*/
-
-/** \brief A hardware-specific structure for a entropy providing hardware
- */
-typedef struct psa_drv_entropy_context_s psa_drv_entropy_context_t;
-
-/** \brief Initialize an entropy driver
- *
- *
- * \param[in,out] p_context             A hardware-specific structure
- *                                      containing any context information for
- *                                      the implementation
- *
- * \retval PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_entropy_init_t)(psa_drv_entropy_context_t *p_context);
-
-/** \brief Get a specified number of bits from the entropy source
- *
- * It retrives `buffer_size` bytes of data from the entropy source. The entropy
- * source will always fill the provided buffer to its full size, however, most
- * entropy sources have biases, and the actual amount of entropy contained in
- * the buffer will be less than the number of bytes.
- * The driver will return the actual number of bytes of entropy placed in the
- * buffer in `p_received_entropy_bytes`.
- * A PSA Crypto API implementation will likely feed the output of this function
- * into a Digital Random Bit Generator (DRBG), and typically has a minimum
- * amount of entropy that it needs.
- * To accomplish this, the PSA Crypto implementation should be designed to call
- * this function multiple times until it has received the required amount of
- * entropy from the entropy source.
- *
- * \param[in,out] p_context                 A hardware-specific structure
- *                                          containing any context information
- *                                          for the implementation
- * \param[out] p_buffer                     A caller-allocated buffer for the
- *                                          retrieved entropy to be placed in
- * \param[in] buffer_size                   The allocated size of `p_buffer`
- * \param[out] p_received_entropy_bits      The amount of entropy (in bits)
- *                                          actually provided in `p_buffer`
- *
- * \retval PSA_SUCCESS
- */
-typedef psa_status_t (*psa_drv_entropy_get_bits_t)(psa_drv_entropy_context_t *p_context,
-                                                   uint8_t *p_buffer,
-                                                   uint32_t buffer_size,
-                                                   uint32_t *p_received_entropy_bits);
-
-/**
- * \brief A struct containing all of the function pointers needed to interface
- * to an entropy source
- *
- * PSA Crypto API implementations should populate instances of the table as
- * appropriate upon startup.
- *
- * If one of the functions is not implemented, it should be set to NULL.
- */
-typedef struct {
-    /** Function that performs initialization for the entropy source */
-    psa_drv_entropy_init_t *p_init;
-    /** Function that performs the get_bits operation for the entropy source
-    */
-    psa_drv_entropy_get_bits_t *p_get_bits;
-} psa_drv_entropy_t;
-/**@}*/
-
 /** \defgroup driver_key_management Key Management
  * Currently, key management is limited to importing keys in the clear,
  * destroying keys, and exporting keys in the clear.
@@ -1788,4 +959,4 @@ typedef struct {
 }
 #endif
 
-#endif /* PSA_CRYPTO_DRIVER_H */
+#endif /* PSA_CRYPTO_SE_DRIVER_H */
diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index bf9035a39..23d5c2c72 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -226,9 +226,12 @@
     <ClInclude Include="..\..\include\mbedtls\x509_csr.h" />
     <ClInclude Include="..\..\include\mbedtls\xtea.h" />
     <ClInclude Include="..\..\include\psa\crypto.h" />
-    <ClInclude Include="..\..\include\psa\crypto_driver.h" />
+    <ClInclude Include="..\..\include\psa\crypto_accel_driver.h" />
+    <ClInclude Include="..\..\include\psa\crypto_driver_common.h" />
+    <ClInclude Include="..\..\include\psa\crypto_entropy_driver.h" />
     <ClInclude Include="..\..\include\psa\crypto_extra.h" />
     <ClInclude Include="..\..\include\psa\crypto_platform.h" />
+    <ClInclude Include="..\..\include\psa\crypto_se_driver.h" />
     <ClInclude Include="..\..\include\psa\crypto_sizes.h" />
     <ClInclude Include="..\..\include\psa\crypto_struct.h" />
     <ClInclude Include="..\..\include\psa\crypto_types.h" />